Re: [edk2-devel] [PATCH V3 1/3] MdePkg: Add Tls configuration related define

Sun, 09 Oct 2022 20:06:47 -0700 

Acked-by: Michael D Kinney <michael.d.kin...@intel.com>

Mike

> -----Original Message-----
> From: Li, Yi1 <yi1...@intel.com>
> Sent: Sunday, October 9, 2022 7:40 PM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1...@intel.com>; Yao, Jiewen <jiewen....@intel.com>; Kinney, 
> Michael D <michael.d.kin...@intel.com>; Gao,
> Liming <gaolim...@byosoft.com.cn>
> Subject: [PATCH V3 1/3] MdePkg: Add Tls configuration related define
> 
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3892
> 
> Consumed by TlsSetEcCurve and TlsSetSignatureAlgoList.
> 
> Cc: Jiewen Yao <jiewen....@intel.com>
> Cc: Michael D Kinney <michael.d.kin...@intel.com>
> Cc: Liming Gao <gaolim...@byosoft.com.cn>
> Signed-off-by: Yi Li <yi1...@intel.com>
> ---
>  MdePkg/Include/IndustryStandard/Tls1.h | 112 +++++++++++++++++--------
>  1 file changed, 75 insertions(+), 37 deletions(-)
> 
> diff --git a/MdePkg/Include/IndustryStandard/Tls1.h 
> b/MdePkg/Include/IndustryStandard/Tls1.h
> index cf67428b11..f1ba0af7dc 100644
> --- a/MdePkg/Include/IndustryStandard/Tls1.h
> +++ b/MdePkg/Include/IndustryStandard/Tls1.h
> @@ -13,44 +13,48 @@
>  #pragma pack(1)
> 
>  ///
> -/// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246.
> +/// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346, rfc-5246, 
> rfc-5288 and rfc-5289.
>  ///
> -#define TLS_RSA_WITH_NULL_MD5                {0x00, 0x01}
> -#define TLS_RSA_WITH_NULL_SHA                {0x00, 0x02}
> -#define TLS_RSA_WITH_RC4_128_MD5             {0x00, 0x04}
> -#define TLS_RSA_WITH_RC4_128_SHA             {0x00, 0x05}
> -#define TLS_RSA_WITH_IDEA_CBC_SHA            {0x00, 0x07}
> -#define TLS_RSA_WITH_DES_CBC_SHA             {0x00, 0x09}
> -#define TLS_RSA_WITH_3DES_EDE_CBC_SHA        {0x00, 0x0A}
> -#define TLS_DH_DSS_WITH_DES_CBC_SHA          {0x00, 0x0C}
> -#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA     {0x00, 0x0D}
> -#define TLS_DH_RSA_WITH_DES_CBC_SHA          {0x00, 0x0F}
> -#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA     {0x00, 0x10}
> -#define TLS_DHE_DSS_WITH_DES_CBC_SHA         {0x00, 0x12}
> -#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA    {0x00, 0x13}
> -#define TLS_DHE_RSA_WITH_DES_CBC_SHA         {0x00, 0x15}
> -#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA    {0x00, 0x16}
> -#define TLS_RSA_WITH_AES_128_CBC_SHA         {0x00, 0x2F}
> -#define TLS_DH_DSS_WITH_AES_128_CBC_SHA      {0x00, 0x30}
> -#define TLS_DH_RSA_WITH_AES_128_CBC_SHA      {0x00, 0x31}
> -#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA     {0x00, 0x32}
> -#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA     {0x00, 0x33}
> -#define TLS_RSA_WITH_AES_256_CBC_SHA         {0x00, 0x35}
> -#define TLS_DH_DSS_WITH_AES_256_CBC_SHA      {0x00, 0x36}
> -#define TLS_DH_RSA_WITH_AES_256_CBC_SHA      {0x00, 0x37}
> -#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA     {0x00, 0x38}
> -#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA     {0x00, 0x39}
> -#define TLS_RSA_WITH_NULL_SHA256             {0x00, 0x3B}
> -#define TLS_RSA_WITH_AES_128_CBC_SHA256      {0x00, 0x3C}
> -#define TLS_RSA_WITH_AES_256_CBC_SHA256      {0x00, 0x3D}
> -#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256   {0x00, 0x3E}
> -#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256   {0x00, 0x3F}
> -#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256  {0x00, 0x40}
> -#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256  {0x00, 0x67}
> -#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256   {0x00, 0x68}
> -#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256   {0x00, 0x69}
> -#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256  {0x00, 0x6A}
> -#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256  {0x00, 0x6B}
> +#define TLS_RSA_WITH_NULL_MD5                    {0x00, 0x01}
> +#define TLS_RSA_WITH_NULL_SHA                    {0x00, 0x02}
> +#define TLS_RSA_WITH_RC4_128_MD5                 {0x00, 0x04}
> +#define TLS_RSA_WITH_RC4_128_SHA                 {0x00, 0x05}
> +#define TLS_RSA_WITH_IDEA_CBC_SHA                {0x00, 0x07}
> +#define TLS_RSA_WITH_DES_CBC_SHA                 {0x00, 0x09}
> +#define TLS_RSA_WITH_3DES_EDE_CBC_SHA            {0x00, 0x0A}
> +#define TLS_DH_DSS_WITH_DES_CBC_SHA              {0x00, 0x0C}
> +#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA         {0x00, 0x0D}
> +#define TLS_DH_RSA_WITH_DES_CBC_SHA              {0x00, 0x0F}
> +#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA         {0x00, 0x10}
> +#define TLS_DHE_DSS_WITH_DES_CBC_SHA             {0x00, 0x12}
> +#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA        {0x00, 0x13}
> +#define TLS_DHE_RSA_WITH_DES_CBC_SHA             {0x00, 0x15}
> +#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA        {0x00, 0x16}
> +#define TLS_RSA_WITH_AES_128_CBC_SHA             {0x00, 0x2F}
> +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA          {0x00, 0x30}
> +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA          {0x00, 0x31}
> +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA         {0x00, 0x32}
> +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA         {0x00, 0x33}
> +#define TLS_RSA_WITH_AES_256_CBC_SHA             {0x00, 0x35}
> +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA          {0x00, 0x36}
> +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA          {0x00, 0x37}
> +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA         {0x00, 0x38}
> +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA         {0x00, 0x39}
> +#define TLS_RSA_WITH_NULL_SHA256                 {0x00, 0x3B}
> +#define TLS_RSA_WITH_AES_128_CBC_SHA256          {0x00, 0x3C}
> +#define TLS_RSA_WITH_AES_256_CBC_SHA256          {0x00, 0x3D}
> +#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256       {0x00, 0x3E}
> +#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256       {0x00, 0x3F}
> +#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256      {0x00, 0x40}
> +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256      {0x00, 0x67}
> +#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256       {0x00, 0x68}
> +#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256       {0x00, 0x69}
> +#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256      {0x00, 0x6A}
> +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256      {0x00, 0x6B}
> +#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384      {0x00, 0x9F}
> +#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256  {0xC0, 0x2B}
> +#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  {0xC0, 0x2C}
> +#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    {0xC0, 0x30}
> 
>  ///
>  /// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
> @@ -95,6 +99,40 @@ typedef struct {
>  //
>  #define TLS_CIPHERTEXT_RECORD_MAX_PAYLOAD_LENGTH  18432
> 
> +///
> +/// TLS Hash algorithm, refers to section 7.4.1.4.1. of rfc-5246.
> +///
> +typedef enum {
> +  TlsHashAlgoNone   = 0,
> +  TlsHashAlgoMd5    = 1,
> +  TlsHashAlgoSha1   = 2,
> +  TlsHashAlgoSha224 = 3,
> +  TlsHashAlgoSha256 = 4,
> +  TlsHashAlgoSha384 = 5,
> +  TlsHashAlgoSha512 = 6,
> +} TLS_HASH_ALGO;
> +
> +///
> +/// TLS Signature algorithm, refers to section 7.4.1.4.1. of rfc-5246.
> +///
> +typedef enum {
> +  TlsSignatureAlgoAnonymous = 0,
> +  TlsSignatureAlgoRsa       = 1,
> +  TlsSignatureAlgoDsa       = 2,
> +  TlsSignatureAlgoEcdsa     = 3,
> +} TLS_SIGNATURE_ALGO;
> +
> +///
> +/// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1 of 
> rfc-8422.
> +///
> +typedef enum {
> +  TlsEcNamedCurveSecp256r1 = 23,
> +  TlsEcNamedCurveSecp384r1 = 24,
> +  TlsEcNamedCurveSecp521r1 = 25,
> +  TlsEcNamedCurveX25519    = 29,
> +  TlsEcNamedCurveX448      = 30,
> +} TLS_EC_NAMED_CURVE;
> +
>  #pragma pack()
> 
>  #endif
> --
> 2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94868): https://edk2.groups.io/g/devel/message/94868
Mute This Topic: https://groups.io/mt/94229174/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to