sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CryptoPkg: Apply uncrustify changes

Browse Source 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737

Apply uncrustify changes to .c/.h files in the CryptoPkg package

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
This commit is contained in:
Michael Kubacki
2021-12-05 14:53:54 -08:00
committed by mergify[bot]
parent 2b16a4fb91
commit 7c34237831
101 changed files with 4323 additions and 3711 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
CryptoPkg/Library/TlsLib/InternalTlsLib.h
View File

@@ -26,16 +26,15 @@ typedef struct {
// Main SSL Connection which is created by a server or a client
// per established connection.
//
SSL *Ssl;
SSL *Ssl;
//
// Memory BIO for the TLS/SSL Reading operations.
//
BIO *InBio;
BIO *InBio;
//
// Memory BIO for the TLS/SSL Writing operations.
//
BIO *OutBio;
BIO *OutBio;
} TLS_CONNECTION;
#endif

464
CryptoPkg/Library/TlsLib/TlsConfig.c
View File

@@ -13,15 +13,15 @@ typedef struct {
//
// IANA/IETF defined Cipher Suite ID
//
UINT16 IanaCipher;
UINT16 IanaCipher;
//
// OpenSSL-used Cipher Suite String
//
CONST CHAR8 *OpensslCipher;
CONST CHAR8 *OpensslCipher;
//
// Length of OpensslCipher
//
UINTN OpensslCipherLength;
UINTN OpensslCipherLength;
} TLS_CIPHER_MAPPING;
//
@@ -38,30 +38,30 @@ typedef struct {
//
// Keep the table uniquely sorted by the IanaCipher field, in increasing order.
//
STATIC CONST TLS_CIPHER_MAPPING TlsCipherMappingTable[] = {
MAP ( 0x0001, "NULL-MD5" ), /// TLS_RSA_WITH_NULL_MD5
MAP ( 0x0002, "NULL-SHA" ), /// TLS_RSA_WITH_NULL_SHA
MAP ( 0x0004, "RC4-MD5" ), /// TLS_RSA_WITH_RC4_128_MD5
MAP ( 0x0005, "RC4-SHA" ), /// TLS_RSA_WITH_RC4_128_SHA
MAP ( 0x000A, "DES-CBC3-SHA" ), /// TLS_RSA_WITH_3DES_EDE_CBC_SHA, mandatory TLS 1.1
MAP ( 0x0016, "DHE-RSA-DES-CBC3-SHA" ), /// TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
MAP ( 0x002F, "AES128-SHA" ), /// TLS_RSA_WITH_AES_128_CBC_SHA, mandatory TLS 1.2
MAP ( 0x0030, "DH-DSS-AES128-SHA" ), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA
MAP ( 0x0031, "DH-RSA-AES128-SHA" ), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA
MAP ( 0x0033, "DHE-RSA-AES128-SHA" ), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA
MAP ( 0x0035, "AES256-SHA" ), /// TLS_RSA_WITH_AES_256_CBC_SHA
MAP ( 0x0036, "DH-DSS-AES256-SHA" ), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA
MAP ( 0x0037, "DH-RSA-AES256-SHA" ), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA
MAP ( 0x0039, "DHE-RSA-AES256-SHA" ), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA
MAP ( 0x003B, "NULL-SHA256" ), /// TLS_RSA_WITH_NULL_SHA256
MAP ( 0x003C, "AES128-SHA256" ), /// TLS_RSA_WITH_AES_128_CBC_SHA256
MAP ( 0x003D, "AES256-SHA256" ), /// TLS_RSA_WITH_AES_256_CBC_SHA256
MAP ( 0x003E, "DH-DSS-AES128-SHA256" ), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA256
MAP ( 0x003F, "DH-RSA-AES128-SHA256" ), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA256
MAP ( 0x0067, "DHE-RSA-AES128-SHA256" ), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
MAP ( 0x0068, "DH-DSS-AES256-SHA256" ), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA256
MAP ( 0x0069, "DH-RSA-AES256-SHA256" ), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA256
MAP ( 0x006B, "DHE-RSA-AES256-SHA256" ), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
STATIC CONST TLS_CIPHER_MAPPING TlsCipherMappingTable[] = {
MAP (0x0001, "NULL-MD5"), /// TLS_RSA_WITH_NULL_MD5
MAP (0x0002, "NULL-SHA"), /// TLS_RSA_WITH_NULL_SHA
MAP (0x0004, "RC4-MD5"), /// TLS_RSA_WITH_RC4_128_MD5
MAP (0x0005, "RC4-SHA"), /// TLS_RSA_WITH_RC4_128_SHA
MAP (0x000A, "DES-CBC3-SHA"), /// TLS_RSA_WITH_3DES_EDE_CBC_SHA, mandatory TLS 1.1
MAP (0x0016, "DHE-RSA-DES-CBC3-SHA"), /// TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
MAP (0x002F, "AES128-SHA"), /// TLS_RSA_WITH_AES_128_CBC_SHA, mandatory TLS 1.2
MAP (0x0030, "DH-DSS-AES128-SHA"), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA
MAP (0x0031, "DH-RSA-AES128-SHA"), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA
MAP (0x0033, "DHE-RSA-AES128-SHA"), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA
MAP (0x0035, "AES256-SHA"), /// TLS_RSA_WITH_AES_256_CBC_SHA
MAP (0x0036, "DH-DSS-AES256-SHA"), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA
MAP (0x0037, "DH-RSA-AES256-SHA"), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA
MAP (0x0039, "DHE-RSA-AES256-SHA"), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA
MAP (0x003B, "NULL-SHA256"), /// TLS_RSA_WITH_NULL_SHA256
MAP (0x003C, "AES128-SHA256"), /// TLS_RSA_WITH_AES_128_CBC_SHA256
MAP (0x003D, "AES256-SHA256"), /// TLS_RSA_WITH_AES_256_CBC_SHA256
MAP (0x003E, "DH-DSS-AES128-SHA256"), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA256
MAP (0x003F, "DH-RSA-AES128-SHA256"), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA256
MAP (0x0067, "DHE-RSA-AES128-SHA256"), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
MAP (0x0068, "DH-DSS-AES256-SHA256"), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA256
MAP (0x0069, "DH-RSA-AES256-SHA256"), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA256
MAP (0x006B, "DHE-RSA-AES256-SHA256"), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
};
/**
@@ -76,12 +76,12 @@ STATIC CONST TLS_CIPHER_MAPPING TlsCipherMappingTable[] = {
STATIC
CONST TLS_CIPHER_MAPPING *
TlsGetCipherMapping (
IN UINT16 CipherId
IN UINT16 CipherId
)
{
INTN Left;
INTN Right;
INTN Middle;
INTN Left;
INTN Right;
INTN Middle;
//
// Binary Search Cipher Mapping Table for IANA-OpenSSL Cipher Translation
@@ -102,7 +102,7 @@ TlsGetCipherMapping (
if (CipherId < TlsCipherMappingTable[Middle].IanaCipher) {
Right = Middle - 1;
} else {
Left = Middle + 1;
Left = Middle + 1;
}
}
@@ -129,16 +129,16 @@ TlsGetCipherMapping (
EFI_STATUS
EFIAPI
TlsSetVersion (
IN VOID *Tls,
IN UINT8 MajorVer,
IN UINT8 MinorVer
IN VOID *Tls,
IN UINT8 MajorVer,
IN UINT8 MinorVer
)
{
TLS_CONNECTION *TlsConn;
UINT16 ProtoVersion;
TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -148,35 +148,35 @@ TlsSetVersion (
// Bound TLS method to the particular specified version.
//
switch (ProtoVersion) {
case TLS1_VERSION:
//
// TLS 1.0
//
SSL_set_min_proto_version (TlsConn->Ssl, TLS1_VERSION);
SSL_set_max_proto_version (TlsConn->Ssl, TLS1_VERSION);
break;
case TLS1_1_VERSION:
//
// TLS 1.1
//
SSL_set_min_proto_version (TlsConn->Ssl, TLS1_1_VERSION);
SSL_set_max_proto_version (TlsConn->Ssl, TLS1_1_VERSION);
break;
case TLS1_2_VERSION:
//
// TLS 1.2
//
SSL_set_min_proto_version (TlsConn->Ssl, TLS1_2_VERSION);
SSL_set_max_proto_version (TlsConn->Ssl, TLS1_2_VERSION);
break;
default:
//
// Unsupported Protocol Version
//
return EFI_UNSUPPORTED;
case TLS1_VERSION:
//
// TLS 1.0
//
SSL_set_min_proto_version (TlsConn->Ssl, TLS1_VERSION);
SSL_set_max_proto_version (TlsConn->Ssl, TLS1_VERSION);
break;
case TLS1_1_VERSION:
//
// TLS 1.1
//
SSL_set_min_proto_version (TlsConn->Ssl, TLS1_1_VERSION);
SSL_set_max_proto_version (TlsConn->Ssl, TLS1_1_VERSION);
break;
case TLS1_2_VERSION:
//
// TLS 1.2
//
SSL_set_min_proto_version (TlsConn->Ssl, TLS1_2_VERSION);
SSL_set_max_proto_version (TlsConn->Ssl, TLS1_2_VERSION);
break;
default:
//
// Unsupported Protocol Version
//
return EFI_UNSUPPORTED;
}
return EFI_SUCCESS;;
return EFI_SUCCESS;
}
/**
@@ -195,14 +195,14 @@ TlsSetVersion (
EFI_STATUS
EFIAPI
TlsSetConnectionEnd (
IN VOID *Tls,
IN BOOLEAN IsServer
IN VOID *Tls,
IN BOOLEAN IsServer
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) {
TlsConn = (TLS_CONNECTION *)Tls;
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -216,7 +216,7 @@ TlsSetConnectionEnd (
// Set TLS to work in Server mode.
// It is unsupported for UEFI version currently.
//
//SSL_set_accept_state (TlsConn->Ssl);
// SSL_set_accept_state (TlsConn->Ssl);
return EFI_UNSUPPORTED;
}
@@ -244,24 +244,24 @@ TlsSetConnectionEnd (
EFI_STATUS
EFIAPI
TlsSetCipherList (
IN VOID *Tls,
IN UINT16 *CipherId,
IN UINTN CipherNum
IN VOID *Tls,
IN UINT16 *CipherId,
IN UINTN CipherNum
)
{
TLS_CONNECTION *TlsConn;
EFI_STATUS Status;
CONST TLS_CIPHER_MAPPING **MappedCipher;
UINTN MappedCipherBytes;
UINTN MappedCipherCount;
UINTN CipherStringSize;
UINTN Index;
CONST TLS_CIPHER_MAPPING *Mapping;
CHAR8 *CipherString;
CHAR8 *CipherStringPosition;
TLS_CONNECTION *TlsConn;
EFI_STATUS Status;
CONST TLS_CIPHER_MAPPING **MappedCipher;
UINTN MappedCipherBytes;
UINTN MappedCipherCount;
UINTN CipherStringSize;
UINTN Index;
CONST TLS_CIPHER_MAPPING *Mapping;
CHAR8 *CipherString;
CHAR8 *CipherStringPosition;
TlsConn = (TLS_CONNECTION *) Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || CipherId == NULL) {
TlsConn = (TLS_CONNECTION *)Tls;
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (CipherId == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -269,11 +269,15 @@ TlsSetCipherList (
// Allocate the MappedCipher array for recording the mappings that we find
// for the input IANA identifiers in CipherId.
//
Status = SafeUintnMult (CipherNum, sizeof (*MappedCipher),
&MappedCipherBytes);
Status = SafeUintnMult (
CipherNum,
sizeof (*MappedCipher),
&MappedCipherBytes
);
if (EFI_ERROR (Status)) {
return EFI_OUT_OF_RESOURCES;
}
MappedCipher = AllocatePool (MappedCipherBytes);
if (MappedCipher == NULL) {
return EFI_OUT_OF_RESOURCES;
@@ -284,15 +288,20 @@ TlsSetCipherList (
// CipherString.
//
MappedCipherCount = 0;
CipherStringSize = 0;
CipherStringSize = 0;
for (Index = 0; Index < CipherNum; Index++) {
//
// Look up the IANA-to-OpenSSL mapping.
//
Mapping = TlsGetCipherMapping (CipherId[Index]);
if (Mapping == NULL) {
DEBUG ((DEBUG_VERBOSE, "%a:%a: skipping CipherId=0x%04x\n",
gEfiCallerBaseName, __FUNCTION__, CipherId[Index]));
DEBUG ((
DEBUG_VERBOSE,
"%a:%a: skipping CipherId=0x%04x\n",
gEfiCallerBaseName,
__FUNCTION__,
CipherId[Index]
));
//
// Skipping the cipher is valid because CipherId is an ordered
// preference list of ciphers, thus we can filter it as long as we
@@ -300,6 +309,7 @@ TlsSetCipherList (
//
continue;
}
//
// Accumulate Mapping->OpensslCipherLength into CipherStringSize. If this
// is not the first successful mapping, account for a colon (":") prefix
@@ -312,12 +322,17 @@ TlsSetCipherList (
goto FreeMappedCipher;
}
}
Status = SafeUintnAdd (CipherStringSize, Mapping->OpensslCipherLength,
&CipherStringSize);
Status = SafeUintnAdd (
CipherStringSize,
Mapping->OpensslCipherLength,
&CipherStringSize
);
if (EFI_ERROR (Status)) {
Status = EFI_OUT_OF_RESOURCES;
goto FreeMappedCipher;
}
//
// Record the mapping.
//
@@ -329,16 +344,22 @@ TlsSetCipherList (
// terminating NUL character in CipherStringSize; allocate CipherString.
//
if (MappedCipherCount == 0) {
DEBUG ((DEBUG_ERROR, "%a:%a: no CipherId could be mapped\n",
gEfiCallerBaseName, __FUNCTION__));
DEBUG ((
DEBUG_ERROR,
"%a:%a: no CipherId could be mapped\n",
gEfiCallerBaseName,
__FUNCTION__
));
Status = EFI_UNSUPPORTED;
goto FreeMappedCipher;
}
Status = SafeUintnAdd (CipherStringSize, 1, &CipherStringSize);
if (EFI_ERROR (Status)) {
Status = EFI_OUT_OF_RESOURCES;
goto FreeMappedCipher;
}
CipherString = AllocatePool (CipherStringSize);
if (CipherString == NULL) {
Status = EFI_OUT_OF_RESOURCES;
@@ -358,8 +379,12 @@ TlsSetCipherList (
if (Index > 0) {
*(CipherStringPosition++) = ':';
}
CopyMem (CipherStringPosition, Mapping->OpensslCipher,
Mapping->OpensslCipherLength);
CopyMem (
CipherStringPosition,
Mapping->OpensslCipher,
Mapping->OpensslCipherLength
);
CipherStringPosition += Mapping->OpensslCipherLength;
}
@@ -376,28 +401,35 @@ TlsSetCipherList (
// DebugLib instances.)
//
DEBUG_CODE_BEGIN ();
UINTN FullLength;
UINTN SegmentLength;
UINTN FullLength;
UINTN SegmentLength;
FullLength = CipherStringSize - 1;
DEBUG ((DEBUG_VERBOSE, "%a:%a: CipherString={\n", gEfiCallerBaseName,
__FUNCTION__));
for (CipherStringPosition = CipherString;
CipherStringPosition < CipherString + FullLength;
CipherStringPosition += SegmentLength) {
SegmentLength = FullLength - (CipherStringPosition - CipherString);
if (SegmentLength > 79) {
SegmentLength = 79;
}
DEBUG ((DEBUG_VERBOSE, "%.*a\n", SegmentLength, CipherStringPosition));
FullLength = CipherStringSize - 1;
DEBUG ((
DEBUG_VERBOSE,
"%a:%a: CipherString={\n",
gEfiCallerBaseName,
__FUNCTION__
));
for (CipherStringPosition = CipherString;
CipherStringPosition < CipherString + FullLength;
CipherStringPosition += SegmentLength)
{
SegmentLength = FullLength - (CipherStringPosition - CipherString);
if (SegmentLength > 79) {
SegmentLength = 79;
}
DEBUG ((DEBUG_VERBOSE, "}\n"));
//
// Restore the pre-debug value of CipherStringPosition by skipping over the
// trailing NUL.
//
CipherStringPosition++;
ASSERT (CipherStringPosition == CipherString + CipherStringSize);
DEBUG ((DEBUG_VERBOSE, "%.*a\n", SegmentLength, CipherStringPosition));
}
DEBUG ((DEBUG_VERBOSE, "}\n"));
//
// Restore the pre-debug value of CipherStringPosition by skipping over the
// trailing NUL.
//
CipherStringPosition++;
ASSERT (CipherStringPosition == CipherString + CipherStringSize);
DEBUG_CODE_END ();
//
@@ -434,7 +466,7 @@ FreeMappedCipher:
EFI_STATUS
EFIAPI
TlsSetCompressionMethod (
IN UINT8 CompMethod
IN UINT8 CompMethod
)
{
COMP_METHOD *Cm;
@@ -451,7 +483,7 @@ TlsSetCompressionMethod (
//
return EFI_SUCCESS;
} else if (CompMethod == 1) {
Cm = COMP_zlib();
Cm = COMP_zlib ();
} else {
return EFI_UNSUPPORTED;
}
@@ -480,14 +512,14 @@ TlsSetCompressionMethod (
VOID
EFIAPI
TlsSetVerify (
IN VOID *Tls,
IN UINT32 VerifyMode
IN VOID *Tls,
IN UINT32 VerifyMode
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) {
TlsConn = (TLS_CONNECTION *)Tls;
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return;
}
@@ -512,23 +544,23 @@ TlsSetVerify (
EFI_STATUS
EFIAPI
TlsSetVerifyHost (
IN VOID *Tls,
IN UINT32 Flags,
IN CHAR8 *HostName
IN VOID *Tls,
IN UINT32 Flags,
IN CHAR8 *HostName
)
{
TLS_CONNECTION *TlsConn;
X509_VERIFY_PARAM *VerifyParam;
UINTN BinaryAddressSize;
UINT8 BinaryAddress[MAX (NS_INADDRSZ, NS_IN6ADDRSZ)];
INTN ParamStatus;
TLS_CONNECTION *TlsConn;
X509_VERIFY_PARAM *VerifyParam;
UINTN BinaryAddressSize;
UINT8 BinaryAddress[MAX (NS_INADDRSZ, NS_IN6ADDRSZ)];
INTN ParamStatus;
TlsConn = (TLS_CONNECTION *) Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || HostName == NULL) {
return EFI_INVALID_PARAMETER;
TlsConn = (TLS_CONNECTION *)Tls;
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (HostName == NULL)) {
return EFI_INVALID_PARAMETER;
}
SSL_set_hostflags(TlsConn->Ssl, Flags);
SSL_set_hostflags (TlsConn->Ssl, Flags);
VerifyParam = SSL_get0_param (TlsConn->Ssl);
ASSERT (VerifyParam != NULL);
@@ -541,11 +573,20 @@ TlsSetVerifyHost (
}
if (BinaryAddressSize > 0) {
DEBUG ((DEBUG_VERBOSE, "%a:%a: parsed \"%a\" as an IPv%c address "
"literal\n", gEfiCallerBaseName, __FUNCTION__, HostName,
(UINTN)((BinaryAddressSize == NS_IN6ADDRSZ) ? '6' : '4')));
ParamStatus = X509_VERIFY_PARAM_set1_ip (VerifyParam, BinaryAddress,
BinaryAddressSize);
DEBUG ((
DEBUG_VERBOSE,
"%a:%a: parsed \"%a\" as an IPv%c address "
"literal\n",
gEfiCallerBaseName,
__FUNCTION__,
HostName,
(UINTN)((BinaryAddressSize == NS_IN6ADDRSZ) ? '6' : '4')
));
ParamStatus = X509_VERIFY_PARAM_set1_ip (
VerifyParam,
BinaryAddress,
BinaryAddressSize
);
} else {
ParamStatus = X509_VERIFY_PARAM_set1_host (VerifyParam, HostName, 0);
}
@@ -571,18 +612,18 @@ TlsSetVerifyHost (
EFI_STATUS
EFIAPI
TlsSetSessionId (
IN VOID *Tls,
IN UINT8 *SessionId,
IN UINT16 SessionIdLen
IN VOID *Tls,
IN UINT8 *SessionId,
IN UINT16 SessionIdLen
)
{
TLS_CONNECTION *TlsConn;
SSL_SESSION *Session;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
Session = NULL;
if (TlsConn == NULL || TlsConn->Ssl == NULL || SessionId == NULL) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (SessionId == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -616,9 +657,9 @@ TlsSetSessionId (
EFI_STATUS
EFIAPI
TlsSetCaCertificate (
IN VOID *Tls,
IN VOID *Data,
IN UINTN DataSize
IN VOID *Tls,
IN VOID *Data,
IN UINTN DataSize
)
{
BIO *BioCert;
@@ -634,10 +675,10 @@ TlsSetCaCertificate (
Cert = NULL;
X509Store = NULL;
Status = EFI_SUCCESS;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
Ret = 0;
if (TlsConn == NULL || TlsConn->Ssl == NULL || Data == NULL || DataSize == 0) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (Data == NULL) || (DataSize == 0)) {
return EFI_INVALID_PARAMETER;
}
@@ -645,7 +686,7 @@ TlsSetCaCertificate (
// DER-encoded binary X.509 certificate or PEM-encoded X.509 certificate.
// Determine whether certificate is from DER encoding, if so, translate it to X509 structure.
//
Cert = d2i_X509 (NULL, (const unsigned char ** )&Data, (long) DataSize);
Cert = d2i_X509 (NULL, (const unsigned char **)&Data, (long)DataSize);
if (Cert == NULL) {
//
// Certificate is from PEM encoding.
@@ -656,7 +697,7 @@ TlsSetCaCertificate (
goto ON_EXIT;
}
if (BIO_write (BioCert, Data, (UINT32) DataSize) <= 0) {
if (BIO_write (BioCert, Data, (UINT32)DataSize) <= 0) {
Status = EFI_ABORTED;
goto ON_EXIT;
}
@@ -671,8 +712,8 @@ TlsSetCaCertificate (
SslCtx = SSL_get_SSL_CTX (TlsConn->Ssl);
X509Store = SSL_CTX_get_cert_store (SslCtx);
if (X509Store == NULL) {
Status = EFI_ABORTED;
goto ON_EXIT;
Status = EFI_ABORTED;
goto ON_EXIT;
}
//
@@ -684,8 +725,9 @@ TlsSetCaCertificate (
//
// Ignore "already in table" errors
//
if (!(ERR_GET_FUNC (ErrorCode) == X509_F_X509_STORE_ADD_CERT &&
ERR_GET_REASON (ErrorCode) == X509_R_CERT_ALREADY_IN_HASH_TABLE)) {
if (!((ERR_GET_FUNC (ErrorCode) == X509_F_X509_STORE_ADD_CERT) &&
(ERR_GET_REASON (ErrorCode) == X509_R_CERT_ALREADY_IN_HASH_TABLE)))
{
Status = EFI_ABORTED;
goto ON_EXIT;
}
@@ -723,9 +765,9 @@ ON_EXIT:
EFI_STATUS
EFIAPI
TlsSetHostPublicCert (
IN VOID *Tls,
IN VOID *Data,
IN UINTN DataSize
IN VOID *Tls,
IN VOID *Data,
IN UINTN DataSize
)
{
BIO *BioCert;
@@ -736,9 +778,9 @@ TlsSetHostPublicCert (
BioCert = NULL;
Cert = NULL;
Status = EFI_SUCCESS;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || Data == NULL || DataSize == 0) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (Data == NULL) || (DataSize == 0)) {
return EFI_INVALID_PARAMETER;
}
@@ -746,7 +788,7 @@ TlsSetHostPublicCert (
// DER-encoded binary X.509 certificate or PEM-encoded X.509 certificate.
// Determine whether certificate is from DER encoding, if so, translate it to X509 structure.
//
Cert = d2i_X509 (NULL, (const unsigned char ** )&Data, (long) DataSize);
Cert = d2i_X509 (NULL, (const unsigned char **)&Data, (long)DataSize);
if (Cert == NULL) {
//
// Certificate is from PEM encoding.
@@ -757,7 +799,7 @@ TlsSetHostPublicCert (
goto ON_EXIT;
}
if (BIO_write (BioCert, Data, (UINT32) DataSize) <= 0) {
if (BIO_write (BioCert, Data, (UINT32)DataSize) <= 0) {
Status = EFI_ABORTED;
goto ON_EXIT;
}
@@ -805,9 +847,9 @@ ON_EXIT:
EFI_STATUS
EFIAPI
TlsSetHostPrivateKey (
IN VOID *Tls,
IN VOID *Data,
IN UINTN DataSize
IN VOID *Tls,
IN VOID *Data,
IN UINTN DataSize
)
{
return EFI_UNSUPPORTED;
@@ -830,8 +872,8 @@ TlsSetHostPrivateKey (
EFI_STATUS
EFIAPI
TlsSetCertRevocationList (
IN VOID *Data,
IN UINTN DataSize
IN VOID *Data,
IN UINTN DataSize
)
{
return EFI_UNSUPPORTED;
@@ -853,12 +895,12 @@ TlsSetCertRevocationList (
UINT16
EFIAPI
TlsGetVersion (
IN VOID *Tls
IN VOID *Tls
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
ASSERT (TlsConn != NULL);
@@ -881,12 +923,12 @@ TlsGetVersion (
UINT8
EFIAPI
TlsGetConnectionEnd (
IN VOID *Tls
IN VOID *Tls
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
ASSERT (TlsConn != NULL);
@@ -910,17 +952,17 @@ TlsGetConnectionEnd (
EFI_STATUS
EFIAPI
TlsGetCurrentCipher (
IN VOID *Tls,
IN OUT UINT16 *CipherId
IN VOID *Tls,
IN OUT UINT16 *CipherId
)
{
TLS_CONNECTION *TlsConn;
CONST SSL_CIPHER *Cipher;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
Cipher = NULL;
if (TlsConn == NULL || TlsConn->Ssl == NULL || CipherId == NULL) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (CipherId == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -953,8 +995,8 @@ TlsGetCurrentCipher (
EFI_STATUS
EFIAPI
TlsGetCurrentCompressionId (
IN VOID *Tls,
IN OUT UINT8 *CompressionId
IN VOID *Tls,
IN OUT UINT8 *CompressionId
)
{
return EFI_UNSUPPORTED;
@@ -976,12 +1018,12 @@ TlsGetCurrentCompressionId (
UINT32
EFIAPI
TlsGetVerify (
IN VOID *Tls
IN VOID *Tls
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
ASSERT (TlsConn != NULL);
@@ -1006,19 +1048,19 @@ TlsGetVerify (
EFI_STATUS
EFIAPI
TlsGetSessionId (
IN VOID *Tls,
IN OUT UINT8 *SessionId,
IN OUT UINT16 *SessionIdLen
IN VOID *Tls,
IN OUT UINT8 *SessionId,
IN OUT UINT16 *SessionIdLen
)
{
TLS_CONNECTION *TlsConn;
SSL_SESSION *Session;
CONST UINT8 *SslSessionId;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
Session = NULL;
if (TlsConn == NULL || TlsConn->Ssl == NULL || SessionId == NULL || SessionIdLen == NULL) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (SessionId == NULL) || (SessionIdLen == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -1047,15 +1089,15 @@ TlsGetSessionId (
VOID
EFIAPI
TlsGetClientRandom (
IN VOID *Tls,
IN OUT UINT8 *ClientRandom
IN VOID *Tls,
IN OUT UINT8 *ClientRandom
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || ClientRandom == NULL) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (ClientRandom == NULL)) {
return;
}
@@ -1076,15 +1118,15 @@ TlsGetClientRandom (
VOID
EFIAPI
TlsGetServerRandom (
IN VOID *Tls,
IN OUT UINT8 *ServerRandom
IN VOID *Tls,
IN OUT UINT8 *ServerRandom
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || ServerRandom == NULL) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (ServerRandom == NULL)) {
return;
}
@@ -1108,17 +1150,17 @@ TlsGetServerRandom (
EFI_STATUS
EFIAPI
TlsGetKeyMaterial (
IN VOID *Tls,
IN OUT UINT8 *KeyMaterial
IN VOID *Tls,
IN OUT UINT8 *KeyMaterial
)
{
TLS_CONNECTION *TlsConn;
SSL_SESSION *Session;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
Session = NULL;
if (TlsConn == NULL || TlsConn->Ssl == NULL || KeyMaterial == NULL) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (KeyMaterial == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -1152,9 +1194,9 @@ TlsGetKeyMaterial (
EFI_STATUS
EFIAPI
TlsGetCaCertificate (
IN VOID *Tls,
OUT VOID *Data,
IN OUT UINTN *DataSize
IN VOID *Tls,
OUT VOID *Data,
IN OUT UINTN *DataSize
)
{
return EFI_UNSUPPORTED;
@@ -1180,22 +1222,22 @@ TlsGetCaCertificate (
EFI_STATUS
EFIAPI
TlsGetHostPublicCert (
IN VOID *Tls,
OUT VOID *Data,
IN OUT UINTN *DataSize
IN VOID *Tls,
OUT VOID *Data,
IN OUT UINTN *DataSize
)
{
X509 *Cert;
TLS_CONNECTION *TlsConn;
Cert = NULL;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL || DataSize == NULL || (*DataSize != 0 && Data == NULL)) {
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL) || (DataSize == NULL) || ((*DataSize != 0) && (Data == NULL))) {
return EFI_INVALID_PARAMETER;
}
Cert = SSL_get_certificate(TlsConn->Ssl);
Cert = SSL_get_certificate (TlsConn->Ssl);
if (Cert == NULL) {
return EFI_NOT_FOUND;
}
@@ -1203,12 +1245,12 @@ TlsGetHostPublicCert (
//
// Only DER encoding is supported currently.
//
if (*DataSize < (UINTN) i2d_X509 (Cert, NULL)) {
*DataSize = (UINTN) i2d_X509 (Cert, NULL);
if (*DataSize < (UINTN)i2d_X509 (Cert, NULL)) {
*DataSize = (UINTN)i2d_X509 (Cert, NULL);
return EFI_BUFFER_TOO_SMALL;
}
*DataSize = (UINTN) i2d_X509 (Cert, (unsigned char **) &Data);
*DataSize = (UINTN)i2d_X509 (Cert, (unsigned char **)&Data);
return EFI_SUCCESS;
}
@@ -1232,9 +1274,9 @@ TlsGetHostPublicCert (
EFI_STATUS
EFIAPI
TlsGetHostPrivateKey (
IN VOID *Tls,
OUT VOID *Data,
IN OUT UINTN *DataSize
IN VOID *Tls,
OUT VOID *Data,
IN OUT UINTN *DataSize
)
{
return EFI_UNSUPPORTED;
@@ -1258,8 +1300,8 @@ TlsGetHostPrivateKey (
EFI_STATUS
EFIAPI
TlsGetCertRevocationList (
OUT VOID *Data,
IN OUT UINTN *DataSize
OUT VOID *Data,
IN OUT UINTN *DataSize
)
{
return EFI_UNSUPPORTED;

34
CryptoPkg/Library/TlsLib/TlsInit.c
View File

@@ -26,7 +26,7 @@ TlsInitialize (
VOID
)
{
INTN Ret;
INTN Ret;
//
// Performs initialization of crypto and ssl library, and loads required
@@ -55,7 +55,7 @@ TlsInitialize (
VOID
EFIAPI
TlsCtxFree (
IN VOID *TlsCtx
IN VOID *TlsCtx
)
{
if (TlsCtx == NULL) {
@@ -63,7 +63,7 @@ TlsCtxFree (
}
if (TlsCtx != NULL) {
SSL_CTX_free ((SSL_CTX *) (TlsCtx));
SSL_CTX_free ((SSL_CTX *)(TlsCtx));
}
}
@@ -81,8 +81,8 @@ TlsCtxFree (
VOID *
EFIAPI
TlsCtxNew (
IN UINT8 MajorVer,
IN UINT8 MinorVer
IN UINT8 MajorVer,
IN UINT8 MinorVer
)
{
SSL_CTX *TlsCtx;
@@ -106,7 +106,7 @@ TlsCtxNew (
//
SSL_CTX_set_min_proto_version (TlsCtx, ProtoVersion);
return (VOID *) TlsCtx;
return (VOID *)TlsCtx;
}
/**
@@ -121,12 +121,12 @@ TlsCtxNew (
VOID
EFIAPI
TlsFree (
IN VOID *Tls
IN VOID *Tls
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
if (TlsConn == NULL) {
return;
}
@@ -157,7 +157,7 @@ TlsFree (
VOID *
EFIAPI
TlsNew (
IN VOID *TlsCtx
IN VOID *TlsCtx
)
{
TLS_CONNECTION *TlsConn;
@@ -169,7 +169,7 @@ TlsNew (
//
// Allocate one new TLS_CONNECTION object
//
TlsConn = (TLS_CONNECTION *) OPENSSL_malloc (sizeof (TLS_CONNECTION));
TlsConn = (TLS_CONNECTION *)OPENSSL_malloc (sizeof (TLS_CONNECTION));
if (TlsConn == NULL) {
return NULL;
}
@@ -179,9 +179,9 @@ TlsNew (
//
// Create a new SSL Object
//
TlsConn->Ssl = SSL_new ((SSL_CTX *) TlsCtx);
TlsConn->Ssl = SSL_new ((SSL_CTX *)TlsCtx);
if (TlsConn->Ssl == NULL) {
TlsFree ((VOID *) TlsConn);
TlsFree ((VOID *)TlsConn);
return NULL;
}
@@ -202,7 +202,7 @@ TlsNew (
//
TlsConn->InBio = BIO_new (BIO_s_mem ());
if (TlsConn->InBio == NULL) {
TlsFree ((VOID *) TlsConn);
TlsFree ((VOID *)TlsConn);
return NULL;
}
@@ -219,7 +219,7 @@ TlsNew (
//
TlsConn->OutBio = BIO_new (BIO_s_mem ());
if (TlsConn->OutBio == NULL) {
TlsFree ((VOID *) TlsConn);
TlsFree ((VOID *)TlsConn);
return NULL;
}
@@ -244,9 +244,10 @@ TlsNew (
if (X509Store == NULL) {
X509Store = X509_STORE_new ();
if (X509Store == NULL) {
TlsFree ((VOID *) TlsConn);
TlsFree ((VOID *)TlsConn);
return NULL;
}
SSL_CTX_set1_verify_cert_store (SslCtx, X509Store);
X509_STORE_free (X509Store);
}
@@ -258,6 +259,5 @@ TlsNew (
X509Store,
X509_V_FLAG_PARTIAL_CHAIN | X509_V_FLAG_NO_CHECK_TIME
);
return (VOID *) TlsConn;
return (VOID *)TlsConn;
}

201
CryptoPkg/Library/TlsLib/TlsProcess.c
View File

@@ -10,7 +10,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "InternalTlsLib.h"
#define MAX_BUFFER_SIZE 32768
#define MAX_BUFFER_SIZE 32768
/**
Checks if the TLS handshake was done.
@@ -26,13 +26,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
BOOLEAN
EFIAPI
TlsInHandshake (
IN VOID *Tls
IN VOID *Tls
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) {
TlsConn = (TLS_CONNECTION *)Tls;
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return FALSE;
}
@@ -71,11 +71,11 @@ TlsInHandshake (
EFI_STATUS
EFIAPI
TlsDoHandshake (
IN VOID *Tls,
IN UINT8 *BufferIn OPTIONAL,
IN UINTN BufferInSize OPTIONAL,
OUT UINT8 *BufferOut OPTIONAL,
IN OUT UINTN *BufferOutSize
IN VOID *Tls,
IN UINT8 *BufferIn OPTIONAL,
IN UINTN BufferInSize OPTIONAL,
OUT UINT8 *BufferOut OPTIONAL,
IN OUT UINTN *BufferOutSize
)
{
TLS_CONNECTION *TlsConn;
@@ -83,45 +83,47 @@ TlsDoHandshake (
INTN Ret;
UINTN ErrorCode;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
PendingBufferSize = 0;
Ret = 1;
if (TlsConn == NULL || \
TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \
BufferOutSize == NULL || \
(BufferIn == NULL && BufferInSize != 0) || \
(BufferIn != NULL && BufferInSize == 0) || \
(BufferOut == NULL && *BufferOutSize != 0)) {
if ((TlsConn == NULL) || \
(TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
(BufferOutSize == NULL) || \
((BufferIn == NULL) && (BufferInSize != 0)) || \
((BufferIn != NULL) && (BufferInSize == 0)) || \
((BufferOut == NULL) && (*BufferOutSize != 0)))
{
return EFI_INVALID_PARAMETER;
}
if(BufferIn == NULL && BufferInSize == 0) {
if ((BufferIn == NULL) && (BufferInSize == 0)) {
//
// If RequestBuffer is NULL and RequestSize is 0, and TLS session
// status is EfiTlsSessionNotStarted, the TLS session will be initiated
// and the response packet needs to be ClientHello.
//
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
if (PendingBufferSize == 0) {
SSL_set_connect_state (TlsConn->Ssl);
Ret = SSL_do_handshake (TlsConn->Ssl);
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
Ret = SSL_do_handshake (TlsConn->Ssl);
PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
}
} else {
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
if (PendingBufferSize == 0) {
BIO_write (TlsConn->InBio, BufferIn, (UINT32) BufferInSize);
Ret = SSL_do_handshake (TlsConn->Ssl);
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
BIO_write (TlsConn->InBio, BufferIn, (UINT32)BufferInSize);
Ret = SSL_do_handshake (TlsConn->Ssl);
PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
}
}
if (Ret < 1) {
Ret = SSL_get_error (TlsConn->Ssl, (int) Ret);
if (Ret == SSL_ERROR_SSL ||
Ret == SSL_ERROR_SYSCALL ||
Ret == SSL_ERROR_ZERO_RETURN) {
Ret = SSL_get_error (TlsConn->Ssl, (int)Ret);
if ((Ret == SSL_ERROR_SSL) ||
(Ret == SSL_ERROR_SYSCALL) ||
(Ret == SSL_ERROR_ZERO_RETURN))
{
DEBUG ((
DEBUG_ERROR,
"%a SSL_HANDSHAKE_ERROR State=0x%x SSL_ERROR_%a\n",
@@ -130,21 +132,23 @@ TlsDoHandshake (
Ret == SSL_ERROR_SSL ? "SSL" : Ret == SSL_ERROR_SYSCALL ? "SYSCALL" : "ZERO_RETURN"
));
DEBUG_CODE_BEGIN ();
while (TRUE) {
ErrorCode = ERR_get_error ();
if (ErrorCode == 0) {
break;
}
DEBUG ((
DEBUG_ERROR,
"%a ERROR 0x%x=L%x:F%x:R%x\n",
__FUNCTION__,
ErrorCode,
ERR_GET_LIB (ErrorCode),
ERR_GET_FUNC (ErrorCode),
ERR_GET_REASON (ErrorCode)
));
while (TRUE) {
ErrorCode = ERR_get_error ();
if (ErrorCode == 0) {
break;
}
DEBUG ((
DEBUG_ERROR,
"%a ERROR 0x%x=L%x:F%x:R%x\n",
__FUNCTION__,
ErrorCode,
ERR_GET_LIB (ErrorCode),
ERR_GET_FUNC (ErrorCode),
ERR_GET_REASON (ErrorCode)
));
}
DEBUG_CODE_END ();
return EFI_ABORTED;
}
@@ -156,7 +160,7 @@ TlsDoHandshake (
}
if (PendingBufferSize > 0) {
*BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32) PendingBufferSize);
*BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32)PendingBufferSize);
} else {
*BufferOutSize = 0;
}
@@ -192,11 +196,11 @@ TlsDoHandshake (
EFI_STATUS
EFIAPI
TlsHandleAlert (
IN VOID *Tls,
IN UINT8 *BufferIn OPTIONAL,
IN UINTN BufferInSize OPTIONAL,
OUT UINT8 *BufferOut OPTIONAL,
IN OUT UINTN *BufferOutSize
IN VOID *Tls,
IN UINT8 *BufferIn OPTIONAL,
IN UINTN BufferInSize OPTIONAL,
OUT UINT8 *BufferOut OPTIONAL,
IN OUT UINTN *BufferOutSize
)
{
TLS_CONNECTION *TlsConn;
@@ -204,28 +208,29 @@ TlsHandleAlert (
UINT8 *TempBuffer;
INTN Ret;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
PendingBufferSize = 0;
TempBuffer = NULL;
Ret = 0;
if (TlsConn == NULL || \
TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \
BufferOutSize == NULL || \
(BufferIn == NULL && BufferInSize != 0) || \
(BufferIn != NULL && BufferInSize == 0) || \
(BufferOut == NULL && *BufferOutSize != 0)) {
if ((TlsConn == NULL) || \
(TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
(BufferOutSize == NULL) || \
((BufferIn == NULL) && (BufferInSize != 0)) || \
((BufferIn != NULL) && (BufferInSize == 0)) || \
((BufferOut == NULL) && (*BufferOutSize != 0)))
{
return EFI_INVALID_PARAMETER;
}
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
if (PendingBufferSize == 0 && BufferIn != NULL && BufferInSize != 0) {
Ret = BIO_write (TlsConn->InBio, BufferIn, (UINT32) BufferInSize);
if (Ret != (INTN) BufferInSize) {
PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
if ((PendingBufferSize == 0) && (BufferIn != NULL) && (BufferInSize != 0)) {
Ret = BIO_write (TlsConn->InBio, BufferIn, (UINT32)BufferInSize);
if (Ret != (INTN)BufferInSize) {
return EFI_ABORTED;
}
TempBuffer = (UINT8 *) OPENSSL_malloc (MAX_BUFFER_SIZE);
TempBuffer = (UINT8 *)OPENSSL_malloc (MAX_BUFFER_SIZE);
//
// ssl3_send_alert() will be called in ssl3_read_bytes() function.
@@ -235,7 +240,7 @@ TlsHandleAlert (
OPENSSL_free (TempBuffer);
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
}
if (PendingBufferSize > *BufferOutSize) {
@@ -244,7 +249,7 @@ TlsHandleAlert (
}
if (PendingBufferSize > 0) {
*BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32) PendingBufferSize);
*BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32)PendingBufferSize);
} else {
*BufferOutSize = 0;
}
@@ -273,31 +278,32 @@ TlsHandleAlert (
EFI_STATUS
EFIAPI
TlsCloseNotify (
IN VOID *Tls,
IN OUT UINT8 *Buffer,
IN OUT UINTN *BufferSize
IN VOID *Tls,
IN OUT UINT8 *Buffer,
IN OUT UINTN *BufferSize
)
{
TLS_CONNECTION *TlsConn;
UINTN PendingBufferSize;
TlsConn = (TLS_CONNECTION *) Tls;
TlsConn = (TLS_CONNECTION *)Tls;
PendingBufferSize = 0;
if (TlsConn == NULL || \
TlsConn->Ssl == NULL || TlsConn->InBio == NULL || TlsConn->OutBio == NULL || \
BufferSize == NULL || \
(Buffer == NULL && *BufferSize != 0)) {
if ((TlsConn == NULL) || \
(TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
(BufferSize == NULL) || \
((Buffer == NULL) && (*BufferSize != 0)))
{
return EFI_INVALID_PARAMETER;
}
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
if (PendingBufferSize == 0) {
//
// ssl3_send_alert() and ssl3_dispatch_alert() function will be called.
//
SSL_shutdown (TlsConn->Ssl);
PendingBufferSize = (UINTN) BIO_ctrl_pending (TlsConn->OutBio);
PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
}
if (PendingBufferSize > *BufferSize) {
@@ -306,7 +312,7 @@ TlsCloseNotify (
}
if (PendingBufferSize > 0) {
*BufferSize = BIO_read (TlsConn->OutBio, Buffer, (UINT32) PendingBufferSize);
*BufferSize = BIO_read (TlsConn->OutBio, Buffer, (UINT32)PendingBufferSize);
} else {
*BufferSize = 0;
}
@@ -331,22 +337,22 @@ TlsCloseNotify (
INTN
EFIAPI
TlsCtrlTrafficOut (
IN VOID *Tls,
IN OUT VOID *Buffer,
IN UINTN BufferSize
IN VOID *Tls,
IN OUT VOID *Buffer,
IN UINTN BufferSize
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
if (TlsConn == NULL || TlsConn->OutBio == 0) {
TlsConn = (TLS_CONNECTION *)Tls;
if ((TlsConn == NULL) || (TlsConn->OutBio == 0)) {
return -1;
}
//
// Read and return the amount of data from the BIO.
//
return BIO_read (TlsConn->OutBio, Buffer, (UINT32) BufferSize);
return BIO_read (TlsConn->OutBio, Buffer, (UINT32)BufferSize);
}
/**
@@ -366,23 +372,24 @@ TlsCtrlTrafficOut (
INTN
EFIAPI
TlsCtrlTrafficIn (
IN VOID *Tls,
IN VOID *Buffer,
IN UINTN BufferSize
IN VOID *Tls,
IN VOID *Buffer,
IN UINTN BufferSize
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
if (TlsConn == NULL || TlsConn->InBio == 0) {
TlsConn = (TLS_CONNECTION *)Tls;
if ((TlsConn == NULL) || (TlsConn->InBio == 0)) {
return -1;
}
//
// Write and return the amount of data to the BIO.
//
return BIO_write (TlsConn->InBio, Buffer, (UINT32) BufferSize);
return BIO_write (TlsConn->InBio, Buffer, (UINT32)BufferSize);
}
/**
Attempts to read bytes from the specified TLS connection into the buffer.
@@ -401,22 +408,22 @@ TlsCtrlTrafficIn (
INTN
EFIAPI
TlsRead (
IN VOID *Tls,
IN OUT VOID *Buffer,
IN UINTN BufferSize
IN VOID *Tls,
IN OUT VOID *Buffer,
IN UINTN BufferSize
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) {
TlsConn = (TLS_CONNECTION *)Tls;
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return -1;
}
//
// Read bytes from the specified TLS connection.
//
return SSL_read (TlsConn->Ssl, Buffer, (UINT32) BufferSize);
return SSL_read (TlsConn->Ssl, Buffer, (UINT32)BufferSize);
}
/**
@@ -437,20 +444,20 @@ TlsRead (
INTN
EFIAPI
TlsWrite (
IN VOID *Tls,
IN VOID *Buffer,
IN UINTN BufferSize
IN VOID *Tls,
IN VOID *Buffer,
IN UINTN BufferSize
)
{
TLS_CONNECTION *TlsConn;
TlsConn = (TLS_CONNECTION *) Tls;
if (TlsConn == NULL || TlsConn->Ssl == NULL) {
TlsConn = (TLS_CONNECTION *)Tls;
if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
return -1;
}
//
// Write bytes to the specified TLS connection.
//
return SSL_write (TlsConn->Ssl, Buffer, (UINT32) BufferSize);
return SSL_write (TlsConn->Ssl, Buffer, (UINT32)BufferSize);
}