From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02on071a.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe46::71a]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id CA68C1A1DF7 for ; Fri, 29 Jul 2016 15:02:55 -0700 (PDT) Received: from CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.30) by CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM (10.162.189.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.549.15; Fri, 29 Jul 2016 22:02:52 +0000 Received: from CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.30]) by CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM ([10.162.189.30]) with mapi id 15.01.0549.016; Fri, 29 Jul 2016 22:02:52 +0000 From: "Palmer, Thomas" To: Jiaxin Wu , "edk2-devel@lists.01.org" CC: Liming Gao , Long Qin , Ye Ting , Fu Siyuan Thread-Topic: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with the standardized one Thread-Index: AQHR3ZPC2hroSCc030eQHf5GuV9O+KAwDRGA Date: Fri, 29 Jul 2016 22:02:52 +0000 Message-ID: References: <1468475478-145272-1-git-send-email-jiaxin.wu@intel.com> In-Reply-To: <1468475478-145272-1-git-send-email-jiaxin.wu@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=thomas.palmer@hpe.com; x-originating-ip: [15.203.227.4] x-ms-office365-filtering-correlation-id: d683a1b7-4a60-4464-160e-08d3b7fc16aa x-microsoft-exchange-diagnostics: 1; CS1PR84MB0151; 6:wGcRZ3PfmqWeyk+YG4aDUf8iHvi2uASEbsfOObzYjOiYBngg6AyFPtcn8Ao611tOfLudHCDgXlpRXak71pm/lP7xBj1T/iSTHWcpJA5cboBUg8FrWJ/Kr5zQKBEprfyaBxazU84MIPLzMNi/g0/H9mrmHyYqL9ZEOyeBn5JT81VrRMtL/NtsM+xfXmL1juGMLalixkTeL0y5Y4FbDo8QfiCODMX6i7Tsl65cbQKPvZxhKpvmV4l4fRSK4iu06wtGRuaasCGLWOkPCxltD3FHOr4dsNsc2F4XEYok6Tsy8Q49wJF3Df5KG83lkFcSUgkivpF8wF2hbYwShajK9KhEnA==; 5:u78SsfDRTe0IpGnBXs1ZaC2GgjUiCKORaE6rpK+lK2dMj4zVgang6n+zZCFyRBu5B9TdKGhCV/wtJR7eEq6JQ2AAPtgXQ+M4vk4jXd3FBtL6J6klUCJqJ8Z9rUAnjKxrMbO8n96fhcUAWpPhdQ1yLQ==; 24:VCjuK1B1LdfCdlltl2VRmO6QTIfbsLpaIAxwzbaH8rF3eL72FL1Yq4Cyx5z4L/jGfTqrwS7DOqodsFZXv08xW22I51RR+pXB4y27KfvNY0s=; 7:ZbY1pyh36jmWCTvOJKFT0mscp5AR2D0Te+wRgoqL7TAWh82W9Ag8UQwKWPOLKRuUpnVnD+8rZb5Dygf0J3iv9jDMuNukb6f/o0yssWn0lo9VnsSN+crfh1XDT5b4w7ut1CRt8BKZxZ6SzJEcCWCqNU8KgV/aJP33Y2voMamiQhL4tCwwKl05GeOo0AcNdIS4rD1p4B/B0z7imd2MVLwYLAIeMlXurAfJnnBpbYEC7zMH0L7Bh7KqLQQvrODrWC2+ x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CS1PR84MB0151; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(227479698468861)(788757137089)(162533806227266)(228905959029699); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(8121501046)(5005006)(10201501046)(3002001)(6055026); SRVR:CS1PR84MB0151; BCL:0; PCL:0; RULEID:; SRVR:CS1PR84MB0151; x-forefront-prvs: 0018A2705B x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(199003)(377454003)(189002)(13464003)(7846002)(9686002)(122556002)(19580405001)(50986999)(101416001)(11100500001)(33656002)(76176999)(106356001)(19580395003)(305945005)(87936001)(106116001)(54356999)(7696003)(2900100001)(586003)(66066001)(2950100001)(7736002)(74316002)(4326007)(6116002)(3660700001)(68736007)(81166006)(189998001)(102836003)(8936002)(5002640100001)(77096005)(99286002)(5001770100001)(81156014)(97736004)(105586002)(2906002)(86362001)(3280700002)(92566002)(8676002)(2501003)(3846002)(10400500002)(19627235001); DIR:OUT; SFP:1102; SCL:1; SRVR:CS1PR84MB0151; H:CS1PR84MB0151.NAMPRD84.PROD.OUTLOOK.COM; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en; received-spf: None (protection.outlook.com: hpe.com does not designate permitted sender hosts) spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-OriginatorOrg: hpe.com X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jul 2016 22:02:52.7047 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc X-MS-Exchange-Transport-CrossTenantHeadersStamped: CS1PR84MB0151 Subject: Re: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with the standardized one X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2016 22:02:56 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Jiaxin, =09 UEFI's OpenSSL library does not support all the ciphers that were added in= your patch due to the UEFI configuration. We need to remove "no-idea" and= "no-dsa" from the process_files.sh and add "enable-weak-ssl-ciphers" =09 While we are modifying process_files.sh, we can remove "no-pqueue" from pr= ocess_files.sh so that OpensslLib.inf is in sync. I can send out a patch to do so if you wish. Thomas -----Original Message----- From: Jiaxin Wu [mailto:jiaxin.wu@intel.com]=20 Sent: Thursday, July 14, 2016 12:51 AM To: edk2-devel@lists.01.org Cc: Liming Gao ; Palmer, Thomas ; Long Qin ; Ye Ting ; Fu Siyuan <= siyuan.fu@intel.com>; Wu Jiaxin Subject: [staging/HTTPS-TLS][PATCH 0/4] Replace the TLS definitions with th= e standardized one The series patches are used to replace the TLS definitions with the standar= dized one. In addition, more TLS cipher suite mapping between Cipher Suite = definitions and OpenSSL-used Cipher Suite name are added. Cc: Liming Gao Cc: Palmer Thomas Cc: Long Qin Cc: Ye Ting Cc: Fu Siyuan Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin Signed-off-by: Jiaxin Wu Jiaxin Wu (4): MdePkg: Add a header to standardize TLS definitions CryptoPkg: Add more TLS cipher suite mapping NetworkPkg/TlsDxe: Replace the definitions with the standardized one NetworkPkg/HttpDxe: Replace the definitions with the standardized one CryptoPkg/Library/TlsLib/TlsLib.c | 3585 ++++++++++++++++------------= ---- MdePkg/Include/IndustryStandard/Tls1.h | 93 + NetworkPkg/HttpDxe/HttpDriver.h | 2 + NetworkPkg/HttpDxe/HttpProto.c | 12 +- NetworkPkg/HttpDxe/HttpsSupport.c | 22 +- NetworkPkg/HttpDxe/HttpsSupport.h | 44 - NetworkPkg/TlsDxe/TlsImpl.c | 56 +- NetworkPkg/TlsDxe/TlsImpl.h | 30 +- NetworkPkg/TlsDxe/TlsProtocol.c | 2 +- 9 files changed, 1945 insertions(+), 1901 deletions(-) create mode 100644= MdePkg/Include/IndustryStandard/Tls1.h -- 1.9.5.msysgit.1