/** @file\r
The header files of the driver binding and service binding protocol for HttpDxe driver.\r
\r
- Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
\r
This program and the accompanying materials\r
#include <Protocol/Http.h>\r
\r
#include <Guid/TlsAuthentication.h>\r
+#include <Guid/HttpTlsCipherList.h>\r
\r
#include <IndustryStandard/Tls1.h>\r
\r
## @file\r
# Implementation of EFI HTTP protocol interfaces.\r
#\r
-# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>\r
+# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r
#\r
# This program and the accompanying materials\r
# are licensed and made available under the terms and conditions of the BSD License\r
\r
[Guids]\r
gEfiTlsCaCertificateGuid ## SOMETIMES_CONSUMES ## Variable:L"TlsCaCertificate"\r
+ gEdkiiHttpTlsCipherListGuid ## SOMETIMES_CONSUMES ## Variable:L"HttpTlsCipherList"\r
\r
[Pcd]\r
gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections ## CONSUMES \r
/** @file\r
Miscellaneous routines specific to Https for HttpDxe driver.\r
\r
-Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>\r
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
return Status;\r
}\r
\r
+/**\r
+ Read the HttpTlsCipherList variable and configure it for HTTPS session.\r
+\r
+ @param[in, out] HttpInstance The HTTP instance private data.\r
+\r
+ @retval EFI_SUCCESS The prefered HTTP TLS CipherList is configured.\r
+ @retval EFI_NOT_FOUND Fail to get 'HttpTlsCipherList' variable.\r
+ @retval EFI_INVALID_PARAMETER The contents of variable are invalid.\r
+ @retval EFI_OUT_OF_RESOURCES Can't allocate memory resources.\r
+\r
+ @retval Others Other error as indicated.\r
+\r
+**/\r
+EFI_STATUS\r
+TlsConfigCipherList (\r
+ IN OUT HTTP_PROTOCOL *HttpInstance\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 *CipherList;\r
+ UINTN CipherListSize;\r
+\r
+ CipherList = NULL;\r
+ CipherListSize = 0;\r
+\r
+ //\r
+ // Try to read the HttpTlsCipherList variable.\r
+ //\r
+ Status = gRT->GetVariable (\r
+ EDKII_HTTP_TLS_CIPHER_LIST_VARIABLE,\r
+ &gEdkiiHttpTlsCipherListGuid,\r
+ NULL,\r
+ &CipherListSize,\r
+ NULL\r
+ );\r
+ ASSERT (EFI_ERROR (Status));\r
+ if (Status != EFI_BUFFER_TOO_SMALL) {\r
+ return Status;\r
+ }\r
+\r
+ if (CipherListSize % sizeof (EFI_TLS_CIPHER) != 0) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
+ //\r
+ // Allocate buffer and read the config variable.\r
+ //\r
+ CipherList = AllocatePool (CipherListSize);\r
+ if (CipherList == NULL) {\r
+ return EFI_OUT_OF_RESOURCES;\r
+ }\r
+\r
+ Status = gRT->GetVariable (\r
+ EDKII_HTTP_TLS_CIPHER_LIST_VARIABLE,\r
+ &gEdkiiHttpTlsCipherListGuid,\r
+ NULL,\r
+ &CipherListSize,\r
+ CipherList\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ //\r
+ // GetVariable still error or the variable is corrupted.\r
+ //\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ ASSERT (CipherList != NULL);\r
+\r
+ Status = HttpInstance->Tls->SetSessionData (\r
+ HttpInstance->Tls,\r
+ EfiTlsCipherList,\r
+ CipherList,\r
+ CipherListSize\r
+ );\r
+\r
+ON_EXIT: \r
+ FreePool (CipherList);\r
+ \r
+ return Status;\r
+}\r
+\r
/**\r
Configure TLS session data.\r
\r
return Status;\r
}\r
\r
+ //\r
+ // Tls Cipher List\r
+ //\r
+ Status = TlsConfigCipherList (HttpInstance);\r
+ if (EFI_ERROR (Status) && Status != EFI_NOT_FOUND) {\r
+ DEBUG ((EFI_D_ERROR, "TlsConfigCipherList: return %r error.\n", Status));\r
+ return Status;\r
+ }\r
+\r
//\r
// Tls Config Certificate\r
//\r