From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by mx.groups.io with SMTP id smtpd.web12.2154.1665369669854847712 for ; Sun, 09 Oct 2022 19:41:09 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=UJE4nWUx; spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: yi1.li@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1665369669; x=1696905669; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=PXEZZYywcx+nDqAg7+zWonaViq0bkdu8wzb6/9SQRTE=; b=UJE4nWUxxLpJrjm7XNlR+nxlYmSekc4Gxtf/B3mbfqyt6oJtuBtLXp5H xuex675txaDAZIssM+pHravFGLOAzc7Vl4cQxy43sKyhlN7Qf69livwGS am1WVuzjOlxz9+mngX/3KPg78NSEvfwyPvxYtiiSTywKTLHVhGMarz5fD OFJD1H1kkXTKz0Sn3HKEUeFmmxMZAkku7ndex6S0MFbzUU0Gtr6tQ1kKQ fsoFKA0JUkKASQf7rvFiEHhsELouehBK8cZuZ5eDUtndmNeiaQVBlF8Fb JYfhSkKxMU0b+T8OO/vQftDONKhoeZZTgR2cjgnmwfsCxs59zzddz+nRs Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10495"; a="330588286" X-IronPort-AV: E=Sophos;i="5.95,172,1661842800"; d="scan'208";a="330588286" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Oct 2022 19:41:09 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10495"; a="768235115" X-IronPort-AV: E=Sophos;i="5.95,172,1661842800"; d="scan'208";a="768235115" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by fmsmga001.fm.intel.com with ESMTP; 09 Oct 2022 19:41:09 -0700 Received: from fmsmsx611.amr.corp.intel.com (10.18.126.91) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Sun, 9 Oct 2022 19:41:09 -0700 Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by fmsmsx611.amr.corp.intel.com (10.18.126.91) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Sun, 9 Oct 2022 19:41:08 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31 via Frontend Transport; Sun, 9 Oct 2022 19:41:08 -0700 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (104.47.56.45) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.31; Sun, 9 Oct 2022 19:41:08 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MEXM1jZP02ASuv11AzZDKFEXAioN+e9Fs5GRSwaDG/GncDGjAy08cT9PdgHXFIPFmqo64mOVwJ7gQT7J63t0AQSC/s+6mhB6iNcBxH4HORXIX3S3oAkgtYBhPiXbPSH3L8G2nr6FfzdqTsjeYpKHNrH1N96yuTss6sucNBE4ulssL+uJQIpwpEDVwJc7/0xDAPjGCvTORLHlsNnqbev9fRuoVmv8b6koYxjTcHui6dqzcUNIeWPkfVMQvLOOfHPeEv0nW+op5MpmDJhHJeEGdEAAOTfJFEpZdFOlXUWNAdBa1shxcHUb5al3MGOiUx24AgbcifwyuimUWyQ0Uu8f7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=XS4BcOqU4ncKz3yxliuhdTMmutuCR6hM73P08ZE5VMs=; b=ElkFkeTStGfCEanYU7sbPUL5pwWtpEOYqMCmYY9oxhoVHjufhqMhFbJt2eTwi92LkLJwP5SA7gCgYd5guPdx//L/L02KnGPsOLoVOw9dFTgELCd7YLwLe+gAVLyzGkz8BZgrzqClMkqEwCB3lmvF8QqdiOrfPzPNkwtXV2N3P2O17/2Tv0s3CRKp6ftNF++5DExqK31SxILTV5Ek9oHKykridxtUcDBLeVtJEnGxZhtPtKG43crc/3bJpce4H/cJDj5WRdeUbQ7ndzBuUplivFNBuAL0QHsdJctbaFfPg+OV28V3o00bOV6fj4+mNE1yF+xZHvghzOShvcZLJ0zvZg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10) by PH8PR11MB6561.namprd11.prod.outlook.com (2603:10b6:510:1c0::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.23; Mon, 10 Oct 2022 02:41:06 +0000 Received: from SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::bd4b:a704:7db6:70d4]) by SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::bd4b:a704:7db6:70d4%8]) with mapi id 15.20.5654.035; Mon, 10 Oct 2022 02:41:05 +0000 From: "Li, Yi" To: "devel@edk2.groups.io" , "Yao, Jiewen" , "Luo, Heng" CC: "Kinney, Michael D" , "Gao, Liming" Subject: Re: [edk2-devel] [PATCH V2 1/3] MdePkg: Add Tls configuration related define Thread-Topic: [edk2-devel] [PATCH V2 1/3] MdePkg: Add Tls configuration related define Thread-Index: AQHY2rsSheNW9fSVEEemPqCD2KRh+K4GxEiAgAAXswCAABDs4A== Date: Mon, 10 Oct 2022 02:41:05 +0000 Message-ID: References: <9f6468e21b28debeacbb08839b28d62aefc45cc8.1665194514.git.yi1.li@intel.com> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|PH8PR11MB6561:EE_ x-ms-office365-filtering-correlation-id: c8b8f0c0-9e1d-4f88-2266-08daaa68e12e x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: dF7s5PoHVL/XDrVIuJv1LO7/d8OhCg6fLZd+Nh7KkGX8bJBu1Q6GxspCA9Eg+YD6u6BWegx3NTz2k+u1eCdp1+CNhgi8xlMCKQU1mvZWKWHmdtFUL2QZsF/4cMrEoASOO3blvAKMqkvK7dSd3Zx4oRN2h1UOfJTmy59SZWlX36U7kWhMrtoY50/ImwxLue2ZrIRA4+ftAf3blSFeqDixsR/6+TfU8QWTzBy4M78+S2RFOCS8KAWDkf1/5CNb51eFUBxLRsnIzH/46SVl66I7vDDUGodFTLImqrr6ULNpTuQSDNNELSiQ06jAptLiHeyCR0WAviX4r+Qgguz7IkhDcE3881lBsVQnw0ofQ59eUNDZVkxg6SaX7dC04S0K8CIbQqBNclUPyGQ72ooKHsmGTPsXCD+0NkDdAEHLj5m+Pj7gImtLuLZvtswvBvM1gUvOQJLEXjPduN8HSH+nZpbtAjyEYnOqyZBuFNoRoreTaaYb7FgjQUHh4sSKTtfTNsODFSo0h7KwQAAp7qqYM9vTmC9p2YxCRJCk8a7J+8XadHH7NUyCUpASAFPZoK/Slw1MoEydk+Iv59tJDXB+U6Pq7isRJkJ2buL3Ng29lYYJuCDl8/7zs7xW7TGa5CIhD4b+MmkL6x/XQ1DusZhnSrJB48TGAdaOJvbsHdTSe32b9kun8nZJHkDaMJPlx/m+Fmd9dbnELgxF0SWg8necRGHiUGV0P1qQ5tted19fk48dXVORMKz8wbiZuEtBscodN5E0tH9OQXJb8+lPY3aibH9544ZopOkxyusDw57FD5Psqn2R0SJm7BQ7sk7mr4094J5GWGTCxojY/zmRIbyxWoRfuA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ1PR11MB6227.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(396003)(346002)(376002)(366004)(136003)(39860400002)(451199015)(2906002)(8936002)(71200400001)(66899015)(55016003)(54906003)(66446008)(6636002)(8676002)(38070700005)(478600001)(19627235002)(41300700001)(86362001)(66556008)(4326008)(5660300002)(66476007)(66946007)(966005)(52536014)(110136005)(76116006)(9686003)(83380400001)(26005)(186003)(82960400001)(33656002)(6506007)(53546011)(316002)(64756008)(122000001)(7696005)(38100700002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?3/o43CwGkDk+PEl3OJuWJoYLQm0hBqTNq+OVusc5fWMLBVAFVEysWsd5XXyd?= =?us-ascii?Q?sSlpKRhUzwFo6dM571h0Rd5ZSisOSVtQZrL6eNhWy555V8QweOn3ThDWL099?= =?us-ascii?Q?aL201vk00khYcRchy1kNtLrrDftlNil2MZgI/2QnQxy+r/A3dn3KMORyAHcK?= =?us-ascii?Q?cGbPfTMvGQ14Gw+Ksas7B8ihVkJqsy52AO7B/m1hwdO32hhrA9dmD1Xapw9+?= =?us-ascii?Q?aQ472K2nIyLvSbxctMDpdA7Mx0mfXQuCNnaUoe8khGSSXoPAH38gvsGqp6bz?= =?us-ascii?Q?VBcg4DgFXcFPDvRW5d9nwkDhcysEEY1XG4prqRgUgAvkDAHJT12lo4M7ZqvR?= =?us-ascii?Q?viaQ7ER1WYOihlOcFqsvRx3GZsnzxGy8n+tX+n3PYS1Yf6nesqW66N4TYivL?= =?us-ascii?Q?OxusWppozrm6gFG1vG9YthFiZ81XtFIbAJCzcW6gcAcSeQihoefKjw62hiHy?= =?us-ascii?Q?xuyYKgGVMj//4ACCysg41GTO5xbssHV/uYCXmGcz/KHWQFe7dDbt14XJq/SG?= =?us-ascii?Q?uaN9YThT0HzaInYP5NXBeuMO580tMUuvg57jY1E9GZ+BcQGWc17Hh45AYZWI?= =?us-ascii?Q?h10MVs39p+Yyq4X4KQAPWeceqw8ND4MVNdmjtnVEhl8LNchzTURd7D5XYlDx?= =?us-ascii?Q?Ovzxoklel3A2CYl9IZVSLgR7kCC/fq1qQPZDYCexOuPE8SwFYeIJ3VLCS7Uu?= =?us-ascii?Q?75UsnVsqpJG2PXgvjBTKWuSgzpnB3bOXvU+BbUz0nvs0BUcj7w1L7wrx4XX3?= =?us-ascii?Q?RWY8i3gIa2DLmDPZvMV8BGyaOGHxxcFYaCBYSRylyuReo97NFBgyaN2YcEiE?= =?us-ascii?Q?Ax5SHItKOM6JgL8BYWs5pQu/ss0cRfffe0qGz0Qf3gEsO0ioQdiUst/U4jhv?= =?us-ascii?Q?jDy7BITflT7MbzhdIFbcDQoAJk9uS7YHqL++AL0Xc6g1Ib70Xtg8ZTXWF35B?= =?us-ascii?Q?SoV9ACWQh4VAevQeHUw55wYlFIo7OWMon3/f38JZh5FNIuD6Gzy15HlL9Y7O?= =?us-ascii?Q?2SoUVv3UwtXBjcPYwnqPoOGxR7++OYmB8rJgfZLkXcsEuohk1NGdpiTKgpQo?= =?us-ascii?Q?P0JRqaqCSk9bqsiHugQyyiXi1BOWepIzHJNYn6R/CnsI+s1jpV6LEPPEq/6n?= =?us-ascii?Q?4xI4m6n9EAiznemUkVqqJ8Tlr4aUUXl4lRvZ7gXveyeuTMb+Q2OHvuDBRiyN?= =?us-ascii?Q?JQKJekVjSYgvKCJGZoRXFEWyM3a57OhYXNPAykTJ5dDPtzyRbc2UvWbU09cr?= =?us-ascii?Q?jO+6hsn/dI3EDOvhfqjLetAPoYXTbM/WYCH/hP5kInHGIHTkp3Gkvh55ePoe?= =?us-ascii?Q?7F848piRHF3/XS1Y50Nku/NCX0Lk9cot6dCIW9fdBkmTQxB0utO5SHcFH789?= =?us-ascii?Q?lKvr5HZF5RpU2/h6CjPyiO/NLRya3nCpfqlq2zMqLtUcFGf55vK6SyHtRnLp?= =?us-ascii?Q?4jM7Wye6CdUUTiFtKMEqWRSRJL6VpF9/TIDnFw+jycW7ciDe5uWy0YFzOlXg?= =?us-ascii?Q?P5zFkvf77zjENC1UiqBoE7JcwtWd5WyZNRUb4PBs/cI3Fo5S2BLYDu6+pmOV?= =?us-ascii?Q?pNr89AFeaFYpY7U2RAI=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: c8b8f0c0-9e1d-4f88-2266-08daaa68e12e X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Oct 2022 02:41:05.7095 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: g0wQsOtf6WvdU7UDGBEkh9eR7kysiKH5S9wfSvNANp+TXtNv47Y8op56AsRnBpqBmiVzRGe6rPPhlI2XGOmp+Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR11MB6561 Return-Path: yi1.li@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Jiewen and Heng, Thanks for review, I have corrected the comments and cipher suites name. Thanks, Yi -----Original Message----- From: Luo, Heng =20 Sent: Monday, October 10, 2022 9:37 AM To: devel@edk2.groups.io; Yao, Jiewen ; Li, Yi1 Cc: Kinney, Michael D ; Gao, Liming Subject: RE: [edk2-devel] [PATCH V2 1/3] MdePkg: Add Tls configuration rela= ted define Hi Yi, Please double check and update the comments: https://www.rfc-editor.org/rfc/rfc5288,=20 > #define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 {0x00, 0x9F} https://www.rfc-editor.org/rfc/rfc5289, section 3.2 > #define TLS_ECDHE_ECDSA_AES128_GCM_SHA256 {0xC0, 0x2B} -> TLS_ECDHE= _ECDSA_WITH_AES_128_GCM_SHA256 > #define TLS_ECDHE_ECDSA_AES256_GCM_SHA384 {0xC0, 0x2C} -> TLS_ECDHE_= ECDSA_WITH_AES_256_GCM_SHA384 > #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 {0xC0, 0x30} Below definitions in https://www.rfc-editor.org/rfc/rfc8422#section-5.1.1 > /// typedef enum { > TlsEcNamedCurveSecp256r1 =3D 23, > TlsEcNamedCurveSecp384r1 =3D 24, > TlsEcNamedCurveSecp521r1 =3D 25, > TlsEcNamedCurveX25519 =3D 29, > TlsEcNamedCurveX448 =3D 30, > } TLS_EC_NAMED_CURVE; Thanks, Heng > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Yao,=20 > Jiewen > Sent: Monday, October 10, 2022 8:12 AM > To: Li, Yi1 ; devel@edk2.groups.io > Cc: Kinney, Michael D ; Gao, Liming=20 > > Subject: Re: [edk2-devel] [PATCH V2 1/3] MdePkg: Add Tls configuration=20 > related define >=20 > Hi > 1) I cannot find the new cipher suite definition in rfc-5246=20 > (https://www.rfc- editor.org/rfc/rfc5246). > Would you please update comment as well, to let it point to right documen= t? >=20 > /// > /// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246. > /// > ... > #define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 {0x00, 0x9F} > #define TLS_ECDHE_ECDSA_AES128_GCM_SHA256 {0xC0, 0x2B} > #define TLS_ECDHE_ECDSA_AES256_GCM_SHA384 {0xC0, 0x2C} > #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 {0xC0, 0x30} >=20 > 2) I cannot find the new cipher suite definition in rfc-8442.=20 > (Actually, there is no section 5.1.1 in RFC8442=20 > https://www.rfc-editor.org/rfc/rfc8442) > Would you please update comment as well, to let it point to right documen= t? >=20 > /// > /// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1=20 > of rfc-8442 /// typedef enum { > TlsEcNamedCurveSecp256r1 =3D 23, > TlsEcNamedCurveSecp384r1 =3D 24, > TlsEcNamedCurveSecp521r1 =3D 25, > TlsEcNamedCurveX25519 =3D 29, > TlsEcNamedCurveX448 =3D 30, > } TLS_EC_NAMED_CURVE; >=20 >=20 > > -----Original Message----- > > From: Li, Yi1 > > Sent: Saturday, October 8, 2022 10:10 AM > > To: devel@edk2.groups.io > > Cc: Li, Yi1 ; Yao, Jiewen ;=20 > > Kinney, Michael D ; Gao, Liming=20 > > > > Subject: [PATCH V2 1/3] MdePkg: Add Tls configuration related define > > > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3D3892 > > > > Consumed by TlsSetEcCurve and TlsSetSignatureAlgoList. > > > > Cc: Jiewen Yao > > Cc: Michael D Kinney > > Cc: Liming Gao > > Signed-off-by: Yi Li > > --- > > MdePkg/Include/IndustryStandard/Tls1.h | 110=20 > > +++++++++++++++++------- > > - > > 1 file changed, 74 insertions(+), 36 deletions(-) > > > > diff --git a/MdePkg/Include/IndustryStandard/Tls1.h > > b/MdePkg/Include/IndustryStandard/Tls1.h > > index cf67428b11..5cf2860caf 100644 > > --- a/MdePkg/Include/IndustryStandard/Tls1.h > > +++ b/MdePkg/Include/IndustryStandard/Tls1.h > > @@ -15,42 +15,46 @@ > > /// > > /// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246= . > > /// > > -#define TLS_RSA_WITH_NULL_MD5 {0x00, 0x01} > > -#define TLS_RSA_WITH_NULL_SHA {0x00, 0x02} > > -#define TLS_RSA_WITH_RC4_128_MD5 {0x00, 0x04} > > -#define TLS_RSA_WITH_RC4_128_SHA {0x00, 0x05} > > -#define TLS_RSA_WITH_IDEA_CBC_SHA {0x00, 0x07} > > -#define TLS_RSA_WITH_DES_CBC_SHA {0x00, 0x09} > > -#define TLS_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x0A} > > -#define TLS_DH_DSS_WITH_DES_CBC_SHA {0x00, 0x0C} > > -#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x0D} > > -#define TLS_DH_RSA_WITH_DES_CBC_SHA {0x00, 0x0F} > > -#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x10} > > -#define TLS_DHE_DSS_WITH_DES_CBC_SHA {0x00, 0x12} > > -#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x13} > > -#define TLS_DHE_RSA_WITH_DES_CBC_SHA {0x00, 0x15} > > -#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x16} > > -#define TLS_RSA_WITH_AES_128_CBC_SHA {0x00, 0x2F} > > -#define TLS_DH_DSS_WITH_AES_128_CBC_SHA {0x00, 0x30} > > -#define TLS_DH_RSA_WITH_AES_128_CBC_SHA {0x00, 0x31} > > -#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA {0x00, 0x32} > > -#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x33} > > -#define TLS_RSA_WITH_AES_256_CBC_SHA {0x00, 0x35} > > -#define TLS_DH_DSS_WITH_AES_256_CBC_SHA {0x00, 0x36} > > -#define TLS_DH_RSA_WITH_AES_256_CBC_SHA {0x00, 0x37} > > -#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA {0x00, 0x38} > > -#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA {0x00, 0x39} > > -#define TLS_RSA_WITH_NULL_SHA256 {0x00, 0x3B} > > -#define TLS_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3C} > > -#define TLS_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x3D} > > -#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x3E} > > -#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3F} > > -#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x40} -#define > > TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x67} > > -#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x68} > > -#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x69} > > -#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x6A} -#define > > TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x6B} > > +#define TLS_RSA_WITH_NULL_MD5 {0x00, 0x01} > > +#define TLS_RSA_WITH_NULL_SHA {0x00, 0x02} > > +#define TLS_RSA_WITH_RC4_128_MD5 {0x00, 0x04} > > +#define TLS_RSA_WITH_RC4_128_SHA {0x00, 0x05} > > +#define TLS_RSA_WITH_IDEA_CBC_SHA {0x00, 0x07} > > +#define TLS_RSA_WITH_DES_CBC_SHA {0x00, 0x09} > > +#define TLS_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x0A} > > +#define TLS_DH_DSS_WITH_DES_CBC_SHA {0x00, 0x0C} > > +#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x0D} > > +#define TLS_DH_RSA_WITH_DES_CBC_SHA {0x00, 0x0F} > > +#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x10} > > +#define TLS_DHE_DSS_WITH_DES_CBC_SHA {0x00, 0x12} > > +#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA {0x00, 0x13} > > +#define TLS_DHE_RSA_WITH_DES_CBC_SHA {0x00, 0x15} > > +#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA {0x00, 0x16} > > +#define TLS_RSA_WITH_AES_128_CBC_SHA {0x00, 0x2F} > > +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA {0x00, 0x30} > > +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA {0x00, 0x31} > > +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA {0x00, 0x32} > > +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA {0x00, 0x33} > > +#define TLS_RSA_WITH_AES_256_CBC_SHA {0x00, 0x35} > > +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA {0x00, 0x36} > > +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA {0x00, 0x37} > > +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA {0x00, 0x38} > > +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA {0x00, 0x39} > > +#define TLS_RSA_WITH_NULL_SHA256 {0x00, 0x3B} > > +#define TLS_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3C} > > +#define TLS_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x3D} > > +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x3E} > > +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x3F} > > +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 {0x00, 0x40} > > +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 {0x00, 0x67} > > +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x68} > > +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x69} > > +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 {0x00, 0x6A} > > +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 {0x00, 0x6B} > > +#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 {0x00, 0x9F} > > +#define TLS_ECDHE_ECDSA_AES128_GCM_SHA256 {0xC0, 0x2B} > > +#define TLS_ECDHE_ECDSA_AES256_GCM_SHA384 {0xC0, 0x2C} > > +#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 {0xC0, 0x30} > > > > /// > > /// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246. > > @@ -95,6 +99,40 @@ typedef struct { > > // > > #define TLS_CIPHERTEXT_RECORD_MAX_PAYLOAD_LENGTH 18432 > > > > +/// > > +/// TLS Hash algorithm, refers to section 7.4.1.4.1. of rfc-5246. > > +/// > > +typedef enum { > > + TlsHashAlgoNone =3D 0, > > + TlsHashAlgoMd5 =3D 1, > > + TlsHashAlgoSha1 =3D 2, > > + TlsHashAlgoSha224 =3D 3, > > + TlsHashAlgoSha256 =3D 4, > > + TlsHashAlgoSha384 =3D 5, > > + TlsHashAlgoSha512 =3D 6, > > +} TLS_HASH_ALGO; > > + > > +/// > > +/// TLS Signature algorithm, refers to section 7.4.1.4.1. of rfc-5246. > > +/// > > +typedef enum { > > + TlsSignatureAlgoAnonymous =3D 0, > > + TlsSignatureAlgoRsa =3D 1, > > + TlsSignatureAlgoDsa =3D 2, > > + TlsSignatureAlgoEcdsa =3D 3, > > +} TLS_SIGNATURE_ALGO; > > + > > +/// > > +/// TLS Supported Elliptic Curves Extensions, refers to section=20 > > +5.1.1 of rfc- > > 8442 > > +/// > > +typedef enum { > > + TlsEcNamedCurveSecp256r1 =3D 23, > > + TlsEcNamedCurveSecp384r1 =3D 24, > > + TlsEcNamedCurveSecp521r1 =3D 25, > > + TlsEcNamedCurveX25519 =3D 29, > > + TlsEcNamedCurveX448 =3D 30, > > +} TLS_EC_NAMED_CURVE; > > + > > #pragma pack() > > > > #endif > > -- > > 2.31.1.windows.1 >=20 >=20 >=20 >=20 >=20