From ecfd37ba1bfe0aacfd4c234013a8aa77811f8b80 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Sun, 1 Apr 2018 12:53:23 +0200 Subject: [PATCH] CryptoPkg/TlsLib: replace TlsGetCipherString() with TlsGetCipherMapping() In the following patches it will be useful if the IANA CipherId lookup returns a pointer to the whole matching IANA-to-OpenSSL mapping structure, not just the OpenSSL cipher suite name. Rename TLS_CIPHER_PAIR and TlsGetCipherString() to TLS_CIPHER_MAPPING and TlsGetCipherMapping() respectively, and make the function return a pointer to TLS_CIPHER_MAPPING. Cc: Jiaxin Wu Cc: Qin Long Cc: Siyuan Fu Cc: Ting Ye Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=915 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek Reviewed-by: Long Qin Reviewed-by: Jiaxin Wu --- CryptoPkg/Library/TlsLib/TlsConfig.c | 37 +++++++++++++++------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLib/TlsConfig.c index 2ffe58ad29..507489386b 100644 --- a/CryptoPkg/Library/TlsLib/TlsConfig.c +++ b/CryptoPkg/Library/TlsLib/TlsConfig.c @@ -24,13 +24,13 @@ typedef struct { // OpenSSL-used Cipher Suite String // CONST CHAR8 *OpensslCipher; -} TLS_CIPHER_PAIR; +} TLS_CIPHER_MAPPING; // // The mapping table between IANA/IETF Cipher Suite definitions and // OpenSSL-used Cipher Suite name. // -STATIC CONST TLS_CIPHER_PAIR TlsCipherMappingTable[] = { +STATIC CONST TLS_CIPHER_MAPPING TlsCipherMappingTable[] = { { 0x0001, "NULL-MD5" }, /// TLS_RSA_WITH_NULL_MD5 { 0x0002, "NULL-SHA" }, /// TLS_RSA_WITH_NULL_SHA { 0x0004, "RC4-MD5" }, /// TLS_RSA_WITH_RC4_128_MD5 @@ -57,26 +57,26 @@ STATIC CONST TLS_CIPHER_PAIR TlsCipherMappingTable[] = { }; /** - Gets the OpenSSL cipher suite string for the supplied IANA TLS cipher suite. + Gets the OpenSSL cipher suite mapping for the supplied IANA TLS cipher suite. @param[in] CipherId The supplied IANA TLS cipher suite ID. - @return The corresponding OpenSSL cipher suite string if found, + @return The corresponding OpenSSL cipher suite mapping if found, NULL otherwise. **/ STATIC -CONST CHAR8 * -TlsGetCipherString ( +CONST TLS_CIPHER_MAPPING * +TlsGetCipherMapping ( IN UINT16 CipherId ) { - CONST TLS_CIPHER_PAIR *CipherEntry; - UINTN TableSize; - UINTN Index; + CONST TLS_CIPHER_MAPPING *CipherEntry; + UINTN TableSize; + UINTN Index; CipherEntry = TlsCipherMappingTable; - TableSize = sizeof (TlsCipherMappingTable) / sizeof (TLS_CIPHER_PAIR); + TableSize = sizeof (TlsCipherMappingTable) / sizeof (TLS_CIPHER_MAPPING); // // Search Cipher Mapping Table for IANA-OpenSSL Cipher Translation @@ -86,7 +86,7 @@ TlsGetCipherString ( // Translate IANA cipher suite name to OpenSSL name. // if (CipherEntry->IanaCipher == CipherId) { - return CipherEntry->OpensslCipher; + return CipherEntry; } } @@ -229,16 +229,18 @@ TlsSetCipherList ( IN UINTN CipherNum ) { - TLS_CONNECTION *TlsConn; - UINTN Index; - CONST CHAR8 *MappingName; - CHAR8 CipherString[500]; + TLS_CONNECTION *TlsConn; + UINTN Index; + CONST TLS_CIPHER_MAPPING *Mapping; + CONST CHAR8 *MappingName; + CHAR8 CipherString[500]; TlsConn = (TLS_CONNECTION *) Tls; if (TlsConn == NULL || TlsConn->Ssl == NULL || CipherId == NULL) { return EFI_INVALID_PARAMETER; } + Mapping = NULL; MappingName = NULL; memset (CipherString, 0, sizeof (CipherString)); @@ -247,10 +249,11 @@ TlsSetCipherList ( // // Handling OpenSSL / RFC Cipher name mapping. // - MappingName = TlsGetCipherString (*(CipherId + Index)); - if (MappingName == NULL) { + Mapping = TlsGetCipherMapping (*(CipherId + Index)); + if (Mapping == NULL) { return EFI_UNSUPPORTED; } + MappingName = Mapping->OpensslCipher; if (Index != 0) { // -- 2.39.2