From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web10.120206.1680658648950236580 for ; Tue, 04 Apr 2023 18:37:29 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=be8hX269; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1680658648; x=1712194648; h=from:to:subject:date:message-id:mime-version; bh=b/ARkFbiqiZE4BahxxISlzVlYgEEQONK2UsKGNu9aSc=; b=be8hX269h2x2SrZSFfyt6sqiOk3r9dTIVPQ+ywIkshDYFwyB1Xz6dyUZ 6+coq73UgmkwTwSSm3yp8AB3SLgZcKChz5JKStgdK01W4PfZ7cSdsWHKG T2ogDgMT4s37boFthZ8AsyTNRg1eZDj2U1jNzL+dhWYT4L9Pw97Bwr6jG 3ppcTcPHxtpHdqUELzwDIOqXfbEYGDsj79XeO41P55sIavB20WS4jbJyH lRSZCVlQyTmChUs7CbMvgUppdVDTP6Efqx9yhMfsEUSdJhtf7kGjiA9o+ qWSd/xICuW3NebkhQV9EA/L69HtLWSswEzT/NmiAL4QoUzkhQxIa8hIO6 w==; X-IronPort-AV: E=McAfee;i="6600,9927,10670"; a="344923303" X-IronPort-AV: E=Sophos;i="5.98,319,1673942400"; d="scan'208,217";a="344923303" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Apr 2023 18:37:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10670"; a="775867364" X-IronPort-AV: E=Sophos;i="5.98,319,1673942400"; d="scan'208,217";a="775867364" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by FMSMGA003.fm.intel.com with ESMTP; 04 Apr 2023 18:37:27 -0700 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.21; Tue, 4 Apr 2023 18:37:27 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.21 via Frontend Transport; Tue, 4 Apr 2023 18:37:27 -0700 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.170) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.21; Tue, 4 Apr 2023 18:37:26 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FQ/b0S3YGTMAH/PH05+ZcM6PTaFjkwwwMqMdAdSIMaXtxE3kCtAJ1WNQZ4G2VdWavrsIdlLmcPxWq5pthznAmHoM2g3l4usk6ocSeosHYFbUjlqAKeoxNrOXd34woHDKr0cRW/unJwQ9NxQy1ijUm0zF4QFlP93EotV5CKmYlAGaV0W4RLKvPHZ4KM9Z1d3We+ERucCztJ6XymHSQnzA3ShW7+GpVEwT3N7/gHzU983TFDI75Y0J+7Zo2P2Tf+RqZQ4Mw2FIhA2gsSaO1RDtbOoD3RPOSA2DRRv2N2XA0cj7wnIjPNNlyaDaEYirM/kLKjweq6sKWpZKCq7+Je8kxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VenN1rCGPeE4My3ZA3yVcDmIv9CD884/fE0UJey+Whg=; b=YNSxUAmylOf7P9IuvAwGbkFH4QY2cFpJTFcYJnuhXc0nm7Szc9m1vYfvMDUm8IHfq+DFfbjZ84KdcWL1cu9WZg6+jPTk76mJc6lxzVvyu9HqIN+38nUlw4NPxapRJWNEHJj2ObICRcTj2CuRj9am1H80CeepVRuMDyN3dbrdWlPd4fptUNel0vrvxj8o3Tkg1OtahTfgLblrkRctJZeqlBO6WZcUCQXnw1AoIfK0xHo5ChbwrbIkW3ouLs81bgaQzAjwguAnpa2Xb5JClwbwyvXcHm/Sd5SaI1Lg4Fhib/Dji/hIwbStnpz84gSKh2+s88+fq5u2h2DSd7nfQQSSLw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by CY8PR11MB7923.namprd11.prod.outlook.com (2603:10b6:930:7e::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6254.30; Wed, 5 Apr 2023 01:37:24 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::c0c0:4b46:1dd4:80d6]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::c0c0:4b46:1dd4:80d6%7]) with mapi id 15.20.6254.033; Wed, 5 Apr 2023 01:37:24 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" Subject: [RFC] [edk2-openssl fork] Add openssl fork repo to Tianocore to support OpenSSL11_EOL Thread-Topic: [RFC] [edk2-openssl fork] Add openssl fork repo to Tianocore to support OpenSSL11_EOL Thread-Index: AdlnXyn7hizB2a7ASD61RZBr2MRu3A== Date: Wed, 5 Apr 2023 01:37:23 +0000 Message-ID: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4PR11MB5872:EE_|CY8PR11MB7923:EE_ x-ms-office365-filtering-correlation-id: b588dc35-9369-4968-49cf-08db35764e38 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 3AK56BMnXuqd/lkEnicnEBNJzeZHlK1TJba1f7Evwmeny+7VzvaeFQoG3lad4JMbN/Xov+1/0XLGPbajbC6IwyES2ePkBQb5Ojw3IUHqmA++CpW9RpS0uw46rXfp+zHEpkL5Xnw3Fg1bc+aAhNCWqhe+rNKdkDNvJvNqF9RoOvxdOx/Uslw+JC6BnQ3VMrPWOaf5V+YERmYuARbPWfZDZEH1lsHvXHLV/ESiUpw4HLeHCqkQAuYCJN+Xnp2nLRapk/E3n1/5zj8Cq5S3vlsye8c9+9ESTSwzauabmFXMxYOZZscKHWF+TIGIn3+v9npmRnpEWTvTFqcd+Mlr35xO81pVTxUiiCUqa2X1nyj/6fUpyV86SKvb6aVGNBosnio0oqGP1q70ZCJok5rwGTAVmR5mMfv5ZRI2vo+oWOM4ueWWM0ClfT7SD3wJ0dOnfi22dyRXkfQlxFdmRlZkEsmP4Xu6MDLP7mz/+efbZzBGLI0IDu1A95m8PLZSbe7vGG7Jvk8izXB+MC0xBR6PhH2mc84zAMfvLKvgQ4tvpI+CkO6H4dgLXC44xdL73qdl503NuT7vxjx6GGEUe5AQjV7J/dTxOAbb4KJPa9FyrjHkuSGdHkvs3GyryWVhk2ej4xofNBcIEtKcPClwgfArLjMdfg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(366004)(376002)(39860400002)(396003)(136003)(346002)(451199021)(38070700005)(41300700001)(8936002)(6916009)(166002)(122000001)(82960400001)(52536014)(316002)(5660300002)(86362001)(38100700002)(4744005)(66946007)(8676002)(66476007)(76116006)(64756008)(66556008)(9326002)(66446008)(478600001)(2906002)(26005)(71200400001)(33656002)(7696005)(83380400001)(966005)(186003)(55016003)(6506007)(9686003);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?bNDLdVc0uOJPfzV9p3E7QMNXlto1eadhumJLshdjN+y8RSTkS+k1BK6DEmGR?= =?us-ascii?Q?qGfvVyekSnHEeRDEFNBULra+EcOAcWftqa2qzpBYxxYWjiKYMvzhFYLZRweE?= =?us-ascii?Q?5Hr9a7ligPwpHoX9ftixNIgzTYhbUHaMJ0kXzomeBdYn18FpUtmgTWI0zpdw?= =?us-ascii?Q?n4xDInXfahq+kzoTdK6hvm6R296OzkUjeqC7w0s+lffyGEguV+Eu5lb7SQQJ?= =?us-ascii?Q?ujqOgqp3I+cy5kuZrCyorfyswtZplwLP2tDJlcp+Yj7UwFVuLS0fQS66GWHA?= =?us-ascii?Q?k1yKe46zOwDgqdkCAX3b7C/T/gIgivJJD5TBY5BgzwaYgv8rqy7m9sUko5WD?= =?us-ascii?Q?svZaG8cYacDPdl1JJOPYEI2LokxGkxQ906qqh0SRsuXoNsaAb/w2mI0sDGgr?= =?us-ascii?Q?hhslx0sDJHGJud9dzDW6olulbfZXyF+8+ke5mUhROSKc79AL00jYCo7OTpch?= =?us-ascii?Q?OZ6jIYf8erZ6revCP6nqSAQPSMhIZya0sjLkAbRP7bvOoFi3puj+8DB0guM2?= =?us-ascii?Q?7STKt3CG2rcTWfeGmKgtjZhBtXyRT21x2pyzG1y99+JG/44s0AU+CKp9q84V?= =?us-ascii?Q?nCqAy49MRFUPmxAJ1qFRRc4lCiAFvDDb4Ms4DOTxyJBSB6sKOkV6uT3T0/KT?= =?us-ascii?Q?pkNttMWD0kGv8ZLesa1+qgMIShtaDg8GGYAFuYQekOJKv5VE/SjdaveGfLEp?= =?us-ascii?Q?OKt5OIOIh38xOS3f52zAjbOCQNpEp0ZOz4igTDFQdUHHCh7LDLFhODTIe0zd?= =?us-ascii?Q?7EMQAwaGOnwVzgjBhqf8ImwtQje+gVW+DxRqL9ce2MOQv+gtXFU/JNjIIWd5?= =?us-ascii?Q?ODVZSWCvTgk0ZQKscVbYeIctpdMRGO37qIRoOsHrRreBhOVdfkWXyJ8WuTaS?= =?us-ascii?Q?NM2AEvvybjAP0xA6FBRbxaVuPPq+oZxEgOs+lXqhJiKi+pzCn4d4Zk5yJRsZ?= =?us-ascii?Q?3B6R/OiKZ0YdlEBXHEsmib6TiwKLtavZjItmGQqVWDqMLRZcAk1KkmncZltc?= =?us-ascii?Q?Xj4dzEluGN5WYOet3bqRFrUHibaAj83buhk3nCN9qeN7ZIDFBoc9JeeeDGCm?= =?us-ascii?Q?NnDeXRazXK7ilDuDlskVUrRuNFNiZNLnjdgfN2PVxbL6Ad6kCbK76fpQ6m9D?= =?us-ascii?Q?QDapZ+hT8QHeN3jgCq0OO5869DtWQAc1DPByAqAkhS0iJM5xbPn7xeBsMIBx?= =?us-ascii?Q?wiEwfGGipuwVdcjvX2MBFHE7q1QKK9djHVdb1TpO+USlAxaUhLc8zJdrtf0q?= =?us-ascii?Q?lOw3FyHFSzqsrrIz9FdF6M3YfwgUzHRTWvLJ4infV04+8NUXzfMdOiplVlbf?= =?us-ascii?Q?BY7dbQO5fZl69vqcko8d35ebnx3VfbhY+8vDJIro55Vn7fvkxyX8AR36rpiD?= =?us-ascii?Q?i59lLW3oJDROjEaMwgWmEdItWNQvgVqDKwK+UmI7FpzMvDkoOflqqRzVa1lN?= =?us-ascii?Q?hEFCHQsfqSzRXnbfw+ZE+jXDFEZn0yAI9OzG3RGpxCpYzCggIokLsSorCVrF?= =?us-ascii?Q?lrk9a3G7JQlEhp7tXr1f7I+p3FFdJb886S3lcyVm1s/I/3CJEVGQvPntHjYZ?= =?us-ascii?Q?CstijHoIa34c4Dzokiw1V1WAMQ8bFe1HGqs5uWqH?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b588dc35-9369-4968-49cf-08db35764e38 X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Apr 2023 01:37:23.6816 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 5eXk3L4rzK6Kw6mTMLvq4K+C0dWISNX8IipL1kPIzgvv4e2+XZNG6gZ5gBq1lKDQ/T7em2QDOFsLSd1eZ61TpA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR11MB7923 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_MW4PR11MB5872F769994F100A316132A78C909MW4PR11MB5872namp_" --_000_MW4PR11MB5872F769994F100A316132A78C909MW4PR11MB5872namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi This is follow up for the "Openssl1.1 replacement proposal" https://edk2.gr= oups.io/g/devel/topic/96741156. openssl 3.0 POC result is shown at https://github.com/tianocore/edk2-stagin= g/blob/OpenSSL11_EOL/CryptoPkg/Readme-OpenSSL3.0.md The size increase is reduced to ~10%. In order to achieve maximum size optimization for openssl 3.0, we updated o= penssl 3.0 branch and recorded to https://github.com/liyi77/openssl/tree/op= enssl-3.0-POC. To help the community review and feedback the openssl 3.0 change and plan t= o openssl upstream in the future, we should avoid personal branch usage. The proposal is to: 1. Create *an edk2 fork of openssl* under https://github.com/tianocore 2. Create *an edk2 branch* to hold all update for support https://github= .com/tianocore/edk2-staging/tree/OpenSSL11_EOL 3. Add git submodule of the edk2 fork of openssl to the OpenSSL11_EOL. Thank you Yao, Jiewen --_000_MW4PR11MB5872F769994F100A316132A78C909MW4PR11MB5872namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi

This is follow up for the “Openssl1.1 replacem= ent proposal” https://edk2.groups.io/g/devel/topic/96741156.

openssl 3.0 POC result is shown at https://github.com/tianocore/edk2-staging/blob/OpenSSL11_EOL/CryptoPkg/Read= me-OpenSSL3.0.md

The size increase is reduced to ~10%.

 

In order to achieve maximum size optimization for op= enssl 3.0, we updated openssl 3.0 branch and recorded to https:/= /github.com/liyi77/openssl/tree/openssl-3.0-POC.

To help the community review and feedback the openss= l 3.0 change and plan to openssl upstream in the future, we should avoid pe= rsonal branch usage.

 

The proposal is to:

  1. Create *an edk2 fork of openssl* under https://github.com/tianocore
  2. Create *an edk2 branch* to hold all update for s= upport ht= tps://github.com/tianocore/edk2-staging/tree/OpenSSL11_EOL
  3. Add git submodule of the edk2 fork of openssl to the OpenSSL11_EOL= .

 

Thank you

Yao, Jiewen

 

--_000_MW4PR11MB5872F769994F100A316132A78C909MW4PR11MB5872namp_--