TlsAuthConfigImpl.c@ 77662

Last change on this file since 77662 was 77662, checked in by vboxsync, 6 years ago
EFI: First step in UDK2018 merge. Does not build yet.
Property svn:eol-style set to `native`
File size: 49.8 KB

Line
1	/** @file
2	The Miscellaneous Routines for TlsAuthConfigDxe driver.
3
4	Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
5
6	This program and the accompanying materials
7	are licensed and made available under the terms and conditions of the BSD License
8	which accompanies this distribution. The full text of the license may be found at
9	http://opensource.org/licenses/bsd-license.php
10
11	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14	**/
15
16	#include "TlsAuthConfigImpl.h"
17
18	VOID *mStartOpCodeHandle = NULL;
19	VOID *mEndOpCodeHandle = NULL;
20	EFI_IFR_GUID_LABEL *mStartLabel = NULL;
21	EFI_IFR_GUID_LABEL *mEndLabel = NULL;
22
23
24	CHAR16 mTlsAuthConfigStorageName[] = L"TLS_AUTH_CONFIG_IFR_NVDATA";
25
26	TLS_AUTH_CONFIG_PRIVATE_DATA *mTlsAuthPrivateData = NULL;
27
28	HII_VENDOR_DEVICE_PATH mTlsAuthConfigHiiVendorDevicePath = {
29	{
30	{
31	HARDWARE_DEVICE_PATH,
32	HW_VENDOR_DP,
33	{
34	(UINT8) (sizeof (VENDOR_DEVICE_PATH)),
35	(UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
36	}
37	},
38	TLS_AUTH_CONFIG_GUID
39	},
40	{
41	END_DEVICE_PATH_TYPE,
42	END_ENTIRE_DEVICE_PATH_SUBTYPE,
43	{
44	(UINT8) (END_DEVICE_PATH_LENGTH),
45	(UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
46	}
47	}
48	};
49
50	//
51	// Possible DER-encoded certificate file suffixes, end with NULL pointer.
52	//
53	CHAR16* mDerPemEncodedSuffix[] = {
54	L".cer",
55	L".der",
56	L".crt",
57	L".pem",
58	NULL
59	};
60
61	/**
62	This code checks if the FileSuffix is one of the possible DER/PEM-encoded certificate suffix.
63
64	@param[in] FileSuffix The suffix of the input certificate file
65
66	@retval TRUE It's a DER/PEM-encoded certificate.
67	@retval FALSE It's NOT a DER/PEM-encoded certificate.
68
69	**/
70	BOOLEAN
71	IsDerPemEncodeCertificate (
72	IN CONST CHAR16 *FileSuffix
73	)
74	{
75	UINTN Index;
76	for (Index = 0; mDerPemEncodedSuffix[Index] != NULL; Index++) {
77	if (StrCmp (FileSuffix, mDerPemEncodedSuffix[Index]) == 0) {
78	return TRUE;
79	}
80	}
81	return FALSE;
82	}
83
84	/**
85	Worker function that prints an EFI_GUID into specified Buffer.
86
87	@param[in] Guid Pointer to GUID to print.
88	@param[in] Buffer Buffer to print Guid into.
89	@param[in] BufferSize Size of Buffer.
90
91	@retval Number of characters printed.
92
93	**/
94	UINTN
95	GuidToString (
96	IN EFI_GUID *Guid,
97	IN CHAR16 *Buffer,
98	IN UINTN BufferSize
99	)
100	{
101	return UnicodeSPrint (
102	Buffer,
103	BufferSize,
104	L"%g",
105	Guid
106	);
107	}
108
109	/**
110	List all cert in specified database by GUID in the page
111	for user to select and delete as needed.
112
113	@param[in] PrivateData Module's private data.
114	@param[in] VariableName The variable name of the vendor's signature database.
115	@param[in] VendorGuid A unique identifier for the vendor.
116	@param[in] LabelNumber Label number to insert opcodes.
117	@param[in] FormId Form ID of current page.
118	@param[in] QuestionIdBase Base question id of the signature list.
119
120	@retval EFI_SUCCESS Success to update the signature list page
121	@retval EFI_OUT_OF_RESOURCES Unable to allocate required resources.
122
123	**/
124	EFI_STATUS
125	UpdateDeletePage (
126	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
127	IN CHAR16 *VariableName,
128	IN EFI_GUID *VendorGuid,
129	IN UINT16 LabelNumber,
130	IN EFI_FORM_ID FormId,
131	IN EFI_QUESTION_ID QuestionIdBase
132	)
133	{
134	EFI_STATUS Status;
135	UINT32 Index;
136	UINTN CertCount;
137	UINTN GuidIndex;
138	VOID *StartOpCodeHandle;
139	VOID *EndOpCodeHandle;
140	EFI_IFR_GUID_LABEL *StartLabel;
141	EFI_IFR_GUID_LABEL *EndLabel;
142	UINTN DataSize;
143	UINT8 *Data;
144	EFI_SIGNATURE_LIST *CertList;
145	EFI_SIGNATURE_DATA *Cert;
146	UINT32 ItemDataSize;
147	CHAR16 *GuidStr;
148	EFI_STRING_ID GuidID;
149	EFI_STRING_ID Help;
150
151	Data = NULL;
152	CertList = NULL;
153	Cert = NULL;
154	GuidStr = NULL;
155	StartOpCodeHandle = NULL;
156	EndOpCodeHandle = NULL;
157
158	//
159	// Initialize the container for dynamic opcodes.
160	//
161	StartOpCodeHandle = HiiAllocateOpCodeHandle ();
162	if (StartOpCodeHandle == NULL) {
163	Status = EFI_OUT_OF_RESOURCES;
164	goto ON_EXIT;
165	}
166
167	EndOpCodeHandle = HiiAllocateOpCodeHandle ();
168	if (EndOpCodeHandle == NULL) {
169	Status = EFI_OUT_OF_RESOURCES;
170	goto ON_EXIT;
171	}
172
173	//
174	// Create Hii Extend Label OpCode.
175	//
176	StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
177	StartOpCodeHandle,
178	&gEfiIfrTianoGuid,
179	NULL,
180	sizeof (EFI_IFR_GUID_LABEL)
181	);
182	StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
183	StartLabel->Number = LabelNumber;
184
185	EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
186	EndOpCodeHandle,
187	&gEfiIfrTianoGuid,
188	NULL,
189	sizeof (EFI_IFR_GUID_LABEL)
190	);
191	EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
192	EndLabel->Number = LABEL_END;
193
194	//
195	// Read Variable.
196	//
197	DataSize = 0;
198	Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
199	if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
200	goto ON_EXIT;
201	}
202
203	Data = (UINT8 *) AllocateZeroPool (DataSize);
204	if (Data == NULL) {
205	Status = EFI_OUT_OF_RESOURCES;
206	goto ON_EXIT;
207	}
208
209	Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, Data);
210	if (EFI_ERROR (Status)) {
211	goto ON_EXIT;
212	}
213
214	GuidStr = AllocateZeroPool (100);
215	if (GuidStr == NULL) {
216	Status = EFI_OUT_OF_RESOURCES;
217	goto ON_EXIT;
218	}
219
220	//
221	// Enumerate all data.
222	//
223	ItemDataSize = (UINT32) DataSize;
224	CertList = (EFI_SIGNATURE_LIST *) Data;
225	GuidIndex = 0;
226
227	while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
228
229	if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
230	Help = STRING_TOKEN (STR_CERT_TYPE_PCKS_GUID);
231	} else {
232	//
233	// The signature type is not supported in current implementation.
234	//
235	ItemDataSize -= CertList->SignatureListSize;
236	CertList = (EFI_SIGNATURE_LIST ) ((UINT8 ) CertList + CertList->SignatureListSize);
237	continue;
238	}
239
240	CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
241	for (Index = 0; Index < CertCount; Index++) {
242	Cert = (EFI_SIGNATURE_DATA ) ((UINT8 ) CertList
243	+ sizeof (EFI_SIGNATURE_LIST)
244	+ CertList->SignatureHeaderSize
245	+ Index * CertList->SignatureSize);
246	//
247	// Display GUID and help
248	//
249	GuidToString (&Cert->SignatureOwner, GuidStr, 100);
250	GuidID = HiiSetString (Private->RegisteredHandle, 0, GuidStr, NULL);
251	HiiCreateCheckBoxOpCode (
252	StartOpCodeHandle,
253	(EFI_QUESTION_ID) (QuestionIdBase + GuidIndex++),
254	0,
255	0,
256	GuidID,
257	Help,
258	EFI_IFR_FLAG_CALLBACK,
259	0,
260	NULL
261	);
262	}
263
264	ItemDataSize -= CertList->SignatureListSize;
265	CertList = (EFI_SIGNATURE_LIST ) ((UINT8 ) CertList + CertList->SignatureListSize);
266	}
267
268	ON_EXIT:
269	HiiUpdateForm (
270	Private->RegisteredHandle,
271	&gTlsAuthConfigGuid,
272	FormId,
273	StartOpCodeHandle,
274	EndOpCodeHandle
275	);
276
277	if (StartOpCodeHandle != NULL) {
278	HiiFreeOpCodeHandle (StartOpCodeHandle);
279	}
280
281	if (EndOpCodeHandle != NULL) {
282	HiiFreeOpCodeHandle (EndOpCodeHandle);
283	}
284
285	if (Data != NULL) {
286	FreePool (Data);
287	}
288
289	if (GuidStr != NULL) {
290	FreePool (GuidStr);
291	}
292
293	return EFI_SUCCESS;
294	}
295
296	/**
297	Delete one entry from cert database.
298
299	@param[in] Private Module's private data.
300	@param[in] VariableName The variable name of the database.
301	@param[in] VendorGuid A unique identifier for the vendor.
302	@param[in] LabelNumber Label number to insert opcodes.
303	@param[in] FormId Form ID of current page.
304	@param[in] QuestionIdBase Base question id of the cert list.
305	@param[in] DeleteIndex Cert index to delete.
306
307	@retval EFI_SUCCESS Delete siganture successfully.
308	@retval EFI_NOT_FOUND Can't find the signature item,
309	@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
310	**/
311	EFI_STATUS
312	DeleteCert (
313	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
314	IN CHAR16 *VariableName,
315	IN EFI_GUID *VendorGuid,
316	IN UINT16 LabelNumber,
317	IN EFI_FORM_ID FormId,
318	IN EFI_QUESTION_ID QuestionIdBase,
319	IN UINTN DeleteIndex
320	)
321	{
322	EFI_STATUS Status;
323	UINTN DataSize;
324	UINT8 *Data;
325	UINT8 *OldData;
326	UINT32 Attr;
327	UINT32 Index;
328	EFI_SIGNATURE_LIST *CertList;
329	EFI_SIGNATURE_LIST *NewCertList;
330	EFI_SIGNATURE_DATA *Cert;
331	UINTN CertCount;
332	UINT32 Offset;
333	BOOLEAN IsItemFound;
334	UINT32 ItemDataSize;
335	UINTN GuidIndex;
336
337	Data = NULL;
338	OldData = NULL;
339	CertList = NULL;
340	Cert = NULL;
341	Attr = 0;
342
343	//
344	// Get original signature list data.
345	//
346	DataSize = 0;
347	Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &DataSize, NULL);
348	if (EFI_ERROR (Status) && Status != EFI_BUFFER_TOO_SMALL) {
349	goto ON_EXIT;
350	}
351
352	OldData = (UINT8 *) AllocateZeroPool (DataSize);
353	if (OldData == NULL) {
354	Status = EFI_OUT_OF_RESOURCES;
355	goto ON_EXIT;
356	}
357
358	Status = gRT->GetVariable (VariableName, VendorGuid, &Attr, &DataSize, OldData);
359	if (EFI_ERROR(Status)) {
360	goto ON_EXIT;
361	}
362
363	//
364	// Allocate space for new variable.
365	//
366	Data = (UINT8*) AllocateZeroPool (DataSize);
367	if (Data == NULL) {
368	Status = EFI_OUT_OF_RESOURCES;
369	goto ON_EXIT;
370	}
371
372	//
373	// Enumerate all data and erasing the target item.
374	//
375	IsItemFound = FALSE;
376	ItemDataSize = (UINT32) DataSize;
377	CertList = (EFI_SIGNATURE_LIST *) OldData;
378	Offset = 0;
379	GuidIndex = 0;
380	while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
381	if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
382	//
383	// Copy EFI_SIGNATURE_LIST header then calculate the signature count in this list.
384	//
385	CopyMem (Data + Offset, CertList, (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize));
386	NewCertList = (EFI_SIGNATURE_LIST*) (Data + Offset);
387	Offset += (sizeof(EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
388	Cert = (EFI_SIGNATURE_DATA ) ((UINT8 ) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
389	CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
390	for (Index = 0; Index < CertCount; Index++) {
391	if (GuidIndex == DeleteIndex) {
392	//
393	// Find it! Skip it!
394	//
395	NewCertList->SignatureListSize -= CertList->SignatureSize;
396	IsItemFound = TRUE;
397	} else {
398	//
399	// This item doesn't match. Copy it to the Data buffer.
400	//
401	CopyMem (Data + Offset, (UINT8*)(Cert), CertList->SignatureSize);
402	Offset += CertList->SignatureSize;
403	}
404	GuidIndex++;
405	Cert = (EFI_SIGNATURE_DATA ) ((UINT8 ) Cert + CertList->SignatureSize);
406	}
407	} else {
408	//
409	// This List doesn't match. Just copy it to the Data buffer.
410	//
411	CopyMem (Data + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
412	Offset += CertList->SignatureListSize;
413	}
414
415	ItemDataSize -= CertList->SignatureListSize;
416	CertList = (EFI_SIGNATURE_LIST ) ((UINT8 ) CertList + CertList->SignatureListSize);
417	}
418
419	if (!IsItemFound) {
420	//
421	// Doesn't find the signature Item!
422	//
423	Status = EFI_NOT_FOUND;
424	goto ON_EXIT;
425	}
426
427	//
428	// Delete the EFI_SIGNATURE_LIST header if there is no signature in the list.
429	//
430	ItemDataSize = Offset;
431	CertList = (EFI_SIGNATURE_LIST *) Data;
432	Offset = 0;
433	ZeroMem (OldData, ItemDataSize);
434	while ((ItemDataSize > 0) && (ItemDataSize >= CertList->SignatureListSize)) {
435	CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
436	DEBUG ((DEBUG_INFO, " CertCount = %x\n", CertCount));
437	if (CertCount != 0) {
438	CopyMem (OldData + Offset, (UINT8*)(CertList), CertList->SignatureListSize);
439	Offset += CertList->SignatureListSize;
440	}
441	ItemDataSize -= CertList->SignatureListSize;
442	CertList = (EFI_SIGNATURE_LIST ) ((UINT8 ) CertList + CertList->SignatureListSize);
443	}
444
445	DataSize = Offset;
446
447	Status = gRT->SetVariable(
448	VariableName,
449	VendorGuid,
450	Attr,
451	DataSize,
452	OldData
453	);
454	if (EFI_ERROR (Status)) {
455	DEBUG ((DEBUG_ERROR, "Failed to set variable, Status = %r\n", Status));
456	goto ON_EXIT;
457	}
458
459	ON_EXIT:
460	if (Data != NULL) {
461	FreePool(Data);
462	}
463
464	if (OldData != NULL) {
465	FreePool(OldData);
466	}
467
468	return UpdateDeletePage (
469	Private,
470	VariableName,
471	VendorGuid,
472	LabelNumber,
473	FormId,
474	QuestionIdBase
475	);
476	}
477
478
479	/**
480	Clean the file related resource.
481
482	@param[in] Private Module's private data.
483
484	**/
485	VOID
486	CleanFileContext (
487	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
488	)
489	{
490	if (Private->FileContext->FHandle != NULL) {
491	Private->FileContext->FHandle->Close (Private->FileContext->FHandle);
492	Private->FileContext->FHandle = NULL;
493	if (Private->FileContext->FileName!= NULL){
494	FreePool(Private->FileContext->FileName);
495	Private->FileContext->FileName = NULL;
496	}
497	}
498	}
499
500	/**
501	Read file content into BufferPtr, the size of the allocate buffer
502	is *FileSize plus AddtionAllocateSize.
503
504	@param[in] FileHandle The file to be read.
505	@param[in, out] BufferPtr Pointers to the pointer of allocated buffer.
506	@param[out] FileSize Size of input file
507	@param[in] AddtionAllocateSize Addtion size the buffer need to be allocated.
508	In case the buffer need to contain others besides the file content.
509
510	@retval EFI_SUCCESS The file was read into the buffer.
511	@retval EFI_INVALID_PARAMETER A parameter was invalid.
512	@retval EFI_OUT_OF_RESOURCES A memory allocation failed.
513	@retval others Unexpected error.
514
515	**/
516	EFI_STATUS
517	ReadFileContent (
518	IN EFI_FILE_HANDLE FileHandle,
519	IN OUT VOID **BufferPtr,
520	OUT UINTN *FileSize,
521	IN UINTN AddtionAllocateSize
522	)
523
524	{
525	UINTN BufferSize;
526	UINT64 SourceFileSize;
527	VOID *Buffer;
528	EFI_STATUS Status;
529
530	if ((FileHandle == NULL) \|\| (FileSize == NULL)) {
531	return EFI_INVALID_PARAMETER;
532	}
533
534	Buffer = NULL;
535
536	//
537	// Get the file size
538	//
539	Status = FileHandle->SetPosition (FileHandle, (UINT64) -1);
540	if (EFI_ERROR (Status)) {
541	goto ON_EXIT;
542	}
543
544	Status = FileHandle->GetPosition (FileHandle, &SourceFileSize);
545	if (EFI_ERROR (Status)) {
546	goto ON_EXIT;
547	}
548
549	Status = FileHandle->SetPosition (FileHandle, 0);
550	if (EFI_ERROR (Status)) {
551	goto ON_EXIT;
552	}
553
554	BufferSize = (UINTN) SourceFileSize + AddtionAllocateSize;
555	Buffer = AllocateZeroPool(BufferSize);
556	if (Buffer == NULL) {
557	return EFI_OUT_OF_RESOURCES;
558	}
559
560	BufferSize = (UINTN) SourceFileSize;
561	*FileSize = BufferSize;
562
563	Status = FileHandle->Read (FileHandle, &BufferSize, Buffer);
564	if (EFI_ERROR (Status) \|\| BufferSize != *FileSize) {
565	FreePool (Buffer);
566	Buffer = NULL;
567	Status = EFI_BAD_BUFFER_SIZE;
568	goto ON_EXIT;
569	}
570
571	ON_EXIT:
572
573	*BufferPtr = Buffer;
574	return Status;
575	}
576
577	/**
578	This function will open a file or directory referenced by DevicePath.
579
580	This function opens a file with the open mode according to the file path. The
581	Attributes is valid only for EFI_FILE_MODE_CREATE.
582
583	@param[in, out] FilePath On input, the device path to the file.
584	On output, the remaining device path.
585	@param[out] FileHandle Pointer to the file handle.
586	@param[in] OpenMode The mode to open the file with.
587	@param[in] Attributes The file's file attributes.
588
589	@retval EFI_SUCCESS The information was set.
590	@retval EFI_INVALID_PARAMETER One of the parameters has an invalid value.
591	@retval EFI_UNSUPPORTED Could not open the file path.
592	@retval EFI_NOT_FOUND The specified file could not be found on the
593	device or the file system could not be found on
594	the device.
595	@retval EFI_NO_MEDIA The device has no medium.
596	@retval EFI_MEDIA_CHANGED The device has a different medium in it or the
597	medium is no longer supported.
598	@retval EFI_DEVICE_ERROR The device reported an error.
599	@retval EFI_VOLUME_CORRUPTED The file system structures are corrupted.
600	@retval EFI_WRITE_PROTECTED The file or medium is write protected.
601	@retval EFI_ACCESS_DENIED The file was opened read only.
602	@retval EFI_OUT_OF_RESOURCES Not enough resources were available to open the
603	file.
604	@retval EFI_VOLUME_FULL The volume is full.
605	**/
606	EFI_STATUS
607	EFIAPI
608	OpenFileByDevicePath (
609	IN OUT EFI_DEVICE_PATH_PROTOCOL **FilePath,
610	OUT EFI_FILE_HANDLE *FileHandle,
611	IN UINT64 OpenMode,
612	IN UINT64 Attributes
613	)
614	{
615	EFI_STATUS Status;
616	EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *EfiSimpleFileSystemProtocol;
617	EFI_FILE_PROTOCOL *Handle1;
618	EFI_FILE_PROTOCOL *Handle2;
619	EFI_HANDLE DeviceHandle;
620
621	if ((FilePath == NULL \|\| FileHandle == NULL)) {
622	return EFI_INVALID_PARAMETER;
623	}
624
625	Status = gBS->LocateDevicePath (
626	&gEfiSimpleFileSystemProtocolGuid,
627	FilePath,
628	&DeviceHandle
629	);
630	if (EFI_ERROR (Status)) {
631	return Status;
632	}
633
634	Status = gBS->OpenProtocol(
635	DeviceHandle,
636	&gEfiSimpleFileSystemProtocolGuid,
637	(VOID**)&EfiSimpleFileSystemProtocol,
638	gImageHandle,
639	NULL,
640	EFI_OPEN_PROTOCOL_GET_PROTOCOL
641	);
642	if (EFI_ERROR (Status)) {
643	return Status;
644	}
645
646	Status = EfiSimpleFileSystemProtocol->OpenVolume(EfiSimpleFileSystemProtocol, &Handle1);
647	if (EFI_ERROR (Status)) {
648	FileHandle = NULL;
649	return Status;
650	}
651
652	//
653	// go down directories one node at a time.
654	//
655	while (!IsDevicePathEnd (*FilePath)) {
656	//
657	// For file system access each node should be a file path component
658	//
659	if (DevicePathType (*FilePath) != MEDIA_DEVICE_PATH \|\|
660	DevicePathSubType (*FilePath) != MEDIA_FILEPATH_DP
661	) {
662	FileHandle = NULL;
663	return (EFI_INVALID_PARAMETER);
664	}
665	//
666	// Open this file path node
667	//
668	Handle2 = Handle1;
669	Handle1 = NULL;
670
671	//
672	// Try to test opening an existing file
673	//
674	Status = Handle2->Open (
675	Handle2,
676	&Handle1,
677	((FILEPATH_DEVICE_PATH)FilePath)->PathName,
678	OpenMode &~EFI_FILE_MODE_CREATE,
679	0
680	);
681
682	//
683	// see if the error was that it needs to be created
684	//
685	if ((EFI_ERROR (Status)) && (OpenMode != (OpenMode &~EFI_FILE_MODE_CREATE))) {
686	Status = Handle2->Open (
687	Handle2,
688	&Handle1,
689	((FILEPATH_DEVICE_PATH)FilePath)->PathName,
690	OpenMode,
691	Attributes
692	);
693	}
694	//
695	// Close the last node
696	//
697	Handle2->Close (Handle2);
698
699	if (EFI_ERROR(Status)) {
700	return (Status);
701	}
702
703	//
704	// Get the next node
705	//
706	FilePath = NextDevicePathNode (FilePath);
707	}
708
709	//
710	// This is a weak spot since if the undefined SHELL_FILE_HANDLE format changes this must change also!
711	//
712	FileHandle = (VOID)Handle1;
713	return EFI_SUCCESS;
714	}
715
716	/**
717	This function converts an input device structure to a Unicode string.
718
719	@param[in] DevPath A pointer to the device path structure.
720
721	@return A new allocated Unicode string that represents the device path.
722
723	**/
724	CHAR16 *
725	EFIAPI
726	DevicePathToStr (
727	IN EFI_DEVICE_PATH_PROTOCOL *DevPath
728	)
729	{
730	return ConvertDevicePathToText (
731	DevPath,
732	FALSE,
733	TRUE
734	);
735	}
736
737
738	/**
739	Extract filename from device path. The returned buffer is allocated using AllocateCopyPool.
740	The caller is responsible for freeing the allocated buffer using FreePool(). If return NULL
741	means not enough memory resource.
742
743	@param DevicePath Device path.
744
745	@retval NULL Not enough memory resourece for AllocateCopyPool.
746	@retval Other A new allocated string that represents the file name.
747
748	**/
749	CHAR16 *
750	ExtractFileNameFromDevicePath (
751	IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
752	)
753	{
754	CHAR16 *String;
755	CHAR16 *MatchString;
756	CHAR16 *LastMatch;
757	CHAR16 *FileName;
758	UINTN Length;
759
760	ASSERT(DevicePath != NULL);
761
762	String = DevicePathToStr(DevicePath);
763	MatchString = String;
764	LastMatch = String;
765	FileName = NULL;
766
767	while(MatchString != NULL){
768	LastMatch = MatchString + 1;
769	MatchString = StrStr(LastMatch,L"\\");
770	}
771
772	Length = StrLen(LastMatch);
773	FileName = AllocateCopyPool ((Length + 1) * sizeof(CHAR16), LastMatch);
774	if (FileName != NULL) {
775	*(FileName + Length) = 0;
776	}
777
778	FreePool(String);
779
780	return FileName;
781	}
782
783	/**
784	Enroll a new X509 certificate into Variable.
785
786	@param[in] PrivateData The module's private data.
787	@param[in] VariableName Variable name of CA database.
788
789	@retval EFI_SUCCESS New X509 is enrolled successfully.
790	@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.
791
792	**/
793	EFI_STATUS
794	EnrollX509toVariable (
795	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
796	IN CHAR16 *VariableName
797	)
798	{
799	EFI_STATUS Status;
800	UINTN X509DataSize;
801	VOID *X509Data;
802	EFI_SIGNATURE_LIST *CACert;
803	EFI_SIGNATURE_DATA *CACertData;
804	VOID *Data;
805	UINTN DataSize;
806	UINTN SigDataSize;
807	UINT32 Attr;
808
809	X509DataSize = 0;
810	SigDataSize = 0;
811	DataSize = 0;
812	X509Data = NULL;
813	CACert = NULL;
814	CACertData = NULL;
815	Data = NULL;
816
817	Status = ReadFileContent (
818	Private->FileContext->FHandle,
819	&X509Data,
820	&X509DataSize,
821	0
822	);
823	if (EFI_ERROR (Status)) {
824	goto ON_EXIT;
825	}
826	ASSERT (X509Data != NULL);
827
828	SigDataSize = sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize;
829
830	Data = AllocateZeroPool (SigDataSize);
831	if (Data == NULL) {
832	Status = EFI_OUT_OF_RESOURCES;
833	goto ON_EXIT;
834	}
835
836	//
837	// Fill Certificate Database parameters.
838	//
839	CACert = (EFI_SIGNATURE_LIST*) Data;
840	CACert->SignatureListSize = (UINT32) SigDataSize;
841	CACert->SignatureHeaderSize = 0;
842	CACert->SignatureSize = (UINT32) (sizeof(EFI_SIGNATURE_DATA) - 1 + X509DataSize);
843	CopyGuid (&CACert->SignatureType, &gEfiCertX509Guid);
844
845	CACertData = (EFI_SIGNATURE_DATA) ((UINT8 ) CACert + sizeof (EFI_SIGNATURE_LIST));
846	CopyGuid (&CACertData->SignatureOwner, Private->CertGuid);
847	CopyMem ((UINT8* ) (CACertData->SignatureData), X509Data, X509DataSize);
848
849	//
850	// Check if signature database entry has been already existed.
851	// If true, use EFI_VARIABLE_APPEND_WRITE attribute to append the
852	// new signature data to original variable
853	//
854	Attr = TLS_AUTH_CONFIG_VAR_BASE_ATTR;
855
856	Status = gRT->GetVariable(
857	VariableName,
858	&gEfiTlsCaCertificateGuid,
859	NULL,
860	&DataSize,
861	NULL
862	);
863	if (Status == EFI_BUFFER_TOO_SMALL) {
864	Attr \|= EFI_VARIABLE_APPEND_WRITE;
865	} else if (Status != EFI_NOT_FOUND) {
866	goto ON_EXIT;
867	}
868
869	Status = gRT->SetVariable(
870	VariableName,
871	&gEfiTlsCaCertificateGuid,
872	Attr,
873	SigDataSize,
874	Data
875	);
876	if (EFI_ERROR (Status)) {
877	goto ON_EXIT;
878	}
879
880	ON_EXIT:
881	CleanFileContext (Private);
882
883	if (Private->CertGuid != NULL) {
884	FreePool (Private->CertGuid);
885	Private->CertGuid = NULL;
886	}
887
888	if (Data != NULL) {
889	FreePool (Data);
890	}
891
892	if (X509Data != NULL) {
893	FreePool (X509Data);
894	}
895
896	return Status;
897	}
898
899	/**
900	Enroll Cert into TlsCaCertificate. The GUID will be Private->CertGuid.
901
902	@param[in] PrivateData The module's private data.
903	@param[in] VariableName Variable name of signature database.
904
905	@retval EFI_SUCCESS New Cert enrolled successfully.
906	@retval EFI_INVALID_PARAMETER The parameter is invalid.
907	@retval EFI_UNSUPPORTED The Cert file is unsupported type.
908	@retval others Fail to enroll Cert data.
909
910	**/
911	EFI_STATUS
912	EnrollCertDatabase (
913	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private,
914	IN CHAR16 *VariableName
915	)
916	{
917	UINT16* FilePostFix;
918	UINTN NameLength;
919
920	if ((Private->FileContext->FileName == NULL) \|\| (Private->FileContext->FHandle == NULL) \|\| (Private->CertGuid == NULL)) {
921	return EFI_INVALID_PARAMETER;
922	}
923
924	//
925	// Parse the file's postfix.
926	//
927	NameLength = StrLen (Private->FileContext->FileName);
928	if (NameLength <= 4) {
929	return EFI_INVALID_PARAMETER;
930	}
931	FilePostFix = Private->FileContext->FileName + NameLength - 4;
932
933	if (IsDerPemEncodeCertificate (FilePostFix)) {
934	//
935	// Supports DER-encoded X509 certificate.
936	//
937	return EnrollX509toVariable (Private, VariableName);
938	}
939
940	return EFI_UNSUPPORTED;
941	}
942
943	/**
944	Refresh the global UpdateData structure.
945
946	**/
947	VOID
948	RefreshUpdateData (
949	VOID
950	)
951	{
952	//
953	// Free current updated date
954	//
955	if (mStartOpCodeHandle != NULL) {
956	HiiFreeOpCodeHandle (mStartOpCodeHandle);
957	}
958
959	//
960	// Create new OpCode Handle
961	//
962	mStartOpCodeHandle = HiiAllocateOpCodeHandle ();
963
964	//
965	// Create Hii Extend Label OpCode as the start opcode
966	//
967	mStartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
968	mStartOpCodeHandle,
969	&gEfiIfrTianoGuid,
970	NULL,
971	sizeof (EFI_IFR_GUID_LABEL)
972	);
973	mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
974	}
975
976	/**
977	Clean up the dynamic opcode at label and form specified by both LabelId.
978
979	@param[in] LabelId It is both the Form ID and Label ID for opcode deletion.
980	@param[in] PrivateData Module private data.
981
982	**/
983	VOID
984	CleanUpPage (
985	IN UINT16 LabelId,
986	IN TLS_AUTH_CONFIG_PRIVATE_DATA *PrivateData
987	)
988	{
989	RefreshUpdateData ();
990
991	//
992	// Remove all op-codes from dynamic page
993	//
994	mStartLabel->Number = LabelId;
995	HiiUpdateForm (
996	PrivateData->RegisteredHandle,
997	&gTlsAuthConfigGuid,
998	LabelId,
999	mStartOpCodeHandle, // Label LabelId
1000	mEndOpCodeHandle // LABEL_END
1001	);
1002	}
1003
1004	/**
1005	Update the form base on the selected file.
1006
1007	@param FilePath Point to the file path.
1008	@param FormId The form need to display.
1009
1010	@retval TRUE Exit caller function.
1011	@retval FALSE Not exit caller function.
1012
1013	**/
1014	BOOLEAN
1015	UpdatePage(
1016	IN EFI_DEVICE_PATH_PROTOCOL *FilePath,
1017	IN EFI_FORM_ID FormId
1018	)
1019	{
1020	CHAR16 *FileName;
1021	EFI_STRING_ID StringToken;
1022
1023	FileName = NULL;
1024
1025	if (FilePath != NULL) {
1026	FileName = ExtractFileNameFromDevicePath(FilePath);
1027	}
1028	if (FileName == NULL) {
1029	//
1030	// FileName = NULL has two case:
1031	// 1. FilePath == NULL, not select file.
1032	// 2. FilePath != NULL, but ExtractFileNameFromDevicePath return NULL not enough memory resource.
1033	// In these two case, no need to update the form, and exit the caller function.
1034	//
1035	return TRUE;
1036	}
1037	StringToken = HiiSetString (mTlsAuthPrivateData->RegisteredHandle, 0, FileName, NULL);
1038
1039	mTlsAuthPrivateData->FileContext->FileName = FileName;
1040
1041	OpenFileByDevicePath (
1042	&FilePath,
1043	&mTlsAuthPrivateData->FileContext->FHandle,
1044	EFI_FILE_MODE_READ,
1045	0
1046	);
1047	//
1048	// Create Subtitle op-code for the display string of the option.
1049	//
1050	RefreshUpdateData ();
1051	mStartLabel->Number = FormId;
1052
1053	HiiCreateSubTitleOpCode (
1054	mStartOpCodeHandle,
1055	StringToken,
1056	0,
1057	0,
1058	0
1059	);
1060
1061	HiiUpdateForm (
1062	mTlsAuthPrivateData->RegisteredHandle,
1063	&gTlsAuthConfigGuid,
1064	FormId,
1065	mStartOpCodeHandle, /// Label FormId
1066	mEndOpCodeHandle /// LABEL_END
1067	);
1068
1069	return TRUE;
1070	}
1071
1072	/**
1073	Update the form base on the input file path info.
1074
1075	@param FilePath Point to the file path.
1076
1077	@retval TRUE Exit caller function.
1078	@retval FALSE Not exit caller function.
1079	**/
1080	BOOLEAN
1081	EFIAPI
1082	UpdateCAFromFile (
1083	IN EFI_DEVICE_PATH_PROTOCOL *FilePath
1084	)
1085	{
1086	return UpdatePage(FilePath, TLS_AUTH_CONFIG_FORMID4_FORM);
1087	}
1088
1089	/**
1090	Unload the configuration form, this includes: delete all the configuration
1091	entries, uninstall the form callback protocol, and free the resources used.
1092
1093	@param[in] Private Pointer to the driver private data.
1094
1095	@retval EFI_SUCCESS The configuration form is unloaded.
1096	@retval Others Failed to unload the form.
1097
1098	**/
1099	EFI_STATUS
1100	TlsAuthConfigFormUnload (
1101	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
1102	)
1103	{
1104	if (Private->DriverHandle != NULL) {
1105	//
1106	// Uninstall EFI_HII_CONFIG_ACCESS_PROTOCOL
1107	//
1108	gBS->UninstallMultipleProtocolInterfaces (
1109	Private->DriverHandle,
1110	&gEfiDevicePathProtocolGuid,
1111	&mTlsAuthConfigHiiVendorDevicePath,
1112	&gEfiHiiConfigAccessProtocolGuid,
1113	&Private->ConfigAccess,
1114	NULL
1115	);
1116	Private->DriverHandle = NULL;
1117	}
1118
1119	if (Private->RegisteredHandle != NULL) {
1120	//
1121	// Remove HII package list
1122	//
1123	HiiRemovePackages (Private->RegisteredHandle);
1124	Private->RegisteredHandle = NULL;
1125	}
1126
1127	if (Private->CertGuid != NULL) {
1128	FreePool (Private->CertGuid);
1129	}
1130
1131	if (Private->FileContext != NULL) {
1132	FreePool (Private->FileContext);
1133	}
1134
1135	FreePool (Private);
1136
1137	if (mStartOpCodeHandle != NULL) {
1138	HiiFreeOpCodeHandle (mStartOpCodeHandle);
1139	}
1140
1141	if (mEndOpCodeHandle != NULL) {
1142	HiiFreeOpCodeHandle (mEndOpCodeHandle);
1143	}
1144
1145	return EFI_SUCCESS;
1146	}
1147
1148
1149	/**
1150	Initialize the configuration form.
1151
1152	@param[in] Private Pointer to the driver private data.
1153
1154	@retval EFI_SUCCESS The configuration form is initialized.
1155	@retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
1156
1157	**/
1158	EFI_STATUS
1159	TlsAuthConfigFormInit (
1160	IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
1161	)
1162	{
1163	EFI_STATUS Status;
1164
1165	Private->Signature = TLS_AUTH_CONFIG_PRIVATE_DATA_SIGNATURE;
1166
1167	Private->ConfigAccess.ExtractConfig = TlsAuthConfigAccessExtractConfig;
1168	Private->ConfigAccess.RouteConfig = TlsAuthConfigAccessRouteConfig;
1169	Private->ConfigAccess.Callback = TlsAuthConfigAccessCallback;
1170
1171	//
1172	// Install Device Path Protocol and Config Access protocol to driver handle.
1173	//
1174	Status = gBS->InstallMultipleProtocolInterfaces (
1175	&Private->DriverHandle,
1176	&gEfiDevicePathProtocolGuid,
1177	&mTlsAuthConfigHiiVendorDevicePath,
1178	&gEfiHiiConfigAccessProtocolGuid,
1179	&Private->ConfigAccess,
1180	NULL
1181	);
1182	if (EFI_ERROR (Status)) {
1183	return Status;
1184	}
1185
1186	//
1187	// Publish our HII data.
1188	//
1189	Private->RegisteredHandle = HiiAddPackages (
1190	&gTlsAuthConfigGuid,
1191	Private->DriverHandle,
1192	TlsAuthConfigDxeStrings,
1193	TlsAuthConfigVfrBin,
1194	NULL
1195	);
1196	if (Private->RegisteredHandle == NULL) {
1197	Status = EFI_OUT_OF_RESOURCES;
1198	goto Error;
1199	}
1200
1201	Private->FileContext = AllocateZeroPool (sizeof (TLS_AUTH_CONFIG_FILE_CONTEXT));
1202	if (Private->FileContext == NULL) {
1203	Status = EFI_OUT_OF_RESOURCES;
1204	goto Error;
1205	}
1206
1207	//
1208	// Init OpCode Handle and Allocate space for creation of Buffer
1209	//
1210	mStartOpCodeHandle = HiiAllocateOpCodeHandle ();
1211	if (mStartOpCodeHandle == NULL) {
1212	Status = EFI_OUT_OF_RESOURCES;
1213	goto Error;
1214	}
1215
1216	mEndOpCodeHandle = HiiAllocateOpCodeHandle ();
1217	if (mEndOpCodeHandle == NULL) {
1218	Status = EFI_OUT_OF_RESOURCES;
1219	goto Error;
1220	}
1221
1222	//
1223	// Create Hii Extend Label OpCode as the start opcode
1224	//
1225	mStartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
1226	mStartOpCodeHandle,
1227	&gEfiIfrTianoGuid,
1228	NULL,
1229	sizeof (EFI_IFR_GUID_LABEL)
1230	);
1231	mStartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
1232
1233	//
1234	// Create Hii Extend Label OpCode as the end opcode
1235	//
1236	mEndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
1237	mEndOpCodeHandle,
1238	&gEfiIfrTianoGuid,
1239	NULL,
1240	sizeof (EFI_IFR_GUID_LABEL)
1241	);
1242	mEndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
1243	mEndLabel->Number = LABEL_END;
1244
1245	return EFI_SUCCESS;
1246
1247	Error:
1248	TlsAuthConfigFormUnload (Private);
1249	return Status;
1250	}
1251
1252	/**
1253
1254	This function allows the caller to request the current
1255	configuration for one or more named elements. The resulting
1256	string is in <ConfigAltResp> format. Any and all alternative
1257	configuration strings shall also be appended to the end of the
1258	current configuration string. If they are, they must appear
1259	after the current configuration. They must contain the same
1260	routing (GUID, NAME, PATH) as the current configuration string.
1261	They must have an additional description indicating the type of
1262	alternative configuration the string represents,
1263	"ALTCFG=<StringToken>". That <StringToken> (when
1264	converted from Hex UNICODE to binary) is a reference to a
1265	string in the associated string pack.
1266
1267	@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
1268
1269	@param Request A null-terminated Unicode string in
1270	<ConfigRequest> format. Note that this
1271	includes the routing information as well as
1272	the configurable name / value pairs. It is
1273	invalid for this string to be in
1274	<MultiConfigRequest> format.
1275	If a NULL is passed in for the Request field,
1276	all of the settings being abstracted by this function
1277	will be returned in the Results field. In addition,
1278	if a ConfigHdr is passed in with no request elements,
1279	all of the settings being abstracted for that particular
1280	ConfigHdr reference will be returned in the Results Field.
1281
1282	@param Progress On return, points to a character in the
1283	Request string. Points to the string's null
1284	terminator if request was successful. Points
1285	to the most recent "&" before the first
1286	failing name / value pair (or the beginning
1287	of the string if the failure is in the first
1288	name / value pair) if the request was not
1289	successful.
1290
1291	@param Results A null-terminated Unicode string in
1292	<MultiConfigAltResp> format which has all values
1293	filled in for the names in the Request string.
1294	String to be allocated by the called function.
1295
1296	@retval EFI_SUCCESS The Results string is filled with the
1297	values corresponding to all requested
1298	names.
1299
1300	@retval EFI_OUT_OF_RESOURCES Not enough memory to store the
1301	parts of the results that must be
1302	stored awaiting possible future
1303	protocols.
1304
1305	@retval EFI_NOT_FOUND Routing data doesn't match any
1306	known driver. Progress set to the
1307	first character in the routing header.
1308	Note: There is no requirement that the
1309	driver validate the routing data. It
1310	must skip the <ConfigHdr> in order to
1311	process the names.
1312
1313	@retval EFI_INVALID_PARAMETER Illegal syntax. Progress set
1314	to most recent "&" before the
1315	error or the beginning of the
1316	string.
1317
1318	@retval EFI_INVALID_PARAMETER Unknown name. Progress points
1319	to the & before the name in
1320	question.
1321
1322	**/
1323	EFI_STATUS
1324	EFIAPI
1325	TlsAuthConfigAccessExtractConfig (
1326	IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
1327	IN CONST EFI_STRING Request,
1328	OUT EFI_STRING *Progress,
1329	OUT EFI_STRING *Results
1330	)
1331	{
1332	EFI_STATUS Status;
1333	UINTN BufferSize;
1334	UINTN Size;
1335	EFI_STRING ConfigRequest;
1336	EFI_STRING ConfigRequestHdr;
1337	TLS_AUTH_CONFIG_PRIVATE_DATA *Private;
1338	BOOLEAN AllocatedRequest;
1339
1340	if (Progress == NULL \|\| Results == NULL) {
1341	return EFI_INVALID_PARAMETER;
1342	}
1343
1344	AllocatedRequest = FALSE;
1345	ConfigRequestHdr = NULL;
1346	ConfigRequest = NULL;
1347	Size = 0;
1348
1349	Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);
1350
1351	BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
1352	ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);
1353
1354	*Progress = Request;
1355
1356	if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {
1357	return EFI_NOT_FOUND;
1358	}
1359
1360	ConfigRequest = Request;
1361	if ((Request == NULL) \|\| (StrStr (Request, L"OFFSET") == NULL)) {
1362	//
1363	// Request is set to NULL or OFFSET is NULL, construct full request string.
1364	//
1365	// Allocate and fill a buffer large enough to hold the <ConfigHdr> template
1366	// followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
1367	//
1368	ConfigRequestHdr = HiiConstructConfigHdr (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, Private->DriverHandle);
1369	Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);
1370	ConfigRequest = AllocateZeroPool (Size);
1371	ASSERT (ConfigRequest != NULL);
1372	AllocatedRequest = TRUE;
1373	UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize);
1374	FreePool (ConfigRequestHdr);
1375	ConfigRequestHdr = NULL;
1376	}
1377
1378	Status = gHiiConfigRouting->BlockToConfig (
1379	gHiiConfigRouting,
1380	ConfigRequest,
1381	(UINT8 *) &Private->TlsAuthConfigNvData,
1382	BufferSize,
1383	Results,
1384	Progress
1385	);
1386
1387	//
1388	// Free the allocated config request string.
1389	//
1390	if (AllocatedRequest) {
1391	FreePool (ConfigRequest);
1392	}
1393
1394	//
1395	// Set Progress string to the original request string.
1396	//
1397	if (Request == NULL) {
1398	*Progress = NULL;
1399	} else if (StrStr (Request, L"OFFSET") == NULL) {
1400	*Progress = Request + StrLen (Request);
1401	}
1402
1403	return Status;
1404	}
1405
1406	/**
1407
1408	This function applies changes in a driver's configuration.
1409	Input is a Configuration, which has the routing data for this
1410	driver followed by name / value configuration pairs. The driver
1411	must apply those pairs to its configurable storage. If the
1412	driver's configuration is stored in a linear block of data
1413	and the driver's name / value pairs are in <BlockConfig>
1414	format, it may use the ConfigToBlock helper function (above) to
1415	simplify the job.
1416
1417	@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
1418
1419	@param Configuration A null-terminated Unicode string in
1420	<ConfigString> format.
1421
1422	@param Progress A pointer to a string filled in with the
1423	offset of the most recent '&' before the
1424	first failing name / value pair (or the
1425	beginn ing of the string if the failure
1426	is in the first name / value pair) or
1427	the terminating NULL if all was
1428	successful.
1429
1430	@retval EFI_SUCCESS The results have been distributed or are
1431	awaiting distribution.
1432
1433	@retval EFI_OUT_OF_RESOURCES Not enough memory to store the
1434	parts of the results that must be
1435	stored awaiting possible future
1436	protocols.
1437
1438	@retval EFI_INVALID_PARAMETERS Passing in a NULL for the
1439	Results parameter would result
1440	in this type of error.
1441
1442	@retval EFI_NOT_FOUND Target for the specified routing data
1443	was not found
1444
1445	**/
1446	EFI_STATUS
1447	EFIAPI
1448	TlsAuthConfigAccessRouteConfig (
1449	IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
1450	IN CONST EFI_STRING Configuration,
1451	OUT EFI_STRING *Progress
1452	)
1453	{
1454	EFI_STATUS Status;
1455	UINTN BufferSize;
1456	TLS_AUTH_CONFIG_PRIVATE_DATA *Private;
1457
1458	if (Progress == NULL) {
1459	return EFI_INVALID_PARAMETER;
1460	}
1461	*Progress = Configuration;
1462
1463	if (Configuration == NULL) {
1464	return EFI_INVALID_PARAMETER;
1465	}
1466
1467	//
1468	// Check routing data in <ConfigHdr>.
1469	// Note: there is no name for Name/Value storage, only GUID will be checked
1470	//
1471	if (!HiiIsConfigHdrMatch (Configuration, &gTlsAuthConfigGuid, mTlsAuthConfigStorageName)) {
1472	return EFI_NOT_FOUND;
1473	}
1474
1475	Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);
1476
1477	BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
1478	ZeroMem (&Private->TlsAuthConfigNvData, BufferSize);
1479
1480	Status = gHiiConfigRouting->ConfigToBlock (
1481	gHiiConfigRouting,
1482	Configuration,
1483	(UINT8 *) &Private->TlsAuthConfigNvData,
1484	&BufferSize,
1485	Progress
1486	);
1487	if (EFI_ERROR (Status)) {
1488	return Status;
1489	}
1490
1491	return Status;
1492	}
1493
1494	/**
1495
1496	This function is called to provide results data to the driver.
1497	This data consists of a unique key that is used to identify
1498	which data is either being passed back or being asked for.
1499
1500	@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
1501	@param Action Specifies the type of action taken by the browser.
1502	@param QuestionId A unique value which is sent to the original
1503	exporting driver so that it can identify the type
1504	of data to expect. The format of the data tends to
1505	vary based on the opcode that generated the callback.
1506	@param Type The type of value for the question.
1507	@param Value A pointer to the data being sent to the original
1508	exporting driver.
1509	@param ActionRequest On return, points to the action requested by the
1510	callback function.
1511
1512	@retval EFI_SUCCESS The callback successfully handled the action.
1513	@retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
1514	variable and its data.
1515	@retval EFI_DEVICE_ERROR The variable could not be saved.
1516	@retval EFI_UNSUPPORTED The specified Action is not supported by the
1517	callback.
1518	**/
1519	EFI_STATUS
1520	EFIAPI
1521	TlsAuthConfigAccessCallback (
1522	IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
1523	IN EFI_BROWSER_ACTION Action,
1524	IN EFI_QUESTION_ID QuestionId,
1525	IN UINT8 Type,
1526	IN OUT EFI_IFR_TYPE_VALUE *Value,
1527	OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
1528	)
1529	{
1530	EFI_INPUT_KEY Key;
1531	EFI_STATUS Status;
1532	RETURN_STATUS RStatus;
1533	TLS_AUTH_CONFIG_PRIVATE_DATA *Private;
1534	UINTN BufferSize;
1535	TLS_AUTH_CONFIG_IFR_NVDATA *IfrNvData;
1536	UINT16 LabelId;
1537	EFI_DEVICE_PATH_PROTOCOL *File;
1538
1539	Status = EFI_SUCCESS;
1540	File = NULL;
1541
1542	if ((This == NULL) \|\| (Value == NULL) \|\| (ActionRequest == NULL)) {
1543	return EFI_INVALID_PARAMETER;
1544	}
1545
1546	Private = TLS_AUTH_CONFIG_PRIVATE_FROM_THIS (This);
1547
1548	mTlsAuthPrivateData = Private;
1549
1550	//
1551	// Retrieve uncommitted data from Browser
1552	//
1553	BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
1554	IfrNvData = AllocateZeroPool (BufferSize);
1555	if (IfrNvData == NULL) {
1556	return EFI_OUT_OF_RESOURCES;
1557	}
1558
1559	HiiGetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8 *) IfrNvData);
1560
1561	if ((Action != EFI_BROWSER_ACTION_CHANGED) &&
1562	(Action != EFI_BROWSER_ACTION_CHANGING) &&
1563	(Action != EFI_BROWSER_ACTION_FORM_CLOSE)) {
1564	Status = EFI_UNSUPPORTED;
1565	goto EXIT;
1566	}
1567
1568	if (Action == EFI_BROWSER_ACTION_CHANGING) {
1569	switch (QuestionId) {
1570	case KEY_TLS_AUTH_CONFIG_CLIENT_CERT:
1571	case KEY_TLS_AUTH_CONFIG_SERVER_CA:
1572	//
1573	// Clear Cert GUID.
1574	//
1575	ZeroMem (IfrNvData->CertGuid, sizeof (IfrNvData->CertGuid));
1576	if (Private->CertGuid == NULL) {
1577	Private->CertGuid = (EFI_GUID *) AllocateZeroPool (sizeof (EFI_GUID));
1578	if (Private->CertGuid == NULL) {
1579	return EFI_OUT_OF_RESOURCES;
1580	}
1581	}
1582	if (QuestionId == KEY_TLS_AUTH_CONFIG_CLIENT_CERT) {
1583	LabelId = TLS_AUTH_CONFIG_FORMID3_FORM;
1584	} else {
1585	LabelId = TLS_AUTH_CONFIG_FORMID4_FORM;
1586	}
1587
1588	//
1589	// Refresh selected file.
1590	//
1591	CleanUpPage (LabelId, Private);
1592	break;
1593	case KEY_TLS_AUTH_CONFIG_ENROLL_CERT_FROM_FILE:
1594	//
1595	// If the file is already opened, clean the file related resource first.
1596	//
1597	CleanFileContext (Private);
1598
1599	ChooseFile( NULL, NULL, UpdateCAFromFile, &File);
1600	break;
1601
1602	case KEY_TLS_AUTH_CONFIG_VALUE_SAVE_AND_EXIT:
1603	Status = EnrollCertDatabase (Private, EFI_TLS_CA_CERTIFICATE_VARIABLE);
1604	if (EFI_ERROR (Status)) {
1605	CleanFileContext (Private);
1606
1607	CreatePopUp (
1608	EFI_LIGHTGRAY \| EFI_BACKGROUND_BLUE,
1609	&Key,
1610	L"ERROR: Enroll Cert Failure!",
1611	NULL
1612	);
1613	}
1614	break;
1615
1616	case KEY_TLS_AUTH_CONFIG_VALUE_NO_SAVE_AND_EXIT:
1617	CleanFileContext (Private);
1618
1619	if (Private->CertGuid!= NULL) {
1620	FreePool (Private->CertGuid);
1621	Private->CertGuid = NULL;
1622	}
1623	break;
1624
1625	case KEY_TLS_AUTH_CONFIG_DELETE_CERT:
1626	UpdateDeletePage (
1627	Private,
1628	EFI_TLS_CA_CERTIFICATE_VARIABLE,
1629	&gEfiTlsCaCertificateGuid,
1630	LABEL_CA_DELETE,
1631	TLS_AUTH_CONFIG_FORMID5_FORM,
1632	OPTION_DEL_CA_ESTION_ID
1633	);
1634	break;
1635
1636	default:
1637	if ((QuestionId >= OPTION_DEL_CA_ESTION_ID) &&
1638	(QuestionId < (OPTION_DEL_CA_ESTION_ID + OPTION_CONFIG_RANGE))) {
1639	DeleteCert (
1640	Private,
1641	EFI_TLS_CA_CERTIFICATE_VARIABLE,
1642	&gEfiTlsCaCertificateGuid,
1643	LABEL_CA_DELETE,
1644	TLS_AUTH_CONFIG_FORMID5_FORM,
1645	OPTION_DEL_CA_ESTION_ID,
1646	QuestionId - OPTION_DEL_CA_ESTION_ID
1647	);
1648	}
1649	break;
1650	}
1651	} else if (Action == EFI_BROWSER_ACTION_CHANGED) {
1652	switch (QuestionId) {
1653	case KEY_TLS_AUTH_CONFIG_CERT_GUID:
1654	ASSERT (Private->CertGuid != NULL);
1655	RStatus = StrToGuid (
1656	IfrNvData->CertGuid,
1657	Private->CertGuid
1658	);
1659	if (RETURN_ERROR (RStatus) \|\| (IfrNvData->CertGuid[GUID_STRING_LENGTH] != L'\0')) {
1660	Status = EFI_INVALID_PARAMETER;
1661	break;
1662	}
1663
1664	*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
1665	break;
1666	default:
1667	break;
1668	}
1669	} else if (Action == EFI_BROWSER_ACTION_FORM_CLOSE) {
1670	CleanFileContext (Private);
1671	}
1672
1673	EXIT:
1674
1675	if (!EFI_ERROR (Status)) {
1676	BufferSize = sizeof (TLS_AUTH_CONFIG_IFR_NVDATA);
1677	HiiSetBrowserData (&gTlsAuthConfigGuid, mTlsAuthConfigStorageName, BufferSize, (UINT8*) IfrNvData, NULL);
1678	}
1679
1680	FreePool (IfrNvData);
1681
1682	if (File != NULL){
1683	FreePool(File);
1684	File = NULL;
1685	}
1686
1687	return EFI_SUCCESS;
1688
1689	}
1690

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/VBox/Devices/EFI/FirmwareNew/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c@ 77662

Download in other formats: