[edk2-devel] [PATCH 1/1] MdePkg: Add WPA3 related TLS configure macro

yi1 li Wed, 04 May 2022 02:30:57 -0700

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3892


Which are needed for SUITE-B and SUITE-B-192.

Cc: Michael D Kinney <michael.d.kin...@intel.com>
Cc: Liming Gao <gaolim...@byosoft.com.cn>
Signed-off-by: yi1 li <yi1...@intel.com>
---
 MdePkg/Include/IndustryStandard/Tls1.h | 133 ++++++++++++++++++-------
 1 file changed, 97 insertions(+), 36 deletions(-)

diff --git a/MdePkg/Include/IndustryStandard/Tls1.h 
b/MdePkg/Include/IndustryStandard/Tls1.h
index cf67428b1129..6519afe15e78 100644
--- a/MdePkg/Include/IndustryStandard/Tls1.h
+++ b/MdePkg/Include/IndustryStandard/Tls1.h
@@ -15,42 +15,49 @@
 ///
 /// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246.
 ///
-#define TLS_RSA_WITH_NULL_MD5                {0x00, 0x01}
-#define TLS_RSA_WITH_NULL_SHA                {0x00, 0x02}
-#define TLS_RSA_WITH_RC4_128_MD5             {0x00, 0x04}
-#define TLS_RSA_WITH_RC4_128_SHA             {0x00, 0x05}
-#define TLS_RSA_WITH_IDEA_CBC_SHA            {0x00, 0x07}
-#define TLS_RSA_WITH_DES_CBC_SHA             {0x00, 0x09}
-#define TLS_RSA_WITH_3DES_EDE_CBC_SHA        {0x00, 0x0A}
-#define TLS_DH_DSS_WITH_DES_CBC_SHA          {0x00, 0x0C}
-#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA     {0x00, 0x0D}
-#define TLS_DH_RSA_WITH_DES_CBC_SHA          {0x00, 0x0F}
-#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA     {0x00, 0x10}
-#define TLS_DHE_DSS_WITH_DES_CBC_SHA         {0x00, 0x12}
-#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA    {0x00, 0x13}
-#define TLS_DHE_RSA_WITH_DES_CBC_SHA         {0x00, 0x15}
-#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA    {0x00, 0x16}
-#define TLS_RSA_WITH_AES_128_CBC_SHA         {0x00, 0x2F}
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA      {0x00, 0x30}
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA      {0x00, 0x31}
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA     {0x00, 0x32}
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA     {0x00, 0x33}
-#define TLS_RSA_WITH_AES_256_CBC_SHA         {0x00, 0x35}
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA      {0x00, 0x36}
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA      {0x00, 0x37}
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA     {0x00, 0x38}
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA     {0x00, 0x39}
-#define TLS_RSA_WITH_NULL_SHA256             {0x00, 0x3B}
-#define TLS_RSA_WITH_AES_128_CBC_SHA256      {0x00, 0x3C}
-#define TLS_RSA_WITH_AES_256_CBC_SHA256      {0x00, 0x3D}
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256   {0x00, 0x3E}
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256   {0x00, 0x3F}
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256  {0x00, 0x40}
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256  {0x00, 0x67}
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256   {0x00, 0x68}
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256   {0x00, 0x69}
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256  {0x00, 0x6A}
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256  {0x00, 0x6B}
+#define TLS_RSA_WITH_NULL_MD5                  {0x00, 0x01}
+#define TLS_RSA_WITH_NULL_SHA                  {0x00, 0x02}
+#define TLS_RSA_WITH_RC4_128_MD5               {0x00, 0x04}
+#define TLS_RSA_WITH_RC4_128_SHA               {0x00, 0x05}
+#define TLS_RSA_WITH_IDEA_CBC_SHA              {0x00, 0x07}
+#define TLS_RSA_WITH_DES_CBC_SHA               {0x00, 0x09}
+#define TLS_RSA_WITH_3DES_EDE_CBC_SHA          {0x00, 0x0A}
+#define TLS_DH_DSS_WITH_DES_CBC_SHA            {0x00, 0x0C}
+#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA       {0x00, 0x0D}
+#define TLS_DH_RSA_WITH_DES_CBC_SHA            {0x00, 0x0F}
+#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA       {0x00, 0x10}
+#define TLS_DHE_DSS_WITH_DES_CBC_SHA           {0x00, 0x12}
+#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA      {0x00, 0x13}
+#define TLS_DHE_RSA_WITH_DES_CBC_SHA           {0x00, 0x15}
+#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA      {0x00, 0x16}
+#define TLS_RSA_WITH_AES_128_CBC_SHA           {0x00, 0x2F}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA        {0x00, 0x30}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA        {0x00, 0x31}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA       {0x00, 0x32}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA       {0x00, 0x33}
+#define TLS_RSA_WITH_AES_256_CBC_SHA           {0x00, 0x35}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA        {0x00, 0x36}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA        {0x00, 0x37}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA       {0x00, 0x38}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA       {0x00, 0x39}
+#define TLS_RSA_WITH_NULL_SHA256               {0x00, 0x3B}
+#define TLS_RSA_WITH_AES_128_CBC_SHA256        {0x00, 0x3C}
+#define TLS_RSA_WITH_AES_256_CBC_SHA256        {0x00, 0x3D}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256     {0x00, 0x3E}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256     {0x00, 0x3F}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256    {0x00, 0x40}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256    {0x00, 0x67}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256     {0x00, 0x68}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256     {0x00, 0x69}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256    {0x00, 0x6A}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256    {0x00, 0x6B}
+#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384    {0x00, 0x9F}
+#define TLS_AES_128_GCM_SHA256                 {0x13, 0x01}
+#define TLS_AES_256_GCM_SHA384                 {0x13, 0x02}
+#define TLS_CHACHA20_POLY1305_SHA256           {0x13, 0x03}
+#define TLS_ECDHE_ECDSA_AES128_GCM_SHA256      {0xC0, 0x2B}
+#define TLS_ECDHE_ECDSA_AES256_GCM_SHA384      {0xC0, 0x2C}
+#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384  {0xC0, 0x30}
 
 ///
 /// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
@@ -95,6 +102,60 @@ typedef struct {
 //
 #define TLS_CIPHERTEXT_RECORD_MAX_PAYLOAD_LENGTH  18432
 
+///
+/// TLS Hash algorithm, refers to section 7.4.1.4.1. of rfc-5246.
+///
+typedef enum {
+  TlsHashAlgoNone = 0,
+  TlsHashAlgoMd5,
+  TlsHashAlgoSha1,
+  TlsHashAlgoSha224,
+  TlsHashAlgoSha256,
+  TlsHashAlgoSha384,
+  TlsHashAlgoSha512,
+} TLS_HASH_ALGO;
+
+///
+/// TLS Signature algorithm, refers to section 7.4.1.4.1. of rfc-5246.
+///
+typedef enum {
+  TlsSignatureAlgoAnonymous = 0,
+  TlsSignatureAlgoRsa,
+  TlsSignatureAlgoDsa,
+  TlsSignatureAlgoEcdsa,
+} TLS_SIGNATURE_ALGO;
+
+///
+/// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1 of 
rfc-4492
+///
+typedef enum {
+  TlsEcNamedCurve_sect163k1 = 1,
+  TlsEcNamedCurve_sect163r1,   // 2,
+  TlsEcNamedCurve_sect163r2,   // 3,
+  TlsEcNamedCurve_sect193r1,   // 4,
+  TlsEcNamedCurve_sect193r2,   // 5,
+  TlsEcNamedCurve_sect233k1,   // 6,
+  TlsEcNamedCurve_sect233r1,   // 7,
+  TlsEcNamedCurve_sect239k1,   // 8,
+  TlsEcNamedCurve_sect283k1,   // 9,
+  TlsEcNamedCurve_sect283r1,   // 10,
+  TlsEcNamedCurve_sect409k1,   // 11,
+  TlsEcNamedCurve_sect409r1,   // 12,
+  TlsEcNamedCurve_sect571k1,   // 13,
+  TlsEcNamedCurve_sect571r1,   // 14,
+  TlsEcNamedCurve_secp160k1,   // 15,
+  TlsEcNamedCurve_secp160r1,   // 16,
+  TlsEcNamedCurve_secp160r2,   // 17,
+  TlsEcNamedCurve_secp192k1,   // 18,
+  TlsEcNamedCurve_secp192r1,   // 19,
+  TlsEcNamedCurve_secp224k1,   // 20,
+  TlsEcNamedCurve_secp224r1,   // 21,
+  TlsEcNamedCurve_secp256k1,   // 22,
+  TlsEcNamedCurve_secp256r1,   // 23,
+  TlsEcNamedCurve_secp384r1,   // 24,
+  TlsEcNamedCurve_secp521r1,   // 25,
+} TLS_EC_NAMED_CUREVE;
+
 #pragma pack()
 
 #endif
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89504): https://edk2.groups.io/g/devel/message/89504
Mute This Topic: https://groups.io/mt/90883618/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH 1/1] MdePkg: Add WPA3 related TLS configure macro

Reply via email to