public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally.
@ 2022-05-02 10:34 Gerd Hoffmann
  2022-05-02 10:34 ` [PATCH 1/5] Revert "CryptoPkg: Declare PcdEcEnabled in Library consuming OpensslLib" Gerd Hoffmann
                   ` (5 more replies)
  0 siblings, 6 replies; 21+ messages in thread
From: Gerd Hoffmann @ 2022-05-02 10:34 UTC (permalink / raw)
  To: devel
  Cc: Pawel Polawski, yi1.li, Jiewen Yao, Oliver Steffen, Jian J Wang,
	Ard Biesheuvel, Guomin Jiang, Xiaoyu Lu, Jordan Justen,
	Gerd Hoffmann

Re-opening the elliptic curves debate after running into the recent
openssl changes.  The current implementation is IMHO rather messy.
It adds manual changes to a auto-generated files, which will make
any updates a rather hard and error-prone process.

I see two possible options how we can move forward:

  (1) Drop the idea to make EC configurable and just enable it
      unconditionally.  I think long-term there is no way around
      this anyway as EC is a hard requirement for TLS 1.3.
  (2) Keep the EC config option, but update process_files.pl to
      automatically add the PcdEcEnabled config option handling
      to the files it generates.

This patch set does (1).  It also tweaks ovmf firmware volumes
to make CI tests pass and it also excludes generated files from
codestyle checks.

take care,
  Gerd

Gerd Hoffmann (5):
  Revert "CryptoPkg: Declare PcdEcEnabled in Library consuming
    OpensslLib"
  Revert "CryptoPkg: Make EC source file config-able"
  OvmfPkg: make DXEFV larger
  CryptoPkg/openssl: update generated files
  CryptoPkg/openssl: disable codestyle checks for generated files

 CryptoPkg/CryptoPkg.dec                       |   4 -
 OvmfPkg/OvmfPkgIa32.fdf                       |   6 +-
 OvmfPkg/OvmfPkgIa32X64.fdf                    |   6 +-
 OvmfPkg/OvmfPkgX64.fdf                        |   6 +-
 .../Library/BaseCryptLib/BaseCryptLib.inf     |   3 -
 .../Library/BaseCryptLib/PeiCryptLib.inf      |   3 -
 .../Library/BaseCryptLib/RuntimeCryptLib.inf  |   3 -
 .../Library/BaseCryptLib/SmmCryptLib.inf      |   3 -
 .../BaseCryptLib/UnitTestHostBaseCryptLib.inf |   3 -
 CryptoPkg/Library/OpensslLib/OpensslLib.inf   |  99 ++++----
 .../Library/OpensslLib/OpensslLibCrypto.inf   |  99 ++++----
 CryptoPkg/Library/TlsLib/TlsLib.inf           |   3 -
 CryptoPkg/Library/Include/crypto/dso_conf.h   |   7 +-
 .../Library/Include/openssl/opensslconf.h     | 240 ++++++++----------
 CryptoPkg/CryptoPkg.ci.yaml                   |  10 +
 15 files changed, 234 insertions(+), 261 deletions(-)

-- 
2.35.1


^ permalink raw reply	[flat|nested] 21+ messages in thread

end of thread, other threads:[~2022-05-10 14:31 UTC | newest]

Thread overview: 21+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-05-02 10:34 [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally Gerd Hoffmann
2022-05-02 10:34 ` [PATCH 1/5] Revert "CryptoPkg: Declare PcdEcEnabled in Library consuming OpensslLib" Gerd Hoffmann
2022-05-02 10:34 ` [PATCH 2/5] Revert "CryptoPkg: Make EC source file config-able" Gerd Hoffmann
2022-05-02 10:34 ` [PATCH 3/5] OvmfPkg: make DXEFV larger Gerd Hoffmann
2022-05-02 19:39   ` Ard Biesheuvel
2022-05-02 10:34 ` [PATCH 4/5] CryptoPkg/openssl: update generated files Gerd Hoffmann
2022-05-02 10:34 ` [PATCH 5/5] CryptoPkg/openssl: disable codestyle checks for " Gerd Hoffmann
2022-05-03 15:39 ` [PATCH 0/5] CryptoPkg/openssl: enable EC unconditionally Yao, Jiewen
2022-05-05  8:06   ` Gerd Hoffmann
2022-05-05  9:15     ` [edk2-devel] " Gerd Hoffmann
2022-05-09  1:38       ` Yao, Jiewen
2022-05-09  9:45         ` Gerd Hoffmann
2022-05-09 10:17           ` Yao, Jiewen
2022-05-09 11:27             ` Gerd Hoffmann
2022-05-09 11:47               ` James Bottomley
2022-05-09 12:03                 ` Yao, Jiewen
2022-05-09 13:41                   ` James Bottomley
2022-05-10 10:40                     ` Gerd Hoffmann
2022-05-10 11:20                       ` Yao, Jiewen
2022-05-10 14:31                       ` James Bottomley
     [not found]                 ` <16ED6E30C7B1AB9D.18911@groups.io>
2022-05-09 12:12                   ` Yao, Jiewen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox