From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <thomas.palmer@hpe.com>
Received: from NAM02-BL2-obe.outbound.protection.outlook.com
 (mail-bl2nam02on071a.outbound.protection.outlook.com
 [IPv6:2a01:111:f400:fe46::71a])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id CA68C1A1DF7
 for <edk2-devel@lists.01.org>; Fri, 29 Jul 2016 15:02:55 -0700 (PDT)
Received: from CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.30) by
 CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.30) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id
 15.1.549.15; Fri, 29 Jul 2016 22:02:52 +0000
Received: from CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.30]) by
 CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.30]) with mapi id
 15.01.0549.016; Fri, 29 Jul 2016 22:02:52 +0000
From: "Palmer, Thomas" <thomas.palmer@hpe.com>
To: Jiaxin Wu <jiaxin.wu@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: Liming Gao <liming.gao@intel.com>, Long Qin <qin.long@intel.com>, Ye Ting
 <ting.ye@intel.com>, Fu Siyuan <siyuan.fu@intel.com>
Thread-Topic: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with
 the standardized one
Thread-Index: AQHR3ZPC2hroSCc030eQHf5GuV9O+KAwDRGA
Date: Fri, 29 Jul 2016 22:02:52 +0000
Message-ID: <CS1PR84MB015180B443FFC6719A3DB968ED010@CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM>
References: <1468475478-145272-1-git-send-email-jiaxin.wu@intel.com>
In-Reply-To: <1468475478-145272-1-git-send-email-jiaxin.wu@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=thomas.palmer@hpe.com; 
x-originating-ip: [15.203.227.4]
x-ms-office365-filtering-correlation-id: d683a1b7-4a60-4464-160e-08d3b7fc16aa
x-microsoft-exchange-diagnostics: 1; CS1PR84MB0151;
 6:wGcRZ3PfmqWeyk+YG4aDUf8iHvi2uASEbsfOObzYjOiYBngg6AyFPtcn8Ao611tOfLudHCDgXlpRXak71pm/lP7xBj1T/iSTHWcpJA5cboBUg8FrWJ/Kr5zQKBEprfyaBxazU84MIPLzMNi/g0/H9mrmHyYqL9ZEOyeBn5JT81VrRMtL/NtsM+xfXmL1juGMLalixkTeL0y5Y4FbDo8QfiCODMX6i7Tsl65cbQKPvZxhKpvmV4l4fRSK4iu06wtGRuaasCGLWOkPCxltD3FHOr4dsNsc2F4XEYok6Tsy8Q49wJF3Df5KG83lkFcSUgkivpF8wF2hbYwShajK9KhEnA==;
 5:u78SsfDRTe0IpGnBXs1ZaC2GgjUiCKORaE6rpK+lK2dMj4zVgang6n+zZCFyRBu5B9TdKGhCV/wtJR7eEq6JQ2AAPtgXQ+M4vk4jXd3FBtL6J6klUCJqJ8Z9rUAnjKxrMbO8n96fhcUAWpPhdQ1yLQ==;
 24:VCjuK1B1LdfCdlltl2VRmO6QTIfbsLpaIAxwzbaH8rF3eL72FL1Yq4Cyx5z4L/jGfTqrwS7DOqodsFZXv08xW22I51RR+pXB4y27KfvNY0s=;
 7:ZbY1pyh36jmWCTvOJKFT0mscp5AR2D0Te+wRgoqL7TAWh82W9Ag8UQwKWPOLKRuUpnVnD+8rZb5Dygf0J3iv9jDMuNukb6f/o0yssWn0lo9VnsSN+crfh1XDT5b4w7ut1CRt8BKZxZ6SzJEcCWCqNU8KgV/aJP33Y2voMamiQhL4tCwwKl05GeOo0AcNdIS4rD1p4B/B0z7imd2MVLwYLAIeMlXurAfJnnBpbYEC7zMH0L7Bh7KqLQQvrODrWC2+
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CS1PR84MB0151;
x-microsoft-antispam-prvs: <CS1PR84MB01510A53E0634F93E42FC27EED010@CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM>
x-exchange-antispam-report-test: UriScan:(227479698468861)(788757137089)(162533806227266)(228905959029699); 
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0;
 RULEID:(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026);
 SRVR:CS1PR84MB0151; BCL:0; PCL:0; RULEID:; SRVR:CS1PR84MB0151; 
x-forefront-prvs: 0018A2705B
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10019020)(6009001)(7916002)(199003)(377454003)(189002)(13464003)(7846002)(9686002)(122556002)(19580405001)(50986999)(101416001)(11100500001)(33656002)(76176999)(106356001)(19580395003)(305945005)(87936001)(106116001)(54356999)(7696003)(2900100001)(586003)(66066001)(2950100001)(7736002)(74316002)(4326007)(6116002)(3660700001)(68736007)(81166006)(189998001)(102836003)(8936002)(5002640100001)(77096005)(99286002)(5001770100001)(81156014)(97736004)(105586002)(2906002)(86362001)(3280700002)(92566002)(8676002)(2501003)(3846002)(10400500002)(19627235001);
 DIR:OUT; SFP:1102; SCL:1; SRVR:CS1PR84MB0151;
 H:CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM; FPR:; SPF:None; PTR:InfoNoRecords;
 A:1; MX:1; LANG:en; 
received-spf: None (protection.outlook.com: hpe.com does not designate
 permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
MIME-Version: 1.0
X-OriginatorOrg: hpe.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jul 2016 22:02:52.7047 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CS1PR84MB0151
Subject: Re: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with the standardized one
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jul 2016 22:02:56 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Jiaxin,
=09
	UEFI's OpenSSL library does not support all the ciphers that were added in=
 your patch due to the UEFI configuration.  We need to remove "no-idea" and=
 "no-dsa" from the process_files.sh and add "enable-weak-ssl-ciphers"
=09
	While we are modifying process_files.sh, we can remove "no-pqueue" from pr=
ocess_files.sh so that OpensslLib.inf is in sync.

	I can send out a patch to do so if you wish.

Thomas

-----Original Message-----
From: Jiaxin Wu [mailto:jiaxin.wu@intel.com]=20
Sent: Thursday, July 14, 2016 12:51 AM
To: edk2-devel@lists.01.org
Cc: Liming Gao <liming.gao@intel.com>; Palmer, Thomas <thomas.palmer@hpe.co=
m>; Long Qin <qin.long@intel.com>; Ye Ting <ting.ye@intel.com>; Fu Siyuan <=
siyuan.fu@intel.com>; Wu Jiaxin <jiaxin.wu@intel.com>
Subject: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with th=
e standardized one

The series patches are used to replace the TLS definitions with the standar=
dized one. In addition, more TLS cipher suite mapping between Cipher Suite =
definitions and OpenSSL-used Cipher Suite name are added.

Cc: Liming Gao <liming.gao@intel.com>
Cc: Palmer Thomas <thomas.palmer@hpe.com>
Cc: Long Qin <qin.long@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>

Jiaxin Wu (4):
  MdePkg: Add a header to standardize TLS definitions
  CryptoPkg: Add more TLS cipher suite mapping
  NetworkPkg/TlsDxe: Replace the definitions with the standardized one
  NetworkPkg/HttpDxe: Replace the definitions with the standardized one

 CryptoPkg/Library/TlsLib/TlsLib.c      | 3585 ++++++++++++++++------------=
----
 MdePkg/Include/IndustryStandard/Tls1.h |   93 +
 NetworkPkg/HttpDxe/HttpDriver.h        |    2 +
 NetworkPkg/HttpDxe/HttpProto.c         |   12 +-
 NetworkPkg/HttpDxe/HttpsSupport.c      |   22 +-
 NetworkPkg/HttpDxe/HttpsSupport.h      |   44 -
 NetworkPkg/TlsDxe/TlsImpl.c            |   56 +-
 NetworkPkg/TlsDxe/TlsImpl.h            |   30 +-
 NetworkPkg/TlsDxe/TlsProtocol.c        |    2 +-
 9 files changed, 1945 insertions(+), 1901 deletions(-)  create mode 100644=
 MdePkg/Include/IndustryStandard/Tls1.h

--
1.9.5.msysgit.1