From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 02A7B740035 for ; Thu, 9 May 2024 06:54:37 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=m79AoGIpy4Eb+pfSlFMQxNx+uU1536euFTKTS6+jboU=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1715237676; v=1; b=xV+kRNnuXhOvopLtx8vF4IbiuNsrePRMAlg7p8X2GBiuvMqlO2cE67zmxmvA5Z1k2OKu4dy3 8+BrtsPr6iD8jQqAn0uKja5mkLGDBz1ImlULZGn4EQ32IxfNVOKMjajlCDttUU0OV7i23p8IINz el4bY7Z0AQVAkSVfilrXMSWKE5WNVjYkcXOHQYF0fih9DOD13metMCH+DIszHDAYl+Kgh0M/Ohj Y1/aFOEqMfgd4bvVK9MWAiFnvphQI+ySQ5QIaS6z1Mj+JdUjhAWWwdMX457KhoI3GVvOfUxmoiO nFE5nc0TA9lULoQmrAcB9vtJezXEthqI+y6trsGUaPYfw== X-Received: by 127.0.0.2 with SMTP id tccxYY7687511xHuOtaxK9Wt; Wed, 08 May 2024 23:54:36 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.10]) by mx.groups.io with SMTP id smtpd.web10.4311.1715237675464652461 for ; Wed, 08 May 2024 23:54:35 -0700 X-CSE-ConnectionGUID: H+3cJrC3Shusje13jfBtLw== X-CSE-MsgGUID: GUvV8fjkS6OAYUNd4IaEFQ== X-IronPort-AV: E=McAfee;i="6600,9927,11067"; a="28621098" X-IronPort-AV: E=Sophos;i="6.08,147,1712646000"; d="scan'208";a="28621098" X-Received: from orviesa009.jf.intel.com ([10.64.159.149]) by orvoesa102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 May 2024 23:54:35 -0700 X-CSE-ConnectionGUID: eJgX5/tTSeGEdGffpHv4Ow== X-CSE-MsgGUID: /WKYpXE0RX2EwxYBRudyvQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.08,147,1712646000"; d="scan'208";a="29243633" X-Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by orviesa009.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 08 May 2024 23:54:34 -0700 X-Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 8 May 2024 23:54:33 -0700 X-Received: from orsmsx612.amr.corp.intel.com (10.22.229.25) by ORSMSX612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 8 May 2024 23:54:33 -0700 X-Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx612.amr.corp.intel.com (10.22.229.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Wed, 8 May 2024 23:54:33 -0700 X-Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.169) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 8 May 2024 23:54:33 -0700 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10) by CO1PR11MB5025.namprd11.prod.outlook.com (2603:10b6:303:9e::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7544.45; Thu, 9 May 2024 06:54:27 +0000 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::301:5dbd:207b:5578]) by SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::301:5dbd:207b:5578%4]) with mapi id 15.20.7544.041; Thu, 9 May 2024 06:54:27 +0000 From: "Li, Yi" To: "Hou, Wenxing" , "devel@edk2.groups.io" CC: "Yao, Jiewen" Subject: Re: [edk2-devel] [PATCH v3 00/11] Add more crypt APIs based on Mbedtls Thread-Topic: [PATCH v3 00/11] Add more crypt APIs based on Mbedtls Thread-Index: AQHaodnrXfmkckXYd0CSXhplPh6bMrGOd5vA Date: Thu, 9 May 2024 06:54:27 +0000 Message-ID: References: <20240509062700.2062-1-wenxing.hou@intel.com> In-Reply-To: <20240509062700.2062-1-wenxing.hou@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|CO1PR11MB5025:EE_ x-ms-office365-filtering-correlation-id: 40fac55a-6775-4ff9-8ecc-08dc6ff4de8a x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: =?us-ascii?Q?U3EWOQ7Ffdr25Ph8dAPff4+A2UlL143aDfLVC5VcNr876CD6C1FAyQ714KrN?= =?us-ascii?Q?75YR71bL8TPotJ9Jj6dyHKV/ZO7JELrF2QLGBk/caStNsVij8l7DGXAjzAfS?= =?us-ascii?Q?fXVLzi95SWqQhg3Wu9173sDuP0Brh+VEPew+Rf8Jmhj1CMZt0dyYXsvUKcy8?= =?us-ascii?Q?S1ulogm97VDqVc6DpV9aNkHEPThNrHrciWoxlLkZ0EHmRXH8bdzgcIa9dxmx?= =?us-ascii?Q?RLmS/oEyKec6OM3glIs7/UzzNvhN5dJ3SkaRInbS1afdmyBVMqzVFP4Ntl/z?= =?us-ascii?Q?q+RvuWYdc0VGBXDhGPhTNp+cl0e8e2oqJm1fv78TdqSZZlFSaQSZmz9Q0cjX?= =?us-ascii?Q?s1f1vseRgTKnmMKoXU423LlTSBPvGgJ0KpHJDUiP7bozI8F4Ou0D+O7Q1oEz?= =?us-ascii?Q?j5xqd3gUsjnexiSValK1UR/KZF9ZoBsiamVa4HyVe+//xPYuygypysPKx+xX?= =?us-ascii?Q?zV+JckUt6//AAoQbbBx4uM1dw/Y20S9SrwRFn+FldBl1T4TNKgS92fQ4TgoG?= =?us-ascii?Q?pSjHxTimMjvHmd2/u2T9llICCXyC94Uytk2khe5pzoPqyTQiFU0oVWQnqPhm?= =?us-ascii?Q?a4SiSdPq/fND8ZF/f/82ahnYc56AWGdywItelwyRS/jfAp1pDygv88U/Jie9?= =?us-ascii?Q?VAv/9FkrJ/qIWiqjNgh7/oUnKcDA7YL4iq3aJbvhKyxgx0mIBPAApn4q7EZh?= =?us-ascii?Q?uV4VLyFiSTB0d6migndEqc2I5sK5wHP9fke0MuAQ9IxxbLeOPQa9x9jF7qG2?= =?us-ascii?Q?ckMsb6cfVXfvX+gAmC4OXcfWhIMJl0jZyR3Fta9hBTDhGuCceBFysrNSag8Y?= =?us-ascii?Q?XYa1I07IJg2DhxSGiG/OVvYJ8VjfTAaYxpxdY0ddummsR4cEs/HBbdFdqKme?= =?us-ascii?Q?7vyW2YKtPHNdsN0CoLEqOvVw5rJ98rF8VspNHKq+qkuxWJj445rTsXrvJPIl?= =?us-ascii?Q?Gflu5rJC2CO3hrq+7JltmceTQ+dAoV4kZoxrMfcRv8Qs+LrHvtRzN5a1PS0r?= =?us-ascii?Q?VB++Uu+K0dvKi4p0i4Bmn1UuLAOJNPey77IuSr6gwtlULV8yBN/qkHjohaIE?= =?us-ascii?Q?wRNhTsWZgTdeMeMu7M2HRDyUFW27fhX+LkDmenLdxzJZ3l4U6DDKlrRCEFjo?= =?us-ascii?Q?G4qmvOzF7JJjCUFzLomVs2tSG8EB91d5g9wJBNipYULvPFfYv5XQ2Fb3BWQb?= =?us-ascii?Q?6GcCmE82ecH/bVDvE+1XqGxBy/p6nhcOPjjLe6oEcUcD4noYUvdjptlEIi7X?= =?us-ascii?Q?A8oZBI4Y+BX3Y9IdiI7Wsx2+fisXDB88f7g93eZ9C/SmJPCjtEkoFES0XAmt?= =?us-ascii?Q?3TA=3D?= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?maVl8fhCQZi0avFSH0r9bJGV8hmqOvuj3qNPXTHCueuDmPKZd3mdlg+eJ+qg?= =?us-ascii?Q?6QFiO5/eEEhRpW+DO9yqsDtYI1r0C0MfTMTs+c2xDPch5p90x67qfE2xgIav?= =?us-ascii?Q?oMrR5VGOMm8Uj+vwK8T80m/mLlXRFJdJ5bF7r7WL90IBCHlOdv+ivJFYGcW1?= =?us-ascii?Q?UxvgUwEwUU7bP1AomgW6JzjE4nb7bo7DSo+LVF7NTP7Y5K9326V49NW75nca?= =?us-ascii?Q?WOzWCPXKAXSVBxK7ncySbu/5+yk2XSSILIOrHrj394mAOn5a9ghQlNIou+uF?= =?us-ascii?Q?bSOLMRaU4+YSSeica5VNNXXW7Mzgrf9myZ8IzMm6TEoIgjLKDEQmxmsyXm3F?= =?us-ascii?Q?MHEIADfu8zNnuKzdDDFq+QUyqMVCUP1Ao4ZGoRDw2ic7GpBB3fhB4HLwN8sP?= =?us-ascii?Q?WyUZ+ymqn4frE3t4ITifAwzWD/ZBaUqydK3mkwcdOfMRySKktse16ETW03hr?= =?us-ascii?Q?Q7FizqUjcJfB6cqB0bMNt2EPZ+TntQEZwYmdio8EZgHN+X/DwXTeE4brBWIJ?= =?us-ascii?Q?qPoyAasmZtwpAAqklSw+fCgkeKI2SMO0xE09wvuBlhA5GJkJfpOEPrx8fgKZ?= =?us-ascii?Q?6GwaoqCAYG6zlBo/Iz1ccYAyvjWbJeT4BG5bVTb5OpGTIHOhxVF6N0JmrOA6?= =?us-ascii?Q?bSPco8fsNj3PCMpMsrc5H8M/x+fwtwBD15YoTKDdptmy+CiC4v2U7XFclbn2?= =?us-ascii?Q?4pLKhtIR/jxyQAMtUb8Ak0bsvtNj0OSNex4TKr5SWW9ycZvf03t7RkN5QHLa?= =?us-ascii?Q?80+ziWLcf+H/HjMTHxEaXgqkugTV3DScD/AgIFwN7WXaAg+oqZ7Aj7u8ScUy?= =?us-ascii?Q?HaxWTUxQXpZlIasw0t1jjgWXv1nS5qDVu15QdbXXu8Hsk4cFQMqXWj7FVGpT?= =?us-ascii?Q?K03Bifv/5jq4NrPjYNYMlrfbWw2czRRxXb22jDJ4D31WIUFDibLFJYyJsHrp?= =?us-ascii?Q?qD7fHJi3BPDAeEt7ynxU8T9ifDagxP73i/LcGhA2GMkAxkSho3DmA+vIjHku?= =?us-ascii?Q?S76MtgCwWZpVuryFU+VoULZravo3xQ5jv9eunSAN4+X6hZ34PRW5bTQ+THGv?= =?us-ascii?Q?h6wl1fZMYkGuftOMtS8V9ALUz/MvMAGTpXGrSwxxvPZZXCKmEFYHNXNpvNRo?= =?us-ascii?Q?GtU+fl/NUMjyZdQvIAeTV/VVUihsemFfGyJ2oMxjhdMbDAE+VSF24MYV37PQ?= =?us-ascii?Q?3/xnlF4WSKuvdiaeD9mf/uoT5xAUMuas60K4Xmlfw22nHbAh0aC+QUNEJ0vM?= =?us-ascii?Q?3JkMnVdVP6K3UVbDvqkRDBQVjqJ7iHfdCwNnZ7CiMaNBVeLr6+CGruTR1HYJ?= =?us-ascii?Q?qkGawLsEUVtjHa+O1qMZWXii197Edj3Jn8vR4QzU2r8JpZtJg81avegYk1cN?= =?us-ascii?Q?MSVzOP1XQ479N1TGe81kge/6bvd9uurGixDmz/g5UP6WL3o0+H9a13nzoFxW?= =?us-ascii?Q?bLi4zRXmEQktu/5aJbHEGrCvhG05Il2gqY3Bh0ihcyL/tFEJZ2gA3XSWS95x?= =?us-ascii?Q?nuu4VtGeUxxi4HgDJlxytcB8/86996CUJCzJdfVr7B8nPjZ5HSGVpl44Ig?= =?us-ascii?Q?=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 40fac55a-6775-4ff9-8ecc-08dc6ff4de8a X-MS-Exchange-CrossTenant-originalarrivaltime: 09 May 2024 06:54:27.5869 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: G8cXxChzDKDit2ixObme3m7oagyveBf57PrY6lDINuwV2BqCapwDD0RlFD9lIalg5Xsmf8h4PiH3Ky7L1WmGJw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR11MB5025 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 08 May 2024 23:54:35 -0700 Resent-From: yi1.li@intel.com Reply-To: devel@edk2.groups.io,yi1.li@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 2AAKBxVRa45xWzu8zCY18Aegx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=xV+kRNnu; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io For this patch set: Looks good to me. Reviewed-by: Yi Li -----Original Message----- From: Hou, Wenxing =20 Sent: Thursday, May 9, 2024 2:27 PM To: devel@edk2.groups.io Cc: Yao, Jiewen ; Li, Yi1 Subject: [PATCH v3 00/11] Add more crypt APIs based on Mbedtls REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Add AeadAesGcm/Pem(only RSA)/X509(only RSA)/More RSA/PKCS5/pKCS7/Authentico= de/Timestamp implementation based on Mbedtls. The patch has passed the EDKII CI check: https://github.com/tianocore/edk2/pull/5552 And the patch has passed unit_test in EDKII and integration test for platfo= rm. And the patch hass passed the fuzz test: https://github.com/tianocore/edk2-staging/commit/4f19398053c92e4f7791d468a1= 84530b6ab89128 v2 changes: - Fix format variable name/hardcode number issue; - Fix Pkcs7 memory leak; v3 changes: - Fix some issues form reviewer; - Add SHA3/SM3 implementation; - Update *.inf files; Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou Wenxing Hou (11): CryptoPkg: Add AeadAesGcm based on Mbedtls CryptoPkg: Add rand function for BaseCryptLibMbedTls CryptoPkg: Add Pem APIs based on Mbedtls CryptoPkg: Add X509 functions based on Mbedtls CryptoPkg: Add Pkcs7 related functions based on Mbedtls CryptoPkg: Add Pkcs5 functions based on Mbedtls CryptoPkg: Add more RSA related functions based on Mbedtls CryptoPkg: Add AuthenticodeVerify based on Mbedtls CryptoPkg: Add ImageTimestampVerify based on Mbedtls CryptoPkg: Update *.inf in BaseCryptLibMbedTls Add SHA3/SM3 functions with openssl for Mbedtls CryptoPkg/Include/Library/BaseCryptLib.h | 4 + .../BaseCryptLibMbedTls/BaseCryptLib.inf | 47 +- .../Cipher/CryptAeadAesGcm.c | 227 ++ .../BaseCryptLibMbedTls/InternalCryptLib.h | 49 + .../BaseCryptLibMbedTls/PeiCryptLib.inf | 27 +- .../BaseCryptLibMbedTls/Pem/CryptPem.c | 138 ++ .../Pk/CryptAuthenticode.c | 214 ++ .../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 +++ .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 + .../Pk/CryptPkcs7Internal.h | 29 +- .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c | 635 ++++++ .../Pk/CryptPkcs7VerifyBase.c | 113 + .../Pk/CryptPkcs7VerifyCommon.c | 1354 ++++++++++++ .../Pk/CryptPkcs7VerifyEku.c | 689 ++++++ .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c | 352 +++ .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c | 140 ++ .../Library/BaseC= ryptLibMbedTls/Pk/CryptTs.c | 381 ++++ .../BaseCryptLibMbedTls/Pk/CryptX509.c | 1940 +++++++++++++++++ .../BaseCryptLibMbedTls/Rand/CryptRand.c | 114 + .../BaseCryptLibMbedTls/Rand/CryptRandTsc.c | 114 + .../BaseCryptLibMbedTls/RuntimeCryptLib.inf | 26 +- .../BaseCryptLibMbedTls/SmmCryptLib.inf | 36 +- .../BaseCryptLibMbedTls/TestBaseCryptLib.inf | 39 +- CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 6 + .../Library/MbedTlsLib/MbedTlsLibFull.inf | 6 + 25 files changed, 6973 insertions(+), 85 deletions(-) create mode 100644 = CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcm.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPem.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthentic= ode.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep= .c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkd= f2.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Sign= .c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Veri= fyBase.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Veri= fyCommon.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Veri= fyEku.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSig= n.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTs.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandTsc= .c -- 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118743): https://edk2.groups.io/g/devel/message/118743 Mute This Topic: https://groups.io/mt/105996826/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-