From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.92.23.33]) by mx.groups.io with SMTP id smtpd.web12.14.1665435672378809894 for ; Mon, 10 Oct 2022 14:01:12 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@outlook.com header.s=selector1 header.b=NQwfhF/V; spf=pass (domain: outlook.com, ip: 40.92.23.33, mailfrom: spbrogan@outlook.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SUKIfZwtQEBPpHS6hSdSVLpUOTvbUCBC+vpm/P15LxfzvVm1s/LOM2WB5a+v0rsmaR83ceQl6pOmha28nVbLo+qPB+UrIwWVSE5J0bcQHq/VLDWltc51vT75LAE01frr6a0E0fIqfaxEgCj8uZB8zYV8Kc+OWMw94vDsqD8RF/xfeigesS871JgO+KpytQeV+woD/9F/uGNooWy1Ub9PSHmmwnGEWASnFLknsDwvCUjMIMnf30mZcuV1GEA+U/bFUu2LsqKisAH9yVfJEvzv5Fbz3LNNHUQQ2futcRnvEqmBa9quXcobkuLo6tk4ObgCc8oLMvZwymkOfWVyDwF+/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lt9nMOmgSM/zH/S9qz+WYpoQpZExIECZltwE0P2gelI=; b=ThvErFwSUz1EDWxWHsGfyKcwDXm5b1OnKqfyabABAeWzkctpV+dFpFDvvfhI2pDc1q9+85eljh4s+tCWCXOuLUmjEUZ1VlD3YTyC6qvxqjKn9hvqphniH0oDZmfn8lQDVWvr4I0LlxFkTHrNpQgtnVyRfMjR3ccs+vOkbXpgf0BvjwWUn0v7qxvHgNAhrYQUUmQWmXmt9evfqZ9AvcD7t9OCsRuiEvNkdVhFrPYerA4SOXpttn+INK+P53Wpp7mqE9o6H23YU7oopuWLz+hutMg7Jky1nDrIZYCvlQsaX1uYPRjItASsGfQ/pBE1ZO6oovBpTd204fAIuKwkEwVlnw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lt9nMOmgSM/zH/S9qz+WYpoQpZExIECZltwE0P2gelI=; b=NQwfhF/V3ddp+qZHyfXOPuFYDi3tOXG9t5CqDn/Yqhftf4m67YwnD0bOtvFcrLOXvDoJw+0vX6AEL9UScKwr7uvdq16rIsjU3GBhaFRKaParJ2a3luZfxbF55OeZ7fXJnvjtTytVcKh3I7xvTBHll8pOizgeCG3Mn8gyel9/pCQnNVvlaMRoFTSiQ27Ji9Trof0DZOisKQbSv+pF2Ipi3f6oqE26D1x+dTI2jIPWqTwWsRYlgl0G4/YnMAXFhpnamX930mR/uo8/5wBftEgSg2s6KBiSziyP8vfA5flbT7p5pEOK5jwhBn9nfxvR88SuKX+jOM/N9ZzfugWNKmRcHA== Received: from BY3PR19MB4900.namprd19.prod.outlook.com (2603:10b6:a03:354::11) by DS7PR19MB4487.namprd19.prod.outlook.com (2603:10b6:5:2d3::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5676.36; Mon, 10 Oct 2022 21:01:10 +0000 Received: from BY3PR19MB4900.namprd19.prod.outlook.com ([fe80::f191:59c5:6dcc:44d4]) by BY3PR19MB4900.namprd19.prod.outlook.com ([fe80::f191:59c5:6dcc:44d4%5]) with mapi id 15.20.5709.015; Mon, 10 Oct 2022 21:01:10 +0000 Message-ID: Date: Mon, 10 Oct 2022 14:01:08 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.3.1 Subject: Re: [edk2-devel] [PATCH V2 0/4] CryptoPkg: add more X509 functions. To: devel@edk2.groups.io, qi1.zhang@intel.com Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang References: From: "Sean" In-Reply-To: X-TMN: [boJ7LREZxVDMf/K8/rfO1p1OWj2dS8HO] X-ClientProxiedBy: MW4PR04CA0212.namprd04.prod.outlook.com (2603:10b6:303:87::7) To BY3PR19MB4900.namprd19.prod.outlook.com (2603:10b6:a03:354::11) Return-Path: spbrogan@outlook.com X-Microsoft-Original-Message-ID: <85b68186-110d-7b4b-418e-a66feb671eab@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BY3PR19MB4900:EE_|DS7PR19MB4487:EE_ X-MS-Office365-Filtering-Correlation-Id: 7c9e4784-da9a-4328-fc29-08daab028eeb X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: C4EYXAsNVuaf7QKnLjUFzvEJHyykDIbvNUQ4NVIS+vuJjAub8+1cb3DefW7monoEku4Uw8Z9DJW+bAdbacAjUNFfy8OhKSQQ+4/I+s77DQPdbQ9pE50wPzjT2knoZQ0QM+2ouYNGvL6twOW3TpSEmkrZXDEsbtV6eyPvfQx13cB68XGQ8d3iiCGXB2W+xCEjEHQjO3ZOE3W5rGzIV3rl1Wj89lZkf/fxuAbR3V/VudUK7m0Tl6n5bM45hKwJT2gNWoUrPzJkjr9MUmSpsyqI1UNcauA+sJEyfzgRzXrdL2R5tZ74Se4AiL66MFH0LWI4mk3BJ6M3MFDKAwPKkzvSZjnU3k3closwE81DyXB3bipM76VIJOEji7TGaXK8KLYLIvXwiSYb2OlFQkZeBPcyf2NukUeLEJM9Rmyw/rWYpZDRc0lbhhtRBlj1RxXHzUhpl9wR3UV2EA+IG/KKgmu8a2RudEAbhGIAqOhfUx5HwT7mDoKA4GTxbWIAZ15HZEdNQdOnuCf5swSpIq7tkVCUrhQynmwGwPxr2MdQ9+CU07gR+WogfS+5gHwAxTU6FMAEb/DAHXCGHi2UaSWWdANaX8RXgNRhFH+qje6RYIzgL/p0+DKKl/BTr7uH0xnQj61a1swKi1kYbeunTFgfv/owAOGHO0s/rBB9nybC5XNfhj3d6GFxfYRC+26ILD8nzO8EbL0zLtihqT1cb81k6stNOA== X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?R0JUelV1STgvUG1mSitaU0ozbzlLOGpZTklBVTBWR1d1aUxOWk1GVVM5ZWkw?= =?utf-8?B?dGlBL1VJT0NxZUtWM01sOVIxaGN0dVRWYyt2ZzdIOWg5VFlPWUpKcTIrQXow?= =?utf-8?B?bEVadkxyZk91MVBpK1EzM3FCMUFacDBMVHNCUnBtWmtKaHl3K0c1Ykt6WWU0?= =?utf-8?B?eEt5aTZja0NlN2JtQjdiMjJTT3JkblU3V0lmVlV6cTRudGc3aDVjRXdGZjEx?= =?utf-8?B?OHVCNDhTN2o5Slo3Z0lQMEpVQ1RBM0RCRGhRd2FsZ0V1dUhGRUJyM0Z5Nm5o?= =?utf-8?B?bUUwTmQxeElkb0V5bk1TS2RscStoYXczZ3FpSkg0MU1aZkg0dXZQMktnQkVy?= =?utf-8?B?RVpXcEZyZGRQc3NOYTlrM2ZZK1l2NlBBYWd0ZG80b1Z5NDVLQXc4aTJHWDhZ?= =?utf-8?B?YmtuYTYxOTdHR3V0VG5PWUVvamFPNFg4bmJXMW1NRXRRZUczUWhaVGVjVkhw?= =?utf-8?B?Uzg3VWZONHVmR2JHRlV3Y0NvR3V4NU5jaGROV0pRZjBnK2FUYWhIckFySjRS?= =?utf-8?B?QjJ6T0hyeVdUYXpBdXdlTit2dmJ1cnJTWGlLbWNVNVg2bFVtZjd5NHJGck9X?= =?utf-8?B?RXMyT1FjNk1uTk16Y2JnS3BqalpsV0g3U2l4aVkvSm1nMDRPZkwvVFZRR2x2?= =?utf-8?B?VU5CVGU4V0Vkd01xMmJWKy9oRVhJb3RVUmRNQmk4RTlBYSswc1M4VThJSDFD?= =?utf-8?B?RTFScXFIYUg1NU1JUkE5bTF4aXV5M25Na0g4KzUyQXhsVUY1Uyszb0RVYktw?= =?utf-8?B?UEVBNEN2KzQ1RUJoNlJHZGU2ZndMZUtRUTAyMDJJa0dLa0dYOEg4Yy9LNjlj?= =?utf-8?B?NjRnTmFjcTBJZGk5ZUs1Z0lpbFVpSndGRFdhSEdEYjBGTDNGRjAvZ0VPTm1B?= =?utf-8?B?ZDRhbVdOeXF4WFFrYjFYYk91amxHdmpzbFNVMGpFSEtPQkVhRzBLc21DRXBj?= =?utf-8?B?a2lJOFJhVVZSUUhwbVAzV2pRR09WU1hmMTdHanQzNFdXTnlsSTlSNGRjb29z?= =?utf-8?B?YVhSeFhScStHWEx2bE85Yzd3S0s3VVlVai83cEVibTlVYmJrdFZzYVpDVFhn?= =?utf-8?B?VWtPT09MNCtkWHM2SDRGRkVSTms0QjVuVFV5dWpxbkxnMm10blZ0dmZxT0ZF?= =?utf-8?B?NTZUZlpSZXg4SDJVU1I0TUdHeU1ZekY2bFlmRVg0Zk9JRGFiOWNzMzhBRVBI?= =?utf-8?B?ZXVoNnBLS09EbmV3U1ZwUnFnRXNiVHlGbUhCZmRKYXJEeC9NaDN6eHJxK3pq?= =?utf-8?B?OFlKMU1vQ3BwTXhXL3lEL0M5WjMxWmZHNEJvRVZFbzlKdWpJdTJ5MzhtK0NX?= =?utf-8?B?R2lMMFVvUDlTemtCNXBpbzBtMUtjZGtFcVhQRVIvK2JEdUloKzM5alNMeWlR?= =?utf-8?B?L2pKWHJLclp6NE9yRndEaDZrMmVleUpELzhlUDhNUXNRSk9jampnVzcwMWt5?= =?utf-8?B?eFdQN3ExMmtEUy91UzQ0L2ZvNExTS3g4WmtOVHArU2t5akcwMzAzWWdHcE5L?= =?utf-8?B?cWc5VXlURWtmT0VCZGF2RG9XVjZ3a1dDcUllWVY4a3BnMkMxZmtha1ROY25N?= =?utf-8?B?NzFSS1IzcHRqU3dneCs3cnFCR3UreGk2dE54TmxaQjJSVzEwSE93aFBjRnZS?= =?utf-8?B?SnhQYnJhcjZNN2F2TlBuYW5DTUNHZjlGVXd5RVY5c25lMlJmZld0KytMcVdW?= =?utf-8?B?Y0RaTjlzTTZNV3lIaExKb3pkbE5IY3lSd05KUjJPSVhCWE5ERGlENTlBPT0=?= X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7c9e4784-da9a-4328-fc29-08daab028eeb X-MS-Exchange-CrossTenant-AuthSource: BY3PR19MB4900.namprd19.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2022 21:01:10.7004 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR19MB4487 Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Can you provide some context as to why we need to make all these x509 functions external? BaseCryptLib was intended to simplify crypto usage and not be a full featured crypto library interface. At some point we might as well just open up the openssl export table and wrap that in a dynamically generated protocol/ppi. If this is intended to make an Edk2 crypto library api that is implementation agnostic but full featured then maybe you could do as Tls did which was create your own usage specific API/wrapper. Then CryptoPkg API surface will increase but it doesn't have to all be in one monolithic library. Thanks Sean On 10/10/2022 4:32 AM, Qi Zhang wrote: > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4082 > > This patch serial is to add more CryptoX509 functions. > > Tested by: > 1. https://github.com/tianocore/edk2-staging/tree/DeviceSecurity. > 2. Unit test: CryptoPkg/Test/UnitTest/Library/BaseCryptLib/X509Tests.c > > Review PR: https://github.com/tianocore/edk2/pull/3380. > > V2 change: rename X509SetDateTime() to X509FormatDateTime(). > > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Xiaoyu Lu > Cc: Guomin Jiang > Signed-off-by: Qi Zhang > > Qi Zhang (4): > CryptoPkg: add new X509 function definition. > CryptoPkg: add new X509 function. > CryptoPkg: add new X509 function to Crypto Service. > CryptoPkg: add Unit Test for X509 new function. > > CryptoPkg/Driver/Crypto.c | 432 ++++++- > CryptoPkg/Include/Library/BaseCryptLib.h | 374 ++++++ > .../Pcd/PcdCryptoServiceFamilyEnable.h | 34 +- > CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 1036 +++++++++++++++++ > .../Library/BaseCryptLib/Pk/CryptX509Null.c | 429 +++++++ > .../BaseCryptLibNull/Pk/CryptX509Null.c | 429 +++++++ > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 415 +++++++ > CryptoPkg/Private/Protocol/Crypto.h | 390 +++++++ > .../BaseCryptLib/BaseCryptLibUnitTests.c | 1 + > .../Library/BaseCryptLib/TestBaseCryptLib.h | 4 + > .../BaseCryptLib/TestBaseCryptLibHost.inf | 1 + > .../BaseCryptLib/TestBaseCryptLibShell.inf | 1 + > .../UnitTest/Library/BaseCryptLib/X509Tests.c | 631 ++++++++++ > 13 files changed, 4166 insertions(+), 11 deletions(-) > create mode 100644 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/X509Tests.c >