- Generated on Fri Nov 15 2024 18:01:28 for TianoCore EDK2 by
1.9.6
|
TianoCore EDK2 master
|
Go to the source code of this file.
Functions | |
| BOOLEAN EFIAPI | TlsInitialize (VOID) |
| VOID EFIAPI | TlsCtxFree (IN VOID *TlsCtx) |
| VOID *EFIAPI | TlsCtxNew (IN UINT8 MajorVer, IN UINT8 MinorVer) |
| VOID EFIAPI | TlsFree (IN VOID *Tls) |
| VOID *EFIAPI | TlsNew (IN VOID *TlsCtx) |
| BOOLEAN EFIAPI | TlsInHandshake (IN VOID *Tls) |
| EFI_STATUS EFIAPI | TlsDoHandshake (IN VOID *Tls, IN UINT8 *BufferIn OPTIONAL, IN UINTN BufferInSize OPTIONAL, OUT UINT8 *BufferOut OPTIONAL, IN OUT UINTN *BufferOutSize) |
| EFI_STATUS EFIAPI | TlsHandleAlert (IN VOID *Tls, IN UINT8 *BufferIn OPTIONAL, IN UINTN BufferInSize OPTIONAL, OUT UINT8 *BufferOut OPTIONAL, IN OUT UINTN *BufferOutSize) |
| EFI_STATUS EFIAPI | TlsCloseNotify (IN VOID *Tls, IN OUT UINT8 *Buffer, IN OUT UINTN *BufferSize) |
| INTN EFIAPI | TlsCtrlTrafficOut (IN VOID *Tls, IN OUT VOID *Buffer, IN UINTN BufferSize) |
| INTN EFIAPI | TlsCtrlTrafficIn (IN VOID *Tls, IN VOID *Buffer, IN UINTN BufferSize) |
| INTN EFIAPI | TlsRead (IN VOID *Tls, IN OUT VOID *Buffer, IN UINTN BufferSize) |
| INTN EFIAPI | TlsWrite (IN VOID *Tls, IN VOID *Buffer, IN UINTN BufferSize) |
| EFI_STATUS EFIAPI | TlsShutdown (IN VOID *Tls) |
| EFI_STATUS EFIAPI | TlsSetVersion (IN VOID *Tls, IN UINT8 MajorVer, IN UINT8 MinorVer) |
| EFI_STATUS EFIAPI | TlsSetConnectionEnd (IN VOID *Tls, IN BOOLEAN IsServer) |
| EFI_STATUS EFIAPI | TlsSetCipherList (IN VOID *Tls, IN UINT16 *CipherId, IN UINTN CipherNum) |
| EFI_STATUS EFIAPI | TlsSetCompressionMethod (IN UINT8 CompMethod) |
| VOID EFIAPI | TlsSetVerify (IN VOID *Tls, IN UINT32 VerifyMode) |
| EFI_STATUS EFIAPI | TlsSetVerifyHost (IN VOID *Tls, IN UINT32 Flags, IN CHAR8 *HostName) |
| EFI_STATUS EFIAPI | TlsSetSessionId (IN VOID *Tls, IN UINT8 *SessionId, IN UINT16 SessionIdLen) |
| EFI_STATUS EFIAPI | TlsSetCaCertificate (IN VOID *Tls, IN VOID *Data, IN UINTN DataSize) |
| EFI_STATUS EFIAPI | TlsSetHostPublicCert (IN VOID *Tls, IN VOID *Data, IN UINTN DataSize) |
| EFI_STATUS EFIAPI | TlsSetHostPrivateKeyEx (IN VOID *Tls, IN VOID *Data, IN UINTN DataSize, IN VOID *Password OPTIONAL) |
| EFI_STATUS EFIAPI | TlsSetHostPrivateKey (IN VOID *Tls, IN VOID *Data, IN UINTN DataSize) |
| EFI_STATUS EFIAPI | TlsSetCertRevocationList (IN VOID *Data, IN UINTN DataSize) |
| EFI_STATUS EFIAPI | TlsSetSignatureAlgoList (IN VOID *Tls, IN UINT8 *Data, IN UINTN DataSize) |
| EFI_STATUS EFIAPI | TlsSetEcCurve (IN VOID *Tls, IN UINT8 *Data, IN UINTN DataSize) |
| UINT16 EFIAPI | TlsGetVersion (IN VOID *Tls) |
| UINT8 EFIAPI | TlsGetConnectionEnd (IN VOID *Tls) |
| EFI_STATUS EFIAPI | TlsGetCurrentCipher (IN VOID *Tls, IN OUT UINT16 *CipherId) |
| EFI_STATUS EFIAPI | TlsGetCurrentCompressionId (IN VOID *Tls, IN OUT UINT8 *CompressionId) |
| UINT32 EFIAPI | TlsGetVerify (IN VOID *Tls) |
| EFI_STATUS EFIAPI | TlsGetSessionId (IN VOID *Tls, IN OUT UINT8 *SessionId, IN OUT UINT16 *SessionIdLen) |
| VOID EFIAPI | TlsGetClientRandom (IN VOID *Tls, IN OUT UINT8 *ClientRandom) |
| VOID EFIAPI | TlsGetServerRandom (IN VOID *Tls, IN OUT UINT8 *ServerRandom) |
| EFI_STATUS EFIAPI | TlsGetKeyMaterial (IN VOID *Tls, IN OUT UINT8 *KeyMaterial) |
| EFI_STATUS EFIAPI | TlsGetCaCertificate (IN VOID *Tls, OUT VOID *Data, IN OUT UINTN *DataSize) |
| EFI_STATUS EFIAPI | TlsGetHostPublicCert (IN VOID *Tls, OUT VOID *Data, IN OUT UINTN *DataSize) |
| EFI_STATUS EFIAPI | TlsGetHostPrivateKey (IN VOID *Tls, OUT VOID *Data, IN OUT UINTN *DataSize) |
| EFI_STATUS EFIAPI | TlsGetCertRevocationList (OUT VOID *Data, IN OUT UINTN *DataSize) |
| EFI_STATUS EFIAPI | TlsGetExportKey (IN VOID *Tls, IN CONST VOID *Label, IN CONST VOID *Context, IN UINTN ContextLen, OUT VOID *KeyBuffer, IN UINTN KeyBufferLen) |
Defines TLS Library APIs.
Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
Definition in file TlsLib.h.
| EFI_STATUS EFIAPI TlsCloseNotify | ( | IN VOID * | Tls, |
| IN OUT UINT8 * | Buffer, | ||
| IN OUT UINTN * | BufferSize | ||
| ) |
Build the CloseNotify packet.
| [in] | Tls | Pointer to the TLS object for state checking. |
| [in,out] | Buffer | Pointer to the buffer to hold the built packet. |
| [in,out] | BufferSize | Pointer to the buffer size in bytes. On input, it is the buffer size provided by the caller. On output, it is the buffer size in fact needed to contain the packet. |
| EFI_SUCCESS | The required TLS packet is built successfully. |
| EFI_INVALID_PARAMETER | One or more of the following conditions is TRUE: Tls is NULL. BufferSize is NULL. Buffer is NULL if *BufferSize is not zero. |
| EFI_BUFFER_TOO_SMALL | BufferSize is too small to hold the response packet. |
Definition at line 3895 of file CryptLib.c.
Attempts to write data from the buffer to TLS object.
This function will attempt to write BufferSize bytes data from the Buffer to the TLS object.
| [in] | Tls | Pointer to the TLS object. |
| [in] | Buffer | Pointer to the data buffer. |
| [in] | BufferSize | The size of Buffer in bytes. |
| >0 | The amount of data successfully written to the TLS object. |
| <=0 | No data was successfully written. |
Definition at line 3945 of file CryptLib.c.
Attempts to read bytes from one TLS object and places the data in Buffer.
This function will attempt to read BufferSize bytes from the TLS object and places the data in Buffer.
| [in] | Tls | Pointer to the TLS object. |
| [in,out] | Buffer | Pointer to the buffer to store the data. |
| [in] | BufferSize | The size of Buffer in bytes. |
| >0 | The amount of data successfully read from the TLS object. |
| <=0 | No data was successfully read. |
Definition at line 3920 of file CryptLib.c.
| VOID EFIAPI TlsCtxFree | ( | IN VOID * | TlsCtx | ) |
Free an allocated SSL_CTX object.
| [in] | TlsCtx | Pointer to the SSL_CTX object to be released. |
Definition at line 3710 of file CryptLib.c.
Creates a new SSL_CTX object as framework to establish TLS/SSL enabled connections.
| [in] | MajorVer | Major Version of TLS/SSL Protocol. |
| [in] | MinorVer | Minor Version of TLS/SSL Protocol. |
Definition at line 3730 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsDoHandshake | ( | IN VOID * | Tls, |
| IN UINT8 *BufferIn | OPTIONAL, | ||
| IN UINTN BufferInSize | OPTIONAL, | ||
| OUT UINT8 *BufferOut | OPTIONAL, | ||
| IN OUT UINTN * | BufferOutSize | ||
| ) |
Perform a TLS/SSL handshake.
This function will perform a TLS/SSL handshake.
| [in] | Tls | Pointer to the TLS object for handshake operation. |
| [in] | BufferIn | Pointer to the most recently received TLS Handshake packet. |
| [in] | BufferInSize | Packet size in bytes for the most recently received TLS Handshake packet. |
| [out] | BufferOut | Pointer to the buffer to hold the built packet. |
| [in,out] | BufferOutSize | Pointer to the buffer size in bytes. On input, it is the buffer size provided by the caller. On output, it is the buffer size in fact needed to contain the packet. |
| EFI_SUCCESS | The required TLS packet is built successfully. |
| EFI_INVALID_PARAMETER | One or more of the following conditions is TRUE: Tls is NULL. BufferIn is NULL but BufferInSize is NOT 0. BufferInSize is 0 but BufferIn is NOT NULL. BufferOutSize is NULL. BufferOut is NULL if *BufferOutSize is not zero. |
| EFI_BUFFER_TOO_SMALL | BufferOutSize is too small to hold the response packet. |
| EFI_ABORTED | Something wrong during handshake. |
Definition at line 3826 of file CryptLib.c.
| VOID EFIAPI TlsFree | ( | IN VOID * | Tls | ) |
Free an allocated TLS object.
This function removes the TLS object pointed to by Tls and frees up the allocated memory. If Tls is NULL, nothing is done.
| [in] | Tls | Pointer to the TLS object to be freed. |
Definition at line 3749 of file CryptLib.c.
Gets the CA Certificate from the cert store.
This function returns the CA certificate for the chosen TLS connection.
| [in] | Tls | Pointer to the TLS object. |
| [out] | Data | Pointer to the data buffer to receive the CA certificate data sent to the client. |
| [in,out] | DataSize | The size of data buffer in bytes. |
| EFI_SUCCESS | The operation succeeded. |
| EFI_UNSUPPORTED | This function is not supported. |
| EFI_BUFFER_TOO_SMALL | The Data is too small to hold the data. |
Definition at line 4610 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsGetCertRevocationList | ( | OUT VOID * | Data, |
| IN OUT UINTN * | DataSize | ||
| ) |
Gets the CA-supplied certificate revocation list data set in the specified TLS object.
This function returns the CA-supplied certificate revocation list data which was currently set in the specified TLS object.
| [out] | Data | Pointer to the data buffer to receive the CRL data. |
| [in,out] | DataSize | The size of data buffer in bytes. |
| EFI_SUCCESS | The operation succeeded. |
| EFI_UNSUPPORTED | This function is not supported. |
| EFI_BUFFER_TOO_SMALL | The Data is too small to hold the data. |
Definition at line 4691 of file CryptLib.c.
Gets the client random data used in the specified TLS connection.
This function returns the TLS/SSL client random data currently used in the specified TLS connection.
| [in] | Tls | Pointer to the TLS object. |
| [in,out] | ClientRandom | Buffer to contain the returned client random data (32 bytes). |
Definition at line 4539 of file CryptLib.c.
| UINT8 EFIAPI TlsGetConnectionEnd | ( | IN VOID * | Tls | ) |
Gets the connection end of the specified TLS connection.
This function returns the connection end (as client or as server) used by the specified TLS connection.
If Tls is NULL, then ASSERT().
| [in] | Tls | Pointer to the TLS object. |
Definition at line 4421 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsGetCurrentCipher | ( | IN VOID * | Tls, |
| IN OUT UINT16 * | CipherId | ||
| ) |
Gets the cipher suite used by the specified TLS connection.
This function returns current cipher suite used by the specified TLS connection.
| [in] | Tls | Pointer to the TLS object. |
| [in,out] | CipherId | The cipher suite used by the TLS object. |
| EFI_SUCCESS | The cipher suite was returned successfully. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_UNSUPPORTED | Unsupported cipher suite. |
Definition at line 4444 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsGetCurrentCompressionId | ( | IN VOID * | Tls, |
| IN OUT UINT8 * | CompressionId | ||
| ) |
Gets the compression methods used by the specified TLS connection.
This function returns current integrated compression methods used by the specified TLS connection.
| [in] | Tls | Pointer to the TLS object. |
| [in,out] | CompressionId | The current compression method used by the TLS object. |
| EFI_SUCCESS | The compression method was returned successfully. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_ABORTED | Invalid Compression method. |
| EFI_UNSUPPORTED | This function is not supported. |
Definition at line 4470 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsGetExportKey | ( | IN VOID * | Tls, |
| IN CONST VOID * | Label, | ||
| IN CONST VOID * | Context, | ||
| IN UINTN | ContextLen, | ||
| OUT VOID * | KeyBuffer, | ||
| IN UINTN | KeyBufferLen | ||
| ) |
Derive keying material from a TLS connection.
This function exports keying material using the mechanism described in RFC 5705.
| [in] | Tls | Pointer to the TLS object |
| [in] | Label | Description of the key for the PRF function |
| [in] | Context | Optional context |
| [in] | ContextLen | The length of the context value in bytes |
| [out] | KeyBuffer | Buffer to hold the output of the TLS-PRF |
| [in] | KeyBufferLen | The length of the KeyBuffer |
| EFI_SUCCESS | The operation succeeded. |
| EFI_INVALID_PARAMETER | The TLS object is invalid. |
| EFI_PROTOCOL_ERROR | Some other error occurred. |
Definition at line 4719 of file CryptLib.c.
Gets the local private key set in the specified TLS object.
This function returns the local private key data which was currently set in the specified TLS object.
| [in] | Tls | Pointer to the TLS object. |
| [out] | Data | Pointer to the data buffer to receive the local private key data. |
| [in,out] | DataSize | The size of data buffer in bytes. |
| EFI_SUCCESS | The operation succeeded. |
| EFI_UNSUPPORTED | This function is not supported. |
| EFI_BUFFER_TOO_SMALL | The Data is too small to hold the data. |
Definition at line 4665 of file CryptLib.c.
Gets the local public Certificate set in the specified TLS object.
This function returns the local public certificate which was currently set in the specified TLS object.
| [in] | Tls | Pointer to the TLS object. |
| [out] | Data | Pointer to the data buffer to receive the local public certificate. |
| [in,out] | DataSize | The size of data buffer in bytes. |
| EFI_SUCCESS | The operation succeeded. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_NOT_FOUND | The certificate is not found. |
| EFI_BUFFER_TOO_SMALL | The Data is too small to hold the data. |
Definition at line 4638 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsGetKeyMaterial | ( | IN VOID * | Tls, |
| IN OUT UINT8 * | KeyMaterial | ||
| ) |
Gets the master key data used in the specified TLS connection.
This function returns the TLS/SSL master key material currently used in the specified TLS connection.
| [in] | Tls | Pointer to the TLS object. |
| [in,out] | KeyMaterial | Buffer to contain the returned key material. |
| EFI_SUCCESS | Key material was returned successfully. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_UNSUPPORTED | Invalid TLS/SSL session. |
Definition at line 4584 of file CryptLib.c.
Gets the server random data used in the specified TLS connection.
This function returns the TLS/SSL server random data currently used in the specified TLS connection.
| [in] | Tls | Pointer to the TLS object. |
| [in,out] | ServerRandom | Buffer to contain the returned server random data (32 bytes). |
Definition at line 4560 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsGetSessionId | ( | IN VOID * | Tls, |
| IN OUT UINT8 * | SessionId, | ||
| IN OUT UINT16 * | SessionIdLen | ||
| ) |
Gets the session ID used by the specified TLS connection.
This function returns the TLS/SSL session ID currently used by the specified TLS connection.
| [in] | Tls | Pointer to the TLS object. |
| [in,out] | SessionId | Buffer to contain the returned session ID. |
| [in,out] | SessionIdLen | The length of Session ID in bytes. |
| EFI_SUCCESS | The Session ID was returned successfully. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_UNSUPPORTED | Invalid TLS/SSL session. |
Definition at line 4517 of file CryptLib.c.
| UINT32 EFIAPI TlsGetVerify | ( | IN VOID * | Tls | ) |
Gets the verification mode currently set in the TLS connection.
This function returns the peer verification mode currently set in the specified TLS connection.
If Tls is NULL, then ASSERT().
| [in] | Tls | Pointer to the TLS object. |
Definition at line 4493 of file CryptLib.c.
| UINT16 EFIAPI TlsGetVersion | ( | IN VOID * | Tls | ) |
Gets the protocol version used by the specified TLS connection.
This function returns the protocol version used by the specified TLS connection.
If Tls is NULL, then ASSERT().
| [in] | Tls | Pointer to the TLS object. |
Definition at line 4399 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsHandleAlert | ( | IN VOID * | Tls, |
| IN UINT8 *BufferIn | OPTIONAL, | ||
| IN UINTN BufferInSize | OPTIONAL, | ||
| OUT UINT8 *BufferOut | OPTIONAL, | ||
| IN OUT UINTN * | BufferOutSize | ||
| ) |
Handle Alert message recorded in BufferIn. If BufferIn is NULL and BufferInSize is zero, TLS session has errors and the response packet needs to be Alert message based on error type.
| [in] | Tls | Pointer to the TLS object for state checking. |
| [in] | BufferIn | Pointer to the most recently received TLS Alert packet. |
| [in] | BufferInSize | Packet size in bytes for the most recently received TLS Alert packet. |
| [out] | BufferOut | Pointer to the buffer to hold the built packet. |
| [in,out] | BufferOutSize | Pointer to the buffer size in bytes. On input, it is the buffer size provided by the caller. On output, it is the buffer size in fact needed to contain the packet. |
| EFI_SUCCESS | The required TLS packet is built successfully. |
| EFI_INVALID_PARAMETER | One or more of the following conditions is TRUE: Tls is NULL. BufferIn is NULL but BufferInSize is NOT 0. BufferInSize is 0 but BufferIn is NOT NULL. BufferOutSize is NULL. BufferOut is NULL if *BufferOutSize is not zero. |
| EFI_ABORTED | An error occurred. |
| EFI_BUFFER_TOO_SMALL | BufferOutSize is too small to hold the response packet. |
Definition at line 3864 of file CryptLib.c.
| BOOLEAN EFIAPI TlsInHandshake | ( | IN VOID * | Tls | ) |
Checks if the TLS handshake was done.
This function will check if the specified TLS handshake was done.
| [in] | Tls | Pointer to the TLS object for handshake state checking. |
| TRUE | The TLS handshake was done. |
| FALSE | The TLS handshake was not done. |
Definition at line 3791 of file CryptLib.c.
| BOOLEAN EFIAPI TlsInitialize | ( | VOID | ) |
Initializes the OpenSSL library.
This function registers ciphers and digests used directly and indirectly by SSL/TLS, and initializes the readable error messages. This function must be called before any other action takes places.
| TRUE | The OpenSSL library has been initialized. |
| FALSE | Failed to initialize the OpenSSL library. |
Initializes the library.
This function registers ciphers and digests used directly and indirectly by SSL/TLS, and initializes the readable error messages. This function must be called before any other action takes places.
| TRUE | The library has been initialized. |
| FALSE | Failed to initialize the library. |
Definition at line 3695 of file CryptLib.c.
| VOID *EFIAPI TlsNew | ( | IN VOID * | TlsCtx | ) |
Create a new TLS object for a connection.
This function creates a new TLS object for a connection. The new object inherits the setting of the underlying context TlsCtx: connection method, options, verification setting.
| [in] | TlsCtx | Pointer to the SSL_CTX object. |
Definition at line 3771 of file CryptLib.c.
Attempts to read bytes from the specified TLS connection into the buffer.
This function tries to read BufferSize bytes data from the specified TLS connection into the Buffer.
| [in] | Tls | Pointer to the TLS connection for data reading. |
| [in,out] | Buffer | Pointer to the data buffer. |
| [in] | BufferSize | The size of Buffer in bytes. |
| >0 | The read operation was successful, and return value is the number of bytes actually read from the TLS connection. |
| <=0 | The read operation was not successful. |
Definition at line 3971 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetCaCertificate | ( | IN VOID * | Tls, |
| IN VOID * | Data, | ||
| IN UINTN | DataSize | ||
| ) |
Adds the CA to the cert store when requesting Server or Client authentication.
This function adds the CA certificate to the list of CAs when requesting Server or Client authentication for the chosen TLS connection.
| [in] | Tls | Pointer to the TLS object. |
| [in] | Data | Pointer to the data buffer of a DER-encoded binary X.509 certificate or PEM-encoded X.509 certificate. |
| [in] | DataSize | The size of data buffer in bytes. |
| EFI_SUCCESS | The operation succeeded. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_OUT_OF_RESOURCES | Required resources could not be allocated. |
| EFI_ABORTED | Invalid X.509 certificate. |
Definition at line 4213 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetCertRevocationList | ( | IN VOID * | Data, |
| IN UINTN | DataSize | ||
| ) |
Adds the CA-supplied certificate revocation list for certificate validation.
This function adds the CA-supplied certificate revocation list data for certificate validity checking.
| [in] | Data | Pointer to the data buffer of a DER-encoded CRL data. |
| [in] | DataSize | The size of data buffer in bytes. |
| EFI_SUCCESS | The operation succeeded. |
| EFI_UNSUPPORTED | This function is not supported. |
| EFI_ABORTED | Invalid CRL data. |
Definition at line 4323 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetCipherList | ( | IN VOID * | Tls, |
| IN UINT16 * | CipherId, | ||
| IN UINTN | CipherNum | ||
| ) |
Set the ciphers list to be used by the TLS object.
This function sets the ciphers for use by a specified TLS object.
| [in] | Tls | Pointer to a TLS object. |
| [in] | CipherId | Array of UINT16 cipher identifiers. Each UINT16 cipher identifier comes from the TLS Cipher Suite Registry of the IANA, interpreting Byte1 and Byte2 in network (big endian) byte order. |
| [in] | CipherNum | The number of cipher in the list. |
| EFI_SUCCESS | The ciphers list was set successfully. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_UNSUPPORTED | No supported TLS cipher was found in CipherId. |
| EFI_OUT_OF_RESOURCES | Memory allocation failed. |
Definition at line 4096 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetCompressionMethod | ( | IN UINT8 | CompMethod | ) |
Set the compression method for TLS/SSL operations.
This function handles TLS/SSL integrated compression methods.
| [in] | CompMethod | The compression method ID. |
| EFI_SUCCESS | The compression method for the communication was set successfully. |
| EFI_UNSUPPORTED | Unsupported compression method. |
Definition at line 4119 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetConnectionEnd | ( | IN VOID * | Tls, |
| IN BOOLEAN | IsServer | ||
| ) |
Set TLS object to work in client or server mode.
This function prepares a TLS object to work in client or server mode.
| [in] | Tls | Pointer to a TLS object. |
| [in] | IsServer | Work in server mode. |
| EFI_SUCCESS | The TLS/SSL work mode was set successfully. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_UNSUPPORTED | Unsupported TLS/SSL work mode. |
Definition at line 4068 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetEcCurve | ( | IN VOID * | Tls, |
| IN UINT8 * | Data, | ||
| IN UINTN | DataSize | ||
| ) |
Set the EC curve to be used for TLS flows
This function sets the EC curve to be used for TLS flows.
| [in] | Tls | Pointer to a TLS object. |
| [in] | Data | An EC named curve as defined in section 5.1.1 of RFC 4492. |
| [in] | DataSize | Size of Data, it should be sizeof (UINT32) |
| EFI_SUCCESS | The EC curve was set successfully. |
| EFI_INVALID_PARAMETER | The parameters are invalid. |
| EFI_UNSUPPORTED | The requested TLS EC curve is not supported |
Definition at line 4375 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetHostPrivateKey | ( | IN VOID * | Tls, |
| IN VOID * | Data, | ||
| IN UINTN | DataSize | ||
| ) |
Adds the local private key to the specified TLS object.
This function adds the local private key (DER-encoded or PEM-encoded or PKCS#8 private key) into the specified TLS object for TLS negotiation.
| [in] | Tls | Pointer to the TLS object. |
| [in] | Data | Pointer to the data buffer of a DER-encoded or PEM-encoded or PKCS#8 private key. |
| [in] | DataSize | The size of data buffer in bytes. |
| EFI_SUCCESS | The operation succeeded. |
| EFI_UNSUPPORTED | This function is not supported. |
| EFI_ABORTED | Invalid private key data. |
Definition at line 4298 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetHostPrivateKeyEx | ( | IN VOID * | Tls, |
| IN VOID * | Data, | ||
| IN UINTN | DataSize, | ||
| IN VOID *Password | OPTIONAL | ||
| ) |
Adds the local private key to the specified TLS object.
This function adds the local private key (DER-encoded or PEM-encoded or PKCS#8 private key) into the specified TLS object for TLS negotiation.
| [in] | Tls | Pointer to the TLS object. |
| [in] | Data | Pointer to the data buffer of a DER-encoded or PEM-encoded or PKCS#8 private key. |
| [in] | DataSize | The size of data buffer in bytes. |
| [in] | Password | Pointer to NULL-terminated private key password, set it to NULL if private key not encrypted. |
| EFI_SUCCESS | The operation succeeded. |
| EFI_UNSUPPORTED | This function is not supported. |
| EFI_ABORTED | Invalid private key data. |
Definition at line 4270 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetHostPublicCert | ( | IN VOID * | Tls, |
| IN VOID * | Data, | ||
| IN UINTN | DataSize | ||
| ) |
Loads the local public certificate into the specified TLS object.
This function loads the X.509 certificate into the specified TLS object for TLS negotiation.
| [in] | Tls | Pointer to the TLS object. |
| [in] | Data | Pointer to the data buffer of a DER-encoded binary X.509 certificate or PEM-encoded X.509 certificate. |
| [in] | DataSize | The size of data buffer in bytes. |
| EFI_SUCCESS | The operation succeeded. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_OUT_OF_RESOURCES | Required resources could not be allocated. |
| EFI_ABORTED | Invalid X.509 certificate. |
Definition at line 4241 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetSessionId | ( | IN VOID * | Tls, |
| IN UINT8 * | SessionId, | ||
| IN UINT16 | SessionIdLen | ||
| ) |
Sets a TLS/SSL session ID to be used during TLS/SSL connect.
This function sets a session ID to be used when the TLS/SSL connection is to be established.
| [in] | Tls | Pointer to the TLS object. |
| [in] | SessionId | Session ID data used for session resumption. |
| [in] | SessionIdLen | Length of Session ID in bytes. |
| EFI_SUCCESS | Session ID was set successfully. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_UNSUPPORTED | No available session for ID setting. |
Definition at line 4185 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetSignatureAlgoList | ( | IN VOID * | Tls, |
| IN UINT8 * | Data, | ||
| IN UINTN | DataSize | ||
| ) |
Set the signature algorithm list to used by the TLS object.
This function sets the signature algorithms for use by a specified TLS object.
| [in] | Tls | Pointer to a TLS object. |
| [in] | Data | Array of UINT8 of signature algorithms. The array consists of pairs of the hash algorithm and the signature algorithm as defined in RFC 5246 |
| [in] | DataSize | The length the SignatureAlgoList. Must be divisible by 2. |
| EFI_SUCCESS | The signature algorithm list was set successfully. |
| EFI_INVALID_PARAMETER | The parameters are invalid. |
| EFI_UNSUPPORTED | No supported TLS signature algorithm was found in SignatureAlgoList |
| EFI_OUT_OF_RESOURCES | Memory allocation failed. |
Definition at line 4350 of file CryptLib.c.
Set peer certificate verification mode for the TLS connection.
This function sets the verification mode flags for the TLS connection.
| [in] | Tls | Pointer to the TLS object. |
| [in] | VerifyMode | A set of logically or'ed verification mode flags. |
Definition at line 4137 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetVerifyHost | ( | IN VOID * | Tls, |
| IN UINT32 | Flags, | ||
| IN CHAR8 * | HostName | ||
| ) |
Set the specified host name to be verified.
| [in] | Tls | Pointer to the TLS object. |
| [in] | Flags | The setting flags during the validation. |
| [in] | HostName | The specified host name to be verified. |
| EFI_SUCCESS | The HostName setting was set successfully. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_ABORTED | Invalid HostName setting. |
Definition at line 4159 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsSetVersion | ( | IN VOID * | Tls, |
| IN UINT8 | MajorVer, | ||
| IN UINT8 | MinorVer | ||
| ) |
Set a new TLS/SSL method for a particular TLS object.
This function sets a new TLS/SSL method for a particular TLS object.
| [in] | Tls | Pointer to a TLS object. |
| [in] | MajorVer | Major Version of TLS/SSL Protocol. |
| [in] | MinorVer | Minor Version of TLS/SSL Protocol. |
| EFI_SUCCESS | The TLS/SSL method was set successfully. |
| EFI_INVALID_PARAMETER | The parameter is invalid. |
| EFI_UNSUPPORTED | Unsupported TLS/SSL method. |
Definition at line 4044 of file CryptLib.c.
| EFI_STATUS EFIAPI TlsShutdown | ( | IN VOID * | Tls | ) |
Shutdown a TLS connection.
Shutdown the TLS connection without releasing the resources, meaning a new connection can be started without calling TlsNew() and without setting certificates etc.
| [in] | Tls | Pointer to the TLS object to shutdown. |
| EFI_SUCCESS | The TLS is shutdown successfully. |
| EFI_INVALID_PARAMETER | Tls is NULL. |
| EFI_PROTOCOL_ERROR | Some other error occurred. |
Definition at line 4021 of file CryptLib.c.
Attempts to write data to a TLS connection.
This function tries to write BufferSize bytes data from the Buffer into the specified TLS connection.
| [in] | Tls | Pointer to the TLS connection for data writing. |
| [in] | Buffer | Pointer to the data buffer. |
| [in] | BufferSize | The size of Buffer in bytes. |
| >0 | The write operation was successful, and return value is the number of bytes actually written to the TLS connection. |
| <=0 | The write operation was not successful. |
Definition at line 3997 of file CryptLib.c.
1.9.6