summaryrefslogtreecommitdiffstats
path: root/CryptoPkg/Include
diff options
context:
space:
mode:
authorLaszlo Ersek <lersek@redhat.com>2018-03-31 17:33:14 +0200
committerLaszlo Ersek <lersek@redhat.com>2018-04-13 14:06:24 +0200
commit2167c7f7a55b9964912d08aae71879357101ace1 (patch)
tree9c2f2697795781f4b5ccf844b7fbbfd35233dfce /CryptoPkg/Include
parenta347b0897384a2af6605bdd19a7740972b73f1e7 (diff)
downloadedk2-2167c7f7a55b9964912d08aae71879357101ace1.tar.gz
edk2-2167c7f7a55b9964912d08aae71879357101ace1.tar.bz2
edk2-2167c7f7a55b9964912d08aae71879357101ace1.zip
CryptoPkg/TlsLib: rewrite TlsSetCipherList()
Rewrite the TlsSetCipherList() function in order to fix the following issues: - Any cipher identifier in CipherId that is not recognized by TlsGetCipherMapping() will cause the function to return EFI_UNSUPPORTED. This is a problem because CipherId is an ordered preference list, and a caller should not get EFI_UNSUPPORTED just because it has an elaborate CipherId preference list. Instead, we can filter out cipher identifiers that we don't recognize, as long as we keep the relative order intact. - CipherString is allocated on the stack, with 500 bytes. While processing a large CipherId preference list, this room may not be enough. Although no buffer overflow is possible, CipherString exhaustion can lead to a failed TLS connection, because any cipher names that don't fit on CipherString cannot be negotiated. Compute CipherStringSize first, and allocate CipherString dynamically. - Finally, the "@STRENGTH" pseudo cipher name is appended to CipherString. (Assuming there is enough room left in CipherString.) This causes OpenSSL to sort the cipher list "in order of encryption algorithm key length". This is a bad idea. The caller specifically passes an ordered preference list in CipherId. Therefore TlsSetCipherList() must not ask OpenSSL to reorder the list, for any reason. Drop "@STRENGTH". While at it, fix and unify the documentation of the CipherId parameter. Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Qin Long <qin.long@intel.com> Cc: Siyuan Fu <siyuan.fu@intel.com> Cc: Ting Ye <ting.ye@intel.com> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=915 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Long Qin <qin.long@intel.com> Reviewed-by: Jiaxin Wu <jiaxin.wu@intel.com>
Diffstat (limited to 'CryptoPkg/Include')
-rw-r--r--CryptoPkg/Include/Library/TlsLib.h9
1 files changed, 6 insertions, 3 deletions
diff --git a/CryptoPkg/Include/Library/TlsLib.h b/CryptoPkg/Include/Library/TlsLib.h
index e19a38a214..e71291eaea 100644
--- a/CryptoPkg/Include/Library/TlsLib.h
+++ b/CryptoPkg/Include/Library/TlsLib.h
@@ -348,13 +348,16 @@ TlsSetConnectionEnd (
This function sets the ciphers for use by a specified TLS object.
@param[in] Tls Pointer to a TLS object.
- @param[in] CipherId Pointer to a string that contains one or more
- ciphers separated by a colon.
+ @param[in] CipherId Array of UINT16 cipher identifiers. Each UINT16
+ cipher identifier comes from the TLS Cipher Suite
+ Registry of the IANA, interpreting Byte1 and Byte2
+ in network (big endian) byte order.
@param[in] CipherNum The number of cipher in the list.
@retval EFI_SUCCESS The ciphers list was set successfully.
@retval EFI_INVALID_PARAMETER The parameter is invalid.
- @retval EFI_UNSUPPORTED Unsupported TLS cipher in the list.
+ @retval EFI_UNSUPPORTED No supported TLS cipher was found in CipherId.
+ @retval EFI_OUT_OF_RESOURCES Memory allocation failed.
**/
EFI_STATUS