From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pg1-f171.google.com (mail-pg1-f171.google.com [209.85.215.171]) by mx.groups.io with SMTP id smtpd.web09.9695.1634017107011756936 for ; Mon, 11 Oct 2021 22:38:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20210112 header.b=ZxYb6Lnc; spf=pass (domain: gmail.com, ip: 209.85.215.171, mailfrom: vineel.kovvuri@gmail.com) Received: by mail-pg1-f171.google.com with SMTP id s75so12855700pgs.5 for ; Mon, 11 Oct 2021 22:38:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id; bh=Dr+RymANTHm+5v1ev1mBi2OBxWipyzckJbBg+UawFko=; b=ZxYb6LncVUdXX+2n6r1FR/iC02mfgHS3Jgec2k2+64zeBZp2SrhC243qn7+LeUDfDr bKWEr5tmyxjtBqo9wQf/J+Pjp8wXfAHtZKR4HQLrRmPnbno+usW2MIrdl7axbtJNqbVZ BUMhxMNOdKKedPCcFTPUuslcSREZ/twC7XSC51WJJlbqnBS8SMCLC/t1N6C2vidxZgIB 7PL1JTLc+b5tCBqRv0Fr3BnXpyj+hFwdDmnZsDUp9xqGIlMtdwVzKyK2rQPZHpY6OC31 iNtFwBxWlimjVSSJolvZXE8IxRkoALzumxTg0Qfz0xM5NHSNgBzh4xuoMy0VRrS+dfW0 FkZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=Dr+RymANTHm+5v1ev1mBi2OBxWipyzckJbBg+UawFko=; b=fqfFgCsR2Ta+Jey8lE+i2glNgk3XjkkKqKI5jlRMTyQ60Cb/GW2GHRHrscFZEzQBmm p8F7hMu/HeJsim25Hl7jNKAXwSblf4E6itlRmGFbkVAXXchcNi13Ww+xBDE2Q/t9bgmw uYYd3Y3VwIr0A95NlHpWsZ/FFWNHf40FwzBpVM4MnryJZyG+bZXmu4JkmTKZZ3qXuaCl ri8EkCo60kcs6K/D7Vyosq/lX4QVW9S7N3SkXtln9aKAzlUVnhSr8bbtHoz8OFoepqaP j3izEH9R1d0dlcZ7t4TLJVP8TzJALedygGk9VhKgkQnonk/A1oMJu9re1uueCmQNCuqY NQfg== X-Gm-Message-State: AOAM530lgxhFv7uGkjrCrNDGzbj/r7itQ6HZWJzIXlCld/hLpJHJvPz8 uArgqAAIiqPUvRgb6h3pfNWM0UdkQA3aMWMis4Y= X-Google-Smtp-Source: ABdhPJyUve4LXxWVXUru/J57RFRE/TYQg2VSTRnAjjs+TTUEkSp0Yf+GSNIMiVZvpeiE8LkP5YxKtw== X-Received: by 2002:a65:538e:: with SMTP id x14mr21262869pgq.364.1634017106334; Mon, 11 Oct 2021 22:38:26 -0700 (PDT) Return-Path: Received: from VIN-Z2-DEV.redmond.corp.microsoft.com ([50.35.92.111]) by smtp.gmail.com with ESMTPSA id z23sm9869605pgv.45.2021.10.11.22.38.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 11 Oct 2021 22:38:26 -0700 (PDT) From: Vineel Kovvuri X-Google-Original-From: Vineel Kovvuri To: devel@edk2.groups.io, jiewen.yao@intel.com, sean.brogan@microsoft.com, bret.barkelew@microsoft.com, Michael.Turner@microsoft.com Cc: Vineel Kovvuri Subject: [PATCH 1/2] Reconfigure OpensslLib to add elliptic curve chipher algorithms Date: Mon, 11 Oct 2021 22:38:19 -0700 Message-Id: X-Mailer: git-send-email 2.17.1 This commit is a cherry pick of project mu's commit https://github.com/microsoft/mu_tiano_plus/commit/1f3b135ddc821718a78c352316197889c5d3e0c2 Reconfigure OpensslLib to add elliptic curve chipher algorithms. The only file manually changed is process_files.pl. Running the script changes the other three files. BugZilla: https://bugzilla.tianocore.org/show_bug.cgi?id=3679 Signed-off-by: Vineel Kovvuri --- .../Library/Include/openssl/opensslconf.h | 25 ++-------- CryptoPkg/Library/OpensslLib/OpensslLib.inf | 50 +++++++++++++++++++ .../Library/OpensslLib/OpensslLibCrypto.inf | 50 +++++++++++++++++++ CryptoPkg/Library/OpensslLib/process_files.pl | 1 - 4 files changed, 105 insertions(+), 21 deletions(-) diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h index b8d59aebe8..09a6641ffc 100644 --- a/CryptoPkg/Library/Include/openssl/opensslconf.h +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h @@ -55,9 +55,6 @@ extern "C" { #ifndef OPENSSL_NO_DSA # define OPENSSL_NO_DSA #endif -#ifndef OPENSSL_NO_EC -# define OPENSSL_NO_EC -#endif #ifndef OPENSSL_NO_IDEA # define OPENSSL_NO_IDEA #endif @@ -88,9 +85,6 @@ extern "C" { #ifndef OPENSSL_NO_SEED # define OPENSSL_NO_SEED #endif -#ifndef OPENSSL_NO_SM2 -# define OPENSSL_NO_SM2 -#endif #ifndef OPENSSL_NO_SRP # define OPENSSL_NO_SRP #endif @@ -154,12 +148,6 @@ extern "C" { #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 # define OPENSSL_NO_EC_NISTP_64_GCC_128 #endif -#ifndef OPENSSL_NO_ECDH -# define OPENSSL_NO_ECDH -#endif -#ifndef OPENSSL_NO_ECDSA -# define OPENSSL_NO_ECDSA -#endif #ifndef OPENSSL_NO_EGD # define OPENSSL_NO_EGD #endif @@ -226,9 +214,6 @@ extern "C" { #ifndef OPENSSL_NO_TESTS # define OPENSSL_NO_TESTS #endif -#ifndef OPENSSL_NO_TLS1_3 -# define OPENSSL_NO_TLS1_3 -#endif #ifndef OPENSSL_NO_UBSAN # define OPENSSL_NO_UBSAN #endif @@ -265,11 +250,11 @@ extern "C" { # undef DECLARE_DEPRECATED # define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); # endif -#elif defined(__SUNPRO_C) -#if (__SUNPRO_C >= 0x5130) -#undef DECLARE_DEPRECATED -#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); -#endif +# elif defined(__SUNPRO_C) +# if (__SUNPRO_C >= 0x5130) +# undef DECLARE_DEPRECATED +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); +# endif # endif #endif diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf index d84bde056a..bd3d9cc90f 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -199,6 +199,43 @@ $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c + $(OPENSSL_PATH)/crypto/ec/curve25519.c + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c + $(OPENSSL_PATH)/crypto/ec/ec_check.c + $(OPENSSL_PATH)/crypto/ec/ec_curve.c + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c + $(OPENSSL_PATH)/crypto/ec/ec_err.c + $(OPENSSL_PATH)/crypto/ec/ec_key.c + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_lib.c + $(OPENSSL_PATH)/crypto/ec/ec_mult.c + $(OPENSSL_PATH)/crypto/ec/ec_oct.c + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_print.c + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c + $(OPENSSL_PATH)/crypto/ec/eck_prn.c + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -384,6 +421,10 @@ $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -496,6 +537,15 @@ $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h + $(OPENSSL_PATH)/crypto/ec/ec_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h + $(OPENSSL_PATH)/crypto/ec/curve448/field.h + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h + $(OPENSSL_PATH)/crypto/ec/curve448/word.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf index cdeed0d073..38ccf1a5b6 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf @@ -199,6 +199,43 @@ $(OPENSSL_PATH)/crypto/dso/dso_vms.c $(OPENSSL_PATH)/crypto/dso/dso_win32.c $(OPENSSL_PATH)/crypto/ebcdic.c + $(OPENSSL_PATH)/crypto/ec/curve25519.c + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c + $(OPENSSL_PATH)/crypto/ec/ec_check.c + $(OPENSSL_PATH)/crypto/ec/ec_curve.c + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c + $(OPENSSL_PATH)/crypto/ec/ec_err.c + $(OPENSSL_PATH)/crypto/ec/ec_key.c + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_lib.c + $(OPENSSL_PATH)/crypto/ec/ec_mult.c + $(OPENSSL_PATH)/crypto/ec/ec_oct.c + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c + $(OPENSSL_PATH)/crypto/ec/ec_print.c + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c + $(OPENSSL_PATH)/crypto/ec/eck_prn.c + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c $(OPENSSL_PATH)/crypto/err/err.c $(OPENSSL_PATH)/crypto/err/err_prn.c $(OPENSSL_PATH)/crypto/evp/bio_b64.c @@ -384,6 +421,10 @@ $(OPENSSL_PATH)/crypto/siphash/siphash.c $(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c $(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c + $(OPENSSL_PATH)/crypto/sm2/sm2_err.c + $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c + $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c $(OPENSSL_PATH)/crypto/sm3/m_sm3.c $(OPENSSL_PATH)/crypto/sm3/sm3.c $(OPENSSL_PATH)/crypto/sm4/sm4.c @@ -496,6 +537,15 @@ $(OPENSSL_PATH)/crypto/conf/conf_local.h $(OPENSSL_PATH)/crypto/dh/dh_local.h $(OPENSSL_PATH)/crypto/dso/dso_local.h + $(OPENSSL_PATH)/crypto/ec/ec_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h + $(OPENSSL_PATH)/crypto/ec/curve448/field.h + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h + $(OPENSSL_PATH)/crypto/ec/curve448/word.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h $(OPENSSL_PATH)/crypto/evp/evp_local.h $(OPENSSL_PATH)/crypto/hmac/hmac_local.h $(OPENSSL_PATH)/crypto/lhash/lhash_local.h diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Library/OpensslLib/process_files.pl index 42bff05fa6..2ebfbbbca0 100755 --- a/CryptoPkg/Library/OpensslLib/process_files.pl +++ b/CryptoPkg/Library/OpensslLib/process_files.pl @@ -169,7 +169,6 @@ BEGIN { "no-dgram", "no-dsa", "no-dynamic-engine", - "no-ec", "no-ec2m", "no-engine", "no-err", -- 2.17.1