From nobody Fri Nov 1 03:39:13 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1522767136096738.4647813976846; Tue, 3 Apr 2018 07:52:16 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 33F6021FB7D5F; Tue, 3 Apr 2018 07:52:06 -0700 (PDT) Received: from mx1.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D830A226085CF for ; Tue, 3 Apr 2018 07:52:04 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 30BFF8182D0A; Tue, 3 Apr 2018 14:52:04 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-185.rdu2.redhat.com [10.10.120.185]) by smtp.corp.redhat.com (Postfix) with ESMTP id B02F42026E0E; Tue, 3 Apr 2018 14:52:02 +0000 (UTC) X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=66.187.233.73; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org From: Laszlo Ersek To: edk2-devel-01 Date: Tue, 3 Apr 2018 16:51:41 +0200 Message-Id: <20180403145149.8925-6-lersek@redhat.com> In-Reply-To: <20180403145149.8925-1-lersek@redhat.com> References: <20180403145149.8925-1-lersek@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Tue, 03 Apr 2018 14:52:04 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Tue, 03 Apr 2018 14:52:04 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'lersek@redhat.com' RCPT:'' Subject: [edk2] [PATCH 05/13] CryptoPkg/TlsLib: replace TlsGetCipherString() with TlsGetCipherMapping() X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ting Ye , Siyuan Fu , Jiaxin Wu , Qin Long MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" In the following patches it will be useful if the IANA CipherId lookup returns a pointer to the whole matching IANA-to-OpenSSL mapping structure, not just the OpenSSL cipher suite name. Rename TLS_CIPHER_PAIR and TlsGetCipherString() to TLS_CIPHER_MAPPING and TlsGetCipherMapping() respectively, and make the function return a pointer to TLS_CIPHER_MAPPING. Cc: Jiaxin Wu Cc: Qin Long Cc: Siyuan Fu Cc: Ting Ye Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D915 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek --- CryptoPkg/Library/TlsLib/TlsConfig.c | 37 +++++++++++--------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLi= b/TlsConfig.c index 2ffe58ad29a2..507489386b8e 100644 --- a/CryptoPkg/Library/TlsLib/TlsConfig.c +++ b/CryptoPkg/Library/TlsLib/TlsConfig.c @@ -21,19 +21,19 @@ typedef struct { // UINT16 IanaCipher; // // OpenSSL-used Cipher Suite String // CONST CHAR8 *OpensslCipher; -} TLS_CIPHER_PAIR; +} TLS_CIPHER_MAPPING; =20 // // The mapping table between IANA/IETF Cipher Suite definitions and // OpenSSL-used Cipher Suite name. // -STATIC CONST TLS_CIPHER_PAIR TlsCipherMappingTable[] =3D { +STATIC CONST TLS_CIPHER_MAPPING TlsCipherMappingTable[] =3D { { 0x0001, "NULL-MD5" }, /// TLS_RSA_WITH_NULL_MD5 { 0x0002, "NULL-SHA" }, /// TLS_RSA_WITH_NULL_SHA { 0x0004, "RC4-MD5" }, /// TLS_RSA_WITH_RC4_128_MD5 { 0x0005, "RC4-SHA" }, /// TLS_RSA_WITH_RC4_128_SHA { 0x000A, "DES-CBC3-SHA" }, /// TLS_RSA_WITH_3DES_EDE_CBC_SH= A, mandatory TLS 1.1 { 0x0016, "DHE-RSA-DES-CBC3-SHA" }, /// TLS_DHE_RSA_WITH_3DES_EDE_CB= C_SHA @@ -54,42 +54,42 @@ STATIC CONST TLS_CIPHER_PAIR TlsCipherMappingTable[] = =3D { { 0x0068, "DH-DSS-AES256-SHA256" }, /// TLS_DH_DSS_WITH_AES_256_CBC_= SHA256 { 0x0069, "DH-RSA-AES256-SHA256" }, /// TLS_DH_RSA_WITH_AES_256_CBC_= SHA256 { 0x006B, "DHE-RSA-AES256-SHA256" } /// TLS_DHE_RSA_WITH_AES_256_CBC= _SHA256 }; =20 /** - Gets the OpenSSL cipher suite string for the supplied IANA TLS cipher su= ite. + Gets the OpenSSL cipher suite mapping for the supplied IANA TLS cipher s= uite. =20 @param[in] CipherId The supplied IANA TLS cipher suite ID. =20 - @return The corresponding OpenSSL cipher suite string if found, + @return The corresponding OpenSSL cipher suite mapping if found, NULL otherwise. =20 **/ STATIC -CONST CHAR8 * -TlsGetCipherString ( +CONST TLS_CIPHER_MAPPING * +TlsGetCipherMapping ( IN UINT16 CipherId ) { - CONST TLS_CIPHER_PAIR *CipherEntry; - UINTN TableSize; - UINTN Index; + CONST TLS_CIPHER_MAPPING *CipherEntry; + UINTN TableSize; + UINTN Index; =20 CipherEntry =3D TlsCipherMappingTable; - TableSize =3D sizeof (TlsCipherMappingTable) / sizeof (TLS_CIPHER_PAIR); + TableSize =3D sizeof (TlsCipherMappingTable) / sizeof (TLS_CIPHER_MAPPIN= G); =20 // // Search Cipher Mapping Table for IANA-OpenSSL Cipher Translation // for (Index =3D 0; Index < TableSize; Index++, CipherEntry++) { // // Translate IANA cipher suite name to OpenSSL name. // if (CipherEntry->IanaCipher =3D=3D CipherId) { - return CipherEntry->OpensslCipher; + return CipherEntry; } } =20 // // No Cipher Mapping found, return NULL. // @@ -226,34 +226,37 @@ EFIAPI TlsSetCipherList ( IN VOID *Tls, IN UINT16 *CipherId, IN UINTN CipherNum ) { - TLS_CONNECTION *TlsConn; - UINTN Index; - CONST CHAR8 *MappingName; - CHAR8 CipherString[500]; + TLS_CONNECTION *TlsConn; + UINTN Index; + CONST TLS_CIPHER_MAPPING *Mapping; + CONST CHAR8 *MappingName; + CHAR8 CipherString[500]; =20 TlsConn =3D (TLS_CONNECTION *) Tls; if (TlsConn =3D=3D NULL || TlsConn->Ssl =3D=3D NULL || CipherId =3D=3D N= ULL) { return EFI_INVALID_PARAMETER; } =20 + Mapping =3D NULL; MappingName =3D NULL; =20 memset (CipherString, 0, sizeof (CipherString)); =20 for (Index =3D 0; Index < CipherNum; Index++) { // // Handling OpenSSL / RFC Cipher name mapping. // - MappingName =3D TlsGetCipherString (*(CipherId + Index)); - if (MappingName =3D=3D NULL) { + Mapping =3D TlsGetCipherMapping (*(CipherId + Index)); + if (Mapping =3D=3D NULL) { return EFI_UNSUPPORTED; } + MappingName =3D Mapping->OpensslCipher; =20 if (Index !=3D 0) { // // The ciphers were separated by a colon. // AsciiStrCatS (CipherString, sizeof (CipherString), ":"); --=20 2.14.1.3.gb7cf6e02401b _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel