Just to clarify, I understand *why* we need crypto, I just don't understand why we're pulling such a huge library instead of picking something smaller or cutting down OpenSSL (or Libre/Boring, which seem a good bit smaller than the original OpenSSL).
While typing this I also found mbed TLS which seems to be part-maintained by ARM and explicitly handles all 64-bit division cases.
I think limiting all EFI code imports to smaller libraries that were designed with embedded in mind would both solve our issues and would be a better technical solution.
Thanks,
Pedro