From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 by mx.groups.io with SMTP id smtpd.web12.3577.1600132918280530339
 for <devel@edk2.groups.io>;
 Mon, 14 Sep 2020 18:21:58 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=FGp9hedw;
 spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: jiewen.yao@intel.com)
IronPort-SDR: Wc/mGmMg74goXTksE5KV99TN1RvDBzuX1eTICakSgnKFSEAnWoWQpcQzfbgJUQeZgiUA0OIOpJ
 kE3uFKxGF/Tw==
X-IronPort-AV: E=McAfee;i="6000,8403,9744"; a="158468838"
X-IronPort-AV: E=Sophos;i="5.76,427,1592895600"; 
   d="scan'208";a="158468838"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga006.jf.intel.com ([10.7.209.51])
  by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Sep 2020 18:21:56 -0700
IronPort-SDR: 9OkU9jroc2Eoc9QspUb56KefAgmPf7xtoE7T/ZzR5qjjEVMQrX2Ph/IHxXdjEzTvvurCRt4pCR
 O7PU2YrLn5+A==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.76,427,1592895600"; 
   d="scan'208";a="306384082"
Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14])
  by orsmga006.jf.intel.com with ESMTP; 14 Sep 2020 18:21:56 -0700
Received: from orsmsx601.amr.corp.intel.com (10.22.229.14) by
 ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.1713.5; Mon, 14 Sep 2020 18:21:55 -0700
Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by
 orsmsx601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5
 via Frontend Transport; Mon, 14 Sep 2020 18:21:55 -0700
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (104.47.44.57) by
 edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.1713.5; Mon, 14 Sep 2020 18:21:50 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=B6kG7gHRsrIBJi994DTSSP8KbkRb72yJ1jc65W5+iQAPT9hCNLaV5VYR/R3ZvV3CPTeZgTlkYpXCuJUoVpTrAf3ooMI1OFSX/AutL5zjBTfUC4iuj5eVpzipMidJOe4mSpR5/ZKUV6ljXRRO1heRVCdoK3F29t+95VQruVL4Z41E77GNlw8VClMSF+uPu5uq2SNLFflCN6O/KG/UJq8nO1oAMBnSBuG2/RyGHY6817I8IcGAvcCYUjUnEP1pldjgXHYIDUY4aGgKEpr8JrCY4SFz4niwG99GjPfWc7v8ve5myxPBQrj98c4d94Y5ShkfDrUgBcUEJ8pdOVQvc85cAg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=opB/RfQfA1iE6f5IBdhHRj65TyrMOG3Xoa/yvagM/vE=;
 b=NH8AM2ZfhKEPGsEpmMQEdvGrCt8LhTngUd0oCrZqQspc+1wPL0axLff0Y8aGI+j9UDiydKWT8jJAmTh7ef7P4hvLXL90hKjhnbPoIkOTHh7LSGHM7i6/i5Y7pqFFvecWnjzJMOSNBvlStvHfgKqzobZJ4YhqtsudMKSm8HjSMBAmhP5ol7ZqZNZ04P/kaiLgz0bVo3m4DOiQJ/xGDl9Wmw9sdtWy18ZekHwYKYJ83u3wD0HV2fB6lhVl6jrE4t4AcPvX5N3J2pjnckQFsJuKKReBinMu77+EVtzVd7skFqXSaHMEYMVFQRkQepltuBPxc+OPkZ6TAyxKsVq/Ll1wbw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=opB/RfQfA1iE6f5IBdhHRj65TyrMOG3Xoa/yvagM/vE=;
 b=FGp9hedw5o11xZE01cBIX/kwUzHrX3pj4BlP+y1ZP4FR2Mk6gVIgiK7s5Yfh0Lt7GUmAYa723B9b1pfilKMhfyz9WPDAHKqQsR+CYrC0xBZ6ndsYoe4UtopiAblGGA4xEYY8dHw4uZEooi3tdvbyG94WbT/x/7tptbeOga6dMRw=
Received: from CY4PR11MB1288.namprd11.prod.outlook.com (2603:10b6:903:23::8)
 by CY4PR11MB0007.namprd11.prod.outlook.com (2603:10b6:910:79::16) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3370.19; Tue, 15 Sep
 2020 01:21:49 +0000
Received: from CY4PR11MB1288.namprd11.prod.outlook.com
 ([fe80::163:9209:a92d:812]) by CY4PR11MB1288.namprd11.prod.outlook.com
 ([fe80::163:9209:a92d:812%6]) with mapi id 15.20.3370.019; Tue, 15 Sep 2020
 01:21:49 +0000
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Zurcher, Christopher J" <christopher.j.zurcher@intel.com>,
	"devel@edk2.groups.io" <devel@edk2.groups.io>
CC: Laszlo Ersek <lersek@redhat.com>, "Wang, Jian J" <jian.j.wang@intel.com>,
	"Lu, XiaoyuX" <xiaoyux.lu@intel.com>
Subject: Re: [PATCH v2 0/3] CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest interface
Thread-Topic: [PATCH v2 0/3] CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest
 interface
Thread-Index: AQHWivtIUEOHQlkeLUqCBsPLoNwCvqlo5MuA
Date: Tue, 15 Sep 2020 01:21:49 +0000
Message-ID: <CY4PR11MB1288AC4183AE900A3F65A6A78C200@CY4PR11MB1288.namprd11.prod.outlook.com>
References: <20200915005749.5331-1-christopher.j.zurcher@intel.com>
In-Reply-To: <20200915005749.5331-1-christopher.j.zurcher@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-version: 11.5.1.3
dlp-product: dlpe-windows
dlp-reaction: no-action
authentication-results: intel.com; dkim=none (message not signed)
 header.d=none;intel.com; dmarc=none action=none header.from=intel.com;
x-originating-ip: [192.198.147.220]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: db19e421-51ab-4e5b-762e-08d85915b84f
x-ms-traffictypediagnostic: CY4PR11MB0007:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <CY4PR11MB0007D6F3276FE061E3E6C1A08C200@CY4PR11MB0007.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: f9P/RkalPELixv+J22ONLLeaqHyKyAAx01QlEUjWzaE0OwUk35xca+qAVdNikFLTYzoW97mEH2FC+DhnV+A9phiMstFes6aZZqWsIexZamSPc5ivduCh9kG5685J2D+D3KdIMTlAvvQvvZxU2/lcDXAXXVMtjfXFtwUCreXDb9o1lD7fWDht5Y1jC02RaXfurYJ3fo+Ur1TRFFQIfguQU4MUv9GhnSGIDaTqYJFD/HFtMbrTy1HOA+obZhb/eBYNu050pLGWvwXTkyCvZNhxMfSI8i0V5ePoSVSsK1cIC036aiRagz2yLWs6VncOkhFxwgJXQtmSFOv2hMREkJPydvBRg/vctSUHzxuou1VMCcpiLpgUidlFHIxCUAPpkmXW81nxCFpua4j62XOS7MoRcA==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR11MB1288.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(366004)(396003)(39860400002)(346002)(376002)(33656002)(54906003)(4326008)(19627235002)(86362001)(966005)(83380400001)(7696005)(53546011)(6506007)(107886003)(110136005)(55016002)(9686003)(478600001)(186003)(66946007)(8676002)(76116006)(71200400001)(8936002)(64756008)(5660300002)(66476007)(316002)(2906002)(66446008)(52536014)(26005)(66556008);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata: PmB9JQPN1xeNnzg73ToD848UcqaJooKrUOBpR3UaxRECPAgtdBzzKvE8WG9NZDeHcjkO9ThOUO5GjOdqUvRGHNXzA9u4ynUUlGwuwNSHvllFXkMwVFGoBGmc5igFyA3SWQVL7xJf6oFy8w6BqXwDiCvy/AJEtnACsasJjUNb/niDz/RYpDtp2GDpOwTWPeQ1wJxCCmJF/lEHnai5pXogxvK1GCh8IfrEbllR9qP2fAWccwlrIsUYdjRyVhv0IxWVHlF3VdxPz+IwzwgDz1IUdVO8zzUd6ojicMKCD1HOEyXNo/bgWgECgQCRVgXwDj9lwgh6WeJt3UpXRjVDzH1RyjwxeG5riyvC6O5Bvs5okvUUq5I/usyfQA7mELwbWcwYth5Rzr/q1L1B5akwFo5qVGTlwCwfJQc+wm0vCVf9dUSgdhJd39Rot9dpyjcvEZ4X0gqh/qDuwxF/BbCzgB1TmA8duRTnrc3NkGrCkCqgquw4Pt2omoITkzzpfjj5iYHo01RtCGplq/9WS7WD9N0FCOYkGCsvGLy2GVOI/7PyP9KUTdbKIJBvbqWWuNRXQGSapUsSSuzbsxA98zXnDdMTq+ezIuayu4sTwoCmOrFvzzwweuHlIEvku5eVnck43m0bMXDeh5UTi29fHC7ti20bow==
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CY4PR11MB1288.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: db19e421-51ab-4e5b-762e-08d85915b84f
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Sep 2020 01:21:49.2526
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: UClsMgtzH02AP9CwJYxn7hTAe+zi53XFxLpsZCPHzmSMLBQOL+t4G50O/BdrerMPaSpky7ai96v9l40BmfIy1Q==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB0007
Return-Path: jiewen.yao@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi Zurcher:
Thanks for your work.
1) Please share with us what unit test you have done for all new APIs.

2) Please add comment on what is the valid DigestName in EvpMdInit(). Other=
wise, people will have no idea on that.

3) I assume the size will be unchanged if a module does not use the new EVP=
MD API, such as UEFI secure boot, TCG trusted boot. Please double confirm i=
f that is right understanding.

Hi all:
I would like collect feedback on below:
-- "I replaced the MD5 and SHAx functions with EVP functions in Hash2DxeCry=
pto, and it grew from ~26k to ~253k."

If there is negative size impact for the platform BIOS that is using Hash2D=
xeCrypto, please share with the community.

Thank you
Yao Jiewen

> -----Original Message-----
> From: Christopher J Zurcher <christopher.j.zurcher@intel.com>
> Sent: Tuesday, September 15, 2020 8:58 AM
> To: devel@edk2.groups.io
> Cc: Laszlo Ersek <lersek@redhat.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>
> Subject: [PATCH v2 0/3] CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest
> interface
>=20
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2545
>=20
> V2 changes:
> Added NullLib implementation
> Added Crypto Service implementation
> Rebased Hash2DxeCrypto to use EVP interface instead of low-level function=
s
> Removed unnecessary casts
> Added "HashAll" utility function
> Merged "New" and "Init" functions as well as "Final" and "Free" functions
>   Retained "Init/Update/Final" naming instead of "New/Update/Free" as thi=
s
>   conforms with common usage
>=20
> Low-level interfaces to message digest (hash) functions have been depreca=
ted
> in OpenSSL 3. In order to upgrade to OpenSSL 3, all direct calls to
> low-level functions (such as SHA256_Init() in CryptSha256.c) will need to
> be replaced by EVP inteface calls.
>=20
> References:
>   https://www.openssl.org/docs/manmaster/man7/evp.html
>   https://www.openssl.org/docs/manmaster/man3/SHA256_Init.html
>=20
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
>=20
> Christopher J Zurcher (3):
>   CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest interface
>   CryptoPkg: Add EVP to Crypto Service driver interface
>   SecurityPkg/Hash2DxeCrypto: Rebase Hash2DxeCrypto onto the EVP
>     interface
>=20
>  CryptoPkg/CryptoPkg.dsc                                 |   3 +
>  CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf         |   1 +
>  CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf          |   1 +
>  CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf      |   1 +
>  CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf          |   1 +
>  CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf |   1 +
>  CryptoPkg/Include/Library/BaseCryptLib.h                | 125 +++++++
>  CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h    |  10 +
>  CryptoPkg/Private/Protocol/Crypto.h                     | 127 +++++++
>  SecurityPkg/Hash2DxeCrypto/Driver.h                     |   1 -
>  CryptoPkg/Driver/Crypto.c                               | 148 ++++++++-
>  CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMd.c         | 253 ++++++++++=
++++
>  CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMdNull.c     | 124 +++++++
>  CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c  | 140 ++++++++
>  SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c             | 345 ++--------=
----------
>  15 files changed, 965 insertions(+), 316 deletions(-)
>  create mode 100644 CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMd.c
>  create mode 100644 CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMdNull.c
>=20
> --
> 2.28.0.windows.1