CryptoPkg: Extend Tls function library
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3892 1. TlsSetSignatureAlgoList(): Configure the list of TLS signature algorithms that should be used as part of the TLS session establishment. This is needed for some WLAN Supplicant connection establishment flows that allow only specific TLS signature algorithms to be used, e.g., Authenticate and Key Managmenet (AKM) suites that are SUITE-B compliant. 2. TlsSetEcCurve(): Configure the Elliptic Curve that should be used for TLS flows the use cipher suite with EC, e.g., TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. This is needed for some WLAN Supplicant connection establishment flows that allow only specific TLS signature algorithms to be used, e.g., Authenticate and Key Managmenet (AKM) suites that are SUITE-B compliant. 3. TlsShutdown(): Shutdown the TLS connection without releasing the resources, meaning a new connection can be started without calling TlsNew() and without setting certificates etc. 4. TlsGetExportKey(): Derive keying material from a TLS connection using the mechanism described in RFC 5705 and export the key material (needed by EAP methods such as EAP-TTLS and EAP-PEAP). 5. TlsSetHostPrivateKeyEx(): This function adds the local private key (PEM-encoded or PKCS#8 or DER-encoded private key) into the specified TLS object for TLS negotiation. There is already a similar function TlsSetHostPrivateKey(), the new Ex function introduces a new parameter Password, set Password to NULL when useless. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> Cc: Guomin Jiang <guomin.jiang@intel.com> Signed-off-by: Yi Li <yi1.li@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
This commit is contained in:
@@ -245,3 +245,26 @@ TlsWrite (
|
||||
ASSERT (FALSE);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
Shutdown a TLS connection.
|
||||
|
||||
Shutdown the TLS connection without releasing the resources, meaning a new
|
||||
connection can be started without calling TlsNew() and without setting
|
||||
certificates etc.
|
||||
|
||||
@param[in] Tls Pointer to the TLS object to shutdown.
|
||||
|
||||
@retval EFI_SUCCESS The TLS is shutdown successfully.
|
||||
@retval EFI_INVALID_PARAMETER Tls is NULL.
|
||||
@retval EFI_PROTOCOL_ERROR Some other error occurred.
|
||||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
TlsShutdown (
|
||||
IN VOID *Tls
|
||||
)
|
||||
{
|
||||
ASSERT (FALSE);
|
||||
return EFI_UNSUPPORTED;
|
||||
}
|
||||
|
Reference in New Issue
Block a user