From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web12.1058.1666290930610733653 for ; Thu, 20 Oct 2022 11:35:32 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=kGtin4Hm; spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: michael.d.kinney@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1666290932; x=1697826932; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=yyUL5PuzLSV6FyCt62LPZ2inEUjtftZpsAPE3sp24aM=; b=kGtin4HmuStZbEZle02+w4qAumiblh3uGKU/tR7S1LHyjm3NdEJ0ailO Lh+SY23rg0ngE1foL9KtuUmu5jaUVM891felhaIYCHIKH47F99C/f30mh tMAqN8Ddar5CU2vbKCgCvio4mxq0zpuOqZxKBhYcuCoqp91pWvpO8G4e/ /xgtzqFcqVjMgmBV33lJ8tCBC5ewmZkzlGW5LLeG8jt5QRYP8h/trgmnF sfb2/7BmQ9fcpkNgWKWTsIm4ibmqaVucNa5egcdoOqWG1IKLIZIuXannU kvJcvtcfU++vh1RlmhEr34yYzY99tSSwnBfah5ldJ0MiOBrqJLOtyTAoN g==; X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="286523534" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="286523534" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:32 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10506"; a="632427776" X-IronPort-AV: E=Sophos;i="5.95,199,1661842800"; d="scan'208";a="632427776" Received: from mdkinney-mobl2.amr.corp.intel.com ([10.212.188.143]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Oct 2022 11:35:32 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Christopher Zurcher , Rebecca Cran , Ard Biesheuvel Subject: [Patch v2 05/16] CryptoPkg/Library: Cleanup BaseCryptLib and TlsLib Date: Thu, 20 Oct 2022 11:34:59 -0700 Message-Id: <20221020183510.1799-6-michael.d.kinney@intel.com> X-Mailer: git-send-email 2.37.1.windows.1 In-Reply-To: <20221020183510.1799-1-michael.d.kinney@intel.com> References: <20221020183510.1799-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit * Move SysCall/inet_pton.c from BaseCryptLib to TlsLib. The functions in this file are only used by TlsLib instances and not any CryptLib instances. * Fix type mismatch in call to FreePool() in TlsConfig.c * Remove use of gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled from TslLib and CryptLib instances * Add missing *Null.c files to SecCryptLib.inf and RuntimeCryptLib.inf. * Remove ARM and AARCH64 sections from SmmCryptLib.inf that does not support those architectures. * Add missing PrintLib dependencies to [LibraryClasses] sections of CryptLib INF files * Remove extra library classes from [LibraryClasses] sections of CryptLib INF files * Remove unnecessary warning disables from [BuildOptions] sections of TlsLib and CryptLib INF files * Remove RVCT support from SecCryptLib.inf Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Christopher Zurcher Cc: Rebecca Cran Cc: Ard Biesheuvel Signed-off-by: Michael D Kinney --- CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 10 +--------- CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 8 +------- CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c | 4 ---- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 4 ---- CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 9 ++------- CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf | 12 ++++-------- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 12 ------------ .../{BaseCryptLib => TlsLib}/SysCall/inet_pton.c | 0 CryptoPkg/Library/TlsLib/TlsConfig.c | 12 ++++-------- CryptoPkg/Library/TlsLib/TlsLib.inf | 12 +----------- 10 files changed, 13 insertions(+), 70 deletions(-) rename CryptoPkg/Library/{BaseCryptLib => TlsLib}/SysCall/inet_pton.c (100%) diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf index 8896e47095d2..213813cad971 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -54,15 +54,13 @@ [Sources] Pk/CryptTs.c Pk/CryptRsaPss.c Pk/CryptRsaPssSign.c - Pk/CryptEcNull.c |*|*|*|!gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - Pk/CryptEc.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled + Pk/CryptEc.c Pem/CryptPem.c Bn/CryptBn.c SysCall/CrtWrapper.c SysCall/TimerWrapper.c SysCall/BaseMemAllocation.c - SysCall/inet_pton.c [Sources.Ia32] Rand/CryptRandTsc.c @@ -96,19 +94,13 @@ [LibraryClasses] IntrinsicLib PrintLib -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - # # Remove these [BuildOptions] after this library is cleaned up # [BuildOptions] # # suppress the following warnings so we do not break the build with warnings-as-errors: - # C4090: 'function' : different 'const' qualifiers # - MSFT:*_*_*_CC_FLAGS = /wd4090 - GCC:*_CLANG35_*_CC_FLAGS = -std=c99 GCC:*_CLANG38_*_CC_FLAGS = -std=c99 GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf index 3799780c9f52..b1629647f9c6 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -79,9 +79,7 @@ [LibraryClasses] DebugLib OpensslLib IntrinsicLib - -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled + PrintLib # # Remove these [BuildOptions] after this library is cleaned up @@ -89,11 +87,7 @@ [FixedPcd] [BuildOptions] # # suppress the following warnings so we do not break the build with warnings-as-errors: - # C4090: 'function' : different 'const' qualifiers - # C4718: 'function call' : recursive call has no side effects, deleting # - MSFT:*_*_*_CC_FLAGS = /wd4090 /wd4718 - GCC:*_CLANG35_*_CC_FLAGS = -std=c99 GCC:*_CLANG38_*_CC_FLAGS = -std=c99 GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types diff --git a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c index 559a6b4df037..d64cf3d68072 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c +++ b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c @@ -153,7 +153,6 @@ EcGetPrivateKeyFromPem ( OUT VOID **EcContext ) { - #if FixedPcdGetBool (PcdOpensslEcEnabled) BOOLEAN Status; BIO *PemBio; @@ -209,7 +208,4 @@ EcGetPrivateKeyFromPem ( BIO_free (PemBio); return Status; - #else - return FALSE; - #endif } diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 1d91ac3b0f44..2333157e0d17 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -881,7 +881,6 @@ EcGetPublicKeyFromX509 ( OUT VOID **EcContext ) { - #if FixedPcdGetBool (PcdOpensslEcEnabled) BOOLEAN Status; EVP_PKEY *Pkey; X509 *X509Cert; @@ -935,9 +934,6 @@ EcGetPublicKeyFromX509 ( } return Status; - #else - return FALSE; - #endif } /** diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf index bb66604e320f..07dbc0e7a8bd 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -60,7 +60,9 @@ [Sources] Pk/CryptTsNull.c Pk/CryptRsaPssNull.c Pk/CryptRsaPssSignNull.c + Pk/CryptEcNull.c Pem/CryptPem.c + Bn/CryptBnNull.c SysCall/CrtWrapper.c SysCall/TimerWrapper.c @@ -91,26 +93,19 @@ [Packages] [LibraryClasses] BaseLib BaseMemoryLib - UefiBootServicesTableLib UefiRuntimeServicesTableLib DebugLib OpensslLib IntrinsicLib PrintLib -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - # # Remove these [BuildOptions] after this library is cleaned up # [BuildOptions] # # suppress the following warnings so we do not break the build with warnings-as-errors: - # C4090: 'function' : different 'const' qualifiers # - MSFT:*_*_*_CC_FLAGS = /wd4090 - GCC:*_CLANG35_*_CC_FLAGS = -std=c99 GCC:*_CLANG38_*_CC_FLAGS = -std=c99 GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf index 4f652be46a82..4ad59b7bbc59 100644 --- a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf @@ -38,6 +38,7 @@ [Sources] Hmac/CryptHmacNull.c Kdf/CryptHkdfNull.c Cipher/CryptAesNull.c + Cipher/CryptAeadAesGcmNull.c Pk/CryptRsaBasicNull.c Pk/CryptRsaExtNull.c Pk/CryptPkcs1OaepNull.c @@ -53,6 +54,8 @@ [Sources] Rand/CryptRandNull.c Pk/CryptRsaPssNull.c Pk/CryptRsaPssSignNull.c + Pk/CryptEcNull.c + Bn/CryptBnNull.c SysCall/CrtWrapper.c SysCall/ConstantTimeClock.c @@ -69,6 +72,7 @@ [LibraryClasses] DebugLib OpensslLib IntrinsicLib + PrintLib # # Remove these [BuildOptions] after this library is cleaned up @@ -76,15 +80,7 @@ [LibraryClasses] [BuildOptions] # # suppress the following warnings so we do not break the build with warnings-as-errors: - # C4090: 'function' : different 'const' qualifiers - # C4718: 'function call' : recursive call has no side effects, deleting # - MSFT:*_*_*_CC_FLAGS = /wd4090 /wd4718 - - # -JCryptoPkg/Include : To disable the use of the system includes provided by RVCT - # --diag_remark=1 : Reduce severity of "#1-D: last line of file ends without a newline" - RVCT:*_*_ARM_CC_FLAGS = -JCryptoPkg/Include --diag_remark=1 - GCC:*_CLANG35_*_CC_FLAGS = -std=c99 GCC:*_CLANG38_*_CC_FLAGS = -std=c99 GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf index 9318052a51c5..0af7a3f96e8f 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -74,19 +74,12 @@ [Sources.Ia32] [Sources.X64] Rand/CryptRandTsc.c -[Sources.ARM] - Rand/CryptRand.c - -[Sources.AARCH64] - Rand/CryptRand.c - [Packages] MdePkg/MdePkg.dec CryptoPkg/CryptoPkg.dec [LibraryClasses] BaseLib - IoLib BaseMemoryLib MemoryAllocationLib OpensslLib @@ -95,18 +88,13 @@ [LibraryClasses] MmServicesTableLib SynchronizationLib -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - # # Remove these [BuildOptions] after this library is cleaned up # [BuildOptions] # # suppress the following warnings so we do not break the build with warnings-as-errors: - # C4090: 'function' : different 'const' qualifiers # - MSFT:*_*_*_CC_FLAGS = /wd4090 XCODE:*_*_*_CC_FLAGS = -mmmx -msse -std=c99 diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c b/CryptoPkg/Library/TlsLib/SysCall/inet_pton.c similarity index 100% rename from CryptoPkg/Library/BaseCryptLib/SysCall/inet_pton.c rename to CryptoPkg/Library/TlsLib/SysCall/inet_pton.c diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLib/TlsConfig.c index dbe1f0652996..60559de4a7f3 100644 --- a/CryptoPkg/Library/TlsLib/TlsConfig.c +++ b/CryptoPkg/Library/TlsLib/TlsConfig.c @@ -478,7 +478,7 @@ TlsSetCipherList ( FreePool (CipherString); FreeMappedCipher: - FreePool (MappedCipher); + FreePool ((VOID *)MappedCipher); return Status; } @@ -1136,9 +1136,6 @@ TlsSetEcCurve ( IN UINTN DataSize ) { - #if !FixedPcdGetBool (PcdOpensslEcEnabled) - return EFI_UNSUPPORTED; - #else TLS_CONNECTION *TlsConn; EC_KEY *EcKey; INT32 Nid; @@ -1170,23 +1167,22 @@ TlsSetEcCurve ( } if (SSL_set1_curves (TlsConn->Ssl, &Nid, 1) != 1) { - return EFI_INVALID_PARAMETER; + return EFI_UNSUPPORTED; } EcKey = EC_KEY_new_by_curve_name (Nid); if (EcKey == NULL) { - return EFI_INVALID_PARAMETER; + return EFI_UNSUPPORTED; } Ret = SSL_set_tmp_ecdh (TlsConn->Ssl, EcKey); EC_KEY_free (EcKey); if (Ret != 1) { - return EFI_INVALID_PARAMETER; + return EFI_UNSUPPORTED; } return EFI_SUCCESS; - #endif } /** diff --git a/CryptoPkg/Library/TlsLib/TlsLib.inf b/CryptoPkg/Library/TlsLib/TlsLib.inf index 20b0ea683238..4e7b3e535a45 100644 --- a/CryptoPkg/Library/TlsLib/TlsLib.inf +++ b/CryptoPkg/Library/TlsLib/TlsLib.inf @@ -28,6 +28,7 @@ [Sources] TlsInit.c TlsConfig.c TlsProcess.c + SysCall/inet_pton.c [Packages] MdePkg/MdePkg.dec @@ -41,14 +42,3 @@ [LibraryClasses] MemoryAllocationLib OpensslLib SafeIntLib - -[FixedPcd] - gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled - -[BuildOptions] - # - # suppress the following warnings so we do not break the build with warnings-as-errors: - # C4090: 'function' : different 'const' qualifiers - # - MSFT:*_*_*_CC_FLAGS = /wd4090 - -- 2.37.1.windows.1