2 Miscellaneous routines specific to Https for HttpDxe driver.
4 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
5 (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
10 #include "HttpDriver.h"
13 Returns the first occurrence of a Null-terminated ASCII sub-string in a Null-terminated
14 ASCII string and ignore case during the search process.
16 This function scans the contents of the ASCII string specified by String
17 and returns the first occurrence of SearchString and ignore case during the search process.
18 If SearchString is not found in String, then NULL is returned. If the length of SearchString
19 is zero, then String is returned.
21 If String is NULL, then ASSERT().
22 If SearchString is NULL, then ASSERT().
24 @param[in] String A pointer to a Null-terminated ASCII string.
25 @param[in] SearchString A pointer to a Null-terminated ASCII string to search for.
27 @retval NULL If the SearchString does not appear in String.
28 @retval others If there is a match return the first occurrence of SearchingString.
29 If the length of SearchString is zero,return String.
34 IN CONST CHAR8
*String
,
35 IN CONST CHAR8
*SearchString
38 CONST CHAR8
*FirstMatch
;
39 CONST CHAR8
*SearchStringTmp
;
45 // ASSERT both strings are less long than PcdMaximumAsciiStringLength
47 ASSERT (AsciiStrSize (String
) != 0);
48 ASSERT (AsciiStrSize (SearchString
) != 0);
50 if (*SearchString
== '\0') {
51 return (CHAR8
*) String
;
54 while (*String
!= '\0') {
55 SearchStringTmp
= SearchString
;
58 while ((*SearchStringTmp
!= '\0')
59 && (*String
!= '\0')) {
61 Dst
= *SearchStringTmp
;
63 if ((Src
>= 'A') && (Src
<= 'Z')) {
67 if ((Dst
>= 'A') && (Dst
<= 'Z')) {
79 if (*SearchStringTmp
== '\0') {
80 return (CHAR8
*) FirstMatch
;
83 String
= FirstMatch
+ 1;
90 The callback function to free the net buffer list.
92 @param[in] Arg The opaque parameter.
101 ASSERT (Arg
!= NULL
);
103 NetbufFreeList ((LIST_ENTRY
*) Arg
);
108 Check whether the Url is from Https.
110 @param[in] Url The pointer to a HTTP or HTTPS URL string.
112 @retval TRUE The Url is from HTTPS.
113 @retval FALSE The Url is from HTTP.
125 Tmp
= AsciiStrCaseStr (Url
, HTTPS_FLAG
);
126 if (Tmp
!= NULL
&& Tmp
== Url
) {
134 Creates a Tls child handle, open EFI_TLS_PROTOCOL and EFI_TLS_CONFIGURATION_PROTOCOL.
136 @param[in] ImageHandle The firmware allocated handle for the UEFI image.
137 @param[out] TlsSb Pointer to the TLS SERVICE_BINDING_PROTOCOL.
138 @param[out] TlsProto Pointer to the EFI_TLS_PROTOCOL instance.
139 @param[out] TlsConfiguration Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
141 @return The child handle with opened EFI_TLS_PROTOCOL and EFI_TLS_CONFIGURATION_PROTOCOL.
147 IN EFI_HANDLE ImageHandle
,
148 OUT EFI_SERVICE_BINDING_PROTOCOL
**TlsSb
,
149 OUT EFI_TLS_PROTOCOL
**TlsProto
,
150 OUT EFI_TLS_CONFIGURATION_PROTOCOL
**TlsConfiguration
154 EFI_HANDLE TlsChildHandle
;
159 // Locate TlsServiceBinding protocol.
161 gBS
->LocateProtocol (
162 &gEfiTlsServiceBindingProtocolGuid
,
166 if (*TlsSb
== NULL
) {
170 Status
= (*TlsSb
)->CreateChild (*TlsSb
, &TlsChildHandle
);
171 if (EFI_ERROR (Status
)) {
175 Status
= gBS
->OpenProtocol (
177 &gEfiTlsProtocolGuid
,
181 EFI_OPEN_PROTOCOL_GET_PROTOCOL
183 if (EFI_ERROR (Status
)) {
184 (*TlsSb
)->DestroyChild (*TlsSb
, TlsChildHandle
);
188 Status
= gBS
->OpenProtocol (
190 &gEfiTlsConfigurationProtocolGuid
,
191 (VOID
**) TlsConfiguration
,
194 EFI_OPEN_PROTOCOL_GET_PROTOCOL
196 if (EFI_ERROR (Status
)) {
197 (*TlsSb
)->DestroyChild (*TlsSb
, TlsChildHandle
);
201 return TlsChildHandle
;
205 Create event for the TLS receive and transmit tokens which are used to receive and
206 transmit TLS related messages.
208 @param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure.
210 @retval EFI_SUCCESS The events are created successfully.
211 @retval others Other error as indicated.
217 IN OUT HTTP_PROTOCOL
*HttpInstance
222 if (!HttpInstance
->LocalAddressIsIPv6
) {
224 // For Tcp4TlsTxToken.
226 Status
= gBS
->CreateEvent (
230 &HttpInstance
->TlsIsTxDone
,
231 &HttpInstance
->Tcp4TlsTxToken
.CompletionToken
.Event
233 if (EFI_ERROR (Status
)) {
237 HttpInstance
->Tcp4TlsTxData
.Push
= TRUE
;
238 HttpInstance
->Tcp4TlsTxData
.Urgent
= FALSE
;
239 HttpInstance
->Tcp4TlsTxData
.DataLength
= 0;
240 HttpInstance
->Tcp4TlsTxData
.FragmentCount
= 1;
241 HttpInstance
->Tcp4TlsTxData
.FragmentTable
[0].FragmentLength
= HttpInstance
->Tcp4TlsTxData
.DataLength
;
242 HttpInstance
->Tcp4TlsTxData
.FragmentTable
[0].FragmentBuffer
= NULL
;
243 HttpInstance
->Tcp4TlsTxToken
.Packet
.TxData
= &HttpInstance
->Tcp4TlsTxData
;
244 HttpInstance
->Tcp4TlsTxToken
.CompletionToken
.Status
= EFI_NOT_READY
;
247 // For Tcp4TlsRxToken.
249 Status
= gBS
->CreateEvent (
253 &HttpInstance
->TlsIsRxDone
,
254 &HttpInstance
->Tcp4TlsRxToken
.CompletionToken
.Event
256 if (EFI_ERROR (Status
)) {
260 HttpInstance
->Tcp4TlsRxData
.DataLength
= 0;
261 HttpInstance
->Tcp4TlsRxData
.FragmentCount
= 1;
262 HttpInstance
->Tcp4TlsRxData
.FragmentTable
[0].FragmentLength
= HttpInstance
->Tcp4TlsRxData
.DataLength
;
263 HttpInstance
->Tcp4TlsRxData
.FragmentTable
[0].FragmentBuffer
= NULL
;
264 HttpInstance
->Tcp4TlsRxToken
.Packet
.RxData
= &HttpInstance
->Tcp4TlsRxData
;
265 HttpInstance
->Tcp4TlsRxToken
.CompletionToken
.Status
= EFI_NOT_READY
;
268 // For Tcp6TlsTxToken.
270 Status
= gBS
->CreateEvent (
274 &HttpInstance
->TlsIsTxDone
,
275 &HttpInstance
->Tcp6TlsTxToken
.CompletionToken
.Event
277 if (EFI_ERROR (Status
)) {
281 HttpInstance
->Tcp6TlsTxData
.Push
= TRUE
;
282 HttpInstance
->Tcp6TlsTxData
.Urgent
= FALSE
;
283 HttpInstance
->Tcp6TlsTxData
.DataLength
= 0;
284 HttpInstance
->Tcp6TlsTxData
.FragmentCount
= 1;
285 HttpInstance
->Tcp6TlsTxData
.FragmentTable
[0].FragmentLength
= HttpInstance
->Tcp6TlsTxData
.DataLength
;
286 HttpInstance
->Tcp6TlsTxData
.FragmentTable
[0].FragmentBuffer
= NULL
;
287 HttpInstance
->Tcp6TlsTxToken
.Packet
.TxData
= &HttpInstance
->Tcp6TlsTxData
;
288 HttpInstance
->Tcp6TlsTxToken
.CompletionToken
.Status
= EFI_NOT_READY
;
291 // For Tcp6TlsRxToken.
293 Status
= gBS
->CreateEvent (
297 &HttpInstance
->TlsIsRxDone
,
298 &HttpInstance
->Tcp6TlsRxToken
.CompletionToken
.Event
300 if (EFI_ERROR (Status
)) {
304 HttpInstance
->Tcp6TlsRxData
.DataLength
= 0;
305 HttpInstance
->Tcp6TlsRxData
.FragmentCount
= 1;
306 HttpInstance
->Tcp6TlsRxData
.FragmentTable
[0].FragmentLength
= HttpInstance
->Tcp6TlsRxData
.DataLength
;
307 HttpInstance
->Tcp6TlsRxData
.FragmentTable
[0].FragmentBuffer
= NULL
;
308 HttpInstance
->Tcp6TlsRxToken
.Packet
.RxData
= &HttpInstance
->Tcp6TlsRxData
;
309 HttpInstance
->Tcp6TlsRxToken
.CompletionToken
.Status
= EFI_NOT_READY
;
318 TlsCloseTxRxEvent (HttpInstance
);
324 Close events in the TlsTxToken and TlsRxToken.
326 @param[in] HttpInstance Pointer to HTTP_PROTOCOL structure.
332 IN HTTP_PROTOCOL
*HttpInstance
335 ASSERT (HttpInstance
!= NULL
);
336 if (!HttpInstance
->LocalAddressIsIPv6
) {
337 if (NULL
!= HttpInstance
->Tcp4TlsTxToken
.CompletionToken
.Event
) {
338 gBS
->CloseEvent(HttpInstance
->Tcp4TlsTxToken
.CompletionToken
.Event
);
339 HttpInstance
->Tcp4TlsTxToken
.CompletionToken
.Event
= NULL
;
342 if (NULL
!= HttpInstance
->Tcp4TlsRxToken
.CompletionToken
.Event
) {
343 gBS
->CloseEvent (HttpInstance
->Tcp4TlsRxToken
.CompletionToken
.Event
);
344 HttpInstance
->Tcp4TlsRxToken
.CompletionToken
.Event
= NULL
;
347 if (NULL
!= HttpInstance
->Tcp6TlsTxToken
.CompletionToken
.Event
) {
348 gBS
->CloseEvent(HttpInstance
->Tcp6TlsTxToken
.CompletionToken
.Event
);
349 HttpInstance
->Tcp6TlsTxToken
.CompletionToken
.Event
= NULL
;
352 if (NULL
!= HttpInstance
->Tcp6TlsRxToken
.CompletionToken
.Event
) {
353 gBS
->CloseEvent (HttpInstance
->Tcp6TlsRxToken
.CompletionToken
.Event
);
354 HttpInstance
->Tcp6TlsRxToken
.CompletionToken
.Event
= NULL
;
360 Read the TlsCaCertificate variable and configure it.
362 @param[in, out] HttpInstance The HTTP instance private data.
364 @retval EFI_SUCCESS TlsCaCertificate is configured.
365 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
366 @retval EFI_NOT_FOUND Fail to get 'TlsCaCertificate' variable.
367 @retval Others Other error as indicated.
371 TlsConfigCertificate (
372 IN OUT HTTP_PROTOCOL
*HttpInstance
379 EFI_SIGNATURE_LIST
*CertList
;
380 EFI_SIGNATURE_DATA
*Cert
;
381 UINTN CertArraySizeInBytes
;
389 // Try to read the TlsCaCertificate variable.
391 Status
= gRT
->GetVariable (
392 EFI_TLS_CA_CERTIFICATE_VARIABLE
,
393 &gEfiTlsCaCertificateGuid
,
399 if (EFI_ERROR (Status
) && Status
!= EFI_BUFFER_TOO_SMALL
) {
404 // Allocate buffer and read the config variable.
406 CACert
= AllocatePool (CACertSize
);
407 if (CACert
== NULL
) {
408 return EFI_OUT_OF_RESOURCES
;
411 Status
= gRT
->GetVariable (
412 EFI_TLS_CA_CERTIFICATE_VARIABLE
,
413 &gEfiTlsCaCertificateGuid
,
418 if (EFI_ERROR (Status
)) {
420 // GetVariable still error or the variable is corrupted.
425 ASSERT (CACert
!= NULL
);
430 Status
= EFI_INVALID_PARAMETER
;
432 ItemDataSize
= (UINT32
) CACertSize
;
433 while (ItemDataSize
> 0) {
434 if (ItemDataSize
< sizeof (EFI_SIGNATURE_LIST
)) {
435 DEBUG ((DEBUG_ERROR
, "%a: truncated EFI_SIGNATURE_LIST header\n",
440 CertList
= (EFI_SIGNATURE_LIST
*) (CACert
+ (CACertSize
- ItemDataSize
));
442 if (CertList
->SignatureListSize
< sizeof (EFI_SIGNATURE_LIST
)) {
444 "%a: SignatureListSize too small for EFI_SIGNATURE_LIST\n",
449 if (CertList
->SignatureListSize
> ItemDataSize
) {
450 DEBUG ((DEBUG_ERROR
, "%a: truncated EFI_SIGNATURE_LIST body\n",
455 if (!CompareGuid (&CertList
->SignatureType
, &gEfiCertX509Guid
)) {
456 DEBUG ((DEBUG_ERROR
, "%a: only X509 certificates are supported\n",
458 Status
= EFI_UNSUPPORTED
;
462 if (CertList
->SignatureHeaderSize
!= 0) {
463 DEBUG ((DEBUG_ERROR
, "%a: SignatureHeaderSize must be 0 for X509\n",
468 if (CertList
->SignatureSize
< sizeof (EFI_SIGNATURE_DATA
)) {
470 "%a: SignatureSize too small for EFI_SIGNATURE_DATA\n", __FUNCTION__
));
474 CertArraySizeInBytes
= (CertList
->SignatureListSize
-
475 sizeof (EFI_SIGNATURE_LIST
));
476 if (CertArraySizeInBytes
% CertList
->SignatureSize
!= 0) {
478 "%a: EFI_SIGNATURE_DATA array not a multiple of SignatureSize\n",
483 CertCount
+= CertArraySizeInBytes
/ CertList
->SignatureSize
;
484 ItemDataSize
-= CertList
->SignatureListSize
;
486 if (CertCount
== 0) {
487 DEBUG ((DEBUG_ERROR
, "%a: no X509 certificates provided\n", __FUNCTION__
));
492 // Enumerate all data and erasing the target item.
494 ItemDataSize
= (UINT32
) CACertSize
;
495 CertList
= (EFI_SIGNATURE_LIST
*) CACert
;
496 while ((ItemDataSize
> 0) && (ItemDataSize
>= CertList
->SignatureListSize
)) {
497 Cert
= (EFI_SIGNATURE_DATA
*) ((UINT8
*) CertList
+ sizeof (EFI_SIGNATURE_LIST
) + CertList
->SignatureHeaderSize
);
498 CertCount
= (CertList
->SignatureListSize
- sizeof (EFI_SIGNATURE_LIST
) - CertList
->SignatureHeaderSize
) / CertList
->SignatureSize
;
499 for (Index
= 0; Index
< CertCount
; Index
++) {
501 // EfiTlsConfigDataTypeCACertificate
503 Status
= HttpInstance
->TlsConfiguration
->SetData (
504 HttpInstance
->TlsConfiguration
,
505 EfiTlsConfigDataTypeCACertificate
,
507 CertList
->SignatureSize
- sizeof (Cert
->SignatureOwner
)
509 if (EFI_ERROR (Status
)) {
513 Cert
= (EFI_SIGNATURE_DATA
*) ((UINT8
*) Cert
+ CertList
->SignatureSize
);
516 ItemDataSize
-= CertList
->SignatureListSize
;
517 CertList
= (EFI_SIGNATURE_LIST
*) ((UINT8
*) CertList
+ CertList
->SignatureListSize
);
526 Read the HttpTlsCipherList variable and configure it for HTTPS session.
528 @param[in, out] HttpInstance The HTTP instance private data.
530 @retval EFI_SUCCESS The prefered HTTP TLS CipherList is configured.
531 @retval EFI_NOT_FOUND Fail to get 'HttpTlsCipherList' variable.
532 @retval EFI_INVALID_PARAMETER The contents of variable are invalid.
533 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
535 @retval Others Other error as indicated.
539 TlsConfigCipherList (
540 IN OUT HTTP_PROTOCOL
*HttpInstance
545 UINTN CipherListSize
;
551 // Try to read the HttpTlsCipherList variable.
553 Status
= gRT
->GetVariable (
554 EDKII_HTTP_TLS_CIPHER_LIST_VARIABLE
,
555 &gEdkiiHttpTlsCipherListGuid
,
560 ASSERT (EFI_ERROR (Status
));
561 if (Status
!= EFI_BUFFER_TOO_SMALL
) {
565 if (CipherListSize
% sizeof (EFI_TLS_CIPHER
) != 0) {
566 return EFI_INVALID_PARAMETER
;
570 // Allocate buffer and read the config variable.
572 CipherList
= AllocatePool (CipherListSize
);
573 if (CipherList
== NULL
) {
574 return EFI_OUT_OF_RESOURCES
;
577 Status
= gRT
->GetVariable (
578 EDKII_HTTP_TLS_CIPHER_LIST_VARIABLE
,
579 &gEdkiiHttpTlsCipherListGuid
,
584 if (EFI_ERROR (Status
)) {
586 // GetVariable still error or the variable is corrupted.
591 ASSERT (CipherList
!= NULL
);
593 Status
= HttpInstance
->Tls
->SetSessionData (
601 FreePool (CipherList
);
607 Configure TLS session data.
609 @param[in, out] HttpInstance The HTTP instance private data.
611 @retval EFI_SUCCESS TLS session data is configured.
612 @retval Others Other error as indicated.
617 TlsConfigureSession (
618 IN OUT HTTP_PROTOCOL
*HttpInstance
624 // TlsConfigData initialization
626 HttpInstance
->TlsConfigData
.ConnectionEnd
= EfiTlsClient
;
627 HttpInstance
->TlsConfigData
.VerifyMethod
= EFI_TLS_VERIFY_PEER
;
628 HttpInstance
->TlsConfigData
.VerifyHost
.Flags
= EFI_TLS_VERIFY_FLAG_NO_WILDCARDS
;
629 HttpInstance
->TlsConfigData
.VerifyHost
.HostName
= HttpInstance
->RemoteHost
;
630 HttpInstance
->TlsConfigData
.SessionState
= EfiTlsSessionNotStarted
;
633 // EfiTlsConnectionEnd,
634 // EfiTlsVerifyMethod,
636 // EfiTlsSessionState
638 Status
= HttpInstance
->Tls
->SetSessionData (
641 &(HttpInstance
->TlsConfigData
.ConnectionEnd
),
642 sizeof (EFI_TLS_CONNECTION_END
)
644 if (EFI_ERROR (Status
)) {
648 Status
= HttpInstance
->Tls
->SetSessionData (
651 &HttpInstance
->TlsConfigData
.VerifyMethod
,
652 sizeof (EFI_TLS_VERIFY
)
654 if (EFI_ERROR (Status
)) {
658 Status
= HttpInstance
->Tls
->SetSessionData (
661 &HttpInstance
->TlsConfigData
.VerifyHost
,
662 sizeof (EFI_TLS_VERIFY_HOST
)
664 if (EFI_ERROR (Status
)) {
668 Status
= HttpInstance
->Tls
->SetSessionData (
671 &(HttpInstance
->TlsConfigData
.SessionState
),
672 sizeof (EFI_TLS_SESSION_STATE
)
674 if (EFI_ERROR (Status
)) {
681 Status
= TlsConfigCipherList (HttpInstance
);
682 if (EFI_ERROR (Status
) && Status
!= EFI_NOT_FOUND
) {
683 DEBUG ((EFI_D_ERROR
, "TlsConfigCipherList: return %r error.\n", Status
));
688 // Tls Config Certificate
690 Status
= TlsConfigCertificate (HttpInstance
);
691 if (EFI_ERROR (Status
)) {
692 DEBUG ((EFI_D_ERROR
, "TLS Certificate Config Error!\n"));
697 // TlsCreateTxRxEvent
699 Status
= TlsCreateTxRxEvent (HttpInstance
);
700 if (EFI_ERROR (Status
)) {
707 TlsCloseTxRxEvent (HttpInstance
);
713 Transmit the Packet by processing the associated HTTPS token.
715 @param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure.
716 @param[in] Packet The packet to transmit.
718 @retval EFI_SUCCESS The packet is transmitted.
719 @retval EFI_INVALID_PARAMETER HttpInstance is NULL or Packet is NULL.
720 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
721 @retval EFI_DEVICE_ERROR An unexpected system or network error occurred.
722 @retval Others Other errors as indicated.
728 IN OUT HTTP_PROTOCOL
*HttpInstance
,
736 if ((HttpInstance
== NULL
) || (Packet
== NULL
)) {
737 return EFI_INVALID_PARAMETER
;
740 if (!HttpInstance
->LocalAddressIsIPv6
) {
741 Size
= sizeof (EFI_TCP4_TRANSMIT_DATA
) +
742 (Packet
->BlockOpNum
- 1) * sizeof (EFI_TCP4_FRAGMENT_DATA
);
744 Size
= sizeof (EFI_TCP6_TRANSMIT_DATA
) +
745 (Packet
->BlockOpNum
- 1) * sizeof (EFI_TCP6_FRAGMENT_DATA
);
748 Data
= AllocatePool (Size
);
750 return EFI_OUT_OF_RESOURCES
;
753 if (!HttpInstance
->LocalAddressIsIPv6
) {
754 ((EFI_TCP4_TRANSMIT_DATA
*) Data
)->Push
= TRUE
;
755 ((EFI_TCP4_TRANSMIT_DATA
*) Data
)->Urgent
= FALSE
;
756 ((EFI_TCP4_TRANSMIT_DATA
*) Data
)->DataLength
= Packet
->TotalSize
;
759 // Build the fragment table.
761 ((EFI_TCP4_TRANSMIT_DATA
*) Data
)->FragmentCount
= Packet
->BlockOpNum
;
765 (NET_FRAGMENT
*) &((EFI_TCP4_TRANSMIT_DATA
*) Data
)->FragmentTable
[0],
766 &((EFI_TCP4_TRANSMIT_DATA
*) Data
)->FragmentCount
769 HttpInstance
->Tcp4TlsTxToken
.Packet
.TxData
= (EFI_TCP4_TRANSMIT_DATA
*) Data
;
771 Status
= EFI_DEVICE_ERROR
;
774 // Transmit the packet.
776 Status
= HttpInstance
->Tcp4
->Transmit (HttpInstance
->Tcp4
, &HttpInstance
->Tcp4TlsTxToken
);
777 if (EFI_ERROR (Status
)) {
781 while (!HttpInstance
->TlsIsTxDone
) {
782 HttpInstance
->Tcp4
->Poll (HttpInstance
->Tcp4
);
785 HttpInstance
->TlsIsTxDone
= FALSE
;
786 Status
= HttpInstance
->Tcp4TlsTxToken
.CompletionToken
.Status
;
788 ((EFI_TCP6_TRANSMIT_DATA
*) Data
)->Push
= TRUE
;
789 ((EFI_TCP6_TRANSMIT_DATA
*) Data
)->Urgent
= FALSE
;
790 ((EFI_TCP6_TRANSMIT_DATA
*) Data
)->DataLength
= Packet
->TotalSize
;
793 // Build the fragment table.
795 ((EFI_TCP6_TRANSMIT_DATA
*) Data
)->FragmentCount
= Packet
->BlockOpNum
;
799 (NET_FRAGMENT
*) &((EFI_TCP6_TRANSMIT_DATA
*) Data
)->FragmentTable
[0],
800 &((EFI_TCP6_TRANSMIT_DATA
*) Data
)->FragmentCount
803 HttpInstance
->Tcp6TlsTxToken
.Packet
.TxData
= (EFI_TCP6_TRANSMIT_DATA
*) Data
;
805 Status
= EFI_DEVICE_ERROR
;
808 // Transmit the packet.
810 Status
= HttpInstance
->Tcp6
->Transmit (HttpInstance
->Tcp6
, &HttpInstance
->Tcp6TlsTxToken
);
811 if (EFI_ERROR (Status
)) {
815 while (!HttpInstance
->TlsIsTxDone
) {
816 HttpInstance
->Tcp6
->Poll (HttpInstance
->Tcp6
);
819 HttpInstance
->TlsIsTxDone
= FALSE
;
820 Status
= HttpInstance
->Tcp6TlsTxToken
.CompletionToken
.Status
;
830 Receive the Packet by processing the associated HTTPS token.
832 @param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure.
833 @param[in] Packet The packet to transmit.
834 @param[in] Timeout The time to wait for connection done.
836 @retval EFI_SUCCESS The Packet is received.
837 @retval EFI_INVALID_PARAMETER HttpInstance is NULL or Packet is NULL.
838 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
839 @retval EFI_TIMEOUT The operation is time out.
840 @retval Others Other error as indicated.
846 IN OUT HTTP_PROTOCOL
*HttpInstance
,
851 EFI_TCP4_RECEIVE_DATA
*Tcp4RxData
;
852 EFI_TCP6_RECEIVE_DATA
*Tcp6RxData
;
854 NET_FRAGMENT
*Fragment
;
855 UINT32 FragmentCount
;
856 UINT32 CurrentFragment
;
861 if ((HttpInstance
== NULL
) || (Packet
== NULL
)) {
862 return EFI_INVALID_PARAMETER
;
865 FragmentCount
= Packet
->BlockOpNum
;
866 Fragment
= AllocatePool (FragmentCount
* sizeof (NET_FRAGMENT
));
867 if (Fragment
== NULL
) {
868 Status
= EFI_OUT_OF_RESOURCES
;
873 // Build the fragment table.
875 NetbufBuildExt (Packet
, Fragment
, &FragmentCount
);
877 if (!HttpInstance
->LocalAddressIsIPv6
) {
878 Tcp4RxData
= HttpInstance
->Tcp4TlsRxToken
.Packet
.RxData
;
879 if (Tcp4RxData
== NULL
) {
880 return EFI_INVALID_PARAMETER
;
882 Tcp4RxData
->FragmentCount
= 1;
884 Tcp6RxData
= HttpInstance
->Tcp6TlsRxToken
.Packet
.RxData
;
885 if (Tcp6RxData
== NULL
) {
886 return EFI_INVALID_PARAMETER
;
888 Tcp6RxData
->FragmentCount
= 1;
892 Status
= EFI_SUCCESS
;
894 while (CurrentFragment
< FragmentCount
) {
895 if (!HttpInstance
->LocalAddressIsIPv6
) {
896 Tcp4RxData
->DataLength
= Fragment
[CurrentFragment
].Len
;
897 Tcp4RxData
->FragmentTable
[0].FragmentLength
= Fragment
[CurrentFragment
].Len
;
898 Tcp4RxData
->FragmentTable
[0].FragmentBuffer
= Fragment
[CurrentFragment
].Bulk
;
899 Status
= HttpInstance
->Tcp4
->Receive (HttpInstance
->Tcp4
, &HttpInstance
->Tcp4TlsRxToken
);
901 Tcp6RxData
->DataLength
= Fragment
[CurrentFragment
].Len
;
902 Tcp6RxData
->FragmentTable
[0].FragmentLength
= Fragment
[CurrentFragment
].Len
;
903 Tcp6RxData
->FragmentTable
[0].FragmentBuffer
= Fragment
[CurrentFragment
].Bulk
;
904 Status
= HttpInstance
->Tcp6
->Receive (HttpInstance
->Tcp6
, &HttpInstance
->Tcp6TlsRxToken
);
906 if (EFI_ERROR (Status
)) {
910 while (!HttpInstance
->TlsIsRxDone
&& ((Timeout
== NULL
) || EFI_ERROR (gBS
->CheckEvent (Timeout
)))) {
912 // Poll until some data is received or an error occurs.
914 if (!HttpInstance
->LocalAddressIsIPv6
) {
915 HttpInstance
->Tcp4
->Poll (HttpInstance
->Tcp4
);
917 HttpInstance
->Tcp6
->Poll (HttpInstance
->Tcp6
);
921 if (!HttpInstance
->TlsIsRxDone
) {
923 // Timeout occurs, cancel the receive request.
925 if (!HttpInstance
->LocalAddressIsIPv6
) {
926 HttpInstance
->Tcp4
->Cancel (HttpInstance
->Tcp4
, &HttpInstance
->Tcp4TlsRxToken
.CompletionToken
);
928 HttpInstance
->Tcp6
->Cancel (HttpInstance
->Tcp6
, &HttpInstance
->Tcp6TlsRxToken
.CompletionToken
);
931 Status
= EFI_TIMEOUT
;
934 HttpInstance
->TlsIsRxDone
= FALSE
;
937 if (!HttpInstance
->LocalAddressIsIPv6
) {
938 Status
= HttpInstance
->Tcp4TlsRxToken
.CompletionToken
.Status
;
939 if (EFI_ERROR (Status
)) {
943 Fragment
[CurrentFragment
].Len
-= Tcp4RxData
->FragmentTable
[0].FragmentLength
;
944 if (Fragment
[CurrentFragment
].Len
== 0) {
947 Fragment
[CurrentFragment
].Bulk
+= Tcp4RxData
->FragmentTable
[0].FragmentLength
;
950 Status
= HttpInstance
->Tcp6TlsRxToken
.CompletionToken
.Status
;
951 if (EFI_ERROR (Status
)) {
955 Fragment
[CurrentFragment
].Len
-= Tcp6RxData
->FragmentTable
[0].FragmentLength
;
956 if (Fragment
[CurrentFragment
].Len
== 0) {
959 Fragment
[CurrentFragment
].Bulk
+= Tcp6RxData
->FragmentTable
[0].FragmentLength
;
966 if (Fragment
!= NULL
) {
974 Receive one TLS PDU. An TLS PDU contains an TLS record header and it's
975 corresponding record data. These two parts will be put into two blocks of buffers in the
978 @param[in, out] HttpInstance Pointer to HTTP_PROTOCOL structure.
979 @param[out] Pdu The received TLS PDU.
980 @param[in] Timeout The time to wait for connection done.
982 @retval EFI_SUCCESS An TLS PDU is received.
983 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
984 @retval EFI_PROTOCOL_ERROR An unexpected TLS packet was received.
985 @retval Others Other errors as indicated.
991 IN OUT HTTP_PROTOCOL
*HttpInstance
,
998 LIST_ENTRY
*NbufList
;
1004 TLS_RECORD_HEADER RecordHeader
;
1013 NbufList
= AllocatePool (sizeof (LIST_ENTRY
));
1014 if (NbufList
== NULL
) {
1015 return EFI_OUT_OF_RESOURCES
;
1018 InitializeListHead (NbufList
);
1021 // Allocate buffer to receive one TLS header.
1023 Len
= TLS_RECORD_HEADER_LENGTH
;
1024 PduHdr
= NetbufAlloc (Len
);
1025 if (PduHdr
== NULL
) {
1026 Status
= EFI_OUT_OF_RESOURCES
;
1030 Header
= NetbufAllocSpace (PduHdr
, Len
, NET_BUF_TAIL
);
1031 if (Header
== NULL
) {
1032 Status
= EFI_OUT_OF_RESOURCES
;
1037 // First step, receive one TLS header.
1039 Status
= TlsCommonReceive (HttpInstance
, PduHdr
, Timeout
);
1040 if (EFI_ERROR (Status
)) {
1044 RecordHeader
= *(TLS_RECORD_HEADER
*) Header
;
1045 if ((RecordHeader
.ContentType
== TlsContentTypeHandshake
||
1046 RecordHeader
.ContentType
== TlsContentTypeAlert
||
1047 RecordHeader
.ContentType
== TlsContentTypeChangeCipherSpec
||
1048 RecordHeader
.ContentType
== TlsContentTypeApplicationData
) &&
1049 (RecordHeader
.Version
.Major
== 0x03) && /// Major versions are same.
1050 (RecordHeader
.Version
.Minor
== TLS10_PROTOCOL_VERSION_MINOR
||
1051 RecordHeader
.Version
.Minor
==TLS11_PROTOCOL_VERSION_MINOR
||
1052 RecordHeader
.Version
.Minor
== TLS12_PROTOCOL_VERSION_MINOR
)
1054 InsertTailList (NbufList
, &PduHdr
->List
);
1056 Status
= EFI_PROTOCOL_ERROR
;
1060 Len
= SwapBytes16(RecordHeader
.Length
);
1069 // Allocate buffer to receive one TLS payload.
1071 DataSeg
= NetbufAlloc (Len
);
1072 if (DataSeg
== NULL
) {
1073 Status
= EFI_OUT_OF_RESOURCES
;
1077 NetbufAllocSpace (DataSeg
, Len
, NET_BUF_TAIL
);
1080 // Second step, receive one TLS payload.
1082 Status
= TlsCommonReceive (HttpInstance
, DataSeg
, Timeout
);
1083 if (EFI_ERROR (Status
)) {
1087 InsertTailList (NbufList
, &DataSeg
->List
);
1091 // Form the PDU from a list of PDU.
1093 *Pdu
= NetbufFromBufList (NbufList
, 0, 0, FreeNbufList
, NbufList
);
1095 Status
= EFI_OUT_OF_RESOURCES
;
1100 if (EFI_ERROR (Status
)) {
1102 // Free the Nbufs in this NbufList and the NbufList itself.
1104 FreeNbufList (NbufList
);
1111 Connect one TLS session by finishing the TLS handshake process.
1113 @param[in] HttpInstance The HTTP instance private data.
1114 @param[in] Timeout The time to wait for connection done.
1116 @retval EFI_SUCCESS The TLS session is established.
1117 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
1118 @retval EFI_ABORTED TLS session state is incorrect.
1119 @retval Others Other error as indicated.
1125 IN HTTP_PROTOCOL
*HttpInstance
,
1126 IN EFI_EVENT Timeout
1131 UINTN BufferOutSize
;
1137 UINT8
*GetSessionDataBuffer
;
1138 UINTN GetSessionDataBufferSize
;
1147 // Initialize TLS state.
1149 HttpInstance
->TlsSessionState
= EfiTlsSessionNotStarted
;
1150 Status
= HttpInstance
->Tls
->SetSessionData (
1153 &(HttpInstance
->TlsSessionState
),
1154 sizeof (EFI_TLS_SESSION_STATE
)
1156 if (EFI_ERROR (Status
)) {
1161 // Create ClientHello
1163 BufferOutSize
= DEF_BUF_LEN
;
1164 BufferOut
= AllocateZeroPool (BufferOutSize
);
1165 if (BufferOut
== NULL
) {
1166 Status
= EFI_OUT_OF_RESOURCES
;
1170 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1177 if (Status
== EFI_BUFFER_TOO_SMALL
) {
1178 FreePool (BufferOut
);
1179 BufferOut
= AllocateZeroPool (BufferOutSize
);
1180 if (BufferOut
== NULL
) {
1181 Status
= EFI_OUT_OF_RESOURCES
;
1185 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1193 if (EFI_ERROR (Status
)) {
1194 FreePool (BufferOut
);
1199 // Transmit ClientHello
1201 PacketOut
= NetbufAlloc ((UINT32
) BufferOutSize
);
1202 DataOut
= NetbufAllocSpace (PacketOut
, (UINT32
) BufferOutSize
, NET_BUF_TAIL
);
1203 if (DataOut
== NULL
) {
1204 FreePool (BufferOut
);
1205 return EFI_OUT_OF_RESOURCES
;
1208 CopyMem (DataOut
, BufferOut
, BufferOutSize
);
1209 Status
= TlsCommonTransmit (HttpInstance
, PacketOut
);
1211 FreePool (BufferOut
);
1212 NetbufFree (PacketOut
);
1214 if (EFI_ERROR (Status
)) {
1218 while(HttpInstance
->TlsSessionState
!= EfiTlsSessionDataTransferring
&& \
1219 ((Timeout
== NULL
) || EFI_ERROR (gBS
->CheckEvent (Timeout
)))) {
1221 // Receive one TLS record.
1223 Status
= TlsReceiveOnePdu (HttpInstance
, &Pdu
, Timeout
);
1224 if (EFI_ERROR (Status
)) {
1228 BufferInSize
= Pdu
->TotalSize
;
1229 BufferIn
= AllocateZeroPool (BufferInSize
);
1230 if (BufferIn
== NULL
) {
1232 Status
= EFI_OUT_OF_RESOURCES
;
1236 NetbufCopy (Pdu
, 0, (UINT32
)BufferInSize
, BufferIn
);
1241 // Handle Receive data.
1243 BufferOutSize
= DEF_BUF_LEN
;
1244 BufferOut
= AllocateZeroPool (BufferOutSize
);
1245 if (BufferOut
== NULL
) {
1246 Status
= EFI_OUT_OF_RESOURCES
;
1250 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1257 if (Status
== EFI_BUFFER_TOO_SMALL
) {
1258 FreePool (BufferOut
);
1259 BufferOut
= AllocateZeroPool (BufferOutSize
);
1260 if (BufferOut
== NULL
) {
1261 FreePool (BufferIn
);
1262 Status
= EFI_OUT_OF_RESOURCES
;
1266 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1275 FreePool (BufferIn
);
1277 if (EFI_ERROR (Status
)) {
1278 FreePool (BufferOut
);
1282 if (BufferOutSize
!= 0) {
1284 // Transmit the response packet.
1286 PacketOut
= NetbufAlloc ((UINT32
) BufferOutSize
);
1287 DataOut
= NetbufAllocSpace (PacketOut
, (UINT32
) BufferOutSize
, NET_BUF_TAIL
);
1288 if (DataOut
== NULL
) {
1289 FreePool (BufferOut
);
1290 return EFI_OUT_OF_RESOURCES
;
1293 CopyMem (DataOut
, BufferOut
, BufferOutSize
);
1295 Status
= TlsCommonTransmit (HttpInstance
, PacketOut
);
1297 NetbufFree (PacketOut
);
1299 if (EFI_ERROR (Status
)) {
1300 FreePool (BufferOut
);
1305 FreePool (BufferOut
);
1308 // Get the session state, then decide whether need to continue handle received packet.
1310 GetSessionDataBufferSize
= DEF_BUF_LEN
;
1311 GetSessionDataBuffer
= AllocateZeroPool (GetSessionDataBufferSize
);
1312 if (GetSessionDataBuffer
== NULL
) {
1313 Status
= EFI_OUT_OF_RESOURCES
;
1317 Status
= HttpInstance
->Tls
->GetSessionData (
1320 GetSessionDataBuffer
,
1321 &GetSessionDataBufferSize
1323 if (Status
== EFI_BUFFER_TOO_SMALL
) {
1324 FreePool (GetSessionDataBuffer
);
1325 GetSessionDataBuffer
= AllocateZeroPool (GetSessionDataBufferSize
);
1326 if (GetSessionDataBuffer
== NULL
) {
1327 Status
= EFI_OUT_OF_RESOURCES
;
1331 Status
= HttpInstance
->Tls
->GetSessionData (
1334 GetSessionDataBuffer
,
1335 &GetSessionDataBufferSize
1338 if (EFI_ERROR (Status
)) {
1339 FreePool(GetSessionDataBuffer
);
1343 ASSERT(GetSessionDataBufferSize
== sizeof (EFI_TLS_SESSION_STATE
));
1344 HttpInstance
->TlsSessionState
= *(EFI_TLS_SESSION_STATE
*) GetSessionDataBuffer
;
1346 FreePool (GetSessionDataBuffer
);
1348 if(HttpInstance
->TlsSessionState
== EfiTlsSessionError
) {
1353 if (HttpInstance
->TlsSessionState
!= EfiTlsSessionDataTransferring
) {
1354 Status
= EFI_ABORTED
;
1361 Close the TLS session and send out the close notification message.
1363 @param[in] HttpInstance The HTTP instance private data.
1365 @retval EFI_SUCCESS The TLS session is closed.
1366 @retval EFI_INVALID_PARAMETER HttpInstance is NULL.
1367 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
1368 @retval Others Other error as indicated.
1374 IN HTTP_PROTOCOL
*HttpInstance
1380 UINTN BufferOutSize
;
1385 Status
= EFI_SUCCESS
;
1390 if (HttpInstance
== NULL
) {
1391 return EFI_INVALID_PARAMETER
;
1394 HttpInstance
->TlsSessionState
= EfiTlsSessionClosing
;
1396 Status
= HttpInstance
->Tls
->SetSessionData (
1399 &(HttpInstance
->TlsSessionState
),
1400 sizeof (EFI_TLS_SESSION_STATE
)
1402 if (EFI_ERROR (Status
)) {
1406 BufferOutSize
= DEF_BUF_LEN
;
1407 BufferOut
= AllocateZeroPool (BufferOutSize
);
1408 if (BufferOut
== NULL
) {
1409 Status
= EFI_OUT_OF_RESOURCES
;
1413 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1420 if (Status
== EFI_BUFFER_TOO_SMALL
) {
1421 FreePool (BufferOut
);
1422 BufferOut
= AllocateZeroPool (BufferOutSize
);
1423 if (BufferOut
== NULL
) {
1424 Status
= EFI_OUT_OF_RESOURCES
;
1428 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1437 if (EFI_ERROR (Status
)) {
1438 FreePool (BufferOut
);
1442 PacketOut
= NetbufAlloc ((UINT32
) BufferOutSize
);
1443 DataOut
= NetbufAllocSpace (PacketOut
, (UINT32
) BufferOutSize
, NET_BUF_TAIL
);
1444 if (DataOut
== NULL
) {
1445 FreePool (BufferOut
);
1446 return EFI_OUT_OF_RESOURCES
;
1449 CopyMem (DataOut
, BufferOut
, BufferOutSize
);
1451 Status
= TlsCommonTransmit (HttpInstance
, PacketOut
);
1453 FreePool (BufferOut
);
1454 NetbufFree (PacketOut
);
1460 Process one message according to the CryptMode.
1462 @param[in] HttpInstance Pointer to HTTP_PROTOCOL structure.
1463 @param[in] Message Pointer to the message buffer needed to processed.
1464 If ProcessMode is EfiTlsEncrypt, the message contain the TLS
1465 header and plain text TLS APP payload.
1466 If ProcessMode is EfiTlsDecrypt, the message contain the TLS
1467 header and cipher text TLS APP payload.
1468 @param[in] MessageSize Pointer to the message buffer size.
1469 @param[in] ProcessMode Process mode.
1470 @param[in, out] Fragment Only one Fragment returned after the Message is
1471 processed successfully.
1472 If ProcessMode is EfiTlsEncrypt, the fragment contain the TLS
1473 header and cipher text TLS APP payload.
1474 If ProcessMode is EfiTlsDecrypt, the fragment contain the TLS
1475 header and plain text TLS APP payload.
1477 @retval EFI_SUCCESS Message is processed successfully.
1478 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
1479 @retval Others Other errors as indicated.
1485 IN HTTP_PROTOCOL
*HttpInstance
,
1487 IN UINTN MessageSize
,
1488 IN EFI_TLS_CRYPT_MODE ProcessMode
,
1489 IN OUT NET_FRAGMENT
*Fragment
1496 EFI_TLS_FRAGMENT_DATA
*FragmentTable
;
1497 UINT32 FragmentCount
;
1498 EFI_TLS_FRAGMENT_DATA
*OriginalFragmentTable
;
1501 Status
= EFI_SUCCESS
;
1505 FragmentTable
= NULL
;
1506 OriginalFragmentTable
= NULL
;
1509 // Rebuild fragment table from BufferIn.
1512 FragmentTable
= AllocateZeroPool (FragmentCount
* sizeof (EFI_TLS_FRAGMENT_DATA
));
1513 if (FragmentTable
== NULL
) {
1514 Status
= EFI_OUT_OF_RESOURCES
;
1518 FragmentTable
->FragmentLength
= (UINT32
) MessageSize
;
1519 FragmentTable
->FragmentBuffer
= Message
;
1522 // Record the original FragmentTable.
1524 OriginalFragmentTable
= FragmentTable
;
1527 // Process the Message.
1529 Status
= HttpInstance
->Tls
->ProcessPacket (
1535 if (EFI_ERROR (Status
)) {
1540 // Calculate the size according to FragmentTable.
1542 for (Index
= 0; Index
< FragmentCount
; Index
++) {
1543 BufferSize
+= FragmentTable
[Index
].FragmentLength
;
1547 // Allocate buffer for processed data.
1549 Buffer
= AllocateZeroPool (BufferSize
);
1550 if (Buffer
== NULL
) {
1551 Status
= EFI_OUT_OF_RESOURCES
;
1556 // Copy the new FragmentTable buffer into Buffer.
1558 for (Index
= 0; Index
< FragmentCount
; Index
++) {
1560 (Buffer
+ BytesCopied
),
1561 FragmentTable
[Index
].FragmentBuffer
,
1562 FragmentTable
[Index
].FragmentLength
1564 BytesCopied
+= FragmentTable
[Index
].FragmentLength
;
1567 // Free the FragmentBuffer since it has been copied.
1569 FreePool (FragmentTable
[Index
].FragmentBuffer
);
1572 Fragment
->Len
= BufferSize
;
1573 Fragment
->Bulk
= Buffer
;
1577 if (OriginalFragmentTable
!= NULL
) {
1578 if( FragmentTable
== OriginalFragmentTable
) {
1579 FragmentTable
= NULL
;
1581 FreePool (OriginalFragmentTable
);
1582 OriginalFragmentTable
= NULL
;
1586 // Caller has the responsibility to free the FragmentTable.
1588 if (FragmentTable
!= NULL
) {
1589 FreePool (FragmentTable
);
1590 FragmentTable
= NULL
;
1597 Receive one fragment decrypted from one TLS record.
1599 @param[in] HttpInstance Pointer to HTTP_PROTOCOL structure.
1600 @param[in, out] Fragment The received Fragment.
1601 @param[in] Timeout The time to wait for connection done.
1603 @retval EFI_SUCCESS One fragment is received.
1604 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
1605 @retval EFI_ABORTED Something wrong decryption the message.
1606 @retval Others Other errors as indicated.
1612 IN HTTP_PROTOCOL
*HttpInstance
,
1613 IN OUT NET_FRAGMENT
*Fragment
,
1614 IN EFI_EVENT Timeout
1619 TLS_RECORD_HEADER RecordHeader
;
1622 NET_FRAGMENT TempFragment
;
1624 UINTN BufferOutSize
;
1627 UINT8
*GetSessionDataBuffer
;
1628 UINTN GetSessionDataBufferSize
;
1630 Status
= EFI_SUCCESS
;
1638 GetSessionDataBuffer
= NULL
;
1639 GetSessionDataBufferSize
= 0;
1642 // Receive only one TLS record
1644 Status
= TlsReceiveOnePdu (HttpInstance
, &Pdu
, Timeout
);
1645 if (EFI_ERROR (Status
)) {
1649 BufferInSize
= Pdu
->TotalSize
;
1650 BufferIn
= AllocateZeroPool (BufferInSize
);
1651 if (BufferIn
== NULL
) {
1652 Status
= EFI_OUT_OF_RESOURCES
;
1657 NetbufCopy (Pdu
, 0, (UINT32
) BufferInSize
, BufferIn
);
1662 // Handle Receive data.
1664 RecordHeader
= *(TLS_RECORD_HEADER
*) BufferIn
;
1666 if ((RecordHeader
.ContentType
== TlsContentTypeApplicationData
) &&
1667 (RecordHeader
.Version
.Major
== 0x03) &&
1668 (RecordHeader
.Version
.Minor
== TLS10_PROTOCOL_VERSION_MINOR
||
1669 RecordHeader
.Version
.Minor
== TLS11_PROTOCOL_VERSION_MINOR
||
1670 RecordHeader
.Version
.Minor
== TLS12_PROTOCOL_VERSION_MINOR
)
1675 Status
= TlsProcessMessage (
1683 FreePool (BufferIn
);
1685 if (EFI_ERROR (Status
)) {
1686 if (Status
== EFI_ABORTED
) {
1688 // Something wrong decryption the message.
1689 // BuildResponsePacket() will be called to generate Error Alert message and send it out.
1691 BufferOutSize
= DEF_BUF_LEN
;
1692 BufferOut
= AllocateZeroPool (BufferOutSize
);
1693 if (BufferOut
== NULL
) {
1694 Status
= EFI_OUT_OF_RESOURCES
;
1698 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1705 if (Status
== EFI_BUFFER_TOO_SMALL
) {
1706 FreePool (BufferOut
);
1707 BufferOut
= AllocateZeroPool (BufferOutSize
);
1708 if (BufferOut
== NULL
) {
1709 Status
= EFI_OUT_OF_RESOURCES
;
1713 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1721 if (EFI_ERROR (Status
)) {
1722 FreePool(BufferOut
);
1726 if (BufferOutSize
!= 0) {
1727 PacketOut
= NetbufAlloc ((UINT32
)BufferOutSize
);
1728 DataOut
= NetbufAllocSpace (PacketOut
, (UINT32
) BufferOutSize
, NET_BUF_TAIL
);
1729 if (DataOut
== NULL
) {
1730 FreePool (BufferOut
);
1731 return EFI_OUT_OF_RESOURCES
;
1734 CopyMem (DataOut
, BufferOut
, BufferOutSize
);
1736 Status
= TlsCommonTransmit (HttpInstance
, PacketOut
);
1738 NetbufFree (PacketOut
);
1741 FreePool(BufferOut
);
1743 if (EFI_ERROR (Status
)) {
1756 ASSERT (((TLS_RECORD_HEADER
*) (TempFragment
.Bulk
))->ContentType
== TlsContentTypeApplicationData
);
1758 BufferInSize
= ((TLS_RECORD_HEADER
*) (TempFragment
.Bulk
))->Length
;
1759 BufferIn
= AllocateZeroPool (BufferInSize
);
1760 if (BufferIn
== NULL
) {
1761 Status
= EFI_OUT_OF_RESOURCES
;
1765 CopyMem (BufferIn
, TempFragment
.Bulk
+ TLS_RECORD_HEADER_LENGTH
, BufferInSize
);
1768 // Free the buffer in TempFragment.
1770 FreePool (TempFragment
.Bulk
);
1772 } else if ((RecordHeader
.ContentType
== TlsContentTypeAlert
) &&
1773 (RecordHeader
.Version
.Major
== 0x03) &&
1774 (RecordHeader
.Version
.Minor
== TLS10_PROTOCOL_VERSION_MINOR
||
1775 RecordHeader
.Version
.Minor
== TLS11_PROTOCOL_VERSION_MINOR
||
1776 RecordHeader
.Version
.Minor
== TLS12_PROTOCOL_VERSION_MINOR
)
1778 BufferOutSize
= DEF_BUF_LEN
;
1779 BufferOut
= AllocateZeroPool (BufferOutSize
);
1780 if (BufferOut
== NULL
) {
1781 FreePool (BufferIn
);
1782 Status
= EFI_OUT_OF_RESOURCES
;
1786 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1793 if (Status
== EFI_BUFFER_TOO_SMALL
) {
1794 FreePool (BufferOut
);
1795 BufferOut
= AllocateZeroPool (BufferOutSize
);
1796 if (BufferOut
== NULL
) {
1797 FreePool (BufferIn
);
1798 Status
= EFI_OUT_OF_RESOURCES
;
1802 Status
= HttpInstance
->Tls
->BuildResponsePacket (
1811 FreePool (BufferIn
);
1813 if (EFI_ERROR (Status
)) {
1814 FreePool (BufferOut
);
1818 if (BufferOutSize
!= 0) {
1819 PacketOut
= NetbufAlloc ((UINT32
) BufferOutSize
);
1820 DataOut
= NetbufAllocSpace (PacketOut
, (UINT32
) BufferOutSize
, NET_BUF_TAIL
);
1821 if (DataOut
== NULL
) {
1822 FreePool (BufferOut
);
1823 return EFI_OUT_OF_RESOURCES
;
1826 CopyMem (DataOut
, BufferOut
, BufferOutSize
);
1828 Status
= TlsCommonTransmit (HttpInstance
, PacketOut
);
1830 NetbufFree (PacketOut
);
1833 FreePool (BufferOut
);
1836 // Get the session state.
1838 GetSessionDataBufferSize
= DEF_BUF_LEN
;
1839 GetSessionDataBuffer
= AllocateZeroPool (GetSessionDataBufferSize
);
1840 if (GetSessionDataBuffer
== NULL
) {
1841 Status
= EFI_OUT_OF_RESOURCES
;
1845 Status
= HttpInstance
->Tls
->GetSessionData (
1848 GetSessionDataBuffer
,
1849 &GetSessionDataBufferSize
1851 if (Status
== EFI_BUFFER_TOO_SMALL
) {
1852 FreePool (GetSessionDataBuffer
);
1853 GetSessionDataBuffer
= AllocateZeroPool (GetSessionDataBufferSize
);
1854 if (GetSessionDataBuffer
== NULL
) {
1855 Status
= EFI_OUT_OF_RESOURCES
;
1859 Status
= HttpInstance
->Tls
->GetSessionData (
1862 GetSessionDataBuffer
,
1863 &GetSessionDataBufferSize
1866 if (EFI_ERROR (Status
)) {
1867 FreePool (GetSessionDataBuffer
);
1871 ASSERT(GetSessionDataBufferSize
== sizeof (EFI_TLS_SESSION_STATE
));
1872 HttpInstance
->TlsSessionState
= *(EFI_TLS_SESSION_STATE
*) GetSessionDataBuffer
;
1874 FreePool (GetSessionDataBuffer
);
1876 if(HttpInstance
->TlsSessionState
== EfiTlsSessionError
) {
1877 DEBUG ((EFI_D_ERROR
, "TLS Session State Error!\n"));
1885 Fragment
->Bulk
= BufferIn
;
1886 Fragment
->Len
= (UINT32
) BufferInSize
;