subject:"\[edk2\] \[PATCH v2 5\/6\] NetworkPkg\: HTTPS support over IPv4 and IPv6"

Re: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

2016-04-12 Thread Wu, Jiaxin

That's fine, but whether commit to the newly proposed branches in github or 
not, I'm not sure since there is no final conclusion for that currently.

Thanks your feedback again.

From: El-Haj-Mahmoud, Samer [mailto:samer.el-haj-mahm...@hpe.com]
Sent: Wednesday, April 13, 2016 10:16 AM
To: edk2-devel@lists.01.org; Wu, Jiaxin <jiaxin...@intel.com>
Cc: Ye, Ting <ting...@intel.com>; Fu, Siyuan <siyuan...@intel.com>; Long, Qin 
<qin.l...@intel.com>
Subject: RE: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

HPE verified both https boot (with dhcp handshake) and https download from a 
url to work, but with a hard coded certificate (not using the variable yet).

I think PEER cert validation is working, but not the timestamp check. We are. 
looking at that tomorrow.

There might be a few changes needed on top of your patches. I will take a look 
and try to generate a patch and send it for review.

This would have been a great feature to co-develop in the newly proposed 
branches in github...



-Original Message-
From: Wu, Jiaxin [jiaxin...@intel.com]
Received: Tuesday, 12 Apr 2016, 9:06PM
To: El-Haj-Mahmoud, Samer [samer.el-haj-mahm...@hpe.com]; 
edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org> 
[edk2-devel@lists.01.org]
CC: Ye, Ting [ting...@intel.com]; Fu, Siyuan [siyuan...@intel.com]; Long, Qin 
[qin.l...@intel.com]
Subject: RE: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6
Thanks Samer. I'm collecting the test result for this new feature. So, I want 
to know whether the patch pass your testing environment?

For commit process, it's depending on the test result before commit to EDKII 
trunk directly since it is the new feature. Once we draw the finally 
conclusion, I will inform you first time.

Thanks.
Jiaxin

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of El-
> Haj-Mahmoud, Samer
> Sent: Wednesday, April 13, 2016 1:37 AM
> To: Wu, Jiaxin <jiaxin...@intel.com<mailto:jiaxin...@intel.com>>; 
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Ye, Ting <ting...@intel.com<mailto:ting...@intel.com>>; Fu, Siyuan 
> <siyuan...@intel.com<mailto:siyuan...@intel.com>>; Long,
> Qin <qin.l...@intel.com<mailto:qin.l...@intel.com>>
> Subject: Re: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4
> and IPv6
>
>
> Looks good. Are you planning on committing this code? I have a few updates
> I would like to send for review, but they need the initial patches to be
> committed first.
>
> Series reviewed-by: Samer El-Haj-Mahmoud <el...@hpe.com<mailto:el...@hpe.com>>
>
>
> -Original Message-
> From: Jiaxin Wu [mailto:jiaxin...@intel.com]
> Sent: Monday, April 11, 2016 2:50 AM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Ye Ting <ting...@intel.com<mailto:ting...@intel.com>>; Fu Siyuan 
> <siyuan...@intel.com<mailto:siyuan...@intel.com>>; Long Qin
> <qin.l...@intel.com<mailto:qin.l...@intel.com>>; El-Haj-Mahmoud, Samer 
>  mahm...@hpe.com<mailto:mahm...@hpe.com>>
> Subject: [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6
>
> v2:
> To support the multiple certificate configuration,
> EFI_SIGNATURE_LIST format is used for the variable
> 'TlsCaCertificate'.
>
> This patch is used to enable HTTPS feature. HttpDxe driver
> will consume TlsDxe driver. It can both support
> http and https feature, it's depended on the information in URL,
> the HTTP instance can be able to determine whether to use http
> or https.
>
> Cc: Ye Ting <ting...@intel.com<mailto:ting...@intel.com>>
> Cc: Fu Siyuan <siyuan...@intel.com<mailto:siyuan...@intel.com>>
> Cc: Long Qin <qin.l...@intel.com<mailto:qin.l...@intel.com>>
> Cc: El-Haj-Mahmoud Samer 
> <samer.el-haj-mahm...@hpe.com<mailto:samer.el-haj-mahm...@hpe.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiaxin Wu <jiaxin...@intel.com<mailto:jiaxin...@intel.com>>
> ---
>  NetworkPkg/HttpDxe/HttpDriver.h   |8 +-
>  NetworkPkg/HttpDxe/HttpDxe.inf|8 +-
>  NetworkPkg/HttpDxe/HttpImpl.c |  188 +++-
>  NetworkPkg/HttpDxe/HttpProto.c|  395 ++---
>  NetworkPkg/HttpDxe/HttpProto.h|   65 +-
>  NetworkPkg/HttpDxe/HttpsSupport.c | 1701
> +
>  NetworkPkg/HttpDxe/HttpsSupport.h |  314 +++
>  7 files changed, 2542 insertions(+), 137 deletions(-)
>  create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.c
>  create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.h
>
> diff --git a/NetworkPkg/HttpDxe/HttpDriver.h
> b/NetworkPkg/HttpDxe/HttpDriver.h
> index 9c0002a..

Re: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

2016-04-12 Thread El-Haj-Mahmoud, Samer

HPE verified both https boot (with dhcp handshake) and https download from a 
url to work, but with a hard coded certificate (not using the variable yet).

I think PEER cert validation is working, but not the timestamp check. We are. 
looking at that tomorrow.

There might be a few changes needed on top of your patches. I will take a look 
and try to generate a patch and send it for review.

This would have been a great feature to co-develop in the newly proposed 
branches in github...



-Original Message-
From: Wu, Jiaxin [jiaxin...@intel.com]
Received: Tuesday, 12 Apr 2016, 9:06PM
To: El-Haj-Mahmoud, Samer [samer.el-haj-mahm...@hpe.com]; 
edk2-devel@lists.01.org [edk2-devel@lists.01.org]
CC: Ye, Ting [ting...@intel.com]; Fu, Siyuan [siyuan...@intel.com]; Long, Qin 
[qin.l...@intel.com]
Subject: RE: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

Thanks Samer. I'm collecting the test result for this new feature. So, I want 
to know whether the patch pass your testing environment?

For commit process, it's depending on the test result before commit to EDKII 
trunk directly since it is the new feature. Once we draw the finally 
conclusion, I will inform you first time.

Thanks.
Jiaxin

> -Original Message-
> From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of El-
> Haj-Mahmoud, Samer
> Sent: Wednesday, April 13, 2016 1:37 AM
> To: Wu, Jiaxin <jiaxin...@intel.com>; edk2-devel@lists.01.org
> Cc: Ye, Ting <ting...@intel.com>; Fu, Siyuan <siyuan...@intel.com>; Long,
> Qin <qin.l...@intel.com>
> Subject: Re: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4
> and IPv6
>
>
> Looks good. Are you planning on committing this code? I have a few updates
> I would like to send for review, but they need the initial patches to be
> committed first.
>
> Series reviewed-by: Samer El-Haj-Mahmoud <el...@hpe.com>
>
>
> -Original Message-
> From: Jiaxin Wu [mailto:jiaxin...@intel.com]
> Sent: Monday, April 11, 2016 2:50 AM
> To: edk2-devel@lists.01.org
> Cc: Ye Ting <ting...@intel.com>; Fu Siyuan <siyuan...@intel.com>; Long Qin
> <qin.l...@intel.com>; El-Haj-Mahmoud, Samer  mahm...@hpe.com>
> Subject: [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6
>
> v2:
> To support the multiple certificate configuration,
> EFI_SIGNATURE_LIST format is used for the variable
> 'TlsCaCertificate'.
>
> This patch is used to enable HTTPS feature. HttpDxe driver
> will consume TlsDxe driver. It can both support
> http and https feature, it’s depended on the information in URL,
> the HTTP instance can be able to determine whether to use http
> or https.
>
> Cc: Ye Ting <ting...@intel.com>
> Cc: Fu Siyuan <siyuan...@intel.com>
> Cc: Long Qin <qin.l...@intel.com>
> Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahm...@hpe.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiaxin Wu <jiaxin...@intel.com>
> ---
>  NetworkPkg/HttpDxe/HttpDriver.h   |8 +-
>  NetworkPkg/HttpDxe/HttpDxe.inf|8 +-
>  NetworkPkg/HttpDxe/HttpImpl.c |  188 +++-
>  NetworkPkg/HttpDxe/HttpProto.c|  395 ++---
>  NetworkPkg/HttpDxe/HttpProto.h|   65 +-
>  NetworkPkg/HttpDxe/HttpsSupport.c | 1701
> +
>  NetworkPkg/HttpDxe/HttpsSupport.h |  314 +++
>  7 files changed, 2542 insertions(+), 137 deletions(-)
>  create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.c
>  create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.h
>
> diff --git a/NetworkPkg/HttpDxe/HttpDriver.h
> b/NetworkPkg/HttpDxe/HttpDriver.h
> index 9c0002a..3c30c12 100644
> --- a/NetworkPkg/HttpDxe/HttpDriver.h
> +++ b/NetworkPkg/HttpDxe/HttpDriver.h
> @@ -1,9 +1,9 @@
>  /** @file
>The header files of the driver binding and service binding protocol for
> HttpDxe driver.
>
> -  Copyright (c) 2015, Intel Corporation. All rights reserved.
> +  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
>(C) Copyright 2016 Hewlett Packard Enterprise Development LP
>
>This program and the accompanying materials
>are licensed and made available under the terms and conditions of the BSD
> License
>which accompanies this distribution.  The full text of the license may be
> found at
> @@ -22,10 +22,11 @@
>
>  //
>  // Libraries
>  //
>  #include 
> +#include 
>  #include 
>  #include 
>  #include 
>  #include 
>  #include 
> @@ -48,12 +49,14 @@
>  #include 
>  #include 
>  #include 
>  #include 
>  #include 
> +#include 
> +#include 
>
> -
> +#include 
>  //
>  // Produced Protocols
>  //
>  #include 
>
> @@ -77,10 +80,11 @@ extern EFI_HTTP_UTILIT

Re: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

2016-04-12 Thread El-Haj-Mahmoud, Samer


Looks good. Are you planning on committing this code? I have a few updates I 
would like to send for review, but they need the initial patches to be 
committed first.
 
Series reviewed-by: Samer El-Haj-Mahmoud 


-Original Message-
From: Jiaxin Wu [mailto:jiaxin...@intel.com] 
Sent: Monday, April 11, 2016 2:50 AM
To: edk2-devel@lists.01.org
Cc: Ye Ting ; Fu Siyuan ; Long Qin 
; El-Haj-Mahmoud, Samer 
Subject: [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

v2:
To support the multiple certificate configuration,
EFI_SIGNATURE_LIST format is used for the variable
'TlsCaCertificate'.

This patch is used to enable HTTPS feature. HttpDxe driver
will consume TlsDxe driver. It can both support
http and https feature, it’s depended on the information in URL,
the HTTP instance can be able to determine whether to use http
or https.

Cc: Ye Ting 
Cc: Fu Siyuan 
Cc: Long Qin 
Cc: El-Haj-Mahmoud Samer 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu 
---
 NetworkPkg/HttpDxe/HttpDriver.h   |8 +-
 NetworkPkg/HttpDxe/HttpDxe.inf|8 +-
 NetworkPkg/HttpDxe/HttpImpl.c |  188 +++-
 NetworkPkg/HttpDxe/HttpProto.c|  395 ++---
 NetworkPkg/HttpDxe/HttpProto.h|   65 +-
 NetworkPkg/HttpDxe/HttpsSupport.c | 1701 +
 NetworkPkg/HttpDxe/HttpsSupport.h |  314 +++
 7 files changed, 2542 insertions(+), 137 deletions(-)
 create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.c
 create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.h

diff --git a/NetworkPkg/HttpDxe/HttpDriver.h b/NetworkPkg/HttpDxe/HttpDriver.h
index 9c0002a..3c30c12 100644
--- a/NetworkPkg/HttpDxe/HttpDriver.h
+++ b/NetworkPkg/HttpDxe/HttpDriver.h
@@ -1,9 +1,9 @@
 /** @file
   The header files of the driver binding and service binding protocol for 
HttpDxe driver.
 
-  Copyright (c) 2015, Intel Corporation. All rights reserved.
+  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
   (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
   which accompanies this distribution.  The full text of the license may be 
found at
@@ -22,10 +22,11 @@
 
 //
 // Libraries
 //
 #include 
+#include 
 #include 
 #include 
 #include 
 #include 
 #include 
@@ -48,12 +49,14 @@
 #include 
 #include 
 #include 
 #include 
 #include 
+#include 
+#include 
 
-
+#include 
 //
 // Produced Protocols
 //
 #include 
 
@@ -77,10 +80,11 @@ extern EFI_HTTP_UTILITIES_PROTOCOL  *mHttpUtilities;
 // Include files with function prototypes
 //
 #include "ComponentName.h"
 #include "HttpImpl.h"
 #include "HttpProto.h"
+#include "HttpsSupport.h"
 #include "HttpDns.h"
 
 typedef struct {
   EFI_SERVICE_BINDING_PROTOCOL  *ServiceBinding;
   UINTN NumberOfChildren;
diff --git a/NetworkPkg/HttpDxe/HttpDxe.inf b/NetworkPkg/HttpDxe/HttpDxe.inf
index bf2cbee..a228c3d 100644
--- a/NetworkPkg/HttpDxe/HttpDxe.inf
+++ b/NetworkPkg/HttpDxe/HttpDxe.inf
@@ -1,9 +1,9 @@
 ## @file
 #  Implementation of EFI HTTP protocol interfaces.
 #
-#  Copyright (c) 2015, Intel Corporation. All rights reserved.
+#  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution. The full text of the license may be 
found at
 #  http://opensource.org/licenses/bsd-license.php.
@@ -36,14 +36,17 @@
   HttpDriver.c
   HttpImpl.h
   HttpImpl.c
   HttpProto.h
   HttpProto.c
+  HttpsSupport.h
+  HttpsSupport.c
 
 [LibraryClasses]
   UefiDriverEntryPoint
   UefiBootServicesTableLib
+  UefiRuntimeServicesTableLib
   MemoryAllocationLib
   BaseLib
   UefiLib
   DebugLib
   NetLib
@@ -62,8 +65,11 @@
   gEfiDns4ProtocolGuid ## SOMETIMES_CONSUMES
   gEfiDns6ServiceBindingProtocolGuid   ## SOMETIMES_CONSUMES
   gEfiDns6ProtocolGuid ## SOMETIMES_CONSUMES
   gEfiIp4Config2ProtocolGuid   ## SOMETIMES_CONSUMES
   gEfiIp6ConfigProtocolGuid## SOMETIMES_CONSUMES
+  gEfiTlsServiceBindingProtocolGuid## SOMETIMES_CONSUMES
+  gEfiTlsProtocolGuid  ## SOMETIMES_CONSUMES
+  gEfiTlsConfigurationProtocolGuid ## SOMETIMES_CONSUMES
 
 [UserExtensions.TianoCore."ExtraFiles"]
   HttpDxeExtra.uni
\ No newline at end of file
diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c
index 63b683e..8d81a90 100644
--- a/NetworkPkg/HttpDxe/HttpImpl.c
+++ b/NetworkPkg/HttpDxe/HttpImpl.c
@@ -238,10 +238,11 @@

[edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

2016-04-11 Thread Jiaxin Wu

v2:
To support the multiple certificate configuration,
EFI_SIGNATURE_LIST format is used for the variable
'TlsCaCertificate'.

This patch is used to enable HTTPS feature. HttpDxe driver
will consume TlsDxe driver. It can both support
http and https feature, it’s depended on the information in URL,
the HTTP instance can be able to determine whether to use http
or https.

Cc: Ye Ting 
Cc: Fu Siyuan 
Cc: Long Qin 
Cc: El-Haj-Mahmoud Samer 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu 
---
 NetworkPkg/HttpDxe/HttpDriver.h   |8 +-
 NetworkPkg/HttpDxe/HttpDxe.inf|8 +-
 NetworkPkg/HttpDxe/HttpImpl.c |  188 +++-
 NetworkPkg/HttpDxe/HttpProto.c|  395 ++---
 NetworkPkg/HttpDxe/HttpProto.h|   65 +-
 NetworkPkg/HttpDxe/HttpsSupport.c | 1701 +
 NetworkPkg/HttpDxe/HttpsSupport.h |  314 +++
 7 files changed, 2542 insertions(+), 137 deletions(-)
 create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.c
 create mode 100644 NetworkPkg/HttpDxe/HttpsSupport.h

diff --git a/NetworkPkg/HttpDxe/HttpDriver.h b/NetworkPkg/HttpDxe/HttpDriver.h
index 9c0002a..3c30c12 100644
--- a/NetworkPkg/HttpDxe/HttpDriver.h
+++ b/NetworkPkg/HttpDxe/HttpDriver.h
@@ -1,9 +1,9 @@
 /** @file
   The header files of the driver binding and service binding protocol for 
HttpDxe driver.
 
-  Copyright (c) 2015, Intel Corporation. All rights reserved.
+  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
   (C) Copyright 2016 Hewlett Packard Enterprise Development LP
 
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BSD 
License
   which accompanies this distribution.  The full text of the license may be 
found at
@@ -22,10 +22,11 @@
 
 //
 // Libraries
 //
 #include 
+#include 
 #include 
 #include 
 #include 
 #include 
 #include 
@@ -48,12 +49,14 @@
 #include 
 #include 
 #include 
 #include 
 #include 
+#include 
+#include 
 
-
+#include 
 //
 // Produced Protocols
 //
 #include 
 
@@ -77,10 +80,11 @@ extern EFI_HTTP_UTILITIES_PROTOCOL  *mHttpUtilities;
 // Include files with function prototypes
 //
 #include "ComponentName.h"
 #include "HttpImpl.h"
 #include "HttpProto.h"
+#include "HttpsSupport.h"
 #include "HttpDns.h"
 
 typedef struct {
   EFI_SERVICE_BINDING_PROTOCOL  *ServiceBinding;
   UINTN NumberOfChildren;
diff --git a/NetworkPkg/HttpDxe/HttpDxe.inf b/NetworkPkg/HttpDxe/HttpDxe.inf
index bf2cbee..a228c3d 100644
--- a/NetworkPkg/HttpDxe/HttpDxe.inf
+++ b/NetworkPkg/HttpDxe/HttpDxe.inf
@@ -1,9 +1,9 @@
 ## @file
 #  Implementation of EFI HTTP protocol interfaces.
 #
-#  Copyright (c) 2015, Intel Corporation. All rights reserved.
+#  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
 #
 #  This program and the accompanying materials
 #  are licensed and made available under the terms and conditions of the BSD 
License
 #  which accompanies this distribution. The full text of the license may be 
found at
 #  http://opensource.org/licenses/bsd-license.php.
@@ -36,14 +36,17 @@
   HttpDriver.c
   HttpImpl.h
   HttpImpl.c
   HttpProto.h
   HttpProto.c
+  HttpsSupport.h
+  HttpsSupport.c
 
 [LibraryClasses]
   UefiDriverEntryPoint
   UefiBootServicesTableLib
+  UefiRuntimeServicesTableLib
   MemoryAllocationLib
   BaseLib
   UefiLib
   DebugLib
   NetLib
@@ -62,8 +65,11 @@
   gEfiDns4ProtocolGuid ## SOMETIMES_CONSUMES
   gEfiDns6ServiceBindingProtocolGuid   ## SOMETIMES_CONSUMES
   gEfiDns6ProtocolGuid ## SOMETIMES_CONSUMES
   gEfiIp4Config2ProtocolGuid   ## SOMETIMES_CONSUMES
   gEfiIp6ConfigProtocolGuid## SOMETIMES_CONSUMES
+  gEfiTlsServiceBindingProtocolGuid## SOMETIMES_CONSUMES
+  gEfiTlsProtocolGuid  ## SOMETIMES_CONSUMES
+  gEfiTlsConfigurationProtocolGuid ## SOMETIMES_CONSUMES
 
 [UserExtensions.TianoCore."ExtraFiles"]
   HttpDxeExtra.uni
\ No newline at end of file
diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c
index 63b683e..8d81a90 100644
--- a/NetworkPkg/HttpDxe/HttpImpl.c
+++ b/NetworkPkg/HttpDxe/HttpImpl.c
@@ -238,10 +238,11 @@ EfiHttpRequest (
   CHAR8 *HostName;
   UINT16RemotePort;
   HTTP_PROTOCOL *HttpInstance;
   BOOLEAN   Configure;
   BOOLEAN   ReConfigure;
+  BOOLEAN   TlsConfigure;
   CHAR8 *RequestStr;
   CHAR8 *Url;
   UINTN UrlLen;
   CHAR16*HostNameStr;
   HTTP_TOKEN_WRAP   *Wrap;
@@ -306,10 +307,38 @@ EfiHttpRequest (
 HttpInstance->Url = Url;
   }

Re: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

Re: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

Re: [edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

[edk2] [PATCH v2 5/6] NetworkPkg: HTTPS support over IPv4 and IPv6

4 matches

Site Navigation

Mail list logo

Footer information