From: "Gao, Zhichao" <zhichao.gao@intel.com>
To: "Yao, Jiewen" <jiewen.yao@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Wang, Jian J" <jian.j.wang@intel.com>,
"Lu, XiaoyuX" <xiaoyux.lu@intel.com>,
"Fu, Siyuan" <siyuan.fu@intel.com>,
"Kinney, Michael D" <michael.d.kinney@intel.com>,
Laszlo Ersek <lersek@redhat.com>
Subject: Re: [edk2-devel] [PATCH V2 0/7] CryptoPkg: Retire the deprecated functions
Date: Thu, 23 Apr 2020 09:58:10 +0000 [thread overview]
Message-ID: <CY4PR1101MB223097081B09AC03FCA58A17F6D30@CY4PR1101MB2230.namprd11.prod.outlook.com> (raw)
In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503F9FCB22@shsmsx102.ccr.corp.intel.com>
OK.
Here is the main difference VS V1:
1. do not remove the field in the internal protocol structure:
a)directly call an assert function and return an error value.
b)change the related field value to 0 to indicate the function is unsupported any longer
2. remove the HMAC MD5 and HMAC SHA1
3. using OPENSSL_NO_MD4, OPENSSL_NO_RC4, OPENSSL_NO_DES to disable the build of related function. Remove the source file of MD4, ARC4, TDES, AES EBC source file in the OpensslLib.inf and OpensslLibCrypto.inf
4. do not contain the change of MD5 and SHA1 because the change need to change the platform code first. I would sent the patch after finish the change for platform code.
I know the V1 get lots of feedback about the protocol changes. See #1.
Thanks,
Zhichao
> -----Original Message-----
> From: Yao, Jiewen
> Sent: Thursday, April 23, 2020 5:31 PM
> To: devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Fu, Siyuan <siyuan.fu@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Laszlo Ersek <lersek@redhat.com>; Yao, Jiewen
> <jiewen.yao@intel.com>
> Subject: RE: [edk2-devel] [PATCH V2 0/7] CryptoPkg: Retire the deprecated
> functions
>
> Hello
> I think there are lots of feedback in v1 patch review.
>
> Would you please give a summary on how they are addressed in this v2 ?
>
>
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gao,
> > Zhichao
> > Sent: Thursday, April 23, 2020 4:46 PM
> > To: devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Kinney,
> > Michael D <michael.d.kinney@intel.com>; Yao, Jiewen
> > <jiewen.yao@intel.com>; Laszlo Ersek <lersek@redhat.com>
> > Subject: [edk2-devel] [PATCH V2 0/7] CryptoPkg: Retire the deprecated
> > functions
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> >
> > Retire below deprecated functions:
> > MD4, ARC4, TDES, AES ECB MODE, HMAC MD5, HMAC SHA1
> >
> > Update the Crypto Driver's version to indicate the binary change.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> >
> > Zhichao Gao (7):
> > CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> > CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> > CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> > CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> > CryptoPkg/BaseCryptLib: Retire HMAC MD5 algorithm
> > CryptoPkg/BaseCryptLib: Retire HMAC SHA1 algorithm
> > CryptoPkg/Crypto.h: Update the version of Crypto Driver
> >
> > CryptoPkg/CryptoPkg.dsc | 46 +-
> > CryptoPkg/Driver/Crypto.c | 62 +--
> > CryptoPkg/Include/Library/BaseCryptLib.h | 481 ------------------
> > .../Library/BaseCryptLib/BaseCryptLib.inf | 7 +-
> > .../Library/BaseCryptLib/Cipher/CryptAes.c | 114 -----
> > .../BaseCryptLib/Cipher/CryptAesNull.c | 52 --
> > .../Library/BaseCryptLib/Cipher/CryptArc4.c | 205 --------
> > .../BaseCryptLib/Cipher/CryptArc4Null.c | 124 -----
> > .../Library/BaseCryptLib/Cipher/CryptTdes.c | 364 -------------
> > .../BaseCryptLib/Cipher/CryptTdesNull.c | 160 ------
> > .../Library/BaseCryptLib/Hash/CryptMd4.c | 223 --------
> > .../Library/BaseCryptLib/Hash/CryptMd4Null.c | 143 ------
> > .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c | 216 --------
> > .../BaseCryptLib/Hmac/CryptHmacMd5Null.c | 139 -----
> > .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c | 216 --------
> > .../BaseCryptLib/Hmac/CryptHmacSha1Null.c | 139 -----
> > .../Library/BaseCryptLib/PeiCryptLib.inf | 11 +-
> > CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c | 7 +-
> > .../Library/BaseCryptLib/RuntimeCryptLib.inf | 11 +-
> > .../Library/BaseCryptLib/SmmCryptLib.inf | 12 +-
> > .../BaseCryptLibNull/BaseCryptLibNull.inf | 5 -
> > .../BaseCryptLibNull/Cipher/CryptAesNull.c | 52 --
> > .../BaseCryptLibNull/Cipher/CryptArc4Null.c | 124 -----
> > .../BaseCryptLibNull/Cipher/CryptTdesNull.c | 160 ------
> > .../BaseCryptLibNull/Hash/CryptMd4Null.c | 143 ------
> > .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c | 139 -----
> > .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c | 139 -----
> > .../Library/Include/openssl/opensslconf.h | 9 +
> > CryptoPkg/Library/OpensslLib/OpensslLib.inf | 28 -
> > .../Library/OpensslLib/OpensslLibCrypto.inf | 28 -
> > CryptoPkg/Private/Protocol/Crypto.h | 2 +-
> > 31 files changed, 75 insertions(+), 3486 deletions(-) delete mode
> > 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> > delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> > delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c
> >
> > --
> > 2.21.0.windows.1
> >
> >
> >
>
next prev parent reply other threads:[~2020-04-23 9:58 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-23 8:46 [PATCH V2 0/7] CryptoPkg: Retire the deprecated functions Gao, Zhichao
2020-04-23 8:46 ` [PATCH V2 1/7] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm Gao, Zhichao
2020-04-23 8:46 ` [PATCH V2 2/7] CryptoPkg/BaseCryptLib: Retire ARC4 algorithm Gao, Zhichao
2020-04-23 8:46 ` [PATCH V2 3/7] CryptoPkg/BaseCryptLib: Retire the Tdes algorithm Gao, Zhichao
2020-04-23 8:46 ` [PATCH V2 4/7] CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm Gao, Zhichao
2020-04-23 8:46 ` [PATCH V2 5/7] CryptoPkg/BaseCryptLib: Retire HMAC MD5 algorithm Gao, Zhichao
2020-04-23 8:46 ` [PATCH V2 6/7] CryptoPkg/BaseCryptLib: Retire HMAC SHA1 algorithm Gao, Zhichao
2020-04-23 8:46 ` [PATCH V2 7/7] CryptoPkg/Crypto.h: Update the version of Crypto Driver Gao, Zhichao
2020-04-25 9:44 ` Siyuan, Fu
2020-04-25 13:48 ` Yao, Jiewen
2020-04-26 6:43 ` Gao, Zhichao
2020-04-26 6:48 ` Yao, Jiewen
2020-04-27 0:31 ` [edk2-devel] " Gao, Zhichao
2020-04-27 0:41 ` Siyuan, Fu
2020-04-23 9:31 ` [edk2-devel] [PATCH V2 0/7] CryptoPkg: Retire the deprecated functions Yao, Jiewen
2020-04-23 9:58 ` Gao, Zhichao [this message]
2020-04-24 13:25 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CY4PR1101MB223097081B09AC03FCA58A17F6D30@CY4PR1101MB2230.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox