[edk2-devel] [PATCH 1/3] MdePkg: Add Tls configuration related define

Li, Yi yi1.li at intel.com
Mon Sep 26 06:27:08 UTC 2022 

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3892

Consumed by TlsSetEcCurve and TlsSetSignatureAlgoList.

Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Michael D Kinney <michael.d.kinney at intel.com>
Cc: Liming Gao <gaoliming at byosoft.com.cn>
Signed-off-by: Yi Li <yi1.li at intel.com>
---
 MdePkg/Include/IndustryStandard/Tls1.h | 110 +++++++++++++++++--------
 1 file changed, 74 insertions(+), 36 deletions(-)

diff --git a/MdePkg/Include/IndustryStandard/Tls1.h b/MdePkg/Include/IndustryStandard/Tls1.h
index cf67428b11..5cf2860caf 100644
--- a/MdePkg/Include/IndustryStandard/Tls1.h
+++ b/MdePkg/Include/IndustryStandard/Tls1.h
@@ -15,42 +15,46 @@
 ///
 /// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346 and rfc-5246.
 ///
-#define TLS_RSA_WITH_NULL_MD5                {0x00, 0x01}
-#define TLS_RSA_WITH_NULL_SHA                {0x00, 0x02}
-#define TLS_RSA_WITH_RC4_128_MD5             {0x00, 0x04}
-#define TLS_RSA_WITH_RC4_128_SHA             {0x00, 0x05}
-#define TLS_RSA_WITH_IDEA_CBC_SHA            {0x00, 0x07}
-#define TLS_RSA_WITH_DES_CBC_SHA             {0x00, 0x09}
-#define TLS_RSA_WITH_3DES_EDE_CBC_SHA        {0x00, 0x0A}
-#define TLS_DH_DSS_WITH_DES_CBC_SHA          {0x00, 0x0C}
-#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA     {0x00, 0x0D}
-#define TLS_DH_RSA_WITH_DES_CBC_SHA          {0x00, 0x0F}
-#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA     {0x00, 0x10}
-#define TLS_DHE_DSS_WITH_DES_CBC_SHA         {0x00, 0x12}
-#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA    {0x00, 0x13}
-#define TLS_DHE_RSA_WITH_DES_CBC_SHA         {0x00, 0x15}
-#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA    {0x00, 0x16}
-#define TLS_RSA_WITH_AES_128_CBC_SHA         {0x00, 0x2F}
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA      {0x00, 0x30}
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA      {0x00, 0x31}
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA     {0x00, 0x32}
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA     {0x00, 0x33}
-#define TLS_RSA_WITH_AES_256_CBC_SHA         {0x00, 0x35}
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA      {0x00, 0x36}
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA      {0x00, 0x37}
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA     {0x00, 0x38}
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA     {0x00, 0x39}
-#define TLS_RSA_WITH_NULL_SHA256             {0x00, 0x3B}
-#define TLS_RSA_WITH_AES_128_CBC_SHA256      {0x00, 0x3C}
-#define TLS_RSA_WITH_AES_256_CBC_SHA256      {0x00, 0x3D}
-#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256   {0x00, 0x3E}
-#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256   {0x00, 0x3F}
-#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256  {0x00, 0x40}
-#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256  {0x00, 0x67}
-#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256   {0x00, 0x68}
-#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256   {0x00, 0x69}
-#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256  {0x00, 0x6A}
-#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256  {0x00, 0x6B}
+#define TLS_RSA_WITH_NULL_MD5                  {0x00, 0x01}
+#define TLS_RSA_WITH_NULL_SHA                  {0x00, 0x02}
+#define TLS_RSA_WITH_RC4_128_MD5               {0x00, 0x04}
+#define TLS_RSA_WITH_RC4_128_SHA               {0x00, 0x05}
+#define TLS_RSA_WITH_IDEA_CBC_SHA              {0x00, 0x07}
+#define TLS_RSA_WITH_DES_CBC_SHA               {0x00, 0x09}
+#define TLS_RSA_WITH_3DES_EDE_CBC_SHA          {0x00, 0x0A}
+#define TLS_DH_DSS_WITH_DES_CBC_SHA            {0x00, 0x0C}
+#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA       {0x00, 0x0D}
+#define TLS_DH_RSA_WITH_DES_CBC_SHA            {0x00, 0x0F}
+#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA       {0x00, 0x10}
+#define TLS_DHE_DSS_WITH_DES_CBC_SHA           {0x00, 0x12}
+#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA      {0x00, 0x13}
+#define TLS_DHE_RSA_WITH_DES_CBC_SHA           {0x00, 0x15}
+#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA      {0x00, 0x16}
+#define TLS_RSA_WITH_AES_128_CBC_SHA           {0x00, 0x2F}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA        {0x00, 0x30}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA        {0x00, 0x31}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA       {0x00, 0x32}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA       {0x00, 0x33}
+#define TLS_RSA_WITH_AES_256_CBC_SHA           {0x00, 0x35}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA        {0x00, 0x36}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA        {0x00, 0x37}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA       {0x00, 0x38}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA       {0x00, 0x39}
+#define TLS_RSA_WITH_NULL_SHA256               {0x00, 0x3B}
+#define TLS_RSA_WITH_AES_128_CBC_SHA256        {0x00, 0x3C}
+#define TLS_RSA_WITH_AES_256_CBC_SHA256        {0x00, 0x3D}
+#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256     {0x00, 0x3E}
+#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256     {0x00, 0x3F}
+#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256    {0x00, 0x40}
+#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256    {0x00, 0x67}
+#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256     {0x00, 0x68}
+#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256     {0x00, 0x69}
+#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256    {0x00, 0x6A}
+#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256    {0x00, 0x6B}
+#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384    {0x00, 0x9F}
+#define TLS_ECDHE_ECDSA_AES128_GCM_SHA256      {0xC0, 0x2B}
+#define TLS_ECDHE_ECDSA_AES256_GCM_SHA384      {0xC0, 0x2C}
+#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384  {0xC0, 0x30}
 
 ///
 /// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
@@ -95,6 +99,40 @@ typedef struct {
 //
 #define TLS_CIPHERTEXT_RECORD_MAX_PAYLOAD_LENGTH  18432
 
+///
+/// TLS Hash algorithm, refers to section 7.4.1.4.1. of rfc-5246.
+///
+typedef enum {
+  TlsHashAlgoNone   = 0,
+  TlsHashAlgoMd5    = 1,
+  TlsHashAlgoSha1   = 2,
+  TlsHashAlgoSha224 = 3,
+  TlsHashAlgoSha256 = 4,
+  TlsHashAlgoSha384 = 5,
+  TlsHashAlgoSha512 = 6,
+} TLS_HASH_ALGO;
+
+///
+/// TLS Signature algorithm, refers to section 7.4.1.4.1. of rfc-5246.
+///
+typedef enum {
+  TlsSignatureAlgoAnonymous = 0,
+  TlsSignatureAlgoRsa       = 1,
+  TlsSignatureAlgoDsa       = 2,
+  TlsSignatureAlgoEcdsa     = 3,
+} TLS_SIGNATURE_ALGO;
+
+///
+/// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1 of rfc-8442
+///
+typedef enum {
+  TlsEcNamedCurveSecp256r1 = 23,
+  TlsEcNamedCurveSecp384r1 = 24,
+  TlsEcNamedCurveSecp521r1 = 25,
+  TlsEcNamedCurveX25519    = 29,
+  TlsEcNamedCurveX448      = 30,
+} TLS_EC_NAMED_CURVE;
+
 #pragma pack()
 
 #endif
-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94310): https://edk2.groups.io/g/devel/message/94310
Mute This Topic: https://groups.io/mt/93921699/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list