From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.88]) by mx.groups.io with SMTP id smtpd.web12.7411.1659453235311707562 for ; Tue, 02 Aug 2022 08:13:56 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@ami.com header.s=selector1 header.b=Z0j/s4yX; spf=pass (domain: ami.com, ip: 40.107.92.88, mailfrom: prarthanasv@ami.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=k9YPxhnsV3n3zGXqZ7jz64v6D8lsKIq+UDBt995eQ6SnA5GsQzRrlmShyZdg1LX1FOEtMboelyfyM50MIc+qxv248tRUgAeB7byt9FTlmTaTTregvdU8+H+hKQKdSZUzhT9Ph9auaSyTfrBRT15u92hDQVF3ezC50k+yDskHJh97Ptc8+X85PNxq16QStys/ANr7aLGMo9sPH4oXaSC0dq00jD0j5oRT67PevivCyYLuwp+zigfZUfJDgv8rEi4XTdbz6GkspJaKqpTKcrkdgcNY6FF+D47xh3AmmVRSCFsiEt1Jo/kwIugGv7Yb/KEO6H79V9aF9turkQrU/l3I0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wi8UIiSm+UvALAa5l9SOG0kcUhse/oNNUpcO+3g7f/k=; b=GFW12XhTLaUxGtU0k3HKGjAsGVZyu3s4+4DRfG+8vW5CNgFEkfjaBBVe1FnpGQXQHG6NwXuM4/j/3Pp4HpdsSeGT1SAWjWU8G49QUuX/jvRJCfobx/kSytDq4NN9tVPHJyMj7ETO+h8Xl3790A98r1MvRsN1eKWOc9bzyaHqm2LwBh+xckdy1ubihJgu0F6K7F8IChkvpV4o+cUbjUkM7x5Bcd4JlSDh08ffyn8q/S78Z52SZOpMGr4Z+XnYMVpIPiEW389aNEqCZDQiekYQ+9Km3WYzvt9rdGVqRJhWutglpF9DHK5mKIfgdlasVXiZpSChxvDbs3nVXXiBglPzqQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ami.com; dmarc=pass action=none header.from=ami.com; dkim=pass header.d=ami.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ami.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wi8UIiSm+UvALAa5l9SOG0kcUhse/oNNUpcO+3g7f/k=; b=Z0j/s4yXR1NczsXl8Fzb3Wb6mH20nC/Jprf2aqYs/PbicilzzXbhJ70/37zP1uWhdHphwI3nICFQclljdv7co2KjfHd7bm+rGIlxCGrxyO9saUwJ1zLzygWkn6vK5NXKjldr/O9Kb9GJr5P3/9isEzG0llM1zuDJMtA8BXWiQek= Received: from BL0PR10MB3026.namprd10.prod.outlook.com (2603:10b6:208:7b::16) by CH2PR10MB4216.namprd10.prod.outlook.com (2603:10b6:610:7d::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5482.11; Tue, 2 Aug 2022 15:13:53 +0000 Received: from BL0PR10MB3026.namprd10.prod.outlook.com ([fe80::fc40:3ee8:9769:d68]) by BL0PR10MB3026.namprd10.prod.outlook.com ([fe80::fc40:3ee8:9769:d68%3]) with mapi id 15.20.5482.016; Tue, 2 Aug 2022 15:13:53 +0000 From: Prarthana Sagar V To: "devel@edk2.groups.io" , Prarthana Sagar V CC: Vasudevan Sambandan , Sundaresan S Subject: [PATCH] Changes to support SNI feature in CryptoPkg Thread-Topic: [PATCH] Changes to support SNI feature in CryptoPkg Thread-Index: AQHYpoJ59EfmFUocu0SX3cxb+zgrlA== Date: Tue, 2 Aug 2022 15:13:52 +0000 Message-ID: <20220802151207.384-1-prarthanasv@amiindia.co.in> Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-mailer: git-send-email 2.26.0.windows.1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ami.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 094321f9-f573-46c6-42a2-08da74999c94 x-ms-traffictypediagnostic: CH2PR10MB4216:EE_ x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: tdafohYfaV6Lzbl2LeVhpX9rBu7Z/XEI6O1okKPE4cka+4PKx++KCDG3oJZAhIeeyqkAW18Rj8Xgo6CwllOgaXw/Oka3xrDW/6LZzgGuI1hKDnDTO/B0tSCGAETpAgPftNt3qvPuU5ZKWHOjCcTv+ycVmeKEygg0qgvjlsr+lGmB4y8ZFbAJABs/SZA3Hs1DGw1tmj50Nlo2ieB8LEPctFsgxMNW3vWYO3tvJ6umUKqwnVgNsWvFkPcg5RDA5dfWWSl6RnA7x3i+V0qPWlDHAEgzjktNkLMPjGaG40BrS6Xp74wr0jTB2aTDqUQU/NAYixPbEauA58pSB0O1+VbJQ8t1YeZ521VurtrquI7EgnLz5FHFqxukVRo1r24EyZU7olLVwHAhWRt6CUgOy0gtYRAmRp9KKnFVSQBGMGxUrIipinwRU/BR6VaGeQTBiLO+UJqVj6MlGn6w0bX5uAjkwHiEa8p4AdscfbHhlJacPgvdcRIKWxmddDjPYv4dtatkndgUzllbH4gZWf84mSCalo5GEglDkjzgGf77JS6DLbSEMtfc8JzSUrxrRXJ4NT/1H6b0CsIuoKjk5YIiX4j8lAlTwLBB+NFBpf0YF5g3XLacQwxijVX0BAFEt93E06/aAroetyXOGU+S93xwp1yW8paTOJZheYpe+/t8I0OETLSALm2TSf8N40UKSIPKYysjq0djhMdGU3aZyN+MJzpXX7qcsFA/PvaIYk1Ru0hYldLX5yORtSe7RWRIWyDeUJflIH5SxEi4yT4L9JvHEUqpphfKnDSmFQvnl45uBwg6G+103OTRXpGt/ibXHLC0sL3D x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR10MB3026.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230016)(4636009)(39850400004)(136003)(396003)(346002)(366004)(376002)(2906002)(8936002)(86362001)(5660300002)(66446008)(64756008)(4326008)(66556008)(8676002)(76116006)(40140700001)(91956017)(66476007)(122000001)(66946007)(38100700002)(38070700005)(83380400001)(1076003)(478600001)(71200400001)(186003)(6486002)(41300700001)(36756003)(6506007)(6512007)(26005)(9686003)(316002)(54906003)(110136005);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?Eu81A+teKJhIa4H55YjCuo+dr33MPfikuLoHaZpA3garn18gTAJnLDlfVo?= =?iso-8859-1?Q?A2JURWT7lfE9Zy/xY+BXli3fIiTPluIQVeTS2lpnrCD2G4p1vie07E66iU?= =?iso-8859-1?Q?iiT/DXGIisWqAEarYDAcjF3LLnq0N86SmW/cU1FwTCERAs35G9Qm7Y+iP6?= =?iso-8859-1?Q?GP2CT66DbhL9HApnPcD7qXxzJcyLhEvnxP2fNlf5HVx835QcxQ/cLaA1Ct?= =?iso-8859-1?Q?rigfxWZ76RhnocWigLU9GhfE7I4xKHktVEuYyiSU2haKB5/DnWGKYFrMRP?= =?iso-8859-1?Q?49FC2CkY7Zf5RZdXM6Y1iXUttwacR3tciOHm+JAXaLtS3/+H72nxI9TQfI?= =?iso-8859-1?Q?J4kOT9j1MN7wnQ1fxZNv5pxaQWsMeGXY48s2Lrgmijh/mYi6MWxrRuCpB7?= =?iso-8859-1?Q?6zHVfZJ3wros4wSnWsxG8Oz8zfbp44MIV9++Dwd7772RTbAo5K4pHeyJNU?= =?iso-8859-1?Q?gYloBV1uowo77O8eukTN/rWKuIkWo++ytMducymQc6+WnawB+n4jdIjYw/?= =?iso-8859-1?Q?sLrdqLXccpXBf5Lyry+3qtcAGCrpCOJICa+ZC4FMqwsUwiOt1OWNYER7D5?= =?iso-8859-1?Q?PHQKxdd4lgwyiyUZOoIXXQBNYDlGCo2iHHSDfLRForEbMAUVZxMh4iWaSq?= =?iso-8859-1?Q?xdXR/N3s3PfUeX66STPwRykTlAUjzy+aGgiGY7sRD8zjXJ0rDtLhUy8U0a?= =?iso-8859-1?Q?e0wcB/uQ7Fe7mnXlIO/VqujzCVseqG5G5N2KEeiMEOTs/JhrsJzMFeFf2F?= =?iso-8859-1?Q?uKGExxCxOtDK/2pafwJgLHMK0D8MCmhplRB+ezDS7ewAaZng14iIhJd/cQ?= =?iso-8859-1?Q?tCqexrmEDKVXYPRPbyCsqNwYnWPRp3v+ecNOjhRkeZym2ijiC3o+lOHYo4?= =?iso-8859-1?Q?Hu+m97iTGIS76QQQATuIYGm11C0lB1mfJFhODX3zBhnrujMRRfUMjR+BUj?= =?iso-8859-1?Q?jQFLHzke0sUY0lG9FbArLrjJQracrssT1hHaiY+Uny7ZztSNHrkUHB/Wr7?= =?iso-8859-1?Q?drKGrgwMZVQduIom1LEAuLmDar5zSewERfzS3mxuiH1Y/LC1Ap1zJ5G7I2?= =?iso-8859-1?Q?FJp0sOL1Znj/bHqjUFZ61FLrZ1vdxDNrl4g1TncgGEqnkWBLYJBccY1Tq+?= =?iso-8859-1?Q?JTxc6SWWsseLgAuQ4XfasflZBRp8Iv2zmGMnx95MYxxo8jJJ0bM9eQXW8r?= =?iso-8859-1?Q?/gRlF00kspwiHcdMdhEf6itTI6Ypz18f2inOujF8kqIpH4MxncsqVyRrkd?= =?iso-8859-1?Q?vH/aCvuGhCiD6kfoM25DWGlCWGt5a+NlOadIlXDqay7joNUpRZ8g8Kp0hv?= =?iso-8859-1?Q?FDDDjD4t1Yo35ezsH4xN7LaoF+ffdOiGfZB/9yc9cuIXG8jlYjsKc9Muds?= =?iso-8859-1?Q?B0d2++TR5VNO/Loi5i8C9F4/SYMBGgt/XQovuzXEjdQZ+UeguV2qMORC7M?= =?iso-8859-1?Q?N00IOIVvMRuc9qe5wcEsOm3AasOn4pQO79Xr0BK/C6dvMQlEMH91TEpyJc?= =?iso-8859-1?Q?kWtaAgULNvYeDoTUoQBFUg2CPm/fAeTi3iXtZ+Rev2l6B0WHQiGVt9Pmc3?= =?iso-8859-1?Q?FNRAP+Ir1PA5y6SID29vnCYEoEaCdk0H3tIo2/XM8VSuqQGqYKcm5xZCyH?= =?iso-8859-1?Q?SAg75T21tTFZM7vDgAz2DkUC2vv64nUcNqhsHwcTPpTgCZ0j5qYk1ImQ?= =?iso-8859-1?Q?=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BL0PR10MB3026.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 094321f9-f573-46c6-42a2-08da74999c94 X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Aug 2022 15:13:53.1814 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: /VCf+a0KsRMhn72bvQcu55CgAJJT/K/EKm4z6B+jJBwxqZhwzyayeW9X5ApsZ1Iuy9GrPBWJQKvZQqUnEm9FfA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR10MB4216 Content-Language: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable --- CryptoPkg/Library/TlsLib/TlsConfig.c | 71 ++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLi= b/TlsConfig.c index 0673c9d532..aac1a88edf 100644 --- a/CryptoPkg/Library/TlsLib/TlsConfig.c +++ b/CryptoPkg/Library/TlsLib/TlsConfig.c @@ -594,6 +594,77 @@ TlsSetVerifyHost ( return (ParamStatus =3D=3D 1) ? EFI_SUCCESS : EFI_ABORTED; } +/** + Callback function to get the server name. + + @param[in] SSL + @param[in] INT32 + @param[in] Arg + + @retval INT32 +**/ +static +INT32 +SslServerNameCallback(SSL *Ssl, INT32 *Ad, VOID *Arg) +{ + const CHAR8 *HostName =3D NULL; + TLS_EXT_CTX *TlsCtx =3D (TLS_EXT_CTX*)Arg; + + HostName =3D SSL_get_servername (Ssl, TLSEXT_NAMETYPE_host_name); + + if (SSL_get_servername_type(Ssl) !=3D -1) { + TlsCtx->Ack =3D !SSL_session_reused(Ssl) && HostName !=3D NULL; + } + return SSL_TLSEXT_ERR_OK; +} + +/** + Set the specified server name in Server/Client. + + @param[in] Tls Pointer to the TLS object. + @param[in] SslCtx Pointer to the SSL object. + @param[in] HostName The specified server name to be set. + + @retval EFI_SUCCESS The Server Name was set successfully. + @retval EFI_UNSUPPORTED Failed to set the Server Name. +**/ +EFI_STATUS +TlsSetServerName ( + VOID *Tls, + VOID *SslCtx, + CHAR8 *HostName +) +{ + SSL_CTX *Ctx; + TLS_CONNECTION *TlsConn; + UINT32 RetVal; + TLS_EXT_CTX *TlsExtCtx =3D NULL; + + TlsConn =3D (TLS_CONNECTION*) Tls; + + Ctx =3D SSL_get_SSL_CTX (TlsConn->Ssl); + + TlsExtCtx =3D AllocateZeroPool (sizeof(TLS_EXT_CTX)); + + RetVal =3D SSL_CTX_set_tlsext_servername_callback(Ctx, SslServerNameCa= llback); + if (!RetVal) { + return EFI_UNSUPPORTED; + } + + RetVal =3D SSL_CTX_set_tlsext_servername_arg(Ctx, &TlsExtCtx); + if (!RetVal) { + return EFI_UNSUPPORTED; + } + + TlsConn->Ssl->options =3D SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATIO= N; + RetVal =3D SSL_set_tlsext_host_name(TlsConn->Ssl, HostName); + + if (!RetVal) { + return EFI_UNSUPPORTED; + } + return EFI_SUCCESS; +} + /** Sets a TLS/SSL session ID to be used during TLS/SSL connect. -- 2.26.0.windows.1 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= .