[PATCH 0/5] CryptoPkg: Add additional cipher algos and TLS API to meet WPA3


yi1 li
 

To meet the needs of WPA3 Enterprise, additional cipher algorithms
and TLS APIs need to be added.
Code branch: https://github.com/liyi77/edk2/tree/Add-TLS
Details as follows:
- TlsShutdown: Shutdown the TLS connection without releasing the resources,
meaning a new connection can be started without calling TlsNew() and
without setting certificates etc.
- TlsExportKey: Derive keying material from a TLS connection using the
mechanism described in RFC 5705 and export the key material (needed
by EAP methods such as EAP-TTLS and EAP-PEAP).
- TlsSetEcCurve: Set the EC curve to be used for TLS flows.
- TlsSetSignatureAlgoList: Set the signature algorithm list to used by
the TLS object.
- Additional cipher algorithms: Which are needed for SUITE-B and SUITE-B-192.
- Add implementation for TlsSetHostPrivateKey().

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Xiaoyu Lu <xiaoyu1.lu@...>
Cc: Guomin Jiang <guomin.jiang@...>
Cc: Maciej Rabeda <maciej.rabeda@...>
Cc: Jiaxin Wu <jiaxin.wu@...>
Cc: Siyuan Fu <siyuan.fu@...>
Cc: Michael D Kinney <michael.d.kinney@...>
Cc: Liming Gao <gaoliming@...>

Yi Li (3):
MdePkg: Add Tls configuration related define
CryptoPkg: Add TlsSetConfiguration API
NetworkPkg/TlsDxe: Sync to new TlsSetHostPrivateKey() API

yi1 li (2):
CryptoPkg: Add APIs TlsShutdown and TlsExportKey to TlsLib
CryptoPkg: Add implementation for TlsSetHostPrivateKey()

CryptoPkg/Driver/Crypto.c | 97 +++-
CryptoPkg/Include/Library/TlsLib.h | 93 +++-
.../Pcd/PcdCryptoServiceFamilyEnable.h | 3 +
.../BaseCryptLibOnProtocolPpi/CryptLib.c | 97 +++-
CryptoPkg/Library/TlsLib/InternalTlsLib.h | 5 +
CryptoPkg/Library/TlsLib/TlsConfig.c | 426 +++++++++++++++++-
CryptoPkg/Library/TlsLib/TlsProcess.c | 32 ++
CryptoPkg/Library/TlsLibNull/TlsConfigNull.c | 67 ++-
CryptoPkg/Library/TlsLibNull/TlsProcessNull.c | 23 +
CryptoPkg/Private/Protocol/Crypto.h | 82 +++-
MdePkg/Include/IndustryStandard/Tls1.h | 110 +++--
NetworkPkg/TlsDxe/TlsConfigProtocol.c | 2 +-
12 files changed, 968 insertions(+), 69 deletions(-)

--
2.31.1.windows.1


Maciej Rabeda
 

For NetworkPkg part: Reviewed-by: Maciej Rabeda <maciej.rabeda@...>

On 22 maj 2022 03:54, yi1 li wrote:
To meet the needs of WPA3 Enterprise, additional cipher algorithms
and TLS APIs need to be added.
Code branch: https://github.com/liyi77/edk2/tree/Add-TLS
Details as follows:
- TlsShutdown: Shutdown the TLS connection without releasing the resources,
meaning a new connection can be started without calling TlsNew() and
without setting certificates etc.
- TlsExportKey: Derive keying material from a TLS connection using the
mechanism described in RFC 5705 and export the key material (needed
by EAP methods such as EAP-TTLS and EAP-PEAP).
- TlsSetEcCurve: Set the EC curve to be used for TLS flows.
- TlsSetSignatureAlgoList: Set the signature algorithm list to used by
the TLS object.
- Additional cipher algorithms: Which are needed for SUITE-B and SUITE-B-192.
- Add implementation for TlsSetHostPrivateKey().

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Xiaoyu Lu <xiaoyu1.lu@...>
Cc: Guomin Jiang <guomin.jiang@...>
Cc: Maciej Rabeda <maciej.rabeda@...>
Cc: Jiaxin Wu <jiaxin.wu@...>
Cc: Siyuan Fu <siyuan.fu@...>
Cc: Michael D Kinney <michael.d.kinney@...>
Cc: Liming Gao <gaoliming@...>

Yi Li (3):
MdePkg: Add Tls configuration related define
CryptoPkg: Add TlsSetConfiguration API
NetworkPkg/TlsDxe: Sync to new TlsSetHostPrivateKey() API

yi1 li (2):
CryptoPkg: Add APIs TlsShutdown and TlsExportKey to TlsLib
CryptoPkg: Add implementation for TlsSetHostPrivateKey()

CryptoPkg/Driver/Crypto.c | 97 +++-
CryptoPkg/Include/Library/TlsLib.h | 93 +++-
.../Pcd/PcdCryptoServiceFamilyEnable.h | 3 +
.../BaseCryptLibOnProtocolPpi/CryptLib.c | 97 +++-
CryptoPkg/Library/TlsLib/InternalTlsLib.h | 5 +
CryptoPkg/Library/TlsLib/TlsConfig.c | 426 +++++++++++++++++-
CryptoPkg/Library/TlsLib/TlsProcess.c | 32 ++
CryptoPkg/Library/TlsLibNull/TlsConfigNull.c | 67 ++-
CryptoPkg/Library/TlsLibNull/TlsProcessNull.c | 23 +
CryptoPkg/Private/Protocol/Crypto.h | 82 +++-
MdePkg/Include/IndustryStandard/Tls1.h | 110 +++--
NetworkPkg/TlsDxe/TlsConfigProtocol.c | 2 +-
12 files changed, 968 insertions(+), 69 deletions(-)