From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 by mx.groups.io with SMTP id smtpd.web11.4497.1651656651921207468
 for <devel@edk2.groups.io>;
 Wed, 04 May 2022 02:30:52 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=BKIKd7iA;
 spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: yi1.li@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1651656651; x=1683192651;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=KH57k4v/ZlTAaL+llT5L126HpuY6sdLdqU4AdR+HEmY=;
  b=BKIKd7iAyGqxJRKFEIKK+IIiD8Y0GUDgdJgLM71+n4hoJup4x0c4hTu1
   cx22xom00z/asJ1bKdocUAnCf9lbxN++XfRtztBWelD5boBb/VmIUzX0r
   csbFrpNcYBs0kFcuqMET4fP43eskCvpN5DbBKkBY87p+znga6s6qs5gmk
   Av12xh8aLuuppu4wmKFVAWovEgK/NYDPxOoWbOAih7mVd9P/ytov6m0xO
   4/ZQ/r3AnGVnltVBBk3OQASamgwoZ9PFQi6GU7z68tlDF19088vwi6CGs
   l/jUenjGjydhGRHzsqgF/UAwAuac0A0r0C32AlIzwXWi0OQDkPAxy9Umj
   w==;
X-IronPort-AV: E=McAfee;i="6400,9594,10336"; a="354149804"
X-IronPort-AV: E=Sophos;i="5.91,197,1647327600"; 
   d="scan'208";a="354149804"
Received: from orsmga008.jf.intel.com ([10.7.209.65])
  by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 May 2022 02:30:51 -0700
X-IronPort-AV: E=Sophos;i="5.91,197,1647327600"; 
   d="scan'208";a="584647531"
Received: from shwdejointd178.ccr.corp.intel.com ([10.239.153.103])
  by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 May 2022 02:30:49 -0700
From: "yi1 li" <yi1.li@intel.com>
To: devel@edk2.groups.io
Cc: yi1 li <yi1.li@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>
Subject: [PATCH 1/1] MdePkg: Add WPA3 related TLS configure macro
Date: Wed,  4 May 2022 17:30:33 +0800
Message-Id: <075f00b16013a2c401de91304f0ce4ff5bf4dfc5.1651656533.git.yi1.li@intel.com>
X-Mailer: git-send-email 2.31.1.windows.1
In-Reply-To: <cover.1651656533.git.yi1.li@intel.com>
References: <cover.1651656533.git.yi1.li@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3892

Which are needed for SUITE-B and SUITE-B-192.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: yi1 li <yi1.li@intel.com>
---
 MdePkg/Include/IndustryStandard/Tls1.h | 133 ++++++++++++++++++-------
 1 file changed, 97 insertions(+), 36 deletions(-)

diff --git a/MdePkg/Include/IndustryStandard/Tls1.h b/MdePkg/Include/IndustryStandard/Tls1.h
index cf67428b1129..6519afe15e78 100644
--- a/MdePkg/Include/IndustryStandard/Tls1.h
+++ b/MdePkg/Include/IndustryStandard/Tls1.h
@@ -15,42 +15,49 @@
 ///
 /// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246.
 ///
-#define TLS_RSA_WITH_NULL_MD5                {0x00, 0x01}
-#define TLS_RSA_WITH_NULL_SHA                {0x00, 0x02}
-#define TLS_RSA_WITH_RC4_128_MD5             {0x00, 0x04}
-#define TLS_RSA_WITH_RC4_128_SHA             {0x00, 0x05}
-#define TLS_RSA_WITH_IDEA_CBC_SHA            {0x00, 0x07}
-#define TLS_RSA_WITH_DES_CBC_SHA             {0x00, 0x09}
-#define TLS_RSA_WITH_3DES_EDE_CBC_SHA        {0x00, 0x0A}
-#define TLS_DH_DSS_WITH_DES_CBC_SHA          {0x00, 0x0C}
-#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA     {0x00, 0x0D}
-#define TLS_DH_RSA_WITH_DES_CBC_SHA          {0x00, 0x0F}
-#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA     {0x00, 0x10}
-#define TLS_DHE_DSS_WITH_DES_CBC_SHA         {0x00, 0x12}
-#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA    {0x00, 0x13}
-#define TLS_DHE_RSA_WITH_DES_CBC_SHA         {0x00, 0x15}
-#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA    {0x00, 0x16}
-#define TLS_RSA_WITH_AES_128_CBC_SHA         {0x00, 0x2F}
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA      {0x00, 0x30}
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA      {0x00, 0x31}
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA     {0x00, 0x32}
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA     {0x00, 0x33}
-#define TLS_RSA_WITH_AES_256_CBC_SHA         {0x00, 0x35}
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA      {0x00, 0x36}
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA      {0x00, 0x37}
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA     {0x00, 0x38}
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA     {0x00, 0x39}
-#define TLS_RSA_WITH_NULL_SHA256             {0x00, 0x3B}
-#define TLS_RSA_WITH_AES_128_CBC_SHA256      {0x00, 0x3C}
-#define TLS_RSA_WITH_AES_256_CBC_SHA256      {0x00, 0x3D}
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256   {0x00, 0x3E}
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256   {0x00, 0x3F}
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256  {0x00, 0x40}
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256  {0x00, 0x67}
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256   {0x00, 0x68}
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256   {0x00, 0x69}
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256  {0x00, 0x6A}
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256  {0x00, 0x6B}
+#define TLS_RSA_WITH_NULL_MD5                  {0x00, 0x01}
+#define TLS_RSA_WITH_NULL_SHA                  {0x00, 0x02}
+#define TLS_RSA_WITH_RC4_128_MD5               {0x00, 0x04}
+#define TLS_RSA_WITH_RC4_128_SHA               {0x00, 0x05}
+#define TLS_RSA_WITH_IDEA_CBC_SHA              {0x00, 0x07}
+#define TLS_RSA_WITH_DES_CBC_SHA               {0x00, 0x09}
+#define TLS_RSA_WITH_3DES_EDE_CBC_SHA          {0x00, 0x0A}
+#define TLS_DH_DSS_WITH_DES_CBC_SHA            {0x00, 0x0C}
+#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA       {0x00, 0x0D}
+#define TLS_DH_RSA_WITH_DES_CBC_SHA            {0x00, 0x0F}
+#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA       {0x00, 0x10}
+#define TLS_DHE_DSS_WITH_DES_CBC_SHA           {0x00, 0x12}
+#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA      {0x00, 0x13}
+#define TLS_DHE_RSA_WITH_DES_CBC_SHA           {0x00, 0x15}
+#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA      {0x00, 0x16}
+#define TLS_RSA_WITH_AES_128_CBC_SHA           {0x00, 0x2F}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA        {0x00, 0x30}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA        {0x00, 0x31}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA       {0x00, 0x32}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA       {0x00, 0x33}
+#define TLS_RSA_WITH_AES_256_CBC_SHA           {0x00, 0x35}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA        {0x00, 0x36}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA        {0x00, 0x37}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA       {0x00, 0x38}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA       {0x00, 0x39}
+#define TLS_RSA_WITH_NULL_SHA256               {0x00, 0x3B}
+#define TLS_RSA_WITH_AES_128_CBC_SHA256        {0x00, 0x3C}
+#define TLS_RSA_WITH_AES_256_CBC_SHA256        {0x00, 0x3D}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256     {0x00, 0x3E}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256     {0x00, 0x3F}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256    {0x00, 0x40}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256    {0x00, 0x67}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256     {0x00, 0x68}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256     {0x00, 0x69}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256    {0x00, 0x6A}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256    {0x00, 0x6B}
+#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384    {0x00, 0x9F}
+#define TLS_AES_128_GCM_SHA256                 {0x13, 0x01}
+#define TLS_AES_256_GCM_SHA384                 {0x13, 0x02}
+#define TLS_CHACHA20_POLY1305_SHA256           {0x13, 0x03}
+#define TLS_ECDHE_ECDSA_AES128_GCM_SHA256      {0xC0, 0x2B}
+#define TLS_ECDHE_ECDSA_AES256_GCM_SHA384      {0xC0, 0x2C}
+#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384  {0xC0, 0x30}
 
 ///
 /// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
@@ -95,6 +102,60 @@ typedef struct {
 //
 #define TLS_CIPHERTEXT_RECORD_MAX_PAYLOAD_LENGTH  18432
 
+///
+/// TLS Hash algorithm, refers to section 7.4.1.4.1. of rfc-5246.
+///
+typedef enum {
+  TlsHashAlgoNone = 0,
+  TlsHashAlgoMd5,
+  TlsHashAlgoSha1,
+  TlsHashAlgoSha224,
+  TlsHashAlgoSha256,
+  TlsHashAlgoSha384,
+  TlsHashAlgoSha512,
+} TLS_HASH_ALGO;
+
+///
+/// TLS Signature algorithm, refers to section 7.4.1.4.1. of rfc-5246.
+///
+typedef enum {
+  TlsSignatureAlgoAnonymous = 0,
+  TlsSignatureAlgoRsa,
+  TlsSignatureAlgoDsa,
+  TlsSignatureAlgoEcdsa,
+} TLS_SIGNATURE_ALGO;
+
+///
+/// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1 of rfc-4492
+///
+typedef enum {
+  TlsEcNamedCurve_sect163k1 = 1,
+  TlsEcNamedCurve_sect163r1,   // 2,
+  TlsEcNamedCurve_sect163r2,   // 3,
+  TlsEcNamedCurve_sect193r1,   // 4,
+  TlsEcNamedCurve_sect193r2,   // 5,
+  TlsEcNamedCurve_sect233k1,   // 6,
+  TlsEcNamedCurve_sect233r1,   // 7,
+  TlsEcNamedCurve_sect239k1,   // 8,
+  TlsEcNamedCurve_sect283k1,   // 9,
+  TlsEcNamedCurve_sect283r1,   // 10,
+  TlsEcNamedCurve_sect409k1,   // 11,
+  TlsEcNamedCurve_sect409r1,   // 12,
+  TlsEcNamedCurve_sect571k1,   // 13,
+  TlsEcNamedCurve_sect571r1,   // 14,
+  TlsEcNamedCurve_secp160k1,   // 15,
+  TlsEcNamedCurve_secp160r1,   // 16,
+  TlsEcNamedCurve_secp160r2,   // 17,
+  TlsEcNamedCurve_secp192k1,   // 18,
+  TlsEcNamedCurve_secp192r1,   // 19,
+  TlsEcNamedCurve_secp224k1,   // 20,
+  TlsEcNamedCurve_secp224r1,   // 21,
+  TlsEcNamedCurve_secp256k1,   // 22,
+  TlsEcNamedCurve_secp256r1,   // 23,
+  TlsEcNamedCurve_secp384r1,   // 24,
+  TlsEcNamedCurve_secp521r1,   // 25,
+} TLS_EC_NAMED_CUREVE;
+
 #pragma pack()
 
 #endif
-- 
2.31.1.windows.1