[tls] Add ECDHE cipher suites

Add ECDHE variants of the existing cipher suites, and lower the priority of the non-ECDHE variants. Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Michael Brown <mcb30@ipxe.org> 2024-01-30 17:42:16 +0000
committer: Michael Brown <mcb30@ipxe.org> 2024-01-31 12:34:20 +0000
commit: 963ec1c4f379a49cf37d01472a770fff8e47470c (patch)
tree: 0b0db3e42be95a49deac9d4361a94fdb671d6527 /src/include
parent: 8f6a9399b3dc5af227cbd6185eff077b6e9d0e37 (diff)
download: ipxe-963ec1c4f379a49cf37d01472a770fff8e47470c.zip
ipxe-963ec1c4f379a49cf37d01472a770fff8e47470c.tar.gz
ipxe-963ec1c4f379a49cf37d01472a770fff8e47470c.tar.bz2
1 files changed, 6 insertions, 0 deletions
diff --git a/src/include/ipxe/tls.h b/src/include/ipxe/tls.h
index 5c218f8..cf32778 100644
--- a/src/include/ipxe/tls.h
+++ b/src/include/ipxe/tls.h
@@ -96,6 +96,12 @@ struct tls_header {
 #define TLS_RSA_WITH_AES_256_GCM_SHA384 0x009d
 #define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x009e
 #define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x009f
+#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xc013
+#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xc014
+#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xc027
+#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xc028
+#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xc02f
+#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xc030
 
 /* TLS hash algorithm identifiers */
 #define TLS_MD5_ALGORITHM 1
author	Michael Brown <mcb30@ipxe.org>	2024-01-30 17:42:16 +0000
committer	Michael Brown <mcb30@ipxe.org>	2024-01-31 12:34:20 +0000
commit	963ec1c4f379a49cf37d01472a770fff8e47470c (patch)
tree	0b0db3e42be95a49deac9d4361a94fdb671d6527 /src/include
parent	8f6a9399b3dc5af227cbd6185eff077b6e9d0e37 (diff)
download	ipxe-963ec1c4f379a49cf37d01472a770fff8e47470c.zip ipxe-963ec1c4f379a49cf37d01472a770fff8e47470c.tar.gz ipxe-963ec1c4f379a49cf37d01472a770fff8e47470c.tar.bz2