-/** @file
- The Miscellaneous Routines for TlsAuthConfigDxe driver.
-
-Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
-
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "TlsAuthConfigImpl.h"
-
-VOID *mStartOpCodeHandle = NULL;
-VOID *mEndOpCodeHandle = NULL;
-EFI_IFR_GUID_LABEL *mStartLabel = NULL;
-EFI_IFR_GUID_LABEL *mEndLabel = NULL;
-
-
-CHAR16 mTlsAuthConfigStorageName[] = L"TLS_AUTH_CONFIG_IFR_NVDATA";
-
-TLS_AUTH_CONFIG_PRIVATE_DATA *mTlsAuthPrivateData = NULL;
-
-HII_VENDOR_DEVICE_PATH mTlsAuthConfigHiiVendorDevicePath = {
- {
- {
- HARDWARE_DEVICE_PATH,
- HW_VENDOR_DP,
- {
- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
- }
- },
- TLS_AUTH_CONFIG_GUID
- },
- {
- END_DEVICE_PATH_TYPE,
- END_ENTIRE_DEVICE_PATH_SUBTYPE,
- {
- (UINT8) (END_DEVICE_PATH_LENGTH),
- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
- }
- }
-};
-
-//
-// Possible DER-encoded certificate file suffixes, end with NULL pointer.
-//
-CHAR16* mDerPemEncodedSuffix[] = {
- L".cer",
- L".der",
- L".crt",
- L".pem",
- NULL
-};
-
-/**
- This code checks if the FileSuffix is one of the possible DER/PEM-encoded certificate suffix.
-
- @param[in] FileSuffix The suffix of the input certificate file
-
- @retval TRUE It's a DER/PEM-encoded certificate.
- @retval FALSE It's NOT a DER/PEM-encoded certificate.
-
-**/
-BOOLEAN
-IsDerPemEncodeCertificate (
- IN CONST CHAR16 *FileSuffix
-)
-{
- UINTN Index;
- for (Index = 0; mDerPemEncodedSuffix[Index] != NULL; Index++) {
- if (StrCmp (FileSuffix, mDerPemEncodedSuffix[Index]) == 0) {
- return TRUE;
- }
- }
- return FALSE;
-}
-
-/**
- Worker function that prints an EFI_GUID into specified Buffer.
-
- @param[in] Guid Pointer to GUID to print.
- @param[in] Buffer Buffer to print Guid into.
- @param[in] BufferSize Size of Buffer.
-
- @retval Number of characters printed.
-
-**/
-UINTN
-GuidToString (
- IN EFI_GUID *Guid,
- IN CHAR16 *Buffer,
- IN UINTN BufferSize
- )
-{
- return UnicodeSPrint (
- Buffer,
- BufferSize,
- L"%g",
- Guid
- );
-}
-
-/**
- Convert a String to Guid Value.
-
- @param[in] Str Specifies the String to be converted.
- @param[in] StrLen Number of Unicode Characters of String (exclusive \0)
- @param[out] Guid Return the result Guid value.
-
- @retval EFI_SUCCESS The operation is finished successfully.
- @retval EFI_NOT_FOUND Invalid string.
-
-**/
-EFI_STATUS
-StringToGuid (
- IN CHAR16 *Str,
- IN UINTN StrLen,
- OUT EFI_GUID *Guid
- )
-{
- CHAR16 *PtrBuffer;
- CHAR16 *PtrPosition;
- UINT16 *Buffer;
- UINTN Data;
- UINTN Index;
- UINT16 Digits[3];
-
- Buffer = (CHAR16 *) AllocateZeroPool (sizeof (CHAR16) * (StrLen + 1));
- if (Buffer == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- StrCpyS (Buffer, (StrLen + 1), Str);
-
- //
- // Data1
- //
- PtrBuffer = Buffer;
- PtrPosition = PtrBuffer;
- while (*PtrBuffer != L'\0') {
- if (*PtrBuffer == L'-') {
- break;
- }
- PtrBuffer++;
- }
- if (*PtrBuffer == L'\0') {
- FreePool (Buffer);
- return EFI_NOT_FOUND;
- }
-
- *PtrBuffer = L'\0';
- Data = StrHexToUintn (PtrPosition);
- Guid->Data1 = (UINT32)Data;
-
- //
- // Data2
- //
- PtrBuffer++;
- PtrPosition = PtrBuffer;
- while (*PtrBuffer != L'\0') {
- if (*PtrBuffer == L'-') {
- break;
- }
- PtrBuffer++;
- }
- if (*PtrBuffer == L'\0') {
- FreePool (Buffer);
- return EFI_NOT_FOUND;
- }
- *PtrBuffer = L'\0';
- Data = StrHexToUintn (PtrPosition);
- Guid->Data2 = (UINT16)Data;
-
- //
- // Data3
- //
- PtrBuffer++;
- PtrPosition = PtrBuffer;
- while (*PtrBuffer != L'\0') {
- if (*PtrBuffer == L'-') {
- break;
- }
- PtrBuffer++;
- }
- if (*PtrBuffer == L'\0') {
- FreePool (Buffer);
- return EFI_NOT_FOUND;
- }
- *PtrBuffer = L'\0';
- Data = StrHexToUintn (PtrPosition);
- Guid->Data3 = (UINT16)Data;
-
- //
- // Data4[0..1]
- //
- for ( Index = 0 ; Index < 2 ; Index++) {
- PtrBuffer++;
- if ((*PtrBuffer == L'\0') || ( *(PtrBuffer + 1) == L'\0')) {
- FreePool (Buffer);
- return EFI_NOT_FOUND;
- }
- Digits[0] = *PtrBuffer;
- PtrBuffer++;
- Digits[1] = *PtrBuffer;
- Digits[2] = L'\0';
- Data = StrHexToUintn (Digits);
- Guid->Data4[Index] = (UINT8)Data;
- }
-
- //
- // skip the '-'
- //
- PtrBuffer++;
- if ((*PtrBuffer != L'-' ) || ( *PtrBuffer == L'\0')) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Data4[2..7]
- //
- for ( ; Index < 8; Index++) {
- PtrBuffer++;
- if ((*PtrBuffer == L'\0') || ( *(PtrBuffer + 1) == L'\0')) {
- FreePool (Buffer);
- return EFI_NOT_FOUND;
- }
- Digits[0] = *PtrBuffer;
- PtrBuffer++;
- Digits[1] = *PtrBuffer;
- Digits[2] = L'\0';
- Data = StrHexToUintn (Digits);
- Guid->Data4[Index] = (UINT8)Data;
- }
-
- FreePool (Buffer);
-
- return EFI_SUCCESS;
-}
-
-
-/**
- List all cert in specified database by GUID in the page
- for user to select and delete as needed.
-
- @param[in] PrivateData Module's private data.
- @param[in] VariableName The variable name of the vendor's signature database.
- @param[in] VendorGuid A unique identifier for the vendor.
- @param[in] LabelNumber Label number to insert opcodes.
- @param[in] FormId Form ID of current page.
- @param[in] QuestionIdBase Base question id of the signature list.
-
- @retval EFI_SUCCESS Success to update the signature list page
- @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
-
-**/
-EFI_STATUS
-UpdateDeletePage (
- IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINT16 LabelNumber,
- IN EFI_FORM_ID FormId,
- IN EFI_QUESTION_ID QuestionIdBase
- )
-{
- EFI_STATUS Status;
- UINT32 Index;
- UINTN CertCount;
- UINTN GuidIndex;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
- UINTN DataSize;
- UINT8 *Data;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_DATA *Cert;
- UINT32 ItemDataSize;
- CHAR16 *GuidStr;
- EFI_STRING_ID GuidID;
- EFI_STRING_ID Help;
-
- Data = NULL;
- CertList = NULL;
- Cert = NULL;
- GuidStr = NULL;
- StartOpCodeHandle = NULL;
- EndOpCodeHandle = NULL;
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- if (StartOpCodeHandle == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
- }
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- if (EndOpCodeHandle == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
- }
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LabelNumber;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Read Variable.
- //
- DataSize = 0;
- Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
- if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
- goto ON_EXIT;
- }
-
- Data = (UINT8 *) AllocateZeroPool (DataSize);
- if (Data == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
- }
-
- Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
- if (EFI_ERROR (Status)) {
- goto ON_EXIT;
- }
-
- GuidStr = AllocateZeroPool (100);
- if (GuidStr == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
- }
-
- //
- // Enumerate all data.
- //
- ItemDataSize = (UINT32) DataSize;
- CertList = (EFI_SIGNATURE_LIST *) Data;
- GuidIndex = 0;
-
- while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
-
- if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
- Help = STRING_TOKEN (STR_CERT_TYPE_PCKS_GUID);
- } else {
- //
- // The signature type is not supported in current implementation.
- //
- ItemDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
- continue;
- }
-
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- for (Index = 0; Index < CertCount; Index++) {
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList
- + sizeof (EFI_SIGNATURE_LIST)
- + CertList->SignatureHeaderSize
- + Index * CertList->SignatureSize);
- //
- // Display GUID and help
- //
- GuidToString (&Cert->SignatureOwner, GuidStr, 100);
- GuidID = HiiSetString (Private->RegisteredHandle, 0, GuidStr, NULL);
- HiiCreateCheckBoxOpCode (
- StartOpCodeHandle,
- (EFI_QUESTION_ID) (QuestionIdBase + GuidIndex++),
- 0,
- 0,
- GuidID,
- Help,
- EFI_IFR_FLAG_CALLBACK,
- 0,
- NULL
- );
- }
-
- ItemDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
- }
-
-ON_EXIT:
- HiiUpdateForm (
- Private->RegisteredHandle,
- &gTlsAuthConfigGuid,
- FormId,
- StartOpCodeHandle,
- EndOpCodeHandle
- );
-
- if (StartOpCodeHandle != NULL) {
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- }
-
- if (EndOpCodeHandle != NULL) {
- HiiFreeOpCodeHandle (EndOpCodeHandle);
- }
-
- if (Data != NULL) {
- FreePool (Data);
- }
-
- if (GuidStr != NULL) {
- FreePool (GuidStr);
- }
-
- return EFI_SUCCESS;
-}
-
-/**
- Delete one entry from cert database.
-
- @param[in] PrivateData Module's private data.
- @param[in] VariableName The variable name of the database.
- @param[in] VendorGuid A unique identifier for the vendor.
- @param[in] LabelNumber Label number to insert opcodes.
- @param[in] FormId Form ID of current page.
- @param[in] QuestionIdBase Base question id of the cert list.
- @param[in] DeleteIndex Cert index to delete.
-
- @retval EFI_SUCCESS Delete siganture successfully.
- @retval EFI_NOT_FOUND Can't find the signature item,
- @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
-**/
-EFI_STATUS
-DeleteCert (
- IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINT16 LabelNumber,
- IN EFI_FORM_ID FormId,
- IN EFI_QUESTION_ID QuestionIdBase,
- IN UINTN DeleteIndex
- )
-{
- EFI_STATUS Status;
- UINTN DataSize;
- UINT8 *Data;
- UINT8 *OldData;
- UINT32 Attr;
- UINT32 Index;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_LIST *NewCertList;
- EFI_SIGNATURE_DATA *Cert;
- UINTN CertCount;
- UINT32 Offset;
- BOOLEAN IsItemFound;
- UINT32 ItemDataSize;
- UINTN GuidIndex;
-
- Data = NULL;
- OldData = NULL;
- CertList = NULL;
- Cert = NULL;
- Attr = 0;
-
- //
- // Get original signature list data.
- //
- DataSize = 0;
- Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);
- if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
- goto ON_EXIT;
- }
-
- OldData = (UINT8 *) AllocateZeroPool (DataSize);
- if (OldData == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
- }
-
- Status = gRT->GetVariable (VariableName, VendorGuid, &Attr, &DataSize, OldData);
- if (EFI_ERROR(Status)) {
- goto ON_EXIT;
- }
-
- //
- // Allocate space for new variable.
- //
- Data = (UINT8*) AllocateZeroPool (DataSize);
- if (Data == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
- }
-
- //
- // Enumerate all data and erasing the target item.
- //
- IsItemFound = FALSE;
- ItemDataSize = (UINT32) DataSize;
- CertList = (EFI_SIGNATURE_LIST *) OldData;
- Offset = 0;
- GuidIndex = 0;
- while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
- if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
- //
- // Copy EFI_SIGNATURE_LIST header then calculate the signature count in this list.
- //
- CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));
- NewCertList = (EFI_SIGNATURE_LIST*) (Data + Offset);
- Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- for (Index = 0; Index < CertCount; Index++) {
- if (GuidIndex == DeleteIndex) {
- //
- // Find it! Skip it!
- //
- NewCertList->SignatureListSize -= CertList->SignatureSize;
- IsItemFound = TRUE;
- } else {
- //
- // This item doesn't match. Copy it to the Data buffer.
- //
- CopyMem (Data + Offset, (UINT8*)(Cert), CertList->SignatureSize);
- Offset += CertList->SignatureSize;
- }
- GuidIndex++;
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
- }
- } else {
- //
- // This List doesn't match. Just copy it to the Data buffer.
- //
- CopyMem (Data + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
- Offset += CertList->SignatureListSize;
- }
-
- ItemDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
- }
-
- if (!IsItemFound) {
- //
- // Doesn't find the signature Item!
- //
- Status = EFI_NOT_FOUND;
- goto ON_EXIT;
- }
-
- //
- // Delete the EFI_SIGNATURE_LIST header if there is no signature in the list.
- //
- ItemDataSize = Offset;
- CertList = (EFI_SIGNATURE_LIST *) Data;
- Offset = 0;
- ZeroMem (OldData, ItemDataSize);
- while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- DEBUG ((DEBUG_INFO, " CertCount = %x\n", CertCount));
- if (CertCount != 0) {
- CopyMem (OldData + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
- Offset += CertList->SignatureListSize;
- }
- ItemDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
- }
-
- DataSize = Offset;
-
- Status = gRT->SetVariable(
- VariableName,
- VendorGuid,
- Attr,
- DataSize,
- OldData
- );
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));
- goto ON_EXIT;
- }
-
-ON_EXIT:
- if (Data != NULL) {
- FreePool(Data);
- }
-
- if (OldData != NULL) {
- FreePool(OldData);
- }
-
- return UpdateDeletePage (
- Private,
- VariableName,
- VendorGuid,
- LabelNumber,
- FormId,
- QuestionIdBase
- );
-}
-
-
-/**
- Close an open file handle.
-
- @param[in] FileHandle The file handle to close.
-
-**/
-VOID
-CloseFile (
- IN EFI_FILE_HANDLE FileHandle
- )
-{
- if (FileHandle != NULL) {
- FileHandle->Close (FileHandle);
- }
-}
-
-/**
- Read file content into BufferPtr, the size of the allocate buffer
- is *FileSize plus AddtionAllocateSize.
-
- @param[in] FileHandle The file to be read.
- @param[in, out] BufferPtr Pointers to the pointer of allocated buffer.
- @param[out] FileSize Size of input file
- @param[in] AddtionAllocateSize Addtion size the buffer need to be allocated.
- In case the buffer need to contain others besides the file content.
-
- @retval EFI_SUCCESS The file was read into the buffer.
- @retval EFI_INVALID_PARAMETER A parameter was invalid.
- @retval EFI_OUT_OF_RESOURCES A memory allocation failed.
- @retval others Unexpected error.
-
-**/
-EFI_STATUS
-ReadFileContent (
- IN EFI_FILE_HANDLE FileHandle,
- IN OUT VOID **BufferPtr,
- OUT UINTN *FileSize,
- IN UINTN AddtionAllocateSize
- )
-
-{
- UINTN BufferSize;
- UINT64 SourceFileSize;
- VOID *Buffer;
- EFI_STATUS Status;
-
- if ((FileHandle == NULL) || (FileSize == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- Buffer = NULL;
-
- //
- // Get the file size
- //
- Status = FileHandle->SetPosition (FileHandle, (UINT64) -1);
- if (EFI_ERROR (Status)) {
- goto ON_EXIT;
- }
-
- Status = FileHandle->GetPosition (FileHandle, &SourceFileSize);
- if (EFI_ERROR (Status)) {
- goto ON_EXIT;
- }
-
- Status = FileHandle->SetPosition (FileHandle, 0);
- if (EFI_ERROR (Status)) {
- goto ON_EXIT;
- }
-
- BufferSize = (UINTN) SourceFileSize + AddtionAllocateSize;
- Buffer = AllocateZeroPool(BufferSize);
- if (Buffer == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- BufferSize = (UINTN) SourceFileSize;
- *FileSize = BufferSize;
-
- Status = FileHandle->Read (FileHandle, &BufferSize, Buffer);
- if (EFI_ERROR (Status) || BufferSize != *FileSize) {
- FreePool (Buffer);
- Buffer = NULL;
- Status = EFI_BAD_BUFFER_SIZE;
- goto ON_EXIT;
- }
-
-ON_EXIT:
-
- *BufferPtr = Buffer;
- return Status;
-}
-
-/**
- This function will open a file or directory referenced by DevicePath.
-
- This function opens a file with the open mode according to the file path. The
- Attributes is valid only for EFI_FILE_MODE_CREATE.
-
- @param[in, out] FilePath On input, the device path to the file.
- On output, the remaining device path.
- @param[out] FileHandle Pointer to the file handle.
- @param[in] OpenMode The mode to open the file with.
- @param[in] Attributes The file's file attributes.
-
- @retval EFI_SUCCESS The information was set.
- @retval EFI_INVALID_PARAMETER One of the parameters has an invalid value.
- @retval EFI_UNSUPPORTED Could not open the file path.
- @retval EFI_NOT_FOUND The specified file could not be found on the
- device or the file system could not be found on
- the device.
- @retval EFI_NO_MEDIA The device has no medium.
- @retval EFI_MEDIA_CHANGED The device has a different medium in it or the
- medium is no longer supported.
- @retval EFI_DEVICE_ERROR The device reported an error.
- @retval EFI_VOLUME_CORRUPTED The file system structures are corrupted.
- @retval EFI_WRITE_PROTECTED The file or medium is write protected.
- @retval EFI_ACCESS_DENIED The file was opened read only.
- @retval EFI_OUT_OF_RESOURCES Not enough resources were available to open the
- file.
- @retval EFI_VOLUME_FULL The volume is full.
-**/
-EFI_STATUS
-EFIAPI
-OpenFileByDevicePath (
- IN OUT EFI_DEVICE_PATH_PROTOCOL **FilePath,
- OUT EFI_FILE_HANDLE *FileHandle,
- IN UINT64 OpenMode,
- IN UINT64 Attributes
- )
-{
- EFI_STATUS Status;
- EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *EfiSimpleFileSystemProtocol;
- EFI_FILE_PROTOCOL *Handle1;
- EFI_FILE_PROTOCOL *Handle2;
- EFI_HANDLE DeviceHandle;
-
- if ((FilePath == NULL || FileHandle == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- Status = gBS->LocateDevicePath (
- &gEfiSimpleFileSystemProtocolGuid,
- FilePath,
- &DeviceHandle
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- Status = gBS->OpenProtocol(
- DeviceHandle,
- &gEfiSimpleFileSystemProtocolGuid,
- (VOID**)&EfiSimpleFileSystemProtocol,
- gImageHandle,
- NULL,
- EFI_OPEN_PROTOCOL_GET_PROTOCOL
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- Status = EfiSimpleFileSystemProtocol->OpenVolume(EfiSimpleFileSystemProtocol, &Handle1);
- if (EFI_ERROR (Status)) {
- FileHandle = NULL;
- return Status;
- }
-
- //
- // go down directories one node at a time.
- //
- while (!IsDevicePathEnd (*FilePath)) {
- //
- // For file system access each node should be a file path component
- //
- if (DevicePathType (*FilePath) != MEDIA_DEVICE_PATH ||
- DevicePathSubType (*FilePath) != MEDIA_FILEPATH_DP
- ) {
- FileHandle = NULL;
- return (EFI_INVALID_PARAMETER);
- }
- //
- // Open this file path node
- //
- Handle2 = Handle1;
- Handle1 = NULL;
-
- //
- // Try to test opening an existing file
- //
- Status = Handle2->Open (
- Handle2,
- &Handle1,
- ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,
- OpenMode &~EFI_FILE_MODE_CREATE,
- 0
- );
-
- //
- // see if the error was that it needs to be created
- //
- if ((EFI_ERROR (Status)) && (OpenMode != (OpenMode &~EFI_FILE_MODE_CREATE))) {
- Status = Handle2->Open (
- Handle2,
- &Handle1,
- ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,
- OpenMode,
- Attributes
- );
- }
- //
- // Close the last node
- //
- Handle2->Close (Handle2);
-
- if (EFI_ERROR(Status)) {
- return (Status);
- }
-
- //
- // Get the next node
- //
- *FilePath = NextDevicePathNode (*FilePath);
- }
-
- //
- // This is a weak spot since if the undefined SHELL_FILE_HANDLE format changes this must change also!
- //
- *FileHandle = (VOID*)Handle1;
- return EFI_SUCCESS;
-}
-
-/**
- This function converts an input device structure to a Unicode string.
-
- @param[in] DevPath A pointer to the device path structure.
-
- @return A new allocated Unicode string that represents the device path.
-
-**/
-CHAR16 *
-EFIAPI
-DevicePathToStr (
- IN EFI_DEVICE_PATH_PROTOCOL *DevPath
- )
-{
- return ConvertDevicePathToText (
- DevPath,
- FALSE,
- TRUE
- );
-}
-
-
-/**
- Extract filename from device path. The returned buffer is allocated using AllocateCopyPool.
- The caller is responsible for freeing the allocated buffer using FreePool(). If return NULL
- means not enough memory resource.
-
- @param DevicePath Device path.
-
- @retval NULL Not enough memory resourece for AllocateCopyPool.
- @retval Other A new allocated string that represents the file name.
-
-**/
-CHAR16 *
-ExtractFileNameFromDevicePath (
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
- )
-{
- CHAR16 *String;
- CHAR16 *MatchString;
- CHAR16 *LastMatch;
- CHAR16 *FileName;
- UINTN Length;
-
- ASSERT(DevicePath != NULL);
-
- String = DevicePathToStr(DevicePath);
- MatchString = String;
- LastMatch = String;
- FileName = NULL;
-
- while(MatchString != NULL){
- LastMatch = MatchString + 1;
- MatchString = StrStr(LastMatch,L"\\");
- }
-
- Length = StrLen(LastMatch);
- FileName = AllocateCopyPool ((Length + 1) * sizeof(CHAR16), LastMatch);
- if (FileName != NULL) {
- *(FileName + Length) = 0;
- }
-
- FreePool(String);
-
- return FileName;
-}
-
-/**
- Enroll a new X509 certificate into Variable.
-
- @param[in] PrivateData The module's private data.
- @param[in] VariableName Variable name of CA database.
-
- @retval EFI_SUCCESS New X509 is enrolled successfully.
- @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
-
-**/
-EFI_STATUS
-EnrollX509toVariable (
- IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
- IN CHAR16 *VariableName
- )
-{
- EFI_STATUS Status;
- UINTN X509DataSize;
- VOID *X509Data;
- EFI_SIGNATURE_LIST *CACert;
- EFI_SIGNATURE_DATA *CACertData;
- VOID *Data;
- UINTN DataSize;
- UINTN SigDataSize;
- UINT32 Attr;
-
- X509DataSize = 0;
- SigDataSize = 0;
- DataSize = 0;
- X509Data = NULL;
- CACert = NULL;
- CACertData = NULL;
- Data = NULL;
-
- Status = ReadFileContent (
- Private->FileContext->FHandle,
- &X509Data,
- &X509DataSize,
- 0
- );
- if (EFI_ERROR (Status)) {
- goto ON_EXIT;
- }
- ASSERT (X509Data != NULL);
-
- SigDataSize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize;
-
- Data = AllocateZeroPool (SigDataSize);
- if (Data == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto ON_EXIT;
- }
-
- //
- // Fill Certificate Database parameters.
- //
- CACert = (EFI_SIGNATURE_LIST*) Data;
- CACert->SignatureListSize = (UINT32) SigDataSize;
- CACert->SignatureHeaderSize = 0;
- CACert->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);
- CopyGuid (&CACert->SignatureType, &gEfiCertX509Guid);
-
- CACertData = (EFI_SIGNATURE_DATA*) ((UINT8* ) CACert + sizeof (EFI_SIGNATURE_LIST));
- CopyGuid (&CACertData->SignatureOwner, Private->CertGuid);
- CopyMem ((UINT8* ) (CACertData->SignatureData), X509Data, X509DataSize);
-
- //
- // Check if signature database entry has been already existed.
- // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
- // new signature data to original variable
- //
- Attr = TLS_AUTH_CONFIG_VAR_BASE_ATTR;
-
- Status = gRT->GetVariable(
- VariableName,
- &gEfiTlsCaCertificateGuid,
- NULL,
- &DataSize,
- NULL
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- Attr |= EFI_VARIABLE_APPEND_WRITE;
- } else if (Status != EFI_NOT_FOUND) {
- goto ON_EXIT;
- }
-
- Status = gRT->SetVariable(
- VariableName,
- &gEfiTlsCaCertificateGuid,
- Attr,
- SigDataSize,
- Data
- );
- if (EFI_ERROR (Status)) {
- goto ON_EXIT;
- }
-
-ON_EXIT:
-
- CloseFile (Private->FileContext->FHandle);
- if (Private->FileContext->FileName != NULL) {
- FreePool(Private->FileContext->FileName);
- Private->FileContext->FileName = NULL;
- }
-
- Private->FileContext->FHandle = NULL;
-
- if (Private->CertGuid != NULL) {
- FreePool (Private->CertGuid);
- Private->CertGuid = NULL;
- }
-
- if (Data != NULL) {
- FreePool (Data);
- }
-
- if (X509Data != NULL) {
- FreePool (X509Data);
- }
-
- return Status;
-}
-
-/**
- Enroll Cert into TlsCaCertificate. The GUID will be Private->CertGuid.
-
- @param[in] PrivateData The module's private data.
- @param[in] VariableName Variable name of signature database.
-
- @retval EFI_SUCCESS New Cert enrolled successfully.
- @retval EFI_INVALID_PARAMETER The parameter is invalid.
- @retval EFI_UNSUPPORTED The Cert file is unsupported type.
- @retval others Fail to enroll Cert data.
-
-**/
-EFI_STATUS
-EnrollCertDatabase (
- IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
- IN CHAR16 *VariableName
- )
-{
- UINT16* FilePostFix;
- UINTN NameLength;
-
- if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->CertGuid == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Parse the file's postfix.
- //
- NameLength = StrLen (Private->FileContext->FileName);
- if (NameLength <= 4) {
- return EFI_INVALID_PARAMETER;
- }
- FilePostFix = Private->FileContext->FileName + NameLength - 4;
-
- if (IsDerPemEncodeCertificate (FilePostFix)) {
- //
- // Supports DER-encoded X509 certificate.
- //
- return EnrollX509toVariable (Private, VariableName);
- }
-
- return EFI_UNSUPPORTED;
-}
-
-/**
- Refresh the global UpdateData structure.
-
-**/
-VOID
-RefreshUpdateData (
- VOID
- )
-{
- //
- // Free current updated date
- //
- if (mStartOpCodeHandle != NULL) {
- HiiFreeOpCodeHandle (mStartOpCodeHandle);
- }
-
- //
- // Create new OpCode Handle
- //
- mStartOpCodeHandle = HiiAllocateOpCodeHandle ();
-
- //
- // Create Hii Extend Label OpCode as the start opcode
- //
- mStartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- mStartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
-}
-
-/**
- Clean up the dynamic opcode at label and form specified by both LabelId.
-
- @param[in] LabelId It is both the Form ID and Label ID for opcode deletion.
- @param[in] PrivateData Module private data.
-
-**/
-VOID
-CleanUpPage (
- IN UINT16 LabelId,
- IN TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData
- )
-{
- RefreshUpdateData ();
-
- //
- // Remove all op-codes from dynamic page
- //
- mStartLabel->Number = LabelId;
- HiiUpdateForm (
- PrivateData->RegisteredHandle,
- &gTlsAuthConfigGuid,
- LabelId,
- mStartOpCodeHandle, // Label LabelId
- mEndOpCodeHandle // LABEL_END
- );
-}
-
-/**
- Update the form base on the selected file.
-
- @param FilePath Point to the file path.
- @param FormId The form need to display.
-
- @retval TRUE Exit caller function.
- @retval FALSE Not exit caller function.
-
-**/
-BOOLEAN
-UpdatePage(
- IN EFI_DEVICE_PATH_PROTOCOL *FilePath,
- IN EFI_FORM_ID FormId
- )
-{
- CHAR16 *FileName;
- EFI_STRING_ID StringToken;
-
- FileName = NULL;
-
- if (FilePath != NULL) {
- FileName = ExtractFileNameFromDevicePath(FilePath);
- }
- if (FileName == NULL) {
- //
- // FileName = NULL has two case:
- // 1. FilePath == NULL, not select file.
- // 2. FilePath != NULL, but ExtractFileNameFromDevicePath return NULL not enough memory resource.
- // In these two case, no need to update the form, and exit the caller function.
- //
- return TRUE;
- }
- StringToken = HiiSetString (mTlsAuthPrivateData->RegisteredHandle, 0, FileName, NULL);
-
- mTlsAuthPrivateData->FileContext->FileName = FileName;
-
- OpenFileByDevicePath (
- &FilePath,
- &mTlsAuthPrivateData->FileContext->FHandle,
- EFI_FILE_MODE_READ,
- 0
- );
- //
- // Create Subtitle op-code for the display string of the option.
- //
- RefreshUpdateData ();
- mStartLabel->Number = FormId;
-
- HiiCreateSubTitleOpCode (
- mStartOpCodeHandle,
- StringToken,
- 0,
- 0,
- 0
- );
-
- HiiUpdateForm (
- mTlsAuthPrivateData->RegisteredHandle,
- &gTlsAuthConfigGuid,
- FormId,
- mStartOpCodeHandle, /// Label FormId
- mEndOpCodeHandle /// LABEL_END
- );
-
- return TRUE;
-}
-
-/**
- Update the form base on the input file path info.
-
- @param FilePath Point to the file path.
-
- @retval TRUE Exit caller function.
- @retval FALSE Not exit caller function.
-**/
-BOOLEAN
-UpdateCAFromFile (
- IN EFI_DEVICE_PATH_PROTOCOL *FilePath
- )
-{
- return UpdatePage(FilePath, TLS_AUTH_CONFIG_FORMID4_FORM);
-}
-
-/**
- Unload the configuration form, this includes: delete all the configuration
- entries, uninstall the form callback protocol, and free the resources used.
-
- @param[in] Private Pointer to the driver private data.
-
- @retval EFI_SUCCESS The configuration form is unloaded.
- @retval Others Failed to unload the form.
-
-**/
-EFI_STATUS
-TlsAuthConfigFormUnload (
- IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
- )
-{
- if (Private->DriverHandle != NULL) {
- //
- // Uninstall EFI_HII_CONFIG_ACCESS_PROTOCOL
- //
- gBS->UninstallMultipleProtocolInterfaces (
- Private->DriverHandle,
- &gEfiDevicePathProtocolGuid,
- &mTlsAuthConfigHiiVendorDevicePath,
- &gEfiHiiConfigAccessProtocolGuid,
- &Private->ConfigAccess,
- NULL
- );
- Private->DriverHandle = NULL;
- }
-
- if (Private->RegisteredHandle != NULL) {
- //
- // Remove HII package list
- //
- HiiRemovePackages (Private->RegisteredHandle);
- Private->RegisteredHandle = NULL;
- }
-
- if (Private->CertGuid != NULL) {
- FreePool (Private->CertGuid);
- }
-
- if (Private->FileContext != NULL) {
- FreePool (Private->FileContext);
- }
-
- FreePool (Private);
-
- if (mStartOpCodeHandle != NULL) {
- HiiFreeOpCodeHandle (mStartOpCodeHandle);
- }
-
- if (mEndOpCodeHandle != NULL) {
- HiiFreeOpCodeHandle (mEndOpCodeHandle);
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Initialize the configuration form.
-
- @param[in] Private Pointer to the driver private data.
-
- @retval EFI_SUCCESS The configuration form is initialized.
- @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
-
-**/
-EFI_STATUS
-TlsAuthConfigFormInit (
- IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
- )
-{
- EFI_STATUS Status;
-
- Private->Signature = TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE;
-
- Private->ConfigAccess.ExtractConfig = TlsAuthConfigAccessExtractConfig;
- Private->ConfigAccess.RouteConfig = TlsAuthConfigAccessRouteConfig;
- Private->ConfigAccess.Callback = TlsAuthConfigAccessCallback;
-
- //
- // Install Device Path Protocol and Config Access protocol to driver handle.
- //
- Status = gBS->InstallMultipleProtocolInterfaces (
- &Private->DriverHandle,
- &gEfiDevicePathProtocolGuid,
- &mTlsAuthConfigHiiVendorDevicePath,
- &gEfiHiiConfigAccessProtocolGuid,
- &Private->ConfigAccess,
- NULL
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Publish our HII data.
- //
- Private->RegisteredHandle = HiiAddPackages (
- &gTlsAuthConfigGuid,
- Private->DriverHandle,
- TlsAuthConfigDxeStrings,
- TlsAuthConfigVfrBin,
- NULL
- );
- if (Private->RegisteredHandle == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto Error;
- }
-
- Private->FileContext = AllocateZeroPool (sizeof (TLS_AUTH_CONFIG_FILE_CONTEXT));
- if (Private->FileContext == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto Error;
- }
-
- //
- // Init OpCode Handle and Allocate space for creation of Buffer
- //
- mStartOpCodeHandle = HiiAllocateOpCodeHandle ();
- if (mStartOpCodeHandle == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto Error;
- }
-
- mEndOpCodeHandle = HiiAllocateOpCodeHandle ();
- if (mEndOpCodeHandle == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- goto Error;
- }
-
- //
- // Create Hii Extend Label OpCode as the start opcode
- //
- mStartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- mStartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
-
- //
- // Create Hii Extend Label OpCode as the end opcode
- //
- mEndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- mEndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- mEndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- mEndLabel->Number = LABEL_END;
-
- return EFI_SUCCESS;
-
-Error:
- TlsAuthConfigFormUnload (Private);
- return Status;
-}
-
-/**
-
- This function allows the caller to request the current
- configuration for one or more named elements. The resulting
- string is in <ConfigAltResp> format. Any and all alternative
- configuration strings shall also be appended to the end of the
- current configuration string. If they are, they must appear
- after the current configuration. They must contain the same
- routing (GUID, NAME, PATH) as the current configuration string.
- They must have an additional description indicating the type of
- alternative configuration the string represents,
- "ALTCFG=<StringToken>". That <StringToken> (when
- converted from Hex UNICODE to binary) is a reference to a
- string in the associated string pack.
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
-
- @param Request A null-terminated Unicode string in
- <ConfigRequest> format. Note that this
- includes the routing information as well as
- the configurable name / value pairs. It is
- invalid for this string to be in
- <MultiConfigRequest> format.
- If a NULL is passed in for the Request field,
- all of the settings being abstracted by this function
- will be returned in the Results field. In addition,
- if a ConfigHdr is passed in with no request elements,
- all of the settings being abstracted for that particular
- ConfigHdr reference will be returned in the Results Field.
-
- @param Progress On return, points to a character in the
- Request string. Points to the string's null
- terminator if request was successful. Points
- to the most recent "&" before the first
- failing name / value pair (or the beginning
- of the string if the failure is in the first
- name / value pair) if the request was not
- successful.
-
- @param Results A null-terminated Unicode string in
- <MultiConfigAltResp> format which has all values
- filled in for the names in the Request string.
- String to be allocated by the called function.
-
- @retval EFI_SUCCESS The Results string is filled with the
- values corresponding to all requested
- names.
-
- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
- parts of the results that must be
- stored awaiting possible future
- protocols.
-
- @retval EFI_NOT_FOUND Routing data doesn't match any
- known driver. Progress set to the
- first character in the routing header.
- Note: There is no requirement that the
- driver validate the routing data. It
- must skip the <ConfigHdr> in order to
- process the names.
-
- @retval EFI_INVALID_PARAMETER Illegal syntax. Progress set
- to most recent "&" before the
- error or the beginning of the
- string.
-
- @retval EFI_INVALID_PARAMETER Unknown name. Progress points
- to the & before the name in
- question.
-
-**/
-EFI_STATUS
-EFIAPI
-TlsAuthConfigAccessExtractConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Request,
- OUT EFI_STRING *Progress,
- OUT EFI_STRING *Results
- )
-{
- EFI_STATUS Status;
- UINTN BufferSize;
- UINTN Size;
- EFI_STRING ConfigRequest;
- EFI_STRING ConfigRequestHdr;
- TLS_AUTH_CONFIG_PRIVATE_DATA *Private;
- BOOLEAN AllocatedRequest;
-
- if (Progress == NULL || Results == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- AllocatedRequest = FALSE;
- ConfigRequestHdr = NULL;
- ConfigRequest = NULL;
- Size = 0;
-
- Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);
-
- BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
- ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);
-
- *Progress = Request;
-
- if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {
- return EFI_NOT_FOUND;
- }
-
- ConfigRequest = Request;
- if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {
- //
- // Request is set to NULL or OFFSET is NULL, construct full request string.
- //
- // Allocate and fill a buffer large enough to hold the <ConfigHdr> template
- // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
- //
- ConfigRequestHdr = HiiConstructConfigHdr (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, Private->DriverHandle);
- Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);
- ConfigRequest = AllocateZeroPool (Size);
- ASSERT (ConfigRequest != NULL);
- AllocatedRequest = TRUE;
- UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize);
- FreePool (ConfigRequestHdr);
- ConfigRequestHdr = NULL;
- }
-
- Status = gHiiConfigRouting->BlockToConfig (
- gHiiConfigRouting,
- ConfigRequest,
- (UINT8 *) &Private->TlsAuthConfigNvData,
- BufferSize,
- Results,
- Progress
- );
-
- //
- // Free the allocated config request string.
- //
- if (AllocatedRequest) {
- FreePool (ConfigRequest);
- }
-
- //
- // Set Progress string to the original request string.
- //
- if (Request == NULL) {
- *Progress = NULL;
- } else if (StrStr (Request, L"OFFSET") == NULL) {
- *Progress = Request + StrLen (Request);
- }
-
- return Status;
-}
-
-/**
-
- This function applies changes in a driver's configuration.
- Input is a Configuration, which has the routing data for this
- driver followed by name / value configuration pairs. The driver
- must apply those pairs to its configurable storage. If the
- driver's configuration is stored in a linear block of data
- and the driver's name / value pairs are in <BlockConfig>
- format, it may use the ConfigToBlock helper function (above) to
- simplify the job.
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
-
- @param Configuration A null-terminated Unicode string in
- <ConfigString> format.
-
- @param Progress A pointer to a string filled in with the
- offset of the most recent '&' before the
- first failing name / value pair (or the
- beginn ing of the string if the failure
- is in the first name / value pair) or
- the terminating NULL if all was
- successful.
-
- @retval EFI_SUCCESS The results have been distributed or are
- awaiting distribution.
-
- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
- parts of the results that must be
- stored awaiting possible future
- protocols.
-
- @retval EFI_INVALID_PARAMETERS Passing in a NULL for the
- Results parameter would result
- in this type of error.
-
- @retval EFI_NOT_FOUND Target for the specified routing data
- was not found
-
-**/
-EFI_STATUS
-EFIAPI
-TlsAuthConfigAccessRouteConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Configuration,
- OUT EFI_STRING *Progress
- )
-{
- EFI_STATUS Status;
- UINTN BufferSize;
- TLS_AUTH_CONFIG_PRIVATE_DATA *Private;
-
- if (Progress == NULL) {
- return EFI_INVALID_PARAMETER;
- }
- *Progress = Configuration;
-
- if (Configuration == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check routing data in <ConfigHdr>.
- // Note: there is no name for Name/Value storage, only GUID will be checked
- //
- if (!HiiIsConfigHdrMatch (Configuration, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {
- return EFI_NOT_FOUND;
- }
-
- Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);
-
- BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
- ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);
-
- Status = gHiiConfigRouting->ConfigToBlock (
- gHiiConfigRouting,
- Configuration,
- (UINT8 *) &Private->TlsAuthConfigNvData,
- &BufferSize,
- Progress
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- return Status;
-}
-
-/**
-
- This function is called to provide results data to the driver.
- This data consists of a unique key that is used to identify
- which data is either being passed back or being asked for.
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Action Specifies the type of action taken by the browser.
- @param QuestionId A unique value which is sent to the original
- exporting driver so that it can identify the type
- of data to expect. The format of the data tends to
- vary based on the opcode that generated the callback.
- @param Type The type of value for the question.
- @param Value A pointer to the data being sent to the original
- exporting driver.
- @param ActionRequest On return, points to the action requested by the
- callback function.
-
- @retval EFI_SUCCESS The callback successfully handled the action.
- @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
- variable and its data.
- @retval EFI_DEVICE_ERROR The variable could not be saved.
- @retval EFI_UNSUPPORTED The specified Action is not supported by the
- callback.
-**/
-EFI_STATUS
-EFIAPI
-TlsAuthConfigAccessCallback (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN EFI_BROWSER_ACTION Action,
- IN EFI_QUESTION_ID QuestionId,
- IN UINT8 Type,
- IN OUT EFI_IFR_TYPE_VALUE *Value,
- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
- )
-{
- EFI_INPUT_KEY Key;
- EFI_STATUS Status;
- TLS_AUTH_CONFIG_PRIVATE_DATA *Private;
- UINTN BufferSize;
- TLS_AUTH_CONFIG_IFR_NVDATA *IfrNvData;
- UINT16 LabelId;
- EFI_DEVICE_PATH_PROTOCOL *File;
-
- Status = EFI_SUCCESS;
- File = NULL;
-
- if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);
-
- mTlsAuthPrivateData = Private;
-
- //
- // Retrieve uncommitted data from Browser
- //
- BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
- IfrNvData = AllocateZeroPool (BufferSize);
- if (IfrNvData == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- HiiGetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8 *) IfrNvData);
-
- if ((Action != EFI_BROWSER_ACTION_CHANGED) &&
- (Action != EFI_BROWSER_ACTION_CHANGING)) {
- Status = EFI_UNSUPPORTED;
- goto EXIT;
- }
-
- if (Action == EFI_BROWSER_ACTION_CHANGING) {
- switch (QuestionId) {
- case KEY_TLS_AUTH_CONFIG_CLIENT_CERT:
- case KEY_TLS_AUTH_CONFIG_SERVER_CA:
- //
- // Clear Cert GUID.
- //
- ZeroMem (IfrNvData->CertGuid, sizeof (IfrNvData->CertGuid));
- if (Private->CertGuid == NULL) {
- Private->CertGuid = (EFI_GUID *) AllocateZeroPool (sizeof (EFI_GUID));
- if (Private->CertGuid == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- }
- if (QuestionId == KEY_TLS_AUTH_CONFIG_CLIENT_CERT) {
- LabelId = TLS_AUTH_CONFIG_FORMID3_FORM;
- } else {
- LabelId = TLS_AUTH_CONFIG_FORMID4_FORM;
- }
-
- //
- // Refresh selected file.
- //
- CleanUpPage (LabelId, Private);
- break;
- case KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE:
- ChooseFile( NULL, NULL, (CHOOSE_HANDLER) UpdateCAFromFile, &File);
- break;
-
- case KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT:
- Status = EnrollCertDatabase (Private, EFI_TLS_CA_CERTIFICATE_VARIABLE);
- if (EFI_ERROR (Status)) {
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"ERROR: Enroll Cert Failure!",
- NULL
- );
- }
- break;
-
- case KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT:
- if (Private->FileContext->FHandle != NULL) {
- CloseFile (Private->FileContext->FHandle);
- Private->FileContext->FHandle = NULL;
- if (Private->FileContext->FileName!= NULL){
- FreePool(Private->FileContext->FileName);
- Private->FileContext->FileName = NULL;
- }
- }
-
- if (Private->CertGuid!= NULL) {
- FreePool (Private->CertGuid);
- Private->CertGuid = NULL;
- }
- break;
-
- case KEY_TLS_AUTH_CONFIG_DELETE_CERT:
- UpdateDeletePage (
- Private,
- EFI_TLS_CA_CERTIFICATE_VARIABLE,
- &gEfiTlsCaCertificateGuid,
- LABEL_CA_DELETE,
- TLS_AUTH_CONFIG_FORMID5_FORM,
- OPTION_DEL_CA_ESTION_ID
- );
- break;
-
- default:
- if ((QuestionId >= OPTION_DEL_CA_ESTION_ID) &&
- (QuestionId < (OPTION_DEL_CA_ESTION_ID + OPTION_CONFIG_RANGE))) {
- DeleteCert (
- Private,
- EFI_TLS_CA_CERTIFICATE_VARIABLE,
- &gEfiTlsCaCertificateGuid,
- LABEL_CA_DELETE,
- TLS_AUTH_CONFIG_FORMID5_FORM,
- OPTION_DEL_CA_ESTION_ID,
- QuestionId - OPTION_DEL_CA_ESTION_ID
- );
- }
- break;
- }
- } else if (Action == EFI_BROWSER_ACTION_CHANGED) {
- switch (QuestionId) {
- case KEY_TLS_AUTH_CONFIG_CERT_GUID:
- ASSERT (Private->CertGuid != NULL);
- Status = StringToGuid (
- IfrNvData->CertGuid,
- StrLen (IfrNvData->CertGuid),
- Private->CertGuid
- );
- if (EFI_ERROR (Status)) {
- break;
- }
-
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
- break;
- default:
- break;
- }
- }
-
-EXIT:
-
- if (!EFI_ERROR (Status)) {
- BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
- HiiSetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8*) IfrNvData, NULL);
- }
-
- FreePool (IfrNvData);
-
- if (File != NULL){
- FreePool(File);
- File = NULL;
- }
-
- return EFI_SUCCESS;
-
-}
+/** @file\r
+ The Miscellaneous Routines for TlsAuthConfigDxe driver.\r
+\r
+Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>\r
+\r
+This program and the accompanying materials\r
+are licensed and made available under the terms and conditions of the BSD License\r
+which accompanies this distribution. The full text of the license may be found at\r
+http://opensource.org/licenses/bsd-license.php\r
+\r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+#include "TlsAuthConfigImpl.h"\r
+\r
+VOID *mStartOpCodeHandle = NULL;\r
+VOID *mEndOpCodeHandle = NULL;\r
+EFI_IFR_GUID_LABEL *mStartLabel = NULL;\r
+EFI_IFR_GUID_LABEL *mEndLabel = NULL;\r
+\r
+\r
+CHAR16 mTlsAuthConfigStorageName[] = L"TLS_AUTH_CONFIG_IFR_NVDATA";\r
+\r
+TLS_AUTH_CONFIG_PRIVATE_DATA *mTlsAuthPrivateData = NULL;\r
+\r
+HII_VENDOR_DEVICE_PATH mTlsAuthConfigHiiVendorDevicePath = {\r
+ {\r
+ {\r
+ HARDWARE_DEVICE_PATH,\r
+ HW_VENDOR_DP,\r
+ {\r
+ (UINT8) (sizeof (VENDOR_DEVICE_PATH)),\r
+ (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)\r
+ }\r
+ },\r
+ TLS_AUTH_CONFIG_GUID\r
+ },\r
+ {\r
+ END_DEVICE_PATH_TYPE,\r
+ END_ENTIRE_DEVICE_PATH_SUBTYPE,\r
+ {\r
+ (UINT8) (END_DEVICE_PATH_LENGTH),\r
+ (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)\r
+ }\r
+ }\r
+};\r
+\r
+//\r
+// Possible DER-encoded certificate file suffixes, end with NULL pointer.\r
+//\r
+CHAR16* mDerPemEncodedSuffix[] = {\r
+ L".cer",\r
+ L".der",\r
+ L".crt",\r
+ L".pem",\r
+ NULL\r
+};\r
+\r
+/**\r
+ This code checks if the FileSuffix is one of the possible DER/PEM-encoded certificate suffix.\r
+\r
+ @param[in] FileSuffix The suffix of the input certificate file\r
+\r
+ @retval TRUE It's a DER/PEM-encoded certificate.\r
+ @retval FALSE It's NOT a DER/PEM-encoded certificate.\r
+\r
+**/\r
+BOOLEAN\r
+IsDerPemEncodeCertificate (\r
+ IN CONST CHAR16 *FileSuffix\r
+)\r
+{\r
+ UINTN Index;\r
+ for (Index = 0; mDerPemEncodedSuffix[Index] != NULL; Index++) {\r
+ if (StrCmp (FileSuffix, mDerPemEncodedSuffix[Index]) == 0) {\r
+ return TRUE;\r
+ }\r
+ }\r
+ return FALSE;\r
+}\r
+\r
+/**\r
+ Worker function that prints an EFI_GUID into specified Buffer.\r
+\r
+ @param[in] Guid Pointer to GUID to print.\r
+ @param[in] Buffer Buffer to print Guid into.\r
+ @param[in] BufferSize Size of Buffer.\r
+\r
+ @retval Number of characters printed.\r
+\r
+**/\r
+UINTN\r
+GuidToString (\r
+ IN EFI_GUID *Guid,\r
+ IN CHAR16 *Buffer,\r
+ IN UINTN BufferSize\r
+ )\r
+{\r
+ return UnicodeSPrint (\r
+ Buffer,\r
+ BufferSize,\r
+ L"%g",\r
+ Guid\r
+ );\r
+}\r
+\r
+/**\r
+ List all cert in specified database by GUID in the page\r
+ for user to select and delete as needed.\r
+\r
+ @param[in] PrivateData Module's private data.\r
+ @param[in] VariableName The variable name of the vendor's signature database.\r
+ @param[in] VendorGuid A unique identifier for the vendor.\r
+ @param[in] LabelNumber Label number to insert opcodes.\r
+ @param[in] FormId Form ID of current page.\r
+ @param[in] QuestionIdBase Base question id of the signature list.\r
+\r
+ @retval EFI_SUCCESS Success to update the signature list page\r
+ @retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.\r
+\r
+**/\r
+EFI_STATUS\r
+UpdateDeletePage (\r
+ IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN UINT16 LabelNumber,\r
+ IN EFI_FORM_ID FormId,\r
+ IN EFI_QUESTION_ID QuestionIdBase\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT32 Index;\r
+ UINTN CertCount;\r
+ UINTN GuidIndex;\r
+ VOID *StartOpCodeHandle;\r
+ VOID *EndOpCodeHandle;\r
+ EFI_IFR_GUID_LABEL *StartLabel;\r
+ EFI_IFR_GUID_LABEL *EndLabel;\r
+ UINTN DataSize;\r
+ UINT8 *Data;\r
+ EFI_SIGNATURE_LIST *CertList;\r
+ EFI_SIGNATURE_DATA *Cert;\r
+ UINT32 ItemDataSize;\r
+ CHAR16 *GuidStr;\r
+ EFI_STRING_ID GuidID;\r
+ EFI_STRING_ID Help;\r
+\r
+ Data = NULL;\r
+ CertList = NULL;\r
+ Cert = NULL;\r
+ GuidStr = NULL;\r
+ StartOpCodeHandle = NULL;\r
+ EndOpCodeHandle = NULL;\r
+\r
+ //\r
+ // Initialize the container for dynamic opcodes.\r
+ //\r
+ StartOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (StartOpCodeHandle == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ EndOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (EndOpCodeHandle == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Create Hii Extend Label OpCode.\r
+ //\r
+ StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ StartOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+ StartLabel->Number = LabelNumber;\r
+\r
+ EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ EndOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+ EndLabel->Number = LABEL_END;\r
+\r
+ //\r
+ // Read Variable.\r
+ //\r
+ DataSize = 0;\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);\r
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Data = (UINT8 *) AllocateZeroPool (DataSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ GuidStr = AllocateZeroPool (100);\r
+ if (GuidStr == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Enumerate all data.\r
+ //\r
+ ItemDataSize = (UINT32) DataSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) Data;\r
+ GuidIndex = 0;\r
+\r
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
+\r
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
+ Help = STRING_TOKEN (STR_CERT_TYPE_PCKS_GUID);\r
+ } else {\r
+ //\r
+ // The signature type is not supported in current implementation.\r
+ //\r
+ ItemDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ continue;\r
+ }\r
+\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ for (Index = 0; Index < CertCount; Index++) {\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList\r
+ + sizeof (EFI_SIGNATURE_LIST)\r
+ + CertList->SignatureHeaderSize\r
+ + Index * CertList->SignatureSize);\r
+ //\r
+ // Display GUID and help\r
+ //\r
+ GuidToString (&Cert->SignatureOwner, GuidStr, 100);\r
+ GuidID = HiiSetString (Private->RegisteredHandle, 0, GuidStr, NULL);\r
+ HiiCreateCheckBoxOpCode (\r
+ StartOpCodeHandle,\r
+ (EFI_QUESTION_ID) (QuestionIdBase + GuidIndex++),\r
+ 0,\r
+ 0,\r
+ GuidID,\r
+ Help,\r
+ EFI_IFR_FLAG_CALLBACK,\r
+ 0,\r
+ NULL\r
+ );\r
+ }\r
+\r
+ ItemDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ON_EXIT:\r
+ HiiUpdateForm (\r
+ Private->RegisteredHandle,\r
+ &gTlsAuthConfigGuid,\r
+ FormId,\r
+ StartOpCodeHandle,\r
+ EndOpCodeHandle\r
+ );\r
+\r
+ if (StartOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (StartOpCodeHandle);\r
+ }\r
+\r
+ if (EndOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (EndOpCodeHandle);\r
+ }\r
+\r
+ if (Data != NULL) {\r
+ FreePool (Data);\r
+ }\r
+\r
+ if (GuidStr != NULL) {\r
+ FreePool (GuidStr);\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Delete one entry from cert database.\r
+\r
+ @param[in] PrivateData Module's private data.\r
+ @param[in] VariableName The variable name of the database.\r
+ @param[in] VendorGuid A unique identifier for the vendor.\r
+ @param[in] LabelNumber Label number to insert opcodes.\r
+ @param[in] FormId Form ID of current page.\r
+ @param[in] QuestionIdBase Base question id of the cert list.\r
+ @param[in] DeleteIndex Cert index to delete.\r
+\r
+ @retval EFI_SUCCESS Delete siganture successfully.\r
+ @retval EFI_NOT_FOUND Can't find the signature item,\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+**/\r
+EFI_STATUS\r
+DeleteCert (\r
+ IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN UINT16 LabelNumber,\r
+ IN EFI_FORM_ID FormId,\r
+ IN EFI_QUESTION_ID QuestionIdBase,\r
+ IN UINTN DeleteIndex\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINTN DataSize;\r
+ UINT8 *Data;\r
+ UINT8 *OldData;\r
+ UINT32 Attr;\r
+ UINT32 Index;\r
+ EFI_SIGNATURE_LIST *CertList;\r
+ EFI_SIGNATURE_LIST *NewCertList;\r
+ EFI_SIGNATURE_DATA *Cert;\r
+ UINTN CertCount;\r
+ UINT32 Offset;\r
+ BOOLEAN IsItemFound;\r
+ UINT32 ItemDataSize;\r
+ UINTN GuidIndex;\r
+\r
+ Data = NULL;\r
+ OldData = NULL;\r
+ CertList = NULL;\r
+ Cert = NULL;\r
+ Attr = 0;\r
+\r
+ //\r
+ // Get original signature list data.\r
+ //\r
+ DataSize = 0;\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);\r
+ if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ OldData = (UINT8 *) AllocateZeroPool (DataSize);\r
+ if (OldData == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = gRT->GetVariable (VariableName, VendorGuid, &Attr, &DataSize, OldData);\r
+ if (EFI_ERROR(Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Allocate space for new variable.\r
+ //\r
+ Data = (UINT8*) AllocateZeroPool (DataSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Enumerate all data and erasing the target item.\r
+ //\r
+ IsItemFound = FALSE;\r
+ ItemDataSize = (UINT32) DataSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) OldData;\r
+ Offset = 0;\r
+ GuidIndex = 0;\r
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
+ if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {\r
+ //\r
+ // Copy EFI_SIGNATURE_LIST header then calculate the signature count in this list.\r
+ //\r
+ CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));\r
+ NewCertList = (EFI_SIGNATURE_LIST*) (Data + Offset);\r
+ Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ for (Index = 0; Index < CertCount; Index++) {\r
+ if (GuidIndex == DeleteIndex) {\r
+ //\r
+ // Find it! Skip it!\r
+ //\r
+ NewCertList->SignatureListSize -= CertList->SignatureSize;\r
+ IsItemFound = TRUE;\r
+ } else {\r
+ //\r
+ // This item doesn't match. Copy it to the Data buffer.\r
+ //\r
+ CopyMem (Data + Offset, (UINT8*)(Cert), CertList->SignatureSize);\r
+ Offset += CertList->SignatureSize;\r
+ }\r
+ GuidIndex++;\r
+ Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);\r
+ }\r
+ } else {\r
+ //\r
+ // This List doesn't match. Just copy it to the Data buffer.\r
+ //\r
+ CopyMem (Data + Offset, (UINT8*)(CertList), CertList->SignatureListSize);\r
+ Offset += CertList->SignatureListSize;\r
+ }\r
+\r
+ ItemDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ if (!IsItemFound) {\r
+ //\r
+ // Doesn't find the signature Item!\r
+ //\r
+ Status = EFI_NOT_FOUND;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Delete the EFI_SIGNATURE_LIST header if there is no signature in the list.\r
+ //\r
+ ItemDataSize = Offset;\r
+ CertList = (EFI_SIGNATURE_LIST *) Data;\r
+ Offset = 0;\r
+ ZeroMem (OldData, ItemDataSize);\r
+ while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {\r
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;\r
+ DEBUG ((DEBUG_INFO, " CertCount = %x\n", CertCount));\r
+ if (CertCount != 0) {\r
+ CopyMem (OldData + Offset, (UINT8*)(CertList), CertList->SignatureListSize);\r
+ Offset += CertList->SignatureListSize;\r
+ }\r
+ ItemDataSize -= CertList->SignatureListSize;\r
+ CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);\r
+ }\r
+\r
+ DataSize = Offset;\r
+\r
+ Status = gRT->SetVariable(\r
+ VariableName,\r
+ VendorGuid,\r
+ Attr,\r
+ DataSize,\r
+ OldData\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ON_EXIT:\r
+ if (Data != NULL) {\r
+ FreePool(Data);\r
+ }\r
+\r
+ if (OldData != NULL) {\r
+ FreePool(OldData);\r
+ }\r
+\r
+ return UpdateDeletePage (\r
+ Private,\r
+ VariableName,\r
+ VendorGuid,\r
+ LabelNumber,\r
+ FormId,\r
+ QuestionIdBase\r
+ );\r
+}\r
+\r
+\r
+/**\r
+ Close an open file handle.\r
+\r
+ @param[in] FileHandle The file handle to close.\r
+\r
+**/\r
+VOID\r
+CloseFile (\r
+ IN EFI_FILE_HANDLE FileHandle\r
+ )\r
+{\r
+ if (FileHandle != NULL) {\r
+ FileHandle->Close (FileHandle);\r
+ }\r
+}\r
+\r
+/**\r
+ Read file content into BufferPtr, the size of the allocate buffer\r
+ is *FileSize plus AddtionAllocateSize.\r
+\r
+ @param[in] FileHandle The file to be read.\r
+ @param[in, out] BufferPtr Pointers to the pointer of allocated buffer.\r
+ @param[out] FileSize Size of input file\r
+ @param[in] AddtionAllocateSize Addtion size the buffer need to be allocated.\r
+ In case the buffer need to contain others besides the file content.\r
+\r
+ @retval EFI_SUCCESS The file was read into the buffer.\r
+ @retval EFI_INVALID_PARAMETER A parameter was invalid.\r
+ @retval EFI_OUT_OF_RESOURCES A memory allocation failed.\r
+ @retval others Unexpected error.\r
+\r
+**/\r
+EFI_STATUS\r
+ReadFileContent (\r
+ IN EFI_FILE_HANDLE FileHandle,\r
+ IN OUT VOID **BufferPtr,\r
+ OUT UINTN *FileSize,\r
+ IN UINTN AddtionAllocateSize\r
+ )\r
+\r
+{\r
+ UINTN BufferSize;\r
+ UINT64 SourceFileSize;\r
+ VOID *Buffer;\r
+ EFI_STATUS Status;\r
+\r
+ if ((FileHandle == NULL) || (FileSize == NULL)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ Buffer = NULL;\r
+\r
+ //\r
+ // Get the file size\r
+ //\r
+ Status = FileHandle->SetPosition (FileHandle, (UINT64) -1);\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = FileHandle->GetPosition (FileHandle, &SourceFileSize);\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = FileHandle->SetPosition (FileHandle, 0);\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ BufferSize = (UINTN) SourceFileSize + AddtionAllocateSize;\r
+ Buffer = AllocateZeroPool(BufferSize);\r
+ if (Buffer == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ BufferSize = (UINTN) SourceFileSize;\r
+ *FileSize = BufferSize;\r
+\r
+ Status = FileHandle->Read (FileHandle, &BufferSize, Buffer);\r
+ if (EFI_ERROR (Status) || BufferSize != *FileSize) {\r
+ FreePool (Buffer);\r
+ Buffer = NULL;\r
+ Status = EFI_BAD_BUFFER_SIZE;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ON_EXIT:\r
+\r
+ *BufferPtr = Buffer;\r
+ return Status;\r
+}\r
+\r
+/**\r
+ This function will open a file or directory referenced by DevicePath.\r
+\r
+ This function opens a file with the open mode according to the file path. The\r
+ Attributes is valid only for EFI_FILE_MODE_CREATE.\r
+\r
+ @param[in, out] FilePath On input, the device path to the file.\r
+ On output, the remaining device path.\r
+ @param[out] FileHandle Pointer to the file handle.\r
+ @param[in] OpenMode The mode to open the file with.\r
+ @param[in] Attributes The file's file attributes.\r
+\r
+ @retval EFI_SUCCESS The information was set.\r
+ @retval EFI_INVALID_PARAMETER One of the parameters has an invalid value.\r
+ @retval EFI_UNSUPPORTED Could not open the file path.\r
+ @retval EFI_NOT_FOUND The specified file could not be found on the\r
+ device or the file system could not be found on\r
+ the device.\r
+ @retval EFI_NO_MEDIA The device has no medium.\r
+ @retval EFI_MEDIA_CHANGED The device has a different medium in it or the\r
+ medium is no longer supported.\r
+ @retval EFI_DEVICE_ERROR The device reported an error.\r
+ @retval EFI_VOLUME_CORRUPTED The file system structures are corrupted.\r
+ @retval EFI_WRITE_PROTECTED The file or medium is write protected.\r
+ @retval EFI_ACCESS_DENIED The file was opened read only.\r
+ @retval EFI_OUT_OF_RESOURCES Not enough resources were available to open the\r
+ file.\r
+ @retval EFI_VOLUME_FULL The volume is full.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+OpenFileByDevicePath (\r
+ IN OUT EFI_DEVICE_PATH_PROTOCOL **FilePath,\r
+ OUT EFI_FILE_HANDLE *FileHandle,\r
+ IN UINT64 OpenMode,\r
+ IN UINT64 Attributes\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *EfiSimpleFileSystemProtocol;\r
+ EFI_FILE_PROTOCOL *Handle1;\r
+ EFI_FILE_PROTOCOL *Handle2;\r
+ EFI_HANDLE DeviceHandle;\r
+\r
+ if ((FilePath == NULL || FileHandle == NULL)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ Status = gBS->LocateDevicePath (\r
+ &gEfiSimpleFileSystemProtocolGuid,\r
+ FilePath,\r
+ &DeviceHandle\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
+ Status = gBS->OpenProtocol(\r
+ DeviceHandle,\r
+ &gEfiSimpleFileSystemProtocolGuid,\r
+ (VOID**)&EfiSimpleFileSystemProtocol,\r
+ gImageHandle,\r
+ NULL,\r
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
+ Status = EfiSimpleFileSystemProtocol->OpenVolume(EfiSimpleFileSystemProtocol, &Handle1);\r
+ if (EFI_ERROR (Status)) {\r
+ FileHandle = NULL;\r
+ return Status;\r
+ }\r
+\r
+ //\r
+ // go down directories one node at a time.\r
+ //\r
+ while (!IsDevicePathEnd (*FilePath)) {\r
+ //\r
+ // For file system access each node should be a file path component\r
+ //\r
+ if (DevicePathType (*FilePath) != MEDIA_DEVICE_PATH ||\r
+ DevicePathSubType (*FilePath) != MEDIA_FILEPATH_DP\r
+ ) {\r
+ FileHandle = NULL;\r
+ return (EFI_INVALID_PARAMETER);\r
+ }\r
+ //\r
+ // Open this file path node\r
+ //\r
+ Handle2 = Handle1;\r
+ Handle1 = NULL;\r
+\r
+ //\r
+ // Try to test opening an existing file\r
+ //\r
+ Status = Handle2->Open (\r
+ Handle2,\r
+ &Handle1,\r
+ ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,\r
+ OpenMode &~EFI_FILE_MODE_CREATE,\r
+ 0\r
+ );\r
+\r
+ //\r
+ // see if the error was that it needs to be created\r
+ //\r
+ if ((EFI_ERROR (Status)) && (OpenMode != (OpenMode &~EFI_FILE_MODE_CREATE))) {\r
+ Status = Handle2->Open (\r
+ Handle2,\r
+ &Handle1,\r
+ ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,\r
+ OpenMode,\r
+ Attributes\r
+ );\r
+ }\r
+ //\r
+ // Close the last node\r
+ //\r
+ Handle2->Close (Handle2);\r
+\r
+ if (EFI_ERROR(Status)) {\r
+ return (Status);\r
+ }\r
+\r
+ //\r
+ // Get the next node\r
+ //\r
+ *FilePath = NextDevicePathNode (*FilePath);\r
+ }\r
+\r
+ //\r
+ // This is a weak spot since if the undefined SHELL_FILE_HANDLE format changes this must change also!\r
+ //\r
+ *FileHandle = (VOID*)Handle1;\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ This function converts an input device structure to a Unicode string.\r
+\r
+ @param[in] DevPath A pointer to the device path structure.\r
+\r
+ @return A new allocated Unicode string that represents the device path.\r
+\r
+**/\r
+CHAR16 *\r
+EFIAPI\r
+DevicePathToStr (\r
+ IN EFI_DEVICE_PATH_PROTOCOL *DevPath\r
+ )\r
+{\r
+ return ConvertDevicePathToText (\r
+ DevPath,\r
+ FALSE,\r
+ TRUE\r
+ );\r
+}\r
+\r
+\r
+/**\r
+ Extract filename from device path. The returned buffer is allocated using AllocateCopyPool.\r
+ The caller is responsible for freeing the allocated buffer using FreePool(). If return NULL\r
+ means not enough memory resource.\r
+\r
+ @param DevicePath Device path.\r
+\r
+ @retval NULL Not enough memory resourece for AllocateCopyPool.\r
+ @retval Other A new allocated string that represents the file name.\r
+\r
+**/\r
+CHAR16 *\r
+ExtractFileNameFromDevicePath (\r
+ IN EFI_DEVICE_PATH_PROTOCOL *DevicePath\r
+ )\r
+{\r
+ CHAR16 *String;\r
+ CHAR16 *MatchString;\r
+ CHAR16 *LastMatch;\r
+ CHAR16 *FileName;\r
+ UINTN Length;\r
+\r
+ ASSERT(DevicePath != NULL);\r
+\r
+ String = DevicePathToStr(DevicePath);\r
+ MatchString = String;\r
+ LastMatch = String;\r
+ FileName = NULL;\r
+\r
+ while(MatchString != NULL){\r
+ LastMatch = MatchString + 1;\r
+ MatchString = StrStr(LastMatch,L"\\");\r
+ }\r
+\r
+ Length = StrLen(LastMatch);\r
+ FileName = AllocateCopyPool ((Length + 1) * sizeof(CHAR16), LastMatch);\r
+ if (FileName != NULL) {\r
+ *(FileName + Length) = 0;\r
+ }\r
+\r
+ FreePool(String);\r
+\r
+ return FileName;\r
+}\r
+\r
+/**\r
+ Enroll a new X509 certificate into Variable.\r
+\r
+ @param[in] PrivateData The module's private data.\r
+ @param[in] VariableName Variable name of CA database.\r
+\r
+ @retval EFI_SUCCESS New X509 is enrolled successfully.\r
+ @retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollX509toVariable (\r
+ IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINTN X509DataSize;\r
+ VOID *X509Data;\r
+ EFI_SIGNATURE_LIST *CACert;\r
+ EFI_SIGNATURE_DATA *CACertData;\r
+ VOID *Data;\r
+ UINTN DataSize;\r
+ UINTN SigDataSize;\r
+ UINT32 Attr;\r
+\r
+ X509DataSize = 0;\r
+ SigDataSize = 0;\r
+ DataSize = 0;\r
+ X509Data = NULL;\r
+ CACert = NULL;\r
+ CACertData = NULL;\r
+ Data = NULL;\r
+\r
+ Status = ReadFileContent (\r
+ Private->FileContext->FHandle,\r
+ &X509Data,\r
+ &X509DataSize,\r
+ 0\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+ ASSERT (X509Data != NULL);\r
+\r
+ SigDataSize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize;\r
+\r
+ Data = AllocateZeroPool (SigDataSize);\r
+ if (Data == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ //\r
+ // Fill Certificate Database parameters.\r
+ //\r
+ CACert = (EFI_SIGNATURE_LIST*) Data;\r
+ CACert->SignatureListSize = (UINT32) SigDataSize;\r
+ CACert->SignatureHeaderSize = 0;\r
+ CACert->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);\r
+ CopyGuid (&CACert->SignatureType, &gEfiCertX509Guid);\r
+\r
+ CACertData = (EFI_SIGNATURE_DATA*) ((UINT8* ) CACert + sizeof (EFI_SIGNATURE_LIST));\r
+ CopyGuid (&CACertData->SignatureOwner, Private->CertGuid);\r
+ CopyMem ((UINT8* ) (CACertData->SignatureData), X509Data, X509DataSize);\r
+\r
+ //\r
+ // Check if signature database entry has been already existed.\r
+ // If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the\r
+ // new signature data to original variable\r
+ //\r
+ Attr = TLS_AUTH_CONFIG_VAR_BASE_ATTR;\r
+\r
+ Status = gRT->GetVariable(\r
+ VariableName,\r
+ &gEfiTlsCaCertificateGuid,\r
+ NULL,\r
+ &DataSize,\r
+ NULL\r
+ );\r
+ if (Status == EFI_BUFFER_TOO_SMALL) {\r
+ Attr |= EFI_VARIABLE_APPEND_WRITE;\r
+ } else if (Status != EFI_NOT_FOUND) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ Status = gRT->SetVariable(\r
+ VariableName,\r
+ &gEfiTlsCaCertificateGuid,\r
+ Attr,\r
+ SigDataSize,\r
+ Data\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ON_EXIT:\r
+\r
+ CloseFile (Private->FileContext->FHandle);\r
+ if (Private->FileContext->FileName != NULL) {\r
+ FreePool(Private->FileContext->FileName);\r
+ Private->FileContext->FileName = NULL;\r
+ }\r
+\r
+ Private->FileContext->FHandle = NULL;\r
+\r
+ if (Private->CertGuid != NULL) {\r
+ FreePool (Private->CertGuid);\r
+ Private->CertGuid = NULL;\r
+ }\r
+\r
+ if (Data != NULL) {\r
+ FreePool (Data);\r
+ }\r
+\r
+ if (X509Data != NULL) {\r
+ FreePool (X509Data);\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Enroll Cert into TlsCaCertificate. The GUID will be Private->CertGuid.\r
+\r
+ @param[in] PrivateData The module's private data.\r
+ @param[in] VariableName Variable name of signature database.\r
+\r
+ @retval EFI_SUCCESS New Cert enrolled successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
+ @retval EFI_UNSUPPORTED The Cert file is unsupported type.\r
+ @retval others Fail to enroll Cert data.\r
+\r
+**/\r
+EFI_STATUS\r
+EnrollCertDatabase (\r
+ IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,\r
+ IN CHAR16 *VariableName\r
+ )\r
+{\r
+ UINT16* FilePostFix;\r
+ UINTN NameLength;\r
+\r
+ if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->CertGuid == NULL)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ //\r
+ // Parse the file's postfix.\r
+ //\r
+ NameLength = StrLen (Private->FileContext->FileName);\r
+ if (NameLength <= 4) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ FilePostFix = Private->FileContext->FileName + NameLength - 4;\r
+\r
+ if (IsDerPemEncodeCertificate (FilePostFix)) {\r
+ //\r
+ // Supports DER-encoded X509 certificate.\r
+ //\r
+ return EnrollX509toVariable (Private, VariableName);\r
+ }\r
+\r
+ return EFI_UNSUPPORTED;\r
+}\r
+\r
+/**\r
+ Refresh the global UpdateData structure.\r
+\r
+**/\r
+VOID\r
+RefreshUpdateData (\r
+ VOID\r
+ )\r
+{\r
+ //\r
+ // Free current updated date\r
+ //\r
+ if (mStartOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (mStartOpCodeHandle);\r
+ }\r
+\r
+ //\r
+ // Create new OpCode Handle\r
+ //\r
+ mStartOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+\r
+ //\r
+ // Create Hii Extend Label OpCode as the start opcode\r
+ //\r
+ mStartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ mStartOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+}\r
+\r
+/**\r
+ Clean up the dynamic opcode at label and form specified by both LabelId.\r
+\r
+ @param[in] LabelId It is both the Form ID and Label ID for opcode deletion.\r
+ @param[in] PrivateData Module private data.\r
+\r
+**/\r
+VOID\r
+CleanUpPage (\r
+ IN UINT16 LabelId,\r
+ IN TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData\r
+ )\r
+{\r
+ RefreshUpdateData ();\r
+\r
+ //\r
+ // Remove all op-codes from dynamic page\r
+ //\r
+ mStartLabel->Number = LabelId;\r
+ HiiUpdateForm (\r
+ PrivateData->RegisteredHandle,\r
+ &gTlsAuthConfigGuid,\r
+ LabelId,\r
+ mStartOpCodeHandle, // Label LabelId\r
+ mEndOpCodeHandle // LABEL_END\r
+ );\r
+}\r
+\r
+/**\r
+ Update the form base on the selected file.\r
+\r
+ @param FilePath Point to the file path.\r
+ @param FormId The form need to display.\r
+\r
+ @retval TRUE Exit caller function.\r
+ @retval FALSE Not exit caller function.\r
+\r
+**/\r
+BOOLEAN\r
+UpdatePage(\r
+ IN EFI_DEVICE_PATH_PROTOCOL *FilePath,\r
+ IN EFI_FORM_ID FormId\r
+ )\r
+{\r
+ CHAR16 *FileName;\r
+ EFI_STRING_ID StringToken;\r
+\r
+ FileName = NULL;\r
+\r
+ if (FilePath != NULL) {\r
+ FileName = ExtractFileNameFromDevicePath(FilePath);\r
+ }\r
+ if (FileName == NULL) {\r
+ //\r
+ // FileName = NULL has two case:\r
+ // 1. FilePath == NULL, not select file.\r
+ // 2. FilePath != NULL, but ExtractFileNameFromDevicePath return NULL not enough memory resource.\r
+ // In these two case, no need to update the form, and exit the caller function.\r
+ //\r
+ return TRUE;\r
+ }\r
+ StringToken = HiiSetString (mTlsAuthPrivateData->RegisteredHandle, 0, FileName, NULL);\r
+\r
+ mTlsAuthPrivateData->FileContext->FileName = FileName;\r
+\r
+ OpenFileByDevicePath (\r
+ &FilePath,\r
+ &mTlsAuthPrivateData->FileContext->FHandle,\r
+ EFI_FILE_MODE_READ,\r
+ 0\r
+ );\r
+ //\r
+ // Create Subtitle op-code for the display string of the option.\r
+ //\r
+ RefreshUpdateData ();\r
+ mStartLabel->Number = FormId;\r
+\r
+ HiiCreateSubTitleOpCode (\r
+ mStartOpCodeHandle,\r
+ StringToken,\r
+ 0,\r
+ 0,\r
+ 0\r
+ );\r
+\r
+ HiiUpdateForm (\r
+ mTlsAuthPrivateData->RegisteredHandle,\r
+ &gTlsAuthConfigGuid,\r
+ FormId,\r
+ mStartOpCodeHandle, /// Label FormId\r
+ mEndOpCodeHandle /// LABEL_END\r
+ );\r
+\r
+ return TRUE;\r
+}\r
+\r
+/**\r
+ Update the form base on the input file path info.\r
+\r
+ @param FilePath Point to the file path.\r
+\r
+ @retval TRUE Exit caller function.\r
+ @retval FALSE Not exit caller function.\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+UpdateCAFromFile (\r
+ IN EFI_DEVICE_PATH_PROTOCOL *FilePath\r
+ )\r
+{\r
+ return UpdatePage(FilePath, TLS_AUTH_CONFIG_FORMID4_FORM);\r
+}\r
+\r
+/**\r
+ Unload the configuration form, this includes: delete all the configuration\r
+ entries, uninstall the form callback protocol, and free the resources used.\r
+\r
+ @param[in] Private Pointer to the driver private data.\r
+\r
+ @retval EFI_SUCCESS The configuration form is unloaded.\r
+ @retval Others Failed to unload the form.\r
+\r
+**/\r
+EFI_STATUS\r
+TlsAuthConfigFormUnload (\r
+ IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private\r
+ )\r
+{\r
+ if (Private->DriverHandle != NULL) {\r
+ //\r
+ // Uninstall EFI_HII_CONFIG_ACCESS_PROTOCOL\r
+ //\r
+ gBS->UninstallMultipleProtocolInterfaces (\r
+ Private->DriverHandle,\r
+ &gEfiDevicePathProtocolGuid,\r
+ &mTlsAuthConfigHiiVendorDevicePath,\r
+ &gEfiHiiConfigAccessProtocolGuid,\r
+ &Private->ConfigAccess,\r
+ NULL\r
+ );\r
+ Private->DriverHandle = NULL;\r
+ }\r
+\r
+ if (Private->RegisteredHandle != NULL) {\r
+ //\r
+ // Remove HII package list\r
+ //\r
+ HiiRemovePackages (Private->RegisteredHandle);\r
+ Private->RegisteredHandle = NULL;\r
+ }\r
+\r
+ if (Private->CertGuid != NULL) {\r
+ FreePool (Private->CertGuid);\r
+ }\r
+\r
+ if (Private->FileContext != NULL) {\r
+ FreePool (Private->FileContext);\r
+ }\r
+\r
+ FreePool (Private);\r
+\r
+ if (mStartOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (mStartOpCodeHandle);\r
+ }\r
+\r
+ if (mEndOpCodeHandle != NULL) {\r
+ HiiFreeOpCodeHandle (mEndOpCodeHandle);\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+\r
+/**\r
+ Initialize the configuration form.\r
+\r
+ @param[in] Private Pointer to the driver private data.\r
+\r
+ @retval EFI_SUCCESS The configuration form is initialized.\r
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.\r
+\r
+**/\r
+EFI_STATUS\r
+TlsAuthConfigFormInit (\r
+ IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+\r
+ Private->Signature = TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE;\r
+\r
+ Private->ConfigAccess.ExtractConfig = TlsAuthConfigAccessExtractConfig;\r
+ Private->ConfigAccess.RouteConfig = TlsAuthConfigAccessRouteConfig;\r
+ Private->ConfigAccess.Callback = TlsAuthConfigAccessCallback;\r
+\r
+ //\r
+ // Install Device Path Protocol and Config Access protocol to driver handle.\r
+ //\r
+ Status = gBS->InstallMultipleProtocolInterfaces (\r
+ &Private->DriverHandle,\r
+ &gEfiDevicePathProtocolGuid,\r
+ &mTlsAuthConfigHiiVendorDevicePath,\r
+ &gEfiHiiConfigAccessProtocolGuid,\r
+ &Private->ConfigAccess,\r
+ NULL\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
+ //\r
+ // Publish our HII data.\r
+ //\r
+ Private->RegisteredHandle = HiiAddPackages (\r
+ &gTlsAuthConfigGuid,\r
+ Private->DriverHandle,\r
+ TlsAuthConfigDxeStrings,\r
+ TlsAuthConfigVfrBin,\r
+ NULL\r
+ );\r
+ if (Private->RegisteredHandle == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Error;\r
+ }\r
+\r
+ Private->FileContext = AllocateZeroPool (sizeof (TLS_AUTH_CONFIG_FILE_CONTEXT));\r
+ if (Private->FileContext == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Error;\r
+ }\r
+\r
+ //\r
+ // Init OpCode Handle and Allocate space for creation of Buffer\r
+ //\r
+ mStartOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (mStartOpCodeHandle == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Error;\r
+ }\r
+\r
+ mEndOpCodeHandle = HiiAllocateOpCodeHandle ();\r
+ if (mEndOpCodeHandle == NULL) {\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto Error;\r
+ }\r
+\r
+ //\r
+ // Create Hii Extend Label OpCode as the start opcode\r
+ //\r
+ mStartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ mStartOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+\r
+ //\r
+ // Create Hii Extend Label OpCode as the end opcode\r
+ //\r
+ mEndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (\r
+ mEndOpCodeHandle,\r
+ &gEfiIfrTianoGuid,\r
+ NULL,\r
+ sizeof (EFI_IFR_GUID_LABEL)\r
+ );\r
+ mEndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;\r
+ mEndLabel->Number = LABEL_END;\r
+\r
+ return EFI_SUCCESS;\r
+\r
+Error:\r
+ TlsAuthConfigFormUnload (Private);\r
+ return Status;\r
+}\r
+\r
+/**\r
+\r
+ This function allows the caller to request the current\r
+ configuration for one or more named elements. The resulting\r
+ string is in <ConfigAltResp> format. Any and all alternative\r
+ configuration strings shall also be appended to the end of the\r
+ current configuration string. If they are, they must appear\r
+ after the current configuration. They must contain the same\r
+ routing (GUID, NAME, PATH) as the current configuration string.\r
+ They must have an additional description indicating the type of\r
+ alternative configuration the string represents,\r
+ "ALTCFG=<StringToken>". That <StringToken> (when\r
+ converted from Hex UNICODE to binary) is a reference to a\r
+ string in the associated string pack.\r
+\r
+ @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
+\r
+ @param Request A null-terminated Unicode string in\r
+ <ConfigRequest> format. Note that this\r
+ includes the routing information as well as\r
+ the configurable name / value pairs. It is\r
+ invalid for this string to be in\r
+ <MultiConfigRequest> format.\r
+ If a NULL is passed in for the Request field,\r
+ all of the settings being abstracted by this function\r
+ will be returned in the Results field. In addition,\r
+ if a ConfigHdr is passed in with no request elements,\r
+ all of the settings being abstracted for that particular\r
+ ConfigHdr reference will be returned in the Results Field.\r
+\r
+ @param Progress On return, points to a character in the\r
+ Request string. Points to the string's null\r
+ terminator if request was successful. Points\r
+ to the most recent "&" before the first\r
+ failing name / value pair (or the beginning\r
+ of the string if the failure is in the first\r
+ name / value pair) if the request was not\r
+ successful.\r
+\r
+ @param Results A null-terminated Unicode string in\r
+ <MultiConfigAltResp> format which has all values\r
+ filled in for the names in the Request string.\r
+ String to be allocated by the called function.\r
+\r
+ @retval EFI_SUCCESS The Results string is filled with the\r
+ values corresponding to all requested\r
+ names.\r
+\r
+ @retval EFI_OUT_OF_RESOURCES Not enough memory to store the\r
+ parts of the results that must be\r
+ stored awaiting possible future\r
+ protocols.\r
+\r
+ @retval EFI_NOT_FOUND Routing data doesn't match any\r
+ known driver. Progress set to the\r
+ first character in the routing header.\r
+ Note: There is no requirement that the\r
+ driver validate the routing data. It\r
+ must skip the <ConfigHdr> in order to\r
+ process the names.\r
+\r
+ @retval EFI_INVALID_PARAMETER Illegal syntax. Progress set\r
+ to most recent "&" before the\r
+ error or the beginning of the\r
+ string.\r
+\r
+ @retval EFI_INVALID_PARAMETER Unknown name. Progress points\r
+ to the & before the name in\r
+ question.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+TlsAuthConfigAccessExtractConfig (\r
+ IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,\r
+ IN CONST EFI_STRING Request,\r
+ OUT EFI_STRING *Progress,\r
+ OUT EFI_STRING *Results\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINTN BufferSize;\r
+ UINTN Size;\r
+ EFI_STRING ConfigRequest;\r
+ EFI_STRING ConfigRequestHdr;\r
+ TLS_AUTH_CONFIG_PRIVATE_DATA *Private;\r
+ BOOLEAN AllocatedRequest;\r
+\r
+ if (Progress == NULL || Results == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ AllocatedRequest = FALSE;\r
+ ConfigRequestHdr = NULL;\r
+ ConfigRequest = NULL;\r
+ Size = 0;\r
+\r
+ Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);\r
+\r
+ BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);\r
+ ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);\r
+\r
+ *Progress = Request;\r
+\r
+ if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {\r
+ return EFI_NOT_FOUND;\r
+ }\r
+\r
+ ConfigRequest = Request;\r
+ if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {\r
+ //\r
+ // Request is set to NULL or OFFSET is NULL, construct full request string.\r
+ //\r
+ // Allocate and fill a buffer large enough to hold the <ConfigHdr> template\r
+ // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator\r
+ //\r
+ ConfigRequestHdr = HiiConstructConfigHdr (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, Private->DriverHandle);\r
+ Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);\r
+ ConfigRequest = AllocateZeroPool (Size);\r
+ ASSERT (ConfigRequest != NULL);\r
+ AllocatedRequest = TRUE;\r
+ UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize);\r
+ FreePool (ConfigRequestHdr);\r
+ ConfigRequestHdr = NULL;\r
+ }\r
+\r
+ Status = gHiiConfigRouting->BlockToConfig (\r
+ gHiiConfigRouting,\r
+ ConfigRequest,\r
+ (UINT8 *) &Private->TlsAuthConfigNvData,\r
+ BufferSize,\r
+ Results,\r
+ Progress\r
+ );\r
+\r
+ //\r
+ // Free the allocated config request string.\r
+ //\r
+ if (AllocatedRequest) {\r
+ FreePool (ConfigRequest);\r
+ }\r
+\r
+ //\r
+ // Set Progress string to the original request string.\r
+ //\r
+ if (Request == NULL) {\r
+ *Progress = NULL;\r
+ } else if (StrStr (Request, L"OFFSET") == NULL) {\r
+ *Progress = Request + StrLen (Request);\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+\r
+ This function applies changes in a driver's configuration.\r
+ Input is a Configuration, which has the routing data for this\r
+ driver followed by name / value configuration pairs. The driver\r
+ must apply those pairs to its configurable storage. If the\r
+ driver's configuration is stored in a linear block of data\r
+ and the driver's name / value pairs are in <BlockConfig>\r
+ format, it may use the ConfigToBlock helper function (above) to\r
+ simplify the job.\r
+\r
+ @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
+\r
+ @param Configuration A null-terminated Unicode string in\r
+ <ConfigString> format.\r
+\r
+ @param Progress A pointer to a string filled in with the\r
+ offset of the most recent '&' before the\r
+ first failing name / value pair (or the\r
+ beginn ing of the string if the failure\r
+ is in the first name / value pair) or\r
+ the terminating NULL if all was\r
+ successful.\r
+\r
+ @retval EFI_SUCCESS The results have been distributed or are\r
+ awaiting distribution.\r
+\r
+ @retval EFI_OUT_OF_RESOURCES Not enough memory to store the\r
+ parts of the results that must be\r
+ stored awaiting possible future\r
+ protocols.\r
+\r
+ @retval EFI_INVALID_PARAMETERS Passing in a NULL for the\r
+ Results parameter would result\r
+ in this type of error.\r
+\r
+ @retval EFI_NOT_FOUND Target for the specified routing data\r
+ was not found\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+TlsAuthConfigAccessRouteConfig (\r
+ IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,\r
+ IN CONST EFI_STRING Configuration,\r
+ OUT EFI_STRING *Progress\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINTN BufferSize;\r
+ TLS_AUTH_CONFIG_PRIVATE_DATA *Private;\r
+\r
+ if (Progress == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ *Progress = Configuration;\r
+\r
+ if (Configuration == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ //\r
+ // Check routing data in <ConfigHdr>.\r
+ // Note: there is no name for Name/Value storage, only GUID will be checked\r
+ //\r
+ if (!HiiIsConfigHdrMatch (Configuration, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {\r
+ return EFI_NOT_FOUND;\r
+ }\r
+\r
+ Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);\r
+\r
+ BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);\r
+ ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);\r
+\r
+ Status = gHiiConfigRouting->ConfigToBlock (\r
+ gHiiConfigRouting,\r
+ Configuration,\r
+ (UINT8 *) &Private->TlsAuthConfigNvData,\r
+ &BufferSize,\r
+ Progress\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+\r
+ This function is called to provide results data to the driver.\r
+ This data consists of a unique key that is used to identify\r
+ which data is either being passed back or being asked for.\r
+\r
+ @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
+ @param Action Specifies the type of action taken by the browser.\r
+ @param QuestionId A unique value which is sent to the original\r
+ exporting driver so that it can identify the type\r
+ of data to expect. The format of the data tends to\r
+ vary based on the opcode that generated the callback.\r
+ @param Type The type of value for the question.\r
+ @param Value A pointer to the data being sent to the original\r
+ exporting driver.\r
+ @param ActionRequest On return, points to the action requested by the\r
+ callback function.\r
+\r
+ @retval EFI_SUCCESS The callback successfully handled the action.\r
+ @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the\r
+ variable and its data.\r
+ @retval EFI_DEVICE_ERROR The variable could not be saved.\r
+ @retval EFI_UNSUPPORTED The specified Action is not supported by the\r
+ callback.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+TlsAuthConfigAccessCallback (\r
+ IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,\r
+ IN EFI_BROWSER_ACTION Action,\r
+ IN EFI_QUESTION_ID QuestionId,\r
+ IN UINT8 Type,\r
+ IN OUT EFI_IFR_TYPE_VALUE *Value,\r
+ OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest\r
+ )\r
+{\r
+ EFI_INPUT_KEY Key;\r
+ EFI_STATUS Status;\r
+ RETURN_STATUS RStatus;\r
+ TLS_AUTH_CONFIG_PRIVATE_DATA *Private;\r
+ UINTN BufferSize;\r
+ TLS_AUTH_CONFIG_IFR_NVDATA *IfrNvData;\r
+ UINT16 LabelId;\r
+ EFI_DEVICE_PATH_PROTOCOL *File;\r
+\r
+ Status = EFI_SUCCESS;\r
+ File = NULL;\r
+\r
+ if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);\r
+\r
+ mTlsAuthPrivateData = Private;\r
+\r
+ //\r
+ // Retrieve uncommitted data from Browser\r
+ //\r
+ BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);\r
+ IfrNvData = AllocateZeroPool (BufferSize);\r
+ if (IfrNvData == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ HiiGetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8 *) IfrNvData);\r
+\r
+ if ((Action != EFI_BROWSER_ACTION_CHANGED) &&\r
+ (Action != EFI_BROWSER_ACTION_CHANGING)) {\r
+ Status = EFI_UNSUPPORTED;\r
+ goto EXIT;\r
+ }\r
+\r
+ if (Action == EFI_BROWSER_ACTION_CHANGING) {\r
+ switch (QuestionId) {\r
+ case KEY_TLS_AUTH_CONFIG_CLIENT_CERT:\r
+ case KEY_TLS_AUTH_CONFIG_SERVER_CA:\r
+ //\r
+ // Clear Cert GUID.\r
+ //\r
+ ZeroMem (IfrNvData->CertGuid, sizeof (IfrNvData->CertGuid));\r
+ if (Private->CertGuid == NULL) {\r
+ Private->CertGuid = (EFI_GUID *) AllocateZeroPool (sizeof (EFI_GUID));\r
+ if (Private->CertGuid == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+ }\r
+ if (QuestionId == KEY_TLS_AUTH_CONFIG_CLIENT_CERT) {\r
+ LabelId = TLS_AUTH_CONFIG_FORMID3_FORM;\r
+ } else {\r
+ LabelId = TLS_AUTH_CONFIG_FORMID4_FORM;\r
+ }\r
+\r
+ //\r
+ // Refresh selected file.\r
+ //\r
+ CleanUpPage (LabelId, Private);\r
+ break;\r
+ case KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE:\r
+ ChooseFile( NULL, NULL, UpdateCAFromFile, &File);\r
+ break;\r
+\r
+ case KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT:\r
+ Status = EnrollCertDatabase (Private, EFI_TLS_CA_CERTIFICATE_VARIABLE);\r
+ if (EFI_ERROR (Status)) {\r
+ CreatePopUp (\r
+ EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+ &Key,\r
+ L"ERROR: Enroll Cert Failure!",\r
+ NULL\r
+ );\r
+ }\r
+ break;\r
+\r
+ case KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT:\r
+ if (Private->FileContext->FHandle != NULL) {\r
+ CloseFile (Private->FileContext->FHandle);\r
+ Private->FileContext->FHandle = NULL;\r
+ if (Private->FileContext->FileName!= NULL){\r
+ FreePool(Private->FileContext->FileName);\r
+ Private->FileContext->FileName = NULL;\r
+ }\r
+ }\r
+\r
+ if (Private->CertGuid!= NULL) {\r
+ FreePool (Private->CertGuid);\r
+ Private->CertGuid = NULL;\r
+ }\r
+ break;\r
+\r
+ case KEY_TLS_AUTH_CONFIG_DELETE_CERT:\r
+ UpdateDeletePage (\r
+ Private,\r
+ EFI_TLS_CA_CERTIFICATE_VARIABLE,\r
+ &gEfiTlsCaCertificateGuid,\r
+ LABEL_CA_DELETE,\r
+ TLS_AUTH_CONFIG_FORMID5_FORM,\r
+ OPTION_DEL_CA_ESTION_ID\r
+ );\r
+ break;\r
+\r
+ default:\r
+ if ((QuestionId >= OPTION_DEL_CA_ESTION_ID) &&\r
+ (QuestionId < (OPTION_DEL_CA_ESTION_ID + OPTION_CONFIG_RANGE))) {\r
+ DeleteCert (\r
+ Private,\r
+ EFI_TLS_CA_CERTIFICATE_VARIABLE,\r
+ &gEfiTlsCaCertificateGuid,\r
+ LABEL_CA_DELETE,\r
+ TLS_AUTH_CONFIG_FORMID5_FORM,\r
+ OPTION_DEL_CA_ESTION_ID,\r
+ QuestionId - OPTION_DEL_CA_ESTION_ID\r
+ );\r
+ }\r
+ break;\r
+ }\r
+ } else if (Action == EFI_BROWSER_ACTION_CHANGED) {\r
+ switch (QuestionId) {\r
+ case KEY_TLS_AUTH_CONFIG_CERT_GUID:\r
+ ASSERT (Private->CertGuid != NULL);\r
+ RStatus = StrToGuid (\r
+ IfrNvData->CertGuid,\r
+ Private->CertGuid\r
+ );\r
+ if (RETURN_ERROR (RStatus) || (IfrNvData->CertGuid[GUID_STRING_LENGTH] != L'\0')) {\r
+ Status = EFI_INVALID_PARAMETER;\r
+ break;\r
+ }\r
+\r
+ *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;\r
+ break;\r
+ default:\r
+ break;\r
+ }\r
+ }\r
+\r
+EXIT:\r
+\r
+ if (!EFI_ERROR (Status)) {\r
+ BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);\r
+ HiiSetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8*) IfrNvData, NULL);\r
+ }\r
+\r
+ FreePool (IfrNvData);\r
+\r
+ if (File != NULL){\r
+ FreePool(File);\r
+ File = NULL;\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+\r
+}\r
+\r