From: Laszlo Ersek <lersek@redhat.com>
To: edk2-devel-01 <edk2-devel@lists.01.org>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>, Qin Long <qin.long@intel.com>,
Siyuan Fu <siyuan.fu@intel.com>, Ting Ye <ting.ye@intel.com>
Subject: [PATCH 09/13] CryptoPkg/TlsLib: extend "TlsCipherMappingTable"
Date: Tue, 3 Apr 2018 16:51:45 +0200 [thread overview]
Message-ID: <20180403145149.8925-10-lersek@redhat.com> (raw)
In-Reply-To: <20180403145149.8925-1-lersek@redhat.com>
Add mapping entries printed by "TlsMappingTable.sh" to
"TlsCipherMappingTable". This allows HTTPS / TLS clients to get a good
match for their EFI_TLS_CIPHER lists.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Qin Long <qin.long@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=915
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
---
CryptoPkg/Library/TlsLib/TlsConfig.c | 169 ++++++++++++++++++++
1 file changed, 169 insertions(+)
diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLib/TlsConfig.c
index e2f819b9035f..9d21e6c1466d 100644
--- a/CryptoPkg/Library/TlsLib/TlsConfig.c
+++ b/CryptoPkg/Library/TlsLib/TlsConfig.c
@@ -46,31 +46,200 @@ typedef struct {
//
STATIC CONST TLS_CIPHER_MAPPING TlsCipherMappingTable[] = {
MAP ( 0x0001, "NULL-MD5" ), /// TLS_RSA_WITH_NULL_MD5
MAP ( 0x0002, "NULL-SHA" ), /// TLS_RSA_WITH_NULL_SHA
MAP ( 0x0004, "RC4-MD5" ), /// TLS_RSA_WITH_RC4_128_MD5
MAP ( 0x0005, "RC4-SHA" ), /// TLS_RSA_WITH_RC4_128_SHA
+ MAP ( 0x0007, "IDEA-CBC-SHA" ), /// TLS_RSA_WITH_IDEA_CBC_SHA
MAP ( 0x000A, "DES-CBC3-SHA" ), /// TLS_RSA_WITH_3DES_EDE_CBC_SHA, mandatory TLS 1.1
+ MAP ( 0x000D, "DH-DSS-DES-CBC3-SHA" ), /// TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0x0010, "DH-RSA-DES-CBC3-SHA" ), /// TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0x0013, "DHE-DSS-DES-CBC3-SHA" ), /// TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
MAP ( 0x0016, "DHE-RSA-DES-CBC3-SHA" ), /// TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0x0018, "ADH-RC4-MD5" ), /// TLS_DH_anon_WITH_RC4_128_MD5
+ MAP ( 0x001B, "ADH-DES-CBC3-SHA" ), /// TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0x001F, "KRB5-DES-CBC3-SHA" ), /// TLS_KRB5_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0x0020, "KRB5-RC4-SHA" ), /// TLS_KRB5_WITH_RC4_128_SHA
+ MAP ( 0x0021, "KRB5-IDEA-CBC-SHA" ), /// TLS_KRB5_WITH_IDEA_CBC_SHA
+ MAP ( 0x0023, "KRB5-DES-CBC3-MD5" ), /// TLS_KRB5_WITH_3DES_EDE_CBC_MD5
+ MAP ( 0x0024, "KRB5-RC4-MD5" ), /// TLS_KRB5_WITH_RC4_128_MD5
+ MAP ( 0x0025, "KRB5-IDEA-CBC-MD5" ), /// TLS_KRB5_WITH_IDEA_CBC_MD5
MAP ( 0x002F, "AES128-SHA" ), /// TLS_RSA_WITH_AES_128_CBC_SHA, mandatory TLS 1.2
MAP ( 0x0030, "DH-DSS-AES128-SHA" ), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA
MAP ( 0x0031, "DH-RSA-AES128-SHA" ), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA
+ MAP ( 0x0032, "DHE-DSS-AES128-SHA" ), /// TLS_DHE_DSS_WITH_AES_128_CBC_SHA
MAP ( 0x0033, "DHE-RSA-AES128-SHA" ), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA
+ MAP ( 0x0034, "ADH-AES128-SHA" ), /// TLS_DH_anon_WITH_AES_128_CBC_SHA
MAP ( 0x0035, "AES256-SHA" ), /// TLS_RSA_WITH_AES_256_CBC_SHA
MAP ( 0x0036, "DH-DSS-AES256-SHA" ), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA
MAP ( 0x0037, "DH-RSA-AES256-SHA" ), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA
+ MAP ( 0x0038, "DHE-DSS-AES256-SHA" ), /// TLS_DHE_DSS_WITH_AES_256_CBC_SHA
MAP ( 0x0039, "DHE-RSA-AES256-SHA" ), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA
+ MAP ( 0x003A, "ADH-AES256-SHA" ), /// TLS_DH_anon_WITH_AES_256_CBC_SHA
MAP ( 0x003B, "NULL-SHA256" ), /// TLS_RSA_WITH_NULL_SHA256
MAP ( 0x003C, "AES128-SHA256" ), /// TLS_RSA_WITH_AES_128_CBC_SHA256
MAP ( 0x003D, "AES256-SHA256" ), /// TLS_RSA_WITH_AES_256_CBC_SHA256
MAP ( 0x003E, "DH-DSS-AES128-SHA256" ), /// TLS_DH_DSS_WITH_AES_128_CBC_SHA256
MAP ( 0x003F, "DH-RSA-AES128-SHA256" ), /// TLS_DH_RSA_WITH_AES_128_CBC_SHA256
+ MAP ( 0x0040, "DHE-DSS-AES128-SHA256" ), /// TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
+ MAP ( 0x0041, "CAMELLIA128-SHA" ), /// TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
+ MAP ( 0x0042, "DH-DSS-CAMELLIA128-SHA" ), /// TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
+ MAP ( 0x0043, "DH-RSA-CAMELLIA128-SHA" ), /// TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
+ MAP ( 0x0044, "DHE-DSS-CAMELLIA128-SHA" ), /// TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
+ MAP ( 0x0045, "DHE-RSA-CAMELLIA128-SHA" ), /// TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ MAP ( 0x0046, "ADH-CAMELLIA128-SHA" ), /// TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
MAP ( 0x0067, "DHE-RSA-AES128-SHA256" ), /// TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
MAP ( 0x0068, "DH-DSS-AES256-SHA256" ), /// TLS_DH_DSS_WITH_AES_256_CBC_SHA256
MAP ( 0x0069, "DH-RSA-AES256-SHA256" ), /// TLS_DH_RSA_WITH_AES_256_CBC_SHA256
+ MAP ( 0x006A, "DHE-DSS-AES256-SHA256" ), /// TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
MAP ( 0x006B, "DHE-RSA-AES256-SHA256" ), /// TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
+ MAP ( 0x006C, "ADH-AES128-SHA256" ), /// TLS_DH_anon_WITH_AES_128_CBC_SHA256
+ MAP ( 0x006D, "ADH-AES256-SHA256" ), /// TLS_DH_anon_WITH_AES_256_CBC_SHA256
+ MAP ( 0x0084, "CAMELLIA256-SHA" ), /// TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
+ MAP ( 0x0085, "DH-DSS-CAMELLIA256-SHA" ), /// TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
+ MAP ( 0x0086, "DH-RSA-CAMELLIA256-SHA" ), /// TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
+ MAP ( 0x0087, "DHE-DSS-CAMELLIA256-SHA" ), /// TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
+ MAP ( 0x0088, "DHE-RSA-CAMELLIA256-SHA" ), /// TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ MAP ( 0x0089, "ADH-CAMELLIA256-SHA" ), /// TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
+ MAP ( 0x008A, "PSK-RC4-SHA" ), /// TLS_PSK_WITH_RC4_128_SHA
+ MAP ( 0x008B, "PSK-3DES-EDE-CBC-SHA" ), /// TLS_PSK_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0x008C, "PSK-AES128-CBC-SHA" ), /// TLS_PSK_WITH_AES_128_CBC_SHA
+ MAP ( 0x008D, "PSK-AES256-CBC-SHA" ), /// TLS_PSK_WITH_AES_256_CBC_SHA
+ MAP ( 0x008F, "DHE-PSK-3DES-EDE-CBC-SHA" ), /// TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0x0090, "DHE-PSK-AES128-CBC-SHA" ), /// TLS_DHE_PSK_WITH_AES_128_CBC_SHA
+ MAP ( 0x0091, "DHE-PSK-AES256-CBC-SHA" ), /// TLS_DHE_PSK_WITH_AES_256_CBC_SHA
+ MAP ( 0x0093, "RSA-PSK-3DES-EDE-CBC-SHA" ), /// TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0x0094, "RSA-PSK-AES128-CBC-SHA" ), /// TLS_RSA_PSK_WITH_AES_128_CBC_SHA
+ MAP ( 0x0095, "RSA-PSK-AES256-CBC-SHA" ), /// TLS_RSA_PSK_WITH_AES_256_CBC_SHA
+ MAP ( 0x0096, "SEED-SHA" ), /// TLS_RSA_WITH_SEED_CBC_SHA
+ MAP ( 0x0097, "DH-DSS-SEED-SHA" ), /// TLS_DH_DSS_WITH_SEED_CBC_SHA
+ MAP ( 0x0098, "DH-RSA-SEED-SHA" ), /// TLS_DH_RSA_WITH_SEED_CBC_SHA
+ MAP ( 0x0099, "DHE-DSS-SEED-SHA" ), /// TLS_DHE_DSS_WITH_SEED_CBC_SHA
+ MAP ( 0x009A, "DHE-RSA-SEED-SHA" ), /// TLS_DHE_RSA_WITH_SEED_CBC_SHA
+ MAP ( 0x009B, "ADH-SEED-SHA" ), /// TLS_DH_anon_WITH_SEED_CBC_SHA
+ MAP ( 0x009C, "AES128-GCM-SHA256" ), /// TLS_RSA_WITH_AES_128_GCM_SHA256
+ MAP ( 0x009D, "AES256-GCM-SHA384" ), /// TLS_RSA_WITH_AES_256_GCM_SHA384
+ MAP ( 0x009E, "DHE-RSA-AES128-GCM-SHA256" ), /// TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+ MAP ( 0x009F, "DHE-RSA-AES256-GCM-SHA384" ), /// TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
+ MAP ( 0x00A0, "DH-RSA-AES128-GCM-SHA256" ), /// TLS_DH_RSA_WITH_AES_128_GCM_SHA256
+ MAP ( 0x00A1, "DH-RSA-AES256-GCM-SHA384" ), /// TLS_DH_RSA_WITH_AES_256_GCM_SHA384
+ MAP ( 0x00A2, "DHE-DSS-AES128-GCM-SHA256" ), /// TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
+ MAP ( 0x00A3, "DHE-DSS-AES256-GCM-SHA384" ), /// TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
+ MAP ( 0x00A4, "DH-DSS-AES128-GCM-SHA256" ), /// TLS_DH_DSS_WITH_AES_128_GCM_SHA256
+ MAP ( 0x00A5, "DH-DSS-AES256-GCM-SHA384" ), /// TLS_DH_DSS_WITH_AES_256_GCM_SHA384
+ MAP ( 0x00A6, "ADH-AES128-GCM-SHA256" ), /// TLS_DH_anon_WITH_AES_128_GCM_SHA256
+ MAP ( 0x00A7, "ADH-AES256-GCM-SHA384" ), /// TLS_DH_anon_WITH_AES_256_GCM_SHA384
+ MAP ( 0x00A8, "PSK-AES128-GCM-SHA256" ), /// TLS_PSK_WITH_AES_128_GCM_SHA256
+ MAP ( 0x00A9, "PSK-AES256-GCM-SHA384" ), /// TLS_PSK_WITH_AES_256_GCM_SHA384
+ MAP ( 0x00AA, "DHE-PSK-AES128-GCM-SHA256" ), /// TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
+ MAP ( 0x00AB, "DHE-PSK-AES256-GCM-SHA384" ), /// TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
+ MAP ( 0x00AC, "RSA-PSK-AES128-GCM-SHA256" ), /// TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
+ MAP ( 0x00AD, "RSA-PSK-AES256-GCM-SHA384" ), /// TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
+ MAP ( 0x00AE, "PSK-AES128-CBC-SHA256" ), /// TLS_PSK_WITH_AES_128_CBC_SHA256
+ MAP ( 0x00AF, "PSK-AES256-CBC-SHA384" ), /// TLS_PSK_WITH_AES_256_CBC_SHA384
+ MAP ( 0x00B2, "DHE-PSK-AES128-CBC-SHA256" ), /// TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
+ MAP ( 0x00B3, "DHE-PSK-AES256-CBC-SHA384" ), /// TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
+ MAP ( 0x00B6, "RSA-PSK-AES128-CBC-SHA256" ), /// TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
+ MAP ( 0x00B7, "RSA-PSK-AES256-CBC-SHA384" ), /// TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
+ MAP ( 0x00BA, "CAMELLIA128-SHA256" ), /// TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0x00BD, "DHE-DSS-CAMELLIA128-SHA256" ), /// TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0x00BE, "DHE-RSA-CAMELLIA128-SHA256" ), /// TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0x00BF, "ADH-CAMELLIA128-SHA256" ), /// TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0x00C0, "CAMELLIA256-SHA256" ), /// TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ MAP ( 0x00C3, "DHE-DSS-CAMELLIA256-SHA256" ), /// TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
+ MAP ( 0x00C4, "DHE-RSA-CAMELLIA256-SHA256" ), /// TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
+ MAP ( 0x00C5, "ADH-CAMELLIA256-SHA256" ), /// TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256
+ MAP ( 0xC002, "ECDH-ECDSA-RC4-SHA" ), /// TLS_ECDH_ECDSA_WITH_RC4_128_SHA
+ MAP ( 0xC003, "ECDH-ECDSA-DES-CBC3-SHA" ), /// TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0xC004, "ECDH-ECDSA-AES128-SHA" ), /// TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
+ MAP ( 0xC005, "ECDH-ECDSA-AES256-SHA" ), /// TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
+ MAP ( 0xC007, "ECDHE-ECDSA-RC4-SHA" ), /// TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
+ MAP ( 0xC008, "ECDHE-ECDSA-DES-CBC3-SHA" ), /// TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0xC009, "ECDHE-ECDSA-AES128-SHA" ), /// TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ MAP ( 0xC00A, "ECDHE-ECDSA-AES256-SHA" ), /// TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ MAP ( 0xC00C, "ECDH-RSA-RC4-SHA" ), /// TLS_ECDH_RSA_WITH_RC4_128_SHA
+ MAP ( 0xC00D, "ECDH-RSA-DES-CBC3-SHA" ), /// TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0xC00E, "ECDH-RSA-AES128-SHA" ), /// TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
+ MAP ( 0xC00F, "ECDH-RSA-AES256-SHA" ), /// TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
+ MAP ( 0xC011, "ECDHE-RSA-RC4-SHA" ), /// TLS_ECDHE_RSA_WITH_RC4_128_SHA
+ MAP ( 0xC012, "ECDHE-RSA-DES-CBC3-SHA" ), /// TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0xC013, "ECDHE-RSA-AES128-SHA" ), /// TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+ MAP ( 0xC014, "ECDHE-RSA-AES256-SHA" ), /// TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+ MAP ( 0xC016, "AECDH-RC4-SHA" ), /// TLS_ECDH_anon_WITH_RC4_128_SHA
+ MAP ( 0xC017, "AECDH-DES-CBC3-SHA" ), /// TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0xC018, "AECDH-AES128-SHA" ), /// TLS_ECDH_anon_WITH_AES_128_CBC_SHA
+ MAP ( 0xC019, "AECDH-AES256-SHA" ), /// TLS_ECDH_anon_WITH_AES_256_CBC_SHA
+ MAP ( 0xC01A, "SRP-3DES-EDE-CBC-SHA" ), /// TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0xC01B, "SRP-RSA-3DES-EDE-CBC-SHA" ), /// TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0xC01C, "SRP-DSS-3DES-EDE-CBC-SHA" ), /// TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0xC01D, "SRP-AES-128-CBC-SHA" ), /// TLS_SRP_SHA_WITH_AES_128_CBC_SHA
+ MAP ( 0xC01E, "SRP-RSA-AES-128-CBC-SHA" ), /// TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
+ MAP ( 0xC01F, "SRP-DSS-AES-128-CBC-SHA" ), /// TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA
+ MAP ( 0xC020, "SRP-AES-256-CBC-SHA" ), /// TLS_SRP_SHA_WITH_AES_256_CBC_SHA
+ MAP ( 0xC021, "SRP-RSA-AES-256-CBC-SHA" ), /// TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA
+ MAP ( 0xC022, "SRP-DSS-AES-256-CBC-SHA" ), /// TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA
+ MAP ( 0xC023, "ECDHE-ECDSA-AES128-SHA256" ), /// TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
+ MAP ( 0xC024, "ECDHE-ECDSA-AES256-SHA384" ), /// TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
+ MAP ( 0xC025, "ECDH-ECDSA-AES128-SHA256" ), /// TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
+ MAP ( 0xC026, "ECDH-ECDSA-AES256-SHA384" ), /// TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
+ MAP ( 0xC027, "ECDHE-RSA-AES128-SHA256" ), /// TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ MAP ( 0xC028, "ECDHE-RSA-AES256-SHA384" ), /// TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ MAP ( 0xC029, "ECDH-RSA-AES128-SHA256" ), /// TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
+ MAP ( 0xC02A, "ECDH-RSA-AES256-SHA384" ), /// TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
+ MAP ( 0xC02B, "ECDHE-ECDSA-AES128-GCM-SHA256" ), /// TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ MAP ( 0xC02C, "ECDHE-ECDSA-AES256-GCM-SHA384" ), /// TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+ MAP ( 0xC02D, "ECDH-ECDSA-AES128-GCM-SHA256" ), /// TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
+ MAP ( 0xC02E, "ECDH-ECDSA-AES256-GCM-SHA384" ), /// TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
+ MAP ( 0xC02F, "ECDHE-RSA-AES128-GCM-SHA256" ), /// TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ MAP ( 0xC030, "ECDHE-RSA-AES256-GCM-SHA384" ), /// TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ MAP ( 0xC031, "ECDH-RSA-AES128-GCM-SHA256" ), /// TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
+ MAP ( 0xC032, "ECDH-RSA-AES256-GCM-SHA384" ), /// TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
+ MAP ( 0xC034, "ECDHE-PSK-3DES-EDE-CBC-SHA" ), /// TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
+ MAP ( 0xC035, "ECDHE-PSK-AES128-CBC-SHA" ), /// TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
+ MAP ( 0xC036, "ECDHE-PSK-AES256-CBC-SHA" ), /// TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
+ MAP ( 0xC037, "ECDHE-PSK-AES128-CBC-SHA256" ), /// TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ MAP ( 0xC038, "ECDHE-PSK-AES256-CBC-SHA384" ), /// TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
+ MAP ( 0xC072, "ECDHE-ECDSA-CAMELLIA128-SHA256" ), /// TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0xC073, "ECDHE-ECDSA-CAMELLIA256-SHA384" ), /// TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ MAP ( 0xC076, "ECDHE-RSA-CAMELLIA128-SHA256" ), /// TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0xC077, "ECDHE-RSA-CAMELLIA256-SHA384" ), /// TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ MAP ( 0xC094, "PSK-CAMELLIA128-SHA256" ), /// TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0xC095, "PSK-CAMELLIA256-SHA384" ), /// TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ MAP ( 0xC096, "DHE-PSK-CAMELLIA128-SHA256" ), /// TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0xC097, "DHE-PSK-CAMELLIA256-SHA384" ), /// TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ MAP ( 0xC098, "RSA-PSK-CAMELLIA128-SHA256" ), /// TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0xC099, "RSA-PSK-CAMELLIA256-SHA384" ), /// TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ MAP ( 0xC09A, "ECDHE-PSK-CAMELLIA128-SHA256" ), /// TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ MAP ( 0xC09B, "ECDHE-PSK-CAMELLIA256-SHA384" ), /// TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ MAP ( 0xC09C, "AES128-CCM" ), /// TLS_RSA_WITH_AES_128_CCM
+ MAP ( 0xC09D, "AES256-CCM" ), /// TLS_RSA_WITH_AES_256_CCM
+ MAP ( 0xC09E, "DHE-RSA-AES128-CCM" ), /// TLS_DHE_RSA_WITH_AES_128_CCM
+ MAP ( 0xC09F, "DHE-RSA-AES256-CCM" ), /// TLS_DHE_RSA_WITH_AES_256_CCM
+ MAP ( 0xC0A0, "AES128-CCM8" ), /// TLS_RSA_WITH_AES_128_CCM_8
+ MAP ( 0xC0A1, "AES256-CCM8" ), /// TLS_RSA_WITH_AES_256_CCM_8
+ MAP ( 0xC0A2, "DHE-RSA-AES128-CCM8" ), /// TLS_DHE_RSA_WITH_AES_128_CCM_8
+ MAP ( 0xC0A3, "DHE-RSA-AES256-CCM8" ), /// TLS_DHE_RSA_WITH_AES_256_CCM_8
+ MAP ( 0xC0A4, "PSK-AES128-CCM" ), /// TLS_PSK_WITH_AES_128_CCM
+ MAP ( 0xC0A5, "PSK-AES256-CCM" ), /// TLS_PSK_WITH_AES_256_CCM
+ MAP ( 0xC0A6, "DHE-PSK-AES128-CCM" ), /// TLS_DHE_PSK_WITH_AES_128_CCM
+ MAP ( 0xC0A7, "DHE-PSK-AES256-CCM" ), /// TLS_DHE_PSK_WITH_AES_256_CCM
+ MAP ( 0xC0A8, "PSK-AES128-CCM8" ), /// TLS_PSK_WITH_AES_128_CCM_8
+ MAP ( 0xC0A9, "PSK-AES256-CCM8" ), /// TLS_PSK_WITH_AES_256_CCM_8
+ MAP ( 0xC0AA, "DHE-PSK-AES128-CCM8" ), /// TLS_PSK_DHE_WITH_AES_128_CCM_8
+ MAP ( 0xC0AB, "DHE-PSK-AES256-CCM8" ), /// TLS_PSK_DHE_WITH_AES_256_CCM_8
+ MAP ( 0xC0AC, "ECDHE-ECDSA-AES128-CCM" ), /// TLS_ECDHE_ECDSA_WITH_AES_128_CCM
+ MAP ( 0xC0AD, "ECDHE-ECDSA-AES256-CCM" ), /// TLS_ECDHE_ECDSA_WITH_AES_256_CCM
+ MAP ( 0xC0AE, "ECDHE-ECDSA-AES128-CCM8" ), /// TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
+ MAP ( 0xC0AF, "ECDHE-ECDSA-AES256-CCM8" ), /// TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
+ MAP ( 0xCCA8, "ECDHE-RSA-CHACHA20-POLY1305" ), /// TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ MAP ( 0xCCA9, "ECDHE-ECDSA-CHACHA20-POLY1305" ), /// TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+ MAP ( 0xCCAA, "DHE-RSA-CHACHA20-POLY1305" ), /// TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ MAP ( 0xCCAB, "PSK-CHACHA20-POLY1305" ), /// TLS_PSK_WITH_CHACHA20_POLY1305_SHA256
+ MAP ( 0xCCAC, "ECDHE-PSK-CHACHA20-POLY1305" ), /// TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
+ MAP ( 0xCCAD, "DHE-PSK-CHACHA20-POLY1305" ), /// TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256
+ MAP ( 0xCCAE, "RSA-PSK-CHACHA20-POLY1305" ), /// TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256
};
/**
Gets the OpenSSL cipher suite mapping for the supplied IANA TLS cipher suite.
@param[in] CipherId The supplied IANA TLS cipher suite ID.
--
2.14.1.3.gb7cf6e02401b
next prev parent reply other threads:[~2018-04-03 14:52 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-03 14:51 [PATCH 00/13] {Ovmf, Mde, Network, Crypto}Pkg: fixes+features for setting HTTPS cipher suites Laszlo Ersek
2018-04-03 14:51 ` [PATCH 01/13] OvmfPkg/TlsAuthConfigLib: configure trusted cipher suites for HTTPS boot Laszlo Ersek
2018-04-03 14:51 ` [PATCH 02/13] MdePkg/Include/Protocol/Tls.h: pack structures from the TLS RFC Laszlo Ersek
2018-04-03 15:08 ` Gao, Liming
2018-04-04 10:32 ` Laszlo Ersek
2018-04-10 1:51 ` Fu, Siyuan
2018-04-03 14:51 ` [PATCH 03/13] NetworkPkg/TlsDxe: verify DataSize for EfiTlsCipherList Laszlo Ersek
2018-04-10 1:51 ` Fu, Siyuan
2018-04-03 14:51 ` [PATCH 04/13] NetworkPkg/TlsDxe: clean up byte order conversion " Laszlo Ersek
2018-04-10 1:53 ` Fu, Siyuan
2018-04-03 14:51 ` [PATCH 05/13] CryptoPkg/TlsLib: replace TlsGetCipherString() with TlsGetCipherMapping() Laszlo Ersek
2018-04-03 14:51 ` [PATCH 06/13] CryptoPkg/TlsLib: use binary search in the TlsGetCipherMapping() function Laszlo Ersek
2018-04-03 14:51 ` [PATCH 07/13] CryptoPkg/TlsLib: pre-compute OpensslCipherLength in TlsCipherMappingTable Laszlo Ersek
2018-04-03 14:51 ` [PATCH 08/13] CryptoPkg/TlsLib: add the "TlsMappingTable.sh" POSIX shell script Laszlo Ersek
2018-04-03 14:51 ` Laszlo Ersek [this message]
2018-04-03 14:51 ` [PATCH 10/13] CryptoPkg/TlsLib: sort [LibraryClasses] section in the INF file Laszlo Ersek
2018-04-03 14:51 ` [PATCH 11/13] CryptoPkg/TlsLib: sanitize lib classes in internal header and INF Laszlo Ersek
2018-04-03 14:51 ` [PATCH 12/13] CryptoPkg/TlsLib: clean up leading comment for TlsSetCipherList() Laszlo Ersek
2018-04-03 14:51 ` [PATCH 13/13] CryptoPkg/TlsLib: rewrite TlsSetCipherList() Laszlo Ersek
2018-04-10 4:09 ` [PATCH 00/13] {Ovmf, Mde, Network, Crypto}Pkg: fixes+features for setting HTTPS cipher suites Wu, Jiaxin
2018-04-10 7:40 ` Long, Qin
2018-04-10 10:02 ` Laszlo Ersek
2018-04-10 10:10 ` Laszlo Ersek
2018-04-10 16:56 ` Long, Qin
2018-04-10 9:47 ` Laszlo Ersek
2018-04-10 17:06 ` Long, Qin
2018-04-10 20:06 ` Laszlo Ersek
2018-04-11 1:59 ` Wu, Jiaxin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180403145149.8925-10-lersek@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox