From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web11.15061.1664093061104209986 for ; Sun, 25 Sep 2022 01:04:21 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=MJm9Rab+; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1664093061; x=1695629061; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=j9XCHiPWGmqxrguT4Pe/6VXOsXpDBkUUflRbVbyxt1s=; b=MJm9Rab+9t+gkMbRL3UMCvT4ug1j5YVjmUXJ9DkghfrXNk6+KTTmYpOt aDxXwzEoUe0FOzdzD9iEkjqOC6t54OPxbfwRTx7Axl8YXUEpHhy45hZGf IVzQdLpWbOSaNrsqUqphNzdbv8KnrZzKAJnn3Bgz1K5wluHQO3s6NvMXA qEMbkLhevUqkU6XFVWDgFY1yoZv/iOxFCRYRC96TtkojXI9ZOkWOtP81M 8j9AMlB2iipdqeDm7MDky6pY7uLy68FIYYyBxO4PdW5MC+BTHK4dOcMhK uaFNhOFjdazQRCg9vOjGj+AafWZWYRschITvoz0yceQD0H0OkctNIOt/N w==; X-IronPort-AV: E=McAfee;i="6500,9779,10480"; a="387131952" X-IronPort-AV: E=Sophos;i="5.93,343,1654585200"; d="scan'208";a="387131952" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Sep 2022 01:04:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,343,1654585200"; d="scan'208";a="709771196" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by FMSMGA003.fm.intel.com with ESMTP; 25 Sep 2022 01:04:20 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Sun, 25 Sep 2022 01:04:19 -0700 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31 via Frontend Transport; Sun, 25 Sep 2022 01:04:19 -0700 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.109) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.31; Sun, 25 Sep 2022 01:04:19 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=L22rrHt98NFATyTrDEwuVVgpI85zHwrrFww4/gmYVpSJB67dEIgcULC7REeA/QYQleXLhVxBEz0pMQ8qjJ6aVGT0fnJH20uaB9qjQP8Ci6Jc9fHwZxbAKd6HHTFMFPKIY2ZxlPvxZJqRsRw1C0DxcUDhits/KNhnipP4rCWQN1cxIvkHanBQL3cniZSkp+lOAAHHPvYB4ghtbXwz4RhxylyeVAP2St2ZiMTgA0fhtsGcUpm2mBi50BLsHd4DS4TnWl4X+mLZIrAugSxPONrIYKMg1H3DA0JkLL7QrE7uPi/f4DB6iS5qin/7xYN16kWmCldSSLl2fGv8IX1ShatLuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5gYUu+aRYmemu3ivk7k3JYwS9PYaHO68sTyzLnKD034=; b=BDa8V/rQuW4IsT5xjAwlFTzMHuCv/L8r7kst8cfGpFSK1d8jne0/jYvKIt9ikhUHPzDuxcOZIDmqPq46K5taayMNV4wIguONTNccSv/O3Gge5jGFmNdq833DfNAE68svYB4zrIHkV9TeFzwhGOav4OrEWlA9Jlkl6XSEv5pnCYXgRjOhLKlTCeehkdc01GEAu3WkYRBhUFfMXZABTRcggq7TVWonME6t9ptaGANC1ru+Saia5yrOwQNPRQq5Mtm+Ilf09dwF37ip6xIgLZdbl3QUl4IhUb7DfIkYyQ6rKPCjtMecMi0MFmjhG9vmQB7ParrJFZnFY3xRJduwU6ExHQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by MW3PR11MB4569.namprd11.prod.outlook.com (2603:10b6:303:54::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5654.24; Sun, 25 Sep 2022 08:04:17 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::c17d:f1c9:e958:b5e]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::c17d:f1c9:e958:b5e%6]) with mapi id 15.20.5654.024; Sun, 25 Sep 2022 08:04:17 +0000 From: "Yao, Jiewen" To: "Li, Yi1" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Lu, Xiaoyu1" , "Jiang, Guomin" , "Kinney, Michael D" Subject: Re: [PATCH V4 0/4] CryptoPkg: Add EC support Thread-Topic: [PATCH V4 0/4] CryptoPkg: Add EC support Thread-Index: AQHY0JBdMJ5y0a/UJUGSZdLUVb9FGa3vyLTA Date: Sun, 25 Sep 2022 08:04:17 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.500.17 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|MW3PR11MB4569:EE_ x-ms-office365-filtering-correlation-id: 8bd57917-9364-4351-1bed-08da9ecc8b1c x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 5BsMYd6VNAX4d3vVncef/QU2jwXs3cveO8+r1UOCEbvbC7fzEtIzJzyck6Yc9xoz/HMEdPSfUdQVbbotxkqp5s+MtCAI0w4A+M4D8nsHxDJRE46WLjAH12oPQ9b9QlL8zLyAkLFVkhxb+EzKY3Th7hBIclsEu8aqQ0eAFxue4ovI2D4EpAlogItEaSFz9McqeMXu0iwVZKaXlXntU9LgUJFbax3Uvcs4cPsVzb3mQUX+p42JHIl0wLG7VE/CWNGHGdHs2nBexP7lJFaPvFDAIJ187zgTZ+BHyx2a0ldvAsNMUS6GxY3+v/ZTcunfKFGNfVrWFY9uB9HGFLPPBG4YufffIzMFGfaGQKR28f8sP/UylXNqwGS660uD3iYcuV2Q7NXypTpsRdPiNl4EHm01f8Lizo/VGBUjHKnrLOx5rVoJsifAT5PzxwUSIpwEu8qhTW0Yh6t/+MR99wkYYb8/LEks1ZfhJ0YzAzJIptivqwfQLIFq6eo6FIwWtKb1SnDAU5H0DVCHW0CWOu2eGlmzmCxyTlhDUrbbCkkr7Lkyb2n3vQISJy/e9RlwlDilQq+rsnGvkTjZqjVdJgLZ37d7SPkOeCSWD0phm2zM/M9i0efF09lY8JTmMfkucUQP24v3oih9D139LF2ZLLWhf8DT+LfiQaCh67fBm3FGRyhMeptr2Pnr7rjix3nOAbd1aU2OL5x552f+2A/QP7CEbEl/6rXZCxhmlP8wc7CnabtEsds8TBs2E533XUSUhxl7He55alfik/mkbLdP74Cu+Obrcb6oPG226OVmqll9hvBlrBCNMXGFmWtFnHZ+t4khJ7A+HgHW6OxHAlIfd+9bPSqzCg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(136003)(376002)(346002)(396003)(39860400002)(366004)(451199015)(71200400001)(38070700005)(122000001)(38100700002)(478600001)(82960400001)(54906003)(316002)(110136005)(33656002)(2906002)(6506007)(7696005)(53546011)(8936002)(26005)(9686003)(52536014)(5660300002)(186003)(86362001)(8676002)(55016003)(107886003)(41300700001)(83380400001)(66946007)(966005)(76116006)(66556008)(66476007)(66446008)(64756008)(4326008);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?mwRASz0gdnWzztFRIbt3HRfYT2h8c13Y3vHTrutCOSuMeOnVvtJyU2TWBixH?= =?us-ascii?Q?VRh8RcPqSbTVpCL66wCppSSe4hJ5vbYCsOfYfFjxu6rT2PKRgwOT75McoqoK?= =?us-ascii?Q?wBiZ81wZNeprMOu+ESGAHhYLXsB+z3ZYu2xCpS0vu0hUxd9cPIUqk0F7/n+k?= =?us-ascii?Q?IF/x0WPz6W6SJwzBqFbtQOWWVmuzShaDkP3D9KnLVERNR3T7oOjzOIpxBgG1?= =?us-ascii?Q?70HKQL7ioIAZVbf6D5sgX8v2VIYkHeFTHWsliDEhJMxSAJtlQaLKCn/Dt9Zr?= =?us-ascii?Q?1UgqG2uDiy5uvF+2NTfBEnC0dH91V39WmH/aY3ObT2hQAoYt2qUcQ3aKlJDg?= =?us-ascii?Q?K44r5n+dVy3vW7MoORnNwfwscrmB3wotMcSxptp3ZQuXxm7cGylu8vwZ8pYA?= =?us-ascii?Q?tRR44Ni95FUo3pYLLBH/GxbplUr4LA6juDlb8AdvsEu6uV7W6ePoawnYEzW6?= =?us-ascii?Q?eLQK3UQl7XnBqt1itIlEMmexEP3B8tgN5sMnHVhtFxxqjBA6HjEPaX1DtUUl?= =?us-ascii?Q?Qxc+kZQtKjmQOiN+w8sDRmn5pYbKOlOUKpaH+hr2OJ6wrx68+Kwyzx0HFBeC?= =?us-ascii?Q?Yk8QugDHwLbHC7m4Et0zDWVgoJE7iMMUZeqmvttlOzOzH5iZkivvsqPDiq2Z?= =?us-ascii?Q?VTU4RwXmLlmxZUT9Vj7Bw2MdXx/e/3eu/wZwFPioXblfDOMkQK5YUj6lT9Zo?= =?us-ascii?Q?kQWsg+jcvDYiUozjEqBnRpKVc90U6Juq050t1LZRpHlfgYTOaL+Kext07rTU?= =?us-ascii?Q?0vY4EPFjQF6OMEUrmDo+58Qr+poPkovRoPdiISh0tOkIuk/ztSOa5KrAFSer?= =?us-ascii?Q?w5eXujMJT73K+xCLJot9pGnsM2bAbVQ1pg7SXNiHRloM4oI2PQ8Od+mUcPMW?= =?us-ascii?Q?6ik7B5IMyHdG4rLL9r+JuRT83CuVekUIW3NGkcCFQKrRtOCB8E+RVJNnm6j9?= =?us-ascii?Q?UsEWkO7PEFVgk3vp+AVlPiHhiJHzI1DC8bc62YdhxfOJjixxZDc1pf08gjH+?= =?us-ascii?Q?/zc2ITxXHy4PVkcQGY0/0yvtAZU0pxduRpKifO+CwR4lUylGqLcyrqJQQlvs?= =?us-ascii?Q?644pMgTncN7zx9ql++8U9dUk/g+3UoFJMHb14gUcJSg5nvX6s42GEUpuLoxV?= =?us-ascii?Q?OzX0BBCeMd0kjT+BDLCX03v9grO+fSC9tS4nklgwgMKiqyIxmLgG0M7PlfBd?= =?us-ascii?Q?jyDxdHd3VkeEpRZsE0EHDT/V4L5EHr26nSTwdrvkW3iAE7VXJMAbH8jbs8Gq?= =?us-ascii?Q?lwd5ABzjhYE0yJXPSVT/4PSPSeoS5GqiZ9IUPEX2LdPIbETYjLJmBxYok4F7?= =?us-ascii?Q?r1Ti4umsAwhhEKKZzwn1QMvyRyGJ0gIzAqlnPRnZsHgMnZIFYWCoIGEuLNSO?= =?us-ascii?Q?624/sglOUBKzjj27ZdUY+uaYP0mMHXRy0nji6amnRgBY+5ISNUul4SC+KPnM?= =?us-ascii?Q?0+J+2X2wkK2HDz32gtdPXoh4jOhBE/i7ODasXNMyE8speWXpHlv+PD8z5YNb?= =?us-ascii?Q?UKKid4jEp6GiuO4EteSluPgClq/icczG9lBJJesdZxC0zcysAQkf5sNczf/4?= =?us-ascii?Q?TmLRYweASUUyjfrkm7Cd8rYqWmjWBsMkro8BUYFD?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8bd57917-9364-4351-1bed-08da9ecc8b1c X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Sep 2022 08:04:17.0582 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: MLzfWxfyaydphTyxNkcggumaDVDWfoJheoTDbWPC3UbyFK06IEgKzT182OHPykStD6uDtNY6vX+aNGQiEHGfbA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR11MB4569 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Thanks. For patch 3/4: I don't think "TLS" is "public key related service". I suggest to change fr= om + # 1) Platform needs ECC in public key related service, eg. Tls, X509, Pe= m. to + # 1) Platform needs ECC in TLS, or asymmetric cryptography services such= as X509 certificate or PEM format data processing. The rest looks good to me. With above comment change, reviewed-by: Jiewen Yao Thank you Yao Jiewen > -----Original Message----- > From: Li, Yi1 > Sent: Sunday, September 25, 2022 11:39 AM > To: devel@edk2.groups.io > Cc: Li, Yi1 ; Yao, Jiewen ; Wang, > Jian J ; Lu, Xiaoyu1 ; Jiang= , > Guomin ; Kinney, Michael D > > Subject: [PATCH V4 0/4] CryptoPkg: Add EC support >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3828 >=20 > Review PR: https://github.com/tianocore/edk2/pull/3398 > This patch sequence is used to add CryptEc library, which are wrapped > over OpenSSL. The implementation provides library functions for EFI > BaseCrypt protocol and EFI BaseCrypt Configuration Protocol. >=20 > All APIs passed unit test and fuzzing test, detail as: > 1. Unit test: > The purpose of unit testing is to ensure that the function obtains the > expected result under specific input, that is, to ensure the correctness > of APIs. > All test case show in patch 3 :CryptoPkg/Test: Add unit test for CryptoEc= . > 2. Fuzzing test: > Various Fuzz Testing are employed across the all introduced APIs, and the > test is used AFL (2.52b) and Libfuzzer (clang+llvm-11.0.0) as the fuzzer, > based on HBFA. > Fuzzing Pass Rate is 100%; > The Code Coverage new APIs is 90.3%. > All test case show in: > https://github.com/liyi77/edk2- > staging/tree/HBFA/HBFA/UefiHostFuzzTestCasePkg/TestCase/CryptoPkg >=20 > V2 change: > 1. Squash uncrustify tool update into previous patch. > 2. Increase EDKII_CRYPTO_VERSION to 10. > V3 change: > Fix typo in comment. > V4 change: > Add ECC related usage reference >=20 > Tested-by: Yi Li > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Xiaoyu Lu > Cc: Guomin Jiang > Cc: Michael D Kinney >=20 > Signed-off-by: Yi Li > Yi Li (4): > CryptoPkg: Add EC support > CryptoPkg: Add EC APIs to DXE and protocol > CryptoPkg: Add ECC related usage reference > CryptoPkg/Test: Add unit test for CryptoEc >=20 > CryptoPkg/CryptoPkg.dec | 28 + > CryptoPkg/CryptoPkg.dsc | 1 + > CryptoPkg/Driver/Crypto.c | 496 +++++++++++ > CryptoPkg/Include/Library/BaseCryptLib.h | 424 +++++++++ > .../Pcd/PcdCryptoServiceFamilyEnable.h | 25 + > .../Library/BaseCryptLib/BaseCryptLib.inf | 2 + > .../Library/BaseCryptLib/PeiCryptLib.inf | 1 + > CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c | 765 ++++++++++++++++ > .../Library/BaseCryptLib/Pk/CryptEcNull.c | 496 +++++++++++ > .../Library/BaseCryptLib/SmmCryptLib.inf | 1 + > .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 + > .../BaseCryptLibNull/BaseCryptLibNull.inf | 1 + > .../Library/BaseCryptLibNull/Pk/CryptEcNull.c | 496 +++++++++++ > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 469 ++++++++++ > CryptoPkg/Private/Protocol/Crypto.h | 831 +++++++++++++----- > CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 3 + > .../BaseCryptLib/BaseCryptLibUnitTests.c | 1 + > .../UnitTest/Library/BaseCryptLib/EcTests.c | 290 ++++++ > .../Library/BaseCryptLib/TestBaseCryptLib.h | 2 + > .../BaseCryptLib/TestBaseCryptLibHost.inf | 1 + > .../BaseCryptLib/TestBaseCryptLibShell.inf | 1 + > 21 files changed, 4136 insertions(+), 200 deletions(-) > create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptEcNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c > create mode 100644 > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/EcTests.c >=20 > -- > 2.31.1.windows.1