From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 6CC25AC0DE0 for ; Thu, 16 May 2024 09:33:23 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=MLP4mtZYI+L30WEffXfX0YXWVk/+lYhp7tElpP0LNjg=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1715852001; v=1; b=2JMO2MhUBhV+7LcO4pNa/c92WxpxfFbCo23WIQAnlr0g4zHBoUL7tcfVaVsJtvlDeMyd857K 8LVNZEfecR79rMf6pc8Khj7nPm4QANvjDTGgf1Ze5kA7+QuEk9ajv8fKyirf4s03ObRzefp8t4H gE7R+BZ8ZFU3kIEQwX3hUmIAIwgk4I0eNRjZxwLYgeUmVdbQzeDMSKP3n3gc36ZboaWWhNpH5Rg k0o8GC0XvqXR7m3d1zgBToJjf4s5w5rdVIHA4DESRM8QqFnn1SCb3sHx1cl8fi9LaAuGgCuCnbD 9wY/bcnwgEK+MjfIR7ZI37k4LDmUQpkqB4QsLQds/5DIQ== X-Received: by 127.0.0.2 with SMTP id ganuYY7687511xsY8J9LapvA; Thu, 16 May 2024 02:33:21 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9]) by mx.groups.io with SMTP id smtpd.web11.9304.1715852001048299240 for ; Thu, 16 May 2024 02:33:21 -0700 X-CSE-ConnectionGUID: 0iDKp8SlQsiW0VCT4v3jyw== X-CSE-MsgGUID: zkAex5f1T22qPYix26FMhA== X-IronPort-AV: E=McAfee;i="6600,9927,11074"; a="22623393" X-IronPort-AV: E=Sophos;i="6.08,164,1712646000"; d="scan'208";a="22623393" X-Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 May 2024 02:33:13 -0700 X-CSE-ConnectionGUID: P8vI/oq/TAWDMu7xCD0CnQ== X-CSE-MsgGUID: vEioM2cdQwmj+yI9Jgqc2g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.08,164,1712646000"; d="scan'208";a="35924687" X-Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by fmviesa004.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 16 May 2024 02:33:12 -0700 X-Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 16 May 2024 02:33:12 -0700 X-Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39 via Frontend Transport; Thu, 16 May 2024 02:33:12 -0700 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.169) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Thu, 16 May 2024 02:33:11 -0700 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10) by MN2PR11MB4552.namprd11.prod.outlook.com (2603:10b6:208:263::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7587.29; Thu, 16 May 2024 09:33:09 +0000 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::c4da:83f1:f7be:e307]) by SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::c4da:83f1:f7be:e307%4]) with mapi id 15.20.7587.028; Thu, 16 May 2024 09:33:09 +0000 From: "Li, Yi" To: "devel@edk2.groups.io" , "Shang, Qingyu" CC: "Yao, Jiewen" Subject: Re: [edk2-devel] [PATCH V3 1/1] CryptoPkg: Remove deprecated code related to SHA-1 Thread-Topic: [edk2-devel] [PATCH V3 1/1] CryptoPkg: Remove deprecated code related to SHA-1 Thread-Index: AQHap2PG1Zh6cpxLhkmtKfA2a2vMnbGZmVNA Date: Thu, 16 May 2024 09:33:09 +0000 Message-ID: References: In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|MN2PR11MB4552:EE_ x-ms-office365-filtering-correlation-id: ca6e47f8-f93b-463b-4ed9-08dc758b3300 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: =?us-ascii?Q?zloeEWk1LvMTx8Scy34hpetdIVDoHCAkh1aaMbm0o0vd0YwoGmNF7g8NoM8+?= =?us-ascii?Q?3UIQDvCkVB29a09aYofMXniyh671hJ0ZRXyrdPmf3G8H8qvHRyFDh9pZDCLi?= =?us-ascii?Q?j97Y3drg822Y0Lk6aMDaoRRXG0xxKifpLWymOBVuZy7pe1mm+vu0DdzV33RS?= =?us-ascii?Q?j89J2UvuxhDYWHQPt7dVsQUDaom/9wpMAP4T8/0AgRgwXVIIwLdoqah8GjIE?= =?us-ascii?Q?vMgYiZiPkFvllXZL0j1Z6vdLqLb2fNQeFjScJpFZ9wfbiEhgXdbHfMxk8Y5v?= =?us-ascii?Q?POo4wENA4D7Qn6om7HomEeZsv5BX9I8narYYgo/1ftdQB1bbDMMMpvkgYd7V?= =?us-ascii?Q?gvdDG3Xop1EgDU/agHmvS44w4qaNxxivS7IbRABnfa8xTxhpkoNPYYdVrFuu?= =?us-ascii?Q?cfSzIW89jAQskzCTZml6FXNA3JW8BBTELSZwn41JpZ3iaJPAR9J11g0MSaaB?= =?us-ascii?Q?TDWwXv8qHDovWTmMhH8z+9NVp2d0zxzVTKsRe7cRGSclrH3C8q/UT6xs00IL?= =?us-ascii?Q?tNHlFULHDyjEj1GgGO0WPzbSq82iXZggt+rMXPcwkYdPJe1wjWvVu98GZpwp?= =?us-ascii?Q?iE1xnvMarZhr8Gt0nywP+6OvziYnBVgGRoz/Jhg7g8eHOZbBGXZu6tVcqjZy?= =?us-ascii?Q?c8PO7K1vwLlsxi7N4fepyqrYLbx6pmdwI+f6c9munGFHLh1ZG4kf/KYT2LTb?= =?us-ascii?Q?Ni6g7yYcn0CoQG3whNgfUGzzT67p9Q2tDi2v8jRhojLNn/uUnlLljgz4rc2B?= =?us-ascii?Q?QjWv9uz2fWe9mCTZ3lGNOiXidDbUncBAif2qHixZD/ogK7q1Q8xy4WSCuQ+a?= =?us-ascii?Q?nY8aAmeWa5P7BUbr1aoUr7XN3H85k5smafbWoAs/w9j3XAmXL+QX2DvNCz/q?= =?us-ascii?Q?sgkobyy4/waqPNEUE0k68QDZt3O/yLkKqIt/I2D27itHRiHgeAaDopdlH0Lw?= =?us-ascii?Q?z8jis6lJVqRVOlNALsZrH7FBEyrRae9Jmnhf6tskrPGWxTBIXsOWTF33d3ZV?= =?us-ascii?Q?aWnj3iwYYgsPfKMK83mZEL68Tx3bcWC9tC5cZUpyJJqv1jZEIzAmfhEv96w9?= =?us-ascii?Q?1ZPI2OQwRN5/OarF/6Ld44Mg6pksFJyd0fdaKZllmkSdANDKIc311QLpmhtp?= =?us-ascii?Q?d/77A9n+heHozVntZoda2nApoJvU8MKo54t9rrLXszfnauGpmLtocVAjB32R?= =?us-ascii?Q?Lm1jsaSldzRnsYVg+lVCNbpMJg/xZhhjwKQ07hVi1wQGiKJLha6DaL8mC1nz?= =?us-ascii?Q?W+OyW/i3rOEPmDooj8phs46R6uSCFdbKtjH9F3PXwfxMpLdAOFeKTriSr1tn?= =?us-ascii?Q?ek0=3D?= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?sohiVFDtgncOI8QGkSYejklOoXwWvwOtr979HOzVkJVeLU2ZBd5F9/8oD8kz?= =?us-ascii?Q?9gn0Mc2K4euTaImH9/fxFvcF5beDwkjdNIAAnN58VAPDbLtPoolyWCUiMyEY?= =?us-ascii?Q?4KPzi/mEsQmeQ7h5OdcDPKlESdygnULVCnvxEUINsDJoBgCCDpjJBh67s5XS?= =?us-ascii?Q?R7Fw6Nzsl6J+WKuahFwDoueEmSidVoWZY1/18prbc/JX8MGANYSr+lHFEJT9?= =?us-ascii?Q?ongdUxZA96ilC9dQhhLRawqRMWstMkL58ITXy9XgHpbypr3tkXY3KtP2dJjc?= =?us-ascii?Q?02lM4SGabIOWRpsY9eEPMQQ5HjMGTp858/9X6KZ6DU20Bh5MsYVNfp8ZNg0o?= =?us-ascii?Q?7U78mGBd3AvF7BocsmWPCmWa6GE+AEZh3VFove9rYGW2Ash4YoA999YNXNRi?= =?us-ascii?Q?ZaPpRz84O5zwxEKzUAbzhVs2DTeSdj8Xs0ucKWqTZcjMoRI9qVycTfDmuA6t?= =?us-ascii?Q?p5wW/zzWrp8D9nw+N90bNIr0qjR3MKCXFRTfS/h+EWxvpiDn0nbIIp7M7uWC?= =?us-ascii?Q?/VjqVqV6yonz++l+sYtON+L99CQRdusMr+Q/fnOEnInRSA9SoPHF8vrGpZqY?= =?us-ascii?Q?Z2yEkJFuQTqqWAsa3VgBJuyaBwUEWQGpI/zaG3ohA8Yjh5HPHtcOujAIkVuO?= =?us-ascii?Q?xnEWrfMQSbjqf+qGDmkbDl77pxSaNhH95EVjresV9UqDYx8XslBBuuT3SgFL?= =?us-ascii?Q?YNvefZ8ICaO6lizksS4Eq9F30CinIX+SrXig3NXppAwZ6cC1scTrJRRvs2Wr?= =?us-ascii?Q?wZ4DoRg2wZB8sUGw5zi2jkqsZLririwypaA7bZn82+2moH2BzdRdGXO0Hw3s?= =?us-ascii?Q?nV3VzuJbCz+iuLr5hMs2NOYSuNKp60VDszZwse1VrzxHqJ+8y8NWvrU3DtGL?= =?us-ascii?Q?kdKS9wCue5WgysBDCD6jSZF6N4SmO6UU6Vvz/ftv0H65tHAzH8hyjo2+whg8?= =?us-ascii?Q?miXeYxvxmd1SnBBSkC6vSvTfnOwNgAI0jqReQF3gEEC8f+yyiKrYQGIFhheR?= =?us-ascii?Q?1QtuzEwC64dg9fU7t3iU4OcimDH3rJ5jUNws8SL+wyxRS+mFo+3FZBeA5cs+?= =?us-ascii?Q?4aXpCoxUV6iJHJpP3+Lc4AbhK3v7XLsslNUtISl2sAWaiLGi92V+JkB7PB0/?= =?us-ascii?Q?ludaPttaLPLdIVc/nCkZWCnccDjV87c+4Y+UeW29gkPS4YesHpy8M635E/R2?= =?us-ascii?Q?rrJakGL/SeMimG/KLG1ZUmFNnfM9sAwnhyCov1/C9MSik/VNvEXB1qg8RJgr?= =?us-ascii?Q?+pPBpyxTWpaUR7/UmJ/P5SMapM4dG6iTUYhotQwtGQdAWFwtg7eHkKRWTiCx?= =?us-ascii?Q?0/ruhnVpQRb4oej4GS8ROpk+/DuxvC3PSREuQL1RLhkcnB2Yk1Lhmixhb2g3?= =?us-ascii?Q?HqflTlLglrLOvGAGW2pKL0FVhioxSe6lUXD98ROl1Mp5IDG/qXkdTjRP0RWj?= =?us-ascii?Q?tui20DuMi3ouOC5bsoIukEBZt6HNLycnx2ifi8P6W1bb7tzWPCrCGrvYJ6PR?= =?us-ascii?Q?cdrfjz3IAUBczA1wl46iaHOgB3dROaLaKx4+Cv0hE8tj0bvL0pWchvX54I9J?= =?us-ascii?Q?Bb1VqT8K25VykHJQhBE=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: ca6e47f8-f93b-463b-4ed9-08dc758b3300 X-MS-Exchange-CrossTenant-originalarrivaltime: 16 May 2024 09:33:09.5825 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: OB/0vctTBVnBP1j5Xe5bYTaBi6oXkc4iRrY6A5TIi69cAPYnsA1Wzr+Dn/9Kw5viHvlYOn+h7Ca4+SJjvhuPbQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4552 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Thu, 16 May 2024 02:33:21 -0700 Resent-From: yi1.li@intel.com Reply-To: devel@edk2.groups.io,yi1.li@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 4FqxKjOoSwr87oWQVaQ8Cebnx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=2JMO2MhU; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io Looks good to me. Reviewed-by: Yi Li We are in Hard Freeze phase, will push it after freeze. Thanks. -----Original Message----- From: devel@edk2.groups.io On Behalf Of Qingyu Sent: Thursday, May 16, 2024 3:35 PM To: devel@edk2.groups.io Cc: Yao, Jiewen ; Li, Yi1 Subject: [edk2-devel] [PATCH V3 1/1] CryptoPkg: Remove deprecated code rela= ted to SHA-1 REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4698 The default drbg type of randlib has been switched to aes_256_ctr in openss= l1.1.1, so sha1 is not really used in RandomSeed(). Remove related code whi= ch do SHA-1 support checking in CryptRand.c and CryptRandTsc.c to avoid pot= ential compatibility errors. Signed-off-by: Shang Qingyu Cc: Jiewen Yao Cc: Yi Li --- CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c | 8 -------- CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c | 8 -------- 2 files changed, 16 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c b/CryptoPkg/Li= brary/BaseCryptLib/Rand/CryptRand.c index 9e2fcefe084e..51c7435898c7 100644 --- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c @@ -42,14 +42,6 @@ RandomSeed ( return FALSE; } =20 - // - // The software PRNG implementation built in OpenSSL depends on message = digest algorithm. - // Make sure SHA-1 digest algorithm is available here. - // - if (EVP_add_digest (EVP_sha1 ()) =3D=3D 0) { - return FALSE; - } - // // Seed the pseudorandom number generator with user-supplied value. // NOTE: A cryptographic PRNG must be seeded with unpredictable data. diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c b/CryptoPkg= /Library/BaseCryptLib/Rand/CryptRandTsc.c index 30454bf10f9b..b94c16de562d 100644 --- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c @@ -40,14 +40,6 @@ RandomSeed ( return FALSE; } =20 - // - // The software PRNG implementation built in OpenSSL depends on message = digest algorithm. - // Make sure SHA-1 digest algorithm is available here. - // - if (EVP_add_digest (EVP_sha1 ()) =3D=3D 0) { - return FALSE; - } - // // Seed the pseudorandom number generator with user-supplied value. // NOTE: A cryptographic PRNG must be seeded with unpredictable data. -- 2.44.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118954): https://edk2.groups.io/g/devel/message/118954 Mute This Topic: https://groups.io/mt/106130347/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-