Re: [Patch 02/10] MdePkg: Add a header to standardize TLS definitions

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: "Ye, Ting" <ting.ye@intel.com>
To: "Wu, Jiaxin" <jiaxin.wu@intel.com>,
	"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Cc: "Long, Qin" <qin.long@intel.com>,
	"Fu, Siyuan" <siyuan.fu@intel.com>,
	"Zhang, Lubo" <lubo.zhang@intel.com>,
	"Gao, Liming" <liming.gao@intel.com>,
	"Kinney, Michael D" <michael.d.kinney@intel.com>,
	Thomas Palmer <thomas.palmer@hpe.com>
Subject: Re: [Patch 02/10] MdePkg: Add a header to standardize TLS definitions
Date: Thu, 15 Dec 2016 08:35:05 +0000	[thread overview]
Message-ID: <BC0C045B0E2A584CA4575E779FA2C12A1A88F11E@SHSMSX103.ccr.corp.intel.com> (raw)
In-Reply-To: <1481700859-76060-3-git-send-email-jiaxin.wu@intel.com>

Reviewed-by: Ye Ting <ting.ye@intel.com>


-----Original Message-----
From: Wu, Jiaxin 
Sent: Wednesday, December 14, 2016 3:34 PM
To: edk2-devel@lists.01.org
Cc: Long, Qin <qin.long@intel.com>; Ye, Ting <ting.ye@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Zhang, Lubo <lubo.zhang@intel.com>; Gao, Liming <liming.gao@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Thomas Palmer <thomas.palmer@hpe.com>; Wu, Jiaxin <jiaxin.wu@intel.com>
Subject: [Patch 02/10] MdePkg: Add a header to standardize TLS definitions

This path is used to standardize TLS definitions from related RFCs. Including TLS Cipher Suites, TLS Version, TLS Content Type and TLS Record Header, etc.

Cc: Long Qin <qin.long@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Thomas Palmer <thomas.palmer@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
---
 MdePkg/Include/IndustryStandard/Tls1.h | 93 ++++++++++++++++++++++++++++++++++
 1 file changed, 93 insertions(+)
 create mode 100644 MdePkg/Include/IndustryStandard/Tls1.h

diff --git a/MdePkg/Include/IndustryStandard/Tls1.h b/MdePkg/Include/IndustryStandard/Tls1.h
new file mode 100644
index 0000000..14eb265
--- /dev/null
+++ b/MdePkg/Include/IndustryStandard/Tls1.h
@@ -0,0 +1,93 @@
+/** @file
+  Transport Layer Security  -- TLS 1.0/1.1/1.2 Standard definitions, from RFC 2246/4346/5246    
+
+  This file contains common TLS 1.0/1.1/1.2 definitions from RFC 
+ 2246/4346/5246
+
+  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>  This 
+ program and the accompanying materials  are licensed and made 
+ available under the terms and conditions of the BSD License  which 
+ accompanies this distribution.  The full text of the license may be 
+ found at  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+**/
+
+#ifndef __TLS_1_H__
+#define __TLS_1_H__
+
+#pragma pack(1)
+
+///
+/// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246.
+///
+#define TLS_RSA_WITH_NULL_MD5                    {0x00, 0x01}
+#define TLS_RSA_WITH_NULL_SHA                    {0x00, 0x02}
+#define TLS_RSA_WITH_RC4_128_MD5                 {0x00, 0x04}
+#define TLS_RSA_WITH_RC4_128_SHA                 {0x00, 0x05}
+#define TLS_RSA_WITH_IDEA_CBC_SHA                {0x00, 0x07}
+#define TLS_RSA_WITH_DES_CBC_SHA                 {0x00, 0x09}
+#define TLS_RSA_WITH_3DES_EDE_CBC_SHA            {0x00, 0x0A}
+#define TLS_DH_DSS_WITH_DES_CBC_SHA              {0x00, 0x0C}
+#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA         {0x00, 0x0D}
+#define TLS_DH_RSA_WITH_DES_CBC_SHA              {0x00, 0x0F}
+#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA         {0x00, 0x10}
+#define TLS_DHE_DSS_WITH_DES_CBC_SHA             {0x00, 0x12}
+#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA        {0x00, 0x13}
+#define TLS_DHE_RSA_WITH_DES_CBC_SHA             {0x00, 0x15}
+#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA        {0x00, 0x16}
+#define TLS_RSA_WITH_AES_128_CBC_SHA             {0x00, 0x2F}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA          {0x00, 0x30}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA          {0x00, 0x31}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA         {0x00, 0x32}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA         {0x00, 0x33}
+#define TLS_RSA_WITH_AES_256_CBC_SHA             {0x00, 0x35}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA          {0x00, 0x36}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA          {0x00, 0x37}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA         {0x00, 0x38}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA         {0x00, 0x39}
+#define TLS_RSA_WITH_NULL_SHA256                 {0x00, 0x3B}
+#define TLS_RSA_WITH_AES_128_CBC_SHA256          {0x00, 0x3C}
+#define TLS_RSA_WITH_AES_256_CBC_SHA256          {0x00, 0x3D}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256       {0x00, 0x3E}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256       {0x00, 0x3F}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256      {0x00, 0x40}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256      {0x00, 0x67}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256       {0x00, 0x68}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256       {0x00, 0x69}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256      {0x00, 0x6A}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256      {0x00, 0x6B}
+
+///
+/// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
+///
+#define TLS10_PROTOCOL_VERSION_MAJOR  0x03 #define 
+TLS10_PROTOCOL_VERSION_MINOR  0x01 #define TLS11_PROTOCOL_VERSION_MAJOR  
+0x03 #define TLS11_PROTOCOL_VERSION_MINOR  0x02 #define 
+TLS12_PROTOCOL_VERSION_MAJOR  0x03 #define TLS12_PROTOCOL_VERSION_MINOR  
+0x03
+
+///
+/// TLS Content Type, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
+///
+typedef enum {
+  TLS_CONTENT_TYPE_CHANGE_CIPHER_SPEC = 20,
+  TLS_CONTENT_TYPE_ALERT              = 21,
+  TLS_CONTENT_TYPE_HANDSHAKE          = 22,
+  TLS_CONTENT_TYPE_APPLICATION_DATA   = 23,
+} TLS_CONTENT_TYPE;
+
+///
+/// TLS Record Header, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
+///
+typedef struct {   
+  UINT8                   ContentType;
+  EFI_TLS_VERSION         Version;
+  UINT16                  Length;
+} TLS_RECORD_HEADER;
+
+#pragma pack()
+
+#endif
+
--
1.9.5.msysgit.1

next prev parent reply	other threads:[~2016-12-15  8:35 UTC|newest]

Thread overview: 37+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-12-14  7:34 [Patch 00/10] Sync staging/HTTPS-TLS feature into edk2 master Jiaxin Wu
2016-12-14  7:34 ` [Patch 01/10] MdePkg: Add TLS related protocol definition Jiaxin Wu
2016-12-14  8:36   ` Long, Qin
2016-12-14  8:39     ` Wu, Jiaxin
2016-12-15  8:34       ` Ye, Ting
2016-12-14  8:43   ` Fu, Siyuan
2016-12-14  7:34 ` [Patch 02/10] MdePkg: Add a header to standardize TLS definitions Jiaxin Wu
2016-12-14  8:42   ` Long, Qin
2016-12-14  8:43   ` Fu, Siyuan
2016-12-15  8:35   ` Ye, Ting [this message]
2016-12-14  7:34 ` [Patch 03/10] CryptoPkg: Enable ssl build in OpensslLib directly Jiaxin Wu
2016-12-15  8:37   ` Ye, Ting
2016-12-14  7:34 ` [Patch 04/10] CryptoPkg: Add new TlsLib library Jiaxin Wu
2016-12-16  2:10   ` Ye, Ting
2016-12-16  2:51     ` Wu, Jiaxin
2016-12-14  7:34 ` [Patch 05/10] NetworkPkg/TlsDxe: TlsDxe driver implementation over OpenSSL Jiaxin Wu
2016-12-14  8:41   ` Fu, Siyuan
2016-12-15  7:24     ` Wu, Jiaxin
2016-12-14  7:34 ` [Patch 06/10] NetworkPkg/TlsAuthConfigDxe: Provide the UI to support TLS auth configuration Jiaxin Wu
2016-12-15  2:22   ` Fu, Siyuan
2016-12-22  2:52     ` Ye, Ting
2016-12-22  3:13       ` Wu, Jiaxin
2016-12-14  7:34 ` [Patch 07/10] NetworkPkg/HttpDxe: HTTPS support over IPv4 and IPv6 Jiaxin Wu
2016-12-15  2:39   ` Fu, Siyuan
2016-12-15  7:14     ` Wu, Jiaxin
2016-12-22  7:33   ` Ye, Ting
2016-12-22  8:30     ` Wu, Jiaxin
2016-12-14  7:34 ` [Patch 08/10] NetworkPkg/NetworkPkg.dsc: Enable TlsDxe and TlsAuthConfigDxe module Jiaxin Wu
2016-12-15  2:39   ` Fu, Siyuan
2016-12-22  7:37   ` Ye, Ting
2016-12-14  7:34 ` [Patch 09/10] Nt32Pkg/Nt32Pkg.dsc: Remove the flag for OpensslLib and BaseCryptLib Jiaxin Wu
2016-12-14  7:56   ` Ni, Ruiyu
2016-12-15  8:25   ` Long, Qin
2016-12-22  7:39   ` Ye, Ting
2016-12-14  7:34 ` [Patch 10/10] Nt32Pkg: Enable HTTPS boot feature for Nt32 platform Jiaxin Wu
2016-12-14  7:44   ` Yao, Jiewen
2016-12-14  7:46     ` Wu, Jiaxin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:14eb265 )
 OR (
bs:"MdePkg: Add a header to standardize TLS definitions" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=BC0C045B0E2A584CA4575E779FA2C12A1A88F11E@SHSMSX103.ccr.corp.intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox