public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls
@ 2023-02-13 19:19 Gerd Hoffmann
  2023-02-13 19:19 ` [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1() Gerd Hoffmann
                   ` (5 more replies)
  0 siblings, 6 replies; 12+ messages in thread
From: Gerd Hoffmann @ 2023-02-13 19:19 UTC (permalink / raw)
  To: devel; +Cc: Oliver Steffen, Pawel Polawski, Gerd Hoffmann

In preparation for the openssl 3.0 switch ...

openssl 3.0 sneak preview (WIP still, does not yet pass CI) is at
https://github.com/kraxel/edk2/commits/openssl3

Gerd Hoffmann (4):
  CryptoPkg/BaseCryptLib: avoid using SHA1()
  CryptoPkg/BaseCryptLib: avoid using SHA256()
  CryptoPkg/BaseCryptLib: avoid using SHA384()
  CryptoPkg/BaseCryptLib: avoid using SHA512()

 .../Library/BaseCryptLib/Hash/CryptSha1.c     | 16 ++++++++--
 .../Library/BaseCryptLib/Hash/CryptSha256.c   | 16 ++++++++--
 .../Library/BaseCryptLib/Hash/CryptSha512.c   | 32 +++++++++++++++----
 3 files changed, 52 insertions(+), 12 deletions(-)

-- 
2.39.1


^ permalink raw reply	[flat|nested] 12+ messages in thread

* [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1()
  2023-02-13 19:19 [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Gerd Hoffmann
@ 2023-02-13 19:19 ` Gerd Hoffmann
  2023-02-13 22:14   ` [edk2-devel] " Michael D Kinney
  2023-02-13 19:19 ` [PATCH 2/4] CryptoPkg/BaseCryptLib: avoid using SHA256() Gerd Hoffmann
                   ` (4 subsequent siblings)
  5 siblings, 1 reply; 12+ messages in thread
From: Gerd Hoffmann @ 2023-02-13 19:19 UTC (permalink / raw)
  To: devel; +Cc: Oliver Steffen, Pawel Polawski, Gerd Hoffmann

In openssl 3.0 SHA1() goes through the provider logic,
requiring a huge amount of openssl code.  The individual
functions do not, so use them instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
index 1e071ce2b325..cfe1f4bc44c9 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
@@ -204,6 +204,8 @@ Sha1HashAll (
   OUT  UINT8       *HashValue
   )
 {
+  SHA_CTX  Context;
+
   //
   // Check input parameters.
   //
@@ -218,11 +220,19 @@ Sha1HashAll (
   //
   // OpenSSL SHA-1 Hash Computation.
   //
-  if (SHA1 (Data, DataSize, HashValue) == NULL) {
+  if (!SHA1_Init (&Context)) {
     return FALSE;
-  } else {
-    return TRUE;
   }
+
+  if (!SHA1_Update (&Context, Data, DataSize)) {
+    return FALSE;
+  }
+
+  if (!SHA1_Final (HashValue, &Context)) {
+    return FALSE;
+  }
+
+  return TRUE;
 }
 
 #endif
-- 
2.39.1


^ permalink raw reply related	[flat|nested] 12+ messages in thread

* [PATCH 2/4] CryptoPkg/BaseCryptLib: avoid using SHA256()
  2023-02-13 19:19 [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Gerd Hoffmann
  2023-02-13 19:19 ` [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1() Gerd Hoffmann
@ 2023-02-13 19:19 ` Gerd Hoffmann
  2023-02-13 19:19 ` [PATCH 3/4] CryptoPkg/BaseCryptLib: avoid using SHA384() Gerd Hoffmann
                   ` (3 subsequent siblings)
  5 siblings, 0 replies; 12+ messages in thread
From: Gerd Hoffmann @ 2023-02-13 19:19 UTC (permalink / raw)
  To: devel; +Cc: Oliver Steffen, Pawel Polawski, Gerd Hoffmann

In openssl 3.0 SHA256() goes through the provider logic,
requiring a huge amount of openssl code.  The individual
functions do not, so use them instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 .../Library/BaseCryptLib/Hash/CryptSha256.c      | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c
index f105e6e57708..4d7d92812c4d 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha256.c
@@ -202,6 +202,8 @@ Sha256HashAll (
   OUT  UINT8       *HashValue
   )
 {
+  SHA256_CTX  Context;
+
   //
   // Check input parameters.
   //
@@ -216,9 +218,17 @@ Sha256HashAll (
   //
   // OpenSSL SHA-256 Hash Computation.
   //
-  if (SHA256 (Data, DataSize, HashValue) == NULL) {
+  if (!SHA256_Init (&Context)) {
     return FALSE;
-  } else {
-    return TRUE;
   }
+
+  if (!SHA256_Update (&Context, Data, DataSize)) {
+    return FALSE;
+  }
+
+  if (!SHA256_Final (HashValue, &Context)) {
+    return FALSE;
+  }
+
+  return TRUE;
 }
-- 
2.39.1


^ permalink raw reply related	[flat|nested] 12+ messages in thread

* [PATCH 3/4] CryptoPkg/BaseCryptLib: avoid using SHA384()
  2023-02-13 19:19 [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Gerd Hoffmann
  2023-02-13 19:19 ` [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1() Gerd Hoffmann
  2023-02-13 19:19 ` [PATCH 2/4] CryptoPkg/BaseCryptLib: avoid using SHA256() Gerd Hoffmann
@ 2023-02-13 19:19 ` Gerd Hoffmann
  2023-02-13 19:19 ` [PATCH 4/4] CryptoPkg/BaseCryptLib: avoid using SHA512() Gerd Hoffmann
                   ` (2 subsequent siblings)
  5 siblings, 0 replies; 12+ messages in thread
From: Gerd Hoffmann @ 2023-02-13 19:19 UTC (permalink / raw)
  To: devel; +Cc: Oliver Steffen, Pawel Polawski, Gerd Hoffmann

In openssl 3.0 SHA384() goes through the provider logic,
requiring a huge amount of openssl code.  The individual
functions do not, so use them instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 .../Library/BaseCryptLib/Hash/CryptSha512.c      | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
index 59e570846588..2ab7188035e8 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
@@ -204,6 +204,8 @@ Sha384HashAll (
   OUT  UINT8       *HashValue
   )
 {
+  SHA512_CTX  Context;
+
   //
   // Check input parameters.
   //
@@ -218,11 +220,19 @@ Sha384HashAll (
   //
   // OpenSSL SHA-384 Hash Computation.
   //
-  if (SHA384 (Data, DataSize, HashValue) == NULL) {
+  if (!SHA384_Init (&Context)) {
     return FALSE;
-  } else {
-    return TRUE;
   }
+
+  if (!SHA384_Update (&Context, Data, DataSize)) {
+    return FALSE;
+  }
+
+  if (!SHA384_Final (HashValue, &Context)) {
+    return FALSE;
+  }
+
+  return TRUE;
 }
 
 /**
-- 
2.39.1


^ permalink raw reply related	[flat|nested] 12+ messages in thread

* [PATCH 4/4] CryptoPkg/BaseCryptLib: avoid using SHA512()
  2023-02-13 19:19 [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Gerd Hoffmann
                   ` (2 preceding siblings ...)
  2023-02-13 19:19 ` [PATCH 3/4] CryptoPkg/BaseCryptLib: avoid using SHA384() Gerd Hoffmann
@ 2023-02-13 19:19 ` Gerd Hoffmann
  2023-02-14  1:17 ` [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Yao, Jiewen
  2023-02-15  8:15 ` Yao, Jiewen
  5 siblings, 0 replies; 12+ messages in thread
From: Gerd Hoffmann @ 2023-02-13 19:19 UTC (permalink / raw)
  To: devel; +Cc: Oliver Steffen, Pawel Polawski, Gerd Hoffmann

In openssl 3.0 SHA512() goes through the provider logic,
requiring a huge amount of openssl code.  The individual
functions do not, so use them instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 .../Library/BaseCryptLib/Hash/CryptSha512.c      | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
index 2ab7188035e8..dee8f35c41ad 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha512.c
@@ -430,6 +430,8 @@ Sha512HashAll (
   OUT  UINT8       *HashValue
   )
 {
+  SHA512_CTX  Context;
+
   //
   // Check input parameters.
   //
@@ -444,9 +446,17 @@ Sha512HashAll (
   //
   // OpenSSL SHA-512 Hash Computation.
   //
-  if (SHA512 (Data, DataSize, HashValue) == NULL) {
+  if (!SHA512_Init (&Context)) {
     return FALSE;
-  } else {
-    return TRUE;
   }
+
+  if (!SHA512_Update (&Context, Data, DataSize)) {
+    return FALSE;
+  }
+
+  if (!SHA512_Final (HashValue, &Context)) {
+    return FALSE;
+  }
+
+  return TRUE;
 }
-- 
2.39.1


^ permalink raw reply related	[flat|nested] 12+ messages in thread

* Re: [edk2-devel] [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1()
  2023-02-13 19:19 ` [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1() Gerd Hoffmann
@ 2023-02-13 22:14   ` Michael D Kinney
  2023-02-14  2:23     ` Yao, Jiewen
  0 siblings, 1 reply; 12+ messages in thread
From: Michael D Kinney @ 2023-02-13 22:14 UTC (permalink / raw)
  To: devel@edk2.groups.io, kraxel@redhat.com
  Cc: Oliver Steffen, Pawel Polawski, Kinney, Michael D

Hi Gerd,

This is an interesting pattern for the openssl 3.0 size issues.

It looks like the 1.1.1 APIs we are currently using are still available.
Are those legacy APIs guaranteed to be supported under openssl 3.0?

Mike

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd Hoffmann
> Sent: Monday, February 13, 2023 11:20 AM
> To: devel@edk2.groups.io
> Cc: Oliver Steffen <osteffen@redhat.com>; Pawel Polawski <ppolawsk@redhat.com>; Gerd Hoffmann <kraxel@redhat.com>
> Subject: [edk2-devel] [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1()
> 
> In openssl 3.0 SHA1() goes through the provider logic,
> requiring a huge amount of openssl code.  The individual
> functions do not, so use them instead.
> 
> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
> ---
>  CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c | 16 +++++++++++++---
>  1 file changed, 13 insertions(+), 3 deletions(-)
> 
> diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
> index 1e071ce2b325..cfe1f4bc44c9 100644
> --- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
> +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
> @@ -204,6 +204,8 @@ Sha1HashAll (
>    OUT  UINT8       *HashValue
>    )
>  {
> +  SHA_CTX  Context;
> +
>    //
>    // Check input parameters.
>    //
> @@ -218,11 +220,19 @@ Sha1HashAll (
>    //
>    // OpenSSL SHA-1 Hash Computation.
>    //
> -  if (SHA1 (Data, DataSize, HashValue) == NULL) {
> +  if (!SHA1_Init (&Context)) {
>      return FALSE;
> -  } else {
> -    return TRUE;
>    }
> +
> +  if (!SHA1_Update (&Context, Data, DataSize)) {
> +    return FALSE;
> +  }
> +
> +  if (!SHA1_Final (HashValue, &Context)) {
> +    return FALSE;
> +  }
> +
> +  return TRUE;
>  }
> 
>  #endif
> --
> 2.39.1
> 
> 
> 
> 
> 


^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls
  2023-02-13 19:19 [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Gerd Hoffmann
                   ` (3 preceding siblings ...)
  2023-02-13 19:19 ` [PATCH 4/4] CryptoPkg/BaseCryptLib: avoid using SHA512() Gerd Hoffmann
@ 2023-02-14  1:17 ` Yao, Jiewen
  2023-02-14 10:13   ` Gerd Hoffmann
  2023-02-15  8:15 ` Yao, Jiewen
  5 siblings, 1 reply; 12+ messages in thread
From: Yao, Jiewen @ 2023-02-14  1:17 UTC (permalink / raw)
  To: devel@edk2.groups.io, kraxel@redhat.com; +Cc: Oliver Steffen, Pawel Polawski

Good work, Gerd!

Do you have any data on how many K can be saved?

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> Hoffmann
> Sent: Tuesday, February 14, 2023 3:20 AM
> To: devel@edk2.groups.io
> Cc: Oliver Steffen <osteffen@redhat.com>; Pawel Polawski
> <ppolawsk@redhat.com>; Gerd Hoffmann <kraxel@redhat.com>
> Subject: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain
> openssl library calls
> 
> In preparation for the openssl 3.0 switch ...
> 
> openssl 3.0 sneak preview (WIP still, does not yet pass CI) is at
> https://github.com/kraxel/edk2/commits/openssl3
> 
> Gerd Hoffmann (4):
>   CryptoPkg/BaseCryptLib: avoid using SHA1()
>   CryptoPkg/BaseCryptLib: avoid using SHA256()
>   CryptoPkg/BaseCryptLib: avoid using SHA384()
>   CryptoPkg/BaseCryptLib: avoid using SHA512()
> 
>  .../Library/BaseCryptLib/Hash/CryptSha1.c     | 16 ++++++++--
>  .../Library/BaseCryptLib/Hash/CryptSha256.c   | 16 ++++++++--
>  .../Library/BaseCryptLib/Hash/CryptSha512.c   | 32 +++++++++++++++----
>  3 files changed, 52 insertions(+), 12 deletions(-)
> 
> --
> 2.39.1
> 
> 
> 
> 
> 


^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [edk2-devel] [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1()
  2023-02-13 22:14   ` [edk2-devel] " Michael D Kinney
@ 2023-02-14  2:23     ` Yao, Jiewen
  0 siblings, 0 replies; 12+ messages in thread
From: Yao, Jiewen @ 2023-02-14  2:23 UTC (permalink / raw)
  To: devel@edk2.groups.io, Kinney, Michael D, kraxel@redhat.com
  Cc: Oliver Steffen, Pawel Polawski

I think so, we can still use 1.1 APIs in compatible mode. Please refer to:
https://www.openssl.org/docs/man3.0/man7/OPENSSL_API_COMPAT.html
https://github.com/openssl/openssl/blob/openssl-3.0.8/INSTALL.md#api-level
as recommended in https://github.com/openssl/openssl/issues/17930

Thank you
Yao, Jiewen

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Michael D
> Kinney
> Sent: Tuesday, February 14, 2023 6:14 AM
> To: devel@edk2.groups.io; kraxel@redhat.com
> Cc: Oliver Steffen <osteffen@redhat.com>; Pawel Polawski
> <ppolawsk@redhat.com>; Kinney, Michael D <michael.d.kinney@intel.com>
> Subject: Re: [edk2-devel] [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using
> SHA1()
> 
> Hi Gerd,
> 
> This is an interesting pattern for the openssl 3.0 size issues.
> 
> It looks like the 1.1.1 APIs we are currently using are still available.
> Are those legacy APIs guaranteed to be supported under openssl 3.0?
> 
> Mike
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> Hoffmann
> > Sent: Monday, February 13, 2023 11:20 AM
> > To: devel@edk2.groups.io
> > Cc: Oliver Steffen <osteffen@redhat.com>; Pawel Polawski
> <ppolawsk@redhat.com>; Gerd Hoffmann <kraxel@redhat.com>
> > Subject: [edk2-devel] [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1()
> >
> > In openssl 3.0 SHA1() goes through the provider logic,
> > requiring a huge amount of openssl code.  The individual
> > functions do not, so use them instead.
> >
> > Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
> > ---
> >  CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c | 16 +++++++++++++---
> >  1 file changed, 13 insertions(+), 3 deletions(-)
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
> b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
> > index 1e071ce2b325..cfe1f4bc44c9 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
> > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha1.c
> > @@ -204,6 +204,8 @@ Sha1HashAll (
> >    OUT  UINT8       *HashValue
> >    )
> >  {
> > +  SHA_CTX  Context;
> > +
> >    //
> >    // Check input parameters.
> >    //
> > @@ -218,11 +220,19 @@ Sha1HashAll (
> >    //
> >    // OpenSSL SHA-1 Hash Computation.
> >    //
> > -  if (SHA1 (Data, DataSize, HashValue) == NULL) {
> > +  if (!SHA1_Init (&Context)) {
> >      return FALSE;
> > -  } else {
> > -    return TRUE;
> >    }
> > +
> > +  if (!SHA1_Update (&Context, Data, DataSize)) {
> > +    return FALSE;
> > +  }
> > +
> > +  if (!SHA1_Final (HashValue, &Context)) {
> > +    return FALSE;
> > +  }
> > +
> > +  return TRUE;
> >  }
> >
> >  #endif
> > --
> > 2.39.1
> >
> >
> >
> >
> >
> 
> 
> 
> 
> 


^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls
  2023-02-14  1:17 ` [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Yao, Jiewen
@ 2023-02-14 10:13   ` Gerd Hoffmann
  0 siblings, 0 replies; 12+ messages in thread
From: Gerd Hoffmann @ 2023-02-14 10:13 UTC (permalink / raw)
  To: Yao, Jiewen; +Cc: devel@edk2.groups.io, Oliver Steffen, Pawel Polawski

On Tue, Feb 14, 2023 at 01:17:55AM +0000, Yao, Jiewen wrote:
> Good work, Gerd!
> 
> Do you have any data on how many K can be saved?

Essentially we are down to a handfull of source files for SEC and PEI,
assuming both only need hash functions for tdx/tpm measurements.

https://github.com/kraxel/edk2/commit/58f323f68dfaeaf4b88a8658790f0b0a4b578642

SMM and DXE are still a significant increase in size and I don't see an
easy way around that.  Switching to the crypto driver should mitigate
that somewhat.  Don't have detailed numbers at hand.

take care,
  Gerd

> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> > Hoffmann
> > Sent: Tuesday, February 14, 2023 3:20 AM
> > To: devel@edk2.groups.io
> > Cc: Oliver Steffen <osteffen@redhat.com>; Pawel Polawski
> > <ppolawsk@redhat.com>; Gerd Hoffmann <kraxel@redhat.com>
> > Subject: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain
> > openssl library calls
> > 
> > In preparation for the openssl 3.0 switch ...
> > 
> > openssl 3.0 sneak preview (WIP still, does not yet pass CI) is at
> > https://github.com/kraxel/edk2/commits/openssl3
> > 
> > Gerd Hoffmann (4):
> >   CryptoPkg/BaseCryptLib: avoid using SHA1()
> >   CryptoPkg/BaseCryptLib: avoid using SHA256()
> >   CryptoPkg/BaseCryptLib: avoid using SHA384()
> >   CryptoPkg/BaseCryptLib: avoid using SHA512()
> > 
> >  .../Library/BaseCryptLib/Hash/CryptSha1.c     | 16 ++++++++--
> >  .../Library/BaseCryptLib/Hash/CryptSha256.c   | 16 ++++++++--
> >  .../Library/BaseCryptLib/Hash/CryptSha512.c   | 32 +++++++++++++++----
> >  3 files changed, 52 insertions(+), 12 deletions(-)
> > 
> > --
> > 2.39.1
> > 
> > 
> > 
> > 
> > 
> 

-- 


^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls
  2023-02-13 19:19 [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Gerd Hoffmann
                   ` (4 preceding siblings ...)
  2023-02-14  1:17 ` [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Yao, Jiewen
@ 2023-02-15  8:15 ` Yao, Jiewen
  2023-03-07  6:54   ` Gerd Hoffmann
  5 siblings, 1 reply; 12+ messages in thread
From: Yao, Jiewen @ 2023-02-15  8:15 UTC (permalink / raw)
  To: devel@edk2.groups.io, kraxel@redhat.com; +Cc: Oliver Steffen, Pawel Polawski

Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> Hoffmann
> Sent: Tuesday, February 14, 2023 3:20 AM
> To: devel@edk2.groups.io
> Cc: Oliver Steffen <osteffen@redhat.com>; Pawel Polawski
> <ppolawsk@redhat.com>; Gerd Hoffmann <kraxel@redhat.com>
> Subject: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain
> openssl library calls
> 
> In preparation for the openssl 3.0 switch ...
> 
> openssl 3.0 sneak preview (WIP still, does not yet pass CI) is at
> https://github.com/kraxel/edk2/commits/openssl3
> 
> Gerd Hoffmann (4):
>   CryptoPkg/BaseCryptLib: avoid using SHA1()
>   CryptoPkg/BaseCryptLib: avoid using SHA256()
>   CryptoPkg/BaseCryptLib: avoid using SHA384()
>   CryptoPkg/BaseCryptLib: avoid using SHA512()
> 
>  .../Library/BaseCryptLib/Hash/CryptSha1.c     | 16 ++++++++--
>  .../Library/BaseCryptLib/Hash/CryptSha256.c   | 16 ++++++++--
>  .../Library/BaseCryptLib/Hash/CryptSha512.c   | 32 +++++++++++++++----
>  3 files changed, 52 insertions(+), 12 deletions(-)
> 
> --
> 2.39.1
> 
> 
> 
> 
> 


^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls
  2023-02-15  8:15 ` Yao, Jiewen
@ 2023-03-07  6:54   ` Gerd Hoffmann
  2023-03-07  7:59     ` Yao, Jiewen
  0 siblings, 1 reply; 12+ messages in thread
From: Gerd Hoffmann @ 2023-03-07  6:54 UTC (permalink / raw)
  To: Yao, Jiewen; +Cc: devel@edk2.groups.io, Oliver Steffen, Pawel Polawski

  Hi,

Ping.  Code freeze is over, can we merge this now?

thanks,
  Gerd

On Wed, Feb 15, 2023 at 08:15:32AM +0000, Yao, Jiewen wrote:
> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> > Hoffmann
> > Sent: Tuesday, February 14, 2023 3:20 AM
> > To: devel@edk2.groups.io
> > Cc: Oliver Steffen <osteffen@redhat.com>; Pawel Polawski
> > <ppolawsk@redhat.com>; Gerd Hoffmann <kraxel@redhat.com>
> > Subject: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain
> > openssl library calls
> > 
> > In preparation for the openssl 3.0 switch ...
> > 
> > openssl 3.0 sneak preview (WIP still, does not yet pass CI) is at
> > https://github.com/kraxel/edk2/commits/openssl3
> > 
> > Gerd Hoffmann (4):
> >   CryptoPkg/BaseCryptLib: avoid using SHA1()
> >   CryptoPkg/BaseCryptLib: avoid using SHA256()
> >   CryptoPkg/BaseCryptLib: avoid using SHA384()
> >   CryptoPkg/BaseCryptLib: avoid using SHA512()
> > 
> >  .../Library/BaseCryptLib/Hash/CryptSha1.c     | 16 ++++++++--
> >  .../Library/BaseCryptLib/Hash/CryptSha256.c   | 16 ++++++++--
> >  .../Library/BaseCryptLib/Hash/CryptSha512.c   | 32 +++++++++++++++----
> >  3 files changed, 52 insertions(+), 12 deletions(-)
> > 
> > --
> > 2.39.1
> > 
> > 
> > 
> > 
> > 
> 

-- 


^ permalink raw reply	[flat|nested] 12+ messages in thread

* Re: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls
  2023-03-07  6:54   ` Gerd Hoffmann
@ 2023-03-07  7:59     ` Yao, Jiewen
  0 siblings, 0 replies; 12+ messages in thread
From: Yao, Jiewen @ 2023-03-07  7:59 UTC (permalink / raw)
  To: kraxel@redhat.com; +Cc: devel@edk2.groups.io, Oliver Steffen, Pawel Polawski

Sure.
Thanks to remind me.
https://github.com/tianocore/edk2/pull/4104.

Thank you
Yao, Jiewen

> -----Original Message-----
> From: kraxel@redhat.com <kraxel@redhat.com>
> Sent: Tuesday, March 7, 2023 2:54 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>
> Cc: devel@edk2.groups.io; Oliver Steffen <osteffen@redhat.com>; Pawel
> Polawski <ppolawsk@redhat.com>
> Subject: Re: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain
> openssl library calls
> 
>   Hi,
> 
> Ping.  Code freeze is over, can we merge this now?
> 
> thanks,
>   Gerd
> 
> On Wed, Feb 15, 2023 at 08:15:32AM +0000, Yao, Jiewen wrote:
> > Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
> >
> > > -----Original Message-----
> > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> > > Hoffmann
> > > Sent: Tuesday, February 14, 2023 3:20 AM
> > > To: devel@edk2.groups.io
> > > Cc: Oliver Steffen <osteffen@redhat.com>; Pawel Polawski
> > > <ppolawsk@redhat.com>; Gerd Hoffmann <kraxel@redhat.com>
> > > Subject: [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain
> > > openssl library calls
> > >
> > > In preparation for the openssl 3.0 switch ...
> > >
> > > openssl 3.0 sneak preview (WIP still, does not yet pass CI) is at
> > > https://github.com/kraxel/edk2/commits/openssl3
> > >
> > > Gerd Hoffmann (4):
> > >   CryptoPkg/BaseCryptLib: avoid using SHA1()
> > >   CryptoPkg/BaseCryptLib: avoid using SHA256()
> > >   CryptoPkg/BaseCryptLib: avoid using SHA384()
> > >   CryptoPkg/BaseCryptLib: avoid using SHA512()
> > >
> > >  .../Library/BaseCryptLib/Hash/CryptSha1.c     | 16 ++++++++--
> > >  .../Library/BaseCryptLib/Hash/CryptSha256.c   | 16 ++++++++--
> > >  .../Library/BaseCryptLib/Hash/CryptSha512.c   | 32 +++++++++++++++---
> -
> > >  3 files changed, 52 insertions(+), 12 deletions(-)
> > >
> > > --
> > > 2.39.1
> > >
> > >
> > >
> > > 
> > >
> >
> 
> --


^ permalink raw reply	[flat|nested] 12+ messages in thread

end of thread, other threads:[~2023-03-07  8:00 UTC | newest]

Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-02-13 19:19 [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Gerd Hoffmann
2023-02-13 19:19 ` [PATCH 1/4] CryptoPkg/BaseCryptLib: avoid using SHA1() Gerd Hoffmann
2023-02-13 22:14   ` [edk2-devel] " Michael D Kinney
2023-02-14  2:23     ` Yao, Jiewen
2023-02-13 19:19 ` [PATCH 2/4] CryptoPkg/BaseCryptLib: avoid using SHA256() Gerd Hoffmann
2023-02-13 19:19 ` [PATCH 3/4] CryptoPkg/BaseCryptLib: avoid using SHA384() Gerd Hoffmann
2023-02-13 19:19 ` [PATCH 4/4] CryptoPkg/BaseCryptLib: avoid using SHA512() Gerd Hoffmann
2023-02-14  1:17 ` [edk2-devel] [PATCH 0/4] CryptoPkg/BaseCryptLib: avoid certain openssl library calls Yao, Jiewen
2023-02-14 10:13   ` Gerd Hoffmann
2023-02-15  8:15 ` Yao, Jiewen
2023-03-07  6:54   ` Gerd Hoffmann
2023-03-07  7:59     ` Yao, Jiewen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox