From: "Li, Yi" <yi1.li@intel.com>
To: devel@edk2.groups.io
Cc: Yi Li <yi1.li@intel.com>, Jiewen Yao <jiewen.yao@intel.com>,
Michael D Kinney <michael.d.kinney@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>
Subject: [PATCH 1/3] MdePkg: Add Tls configuration related define
Date: Mon, 26 Sep 2022 14:27:08 +0800 [thread overview]
Message-ID: <17a35da0626a56148519315dcf4f25d047b0f836.1664172690.git.yi1.li@intel.com> (raw)
In-Reply-To: <cover.1664172690.git.yi1.li@intel.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3892
Consumed by TlsSetEcCurve and TlsSetSignatureAlgoList.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Yi Li <yi1.li@intel.com>
---
MdePkg/Include/IndustryStandard/Tls1.h | 110 +++++++++++++++++--------
1 file changed, 74 insertions(+), 36 deletions(-)
diff --git a/MdePkg/Include/IndustryStandard/Tls1.h b/MdePkg/Include/IndustryStandard/Tls1.h
index cf67428b11..5cf2860caf 100644
--- a/MdePkg/Include/IndustryStandard/Tls1.h
+++ b/MdePkg/Include/IndustryStandard/Tls1.h
@@ -15,42 +15,46 @@
///
/// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246.
///
-#define TLS_RSA_WITH_NULL_MD5 {0x00, 0x01}
-#define TLS_RSA_WITH_NULL_SHA {0x00, 0x02}
-#define TLS_RSA_WITH_RC4_128_MD5 {0x00, 0x04}
-#define TLS_RSA_WITH_RC4_128_SHA {0x00, 0x05}
-#define TLS_RSA_WITH_IDEA_CBC_SHA {0x00, 0x07}
-#define TLS_RSA_WITH_DES_CBC_SHA {0x00, 0x09}
-#define TLS_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x0A}
-#define TLS_DH_DSS_WITH_DES_CBC_SHA {0x00, 0x0C}
-#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x0D}
-#define TLS_DH_RSA_WITH_DES_CBC_SHA {0x00, 0x0F}
-#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x10}
-#define TLS_DHE_DSS_WITH_DES_CBC_SHA {0x00, 0x12}
-#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x13}
-#define TLS_DHE_RSA_WITH_DES_CBC_SHA {0x00, 0x15}
-#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x16}
-#define TLS_RSA_WITH_AES_128_CBC_SHA {0x00, 0x2F}
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA {0x00, 0x30}
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA {0x00, 0x31}
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA {0x00, 0x32}
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x33}
-#define TLS_RSA_WITH_AES_256_CBC_SHA {0x00, 0x35}
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA {0x00, 0x36}
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA {0x00, 0x37}
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA {0x00, 0x38}
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA {0x00, 0x39}
-#define TLS_RSA_WITH_NULL_SHA256 {0x00, 0x3B}
-#define TLS_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3C}
-#define TLS_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x3D}
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x3E}
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3F}
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x40}
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x67}
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x68}
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x69}
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x6A}
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x6B}
+#define TLS_RSA_WITH_NULL_MD5 {0x00, 0x01}
+#define TLS_RSA_WITH_NULL_SHA {0x00, 0x02}
+#define TLS_RSA_WITH_RC4_128_MD5 {0x00, 0x04}
+#define TLS_RSA_WITH_RC4_128_SHA {0x00, 0x05}
+#define TLS_RSA_WITH_IDEA_CBC_SHA {0x00, 0x07}
+#define TLS_RSA_WITH_DES_CBC_SHA {0x00, 0x09}
+#define TLS_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x0A}
+#define TLS_DH_DSS_WITH_DES_CBC_SHA {0x00, 0x0C}
+#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x0D}
+#define TLS_DH_RSA_WITH_DES_CBC_SHA {0x00, 0x0F}
+#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x10}
+#define TLS_DHE_DSS_WITH_DES_CBC_SHA {0x00, 0x12}
+#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x13}
+#define TLS_DHE_RSA_WITH_DES_CBC_SHA {0x00, 0x15}
+#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x16}
+#define TLS_RSA_WITH_AES_128_CBC_SHA {0x00, 0x2F}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA {0x00, 0x30}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA {0x00, 0x31}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA {0x00, 0x32}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x33}
+#define TLS_RSA_WITH_AES_256_CBC_SHA {0x00, 0x35}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA {0x00, 0x36}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA {0x00, 0x37}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA {0x00, 0x38}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA {0x00, 0x39}
+#define TLS_RSA_WITH_NULL_SHA256 {0x00, 0x3B}
+#define TLS_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3C}
+#define TLS_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x3D}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x3E}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3F}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x40}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x67}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x68}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x69}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x6A}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x6B}
+#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 {0x00, 0x9F}
+#define TLS_ECDHE_ECDSA_AES128_GCM_SHA256 {0xC0, 0x2B}
+#define TLS_ECDHE_ECDSA_AES256_GCM_SHA384 {0xC0, 0x2C}
+#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 {0xC0, 0x30}
///
/// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
@@ -95,6 +99,40 @@ typedef struct {
//
#define TLS_CIPHERTEXT_RECORD_MAX_PAYLOAD_LENGTH 18432
+///
+/// TLS Hash algorithm, refers to section 7.4.1.4.1. of rfc-5246.
+///
+typedef enum {
+ TlsHashAlgoNone = 0,
+ TlsHashAlgoMd5 = 1,
+ TlsHashAlgoSha1 = 2,
+ TlsHashAlgoSha224 = 3,
+ TlsHashAlgoSha256 = 4,
+ TlsHashAlgoSha384 = 5,
+ TlsHashAlgoSha512 = 6,
+} TLS_HASH_ALGO;
+
+///
+/// TLS Signature algorithm, refers to section 7.4.1.4.1. of rfc-5246.
+///
+typedef enum {
+ TlsSignatureAlgoAnonymous = 0,
+ TlsSignatureAlgoRsa = 1,
+ TlsSignatureAlgoDsa = 2,
+ TlsSignatureAlgoEcdsa = 3,
+} TLS_SIGNATURE_ALGO;
+
+///
+/// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1 of rfc-8442
+///
+typedef enum {
+ TlsEcNamedCurveSecp256r1 = 23,
+ TlsEcNamedCurveSecp384r1 = 24,
+ TlsEcNamedCurveSecp521r1 = 25,
+ TlsEcNamedCurveX25519 = 29,
+ TlsEcNamedCurveX448 = 30,
+} TLS_EC_NAMED_CURVE;
+
#pragma pack()
#endif
--
2.31.1.windows.1
next parent reply other threads:[~2022-09-26 6:27 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <cover.1664172690.git.yi1.li@intel.com>
2022-09-26 6:27 ` Li, Yi [this message]
2022-09-26 6:27 ` [PATCH 2/3] CryptoPkg: Extend Tls function library Li, Yi
2022-09-26 6:27 ` [PATCH 3/3] CryptoPkg: Add new Tls APIs to DXE and protocol Li, Yi
2022-09-30 5:08 ` [edk2-devel] " Michael D Kinney
2022-09-30 5:28 ` Li, Yi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=17a35da0626a56148519315dcf4f25d047b0f836.1664172690.git.yi1.li@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox