TlsAuthConfigImpl.c

最後變更在這個檔案是 99404,由 vboxsync 提交於 2 年前
Devices/EFI/FirmwareNew: Update to edk2-stable202302 and make it build, bugref:4643
屬性 svn:eol-style 設為 `native`
檔案大小: 45.1 KB

行
1	/** @file
2	The Miscellaneous Routines for TlsAuthConfigDxe driver.
3
4	Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
5
6	SPDX-License-Identifier: BSD-2-Clause-Patent
7
8	**/
9
10	#include "TlsAuthConfigImpl.h"
11
12	VOID *mStartOpCodeHandle = NULL;
13	VOID *mEndOpCodeHandle = NULL;
14	EFI_IFR_GUID_LABEL *mStartLabel = NULL;
15	EFI_IFR_GUID_LABEL *mEndLabel = NULL;
16
17	CHAR16 mTlsAuthConfigStorageName[] = L"TLS_AUTH_CONFIG_IFR_NVDATA";
18
19	TLS_AUTH_CONFIG_PRIVATE_DATA *mTlsAuthPrivateData = NULL;
20
21	HII_VENDOR_DEVICE_PATH mTlsAuthConfigHiiVendorDevicePath = {
22	{
23	{
24	HARDWARE_DEVICE_PATH,
25	HW_VENDOR_DP,
26	{
27	(UINT8)(sizeof (VENDOR_DEVICE_PATH)),
28	(UINT8)((sizeof (VENDOR_DEVICE_PATH)) >> 8)
29	}
30	},
31	TLS_AUTH_CONFIG_GUID
32	},
33	{
34	END_DEVICE_PATH_TYPE,
35	END_ENTIRE_DEVICE_PATH_SUBTYPE,
36	{
37	(UINT8)(END_DEVICE_PATH_LENGTH),
38	(UINT8)((END_DEVICE_PATH_LENGTH) >> 8)
39	}
40	}
41	};
42
43	//
44	// Possible DER-encoded certificate file suffixes, end with NULL pointer.
45	//
46	CHAR16 *mDerPemEncodedSuffix[] = {
47	L".cer",
48	L".der",
49	L".crt",
50	L".pem",
51	NULL
52	};
53
54	/**
55	This code checks if the FileSuffix is one of the possible DER/PEM-encoded certificate suffix.
56
57	@param[in] FileSuffix The suffix of the input certificate file
58
59	@retval TRUE It's a DER/PEM-encoded certificate.
60	@retval FALSE It's NOT a DER/PEM-encoded certificate.
61
62	**/
63	BOOLEAN
64	IsDerPemEncodeCertificate (
65	IN CONST CHAR16 *FileSuffix
66	)
67	{
68	UINTN Index;
69
70	for (Index = 0; mDerPemEncodedSuffix[Index] != NULL; Index++) {
71	if (StrCmp (FileSuffix, mDerPemEncodedSuffix[Index]) == 0) {
72	return TRUE;
73	}
74	}
75
76	return FALSE;
77	}
78
79	/**
80	Worker function that prints an EFI_GUID into specified Buffer.
81
82	@param[in] Guid Pointer to GUID to print.
83	@param[in] Buffer Buffer to print Guid into.
84	@param[in] BufferSize Size of Buffer.
85
86	@retval Number of characters printed.
87
88	**/
89	UINTN
90	GuidToString (
91	IN EFI_GUID *Guid,
92	IN CHAR16 *Buffer,
93	IN UINTN BufferSize
94	)
95	{
96	return UnicodeSPrint (
97	Buffer,
98	BufferSize,
99	L"%g",
100	Guid
101	);
102	}
103
104	/**
105	List all cert in specified database by GUID in the page
106	for user to select and delete as needed.
107
108	@param[in] PrivateData Module's private data.
109	@param[in] VariableName The variable name of the vendor's signature database.
110	@param[in] VendorGuid A unique identifier for the vendor.
111	@param[in] LabelNumber Label number to insert opcodes.
112	@param[in] FormId Form ID of current page.
113	@param[in] QuestionIdBase Base question id of the signature list.
114
115	@retval EFI_SUCCESS Success to update the signature list page
116	@retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
117
118	**/
119	EFI_STATUS
120	UpdateDeletePage (
121	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
122	IN CHAR16 *VariableName,
123	IN EFI_GUID *VendorGuid,
124	IN UINT16 LabelNumber,
125	IN EFI_FORM_ID FormId,
126	IN EFI_QUESTION_ID QuestionIdBase
127	)
128	{
129	EFI_STATUS Status;
130	UINT32 Index;
131	UINTN CertCount;
132	UINTN GuidIndex;
133	VOID *StartOpCodeHandle;
134	VOID *EndOpCodeHandle;
135	EFI_IFR_GUID_LABEL *StartLabel;
136	EFI_IFR_GUID_LABEL *EndLabel;
137	UINTN DataSize;
138	UINT8 *Data;
139	EFI_SIGNATURE_LIST *CertList;
140	EFI_SIGNATURE_DATA *Cert;
141	UINT32 ItemDataSize;
142	CHAR16 *GuidStr;
143	EFI_STRING_ID GuidID;
144	EFI_STRING_ID Help;
145
146	Data = NULL;
147	CertList = NULL;
148	Cert = NULL;
149	GuidStr = NULL;
150	StartOpCodeHandle = NULL;
151	EndOpCodeHandle = NULL;
152
153	//
154	// Initialize the container for dynamic opcodes.
155	//
156	StartOpCodeHandle = HiiAllocateOpCodeHandle ();
157	if (StartOpCodeHandle == NULL) {
158	Status = EFI_OUT_OF_RESOURCES;
159	goto ON_EXIT;
160	}
161
162	EndOpCodeHandle = HiiAllocateOpCodeHandle ();
163	if (EndOpCodeHandle == NULL) {
164	Status = EFI_OUT_OF_RESOURCES;
165	goto ON_EXIT;
166	}
167
168	//
169	// Create Hii Extend Label OpCode.
170	//
171	StartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
172	StartOpCodeHandle,
173	&gEfiIfrTianoGuid,
174	NULL,
175	sizeof (EFI_IFR_GUID_LABEL)
176	);
177	StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
178	StartLabel->Number = LabelNumber;
179
180	EndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
181	EndOpCodeHandle,
182	&gEfiIfrTianoGuid,
183	NULL,
184	sizeof (EFI_IFR_GUID_LABEL)
185	);
186	EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
187	EndLabel->Number = LABEL_END;
188
189	//
190	// Read Variable.
191	//
192	DataSize = 0;
193	Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
194	if (EFI_ERROR (Status) && (Status != EFI_BUFFER_TOO_SMALL)) {
195	goto ON_EXIT;
196	}
197
198	Data = (UINT8 *)AllocateZeroPool (DataSize);
199	if (Data == NULL) {
200	Status = EFI_OUT_OF_RESOURCES;
201	goto ON_EXIT;
202	}
203
204	Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
205	if (EFI_ERROR (Status)) {
206	goto ON_EXIT;
207	}
208
209	GuidStr = AllocateZeroPool (100);
210	if (GuidStr == NULL) {
211	Status = EFI_OUT_OF_RESOURCES;
212	goto ON_EXIT;
213	}
214
215	//
216	// Enumerate all data.
217	//
218	ItemDataSize = (UINT32)DataSize;
219	CertList = (EFI_SIGNATURE_LIST *)Data;
220	GuidIndex = 0;
221
222	while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
223	if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
224	Help = STRING_TOKEN (STR_CERT_TYPE_PCKS_GUID);
225	} else {
226	//
227	// The signature type is not supported in current implementation.
228	//
229	ItemDataSize -= CertList->SignatureListSize;
230	CertList = (EFI_SIGNATURE_LIST )((UINT8 )CertList + CertList->SignatureListSize);
231	continue;
232	}
233
234	CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
235	for (Index = 0; Index < CertCount; Index++) {
236	Cert = (EFI_SIGNATURE_DATA )((UINT8 )CertList
237	+ sizeof (EFI_SIGNATURE_LIST)
238	+ CertList->SignatureHeaderSize
239	+ Index * CertList->SignatureSize);
240	//
241	// Display GUID and help
242	//
243	GuidToString (&Cert->SignatureOwner, GuidStr, 100);
244	GuidID = HiiSetString (Private->RegisteredHandle, 0, GuidStr, NULL);
245	HiiCreateCheckBoxOpCode (
246	StartOpCodeHandle,
247	(EFI_QUESTION_ID)(QuestionIdBase + GuidIndex++),
248	0,
249	0,
250	GuidID,
251	Help,
252	EFI_IFR_FLAG_CALLBACK,
253	0,
254	NULL
255	);
256	}
257
258	ItemDataSize -= CertList->SignatureListSize;
259	CertList = (EFI_SIGNATURE_LIST )((UINT8 )CertList + CertList->SignatureListSize);
260	}
261
262	ON_EXIT:
263	HiiUpdateForm (
264	Private->RegisteredHandle,
265	&gTlsAuthConfigGuid,
266	FormId,
267	StartOpCodeHandle,
268	EndOpCodeHandle
269	);
270
271	if (StartOpCodeHandle != NULL) {
272	HiiFreeOpCodeHandle (StartOpCodeHandle);
273	}
274
275	if (EndOpCodeHandle != NULL) {
276	HiiFreeOpCodeHandle (EndOpCodeHandle);
277	}
278
279	if (Data != NULL) {
280	FreePool (Data);
281	}
282
283	if (GuidStr != NULL) {
284	FreePool (GuidStr);
285	}
286
287	return EFI_SUCCESS;
288	}
289
290	/**
291	Delete one entry from cert database.
292
293	@param[in] Private Module's private data.
294	@param[in] VariableName The variable name of the database.
295	@param[in] VendorGuid A unique identifier for the vendor.
296	@param[in] LabelNumber Label number to insert opcodes.
297	@param[in] FormId Form ID of current page.
298	@param[in] QuestionIdBase Base question id of the cert list.
299	@param[in] DeleteIndex Cert index to delete.
300
301	@retval EFI_SUCCESS Delete signature successfully.
302	@retval EFI_NOT_FOUND Can't find the signature item,
303	@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
304	**/
305	EFI_STATUS
306	DeleteCert (
307	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
308	IN CHAR16 *VariableName,
309	IN EFI_GUID *VendorGuid,
310	IN UINT16 LabelNumber,
311	IN EFI_FORM_ID FormId,
312	IN EFI_QUESTION_ID QuestionIdBase,
313	IN UINTN DeleteIndex
314	)
315	{
316	EFI_STATUS Status;
317	UINTN DataSize;
318	UINT8 *Data;
319	UINT8 *OldData;
320	UINT32 Attr;
321	UINT32 Index;
322	EFI_SIGNATURE_LIST *CertList;
323	EFI_SIGNATURE_LIST *NewCertList;
324	EFI_SIGNATURE_DATA *Cert;
325	UINTN CertCount;
326	UINT32 Offset;
327	BOOLEAN IsItemFound;
328	UINT32 ItemDataSize;
329	UINTN GuidIndex;
330
331	Data = NULL;
332	OldData = NULL;
333	CertList = NULL;
334	Cert = NULL;
335	Attr = 0;
336
337	//
338	// Get original signature list data.
339	//
340	DataSize = 0;
341	Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);
342	if (EFI_ERROR (Status) && (Status != EFI_BUFFER_TOO_SMALL)) {
343	goto ON_EXIT;
344	}
345
346	OldData = (UINT8 *)AllocateZeroPool (DataSize);
347	if (OldData == NULL) {
348	Status = EFI_OUT_OF_RESOURCES;
349	goto ON_EXIT;
350	}
351
352	Status = gRT->GetVariable (VariableName, VendorGuid, &Attr, &DataSize, OldData);
353	if (EFI_ERROR (Status)) {
354	goto ON_EXIT;
355	}
356
357	//
358	// Allocate space for new variable.
359	//
360	Data = (UINT8 *)AllocateZeroPool (DataSize);
361	if (Data == NULL) {
362	Status = EFI_OUT_OF_RESOURCES;
363	goto ON_EXIT;
364	}
365
366	//
367	// Enumerate all data and erasing the target item.
368	//
369	IsItemFound = FALSE;
370	ItemDataSize = (UINT32)DataSize;
371	CertList = (EFI_SIGNATURE_LIST *)OldData;
372	Offset = 0;
373	GuidIndex = 0;
374	while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
375	if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
376	//
377	// Copy EFI_SIGNATURE_LIST header then calculate the signature count in this list.
378	//
379	CopyMem (Data + Offset, CertList, (sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));
380	NewCertList = (EFI_SIGNATURE_LIST *)(Data + Offset);
381	Offset += (sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
382	Cert = (EFI_SIGNATURE_DATA )((UINT8 )CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
383	CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
384	for (Index = 0; Index < CertCount; Index++) {
385	if (GuidIndex == DeleteIndex) {
386	//
387	// Find it! Skip it!
388	//
389	NewCertList->SignatureListSize -= CertList->SignatureSize;
390	IsItemFound = TRUE;
391	} else {
392	//
393	// This item doesn't match. Copy it to the Data buffer.
394	//
395	CopyMem (Data + Offset, (UINT8 *)(Cert), CertList->SignatureSize);
396	Offset += CertList->SignatureSize;
397	}
398
399	GuidIndex++;
400	Cert = (EFI_SIGNATURE_DATA )((UINT8 )Cert + CertList->SignatureSize);
401	}
402	} else {
403	//
404	// This List doesn't match. Just copy it to the Data buffer.
405	//
406	CopyMem (Data + Offset, (UINT8 *)(CertList), CertList->SignatureListSize);
407	Offset += CertList->SignatureListSize;
408	}
409
410	ItemDataSize -= CertList->SignatureListSize;
411	CertList = (EFI_SIGNATURE_LIST )((UINT8 )CertList + CertList->SignatureListSize);
412	}
413
414	if (!IsItemFound) {
415	//
416	// Doesn't find the signature Item!
417	//
418	Status = EFI_NOT_FOUND;
419	goto ON_EXIT;
420	}
421
422	//
423	// Delete the EFI_SIGNATURE_LIST header if there is no signature in the list.
424	//
425	ItemDataSize = Offset;
426	CertList = (EFI_SIGNATURE_LIST *)Data;
427	Offset = 0;
428	ZeroMem (OldData, ItemDataSize);
429	while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
430	CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
431	DEBUG ((DEBUG_INFO, " CertCount = %x\n", CertCount));
432	if (CertCount != 0) {
433	CopyMem (OldData + Offset, (UINT8 *)(CertList), CertList->SignatureListSize);
434	Offset += CertList->SignatureListSize;
435	}
436
437	ItemDataSize -= CertList->SignatureListSize;
438	CertList = (EFI_SIGNATURE_LIST )((UINT8 )CertList + CertList->SignatureListSize);
439	}
440
441	DataSize = Offset;
442
443	Status = gRT->SetVariable (
444	VariableName,
445	VendorGuid,
446	Attr,
447	DataSize,
448	OldData
449	);
450	if (EFI_ERROR (Status)) {
451	DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));
452	goto ON_EXIT;
453	}
454
455	ON_EXIT:
456	if (Data != NULL) {
457	FreePool (Data);
458	}
459
460	if (OldData != NULL) {
461	FreePool (OldData);
462	}
463
464	return UpdateDeletePage (
465	Private,
466	VariableName,
467	VendorGuid,
468	LabelNumber,
469	FormId,
470	QuestionIdBase
471	);
472	}
473
474	/**
475	Clean the file related resource.
476
477	@param[in] Private Module's private data.
478
479	**/
480	VOID
481	CleanFileContext (
482	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
483	)
484	{
485	if (Private->FileContext->FHandle != NULL) {
486	Private->FileContext->FHandle->Close (Private->FileContext->FHandle);
487	Private->FileContext->FHandle = NULL;
488	if (Private->FileContext->FileName != NULL) {
489	FreePool (Private->FileContext->FileName);
490	Private->FileContext->FileName = NULL;
491	}
492	}
493	}
494
495	/**
496	Read file content into BufferPtr, the size of the allocate buffer
497	is *FileSize plus AddtionAllocateSize.
498
499	@param[in] FileHandle The file to be read.
500	@param[in, out] BufferPtr Pointers to the pointer of allocated buffer.
501	@param[out] FileSize Size of input file
502	@param[in] AddtionAllocateSize Addtion size the buffer need to be allocated.
503	In case the buffer need to contain others besides the file content.
504
505	@retval EFI_SUCCESS The file was read into the buffer.
506	@retval EFI_INVALID_PARAMETER A parameter was invalid.
507	@retval EFI_OUT_OF_RESOURCES A memory allocation failed.
508	@retval others Unexpected error.
509
510	**/
511	EFI_STATUS
512	ReadFileContent (
513	IN EFI_FILE_HANDLE FileHandle,
514	IN OUT VOID **BufferPtr,
515	OUT UINTN *FileSize,
516	IN UINTN AddtionAllocateSize
517	)
518
519	{
520	UINTN BufferSize;
521	UINT64 SourceFileSize;
522	VOID *Buffer;
523	EFI_STATUS Status;
524
525	if ((FileHandle == NULL) \|\| (FileSize == NULL)) {
526	return EFI_INVALID_PARAMETER;
527	}
528
529	Buffer = NULL;
530
531	//
532	// Get the file size
533	//
534	Status = FileHandle->SetPosition (FileHandle, (UINT64)-1);
535	if (EFI_ERROR (Status)) {
536	goto ON_EXIT;
537	}
538
539	Status = FileHandle->GetPosition (FileHandle, &SourceFileSize);
540	if (EFI_ERROR (Status)) {
541	goto ON_EXIT;
542	}
543
544	Status = FileHandle->SetPosition (FileHandle, 0);
545	if (EFI_ERROR (Status)) {
546	goto ON_EXIT;
547	}
548
549	BufferSize = (UINTN)SourceFileSize + AddtionAllocateSize;
550	Buffer = AllocateZeroPool (BufferSize);
551	if (Buffer == NULL) {
552	return EFI_OUT_OF_RESOURCES;
553	}
554
555	BufferSize = (UINTN)SourceFileSize;
556	*FileSize = BufferSize;
557
558	Status = FileHandle->Read (FileHandle, &BufferSize, Buffer);
559	if (EFI_ERROR (Status) \|\| (BufferSize != *FileSize)) {
560	FreePool (Buffer);
561	Buffer = NULL;
562	Status = EFI_BAD_BUFFER_SIZE;
563	goto ON_EXIT;
564	}
565
566	ON_EXIT:
567
568	*BufferPtr = Buffer;
569	return Status;
570	}
571
572	/**
573	This function converts an input device structure to a Unicode string.
574
575	@param[in] DevPath A pointer to the device path structure.
576
577	@return A new allocated Unicode string that represents the device path.
578
579	**/
580	CHAR16 *
581	EFIAPI
582	DevicePathToStr (
583	IN EFI_DEVICE_PATH_PROTOCOL *DevPath
584	)
585	{
586	return ConvertDevicePathToText (
587	DevPath,
588	FALSE,
589	TRUE
590	);
591	}
592
593	/**
594	Extract filename from device path. The returned buffer is allocated using AllocateCopyPool.
595	The caller is responsible for freeing the allocated buffer using FreePool(). If return NULL
596	means not enough memory resource.
597
598	@param DevicePath Device path.
599
600	@retval NULL Not enough memory resource for AllocateCopyPool.
601	@retval Other A new allocated string that represents the file name.
602
603	**/
604	CHAR16 *
605	ExtractFileNameFromDevicePath (
606	IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
607	)
608	{
609	CHAR16 *String;
610	CHAR16 *MatchString;
611	CHAR16 *LastMatch;
612	CHAR16 *FileName;
613	UINTN Length;
614
615	ASSERT (DevicePath != NULL);
616
617	String = DevicePathToStr (DevicePath);
618	MatchString = String;
619	LastMatch = String;
620	FileName = NULL;
621
622	while (MatchString != NULL) {
623	LastMatch = MatchString + 1;
624	MatchString = StrStr (LastMatch, L"\\");
625	}
626
627	Length = StrLen (LastMatch);
628	FileName = AllocateCopyPool ((Length + 1) * sizeof (CHAR16), LastMatch);
629	if (FileName != NULL) {
630	*(FileName + Length) = 0;
631	}
632
633	FreePool (String);
634
635	return FileName;
636	}
637
638	/**
639	Enroll a new X509 certificate into Variable.
640
641	@param[in] PrivateData The module's private data.
642	@param[in] VariableName Variable name of CA database.
643
644	@retval EFI_SUCCESS New X509 is enrolled successfully.
645	@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
646
647	**/
648	EFI_STATUS
649	EnrollX509toVariable (
650	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
651	IN CHAR16 *VariableName
652	)
653	{
654	EFI_STATUS Status;
655	UINTN X509DataSize;
656	VOID *X509Data;
657	EFI_SIGNATURE_LIST *CACert;
658	EFI_SIGNATURE_DATA *CACertData;
659	VOID *Data;
660	UINTN DataSize;
661	UINTN SigDataSize;
662	UINT32 Attr;
663
664	X509DataSize = 0;
665	SigDataSize = 0;
666	DataSize = 0;
667	X509Data = NULL;
668	CACert = NULL;
669	CACertData = NULL;
670	Data = NULL;
671	Attr = 0;
672
673	Status = ReadFileContent (
674	Private->FileContext->FHandle,
675	&X509Data,
676	&X509DataSize,
677	0
678	);
679	if (EFI_ERROR (Status)) {
680	goto ON_EXIT;
681	}
682
683	ASSERT (X509Data != NULL);
684
685	SigDataSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + X509DataSize;
686
687	Data = AllocateZeroPool (SigDataSize);
688	if (Data == NULL) {
689	Status = EFI_OUT_OF_RESOURCES;
690	goto ON_EXIT;
691	}
692
693	//
694	// Fill Certificate Database parameters.
695	//
696	CACert = (EFI_SIGNATURE_LIST *)Data;
697	CACert->SignatureListSize = (UINT32)SigDataSize;
698	CACert->SignatureHeaderSize = 0;
699	CACert->SignatureSize = (UINT32)(sizeof (EFI_SIGNATURE_DATA) - 1 + X509DataSize);
700	CopyGuid (&CACert->SignatureType, &gEfiCertX509Guid);
701
702	CACertData = (EFI_SIGNATURE_DATA )((UINT8 )CACert + sizeof (EFI_SIGNATURE_LIST));
703	CopyGuid (&CACertData->SignatureOwner, Private->CertGuid);
704	CopyMem ((UINT8 *)(CACertData->SignatureData), X509Data, X509DataSize);
705
706	//
707	// Check if the signature database entry already exists. If it does, use the
708	// EFI_VARIABLE_APPEND_WRITE attribute to append the new signature data to
709	// the original variable, plus preserve the original variable attributes.
710	//
711	Status = gRT->GetVariable (
712	VariableName,
713	&gEfiTlsCaCertificateGuid,
714	&Attr,
715	&DataSize,
716	NULL
717	);
718	if (Status == EFI_BUFFER_TOO_SMALL) {
719	Attr \|= EFI_VARIABLE_APPEND_WRITE;
720	} else if (Status == EFI_NOT_FOUND) {
721	Attr = TLS_AUTH_CONFIG_VAR_BASE_ATTR;
722	} else {
723	goto ON_EXIT;
724	}
725
726	Status = gRT->SetVariable (
727	VariableName,
728	&gEfiTlsCaCertificateGuid,
729	Attr,
730	SigDataSize,
731	Data
732	);
733	if (EFI_ERROR (Status)) {
734	goto ON_EXIT;
735	}
736
737	ON_EXIT:
738	CleanFileContext (Private);
739
740	if (Private->CertGuid != NULL) {
741	FreePool (Private->CertGuid);
742	Private->CertGuid = NULL;
743	}
744
745	if (Data != NULL) {
746	FreePool (Data);
747	}
748
749	if (X509Data != NULL) {
750	FreePool (X509Data);
751	}
752
753	return Status;
754	}
755
756	/**
757	Enroll Cert into TlsCaCertificate. The GUID will be Private->CertGuid.
758
759	@param[in] PrivateData The module's private data.
760	@param[in] VariableName Variable name of signature database.
761
762	@retval EFI_SUCCESS New Cert enrolled successfully.
763	@retval EFI_INVALID_PARAMETER The parameter is invalid.
764	@retval EFI_UNSUPPORTED The Cert file is unsupported type.
765	@retval others Fail to enroll Cert data.
766
767	**/
768	EFI_STATUS
769	EnrollCertDatabase (
770	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
771	IN CHAR16 *VariableName
772	)
773	{
774	UINT16 *FilePostFix;
775	UINTN NameLength;
776
777	if ((Private->FileContext->FileName == NULL) \|\| (Private->FileContext->FHandle == NULL) \|\| (Private->CertGuid == NULL)) {
778	return EFI_INVALID_PARAMETER;
779	}
780
781	//
782	// Parse the file's postfix.
783	//
784	NameLength = StrLen (Private->FileContext->FileName);
785	if (NameLength <= 4) {
786	return EFI_INVALID_PARAMETER;
787	}
788
789	FilePostFix = Private->FileContext->FileName + NameLength - 4;
790
791	if (IsDerPemEncodeCertificate (FilePostFix)) {
792	//
793	// Supports DER-encoded X509 certificate.
794	//
795	return EnrollX509toVariable (Private, VariableName);
796	}
797
798	return EFI_UNSUPPORTED;
799	}
800
801	/**
802	Refresh the global UpdateData structure.
803
804	**/
805	VOID
806	RefreshUpdateData (
807	VOID
808	)
809	{
810	//
811	// Free current updated date
812	//
813	if (mStartOpCodeHandle != NULL) {
814	HiiFreeOpCodeHandle (mStartOpCodeHandle);
815	}
816
817	//
818	// Create new OpCode Handle
819	//
820	mStartOpCodeHandle = HiiAllocateOpCodeHandle ();
821
822	//
823	// Create Hii Extend Label OpCode as the start opcode
824	//
825	mStartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
826	mStartOpCodeHandle,
827	&gEfiIfrTianoGuid,
828	NULL,
829	sizeof (EFI_IFR_GUID_LABEL)
830	);
831	mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
832	}
833
834	/**
835	Clean up the dynamic opcode at label and form specified by both LabelId.
836
837	@param[in] LabelId It is both the Form ID and Label ID for opcode deletion.
838	@param[in] PrivateData Module private data.
839
840	**/
841	VOID
842	CleanUpPage (
843	IN UINT16 LabelId,
844	IN TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData
845	)
846	{
847	RefreshUpdateData ();
848
849	//
850	// Remove all op-codes from dynamic page
851	//
852	mStartLabel->Number = LabelId;
853	HiiUpdateForm (
854	PrivateData->RegisteredHandle,
855	&gTlsAuthConfigGuid,
856	LabelId,
857	mStartOpCodeHandle, // Label LabelId
858	mEndOpCodeHandle // LABEL_END
859	);
860	}
861
862	/**
863	Update the form base on the selected file.
864
865	@param FilePath Point to the file path.
866	@param FormId The form need to display.
867
868	@retval TRUE Exit caller function.
869	@retval FALSE Not exit caller function.
870
871	**/
872	BOOLEAN
873	UpdatePage (
874	IN EFI_DEVICE_PATH_PROTOCOL *FilePath,
875	IN EFI_FORM_ID FormId
876	)
877	{
878	CHAR16 *FileName;
879	EFI_STRING_ID StringToken;
880
881	FileName = NULL;
882
883	if (FilePath != NULL) {
884	FileName = ExtractFileNameFromDevicePath (FilePath);
885	}
886
887	if (FileName == NULL) {
888	//
889	// FileName = NULL has two case:
890	// 1. FilePath == NULL, not select file.
891	// 2. FilePath != NULL, but ExtractFileNameFromDevicePath return NULL not enough memory resource.
892	// In these two case, no need to update the form, and exit the caller function.
893	//
894	return TRUE;
895	}
896
897	StringToken = HiiSetString (mTlsAuthPrivateData->RegisteredHandle, 0, FileName, NULL);
898
899	mTlsAuthPrivateData->FileContext->FileName = FileName;
900
901	EfiOpenFileByDevicePath (
902	&FilePath,
903	&mTlsAuthPrivateData->FileContext->FHandle,
904	EFI_FILE_MODE_READ,
905	0
906	);
907	//
908	// Create Subtitle op-code for the display string of the option.
909	//
910	RefreshUpdateData ();
911	mStartLabel->Number = FormId;
912
913	HiiCreateSubTitleOpCode (
914	mStartOpCodeHandle,
915	StringToken,
916	0,
917	0,
918	0
919	);
920
921	HiiUpdateForm (
922	mTlsAuthPrivateData->RegisteredHandle,
923	&gTlsAuthConfigGuid,
924	FormId,
925	mStartOpCodeHandle, /// Label FormId
926	mEndOpCodeHandle /// LABEL_END
927	);
928
929	return TRUE;
930	}
931
932	/**
933	Update the form base on the input file path info.
934
935	@param FilePath Point to the file path.
936
937	@retval TRUE Exit caller function.
938	@retval FALSE Not exit caller function.
939	**/
940	BOOLEAN
941	EFIAPI
942	UpdateCAFromFile (
943	IN EFI_DEVICE_PATH_PROTOCOL *FilePath
944	)
945	{
946	return UpdatePage (FilePath, TLS_AUTH_CONFIG_FORMID4_FORM);
947	}
948
949	/**
950	Unload the configuration form, this includes: delete all the configuration
951	entries, uninstall the form callback protocol, and free the resources used.
952
953	@param[in] Private Pointer to the driver private data.
954
955	@retval EFI_SUCCESS The configuration form is unloaded.
956	@retval Others Failed to unload the form.
957
958	**/
959	EFI_STATUS
960	TlsAuthConfigFormUnload (
961	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
962	)
963	{
964	if (Private->DriverHandle != NULL) {
965	//
966	// Uninstall EFI_HII_CONFIG_ACCESS_PROTOCOL
967	//
968	gBS->UninstallMultipleProtocolInterfaces (
969	Private->DriverHandle,
970	&gEfiDevicePathProtocolGuid,
971	&mTlsAuthConfigHiiVendorDevicePath,
972	&gEfiHiiConfigAccessProtocolGuid,
973	&Private->ConfigAccess,
974	NULL
975	);
976	Private->DriverHandle = NULL;
977	}
978
979	if (Private->RegisteredHandle != NULL) {
980	//
981	// Remove HII package list
982	//
983	HiiRemovePackages (Private->RegisteredHandle);
984	Private->RegisteredHandle = NULL;
985	}
986
987	if (Private->CertGuid != NULL) {
988	FreePool (Private->CertGuid);
989	}
990
991	if (Private->FileContext != NULL) {
992	FreePool (Private->FileContext);
993	}
994
995	FreePool (Private);
996
997	if (mStartOpCodeHandle != NULL) {
998	HiiFreeOpCodeHandle (mStartOpCodeHandle);
999	}
1000
1001	if (mEndOpCodeHandle != NULL) {
1002	HiiFreeOpCodeHandle (mEndOpCodeHandle);
1003	}
1004
1005	return EFI_SUCCESS;
1006	}
1007
1008	/**
1009	Initialize the configuration form.
1010
1011	@param[in] Private Pointer to the driver private data.
1012
1013	@retval EFI_SUCCESS The configuration form is initialized.
1014	@retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
1015
1016	**/
1017	EFI_STATUS
1018	TlsAuthConfigFormInit (
1019	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
1020	)
1021	{
1022	EFI_STATUS Status;
1023
1024	Private->Signature = TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE;
1025
1026	Private->ConfigAccess.ExtractConfig = TlsAuthConfigAccessExtractConfig;
1027	Private->ConfigAccess.RouteConfig = TlsAuthConfigAccessRouteConfig;
1028	Private->ConfigAccess.Callback = TlsAuthConfigAccessCallback;
1029
1030	//
1031	// Install Device Path Protocol and Config Access protocol to driver handle.
1032	//
1033	Status = gBS->InstallMultipleProtocolInterfaces (
1034	&Private->DriverHandle,
1035	&gEfiDevicePathProtocolGuid,
1036	&mTlsAuthConfigHiiVendorDevicePath,
1037	&gEfiHiiConfigAccessProtocolGuid,
1038	&Private->ConfigAccess,
1039	NULL
1040	);
1041	if (EFI_ERROR (Status)) {
1042	return Status;
1043	}
1044
1045	//
1046	// Publish our HII data.
1047	//
1048	Private->RegisteredHandle = HiiAddPackages (
1049	&gTlsAuthConfigGuid,
1050	Private->DriverHandle,
1051	TlsAuthConfigDxeStrings,
1052	TlsAuthConfigVfrBin,
1053	NULL
1054	);
1055	if (Private->RegisteredHandle == NULL) {
1056	Status = EFI_OUT_OF_RESOURCES;
1057	goto Error;
1058	}
1059
1060	Private->FileContext = AllocateZeroPool (sizeof (TLS_AUTH_CONFIG_FILE_CONTEXT));
1061	if (Private->FileContext == NULL) {
1062	Status = EFI_OUT_OF_RESOURCES;
1063	goto Error;
1064	}
1065
1066	//
1067	// Init OpCode Handle and Allocate space for creation of Buffer
1068	//
1069	mStartOpCodeHandle = HiiAllocateOpCodeHandle ();
1070	if (mStartOpCodeHandle == NULL) {
1071	Status = EFI_OUT_OF_RESOURCES;
1072	goto Error;
1073	}
1074
1075	mEndOpCodeHandle = HiiAllocateOpCodeHandle ();
1076	if (mEndOpCodeHandle == NULL) {
1077	Status = EFI_OUT_OF_RESOURCES;
1078	goto Error;
1079	}
1080
1081	//
1082	// Create Hii Extend Label OpCode as the start opcode
1083	//
1084	mStartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
1085	mStartOpCodeHandle,
1086	&gEfiIfrTianoGuid,
1087	NULL,
1088	sizeof (EFI_IFR_GUID_LABEL)
1089	);
1090	mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
1091
1092	//
1093	// Create Hii Extend Label OpCode as the end opcode
1094	//
1095	mEndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (
1096	mEndOpCodeHandle,
1097	&gEfiIfrTianoGuid,
1098	NULL,
1099	sizeof (EFI_IFR_GUID_LABEL)
1100	);
1101	mEndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
1102	mEndLabel->Number = LABEL_END;
1103
1104	return EFI_SUCCESS;
1105
1106	Error:
1107	TlsAuthConfigFormUnload (Private);
1108	return Status;
1109	}
1110
1111	/**
1112
1113	This function allows the caller to request the current
1114	configuration for one or more named elements. The resulting
1115	string is in <ConfigAltResp> format. Any and all alternative
1116	configuration strings shall also be appended to the end of the
1117	current configuration string. If they are, they must appear
1118	after the current configuration. They must contain the same
1119	routing (GUID, NAME, PATH) as the current configuration string.
1120	They must have an additional description indicating the type of
1121	alternative configuration the string represents,
1122	"ALTCFG=<StringToken>". That <StringToken> (when
1123	converted from Hex UNICODE to binary) is a reference to a
1124	string in the associated string pack.
1125
1126	@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
1127
1128	@param Request A null-terminated Unicode string in
1129	<ConfigRequest> format. Note that this
1130	includes the routing information as well as
1131	the configurable name / value pairs. It is
1132	invalid for this string to be in
1133	<MultiConfigRequest> format.
1134	If a NULL is passed in for the Request field,
1135	all of the settings being abstracted by this function
1136	will be returned in the Results field. In addition,
1137	if a ConfigHdr is passed in with no request elements,
1138	all of the settings being abstracted for that particular
1139	ConfigHdr reference will be returned in the Results Field.
1140
1141	@param Progress On return, points to a character in the
1142	Request string. Points to the string's null
1143	terminator if request was successful. Points
1144	to the most recent "&" before the first
1145	failing name / value pair (or the beginning
1146	of the string if the failure is in the first
1147	name / value pair) if the request was not
1148	successful.
1149
1150	@param Results A null-terminated Unicode string in
1151	<MultiConfigAltResp> format which has all values
1152	filled in for the names in the Request string.
1153	String to be allocated by the called function.
1154
1155	@retval EFI_SUCCESS The Results string is filled with the
1156	values corresponding to all requested
1157	names.
1158
1159	@retval EFI_OUT_OF_RESOURCES Not enough memory to store the
1160	parts of the results that must be
1161	stored awaiting possible future
1162	protocols.
1163
1164	@retval EFI_NOT_FOUND Routing data doesn't match any
1165	known driver. Progress set to the
1166	first character in the routing header.
1167	Note: There is no requirement that the
1168	driver validate the routing data. It
1169	must skip the <ConfigHdr> in order to
1170	process the names.
1171
1172	@retval EFI_INVALID_PARAMETER Illegal syntax. Progress set
1173	to most recent "&" before the
1174	error or the beginning of the
1175	string.
1176
1177	@retval EFI_INVALID_PARAMETER Unknown name. Progress points
1178	to the & before the name in
1179	question.
1180
1181	**/
1182	EFI_STATUS
1183	EFIAPI
1184	TlsAuthConfigAccessExtractConfig (
1185	IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
1186	IN CONST EFI_STRING Request,
1187	OUT EFI_STRING *Progress,
1188	OUT EFI_STRING *Results
1189	)
1190	{
1191	EFI_STATUS Status;
1192	UINTN BufferSize;
1193	UINTN Size;
1194	EFI_STRING ConfigRequest;
1195	EFI_STRING ConfigRequestHdr;
1196	TLS_AUTH_CONFIG_PRIVATE_DATA *Private;
1197	BOOLEAN AllocatedRequest;
1198
1199	if ((Progress == NULL) \|\| (Results == NULL)) {
1200	return EFI_INVALID_PARAMETER;
1201	}
1202
1203	AllocatedRequest = FALSE;
1204	ConfigRequestHdr = NULL;
1205	ConfigRequest = NULL;
1206	Size = 0;
1207
1208	Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);
1209
1210	BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
1211	ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);
1212
1213	*Progress = Request;
1214
1215	if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {
1216	return EFI_NOT_FOUND;
1217	}
1218
1219	ConfigRequest = Request;
1220	if ((Request == NULL) \|\| (StrStr (Request, L"OFFSET") == NULL)) {
1221	//
1222	// Request is set to NULL or OFFSET is NULL, construct full request string.
1223	//
1224	// Allocate and fill a buffer large enough to hold the <ConfigHdr> template
1225	// followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
1226	//
1227	ConfigRequestHdr = HiiConstructConfigHdr (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, Private->DriverHandle);
1228	Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);
1229	ConfigRequest = AllocateZeroPool (Size);
1230	ASSERT (ConfigRequest != NULL);
1231	AllocatedRequest = TRUE;
1232	UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize);
1233	FreePool (ConfigRequestHdr);
1234	ConfigRequestHdr = NULL;
1235	}
1236
1237	Status = gHiiConfigRouting->BlockToConfig (
1238	gHiiConfigRouting,
1239	ConfigRequest,
1240	(UINT8 *)&Private->TlsAuthConfigNvData,
1241	BufferSize,
1242	Results,
1243	Progress
1244	);
1245
1246	//
1247	// Free the allocated config request string.
1248	//
1249	if (AllocatedRequest) {
1250	FreePool (ConfigRequest);
1251	}
1252
1253	//
1254	// Set Progress string to the original request string.
1255	//
1256	if (Request == NULL) {
1257	*Progress = NULL;
1258	} else if (StrStr (Request, L"OFFSET") == NULL) {
1259	*Progress = Request + StrLen (Request);
1260	}
1261
1262	return Status;
1263	}
1264
1265	/**
1266
1267	This function applies changes in a driver's configuration.
1268	Input is a Configuration, which has the routing data for this
1269	driver followed by name / value configuration pairs. The driver
1270	must apply those pairs to its configurable storage. If the
1271	driver's configuration is stored in a linear block of data
1272	and the driver's name / value pairs are in <BlockConfig>
1273	format, it may use the ConfigToBlock helper function (above) to
1274	simplify the job.
1275
1276	@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
1277
1278	@param Configuration A null-terminated Unicode string in
1279	<ConfigString> format.
1280
1281	@param Progress A pointer to a string filled in with the
1282	offset of the most recent '&' before the
1283	first failing name / value pair (or the
1284	beginning of the string if the failure
1285	is in the first name / value pair) or
1286	the terminating NULL if all was
1287	successful.
1288
1289	@retval EFI_SUCCESS The results have been distributed or are
1290	awaiting distribution.
1291
1292	@retval EFI_OUT_OF_RESOURCES Not enough memory to store the
1293	parts of the results that must be
1294	stored awaiting possible future
1295	protocols.
1296
1297	@retval EFI_INVALID_PARAMETERS Passing in a NULL for the
1298	Results parameter would result
1299	in this type of error.
1300
1301	@retval EFI_NOT_FOUND Target for the specified routing data
1302	was not found
1303
1304	**/
1305	EFI_STATUS
1306	EFIAPI
1307	TlsAuthConfigAccessRouteConfig (
1308	IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
1309	IN CONST EFI_STRING Configuration,
1310	OUT EFI_STRING *Progress
1311	)
1312	{
1313	EFI_STATUS Status;
1314	UINTN BufferSize;
1315	TLS_AUTH_CONFIG_PRIVATE_DATA *Private;
1316
1317	if (Progress == NULL) {
1318	return EFI_INVALID_PARAMETER;
1319	}
1320
1321	*Progress = Configuration;
1322
1323	if (Configuration == NULL) {
1324	return EFI_INVALID_PARAMETER;
1325	}
1326
1327	//
1328	// Check routing data in <ConfigHdr>.
1329	// Note: there is no name for Name/Value storage, only GUID will be checked
1330	//
1331	if (!HiiIsConfigHdrMatch (Configuration, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {
1332	return EFI_NOT_FOUND;
1333	}
1334
1335	Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);
1336
1337	BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
1338	ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);
1339
1340	Status = gHiiConfigRouting->ConfigToBlock (
1341	gHiiConfigRouting,
1342	Configuration,
1343	(UINT8 *)&Private->TlsAuthConfigNvData,
1344	&BufferSize,
1345	Progress
1346	);
1347	if (EFI_ERROR (Status)) {
1348	return Status;
1349	}
1350
1351	return Status;
1352	}
1353
1354	/**
1355
1356	This function is called to provide results data to the driver.
1357	This data consists of a unique key that is used to identify
1358	which data is either being passed back or being asked for.
1359
1360	@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
1361	@param Action Specifies the type of action taken by the browser.
1362	@param QuestionId A unique value which is sent to the original
1363	exporting driver so that it can identify the type
1364	of data to expect. The format of the data tends to
1365	vary based on the opcode that generated the callback.
1366	@param Type The type of value for the question.
1367	@param Value A pointer to the data being sent to the original
1368	exporting driver.
1369	@param ActionRequest On return, points to the action requested by the
1370	callback function.
1371
1372	@retval EFI_SUCCESS The callback successfully handled the action.
1373	@retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
1374	variable and its data.
1375	@retval EFI_DEVICE_ERROR The variable could not be saved.
1376	@retval EFI_UNSUPPORTED The specified Action is not supported by the
1377	callback.
1378	**/
1379	EFI_STATUS
1380	EFIAPI
1381	TlsAuthConfigAccessCallback (
1382	IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
1383	IN EFI_BROWSER_ACTION Action,
1384	IN EFI_QUESTION_ID QuestionId,
1385	IN UINT8 Type,
1386	IN OUT EFI_IFR_TYPE_VALUE *Value,
1387	OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
1388	)
1389	{
1390	EFI_STATUS Status;
1391	RETURN_STATUS RStatus;
1392	TLS_AUTH_CONFIG_PRIVATE_DATA *Private;
1393	UINTN BufferSize;
1394	TLS_AUTH_CONFIG_IFR_NVDATA *IfrNvData;
1395	UINT16 LabelId;
1396	EFI_DEVICE_PATH_PROTOCOL *File;
1397	EFI_HII_POPUP_PROTOCOL *HiiPopUp;
1398	EFI_HII_POPUP_SELECTION PopUpSelect;
1399
1400	Status = EFI_SUCCESS;
1401	File = NULL;
1402
1403	if ((This == NULL) \|\| (Value == NULL) \|\| (ActionRequest == NULL)) {
1404	return EFI_INVALID_PARAMETER;
1405	}
1406
1407	Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);
1408
1409	mTlsAuthPrivateData = Private;
1410	Status = gBS->LocateProtocol (&gEfiHiiPopupProtocolGuid, NULL, (VOID **)&HiiPopUp);
1411	if (EFI_ERROR (Status)) {
1412	DEBUG ((DEBUG_ERROR, "Can't find Form PopUp protocol. Exit (%r)\n", Status));
1413	return Status;
1414	}
1415
1416	//
1417	// Retrieve uncommitted data from Browser
1418	//
1419	BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
1420	IfrNvData = AllocateZeroPool (BufferSize);
1421	if (IfrNvData == NULL) {
1422	return EFI_OUT_OF_RESOURCES;
1423	}
1424
1425	HiiGetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8 *)IfrNvData);
1426
1427	if ((Action != EFI_BROWSER_ACTION_CHANGED) &&
1428	(Action != EFI_BROWSER_ACTION_CHANGING) &&
1429	(Action != EFI_BROWSER_ACTION_FORM_CLOSE))
1430	{
1431	Status = EFI_UNSUPPORTED;
1432	goto EXIT;
1433	}
1434
1435	if (Action == EFI_BROWSER_ACTION_CHANGING) {
1436	switch (QuestionId) {
1437	case KEY_TLS_AUTH_CONFIG_CLIENT_CERT:
1438	case KEY_TLS_AUTH_CONFIG_SERVER_CA:
1439	//
1440	// Clear Cert GUID.
1441	//
1442	ZeroMem (IfrNvData->CertGuid, sizeof (IfrNvData->CertGuid));
1443	if (Private->CertGuid == NULL) {
1444	Private->CertGuid = (EFI_GUID *)AllocateZeroPool (sizeof (EFI_GUID));
1445	if (Private->CertGuid == NULL) {
1446	return EFI_OUT_OF_RESOURCES;
1447	}
1448	}
1449
1450	if (QuestionId == KEY_TLS_AUTH_CONFIG_CLIENT_CERT) {
1451	LabelId = TLS_AUTH_CONFIG_FORMID3_FORM;
1452	} else {
1453	LabelId = TLS_AUTH_CONFIG_FORMID4_FORM;
1454	}
1455
1456	//
1457	// Refresh selected file.
1458	//
1459	CleanUpPage (LabelId, Private);
1460	break;
1461	case KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE:
1462	//
1463	// If the file is already opened, clean the file related resource first.
1464	//
1465	CleanFileContext (Private);
1466
1467	ChooseFile (NULL, NULL, UpdateCAFromFile, &File);
1468	break;
1469
1470	case KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT:
1471	Status = EnrollCertDatabase (Private, EFI_TLS_CA_CERTIFICATE_VARIABLE);
1472	if (EFI_ERROR (Status)) {
1473	CleanFileContext (Private);
1474
1475	HiiPopUp->CreatePopup (
1476	HiiPopUp,
1477	EfiHiiPopupStyleError,
1478	EfiHiiPopupTypeOk,
1479	Private->RegisteredHandle,
1480	STRING_TOKEN (STR_TLS_AUTH_ENROLL_CERT_FAILURE),
1481	&PopUpSelect
1482	);
1483	}
1484
1485	break;
1486
1487	case KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT:
1488	CleanFileContext (Private);
1489
1490	if (Private->CertGuid != NULL) {
1491	FreePool (Private->CertGuid);
1492	Private->CertGuid = NULL;
1493	}
1494
1495	break;
1496
1497	case KEY_TLS_AUTH_CONFIG_DELETE_CERT:
1498	UpdateDeletePage (
1499	Private,
1500	EFI_TLS_CA_CERTIFICATE_VARIABLE,
1501	&gEfiTlsCaCertificateGuid,
1502	LABEL_CA_DELETE,
1503	TLS_AUTH_CONFIG_FORMID5_FORM,
1504	OPTION_DEL_CA_ESTION_ID
1505	);
1506	break;
1507
1508	default:
1509	if ((QuestionId >= OPTION_DEL_CA_ESTION_ID) &&
1510	(QuestionId < (OPTION_DEL_CA_ESTION_ID + OPTION_CONFIG_RANGE)))
1511	{
1512	DeleteCert (
1513	Private,
1514	EFI_TLS_CA_CERTIFICATE_VARIABLE,
1515	&gEfiTlsCaCertificateGuid,
1516	LABEL_CA_DELETE,
1517	TLS_AUTH_CONFIG_FORMID5_FORM,
1518	OPTION_DEL_CA_ESTION_ID,
1519	QuestionId - OPTION_DEL_CA_ESTION_ID
1520	);
1521	}
1522
1523	break;
1524	}
1525	} else if (Action == EFI_BROWSER_ACTION_CHANGED) {
1526	switch (QuestionId) {
1527	case KEY_TLS_AUTH_CONFIG_CERT_GUID:
1528	ASSERT (Private->CertGuid != NULL);
1529	RStatus = StrToGuid (
1530	IfrNvData->CertGuid,
1531	Private->CertGuid
1532	);
1533	if (RETURN_ERROR (RStatus) \|\| (IfrNvData->CertGuid[GUID_STRING_LENGTH] != L'\0')) {
1534	Status = EFI_INVALID_PARAMETER;
1535	break;
1536	}
1537
1538	*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
1539	break;
1540	default:
1541	break;
1542	}
1543	} else if (Action == EFI_BROWSER_ACTION_FORM_CLOSE) {
1544	CleanFileContext (Private);
1545	}
1546
1547	EXIT:
1548
1549	if (!EFI_ERROR (Status)) {
1550	BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
1551	HiiSetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8 *)IfrNvData, NULL);
1552	}
1553
1554	FreePool (IfrNvData);
1555
1556	if (File != NULL) {
1557	FreePool (File);
1558	File = NULL;
1559	}
1560
1561	return EFI_SUCCESS;
1562	}

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/VBox/Devices/EFI/Firmware/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c

以其他格式下載: