[edk2-devel] [PATCH V2 1/1] CryptoPkg: Fix pem heap-buffer-overflow due to BIO_snprintf()

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4075 Fake BIO_snprintf() does not actually print anything to buf, it should return -1 as error. 0 will be considered a correct return value, the consumer may think that the buf is valid and parse the buffer. please refer to bugzilla link for

Re: [edk2-devel] [PATCH 1/1] CryptoPkg: Fix pem heap-buffer-overflow due to BIO_snprintf()

Hi Jiewen, Can you take a look at this patch? WPA3 Tls API fuzzing is blocked because of same pem API. Thanks, Yi -Original Message- From: devel@edk2.groups.io On Behalf Of yi1 li Sent: Thursday, September 22, 2022 8:53 PM To: devel@edk2.groups.io Cc: Li, Yi1 ; Yao, Jiewen ; Wang, Jian

[edk2-devel] [PATCH V5 4/4] CryptoPkg/Test: Add unit test for CryptoEc

Add unit test for CryptoEc. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 + CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 3 + .../BaseCryptLib/BaseCryptLibUnitTests.c | 1 +

[edk2-devel] [PATCH V5 2/4] CryptoPkg: Add EC APIs to DXE and protocol

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 The implementation provides CryptEc library functions for EFI Driveer and EFI BaseCrypt Protocol. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/CryptoPkg.dsc |

[edk2-devel] [PATCH V5 3/4] CryptoPkg: Add ECC related usage reference

Describes the use cases under which ECC needs to be enabled, and provides the impact on memory size for developers' reference. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Michael D Kinney Signed-off-by: Yi Li --- CryptoPkg/CryptoPkg.dec | 29

[edk2-devel] [PATCH V5 1/4] CryptoPkg: Add EC support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 This patch is used to add CryptEc library, which is wrapped over OpenSSL. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/Include/Library/BaseCryptLib.h | 424 ++

[edk2-devel] [PATCH V5 0/4] CryptoPkg: Add EC support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 Review PR: https://github.com/tianocore/edk2/pull/3398 This patch sequence is used to add CryptEc library, which are wrapped over OpenSSL. The implementation provides library functions for EFI BaseCrypt protocol and EFI BaseCrypt

[edk2-devel] [PATCH V4 4/4] CryptoPkg/Test: Add unit test for CryptoEc

Add unit test for CryptoEc. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 + CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 3 + .../BaseCryptLib/BaseCryptLibUnitTests.c | 1 +

[edk2-devel] [PATCH V4 2/4] CryptoPkg: Add EC APIs to DXE and protocol

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 The implementation provides CryptEc library functions for EFI Driveer and EFI BaseCrypt Protocol. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/CryptoPkg.dsc |

[edk2-devel] [PATCH V4 3/4] CryptoPkg: Add ECC related usage reference

Describes the use cases under which ECC needs to be enabled, and provides the impact on memory size for developers' reference. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Michael D Kinney Signed-off-by: Yi Li --- CryptoPkg/CryptoPkg.dec | 28

[edk2-devel] [PATCH V4 1/4] CryptoPkg: Add EC support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 This patch is used to add CryptEc library, which is wrapped over OpenSSL. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/Include/Library/BaseCryptLib.h | 424 ++

[edk2-devel] [PATCH V4 0/4] CryptoPkg: Add EC support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 Review PR: https://github.com/tianocore/edk2/pull/3398 This patch sequence is used to add CryptEc library, which are wrapped over OpenSSL. The implementation provides library functions for EFI BaseCrypt protocol and EFI BaseCrypt

Re: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support

; > OpensslLib.inf before by PcdOpensslEcEnabled, > > > > > > https://github.com/tianocore/edk2/blob/2c17d676e402d75a3a674499342f7ddaccf387bd/CryptoPkg/Library/OpensslLib/OpensslLib.inf#L2 > > > 02-L238 > > > if PcdOpensslEcEnabled not true, all ec files will not be

Re: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support

i > > > > -Original Message- > > From: Kinney, Michael D > > Sent: Thursday, September 22, 2022 12:22 AM > > To: devel@edk2.groups.io; Li, Yi1 ; Kinney, Michael D > > > > Cc: Yao, Jiewen ; Wang, Jian J > > ; Lu, Xiaoyu1 ; Jiang, > > Guomin

Re: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support

D > > Cc: Yao, Jiewen ; Wang, Jian J ; > Lu, Xiaoyu1 ; Jiang, > Guomin > Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support > > Comments embedded below. > > Mike > > > -Original Message- > > From: devel@edk2.groups.io On Behalf Of

[edk2-devel] [PATCH 1/1] CryptoPkg: Fix pem heap-buffer-overflow due to BIO_snprintf()

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4075 Fake BIO_snprintf() need to return error status -1. 0 will be considered a correct return value, this may cause crash, please refer to bugzilla link for details. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc:

Re: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support

, Jiewen ; Wang, Jian J ; Lu, Xiaoyu1 ; Jiang, Guomin Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support Comments embedded below. Mike > -Original Message- > From: devel@edk2.groups.io On Behalf Of yi1 li > Sent: Tuesday, September 20, 2022 9:55 PM > To: devel@ed

Re: [edk2-devel] [PATCH V3 0/3] CryptoPkg: Add EC support

Resend patch sets because of typos in comment message. -Original Message- From: Li, Yi1 Sent: Wednesday, September 21, 2022 1:27 PM To: devel@edk2.groups.io Cc: Li, Yi1 ; Yao, Jiewen ; Wang, Jian J ; Lu, Xiaoyu1 ; Jiang, Guomin Subject: [PATCH V3 0/3] CryptoPkg: Add EC support REF:

Re: [edk2-devel] [PATCH 0/7] CryptoPkg: Add BigNum and EC support to BaseCryptLib

Hi Jiewen, Thanks for review, changes done. Since both BN and EC extend many structures, splitting them will cause git conflicts, I've adjusted the order of patches: Ec commits are based on Bn commits. Just convenient for merge. Thanks, Yi -Original Message- From: Yao, Jiewen Sent:

[edk2-devel] [PATCH V2 3/3] CryptoPkg/Test: Add unit test for CryptoEc

Add unit test for CryptoEc. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 + CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 3 + .../BaseCryptLib/BaseCryptLibUnitTests.c | 1 +

[edk2-devel] [PATCH V2 2/3] CryptoPkg: Add EC APIs to DXE and protocol

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 The implementation provides CryptEc library functions for EFI Driveer and EFI BaseCrypt Protocol. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/CryptoPkg.dsc |

[edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 This patch is used to add CryptEc library, which is wrapped over OpenSSL. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/Include/Library/BaseCryptLib.h | 424 ++

[edk2-devel] [PATCH V2 3/3] CryptoPkg/Test: Add unit test for CryptoBn

Add unit test for CryptoBn. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 1 + .../BaseCryptLib/BaseCryptLibUnitTests.c | 1 + .../UnitTest/Library/BaseCryptLib/BnTests.c | 266

[edk2-devel] [PATCH V2 2/3] CryptoPkg: Add BigNum API to DXE and protocol

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 The implementation provides CryptBn library functions for EFI Driver and EFI BaseCrypt Protocol. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/CryptoPkg.dsc |

[edk2-devel] [PATCH V2 1/3] CryptoPkg: Add BigNum support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 This patch is used to add CryptBn library, which is wrapped over OpenSSL. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/Include/Library/BaseCryptLib.h | 418 +

[edk2-devel] [PATCH V2 0/3] CryptoPkg: Add BigNum support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 Review PR: https://github.com/tianocore/edk2/pull/3309 This patch sequence is used to add CryptBn library, which are wrapped over OpenSSL. The implementation provides library functions for EFI BaseCrypt protocol and EFI BaseCrypt

Re: [edk2-devel] [PATCH 0/7] CryptoPkg: Add BigNum and EC support to BaseCryptLib

Hi all, Is there any comment on this patch? Thanks. Regards, Yi -Original Message- From: devel@edk2.groups.io On Behalf Of yi1 li Sent: Wednesday, September 7, 2022 4:29 PM To: devel@edk2.groups.io Cc: Li, Yi1 ; Yao, Jiewen ; Wang, Jian J ; Xiaoyu Lu ; Jiang, Guomin Subject: [edk2

[edk2-devel] [PATCH 7/7] CryptoPkg: Run uncrustify tools on EC and BN change

Run uncrustify tools on EC and BN change to meet UEFI code style. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/Driver/Crypto.c | 2 +- CryptoPkg/Include/Library/BaseCryptLib.h | 8 +-

[edk2-devel] [PATCH 6/7] CryptoPkg/Test: Add unit test for CryptoEc

Add unit test for CryptoEc. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 + CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 3 + .../BaseCryptLib/BaseCryptLibUnitTests.c | 1 +

[edk2-devel] [PATCH 5/7] CryptoPkg/Test: Add unit test for CryptoBn

Add unit test for CryptoBn. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 1 + .../BaseCryptLib/BaseCryptLibUnitTests.c | 1 + .../UnitTest/Library/BaseCryptLib/BnTests.c | 257

[edk2-devel] [PATCH 4/7] CryptoPkg: Add EC APIs to DXE and protocol

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 The implementation provides CryptEc library functions for EFI Driveer and EFI BaseCrypt Protocol. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/CryptoPkg.dsc |

[edk2-devel] [PATCH 3/7] CryptoPkg: Add EC support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 This patch is used to add CryptEc library, which is wrapped over OpenSSL. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/Include/Library/BaseCryptLib.h | 424 ++

[edk2-devel] [PATCH 2/7] CryptoPkg: Add BigNum API to DXE and protocol

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 The implementation provides CryptBn library functions for EFI CryptoDxe and EFI BaseCrypt Protocol. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/CryptoPkg.dsc

[edk2-devel] [PATCH 1/7] CryptoPkg: Add BigNum support

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 This patch is used to add CryptBn library, which is wrapped over OpenSSL. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/Include/Library/BaseCryptLib.h | 418 +

[edk2-devel] [PATCH 0/7] CryptoPkg: Add BigNum and EC support to BaseCryptLib

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828 Review PR: https://github.com/tianocore/edk2/pull/3309 This patch sequence is used to add CryptBn and CryptEc library, which are wrapped over OpenSSL. The implementation provides library functions for EFI BaseCrypt protocol and EFI

Re: [edk2-devel] [PATCH 1/1] BaseTools: INF should use latest Pcd value instead of default value

; From: devel@edk2.groups.io On Behalf Of yi1 li > Sent: Monday, July 11, 2022 1:48 PM > To: devel@edk2.groups.io > Cc: Li, Yi1 ; Feng, Bob C ; > Gao, Liming > Subject: [edk2-devel] [PATCH 1/1] BaseTools: INF should use latest Pcd > value instead of default value > >

[edk2-devel] [staging/crypto-new-api PATCH] CryptoPkg: Fixed possible security implications in ECDH and BN.

1. Origenal code mixes up the input/output parameters for the BN_rshift() function - the output is actually the first parameter and not the second one. Now we correct BnRShift() param order. 2. NID_X9_62_prime192v1() and NID_secp224r1 prohibited by Intel Crypto/TLS Guidelines (due to being

[edk2-devel] [staging/crypto-new-api PATCH] CryptoPkg: Fix issues from crypto code review.

Details: 1. Some APIs need more detail comment. 2. Correct BnRShift() param order. 3. Remove unsecure ECC curve from GroupToNid(). 4. Add full public key validating procedures to EcDhDeriveSecret(). Cc: Ming Tan Cc: Heng Luo Signed-off-by: Yi Li --- CryptoPkg/Driver/Crypto.c

[edk2-devel] [PATCH 1/1] BaseTools: INF should use latest Pcd value instead of default value

This patch is a bug fix about FeatureFlagExpression in INF file: INF [Source] section now unconditionally use Pcd default value in DEC when handling FeatureFlagExpression, it is wrong. If a Pcd value has been set in the DSC file, we should use latest value in DSC instead of default value. Cc:

[edk2-devel] [PATCH 5/5] NetworkPkg/TlsDxe: Sync to new TlsSetHostPrivateKey() API

Add NULL to param list to sync with new TlsSetHostPrivateKey() in TlsLib. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Maciej Rabeda Cc: Jiaxin Wu Cc: Siyuan Fu Signed-off-by: Yi Li --- NetworkPkg/TlsDxe/TlsConfigProtocol.c | 2 +- 1 file changed, 1 insertion(+), 1

[edk2-devel] [PATCH 4/5] CryptoPkg: Add implementation for TlsSetHostPrivateKey()

From: yi1 li Add Password to TlsSetHostPrivateKey() param list, Set Password to NULL when useless. This function adds the local private key (PEM-encoded RSA or PKCS#8 private key) into the specified TLS object for TLS negotiation. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang

[edk2-devel] [PATCH 3/5] CryptoPkg: Add APIs TlsShutdown and TlsExportKey to TlsLib

From: yi1 li REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3892 Add the following API and implementation to the TLS library: 1.TlsShutdown: Shutdown the TLS connection without releasing the resources, meaning a new connection can be started without calling TlsNew() and without setting

[edk2-devel] [PATCH 2/5] CryptoPkg: Add TlsSetConfiguration API

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3892 1. TlsSetSignatureAlgoList: Configure the list of TLS signature algorithms that should be used as part of the TLS session establishment. This is needed for some WLAN Supplicant connection establishment flows that allow only specific TLS

[edk2-devel] [PATCH 1/5] MdePkg: Add Tls configuration related define

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3892 Consumed by TlsSetEcCurve and TlsSetSignatureAlgoList. Cc: Jiewen Yao Cc: Michael D Kinney Cc: Liming Gao Signed-off-by: Yi Li --- MdePkg/Include/IndustryStandard/Tls1.h | 110 + 1 file changed, 74

[edk2-devel] [PATCH 0/5] CryptoPkg: Add additional cipher algos and TLS API to meet WPA3

Rabeda Cc: Jiaxin Wu Cc: Siyuan Fu Cc: Michael D Kinney Cc: Liming Gao Yi Li (3): MdePkg: Add Tls configuration related define CryptoPkg: Add TlsSetConfiguration API NetworkPkg/TlsDxe: Sync to new TlsSetHostPrivateKey() API yi1 li (2): CryptoPkg: Add APIs TlsShutdown and TlsExportKey

Re: [edk2-devel] [PATCH V2 2/5] CryptoPkg: Separate auto-generated openssl config and edk2 openssl config

It will change it. For example if we want to make SM2 conditional also, we can change config list to: my %conditional_feature = ("PcdOpensslEcEnabled"=>["EC", "ECDH", "ECDSA", "TLS1_3"], "PcdOpensslSM2Enabled=>["SM2"]); my %conditional_feature_dir = ("/ec/"=>"PcdOpensslEcEnabled",

Re: [edk2-devel] [PATCH V2 2/5] CryptoPkg: Separate auto-generated openssl config and edk2 openssl config

Just for convenience. There are too many places need to configure, so I think putting all the configuration options close together, all in process_file.pl, will be more clear to user ;) Thank you, Yi -Original Message- From: devel@edk2.groups.io On Behalf Of Gerd Hoffmann Sent:

[edk2-devel] [PATCH V4 5/5] CryptoPkg/openssl: disable codestyle checks for generated files

Files generated by process_files.pl from openssl sources should not be checked for edk2 code style. Signed-off-by: Gerd Hoffmann Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.ci.yaml | 14 +- 1 file changed, 13

[edk2-devel] [PATCH V4 4/5] CryptoPkg/openssl: update generated files

Run process_files.pl with the current openssl submodule version. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Gerd Hoffmann --- CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +- .../Library/Include/openssl/opensslconf.h | 17 ++

[edk2-devel] [PATCH V4 3/5] CryptoPkg: Update process_files.pl to automatically add PCD config option

Recommend from Gerd: (2) Keep the EC config option, but update process_files.pl to automatically add the PcdEcEnabled config option handling to the files it generates. When remove 'no-ec' from openssl configure list, will automatically remove 'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH',

[edk2-devel] [PATCH V4 2/5] CryptoPkg: Separate auto-generated openssl config and edk2 openssl config

Move auto-generated openssl config to openssl/opensslconf_generated, And openssl/opensslconf.h will contain both edk2 conditional openssl feature and openssl/opensslconf_generated. Will make two part more clear. New conditional feture code in opensslconf.h will look like: /* Autogenerated

[edk2-devel] [PATCH V4 0/5] CryptoPkg/openssl: Enable EC conditionally.

Recommend from Gerd: (2) Keep the EC config option, but update process_files.pl to automatically add the PcdEcEnabled config option handling to the files it generates. This patch set does (2). When remove 'no-ec' from openssl configure list, will automatically remove 'OPENSSL_NO_EC',

[edk2-devel] [PATCH V4 1/5] CryptoPkg: Rename PCD about openssl EC configuration

PcdOpensslXXXEnabled is a more appropriate choice. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.dec | 2 +- .../Library/BaseCryptLib/BaseCryptLib.inf | 2 +- .../Library/BaseCryptLib/PeiCryptLib.inf

[edk2-devel] [PATCH V3 5/5] CryptoPkg/openssl: disable codestyle checks for generated files

Files generated by process_files.pl from openssl sources should not be checked for edk2 code style. Signed-off-by: Gerd Hoffmann Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.ci.yaml | 14 +- 1 file changed, 13

[edk2-devel] [PATCH V2 5/5] CryptoPkg/openssl: disable codestyle checks for generated files

Files generated by process_files.pl from openssl sources should not be checked for edk2 code style. Signed-off-by: Gerd Hoffmann Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.ci.yaml | 11 +++ 1 file changed, 11

[edk2-devel] [PATCH V2 4/5] CryptoPkg/openssl: update generated files

Run process_files.pl with the current openssl submodule version. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Gerd Hoffmann --- CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +- .../Library/Include/openssl/opensslconf.h | 17 ++

[edk2-devel] [PATCH V2 3/5] CryptoPkg: Update process_files.pl to automatically add PCD config option

Recommend from Gerd: (2) Keep the EC config option, but update process_files.pl to automatically add the PcdEcEnabled config option handling to the files it generates. When remove 'no-ec' from openssl configure list, will automatically remove 'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH',

[edk2-devel] [PATCH V2 2/5] CryptoPkg: Separate auto-generated openssl config and edk2 openssl config

Move auto-generated openssl config to opensslconf_generated.h, And opensslconf.h will contain both edk2 conditional openssl feature and opensslconf_generated.h. Will make two part more clear. New conditional feture code in opensslconf.h will look like: /* Autogenerated conditional openssl

[edk2-devel] [PATCH V2 1/5] CryptoPkg: Rename PCD about openssl EC configuration

PcdOpensslXXXEnabled is a more appropriate choice. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.dec | 2 +- .../Library/BaseCryptLib/BaseCryptLib.inf | 2 +- .../Library/BaseCryptLib/PeiCryptLib.inf

[edk2-devel] [PATCH V2 0/5] CryptoPkg/openssl: Enable EC conditionally.

Recommend from Gerd: (2) Keep the EC config option, but update process_files.pl to automatically add the PcdEcEnabled config option handling to the files it generates. This patch set does (2). When remove 'no-ec' from openssl configure list, will automatically remove 'OPENSSL_NO_EC',

Re: [edk2-devel] [PATCH 3/3] CryptoPkg/openssl: update generated files

Yes it does come from running the generated files though uncrustify once last year when uncrustify was introduced: https://github.com/tianocore/edk2/commit/7c342378317039e632d9a1a5d4cf7c21aec8cb7a I can remove those change next patch to avoid confusion. Thank you, Yi -Original

Re: [edk2-devel] [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option

Sounds good, I like this idea which make openssl generated part and edk2 conditional part more clear. Thank you, Yi -Original Message- From: devel@edk2.groups.io On Behalf Of Gerd Hoffmann Sent: Monday, May 9, 2022 5:34 PM To: Li, Yi1 Cc: devel@edk2.groups.io; Yao, Jiewen ; Wang,

Re: [edk2-devel] [PATCH 3/3] CryptoPkg/openssl: update generated files

Hi, Changes to this file are automatically generated by perl script. Modified them before to follow edk2 code style. Gerd thinks files generated by process_files.pl from openssl sources should not be checked for edk2 code style, I agree with him. So the changes are back. -Original

[edk2-devel] [PATCH 3/3] CryptoPkg/openssl: update generated files

Run process_files.pl with the current openssl submodule version. Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Gerd Hoffmann --- CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +- .../Library/Include/openssl/opensslconf.h | 266

[edk2-devel] [PATCH 2/3] CryptoPkg/openssl: disable codestyle checks for generated files

Files generated by process_files.pl from openssl sources should not be checked for edk2 code style. Signed-off-by: Gerd Hoffmann Signed-off-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.ci.yaml | 10 ++ 1 file changed, 10

[edk2-devel] [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option

Recommend from Gerd: (2) Keep the EC config option, but update process_files.pl to automatically add the PcdEcEnabled config option handling to the files it generates. When remove 'no-ec' from openssl configure list, will automatically remove 'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH',

[edk2-devel] [PATCH 0/3] CryptoPkg/openssl: Enable EC conditionally.

Recommend for Gerd: (2) Keep the EC config option, but update process_files.pl to automatically add the PcdEcEnabled config option handling to the files it generates. This patch set does (2). When remove 'no-ec' from openssl configure list, will automatically remove 'OPENSSL_NO_EC',

Re: [edk2-devel] [PATCH 1/1] MdePkg: Add WPA3 related TLS configure macro

or if we miss something else. Thank you Yao, Jiewen > -Original Message----- > From: devel@edk2.groups.io<mailto:devel@edk2.groups.io> > mailto:devel@edk2.groups.io>> On Behalf Of yi1 li > Sent: Wednesday, May 4, 2022 5:31 PM > To: devel@edk2.groups.

Re: [edk2-devel] [PATCH 1/1] MdePkg: Add WPA3 related TLS configure macro

Thank you Yao, Jiewen > -Original Message- > From: devel@edk2.groups.io On Behalf Of yi1 li > Sent: Wednesday, May 4, 2022 5:31 PM > To: devel@edk2.groups.io > Cc: Li, Yi1 ; Kinney, Michael D > ; Gao, Liming > Subject: [edk2-devel] [PATCH 1/1] MdePkg: Add WPA3 related TL

[edk2-devel] [PATCH 1/1] MdePkg: Add WPA3 related TLS configure macro

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3892 Which are needed for SUITE-B and SUITE-B-192. Cc: Michael D Kinney Cc: Liming Gao Signed-off-by: yi1 li --- MdePkg/Include/IndustryStandard/Tls1.h | 133 ++--- 1 file changed, 97 insertions(+), 36 deletions(-) diff

Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able

e is not handled yet. The edk2 CI doesn't seem to build modules relying on OpenSSL due to the CONTINUOUS_INTEGRATION flag, explaining why the patch passed the CI I think. I added Bob as I think he knows more about BaseTools. Regards, Pierre On 4/18/22 15:03, yi1 li via groups.i

[edk2-devel] [PATCH 1/1] CryptoPkg: Declare PcdEcEnabled in Library consuming OpensslLib

From: Yi Li REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679 REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828 Tls/Base/Pei/Smm/RuntimeCryptLib.inf will use OpensslLib, and the opensslconf.h in openssllib will use PcdEcEnabled, but it is not declared in the inf file now, it will

Re: [edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows

ups.io On Behalf Of yi1 li > Sent: Monday, April 18, 2022 6:03 AM > To: devel@edk2.groups.io > Cc: Li, Yi1 > Subject: [edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to > support building ECC on IA32 windows > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679 >

[edk2-devel] [PATCH 4/4] CryptoPkg: Add PcdEcEnabled to Base/Pei/SmmCryptLib.inf

compilers Signed-off-by: yi1 li --- CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +++ CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf| 3 +++ CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf| 3 +++ CryptoPkg/Library/OpensslLib/OpensslLib.inf | 3 +-- CryptoPkg/Library/OpensslLib

[edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able

will not be compiled. Signed-off-by: yi1 li --- CryptoPkg/CryptoPkg.dec | 4 + .../Library/Include/openssl/opensslconf.h | 7 +- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 95 ++- .../Library/OpensslLib/OpensslLibCrypto.inf | 95 ++- 4 files

[edk2-devel] [PATCH 2/4] CryptoPkg: Reconfigure OpensslLib to add EC algorithms

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679 REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828 Reconfigure OpensslLib to add elliptic curve cipher algorithms. Signed-off-by: yi1 li --- .../Library/Include/openssl/opensslconf.h | 3 -- CryptoPkg/Library/OpensslLib

[edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679 This dependency is needed to build openssl lib with ECC ciphers under IA32 Windows and adds implementation for _allmul and _allshr instrinsics. It is taken from Project Mu: microsoft/mu_basecore@b55b341 Signed-off-by: yi1 li

[edk2-devel] [PATCH 0/4] !!TEST Fix warnings of EC feature

As subject. yi1 li (4): CryptoPkg: Add instrinsics to support building ECC on IA32 windows CryptoPkg: Reconfigure OpensslLib to add EC algorithms CryptoPkg: Make EC source file config-able CryptoPkg: Add PcdEcEnabled to Base/Pei/SmmCryptLib.inf CryptoPkg/CryptoPkg.dec

[edk2-devel] [PATCH 1/1] BaseTools: Move gPlatformFinalPcd to Datapipe and optimize size

gPlatformFinalPcd into datapipe and modifies the assignment logicto fix this. Cc: Bob Feng Cc: Liming Gao Signed-off-by: yi1 li --- BaseTools/Source/Python/AutoGen/AutoGenWorker.py | 1 + BaseTools/Source/Python/AutoGen/DataPipe.py | 2 ++ BaseTools/Source/Python/Workspace/DscBuildData.py | 1

Re: [edk2-devel] [PATCH 0/3] CryptoPkg: Enable ECC in openssllib by a customize-able way

| CryptPei.efi | CryptSmm.efi | > Before | 815,616| 540,544| 563,712| > Diabled | 815,616| 540,544| 563,712| > Enabled | 1,008,352 | 721,408 | 744,832 | > > Cc: Jiewen Yao > Cc: Jian J Wang > > Signed-off-by

[edk2-devel] [PATCH V2 3/3] CryptoPkg: Make EC source file config-able

will not be compiled. Cc: Jiewen Yao Cc: Jian J Wang Signed-off-by: yi1 li --- CryptoPkg/CryptoPkg.dec | 4 + .../Library/Include/openssl/opensslconf.h | 7 +- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 95 ++- .../Library/OpensslLib/OpensslLibCrypto.inf | 95

[edk2-devel] [PATCH V2 2/3] CryptoPkg: Reconfigure OpensslLib to add EC algorithms

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679 REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828 Reconfigure OpensslLib to add elliptic curve cipher algorithms. Cc: Jiewen Yao Cc: Jian J Wang Signed-off-by: yi1 li --- .../Library/Include/openssl/opensslconf.h | 3

[edk2-devel] [PATCH V2 1/3] CryptoPkg: Add instrinsics to support building ECC on IA32 windows

Signed-off-by: yi1 li --- .../Library/IntrinsicLib/Ia32/MathLlmul.asm | 98 +++ .../Library/IntrinsicLib/Ia32/MathLlshr.asm | 78 +++ .../Library/IntrinsicLib/IntrinsicLib.inf | 2 + 3 files changed, 178 insertions(+) create mode 100644 CryptoPkg/Library

[edk2-devel] [PATCH 3/3] CryptoPkg: Make EC source file config-able

will not be compiled. Cc: Jiewen Yao Cc: Jian J Wang Signed-off-by: yi1 li --- CryptoPkg/CryptoPkg.dec | 4 + .../Library/Include/openssl/opensslconf.h | 7 +- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 96 ++- .../Library/OpensslLib/OpensslLibCrypto.inf | 96

[edk2-devel] [PATCH 2/3] CryptoPkg: Reconfigure OpensslLib to add EC algorithms

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679 REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828 Reconfigure OpensslLib to add elliptic curve cipher algorithms. Cc: Jiewen Yao Cc: Jian J Wang Signed-off-by: yi1 li --- .../Library/Include/openssl/opensslconf.h | 3

[edk2-devel] [PATCH 1/3] CryptoPkg: Add instrinsics to support building ECC on IA32 windows

Signed-off-by: yi1 li --- .../Library/IntrinsicLib/Ia32/MathLlmul.asm | 98 +++ .../Library/IntrinsicLib/Ia32/MathLlshr.asm | 78 +++ .../Library/IntrinsicLib/IntrinsicLib.inf | 2 + 3 files changed, 178 insertions(+) create mode 100644 CryptoPkg/Library

[edk2-devel] [PATCH 0/3] CryptoPkg: Enable ECC in openssllib by a customize-able way

| 1,008,352 | 721,408| 744,832| Cc: Jiewen Yao Cc: Jian J Wang Signed-off-by: yi1 li yi1 li (3): CryptoPkg: Add instrinsics to support building ECC on IA32 windows CryptoPkg: Reconfigure OpensslLib to add EC algorithms CryptoPkg: Make EC source file config-able CryptoPkg

[edk2-devel] [PATCH 1/1] CryptoPkg: Add consumed library class by SMM to dsc file

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3881 LibraryClass MmServicesTableLib SynchronizationLib in SmmCryptLib.inf should be listed in CryptoPkg.dsc. Cc: Jiewen Yao Cc: Jian J Wang Cc: Zhihao Li Signed-off-by: yi1 li --- CryptoPkg/CryptoPkg.dsc | 2 ++ 1 file changed, 2

[edk2-devel] [PATCH V3 1/1] BaseTools: Add the FeatureFlagExpression usage to the Source Section

From: Yi Li REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828 FeatureFlagExpression Support in Source section of INF file. The Pcd value in the expression is from INF or DEC. When a FeatureFlagExpression is present,if the expression evaluates to TRUE,then the entry is valid. If the

[edk2-devel] [PATCH V3 0/1] BaseTools: Add the FeatureFlagExpression usage to the Source Section

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828 FeatureFlagExpression Support in Source section of INF file. The Pcd value in the expression is from INF or DEC. When a FeatureFlagExpression is present,if the expression evaluates to TRUE,then the entry is valid. If the expression evaluates

[edk2-devel] [PATCH 1/2] BaseTools: TEST ONLY1 FeatureFlagExpression

. If the expression evaluates to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Signed-off-by: yi1 li --- BaseTools/Source/Python/Common/Expression.py | 2 +- BaseTools/Source/Python/Common/GlobalData.py | 1 + .../Source/Python/Workspace

[edk2-devel] [PATCH 2/2] BaseTools: TEST ONLY2 FeatureFlagExpression

to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Signed-off-by: yi1 li --- BaseTools/Source/Python/Workspace/InfBuildData.py | 14 ++ .../Source/Python/Workspace/MetaFileParser.py | 4 2 files changed, 14 insertions

[edk2-devel] [PATCH 0/2] BaseTools: TEST ONLY0 FeatureFlagExpression

is valid. If the expression evaluates to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Signed-off-by: yi1 li yi1 li (2): BaseTools:Add the FeatureFlagExpression usage to the InfBuildData BaseTools:Add the FeatureFlagExpression usage

Re: [edk2-devel] [PATCH V2 2/2] BaseTools:Add the FeatureFlagExpression usage to the Source Section

to TRUE,then the entry is valid. If the expression evaluates to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Cc: Bob Feng Cc: Liming Gao Cc: Heng Luo Signed-off-by: yi1 li --- BaseTools/Source/Python/Workspace/InfBuildData.py | 14

[edk2-devel] [PATCH V2 1/2] BaseTools:Add the FeatureFlagExpression usage to the InfBuildData

. If the expression evaluates to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Cc: Bob Feng Cc: Liming Gao Signed-off-by: yi1 li Signed-off-by: Zhiju.Fan --- BaseTools/Source/Python/Common/Expression.py | 2 +- BaseTools/Source/Python

[edk2-devel] [PATCH V2 2/2] BaseTools:Add the FeatureFlagExpression usage to the Source Section

to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Cc: Bob Feng Cc: Liming Gao Cc: Heng Luo Signed-off-by: yi1 li --- BaseTools/Source/Python/Workspace/InfBuildData.py | 14 ++ .../Source/Python/Workspace/MetaFileParser.py

[edk2-devel] [PATCH V2 0/2] BaseTools:Add the FeatureFlagExpression usage to the InfBuildData

is valid. If the expression evaluates to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Cc: Bob Feng Cc: Liming Gao Cc: Heng Luo Signed-off-by: yi1 li Signed-off-by: Zhiju.Fan yi1 li (2): BaseTools:Add the FeatureFlagExpression usage

[edk2-devel] [PATCH 2/2] BaseTools:Add the FeatureFlagExpression usage to the Source Section

to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Cc: Bob Feng Cc: Liming Gao Cc: Heng Luo Signed-off-by: yi1 li --- .../Source/Python/Workspace/InfBuildData.py | 16 +++- .../Source/Python/Workspace/MetaFileParser.py

[edk2-devel] [PATCH 1/2] BaseTools:Add the FeatureFlagExpression usage to the InfBuildData

. If the expression evaluates to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Cc: Bob Feng Cc: Liming Gao Signed-off-by: yi1 li Signed-off-by: Zhiju.Fan --- BaseTools/Source/Python/Common/Expression.py | 2 +- BaseTools/Source/Python

[edk2-devel] [PATCH 0/2] BaseTools:Add the FeatureFlagExpression usage to the InfBuildData

is valid. If the expression evaluates to FALSE, then the EDK II build tools must ignore the entry. This patch is going to add this feature. Cc: Bob Feng Cc: Liming Gao Signed-off-by: yi1 li Signed-off-by: Zhiju.Fan yi1 li (2): BaseTools:Add the FeatureFlagExpression usage to the InfBuildData

  1   2   >