From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web10.1117.1665360706482153388 for ; Sun, 09 Oct 2022 17:11:47 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=IEVTxrBW; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1665360706; x=1696896706; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=5TP2l6A+IwAaD8roYttAwVYLjwkiWIKbMei6+UvEQHE=; b=IEVTxrBWjlYfOM94x0I7USMpxvoXj/Tqtqh8EurlGDTnuQe+mvAE+9hC l91iGhPMZN5kNINox9GlQ2trFnwngzcG5QNPl0du5cMyuXSAQIi3mfZQS LeFxmMQgO56ew4OyZwSDozFoQTndKfG3KsJexbx2fAiBYWudMVanIrJNl D1qJZejmlcMPkZxn4IQ3+66aXTO5vXfXTYTkcYZMvZ7zgBIIa4+Qvjn8W jqa2UmH0zwILKlY8NNYpNNZrd+Tkhpqj7ML8745AnV2ZCE6qtHobNVmUR V8n5YbFybQZZvGaqJb14Cnaq9Kdwt2cOHdg6OLUhS4mU8Yh5+YCnuoQq+ Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10495"; a="304097442" X-IronPort-AV: E=Sophos;i="5.95,172,1661842800"; d="scan'208";a="304097442" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Oct 2022 17:11:45 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10495"; a="603536758" X-IronPort-AV: E=Sophos;i="5.95,172,1661842800"; d="scan'208";a="603536758" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by orsmga006.jf.intel.com with ESMTP; 09 Oct 2022 17:11:45 -0700 Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Sun, 9 Oct 2022 17:11:44 -0700 Received: from orsmsx607.amr.corp.intel.com (10.22.229.20) by ORSMSX612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Sun, 9 Oct 2022 17:11:43 -0700 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx607.amr.corp.intel.com (10.22.229.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31 via Frontend Transport; Sun, 9 Oct 2022 17:11:43 -0700 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.172) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.31; Sun, 9 Oct 2022 17:11:43 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EPB0SLDG2GDaPJOW1vq3luCP1aCoQOfRnKCpKVh7XgxoEk+ryHGUozHn01InMUrtXB9KFmeH0LsTRoQyXR9NrqDAydek/c+u/FG4r8A715P06il6Vn3kc0uKiXpwPP2jbZfISfKzBzpM/vJR7m6nZElWyyxIRTB3r1PdSXGIXL2ZfvKyXGpxTR++h5pP3sRFhxLUxfzdcsszJgo7yDEvMrNl4rnZ7FjYNZL5JV4kvbEy8Ica2REeqJfmIthvZOY7fmgyc8L96qIz0aMPLyEI1AeXQhuZIMJQ1lB8dgSOZmQ/71J4rWI8XUsRtCxyzyMEd+Vx40FUdr1yL2CWpkVFUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mx5e2hRCPv5U028x+Ag9tUgd84JWV7R7Sv0KWfiDHRk=; b=ZNDySMV1PWns1T4xrB2Lm4DW1NXx/syv1TY66cUw9Sog93UWZ/j9Y2AuFmPKmH8h4DQylZ6yzqGPBHJUPDTCTVZWJhk8Pkw+8PJRewXEJWgHJmZECr0lvAQUbEbCc7Mm5wjJhp4TEQWUxm25AC581RpLiio+1w57xNIwZ4fp8jMC9rcRE41h9FRCOw5h1r9JgNnOZrt+1Pg12hoYQE8HNMZhn7updyFApnN8RqKEsCnSIc9faI4N4Y5RVl1k7ml5Gko7RJMDKiSl+8ToPz9HlyMBjElbrm3fD9rCFjA34YJLiB+mZ9R9lMwSAxsbCKjqLvA4zM7Vy3MiPok6Q/DQtA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by CO1PR11MB4962.namprd11.prod.outlook.com (2603:10b6:303:99::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.24; Mon, 10 Oct 2022 00:11:41 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::76b0:750c:a322:5acf]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::76b0:750c:a322:5acf%6]) with mapi id 15.20.5709.015; Mon, 10 Oct 2022 00:11:41 +0000 From: "Yao, Jiewen" To: "Li, Yi1" , "devel@edk2.groups.io" CC: "Kinney, Michael D" , "Gao, Liming" Subject: Re: [PATCH V2 1/3] MdePkg: Add Tls configuration related define Thread-Topic: [PATCH V2 1/3] MdePkg: Add Tls configuration related define Thread-Index: AQHY2rsS7da5LWVgxUW88IoZqMaTZ64GwZCg Date: Mon, 10 Oct 2022 00:11:41 +0000 Message-ID: References: <9f6468e21b28debeacbb08839b28d62aefc45cc8.1665194514.git.yi1.li@intel.com> In-Reply-To: <9f6468e21b28debeacbb08839b28d62aefc45cc8.1665194514.git.yi1.li@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.500.17 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|CO1PR11MB4962:EE_ x-ms-office365-filtering-correlation-id: 34587f46-f40b-458a-dc37-08daaa540216 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: y1ZqPL20xaj0H7MpYeSCvMIVBNlwCy3H7kQMfGqfo6lUsC7Dy5Esb/c2mEaO0B9T39keovQNt8r2aasZfRwE1nY/5P9OvptJ05pD22O1tC3khRNrDTPc2XYDIvu1NufQhpkAUjYdegopRLxtgMi0i/8brmXk0NUDyTSkmOgzk+WIldYETe8yVE4q6Rez+jM0cEeA1ql03OljlREmx2cRF7g0AMBf5BKXp1lM8RTeii4euTmxLLAat1cYc0W0dxCkQ27q9ISGgOIv4EiFwUA8sWLIb331y7JtnBnLGh6BXCthijcRcX3uVPNgUZU1OtdCByJThDPREHgeFrydiXvFS4CP3SJFwAokTBxg6amTYuB1ca7hcZDpU9bw9h5Wn0daSR1vWms2eUM9hyXLhm7EkX/39SSVurZ1emvSTRgsE3Ob1s4gHN3v6ZPln4FYIubmhGGovYaMKMkhMHYee96UTgKJmOybKVBYfAc7qeEMpc2Tjc55GEt4NMNqWYtx8OE5nI9GoPWAGM2wVCw5svUnwcJNlgqhOGlvg3c3aKSWGYaCTcBkVjPy5m3lYN+lSvwCtaZVdoIve1D+SE/f6/weWNEDbE4MtljHQ5tFD3599zgU7r/gycobyb+7BQh98oAth93RhQ5bZXfd1Y5BeCQe4oVOlMua8TFR+eBi4S1cxuUC4AUsyGK57cfALWVbj40cN6KwUhdJw7xcsW0vBUjznu16XP2J/je7In971sWH3CF0f7VP0zGUYLXnrE5UI5o8nZWb4NUNsBLlyrcydZfys+/pfaFLDt7ziOrXQ95xMxY67STciUouNdwwqCwLt51C5S37jdLoOqszlxBqdy2/8g== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(396003)(346002)(136003)(39860400002)(366004)(376002)(451199015)(38070700005)(33656002)(26005)(54906003)(6506007)(966005)(316002)(7696005)(19627235002)(8676002)(66946007)(66446008)(64756008)(66556008)(4326008)(41300700001)(52536014)(9686003)(8936002)(5660300002)(53546011)(122000001)(55016003)(66476007)(76116006)(186003)(2906002)(38100700002)(82960400001)(86362001)(83380400001)(110136005)(478600001)(71200400001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?27H/XuzjW8ORHMajB+apne+YSWcKjv5ufaBdJfRogDZpJGPDLsa5/VKlxC6H?= =?us-ascii?Q?RmwzaMv4VqH0csscNJnuiOf+rIlnC8vLevmpLdeC4SMdwl+mZm/1LkvgsjBc?= =?us-ascii?Q?5AM+FMcKGCU0XlyK6bgQAH5SdRUR8g5ku7knHIZtN4V57lXiNUWymS8Vahn+?= =?us-ascii?Q?VaxFxr1xUC19qbO5nWyUCtOfmkYC/o6i/o6D6Z33WGAxwTik2vvMW/9/8cj/?= =?us-ascii?Q?TIN8JiS9COM08Z0uZE5KJqPj0X+BPxgPwPk+nRM9TRdytxzzGOVpf7boc0TH?= =?us-ascii?Q?CtaNY64ytK9RpBwzvMgBIdy9P5OqeEcy1PqyFhzm+psahijUZgFs44FJDDBB?= =?us-ascii?Q?X5MkKCDHSH2Odz4uIW3GMTg10dMMu0EegL6WwnmXH1WJq5OQV+LN3WzkkVee?= =?us-ascii?Q?J9I8DmjM4ZwuB08hE8fLEOd4BDLtBS4opaps/753R3QVERFxTeGnAccZnP7h?= =?us-ascii?Q?wlRHUOlH0U9iVx/SM+k6VaP+/1Ti2TLMi3cJzmR80160plfCPDK+kHw8wUgQ?= =?us-ascii?Q?TpGhc4emCeZ+Y2P2D5bLbLh0ADc80YkOUY0mhktrvLdz8MtLs7n/61qV7Nq6?= =?us-ascii?Q?5/XdAi8zM3opmWLQloX9l5Nt+QKTWr6x+xk6wM8pvOJTvhaav83q+S8kRMRJ?= =?us-ascii?Q?bbLq07OP6FzP8xX+b3c9OBJLvcml0PjSOfNdYpjBEj9WMbLAWkEVN7BOs7z9?= =?us-ascii?Q?Bbo+mox982YAtVG8ZgHSWux7mcBJSv79v1nN0B/mCSn8ueH/5tH6XQSX1eCD?= =?us-ascii?Q?FidZPIX3W7Jf3h3it1DdNXYZWgtAXKnIh6TVJmIrUyvSMu/xnCohwm3ZJAiG?= =?us-ascii?Q?PwYvOU+jAp1gyuuusX9+P803/C442rg5yuQ/M8ZsKJHS+rtnVtVH82vvIO6r?= =?us-ascii?Q?xEbxgtQHvObQwiUUQJEvn9/SC2LBoIaMdn8C3XFQIxHLGLRI0qtxX1ATq2jK?= =?us-ascii?Q?b1PrmV9FPPc2aO0hX/pt44tQ+1MQsa3AHlQeEkPrQJ6Sx0RVVc9qM5sEUdxU?= =?us-ascii?Q?qLQ42pLc9vxvwkYfrZz8ooFXnrauQ3o+R0k81KPvBgtxuH5cr9hL0sE7wW59?= =?us-ascii?Q?SkInYxCIbj7bkTHQyKMpCsHfwx0afkAkKh1pQdanRpePTao/79tocDvgLUjC?= =?us-ascii?Q?K/vjTUO0C8MI29L656fvaDtWvP0NCd5UogJN0/g2E5HkOYLbUj7+0q1eQhsH?= =?us-ascii?Q?3YNx6mZI3d/9SYa4zOpK466pkJW/UIdGpCPMoB9WEbdVc6i7K0LthmW5maV6?= =?us-ascii?Q?9luYwTnxWnEWYBwaR7ZQfUiOsG8Flmn4GJHpipSwHZxHavXKWKEUiY1DLRQj?= =?us-ascii?Q?HRncanbFaDEGHmpua4UwwUQYBXMkVxbWbbid5GUI7o927qvKhZRD6AfmThXo?= =?us-ascii?Q?Id1hxO/BJ+SP6UyV1xMDia25J75u3tZcjinR+WtqTUNOCpminu0b2ReXY9v1?= =?us-ascii?Q?vM23A9HPdv73AuslxIYEcMerQdEvShsgdYTuoLLDpc/OUqDmirG58J7VIil7?= =?us-ascii?Q?Cl5Uhsn8E+IiE6OeHqedaYF+8Hl9IyiDjE9CZ0YLA3CpvjLIchUIy1vn6RYo?= =?us-ascii?Q?wj1Ygs7kOXfKa3BmPC1acCUR37lfE16hflwT4XH5?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 34587f46-f40b-458a-dc37-08daaa540216 X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Oct 2022 00:11:41.5062 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: lrXlD1reHaYJC433L6DWMSfLUMt3gc2MNDYQxyYkIwklmXlc1b0Fme1mJAk4g+mb63VHvbFrUy6mZbL6lhjAyA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR11MB4962 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi 1) I cannot find the new cipher suite definition in rfc-5246 (https://www.r= fc-editor.org/rfc/rfc5246). Would you please update comment as well, to let it point to right document? /// /// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246. /// ... #define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 {0x00, 0x9F} #define TLS_ECDHE_ECDSA_AES128_GCM_SHA256 {0xC0, 0x2B} #define TLS_ECDHE_ECDSA_AES256_GCM_SHA384 {0xC0, 0x2C} #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 {0xC0, 0x30} 2) I cannot find the new cipher suite definition in rfc-8442. (Actually, th= ere is no section 5.1.1 in RFC8442 https://www.rfc-editor.org/rfc/rfc8442) Would you please update comment as well, to let it point to right document? /// /// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1 of rf= c-8442 /// typedef enum { TlsEcNamedCurveSecp256r1 =3D 23, TlsEcNamedCurveSecp384r1 =3D 24, TlsEcNamedCurveSecp521r1 =3D 25, TlsEcNamedCurveX25519 =3D 29, TlsEcNamedCurveX448 =3D 30, } TLS_EC_NAMED_CURVE; > -----Original Message----- > From: Li, Yi1 > Sent: Saturday, October 8, 2022 10:10 AM > To: devel@edk2.groups.io > Cc: Li, Yi1 ; Yao, Jiewen ; Kinne= y, > Michael D ; Gao, Liming > > Subject: [PATCH V2 1/3] MdePkg: Add Tls configuration related define >=20 > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D3892 >=20 > Consumed by TlsSetEcCurve and TlsSetSignatureAlgoList. >=20 > Cc: Jiewen Yao > Cc: Michael D Kinney > Cc: Liming Gao > Signed-off-by: Yi Li > --- > MdePkg/Include/IndustryStandard/Tls1.h | 110 +++++++++++++++++------- > - > 1 file changed, 74 insertions(+), 36 deletions(-) >=20 > diff --git a/MdePkg/Include/IndustryStandard/Tls1.h > b/MdePkg/Include/IndustryStandard/Tls1.h > index cf67428b11..5cf2860caf 100644 > --- a/MdePkg/Include/IndustryStandard/Tls1.h > +++ b/MdePkg/Include/IndustryStandard/Tls1.h > @@ -15,42 +15,46 @@ > /// > /// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246. > /// > -#define TLS_RSA_WITH_NULL_MD5 {0x00, 0x01} > -#define TLS_RSA_WITH_NULL_SHA {0x00, 0x02} > -#define TLS_RSA_WITH_RC4_128_MD5 {0x00, 0x04} > -#define TLS_RSA_WITH_RC4_128_SHA {0x00, 0x05} > -#define TLS_RSA_WITH_IDEA_CBC_SHA {0x00, 0x07} > -#define TLS_RSA_WITH_DES_CBC_SHA {0x00, 0x09} > -#define TLS_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x0A} > -#define TLS_DH_DSS_WITH_DES_CBC_SHA {0x00, 0x0C} > -#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x0D} > -#define TLS_DH_RSA_WITH_DES_CBC_SHA {0x00, 0x0F} > -#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x10} > -#define TLS_DHE_DSS_WITH_DES_CBC_SHA {0x00, 0x12} > -#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x13} > -#define TLS_DHE_RSA_WITH_DES_CBC_SHA {0x00, 0x15} > -#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x16} > -#define TLS_RSA_WITH_AES_128_CBC_SHA {0x00, 0x2F} > -#define TLS_DH_DSS_WITH_AES_128_CBC_SHA {0x00, 0x30} > -#define TLS_DH_RSA_WITH_AES_128_CBC_SHA {0x00, 0x31} > -#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA {0x00, 0x32} > -#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x33} > -#define TLS_RSA_WITH_AES_256_CBC_SHA {0x00, 0x35} > -#define TLS_DH_DSS_WITH_AES_256_CBC_SHA {0x00, 0x36} > -#define TLS_DH_RSA_WITH_AES_256_CBC_SHA {0x00, 0x37} > -#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA {0x00, 0x38} > -#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA {0x00, 0x39} > -#define TLS_RSA_WITH_NULL_SHA256 {0x00, 0x3B} > -#define TLS_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3C} > -#define TLS_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x3D} > -#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x3E} > -#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3F} > -#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x40} > -#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x67} > -#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x68} > -#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x69} > -#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x6A} > -#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x6B} > +#define TLS_RSA_WITH_NULL_MD5 {0x00, 0x01} > +#define TLS_RSA_WITH_NULL_SHA {0x00, 0x02} > +#define TLS_RSA_WITH_RC4_128_MD5 {0x00, 0x04} > +#define TLS_RSA_WITH_RC4_128_SHA {0x00, 0x05} > +#define TLS_RSA_WITH_IDEA_CBC_SHA {0x00, 0x07} > +#define TLS_RSA_WITH_DES_CBC_SHA {0x00, 0x09} > +#define TLS_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x0A} > +#define TLS_DH_DSS_WITH_DES_CBC_SHA {0x00, 0x0C} > +#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x0D} > +#define TLS_DH_RSA_WITH_DES_CBC_SHA {0x00, 0x0F} > +#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x10} > +#define TLS_DHE_DSS_WITH_DES_CBC_SHA {0x00, 0x12} > +#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x13} > +#define TLS_DHE_RSA_WITH_DES_CBC_SHA {0x00, 0x15} > +#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x16} > +#define TLS_RSA_WITH_AES_128_CBC_SHA {0x00, 0x2F} > +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA {0x00, 0x30} > +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA {0x00, 0x31} > +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA {0x00, 0x32} > +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x33} > +#define TLS_RSA_WITH_AES_256_CBC_SHA {0x00, 0x35} > +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA {0x00, 0x36} > +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA {0x00, 0x37} > +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA {0x00, 0x38} > +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA {0x00, 0x39} > +#define TLS_RSA_WITH_NULL_SHA256 {0x00, 0x3B} > +#define TLS_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3C} > +#define TLS_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x3D} > +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x3E} > +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3F} > +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x40} > +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x67} > +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x68} > +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x69} > +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x6A} > +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x6B} > +#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 {0x00, 0x9F} > +#define TLS_ECDHE_ECDSA_AES128_GCM_SHA256 {0xC0, 0x2B} > +#define TLS_ECDHE_ECDSA_AES256_GCM_SHA384 {0xC0, 0x2C} > +#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 {0xC0, 0x30} >=20 > /// > /// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246. > @@ -95,6 +99,40 @@ typedef struct { > // > #define TLS_CIPHERTEXT_RECORD_MAX_PAYLOAD_LENGTH 18432 >=20 > +/// > +/// TLS Hash algorithm, refers to section 7.4.1.4.1. of rfc-5246. > +/// > +typedef enum { > + TlsHashAlgoNone =3D 0, > + TlsHashAlgoMd5 =3D 1, > + TlsHashAlgoSha1 =3D 2, > + TlsHashAlgoSha224 =3D 3, > + TlsHashAlgoSha256 =3D 4, > + TlsHashAlgoSha384 =3D 5, > + TlsHashAlgoSha512 =3D 6, > +} TLS_HASH_ALGO; > + > +/// > +/// TLS Signature algorithm, refers to section 7.4.1.4.1. of rfc-5246. > +/// > +typedef enum { > + TlsSignatureAlgoAnonymous =3D 0, > + TlsSignatureAlgoRsa =3D 1, > + TlsSignatureAlgoDsa =3D 2, > + TlsSignatureAlgoEcdsa =3D 3, > +} TLS_SIGNATURE_ALGO; > + > +/// > +/// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1 of= rfc- > 8442 > +/// > +typedef enum { > + TlsEcNamedCurveSecp256r1 =3D 23, > + TlsEcNamedCurveSecp384r1 =3D 24, > + TlsEcNamedCurveSecp521r1 =3D 25, > + TlsEcNamedCurveX25519 =3D 29, > + TlsEcNamedCurveX448 =3D 30, > +} TLS_EC_NAMED_CURVE; > + > #pragma pack() >=20 > #endif > -- > 2.31.1.windows.1