From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 2E5BE740046 for ; Tue, 18 Jul 2023 06:03:12 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=s9+xWI/e0OQPiadRDHtVAdvY8DR6WxzgZL+QgLa1eoA=; c=relaxed/simple; d=groups.io; h=X-Received:X-Received:X-IronPort-AV:X-IronPort-AV:X-Received:X-ExtLoop1:X-IronPort-AV:X-IronPort-AV:X-Received:X-Received:X-Received:X-Received:ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:X-Received:X-Received:From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator:x-ms-publictraffictype:x-ms-traffictypediagnostic:x-ms-office365-filtering-correlation-id:x-ms-exchange-senderadcheck:x-ms-exchange-antispam-relay:x-microsoft-antispam-message-info:x-ms-exchange-antispam-messagedata-chunkcount:x-ms-exchange-antispam-messagedata-0:MIME-Version:X-MS-Exchange-CrossTenant-AuthAs:X-MS-Exchange-CrossTenant-AuthSource:X-MS-Exchange-CrossTenant-Network-Message-Id:X-MS-Exchange-CrossTenant-originalarrivaltime:X-MS-Exchange-CrossTenant-fromentityheader:X-MS-Exchange-CrossTenant-id:X-MS-Exchange-CrossTenant-mailboxtype:X-MS-Exchange-CrossTenant-userprincipalname:X-MS-Exchange-Transport-CrossTenantHeaders Stamped:X-OriginatorOrg:Precedence:List-Unsubscribe:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:X-Gm-Message-State:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1689660190; v=1; b=rjeLUgSyqVuNiRK6HJhnNFkyO4WE75MeyZw+gBkAmdGkQflU0s7pe/9yedtZy2y6j+S1UiOx 5pNzKmFirBAhRz/VqT630fGe0D9haHRroh2TmPOeLUFszlIa/w+dqcjv8l8B3pdWUC6JU04Inrx sPw0J1zEtsfzURbBIlc9si+w= X-Received: by 127.0.0.2 with SMTP id aIKzYY7687511x4sHuWkICps; Mon, 17 Jul 2023 23:03:10 -0700 X-Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web11.1860.1689660189834224290 for ; Mon, 17 Jul 2023 23:03:10 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10774"; a="356060075" X-IronPort-AV: E=Sophos;i="6.01,213,1684825200"; d="scan'208";a="356060075" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Jul 2023 23:03:08 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10774"; a="793512978" X-IronPort-AV: E=Sophos;i="6.01,213,1684825200"; d="scan'208";a="793512978" X-Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by fmsmga004.fm.intel.com with ESMTP; 17 Jul 2023 23:03:08 -0700 X-Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 17 Jul 2023 23:03:07 -0700 X-Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27 via Frontend Transport; Mon, 17 Jul 2023 23:03:07 -0700 X-Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.169) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.27; Mon, 17 Jul 2023 23:03:07 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=L5eYAn8ypSKyS9gk+QMtxlrzsGw1KIOVL/r5b8SDtCHru4UdRyfUBslG2+6g/FbVOpRBNOZw6HVqpsNFF6j2wzNJYuRdmJb7dFRZ2gf4R2NzfSNXgm2NU1M4T3V1Qa/vtCAq0VQCP3rpeFDoLaBPlAG+dmmNLeKLHvz6/OAYI0Ms55p70C2bcPnXpuA42Efor6GU9wpi3x5kgQ+jdNyCUFsazxo4LpM5R+WFciA5RfsVRgaXKr9H2MetO6SuwuHs3cH2u9wUH4F0/e8aAwG5kACwrZQ5KD1rYWIe+JaBOdyxUMMMajqaHr0Z5IJZcptmc1BXchbrGcO8jPBN0Y3/nQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=SMUJLSbI8Mf1Bw1K5nGcOJK5U3B49os7JkIKv8OmcNU=; b=KpmBv9Ims9hndWQEgw/Nr0FSf1mauE+LuOK1WsAzXBg3wbUE0ovcnFneLF9WZGx1OeA4iIF8gZXNVjkRp0sW8b0kLqO1gvuBRTKpHfpHlbCHw9dhI5lqQ0oFWUmqxx3KXCi5I1NN2r3W+mlGmcGf50atx8gU5KlKHmda+aLb2hzNMmAsg2QzWB9AhmPSRzugduJ8IUL21RekyBOQHxvUKpJ1/kPXbHvJX5Lpt8wrC2UGa+ebXs8fwNUeFvmp07ZZkEEo47iYh4WAJAEIcAOa7x4a2RGy6qRLyPZXDuQSB94YKpdH67rBfFYp56NGbFACyYhjBT4tMewPEEM3XxESiw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10) by MN0PR11MB6157.namprd11.prod.outlook.com (2603:10b6:208:3cb::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6588.31; Tue, 18 Jul 2023 06:03:03 +0000 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::6a13:1ff7:9685:86]) by SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::6a13:1ff7:9685:86%7]) with mapi id 15.20.6588.031; Tue, 18 Jul 2023 06:03:03 +0000 From: "Li, Yi" To: levi.yun , "devel@edk2.groups.io" CC: "Yao, Jiewen" , "Lu, Xiaoyu1" , "Jiang, Guomin" , "sami.mujawar@arm.com" , "pierre.gondois@arm.com" , "nd@arm.com" Subject: Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg/BaseCryptoLib: Remove unnecessary key generation. Thread-Topic: [PATCH v1 1/1] CryptoPkg/BaseCryptoLib: Remove unnecessary key generation. Thread-Index: AQHZuJSyJAHMNvwkEU2Ot7W4eWQlN6++/3eQ Date: Tue, 18 Jul 2023 06:03:03 +0000 Message-ID: References: <20230717095401.1954867-1-yeoreum.yun@arm.com> In-Reply-To: <20230717095401.1954867-1-yeoreum.yun@arm.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|MN0PR11MB6157:EE_ x-ms-office365-filtering-correlation-id: 5c9782d1-c309-406c-ef83-08db8754a5f3 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: bi1Pf6QYdwGecpXpmPTTNlb0/nPFGgMQJdyl4nfebOucJ7xJ5z04td4k5MLxZywS741JSZsbqxVCRWELQofCBpPQ1QHrhBUMqpHF9Y+M+p0X0xfNWGUJiGCwFhYDxuzNG6aSfFlDJ2BJ/pTcHeOrJRGMzzAQ6xuEJTvs6X3Gtm/rhJ5BGjtBBvS74Ai1B68azWKKm3ZyS8Ws3gQo0ln3eY4mAMa7qWGsulsy4ljLN/VwRueKvjfs6lSkJ2pEzvUc/LagIyADnC2QEdwrJefJqZYzou7tzDyWDHmbRCOFR+libLBS5kLhqnfNxXgNMdnoPNaKD7rehCL33Xtrm2VBgPkwUM26uTJpLrxde5xNt/T830zq90uCaQGZPwLWbjhfF1YblgmhvLuk8gkwDk5FOKUMk5ONBdVQjwb3JrQxWsWMfNO4PN9sF3fSFLU1eS8+AqjFNx3T8COVxrcRus0DANqGweRVaf8eMteySm3Y4LFBiP7e3LxQqoXsOkf1AyHFBqAEppgyavYCylCEQcLnMDuwn5VxTPNhr3yMVp7szAxH8vsZYXTezF/602Wk8mQdqXXepUdwAcZjnsO5LvY3PXBMxqrdpJ3+Bk0BoD3Ssgs= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?yBZBhrGbDni9JNKdpyuvJZXB5hqBmVNpMLa9Kn2IUZewm0sR6wueVXGa3VXe?= =?us-ascii?Q?HTbTLSjyBPOsmISra7+of2Ekie3zHj8EDGhKTl1umUykaPj+0BVHDQNUkHWL?= =?us-ascii?Q?fxcvj41GoJWS9fmp0HTzvtTAdkm4Hxce+5lahEVuPJZy6mgYr8Yb/DB4h2ZA?= =?us-ascii?Q?lsl7RMQWH2dAuLK74BOLtXiFat839gCz0JqcgT2NTbWsmh3fK+ynyJS/g0ZW?= =?us-ascii?Q?IBxQkqWN1jjjCtbzx3w6WIreUiUMGD1ewN7yTavFQdSfS8EbVEUeQVPd71jV?= =?us-ascii?Q?0rtLD3cjar9bRCje+9lRzBV5s9jsbesTKeW10WB/roR4wmNmrNISrVO+lYep?= =?us-ascii?Q?5GHlE4oUSKfMMqnQNtao50VFg73NWA2NTOoOyttYSQmd+WP2bep9mQqyVSOt?= =?us-ascii?Q?fo0Hhdu7JIhDKjBUwDAwKVBayFKycCkOo7p+cIDC0My9WAMJleorqFcZFTv/?= =?us-ascii?Q?KJdTdYIw8gTrGfLpJzlyiuEq8OrYxuQDgea3Jo8wxHdzKtW+RXmKWlgGfgPd?= =?us-ascii?Q?8vyTzH8cnTdcnMjTsaofjTxx/ivekDvzmdO+dQ/IsmkQZKINpJD8ozxEsGyf?= =?us-ascii?Q?iUzmoh1yiXZPauAWj1jvdsLsldiB5QY8cFelJuiOh8pq/SH0iidbwF9S9Gd8?= =?us-ascii?Q?GwABf9hckAvToNT/mR81HCrcRmGQLTqi/1IaqlAB04EgigoLkuIYeqcI66nJ?= =?us-ascii?Q?KrX+OqCQ7INH1iV82REdEJFQ1AwX5PRX/039n4r0nraHqdXsiB1znLfg8lrl?= =?us-ascii?Q?oEgpKj0o2XzoeQ4g/aGME5px1p/AYIu0hRpTq3W9ptOOUX8KdXNVAZ5a99zy?= =?us-ascii?Q?h5EfzepI4OkAAKSdgUTrJ+1R34wLb+piNlsZ9GwC9U8teYGxMqkOJRq+LAKT?= =?us-ascii?Q?xbXWoyZg3h+GWUOdsKXlAv4e7ULFGZgc1TpGDt+OndW9MA8SxdySvLVtb9NO?= =?us-ascii?Q?0rQXdkFMz3aDMndhAYRVB8RLigY2gBAQgsnpvL4HiW2fnqHcSVKBrieEvOzi?= =?us-ascii?Q?wV8Ag81nyaUCbnqK9wVjcOlkjOYFE7HWRlOVrz5gWBWUyOc0HBtD4+266YqO?= =?us-ascii?Q?QZmT/6sYOwwM1zVp9tmIN01/smVnLGB9hbYP8oY9STuYUdq+huykwurz+LQz?= =?us-ascii?Q?Jkk8XUwccLaDMm82atL+6dee+7Guc3DMjUJOwxRHprd7Vt8jP/oqWLXRlU/e?= =?us-ascii?Q?uTX1e7H2j3YKJ2DwLEUkrbYm3HkhJnmphTWKNqBUm/3uHsl3LHc03IeGOuic?= =?us-ascii?Q?ptC2r3PLFVWgz0bdwlGfCigRgEvS7f9Pz4z7ZJ6xHFbtqUCeboltwyzHfE/j?= =?us-ascii?Q?Q7lylaZpramorI7vYIwfBOV/e3eajjwTAAYaJPLxpo/3aQhQILfeTo0/8xHO?= =?us-ascii?Q?21JvnZ+YRGFESFhwqhGUyHnk+wIPcBNA0FagM+Xj4Qt+unIqSFYFfYGoLSI+?= =?us-ascii?Q?sAtBSDj+YS7T57UUlW6PCQA5z3EABBs10cwImUx0HLsvNVVTnu0v6cRIqtvQ?= =?us-ascii?Q?P8+U8VGcwE8IXKStgf073tkAogjjPb6r5tU3Xp7PoUs3+2jJyTNqQ7/c1mTj?= =?us-ascii?Q?JSBkFoqs2odI4w3eWO0=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5c9782d1-c309-406c-ef83-08db8754a5f3 X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Jul 2023 06:03:03.4022 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: +MwRy83O70KpgoU3KxTLq3f+G9vE7x4wg+1uFR/y/QB7iUoPQgx05cyM5nYyhBRCvC6UafUmfaeC/fr0a5l2TA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR11MB6157 X-OriginatorOrg: intel.com Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,yi1.li@intel.com X-Gm-Message-State: SRRHGCQTCkdKhJTOT3iArqy7x7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=rjeLUgSy; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}") Hi, This function has a special use case: when the input PublicKey array is NUL= L and size is 0, the function will generate EC keypair and update context, = and fill PublicKeySize with non-zero keysize to indicate success. (CryptEc.c L492) if ((PublicKey =3D=3D NULL) && (*PublicKeySize !=3D 0)) { return FALSE; } I recommend the below changes: HalfSize =3D (EC_GROUP_get_degree (Group) + 7) / 8; + if ((PublicKey !=3D NULL) && (*PublicKeySize < HalfSize * 2)) { + *PublicKeySize =3D HalfSize * 2; + return FALSE; + } // Assume RAND_seed was called if (EC_KEY_generate_key (EcKey) !=3D 1) { return FALSE; } - if (*PublicKeySize < HalfSize * 2) { + // If PublicKey is NULL and PublicKeySize is 0, return TRUE and fill Publ= icKeySize with correct Key size. + if (*PublicKeySize =3D=3D 0) { *PublicKeySize =3D HalfSize * 2; - return FALSE; + return TRUE; } Regards, Yi=20 -----Original Message----- From: levi.yun =20 Sent: Monday, July 17, 2023 5:54 PM To: devel@edk2.groups.io Cc: yeoreum.yun@arm.com; Yao, Jiewen ; Li, Yi1 ; Lu, Xiaoyu1 ; Jiang, Guomin ; sami.mujawar@arm.com; pierre.gondois@arm.com; nd@arm.com Subject: [PATCH v1 1/1] CryptoPkg/BaseCryptoLib: Remove unnecessary key gen= eration. When EcGenerateKey() is called with PublicKeySize set to zero or less than = the required size, it returns the size of the required buffer with failure. However, EcGenerateKey() generates a key and then checks if the buffer size= is insufficient. This can be optimised by moving the public key size check before generating= the key. Therefore, optimise to avoid unnecessary key generation. Signed-off-by: levi.yun --- This changes can be seen at https://github.com/LeviYeoReum/edk2/tree/levi/2= 716_not_generate_key_on_fail_size_v1 CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c b/CryptoPkg/Librar= y/BaseCryptLib/Pk/CryptEc.c index d8cc9ba0e8f968f6cbd9ac4c56018f9a4392cd0b..af67f512a22b23af3844b9bbc87= dd57bcf952f04 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c @@ -497,16 +497,16 @@ EcGenerateKey ( Group =3D EC_KEY_get0_group (EcKey); HalfSize =3D (EC_GROUP_get_degree (Group) + 7) / 8; + if (*PublicKeySize < HalfSize * 2) { + *PublicKeySize =3D HalfSize * 2; + return FALSE; + } + // Assume RAND_seed was called if (EC_KEY_generate_key (EcKey) !=3D 1) { return FALSE; } - if (*PublicKeySize < HalfSize * 2) { - *PublicKeySize =3D HalfSize * 2; - return FALSE; - } - *PublicKeySize =3D HalfSize * 2; EcPoint =3D EC_KEY_get0_public_key (EcKey); -- Guid("CE165669-3EF3-493F-B85D-6190EE5B9759") IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in = any medium. Thank you. -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#106979): https://edk2.groups.io/g/devel/message/106979 Mute This Topic: https://groups.io/mt/100191693/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-