public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH 0/8] CryptoPkg: Retire the deprecate function
@ 2020-03-27  1:56 Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 1/8] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm Gao, Zhichao
                   ` (10 more replies)
  0 siblings, 11 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  1:56 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Xiaoyu Lu, Maciej Rabeda, Jiaxin Wu, Siyuan Fu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898

MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
They are all deprecated. Edk2 would not support them any longer.
So remove them.
But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
default value to false to indicate they are deprecated.

NetWorkPkg's iSCSI driver would consume the MD5 function, so change
the md5 pcd to TURE when iSCSI is enabled.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>

Zhichao Gao (8):
  CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
  CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
  CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
  CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
  CryptoPkg/dec: Add pcds to avoid building the deprecated function
  NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
  Crypto/BaseCryptLib: Using pcd to control MD5 enablement
  CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement

 CryptoPkg/CryptoPkg.dec                       |  11 +
 CryptoPkg/CryptoPkg.uni                       |  11 +
 CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
 CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
 .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
 .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
 .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
 .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
 .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
 .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
 .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
 .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
 .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
 .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
 .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
 .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
 .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
 .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
 .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
 .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
 .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
 .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
 .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
 .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
 .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
 .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
 .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
 .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
 .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
 .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
 .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
 .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
 .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
 .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
 .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
 CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
 NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
 37 files changed, 145 insertions(+), 4221 deletions(-)
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c

-- 
2.21.0.windows.1


^ permalink raw reply	[flat|nested] 38+ messages in thread

* [PATCH 1/8] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
@ 2020-03-27  1:56 ` Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 2/8] CryptoPkg/BaseCryptLib: Retire ARC4 algorithm Gao, Zhichao
                   ` (9 subsequent siblings)
  10 siblings, 0 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  1:56 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Xiaoyu Lu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898

MD4 is not secure any longer.
Remove the MD4 support from edk2.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 CryptoPkg/Driver/Crypto.c                     | 165 -------------
 CryptoPkg/Include/Library/BaseCryptLib.h      | 145 ------------
 .../Library/BaseCryptLib/BaseCryptLib.inf     |   3 +-
 .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------------------
 .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 -----------
 .../Library/BaseCryptLib/PeiCryptLib.inf      |   5 +-
 .../Library/BaseCryptLib/RuntimeCryptLib.inf  |   5 +-
 .../Library/BaseCryptLib/SmmCryptLib.inf      |   5 +-
 .../BaseCryptLibNull/BaseCryptLibNull.inf     |   1 -
 .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 -----------
 .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 158 -------------
 CryptoPkg/Private/Protocol/Crypto.h           | 153 +-----------
 12 files changed, 8 insertions(+), 1141 deletions(-)
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c

diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index 35bf2d3d92..48a565a2b3 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -105,164 +105,6 @@ CryptoServiceGetCryptoVersion (
 //    One-Way Cryptographic Hash Primitives
 //=====================================================================================
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for MD4 hash operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for MD4 hash operations.
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-CryptoServiceMd4GetContextSize (
-  VOID
-  )
-{
-  return CALL_BASECRYPTLIB (Md4.Services.GetContextSize, Md4GetContextSize, (), 0);
-}
-
-/**
-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for
-  subsequent use.
-
-  If Md4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  Md4Context  Pointer to MD4 context being initialized.
-
-  @retval TRUE   MD4 context initialization succeeded.
-  @retval FALSE  MD4 context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceMd4Init (
-  OUT  VOID  *Md4Context
-  )
-{
-  return CALL_BASECRYPTLIB (Md4.Services.Init, Md4Init, (Md4Context), FALSE);
-}
-
-/**
-  Makes a copy of an existing MD4 context.
-
-  If Md4Context is NULL, then return FALSE.
-  If NewMd4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]  Md4Context     Pointer to MD4 context being copied.
-  @param[out] NewMd4Context  Pointer to new MD4 context.
-
-  @retval TRUE   MD4 context copy succeeded.
-  @retval FALSE  MD4 context copy failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceMd4Duplicate (
-  IN   CONST VOID  *Md4Context,
-  OUT  VOID        *NewMd4Context
-  )
-{
-  return CALL_BASECRYPTLIB (Md4.Services.Duplicate, Md4Duplicate, (Md4Context, NewMd4Context), FALSE);
-}
-
-/**
-  Digests the input data and updates MD4 context.
-
-  This function performs MD4 digest on a data buffer of the specified size.
-  It can be called multiple times to compute the digest of long or discontinuous data streams.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be finalized
-  by Md4Final(). Behavior with invalid context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]       DataSize    Size of Data buffer in bytes.
-
-  @retval TRUE   MD4 data digest succeeded.
-  @retval FALSE  MD4 data digest failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceMd4Update (
-  IN OUT  VOID        *Md4Context,
-  IN      CONST VOID  *Data,
-  IN      UINTN       DataSize
-  )
-{
-  return CALL_BASECRYPTLIB (Md4.Services.Update, Md4Update, (Md4Context, Data, DataSize), FALSE);
-}
-
-/**
-  Completes computation of the MD4 digest value.
-
-  This function completes MD4 hash computation and retrieves the digest value into
-  the specified memory. After this function has been called, the MD4 context cannot
-  be used again.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be
-  finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-  If HashValue is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest
-                               value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceMd4Final (
-  IN OUT  VOID   *Md4Context,
-  OUT     UINT8  *HashValue
-  )
-{
-  return CALL_BASECRYPTLIB (Md4.Services.Final, Md4Final, (Md4Context, HashValue), FALSE);
-}
-
-/**
-  Computes the MD4 message digest of a input data buffer.
-
-  This function performs the MD4 message digest of a given data buffer, and places
-  the digest value into the specified memory.
-
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]   DataSize    Size of Data buffer in bytes.
-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest
-                           value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceMd4HashAll (
-  IN   CONST VOID  *Data,
-  IN   UINTN       DataSize,
-  OUT  UINT8       *HashValue
-  )
-{
-  return CALL_BASECRYPTLIB (Md4.Services.HashAll, Md4HashAll, (Data, DataSize, HashValue), FALSE);
-}
-
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
@@ -4422,13 +4264,6 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceHmacSha256Duplicate,
   CryptoServiceHmacSha256Update,
   CryptoServiceHmacSha256Final,
-  /// Md4
-  CryptoServiceMd4GetContextSize,
-  CryptoServiceMd4Init,
-  CryptoServiceMd4Duplicate,
-  CryptoServiceMd4Update,
-  CryptoServiceMd4Final,
-  CryptoServiceMd4HashAll,
   /// Md5
   CryptoServiceMd5GetContextSize,
   CryptoServiceMd5Init,
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index 5e8f2e0a10..c862f0334f 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -14,11 +14,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include <Uefi/UefiBaseType.h>
 
-///
-/// MD4 digest size in bytes
-///
-#define MD4_DIGEST_SIZE     16
-
 ///
 /// MD5 digest size in bytes
 ///
@@ -77,146 +72,6 @@ typedef enum {
 //    One-Way Cryptographic Hash Primitives
 //=====================================================================================
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for MD4 hash operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for MD4 hash operations.
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-Md4GetContextSize (
-  VOID
-  );
-
-/**
-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for
-  subsequent use.
-
-  If Md4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  Md4Context  Pointer to MD4 context being initialized.
-
-  @retval TRUE   MD4 context initialization succeeded.
-  @retval FALSE  MD4 context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Init (
-  OUT  VOID  *Md4Context
-  );
-
-/**
-  Makes a copy of an existing MD4 context.
-
-  If Md4Context is NULL, then return FALSE.
-  If NewMd4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]  Md4Context     Pointer to MD4 context being copied.
-  @param[out] NewMd4Context  Pointer to new MD4 context.
-
-  @retval TRUE   MD4 context copy succeeded.
-  @retval FALSE  MD4 context copy failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Duplicate (
-  IN   CONST VOID  *Md4Context,
-  OUT  VOID        *NewMd4Context
-  );
-
-/**
-  Digests the input data and updates MD4 context.
-
-  This function performs MD4 digest on a data buffer of the specified size.
-  It can be called multiple times to compute the digest of long or discontinuous data streams.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be finalized
-  by Md4Final(). Behavior with invalid context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]       DataSize    Size of Data buffer in bytes.
-
-  @retval TRUE   MD4 data digest succeeded.
-  @retval FALSE  MD4 data digest failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Update (
-  IN OUT  VOID        *Md4Context,
-  IN      CONST VOID  *Data,
-  IN      UINTN       DataSize
-  );
-
-/**
-  Completes computation of the MD4 digest value.
-
-  This function completes MD4 hash computation and retrieves the digest value into
-  the specified memory. After this function has been called, the MD4 context cannot
-  be used again.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be
-  finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-  If HashValue is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest
-                               value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Final (
-  IN OUT  VOID   *Md4Context,
-  OUT     UINT8  *HashValue
-  );
-
-/**
-  Computes the MD4 message digest of a input data buffer.
-
-  This function performs the MD4 message digest of a given data buffer, and places
-  the digest value into the specified memory.
-
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]   DataSize    Size of Data buffer in bytes.
-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest
-                           value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4HashAll (
-  IN   CONST VOID  *Data,
-  IN   UINTN       DataSize,
-  OUT  UINT8       *HashValue
-  );
-
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 1bbe4f435a..254fa310d5 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -6,7 +6,7 @@
 #  This external input must be validated carefully to avoid security issues such as
 #  buffer overflow or integer overflow.
 #
-#  Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
@@ -28,7 +28,6 @@
 
 [Sources]
   InternalCryptLib.h
-  Hash/CryptMd4.c
   Hash/CryptMd5.c
   Hash/CryptSha1.c
   Hash/CryptSha256.c
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
deleted file mode 100644
index bc02da07b0..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
+++ /dev/null
@@ -1,223 +0,0 @@
-/** @file
-  MD4 Digest Wrapper Implementation over OpenSSL.
-
-Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-#include <openssl/md4.h>
-
-/**
-  Retrieves the size, in bytes, of the context buffer required for MD4 hash operations.
-
-  @return  The size, in bytes, of the context buffer required for MD4 hash operations.
-
-**/
-UINTN
-EFIAPI
-Md4GetContextSize (
-  VOID
-  )
-{
-  //
-  // Retrieves the OpenSSL MD4 Context Size
-  //
-  return (UINTN) (sizeof (MD4_CTX));
-}
-
-/**
-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for
-  subsequent use.
-
-  If Md4Context is NULL, then return FALSE.
-
-  @param[out]  Md4Context  Pointer to MD4 context being initialized.
-
-  @retval TRUE   MD4 context initialization succeeded.
-  @retval FALSE  MD4 context initialization failed.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Init (
-  OUT  VOID  *Md4Context
-  )
-{
-  //
-  // Check input parameters.
-  //
-  if (Md4Context == NULL) {
-    return FALSE;
-  }
-
-  //
-  // OpenSSL MD4 Context Initialization
-  //
-  return (BOOLEAN) (MD4_Init ((MD4_CTX *) Md4Context));
-}
-
-/**
-  Makes a copy of an existing MD4 context.
-
-  If Md4Context is NULL, then return FALSE.
-  If NewMd4Context is NULL, then return FALSE.
-
-  @param[in]  Md4Context     Pointer to MD4 context being copied.
-  @param[out] NewMd4Context  Pointer to new MD4 context.
-
-  @retval TRUE   MD4 context copy succeeded.
-  @retval FALSE  MD4 context copy failed.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Duplicate (
-  IN   CONST VOID  *Md4Context,
-  OUT  VOID        *NewMd4Context
-  )
-{
-  //
-  // Check input parameters.
-  //
-  if (Md4Context == NULL || NewMd4Context == NULL) {
-    return FALSE;
-  }
-
-  CopyMem (NewMd4Context, Md4Context, sizeof (MD4_CTX));
-
-  return TRUE;
-}
-
-/**
-  Digests the input data and updates MD4 context.
-
-  This function performs MD4 digest on a data buffer of the specified size.
-  It can be called multiple times to compute the digest of long or discontinuous data streams.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be finalized
-  by Md4Final(). Behavior with invalid context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]       DataSize    Size of Data buffer in bytes.
-
-  @retval TRUE   MD4 data digest succeeded.
-  @retval FALSE  MD4 data digest failed.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Update (
-  IN OUT  VOID        *Md4Context,
-  IN      CONST VOID  *Data,
-  IN      UINTN       DataSize
-  )
-{
-  //
-  // Check input parameters.
-  //
-  if (Md4Context == NULL) {
-    return FALSE;
-  }
-
-  //
-  // Check invalid parameters, in case that only DataLength was checked in OpenSSL
-  //
-  if (Data == NULL && DataSize != 0) {
-    return FALSE;
-  }
-
-  //
-  // OpenSSL MD4 Hash Update
-  //
-  return (BOOLEAN) (MD4_Update ((MD4_CTX *) Md4Context, Data, DataSize));
-}
-
-/**
-  Completes computation of the MD4 digest value.
-
-  This function completes MD4 hash computation and retrieves the digest value into
-  the specified memory. After this function has been called, the MD4 context cannot
-  be used again.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be
-  finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-  If HashValue is NULL, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest
-                               value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Final (
-  IN OUT  VOID   *Md4Context,
-  OUT     UINT8  *HashValue
-  )
-{
-  //
-  // Check input parameters.
-  //
-  if (Md4Context == NULL || HashValue == NULL) {
-    return FALSE;
-  }
-
-  //
-  // OpenSSL MD4 Hash Finalization
-  //
-  return (BOOLEAN) (MD4_Final (HashValue, (MD4_CTX *) Md4Context));
-}
-
-/**
-  Computes the MD4 message digest of a input data buffer.
-
-  This function performs the MD4 message digest of a given data buffer, and places
-  the digest value into the specified memory.
-
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]   DataSize    Size of Data buffer in bytes.
-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest
-                           value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4HashAll (
-  IN   CONST VOID  *Data,
-  IN   UINTN       DataSize,
-  OUT  UINT8       *HashValue
-  )
-{
-  //
-  // Check input parameters.
-  //
-  if (HashValue == NULL) {
-    return FALSE;
-  }
-  if (Data == NULL && DataSize != 0) {
-    return FALSE;
-  }
-
-  //
-  // OpenSSL MD4 Hash Computation.
-  //
-  if (MD4 (Data, DataSize, HashValue) == NULL) {
-    return FALSE;
-  } else {
-    return TRUE;
-  }
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
deleted file mode 100644
index 610c61c713..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/** @file
-  MD4 Digest Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
-  Retrieves the size, in bytes, of the context buffer required for MD4 hash
-  operations.
-
-  Return zero to indicate this interface is not supported.
-
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-Md4GetContextSize (
-  VOID
-  )
-{
-  ASSERT (FALSE);
-  return 0;
-}
-
-/**
-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for
-  subsequent use.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[out]  Md4Context  Pointer to MD4 context being initialized.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Init (
-  OUT  VOID  *Md4Context
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Makes a copy of an existing MD4 context.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]  Md4Context     Pointer to MD4 context being copied.
-  @param[out] NewMd4Context  Pointer to new MD4 context.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Duplicate (
-  IN   CONST VOID  *Md4Context,
-  OUT  VOID        *NewMd4Context
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Digests the input data and updates MD4 context.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]       DataSize    Size of Data buffer in bytes.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Update (
-  IN OUT  VOID        *Md4Context,
-  IN      CONST VOID  *Data,
-  IN      UINTN       DataSize
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Completes computation of the MD4 digest value.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest
-                               value (16 bytes).
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Final (
-  IN OUT  VOID   *Md4Context,
-  OUT     UINT8  *HashValue
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Computes the MD4 message digest of a input data buffer.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]   DataSize    Size of Data buffer in bytes.
-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest
-                           value (16 bytes).
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4HashAll (
-  IN   CONST VOID  *Data,
-  IN   UINTN       DataSize,
-  OUT  UINT8       *HashValue
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index c836c257f8..e9add0127d 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -6,14 +6,14 @@
 #  This external input must be validated carefully to avoid security issues such as
 #  buffer overflow or integer overflow.
 #
-#  Note: MD4 Digest functions,
+#  Note:
 #  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509
 #  certificate handler functions, authenticode signature verification functions,
 #  PEM handler functions, and pseudorandom number generator functions are not
 #  supported in this instance.
 #
-#  Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
@@ -35,7 +35,6 @@
 
 [Sources]
   InternalCryptLib.h
-  Hash/CryptMd4Null.c
   Hash/CryptMd5.c
   Hash/CryptSha1.c
   Hash/CryptSha256.c
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index bff308a4f5..b1a06a2368 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -6,12 +6,12 @@
 #  This external input must be validated carefully to avoid security issues such as
 #  buffer overflow or integer overflow.
 #
-#  Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,
+#  Note: SHA-384 Digest functions, SHA-512 Digest functions,
 #  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
 #  authenticode signature verification functions are not supported in this instance.
 #
-#  Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
@@ -34,7 +34,6 @@
 
 [Sources]
   InternalCryptLib.h
-  Hash/CryptMd4Null.c
   Hash/CryptMd5.c
   Hash/CryptSha1.c
   Hash/CryptSha256.c
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index cc0b65fd25..139983075e 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -6,12 +6,12 @@
 #  This external input must be validated carefully to avoid security issues such as
 #  buffer overflow or integer overflow.
 #
-#  Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,
+#  Note: SHA-384 Digest functions, SHA-512 Digest functions,
 #  HMAC-MD5 functions, HMAC-SHA1 functions, TDES/ARC4 functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
 #  authenticode signature verification functions are not supported in this instance.
 #
-#  Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
@@ -34,7 +34,6 @@
 
 [Sources]
   InternalCryptLib.h
-  Hash/CryptMd4Null.c
   Hash/CryptMd5.c
   Hash/CryptSha1.c
   Hash/CryptSha256.c
diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
index 8f53b0dfd0..ff79fe47d7 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
+++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
@@ -28,7 +28,6 @@
 
 [Sources]
   InternalCryptLib.h
-  Hash/CryptMd4Null.c
   Hash/CryptMd5Null.c
   Hash/CryptSha1Null.c
   Hash/CryptSha256Null.c
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
deleted file mode 100644
index 610c61c713..0000000000
--- a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/** @file
-  MD4 Digest Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
-  Retrieves the size, in bytes, of the context buffer required for MD4 hash
-  operations.
-
-  Return zero to indicate this interface is not supported.
-
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-Md4GetContextSize (
-  VOID
-  )
-{
-  ASSERT (FALSE);
-  return 0;
-}
-
-/**
-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for
-  subsequent use.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[out]  Md4Context  Pointer to MD4 context being initialized.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Init (
-  OUT  VOID  *Md4Context
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Makes a copy of an existing MD4 context.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]  Md4Context     Pointer to MD4 context being copied.
-  @param[out] NewMd4Context  Pointer to new MD4 context.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Duplicate (
-  IN   CONST VOID  *Md4Context,
-  OUT  VOID        *NewMd4Context
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Digests the input data and updates MD4 context.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]       DataSize    Size of Data buffer in bytes.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Update (
-  IN OUT  VOID        *Md4Context,
-  IN      CONST VOID  *Data,
-  IN      UINTN       DataSize
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Completes computation of the MD4 digest value.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest
-                               value (16 bytes).
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Final (
-  IN OUT  VOID   *Md4Context,
-  OUT     UINT8  *HashValue
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Computes the MD4 message digest of a input data buffer.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]   DataSize    Size of Data buffer in bytes.
-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest
-                           value (16 bytes).
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4HashAll (
-  IN   CONST VOID  *Data,
-  IN   UINTN       DataSize,
-  OUT  UINT8       *HashValue
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index c2a1df9afc..5e470028f4 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -99,164 +99,6 @@ CryptoServiceNotAvailable (
 //    One-Way Cryptographic Hash Primitives
 //=====================================================================================
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for MD4 hash operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for MD4 hash operations.
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-Md4GetContextSize (
-  VOID
-  )
-{
-  CALL_CRYPTO_SERVICE (Md4GetContextSize, (), 0);
-}
-
-/**
-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for
-  subsequent use.
-
-  If Md4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  Md4Context  Pointer to MD4 context being initialized.
-
-  @retval TRUE   MD4 context initialization succeeded.
-  @retval FALSE  MD4 context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Init (
-  OUT  VOID  *Md4Context
-  )
-{
-  CALL_CRYPTO_SERVICE (Md4Init, (Md4Context), FALSE);
-}
-
-/**
-  Makes a copy of an existing MD4 context.
-
-  If Md4Context is NULL, then return FALSE.
-  If NewMd4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]  Md4Context     Pointer to MD4 context being copied.
-  @param[out] NewMd4Context  Pointer to new MD4 context.
-
-  @retval TRUE   MD4 context copy succeeded.
-  @retval FALSE  MD4 context copy failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Duplicate (
-  IN   CONST VOID  *Md4Context,
-  OUT  VOID        *NewMd4Context
-  )
-{
-  CALL_CRYPTO_SERVICE (Md4Duplicate, (Md4Context, NewMd4Context), FALSE);
-}
-
-/**
-  Digests the input data and updates MD4 context.
-
-  This function performs MD4 digest on a data buffer of the specified size.
-  It can be called multiple times to compute the digest of long or discontinuous data streams.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be finalized
-  by Md4Final(). Behavior with invalid context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]       DataSize    Size of Data buffer in bytes.
-
-  @retval TRUE   MD4 data digest succeeded.
-  @retval FALSE  MD4 data digest failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Update (
-  IN OUT  VOID        *Md4Context,
-  IN      CONST VOID  *Data,
-  IN      UINTN       DataSize
-  )
-{
-  CALL_CRYPTO_SERVICE (Md4Update, (Md4Context, Data, DataSize), FALSE);
-}
-
-/**
-  Completes computation of the MD4 digest value.
-
-  This function completes MD4 hash computation and retrieves the digest value into
-  the specified memory. After this function has been called, the MD4 context cannot
-  be used again.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be
-  finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-  If HashValue is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest
-                               value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Final (
-  IN OUT  VOID   *Md4Context,
-  OUT     UINT8  *HashValue
-  )
-{
-  CALL_CRYPTO_SERVICE (Md4Final, (Md4Context, HashValue), FALSE);
-}
-
-/**
-  Computes the MD4 message digest of a input data buffer.
-
-  This function performs the MD4 message digest of a given data buffer, and places
-  the digest value into the specified memory.
-
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]   DataSize    Size of Data buffer in bytes.
-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest
-                           value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4HashAll (
-  IN   CONST VOID  *Data,
-  IN   UINTN       DataSize,
-  OUT  UINT8       *HashValue
-  )
-{
-  CALL_CRYPTO_SERVICE (Md4HashAll, (Data, DataSize, HashValue), FALSE);
-}
-
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index 40c387e002..c9529bda96 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -2,6 +2,7 @@
   This Protocol provides Crypto services to DXE modules
 
   Copyright (C) Microsoft Corporation. All rights reserved.
+  Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -450,151 +451,6 @@ BOOLEAN
 //    One-Way Cryptographic Hash Primitives
 //=====================================================================================
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for MD4 hash operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for MD4 hash operations.
-  @retval  0   This interface is not supported.
-
-**/
-typedef
-UINTN
-(EFIAPI *EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE) (
-  VOID
-  );
-
-
-/**
-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for
-  subsequent use.
-
-  If Md4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  Md4Context  Pointer to MD4 context being initialized.
-
-  @retval TRUE   MD4 context initialization succeeded.
-  @retval FALSE  MD4 context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_MD4_INIT) (
-  OUT  VOID  *Md4Context
-  );
-
-
-/**
-  Makes a copy of an existing MD4 context.
-
-  If Md4Context is NULL, then return FALSE.
-  If NewMd4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]  Md4Context     Pointer to MD4 context being copied.
-  @param[out] NewMd4Context  Pointer to new MD4 context.
-
-  @retval TRUE   MD4 context copy succeeded.
-  @retval FALSE  MD4 context copy failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_MD4_DUPLICATE) (
-  IN   CONST VOID  *Md4Context,
-  OUT  VOID        *NewMd4Context
-  );
-
-
-/**
-  Digests the input data and updates MD4 context.
-
-  This function performs MD4 digest on a data buffer of the specified size.
-  It can be called multiple times to compute the digest of long or discontinuous data streams.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be finalized
-  by Md4Final(). Behavior with invalid context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]       DataSize    Size of Data buffer in bytes.
-
-  @retval TRUE   MD4 data digest succeeded.
-  @retval FALSE  MD4 data digest failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_MD4_UPDATE) (
-  IN OUT  VOID        *Md4Context,
-  IN      CONST VOID  *Data,
-  IN      UINTN       DataSize
-  );
-
-
-/**
-  Completes computation of the MD4 digest value.
-
-  This function completes MD4 hash computation and retrieves the digest value into
-  the specified memory. After this function has been called, the MD4 context cannot
-  be used again.
-  MD4 context should be already correctly initialized by Md4Init(), and should not be
-  finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
-
-  If Md4Context is NULL, then return FALSE.
-  If HashValue is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Md4Context  Pointer to the MD4 context.
-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest
-                               value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_MD4_FINAL) (
-  IN OUT  VOID   *Md4Context,
-  OUT     UINT8  *HashValue
-  );
-
-
-/**
-  Computes the MD4 message digest of a input data buffer.
-
-  This function performs the MD4 message digest of a given data buffer, and places
-  the digest value into the specified memory.
-
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.
-  @param[in]   DataSize    Size of Data buffer in bytes.
-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest
-                           value (16 bytes).
-
-  @retval TRUE   MD4 digest computation succeeded.
-  @retval FALSE  MD4 digest computation failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_MD4_HASH_ALL) (
-  IN   CONST VOID  *Data,
-  IN   UINTN       DataSize,
-  OUT  UINT8       *HashValue
-  );
-
 // ----------------------------------------------------------------------------
 
 /**
@@ -4007,13 +3863,6 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_HMAC_SHA256_DUPLICATE              HmacSha256Duplicate;
   EDKII_CRYPTO_HMAC_SHA256_UPDATE                 HmacSha256Update;
   EDKII_CRYPTO_HMAC_SHA256_FINAL                  HmacSha256Final;
-  /// Md4
-  EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE               Md4GetContextSize;
-  EDKII_CRYPTO_MD4_INIT                           Md4Init;
-  EDKII_CRYPTO_MD4_DUPLICATE                      Md4Duplicate;
-  EDKII_CRYPTO_MD4_UPDATE                         Md4Update;
-  EDKII_CRYPTO_MD4_FINAL                          Md4Final;
-  EDKII_CRYPTO_MD4_HASH_ALL                       Md4HashAll;
   /// Md5
   EDKII_CRYPTO_MD5_GET_CONTEXT_SIZE               Md5GetContextSize;
   EDKII_CRYPTO_MD5_INIT                           Md5Init;
-- 
2.21.0.windows.1


^ permalink raw reply related	[flat|nested] 38+ messages in thread

* [PATCH 2/8] CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 1/8] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm Gao, Zhichao
@ 2020-03-27  1:56 ` Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 3/8] CryptoPkg/BaseCryptLib: Retire the Tdes algorithm Gao, Zhichao
                   ` (8 subsequent siblings)
  10 siblings, 0 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  1:56 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Xiaoyu Lu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898

ARC4 is not secure any longer.
Remove the ARC4 support from edk2.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 CryptoPkg/Driver/Crypto.c                     | 153 -------------
 CryptoPkg/Include/Library/BaseCryptLib.h      | 132 -----------
 .../Library/BaseCryptLib/BaseCryptLib.inf     |   1 -
 .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------------------
 .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 -----------
 .../Library/BaseCryptLib/PeiCryptLib.inf      |   3 +-
 .../Library/BaseCryptLib/RuntimeCryptLib.inf  |   3 +-
 .../Library/BaseCryptLib/SmmCryptLib.inf      |   3 +-
 .../BaseCryptLibNull/BaseCryptLibNull.inf     |   1 -
 .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 -----------
 .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 147 -------------
 CryptoPkg/Private/Protocol/Crypto.h           | 139 ------------
 12 files changed, 3 insertions(+), 1032 deletions(-)
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c

diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index 48a565a2b3..1f65a83e57 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -1898,153 +1898,6 @@ CryptoServiceAesCbcDecrypt (
   return CALL_BASECRYPTLIB (Aes.Services.CbcDecrypt, AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE);
 }
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for ARC4 operations.
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-CryptoServiceArc4GetContextSize (
-  VOID
-  )
-{
-  return CALL_BASECRYPTLIB (Arc4.Services.GetContextSize, Arc4GetContextSize, (), 0);
-}
-
-/**
-  Initializes user-supplied memory as ARC4 context for subsequent use.
-
-  This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
-  In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
-  operations.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeySize does not in the range of [5, 256] bytes, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  Arc4Context  Pointer to ARC4 context being initialized.
-  @param[in]   Key          Pointer to the user-supplied ARC4 key.
-  @param[in]   KeySize      Size of ARC4 key in bytes.
-
-  @retval TRUE   ARC4 context initialization succeeded.
-  @retval FALSE  ARC4 context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceArc4Init (
-  OUT  VOID         *Arc4Context,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeySize
-  )
-{
-  return CALL_BASECRYPTLIB (Arc4.Services.Init, Arc4Init, (Arc4Context, Key, KeySize), FALSE);
-}
-
-/**
-  Performs ARC4 encryption on a data buffer of the specified size.
-
-  This function performs ARC4 encryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 encryption output.
-
-  @retval TRUE   ARC4 encryption succeeded.
-  @retval FALSE  ARC4 encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceArc4Encrypt (
-  IN OUT  VOID         *Arc4Context,
-  IN      CONST UINT8  *Input,
-  IN      UINTN        InputSize,
-  OUT     UINT8        *Output
-  )
-{
-  return CALL_BASECRYPTLIB (Arc4.Services.Encrypt, Arc4Encrypt, (Arc4Context, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Performs ARC4 decryption on a data buffer of the specified size.
-
-  This function performs ARC4 decryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 decryption output.
-
-  @retval TRUE   ARC4 decryption succeeded.
-  @retval FALSE  ARC4 decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceArc4Decrypt (
-  IN OUT  VOID   *Arc4Context,
-  IN      UINT8  *Input,
-  IN      UINTN  InputSize,
-  OUT     UINT8  *Output
-  )
-{
-  return CALL_BASECRYPTLIB (Arc4.Services.Decrypt, Arc4Decrypt, (Arc4Context, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Resets the ARC4 context to the initial state.
-
-  The function resets the ARC4 context to the state it had immediately after the
-  ARC4Init() function call.
-  Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
-  should be already correctly initialized by ARC4Init().
-
-  If Arc4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-
-  @retval TRUE   ARC4 reset succeeded.
-  @retval FALSE  ARC4 reset failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceArc4Reset (
-  IN OUT  VOID  *Arc4Context
-  )
-{
-  return CALL_BASECRYPTLIB (Arc4.Services.Reset, Arc4Reset, (Arc4Context), FALSE);
-}
-
 //=====================================================================================
 //    Asymmetric Cryptography Primitive
 //=====================================================================================
@@ -4357,12 +4210,6 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceAesEcbDecrypt,
   CryptoServiceAesCbcEncrypt,
   CryptoServiceAesCbcDecrypt,
-  /// Arc4
-  CryptoServiceArc4GetContextSize,
-  CryptoServiceArc4Init,
-  CryptoServiceArc4Encrypt,
-  CryptoServiceArc4Decrypt,
-  CryptoServiceArc4Reset,
   /// SM3
   CryptoServiceSm3GetContextSize,
   CryptoServiceSm3Init,
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index c862f0334f..25e236c4a3 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -1667,138 +1667,6 @@ AesCbcDecrypt (
   OUT  UINT8        *Output
   );
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for ARC4 operations.
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
-  VOID
-  );
-
-/**
-  Initializes user-supplied memory as ARC4 context for subsequent use.
-
-  This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
-  In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
-  operations.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeySize does not in the range of [5, 256] bytes, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  Arc4Context  Pointer to ARC4 context being initialized.
-  @param[in]   Key          Pointer to the user-supplied ARC4 key.
-  @param[in]   KeySize      Size of ARC4 key in bytes.
-
-  @retval TRUE   ARC4 context initialization succeeded.
-  @retval FALSE  ARC4 context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
-  OUT  VOID         *Arc4Context,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeySize
-  );
-
-/**
-  Performs ARC4 encryption on a data buffer of the specified size.
-
-  This function performs ARC4 encryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 encryption output.
-
-  @retval TRUE   ARC4 encryption succeeded.
-  @retval FALSE  ARC4 encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
-  IN OUT  VOID         *Arc4Context,
-  IN      CONST UINT8  *Input,
-  IN      UINTN        InputSize,
-  OUT     UINT8        *Output
-  );
-
-/**
-  Performs ARC4 decryption on a data buffer of the specified size.
-
-  This function performs ARC4 decryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 decryption output.
-
-  @retval TRUE   ARC4 decryption succeeded.
-  @retval FALSE  ARC4 decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
-  IN OUT  VOID   *Arc4Context,
-  IN      UINT8  *Input,
-  IN      UINTN  InputSize,
-  OUT     UINT8  *Output
-  );
-
-/**
-  Resets the ARC4 context to the initial state.
-
-  The function resets the ARC4 context to the state it had immediately after the
-  ARC4Init() function call.
-  Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
-  should be already correctly initialized by ARC4Init().
-
-  If Arc4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-
-  @retval TRUE   ARC4 reset succeeded.
-  @retval FALSE  ARC4 reset failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
-  IN OUT  VOID  *Arc4Context
-  );
-
 //=====================================================================================
 //    Asymmetric Cryptography Primitive
 //=====================================================================================
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 254fa310d5..dadd7b40c0 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -39,7 +39,6 @@
   Kdf/CryptHkdf.c
   Cipher/CryptAes.c
   Cipher/CryptTdes.c
-  Cipher/CryptArc4.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExt.c
   Pk/CryptPkcs1Oaep.c
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
deleted file mode 100644
index 388d312bed..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/** @file
-  ARC4 Wrapper Implementation over OpenSSL.
-
-Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-#include <openssl/rc4.h>
-
-/**
-  Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
-  @return  The size, in bytes, of the context buffer required for ARC4 operations.
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
-  VOID
-  )
-{
-  //
-  // Memory for 2 copies of RC4_KEY is allocated, one for working copy, and the other
-  // for backup copy. When Arc4Reset() is called, we can use the backup copy to restore
-  // the working copy to the initial state.
-  //
-  return (UINTN) (2 * sizeof (RC4_KEY));
-}
-
-/**
-  Initializes user-supplied memory as ARC4 context for subsequent use.
-
-  This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
-  In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
-  operations.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeySize does not in the range of [5, 256] bytes, then return FALSE.
-
-  @param[out]  Arc4Context  Pointer to ARC4 context being initialized.
-  @param[in]   Key          Pointer to the user-supplied ARC4 key.
-  @param[in]   KeySize      Size of ARC4 key in bytes.
-
-  @retval TRUE   ARC4 context initialization succeeded.
-  @retval FALSE  ARC4 context initialization failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
-  OUT  VOID         *Arc4Context,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeySize
-  )
-{
-  RC4_KEY  *Rc4Key;
-
-  //
-  // Check input parameters.
-  //
-  if (Arc4Context == NULL || Key == NULL || (KeySize < 5 || KeySize > 256)) {
-    return FALSE;
-  }
-
-  Rc4Key = (RC4_KEY *) Arc4Context;
-
-  RC4_set_key (Rc4Key, (UINT32) KeySize, Key);
-
-  CopyMem (Rc4Key +  1, Rc4Key, sizeof (RC4_KEY));
-
-  return TRUE;
-}
-
-/**
-  Performs ARC4 encryption on a data buffer of the specified size.
-
-  This function performs ARC4 encryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 encryption output.
-
-  @retval TRUE   ARC4 encryption succeeded.
-  @retval FALSE  ARC4 encryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
-  IN OUT  VOID         *Arc4Context,
-  IN      CONST UINT8  *Input,
-  IN      UINTN        InputSize,
-  OUT     UINT8        *Output
-  )
-{
-  RC4_KEY  *Rc4Key;
-
-  //
-  // Check input parameters.
-  //
-  if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
-    return FALSE;
-  }
-
-  Rc4Key = (RC4_KEY *) Arc4Context;
-
-  RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
-
-  return TRUE;
-}
-
-/**
-  Performs ARC4 decryption on a data buffer of the specified size.
-
-  This function performs ARC4 decryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 decryption output.
-
-  @retval TRUE   ARC4 decryption succeeded.
-  @retval FALSE  ARC4 decryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
-  IN OUT  VOID   *Arc4Context,
-  IN      UINT8  *Input,
-  IN      UINTN  InputSize,
-  OUT     UINT8  *Output
-  )
-{
-  RC4_KEY  *Rc4Key;
-
-  //
-  // Check input parameters.
-  //
-  if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
-    return FALSE;
-  }
-
-  Rc4Key = (RC4_KEY *) Arc4Context;
-
-  RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
-
-  return TRUE;
-}
-
-/**
-  Resets the ARC4 context to the initial state.
-
-  The function resets the ARC4 context to the state it had immediately after the
-  ARC4Init() function call.
-  Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
-  should be already correctly initialized by ARC4Init().
-
-  If Arc4Context is NULL, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-
-  @retval TRUE   ARC4 reset succeeded.
-  @retval FALSE  ARC4 reset failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
-  IN OUT  VOID  *Arc4Context
-  )
-{
-  RC4_KEY  *Rc4Key;
-
-  //
-  // Check input parameters.
-  //
-  if (Arc4Context == NULL) {
-    return FALSE;
-  }
-
-  Rc4Key = (RC4_KEY *) Arc4Context;
-
-  CopyMem (Rc4Key, Rc4Key + 1, sizeof (RC4_KEY));
-
-  return TRUE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
deleted file mode 100644
index 1f09bfa30e..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/** @file
-  ARC4 Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
-  Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
-  Return zero to indicate this interface is not supported.
-
-  @retval  0   This interface is not supported.
-
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
-  VOID
-  )
-{
-  ASSERT (FALSE);
-  return 0;
-}
-
-/**
-  Initializes user-supplied memory as ARC4 context for subsequent use.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[out]  Arc4Context  Pointer to ARC4 context being initialized.
-  @param[in]   Key          Pointer to the user-supplied ARC4 key.
-  @param[in]   KeySize      Size of ARC4 key in bytes.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
-  OUT  VOID         *Arc4Context,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeySize
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs ARC4 encryption on a data buffer of the specified size.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
-  IN OUT  VOID         *Arc4Context,
-  IN      CONST UINT8  *Input,
-  IN      UINTN        InputSize,
-  OUT     UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs ARC4 decryption on a data buffer of the specified size.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 decryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
-  IN OUT  VOID   *Arc4Context,
-  IN      UINT8  *Input,
-  IN      UINTN  InputSize,
-  OUT     UINT8  *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Resets the ARC4 context to the initial state.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
-  IN OUT  VOID  *Arc4Context
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index e9add0127d..f43953b78c 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -7,7 +7,7 @@
 #  buffer overflow or integer overflow.
 #
 #  Note:
-#  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
+#  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509
 #  certificate handler functions, authenticode signature verification functions,
 #  PEM handler functions, and pseudorandom number generator functions are not
@@ -46,7 +46,6 @@
   Kdf/CryptHkdfNull.c
   Cipher/CryptAesNull.c
   Cipher/CryptTdesNull.c
-  Cipher/CryptArc4Null.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
   Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index b1a06a2368..68226a7389 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -7,7 +7,7 @@
 #  buffer overflow or integer overflow.
 #
 #  Note: SHA-384 Digest functions, SHA-512 Digest functions,
-#  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
+#  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
 #  authenticode signature verification functions are not supported in this instance.
 #
@@ -45,7 +45,6 @@
   Kdf/CryptHkdfNull.c
   Cipher/CryptAesNull.c
   Cipher/CryptTdesNull.c
-  Cipher/CryptArc4Null.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
   Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index 139983075e..3a94655775 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -7,7 +7,7 @@
 #  buffer overflow or integer overflow.
 #
 #  Note: SHA-384 Digest functions, SHA-512 Digest functions,
-#  HMAC-MD5 functions, HMAC-SHA1 functions, TDES/ARC4 functions, RSA external
+#  HMAC-MD5 functions, HMAC-SHA1 functions, TDES functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
 #  authenticode signature verification functions are not supported in this instance.
 #
@@ -45,7 +45,6 @@
   Kdf/CryptHkdfNull.c
   Cipher/CryptAes.c
   Cipher/CryptTdesNull.c
-  Cipher/CryptArc4Null.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
   Pk/CryptPkcs1Oaep.c
diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
index ff79fe47d7..d1af62ba30 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
+++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
@@ -39,7 +39,6 @@
   Kdf/CryptHkdfNull.c
   Cipher/CryptAesNull.c
   Cipher/CryptTdesNull.c
-  Cipher/CryptArc4Null.c
   Pk/CryptRsaBasicNull.c
   Pk/CryptRsaExtNull.c
   Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c b/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
deleted file mode 100644
index 1f09bfa30e..0000000000
--- a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/** @file
-  ARC4 Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
-  Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
-  Return zero to indicate this interface is not supported.
-
-  @retval  0   This interface is not supported.
-
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
-  VOID
-  )
-{
-  ASSERT (FALSE);
-  return 0;
-}
-
-/**
-  Initializes user-supplied memory as ARC4 context for subsequent use.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[out]  Arc4Context  Pointer to ARC4 context being initialized.
-  @param[in]   Key          Pointer to the user-supplied ARC4 key.
-  @param[in]   KeySize      Size of ARC4 key in bytes.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
-  OUT  VOID         *Arc4Context,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeySize
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs ARC4 encryption on a data buffer of the specified size.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
-  IN OUT  VOID         *Arc4Context,
-  IN      CONST UINT8  *Input,
-  IN      UINTN        InputSize,
-  OUT     UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs ARC4 decryption on a data buffer of the specified size.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 decryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
-  IN OUT  VOID   *Arc4Context,
-  IN      UINT8  *Input,
-  IN      UINTN  InputSize,
-  OUT     UINT8  *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Resets the ARC4 context to the initial state.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
-  IN OUT  VOID  *Arc4Context
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index 5e470028f4..77915bdb86 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -1892,153 +1892,6 @@ AesCbcDecrypt (
   CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE);
 }
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for ARC4 operations.
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
-  VOID
-  )
-{
-  CALL_CRYPTO_SERVICE (Arc4GetContextSize, (), 0);
-}
-
-/**
-  Initializes user-supplied memory as ARC4 context for subsequent use.
-
-  This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
-  In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
-  operations.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeySize does not in the range of [5, 256] bytes, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  Arc4Context  Pointer to ARC4 context being initialized.
-  @param[in]   Key          Pointer to the user-supplied ARC4 key.
-  @param[in]   KeySize      Size of ARC4 key in bytes.
-
-  @retval TRUE   ARC4 context initialization succeeded.
-  @retval FALSE  ARC4 context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
-  OUT  VOID         *Arc4Context,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeySize
-  )
-{
-  CALL_CRYPTO_SERVICE (Arc4Init, (Arc4Context, Key, KeySize), FALSE);
-}
-
-/**
-  Performs ARC4 encryption on a data buffer of the specified size.
-
-  This function performs ARC4 encryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 encryption output.
-
-  @retval TRUE   ARC4 encryption succeeded.
-  @retval FALSE  ARC4 encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
-  IN OUT  VOID         *Arc4Context,
-  IN      CONST UINT8  *Input,
-  IN      UINTN        InputSize,
-  OUT     UINT8        *Output
-  )
-{
-  CALL_CRYPTO_SERVICE (Arc4Encrypt, (Arc4Context, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Performs ARC4 decryption on a data buffer of the specified size.
-
-  This function performs ARC4 decryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 decryption output.
-
-  @retval TRUE   ARC4 decryption succeeded.
-  @retval FALSE  ARC4 decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
-  IN OUT  VOID   *Arc4Context,
-  IN      UINT8  *Input,
-  IN      UINTN  InputSize,
-  OUT     UINT8  *Output
-  )
-{
-  CALL_CRYPTO_SERVICE (Arc4Decrypt, (Arc4Context, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Resets the ARC4 context to the initial state.
-
-  The function resets the ARC4 context to the state it had immediately after the
-  ARC4Init() function call.
-  Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
-  should be already correctly initialized by ARC4Init().
-
-  If Arc4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-
-  @retval TRUE   ARC4 reset succeeded.
-  @retval FALSE  ARC4 reset failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
-  IN OUT  VOID  *Arc4Context
-  )
-{
-  CALL_CRYPTO_SERVICE (Arc4Reset, (Arc4Context), FALSE);
-}
-
 //=====================================================================================
 //    Asymmetric Cryptography Primitive
 //=====================================================================================
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index c9529bda96..e50d0b4190 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -2733,139 +2733,6 @@ BOOLEAN
   OUT  UINT8        *Output
   );
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for ARC4 operations.
-  @retval  0   This interface is not supported.
-
-**/
-typedef
-UINTN
-(EFIAPI *EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE) (
-  VOID
-  );
-
-/**
-  Initializes user-supplied memory as ARC4 context for subsequent use.
-
-  This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
-  In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
-  operations.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeySize does not in the range of [5, 256] bytes, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  Arc4Context  Pointer to ARC4 context being initialized.
-  @param[in]   Key          Pointer to the user-supplied ARC4 key.
-  @param[in]   KeySize      Size of ARC4 key in bytes.
-
-  @retval TRUE   ARC4 context initialization succeeded.
-  @retval FALSE  ARC4 context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_ARC4_INIT) (
-  OUT  VOID         *Arc4Context,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeySize
-  );
-
-/**
-  Performs ARC4 encryption on a data buffer of the specified size.
-
-  This function performs ARC4 encryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 encryption output.
-
-  @retval TRUE   ARC4 encryption succeeded.
-  @retval FALSE  ARC4 encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_ARC4_ENCRYPT) (
-  IN OUT  VOID         *Arc4Context,
-  IN      CONST UINT8  *Input,
-  IN      UINTN        InputSize,
-  OUT     UINT8        *Output
-  );
-
-/**
-  Performs ARC4 decryption on a data buffer of the specified size.
-
-  This function performs ARC4 decryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-  @param[in]       Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]       InputSize    Size of the Input buffer in bytes.
-  @param[out]      Output       Pointer to a buffer that receives the ARC4 decryption output.
-
-  @retval TRUE   ARC4 decryption succeeded.
-  @retval FALSE  ARC4 decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_ARC4_DECRYPT) (
-  IN OUT  VOID   *Arc4Context,
-  IN      UINT8  *Input,
-  IN      UINTN  InputSize,
-  OUT     UINT8  *Output
-  );
-
-/**
-  Resets the ARC4 context to the initial state.
-
-  The function resets the ARC4 context to the state it had immediately after the
-  ARC4Init() function call.
-  Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
-  should be already correctly initialized by ARC4Init().
-
-  If Arc4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in, out]  Arc4Context  Pointer to the ARC4 context.
-
-  @retval TRUE   ARC4 reset succeeded.
-  @retval FALSE  ARC4 reset failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_ARC4_RESET) (
-  IN OUT  VOID  *Arc4Context
-  );
-
-
 /**
   Retrieves the size, in bytes, of the context buffer required for SM3 hash operations.
 
@@ -3956,12 +3823,6 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_AES_ECB_DECRYPT                    AesEcbDecrypt;
   EDKII_CRYPTO_AES_CBC_ENCRYPT                    AesCbcEncrypt;
   EDKII_CRYPTO_AES_CBC_DECRYPT                    AesCbcDecrypt;
-  /// Arc4
-  EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE              Arc4GetContextSize;
-  EDKII_CRYPTO_ARC4_INIT                          Arc4Init;
-  EDKII_CRYPTO_ARC4_ENCRYPT                       Arc4Encrypt;
-  EDKII_CRYPTO_ARC4_DECRYPT                       Arc4Decrypt;
-  EDKII_CRYPTO_ARC4_RESET                         Arc4Reset;
   /// SM3
   EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE               Sm3GetContextSize;
   EDKII_CRYPTO_SM3_INIT                           Sm3Init;
-- 
2.21.0.windows.1


^ permalink raw reply related	[flat|nested] 38+ messages in thread

* [PATCH 3/8] CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 1/8] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 2/8] CryptoPkg/BaseCryptLib: Retire ARC4 algorithm Gao, Zhichao
@ 2020-03-27  1:56 ` Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 4/8] CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm Gao, Zhichao
                   ` (7 subsequent siblings)
  10 siblings, 0 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  1:56 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Xiaoyu Lu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898

Tdes is not secure any longer.
Remove the Tdes support from edk2.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 CryptoPkg/Driver/Crypto.c                     | 221 -----------
 CryptoPkg/Include/Library/BaseCryptLib.h      | 201 ----------
 .../Library/BaseCryptLib/BaseCryptLib.inf     |   1 -
 .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ------------------
 .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 --------
 .../Library/BaseCryptLib/PeiCryptLib.inf      |   3 +-
 .../Library/BaseCryptLib/RuntimeCryptLib.inf  |   3 +-
 .../Library/BaseCryptLib/SmmCryptLib.inf      |   3 +-
 .../BaseCryptLibNull/BaseCryptLibNull.inf     |   1 -
 .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 --------
 .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 214 ----------
 CryptoPkg/Private/Protocol/Crypto.h           | 203 ----------
 12 files changed, 3 insertions(+), 1531 deletions(-)
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
 delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c

diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index 1f65a83e57..d471ecb5ba 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -1473,220 +1473,6 @@ CryptoServiceHmacSha256Final (
 //    Symmetric Cryptography Primitive
 //=====================================================================================
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for TDES operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for TDES operations.
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-CryptoServiceTdesGetContextSize (
-  VOID
-  )
-{
-  return CALL_BASECRYPTLIB (Tdes.Services.GetContextSize, TdesGetContextSize, (), 0);
-}
-
-/**
-  Initializes user-supplied memory as TDES context for subsequent use.
-
-  This function initializes user-supplied memory pointed by TdesContext as TDES context.
-  In addition, it sets up all TDES key materials for subsequent encryption and decryption
-  operations.
-  There are 3 key options as follows:
-  KeyLength = 64,  Keying option 1: K1 == K2 == K3 (Backward compatibility with DES)
-  KeyLength = 128, Keying option 2: K1 != K2 and K3 = K1 (Less Security)
-  KeyLength = 192  Keying option 3: K1 != K2 != K3 (Strongest)
-
-  If TdesContext is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeyLength is not valid, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  TdesContext  Pointer to TDES context being initialized.
-  @param[in]   Key          Pointer to the user-supplied TDES key.
-  @param[in]   KeyLength    Length of TDES key in bits.
-
-  @retval TRUE   TDES context initialization succeeded.
-  @retval FALSE  TDES context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceTdesInit (
-  OUT  VOID         *TdesContext,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeyLength
-  )
-{
-  return CALL_BASECRYPTLIB (Tdes.Services.Init, TdesInit, (TdesContext, Key, KeyLength), FALSE);
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceTdesEcbEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  return CALL_BASECRYPTLIB (Tdes.Services.EcbEncrypt, TdesEcbEncrypt, (TdesContext, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES decryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceTdesEcbDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  return CALL_BASECRYPTLIB (Tdes.Services.EcbDecrypt, TdesEcbDecrypt, (TdesContext, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceTdesCbcEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  return CALL_BASECRYPTLIB (Tdes.Services.CbcEncrypt, TdesCbcEncrypt, (TdesContext, Input, InputSize, Ivec, Output), FALSE);
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceTdesCbcDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  return CALL_BASECRYPTLIB (Tdes.Services.CbcDecrypt, TdesCbcDecrypt, (TdesContext, Input, InputSize, Ivec, Output), FALSE);
-}
-
 /**
   Retrieves the size, in bytes, of the context buffer required for AES operations.
 
@@ -4196,13 +3982,6 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceX509Free,
   CryptoServiceX509StackFree,
   CryptoServiceX509GetTBSCert,
-  /// TDES
-  CryptoServiceTdesGetContextSize,
-  CryptoServiceTdesInit,
-  CryptoServiceTdesEcbEncrypt,
-  CryptoServiceTdesEcbDecrypt,
-  CryptoServiceTdesCbcEncrypt,
-  CryptoServiceTdesCbcDecrypt,
   /// AES
   CryptoServiceAesGetContextSize,
   CryptoServiceAesInit,
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index 25e236c4a3..c66232bc1c 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -44,11 +44,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 ///
 #define SM3_256_DIGEST_SIZE 32
 
-///
-/// TDES block size in bytes
-///
-#define TDES_BLOCK_SIZE     8
-
 ///
 /// AES block size in bytes
 ///
@@ -1278,202 +1273,6 @@ HmacSha256Final (
 //    Symmetric Cryptography Primitive
 //=====================================================================================
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for TDES operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for TDES operations.
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-TdesGetContextSize (
-  VOID
-  );
-
-/**
-  Initializes user-supplied memory as TDES context for subsequent use.
-
-  This function initializes user-supplied memory pointed by TdesContext as TDES context.
-  In addition, it sets up all TDES key materials for subsequent encryption and decryption
-  operations.
-  There are 3 key options as follows:
-  KeyLength = 64,  Keying option 1: K1 == K2 == K3 (Backward compatibility with DES)
-  KeyLength = 128, Keying option 2: K1 != K2 and K3 = K1 (Less Security)
-  KeyLength = 192  Keying option 3: K1 != K2 != K3 (Strongest)
-
-  If TdesContext is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeyLength is not valid, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  TdesContext  Pointer to TDES context being initialized.
-  @param[in]   Key          Pointer to the user-supplied TDES key.
-  @param[in]   KeyLength    Length of TDES key in bits.
-
-  @retval TRUE   TDES context initialization succeeded.
-  @retval FALSE  TDES context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesInit (
-  OUT  VOID         *TdesContext,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeyLength
-  );
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  );
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES decryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  );
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  );
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  );
-
 /**
   Retrieves the size, in bytes, of the context buffer required for AES operations.
 
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index dadd7b40c0..498e0f75e8 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -38,7 +38,6 @@
   Hmac/CryptHmacSha256.c
   Kdf/CryptHkdf.c
   Cipher/CryptAes.c
-  Cipher/CryptTdes.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExt.c
   Pk/CryptPkcs1Oaep.c
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
deleted file mode 100644
index fd799f3398..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
+++ /dev/null
@@ -1,364 +0,0 @@
-/** @file
-  TDES Wrapper Implementation over OpenSSL.
-
-Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-#include <openssl/des.h>
-
-/**
-  Retrieves the size, in bytes, of the context buffer required for TDES operations.
-
-  @return  The size, in bytes, of the context buffer required for TDES operations.
-
-**/
-UINTN
-EFIAPI
-TdesGetContextSize (
-  VOID
-  )
-{
-  //
-  // Memory for 3 copies of DES_key_schedule is allocated, for K1, K2 and K3 each.
-  //
-  return (UINTN) (3 * sizeof (DES_key_schedule));
-}
-
-/**
-  Initializes user-supplied memory as TDES context for subsequent use.
-
-  This function initializes user-supplied memory pointed by TdesContext as TDES context.
-  In addition, it sets up all TDES key materials for subsequent encryption and decryption
-  operations.
-  There are 3 key options as follows:
-  KeyLength = 64,  Keying option 1: K1 == K2 == K3 (Backward compatibility with DES)
-  KeyLength = 128, Keying option 2: K1 != K2 and K3 = K1 (Less Security)
-  KeyLength = 192  Keying option 3: K1 != K2 != K3 (Strongest)
-
-  If TdesContext is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeyLength is not valid, then return FALSE.
-
-  @param[out]  TdesContext  Pointer to TDES context being initialized.
-  @param[in]   Key          Pointer to the user-supplied TDES key.
-  @param[in]   KeyLength    Length of TDES key in bits.
-
-  @retval TRUE   TDES context initialization succeeded.
-  @retval FALSE  TDES context initialization failed.
-
-**/
-BOOLEAN
-EFIAPI
-TdesInit (
-  OUT  VOID         *TdesContext,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeyLength
-  )
-{
-  DES_key_schedule  *KeySchedule;
-
-  //
-  // Check input parameters.
-  //
-  if (TdesContext == NULL || Key == NULL || (KeyLength != 64 && KeyLength != 128 && KeyLength != 192)) {
-    return FALSE;
-  }
-
-  KeySchedule = (DES_key_schedule *) TdesContext;
-
-  //
-  // If input Key is a weak key, return error.
-  //
-  if (DES_is_weak_key ((const_DES_cblock *) Key) == 1) {
-    return FALSE;
-  }
-
-  DES_set_key_unchecked ((const_DES_cblock *) Key, KeySchedule);
-
-  if (KeyLength == 64) {
-    CopyMem (KeySchedule + 1, KeySchedule, sizeof (DES_key_schedule));
-    CopyMem (KeySchedule + 2, KeySchedule, sizeof (DES_key_schedule));
-    return TRUE;
-  }
-
-  if (DES_is_weak_key ((const_DES_cblock *) (Key + 8)) == 1) {
-    return FALSE;
-  }
-
-  DES_set_key_unchecked ((const_DES_cblock *) (Key + 8), KeySchedule + 1);
-
-  if (KeyLength == 128) {
-    CopyMem (KeySchedule + 2, KeySchedule, sizeof (DES_key_schedule));
-    return TRUE;
-  }
-
-  if (DES_is_weak_key ((const_DES_cblock *) (Key + 16)) == 1) {
-    return FALSE;
-  }
-
-  DES_set_key_unchecked ((const_DES_cblock *) (Key + 16), KeySchedule + 2);
-
-  return TRUE;
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  DES_key_schedule  *KeySchedule;
-
-  //
-  // Check input parameters.
-  //
-  if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0 || Output == NULL) {
-    return FALSE;
-  }
-
-  KeySchedule = (DES_key_schedule *) TdesContext;
-
-  while (InputSize > 0) {
-    DES_ecb3_encrypt (
-      (const_DES_cblock *) Input,
-      (DES_cblock *) Output,
-      KeySchedule,
-      KeySchedule + 1,
-      KeySchedule + 2,
-      DES_ENCRYPT
-      );
-    Input     += TDES_BLOCK_SIZE;
-    Output    += TDES_BLOCK_SIZE;
-    InputSize -= TDES_BLOCK_SIZE;
-  }
-
-  return TRUE;
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES decryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  DES_key_schedule  *KeySchedule;
-
-  //
-  // Check input parameters.
-  //
-  if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0 || Output == NULL) {
-    return FALSE;
-  }
-
-  KeySchedule = (DES_key_schedule *) TdesContext;
-
-  while (InputSize > 0) {
-    DES_ecb3_encrypt (
-      (const_DES_cblock *) Input,
-      (DES_cblock *) Output,
-      KeySchedule,
-      KeySchedule + 1,
-      KeySchedule + 2,
-      DES_DECRYPT
-      );
-    Input     += TDES_BLOCK_SIZE;
-    Output    += TDES_BLOCK_SIZE;
-    InputSize -= TDES_BLOCK_SIZE;
-  }
-
-  return TRUE;
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  DES_key_schedule  *KeySchedule;
-  UINT8             IvecBuffer[TDES_BLOCK_SIZE];
-
-  //
-  // Check input parameters.
-  //
-  if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0) {
-    return FALSE;
-  }
-
-  if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) {
-    return FALSE;
-  }
-
-  KeySchedule = (DES_key_schedule *) TdesContext;
-  CopyMem (IvecBuffer, Ivec, TDES_BLOCK_SIZE);
-
-  DES_ede3_cbc_encrypt (
-    Input,
-    Output,
-    (UINT32) InputSize,
-    KeySchedule,
-    KeySchedule + 1,
-    KeySchedule + 2,
-    (DES_cblock *) IvecBuffer,
-    DES_ENCRYPT
-    );
-
-  return TRUE;
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  DES_key_schedule  *KeySchedule;
-  UINT8             IvecBuffer[TDES_BLOCK_SIZE];
-
-  //
-  // Check input parameters.
-  //
-  if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0) {
-    return FALSE;
-  }
-
-  if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) {
-    return FALSE;
-  }
-
-  KeySchedule = (DES_key_schedule *) TdesContext;
-  CopyMem (IvecBuffer, Ivec, TDES_BLOCK_SIZE);
-
-  DES_ede3_cbc_encrypt (
-    Input,
-    Output,
-    (UINT32) InputSize,
-    KeySchedule,
-    KeySchedule + 1,
-    KeySchedule + 2,
-    (DES_cblock *) IvecBuffer,
-    DES_DECRYPT
-    );
-
-  return TRUE;
-}
-
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
deleted file mode 100644
index efa2716063..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/** @file
-  TDES Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
-  Retrieves the size, in bytes, of the context buffer required for TDES operations.
-
-  Return zero to indicate this interface is not supported.
-
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-TdesGetContextSize (
-  VOID
-  )
-{
-  ASSERT (FALSE);
-  return 0;
-}
-
-/**
-  Initializes user-supplied memory as TDES context for subsequent use.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[out]  TdesContext  Pointer to TDES context being initialized.
-  @param[in]   Key          Pointer to the user-supplied TDES key.
-  @param[in]   KeyLength    Length of TDES key in bits.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesInit (
-  OUT  VOID         *TdesContext,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeyLength
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in ECB mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in ECB mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES decryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in CBC mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in CBC mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index f43953b78c..f631f8d879 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -7,7 +7,7 @@
 #  buffer overflow or integer overflow.
 #
 #  Note:
-#  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA external
+#  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509
 #  certificate handler functions, authenticode signature verification functions,
 #  PEM handler functions, and pseudorandom number generator functions are not
@@ -45,7 +45,6 @@
   Hmac/CryptHmacSha256Null.c
   Kdf/CryptHkdfNull.c
   Cipher/CryptAesNull.c
-  Cipher/CryptTdesNull.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
   Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index 68226a7389..3b664ae30a 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -7,7 +7,7 @@
 #  buffer overflow or integer overflow.
 #
 #  Note: SHA-384 Digest functions, SHA-512 Digest functions,
-#  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA external
+#  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
 #  authenticode signature verification functions are not supported in this instance.
 #
@@ -44,7 +44,6 @@
   Hmac/CryptHmacSha256Null.c
   Kdf/CryptHkdfNull.c
   Cipher/CryptAesNull.c
-  Cipher/CryptTdesNull.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
   Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index 3a94655775..cc3556ae3f 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -7,7 +7,7 @@
 #  buffer overflow or integer overflow.
 #
 #  Note: SHA-384 Digest functions, SHA-512 Digest functions,
-#  HMAC-MD5 functions, HMAC-SHA1 functions, TDES functions, RSA external
+#  HMAC-MD5 functions, HMAC-SHA1 functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
 #  authenticode signature verification functions are not supported in this instance.
 #
@@ -44,7 +44,6 @@
   Hmac/CryptHmacSha256.c
   Kdf/CryptHkdfNull.c
   Cipher/CryptAes.c
-  Cipher/CryptTdesNull.c
   Pk/CryptRsaBasic.c
   Pk/CryptRsaExtNull.c
   Pk/CryptPkcs1Oaep.c
diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
index d1af62ba30..2f4464b584 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
+++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
@@ -38,7 +38,6 @@
   Hmac/CryptHmacSha256Null.c
   Kdf/CryptHkdfNull.c
   Cipher/CryptAesNull.c
-  Cipher/CryptTdesNull.c
   Pk/CryptRsaBasicNull.c
   Pk/CryptRsaExtNull.c
   Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c b/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
deleted file mode 100644
index efa2716063..0000000000
--- a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
+++ /dev/null
@@ -1,160 +0,0 @@
-/** @file
-  TDES Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
-  Retrieves the size, in bytes, of the context buffer required for TDES operations.
-
-  Return zero to indicate this interface is not supported.
-
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-TdesGetContextSize (
-  VOID
-  )
-{
-  ASSERT (FALSE);
-  return 0;
-}
-
-/**
-  Initializes user-supplied memory as TDES context for subsequent use.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[out]  TdesContext  Pointer to TDES context being initialized.
-  @param[in]   Key          Pointer to the user-supplied TDES key.
-  @param[in]   KeyLength    Length of TDES key in bits.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesInit (
-  OUT  VOID         *TdesContext,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeyLength
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in ECB mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in ECB mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES decryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in CBC mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in CBC mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index 77915bdb86..43ee4e0841 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -1467,220 +1467,6 @@ HmacSha256Final (
 //    Symmetric Cryptography Primitive
 //=====================================================================================
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for TDES operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for TDES operations.
-  @retval  0   This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-TdesGetContextSize (
-  VOID
-  )
-{
-  CALL_CRYPTO_SERVICE (TdesGetContextSize, (), 0);
-}
-
-/**
-  Initializes user-supplied memory as TDES context for subsequent use.
-
-  This function initializes user-supplied memory pointed by TdesContext as TDES context.
-  In addition, it sets up all TDES key materials for subsequent encryption and decryption
-  operations.
-  There are 3 key options as follows:
-  KeyLength = 64,  Keying option 1: K1 == K2 == K3 (Backward compatibility with DES)
-  KeyLength = 128, Keying option 2: K1 != K2 and K3 = K1 (Less Security)
-  KeyLength = 192  Keying option 3: K1 != K2 != K3 (Strongest)
-
-  If TdesContext is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeyLength is not valid, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  TdesContext  Pointer to TDES context being initialized.
-  @param[in]   Key          Pointer to the user-supplied TDES key.
-  @param[in]   KeyLength    Length of TDES key in bits.
-
-  @retval TRUE   TDES context initialization succeeded.
-  @retval FALSE  TDES context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesInit (
-  OUT  VOID         *TdesContext,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeyLength
-  )
-{
-  CALL_CRYPTO_SERVICE (TdesInit, (TdesContext, Key, KeyLength), FALSE);
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  CALL_CRYPTO_SERVICE (TdesEcbEncrypt, (TdesContext, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES decryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesEcbDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  CALL_CRYPTO_SERVICE (TdesEcbDecrypt, (TdesContext, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcEncrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  CALL_CRYPTO_SERVICE (TdesCbcEncrypt, (TdesContext, Input, InputSize, Ivec, Output), FALSE);
-}
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-TdesCbcDecrypt (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  )
-{
-  CALL_CRYPTO_SERVICE (TdesCbcDecrypt, (TdesContext, Input, InputSize, Ivec, Output), FALSE);
-}
-
 /**
   Retrieves the size, in bytes, of the context buffer required for AES operations.
 
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index e50d0b4190..5ecb3ccc79 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -2344,202 +2344,6 @@ BOOLEAN
 //    Symmetric Cryptography Primitive
 //=====================================================================================
 
-/**
-  Retrieves the size, in bytes, of the context buffer required for TDES operations.
-
-  If this interface is not supported, then return zero.
-
-  @return  The size, in bytes, of the context buffer required for TDES operations.
-  @retval  0   This interface is not supported.
-
-**/
-typedef
-UINTN
-(EFIAPI *EDKII_CRYPTO_TDES_GET_CONTEXT_SIZE) (
-  VOID
-  );
-
-/**
-  Initializes user-supplied memory as TDES context for subsequent use.
-
-  This function initializes user-supplied memory pointed by TdesContext as TDES context.
-  In addition, it sets up all TDES key materials for subsequent encryption and decryption
-  operations.
-  There are 3 key options as follows:
-  KeyLength = 64,  Keying option 1: K1 == K2 == K3 (Backward compatibility with DES)
-  KeyLength = 128, Keying option 2: K1 != K2 and K3 = K1 (Less Security)
-  KeyLength = 192  Keying option 3: K1 != K2 != K3 (Strongest)
-
-  If TdesContext is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeyLength is not valid, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[out]  TdesContext  Pointer to TDES context being initialized.
-  @param[in]   Key          Pointer to the user-supplied TDES key.
-  @param[in]   KeyLength    Length of TDES key in bits.
-
-  @retval TRUE   TDES context initialization succeeded.
-  @retval FALSE  TDES context initialization failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_TDES_INIT) (
-  OUT  VOID         *TdesContext,
-  IN   CONST UINT8  *Key,
-  IN   UINTN        KeyLength
-  );
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_TDES_ECB_ENCRYPT) (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  );
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[out]  Output       Pointer to a buffer that receives the TDES decryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_TDES_ECB_DECRYPT) (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  );
-
-/**
-  Performs TDES encryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES encryption succeeded.
-  @retval FALSE  TDES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_TDES_CBC_ENCRYPT) (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  );
-
-/**
-  Performs TDES decryption on a data buffer of the specified size in CBC mode.
-
-  This function performs TDES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in CBC mode.
-  InputSize must be multiple of block size (8 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  Initialization vector should be one block size (8 bytes).
-  TdesContext should be already correctly initialized by TdesInit(). Behavior with
-  invalid TDES context is undefined.
-
-  If TdesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (8 bytes), then return FALSE.
-  If Ivec is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   TdesContext  Pointer to the TDES context.
-  @param[in]   Input        Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize    Size of the Input buffer in bytes.
-  @param[in]   Ivec         Pointer to initialization vector.
-  @param[out]  Output       Pointer to a buffer that receives the TDES encryption output.
-
-  @retval TRUE   TDES decryption succeeded.
-  @retval FALSE  TDES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_TDES_CBC_DECRYPT) (
-  IN   VOID         *TdesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  IN   CONST UINT8  *Ivec,
-  OUT  UINT8        *Output
-  );
-
 /**
   Retrieves the size, in bytes, of the context buffer required for AES operations.
 
@@ -3809,13 +3613,6 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_X509_FREE                          X509Free;
   EDKII_CRYPTO_X509_STACK_FREE                    X509StackFree;
   EDKII_CRYPTO_X509_GET_TBS_CERT                  X509GetTBSCert;
-  /// TDES
-  EDKII_CRYPTO_TDES_GET_CONTEXT_SIZE              TdesGetContextSize;
-  EDKII_CRYPTO_TDES_INIT                          TdesInit;
-  EDKII_CRYPTO_TDES_ECB_ENCRYPT                   TdesEcbEncrypt;
-  EDKII_CRYPTO_TDES_ECB_DECRYPT                   TdesEcbDecrypt;
-  EDKII_CRYPTO_TDES_CBC_ENCRYPT                   TdesCbcEncrypt;
-  EDKII_CRYPTO_TDES_CBC_DECRYPT                   TdesCbcDecrypt;
   /// AES
   EDKII_CRYPTO_AES_GET_CONTEXT_SIZE               AesGetContextSize;
   EDKII_CRYPTO_AES_INIT                           AesInit;
-- 
2.21.0.windows.1


^ permalink raw reply related	[flat|nested] 38+ messages in thread

* [PATCH 4/8] CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
                   ` (2 preceding siblings ...)
  2020-03-27  1:56 ` [PATCH 3/8] CryptoPkg/BaseCryptLib: Retire the Tdes algorithm Gao, Zhichao
@ 2020-03-27  1:56 ` Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 5/8] CryptoPkg/dec: Add pcds to avoid building the deprecated function Gao, Zhichao
                   ` (6 subsequent siblings)
  10 siblings, 0 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  1:56 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Xiaoyu Lu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898

Aes Ecb mode is not secure any longer.
Remove the Aes Ecb mode support from edk2.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 CryptoPkg/Driver/Crypto.c                     |  78 ------------
 CryptoPkg/Include/Library/BaseCryptLib.h      |  70 -----------
 .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ------------------
 .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --------
 .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +--------
 .../BaseCryptLibOnProtocolPpi/CryptLib.c      |  76 ------------
 CryptoPkg/Private/Protocol/Crypto.h           |  72 -----------
 7 files changed, 1 insertion(+), 515 deletions(-)

diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index d471ecb5ba..cc5fd922b7 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -1524,82 +1524,6 @@ CryptoServiceAesInit (
   return CALL_BASECRYPTLIB (Aes.Services.Init, AesInit, (AesContext, Key, KeyLength), FALSE);
 }
 
-/**
-  Performs AES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES encryption output.
-
-  @retval TRUE   AES encryption succeeded.
-  @retval FALSE  AES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceAesEcbEncrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  return CALL_BASECRYPTLIB (Aes.Services.EcbEncrypt, AesEcbEncrypt, (AesContext, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Performs AES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES decryption output.
-
-  @retval TRUE   AES decryption succeeded.
-  @retval FALSE  AES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-CryptoServiceAesEcbDecrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  return CALL_BASECRYPTLIB (Aes.Services.EcbDecrypt, AesEcbDecrypt, (AesContext, Input, InputSize, Output), FALSE);
-}
-
 /**
   Performs AES encryption on a data buffer of the specified size in CBC mode.
 
@@ -3985,8 +3909,6 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   /// AES
   CryptoServiceAesGetContextSize,
   CryptoServiceAesInit,
-  CryptoServiceAesEcbEncrypt,
-  CryptoServiceAesEcbDecrypt,
   CryptoServiceAesCbcEncrypt,
   CryptoServiceAesCbcDecrypt,
   /// SM3
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index c66232bc1c..ad93ee2634 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -1318,76 +1318,6 @@ AesInit (
   IN   UINTN        KeyLength
   );
 
-/**
-  Performs AES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES encryption output.
-
-  @retval TRUE   AES encryption succeeded.
-  @retval FALSE  AES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbEncrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  );
-
-/**
-  Performs AES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES decryption output.
-
-  @retval TRUE   AES decryption succeeded.
-  @retval FALSE  AES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbDecrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  );
-
 /**
   Performs AES encryption on a data buffer of the specified size in CBC mode.
 
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
index 2515b34bb8..914cffb211 100644
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
+++ b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
@@ -78,120 +78,6 @@ AesInit (
   return TRUE;
 }
 
-/**
-  Performs AES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES encryption output.
-
-  @retval TRUE   AES encryption succeeded.
-  @retval FALSE  AES encryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbEncrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  AES_KEY  *AesKey;
-
-  //
-  // Check input parameters.
-  //
-  if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0 || Output == NULL) {
-    return FALSE;
-  }
-
-  AesKey = (AES_KEY *) AesContext;
-
-  //
-  // Perform AES data encryption with ECB mode (block-by-block)
-  //
-  while (InputSize > 0) {
-    AES_ecb_encrypt (Input, Output, AesKey, AES_ENCRYPT);
-    Input     += AES_BLOCK_SIZE;
-    Output    += AES_BLOCK_SIZE;
-    InputSize -= AES_BLOCK_SIZE;
-  }
-
-  return TRUE;
-}
-
-/**
-  Performs AES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES decryption output.
-
-  @retval TRUE   AES decryption succeeded.
-  @retval FALSE  AES decryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbDecrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  AES_KEY  *AesKey;
-
-  //
-  // Check input parameters.
-  //
-  if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0 || Output == NULL) {
-    return FALSE;
-  }
-
-  AesKey = (AES_KEY *) AesContext;
-
-  //
-  // Perform AES data decryption with ECB mode (block-by-block)
-  //
-  while (InputSize > 0) {
-    AES_ecb_encrypt (Input, Output, AesKey + 1, AES_DECRYPT);
-    Input     += AES_BLOCK_SIZE;
-    Output    += AES_BLOCK_SIZE;
-    InputSize -= AES_BLOCK_SIZE;
-  }
-
-  return TRUE;
-}
-
 /**
   Performs AES encryption on a data buffer of the specified size in CBC mode.
 
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAesNull.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAesNull.c
index a82adacf4f..d235422e7a 100644
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAesNull.c
+++ b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAesNull.c
@@ -50,58 +50,6 @@ AesInit (
   return FALSE;
 }
 
-/**
-  Performs AES encryption on a data buffer of the specified size in ECB mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbEncrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs AES decryption on a data buffer of the specified size in ECB mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES decryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbDecrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
 /**
   Performs AES encryption on a data buffer of the specified size in CBC mode.
 
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptAesNull.c b/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptAesNull.c
index a82adacf4f..8ddc00a59b 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptAesNull.c
+++ b/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptAesNull.c
@@ -1,7 +1,7 @@
 /** @file
   AES Wrapper Implementation which does not provide real capabilities.
 
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
@@ -50,58 +50,6 @@ AesInit (
   return FALSE;
 }
 
-/**
-  Performs AES encryption on a data buffer of the specified size in ECB mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES encryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbEncrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
-/**
-  Performs AES decryption on a data buffer of the specified size in ECB mode.
-
-  Return FALSE to indicate this interface is not supported.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES decryption output.
-
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbDecrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  ASSERT (FALSE);
-  return FALSE;
-}
-
 /**
   Performs AES encryption on a data buffer of the specified size in CBC mode.
 
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index 43ee4e0841..c937f8540d 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -1518,82 +1518,6 @@ AesInit (
   CALL_CRYPTO_SERVICE (AesInit, (AesContext, Key, KeyLength), FALSE);
 }
 
-/**
-  Performs AES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES encryption output.
-
-  @retval TRUE   AES encryption succeeded.
-  @retval FALSE  AES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbEncrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  CALL_CRYPTO_SERVICE (AesEcbEncrypt, (AesContext, Input, InputSize, Output), FALSE);
-}
-
-/**
-  Performs AES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES decryption output.
-
-  @retval TRUE   AES decryption succeeded.
-  @retval FALSE  AES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-AesEcbDecrypt (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  )
-{
-  CALL_CRYPTO_SERVICE (AesEcbDecrypt, (AesContext, Input, InputSize, Output), FALSE);
-}
-
 /**
   Performs AES encryption on a data buffer of the specified size in CBC mode.
 
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index 5ecb3ccc79..2c46a91eb6 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -2389,76 +2389,6 @@ BOOLEAN
   IN   UINTN        KeyLength
   );
 
-/**
-  Performs AES encryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES encryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be encrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES encryption output.
-
-  @retval TRUE   AES encryption succeeded.
-  @retval FALSE  AES encryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_AES_ECB_ENCRYPT) (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  );
-
-/**
-  Performs AES decryption on a data buffer of the specified size in ECB mode.
-
-  This function performs AES decryption on data buffer pointed by Input, of specified
-  size of InputSize, in ECB mode.
-  InputSize must be multiple of block size (16 bytes). This function does not perform
-  padding. Caller must perform padding, if necessary, to ensure valid input data size.
-  AesContext should be already correctly initialized by AesInit(). Behavior with
-  invalid AES context is undefined.
-
-  If AesContext is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If InputSize is not multiple of block size (16 bytes), then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
-
-  @param[in]   AesContext  Pointer to the AES context.
-  @param[in]   Input       Pointer to the buffer containing the data to be decrypted.
-  @param[in]   InputSize   Size of the Input buffer in bytes.
-  @param[out]  Output      Pointer to a buffer that receives the AES decryption output.
-
-  @retval TRUE   AES decryption succeeded.
-  @retval FALSE  AES decryption failed.
-  @retval FALSE  This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EDKII_CRYPTO_AES_ECB_DECRYPT) (
-  IN   VOID         *AesContext,
-  IN   CONST UINT8  *Input,
-  IN   UINTN        InputSize,
-  OUT  UINT8        *Output
-  );
-
 /**
   Performs AES encryption on a data buffer of the specified size in CBC mode.
 
@@ -3616,8 +3546,6 @@ struct _EDKII_CRYPTO_PROTOCOL {
   /// AES
   EDKII_CRYPTO_AES_GET_CONTEXT_SIZE               AesGetContextSize;
   EDKII_CRYPTO_AES_INIT                           AesInit;
-  EDKII_CRYPTO_AES_ECB_ENCRYPT                    AesEcbEncrypt;
-  EDKII_CRYPTO_AES_ECB_DECRYPT                    AesEcbDecrypt;
   EDKII_CRYPTO_AES_CBC_ENCRYPT                    AesCbcEncrypt;
   EDKII_CRYPTO_AES_CBC_DECRYPT                    AesCbcDecrypt;
   /// SM3
-- 
2.21.0.windows.1


^ permalink raw reply related	[flat|nested] 38+ messages in thread

* [PATCH 5/8] CryptoPkg/dec: Add pcds to avoid building the deprecated function
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
                   ` (3 preceding siblings ...)
  2020-03-27  1:56 ` [PATCH 4/8] CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm Gao, Zhichao
@ 2020-03-27  1:56 ` Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 6/8] NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI Gao, Zhichao
                   ` (5 subsequent siblings)
  10 siblings, 0 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  1:56 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Xiaoyu Lu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682

Md5 and SHA1 is not secure any longer but uefi spec need to keep them
for backwards compatibility.
Add two pcds PcdMD5Enable and PcdSHA1Enable to control the function
enablement. Set the default value to false to indicate they are
deprecated.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 CryptoPkg/CryptoPkg.dec | 11 +++++++++++
 CryptoPkg/CryptoPkg.uni | 11 +++++++++++
 2 files changed, 22 insertions(+)

diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
index 4d1a1368a8..4d1750839f 100644
--- a/CryptoPkg/CryptoPkg.dec
+++ b/CryptoPkg/CryptoPkg.dec
@@ -82,5 +82,16 @@
   # @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010
   gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x00000001
 
+  ## Enable/Disable the MD5 algorithm. The MD5 is deprecated but the UEFI spec
+  #  want to keep it for backwards compatibility.
+  # @prompt Enable/Disable MD5 function.
+  gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable|FALSE|BOOLEAN|0x00000003
+
+  ## Enable/Disable the SHA1 algorithm. The SHA1 is deprecated but the UEFI spec
+  #  want to keep it for backwards compatibility. It should be set to TRUE when
+  #  PcdHashApiLibPolicy enable the SHA1.
+  # @prompt Enable/Disable SHA1 function.
+  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable|FALSE|BOOLEAN|0x00000004
+
 [UserExtensions.TianoCore."ExtraFiles"]
   CryptoPkgExtra.uni
diff --git a/CryptoPkg/CryptoPkg.uni b/CryptoPkg/CryptoPkg.uni
index 28459fcafe..8e27ebcd36 100644
--- a/CryptoPkg/CryptoPkg.uni
+++ b/CryptoPkg/CryptoPkg.uni
@@ -30,3 +30,14 @@
 #string STR_gEfiCryptoPkgTokenSpaceGuid_PcdCryptoServiceFamilyEnable_PROMPT  #language en-US "Enable/Disable EDK II Crypto Protocol/PPI services"
 
 #string STR_gEfiCryptoPkgTokenSpaceGuid_PcdCryptoServiceFamilyEnable_HELP  #language en-US "Enable/Disable the families and individual services produced by the EDK II Crypto Protocols/PPIs.  The default is all services disabled.  This Structured PCD is associated with PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure that is defined in Include/Pcd/PcdCryptoServiceFamilyEnable.h."
+
+#string STR_gEfiCryptoPkgTokenSpaceGuid_PcdMD5Enable_PROMPT  #language en-US "Enable/Disable the MD5 algorithm. The MD5 is deprecated but the UEFI spec\n"
+                                                                              "want to keep it for backwards compatibility."
+
+#string STR_gEfiCryptoPkgTokenSpaceGuid_PcdMD5Enable_HELP  #language en-US "Enable/Disable MD5 function."
+
+#string STR_gEfiCryptoPkgTokenSpaceGuid_PcdSHA1Enable_PROMPT  #language en-US "Enable/Disable the SHA1 algorithm. The SHA1 is deprecated but the UEFI spec\n"
+                                                                              "want to keep it for backwards compatibility.It should be set to TRUE when\n"
+                                                                              "PcdHashApiLibPolicy enable the SHA1."
+
+#string STR_gEfiCryptoPkgTokenSpaceGuid_PcdSHA1Enable_HELP  #language en-US "Enable/Disable SHA1 function."
-- 
2.21.0.windows.1


^ permalink raw reply related	[flat|nested] 38+ messages in thread

* [PATCH 6/8] NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
                   ` (4 preceding siblings ...)
  2020-03-27  1:56 ` [PATCH 5/8] CryptoPkg/dec: Add pcds to avoid building the deprecated function Gao, Zhichao
@ 2020-03-27  1:56 ` Gao, Zhichao
  2020-03-27  2:07   ` Siyuan, Fu
  2020-03-30 12:01   ` [edk2-devel] " Maciej Rabeda
  2020-03-27  1:56 ` [PATCH 7/8] Crypto/BaseCryptLib: Using pcd to control MD5 enablement Gao, Zhichao
                   ` (4 subsequent siblings)
  10 siblings, 2 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  1:56 UTC (permalink / raw)
  To: devel; +Cc: Maciej Rabeda, Jiaxin Wu, Siyuan Fu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682

iSCSI driver required the MD5 function. Change the PcdMD5Enable
to TRUE when NETWORK_ISCSI_ENABLE is TURE.

Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 NetworkPkg/NetworkPcds.dsc.inc | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/NetworkPkg/NetworkPcds.dsc.inc b/NetworkPkg/NetworkPcds.dsc.inc
index f874b382ef..7a81f0cb2d 100644
--- a/NetworkPkg/NetworkPcds.dsc.inc
+++ b/NetworkPkg/NetworkPcds.dsc.inc
@@ -5,7 +5,7 @@
 # by using "!include NetworkPkg/NetworkPcds.dsc.inc" to specify PCD settings
 # according to the value of flags described in "NetworkDefines.dsc.inc".
 #
-# Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
 #
 #    SPDX-License-Identifier: BSD-2-Clause-Patent
 #
@@ -14,3 +14,6 @@
 !if $(NETWORK_ALLOW_HTTP_CONNECTIONS) == TRUE
   gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|TRUE
 !endif
+!if $(NETWORK_ISCSI_ENABLE) == TRUE
+  gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable|TRUE
+!endif
-- 
2.21.0.windows.1


^ permalink raw reply related	[flat|nested] 38+ messages in thread

* [PATCH 7/8] Crypto/BaseCryptLib: Using pcd to control MD5 enablement
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
                   ` (5 preceding siblings ...)
  2020-03-27  1:56 ` [PATCH 6/8] NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI Gao, Zhichao
@ 2020-03-27  1:56 ` Gao, Zhichao
  2020-03-27  1:56 ` [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement Gao, Zhichao
                   ` (3 subsequent siblings)
  10 siblings, 0 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  1:56 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Xiaoyu Lu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682

Md5 and SHA1 is not secure any longer but uefi spec need to keep them
for backwards compatibility.
Use pcd PcdMD5Enable to control the MD5 function enablement.
When disable the MD5 functions would not be complied.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 CryptoPkg/Driver/Crypto.c                                | 9 +++++++++
 CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf          | 3 +++
 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c           | 5 ++++-
 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c       | 3 +++
 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c   | 3 +++
 CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf           | 3 +++
 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c        | 3 +++
 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c          | 3 +++
 CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf       | 3 +++
 CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf           | 3 +++
 CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd5Null.c   | 3 +++
 .../Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c     | 3 +++
 CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c   | 5 +++++
 CryptoPkg/Private/Protocol/Crypto.h                      | 7 ++++++-
 14 files changed, 54 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index cc5fd922b7..b53da85bad 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -13,6 +13,7 @@
 #include <Library/TlsLib.h>
 #include <Protocol/Crypto.h>
 #include <Pcd/PcdCryptoServiceFamilyEnable.h>
+#include <Library/PcdLib.h>
 
 /**
   A macro used to retrieve the FixedAtBuild PcdCryptoServiceFamilyEnable with a
@@ -105,6 +106,7 @@ CryptoServiceGetCryptoVersion (
 //    One-Way Cryptographic Hash Primitives
 //=====================================================================================
 
+#if (FixedPcdGetBool (PcdMD5Enable))
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
@@ -262,6 +264,7 @@ CryptoServiceMd5HashAll (
 {
   return CALL_BASECRYPTLIB (Md5.Services.HashAll, Md5HashAll, (Data, DataSize, HashValue), FALSE);
 }
+#endif
 
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
@@ -1021,6 +1024,7 @@ CryptoServiceSm3HashAll (
 //    MAC (Message Authentication Code) Primitive
 //=====================================================================================
 
+#if (FixedPcdGetBool (PcdMD5Enable))
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use.
 
@@ -1171,6 +1175,7 @@ CryptoServiceHmacMd5Final (
 {
   return CALL_BASECRYPTLIB (HmacMd5.Services.Final, HmacMd5Final, (HmacMd5Context, HmacValue), FALSE);
 }
+#endif
 
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
@@ -3806,6 +3811,7 @@ CryptoServiceTlsGetCertRevocationList (
 const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   /// Version
   CryptoServiceGetCryptoVersion,
+#if (FixedPcdGetBool (PcdMD5Enable))
   /// HMAC MD5
   CryptoServiceHmacMd5New,
   CryptoServiceHmacMd5Free,
@@ -3813,6 +3819,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceHmacMd5Duplicate,
   CryptoServiceHmacMd5Update,
   CryptoServiceHmacMd5Final,
+#endif
   /// HMAC SHA1
   CryptoServiceHmacSha1New,
   CryptoServiceHmacSha1Free,
@@ -3827,6 +3834,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceHmacSha256Duplicate,
   CryptoServiceHmacSha256Update,
   CryptoServiceHmacSha256Final,
+#if (FixedPcdGetBool (PcdMD5Enable))
   /// Md5
   CryptoServiceMd5GetContextSize,
   CryptoServiceMd5Init,
@@ -3834,6 +3842,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceMd5Update,
   CryptoServiceMd5Final,
   CryptoServiceMd5HashAll,
+#endif
   /// Pkcs
   CryptoServicePkcs1v2Encrypt,
   CryptoServicePkcs5HashPassword,
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 498e0f75e8..5c65ef5892 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -83,6 +83,9 @@
   IntrinsicLib
   PrintLib
 
+[Pcd]
+  gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
+
 #
 # Remove these [BuildOptions] after this library is cleaned up
 #
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
index 0e0d0ec54d..5af0c03a1c 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c
@@ -1,11 +1,13 @@
 /** @file
   MD5 Digest Wrapper Implementation over OpenSSL.
 
-Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
+#include <Library/PcdLib.h>
+#if (FixedPcdGetBool (PcdMD5Enable))
 #include "InternalCryptLib.h"
 #include <openssl/md5.h>
 
@@ -223,3 +225,4 @@ Md5HashAll (
     return TRUE;
   }
 }
+#endif
diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c
index da46ce09f4..2946e6432b 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c
@@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
+#include <Library/PcdLib.h>
+#if (FixedPcdGetBool (PcdMD5Enable))
 #include "InternalCryptLib.h"
 #include <openssl/hmac.h>
 
@@ -214,3 +216,4 @@ HmacMd5Final (
 
   return TRUE;
 }
+#endif
diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c
index 5de55bf0d5..befd0b4c08 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c
@@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
+#include <Library/PcdLib.h>
+#if (FixedPcdGetBool (PcdMD5Enable))
 #include "InternalCryptLib.h"
 
 /**
@@ -137,3 +139,4 @@ HmacMd5Final (
   ASSERT (FALSE);
   return FALSE;
 }
+#endif
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index f631f8d879..cebc74ccf2 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -76,6 +76,9 @@
   OpensslLib
   IntrinsicLib
 
+[Pcd]
+  gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
+
 #
 # Remove these [BuildOptions] after this library is cleaned up
 #
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
index d24e1fdf68..31b78464d2 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
@@ -13,6 +13,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
 
 #include "InternalCryptLib.h"
+#include <Library/PcdLib.h>
 
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
@@ -291,9 +292,11 @@ RsaPkcs1Verify (
   //   Only MD5, SHA-1, SHA-256, SHA-384 or SHA-512 algorithm is supported.
   //
   switch (HashSize) {
+#if (FixedPcdGetBool (PcdMD5Enable))
   case MD5_DIGEST_SIZE:
     DigestType = NID_md5;
     break;
+#endif
 
   case SHA1_DIGEST_SIZE:
     DigestType = NID_sha1;
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
index 7cd5fecf04..1a50be1d78 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
@@ -13,6 +13,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
 
 #include "InternalCryptLib.h"
+#include <Library/PcdLib.h>
 
 #include <openssl/bn.h>
 #include <openssl/rsa.h>
@@ -329,9 +330,11 @@ RsaPkcs1Sign (
   //   Only MD5, SHA-1, SHA-256, SHA-384 or SHA-512 algorithm is supported.
   //
   switch (HashSize) {
+#if (FixedPcdGetBool (PcdMD5Enable))
   case MD5_DIGEST_SIZE:
     DigestType = NID_md5;
     break;
+#endif
 
   case SHA1_DIGEST_SIZE:
     DigestType = NID_sha1;
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index 3b664ae30a..72d4cd03ab 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -88,6 +88,9 @@
   IntrinsicLib
   PrintLib
 
+[Pcd]
+  gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
+
 #
 # Remove these [BuildOptions] after this library is cleaned up
 #
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index cc3556ae3f..21f104c916 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -87,6 +87,9 @@
   IntrinsicLib
   PrintLib
 
+[Pcd]
+  gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
+
 #
 # Remove these [BuildOptions] after this library is cleaned up
 #
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd5Null.c b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd5Null.c
index 34c539fe3a..cbf863b1f8 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd5Null.c
+++ b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd5Null.c
@@ -7,6 +7,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
+#include <Library/PcdLib.h>
+#if (FixedPcdGetBool (PcdMD5Enable))
 #include "InternalCryptLib.h"
 
 
@@ -163,3 +165,4 @@ Md5HashAll(
   ASSERT(FALSE);
   return FALSE;
 }
+#endif
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c
index 5de55bf0d5..befd0b4c08 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c
+++ b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c
@@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
+#include <Library/PcdLib.h>
+#if (FixedPcdGetBool (PcdMD5Enable))
 #include "InternalCryptLib.h"
 
 /**
@@ -137,3 +139,4 @@ HmacMd5Final (
   ASSERT (FALSE);
   return FALSE;
 }
+#endif
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index c937f8540d..cba1e4c8bf 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -14,6 +14,7 @@
 #include <Library/BaseCryptLib.h>
 #include <Library/TlsLib.h>
 #include <Protocol/Crypto.h>
+#include <Library/PcdLib.h>
 
 /**
   A macro used to call a non-void service in an EDK II Crypto Protocol.
@@ -99,6 +100,7 @@ CryptoServiceNotAvailable (
 //    One-Way Cryptographic Hash Primitives
 //=====================================================================================
 
+#if (FixedPcdGetBool (PcdMD5Enable))
 /**
   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.
 
@@ -256,6 +258,7 @@ Md5HashAll (
 {
   CALL_CRYPTO_SERVICE (Md5HashAll, (Data, DataSize, HashValue), FALSE);
 }
+#endif
 
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
@@ -1015,6 +1018,7 @@ Sm3HashAll (
 //    MAC (Message Authentication Code) Primitive
 //=====================================================================================
 
+#if (FixedPcdGetBool (PcdMD5Enable))
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use.
 
@@ -1165,6 +1169,7 @@ HmacMd5Final (
 {
   CALL_CRYPTO_SERVICE (HmacMd5Final, (HmacMd5Context, HmacValue), FALSE);
 }
+#endif
 
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index 2c46a91eb6..527318dc23 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -43,6 +43,7 @@ UINTN
 //=====================================================================================
 //    MAC (Message Authentication Code) Primitive
 //=====================================================================================
+#if (FixedPcdGetBool (PcdMD5Enable))
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use.
 
@@ -176,7 +177,7 @@ BOOLEAN
   IN OUT  VOID   *HmacMd5Context,
   OUT     UINT8  *HmacValue
   );
-
+#endif
 
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
@@ -3443,6 +3444,7 @@ EFI_STATUS
 struct _EDKII_CRYPTO_PROTOCOL {
   /// Version
   EDKII_CRYPTO_GET_VERSION                        GetVersion;
+#if (FixedPcdGetBool (PcdMD5Enable))
   /// HMAC MD5
   EDKII_CRYPTO_HMAC_MD5_NEW                       HmacMd5New;
   EDKII_CRYPTO_HMAC_MD5_FREE                      HmacMd5Free;
@@ -3450,6 +3452,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_HMAC_MD5_DUPLICATE                 HmacMd5Duplicate;
   EDKII_CRYPTO_HMAC_MD5_UPDATE                    HmacMd5Update;
   EDKII_CRYPTO_HMAC_MD5_FINAL                     HmacMd5Final;
+#endif
   /// HMAC SHA1
   EDKII_CRYPTO_HMAC_SHA1_NEW                      HmacSha1New;
   EDKII_CRYPTO_HMAC_SHA1_FREE                     HmacSha1Free;
@@ -3464,6 +3467,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_HMAC_SHA256_DUPLICATE              HmacSha256Duplicate;
   EDKII_CRYPTO_HMAC_SHA256_UPDATE                 HmacSha256Update;
   EDKII_CRYPTO_HMAC_SHA256_FINAL                  HmacSha256Final;
+#if (FixedPcdGetBool (PcdMD5Enable))
   /// Md5
   EDKII_CRYPTO_MD5_GET_CONTEXT_SIZE               Md5GetContextSize;
   EDKII_CRYPTO_MD5_INIT                           Md5Init;
@@ -3471,6 +3475,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_MD5_UPDATE                         Md5Update;
   EDKII_CRYPTO_MD5_FINAL                          Md5Final;
   EDKII_CRYPTO_MD5_HASH_ALL                       Md5HashAll;
+#endif
   /// Pkcs
   EDKII_CRYPTO_PKCS1_ENCRYPT_V2                   Pkcs1v2Encrypt;
   EDKII_CRYPTO_PKCS5_PW_HASH                      Pkcs5HashPassword;
-- 
2.21.0.windows.1


^ permalink raw reply related	[flat|nested] 38+ messages in thread

* [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
                   ` (6 preceding siblings ...)
  2020-03-27  1:56 ` [PATCH 7/8] Crypto/BaseCryptLib: Using pcd to control MD5 enablement Gao, Zhichao
@ 2020-03-27  1:56 ` Gao, Zhichao
  2020-03-27  2:04   ` [edk2-devel] " Michael D Kinney
  2020-03-27  2:01 ` [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function Yao, Jiewen
                   ` (2 subsequent siblings)
  10 siblings, 1 reply; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  1:56 UTC (permalink / raw)
  To: devel; +Cc: Jian J Wang, Xiaoyu Lu

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682

Md5 and SHA1 is not secure any longer but uefi spec need to keep them
for backwards compatibility.
Use pcd PcdSHA1Enable to control the SHA1 function enablement.
When disable the SHA1 functions would not be complied.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 CryptoPkg/Driver/Crypto.c                            |  8 ++++++++
 CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf      |  1 +
 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c  |  3 +++
 .../Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c    |  3 +++
 CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf       |  1 +
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c |  3 +++
 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c    |  2 ++
 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c      |  2 ++
 CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf   |  1 +
 CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf       |  1 +
 .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c        |  4 +++-
 .../Library/BaseCryptLibOnProtocolPpi/CryptLib.c     |  4 ++++
 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c    | 12 ++++++++++++
 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf  |  1 +
 CryptoPkg/Private/Protocol/Crypto.h                  |  9 ++++++++-
 15 files changed, 53 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index b53da85bad..f7902205b3 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -266,6 +266,7 @@ CryptoServiceMd5HashAll (
 }
 #endif
 
+#if (FixedPcdGetBool (PcdSHA1Enable))
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
 
@@ -423,6 +424,7 @@ CryptoServiceSha1HashAll (
 {
   return CALL_BASECRYPTLIB (Sha1.Services.HashAll, Sha1HashAll, (Data, DataSize, HashValue), FALSE);
 }
+#endif
 
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-256 hash operations.
@@ -1177,6 +1179,7 @@ CryptoServiceHmacMd5Final (
 }
 #endif
 
+#if (FixedPcdGetBool (PcdSHA1Enable))
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
 
@@ -1327,6 +1330,7 @@ CryptoServiceHmacSha1Final (
 {
   return CALL_BASECRYPTLIB (HmacSha1.Services.Final, HmacSha1Final, (HmacSha1Context, HmacValue), FALSE);
 }
+#endif
 
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.
@@ -3820,6 +3824,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceHmacMd5Update,
   CryptoServiceHmacMd5Final,
 #endif
+#if (FixedPcdGetBool (PcdSHA1Enable))
   /// HMAC SHA1
   CryptoServiceHmacSha1New,
   CryptoServiceHmacSha1Free,
@@ -3827,6 +3832,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceHmacSha1Duplicate,
   CryptoServiceHmacSha1Update,
   CryptoServiceHmacSha1Final,
+#endif
   /// HMAC SHA256
   CryptoServiceHmacSha256New,
   CryptoServiceHmacSha256Free,
@@ -3877,6 +3883,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceRsaPkcs1Verify,
   CryptoServiceRsaGetPrivateKeyFromPem,
   CryptoServiceRsaGetPublicKeyFromX509,
+#if (FixedPcdGetBool (PcdSHA1Enable))
   /// Sha1
   CryptoServiceSha1GetContextSize,
   CryptoServiceSha1Init,
@@ -3884,6 +3891,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceSha1Update,
   CryptoServiceSha1Final,
   CryptoServiceSha1HashAll,
+#endif
   /// Sha256
   CryptoServiceSha256GetContextSize,
   CryptoServiceSha256Init,
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 5c65ef5892..9ffd98096c 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -85,6 +85,7 @@
 
 [Pcd]
   gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
+  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
 
 #
 # Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
index 7593ca55b1..baba6b267c 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
@@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
+#include <Library/PcdLib.h>
+#if (FixedPcdGetBool (PcdSHA1Enable))
 #include "InternalCryptLib.h"
 #include <openssl/hmac.h>
 
@@ -214,3 +216,4 @@ HmacSha1Final (
 
   return TRUE;
 }
+#endif
diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
index e8c0f341b7..1314fa1a77 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
@@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
 
+#include <Library/PcdLib.h>
+#if (FixedPcdGetBool (PcdSHA1Enable))
 #include "InternalCryptLib.h"
 
 /**
@@ -137,3 +139,4 @@ HmacSha1Final (
   ASSERT (FALSE);
   return FALSE;
 }
+#endif
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index cebc74ccf2..b40e76f243 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -78,6 +78,7 @@
 
 [Pcd]
   gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
+  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
 
 #
 # Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
index a89c1525c1..15e6bc2cb4 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
@@ -7,6 +7,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 **/
 
 #include "InternalCryptLib.h"
+#include <Library/PcdLib.h>
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
 
@@ -68,9 +69,11 @@ Pkcs5HashPassword (
   // Make sure the digest algorithm is supported.
   //
   switch (DigestSize) {
+#if (FixedPcdGetBool (PcdSHA1Enable))
   case SHA1_DIGEST_SIZE:
     HashAlg = EVP_sha1();
     break;
+#endif
   case SHA256_DIGEST_SIZE:
     HashAlg = EVP_sha256();
     break;
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
index 31b78464d2..549ee1b933 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
@@ -298,9 +298,11 @@ RsaPkcs1Verify (
     break;
 #endif
 
+#if (FixedPcdGetBool (PcdSHA1Enable))
   case SHA1_DIGEST_SIZE:
     DigestType = NID_sha1;
     break;
+#endif
 
   case SHA256_DIGEST_SIZE:
     DigestType = NID_sha256;
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
index 1a50be1d78..60605e3486 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
@@ -336,9 +336,11 @@ RsaPkcs1Sign (
     break;
 #endif
 
+#if (FixedPcdGetBool (PcdSHA1Enable))
   case SHA1_DIGEST_SIZE:
     DigestType = NID_sha1;
     break;
+#endif
 
   case SHA256_DIGEST_SIZE:
     DigestType = NID_sha256;
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index 72d4cd03ab..b6c0be70f2 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -90,6 +90,7 @@
 
 [Pcd]
   gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
+  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
 
 #
 # Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index 21f104c916..7f678eee93 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -89,6 +89,7 @@
 
 [Pcd]
   gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
+  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
 
 #
 # Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c
index e8c0f341b7..3aac798188 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c
+++ b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c
@@ -5,7 +5,8 @@ Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
 
 **/
-
+#include <Library/PcdLib.h>
+#if (FixedPcdGetBool (PcdSHA1Enable))
 #include "InternalCryptLib.h"
 
 /**
@@ -137,3 +138,4 @@ HmacSha1Final (
   ASSERT (FALSE);
   return FALSE;
 }
+#endif
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index cba1e4c8bf..8429fefc0b 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -260,6 +260,7 @@ Md5HashAll (
 }
 #endif
 
+#if (FixedPcdGetBool (PcdSHA1Enable))
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
 
@@ -417,6 +418,7 @@ Sha1HashAll (
 {
   CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize, HashValue), FALSE);
 }
+#endif
 
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-256 hash operations.
@@ -1171,6 +1173,7 @@ HmacMd5Final (
 }
 #endif
 
+#if (FixedPcdGetBool (PcdSHA1Enable))
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
 
@@ -1321,6 +1324,7 @@ HmacSha1Final (
 {
   CALL_CRYPTO_SERVICE (HmacSha1Final, (HmacSha1Context, HmacValue), FALSE);
 }
+#endif
 
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.
diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
index f9796b2158..754d75aeb2 100644
--- a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
+++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
@@ -33,9 +33,11 @@ HashApiGetContextSize (
   )
 {
   switch (PcdGet32 (PcdHashApiLibPolicy)) {
+#if (FixedPcdGetBool (PcdSHA1Enable))
     case HASH_ALG_SHA1:
       return Sha1GetContextSize ();
       break;
+#endif
 
     case HASH_ALG_SHA256:
       return Sha256GetContextSize ();
@@ -75,9 +77,11 @@ HashApiInit (
   )
 {
   switch (PcdGet32 (PcdHashApiLibPolicy)) {
+#if (FixedPcdGetBool (PcdSHA1Enable))
     case HASH_ALG_SHA1:
       return Sha1Init (HashContext);
       break;
+#endif
 
     case HASH_ALG_SHA256:
       return Sha256Init (HashContext);
@@ -119,9 +123,11 @@ HashApiDuplicate (
   )
 {
   switch (PcdGet32 (PcdHashApiLibPolicy)) {
+#if (FixedPcdGetBool (PcdSHA1Enable))
     case HASH_ALG_SHA1:
       return Sha1Duplicate (HashContext, NewHashContext);
       break;
+#endif
 
     case HASH_ALG_SHA256:
       return Sha256Duplicate (HashContext, NewHashContext);
@@ -165,9 +171,11 @@ HashApiUpdate (
   )
 {
   switch (PcdGet32 (PcdHashApiLibPolicy)) {
+#if (FixedPcdGetBool (PcdSHA1Enable))
     case HASH_ALG_SHA1:
       return Sha1Update (HashContext, DataToHash, DataToHashLen);
       break;
+#endif
 
     case HASH_ALG_SHA256:
       return Sha256Update (HashContext, DataToHash, DataToHashLen);
@@ -209,9 +217,11 @@ HashApiFinal (
   )
 {
   switch (PcdGet32 (PcdHashApiLibPolicy)) {
+#if (FixedPcdGetBool (PcdSHA1Enable))
     case HASH_ALG_SHA1:
       return Sha1Final (HashContext, Digest);
       break;
+#endif
 
     case HASH_ALG_SHA256:
       return Sha256Final (HashContext, Digest);
@@ -255,9 +265,11 @@ HashApiHashAll (
   )
 {
   switch (PcdGet32 (PcdHashApiLibPolicy)) {
+#if (FixedPcdGetBool (PcdSHA1Enable))
     case HASH_ALG_SHA1:
       return Sha1HashAll (DataToHash, DataToHashLen, Digest);
       break;
+#endif
 
     case HASH_ALG_SHA256:
       return Sha256HashAll (DataToHash, DataToHashLen, Digest);
diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
index b4d8675ddd..29f7d7abfd 100644
--- a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
+++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
@@ -42,3 +42,4 @@
 
 [Pcd]
   gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy    ## CONSUMES
+  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable          ## CONSUMES
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index 527318dc23..3f8c5751a7 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -179,6 +179,7 @@ BOOLEAN
   );
 #endif
 
+#if (FixedPcdGetBool (PcdSHA1Enable))
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
 
@@ -315,7 +316,7 @@ BOOLEAN
   IN OUT  VOID   *HmacSha1Context,
   OUT     UINT8  *HmacValue
   );
-
+#endif
 
 /**
   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.
@@ -1537,6 +1538,7 @@ BOOLEAN
 // SHA
 //----------------------------------------
 
+#if (FixedPcdGetBool (PcdSHA1Enable))
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-1 hash operations.
 
@@ -1676,6 +1678,7 @@ BOOLEAN
   IN   UINTN       DataSize,
   OUT  UINT8       *HashValue
   );
+#endif
 
 /**
   Retrieves the size, in bytes, of the context buffer required for SHA-256 hash operations.
@@ -3453,6 +3456,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_HMAC_MD5_UPDATE                    HmacMd5Update;
   EDKII_CRYPTO_HMAC_MD5_FINAL                     HmacMd5Final;
 #endif
+#if (FixedPcdGetBool (PcdSHA1Enable))
   /// HMAC SHA1
   EDKII_CRYPTO_HMAC_SHA1_NEW                      HmacSha1New;
   EDKII_CRYPTO_HMAC_SHA1_FREE                     HmacSha1Free;
@@ -3460,6 +3464,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_HMAC_SHA1_DUPLICATE                HmacSha1Duplicate;
   EDKII_CRYPTO_HMAC_SHA1_UPDATE                   HmacSha1Update;
   EDKII_CRYPTO_HMAC_SHA1_FINAL                    HmacSha1Final;
+#endif
   /// HMAC SHA256
   EDKII_CRYPTO_HMAC_SHA256_NEW                    HmacSha256New;
   EDKII_CRYPTO_HMAC_SHA256_FREE                   HmacSha256Free;
@@ -3510,6 +3515,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_RSA_PKCS1_VERIFY                   RsaPkcs1Verify;
   EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM       RsaGetPrivateKeyFromPem;
   EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509       RsaGetPublicKeyFromX509;
+#if (FixedPcdGetBool (PcdSHA1Enable))
   /// Sha1
   EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE              Sha1GetContextSize;
   EDKII_CRYPTO_SHA1_INIT                          Sha1Init;
@@ -3517,6 +3523,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_SHA1_UPDATE                        Sha1Update;
   EDKII_CRYPTO_SHA1_FINAL                         Sha1Final;
   EDKII_CRYPTO_SHA1_HASH_ALL                      Sha1HashAll;
+#endif
   /// Sha256
   EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE            Sha256GetContextSize;
   EDKII_CRYPTO_SHA256_INIT                        Sha256Init;
-- 
2.21.0.windows.1


^ permalink raw reply related	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
                   ` (7 preceding siblings ...)
  2020-03-27  1:56 ` [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement Gao, Zhichao
@ 2020-03-27  2:01 ` Yao, Jiewen
  2020-03-27  2:43   ` Gao, Zhichao
       [not found] ` <160006BBBC4857E5.7267@groups.io>
  2020-03-27  2:47 ` Siyuan, Fu
  10 siblings, 1 reply; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-27  2:01 UTC (permalink / raw)
  To: devel@edk2.groups.io, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin, Fu, Siyuan

Good feature.

I believe TPM1.2 still uses SHA1. It should be added as well.




> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gao,
> Zhichao
> Sent: Friday, March 27, 2020 9:56 AM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> 
> MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> They are all deprecated. Edk2 would not support them any longer.
> So remove them.
> But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> default value to false to indicate they are deprecated.
> 
> NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> the md5 pcd to TURE when iSCSI is enabled.
> 
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Siyuan Fu <siyuan.fu@intel.com>
> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> 
> Zhichao Gao (8):
>   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
>   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
>   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
>   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
>   CryptoPkg/dec: Add pcds to avoid building the deprecated function
>   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
>   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
>   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> 
>  CryptoPkg/CryptoPkg.dec                       |  11 +
>  CryptoPkg/CryptoPkg.uni                       |  11 +
>  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
>  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
>  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
>  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
>  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
>  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
>  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
>  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
>  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
>  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
>  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
>  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
>  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
>  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
>  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
>  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
>  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
>  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
>  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
>  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
>  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
>  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
>  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
>  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
>  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
>  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
>  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
>  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
>  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
>  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
>  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
>  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
>  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
>  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
>  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
>  37 files changed, 145 insertions(+), 4221 deletions(-)
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> 
> --
> 2.21.0.windows.1
> 
> 
> 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
  2020-03-27  1:56 ` [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement Gao, Zhichao
@ 2020-03-27  2:04   ` Michael D Kinney
  2020-03-27  2:44     ` Gao, Zhichao
  0 siblings, 1 reply; 38+ messages in thread
From: Michael D Kinney @ 2020-03-27  2:04 UTC (permalink / raw)
  To: devel@edk2.groups.io, Gao, Zhichao, Kinney, Michael D
  Cc: Wang, Jian J, Lu, XiaoyuX

We should not use #if statements in C code.

Also, we should not be changing the layout of the 
structure based on a PCD feature flag.

I agree we need to ability to disable the use of some
Crypto services, but we need to decide what behavior
we want at build time and boot time if there is code
that uses a disabled service.  

Mike


> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On
> Behalf Of Gao, Zhichao
> Sent: Thursday, March 26, 2020 6:56 PM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>
> Subject: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib:
> Use Pcd to control the SHA1 enablement
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> 
> Md5 and SHA1 is not secure any longer but uefi spec need
> to keep them
> for backwards compatibility.
> Use pcd PcdSHA1Enable to control the SHA1 function
> enablement.
> When disable the SHA1 functions would not be complied.
> 
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> ---
>  CryptoPkg/Driver/Crypto.c                            |
> 8 ++++++++
>  CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf      |
> 1 +
>  CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c  |
> 3 +++
>  .../Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c    |
> 3 +++
>  CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf       |
> 1 +
>  CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c |
> 3 +++
>  CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c    |
> 2 ++
>  CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c      |
> 2 ++
>  CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf   |
> 1 +
>  CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf       |
> 1 +
>  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c        |
> 4 +++-
>  .../Library/BaseCryptLibOnProtocolPpi/CryptLib.c     |
> 4 ++++
>  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c    |
> 12 ++++++++++++
>  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf  |
> 1 +
>  CryptoPkg/Private/Protocol/Crypto.h                  |
> 9 ++++++++-
>  15 files changed, 53 insertions(+), 2 deletions(-)
> 
> diff --git a/CryptoPkg/Driver/Crypto.c
> b/CryptoPkg/Driver/Crypto.c
> index b53da85bad..f7902205b3 100644
> --- a/CryptoPkg/Driver/Crypto.c
> +++ b/CryptoPkg/Driver/Crypto.c
> @@ -266,6 +266,7 @@ CryptoServiceMd5HashAll (
>  }
>  #endif
> 
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>  /**
>    Retrieves the size, in bytes, of the context buffer
> required for SHA-1 hash operations.
> 
> @@ -423,6 +424,7 @@ CryptoServiceSha1HashAll (
>  {
>    return CALL_BASECRYPTLIB (Sha1.Services.HashAll,
> Sha1HashAll, (Data, DataSize, HashValue), FALSE);
>  }
> +#endif
> 
>  /**
>    Retrieves the size, in bytes, of the context buffer
> required for SHA-256 hash operations.
> @@ -1177,6 +1179,7 @@ CryptoServiceHmacMd5Final (
>  }
>  #endif
> 
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>  /**
>    Allocates and initializes one HMAC_CTX context for
> subsequent HMAC-SHA1 use.
> 
> @@ -1327,6 +1330,7 @@ CryptoServiceHmacSha1Final (
>  {
>    return CALL_BASECRYPTLIB (HmacSha1.Services.Final,
> HmacSha1Final, (HmacSha1Context, HmacValue), FALSE);
>  }
> +#endif
> 
>  /**
>    Allocates and initializes one HMAC_CTX context for
> subsequent HMAC-SHA256 use.
> @@ -3820,6 +3824,7 @@ const EDKII_CRYPTO_PROTOCOL
> mEdkiiCrypto = {
>    CryptoServiceHmacMd5Update,
>    CryptoServiceHmacMd5Final,
>  #endif
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>    /// HMAC SHA1
>    CryptoServiceHmacSha1New,
>    CryptoServiceHmacSha1Free,
> @@ -3827,6 +3832,7 @@ const EDKII_CRYPTO_PROTOCOL
> mEdkiiCrypto = {
>    CryptoServiceHmacSha1Duplicate,
>    CryptoServiceHmacSha1Update,
>    CryptoServiceHmacSha1Final,
> +#endif
>    /// HMAC SHA256
>    CryptoServiceHmacSha256New,
>    CryptoServiceHmacSha256Free,
> @@ -3877,6 +3883,7 @@ const EDKII_CRYPTO_PROTOCOL
> mEdkiiCrypto = {
>    CryptoServiceRsaPkcs1Verify,
>    CryptoServiceRsaGetPrivateKeyFromPem,
>    CryptoServiceRsaGetPublicKeyFromX509,
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>    /// Sha1
>    CryptoServiceSha1GetContextSize,
>    CryptoServiceSha1Init,
> @@ -3884,6 +3891,7 @@ const EDKII_CRYPTO_PROTOCOL
> mEdkiiCrypto = {
>    CryptoServiceSha1Update,
>    CryptoServiceSha1Final,
>    CryptoServiceSha1HashAll,
> +#endif
>    /// Sha256
>    CryptoServiceSha256GetContextSize,
>    CryptoServiceSha256Init,
> diff --git
> a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> index 5c65ef5892..9ffd98096c 100644
> --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> @@ -85,6 +85,7 @@
> 
>  [Pcd]
>    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> 
>  #
>  # Remove these [BuildOptions] after this library is
> cleaned up
> diff --git
> a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> index 7593ca55b1..baba6b267c 100644
> --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> @@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-
> Patent
> 
>  **/
> 
> +#include <Library/PcdLib.h>
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>  #include "InternalCryptLib.h"
>  #include <openssl/hmac.h>
> 
> @@ -214,3 +216,4 @@ HmacSha1Final (
> 
>    return TRUE;
>  }
> +#endif
> diff --git
> a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> index e8c0f341b7..1314fa1a77 100644
> ---
> a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> +++
> b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> @@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-
> Patent
> 
>  **/
> 
> +#include <Library/PcdLib.h>
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>  #include "InternalCryptLib.h"
> 
>  /**
> @@ -137,3 +139,4 @@ HmacSha1Final (
>    ASSERT (FALSE);
>    return FALSE;
>  }
> +#endif
> diff --git
> a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> index cebc74ccf2..b40e76f243 100644
> --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> @@ -78,6 +78,7 @@
> 
>  [Pcd]
>    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> 
>  #
>  # Remove these [BuildOptions] after this library is
> cleaned up
> diff --git
> a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> index a89c1525c1..15e6bc2cb4 100644
> ---
> a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> +++
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> @@ -7,6 +7,7 @@ SPDX-License-Identifier: BSD-2-Clause-
> Patent
>  **/
> 
>  #include "InternalCryptLib.h"
> +#include <Library/PcdLib.h>
>  #include <openssl/evp.h>
>  #include <openssl/hmac.h>
> 
> @@ -68,9 +69,11 @@ Pkcs5HashPassword (
>    // Make sure the digest algorithm is supported.
>    //
>    switch (DigestSize) {
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>    case SHA1_DIGEST_SIZE:
>      HashAlg = EVP_sha1();
>      break;
> +#endif
>    case SHA256_DIGEST_SIZE:
>      HashAlg = EVP_sha256();
>      break;
> diff --git
> a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> index 31b78464d2..549ee1b933 100644
> --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> @@ -298,9 +298,11 @@ RsaPkcs1Verify (
>      break;
>  #endif
> 
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>    case SHA1_DIGEST_SIZE:
>      DigestType = NID_sha1;
>      break;
> +#endif
> 
>    case SHA256_DIGEST_SIZE:
>      DigestType = NID_sha256;
> diff --git
> a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> index 1a50be1d78..60605e3486 100644
> --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> @@ -336,9 +336,11 @@ RsaPkcs1Sign (
>      break;
>  #endif
> 
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>    case SHA1_DIGEST_SIZE:
>      DigestType = NID_sha1;
>      break;
> +#endif
> 
>    case SHA256_DIGEST_SIZE:
>      DigestType = NID_sha256;
> diff --git
> a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> index 72d4cd03ab..b6c0be70f2 100644
> --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> @@ -90,6 +90,7 @@
> 
>  [Pcd]
>    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> 
>  #
>  # Remove these [BuildOptions] after this library is
> cleaned up
> diff --git
> a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> index 21f104c916..7f678eee93 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> @@ -89,6 +89,7 @@
> 
>  [Pcd]
>    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> 
>  #
>  # Remove these [BuildOptions] after this library is
> cleaned up
> diff --git
> a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> ll.c
> b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> ll.c
> index e8c0f341b7..3aac798188 100644
> ---
> a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> ll.c
> +++
> b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> ll.c
> @@ -5,7 +5,8 @@ Copyright (c) 2012 - 2020, Intel
> Corporation. All rights reserved.<BR>
>  SPDX-License-Identifier: BSD-2-Clause-Patent
> 
>  **/
> -
> +#include <Library/PcdLib.h>
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>  #include "InternalCryptLib.h"
> 
>  /**
> @@ -137,3 +138,4 @@ HmacSha1Final (
>    ASSERT (FALSE);
>    return FALSE;
>  }
> +#endif
> diff --git
> a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> index cba1e4c8bf..8429fefc0b 100644
> ---
> a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> +++
> b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> @@ -260,6 +260,7 @@ Md5HashAll (
>  }
>  #endif
> 
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>  /**
>    Retrieves the size, in bytes, of the context buffer
> required for SHA-1 hash operations.
> 
> @@ -417,6 +418,7 @@ Sha1HashAll (
>  {
>    CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize,
> HashValue), FALSE);
>  }
> +#endif
> 
>  /**
>    Retrieves the size, in bytes, of the context buffer
> required for SHA-256 hash operations.
> @@ -1171,6 +1173,7 @@ HmacMd5Final (
>  }
>  #endif
> 
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>  /**
>    Allocates and initializes one HMAC_CTX context for
> subsequent HMAC-SHA1 use.
> 
> @@ -1321,6 +1324,7 @@ HmacSha1Final (
>  {
>    CALL_CRYPTO_SERVICE (HmacSha1Final, (HmacSha1Context,
> HmacValue), FALSE);
>  }
> +#endif
> 
>  /**
>    Allocates and initializes one HMAC_CTX context for
> subsequent HMAC-SHA256 use.
> diff --git
> a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> index f9796b2158..754d75aeb2 100644
> --- a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> +++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> @@ -33,9 +33,11 @@ HashApiGetContextSize (
>    )
>  {
>    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>      case HASH_ALG_SHA1:
>        return Sha1GetContextSize ();
>        break;
> +#endif
> 
>      case HASH_ALG_SHA256:
>        return Sha256GetContextSize ();
> @@ -75,9 +77,11 @@ HashApiInit (
>    )
>  {
>    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>      case HASH_ALG_SHA1:
>        return Sha1Init (HashContext);
>        break;
> +#endif
> 
>      case HASH_ALG_SHA256:
>        return Sha256Init (HashContext);
> @@ -119,9 +123,11 @@ HashApiDuplicate (
>    )
>  {
>    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>      case HASH_ALG_SHA1:
>        return Sha1Duplicate (HashContext,
> NewHashContext);
>        break;
> +#endif
> 
>      case HASH_ALG_SHA256:
>        return Sha256Duplicate (HashContext,
> NewHashContext);
> @@ -165,9 +171,11 @@ HashApiUpdate (
>    )
>  {
>    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>      case HASH_ALG_SHA1:
>        return Sha1Update (HashContext, DataToHash,
> DataToHashLen);
>        break;
> +#endif
> 
>      case HASH_ALG_SHA256:
>        return Sha256Update (HashContext, DataToHash,
> DataToHashLen);
> @@ -209,9 +217,11 @@ HashApiFinal (
>    )
>  {
>    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>      case HASH_ALG_SHA1:
>        return Sha1Final (HashContext, Digest);
>        break;
> +#endif
> 
>      case HASH_ALG_SHA256:
>        return Sha256Final (HashContext, Digest);
> @@ -255,9 +265,11 @@ HashApiHashAll (
>    )
>  {
>    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>      case HASH_ALG_SHA1:
>        return Sha1HashAll (DataToHash, DataToHashLen,
> Digest);
>        break;
> +#endif
> 
>      case HASH_ALG_SHA256:
>        return Sha256HashAll (DataToHash, DataToHashLen,
> Digest);
> diff --git
> a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> index b4d8675ddd..29f7d7abfd 100644
> --- a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> +++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> @@ -42,3 +42,4 @@
> 
>  [Pcd]
>    gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy    ##
> CONSUMES
> +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable          ##
> CONSUMES
> diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> b/CryptoPkg/Private/Protocol/Crypto.h
> index 527318dc23..3f8c5751a7 100644
> --- a/CryptoPkg/Private/Protocol/Crypto.h
> +++ b/CryptoPkg/Private/Protocol/Crypto.h
> @@ -179,6 +179,7 @@ BOOLEAN
>    );
>  #endif
> 
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>  /**
>    Allocates and initializes one HMAC_CTX context for
> subsequent HMAC-SHA1 use.
> 
> @@ -315,7 +316,7 @@ BOOLEAN
>    IN OUT  VOID   *HmacSha1Context,
>    OUT     UINT8  *HmacValue
>    );
> -
> +#endif
> 
>  /**
>    Allocates and initializes one HMAC_CTX context for
> subsequent HMAC-SHA256 use.
> @@ -1537,6 +1538,7 @@ BOOLEAN
>  // SHA
>  //----------------------------------------
> 
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>  /**
>    Retrieves the size, in bytes, of the context buffer
> required for SHA-1 hash operations.
> 
> @@ -1676,6 +1678,7 @@ BOOLEAN
>    IN   UINTN       DataSize,
>    OUT  UINT8       *HashValue
>    );
> +#endif
> 
>  /**
>    Retrieves the size, in bytes, of the context buffer
> required for SHA-256 hash operations.
> @@ -3453,6 +3456,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
>    EDKII_CRYPTO_HMAC_MD5_UPDATE
> HmacMd5Update;
>    EDKII_CRYPTO_HMAC_MD5_FINAL
> HmacMd5Final;
>  #endif
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>    /// HMAC SHA1
>    EDKII_CRYPTO_HMAC_SHA1_NEW
> HmacSha1New;
>    EDKII_CRYPTO_HMAC_SHA1_FREE
> HmacSha1Free;
> @@ -3460,6 +3464,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
>    EDKII_CRYPTO_HMAC_SHA1_DUPLICATE
> HmacSha1Duplicate;
>    EDKII_CRYPTO_HMAC_SHA1_UPDATE
> HmacSha1Update;
>    EDKII_CRYPTO_HMAC_SHA1_FINAL
> HmacSha1Final;
> +#endif
>    /// HMAC SHA256
>    EDKII_CRYPTO_HMAC_SHA256_NEW
> HmacSha256New;
>    EDKII_CRYPTO_HMAC_SHA256_FREE
> HmacSha256Free;
> @@ -3510,6 +3515,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
>    EDKII_CRYPTO_RSA_PKCS1_VERIFY
> RsaPkcs1Verify;
>    EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM
> RsaGetPrivateKeyFromPem;
>    EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509
> RsaGetPublicKeyFromX509;
> +#if (FixedPcdGetBool (PcdSHA1Enable))
>    /// Sha1
>    EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE
> Sha1GetContextSize;
>    EDKII_CRYPTO_SHA1_INIT
> Sha1Init;
> @@ -3517,6 +3523,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
>    EDKII_CRYPTO_SHA1_UPDATE
> Sha1Update;
>    EDKII_CRYPTO_SHA1_FINAL
> Sha1Final;
>    EDKII_CRYPTO_SHA1_HASH_ALL
> Sha1HashAll;
> +#endif
>    /// Sha256
>    EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE
> Sha256GetContextSize;
>    EDKII_CRYPTO_SHA256_INIT
> Sha256Init;
> --
> 2.21.0.windows.1
> 
> 
> 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [PATCH 6/8] NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
  2020-03-27  1:56 ` [PATCH 6/8] NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI Gao, Zhichao
@ 2020-03-27  2:07   ` Siyuan, Fu
  2020-03-30 12:01   ` [edk2-devel] " Maciej Rabeda
  1 sibling, 0 replies; 38+ messages in thread
From: Siyuan, Fu @ 2020-03-27  2:07 UTC (permalink / raw)
  To: Gao, Zhichao, devel@edk2.groups.io; +Cc: Maciej Rabeda, Wu, Jiaxin

Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>

> -----Original Message-----
> From: Gao, Zhichao <zhichao.gao@intel.com>
> Sent: 2020年3月27日 9:56
> To: devel@edk2.groups.io
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: [PATCH 6/8] NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> 
> iSCSI driver required the MD5 function. Change the PcdMD5Enable
> to TRUE when NETWORK_ISCSI_ENABLE is TURE.
> 
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Siyuan Fu <siyuan.fu@intel.com>
> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> ---
>  NetworkPkg/NetworkPcds.dsc.inc | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/NetworkPkg/NetworkPcds.dsc.inc
> b/NetworkPkg/NetworkPcds.dsc.inc
> index f874b382ef..7a81f0cb2d 100644
> --- a/NetworkPkg/NetworkPcds.dsc.inc
> +++ b/NetworkPkg/NetworkPcds.dsc.inc
> @@ -5,7 +5,7 @@
>  # by using "!include NetworkPkg/NetworkPcds.dsc.inc" to specify PCD settings
>  # according to the value of flags described in "NetworkDefines.dsc.inc".
>  #
> -# Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
>  #
>  #    SPDX-License-Identifier: BSD-2-Clause-Patent
>  #
> @@ -14,3 +14,6 @@
>  !if $(NETWORK_ALLOW_HTTP_CONNECTIONS) == TRUE
>    gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|TRUE
>  !endif
> +!if $(NETWORK_ISCSI_ENABLE) == TRUE
> +  gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable|TRUE
> +!endif
> --
> 2.21.0.windows.1


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
       [not found] ` <160006BBBC4857E5.7267@groups.io>
@ 2020-03-27  2:20   ` Yao, Jiewen
  2020-03-27  2:53     ` Gao, Zhichao
  0 siblings, 1 reply; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-27  2:20 UTC (permalink / raw)
  To: devel@edk2.groups.io, Yao, Jiewen, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin, Fu, Siyuan

Some other comments:

2) You may consider disable those feature in openssl build as well, such as OPENSSL_NO_MD4, OPENSSL_NO_RC4, OPENSSL_NO_DES

3) Is there any usage of HMAC_MD5 or HMAC_SHA1 ?
We can remove those if no real usage and just leave HMAC_SHA256 there.


> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, Jiewen
> Sent: Friday, March 27, 2020 10:01 AM
> To: devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Good feature.
> 
> I believe TPM1.2 still uses SHA1. It should be added as well.
> 
> 
> 
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gao,
> > Zhichao
> > Sent: Friday, March 27, 2020 9:56 AM
> > To: devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> >
> > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > They are all deprecated. Edk2 would not support them any longer.
> > So remove them.
> > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> > default value to false to indicate they are deprecated.
> >
> > NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> > the md5 pcd to TURE when iSCSI is enabled.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> >
> > Zhichao Gao (8):
> >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> >
> >  CryptoPkg/CryptoPkg.dec                       |  11 +
> >  CryptoPkg/CryptoPkg.uni                       |  11 +
> >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> >  37 files changed, 145 insertions(+), 4221 deletions(-)
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> >  delete mode 100644
> CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> >
> > --
> > 2.21.0.windows.1
> >
> >
> >
> 
> 
> 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  2:01 ` [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function Yao, Jiewen
@ 2020-03-27  2:43   ` Gao, Zhichao
  2020-03-27  2:50     ` Yao, Jiewen
  0 siblings, 1 reply; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  2:43 UTC (permalink / raw)
  To: Yao, Jiewen, devel@edk2.groups.io
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin, Fu, Siyuan

Jiewen,
Thanks for the reminder. But TPM didn't have the inc file as NetWorkPkg to set the pcd for all platform. The change for TPM1.2 should be at platform side.
I would change the edk2 platform code as well once the solution is decided.

Thanks,
Zhichao

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Friday, March 27, 2020 10:01 AM
> To: devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> 
> Good feature.
> 
> I believe TPM1.2 still uses SHA1. It should be added as well.
> 
> 
> 
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gao,
> > Zhichao
> > Sent: Friday, March 27, 2020 9:56 AM
> > To: devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> >
> > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > They are all deprecated. Edk2 would not support them any longer.
> > So remove them.
> > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> > default value to false to indicate they are deprecated.
> >
> > NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> > the md5 pcd to TURE when iSCSI is enabled.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> >
> > Zhichao Gao (8):
> >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> >
> >  CryptoPkg/CryptoPkg.dec                       |  11 +
> >  CryptoPkg/CryptoPkg.uni                       |  11 +
> >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> >  37 files changed, 145 insertions(+), 4221 deletions(-)  delete mode
> > 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> >
> > --
> > 2.21.0.windows.1
> >
> >
> > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
  2020-03-27  2:04   ` [edk2-devel] " Michael D Kinney
@ 2020-03-27  2:44     ` Gao, Zhichao
  2020-03-27  2:51       ` Wang, Jian J
  0 siblings, 1 reply; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  2:44 UTC (permalink / raw)
  To: Kinney, Michael D, devel@edk2.groups.io; +Cc: Wang, Jian J, Lu, XiaoyuX

Hi Mike,

It is better to not compile the deprecated function, i.e. disable the function at build time. Is there another way to disable the function at build time except the #if statement?

Thanks,
Zhichao

> -----Original Message-----
> From: Kinney, Michael D
> Sent: Friday, March 27, 2020 10:04 AM
> To: devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>; Kinney,
> Michael D <michael.d.kinney@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to
> control the SHA1 enablement
> 
> We should not use #if statements in C code.
> 
> Also, we should not be changing the layout of the structure based on a PCD
> feature flag.
> 
> I agree we need to ability to disable the use of some Crypto services, but we
> need to decide what behavior we want at build time and boot time if there is
> code that uses a disabled service.
> 
> Mike
> 
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gao,
> > Zhichao
> > Sent: Thursday, March 26, 2020 6:56 PM
> > To: devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>
> > Subject: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib:
> > Use Pcd to control the SHA1 enablement
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> >
> > Md5 and SHA1 is not secure any longer but uefi spec need to keep them
> > for backwards compatibility.
> > Use pcd PcdSHA1Enable to control the SHA1 function enablement.
> > When disable the SHA1 functions would not be complied.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > ---
> >  CryptoPkg/Driver/Crypto.c                            |
> > 8 ++++++++
> >  CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf      |
> > 1 +
> >  CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c  |
> > 3 +++
> >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c    |
> > 3 +++
> >  CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf       |
> > 1 +
> >  CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c |
> > 3 +++
> >  CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c    |
> > 2 ++
> >  CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c      |
> > 2 ++
> >  CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf   |
> > 1 +
> >  CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf       |
> > 1 +
> >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c        |
> > 4 +++-
> >  .../Library/BaseCryptLibOnProtocolPpi/CryptLib.c     |
> > 4 ++++
> >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c    |
> > 12 ++++++++++++
> >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf  |
> > 1 +
> >  CryptoPkg/Private/Protocol/Crypto.h                  |
> > 9 ++++++++-
> >  15 files changed, 53 insertions(+), 2 deletions(-)
> >
> > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
> > index b53da85bad..f7902205b3 100644
> > --- a/CryptoPkg/Driver/Crypto.c
> > +++ b/CryptoPkg/Driver/Crypto.c
> > @@ -266,6 +266,7 @@ CryptoServiceMd5HashAll (  }  #endif
> >
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >  /**
> >    Retrieves the size, in bytes, of the context buffer required for
> > SHA-1 hash operations.
> >
> > @@ -423,6 +424,7 @@ CryptoServiceSha1HashAll (  {
> >    return CALL_BASECRYPTLIB (Sha1.Services.HashAll, Sha1HashAll,
> > (Data, DataSize, HashValue), FALSE);  }
> > +#endif
> >
> >  /**
> >    Retrieves the size, in bytes, of the context buffer
> > required for SHA-256 hash operations.
> > @@ -1177,6 +1179,7 @@ CryptoServiceHmacMd5Final (
> >  }
> >  #endif
> >
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >  /**
> >    Allocates and initializes one HMAC_CTX context for
> > subsequent HMAC-SHA1 use.
> >
> > @@ -1327,6 +1330,7 @@ CryptoServiceHmacSha1Final (
> >  {
> >    return CALL_BASECRYPTLIB (HmacSha1.Services.Final,
> > HmacSha1Final, (HmacSha1Context, HmacValue), FALSE);
> >  }
> > +#endif
> >
> >  /**
> >    Allocates and initializes one HMAC_CTX context for
> > subsequent HMAC-SHA256 use.
> > @@ -3820,6 +3824,7 @@ const EDKII_CRYPTO_PROTOCOL
> > mEdkiiCrypto = {
> >    CryptoServiceHmacMd5Update,
> >    CryptoServiceHmacMd5Final,
> >  #endif
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >    /// HMAC SHA1
> >    CryptoServiceHmacSha1New,
> >    CryptoServiceHmacSha1Free,
> > @@ -3827,6 +3832,7 @@ const EDKII_CRYPTO_PROTOCOL
> > mEdkiiCrypto = {
> >    CryptoServiceHmacSha1Duplicate,
> >    CryptoServiceHmacSha1Update,
> >    CryptoServiceHmacSha1Final,
> > +#endif
> >    /// HMAC SHA256
> >    CryptoServiceHmacSha256New,
> >    CryptoServiceHmacSha256Free,
> > @@ -3877,6 +3883,7 @@ const EDKII_CRYPTO_PROTOCOL
> > mEdkiiCrypto = {
> >    CryptoServiceRsaPkcs1Verify,
> >    CryptoServiceRsaGetPrivateKeyFromPem,
> >    CryptoServiceRsaGetPublicKeyFromX509,
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >    /// Sha1
> >    CryptoServiceSha1GetContextSize,
> >    CryptoServiceSha1Init,
> > @@ -3884,6 +3891,7 @@ const EDKII_CRYPTO_PROTOCOL
> > mEdkiiCrypto = {
> >    CryptoServiceSha1Update,
> >    CryptoServiceSha1Final,
> >    CryptoServiceSha1HashAll,
> > +#endif
> >    /// Sha256
> >    CryptoServiceSha256GetContextSize,
> >    CryptoServiceSha256Init,
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > index 5c65ef5892..9ffd98096c 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > @@ -85,6 +85,7 @@
> >
> >  [Pcd]
> >    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> >
> >  #
> >  # Remove these [BuildOptions] after this library is
> > cleaned up
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> > index 7593ca55b1..baba6b267c 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> > +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> > @@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-
> > Patent
> >
> >  **/
> >
> > +#include <Library/PcdLib.h>
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >  #include "InternalCryptLib.h"
> >  #include <openssl/hmac.h>
> >
> > @@ -214,3 +216,4 @@ HmacSha1Final (
> >
> >    return TRUE;
> >  }
> > +#endif
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> > index e8c0f341b7..1314fa1a77 100644
> > ---
> > a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> > +++
> > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> > @@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-
> > Patent
> >
> >  **/
> >
> > +#include <Library/PcdLib.h>
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >  #include "InternalCryptLib.h"
> >
> >  /**
> > @@ -137,3 +139,4 @@ HmacSha1Final (
> >    ASSERT (FALSE);
> >    return FALSE;
> >  }
> > +#endif
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > index cebc74ccf2..b40e76f243 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > @@ -78,6 +78,7 @@
> >
> >  [Pcd]
> >    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> >
> >  #
> >  # Remove these [BuildOptions] after this library is
> > cleaned up
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > index a89c1525c1..15e6bc2cb4 100644
> > ---
> > a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > +++
> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > @@ -7,6 +7,7 @@ SPDX-License-Identifier: BSD-2-Clause-
> > Patent
> >  **/
> >
> >  #include "InternalCryptLib.h"
> > +#include <Library/PcdLib.h>
> >  #include <openssl/evp.h>
> >  #include <openssl/hmac.h>
> >
> > @@ -68,9 +69,11 @@ Pkcs5HashPassword (
> >    // Make sure the digest algorithm is supported.
> >    //
> >    switch (DigestSize) {
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >    case SHA1_DIGEST_SIZE:
> >      HashAlg = EVP_sha1();
> >      break;
> > +#endif
> >    case SHA256_DIGEST_SIZE:
> >      HashAlg = EVP_sha256();
> >      break;
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> > index 31b78464d2..549ee1b933 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> > @@ -298,9 +298,11 @@ RsaPkcs1Verify (
> >      break;
> >  #endif
> >
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >    case SHA1_DIGEST_SIZE:
> >      DigestType = NID_sha1;
> >      break;
> > +#endif
> >
> >    case SHA256_DIGEST_SIZE:
> >      DigestType = NID_sha256;
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> > index 1a50be1d78..60605e3486 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> > @@ -336,9 +336,11 @@ RsaPkcs1Sign (
> >      break;
> >  #endif
> >
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >    case SHA1_DIGEST_SIZE:
> >      DigestType = NID_sha1;
> >      break;
> > +#endif
> >
> >    case SHA256_DIGEST_SIZE:
> >      DigestType = NID_sha256;
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > index 72d4cd03ab..b6c0be70f2 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > @@ -90,6 +90,7 @@
> >
> >  [Pcd]
> >    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> >
> >  #
> >  # Remove these [BuildOptions] after this library is
> > cleaned up
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > index 21f104c916..7f678eee93 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > @@ -89,6 +89,7 @@
> >
> >  [Pcd]
> >    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> >
> >  #
> >  # Remove these [BuildOptions] after this library is
> > cleaned up
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> > ll.c
> > b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> > ll.c
> > index e8c0f341b7..3aac798188 100644
> > ---
> > a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> > ll.c
> > +++
> > b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> > ll.c
> > @@ -5,7 +5,8 @@ Copyright (c) 2012 - 2020, Intel
> > Corporation. All rights reserved.<BR>
> >  SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> >  **/
> > -
> > +#include <Library/PcdLib.h>
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >  #include "InternalCryptLib.h"
> >
> >  /**
> > @@ -137,3 +138,4 @@ HmacSha1Final (
> >    ASSERT (FALSE);
> >    return FALSE;
> >  }
> > +#endif
> > diff --git
> > a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > index cba1e4c8bf..8429fefc0b 100644
> > ---
> > a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > +++
> > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > @@ -260,6 +260,7 @@ Md5HashAll (
> >  }
> >  #endif
> >
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >  /**
> >    Retrieves the size, in bytes, of the context buffer
> > required for SHA-1 hash operations.
> >
> > @@ -417,6 +418,7 @@ Sha1HashAll (
> >  {
> >    CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize,
> > HashValue), FALSE);
> >  }
> > +#endif
> >
> >  /**
> >    Retrieves the size, in bytes, of the context buffer
> > required for SHA-256 hash operations.
> > @@ -1171,6 +1173,7 @@ HmacMd5Final (
> >  }
> >  #endif
> >
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >  /**
> >    Allocates and initializes one HMAC_CTX context for
> > subsequent HMAC-SHA1 use.
> >
> > @@ -1321,6 +1324,7 @@ HmacSha1Final (
> >  {
> >    CALL_CRYPTO_SERVICE (HmacSha1Final, (HmacSha1Context,
> > HmacValue), FALSE);
> >  }
> > +#endif
> >
> >  /**
> >    Allocates and initializes one HMAC_CTX context for
> > subsequent HMAC-SHA256 use.
> > diff --git
> > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > index f9796b2158..754d75aeb2 100644
> > --- a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > +++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > @@ -33,9 +33,11 @@ HashApiGetContextSize (
> >    )
> >  {
> >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >      case HASH_ALG_SHA1:
> >        return Sha1GetContextSize ();
> >        break;
> > +#endif
> >
> >      case HASH_ALG_SHA256:
> >        return Sha256GetContextSize ();
> > @@ -75,9 +77,11 @@ HashApiInit (
> >    )
> >  {
> >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >      case HASH_ALG_SHA1:
> >        return Sha1Init (HashContext);
> >        break;
> > +#endif
> >
> >      case HASH_ALG_SHA256:
> >        return Sha256Init (HashContext);
> > @@ -119,9 +123,11 @@ HashApiDuplicate (
> >    )
> >  {
> >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >      case HASH_ALG_SHA1:
> >        return Sha1Duplicate (HashContext,
> > NewHashContext);
> >        break;
> > +#endif
> >
> >      case HASH_ALG_SHA256:
> >        return Sha256Duplicate (HashContext,
> > NewHashContext);
> > @@ -165,9 +171,11 @@ HashApiUpdate (
> >    )
> >  {
> >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >      case HASH_ALG_SHA1:
> >        return Sha1Update (HashContext, DataToHash,
> > DataToHashLen);
> >        break;
> > +#endif
> >
> >      case HASH_ALG_SHA256:
> >        return Sha256Update (HashContext, DataToHash,
> > DataToHashLen);
> > @@ -209,9 +217,11 @@ HashApiFinal (
> >    )
> >  {
> >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >      case HASH_ALG_SHA1:
> >        return Sha1Final (HashContext, Digest);
> >        break;
> > +#endif
> >
> >      case HASH_ALG_SHA256:
> >        return Sha256Final (HashContext, Digest);
> > @@ -255,9 +265,11 @@ HashApiHashAll (
> >    )
> >  {
> >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >      case HASH_ALG_SHA1:
> >        return Sha1HashAll (DataToHash, DataToHashLen,
> > Digest);
> >        break;
> > +#endif
> >
> >      case HASH_ALG_SHA256:
> >        return Sha256HashAll (DataToHash, DataToHashLen,
> > Digest);
> > diff --git
> > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > index b4d8675ddd..29f7d7abfd 100644
> > --- a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > +++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > @@ -42,3 +42,4 @@
> >
> >  [Pcd]
> >    gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy    ##
> > CONSUMES
> > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable          ##
> > CONSUMES
> > diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> > b/CryptoPkg/Private/Protocol/Crypto.h
> > index 527318dc23..3f8c5751a7 100644
> > --- a/CryptoPkg/Private/Protocol/Crypto.h
> > +++ b/CryptoPkg/Private/Protocol/Crypto.h
> > @@ -179,6 +179,7 @@ BOOLEAN
> >    );
> >  #endif
> >
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >  /**
> >    Allocates and initializes one HMAC_CTX context for
> > subsequent HMAC-SHA1 use.
> >
> > @@ -315,7 +316,7 @@ BOOLEAN
> >    IN OUT  VOID   *HmacSha1Context,
> >    OUT     UINT8  *HmacValue
> >    );
> > -
> > +#endif
> >
> >  /**
> >    Allocates and initializes one HMAC_CTX context for
> > subsequent HMAC-SHA256 use.
> > @@ -1537,6 +1538,7 @@ BOOLEAN
> >  // SHA
> >  //----------------------------------------
> >
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >  /**
> >    Retrieves the size, in bytes, of the context buffer
> > required for SHA-1 hash operations.
> >
> > @@ -1676,6 +1678,7 @@ BOOLEAN
> >    IN   UINTN       DataSize,
> >    OUT  UINT8       *HashValue
> >    );
> > +#endif
> >
> >  /**
> >    Retrieves the size, in bytes, of the context buffer
> > required for SHA-256 hash operations.
> > @@ -3453,6 +3456,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
> >    EDKII_CRYPTO_HMAC_MD5_UPDATE
> > HmacMd5Update;
> >    EDKII_CRYPTO_HMAC_MD5_FINAL
> > HmacMd5Final;
> >  #endif
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >    /// HMAC SHA1
> >    EDKII_CRYPTO_HMAC_SHA1_NEW
> > HmacSha1New;
> >    EDKII_CRYPTO_HMAC_SHA1_FREE
> > HmacSha1Free;
> > @@ -3460,6 +3464,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
> >    EDKII_CRYPTO_HMAC_SHA1_DUPLICATE
> > HmacSha1Duplicate;
> >    EDKII_CRYPTO_HMAC_SHA1_UPDATE
> > HmacSha1Update;
> >    EDKII_CRYPTO_HMAC_SHA1_FINAL
> > HmacSha1Final;
> > +#endif
> >    /// HMAC SHA256
> >    EDKII_CRYPTO_HMAC_SHA256_NEW
> > HmacSha256New;
> >    EDKII_CRYPTO_HMAC_SHA256_FREE
> > HmacSha256Free;
> > @@ -3510,6 +3515,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
> >    EDKII_CRYPTO_RSA_PKCS1_VERIFY
> > RsaPkcs1Verify;
> >    EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM
> > RsaGetPrivateKeyFromPem;
> >    EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509
> > RsaGetPublicKeyFromX509;
> > +#if (FixedPcdGetBool (PcdSHA1Enable))
> >    /// Sha1
> >    EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE
> > Sha1GetContextSize;
> >    EDKII_CRYPTO_SHA1_INIT
> > Sha1Init;
> > @@ -3517,6 +3523,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
> >    EDKII_CRYPTO_SHA1_UPDATE
> > Sha1Update;
> >    EDKII_CRYPTO_SHA1_FINAL
> > Sha1Final;
> >    EDKII_CRYPTO_SHA1_HASH_ALL
> > Sha1HashAll;
> > +#endif
> >    /// Sha256
> >    EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE
> > Sha256GetContextSize;
> >    EDKII_CRYPTO_SHA256_INIT
> > Sha256Init;
> > --
> > 2.21.0.windows.1
> >
> >
> > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
                   ` (9 preceding siblings ...)
       [not found] ` <160006BBBC4857E5.7267@groups.io>
@ 2020-03-27  2:47 ` Siyuan, Fu
  2020-03-27  2:57   ` [edk2-devel] " Yao, Jiewen
  10 siblings, 1 reply; 38+ messages in thread
From: Siyuan, Fu @ 2020-03-27  2:47 UTC (permalink / raw)
  To: Gao, Zhichao, devel@edk2.groups.io
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Hi, Zhichao

We should never move/delete a member field of a previous defined protocol
Interface. Instead, these protocol APIs shall be kept and return an error code
If the function is retired. Otherwise the consumer driver may call into an
Incorrect function if it's build with different codebase/PCD settings with the
Crypto PEI/DXE/SMM driver.
This comment applies to all the EDKII_CRYPTO_PROTOCOL related changes in
your patch set.

Best Regards
Siyuan 

> -----Original Message-----
> From: Gao, Zhichao <zhichao.gao@intel.com>
> Sent: 2020年3月27日 9:56
> To: devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> 
> MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> They are all deprecated. Edk2 would not support them any longer.
> So remove them.
> But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> default value to false to indicate they are deprecated.
> 
> NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> the md5 pcd to TURE when iSCSI is enabled.
> 
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Siyuan Fu <siyuan.fu@intel.com>
> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> 
> Zhichao Gao (8):
>   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
>   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
>   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
>   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
>   CryptoPkg/dec: Add pcds to avoid building the deprecated function
>   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
>   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
>   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> 
>  CryptoPkg/CryptoPkg.dec                       |  11 +
>  CryptoPkg/CryptoPkg.uni                       |  11 +
>  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
>  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
>  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
>  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
>  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
>  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
>  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
>  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
>  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
>  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
>  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
>  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
>  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
>  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
>  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
>  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
>  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
>  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
>  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
>  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
>  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
>  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
>  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
>  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
>  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
>  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
>  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
>  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
>  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
>  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
>  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
>  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
>  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
>  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
>  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
>  37 files changed, 145 insertions(+), 4221 deletions(-)
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
>  delete mode 100644
> CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
>  delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> 
> --
> 2.21.0.windows.1


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  2:43   ` Gao, Zhichao
@ 2020-03-27  2:50     ` Yao, Jiewen
  2020-03-27  2:54       ` Gao, Zhichao
  0 siblings, 1 reply; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-27  2:50 UTC (permalink / raw)
  To: Gao, Zhichao, devel@edk2.groups.io
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin, Fu, Siyuan

The SHA1 is called explicitly in SecurityPkg. Are you sure we don't need update security pkg?

> -----Original Message-----
> From: Gao, Zhichao <zhichao.gao@intel.com>
> Sent: Friday, March 27, 2020 10:44 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Jiewen,
> Thanks for the reminder. But TPM didn't have the inc file as NetWorkPkg to set
> the pcd for all platform. The change for TPM1.2 should be at platform side.
> I would change the edk2 platform code as well once the solution is decided.
> 
> Thanks,
> Zhichao
> 
> > -----Original Message-----
> > From: Yao, Jiewen
> > Sent: Friday, March 27, 2020 10:01 AM
> > To: devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> >
> > Good feature.
> >
> > I believe TPM1.2 still uses SHA1. It should be added as well.
> >
> >
> >
> >
> > > -----Original Message-----
> > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gao,
> > > Zhichao
> > > Sent: Friday, March 27, 2020 9:56 AM
> > > To: devel@edk2.groups.io
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > > Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > Subject: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > function
> > >
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > >
> > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > > They are all deprecated. Edk2 would not support them any longer.
> > > So remove them.
> > > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > > So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> > > default value to false to indicate they are deprecated.
> > >
> > > NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> > > the md5 pcd to TURE when iSCSI is enabled.
> > >
> > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > >
> > > Zhichao Gao (8):
> > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> > >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> > >
> > >  CryptoPkg/CryptoPkg.dec                       |  11 +
> > >  CryptoPkg/CryptoPkg.uni                       |  11 +
> > >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> > >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> > >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> > >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> > >  37 files changed, 145 insertions(+), 4221 deletions(-)  delete mode
> > > 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > >
> > > --
> > > 2.21.0.windows.1
> > >
> > >
> > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
  2020-03-27  2:44     ` Gao, Zhichao
@ 2020-03-27  2:51       ` Wang, Jian J
  2020-03-27 17:35         ` Laszlo Ersek
  0 siblings, 1 reply; 38+ messages in thread
From: Wang, Jian J @ 2020-03-27  2:51 UTC (permalink / raw)
  To: Gao, Zhichao, Kinney, Michael D, devel@edk2.groups.io; +Cc: Lu, XiaoyuX

Zhichao,

You can just use the PCD in C code "if (PcdGet...){}" instead of macro #if.

Regards,
Jian

> -----Original Message-----
> From: Gao, Zhichao <zhichao.gao@intel.com>
> Sent: Friday, March 27, 2020 10:44 AM
> To: Kinney, Michael D <michael.d.kinney@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to
> control the SHA1 enablement
> 
> Hi Mike,
> 
> It is better to not compile the deprecated function, i.e. disable the function at
> build time. Is there another way to disable the function at build time except the
> #if statement?
> 
> Thanks,
> Zhichao
> 
> > -----Original Message-----
> > From: Kinney, Michael D
> > Sent: Friday, March 27, 2020 10:04 AM
> > To: devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>; Kinney,
> > Michael D <michael.d.kinney@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to
> > control the SHA1 enablement
> >
> > We should not use #if statements in C code.
> >
> > Also, we should not be changing the layout of the structure based on a PCD
> > feature flag.
> >
> > I agree we need to ability to disable the use of some Crypto services, but we
> > need to decide what behavior we want at build time and boot time if there is
> > code that uses a disabled service.
> >
> > Mike
> >
> >
> > > -----Original Message-----
> > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gao,
> > > Zhichao
> > > Sent: Thursday, March 26, 2020 6:56 PM
> > > To: devel@edk2.groups.io
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>
> > > Subject: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib:
> > > Use Pcd to control the SHA1 enablement
> > >
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > >
> > > Md5 and SHA1 is not secure any longer but uefi spec need to keep them
> > > for backwards compatibility.
> > > Use pcd PcdSHA1Enable to control the SHA1 function enablement.
> > > When disable the SHA1 functions would not be complied.
> > >
> > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > > ---
> > >  CryptoPkg/Driver/Crypto.c                            |
> > > 8 ++++++++
> > >  CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf      |
> > > 1 +
> > >  CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c  |
> > > 3 +++
> > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c    |
> > > 3 +++
> > >  CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf       |
> > > 1 +
> > >  CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c |
> > > 3 +++
> > >  CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c    |
> > > 2 ++
> > >  CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c      |
> > > 2 ++
> > >  CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf   |
> > > 1 +
> > >  CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf       |
> > > 1 +
> > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c        |
> > > 4 +++-
> > >  .../Library/BaseCryptLibOnProtocolPpi/CryptLib.c     |
> > > 4 ++++
> > >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c    |
> > > 12 ++++++++++++
> > >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf  |
> > > 1 +
> > >  CryptoPkg/Private/Protocol/Crypto.h                  |
> > > 9 ++++++++-
> > >  15 files changed, 53 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
> > > index b53da85bad..f7902205b3 100644
> > > --- a/CryptoPkg/Driver/Crypto.c
> > > +++ b/CryptoPkg/Driver/Crypto.c
> > > @@ -266,6 +266,7 @@ CryptoServiceMd5HashAll (  }  #endif
> > >
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >  /**
> > >    Retrieves the size, in bytes, of the context buffer required for
> > > SHA-1 hash operations.
> > >
> > > @@ -423,6 +424,7 @@ CryptoServiceSha1HashAll (  {
> > >    return CALL_BASECRYPTLIB (Sha1.Services.HashAll, Sha1HashAll,
> > > (Data, DataSize, HashValue), FALSE);  }
> > > +#endif
> > >
> > >  /**
> > >    Retrieves the size, in bytes, of the context buffer
> > > required for SHA-256 hash operations.
> > > @@ -1177,6 +1179,7 @@ CryptoServiceHmacMd5Final (
> > >  }
> > >  #endif
> > >
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >  /**
> > >    Allocates and initializes one HMAC_CTX context for
> > > subsequent HMAC-SHA1 use.
> > >
> > > @@ -1327,6 +1330,7 @@ CryptoServiceHmacSha1Final (
> > >  {
> > >    return CALL_BASECRYPTLIB (HmacSha1.Services.Final,
> > > HmacSha1Final, (HmacSha1Context, HmacValue), FALSE);
> > >  }
> > > +#endif
> > >
> > >  /**
> > >    Allocates and initializes one HMAC_CTX context for
> > > subsequent HMAC-SHA256 use.
> > > @@ -3820,6 +3824,7 @@ const EDKII_CRYPTO_PROTOCOL
> > > mEdkiiCrypto = {
> > >    CryptoServiceHmacMd5Update,
> > >    CryptoServiceHmacMd5Final,
> > >  #endif
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >    /// HMAC SHA1
> > >    CryptoServiceHmacSha1New,
> > >    CryptoServiceHmacSha1Free,
> > > @@ -3827,6 +3832,7 @@ const EDKII_CRYPTO_PROTOCOL
> > > mEdkiiCrypto = {
> > >    CryptoServiceHmacSha1Duplicate,
> > >    CryptoServiceHmacSha1Update,
> > >    CryptoServiceHmacSha1Final,
> > > +#endif
> > >    /// HMAC SHA256
> > >    CryptoServiceHmacSha256New,
> > >    CryptoServiceHmacSha256Free,
> > > @@ -3877,6 +3883,7 @@ const EDKII_CRYPTO_PROTOCOL
> > > mEdkiiCrypto = {
> > >    CryptoServiceRsaPkcs1Verify,
> > >    CryptoServiceRsaGetPrivateKeyFromPem,
> > >    CryptoServiceRsaGetPublicKeyFromX509,
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >    /// Sha1
> > >    CryptoServiceSha1GetContextSize,
> > >    CryptoServiceSha1Init,
> > > @@ -3884,6 +3891,7 @@ const EDKII_CRYPTO_PROTOCOL
> > > mEdkiiCrypto = {
> > >    CryptoServiceSha1Update,
> > >    CryptoServiceSha1Final,
> > >    CryptoServiceSha1HashAll,
> > > +#endif
> > >    /// Sha256
> > >    CryptoServiceSha256GetContextSize,
> > >    CryptoServiceSha256Init,
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > index 5c65ef5892..9ffd98096c 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > @@ -85,6 +85,7 @@
> > >
> > >  [Pcd]
> > >    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> > > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> > >
> > >  #
> > >  # Remove these [BuildOptions] after this library is
> > > cleaned up
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> > > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> > > index 7593ca55b1..baba6b267c 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> > > +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> > > @@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-
> > > Patent
> > >
> > >  **/
> > >
> > > +#include <Library/PcdLib.h>
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >  #include "InternalCryptLib.h"
> > >  #include <openssl/hmac.h>
> > >
> > > @@ -214,3 +216,4 @@ HmacSha1Final (
> > >
> > >    return TRUE;
> > >  }
> > > +#endif
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> > > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> > > index e8c0f341b7..1314fa1a77 100644
> > > ---
> > > a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> > > +++
> > > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> > > @@ -6,6 +6,8 @@ SPDX-License-Identifier: BSD-2-Clause-
> > > Patent
> > >
> > >  **/
> > >
> > > +#include <Library/PcdLib.h>
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >  #include "InternalCryptLib.h"
> > >
> > >  /**
> > > @@ -137,3 +139,4 @@ HmacSha1Final (
> > >    ASSERT (FALSE);
> > >    return FALSE;
> > >  }
> > > +#endif
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > index cebc74ccf2..b40e76f243 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > @@ -78,6 +78,7 @@
> > >
> > >  [Pcd]
> > >    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> > > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> > >
> > >  #
> > >  # Remove these [BuildOptions] after this library is
> > > cleaned up
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > > index a89c1525c1..15e6bc2cb4 100644
> > > ---
> > > a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > > +++
> > > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > > @@ -7,6 +7,7 @@ SPDX-License-Identifier: BSD-2-Clause-
> > > Patent
> > >  **/
> > >
> > >  #include "InternalCryptLib.h"
> > > +#include <Library/PcdLib.h>
> > >  #include <openssl/evp.h>
> > >  #include <openssl/hmac.h>
> > >
> > > @@ -68,9 +69,11 @@ Pkcs5HashPassword (
> > >    // Make sure the digest algorithm is supported.
> > >    //
> > >    switch (DigestSize) {
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >    case SHA1_DIGEST_SIZE:
> > >      HashAlg = EVP_sha1();
> > >      break;
> > > +#endif
> > >    case SHA256_DIGEST_SIZE:
> > >      HashAlg = EVP_sha256();
> > >      break;
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> > > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> > > index 31b78464d2..549ee1b933 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c
> > > @@ -298,9 +298,11 @@ RsaPkcs1Verify (
> > >      break;
> > >  #endif
> > >
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >    case SHA1_DIGEST_SIZE:
> > >      DigestType = NID_sha1;
> > >      break;
> > > +#endif
> > >
> > >    case SHA256_DIGEST_SIZE:
> > >      DigestType = NID_sha256;
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> > > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> > > index 1a50be1d78..60605e3486 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c
> > > @@ -336,9 +336,11 @@ RsaPkcs1Sign (
> > >      break;
> > >  #endif
> > >
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >    case SHA1_DIGEST_SIZE:
> > >      DigestType = NID_sha1;
> > >      break;
> > > +#endif
> > >
> > >    case SHA256_DIGEST_SIZE:
> > >      DigestType = NID_sha256;
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > index 72d4cd03ab..b6c0be70f2 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > @@ -90,6 +90,7 @@
> > >
> > >  [Pcd]
> > >    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> > > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> > >
> > >  #
> > >  # Remove these [BuildOptions] after this library is
> > > cleaned up
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > index 21f104c916..7f678eee93 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > @@ -89,6 +89,7 @@
> > >
> > >  [Pcd]
> > >    gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable
> > > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable
> > >
> > >  #
> > >  # Remove these [BuildOptions] after this library is
> > > cleaned up
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> > > ll.c
> > > b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> > > ll.c
> > > index e8c0f341b7..3aac798188 100644
> > > ---
> > > a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> > > ll.c
> > > +++
> > > b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Nu
> > > ll.c
> > > @@ -5,7 +5,8 @@ Copyright (c) 2012 - 2020, Intel
> > > Corporation. All rights reserved.<BR>
> > >  SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > >  **/
> > > -
> > > +#include <Library/PcdLib.h>
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >  #include "InternalCryptLib.h"
> > >
> > >  /**
> > > @@ -137,3 +138,4 @@ HmacSha1Final (
> > >    ASSERT (FALSE);
> > >    return FALSE;
> > >  }
> > > +#endif
> > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > index cba1e4c8bf..8429fefc0b 100644
> > > ---
> > > a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > +++
> > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > @@ -260,6 +260,7 @@ Md5HashAll (
> > >  }
> > >  #endif
> > >
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >  /**
> > >    Retrieves the size, in bytes, of the context buffer
> > > required for SHA-1 hash operations.
> > >
> > > @@ -417,6 +418,7 @@ Sha1HashAll (
> > >  {
> > >    CALL_CRYPTO_SERVICE (Sha1HashAll, (Data, DataSize,
> > > HashValue), FALSE);
> > >  }
> > > +#endif
> > >
> > >  /**
> > >    Retrieves the size, in bytes, of the context buffer
> > > required for SHA-256 hash operations.
> > > @@ -1171,6 +1173,7 @@ HmacMd5Final (
> > >  }
> > >  #endif
> > >
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >  /**
> > >    Allocates and initializes one HMAC_CTX context for
> > > subsequent HMAC-SHA1 use.
> > >
> > > @@ -1321,6 +1324,7 @@ HmacSha1Final (
> > >  {
> > >    CALL_CRYPTO_SERVICE (HmacSha1Final, (HmacSha1Context,
> > > HmacValue), FALSE);
> > >  }
> > > +#endif
> > >
> > >  /**
> > >    Allocates and initializes one HMAC_CTX context for
> > > subsequent HMAC-SHA256 use.
> > > diff --git
> > > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > > index f9796b2158..754d75aeb2 100644
> > > --- a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > > +++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > > @@ -33,9 +33,11 @@ HashApiGetContextSize (
> > >    )
> > >  {
> > >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >      case HASH_ALG_SHA1:
> > >        return Sha1GetContextSize ();
> > >        break;
> > > +#endif
> > >
> > >      case HASH_ALG_SHA256:
> > >        return Sha256GetContextSize ();
> > > @@ -75,9 +77,11 @@ HashApiInit (
> > >    )
> > >  {
> > >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >      case HASH_ALG_SHA1:
> > >        return Sha1Init (HashContext);
> > >        break;
> > > +#endif
> > >
> > >      case HASH_ALG_SHA256:
> > >        return Sha256Init (HashContext);
> > > @@ -119,9 +123,11 @@ HashApiDuplicate (
> > >    )
> > >  {
> > >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >      case HASH_ALG_SHA1:
> > >        return Sha1Duplicate (HashContext,
> > > NewHashContext);
> > >        break;
> > > +#endif
> > >
> > >      case HASH_ALG_SHA256:
> > >        return Sha256Duplicate (HashContext,
> > > NewHashContext);
> > > @@ -165,9 +171,11 @@ HashApiUpdate (
> > >    )
> > >  {
> > >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >      case HASH_ALG_SHA1:
> > >        return Sha1Update (HashContext, DataToHash,
> > > DataToHashLen);
> > >        break;
> > > +#endif
> > >
> > >      case HASH_ALG_SHA256:
> > >        return Sha256Update (HashContext, DataToHash,
> > > DataToHashLen);
> > > @@ -209,9 +217,11 @@ HashApiFinal (
> > >    )
> > >  {
> > >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >      case HASH_ALG_SHA1:
> > >        return Sha1Final (HashContext, Digest);
> > >        break;
> > > +#endif
> > >
> > >      case HASH_ALG_SHA256:
> > >        return Sha256Final (HashContext, Digest);
> > > @@ -255,9 +265,11 @@ HashApiHashAll (
> > >    )
> > >  {
> > >    switch (PcdGet32 (PcdHashApiLibPolicy)) {
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >      case HASH_ALG_SHA1:
> > >        return Sha1HashAll (DataToHash, DataToHashLen,
> > > Digest);
> > >        break;
> > > +#endif
> > >
> > >      case HASH_ALG_SHA256:
> > >        return Sha256HashAll (DataToHash, DataToHashLen,
> > > Digest);
> > > diff --git
> > > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > > index b4d8675ddd..29f7d7abfd 100644
> > > --- a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > > +++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > > @@ -42,3 +42,4 @@
> > >
> > >  [Pcd]
> > >    gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy    ##
> > > CONSUMES
> > > +  gEfiCryptoPkgTokenSpaceGuid.PcdSHA1Enable          ##
> > > CONSUMES
> > > diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> > > b/CryptoPkg/Private/Protocol/Crypto.h
> > > index 527318dc23..3f8c5751a7 100644
> > > --- a/CryptoPkg/Private/Protocol/Crypto.h
> > > +++ b/CryptoPkg/Private/Protocol/Crypto.h
> > > @@ -179,6 +179,7 @@ BOOLEAN
> > >    );
> > >  #endif
> > >
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >  /**
> > >    Allocates and initializes one HMAC_CTX context for
> > > subsequent HMAC-SHA1 use.
> > >
> > > @@ -315,7 +316,7 @@ BOOLEAN
> > >    IN OUT  VOID   *HmacSha1Context,
> > >    OUT     UINT8  *HmacValue
> > >    );
> > > -
> > > +#endif
> > >
> > >  /**
> > >    Allocates and initializes one HMAC_CTX context for
> > > subsequent HMAC-SHA256 use.
> > > @@ -1537,6 +1538,7 @@ BOOLEAN
> > >  // SHA
> > >  //----------------------------------------
> > >
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >  /**
> > >    Retrieves the size, in bytes, of the context buffer
> > > required for SHA-1 hash operations.
> > >
> > > @@ -1676,6 +1678,7 @@ BOOLEAN
> > >    IN   UINTN       DataSize,
> > >    OUT  UINT8       *HashValue
> > >    );
> > > +#endif
> > >
> > >  /**
> > >    Retrieves the size, in bytes, of the context buffer
> > > required for SHA-256 hash operations.
> > > @@ -3453,6 +3456,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > >    EDKII_CRYPTO_HMAC_MD5_UPDATE
> > > HmacMd5Update;
> > >    EDKII_CRYPTO_HMAC_MD5_FINAL
> > > HmacMd5Final;
> > >  #endif
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >    /// HMAC SHA1
> > >    EDKII_CRYPTO_HMAC_SHA1_NEW
> > > HmacSha1New;
> > >    EDKII_CRYPTO_HMAC_SHA1_FREE
> > > HmacSha1Free;
> > > @@ -3460,6 +3464,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > >    EDKII_CRYPTO_HMAC_SHA1_DUPLICATE
> > > HmacSha1Duplicate;
> > >    EDKII_CRYPTO_HMAC_SHA1_UPDATE
> > > HmacSha1Update;
> > >    EDKII_CRYPTO_HMAC_SHA1_FINAL
> > > HmacSha1Final;
> > > +#endif
> > >    /// HMAC SHA256
> > >    EDKII_CRYPTO_HMAC_SHA256_NEW
> > > HmacSha256New;
> > >    EDKII_CRYPTO_HMAC_SHA256_FREE
> > > HmacSha256Free;
> > > @@ -3510,6 +3515,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > >    EDKII_CRYPTO_RSA_PKCS1_VERIFY
> > > RsaPkcs1Verify;
> > >    EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM
> > > RsaGetPrivateKeyFromPem;
> > >    EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509
> > > RsaGetPublicKeyFromX509;
> > > +#if (FixedPcdGetBool (PcdSHA1Enable))
> > >    /// Sha1
> > >    EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE
> > > Sha1GetContextSize;
> > >    EDKII_CRYPTO_SHA1_INIT
> > > Sha1Init;
> > > @@ -3517,6 +3523,7 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > >    EDKII_CRYPTO_SHA1_UPDATE
> > > Sha1Update;
> > >    EDKII_CRYPTO_SHA1_FINAL
> > > Sha1Final;
> > >    EDKII_CRYPTO_SHA1_HASH_ALL
> > > Sha1HashAll;
> > > +#endif
> > >    /// Sha256
> > >    EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE
> > > Sha256GetContextSize;
> > >    EDKII_CRYPTO_SHA256_INIT
> > > Sha256Init;
> > > --
> > > 2.21.0.windows.1
> > >
> > >
> > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  2:20   ` Yao, Jiewen
@ 2020-03-27  2:53     ` Gao, Zhichao
  0 siblings, 0 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  2:53 UTC (permalink / raw)
  To: Yao, Jiewen, devel@edk2.groups.io
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin, Fu, Siyuan



> -----Original Message-----
> From: Yao, Jiewen
> Sent: Friday, March 27, 2020 10:21 AM
> To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Gao,
> Zhichao <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> 
> Some other comments:
> 
> 2) You may consider disable those feature in openssl build as well, such as
> OPENSSL_NO_MD4, OPENSSL_NO_RC4, OPENSSL_NO_DES

Good point. I would follow this.

> 
> 3) Is there any usage of HMAC_MD5 or HMAC_SHA1 ?
> We can remove those if no real usage and just leave HMAC_SHA256 there.

I would view whole edk2 scope (edk2, edk2platform and so on). And remove them if there is no usage.

Thanks,
Zhichao

> 
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao,
> > Jiewen
> > Sent: Friday, March 27, 2020 10:01 AM
> > To: devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> >
> > Good feature.
> >
> > I believe TPM1.2 still uses SHA1. It should be added as well.
> >
> >
> >
> >
> > > -----Original Message-----
> > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gao,
> > > Zhichao
> > > Sent: Friday, March 27, 2020 9:56 AM
> > > To: devel@edk2.groups.io
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > Subject: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > function
> > >
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > >
> > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > > They are all deprecated. Edk2 would not support them any longer.
> > > So remove them.
> > > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > > So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> > > default value to false to indicate they are deprecated.
> > >
> > > NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> > > the md5 pcd to TURE when iSCSI is enabled.
> > >
> > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > >
> > > Zhichao Gao (8):
> > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> > >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> > >
> > >  CryptoPkg/CryptoPkg.dec                       |  11 +
> > >  CryptoPkg/CryptoPkg.uni                       |  11 +
> > >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> > >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> > >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> > >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> > >  37 files changed, 145 insertions(+), 4221 deletions(-)  delete mode
> > > 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > >
> > > --
> > > 2.21.0.windows.1
> > >
> > >
> > >
> >
> >
> > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  2:50     ` Yao, Jiewen
@ 2020-03-27  2:54       ` Gao, Zhichao
  0 siblings, 0 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-03-27  2:54 UTC (permalink / raw)
  To: Yao, Jiewen, devel@edk2.groups.io
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin, Fu, Siyuan

Sorry for the mess. I used to view all the dsc as platform side. I would update security pkg as well.

Thanks,
Zhichao

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Friday, March 27, 2020 10:51 AM
> To: Gao, Zhichao <zhichao.gao@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> 
> The SHA1 is called explicitly in SecurityPkg. Are you sure we don't need
> update security pkg?
> 
> > -----Original Message-----
> > From: Gao, Zhichao <zhichao.gao@intel.com>
> > Sent: Friday, March 27, 2020 10:44 AM
> > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > Wu, Jiaxin <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> >
> > Jiewen,
> > Thanks for the reminder. But TPM didn't have the inc file as
> > NetWorkPkg to set the pcd for all platform. The change for TPM1.2 should
> be at platform side.
> > I would change the edk2 platform code as well once the solution is decided.
> >
> > Thanks,
> > Zhichao
> >
> > > -----Original Message-----
> > > From: Yao, Jiewen
> > > Sent: Friday, March 27, 2020 10:01 AM
> > > To: devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>;
> > > Fu, Siyuan <siyuan.fu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the
> > > deprecate function
> > >
> > > Good feature.
> > >
> > > I believe TPM1.2 still uses SHA1. It should be added as well.
> > >
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
> > > > Gao, Zhichao
> > > > Sent: Friday, March 27, 2020 9:56 AM
> > > > To: devel@edk2.groups.io
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>;
> > > > Fu, Siyuan <siyuan.fu@intel.com>
> > > > Subject: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > > function
> > > >
> > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > >
> > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > > > They are all deprecated. Edk2 would not support them any longer.
> > > > So remove them.
> > > > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > > > So add two pcds to control the MD5 and SHA1 enablement. Set the
> > > > pcds default value to false to indicate they are deprecated.
> > > >
> > > > NetWorkPkg's iSCSI driver would consume the MD5 function, so
> > > > change the md5 pcd to TURE when iSCSI is enabled.
> > > >
> > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > > >
> > > > Zhichao Gao (8):
> > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > > >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> > > >
> > > >  CryptoPkg/CryptoPkg.dec                       |  11 +
> > > >  CryptoPkg/CryptoPkg.uni                       |  11 +
> > > >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> > > >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> > > >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> > > >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> > > >  37 files changed, 145 insertions(+), 4221 deletions(-)  delete
> > > > mode
> > > > 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > >
> > > > --
> > > > 2.21.0.windows.1
> > > >
> > > >
> > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  2:47 ` Siyuan, Fu
@ 2020-03-27  2:57   ` Yao, Jiewen
  2020-03-27  3:06     ` Siyuan, Fu
  0 siblings, 1 reply; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-27  2:57 UTC (permalink / raw)
  To: devel@edk2.groups.io, Fu, Siyuan, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

EDKII_CRYPTO_PROTOCOL is *private*.
https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol/Crypto.h

Why we cannot change?



> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Siyuan, Fu
> Sent: Friday, March 27, 2020 10:47 AM
> To: Gao, Zhichao <zhichao.gao@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Hi, Zhichao
> 
> We should never move/delete a member field of a previous defined protocol
> Interface. Instead, these protocol APIs shall be kept and return an error code
> If the function is retired. Otherwise the consumer driver may call into an
> Incorrect function if it's build with different codebase/PCD settings with the
> Crypto PEI/DXE/SMM driver.
> This comment applies to all the EDKII_CRYPTO_PROTOCOL related changes in
> your patch set.
> 
> Best Regards
> Siyuan
> 
> > -----Original Message-----
> > From: Gao, Zhichao <zhichao.gao@intel.com>
> > Sent: 2020年3月27日 9:56
> > To: devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: [PATCH 0/8] CryptoPkg: Retire the deprecate function
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> >
> > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > They are all deprecated. Edk2 would not support them any longer.
> > So remove them.
> > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> > default value to false to indicate they are deprecated.
> >
> > NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> > the md5 pcd to TURE when iSCSI is enabled.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> >
> > Zhichao Gao (8):
> >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> >
> >  CryptoPkg/CryptoPkg.dec                       |  11 +
> >  CryptoPkg/CryptoPkg.uni                       |  11 +
> >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> >  37 files changed, 145 insertions(+), 4221 deletions(-)
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> >  delete mode 100644
> CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> >
> > --
> > 2.21.0.windows.1
> 
> 
> 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  2:57   ` [edk2-devel] " Yao, Jiewen
@ 2020-03-27  3:06     ` Siyuan, Fu
  2020-03-27  4:59       ` Yao, Jiewen
  0 siblings, 1 reply; 38+ messages in thread
From: Siyuan, Fu @ 2020-03-27  3:06 UTC (permalink / raw)
  To: Yao, Jiewen, devel@edk2.groups.io, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Hi, Jiewen

Although the protocol is private, a corresponding BaseCryptoLib instance is
not private, like PeiCryptLib.inf, RuntimeCryptLib, etc. These library instances
will be static linked to the consumer driver, for example an iSCSI network driver.
So actually it's not a "private" change inside CryptoPkg.

The goal to provide a driver version of crypto service is to support modulization
FW update, which means the crypto driver may NOT be updated together with
its consumer. A platform may choose to update the crypto service driver to a
new version with this patch, then all the BaseCryptoLib consumers will be messed.

Best Regards
Siyuan 

> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: 2020年3月27日 10:58
> To: devel@edk2.groups.io; Fu, Siyuan <siyuan.fu@intel.com>; Gao, Zhichao
> <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> EDKII_CRYPTO_PROTOCOL is *private*.
> https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol/C
> rypto.h
> 
> Why we cannot change?
> 
> 
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Siyuan, Fu
> > Sent: Friday, March 27, 2020 10:47 AM
> > To: Gao, Zhichao <zhichao.gao@intel.com>; devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> >
> > Hi, Zhichao
> >
> > We should never move/delete a member field of a previous defined protocol
> > Interface. Instead, these protocol APIs shall be kept and return an error code
> > If the function is retired. Otherwise the consumer driver may call into an
> > Incorrect function if it's build with different codebase/PCD settings with the
> > Crypto PEI/DXE/SMM driver.
> > This comment applies to all the EDKII_CRYPTO_PROTOCOL related changes in
> > your patch set.
> >
> > Best Regards
> > Siyuan
> >
> > > -----Original Message-----
> > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > Sent: 2020年3月27日 9:56
> > > To: devel@edk2.groups.io
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > Subject: [PATCH 0/8] CryptoPkg: Retire the deprecate function
> > >
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > >
> > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > > They are all deprecated. Edk2 would not support them any longer.
> > > So remove them.
> > > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > > So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> > > default value to false to indicate they are deprecated.
> > >
> > > NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> > > the md5 pcd to TURE when iSCSI is enabled.
> > >
> > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > >
> > > Zhichao Gao (8):
> > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> > >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> > >
> > >  CryptoPkg/CryptoPkg.dec                       |  11 +
> > >  CryptoPkg/CryptoPkg.uni                       |  11 +
> > >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> > >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> > >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> > >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> > >  37 files changed, 145 insertions(+), 4221 deletions(-)
> > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > >
> > > --
> > > 2.21.0.windows.1
> >
> >
> > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  3:06     ` Siyuan, Fu
@ 2020-03-27  4:59       ` Yao, Jiewen
  2020-03-27  5:43         ` Siyuan, Fu
  2020-03-27 16:38         ` Michael D Kinney
  0 siblings, 2 replies; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-27  4:59 UTC (permalink / raw)
  To: Fu, Siyuan, devel@edk2.groups.io, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Thanks Siyun.
I think probably we need discuss this more.

1) About private v.s. public.

The benefit for private include is to isolate external interface and internal interface.
A package can keep updating its private interface without impact any other packages.
However, in this case, a private interface update will bring binary compatibility issue with other package.
I am not sure it is acceptable or not.

Mike
Do you have any comment? Is that the design goal of private interface - just keep source code compatibility, but not binary compatiblity?

2) About the protocol itself.

One concern I have is that we *hardcode* the algorithm in protocol.

We keeps adding new algorithm and removing old one. That means this protocol interface is unstable.

Today, we have defined SHA2 set, and deprecating SHA1 and older one. Tomorrow we may need add SHA3 set.
Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
Some other new set of algorithms might be added later, such as AEAD, GMAC.

For a protocol definition, I think we need *abstract the action*, but not *algorithm*.
One good example is the UEFI HASH2 Protocol.
https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Protocol/Hash2.h
It just tells you do the hash. You may add new algorithm GUID.

Another good example is inside of openssl. Now it is using EVP style cipher algo.
For example, https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptInit_ex.html
https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX_ctrl.html
The cipher itself is input as parameter.

The benefit is that, if we want to deprecate an algorithm, the interface can be unchanged.
Just the internal implementation can be changed.
The current PCD mechanism can still be applied to internal implementation.

Can we get a chance to revisit/redesign the protocol API, when we move to public include?

Thank you
Yao Jiewen

> -----Original Message-----
> From: Fu, Siyuan <siyuan.fu@intel.com>
> Sent: Friday, March 27, 2020 11:07 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Hi, Jiewen
> 
> Although the protocol is private, a corresponding BaseCryptoLib instance is
> not private, like PeiCryptLib.inf, RuntimeCryptLib, etc. These library instances
> will be static linked to the consumer driver, for example an iSCSI network driver.
> So actually it's not a "private" change inside CryptoPkg.
> 
> The goal to provide a driver version of crypto service is to support modulization
> FW update, which means the crypto driver may NOT be updated together with
> its consumer. A platform may choose to update the crypto service driver to a
> new version with this patch, then all the BaseCryptoLib consumers will be
> messed.
> 
> Best Regards
> Siyuan
> 
> > -----Original Message-----
> > From: Yao, Jiewen <jiewen.yao@intel.com>
> > Sent: 2020年3月27日 10:58
> > To: devel@edk2.groups.io; Fu, Siyuan <siyuan.fu@intel.com>; Gao, Zhichao
> > <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> >
> > EDKII_CRYPTO_PROTOCOL is *private*.
> >
> https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol/C
> > rypto.h
> >
> > Why we cannot change?
> >
> >
> >
> > > -----Original Message-----
> > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Siyuan,
> Fu
> > > Sent: Friday, March 27, 2020 10:47 AM
> > > To: Gao, Zhichao <zhichao.gao@intel.com>; devel@edk2.groups.io
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> > >
> > > Hi, Zhichao
> > >
> > > We should never move/delete a member field of a previous defined protocol
> > > Interface. Instead, these protocol APIs shall be kept and return an error code
> > > If the function is retired. Otherwise the consumer driver may call into an
> > > Incorrect function if it's build with different codebase/PCD settings with the
> > > Crypto PEI/DXE/SMM driver.
> > > This comment applies to all the EDKII_CRYPTO_PROTOCOL related changes
> in
> > > your patch set.
> > >
> > > Best Regards
> > > Siyuan
> > >
> > > > -----Original Message-----
> > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > Sent: 2020年3月27日 9:56
> > > > To: devel@edk2.groups.io
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > > Subject: [PATCH 0/8] CryptoPkg: Retire the deprecate function
> > > >
> > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > >
> > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > > > They are all deprecated. Edk2 would not support them any longer.
> > > > So remove them.
> > > > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > > > So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> > > > default value to false to indicate they are deprecated.
> > > >
> > > > NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> > > > the md5 pcd to TURE when iSCSI is enabled.
> > > >
> > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > > >
> > > > Zhichao Gao (8):
> > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > > >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> > > >
> > > >  CryptoPkg/CryptoPkg.dec                       |  11 +
> > > >  CryptoPkg/CryptoPkg.uni                       |  11 +
> > > >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> > > >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> > > >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> > > >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> > > >  37 files changed, 145 insertions(+), 4221 deletions(-)
> > > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > >
> > > > --
> > > > 2.21.0.windows.1
> > >
> > >
> > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  4:59       ` Yao, Jiewen
@ 2020-03-27  5:43         ` Siyuan, Fu
  2020-03-27  5:50           ` Yao, Jiewen
  2020-03-27 16:38         ` Michael D Kinney
  1 sibling, 1 reply; 38+ messages in thread
From: Siyuan, Fu @ 2020-03-27  5:43 UTC (permalink / raw)
  To: Yao, Jiewen, devel@edk2.groups.io, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Jiewen,

I agree "abstract action not algorithm" is a good design principle, but I'm not sure
If there is any plan to move this protocol to the public include so far. 
For this patch set, my feeling is it should at least do not modify the existing
protocol definition, so the modulization update capability won't be broken.
I'm also welcome to see if the protocol can be enhanced as you mentioned below. 

Best Regards
Siyuan 

> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: 2020年3月27日 12:59
> To: Fu, Siyuan <siyuan.fu@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Thanks Siyun.
> I think probably we need discuss this more.
> 
> 1) About private v.s. public.
> 
> The benefit for private include is to isolate external interface and internal
> interface.
> A package can keep updating its private interface without impact any other
> packages.
> However, in this case, a private interface update will bring binary compatibility
> issue with other package.
> I am not sure it is acceptable or not.
> 
> Mike
> Do you have any comment? Is that the design goal of private interface - just
> keep source code compatibility, but not binary compatiblity?
> 
> 2) About the protocol itself.
> 
> One concern I have is that we *hardcode* the algorithm in protocol.
> 
> We keeps adding new algorithm and removing old one. That means this protocol
> interface is unstable.
> 
> Today, we have defined SHA2 set, and deprecating SHA1 and older one.
> Tomorrow we may need add SHA3 set.
> Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
> Some other new set of algorithms might be added later, such as AEAD, GMAC.
> 
> For a protocol definition, I think we need *abstract the action*, but not
> *algorithm*.
> One good example is the UEFI HASH2 Protocol.
> https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Protocol/Has
> h2.h
> It just tells you do the hash. You may add new algorithm GUID.
> 
> Another good example is inside of openssl. Now it is using EVP style cipher algo.
> For example,
> https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptInit_ex.html
> https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX_ctrl.html
> The cipher itself is input as parameter.
> 
> The benefit is that, if we want to deprecate an algorithm, the interface can be
> unchanged.
> Just the internal implementation can be changed.
> The current PCD mechanism can still be applied to internal implementation.
> 
> Can we get a chance to revisit/redesign the protocol API, when we move to
> public include?
> 
> Thank you
> Yao Jiewen
> 
> > -----Original Message-----
> > From: Fu, Siyuan <siyuan.fu@intel.com>
> > Sent: Friday, March 27, 2020 11:07 AM
> > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao,
> Zhichao
> > <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> >
> > Hi, Jiewen
> >
> > Although the protocol is private, a corresponding BaseCryptoLib instance is
> > not private, like PeiCryptLib.inf, RuntimeCryptLib, etc. These library instances
> > will be static linked to the consumer driver, for example an iSCSI network
> driver.
> > So actually it's not a "private" change inside CryptoPkg.
> >
> > The goal to provide a driver version of crypto service is to support
> modulization
> > FW update, which means the crypto driver may NOT be updated together with
> > its consumer. A platform may choose to update the crypto service driver to a
> > new version with this patch, then all the BaseCryptoLib consumers will be
> > messed.
> >
> > Best Regards
> > Siyuan
> >
> > > -----Original Message-----
> > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > Sent: 2020年3月27日 10:58
> > > To: devel@edk2.groups.io; Fu, Siyuan <siyuan.fu@intel.com>; Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> > >
> > > EDKII_CRYPTO_PROTOCOL is *private*.
> > >
> >
> https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol/C
> > > rypto.h
> > >
> > > Why we cannot change?
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Siyuan,
> > Fu
> > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > To: Gao, Zhichao <zhichao.gao@intel.com>; devel@edk2.groups.io
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > function
> > > >
> > > > Hi, Zhichao
> > > >
> > > > We should never move/delete a member field of a previous defined
> protocol
> > > > Interface. Instead, these protocol APIs shall be kept and return an error
> code
> > > > If the function is retired. Otherwise the consumer driver may call into an
> > > > Incorrect function if it's build with different codebase/PCD settings with
> the
> > > > Crypto PEI/DXE/SMM driver.
> > > > This comment applies to all the EDKII_CRYPTO_PROTOCOL related changes
> > in
> > > > your patch set.
> > > >
> > > > Best Regards
> > > > Siyuan
> > > >
> > > > > -----Original Message-----
> > > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > > Sent: 2020年3月27日 9:56
> > > > > To: devel@edk2.groups.io
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > > > Subject: [PATCH 0/8] CryptoPkg: Retire the deprecate function
> > > > >
> > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > >
> > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > > > > They are all deprecated. Edk2 would not support them any longer.
> > > > > So remove them.
> > > > > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > > > > So add two pcds to control the MD5 and SHA1 enablement. Set the pcds
> > > > > default value to false to indicate they are deprecated.
> > > > >
> > > > > NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> > > > > the md5 pcd to TURE when iSCSI is enabled.
> > > > >
> > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > > > >
> > > > > Zhichao Gao (8):
> > > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > > >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > > > >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> > > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > > >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> > > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> > > > >
> > > > >  CryptoPkg/CryptoPkg.dec                       |  11 +
> > > > >  CryptoPkg/CryptoPkg.uni                       |  11 +
> > > > >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> > > > >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> > > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> > > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> > > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> > > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> > > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> > > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> > > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> > > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> > > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> > > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> > > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> > > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> > > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> > > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> > > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> > > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> > > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> > > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> > > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> > > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> > > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> > > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> > > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> > > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> > > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> > > > >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> > > > >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> > > > >  37 files changed, 145 insertions(+), 4221 deletions(-)
> > > > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > >
> > > > > --
> > > > > 2.21.0.windows.1
> > > >
> > > >
> > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  5:43         ` Siyuan, Fu
@ 2020-03-27  5:50           ` Yao, Jiewen
  2020-03-27  6:03             ` Siyuan, Fu
  0 siblings, 1 reply; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-27  5:50 UTC (permalink / raw)
  To: Fu, Siyuan, devel@edk2.groups.io, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Siyuan
If you are just talking *private interface*, it is OK.

My concern is raised, when you say: we cannot change a private protocol.
That means, we have to keep the ugly interface forever. :-(

I am feeling there is some wrong fundamentally.
My believe is:
	If it is private, we can change.
	If we cannot change, it is not private.

Thank you
Yao Jiewen

> -----Original Message-----
> From: Fu, Siyuan <siyuan.fu@intel.com>
> Sent: Friday, March 27, 2020 1:43 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Jiewen,
> 
> I agree "abstract action not algorithm" is a good design principle, but I'm not
> sure
> If there is any plan to move this protocol to the public include so far.
> For this patch set, my feeling is it should at least do not modify the existing
> protocol definition, so the modulization update capability won't be broken.
> I'm also welcome to see if the protocol can be enhanced as you mentioned
> below.
> 
> Best Regards
> Siyuan
> 
> > -----Original Message-----
> > From: Yao, Jiewen <jiewen.yao@intel.com>
> > Sent: 2020年3月27日 12:59
> > To: Fu, Siyuan <siyuan.fu@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> > <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> >
> > Thanks Siyun.
> > I think probably we need discuss this more.
> >
> > 1) About private v.s. public.
> >
> > The benefit for private include is to isolate external interface and internal
> > interface.
> > A package can keep updating its private interface without impact any other
> > packages.
> > However, in this case, a private interface update will bring binary compatibility
> > issue with other package.
> > I am not sure it is acceptable or not.
> >
> > Mike
> > Do you have any comment? Is that the design goal of private interface - just
> > keep source code compatibility, but not binary compatiblity?
> >
> > 2) About the protocol itself.
> >
> > One concern I have is that we *hardcode* the algorithm in protocol.
> >
> > We keeps adding new algorithm and removing old one. That means this
> protocol
> > interface is unstable.
> >
> > Today, we have defined SHA2 set, and deprecating SHA1 and older one.
> > Tomorrow we may need add SHA3 set.
> > Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
> > Some other new set of algorithms might be added later, such as AEAD, GMAC.
> >
> > For a protocol definition, I think we need *abstract the action*, but not
> > *algorithm*.
> > One good example is the UEFI HASH2 Protocol.
> >
> https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Protocol/Has
> > h2.h
> > It just tells you do the hash. You may add new algorithm GUID.
> >
> > Another good example is inside of openssl. Now it is using EVP style cipher
> algo.
> > For example,
> > https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptInit_ex.html
> > https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX_ctrl.html
> > The cipher itself is input as parameter.
> >
> > The benefit is that, if we want to deprecate an algorithm, the interface can be
> > unchanged.
> > Just the internal implementation can be changed.
> > The current PCD mechanism can still be applied to internal implementation.
> >
> > Can we get a chance to revisit/redesign the protocol API, when we move to
> > public include?
> >
> > Thank you
> > Yao Jiewen
> >
> > > -----Original Message-----
> > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > Sent: Friday, March 27, 2020 11:07 AM
> > > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao,
> > Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> > >
> > > Hi, Jiewen
> > >
> > > Although the protocol is private, a corresponding BaseCryptoLib instance is
> > > not private, like PeiCryptLib.inf, RuntimeCryptLib, etc. These library instances
> > > will be static linked to the consumer driver, for example an iSCSI network
> > driver.
> > > So actually it's not a "private" change inside CryptoPkg.
> > >
> > > The goal to provide a driver version of crypto service is to support
> > modulization
> > > FW update, which means the crypto driver may NOT be updated together
> with
> > > its consumer. A platform may choose to update the crypto service driver to a
> > > new version with this patch, then all the BaseCryptoLib consumers will be
> > > messed.
> > >
> > > Best Regards
> > > Siyuan
> > >
> > > > -----Original Message-----
> > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > Sent: 2020年3月27日 10:58
> > > > To: devel@edk2.groups.io; Fu, Siyuan <siyuan.fu@intel.com>; Gao,
> Zhichao
> > > > <zhichao.gao@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > function
> > > >
> > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > >
> > >
> >
> https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol/C
> > > > rypto.h
> > > >
> > > > Why we cannot change?
> > > >
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
> Siyuan,
> > > Fu
> > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > To: Gao, Zhichao <zhichao.gao@intel.com>; devel@edk2.groups.io
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > <jiaxin.wu@intel.com>
> > > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > > function
> > > > >
> > > > > Hi, Zhichao
> > > > >
> > > > > We should never move/delete a member field of a previous defined
> > protocol
> > > > > Interface. Instead, these protocol APIs shall be kept and return an error
> > code
> > > > > If the function is retired. Otherwise the consumer driver may call into an
> > > > > Incorrect function if it's build with different codebase/PCD settings with
> > the
> > > > > Crypto PEI/DXE/SMM driver.
> > > > > This comment applies to all the EDKII_CRYPTO_PROTOCOL related
> changes
> > > in
> > > > > your patch set.
> > > > >
> > > > > Best Regards
> > > > > Siyuan
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > > > Sent: 2020年3月27日 9:56
> > > > > > To: devel@edk2.groups.io
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > <xiaoyux.lu@intel.com>;
> > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire the deprecate function
> > > > > >
> > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > >
> > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any longer.
> > > > > > They are all deprecated. Edk2 would not support them any longer.
> > > > > > So remove them.
> > > > > > But uefi spec want to keep MD5 and SHA1 for backwards compatibility.
> > > > > > So add two pcds to control the MD5 and SHA1 enablement. Set the
> pcds
> > > > > > default value to false to indicate they are deprecated.
> > > > > >
> > > > > > NetWorkPkg's iSCSI driver would consume the MD5 function, so change
> > > > > > the md5 pcd to TURE when iSCSI is enabled.
> > > > > >
> > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > > > > >
> > > > > > Zhichao Gao (8):
> > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > > > >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > > > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > > > > >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > > > >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> > > > > >
> > > > > >  CryptoPkg/CryptoPkg.dec                       |  11 +
> > > > > >  CryptoPkg/CryptoPkg.uni                       |  11 +
> > > > > >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> > > > > >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> > > > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> > > > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> > > > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> > > > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> > > > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> > > > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> > > > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> > > > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> > > > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> > > > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> > > > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> > > > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> > > > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> > > > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> > > > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> > > > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> > > > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> > > > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> > > > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> > > > > >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> > > > > >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> > > > > >  37 files changed, 145 insertions(+), 4221 deletions(-)
> > > > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > >  delete mode 100644
> > > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > >  delete mode 100644
> > > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > >
> > > > > > --
> > > > > > 2.21.0.windows.1
> > > > >
> > > > >
> > > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  5:50           ` Yao, Jiewen
@ 2020-03-27  6:03             ` Siyuan, Fu
  2020-03-27  6:15               ` Yao, Jiewen
  0 siblings, 1 reply; 38+ messages in thread
From: Siyuan, Fu @ 2020-03-27  6:03 UTC (permalink / raw)
  To: Yao, Jiewen, devel@edk2.groups.io, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Jiewen,

In my opinion it's NOT a provide protocol, although it's placed in the private
include folder.

The intention of this protocol, the crypto DXE driver who produces it, and the
set of PEI/Runtime/SMM BaseCryptoLib instances who consume it, is to
support the modulization update of crypto service code. The library instance
will be static linked to other consumers out of CryptoPkg, thus a change of
the protocol interface will require the library to be updated simultaneously,
which breaks the original intention - modulization update - of this protocol.

I'm not saying we can't change a protocol definition, but we need to be clear
about the impact. It's not described in the patch and I think the author may
also not aware of that. If it's well described and everyone is OK with that, the
protocol can be changed, even a public one.

Best Regards
Siyuan 

> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: 2020年3月27日 13:51
> To: Fu, Siyuan <siyuan.fu@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Siyuan
> If you are just talking *private interface*, it is OK.
> 
> My concern is raised, when you say: we cannot change a private protocol.
> That means, we have to keep the ugly interface forever. :-(
> 
> I am feeling there is some wrong fundamentally.
> My believe is:
> 	If it is private, we can change.
> 	If we cannot change, it is not private.
> 
> Thank you
> Yao Jiewen
> 
> > -----Original Message-----
> > From: Fu, Siyuan <siyuan.fu@intel.com>
> > Sent: Friday, March 27, 2020 1:43 PM
> > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao,
> Zhichao
> > <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> >
> > Jiewen,
> >
> > I agree "abstract action not algorithm" is a good design principle, but I'm not
> > sure
> > If there is any plan to move this protocol to the public include so far.
> > For this patch set, my feeling is it should at least do not modify the existing
> > protocol definition, so the modulization update capability won't be broken.
> > I'm also welcome to see if the protocol can be enhanced as you mentioned
> > below.
> >
> > Best Regards
> > Siyuan
> >
> > > -----Original Message-----
> > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > Sent: 2020年3月27日 12:59
> > > To: Fu, Siyuan <siyuan.fu@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> > >
> > > Thanks Siyun.
> > > I think probably we need discuss this more.
> > >
> > > 1) About private v.s. public.
> > >
> > > The benefit for private include is to isolate external interface and internal
> > > interface.
> > > A package can keep updating its private interface without impact any other
> > > packages.
> > > However, in this case, a private interface update will bring binary
> compatibility
> > > issue with other package.
> > > I am not sure it is acceptable or not.
> > >
> > > Mike
> > > Do you have any comment? Is that the design goal of private interface - just
> > > keep source code compatibility, but not binary compatiblity?
> > >
> > > 2) About the protocol itself.
> > >
> > > One concern I have is that we *hardcode* the algorithm in protocol.
> > >
> > > We keeps adding new algorithm and removing old one. That means this
> > protocol
> > > interface is unstable.
> > >
> > > Today, we have defined SHA2 set, and deprecating SHA1 and older one.
> > > Tomorrow we may need add SHA3 set.
> > > Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
> > > Some other new set of algorithms might be added later, such as AEAD,
> GMAC.
> > >
> > > For a protocol definition, I think we need *abstract the action*, but not
> > > *algorithm*.
> > > One good example is the UEFI HASH2 Protocol.
> > >
> >
> https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Protocol/Has
> > > h2.h
> > > It just tells you do the hash. You may add new algorithm GUID.
> > >
> > > Another good example is inside of openssl. Now it is using EVP style cipher
> > algo.
> > > For example,
> > > https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptInit_ex.html
> > > https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX_ctrl.html
> > > The cipher itself is input as parameter.
> > >
> > > The benefit is that, if we want to deprecate an algorithm, the interface can
> be
> > > unchanged.
> > > Just the internal implementation can be changed.
> > > The current PCD mechanism can still be applied to internal implementation.
> > >
> > > Can we get a chance to revisit/redesign the protocol API, when we move to
> > > public include?
> > >
> > > Thank you
> > > Yao Jiewen
> > >
> > > > -----Original Message-----
> > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > Sent: Friday, March 27, 2020 11:07 AM
> > > > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao,
> > > Zhichao
> > > > <zhichao.gao@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > function
> > > >
> > > > Hi, Jiewen
> > > >
> > > > Although the protocol is private, a corresponding BaseCryptoLib instance is
> > > > not private, like PeiCryptLib.inf, RuntimeCryptLib, etc. These library
> instances
> > > > will be static linked to the consumer driver, for example an iSCSI network
> > > driver.
> > > > So actually it's not a "private" change inside CryptoPkg.
> > > >
> > > > The goal to provide a driver version of crypto service is to support
> > > modulization
> > > > FW update, which means the crypto driver may NOT be updated together
> > with
> > > > its consumer. A platform may choose to update the crypto service driver to
> a
> > > > new version with this patch, then all the BaseCryptoLib consumers will be
> > > > messed.
> > > >
> > > > Best Regards
> > > > Siyuan
> > > >
> > > > > -----Original Message-----
> > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > Sent: 2020年3月27日 10:58
> > > > > To: devel@edk2.groups.io; Fu, Siyuan <siyuan.fu@intel.com>; Gao,
> > Zhichao
> > > > > <zhichao.gao@intel.com>
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > <jiaxin.wu@intel.com>
> > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > > function
> > > > >
> > > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > > >
> > > >
> > >
> >
> https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol/C
> > > > > rypto.h
> > > > >
> > > > > Why we cannot change?
> > > > >
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
> > Siyuan,
> > > > Fu
> > > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > > To: Gao, Zhichao <zhichao.gao@intel.com>; devel@edk2.groups.io
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > <xiaoyux.lu@intel.com>;
> > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > > <jiaxin.wu@intel.com>
> > > > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > > > function
> > > > > >
> > > > > > Hi, Zhichao
> > > > > >
> > > > > > We should never move/delete a member field of a previous defined
> > > protocol
> > > > > > Interface. Instead, these protocol APIs shall be kept and return an error
> > > code
> > > > > > If the function is retired. Otherwise the consumer driver may call into
> an
> > > > > > Incorrect function if it's build with different codebase/PCD settings with
> > > the
> > > > > > Crypto PEI/DXE/SMM driver.
> > > > > > This comment applies to all the EDKII_CRYPTO_PROTOCOL related
> > changes
> > > > in
> > > > > > your patch set.
> > > > > >
> > > > > > Best Regards
> > > > > > Siyuan
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > > > > Sent: 2020年3月27日 9:56
> > > > > > > To: devel@edk2.groups.io
> > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire the deprecate function
> > > > > > >
> > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > > >
> > > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any
> longer.
> > > > > > > They are all deprecated. Edk2 would not support them any longer.
> > > > > > > So remove them.
> > > > > > > But uefi spec want to keep MD5 and SHA1 for backwards
> compatibility.
> > > > > > > So add two pcds to control the MD5 and SHA1 enablement. Set the
> > pcds
> > > > > > > default value to false to indicate they are deprecated.
> > > > > > >
> > > > > > > NetWorkPkg's iSCSI driver would consume the MD5 function, so
> change
> > > > > > > the md5 pcd to TURE when iSCSI is enabled.
> > > > > > >
> > > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > > > > > >
> > > > > > > Zhichao Gao (8):
> > > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > > > > >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > > > > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > > > > > >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> > > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > > > > >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> > > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> > > > > > >
> > > > > > >  CryptoPkg/CryptoPkg.dec                       |  11 +
> > > > > > >  CryptoPkg/CryptoPkg.uni                       |  11 +
> > > > > > >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> > > > > > >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> > > > > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> > > > > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> > > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> > > > > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> > > > > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> > > > > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> > > > > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> > > > > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> > > > > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> > > > > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> > > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> > > > > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> > > > > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> > > > > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> > > > > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> > > > > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> > > > > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> > > > > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> > > > > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> > > > > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> > > > > > >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> > > > > > >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> > > > > > >  37 files changed, 145 insertions(+), 4221 deletions(-)
> > > > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > > >  delete mode 100644
> > > > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > > >  delete mode 100644
> > > > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > > >  delete mode 100644
> > > > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > > >
> > > > > > > --
> > > > > > > 2.21.0.windows.1
> > > > > >
> > > > > >
> > > > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  6:03             ` Siyuan, Fu
@ 2020-03-27  6:15               ` Yao, Jiewen
  2020-03-27  9:19                 ` Ni, Ray
  0 siblings, 1 reply; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-27  6:15 UTC (permalink / raw)
  To: Fu, Siyuan, devel@edk2.groups.io, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Library is static interface. Protocol is dynamic interface. That is key difference.

My understanding for a *private protocol* is that: one module in the package to produce. The other module in the same packet to consume. Both are at runtime. That brings zero impact to other module.
It is not the case here. I hope we can clearly document what private protocol mean.
I feel it is a public one now, instead of private, because it brings runtime impact - even worse than build time impact.

A developer can fix the build time break easily, but runtime break requires more debugging effort.

Here is my thought:
1) We need update this protocol to remove the deprecated algorithm. I do not see the value to keep them.
2) We need clarify the position of this protocol. What we should do, if we need add a new algo and deprecate an old one.
3) If required, we need redesign this protocol. I have strong feeling on that.



> -----Original Message-----
> From: Fu, Siyuan <siyuan.fu@intel.com>
> Sent: Friday, March 27, 2020 2:04 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Jiewen,
> 
> In my opinion it's NOT a provide protocol, although it's placed in the private
> include folder.
> 
> The intention of this protocol, the crypto DXE driver who produces it, and the
> set of PEI/Runtime/SMM BaseCryptoLib instances who consume it, is to
> support the modulization update of crypto service code. The library instance
> will be static linked to other consumers out of CryptoPkg, thus a change of
> the protocol interface will require the library to be updated simultaneously,
> which breaks the original intention - modulization update - of this protocol.
> 
> I'm not saying we can't change a protocol definition, but we need to be clear
> about the impact. It's not described in the patch and I think the author may
> also not aware of that. If it's well described and everyone is OK with that, the
> protocol can be changed, even a public one.
> 
> Best Regards
> Siyuan
> 
> > -----Original Message-----
> > From: Yao, Jiewen <jiewen.yao@intel.com>
> > Sent: 2020年3月27日 13:51
> > To: Fu, Siyuan <siyuan.fu@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> > <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> >
> > Siyuan
> > If you are just talking *private interface*, it is OK.
> >
> > My concern is raised, when you say: we cannot change a private protocol.
> > That means, we have to keep the ugly interface forever. :-(
> >
> > I am feeling there is some wrong fundamentally.
> > My believe is:
> > 	If it is private, we can change.
> > 	If we cannot change, it is not private.
> >
> > Thank you
> > Yao Jiewen
> >
> > > -----Original Message-----
> > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > Sent: Friday, March 27, 2020 1:43 PM
> > > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao,
> > Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> > >
> > > Jiewen,
> > >
> > > I agree "abstract action not algorithm" is a good design principle, but I'm not
> > > sure
> > > If there is any plan to move this protocol to the public include so far.
> > > For this patch set, my feeling is it should at least do not modify the existing
> > > protocol definition, so the modulization update capability won't be broken.
> > > I'm also welcome to see if the protocol can be enhanced as you mentioned
> > > below.
> > >
> > > Best Regards
> > > Siyuan
> > >
> > > > -----Original Message-----
> > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > Sent: 2020年3月27日 12:59
> > > > To: Fu, Siyuan <siyuan.fu@intel.com>; devel@edk2.groups.io; Gao,
> Zhichao
> > > > <zhichao.gao@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > function
> > > >
> > > > Thanks Siyun.
> > > > I think probably we need discuss this more.
> > > >
> > > > 1) About private v.s. public.
> > > >
> > > > The benefit for private include is to isolate external interface and internal
> > > > interface.
> > > > A package can keep updating its private interface without impact any other
> > > > packages.
> > > > However, in this case, a private interface update will bring binary
> > compatibility
> > > > issue with other package.
> > > > I am not sure it is acceptable or not.
> > > >
> > > > Mike
> > > > Do you have any comment? Is that the design goal of private interface -
> just
> > > > keep source code compatibility, but not binary compatiblity?
> > > >
> > > > 2) About the protocol itself.
> > > >
> > > > One concern I have is that we *hardcode* the algorithm in protocol.
> > > >
> > > > We keeps adding new algorithm and removing old one. That means this
> > > protocol
> > > > interface is unstable.
> > > >
> > > > Today, we have defined SHA2 set, and deprecating SHA1 and older one.
> > > > Tomorrow we may need add SHA3 set.
> > > > Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
> > > > Some other new set of algorithms might be added later, such as AEAD,
> > GMAC.
> > > >
> > > > For a protocol definition, I think we need *abstract the action*, but not
> > > > *algorithm*.
> > > > One good example is the UEFI HASH2 Protocol.
> > > >
> > >
> >
> https://github.com/tianocore/edk2/blob/master/MdePkg/Include/Protocol/Has
> > > > h2.h
> > > > It just tells you do the hash. You may add new algorithm GUID.
> > > >
> > > > Another good example is inside of openssl. Now it is using EVP style cipher
> > > algo.
> > > > For example,
> > > > https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptInit_ex.html
> > > >
> https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX_ctrl.html
> > > > The cipher itself is input as parameter.
> > > >
> > > > The benefit is that, if we want to deprecate an algorithm, the interface can
> > be
> > > > unchanged.
> > > > Just the internal implementation can be changed.
> > > > The current PCD mechanism can still be applied to internal implementation.
> > > >
> > > > Can we get a chance to revisit/redesign the protocol API, when we move
> to
> > > > public include?
> > > >
> > > > Thank you
> > > > Yao Jiewen
> > > >
> > > > > -----Original Message-----
> > > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > > Sent: Friday, March 27, 2020 11:07 AM
> > > > > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao,
> > > > Zhichao
> > > > > <zhichao.gao@intel.com>
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > <jiaxin.wu@intel.com>
> > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > > function
> > > > >
> > > > > Hi, Jiewen
> > > > >
> > > > > Although the protocol is private, a corresponding BaseCryptoLib instance
> is
> > > > > not private, like PeiCryptLib.inf, RuntimeCryptLib, etc. These library
> > instances
> > > > > will be static linked to the consumer driver, for example an iSCSI network
> > > > driver.
> > > > > So actually it's not a "private" change inside CryptoPkg.
> > > > >
> > > > > The goal to provide a driver version of crypto service is to support
> > > > modulization
> > > > > FW update, which means the crypto driver may NOT be updated together
> > > with
> > > > > its consumer. A platform may choose to update the crypto service driver
> to
> > a
> > > > > new version with this patch, then all the BaseCryptoLib consumers will be
> > > > > messed.
> > > > >
> > > > > Best Regards
> > > > > Siyuan
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > > Sent: 2020年3月27日 10:58
> > > > > > To: devel@edk2.groups.io; Fu, Siyuan <siyuan.fu@intel.com>; Gao,
> > > Zhichao
> > > > > > <zhichao.gao@intel.com>
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > <xiaoyux.lu@intel.com>;
> > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > > <jiaxin.wu@intel.com>
> > > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > > > function
> > > > > >
> > > > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > > > >
> > > > >
> > > >
> > >
> >
> https://github.com/tianocore/edk2/blob/master/CryptoPkg/Private/Protocol/C
> > > > > > rypto.h
> > > > > >
> > > > > > Why we cannot change?
> > > > > >
> > > > > >
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
> > > Siyuan,
> > > > > Fu
> > > > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > > > To: Gao, Zhichao <zhichao.gao@intel.com>; devel@edk2.groups.io
> > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > > > <jiaxin.wu@intel.com>
> > > > > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the
> deprecate
> > > > > > function
> > > > > > >
> > > > > > > Hi, Zhichao
> > > > > > >
> > > > > > > We should never move/delete a member field of a previous defined
> > > > protocol
> > > > > > > Interface. Instead, these protocol APIs shall be kept and return an
> error
> > > > code
> > > > > > > If the function is retired. Otherwise the consumer driver may call into
> > an
> > > > > > > Incorrect function if it's build with different codebase/PCD settings
> with
> > > > the
> > > > > > > Crypto PEI/DXE/SMM driver.
> > > > > > > This comment applies to all the EDKII_CRYPTO_PROTOCOL related
> > > changes
> > > > > in
> > > > > > > your patch set.
> > > > > > >
> > > > > > > Best Regards
> > > > > > > Siyuan
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > > > > > Sent: 2020年3月27日 9:56
> > > > > > > > To: devel@edk2.groups.io
> > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire the deprecate function
> > > > > > > >
> > > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > > > >
> > > > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not secure any
> > longer.
> > > > > > > > They are all deprecated. Edk2 would not support them any longer.
> > > > > > > > So remove them.
> > > > > > > > But uefi spec want to keep MD5 and SHA1 for backwards
> > compatibility.
> > > > > > > > So add two pcds to control the MD5 and SHA1 enablement. Set the
> > > pcds
> > > > > > > > default value to false to indicate they are deprecated.
> > > > > > > >
> > > > > > > > NetWorkPkg's iSCSI driver would consume the MD5 function, so
> > change
> > > > > > > > the md5 pcd to TURE when iSCSI is enabled.
> > > > > > > >
> > > > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > > > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > > > > > > >
> > > > > > > > Zhichao Gao (8):
> > > > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > > > > > >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > > > > > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > > > > > > >   CryptoPkg/dec: Add pcds to avoid building the deprecated function
> > > > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > > > > > >   Crypto/BaseCryptLib: Using pcd to control MD5 enablement
> > > > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
> > > > > > > >
> > > > > > > >  CryptoPkg/CryptoPkg.dec                       |  11 +
> > > > > > > >  CryptoPkg/CryptoPkg.uni                       |  11 +
> > > > > > > >  CryptoPkg/Driver/Crypto.c                     | 634 +-----------------
> > > > > > > >  CryptoPkg/Include/Library/BaseCryptLib.h      | 548 ---------------
> > > > > > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   9 +-
> > > > > > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 ----
> > > > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> > > > > > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 ------
> > > > > > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 ----
> > > > > > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 ----------
> > > > > > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 -----
> > > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 ------
> > > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ----
> > > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |   5 +-
> > > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |   3 +
> > > > > > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |   3 +
> > > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |   3 +
> > > > > > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |   3 +
> > > > > > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  13 +-
> > > > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |   3 +
> > > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |   5 +
> > > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |   5 +
> > > > > > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  13 +-
> > > > > > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  13 +-
> > > > > > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   3 -
> > > > > > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  54 +-
> > > > > > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 ----
> > > > > > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 -----
> > > > > > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ----
> > > > > > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |   3 +
> > > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |   3 +
> > > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |   4 +-
> > > > > > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      | 604 +----------------
> > > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |  12 +
> > > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |   1 +
> > > > > > > >  CryptoPkg/Private/Protocol/Crypto.h           | 583 +---------------
> > > > > > > >  NetworkPkg/NetworkPcds.dsc.inc                |   5 +-
> > > > > > > >  37 files changed, 145 insertions(+), 4221 deletions(-)
> > > > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > > > >  delete mode 100644
> > > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > > > >  delete mode 100644
> > > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > > > >  delete mode 100644
> > > > > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > > > >  delete mode 100644
> > > > > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > > > >  delete mode 100644
> > > > > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > > > >
> > > > > > > > --
> > > > > > > > 2.21.0.windows.1
> > > > > > >
> > > > > > >
> > > > > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  6:15               ` Yao, Jiewen
@ 2020-03-27  9:19                 ` Ni, Ray
  0 siblings, 0 replies; 38+ messages in thread
From: Ni, Ray @ 2020-03-27  9:19 UTC (permalink / raw)
  To: devel@edk2.groups.io, Yao, Jiewen, Fu, Siyuan, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Jiewen,
comments below.

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, Jiewen
> Sent: Friday, March 27, 2020 2:16 PM
> To: Fu, Siyuan <siyuan.fu@intel.com>; devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>; Maciej Rabeda
> <maciej.rabeda@linux.intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>
> Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Library is static interface. Protocol is dynamic interface. That is key difference.
> 
> My understanding for a *private protocol* is that: one module in the package to produce. The other module in the same
> packet to consume. Both are at runtime. That brings zero impact to other module.

If a module produces public Protocol_A and internally consumes private Protocol_B, do you think that Protocol_B is private? I still think it's private. The module is responsible to make sure Protocol_A behavior is not impacted by a internal change of Protocol_B.

I didn't investigate the specific issue in detail.
But in general, any change needs to consider the backward compatibility.
An interface is ok to change when all modules that consume this interface are updated, no matter it's private or public.

In this case, I think the library that calls the private protocol needs to change.

Through this way, each layer owns it's promise to its consumers.

Thanks,
Ray

^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27  4:59       ` Yao, Jiewen
  2020-03-27  5:43         ` Siyuan, Fu
@ 2020-03-27 16:38         ` Michael D Kinney
  2020-03-27 23:43           ` Yao, Jiewen
  1 sibling, 1 reply; 38+ messages in thread
From: Michael D Kinney @ 2020-03-27 16:38 UTC (permalink / raw)
  To: devel@edk2.groups.io, Yao, Jiewen, Fu, Siyuan, Gao, Zhichao,
	Kinney, Michael D
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Jiewen,

The purpose of private includes is to keep modules/lib
in *other* packages from using interfaces that are the
package with the private interface does not want other
packages to use and does not want to have to coordinate
with other packages if that package owner decides to
make changes to those private interfaces. 

For modules/libs within package that do use private
includes, the package owner gets to decide how to 
maintain the interfaces in the private includes to
support those modules/libs.

For example, the CryptoPkg has modules that are
intended to be used as pre-built binaries, so the
CryptoPkg owner needs to make sure the maintenance
of the private includes supports both the source and
binary use cases.

The private Protocol/PPI interfaces in the CryptoPkg
were designed to support future expansion.  The first
API in the Protocol/PPI is GetVersion().  The version 
value returned can be used to have different layouts 
of fields in the Protocol/PPI.  In order to support
backwards compatibility, APIs are added to the end
of the Protocol/PPI structure as the version value 
is increased.  You will notice that there is an X509
service that was added further down than the initial
grouping.  This is just an example of how the CryptoPkg
is maintaining a private interface for binary use cases.
Other packages may choose alternate techniques.
 
Thanks,

Mike

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On
> Behalf Of Yao, Jiewen
> Sent: Thursday, March 26, 2020 9:59 PM
> To: Fu, Siyuan <siyuan.fu@intel.com>;
> devel@edk2.groups.io; Gao, Zhichao
> <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Maciej Rabeda
> <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> the deprecate function
> 
> Thanks Siyun.
> I think probably we need discuss this more.
> 
> 1) About private v.s. public.
> 
> The benefit for private include is to isolate external
> interface and internal interface.
> A package can keep updating its private interface without
> impact any other packages.
> However, in this case, a private interface update will
> bring binary compatibility issue with other package.
> I am not sure it is acceptable or not.
> 
> Mike
> Do you have any comment? Is that the design goal of
> private interface - just keep source code compatibility,
> but not binary compatiblity?
> 
> 2) About the protocol itself.
> 
> One concern I have is that we *hardcode* the algorithm in
> protocol.
> 
> We keeps adding new algorithm and removing old one. That
> means this protocol interface is unstable.
> 
> Today, we have defined SHA2 set, and deprecating SHA1 and
> older one. Tomorrow we may need add SHA3 set.
> Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
> Some other new set of algorithms might be added later,
> such as AEAD, GMAC.
> 
> For a protocol definition, I think we need *abstract the
> action*, but not *algorithm*.
> One good example is the UEFI HASH2 Protocol.
> https://github.com/tianocore/edk2/blob/master/MdePkg/Incl
> ude/Protocol/Hash2.h
> It just tells you do the hash. You may add new algorithm
> GUID.
> 
> Another good example is inside of openssl. Now it is
> using EVP style cipher algo.
> For example,
> https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptIni
> t_ex.html
> https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX
> _ctrl.html
> The cipher itself is input as parameter.
> 
> The benefit is that, if we want to deprecate an
> algorithm, the interface can be unchanged.
> Just the internal implementation can be changed.
> The current PCD mechanism can still be applied to
> internal implementation.
> 
> Can we get a chance to revisit/redesign the protocol API,
> when we move to public include?
> 
> Thank you
> Yao Jiewen
> 
> > -----Original Message-----
> > From: Fu, Siyuan <siyuan.fu@intel.com>
> > Sent: Friday, March 27, 2020 11:07 AM
> > To: Yao, Jiewen <jiewen.yao@intel.com>;
> devel@edk2.groups.io; Gao, Zhichao
> > <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> the deprecate function
> >
> > Hi, Jiewen
> >
> > Although the protocol is private, a corresponding
> BaseCryptoLib instance is
> > not private, like PeiCryptLib.inf, RuntimeCryptLib,
> etc. These library instances
> > will be static linked to the consumer driver, for
> example an iSCSI network driver.
> > So actually it's not a "private" change inside
> CryptoPkg.
> >
> > The goal to provide a driver version of crypto service
> is to support modulization
> > FW update, which means the crypto driver may NOT be
> updated together with
> > its consumer. A platform may choose to update the
> crypto service driver to a
> > new version with this patch, then all the BaseCryptoLib
> consumers will be
> > messed.
> >
> > Best Regards
> > Siyuan
> >
> > > -----Original Message-----
> > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > Sent: 2020年3月27日 10:58
> > > To: devel@edk2.groups.io; Fu, Siyuan
> <siyuan.fu@intel.com>; Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> Retire the deprecate
> > function
> > >
> > > EDKII_CRYPTO_PROTOCOL is *private*.
> > >
> >
> https://github.com/tianocore/edk2/blob/master/CryptoPkg/P
> rivate/Protocol/C
> > > rypto.h
> > >
> > > Why we cannot change?
> > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: devel@edk2.groups.io <devel@edk2.groups.io>
> On Behalf Of Siyuan,
> > Fu
> > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > To: Gao, Zhichao <zhichao.gao@intel.com>;
> devel@edk2.groups.io
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg:
> Retire the deprecate
> > > function
> > > >
> > > > Hi, Zhichao
> > > >
> > > > We should never move/delete a member field of a
> previous defined protocol
> > > > Interface. Instead, these protocol APIs shall be
> kept and return an error code
> > > > If the function is retired. Otherwise the consumer
> driver may call into an
> > > > Incorrect function if it's build with different
> codebase/PCD settings with the
> > > > Crypto PEI/DXE/SMM driver.
> > > > This comment applies to all the
> EDKII_CRYPTO_PROTOCOL related changes
> > in
> > > > your patch set.
> > > >
> > > > Best Regards
> > > > Siyuan
> > > >
> > > > > -----Original Message-----
> > > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > > Sent: 2020年3月27日 9:56
> > > > > To: devel@edk2.groups.io
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> Wu, Jiaxin
> > > > > <jiaxin.wu@intel.com>; Fu, Siyuan
> <siyuan.fu@intel.com>
> > > > > Subject: [PATCH 0/8] CryptoPkg: Retire the
> deprecate function
> > > > >
> > > > > REF:
> https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > REF:
> https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > >
> > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not
> secure any longer.
> > > > > They are all deprecated. Edk2 would not support
> them any longer.
> > > > > So remove them.
> > > > > But uefi spec want to keep MD5 and SHA1 for
> backwards compatibility.
> > > > > So add two pcds to control the MD5 and SHA1
> enablement. Set the pcds
> > > > > default value to false to indicate they are
> deprecated.
> > > > >
> > > > > NetWorkPkg's iSCSI driver would consume the MD5
> function, so change
> > > > > the md5 pcd to TURE when iSCSI is enabled.
> > > > >
> > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > Signed-off-by: Zhichao Gao
> <zhichao.gao@intel.com>
> > > > >
> > > > > Zhichao Gao (8):
> > > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > > >   CryptoPkg/BaseCryptLib: Retire the Tdes
> algorithm
> > > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode
> algorithm
> > > > >   CryptoPkg/dec: Add pcds to avoid building the
> deprecated function
> > > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > > >   Crypto/BaseCryptLib: Using pcd to control MD5
> enablement
> > > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the
> SHA1 enablement
> > > > >
> > > > >  CryptoPkg/CryptoPkg.dec                       |
> 11 +
> > > > >  CryptoPkg/CryptoPkg.uni                       |
> 11 +
> > > > >  CryptoPkg/Driver/Crypto.c                     |
> 634 +-----------------
> > > > >  CryptoPkg/Include/Library/BaseCryptLib.h      |
> 548 ---------------
> > > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |
> 9 +-
> > > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    |
> 114 ----
> > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |
> 52 --
> > > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   |
> 205 ------
> > > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       |
> 124 ----
> > > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   |
> 364 ----------
> > > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       |
> 160 -----
> > > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      |
> 223 ------
> > > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  |
> 143 ----
> > > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |
> 5 +-
> > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |
> 3 +
> > > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |
> 3 +
> > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |
> 3 +
> > > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |
> 3 +
> > > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |
> 13 +-
> > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |
> 3 +
> > > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |
> 5 +
> > > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |
> 5 +
> > > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |
> 13 +-
> > > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |
> 13 +-
> > > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |
> 3 -
> > > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |
> 54 +-
> > > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   |
> 124 ----
> > > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   |
> 160 -----
> > > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      |
> 143 ----
> > > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |
> 3 +
> > > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |
> 3 +
> > > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |
> 4 +-
> > > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      |
> 604 +----------------
> > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |
> 12 +
> > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |
> 1 +
> > > > >  CryptoPkg/Private/Protocol/Crypto.h           |
> 583 +---------------
> > > > >  NetworkPkg/NetworkPcds.dsc.inc                |
> 5 +-
> > > > >  37 files changed, 145 insertions(+), 4221
> deletions(-)
> > > > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > >  delete mode 100644
> CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > >  delete mode 100644
> > > > >
> CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > >  delete mode 100644
> > > > >
> CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > >  delete mode 100644
> > > >
> CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > >
> > > > > --
> > > > > 2.21.0.windows.1
> > > >
> > > >
> > > >
> 
> 
> 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement
  2020-03-27  2:51       ` Wang, Jian J
@ 2020-03-27 17:35         ` Laszlo Ersek
  0 siblings, 0 replies; 38+ messages in thread
From: Laszlo Ersek @ 2020-03-27 17:35 UTC (permalink / raw)
  To: devel, jian.j.wang, Gao, Zhichao, Kinney, Michael D
  Cc: Lu, XiaoyuX, Siyuan Fu, Jiewen Yao, Ray Ni

Hi All,

On 03/27/20 03:51, Wang, Jian J wrote:
> Zhichao,
>
> You can just use the PCD in C code "if (PcdGet...){}" instead of macro
> #if.

I do not have the capacity to contribute useful thoughts to this
discussion right now; I just want to provide three links here, to
previous comments that seem related:

  https://edk2.groups.io/g/devel/message/53581
  https://edk2.groups.io/g/devel/message/53587
  https://edk2.groups.io/g/devel/message/53588

Alternative links to the same:

  http://mid.mail-archive.com/e68a3ba1-f469-8ac3-c1e7-78a51bdaf291@redhat.com
  http://mid.mail-archive.com/E92EE9817A31E24EB0585FDF735412F5B9E81876@ORSMSX113.amr.corp.intel.com
  http://mid.mail-archive.com/b1db8f28-524d-0917-b54d-f6a15c497118@redhat.com

Thanks,
Laszlo


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27 16:38         ` Michael D Kinney
@ 2020-03-27 23:43           ` Yao, Jiewen
  2020-03-30  2:17             ` Siyuan, Fu
  0 siblings, 1 reply; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-27 23:43 UTC (permalink / raw)
  To: Kinney, Michael D, devel@edk2.groups.io, Fu, Siyuan, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Thanks Mike.
I understand the *private protocol* now. I think it is OK to put CryptoProtocol into Private dir to sever that purpose.
And for private API, I don’t have concern on the data structure, since it is invisible.

Siyuan provided below usage and concern:
"The goal to provide a driver version of crypto service is to support modulization
FW update, which means the crypto driver may NOT be updated together with
its consumer. A platform may choose to update the crypto service driver to a
new version with this patch, then all the BaseCryptoLib consumers will be messed."

This usage might become a problem, when we want to deprecate an API and keep binary compatibility at same time.
(To be specific, I am not worried about source compatibility, because we can update both producer and consumer.
I am not worried about adding API, because there will be no issue on appending a function at the end.)

Take below as an example:
Firmware Version 100 uses Crypto Version 100.
We want to deprecate a private API and change to a new one. So, we upgrade Crypto to Version 101 and update Firmware to Version 101.
Of course, we need change *all other consumers* and rebuild everything make sure it works correctly.
However, it is hard to support this in "modulization FW update", because we have no chance to update the binary of firmware version 100.

If we have to keep *permanent binary compatibility*, then we cannot deprecate any old API, just because that will break old consumer.
That brings much validation burden, because you have to test every update in master with old binaries, besides the latest binaries.
That also brings maintenance burden for the unused old API. The only consumer is in the old binary and invisible. 
I don’t believe that is what we want.

Modulization FW update is good feature. And we can have different strategy for that besides keeping permanent binary compatibility.
1) Modulization FW update can be limited a range of version. At some point, you have to update the whole FW, because there are too many changes or incompatible binary changes. The cadence of full update can be longer than the one of partial update. For example, Linux or windows are making incompatible change in major version and only keep compatibility in minor version.
2) A project can branch the production launch firmware, and only keep binary compatibility and support the modulization FW update within this branch. As such, the big update in master won't impact this branch. If a production may choose to resync to master, at that time a full firmware update is required. I guess most people are using this way in a real production.

Thought?

Thank you
Yao Jiewen


> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Saturday, March 28, 2020 12:38 AM
> To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Fu, Siyuan
> <siyuan.fu@intel.com>; Gao, Zhichao <zhichao.gao@intel.com>; Kinney,
> Michael D <michael.d.kinney@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Jiewen,
> 
> The purpose of private includes is to keep modules/lib
> in *other* packages from using interfaces that are the
> package with the private interface does not want other
> packages to use and does not want to have to coordinate
> with other packages if that package owner decides to
> make changes to those private interfaces.
> 
> For modules/libs within package that do use private
> includes, the package owner gets to decide how to
> maintain the interfaces in the private includes to
> support those modules/libs.
> 
> For example, the CryptoPkg has modules that are
> intended to be used as pre-built binaries, so the
> CryptoPkg owner needs to make sure the maintenance
> of the private includes supports both the source and
> binary use cases.
> 
> The private Protocol/PPI interfaces in the CryptoPkg
> were designed to support future expansion.  The first
> API in the Protocol/PPI is GetVersion().  The version
> value returned can be used to have different layouts
> of fields in the Protocol/PPI.  In order to support
> backwards compatibility, APIs are added to the end
> of the Protocol/PPI structure as the version value
> is increased.  You will notice that there is an X509
> service that was added further down than the initial
> grouping.  This is just an example of how the CryptoPkg
> is maintaining a private interface for binary use cases.
> Other packages may choose alternate techniques.
> 
> Thanks,
> 
> Mike
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> > Behalf Of Yao, Jiewen
> > Sent: Thursday, March 26, 2020 9:59 PM
> > To: Fu, Siyuan <siyuan.fu@intel.com>;
> > devel@edk2.groups.io; Gao, Zhichao
> > <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > the deprecate function
> >
> > Thanks Siyun.
> > I think probably we need discuss this more.
> >
> > 1) About private v.s. public.
> >
> > The benefit for private include is to isolate external
> > interface and internal interface.
> > A package can keep updating its private interface without
> > impact any other packages.
> > However, in this case, a private interface update will
> > bring binary compatibility issue with other package.
> > I am not sure it is acceptable or not.
> >
> > Mike
> > Do you have any comment? Is that the design goal of
> > private interface - just keep source code compatibility,
> > but not binary compatiblity?
> >
> > 2) About the protocol itself.
> >
> > One concern I have is that we *hardcode* the algorithm in
> > protocol.
> >
> > We keeps adding new algorithm and removing old one. That
> > means this protocol interface is unstable.
> >
> > Today, we have defined SHA2 set, and deprecating SHA1 and
> > older one. Tomorrow we may need add SHA3 set.
> > Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
> > Some other new set of algorithms might be added later,
> > such as AEAD, GMAC.
> >
> > For a protocol definition, I think we need *abstract the
> > action*, but not *algorithm*.
> > One good example is the UEFI HASH2 Protocol.
> > https://github.com/tianocore/edk2/blob/master/MdePkg/Incl
> > ude/Protocol/Hash2.h
> > It just tells you do the hash. You may add new algorithm
> > GUID.
> >
> > Another good example is inside of openssl. Now it is
> > using EVP style cipher algo.
> > For example,
> > https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptIni
> > t_ex.html
> > https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX
> > _ctrl.html
> > The cipher itself is input as parameter.
> >
> > The benefit is that, if we want to deprecate an
> > algorithm, the interface can be unchanged.
> > Just the internal implementation can be changed.
> > The current PCD mechanism can still be applied to
> > internal implementation.
> >
> > Can we get a chance to revisit/redesign the protocol API,
> > when we move to public include?
> >
> > Thank you
> > Yao Jiewen
> >
> > > -----Original Message-----
> > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > Sent: Friday, March 27, 2020 11:07 AM
> > > To: Yao, Jiewen <jiewen.yao@intel.com>;
> > devel@edk2.groups.io; Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > the deprecate function
> > >
> > > Hi, Jiewen
> > >
> > > Although the protocol is private, a corresponding
> > BaseCryptoLib instance is
> > > not private, like PeiCryptLib.inf, RuntimeCryptLib,
> > etc. These library instances
> > > will be static linked to the consumer driver, for
> > example an iSCSI network driver.
> > > So actually it's not a "private" change inside
> > CryptoPkg.
> > >
> > > The goal to provide a driver version of crypto service
> > is to support modulization
> > > FW update, which means the crypto driver may NOT be
> > updated together with
> > > its consumer. A platform may choose to update the
> > crypto service driver to a
> > > new version with this patch, then all the BaseCryptoLib
> > consumers will be
> > > messed.
> > >
> > > Best Regards
> > > Siyuan
> > >
> > > > -----Original Message-----
> > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > Sent: 2020年3月27日 10:58
> > > > To: devel@edk2.groups.io; Fu, Siyuan
> > <siyuan.fu@intel.com>; Gao, Zhichao
> > > > <zhichao.gao@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > Retire the deprecate
> > > function
> > > >
> > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > >
> > >
> > https://github.com/tianocore/edk2/blob/master/CryptoPkg/P
> > rivate/Protocol/C
> > > > rypto.h
> > > >
> > > > Why we cannot change?
> > > >
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: devel@edk2.groups.io <devel@edk2.groups.io>
> > On Behalf Of Siyuan,
> > > Fu
> > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > To: Gao, Zhichao <zhichao.gao@intel.com>;
> > devel@edk2.groups.io
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > Jiaxin
> > > > > <jiaxin.wu@intel.com>
> > > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > Retire the deprecate
> > > > function
> > > > >
> > > > > Hi, Zhichao
> > > > >
> > > > > We should never move/delete a member field of a
> > previous defined protocol
> > > > > Interface. Instead, these protocol APIs shall be
> > kept and return an error code
> > > > > If the function is retired. Otherwise the consumer
> > driver may call into an
> > > > > Incorrect function if it's build with different
> > codebase/PCD settings with the
> > > > > Crypto PEI/DXE/SMM driver.
> > > > > This comment applies to all the
> > EDKII_CRYPTO_PROTOCOL related changes
> > > in
> > > > > your patch set.
> > > > >
> > > > > Best Regards
> > > > > Siyuan
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > > > Sent: 2020年3月27日 9:56
> > > > > > To: devel@edk2.groups.io
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > XiaoyuX
> > > > > <xiaoyux.lu@intel.com>;
> > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > Wu, Jiaxin
> > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan
> > <siyuan.fu@intel.com>
> > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire the
> > deprecate function
> > > > > >
> > > > > > REF:
> > https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > REF:
> > https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > >
> > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not
> > secure any longer.
> > > > > > They are all deprecated. Edk2 would not support
> > them any longer.
> > > > > > So remove them.
> > > > > > But uefi spec want to keep MD5 and SHA1 for
> > backwards compatibility.
> > > > > > So add two pcds to control the MD5 and SHA1
> > enablement. Set the pcds
> > > > > > default value to false to indicate they are
> > deprecated.
> > > > > >
> > > > > > NetWorkPkg's iSCSI driver would consume the MD5
> > function, so change
> > > > > > the md5 pcd to TURE when iSCSI is enabled.
> > > > > >
> > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > Signed-off-by: Zhichao Gao
> > <zhichao.gao@intel.com>
> > > > > >
> > > > > > Zhichao Gao (8):
> > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > > > >   CryptoPkg/BaseCryptLib: Retire the Tdes
> > algorithm
> > > > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode
> > algorithm
> > > > > >   CryptoPkg/dec: Add pcds to avoid building the
> > deprecated function
> > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > > > >   Crypto/BaseCryptLib: Using pcd to control MD5
> > enablement
> > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the
> > SHA1 enablement
> > > > > >
> > > > > >  CryptoPkg/CryptoPkg.dec                       |
> > 11 +
> > > > > >  CryptoPkg/CryptoPkg.uni                       |
> > 11 +
> > > > > >  CryptoPkg/Driver/Crypto.c                     |
> > 634 +-----------------
> > > > > >  CryptoPkg/Include/Library/BaseCryptLib.h      |
> > 548 ---------------
> > > > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |
> > 9 +-
> > > > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    |
> > 114 ----
> > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |
> > 52 --
> > > > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   |
> > 205 ------
> > > > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       |
> > 124 ----
> > > > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   |
> > 364 ----------
> > > > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       |
> > 160 -----
> > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      |
> > 223 ------
> > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  |
> > 143 ----
> > > > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |
> > 5 +-
> > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |
> > 3 +
> > > > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |
> > 3 +
> > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |
> > 3 +
> > > > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |
> > 3 +
> > > > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |
> > 13 +-
> > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |
> > 3 +
> > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |
> > 5 +
> > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |
> > 5 +
> > > > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |
> > 13 +-
> > > > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |
> > 13 +-
> > > > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |
> > 3 -
> > > > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |
> > 54 +-
> > > > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   |
> > 124 ----
> > > > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   |
> > 160 -----
> > > > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      |
> > 143 ----
> > > > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |
> > 3 +
> > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |
> > 3 +
> > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |
> > 4 +-
> > > > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      |
> > 604 +----------------
> > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |
> > 12 +
> > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |
> > 1 +
> > > > > >  CryptoPkg/Private/Protocol/Crypto.h           |
> > 583 +---------------
> > > > > >  NetworkPkg/NetworkPcds.dsc.inc                |
> > 5 +-
> > > > > >  37 files changed, 145 insertions(+), 4221
> > deletions(-)
> > > > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > >  delete mode 100644
> > > > > >
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > >  delete mode 100644
> > > > > >
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > >  delete mode 100644
> > > > >
> > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > >
> > > > > > --
> > > > > > 2.21.0.windows.1
> > > > >
> > > > >
> > > > >
> >
> >
> > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-27 23:43           ` Yao, Jiewen
@ 2020-03-30  2:17             ` Siyuan, Fu
  2020-03-30  2:47               ` Yao, Jiewen
  0 siblings, 1 reply; 38+ messages in thread
From: Siyuan, Fu @ 2020-03-30  2:17 UTC (permalink / raw)
  To: Yao, Jiewen, Kinney, Michael D, devel@edk2.groups.io,
	Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Hi, Jiewen

I agree with all the strategy you listed for the Modulization FW update, and Mike's
for compatibility maintenance.  While I have a little different understanding about 
"permanent binary compatibility". Mainly about what kind of "compatibility" we
have to provide. 

I don't think "compatibility " means we cannot deprecate any old API. Instead of
that, I think the goal could be:
- If an old binary is using the deprecated API, it should be able to fail gracefully.
- If an old binary is NOT using the deprecated API, it should not be impacted and
able to work as before.

So how we deprecate an API from this internal protocol is important. The current
patch shows a bad example, it removes member functions from the protocol
structure, without changing the protocol GUID or version number. In such case,
an old binary consumer has no method to know if it's working with an old protocol
or a new one, and may call into incorrect function even it doesn't use any of the
deprecated APIs. That's something I want to avoid.

Best Regards
Siyuan 

> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: 2020年3月28日 7:43
> To: Kinney, Michael D <michael.d.kinney@intel.com>; devel@edk2.groups.io;
> Fu, Siyuan <siyuan.fu@intel.com>; Gao, Zhichao <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> Wu, Jiaxin <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> 
> Thanks Mike.
> I understand the *private protocol* now. I think it is OK to put
> CryptoProtocol into Private dir to sever that purpose.
> And for private API, I don’t have concern on the data structure, since it is
> invisible.
> 
> Siyuan provided below usage and concern:
> "The goal to provide a driver version of crypto service is to support
> modulization
> FW update, which means the crypto driver may NOT be updated together
> with
> its consumer. A platform may choose to update the crypto service driver to a
> new version with this patch, then all the BaseCryptoLib consumers will be
> messed."
> 
> This usage might become a problem, when we want to deprecate an API and
> keep binary compatibility at same time.
> (To be specific, I am not worried about source compatibility, because we can
> update both producer and consumer.
> I am not worried about adding API, because there will be no issue on
> appending a function at the end.)
> 
> Take below as an example:
> Firmware Version 100 uses Crypto Version 100.
> We want to deprecate a private API and change to a new one. So, we
> upgrade Crypto to Version 101 and update Firmware to Version 101.
> Of course, we need change *all other consumers* and rebuild everything
> make sure it works correctly.
> However, it is hard to support this in "modulization FW update", because we
> have no chance to update the binary of firmware version 100.
> 
> If we have to keep *permanent binary compatibility*, then we cannot
> deprecate any old API, just because that will break old consumer.
> That brings much validation burden, because you have to test every update
> in master with old binaries, besides the latest binaries.
> That also brings maintenance burden for the unused old API. The only
> consumer is in the old binary and invisible.
> I don’t believe that is what we want.
> 
> Modulization FW update is good feature. And we can have different strategy
> for that besides keeping permanent binary compatibility.
> 1) Modulization FW update can be limited a range of version. At some point,
> you have to update the whole FW, because there are too many changes or
> incompatible binary changes. The cadence of full update can be longer than
> the one of partial update. For example, Linux or windows are making
> incompatible change in major version and only keep compatibility in minor
> version.
> 2) A project can branch the production launch firmware, and only keep
> binary compatibility and support the modulization FW update within this
> branch. As such, the big update in master won't impact this branch. If a
> production may choose to resync to master, at that time a full firmware
> update is required. I guess most people are using this way in a real
> production.
> 
> Thought?
> 
> Thank you
> Yao Jiewen
> 
> 
> > -----Original Message-----
> > From: Kinney, Michael D <michael.d.kinney@intel.com>
> > Sent: Saturday, March 28, 2020 12:38 AM
> > To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Fu, Siyuan
> > <siyuan.fu@intel.com>; Gao, Zhichao <zhichao.gao@intel.com>; Kinney,
> > Michael D <michael.d.kinney@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> >
> > Jiewen,
> >
> > The purpose of private includes is to keep modules/lib
> > in *other* packages from using interfaces that are the
> > package with the private interface does not want other
> > packages to use and does not want to have to coordinate
> > with other packages if that package owner decides to
> > make changes to those private interfaces.
> >
> > For modules/libs within package that do use private
> > includes, the package owner gets to decide how to
> > maintain the interfaces in the private includes to
> > support those modules/libs.
> >
> > For example, the CryptoPkg has modules that are
> > intended to be used as pre-built binaries, so the
> > CryptoPkg owner needs to make sure the maintenance
> > of the private includes supports both the source and
> > binary use cases.
> >
> > The private Protocol/PPI interfaces in the CryptoPkg
> > were designed to support future expansion.  The first
> > API in the Protocol/PPI is GetVersion().  The version
> > value returned can be used to have different layouts
> > of fields in the Protocol/PPI.  In order to support
> > backwards compatibility, APIs are added to the end
> > of the Protocol/PPI structure as the version value
> > is increased.  You will notice that there is an X509
> > service that was added further down than the initial
> > grouping.  This is just an example of how the CryptoPkg
> > is maintaining a private interface for binary use cases.
> > Other packages may choose alternate techniques.
> >
> > Thanks,
> >
> > Mike
> >
> > > -----Original Message-----
> > > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> > > Behalf Of Yao, Jiewen
> > > Sent: Thursday, March 26, 2020 9:59 PM
> > > To: Fu, Siyuan <siyuan.fu@intel.com>;
> > > devel@edk2.groups.io; Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > > the deprecate function
> > >
> > > Thanks Siyun.
> > > I think probably we need discuss this more.
> > >
> > > 1) About private v.s. public.
> > >
> > > The benefit for private include is to isolate external
> > > interface and internal interface.
> > > A package can keep updating its private interface without
> > > impact any other packages.
> > > However, in this case, a private interface update will
> > > bring binary compatibility issue with other package.
> > > I am not sure it is acceptable or not.
> > >
> > > Mike
> > > Do you have any comment? Is that the design goal of
> > > private interface - just keep source code compatibility,
> > > but not binary compatiblity?
> > >
> > > 2) About the protocol itself.
> > >
> > > One concern I have is that we *hardcode* the algorithm in
> > > protocol.
> > >
> > > We keeps adding new algorithm and removing old one. That
> > > means this protocol interface is unstable.
> > >
> > > Today, we have defined SHA2 set, and deprecating SHA1 and
> > > older one. Tomorrow we may need add SHA3 set.
> > > Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
> > > Some other new set of algorithms might be added later,
> > > such as AEAD, GMAC.
> > >
> > > For a protocol definition, I think we need *abstract the
> > > action*, but not *algorithm*.
> > > One good example is the UEFI HASH2 Protocol.
> > > https://github.com/tianocore/edk2/blob/master/MdePkg/Incl
> > > ude/Protocol/Hash2.h
> > > It just tells you do the hash. You may add new algorithm
> > > GUID.
> > >
> > > Another good example is inside of openssl. Now it is
> > > using EVP style cipher algo.
> > > For example,
> > > https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptIni
> > > t_ex.html
> > > https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX
> > > _ctrl.html
> > > The cipher itself is input as parameter.
> > >
> > > The benefit is that, if we want to deprecate an
> > > algorithm, the interface can be unchanged.
> > > Just the internal implementation can be changed.
> > > The current PCD mechanism can still be applied to
> > > internal implementation.
> > >
> > > Can we get a chance to revisit/redesign the protocol API,
> > > when we move to public include?
> > >
> > > Thank you
> > > Yao Jiewen
> > >
> > > > -----Original Message-----
> > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > Sent: Friday, March 27, 2020 11:07 AM
> > > > To: Yao, Jiewen <jiewen.yao@intel.com>;
> > > devel@edk2.groups.io; Gao, Zhichao
> > > > <zhichao.gao@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > > the deprecate function
> > > >
> > > > Hi, Jiewen
> > > >
> > > > Although the protocol is private, a corresponding
> > > BaseCryptoLib instance is
> > > > not private, like PeiCryptLib.inf, RuntimeCryptLib,
> > > etc. These library instances
> > > > will be static linked to the consumer driver, for
> > > example an iSCSI network driver.
> > > > So actually it's not a "private" change inside
> > > CryptoPkg.
> > > >
> > > > The goal to provide a driver version of crypto service
> > > is to support modulization
> > > > FW update, which means the crypto driver may NOT be
> > > updated together with
> > > > its consumer. A platform may choose to update the
> > > crypto service driver to a
> > > > new version with this patch, then all the BaseCryptoLib
> > > consumers will be
> > > > messed.
> > > >
> > > > Best Regards
> > > > Siyuan
> > > >
> > > > > -----Original Message-----
> > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > Sent: 2020年3月27日 10:58
> > > > > To: devel@edk2.groups.io; Fu, Siyuan
> > > <siyuan.fu@intel.com>; Gao, Zhichao
> > > > > <zhichao.gao@intel.com>
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > Jiaxin
> > > > > <jiaxin.wu@intel.com>
> > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > > Retire the deprecate
> > > > function
> > > > >
> > > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > > >
> > > >
> > > https://github.com/tianocore/edk2/blob/master/CryptoPkg/P
> > > rivate/Protocol/C
> > > > > rypto.h
> > > > >
> > > > > Why we cannot change?
> > > > >
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: devel@edk2.groups.io <devel@edk2.groups.io>
> > > On Behalf Of Siyuan,
> > > > Fu
> > > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > > To: Gao, Zhichao <zhichao.gao@intel.com>;
> > > devel@edk2.groups.io
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > XiaoyuX
> > > > > <xiaoyux.lu@intel.com>;
> > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > Jiaxin
> > > > > > <jiaxin.wu@intel.com>
> > > > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > > Retire the deprecate
> > > > > function
> > > > > >
> > > > > > Hi, Zhichao
> > > > > >
> > > > > > We should never move/delete a member field of a
> > > previous defined protocol
> > > > > > Interface. Instead, these protocol APIs shall be
> > > kept and return an error code
> > > > > > If the function is retired. Otherwise the consumer
> > > driver may call into an
> > > > > > Incorrect function if it's build with different
> > > codebase/PCD settings with the
> > > > > > Crypto PEI/DXE/SMM driver.
> > > > > > This comment applies to all the
> > > EDKII_CRYPTO_PROTOCOL related changes
> > > > in
> > > > > > your patch set.
> > > > > >
> > > > > > Best Regards
> > > > > > Siyuan
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > > > > Sent: 2020年3月27日 9:56
> > > > > > > To: devel@edk2.groups.io
> > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > XiaoyuX
> > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > > Wu, Jiaxin
> > > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan
> > > <siyuan.fu@intel.com>
> > > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire the
> > > deprecate function
> > > > > > >
> > > > > > > REF:
> > > https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > > REF:
> > > https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > > >
> > > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not
> > > secure any longer.
> > > > > > > They are all deprecated. Edk2 would not support
> > > them any longer.
> > > > > > > So remove them.
> > > > > > > But uefi spec want to keep MD5 and SHA1 for
> > > backwards compatibility.
> > > > > > > So add two pcds to control the MD5 and SHA1
> > > enablement. Set the pcds
> > > > > > > default value to false to indicate they are
> > > deprecated.
> > > > > > >
> > > > > > > NetWorkPkg's iSCSI driver would consume the MD5
> > > function, so change
> > > > > > > the md5 pcd to TURE when iSCSI is enabled.
> > > > > > >
> > > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > > Signed-off-by: Zhichao Gao
> > > <zhichao.gao@intel.com>
> > > > > > >
> > > > > > > Zhichao Gao (8):
> > > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > > > > >   CryptoPkg/BaseCryptLib: Retire the Tdes
> > > algorithm
> > > > > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode
> > > algorithm
> > > > > > >   CryptoPkg/dec: Add pcds to avoid building the
> > > deprecated function
> > > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > > > > >   Crypto/BaseCryptLib: Using pcd to control MD5
> > > enablement
> > > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the
> > > SHA1 enablement
> > > > > > >
> > > > > > >  CryptoPkg/CryptoPkg.dec                       |
> > > 11 +
> > > > > > >  CryptoPkg/CryptoPkg.uni                       |
> > > 11 +
> > > > > > >  CryptoPkg/Driver/Crypto.c                     |
> > > 634 +-----------------
> > > > > > >  CryptoPkg/Include/Library/BaseCryptLib.h      |
> > > 548 ---------------
> > > > > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |
> > > 9 +-
> > > > > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    |
> > > 114 ----
> > > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |
> > > 52 --
> > > > > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   |
> > > 205 ------
> > > > > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       |
> > > 124 ----
> > > > > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   |
> > > 364 ----------
> > > > > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       |
> > > 160 -----
> > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      |
> > > 223 ------
> > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  |
> > > 143 ----
> > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |
> > > 5 +-
> > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |
> > > 3 +
> > > > > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |
> > > 3 +
> > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |
> > > 3 +
> > > > > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |
> > > 3 +
> > > > > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |
> > > 13 +-
> > > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |
> > > 3 +
> > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |
> > > 5 +
> > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |
> > > 5 +
> > > > > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |
> > > 13 +-
> > > > > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |
> > > 13 +-
> > > > > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |
> > > 3 -
> > > > > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |
> > > 54 +-
> > > > > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   |
> > > 124 ----
> > > > > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   |
> > > 160 -----
> > > > > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      |
> > > 143 ----
> > > > > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |
> > > 3 +
> > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |
> > > 3 +
> > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |
> > > 4 +-
> > > > > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      |
> > > 604 +----------------
> > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |
> > > 12 +
> > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |
> > > 1 +
> > > > > > >  CryptoPkg/Private/Protocol/Crypto.h           |
> > > 583 +---------------
> > > > > > >  NetworkPkg/NetworkPcds.dsc.inc                |
> > > 5 +-
> > > > > > >  37 files changed, 145 insertions(+), 4221
> > > deletions(-)
> > > > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > > >  delete mode 100644
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > > >  delete mode 100644
> > > > > > >
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > > >  delete mode 100644
> > > > > > >
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > > >  delete mode 100644
> > > > > >
> > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > > >
> > > > > > > --
> > > > > > > 2.21.0.windows.1
> > > > > >
> > > > > >
> > > > > >
> > >
> > >
> > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-30  2:17             ` Siyuan, Fu
@ 2020-03-30  2:47               ` Yao, Jiewen
  2020-03-30  3:04                 ` Siyuan, Fu
  0 siblings, 1 reply; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-30  2:47 UTC (permalink / raw)
  To: Fu, Siyuan, Kinney, Michael D, devel@edk2.groups.io, Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Thanks Siyuan.
Good, then I think we are aligned.
I agree with you that it is bad example because the neither version nor GUID is updated.

We can have at least two options here:
1) Update version
We can change old API to be "VOID *Reserved" or "UNSUPPORT_FUNC  Reserved" in the EDKII_CRYPTO_PROTOCOL.

I really do not want to see something like "EDKII_CRYPTO_MD4_INIT Md4Init" still existing, because it may let people think we are still support MD4 and use it somewhere.

2) Update GUID
Then we can remove the "EDKII_CRYPTO_MD4_INIT Md4Init" completely.
Of course, we can still update version although it is optional.


For adding new API, I will definitely prefer #1.

For deprecating old API, if we choose #1, we need add 17 reserved fields in this protocol for MD4, 3DES and RC4.
If we decide to deprecate HMAC_MD5/HMAC_SHA1 because of no usage, then we need have a protocol with 156 fields, and 29 of them are reserved.
As such, I prefer #2 here, unless we have strong reason to keep 29 reserved fields in this protocol.


Thank you
Yao Jiewen
 

> -----Original Message-----
> From: Fu, Siyuan <siyuan.fu@intel.com>
> Sent: Monday, March 30, 2020 10:17 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Hi, Jiewen
> 
> I agree with all the strategy you listed for the Modulization FW update, and
> Mike's
> for compatibility maintenance.  While I have a little different understanding
> about
> "permanent binary compatibility". Mainly about what kind of "compatibility" we
> have to provide.
> 
> I don't think "compatibility " means we cannot deprecate any old API. Instead of
> that, I think the goal could be:
> - If an old binary is using the deprecated API, it should be able to fail gracefully.
> - If an old binary is NOT using the deprecated API, it should not be impacted and
> able to work as before.
> 
> So how we deprecate an API from this internal protocol is important. The
> current
> patch shows a bad example, it removes member functions from the protocol
> structure, without changing the protocol GUID or version number. In such case,
> an old binary consumer has no method to know if it's working with an old
> protocol
> or a new one, and may call into incorrect function even it doesn't use any of the
> deprecated APIs. That's something I want to avoid.
> 
> Best Regards
> Siyuan
> 
> > -----Original Message-----
> > From: Yao, Jiewen <jiewen.yao@intel.com>
> > Sent: 2020年3月28日 7:43
> > To: Kinney, Michael D <michael.d.kinney@intel.com>; devel@edk2.groups.io;
> > Fu, Siyuan <siyuan.fu@intel.com>; Gao, Zhichao <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > Wu, Jiaxin <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> >
> > Thanks Mike.
> > I understand the *private protocol* now. I think it is OK to put
> > CryptoProtocol into Private dir to sever that purpose.
> > And for private API, I don’t have concern on the data structure, since it is
> > invisible.
> >
> > Siyuan provided below usage and concern:
> > "The goal to provide a driver version of crypto service is to support
> > modulization
> > FW update, which means the crypto driver may NOT be updated together
> > with
> > its consumer. A platform may choose to update the crypto service driver to a
> > new version with this patch, then all the BaseCryptoLib consumers will be
> > messed."
> >
> > This usage might become a problem, when we want to deprecate an API and
> > keep binary compatibility at same time.
> > (To be specific, I am not worried about source compatibility, because we can
> > update both producer and consumer.
> > I am not worried about adding API, because there will be no issue on
> > appending a function at the end.)
> >
> > Take below as an example:
> > Firmware Version 100 uses Crypto Version 100.
> > We want to deprecate a private API and change to a new one. So, we
> > upgrade Crypto to Version 101 and update Firmware to Version 101.
> > Of course, we need change *all other consumers* and rebuild everything
> > make sure it works correctly.
> > However, it is hard to support this in "modulization FW update", because we
> > have no chance to update the binary of firmware version 100.
> >
> > If we have to keep *permanent binary compatibility*, then we cannot
> > deprecate any old API, just because that will break old consumer.
> > That brings much validation burden, because you have to test every update
> > in master with old binaries, besides the latest binaries.
> > That also brings maintenance burden for the unused old API. The only
> > consumer is in the old binary and invisible.
> > I don’t believe that is what we want.
> >
> > Modulization FW update is good feature. And we can have different strategy
> > for that besides keeping permanent binary compatibility.
> > 1) Modulization FW update can be limited a range of version. At some point,
> > you have to update the whole FW, because there are too many changes or
> > incompatible binary changes. The cadence of full update can be longer than
> > the one of partial update. For example, Linux or windows are making
> > incompatible change in major version and only keep compatibility in minor
> > version.
> > 2) A project can branch the production launch firmware, and only keep
> > binary compatibility and support the modulization FW update within this
> > branch. As such, the big update in master won't impact this branch. If a
> > production may choose to resync to master, at that time a full firmware
> > update is required. I guess most people are using this way in a real
> > production.
> >
> > Thought?
> >
> > Thank you
> > Yao Jiewen
> >
> >
> > > -----Original Message-----
> > > From: Kinney, Michael D <michael.d.kinney@intel.com>
> > > Sent: Saturday, March 28, 2020 12:38 AM
> > > To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Fu, Siyuan
> > > <siyuan.fu@intel.com>; Gao, Zhichao <zhichao.gao@intel.com>; Kinney,
> > > Michael D <michael.d.kinney@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> > >
> > > Jiewen,
> > >
> > > The purpose of private includes is to keep modules/lib
> > > in *other* packages from using interfaces that are the
> > > package with the private interface does not want other
> > > packages to use and does not want to have to coordinate
> > > with other packages if that package owner decides to
> > > make changes to those private interfaces.
> > >
> > > For modules/libs within package that do use private
> > > includes, the package owner gets to decide how to
> > > maintain the interfaces in the private includes to
> > > support those modules/libs.
> > >
> > > For example, the CryptoPkg has modules that are
> > > intended to be used as pre-built binaries, so the
> > > CryptoPkg owner needs to make sure the maintenance
> > > of the private includes supports both the source and
> > > binary use cases.
> > >
> > > The private Protocol/PPI interfaces in the CryptoPkg
> > > were designed to support future expansion.  The first
> > > API in the Protocol/PPI is GetVersion().  The version
> > > value returned can be used to have different layouts
> > > of fields in the Protocol/PPI.  In order to support
> > > backwards compatibility, APIs are added to the end
> > > of the Protocol/PPI structure as the version value
> > > is increased.  You will notice that there is an X509
> > > service that was added further down than the initial
> > > grouping.  This is just an example of how the CryptoPkg
> > > is maintaining a private interface for binary use cases.
> > > Other packages may choose alternate techniques.
> > >
> > > Thanks,
> > >
> > > Mike
> > >
> > > > -----Original Message-----
> > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> > > > Behalf Of Yao, Jiewen
> > > > Sent: Thursday, March 26, 2020 9:59 PM
> > > > To: Fu, Siyuan <siyuan.fu@intel.com>;
> > > > devel@edk2.groups.io; Gao, Zhichao
> > > > <zhichao.gao@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > > > the deprecate function
> > > >
> > > > Thanks Siyun.
> > > > I think probably we need discuss this more.
> > > >
> > > > 1) About private v.s. public.
> > > >
> > > > The benefit for private include is to isolate external
> > > > interface and internal interface.
> > > > A package can keep updating its private interface without
> > > > impact any other packages.
> > > > However, in this case, a private interface update will
> > > > bring binary compatibility issue with other package.
> > > > I am not sure it is acceptable or not.
> > > >
> > > > Mike
> > > > Do you have any comment? Is that the design goal of
> > > > private interface - just keep source code compatibility,
> > > > but not binary compatiblity?
> > > >
> > > > 2) About the protocol itself.
> > > >
> > > > One concern I have is that we *hardcode* the algorithm in
> > > > protocol.
> > > >
> > > > We keeps adding new algorithm and removing old one. That
> > > > means this protocol interface is unstable.
> > > >
> > > > Today, we have defined SHA2 set, and deprecating SHA1 and
> > > > older one. Tomorrow we may need add SHA3 set.
> > > > Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
> > > > Some other new set of algorithms might be added later,
> > > > such as AEAD, GMAC.
> > > >
> > > > For a protocol definition, I think we need *abstract the
> > > > action*, but not *algorithm*.
> > > > One good example is the UEFI HASH2 Protocol.
> > > > https://github.com/tianocore/edk2/blob/master/MdePkg/Incl
> > > > ude/Protocol/Hash2.h
> > > > It just tells you do the hash. You may add new algorithm
> > > > GUID.
> > > >
> > > > Another good example is inside of openssl. Now it is
> > > > using EVP style cipher algo.
> > > > For example,
> > > > https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptIni
> > > > t_ex.html
> > > > https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX
> > > > _ctrl.html
> > > > The cipher itself is input as parameter.
> > > >
> > > > The benefit is that, if we want to deprecate an
> > > > algorithm, the interface can be unchanged.
> > > > Just the internal implementation can be changed.
> > > > The current PCD mechanism can still be applied to
> > > > internal implementation.
> > > >
> > > > Can we get a chance to revisit/redesign the protocol API,
> > > > when we move to public include?
> > > >
> > > > Thank you
> > > > Yao Jiewen
> > > >
> > > > > -----Original Message-----
> > > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > > Sent: Friday, March 27, 2020 11:07 AM
> > > > > To: Yao, Jiewen <jiewen.yao@intel.com>;
> > > > devel@edk2.groups.io; Gao, Zhichao
> > > > > <zhichao.gao@intel.com>
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > > Jiaxin
> > > > > <jiaxin.wu@intel.com>
> > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > > > the deprecate function
> > > > >
> > > > > Hi, Jiewen
> > > > >
> > > > > Although the protocol is private, a corresponding
> > > > BaseCryptoLib instance is
> > > > > not private, like PeiCryptLib.inf, RuntimeCryptLib,
> > > > etc. These library instances
> > > > > will be static linked to the consumer driver, for
> > > > example an iSCSI network driver.
> > > > > So actually it's not a "private" change inside
> > > > CryptoPkg.
> > > > >
> > > > > The goal to provide a driver version of crypto service
> > > > is to support modulization
> > > > > FW update, which means the crypto driver may NOT be
> > > > updated together with
> > > > > its consumer. A platform may choose to update the
> > > > crypto service driver to a
> > > > > new version with this patch, then all the BaseCryptoLib
> > > > consumers will be
> > > > > messed.
> > > > >
> > > > > Best Regards
> > > > > Siyuan
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > > Sent: 2020年3月27日 10:58
> > > > > > To: devel@edk2.groups.io; Fu, Siyuan
> > > > <siyuan.fu@intel.com>; Gao, Zhichao
> > > > > > <zhichao.gao@intel.com>
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > <xiaoyux.lu@intel.com>;
> > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > > Jiaxin
> > > > > > <jiaxin.wu@intel.com>
> > > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > > > Retire the deprecate
> > > > > function
> > > > > >
> > > > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > > > >
> > > > >
> > > > https://github.com/tianocore/edk2/blob/master/CryptoPkg/P
> > > > rivate/Protocol/C
> > > > > > rypto.h
> > > > > >
> > > > > > Why we cannot change?
> > > > > >
> > > > > >
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: devel@edk2.groups.io <devel@edk2.groups.io>
> > > > On Behalf Of Siyuan,
> > > > > Fu
> > > > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > > > To: Gao, Zhichao <zhichao.gao@intel.com>;
> > > > devel@edk2.groups.io
> > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > > XiaoyuX
> > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > > Jiaxin
> > > > > > > <jiaxin.wu@intel.com>
> > > > > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > > > Retire the deprecate
> > > > > > function
> > > > > > >
> > > > > > > Hi, Zhichao
> > > > > > >
> > > > > > > We should never move/delete a member field of a
> > > > previous defined protocol
> > > > > > > Interface. Instead, these protocol APIs shall be
> > > > kept and return an error code
> > > > > > > If the function is retired. Otherwise the consumer
> > > > driver may call into an
> > > > > > > Incorrect function if it's build with different
> > > > codebase/PCD settings with the
> > > > > > > Crypto PEI/DXE/SMM driver.
> > > > > > > This comment applies to all the
> > > > EDKII_CRYPTO_PROTOCOL related changes
> > > > > in
> > > > > > > your patch set.
> > > > > > >
> > > > > > > Best Regards
> > > > > > > Siyuan
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > > > > > Sent: 2020年3月27日 9:56
> > > > > > > > To: devel@edk2.groups.io
> > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > > XiaoyuX
> > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > > > Wu, Jiaxin
> > > > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan
> > > > <siyuan.fu@intel.com>
> > > > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire the
> > > > deprecate function
> > > > > > > >
> > > > > > > > REF:
> > > > https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > > > REF:
> > > > https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > > > >
> > > > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not
> > > > secure any longer.
> > > > > > > > They are all deprecated. Edk2 would not support
> > > > them any longer.
> > > > > > > > So remove them.
> > > > > > > > But uefi spec want to keep MD5 and SHA1 for
> > > > backwards compatibility.
> > > > > > > > So add two pcds to control the MD5 and SHA1
> > > > enablement. Set the pcds
> > > > > > > > default value to false to indicate they are
> > > > deprecated.
> > > > > > > >
> > > > > > > > NetWorkPkg's iSCSI driver would consume the MD5
> > > > function, so change
> > > > > > > > the md5 pcd to TURE when iSCSI is enabled.
> > > > > > > >
> > > > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > > > Signed-off-by: Zhichao Gao
> > > > <zhichao.gao@intel.com>
> > > > > > > >
> > > > > > > > Zhichao Gao (8):
> > > > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > > > > > >   CryptoPkg/BaseCryptLib: Retire the Tdes
> > > > algorithm
> > > > > > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode
> > > > algorithm
> > > > > > > >   CryptoPkg/dec: Add pcds to avoid building the
> > > > deprecated function
> > > > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > > > > > >   Crypto/BaseCryptLib: Using pcd to control MD5
> > > > enablement
> > > > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the
> > > > SHA1 enablement
> > > > > > > >
> > > > > > > >  CryptoPkg/CryptoPkg.dec                       |
> > > > 11 +
> > > > > > > >  CryptoPkg/CryptoPkg.uni                       |
> > > > 11 +
> > > > > > > >  CryptoPkg/Driver/Crypto.c                     |
> > > > 634 +-----------------
> > > > > > > >  CryptoPkg/Include/Library/BaseCryptLib.h      |
> > > > 548 ---------------
> > > > > > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |
> > > > 9 +-
> > > > > > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    |
> > > > 114 ----
> > > > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |
> > > > 52 --
> > > > > > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   |
> > > > 205 ------
> > > > > > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       |
> > > > 124 ----
> > > > > > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   |
> > > > 364 ----------
> > > > > > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       |
> > > > 160 -----
> > > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      |
> > > > 223 ------
> > > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  |
> > > > 143 ----
> > > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |
> > > > 5 +-
> > > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |
> > > > 3 +
> > > > > > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |
> > > > 3 +
> > > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |
> > > > 3 +
> > > > > > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |
> > > > 3 +
> > > > > > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |
> > > > 13 +-
> > > > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |
> > > > 3 +
> > > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |
> > > > 5 +
> > > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |
> > > > 5 +
> > > > > > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |
> > > > 13 +-
> > > > > > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |
> > > > 13 +-
> > > > > > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |
> > > > 3 -
> > > > > > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |
> > > > 54 +-
> > > > > > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   |
> > > > 124 ----
> > > > > > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   |
> > > > 160 -----
> > > > > > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      |
> > > > 143 ----
> > > > > > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |
> > > > 3 +
> > > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |
> > > > 3 +
> > > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |
> > > > 4 +-
> > > > > > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      |
> > > > 604 +----------------
> > > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |
> > > > 12 +
> > > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |
> > > > 1 +
> > > > > > > >  CryptoPkg/Private/Protocol/Crypto.h           |
> > > > 583 +---------------
> > > > > > > >  NetworkPkg/NetworkPcds.dsc.inc                |
> > > > 5 +-
> > > > > > > >  37 files changed, 145 insertions(+), 4221
> > > > deletions(-)
> > > > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > > > >  delete mode 100644
> > > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > > > >  delete mode 100644
> > > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > > > >  delete mode 100644
> > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > > > >  delete mode 100644
> > > > > > > >
> > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > > > >  delete mode 100644
> > > > > > > >
> > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > > > >  delete mode 100644
> > > > > > >
> > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > > > >
> > > > > > > > --
> > > > > > > > 2.21.0.windows.1
> > > > > > >
> > > > > > >
> > > > > > >
> > > >
> > > >
> > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-30  2:47               ` Yao, Jiewen
@ 2020-03-30  3:04                 ` Siyuan, Fu
  2020-03-30 17:30                   ` Michael D Kinney
  0 siblings, 1 reply; 38+ messages in thread
From: Siyuan, Fu @ 2020-03-30  3:04 UTC (permalink / raw)
  To: Yao, Jiewen, Kinney, Michael D, devel@edk2.groups.io,
	Gao, Zhichao
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Jiewen,

Same as you. I prefer update version (#1) for adding API, and change 
protocol GUID (#2)for deprecate unsecure API.

Best Regards
Siyuan 

> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: 2020年3月30日 10:47
> To: Fu, Siyuan <siyuan.fu@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> Wu, Jiaxin <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> 
> Thanks Siyuan.
> Good, then I think we are aligned.
> I agree with you that it is bad example because the neither version nor GUID
> is updated.
> 
> We can have at least two options here:
> 1) Update version
> We can change old API to be "VOID *Reserved" or "UNSUPPORT_FUNC
> Reserved" in the EDKII_CRYPTO_PROTOCOL.
> 
> I really do not want to see something like "EDKII_CRYPTO_MD4_INIT
> Md4Init" still existing, because it may let people think we are still support
> MD4 and use it somewhere.
> 
> 2) Update GUID
> Then we can remove the "EDKII_CRYPTO_MD4_INIT Md4Init" completely.
> Of course, we can still update version although it is optional.
> 
> 
> For adding new API, I will definitely prefer #1.
> 
> For deprecating old API, if we choose #1, we need add 17 reserved fields in
> this protocol for MD4, 3DES and RC4.
> If we decide to deprecate HMAC_MD5/HMAC_SHA1 because of no usage,
> then we need have a protocol with 156 fields, and 29 of them are reserved.
> As such, I prefer #2 here, unless we have strong reason to keep 29 reserved
> fields in this protocol.
> 
> 
> Thank you
> Yao Jiewen
> 
> 
> > -----Original Message-----
> > From: Fu, Siyuan <siyuan.fu@intel.com>
> > Sent: Monday, March 30, 2020 10:17 AM
> > To: Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> > <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>;
> > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> function
> >
> > Hi, Jiewen
> >
> > I agree with all the strategy you listed for the Modulization FW update,
> and
> > Mike's
> > for compatibility maintenance.  While I have a little different
> understanding
> > about
> > "permanent binary compatibility". Mainly about what kind of
> "compatibility" we
> > have to provide.
> >
> > I don't think "compatibility " means we cannot deprecate any old API.
> Instead of
> > that, I think the goal could be:
> > - If an old binary is using the deprecated API, it should be able to fail
> gracefully.
> > - If an old binary is NOT using the deprecated API, it should not be
> impacted and
> > able to work as before.
> >
> > So how we deprecate an API from this internal protocol is important. The
> > current
> > patch shows a bad example, it removes member functions from the
> protocol
> > structure, without changing the protocol GUID or version number. In such
> case,
> > an old binary consumer has no method to know if it's working with an old
> > protocol
> > or a new one, and may call into incorrect function even it doesn't use any
> of the
> > deprecated APIs. That's something I want to avoid.
> >
> > Best Regards
> > Siyuan
> >
> > > -----Original Message-----
> > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > Sent: 2020年3月28日 7:43
> > > To: Kinney, Michael D <michael.d.kinney@intel.com>;
> devel@edk2.groups.io;
> > > Fu, Siyuan <siyuan.fu@intel.com>; Gao, Zhichao <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> <maciej.rabeda@linux.intel.com>;
> > > Wu, Jiaxin <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > function
> > >
> > > Thanks Mike.
> > > I understand the *private protocol* now. I think it is OK to put
> > > CryptoProtocol into Private dir to sever that purpose.
> > > And for private API, I don’t have concern on the data structure, since it is
> > > invisible.
> > >
> > > Siyuan provided below usage and concern:
> > > "The goal to provide a driver version of crypto service is to support
> > > modulization
> > > FW update, which means the crypto driver may NOT be updated together
> > > with
> > > its consumer. A platform may choose to update the crypto service driver
> to a
> > > new version with this patch, then all the BaseCryptoLib consumers will
> be
> > > messed."
> > >
> > > This usage might become a problem, when we want to deprecate an API
> and
> > > keep binary compatibility at same time.
> > > (To be specific, I am not worried about source compatibility, because we
> can
> > > update both producer and consumer.
> > > I am not worried about adding API, because there will be no issue on
> > > appending a function at the end.)
> > >
> > > Take below as an example:
> > > Firmware Version 100 uses Crypto Version 100.
> > > We want to deprecate a private API and change to a new one. So, we
> > > upgrade Crypto to Version 101 and update Firmware to Version 101.
> > > Of course, we need change *all other consumers* and rebuild everything
> > > make sure it works correctly.
> > > However, it is hard to support this in "modulization FW update", because
> we
> > > have no chance to update the binary of firmware version 100.
> > >
> > > If we have to keep *permanent binary compatibility*, then we cannot
> > > deprecate any old API, just because that will break old consumer.
> > > That brings much validation burden, because you have to test every
> update
> > > in master with old binaries, besides the latest binaries.
> > > That also brings maintenance burden for the unused old API. The only
> > > consumer is in the old binary and invisible.
> > > I don’t believe that is what we want.
> > >
> > > Modulization FW update is good feature. And we can have different
> strategy
> > > for that besides keeping permanent binary compatibility.
> > > 1) Modulization FW update can be limited a range of version. At some
> point,
> > > you have to update the whole FW, because there are too many changes
> or
> > > incompatible binary changes. The cadence of full update can be longer
> than
> > > the one of partial update. For example, Linux or windows are making
> > > incompatible change in major version and only keep compatibility in
> minor
> > > version.
> > > 2) A project can branch the production launch firmware, and only keep
> > > binary compatibility and support the modulization FW update within this
> > > branch. As such, the big update in master won't impact this branch. If a
> > > production may choose to resync to master, at that time a full firmware
> > > update is required. I guess most people are using this way in a real
> > > production.
> > >
> > > Thought?
> > >
> > > Thank you
> > > Yao Jiewen
> > >
> > >
> > > > -----Original Message-----
> > > > From: Kinney, Michael D <michael.d.kinney@intel.com>
> > > > Sent: Saturday, March 28, 2020 12:38 AM
> > > > To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Fu,
> Siyuan
> > > > <siyuan.fu@intel.com>; Gao, Zhichao <zhichao.gao@intel.com>; Kinney,
> > > > Michael D <michael.d.kinney@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > > function
> > > >
> > > > Jiewen,
> > > >
> > > > The purpose of private includes is to keep modules/lib
> > > > in *other* packages from using interfaces that are the
> > > > package with the private interface does not want other
> > > > packages to use and does not want to have to coordinate
> > > > with other packages if that package owner decides to
> > > > make changes to those private interfaces.
> > > >
> > > > For modules/libs within package that do use private
> > > > includes, the package owner gets to decide how to
> > > > maintain the interfaces in the private includes to
> > > > support those modules/libs.
> > > >
> > > > For example, the CryptoPkg has modules that are
> > > > intended to be used as pre-built binaries, so the
> > > > CryptoPkg owner needs to make sure the maintenance
> > > > of the private includes supports both the source and
> > > > binary use cases.
> > > >
> > > > The private Protocol/PPI interfaces in the CryptoPkg
> > > > were designed to support future expansion.  The first
> > > > API in the Protocol/PPI is GetVersion().  The version
> > > > value returned can be used to have different layouts
> > > > of fields in the Protocol/PPI.  In order to support
> > > > backwards compatibility, APIs are added to the end
> > > > of the Protocol/PPI structure as the version value
> > > > is increased.  You will notice that there is an X509
> > > > service that was added further down than the initial
> > > > grouping.  This is just an example of how the CryptoPkg
> > > > is maintaining a private interface for binary use cases.
> > > > Other packages may choose alternate techniques.
> > > >
> > > > Thanks,
> > > >
> > > > Mike
> > > >
> > > > > -----Original Message-----
> > > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> > > > > Behalf Of Yao, Jiewen
> > > > > Sent: Thursday, March 26, 2020 9:59 PM
> > > > > To: Fu, Siyuan <siyuan.fu@intel.com>;
> > > > > devel@edk2.groups.io; Gao, Zhichao
> > > > > <zhichao.gao@intel.com>
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > > > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > <jiaxin.wu@intel.com>
> > > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > > > > the deprecate function
> > > > >
> > > > > Thanks Siyun.
> > > > > I think probably we need discuss this more.
> > > > >
> > > > > 1) About private v.s. public.
> > > > >
> > > > > The benefit for private include is to isolate external
> > > > > interface and internal interface.
> > > > > A package can keep updating its private interface without
> > > > > impact any other packages.
> > > > > However, in this case, a private interface update will
> > > > > bring binary compatibility issue with other package.
> > > > > I am not sure it is acceptable or not.
> > > > >
> > > > > Mike
> > > > > Do you have any comment? Is that the design goal of
> > > > > private interface - just keep source code compatibility,
> > > > > but not binary compatiblity?
> > > > >
> > > > > 2) About the protocol itself.
> > > > >
> > > > > One concern I have is that we *hardcode* the algorithm in
> > > > > protocol.
> > > > >
> > > > > We keeps adding new algorithm and removing old one. That
> > > > > means this protocol interface is unstable.
> > > > >
> > > > > Today, we have defined SHA2 set, and deprecating SHA1 and
> > > > > older one. Tomorrow we may need add SHA3 set.
> > > > > Today, we have RSAPKCS1_15. Tomorrow we will have RSAPSS.
> > > > > Some other new set of algorithms might be added later,
> > > > > such as AEAD, GMAC.
> > > > >
> > > > > For a protocol definition, I think we need *abstract the
> > > > > action*, but not *algorithm*.
> > > > > One good example is the UEFI HASH2 Protocol.
> > > > > https://github.com/tianocore/edk2/blob/master/MdePkg/Incl
> > > > > ude/Protocol/Hash2.h
> > > > > It just tells you do the hash. You may add new algorithm
> > > > > GUID.
> > > > >
> > > > > Another good example is inside of openssl. Now it is
> > > > > using EVP style cipher algo.
> > > > > For example,
> > > > > https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptIni
> > > > > t_ex.html
> > > > > https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX
> > > > > _ctrl.html
> > > > > The cipher itself is input as parameter.
> > > > >
> > > > > The benefit is that, if we want to deprecate an
> > > > > algorithm, the interface can be unchanged.
> > > > > Just the internal implementation can be changed.
> > > > > The current PCD mechanism can still be applied to
> > > > > internal implementation.
> > > > >
> > > > > Can we get a chance to revisit/redesign the protocol API,
> > > > > when we move to public include?
> > > > >
> > > > > Thank you
> > > > > Yao Jiewen
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > > > Sent: Friday, March 27, 2020 11:07 AM
> > > > > > To: Yao, Jiewen <jiewen.yao@intel.com>;
> > > > > devel@edk2.groups.io; Gao, Zhichao
> > > > > > <zhichao.gao@intel.com>
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > <xiaoyux.lu@intel.com>;
> > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > > > Jiaxin
> > > > > > <jiaxin.wu@intel.com>
> > > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > > > > the deprecate function
> > > > > >
> > > > > > Hi, Jiewen
> > > > > >
> > > > > > Although the protocol is private, a corresponding
> > > > > BaseCryptoLib instance is
> > > > > > not private, like PeiCryptLib.inf, RuntimeCryptLib,
> > > > > etc. These library instances
> > > > > > will be static linked to the consumer driver, for
> > > > > example an iSCSI network driver.
> > > > > > So actually it's not a "private" change inside
> > > > > CryptoPkg.
> > > > > >
> > > > > > The goal to provide a driver version of crypto service
> > > > > is to support modulization
> > > > > > FW update, which means the crypto driver may NOT be
> > > > > updated together with
> > > > > > its consumer. A platform may choose to update the
> > > > > crypto service driver to a
> > > > > > new version with this patch, then all the BaseCryptoLib
> > > > > consumers will be
> > > > > > messed.
> > > > > >
> > > > > > Best Regards
> > > > > > Siyuan
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > > > Sent: 2020年3月27日 10:58
> > > > > > > To: devel@edk2.groups.io; Fu, Siyuan
> > > > > <siyuan.fu@intel.com>; Gao, Zhichao
> > > > > > > <zhichao.gao@intel.com>
> > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > > > Jiaxin
> > > > > > > <jiaxin.wu@intel.com>
> > > > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > > > > Retire the deprecate
> > > > > > function
> > > > > > >
> > > > > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > > > > >
> > > > > >
> > > > > https://github.com/tianocore/edk2/blob/master/CryptoPkg/P
> > > > > rivate/Protocol/C
> > > > > > > rypto.h
> > > > > > >
> > > > > > > Why we cannot change?
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: devel@edk2.groups.io <devel@edk2.groups.io>
> > > > > On Behalf Of Siyuan,
> > > > > > Fu
> > > > > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > > > > To: Gao, Zhichao <zhichao.gao@intel.com>;
> > > > > devel@edk2.groups.io
> > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > > > XiaoyuX
> > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > > > Jiaxin
> > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > Subject: Re: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > > > > Retire the deprecate
> > > > > > > function
> > > > > > > >
> > > > > > > > Hi, Zhichao
> > > > > > > >
> > > > > > > > We should never move/delete a member field of a
> > > > > previous defined protocol
> > > > > > > > Interface. Instead, these protocol APIs shall be
> > > > > kept and return an error code
> > > > > > > > If the function is retired. Otherwise the consumer
> > > > > driver may call into an
> > > > > > > > Incorrect function if it's build with different
> > > > > codebase/PCD settings with the
> > > > > > > > Crypto PEI/DXE/SMM driver.
> > > > > > > > This comment applies to all the
> > > > > EDKII_CRYPTO_PROTOCOL related changes
> > > > > > in
> > > > > > > > your patch set.
> > > > > > > >
> > > > > > > > Best Regards
> > > > > > > > Siyuan
> > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: Gao, Zhichao <zhichao.gao@intel.com>
> > > > > > > > > Sent: 2020年3月27日 9:56
> > > > > > > > > To: devel@edk2.groups.io
> > > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > > > XiaoyuX
> > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > > > > Wu, Jiaxin
> > > > > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan
> > > > > <siyuan.fu@intel.com>
> > > > > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire the
> > > > > deprecate function
> > > > > > > > >
> > > > > > > > > REF:
> > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > > > > REF:
> > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > > > > >
> > > > > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and SHA1 is not
> > > > > secure any longer.
> > > > > > > > > They are all deprecated. Edk2 would not support
> > > > > them any longer.
> > > > > > > > > So remove them.
> > > > > > > > > But uefi spec want to keep MD5 and SHA1 for
> > > > > backwards compatibility.
> > > > > > > > > So add two pcds to control the MD5 and SHA1
> > > > > enablement. Set the pcds
> > > > > > > > > default value to false to indicate they are
> > > > > deprecated.
> > > > > > > > >
> > > > > > > > > NetWorkPkg's iSCSI driver would consume the MD5
> > > > > function, so change
> > > > > > > > > the md5 pcd to TURE when iSCSI is enabled.
> > > > > > > > >
> > > > > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > > > > Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> > > > > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > > > > Signed-off-by: Zhichao Gao
> > > > > <zhichao.gao@intel.com>
> > > > > > > > >
> > > > > > > > > Zhichao Gao (8):
> > > > > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > > > > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > > > > > > > >   CryptoPkg/BaseCryptLib: Retire the Tdes
> > > > > algorithm
> > > > > > > > >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode
> > > > > algorithm
> > > > > > > > >   CryptoPkg/dec: Add pcds to avoid building the
> > > > > deprecated function
> > > > > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
> > > > > > > > >   Crypto/BaseCryptLib: Using pcd to control MD5
> > > > > enablement
> > > > > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to control the
> > > > > SHA1 enablement
> > > > > > > > >
> > > > > > > > >  CryptoPkg/CryptoPkg.dec                       |
> > > > > 11 +
> > > > > > > > >  CryptoPkg/CryptoPkg.uni                       |
> > > > > 11 +
> > > > > > > > >  CryptoPkg/Driver/Crypto.c                     |
> > > > > 634 +-----------------
> > > > > > > > >  CryptoPkg/Include/Library/BaseCryptLib.h      |
> > > > > 548 ---------------
> > > > > > > > >  .../Library/BaseCryptLib/BaseCryptLib.inf     |
> > > > > 9 +-
> > > > > > > > >  .../Library/BaseCryptLib/Cipher/CryptAes.c    |
> > > > > 114 ----
> > > > > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c        |
> > > > > 52 --
> > > > > > > > >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   |
> > > > > 205 ------
> > > > > > > > >  .../BaseCryptLib/Cipher/CryptArc4Null.c       |
> > > > > 124 ----
> > > > > > > > >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   |
> > > > > 364 ----------
> > > > > > > > >  .../BaseCryptLib/Cipher/CryptTdesNull.c       |
> > > > > 160 -----
> > > > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4.c      |
> > > > > 223 ------
> > > > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  |
> > > > > 143 ----
> > > > > > > > >  .../Library/BaseCryptLib/Hash/CryptMd5.c      |
> > > > > 5 +-
> > > > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |
> > > > > 3 +
> > > > > > > > >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |
> > > > > 3 +
> > > > > > > > >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |
> > > > > 3 +
> > > > > > > > >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |
> > > > > 3 +
> > > > > > > > >  .../Library/BaseCryptLib/PeiCryptLib.inf      |
> > > > > 13 +-
> > > > > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c        |
> > > > > 3 +
> > > > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |
> > > > > 5 +
> > > > > > > > >  .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |
> > > > > 5 +
> > > > > > > > >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |
> > > > > 13 +-
> > > > > > > > >  .../Library/BaseCryptLib/SmmCryptLib.inf      |
> > > > > 13 +-
> > > > > > > > >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |
> > > > > 3 -
> > > > > > > > >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |
> > > > > 54 +-
> > > > > > > > >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   |
> > > > > 124 ----
> > > > > > > > >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   |
> > > > > 160 -----
> > > > > > > > >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      |
> > > > > 143 ----
> > > > > > > > >  .../BaseCryptLibNull/Hash/CryptMd5Null.c      |
> > > > > 3 +
> > > > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |
> > > > > 3 +
> > > > > > > > >  .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |
> > > > > 4 +-
> > > > > > > > >  .../BaseCryptLibOnProtocolPpi/CryptLib.c      |
> > > > > 604 +----------------
> > > > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.c   |
> > > > > 12 +
> > > > > > > > >  .../Library/BaseHashApiLib/BaseHashApiLib.inf |
> > > > > 1 +
> > > > > > > > >  CryptoPkg/Private/Protocol/Crypto.h           |
> > > > > 583 +---------------
> > > > > > > > >  NetworkPkg/NetworkPcds.dsc.inc                |
> > > > > 5 +-
> > > > > > > > >  37 files changed, 145 insertions(+), 4221
> > > > > deletions(-)
> > > > > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > > > > >  delete mode 100644
> > > > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > > > > >  delete mode 100644
> > > > > > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > > > > >  delete mode 100644
> > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > > > > >  delete mode 100644
> > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > > > > >  delete mode 100644
> > > > > > > > >
> > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > > > > >  delete mode 100644
> > > > > > > > >
> > > > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > > > > >  delete mode 100644
> > > > > > > >
> > > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > > > > >
> > > > > > > > > --
> > > > > > > > > 2.21.0.windows.1
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > >
> > > > >
> > > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 6/8] NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI
  2020-03-27  1:56 ` [PATCH 6/8] NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI Gao, Zhichao
  2020-03-27  2:07   ` Siyuan, Fu
@ 2020-03-30 12:01   ` Maciej Rabeda
  1 sibling, 0 replies; 38+ messages in thread
From: Maciej Rabeda @ 2020-03-30 12:01 UTC (permalink / raw)
  To: devel, zhichao.gao; +Cc: Jiaxin Wu, Siyuan Fu

Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>

On 27-Mar-20 02:56, Gao, Zhichao wrote:
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1682
>
> iSCSI driver required the MD5 function. Change the PcdMD5Enable
> to TRUE when NETWORK_ISCSI_ENABLE is TURE.
>
> Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
> Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> Cc: Siyuan Fu <siyuan.fu@intel.com>
> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> ---
>   NetworkPkg/NetworkPcds.dsc.inc | 5 ++++-
>   1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/NetworkPkg/NetworkPcds.dsc.inc b/NetworkPkg/NetworkPcds.dsc.inc
> index f874b382ef..7a81f0cb2d 100644
> --- a/NetworkPkg/NetworkPcds.dsc.inc
> +++ b/NetworkPkg/NetworkPcds.dsc.inc
> @@ -5,7 +5,7 @@
>   # by using "!include NetworkPkg/NetworkPcds.dsc.inc" to specify PCD settings
>   # according to the value of flags described in "NetworkDefines.dsc.inc".
>   #
> -# Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
>   #
>   #    SPDX-License-Identifier: BSD-2-Clause-Patent
>   #
> @@ -14,3 +14,6 @@
>   !if $(NETWORK_ALLOW_HTTP_CONNECTIONS) == TRUE
>     gEfiNetworkPkgTokenSpaceGuid.PcdAllowHttpConnections|TRUE
>   !endif
> +!if $(NETWORK_ISCSI_ENABLE) == TRUE
> +  gEfiCryptoPkgTokenSpaceGuid.PcdMD5Enable|TRUE
> +!endif

^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-30  3:04                 ` Siyuan, Fu
@ 2020-03-30 17:30                   ` Michael D Kinney
  2020-03-31  0:34                     ` Yao, Jiewen
  0 siblings, 1 reply; 38+ messages in thread
From: Michael D Kinney @ 2020-03-30 17:30 UTC (permalink / raw)
  To: Fu, Siyuan, Yao, Jiewen, devel@edk2.groups.io, Gao, Zhichao,
	Kinney, Michael D, Matthew Carlson, Sean Brogan
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Hi,

I would prefer we only extend the protocol interface and
never remove any fields from the Protocol/PPI structures
so no offsets are ever changed.

The main remaining issue is how a platform developer knows
if they are using a deprecated interface.  The best method 
is to know at build time with a compiler failure and the
other option is to know at runtime with ASSERT()/
REPORT_STATUS_CODE().  If the field in the protocol structure
is  renamed, then the library wrapper around the protocol
will not build.  But what we really want to know is if another
library or module us using a deprecated lib function.

Laszlo had a suggestion in the review of adding modules
to the CryptoPkg for the binary versions of these modules
to provide libraries that matched the enabled functions
in the binaries so a platform build would fail at compile
time.  There is very little difference between disabling
a service and permanently deprecating a services from a
platform detection perspective.  Perhaps we should explore
Laszlo's ideas more to see if we can address both use cases
and always maintain the Protocol/PPI structures in a
backwards compatible manner and always keep the same GUID
and only increase the Version value when the Protocol/PPI
structure is extended.

Thanks,

Mike

> -----Original Message-----
> From: Fu, Siyuan <siyuan.fu@intel.com>
> Sent: Sunday, March 29, 2020 8:05 PM
> To: Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; devel@edk2.groups.io; Gao,
> Zhichao <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> <xiaoyux.lu@intel.com>; Maciej Rabeda
> <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> the deprecate function
> 
> Jiewen,
> 
> Same as you. I prefer update version (#1) for adding API,
> and change
> protocol GUID (#2)for deprecate unsecure API.
> 
> Best Regards
> Siyuan
> 
> > -----Original Message-----
> > From: Yao, Jiewen <jiewen.yao@intel.com>
> > Sent: 2020年3月30日 10:47
> > To: Fu, Siyuan <siyuan.fu@intel.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; devel@edk2.groups.io;
> Gao, Zhichao
> > <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Maciej Rabeda
> <maciej.rabeda@linux.intel.com>;
> > Wu, Jiaxin <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> the deprecate
> > function
> >
> > Thanks Siyuan.
> > Good, then I think we are aligned.
> > I agree with you that it is bad example because the
> neither version nor GUID
> > is updated.
> >
> > We can have at least two options here:
> > 1) Update version
> > We can change old API to be "VOID *Reserved" or
> "UNSUPPORT_FUNC
> > Reserved" in the EDKII_CRYPTO_PROTOCOL.
> >
> > I really do not want to see something like
> "EDKII_CRYPTO_MD4_INIT
> > Md4Init" still existing, because it may let people
> think we are still support
> > MD4 and use it somewhere.
> >
> > 2) Update GUID
> > Then we can remove the "EDKII_CRYPTO_MD4_INIT Md4Init"
> completely.
> > Of course, we can still update version although it is
> optional.
> >
> >
> > For adding new API, I will definitely prefer #1.
> >
> > For deprecating old API, if we choose #1, we need add
> 17 reserved fields in
> > this protocol for MD4, 3DES and RC4.
> > If we decide to deprecate HMAC_MD5/HMAC_SHA1 because of
> no usage,
> > then we need have a protocol with 156 fields, and 29 of
> them are reserved.
> > As such, I prefer #2 here, unless we have strong reason
> to keep 29 reserved
> > fields in this protocol.
> >
> >
> > Thank you
> > Yao Jiewen
> >
> >
> > > -----Original Message-----
> > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > Sent: Monday, March 30, 2020 10:17 AM
> > > To: Yao, Jiewen <jiewen.yao@intel.com>; Kinney,
> Michael D
> > > <michael.d.kinney@intel.com>; devel@edk2.groups.io;
> Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>;
> > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> Jiaxin
> > > <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> Retire the deprecate
> > function
> > >
> > > Hi, Jiewen
> > >
> > > I agree with all the strategy you listed for the
> Modulization FW update,
> > and
> > > Mike's
> > > for compatibility maintenance.  While I have a little
> different
> > understanding
> > > about
> > > "permanent binary compatibility". Mainly about what
> kind of
> > "compatibility" we
> > > have to provide.
> > >
> > > I don't think "compatibility " means we cannot
> deprecate any old API.
> > Instead of
> > > that, I think the goal could be:
> > > - If an old binary is using the deprecated API, it
> should be able to fail
> > gracefully.
> > > - If an old binary is NOT using the deprecated API,
> it should not be
> > impacted and
> > > able to work as before.
> > >
> > > So how we deprecate an API from this internal
> protocol is important. The
> > > current
> > > patch shows a bad example, it removes member
> functions from the
> > protocol
> > > structure, without changing the protocol GUID or
> version number. In such
> > case,
> > > an old binary consumer has no method to know if it's
> working with an old
> > > protocol
> > > or a new one, and may call into incorrect function
> even it doesn't use any
> > of the
> > > deprecated APIs. That's something I want to avoid.
> > >
> > > Best Regards
> > > Siyuan
> > >
> > > > -----Original Message-----
> > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > Sent: 2020年3月28日 7:43
> > > > To: Kinney, Michael D <michael.d.kinney@intel.com>;
> > devel@edk2.groups.io;
> > > > Fu, Siyuan <siyuan.fu@intel.com>; Gao, Zhichao
> <zhichao.gao@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> XiaoyuX
> > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>;
> > > > Wu, Jiaxin <jiaxin.wu@intel.com>
> > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> Retire the deprecate
> > > > function
> > > >
> > > > Thanks Mike.
> > > > I understand the *private protocol* now. I think it
> is OK to put
> > > > CryptoProtocol into Private dir to sever that
> purpose.
> > > > And for private API, I don’t have concern on the
> data structure, since it is
> > > > invisible.
> > > >
> > > > Siyuan provided below usage and concern:
> > > > "The goal to provide a driver version of crypto
> service is to support
> > > > modulization
> > > > FW update, which means the crypto driver may NOT be
> updated together
> > > > with
> > > > its consumer. A platform may choose to update the
> crypto service driver
> > to a
> > > > new version with this patch, then all the
> BaseCryptoLib consumers will
> > be
> > > > messed."
> > > >
> > > > This usage might become a problem, when we want to
> deprecate an API
> > and
> > > > keep binary compatibility at same time.
> > > > (To be specific, I am not worried about source
> compatibility, because we
> > can
> > > > update both producer and consumer.
> > > > I am not worried about adding API, because there
> will be no issue on
> > > > appending a function at the end.)
> > > >
> > > > Take below as an example:
> > > > Firmware Version 100 uses Crypto Version 100.
> > > > We want to deprecate a private API and change to a
> new one. So, we
> > > > upgrade Crypto to Version 101 and update Firmware
> to Version 101.
> > > > Of course, we need change *all other consumers* and
> rebuild everything
> > > > make sure it works correctly.
> > > > However, it is hard to support this in
> "modulization FW update", because
> > we
> > > > have no chance to update the binary of firmware
> version 100.
> > > >
> > > > If we have to keep *permanent binary
> compatibility*, then we cannot
> > > > deprecate any old API, just because that will break
> old consumer.
> > > > That brings much validation burden, because you
> have to test every
> > update
> > > > in master with old binaries, besides the latest
> binaries.
> > > > That also brings maintenance burden for the unused
> old API. The only
> > > > consumer is in the old binary and invisible.
> > > > I don’t believe that is what we want.
> > > >
> > > > Modulization FW update is good feature. And we can
> have different
> > strategy
> > > > for that besides keeping permanent binary
> compatibility.
> > > > 1) Modulization FW update can be limited a range of
> version. At some
> > point,
> > > > you have to update the whole FW, because there are
> too many changes
> > or
> > > > incompatible binary changes. The cadence of full
> update can be longer
> > than
> > > > the one of partial update. For example, Linux or
> windows are making
> > > > incompatible change in major version and only keep
> compatibility in
> > minor
> > > > version.
> > > > 2) A project can branch the production launch
> firmware, and only keep
> > > > binary compatibility and support the modulization
> FW update within this
> > > > branch. As such, the big update in master won't
> impact this branch. If a
> > > > production may choose to resync to master, at that
> time a full firmware
> > > > update is required. I guess most people are using
> this way in a real
> > > > production.
> > > >
> > > > Thought?
> > > >
> > > > Thank you
> > > > Yao Jiewen
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: Kinney, Michael D
> <michael.d.kinney@intel.com>
> > > > > Sent: Saturday, March 28, 2020 12:38 AM
> > > > > To: devel@edk2.groups.io; Yao, Jiewen
> <jiewen.yao@intel.com>; Fu,
> > Siyuan
> > > > > <siyuan.fu@intel.com>; Gao, Zhichao
> <zhichao.gao@intel.com>; Kinney,
> > > > > Michael D <michael.d.kinney@intel.com>
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> Wu, Jiaxin
> > > > > <jiaxin.wu@intel.com>
> > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> Retire the deprecate
> > > > function
> > > > >
> > > > > Jiewen,
> > > > >
> > > > > The purpose of private includes is to keep
> modules/lib
> > > > > in *other* packages from using interfaces that
> are the
> > > > > package with the private interface does not want
> other
> > > > > packages to use and does not want to have to
> coordinate
> > > > > with other packages if that package owner decides
> to
> > > > > make changes to those private interfaces.
> > > > >
> > > > > For modules/libs within package that do use
> private
> > > > > includes, the package owner gets to decide how to
> > > > > maintain the interfaces in the private includes
> to
> > > > > support those modules/libs.
> > > > >
> > > > > For example, the CryptoPkg has modules that are
> > > > > intended to be used as pre-built binaries, so the
> > > > > CryptoPkg owner needs to make sure the
> maintenance
> > > > > of the private includes supports both the source
> and
> > > > > binary use cases.
> > > > >
> > > > > The private Protocol/PPI interfaces in the
> CryptoPkg
> > > > > were designed to support future expansion.  The
> first
> > > > > API in the Protocol/PPI is GetVersion().  The
> version
> > > > > value returned can be used to have different
> layouts
> > > > > of fields in the Protocol/PPI.  In order to
> support
> > > > > backwards compatibility, APIs are added to the
> end
> > > > > of the Protocol/PPI structure as the version
> value
> > > > > is increased.  You will notice that there is an
> X509
> > > > > service that was added further down than the
> initial
> > > > > grouping.  This is just an example of how the
> CryptoPkg
> > > > > is maintaining a private interface for binary use
> cases.
> > > > > Other packages may choose alternate techniques.
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Mike
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: devel@edk2.groups.io
> <devel@edk2.groups.io> On
> > > > > > Behalf Of Yao, Jiewen
> > > > > > Sent: Thursday, March 26, 2020 9:59 PM
> > > > > > To: Fu, Siyuan <siyuan.fu@intel.com>;
> > > > > > devel@edk2.groups.io; Gao, Zhichao
> > > > > > <zhichao.gao@intel.com>
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> XiaoyuX
> > > > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > > > > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > > <jiaxin.wu@intel.com>
> > > > > > Subject: Re: [edk2-devel] [PATCH 0/8]
> CryptoPkg: Retire
> > > > > > the deprecate function
> > > > > >
> > > > > > Thanks Siyun.
> > > > > > I think probably we need discuss this more.
> > > > > >
> > > > > > 1) About private v.s. public.
> > > > > >
> > > > > > The benefit for private include is to isolate
> external
> > > > > > interface and internal interface.
> > > > > > A package can keep updating its private
> interface without
> > > > > > impact any other packages.
> > > > > > However, in this case, a private interface
> update will
> > > > > > bring binary compatibility issue with other
> package.
> > > > > > I am not sure it is acceptable or not.
> > > > > >
> > > > > > Mike
> > > > > > Do you have any comment? Is that the design
> goal of
> > > > > > private interface - just keep source code
> compatibility,
> > > > > > but not binary compatiblity?
> > > > > >
> > > > > > 2) About the protocol itself.
> > > > > >
> > > > > > One concern I have is that we *hardcode* the
> algorithm in
> > > > > > protocol.
> > > > > >
> > > > > > We keeps adding new algorithm and removing old
> one. That
> > > > > > means this protocol interface is unstable.
> > > > > >
> > > > > > Today, we have defined SHA2 set, and
> deprecating SHA1 and
> > > > > > older one. Tomorrow we may need add SHA3 set.
> > > > > > Today, we have RSAPKCS1_15. Tomorrow we will
> have RSAPSS.
> > > > > > Some other new set of algorithms might be added
> later,
> > > > > > such as AEAD, GMAC.
> > > > > >
> > > > > > For a protocol definition, I think we need
> *abstract the
> > > > > > action*, but not *algorithm*.
> > > > > > One good example is the UEFI HASH2 Protocol.
> > > > > >
> https://github.com/tianocore/edk2/blob/master/MdePkg/Incl
> > > > > > ude/Protocol/Hash2.h
> > > > > > It just tells you do the hash. You may add new
> algorithm
> > > > > > GUID.
> > > > > >
> > > > > > Another good example is inside of openssl. Now
> it is
> > > > > > using EVP style cipher algo.
> > > > > > For example,
> > > > > >
> https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptIni
> > > > > > t_ex.html
> > > > > >
> https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX
> > > > > > _ctrl.html
> > > > > > The cipher itself is input as parameter.
> > > > > >
> > > > > > The benefit is that, if we want to deprecate an
> > > > > > algorithm, the interface can be unchanged.
> > > > > > Just the internal implementation can be
> changed.
> > > > > > The current PCD mechanism can still be applied
> to
> > > > > > internal implementation.
> > > > > >
> > > > > > Can we get a chance to revisit/redesign the
> protocol API,
> > > > > > when we move to public include?
> > > > > >
> > > > > > Thank you
> > > > > > Yao Jiewen
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > > > > Sent: Friday, March 27, 2020 11:07 AM
> > > > > > > To: Yao, Jiewen <jiewen.yao@intel.com>;
> > > > > > devel@edk2.groups.io; Gao, Zhichao
> > > > > > > <zhichao.gao@intel.com>
> > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> XiaoyuX
> > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > Maciej Rabeda
> <maciej.rabeda@linux.intel.com>; Wu,
> > > > > > Jiaxin
> > > > > > > <jiaxin.wu@intel.com>
> > > > > > > Subject: RE: [edk2-devel] [PATCH 0/8]
> CryptoPkg: Retire
> > > > > > the deprecate function
> > > > > > >
> > > > > > > Hi, Jiewen
> > > > > > >
> > > > > > > Although the protocol is private, a
> corresponding
> > > > > > BaseCryptoLib instance is
> > > > > > > not private, like PeiCryptLib.inf,
> RuntimeCryptLib,
> > > > > > etc. These library instances
> > > > > > > will be static linked to the consumer driver,
> for
> > > > > > example an iSCSI network driver.
> > > > > > > So actually it's not a "private" change
> inside
> > > > > > CryptoPkg.
> > > > > > >
> > > > > > > The goal to provide a driver version of
> crypto service
> > > > > > is to support modulization
> > > > > > > FW update, which means the crypto driver may
> NOT be
> > > > > > updated together with
> > > > > > > its consumer. A platform may choose to update
> the
> > > > > > crypto service driver to a
> > > > > > > new version with this patch, then all the
> BaseCryptoLib
> > > > > > consumers will be
> > > > > > > messed.
> > > > > > >
> > > > > > > Best Regards
> > > > > > > Siyuan
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > > > > Sent: 2020年3月27日 10:58
> > > > > > > > To: devel@edk2.groups.io; Fu, Siyuan
> > > > > > <siyuan.fu@intel.com>; Gao, Zhichao
> > > > > > > > <zhichao.gao@intel.com>
> > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>;
> Lu, XiaoyuX
> > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > Maciej Rabeda
> <maciej.rabeda@linux.intel.com>; Wu,
> > > > > > Jiaxin
> > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > Subject: RE: [edk2-devel] [PATCH 0/8]
> CryptoPkg:
> > > > > > Retire the deprecate
> > > > > > > function
> > > > > > > >
> > > > > > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > > > > > >
> > > > > > >
> > > > > >
> https://github.com/tianocore/edk2/blob/master/CryptoPkg/P
> > > > > > rivate/Protocol/C
> > > > > > > > rypto.h
> > > > > > > >
> > > > > > > > Why we cannot change?
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: devel@edk2.groups.io
> <devel@edk2.groups.io>
> > > > > > On Behalf Of Siyuan,
> > > > > > > Fu
> > > > > > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > > > > > To: Gao, Zhichao <zhichao.gao@intel.com>;
> > > > > > devel@edk2.groups.io
> > > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>;
> Lu,
> > > > > > XiaoyuX
> > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > Maciej Rabeda
> <maciej.rabeda@linux.intel.com>; Wu,
> > > > > > Jiaxin
> > > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > > Subject: Re: [edk2-devel] [PATCH 0/8]
> CryptoPkg:
> > > > > > Retire the deprecate
> > > > > > > > function
> > > > > > > > >
> > > > > > > > > Hi, Zhichao
> > > > > > > > >
> > > > > > > > > We should never move/delete a member
> field of a
> > > > > > previous defined protocol
> > > > > > > > > Interface. Instead, these protocol APIs
> shall be
> > > > > > kept and return an error code
> > > > > > > > > If the function is retired. Otherwise the
> consumer
> > > > > > driver may call into an
> > > > > > > > > Incorrect function if it's build with
> different
> > > > > > codebase/PCD settings with the
> > > > > > > > > Crypto PEI/DXE/SMM driver.
> > > > > > > > > This comment applies to all the
> > > > > > EDKII_CRYPTO_PROTOCOL related changes
> > > > > > > in
> > > > > > > > > your patch set.
> > > > > > > > >
> > > > > > > > > Best Regards
> > > > > > > > > Siyuan
> > > > > > > > >
> > > > > > > > > > -----Original Message-----
> > > > > > > > > > From: Gao, Zhichao
> <zhichao.gao@intel.com>
> > > > > > > > > > Sent: 2020年3月27日 9:56
> > > > > > > > > > To: devel@edk2.groups.io
> > > > > > > > > > Cc: Wang, Jian J
> <jian.j.wang@intel.com>; Lu,
> > > > > > XiaoyuX
> > > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > > Maciej Rabeda
> <maciej.rabeda@linux.intel.com>;
> > > > > > Wu, Jiaxin
> > > > > > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan
> > > > > > <siyuan.fu@intel.com>
> > > > > > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire
> the
> > > > > > deprecate function
> > > > > > > > > >
> > > > > > > > > > REF:
> > > > > >
> https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > > > > > REF:
> > > > > >
> https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > > > > > >
> > > > > > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and
> SHA1 is not
> > > > > > secure any longer.
> > > > > > > > > > They are all deprecated. Edk2 would not
> support
> > > > > > them any longer.
> > > > > > > > > > So remove them.
> > > > > > > > > > But uefi spec want to keep MD5 and SHA1
> for
> > > > > > backwards compatibility.
> > > > > > > > > > So add two pcds to control the MD5 and
> SHA1
> > > > > > enablement. Set the pcds
> > > > > > > > > > default value to false to indicate they
> are
> > > > > > deprecated.
> > > > > > > > > >
> > > > > > > > > > NetWorkPkg's iSCSI driver would consume
> the MD5
> > > > > > function, so change
> > > > > > > > > > the md5 pcd to TURE when iSCSI is
> enabled.
> > > > > > > > > >
> > > > > > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > > > > > Cc: Maciej Rabeda
> <maciej.rabeda@linux.intel.com>
> > > > > > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > > > > > Signed-off-by: Zhichao Gao
> > > > > > <zhichao.gao@intel.com>
> > > > > > > > > >
> > > > > > > > > > Zhichao Gao (8):
> > > > > > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4
> algorithm
> > > > > > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4
> algorithm
> > > > > > > > > >   CryptoPkg/BaseCryptLib: Retire the
> Tdes
> > > > > > algorithm
> > > > > > > > > >   CryptoPkg/BaseCryptLib: Retire Aes
> Ecb mode
> > > > > > algorithm
> > > > > > > > > >   CryptoPkg/dec: Add pcds to avoid
> building the
> > > > > > deprecated function
> > > > > > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5
> for iSCSI
> > > > > > > > > >   Crypto/BaseCryptLib: Using pcd to
> control MD5
> > > > > > enablement
> > > > > > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to
> control the
> > > > > > SHA1 enablement
> > > > > > > > > >
> > > > > > > > > >  CryptoPkg/CryptoPkg.dec
> |
> > > > > > 11 +
> > > > > > > > > >  CryptoPkg/CryptoPkg.uni
> |
> > > > > > 11 +
> > > > > > > > > >  CryptoPkg/Driver/Crypto.c
> |
> > > > > > 634 +-----------------
> > > > > > > > > >
> CryptoPkg/Include/Library/BaseCryptLib.h      |
> > > > > > 548 ---------------
> > > > > > > > > >
> .../Library/BaseCryptLib/BaseCryptLib.inf     |
> > > > > > 9 +-
> > > > > > > > > >
> .../Library/BaseCryptLib/Cipher/CryptAes.c    |
> > > > > > 114 ----
> > > > > > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c
> |
> > > > > > 52 --
> > > > > > > > > >
> .../Library/BaseCryptLib/Cipher/CryptArc4.c   |
> > > > > > 205 ------
> > > > > > > > > >
> .../BaseCryptLib/Cipher/CryptArc4Null.c       |
> > > > > > 124 ----
> > > > > > > > > >
> .../Library/BaseCryptLib/Cipher/CryptTdes.c   |
> > > > > > 364 ----------
> > > > > > > > > >
> .../BaseCryptLib/Cipher/CryptTdesNull.c       |
> > > > > > 160 -----
> > > > > > > > > >
> .../Library/BaseCryptLib/Hash/CryptMd4.c      |
> > > > > > 223 ------
> > > > > > > > > >
> .../Library/BaseCryptLib/Hash/CryptMd4Null.c  |
> > > > > > 143 ----
> > > > > > > > > >
> .../Library/BaseCryptLib/Hash/CryptMd5.c      |
> > > > > > 5 +-
> > > > > > > > > >
> .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |
> > > > > > 3 +
> > > > > > > > > >
> .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |
> > > > > > 3 +
> > > > > > > > > >
> .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |
> > > > > > 3 +
> > > > > > > > > >
> .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |
> > > > > > 3 +
> > > > > > > > > >
> .../Library/BaseCryptLib/PeiCryptLib.inf      |
> > > > > > 13 +-
> > > > > > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> |
> > > > > > 3 +
> > > > > > > > > >
> .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |
> > > > > > 5 +
> > > > > > > > > >
> .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |
> > > > > > 5 +
> > > > > > > > > >
> .../Library/BaseCryptLib/RuntimeCryptLib.inf  |
> > > > > > 13 +-
> > > > > > > > > >
> .../Library/BaseCryptLib/SmmCryptLib.inf      |
> > > > > > 13 +-
> > > > > > > > > >
> .../BaseCryptLibNull/BaseCryptLibNull.inf     |
> > > > > > 3 -
> > > > > > > > > >
> .../BaseCryptLibNull/Cipher/CryptAesNull.c    |
> > > > > > 54 +-
> > > > > > > > > >
> .../BaseCryptLibNull/Cipher/CryptArc4Null.c   |
> > > > > > 124 ----
> > > > > > > > > >
> .../BaseCryptLibNull/Cipher/CryptTdesNull.c   |
> > > > > > 160 -----
> > > > > > > > > >
> .../BaseCryptLibNull/Hash/CryptMd4Null.c      |
> > > > > > 143 ----
> > > > > > > > > >
> .../BaseCryptLibNull/Hash/CryptMd5Null.c      |
> > > > > > 3 +
> > > > > > > > > >
> .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |
> > > > > > 3 +
> > > > > > > > > >
> .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |
> > > > > > 4 +-
> > > > > > > > > >
> .../BaseCryptLibOnProtocolPpi/CryptLib.c      |
> > > > > > 604 +----------------
> > > > > > > > > >
> .../Library/BaseHashApiLib/BaseHashApiLib.c   |
> > > > > > 12 +
> > > > > > > > > >
> .../Library/BaseHashApiLib/BaseHashApiLib.inf |
> > > > > > 1 +
> > > > > > > > > >  CryptoPkg/Private/Protocol/Crypto.h
> |
> > > > > > 583 +---------------
> > > > > > > > > >  NetworkPkg/NetworkPcds.dsc.inc
> |
> > > > > > 5 +-
> > > > > > > > > >  37 files changed, 145 insertions(+),
> 4221
> > > > > > deletions(-)
> > > > > > > > > >  delete mode 100644
> > > > > >
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > > > > > >  delete mode 100644
> > > > > > > >
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > > > > > >  delete mode 100644
> > > > > >
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > > > > > >  delete mode 100644
> > > > > > > >
> CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > > > > > >  delete mode 100644
> > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > > > > > >  delete mode 100644
> > > > > > >
> CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > > > > > >  delete mode 100644
> > > > > > > > > >
> > > > > >
> CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > > > > > >  delete mode 100644
> > > > > > > > > >
> > > > > >
> CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > > > > > >  delete mode 100644
> > > > > > > > >
> > > > > >
> CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > > > > > >
> > > > > > > > > > --
> > > > > > > > > > 2.21.0.windows.1
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > >
> > > > > >
> > > > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-30 17:30                   ` Michael D Kinney
@ 2020-03-31  0:34                     ` Yao, Jiewen
  2020-04-14  4:36                       ` Gao, Zhichao
  0 siblings, 1 reply; 38+ messages in thread
From: Yao, Jiewen @ 2020-03-31  0:34 UTC (permalink / raw)
  To: Kinney, Michael D, Fu, Siyuan, devel@edk2.groups.io, Gao, Zhichao,
	Matthew Carlson, Sean Brogan
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Hi Mike
"But what we really want to know is if another library or module us using a deprecated lib function."

The protocol is internal API, the library is external API.

What we are discussing now is how to handle internal API.

For external API, this patch removed the deprecated lib API and the build will be broken.
It is already satisfied...

Thank You
Yao Jiewen


> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Tuesday, March 31, 2020 1:31 AM
> To: Fu, Siyuan <siyuan.fu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>; Kinney,
> Michael D <michael.d.kinney@intel.com>; Matthew Carlson
> <macarl@microsoft.com>; Sean Brogan <sean.brogan@microsoft.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Hi,
> 
> I would prefer we only extend the protocol interface and
> never remove any fields from the Protocol/PPI structures
> so no offsets are ever changed.
> 
> The main remaining issue is how a platform developer knows
> if they are using a deprecated interface.  The best method
> is to know at build time with a compiler failure and the
> other option is to know at runtime with ASSERT()/
> REPORT_STATUS_CODE().  If the field in the protocol structure
> is  renamed, then the library wrapper around the protocol
> will not build.  But what we really want to know is if another
> library or module us using a deprecated lib function.
> 
> Laszlo had a suggestion in the review of adding modules
> to the CryptoPkg for the binary versions of these modules
> to provide libraries that matched the enabled functions
> in the binaries so a platform build would fail at compile
> time.  There is very little difference between disabling
> a service and permanently deprecating a services from a
> platform detection perspective.  Perhaps we should explore
> Laszlo's ideas more to see if we can address both use cases
> and always maintain the Protocol/PPI structures in a
> backwards compatible manner and always keep the same GUID
> and only increase the Version value when the Protocol/PPI
> structure is extended.
> 
> Thanks,
> 
> Mike
> 
> > -----Original Message-----
> > From: Fu, Siyuan <siyuan.fu@intel.com>
> > Sent: Sunday, March 29, 2020 8:05 PM
> > To: Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; devel@edk2.groups.io; Gao,
> > Zhichao <zhichao.gao@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > the deprecate function
> >
> > Jiewen,
> >
> > Same as you. I prefer update version (#1) for adding API,
> > and change
> > protocol GUID (#2)for deprecate unsecure API.
> >
> > Best Regards
> > Siyuan
> >
> > > -----Original Message-----
> > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > Sent: 2020年3月30日 10:47
> > > To: Fu, Siyuan <siyuan.fu@intel.com>; Kinney, Michael D
> > > <michael.d.kinney@intel.com>; devel@edk2.groups.io;
> > Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>;
> > > Wu, Jiaxin <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > the deprecate
> > > function
> > >
> > > Thanks Siyuan.
> > > Good, then I think we are aligned.
> > > I agree with you that it is bad example because the
> > neither version nor GUID
> > > is updated.
> > >
> > > We can have at least two options here:
> > > 1) Update version
> > > We can change old API to be "VOID *Reserved" or
> > "UNSUPPORT_FUNC
> > > Reserved" in the EDKII_CRYPTO_PROTOCOL.
> > >
> > > I really do not want to see something like
> > "EDKII_CRYPTO_MD4_INIT
> > > Md4Init" still existing, because it may let people
> > think we are still support
> > > MD4 and use it somewhere.
> > >
> > > 2) Update GUID
> > > Then we can remove the "EDKII_CRYPTO_MD4_INIT Md4Init"
> > completely.
> > > Of course, we can still update version although it is
> > optional.
> > >
> > >
> > > For adding new API, I will definitely prefer #1.
> > >
> > > For deprecating old API, if we choose #1, we need add
> > 17 reserved fields in
> > > this protocol for MD4, 3DES and RC4.
> > > If we decide to deprecate HMAC_MD5/HMAC_SHA1 because of
> > no usage,
> > > then we need have a protocol with 156 fields, and 29 of
> > them are reserved.
> > > As such, I prefer #2 here, unless we have strong reason
> > to keep 29 reserved
> > > fields in this protocol.
> > >
> > >
> > > Thank you
> > > Yao Jiewen
> > >
> > >
> > > > -----Original Message-----
> > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > Sent: Monday, March 30, 2020 10:17 AM
> > > > To: Yao, Jiewen <jiewen.yao@intel.com>; Kinney,
> > Michael D
> > > > <michael.d.kinney@intel.com>; devel@edk2.groups.io;
> > Gao, Zhichao
> > > > <zhichao.gao@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>;
> > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > Jiaxin
> > > > <jiaxin.wu@intel.com>
> > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > Retire the deprecate
> > > function
> > > >
> > > > Hi, Jiewen
> > > >
> > > > I agree with all the strategy you listed for the
> > Modulization FW update,
> > > and
> > > > Mike's
> > > > for compatibility maintenance.  While I have a little
> > different
> > > understanding
> > > > about
> > > > "permanent binary compatibility". Mainly about what
> > kind of
> > > "compatibility" we
> > > > have to provide.
> > > >
> > > > I don't think "compatibility " means we cannot
> > deprecate any old API.
> > > Instead of
> > > > that, I think the goal could be:
> > > > - If an old binary is using the deprecated API, it
> > should be able to fail
> > > gracefully.
> > > > - If an old binary is NOT using the deprecated API,
> > it should not be
> > > impacted and
> > > > able to work as before.
> > > >
> > > > So how we deprecate an API from this internal
> > protocol is important. The
> > > > current
> > > > patch shows a bad example, it removes member
> > functions from the
> > > protocol
> > > > structure, without changing the protocol GUID or
> > version number. In such
> > > case,
> > > > an old binary consumer has no method to know if it's
> > working with an old
> > > > protocol
> > > > or a new one, and may call into incorrect function
> > even it doesn't use any
> > > of the
> > > > deprecated APIs. That's something I want to avoid.
> > > >
> > > > Best Regards
> > > > Siyuan
> > > >
> > > > > -----Original Message-----
> > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > Sent: 2020年3月28日 7:43
> > > > > To: Kinney, Michael D <michael.d.kinney@intel.com>;
> > > devel@edk2.groups.io;
> > > > > Fu, Siyuan <siyuan.fu@intel.com>; Gao, Zhichao
> > <zhichao.gao@intel.com>
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > XiaoyuX
> > > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>;
> > > > > Wu, Jiaxin <jiaxin.wu@intel.com>
> > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > Retire the deprecate
> > > > > function
> > > > >
> > > > > Thanks Mike.
> > > > > I understand the *private protocol* now. I think it
> > is OK to put
> > > > > CryptoProtocol into Private dir to sever that
> > purpose.
> > > > > And for private API, I don’t have concern on the
> > data structure, since it is
> > > > > invisible.
> > > > >
> > > > > Siyuan provided below usage and concern:
> > > > > "The goal to provide a driver version of crypto
> > service is to support
> > > > > modulization
> > > > > FW update, which means the crypto driver may NOT be
> > updated together
> > > > > with
> > > > > its consumer. A platform may choose to update the
> > crypto service driver
> > > to a
> > > > > new version with this patch, then all the
> > BaseCryptoLib consumers will
> > > be
> > > > > messed."
> > > > >
> > > > > This usage might become a problem, when we want to
> > deprecate an API
> > > and
> > > > > keep binary compatibility at same time.
> > > > > (To be specific, I am not worried about source
> > compatibility, because we
> > > can
> > > > > update both producer and consumer.
> > > > > I am not worried about adding API, because there
> > will be no issue on
> > > > > appending a function at the end.)
> > > > >
> > > > > Take below as an example:
> > > > > Firmware Version 100 uses Crypto Version 100.
> > > > > We want to deprecate a private API and change to a
> > new one. So, we
> > > > > upgrade Crypto to Version 101 and update Firmware
> > to Version 101.
> > > > > Of course, we need change *all other consumers* and
> > rebuild everything
> > > > > make sure it works correctly.
> > > > > However, it is hard to support this in
> > "modulization FW update", because
> > > we
> > > > > have no chance to update the binary of firmware
> > version 100.
> > > > >
> > > > > If we have to keep *permanent binary
> > compatibility*, then we cannot
> > > > > deprecate any old API, just because that will break
> > old consumer.
> > > > > That brings much validation burden, because you
> > have to test every
> > > update
> > > > > in master with old binaries, besides the latest
> > binaries.
> > > > > That also brings maintenance burden for the unused
> > old API. The only
> > > > > consumer is in the old binary and invisible.
> > > > > I don’t believe that is what we want.
> > > > >
> > > > > Modulization FW update is good feature. And we can
> > have different
> > > strategy
> > > > > for that besides keeping permanent binary
> > compatibility.
> > > > > 1) Modulization FW update can be limited a range of
> > version. At some
> > > point,
> > > > > you have to update the whole FW, because there are
> > too many changes
> > > or
> > > > > incompatible binary changes. The cadence of full
> > update can be longer
> > > than
> > > > > the one of partial update. For example, Linux or
> > windows are making
> > > > > incompatible change in major version and only keep
> > compatibility in
> > > minor
> > > > > version.
> > > > > 2) A project can branch the production launch
> > firmware, and only keep
> > > > > binary compatibility and support the modulization
> > FW update within this
> > > > > branch. As such, the big update in master won't
> > impact this branch. If a
> > > > > production may choose to resync to master, at that
> > time a full firmware
> > > > > update is required. I guess most people are using
> > this way in a real
> > > > > production.
> > > > >
> > > > > Thought?
> > > > >
> > > > > Thank you
> > > > > Yao Jiewen
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Kinney, Michael D
> > <michael.d.kinney@intel.com>
> > > > > > Sent: Saturday, March 28, 2020 12:38 AM
> > > > > > To: devel@edk2.groups.io; Yao, Jiewen
> > <jiewen.yao@intel.com>; Fu,
> > > Siyuan
> > > > > > <siyuan.fu@intel.com>; Gao, Zhichao
> > <zhichao.gao@intel.com>; Kinney,
> > > > > > Michael D <michael.d.kinney@intel.com>
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > XiaoyuX
> > > > > <xiaoyux.lu@intel.com>;
> > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > Wu, Jiaxin
> > > > > > <jiaxin.wu@intel.com>
> > > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > Retire the deprecate
> > > > > function
> > > > > >
> > > > > > Jiewen,
> > > > > >
> > > > > > The purpose of private includes is to keep
> > modules/lib
> > > > > > in *other* packages from using interfaces that
> > are the
> > > > > > package with the private interface does not want
> > other
> > > > > > packages to use and does not want to have to
> > coordinate
> > > > > > with other packages if that package owner decides
> > to
> > > > > > make changes to those private interfaces.
> > > > > >
> > > > > > For modules/libs within package that do use
> > private
> > > > > > includes, the package owner gets to decide how to
> > > > > > maintain the interfaces in the private includes
> > to
> > > > > > support those modules/libs.
> > > > > >
> > > > > > For example, the CryptoPkg has modules that are
> > > > > > intended to be used as pre-built binaries, so the
> > > > > > CryptoPkg owner needs to make sure the
> > maintenance
> > > > > > of the private includes supports both the source
> > and
> > > > > > binary use cases.
> > > > > >
> > > > > > The private Protocol/PPI interfaces in the
> > CryptoPkg
> > > > > > were designed to support future expansion.  The
> > first
> > > > > > API in the Protocol/PPI is GetVersion().  The
> > version
> > > > > > value returned can be used to have different
> > layouts
> > > > > > of fields in the Protocol/PPI.  In order to
> > support
> > > > > > backwards compatibility, APIs are added to the
> > end
> > > > > > of the Protocol/PPI structure as the version
> > value
> > > > > > is increased.  You will notice that there is an
> > X509
> > > > > > service that was added further down than the
> > initial
> > > > > > grouping.  This is just an example of how the
> > CryptoPkg
> > > > > > is maintaining a private interface for binary use
> > cases.
> > > > > > Other packages may choose alternate techniques.
> > > > > >
> > > > > > Thanks,
> > > > > >
> > > > > > Mike
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: devel@edk2.groups.io
> > <devel@edk2.groups.io> On
> > > > > > > Behalf Of Yao, Jiewen
> > > > > > > Sent: Thursday, March 26, 2020 9:59 PM
> > > > > > > To: Fu, Siyuan <siyuan.fu@intel.com>;
> > > > > > > devel@edk2.groups.io; Gao, Zhichao
> > > > > > > <zhichao.gao@intel.com>
> > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > XiaoyuX
> > > > > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > > > > > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > > > <jiaxin.wu@intel.com>
> > > > > > > Subject: Re: [edk2-devel] [PATCH 0/8]
> > CryptoPkg: Retire
> > > > > > > the deprecate function
> > > > > > >
> > > > > > > Thanks Siyun.
> > > > > > > I think probably we need discuss this more.
> > > > > > >
> > > > > > > 1) About private v.s. public.
> > > > > > >
> > > > > > > The benefit for private include is to isolate
> > external
> > > > > > > interface and internal interface.
> > > > > > > A package can keep updating its private
> > interface without
> > > > > > > impact any other packages.
> > > > > > > However, in this case, a private interface
> > update will
> > > > > > > bring binary compatibility issue with other
> > package.
> > > > > > > I am not sure it is acceptable or not.
> > > > > > >
> > > > > > > Mike
> > > > > > > Do you have any comment? Is that the design
> > goal of
> > > > > > > private interface - just keep source code
> > compatibility,
> > > > > > > but not binary compatiblity?
> > > > > > >
> > > > > > > 2) About the protocol itself.
> > > > > > >
> > > > > > > One concern I have is that we *hardcode* the
> > algorithm in
> > > > > > > protocol.
> > > > > > >
> > > > > > > We keeps adding new algorithm and removing old
> > one. That
> > > > > > > means this protocol interface is unstable.
> > > > > > >
> > > > > > > Today, we have defined SHA2 set, and
> > deprecating SHA1 and
> > > > > > > older one. Tomorrow we may need add SHA3 set.
> > > > > > > Today, we have RSAPKCS1_15. Tomorrow we will
> > have RSAPSS.
> > > > > > > Some other new set of algorithms might be added
> > later,
> > > > > > > such as AEAD, GMAC.
> > > > > > >
> > > > > > > For a protocol definition, I think we need
> > *abstract the
> > > > > > > action*, but not *algorithm*.
> > > > > > > One good example is the UEFI HASH2 Protocol.
> > > > > > >
> > https://github.com/tianocore/edk2/blob/master/MdePkg/Incl
> > > > > > > ude/Protocol/Hash2.h
> > > > > > > It just tells you do the hash. You may add new
> > algorithm
> > > > > > > GUID.
> > > > > > >
> > > > > > > Another good example is inside of openssl. Now
> > it is
> > > > > > > using EVP style cipher algo.
> > > > > > > For example,
> > > > > > >
> > https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptIni
> > > > > > > t_ex.html
> > > > > > >
> > https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX
> > > > > > > _ctrl.html
> > > > > > > The cipher itself is input as parameter.
> > > > > > >
> > > > > > > The benefit is that, if we want to deprecate an
> > > > > > > algorithm, the interface can be unchanged.
> > > > > > > Just the internal implementation can be
> > changed.
> > > > > > > The current PCD mechanism can still be applied
> > to
> > > > > > > internal implementation.
> > > > > > >
> > > > > > > Can we get a chance to revisit/redesign the
> > protocol API,
> > > > > > > when we move to public include?
> > > > > > >
> > > > > > > Thank you
> > > > > > > Yao Jiewen
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > > > > > Sent: Friday, March 27, 2020 11:07 AM
> > > > > > > > To: Yao, Jiewen <jiewen.yao@intel.com>;
> > > > > > > devel@edk2.groups.io; Gao, Zhichao
> > > > > > > > <zhichao.gao@intel.com>
> > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > XiaoyuX
> > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>; Wu,
> > > > > > > Jiaxin
> > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > Subject: RE: [edk2-devel] [PATCH 0/8]
> > CryptoPkg: Retire
> > > > > > > the deprecate function
> > > > > > > >
> > > > > > > > Hi, Jiewen
> > > > > > > >
> > > > > > > > Although the protocol is private, a
> > corresponding
> > > > > > > BaseCryptoLib instance is
> > > > > > > > not private, like PeiCryptLib.inf,
> > RuntimeCryptLib,
> > > > > > > etc. These library instances
> > > > > > > > will be static linked to the consumer driver,
> > for
> > > > > > > example an iSCSI network driver.
> > > > > > > > So actually it's not a "private" change
> > inside
> > > > > > > CryptoPkg.
> > > > > > > >
> > > > > > > > The goal to provide a driver version of
> > crypto service
> > > > > > > is to support modulization
> > > > > > > > FW update, which means the crypto driver may
> > NOT be
> > > > > > > updated together with
> > > > > > > > its consumer. A platform may choose to update
> > the
> > > > > > > crypto service driver to a
> > > > > > > > new version with this patch, then all the
> > BaseCryptoLib
> > > > > > > consumers will be
> > > > > > > > messed.
> > > > > > > >
> > > > > > > > Best Regards
> > > > > > > > Siyuan
> > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > > > > > Sent: 2020年3月27日 10:58
> > > > > > > > > To: devel@edk2.groups.io; Fu, Siyuan
> > > > > > > <siyuan.fu@intel.com>; Gao, Zhichao
> > > > > > > > > <zhichao.gao@intel.com>
> > > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>;
> > Lu, XiaoyuX
> > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>; Wu,
> > > > > > > Jiaxin
> > > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > > Subject: RE: [edk2-devel] [PATCH 0/8]
> > CryptoPkg:
> > > > > > > Retire the deprecate
> > > > > > > > function
> > > > > > > > >
> > > > > > > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > https://github.com/tianocore/edk2/blob/master/CryptoPkg/P
> > > > > > > rivate/Protocol/C
> > > > > > > > > rypto.h
> > > > > > > > >
> > > > > > > > > Why we cannot change?
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > > -----Original Message-----
> > > > > > > > > > From: devel@edk2.groups.io
> > <devel@edk2.groups.io>
> > > > > > > On Behalf Of Siyuan,
> > > > > > > > Fu
> > > > > > > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > > > > > > To: Gao, Zhichao <zhichao.gao@intel.com>;
> > > > > > > devel@edk2.groups.io
> > > > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>;
> > Lu,
> > > > > > > XiaoyuX
> > > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > > Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>; Wu,
> > > > > > > Jiaxin
> > > > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > > > Subject: Re: [edk2-devel] [PATCH 0/8]
> > CryptoPkg:
> > > > > > > Retire the deprecate
> > > > > > > > > function
> > > > > > > > > >
> > > > > > > > > > Hi, Zhichao
> > > > > > > > > >
> > > > > > > > > > We should never move/delete a member
> > field of a
> > > > > > > previous defined protocol
> > > > > > > > > > Interface. Instead, these protocol APIs
> > shall be
> > > > > > > kept and return an error code
> > > > > > > > > > If the function is retired. Otherwise the
> > consumer
> > > > > > > driver may call into an
> > > > > > > > > > Incorrect function if it's build with
> > different
> > > > > > > codebase/PCD settings with the
> > > > > > > > > > Crypto PEI/DXE/SMM driver.
> > > > > > > > > > This comment applies to all the
> > > > > > > EDKII_CRYPTO_PROTOCOL related changes
> > > > > > > > in
> > > > > > > > > > your patch set.
> > > > > > > > > >
> > > > > > > > > > Best Regards
> > > > > > > > > > Siyuan
> > > > > > > > > >
> > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > From: Gao, Zhichao
> > <zhichao.gao@intel.com>
> > > > > > > > > > > Sent: 2020年3月27日 9:56
> > > > > > > > > > > To: devel@edk2.groups.io
> > > > > > > > > > > Cc: Wang, Jian J
> > <jian.j.wang@intel.com>; Lu,
> > > > > > > XiaoyuX
> > > > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > > > Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>;
> > > > > > > Wu, Jiaxin
> > > > > > > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan
> > > > > > > <siyuan.fu@intel.com>
> > > > > > > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire
> > the
> > > > > > > deprecate function
> > > > > > > > > > >
> > > > > > > > > > > REF:
> > > > > > >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > > > > > > REF:
> > > > > > >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > > > > > > >
> > > > > > > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and
> > SHA1 is not
> > > > > > > secure any longer.
> > > > > > > > > > > They are all deprecated. Edk2 would not
> > support
> > > > > > > them any longer.
> > > > > > > > > > > So remove them.
> > > > > > > > > > > But uefi spec want to keep MD5 and SHA1
> > for
> > > > > > > backwards compatibility.
> > > > > > > > > > > So add two pcds to control the MD5 and
> > SHA1
> > > > > > > enablement. Set the pcds
> > > > > > > > > > > default value to false to indicate they
> > are
> > > > > > > deprecated.
> > > > > > > > > > >
> > > > > > > > > > > NetWorkPkg's iSCSI driver would consume
> > the MD5
> > > > > > > function, so change
> > > > > > > > > > > the md5 pcd to TURE when iSCSI is
> > enabled.
> > > > > > > > > > >
> > > > > > > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > > > > > > Cc: Maciej Rabeda
> > <maciej.rabeda@linux.intel.com>
> > > > > > > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > > > > > > Signed-off-by: Zhichao Gao
> > > > > > > <zhichao.gao@intel.com>
> > > > > > > > > > >
> > > > > > > > > > > Zhichao Gao (8):
> > > > > > > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4
> > algorithm
> > > > > > > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4
> > algorithm
> > > > > > > > > > >   CryptoPkg/BaseCryptLib: Retire the
> > Tdes
> > > > > > > algorithm
> > > > > > > > > > >   CryptoPkg/BaseCryptLib: Retire Aes
> > Ecb mode
> > > > > > > algorithm
> > > > > > > > > > >   CryptoPkg/dec: Add pcds to avoid
> > building the
> > > > > > > deprecated function
> > > > > > > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5
> > for iSCSI
> > > > > > > > > > >   Crypto/BaseCryptLib: Using pcd to
> > control MD5
> > > > > > > enablement
> > > > > > > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to
> > control the
> > > > > > > SHA1 enablement
> > > > > > > > > > >
> > > > > > > > > > >  CryptoPkg/CryptoPkg.dec
> > |
> > > > > > > 11 +
> > > > > > > > > > >  CryptoPkg/CryptoPkg.uni
> > |
> > > > > > > 11 +
> > > > > > > > > > >  CryptoPkg/Driver/Crypto.c
> > |
> > > > > > > 634 +-----------------
> > > > > > > > > > >
> > CryptoPkg/Include/Library/BaseCryptLib.h      |
> > > > > > > 548 ---------------
> > > > > > > > > > >
> > .../Library/BaseCryptLib/BaseCryptLib.inf     |
> > > > > > > 9 +-
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Cipher/CryptAes.c    |
> > > > > > > 114 ----
> > > > > > > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c
> > |
> > > > > > > 52 --
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Cipher/CryptArc4.c   |
> > > > > > > 205 ------
> > > > > > > > > > >
> > .../BaseCryptLib/Cipher/CryptArc4Null.c       |
> > > > > > > 124 ----
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Cipher/CryptTdes.c   |
> > > > > > > 364 ----------
> > > > > > > > > > >
> > .../BaseCryptLib/Cipher/CryptTdesNull.c       |
> > > > > > > 160 -----
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Hash/CryptMd4.c      |
> > > > > > > 223 ------
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Hash/CryptMd4Null.c  |
> > > > > > > 143 ----
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Hash/CryptMd5.c      |
> > > > > > > 5 +-
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |
> > > > > > > 3 +
> > > > > > > > > > >
> > .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |
> > > > > > > 3 +
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |
> > > > > > > 3 +
> > > > > > > > > > >
> > .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |
> > > > > > > 3 +
> > > > > > > > > > >
> > .../Library/BaseCryptLib/PeiCryptLib.inf      |
> > > > > > > 13 +-
> > > > > > > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > |
> > > > > > > 3 +
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |
> > > > > > > 5 +
> > > > > > > > > > >
> > .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |
> > > > > > > 5 +
> > > > > > > > > > >
> > .../Library/BaseCryptLib/RuntimeCryptLib.inf  |
> > > > > > > 13 +-
> > > > > > > > > > >
> > .../Library/BaseCryptLib/SmmCryptLib.inf      |
> > > > > > > 13 +-
> > > > > > > > > > >
> > .../BaseCryptLibNull/BaseCryptLibNull.inf     |
> > > > > > > 3 -
> > > > > > > > > > >
> > .../BaseCryptLibNull/Cipher/CryptAesNull.c    |
> > > > > > > 54 +-
> > > > > > > > > > >
> > .../BaseCryptLibNull/Cipher/CryptArc4Null.c   |
> > > > > > > 124 ----
> > > > > > > > > > >
> > .../BaseCryptLibNull/Cipher/CryptTdesNull.c   |
> > > > > > > 160 -----
> > > > > > > > > > >
> > .../BaseCryptLibNull/Hash/CryptMd4Null.c      |
> > > > > > > 143 ----
> > > > > > > > > > >
> > .../BaseCryptLibNull/Hash/CryptMd5Null.c      |
> > > > > > > 3 +
> > > > > > > > > > >
> > .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |
> > > > > > > 3 +
> > > > > > > > > > >
> > .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |
> > > > > > > 4 +-
> > > > > > > > > > >
> > .../BaseCryptLibOnProtocolPpi/CryptLib.c      |
> > > > > > > 604 +----------------
> > > > > > > > > > >
> > .../Library/BaseHashApiLib/BaseHashApiLib.c   |
> > > > > > > 12 +
> > > > > > > > > > >
> > .../Library/BaseHashApiLib/BaseHashApiLib.inf |
> > > > > > > 1 +
> > > > > > > > > > >  CryptoPkg/Private/Protocol/Crypto.h
> > |
> > > > > > > 583 +---------------
> > > > > > > > > > >  NetworkPkg/NetworkPcds.dsc.inc
> > |
> > > > > > > 5 +-
> > > > > > > > > > >  37 files changed, 145 insertions(+),
> > 4221
> > > > > > > deletions(-)
> > > > > > > > > > >  delete mode 100644
> > > > > > >
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > > > > > > >  delete mode 100644
> > > > > > > > >
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > > > > > > >  delete mode 100644
> > > > > > >
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > > > > > > >  delete mode 100644
> > > > > > > > >
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > > > > > > >  delete mode 100644
> > > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > > > > > > >  delete mode 100644
> > > > > > > >
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > > > > > > >  delete mode 100644
> > > > > > > > > > >
> > > > > > >
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > > > > > > >  delete mode 100644
> > > > > > > > > > >
> > > > > > >
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > > > > > > >  delete mode 100644
> > > > > > > > > >
> > > > > > >
> > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > > > > > > >
> > > > > > > > > > > --
> > > > > > > > > > > 2.21.0.windows.1
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

* Re: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
  2020-03-31  0:34                     ` Yao, Jiewen
@ 2020-04-14  4:36                       ` Gao, Zhichao
  0 siblings, 0 replies; 38+ messages in thread
From: Gao, Zhichao @ 2020-04-14  4:36 UTC (permalink / raw)
  To: Yao, Jiewen, Kinney, Michael D, Fu, Siyuan, devel@edk2.groups.io,
	Matthew Carlson, Sean Brogan
  Cc: Wang, Jian J, Lu, XiaoyuX, Maciej Rabeda, Wu, Jiaxin

Hi All,

Thanks for the comments.

Here is the summary and the change I plan to do. Anything incorrect or lacking, please help to point out:
1. do not use the #if in c code: Using the pcd to assert and return error status in the deprecated function.

2. remove the hmac_sha1 and hmac_md5 as there is no usage in the edk2 scope(trunk + platform + non-osi)

3. don't change the structure controlled by structure PCD:
  It is implemented for the modularization update and suggested to not remove any function to keep the offset value of the stucture.
  So I would change make sure all the deprecated function to be disabled in all profile config but keep md5 and sha1 enable because it is required for iSCSI, TPM1.2 and other functions.
  After all the changes for the deprecated function done, update the version for next build.

4. about the sha1, it should process in 2 phase: 
  (2) send patch set1 to the related platform that required the sha1 to enable the sha1 with the structure pcd PcdCryptoServiceFamilyEnable
  (3) send patch set2 to use the pcd to disable the sha1 in default

*Here may be some issues: 
1. modularization bin driver would always support md5 and sha1 unless the pcd value is enable or disable. That means protocol solution would act different with the lib source solution. 
2. unable the find the deprecated usage of md5 and sha1 during build time.

Thanks,
Zhichao

> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: Tuesday, March 31, 2020 8:35 AM
> To: Kinney, Michael D <michael.d.kinney@intel.com>; Fu, Siyuan
> <siyuan.fu@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> <zhichao.gao@intel.com>; Matthew Carlson <macarl@microsoft.com>; Sean
> Brogan <sean.brogan@microsoft.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> <jiaxin.wu@intel.com>
> Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function
> 
> Hi Mike
> "But what we really want to know is if another library or module us using a
> deprecated lib function."
> 
> The protocol is internal API, the library is external API.
> 
> What we are discussing now is how to handle internal API.
> 
> For external API, this patch removed the deprecated lib API and the build will be
> broken.
> It is already satisfied...
> 
> Thank You
> Yao Jiewen
> 
> 
> > -----Original Message-----
> > From: Kinney, Michael D <michael.d.kinney@intel.com>
> > Sent: Tuesday, March 31, 2020 1:31 AM
> > To: Fu, Siyuan <siyuan.fu@intel.com>; Yao, Jiewen
> > <jiewen.yao@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> > <zhichao.gao@intel.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; Matthew Carlson <macarl@microsoft.com>;
> > Sean Brogan <sean.brogan@microsoft.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > Wu, Jiaxin <jiaxin.wu@intel.com>
> > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate
> > function
> >
> > Hi,
> >
> > I would prefer we only extend the protocol interface and never remove
> > any fields from the Protocol/PPI structures so no offsets are ever
> > changed.
> >
> > The main remaining issue is how a platform developer knows if they are
> > using a deprecated interface.  The best method is to know at build
> > time with a compiler failure and the other option is to know at
> > runtime with ASSERT()/ REPORT_STATUS_CODE().  If the field in the
> > protocol structure is  renamed, then the library wrapper around the
> > protocol will not build.  But what we really want to know is if
> > another library or module us using a deprecated lib function.
> >
> > Laszlo had a suggestion in the review of adding modules to the
> > CryptoPkg for the binary versions of these modules to provide
> > libraries that matched the enabled functions in the binaries so a
> > platform build would fail at compile time.  There is very little
> > difference between disabling a service and permanently deprecating a
> > services from a platform detection perspective.  Perhaps we should
> > explore Laszlo's ideas more to see if we can address both use cases
> > and always maintain the Protocol/PPI structures in a backwards
> > compatible manner and always keep the same GUID and only increase the
> > Version value when the Protocol/PPI structure is extended.
> >
> > Thanks,
> >
> > Mike
> >
> > > -----Original Message-----
> > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > Sent: Sunday, March 29, 2020 8:05 PM
> > > To: Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D
> > > <michael.d.kinney@intel.com>; devel@edk2.groups.io; Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin <jiaxin.wu@intel.com>
> > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the
> > > deprecate function
> > >
> > > Jiewen,
> > >
> > > Same as you. I prefer update version (#1) for adding API, and change
> > > protocol GUID (#2)for deprecate unsecure API.
> > >
> > > Best Regards
> > > Siyuan
> > >
> > > > -----Original Message-----
> > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > Sent: 2020年3月30日 10:47
> > > > To: Fu, Siyuan <siyuan.fu@intel.com>; Kinney, Michael D
> > > > <michael.d.kinney@intel.com>; devel@edk2.groups.io;
> > > Gao, Zhichao
> > > > <zhichao.gao@intel.com>
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>;
> > > > Wu, Jiaxin <jiaxin.wu@intel.com>
> > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg: Retire
> > > the deprecate
> > > > function
> > > >
> > > > Thanks Siyuan.
> > > > Good, then I think we are aligned.
> > > > I agree with you that it is bad example because the
> > > neither version nor GUID
> > > > is updated.
> > > >
> > > > We can have at least two options here:
> > > > 1) Update version
> > > > We can change old API to be "VOID *Reserved" or
> > > "UNSUPPORT_FUNC
> > > > Reserved" in the EDKII_CRYPTO_PROTOCOL.
> > > >
> > > > I really do not want to see something like
> > > "EDKII_CRYPTO_MD4_INIT
> > > > Md4Init" still existing, because it may let people
> > > think we are still support
> > > > MD4 and use it somewhere.
> > > >
> > > > 2) Update GUID
> > > > Then we can remove the "EDKII_CRYPTO_MD4_INIT Md4Init"
> > > completely.
> > > > Of course, we can still update version although it is
> > > optional.
> > > >
> > > >
> > > > For adding new API, I will definitely prefer #1.
> > > >
> > > > For deprecating old API, if we choose #1, we need add
> > > 17 reserved fields in
> > > > this protocol for MD4, 3DES and RC4.
> > > > If we decide to deprecate HMAC_MD5/HMAC_SHA1 because of
> > > no usage,
> > > > then we need have a protocol with 156 fields, and 29 of
> > > them are reserved.
> > > > As such, I prefer #2 here, unless we have strong reason
> > > to keep 29 reserved
> > > > fields in this protocol.
> > > >
> > > >
> > > > Thank you
> > > > Yao Jiewen
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > > Sent: Monday, March 30, 2020 10:17 AM
> > > > > To: Yao, Jiewen <jiewen.yao@intel.com>; Kinney,
> > > Michael D
> > > > > <michael.d.kinney@intel.com>; devel@edk2.groups.io;
> > > Gao, Zhichao
> > > > > <zhichao.gao@intel.com>
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > > > <xiaoyux.lu@intel.com>;
> > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>; Wu,
> > > Jiaxin
> > > > > <jiaxin.wu@intel.com>
> > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > > Retire the deprecate
> > > > function
> > > > >
> > > > > Hi, Jiewen
> > > > >
> > > > > I agree with all the strategy you listed for the
> > > Modulization FW update,
> > > > and
> > > > > Mike's
> > > > > for compatibility maintenance.  While I have a little
> > > different
> > > > understanding
> > > > > about
> > > > > "permanent binary compatibility". Mainly about what
> > > kind of
> > > > "compatibility" we
> > > > > have to provide.
> > > > >
> > > > > I don't think "compatibility " means we cannot
> > > deprecate any old API.
> > > > Instead of
> > > > > that, I think the goal could be:
> > > > > - If an old binary is using the deprecated API, it
> > > should be able to fail
> > > > gracefully.
> > > > > - If an old binary is NOT using the deprecated API,
> > > it should not be
> > > > impacted and
> > > > > able to work as before.
> > > > >
> > > > > So how we deprecate an API from this internal
> > > protocol is important. The
> > > > > current
> > > > > patch shows a bad example, it removes member
> > > functions from the
> > > > protocol
> > > > > structure, without changing the protocol GUID or
> > > version number. In such
> > > > case,
> > > > > an old binary consumer has no method to know if it's
> > > working with an old
> > > > > protocol
> > > > > or a new one, and may call into incorrect function
> > > even it doesn't use any
> > > > of the
> > > > > deprecated APIs. That's something I want to avoid.
> > > > >
> > > > > Best Regards
> > > > > Siyuan
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > > Sent: 2020年3月28日 7:43
> > > > > > To: Kinney, Michael D <michael.d.kinney@intel.com>;
> > > > devel@edk2.groups.io;
> > > > > > Fu, Siyuan <siyuan.fu@intel.com>; Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > XiaoyuX
> > > > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > > <maciej.rabeda@linux.intel.com>;
> > > > > > Wu, Jiaxin <jiaxin.wu@intel.com>
> > > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > > Retire the deprecate
> > > > > > function
> > > > > >
> > > > > > Thanks Mike.
> > > > > > I understand the *private protocol* now. I think it
> > > is OK to put
> > > > > > CryptoProtocol into Private dir to sever that
> > > purpose.
> > > > > > And for private API, I don’t have concern on the
> > > data structure, since it is
> > > > > > invisible.
> > > > > >
> > > > > > Siyuan provided below usage and concern:
> > > > > > "The goal to provide a driver version of crypto
> > > service is to support
> > > > > > modulization
> > > > > > FW update, which means the crypto driver may NOT be
> > > updated together
> > > > > > with
> > > > > > its consumer. A platform may choose to update the
> > > crypto service driver
> > > > to a
> > > > > > new version with this patch, then all the
> > > BaseCryptoLib consumers will
> > > > be
> > > > > > messed."
> > > > > >
> > > > > > This usage might become a problem, when we want to
> > > deprecate an API
> > > > and
> > > > > > keep binary compatibility at same time.
> > > > > > (To be specific, I am not worried about source
> > > compatibility, because we
> > > > can
> > > > > > update both producer and consumer.
> > > > > > I am not worried about adding API, because there
> > > will be no issue on
> > > > > > appending a function at the end.)
> > > > > >
> > > > > > Take below as an example:
> > > > > > Firmware Version 100 uses Crypto Version 100.
> > > > > > We want to deprecate a private API and change to a
> > > new one. So, we
> > > > > > upgrade Crypto to Version 101 and update Firmware
> > > to Version 101.
> > > > > > Of course, we need change *all other consumers* and
> > > rebuild everything
> > > > > > make sure it works correctly.
> > > > > > However, it is hard to support this in
> > > "modulization FW update", because
> > > > we
> > > > > > have no chance to update the binary of firmware
> > > version 100.
> > > > > >
> > > > > > If we have to keep *permanent binary
> > > compatibility*, then we cannot
> > > > > > deprecate any old API, just because that will break
> > > old consumer.
> > > > > > That brings much validation burden, because you
> > > have to test every
> > > > update
> > > > > > in master with old binaries, besides the latest
> > > binaries.
> > > > > > That also brings maintenance burden for the unused
> > > old API. The only
> > > > > > consumer is in the old binary and invisible.
> > > > > > I don’t believe that is what we want.
> > > > > >
> > > > > > Modulization FW update is good feature. And we can
> > > have different
> > > > strategy
> > > > > > for that besides keeping permanent binary
> > > compatibility.
> > > > > > 1) Modulization FW update can be limited a range of
> > > version. At some
> > > > point,
> > > > > > you have to update the whole FW, because there are
> > > too many changes
> > > > or
> > > > > > incompatible binary changes. The cadence of full
> > > update can be longer
> > > > than
> > > > > > the one of partial update. For example, Linux or
> > > windows are making
> > > > > > incompatible change in major version and only keep
> > > compatibility in
> > > > minor
> > > > > > version.
> > > > > > 2) A project can branch the production launch
> > > firmware, and only keep
> > > > > > binary compatibility and support the modulization
> > > FW update within this
> > > > > > branch. As such, the big update in master won't
> > > impact this branch. If a
> > > > > > production may choose to resync to master, at that
> > > time a full firmware
> > > > > > update is required. I guess most people are using
> > > this way in a real
> > > > > > production.
> > > > > >
> > > > > > Thought?
> > > > > >
> > > > > > Thank you
> > > > > > Yao Jiewen
> > > > > >
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Kinney, Michael D
> > > <michael.d.kinney@intel.com>
> > > > > > > Sent: Saturday, March 28, 2020 12:38 AM
> > > > > > > To: devel@edk2.groups.io; Yao, Jiewen
> > > <jiewen.yao@intel.com>; Fu,
> > > > Siyuan
> > > > > > > <siyuan.fu@intel.com>; Gao, Zhichao
> > > <zhichao.gao@intel.com>; Kinney,
> > > > > > > Michael D <michael.d.kinney@intel.com>
> > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > XiaoyuX
> > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > Maciej Rabeda <maciej.rabeda@linux.intel.com>;
> > > Wu, Jiaxin
> > > > > > > <jiaxin.wu@intel.com>
> > > > > > > Subject: RE: [edk2-devel] [PATCH 0/8] CryptoPkg:
> > > Retire the deprecate
> > > > > > function
> > > > > > >
> > > > > > > Jiewen,
> > > > > > >
> > > > > > > The purpose of private includes is to keep
> > > modules/lib
> > > > > > > in *other* packages from using interfaces that
> > > are the
> > > > > > > package with the private interface does not want
> > > other
> > > > > > > packages to use and does not want to have to
> > > coordinate
> > > > > > > with other packages if that package owner decides
> > > to
> > > > > > > make changes to those private interfaces.
> > > > > > >
> > > > > > > For modules/libs within package that do use
> > > private
> > > > > > > includes, the package owner gets to decide how to maintain
> > > > > > > the interfaces in the private includes
> > > to
> > > > > > > support those modules/libs.
> > > > > > >
> > > > > > > For example, the CryptoPkg has modules that are intended to
> > > > > > > be used as pre-built binaries, so the CryptoPkg owner needs
> > > > > > > to make sure the
> > > maintenance
> > > > > > > of the private includes supports both the source
> > > and
> > > > > > > binary use cases.
> > > > > > >
> > > > > > > The private Protocol/PPI interfaces in the
> > > CryptoPkg
> > > > > > > were designed to support future expansion.  The
> > > first
> > > > > > > API in the Protocol/PPI is GetVersion().  The
> > > version
> > > > > > > value returned can be used to have different
> > > layouts
> > > > > > > of fields in the Protocol/PPI.  In order to
> > > support
> > > > > > > backwards compatibility, APIs are added to the
> > > end
> > > > > > > of the Protocol/PPI structure as the version
> > > value
> > > > > > > is increased.  You will notice that there is an
> > > X509
> > > > > > > service that was added further down than the
> > > initial
> > > > > > > grouping.  This is just an example of how the
> > > CryptoPkg
> > > > > > > is maintaining a private interface for binary use
> > > cases.
> > > > > > > Other packages may choose alternate techniques.
> > > > > > >
> > > > > > > Thanks,
> > > > > > >
> > > > > > > Mike
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: devel@edk2.groups.io
> > > <devel@edk2.groups.io> On
> > > > > > > > Behalf Of Yao, Jiewen
> > > > > > > > Sent: Thursday, March 26, 2020 9:59 PM
> > > > > > > > To: Fu, Siyuan <siyuan.fu@intel.com>;
> > > > > > > > devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>
> > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > XiaoyuX
> > > > > > > > <xiaoyux.lu@intel.com>; Maciej Rabeda
> > > > > > > > <maciej.rabeda@linux.intel.com>; Wu, Jiaxin
> > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > Subject: Re: [edk2-devel] [PATCH 0/8]
> > > CryptoPkg: Retire
> > > > > > > > the deprecate function
> > > > > > > >
> > > > > > > > Thanks Siyun.
> > > > > > > > I think probably we need discuss this more.
> > > > > > > >
> > > > > > > > 1) About private v.s. public.
> > > > > > > >
> > > > > > > > The benefit for private include is to isolate
> > > external
> > > > > > > > interface and internal interface.
> > > > > > > > A package can keep updating its private
> > > interface without
> > > > > > > > impact any other packages.
> > > > > > > > However, in this case, a private interface
> > > update will
> > > > > > > > bring binary compatibility issue with other
> > > package.
> > > > > > > > I am not sure it is acceptable or not.
> > > > > > > >
> > > > > > > > Mike
> > > > > > > > Do you have any comment? Is that the design
> > > goal of
> > > > > > > > private interface - just keep source code
> > > compatibility,
> > > > > > > > but not binary compatiblity?
> > > > > > > >
> > > > > > > > 2) About the protocol itself.
> > > > > > > >
> > > > > > > > One concern I have is that we *hardcode* the
> > > algorithm in
> > > > > > > > protocol.
> > > > > > > >
> > > > > > > > We keeps adding new algorithm and removing old
> > > one. That
> > > > > > > > means this protocol interface is unstable.
> > > > > > > >
> > > > > > > > Today, we have defined SHA2 set, and
> > > deprecating SHA1 and
> > > > > > > > older one. Tomorrow we may need add SHA3 set.
> > > > > > > > Today, we have RSAPKCS1_15. Tomorrow we will
> > > have RSAPSS.
> > > > > > > > Some other new set of algorithms might be added
> > > later,
> > > > > > > > such as AEAD, GMAC.
> > > > > > > >
> > > > > > > > For a protocol definition, I think we need
> > > *abstract the
> > > > > > > > action*, but not *algorithm*.
> > > > > > > > One good example is the UEFI HASH2 Protocol.
> > > > > > > >
> > > https://github.com/tianocore/edk2/blob/master/MdePkg/Incl
> > > > > > > > ude/Protocol/Hash2.h
> > > > > > > > It just tells you do the hash. You may add new
> > > algorithm
> > > > > > > > GUID.
> > > > > > > >
> > > > > > > > Another good example is inside of openssl. Now
> > > it is
> > > > > > > > using EVP style cipher algo.
> > > > > > > > For example,
> > > > > > > >
> > > https://www.openssl.org/docs/man1.1.1/man3/EVP_EncryptIni
> > > > > > > > t_ex.html
> > > > > > > >
> > > https://www.openssl.org/docs/man1.1.0/man3/EVP_CIPHER_CTX
> > > > > > > > _ctrl.html
> > > > > > > > The cipher itself is input as parameter.
> > > > > > > >
> > > > > > > > The benefit is that, if we want to deprecate an algorithm,
> > > > > > > > the interface can be unchanged.
> > > > > > > > Just the internal implementation can be
> > > changed.
> > > > > > > > The current PCD mechanism can still be applied
> > > to
> > > > > > > > internal implementation.
> > > > > > > >
> > > > > > > > Can we get a chance to revisit/redesign the
> > > protocol API,
> > > > > > > > when we move to public include?
> > > > > > > >
> > > > > > > > Thank you
> > > > > > > > Yao Jiewen
> > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: Fu, Siyuan <siyuan.fu@intel.com>
> > > > > > > > > Sent: Friday, March 27, 2020 11:07 AM
> > > > > > > > > To: Yao, Jiewen <jiewen.yao@intel.com>;
> > > > > > > > devel@edk2.groups.io; Gao, Zhichao
> > > > > > > > > <zhichao.gao@intel.com>
> > > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu,
> > > XiaoyuX
> > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>; Wu,
> > > > > > > > Jiaxin
> > > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > > Subject: RE: [edk2-devel] [PATCH 0/8]
> > > CryptoPkg: Retire
> > > > > > > > the deprecate function
> > > > > > > > >
> > > > > > > > > Hi, Jiewen
> > > > > > > > >
> > > > > > > > > Although the protocol is private, a
> > > corresponding
> > > > > > > > BaseCryptoLib instance is
> > > > > > > > > not private, like PeiCryptLib.inf,
> > > RuntimeCryptLib,
> > > > > > > > etc. These library instances
> > > > > > > > > will be static linked to the consumer driver,
> > > for
> > > > > > > > example an iSCSI network driver.
> > > > > > > > > So actually it's not a "private" change
> > > inside
> > > > > > > > CryptoPkg.
> > > > > > > > >
> > > > > > > > > The goal to provide a driver version of
> > > crypto service
> > > > > > > > is to support modulization
> > > > > > > > > FW update, which means the crypto driver may
> > > NOT be
> > > > > > > > updated together with
> > > > > > > > > its consumer. A platform may choose to update
> > > the
> > > > > > > > crypto service driver to a
> > > > > > > > > new version with this patch, then all the
> > > BaseCryptoLib
> > > > > > > > consumers will be
> > > > > > > > > messed.
> > > > > > > > >
> > > > > > > > > Best Regards
> > > > > > > > > Siyuan
> > > > > > > > >
> > > > > > > > > > -----Original Message-----
> > > > > > > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > > > > > > Sent: 2020年3月27日 10:58
> > > > > > > > > > To: devel@edk2.groups.io; Fu, Siyuan
> > > > > > > > <siyuan.fu@intel.com>; Gao, Zhichao
> > > > > > > > > > <zhichao.gao@intel.com>
> > > > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>;
> > > Lu, XiaoyuX
> > > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > > Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>; Wu,
> > > > > > > > Jiaxin
> > > > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > > > Subject: RE: [edk2-devel] [PATCH 0/8]
> > > CryptoPkg:
> > > > > > > > Retire the deprecate
> > > > > > > > > function
> > > > > > > > > >
> > > > > > > > > > EDKII_CRYPTO_PROTOCOL is *private*.
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > https://github.com/tianocore/edk2/blob/master/CryptoPkg/P
> > > > > > > > rivate/Protocol/C
> > > > > > > > > > rypto.h
> > > > > > > > > >
> > > > > > > > > > Why we cannot change?
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > From: devel@edk2.groups.io
> > > <devel@edk2.groups.io>
> > > > > > > > On Behalf Of Siyuan,
> > > > > > > > > Fu
> > > > > > > > > > > Sent: Friday, March 27, 2020 10:47 AM
> > > > > > > > > > > To: Gao, Zhichao <zhichao.gao@intel.com>;
> > > > > > > > devel@edk2.groups.io
> > > > > > > > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>;
> > > Lu,
> > > > > > > > XiaoyuX
> > > > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > > > Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>; Wu,
> > > > > > > > Jiaxin
> > > > > > > > > > > <jiaxin.wu@intel.com>
> > > > > > > > > > > Subject: Re: [edk2-devel] [PATCH 0/8]
> > > CryptoPkg:
> > > > > > > > Retire the deprecate
> > > > > > > > > > function
> > > > > > > > > > >
> > > > > > > > > > > Hi, Zhichao
> > > > > > > > > > >
> > > > > > > > > > > We should never move/delete a member
> > > field of a
> > > > > > > > previous defined protocol
> > > > > > > > > > > Interface. Instead, these protocol APIs
> > > shall be
> > > > > > > > kept and return an error code
> > > > > > > > > > > If the function is retired. Otherwise the
> > > consumer
> > > > > > > > driver may call into an
> > > > > > > > > > > Incorrect function if it's build with
> > > different
> > > > > > > > codebase/PCD settings with the
> > > > > > > > > > > Crypto PEI/DXE/SMM driver.
> > > > > > > > > > > This comment applies to all the
> > > > > > > > EDKII_CRYPTO_PROTOCOL related changes
> > > > > > > > > in
> > > > > > > > > > > your patch set.
> > > > > > > > > > >
> > > > > > > > > > > Best Regards
> > > > > > > > > > > Siyuan
> > > > > > > > > > >
> > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > > From: Gao, Zhichao
> > > <zhichao.gao@intel.com>
> > > > > > > > > > > > Sent: 2020年3月27日 9:56
> > > > > > > > > > > > To: devel@edk2.groups.io
> > > > > > > > > > > > Cc: Wang, Jian J
> > > <jian.j.wang@intel.com>; Lu,
> > > > > > > > XiaoyuX
> > > > > > > > > > > <xiaoyux.lu@intel.com>;
> > > > > > > > > > > > Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>;
> > > > > > > > Wu, Jiaxin
> > > > > > > > > > > > <jiaxin.wu@intel.com>; Fu, Siyuan
> > > > > > > > <siyuan.fu@intel.com>
> > > > > > > > > > > > Subject: [PATCH 0/8] CryptoPkg: Retire
> > > the
> > > > > > > > deprecate function
> > > > > > > > > > > >
> > > > > > > > > > > > REF:
> > > > > > > >
> > > https://bugzilla.tianocore.org/show_bug.cgi?id=1682
> > > > > > > > > > > > REF:
> > > > > > > >
> > > https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> > > > > > > > > > > >
> > > > > > > > > > > > MD4, AR4, Tdes, Aes Ecb mode, MD5 and
> > > SHA1 is not
> > > > > > > > secure any longer.
> > > > > > > > > > > > They are all deprecated. Edk2 would not
> > > support
> > > > > > > > them any longer.
> > > > > > > > > > > > So remove them.
> > > > > > > > > > > > But uefi spec want to keep MD5 and SHA1
> > > for
> > > > > > > > backwards compatibility.
> > > > > > > > > > > > So add two pcds to control the MD5 and
> > > SHA1
> > > > > > > > enablement. Set the pcds
> > > > > > > > > > > > default value to false to indicate they
> > > are
> > > > > > > > deprecated.
> > > > > > > > > > > >
> > > > > > > > > > > > NetWorkPkg's iSCSI driver would consume
> > > the MD5
> > > > > > > > function, so change
> > > > > > > > > > > > the md5 pcd to TURE when iSCSI is
> > > enabled.
> > > > > > > > > > > >
> > > > > > > > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > > > > > > > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > > > > > > > > > > > Cc: Maciej Rabeda
> > > <maciej.rabeda@linux.intel.com>
> > > > > > > > > > > > Cc: Jiaxin Wu <jiaxin.wu@intel.com>
> > > > > > > > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > > > > > > > Signed-off-by: Zhichao Gao
> > > > > > > > <zhichao.gao@intel.com>
> > > > > > > > > > > >
> > > > > > > > > > > > Zhichao Gao (8):
> > > > > > > > > > > >   CryptoPkg/BaseCrpytLib: Retire MD4
> > > algorithm
> > > > > > > > > > > >   CryptoPkg/BaseCryptLib: Retire ARC4
> > > algorithm
> > > > > > > > > > > >   CryptoPkg/BaseCryptLib: Retire the
> > > Tdes
> > > > > > > > algorithm
> > > > > > > > > > > >   CryptoPkg/BaseCryptLib: Retire Aes
> > > Ecb mode
> > > > > > > > algorithm
> > > > > > > > > > > >   CryptoPkg/dec: Add pcds to avoid
> > > building the
> > > > > > > > deprecated function
> > > > > > > > > > > >   NetWorkPkg/Pcd.inc: Enable the MD5
> > > for iSCSI
> > > > > > > > > > > >   Crypto/BaseCryptLib: Using pcd to
> > > control MD5
> > > > > > > > enablement
> > > > > > > > > > > >   CryptoPkg/BaseCryptLib: Use Pcd to
> > > control the
> > > > > > > > SHA1 enablement
> > > > > > > > > > > >
> > > > > > > > > > > >  CryptoPkg/CryptoPkg.dec
> > > |
> > > > > > > > 11 +
> > > > > > > > > > > >  CryptoPkg/CryptoPkg.uni
> > > |
> > > > > > > > 11 +
> > > > > > > > > > > >  CryptoPkg/Driver/Crypto.c
> > > |
> > > > > > > > 634 +-----------------
> > > > > > > > > > > >
> > > CryptoPkg/Include/Library/BaseCryptLib.h      |
> > > > > > > > 548 ---------------
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/BaseCryptLib.inf     |
> > > > > > > > 9 +-
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Cipher/CryptAes.c    |
> > > > > > > > 114 ----
> > > > > > > > > > > >  .../BaseCryptLib/Cipher/CryptAesNull.c
> > > |
> > > > > > > > 52 --
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Cipher/CryptArc4.c   |
> > > > > > > > 205 ------
> > > > > > > > > > > >
> > > .../BaseCryptLib/Cipher/CryptArc4Null.c       |
> > > > > > > > 124 ----
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Cipher/CryptTdes.c   |
> > > > > > > > 364 ----------
> > > > > > > > > > > >
> > > .../BaseCryptLib/Cipher/CryptTdesNull.c       |
> > > > > > > > 160 -----
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Hash/CryptMd4.c      |
> > > > > > > > 223 ------
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Hash/CryptMd4Null.c  |
> > > > > > > > 143 ----
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Hash/CryptMd5.c      |
> > > > > > > > 5 +-
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  |
> > > > > > > > 3 +
> > > > > > > > > > > >
> > > .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      |
> > > > > > > > 3 +
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c |
> > > > > > > > 3 +
> > > > > > > > > > > >
> > > .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     |
> > > > > > > > 3 +
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/PeiCryptLib.inf      |
> > > > > > > > 13 +-
> > > > > > > > > > > >  .../BaseCryptLib/Pk/CryptPkcs5Pbkdf2.c
> > > |
> > > > > > > > 3 +
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Pk/CryptRsaBasic.c   |
> > > > > > > > 5 +
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/Pk/CryptRsaExt.c     |
> > > > > > > > 5 +
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/RuntimeCryptLib.inf  |
> > > > > > > > 13 +-
> > > > > > > > > > > >
> > > .../Library/BaseCryptLib/SmmCryptLib.inf      |
> > > > > > > > 13 +-
> > > > > > > > > > > >
> > > .../BaseCryptLibNull/BaseCryptLibNull.inf     |
> > > > > > > > 3 -
> > > > > > > > > > > >
> > > .../BaseCryptLibNull/Cipher/CryptAesNull.c    |
> > > > > > > > 54 +-
> > > > > > > > > > > >
> > > .../BaseCryptLibNull/Cipher/CryptArc4Null.c   |
> > > > > > > > 124 ----
> > > > > > > > > > > >
> > > .../BaseCryptLibNull/Cipher/CryptTdesNull.c   |
> > > > > > > > 160 -----
> > > > > > > > > > > >
> > > .../BaseCryptLibNull/Hash/CryptMd4Null.c      |
> > > > > > > > 143 ----
> > > > > > > > > > > >
> > > .../BaseCryptLibNull/Hash/CryptMd5Null.c      |
> > > > > > > > 3 +
> > > > > > > > > > > >
> > > .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  |
> > > > > > > > 3 +
> > > > > > > > > > > >
> > > .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c |
> > > > > > > > 4 +-
> > > > > > > > > > > >
> > > .../BaseCryptLibOnProtocolPpi/CryptLib.c      |
> > > > > > > > 604 +----------------
> > > > > > > > > > > >
> > > .../Library/BaseHashApiLib/BaseHashApiLib.c   |
> > > > > > > > 12 +
> > > > > > > > > > > >
> > > .../Library/BaseHashApiLib/BaseHashApiLib.inf |
> > > > > > > > 1 +
> > > > > > > > > > > >  CryptoPkg/Private/Protocol/Crypto.h
> > > |
> > > > > > > > 583 +---------------
> > > > > > > > > > > >  NetworkPkg/NetworkPcds.dsc.inc
> > > |
> > > > > > > > 5 +-
> > > > > > > > > > > >  37 files changed, 145 insertions(+),
> > > 4221
> > > > > > > > deletions(-)
> > > > > > > > > > > >  delete mode 100644
> > > > > > > >
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > > > > > > > > > > >  delete mode 100644
> > > > > > > > > >
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > > > > > > > > > > >  delete mode 100644
> > > > > > > >
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > > > > > > > > > > >  delete mode 100644
> > > > > > > > > >
> > > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > > > > > > > > > > >  delete mode 100644
> > > > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > > > > > > > > > > >  delete mode 100644
> > > > > > > > >
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > > > > > > > > > > >  delete mode 100644
> > > > > > > > > > > >
> > > > > > > >
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > > > > > > > > > > >  delete mode 100644
> > > > > > > > > > > >
> > > > > > > >
> > > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > > > > > > > > > > >  delete mode 100644
> > > > > > > > > > >
> > > > > > > >
> > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > > > > > > > > > > >
> > > > > > > > > > > > --
> > > > > > > > > > > > 2.21.0.windows.1
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > 


^ permalink raw reply	[flat|nested] 38+ messages in thread

end of thread, other threads:[~2020-04-14  4:38 UTC | newest]

Thread overview: 38+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-03-27  1:56 [PATCH 0/8] CryptoPkg: Retire the deprecate function Gao, Zhichao
2020-03-27  1:56 ` [PATCH 1/8] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm Gao, Zhichao
2020-03-27  1:56 ` [PATCH 2/8] CryptoPkg/BaseCryptLib: Retire ARC4 algorithm Gao, Zhichao
2020-03-27  1:56 ` [PATCH 3/8] CryptoPkg/BaseCryptLib: Retire the Tdes algorithm Gao, Zhichao
2020-03-27  1:56 ` [PATCH 4/8] CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm Gao, Zhichao
2020-03-27  1:56 ` [PATCH 5/8] CryptoPkg/dec: Add pcds to avoid building the deprecated function Gao, Zhichao
2020-03-27  1:56 ` [PATCH 6/8] NetWorkPkg/Pcd.inc: Enable the MD5 for iSCSI Gao, Zhichao
2020-03-27  2:07   ` Siyuan, Fu
2020-03-30 12:01   ` [edk2-devel] " Maciej Rabeda
2020-03-27  1:56 ` [PATCH 7/8] Crypto/BaseCryptLib: Using pcd to control MD5 enablement Gao, Zhichao
2020-03-27  1:56 ` [PATCH 8/8] CryptoPkg/BaseCryptLib: Use Pcd to control the SHA1 enablement Gao, Zhichao
2020-03-27  2:04   ` [edk2-devel] " Michael D Kinney
2020-03-27  2:44     ` Gao, Zhichao
2020-03-27  2:51       ` Wang, Jian J
2020-03-27 17:35         ` Laszlo Ersek
2020-03-27  2:01 ` [edk2-devel] [PATCH 0/8] CryptoPkg: Retire the deprecate function Yao, Jiewen
2020-03-27  2:43   ` Gao, Zhichao
2020-03-27  2:50     ` Yao, Jiewen
2020-03-27  2:54       ` Gao, Zhichao
     [not found] ` <160006BBBC4857E5.7267@groups.io>
2020-03-27  2:20   ` Yao, Jiewen
2020-03-27  2:53     ` Gao, Zhichao
2020-03-27  2:47 ` Siyuan, Fu
2020-03-27  2:57   ` [edk2-devel] " Yao, Jiewen
2020-03-27  3:06     ` Siyuan, Fu
2020-03-27  4:59       ` Yao, Jiewen
2020-03-27  5:43         ` Siyuan, Fu
2020-03-27  5:50           ` Yao, Jiewen
2020-03-27  6:03             ` Siyuan, Fu
2020-03-27  6:15               ` Yao, Jiewen
2020-03-27  9:19                 ` Ni, Ray
2020-03-27 16:38         ` Michael D Kinney
2020-03-27 23:43           ` Yao, Jiewen
2020-03-30  2:17             ` Siyuan, Fu
2020-03-30  2:47               ` Yao, Jiewen
2020-03-30  3:04                 ` Siyuan, Fu
2020-03-30 17:30                   ` Michael D Kinney
2020-03-31  0:34                     ` Yao, Jiewen
2020-04-14  4:36                       ` Gao, Zhichao

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox