\r
Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>\r
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution. The full text of the license may be found at\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "InternalTlsLib.h"\r
\r
-#define MAX_BUFFER_SIZE 32768\r
+#define MAX_BUFFER_SIZE 32768\r
\r
/**\r
Checks if the TLS handshake was done.\r
BOOLEAN\r
EFIAPI\r
TlsInHandshake (\r
- IN VOID *Tls\r
+ IN VOID *Tls\r
)\r
{\r
TLS_CONNECTION *TlsConn;\r
\r
- TlsConn = (TLS_CONNECTION *) Tls;\r
- if (TlsConn == NULL || TlsConn->Ssl == NULL) {\r
+ TlsConn = (TLS_CONNECTION *)Tls;\r
+ if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {\r
return FALSE;\r
}\r
\r
EFI_STATUS\r
EFIAPI\r
TlsDoHandshake (\r
- IN VOID *Tls,\r
- IN UINT8 *BufferIn, OPTIONAL\r
- IN UINTN BufferInSize, OPTIONAL\r
- OUT UINT8 *BufferOut, OPTIONAL\r
- IN OUT UINTN *BufferOutSize\r
+ IN VOID *Tls,\r
+ IN UINT8 *BufferIn OPTIONAL,\r
+ IN UINTN BufferInSize OPTIONAL,\r
+ OUT UINT8 *BufferOut OPTIONAL,\r
+ IN OUT UINTN *BufferOutSize\r
)\r
{\r
TLS_CONNECTION *TlsConn;\r
INTN Ret;\r
UINTN ErrorCode;\r
\r
- TlsConn = (TLS_CONNECTION *) Tls;\r
+ TlsConn = (TLS_CONNECTION *)Tls;\r
PendingBufferSize = 0;\r
Ret = 1;\r
\r
- if (TlsConn == NULL || \\r
- TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \\r
- BufferOutSize == NULL || \\r
- (BufferIn == NULL && BufferInSize != 0) || \\r
- (BufferIn != NULL && BufferInSize == 0) || \\r
- (BufferOut == NULL && *BufferOutSize != 0)) {\r
+ if ((TlsConn == NULL) || \\r
+ (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \\r
+ (BufferOutSize == NULL) || \\r
+ ((BufferIn == NULL) && (BufferInSize != 0)) || \\r
+ ((BufferIn != NULL) && (BufferInSize == 0)) || \\r
+ ((BufferOut == NULL) && (*BufferOutSize != 0)))\r
+ {\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- if(BufferIn == NULL && BufferInSize == 0) {\r
+ if ((BufferIn == NULL) && (BufferInSize == 0)) {\r
//\r
// If RequestBuffer is NULL and RequestSize is 0, and TLS session\r
// status is EfiTlsSessionNotStarted, the TLS session will be initiated\r
// and the response packet needs to be ClientHello.\r
//\r
- PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);\r
+ PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);\r
if (PendingBufferSize == 0) {\r
SSL_set_connect_state (TlsConn->Ssl);\r
- Ret = SSL_do_handshake (TlsConn->Ssl);\r
- PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);\r
+ Ret = SSL_do_handshake (TlsConn->Ssl);\r
+ PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);\r
}\r
} else {\r
- PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);\r
+ PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);\r
if (PendingBufferSize == 0) {\r
- BIO_write (TlsConn->InBio, BufferIn, (UINT32) BufferInSize);\r
- Ret = SSL_do_handshake (TlsConn->Ssl);\r
- PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);\r
+ BIO_write (TlsConn->InBio, BufferIn, (UINT32)BufferInSize);\r
+ Ret = SSL_do_handshake (TlsConn->Ssl);\r
+ PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);\r
}\r
}\r
\r
if (Ret < 1) {\r
- Ret = SSL_get_error (TlsConn->Ssl, (int) Ret);\r
- if (Ret == SSL_ERROR_SSL ||\r
- Ret == SSL_ERROR_SYSCALL ||\r
- Ret == SSL_ERROR_ZERO_RETURN) {\r
+ Ret = SSL_get_error (TlsConn->Ssl, (int)Ret);\r
+ if ((Ret == SSL_ERROR_SSL) ||\r
+ (Ret == SSL_ERROR_SYSCALL) ||\r
+ (Ret == SSL_ERROR_ZERO_RETURN))\r
+ {\r
DEBUG ((\r
DEBUG_ERROR,\r
"%a SSL_HANDSHAKE_ERROR State=0x%x SSL_ERROR_%a\n",\r
Ret == SSL_ERROR_SSL ? "SSL" : Ret == SSL_ERROR_SYSCALL ? "SYSCALL" : "ZERO_RETURN"\r
));\r
DEBUG_CODE_BEGIN ();\r
- while (TRUE) {\r
- ErrorCode = ERR_get_error ();\r
- if (ErrorCode == 0) {\r
- break;\r
- }\r
- DEBUG ((\r
- DEBUG_ERROR,\r
- "%a ERROR 0x%x=L%x:F%x:R%x\n",\r
- __FUNCTION__,\r
- ErrorCode,\r
- ERR_GET_LIB (ErrorCode),\r
- ERR_GET_FUNC (ErrorCode),\r
- ERR_GET_REASON (ErrorCode)\r
- ));\r
+ while (TRUE) {\r
+ ErrorCode = ERR_get_error ();\r
+ if (ErrorCode == 0) {\r
+ break;\r
}\r
+\r
+ DEBUG ((\r
+ DEBUG_ERROR,\r
+ "%a ERROR 0x%x=L%x:F%x:R%x\n",\r
+ __FUNCTION__,\r
+ ErrorCode,\r
+ ERR_GET_LIB (ErrorCode),\r
+ ERR_GET_FUNC (ErrorCode),\r
+ ERR_GET_REASON (ErrorCode)\r
+ ));\r
+ }\r
+\r
DEBUG_CODE_END ();\r
return EFI_ABORTED;\r
}\r
}\r
\r
if (PendingBufferSize > 0) {\r
- *BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32) PendingBufferSize);\r
+ *BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32)PendingBufferSize);\r
} else {\r
*BufferOutSize = 0;\r
}\r
EFI_STATUS\r
EFIAPI\r
TlsHandleAlert (\r
- IN VOID *Tls,\r
- IN UINT8 *BufferIn, OPTIONAL\r
- IN UINTN BufferInSize, OPTIONAL\r
- OUT UINT8 *BufferOut, OPTIONAL\r
- IN OUT UINTN *BufferOutSize\r
+ IN VOID *Tls,\r
+ IN UINT8 *BufferIn OPTIONAL,\r
+ IN UINTN BufferInSize OPTIONAL,\r
+ OUT UINT8 *BufferOut OPTIONAL,\r
+ IN OUT UINTN *BufferOutSize\r
)\r
{\r
TLS_CONNECTION *TlsConn;\r
UINT8 *TempBuffer;\r
INTN Ret;\r
\r
- TlsConn = (TLS_CONNECTION *) Tls;\r
+ TlsConn = (TLS_CONNECTION *)Tls;\r
PendingBufferSize = 0;\r
TempBuffer = NULL;\r
Ret = 0;\r
\r
- if (TlsConn == NULL || \\r
- TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \\r
- BufferOutSize == NULL || \\r
- (BufferIn == NULL && BufferInSize != 0) || \\r
- (BufferIn != NULL && BufferInSize == 0) || \\r
- (BufferOut == NULL && *BufferOutSize != 0)) {\r
+ if ((TlsConn == NULL) || \\r
+ (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \\r
+ (BufferOutSize == NULL) || \\r
+ ((BufferIn == NULL) && (BufferInSize != 0)) || \\r
+ ((BufferIn != NULL) && (BufferInSize == 0)) || \\r
+ ((BufferOut == NULL) && (*BufferOutSize != 0)))\r
+ {\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);\r
- if (PendingBufferSize == 0 && BufferIn != NULL && BufferInSize != 0) {\r
- Ret = BIO_write (TlsConn->InBio, BufferIn, (UINT32) BufferInSize);\r
- if (Ret != (INTN) BufferInSize) {\r
+ PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);\r
+ if ((PendingBufferSize == 0) && (BufferIn != NULL) && (BufferInSize != 0)) {\r
+ Ret = BIO_write (TlsConn->InBio, BufferIn, (UINT32)BufferInSize);\r
+ if (Ret != (INTN)BufferInSize) {\r
return EFI_ABORTED;\r
}\r
\r
- TempBuffer = (UINT8 *) OPENSSL_malloc (MAX_BUFFER_SIZE);\r
+ TempBuffer = (UINT8 *)OPENSSL_malloc (MAX_BUFFER_SIZE);\r
\r
//\r
// ssl3_send_alert() will be called in ssl3_read_bytes() function.\r
\r
OPENSSL_free (TempBuffer);\r
\r
- PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);\r
+ PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);\r
}\r
\r
if (PendingBufferSize > *BufferOutSize) {\r
}\r
\r
if (PendingBufferSize > 0) {\r
- *BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32) PendingBufferSize);\r
+ *BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32)PendingBufferSize);\r
} else {\r
*BufferOutSize = 0;\r
}\r
EFI_STATUS\r
EFIAPI\r
TlsCloseNotify (\r
- IN VOID *Tls,\r
- IN OUT UINT8 *Buffer,\r
- IN OUT UINTN *BufferSize\r
+ IN VOID *Tls,\r
+ IN OUT UINT8 *Buffer,\r
+ IN OUT UINTN *BufferSize\r
)\r
{\r
TLS_CONNECTION *TlsConn;\r
UINTN PendingBufferSize;\r
\r
- TlsConn = (TLS_CONNECTION *) Tls;\r
+ TlsConn = (TLS_CONNECTION *)Tls;\r
PendingBufferSize = 0;\r
\r
- if (TlsConn == NULL || \\r
- TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \\r
- BufferSize == NULL || \\r
- (Buffer == NULL && *BufferSize != 0)) {\r
+ if ((TlsConn == NULL) || \\r
+ (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \\r
+ (BufferSize == NULL) || \\r
+ ((Buffer == NULL) && (*BufferSize != 0)))\r
+ {\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);\r
+ PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);\r
if (PendingBufferSize == 0) {\r
//\r
// ssl3_send_alert() and ssl3_dispatch_alert() function will be called.\r
//\r
SSL_shutdown (TlsConn->Ssl);\r
- PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);\r
+ PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);\r
}\r
\r
if (PendingBufferSize > *BufferSize) {\r
}\r
\r
if (PendingBufferSize > 0) {\r
- *BufferSize = BIO_read (TlsConn->OutBio, Buffer, (UINT32) PendingBufferSize);\r
+ *BufferSize = BIO_read (TlsConn->OutBio, Buffer, (UINT32)PendingBufferSize);\r
} else {\r
*BufferSize = 0;\r
}\r
INTN\r
EFIAPI\r
TlsCtrlTrafficOut (\r
- IN VOID *Tls,\r
- IN OUT VOID *Buffer,\r
- IN UINTN BufferSize\r
+ IN VOID *Tls,\r
+ IN OUT VOID *Buffer,\r
+ IN UINTN BufferSize\r
)\r
{\r
TLS_CONNECTION *TlsConn;\r
\r
- TlsConn = (TLS_CONNECTION *) Tls;\r
- if (TlsConn == NULL || TlsConn->OutBio == 0) {\r
+ TlsConn = (TLS_CONNECTION *)Tls;\r
+ if ((TlsConn == NULL) || (TlsConn->OutBio == 0)) {\r
return -1;\r
}\r
\r
//\r
// Read and return the amount of data from the BIO.\r
//\r
- return BIO_read (TlsConn->OutBio, Buffer, (UINT32) BufferSize);\r
+ return BIO_read (TlsConn->OutBio, Buffer, (UINT32)BufferSize);\r
}\r
\r
/**\r
INTN\r
EFIAPI\r
TlsCtrlTrafficIn (\r
- IN VOID *Tls,\r
- IN VOID *Buffer,\r
- IN UINTN BufferSize\r
+ IN VOID *Tls,\r
+ IN VOID *Buffer,\r
+ IN UINTN BufferSize\r
)\r
{\r
TLS_CONNECTION *TlsConn;\r
\r
- TlsConn = (TLS_CONNECTION *) Tls;\r
- if (TlsConn == NULL || TlsConn->InBio == 0) {\r
+ TlsConn = (TLS_CONNECTION *)Tls;\r
+ if ((TlsConn == NULL) || (TlsConn->InBio == 0)) {\r
return -1;\r
}\r
\r
//\r
// Write and return the amount of data to the BIO.\r
//\r
- return BIO_write (TlsConn->InBio, Buffer, (UINT32) BufferSize);\r
+ return BIO_write (TlsConn->InBio, Buffer, (UINT32)BufferSize);\r
}\r
+\r
/**\r
Attempts to read bytes from the specified TLS connection into the buffer.\r
\r
INTN\r
EFIAPI\r
TlsRead (\r
- IN VOID *Tls,\r
- IN OUT VOID *Buffer,\r
- IN UINTN BufferSize\r
+ IN VOID *Tls,\r
+ IN OUT VOID *Buffer,\r
+ IN UINTN BufferSize\r
)\r
{\r
TLS_CONNECTION *TlsConn;\r
\r
- TlsConn = (TLS_CONNECTION *) Tls;\r
- if (TlsConn == NULL || TlsConn->Ssl == NULL) {\r
+ TlsConn = (TLS_CONNECTION *)Tls;\r
+ if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {\r
return -1;\r
}\r
\r
//\r
// Read bytes from the specified TLS connection.\r
//\r
- return SSL_read (TlsConn->Ssl, Buffer, (UINT32) BufferSize);\r
+ return SSL_read (TlsConn->Ssl, Buffer, (UINT32)BufferSize);\r
}\r
\r
/**\r
INTN\r
EFIAPI\r
TlsWrite (\r
- IN VOID *Tls,\r
- IN VOID *Buffer,\r
- IN UINTN BufferSize\r
+ IN VOID *Tls,\r
+ IN VOID *Buffer,\r
+ IN UINTN BufferSize\r
)\r
{\r
TLS_CONNECTION *TlsConn;\r
\r
- TlsConn = (TLS_CONNECTION *) Tls;\r
- if (TlsConn == NULL || TlsConn->Ssl == NULL) {\r
+ TlsConn = (TLS_CONNECTION *)Tls;\r
+ if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {\r
return -1;\r
}\r
\r
//\r
// Write bytes to the specified TLS connection.\r
//\r
- return SSL_write (TlsConn->Ssl, Buffer, (UINT32) BufferSize);\r
+ return SSL_write (TlsConn->Ssl, Buffer, (UINT32)BufferSize);\r
}\r
\r
+/**\r
+ Shutdown a TLS connection.\r
+\r
+ Shutdown the TLS connection without releasing the resources, meaning a new\r
+ connection can be started without calling TlsNew() and without setting\r
+ certificates etc.\r
+\r
+ @param[in] Tls Pointer to the TLS object to shutdown.\r
+\r
+ @retval EFI_SUCCESS The TLS is shutdown successfully.\r
+ @retval EFI_INVALID_PARAMETER Tls is NULL.\r
+ @retval EFI_PROTOCOL_ERROR Some other error occurred.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+TlsShutdown (\r
+ IN VOID *Tls\r
+ )\r
+{\r
+ TLS_CONNECTION *TlsConn;\r
+\r
+ TlsConn = (TLS_CONNECTION *)Tls;\r
+\r
+ if ((TlsConn == NULL) || ((TlsConn->Ssl) == NULL)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ SSL_set_quiet_shutdown (TlsConn->Ssl, 1);\r
+ SSL_shutdown (TlsConn->Ssl);\r
+ return SSL_clear (TlsConn->Ssl) == 1 ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;\r
+}\r
projects / mirror_edk2.git / blobdiff