CryptoPkg/Library/TlsLibNull/TlsConfigNull.c

   1 /** @file
   2   SSL/TLS Configuration Null Library Wrapper Implementation.
   3
   4 Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
   5 (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
   6 SPDX-License-Identifier: BSD-2-Clause-Patent
   7
   8 **/
   9
  10 #include "InternalTlsLib.h"
  11
  12 /**
  13   Set a new TLS/SSL method for a particular TLS object.
  14
  15   This function sets a new TLS/SSL method for a particular TLS object.
  16
  17   @param[in]  Tls         Pointer to a TLS object.
  18   @param[in]  MajorVer    Major Version of TLS/SSL Protocol.
  19   @param[in]  MinorVer    Minor Version of TLS/SSL Protocol.
  20
  21   @retval  EFI_SUCCESS           The TLS/SSL method was set successfully.
  22   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
  23   @retval  EFI_UNSUPPORTED       Unsupported TLS/SSL method.
  24
  25 **/
  26 EFI_STATUS
  27 EFIAPI
  28 TlsSetVersion (
  29   IN     VOID                     *Tls,
  30   IN     UINT8                    MajorVer,
  31   IN     UINT8                    MinorVer
  32   )
  33 {
  34   ASSERT(FALSE);
  35   return EFI_UNSUPPORTED;
  36 }
  37
  38 /**
  39   Set TLS object to work in client or server mode.
  40
  41   This function prepares a TLS object to work in client or server mode.
  42
  43   @param[in]  Tls         Pointer to a TLS object.
  44   @param[in]  IsServer    Work in server mode.
  45
  46   @retval  EFI_SUCCESS           The TLS/SSL work mode was set successfully.
  47   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
  48   @retval  EFI_UNSUPPORTED       Unsupported TLS/SSL work mode.
  49
  50 **/
  51 EFI_STATUS
  52 EFIAPI
  53 TlsSetConnectionEnd (
  54   IN     VOID                     *Tls,
  55   IN     BOOLEAN                  IsServer
  56   )
  57 {
  58   ASSERT(FALSE);
  59   return EFI_UNSUPPORTED;
  60 }
  61
  62 /**
  63   Set the ciphers list to be used by the TLS object.
  64
  65   This function sets the ciphers for use by a specified TLS object.
  66
  67   @param[in]  Tls          Pointer to a TLS object.
  68   @param[in]  CipherId     Array of UINT16 cipher identifiers. Each UINT16
  69                            cipher identifier comes from the TLS Cipher Suite
  70                            Registry of the IANA, interpreting Byte1 and Byte2
  71                            in network (big endian) byte order.
  72   @param[in]  CipherNum    The number of cipher in the list.
  73
  74   @retval  EFI_SUCCESS           The ciphers list was set successfully.
  75   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
  76   @retval  EFI_UNSUPPORTED       No supported TLS cipher was found in CipherId.
  77   @retval  EFI_OUT_OF_RESOURCES  Memory allocation failed.
  78
  79 **/
  80 EFI_STATUS
  81 EFIAPI
  82 TlsSetCipherList (
  83   IN     VOID                     *Tls,
  84   IN     UINT16                   *CipherId,
  85   IN     UINTN                    CipherNum
  86   )
  87 {
  88   ASSERT(FALSE);
  89   return EFI_UNSUPPORTED;
  90 }
  91
  92 /**
  93   Set the compression method for TLS/SSL operations.
  94
  95   This function handles TLS/SSL integrated compression methods.
  96
  97   @param[in]  CompMethod    The compression method ID.
  98
  99   @retval  EFI_SUCCESS        The compression method for the communication was
 100                               set successfully.
 101   @retval  EFI_UNSUPPORTED    Unsupported compression method.
 102
 103 **/
 104 EFI_STATUS
 105 EFIAPI
 106 TlsSetCompressionMethod (
 107   IN     UINT8                    CompMethod
 108   )
 109 {
 110   ASSERT(FALSE);
 111   return EFI_UNSUPPORTED;
 112 }
 113
 114 /**
 115   Set peer certificate verification mode for the TLS connection.
 116
 117   This function sets the verification mode flags for the TLS connection.
 118
 119   @param[in]  Tls           Pointer to the TLS object.
 120   @param[in]  VerifyMode    A set of logically or'ed verification mode flags.
 121
 122 **/
 123 VOID
 124 EFIAPI
 125 TlsSetVerify (
 126   IN     VOID                     *Tls,
 127   IN     UINT32                   VerifyMode
 128   )
 129 {
 130   ASSERT(FALSE);
 131 }
 132
 133 // MU_CHANGE - Proposed fixes for TCBZ960, invalid domain name (CN) accepted. [BEGIN]
 134 /**
 135   Set the specified host name to be verified.
 136
 137   @param[in]  Tls           Pointer to the TLS object.
 138   @param[in]  Flags         The setting flags during the validation.
 139   @param[in]  HostName      The specified host name to be verified.
 140
 141   @retval  EFI_SUCCESS           The HostName setting was set successfully.
 142   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 143   @retval  EFI_ABORTED           Invalid HostName setting.
 144
 145 **/
 146 EFI_STATUS
 147 EFIAPI
 148 TlsSetVerifyHost (
 149   IN     VOID                     *Tls,
 150   IN     UINT32                   Flags,
 151   IN     CHAR8                    *HostName
 152   )
 153 {
 154   ASSERT(FALSE);
 155   return EFI_UNSUPPORTED;
 156 }
 157
 158 // MU_CHANGE - Proposed fixes for TCBZ960, invalid domain name (CN) accepted. [END]
 159
 160 /**
 161   Sets a TLS/SSL session ID to be used during TLS/SSL connect.
 162
 163   This function sets a session ID to be used when the TLS/SSL connection is
 164   to be established.
 165
 166   @param[in]  Tls             Pointer to the TLS object.
 167   @param[in]  SessionId       Session ID data used for session resumption.
 168   @param[in]  SessionIdLen    Length of Session ID in bytes.
 169
 170   @retval  EFI_SUCCESS           Session ID was set successfully.
 171   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 172   @retval  EFI_UNSUPPORTED       No available session for ID setting.
 173
 174 **/
 175 EFI_STATUS
 176 EFIAPI
 177 TlsSetSessionId (
 178   IN     VOID                     *Tls,
 179   IN     UINT8                    *SessionId,
 180   IN     UINT16                   SessionIdLen
 181   )
 182 {
 183   ASSERT(FALSE);
 184   return EFI_UNSUPPORTED;
 185 }
 186
 187 /**
 188   Adds the CA to the cert store when requesting Server or Client authentication.
 189
 190   This function adds the CA certificate to the list of CAs when requesting
 191   Server or Client authentication for the chosen TLS connection.
 192
 193   @param[in]  Tls         Pointer to the TLS object.
 194   @param[in]  Data        Pointer to the data buffer of a DER-encoded binary
 195                           X.509 certificate or PEM-encoded X.509 certificate.
 196   @param[in]  DataSize    The size of data buffer in bytes.
 197
 198   @retval  EFI_SUCCESS             The operation succeeded.
 199   @retval  EFI_INVALID_PARAMETER   The parameter is invalid.
 200   @retval  EFI_OUT_OF_RESOURCES    Required resources could not be allocated.
 201   @retval  EFI_ABORTED             Invalid X.509 certificate.
 202
 203 **/
 204 EFI_STATUS
 205 EFIAPI
 206 TlsSetCaCertificate (
 207   IN     VOID                     *Tls,
 208   IN     VOID                     *Data,
 209   IN     UINTN                    DataSize
 210   )
 211 {
 212   ASSERT(FALSE);
 213   return EFI_UNSUPPORTED;
 214 }
 215
 216 /**
 217   Loads the local public certificate into the specified TLS object.
 218
 219   This function loads the X.509 certificate into the specified TLS object
 220   for TLS negotiation.
 221
 222   @param[in]  Tls         Pointer to the TLS object.
 223   @param[in]  Data        Pointer to the data buffer of a DER-encoded binary
 224                           X.509 certificate or PEM-encoded X.509 certificate.
 225   @param[in]  DataSize    The size of data buffer in bytes.
 226
 227   @retval  EFI_SUCCESS             The operation succeeded.
 228   @retval  EFI_INVALID_PARAMETER   The parameter is invalid.
 229   @retval  EFI_OUT_OF_RESOURCES    Required resources could not be allocated.
 230   @retval  EFI_ABORTED             Invalid X.509 certificate.
 231
 232 **/
 233 EFI_STATUS
 234 EFIAPI
 235 TlsSetHostPublicCert (
 236   IN     VOID                     *Tls,
 237   IN     VOID                     *Data,
 238   IN     UINTN                    DataSize
 239   )
 240 {
 241   ASSERT(FALSE);
 242   return EFI_UNSUPPORTED;
 243 }
 244
 245 /**
 246   Adds the local private key to the specified TLS object.
 247
 248   This function adds the local private key (PEM-encoded RSA or PKCS#8 private
 249   key) into the specified TLS object for TLS negotiation.
 250
 251   @param[in]  Tls         Pointer to the TLS object.
 252   @param[in]  Data        Pointer to the data buffer of a PEM-encoded RSA
 253                           or PKCS#8 private key.
 254   @param[in]  DataSize    The size of data buffer in bytes.
 255
 256   @retval  EFI_SUCCESS     The operation succeeded.
 257   @retval  EFI_UNSUPPORTED This function is not supported.
 258   @retval  EFI_ABORTED     Invalid private key data.
 259
 260 **/
 261 EFI_STATUS
 262 EFIAPI
 263 TlsSetHostPrivateKey (
 264   IN     VOID                     *Tls,
 265   IN     VOID                     *Data,
 266   IN     UINTN                    DataSize
 267   )
 268 {
 269   ASSERT(FALSE);
 270   return EFI_UNSUPPORTED;
 271 }
 272
 273 /**
 274   Adds the CA-supplied certificate revocation list for certificate validation.
 275
 276   This function adds the CA-supplied certificate revocation list data for
 277   certificate validity checking.
 278
 279   @param[in]  Data        Pointer to the data buffer of a DER-encoded CRL data.
 280   @param[in]  DataSize    The size of data buffer in bytes.
 281
 282   @retval  EFI_SUCCESS     The operation succeeded.
 283   @retval  EFI_UNSUPPORTED This function is not supported.
 284   @retval  EFI_ABORTED     Invalid CRL data.
 285
 286 **/
 287 EFI_STATUS
 288 EFIAPI
 289 TlsSetCertRevocationList (
 290   IN     VOID                     *Data,
 291   IN     UINTN                    DataSize
 292   )
 293 {
 294   ASSERT(FALSE);
 295   return EFI_UNSUPPORTED;
 296 }
 297
 298 /**
 299   Gets the protocol version used by the specified TLS connection.
 300
 301   This function returns the protocol version used by the specified TLS
 302   connection.
 303
 304   If Tls is NULL, then ASSERT().
 305
 306   @param[in]  Tls    Pointer to the TLS object.
 307
 308   @return  The protocol version of the specified TLS connection.
 309
 310 **/
 311 UINT16
 312 EFIAPI
 313 TlsGetVersion (
 314   IN     VOID                     *Tls
 315   )
 316 {
 317   ASSERT(FALSE);
 318   return 0;
 319 }
 320
 321 /**
 322   Gets the connection end of the specified TLS connection.
 323
 324   This function returns the connection end (as client or as server) used by
 325   the specified TLS connection.
 326
 327   If Tls is NULL, then ASSERT().
 328
 329   @param[in]  Tls    Pointer to the TLS object.
 330
 331   @return  The connection end used by the specified TLS connection.
 332
 333 **/
 334 UINT8
 335 EFIAPI
 336 TlsGetConnectionEnd (
 337   IN     VOID                     *Tls
 338   )
 339 {
 340   ASSERT(FALSE);
 341   return 0;
 342 }
 343
 344 /**
 345   Gets the cipher suite used by the specified TLS connection.
 346
 347   This function returns current cipher suite used by the specified
 348   TLS connection.
 349
 350   @param[in]      Tls         Pointer to the TLS object.
 351   @param[in,out]  CipherId    The cipher suite used by the TLS object.
 352
 353   @retval  EFI_SUCCESS           The cipher suite was returned successfully.
 354   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 355   @retval  EFI_UNSUPPORTED       Unsupported cipher suite.
 356
 357 **/
 358 EFI_STATUS
 359 EFIAPI
 360 TlsGetCurrentCipher (
 361   IN     VOID                     *Tls,
 362   IN OUT UINT16                   *CipherId
 363   )
 364 {
 365   ASSERT(FALSE);
 366   return EFI_UNSUPPORTED;
 367 }
 368
 369 /**
 370   Gets the compression methods used by the specified TLS connection.
 371
 372   This function returns current integrated compression methods used by
 373   the specified TLS connection.
 374
 375   @param[in]      Tls              Pointer to the TLS object.
 376   @param[in,out]  CompressionId    The current compression method used by
 377                                    the TLS object.
 378
 379   @retval  EFI_SUCCESS           The compression method was returned successfully.
 380   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 381   @retval  EFI_ABORTED           Invalid Compression method.
 382   @retval  EFI_UNSUPPORTED       This function is not supported.
 383
 384 **/
 385 EFI_STATUS
 386 EFIAPI
 387 TlsGetCurrentCompressionId (
 388   IN     VOID                     *Tls,
 389   IN OUT UINT8                    *CompressionId
 390   )
 391 {
 392   ASSERT(FALSE);
 393   return EFI_UNSUPPORTED;
 394 }
 395
 396 /**
 397   Gets the verification mode currently set in the TLS connection.
 398
 399   This function returns the peer verification mode currently set in the
 400   specified TLS connection.
 401
 402   If Tls is NULL, then ASSERT().
 403
 404   @param[in]  Tls    Pointer to the TLS object.
 405
 406   @return  The verification mode set in the specified TLS connection.
 407
 408 **/
 409 UINT32
 410 EFIAPI
 411 TlsGetVerify (
 412   IN     VOID                     *Tls
 413   )
 414 {
 415   ASSERT(FALSE);
 416   return 0;
 417 }
 418
 419 /**
 420   Gets the session ID used by the specified TLS connection.
 421
 422   This function returns the TLS/SSL session ID currently used by the
 423   specified TLS connection.
 424
 425   @param[in]      Tls             Pointer to the TLS object.
 426   @param[in,out]  SessionId       Buffer to contain the returned session ID.
 427   @param[in,out]  SessionIdLen    The length of Session ID in bytes.
 428
 429   @retval  EFI_SUCCESS           The Session ID was returned successfully.
 430   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 431   @retval  EFI_UNSUPPORTED       Invalid TLS/SSL session.
 432
 433 **/
 434 EFI_STATUS
 435 EFIAPI
 436 TlsGetSessionId (
 437   IN     VOID                     *Tls,
 438   IN OUT UINT8                    *SessionId,
 439   IN OUT UINT16                   *SessionIdLen
 440   )
 441 {
 442   ASSERT(FALSE);
 443   return EFI_UNSUPPORTED;
 444 }
 445
 446 /**
 447   Gets the client random data used in the specified TLS connection.
 448
 449   This function returns the TLS/SSL client random data currently used in
 450   the specified TLS connection.
 451
 452   @param[in]      Tls             Pointer to the TLS object.
 453   @param[in,out]  ClientRandom    Buffer to contain the returned client
 454                                   random data (32 bytes).
 455
 456 **/
 457 VOID
 458 EFIAPI
 459 TlsGetClientRandom (
 460   IN     VOID                     *Tls,
 461   IN OUT UINT8                    *ClientRandom
 462   )
 463 {
 464   ASSERT(FALSE);
 465 }
 466
 467 /**
 468   Gets the server random data used in the specified TLS connection.
 469
 470   This function returns the TLS/SSL server random data currently used in
 471   the specified TLS connection.
 472
 473   @param[in]      Tls             Pointer to the TLS object.
 474   @param[in,out]  ServerRandom    Buffer to contain the returned server
 475                                   random data (32 bytes).
 476
 477 **/
 478 VOID
 479 EFIAPI
 480 TlsGetServerRandom (
 481   IN     VOID                     *Tls,
 482   IN OUT UINT8                    *ServerRandom
 483   )
 484 {
 485   ASSERT(FALSE);
 486 }
 487
 488 /**
 489   Gets the master key data used in the specified TLS connection.
 490
 491   This function returns the TLS/SSL master key material currently used in
 492   the specified TLS connection.
 493
 494   @param[in]      Tls            Pointer to the TLS object.
 495   @param[in,out]  KeyMaterial    Buffer to contain the returned key material.
 496
 497   @retval  EFI_SUCCESS           Key material was returned successfully.
 498   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 499   @retval  EFI_UNSUPPORTED       Invalid TLS/SSL session.
 500
 501 **/
 502 EFI_STATUS
 503 EFIAPI
 504 TlsGetKeyMaterial (
 505   IN     VOID                     *Tls,
 506   IN OUT UINT8                    *KeyMaterial
 507   )
 508 {
 509   ASSERT(FALSE);
 510   return EFI_UNSUPPORTED;
 511 }
 512
 513 /**
 514   Gets the CA Certificate from the cert store.
 515
 516   This function returns the CA certificate for the chosen
 517   TLS connection.
 518
 519   @param[in]      Tls         Pointer to the TLS object.
 520   @param[out]     Data        Pointer to the data buffer to receive the CA
 521                               certificate data sent to the client.
 522   @param[in,out]  DataSize    The size of data buffer in bytes.
 523
 524   @retval  EFI_SUCCESS             The operation succeeded.
 525   @retval  EFI_UNSUPPORTED         This function is not supported.
 526   @retval  EFI_BUFFER_TOO_SMALL    The Data is too small to hold the data.
 527
 528 **/
 529 EFI_STATUS
 530 EFIAPI
 531 TlsGetCaCertificate (
 532   IN     VOID                     *Tls,
 533   OUT    VOID                     *Data,
 534   IN OUT UINTN                    *DataSize
 535   )
 536 {
 537   ASSERT(FALSE);
 538   return EFI_UNSUPPORTED;
 539 }
 540
 541 /**
 542   Gets the local public Certificate set in the specified TLS object.
 543
 544   This function returns the local public certificate which was currently set
 545   in the specified TLS object.
 546
 547   @param[in]      Tls         Pointer to the TLS object.
 548   @param[out]     Data        Pointer to the data buffer to receive the local
 549                               public certificate.
 550   @param[in,out]  DataSize    The size of data buffer in bytes.
 551
 552   @retval  EFI_SUCCESS             The operation succeeded.
 553   @retval  EFI_INVALID_PARAMETER   The parameter is invalid.
 554   @retval  EFI_NOT_FOUND           The certificate is not found.
 555   @retval  EFI_BUFFER_TOO_SMALL    The Data is too small to hold the data.
 556
 557 **/
 558 EFI_STATUS
 559 EFIAPI
 560 TlsGetHostPublicCert (
 561   IN     VOID                     *Tls,
 562   OUT    VOID                     *Data,
 563   IN OUT UINTN                    *DataSize
 564   )
 565 {
 566   ASSERT(FALSE);
 567   return EFI_UNSUPPORTED;
 568 }
 569
 570 /**
 571   Gets the local private key set in the specified TLS object.
 572
 573   This function returns the local private key data which was currently set
 574   in the specified TLS object.
 575
 576   @param[in]      Tls         Pointer to the TLS object.
 577   @param[out]     Data        Pointer to the data buffer to receive the local
 578                               private key data.
 579   @param[in,out]  DataSize    The size of data buffer in bytes.
 580
 581   @retval  EFI_SUCCESS             The operation succeeded.
 582   @retval  EFI_UNSUPPORTED         This function is not supported.
 583   @retval  EFI_BUFFER_TOO_SMALL    The Data is too small to hold the data.
 584
 585 **/
 586 EFI_STATUS
 587 EFIAPI
 588 TlsGetHostPrivateKey (
 589   IN     VOID                     *Tls,
 590   OUT    VOID                     *Data,
 591   IN OUT UINTN                    *DataSize
 592   )
 593 {
 594   ASSERT(FALSE);
 595   return EFI_UNSUPPORTED;
 596 }
 597
 598 /**
 599   Gets the CA-supplied certificate revocation list data set in the specified
 600   TLS object.
 601
 602   This function returns the CA-supplied certificate revocation list data which
 603   was currently set in the specified TLS object.
 604
 605   @param[out]     Data        Pointer to the data buffer to receive the CRL data.
 606   @param[in,out]  DataSize    The size of data buffer in bytes.
 607
 608   @retval  EFI_SUCCESS             The operation succeeded.
 609   @retval  EFI_UNSUPPORTED         This function is not supported.
 610   @retval  EFI_BUFFER_TOO_SMALL    The Data is too small to hold the data.
 611
 612 **/
 613 EFI_STATUS
 614 EFIAPI
 615 TlsGetCertRevocationList (
 616   OUT    VOID                     *Data,
 617   IN OUT UINTN                    *DataSize
 618   )
 619 {
 620   ASSERT(FALSE);
 621   return EFI_UNSUPPORTED;
 622 }