]>
git.proxmox.com Git - mirror_edk2.git/blob - CryptoPkg/Library/TlsLibNull/TlsConfigNull.c
2 SSL/TLS Configuration Null Library Wrapper Implementation.
4 Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
5 (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
10 #include "InternalTlsLib.h"
13 Set a new TLS/SSL method for a particular TLS object.
15 This function sets a new TLS/SSL method for a particular TLS object.
17 @param[in] Tls Pointer to a TLS object.
18 @param[in] MajorVer Major Version of TLS/SSL Protocol.
19 @param[in] MinorVer Minor Version of TLS/SSL Protocol.
21 @retval EFI_SUCCESS The TLS/SSL method was set successfully.
22 @retval EFI_INVALID_PARAMETER The parameter is invalid.
23 @retval EFI_UNSUPPORTED Unsupported TLS/SSL method.
35 return EFI_UNSUPPORTED
;
39 Set TLS object to work in client or server mode.
41 This function prepares a TLS object to work in client or server mode.
43 @param[in] Tls Pointer to a TLS object.
44 @param[in] IsServer Work in server mode.
46 @retval EFI_SUCCESS The TLS/SSL work mode was set successfully.
47 @retval EFI_INVALID_PARAMETER The parameter is invalid.
48 @retval EFI_UNSUPPORTED Unsupported TLS/SSL work mode.
59 return EFI_UNSUPPORTED
;
63 Set the ciphers list to be used by the TLS object.
65 This function sets the ciphers for use by a specified TLS object.
67 @param[in] Tls Pointer to a TLS object.
68 @param[in] CipherId Array of UINT16 cipher identifiers. Each UINT16
69 cipher identifier comes from the TLS Cipher Suite
70 Registry of the IANA, interpreting Byte1 and Byte2
71 in network (big endian) byte order.
72 @param[in] CipherNum The number of cipher in the list.
74 @retval EFI_SUCCESS The ciphers list was set successfully.
75 @retval EFI_INVALID_PARAMETER The parameter is invalid.
76 @retval EFI_UNSUPPORTED No supported TLS cipher was found in CipherId.
77 @retval EFI_OUT_OF_RESOURCES Memory allocation failed.
89 return EFI_UNSUPPORTED
;
93 Set the compression method for TLS/SSL operations.
95 This function handles TLS/SSL integrated compression methods.
97 @param[in] CompMethod The compression method ID.
99 @retval EFI_SUCCESS The compression method for the communication was
101 @retval EFI_UNSUPPORTED Unsupported compression method.
106 TlsSetCompressionMethod (
111 return EFI_UNSUPPORTED
;
115 Set peer certificate verification mode for the TLS connection.
117 This function sets the verification mode flags for the TLS connection.
119 @param[in] Tls Pointer to the TLS object.
120 @param[in] VerifyMode A set of logically or'ed verification mode flags.
133 // MU_CHANGE - Proposed fixes for TCBZ960, invalid domain name (CN) accepted. [BEGIN]
136 Set the specified host name to be verified.
138 @param[in] Tls Pointer to the TLS object.
139 @param[in] Flags The setting flags during the validation.
140 @param[in] HostName The specified host name to be verified.
142 @retval EFI_SUCCESS The HostName setting was set successfully.
143 @retval EFI_INVALID_PARAMETER The parameter is invalid.
144 @retval EFI_ABORTED Invalid HostName setting.
156 return EFI_UNSUPPORTED
;
159 // MU_CHANGE - Proposed fixes for TCBZ960, invalid domain name (CN) accepted. [END]
162 Sets a TLS/SSL session ID to be used during TLS/SSL connect.
164 This function sets a session ID to be used when the TLS/SSL connection is
167 @param[in] Tls Pointer to the TLS object.
168 @param[in] SessionId Session ID data used for session resumption.
169 @param[in] SessionIdLen Length of Session ID in bytes.
171 @retval EFI_SUCCESS Session ID was set successfully.
172 @retval EFI_INVALID_PARAMETER The parameter is invalid.
173 @retval EFI_UNSUPPORTED No available session for ID setting.
181 IN UINT16 SessionIdLen
185 return EFI_UNSUPPORTED
;
189 Adds the CA to the cert store when requesting Server or Client authentication.
191 This function adds the CA certificate to the list of CAs when requesting
192 Server or Client authentication for the chosen TLS connection.
194 @param[in] Tls Pointer to the TLS object.
195 @param[in] Data Pointer to the data buffer of a DER-encoded binary
196 X.509 certificate or PEM-encoded X.509 certificate.
197 @param[in] DataSize The size of data buffer in bytes.
199 @retval EFI_SUCCESS The operation succeeded.
200 @retval EFI_INVALID_PARAMETER The parameter is invalid.
201 @retval EFI_OUT_OF_RESOURCES Required resources could not be allocated.
202 @retval EFI_ABORTED Invalid X.509 certificate.
207 TlsSetCaCertificate (
214 return EFI_UNSUPPORTED
;
218 Loads the local public certificate into the specified TLS object.
220 This function loads the X.509 certificate into the specified TLS object
223 @param[in] Tls Pointer to the TLS object.
224 @param[in] Data Pointer to the data buffer of a DER-encoded binary
225 X.509 certificate or PEM-encoded X.509 certificate.
226 @param[in] DataSize The size of data buffer in bytes.
228 @retval EFI_SUCCESS The operation succeeded.
229 @retval EFI_INVALID_PARAMETER The parameter is invalid.
230 @retval EFI_OUT_OF_RESOURCES Required resources could not be allocated.
231 @retval EFI_ABORTED Invalid X.509 certificate.
236 TlsSetHostPublicCert (
243 return EFI_UNSUPPORTED
;
247 Adds the local private key to the specified TLS object.
249 This function adds the local private key (PEM-encoded RSA or PKCS#8 private
250 key) into the specified TLS object for TLS negotiation.
252 @param[in] Tls Pointer to the TLS object.
253 @param[in] Data Pointer to the data buffer of a PEM-encoded RSA
254 or PKCS#8 private key.
255 @param[in] DataSize The size of data buffer in bytes.
257 @retval EFI_SUCCESS The operation succeeded.
258 @retval EFI_UNSUPPORTED This function is not supported.
259 @retval EFI_ABORTED Invalid private key data.
264 TlsSetHostPrivateKey (
271 return EFI_UNSUPPORTED
;
275 Adds the CA-supplied certificate revocation list for certificate validation.
277 This function adds the CA-supplied certificate revocation list data for
278 certificate validity checking.
280 @param[in] Data Pointer to the data buffer of a DER-encoded CRL data.
281 @param[in] DataSize The size of data buffer in bytes.
283 @retval EFI_SUCCESS The operation succeeded.
284 @retval EFI_UNSUPPORTED This function is not supported.
285 @retval EFI_ABORTED Invalid CRL data.
290 TlsSetCertRevocationList (
296 return EFI_UNSUPPORTED
;
300 Gets the protocol version used by the specified TLS connection.
302 This function returns the protocol version used by the specified TLS
305 If Tls is NULL, then ASSERT().
307 @param[in] Tls Pointer to the TLS object.
309 @return The protocol version of the specified TLS connection.
323 Gets the connection end of the specified TLS connection.
325 This function returns the connection end (as client or as server) used by
326 the specified TLS connection.
328 If Tls is NULL, then ASSERT().
330 @param[in] Tls Pointer to the TLS object.
332 @return The connection end used by the specified TLS connection.
337 TlsGetConnectionEnd (
346 Gets the cipher suite used by the specified TLS connection.
348 This function returns current cipher suite used by the specified
351 @param[in] Tls Pointer to the TLS object.
352 @param[in,out] CipherId The cipher suite used by the TLS object.
354 @retval EFI_SUCCESS The cipher suite was returned successfully.
355 @retval EFI_INVALID_PARAMETER The parameter is invalid.
356 @retval EFI_UNSUPPORTED Unsupported cipher suite.
361 TlsGetCurrentCipher (
363 IN OUT UINT16
*CipherId
367 return EFI_UNSUPPORTED
;
371 Gets the compression methods used by the specified TLS connection.
373 This function returns current integrated compression methods used by
374 the specified TLS connection.
376 @param[in] Tls Pointer to the TLS object.
377 @param[in,out] CompressionId The current compression method used by
380 @retval EFI_SUCCESS The compression method was returned successfully.
381 @retval EFI_INVALID_PARAMETER The parameter is invalid.
382 @retval EFI_ABORTED Invalid Compression method.
383 @retval EFI_UNSUPPORTED This function is not supported.
388 TlsGetCurrentCompressionId (
390 IN OUT UINT8
*CompressionId
394 return EFI_UNSUPPORTED
;
398 Gets the verification mode currently set in the TLS connection.
400 This function returns the peer verification mode currently set in the
401 specified TLS connection.
403 If Tls is NULL, then ASSERT().
405 @param[in] Tls Pointer to the TLS object.
407 @return The verification mode set in the specified TLS connection.
421 Gets the session ID used by the specified TLS connection.
423 This function returns the TLS/SSL session ID currently used by the
424 specified TLS connection.
426 @param[in] Tls Pointer to the TLS object.
427 @param[in,out] SessionId Buffer to contain the returned session ID.
428 @param[in,out] SessionIdLen The length of Session ID in bytes.
430 @retval EFI_SUCCESS The Session ID was returned successfully.
431 @retval EFI_INVALID_PARAMETER The parameter is invalid.
432 @retval EFI_UNSUPPORTED Invalid TLS/SSL session.
439 IN OUT UINT8
*SessionId
,
440 IN OUT UINT16
*SessionIdLen
444 return EFI_UNSUPPORTED
;
448 Gets the client random data used in the specified TLS connection.
450 This function returns the TLS/SSL client random data currently used in
451 the specified TLS connection.
453 @param[in] Tls Pointer to the TLS object.
454 @param[in,out] ClientRandom Buffer to contain the returned client
455 random data (32 bytes).
462 IN OUT UINT8
*ClientRandom
469 Gets the server random data used in the specified TLS connection.
471 This function returns the TLS/SSL server random data currently used in
472 the specified TLS connection.
474 @param[in] Tls Pointer to the TLS object.
475 @param[in,out] ServerRandom Buffer to contain the returned server
476 random data (32 bytes).
483 IN OUT UINT8
*ServerRandom
490 Gets the master key data used in the specified TLS connection.
492 This function returns the TLS/SSL master key material currently used in
493 the specified TLS connection.
495 @param[in] Tls Pointer to the TLS object.
496 @param[in,out] KeyMaterial Buffer to contain the returned key material.
498 @retval EFI_SUCCESS Key material was returned successfully.
499 @retval EFI_INVALID_PARAMETER The parameter is invalid.
500 @retval EFI_UNSUPPORTED Invalid TLS/SSL session.
507 IN OUT UINT8
*KeyMaterial
511 return EFI_UNSUPPORTED
;
515 Gets the CA Certificate from the cert store.
517 This function returns the CA certificate for the chosen
520 @param[in] Tls Pointer to the TLS object.
521 @param[out] Data Pointer to the data buffer to receive the CA
522 certificate data sent to the client.
523 @param[in,out] DataSize The size of data buffer in bytes.
525 @retval EFI_SUCCESS The operation succeeded.
526 @retval EFI_UNSUPPORTED This function is not supported.
527 @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data.
532 TlsGetCaCertificate (
535 IN OUT UINTN
*DataSize
539 return EFI_UNSUPPORTED
;
543 Gets the local public Certificate set in the specified TLS object.
545 This function returns the local public certificate which was currently set
546 in the specified TLS object.
548 @param[in] Tls Pointer to the TLS object.
549 @param[out] Data Pointer to the data buffer to receive the local
551 @param[in,out] DataSize The size of data buffer in bytes.
553 @retval EFI_SUCCESS The operation succeeded.
554 @retval EFI_INVALID_PARAMETER The parameter is invalid.
555 @retval EFI_NOT_FOUND The certificate is not found.
556 @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data.
561 TlsGetHostPublicCert (
564 IN OUT UINTN
*DataSize
568 return EFI_UNSUPPORTED
;
572 Gets the local private key set in the specified TLS object.
574 This function returns the local private key data which was currently set
575 in the specified TLS object.
577 @param[in] Tls Pointer to the TLS object.
578 @param[out] Data Pointer to the data buffer to receive the local
580 @param[in,out] DataSize The size of data buffer in bytes.
582 @retval EFI_SUCCESS The operation succeeded.
583 @retval EFI_UNSUPPORTED This function is not supported.
584 @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data.
589 TlsGetHostPrivateKey (
592 IN OUT UINTN
*DataSize
596 return EFI_UNSUPPORTED
;
600 Gets the CA-supplied certificate revocation list data set in the specified
603 This function returns the CA-supplied certificate revocation list data which
604 was currently set in the specified TLS object.
606 @param[out] Data Pointer to the data buffer to receive the CRL data.
607 @param[in,out] DataSize The size of data buffer in bytes.
609 @retval EFI_SUCCESS The operation succeeded.
610 @retval EFI_UNSUPPORTED This function is not supported.
611 @retval EFI_BUFFER_TOO_SMALL The Data is too small to hold the data.
616 TlsGetCertRevocationList (
618 IN OUT UINTN
*DataSize
622 return EFI_UNSUPPORTED
;