Serial reviewed-by: Ye Ting <[email protected]>
-----Original Message-----
From: Wu, Jiaxin
Sent: Wednesday, February 24, 2016 4:15 PM
To: [email protected]
Cc: Ye, Ting <[email protected]>; Fu, Siyuan <[email protected]>; Long, Qin
<[email protected]>; Ni, Ruiyu <[email protected]>
Subject: [Patch 0/6] HTTPS boot feature support
These series patches are used to support HTTPS boot feature.
HttpDxe driver will consume TlsDxe driver. It can both support HTTP and HTTPS
feature, it’s depended on the information in URL, the HTTP instance can be able
to determine whether to use HTTP or HTTPS.
It should be noted that current HttpDxe only support server authentication with
an unauthenticated client mode. That means only server is authenticated by
client. Client won’t be authenticated by server. It's normally called as
one-way authentication. To support this mode, CA certificate is required by
Client. Currently, private variable is used to configure this CA certificate.
The variable name is called 'TlsCaCertificate'. The corresponding GUID is
{0xfd2340D0, \ 0x3dab, 0x4349, {0xa6, 0xc7, 0x3b, 0x4f, 0x12, 0xb4, 0x8e,
0xae}}.
In sum, the CA certificate must be configured first to enable HTTPS boot
feature.
TlsDxe driver takes advantage of OpenSLL library, including BaseCryptLib and
new wrapped TlsLib, And also, OpensslTlsLib module is required to enable
'openssl\ssl' function.
Cc: Ye Ting <[email protected]>
Cc: Fu Siyuan <[email protected]>
Cc: Long Qin <[email protected]>
Cc: Ruiyu Ni <[email protected]>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <[email protected]>
Jiaxin Wu (6):
MdePkg: Add TLS related protocol definition
CryptoPkg: Add OpensslTlsLib module to enable 'openssl\ssl'
CryptoPkg: Add new TlsLib library
NetworkPkg: TlsDxe driver implementation over OpenSSL
NetworkPkg: HTTPS support over IPv4 and IPv6
Nt32Pkg: Enable Nt32Pkg platform HTTPS boot feature.
CryptoPkg/CryptoPkg.dec | 6 +-
CryptoPkg/CryptoPkg.dsc | 2 +
CryptoPkg/Include/Library/TlsLib.h | 802 +++++++++
CryptoPkg/Include/OpenSslSupport.h | 11 +-
.../Library/BaseCryptLib/SysCall/CrtWrapper.c | 5 +
.../Library/BaseCryptLib/SysCall/TimerWrapper.c | 29 +-
.../Library/OpensslLib/EDKII_openssl-1.0.2f.patch | 9 +
CryptoPkg/Library/OpensslLib/Install.cmd | 1 +
CryptoPkg/Library/OpensslLib/Install.sh | 1 +
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 2 +-
CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf | 110 ++
CryptoPkg/Library/OpensslLib/OpensslTlsLib.uni | Bin 0 -> 1792 bytes
CryptoPkg/Library/TlsLib/TlsLib.c | 1772 ++++++++++++++++++++
CryptoPkg/Library/TlsLib/TlsLib.inf | 46 +
CryptoPkg/Library/TlsLib/TlsLib.uni | 19 +
MdePkg/Include/Protocol/Tls.h | 460 +++++
MdePkg/Include/Protocol/TlsConfig.h | 132 ++
MdePkg/MdePkg.dec | 9 +
NetworkPkg/HttpDxe/HttpDriver.h | 7 +-
NetworkPkg/HttpDxe/HttpDxe.inf | 8 +-
NetworkPkg/HttpDxe/HttpImpl.c | 188 ++-
NetworkPkg/HttpDxe/HttpProto.c | 395 +++--
NetworkPkg/HttpDxe/HttpProto.h | 65 +-
NetworkPkg/HttpDxe/HttpsSupport.c | 1680 +++++++++++++++++++
NetworkPkg/HttpDxe/HttpsSupport.h | 314 ++++
NetworkPkg/NetworkPkg.dsc | 3 +
NetworkPkg/TlsDxe/TlsConfigProtocol.c | 152 ++
NetworkPkg/TlsDxe/TlsDriver.c | 499 ++++++
NetworkPkg/TlsDxe/TlsDriver.h | 237 +++
NetworkPkg/TlsDxe/TlsDxe.inf | 67 +
NetworkPkg/TlsDxe/TlsDxe.uni | 25 +
NetworkPkg/TlsDxe/TlsDxeExtra.uni | 20 +
NetworkPkg/TlsDxe/TlsImpl.c | 280 ++++
NetworkPkg/TlsDxe/TlsImpl.h | 342 ++++
NetworkPkg/TlsDxe/TlsProtocol.c | 627 +++++++
Nt32Pkg/Nt32Pkg.dsc | 8 +-
Nt32Pkg/Nt32Pkg.fdf | 7 +-
37 files changed, 8186 insertions(+), 154 deletions(-) create mode 100644
CryptoPkg/Include/Library/TlsLib.h
create mode 100644 CryptoPkg/Library/OpensslLib/OpensslTlsLib.inf
create mode 100644 CryptoPkg/Library/OpensslLib/OpensslTlsLib.uni
create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.c create mode 100644
CryptoPkg/Library/TlsLib/TlsLib.inf
create mode 100644 CryptoPkg/Library/TlsLib/TlsLib.uni
create mode 100644 MdePkg/Include/Protocol/Tls.h create mode 100644
MdePkg/Include/Protocol/TlsConfig.h
create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.c create mode 100644
NetworkPkg/HttpDxe/HttpsSupport.h create mode 100644
NetworkPkg/TlsDxe/TlsConfigProtocol.c
create mode 100644 NetworkPkg/TlsDxe/TlsDriver.c create mode 100644
NetworkPkg/TlsDxe/TlsDriver.h create mode 100644 NetworkPkg/TlsDxe/TlsDxe.inf
create mode 100644 NetworkPkg/TlsDxe/TlsDxe.uni create mode 100644
NetworkPkg/TlsDxe/TlsDxeExtra.uni create mode 100644
NetworkPkg/TlsDxe/TlsImpl.c create mode 100644 NetworkPkg/TlsDxe/TlsImpl.h
create mode 100644 NetworkPkg/TlsDxe/TlsProtocol.c
--
1.9.5.msysgit.1
_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.01.org/mailman/listinfo/edk2-devel
