From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136])
 by mx.groups.io with SMTP id smtpd.web10.14908.1679043701943312576
 for <devel@edk2.groups.io>;
 Fri, 17 Mar 2023 02:01:42 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=HGFgLprC;
 spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: wenxing.hou@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1679043701; x=1710579701;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=pUZ04fQuda/NWFx8UcG5J3gRSV2o1B/+C16AAHDeUEo=;
  b=HGFgLprC0xCgtY0N/q/gJwRnXgJq5/JiwVcuENq66FMDb78Bub8/agTM
   87Up1em2zk7LrFWZJuIi5OELGbxt3J+KFibfxNAbA3aX8OA6tVz6Z8fYI
   uPjB1Vbs6AgF8CSlIwtAwBnRaX35HraW1tl3PcZVY7d784hv6Qq9oMKU6
   OVJeJQ7+tZ546CFt0hZOOw4De9kPh8dOCRGoZsX5LPaXd+nAdfBhc9mO5
   /Cx58RoIW58CPQn81RpTWbdzVdfLcTdNs0Hxv+XAeUQbRjrwR4v3G26En
   aXYFohJxJW02ntBn+9NPNf5uG5y1zBi9ejfPTI3IDvrJDgPJPaPGkLeNZ
   g==;
X-IronPort-AV: E=McAfee;i="6600,9927,10651"; a="317871044"
X-IronPort-AV: E=Sophos;i="5.98,268,1673942400"; 
   d="scan'208";a="317871044"
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Mar 2023 02:01:41 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10651"; a="926066654"
X-IronPort-AV: E=Sophos;i="5.98,268,1673942400"; 
   d="scan'208";a="926066654"
Received: from shwdejointd777.ccr.corp.intel.com ([10.239.157.39])
  by fmsmga006.fm.intel.com with ESMTP; 17 Mar 2023 02:01:40 -0700
From: "Wenxing Hou" <wenxing.hou@intel.com>
To: devel@edk2.groups.io
Cc: Wenxing Hou <wenxing.hou@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Yi Li <yi1.li@intel.com>
Subject: [edk2-staging/OpenSSL11_EOL PATCH 0/7] Enable MbedTLS for CryptoPkg update Mar 17
Date: Fri, 17 Mar 2023 17:00:46 +0800
Message-Id: <20230317090053.1895-1-wenxing.hou@intel.com>
X-Mailer: git-send-email 2.26.2.windows.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

The POC is to explore mbedtls as a smaller alternative to OpenSSL.
The Patch enable EC/X509/Pkcs7 base on Mbedtls for CryptoPkg.


Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Yi Li <yi1.li@intel.com>

Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>

Wenxing Hou (7):
  Update ReadmeMbedtls
  Clear unnecessary API in DH
  Make all BaseCryptLibMbedTls inf files consistent with BaseCryptLib
  Update Pkcs7 api based on MbedTlsLib for CryptoPkg
  Update EC api based on MbedTlsLib for CryptoPkg
  Update X509 api based on MbedTlsLib for CryptoPkg
  Clean SysCall api by adding platform_util.c

 .../BaseCryptLibMbedTls/BaseCryptLib.inf      |   8 +
 .../BaseCryptLibMbedTls/InternalCryptLib.h    |  32 +
 .../Library/BaseCryptLibMbedTls/Pk/CryptDh.c  |  73 --
 .../Library/BaseCryptLibMbedTls/Pk/CryptEc.c  | 634 +++++++++++++++++-
 .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c   |   5 +-
 .../Pk/CryptPkcs7VerifyBase.c                 |  40 +-
 .../Pk/CryptPkcs7VerifyCommon.c               | 338 +++++++++-
 .../Pk/CryptPkcs7VerifyEku.c                  | 454 +------------
 .../BaseCryptLibMbedTls/Pk/CryptX509.c        | 163 ++++-
 .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c   |   7 +
 .../BaseCryptLibMbedTls/RuntimeCryptLib.inf   |   2 +-
 .../BaseCryptLibMbedTls/SmmCryptLib.inf       |   4 +-
 .../SysCall/ConstantTimeClock.c               |  14 -
 .../BaseCryptLibMbedTls/SysCall/CrtWrapper.c  |   5 -
 .../SysCall/TimerWrapper.c                    |  14 -
 .../BaseCryptLibMbedTls/TestBaseCryptLib.inf  |   4 +-
 CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf   |   2 +
 CryptoPkg/ReadmeMbedtls.md                    |  55 +-
 18 files changed, 1264 insertions(+), 590 deletions(-)

-- 
2.26.2.windows.1