From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by ml01.01.org (Postfix) with ESMTP id 63E941A1E06 for ; Sun, 31 Jul 2016 18:22:34 -0700 (PDT) Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga101.jf.intel.com with ESMTP; 31 Jul 2016 18:22:34 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.28,453,1464678000"; d="scan'208";a="1027332453" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by orsmga002.jf.intel.com with ESMTP; 31 Jul 2016 18:22:33 -0700 Received: from fmsmsx120.amr.corp.intel.com (10.18.124.208) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.248.2; Sun, 31 Jul 2016 18:22:33 -0700 Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by fmsmsx120.amr.corp.intel.com (10.18.124.208) with Microsoft SMTP Server (TLS) id 14.3.248.2; Sun, 31 Jul 2016 18:22:33 -0700 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.181]) by SHSMSX101.ccr.corp.intel.com ([169.254.1.8]) with mapi id 14.03.0248.002; Mon, 1 Aug 2016 09:22:31 +0800 From: "Wu, Jiaxin" To: "Palmer, Thomas" , "Long, Qin" , "edk2-devel@lists.01.org" CC: "Ye, Ting" , "Fu, Siyuan" , "Gao, Liming" Thread-Topic: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with the standardized one Thread-Index: AQHR6eUCs/pI0kyt10anJHg19L7rOKAzS/EQ Date: Mon, 1 Aug 2016 01:22:31 +0000 Message-ID: <895558F6EA4E3B41AC93A00D163B7274137C2D07@SHSMSX103.ccr.corp.intel.com> References: <1468475478-145272-1-git-send-email-jiaxin.wu@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with the standardized one X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Aug 2016 01:22:34 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Thomas, I agree some of them are not supported due to the UEFI OpenSSL configuratio= n, but it doesn't affect those mapping relationship added in the patch. So,= I have no strong opinion whether to support it by modifying the current Op= enSSL configuration. Since Qin is the OpenSSL expert, I'd like to hear his = views. Qin,=20 What's your opinion? Thanks. Jiaxin=20 > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of > Palmer, Thomas > Sent: Saturday, July 30, 2016 6:03 AM > To: Wu, Jiaxin ; edk2-devel@lists.01.org > Cc: Ye, Ting ; Fu, Siyuan ; Gao, > Liming ; Long, Qin > Subject: Re: [edk2] [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS > definitions with the standardized one >=20 > Jiaxin, >=20 > UEFI's OpenSSL library does not support all the ciphers that were > added in your patch due to the UEFI configuration. We need to remove "no= - > idea" and "no-dsa" from the process_files.sh and add "enable-weak-ssl- > ciphers" >=20 > While we are modifying process_files.sh, we can remove "no- > pqueue" from process_files.sh so that OpensslLib.inf is in sync. >=20 > I can send out a patch to do so if you wish. >=20 > Thomas >=20 > -----Original Message----- > From: Jiaxin Wu [mailto:jiaxin.wu@intel.com] > Sent: Thursday, July 14, 2016 12:51 AM > To: edk2-devel@lists.01.org > Cc: Liming Gao ; Palmer, Thomas > ; Long Qin ; Ye Ting > ; Fu Siyuan ; Wu Jiaxin > > Subject: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with = the > standardized one >=20 > The series patches are used to replace the TLS definitions with the > standardized one. In addition, more TLS cipher suite mapping between > Cipher Suite definitions and OpenSSL-used Cipher Suite name are added. >=20 > Cc: Liming Gao > Cc: Palmer Thomas > Cc: Long Qin > Cc: Ye Ting > Cc: Fu Siyuan > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Wu Jiaxin > Signed-off-by: Jiaxin Wu >=20 > Jiaxin Wu (4): > MdePkg: Add a header to standardize TLS definitions > CryptoPkg: Add more TLS cipher suite mapping > NetworkPkg/TlsDxe: Replace the definitions with the standardized one > NetworkPkg/HttpDxe: Replace the definitions with the standardized one >=20 > CryptoPkg/Library/TlsLib/TlsLib.c | 3585 ++++++++++++++++----------= ------ > MdePkg/Include/IndustryStandard/Tls1.h | 93 + > NetworkPkg/HttpDxe/HttpDriver.h | 2 + > NetworkPkg/HttpDxe/HttpProto.c | 12 +- > NetworkPkg/HttpDxe/HttpsSupport.c | 22 +- > NetworkPkg/HttpDxe/HttpsSupport.h | 44 - > NetworkPkg/TlsDxe/TlsImpl.c | 56 +- > NetworkPkg/TlsDxe/TlsImpl.h | 30 +- > NetworkPkg/TlsDxe/TlsProtocol.c | 2 +- > 9 files changed, 1945 insertions(+), 1901 deletions(-) create mode 1006= 44 > MdePkg/Include/IndustryStandard/Tls1.h >=20 > -- > 1.9.5.msysgit.1 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel