TianoCore EDK2 master
Loading...
Searching...
No Matches
TlsProcess.c
Go to the documentation of this file.
1
11#include "InternalTlsLib.h"
12
13#define MAX_BUFFER_SIZE 32768
14
26BOOLEAN
27EFIAPI
28TlsInHandshake (
29 IN VOID *Tls
30 )
31{
32 TLS_CONNECTION *TlsConn;
33
34 TlsConn = (TLS_CONNECTION *)Tls;
35 if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
36 return FALSE;
37 }
38
39 //
40 // Return the status which indicates if the TLS handshake was done.
41 //
42 return !SSL_is_init_finished (TlsConn->Ssl);
43}
44
71EFI_STATUS
72EFIAPI
73TlsDoHandshake (
74 IN VOID *Tls,
75 IN UINT8 *BufferIn OPTIONAL,
76 IN UINTN BufferInSize OPTIONAL,
77 OUT UINT8 *BufferOut OPTIONAL,
78 IN OUT UINTN *BufferOutSize
79 )
80{
81 TLS_CONNECTION *TlsConn;
82 UINTN PendingBufferSize;
83 INTN Ret;
84
85 TlsConn = (TLS_CONNECTION *)Tls;
86 PendingBufferSize = 0;
87 Ret = 1;
88
89 if ((TlsConn == NULL) || \
90 (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
91 (BufferOutSize == NULL) || \
92 ((BufferIn == NULL) && (BufferInSize != 0)) || \
93 ((BufferIn != NULL) && (BufferInSize == 0)) || \
94 ((BufferOut == NULL) && (*BufferOutSize != 0)))
95 {
96 return EFI_INVALID_PARAMETER;
97 }
98
99 if ((BufferIn == NULL) && (BufferInSize == 0)) {
100 //
101 // If RequestBuffer is NULL and RequestSize is 0, and TLS session
102 // status is EfiTlsSessionNotStarted, the TLS session will be initiated
103 // and the response packet needs to be ClientHello.
104 //
105 PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
106 if (PendingBufferSize == 0) {
107 SSL_set_connect_state (TlsConn->Ssl);
108 Ret = SSL_do_handshake (TlsConn->Ssl);
109 PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
110 }
111 } else {
112 PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
113 if (PendingBufferSize == 0) {
114 BIO_write (TlsConn->InBio, BufferIn, (UINT32)BufferInSize);
115 Ret = SSL_do_handshake (TlsConn->Ssl);
116 PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
117 }
118 }
119
120 if (Ret < 1) {
121 Ret = SSL_get_error (TlsConn->Ssl, (int)Ret);
122 if ((Ret == SSL_ERROR_SSL) ||
123 (Ret == SSL_ERROR_SYSCALL) ||
124 (Ret == SSL_ERROR_ZERO_RETURN))
125 {
126 DEBUG ((
127 DEBUG_ERROR,
128 "%a SSL_HANDSHAKE_ERROR State=0x%x SSL_ERROR_%a\n",
129 __func__,
130 SSL_get_state (TlsConn->Ssl),
131 Ret == SSL_ERROR_SSL ? "SSL" : Ret == SSL_ERROR_SYSCALL ? "SYSCALL" : "ZERO_RETURN"
132 ));
133 DEBUG_CODE_BEGIN ();
134 while (TRUE) {
135 unsigned long ErrorCode;
136 const char *Func;
137 const char *Data;
138
139 ErrorCode = ERR_get_error_all (NULL, NULL, &Func, &Data, NULL);
140 if (ErrorCode == 0) {
141 break;
142 }
143
144 DEBUG ((
145 DEBUG_ERROR,
146 "%a ERROR 0x%x=L%x:R%x %a(): %a\n",
147 __func__,
148 ErrorCode,
149 ERR_GET_LIB (ErrorCode),
150 ERR_GET_REASON (ErrorCode),
151 Func,
152 Data
153 ));
154 }
155
156 DEBUG_CODE_END ();
157 return EFI_ABORTED;
158 }
159 }
160
161 if (PendingBufferSize > *BufferOutSize) {
162 *BufferOutSize = PendingBufferSize;
163 return EFI_BUFFER_TOO_SMALL;
164 }
165
166 if (PendingBufferSize > 0) {
167 *BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32)PendingBufferSize);
168 } else {
169 *BufferOutSize = 0;
170 }
171
172 return EFI_SUCCESS;
173}
174
200EFI_STATUS
201EFIAPI
202TlsHandleAlert (
203 IN VOID *Tls,
204 IN UINT8 *BufferIn OPTIONAL,
205 IN UINTN BufferInSize OPTIONAL,
206 OUT UINT8 *BufferOut OPTIONAL,
207 IN OUT UINTN *BufferOutSize
208 )
209{
210 TLS_CONNECTION *TlsConn;
211 UINTN PendingBufferSize;
212 UINT8 *TempBuffer;
213 INTN Ret;
214
215 TlsConn = (TLS_CONNECTION *)Tls;
216 PendingBufferSize = 0;
217 TempBuffer = NULL;
218 Ret = 0;
219
220 if ((TlsConn == NULL) || \
221 (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
222 (BufferOutSize == NULL) || \
223 ((BufferIn == NULL) && (BufferInSize != 0)) || \
224 ((BufferIn != NULL) && (BufferInSize == 0)) || \
225 ((BufferOut == NULL) && (*BufferOutSize != 0)))
226 {
227 return EFI_INVALID_PARAMETER;
228 }
229
230 PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
231 if ((PendingBufferSize == 0) && (BufferIn != NULL) && (BufferInSize != 0)) {
232 Ret = BIO_write (TlsConn->InBio, BufferIn, (UINT32)BufferInSize);
233 if (Ret != (INTN)BufferInSize) {
234 return EFI_ABORTED;
235 }
236
237 TempBuffer = (UINT8 *)OPENSSL_malloc (MAX_BUFFER_SIZE);
238
239 //
240 // ssl3_send_alert() will be called in ssl3_read_bytes() function.
241 // TempBuffer is invalid since it's a Alert message, so just ignore it.
242 //
243 SSL_read (TlsConn->Ssl, TempBuffer, MAX_BUFFER_SIZE);
244
245 OPENSSL_free (TempBuffer);
246
247 PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
248 }
249
250 if (PendingBufferSize > *BufferOutSize) {
251 *BufferOutSize = PendingBufferSize;
252 return EFI_BUFFER_TOO_SMALL;
253 }
254
255 if (PendingBufferSize > 0) {
256 *BufferOutSize = BIO_read (TlsConn->OutBio, BufferOut, (UINT32)PendingBufferSize);
257 } else {
258 *BufferOutSize = 0;
259 }
260
261 return EFI_SUCCESS;
262}
263
282EFI_STATUS
283EFIAPI
284TlsCloseNotify (
285 IN VOID *Tls,
286 IN OUT UINT8 *Buffer,
287 IN OUT UINTN *BufferSize
288 )
289{
290 TLS_CONNECTION *TlsConn;
291 UINTN PendingBufferSize;
292
293 TlsConn = (TLS_CONNECTION *)Tls;
294 PendingBufferSize = 0;
295
296 if ((TlsConn == NULL) || \
297 (TlsConn->Ssl == NULL) || (TlsConn->InBio == NULL) || (TlsConn->OutBio == NULL) || \
298 (BufferSize == NULL) || \
299 ((Buffer == NULL) && (*BufferSize != 0)))
300 {
301 return EFI_INVALID_PARAMETER;
302 }
303
304 PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
305 if (PendingBufferSize == 0) {
306 //
307 // ssl3_send_alert() and ssl3_dispatch_alert() function will be called.
308 //
309 SSL_shutdown (TlsConn->Ssl);
310 PendingBufferSize = (UINTN)BIO_ctrl_pending (TlsConn->OutBio);
311 }
312
313 if (PendingBufferSize > *BufferSize) {
314 *BufferSize = PendingBufferSize;
315 return EFI_BUFFER_TOO_SMALL;
316 }
317
318 if (PendingBufferSize > 0) {
319 *BufferSize = BIO_read (TlsConn->OutBio, Buffer, (UINT32)PendingBufferSize);
320 } else {
321 *BufferSize = 0;
322 }
323
324 return EFI_SUCCESS;
325}
326
341INTN
342EFIAPI
343TlsCtrlTrafficOut (
344 IN VOID *Tls,
345 IN OUT VOID *Buffer,
346 IN UINTN BufferSize
347 )
348{
349 TLS_CONNECTION *TlsConn;
350
351 TlsConn = (TLS_CONNECTION *)Tls;
352 if ((TlsConn == NULL) || (TlsConn->OutBio == 0)) {
353 return -1;
354 }
355
356 //
357 // Read and return the amount of data from the BIO.
358 //
359 return BIO_read (TlsConn->OutBio, Buffer, (UINT32)BufferSize);
360}
361
376INTN
377EFIAPI
378TlsCtrlTrafficIn (
379 IN VOID *Tls,
380 IN VOID *Buffer,
381 IN UINTN BufferSize
382 )
383{
384 TLS_CONNECTION *TlsConn;
385
386 TlsConn = (TLS_CONNECTION *)Tls;
387 if ((TlsConn == NULL) || (TlsConn->InBio == 0)) {
388 return -1;
389 }
390
391 //
392 // Write and return the amount of data to the BIO.
393 //
394 return BIO_write (TlsConn->InBio, Buffer, (UINT32)BufferSize);
395}
396
412INTN
413EFIAPI
414TlsRead (
415 IN VOID *Tls,
416 IN OUT VOID *Buffer,
417 IN UINTN BufferSize
418 )
419{
420 TLS_CONNECTION *TlsConn;
421
422 TlsConn = (TLS_CONNECTION *)Tls;
423 if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
424 return -1;
425 }
426
427 //
428 // Read bytes from the specified TLS connection.
429 //
430 return SSL_read (TlsConn->Ssl, Buffer, (UINT32)BufferSize);
431}
432
448INTN
449EFIAPI
450TlsWrite (
451 IN VOID *Tls,
452 IN VOID *Buffer,
453 IN UINTN BufferSize
454 )
455{
456 TLS_CONNECTION *TlsConn;
457
458 TlsConn = (TLS_CONNECTION *)Tls;
459 if ((TlsConn == NULL) || (TlsConn->Ssl == NULL)) {
460 return -1;
461 }
462
463 //
464 // Write bytes to the specified TLS connection.
465 //
466 return SSL_write (TlsConn->Ssl, Buffer, (UINT32)BufferSize);
467}
468
482EFI_STATUS
483EFIAPI
484TlsShutdown (
485 IN VOID *Tls
486 )
487{
488 TLS_CONNECTION *TlsConn;
489
490 TlsConn = (TLS_CONNECTION *)Tls;
491
492 if ((TlsConn == NULL) || ((TlsConn->Ssl) == NULL)) {
493 return EFI_INVALID_PARAMETER;
494 }
495
496 SSL_set_quiet_shutdown (TlsConn->Ssl, 1);
497 SSL_shutdown (TlsConn->Ssl);
498 return SSL_clear (TlsConn->Ssl) == 1 ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
499}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
INTN
INT64 INTN
Definition: ProcessorBind.h:118
NULL
#define NULL
Definition: Base.h:319
TRUE
#define TRUE
Definition: Base.h:301
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
OUT
#define OUT
Definition: Base.h:284
DEBUG_CODE_BEGIN
#define DEBUG_CODE_BEGIN()
Definition: DebugLib.h:564
DEBUG
#define DEBUG(Expression)
Definition: DebugLib.h:434
DEBUG_CODE_END
#define DEBUG_CODE_END()
Definition: DebugLib.h:578
TlsDoHandshake
EFI_STATUS EFIAPI TlsDoHandshake(IN VOID *Tls, IN UINT8 *BufferIn OPTIONAL, IN UINTN BufferInSize OPTIONAL, OUT UINT8 *BufferOut OPTIONAL, IN OUT UINTN *BufferOutSize)
Definition: TlsProcess.c:73
TlsCtrlTrafficIn
INTN EFIAPI TlsCtrlTrafficIn(IN VOID *Tls, IN VOID *Buffer, IN UINTN BufferSize)
Definition: TlsProcess.c:378
TlsCtrlTrafficOut
INTN EFIAPI TlsCtrlTrafficOut(IN VOID *Tls, IN OUT VOID *Buffer, IN UINTN BufferSize)
Definition: TlsProcess.c:343
TlsRead
INTN EFIAPI TlsRead(IN VOID *Tls, IN OUT VOID *Buffer, IN UINTN BufferSize)
Definition: TlsProcess.c:414
TlsShutdown
EFI_STATUS EFIAPI TlsShutdown(IN VOID *Tls)
Definition: TlsProcess.c:484
TlsInHandshake
BOOLEAN EFIAPI TlsInHandshake(IN VOID *Tls)
Definition: TlsProcess.c:28
TlsHandleAlert
EFI_STATUS EFIAPI TlsHandleAlert(IN VOID *Tls, IN UINT8 *BufferIn OPTIONAL, IN UINTN BufferInSize OPTIONAL, OUT UINT8 *BufferOut OPTIONAL, IN OUT UINTN *BufferOutSize)
Definition: TlsProcess.c:202
TlsCloseNotify
EFI_STATUS EFIAPI TlsCloseNotify(IN VOID *Tls, IN OUT UINT8 *Buffer, IN OUT UINTN *BufferSize)
Definition: TlsProcess.c:284
TlsWrite
INTN EFIAPI TlsWrite(IN VOID *Tls, IN VOID *Buffer, IN UINTN BufferSize)
Definition: TlsProcess.c:450
EFI_STATUS
RETURN_STATUS EFI_STATUS
Definition: UefiBaseType.h:29
EFI_SUCCESS
#define EFI_SUCCESS
Definition: UefiBaseType.h:112
TLS_CONNECTION
Definition: InternalTlsLib.h:28