diff options
| author | Jiaxin Wu <jiaxin.wu@intel.com> | 2016-12-14 10:54:32 +0800 |
|---|---|---|
| committer | Jiaxin Wu <jiaxin.wu@intel.com> | 2016-12-22 20:33:35 +0800 |
| commit | 9d0fa533dd0136a06d076bc6eee1462499a4a936 (patch) | |
| tree | 4456b3103d16bb2da9750c29af391bbe19cd792c /NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h | |
| parent | 7e1f2209b03fdc51ba506686f74cfcb491b23ec3 (diff) | |
| download | edk2-platforms-9d0fa533dd0136a06d076bc6eee1462499a4a936.tar.xz | |
NetworkPkg/TlsAuthConfigDxe: Provide the UI to support TLS auth configuration
This patch provides the UI to support TLS auth configuration.
* EFI_SIGNATURE_LIST format is used for 'TlsCaCertificate'
variable. So, TLS supports multiple certificate configuration.
* The variable attribute is BS with NV, which only target at
preventing runtime phase attack.
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Diffstat (limited to 'NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h')
| -rw-r--r-- | NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h new file mode 100644 index 0000000000..f453201cb7 --- /dev/null +++ b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigNvData.h @@ -0,0 +1,49 @@ +/** @file + Header file for NV data structure definition. + +Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> +This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef __TLS_AUTH_CONFIG_NV_DATA_H__ +#define __TLS_AUTH_CONFIG_NV_DATA_H__ + +#include <Guid/TlsAuthConfigHii.h> + +#define TLS_AUTH_CONFIG_GUID_SIZE 36 +#define TLS_AUTH_CONFIG_GUID_STORAGE_SIZE 37 + +#define TLS_AUTH_CONFIG_FORMID1_FORM 1 +#define TLS_AUTH_CONFIG_FORMID2_FORM 2 +#define TLS_AUTH_CONFIG_FORMID3_FORM 3 +#define TLS_AUTH_CONFIG_FORMID4_FORM 4 +#define TLS_AUTH_CONFIG_FORMID5_FORM 5 + + +#define KEY_TLS_AUTH_CONFIG_SERVER_CA 0x1000 +#define KEY_TLS_AUTH_CONFIG_CLIENT_CERT 0x1001 +#define KEY_TLS_AUTH_CONFIG_ENROLL_CERT 0x1002 +#define KEY_TLS_AUTH_CONFIG_DELETE_CERT 0x1003 +#define KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE 0x1004 +#define KEY_TLS_AUTH_CONFIG_CERT_GUID 0x1005 +#define KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT 0x1006 +#define KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT 0x1007 + +#define OPTION_DEL_CA_ESTION_ID 0x2000 +#define OPTION_CONFIG_RANGE 0x1000 + +#define LABEL_CA_DELETE 0x1101 +#define LABEL_END 0xffff + +typedef struct { + CHAR16 CertGuid[TLS_AUTH_CONFIG_GUID_STORAGE_SIZE]; +} TLS_AUTH_CONFIG_IFR_NVDATA; + +#endif |