[edk2] [Patch 0/6] HTTPS boot feature support

Jiaxin Wu Wed, 24 Feb 2016 00:15:48 -0800

These series patches are used to support HTTPS boot feature.

HttpDxe driver will consume TlsDxe driver. It can both support 
HTTP and HTTPS feature, it’s depended on the information in URL, 
the HTTP instance can be able to determine whether to use HTTP
or HTTPS.


It should be noted that current HttpDxe only support server 
authentication with an unauthenticated client mode. That means 
only server is authenticated by client. Client won’t be 
authenticated by server. It's normally called as one-way 
authentication. To support this mode, CA certificate is 
required by Client. Currently, private variable is used to 
configure this CA certificate. The variable name is called 
'TlsCaCertificate'. The corresponding GUID is {0xfd2340D0, 
\ 0x3dab, 0x4349, {0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e, 0xae}}. 
In sum, the CA certificate must be configured first to enable 
HTTPS boot feature.

TlsDxe driver takes advantage of OpenSLL library, including 
BaseCryptLib and new wrapped TlsLib, And also, OpensslTlsLib 
module is required to enable 'openssl\ssl' function.

Cc: Ye Ting <[email protected]>
Cc: Fu Siyuan <[email protected]>
Cc: Long Qin <[email protected]>
Cc: Ruiyu Ni <[email protected]>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <[email protected]>

Jiaxin Wu (6):
  MdePkg: Add TLS related protocol definition
  CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'
  CryptoPkg: Add new TlsLib library
  NetworkPkg: TlsDxe driver implementation over OpenSSL
  NetworkPkg: HTTPS support over IPv4 and IPv6
  Nt32Pkg: Enable Nt32Pkg platform HTTPS boot feature.

 CryptoPkg/CryptoPkg.dec                            |    6 +-
 CryptoPkg/CryptoPkg.dsc                            |    2 +
 CryptoPkg/Include/Library/TlsLib.h                 |  802 +++++++++
 CryptoPkg/Include/OpenSslSupport.h                 |   11 +-
 .../Library/BaseCryptLib/SysCall/CrtWrapper.c      |    5 +
 .../Library/BaseCryptLib/SysCall/TimerWrapper.c    |   29 +-
 .../Library/OpensslLib/EDKII_openssl-1.0.2f.patch  |    9 +
 CryptoPkg/Library/OpensslLib/Install.cmd           |    1 +
 CryptoPkg/Library/OpensslLib/Install.sh            |    1 +
 CryptoPkg/Library/OpensslLib/OpensslLib.inf        |    2 +-
 CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf     |  110 ++
 CryptoPkg/Library/OpensslLib/OpensslTlsLib.uni     |  Bin 0 -> 1792 bytes
 CryptoPkg/Library/TlsLib/TlsLib.c                  | 1772 ++++++++++++++++++++
 CryptoPkg/Library/TlsLib/TlsLib.inf                |   46 +
 CryptoPkg/Library/TlsLib/TlsLib.uni                |   19 +
 MdePkg/Include/Protocol/Tls.h                      |  460 +++++
 MdePkg/Include/Protocol/TlsConfig.h                |  132 ++
 MdePkg/MdePkg.dec                                  |    9 +
 NetworkPkg/HttpDxe/HttpDriver.h                    |    7 +-
 NetworkPkg/HttpDxe/HttpDxe.inf                     |    8 +-
 NetworkPkg/HttpDxe/HttpImpl.c                      |  188 ++-
 NetworkPkg/HttpDxe/HttpProto.c                     |  395 +++--
 NetworkPkg/HttpDxe/HttpProto.h                     |   65 +-
 NetworkPkg/HttpDxe/HttpsSupport.c                  | 1680 +++++++++++++++++++
 NetworkPkg/HttpDxe/HttpsSupport.h                  |  314 ++++
 NetworkPkg/NetworkPkg.dsc                          |    3 +
 NetworkPkg/TlsDxe/TlsConfigProtocol.c              |  152 ++
 NetworkPkg/TlsDxe/TlsDriver.c                      |  499 ++++++
 NetworkPkg/TlsDxe/TlsDriver.h                      |  237 +++
 NetworkPkg/TlsDxe/TlsDxe.inf                       |   67 +
 NetworkPkg/TlsDxe/TlsDxe.uni                       |   25 +
 NetworkPkg/TlsDxe/TlsDxeExtra.uni                  |   20 +
 NetworkPkg/TlsDxe/TlsImpl.c                        |  280 ++++
 NetworkPkg/TlsDxe/TlsImpl.h                        |  342 ++++
 NetworkPkg/TlsDxe/TlsProtocol.c                    |  627 +++++++
 Nt32Pkg/Nt32Pkg.dsc                                |    8 +-
 Nt32Pkg/Nt32Pkg.fdf                                |    7 +-
 37 files changed, 8186 insertions(+), 154 deletions(-)
 create mode 100644 CryptoPkg/Include/Library/TlsLib.h
 create mode 100644 CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf
 create mode 100644 CryptoPkg/Library/OpensslLib/OpensslTlsLib.uni
 create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.c
 create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.inf
 create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.uni
 create mode 100644 MdePkg/Include/Protocol/Tls.h
 create mode 100644 MdePkg/Include/Protocol/TlsConfig.h
 create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.c
 create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.h
 create mode 100644 NetworkPkg/TlsDxe/TlsConfigProtocol.c
 create mode 100644 NetworkPkg/TlsDxe/TlsDriver.c
 create mode 100644 NetworkPkg/TlsDxe/TlsDriver.h
 create mode 100644 NetworkPkg/TlsDxe/TlsDxe.inf
 create mode 100644 NetworkPkg/TlsDxe/TlsDxe.uni
 create mode 100644 NetworkPkg/TlsDxe/TlsDxeExtra.uni
 create mode 100644 NetworkPkg/TlsDxe/TlsImpl.c
 create mode 100644 NetworkPkg/TlsDxe/TlsImpl.h
 create mode 100644 NetworkPkg/TlsDxe/TlsProtocol.c

-- 
1.9.5.msysgit.1

_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [Patch 0/6] HTTPS boot feature support

Reply via email to