From: "Sean" <spbrogan@outlook.com>
To: devel@edk2.groups.io, qi1.zhang@intel.com
Cc: Jiewen Yao <jiewen.yao@intel.com>,
Jian J Wang <jian.j.wang@intel.com>,
Xiaoyu Lu <xiaoyu1.lu@intel.com>,
Guomin Jiang <guomin.jiang@intel.com>
Subject: Re: [edk2-devel] [PATCH V2 0/4] CryptoPkg: add more X509 functions.
Date: Mon, 10 Oct 2022 14:01:08 -0700 [thread overview]
Message-ID: <BY3PR19MB4900015FB17A2D4A29F17F94C8209@BY3PR19MB4900.namprd19.prod.outlook.com> (raw)
In-Reply-To: <cover.1665401318.git.qi1.zhang@intel.com>
Can you provide some context as to why we need to make all these x509
functions external?
BaseCryptLib was intended to simplify crypto usage and not be a full
featured crypto library interface.
At some point we might as well just open up the openssl export table and
wrap that in a dynamically generated protocol/ppi.
If this is intended to make an Edk2 crypto library api that is
implementation agnostic but full featured then maybe you could do as Tls
did which was create your own usage specific API/wrapper. Then CryptoPkg
API surface will increase but it doesn't have to all be in one
monolithic library.
Thanks
Sean
On 10/10/2022 4:32 AM, Qi Zhang wrote:
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4082
>
> This patch serial is to add more CryptoX509 functions.
>
> Tested by:
> 1. https://github.com/tianocore/edk2-staging/tree/DeviceSecurity.
> 2. Unit test: CryptoPkg/Test/UnitTest/Library/BaseCryptLib/X509Tests.c
>
> Review PR: https://github.com/tianocore/edk2/pull/3380.
>
> V2 change: rename X509SetDateTime() to X509FormatDateTime().
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
> Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
>
> Qi Zhang (4):
> CryptoPkg: add new X509 function definition.
> CryptoPkg: add new X509 function.
> CryptoPkg: add new X509 function to Crypto Service.
> CryptoPkg: add Unit Test for X509 new function.
>
> CryptoPkg/Driver/Crypto.c | 432 ++++++-
> CryptoPkg/Include/Library/BaseCryptLib.h | 374 ++++++
> .../Pcd/PcdCryptoServiceFamilyEnable.h | 34 +-
> CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 1036 +++++++++++++++++
> .../Library/BaseCryptLib/Pk/CryptX509Null.c | 429 +++++++
> .../BaseCryptLibNull/Pk/CryptX509Null.c | 429 +++++++
> .../BaseCryptLibOnProtocolPpi/CryptLib.c | 415 +++++++
> CryptoPkg/Private/Protocol/Crypto.h | 390 +++++++
> .../BaseCryptLib/BaseCryptLibUnitTests.c | 1 +
> .../Library/BaseCryptLib/TestBaseCryptLib.h | 4 +
> .../BaseCryptLib/TestBaseCryptLibHost.inf | 1 +
> .../BaseCryptLib/TestBaseCryptLibShell.inf | 1 +
> .../UnitTest/Library/BaseCryptLib/X509Tests.c | 631 ++++++++++
> 13 files changed, 4166 insertions(+), 11 deletions(-)
> create mode 100644 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/X509Tests.c
>
next prev parent reply other threads:[~2022-10-10 21:01 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-10 11:32 [PATCH V2 0/4] CryptoPkg: add more X509 functions Qi Zhang
2022-10-10 11:32 ` [PATCH V2 1/4] CryptoPkg: add new X509 function definition Qi Zhang
2022-10-10 11:32 ` [PATCH V2 2/4] CryptoPkg: add new X509 function Qi Zhang
2022-10-10 11:32 ` [PATCH V2 3/4] CryptoPkg: add new X509 function to Crypto Service Qi Zhang
2022-10-10 11:32 ` [PATCH V2 4/4] CryptoPkg: add Unit Test for X509 new function Qi Zhang
2022-10-10 21:01 ` Sean [this message]
2022-10-11 0:36 ` [edk2-devel] [PATCH V2 0/4] CryptoPkg: add more X509 functions Yao, Jiewen
2022-10-11 7:09 ` Sean
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BY3PR19MB4900015FB17A2D4A29F17F94C8209@BY3PR19MB4900.namprd19.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox