CryptoPkg/Library/TlsLibNull/TlsConfigNull.c

   1 /** @file
   2   SSL/TLS Configuration Null Library Wrapper Implementation.
   3
   4 Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
   5 (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
   6 SPDX-License-Identifier: BSD-2-Clause-Patent
   7
   8 **/
   9
  10 #include "InternalTlsLib.h"
  11
  12 /**
  13   Set a new TLS/SSL method for a particular TLS object.
  14
  15   This function sets a new TLS/SSL method for a particular TLS object.
  16
  17   @param[in]  Tls         Pointer to a TLS object.
  18   @param[in]  MajorVer    Major Version of TLS/SSL Protocol.
  19   @param[in]  MinorVer    Minor Version of TLS/SSL Protocol.
  20
  21   @retval  EFI_SUCCESS           The TLS/SSL method was set successfully.
  22   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
  23   @retval  EFI_UNSUPPORTED       Unsupported TLS/SSL method.
  24
  25 **/
  26 EFI_STATUS
  27 EFIAPI
  28 TlsSetVersion (
  29   IN     VOID   *Tls,
  30   IN     UINT8  MajorVer,
  31   IN     UINT8  MinorVer
  32   )
  33 {
  34   ASSERT (FALSE);
  35   return EFI_UNSUPPORTED;
  36 }
  37
  38 /**
  39   Set TLS object to work in client or server mode.
  40
  41   This function prepares a TLS object to work in client or server mode.
  42
  43   @param[in]  Tls         Pointer to a TLS object.
  44   @param[in]  IsServer    Work in server mode.
  45
  46   @retval  EFI_SUCCESS           The TLS/SSL work mode was set successfully.
  47   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
  48   @retval  EFI_UNSUPPORTED       Unsupported TLS/SSL work mode.
  49
  50 **/
  51 EFI_STATUS
  52 EFIAPI
  53 TlsSetConnectionEnd (
  54   IN     VOID     *Tls,
  55   IN     BOOLEAN  IsServer
  56   )
  57 {
  58   ASSERT (FALSE);
  59   return EFI_UNSUPPORTED;
  60 }
  61
  62 /**
  63   Set the ciphers list to be used by the TLS object.
  64
  65   This function sets the ciphers for use by a specified TLS object.
  66
  67   @param[in]  Tls          Pointer to a TLS object.
  68   @param[in]  CipherId     Array of UINT16 cipher identifiers. Each UINT16
  69                            cipher identifier comes from the TLS Cipher Suite
  70                            Registry of the IANA, interpreting Byte1 and Byte2
  71                            in network (big endian) byte order.
  72   @param[in]  CipherNum    The number of cipher in the list.
  73
  74   @retval  EFI_SUCCESS           The ciphers list was set successfully.
  75   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
  76   @retval  EFI_UNSUPPORTED       No supported TLS cipher was found in CipherId.
  77   @retval  EFI_OUT_OF_RESOURCES  Memory allocation failed.
  78
  79 **/
  80 EFI_STATUS
  81 EFIAPI
  82 TlsSetCipherList (
  83   IN     VOID    *Tls,
  84   IN     UINT16  *CipherId,
  85   IN     UINTN   CipherNum
  86   )
  87 {
  88   ASSERT (FALSE);
  89   return EFI_UNSUPPORTED;
  90 }
  91
  92 /**
  93   Set the compression method for TLS/SSL operations.
  94
  95   This function handles TLS/SSL integrated compression methods.
  96
  97   @param[in]  CompMethod    The compression method ID.
  98
  99   @retval  EFI_SUCCESS        The compression method for the communication was
 100                               set successfully.
 101   @retval  EFI_UNSUPPORTED    Unsupported compression method.
 102
 103 **/
 104 EFI_STATUS
 105 EFIAPI
 106 TlsSetCompressionMethod (
 107   IN     UINT8  CompMethod
 108   )
 109 {
 110   ASSERT (FALSE);
 111   return EFI_UNSUPPORTED;
 112 }
 113
 114 /**
 115   Set peer certificate verification mode for the TLS connection.
 116
 117   This function sets the verification mode flags for the TLS connection.
 118
 119   @param[in]  Tls           Pointer to the TLS object.
 120   @param[in]  VerifyMode    A set of logically or'ed verification mode flags.
 121
 122 **/
 123 VOID
 124 EFIAPI
 125 TlsSetVerify (
 126   IN     VOID    *Tls,
 127   IN     UINT32  VerifyMode
 128   )
 129 {
 130   ASSERT (FALSE);
 131 }
 132
 133 // MU_CHANGE - Proposed fixes for TCBZ960, invalid domain name (CN) accepted. [BEGIN]
 134
 135 /**
 136   Set the specified host name to be verified.
 137
 138   @param[in]  Tls           Pointer to the TLS object.
 139   @param[in]  Flags         The setting flags during the validation.
 140   @param[in]  HostName      The specified host name to be verified.
 141
 142   @retval  EFI_SUCCESS           The HostName setting was set successfully.
 143   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 144   @retval  EFI_ABORTED           Invalid HostName setting.
 145
 146 **/
 147 EFI_STATUS
 148 EFIAPI
 149 TlsSetVerifyHost (
 150   IN     VOID    *Tls,
 151   IN     UINT32  Flags,
 152   IN     CHAR8   *HostName
 153   )
 154 {
 155   ASSERT (FALSE);
 156   return EFI_UNSUPPORTED;
 157 }
 158
 159 // MU_CHANGE - Proposed fixes for TCBZ960, invalid domain name (CN) accepted. [END]
 160
 161 /**
 162   Sets a TLS/SSL session ID to be used during TLS/SSL connect.
 163
 164   This function sets a session ID to be used when the TLS/SSL connection is
 165   to be established.
 166
 167   @param[in]  Tls             Pointer to the TLS object.
 168   @param[in]  SessionId       Session ID data used for session resumption.
 169   @param[in]  SessionIdLen    Length of Session ID in bytes.
 170
 171   @retval  EFI_SUCCESS           Session ID was set successfully.
 172   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 173   @retval  EFI_UNSUPPORTED       No available session for ID setting.
 174
 175 **/
 176 EFI_STATUS
 177 EFIAPI
 178 TlsSetSessionId (
 179   IN     VOID    *Tls,
 180   IN     UINT8   *SessionId,
 181   IN     UINT16  SessionIdLen
 182   )
 183 {
 184   ASSERT (FALSE);
 185   return EFI_UNSUPPORTED;
 186 }
 187
 188 /**
 189   Adds the CA to the cert store when requesting Server or Client authentication.
 190
 191   This function adds the CA certificate to the list of CAs when requesting
 192   Server or Client authentication for the chosen TLS connection.
 193
 194   @param[in]  Tls         Pointer to the TLS object.
 195   @param[in]  Data        Pointer to the data buffer of a DER-encoded binary
 196                           X.509 certificate or PEM-encoded X.509 certificate.
 197   @param[in]  DataSize    The size of data buffer in bytes.
 198
 199   @retval  EFI_SUCCESS             The operation succeeded.
 200   @retval  EFI_INVALID_PARAMETER   The parameter is invalid.
 201   @retval  EFI_OUT_OF_RESOURCES    Required resources could not be allocated.
 202   @retval  EFI_ABORTED             Invalid X.509 certificate.
 203
 204 **/
 205 EFI_STATUS
 206 EFIAPI
 207 TlsSetCaCertificate (
 208   IN     VOID   *Tls,
 209   IN     VOID   *Data,
 210   IN     UINTN  DataSize
 211   )
 212 {
 213   ASSERT (FALSE);
 214   return EFI_UNSUPPORTED;
 215 }
 216
 217 /**
 218   Loads the local public certificate into the specified TLS object.
 219
 220   This function loads the X.509 certificate into the specified TLS object
 221   for TLS negotiation.
 222
 223   @param[in]  Tls         Pointer to the TLS object.
 224   @param[in]  Data        Pointer to the data buffer of a DER-encoded binary
 225                           X.509 certificate or PEM-encoded X.509 certificate.
 226   @param[in]  DataSize    The size of data buffer in bytes.
 227
 228   @retval  EFI_SUCCESS             The operation succeeded.
 229   @retval  EFI_INVALID_PARAMETER   The parameter is invalid.
 230   @retval  EFI_OUT_OF_RESOURCES    Required resources could not be allocated.
 231   @retval  EFI_ABORTED             Invalid X.509 certificate.
 232
 233 **/
 234 EFI_STATUS
 235 EFIAPI
 236 TlsSetHostPublicCert (
 237   IN     VOID   *Tls,
 238   IN     VOID   *Data,
 239   IN     UINTN  DataSize
 240   )
 241 {
 242   ASSERT (FALSE);
 243   return EFI_UNSUPPORTED;
 244 }
 245
 246 /**
 247   Adds the local private key to the specified TLS object.
 248
 249   This function adds the local private key (PEM-encoded RSA or PKCS#8 private
 250   key) into the specified TLS object for TLS negotiation.
 251
 252   @param[in]  Tls         Pointer to the TLS object.
 253   @param[in]  Data        Pointer to the data buffer of a PEM-encoded RSA
 254                           or PKCS#8 private key.
 255   @param[in]  DataSize    The size of data buffer in bytes.
 256
 257   @retval  EFI_SUCCESS     The operation succeeded.
 258   @retval  EFI_UNSUPPORTED This function is not supported.
 259   @retval  EFI_ABORTED     Invalid private key data.
 260
 261 **/
 262 EFI_STATUS
 263 EFIAPI
 264 TlsSetHostPrivateKey (
 265   IN     VOID   *Tls,
 266   IN     VOID   *Data,
 267   IN     UINTN  DataSize
 268   )
 269 {
 270   ASSERT (FALSE);
 271   return EFI_UNSUPPORTED;
 272 }
 273
 274 /**
 275   Adds the CA-supplied certificate revocation list for certificate validation.
 276
 277   This function adds the CA-supplied certificate revocation list data for
 278   certificate validity checking.
 279
 280   @param[in]  Data        Pointer to the data buffer of a DER-encoded CRL data.
 281   @param[in]  DataSize    The size of data buffer in bytes.
 282
 283   @retval  EFI_SUCCESS     The operation succeeded.
 284   @retval  EFI_UNSUPPORTED This function is not supported.
 285   @retval  EFI_ABORTED     Invalid CRL data.
 286
 287 **/
 288 EFI_STATUS
 289 EFIAPI
 290 TlsSetCertRevocationList (
 291   IN     VOID   *Data,
 292   IN     UINTN  DataSize
 293   )
 294 {
 295   ASSERT (FALSE);
 296   return EFI_UNSUPPORTED;
 297 }
 298
 299 /**
 300   Gets the protocol version used by the specified TLS connection.
 301
 302   This function returns the protocol version used by the specified TLS
 303   connection.
 304
 305   If Tls is NULL, then ASSERT().
 306
 307   @param[in]  Tls    Pointer to the TLS object.
 308
 309   @return  The protocol version of the specified TLS connection.
 310
 311 **/
 312 UINT16
 313 EFIAPI
 314 TlsGetVersion (
 315   IN     VOID  *Tls
 316   )
 317 {
 318   ASSERT (FALSE);
 319   return 0;
 320 }
 321
 322 /**
 323   Gets the connection end of the specified TLS connection.
 324
 325   This function returns the connection end (as client or as server) used by
 326   the specified TLS connection.
 327
 328   If Tls is NULL, then ASSERT().
 329
 330   @param[in]  Tls    Pointer to the TLS object.
 331
 332   @return  The connection end used by the specified TLS connection.
 333
 334 **/
 335 UINT8
 336 EFIAPI
 337 TlsGetConnectionEnd (
 338   IN     VOID  *Tls
 339   )
 340 {
 341   ASSERT (FALSE);
 342   return 0;
 343 }
 344
 345 /**
 346   Gets the cipher suite used by the specified TLS connection.
 347
 348   This function returns current cipher suite used by the specified
 349   TLS connection.
 350
 351   @param[in]      Tls         Pointer to the TLS object.
 352   @param[in,out]  CipherId    The cipher suite used by the TLS object.
 353
 354   @retval  EFI_SUCCESS           The cipher suite was returned successfully.
 355   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 356   @retval  EFI_UNSUPPORTED       Unsupported cipher suite.
 357
 358 **/
 359 EFI_STATUS
 360 EFIAPI
 361 TlsGetCurrentCipher (
 362   IN     VOID    *Tls,
 363   IN OUT UINT16  *CipherId
 364   )
 365 {
 366   ASSERT (FALSE);
 367   return EFI_UNSUPPORTED;
 368 }
 369
 370 /**
 371   Gets the compression methods used by the specified TLS connection.
 372
 373   This function returns current integrated compression methods used by
 374   the specified TLS connection.
 375
 376   @param[in]      Tls              Pointer to the TLS object.
 377   @param[in,out]  CompressionId    The current compression method used by
 378                                    the TLS object.
 379
 380   @retval  EFI_SUCCESS           The compression method was returned successfully.
 381   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 382   @retval  EFI_ABORTED           Invalid Compression method.
 383   @retval  EFI_UNSUPPORTED       This function is not supported.
 384
 385 **/
 386 EFI_STATUS
 387 EFIAPI
 388 TlsGetCurrentCompressionId (
 389   IN     VOID   *Tls,
 390   IN OUT UINT8  *CompressionId
 391   )
 392 {
 393   ASSERT (FALSE);
 394   return EFI_UNSUPPORTED;
 395 }
 396
 397 /**
 398   Gets the verification mode currently set in the TLS connection.
 399
 400   This function returns the peer verification mode currently set in the
 401   specified TLS connection.
 402
 403   If Tls is NULL, then ASSERT().
 404
 405   @param[in]  Tls    Pointer to the TLS object.
 406
 407   @return  The verification mode set in the specified TLS connection.
 408
 409 **/
 410 UINT32
 411 EFIAPI
 412 TlsGetVerify (
 413   IN     VOID  *Tls
 414   )
 415 {
 416   ASSERT (FALSE);
 417   return 0;
 418 }
 419
 420 /**
 421   Gets the session ID used by the specified TLS connection.
 422
 423   This function returns the TLS/SSL session ID currently used by the
 424   specified TLS connection.
 425
 426   @param[in]      Tls             Pointer to the TLS object.
 427   @param[in,out]  SessionId       Buffer to contain the returned session ID.
 428   @param[in,out]  SessionIdLen    The length of Session ID in bytes.
 429
 430   @retval  EFI_SUCCESS           The Session ID was returned successfully.
 431   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 432   @retval  EFI_UNSUPPORTED       Invalid TLS/SSL session.
 433
 434 **/
 435 EFI_STATUS
 436 EFIAPI
 437 TlsGetSessionId (
 438   IN     VOID    *Tls,
 439   IN OUT UINT8   *SessionId,
 440   IN OUT UINT16  *SessionIdLen
 441   )
 442 {
 443   ASSERT (FALSE);
 444   return EFI_UNSUPPORTED;
 445 }
 446
 447 /**
 448   Gets the client random data used in the specified TLS connection.
 449
 450   This function returns the TLS/SSL client random data currently used in
 451   the specified TLS connection.
 452
 453   @param[in]      Tls             Pointer to the TLS object.
 454   @param[in,out]  ClientRandom    Buffer to contain the returned client
 455                                   random data (32 bytes).
 456
 457 **/
 458 VOID
 459 EFIAPI
 460 TlsGetClientRandom (
 461   IN     VOID   *Tls,
 462   IN OUT UINT8  *ClientRandom
 463   )
 464 {
 465   ASSERT (FALSE);
 466 }
 467
 468 /**
 469   Gets the server random data used in the specified TLS connection.
 470
 471   This function returns the TLS/SSL server random data currently used in
 472   the specified TLS connection.
 473
 474   @param[in]      Tls             Pointer to the TLS object.
 475   @param[in,out]  ServerRandom    Buffer to contain the returned server
 476                                   random data (32 bytes).
 477
 478 **/
 479 VOID
 480 EFIAPI
 481 TlsGetServerRandom (
 482   IN     VOID   *Tls,
 483   IN OUT UINT8  *ServerRandom
 484   )
 485 {
 486   ASSERT (FALSE);
 487 }
 488
 489 /**
 490   Gets the master key data used in the specified TLS connection.
 491
 492   This function returns the TLS/SSL master key material currently used in
 493   the specified TLS connection.
 494
 495   @param[in]      Tls            Pointer to the TLS object.
 496   @param[in,out]  KeyMaterial    Buffer to contain the returned key material.
 497
 498   @retval  EFI_SUCCESS           Key material was returned successfully.
 499   @retval  EFI_INVALID_PARAMETER The parameter is invalid.
 500   @retval  EFI_UNSUPPORTED       Invalid TLS/SSL session.
 501
 502 **/
 503 EFI_STATUS
 504 EFIAPI
 505 TlsGetKeyMaterial (
 506   IN     VOID   *Tls,
 507   IN OUT UINT8  *KeyMaterial
 508   )
 509 {
 510   ASSERT (FALSE);
 511   return EFI_UNSUPPORTED;
 512 }
 513
 514 /**
 515   Gets the CA Certificate from the cert store.
 516
 517   This function returns the CA certificate for the chosen
 518   TLS connection.
 519
 520   @param[in]      Tls         Pointer to the TLS object.
 521   @param[out]     Data        Pointer to the data buffer to receive the CA
 522                               certificate data sent to the client.
 523   @param[in,out]  DataSize    The size of data buffer in bytes.
 524
 525   @retval  EFI_SUCCESS             The operation succeeded.
 526   @retval  EFI_UNSUPPORTED         This function is not supported.
 527   @retval  EFI_BUFFER_TOO_SMALL    The Data is too small to hold the data.
 528
 529 **/
 530 EFI_STATUS
 531 EFIAPI
 532 TlsGetCaCertificate (
 533   IN     VOID   *Tls,
 534   OUT    VOID   *Data,
 535   IN OUT UINTN  *DataSize
 536   )
 537 {
 538   ASSERT (FALSE);
 539   return EFI_UNSUPPORTED;
 540 }
 541
 542 /**
 543   Gets the local public Certificate set in the specified TLS object.
 544
 545   This function returns the local public certificate which was currently set
 546   in the specified TLS object.
 547
 548   @param[in]      Tls         Pointer to the TLS object.
 549   @param[out]     Data        Pointer to the data buffer to receive the local
 550                               public certificate.
 551   @param[in,out]  DataSize    The size of data buffer in bytes.
 552
 553   @retval  EFI_SUCCESS             The operation succeeded.
 554   @retval  EFI_INVALID_PARAMETER   The parameter is invalid.
 555   @retval  EFI_NOT_FOUND           The certificate is not found.
 556   @retval  EFI_BUFFER_TOO_SMALL    The Data is too small to hold the data.
 557
 558 **/
 559 EFI_STATUS
 560 EFIAPI
 561 TlsGetHostPublicCert (
 562   IN     VOID   *Tls,
 563   OUT    VOID   *Data,
 564   IN OUT UINTN  *DataSize
 565   )
 566 {
 567   ASSERT (FALSE);
 568   return EFI_UNSUPPORTED;
 569 }
 570
 571 /**
 572   Gets the local private key set in the specified TLS object.
 573
 574   This function returns the local private key data which was currently set
 575   in the specified TLS object.
 576
 577   @param[in]      Tls         Pointer to the TLS object.
 578   @param[out]     Data        Pointer to the data buffer to receive the local
 579                               private key data.
 580   @param[in,out]  DataSize    The size of data buffer in bytes.
 581
 582   @retval  EFI_SUCCESS             The operation succeeded.
 583   @retval  EFI_UNSUPPORTED         This function is not supported.
 584   @retval  EFI_BUFFER_TOO_SMALL    The Data is too small to hold the data.
 585
 586 **/
 587 EFI_STATUS
 588 EFIAPI
 589 TlsGetHostPrivateKey (
 590   IN     VOID   *Tls,
 591   OUT    VOID   *Data,
 592   IN OUT UINTN  *DataSize
 593   )
 594 {
 595   ASSERT (FALSE);
 596   return EFI_UNSUPPORTED;
 597 }
 598
 599 /**
 600   Gets the CA-supplied certificate revocation list data set in the specified
 601   TLS object.
 602
 603   This function returns the CA-supplied certificate revocation list data which
 604   was currently set in the specified TLS object.
 605
 606   @param[out]     Data        Pointer to the data buffer to receive the CRL data.
 607   @param[in,out]  DataSize    The size of data buffer in bytes.
 608
 609   @retval  EFI_SUCCESS             The operation succeeded.
 610   @retval  EFI_UNSUPPORTED         This function is not supported.
 611   @retval  EFI_BUFFER_TOO_SMALL    The Data is too small to hold the data.
 612
 613 **/
 614 EFI_STATUS
 615 EFIAPI
 616 TlsGetCertRevocationList (
 617   OUT    VOID   *Data,
 618   IN OUT UINTN  *DataSize
 619   )
 620 {
 621   ASSERT (FALSE);
 622   return EFI_UNSUPPORTED;
 623 }