summaryrefslogtreecommitdiffstats
path: root/MdePkg/Include/IndustryStandard/Tls1.h
blob: f1ba0af7dcc6fff18347d298db0514f53d673368 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138

/** @file
  Transport Layer Security  -- TLS 1.0/1.1/1.2 Standard definitions, from RFC 2246/4346/5246

  This file contains common TLS 1.0/1.1/1.2 definitions from RFC 2246/4346/5246

  Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
  SPDX-License-Identifier: BSD-2-Clause-Patent
**/

#ifndef __TLS_1_H__
#define __TLS_1_H__

#pragma pack(1)

///
/// TLS Cipher Suite, refers to A.5 of rfc-2246, rfc-4346, rfc-5246, rfc-5288 and rfc-5289.
///
#define TLS_RSA_WITH_NULL_MD5                    {0x00, 0x01}
#define TLS_RSA_WITH_NULL_SHA                    {0x00, 0x02}
#define TLS_RSA_WITH_RC4_128_MD5                 {0x00, 0x04}
#define TLS_RSA_WITH_RC4_128_SHA                 {0x00, 0x05}
#define TLS_RSA_WITH_IDEA_CBC_SHA                {0x00, 0x07}
#define TLS_RSA_WITH_DES_CBC_SHA                 {0x00, 0x09}
#define TLS_RSA_WITH_3DES_EDE_CBC_SHA            {0x00, 0x0A}
#define TLS_DH_DSS_WITH_DES_CBC_SHA              {0x00, 0x0C}
#define TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA         {0x00, 0x0D}
#define TLS_DH_RSA_WITH_DES_CBC_SHA              {0x00, 0x0F}
#define TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA         {0x00, 0x10}
#define TLS_DHE_DSS_WITH_DES_CBC_SHA             {0x00, 0x12}
#define TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA        {0x00, 0x13}
#define TLS_DHE_RSA_WITH_DES_CBC_SHA             {0x00, 0x15}
#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA        {0x00, 0x16}
#define TLS_RSA_WITH_AES_128_CBC_SHA             {0x00, 0x2F}
#define TLS_DH_DSS_WITH_AES_128_CBC_SHA          {0x00, 0x30}
#define TLS_DH_RSA_WITH_AES_128_CBC_SHA          {0x00, 0x31}
#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA         {0x00, 0x32}
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA         {0x00, 0x33}
#define TLS_RSA_WITH_AES_256_CBC_SHA             {0x00, 0x35}
#define TLS_DH_DSS_WITH_AES_256_CBC_SHA          {0x00, 0x36}
#define TLS_DH_RSA_WITH_AES_256_CBC_SHA          {0x00, 0x37}
#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA         {0x00, 0x38}
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA         {0x00, 0x39}
#define TLS_RSA_WITH_NULL_SHA256                 {0x00, 0x3B}
#define TLS_RSA_WITH_AES_128_CBC_SHA256          {0x00, 0x3C}
#define TLS_RSA_WITH_AES_256_CBC_SHA256          {0x00, 0x3D}
#define TLS_DH_DSS_WITH_AES_128_CBC_SHA256       {0x00, 0x3E}
#define TLS_DH_RSA_WITH_AES_128_CBC_SHA256       {0x00, 0x3F}
#define TLS_DHE_DSS_WITH_AES_128_CBC_SHA256      {0x00, 0x40}
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256      {0x00, 0x67}
#define TLS_DH_DSS_WITH_AES_256_CBC_SHA256       {0x00, 0x68}
#define TLS_DH_RSA_WITH_AES_256_CBC_SHA256       {0x00, 0x69}
#define TLS_DHE_DSS_WITH_AES_256_CBC_SHA256      {0x00, 0x6A}
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256      {0x00, 0x6B}
#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384      {0x00, 0x9F}
#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256  {0xC0, 0x2B}
#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384  {0xC0, 0x2C}
#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384    {0xC0, 0x30}

///
/// TLS Version, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
///
#define TLS10_PROTOCOL_VERSION_MAJOR  0x03
#define TLS10_PROTOCOL_VERSION_MINOR  0x01
#define TLS11_PROTOCOL_VERSION_MAJOR  0x03
#define TLS11_PROTOCOL_VERSION_MINOR  0x02
#define TLS12_PROTOCOL_VERSION_MAJOR  0x03
#define TLS12_PROTOCOL_VERSION_MINOR  0x03

///
/// TLS Content Type, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
///
typedef enum {
  TlsContentTypeChangeCipherSpec = 20,
  TlsContentTypeAlert            = 21,
  TlsContentTypeHandshake        = 22,
  TlsContentTypeApplicationData  = 23,
} TLS_CONTENT_TYPE;

///
/// TLS Record Header, refers to A.1 of rfc-2246, rfc-4346 and rfc-5246.
///
typedef struct {
  UINT8              ContentType;
  EFI_TLS_VERSION    Version;
  UINT16             Length;
} TLS_RECORD_HEADER;

#define TLS_RECORD_HEADER_LENGTH  5

//
// The length (in bytes) of the TLSPlaintext records payload MUST NOT exceed 2^14.
// Refers to section 6.2 of RFC5246.
//
#define TLS_PLAINTEXT_RECORD_MAX_PAYLOAD_LENGTH  16384

//
// The length (in bytes) of the TLSCiphertext records payload MUST NOT exceed 2^14 + 2048.
// Refers to section 6.2 of RFC5246.
//
#define TLS_CIPHERTEXT_RECORD_MAX_PAYLOAD_LENGTH  18432

///
/// TLS Hash algorithm, refers to section 7.4.1.4.1. of rfc-5246.
///
typedef enum {
  TlsHashAlgoNone   = 0,
  TlsHashAlgoMd5    = 1,
  TlsHashAlgoSha1   = 2,
  TlsHashAlgoSha224 = 3,
  TlsHashAlgoSha256 = 4,
  TlsHashAlgoSha384 = 5,
  TlsHashAlgoSha512 = 6,
} TLS_HASH_ALGO;

///
/// TLS Signature algorithm, refers to section 7.4.1.4.1. of rfc-5246.
///
typedef enum {
  TlsSignatureAlgoAnonymous = 0,
  TlsSignatureAlgoRsa       = 1,
  TlsSignatureAlgoDsa       = 2,
  TlsSignatureAlgoEcdsa     = 3,
} TLS_SIGNATURE_ALGO;

///
/// TLS Supported Elliptic Curves Extensions, refers to section 5.1.1 of rfc-8422.
///
typedef enum {
  TlsEcNamedCurveSecp256r1 = 23,
  TlsEcNamedCurveSecp384r1 = 24,
  TlsEcNamedCurveSecp521r1 = 25,
  TlsEcNamedCurveX25519    = 29,
  TlsEcNamedCurveX448      = 30,
} TLS_EC_NAMED_CURVE;

#pragma pack()

#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-27 08:19:11 +0000