This patch is used to centralize TlsCaCertificate name and guid
to TlsAuthentication.h
Cc: Palmer Thomas <thomas.pal...@hpe.com>
Cc: Ye Ting <ting...@intel.com>
Cc: Fu Siyuan <siyuan...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin...@intel.com>
---
NetworkPkg/HttpDxe/HttpDriver.h | 2 ++
NetworkPkg/HttpDxe/HttpDxe.inf | 4 ++++
NetworkPkg/HttpDxe/HttpsSupport.c | 7 ++----
NetworkPkg/HttpDxe/HttpsSupport.h | 10 --------
NetworkPkg/Include/Guid/TlsAuthentication.h | 29 ++++++++++++++++++++++++
NetworkPkg/NetworkPkg.dec | 5 +++-
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf | 1 +
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c | 14 +++++-------
NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h | 12 ++--------
9 files changed, 50 insertions(+), 34 deletions(-)
create mode 100644 NetworkPkg/Include/Guid/TlsAuthentication.h
diff --git a/NetworkPkg/HttpDxe/HttpDriver.h b/NetworkPkg/HttpDxe/HttpDriver.h
index 3c30c12..73c211a 100644
--- a/NetworkPkg/HttpDxe/HttpDriver.h
+++ b/NetworkPkg/HttpDxe/HttpDriver.h
@@ -58,10 +58,12 @@
//
// Produced Protocols
//
#include <Protocol/Http.h>
+#include <Guid/TlsAuthentication.h>
+
//
// Driver Version
//
#define HTTP_DRIVER_VERSION 0xa
diff --git a/NetworkPkg/HttpDxe/HttpDxe.inf b/NetworkPkg/HttpDxe/HttpDxe.inf
index a228c3d..1118181 100644
--- a/NetworkPkg/HttpDxe/HttpDxe.inf
+++ b/NetworkPkg/HttpDxe/HttpDxe.inf
@@ -24,10 +24,11 @@
MODULE_UNI_FILE = HttpDxe.uni
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ NetworkPkg/NetworkPkg.dec
[Sources]
ComponentName.h
ComponentName.c
HttpDns.h
@@ -69,7 +70,10 @@
gEfiIp6ConfigProtocolGuid ## SOMETIMES_CONSUMES
gEfiTlsServiceBindingProtocolGuid ## SOMETIMES_CONSUMES
gEfiTlsProtocolGuid ## SOMETIMES_CONSUMES
gEfiTlsConfigurationProtocolGuid ## SOMETIMES_CONSUMES
+[Guids]
+ gEfiTlsCaCertificateGuid ## CONSUMES ## GUID
+
[UserExtensions.TianoCore."ExtraFiles"]
HttpDxeExtra.uni
\ No newline at end of file
diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c
b/NetworkPkg/HttpDxe/HttpsSupport.c
index 09aaa46..36f658c 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.c
+++ b/NetworkPkg/HttpDxe/HttpsSupport.c
@@ -12,12 +12,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
EXPRESS OR IMPLIED.
**/
#include "HttpDriver.h"
-EFI_GUID mEfiTlsCaCertificateGuid = EFI_TLS_CA_CERTIFICATE_GUID;
-
/**
Returns the first occurrence of a Null-terminated ASCII sub-string in a
Null-terminated
ASCII string and ignore case during the search process.
This function scans the contents of the ASCII string specified by String
@@ -395,11 +393,11 @@ TlsConfigCertificate (
// Try to read the TlsCaCertificate variable.
//
CACertSize = 0;
Status = gRT->GetVariable (
EFI_TLS_CA_CERTIFICATE_VARIABLE,
- &mEfiTlsCaCertificateGuid,
+ &gEfiTlsCaCertificateGuid,
NULL,
&CACertSize,
NULL
);
@@ -412,11 +410,11 @@ TlsConfigCertificate (
return EFI_OUT_OF_RESOURCES;
}
Status = gRT->GetVariable (
EFI_TLS_CA_CERTIFICATE_VARIABLE,
- &mEfiTlsCaCertificateGuid,
+ &gEfiTlsCaCertificateGuid,
NULL,
&CACertSize,
CACert
);
if (EFI_ERROR (Status)) {
@@ -453,11 +451,10 @@ TlsConfigCertificate (
}
Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
}
-
ItemDataSize -= CertList->SignatureListSize;
CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList +
CertList->SignatureListSize);
}
return Status;
diff --git a/NetworkPkg/HttpDxe/HttpsSupport.h
b/NetworkPkg/HttpDxe/HttpsSupport.h
index 682a6b6..05b6e69 100644
--- a/NetworkPkg/HttpDxe/HttpsSupport.h
+++ b/NetworkPkg/HttpDxe/HttpsSupport.h
@@ -20,20 +20,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
EXPRESS OR IMPLIED.
#define HTTPS_DEFAULT_PORT 443
#define HTTPS_FLAG "https"
//
-// Private variable for CA Certificate configuration
-//
-#define EFI_TLS_CA_CERTIFICATE_GUID \
- { \
- 0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e,
0xae } \
- }
-
-#define EFI_TLS_CA_CERTIFICATE_VARIABLE L"TlsCaCertificate"
-
-//
// TLS Version
//
#define TLS10_PROTOCOL_VERSION_MAJOR 0x03
#define TLS10_PROTOCOL_VERSION_MINOR 0x01
#define TLS11_PROTOCOL_VERSION_MAJOR 0x03
diff --git a/NetworkPkg/Include/Guid/TlsAuthentication.h
b/NetworkPkg/Include/Guid/TlsAuthentication.h
new file mode 100644
index 0000000..2e800dc
--- /dev/null
+++ b/NetworkPkg/Include/Guid/TlsAuthentication.h
@@ -0,0 +1,29 @@
+/** @file
+ This file defines TlsCaCertificate variable.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials are licensed and made available
under
+the terms and conditions of the BSD License that accompanies this
distribution.
+The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php.
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __TLS_AUTHENTICATION_H__
+#define __TLS_AUTHENTICATION_H__
+
+// Private variable for CA Certificate configuration
+//
+#define EFI_TLS_CA_CERTIFICATE_GUID \
+ { \
+ 0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e,
0xae } \
+ }
+
+#define EFI_TLS_CA_CERTIFICATE_VARIABLE L"TlsCaCertificate"
+
+extern EFI_GUID gEfiTlsCaCertificateGuid;
+
+#endif
diff --git a/NetworkPkg/NetworkPkg.dec b/NetworkPkg/NetworkPkg.dec
index 065b603..24d45f4 100644
--- a/NetworkPkg/NetworkPkg.dec
+++ b/NetworkPkg/NetworkPkg.dec
@@ -39,11 +39,14 @@
# Include/Guid/HttpBootConfigHii.h
gHttpBootConfigGuid = { 0x4d20583a, 0x7765, 0x4e7a, { 0x8a, 0x67,
0xdc, 0xde, 0x74, 0xee, 0x3e, 0xc5 }}
# Include/Guid/TlsAuthConfigHii.h
- gTlsAuthConfigGuid = { 0xb0eae4f8, 0x9a04, 0x4c6d, { 0xa7, 0x48,
0x79, 0x3d, 0xaa, 0xf, 0x65, 0xdf }}
+ gTlsAuthConfigGuid = { 0xb0eae4f8, 0x9a04, 0x4c6d, { 0xa7, 0x48,
0x79, 0x3d, 0xaa, 0xf, 0x65, 0xdf }}
+
+ # Include/Guid/TlsAuthentication.h
+ gEfiTlsCaCertificateGuid = { 0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7,
0x3b, 0x4f, 0x12, 0xb4, 0x8e, 0xae }}
[PcdsFeatureFlag]
## Indicates if the IPsec IKEv2 Certificate Authentication feature is
enabled or not.<BR><BR>
# TRUE - Certificate Authentication feature is enabled.<BR>
diff --git a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
index dd480a4..19f095e 100644
--- a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
+++ b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigDxe.inf
@@ -61,10 +61,11 @@
[Guids]
gTlsAuthConfigGuid ## PRODUCES ## GUID
gEfiCertX509Guid ## CONSUMES ## GUID #
Indicate the cert type
gEfiIfrTianoGuid ## CONSUMES ## HII
+ gEfiTlsCaCertificateGuid ## PRODUCES ## GUID
[Depex]
gEfiHiiConfigRoutingProtocolGuid AND
gEfiHiiDatabaseProtocolGuid
diff --git a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c
b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c
index bdf7963..f265b42 100644
--- a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c
+++ b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.c
@@ -18,11 +18,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
EXPRESS OR IMPLIED.
VOID *mStartOpCodeHandle = NULL;
VOID *mEndOpCodeHandle = NULL;
EFI_IFR_GUID_LABEL *mStartLabel = NULL;
EFI_IFR_GUID_LABEL *mEndLabel = NULL;
-EFI_GUID mEfiTlsCaCertificateGuid = EFI_TLS_CA_CERTIFICATE_GUID;
CHAR16 mTlsAuthConfigStorageName[] =
L"TLS_AUTH_CONFIG_IFR_NVDATA";
TLS_AUTH_CONFIG_PRIVATE_DATA *mTlsAuthPrivateData = NULL;
@@ -1004,11 +1003,11 @@ EnrollX509toVariable (
//
Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS |
EFI_VARIABLE_BOOTSERVICE_ACCESS;
Status = gRT->GetVariable(
VariableName,
- &mEfiTlsCaCertificateGuid,
+ &gEfiTlsCaCertificateGuid,
NULL,
&DataSize,
NULL
);
if (Status == EFI_BUFFER_TOO_SMALL) {
@@ -1017,11 +1016,11 @@ EnrollX509toVariable (
goto ON_EXIT;
}
Status = gRT->SetVariable(
VariableName,
- &mEfiTlsCaCertificateGuid,
+ &gEfiTlsCaCertificateGuid,
Attr,
SigDataSize,
Data
);
if (EFI_ERROR (Status)) {
@@ -1218,12 +1217,12 @@ UpdatePage(
HiiUpdateForm (
mTlsAuthPrivateData->RegisteredHandle,
&gTlsAuthConfigGuid,
FormId,
- mStartOpCodeHandle, // Label FormId
- mEndOpCodeHandle // LABEL_END
+ mStartOpCodeHandle, /// Label FormId
+ mEndOpCodeHandle /// LABEL_END
);
return TRUE;
}
@@ -1256,11 +1255,10 @@ UpdateCAFromFile (
EFI_STATUS
TlsAuthConfigFormUnload (
IN TLS_AUTH_CONFIG_PRIVATE_DATA *Private
)
{
-
if (Private->DriverHandle != NULL) {
//
// Uninstall EFI_HII_CONFIG_ACCESS_PROTOCOL
//
gBS->UninstallMultipleProtocolInterfaces (
@@ -1780,11 +1778,11 @@ TlsAuthConfigAccessCallback (
case KEY_TLS_AUTH_CONFIG_DELETE_CERT:
UpdateDeletePage (
Private,
EFI_TLS_CA_CERTIFICATE_VARIABLE,
- &mEfiTlsCaCertificateGuid,
+ &gEfiTlsCaCertificateGuid,
LABEL_CA_DELETE,
TLS_AUTH_CONFIG_FORMID5_FORM,
OPTION_DEL_CA_ESTION_ID
);
break;
@@ -1793,11 +1791,11 @@ TlsAuthConfigAccessCallback (
if ((QuestionId >= OPTION_DEL_CA_ESTION_ID) &&
(QuestionId < (OPTION_DEL_CA_ESTION_ID +
OPTION_CONFIG_RANGE))) {
DeleteCert (
Private,
EFI_TLS_CA_CERTIFICATE_VARIABLE,
- &mEfiTlsCaCertificateGuid,
+ &gEfiTlsCaCertificateGuid,
LABEL_CA_DELETE,
TLS_AUTH_CONFIG_FORMID5_FORM,
OPTION_DEL_CA_ESTION_ID,
QuestionId - OPTION_DEL_CA_ESTION_ID
);
diff --git a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h
b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h
index d08eb16..dea3cda 100644
--- a/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h
+++ b/NetworkPkg/TlsAuthConfigDxe/TlsAuthConfigImpl.h
@@ -37,10 +37,12 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
EXPRESS OR IMPLIED.
#include <Library/FileExplorerLib.h>
#include <Library/PrintLib.h>
#include <Guid/MdeModuleHii.h>
#include <Guid/ImageAuthentication.h>
+#include <Guid/TlsAuthentication.h>
+
//
// Include files with function prototypes
//
#include "TlsAuthConfigNvData.h"
@@ -78,20 +80,10 @@ struct _TLS_AUTH_CONFIG_PRIVATE_DATA {
TLS_AUTH_CONFIG_FILE_CONTEXT *FileContext;
EFI_GUID *CertGuid;
};
-//
-// Private variable for CA Certificate configuration
-//
-#define EFI_TLS_CA_CERTIFICATE_GUID \
- { \
- 0xfd2340D0, 0x3dab, 0x4349, { 0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e,
0xae } \
- }
-
-#define EFI_TLS_CA_CERTIFICATE_VARIABLE L"TlsCaCertificate"
-
/**
Unload the configuration form, this includes: delete all the configuration
entries, uninstall the form callback protocol, and free the resources used.
The form will only be unload completely when both IP4 and IP6 stack are
stopped.
--
1.9.5.msysgit.1
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
