From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by ml01.01.org (Postfix) with ESMTP id 028D51A1E1B for ; Tue, 2 Aug 2016 20:28:07 -0700 (PDT) Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga103.fm.intel.com with ESMTP; 02 Aug 2016 20:28:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.28,464,1464678000"; d="scan'208";a="1007412869" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by orsmga001.jf.intel.com with ESMTP; 02 Aug 2016 20:28:07 -0700 Received: from FMSMSX109.amr.corp.intel.com (10.18.116.9) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 2 Aug 2016 20:28:01 -0700 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by fmsmsx109.amr.corp.intel.com (10.18.116.9) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 2 Aug 2016 20:28:01 -0700 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.181]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.107]) with mapi id 14.03.0248.002; Wed, 3 Aug 2016 11:27:58 +0800 From: "Wu, Jiaxin" To: "Palmer, Thomas" , "Long, Qin" , "edk2-devel@lists.01.org" CC: "Ye, Ting" , "Fu, Siyuan" , "Gao, Liming" Thread-Topic: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with the standardized one Thread-Index: AQHR6eUCs/pI0kyt10anJHg19L7rOKAzS/EQ//+HqQCAAU6UAIAAtjMg//+OZICAAIc6AIAAvbiAgADtIyA= Date: Wed, 3 Aug 2016 03:27:57 +0000 Message-ID: <895558F6EA4E3B41AC93A00D163B7274137C3EE7@SHSMSX103.ccr.corp.intel.com> References: <1468475478-145272-1-git-send-email-jiaxin.wu@intel.com> <895558F6EA4E3B41AC93A00D163B7274137C2D07@SHSMSX103.ccr.corp.intel.com> <895558F6EA4E3B41AC93A00D163B7274137C341E@SHSMSX103.ccr.corp.intel.com> <895558F6EA4E3B41AC93A00D163B7274137C3471@SHSMSX103.ccr.corp.intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYjllYzEwMjYtYmZiNy00YTE3LTk1N2ItYTJjZDIzY2E5OWVlIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6Ino2M21OV1BqNTJtTnFxN2RTMzE4QzBNdmJheFFENTlZdXlVOWp0RnRIb0U9In0= x-ctpclassification: CTP_IC x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with the standardized one X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2016 03:28:08 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Agree to remove the below cipher sets to make it consistent with current op= enssl configuration. =20 IDEA-CBC-SHA DHE-DSS-AES256-SHA DHE-DSS-AES256-SHA256 DHE-DSS-AES128-SHA DHE-DSS-AES128-SHA256 EDH-DSS-DES-CBC3-SHA DES-CBC-SHA Thanks, Jiaxin > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of > Palmer, Thomas > Sent: Wednesday, August 3, 2016 5:14 AM > To: Wu, Jiaxin ; Long, Qin ; > edk2-devel@lists.01.org > Cc: Ye, Ting ; Fu, Siyuan ; Gao, > Liming > Subject: Re: [edk2] [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS > definitions with the standardized one >=20 > I have two sets of lists, one for the ciphers the OpenSSL by default > configures in a new CTX and the other after setting all ciphers available= in the > mapping table. For both sets I show the affect of removing no-idea/no-ds= a > and adding enable-weak-ciphers >=20 > These are the ciphers that are supported by TLS immediately after a > TLS_CTX_new operation with current OpenSSL config (34): > AES128-GCM-SHA256 > AES128-SHA > AES128-SHA256 > AES256-GCM-SHA384 > AES256-SHA > AES256-SHA256 > DES-CBC3-SHA > DH-DSS-AES128-GCM-SHA256 > DH-DSS-AES128-SHA > DH-DSS-AES128-SHA256 > DH-DSS-AES256-GCM-SHA384 > DH-DSS-AES256-SHA > DH-DSS-AES256-SHA256 > DH-DSS-DES-CBC3-SHA > DHE-RSA-AES128-GCM-SHA256 > DHE-RSA-AES128-SHA > DHE-RSA-AES128-SHA256 > DHE-RSA-AES256-GCM-SHA384 > DHE-RSA-AES256-SHA > DHE-RSA-AES256-SHA256 > DH-RSA-AES128-GCM-SHA256 > DH-RSA-AES128-SHA > DH-RSA-AES128-SHA256 > DH-RSA-AES256-GCM-SHA384 > DH-RSA-AES256-SHA > DH-RSA-AES256-SHA256 > DH-RSA-DES-CBC3-SHA > EDH-RSA-DES-CBC3-SHA > PSK-3DES-EDE-CBC-SHA > PSK-AES128-CBC-SHA > PSK-AES256-CBC-SHA > PSK-RC4-SHA > RC4-MD5 > RC4-SHA >=20 > By removing "no-idea" in process_files we gain (1): > IDEA-CBC-SHA >=20 > By removing "no-dsa" in process_files we gain (7): > DHE-DSS-AES128-GCM-SHA256 > DHE-DSS-AES128-SHA > DHE-DSS-AES128-SHA256 > DHE-DSS-AES256-GCM-SHA384 > DHE-DSS-AES256-SHA > DHE-DSS-AES256-SHA256 > EDH-DSS-DES-CBC3-SHA >=20 > We do not gain any more ciphers with enable-weak-ssl-ciphers at this poin= t. >=20 >=20 > Now here are the ciphers after TlsSetCipherList has been run with setting= all > ciphers currently in TlsCipherMappingTable. > With original OpenSSL configuration (23): > AES128-SHA > AES128-SHA256 > AES256-SHA > AES256-SHA256 > DES-CBC3-SHA > DH-DSS-AES128-SHA > DH-DSS-AES128-SHA256 > DH-DSS-AES256-SHA > DH-DSS-AES256-SHA256 > DHE-RSA-AES128-SHA > DHE-RSA-AES128-SHA256 > DHE-RSA-AES256-SHA > DHE-RSA-AES256-SHA256 > DH-RSA-AES128-SHA > DH-RSA-AES128-SHA256 > DH-RSA-AES256-SHA > DH-RSA-AES256-SHA256 > EDH-RSA-DES-CBC3-SHA > NULL-MD5 > NULL-SHA > NULL-SHA256 > RC4-MD5 > RC4-SHA >=20 > By removing "no-idea" in process_files we gain (1): > IDEA-CBC-SHA >=20 > By removing "no-dsa" in process_files we gain (5): > DHE-DSS-AES256-SHA > DHE-DSS-AES256-SHA256 > DHE-DSS-AES128-SHA > DHE-DSS-AES128-SHA256 > EDH-DSS-DES-CBC3-SHA >=20 > Be adding enable-weak-ssl-ciphers we gain (1): > DES-CBC-SHA >=20 >=20 > Thomas >=20 > -----Original Message----- > From: Wu, Jiaxin [mailto:jiaxin.wu@intel.com] > Sent: Monday, August 1, 2016 9:03 PM > To: Palmer, Thomas ; Long, Qin > ; edk2-devel@lists.01.org > Cc: Ye, Ting ; Fu, Siyuan ; Gao, > Liming > Subject: RE: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions w= ith > the standardized one >=20 > Thomas, >=20 > Thanks your effort to test the new ciphers, can you provide the info whic= h > one is unsupported currently? >=20 > As Qin's comments, "we'd better to keep the current supported cipher suit= e > for our UEFI- TLS enabling". If so, I agree to remove the unsupported one= in > TlsCipherMappingTable instead of changing the current openssl configurati= on. > If dsa /idea is required in future, then we can consider how to enable th= e > configuration. >=20 > So, can you provide the patch to remove the unsupported one in > TlsCipherMappingTable? >=20 >=20 > Thanks, > Jiaxin >=20 >=20 >=20 > > -----Original Message----- > > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of > > Palmer, Thomas > > Sent: Tuesday, August 2, 2016 9:51 AM > > To: Wu, Jiaxin ; Long, Qin ; > > edk2-devel@lists.01.org > > Cc: Ye, Ting ; Fu, Siyuan ; > > Gao, Liming > > Subject: Re: [edk2] [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS > > definitions with the standardized one > > > > > > Hi Jiaxin, > > > > It sounds like we both agree that TlsCipherMappingTable is the list > > of what UEFI officially supports. If it is advertised in > > TlsCipherMappingTable then OpenSSL needs to support it. > > > > My proposal of removing no-dsa / no-idea and adding weak-ciphers > is > > specifically aimed to syncing how OpenSSL is configured/built to what > > is in TlsCipherMappingTable. I was busy last week testing out the new > > ciphers and realized a few were not even getting configured in OpenSSL. > > > > Thomas > > > > -----Original Message----- > > From: Wu, Jiaxin [mailto:jiaxin.wu@intel.com] > > Sent: Monday, August 1, 2016 8:34 PM > > To: Palmer, Thomas ; Long, Qin > > ; edk2-devel@lists.01.org > > Cc: Ye, Ting ; Fu, Siyuan ; > > Gao, Liming > > Subject: RE: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS > > definitions with the standardized one > > > > Hi Thomas, > > > > Since the Tls1.h is used to hold the standardized definitions, openssl > > part is not taken into consideration. The Cipher Suites added in > > Tls1.h only refers to > > A.5 of rfc-2246, rfc-4346 and rfc-5246. The criteria is removing all > > the limited/insecurity/deprecated ones that specified in RFC -- "Note > > that this mode is vulnerable to man-in-the middle attacks and is > > therefore deprecated." I know the IDEA and DES cipher suites are also > > deprecated in TLS1.2, but it does means to TLS1.1. So, some of them are > still kept in Tls1.h. > > > > As for the TlsCipherMappingTable, it takes on the link between Tls1.h > > defined cipher suites and openssl supported cipher suites. If we > > eliminate the factors of configuration, I believe the cipher suites in > > TlsCipherMappingTable should be implemented in OpenSSL lib. I haven't > > check them one by one but openssl official document is referred @ > > https://www.openssl.org/docs/manmaster/apps/ciphers.html, which > gives > > the lists of TLS cipher suites names from the relevant specification > > and their OpenSSL equivalents. > > > > If the cipher suites in Tls1.h is not found in TlsCipherMappingTable, > > EFI_UNSUPPORTED will be returned. I think it's reasonable. > > > > Thanks, > > Jiaxin > > > > > -----Original Message----- > > > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf > > > Of Palmer, Thomas > > > Sent: Tuesday, August 2, 2016 5:46 AM > > > To: Long, Qin ; Wu, Jiaxin > > > ; edk2-devel@lists.01.org > > > Cc: Ye, Ting ; Fu, Siyuan ; > > > Gao, Liming > > > Subject: Re: [edk2] [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS > > > definitions with the standardized one > > > > > > Jiaxin / Qin, > > > > > > > > > I'm unaware of what criteria is required for a cipher to be in this > > > TlsCipherMappingTable. I had presumed that it would be b/c UEFI > > > supported the cipher for TLS operation. If unsupported ciphers are > > > allowed ... then logically wouldn't we need to add all ciphers? > > > What advantage do we gain by having an entry in this table but not > > > actually use > > the cipher in communication? > > > > > > Currently TlsGetCipherString is the only means we have to validate > > > the cipher string. If a cipher is in the table but not in OpenSSL > > > lib, then we will provide imperfect feedback if the unsupported > > > cipher is buried in a list of supported ciphers. OpenSSL will > > > simply use only the ciphers it supports and quietly drop the unsuppor= ted > cipher. > > > A user that inspects the list of set ciphers would be curious why a > > > certain > > cipher was being "dropped" / > > > "filtered". However, if TlsGetCipherString sees that the cipher is = not in > our > > > mapping table the TlsSetCipherList function will return immediate > feedback. > > > > > > I'm not enthralled with supporting weak/idea ciphers either. I > > > would vouch for us removing those ciphers from > > > TlsCipherMappingTable. It is not our responsibility to document the > > > IANA/Description string description in code. > > > > > > This document > > > (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-52 > > > r1 > > > .pdf) would be a good list for initial cipher support. We have some > > > of the ciphers on the list already. Here is the sorted list: > > > > > > TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA > > > TLS_DH_DSS_WITH_AES_128_CBC_SHA > > > TLS_DH_DSS_WITH_AES_128_CBC_SHA256 > > > TLS_DH_DSS_WITH_AES_128_GCM_SHA256 > > > TLS_DH_DSS_WITH_AES_256_CBC_SHA > > > TLS_DH_DSS_WITH_AES_256_CBC_SHA256 > > > TLS_DH_DSS_WITH_AES_256_GCM_SHA384 > > > TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA > > > TLS_DHE_DSS_WITH_AES_128_CBC_SHA > > > TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 > > > TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 > > > TLS_DHE_DSS_WITH_AES_256_CBC_SHA > > > TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 > > > TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 > > > TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA > > > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA > > > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 > > > TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 > > > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA > > > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 > > > TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 > > > TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA > > > TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA > > > TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 > > > TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 > > > TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA > > > TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 > > > TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 > > > TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA > > > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA > > > TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 > > > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > > > TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA > > > TLS_RSA_WITH_3DES_EDE_CBC_SHA > > > TLS_RSA_WITH_AES_128_CBC_SHA > > > TLS_RSA_WITH_AES_128_CBC_SHA256 > > > TLS_RSA_WITH_AES_128_CCM17 > > > TLS_RSA_WITH_AES_128_GCM_SHA256 > > > TLS_RSA_WITH_AES_256_CBC_SHA > > > TLS_RSA_WITH_AES_256_CBC_SHA256 > > > TLS_RSA_WITH_AES_256_CCM > > > TLS_RSA_WITH_AES_256_GCM_SHA384 > > > > > > Thomas > > > > > > -----Original Message----- > > > From: Long, Qin [mailto:qin.long@intel.com] > > > Sent: Sunday, July 31, 2016 8:48 PM > > > To: Wu, Jiaxin ; Palmer, Thomas > > > ; edk2-devel@lists.01.org > > > Cc: Ye, Ting ; Fu, Siyuan ; > > > Gao, Liming > > > Subject: RE: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS > > > definitions with the standardized one > > > > > > I personally prefer to keep the current supported cipher suite for > > > our > > > UEFI- TLS enabling. We can have the full RFC definitions, and > > > platform specific cipher sets for validation now. It's better to > > > maintain one minimal scope in this phase. > > > > > > "enable-weak-ssl-ciphers" looks odd. Disabling weak ciphers is the > > > recommendation for hardening SSL communications. > > > For other ciphers (idea, dsa, etc), we can enable them step-by-step > > > depending on the real requirements. > > > > > > > > > Best Regards & Thanks, > > > LONG, Qin > > > > > > > -----Original Message----- > > > > From: Wu, Jiaxin > > > > Sent: Monday, August 01, 2016 9:23 AM > > > > To: Palmer, Thomas; Long, Qin; edk2-devel@lists.01.org > > > > Cc: Ye, Ting; Fu, Siyuan; Gao, Liming > > > > Subject: RE: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS > > > > definitions with the standardized one > > > > > > > > Thomas, > > > > I agree some of them are not supported due to the UEFI OpenSSL > > > > configuration, but it doesn't affect those mapping relationship > > > > added in the patch. So, I have no strong opinion whether to > > > > support it by modifying the current OpenSSL configuration. Since > > > > Qin is the OpenSSL expert, I'd like to hear his views. > > > > > > > > Qin, > > > > What's your opinion? > > > > > > > > Thanks. > > > > Jiaxin > > > > > > > > > -----Original Message----- > > > > > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On > > > > > Behalf Of Palmer, Thomas > > > > > Sent: Saturday, July 30, 2016 6:03 AM > > > > > To: Wu, Jiaxin ; edk2-devel@lists.01.org > > > > > Cc: Ye, Ting ; Fu, Siyuan > > > > > ; Gao, Liming ; Long, > > > > > Qin > > > > > Subject: Re: [edk2] [staging/HTTPS-TLS][PATCH 0/4] Replace the > > > > > TLS definitions with the standardized one > > > > > > > > > > Jiaxin, > > > > > > > > > > UEFI's OpenSSL library does not support all the ciphers that > > > > > were added in your patch due to the UEFI configuration. We need > > > > > to remove > > > > > "no- idea" and "no-dsa" from the process_files.sh and add > > > > > "enable-weak-ssl- ciphers" > > > > > > > > > > While we are modifying process_files.sh, we can remove "no- > > > > pqueue" > > > > > from process_files.sh so that OpensslLib.inf is in sync. > > > > > > > > > > I can send out a patch to do so if you wish. > > > > > > > > > > Thomas > > > > > > > > > > -----Original Message----- > > > > > From: Jiaxin Wu [mailto:jiaxin.wu@intel.com] > > > > > Sent: Thursday, July 14, 2016 12:51 AM > > > > > To: edk2-devel@lists.01.org > > > > > Cc: Liming Gao ; Palmer, Thomas > > > > > ; Long Qin ; Ye Ting > > > > > ; Fu Siyuan ; Wu Jiaxin > > > > > > > > > > Subject: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS > > > > > definitions with the standardized one > > > > > > > > > > The series patches are used to replace the TLS definitions with > > > > > the standardized one. In addition, more TLS cipher suite mapping > > > > > between Cipher Suite definitions and OpenSSL-used Cipher Suite > > > > > name > > are added. > > > > > > > > > > Cc: Liming Gao > > > > > Cc: Palmer Thomas > > > > > Cc: Long Qin > > > > > Cc: Ye Ting > > > > > Cc: Fu Siyuan > > > > > Contributed-under: TianoCore Contribution Agreement 1.0 > > > > > Signed-off-by: Wu Jiaxin > > > > > Signed-off-by: Jiaxin Wu > > > > > > > > > > Jiaxin Wu (4): > > > > > MdePkg: Add a header to standardize TLS definitions > > > > > CryptoPkg: Add more TLS cipher suite mapping > > > > > NetworkPkg/TlsDxe: Replace the definitions with the > > > > > standardized > > one > > > > > NetworkPkg/HttpDxe: Replace the definitions with the > > > > > standardized one > > > > > > > > > > CryptoPkg/Library/TlsLib/TlsLib.c | 3585 ++++++++++++++++--= ----- > -- > > --- > > > -- > > > > -- > > > > > MdePkg/Include/IndustryStandard/Tls1.h | 93 + > > > > > NetworkPkg/HttpDxe/HttpDriver.h | 2 + > > > > > NetworkPkg/HttpDxe/HttpProto.c | 12 +- > > > > > NetworkPkg/HttpDxe/HttpsSupport.c | 22 +- > > > > > NetworkPkg/HttpDxe/HttpsSupport.h | 44 - > > > > > NetworkPkg/TlsDxe/TlsImpl.c | 56 +- > > > > > NetworkPkg/TlsDxe/TlsImpl.h | 30 +- > > > > > NetworkPkg/TlsDxe/TlsProtocol.c | 2 +- > > > > > 9 files changed, 1945 insertions(+), 1901 deletions(-) create > > > > > mode > > > > > 100644 MdePkg/Include/IndustryStandard/Tls1.h > > > > > > > > > > -- > > > > > 1.9.5.msysgit.1 > > > > > > > > > > _______________________________________________ > > > > > edk2-devel mailing list > > > > > edk2-devel@lists.01.org > > > > > https://lists.01.org/mailman/listinfo/edk2-devel > > > _______________________________________________ > > > edk2-devel mailing list > > > edk2-devel@lists.01.org > > > https://lists.01.org/mailman/listinfo/edk2-devel > > _______________________________________________ > > edk2-devel mailing list > > edk2-devel@lists.01.org > > https://lists.01.org/mailman/listinfo/edk2-devel > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel