NetworkPkg: Convert files to CRLF line ending
[mirror_edk2.git] / NetworkPkg / TlsDxe / TlsImpl.h
1 /** @file
2 Header file of Miscellaneous Routines for TlsDxe driver.
3
4 Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
5
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php
10
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14 **/
15
16 #ifndef __EFI_TLS_IMPL_H__
17 #define __EFI_TLS_IMPL_H__
18
19 //
20 // Libraries
21 //
22 #include <Library/UefiBootServicesTableLib.h>
23 #include <Library/MemoryAllocationLib.h>
24 #include <Library/BaseMemoryLib.h>
25 #include <Library/BaseLib.h>
26 #include <Library/UefiLib.h>
27 #include <Library/DebugLib.h>
28 #include <Library/NetLib.h>
29 #include <Library/BaseCryptLib.h>
30 #include <Library/TlsLib.h>
31
32 //
33 // Consumed Protocols
34 //
35 #include <Protocol/Tls.h>
36 #include <Protocol/TlsConfig.h>
37
38 #include <IndustryStandard/Tls1.h>
39
40 #include "TlsDriver.h"
41
42 //
43 // Protocol instances
44 //
45 extern EFI_SERVICE_BINDING_PROTOCOL mTlsServiceBinding;
46 extern EFI_TLS_PROTOCOL mTlsProtocol;
47 extern EFI_TLS_CONFIGURATION_PROTOCOL mTlsConfigurationProtocol;
48
49 #define RECORD_HEADER_LEN 5 /// ContentType(1) + Version(2) + Length(2)
50
51 #define MAX_BUFFER_SIZE 32768
52
53 /**
54 Encrypt the message listed in fragment.
55
56 @param[in] TlsInstance The pointer to the TLS instance.
57 @param[in, out] FragmentTable Pointer to a list of fragment.
58 On input these fragments contain the TLS header and
59 plain text TLS payload;
60 On output these fragments contain the TLS header and
61 cipher text TLS payload.
62 @param[in] FragmentCount Number of fragment.
63
64 @retval EFI_SUCCESS The operation completed successfully.
65 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
66 @retval EFI_ABORTED TLS session state is incorrect.
67 @retval Others Other errors as indicated.
68 **/
69 EFI_STATUS
70 TlsEncryptPacket (
71 IN TLS_INSTANCE *TlsInstance,
72 IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,
73 IN UINT32 *FragmentCount
74 );
75
76 /**
77 Decrypt the message listed in fragment.
78
79 @param[in] TlsInstance The pointer to the TLS instance.
80 @param[in, out] FragmentTable Pointer to a list of fragment.
81 On input these fragments contain the TLS header and
82 cipher text TLS payload;
83 On output these fragments contain the TLS header and
84 plain text TLS payload.
85 @param[in] FragmentCount Number of fragment.
86
87 @retval EFI_SUCCESS The operation completed successfully.
88 @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.
89 @retval EFI_ABORTED TLS session state is incorrect.
90 @retval Others Other errors as indicated.
91 **/
92 EFI_STATUS
93 TlsDecryptPacket (
94 IN TLS_INSTANCE *TlsInstance,
95 IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,
96 IN UINT32 *FragmentCount
97 );
98
99 /**
100 Set TLS session data.
101
102 The SetSessionData() function set data for a new TLS session. All session data should
103 be set before BuildResponsePacket() invoked.
104
105 @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
106 @param[in] DataType TLS session data type.
107 @param[in] Data Pointer to session data.
108 @param[in] DataSize Total size of session data.
109
110 @retval EFI_SUCCESS The TLS session data is set successfully.
111 @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
112 This is NULL.
113 Data is NULL.
114 DataSize is 0.
115 @retval EFI_UNSUPPORTED The DataType is unsupported.
116 @retval EFI_ACCESS_DENIED If the DataType is one of below:
117 EfiTlsClientRandom
118 EfiTlsServerRandom
119 EfiTlsKeyMaterial
120 @retval EFI_NOT_READY Current TLS session state is NOT
121 EfiTlsSessionStateNotStarted.
122 @retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.
123 **/
124 EFI_STATUS
125 EFIAPI
126 TlsSetSessionData (
127 IN EFI_TLS_PROTOCOL *This,
128 IN EFI_TLS_SESSION_DATA_TYPE DataType,
129 IN VOID *Data,
130 IN UINTN DataSize
131 );
132
133 /**
134 Get TLS session data.
135
136 The GetSessionData() function return the TLS session information.
137
138 @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
139 @param[in] DataType TLS session data type.
140 @param[in, out] Data Pointer to session data.
141 @param[in, out] DataSize Total size of session data. On input, it means
142 the size of Data buffer. On output, it means the size
143 of copied Data buffer if EFI_SUCCESS, and means the
144 size of desired Data buffer if EFI_BUFFER_TOO_SMALL.
145
146 @retval EFI_SUCCESS The TLS session data is got successfully.
147 @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
148 This is NULL.
149 DataSize is NULL.
150 Data is NULL if *DataSize is not zero.
151 @retval EFI_UNSUPPORTED The DataType is unsupported.
152 @retval EFI_NOT_FOUND The TLS session data is not found.
153 @retval EFI_NOT_READY The DataType is not ready in current session state.
154 @retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.
155 **/
156 EFI_STATUS
157 EFIAPI
158 TlsGetSessionData (
159 IN EFI_TLS_PROTOCOL *This,
160 IN EFI_TLS_SESSION_DATA_TYPE DataType,
161 IN OUT VOID *Data, OPTIONAL
162 IN OUT UINTN *DataSize
163 );
164
165 /**
166 Build response packet according to TLS state machine. This function is only valid for
167 alert, handshake and change_cipher_spec content type.
168
169 The BuildResponsePacket() function builds TLS response packet in response to the TLS
170 request packet specified by RequestBuffer and RequestSize. If RequestBuffer is NULL and
171 RequestSize is 0, and TLS session status is EfiTlsSessionNotStarted, the TLS session
172 will be initiated and the response packet needs to be ClientHello. If RequestBuffer is
173 NULL and RequestSize is 0, and TLS session status is EfiTlsSessionClosing, the TLS
174 session will be closed and response packet needs to be CloseNotify. If RequestBuffer is
175 NULL and RequestSize is 0, and TLS session status is EfiTlsSessionError, the TLS
176 session has errors and the response packet needs to be Alert message based on error
177 type.
178
179 @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
180 @param[in] RequestBuffer Pointer to the most recently received TLS packet. NULL
181 means TLS need initiate the TLS session and response
182 packet need to be ClientHello.
183 @param[in] RequestSize Packet size in bytes for the most recently received TLS
184 packet. 0 is only valid when RequestBuffer is NULL.
185 @param[out] Buffer Pointer to the buffer to hold the built packet.
186 @param[in, out] BufferSize Pointer to the buffer size in bytes. On input, it is
187 the buffer size provided by the caller. On output, it
188 is the buffer size in fact needed to contain the
189 packet.
190
191 @retval EFI_SUCCESS The required TLS packet is built successfully.
192 @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
193 This is NULL.
194 RequestBuffer is NULL but RequestSize is NOT 0.
195 RequestSize is 0 but RequestBuffer is NOT NULL.
196 BufferSize is NULL.
197 Buffer is NULL if *BufferSize is not zero.
198 @retval EFI_BUFFER_TOO_SMALL BufferSize is too small to hold the response packet.
199 @retval EFI_NOT_READY Current TLS session state is NOT ready to build
200 ResponsePacket.
201 @retval EFI_ABORTED Something wrong build response packet.
202 **/
203 EFI_STATUS
204 EFIAPI
205 TlsBuildResponsePacket (
206 IN EFI_TLS_PROTOCOL *This,
207 IN UINT8 *RequestBuffer, OPTIONAL
208 IN UINTN RequestSize, OPTIONAL
209 OUT UINT8 *Buffer, OPTIONAL
210 IN OUT UINTN *BufferSize
211 );
212
213 /**
214 Decrypt or encrypt TLS packet during session. This function is only valid after
215 session connected and for application_data content type.
216
217 The ProcessPacket () function process each inbound or outbound TLS APP packet.
218
219 @param[in] This Pointer to the EFI_TLS_PROTOCOL instance.
220 @param[in, out] FragmentTable Pointer to a list of fragment. The caller will take
221 responsible to handle the original FragmentTable while
222 it may be reallocated in TLS driver. If CryptMode is
223 EfiTlsEncrypt, on input these fragments contain the TLS
224 header and plain text TLS APP payload; on output these
225 fragments contain the TLS header and cipher text TLS
226 APP payload. If CryptMode is EfiTlsDecrypt, on input
227 these fragments contain the TLS header and cipher text
228 TLS APP payload; on output these fragments contain the
229 TLS header and plain text TLS APP payload.
230 @param[in] FragmentCount Number of fragment.
231 @param[in] CryptMode Crypt mode.
232
233 @retval EFI_SUCCESS The operation completed successfully.
234 @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
235 This is NULL.
236 FragmentTable is NULL.
237 FragmentCount is NULL.
238 CryptoMode is invalid.
239 @retval EFI_NOT_READY Current TLS session state is NOT
240 EfiTlsSessionDataTransferring.
241 @retval EFI_ABORTED Something wrong decryption the message. TLS session
242 status will become EfiTlsSessionError. The caller need
243 call BuildResponsePacket() to generate Error Alert
244 message and send it out.
245 @retval EFI_OUT_OF_RESOURCES No enough resource to finish the operation.
246 **/
247 EFI_STATUS
248 EFIAPI
249 TlsProcessPacket (
250 IN EFI_TLS_PROTOCOL *This,
251 IN OUT EFI_TLS_FRAGMENT_DATA **FragmentTable,
252 IN UINT32 *FragmentCount,
253 IN EFI_TLS_CRYPT_MODE CryptMode
254 );
255
256 /**
257 Set TLS configuration data.
258
259 The SetData() function sets TLS configuration to non-volatile storage or volatile
260 storage.
261
262 @param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
263 @param[in] DataType Configuration data type.
264 @param[in] Data Pointer to configuration data.
265 @param[in] DataSize Total size of configuration data.
266
267 @retval EFI_SUCCESS The TLS configuration data is set successfully.
268 @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
269 This is NULL.
270 Data is NULL.
271 DataSize is 0.
272 @retval EFI_UNSUPPORTED The DataType is unsupported.
273 @retval EFI_OUT_OF_RESOURCES Required system resources could not be allocated.
274 **/
275 EFI_STATUS
276 EFIAPI
277 TlsConfigurationSetData (
278 IN EFI_TLS_CONFIGURATION_PROTOCOL *This,
279 IN EFI_TLS_CONFIG_DATA_TYPE DataType,
280 IN VOID *Data,
281 IN UINTN DataSize
282 );
283
284 /**
285 Get TLS configuration data.
286
287 The GetData() function gets TLS configuration.
288
289 @param[in] This Pointer to the EFI_TLS_CONFIGURATION_PROTOCOL instance.
290 @param[in] DataType Configuration data type.
291 @param[in, out] Data Pointer to configuration data.
292 @param[in, out] DataSize Total size of configuration data. On input, it means
293 the size of Data buffer. On output, it means the size
294 of copied Data buffer if EFI_SUCCESS, and means the
295 size of desired Data buffer if EFI_BUFFER_TOO_SMALL.
296
297 @retval EFI_SUCCESS The TLS configuration data is got successfully.
298 @retval EFI_INVALID_PARAMETER One or more of the following conditions is TRUE:
299 This is NULL.
300 DataSize is NULL.
301 Data is NULL if *DataSize is not zero.
302 @retval EFI_UNSUPPORTED The DataType is unsupported.
303 @retval EFI_NOT_FOUND The TLS configuration data is not found.
304 @retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the data.
305 **/
306 EFI_STATUS
307 EFIAPI
308 TlsConfigurationGetData (
309 IN EFI_TLS_CONFIGURATION_PROTOCOL *This,
310 IN EFI_TLS_CONFIG_DATA_TYPE DataType,
311 IN OUT VOID *Data, OPTIONAL
312 IN OUT UINTN *DataSize
313 );
314
315 #endif
316