From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 by mx.groups.io with SMTP id smtpd.web11.8589.1665500668772364869
 for <devel@edk2.groups.io>;
 Tue, 11 Oct 2022 08:04:29 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=ADDlSIrz;
 spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: michael.d.kinney@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1665500668; x=1697036668;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=fgESz+/y0rHMzjy+KiZwzgxSeSSRYfF8XndIKw8hv+0=;
  b=ADDlSIrzPm1CXzncCC28gP1kXOXuOXh2zhYiX0S6wINtaI2Jm2pFDdkv
   78cZ4TqxQ7NsLNYG9Uz1eMbHLTmJx3Wm1fjjeWUCY6AXl94XpA30mEmLn
   mVutwjcCpN69KBtGUz4dW0la3bGjb2Wd6FHMfqZETQWtffUb64aS2fEHt
   8HdWnrTg+VvJ5vCXcwouSA6rl8pR39Ug2/5j8X/GfvgHufI1sRLdEdtkg
   ncsHig1zDf2SRGpcyN456rmukkyvRXcDJdqPGjgqTa4kpTkGa4NGcw9D3
   bpKGQ1vI15bTTUv/L5UAnEHuMG25FMEIuksvQXRqNpc+jaRlJJwEFDaOo
   Q==;
X-IronPort-AV: E=McAfee;i="6500,9779,10497"; a="331008774"
X-IronPort-AV: E=Sophos;i="5.95,176,1661842800"; 
   d="scan'208";a="331008774"
Received: from orsmga006.jf.intel.com ([10.7.209.51])
  by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Oct 2022 08:04:06 -0700
X-IronPort-AV: E=McAfee;i="6500,9779,10497"; a="604172800"
X-IronPort-AV: E=Sophos;i="5.95,176,1661842800"; 
   d="scan'208";a="604172800"
Received: from mdkinney-mobl2.amr.corp.intel.com ([10.209.79.249])
  by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Oct 2022 08:04:05 -0700
From: "Michael D Kinney" <michael.d.kinney@intel.com>
To: devel@edk2.groups.io
Cc: Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Xiaoyu Lu <xiaoyu1.lu@intel.com>,
	Guomin Jiang <guomin.jiang@intel.com>,
	Christopher Zurcher <christopher.zurcher@microsoft.com>,
	Rebecca Cran <quic_rcran@quicinc.com>,
	Ard Biesheuvel <ardb@kernel.org>
Subject: [Patch 00/12] CryptoPkg: Remove EC PCD and merge perf opt OpensslLibs
Date: Tue, 11 Oct 2022 08:03:46 -0700
Message-Id: <20221011150358.1332-1-michael.d.kinney@intel.com>
X-Mailer: git-send-email 2.37.1.windows.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

The recent addition of the Ecliptic Curve (EC) feature and the performance
optimization features increased the complexity for platforms to integrate
and enable these features. This series simplifies the platform configuration
as much as possible and improves the ability to manage the the size impact
of cryptographic services in each FW phase. A Readme.md is also added that
provides an overview of the CryptoPkg design and features along with platform
integration recommendations. 

This series also addresses private library class declarations missing from 
CryptoPkg.dec and library instances not producing all the APIs defined
by the library classes. A review of the CryptoPkg EDK II meta data files identified
a number of additional cleanups. The CryptoPkg.dsc file was also updated to
improve CI coverage for future CryptoPkg changes and identified some 
unit test bug fixes.

PR:     https://github.com/tianocore/edk2/pull/3443
Branch: https://github.com/mdkinney/edk2/tree/CryptoPkg_RemoveEcPcd_MergeOptimizedOpensslLibs
Readme: https://github.com/mdkinney/edk2/blob/CryptoPkg_RemoveEcPcd_MergeOptimizedOpensslLibs/CryptoPkg/Readme.md

Change Summary
==============
* Document disabled/deprecated cryptographic services
* Add missing UNI files in BaseCryptLib
* Update BaseCryptLib internal functions to be STATIC and remove EFIAPI
* Add GLOBAL_REMOVE_IF_UNREFERENCED to BaseCryptLib global variables
* Fix BaseCryptLib unit tests
* Cleanup BaseCryptLib and TlsLib INF files and
* Move SysCall/inet_pton.c from BaseCryptLib to TlsLib that uses it.
* Merge 4 performance optimized INFs into OpensslLib*Accel.inf
* Remove use of PcdOpensslEcEnabled and use OpensslLibFull*.inf instead
* Add OpensslLib and IntrinsicLib to CryptoPkg.dec as private library classes
* Update all OpensslLib instances to always produce all APIs in OpensslLib class
* Move PrintLib dependency from OpensslLib INF files to BaseCryptLib INF files
* Update CryptoPkg.dsc files to provide full CI test coverage across all the 
   supported combinations of OpensslLib, BaseCryptLib, and TlsLib instances.
* Remove PACKAGE profile from CryptoPkg.dsc and add TARGET_UNIT_TESTS
  profile.  Adding TARGET_UNIT_TESTS profile is required to prevent a few unit
  test artifacts being included in non unit test builds of components. 
* Add CryptoPkg Readme.md with overview and platform integration details.
* Update host-based unit tests to always use OpensslLibFull.inf and add unit
  test coverage for OpensslLibFullAccel.inf.
* Add Readme.md with CryptoPkg overview and platform integration
  documentation

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Cc: Rebecca Cran <quic_rcran@quicinc.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>

Michael D Kinney (12):
  CryptoPkg: Document and disable deprecated crypto services
  CryptoPkg/Library/BaseCryptLib: Add missing UNI file and fix format
  CryptoPkg/Library/BaseCryptLib: Update internal functions/variables
  CryptoPkg/Test/UnitTest/Library/BaseCryptLib: Unit test fixes
  CryptoPkg/Library: Cleanup BaseCryptLib and TlsLib
  CryptoPkg/Library/OpensslLib: Combine all performance optimized INFs
  CryptoPkg/Library/OpensslLib: Produce consistent set of APIs
  CryptoPkg/Library/OpensslLib: Remove PrintLib from INF files
  CryptoPkg: Remove PcdOpensslEcEnabled from CryptoPkg.dec
  CryptoPkg: Update DSC to improve CI test coverage
  CryptoPkg: Fixed host-based unit tests
  CryptoPkg: Add Readme.md

 CryptoPkg/CryptoPkg.ci.yaml                   |  11 +-
 CryptoPkg/CryptoPkg.dec                       |  42 +-
 CryptoPkg/CryptoPkg.dsc                       | 460 +++++++++---
 .../Pcd/PcdCryptoServiceFamilyEnable.h        | 122 +--
 .../Library/BaseCryptLib/BaseCryptLib.inf     |  10 +-
 .../Library/BaseCryptLib/BaseCryptLib.uni     |   2 -
 .../Library/BaseCryptLib/Hmac/CryptHmac.c     |   7 +
 .../Library/BaseCryptLib/Kdf/CryptHkdf.c      |   5 +-
 .../Library/BaseCryptLib/PeiCryptLib.inf      |   8 +-
 .../Library/BaseCryptLib/PeiCryptLib.uni      |   2 -
 .../BaseCryptLib/Pk/CryptAuthenticode.c       |   2 +-
 .../BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c  |   3 +-
 .../BaseCryptLib/Pk/CryptPkcs7VerifyEku.c     |   3 +
 CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c   |  44 +-
 .../Library/BaseCryptLib/RuntimeCryptLib.inf  |   9 +-
 .../Library/BaseCryptLib/RuntimeCryptLib.uni  |   2 -
 .../Library/BaseCryptLib/SecCryptLib.inf      |  13 +-
 .../{SmmCryptLib.uni => SecCryptLib.uni}      |  11 +-
 .../Library/BaseCryptLib/SmmCryptLib.inf      |  12 -
 .../Library/BaseCryptLib/SmmCryptLib.uni      |   2 -
 .../BaseCryptLib/UnitTestHostBaseCryptLib.inf |  22 +-
 .../Library/Include/openssl/opensslconf.h     | 328 +++++++-
 .../Include/openssl/opensslconf_generated.h   | 333 ---------
 CryptoPkg/Library/OpensslLib/EcSm2Null.c      | 291 ++++++++
 CryptoPkg/Library/OpensslLib/OpensslLib.inf   | 133 ++--
 CryptoPkg/Library/OpensslLib/OpensslLib.uni   |  10 +-
 ...nsslLibIa32Gcc.inf => OpensslLibAccel.inf} | 189 +++--
 .../Library/OpensslLib/OpensslLibAccel.uni    |  14 +
 .../OpensslLib/OpensslLibConstructor.c        |   6 +-
 .../Library/OpensslLib/OpensslLibCrypto.inf   | 185 +++--
 .../Library/OpensslLib/OpensslLibCrypto.uni   |  11 +-
 .../{OpensslLib.inf => OpensslLibFull.inf}    | 143 ++--
 .../{OpensslLib.uni => OpensslLibFull.uni}    |  10 +-
 ...sslLibIa32.inf => OpensslLibFullAccel.inf} | 192 +++--
 .../OpensslLib/OpensslLibFullAccel.uni        |  14 +
 .../Library/OpensslLib/OpensslLibX64.inf      | 706 ------------------
 .../Library/OpensslLib/OpensslLibX64Gcc.inf   | 706 ------------------
 CryptoPkg/Library/OpensslLib/SslNull.c        | 405 ++++++++++
 .../SysCall/inet_pton.c                       |   0
 CryptoPkg/Library/TlsLib/TlsConfig.c          |   2 +-
 CryptoPkg/Library/TlsLib/TlsLib.inf           |  12 +-
 CryptoPkg/Private/Library/IntrinsicLib.h      |  16 +
 CryptoPkg/Private/Library/OpensslLib.h        |  14 +
 CryptoPkg/Readme.md                           | 498 ++++++++++++
 CryptoPkg/Test/CryptoPkgHostUnitTest.dsc      |  17 +-
 .../UnitTest/Library/BaseCryptLib/HmacTests.c |  17 +-
 .../UnitTest/Library/BaseCryptLib/TSTests.c   |   2 +-
 .../TestBaseCryptLibHostAccel.inf             |  55 ++
 48 files changed, 2667 insertions(+), 2434 deletions(-)
 copy CryptoPkg/Library/BaseCryptLib/{SmmCryptLib.uni => SecCryptLib.uni} (74%)
 delete mode 100644 CryptoPkg/Library/Include/openssl/opensslconf_generated.h
 create mode 100644 CryptoPkg/Library/OpensslLib/EcSm2Null.c
 rename CryptoPkg/Library/OpensslLib/{OpensslLibIa32Gcc.inf => OpensslLibAccel.inf} (79%)
 create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibAccel.uni
 copy CryptoPkg/Library/OpensslLib/{OpensslLib.inf => OpensslLibFull.inf} (80%)
 copy CryptoPkg/Library/OpensslLib/{OpensslLib.uni => OpensslLibFull.uni} (56%)
 rename CryptoPkg/Library/OpensslLib/{OpensslLibIa32.inf => OpensslLibFullAccel.inf} (79%)
 create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.uni
 delete mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibX64.inf
 delete mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibX64Gcc.inf
 create mode 100644 CryptoPkg/Library/OpensslLib/SslNull.c
 rename CryptoPkg/Library/{BaseCryptLib => TlsLib}/SysCall/inet_pton.c (100%)
 create mode 100644 CryptoPkg/Private/Library/IntrinsicLib.h
 create mode 100644 CryptoPkg/Private/Library/OpensslLib.h
 create mode 100644 CryptoPkg/Readme.md
 create mode 100644 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHostAccel.inf

-- 
2.37.1.windows.1