* [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option
[not found] <cover.1652066029.git.yi1.li@intel.com>
@ 2022-05-09 3:19 ` yi1 li
2022-05-09 3:23 ` Yao, Jiewen
2022-05-09 9:34 ` Gerd Hoffmann
2022-05-09 3:19 ` [PATCH 2/3] CryptoPkg/openssl: disable codestyle checks for generated files yi1 li
2022-05-09 3:19 ` [PATCH 3/3] CryptoPkg/openssl: update " yi1 li
2 siblings, 2 replies; 12+ messages in thread
From: yi1 li @ 2022-05-09 3:19 UTC (permalink / raw)
To: devel
Cc: Yi Li, Jiewen Yao, Jian J Wang, Xiaoyu Lu, Guomin Jiang,
Gerd Hoffmann
Recommend from Gerd:
(2) Keep the EC config option, but update process_files.pl to
automatically add the PcdEcEnabled config option handling
to the files it generates.
When remove 'no-ec' from openssl configure list, will automatically remove
'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH', 'OPENSSL_NO_ECDSA', 'OPENSSL_NO_TLS1_3',
form header, and add '/ec/.', '/sm2/.' files to INF files.
Signed-off-by: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
---
CryptoPkg/Library/OpensslLib/process_files.pl | 67 ++++++++++++++++++-
1 file changed, 65 insertions(+), 2 deletions(-)
diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Library/OpensslLib/process_files.pl
index 2ebfbbbca0de..2849f5d9aed0 100755
--- a/CryptoPkg/Library/OpensslLib/process_files.pl
+++ b/CryptoPkg/Library/OpensslLib/process_files.pl
@@ -81,6 +81,19 @@ my $uefi_config;
my $extension;
my $arch;
my @inf;
+#
+# Use PCD to conditionally enable certain openssl features.
+# $conditional_feature contains fetures_names:pcd_name pairs
+# of conditional features.
+# @conditional_feature_dir contains relative_path:pcd_name pairs
+# of conditional features in openssl, MUST correspond to the content
+# in $conditional_feature.
+#
+# Configure list [openssl_configuratio : new_define_list : new_file_list : pcd]
+# 1. no-ec : {NO_EC, NO_ECDH, NO_ECDSA, NO_TLS1_3, NO_SM2} : {/ec/, /sm2/} : PcdEcEnabled
+#
+my %conditional_feature = ("EC"=>"PcdEcEnabled", "ECDH"=>"PcdEcEnabled", "ECDSA"=>"PcdEcEnabled", "TLS1_3"=>"PcdEcEnabled", "SM2"=>"PcdEcEnabled");
+my %conditional_feature_dir = ("/ec/"=>"PcdEcEnabled", "/sm2/"=>"PcdEcEnabled");
BEGIN {
$inf_file = "OpensslLib.inf";
@@ -282,7 +295,13 @@ foreach my $product ((@{$unified_info{libraries}},
push @sslfilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n";
next;
}
- push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n";
+ push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s;
+ foreach (keys(%conditional_feature_dir)) {
+ if ($s =~ $_) {
+ push @cryptofilelist, ' |*|*|*|gEfiCryptoPkgTokenSpaceGuid.' . $conditional_feature_dir{$_};
+ }
+ }
+ push @cryptofilelist, "\r\n";
}
}
}
@@ -311,7 +330,13 @@ foreach (@headers){
push @sslfilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n";
next;
}
- push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n";
+ push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_;
+ foreach my $conditional_key (keys(%conditional_feature_dir)) {
+ if ($_ =~ $conditional_key) {
+ push @cryptofilelist, ' |*|*|*|gEfiCryptoPkgTokenSpaceGuid.' . $conditional_feature_dir{$conditional_key};
+ }
+ }
+ push @cryptofilelist, "\r\n";
}
@@ -430,6 +455,44 @@ system(
die "Cannot copy dso_conf.h!";
print "Done!\n";
+#
+# Add conditional feature to opensslconf.h
+#
+my $conf_file = "../Include/openssl/opensslconf.h";
+my @conf_raw = ();
+my @conditional_define = ();
+print "\n--> Updating $conf_file ... ";
+
+foreach my $feature_name (keys(%conditional_feature)) {
+ push @conditional_define, "#if !FixedPcdGetBool ($conditional_feature{$feature_name})\r\n";
+ push @conditional_define, "# ifndef OPENSSL_NO_$feature_name\r\n";
+ push @conditional_define, "# define OPENSSL_NO_$feature_name\r\n";
+ push @conditional_define, "# endif\r\n#endif\r\n";
+}
+
+open( FD, "<" . $conf_file ) ||
+ die $conf_file;
+foreach (<FD>) {
+ # Insert conditional define to the begin of opensslconf.h
+ if ($_ =~ "#ifdef OPENSSL_ALGORITHM_DEFINES") {
+ push @conf_raw, @conditional_define;
+ }
+ push @conf_raw, $_;
+ if ($_ =~ "<openssl/opensslv.h>") {
+ push @conf_raw, "#include <Library/PcdLib.h>\r\n";
+ }
+}
+close(FD) ||
+ die $conf_file;
+
+open( FD, ">" . $conf_file ) ||
+ die $conf_file;
+print( FD @conf_raw ) ||
+ die $conf_file;
+close(FD) ||
+ die $conf_file;
+print "Done!\n";
+
print "\nProcessing Files Done!\n";
exit(0);
--
2.31.1.windows.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH 2/3] CryptoPkg/openssl: disable codestyle checks for generated files
[not found] <cover.1652066029.git.yi1.li@intel.com>
2022-05-09 3:19 ` [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option yi1 li
@ 2022-05-09 3:19 ` yi1 li
2022-05-09 3:23 ` Yao, Jiewen
2022-05-09 3:19 ` [PATCH 3/3] CryptoPkg/openssl: update " yi1 li
2 siblings, 1 reply; 12+ messages in thread
From: yi1 li @ 2022-05-09 3:19 UTC (permalink / raw)
To: devel
Cc: Yi Li, Gerd Hoffmann, Jiewen Yao, Jian J Wang, Xiaoyu Lu,
Guomin Jiang
Files generated by process_files.pl from openssl sources should not be checked for edk2 code style.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
---
CryptoPkg/CryptoPkg.ci.yaml | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
index 396ca93dbe49..09fba0bcc685 100644
--- a/CryptoPkg/CryptoPkg.ci.yaml
+++ b/CryptoPkg/CryptoPkg.ci.yaml
@@ -26,6 +26,8 @@
## Both file path and directory path are accepted.
"IgnoreFiles": [
"Library/OpensslLib/openssl",
+ "Library/Include/openssl",
+ "Library/Include/crypto",
# The unit testing folder is not to be checked
"Test/UnitTest",
# This has OpenSSL interfaces that aren't UEFI spec compliant
@@ -89,5 +91,13 @@
"ExtendWords": [], # words to extend to the dictionary for this package
"IgnoreStandardPaths": [], # Standard Plugin defined paths that should be ignore
"AdditionalIncludePaths": [] # Additional paths to spell check (wildcards supported)
+ },
+
+ # options defined in .pytool/Plugin/UncrustifyCheck
+ "UncrustifyCheck": {
+ "IgnoreFiles": [
+ "opensslconf.h",
+ "dso_conf.h",
+ ]
}
}
--
2.31.1.windows.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH 3/3] CryptoPkg/openssl: update generated files
[not found] <cover.1652066029.git.yi1.li@intel.com>
2022-05-09 3:19 ` [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option yi1 li
2022-05-09 3:19 ` [PATCH 2/3] CryptoPkg/openssl: disable codestyle checks for generated files yi1 li
@ 2022-05-09 3:19 ` yi1 li
2022-05-09 3:25 ` Yao, Jiewen
2 siblings, 1 reply; 12+ messages in thread
From: yi1 li @ 2022-05-09 3:19 UTC (permalink / raw)
To: devel
Cc: Yi Li, Jiewen Yao, Jian J Wang, Xiaoyu Lu, Guomin Jiang,
Gerd Hoffmann
Run process_files.pl with the current openssl submodule version.
Signed-off-by: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
---
CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +-
.../Library/Include/openssl/opensslconf.h | 266 +++++++++---------
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 34 ++-
.../Library/OpensslLib/OpensslLibCrypto.inf | 96 ++++---
4 files changed, 210 insertions(+), 193 deletions(-)
diff --git a/CryptoPkg/Library/Include/crypto/dso_conf.h b/CryptoPkg/Library/Include/crypto/dso_conf.h
index b9c38b416697..95f4db2b1586 100644
--- a/CryptoPkg/Library/Include/crypto/dso_conf.h
+++ b/CryptoPkg/Library/Include/crypto/dso_conf.h
@@ -1,6 +1,5 @@
/* WARNING: do not edit! */
/* Generated from include/crypto/dso_conf.h.in */
-
/*
* Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
*
@@ -11,7 +10,7 @@
*/
#ifndef OSSL_CRYPTO_DSO_CONF_H
-#define OSSL_CRYPTO_DSO_CONF_H
-#define DSO_NONE
-#define DSO_EXTENSION ".so"
+# define OSSL_CRYPTO_DSO_CONF_H
+# define DSO_NONE
+# define DSO_EXTENSION ".so"
#endif
diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h
index 1485b8c9f108..aaa5c0e54813 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
@@ -9,15 +9,41 @@
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
-#include <Library/PcdLib.h>
+
#include <openssl/opensslv.h>
+#include <Library/PcdLib.h>
#ifdef __cplusplus
extern "C" {
#endif
+#if !FixedPcdGetBool (PcdEcEnabled)
+# ifndef OPENSSL_NO_ECDSA
+# define OPENSSL_NO_ECDSA
+# endif
+#endif
+#if !FixedPcdGetBool (PcdEcEnabled)
+# ifndef OPENSSL_NO_EC
+# define OPENSSL_NO_EC
+# endif
+#endif
+#if !FixedPcdGetBool (PcdEcEnabled)
+# ifndef OPENSSL_NO_SM2
+# define OPENSSL_NO_SM2
+# endif
+#endif
+#if !FixedPcdGetBool (PcdEcEnabled)
+# ifndef OPENSSL_NO_TLS1_3
+# define OPENSSL_NO_TLS1_3
+# endif
+#endif
+#if !FixedPcdGetBool (PcdEcEnabled)
+# ifndef OPENSSL_NO_ECDH
+# define OPENSSL_NO_ECDH
+# endif
+#endif
#ifdef OPENSSL_ALGORITHM_DEFINES
- #error OPENSSL_ALGORITHM_DEFINES no longer supported
+# error OPENSSL_ALGORITHM_DEFINES no longer supported
#endif
/*
@@ -25,233 +51,217 @@ extern "C" {
*/
#ifndef OPENSSL_SYS_UEFI
-#define OPENSSL_SYS_UEFI 1
+# define OPENSSL_SYS_UEFI 1
#endif
-#define OPENSSL_MIN_API 0x10100000L
+#define OPENSSL_MIN_API 0x10100000L
#ifndef OPENSSL_NO_BF
-#define OPENSSL_NO_BF
+# define OPENSSL_NO_BF
#endif
#ifndef OPENSSL_NO_BLAKE2
-#define OPENSSL_NO_BLAKE2
+# define OPENSSL_NO_BLAKE2
#endif
#ifndef OPENSSL_NO_CAMELLIA
-#define OPENSSL_NO_CAMELLIA
+# define OPENSSL_NO_CAMELLIA
#endif
#ifndef OPENSSL_NO_CAST
-#define OPENSSL_NO_CAST
+# define OPENSSL_NO_CAST
#endif
#ifndef OPENSSL_NO_CHACHA
-#define OPENSSL_NO_CHACHA
+# define OPENSSL_NO_CHACHA
#endif
#ifndef OPENSSL_NO_CMS
-#define OPENSSL_NO_CMS
+# define OPENSSL_NO_CMS
#endif
#ifndef OPENSSL_NO_CT
-#define OPENSSL_NO_CT
+# define OPENSSL_NO_CT
#endif
#ifndef OPENSSL_NO_DES
-#define OPENSSL_NO_DES
+# define OPENSSL_NO_DES
#endif
#ifndef OPENSSL_NO_DSA
-#define OPENSSL_NO_DSA
-#endif
-#if !FixedPcdGetBool (PcdEcEnabled)
- #ifndef OPENSSL_NO_EC
-#define OPENSSL_NO_EC
- #endif
+# define OPENSSL_NO_DSA
#endif
#ifndef OPENSSL_NO_IDEA
-#define OPENSSL_NO_IDEA
+# define OPENSSL_NO_IDEA
#endif
#ifndef OPENSSL_NO_MD2
-#define OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
#endif
#ifndef OPENSSL_NO_MD4
-#define OPENSSL_NO_MD4
+# define OPENSSL_NO_MD4
#endif
#ifndef OPENSSL_NO_MDC2
-#define OPENSSL_NO_MDC2
+# define OPENSSL_NO_MDC2
#endif
#ifndef OPENSSL_NO_POLY1305
-#define OPENSSL_NO_POLY1305
+# define OPENSSL_NO_POLY1305
#endif
#ifndef OPENSSL_NO_RC2
-#define OPENSSL_NO_RC2
+# define OPENSSL_NO_RC2
#endif
#ifndef OPENSSL_NO_RC4
-#define OPENSSL_NO_RC4
+# define OPENSSL_NO_RC4
#endif
#ifndef OPENSSL_NO_RC5
-#define OPENSSL_NO_RC5
+# define OPENSSL_NO_RC5
#endif
#ifndef OPENSSL_NO_RMD160
-#define OPENSSL_NO_RMD160
+# define OPENSSL_NO_RMD160
#endif
#ifndef OPENSSL_NO_SEED
-#define OPENSSL_NO_SEED
-#endif
-#ifndef OPENSSL_NO_SM2
-#define OPENSSL_NO_SM2
+# define OPENSSL_NO_SEED
#endif
#ifndef OPENSSL_NO_SRP
-#define OPENSSL_NO_SRP
+# define OPENSSL_NO_SRP
#endif
#ifndef OPENSSL_NO_TS
-#define OPENSSL_NO_TS
+# define OPENSSL_NO_TS
#endif
#ifndef OPENSSL_NO_WHIRLPOOL
-#define OPENSSL_NO_WHIRLPOOL
+# define OPENSSL_NO_WHIRLPOOL
#endif
#ifndef OPENSSL_RAND_SEED_NONE
-#define OPENSSL_RAND_SEED_NONE
+# define OPENSSL_RAND_SEED_NONE
#endif
#ifndef OPENSSL_NO_AFALGENG
-#define OPENSSL_NO_AFALGENG
+# define OPENSSL_NO_AFALGENG
#endif
#ifndef OPENSSL_NO_APPS
-#define OPENSSL_NO_APPS
+# define OPENSSL_NO_APPS
#endif
#ifndef OPENSSL_NO_ASAN
-#define OPENSSL_NO_ASAN
+# define OPENSSL_NO_ASAN
#endif
#ifndef OPENSSL_NO_ASYNC
-#define OPENSSL_NO_ASYNC
+# define OPENSSL_NO_ASYNC
#endif
#ifndef OPENSSL_NO_AUTOERRINIT
-#define OPENSSL_NO_AUTOERRINIT
+# define OPENSSL_NO_AUTOERRINIT
#endif
#ifndef OPENSSL_NO_AUTOLOAD_CONFIG
-#define OPENSSL_NO_AUTOLOAD_CONFIG
+# define OPENSSL_NO_AUTOLOAD_CONFIG
#endif
#ifndef OPENSSL_NO_CAPIENG
-#define OPENSSL_NO_CAPIENG
+# define OPENSSL_NO_CAPIENG
#endif
#ifndef OPENSSL_NO_CRYPTO_MDEBUG
-#define OPENSSL_NO_CRYPTO_MDEBUG
+# define OPENSSL_NO_CRYPTO_MDEBUG
#endif
#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
-#define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
+# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
#endif
#ifndef OPENSSL_NO_DEPRECATED
-#define OPENSSL_NO_DEPRECATED
+# define OPENSSL_NO_DEPRECATED
#endif
#ifndef OPENSSL_NO_DEVCRYPTOENG
-#define OPENSSL_NO_DEVCRYPTOENG
+# define OPENSSL_NO_DEVCRYPTOENG
#endif
#ifndef OPENSSL_NO_DGRAM
-#define OPENSSL_NO_DGRAM
+# define OPENSSL_NO_DGRAM
#endif
#ifndef OPENSSL_NO_DTLS
-#define OPENSSL_NO_DTLS
+# define OPENSSL_NO_DTLS
#endif
#ifndef OPENSSL_NO_DTLS1
-#define OPENSSL_NO_DTLS1
+# define OPENSSL_NO_DTLS1
#endif
#ifndef OPENSSL_NO_DTLS1_2
-#define OPENSSL_NO_DTLS1_2
+# define OPENSSL_NO_DTLS1_2
#endif
#ifndef OPENSSL_NO_EC2M
-#define OPENSSL_NO_EC2M
+# define OPENSSL_NO_EC2M
#endif
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-#define OPENSSL_NO_EC_NISTP_64_GCC_128
-#endif
-#ifndef OPENSSL_NO_ECDH
-#define OPENSSL_NO_ECDH
-#endif
-#ifndef OPENSSL_NO_ECDSA
-#define OPENSSL_NO_ECDSA
+# define OPENSSL_NO_EC_NISTP_64_GCC_128
#endif
#ifndef OPENSSL_NO_EGD
-#define OPENSSL_NO_EGD
+# define OPENSSL_NO_EGD
#endif
#ifndef OPENSSL_NO_ENGINE
-#define OPENSSL_NO_ENGINE
+# define OPENSSL_NO_ENGINE
#endif
#ifndef OPENSSL_NO_ERR
-#define OPENSSL_NO_ERR
+# define OPENSSL_NO_ERR
#endif
#ifndef OPENSSL_NO_EXTERNAL_TESTS
-#define OPENSSL_NO_EXTERNAL_TESTS
+# define OPENSSL_NO_EXTERNAL_TESTS
#endif
#ifndef OPENSSL_NO_FILENAMES
-#define OPENSSL_NO_FILENAMES
+# define OPENSSL_NO_FILENAMES
#endif
#ifndef OPENSSL_NO_FUZZ_AFL
-#define OPENSSL_NO_FUZZ_AFL
+# define OPENSSL_NO_FUZZ_AFL
#endif
#ifndef OPENSSL_NO_FUZZ_LIBFUZZER
-#define OPENSSL_NO_FUZZ_LIBFUZZER
+# define OPENSSL_NO_FUZZ_LIBFUZZER
#endif
#ifndef OPENSSL_NO_GOST
-#define OPENSSL_NO_GOST
+# define OPENSSL_NO_GOST
#endif
#ifndef OPENSSL_NO_HEARTBEATS
-#define OPENSSL_NO_HEARTBEATS
+# define OPENSSL_NO_HEARTBEATS
#endif
#ifndef OPENSSL_NO_HW
-#define OPENSSL_NO_HW
+# define OPENSSL_NO_HW
#endif
#ifndef OPENSSL_NO_MSAN
-#define OPENSSL_NO_MSAN
+# define OPENSSL_NO_MSAN
#endif
#ifndef OPENSSL_NO_OCB
-#define OPENSSL_NO_OCB
+# define OPENSSL_NO_OCB
#endif
#ifndef OPENSSL_NO_POSIX_IO
-#define OPENSSL_NO_POSIX_IO
+# define OPENSSL_NO_POSIX_IO
#endif
#ifndef OPENSSL_NO_RFC3779
-#define OPENSSL_NO_RFC3779
+# define OPENSSL_NO_RFC3779
#endif
#ifndef OPENSSL_NO_SCRYPT
-#define OPENSSL_NO_SCRYPT
+# define OPENSSL_NO_SCRYPT
#endif
#ifndef OPENSSL_NO_SCTP
-#define OPENSSL_NO_SCTP
+# define OPENSSL_NO_SCTP
#endif
#ifndef OPENSSL_NO_SOCK
-#define OPENSSL_NO_SOCK
+# define OPENSSL_NO_SOCK
#endif
#ifndef OPENSSL_NO_SSL_TRACE
-#define OPENSSL_NO_SSL_TRACE
+# define OPENSSL_NO_SSL_TRACE
#endif
#ifndef OPENSSL_NO_SSL3
-#define OPENSSL_NO_SSL3
+# define OPENSSL_NO_SSL3
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
-#define OPENSSL_NO_SSL3_METHOD
+# define OPENSSL_NO_SSL3_METHOD
#endif
#ifndef OPENSSL_NO_STDIO
-#define OPENSSL_NO_STDIO
+# define OPENSSL_NO_STDIO
#endif
#ifndef OPENSSL_NO_TESTS
-#define OPENSSL_NO_TESTS
-#endif
-#ifndef OPENSSL_NO_TLS1_3
-#define OPENSSL_NO_TLS1_3
+# define OPENSSL_NO_TESTS
#endif
#ifndef OPENSSL_NO_UBSAN
-#define OPENSSL_NO_UBSAN
+# define OPENSSL_NO_UBSAN
#endif
#ifndef OPENSSL_NO_UI_CONSOLE
-#define OPENSSL_NO_UI_CONSOLE
+# define OPENSSL_NO_UI_CONSOLE
#endif
#ifndef OPENSSL_NO_UNIT_TEST
-#define OPENSSL_NO_UNIT_TEST
+# define OPENSSL_NO_UNIT_TEST
#endif
#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
-#define OPENSSL_NO_WEAK_SSL_CIPHERS
+# define OPENSSL_NO_WEAK_SSL_CIPHERS
#endif
#ifndef OPENSSL_NO_DYNAMIC_ENGINE
-#define OPENSSL_NO_DYNAMIC_ENGINE
+# define OPENSSL_NO_DYNAMIC_ENGINE
#endif
+
/*
* Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers
* don't like that. This will hopefully silence them.
*/
-#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy;
+#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy;
/*
* Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
@@ -260,37 +270,37 @@ extern "C" {
* functions.
*/
#ifndef DECLARE_DEPRECATED
-#define DECLARE_DEPRECATED(f) f;
- #ifdef __GNUC__
- #if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
- #undef DECLARE_DEPRECATED
-#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
- #endif
- #elif defined (__SUNPRO_C)
- #if (__SUNPRO_C >= 0x5130)
- #undef DECLARE_DEPRECATED
-#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
- #endif
- #endif
+# define DECLARE_DEPRECATED(f) f;
+# ifdef __GNUC__
+# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
+# undef DECLARE_DEPRECATED
+# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
+# endif
+# elif defined(__SUNPRO_C)
+# if (__SUNPRO_C >= 0x5130)
+# undef DECLARE_DEPRECATED
+# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
+# endif
+# endif
#endif
#ifndef OPENSSL_FILE
- #ifdef OPENSSL_NO_FILENAMES
-#define OPENSSL_FILE ""
-#define OPENSSL_LINE 0
- #else
-#define OPENSSL_FILE __FILE__
-#define OPENSSL_LINE __LINE__
- #endif
+# ifdef OPENSSL_NO_FILENAMES
+# define OPENSSL_FILE ""
+# define OPENSSL_LINE 0
+# else
+# define OPENSSL_FILE __FILE__
+# define OPENSSL_LINE __LINE__
+# endif
#endif
#ifndef OPENSSL_MIN_API
-#define OPENSSL_MIN_API 0
+# define OPENSSL_MIN_API 0
#endif
-#if !defined (OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API
- #undef OPENSSL_API_COMPAT
-#define OPENSSL_API_COMPAT OPENSSL_MIN_API
+#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API
+# undef OPENSSL_API_COMPAT
+# define OPENSSL_API_COMPAT OPENSSL_MIN_API
#endif
/*
@@ -298,51 +308,51 @@ extern "C" {
* OpenSSL version number matches.
*/
#if OPENSSL_VERSION_NUMBER < 0x10200000L
-#define DEPRECATEDIN_1_2_0(f) f;
+# define DEPRECATEDIN_1_2_0(f) f;
#elif OPENSSL_API_COMPAT < 0x10200000L
-#define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f)
+# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f)
#else
-#define DEPRECATEDIN_1_2_0(f)
+# define DEPRECATEDIN_1_2_0(f)
#endif
#if OPENSSL_API_COMPAT < 0x10100000L
-#define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
+# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
#else
-#define DEPRECATEDIN_1_1_0(f)
+# define DEPRECATEDIN_1_1_0(f)
#endif
#if OPENSSL_API_COMPAT < 0x10000000L
-#define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
+# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
#else
-#define DEPRECATEDIN_1_0_0(f)
+# define DEPRECATEDIN_1_0_0(f)
#endif
#if OPENSSL_API_COMPAT < 0x00908000L
-#define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
+# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
#else
-#define DEPRECATEDIN_0_9_8(f)
+# define DEPRECATEDIN_0_9_8(f)
#endif
/* Generate 80386 code? */
#undef I386_ONLY
#undef OPENSSL_UNISTD
-#define OPENSSL_UNISTD <unistd.h>
+#define OPENSSL_UNISTD <unistd.h>
#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
/*
* The following are cipher-specific, but are part of the public API.
*/
-#if !defined (OPENSSL_SYS_UEFI)
- #undef BN_LLONG
+#if !defined(OPENSSL_SYS_UEFI)
+# undef BN_LLONG
/* Only one for the following should be defined */
- #undef SIXTY_FOUR_BIT_LONG
- #undef SIXTY_FOUR_BIT
-#define THIRTY_TWO_BIT
+# undef SIXTY_FOUR_BIT_LONG
+# undef SIXTY_FOUR_BIT
+# define THIRTY_TWO_BIT
#endif
-#define RC4_INT unsigned int
+#define RC4_INT unsigned int
#ifdef __cplusplus
}
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index a97b3f5e8ff2..c378440c13e7 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -200,40 +200,40 @@
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
$(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/err/err.c
@@ -421,6 +421,10 @@
$(OPENSSL_PATH)/crypto/siphash/siphash.c
$(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
$(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/sm2/sm2_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/sm3/m_sm3.c
$(OPENSSL_PATH)/crypto/sm3/sm3.c
$(OPENSSL_PATH)/crypto/sm4/sm4.c
@@ -534,14 +538,14 @@
$(OPENSSL_PATH)/crypto/dh/dh_local.h
$(OPENSSL_PATH)/crypto/dso/dso_local.h
$(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/evp/evp_local.h
$(OPENSSL_PATH)/crypto/hmac/hmac_local.h
$(OPENSSL_PATH)/crypto/lhash/lhash_local.h
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index 490b83602be9..01d9a42b605f 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -199,43 +199,43 @@
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
- $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/err/err.c
$(OPENSSL_PATH)/crypto/err/err_prn.c
$(OPENSSL_PATH)/crypto/evp/bio_b64.c
@@ -421,6 +421,10 @@
$(OPENSSL_PATH)/crypto/siphash/siphash.c
$(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
$(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/sm2/sm2_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/sm3/m_sm3.c
$(OPENSSL_PATH)/crypto/sm3/sm3.c
$(OPENSSL_PATH)/crypto/sm4/sm4.c
@@ -533,15 +537,15 @@
$(OPENSSL_PATH)/crypto/conf/conf_local.h
$(OPENSSL_PATH)/crypto/dh/dh_local.h
$(OPENSSL_PATH)/crypto/dso/dso_local.h
- $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/evp/evp_local.h
$(OPENSSL_PATH)/crypto/hmac/hmac_local.h
$(OPENSSL_PATH)/crypto/lhash/lhash_local.h
--
2.31.1.windows.1
^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH 2/3] CryptoPkg/openssl: disable codestyle checks for generated files
2022-05-09 3:19 ` [PATCH 2/3] CryptoPkg/openssl: disable codestyle checks for generated files yi1 li
@ 2022-05-09 3:23 ` Yao, Jiewen
0 siblings, 0 replies; 12+ messages in thread
From: Yao, Jiewen @ 2022-05-09 3:23 UTC (permalink / raw)
To: Li, Yi1, devel@edk2.groups.io
Cc: Gerd Hoffmann, Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
> -----Original Message-----
> From: Li, Yi1 <yi1.li@intel.com>
> Sent: Monday, May 9, 2022 11:19 AM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>; Gerd Hoffmann <kraxel@redhat.com>; Yao,
> Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Lu,
> Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
> Subject: [PATCH 2/3] CryptoPkg/openssl: disable codestyle checks for generated
> files
>
> Files generated by process_files.pl from openssl sources should not be checked
> for edk2 code style.
>
> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
> Signed-off-by: Yi Li <yi1.li@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
> ---
> CryptoPkg/CryptoPkg.ci.yaml | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
> index 396ca93dbe49..09fba0bcc685 100644
> --- a/CryptoPkg/CryptoPkg.ci.yaml
> +++ b/CryptoPkg/CryptoPkg.ci.yaml
> @@ -26,6 +26,8 @@
> ## Both file path and directory path are accepted.
> "IgnoreFiles": [
> "Library/OpensslLib/openssl",
> + "Library/Include/openssl",
> + "Library/Include/crypto",
> # The unit testing folder is not to be checked
> "Test/UnitTest",
> # This has OpenSSL interfaces that aren't UEFI spec compliant
> @@ -89,5 +91,13 @@
> "ExtendWords": [], # words to extend to the dictionary for this
> package
> "IgnoreStandardPaths": [], # Standard Plugin defined paths that should be
> ignore
> "AdditionalIncludePaths": [] # Additional paths to spell check (wildcards
> supported)
> + },
> +
> + # options defined in .pytool/Plugin/UncrustifyCheck
> + "UncrustifyCheck": {
> + "IgnoreFiles": [
> + "opensslconf.h",
> + "dso_conf.h",
> + ]
> }
> }
> --
> 2.31.1.windows.1
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option
2022-05-09 3:19 ` [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option yi1 li
@ 2022-05-09 3:23 ` Yao, Jiewen
2022-05-09 9:34 ` Gerd Hoffmann
1 sibling, 0 replies; 12+ messages in thread
From: Yao, Jiewen @ 2022-05-09 3:23 UTC (permalink / raw)
To: Li, Yi1, devel@edk2.groups.io
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Gerd Hoffmann
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
> -----Original Message-----
> From: Li, Yi1 <yi1.li@intel.com>
> Sent: Monday, May 9, 2022 11:19 AM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian
> J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin
> <guomin.jiang@intel.com>; Gerd Hoffmann <kraxel@redhat.com>
> Subject: [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add
> PCD config option
>
> Recommend from Gerd:
> (2) Keep the EC config option, but update process_files.pl to
> automatically add the PcdEcEnabled config option handling
> to the files it generates.
>
> When remove 'no-ec' from openssl configure list, will automatically remove
> 'OPENSSL_NO_EC', 'OPENSSL_NO_ECDH', 'OPENSSL_NO_ECDSA',
> 'OPENSSL_NO_TLS1_3',
> form header, and add '/ec/.', '/sm2/.' files to INF files.
>
> Signed-off-by: Yi Li <yi1.li@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> ---
> CryptoPkg/Library/OpensslLib/process_files.pl | 67 ++++++++++++++++++-
> 1 file changed, 65 insertions(+), 2 deletions(-)
>
> diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl
> b/CryptoPkg/Library/OpensslLib/process_files.pl
> index 2ebfbbbca0de..2849f5d9aed0 100755
> --- a/CryptoPkg/Library/OpensslLib/process_files.pl
> +++ b/CryptoPkg/Library/OpensslLib/process_files.pl
> @@ -81,6 +81,19 @@ my $uefi_config;
> my $extension;
> my $arch;
> my @inf;
> +#
> +# Use PCD to conditionally enable certain openssl features.
> +# $conditional_feature contains fetures_names:pcd_name pairs
> +# of conditional features.
> +# @conditional_feature_dir contains relative_path:pcd_name pairs
> +# of conditional features in openssl, MUST correspond to the content
> +# in $conditional_feature.
> +#
> +# Configure list [openssl_configuratio : new_define_list : new_file_list : pcd]
> +# 1. no-ec : {NO_EC, NO_ECDH, NO_ECDSA, NO_TLS1_3, NO_SM2} : {/ec/,
> /sm2/} : PcdEcEnabled
> +#
> +my %conditional_feature = ("EC"=>"PcdEcEnabled", "ECDH"=>"PcdEcEnabled",
> "ECDSA"=>"PcdEcEnabled", "TLS1_3"=>"PcdEcEnabled",
> "SM2"=>"PcdEcEnabled");
> +my %conditional_feature_dir = ("/ec/"=>"PcdEcEnabled",
> "/sm2/"=>"PcdEcEnabled");
>
> BEGIN {
> $inf_file = "OpensslLib.inf";
> @@ -282,7 +295,13 @@ foreach my $product ((@{$unified_info{libraries}},
> push @sslfilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n";
> next;
> }
> - push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s . "\r\n";
> + push @cryptofilelist, ' $(OPENSSL_PATH)/' . $s;
> + foreach (keys(%conditional_feature_dir)) {
> + if ($s =~ $_) {
> + push @cryptofilelist, ' |*|*|*|gEfiCryptoPkgTokenSpaceGuid.' .
> $conditional_feature_dir{$_};
> + }
> + }
> + push @cryptofilelist, "\r\n";
> }
> }
> }
> @@ -311,7 +330,13 @@ foreach (@headers){
> push @sslfilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n";
> next;
> }
> - push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_ . "\r\n";
> + push @cryptofilelist, ' $(OPENSSL_PATH)/' . $_;
> + foreach my $conditional_key (keys(%conditional_feature_dir)) {
> + if ($_ =~ $conditional_key) {
> + push @cryptofilelist, ' |*|*|*|gEfiCryptoPkgTokenSpaceGuid.' .
> $conditional_feature_dir{$conditional_key};
> + }
> + }
> + push @cryptofilelist, "\r\n";
> }
>
>
> @@ -430,6 +455,44 @@ system(
> die "Cannot copy dso_conf.h!";
> print "Done!\n";
>
> +#
> +# Add conditional feature to opensslconf.h
> +#
> +my $conf_file = "../Include/openssl/opensslconf.h";
> +my @conf_raw = ();
> +my @conditional_define = ();
> +print "\n--> Updating $conf_file ... ";
> +
> +foreach my $feature_name (keys(%conditional_feature)) {
> + push @conditional_define, "#if !FixedPcdGetBool
> ($conditional_feature{$feature_name})\r\n";
> + push @conditional_define, "# ifndef OPENSSL_NO_$feature_name\r\n";
> + push @conditional_define, "# define OPENSSL_NO_$feature_name\r\n";
> + push @conditional_define, "# endif\r\n#endif\r\n";
> +}
> +
> +open( FD, "<" . $conf_file ) ||
> + die $conf_file;
> +foreach (<FD>) {
> + # Insert conditional define to the begin of opensslconf.h
> + if ($_ =~ "#ifdef OPENSSL_ALGORITHM_DEFINES") {
> + push @conf_raw, @conditional_define;
> + }
> + push @conf_raw, $_;
> + if ($_ =~ "<openssl/opensslv.h>") {
> + push @conf_raw, "#include <Library/PcdLib.h>\r\n";
> + }
> +}
> +close(FD) ||
> + die $conf_file;
> +
> +open( FD, ">" . $conf_file ) ||
> + die $conf_file;
> +print( FD @conf_raw ) ||
> + die $conf_file;
> +close(FD) ||
> + die $conf_file;
> +print "Done!\n";
> +
> print "\nProcessing Files Done!\n";
>
> exit(0);
> --
> 2.31.1.windows.1
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 3/3] CryptoPkg/openssl: update generated files
2022-05-09 3:19 ` [PATCH 3/3] CryptoPkg/openssl: update " yi1 li
@ 2022-05-09 3:25 ` Yao, Jiewen
2022-05-09 3:34 ` yi1 li
2022-05-09 9:38 ` Gerd Hoffmann
0 siblings, 2 replies; 12+ messages in thread
From: Yao, Jiewen @ 2022-05-09 3:25 UTC (permalink / raw)
To: Li, Yi1, devel@edk2.groups.io
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Gerd Hoffmann
Thanks for the update.
think some changes are unnecessary.
> -#define OSSL_CRYPTO_DSO_CONF_H
> -#define DSO_NONE
> -#define DSO_EXTENSION ".so"
> +# define OSSL_CRYPTO_DSO_CONF_H
> +# define DSO_NONE
> +# define DSO_EXTENSION ".so"
Why you add a space ' ' ?
Can we make it unchanged?
Thank you
Yao Jiewen
> -----Original Message-----
> From: Li, Yi1 <yi1.li@intel.com>
> Sent: Monday, May 9, 2022 11:19 AM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian
> J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin
> <guomin.jiang@intel.com>; Gerd Hoffmann <kraxel@redhat.com>
> Subject: [PATCH 3/3] CryptoPkg/openssl: update generated files
>
> Run process_files.pl with the current openssl submodule version.
>
> Signed-off-by: Yi Li <yi1.li@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> ---
> CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +-
> .../Library/Include/openssl/opensslconf.h | 266 +++++++++---------
> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 34 ++-
> .../Library/OpensslLib/OpensslLibCrypto.inf | 96 ++++---
> 4 files changed, 210 insertions(+), 193 deletions(-)
>
> diff --git a/CryptoPkg/Library/Include/crypto/dso_conf.h
> b/CryptoPkg/Library/Include/crypto/dso_conf.h
> index b9c38b416697..95f4db2b1586 100644
> --- a/CryptoPkg/Library/Include/crypto/dso_conf.h
> +++ b/CryptoPkg/Library/Include/crypto/dso_conf.h
> @@ -1,6 +1,5 @@
> /* WARNING: do not edit! */
> /* Generated from include/crypto/dso_conf.h.in */
> -
> /*
> * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
> *
> @@ -11,7 +10,7 @@
> */
>
> #ifndef OSSL_CRYPTO_DSO_CONF_H
> -#define OSSL_CRYPTO_DSO_CONF_H
> -#define DSO_NONE
> -#define DSO_EXTENSION ".so"
> +# define OSSL_CRYPTO_DSO_CONF_H
> +# define DSO_NONE
> +# define DSO_EXTENSION ".so"
> #endif
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
> b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 1485b8c9f108..aaa5c0e54813 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -9,15 +9,41 @@
> * in the file LICENSE in the source distribution or at
> * https://www.openssl.org/source/license.html
> */
> -#include <Library/PcdLib.h>
> +
> #include <openssl/opensslv.h>
> +#include <Library/PcdLib.h>
>
> #ifdef __cplusplus
> extern "C" {
> #endif
>
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_ECDSA
> +# define OPENSSL_NO_ECDSA
> +# endif
> +#endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_EC
> +# define OPENSSL_NO_EC
> +# endif
> +#endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_SM2
> +# define OPENSSL_NO_SM2
> +# endif
> +#endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_TLS1_3
> +# define OPENSSL_NO_TLS1_3
> +# endif
> +#endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_ECDH
> +# define OPENSSL_NO_ECDH
> +# endif
> +#endif
> #ifdef OPENSSL_ALGORITHM_DEFINES
> - #error OPENSSL_ALGORITHM_DEFINES no longer supported
> +# error OPENSSL_ALGORITHM_DEFINES no longer supported
> #endif
>
> /*
> @@ -25,233 +51,217 @@ extern "C" {
> */
>
> #ifndef OPENSSL_SYS_UEFI
> -#define OPENSSL_SYS_UEFI 1
> +# define OPENSSL_SYS_UEFI 1
> #endif
> -#define OPENSSL_MIN_API 0x10100000L
> +#define OPENSSL_MIN_API 0x10100000L
> #ifndef OPENSSL_NO_BF
> -#define OPENSSL_NO_BF
> +# define OPENSSL_NO_BF
> #endif
> #ifndef OPENSSL_NO_BLAKE2
> -#define OPENSSL_NO_BLAKE2
> +# define OPENSSL_NO_BLAKE2
> #endif
> #ifndef OPENSSL_NO_CAMELLIA
> -#define OPENSSL_NO_CAMELLIA
> +# define OPENSSL_NO_CAMELLIA
> #endif
> #ifndef OPENSSL_NO_CAST
> -#define OPENSSL_NO_CAST
> +# define OPENSSL_NO_CAST
> #endif
> #ifndef OPENSSL_NO_CHACHA
> -#define OPENSSL_NO_CHACHA
> +# define OPENSSL_NO_CHACHA
> #endif
> #ifndef OPENSSL_NO_CMS
> -#define OPENSSL_NO_CMS
> +# define OPENSSL_NO_CMS
> #endif
> #ifndef OPENSSL_NO_CT
> -#define OPENSSL_NO_CT
> +# define OPENSSL_NO_CT
> #endif
> #ifndef OPENSSL_NO_DES
> -#define OPENSSL_NO_DES
> +# define OPENSSL_NO_DES
> #endif
> #ifndef OPENSSL_NO_DSA
> -#define OPENSSL_NO_DSA
> -#endif
> -#if !FixedPcdGetBool (PcdEcEnabled)
> - #ifndef OPENSSL_NO_EC
> -#define OPENSSL_NO_EC
> - #endif
> +# define OPENSSL_NO_DSA
> #endif
> #ifndef OPENSSL_NO_IDEA
> -#define OPENSSL_NO_IDEA
> +# define OPENSSL_NO_IDEA
> #endif
> #ifndef OPENSSL_NO_MD2
> -#define OPENSSL_NO_MD2
> +# define OPENSSL_NO_MD2
> #endif
> #ifndef OPENSSL_NO_MD4
> -#define OPENSSL_NO_MD4
> +# define OPENSSL_NO_MD4
> #endif
> #ifndef OPENSSL_NO_MDC2
> -#define OPENSSL_NO_MDC2
> +# define OPENSSL_NO_MDC2
> #endif
> #ifndef OPENSSL_NO_POLY1305
> -#define OPENSSL_NO_POLY1305
> +# define OPENSSL_NO_POLY1305
> #endif
> #ifndef OPENSSL_NO_RC2
> -#define OPENSSL_NO_RC2
> +# define OPENSSL_NO_RC2
> #endif
> #ifndef OPENSSL_NO_RC4
> -#define OPENSSL_NO_RC4
> +# define OPENSSL_NO_RC4
> #endif
> #ifndef OPENSSL_NO_RC5
> -#define OPENSSL_NO_RC5
> +# define OPENSSL_NO_RC5
> #endif
> #ifndef OPENSSL_NO_RMD160
> -#define OPENSSL_NO_RMD160
> +# define OPENSSL_NO_RMD160
> #endif
> #ifndef OPENSSL_NO_SEED
> -#define OPENSSL_NO_SEED
> -#endif
> -#ifndef OPENSSL_NO_SM2
> -#define OPENSSL_NO_SM2
> +# define OPENSSL_NO_SEED
> #endif
> #ifndef OPENSSL_NO_SRP
> -#define OPENSSL_NO_SRP
> +# define OPENSSL_NO_SRP
> #endif
> #ifndef OPENSSL_NO_TS
> -#define OPENSSL_NO_TS
> +# define OPENSSL_NO_TS
> #endif
> #ifndef OPENSSL_NO_WHIRLPOOL
> -#define OPENSSL_NO_WHIRLPOOL
> +# define OPENSSL_NO_WHIRLPOOL
> #endif
> #ifndef OPENSSL_RAND_SEED_NONE
> -#define OPENSSL_RAND_SEED_NONE
> +# define OPENSSL_RAND_SEED_NONE
> #endif
> #ifndef OPENSSL_NO_AFALGENG
> -#define OPENSSL_NO_AFALGENG
> +# define OPENSSL_NO_AFALGENG
> #endif
> #ifndef OPENSSL_NO_APPS
> -#define OPENSSL_NO_APPS
> +# define OPENSSL_NO_APPS
> #endif
> #ifndef OPENSSL_NO_ASAN
> -#define OPENSSL_NO_ASAN
> +# define OPENSSL_NO_ASAN
> #endif
> #ifndef OPENSSL_NO_ASYNC
> -#define OPENSSL_NO_ASYNC
> +# define OPENSSL_NO_ASYNC
> #endif
> #ifndef OPENSSL_NO_AUTOERRINIT
> -#define OPENSSL_NO_AUTOERRINIT
> +# define OPENSSL_NO_AUTOERRINIT
> #endif
> #ifndef OPENSSL_NO_AUTOLOAD_CONFIG
> -#define OPENSSL_NO_AUTOLOAD_CONFIG
> +# define OPENSSL_NO_AUTOLOAD_CONFIG
> #endif
> #ifndef OPENSSL_NO_CAPIENG
> -#define OPENSSL_NO_CAPIENG
> +# define OPENSSL_NO_CAPIENG
> #endif
> #ifndef OPENSSL_NO_CRYPTO_MDEBUG
> -#define OPENSSL_NO_CRYPTO_MDEBUG
> +# define OPENSSL_NO_CRYPTO_MDEBUG
> #endif
> #ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
> -#define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
> +# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
> #endif
> #ifndef OPENSSL_NO_DEPRECATED
> -#define OPENSSL_NO_DEPRECATED
> +# define OPENSSL_NO_DEPRECATED
> #endif
> #ifndef OPENSSL_NO_DEVCRYPTOENG
> -#define OPENSSL_NO_DEVCRYPTOENG
> +# define OPENSSL_NO_DEVCRYPTOENG
> #endif
> #ifndef OPENSSL_NO_DGRAM
> -#define OPENSSL_NO_DGRAM
> +# define OPENSSL_NO_DGRAM
> #endif
> #ifndef OPENSSL_NO_DTLS
> -#define OPENSSL_NO_DTLS
> +# define OPENSSL_NO_DTLS
> #endif
> #ifndef OPENSSL_NO_DTLS1
> -#define OPENSSL_NO_DTLS1
> +# define OPENSSL_NO_DTLS1
> #endif
> #ifndef OPENSSL_NO_DTLS1_2
> -#define OPENSSL_NO_DTLS1_2
> +# define OPENSSL_NO_DTLS1_2
> #endif
> #ifndef OPENSSL_NO_EC2M
> -#define OPENSSL_NO_EC2M
> +# define OPENSSL_NO_EC2M
> #endif
> #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
> -#define OPENSSL_NO_EC_NISTP_64_GCC_128
> -#endif
> -#ifndef OPENSSL_NO_ECDH
> -#define OPENSSL_NO_ECDH
> -#endif
> -#ifndef OPENSSL_NO_ECDSA
> -#define OPENSSL_NO_ECDSA
> +# define OPENSSL_NO_EC_NISTP_64_GCC_128
> #endif
> #ifndef OPENSSL_NO_EGD
> -#define OPENSSL_NO_EGD
> +# define OPENSSL_NO_EGD
> #endif
> #ifndef OPENSSL_NO_ENGINE
> -#define OPENSSL_NO_ENGINE
> +# define OPENSSL_NO_ENGINE
> #endif
> #ifndef OPENSSL_NO_ERR
> -#define OPENSSL_NO_ERR
> +# define OPENSSL_NO_ERR
> #endif
> #ifndef OPENSSL_NO_EXTERNAL_TESTS
> -#define OPENSSL_NO_EXTERNAL_TESTS
> +# define OPENSSL_NO_EXTERNAL_TESTS
> #endif
> #ifndef OPENSSL_NO_FILENAMES
> -#define OPENSSL_NO_FILENAMES
> +# define OPENSSL_NO_FILENAMES
> #endif
> #ifndef OPENSSL_NO_FUZZ_AFL
> -#define OPENSSL_NO_FUZZ_AFL
> +# define OPENSSL_NO_FUZZ_AFL
> #endif
> #ifndef OPENSSL_NO_FUZZ_LIBFUZZER
> -#define OPENSSL_NO_FUZZ_LIBFUZZER
> +# define OPENSSL_NO_FUZZ_LIBFUZZER
> #endif
> #ifndef OPENSSL_NO_GOST
> -#define OPENSSL_NO_GOST
> +# define OPENSSL_NO_GOST
> #endif
> #ifndef OPENSSL_NO_HEARTBEATS
> -#define OPENSSL_NO_HEARTBEATS
> +# define OPENSSL_NO_HEARTBEATS
> #endif
> #ifndef OPENSSL_NO_HW
> -#define OPENSSL_NO_HW
> +# define OPENSSL_NO_HW
> #endif
> #ifndef OPENSSL_NO_MSAN
> -#define OPENSSL_NO_MSAN
> +# define OPENSSL_NO_MSAN
> #endif
> #ifndef OPENSSL_NO_OCB
> -#define OPENSSL_NO_OCB
> +# define OPENSSL_NO_OCB
> #endif
> #ifndef OPENSSL_NO_POSIX_IO
> -#define OPENSSL_NO_POSIX_IO
> +# define OPENSSL_NO_POSIX_IO
> #endif
> #ifndef OPENSSL_NO_RFC3779
> -#define OPENSSL_NO_RFC3779
> +# define OPENSSL_NO_RFC3779
> #endif
> #ifndef OPENSSL_NO_SCRYPT
> -#define OPENSSL_NO_SCRYPT
> +# define OPENSSL_NO_SCRYPT
> #endif
> #ifndef OPENSSL_NO_SCTP
> -#define OPENSSL_NO_SCTP
> +# define OPENSSL_NO_SCTP
> #endif
> #ifndef OPENSSL_NO_SOCK
> -#define OPENSSL_NO_SOCK
> +# define OPENSSL_NO_SOCK
> #endif
> #ifndef OPENSSL_NO_SSL_TRACE
> -#define OPENSSL_NO_SSL_TRACE
> +# define OPENSSL_NO_SSL_TRACE
> #endif
> #ifndef OPENSSL_NO_SSL3
> -#define OPENSSL_NO_SSL3
> +# define OPENSSL_NO_SSL3
> #endif
> #ifndef OPENSSL_NO_SSL3_METHOD
> -#define OPENSSL_NO_SSL3_METHOD
> +# define OPENSSL_NO_SSL3_METHOD
> #endif
> #ifndef OPENSSL_NO_STDIO
> -#define OPENSSL_NO_STDIO
> +# define OPENSSL_NO_STDIO
> #endif
> #ifndef OPENSSL_NO_TESTS
> -#define OPENSSL_NO_TESTS
> -#endif
> -#ifndef OPENSSL_NO_TLS1_3
> -#define OPENSSL_NO_TLS1_3
> +# define OPENSSL_NO_TESTS
> #endif
> #ifndef OPENSSL_NO_UBSAN
> -#define OPENSSL_NO_UBSAN
> +# define OPENSSL_NO_UBSAN
> #endif
> #ifndef OPENSSL_NO_UI_CONSOLE
> -#define OPENSSL_NO_UI_CONSOLE
> +# define OPENSSL_NO_UI_CONSOLE
> #endif
> #ifndef OPENSSL_NO_UNIT_TEST
> -#define OPENSSL_NO_UNIT_TEST
> +# define OPENSSL_NO_UNIT_TEST
> #endif
> #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
> -#define OPENSSL_NO_WEAK_SSL_CIPHERS
> +# define OPENSSL_NO_WEAK_SSL_CIPHERS
> #endif
> #ifndef OPENSSL_NO_DYNAMIC_ENGINE
> -#define OPENSSL_NO_DYNAMIC_ENGINE
> +# define OPENSSL_NO_DYNAMIC_ENGINE
> #endif
>
> +
> /*
> * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some
> compilers
> * don't like that. This will hopefully silence them.
> */
> -#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy;
> +#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy;
>
> /*
> * Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
> @@ -260,37 +270,37 @@ extern "C" {
> * functions.
> */
> #ifndef DECLARE_DEPRECATED
> -#define DECLARE_DEPRECATED(f) f;
> - #ifdef __GNUC__
> - #if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
> - #undef DECLARE_DEPRECATED
> -#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> - #endif
> - #elif defined (__SUNPRO_C)
> - #if (__SUNPRO_C >= 0x5130)
> - #undef DECLARE_DEPRECATED
> -#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> - #endif
> - #endif
> +# define DECLARE_DEPRECATED(f) f;
> +# ifdef __GNUC__
> +# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
> +# undef DECLARE_DEPRECATED
> +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> +# endif
> +# elif defined(__SUNPRO_C)
> +# if (__SUNPRO_C >= 0x5130)
> +# undef DECLARE_DEPRECATED
> +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> +# endif
> +# endif
> #endif
>
> #ifndef OPENSSL_FILE
> - #ifdef OPENSSL_NO_FILENAMES
> -#define OPENSSL_FILE ""
> -#define OPENSSL_LINE 0
> - #else
> -#define OPENSSL_FILE __FILE__
> -#define OPENSSL_LINE __LINE__
> - #endif
> +# ifdef OPENSSL_NO_FILENAMES
> +# define OPENSSL_FILE ""
> +# define OPENSSL_LINE 0
> +# else
> +# define OPENSSL_FILE __FILE__
> +# define OPENSSL_LINE __LINE__
> +# endif
> #endif
>
> #ifndef OPENSSL_MIN_API
> -#define OPENSSL_MIN_API 0
> +# define OPENSSL_MIN_API 0
> #endif
>
> -#if !defined (OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT <
> OPENSSL_MIN_API
> - #undef OPENSSL_API_COMPAT
> -#define OPENSSL_API_COMPAT OPENSSL_MIN_API
> +#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT <
> OPENSSL_MIN_API
> +# undef OPENSSL_API_COMPAT
> +# define OPENSSL_API_COMPAT OPENSSL_MIN_API
> #endif
>
> /*
> @@ -298,51 +308,51 @@ extern "C" {
> * OpenSSL version number matches.
> */
> #if OPENSSL_VERSION_NUMBER < 0x10200000L
> -#define DEPRECATEDIN_1_2_0(f) f;
> +# define DEPRECATEDIN_1_2_0(f) f;
> #elif OPENSSL_API_COMPAT < 0x10200000L
> -#define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f)
> +# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f)
> #else
> -#define DEPRECATEDIN_1_2_0(f)
> +# define DEPRECATEDIN_1_2_0(f)
> #endif
>
> #if OPENSSL_API_COMPAT < 0x10100000L
> -#define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
> +# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
> #else
> -#define DEPRECATEDIN_1_1_0(f)
> +# define DEPRECATEDIN_1_1_0(f)
> #endif
>
> #if OPENSSL_API_COMPAT < 0x10000000L
> -#define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
> +# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
> #else
> -#define DEPRECATEDIN_1_0_0(f)
> +# define DEPRECATEDIN_1_0_0(f)
> #endif
>
> #if OPENSSL_API_COMPAT < 0x00908000L
> -#define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
> +# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
> #else
> -#define DEPRECATEDIN_0_9_8(f)
> +# define DEPRECATEDIN_0_9_8(f)
> #endif
>
> /* Generate 80386 code? */
> #undef I386_ONLY
>
> #undef OPENSSL_UNISTD
> -#define OPENSSL_UNISTD <unistd.h>
> +#define OPENSSL_UNISTD <unistd.h>
>
> #undef OPENSSL_EXPORT_VAR_AS_FUNCTION
>
> /*
> * The following are cipher-specific, but are part of the public API.
> */
> -#if !defined (OPENSSL_SYS_UEFI)
> - #undef BN_LLONG
> +#if !defined(OPENSSL_SYS_UEFI)
> +# undef BN_LLONG
> /* Only one for the following should be defined */
> - #undef SIXTY_FOUR_BIT_LONG
> - #undef SIXTY_FOUR_BIT
> -#define THIRTY_TWO_BIT
> +# undef SIXTY_FOUR_BIT_LONG
> +# undef SIXTY_FOUR_BIT
> +# define THIRTY_TWO_BIT
> #endif
>
> -#define RC4_INT unsigned int
> +#define RC4_INT unsigned int
>
> #ifdef __cplusplus
> }
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index a97b3f5e8ff2..c378440c13e7 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -200,40 +200,40 @@
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> $(OPENSSL_PATH)/crypto/ec/curve25519.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_check.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_key.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_print.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> @@ -421,6 +421,10 @@
> $(OPENSSL_PATH)/crypto/siphash/siphash.c
> $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
> $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
> + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/sm3/m_sm3.c
> $(OPENSSL_PATH)/crypto/sm3/sm3.c
> $(OPENSSL_PATH)/crypto/sm4/sm4.c
> @@ -534,14 +538,14 @@
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> $(OPENSSL_PATH)/crypto/ec/ec_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index 490b83602be9..01d9a42b605f 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -199,43 +199,43 @@
> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve25519.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_check.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_key.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_print.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> $(OPENSSL_PATH)/crypto/err/err_prn.c
> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
> @@ -421,6 +421,10 @@
> $(OPENSSL_PATH)/crypto/siphash/siphash.c
> $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
> $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
> + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/sm3/m_sm3.c
> $(OPENSSL_PATH)/crypto/sm3/sm3.c
> $(OPENSSL_PATH)/crypto/sm4/sm4.c
> @@ -533,15 +537,15 @@
> $(OPENSSL_PATH)/crypto/conf/conf_local.h
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> --
> 2.31.1.windows.1
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 3/3] CryptoPkg/openssl: update generated files
2022-05-09 3:25 ` Yao, Jiewen
@ 2022-05-09 3:34 ` yi1 li
2022-05-09 9:38 ` Gerd Hoffmann
1 sibling, 0 replies; 12+ messages in thread
From: yi1 li @ 2022-05-09 3:34 UTC (permalink / raw)
To: Yao, Jiewen, devel@edk2.groups.io
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Gerd Hoffmann
Hi, Changes to this file are automatically generated by perl script. Modified them before to follow edk2 code style.
Gerd thinks files generated by process_files.pl from openssl sources should not be checked for edk2 code style, I agree with him.
So the changes are back.
-----Original Message-----
From: Yao, Jiewen <jiewen.yao@intel.com>
Sent: Monday, May 9, 2022 11:25 AM
To: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io
Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Gerd Hoffmann <kraxel@redhat.com>
Subject: RE: [PATCH 3/3] CryptoPkg/openssl: update generated files
Thanks for the update.
think some changes are unnecessary.
> -#define OSSL_CRYPTO_DSO_CONF_H
> -#define DSO_NONE
> -#define DSO_EXTENSION ".so"
> +# define OSSL_CRYPTO_DSO_CONF_H
> +# define DSO_NONE
> +# define DSO_EXTENSION ".so"
Why you add a space ' ' ?
Can we make it unchanged?
Thank you
Yao Jiewen
> -----Original Message-----
> From: Li, Yi1 <yi1.li@intel.com>
> Sent: Monday, May 9, 2022 11:19 AM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Gerd
> Hoffmann <kraxel@redhat.com>
> Subject: [PATCH 3/3] CryptoPkg/openssl: update generated files
>
> Run process_files.pl with the current openssl submodule version.
>
> Signed-off-by: Yi Li <yi1.li@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> ---
> CryptoPkg/Library/Include/crypto/dso_conf.h | 7 +-
> .../Library/Include/openssl/opensslconf.h | 266 +++++++++---------
> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 34 ++-
> .../Library/OpensslLib/OpensslLibCrypto.inf | 96 ++++---
> 4 files changed, 210 insertions(+), 193 deletions(-)
>
> diff --git a/CryptoPkg/Library/Include/crypto/dso_conf.h
> b/CryptoPkg/Library/Include/crypto/dso_conf.h
> index b9c38b416697..95f4db2b1586 100644
> --- a/CryptoPkg/Library/Include/crypto/dso_conf.h
> +++ b/CryptoPkg/Library/Include/crypto/dso_conf.h
> @@ -1,6 +1,5 @@
> /* WARNING: do not edit! */
> /* Generated from include/crypto/dso_conf.h.in */
> -
> /*
> * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
> *
> @@ -11,7 +10,7 @@
> */
>
> #ifndef OSSL_CRYPTO_DSO_CONF_H
> -#define OSSL_CRYPTO_DSO_CONF_H
> -#define DSO_NONE
> -#define DSO_EXTENSION ".so"
> +# define OSSL_CRYPTO_DSO_CONF_H
> +# define DSO_NONE
> +# define DSO_EXTENSION ".so"
> #endif
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
> b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 1485b8c9f108..aaa5c0e54813 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -9,15 +9,41 @@
> * in the file LICENSE in the source distribution or at
> * https://www.openssl.org/source/license.html
> */
> -#include <Library/PcdLib.h>
> +
> #include <openssl/opensslv.h>
> +#include <Library/PcdLib.h>
>
> #ifdef __cplusplus
> extern "C" {
> #endif
>
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_ECDSA
> +# define OPENSSL_NO_ECDSA
> +# endif
> +#endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_EC
> +# define OPENSSL_NO_EC
> +# endif
> +#endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_SM2
> +# define OPENSSL_NO_SM2
> +# endif
> +#endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_TLS1_3
> +# define OPENSSL_NO_TLS1_3
> +# endif
> +#endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> +# ifndef OPENSSL_NO_ECDH
> +# define OPENSSL_NO_ECDH
> +# endif
> +#endif
> #ifdef OPENSSL_ALGORITHM_DEFINES
> - #error OPENSSL_ALGORITHM_DEFINES no longer supported
> +# error OPENSSL_ALGORITHM_DEFINES no longer supported
> #endif
>
> /*
> @@ -25,233 +51,217 @@ extern "C" {
> */
>
> #ifndef OPENSSL_SYS_UEFI
> -#define OPENSSL_SYS_UEFI 1
> +# define OPENSSL_SYS_UEFI 1
> #endif
> -#define OPENSSL_MIN_API 0x10100000L
> +#define OPENSSL_MIN_API 0x10100000L
> #ifndef OPENSSL_NO_BF
> -#define OPENSSL_NO_BF
> +# define OPENSSL_NO_BF
> #endif
> #ifndef OPENSSL_NO_BLAKE2
> -#define OPENSSL_NO_BLAKE2
> +# define OPENSSL_NO_BLAKE2
> #endif
> #ifndef OPENSSL_NO_CAMELLIA
> -#define OPENSSL_NO_CAMELLIA
> +# define OPENSSL_NO_CAMELLIA
> #endif
> #ifndef OPENSSL_NO_CAST
> -#define OPENSSL_NO_CAST
> +# define OPENSSL_NO_CAST
> #endif
> #ifndef OPENSSL_NO_CHACHA
> -#define OPENSSL_NO_CHACHA
> +# define OPENSSL_NO_CHACHA
> #endif
> #ifndef OPENSSL_NO_CMS
> -#define OPENSSL_NO_CMS
> +# define OPENSSL_NO_CMS
> #endif
> #ifndef OPENSSL_NO_CT
> -#define OPENSSL_NO_CT
> +# define OPENSSL_NO_CT
> #endif
> #ifndef OPENSSL_NO_DES
> -#define OPENSSL_NO_DES
> +# define OPENSSL_NO_DES
> #endif
> #ifndef OPENSSL_NO_DSA
> -#define OPENSSL_NO_DSA
> -#endif
> -#if !FixedPcdGetBool (PcdEcEnabled)
> - #ifndef OPENSSL_NO_EC
> -#define OPENSSL_NO_EC
> - #endif
> +# define OPENSSL_NO_DSA
> #endif
> #ifndef OPENSSL_NO_IDEA
> -#define OPENSSL_NO_IDEA
> +# define OPENSSL_NO_IDEA
> #endif
> #ifndef OPENSSL_NO_MD2
> -#define OPENSSL_NO_MD2
> +# define OPENSSL_NO_MD2
> #endif
> #ifndef OPENSSL_NO_MD4
> -#define OPENSSL_NO_MD4
> +# define OPENSSL_NO_MD4
> #endif
> #ifndef OPENSSL_NO_MDC2
> -#define OPENSSL_NO_MDC2
> +# define OPENSSL_NO_MDC2
> #endif
> #ifndef OPENSSL_NO_POLY1305
> -#define OPENSSL_NO_POLY1305
> +# define OPENSSL_NO_POLY1305
> #endif
> #ifndef OPENSSL_NO_RC2
> -#define OPENSSL_NO_RC2
> +# define OPENSSL_NO_RC2
> #endif
> #ifndef OPENSSL_NO_RC4
> -#define OPENSSL_NO_RC4
> +# define OPENSSL_NO_RC4
> #endif
> #ifndef OPENSSL_NO_RC5
> -#define OPENSSL_NO_RC5
> +# define OPENSSL_NO_RC5
> #endif
> #ifndef OPENSSL_NO_RMD160
> -#define OPENSSL_NO_RMD160
> +# define OPENSSL_NO_RMD160
> #endif
> #ifndef OPENSSL_NO_SEED
> -#define OPENSSL_NO_SEED
> -#endif
> -#ifndef OPENSSL_NO_SM2
> -#define OPENSSL_NO_SM2
> +# define OPENSSL_NO_SEED
> #endif
> #ifndef OPENSSL_NO_SRP
> -#define OPENSSL_NO_SRP
> +# define OPENSSL_NO_SRP
> #endif
> #ifndef OPENSSL_NO_TS
> -#define OPENSSL_NO_TS
> +# define OPENSSL_NO_TS
> #endif
> #ifndef OPENSSL_NO_WHIRLPOOL
> -#define OPENSSL_NO_WHIRLPOOL
> +# define OPENSSL_NO_WHIRLPOOL
> #endif
> #ifndef OPENSSL_RAND_SEED_NONE
> -#define OPENSSL_RAND_SEED_NONE
> +# define OPENSSL_RAND_SEED_NONE
> #endif
> #ifndef OPENSSL_NO_AFALGENG
> -#define OPENSSL_NO_AFALGENG
> +# define OPENSSL_NO_AFALGENG
> #endif
> #ifndef OPENSSL_NO_APPS
> -#define OPENSSL_NO_APPS
> +# define OPENSSL_NO_APPS
> #endif
> #ifndef OPENSSL_NO_ASAN
> -#define OPENSSL_NO_ASAN
> +# define OPENSSL_NO_ASAN
> #endif
> #ifndef OPENSSL_NO_ASYNC
> -#define OPENSSL_NO_ASYNC
> +# define OPENSSL_NO_ASYNC
> #endif
> #ifndef OPENSSL_NO_AUTOERRINIT
> -#define OPENSSL_NO_AUTOERRINIT
> +# define OPENSSL_NO_AUTOERRINIT
> #endif
> #ifndef OPENSSL_NO_AUTOLOAD_CONFIG
> -#define OPENSSL_NO_AUTOLOAD_CONFIG
> +# define OPENSSL_NO_AUTOLOAD_CONFIG
> #endif
> #ifndef OPENSSL_NO_CAPIENG
> -#define OPENSSL_NO_CAPIENG
> +# define OPENSSL_NO_CAPIENG
> #endif
> #ifndef OPENSSL_NO_CRYPTO_MDEBUG
> -#define OPENSSL_NO_CRYPTO_MDEBUG
> +# define OPENSSL_NO_CRYPTO_MDEBUG
> #endif
> #ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
> -#define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
> +# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
> #endif
> #ifndef OPENSSL_NO_DEPRECATED
> -#define OPENSSL_NO_DEPRECATED
> +# define OPENSSL_NO_DEPRECATED
> #endif
> #ifndef OPENSSL_NO_DEVCRYPTOENG
> -#define OPENSSL_NO_DEVCRYPTOENG
> +# define OPENSSL_NO_DEVCRYPTOENG
> #endif
> #ifndef OPENSSL_NO_DGRAM
> -#define OPENSSL_NO_DGRAM
> +# define OPENSSL_NO_DGRAM
> #endif
> #ifndef OPENSSL_NO_DTLS
> -#define OPENSSL_NO_DTLS
> +# define OPENSSL_NO_DTLS
> #endif
> #ifndef OPENSSL_NO_DTLS1
> -#define OPENSSL_NO_DTLS1
> +# define OPENSSL_NO_DTLS1
> #endif
> #ifndef OPENSSL_NO_DTLS1_2
> -#define OPENSSL_NO_DTLS1_2
> +# define OPENSSL_NO_DTLS1_2
> #endif
> #ifndef OPENSSL_NO_EC2M
> -#define OPENSSL_NO_EC2M
> +# define OPENSSL_NO_EC2M
> #endif
> #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 -#define
> OPENSSL_NO_EC_NISTP_64_GCC_128 -#endif -#ifndef OPENSSL_NO_ECDH
> -#define OPENSSL_NO_ECDH -#endif -#ifndef OPENSSL_NO_ECDSA -#define
> OPENSSL_NO_ECDSA
> +# define OPENSSL_NO_EC_NISTP_64_GCC_128
> #endif
> #ifndef OPENSSL_NO_EGD
> -#define OPENSSL_NO_EGD
> +# define OPENSSL_NO_EGD
> #endif
> #ifndef OPENSSL_NO_ENGINE
> -#define OPENSSL_NO_ENGINE
> +# define OPENSSL_NO_ENGINE
> #endif
> #ifndef OPENSSL_NO_ERR
> -#define OPENSSL_NO_ERR
> +# define OPENSSL_NO_ERR
> #endif
> #ifndef OPENSSL_NO_EXTERNAL_TESTS
> -#define OPENSSL_NO_EXTERNAL_TESTS
> +# define OPENSSL_NO_EXTERNAL_TESTS
> #endif
> #ifndef OPENSSL_NO_FILENAMES
> -#define OPENSSL_NO_FILENAMES
> +# define OPENSSL_NO_FILENAMES
> #endif
> #ifndef OPENSSL_NO_FUZZ_AFL
> -#define OPENSSL_NO_FUZZ_AFL
> +# define OPENSSL_NO_FUZZ_AFL
> #endif
> #ifndef OPENSSL_NO_FUZZ_LIBFUZZER
> -#define OPENSSL_NO_FUZZ_LIBFUZZER
> +# define OPENSSL_NO_FUZZ_LIBFUZZER
> #endif
> #ifndef OPENSSL_NO_GOST
> -#define OPENSSL_NO_GOST
> +# define OPENSSL_NO_GOST
> #endif
> #ifndef OPENSSL_NO_HEARTBEATS
> -#define OPENSSL_NO_HEARTBEATS
> +# define OPENSSL_NO_HEARTBEATS
> #endif
> #ifndef OPENSSL_NO_HW
> -#define OPENSSL_NO_HW
> +# define OPENSSL_NO_HW
> #endif
> #ifndef OPENSSL_NO_MSAN
> -#define OPENSSL_NO_MSAN
> +# define OPENSSL_NO_MSAN
> #endif
> #ifndef OPENSSL_NO_OCB
> -#define OPENSSL_NO_OCB
> +# define OPENSSL_NO_OCB
> #endif
> #ifndef OPENSSL_NO_POSIX_IO
> -#define OPENSSL_NO_POSIX_IO
> +# define OPENSSL_NO_POSIX_IO
> #endif
> #ifndef OPENSSL_NO_RFC3779
> -#define OPENSSL_NO_RFC3779
> +# define OPENSSL_NO_RFC3779
> #endif
> #ifndef OPENSSL_NO_SCRYPT
> -#define OPENSSL_NO_SCRYPT
> +# define OPENSSL_NO_SCRYPT
> #endif
> #ifndef OPENSSL_NO_SCTP
> -#define OPENSSL_NO_SCTP
> +# define OPENSSL_NO_SCTP
> #endif
> #ifndef OPENSSL_NO_SOCK
> -#define OPENSSL_NO_SOCK
> +# define OPENSSL_NO_SOCK
> #endif
> #ifndef OPENSSL_NO_SSL_TRACE
> -#define OPENSSL_NO_SSL_TRACE
> +# define OPENSSL_NO_SSL_TRACE
> #endif
> #ifndef OPENSSL_NO_SSL3
> -#define OPENSSL_NO_SSL3
> +# define OPENSSL_NO_SSL3
> #endif
> #ifndef OPENSSL_NO_SSL3_METHOD
> -#define OPENSSL_NO_SSL3_METHOD
> +# define OPENSSL_NO_SSL3_METHOD
> #endif
> #ifndef OPENSSL_NO_STDIO
> -#define OPENSSL_NO_STDIO
> +# define OPENSSL_NO_STDIO
> #endif
> #ifndef OPENSSL_NO_TESTS
> -#define OPENSSL_NO_TESTS
> -#endif
> -#ifndef OPENSSL_NO_TLS1_3
> -#define OPENSSL_NO_TLS1_3
> +# define OPENSSL_NO_TESTS
> #endif
> #ifndef OPENSSL_NO_UBSAN
> -#define OPENSSL_NO_UBSAN
> +# define OPENSSL_NO_UBSAN
> #endif
> #ifndef OPENSSL_NO_UI_CONSOLE
> -#define OPENSSL_NO_UI_CONSOLE
> +# define OPENSSL_NO_UI_CONSOLE
> #endif
> #ifndef OPENSSL_NO_UNIT_TEST
> -#define OPENSSL_NO_UNIT_TEST
> +# define OPENSSL_NO_UNIT_TEST
> #endif
> #ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
> -#define OPENSSL_NO_WEAK_SSL_CIPHERS
> +# define OPENSSL_NO_WEAK_SSL_CIPHERS
> #endif
> #ifndef OPENSSL_NO_DYNAMIC_ENGINE
> -#define OPENSSL_NO_DYNAMIC_ENGINE
> +# define OPENSSL_NO_DYNAMIC_ENGINE
> #endif
>
> +
> /*
> * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some
> compilers
> * don't like that. This will hopefully silence them.
> */
> -#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy;
> +#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy;
>
> /*
> * Applications should use -DOPENSSL_API_COMPAT=<version> to suppress
> the @@ -260,37 +270,37 @@ extern "C" {
> * functions.
> */
> #ifndef DECLARE_DEPRECATED
> -#define DECLARE_DEPRECATED(f) f;
> - #ifdef __GNUC__
> - #if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
> - #undef DECLARE_DEPRECATED
> -#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> - #endif
> - #elif defined (__SUNPRO_C)
> - #if (__SUNPRO_C >= 0x5130)
> - #undef DECLARE_DEPRECATED
> -#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> - #endif
> - #endif
> +# define DECLARE_DEPRECATED(f) f;
> +# ifdef __GNUC__
> +# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
> +# undef DECLARE_DEPRECATED
> +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> +# endif
> +# elif defined(__SUNPRO_C)
> +# if (__SUNPRO_C >= 0x5130)
> +# undef DECLARE_DEPRECATED
> +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
> +# endif
> +# endif
> #endif
>
> #ifndef OPENSSL_FILE
> - #ifdef OPENSSL_NO_FILENAMES
> -#define OPENSSL_FILE ""
> -#define OPENSSL_LINE 0
> - #else
> -#define OPENSSL_FILE __FILE__
> -#define OPENSSL_LINE __LINE__
> - #endif
> +# ifdef OPENSSL_NO_FILENAMES
> +# define OPENSSL_FILE ""
> +# define OPENSSL_LINE 0
> +# else
> +# define OPENSSL_FILE __FILE__
> +# define OPENSSL_LINE __LINE__
> +# endif
> #endif
>
> #ifndef OPENSSL_MIN_API
> -#define OPENSSL_MIN_API 0
> +# define OPENSSL_MIN_API 0
> #endif
>
> -#if !defined (OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT <
> OPENSSL_MIN_API
> - #undef OPENSSL_API_COMPAT
> -#define OPENSSL_API_COMPAT OPENSSL_MIN_API
> +#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT <
> OPENSSL_MIN_API
> +# undef OPENSSL_API_COMPAT
> +# define OPENSSL_API_COMPAT OPENSSL_MIN_API
> #endif
>
> /*
> @@ -298,51 +308,51 @@ extern "C" {
> * OpenSSL version number matches.
> */
> #if OPENSSL_VERSION_NUMBER < 0x10200000L -#define
> DEPRECATEDIN_1_2_0(f) f;
> +# define DEPRECATEDIN_1_2_0(f) f;
> #elif OPENSSL_API_COMPAT < 0x10200000L -#define DEPRECATEDIN_1_2_0(f)
> DECLARE_DEPRECATED(f)
> +# define DEPRECATEDIN_1_2_0(f) DECLARE_DEPRECATED(f)
> #else
> -#define DEPRECATEDIN_1_2_0(f)
> +# define DEPRECATEDIN_1_2_0(f)
> #endif
>
> #if OPENSSL_API_COMPAT < 0x10100000L
> -#define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
> +# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f)
> #else
> -#define DEPRECATEDIN_1_1_0(f)
> +# define DEPRECATEDIN_1_1_0(f)
> #endif
>
> #if OPENSSL_API_COMPAT < 0x10000000L
> -#define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
> +# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f)
> #else
> -#define DEPRECATEDIN_1_0_0(f)
> +# define DEPRECATEDIN_1_0_0(f)
> #endif
>
> #if OPENSSL_API_COMPAT < 0x00908000L
> -#define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
> +# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f)
> #else
> -#define DEPRECATEDIN_0_9_8(f)
> +# define DEPRECATEDIN_0_9_8(f)
> #endif
>
> /* Generate 80386 code? */
> #undef I386_ONLY
>
> #undef OPENSSL_UNISTD
> -#define OPENSSL_UNISTD <unistd.h>
> +#define OPENSSL_UNISTD <unistd.h>
>
> #undef OPENSSL_EXPORT_VAR_AS_FUNCTION
>
> /*
> * The following are cipher-specific, but are part of the public API.
> */
> -#if !defined (OPENSSL_SYS_UEFI)
> - #undef BN_LLONG
> +#if !defined(OPENSSL_SYS_UEFI)
> +# undef BN_LLONG
> /* Only one for the following should be defined */
> - #undef SIXTY_FOUR_BIT_LONG
> - #undef SIXTY_FOUR_BIT
> -#define THIRTY_TWO_BIT
> +# undef SIXTY_FOUR_BIT_LONG
> +# undef SIXTY_FOUR_BIT
> +# define THIRTY_TWO_BIT
> #endif
>
> -#define RC4_INT unsigned int
> +#define RC4_INT unsigned int
>
> #ifdef __cplusplus
> }
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index a97b3f5e8ff2..c378440c13e7 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -200,40 +200,40 @@
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> $(OPENSSL_PATH)/crypto/ec/curve25519.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_check.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_key.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ec_print.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> @@ -421,6 +421,10 @@
> $(OPENSSL_PATH)/crypto/siphash/siphash.c
> $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
> $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
> + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/sm3/m_sm3.c
> $(OPENSSL_PATH)/crypto/sm3/sm3.c
> $(OPENSSL_PATH)/crypto/sm4/sm4.c
> @@ -534,14 +538,14 @@
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> $(OPENSSL_PATH)/crypto/ec/ec_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index 490b83602be9..01d9a42b605f 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -199,43 +199,43 @@
> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve25519.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_check.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_key.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_print.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> $(OPENSSL_PATH)/crypto/err/err_prn.c
> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
> @@ -421,6 +421,10 @@
> $(OPENSSL_PATH)/crypto/siphash/siphash.c
> $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
> $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
> + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/sm3/m_sm3.c
> $(OPENSSL_PATH)/crypto/sm3/sm3.c
> $(OPENSSL_PATH)/crypto/sm4/sm4.c
> @@ -533,15 +537,15 @@
> $(OPENSSL_PATH)/crypto/conf/conf_local.h
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> --
> 2.31.1.windows.1
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option
2022-05-09 3:19 ` [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option yi1 li
2022-05-09 3:23 ` Yao, Jiewen
@ 2022-05-09 9:34 ` Gerd Hoffmann
2022-05-09 9:58 ` [edk2-devel] " yi1 li
1 sibling, 1 reply; 12+ messages in thread
From: Gerd Hoffmann @ 2022-05-09 9:34 UTC (permalink / raw)
To: Yi Li; +Cc: devel, Jiewen Yao, Jian J Wang, Xiaoyu Lu, Guomin Jiang
Hi,
> +#
> +# Add conditional feature to opensslconf.h
> +#
I'd suggest to write the opensslconf.h created by openssl unmodified to
opensslconf-generated.h, then have a opensslconf.h like this:
#include <Library/PcdLib.h>
#include "opensslconf-generated.h"
#if !FixedPcdGetBool(PcdEcEnable)
# define OPENSSL_NO_EC
# [ ... ]
#endif
take care,
Gerd
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH 3/3] CryptoPkg/openssl: update generated files
2022-05-09 3:25 ` Yao, Jiewen
2022-05-09 3:34 ` yi1 li
@ 2022-05-09 9:38 ` Gerd Hoffmann
2022-05-09 10:05 ` [edk2-devel] " yi1 li
1 sibling, 1 reply; 12+ messages in thread
From: Gerd Hoffmann @ 2022-05-09 9:38 UTC (permalink / raw)
To: Yao, Jiewen
Cc: Li, Yi1, devel@edk2.groups.io, Wang, Jian J, Lu, Xiaoyu1,
Jiang, Guomin
On Mon, May 09, 2022 at 03:25:24AM +0000, Yao, Jiewen wrote:
> Thanks for the update.
>
> think some changes are unnecessary.
>
> > -#define OSSL_CRYPTO_DSO_CONF_H
> > -#define DSO_NONE
> > -#define DSO_EXTENSION ".so"
> > +# define OSSL_CRYPTO_DSO_CONF_H
> > +# define DSO_NONE
> > +# define DSO_EXTENSION ".so"
>
> Why you add a space ' ' ?
>
> Can we make it unchanged?
Not sure where this comes from, either it's a upstream openssl change,
or it comes from running the generated files though uncrustify once last
year when uncrustify was introduced.
take care,
Gerd
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [edk2-devel] [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option
2022-05-09 9:34 ` Gerd Hoffmann
@ 2022-05-09 9:58 ` yi1 li
0 siblings, 0 replies; 12+ messages in thread
From: yi1 li @ 2022-05-09 9:58 UTC (permalink / raw)
To: devel@edk2.groups.io, kraxel@redhat.com
Cc: Yao, Jiewen, Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin
Sounds good, I like this idea which make openssl generated part and edk2 conditional part more clear.
Thank you,
Yi
-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd Hoffmann
Sent: Monday, May 9, 2022 5:34 PM
To: Li, Yi1 <yi1.li@intel.com>
Cc: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
Subject: Re: [edk2-devel] [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option
Hi,
> +#
> +# Add conditional feature to opensslconf.h #
I'd suggest to write the opensslconf.h created by openssl unmodified to opensslconf-generated.h, then have a opensslconf.h like this:
#include <Library/PcdLib.h>
#include "opensslconf-generated.h"
#if !FixedPcdGetBool(PcdEcEnable)
# define OPENSSL_NO_EC
# [ ... ]
#endif
take care,
Gerd
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [edk2-devel] [PATCH 3/3] CryptoPkg/openssl: update generated files
2022-05-09 9:38 ` Gerd Hoffmann
@ 2022-05-09 10:05 ` yi1 li
2022-05-09 10:26 ` Gerd Hoffmann
0 siblings, 1 reply; 12+ messages in thread
From: yi1 li @ 2022-05-09 10:05 UTC (permalink / raw)
To: devel@edk2.groups.io, kraxel@redhat.com, Yao, Jiewen
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin
Yes it does come from running the generated files though uncrustify once last year when uncrustify was introduced:
https://github.com/tianocore/edk2/commit/7c342378317039e632d9a1a5d4cf7c21aec8cb7a
I can remove those change next patch to avoid confusion.
Thank you,
Yi
-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd Hoffmann
Sent: Monday, May 9, 2022 5:38 PM
To: Yao, Jiewen <jiewen.yao@intel.com>
Cc: Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io; Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
Subject: Re: [edk2-devel] [PATCH 3/3] CryptoPkg/openssl: update generated files
On Mon, May 09, 2022 at 03:25:24AM +0000, Yao, Jiewen wrote:
> Thanks for the update.
>
> think some changes are unnecessary.
>
> > -#define OSSL_CRYPTO_DSO_CONF_H
> > -#define DSO_NONE
> > -#define DSO_EXTENSION ".so"
> > +# define OSSL_CRYPTO_DSO_CONF_H
> > +# define DSO_NONE
> > +# define DSO_EXTENSION ".so"
>
> Why you add a space ' ' ?
>
> Can we make it unchanged?
Not sure where this comes from, either it's a upstream openssl change, or it comes from running the generated files though uncrustify once last year when uncrustify was introduced.
take care,
Gerd
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [edk2-devel] [PATCH 3/3] CryptoPkg/openssl: update generated files
2022-05-09 10:05 ` [edk2-devel] " yi1 li
@ 2022-05-09 10:26 ` Gerd Hoffmann
0 siblings, 0 replies; 12+ messages in thread
From: Gerd Hoffmann @ 2022-05-09 10:26 UTC (permalink / raw)
To: Li, Yi1
Cc: devel@edk2.groups.io, Yao, Jiewen, Wang, Jian J, Lu, Xiaoyu1,
Jiang, Guomin
On Mon, May 09, 2022 at 10:05:21AM +0000, Li, Yi1 wrote:
> Yes it does come from running the generated files though uncrustify once last year when uncrustify was introduced:
> https://github.com/tianocore/edk2/commit/7c342378317039e632d9a1a5d4cf7c21aec8cb7a
Thanks for checking.
> I can remove those change next patch to avoid confusion.
That wasn't a request to remove those changes, just an attempt to
explain where they are coming from.
The generated files should be commited without changes (so re-running
process_files.pl does not change your checkout).
take care,
Gerd
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2022-05-09 10:33 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <cover.1652066029.git.yi1.li@intel.com>
2022-05-09 3:19 ` [PATCH 1/3] CryptoPkg: Update process_files.pl to automatically add PCD config option yi1 li
2022-05-09 3:23 ` Yao, Jiewen
2022-05-09 9:34 ` Gerd Hoffmann
2022-05-09 9:58 ` [edk2-devel] " yi1 li
2022-05-09 3:19 ` [PATCH 2/3] CryptoPkg/openssl: disable codestyle checks for generated files yi1 li
2022-05-09 3:23 ` Yao, Jiewen
2022-05-09 3:19 ` [PATCH 3/3] CryptoPkg/openssl: update " yi1 li
2022-05-09 3:25 ` Yao, Jiewen
2022-05-09 3:34 ` yi1 li
2022-05-09 9:38 ` Gerd Hoffmann
2022-05-09 10:05 ` [edk2-devel] " yi1 li
2022-05-09 10:26 ` Gerd Hoffmann
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox