From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 7593E7803D7 for ; Thu, 9 May 2024 08:33:39 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=JM87HUU+XXJpBRsshbOBREdLNVVxEq+VMPbHP0XQa4Y=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1715243617; v=1; b=pj02cLcgfCqkVRR0UvWAU+/ygzPjo670Kdh3Nsv4Fm9NG6IxwpTAZSg5LeIJdkyyFdfCazeD FPc2dUJdikABIzHZGps8xePd/iKGwDsIV8oBq4s+ek1t2y6lj8j+bA+H0syNL3coZOikNI9Cgty smFJrYSmjP04/TUXzvvl6ODDHdFbq+pHA3/x6cipLjzBLG3PkbPlpT+x6Ui+ZjxuYWkuaLp5jib /zcp6loEqUroSYBgMM5oEJelScsFlMHZA4jxfYZZmfdvTgwwSrs01oOAuMR3nyu/S0KDMgApATc JQLLXXdz6mvFv086lgEPRk5cVOmbEfAHa8q1r2C8VDrQQ== X-Received: by 127.0.0.2 with SMTP id diyvYY7687511xais4MsxJIR; Thu, 09 May 2024 01:33:37 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) by mx.groups.io with SMTP id smtpd.web11.5315.1715243617325881432 for ; Thu, 09 May 2024 01:33:37 -0700 X-CSE-ConnectionGUID: eXsK9x1pQjudyYO8mt1HHg== X-CSE-MsgGUID: popPqEHbR9+ysosU2XpbBQ== X-IronPort-AV: E=McAfee;i="6600,9927,11067"; a="21821012" X-IronPort-AV: E=Sophos;i="6.08,147,1712646000"; d="scan'208";a="21821012" X-Received: from orviesa005.jf.intel.com ([10.64.159.145]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 May 2024 01:33:37 -0700 X-CSE-ConnectionGUID: p5aYYo78T/Oq9i4L6nddmA== X-CSE-MsgGUID: QLKidZx2TgeUjxVMaG7MWw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.08,147,1712646000"; d="scan'208";a="33967617" X-Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by orviesa005.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 09 May 2024 01:33:37 -0700 X-Received: from fmsmsx611.amr.corp.intel.com (10.18.126.91) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 9 May 2024 01:33:36 -0700 X-Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx611.amr.corp.intel.com (10.18.126.91) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 9 May 2024 01:33:36 -0700 X-Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Thu, 9 May 2024 01:33:35 -0700 X-Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.168) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Thu, 9 May 2024 01:33:35 -0700 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10) by IA0PR11MB7257.namprd11.prod.outlook.com (2603:10b6:208:43e::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.46; Thu, 9 May 2024 08:33:28 +0000 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::301:5dbd:207b:5578]) by SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::301:5dbd:207b:5578%4]) with mapi id 15.20.7544.041; Thu, 9 May 2024 08:33:27 +0000 From: "Li, Yi" To: "Hou, Wenxing" , gaoliming , "devel@edk2.groups.io" CC: "Yao, Jiewen" Subject: Re: [edk2-devel] [PATCH v3 00/11] Add more crypt APIs based on Mbedtls Thread-Topic: [PATCH v3 00/11] Add more crypt APIs based on Mbedtls Thread-Index: AQHaodnrXfmkckXYd0CSXhplPh6bMrGOd5vAgAAaC1CAAAD1MA== Date: Thu, 9 May 2024 08:33:27 +0000 Message-ID: References: <20240509062700.2062-1-wenxing.hou@intel.com> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|IA0PR11MB7257:EE_ x-ms-office365-filtering-correlation-id: 4e87272c-c711-4735-d628-08dc7002b2fc x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: =?us-ascii?Q?k7weoC4EV9AliFgC6D4s2gkuMvYPjsXa75cS6xa9LFJlaqyO2uaX6O63GF37?= =?us-ascii?Q?ugtufiCZMMLPdkjEsQ/9bIJBb5eDBAapmQdjcKymf3ngZHTDdKt14IwH+o9K?= =?us-ascii?Q?mfJjgWNq2UtJorcpIq39h0L4GtMPWJNO0iK6qctWLSEgq3kM/nkkzt5c+yGd?= =?us-ascii?Q?8m6w1+ywo+2bpz+kqv2OMbEsDiYktsuFEdlKnctXAPSlMj4sqh/H4O3pANzv?= =?us-ascii?Q?wB4MgIr/pz3LyL6Xr3+JJt4bOyNOFcleLj4ZAVuBPds639VchZrdupTrOH8A?= =?us-ascii?Q?/yP95hHaMZDd3vRrk0QnxR1W0fOOgPY+6cffU1IyIgiwRuzg41JrhfnVxCsY?= =?us-ascii?Q?26Zn75vBxWZs1o6zHcxYxFnX3hlaIAMYMOgDgTSgDE5ma0F1UMtyBhBwHZd8?= =?us-ascii?Q?7UuNZCc8RVBMHpszscLTafWgW3rH03cJXRDvAANQaSKIPFVNpGuf61ZHen3R?= =?us-ascii?Q?c2I7829xf9D0NQQpBHte6bzoUovPjKimEzzPlWC+M++DCkSFpLSXzv6YXxCn?= =?us-ascii?Q?wr9KIHr5uTPr7RWQCvkz99H0H5oGGYPtHDvvO9X/e0+DMdAotQlk+G3PjT+B?= =?us-ascii?Q?OkNI5wl03i1Hjin2QEgDHpM51GwXlKd0aHXNxsngiqJzbfGOtuyou/G01KWE?= =?us-ascii?Q?bJr6ulaXRbep7YTsCyvBqxpKxL+R3K/rcAGtPHOuiv3RtXsvBQyeNl0wZTSP?= =?us-ascii?Q?GRkPD+R7Rcps2ob/3SYwl/no5NTu23lweWO+st36hHIfwuCt+5U5KDk9OezK?= =?us-ascii?Q?Lw9jTWudjxOth5Hr9Xp9uUEFkVtq2jR/IDTn7J1vX+JiImH2GNDZlh31PGmF?= =?us-ascii?Q?8W6RAvcqcCxw92D5GlqglHP/0FCpzGwI4i8uITvZGqGE1Tw05KFjUslSDXzh?= =?us-ascii?Q?tYnheI2nBD+o14/9UZeZbVRKLORzeObeBYGy3kgvslG1Qo+x/L4z+PGv2AUy?= =?us-ascii?Q?vypXrSMf8BW0kL1pXrf0FDjp7w0/tyg5cFxTp5WRy3qmgV72z+SZadz1kOuF?= =?us-ascii?Q?V6n/MWo0Ox5zii61PIZ/emMFvmQvq5JuV7N2195D4WBcA3pTrFEoEhPjR8F9?= =?us-ascii?Q?pesPTE03SuCZgmX6Mfat/MhgBHXTy7GtmLL+X1rCe3HQSuxwsR3aERXpZY9U?= =?us-ascii?Q?vRo9p2aK/Cnsuz12i1nJ+QVt2ZUqPA2zf/AXJiwGmqJYE+jkdaTuPLjlkq5q?= =?us-ascii?Q?qcsLZQ0kl4Pz6miIXi3SfZdGbK3pniIFtYjlvXTtcnLCM/rJGEeVXlA9roF5?= =?us-ascii?Q?rfpZCIVfGKp+5UVOab+Xs7oIw5VGNKNbC/XQJgPTBUE1mjuxjJOXzp4pAtLV?= =?us-ascii?Q?b8k=3D?= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?UgAhqnxNYkHQvCYYgYnqM6z82KFiFBCs9k5F27/+7/z6ILvdADGutYQ+uJJK?= =?us-ascii?Q?9zAMdm0w1LdPkH76Y3wUT/BBNkKr8acDMpD0phnqJSxrG1Qvm0kI06/bnWq5?= =?us-ascii?Q?ILUjBjp2GpvsoE6vBSjeLU4oQlEuoJwPUpNmKHOykv1LoR3EuNcdjvHBLzZ+?= =?us-ascii?Q?0TM1/86JzSNNnwnDDg1fvMTfjHuM1GGW851f8qB7VgQPZrxYpOv5riEds/9e?= =?us-ascii?Q?guSFvePGKsI9LGc1t81uP/144P4I5Y4VcRpdrpAtHJLbJ3rnUSnc/MlthctY?= =?us-ascii?Q?lmN++WVUWywCH4AE2AoGyvPhc6iXesAUhbXQnaqjcDNRVO641vZzsfru2OHS?= =?us-ascii?Q?6f66fJas1IRBhuq++jBcJtIFo0IYvjyhdDhoC0ODDMZ5yCK54BrOY0pf11cS?= =?us-ascii?Q?R4+V4YoKFrSdKEp+/phCWV7DuENrZXyzneFv15bNHchaUrQ8jkJDaESIFzFM?= =?us-ascii?Q?wgocHjumgu5P8Z8OWO29pQkrOW2LtrtpaajDyabSzJ8u8pqimg2tDlHEPMR5?= =?us-ascii?Q?MSQIDCi203WYG63OPzMRemKXtzrnuAeC8FNd7p9VCZHioKPGlBzfgj0/S+qI?= =?us-ascii?Q?3vVtLtvjV+YUpn6TJLwwF4XW687dpRBHefJsLi/ggnVlrfZQeyL5RGl5GFP3?= =?us-ascii?Q?sKOIzf8l8hWqyxk+DhxvntaIFd9hsfNk6pVTNJxMof7POedvP5JQ/bFPDnFf?= =?us-ascii?Q?S8LBD4tc82XQ8i7fro1bSjCsaJT768Q3ppFTCn1xncyoJX8NgH6IMXEA0fXe?= =?us-ascii?Q?B7hfTMPl0QiEgJvb1DAwrEipED2wNaXNVx2gWGZoZLk2CmmjQ89+h0yFBpgY?= =?us-ascii?Q?4/5YhoxTYUBQt2udry+ES7U2L7SPquQJo72S5KX82S5ou/1PJ9KQkl1jdSjH?= =?us-ascii?Q?Cxgr5dP6XGQyIPQzqobcX3FofFX3jPl6Tn8I4w7xWV4wvWHAQXY/nDXQBQE9?= =?us-ascii?Q?XGI8cUqXC1e/a2wPXl8mV0RwpVZvTNjJWG4oUrq7TiYoj0QkcWilHAa7peyH?= =?us-ascii?Q?GZUdoZNCJopSEngI2HBITtyBCUB4FscjSq0jNR104W+zyDA5wpbfPh3v8HFS?= =?us-ascii?Q?r+GMRlc5t9YUoSkxi58n+TgiPFWBLOW89kNP7r1O+G4Wi4M+y0zj6xXSZqpx?= =?us-ascii?Q?28yxNCc2U6nOop24Q8SZRDGATvjst16HVxVuFVM75YcoAFkkNBeHn7vd//o1?= =?us-ascii?Q?s9NvQLes4h8d9JJ5fT91M8NG22TXjXC4zj4O6JcikK7XFFthvyfKBPCnDiif?= =?us-ascii?Q?SWSVvHq+HFy4iJcyr2G3pbOta1miFX7mHXoNncwpX71L4m1SJq90yMVJqhU1?= =?us-ascii?Q?/NCYaQ3a1WM0MtPk/lQl/yFdNNe8qjm8/GRvGheNY9+Z4rTAy0ZAiGmGTlL8?= =?us-ascii?Q?2rmdAiVR+O5WcziNsmIdTM0T9bV0lz/xL+OuVun6vn3PinRx9aD1CQ0c9+IN?= =?us-ascii?Q?Ki4N2Obu4vFIVoY5EOo+9YQgGZwEOmcnSYK02aBS83S/wbTdNRPfkUEw4THP?= =?us-ascii?Q?DPk1/ItdDEd5NfFvy65xvDSTsofYbTxp/nwOrCxacGCQgjRGsc4qIuG3YA?= =?us-ascii?Q?=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4e87272c-c711-4735-d628-08dc7002b2fc X-MS-Exchange-CrossTenant-originalarrivaltime: 09 May 2024 08:33:27.4850 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: +QidT/v8p5Lf6QXahnNTcK2rd1ChP+AC/HvWfmpgapPWcGmkysOFmkVHW71h+RhRg8+hLZuKovLjWb1AoJUsdg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR11MB7257 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Thu, 09 May 2024 01:33:37 -0700 Resent-From: yi1.li@intel.com Reply-To: devel@edk2.groups.io,yi1.li@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: ksTkYdVg9SNcPJS0pMxODb9Fx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=pj02cLcg; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io This patch set was submitted before soft freeze and will not affect other e= xisted codes, I am OK to merge it. Hi Liming, Do you have any comments? I will merge it if no objections. Thanks, Yi -----Original Message----- From: Hou, Wenxing =20 Sent: Thursday, May 9, 2024 4:29 PM To: Li, Yi1 ; devel@edk2.groups.io Cc: Yao, Jiewen ; gaoliming Subject: RE: [PATCH v3 00/11] Add more crypt APIs based on Mbedtls Hi, Thanks for your feedback. The new PR is: https://github.com/tianocore/edk2/pull/5645 Could Li Yi help me merge the PR? Thanks, Wenxing -----Original Message----- From: Li, Yi1 =20 Sent: Thursday, May 9, 2024 2:54 PM To: Hou, Wenxing ; devel@edk2.groups.io Cc: Yao, Jiewen Subject: RE: [PATCH v3 00/11] Add more crypt APIs based on Mbedtls For this patch set: Looks good to me. Reviewed-by: Yi Li -----Original Message----- From: Hou, Wenxing =20 Sent: Thursday, May 9, 2024 2:27 PM To: devel@edk2.groups.io Cc: Yao, Jiewen ; Li, Yi1 Subject: [PATCH v3 00/11] Add more crypt APIs based on Mbedtls REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Add AeadAesGcm/Pem(only RSA)/X509(only RSA)/More RSA/PKCS5/pKCS7/Authentico= de/Timestamp implementation based on Mbedtls. The patch has passed the EDKII CI check: https://github.com/tianocore/edk2/pull/5552 And the patch has passed unit_test in EDKII and integration test for platfo= rm. And the patch hass passed the fuzz test: https://github.com/tianocore/edk2-staging/commit/4f19398053c92e4f7791d468a1= 84530b6ab89128 v2 changes: - Fix format variable name/hardcode number issue; - Fix Pkcs7 memory leak; v3 changes: - Fix some issues form reviewer; - Add SHA3/SM3 implementation; - Update *.inf files; Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou Wenxing Hou (11): CryptoPkg: Add AeadAesGcm based on Mbedtls CryptoPkg: Add rand function for BaseCryptLibMbedTls CryptoPkg: Add Pem APIs based on Mbedtls CryptoPkg: Add X509 functions based on Mbedtls CryptoPkg: Add Pkcs7 related functions based on Mbedtls CryptoPkg: Add Pkcs5 functions based on Mbedtls CryptoPkg: Add more RSA related functions based on Mbedtls CryptoPkg: Add AuthenticodeVerify based on Mbedtls CryptoPkg: Add ImageTimestampVerify based on Mbedtls CryptoPkg: Update *.inf in BaseCryptLibMbedTls Add SHA3/SM3 functions with openssl for Mbedtls CryptoPkg/Include/Library/BaseCryptLib.h | 4 + .../BaseCryptLibMbedTls/BaseCryptLib.inf | 47 +- .../Cipher/CryptAeadAesGcm.c | 227 ++ .../BaseCryptLibMbedTls/InternalCryptLib.h | 49 + .../BaseCryptLibMbedTls/PeiCryptLib.inf | 27 +- .../BaseCryptLibMbedTls/Pem/CryptPem.c | 138 ++ .../Pk/CryptAuthenticode.c | 214 ++ .../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 +++ .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 + .../Pk/CryptPkcs7Internal.h | 29 +- .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c | 635 ++++++ .../Pk/CryptPkcs7VerifyBase.c | 113 + .../Pk/CryptPkcs7VerifyCommon.c | 1354 ++++++++++++ .../Pk/CryptPkcs7VerifyEku.c | 689 ++++++ .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c | 352 +++ .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c | 140 ++ .../Library/BaseC= ryptLibMbedTls/Pk/CryptTs.c | 381 ++++ .../BaseCryptLibMbedTls/Pk/CryptX509.c | 1940 +++++++++++++++++ .../BaseCryptLibMbedTls/Rand/CryptRand.c | 114 + .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c | 114 + .../BaseCryptLibMbedTls/RuntimeCryptLib.inf | 26 +- .../BaseCryptLibMbedTls/SmmCryptLib.inf | 36 +- .../BaseCryptLibMbedTls/TestBaseCryptLib.inf | 39 +- CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 6 + .../Library/MbedTlsLib/MbedTlsLibFull.inf | 6 + 25 files changed, 6973 insertions(+), 85 deletions(-) create mode 100644 = CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthentic= ode.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep= .c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkd= f2.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Sign= .c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Veri= fyBase.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Veri= fyCommon.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Veri= fyEku.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSig= n.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc= .c -- 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118750): https://edk2.groups.io/g/devel/message/118750 Mute This Topic: https://groups.io/mt/105996826/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-