From: "Gao, Zhichao" <zhichao.gao@intel.com>
To: devel@edk2.groups.io
Cc: Zhiguang Liu <zhiguang.liu@intel.com>,
Jian J Wang <jian.j.wang@intel.com>,
Xiaoyu Lu <xiaoyux.lu@intel.com>, Siyuan Fu <siyuan.fu@intel.com>,
Michael D Kinney <michael.d.kinney@intel.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Philippe Mathieu-Daude <philmd@redhat.com>
Subject: [PATCH V4 05/11] CryptoPkg/OpensslLib: Set ARC4 disable in OpensslLib
Date: Tue, 12 May 2020 02:27:12 +0800 [thread overview]
Message-ID: <20200511182718.7728-6-zhichao.gao@intel.com> (raw)
In-Reply-To: <20200511182718.7728-1-zhichao.gao@intel.com>
From: Zhiguang Liu <zhiguang.liu@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
This patch is create by adding the setting "no_rc4" of
process_files.pl and running it thru perl.
It would remove the ARC4 from OpensslLib.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Philippe Mathieu-Daude <philmd@redhat.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
CryptoPkg/Library/Include/openssl/opensslconf.h | 3 +++
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 3 ---
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 3 ---
CryptoPkg/Library/OpensslLib/process_files.pl | 1 +
4 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h
index 84672636dc..bab07db583 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
@@ -73,6 +73,9 @@ extern "C" {
#ifndef OPENSSL_NO_RC2
# define OPENSSL_NO_RC2
#endif
+#ifndef OPENSSL_NO_RC4
+# define OPENSSL_NO_RC4
+#endif
#ifndef OPENSSL_NO_RC5
# define OPENSSL_NO_RC5
#endif
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 10710e4a7c..dfaefd1c08 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -374,8 +374,6 @@
$(OPENSSL_PATH)/crypto/rand/rand_unix.c
$(OPENSSL_PATH)/crypto/rand/rand_vms.c
$(OPENSSL_PATH)/crypto/rand/rand_win.c
- $(OPENSSL_PATH)/crypto/rc4/rc4_enc.c
- $(OPENSSL_PATH)/crypto/rc4/rc4_skey.c
$(OPENSSL_PATH)/crypto/rsa/rsa_ameth.c
$(OPENSSL_PATH)/crypto/rsa/rsa_asn1.c
$(OPENSSL_PATH)/crypto/rsa/rsa_chk.c
@@ -531,7 +529,6 @@
$(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h
$(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h
$(OPENSSL_PATH)/crypto/rand/rand_lcl.h
- $(OPENSSL_PATH)/crypto/rc4/rc4_locl.h
$(OPENSSL_PATH)/crypto/rsa/rsa_locl.h
$(OPENSSL_PATH)/crypto/sha/sha_locl.h
$(OPENSSL_PATH)/crypto/siphash/siphash_local.h
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index d9782a3098..080e1d9305 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -374,8 +374,6 @@
$(OPENSSL_PATH)/crypto/rand/rand_unix.c
$(OPENSSL_PATH)/crypto/rand/rand_vms.c
$(OPENSSL_PATH)/crypto/rand/rand_win.c
- $(OPENSSL_PATH)/crypto/rc4/rc4_enc.c
- $(OPENSSL_PATH)/crypto/rc4/rc4_skey.c
$(OPENSSL_PATH)/crypto/rsa/rsa_ameth.c
$(OPENSSL_PATH)/crypto/rsa/rsa_asn1.c
$(OPENSSL_PATH)/crypto/rsa/rsa_chk.c
@@ -531,7 +529,6 @@
$(OPENSSL_PATH)/crypto/ocsp/ocsp_lcl.h
$(OPENSSL_PATH)/crypto/pkcs12/p12_lcl.h
$(OPENSSL_PATH)/crypto/rand/rand_lcl.h
- $(OPENSSL_PATH)/crypto/rc4/rc4_locl.h
$(OPENSSL_PATH)/crypto/rsa/rsa_locl.h
$(OPENSSL_PATH)/crypto/sha/sha_locl.h
$(OPENSSL_PATH)/crypto/siphash/siphash_local.h
diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Library/OpensslLib/process_files.pl
index bd4a84da24..254bc4dbcc 100755
--- a/CryptoPkg/Library/OpensslLib/process_files.pl
+++ b/CryptoPkg/Library/OpensslLib/process_files.pl
@@ -80,6 +80,7 @@ BEGIN {
"no-poly1305",
"no-posix-io",
"no-rc2",
+ "no-rc4",
"no-rfc3779",
"no-rmd160",
"no-scrypt",
--
2.21.0.windows.1
next prev parent reply other threads:[~2020-05-11 18:27 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-11 18:27 [PATCH V4 00/11] CryptoPkg: Retire the deprecated functions Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 01/11] CryptoPkg/CryptoDxe: Add function to indicate the deprecated algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 02/11] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm Gao, Zhichao
2020-05-14 3:13 ` [edk2-devel] " Guomin Jiang
2020-05-14 5:58 ` Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 03/11] CryptoPkg/OpensslLib: Set MD4 disable in OpensslLib Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 04/11] CryptoPkg/BaseCryptLib: Retire ARC4 algorithm Gao, Zhichao
2020-05-11 18:27 ` Gao, Zhichao [this message]
2020-05-11 18:27 ` [PATCH V4 06/11] CryptoPkg/BaseCryptLib: Retire the TDES algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 07/11] CryptoPkg/OpensslLib: Set TDES disable in OpensslLib Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 08/11] CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 09/11] CryptoPkg/BaseCryptLib: Retire HMAC MD5 algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 10/11] CryptoPkg/BaseCryptLib: Retire HMAC SHA1 algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 11/11] CryptoPkg/Crypto.h: Update the version of Crypto Driver Gao, Zhichao
2020-05-13 13:48 ` [PATCH V4 00/11] CryptoPkg: Retire the deprecated functions Wang, Jian J
2020-05-14 2:49 ` Gao, Zhichao
2020-05-14 5:11 ` Wang, Jian J
2020-05-14 6:14 ` Gao, Zhichao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200511182718.7728-6-zhichao.gao@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox