From 9d0fa533dd0136a06d076bc6eee1462499a4a936 Mon Sep 17 00:00:00 2001 From: Jiaxin Wu Date: Wed, 14 Dec 2016 10:54:32 +0800 Subject: NetworkPkg/TlsAuthConfigDxe: Provide the UI to support TLS auth configuration This patch provides the UI to support TLS auth configuration. * EFI_SIGNATURE_LIST format is used for 'TlsCaCertificate' variable. So, TLS supports multiple certificate configuration. * The variable attribute is BS with NV, which only target at preventing runtime phase attack. Cc: Ye Ting Cc: Fu Siyuan Cc: Zhang Lubo Cc: Long Qin Cc: Thomas Palmer Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin Reviewed-by: Fu Siyuan Reviewed-by: Ye Ting --- NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c | 135 +++++++++++++++++++++++++ 1 file changed, 135 insertions(+) create mode 100644 NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c (limited to 'NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c') diff --git a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c new file mode 100644 index 0000000000..647bc2f01b --- /dev/null +++ b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.c @@ -0,0 +1,135 @@ +/** @file + The DriverEntryPoint for TlsAuthConfigDxe driver. + + Copyright (c) 2016, Intel Corporation. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php. + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include "TlsAuthConfigImpl.h" + +/** + Unloads an image. + + @param ImageHandle Handle that identifies the image to be unloaded. + + @retval EFI_SUCCESS The image has been unloaded. + @retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle. + +**/ +EFI_STATUS +EFIAPI +TlsAuthConfigDxeUnload ( + IN EFI_HANDLE ImageHandle + ) +{ + EFI_STATUS Status; + TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData; + + Status = gBS->HandleProtocol ( + ImageHandle, + &gEfiCallerIdGuid, + (VOID **) &PrivateData + ); + if (EFI_ERROR (Status)) { + return Status; + } + + ASSERT (PrivateData->Signature == TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE); + + gBS->UninstallMultipleProtocolInterfaces ( + &ImageHandle, + &gEfiCallerIdGuid, + PrivateData, + NULL + ); + + TlsAuthConfigFormUnload (PrivateData); + + return EFI_SUCCESS; +} + +/** + This is the declaration of an EFI image entry point. This entry point is + the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including + both device drivers and bus drivers. + + @param ImageHandle The firmware allocated handle for the UEFI image. + @param SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The operation completed successfully. + @retval Others An unexpected error occurred. +**/ +EFI_STATUS +EFIAPI +TlsAuthConfigDxeDriverEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData; + + PrivateData = NULL; + + // + // If already started, return. + // + Status = gBS->OpenProtocol ( + ImageHandle, + &gEfiCallerIdGuid, + NULL, + ImageHandle, + ImageHandle, + EFI_OPEN_PROTOCOL_TEST_PROTOCOL + ); + if (!EFI_ERROR (Status)) { + return EFI_ALREADY_STARTED; + } + + // + // Initialize the private data structure. + // + PrivateData = AllocateZeroPool (sizeof (TLS_AUTH_CONFIG_PRIVATE_DATA)); + if (PrivateData == NULL) { + return EFI_OUT_OF_RESOURCES; + } + + // + // Initialize the HII configuration form. + // + Status = TlsAuthConfigFormInit (PrivateData); + if (EFI_ERROR (Status)) { + goto ON_ERROR; + } + + // + // Install private GUID. + // + Status = gBS->InstallMultipleProtocolInterfaces ( + &ImageHandle, + &gEfiCallerIdGuid, + PrivateData, + NULL + ); + if (EFI_ERROR (Status)) { + goto ON_ERROR; + } + + return EFI_SUCCESS; + +ON_ERROR: + TlsAuthConfigFormUnload (PrivateData); + FreePool (PrivateData); + + return Status; +} + -- cgit v1.2.3