REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828

Review PR: https://github.com/tianocore/edk2/pull/3398
This patch sequence is used to add CryptEc library, which are wrapped
over OpenSSL. The implementation provides library functions for EFI
BaseCrypt protocol and EFI BaseCrypt Configuration Protocol.

All APIs passed unit test and fuzzing test, detail as:
1. Unit test:
The purpose of unit testing is to ensure that the function obtains the
expected result under specific input, that is, to ensure the correctness
of APIs.
All test case show in patch 3 :CryptoPkg/Test: Add unit test for CryptoEc.
2. Fuzzing test:
Various Fuzz Testing are employed across the all introduced APIs, and the
test is used AFL (2.52b) and Libfuzzer (clang+llvm-11.0.0) as the fuzzer,
based on HBFA.
Fuzzing Pass Rate is 100%;
The Code Coverage new APIs is 90.3%.
All test case show in:
https://github.com/liyi77/edk2-staging/tree/HBFA/HBFA/UefiHostFuzzTestCasePkg/TestCase/CryptoPkg

V2 change:
1. Squash uncrustify tool update into previous patch. 
2. Increase EDKII_CRYPTO_VERSION to 10.
V3 change:
Fix typo in comment.
V4 change:
Add ECC related usage reference

Tested-by: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>

Signed-off-by: Yi Li <yi1.li@intel.com>
Yi Li (4):
  CryptoPkg: Add EC support
  CryptoPkg: Add EC APIs to DXE and protocol
  CryptoPkg: Add ECC related usage reference
  CryptoPkg/Test: Add unit test for CryptoEc

 CryptoPkg/CryptoPkg.dec                       |  28 +
 CryptoPkg/CryptoPkg.dsc                       |   1 +
 CryptoPkg/Driver/Crypto.c                     | 496 +++++++++++
 CryptoPkg/Include/Library/BaseCryptLib.h      | 424 +++++++++
 .../Pcd/PcdCryptoServiceFamilyEnable.h        |  25 +
 .../Library/BaseCryptLib/BaseCryptLib.inf     |   2 +
 .../Library/BaseCryptLib/PeiCryptLib.inf      |   1 +
 CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c   | 765 ++++++++++++++++
 .../Library/BaseCryptLib/Pk/CryptEcNull.c     | 496 +++++++++++
 .../Library/BaseCryptLib/SmmCryptLib.inf      |   1 +
 .../BaseCryptLib/UnitTestHostBaseCryptLib.inf |   2 +
 .../BaseCryptLibNull/BaseCryptLibNull.inf     |   1 +
 .../Library/BaseCryptLibNull/Pk/CryptEcNull.c | 496 +++++++++++
 .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 469 ++++++++++
 CryptoPkg/Private/Protocol/Crypto.h           | 831 +++++++++++++-----
 CryptoPkg/Test/CryptoPkgHostUnitTest.dsc      |   3 +
 .../BaseCryptLib/BaseCryptLibUnitTests.c      |   1 +
 .../UnitTest/Library/BaseCryptLib/EcTests.c   | 290 ++++++
 .../Library/BaseCryptLib/TestBaseCryptLib.h   |   2 +
 .../BaseCryptLib/TestBaseCryptLibHost.inf     |   1 +
 .../BaseCryptLib/TestBaseCryptLibShell.inf    |   1 +
 21 files changed, 4136 insertions(+), 200 deletions(-)
 create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c
 create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptEcNull.c
 create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c
 create mode 100644 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/EcTests.c

-- 
2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94276): https://edk2.groups.io/g/devel/message/94276
Mute This Topic: https://groups.io/mt/93901843/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Thanks.

For patch 3/4:
I don't think "TLS" is "public key related service". I suggest to change from
+  # 1) Platform needs ECC in public key related service, eg. Tls, X509, Pem.
to
+  # 1) Platform needs ECC in TLS, or asymmetric cryptography services such as X509 certificate or PEM format data processing.

The rest looks good to me.
With above comment change, reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>


Thank you
Yao Jiewen

> -----Original Message-----
> From: Li, Yi1 <yi1.li@intel.com>
> Sent: Sunday, September 25, 2022 11:39 AM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang,
> Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang,
> Guomin <guomin.jiang@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Subject: [PATCH V4 0/4] CryptoPkg: Add EC support
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828
> 
> Review PR: https://github.com/tianocore/edk2/pull/3398
> This patch sequence is used to add CryptEc library, which are wrapped
> over OpenSSL. The implementation provides library functions for EFI
> BaseCrypt protocol and EFI BaseCrypt Configuration Protocol.
> 
> All APIs passed unit test and fuzzing test, detail as:
> 1. Unit test:
> The purpose of unit testing is to ensure that the function obtains the
> expected result under specific input, that is, to ensure the correctness
> of APIs.
> All test case show in patch 3 :CryptoPkg/Test: Add unit test for CryptoEc.
> 2. Fuzzing test:
> Various Fuzz Testing are employed across the all introduced APIs, and the
> test is used AFL (2.52b) and Libfuzzer (clang+llvm-11.0.0) as the fuzzer,
> based on HBFA.
> Fuzzing Pass Rate is 100%;
> The Code Coverage new APIs is 90.3%.
> All test case show in:
> https://github.com/liyi77/edk2-
> staging/tree/HBFA/HBFA/UefiHostFuzzTestCasePkg/TestCase/CryptoPkg
> 
> V2 change:
> 1. Squash uncrustify tool update into previous patch.
> 2. Increase EDKII_CRYPTO_VERSION to 10.
> V3 change:
> Fix typo in comment.
> V4 change:
> Add ECC related usage reference
> 
> Tested-by: Yi Li <yi1.li@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> 
> Signed-off-by: Yi Li <yi1.li@intel.com>
> Yi Li (4):
>   CryptoPkg: Add EC support
>   CryptoPkg: Add EC APIs to DXE and protocol
>   CryptoPkg: Add ECC related usage reference
>   CryptoPkg/Test: Add unit test for CryptoEc
> 
>  CryptoPkg/CryptoPkg.dec                       |  28 +
>  CryptoPkg/CryptoPkg.dsc                       |   1 +
>  CryptoPkg/Driver/Crypto.c                     | 496 +++++++++++
>  CryptoPkg/Include/Library/BaseCryptLib.h      | 424 +++++++++
>  .../Pcd/PcdCryptoServiceFamilyEnable.h        |  25 +
>  .../Library/BaseCryptLib/BaseCryptLib.inf     |   2 +
>  .../Library/BaseCryptLib/PeiCryptLib.inf      |   1 +
>  CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c   | 765 ++++++++++++++++
>  .../Library/BaseCryptLib/Pk/CryptEcNull.c     | 496 +++++++++++
>  .../Library/BaseCryptLib/SmmCryptLib.inf      |   1 +
>  .../BaseCryptLib/UnitTestHostBaseCryptLib.inf |   2 +
>  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   1 +
>  .../Library/BaseCryptLibNull/Pk/CryptEcNull.c | 496 +++++++++++
>  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 469 ++++++++++
>  CryptoPkg/Private/Protocol/Crypto.h           | 831 +++++++++++++-----
>  CryptoPkg/Test/CryptoPkgHostUnitTest.dsc      |   3 +
>  .../BaseCryptLib/BaseCryptLibUnitTests.c      |   1 +
>  .../UnitTest/Library/BaseCryptLib/EcTests.c   | 290 ++++++
>  .../Library/BaseCryptLib/TestBaseCryptLib.h   |   2 +
>  .../BaseCryptLib/TestBaseCryptLibHost.inf     |   1 +
>  .../BaseCryptLib/TestBaseCryptLibShell.inf    |   1 +
>  21 files changed, 4136 insertions(+), 200 deletions(-)
>  create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c
>  create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptEcNull.c
>  create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c
>  create mode 100644
> CryptoPkg/Test/UnitTest/Library/BaseCryptLib/EcTests.c
> 
> --
> 2.31.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94281): https://edk2.groups.io/g/devel/message/94281
Mute This Topic: https://groups.io/mt/93901843/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-