From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95435+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95435+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290932; cv=none; d=zohomail.com; s=zohoarc; b=VwwwDHW/iP0a6THHLEkKTs/bZpdOfwuiq6tD2mVGNsAJMpl2JM5s3vV8bATk4GkjkSbEyZRp6D73C799FkFfgBjR6wARTCpm1Ecpj9X4I0kKwMR82SofKL5o6GmRcnN8o91R63auNrTzVJ/UZalv3NkClXQXS6euGR7/VfzdzRc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290932; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=ztJKIbovqaECZKLLXbTnQy5HYWaR7J2xkNP1/tZNYf0=; b=PW1CekNOZkJwU3qOP6HWMb3PhCs0MmXh5EzjFRCeQ1bXHpLULzUEvck8VtSfwB9fmDdpnHTdfsQAPO79eTq6K84TfKuhbrjYTOfZepn8pDJouUzWFALmXHkM7w3w6CvNYmk0EUMJQEMCH7D9GO2U4ZI0UnBez9HJ0AnytNA9XC4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95435+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 16662909319691017.2150717876626; Thu, 20 Oct 2022 11:35:31 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 22X6YY1788612xdiqXfkr0BB; Thu, 20 Oct 2022 11:35:31 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:30 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523524" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523524" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:30 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427749" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427749" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:30 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 01/16] CryptoPkg: Document and disable deprecated crypto services Date: Thu, 20 Oct 2022 11:34:55 -0700 Message-Id: <20221020183510.1799-2-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: RkdPekVDjTi2LyA9EOCCeqtVx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290931; bh=92uxuMoHrADMW9yxg1y2Tvft8y92q6l4DZikwTqN/qk=; h=Cc:Date:From:Reply-To:Subject:To; b=Cu+ERt9DgvKGHg6yVBsOyAVjUY51bfKxiF+QSwn9awl0zr75G4AdxOysrJG24TZV1XH DbVpStz+0aq/drcmsSbO7FruoF1KHngPSiVjwiVNU3RYUmPznNCdfoBO5rbfwAkXmzFWY 4KxDVUHe2INi+7O9QgYVF6nGyFjWt/WkbD4= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290933720100009 Content-Type: text/plain; charset="utf-8" Also note services that are recommended to be disabled and update CryptoPkg.dsc PcdCryptoServiceFamilyEnable settings to disable all deprecated services. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- CryptoPkg/CryptoPkg.dsc | 10 +- .../Pcd/PcdCryptoServiceFamilyEnable.h | 122 ++++++++++-------- 2 files changed, 77 insertions(+), 55 deletions(-) diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 8c6906acf006..032b9e637737 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -151,7 +151,6 @@ [PcdsFixedAtBuild] !if $(CRYPTO_SERVICES) IN "PACKAGE ALL" gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md5.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY @@ -161,8 +160,10 @@ [PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tdes.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY @@ -173,7 +174,7 @@ [PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Fa= mily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family = | 0 + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY !endif =20 !if $(CRYPTO_SERVICES) =3D=3D MIN_PEI @@ -217,6 +218,7 @@ [PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h b/CryptoP= kg/Include/Pcd/PcdCryptoServiceFamilyEnable.h index f1f5084e70f4..74eaf44cca3e 100644 --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h @@ -1,6 +1,26 @@ /** @file Defines the PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure associated with - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable. + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable that is used + to enable/disable crypto services at either the family scope or the + individual service scope. Platforms can minimize the number of enabled + services to reduce size. + + The following services have been deprecated and must never be enabled. + The associated fields in this data structure are never removed or replac= ed + to preseve the binary layout of the data structure. New services are + always added to the end of the data structure. + * HmacMd5 family + * HmacSha1 family + * Md4 family + * Md5 family + * Tdes family + * Arc4 family + * Aes.Services.EcbEncrypt service + * Aes.Services.EcbDecrypt service + + Is is recommended that the following services always be disabled and may + be deprecated in the future. + * Sha1 family =20 Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -25,25 +45,25 @@ typedef struct { union { struct { - UINT8 New : 1; - UINT8 Free : 1; - UINT8 SetKey : 1; - UINT8 Duplicate : 1; - UINT8 Update : 1; - UINT8 Final : 1; + UINT8 New : 1; // Deprecated + UINT8 Free : 1; // Deprecated + UINT8 SetKey : 1; // Deprecated + UINT8 Duplicate : 1; // Deprecated + UINT8 Update : 1; // Deprecated + UINT8 Final : 1; // Deprecated } Services; - UINT32 Family; + UINT32 Family; // Deprecated } HmacMd5; union { struct { - UINT8 New : 1; - UINT8 Free : 1; - UINT8 SetKey : 1; - UINT8 Duplicate : 1; - UINT8 Update : 1; - UINT8 Final : 1; + UINT8 New : 1; // Deprecated + UINT8 Free : 1; // Deprecated + UINT8 SetKey : 1; // Deprecated + UINT8 Duplicate : 1; // Deprecated + UINT8 Update : 1; // Deprecated + UINT8 Final : 1; // Deprecated } Services; - UINT32 Family; + UINT32 Family; // Deprecated } HmacSha1; union { struct { @@ -71,26 +91,26 @@ typedef struct { } HmacSha384; union { struct { - UINT8 GetContextSize : 1; - UINT8 Init : 1; - UINT8 Duplicate : 1; - UINT8 Update : 1; - UINT8 Final : 1; - UINT8 HashAll : 1; + UINT8 GetContextSize : 1; // Deprecated + UINT8 Init : 1; // Deprecated + UINT8 Duplicate : 1; // Deprecated + UINT8 Update : 1; // Deprecated + UINT8 Final : 1; // Deprecated + UINT8 HashAll : 1; // Deprecated } Services; - UINT32 Family; + UINT32 Family; // Deprecated } Md4; union { struct { - UINT8 GetContextSize : 1; - UINT8 Init : 1; - UINT8 Duplicate : 1; - UINT8 Update : 1; - UINT8 Final : 1; - UINT8 HashAll : 1; + UINT8 GetContextSize : 1; // Deprecated + UINT8 Init : 1; // Deprecated + UINT8 Duplicate : 1; // Deprecated + UINT8 Update : 1; // Deprecated + UINT8 Final : 1; // Deprecated + UINT8 HashAll : 1; // Deprecated } Services; UINT32 Family; - } Md5; + } Md5; // Deprecated union { struct { UINT8 Pkcs1v2Encrypt : 1; @@ -143,14 +163,14 @@ typedef struct { } Rsa; union { struct { - UINT8 GetContextSize : 1; - UINT8 Init : 1; - UINT8 Duplicate : 1; - UINT8 Update : 1; - UINT8 Final : 1; - UINT8 HashAll : 1; + UINT8 GetContextSize : 1; // Recommend disable + UINT8 Init : 1; // Recommend disable + UINT8 Duplicate : 1; // Recommend disable + UINT8 Update : 1; // Recommend disable + UINT8 Final : 1; // Recommend disable + UINT8 HashAll : 1; // Recommend disable } Services; - UINT32 Family; + UINT32 Family; // Recommend disable } Sha1; union { struct { @@ -216,21 +236,21 @@ typedef struct { } X509; union { struct { - UINT8 GetContextSize : 1; - UINT8 Init : 1; - UINT8 EcbEncrypt : 1; - UINT8 EcbDecrypt : 1; - UINT8 CbcEncrypt : 1; - UINT8 CbcDecrypt : 1; + UINT8 GetContextSize : 1; // Deprecated + UINT8 Init : 1; // Deprecated + UINT8 EcbEncrypt : 1; // Deprecated + UINT8 EcbDecrypt : 1; // Deprecated + UINT8 CbcEncrypt : 1; // Deprecated + UINT8 CbcDecrypt : 1; // Deprecated } Services; - UINT32 Family; + UINT32 Family; // Deprecated } Tdes; union { struct { UINT8 GetContextSize : 1; UINT8 Init : 1; - UINT8 EcbEncrypt : 1; - UINT8 EcbDecrypt : 1; + UINT8 EcbEncrypt : 1; // Deprecated + UINT8 EcbDecrypt : 1; // Deprecated UINT8 CbcEncrypt : 1; UINT8 CbcDecrypt : 1; } Services; @@ -238,13 +258,13 @@ typedef struct { } Aes; union { struct { - UINT8 GetContextSize : 1; - UINT8 Init : 1; - UINT8 Encrypt : 1; - UINT8 Decrypt : 1; - UINT8 Reset : 1; + UINT8 GetContextSize : 1; // Deprecated + UINT8 Init : 1; // Deprecated + UINT8 Encrypt : 1; // Deprecated + UINT8 Decrypt : 1; // Deprecated + UINT8 Reset : 1; // Deprecated } Services; - UINT32 Family; + UINT32 Family; // Deprecated } Arc4; union { struct { --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95435): https://edk2.groups.io/g/devel/message/95435 Mute This Topic: https://groups.io/mt/94460291/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95436+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95436+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290932; cv=none; d=zohomail.com; s=zohoarc; b=M7b2iOxR0dlluygGmKjKo+QmnM1c9ywU6FDM/PEiuBbdQX500+Zg+64KxBk9sVf6kTnNceaVPNtBHx2FzbBaMdgAtcQsJPUyxBIQP+Wznbkj0tY6ClRWmtMBBScaGJEK0iKOl3kOmCti6c6WQqTDkunIHTcXKDyBNnb54/NnMXk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290932; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=opCh990ody8FVujk04wgfjufS+Izl4+XRlyuMjL/XZs=; b=iWCuv/umz+nJKnjkT2lrRY6kG7e5Tk/pN1eTfNEgU9RqCwx+4O3jeafI9jp79MHTqE59atPa+NEl7CFlyDgDEcxaIGpsm5VhAaVTnM1gvRbnCCqyUVeDAXvmtTymiPDnbkYK+L6EB5ss819yzv6zAnBfiodDD0MJ1UrQ1rAllLs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95436+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290932824946.153515930821; Thu, 20 Oct 2022 11:35:32 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id SAzBYY1788612xEX3xHTWMfR; Thu, 20 Oct 2022 11:35:32 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:31 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523527" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523527" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:31 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427758" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427758" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:30 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 02/16] CryptoPkg/Library/BaseCryptLib: Add missing UNI file and fix format Date: Thu, 20 Oct 2022 11:34:56 -0700 Message-Id: <20221020183510.1799-3-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: cKdeKEPTNxGO850U4kStkCNvx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290932; bh=TOh6sRjGhllixHQ7pEq5iG+v4gUgcKCtoDtA7QyMZrY=; h=Cc:Date:From:Reply-To:Subject:To; b=J1a8O1e7cDes8rGLHyqmeAg9saS/G4/uR0MTb8p24YETvfle6O9/+HOADoT+0wsVk9k OoDX0di7L0zMuFJIaMTGnSR8mOW/aEDxGU4TTxEpCuxq8Vz248/FjgXQfFsspob7CAOSu 6TctswG/dMtqeOTHj7+uCekp2T2MnG8+XYw= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290933735100010 Content-Type: text/plain; charset="utf-8" Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- CryptoPkg/Library/BaseCryptLib/BaseCryptLib.uni | 2 -- CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni | 2 -- CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni | 2 -- CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf | 1 + .../BaseCryptLib/{SmmCryptLib.uni =3D> SecCryptLib.uni} | 11 ++--------- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni | 2 -- 6 files changed, 3 insertions(+), 17 deletions(-) copy CryptoPkg/Library/BaseCryptLib/{SmmCryptLib.uni =3D> SecCryptLib.uni}= (74%) diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.uni b/CryptoPkg/Li= brary/BaseCryptLib/BaseCryptLib.uni index ed1852efbe04..d9d53d099c4e 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.uni @@ -12,8 +12,6 @@ // // **/ =20 - #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Lib= rary Instance for DXE_DRIVER" =20 #string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow." - diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni b/CryptoPkg/Lib= rary/BaseCryptLib/PeiCryptLib.uni index 20ae64e8bf1a..8cffc00daf5d 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni @@ -18,8 +18,6 @@ // // **/ =20 - #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Lib= rary Instance for PEIM" =20 #string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: AES = functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie= -Hellman functions, X.509 certificate handler functions, authenticode signa= ture verification functions, PEM handler functions, and pseudorandom number= generator functions are not supported in this instance." - diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni b/CryptoPkg= /Library/BaseCryptLib/RuntimeCryptLib.uni index 0cf378c5ab84..786738a99d73 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni @@ -17,8 +17,6 @@ // // **/ =20 - #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Lib= rary Instance for DXE_RUNTIME_DRIVER" =20 #string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: AES = functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie= -Hellman functions, and authenticode signature verification functions are n= ot supported in this instance." - diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SecCryptLib.inf index 0b1dd31c411c..4f652be46a82 100644 --- a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf @@ -14,6 +14,7 @@ [Defines] INF_VERSION =3D 0x00010005 BASE_NAME =3D SecCryptLib + MODULE_UNI_FILE =3D SecCryptLib.uni FILE_GUID =3D 3689D343-0D32-4284-8053-BF10537990E8 MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni b/CryptoPkg/Lib= rary/BaseCryptLib/SecCryptLib.uni similarity index 74% copy from CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni copy to CryptoPkg/Library/BaseCryptLib/SecCryptLib.uni index f0c33abbcf22..c0dd1eb0f351 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.uni @@ -1,24 +1,17 @@ // /** @file -// Cryptographic Library Instance for SMM driver. +// Cryptographic Library Instance for SEC driver. // // Caution: This module requires additional review when modified. // This library will have external input - signature. // This external input must be validated carefully to avoid security issue= s such as // buffer overflow or integer overflow. // -// Note: AES -// functions, RSA external functions, PKCS#7 SignedData sign functions, -// Diffie-Hellman functions, and authenticode signature verification funct= ions are -// not supported in this instance. -// // Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
// // SPDX-License-Identifier: BSD-2-Clause-Patent // // **/ =20 - -#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Lib= rary Instance for SMM driver" +#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Lib= rary Instance for SEC driver" =20 #string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: AES = functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie= -Hellman functions, and authenticode signature verification functions are n= ot supported in this instance." - diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni b/CryptoPkg/Lib= rary/BaseCryptLib/SmmCryptLib.uni index f0c33abbcf22..7e0f55f792e1 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni @@ -17,8 +17,6 @@ // // **/ =20 - #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Lib= rary Instance for SMM driver" =20 #string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: AES = functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie= -Hellman functions, and authenticode signature verification functions are n= ot supported in this instance." - --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95436): https://edk2.groups.io/g/devel/message/95436 Mute This Topic: https://groups.io/mt/94460292/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95437+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95437+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290933; cv=none; d=zohomail.com; s=zohoarc; b=AFdS5rtbXVkqoNXzcR30mYavAHQF8xSv+8kxFnv/t4uhR5H/1nApsHU+XPJSL1rm7ha5pOtWwUw8iFBHYEP65pXq9D0cxxPbNCA7HsHUfmcPDhSq4fXh4SC62+jOhZ79/jIa6EIt2VcYftJ5I/Po2vWDy6jNyFtksUc2Uwxxhyg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290933; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=uZ32OeBsNILjVt8q07zJkQUUyQ1N2bHIqS8gCipkYVU=; b=JAsTUFqVQG72FzJZXA2GoneYzc0KPc4KQNNmk9vsOZzV5QnFN8XO07NqB5X3AaPT2YDNiaJOuLRkWrZpj0HrhwTF34KHICDoOs48DkoRG+QpcW3DlFvYy7UFHB/Dw/BG0ROOofR9CZJ1sdmpOVe3xUf+XdudxEO3zmj8rgJlsNU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95437+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290933213912.6503567258178; Thu, 20 Oct 2022 11:35:33 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id fViaYY1788612x5lfNw7Pdwx; Thu, 20 Oct 2022 11:35:32 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:31 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523530" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523530" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:31 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427764" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427764" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:31 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 03/16] CryptoPkg/Library/BaseCryptLib: Update internal functions/variables Date: Thu, 20 Oct 2022 11:34:57 -0700 Message-Id: <20221020183510.1799-4-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: noWfNrUZvkeP10exEQVesIM7x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290932; bh=2cLXwE/mrjBc+Dbs1lEu034Nmi68hX23U7+Nc/YXk5M=; h=Cc:Date:From:Reply-To:Subject:To; b=l6CE5aKwGA923+H34HnmOU9AFVmBhFs4fYZQa6dfG8hc0xcdDqxNgSblUYiAkz27OEX 0FAJ1C5UWZqoneUgRI2/sbhOdXr0xgLEmYsDW1yjRUycEQd9IvtUAHxuavZyx+oMlUNuO dPBy99weZUh4fVrJRbVn7ilZJcmEEZ6ZZiw= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290933743100011 Content-Type: text/plain; charset="utf-8" * Update BaseCryptLib internal worker functions to be 'STATIC' * Update BaseCryptLib internal working functions to not use EFIAPI * Add GLOBAL_REMOVE_IF_UNREFERENCED to BaseCryptLib global variables Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- CryptoPkg/CryptoPkg.ci.yaml | 3 +- .../Library/BaseCryptLib/Hmac/CryptHmac.c | 7 +++ .../Library/BaseCryptLib/Kdf/CryptHkdf.c | 5 ++- .../BaseCryptLib/Pk/CryptAuthenticode.c | 2 +- .../BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c | 3 +- .../BaseCryptLib/Pk/CryptPkcs7VerifyEku.c | 3 ++ CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c | 44 +++++++++++++------ 7 files changed, 50 insertions(+), 17 deletions(-) diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml index 2fa3a3d5ee05..ca129d6ae56c 100644 --- a/CryptoPkg/CryptoPkg.ci.yaml +++ b/CryptoPkg/CryptoPkg.ci.yaml @@ -24,7 +24,8 @@ "ExceptionList": [ "8001", "IsLeap", "8001", "OBJ_get0_data", - "8001", "OBJ_length" + "8001", "OBJ_length", + "5005", "X509PopCertificate" ], ## Both file path and directory path are accepted. "IgnoreFiles": [ diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c b/CryptoPkg/Li= brary/BaseCryptLib/Hmac/CryptHmac.c index 2786267a0be1..1ae33b6709cb 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c @@ -16,6 +16,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent If the allocations fails, HmacMdNew() returns NULL. =20 **/ +STATIC VOID * HmacMdNew ( VOID @@ -33,6 +34,7 @@ HmacMdNew ( @param[in] HmacMdCtx Pointer to the HMAC_CTX context to be released. =20 **/ +STATIC VOID HmacMdFree ( IN VOID *HmacMdCtx @@ -59,6 +61,7 @@ HmacMdFree ( @retval FALSE The Key is set unsuccessfully. =20 **/ +STATIC BOOLEAN HmacMdSetKey ( IN CONST EVP_MD *Md, @@ -94,6 +97,7 @@ HmacMdSetKey ( @retval FALSE HMAC-MD context copy failed. =20 **/ +STATIC BOOLEAN HmacMdDuplicate ( IN CONST VOID *HmacMdContext, @@ -132,6 +136,7 @@ HmacMdDuplicate ( @retval FALSE HMAC-MD data digest failed. =20 **/ +STATIC BOOLEAN HmacMdUpdate ( IN OUT VOID *HmacMdContext, @@ -183,6 +188,7 @@ HmacMdUpdate ( @retval FALSE HMAC-MD digest computation failed. =20 **/ +STATIC BOOLEAN HmacMdFinal ( IN OUT VOID *HmacMdContext, @@ -233,6 +239,7 @@ HmacMdFinal ( @retval FALSE This interface is not supported. =20 **/ +STATIC BOOLEAN HmacMdAll ( IN CONST EVP_MD *Md, diff --git a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c b/CryptoPkg/Lib= rary/BaseCryptLib/Kdf/CryptHkdf.c index ffaf5fb131ac..34e81246ed0d 100644 --- a/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c +++ b/CryptoPkg/Library/BaseCryptLib/Kdf/CryptHkdf.c @@ -6,7 +6,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 -#include +#include "InternalCryptLib.h" #include #include =20 @@ -27,6 +27,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent @retval FALSE Hkdf generation failed. =20 **/ +STATIC BOOLEAN HkdfMdExtractAndExpand ( IN CONST EVP_MD *Md, @@ -95,6 +96,7 @@ HkdfMdExtractAndExpand ( @retval false Hkdf generation failed. =20 **/ +STATIC BOOLEAN HkdfMdExtract ( IN CONST EVP_MD *Md, @@ -174,6 +176,7 @@ HkdfMdExtract ( @retval FALSE Hkdf generation failed. =20 **/ +STATIC BOOLEAN HkdfMdExpand ( IN CONST EVP_MD *Md, diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/Crypto= Pkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c index aa4a33364d92..6b0dddd4af55 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c @@ -23,7 +23,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent // // OID ASN.1 Value for SPC_INDIRECT_DATA_OBJID // -UINT8 mSpcIndirectOidValue[] =3D { +GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mSpcIndirectOidValue[] =3D { 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x02, 0x01, 0x04 }; =20 diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c b/C= ryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c index f8028181e47f..4e5a14e35210 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c @@ -22,7 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include =20 -UINT8 mOidValue[9] =3D { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, = 0x02 }; +GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mOidValue[9] =3D { 0x2A, 0x86, = 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 }; =20 /** Check input P7Data is a wrapped ContentInfo structure or not. If not con= struct @@ -145,6 +145,7 @@ WrapPkcs7Data ( @retval FALSE The pop operation failed. =20 **/ +STATIC BOOLEAN X509PopCertificate ( IN VOID *X509Stack, diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c b/Cryp= toPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c index 833b29ae9755..63cd49434e71 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyEku.c @@ -62,6 +62,7 @@ @retval EFI_NOT_FOUND The number of signers found was not 1. =20 **/ +STATIC EFI_STATUS GetSignerCertificate ( IN CONST PKCS7 *CertChain, @@ -132,6 +133,7 @@ GetSignerCertificate ( @retval EFI_NOT_FOUND One or more EKU's were not found in th= e signature. =20 **/ +STATIC EFI_STATUS IsEkuInCertificate ( IN CONST X509 *Cert, @@ -255,6 +257,7 @@ IsEkuInCertificate ( @retval EFI_INVALID_PARAMETER A parameter was invalid. @retval EFI_NOT_FOUND One or more EKU's were not found in th= e signature. **/ +STATIC EFI_STATUS CheckEKUs ( IN CONST X509 *SignerCert, diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c b/CryptoPkg/Librar= y/BaseCryptLib/Pk/CryptTs.c index f118f2e9d6aa..027dbb6842dc 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c @@ -21,7 +21,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent // // OID ASN.1 Value for SPC_RFC3161_OBJID ("1.3.6.1.4.1.311.3.3.1") // -UINT8 mSpcRFC3161OidValue[] =3D { +GLOBAL_REMOVE_IF_UNREFERENCED const UINT8 mSpcRFC3161OidValue[] =3D { 0x2b, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x03, 0x03, 0x01 }; =20 @@ -43,11 +43,17 @@ typedef struct { // // ASN.1 Functions for TS_MESSAGE_IMPRINT // -DECLARE_ASN1_FUNCTIONS (TS_MESSAGE_IMPRINT) -ASN1_SEQUENCE (TS_MESSAGE_IMPRINT) =3D { +GLOBAL_REMOVE_IF_UNREFERENCED +DECLARE_ASN1_FUNCTIONS ( + TS_MESSAGE_IMPRINT + ) +ASN1_SEQUENCE (TS_MESSAGE_IMPRINT) =3D +{ ASN1_SIMPLE (TS_MESSAGE_IMPRINT, HashAlgorithm, X509_ALGOR), ASN1_SIMPLE (TS_MESSAGE_IMPRINT, HashedMessage, ASN1_OCTET_STRING) -} ASN1_SEQUENCE_END (TS_MESSAGE_IMPRINT) +} + +ASN1_SEQUENCE_END (TS_MESSAGE_IMPRINT) IMPLEMENT_ASN1_FUNCTIONS (TS_MESSAGE_IMPRINT) =20 /// @@ -68,12 +74,18 @@ typedef struct { // // ASN.1 Functions for TS_ACCURACY // -DECLARE_ASN1_FUNCTIONS (TS_ACCURACY) -ASN1_SEQUENCE (TS_ACCURACY) =3D { +GLOBAL_REMOVE_IF_UNREFERENCED +DECLARE_ASN1_FUNCTIONS ( + TS_ACCURACY + ) +ASN1_SEQUENCE (TS_ACCURACY) =3D +{ ASN1_OPT (TS_ACCURACY, Seconds, ASN1_INTEGER), ASN1_IMP_OPT (TS_ACCURACY, Millis, ASN1_INTEGER, 0), ASN1_IMP_OPT (TS_ACCURACY, Micros, ASN1_INTEGER, 1) -} ASN1_SEQUENCE_END (TS_ACCURACY) +} + +ASN1_SEQUENCE_END (TS_ACCURACY) IMPLEMENT_ASN1_FUNCTIONS (TS_ACCURACY) =20 /// @@ -114,8 +126,12 @@ typedef struct { // // ASN.1 Functions for TS_TST_INFO // -DECLARE_ASN1_FUNCTIONS (TS_TST_INFO) -ASN1_SEQUENCE (TS_TST_INFO) =3D { +GLOBAL_REMOVE_IF_UNREFERENCED +DECLARE_ASN1_FUNCTIONS ( + TS_TST_INFO + ) +ASN1_SEQUENCE (TS_TST_INFO) =3D +{ ASN1_SIMPLE (TS_TST_INFO, Version, ASN1_INTEGER), ASN1_SIMPLE (TS_TST_INFO, Policy, ASN1_OBJECT), ASN1_SIMPLE (TS_TST_INFO, MessageImprint, TS_MESSAGE_IMPRIN= T), @@ -126,7 +142,9 @@ ASN1_SEQUENCE (TS_TST_INFO) =3D { ASN1_OPT (TS_TST_INFO, Nonce, ASN1_INTEGER), ASN1_EXP_OPT (TS_TST_INFO, Tsa, GENERAL_NAME, = 0), ASN1_IMP_SEQUENCE_OF_OPT (TS_TST_INFO, Extensions, X509_EXTENSION, = 1) -} ASN1_SEQUENCE_END (TS_TST_INFO) +} + +ASN1_SEQUENCE_END (TS_TST_INFO) IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO) =20 /** @@ -139,8 +157,8 @@ IMPLEMENT_ASN1_FUNCTIONS (TS_TST_INFO) @retval FALSE Invalid parameters. =20 **/ +STATIC BOOLEAN -EFIAPI ConvertAsn1TimeToEfiTime ( IN ASN1_TIME *Asn1Time, OUT EFI_TIME *EfiTime @@ -222,8 +240,8 @@ ConvertAsn1TimeToEfiTime ( @retval FALSE Invalid TimeStamp Token Information. =20 **/ +STATIC BOOLEAN -EFIAPI CheckTSTInfo ( IN CONST TS_TST_INFO *TstInfo, IN CONST UINT8 *TimestampedData, @@ -352,8 +370,8 @@ CheckTSTInfo ( @retval FALSE Invalid timestamp token. =20 **/ +STATIC BOOLEAN -EFIAPI TimestampTokenVerify ( IN CONST UINT8 *TSToken, IN UINTN TokenSize, --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95437): https://edk2.groups.io/g/devel/message/95437 Mute This Topic: https://groups.io/mt/94460294/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95438+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95438+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290934; cv=none; d=zohomail.com; s=zohoarc; b=FJCaR4TWqeE8T1e1eTASi0aZT6Bw7IEBvUcB5VpoDK6QjRYC0Z9fgEXPzwqGROO2OQ0xcMC3fFdZ0dxyiGcETa1UniKKG9XcSpMJUHySYsDx3VZlIadbCWIMVhvrsuZCOJCJsXiUY/H9d+LfawkhMsUdJjAfkcquwY6WXD4fX40= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290934; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Jx7XmSlfied04RixervTKi3YwtsEzVR4rYS3V8uTuJE=; b=OmQ+kbCX+cUwx9DsoxVsspfomY8/vP+GO4acN5/4JrIiPEbZqRe/4fbIzPdILTexA/nXE7s+wzsFwQAui1JpRozBRMAK3n3PkivOWw0ooOVyNiRkPIXRNtmWriZtefymGRjT9w56EFxb1UHpkEIYGTMl9/mNHK7IHRiqZjTuqRU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95438+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290934767344.8485874778802; Thu, 20 Oct 2022 11:35:34 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id RciuYY1788612xBCDkrE8Vs3; Thu, 20 Oct 2022 11:35:33 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:32 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523533" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523533" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:32 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427769" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427769" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:31 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 04/16] CryptoPkg/Test/UnitTest/Library/BaseCryptLib: Unit test fixes Date: Thu, 20 Oct 2022 11:34:58 -0700 Message-Id: <20221020183510.1799-5-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: ngZrhem1VW2dQkTQIcEIcuO0x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290933; bh=5O1rqD4aWA7/PcwnFNhRXTqt8fM2VlTqLgr8PaUlbW8=; h=Cc:Date:From:Reply-To:Subject:To; b=MIgtYnCDsNfxCm3X4QdkykFJnCUkMf3VjiU83oxmfXZ2V3byRu0Sh7WI7UIweVjxNvG +AzbKD0orc+Wdc1biIx9l0LblwrGK9cwByRsD+WsqFppH4zU+PqXdrCyJyxahcYbQOtVT 6Cbte/aVRAl6eqQenFYt0p96axixj/CtcwA= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290935509100017 Content-Type: text/plain; charset="utf-8" * Update ImageTimeStampTest to return UNIT_TEST_PASSED instead of Status. On success Status is TRUE(1), which was returning a unit test status of UNIT_TEST_ERROR_PREREQUISITE_NOT_MET. * Update HmacTests to use the *Free() service from the HMAC family instead of FreePool(). Using FreePool() generates ASSERT() because the context being freed was not allocated using AllocatePool(). Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- .../UnitTest/Library/BaseCryptLib/HmacTests.c | 17 ++++++++++++----- .../UnitTest/Library/BaseCryptLib/TSTests.c | 2 +- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c b/Cry= ptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c index 9c5b39410d0f..b347cb4cb4f8 100644 --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c @@ -87,6 +87,12 @@ VOID * VOID ); =20 +typedef +VOID +(EFIAPI *EFI_HMAC_FREE)( + IN VOID *HashContext + ); + typedef BOOLEAN (EFIAPI *EFI_HMAC_INIT)( @@ -113,6 +119,7 @@ BOOLEAN typedef struct { UINT32 DigestSize; EFI_HMAC_NEW HmacNew; + EFI_HMAC_FREE HmacFree; EFI_HMAC_INIT HmacInit; EFI_HMAC_UPDATE HmacUpdate; EFI_HMAC_FINAL HmacFinal; @@ -123,10 +130,10 @@ typedef struct { } HMAC_TEST_CONTEXT; =20 // These functions have been deprecated but they've been left commented ou= t for future reference -// HMAC_TEST_CONTEXT mHmacMd5TestCtx =3D {MD5_DIGEST_SIZE, Hma= cMd5New, HmacMd5SetKey, HmacMd5Update, HmacMd5Final, HmacMd5Key= , sizeof(HmacMd5Key), HmacMd5Digest}; -// HMAC_TEST_CONTEXT mHmacSha1TestCtx =3D {SHA1_DIGEST_SIZE, Hma= cSha1New, HmacSha1SetKey, HmacSha1Update, HmacSha1Final, HmacSha1Ke= y, sizeof(HmacSha1Key), HmacSha1Digest}; -HMAC_TEST_CONTEXT mHmacSha256TestCtx =3D { SHA256_DIGEST_SIZE, HmacSha256= New, HmacSha256SetKey, HmacSha256Update, HmacSha256Final, HmacSha256Key, si= zeof (HmacSha256Key), HmacSha256Digest }; -HMAC_TEST_CONTEXT mHmacSha384TestCtx =3D { SHA384_DIGEST_SIZE, HmacSha384= New, HmacSha384SetKey, HmacSha384Update, HmacSha384Final, HmacSha384Key, si= zeof (HmacSha384Key), HmacSha384Digest }; +// HMAC_TEST_CONTEXT mHmacMd5TestCtx =3D {MD5_DIGEST_SIZE, Hma= cMd5New, HmacMd5Free, HmacMd5SetKey, HmacMd5Update, HmacMd5Final,= HmacMd5Key, sizeof(HmacMd5Key), HmacMd5Digest}; +// HMAC_TEST_CONTEXT mHmacSha1TestCtx =3D {SHA1_DIGEST_SIZE, Hma= cSha1New, HmacSha1Free, HmacSha1SetKey, HmacSha1Update, HmacSha1Final= , HmacSha1Key, sizeof(HmacSha1Key), HmacSha1Digest}; +HMAC_TEST_CONTEXT mHmacSha256TestCtx =3D { SHA256_DIGEST_SIZE, HmacSha256= New, HmacSha256Free, HmacSha256SetKey, HmacSha256Update, HmacSha256Final, H= macSha256Key, sizeof (HmacSha256Key), HmacSha256Digest }; +HMAC_TEST_CONTEXT mHmacSha384TestCtx =3D { SHA384_DIGEST_SIZE, HmacSha384= New, HmacSha384Free, HmacSha384SetKey, HmacSha384Update, HmacSha384Final, H= macSha384Key, sizeof (HmacSha384Key), HmacSha384Digest }; =20 UNIT_TEST_STATUS EFIAPI @@ -155,7 +162,7 @@ TestVerifyHmacCleanUp ( =20 HmacTestContext =3D Context; if (HmacTestContext->HmacCtx !=3D NULL) { - FreePool (HmacTestContext->HmacCtx); + HmacTestContext->HmacFree (HmacTestContext->HmacCtx); } } =20 diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TSTests.c b/Crypt= oPkg/Test/UnitTest/Library/BaseCryptLib/TSTests.c index 225ec3e59746..226e57e66f04 100644 --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TSTests.c +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TSTests.c @@ -322,7 +322,7 @@ TestVerifyImageTimestampVerify ( UT_ASSERT_EQUAL (SigningTime.Minute, 50); UT_ASSERT_EQUAL (SigningTime.Second, 3); =20 - return Status; + return UNIT_TEST_PASSED; } =20 TEST_DESC mImageTimestampTest[] =3D { --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95438): https://edk2.groups.io/g/devel/message/95438 Mute This Topic: https://groups.io/mt/94460295/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95439+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95439+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290934; cv=none; d=zohomail.com; s=zohoarc; b=RZaQjY4b6ZhKNChyb/FkuFl0gPnKYWMv/VWrPC3LR28aUJusbd8cPRMg6s0RhNI8oJLZivmlJKPkaoMjnGkVxRYjYuxGIwhhSD9OtGaRV7f5kSInAXPl532sjoOpDgFb/LDuCkvmV8xqNaMxHnOi5nh7DakQk4kSo5KXEyk4pEM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290934; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=oEtS/l3vD+K945UD/sokj14Lrwv7aBscgZys24fC/+U=; b=h9AY6h0CYckTQ+RqnJoBxiAdkG0rKC69PRYt5zZIvjGHO/T5HxiP2j8fHKl4T1/B2TwoWbCiI4W57EfCYq4g5Bn6bADqnYifdRtIkaY/LkpjJncYsxXXOAFPET8UM9WeM5RZprBToRWxDvFHjZ7P7QlaDgVU/A6pI7pCEqEV360= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95439+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290934218238.65920923186923; Thu, 20 Oct 2022 11:35:34 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id myD8YY1788612xmJo9EkyAus; Thu, 20 Oct 2022 11:35:33 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:32 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523534" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523534" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:32 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427776" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427776" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:32 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher , Rebecca Cran , Ard Biesheuvel Subject: [edk2-devel] [Patch v2 05/16] CryptoPkg/Library: Cleanup BaseCryptLib and TlsLib Date: Thu, 20 Oct 2022 11:34:59 -0700 Message-Id: <20221020183510.1799-6-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: XIygD7i7JVI6eIC69OYMbgPkx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290933; bh=rYDT1lUMFHCNIYKFIYdzdVtpYjf4nU44DVIucMf7Lhg=; h=Cc:Date:From:Reply-To:Subject:To; b=ep9QIRb5C6bThIjfeKPbVimFJuDWYYTRheKRQmBo5I9oYYHYY26UK5FvxZUVLOmHhnZ Kih7p8vSknWO1wG+/DdCjsEH0IpeAD57LUw0Vk0h8B+KcIkAaTyZ+lulpsOSvpSEreKHc gqye0JMzKRv3Jz0SaZMaGDxfwaHhnAtbh9c= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290935548100020 Content-Type: text/plain; charset="utf-8" * Move SysCall/inet_pton.c from BaseCryptLib to TlsLib. The functions in this file are only used by TlsLib instances and not any CryptLib instances. * Fix type mismatch in call to FreePool() in TlsConfig.c * Remove use of gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled from TslLib and CryptLib instances * Add missing *Null.c files to SecCryptLib.inf and RuntimeCryptLib.inf. * Remove ARM and AARCH64 sections from SmmCryptLib.inf that does not support those architectures. * Add missing PrintLib dependencies to [LibraryClasses] sections of CryptLib INF files * Remove extra library classes from [LibraryClasses] sections of CryptLib INF files * Remove unnecessary warning disables from [BuildOptions] sections of TlsLib and CryptLib INF files * Remove RVCT support from SecCryptLib.inf Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Cc: Rebecca Cran Cc: Ard Biesheuvel Signed-off-by: Michael D Kinney --- CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 10 +--------- CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 8 +------- CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c | 4 ---- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 4 ---- CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 9 ++------- CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf | 12 ++++-------- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 12 ------------ .../{BaseCryptLib =3D> TlsLib}/SysCall/inet_pton.c | 0 CryptoPkg/Library/TlsLib/TlsConfig.c | 12 ++++-------- CryptoPkg/Library/TlsLib/TlsLib.inf | 12 +----------- 10 files changed, 13 insertions(+), 70 deletions(-) rename CryptoPkg/Library/{BaseCryptLib =3D> TlsLib}/SysCall/inet_pton.c (1= 00%) diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Li= brary/BaseCryptLib/BaseCryptLib.inf index 8896e47095d2..213813cad971 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -54,15 +54,13 @@ [Sources] Pk/CryptTs.c Pk/CryptRsaPss.c Pk/CryptRsaPssSign.c - Pk/CryptEcNull.c |*|*|*|!gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnab= led - Pk/CryptEc.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled + Pk/CryptEc.c Pem/CryptPem.c Bn/CryptBn.c =20 SysCall/CrtWrapper.c SysCall/TimerWrapper.c SysCall/BaseMemAllocation.c - SysCall/inet_pton.c =20 [Sources.Ia32] Rand/CryptRandTsc.c @@ -96,19 +94,13 @@ [LibraryClasses] IntrinsicLib PrintLib =20 -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - # # Remove these [BuildOptions] after this library is cleaned up # [BuildOptions] # # suppress the following warnings so we do not break the build with warn= ings-as-errors: - # C4090: 'function' : different 'const' qualifiers # - MSFT:*_*_*_CC_FLAGS =3D /wd4090 - GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 GCC:*_CLANG38_*_CC_FLAGS =3D -std=3Dc99 GCC:*_CLANGPDB_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Dincompatible-point= er-types diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/PeiCryptLib.inf index 3799780c9f52..b1629647f9c6 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -79,9 +79,7 @@ [LibraryClasses] DebugLib OpensslLib IntrinsicLib - -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled + PrintLib =20 # # Remove these [BuildOptions] after this library is cleaned up @@ -89,11 +87,7 @@ [FixedPcd] [BuildOptions] # # suppress the following warnings so we do not break the build with warn= ings-as-errors: - # C4090: 'function' : different 'const' qualifiers - # C4718: 'function call' : recursive call has no side effects, deleting # - MSFT:*_*_*_CC_FLAGS =3D /wd4090 /wd4718 - GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 GCC:*_CLANG38_*_CC_FLAGS =3D -std=3Dc99 GCC:*_CLANGPDB_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Dincompatible-point= er-types diff --git a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c b/CryptoPkg/Libr= ary/BaseCryptLib/Pem/CryptPem.c index 559a6b4df037..d64cf3d68072 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c +++ b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c @@ -153,7 +153,6 @@ EcGetPrivateKeyFromPem ( OUT VOID **EcContext ) { - #if FixedPcdGetBool (PcdOpensslEcEnabled) BOOLEAN Status; BIO *PemBio; =20 @@ -209,7 +208,4 @@ EcGetPrivateKeyFromPem ( BIO_free (PemBio); =20 return Status; - #else - return FALSE; - #endif } diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Libr= ary/BaseCryptLib/Pk/CryptX509.c index 1d91ac3b0f44..2333157e0d17 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -881,7 +881,6 @@ EcGetPublicKeyFromX509 ( OUT VOID **EcContext ) { - #if FixedPcdGetBool (PcdOpensslEcEnabled) BOOLEAN Status; EVP_PKEY *Pkey; X509 *X509Cert; @@ -935,9 +934,6 @@ EcGetPublicKeyFromX509 ( } =20 return Status; - #else - return FALSE; - #endif } =20 /** diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg= /Library/BaseCryptLib/RuntimeCryptLib.inf index bb66604e320f..07dbc0e7a8bd 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -60,7 +60,9 @@ [Sources] Pk/CryptTsNull.c Pk/CryptRsaPssNull.c Pk/CryptRsaPssSignNull.c + Pk/CryptEcNull.c Pem/CryptPem.c + Bn/CryptBnNull.c =20 SysCall/CrtWrapper.c SysCall/TimerWrapper.c @@ -91,26 +93,19 @@ [Packages] [LibraryClasses] BaseLib BaseMemoryLib - UefiBootServicesTableLib UefiRuntimeServicesTableLib DebugLib OpensslLib IntrinsicLib PrintLib =20 -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - # # Remove these [BuildOptions] after this library is cleaned up # [BuildOptions] # # suppress the following warnings so we do not break the build with warn= ings-as-errors: - # C4090: 'function' : different 'const' qualifiers # - MSFT:*_*_*_CC_FLAGS =3D /wd4090 - GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 GCC:*_CLANG38_*_CC_FLAGS =3D -std=3Dc99 GCC:*_CLANGPDB_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Dincompatible-point= er-types diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SecCryptLib.inf index 4f652be46a82..4ad59b7bbc59 100644 --- a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf @@ -38,6 +38,7 @@ [Sources] Hmac/CryptHmacNull.c Kdf/CryptHkdfNull.c Cipher/CryptAesNull.c + Cipher/CryptAeadAesGcmNull.c Pk/CryptRsaBasicNull.c Pk/CryptRsaExtNull.c Pk/CryptPkcs1OaepNull.c @@ -53,6 +54,8 @@ [Sources] Rand/CryptRandNull.c Pk/CryptRsaPssNull.c Pk/CryptRsaPssSignNull.c + Pk/CryptEcNull.c + Bn/CryptBnNull.c =20 SysCall/CrtWrapper.c SysCall/ConstantTimeClock.c @@ -69,6 +72,7 @@ [LibraryClasses] DebugLib OpensslLib IntrinsicLib + PrintLib =20 # # Remove these [BuildOptions] after this library is cleaned up @@ -76,15 +80,7 @@ [LibraryClasses] [BuildOptions] # # suppress the following warnings so we do not break the build with warn= ings-as-errors: - # C4090: 'function' : different 'const' qualifiers - # C4718: 'function call' : recursive call has no side effects, deleting # - MSFT:*_*_*_CC_FLAGS =3D /wd4090 /wd4718 - - # -JCryptoPkg/Include : To disable the use of the system includes provid= ed by RVCT - # --diag_remark=3D1 : Reduce severity of "#1-D: last line of file en= ds without a newline" - RVCT:*_*_ARM_CC_FLAGS =3D -JCryptoPkg/Include --diag_remark=3D1 - GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 GCC:*_CLANG38_*_CC_FLAGS =3D -std=3Dc99 GCC:*_CLANGPDB_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Dincompatible-point= er-types diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SmmCryptLib.inf index 9318052a51c5..0af7a3f96e8f 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -74,19 +74,12 @@ [Sources.Ia32] [Sources.X64] Rand/CryptRandTsc.c =20 -[Sources.ARM] - Rand/CryptRand.c - -[Sources.AARCH64] - Rand/CryptRand.c - [Packages] MdePkg/MdePkg.dec CryptoPkg/CryptoPkg.dec =20 [LibraryClasses] BaseLib - IoLib BaseMemoryLib MemoryAllocationLib OpensslLib @@ -95,18 +88,13 @@ [LibraryClasses] MmServicesTableLib SynchronizationLib =20 -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - # # Remove these [BuildOptions] after this library is cleaned up # [BuildOptions] # # suppress the following warnings so we do not break the build with warn= ings-as-errors: - # C4090: 'function' : different 'const' qualifiers # - MSFT:*_*_*_CC_FLAGS =3D /wd4090 =20 XCODE:*_*_*_CC_FLAGS =3D -mmmx -msse -std=3Dc99 =20 diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c b/CryptoPkg= /Library/TlsLib/SysCall/inet_pton.c similarity index 100% rename from CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c rename to CryptoPkg/Library/TlsLib/SysCall/inet_pton.c diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLi= b/TlsConfig.c index dbe1f0652996..60559de4a7f3 100644 --- a/CryptoPkg/Library/TlsLib/TlsConfig.c +++ b/CryptoPkg/Library/TlsLib/TlsConfig.c @@ -478,7 +478,7 @@ TlsSetCipherList ( FreePool (CipherString); =20 FreeMappedCipher: - FreePool (MappedCipher); + FreePool ((VOID *)MappedCipher); =20 return Status; } @@ -1136,9 +1136,6 @@ TlsSetEcCurve ( IN UINTN DataSize ) { - #if !FixedPcdGetBool (PcdOpensslEcEnabled) - return EFI_UNSUPPORTED; - #else TLS_CONNECTION *TlsConn; EC_KEY *EcKey; INT32 Nid; @@ -1170,23 +1167,22 @@ TlsSetEcCurve ( } =20 if (SSL_set1_curves (TlsConn->Ssl, &Nid, 1) !=3D 1) { - return EFI_INVALID_PARAMETER; + return EFI_UNSUPPORTED; } =20 EcKey =3D EC_KEY_new_by_curve_name (Nid); if (EcKey =3D=3D NULL) { - return EFI_INVALID_PARAMETER; + return EFI_UNSUPPORTED; } =20 Ret =3D SSL_set_tmp_ecdh (TlsConn->Ssl, EcKey); EC_KEY_free (EcKey); =20 if (Ret !=3D 1) { - return EFI_INVALID_PARAMETER; + return EFI_UNSUPPORTED; } =20 return EFI_SUCCESS; - #endif } =20 /** diff --git a/CryptoPkg/Library/TlsLib/TlsLib.inf b/CryptoPkg/Library/TlsLib= /TlsLib.inf index 20b0ea683238..4e7b3e535a45 100644 --- a/CryptoPkg/Library/TlsLib/TlsLib.inf +++ b/CryptoPkg/Library/TlsLib/TlsLib.inf @@ -28,6 +28,7 @@ [Sources] TlsInit.c TlsConfig.c TlsProcess.c + SysCall/inet_pton.c =20 [Packages] MdePkg/MdePkg.dec @@ -41,14 +42,3 @@ [LibraryClasses] MemoryAllocationLib OpensslLib SafeIntLib - -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - -[BuildOptions] - # - # suppress the following warnings so we do not break the build with warn= ings-as-errors: - # C4090: 'function' : different 'const' qualifiers - # - MSFT:*_*_*_CC_FLAGS =3D /wd4090 - --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95439): https://edk2.groups.io/g/devel/message/95439 Mute This Topic: https://groups.io/mt/94460296/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95440+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95440+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290934; cv=none; d=zohomail.com; s=zohoarc; b=NuEXL45DzhABXIoP5eL29Phsd6zF4Ta/xKtO5Ci40pKXMUCUG35H+mcmAmpNmWephjPKJpZ6yR25KFyj5vL/+xq60KtOfcDbnYKkthbgSn9NzWOJWIMibx2d8Vq/DfUa6xwl+uh8zSbAgRz9mOgVO7xkdbBsJsoc7ndEo9cMkqc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290934; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=prdtL9sws5E/5ZOhMupAgwqQB11tDYk/z7xhr5hl8CE=; b=Qr0OceVQP15J1aaDgCjm8Jm9r8yMgNB4PFwEzYjyncH5iQRwpNMIzZYVUaCni7e9j0o73lMZtXQqDb0nZVWYeL9zqCaEXouwOqzJg2Gh9uLK+DJFwzpO58LdP35Ne30ONxo/SDLKMWLjH6tKMCrDQPvV3Uzxf4j3uKcF9CG7M3Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95440+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290934712877.1657026248475; Thu, 20 Oct 2022 11:35:34 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id wuEPYY1788612xh9dqlAytRd; Thu, 20 Oct 2022 11:35:34 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:33 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523538" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523538" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:33 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427784" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427784" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:32 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 06/16] CryptoPkg/Library/OpensslLib: Combine all performance optimized INFs Date: Thu, 20 Oct 2022 11:35:00 -0700 Message-Id: <20221020183510.1799-7-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: VD2xmW92vicf7awnvJ5Lhd2Bx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290934; bh=3EuQit+u12XpvNsvP61D5/sGjacqDGwgpWT3nmjsVuI=; h=Cc:Date:From:Reply-To:Subject:To; b=Yg9msD5C4fbAPbJMWOWmEN15OMvSXzs5FtSwcjUJZbJr4QlMKCZeH3DD5SAgmSNTTxQ 2arN5CZkCMIPsVa/QZDWPXi+bJB3nd0N2AGPdXHDEWFMZWz3vRXHB5rxJgL8TxtN/eFv2 SXD+f5stcg0wc4CXYoIUETs+6c26NdMu3CI= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290935613100027 Content-Type: text/plain; charset="utf-8" * Remove IA32/X64 specific INF files for performance optimized OpensslLib and combine into OpensslLibAccel.inf and OpensslLibFullAccel.inf. * Remove use of PcdOpensslEcEnabled and let the platform select the EC feature by using either OpensslLibFull.inf or OpensslLibFullAccel.inf. * With PcdOpensslEcEnabled removed, roll back style of opensslconf.h and remove opensslconf_generated.h. Move the choice to disable EC/SM2 into OpensslLib INF files using OPENSSL_FLAGS define. * Update OpensslLibContructor() API to be compatible with all FW phases by using types from Base.h and using RETURN_STATUS type and values instead of EFI_STATUS type and values. * Add /wd4718 to VS2015x86 for IA32 and X64 to disable warning for recursive call with no side effects. This is a false positive warning that is not produced with VS2017 or VS2019. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- CryptoPkg/CryptoPkg.ci.yaml | 8 +- .../Library/Include/openssl/opensslconf.h | 328 +++++++- .../Include/openssl/opensslconf_generated.h | 333 --------- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 138 ++-- CryptoPkg/Library/OpensslLib/OpensslLib.uni | 10 +- ...{OpensslLibX64.inf =3D> OpensslLibAccel.inf} | 199 +++-- .../Library/OpensslLib/OpensslLibAccel.uni | 14 + .../OpensslLib/OpensslLibConstructor.c | 6 +- .../Library/OpensslLib/OpensslLibCrypto.inf | 190 +++-- .../Library/OpensslLib/OpensslLibCrypto.uni | 11 +- ...{OpensslLibIa32.inf =3D> OpensslLibFull.inf} | 169 +++-- .../{OpensslLib.uni =3D> OpensslLibFull.uni} | 10 +- ...lLibX64Gcc.inf =3D> OpensslLibFullAccel.inf} | 202 +++-- .../OpensslLib/OpensslLibFullAccel.uni | 14 + .../Library/OpensslLib/OpensslLibIa32Gcc.inf | 699 ------------------ 15 files changed, 904 insertions(+), 1427 deletions(-) delete mode 100644 CryptoPkg/Library/Include/openssl/opensslconf_generated= .h rename CryptoPkg/Library/OpensslLib/{OpensslLibX64.inf =3D> OpensslLibAcce= l.inf} (78%) create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibAccel.uni rename CryptoPkg/Library/OpensslLib/{OpensslLibIa32.inf =3D> OpensslLibFul= l.inf} (79%) copy CryptoPkg/Library/OpensslLib/{OpensslLib.uni =3D> OpensslLibFull.uni}= (56%) rename CryptoPkg/Library/OpensslLib/{OpensslLibX64Gcc.inf =3D> OpensslLibF= ullAccel.inf} (78%) create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.uni delete mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibIa32Gcc.inf diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml index ca129d6ae56c..47f29759676d 100644 --- a/CryptoPkg/CryptoPkg.ci.yaml +++ b/CryptoPkg/CryptoPkg.ci.yaml @@ -73,13 +73,7 @@ }, "DscCompleteCheck": { "DscPath": "CryptoPkg.dsc", - "IgnoreInf": [ - # These are alternatives to OpensslLib.inf - "CryptoPkg/Library/OpensslLib/OpensslLibIa32.inf", - "CryptoPkg/Library/OpensslLib/OpensslLibIa32Gcc.inf", - "CryptoPkg/Library/OpensslLib/OpensslLibX64.inf", - "CryptoPkg/Library/OpensslLib/OpensslLibX64Gcc.inf" - ] + "IgnoreInf": [] }, "GuidCheck": { "IgnoreGuidName": [], diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Li= brary/Include/openssl/opensslconf.h index 53dd8c3efbe6..b98b068b3d3b 100644 --- a/CryptoPkg/Library/Include/openssl/opensslconf.h +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h @@ -9,32 +9,324 @@ * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ -#include -#include + +#include =20 #ifdef __cplusplus extern "C" { #endif =20 -/* Autogenerated conditional openssl feature list starts here */ -#if !FixedPcdGetBool (PcdOpensslEcEnabled) -# ifndef OPENSSL_NO_EC -# define OPENSSL_NO_EC -# endif -# ifndef OPENSSL_NO_ECDH -# define OPENSSL_NO_ECDH -# endif -# ifndef OPENSSL_NO_ECDSA -# define OPENSSL_NO_ECDSA -# endif -# ifndef OPENSSL_NO_TLS1_3 -# define OPENSSL_NO_TLS1_3 +#ifdef OPENSSL_ALGORITHM_DEFINES +# error OPENSSL_ALGORITHM_DEFINES no longer supported +#endif + +/* + * OpenSSL was configured with the following options: + */ + +#ifndef OPENSSL_SYS_UEFI +# define OPENSSL_SYS_UEFI 1 +#endif +#define OPENSSL_MIN_API 0x10100000L +#ifndef OPENSSL_NO_BF +# define OPENSSL_NO_BF +#endif +#ifndef OPENSSL_NO_BLAKE2 +# define OPENSSL_NO_BLAKE2 +#endif +#ifndef OPENSSL_NO_CAMELLIA +# define OPENSSL_NO_CAMELLIA +#endif +#ifndef OPENSSL_NO_CAST +# define OPENSSL_NO_CAST +#endif +#ifndef OPENSSL_NO_CHACHA +# define OPENSSL_NO_CHACHA +#endif +#ifndef OPENSSL_NO_CMS +# define OPENSSL_NO_CMS +#endif +#ifndef OPENSSL_NO_CT +# define OPENSSL_NO_CT +#endif +#ifndef OPENSSL_NO_DES +# define OPENSSL_NO_DES +#endif +#ifndef OPENSSL_NO_DSA +# define OPENSSL_NO_DSA +#endif +#ifndef OPENSSL_NO_IDEA +# define OPENSSL_NO_IDEA +#endif +#ifndef OPENSSL_NO_MD2 +# define OPENSSL_NO_MD2 +#endif +#ifndef OPENSSL_NO_MD4 +# define OPENSSL_NO_MD4 +#endif +#ifndef OPENSSL_NO_MDC2 +# define OPENSSL_NO_MDC2 +#endif +#ifndef OPENSSL_NO_POLY1305 +# define OPENSSL_NO_POLY1305 +#endif +#ifndef OPENSSL_NO_RC2 +# define OPENSSL_NO_RC2 +#endif +#ifndef OPENSSL_NO_RC4 +# define OPENSSL_NO_RC4 +#endif +#ifndef OPENSSL_NO_RC5 +# define OPENSSL_NO_RC5 +#endif +#ifndef OPENSSL_NO_RMD160 +# define OPENSSL_NO_RMD160 +#endif +#ifndef OPENSSL_NO_SEED +# define OPENSSL_NO_SEED +#endif +#ifndef OPENSSL_NO_SRP +# define OPENSSL_NO_SRP +#endif +#ifndef OPENSSL_NO_TS +# define OPENSSL_NO_TS +#endif +#ifndef OPENSSL_NO_WHIRLPOOL +# define OPENSSL_NO_WHIRLPOOL +#endif +#ifndef OPENSSL_RAND_SEED_NONE +# define OPENSSL_RAND_SEED_NONE +#endif +#ifndef OPENSSL_NO_AFALGENG +# define OPENSSL_NO_AFALGENG +#endif +#ifndef OPENSSL_NO_APPS +# define OPENSSL_NO_APPS +#endif +#ifndef OPENSSL_NO_ASAN +# define OPENSSL_NO_ASAN +#endif +#ifndef OPENSSL_NO_ASYNC +# define OPENSSL_NO_ASYNC +#endif +#ifndef OPENSSL_NO_AUTOERRINIT +# define OPENSSL_NO_AUTOERRINIT +#endif +#ifndef OPENSSL_NO_AUTOLOAD_CONFIG +# define OPENSSL_NO_AUTOLOAD_CONFIG +#endif +#ifndef OPENSSL_NO_CAPIENG +# define OPENSSL_NO_CAPIENG +#endif +#ifndef OPENSSL_NO_CRYPTO_MDEBUG +# define OPENSSL_NO_CRYPTO_MDEBUG +#endif +#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE +# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE +#endif +#ifndef OPENSSL_NO_DEPRECATED +# define OPENSSL_NO_DEPRECATED +#endif +#ifndef OPENSSL_NO_DEVCRYPTOENG +# define OPENSSL_NO_DEVCRYPTOENG +#endif +#ifndef OPENSSL_NO_DGRAM +# define OPENSSL_NO_DGRAM +#endif +#ifndef OPENSSL_NO_DTLS +# define OPENSSL_NO_DTLS +#endif +#ifndef OPENSSL_NO_DTLS1 +# define OPENSSL_NO_DTLS1 +#endif +#ifndef OPENSSL_NO_DTLS1_2 +# define OPENSSL_NO_DTLS1_2 +#endif +#ifndef OPENSSL_NO_EC2M +# define OPENSSL_NO_EC2M +#endif +#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 +# define OPENSSL_NO_EC_NISTP_64_GCC_128 +#endif +#ifndef OPENSSL_NO_EGD +# define OPENSSL_NO_EGD +#endif +#ifndef OPENSSL_NO_ENGINE +# define OPENSSL_NO_ENGINE +#endif +#ifndef OPENSSL_NO_ERR +# define OPENSSL_NO_ERR +#endif +#ifndef OPENSSL_NO_EXTERNAL_TESTS +# define OPENSSL_NO_EXTERNAL_TESTS +#endif +#ifndef OPENSSL_NO_FILENAMES +# define OPENSSL_NO_FILENAMES +#endif +#ifndef OPENSSL_NO_FUZZ_AFL +# define OPENSSL_NO_FUZZ_AFL +#endif +#ifndef OPENSSL_NO_FUZZ_LIBFUZZER +# define OPENSSL_NO_FUZZ_LIBFUZZER +#endif +#ifndef OPENSSL_NO_GOST +# define OPENSSL_NO_GOST +#endif +#ifndef OPENSSL_NO_HEARTBEATS +# define OPENSSL_NO_HEARTBEATS +#endif +#ifndef OPENSSL_NO_HW +# define OPENSSL_NO_HW +#endif +#ifndef OPENSSL_NO_MSAN +# define OPENSSL_NO_MSAN +#endif +#ifndef OPENSSL_NO_OCB +# define OPENSSL_NO_OCB +#endif +#ifndef OPENSSL_NO_POSIX_IO +# define OPENSSL_NO_POSIX_IO +#endif +#ifndef OPENSSL_NO_RFC3779 +# define OPENSSL_NO_RFC3779 +#endif +#ifndef OPENSSL_NO_SCRYPT +# define OPENSSL_NO_SCRYPT +#endif +#ifndef OPENSSL_NO_SCTP +# define OPENSSL_NO_SCTP +#endif +#ifndef OPENSSL_NO_SOCK +# define OPENSSL_NO_SOCK +#endif +#ifndef OPENSSL_NO_SSL_TRACE +# define OPENSSL_NO_SSL_TRACE +#endif +#ifndef OPENSSL_NO_SSL3 +# define OPENSSL_NO_SSL3 +#endif +#ifndef OPENSSL_NO_SSL3_METHOD +# define OPENSSL_NO_SSL3_METHOD +#endif +#ifndef OPENSSL_NO_STDIO +# define OPENSSL_NO_STDIO +#endif +#ifndef OPENSSL_NO_TESTS +# define OPENSSL_NO_TESTS +#endif +#ifndef OPENSSL_NO_UBSAN +# define OPENSSL_NO_UBSAN +#endif +#ifndef OPENSSL_NO_UI_CONSOLE +# define OPENSSL_NO_UI_CONSOLE +#endif +#ifndef OPENSSL_NO_UNIT_TEST +# define OPENSSL_NO_UNIT_TEST +#endif +#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS +# define OPENSSL_NO_WEAK_SSL_CIPHERS +#endif +#ifndef OPENSSL_NO_DYNAMIC_ENGINE +# define OPENSSL_NO_DYNAMIC_ENGINE +#endif + + +/* + * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers + * don't like that. This will hopefully silence them. + */ +#define NON_EMPTY_TRANSLATION_UNIT static void *dummy =3D &dummy; + +/* + * Applications should use -DOPENSSL_API_COMPAT=3D to suppress the + * declarations of functions deprecated in or before . Otherwise,= they + * still won't see them if the library has been built to disable deprecated + * functions. + */ +#ifndef DECLARE_DEPRECATED +# define DECLARE_DEPRECATED(f) f; +# ifdef __GNUC__ +# if __GNUC__ > 3 || (__GNUC__ =3D=3D 3 && __GNUC_MINOR__ > 0) +# undef DECLARE_DEPRECATED +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); +# endif +#elif defined(__SUNPRO_C) +#if (__SUNPRO_C >=3D 0x5130) +#undef DECLARE_DEPRECATED +#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); +#endif # endif -# ifndef OPENSSL_NO_SM2 -# define OPENSSL_NO_SM2 +#endif + +#ifndef OPENSSL_FILE +# ifdef OPENSSL_NO_FILENAMES +# define OPENSSL_FILE "" +# define OPENSSL_LINE 0 +# else +# define OPENSSL_FILE __FILE__ +# define OPENSSL_LINE __LINE__ # endif #endif -/* Autogenerated conditional openssl feature list ends here */ + +#ifndef OPENSSL_MIN_API +# define OPENSSL_MIN_API 0 +#endif + +#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API +# undef OPENSSL_API_COMPAT +# define OPENSSL_API_COMPAT OPENSSL_MIN_API +#endif + +/* + * Do not deprecate things to be deprecated in version 1.2.0 before the + * OpenSSL version number matches. + */ +#if OPENSSL_VERSION_NUMBER < 0x10200000L +# define DEPRECATEDIN_1_2_0(f) f; +#elif OPENSSL_API_COMPAT < 0x10200000L +# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f) +#else +# define DEPRECATEDIN_1_2_0(f) +#endif + +#if OPENSSL_API_COMPAT < 0x10100000L +# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f) +#else +# define DEPRECATEDIN_1_1_0(f) +#endif + +#if OPENSSL_API_COMPAT < 0x10000000L +# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f) +#else +# define DEPRECATEDIN_1_0_0(f) +#endif + +#if OPENSSL_API_COMPAT < 0x00908000L +# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f) +#else +# define DEPRECATEDIN_0_9_8(f) +#endif + +/* Generate 80386 code? */ +#undef I386_ONLY + +#undef OPENSSL_UNISTD +#define OPENSSL_UNISTD + +#undef OPENSSL_EXPORT_VAR_AS_FUNCTION + +/* + * The following are cipher-specific, but are part of the public API. + */ +#if !defined(OPENSSL_SYS_UEFI) +# undef BN_LLONG +/* Only one for the following should be defined */ +# undef SIXTY_FOUR_BIT_LONG +# undef SIXTY_FOUR_BIT +# define THIRTY_TWO_BIT +#endif + +#define RC4_INT unsigned int =20 #ifdef __cplusplus } diff --git a/CryptoPkg/Library/Include/openssl/opensslconf_generated.h b/Cr= yptoPkg/Library/Include/openssl/opensslconf_generated.h deleted file mode 100644 index 09a6641ffcf9..000000000000 --- a/CryptoPkg/Library/Include/openssl/opensslconf_generated.h +++ /dev/null @@ -1,333 +0,0 @@ -/* - * WARNING: do not edit! - * Generated from include/openssl/opensslconf.h.in - * - * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef OPENSSL_ALGORITHM_DEFINES -# error OPENSSL_ALGORITHM_DEFINES no longer supported -#endif - -/* - * OpenSSL was configured with the following options: - */ - -#ifndef OPENSSL_SYS_UEFI -# define OPENSSL_SYS_UEFI 1 -#endif -#define OPENSSL_MIN_API 0x10100000L -#ifndef OPENSSL_NO_BF -# define OPENSSL_NO_BF -#endif -#ifndef OPENSSL_NO_BLAKE2 -# define OPENSSL_NO_BLAKE2 -#endif -#ifndef OPENSSL_NO_CAMELLIA -# define OPENSSL_NO_CAMELLIA -#endif -#ifndef OPENSSL_NO_CAST -# define OPENSSL_NO_CAST -#endif -#ifndef OPENSSL_NO_CHACHA -# define OPENSSL_NO_CHACHA -#endif -#ifndef OPENSSL_NO_CMS -# define OPENSSL_NO_CMS -#endif -#ifndef OPENSSL_NO_CT -# define OPENSSL_NO_CT -#endif -#ifndef OPENSSL_NO_DES -# define OPENSSL_NO_DES -#endif -#ifndef OPENSSL_NO_DSA -# define OPENSSL_NO_DSA -#endif -#ifndef OPENSSL_NO_IDEA -# define OPENSSL_NO_IDEA -#endif -#ifndef OPENSSL_NO_MD2 -# define OPENSSL_NO_MD2 -#endif -#ifndef OPENSSL_NO_MD4 -# define OPENSSL_NO_MD4 -#endif -#ifndef OPENSSL_NO_MDC2 -# define OPENSSL_NO_MDC2 -#endif -#ifndef OPENSSL_NO_POLY1305 -# define OPENSSL_NO_POLY1305 -#endif -#ifndef OPENSSL_NO_RC2 -# define OPENSSL_NO_RC2 -#endif -#ifndef OPENSSL_NO_RC4 -# define OPENSSL_NO_RC4 -#endif -#ifndef OPENSSL_NO_RC5 -# define OPENSSL_NO_RC5 -#endif -#ifndef OPENSSL_NO_RMD160 -# define OPENSSL_NO_RMD160 -#endif -#ifndef OPENSSL_NO_SEED -# define OPENSSL_NO_SEED -#endif -#ifndef OPENSSL_NO_SRP -# define OPENSSL_NO_SRP -#endif -#ifndef OPENSSL_NO_TS -# define OPENSSL_NO_TS -#endif -#ifndef OPENSSL_NO_WHIRLPOOL -# define OPENSSL_NO_WHIRLPOOL -#endif -#ifndef OPENSSL_RAND_SEED_NONE -# define OPENSSL_RAND_SEED_NONE -#endif -#ifndef OPENSSL_NO_AFALGENG -# define OPENSSL_NO_AFALGENG -#endif -#ifndef OPENSSL_NO_APPS -# define OPENSSL_NO_APPS -#endif -#ifndef OPENSSL_NO_ASAN -# define OPENSSL_NO_ASAN -#endif -#ifndef OPENSSL_NO_ASYNC -# define OPENSSL_NO_ASYNC -#endif -#ifndef OPENSSL_NO_AUTOERRINIT -# define OPENSSL_NO_AUTOERRINIT -#endif -#ifndef OPENSSL_NO_AUTOLOAD_CONFIG -# define OPENSSL_NO_AUTOLOAD_CONFIG -#endif -#ifndef OPENSSL_NO_CAPIENG -# define OPENSSL_NO_CAPIENG -#endif -#ifndef OPENSSL_NO_CRYPTO_MDEBUG -# define OPENSSL_NO_CRYPTO_MDEBUG -#endif -#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE -# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE -#endif -#ifndef OPENSSL_NO_DEPRECATED -# define OPENSSL_NO_DEPRECATED -#endif -#ifndef OPENSSL_NO_DEVCRYPTOENG -# define OPENSSL_NO_DEVCRYPTOENG -#endif -#ifndef OPENSSL_NO_DGRAM -# define OPENSSL_NO_DGRAM -#endif -#ifndef OPENSSL_NO_DTLS -# define OPENSSL_NO_DTLS -#endif -#ifndef OPENSSL_NO_DTLS1 -# define OPENSSL_NO_DTLS1 -#endif -#ifndef OPENSSL_NO_DTLS1_2 -# define OPENSSL_NO_DTLS1_2 -#endif -#ifndef OPENSSL_NO_EC2M -# define OPENSSL_NO_EC2M -#endif -#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 -# define OPENSSL_NO_EC_NISTP_64_GCC_128 -#endif -#ifndef OPENSSL_NO_EGD -# define OPENSSL_NO_EGD -#endif -#ifndef OPENSSL_NO_ENGINE -# define OPENSSL_NO_ENGINE -#endif -#ifndef OPENSSL_NO_ERR -# define OPENSSL_NO_ERR -#endif -#ifndef OPENSSL_NO_EXTERNAL_TESTS -# define OPENSSL_NO_EXTERNAL_TESTS -#endif -#ifndef OPENSSL_NO_FILENAMES -# define OPENSSL_NO_FILENAMES -#endif -#ifndef OPENSSL_NO_FUZZ_AFL -# define OPENSSL_NO_FUZZ_AFL -#endif -#ifndef OPENSSL_NO_FUZZ_LIBFUZZER -# define OPENSSL_NO_FUZZ_LIBFUZZER -#endif -#ifndef OPENSSL_NO_GOST -# define OPENSSL_NO_GOST -#endif -#ifndef OPENSSL_NO_HEARTBEATS -# define OPENSSL_NO_HEARTBEATS -#endif -#ifndef OPENSSL_NO_HW -# define OPENSSL_NO_HW -#endif -#ifndef OPENSSL_NO_MSAN -# define OPENSSL_NO_MSAN -#endif -#ifndef OPENSSL_NO_OCB -# define OPENSSL_NO_OCB -#endif -#ifndef OPENSSL_NO_POSIX_IO -# define OPENSSL_NO_POSIX_IO -#endif -#ifndef OPENSSL_NO_RFC3779 -# define OPENSSL_NO_RFC3779 -#endif -#ifndef OPENSSL_NO_SCRYPT -# define OPENSSL_NO_SCRYPT -#endif -#ifndef OPENSSL_NO_SCTP -# define OPENSSL_NO_SCTP -#endif -#ifndef OPENSSL_NO_SOCK -# define OPENSSL_NO_SOCK -#endif -#ifndef OPENSSL_NO_SSL_TRACE -# define OPENSSL_NO_SSL_TRACE -#endif -#ifndef OPENSSL_NO_SSL3 -# define OPENSSL_NO_SSL3 -#endif -#ifndef OPENSSL_NO_SSL3_METHOD -# define OPENSSL_NO_SSL3_METHOD -#endif -#ifndef OPENSSL_NO_STDIO -# define OPENSSL_NO_STDIO -#endif -#ifndef OPENSSL_NO_TESTS -# define OPENSSL_NO_TESTS -#endif -#ifndef OPENSSL_NO_UBSAN -# define OPENSSL_NO_UBSAN -#endif -#ifndef OPENSSL_NO_UI_CONSOLE -# define OPENSSL_NO_UI_CONSOLE -#endif -#ifndef OPENSSL_NO_UNIT_TEST -# define OPENSSL_NO_UNIT_TEST -#endif -#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS -# define OPENSSL_NO_WEAK_SSL_CIPHERS -#endif -#ifndef OPENSSL_NO_DYNAMIC_ENGINE -# define OPENSSL_NO_DYNAMIC_ENGINE -#endif - - -/* - * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers - * don't like that. This will hopefully silence them. - */ -#define NON_EMPTY_TRANSLATION_UNIT static void *dummy =3D &dummy; - -/* - * Applications should use -DOPENSSL_API_COMPAT=3D to suppress the - * declarations of functions deprecated in or before . Otherwise,= they - * still won't see them if the library has been built to disable deprecated - * functions. - */ -#ifndef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f; -# ifdef __GNUC__ -# if __GNUC__ > 3 || (__GNUC__ =3D=3D 3 && __GNUC_MINOR__ > 0) -# undef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); -# endif -# elif defined(__SUNPRO_C) -# if (__SUNPRO_C >=3D 0x5130) -# undef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); -# endif -# endif -#endif - -#ifndef OPENSSL_FILE -# ifdef OPENSSL_NO_FILENAMES -# define OPENSSL_FILE "" -# define OPENSSL_LINE 0 -# else -# define OPENSSL_FILE __FILE__ -# define OPENSSL_LINE __LINE__ -# endif -#endif - -#ifndef OPENSSL_MIN_API -# define OPENSSL_MIN_API 0 -#endif - -#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API -# undef OPENSSL_API_COMPAT -# define OPENSSL_API_COMPAT OPENSSL_MIN_API -#endif - -/* - * Do not deprecate things to be deprecated in version 1.2.0 before the - * OpenSSL version number matches. - */ -#if OPENSSL_VERSION_NUMBER < 0x10200000L -# define DEPRECATEDIN_1_2_0(f) f; -#elif OPENSSL_API_COMPAT < 0x10200000L -# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_1_2_0(f) -#endif - -#if OPENSSL_API_COMPAT < 0x10100000L -# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_1_1_0(f) -#endif - -#if OPENSSL_API_COMPAT < 0x10000000L -# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_1_0_0(f) -#endif - -#if OPENSSL_API_COMPAT < 0x00908000L -# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f) -#else -# define DEPRECATEDIN_0_9_8(f) -#endif - -/* Generate 80386 code? */ -#undef I386_ONLY - -#undef OPENSSL_UNISTD -#define OPENSSL_UNISTD - -#undef OPENSSL_EXPORT_VAR_AS_FUNCTION - -/* - * The following are cipher-specific, but are part of the public API. - */ -#if !defined(OPENSSL_SYS_UEFI) -# undef BN_LLONG -/* Only one for the following should be defined */ -# undef SIXTY_FOUR_BIT_LONG -# undef SIXTY_FOUR_BIT -# define THIRTY_TWO_BIT -#endif - -#define RC4_INT unsigned int - -#ifdef __cplusplus -} -#endif diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Librar= y/OpensslLib/OpensslLib.inf index f0ca72eeed4f..25f4f1635ed9 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -1,5 +1,5 @@ ## @file -# This module provides OpenSSL Library implementation. +# This module provides OpenSSL Library implementation with TLS features. # # Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
@@ -16,14 +16,18 @@ [Defines] MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D OpensslLib + CONSTRUCTOR =3D OpensslLibConstructor + DEFINE OPENSSL_PATH =3D openssl - DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_ASM + DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_EC -DOP= ENSSL_NO_ECDH -DOPENSSL_NO_ECDSA -DOPENSSL_NO_TLS1_3 -DOPENSSL_NO_SM2 -DOPE= NSSL_NO_ASM + DEFINE OPENSSL_FLAGS_CONFIG =3D =20 # # VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 # =20 [Sources] + OpensslLibConstructor.c $(OPENSSL_PATH)/e_os.h $(OPENSSL_PATH)/ms/uplink.h # Autogenerated files list starts here @@ -200,43 +204,43 @@ [Sources] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgT= okenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCry= ptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTok= enSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled +# $(OPENSSL_PATH)/crypto/ec/curve25519.c +# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c +# $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c +# $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c +# $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c +# $(OPENSSL_PATH)/crypto/ec/ec2_oct.c +# $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c +# $(OPENSSL_PATH)/crypto/ec/ec_ameth.c +# $(OPENSSL_PATH)/crypto/ec/ec_asn1.c +# $(OPENSSL_PATH)/crypto/ec/ec_check.c +# $(OPENSSL_PATH)/crypto/ec/ec_curve.c +# $(OPENSSL_PATH)/crypto/ec/ec_cvt.c +# $(OPENSSL_PATH)/crypto/ec/ec_err.c +# $(OPENSSL_PATH)/crypto/ec/ec_key.c +# $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c +# $(OPENSSL_PATH)/crypto/ec/ec_lib.c +# $(OPENSSL_PATH)/crypto/ec/ec_mult.c +# $(OPENSSL_PATH)/crypto/ec/ec_oct.c +# $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c +# $(OPENSSL_PATH)/crypto/ec/ec_print.c +# $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c +# $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c +# $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c +# $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c +# $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c +# $(OPENSSL_PATH)/crypto/ec/eck_prn.c +# $(OPENSSL_PATH)/crypto/ec/ecp_mont.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nist.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c +# $(OPENSSL_PATH)/crypto/ec/ecp_oct.c +# $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c +# $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -422,10 +426,10 @@ [Sources] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_err.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled +# $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c +# $(OPENSSL_PATH)/crypto/sm2/sm2_err.c +# $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c +# $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -538,15 +542,15 @@ [Sources] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h - $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCrypt= oPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*= |gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled +# $(OPENSSL_PATH)/crypto/ec/ec_local.h +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h +# $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h +# $(OPENSSL_PATH)/crypto/ec/curve448/field.h +# $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h +# $(OPENSSL_PATH)/crypto/ec/curve448/word.h +# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h +# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h @@ -638,15 +642,13 @@ [LibraryClasses] [LibraryClasses.ARM] ArmSoftFloatLib =20 -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled ## CONSUMES - [BuildOptions] # # Disables the following Visual Studio compiler warnings brought by open= ssl source, # so we do not break the build with /WX option: # C4090: 'function' : different 'const' qualifiers # C4132: 'object' : const object should be initialized (tls13_enc.c) + # C4210: nonstandard extension used: function given file scope # C4244: conversion from type1 to type2, possible loss of data # C4245: conversion from type1 to type2, signed/unsigned mismatch # C4267: conversion from size_t to type, possible loss of data @@ -658,11 +660,19 @@ [BuildOptions] # C4706: assignment within conditional expression # C4819: The file contains a character that cannot be represented in t= he current code page # - MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4132 /wd4244 /wd4245 /wd4267 /wd4310 /wd4389 /wd4700 /wd4702 = /wd4706 /wd4819 - MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4132 /wd4244 /wd4245 /wd4267 /wd4306 /wd4310 /wd4700 /wd4389 = /wd4702 /wd4706 /wd4819 + MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4310 /wd4389 /wd4700 /wd4702 /wd4706 /wd4819 + MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4306 /wd4310 /wd4700 /wd4389 /wd4702 /wd4706 /wd4819 =20 - INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) /w - INTEL:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) /w + # + # Disable following Visual Studio 2015 compiler warnings brought by open= ssl source, + # so we do not break the build with /WX option: + # C4718: recursive call has no side effects, deleting + # + MSFT:*_VS2015x86_IA32_CC_FLAGS =3D /wd4718 + MSFT:*_VS2015x86_X64_CC_FLAGS =3D /wd4718 + + INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w + INTEL:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w =20 # # Suppress the following build warnings in openssl so we don't break the= build with -Werror @@ -671,10 +681,10 @@ [BuildOptions] # types appropriate to the format string specified. # -Werror=3Dunused-but-set-variable: Warn whenever a local variable is= assigned to, but otherwise unused (aside from its declaration). # - GCC:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -Wno-error=3Dunused-but-set-variable - GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -Wno-error=3Dformat -Wno-format -Wno-error=3Dunuse= d-but-set-variable -DNO_MSABI_VA_FUNCS + GCC:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dunused-but-se= t-variable + GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dformat -Wno-f= ormat -Wno-error=3Dunused-but-set-variable -DNO_MSABI_VA_FUNCS GCC:*_*_ARM_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-error=3Dunused-but-set-variable - GCC:*_*_AARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-format -Wno-error=3Dunused-but-set-variable + GCC:*_*_AARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-format -Wno-error=3Dunused-but-set-variable -Wno-error=3Dformat GCC:*_*_RISCV64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-format -Wno-error=3Dunused-but-set-variable GCC:*_*_LOONGARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uni= nitialized -Wno-format -Wno-error=3Dunused-but-set-variable GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized @@ -700,8 +710,8 @@ [BuildOptions] # 1: ignore "#1-D: last line of file ends without a newline" # 3017: may be used before being set (NOTE: This was fixed in O= penSSL 1.1 HEAD with # commit d9b8b89bec4480de3a10bdaf9425db371c19145b, and can be drop= ped then.) - XCODE:*_*_IA32_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) -w -std=3Dc99 -Wno-error=3Duninitialized - XCODE:*_*_X64_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) -w -std=3Dc99 -Wno-error=3Duninitialized + XCODE:*_*_IA32_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized + XCODE:*_*_X64_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized =20 # # AARCH64 uses strict alignment and avoids SIMD registers for code that = may execute diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.uni b/CryptoPkg/Librar= y/OpensslLib/OpensslLib.uni index abaff8a3c37f..6b62c46040f9 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.uni +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.uni @@ -1,7 +1,5 @@ // /** @file -// This module provides openSSL Library implementation. -// -// This module provides OpenSSL Library implementation. +// This module provides OpenSSL Library implementation with TLS features. // // Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.
// @@ -9,8 +7,6 @@ // // **/ =20 +#string STR_MODULE_ABSTRACT #language en-US "OpenSSL Library i= mplementation with TLS features." =20 -#string STR_MODULE_ABSTRACT #language en-US "OpenSSL Library i= mplementation" - -#string STR_MODULE_DESCRIPTION #language en-US "This module provi= des OpenSSL Library implementation." - +#string STR_MODULE_DESCRIPTION #language en-US "This module provi= des OpenSSL Library implementation with TLS features." diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibX64.inf b/CryptoPkg/Lib= rary/OpensslLib/OpensslLibAccel.inf similarity index 78% rename from CryptoPkg/Library/OpensslLib/OpensslLibX64.inf rename to CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf index 5e92ba0844d5..6d43556a4064 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibX64.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf @@ -1,5 +1,7 @@ ## @file -# This module provides OpenSSL Library implementation. +# This module provides OpenSSL Library implementation with TLS features +# along with performance optimized implementations of SHA1, SHA256, SHA51= 2, +# AESNI, VPAED, and GHASH for IA32 and X64. # # Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
@@ -9,39 +11,27 @@ =20 [Defines] INF_VERSION =3D 0x00010005 - BASE_NAME =3D OpensslLibX64 - MODULE_UNI_FILE =3D OpensslLib.uni - FILE_GUID =3D 18125E50-0117-4DD0-BE54-4784AD995FEF + BASE_NAME =3D OpensslLibAccel + MODULE_UNI_FILE =3D OpensslLibAccel.uni + FILE_GUID =3D 96A34760-B04A-44EB-9680-AC7606E9776B MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D OpensslLib + CONSTRUCTOR =3D OpensslLibConstructor + DEFINE OPENSSL_PATH =3D openssl - DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE + DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_EC -DOP= ENSSL_NO_ECDH -DOPENSSL_NO_ECDSA -DOPENSSL_NO_TLS1_3 -DOPENSSL_NO_SM2 DEFINE OPENSSL_FLAGS_CONFIG =3D -DOPENSSL_CPUID_OBJ -DSHA1_ASM -DSHA2= 56_ASM -DSHA512_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM - CONSTRUCTOR =3D OpensslLibConstructor =20 # -# VALID_ARCHITECTURES =3D X64 +# VALID_ARCHITECTURES =3D IA32 X64 # =20 -[Sources.X64] +[Sources] OpensslLibConstructor.c $(OPENSSL_PATH)/e_os.h $(OPENSSL_PATH)/ms/uplink.h # Autogenerated files list starts here - X64/crypto/aes/aesni-mb-x86_64.nasm - X64/crypto/aes/aesni-sha1-x86_64.nasm - X64/crypto/aes/aesni-sha256-x86_64.nasm - X64/crypto/aes/aesni-x86_64.nasm - X64/crypto/aes/vpaes-x86_64.nasm - X64/crypto/modes/aesni-gcm-x86_64.nasm - X64/crypto/modes/ghash-x86_64.nasm - X64/crypto/sha/sha1-mb-x86_64.nasm - X64/crypto/sha/sha1-x86_64.nasm - X64/crypto/sha/sha256-mb-x86_64.nasm - X64/crypto/sha/sha256-x86_64.nasm - X64/crypto/sha/sha512-x86_64.nasm - X64/crypto/x86_64cpuid.nasm $(OPENSSL_PATH)/crypto/aes/aes_cbc.c $(OPENSSL_PATH)/crypto/aes/aes_cfb.c $(OPENSSL_PATH)/crypto/aes/aes_core.c @@ -215,43 +205,43 @@ [Sources.X64] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgT= okenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCry= ptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTok= enSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled +# $(OPENSSL_PATH)/crypto/ec/curve25519.c +# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c +# $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c +# $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c +# $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c +# $(OPENSSL_PATH)/crypto/ec/ec2_oct.c +# $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c +# $(OPENSSL_PATH)/crypto/ec/ec_ameth.c +# $(OPENSSL_PATH)/crypto/ec/ec_asn1.c +# $(OPENSSL_PATH)/crypto/ec/ec_check.c +# $(OPENSSL_PATH)/crypto/ec/ec_curve.c +# $(OPENSSL_PATH)/crypto/ec/ec_cvt.c +# $(OPENSSL_PATH)/crypto/ec/ec_err.c +# $(OPENSSL_PATH)/crypto/ec/ec_key.c +# $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c +# $(OPENSSL_PATH)/crypto/ec/ec_lib.c +# $(OPENSSL_PATH)/crypto/ec/ec_mult.c +# $(OPENSSL_PATH)/crypto/ec/ec_oct.c +# $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c +# $(OPENSSL_PATH)/crypto/ec/ec_print.c +# $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c +# $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c +# $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c +# $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c +# $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c +# $(OPENSSL_PATH)/crypto/ec/eck_prn.c +# $(OPENSSL_PATH)/crypto/ec/ecp_mont.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nist.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c +# $(OPENSSL_PATH)/crypto/ec/ecp_oct.c +# $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c +# $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -330,6 +320,7 @@ [Sources.X64] $(OPENSSL_PATH)/crypto/md5/md5_dgst.c $(OPENSSL_PATH)/crypto/md5/md5_one.c $(OPENSSL_PATH)/crypto/mem.c +# $(OPENSSL_PATH)/crypto/mem_clr.c # Replaced by assembly optimized NAS= M/S files $(OPENSSL_PATH)/crypto/mem_dbg.c $(OPENSSL_PATH)/crypto/mem_sec.c $(OPENSSL_PATH)/crypto/modes/cbc128.c @@ -436,10 +427,10 @@ [Sources.X64] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_err.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled +# $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c +# $(OPENSSL_PATH)/crypto/sm2/sm2_err.c +# $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c +# $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -552,15 +543,15 @@ [Sources.X64] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h - $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCrypt= oPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*= |gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled +# $(OPENSSL_PATH)/crypto/ec/ec_local.h +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h +# $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h +# $(OPENSSL_PATH)/crypto/ec/curve448/field.h +# $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h +# $(OPENSSL_PATH)/crypto/ec/curve448/word.h +# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h +# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h @@ -638,7 +629,53 @@ [Sources.X64] buildinf.h ossl_store.c rand_pool.c + +[Sources.IA32] + IA32/crypto/aes/aesni-x86.nasm | MSFT + IA32/crypto/aes/vpaes-x86.nasm | MSFT + IA32/crypto/modes/ghash-x86.nasm | MSFT + IA32/crypto/sha/sha1-586.nasm | MSFT + IA32/crypto/sha/sha256-586.nasm | MSFT + IA32/crypto/sha/sha512-586.nasm | MSFT + IA32/crypto/x86cpuid.nasm | MSFT + + IA32Gcc/crypto/aes/aesni-x86.S | GCC + IA32Gcc/crypto/aes/vpaes-x86.S | GCC + IA32Gcc/crypto/modes/ghash-x86.S | GCC + IA32Gcc/crypto/sha/sha1-586.S | GCC + IA32Gcc/crypto/sha/sha256-586.S | GCC + IA32Gcc/crypto/sha/sha512-586.S | GCC + IA32Gcc/crypto/x86cpuid.S | GCC + +[Sources.X64] X64/ApiHooks.c + X64/crypto/aes/aesni-mb-x86_64.nasm | MSFT + X64/crypto/aes/aesni-sha1-x86_64.nasm | MSFT + X64/crypto/aes/aesni-sha256-x86_64.nasm | MSFT + X64/crypto/aes/aesni-x86_64.nasm | MSFT + X64/crypto/aes/vpaes-x86_64.nasm | MSFT + X64/crypto/modes/aesni-gcm-x86_64.nasm | MSFT + X64/crypto/modes/ghash-x86_64.nasm | MSFT + X64/crypto/sha/sha1-mb-x86_64.nasm | MSFT + X64/crypto/sha/sha1-x86_64.nasm | MSFT + X64/crypto/sha/sha256-mb-x86_64.nasm | MSFT + X64/crypto/sha/sha256-x86_64.nasm | MSFT + X64/crypto/sha/sha512-x86_64.nasm | MSFT + X64/crypto/x86_64cpuid.nasm | MSFT + + X64Gcc/crypto/aes/aesni-mb-x86_64.S | GCC + X64Gcc/crypto/aes/aesni-sha1-x86_64.S | GCC + X64Gcc/crypto/aes/aesni-sha256-x86_64.S | GCC + X64Gcc/crypto/aes/aesni-x86_64.S | GCC + X64Gcc/crypto/aes/vpaes-x86_64.S | GCC + X64Gcc/crypto/modes/aesni-gcm-x86_64.S | GCC + X64Gcc/crypto/modes/ghash-x86_64.S | GCC + X64Gcc/crypto/sha/sha1-mb-x86_64.S | GCC + X64Gcc/crypto/sha/sha1-x86_64.S | GCC + X64Gcc/crypto/sha/sha256-mb-x86_64.S | GCC + X64Gcc/crypto/sha/sha256-x86_64.S | GCC + X64Gcc/crypto/sha/sha512-x86_64.S | GCC + X64Gcc/crypto/x86_64cpuid.S | GCC =20 [Packages] MdePkg/MdePkg.dec @@ -650,9 +687,6 @@ [LibraryClasses] RngLib PrintLib =20 -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled ## CONSUMES - [BuildOptions] # # Disables the following Visual Studio compiler warnings brought by open= ssl source, @@ -671,8 +705,18 @@ [BuildOptions] # C4706: assignment within conditional expression # C4819: The file contains a character that cannot be represented in t= he current code page # + MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4310 /wd4389 /wd4700 /wd4702 /wd4706 /wd4819 MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4306 /wd4310 /wd4700 /wd4389 /wd4702 /wd4706 /wd4819 =20 + # + # Disable following Visual Studio 2015 compiler warnings brought by open= ssl source, + # so we do not break the build with /WX option: + # C4718: recursive call has no side effects, deleting + # + MSFT:*_VS2015x86_IA32_CC_FLAGS =3D /wd4718 + MSFT:*_VS2015x86_X64_CC_FLAGS =3D /wd4718 + + INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w INTEL:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w =20 # @@ -682,7 +726,11 @@ [BuildOptions] # types appropriate to the format string specified. # -Werror=3Dunused-but-set-variable: Warn whenever a local variable is= assigned to, but otherwise unused (aside from its declaration). # - GCC:*_*_X64_CC_FLAGS =3D -UWIN32 -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) = $(OPENSSL_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dforma= t -Wno-format -Wno-error=3Dunused-but-set-variable -DNO_MSABI_VA_FUNCS + GCC:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dunused-but-se= t-variable + GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dformat -Wno-f= ormat -Wno-error=3Dunused-but-set-variable -DNO_MSABI_VA_FUNCS + GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized + GCC:*_CLANG38_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized + GCC:*_CLANGPDB_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized -Wno= -error=3Dincompatible-pointer-types -Wno-error=3Dpointer-sign -Wno-error=3D= implicit-function-declaration -Wno-error=3Dignored-pragma-optimize =20 # suppress the following warnings in openssl so we don't break the build= with warnings-as-errors: # 1295: Deprecated declaration - give arg types @@ -703,4 +751,5 @@ [BuildOptions] # 1: ignore "#1-D: last line of file ends without a newline" # 3017: may be used before being set (NOTE: This was fixed in O= penSSL 1.1 HEAD with # commit d9b8b89bec4480de3a10bdaf9425db371c19145b, and can be drop= ped then.) + XCODE:*_*_IA32_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized XCODE:*_*_X64_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.uni b/CryptoPkg/L= ibrary/OpensslLib/OpensslLibAccel.uni new file mode 100644 index 000000000000..e547a0c1e816 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.uni @@ -0,0 +1,14 @@ +// /** @file +// This module provides OpenSSL Library implementation with TLS features +// along with performance optimized implementations of SHA1, SHA256, SHA51= 2, +// AESNI, VPAED, and GHASH for IA32 and X64. +// +// Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.
+// +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + +#string STR_MODULE_ABSTRACT #language en-US "OpenSSL Library i= mplementation with TLS features and performance optimizations" + +#string STR_MODULE_DESCRIPTION #language en-US "This module provi= des OpenSSL Library implementation with TLS features along with performance= optimized implementations of SHA1, SHA256, SHA512, AESNI, VPAED, and GHASH= for IA32 and X64." diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibConstructor.c b/CryptoP= kg/Library/OpensslLib/OpensslLibConstructor.c index 18d8a5612808..5daf73a54710 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibConstructor.c +++ b/CryptoPkg/Library/OpensslLib/OpensslLibConstructor.c @@ -6,7 +6,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 -#include +#include =20 /** An internal OpenSSL function which fetches a local copy of the hardware @@ -30,7 +30,7 @@ OPENSSL_cpuid_setup ( @retval EFI_SUCCESS The construction succeeded. =20 **/ -EFI_STATUS +RETURN_STATUS EFIAPI OpensslLibConstructor ( VOID @@ -38,5 +38,5 @@ OpensslLibConstructor ( { OPENSSL_cpuid_setup (); =20 - return EFI_SUCCESS; + return RETURN_SUCCESS; } diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/= Library/OpensslLib/OpensslLibCrypto.inf index 195016fd3d01..3e344f8515e2 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -1,5 +1,6 @@ ## @file -# This module provides OpenSSL Library implementation. +# This module provides OpenSSL Library implementation with ECC and TLS +# features removed and features have performance optimizations enabled. # # Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
@@ -16,14 +17,18 @@ [Defines] MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D OpensslLib + CONSTRUCTOR =3D OpensslLibConstructor + DEFINE OPENSSL_PATH =3D openssl - DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_ASM + DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_EC -DOP= ENSSL_NO_ECDH -DOPENSSL_NO_ECDSA -DOPENSSL_NO_TLS1_3 -DOPENSSL_NO_SM2 -DOPE= NSSL_NO_ASM + DEFINE OPENSSL_FLAGS_CONFIG =3D =20 # # VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 # =20 [Sources] + OpensslLibConstructor.c $(OPENSSL_PATH)/e_os.h $(OPENSSL_PATH)/ms/uplink.h # Autogenerated files list starts here @@ -200,43 +205,43 @@ [Sources] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgT= okenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCry= ptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTok= enSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled +# $(OPENSSL_PATH)/crypto/ec/curve25519.c +# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c +# $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c +# $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c +# $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c +# $(OPENSSL_PATH)/crypto/ec/ec2_oct.c +# $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c +# $(OPENSSL_PATH)/crypto/ec/ec_ameth.c +# $(OPENSSL_PATH)/crypto/ec/ec_asn1.c +# $(OPENSSL_PATH)/crypto/ec/ec_check.c +# $(OPENSSL_PATH)/crypto/ec/ec_curve.c +# $(OPENSSL_PATH)/crypto/ec/ec_cvt.c +# $(OPENSSL_PATH)/crypto/ec/ec_err.c +# $(OPENSSL_PATH)/crypto/ec/ec_key.c +# $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c +# $(OPENSSL_PATH)/crypto/ec/ec_lib.c +# $(OPENSSL_PATH)/crypto/ec/ec_mult.c +# $(OPENSSL_PATH)/crypto/ec/ec_oct.c +# $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c +# $(OPENSSL_PATH)/crypto/ec/ec_print.c +# $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c +# $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c +# $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c +# $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c +# $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c +# $(OPENSSL_PATH)/crypto/ec/eck_prn.c +# $(OPENSSL_PATH)/crypto/ec/ecp_mont.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nist.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c +# $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c +# $(OPENSSL_PATH)/crypto/ec/ecp_oct.c +# $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c +# $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -422,10 +427,10 @@ [Sources] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_err.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled +# $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c +# $(OPENSSL_PATH)/crypto/sm2/sm2_err.c +# $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c +# $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -538,15 +543,15 @@ [Sources] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h - $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCrypt= oPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*= |gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled +# $(OPENSSL_PATH)/crypto/ec/ec_local.h +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h +# $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h +# $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h +# $(OPENSSL_PATH)/crypto/ec/curve448/field.h +# $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h +# $(OPENSSL_PATH)/crypto/ec/curve448/word.h +# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h +# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h @@ -569,6 +574,57 @@ [Sources] $(OPENSSL_PATH)/crypto/x509v3/pcy_local.h $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h +# $(OPENSSL_PATH)/ssl/bio_ssl.c +# $(OPENSSL_PATH)/ssl/d1_lib.c +# $(OPENSSL_PATH)/ssl/d1_msg.c +# $(OPENSSL_PATH)/ssl/d1_srtp.c +# $(OPENSSL_PATH)/ssl/methods.c +# $(OPENSSL_PATH)/ssl/packet.c +# $(OPENSSL_PATH)/ssl/pqueue.c +# $(OPENSSL_PATH)/ssl/record/dtls1_bitmap.c +# $(OPENSSL_PATH)/ssl/record/rec_layer_d1.c +# $(OPENSSL_PATH)/ssl/record/rec_layer_s3.c +# $(OPENSSL_PATH)/ssl/record/ssl3_buffer.c +# $(OPENSSL_PATH)/ssl/record/ssl3_record.c +# $(OPENSSL_PATH)/ssl/record/ssl3_record_tls13.c +# $(OPENSSL_PATH)/ssl/s3_cbc.c +# $(OPENSSL_PATH)/ssl/s3_enc.c +# $(OPENSSL_PATH)/ssl/s3_lib.c +# $(OPENSSL_PATH)/ssl/s3_msg.c +# $(OPENSSL_PATH)/ssl/ssl_asn1.c +# $(OPENSSL_PATH)/ssl/ssl_cert.c +# $(OPENSSL_PATH)/ssl/ssl_ciph.c +# $(OPENSSL_PATH)/ssl/ssl_conf.c +# $(OPENSSL_PATH)/ssl/ssl_err.c +# $(OPENSSL_PATH)/ssl/ssl_init.c +# $(OPENSSL_PATH)/ssl/ssl_lib.c +# $(OPENSSL_PATH)/ssl/ssl_mcnf.c +# $(OPENSSL_PATH)/ssl/ssl_rsa.c +# $(OPENSSL_PATH)/ssl/ssl_sess.c +# $(OPENSSL_PATH)/ssl/ssl_stat.c +# $(OPENSSL_PATH)/ssl/ssl_txt.c +# $(OPENSSL_PATH)/ssl/ssl_utst.c +# $(OPENSSL_PATH)/ssl/statem/extensions.c +# $(OPENSSL_PATH)/ssl/statem/extensions_clnt.c +# $(OPENSSL_PATH)/ssl/statem/extensions_cust.c +# $(OPENSSL_PATH)/ssl/statem/extensions_srvr.c +# $(OPENSSL_PATH)/ssl/statem/statem.c +# $(OPENSSL_PATH)/ssl/statem/statem_clnt.c +# $(OPENSSL_PATH)/ssl/statem/statem_dtls.c +# $(OPENSSL_PATH)/ssl/statem/statem_lib.c +# $(OPENSSL_PATH)/ssl/statem/statem_srvr.c +# $(OPENSSL_PATH)/ssl/t1_enc.c +# $(OPENSSL_PATH)/ssl/t1_lib.c +# $(OPENSSL_PATH)/ssl/t1_trce.c +# $(OPENSSL_PATH)/ssl/tls13_enc.c +# $(OPENSSL_PATH)/ssl/tls_srp.c +# $(OPENSSL_PATH)/ssl/packet_local.h +# $(OPENSSL_PATH)/ssl/ssl_cert_table.h +# $(OPENSSL_PATH)/ssl/ssl_local.h +# $(OPENSSL_PATH)/ssl/record/record.h +# $(OPENSSL_PATH)/ssl/record/record_local.h +# $(OPENSSL_PATH)/ssl/statem/statem.h +# $(OPENSSL_PATH)/ssl/statem/statem_local.h # Autogenerated files list ends here buildinf.h ossl_store.c @@ -587,15 +643,13 @@ [LibraryClasses] [LibraryClasses.ARM] ArmSoftFloatLib =20 -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled ## CONSUMES - [BuildOptions] # # Disables the following Visual Studio compiler warnings brought by open= ssl source, # so we do not break the build with /WX option: # C4090: 'function' : different 'const' qualifiers # C4132: 'object' : const object should be initialized (tls13_enc.c) + # C4210: nonstandard extension used: function given file scope # C4244: conversion from type1 to type2, possible loss of data # C4245: conversion from type1 to type2, signed/unsigned mismatch # C4267: conversion from size_t to type, possible loss of data @@ -607,11 +661,19 @@ [BuildOptions] # C4706: assignment within conditional expression # C4819: The file contains a character that cannot be represented in t= he current code page # - MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4132 /wd4244 /wd4245 /wd4267 /wd4310 /wd4389 /wd4700 /wd4702 = /wd4706 /wd4819 - MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) /wd4090 /wd4132 /wd4244 /wd4245 /wd4267 /wd4306 /wd4310 /wd4700 /wd4389 = /wd4702 /wd4706 /wd4819 + MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4310 /wd4389 /wd4700 /wd4702 /wd4706 /wd4819 + MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4306 /wd4310 /wd4700 /wd4389 /wd4702 /wd4706 /wd4819 =20 - INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) /w - INTEL:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) /w + # + # Disable following Visual Studio 2015 compiler warnings brought by open= ssl source, + # so we do not break the build with /WX option: + # C4718: recursive call has no side effects, deleting + # + MSFT:*_VS2015x86_IA32_CC_FLAGS =3D /wd4718 + MSFT:*_VS2015x86_X64_CC_FLAGS =3D /wd4718 + + INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w + INTEL:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w =20 # # Suppress the following build warnings in openssl so we don't break the= build with -Werror @@ -620,10 +682,10 @@ [BuildOptions] # types appropriate to the format string specified. # -Werror=3Dunused-but-set-variable: Warn whenever a local variable is= assigned to, but otherwise unused (aside from its declaration). # - GCC:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -Wno-error=3Dunused-but-set-variable - GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) -Wno-err= or=3Dmaybe-uninitialized -Wno-error=3Dformat -Wno-format -Wno-error=3Dunuse= d-but-set-variable -DNO_MSABI_VA_FUNCS + GCC:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dunused-but-se= t-variable + GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dformat -Wno-f= ormat -Wno-error=3Dunused-but-set-variable -DNO_MSABI_VA_FUNCS GCC:*_*_ARM_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-error=3Dunused-but-set-variable - GCC:*_*_AARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-format -Wno-error=3Dunused-but-set-variable + GCC:*_*_AARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-format -Wno-error=3Dunused-but-set-variable -Wno-error=3Dformat GCC:*_*_RISCV64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-format -Wno-error=3Dunused-but-set-variable GCC:*_*_LOONGARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uni= nitialized -Wno-format -Wno-error=3Dunused-but-set-variable GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized @@ -649,8 +711,8 @@ [BuildOptions] # 1: ignore "#1-D: last line of file ends without a newline" # 3017: may be used before being set (NOTE: This was fixed in O= penSSL 1.1 HEAD with # commit d9b8b89bec4480de3a10bdaf9425db371c19145b, and can be drop= ped then.) - XCODE:*_*_IA32_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) -w -std=3Dc99 -Wno-error=3Duninitialized - XCODE:*_*_X64_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) -w -std=3Dc99 -Wno-error=3Duninitialized + XCODE:*_*_IA32_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized + XCODE:*_*_X64_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized =20 # # AARCH64 uses strict alignment and avoids SIMD registers for code that = may execute diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.uni b/CryptoPkg/= Library/OpensslLib/OpensslLibCrypto.uni index d3f12e178cae..462ccf4355f7 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.uni +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.uni @@ -1,7 +1,6 @@ // /** @file -// This module provides openSSL Library implementation (libcrypto only, no= libssl). -// -// This module provides OpenSSL Library implementation (libcrypto only, no= libssl). +// This module provides OpenSSL Library implementation (libcrypto only, no +// libssl or ecc). // // Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.
// @@ -9,8 +8,6 @@ // // **/ =20 +#string STR_MODULE_ABSTRACT #language en-US "OpenSSL Library i= mplementation (libcrypto only, no libssl or ecc)" =20 -#string STR_MODULE_ABSTRACT #language en-US "OpenSSL Library i= mplementation (libcrypto only, no libssl)" - -#string STR_MODULE_DESCRIPTION #language en-US "This module provi= des OpenSSL Library implementation (libcrypto only, no libssl)." - +#string STR_MODULE_DESCRIPTION #language en-US "This module provi= des OpenSSL Library implementation (libcrypto only, no libssl or ecc)." diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibIa32.inf b/CryptoPkg/Li= brary/OpensslLib/OpensslLibFull.inf similarity index 79% rename from CryptoPkg/Library/OpensslLib/OpensslLibIa32.inf rename to CryptoPkg/Library/OpensslLib/OpensslLibFull.inf index b6ee718edeff..c3b78a448a26 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibIa32.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf @@ -1,5 +1,11 @@ ## @file -# This module provides OpenSSL Library implementation. +# This module provides OpenSSL Library implementation with ECC and TLS +# features. +# +# This library should be used if a module module needs ECC in TLS, or +# asymmetric cryptography services such as X509 certificate or PEM format +# data processing. This library increases the size overhead up to ~115 KB +# compared to OpensslLib.inf library instance. # # Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
@@ -9,33 +15,27 @@ =20 [Defines] INF_VERSION =3D 0x00010005 - BASE_NAME =3D OpensslLibIa32 - MODULE_UNI_FILE =3D OpensslLib.uni - FILE_GUID =3D 5805D1D4-F8EE-4FBA-BDD8-74465F16A534 + BASE_NAME =3D OpensslLibFull + MODULE_UNI_FILE =3D OpensslLibFull.uni + FILE_GUID =3D AB9E2231-D8FC-433F-9F27-FA293B64FB2C MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D OpensslLib - DEFINE OPENSSL_PATH =3D openssl - DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE - DEFINE OPENSSL_FLAGS_CONFIG =3D -DOPENSSL_CPUID_OBJ -DSHA1_ASM -DSHA2= 56_ASM -DSHA512_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM CONSTRUCTOR =3D OpensslLibConstructor =20 + DEFINE OPENSSL_PATH =3D openssl + DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_NO_ASM + DEFINE OPENSSL_FLAGS_CONFIG =3D + # -# VALID_ARCHITECTURES =3D IA32 +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 # =20 -[Sources.IA32] +[Sources] OpensslLibConstructor.c $(OPENSSL_PATH)/e_os.h $(OPENSSL_PATH)/ms/uplink.h # Autogenerated files list starts here - IA32/crypto/aes/aesni-x86.nasm - IA32/crypto/aes/vpaes-x86.nasm - IA32/crypto/modes/ghash-x86.nasm - IA32/crypto/sha/sha1-586.nasm - IA32/crypto/sha/sha256-586.nasm - IA32/crypto/sha/sha512-586.nasm - IA32/crypto/x86cpuid.nasm $(OPENSSL_PATH)/crypto/aes/aes_cbc.c $(OPENSSL_PATH)/crypto/aes/aes_cfb.c $(OPENSSL_PATH)/crypto/aes/aes_core.c @@ -209,43 +209,43 @@ [Sources.IA32] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgT= okenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCry= ptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTok= enSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled + $(OPENSSL_PATH)/crypto/ec/curve25519.c + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c + $(OPENSSL_PATH)/crypto/ec/ec_check.c + $(OPENSSL_PATH)/crypto/ec/ec_curve.c + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c + $(OPENSSL_PATH)/crypto/ec/ec_err.c + $(OPENSSL_PATH)/crypto/ec/ec_key.c + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_lib.c + $(OPENSSL_PATH)/crypto/ec/ec_mult.c + $(OPENSSL_PATH)/crypto/ec/ec_oct.c + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_print.c + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c + $(OPENSSL_PATH)/crypto/ec/eck_prn.c + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -324,6 +324,7 @@ [Sources.IA32] $(OPENSSL_PATH)/crypto/md5/md5_dgst.c $(OPENSSL_PATH)/crypto/md5/md5_one.c $(OPENSSL_PATH)/crypto/mem.c + $(OPENSSL_PATH)/crypto/mem_clr.c $(OPENSSL_PATH)/crypto/mem_dbg.c $(OPENSSL_PATH)/crypto/mem_sec.c $(OPENSSL_PATH)/crypto/modes/cbc128.c @@ -430,10 +431,10 @@ [Sources.IA32] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_err.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -546,15 +547,15 @@ [Sources.IA32] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h - $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCrypt= oPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*= |gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled + $(OPENSSL_PATH)/crypto/ec/ec_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h + $(OPENSSL_PATH)/crypto/ec/curve448/field.h + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h + $(OPENSSL_PATH)/crypto/ec/curve448/word.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h @@ -643,8 +644,8 @@ [LibraryClasses] RngLib PrintLib =20 -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled ## CONSUMES +[LibraryClasses.ARM] + ArmSoftFloatLib =20 [BuildOptions] # @@ -665,8 +666,18 @@ [BuildOptions] # C4819: The file contains a character that cannot be represented in t= he current code page # MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4310 /wd4389 /wd4700 /wd4702 /wd4706 /wd4819 + MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4306 /wd4310 /wd4700 /wd4389 /wd4702 /wd4706 /wd4819 + + # + # Disable following Visual Studio 2015 compiler warnings brought by open= ssl source, + # so we do not break the build with /WX option: + # C4718: recursive call has no side effects, deleting + # + MSFT:*_VS2015x86_IA32_CC_FLAGS =3D /wd4718 + MSFT:*_VS2015x86_X64_CC_FLAGS =3D /wd4718 =20 INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w + INTEL:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w =20 # # Suppress the following build warnings in openssl so we don't break the= build with -Werror @@ -675,7 +686,15 @@ [BuildOptions] # types appropriate to the format string specified. # -Werror=3Dunused-but-set-variable: Warn whenever a local variable is= assigned to, but otherwise unused (aside from its declaration). # - GCC:*_*_IA32_CC_FLAGS =3D -UWIN32 -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) = $(OPENSSL_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dunuse= d-but-set-variable + GCC:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dunused-but-se= t-variable + GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dformat -Wno-f= ormat -Wno-error=3Dunused-but-set-variable -DNO_MSABI_VA_FUNCS + GCC:*_*_ARM_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-error=3Dunused-but-set-variable + GCC:*_*_AARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-format -Wno-error=3Dunused-but-set-variable -Wno-error=3Dformat + GCC:*_*_RISCV64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uniniti= alized -Wno-format -Wno-error=3Dunused-but-set-variable + GCC:*_*_LOONGARCH64_CC_FLAGS =3D $(OPENSSL_FLAGS) -Wno-error=3Dmaybe-uni= nitialized -Wno-format -Wno-error=3Dunused-but-set-variable + GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized + GCC:*_CLANG38_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized + GCC:*_CLANGPDB_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized -Wno= -error=3Dincompatible-pointer-types -Wno-error=3Dpointer-sign -Wno-error=3D= implicit-function-declaration -Wno-error=3Dignored-pragma-optimize =20 # suppress the following warnings in openssl so we don't break the build= with warnings-as-errors: # 1295: Deprecated declaration - give arg types @@ -697,3 +716,15 @@ [BuildOptions] # 3017: may be used before being set (NOTE: This was fixed in O= penSSL 1.1 HEAD with # commit d9b8b89bec4480de3a10bdaf9425db371c19145b, and can be drop= ped then.) XCODE:*_*_IA32_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized + XCODE:*_*_X64_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized + + # + # AARCH64 uses strict alignment and avoids SIMD registers for code that = may execute + # with the MMU off. This involves SEC, PEI_CORE and PEIM modules as well= as BASE + # libraries, given that they may be included into such modules. + # This library, even though of the BASE type, is never used in such case= s, and + # avoiding the SIMD register file (which is shared with the FPU) prevent= s the + # compiler from successfully building some of the OpenSSL source files t= hat + # use floating point types, so clear the flags here. + # + GCC:*_*_AARCH64_CC_XIPFLAGS =3D=3D diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.uni b/CryptoPkg/Librar= y/OpensslLib/OpensslLibFull.uni similarity index 56% copy from CryptoPkg/Library/OpensslLib/OpensslLib.uni copy to CryptoPkg/Library/OpensslLib/OpensslLibFull.uni index abaff8a3c37f..ec50adba9f83 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.uni +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.uni @@ -1,7 +1,5 @@ // /** @file -// This module provides openSSL Library implementation. -// -// This module provides OpenSSL Library implementation. +// This module provides OpenSSL Library implementation with TLS and ECC fe= atures. // // Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.
// @@ -9,8 +7,6 @@ // // **/ =20 +#string STR_MODULE_ABSTRACT #language en-US "OpenSSL Library i= mplementation with TLS and ECC features" =20 -#string STR_MODULE_ABSTRACT #language en-US "OpenSSL Library i= mplementation" - -#string STR_MODULE_DESCRIPTION #language en-US "This module provi= des OpenSSL Library implementation." - +#string STR_MODULE_DESCRIPTION #language en-US "This module provi= des OpenSSL Library implementation with TLS and ECC features." diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibX64Gcc.inf b/CryptoPkg/= Library/OpensslLib/OpensslLibFullAccel.inf similarity index 78% rename from CryptoPkg/Library/OpensslLib/OpensslLibX64Gcc.inf rename to CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf index 0f1b4b16f8b1..ec53a5911b58 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibX64Gcc.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf @@ -1,5 +1,12 @@ ## @file -# This module provides OpenSSL Library implementation. +# This module provides OpenSSL Library implementation with ECC and TLS +# features along with performance optimized implementations of SHA1, +# SHA256, SHA512 AESNI, VPAED, and GHASH for IA32 and X64. +# +# This library should be used if a module module needs ECC in TLS, or +# asymmetric cryptography services such as X509 certificate or PEM format +# data processing. This library increases the size overhead up to ~115 KB +# compared to OpensslLibAccel.inf library instance. # # Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
@@ -9,39 +16,27 @@ =20 [Defines] INF_VERSION =3D 0x00010005 - BASE_NAME =3D OpensslLibX64Gcc - MODULE_UNI_FILE =3D OpensslLib.uni - FILE_GUID =3D DD90DB9D-6A3F-4F2B-87BF-A8F2BBEF982F + BASE_NAME =3D OpensslLibFullAccel + MODULE_UNI_FILE =3D OpensslLibFullAccel.uni + FILE_GUID =3D AC649FB2-ADCF-450A-9C61-ED3CAFF12864 MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D OpensslLib + CONSTRUCTOR =3D OpensslLibConstructor + DEFINE OPENSSL_PATH =3D openssl DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE DEFINE OPENSSL_FLAGS_CONFIG =3D -DOPENSSL_CPUID_OBJ -DSHA1_ASM -DSHA2= 56_ASM -DSHA512_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM - CONSTRUCTOR =3D OpensslLibConstructor =20 # -# VALID_ARCHITECTURES =3D X64 +# VALID_ARCHITECTURES =3D IA32 X64 # =20 -[Sources.X64] +[Sources] OpensslLibConstructor.c $(OPENSSL_PATH)/e_os.h $(OPENSSL_PATH)/ms/uplink.h # Autogenerated files list starts here - X64Gcc/crypto/aes/aesni-mb-x86_64.S - X64Gcc/crypto/aes/aesni-sha1-x86_64.S - X64Gcc/crypto/aes/aesni-sha256-x86_64.S - X64Gcc/crypto/aes/aesni-x86_64.S - X64Gcc/crypto/aes/vpaes-x86_64.S - X64Gcc/crypto/modes/aesni-gcm-x86_64.S - X64Gcc/crypto/modes/ghash-x86_64.S - X64Gcc/crypto/sha/sha1-mb-x86_64.S - X64Gcc/crypto/sha/sha1-x86_64.S - X64Gcc/crypto/sha/sha256-mb-x86_64.S - X64Gcc/crypto/sha/sha256-x86_64.S - X64Gcc/crypto/sha/sha512-x86_64.S - X64Gcc/crypto/x86_64cpuid.S $(OPENSSL_PATH)/crypto/aes/aes_cbc.c $(OPENSSL_PATH)/crypto/aes/aes_cfb.c $(OPENSSL_PATH)/crypto/aes/aes_core.c @@ -215,43 +210,43 @@ [Sources.X64] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgT= okenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCry= ptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTok= enSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled + $(OPENSSL_PATH)/crypto/ec/curve25519.c + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c + $(OPENSSL_PATH)/crypto/ec/ec_check.c + $(OPENSSL_PATH)/crypto/ec/ec_curve.c + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c + $(OPENSSL_PATH)/crypto/ec/ec_err.c + $(OPENSSL_PATH)/crypto/ec/ec_key.c + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_lib.c + $(OPENSSL_PATH)/crypto/ec/ec_mult.c + $(OPENSSL_PATH)/crypto/ec/ec_oct.c + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_print.c + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c + $(OPENSSL_PATH)/crypto/ec/eck_prn.c + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -330,6 +325,7 @@ [Sources.X64] $(OPENSSL_PATH)/crypto/md5/md5_dgst.c $(OPENSSL_PATH)/crypto/md5/md5_one.c $(OPENSSL_PATH)/crypto/mem.c +# $(OPENSSL_PATH)/crypto/mem_clr.c # Replaced by assembly optimized NAS= M/S files $(OPENSSL_PATH)/crypto/mem_dbg.c $(OPENSSL_PATH)/crypto/mem_sec.c $(OPENSSL_PATH)/crypto/modes/cbc128.c @@ -436,10 +432,10 @@ [Sources.X64] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_err.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -552,15 +548,15 @@ [Sources.X64] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h - $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCrypt= oPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*= |gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled + $(OPENSSL_PATH)/crypto/ec/ec_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h + $(OPENSSL_PATH)/crypto/ec/curve448/field.h + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h + $(OPENSSL_PATH)/crypto/ec/curve448/word.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h @@ -638,7 +634,53 @@ [Sources.X64] buildinf.h ossl_store.c rand_pool.c + +[Sources.IA32] + IA32/crypto/aes/aesni-x86.nasm | MSFT + IA32/crypto/aes/vpaes-x86.nasm | MSFT + IA32/crypto/modes/ghash-x86.nasm | MSFT + IA32/crypto/sha/sha1-586.nasm | MSFT + IA32/crypto/sha/sha256-586.nasm | MSFT + IA32/crypto/sha/sha512-586.nasm | MSFT + IA32/crypto/x86cpuid.nasm | MSFT + + IA32Gcc/crypto/aes/aesni-x86.S | GCC + IA32Gcc/crypto/aes/vpaes-x86.S | GCC + IA32Gcc/crypto/modes/ghash-x86.S | GCC + IA32Gcc/crypto/sha/sha1-586.S | GCC + IA32Gcc/crypto/sha/sha256-586.S | GCC + IA32Gcc/crypto/sha/sha512-586.S | GCC + IA32Gcc/crypto/x86cpuid.S | GCC + +[Sources.X64] X64/ApiHooks.c + X64/crypto/aes/aesni-mb-x86_64.nasm | MSFT + X64/crypto/aes/aesni-sha1-x86_64.nasm | MSFT + X64/crypto/aes/aesni-sha256-x86_64.nasm | MSFT + X64/crypto/aes/aesni-x86_64.nasm | MSFT + X64/crypto/aes/vpaes-x86_64.nasm | MSFT + X64/crypto/modes/aesni-gcm-x86_64.nasm | MSFT + X64/crypto/modes/ghash-x86_64.nasm | MSFT + X64/crypto/sha/sha1-mb-x86_64.nasm | MSFT + X64/crypto/sha/sha1-x86_64.nasm | MSFT + X64/crypto/sha/sha256-mb-x86_64.nasm | MSFT + X64/crypto/sha/sha256-x86_64.nasm | MSFT + X64/crypto/sha/sha512-x86_64.nasm | MSFT + X64/crypto/x86_64cpuid.nasm | MSFT + + X64Gcc/crypto/aes/aesni-mb-x86_64.S | GCC + X64Gcc/crypto/aes/aesni-sha1-x86_64.S | GCC + X64Gcc/crypto/aes/aesni-sha256-x86_64.S | GCC + X64Gcc/crypto/aes/aesni-x86_64.S | GCC + X64Gcc/crypto/aes/vpaes-x86_64.S | GCC + X64Gcc/crypto/modes/aesni-gcm-x86_64.S | GCC + X64Gcc/crypto/modes/ghash-x86_64.S | GCC + X64Gcc/crypto/sha/sha1-mb-x86_64.S | GCC + X64Gcc/crypto/sha/sha1-x86_64.S | GCC + X64Gcc/crypto/sha/sha256-mb-x86_64.S | GCC + X64Gcc/crypto/sha/sha256-x86_64.S | GCC + X64Gcc/crypto/sha/sha512-x86_64.S | GCC + X64Gcc/crypto/x86_64cpuid.S | GCC =20 [Packages] MdePkg/MdePkg.dec @@ -650,9 +692,6 @@ [LibraryClasses] RngLib PrintLib =20 -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled ## CONSUMES - [BuildOptions] # # Disables the following Visual Studio compiler warnings brought by open= ssl source, @@ -671,8 +710,18 @@ [BuildOptions] # C4706: assignment within conditional expression # C4819: The file contains a character that cannot be represented in t= he current code page # + MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4310 /wd4389 /wd4700 /wd4702 /wd4706 /wd4819 MSFT:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4306 /wd4310 /wd4700 /wd4389 /wd4702 /wd4706 /wd4819 =20 + # + # Disable following Visual Studio 2015 compiler warnings brought by open= ssl source, + # so we do not break the build with /WX option: + # C4718: recursive call has no side effects, deleting + # + MSFT:*_VS2015x86_IA32_CC_FLAGS =3D /wd4718 + MSFT:*_VS2015x86_X64_CC_FLAGS =3D /wd4718 + + INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w INTEL:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w =20 # @@ -682,7 +731,11 @@ [BuildOptions] # types appropriate to the format string specified. # -Werror=3Dunused-but-set-variable: Warn whenever a local variable is= assigned to, but otherwise unused (aside from its declaration). # - GCC:*_*_X64_CC_FLAGS =3D -UWIN32 -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) = $(OPENSSL_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dforma= t -Wno-format -Wno-error=3Dunused-but-set-variable -DNO_MSABI_VA_FUNCS + GCC:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dunused-but-se= t-variable + GCC:*_*_X64_CC_FLAGS =3D -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSS= L_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dformat -Wno-f= ormat -Wno-error=3Dunused-but-set-variable -DNO_MSABI_VA_FUNCS + GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized + GCC:*_CLANG38_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized + GCC:*_CLANGPDB_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Duninitialized -Wno= -error=3Dincompatible-pointer-types -Wno-error=3Dpointer-sign -Wno-error=3D= implicit-function-declaration -Wno-error=3Dignored-pragma-optimize =20 # suppress the following warnings in openssl so we don't break the build= with warnings-as-errors: # 1295: Deprecated declaration - give arg types @@ -703,4 +756,5 @@ [BuildOptions] # 1: ignore "#1-D: last line of file ends without a newline" # 3017: may be used before being set (NOTE: This was fixed in O= penSSL 1.1 HEAD with # commit d9b8b89bec4480de3a10bdaf9425db371c19145b, and can be drop= ped then.) + XCODE:*_*_IA32_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized XCODE:*_*_X64_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.uni b/CryptoP= kg/Library/OpensslLib/OpensslLibFullAccel.uni new file mode 100644 index 000000000000..b8453b6c902e --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.uni @@ -0,0 +1,14 @@ +// /** @file +// This module provides openSSL Library implementation with ECC and TLS +// features along with performance optimized implementations of SHA1, +// SHA256, SHA512 AESNI, VPAED, and GHASH for IA32 and X64. +// +// Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.
+// +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + +#string STR_MODULE_ABSTRACT #language en-US "OpenSSL Library i= mplementation with TLS and ECC features and performance optimizations" + +#string STR_MODULE_DESCRIPTION #language en-US "This module provi= des OpenSSL Library implementation with TLS and ECC features and performanc= e optimizations." diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibIa32Gcc.inf b/CryptoPkg= /Library/OpensslLib/OpensslLibIa32Gcc.inf deleted file mode 100644 index 150a82ec7af1..000000000000 --- a/CryptoPkg/Library/OpensslLib/OpensslLibIa32Gcc.inf +++ /dev/null @@ -1,699 +0,0 @@ -## @file -# This module provides OpenSSL Library implementation. -# -# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
-# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
-# SPDX-License-Identifier: BSD-2-Clause-Patent -# -## - -[Defines] - INF_VERSION =3D 0x00010005 - BASE_NAME =3D OpensslLibIa32Gcc - MODULE_UNI_FILE =3D OpensslLib.uni - FILE_GUID =3D B1B32F26-A4E1-4D38-9E34-53A148B8EB11 - MODULE_TYPE =3D BASE - VERSION_STRING =3D 1.0 - LIBRARY_CLASS =3D OpensslLib - DEFINE OPENSSL_PATH =3D openssl - DEFINE OPENSSL_FLAGS =3D -DL_ENDIAN -DOPENSSL_SMALL_FOOTPRINT = -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE - DEFINE OPENSSL_FLAGS_CONFIG =3D -DOPENSSL_CPUID_OBJ -DSHA1_ASM -DSHA2= 56_ASM -DSHA512_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM - CONSTRUCTOR =3D OpensslLibConstructor - -# -# VALID_ARCHITECTURES =3D IA32 -# - -[Sources.IA32] - OpensslLibConstructor.c - $(OPENSSL_PATH)/e_os.h - $(OPENSSL_PATH)/ms/uplink.h -# Autogenerated files list starts here - IA32Gcc/crypto/aes/aesni-x86.S - IA32Gcc/crypto/aes/vpaes-x86.S - IA32Gcc/crypto/modes/ghash-x86.S - IA32Gcc/crypto/sha/sha1-586.S - IA32Gcc/crypto/sha/sha256-586.S - IA32Gcc/crypto/sha/sha512-586.S - IA32Gcc/crypto/x86cpuid.S - $(OPENSSL_PATH)/crypto/aes/aes_cbc.c - $(OPENSSL_PATH)/crypto/aes/aes_cfb.c - $(OPENSSL_PATH)/crypto/aes/aes_core.c - $(OPENSSL_PATH)/crypto/aes/aes_ige.c - $(OPENSSL_PATH)/crypto/aes/aes_misc.c - $(OPENSSL_PATH)/crypto/aes/aes_ofb.c - $(OPENSSL_PATH)/crypto/aes/aes_wrap.c - $(OPENSSL_PATH)/crypto/aria/aria.c - $(OPENSSL_PATH)/crypto/asn1/a_bitstr.c - $(OPENSSL_PATH)/crypto/asn1/a_d2i_fp.c - $(OPENSSL_PATH)/crypto/asn1/a_digest.c - $(OPENSSL_PATH)/crypto/asn1/a_dup.c - $(OPENSSL_PATH)/crypto/asn1/a_gentm.c - $(OPENSSL_PATH)/crypto/asn1/a_i2d_fp.c - $(OPENSSL_PATH)/crypto/asn1/a_int.c - $(OPENSSL_PATH)/crypto/asn1/a_mbstr.c - $(OPENSSL_PATH)/crypto/asn1/a_object.c - $(OPENSSL_PATH)/crypto/asn1/a_octet.c - $(OPENSSL_PATH)/crypto/asn1/a_print.c - $(OPENSSL_PATH)/crypto/asn1/a_sign.c - $(OPENSSL_PATH)/crypto/asn1/a_strex.c - $(OPENSSL_PATH)/crypto/asn1/a_strnid.c - $(OPENSSL_PATH)/crypto/asn1/a_time.c - $(OPENSSL_PATH)/crypto/asn1/a_type.c - $(OPENSSL_PATH)/crypto/asn1/a_utctm.c - $(OPENSSL_PATH)/crypto/asn1/a_utf8.c - $(OPENSSL_PATH)/crypto/asn1/a_verify.c - $(OPENSSL_PATH)/crypto/asn1/ameth_lib.c - $(OPENSSL_PATH)/crypto/asn1/asn1_err.c - $(OPENSSL_PATH)/crypto/asn1/asn1_gen.c - $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.c - $(OPENSSL_PATH)/crypto/asn1/asn1_lib.c - $(OPENSSL_PATH)/crypto/asn1/asn1_par.c - $(OPENSSL_PATH)/crypto/asn1/asn_mime.c - $(OPENSSL_PATH)/crypto/asn1/asn_moid.c - $(OPENSSL_PATH)/crypto/asn1/asn_mstbl.c - $(OPENSSL_PATH)/crypto/asn1/asn_pack.c - $(OPENSSL_PATH)/crypto/asn1/bio_asn1.c - $(OPENSSL_PATH)/crypto/asn1/bio_ndef.c - $(OPENSSL_PATH)/crypto/asn1/d2i_pr.c - $(OPENSSL_PATH)/crypto/asn1/d2i_pu.c - $(OPENSSL_PATH)/crypto/asn1/evp_asn1.c - $(OPENSSL_PATH)/crypto/asn1/f_int.c - $(OPENSSL_PATH)/crypto/asn1/f_string.c - $(OPENSSL_PATH)/crypto/asn1/i2d_pr.c - $(OPENSSL_PATH)/crypto/asn1/i2d_pu.c - $(OPENSSL_PATH)/crypto/asn1/n_pkey.c - $(OPENSSL_PATH)/crypto/asn1/nsseq.c - $(OPENSSL_PATH)/crypto/asn1/p5_pbe.c - $(OPENSSL_PATH)/crypto/asn1/p5_pbev2.c - $(OPENSSL_PATH)/crypto/asn1/p5_scrypt.c - $(OPENSSL_PATH)/crypto/asn1/p8_pkey.c - $(OPENSSL_PATH)/crypto/asn1/t_bitst.c - $(OPENSSL_PATH)/crypto/asn1/t_pkey.c - $(OPENSSL_PATH)/crypto/asn1/t_spki.c - $(OPENSSL_PATH)/crypto/asn1/tasn_dec.c - $(OPENSSL_PATH)/crypto/asn1/tasn_enc.c - $(OPENSSL_PATH)/crypto/asn1/tasn_fre.c - $(OPENSSL_PATH)/crypto/asn1/tasn_new.c - $(OPENSSL_PATH)/crypto/asn1/tasn_prn.c - $(OPENSSL_PATH)/crypto/asn1/tasn_scn.c - $(OPENSSL_PATH)/crypto/asn1/tasn_typ.c - $(OPENSSL_PATH)/crypto/asn1/tasn_utl.c - $(OPENSSL_PATH)/crypto/asn1/x_algor.c - $(OPENSSL_PATH)/crypto/asn1/x_bignum.c - $(OPENSSL_PATH)/crypto/asn1/x_info.c - $(OPENSSL_PATH)/crypto/asn1/x_int64.c - $(OPENSSL_PATH)/crypto/asn1/x_long.c - $(OPENSSL_PATH)/crypto/asn1/x_pkey.c - $(OPENSSL_PATH)/crypto/asn1/x_sig.c - $(OPENSSL_PATH)/crypto/asn1/x_spki.c - $(OPENSSL_PATH)/crypto/asn1/x_val.c - $(OPENSSL_PATH)/crypto/async/arch/async_null.c - $(OPENSSL_PATH)/crypto/async/arch/async_posix.c - $(OPENSSL_PATH)/crypto/async/arch/async_win.c - $(OPENSSL_PATH)/crypto/async/async.c - $(OPENSSL_PATH)/crypto/async/async_err.c - $(OPENSSL_PATH)/crypto/async/async_wait.c - $(OPENSSL_PATH)/crypto/bio/b_addr.c - $(OPENSSL_PATH)/crypto/bio/b_dump.c - $(OPENSSL_PATH)/crypto/bio/b_sock.c - $(OPENSSL_PATH)/crypto/bio/b_sock2.c - $(OPENSSL_PATH)/crypto/bio/bf_buff.c - $(OPENSSL_PATH)/crypto/bio/bf_lbuf.c - $(OPENSSL_PATH)/crypto/bio/bf_nbio.c - $(OPENSSL_PATH)/crypto/bio/bf_null.c - $(OPENSSL_PATH)/crypto/bio/bio_cb.c - $(OPENSSL_PATH)/crypto/bio/bio_err.c - $(OPENSSL_PATH)/crypto/bio/bio_lib.c - $(OPENSSL_PATH)/crypto/bio/bio_meth.c - $(OPENSSL_PATH)/crypto/bio/bss_acpt.c - $(OPENSSL_PATH)/crypto/bio/bss_bio.c - $(OPENSSL_PATH)/crypto/bio/bss_conn.c - $(OPENSSL_PATH)/crypto/bio/bss_dgram.c - $(OPENSSL_PATH)/crypto/bio/bss_fd.c - $(OPENSSL_PATH)/crypto/bio/bss_file.c - $(OPENSSL_PATH)/crypto/bio/bss_log.c - $(OPENSSL_PATH)/crypto/bio/bss_mem.c - $(OPENSSL_PATH)/crypto/bio/bss_null.c - $(OPENSSL_PATH)/crypto/bio/bss_sock.c - $(OPENSSL_PATH)/crypto/bn/bn_add.c - $(OPENSSL_PATH)/crypto/bn/bn_asm.c - $(OPENSSL_PATH)/crypto/bn/bn_blind.c - $(OPENSSL_PATH)/crypto/bn/bn_const.c - $(OPENSSL_PATH)/crypto/bn/bn_ctx.c - $(OPENSSL_PATH)/crypto/bn/bn_depr.c - $(OPENSSL_PATH)/crypto/bn/bn_dh.c - $(OPENSSL_PATH)/crypto/bn/bn_div.c - $(OPENSSL_PATH)/crypto/bn/bn_err.c - $(OPENSSL_PATH)/crypto/bn/bn_exp.c - $(OPENSSL_PATH)/crypto/bn/bn_exp2.c - $(OPENSSL_PATH)/crypto/bn/bn_gcd.c - $(OPENSSL_PATH)/crypto/bn/bn_gf2m.c - $(OPENSSL_PATH)/crypto/bn/bn_intern.c - $(OPENSSL_PATH)/crypto/bn/bn_kron.c - $(OPENSSL_PATH)/crypto/bn/bn_lib.c - $(OPENSSL_PATH)/crypto/bn/bn_mod.c - $(OPENSSL_PATH)/crypto/bn/bn_mont.c - $(OPENSSL_PATH)/crypto/bn/bn_mpi.c - $(OPENSSL_PATH)/crypto/bn/bn_mul.c - $(OPENSSL_PATH)/crypto/bn/bn_nist.c - $(OPENSSL_PATH)/crypto/bn/bn_prime.c - $(OPENSSL_PATH)/crypto/bn/bn_print.c - $(OPENSSL_PATH)/crypto/bn/bn_rand.c - $(OPENSSL_PATH)/crypto/bn/bn_recp.c - $(OPENSSL_PATH)/crypto/bn/bn_shift.c - $(OPENSSL_PATH)/crypto/bn/bn_sqr.c - $(OPENSSL_PATH)/crypto/bn/bn_sqrt.c - $(OPENSSL_PATH)/crypto/bn/bn_srp.c - $(OPENSSL_PATH)/crypto/bn/bn_word.c - $(OPENSSL_PATH)/crypto/bn/bn_x931p.c - $(OPENSSL_PATH)/crypto/buffer/buf_err.c - $(OPENSSL_PATH)/crypto/buffer/buffer.c - $(OPENSSL_PATH)/crypto/cmac/cm_ameth.c - $(OPENSSL_PATH)/crypto/cmac/cm_pmeth.c - $(OPENSSL_PATH)/crypto/cmac/cmac.c - $(OPENSSL_PATH)/crypto/comp/c_zlib.c - $(OPENSSL_PATH)/crypto/comp/comp_err.c - $(OPENSSL_PATH)/crypto/comp/comp_lib.c - $(OPENSSL_PATH)/crypto/conf/conf_api.c - $(OPENSSL_PATH)/crypto/conf/conf_def.c - $(OPENSSL_PATH)/crypto/conf/conf_err.c - $(OPENSSL_PATH)/crypto/conf/conf_lib.c - $(OPENSSL_PATH)/crypto/conf/conf_mall.c - $(OPENSSL_PATH)/crypto/conf/conf_mod.c - $(OPENSSL_PATH)/crypto/conf/conf_sap.c - $(OPENSSL_PATH)/crypto/conf/conf_ssl.c - $(OPENSSL_PATH)/crypto/cpt_err.c - $(OPENSSL_PATH)/crypto/cryptlib.c - $(OPENSSL_PATH)/crypto/ctype.c - $(OPENSSL_PATH)/crypto/cversion.c - $(OPENSSL_PATH)/crypto/dh/dh_ameth.c - $(OPENSSL_PATH)/crypto/dh/dh_asn1.c - $(OPENSSL_PATH)/crypto/dh/dh_check.c - $(OPENSSL_PATH)/crypto/dh/dh_depr.c - $(OPENSSL_PATH)/crypto/dh/dh_err.c - $(OPENSSL_PATH)/crypto/dh/dh_gen.c - $(OPENSSL_PATH)/crypto/dh/dh_kdf.c - $(OPENSSL_PATH)/crypto/dh/dh_key.c - $(OPENSSL_PATH)/crypto/dh/dh_lib.c - $(OPENSSL_PATH)/crypto/dh/dh_meth.c - $(OPENSSL_PATH)/crypto/dh/dh_pmeth.c - $(OPENSSL_PATH)/crypto/dh/dh_prn.c - $(OPENSSL_PATH)/crypto/dh/dh_rfc5114.c - $(OPENSSL_PATH)/crypto/dh/dh_rfc7919.c - $(OPENSSL_PATH)/crypto/dso/dso_dl.c - $(OPENSSL_PATH)/crypto/dso/dso_dlfcn.c - $(OPENSSL_PATH)/crypto/dso/dso_err.c - $(OPENSSL_PATH)/crypto/dso/dso_lib.c - $(OPENSSL_PATH)/crypto/dso/dso_openssl.c - $(OPENSSL_PATH)/crypto/dso/dso_vms.c - $(OPENSSL_PATH)/crypto/dso/dso_win32.c - $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgT= okenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCry= ptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTok= enSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGu= id.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenS= paceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceG= uid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/err/err.c - $(OPENSSL_PATH)/crypto/err/err_prn.c - $(OPENSSL_PATH)/crypto/evp/bio_b64.c - $(OPENSSL_PATH)/crypto/evp/bio_enc.c - $(OPENSSL_PATH)/crypto/evp/bio_md.c - $(OPENSSL_PATH)/crypto/evp/bio_ok.c - $(OPENSSL_PATH)/crypto/evp/c_allc.c - $(OPENSSL_PATH)/crypto/evp/c_alld.c - $(OPENSSL_PATH)/crypto/evp/cmeth_lib.c - $(OPENSSL_PATH)/crypto/evp/digest.c - $(OPENSSL_PATH)/crypto/evp/e_aes.c - $(OPENSSL_PATH)/crypto/evp/e_aes_cbc_hmac_sha1.c - $(OPENSSL_PATH)/crypto/evp/e_aes_cbc_hmac_sha256.c - $(OPENSSL_PATH)/crypto/evp/e_aria.c - $(OPENSSL_PATH)/crypto/evp/e_bf.c - $(OPENSSL_PATH)/crypto/evp/e_camellia.c - $(OPENSSL_PATH)/crypto/evp/e_cast.c - $(OPENSSL_PATH)/crypto/evp/e_chacha20_poly1305.c - $(OPENSSL_PATH)/crypto/evp/e_des.c - $(OPENSSL_PATH)/crypto/evp/e_des3.c - $(OPENSSL_PATH)/crypto/evp/e_idea.c - $(OPENSSL_PATH)/crypto/evp/e_null.c - $(OPENSSL_PATH)/crypto/evp/e_old.c - $(OPENSSL_PATH)/crypto/evp/e_rc2.c - $(OPENSSL_PATH)/crypto/evp/e_rc4.c - $(OPENSSL_PATH)/crypto/evp/e_rc4_hmac_md5.c - $(OPENSSL_PATH)/crypto/evp/e_rc5.c - $(OPENSSL_PATH)/crypto/evp/e_seed.c - $(OPENSSL_PATH)/crypto/evp/e_sm4.c - $(OPENSSL_PATH)/crypto/evp/e_xcbc_d.c - $(OPENSSL_PATH)/crypto/evp/encode.c - $(OPENSSL_PATH)/crypto/evp/evp_cnf.c - $(OPENSSL_PATH)/crypto/evp/evp_enc.c - $(OPENSSL_PATH)/crypto/evp/evp_err.c - $(OPENSSL_PATH)/crypto/evp/evp_key.c - $(OPENSSL_PATH)/crypto/evp/evp_lib.c - $(OPENSSL_PATH)/crypto/evp/evp_pbe.c - $(OPENSSL_PATH)/crypto/evp/evp_pkey.c - $(OPENSSL_PATH)/crypto/evp/m_md2.c - $(OPENSSL_PATH)/crypto/evp/m_md4.c - $(OPENSSL_PATH)/crypto/evp/m_md5.c - $(OPENSSL_PATH)/crypto/evp/m_md5_sha1.c - $(OPENSSL_PATH)/crypto/evp/m_mdc2.c - $(OPENSSL_PATH)/crypto/evp/m_null.c - $(OPENSSL_PATH)/crypto/evp/m_ripemd.c - $(OPENSSL_PATH)/crypto/evp/m_sha1.c - $(OPENSSL_PATH)/crypto/evp/m_sha3.c - $(OPENSSL_PATH)/crypto/evp/m_sigver.c - $(OPENSSL_PATH)/crypto/evp/m_wp.c - $(OPENSSL_PATH)/crypto/evp/names.c - $(OPENSSL_PATH)/crypto/evp/p5_crpt.c - $(OPENSSL_PATH)/crypto/evp/p5_crpt2.c - $(OPENSSL_PATH)/crypto/evp/p_dec.c - $(OPENSSL_PATH)/crypto/evp/p_enc.c - $(OPENSSL_PATH)/crypto/evp/p_lib.c - $(OPENSSL_PATH)/crypto/evp/p_open.c - $(OPENSSL_PATH)/crypto/evp/p_seal.c - $(OPENSSL_PATH)/crypto/evp/p_sign.c - $(OPENSSL_PATH)/crypto/evp/p_verify.c - $(OPENSSL_PATH)/crypto/evp/pbe_scrypt.c - $(OPENSSL_PATH)/crypto/evp/pmeth_fn.c - $(OPENSSL_PATH)/crypto/evp/pmeth_gn.c - $(OPENSSL_PATH)/crypto/evp/pmeth_lib.c - $(OPENSSL_PATH)/crypto/ex_data.c - $(OPENSSL_PATH)/crypto/getenv.c - $(OPENSSL_PATH)/crypto/hmac/hm_ameth.c - $(OPENSSL_PATH)/crypto/hmac/hm_pmeth.c - $(OPENSSL_PATH)/crypto/hmac/hmac.c - $(OPENSSL_PATH)/crypto/init.c - $(OPENSSL_PATH)/crypto/kdf/hkdf.c - $(OPENSSL_PATH)/crypto/kdf/kdf_err.c - $(OPENSSL_PATH)/crypto/kdf/scrypt.c - $(OPENSSL_PATH)/crypto/kdf/tls1_prf.c - $(OPENSSL_PATH)/crypto/lhash/lh_stats.c - $(OPENSSL_PATH)/crypto/lhash/lhash.c - $(OPENSSL_PATH)/crypto/md5/md5_dgst.c - $(OPENSSL_PATH)/crypto/md5/md5_one.c - $(OPENSSL_PATH)/crypto/mem.c - $(OPENSSL_PATH)/crypto/mem_dbg.c - $(OPENSSL_PATH)/crypto/mem_sec.c - $(OPENSSL_PATH)/crypto/modes/cbc128.c - $(OPENSSL_PATH)/crypto/modes/ccm128.c - $(OPENSSL_PATH)/crypto/modes/cfb128.c - $(OPENSSL_PATH)/crypto/modes/ctr128.c - $(OPENSSL_PATH)/crypto/modes/cts128.c - $(OPENSSL_PATH)/crypto/modes/gcm128.c - $(OPENSSL_PATH)/crypto/modes/ocb128.c - $(OPENSSL_PATH)/crypto/modes/ofb128.c - $(OPENSSL_PATH)/crypto/modes/wrap128.c - $(OPENSSL_PATH)/crypto/modes/xts128.c - $(OPENSSL_PATH)/crypto/o_dir.c - $(OPENSSL_PATH)/crypto/o_fips.c - $(OPENSSL_PATH)/crypto/o_fopen.c - $(OPENSSL_PATH)/crypto/o_init.c - $(OPENSSL_PATH)/crypto/o_str.c - $(OPENSSL_PATH)/crypto/o_time.c - $(OPENSSL_PATH)/crypto/objects/o_names.c - $(OPENSSL_PATH)/crypto/objects/obj_dat.c - $(OPENSSL_PATH)/crypto/objects/obj_err.c - $(OPENSSL_PATH)/crypto/objects/obj_lib.c - $(OPENSSL_PATH)/crypto/objects/obj_xref.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_asn.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_cl.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_err.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_ext.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_ht.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_lib.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_prn.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_srv.c - $(OPENSSL_PATH)/crypto/ocsp/ocsp_vfy.c - $(OPENSSL_PATH)/crypto/ocsp/v3_ocsp.c - $(OPENSSL_PATH)/crypto/pem/pem_all.c - $(OPENSSL_PATH)/crypto/pem/pem_err.c - $(OPENSSL_PATH)/crypto/pem/pem_info.c - $(OPENSSL_PATH)/crypto/pem/pem_lib.c - $(OPENSSL_PATH)/crypto/pem/pem_oth.c - $(OPENSSL_PATH)/crypto/pem/pem_pk8.c - $(OPENSSL_PATH)/crypto/pem/pem_pkey.c - $(OPENSSL_PATH)/crypto/pem/pem_sign.c - $(OPENSSL_PATH)/crypto/pem/pem_x509.c - $(OPENSSL_PATH)/crypto/pem/pem_xaux.c - $(OPENSSL_PATH)/crypto/pem/pvkfmt.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_add.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_asn.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_attr.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_crpt.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_crt.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_decr.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_init.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_key.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_kiss.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_mutl.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_npas.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_p8d.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_p8e.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_sbag.c - $(OPENSSL_PATH)/crypto/pkcs12/p12_utl.c - $(OPENSSL_PATH)/crypto/pkcs12/pk12err.c - $(OPENSSL_PATH)/crypto/pkcs7/bio_pk7.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_asn1.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_attr.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_doit.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_lib.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_mime.c - $(OPENSSL_PATH)/crypto/pkcs7/pk7_smime.c - $(OPENSSL_PATH)/crypto/pkcs7/pkcs7err.c - $(OPENSSL_PATH)/crypto/rand/drbg_ctr.c - $(OPENSSL_PATH)/crypto/rand/drbg_lib.c - $(OPENSSL_PATH)/crypto/rand/rand_egd.c - $(OPENSSL_PATH)/crypto/rand/rand_err.c - $(OPENSSL_PATH)/crypto/rand/rand_lib.c - $(OPENSSL_PATH)/crypto/rand/rand_unix.c - $(OPENSSL_PATH)/crypto/rand/rand_vms.c - $(OPENSSL_PATH)/crypto/rand/rand_win.c - $(OPENSSL_PATH)/crypto/rsa/rsa_ameth.c - $(OPENSSL_PATH)/crypto/rsa/rsa_asn1.c - $(OPENSSL_PATH)/crypto/rsa/rsa_chk.c - $(OPENSSL_PATH)/crypto/rsa/rsa_crpt.c - $(OPENSSL_PATH)/crypto/rsa/rsa_depr.c - $(OPENSSL_PATH)/crypto/rsa/rsa_err.c - $(OPENSSL_PATH)/crypto/rsa/rsa_gen.c - $(OPENSSL_PATH)/crypto/rsa/rsa_lib.c - $(OPENSSL_PATH)/crypto/rsa/rsa_meth.c - $(OPENSSL_PATH)/crypto/rsa/rsa_mp.c - $(OPENSSL_PATH)/crypto/rsa/rsa_none.c - $(OPENSSL_PATH)/crypto/rsa/rsa_oaep.c - $(OPENSSL_PATH)/crypto/rsa/rsa_ossl.c - $(OPENSSL_PATH)/crypto/rsa/rsa_pk1.c - $(OPENSSL_PATH)/crypto/rsa/rsa_pmeth.c - $(OPENSSL_PATH)/crypto/rsa/rsa_prn.c - $(OPENSSL_PATH)/crypto/rsa/rsa_pss.c - $(OPENSSL_PATH)/crypto/rsa/rsa_saos.c - $(OPENSSL_PATH)/crypto/rsa/rsa_sign.c - $(OPENSSL_PATH)/crypto/rsa/rsa_ssl.c - $(OPENSSL_PATH)/crypto/rsa/rsa_x931.c - $(OPENSSL_PATH)/crypto/rsa/rsa_x931g.c - $(OPENSSL_PATH)/crypto/sha/keccak1600.c - $(OPENSSL_PATH)/crypto/sha/sha1_one.c - $(OPENSSL_PATH)/crypto/sha/sha1dgst.c - $(OPENSSL_PATH)/crypto/sha/sha256.c - $(OPENSSL_PATH)/crypto/sha/sha512.c - $(OPENSSL_PATH)/crypto/siphash/siphash.c - $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c - $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_err.c |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpa= ceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c |*|*|*|gEfiCryptoPkgTokenSpac= eGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/sm3/m_sm3.c - $(OPENSSL_PATH)/crypto/sm3/sm3.c - $(OPENSSL_PATH)/crypto/sm4/sm4.c - $(OPENSSL_PATH)/crypto/stack/stack.c - $(OPENSSL_PATH)/crypto/threads_none.c - $(OPENSSL_PATH)/crypto/threads_pthread.c - $(OPENSSL_PATH)/crypto/threads_win.c - $(OPENSSL_PATH)/crypto/txt_db/txt_db.c - $(OPENSSL_PATH)/crypto/ui/ui_err.c - $(OPENSSL_PATH)/crypto/ui/ui_lib.c - $(OPENSSL_PATH)/crypto/ui/ui_null.c - $(OPENSSL_PATH)/crypto/ui/ui_openssl.c - $(OPENSSL_PATH)/crypto/ui/ui_util.c - $(OPENSSL_PATH)/crypto/uid.c - $(OPENSSL_PATH)/crypto/x509/by_dir.c - $(OPENSSL_PATH)/crypto/x509/by_file.c - $(OPENSSL_PATH)/crypto/x509/t_crl.c - $(OPENSSL_PATH)/crypto/x509/t_req.c - $(OPENSSL_PATH)/crypto/x509/t_x509.c - $(OPENSSL_PATH)/crypto/x509/x509_att.c - $(OPENSSL_PATH)/crypto/x509/x509_cmp.c - $(OPENSSL_PATH)/crypto/x509/x509_d2.c - $(OPENSSL_PATH)/crypto/x509/x509_def.c - $(OPENSSL_PATH)/crypto/x509/x509_err.c - $(OPENSSL_PATH)/crypto/x509/x509_ext.c - $(OPENSSL_PATH)/crypto/x509/x509_lu.c - $(OPENSSL_PATH)/crypto/x509/x509_meth.c - $(OPENSSL_PATH)/crypto/x509/x509_obj.c - $(OPENSSL_PATH)/crypto/x509/x509_r2x.c - $(OPENSSL_PATH)/crypto/x509/x509_req.c - $(OPENSSL_PATH)/crypto/x509/x509_set.c - $(OPENSSL_PATH)/crypto/x509/x509_trs.c - $(OPENSSL_PATH)/crypto/x509/x509_txt.c - $(OPENSSL_PATH)/crypto/x509/x509_v3.c - $(OPENSSL_PATH)/crypto/x509/x509_vfy.c - $(OPENSSL_PATH)/crypto/x509/x509_vpm.c - $(OPENSSL_PATH)/crypto/x509/x509cset.c - $(OPENSSL_PATH)/crypto/x509/x509name.c - $(OPENSSL_PATH)/crypto/x509/x509rset.c - $(OPENSSL_PATH)/crypto/x509/x509spki.c - $(OPENSSL_PATH)/crypto/x509/x509type.c - $(OPENSSL_PATH)/crypto/x509/x_all.c - $(OPENSSL_PATH)/crypto/x509/x_attrib.c - $(OPENSSL_PATH)/crypto/x509/x_crl.c - $(OPENSSL_PATH)/crypto/x509/x_exten.c - $(OPENSSL_PATH)/crypto/x509/x_name.c - $(OPENSSL_PATH)/crypto/x509/x_pubkey.c - $(OPENSSL_PATH)/crypto/x509/x_req.c - $(OPENSSL_PATH)/crypto/x509/x_x509.c - $(OPENSSL_PATH)/crypto/x509/x_x509a.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_cache.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_data.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_lib.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_map.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_node.c - $(OPENSSL_PATH)/crypto/x509v3/pcy_tree.c - $(OPENSSL_PATH)/crypto/x509v3/v3_addr.c - $(OPENSSL_PATH)/crypto/x509v3/v3_admis.c - $(OPENSSL_PATH)/crypto/x509v3/v3_akey.c - $(OPENSSL_PATH)/crypto/x509v3/v3_akeya.c - $(OPENSSL_PATH)/crypto/x509v3/v3_alt.c - $(OPENSSL_PATH)/crypto/x509v3/v3_asid.c - $(OPENSSL_PATH)/crypto/x509v3/v3_bcons.c - $(OPENSSL_PATH)/crypto/x509v3/v3_bitst.c - $(OPENSSL_PATH)/crypto/x509v3/v3_conf.c - $(OPENSSL_PATH)/crypto/x509v3/v3_cpols.c - $(OPENSSL_PATH)/crypto/x509v3/v3_crld.c - $(OPENSSL_PATH)/crypto/x509v3/v3_enum.c - $(OPENSSL_PATH)/crypto/x509v3/v3_extku.c - $(OPENSSL_PATH)/crypto/x509v3/v3_genn.c - $(OPENSSL_PATH)/crypto/x509v3/v3_ia5.c - $(OPENSSL_PATH)/crypto/x509v3/v3_info.c - $(OPENSSL_PATH)/crypto/x509v3/v3_int.c - $(OPENSSL_PATH)/crypto/x509v3/v3_lib.c - $(OPENSSL_PATH)/crypto/x509v3/v3_ncons.c - $(OPENSSL_PATH)/crypto/x509v3/v3_pci.c - $(OPENSSL_PATH)/crypto/x509v3/v3_pcia.c - $(OPENSSL_PATH)/crypto/x509v3/v3_pcons.c - $(OPENSSL_PATH)/crypto/x509v3/v3_pku.c - $(OPENSSL_PATH)/crypto/x509v3/v3_pmaps.c - $(OPENSSL_PATH)/crypto/x509v3/v3_prn.c - $(OPENSSL_PATH)/crypto/x509v3/v3_purp.c - $(OPENSSL_PATH)/crypto/x509v3/v3_skey.c - $(OPENSSL_PATH)/crypto/x509v3/v3_sxnet.c - $(OPENSSL_PATH)/crypto/x509v3/v3_tlsf.c - $(OPENSSL_PATH)/crypto/x509v3/v3_utl.c - $(OPENSSL_PATH)/crypto/x509v3/v3err.c - $(OPENSSL_PATH)/crypto/arm_arch.h - $(OPENSSL_PATH)/crypto/mips_arch.h - $(OPENSSL_PATH)/crypto/ppc_arch.h - $(OPENSSL_PATH)/crypto/s390x_arch.h - $(OPENSSL_PATH)/crypto/sparc_arch.h - $(OPENSSL_PATH)/crypto/vms_rms.h - $(OPENSSL_PATH)/crypto/aes/aes_local.h - $(OPENSSL_PATH)/crypto/asn1/asn1_item_list.h - $(OPENSSL_PATH)/crypto/asn1/asn1_local.h - $(OPENSSL_PATH)/crypto/asn1/charmap.h - $(OPENSSL_PATH)/crypto/asn1/standard_methods.h - $(OPENSSL_PATH)/crypto/asn1/tbl_standard.h - $(OPENSSL_PATH)/crypto/async/async_local.h - $(OPENSSL_PATH)/crypto/async/arch/async_null.h - $(OPENSSL_PATH)/crypto/async/arch/async_posix.h - $(OPENSSL_PATH)/crypto/async/arch/async_win.h - $(OPENSSL_PATH)/crypto/bio/bio_local.h - $(OPENSSL_PATH)/crypto/bn/bn_local.h - $(OPENSSL_PATH)/crypto/bn/bn_prime.h - $(OPENSSL_PATH)/crypto/bn/rsaz_exp.h - $(OPENSSL_PATH)/crypto/comp/comp_local.h - $(OPENSSL_PATH)/crypto/conf/conf_def.h - $(OPENSSL_PATH)/crypto/conf/conf_local.h - $(OPENSSL_PATH)/crypto/dh/dh_local.h - $(OPENSSL_PATH)/crypto/dso/dso_local.h - $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpace= Guid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCrypt= oPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgToke= nSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkg= TokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgToken= SpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*= |gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryp= toPkgTokenSpaceGuid.PcdOpensslEcEnabled - $(OPENSSL_PATH)/crypto/evp/evp_local.h - $(OPENSSL_PATH)/crypto/hmac/hmac_local.h - $(OPENSSL_PATH)/crypto/lhash/lhash_local.h - $(OPENSSL_PATH)/crypto/md5/md5_local.h - $(OPENSSL_PATH)/crypto/modes/modes_local.h - $(OPENSSL_PATH)/crypto/objects/obj_dat.h - $(OPENSSL_PATH)/crypto/objects/obj_local.h - $(OPENSSL_PATH)/crypto/objects/obj_xref.h - $(OPENSSL_PATH)/crypto/ocsp/ocsp_local.h - $(OPENSSL_PATH)/crypto/pkcs12/p12_local.h - $(OPENSSL_PATH)/crypto/rand/rand_local.h - $(OPENSSL_PATH)/crypto/rsa/rsa_local.h - $(OPENSSL_PATH)/crypto/sha/sha_local.h - $(OPENSSL_PATH)/crypto/siphash/siphash_local.h - $(OPENSSL_PATH)/crypto/sm3/sm3_local.h - $(OPENSSL_PATH)/crypto/store/store_local.h - $(OPENSSL_PATH)/crypto/ui/ui_local.h - $(OPENSSL_PATH)/crypto/x509/x509_local.h - $(OPENSSL_PATH)/crypto/x509v3/ext_dat.h - $(OPENSSL_PATH)/crypto/x509v3/pcy_local.h - $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h - $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h - $(OPENSSL_PATH)/ssl/bio_ssl.c - $(OPENSSL_PATH)/ssl/d1_lib.c - $(OPENSSL_PATH)/ssl/d1_msg.c - $(OPENSSL_PATH)/ssl/d1_srtp.c - $(OPENSSL_PATH)/ssl/methods.c - $(OPENSSL_PATH)/ssl/packet.c - $(OPENSSL_PATH)/ssl/pqueue.c - $(OPENSSL_PATH)/ssl/record/dtls1_bitmap.c - $(OPENSSL_PATH)/ssl/record/rec_layer_d1.c - $(OPENSSL_PATH)/ssl/record/rec_layer_s3.c - $(OPENSSL_PATH)/ssl/record/ssl3_buffer.c - $(OPENSSL_PATH)/ssl/record/ssl3_record.c - $(OPENSSL_PATH)/ssl/record/ssl3_record_tls13.c - $(OPENSSL_PATH)/ssl/s3_cbc.c - $(OPENSSL_PATH)/ssl/s3_enc.c - $(OPENSSL_PATH)/ssl/s3_lib.c - $(OPENSSL_PATH)/ssl/s3_msg.c - $(OPENSSL_PATH)/ssl/ssl_asn1.c - $(OPENSSL_PATH)/ssl/ssl_cert.c - $(OPENSSL_PATH)/ssl/ssl_ciph.c - $(OPENSSL_PATH)/ssl/ssl_conf.c - $(OPENSSL_PATH)/ssl/ssl_err.c - $(OPENSSL_PATH)/ssl/ssl_init.c - $(OPENSSL_PATH)/ssl/ssl_lib.c - $(OPENSSL_PATH)/ssl/ssl_mcnf.c - $(OPENSSL_PATH)/ssl/ssl_rsa.c - $(OPENSSL_PATH)/ssl/ssl_sess.c - $(OPENSSL_PATH)/ssl/ssl_stat.c - $(OPENSSL_PATH)/ssl/ssl_txt.c - $(OPENSSL_PATH)/ssl/ssl_utst.c - $(OPENSSL_PATH)/ssl/statem/extensions.c - $(OPENSSL_PATH)/ssl/statem/extensions_clnt.c - $(OPENSSL_PATH)/ssl/statem/extensions_cust.c - $(OPENSSL_PATH)/ssl/statem/extensions_srvr.c - $(OPENSSL_PATH)/ssl/statem/statem.c - $(OPENSSL_PATH)/ssl/statem/statem_clnt.c - $(OPENSSL_PATH)/ssl/statem/statem_dtls.c - $(OPENSSL_PATH)/ssl/statem/statem_lib.c - $(OPENSSL_PATH)/ssl/statem/statem_srvr.c - $(OPENSSL_PATH)/ssl/t1_enc.c - $(OPENSSL_PATH)/ssl/t1_lib.c - $(OPENSSL_PATH)/ssl/t1_trce.c - $(OPENSSL_PATH)/ssl/tls13_enc.c - $(OPENSSL_PATH)/ssl/tls_srp.c - $(OPENSSL_PATH)/ssl/packet_local.h - $(OPENSSL_PATH)/ssl/ssl_cert_table.h - $(OPENSSL_PATH)/ssl/ssl_local.h - $(OPENSSL_PATH)/ssl/record/record.h - $(OPENSSL_PATH)/ssl/record/record_local.h - $(OPENSSL_PATH)/ssl/statem/statem.h - $(OPENSSL_PATH)/ssl/statem/statem_local.h -# Autogenerated files list ends here - buildinf.h - ossl_store.c - rand_pool.c - -[Packages] - MdePkg/MdePkg.dec - CryptoPkg/CryptoPkg.dec - -[LibraryClasses] - BaseLib - DebugLib - RngLib - PrintLib - -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled ## CONSUMES - -[BuildOptions] - # - # Disables the following Visual Studio compiler warnings brought by open= ssl source, - # so we do not break the build with /WX option: - # C4090: 'function' : different 'const' qualifiers - # C4132: 'object' : const object should be initialized (tls13_enc.c) - # C4210: nonstandard extension used: function given file scope - # C4244: conversion from type1 to type2, possible loss of data - # C4245: conversion from type1 to type2, signed/unsigned mismatch - # C4267: conversion from size_t to type, possible loss of data - # C4306: 'identifier' : conversion from 'type1' to 'type2' of greater = size - # C4310: cast truncates constant value - # C4389: 'operator' : signed/unsigned mismatch (xxxx) - # C4700: uninitialized local variable 'name' used. (conf_sap.c(71)) - # C4702: unreachable code - # C4706: assignment within conditional expression - # C4819: The file contains a character that cannot be represented in t= he current code page - # - MSFT:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAG= S) $(OPENSSL_FLAGS_CONFIG) /wd4090 /wd4132 /wd4210 /wd4244 /wd4245 /wd4267 = /wd4310 /wd4389 /wd4700 /wd4702 /wd4706 /wd4819 - - INTEL:*_*_IA32_CC_FLAGS =3D -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPEN= SSL_FLAGS) $(OPENSSL_FLAGS_CONFIG) /w - - # - # Suppress the following build warnings in openssl so we don't break the= build with -Werror - # -Werror=3Dmaybe-uninitialized: there exist some other paths for whic= h the variable is not initialized. - # -Werror=3Dformat: Check calls to printf and scanf, etc., to make sur= e that the arguments supplied have - # types appropriate to the format string specified. - # -Werror=3Dunused-but-set-variable: Warn whenever a local variable is= assigned to, but otherwise unused (aside from its declaration). - # - GCC:*_*_IA32_CC_FLAGS =3D -UWIN32 -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) = $(OPENSSL_FLAGS_CONFIG) -Wno-error=3Dmaybe-uninitialized -Wno-error=3Dunuse= d-but-set-variable - - # suppress the following warnings in openssl so we don't break the build= with warnings-as-errors: - # 1295: Deprecated declaration - give arg types - # 550: was set but never used - # 1293: assignment in condition - # 111: statement is unreachable (invariably "break;" after "return X;" = in case statement) - # 68: integer conversion resulted in a change of sign ("if (Status =3D= =3D -1)") - # 177: was declared but never referenced - # 223: function declared implicitly - # 144: a value of type cannot be used to initialize an entity of= type - # 513: a value of type cannot be assigned to an entity of type <= type> - # 188: enumerated type mixed with another type (i.e. passing an integer= as an enum without a cast) - # 1296: Extended constant initialiser used - # 128: loop is not reachable - may be emitted inappropriately if code f= ollows a conditional return - # from the function that evaluates to true at compile time - # 546: transfer of control bypasses initialization - may be emitted ina= ppropriately if the uninitialized - # variable is never referenced after the jump - # 1: ignore "#1-D: last line of file ends without a newline" - # 3017: may be used before being set (NOTE: This was fixed in O= penSSL 1.1 HEAD with - # commit d9b8b89bec4480de3a10bdaf9425db371c19145b, and can be drop= ped then.) - XCODE:*_*_IA32_CC_FLAGS =3D -mmmx -msse -U_WIN32 -U_WIN64 $(OPENSSL_FL= AGS) $(OPENSSL_FLAGS_CONFIG) -w -std=3Dc99 -Wno-error=3Duninitialized --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95440): https://edk2.groups.io/g/devel/message/95440 Mute This Topic: https://groups.io/mt/94460297/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95441+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95441+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290936; cv=none; d=zohomail.com; s=zohoarc; b=cJyYsKLUz8mr1ESg9Hn9IwSvCGpG2KN5DC3jIYzcu8/aIuVbSuUbJN2NfIGU5ezkw9CHR9ro/b4KWEHdqp81GO95Gxt6T38f7OrK3JMW4L9GwvrieaFFlC1quz3cnIOlu8MmUMj7iQCTYtXINuBYmF95Eg2pdwj2D2M3p7l21xk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290936; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=fepHmCLr5Z/WNZwhaNnIqTi2HAWZrSTmR8bQ6leECOs=; b=daUsNa9jSXW/r8W4zBpC56O1sDmBc3sTRSska/SrL4T/5dYlsKHtxAUldFEWxaleHLD4RdrDSQ1aF7EZ8z0vSuS9ntBzNoNjatO3c98U++XUTzsnDVayf7eyRvPlyLLlB2el0cl/N3uZ5FPnvpquvFaMjoEnERvhObFv4aw4bns= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95441+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 16662909363201014.8767950449694; Thu, 20 Oct 2022 11:35:36 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jIxMYY1788612xo8fKMfPoYH; Thu, 20 Oct 2022 11:35:34 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:34 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523540" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523540" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:34 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427790" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427790" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:33 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 07/16] CryptoPkg/Library/OpensslLib: Produce consistent set of APIs Date: Thu, 20 Oct 2022 11:35:01 -0700 Message-Id: <20221020183510.1799-8-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: 4qx0YmwqGCCJ3p253Mm9vtKFx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290934; bh=i/y4+bvS1zi1IbD+UVxGAxtBgYEfAMURrtSGEqLsIFw=; h=Cc:Date:From:Reply-To:Subject:To; b=X2QPBu1YUqoM74zZ4Us/y/TxCJBgJGdNNMxdQDZlNa9u8ecpwO91KWAxHqHgrovBl9U Gwjdp2ETfY6RsyzR78emM8O6tHApgo6Z4Jgr9oWGtLM+YJH6zttjEUsVRX4k7nWSmlowT tGcjUgrlOkNfdHptWfZhr1pPCzplnZldhXg= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290937548100035 Content-Type: text/plain; charset="utf-8" Update all OpensslLib instances so they produce all the APIs used by the BaseCryptLib instances. Not producing the same set of APIs for a library class does not follow the EDK II library class rules and breaks the assumptions that consumers of the OpensslLib may make about which services are present. * Add missing declaration of the private library class OpensslLib to CryptoPkg.dec. * Add SslNull.c with NULL implementations of SSL functions * Add EcSm2Null.c with NULL implementations of EC/SM2 functions. * Update OpensslLibCrypto.inf to include both SslNull.c and EcSm2Null.c so this library instance produces all the opensll APIs used by the BaseCryptLib instances. * Update OpensslLib.inf and OpensslLibAccel.inf to include EcSm2Null.c so these library instances produce all the opensll APIs used by the BaseCryptLib instances. * Add missing declaration of the private library class IntrinsicLib to CryptoPkg.dec Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- CryptoPkg/CryptoPkg.dec | 9 + CryptoPkg/Library/OpensslLib/EcSm2Null.c | 383 +++++++++++++++++ CryptoPkg/Library/OpensslLib/OpensslLib.inf | 2 + .../Library/OpensslLib/OpensslLibAccel.inf | 2 + .../Library/OpensslLib/OpensslLibCrypto.inf | 2 + .../Library/OpensslLib/OpensslLibFull.inf | 2 + .../OpensslLib/OpensslLibFullAccel.inf | 2 + CryptoPkg/Library/OpensslLib/SslNull.c | 405 ++++++++++++++++++ CryptoPkg/Private/Library/IntrinsicLib.h | 16 + CryptoPkg/Private/Library/OpensslLib.h | 14 + 10 files changed, 837 insertions(+) create mode 100644 CryptoPkg/Library/OpensslLib/EcSm2Null.c create mode 100644 CryptoPkg/Library/OpensslLib/SslNull.c create mode 100644 CryptoPkg/Private/Library/IntrinsicLib.h create mode 100644 CryptoPkg/Private/Library/OpensslLib.h diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec index 217e73c3bcd2..f326c6324013 100644 --- a/CryptoPkg/CryptoPkg.dec +++ b/CryptoPkg/CryptoPkg.dec @@ -37,6 +37,15 @@ [LibraryClasses] # HashApiLib|Include/Library/HashApiLib.h =20 +[LibraryClasses.common.Private] + ## @libraryclass Provides library functions from the openssl project. + # + OpensslLib|Private/Library/OpensslLib.h + + ## @libraryclass Provides compiler intrinsic functions required to lin= k openssl project. + # + InstrinsicLib|Private/Library/IntrinsicLib.h + [Protocols] ## EDK II Crypto DXE protocol # 2C2275C9-3A7B-426F-BE54-2D22BD9D1092 diff --git a/CryptoPkg/Library/OpensslLib/EcSm2Null.c b/CryptoPkg/Library/O= pensslLib/EcSm2Null.c new file mode 100644 index 000000000000..6d5ab2d4cc88 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/EcSm2Null.c @@ -0,0 +1,383 @@ +/** @file + Null implementation of EC and SM2 functions called by BaseCryptLib. + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include + +#undef OPENSSL_NO_EC + +#include +#include +#include +#include + +void +EC_GROUP_free ( + EC_GROUP *group + ) +{ + ASSERT (FALSE); +} + +int +EC_GROUP_get_order ( + const EC_GROUP *group, + BIGNUM *order, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_GROUP_get_curve_name ( + const EC_GROUP *group + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_GROUP_get_curve ( + const EC_GROUP *group, + BIGNUM *p, + BIGNUM *a, + BIGNUM *b, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_GROUP_get_degree ( + const EC_GROUP *group + ) +{ + ASSERT (FALSE); + return 0; +} + +EC_GROUP * +EC_GROUP_new_by_curve_name ( + int nid + ) +{ + ASSERT (FALSE); + return NULL; +} + +EC_POINT * +EC_POINT_new ( + const EC_GROUP *group + ) +{ + ASSERT (FALSE); + return NULL; +} + +void +EC_POINT_free ( + EC_POINT *point + ) +{ + ASSERT (FALSE); +} + +void +EC_POINT_clear_free ( + EC_POINT *point + ) +{ + ASSERT (FALSE); +} + +int +EC_POINT_set_affine_coordinates ( + const EC_GROUP *group, + EC_POINT *p, + const BIGNUM *x, + const BIGNUM *y, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_get_affine_coordinates ( + const EC_GROUP *group, + const EC_POINT *p, + BIGNUM *x, + BIGNUM *y, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_set_compressed_coordinates ( + const EC_GROUP *group, + EC_POINT *p, + const BIGNUM *x, + int y_bit, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_add ( + const EC_GROUP *group, + EC_POINT *r, + const EC_POINT *a, + const EC_POINT *b, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_invert ( + const EC_GROUP *group, + EC_POINT *a, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_is_at_infinity ( + const EC_GROUP *group, + const EC_POINT *p + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_POINT_is_on_curve ( + const EC_GROUP *group, + const EC_POINT *point, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return -1; +} + +int +EC_POINT_cmp ( + const EC_GROUP *group, + const EC_POINT *a, + const EC_POINT *b, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return -1; +} + +int +EC_POINT_mul ( + const EC_GROUP *group, + EC_POINT *r, + const BIGNUM *n, + const EC_POINT *q, + const BIGNUM *m, + BN_CTX *ctx + ) +{ + ASSERT (FALSE); + return -0; +} + +EC_KEY * +EC_KEY_new_by_curve_name ( + int nid + ) +{ + ASSERT (FALSE); + return NULL; +} + +void +EC_KEY_free ( + EC_KEY *key + ) +{ + ASSERT (FALSE); +} + +EC_KEY * +EC_KEY_dup ( + const EC_KEY *src + ) +{ + ASSERT (FALSE); + return NULL; +} + +const EC_GROUP * +EC_KEY_get0_group ( + const EC_KEY *key + ) +{ + ASSERT (FALSE); + return NULL; +} + +const EC_POINT * +EC_KEY_get0_public_key ( + const EC_KEY *key + ) +{ + ASSERT (FALSE); + return NULL; +} + +int +EC_KEY_set_public_key ( + EC_KEY *key, + const EC_POINT *pub + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_KEY_generate_key ( + EC_KEY *key + ) +{ + ASSERT (FALSE); + return 0; +} + +int +EC_KEY_check_key ( + const EC_KEY *key + ) +{ + ASSERT (FALSE); + return 0; +} + +int +ECDH_compute_key ( + void *out, + size_t outlen, + const EC_POINT *pub_key, + const EC_KEY *ecdh, + void *(*KDF)( + const void *in, + size_t inlen, + void *out, + size_t *outlen + ) + ) +{ + ASSERT (FALSE); + return 0; +} + +struct ec_key_st * +EVP_PKEY_get0_EC_KEY ( + EVP_PKEY *pkey + ) +{ + ASSERT (FALSE); + return NULL; +} + +EC_KEY * +PEM_read_bio_ECPrivateKey ( + BIO *bp, + EC_KEY **key, + pem_password_cb *cb, + void *u + ) +{ + ASSERT (FALSE); + return NULL; +} + +ECDSA_SIG * +ECDSA_SIG_new ( + void + ) +{ + ASSERT (FALSE); + return NULL; +} + +void +ECDSA_SIG_free ( + ECDSA_SIG *sig + ) +{ + ASSERT (FALSE); +} + +void +ECDSA_SIG_get0 ( + const ECDSA_SIG *sig, + const BIGNUM **pr, + const BIGNUM **ps + ) +{ + ASSERT (FALSE); +} + +int +ECDSA_SIG_set0 ( + ECDSA_SIG *sig, + BIGNUM *r, + BIGNUM *s + ) +{ + return 0; + ASSERT (FALSE); +} + +ECDSA_SIG * +ECDSA_do_sign ( + const unsigned char *dgst, + int dgst_len, + EC_KEY *eckey + ) +{ + ASSERT (FALSE); + return NULL; +} + +int +ECDSA_do_verify ( + const unsigned char *dgst, + int dgst_len, + const ECDSA_SIG *sig, + EC_KEY *eckey + ) +{ + ASSERT (FALSE); + return -1; +} diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Librar= y/OpensslLib/OpensslLib.inf index 25f4f1635ed9..615cd3757368 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -628,6 +628,8 @@ [Sources] buildinf.h ossl_store.c rand_pool.c +# SslNull.c + EcSm2Null.c =20 [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf b/CryptoPkg/L= ibrary/OpensslLib/OpensslLibAccel.inf index 6d43556a4064..de3974885b2d 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf @@ -629,6 +629,8 @@ [Sources] buildinf.h ossl_store.c rand_pool.c +# SslNull.c + EcSm2Null.c =20 [Sources.IA32] IA32/crypto/aes/aesni-x86.nasm | MSFT diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/= Library/OpensslLib/OpensslLibCrypto.inf index 3e344f8515e2..dbb216437ca9 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -629,6 +629,8 @@ [Sources] buildinf.h ossl_store.c rand_pool.c + SslNull.c + EcSm2Null.c =20 [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf b/CryptoPkg/Li= brary/OpensslLib/OpensslLibFull.inf index c3b78a448a26..46794e479624 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf @@ -633,6 +633,8 @@ [Sources] buildinf.h ossl_store.c rand_pool.c +# SslNull.c +# EcSm2Null.c =20 [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf b/CryptoP= kg/Library/OpensslLib/OpensslLibFullAccel.inf index ec53a5911b58..2a7aff30d7b4 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf @@ -634,6 +634,8 @@ [Sources] buildinf.h ossl_store.c rand_pool.c +# SslNull.c +# EcSm2Null.c =20 [Sources.IA32] IA32/crypto/aes/aesni-x86.nasm | MSFT diff --git a/CryptoPkg/Library/OpensslLib/SslNull.c b/CryptoPkg/Library/Ope= nsslLib/SslNull.c new file mode 100644 index 000000000000..49f1405bc0f1 --- /dev/null +++ b/CryptoPkg/Library/OpensslLib/SslNull.c @@ -0,0 +1,405 @@ +/** @file + Null implementation of SSL functions called by BaseCryptLib. + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include + +int +OPENSSL_init_ssl ( + uint64_t opts, + const OPENSSL_INIT_SETTINGS *settings + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur uint32_t +SSL_CIPHER_get_id ( + const SSL_CIPHER *c + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_COMP_add_compression_method ( + int id, + COMP_METHOD *cm + ) +{ + ASSERT (FALSE); + return 0; +} + +long +SSL_CTX_ctrl ( + SSL_CTX *ctx, + int cmd, + long larg, + void *parg + ) +{ + ASSERT (FALSE); + return 0; +} + +void +SSL_CTX_free ( + SSL_CTX *x + ) +{ + ASSERT (FALSE); + return; +} + +__owur X509_STORE * +SSL_CTX_get_cert_store ( + const SSL_CTX *x + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur SSL_CTX * +SSL_CTX_new ( + const SSL_METHOD *meth + ) +{ + ASSERT (FALSE); + return NULL; +} + +unsigned long +SSL_CTX_set_options ( + SSL_CTX *ctx, + unsigned long op + ) +{ + ASSERT (FALSE); + return 0; +} + +const unsigned char * +SSL_SESSION_get_id ( + const SSL_SESSION *s, + unsigned int *len + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur size_t +SSL_SESSION_get_master_key ( + const SSL_SESSION *sess, + unsigned char *out, + size_t outlen + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_SESSION_set1_id ( + SSL_SESSION *s, + const unsigned char *sid, + unsigned int sid_len + ) +{ + ASSERT (FALSE); + return 0; +} + +long +SSL_ctrl ( + SSL *ssl, + int cmd, + long larg, + void *parg + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_do_handshake ( + SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +void +SSL_free ( + SSL *ssl + ) +{ + ASSERT (FALSE); + return; +} + +__owur X509 * +SSL_get_certificate ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur size_t +SSL_get_client_random ( + const SSL *ssl, + unsigned char *out, + size_t outlen + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur const SSL_CIPHER * +SSL_get_current_cipher ( + const SSL *s + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur int +SSL_get_error ( + const SSL *s, + int ret_code + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur size_t +SSL_get_server_random ( + const SSL *ssl, + unsigned char *out, + size_t outlen + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur SSL_SESSION * +SSL_get_session ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur SSL_CTX * +SSL_get_SSL_CTX ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur OSSL_HANDSHAKE_STATE +SSL_get_state ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_get_verify_mode ( + const SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur X509_VERIFY_PARAM * +SSL_get0_param ( + SSL *ssl + ) +{ + ASSERT (FALSE); + return NULL; +} + +int +SSL_is_init_finished ( + const SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_is_server ( + const SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +SSL * +SSL_new ( + SSL_CTX *ctx + ) +{ + ASSERT (FALSE); + return NULL; +} + +__owur int +SSL_read ( + SSL *ssl, + void *buf, + int num + ) +{ + ASSERT (FALSE); + return 0; +} + +void +SSL_set_bio ( + SSL *s, + BIO *rbio, + BIO *wbio + ) +{ + ASSERT (FALSE); + return; +} + +__owur int +SSL_set_cipher_list ( + SSL *s, + const char *str + ) +{ + ASSERT (FALSE); + return 0; +} + +void +SSL_set_connect_state ( + SSL *s + ) +{ + ASSERT (FALSE); + return; +} + +void +SSL_set_hostflags ( + SSL *s, + unsigned int flags + ) +{ + ASSERT (FALSE); + return; +} + +void +SSL_set_info_callback ( + SSL *ssl, + void ( *cb )(const SSL *ssl, int type, int val) + ) +{ + ASSERT (FALSE); + return; +} + +void +SSL_set_security_level ( + SSL *s, + int level + ) +{ + ASSERT (FALSE); + return; +} + +void +SSL_set_verify ( + SSL *s, + int mode, + SSL_verify_cb callback + ) +{ + ASSERT (FALSE); + return; +} + +int +SSL_shutdown ( + SSL *s + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_use_certificate ( + SSL *ssl, + X509 *x + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_version ( + const SSL *ssl + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur int +SSL_write ( + SSL *ssl, + const void *buf, + int num + ) +{ + ASSERT (FALSE); + return 0; +} + +__owur const SSL_METHOD * +TLS_client_method ( + void + ) +{ + ASSERT (FALSE); + return NULL; +} diff --git a/CryptoPkg/Private/Library/IntrinsicLib.h b/CryptoPkg/Private/L= ibrary/IntrinsicLib.h new file mode 100644 index 000000000000..69172a041949 --- /dev/null +++ b/CryptoPkg/Private/Library/IntrinsicLib.h @@ -0,0 +1,16 @@ +/** @file + InstrinsicLib class with intrinsic APIs generated by compilers. + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef INTRINSTIC_LIB_H_ +#define INTRINSTIC_LIB_H_ + +// +// Compiler dependent intrinsic APIs. +// + +#endif diff --git a/CryptoPkg/Private/Library/OpensslLib.h b/CryptoPkg/Private/Lib= rary/OpensslLib.h new file mode 100644 index 000000000000..005eb848724e --- /dev/null +++ b/CryptoPkg/Private/Library/OpensslLib.h @@ -0,0 +1,14 @@ +/** @file + OpensslLib class with APIs from the openssl project + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef OPENSSL_LIB_H_ +#define OPENSSL_LIB_H_ + +#include + +#endif --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95441): https://edk2.groups.io/g/devel/message/95441 Mute This Topic: https://groups.io/mt/94460298/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95442+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95442+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290936; cv=none; d=zohomail.com; s=zohoarc; b=NUpJT1ti801ciBnghOOaIl1Qpn+4B6hdR8bXNTyhw6ma+jqhHo+a167vTVEEhh7/5FsPEGpxyeNqu4VMJW3V1QCUsekOV6LVTvAIKIem5ocR84XPXNr9zAbI3nKhwmSBPajfJRWdpxpnpskFRrEBbQ8mAJtnqsToJ+TYLYgTnXU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290936; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=yjf5w1YRZbm68c4EtjYVj8Y+y79AhqOxjo1iEfZKvfU=; b=Vr+n2l2SHZ5ENukQ2E7M7a5ZtcRoOaujZjVOQXb3/a2pryduHG4CCh/cxpv8ba0jCKpIjfY088VDe09aOAkMlsX7jODuEdPmpv4lJyu7FLN49pw1qYxvYpr6a1U6oKDblTaeOgWvQAfPp9YWB9WIMz6GQtytX2xdLWPDZQPRjQk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95442+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 16662909367473.9107475320987533; Thu, 20 Oct 2022 11:35:36 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id uVQwYY1788612xHBaSSpaPDp; Thu, 20 Oct 2022 11:35:35 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:34 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523542" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523542" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:34 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427796" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427796" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:34 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 08/16] CryptoPkg/Library/OpensslLib: Remove PrintLib from INF files Date: Thu, 20 Oct 2022 11:35:02 -0700 Message-Id: <20221020183510.1799-9-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: UQvnTRurFGgVPHmNBc1fl8Zbx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290935; bh=/ASBi3fGDpfWvUVme7nfMb5bpNyFAybF5vP9d4FWzMY=; h=Cc:Date:From:Reply-To:Subject:To; b=vRUpKy4bpoHtgmmvmlqndCek+X84tWHaeacDLFJL+0hUlpAYu5vPGVMeOCG41odP64/ mB6URr3YvAi/QcU+3s9Lk0ggqwn7ULX3WlR5TX4NsjUELAM5gXRwPbCiYSF9/UxkrTdkx +V2XVG2C+twZ4UvinM8VAXmrnlAKcACkdNk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290937533100034 Content-Type: text/plain; charset="utf-8" The OpensslLib instances do not directly use any PrintLib services. Remove PrintLib from [LibraryClasses] sections of all OpensslLib INF files. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 1 - CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf | 1 - CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 1 - CryptoPkg/Library/OpensslLib/OpensslLibFull.inf | 1 - CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf | 1 - 5 files changed, 5 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Librar= y/OpensslLib/OpensslLib.inf index 615cd3757368..82ffe4ec2f8e 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -639,7 +639,6 @@ [LibraryClasses] BaseLib DebugLib RngLib - PrintLib =20 [LibraryClasses.ARM] ArmSoftFloatLib diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf b/CryptoPkg/L= ibrary/OpensslLib/OpensslLibAccel.inf index de3974885b2d..32eae4a79213 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf @@ -687,7 +687,6 @@ [LibraryClasses] BaseLib DebugLib RngLib - PrintLib =20 [BuildOptions] # diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/= Library/OpensslLib/OpensslLibCrypto.inf index dbb216437ca9..d02769428b86 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -640,7 +640,6 @@ [LibraryClasses] BaseLib DebugLib RngLib - PrintLib =20 [LibraryClasses.ARM] ArmSoftFloatLib diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf b/CryptoPkg/Li= brary/OpensslLib/OpensslLibFull.inf index 46794e479624..aa73265931f7 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf @@ -644,7 +644,6 @@ [LibraryClasses] BaseLib DebugLib RngLib - PrintLib =20 [LibraryClasses.ARM] ArmSoftFloatLib diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf b/CryptoP= kg/Library/OpensslLib/OpensslLibFullAccel.inf index 2a7aff30d7b4..6345b54bca4c 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf @@ -692,7 +692,6 @@ [LibraryClasses] BaseLib DebugLib RngLib - PrintLib =20 [BuildOptions] # --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95442): https://edk2.groups.io/g/devel/message/95442 Mute This Topic: https://groups.io/mt/94460299/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95443+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95443+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290936; cv=none; d=zohomail.com; s=zohoarc; b=fHrciMJrbXqcz8Bm2r1EF714alEaGcCmP1w7vPuu9cOgnMcuUvdScsLZGRECsc+DS/iX9hwEhUAz/4nLJA/0T/T380ftyDRwenBXDwrGeq1X/qQYpmlEtBIcdSPPw+xZ4/2NQDNlSBFWDVq79e91gnzCI2JRQ2jMVvjY0ASTV9E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290936; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=F8EhbJApWHwEeZVtPFC2Tv7QwDg9iXc7lF1eYJBH5KA=; b=GhgIX9FDm7ESF5wFZ3EM7oTGucEJtqgHYGgQVUOqgMnhzqLGIyFDqDN4IZkA8N4R80BtjI7jgnuIU0+fses4n+xwVouytYGXm6sV62MvQXPvl7eWfq+3ILWbyWWx0CtOGCnqtNttsXyyvXqR7PVLlEvoHon7HRxe4uyyNIgfp1A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95443+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290936389923.8797160338804; Thu, 20 Oct 2022 11:35:36 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id CDomYY1788612x6IHR9VcX93; Thu, 20 Oct 2022 11:35:36 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:35 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523546" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523546" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:35 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427802" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427802" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:34 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 09/16] CryptoPkg: Remove PcdOpensslEcEnabled from CryptoPkg.dec Date: Thu, 20 Oct 2022 11:35:03 -0700 Message-Id: <20221020183510.1799-10-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: IyuZR0ZTD62EdSdujplhLKJTx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290936; bh=PQmkGuyw96gVW0OtPoWe1CysN9gB1Wd0rRAdsaKqcRM=; h=Cc:Date:From:Reply-To:Subject:To; b=q+/qa2jaM3HY9URkIEtOp1Ug7989bnm5u/v2CU4qVLP50no42geRpr1FR9mbjhg4i6t ZI4bmZMX45wG0tUSHiimvJ9W/lloMb+fWmWax1WPxcq1uXIgKYygrLREVtEEDB2JIMCEW uMhllHUwfhWSZtnQJaNt+qcEPDQKGrWGeEs= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290937529100033 Content-Type: text/plain; charset="utf-8" Remove the PcdOpensslEcEnabled PCD that is no longer used. The EC feature is selected by using one of the OpensslLib instances that includes the EC features which are either OpensslLibFull.inf or OpensslLibFullAccel.inf. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- CryptoPkg/CryptoPkg.dec | 33 --------------------------------- 1 file changed, 33 deletions(-) diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec index f326c6324013..e20a5e9c38e3 100644 --- a/CryptoPkg/CryptoPkg.dec +++ b/CryptoPkg/CryptoPkg.dec @@ -90,38 +90,5 @@ [PcdsFixedAtBuild] # @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004, 0x00000008= , 0x00000010 gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x0000= 0001 =20 - ## Enable/Disable the ECC feature in openssl library. The default is dis= abled. - # If ECC feature is disabled, all related source files will not be comp= iled. - # @Prompt Enable/Disable ECC feature in openssl library - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled|FALSE|BOOLEAN|0x0000003 - # Set it to TRUE if: - # 1) Platform needs ECC in TLS, or asymmetric cryptography services such= as - # X509 certificate or PEM format data processing. - # 2) Platform needs to enable PcdCryptoServiceFamilyEnable.Ec service. - # Please note: - # ECC feature will cause a significant memory increase, approximate memo= ry impact - # in below table for reference by platform developers with FW size limit= ations. - # Uncompressed LZMA Compressed - # CPU CRYPTO_SERVICES Module EC=3DFALSE EC=3DTRUE EC=3DFALSE EC= =3DTRUE Increase - # =3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D= =3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=3D= =3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D - # IA32 NONE CryptoPei 21536 21568 = 0 KB - # IA32 NONE CryptoDxe 21632 21696 = 0 KB - # IA32 NONE CryptoSmm 22976 23072 = 0 KB - # IA32 MIN_PEI CryptoPei 248992 249120 = 0 KB - # IA32 MIN_DXE_MIN_SMM CryptoDxe 636672 829568 288520 401034 = 113 KB - # IA32 MIN_DXE_MIN_SMM CryptoSmm 426048 601472 191517 296022 = 105 KB - # IA32 ALL CryptoPei 423840 598976 189047 293759 = 104 KB - # IA32 ALL CryptoDxe 645280 838144 292955 405277 = 113 KB - # IA32 ALL CryptoSmm 441888 617184 198779 303628 = 105 KB - # X64 NONE CryptoPei 29632 29664 = 0 KB - # X64 NONE CryptoDxe 29792 29792 = 0 KB - # X64 NONE CryptoSmm 31296 31296 = 0 KB - # X64 MIN_PEI CryptoPei 310784 310848 = 0 KB - # X64 MIN_DXE_MIN_SMM CryptoDxe 804288 1016256 311436 426596 = 115 KB - # X64 MIN_DXE_MIN_SMM CryptoSmm 543776 733920 204483 310775 = 106 KB - # X64 ALL CryptoPei 540384 730240 202494 308467 = 106 KB - # X64 ALL CryptoDxe 815392 1027296 316228 431321 = 115 KB - # X64 ALL CryptoSmm 563648 753696 213488 319644 = 106 KB - [UserExtensions.TianoCore."ExtraFiles"] CryptoPkgExtra.uni --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95443): https://edk2.groups.io/g/devel/message/95443 Mute This Topic: https://groups.io/mt/94460300/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95444+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95444+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290937; cv=none; d=zohomail.com; s=zohoarc; b=VSVO8UKPX/hVlQvI4XgJ7pZzOpGoxHwhdpGNIHDDd+CenNoR1izu8MQqnhUcdpJJVXIZdjZkpeGdvQKoRSi4kQ3fwEN/4ysLblwvR4yUOugNhSvDpESa0Dwnsabl1KTi22IYJy8PXOVbDiuymUar3zKmRljUH2fBeayC9kmzaTY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290937; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=83rPgmuT7NovuJuioRI8hRQo9J7UeWPAl+iJxFLtgkA=; b=SSNoAohFFNN63TBNJomX57tA6aee8/yACQGET+q2BJJPZgbPLUlKw5vq1QhawUxx1/r83WP7XSs7OK8+A4GjYqseWWW3iwhL6L91QttEqNr3HzmogQcADUZDonXj1bRbuMsBKNAwc8YfEFArA4ONt/0zBHvXVmE6igAP0HK4pp8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95444+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290937679626.4893553724044; Thu, 20 Oct 2022 11:35:37 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id dPoHYY1788612xEa3qt5XRSI; Thu, 20 Oct 2022 11:35:37 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:36 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523548" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523548" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:35 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427811" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427811" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:35 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 10/16] CryptoPkg: Update DSC to improve CI test coverage Date: Thu, 20 Oct 2022 11:35:04 -0700 Message-Id: <20221020183510.1799-11-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: hfe8Myd9yTQt6QlKGAEnG3vLx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290937; bh=AWjPdu8nDpycjwZ//s6Llk9Rw1IbXHKLcOQaCHvApqU=; h=Cc:Date:From:Reply-To:Subject:To; b=SpPb5k2rEQbqPntLAVL/b7YMkqa6tRGGd1VIMExaWhwge6efgI4XWWolj44yL1ocrCS k/jzI86EWt5ZaOW1FVKmD93vxXqK5ChXZBPXVWIRSQxpp7CJNmyn5uwPq+gtfCZIAuI9w 4L5Yts6fpeMSlzkB9oMaWjF442325nI7pOU= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290939615100045 Content-Type: text/plain; charset="utf-8" With the addition of EC services and performance optimized versions of the OpensslLib for IA32/X64, the CryptoPkg.dsc file is updated to make sure all combinations are covered in CI builds. * Use different output directory for each CRYPTO_SERVICES profile. * Add FILE_GUID define names for CryptoPei, CryptoDxe, and CryptoSmm when they are linked with different OpensslLib instances. * Update CryptoPei, CryptoDxe, CryptoSmm builds to include all combinations of OpensslLib library instances supported by each CPU architecture. * Add TARGET_UINT_TESTS profile to CryptoPkg.dsc to build only the target-based unit tests. This reduces the size of CryptoPkg components not related to unit testing by removing unit test specific assert handlers. Build target-based unit tests using OpensslLibFull.inf and OpensslLibFullAccel.inf. * Remove the PACKAGE profile and instead make the ALL profile the default for CI testing that enables all services for all modules. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- CryptoPkg/CryptoPkg.dsc | 428 ++++++++++++++++++++++++++++++++-------- 1 file changed, 345 insertions(+), 83 deletions(-) diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 032b9e637737..3b245979c34c 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -19,17 +19,14 @@ [Defines] PLATFORM_GUID =3D E1063286-6C8C-4c25-AEF0-67A9A5B6E6B6 PLATFORM_VERSION =3D 0.98 DSC_SPECIFICATION =3D 0x00010005 - OUTPUT_DIRECTORY =3D Build/CryptoPkg SUPPORTED_ARCHITECTURES =3D IA32|X64|ARM|AARCH64|RISCV64|LOONGARC= H64 BUILD_TARGETS =3D DEBUG|RELEASE|NOOPT SKUID_IDENTIFIER =3D DEFAULT =20 # # Flavor of PEI, DXE, SMM modules to build. - # Must be one of ALL, NONE, MIN_PEI, MIN_DXE_MIN_SMM. + # Must be one of ALL, NONE, MIN_PEI, MIN_DXE_MIN_SMM, TARGET_UINT_TESTS. # Default is ALL that is used for package build verification. - # PACKAGE - Package verification build of all components. Null - # versions of libraries are used to minimize build t= imes. # ALL - Build PEIM, DXE, and SMM drivers. Protocols and P= PIs # publish all services. # NONE - Build PEIM, DXE, and SMM drivers. Protocols and P= PIs @@ -39,14 +36,56 @@ [Defines] # services. # MIN_DXE_MIN_SMM - Build DXE and SMM drivers with Protocols that publ= ish # minimum required services. + # TARGET_UNIT_TESTS - Build target-based unit tests # - DEFINE CRYPTO_SERVICES =3D PACKAGE -!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_PEI MIN_DXE_MIN_SMM" + DEFINE CRYPTO_SERVICES =3D ALL +!if $(CRYPTO_SERVICES) IN "ALL NONE MIN_PEI MIN_DXE_MIN_SMM TARGET_UNIT_TE= STS" !else - !error CRYPTO_SERVICES must be set to one of PACKAGE ALL NONE MIN_PEI MI= N_DXE_MIN_SMM. + !error CRYPTO_SERVICES must be set to one of ALL NONE MIN_PEI MIN_DXE_MI= N_SMM TARGET_UNIT_TESTS. !endif =20 +# +# Define different OUTPUT_DIRECTORY for each CRYPTO_SERVICES profile +# +!if $(CRYPTO_SERVICES) =3D=3D ALL + OUTPUT_DIRECTORY =3D Build/CryptoPkg/All +!endif +!if $(CRYPTO_SERVICES) =3D=3D NONE + OUTPUT_DIRECTORY =3D Build/CryptoPkg/None +!endif +!if $(CRYPTO_SERVICES) =3D=3D MIN_PEI + OUTPUT_DIRECTORY =3D Build/CryptoPkg/MinPei +!endif +!if $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM + OUTPUT_DIRECTORY =3D Build/CryptoPkg/MinDxeMinSmm +!endif +!if $(CRYPTO_SERVICES) =3D=3D TARGET_UNIT_TESTS + OUTPUT_DIRECTORY =3D Build/CryptoPkg/TagetUnitTests +!endif + +# +# Define FILE_GUID names/values for CryptoPei, CryptopDxe, and CryptoSmm +# drivers that are linked with different OpensslLib instances +# + DEFINE PEI_CRYPTO_GUID =3D C693A250-6B36-49B9-B7F3-7283F8136A72 + DEFINE PEI_STD_GUID =3D EBD49F5C-6D8B-40D1-A56D-9AFA485A8661 + DEFINE PEI_FULL_GUID =3D D51FCE59-6860-49C0-9B35-984470735D17 + DEFINE PEI_STD_ACCEL_GUID =3D DCC9CB49-7BE2-47C6-864E-6DCC932360F9 + DEFINE PEI_FULL_ACCEL_GUID =3D A10827AD-7598-4955-B661-52EE2B62B057 + DEFINE DXE_CRYPTO_GUID =3D 31C17C54-325D-47D5-8622-888098F10E44 + DEFINE DXE_STD_GUID =3D ADD6D05A-52A2-437B-98E7-DBFDA89352CD + DEFINE DXE_FULL_GUID =3D AA83B296-F6EA-447F-B013-E80E98629CF8 + DEFINE DXE_STD_ACCEL_GUID =3D 9FBDAD27-910C-4229-9EFF-A93BB5FE18C6 + DEFINE DXE_FULL_ACCEL_GUID =3D 41A491D1-A972-468B-A299-DABF415A43B7 + DEFINE SMM_CRYPTO_GUID =3D 1A1C9E13-5722-4636-AB73-31328EDE8BAF + DEFINE SMM_STD_GUID =3D E4D7D1E3-E886-4412-A442-EFD6F2502DD3 + DEFINE SMM_FULL_GUID =3D 1930CE7E-6598-48ED-8AB1-EBE7E85EC254 + DEFINE SMM_STD_ACCEL_GUID =3D 828959D3-CEA6-4B79-B1FC-5AFA0D7F2144 + DEFINE SMM_FULL_ACCEL_GUID =3D C1760694-AB3A-4532-8C6D-52D8F86EB1AA + +!if $(CRYPTO_SERVICES) =3D=3D TARGET_UNIT_TESTS !include UnitTestFrameworkPkg/UnitTestFrameworkPkgTarget.dsc.inc +!endif =20 ##########################################################################= ###### # @@ -59,17 +98,24 @@ [Defines] [LibraryClasses] BaseLib|MdePkg/Library/BaseLib/BaseLib.inf BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf - PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf - DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf - UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBoo= tServicesTableLib.inf - UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntry= Point.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf - TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf - HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf - RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf + DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchroniza= tionLib.inf + TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat= e.inf + RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf + PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf + DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebug= LibReportStatusCode.inf + DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf + OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHo= okStatusCodeLibNull.inf + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + +[LibraryClasses.IA32, LibraryClasses.X64, LibraryClasses.AARCH64] + RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf =20 [LibraryClasses.ARM, LibraryClasses.AARCH64] + ArmLib|ArmPkg/Library/ArmLib/ArmBaseLib.inf # # It is not possible to prevent the ARM compiler for generic intrinsic f= unctions. # This library provides the instrinsic functions generate by a given com= piler. @@ -81,41 +127,19 @@ [LibraryClasses.ARM, LibraryClasses.AARCH64] # Add support for stack protector NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf =20 -[LibraryClasses.common.PEIM] - PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf - MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAlloc= ationLib.inf - PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/Pei= ServicesTablePointerLib.inf - PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf - HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf - -[LibraryClasses.common.DXE_SMM_DRIVER] - SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableL= ib.inf - MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAlloc= ationLib.inf - MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.= inf - -!if $(CRYPTO_SERVICES) IN "ALL NONE MIN_PEI MIN_DXE_MIN_SMM" -[LibraryClasses] - MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAll= ocationLib.inf - DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebug= LibReportStatusCode.inf - DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseD= ebugPrintErrorLevelLib.inf - OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHo= okStatusCodeLibNull.inf - PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf - DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf - PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf - TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat= e.inf - UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/U= efiRuntimeServicesTableLib.inf #??? - IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf = #??? - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf - SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf - [LibraryClasses.ARM] ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf =20 [LibraryClasses.common.SEC] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf =20 [LibraryClasses.common.PEIM] + PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf + PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/Pei= ServicesTablePointerLib.inf + PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf + MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAlloc= ationLib.inf + HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiRepor= tStatusCodeLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -124,19 +148,34 @@ [LibraryClasses.common.PEIM] [LibraryClasses.IA32.PEIM, LibraryClasses.X64.PEIM] PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/= PeiServicesTablePointerLibIdt.inf =20 -[LibraryClasses.ARM.PEIM, LibraryClasses.AARCH64.PEIM] - PeiServicesTablePointerLib|ArmPkg/Library/PeiServicesTablePointerLib/Pei= ServicesTablePointerLib.inf - [LibraryClasses.common.DXE_DRIVER] + UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntry= Point.inf + UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBoo= tServicesTableLib.inf + UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/U= efiRuntimeServicesTableLib.inf + MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAll= ocationLib.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRepor= tStatusCodeLib.inf + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf =20 [LibraryClasses.common.DXE_SMM_DRIVER] + UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntry= Point.inf + UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBoo= tServicesTableLib.inf + SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableL= ib.inf + MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.= inf + MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAlloc= ationLib.inf ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/SmmRepor= tStatusCodeLib.inf + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf -!endif + +[LibraryClasses.common.UEFI_APPLICATION] + UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiA= pplicationEntryPoint.inf + UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBoo= tServicesTableLib.inf + UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/U= efiRuntimeServicesTableLib.inf + MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAll= ocationLib.inf + ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseRepor= tStatusCodeLibNull.inf + PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf =20 ##########################################################################= ###### # @@ -148,7 +187,12 @@ [PcdsFixedAtBuild] gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000000 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x06 =20 -!if $(CRYPTO_SERVICES) IN "PACKAGE ALL" +# +# For ALL and TARGET_UINT_TESTS profiles, enable all non-deprecated famili= es +# and services in PcdCryptoServiceFamilyEnable. +# +!if $(CRYPTO_SERVICES) IN "ALL TARGET_UINT_TESTS" +[PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY @@ -177,7 +221,12 @@ [PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY !endif =20 +# +# Enable minimum set of families/services in PcdCryptoServiceFamilyEnable +# required by typical PEI phase. +# !if $(CRYPTO_SERVICES) =3D=3D MIN_PEI +[PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY @@ -192,7 +241,12 @@ [PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE !endif =20 +# +# Enable minimum set of families/services in PcdCryptoServiceFamilyEnable +# required by typical DXE and SMM phases. +# !if $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM +[PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs1v2Encrypt | TRUE @@ -244,12 +298,61 @@ [PcdsFixedAtBuild] # generated for it, but the binary will not be put into any firmware= volume. # ##########################################################################= ######################### -[Components] - CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf - CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf =20 -!if $(CRYPTO_SERVICES) =3D=3D PACKAGE +# +# If profile is TARGET_UNIT_TESTS, then build target-based unit tests +# using the OpensslLib, BaseCryptLib, and TlsLib with the largest set of +# available services. +# +!if $(CRYPTO_SERVICES) =3D=3D TARGET_UNIT_TESTS +[Components.IA32, Components.X64, Components.ARM, Components.AARCH64] + # + # Target based unit tests + # + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf { + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + + MSFT:*_*_*_DLINK_FLAGS =3D /ALIGN:4096 /FILEALIGN:4096 /SUBSYSTE= M:CONSOLE + MSFT:DEBUG_*_*_DLINK_FLAGS =3D /EXPORT:InitializeDriver=3D$(IMAGE_EN= TRY_POINT) /BASE:0x10000 + MSFT:DEBUG_*_*_DLINK_FLAGS =3D /EXPORT:InitializeDriver=3D$(IMAGE_EN= TRY_POINT) /BASE:0x10000 + MSFT:NOOPT_*_*_DLINK_FLAGS =3D /EXPORT:InitializeDriver=3D$(IMAGE_EN= TRY_POINT) /BASE:0x10000 + } + +[Components.IA32, Components.X64] + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf { + + FILE_GUID =3D B91B9A95-4D52-4501-A98F-A1711C14ED93 + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + + MSFT:*_*_*_DLINK_FLAGS =3D /ALIGN:4096 /FILEALIGN:4096 /SUBSYSTE= M:CONSOLE + MSFT:DEBUG_*_*_DLINK_FLAGS =3D /EXPORT:InitializeDriver=3D$(IMAGE_EN= TRY_POINT) /BASE:0x10000 + MSFT:DEBUG_*_*_DLINK_FLAGS =3D /EXPORT:InitializeDriver=3D$(IMAGE_EN= TRY_POINT) /BASE:0x10000 + MSFT:NOOPT_*_*_DLINK_FLAGS =3D /EXPORT:InitializeDriver=3D$(IMAGE_EN= TRY_POINT) /BASE:0x10000 + } + +[Components.RISCV64] + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf { + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + } +!endif + +# +# If profile is ALL, then do verification build of all library instances. +# +!if $(CRYPTO_SERVICES) =3D=3D ALL [Components] + # + # Build verification of all library instances + # CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -259,59 +362,218 @@ [Components] CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf CryptoPkg/Library/TlsLib/TlsLib.inf CryptoPkg/Library/TlsLibNull/TlsLibNull.inf - CryptoPkg/Library/OpensslLib/OpensslLib.inf CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + CryptoPkg/Library/OpensslLib/OpensslLib.inf + CryptoPkg/Library/OpensslLib/OpensslLibFull.inf CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf - CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf + # + # Build verification of target-based unit tests + # + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf { + + UnitTestLib|UnitTestFrameworkPkg/Library/UnitTestLib/UnitTestLib.inf + UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersiste= nceLibNull/UnitTestPersistenceLibNull.inf + UnitTestResultReportLib|UnitTestFrameworkPkg/Library/UnitTestResultR= eportLib/UnitTestResultReportLibConOut.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + } + +[Components.IA32, Components.X64] + # + # Build verification of IA32/X64 specific libraries + # + CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf + CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf !endif =20 -!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_PEI" +# +# If profile is ALL or NONE or MIN_PEI, then build CryptoPei with all supp= orted +# OpensslLib instances. +# +!if $(CRYPTO_SERVICES) in "ALL NONE MIN_PEI" +[Components] + # + # CryptoPei with OpensslLib instance without SSL or EC services + # + CryptoPkg/Driver/CryptoPei.inf { + + FILE_GUID =3D $(PEI_CRYPTO_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + } + # + # CryptoPei with OpensslLib instance without EC services + # + CryptoPkg/Driver/CryptoPei.inf { + + FILE_GUID =3D $(PEI_STD_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + } [Components.IA32, Components.X64, Components.ARM, Components.AARCH64] + # + # CryptoPei with OpensslLib instance with all services + # + CryptoPkg/Driver/CryptoPei.inf { + + FILE_GUID =3D $(PEI_FULL_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf + } + +[Components.IA32, Components.X64] + # + # CryptoPei with IA32/X64 performance optimized OpensslLib instance with= out EC services + # IA32/X64 assembly optimizations required larger alignments + # CryptoPkg/Driver/CryptoPei.inf { - !if $(CRYPTO_SERVICES) =3D=3D ALL - FILE_GUID =3D 8DF53C2E-3380-495F-A8B7-370CFE28E1C6 - !elseif $(CRYPTO_SERVICES) =3D=3D NONE - FILE_GUID =3D E5A97EE3-71CC-407F-9DA9-6BE0C8A6C7DF - !elseif $(CRYPTO_SERVICES) =3D=3D MIN_PEI - FILE_GUID =3D 0F5827A9-35FD-4F41-8D38-9BAFCE594D31 - !endif + FILE_GUID =3D $(PEI_STD_ACCEL_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf + + MSFT:*_*_IA32_DLINK_FLAGS =3D /ALIGN:64 + MSFT:*_*_X64_DLINK_FLAGS =3D /ALIGN:256 + } + + # + # CryptoPei with IA32/X64 performance optimized OpensslLib instance all = services + # IA32/X64 assembly optimizations required larger alignments + # + CryptoPkg/Driver/CryptoPei.inf { + + FILE_GUID =3D $(PEI_FULL_ACCEL_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf + + MSFT:*_*_IA32_DLINK_FLAGS =3D /ALIGN:64 + MSFT:*_*_X64_DLINK_FLAGS =3D /ALIGN:256 } !endif =20 -!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_DXE_MIN_SMM" -[Components.IA32, Components.X64, Components.AARCH64] +# +# If profile is ALL or NONE or MIN_DXE_MIN_SMM, then build CryptoDxe and +# CryptoSmm using all supported OpensslLib instances. +# +!if $(CRYPTO_SERVICES) in "ALL NONE MIN_DXE_MIN_SMM" +[Components] + # + # CryptoDxe with OpensslLib instance with no SSL or EC services + # CryptoPkg/Driver/CryptoDxe.inf { - !if $(CRYPTO_SERVICES) =3D=3D ALL - FILE_GUID =3D D9444B06-060D-42C5-9344-F04707BE0169 - !elseif $(CRYPTO_SERVICES) =3D=3D NONE - FILE_GUID =3D C7A340F4-A6CC-4F95-A2DA-42BEA4C3944A - !elseif $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM - FILE_GUID =3D DDF5BE9E-159A-4B77-B6D7-82B84B5763A2 - !endif + FILE_GUID =3D $(DXE_CRYPTO_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + } + # + # CryptoDxe with OpensslLib instance with no EC services + # + CryptoPkg/Driver/CryptoDxe.inf { + + FILE_GUID =3D $(DXE_STD_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + } +[Components.IA32, Components.X64, Components.ARM, Components.AARCH64] + # + # CryptoDxe with OpensslLib instance with all services + # + CryptoPkg/Driver/CryptoDxe.inf { + + FILE_GUID =3D $(DXE_FULL_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf } =20 [Components.IA32, Components.X64] + # + # CryptoDxe with IA32/X64 performance optimized OpensslLib instance with= no EC services + # with TLS feature enabled. + # IA32/X64 assembly optimizations required larger alignments + # + CryptoPkg/Driver/CryptoDxe.inf { + + FILE_GUID =3D $(DXE_STD_ACCEL_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf + + MSFT:*_*_IA32_DLINK_FLAGS =3D /ALIGN:64 + MSFT:*_*_X64_DLINK_FLAGS =3D /ALIGN:256 + } + # + # CryptoDxe with IA32/X64 performance optimized OpensslLib instance with= all services. + # IA32/X64 assembly optimizations required larger alignments + # + CryptoPkg/Driver/CryptoDxe.inf { + + FILE_GUID =3D $(DXE_FULL_ACCEL_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf + + MSFT:*_*_IA32_DLINK_FLAGS =3D /ALIGN:64 + MSFT:*_*_X64_DLINK_FLAGS =3D /ALIGN:256 + } + # + # CryptoSmm with OpensslLib instance with no SSL or EC services + # + CryptoPkg/Driver/CryptoSmm.inf { + + FILE_GUID =3D $(SMM_CRYPTO_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf + } + # + # CryptoSmm with OpensslLib instance with no SSL services + # + CryptoPkg/Driver/CryptoSmm.inf { + + FILE_GUID =3D $(SMM_STD_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + } + # + # CryptoSmm with OpensslLib instance with no all services + # + CryptoPkg/Driver/CryptoSmm.inf { + + FILE_GUID =3D $(SMM_FULL_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf + } + # + # CryptoSmm with IA32/X64 performance optimized OpensslLib instance with= no EC services + # IA32/X64 assembly optimizations required larger alignments + # + CryptoPkg/Driver/CryptoSmm.inf { + + FILE_GUID =3D $(SMM_STD_ACCEL_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf + + MSFT:*_*_IA32_DLINK_FLAGS =3D /ALIGN:64 + MSFT:*_*_X64_DLINK_FLAGS =3D /ALIGN:256 + } + # + # CryptoSmm with IA32/X64 performance optimized OpensslLib instance with= all services + # IA32/X64 assembly optimizations required larger alignments + # CryptoPkg/Driver/CryptoSmm.inf { - !if $(CRYPTO_SERVICES) =3D=3D ALL - FILE_GUID =3D A3542CE8-77F7-49DC-A834-45D37D2EC1FA - !elseif $(CRYPTO_SERVICES) =3D=3D NONE - FILE_GUID =3D 6DCB3127-01E7-4131-A487-DC77A965A541 - !elseif $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM - FILE_GUID =3D 85F7EA15-3A2B-474A-8875-180542CD6BF3 - !endif + FILE_GUID =3D $(SMM_FULL_ACCEL_GUID) + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf + + MSFT:*_*_IA32_DLINK_FLAGS =3D /ALIGN:64 + MSFT:*_*_X64_DLINK_FLAGS =3D /ALIGN:256 } !endif =20 [BuildOptions] + RELEASE_*_*_CC_FLAGS =3D -DMDEPKG_NDEBUG *_*_*_CC_FLAGS =3D -D DISABLE_NEW_DEPRECATED_INTERFACES -!if $(CRYPTO_SERVICES) IN "PACKAGE ALL" - MSFT:*_*_*_CC_FLAGS =3D /D ENABLE_MD5_DEPRECATED_INTERFACES - INTEL:*_*_*_CC_FLAGS =3D /D ENABLE_MD5_DEPRECATED_INTERFACES - GCC:*_*_*_CC_FLAGS =3D -D ENABLE_MD5_DEPRECATED_INTERFACES -!endif --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95444): https://edk2.groups.io/g/devel/message/95444 Mute This Topic: https://groups.io/mt/94460302/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95445+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95445+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290938; cv=none; d=zohomail.com; s=zohoarc; b=l/j8LP3LFE4/pH0EA2E/We1VQhzU/6SR62nrwc4KqKNE4OcPtT2g57WD+tvg4BEFK1a+x65ON7KDeBBsrBndgsoNfF6y6G1s8bxT6Rq/VE0KuH/yuXjyJhxXHNo8L76Gw0VEhNZSImESg1LCDkr3aEzpI/TJBU0pVPrQIf+h3IY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290938; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Pkgz1oqQpL5O4KGKMqTNorC+/Pf8Eurm/pGMiiNGpd8=; b=R5gbz4cTdtWFSYFwJXnHtvCv1JfNHIvqKMA6czwgq80FSFA0FFzJOS3SiJWsck/yDzBcSP3nODgK5Obp5KhlVXJPuZsg4Kb+Bk0M2p0NJl/XKyf2zngpPYFj/cRqxuhkyhfGbcbKQ+/PE7gSVTtSgIW+Lp/ER4YeAxb0OOWUyYc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95445+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290938049337.4685864566004; Thu, 20 Oct 2022 11:35:38 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id FQmjYY1788612xaVwXCULF6o; Thu, 20 Oct 2022 11:35:37 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:36 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523551" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523551" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:36 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427826" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427826" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:35 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 11/16] CryptoPkg: Fixed host-based unit tests Date: Thu, 20 Oct 2022 11:35:05 -0700 Message-Id: <20221020183510.1799-12-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: DRIiiFzqJ3VTD4kuxkfsiqrBx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290937; bh=rUb9PZJ060ijIJVldTeUmrfDLpiNoZ+rcV3/OCmd+3o=; h=Cc:Date:From:Reply-To:Subject:To; b=e/AhSBhsAHnzHyyHpS1RXQVuIUEs0AxRx6aiZICD3HE02i/8fFh0m+xVb7v8c4k6aLq SCycbBKB4b/vcBd30U2ZsyaDemh/jqA3RYeQAKdJzj4ZBYzKItXF0Yksz1OgxuJqoSL5g GkxD2qg7ugHqwSDAJgpLAioodxYn88CNymw= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290939561100042 Content-Type: text/plain; charset="utf-8" * Build host-based tests using OpensslLib instance with all services enabled. * Build host-based tests using performance optimized OpensslLib instance with all services enabled. * Remove unused PCD gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled * Remove redundant and unnecessary [BuildOptions] * Limit host-based unit tests to only IA32/X64 Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 22 ++------ CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 17 ++---- .../TestBaseCryptLibHostAccel.inf | 56 +++++++++++++++++++ 3 files changed, 68 insertions(+), 27 deletions(-) create mode 100644 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCr= yptLibHostAccel.inf diff --git a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf b/= CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf index 168e24e4c041..80261794470f 100644 --- a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf @@ -18,7 +18,7 @@ [Defines] # # The following information is for reference only and not required by the = build tools. # -# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 +# VALID_ARCHITECTURES =3D IA32 X64 # =20 [Sources] @@ -28,6 +28,7 @@ [Sources] Hash/CryptSha256.c Hash/CryptSha512.c Hash/CryptSm3.c + Hash/CryptParallelHashNull.c Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c @@ -48,8 +49,7 @@ [Sources] Pk/CryptRsaPss.c Pk/CryptRsaPssSign.c Bn/CryptBn.c - Pk/CryptEcNull.c |*|*|*|!gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnab= led - Pk/CryptEc.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled + Pk/CryptEc.c =20 SysCall/UnitTestHostCrtWrapper.c =20 @@ -59,12 +59,6 @@ [Sources.Ia32] [Sources.X64] Rand/CryptRandTsc.c =20 -[Sources.ARM] - Rand/CryptRand.c - -[Sources.AARCH64] - Rand/CryptRand.c - [Packages] MdePkg/MdePkg.dec CryptoPkg/CryptoPkg.dec @@ -75,9 +69,7 @@ [LibraryClasses] MemoryAllocationLib DebugLib OpensslLib - -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled + PrintLib =20 # # Remove these [BuildOptions] after this library is cleaned up @@ -85,11 +77,9 @@ [FixedPcd] [BuildOptions] # # suppress the following warnings so we do not break the build with warn= ings-as-errors: - # C4090: 'function' : different 'const' qualifiers - # C4018: '>': signed/unsigned mismatch - MSFT:*_*_*_CC_FLAGS =3D /wd4090 /wd4018 - + # GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99 GCC:*_CLANG38_*_CC_FLAGS =3D -std=3Dc99 + GCC:*_CLANGPDB_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Dincompatible-point= er-types =20 XCODE:*_*_*_CC_FLAGS =3D -std=3Dc99 diff --git a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc b/CryptoPkg/Test/Cryp= toPkgHostUnitTest.dsc index b6e1a6619844..369a1cb69939 100644 --- a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc +++ b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc @@ -19,19 +19,13 @@ [Defines] =20 !include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc =20 -[PcdsFixedAtBuild] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled|TRUE - [LibraryClasses] - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.= inf SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchroniza= tionLib.inf TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat= e.inf =20 -[LibraryClasses.AARCH64, LibraryClasses.ARM] - RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf - [LibraryClasses.X64, LibraryClasses.IA32] RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf =20 @@ -40,9 +34,10 @@ [Components] # Build HOST_APPLICATION that tests the SampleUnitTest # CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHostAccel.i= nf { + + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf + } =20 [BuildOptions] - *_*_*_CC_FLAGS =3D -D DISABLE_NEW_DEPRECATED_INTERFACES - MSFT:*_*_*_CC_FLAGS =3D /D ENABLE_MD5_DEPRECATED_INTERFACES - INTEL:*_*_*_CC_FLAGS =3D /D ENABLE_MD5_DEPRECATED_INTERFACES - GCC:*_*_*_CC_FLAGS =3D -D ENABLE_MD5_DEPRECATED_INTERFACES + *_*_*_CC_FLAGS =3D -D DISABLE_NEW_DEPRECATED_INTERFACES diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibH= ostAccel.inf b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLi= bHostAccel.inf new file mode 100644 index 000000000000..9d0fcfd3577c --- /dev/null +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHostAcce= l.inf @@ -0,0 +1,56 @@ +## @file +# Host-based UnitTest for BaseCryptLib +# +# Copyright (c) Microsoft Corporation.
+# Copyright (c) 2022, Intel Corporation. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D BaseCryptLibUnitTestHostAccel + FILE_GUID =3D B1AED64E-B53A-4D69-B0BA-60EEDAC47A6B + MODULE_TYPE =3D HOST_APPLICATION + VERSION_STRING =3D 1.0 + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 +# + +[Sources] + UnitTestMain.c + BaseCryptLibUnitTests.c + TestBaseCryptLib.h + HashTests.c + HmacTests.c + BlockCipherTests.c + RsaTests.c + RsaPkcs7Tests.c + Pkcs5Pbkdf2Tests.c + AuthenticodeTests.c + TSTests.c + DhTests.c + RandTests.c + Pkcs7EkuTests.c + OaepEncryptTests.c + RsaPssTests.c + ParallelhashTests.c + HkdfTests.c + AeadAesGcmTests.c + BnTests.c + EcTests.c + X509Tests.c + +[Packages] + MdePkg/MdePkg.dec + CryptoPkg/CryptoPkg.dec + +[LibraryClasses] + BaseLib + DebugLib + BaseCryptLib + UnitTestLib + MmServicesTableLib + SynchronizationLib --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95445): https://edk2.groups.io/g/devel/message/95445 Mute This Topic: https://groups.io/mt/94460303/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95446+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95446+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290939; cv=none; d=zohomail.com; s=zohoarc; b=EETleWaeGbDg2rL4R7ASYfJG42Mtqw28Bl+bY/wlsU1Oe5dDAPjC9PHPQdOn8tOa7hwgZqMY5ASQSW94uf1BD5pj+2BPpuXTFK2GoDDy5RFOkum9VwlDkTiGAiqjfrV+vR4EC8LXwR4rDrPO9+S0V7l09JSfr6TqmTUC7mHWqS4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290939; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=VZ6D6K+GUglQ9tMXtpsn7mrJ14ETRN8VlVrysdVSRLw=; b=TjNZrsfq0FcRcnBPx69+C9LNvgQXIx9boAp+biUsIiJUMsE9usC/uUWohGIGYHWMnobg2mk2n22gcOgfCq8+XaY3sAkOH9Pkx9zN9FXjyoHshNL8Wd6/CtIVJxQtyTSk59aydsFzpIxXVmUXNKzl70FxLUP8XGFZ8kr5+l3kIOs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95446+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290939366571.8082491116697; Thu, 20 Oct 2022 11:35:39 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id EZCJYY1788612xAr8xEZt8TS; Thu, 20 Oct 2022 11:35:38 -0700 X-Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web08.1101.1666290937134825888 for ; Thu, 20 Oct 2022 11:35:37 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523552" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523552" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:36 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427838" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427838" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:36 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 12/16] CryptoPkg: Add Readme.md Date: Thu, 20 Oct 2022 11:35:06 -0700 Message-Id: <20221020183510.1799-13-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: gwhpuh1M6DRIurHU2TlW5OYBx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290938; bh=WlwLUPqVeyAK8vfa76KpZkl5sr3XrQLnv5DkTGwFQbo=; h=Cc:Date:From:Reply-To:Subject:To; b=WqDxaYHtYeHEHgkifV5LM5lMzMbdAAk+DqZDmSjh+WTKNbKEwTJhjxoJ+VvbRYhmYj+ mJO51XLlO7ANqFJvAr8EW1xHSnzxQR+MEvssEQ/FydfgJILsEinDW4tznWasAXhPZsWMM 4Yu2XI3e4di5kALt/bGI30qc80JL0edVZOY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290941582100051 Content-Type: text/plain; charset="utf-8" Add Readme.md that provides an overview of the CryptoPkg and how to configure the use of cryptographic services in a platform. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Signed-off-by: Michael D Kinney --- CryptoPkg/Readme.md | 498 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 498 insertions(+) create mode 100644 CryptoPkg/Readme.md diff --git a/CryptoPkg/Readme.md b/CryptoPkg/Readme.md new file mode 100644 index 000000000000..946aa1e99e7d --- /dev/null +++ b/CryptoPkg/Readme.md @@ -0,0 +1,498 @@ +# Crypto Package + +This package provides cryptographic services that are used to implement fi= rmware +features such as UEFI Secure Boot, Measured Boot, firmware image authentic= ation, +and network boot. The cryptographic service implementation in this package= uses +services from the [OpenSSL](https://www.openssl.org/) project. + +EDK II firmware modules/libraries that requires the use of cryptographic +services can either statically link all the required services, or the EDK = II +firmware module/library can use a dynamic Protocol/PPI service to call +cryptographic services. The dynamic Protocol/PPI services are only availab= le to +PEIMs, DXE Drivers, UEFI Drivers, and SMM Drivers, and only if the cryptog= raphic +modules are included in the platform firmware image. + +There may be firmware image size differences between the static and dynamic +options. Some experimentation may be required to find the solution that +provides the smallest overall firmware overhead. + +# Public Library Classes + +* **BaseCryptLib** - Provides library functions for cryptographic primitiv= es. +* **TlsLib** - Provides TLS library functions for EFI TLS protocol. +* **HashApiLib** - Provides Unified API for different hash implementatio= ns. + +# Private Library Classes + +* **OpensslLib** - Provides library functions from the openssl project. +* **IntrinsicLib** - Provides C runtime library (CRT) required by openssl. + +# Private Protocols and PPIs + +* **EDK II Crypto PPI** - PPI that provides all the services from + the BaseCryptLib and TlsLib library cla= sses. +* **EDK II Crypto Protocol** - Protocol that provides all the services= from + the BaseCryptLib and TlsLib library cla= sses. +* **EDK II SMM Crypto Protocol** - SMM Protocol that provides all the serv= ices + from the BaseCryptLib and TlsLib library + classes. + +## Statically Linking Cryptographic Services + +The figure below shows an example of a firmware modules that requires the = use of +cryptographic services. The cryptographic services are provided by three l= ibrary +classes called BaseCryptLib, TlsLib, and HashApiLib. These library classes= are +implemented using APIs from the OpenSSL project that are abstracted by the +private library class called OpensslLib. The OpenSSL project implementation +depends on C runtime library services. The EDK II project does not provide= a +full C runtime library for firmware components. Instead, the CryptoPkg inc= ludes +the smallest subset of services required to build the OpenSSL project in t= he +private library class called IntrinsicLib. + +The CryptoPkg provides several instances if the BaseCryptLib and OpensslLi= b with +different cryptographic service features and performance optimizations. The +platform developer must select the correct instances based on cryptographic +service requirements in each UEFI/PI firmware phase (SEC, PEI, DXE, UEFI, +UEFI RT, and SMM), firmware image size requirements, and firmware boot +performance requirements. + +``` ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D+ +| EDK II Firmware Module/Library | ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D+ + ^ ^ ^ + | | | + | | v + | | +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ + | | | HashApiLib | + | | +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ + | | ^ + | | | + v v v ++=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D+ +| TlsLib | | BaseCryptLib | ++=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D+ + ^ ^ + | | + v v ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D+ +| OpensslLib (Private) | ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D+ + ^ + | + v ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D+ +| IntrinsicLib (Private) | ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D+ +``` + +## Dynamically Linking Cryptographic Services + +The figure below shows the entire stack when dynamic linking is used with +cryptographic services produced by the CryptoPei, CryptoDxe, or CryptoSmm = module +through a PPI/Protocol. This solution requires the CryptoPei, CryptoDxe, a= nd +CryptoSmm modules to be configured with the set of cryptographic services +required by all the PEIMs, DXE Drivers, UEFI Drivers, and SMM Drivers. Dyn= amic +linking is not available for SEC or UEFI RT modules. + +The EDK II modules/libraries that require cryptographic services use the s= ame +BaseCryptLib/TlsLib/HashApiLib APIs. This means no source changes are requ= ired +to use static linking or dynamic linking. It is a platform configuration o= ptions +to select static linking or dynamic linking. This choice can be make globa= lly, +per firmware module type, or individual modules. + +``` ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +| EDK II PEI | | EDK II DXE/UEFI | | EDK II SMM | +| Module/Library | | Module/Library | | Module/Library | ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ + ^ ^ ^ ^ ^ ^ ^ ^ ^ + | | | | | | | | | + | | v | | v | | v + | | +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ | | +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D+ | | +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ + | | |HashApiLib| | | |HashApiLib| | | |HashApiLib| + | | +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ | | +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D+ | | +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ + | | ^ | | ^ | | ^ + | | | | | | | | | + v v v v v v v v v ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +|TlsLib|BaseCryptLib| |TlsLib|BaseCryptLib| |TlsLib|BaseCryptLib| ++-------------------+ +-------------------+ +-------------------+ +| BaseCryptLib | | BaseCryptLib | | BaseCryptLib | +| OnPpiProtocol/ | | OnPpiProtocol/ | | OnPpiProtocol/ | +| PeiCryptLib.inf | | DxeCryptLib.inf | | SmmCryptLib.inf | ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ + ^ ^ ^ + ||| (Dynamic) ||| (Dynamic) ||| (Dynamic) + v v v ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +| Crypto PPI | | Crypto Protocol | | Crypto SMM Protocol | ++-------------------| |-------------------| |---------------------| +| CryptoPei | | CryptoDxe | | CryptoSmm | ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ + ^ ^ ^ ^ ^ ^ + | | | | | | + v | v | v | ++=3D=3D=3D=3D=3D=3D=3D=3D+ | +=3D=3D=3D=3D=3D=3D=3D=3D+ | = +=3D=3D=3D=3D=3D=3D=3D=3D+ | +| TlsLib | | | TlsLib | | | TlsLib | | ++=3D=3D=3D=3D=3D=3D=3D=3D+ v +=3D=3D=3D=3D=3D=3D=3D=3D+ v = +=3D=3D=3D=3D=3D=3D=3D=3D+ v + ^ +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ ^ +=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D+ ^ +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D+ + | | BaseCryptLib | | | BaseCryptLib | | | BaseCryptLib | + | +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ | +=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D+ | +=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D+ + | ^ | ^ | ^ + | | | | | | + v v v v v v ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +| OpensslLib | | OpensslLib | | OpensslLib | ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ + ^ ^ ^ + | | | + v v v ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +| IntrinsicLib | | IntrinsicLib | | IntrinsicLib | ++=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D+ +``` + +## Supported Cryptographic Families and Services + +The table below provides a summary of the supported cryptographic services= . It +indicates if the family or service is deprecated or recommended to not be = used. +It also shows which *CryptLib library instances support the family or serv= ice. +If a cell is blank then the service or family is always disabled and the +`PcdCryptoServiceFamilyEnable` settings for that family or service is igno= red. +If the cell is not blank, then the service or family is configurable using +`PcdCryptoServiceFamilyEnable` as long as the correct OpensslLib or TlsLib= is +also configured. + +|Key | Description = | +|---------|---------------------------------------------------------------= -----------------| +| | Family or service is always disabled. = | +| C | Configurable using PcdCryptoServiceFamilyEnable. = | +| C-Tls | Configurable using PcdCryptoServiceFamilyEnable. Requires TlsL= ib.inf. | +| C-Full | Configurable using PcdCryptoServiceFamilyEnable. Requires Open= sslLibFull*.inf. | + +|Family/Service | Deprecated | Don't Use | SecCryptLib |= PeiCryptLib | BaseCryptLib | SmmCryptLib | RuntimeCryptLib | +|:--------------------------------|:----------:|:---------:|:-----------:|= :-----------:|:------------:|:-----------:|:---------------:| +| HmacMd5 | Y | Y | |= | | | | +| HmacSha1 | Y | Y | |= | | | | +| HmacSha256 | N | N | |= C | C | C | C | +| HmacSha384 | N | N | |= C | C | C | C | +| Md4 | Y | Y | |= | | | | +| Md5 | Y | Y | |= C | C | C | C | +| Pkcs.Pkcs1v2Encrypt | N | N | |= | C | C | | +| Pkcs.Pkcs5HashPassword | N | N | |= | C | C | | +| Pkcs.Pkcs7Verify | N | N | |= C | C | C | C | +| Pkcs.VerifyEKUsInPkcs7Signature | N | N | |= C | C | C | | +| Pkcs.Pkcs7GetSigners | N | N | |= C | C | C | C | +| Pkcs.Pkcs7FreeSigners | N | N | |= C | C | C | C | +| Pkcs.Pkcs7Sign | N | N | |= | C | | | +| Pkcs.Pkcs7GetAttachedContent | N | N | |= C | C | C | | +| Pkcs.Pkcs7GetCertificatesList | N | N | |= C | C | C | C | +| Pkcs.AuthenticodeVerify | N | N | |= | C | | | +| Pkcs.ImageTimestampVerify | N | N | |= | C | | | +| Dh | N | N | |= | C | | | +| Random | N | N | |= | C | C | C | +| Rsa.VerifyPkcs1 | Y | Y | |= | | | | +| Rsa.New | N | N | |= C | C | C | C | +| Rsa.Free | N | N | |= C | C | C | C | +| Rsa.SetKey | N | N | |= C | C | C | C | +| Rsa.GetKey | N | N | |= | C | | | +| Rsa.GenerateKey | N | N | |= | C | | | +| Rsa.CheckKey | N | N | |= | C | | | +| Rsa.Pkcs1Sign | N | N | |= | C | | | +| Rsa.Pkcs1Verify | N | N | |= C | C | C | C | +| Sha1 | N | Y | |= C | C | C | C | +| Sha256 | N | N | |= C | C | C | C | +| Sha384 | N | N | C |= C | C | C | C | +| Sha512 | N | N | C |= C | C | C | C | +| X509 | N | N | |= | C | C | C | +| Tdes | Y | Y | |= | | | | +| Aes.GetContextSize | N | N | |= | C | C | C | +| Aes.Init | N | N | |= | C | C | C | +| Aes.EcbEncrypt | Y | Y | |= | | | | +| Aes.EcbDecrypt | Y | Y | |= | | | | +| Aes.CbcEncrypt | N | N | |= | C | C | C | +| Aes.CbcDecrypt | N | N | |= | C | C | C | +| Arc4 | Y | Y | |= | | | | +| Sm3 | N | N | |= C | C | C | C | +| Hkdf | N | N | |= C | C | | C | +| Tls | N | N | |= | C-Tls | | | +| TlsSet | N | N | |= | C-Tls | | | +| TlsGet | N | N | |= | C-Tls | | | +| RsaPss.Sign | N | N | |= | C | | | +| RsaPss.Verify | N | N | |= C | C | C | | +| ParallelHash | N | N | |= | | C | | +| AeadAesGcm | N | N | |= | C | | | +| Bn | N | N | |= | C | | | +| Ec | N | N | |= | C-Full | | | + +## Platform Configuration of Cryptographic Services + +Configuring the cryptographic services requires library mappings and PCD +settings in a platform DSC file. This must be done for each of the firmware +phases (SEC, PEI, DXE, UEFI, SMM, UEFI RT). + +The following table can be used to help select the best OpensslLib instanc= e for +each phase. The Size column only shows the estimated size increase for a +compressed IA32/X64 modules that uses the cryptographic services with +`OpensslLib.inf` as the baseline size. The actual size increase depends on= the +specific set of enabled cryptographic services. If ECC services are not +required, then size can be reduced by using OpensslLib.inf instead of +`OpensslLibFull.inf`. Performance optimization requires a size increase. + +| OpensslLib Instance | SSL | ECC | Perf Opt | CPU Arch | Size | +|:------------------------|:---:|:---:|:--------:|:--------:|:-----:| +| OpensslLibCrypto.inf | N | N | N | All | +0K | +| OpensslLib.inf | Y | N | N | All | +0K | +| OpensslLibAccel.inf | Y | N | Y | IA32/X64 | +20K | +| OpensslLibFull.inf | Y | Y | N | All | +115K | +| OpensslLibFullAccel.inf | Y | Y | Y | IA32/X64 | +135K | + +### SEC Phase Library Mappings + +The SEC Phase only supports static linking of cryptographic services. The +following library mappings are recommended for the SEC Phase. It uses the = SEC +specific version of the BaseCryptLib and the null version of the TlsLib be= cause +TLS services are not typically used in SEC. + +``` +[LibraryClasses.common.SEC] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +``` + +### PEI Phase Library Mappings + +The PEI Phase supports either static or dynamic linking of cryptographic +services. The following library mappings are recommended for the PEI Phase= . It +uses the PEI specific version of the BaseCryptLib and the null version of = the +TlsLib because TLS services are not typically used in PEI. + +``` +[LibraryClasses.common.PEIM] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +``` + +If dynamic linking is used, then all PEIMs except CryptoPei use the follow= ing +library mappings. The CryptoPei module uses the static linking settings. + +``` +[LibraryClasses.common.PEIM] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf + +[Components] + CryptoPkg/Driver/CryptoPei.inf { + + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + } +``` + +### DXE Phase, UEFI Driver, UEFI Application Library Mappings + +The DXE/UEFI Phase supports either static or dynamic linking of cryptograp= hic +services. The following library mappings are recommended for the DXE/UEFI = Phase. +It uses the DXE specific version of the BaseCryptLib and the full version = of the +OpensslLib and TlsLib. If ECC services are not required then a smaller +OpensslLib instance can be used. + +``` +[LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.UEFI_DRIVER, Libr= aryClasses.common.UEFI_APPLICATION] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +``` + +If dynamic linking is used, then all DXE Drivers except CryptoDxe use the +following library mappings. The CryptoDxe module uses the static linking +settings. + +``` +[LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.UEFI_DRIVER, Libr= aryClasses.common.UEFI_APPLICATION] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf + +[Components] + CryptoPkg/Driver/CryptoDxe.inf { + + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + } +``` + +### SMM Phase Library Mappings + +The SMM Phase supports either static or dynamic linking of cryptographic +services. The following library mappings are recommended for the SMM Phase= . It +uses the SMM specific version of the BaseCryptLib and the null version of = the +TlsLib. + +``` +[LibraryClasses.common.DXE_SMM_DRIVER] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +``` + +If dynamic linking is used, then all SMM Drivers except CryptoSmm use the +following library mappings. The CryptoDxe module uses the static linking +settings. + +``` +[LibraryClasses.common.DXE_SMM_DRIVER] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf + +[Components] + CryptoPkg/Driver/CryptoSmm.inf { + + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf + } +``` + +### UEFI Runtime Driver Library Mappings + +UEFI Runtime Drivers only supports static linking of cryptographic service= s. +The following library mappings are recommended for UEFI Runtime Drivers. I= t uses +the runtime specific version of the BaseCryptLib and the null version of t= he +TlsLib because TLS services are not typically used in runtime. + +``` +[LibraryClasses.common.DXE_RUNTIME_DRIVER] + HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf +``` + +### PCD Configuration Settings + +There are 2 PCD settings that are used to configure cryptographic services. +`PcdHashApiLibPolicy` is used to configure the hash algorithm provided by = the +BaseHashApiLib library instance. `PcdCryptoServiceFamilyEnable` is used to +configure the cryptographic services supported by the CryptoPei, CryptoDxe, +and CryptoSmm modules. + +* `gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy` - This PCD indicates t= he + HASH algorithm to to use in the BaseHashApiLib to calculate hash of data= . The + default hashing algorithm for BaseHashApiLib is set to HASH_ALG_SHA256. + | Setting | Algorithm | + |------------|------------------| + | 0x00000001 | HASH_ALG_SHA1 | + | 0x00000002 | HASH_ALG_SHA256 | + | 0x00000004 | HASH_ALG_SHA384 | + | 0x00000008 | HASH_ALG_SHA512 | + | 0x00000010 | HASH_ALG_SM3_256 | + +* `gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable` - Enable/Disa= ble + the families and individual services produced by the EDK II Crypto + Protocols/PPIs. The default is all services disabled. This Structured P= CD is + associated with `PCD_CRYPTO_SERVICE_FAMILY_ENABLE` structure that defin= ed in + `Include/Pcd/PcdCryptoServiceFamilyEnable.h`. + + There are three layers of priority that determine if a specific family = or + individual cryptographic service is actually enabled in the CryptoPei, + CryptoDxe, and CryptoSmm modules. + + 1) OpensslLib instance selection. When the CryptoPei, CryptoDxe, or Cry= ptoSmm + drivers are built, they are statically linked to an OpensslLib libra= ry + instance. If the required cryptographic service is not enabled in the + OpensslLib instance linked, then the service is always disabled. + 2) BaseCryptLib instance selection. + * CryptoPei is always linked with the PeiCryptLib instance of the + BaseCryptLib library class. The table above have a column for the + PeiCryptLib. If the family or service is blank, then that family or + service is always disabled. + * CryptoDxe is always linked with the BaseCryptLib instance of the + BaseCryptLib library class. The table above have a column for the + BaseCryptLib. If the family or service is blank, then that family = or + service is always disabled. + * CryptoSmm is always linked with the SmmCryptLib instance of the + BaseCryptLib library class. The table above have a column for the + SmmCryptLib. If the family or service is blank, then that family or + service is always disabled. + 3) If a family or service is enabled in the OpensslLib instance and it = is + enabled in the BaseCryptLib instance, then it can be enabled/disabled + using `PcdCryptoServiceFamilyEnable`. This structured PCD is associa= ted + with the `PCD_CRYPTO_SERVICE_FAMILY_ENABLE` data structure that cont= ains + bit fields for each family of services. All of the families are disa= bled + by default. An entire family of services can be enabled by setting t= he + family field to the value `PCD_CRYPTO_SERVICE_ENABLE_FAMILY`. Indivi= dual + services can be enabled by setting a single service name to `TRUE`. + Settings listed later in the DSC file have priority over settings ea= rlier + in the DSC file, so it is legal for an entire family to be enabled f= irst + and then a few individual services disabled by setting the service n= ame to + `FALSE`. + +#### Common PEI PcdCryptoServiceFamilyEnable Settings + +``` + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE +``` + +#### Common DXE and SMM PcdCryptoServiceFamilyEnable Settings + +``` + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs1v2Encrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7Verify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.V= erifyEKUsInPkcs7Signature | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7GetSigners | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7FreeSigners | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.A= uthenticodeVerify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pk= cs1Verify | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ne= w | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fr= ee | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Se= tKey | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Ge= tPublicKeyFromX509 | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services= .HashAll | FALSE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etSubjectName | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etCommonName | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etOrganizationName | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.G= etTBSCert | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ge= tContextSize | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.In= it | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cEncrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cb= cDecrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Encrypt | TRUE + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Serv= ices.Decrypt | TRUE +``` --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95446): https://edk2.groups.io/g/devel/message/95446 Mute This Topic: https://groups.io/mt/94460304/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95447+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95447+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290941; cv=none; d=zohomail.com; s=zohoarc; b=lYaH9zP1dKk956oiHjhg/2yjCKy4yJ1kPyAQg5Hv6ts1G5ENjSyHSOf3OnN7L5brvCH2e+/6+nVNVHnqik/8Ps/2HlTekA1Su6re9nLTmOee9fvZ5GtaUBxTzFGx5ElhkBw0dIyZCTYLgMckpZiBJpbI+QPy/B4uccpusYj5rkk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290941; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=igJ9j4BorGDnCuxc/V0lo7N53uYYyIfpJoYJA7FI52E=; b=keY23Xu55F9C2SfLO5WInZnGgprI+5/6ZvSDXdB2rEWIN9jo66F9JEnzleZlauGPWtum+fGWpO7BKOaAihsSElqEX1ulRnksyUI0q84iAGnyHYgq7rh4FzMMKGY0xKfaDk59MxWGg2KRShm01mEXw08JOyN2haiItbQwU9tdV24= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95447+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290941565215.11602749927215; Thu, 20 Oct 2022 11:35:41 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jrC5YY1788612xXUup8IRXhb; Thu, 20 Oct 2022 11:35:40 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.1060.1666290939355166472 for ; Thu, 20 Oct 2022 11:35:39 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="308485577" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="308485577" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:37 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427853" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427853" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:36 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Yi Li , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 13/16] Revert "CryptoPkg: Update process_files.pl to auto add PCD config option" Date: Thu, 20 Oct 2022 11:35:07 -0700 Message-Id: <20221020183510.1799-14-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: yOlTlPDPSZaNPwneTcAoB9iwx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290940; bh=hwdFuxPbcaB110WgQ2re3GpVBRewv6juig/GUJy5WlE=; h=Cc:Date:From:Reply-To:Subject:To; b=X5lTHXud1WkQnL6MOsV0BaI6xVaB3WB4HdIqOB7d1fthJsPz1JKA0TevG4DVOy/3oOR RaxXhz2g0dTfDUWpTaUOHXKRkuYQ4S3Ikq688LK/XwyyRIxIgGdLhr4a4A6yP7XAjBioJ nUHO6c9tDZ1GhZGuqOJDZ91ksXXmDXdFP/g= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290943626100059 Content-Type: text/plain; charset="utf-8" From: Yi Li This reverts commit 499b0d5fa57dafe47b260aaf0cea6c6b0286e656. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Cc: Michael D Kinney Signed-off-by: Yi Li --- CryptoPkg/Library/OpensslLib/process_files.pl | 77 +------------------ 1 file changed, 3 insertions(+), 74 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Libr= ary/OpensslLib/process_files.pl index 82e5176b3995..7e18c9f52d35 100755 --- a/CryptoPkg/Library/OpensslLib/process_files.pl +++ b/CryptoPkg/Library/OpensslLib/process_files.pl @@ -81,19 +81,6 @@ my $uefi_config; my $extension; my $arch; my @inf; -# -# Use PCD to conditionally enable certain openssl features. -# $conditional_feature contains pcd_name:fetures_names pairs -# of conditional features. -# @conditional_feature_dir contains relative_path:pcd_name pairs -# of conditional features in openssl, MUST correspond to the content -# in $conditional_feature. -# -# Configure list [openssl_configuration : new_define_list : new_file_list = : pcd] -# 1. no-ec : {NO_EC, NO_ECDH, NO_ECDSA, NO_TLS1_3, NO_SM2} : {/ec/, /sm2/}= : PcdOpensslEcEnabled -# -my %conditional_feature =3D ("PcdOpensslEcEnabled"=3D>["EC", "ECDH", "ECDS= A", "TLS1_3", "SM2"]); -my %conditional_feature_dir =3D ("/ec/"=3D>"PcdOpensslEcEnabled", "/sm2/"= =3D>"PcdOpensslEcEnabled"); =20 BEGIN { $inf_file =3D "OpensslLib.inf"; @@ -307,13 +294,7 @@ foreach my $product ((@{$unified_info{libraries}}, push @sslfilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n"; next; } - push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s; - foreach (keys(%conditional_feature_dir)) { - if ($s =3D~ $_) { - push @cryptofilelist, ' |*|*|*|gEfiCryptoPkgToken= SpaceGuid.' . $conditional_feature_dir{$_}; - } - } - push @cryptofilelist, "\r\n"; + push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n"; } } } @@ -342,13 +323,7 @@ foreach (@headers){ push @sslfilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n"; next; } - push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_; - foreach my $conditional_key (keys(%conditional_feature_dir)) { - if ($_ =3D~ $conditional_key) { - push @cryptofilelist, ' |*|*|*|gEfiCryptoPkgTokenSpaceGuid.' = . $conditional_feature_dir{$conditional_key}; - } - } - push @cryptofilelist, "\r\n"; + push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n"; } =20 =20 @@ -453,7 +428,7 @@ print "\n--> Duplicating opensslconf.h into Include/ope= nssl ... "; system( "perl -pe 's/\\n/\\r\\n/' " . "< " . $OPENSSL_PATH . "/include/openssl/opensslconf.h " . - "> " . $OPENSSL_PATH . "/../../Include/openssl/opensslconf_generated.h" + "> " . $OPENSSL_PATH . "/../../Include/openssl/opensslconf.h" ) =3D=3D 0 || die "Cannot copy opensslconf.h!"; print "Done!"; @@ -465,52 +440,6 @@ system( "> " . $OPENSSL_PATH . "/../../Include/crypto/dso_conf.h" ) =3D=3D 0 || die "Cannot copy dso_conf.h!"; -print "Done!"; - -# -# Add conditional feature to opensslconf.h -# -my $conf_file =3D "../Include/openssl/opensslconf.h"; -my @conf_raw =3D (); -my @conditional_define =3D (); -print "\n--> Updating conditional feature in $conf_file ... "; - -foreach my $pcd_name (keys(%conditional_feature)) { - push @conditional_define, "#if !FixedPcdGetBool ($pcd_name)\r\n"; - foreach (@{$conditional_feature{$pcd_name}}) { - push @conditional_define, "# ifndef OPENSSL_NO_$_\r\n"; - push @conditional_define, "# define OPENSSL_NO_$_\r\n"; - push @conditional_define, "# endif\r\n"; - } - push @conditional_define, "#endif\r\n"; -} - -open( FD, "<" . $conf_file ) || - die $conf_file; -foreach () { - # Insert conditional define to the begin of opensslconf.h - if ($_ =3D~ "Autogenerated conditional openssl feature list starts her= e") { - push @conf_raw, $_, @conditional_define; - $subbing =3D 1; - next; - } - if ($_ =3D~ "Autogenerated conditional openssl feature list ends here"= ) { - push @conf_raw, $_; - $subbing =3D 0; - next; - } - push @conf_raw, $_ - unless ($subbing); -} -close(FD) || - die $conf_file; - -open( FD, ">" . $conf_file ) || - die $conf_file; -print( FD @conf_raw ) || - die $conf_file; -close(FD) || - die $conf_file; print "Done!\n"; =20 print "\nProcessing Files Done!\n"; --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95447): https://edk2.groups.io/g/devel/message/95447 Mute This Topic: https://groups.io/mt/94460305/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95448+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95448+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290941; cv=none; d=zohomail.com; s=zohoarc; b=de0nFVq26EEW4m9k5rm7thmyN3TLJ9H7c30FUdzdWL7ISrnVMxHqyiEjW+345v5FButuyPOpaecrmP7N0We1SV/Mjflb5roEfKmmZWs2WLkTU960/rMF0iuSBDOuHMHvtrDAQptYwBjqtWqLCUAKNN5fangtjZfMMheI+gCQhnc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290941; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=4iFCKi9yf3BCtC4sFNInsbCJVKrhUethEcVnKv4/gEQ=; b=Aj2Cbuq7U3it1lF7/GQOdTSYHCu7TaNtZ8narxjql/K+qnbB8oSPFezcATdbIku1QK6wlZ/TCwlU4eraI48rhusHj2HDKRWE0mbnAD2vo1Z+o/nITs/6DL2wd45vrRlHs5DZQd1E3sG+UAgoF87FjsTtjEN3zbcsCsBN1xRB+xM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95448+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290941019757.9182704416866; Thu, 20 Oct 2022 11:35:41 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id IikgYY1788612xwvVo2cemFX; Thu, 20 Oct 2022 11:35:40 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.1060.1666290939355166472 for ; Thu, 20 Oct 2022 11:35:40 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="308485579" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="308485579" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:37 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427863" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427863" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:37 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Yi Li , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 14/16] CryptoPkg/Library/OpensslLib: Update process_files.pl INF generation Date: Thu, 20 Oct 2022 11:35:08 -0700 Message-Id: <20221020183510.1799-15-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: h5U024oA5F2joRFHlOgfgRxxx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290940; bh=Fhc8XiMR8DKDTzMeLfDNhqQhi22MeHY6rT9dYpuIJsU=; h=Cc:Date:From:Reply-To:Subject:To; b=Kdl24v/EP/Y6jiln1w9DpbkKS1ZN5hW11jom1oksatUaq7M3YSeHSoMJJzugncz7pJ6 GipHF8V3f67WJ0hWkyALmZT3wyofjoZGCZLWp+h5JoK6tJmQ2s4Hb5l8fY8IdX2NCLgv5 /o/FvJfMlwa0tb6Fxj8yLTZIykoGWpPdZLc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290941600100054 Content-Type: text/plain; charset="utf-8" From: Yi Li Update process_files.pl to generate all OpensslLib INF files. * OpensslLib.inf * OpensslLibAccel.inf * OpensslLibCrypto.inf * OpensslLibFull.inf * OpensslLibFullAccel.inf Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Cc: Michael D Kinney Signed-off-by: Yi Li --- CryptoPkg/Library/OpensslLib/process_files.pl | 93 +++++++++++++++++-- 1 file changed, 87 insertions(+), 6 deletions(-) diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Libr= ary/OpensslLib/process_files.pl index 7e18c9f52d35..fba97e7c39a7 100755 --- a/CryptoPkg/Library/OpensslLib/process_files.pl +++ b/CryptoPkg/Library/OpensslLib/process_files.pl @@ -15,6 +15,15 @@ # ./process_files.pl # ./process_files.pl X64 # ./process_files.pl [Arch] +# +# Follow the command below to update the INF file: +# 1. OpensslLib.inf ,OpensslLibCrypto.inf and OpensslLibFull.inf +# ./process_files.pl +# 2. OpensslLibAccel.inf and OpensslLibFullAccel.inf +# ./process_files.pl X64 +# ./process_files.pl X64Gcc +# ./process_files.pl IA32 +# ./process_files.pl IA32Gcc =20 use strict; use Cwd; @@ -79,6 +88,7 @@ my $inf_file; my $OPENSSL_PATH; my $uefi_config; my $extension; +my $compile; my $arch; my @inf; =20 @@ -90,31 +100,32 @@ BEGIN { if (defined $arch) { if (uc ($arch) eq "X64") { $arch =3D "X64"; - $inf_file =3D "OpensslLibX64.inf"; $uefi_config =3D "UEFI-x86_64"; $extension =3D "nasm"; + $compile =3D "MSFT"; $comment_character =3D ";"; } elsif (uc ($arch) eq "X64GCC") { $arch =3D "X64Gcc"; - $inf_file =3D "OpensslLibX64Gcc.inf"; $uefi_config =3D "UEFI-x86_64-GCC"; $extension =3D "S"; + $compile =3D "GCC"; $comment_character =3D "#"; } elsif (uc ($arch) eq "IA32") { $arch =3D "IA32"; - $inf_file =3D "OpensslLibIa32.inf"; $uefi_config =3D "UEFI-x86"; $extension =3D "nasm"; + $compile =3D "MSFT"; $comment_character =3D ";"; } elsif (uc ($arch) eq "IA32GCC") { $arch =3D "IA32Gcc"; - $inf_file =3D "OpensslLibIa32Gcc.inf"; $uefi_config =3D "UEFI-x86-GCC"; $extension =3D "S"; + $compile =3D "GCC"; $comment_character =3D "#"; } else { die "Unsupported architecture \"" . $arch . "\"!"; } + $inf_file =3D "OpensslLibAccel.inf"; if ($extension eq "nasm") { if (`nasm -v 2>&1`) { #Presence of nasm executable will trigger inclusion of AVX= instructions @@ -256,6 +267,7 @@ foreach my $f (@{$config{lib_defines}}) { =20 my @cryptofilelist =3D (); my @sslfilelist =3D (); +my @ecfilelist =3D (); my @asmfilelist =3D (); my @asmbuild =3D (); foreach my $product ((@{$unified_info{libraries}}, @@ -286,10 +298,14 @@ foreach my $product ((@{$unified_info{libraries}}, $buildstring .=3D " ./$arch/$path$s.$extension"; make_path ("./$arch/$path"); push @asmbuild, "$buildstring\n"; - push @asmfilelist, " $arch/$path$s.$extension\r\n"; + push @asmfilelist, " $arch/$path$s.$extension |$comp= ile\r\n"; } next; } + if ($s =3D~ "/ec/" || $s =3D~ "/sm2/") { + push @ecfilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n"; + next; + } if ($product =3D~ "libssl") { push @sslfilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n"; next; @@ -323,6 +339,10 @@ foreach (@headers){ push @sslfilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n"; next; } + if ($_ =3D~ "/ec/" || $_ =3D~ "/sm2/") { + push @ecfilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n"; + next; + } push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n"; } =20 @@ -351,10 +371,18 @@ foreach (@inf) { next; } if ( $_ =3D~ "# Autogenerated files list starts here" ) { - push @new_inf, $_, @asmfilelist, @cryptofilelist, @sslfilelist; + push @new_inf, $_, @cryptofilelist, @sslfilelist; $subbing =3D 1; next; } + if (defined $arch) { + my $arch_asmfile_flag =3D "# Autogenerated " . $arch . " files lis= t starts here"; + if ($_ =3D~ $arch_asmfile_flag) { + push @new_inf, $_, @asmfilelist; + $subbing =3D 1; + next; + } + } if ( $_ =3D~ "# Autogenerated files list ends here" ) { push @new_inf, $_; $subbing =3D 0; @@ -421,6 +449,59 @@ if (!defined $arch) { print "Done!"; } =20 +# +# Update OpensslLibFull.inf with autogenerated file list +# +if (!defined $arch) { + $inf_file =3D "OpensslLibFull.inf"; +} else { + $inf_file =3D "OpensslLibFullAccel.inf"; +} +# Read the contents of the inf file +@inf =3D (); +@new_inf =3D (); +open( FD, "<" . $inf_file ) || + die "Cannot open \"" . $inf_file . "\"!"; +@inf =3D (); +close(FD) || + die "Cannot close \"" . $inf_file . "\"!"; +$subbing =3D 0; +print "\n--> Updating $inf_file ... "; +foreach (@inf) { + if ( $_ =3D~ "# Autogenerated files list starts here" ) { + push @new_inf, $_, @cryptofilelist, @sslfilelist, @ecfilelist; + $subbing =3D 1; + next; + } + if (defined $arch) { + my $arch_asmfile_flag =3D "# Autogenerated " . $arch . " files lis= t starts here"; + if ($_ =3D~ $arch_asmfile_flag) { + push @new_inf, $_, @asmfilelist; + $subbing =3D 1; + next; + } + } + if ( $_ =3D~ "# Autogenerated files list ends here" ) { + push @new_inf, $_; + $subbing =3D 0; + next; + } + + push @new_inf, $_ + unless ($subbing); +} + +$new_inf_file =3D $inf_file . ".new"; +open( FD, ">" . $new_inf_file ) || + die $new_inf_file; +print( FD @new_inf ) || + die $new_inf_file; +close(FD) || + die $new_inf_file; +rename( $new_inf_file, $inf_file ) || + die "rename $inf_file"; +print "Done!"; + # # Copy opensslconf.h and dso_conf.h generated from OpenSSL Configuration # --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95448): https://edk2.groups.io/g/devel/message/95448 Mute This Topic: https://groups.io/mt/94460306/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95449+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95449+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290941; cv=none; d=zohomail.com; s=zohoarc; b=LODvzUyQ+LXaTdrR6VSIyWMYRM2sLOeACNBzkV2V0wvHUEPWW3pffuUD8KrAApL0kpjJbDpRf2lU5t8BYZhvSySjTMw+5MDBpI+5QYVqecXvOTdu7eoh45fqqhad9B7k/anZVMQueAsoWsZLv+xewNvU3ZZTUza4zJFVp0DE5ns= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290941; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Qw98qvgKVN3uvo4jCBzsUQDwlgiMfVsYowaUVwMPRq4=; b=kbers5svuhB1IkYkSgd/63KYgd8BfyohHXAm7jykKVg4XDJSfCYJaNh2Wh+bKIeIhQv78/l5rRrwCt5rfRb4vAuO63S5BCUnG4nEhA8k/ZeqPmmyVRn3LtRQLtHIerb9J2WzfMuHmZeQXnzhSdJOAHsrwnRIubLdsxrx31CpbbQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95449+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290941560973.5443690263132; Thu, 20 Oct 2022 11:35:41 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id KVKOYY1788612xUrLfXnVOs4; Thu, 20 Oct 2022 11:35:41 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.1060.1666290939355166472 for ; Thu, 20 Oct 2022 11:35:40 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="308485588" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="308485588" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:38 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427871" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427871" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:37 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Yi Li , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 15/16] CryptoPkg/Library/OpensslLib: Add generated flag to Accel INF Date: Thu, 20 Oct 2022 11:35:09 -0700 Message-Id: <20221020183510.1799-16-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: Xrt8zab2be9bGCJ9SfaQbPJ5x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290941; bh=Fc8EgXubJ6JRPOz5eV/YeQV5Ot5RQmyTVdOO1YNeWks=; h=Cc:Date:From:Reply-To:Subject:To; b=nJDIui8bp8Uvy6SzuaMX/oDCpz+/GFl47I96PIZ/84wo5ENgSu3AeTSyjwpskcdsy6E 0K6ZbjiuuBTN+8sXJcUCVOxv/YqGwCJvl9JHJuMvYhUJ/wCT93NoRvGfAGUxjZSSVoT0Q CYPg5yc6JPApRsTXAUzpBE3/XH1ONC/JSlY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290943628100060 Content-Type: text/plain; charset="utf-8" From: Yi Li Update OpensslLibAccel.inf and OpensslLibFullAccel.inf to include flags used by process_files.pl to generate OpensslLib INF files. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Cc: Michael D Kinney Signed-off-by: Yi Li --- CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf | 8 ++++++++ CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf | 8 ++++++++ 2 files changed, 16 insertions(+) diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf b/CryptoPkg/L= ibrary/OpensslLib/OpensslLibAccel.inf index 32eae4a79213..98b07fd2eab9 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf @@ -633,6 +633,7 @@ [Sources] EcSm2Null.c =20 [Sources.IA32] +# Autogenerated IA32 files list starts here IA32/crypto/aes/aesni-x86.nasm | MSFT IA32/crypto/aes/vpaes-x86.nasm | MSFT IA32/crypto/modes/ghash-x86.nasm | MSFT @@ -640,7 +641,9 @@ [Sources.IA32] IA32/crypto/sha/sha256-586.nasm | MSFT IA32/crypto/sha/sha512-586.nasm | MSFT IA32/crypto/x86cpuid.nasm | MSFT +# Autogenerated files list ends here =20 +# Autogenerated IA32Gcc files list starts here IA32Gcc/crypto/aes/aesni-x86.S | GCC IA32Gcc/crypto/aes/vpaes-x86.S | GCC IA32Gcc/crypto/modes/ghash-x86.S | GCC @@ -648,9 +651,11 @@ [Sources.IA32] IA32Gcc/crypto/sha/sha256-586.S | GCC IA32Gcc/crypto/sha/sha512-586.S | GCC IA32Gcc/crypto/x86cpuid.S | GCC +# Autogenerated files list ends here =20 [Sources.X64] X64/ApiHooks.c +# Autogenerated X64 files list starts here X64/crypto/aes/aesni-mb-x86_64.nasm | MSFT X64/crypto/aes/aesni-sha1-x86_64.nasm | MSFT X64/crypto/aes/aesni-sha256-x86_64.nasm | MSFT @@ -664,7 +669,9 @@ [Sources.X64] X64/crypto/sha/sha256-x86_64.nasm | MSFT X64/crypto/sha/sha512-x86_64.nasm | MSFT X64/crypto/x86_64cpuid.nasm | MSFT +# Autogenerated files list ends here =20 +# Autogenerated X64Gcc files list starts here X64Gcc/crypto/aes/aesni-mb-x86_64.S | GCC X64Gcc/crypto/aes/aesni-sha1-x86_64.S | GCC X64Gcc/crypto/aes/aesni-sha256-x86_64.S | GCC @@ -678,6 +685,7 @@ [Sources.X64] X64Gcc/crypto/sha/sha256-x86_64.S | GCC X64Gcc/crypto/sha/sha512-x86_64.S | GCC X64Gcc/crypto/x86_64cpuid.S | GCC +# Autogenerated files list ends here =20 [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf b/CryptoP= kg/Library/OpensslLib/OpensslLibFullAccel.inf index 6345b54bca4c..6525b73a9e7b 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf @@ -638,6 +638,7 @@ [Sources] # EcSm2Null.c =20 [Sources.IA32] +# Autogenerated IA32 files list starts here IA32/crypto/aes/aesni-x86.nasm | MSFT IA32/crypto/aes/vpaes-x86.nasm | MSFT IA32/crypto/modes/ghash-x86.nasm | MSFT @@ -645,7 +646,9 @@ [Sources.IA32] IA32/crypto/sha/sha256-586.nasm | MSFT IA32/crypto/sha/sha512-586.nasm | MSFT IA32/crypto/x86cpuid.nasm | MSFT +# Autogenerated files list ends here =20 +# Autogenerated IA32Gcc files list starts here IA32Gcc/crypto/aes/aesni-x86.S | GCC IA32Gcc/crypto/aes/vpaes-x86.S | GCC IA32Gcc/crypto/modes/ghash-x86.S | GCC @@ -653,9 +656,11 @@ [Sources.IA32] IA32Gcc/crypto/sha/sha256-586.S | GCC IA32Gcc/crypto/sha/sha512-586.S | GCC IA32Gcc/crypto/x86cpuid.S | GCC +# Autogenerated files list ends here =20 [Sources.X64] X64/ApiHooks.c +# Autogenerated X64 files list starts here X64/crypto/aes/aesni-mb-x86_64.nasm | MSFT X64/crypto/aes/aesni-sha1-x86_64.nasm | MSFT X64/crypto/aes/aesni-sha256-x86_64.nasm | MSFT @@ -669,7 +674,9 @@ [Sources.X64] X64/crypto/sha/sha256-x86_64.nasm | MSFT X64/crypto/sha/sha512-x86_64.nasm | MSFT X64/crypto/x86_64cpuid.nasm | MSFT +# Autogenerated files list ends here =20 +# Autogenerated X64Gcc files list starts here X64Gcc/crypto/aes/aesni-mb-x86_64.S | GCC X64Gcc/crypto/aes/aesni-sha1-x86_64.S | GCC X64Gcc/crypto/aes/aesni-sha256-x86_64.S | GCC @@ -683,6 +690,7 @@ [Sources.X64] X64Gcc/crypto/sha/sha256-x86_64.S | GCC X64Gcc/crypto/sha/sha512-x86_64.S | GCC X64Gcc/crypto/x86_64cpuid.S | GCC +# Autogenerated files list ends here =20 [Packages] MdePkg/MdePkg.dec --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95449): https://edk2.groups.io/g/devel/message/95449 Mute This Topic: https://groups.io/mt/94460307/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sat May 18 21:45:21 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+95450+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95450+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1666290943; cv=none; d=zohomail.com; s=zohoarc; b=fFkH5MV57OeMtdrrgI6ABZi0BxP3IBb08rQzDH7fTSnEf3gcUgTpTjapoCBupV5Tl15BxRN++AvqB5EkjUGk8BQa79Sel0M2HQPJK3TTujlouetV9fVEymdsqSn/R9zufBG9iBvR7SlTcO4D/IdD9ll5adFB2NsDzH5JIqAaNo4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1666290943; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=Aj5GNEEbj7iQ132gUBhK947UbBkqcB+yFjTGqjMCJl4=; b=DPJtrW1KZFHSyD4scoc2UjdP8x+I4UzHRRnlvpItY793gUEbtIz37GP+7JE8iX3kP/q6D0XukKXjT4qnYzLi7ZkoSxlt0sXch2G09xRAkMMb5kGQetHuovP/YhUipz1Hx0SAHVkrAim7F2268rFoxE+uwWfmjWqVzIMH6ZDWTOc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+95450+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1666290942993788.4628617673753; Thu, 20 Oct 2022 11:35:42 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 4M4lYY1788612xGUVHThAFSf; Thu, 20 Oct 2022 11:35:42 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.1060.1666290939355166472 for ; Thu, 20 Oct 2022 11:35:42 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="308485598" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="308485598" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:38 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427884" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427884" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:38 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Yi Li , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher Subject: [edk2-devel] [Patch v2 16/16] CryptoPkg/Library/OpensslLib: update auto-generated files Date: Thu, 20 Oct 2022 11:35:10 -0700 Message-Id: <20221020183510.1799-17-michael.d.kinney@intel.com> In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: TaWe6ZNXKr0w6FeFXnTWK5bWx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1666290942; bh=MYOlYhy4BxKQK4WDQ1XWQfS+2JdDC3e/p7flLB5HIKE=; h=Cc:Date:From:Reply-To:Subject:To; b=rMsmBn2Oj2+rsyUGFtdx0gjAxjmSecnaRDoOHDN8fLse6rrFNKPshXPpdn+kJrD8EG7 Bh6XxU7GgnyjY2RfvO1+LNbLND3lulP6CfCC+9vBsxpzYZ2ZA9Cd/o2E8sCt3x2Sn+HMc LVpXkcVVx05jbOPkDPgDsMPf3lx2UYyWYHY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1666290943688100062 Content-Type: text/plain; charset="utf-8" From: Yi Li Update OpensslLib INF files to match results from running process_files.pl to auto-generate the INF files. * OpensslLib.inf * OpensslLibAccel.inf * OpensslLibCrypto.inf * OpensslLibFull.inf * OpensslLibFullAccel.inf These INF files are generated by running the following perl scripts: * process_files.pl * process_files.pl X64 * process_files.pl X64Gcc * process_files.pl IA32 * process_files.pl IA32Gcc Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Cc: Michael D Kinney Signed-off-by: Yi Li --- .../Library/Include/openssl/opensslconf.h | 10 +- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 50 ----- .../Library/OpensslLib/OpensslLibAccel.inf | 131 ++++--------- .../Library/OpensslLib/OpensslLibCrypto.inf | 101 ---------- .../Library/OpensslLib/OpensslLibFull.inf | 100 +++++----- .../OpensslLib/OpensslLibFullAccel.inf | 181 +++++++++--------- 6 files changed, 185 insertions(+), 388 deletions(-) diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Li= brary/Include/openssl/opensslconf.h index b98b068b3d3b..09a6641ffcf9 100644 --- a/CryptoPkg/Library/Include/openssl/opensslconf.h +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h @@ -250,11 +250,11 @@ extern "C" { # undef DECLARE_DEPRECATED # define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); # endif -#elif defined(__SUNPRO_C) -#if (__SUNPRO_C >=3D 0x5130) -#undef DECLARE_DEPRECATED -#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); -#endif +# elif defined(__SUNPRO_C) +# if (__SUNPRO_C >=3D 0x5130) +# undef DECLARE_DEPRECATED +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); +# endif # endif #endif =20 diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Librar= y/OpensslLib/OpensslLib.inf index 82ffe4ec2f8e..60c6c24b0a67 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -204,43 +204,6 @@ [Sources] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c -# $(OPENSSL_PATH)/crypto/ec/curve25519.c -# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c -# $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c -# $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c -# $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c -# $(OPENSSL_PATH)/crypto/ec/ec2_oct.c -# $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c -# $(OPENSSL_PATH)/crypto/ec/ec_ameth.c -# $(OPENSSL_PATH)/crypto/ec/ec_asn1.c -# $(OPENSSL_PATH)/crypto/ec/ec_check.c -# $(OPENSSL_PATH)/crypto/ec/ec_curve.c -# $(OPENSSL_PATH)/crypto/ec/ec_cvt.c -# $(OPENSSL_PATH)/crypto/ec/ec_err.c -# $(OPENSSL_PATH)/crypto/ec/ec_key.c -# $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c -# $(OPENSSL_PATH)/crypto/ec/ec_lib.c -# $(OPENSSL_PATH)/crypto/ec/ec_mult.c -# $(OPENSSL_PATH)/crypto/ec/ec_oct.c -# $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c -# $(OPENSSL_PATH)/crypto/ec/ec_print.c -# $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c -# $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c -# $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c -# $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c -# $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c -# $(OPENSSL_PATH)/crypto/ec/eck_prn.c -# $(OPENSSL_PATH)/crypto/ec/ecp_mont.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nist.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c -# $(OPENSSL_PATH)/crypto/ec/ecp_oct.c -# $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c -# $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -426,10 +389,6 @@ [Sources] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_err.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -542,15 +501,6 @@ [Sources] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h -# $(OPENSSL_PATH)/crypto/ec/ec_local.h -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h -# $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h -# $(OPENSSL_PATH)/crypto/ec/curve448/field.h -# $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h -# $(OPENSSL_PATH)/crypto/ec/curve448/word.h -# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h -# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf b/CryptoPkg/L= ibrary/OpensslLib/OpensslLibAccel.inf index 98b07fd2eab9..103ef7bda2a3 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf @@ -205,43 +205,6 @@ [Sources] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c -# $(OPENSSL_PATH)/crypto/ec/curve25519.c -# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c -# $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c -# $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c -# $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c -# $(OPENSSL_PATH)/crypto/ec/ec2_oct.c -# $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c -# $(OPENSSL_PATH)/crypto/ec/ec_ameth.c -# $(OPENSSL_PATH)/crypto/ec/ec_asn1.c -# $(OPENSSL_PATH)/crypto/ec/ec_check.c -# $(OPENSSL_PATH)/crypto/ec/ec_curve.c -# $(OPENSSL_PATH)/crypto/ec/ec_cvt.c -# $(OPENSSL_PATH)/crypto/ec/ec_err.c -# $(OPENSSL_PATH)/crypto/ec/ec_key.c -# $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c -# $(OPENSSL_PATH)/crypto/ec/ec_lib.c -# $(OPENSSL_PATH)/crypto/ec/ec_mult.c -# $(OPENSSL_PATH)/crypto/ec/ec_oct.c -# $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c -# $(OPENSSL_PATH)/crypto/ec/ec_print.c -# $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c -# $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c -# $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c -# $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c -# $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c -# $(OPENSSL_PATH)/crypto/ec/eck_prn.c -# $(OPENSSL_PATH)/crypto/ec/ecp_mont.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nist.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c -# $(OPENSSL_PATH)/crypto/ec/ecp_oct.c -# $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c -# $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -320,7 +283,6 @@ [Sources] $(OPENSSL_PATH)/crypto/md5/md5_dgst.c $(OPENSSL_PATH)/crypto/md5/md5_one.c $(OPENSSL_PATH)/crypto/mem.c -# $(OPENSSL_PATH)/crypto/mem_clr.c # Replaced by assembly optimized NAS= M/S files $(OPENSSL_PATH)/crypto/mem_dbg.c $(OPENSSL_PATH)/crypto/mem_sec.c $(OPENSSL_PATH)/crypto/modes/cbc128.c @@ -427,10 +389,6 @@ [Sources] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_err.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -543,15 +501,6 @@ [Sources] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h -# $(OPENSSL_PATH)/crypto/ec/ec_local.h -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h -# $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h -# $(OPENSSL_PATH)/crypto/ec/curve448/field.h -# $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h -# $(OPENSSL_PATH)/crypto/ec/curve448/word.h -# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h -# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h @@ -634,57 +583,57 @@ [Sources] =20 [Sources.IA32] # Autogenerated IA32 files list starts here - IA32/crypto/aes/aesni-x86.nasm | MSFT - IA32/crypto/aes/vpaes-x86.nasm | MSFT - IA32/crypto/modes/ghash-x86.nasm | MSFT - IA32/crypto/sha/sha1-586.nasm | MSFT - IA32/crypto/sha/sha256-586.nasm | MSFT - IA32/crypto/sha/sha512-586.nasm | MSFT - IA32/crypto/x86cpuid.nasm | MSFT + IA32/crypto/aes/aesni-x86.nasm |MSFT + IA32/crypto/aes/vpaes-x86.nasm |MSFT + IA32/crypto/modes/ghash-x86.nasm |MSFT + IA32/crypto/sha/sha1-586.nasm |MSFT + IA32/crypto/sha/sha256-586.nasm |MSFT + IA32/crypto/sha/sha512-586.nasm |MSFT + IA32/crypto/x86cpuid.nasm |MSFT # Autogenerated files list ends here =20 # Autogenerated IA32Gcc files list starts here - IA32Gcc/crypto/aes/aesni-x86.S | GCC - IA32Gcc/crypto/aes/vpaes-x86.S | GCC - IA32Gcc/crypto/modes/ghash-x86.S | GCC - IA32Gcc/crypto/sha/sha1-586.S | GCC - IA32Gcc/crypto/sha/sha256-586.S | GCC - IA32Gcc/crypto/sha/sha512-586.S | GCC - IA32Gcc/crypto/x86cpuid.S | GCC + IA32Gcc/crypto/aes/aesni-x86.S |GCC + IA32Gcc/crypto/aes/vpaes-x86.S |GCC + IA32Gcc/crypto/modes/ghash-x86.S |GCC + IA32Gcc/crypto/sha/sha1-586.S |GCC + IA32Gcc/crypto/sha/sha256-586.S |GCC + IA32Gcc/crypto/sha/sha512-586.S |GCC + IA32Gcc/crypto/x86cpuid.S |GCC # Autogenerated files list ends here =20 [Sources.X64] X64/ApiHooks.c # Autogenerated X64 files list starts here - X64/crypto/aes/aesni-mb-x86_64.nasm | MSFT - X64/crypto/aes/aesni-sha1-x86_64.nasm | MSFT - X64/crypto/aes/aesni-sha256-x86_64.nasm | MSFT - X64/crypto/aes/aesni-x86_64.nasm | MSFT - X64/crypto/aes/vpaes-x86_64.nasm | MSFT - X64/crypto/modes/aesni-gcm-x86_64.nasm | MSFT - X64/crypto/modes/ghash-x86_64.nasm | MSFT - X64/crypto/sha/sha1-mb-x86_64.nasm | MSFT - X64/crypto/sha/sha1-x86_64.nasm | MSFT - X64/crypto/sha/sha256-mb-x86_64.nasm | MSFT - X64/crypto/sha/sha256-x86_64.nasm | MSFT - X64/crypto/sha/sha512-x86_64.nasm | MSFT - X64/crypto/x86_64cpuid.nasm | MSFT + X64/crypto/aes/aesni-mb-x86_64.nasm |MSFT + X64/crypto/aes/aesni-sha1-x86_64.nasm |MSFT + X64/crypto/aes/aesni-sha256-x86_64.nasm |MSFT + X64/crypto/aes/aesni-x86_64.nasm |MSFT + X64/crypto/aes/vpaes-x86_64.nasm |MSFT + X64/crypto/modes/aesni-gcm-x86_64.nasm |MSFT + X64/crypto/modes/ghash-x86_64.nasm |MSFT + X64/crypto/sha/sha1-mb-x86_64.nasm |MSFT + X64/crypto/sha/sha1-x86_64.nasm |MSFT + X64/crypto/sha/sha256-mb-x86_64.nasm |MSFT + X64/crypto/sha/sha256-x86_64.nasm |MSFT + X64/crypto/sha/sha512-x86_64.nasm |MSFT + X64/crypto/x86_64cpuid.nasm |MSFT # Autogenerated files list ends here =20 # Autogenerated X64Gcc files list starts here - X64Gcc/crypto/aes/aesni-mb-x86_64.S | GCC - X64Gcc/crypto/aes/aesni-sha1-x86_64.S | GCC - X64Gcc/crypto/aes/aesni-sha256-x86_64.S | GCC - X64Gcc/crypto/aes/aesni-x86_64.S | GCC - X64Gcc/crypto/aes/vpaes-x86_64.S | GCC - X64Gcc/crypto/modes/aesni-gcm-x86_64.S | GCC - X64Gcc/crypto/modes/ghash-x86_64.S | GCC - X64Gcc/crypto/sha/sha1-mb-x86_64.S | GCC - X64Gcc/crypto/sha/sha1-x86_64.S | GCC - X64Gcc/crypto/sha/sha256-mb-x86_64.S | GCC - X64Gcc/crypto/sha/sha256-x86_64.S | GCC - X64Gcc/crypto/sha/sha512-x86_64.S | GCC - X64Gcc/crypto/x86_64cpuid.S | GCC + X64Gcc/crypto/aes/aesni-mb-x86_64.S |GCC + X64Gcc/crypto/aes/aesni-sha1-x86_64.S |GCC + X64Gcc/crypto/aes/aesni-sha256-x86_64.S |GCC + X64Gcc/crypto/aes/aesni-x86_64.S |GCC + X64Gcc/crypto/aes/vpaes-x86_64.S |GCC + X64Gcc/crypto/modes/aesni-gcm-x86_64.S |GCC + X64Gcc/crypto/modes/ghash-x86_64.S |GCC + X64Gcc/crypto/sha/sha1-mb-x86_64.S |GCC + X64Gcc/crypto/sha/sha1-x86_64.S |GCC + X64Gcc/crypto/sha/sha256-mb-x86_64.S |GCC + X64Gcc/crypto/sha/sha256-x86_64.S |GCC + X64Gcc/crypto/sha/sha512-x86_64.S |GCC + X64Gcc/crypto/x86_64cpuid.S |GCC # Autogenerated files list ends here =20 [Packages] diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/= Library/OpensslLib/OpensslLibCrypto.inf index d02769428b86..c4eaea888c1a 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -205,43 +205,6 @@ [Sources] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c -# $(OPENSSL_PATH)/crypto/ec/curve25519.c -# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c -# $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c -# $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c -# $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c -# $(OPENSSL_PATH)/crypto/ec/ec2_oct.c -# $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c -# $(OPENSSL_PATH)/crypto/ec/ec_ameth.c -# $(OPENSSL_PATH)/crypto/ec/ec_asn1.c -# $(OPENSSL_PATH)/crypto/ec/ec_check.c -# $(OPENSSL_PATH)/crypto/ec/ec_curve.c -# $(OPENSSL_PATH)/crypto/ec/ec_cvt.c -# $(OPENSSL_PATH)/crypto/ec/ec_err.c -# $(OPENSSL_PATH)/crypto/ec/ec_key.c -# $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c -# $(OPENSSL_PATH)/crypto/ec/ec_lib.c -# $(OPENSSL_PATH)/crypto/ec/ec_mult.c -# $(OPENSSL_PATH)/crypto/ec/ec_oct.c -# $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c -# $(OPENSSL_PATH)/crypto/ec/ec_print.c -# $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c -# $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c -# $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c -# $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c -# $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c -# $(OPENSSL_PATH)/crypto/ec/eck_prn.c -# $(OPENSSL_PATH)/crypto/ec/ecp_mont.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nist.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c -# $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c -# $(OPENSSL_PATH)/crypto/ec/ecp_oct.c -# $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c -# $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -427,10 +390,6 @@ [Sources] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_err.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c -# $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -543,15 +502,6 @@ [Sources] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h -# $(OPENSSL_PATH)/crypto/ec/ec_local.h -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h -# $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h -# $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h -# $(OPENSSL_PATH)/crypto/ec/curve448/field.h -# $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h -# $(OPENSSL_PATH)/crypto/ec/curve448/word.h -# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h -# $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h @@ -574,57 +524,6 @@ [Sources] $(OPENSSL_PATH)/crypto/x509v3/pcy_local.h $(OPENSSL_PATH)/crypto/x509v3/standard_exts.h $(OPENSSL_PATH)/crypto/x509v3/v3_admis.h -# $(OPENSSL_PATH)/ssl/bio_ssl.c -# $(OPENSSL_PATH)/ssl/d1_lib.c -# $(OPENSSL_PATH)/ssl/d1_msg.c -# $(OPENSSL_PATH)/ssl/d1_srtp.c -# $(OPENSSL_PATH)/ssl/methods.c -# $(OPENSSL_PATH)/ssl/packet.c -# $(OPENSSL_PATH)/ssl/pqueue.c -# $(OPENSSL_PATH)/ssl/record/dtls1_bitmap.c -# $(OPENSSL_PATH)/ssl/record/rec_layer_d1.c -# $(OPENSSL_PATH)/ssl/record/rec_layer_s3.c -# $(OPENSSL_PATH)/ssl/record/ssl3_buffer.c -# $(OPENSSL_PATH)/ssl/record/ssl3_record.c -# $(OPENSSL_PATH)/ssl/record/ssl3_record_tls13.c -# $(OPENSSL_PATH)/ssl/s3_cbc.c -# $(OPENSSL_PATH)/ssl/s3_enc.c -# $(OPENSSL_PATH)/ssl/s3_lib.c -# $(OPENSSL_PATH)/ssl/s3_msg.c -# $(OPENSSL_PATH)/ssl/ssl_asn1.c -# $(OPENSSL_PATH)/ssl/ssl_cert.c -# $(OPENSSL_PATH)/ssl/ssl_ciph.c -# $(OPENSSL_PATH)/ssl/ssl_conf.c -# $(OPENSSL_PATH)/ssl/ssl_err.c -# $(OPENSSL_PATH)/ssl/ssl_init.c -# $(OPENSSL_PATH)/ssl/ssl_lib.c -# $(OPENSSL_PATH)/ssl/ssl_mcnf.c -# $(OPENSSL_PATH)/ssl/ssl_rsa.c -# $(OPENSSL_PATH)/ssl/ssl_sess.c -# $(OPENSSL_PATH)/ssl/ssl_stat.c -# $(OPENSSL_PATH)/ssl/ssl_txt.c -# $(OPENSSL_PATH)/ssl/ssl_utst.c -# $(OPENSSL_PATH)/ssl/statem/extensions.c -# $(OPENSSL_PATH)/ssl/statem/extensions_clnt.c -# $(OPENSSL_PATH)/ssl/statem/extensions_cust.c -# $(OPENSSL_PATH)/ssl/statem/extensions_srvr.c -# $(OPENSSL_PATH)/ssl/statem/statem.c -# $(OPENSSL_PATH)/ssl/statem/statem_clnt.c -# $(OPENSSL_PATH)/ssl/statem/statem_dtls.c -# $(OPENSSL_PATH)/ssl/statem/statem_lib.c -# $(OPENSSL_PATH)/ssl/statem/statem_srvr.c -# $(OPENSSL_PATH)/ssl/t1_enc.c -# $(OPENSSL_PATH)/ssl/t1_lib.c -# $(OPENSSL_PATH)/ssl/t1_trce.c -# $(OPENSSL_PATH)/ssl/tls13_enc.c -# $(OPENSSL_PATH)/ssl/tls_srp.c -# $(OPENSSL_PATH)/ssl/packet_local.h -# $(OPENSSL_PATH)/ssl/ssl_cert_table.h -# $(OPENSSL_PATH)/ssl/ssl_local.h -# $(OPENSSL_PATH)/ssl/record/record.h -# $(OPENSSL_PATH)/ssl/record/record_local.h -# $(OPENSSL_PATH)/ssl/statem/statem.h -# $(OPENSSL_PATH)/ssl/statem/statem_local.h # Autogenerated files list ends here buildinf.h ossl_store.c diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf b/CryptoPkg/Li= brary/OpensslLib/OpensslLibFull.inf index aa73265931f7..309e43055ce2 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFull.inf @@ -209,43 +209,6 @@ [Sources] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/ec/curve25519.c - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c - $(OPENSSL_PATH)/crypto/ec/ec_check.c - $(OPENSSL_PATH)/crypto/ec/ec_curve.c - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c - $(OPENSSL_PATH)/crypto/ec/ec_err.c - $(OPENSSL_PATH)/crypto/ec/ec_key.c - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c - $(OPENSSL_PATH)/crypto/ec/ec_lib.c - $(OPENSSL_PATH)/crypto/ec/ec_mult.c - $(OPENSSL_PATH)/crypto/ec/ec_oct.c - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c - $(OPENSSL_PATH)/crypto/ec/ec_print.c - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c - $(OPENSSL_PATH)/crypto/ec/eck_prn.c - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -431,10 +394,6 @@ [Sources] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c - $(OPENSSL_PATH)/crypto/sm2/sm2_err.c - $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -547,15 +506,6 @@ [Sources] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h - $(OPENSSL_PATH)/crypto/ec/ec_local.h - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h - $(OPENSSL_PATH)/crypto/ec/curve448/field.h - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h - $(OPENSSL_PATH)/crypto/ec/curve448/word.h - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h @@ -629,6 +579,56 @@ [Sources] $(OPENSSL_PATH)/ssl/record/record_local.h $(OPENSSL_PATH)/ssl/statem/statem.h $(OPENSSL_PATH)/ssl/statem/statem_local.h + $(OPENSSL_PATH)/crypto/ec/curve25519.c + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c + $(OPENSSL_PATH)/crypto/ec/ec_check.c + $(OPENSSL_PATH)/crypto/ec/ec_curve.c + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c + $(OPENSSL_PATH)/crypto/ec/ec_err.c + $(OPENSSL_PATH)/crypto/ec/ec_key.c + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_lib.c + $(OPENSSL_PATH)/crypto/ec/ec_mult.c + $(OPENSSL_PATH)/crypto/ec/ec_oct.c + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_print.c + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c + $(OPENSSL_PATH)/crypto/ec/eck_prn.c + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c + $(OPENSSL_PATH)/crypto/ec/ec_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h + $(OPENSSL_PATH)/crypto/ec/curve448/field.h + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h + $(OPENSSL_PATH)/crypto/ec/curve448/word.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h # Autogenerated files list ends here buildinf.h ossl_store.c diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf b/CryptoP= kg/Library/OpensslLib/OpensslLibFullAccel.inf index 6525b73a9e7b..4eeeeb79bd94 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf @@ -210,43 +210,6 @@ [Sources] $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c - $(OPENSSL_PATH)/crypto/ec/curve25519.c - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c - $(OPENSSL_PATH)/crypto/ec/ec_check.c - $(OPENSSL_PATH)/crypto/ec/ec_curve.c - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c - $(OPENSSL_PATH)/crypto/ec/ec_err.c - $(OPENSSL_PATH)/crypto/ec/ec_key.c - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c - $(OPENSSL_PATH)/crypto/ec/ec_lib.c - $(OPENSSL_PATH)/crypto/ec/ec_mult.c - $(OPENSSL_PATH)/crypto/ec/ec_oct.c - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c - $(OPENSSL_PATH)/crypto/ec/ec_print.c - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c - $(OPENSSL_PATH)/crypto/ec/eck_prn.c - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -325,7 +288,6 @@ [Sources] $(OPENSSL_PATH)/crypto/md5/md5_dgst.c $(OPENSSL_PATH)/crypto/md5/md5_one.c $(OPENSSL_PATH)/crypto/mem.c -# $(OPENSSL_PATH)/crypto/mem_clr.c # Replaced by assembly optimized NAS= M/S files $(OPENSSL_PATH)/crypto/mem_dbg.c $(OPENSSL_PATH)/crypto/mem_sec.c $(OPENSSL_PATH)/crypto/modes/cbc128.c @@ -432,10 +394,6 @@ [Sources] $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c - $(OPENSSL_PATH)/crypto/sm2/sm2_err.c - $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c - $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -548,15 +506,6 @@ [Sources] $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h - $(OPENSSL_PATH)/crypto/ec/ec_local.h - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h - $(OPENSSL_PATH)/crypto/ec/curve448/field.h - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h - $(OPENSSL_PATH)/crypto/ec/curve448/word.h - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h @@ -630,6 +579,56 @@ [Sources] $(OPENSSL_PATH)/ssl/record/record_local.h $(OPENSSL_PATH)/ssl/statem/statem.h $(OPENSSL_PATH)/ssl/statem/statem_local.h + $(OPENSSL_PATH)/crypto/ec/curve25519.c + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c + $(OPENSSL_PATH)/crypto/ec/ec_check.c + $(OPENSSL_PATH)/crypto/ec/ec_curve.c + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c + $(OPENSSL_PATH)/crypto/ec/ec_err.c + $(OPENSSL_PATH)/crypto/ec/ec_key.c + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_lib.c + $(OPENSSL_PATH)/crypto/ec/ec_mult.c + $(OPENSSL_PATH)/crypto/ec/ec_oct.c + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_print.c + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c + $(OPENSSL_PATH)/crypto/ec/eck_prn.c + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c + $(OPENSSL_PATH)/crypto/ec/ec_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h + $(OPENSSL_PATH)/crypto/ec/curve448/field.h + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h + $(OPENSSL_PATH)/crypto/ec/curve448/word.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h # Autogenerated files list ends here buildinf.h ossl_store.c @@ -639,57 +638,57 @@ [Sources] =20 [Sources.IA32] # Autogenerated IA32 files list starts here - IA32/crypto/aes/aesni-x86.nasm | MSFT - IA32/crypto/aes/vpaes-x86.nasm | MSFT - IA32/crypto/modes/ghash-x86.nasm | MSFT - IA32/crypto/sha/sha1-586.nasm | MSFT - IA32/crypto/sha/sha256-586.nasm | MSFT - IA32/crypto/sha/sha512-586.nasm | MSFT - IA32/crypto/x86cpuid.nasm | MSFT + IA32/crypto/aes/aesni-x86.nasm |MSFT + IA32/crypto/aes/vpaes-x86.nasm |MSFT + IA32/crypto/modes/ghash-x86.nasm |MSFT + IA32/crypto/sha/sha1-586.nasm |MSFT + IA32/crypto/sha/sha256-586.nasm |MSFT + IA32/crypto/sha/sha512-586.nasm |MSFT + IA32/crypto/x86cpuid.nasm |MSFT # Autogenerated files list ends here =20 # Autogenerated IA32Gcc files list starts here - IA32Gcc/crypto/aes/aesni-x86.S | GCC - IA32Gcc/crypto/aes/vpaes-x86.S | GCC - IA32Gcc/crypto/modes/ghash-x86.S | GCC - IA32Gcc/crypto/sha/sha1-586.S | GCC - IA32Gcc/crypto/sha/sha256-586.S | GCC - IA32Gcc/crypto/sha/sha512-586.S | GCC - IA32Gcc/crypto/x86cpuid.S | GCC + IA32Gcc/crypto/aes/aesni-x86.S |GCC + IA32Gcc/crypto/aes/vpaes-x86.S |GCC + IA32Gcc/crypto/modes/ghash-x86.S |GCC + IA32Gcc/crypto/sha/sha1-586.S |GCC + IA32Gcc/crypto/sha/sha256-586.S |GCC + IA32Gcc/crypto/sha/sha512-586.S |GCC + IA32Gcc/crypto/x86cpuid.S |GCC # Autogenerated files list ends here =20 [Sources.X64] X64/ApiHooks.c # Autogenerated X64 files list starts here - X64/crypto/aes/aesni-mb-x86_64.nasm | MSFT - X64/crypto/aes/aesni-sha1-x86_64.nasm | MSFT - X64/crypto/aes/aesni-sha256-x86_64.nasm | MSFT - X64/crypto/aes/aesni-x86_64.nasm | MSFT - X64/crypto/aes/vpaes-x86_64.nasm | MSFT - X64/crypto/modes/aesni-gcm-x86_64.nasm | MSFT - X64/crypto/modes/ghash-x86_64.nasm | MSFT - X64/crypto/sha/sha1-mb-x86_64.nasm | MSFT - X64/crypto/sha/sha1-x86_64.nasm | MSFT - X64/crypto/sha/sha256-mb-x86_64.nasm | MSFT - X64/crypto/sha/sha256-x86_64.nasm | MSFT - X64/crypto/sha/sha512-x86_64.nasm | MSFT - X64/crypto/x86_64cpuid.nasm | MSFT + X64/crypto/aes/aesni-mb-x86_64.nasm |MSFT + X64/crypto/aes/aesni-sha1-x86_64.nasm |MSFT + X64/crypto/aes/aesni-sha256-x86_64.nasm |MSFT + X64/crypto/aes/aesni-x86_64.nasm |MSFT + X64/crypto/aes/vpaes-x86_64.nasm |MSFT + X64/crypto/modes/aesni-gcm-x86_64.nasm |MSFT + X64/crypto/modes/ghash-x86_64.nasm |MSFT + X64/crypto/sha/sha1-mb-x86_64.nasm |MSFT + X64/crypto/sha/sha1-x86_64.nasm |MSFT + X64/crypto/sha/sha256-mb-x86_64.nasm |MSFT + X64/crypto/sha/sha256-x86_64.nasm |MSFT + X64/crypto/sha/sha512-x86_64.nasm |MSFT + X64/crypto/x86_64cpuid.nasm |MSFT # Autogenerated files list ends here =20 # Autogenerated X64Gcc files list starts here - X64Gcc/crypto/aes/aesni-mb-x86_64.S | GCC - X64Gcc/crypto/aes/aesni-sha1-x86_64.S | GCC - X64Gcc/crypto/aes/aesni-sha256-x86_64.S | GCC - X64Gcc/crypto/aes/aesni-x86_64.S | GCC - X64Gcc/crypto/aes/vpaes-x86_64.S | GCC - X64Gcc/crypto/modes/aesni-gcm-x86_64.S | GCC - X64Gcc/crypto/modes/ghash-x86_64.S | GCC - X64Gcc/crypto/sha/sha1-mb-x86_64.S | GCC - X64Gcc/crypto/sha/sha1-x86_64.S | GCC - X64Gcc/crypto/sha/sha256-mb-x86_64.S | GCC - X64Gcc/crypto/sha/sha256-x86_64.S | GCC - X64Gcc/crypto/sha/sha512-x86_64.S | GCC - X64Gcc/crypto/x86_64cpuid.S | GCC + X64Gcc/crypto/aes/aesni-mb-x86_64.S |GCC + X64Gcc/crypto/aes/aesni-sha1-x86_64.S |GCC + X64Gcc/crypto/aes/aesni-sha256-x86_64.S |GCC + X64Gcc/crypto/aes/aesni-x86_64.S |GCC + X64Gcc/crypto/aes/vpaes-x86_64.S |GCC + X64Gcc/crypto/modes/aesni-gcm-x86_64.S |GCC + X64Gcc/crypto/modes/ghash-x86_64.S |GCC + X64Gcc/crypto/sha/sha1-mb-x86_64.S |GCC + X64Gcc/crypto/sha/sha1-x86_64.S |GCC + X64Gcc/crypto/sha/sha256-mb-x86_64.S |GCC + X64Gcc/crypto/sha/sha256-x86_64.S |GCC + X64Gcc/crypto/sha/sha512-x86_64.S |GCC + X64Gcc/crypto/x86_64cpuid.S |GCC # Autogenerated files list ends here =20 [Packages] --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95450): https://edk2.groups.io/g/devel/message/95450 Mute This Topic: https://groups.io/mt/94460309/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-