public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Michael D Kinney" <michael.d.kinney@intel.com>
To: "Li, Yi1" <yi1.li@intel.com>,
	"devel@edk2.groups.io" <devel@edk2.groups.io>,
	"Kinney, Michael D" <michael.d.kinney@intel.com>
Cc: "Yao, Jiewen" <jiewen.yao@intel.com>,
	"Gao, Liming" <gaoliming@byosoft.com.cn>
Subject: Re: [PATCH V3 1/3] MdePkg: Add Tls configuration related define
Date: Mon, 10 Oct 2022 03:06:39 +0000	[thread overview]
Message-ID: <CO1PR11MB49295FD13BE204F7F760C3A9D2209@CO1PR11MB4929.namprd11.prod.outlook.com> (raw)
In-Reply-To: <965fb84a8afba7038d09c8685909bf3c31d8ca39.1665369262.git.yi1.li@intel.com>

Acked-by: Michael D Kinney <michael.d.kinney@intel.com>

Mike

> -----Original Message-----
> From: Li, Yi1 <yi1.li@intel.com>
> Sent: Sunday, October 9, 2022 7:40 PM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Gao,
> Liming <gaoliming@byosoft.com.cn>
> Subject: [PATCH V3 1/3] MdePkg: Add Tls configuration related define
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3892
> 
> Consumed by TlsSetEcCurve and TlsSetSignatureAlgoList.
> 
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Signed-off-by: Yi Li <yi1.li@intel.com>
> ---
>  MdePkg/Include/IndustryStandard/Tls1.h | 112 +++++++++++++++++--------
>  1 file changed, 75 insertions(+), 37 deletions(-)
> 
> diff --git a/MdePkg/Include/IndustryStandard/Tls1.h b/MdePkg/Include/IndustryStandard/Tls1.h
> index cf67428b11..f1ba0af7dc 100644
> --- a/MdePkg/Include/IndustryStandard/Tls1.h
> +++ b/MdePkg/Include/IndustryStandard/Tls1.h
> @@ -13,44 +13,48 @@
>  #pragma pack(1)
> 
>  ///
> -/// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246.
> +/// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346, rfc-5246, rfc-5288 and rfc-5289.
>  ///
> -#define TLS_RSA_WITH_NULL_MD5                {0x00, 0x01}
> -#define TLS_RSA_WITH_NULL_SHA                {0x00, 0x02}
> -#define TLS_RSA_WITH_RC4_128_MD5             {0x00, 0x04}
> -#define TLS_RSA_WITH_RC4_128_SHA             {0x00, 0x05}
> -#define TLS_RSA_WITH_IDEA_CBC_SHA            {0x00, 0x07}
> -#define TLS_RSA_WITH_DES_CBC_SHA             {0x00, 0x09}
> -#define TLS_RSA_WITH_3DES_EDE_CBC_SHA        {0x00, 0x0A}
> -#define TLS_DH_DSS_WITH_DES_CBC_SHA          {0x00, 0x0C}
> -#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA     {0x00, 0x0D}
> -#define TLS_DH_RSA_WITH_DES_CBC_SHA          {0x00, 0x0F}
> -#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA     {0x00, 0x10}
> -#define TLS_DHE_DSS_WITH_DES_CBC_SHA         {0x00, 0x12}
> -#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA    {0x00, 0x13}
> -#define TLS_DHE_RSA_WITH_DES_CBC_SHA         {0x00, 0x15}
> -#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA    {0x00, 0x16}
> -#define TLS_RSA_WITH_AES_128_CBC_SHA         {0x00, 0x2F}
> -#define TLS_DH_DSS_WITH_AES_128_CBC_SHA      {0x00, 0x30}
> -#define TLS_DH_RSA_WITH_AES_128_CBC_SHA      {0x00, 0x31}
> -#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA     {0x00, 0x32}
> -#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA     {0x00, 0x33}
> -#define TLS_RSA_WITH_AES_256_CBC_SHA         {0x00, 0x35}
> -#define TLS_DH_DSS_WITH_AES_256_CBC_SHA      {0x00, 0x36}
> -#define TLS_DH_RSA_WITH_AES_256_CBC_SHA      {0x00, 0x37}
> -#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA     {0x00, 0x38}
> -#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA     {0x00, 0x39}
> -#define TLS_RSA_WITH_NULL_SHA256             {0x00, 0x3B}
> -#define TLS_RSA_WITH_AES_128_CBC_SHA256      {0x00, 0x3C}
> -#define TLS_RSA_WITH_AES_256_CBC_SHA256      {0x00, 0x3D}
> -#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256   {0x00, 0x3E}
> -#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256   {0x00, 0x3F}
> -#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256  {0x00, 0x40}
> -#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256  {0x00, 0x67}
> -#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256   {0x00, 0x68}
> -#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256   {0x00, 0x69}
> -#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256  {0x00, 0x6A}
> -#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256  {0x00, 0x6B}
> +#define TLS_RSA_WITH_NULL_MD5                    {0x00, 0x01}
> +#define TLS_RSA_WITH_NULL_SHA                    {0x00, 0x02}
> +#define TLS_RSA_WITH_RC4_128_MD5                 {0x00, 0x04}
> +#define TLS_RSA_WITH_RC4_128_SHA                 {0x00, 0x05}
> +#define TLS_RSA_WITH_IDEA_CBC_SHA                {0x00, 0x07}
> +#define TLS_RSA_WITH_DES_CBC_SHA                 {0x00, 0x09}
> +#define TLS_RSA_WITH_3DES_EDE_CBC_SHA            {0x00, 0x0A}
> +#define TLS_DH_DSS_WITH_DES_CBC_SHA              {0x00, 0x0C}
> +#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA         {0x00, 0x0D}
> +#define TLS_DH_RSA_WITH_DES_CBC_SHA              {0x00, 0x0F}
> +#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA         {0x00, 0x10}
> +#define TLS_DHE_DSS_WITH_DES_CBC_SHA             {0x00, 0x12}
> +#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA        {0x00, 0x13}
> +#define TLS_DHE_RSA_WITH_DES_CBC_SHA             {0x00, 0x15}
> +#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA        {0x00, 0x16}
> +#define TLS_RSA_WITH_AES_128_CBC_SHA             {0x00, 0x2F}
> +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA          {0x00, 0x30}
> +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA          {0x00, 0x31}
> +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA         {0x00, 0x32}
> +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA         {0x00, 0x33}
> +#define TLS_RSA_WITH_AES_256_CBC_SHA             {0x00, 0x35}
> +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA          {0x00, 0x36}
> +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA          {0x00, 0x37}
> +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA         {0x00, 0x38}
> +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA         {0x00, 0x39}
> +#define TLS_RSA_WITH_NULL_SHA256                 {0x00, 0x3B}
> +#define TLS_RSA_WITH_AES_128_CBC_SHA256          {0x00, 0x3C}
> +#define TLS_RSA_WITH_AES_256_CBC_SHA256          {0x00, 0x3D}
> +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256       {0x00, 0x3E}
> +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256       {0x00, 0x3F}
> +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256      {0x00, 0x40}
> +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256      {0x00, 0x67}
> +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256       {0x00, 0x68}
> +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256       {0x00, 0x69}
> +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256      {0x00, 0x6A}
> +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256      {0x00, 0x6B}
> +#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384      {0x00, 0x9F}
> +#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256  {0xC0, 0x2B}
> +#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  {0xC0, 0x2C}
> +#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    {0xC0, 0x30}
> 
>  ///
>  /// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
> @@ -95,6 +99,40 @@ typedef struct {
>  //
>  #define TLS_CIPHERTEXT_RECORD_MAX_PAYLOAD_LENGTH  18432
> 
> +///
> +/// TLS Hash algorithm, refers to section 7.4.1.4.1. of rfc-5246.
> +///
> +typedef enum {
> +  TlsHashAlgoNone   = 0,
> +  TlsHashAlgoMd5    = 1,
> +  TlsHashAlgoSha1   = 2,
> +  TlsHashAlgoSha224 = 3,
> +  TlsHashAlgoSha256 = 4,
> +  TlsHashAlgoSha384 = 5,
> +  TlsHashAlgoSha512 = 6,
> +} TLS_HASH_ALGO;
> +
> +///
> +/// TLS Signature algorithm, refers to section 7.4.1.4.1. of rfc-5246.
> +///
> +typedef enum {
> +  TlsSignatureAlgoAnonymous = 0,
> +  TlsSignatureAlgoRsa       = 1,
> +  TlsSignatureAlgoDsa       = 2,
> +  TlsSignatureAlgoEcdsa     = 3,
> +} TLS_SIGNATURE_ALGO;
> +
> +///
> +/// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1 of rfc-8422.
> +///
> +typedef enum {
> +  TlsEcNamedCurveSecp256r1 = 23,
> +  TlsEcNamedCurveSecp384r1 = 24,
> +  TlsEcNamedCurveSecp521r1 = 25,
> +  TlsEcNamedCurveX25519    = 29,
> +  TlsEcNamedCurveX448      = 30,
> +} TLS_EC_NAMED_CURVE;
> +
>  #pragma pack()
> 
>  #endif
> --
> 2.31.1.windows.1


  reply	other threads:[~2022-10-10  3:06 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-10-10  2:39 [PATCH V3 0/3] CryptoPkg: Extend Tls library Li, Yi
2022-10-10  2:39 ` [PATCH V3 1/3] MdePkg: Add Tls configuration related define Li, Yi
2022-10-10  3:06   ` Michael D Kinney [this message]
2022-10-10  2:39 ` [PATCH V3 2/3] CryptoPkg: Extend Tls function library Li, Yi
2022-10-10  2:39 ` [PATCH V3 3/3] CryptoPkg: Add new Tls APIs to DXE and protocol Li, Yi
2022-10-10  2:46 ` [PATCH V3 0/3] CryptoPkg: Extend Tls library Yao, Jiewen
     [not found] ` <171C9530E5033AAA.32766@groups.io>
2022-10-10  4:45   ` [edk2-devel] " Yao, Jiewen
2022-10-10  5:38     ` Li, Yi
2022-10-10  6:31       ` Yao, Jiewen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CO1PR11MB49295FD13BE204F7F760C3A9D2209@CO1PR11MB4929.namprd11.prod.outlook.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox