From: "Judah Vang" <judah.vang@intel.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
"Wang, Jian J" <jian.j.wang@intel.com>
Cc: "Mistry, Nishant C" <nishant.c.mistry@intel.com>
Subject: Re: [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes
Date: Mon, 7 Nov 2022 18:41:55 +0000 [thread overview]
Message-ID: <BL3PR11MB64341F73877B4B53FDE8B0DD8D3C9@BL3PR11MB6434.namprd11.prod.outlook.com> (raw)
In-Reply-To: <CO1PR11MB49296D51382D57F86E40A8C7D22E9@CO1PR11MB4929.namprd11.prod.outlook.com>
Hi all,
I resubmitted the patches with an update to the CryptoPkg/Readme.
The CryptoPkg.dsc has already been updated with the AES and KDF feature changes.
Thanks!
Judah
-----Original Message-----
From: Kinney, Michael D <michael.d.kinney@intel.com>
Sent: Monday, October 24, 2022 10:22 AM
To: devel@edk2.groups.io; Vang, Judah <judah.vang@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>
Subject: RE: [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes
Hi Judah,
There was an update to CryptoPkg pushed yesterday.
1) There is a CryptoPkg/Readme.md with tables and DSC content for services that are
enabled in each phase. I think that needs updates too for the AES and KDF features.
2) The CryptoPkg.dsc file has recommended settings for PEI, DXE, SMM. I think
they need to be updated for the AES and KDF features.
3) It looks like the SHA1 disable caused a build break. I would like to see the
standard package builds for EDK II CI be updated to cover the failure case so
we know that this case is covered in the future. It looks like the default is
for SHA1 enabled and the build break is when define for SHA1 disabled is
asserted.
4) There is an overlap between the defines to deprecate MD5 and SH1 and the
structured PCD that allows those services to be disabled in the Crypto
Protocol/PPI. The defines to deprecate MD5 and SH1 extend into the BaseCryptLib
instance implementations such that a call to those services when static linking
will generate a build error instead of a runtime ASSERT(). Which behavior do
you prefer?
Best regards,
Mike
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Judah
> Vang
> Sent: Monday, October 24, 2022 9:42 AM
> To: devel@edk2.groups.io
> Subject: [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes
>
> https://bugzilla.tianocore.org/show_bug.cgi?id=3991
> https://bugzilla.tianocore.org/show_bug.cgi?id=3992
>
> There is a #define to deprecate Sha1 functions but not all the Sha1
> function are wrapped around this #define causing a build error. The
> fix is to wrap all Sha1 functions with the #define.
>
> Need crypto AES to be supported for PEI phase and need crypto KDF to
> be supported for SMM phase.
>
> Judah Vang (2):
> CryptoPkg: Sha1 functions causing build errors
> CryptoPkg: Need to enable crypto functions
>
> CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +-
> CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c | 14 +++++++++++++-
> 3 files changed, 15 insertions(+), 3 deletions(-)
>
> --
> 2.35.1.windows.2
>
>
>
>
>
next prev parent reply other threads:[~2022-11-07 18:41 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-24 16:41 [PATCH V1 0/2] CryptoPkg bug fixes Judah Vang
2022-10-24 16:41 ` [PATCH V1 1/2] CryptoPkg: Sha1 functions causing build errors Judah Vang
2022-10-24 16:41 ` [PATCH V1 2/2] CryptoPkg: Need to enable crypto functions Judah Vang
2022-10-24 17:21 ` [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes Michael D Kinney
2022-10-26 18:41 ` Judah Vang
2022-10-26 21:16 ` Michael D Kinney
2022-10-28 23:25 ` Judah Vang
2022-11-07 18:41 ` Judah Vang [this message]
2022-12-20 2:43 ` Michael D Kinney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BL3PR11MB64341F73877B4B53FDE8B0DD8D3C9@BL3PR11MB6434.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox