* [PATCH 0/4] !!TEST Fix warnings of EC feature
@ 2022-04-18 13:03 yi1 li
2022-04-18 13:03 ` [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows yi1 li
` (3 more replies)
0 siblings, 4 replies; 13+ messages in thread
From: yi1 li @ 2022-04-18 13:03 UTC (permalink / raw)
To: devel; +Cc: yi1 li
As subject.
yi1 li (4):
CryptoPkg: Add instrinsics to support building ECC on IA32 windows
CryptoPkg: Reconfigure OpensslLib to add EC algorithms
CryptoPkg: Make EC source file config-able
CryptoPkg: Add PcdEcEnabled to Base/Pei/SmmCryptLib.inf
CryptoPkg/CryptoPkg.dec | 4 +
.../Library/BaseCryptLib/BaseCryptLib.inf | 3 +
.../Library/BaseCryptLib/PeiCryptLib.inf | 3 +
.../Library/BaseCryptLib/SmmCryptLib.inf | 3 +
.../Library/Include/openssl/opensslconf.h | 6 +-
.../Library/IntrinsicLib/Ia32/MathLlmul.asm | 98 +++++++++++++++++++
.../Library/IntrinsicLib/Ia32/MathLlshr.asm | 78 +++++++++++++++
.../Library/IntrinsicLib/IntrinsicLib.inf | 2 +
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 48 +++++++++
.../Library/OpensslLib/OpensslLibCrypto.inf | 49 ++++++++++
CryptoPkg/Library/OpensslLib/process_files.pl | 1 -
11 files changed, 292 insertions(+), 3 deletions(-)
create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
--
2.33.0.windows.2
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows
2022-04-18 13:03 [PATCH 0/4] !!TEST Fix warnings of EC feature yi1 li
@ 2022-04-18 13:03 ` yi1 li
2022-04-18 15:24 ` [edk2-devel] " Michael D Kinney
2022-04-19 0:51 ` Yao, Jiewen
2022-04-18 13:03 ` [PATCH 2/4] CryptoPkg: Reconfigure OpensslLib to add EC algorithms yi1 li
` (2 subsequent siblings)
3 siblings, 2 replies; 13+ messages in thread
From: yi1 li @ 2022-04-18 13:03 UTC (permalink / raw)
To: devel; +Cc: yi1 li
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
This dependency is needed to build openssl lib with ECC ciphers
under IA32 Windows and adds implementation for _allmul and _allshr
instrinsics.
It is taken from Project Mu:
microsoft/mu_basecore@b55b341
Signed-off-by: yi1 li <yi1.li@intel.com>
---
.../Library/IntrinsicLib/Ia32/MathLlmul.asm | 98 +++++++++++++++++++
.../Library/IntrinsicLib/Ia32/MathLlshr.asm | 78 +++++++++++++++
.../Library/IntrinsicLib/IntrinsicLib.inf | 2 +
3 files changed, 178 insertions(+)
create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
diff --git a/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
new file mode 100644
index 000000000000..341ea8a7bc0d
--- /dev/null
+++ b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
@@ -0,0 +1,98 @@
+;***
+;llmul.asm - long multiply routine
+;
+; Copyright (c) Microsoft Corporation. All rights reserved.
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+;Purpose:
+; Defines long multiply routine
+; Both signed and unsigned routines are the same, since multiply's
+; work out the same in 2's complement
+; creates the following routine:
+; __allmul
+;
+;Original Implemenation: MSVC 14.12.25827
+;
+;*******************************************************************************
+ .686
+ .model flat,C
+ .code
+
+
+;***
+;llmul - long multiply routine
+;
+;Purpose:
+; Does a long multiply (same for signed/unsigned)
+; Parameters are not changed.
+;
+;Entry:
+; Parameters are passed on the stack:
+; 1st pushed: multiplier (QWORD)
+; 2nd pushed: multiplicand (QWORD)
+;
+;Exit:
+; EDX:EAX - product of multiplier and multiplicand
+; NOTE: parameters are removed from the stack
+;
+;Uses:
+; ECX
+;
+;Exceptions:
+;
+;*******************************************************************************
+_allmul PROC NEAR
+
+A EQU [esp + 4] ; stack address of a
+B EQU [esp + 12] ; stack address of b
+
+HIGH_PART EQU [4] ;
+LOW_PART EQU [0]
+
+;
+; AHI, BHI : upper 32 bits of A and B
+; ALO, BLO : lower 32 bits of A and B
+;
+; ALO * BLO
+; ALO * BHI
+; + BLO * AHI
+; ---------------------
+;
+
+ mov eax,HIGH_PART(A)
+ mov ecx,HIGH_PART(B)
+ or ecx,eax ;test for both high dwords zero.
+ mov ecx,LOW_PART(B)
+ jnz short hard ;both are zero, just mult ALO and BLO
+
+ mov eax,LOW_PART(A)
+ mul ecx
+
+ ret 16 ; callee restores the stack
+
+hard:
+ push ebx
+
+; must redefine A and B since esp has been altered
+
+A2 EQU [esp + 8] ; stack address of a
+B2 EQU [esp + 16] ; stack address of b
+
+ mul ecx ;eax has AHI, ecx has BLO, so AHI * BLO
+ mov ebx,eax ;save result
+
+ mov eax,LOW_PART(A2)
+ mul dword ptr HIGH_PART(B2) ;ALO * BHI
+ add ebx,eax ;ebx = ((ALO * BHI) + (AHI * BLO))
+
+ mov eax,LOW_PART(A2);ecx = BLO
+ mul ecx ;so edx:eax = ALO*BLO
+ add edx,ebx ;now edx has all the LO*HI stuff
+
+ pop ebx
+
+ ret 16 ; callee restores the stack
+
+_allmul ENDP
+
+ end
diff --git a/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
new file mode 100644
index 000000000000..ab8294580f16
--- /dev/null
+++ b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
@@ -0,0 +1,78 @@
+;***
+;llshr.asm - long shift right
+;
+; Copyright (c) Microsoft Corporation. All rights reserved.
+; SPDX-License-Identifier: BSD-2-Clause-Patent
+;
+;Purpose:
+; define signed long shift right routine
+; __allshr
+;
+;Original Implemenation: MSVC 14.12.25827
+;
+;*******************************************************************************
+ .686
+ .model flat,C
+ .code
+
+
+
+;***
+;llshr - long shift right
+;
+;Purpose:
+; Does a signed Long Shift Right
+; Shifts a long right any number of bits.
+;
+;Entry:
+; EDX:EAX - long value to be shifted
+; CL - number of bits to shift by
+;
+;Exit:
+; EDX:EAX - shifted value
+;
+;Uses:
+; CL is destroyed.
+;
+;Exceptions:
+;
+;*******************************************************************************
+_allshr PROC NEAR
+
+;
+; Handle shifts of 64 bits or more (if shifting 64 bits or more, the result
+; depends only on the high order bit of edx).
+;
+ cmp cl,64
+ jae short RETSIGN
+
+;
+; Handle shifts of between 0 and 31 bits
+;
+ cmp cl, 32
+ jae short MORE32
+ shrd eax,edx,cl
+ sar edx,cl
+ ret
+
+;
+; Handle shifts of between 32 and 63 bits
+;
+MORE32:
+ mov eax,edx
+ sar edx,31
+ and cl,31
+ sar eax,cl
+ ret
+
+;
+; Return double precision 0 or -1, depending on the sign of edx
+;
+RETSIGN:
+ sar edx,31
+ mov eax,edx
+ ret
+
+_allshr ENDP
+
+ end
diff --git a/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
index fcbb93316cf7..86e74b57b109 100644
--- a/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+++ b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
@@ -30,6 +30,8 @@
Ia32/MathLShiftS64.c | MSFT
Ia32/MathRShiftU64.c | MSFT
Ia32/MathFtol.c | MSFT
+ Ia32/MathLlmul.asm | MSFT
+ Ia32/MathLlshr.asm | MSFT
Ia32/MathLShiftS64.c | INTEL
Ia32/MathRShiftU64.c | INTEL
--
2.33.0.windows.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 2/4] CryptoPkg: Reconfigure OpensslLib to add EC algorithms
2022-04-18 13:03 [PATCH 0/4] !!TEST Fix warnings of EC feature yi1 li
2022-04-18 13:03 ` [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows yi1 li
@ 2022-04-18 13:03 ` yi1 li
2022-04-18 13:03 ` [PATCH 3/4] CryptoPkg: Make EC source file config-able yi1 li
2022-04-18 13:03 ` [PATCH 4/4] CryptoPkg: Add PcdEcEnabled to Base/Pei/SmmCryptLib.inf yi1 li
3 siblings, 0 replies; 13+ messages in thread
From: yi1 li @ 2022-04-18 13:03 UTC (permalink / raw)
To: devel; +Cc: yi1 li
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828
Reconfigure OpensslLib to add elliptic curve cipher algorithms.
Signed-off-by: yi1 li <yi1.li@intel.com>
---
.../Library/Include/openssl/opensslconf.h | 3 --
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 46 +++++++++++++++++++
.../Library/OpensslLib/OpensslLibCrypto.inf | 46 +++++++++++++++++++
CryptoPkg/Library/OpensslLib/process_files.pl | 1 -
4 files changed, 92 insertions(+), 4 deletions(-)
diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h
index b119212ed856..7ea976b2252e 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
@@ -55,9 +55,6 @@ extern "C" {
#ifndef OPENSSL_NO_DSA
#define OPENSSL_NO_DSA
#endif
-#ifndef OPENSSL_NO_EC
-#define OPENSSL_NO_EC
-#endif
#ifndef OPENSSL_NO_IDEA
#define OPENSSL_NO_IDEA
#endif
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index d84bde056af2..1d67ed55e1b1 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -199,6 +199,43 @@
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
+ $(OPENSSL_PATH)/crypto/ec/curve25519.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
+ $(OPENSSL_PATH)/crypto/ec/ec_check.c
+ $(OPENSSL_PATH)/crypto/ec/ec_curve.c
+ $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
+ $(OPENSSL_PATH)/crypto/ec/ec_err.c
+ $(OPENSSL_PATH)/crypto/ec/ec_key.c
+ $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_lib.c
+ $(OPENSSL_PATH)/crypto/ec/ec_mult.c
+ $(OPENSSL_PATH)/crypto/ec/ec_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_print.c
+ $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
+ $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
+ $(OPENSSL_PATH)/crypto/ec/eck_prn.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
$(OPENSSL_PATH)/crypto/err/err.c
$(OPENSSL_PATH)/crypto/err/err_prn.c
$(OPENSSL_PATH)/crypto/evp/bio_b64.c
@@ -496,6 +533,15 @@
$(OPENSSL_PATH)/crypto/conf/conf_local.h
$(OPENSSL_PATH)/crypto/dh/dh_local.h
$(OPENSSL_PATH)/crypto/dso/dso_local.h
+ $(OPENSSL_PATH)/crypto/ec/ec_local.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/field.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/word.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
$(OPENSSL_PATH)/crypto/evp/evp_local.h
$(OPENSSL_PATH)/crypto/hmac/hmac_local.h
$(OPENSSL_PATH)/crypto/lhash/lhash_local.h
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index cdeed0d073eb..66ca5b1250c1 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -199,6 +199,43 @@
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
+ $(OPENSSL_PATH)/crypto/ec/curve25519.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
+ $(OPENSSL_PATH)/crypto/ec/ec_check.c
+ $(OPENSSL_PATH)/crypto/ec/ec_curve.c
+ $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
+ $(OPENSSL_PATH)/crypto/ec/ec_err.c
+ $(OPENSSL_PATH)/crypto/ec/ec_key.c
+ $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_lib.c
+ $(OPENSSL_PATH)/crypto/ec/ec_mult.c
+ $(OPENSSL_PATH)/crypto/ec/ec_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_print.c
+ $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
+ $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
+ $(OPENSSL_PATH)/crypto/ec/eck_prn.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
$(OPENSSL_PATH)/crypto/err/err.c
$(OPENSSL_PATH)/crypto/err/err_prn.c
$(OPENSSL_PATH)/crypto/evp/bio_b64.c
@@ -496,6 +533,15 @@
$(OPENSSL_PATH)/crypto/conf/conf_local.h
$(OPENSSL_PATH)/crypto/dh/dh_local.h
$(OPENSSL_PATH)/crypto/dso/dso_local.h
+ $(OPENSSL_PATH)/crypto/ec/ec_local.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/field.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/word.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
$(OPENSSL_PATH)/crypto/evp/evp_local.h
$(OPENSSL_PATH)/crypto/hmac/hmac_local.h
$(OPENSSL_PATH)/crypto/lhash/lhash_local.h
diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl b/CryptoPkg/Library/OpensslLib/process_files.pl
index 42bff05fa629..2ebfbbbca0de 100755
--- a/CryptoPkg/Library/OpensslLib/process_files.pl
+++ b/CryptoPkg/Library/OpensslLib/process_files.pl
@@ -169,7 +169,6 @@ BEGIN {
"no-dgram",
"no-dsa",
"no-dynamic-engine",
- "no-ec",
"no-ec2m",
"no-engine",
"no-err",
--
2.33.0.windows.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 3/4] CryptoPkg: Make EC source file config-able
2022-04-18 13:03 [PATCH 0/4] !!TEST Fix warnings of EC feature yi1 li
2022-04-18 13:03 ` [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows yi1 li
2022-04-18 13:03 ` [PATCH 2/4] CryptoPkg: Reconfigure OpensslLib to add EC algorithms yi1 li
@ 2022-04-18 13:03 ` yi1 li
2022-04-18 15:21 ` [edk2-devel] " Michael D Kinney
2022-04-25 15:52 ` PierreGondois
2022-04-18 13:03 ` [PATCH 4/4] CryptoPkg: Add PcdEcEnabled to Base/Pei/SmmCryptLib.inf yi1 li
3 siblings, 2 replies; 13+ messages in thread
From: yi1 li @ 2022-04-18 13:03 UTC (permalink / raw)
To: devel; +Cc: yi1 li
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828
Use PCD gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled to config-able
source files list in OpensslLib.inf and OpensslLibCrypto.inf.
If PcdEcEnabled equals to FALSE, this file will not be compiled.
Signed-off-by: yi1 li <yi1.li@intel.com>
---
CryptoPkg/CryptoPkg.dec | 4 +
.../Library/Include/openssl/opensslconf.h | 7 +-
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 95 ++++++++++---------
.../Library/OpensslLib/OpensslLibCrypto.inf | 95 ++++++++++---------
4 files changed, 108 insertions(+), 93 deletions(-)
diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
index 5888941bab4c..ebec64050b71 100644
--- a/CryptoPkg/CryptoPkg.dec
+++ b/CryptoPkg/CryptoPkg.dec
@@ -81,5 +81,9 @@
# @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010
gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x00000001
+ ## Enable/Disable the ECC feature in openssl library. The default is disabled.
+ # If ECC feature is disabled, all related source files will not be compiled.
+ gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled|FALSE|BOOLEAN|0x0000003
+
[UserExtensions.TianoCore."ExtraFiles"]
CryptoPkgExtra.uni
diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h
index 7ea976b2252e..1485b8c9f108 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
@@ -9,7 +9,7 @@
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
-
+#include <Library/PcdLib.h>
#include <openssl/opensslv.h>
#ifdef __cplusplus
@@ -55,6 +55,11 @@ extern "C" {
#ifndef OPENSSL_NO_DSA
#define OPENSSL_NO_DSA
#endif
+#if !FixedPcdGetBool (PcdEcEnabled)
+ #ifndef OPENSSL_NO_EC
+#define OPENSSL_NO_EC
+ #endif
+#endif
#ifndef OPENSSL_NO_IDEA
#define OPENSSL_NO_IDEA
#endif
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 1d67ed55e1b1..459ac4864a4e 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -199,43 +199,43 @@
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
- $(OPENSSL_PATH)/crypto/ec/curve25519.c
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
- $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
- $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
- $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
- $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
- $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
- $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
- $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
- $(OPENSSL_PATH)/crypto/ec/ec_check.c
- $(OPENSSL_PATH)/crypto/ec/ec_curve.c
- $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
- $(OPENSSL_PATH)/crypto/ec/ec_err.c
- $(OPENSSL_PATH)/crypto/ec/ec_key.c
- $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
- $(OPENSSL_PATH)/crypto/ec/ec_lib.c
- $(OPENSSL_PATH)/crypto/ec/ec_mult.c
- $(OPENSSL_PATH)/crypto/ec/ec_oct.c
- $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
- $(OPENSSL_PATH)/crypto/ec/ec_print.c
- $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
- $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
- $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
- $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
- $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
- $(OPENSSL_PATH)/crypto/ec/eck_prn.c
- $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
- $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
- $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
- $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
+ $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/err/err.c
$(OPENSSL_PATH)/crypto/err/err_prn.c
$(OPENSSL_PATH)/crypto/evp/bio_b64.c
@@ -533,15 +533,15 @@
$(OPENSSL_PATH)/crypto/conf/conf_local.h
$(OPENSSL_PATH)/crypto/dh/dh_local.h
$(OPENSSL_PATH)/crypto/dso/dso_local.h
- $(OPENSSL_PATH)/crypto/ec/ec_local.h
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
- $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
- $(OPENSSL_PATH)/crypto/ec/curve448/field.h
- $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
- $(OPENSSL_PATH)/crypto/ec/curve448/word.h
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
+ $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/evp/evp_local.h
$(OPENSSL_PATH)/crypto/hmac/hmac_local.h
$(OPENSSL_PATH)/crypto/lhash/lhash_local.h
@@ -633,6 +633,9 @@
[LibraryClasses.ARM]
ArmSoftFloatLib
+[Pcd]
+ gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
+
[BuildOptions]
#
# Disables the following Visual Studio compiler warnings brought by openssl source,
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index 66ca5b1250c1..c9d69a368e3c 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -199,43 +199,43 @@
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
- $(OPENSSL_PATH)/crypto/ec/curve25519.c
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
- $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
- $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
- $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
- $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
- $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
- $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
- $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
- $(OPENSSL_PATH)/crypto/ec/ec_check.c
- $(OPENSSL_PATH)/crypto/ec/ec_curve.c
- $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
- $(OPENSSL_PATH)/crypto/ec/ec_err.c
- $(OPENSSL_PATH)/crypto/ec/ec_key.c
- $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
- $(OPENSSL_PATH)/crypto/ec/ec_lib.c
- $(OPENSSL_PATH)/crypto/ec/ec_mult.c
- $(OPENSSL_PATH)/crypto/ec/ec_oct.c
- $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
- $(OPENSSL_PATH)/crypto/ec/ec_print.c
- $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
- $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
- $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
- $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
- $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
- $(OPENSSL_PATH)/crypto/ec/eck_prn.c
- $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
- $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
- $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
- $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
- $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
+ $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/err/err.c
$(OPENSSL_PATH)/crypto/err/err_prn.c
$(OPENSSL_PATH)/crypto/evp/bio_b64.c
@@ -533,15 +533,15 @@
$(OPENSSL_PATH)/crypto/conf/conf_local.h
$(OPENSSL_PATH)/crypto/dh/dh_local.h
$(OPENSSL_PATH)/crypto/dso/dso_local.h
- $(OPENSSL_PATH)/crypto/ec/ec_local.h
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
- $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
- $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
- $(OPENSSL_PATH)/crypto/ec/curve448/field.h
- $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
- $(OPENSSL_PATH)/crypto/ec/curve448/word.h
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
- $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
+ $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
$(OPENSSL_PATH)/crypto/evp/evp_local.h
$(OPENSSL_PATH)/crypto/hmac/hmac_local.h
$(OPENSSL_PATH)/crypto/lhash/lhash_local.h
@@ -582,6 +582,9 @@
[LibraryClasses.ARM]
ArmSoftFloatLib
+[Pcd]
+ gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
+
[BuildOptions]
#
# Disables the following Visual Studio compiler warnings brought by openssl source,
--
2.33.0.windows.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 4/4] CryptoPkg: Add PcdEcEnabled to Base/Pei/SmmCryptLib.inf
2022-04-18 13:03 [PATCH 0/4] !!TEST Fix warnings of EC feature yi1 li
` (2 preceding siblings ...)
2022-04-18 13:03 ` [PATCH 3/4] CryptoPkg: Make EC source file config-able yi1 li
@ 2022-04-18 13:03 ` yi1 li
3 siblings, 0 replies; 13+ messages in thread
From: yi1 li @ 2022-04-18 13:03 UTC (permalink / raw)
To: devel; +Cc: yi1 li
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828
Base/Pei/SmmCryptLib.inf will use openssllib, and the header file
opensslconf.h in openssllib will use PCD, but it is not declared in
the inf file, which will cause warnings in some compilers
Signed-off-by: yi1 li <yi1.li@intel.com>
---
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +++
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 3 +++
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 3 +++
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 3 +--
CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf | 2 +-
5 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 15cf3dab105c..5bbdb387d6ba 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -88,6 +88,9 @@
IntrinsicLib
PrintLib
+[FixedPcd]
+ gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+
#
# Remove these [BuildOptions] after this library is cleaned up
#
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index bf1563b06407..fd500e61ec99 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -77,6 +77,9 @@
OpensslLib
IntrinsicLib
+[FixedPcd]
+ gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+
#
# Remove these [BuildOptions] after this library is cleaned up
#
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index 8f39517f78b7..ae75bc87b5e5 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -92,6 +92,9 @@
MmServicesTableLib
SynchronizationLib
+[FixedPcd]
+ gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
+
#
# Remove these [BuildOptions] after this library is cleaned up
#
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index 459ac4864a4e..0d087cbef790 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -632,8 +632,7 @@
[LibraryClasses.ARM]
ArmSoftFloatLib
-
-[Pcd]
+[FixedPcd]
gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
[BuildOptions]
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index c9d69a368e3c..490b83602be9 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -582,7 +582,7 @@
[LibraryClasses.ARM]
ArmSoftFloatLib
-[Pcd]
+[FixedPcd]
gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
[BuildOptions]
--
2.33.0.windows.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able
2022-04-18 13:03 ` [PATCH 3/4] CryptoPkg: Make EC source file config-able yi1 li
@ 2022-04-18 15:21 ` Michael D Kinney
2022-04-25 15:52 ` PierreGondois
1 sibling, 0 replies; 13+ messages in thread
From: Michael D Kinney @ 2022-04-18 15:21 UTC (permalink / raw)
To: devel@edk2.groups.io, Li, Yi1, Kinney, Michael D
A new top level PCD should not be added.
There is already a structured PCD to enable/disable crypto features.
We take advantage of compiler optimizations to remove unused functions,
so filtering the source files using a PCD should not be required.
I want to make sure we use a consistent method to configure all
crypto related services.
Mike
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of yi1 li
> Sent: Monday, April 18, 2022 6:03 AM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>
> Subject: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828
>
> Use PCD gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled to config-able
> source files list in OpensslLib.inf and OpensslLibCrypto.inf.
> If PcdEcEnabled equals to FALSE, this file will not be compiled.
>
> Signed-off-by: yi1 li <yi1.li@intel.com>
> ---
> CryptoPkg/CryptoPkg.dec | 4 +
> .../Library/Include/openssl/opensslconf.h | 7 +-
> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 95 ++++++++++---------
> .../Library/OpensslLib/OpensslLibCrypto.inf | 95 ++++++++++---------
> 4 files changed, 108 insertions(+), 93 deletions(-)
>
> diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
> index 5888941bab4c..ebec64050b71 100644
> --- a/CryptoPkg/CryptoPkg.dec
> +++ b/CryptoPkg/CryptoPkg.dec
> @@ -81,5 +81,9 @@
> # @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010
> gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x00000001
>
> + ## Enable/Disable the ECC feature in openssl library. The default is disabled.
> + # If ECC feature is disabled, all related source files will not be compiled.
> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled|FALSE|BOOLEAN|0x0000003
> +
> [UserExtensions.TianoCore."ExtraFiles"]
> CryptoPkgExtra.uni
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 7ea976b2252e..1485b8c9f108 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -9,7 +9,7 @@
> * in the file LICENSE in the source distribution or at
> * https://www.openssl.org/source/license.html
> */
> -
> +#include <Library/PcdLib.h>
> #include <openssl/opensslv.h>
>
> #ifdef __cplusplus
> @@ -55,6 +55,11 @@ extern "C" {
> #ifndef OPENSSL_NO_DSA
> #define OPENSSL_NO_DSA
> #endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> + #ifndef OPENSSL_NO_EC
> +#define OPENSSL_NO_EC
> + #endif
> +#endif
> #ifndef OPENSSL_NO_IDEA
> #define OPENSSL_NO_IDEA
> #endif
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index 1d67ed55e1b1..459ac4864a4e 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -199,43 +199,43 @@
> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> $(OPENSSL_PATH)/crypto/err/err_prn.c
> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
> @@ -533,15 +533,15 @@
> $(OPENSSL_PATH)/crypto/conf/conf_local.h
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> @@ -633,6 +633,9 @@
> [LibraryClasses.ARM]
> ArmSoftFloatLib
>
> +[Pcd]
> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
> +
> [BuildOptions]
> #
> # Disables the following Visual Studio compiler warnings brought by openssl source,
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index 66ca5b1250c1..c9d69a368e3c 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -199,43 +199,43 @@
> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> $(OPENSSL_PATH)/crypto/err/err_prn.c
> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
> @@ -533,15 +533,15 @@
> $(OPENSSL_PATH)/crypto/conf/conf_local.h
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> @@ -582,6 +582,9 @@
> [LibraryClasses.ARM]
> ArmSoftFloatLib
>
> +[Pcd]
> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
> +
> [BuildOptions]
> #
> # Disables the following Visual Studio compiler warnings brought by openssl source,
> --
> 2.33.0.windows.2
>
>
>
>
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows
2022-04-18 13:03 ` [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows yi1 li
@ 2022-04-18 15:24 ` Michael D Kinney
2022-04-19 1:14 ` yi1 li
2022-04-19 0:51 ` Yao, Jiewen
1 sibling, 1 reply; 13+ messages in thread
From: Michael D Kinney @ 2022-04-18 15:24 UTC (permalink / raw)
To: devel@edk2.groups.io, Li, Yi1, Gerd Hoffmann, Kinney, Michael D
There are other patch series to move intrinsics to the MdePkg for
OpenSSL 3.0 enabling.
I recommend you work with Gerd on the intrinsic topic.
Mike
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of yi1 li
> Sent: Monday, April 18, 2022 6:03 AM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>
> Subject: [edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
>
> This dependency is needed to build openssl lib with ECC ciphers
> under IA32 Windows and adds implementation for _allmul and _allshr
> instrinsics.
>
> It is taken from Project Mu:
> microsoft/mu_basecore@b55b341
>
> Signed-off-by: yi1 li <yi1.li@intel.com>
> ---
> .../Library/IntrinsicLib/Ia32/MathLlmul.asm | 98 +++++++++++++++++++
> .../Library/IntrinsicLib/Ia32/MathLlshr.asm | 78 +++++++++++++++
> .../Library/IntrinsicLib/IntrinsicLib.inf | 2 +
> 3 files changed, 178 insertions(+)
> create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
>
> diff --git a/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> new file mode 100644
> index 000000000000..341ea8a7bc0d
> --- /dev/null
> +++ b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> @@ -0,0 +1,98 @@
> +;***
> +;llmul.asm - long multiply routine
> +;
> +; Copyright (c) Microsoft Corporation. All rights reserved.
> +; SPDX-License-Identifier: BSD-2-Clause-Patent
> +;
> +;Purpose:
> +; Defines long multiply routine
> +; Both signed and unsigned routines are the same, since multiply's
> +; work out the same in 2's complement
> +; creates the following routine:
> +; __allmul
> +;
> +;Original Implemenation: MSVC 14.12.25827
> +;
> +;*******************************************************************************
> + .686
> + .model flat,C
> + .code
> +
> +
> +;***
> +;llmul - long multiply routine
> +;
> +;Purpose:
> +; Does a long multiply (same for signed/unsigned)
> +; Parameters are not changed.
> +;
> +;Entry:
> +; Parameters are passed on the stack:
> +; 1st pushed: multiplier (QWORD)
> +; 2nd pushed: multiplicand (QWORD)
> +;
> +;Exit:
> +; EDX:EAX - product of multiplier and multiplicand
> +; NOTE: parameters are removed from the stack
> +;
> +;Uses:
> +; ECX
> +;
> +;Exceptions:
> +;
> +;*******************************************************************************
> +_allmul PROC NEAR
> +
> +A EQU [esp + 4] ; stack address of a
> +B EQU [esp + 12] ; stack address of b
> +
> +HIGH_PART EQU [4] ;
> +LOW_PART EQU [0]
> +
> +;
> +; AHI, BHI : upper 32 bits of A and B
> +; ALO, BLO : lower 32 bits of A and B
> +;
> +; ALO * BLO
> +; ALO * BHI
> +; + BLO * AHI
> +; ---------------------
> +;
> +
> + mov eax,HIGH_PART(A)
> + mov ecx,HIGH_PART(B)
> + or ecx,eax ;test for both high dwords zero.
> + mov ecx,LOW_PART(B)
> + jnz short hard ;both are zero, just mult ALO and BLO
> +
> + mov eax,LOW_PART(A)
> + mul ecx
> +
> + ret 16 ; callee restores the stack
> +
> +hard:
> + push ebx
> +
> +; must redefine A and B since esp has been altered
> +
> +A2 EQU [esp + 8] ; stack address of a
> +B2 EQU [esp + 16] ; stack address of b
> +
> + mul ecx ;eax has AHI, ecx has BLO, so AHI * BLO
> + mov ebx,eax ;save result
> +
> + mov eax,LOW_PART(A2)
> + mul dword ptr HIGH_PART(B2) ;ALO * BHI
> + add ebx,eax ;ebx = ((ALO * BHI) + (AHI * BLO))
> +
> + mov eax,LOW_PART(A2);ecx = BLO
> + mul ecx ;so edx:eax = ALO*BLO
> + add edx,ebx ;now edx has all the LO*HI stuff
> +
> + pop ebx
> +
> + ret 16 ; callee restores the stack
> +
> +_allmul ENDP
> +
> + end
> diff --git a/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
> new file mode 100644
> index 000000000000..ab8294580f16
> --- /dev/null
> +++ b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
> @@ -0,0 +1,78 @@
> +;***
> +;llshr.asm - long shift right
> +;
> +; Copyright (c) Microsoft Corporation. All rights reserved.
> +; SPDX-License-Identifier: BSD-2-Clause-Patent
> +;
> +;Purpose:
> +; define signed long shift right routine
> +; __allshr
> +;
> +;Original Implemenation: MSVC 14.12.25827
> +;
> +;*******************************************************************************
> + .686
> + .model flat,C
> + .code
> +
> +
> +
> +;***
> +;llshr - long shift right
> +;
> +;Purpose:
> +; Does a signed Long Shift Right
> +; Shifts a long right any number of bits.
> +;
> +;Entry:
> +; EDX:EAX - long value to be shifted
> +; CL - number of bits to shift by
> +;
> +;Exit:
> +; EDX:EAX - shifted value
> +;
> +;Uses:
> +; CL is destroyed.
> +;
> +;Exceptions:
> +;
> +;*******************************************************************************
> +_allshr PROC NEAR
> +
> +;
> +; Handle shifts of 64 bits or more (if shifting 64 bits or more, the result
> +; depends only on the high order bit of edx).
> +;
> + cmp cl,64
> + jae short RETSIGN
> +
> +;
> +; Handle shifts of between 0 and 31 bits
> +;
> + cmp cl, 32
> + jae short MORE32
> + shrd eax,edx,cl
> + sar edx,cl
> + ret
> +
> +;
> +; Handle shifts of between 32 and 63 bits
> +;
> +MORE32:
> + mov eax,edx
> + sar edx,31
> + and cl,31
> + sar eax,cl
> + ret
> +
> +;
> +; Return double precision 0 or -1, depending on the sign of edx
> +;
> +RETSIGN:
> + sar edx,31
> + mov eax,edx
> + ret
> +
> +_allshr ENDP
> +
> + end
> diff --git a/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> index fcbb93316cf7..86e74b57b109 100644
> --- a/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> +++ b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> @@ -30,6 +30,8 @@
> Ia32/MathLShiftS64.c | MSFT
> Ia32/MathRShiftU64.c | MSFT
> Ia32/MathFtol.c | MSFT
> + Ia32/MathLlmul.asm | MSFT
> + Ia32/MathLlshr.asm | MSFT
>
> Ia32/MathLShiftS64.c | INTEL
> Ia32/MathRShiftU64.c | INTEL
> --
> 2.33.0.windows.2
>
>
>
>
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows
2022-04-18 13:03 ` [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows yi1 li
2022-04-18 15:24 ` [edk2-devel] " Michael D Kinney
@ 2022-04-19 0:51 ` Yao, Jiewen
1 sibling, 0 replies; 13+ messages in thread
From: Yao, Jiewen @ 2022-04-19 0:51 UTC (permalink / raw)
To: devel@edk2.groups.io, Li, Yi1
Hi
I am confused.
This patch set has already been merged. Why it is sent again?
Have you rebased to latest tree, before you send out patch?
Thank you
Yao Jiewen
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of yi1 li
> Sent: Monday, April 18, 2022 9:03 PM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>
> Subject: [edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to support building
> ECC on IA32 windows
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
>
> This dependency is needed to build openssl lib with ECC ciphers
> under IA32 Windows and adds implementation for _allmul and _allshr
> instrinsics.
>
> It is taken from Project Mu:
> microsoft/mu_basecore@b55b341
>
> Signed-off-by: yi1 li <yi1.li@intel.com>
> ---
> .../Library/IntrinsicLib/Ia32/MathLlmul.asm | 98 +++++++++++++++++++
> .../Library/IntrinsicLib/Ia32/MathLlshr.asm | 78 +++++++++++++++
> .../Library/IntrinsicLib/IntrinsicLib.inf | 2 +
> 3 files changed, 178 insertions(+)
> create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
>
> diff --git a/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> new file mode 100644
> index 000000000000..341ea8a7bc0d
> --- /dev/null
> +++ b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> @@ -0,0 +1,98 @@
> +;***
> +;llmul.asm - long multiply routine
> +;
> +; Copyright (c) Microsoft Corporation. All rights reserved.
> +; SPDX-License-Identifier: BSD-2-Clause-Patent
> +;
> +;Purpose:
> +; Defines long multiply routine
> +; Both signed and unsigned routines are the same, since multiply's
> +; work out the same in 2's complement
> +; creates the following routine:
> +; __allmul
> +;
> +;Original Implemenation: MSVC 14.12.25827
> +;
> +;***************************************************************
> ****************
> + .686
> + .model flat,C
> + .code
> +
> +
> +;***
> +;llmul - long multiply routine
> +;
> +;Purpose:
> +; Does a long multiply (same for signed/unsigned)
> +; Parameters are not changed.
> +;
> +;Entry:
> +; Parameters are passed on the stack:
> +; 1st pushed: multiplier (QWORD)
> +; 2nd pushed: multiplicand (QWORD)
> +;
> +;Exit:
> +; EDX:EAX - product of multiplier and multiplicand
> +; NOTE: parameters are removed from the stack
> +;
> +;Uses:
> +; ECX
> +;
> +;Exceptions:
> +;
> +;***************************************************************
> ****************
> +_allmul PROC NEAR
> +
> +A EQU [esp + 4] ; stack address of a
> +B EQU [esp + 12] ; stack address of b
> +
> +HIGH_PART EQU [4] ;
> +LOW_PART EQU [0]
> +
> +;
> +; AHI, BHI : upper 32 bits of A and B
> +; ALO, BLO : lower 32 bits of A and B
> +;
> +; ALO * BLO
> +; ALO * BHI
> +; + BLO * AHI
> +; ---------------------
> +;
> +
> + mov eax,HIGH_PART(A)
> + mov ecx,HIGH_PART(B)
> + or ecx,eax ;test for both high dwords zero.
> + mov ecx,LOW_PART(B)
> + jnz short hard ;both are zero, just mult ALO and BLO
> +
> + mov eax,LOW_PART(A)
> + mul ecx
> +
> + ret 16 ; callee restores the stack
> +
> +hard:
> + push ebx
> +
> +; must redefine A and B since esp has been altered
> +
> +A2 EQU [esp + 8] ; stack address of a
> +B2 EQU [esp + 16] ; stack address of b
> +
> + mul ecx ;eax has AHI, ecx has BLO, so AHI * BLO
> + mov ebx,eax ;save result
> +
> + mov eax,LOW_PART(A2)
> + mul dword ptr HIGH_PART(B2) ;ALO * BHI
> + add ebx,eax ;ebx = ((ALO * BHI) + (AHI * BLO))
> +
> + mov eax,LOW_PART(A2);ecx = BLO
> + mul ecx ;so edx:eax = ALO*BLO
> + add edx,ebx ;now edx has all the LO*HI stuff
> +
> + pop ebx
> +
> + ret 16 ; callee restores the stack
> +
> +_allmul ENDP
> +
> + end
> diff --git a/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
> b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
> new file mode 100644
> index 000000000000..ab8294580f16
> --- /dev/null
> +++ b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
> @@ -0,0 +1,78 @@
> +;***
> +;llshr.asm - long shift right
> +;
> +; Copyright (c) Microsoft Corporation. All rights reserved.
> +; SPDX-License-Identifier: BSD-2-Clause-Patent
> +;
> +;Purpose:
> +; define signed long shift right routine
> +; __allshr
> +;
> +;Original Implemenation: MSVC 14.12.25827
> +;
> +;***************************************************************
> ****************
> + .686
> + .model flat,C
> + .code
> +
> +
> +
> +;***
> +;llshr - long shift right
> +;
> +;Purpose:
> +; Does a signed Long Shift Right
> +; Shifts a long right any number of bits.
> +;
> +;Entry:
> +; EDX:EAX - long value to be shifted
> +; CL - number of bits to shift by
> +;
> +;Exit:
> +; EDX:EAX - shifted value
> +;
> +;Uses:
> +; CL is destroyed.
> +;
> +;Exceptions:
> +;
> +;***************************************************************
> ****************
> +_allshr PROC NEAR
> +
> +;
> +; Handle shifts of 64 bits or more (if shifting 64 bits or more, the result
> +; depends only on the high order bit of edx).
> +;
> + cmp cl,64
> + jae short RETSIGN
> +
> +;
> +; Handle shifts of between 0 and 31 bits
> +;
> + cmp cl, 32
> + jae short MORE32
> + shrd eax,edx,cl
> + sar edx,cl
> + ret
> +
> +;
> +; Handle shifts of between 32 and 63 bits
> +;
> +MORE32:
> + mov eax,edx
> + sar edx,31
> + and cl,31
> + sar eax,cl
> + ret
> +
> +;
> +; Return double precision 0 or -1, depending on the sign of edx
> +;
> +RETSIGN:
> + sar edx,31
> + mov eax,edx
> + ret
> +
> +_allshr ENDP
> +
> + end
> diff --git a/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> index fcbb93316cf7..86e74b57b109 100644
> --- a/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> +++ b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> @@ -30,6 +30,8 @@
> Ia32/MathLShiftS64.c | MSFT
> Ia32/MathRShiftU64.c | MSFT
> Ia32/MathFtol.c | MSFT
> + Ia32/MathLlmul.asm | MSFT
> + Ia32/MathLlshr.asm | MSFT
>
> Ia32/MathLShiftS64.c | INTEL
> Ia32/MathRShiftU64.c | INTEL
> --
> 2.33.0.windows.2
>
>
>
>
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows
2022-04-18 15:24 ` [edk2-devel] " Michael D Kinney
@ 2022-04-19 1:14 ` yi1 li
0 siblings, 0 replies; 13+ messages in thread
From: yi1 li @ 2022-04-19 1:14 UTC (permalink / raw)
To: Kinney, Michael D, devel@edk2.groups.io, Gerd Hoffmann
Hi Mike,
This is a wrong email sequence due to my mishandling, sorry for confusing, please ignore this patch.
-----Original Message-----
From: Kinney, Michael D <michael.d.kinney@intel.com>
Sent: Monday, April 18, 2022 11:24 PM
To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com>; Gerd Hoffmann <kraxel@redhat.com>; Kinney, Michael D <michael.d.kinney@intel.com>
Subject: RE: [edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows
There are other patch series to move intrinsics to the MdePkg for OpenSSL 3.0 enabling.
I recommend you work with Gerd on the intrinsic topic.
Mike
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of yi1 li
> Sent: Monday, April 18, 2022 6:03 AM
> To: devel@edk2.groups.io
> Cc: Li, Yi1 <yi1.li@intel.com>
> Subject: [edk2-devel] [PATCH 1/4] CryptoPkg: Add instrinsics to
> support building ECC on IA32 windows
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
>
> This dependency is needed to build openssl lib with ECC ciphers under
> IA32 Windows and adds implementation for _allmul and _allshr
> instrinsics.
>
> It is taken from Project Mu:
> microsoft/mu_basecore@b55b341
>
> Signed-off-by: yi1 li <yi1.li@intel.com>
> ---
> .../Library/IntrinsicLib/Ia32/MathLlmul.asm | 98 +++++++++++++++++++
> .../Library/IntrinsicLib/Ia32/MathLlshr.asm | 78 +++++++++++++++
> .../Library/IntrinsicLib/IntrinsicLib.inf | 2 +
> 3 files changed, 178 insertions(+)
> create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> create mode 100644 CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
>
> diff --git a/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> new file mode 100644
> index 000000000000..341ea8a7bc0d
> --- /dev/null
> +++ b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlmul.asm
> @@ -0,0 +1,98 @@
> +;***
> +;llmul.asm - long multiply routine
> +;
> +; Copyright (c) Microsoft Corporation. All rights reserved.
> +; SPDX-License-Identifier: BSD-2-Clause-Patent
> +;
> +;Purpose:
> +; Defines long multiply routine
> +; Both signed and unsigned routines are the same, since multiply's
> +; work out the same in 2's complement
> +; creates the following routine:
> +; __allmul
> +;
> +;Original Implemenation: MSVC 14.12.25827 ;
> +;*******************************************************************************
> + .686
> + .model flat,C
> + .code
> +
> +
> +;***
> +;llmul - long multiply routine
> +;
> +;Purpose:
> +; Does a long multiply (same for signed/unsigned)
> +; Parameters are not changed.
> +;
> +;Entry:
> +; Parameters are passed on the stack:
> +; 1st pushed: multiplier (QWORD)
> +; 2nd pushed: multiplicand (QWORD)
> +;
> +;Exit:
> +; EDX:EAX - product of multiplier and multiplicand
> +; NOTE: parameters are removed from the stack
> +;
> +;Uses:
> +; ECX
> +;
> +;Exceptions:
> +;
> +;********************************************************************
> +***********
> +_allmul PROC NEAR
> +
> +A EQU [esp + 4] ; stack address of a
> +B EQU [esp + 12] ; stack address of b
> +
> +HIGH_PART EQU [4] ;
> +LOW_PART EQU [0]
> +
> +;
> +; AHI, BHI : upper 32 bits of A and B
> +; ALO, BLO : lower 32 bits of A and B
> +;
> +; ALO * BLO
> +; ALO * BHI
> +; + BLO * AHI
> +; ---------------------
> +;
> +
> + mov eax,HIGH_PART(A)
> + mov ecx,HIGH_PART(B)
> + or ecx,eax ;test for both high dwords zero.
> + mov ecx,LOW_PART(B)
> + jnz short hard ;both are zero, just mult ALO and BLO
> +
> + mov eax,LOW_PART(A)
> + mul ecx
> +
> + ret 16 ; callee restores the stack
> +
> +hard:
> + push ebx
> +
> +; must redefine A and B since esp has been altered
> +
> +A2 EQU [esp + 8] ; stack address of a
> +B2 EQU [esp + 16] ; stack address of b
> +
> + mul ecx ;eax has AHI, ecx has BLO, so AHI * BLO
> + mov ebx,eax ;save result
> +
> + mov eax,LOW_PART(A2)
> + mul dword ptr HIGH_PART(B2) ;ALO * BHI
> + add ebx,eax ;ebx = ((ALO * BHI) + (AHI * BLO))
> +
> + mov eax,LOW_PART(A2);ecx = BLO
> + mul ecx ;so edx:eax = ALO*BLO
> + add edx,ebx ;now edx has all the LO*HI stuff
> +
> + pop ebx
> +
> + ret 16 ; callee restores the stack
> +
> +_allmul ENDP
> +
> + end
> diff --git a/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
> b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
> new file mode 100644
> index 000000000000..ab8294580f16
> --- /dev/null
> +++ b/CryptoPkg/Library/IntrinsicLib/Ia32/MathLlshr.asm
> @@ -0,0 +1,78 @@
> +;***
> +;llshr.asm - long shift right
> +;
> +; Copyright (c) Microsoft Corporation. All rights reserved.
> +; SPDX-License-Identifier: BSD-2-Clause-Patent
> +;
> +;Purpose:
> +; define signed long shift right routine
> +; __allshr
> +;
> +;Original Implemenation: MSVC 14.12.25827 ;
> +;*******************************************************************************
> + .686
> + .model flat,C
> + .code
> +
> +
> +
> +;***
> +;llshr - long shift right
> +;
> +;Purpose:
> +; Does a signed Long Shift Right
> +; Shifts a long right any number of bits.
> +;
> +;Entry:
> +; EDX:EAX - long value to be shifted
> +; CL - number of bits to shift by
> +;
> +;Exit:
> +; EDX:EAX - shifted value
> +;
> +;Uses:
> +; CL is destroyed.
> +;
> +;Exceptions:
> +;
> +;********************************************************************
> +***********
> +_allshr PROC NEAR
> +
> +;
> +; Handle shifts of 64 bits or more (if shifting 64 bits or more, the
> +result ; depends only on the high order bit of edx).
> +;
> + cmp cl,64
> + jae short RETSIGN
> +
> +;
> +; Handle shifts of between 0 and 31 bits ;
> + cmp cl, 32
> + jae short MORE32
> + shrd eax,edx,cl
> + sar edx,cl
> + ret
> +
> +;
> +; Handle shifts of between 32 and 63 bits ;
> +MORE32:
> + mov eax,edx
> + sar edx,31
> + and cl,31
> + sar eax,cl
> + ret
> +
> +;
> +; Return double precision 0 or -1, depending on the sign of edx ;
> +RETSIGN:
> + sar edx,31
> + mov eax,edx
> + ret
> +
> +_allshr ENDP
> +
> + end
> diff --git a/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> index fcbb93316cf7..86e74b57b109 100644
> --- a/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> +++ b/CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> @@ -30,6 +30,8 @@
> Ia32/MathLShiftS64.c | MSFT
> Ia32/MathRShiftU64.c | MSFT
> Ia32/MathFtol.c | MSFT
> + Ia32/MathLlmul.asm | MSFT
> + Ia32/MathLlshr.asm | MSFT
>
> Ia32/MathLShiftS64.c | INTEL
> Ia32/MathRShiftU64.c | INTEL
> --
> 2.33.0.windows.2
>
>
>
>
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able
2022-04-18 13:03 ` [PATCH 3/4] CryptoPkg: Make EC source file config-able yi1 li
2022-04-18 15:21 ` [edk2-devel] " Michael D Kinney
@ 2022-04-25 15:52 ` PierreGondois
2022-04-26 2:01 ` yi1 li
1 sibling, 1 reply; 13+ messages in thread
From: PierreGondois @ 2022-04-25 15:52 UTC (permalink / raw)
To: devel, yi1.li, Jiewen Yao, bob.c.feng, Sami Mujawar
Hello Yi1, Jiewen, and Bob,
As you mentioned in the cover letter, this patch relies on the following patch
bf9230a9f3dd ("BaseTools: Add the FeatureFlagExpression usage to the Source Section")
https://github.com/tianocore/edk2/commit/bf9230a9f3dde065c3c8b4175ccd32e44e8f0362
I just wanted to signal that this patch is currently not in
https://github.com/tianocore/edk2-basetools
It is thus not in any edk2basetools python module: the latest version of the edk2-basetools python module won't support the new build feature (cf pip-requirements.txt).
Thus someone who:
-relies on the edk2basetools python module
-tries to build an edk2 module relying on OpenSSL
will have a build break.
For instance, I get the following error when building:
build -a AARCH64 -t GCC5 -p SecurityPkg/SecurityPkg.dsc
...
"[some_path]/edk2/BaseTools/Bin/gcc_aarch64_linux_extdep/bin/aarch64-none-linux-gnu-gcc" @[some_path]/Build/SbsaQemu/DEBUG_GCC5/AARCH64/CryptoPkg/Library/OpensslLib/OpensslLib/OUTPUT/cc_resp.txt -c -o [some_path]/Build/SbsaQemu/DEBUG_GCC5/AARCH64/CryptoPkg/Library/OpensslLib/OpensslLib/OUTPUT/openssl/crypto/ec/curve25519.obj [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/curve25519.c
In file included from [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/curve25519.c:11:
[some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_local.h:48:24: error: unknown type name ‘EC_GROUP’
48 | int (*group_init) (EC_GROUP *);
This is due to the build system trying to build a file in $(OPENSSL_PATH)/crypto/ec/* even though gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled is set to FALSE by default. The new Pcd feature to build files conditionally on a Pcd value is not handled yet.
The edk2 CI doesn't seem to build modules relying on OpenSSL due to the CONTINUOUS_INTEGRATION flag, explaining why the patch passed the CI I think.
I added Bob as I think he knows more about BaseTools.
Regards,
Pierre
On 4/18/22 15:03, yi1 li via groups.io wrote:
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828
>
> Use PCD gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled to config-able
> source files list in OpensslLib.inf and OpensslLibCrypto.inf.
> If PcdEcEnabled equals to FALSE, this file will not be compiled.
>
> Signed-off-by: yi1 li <yi1.li@intel.com>
> ---
> CryptoPkg/CryptoPkg.dec | 4 +
> .../Library/Include/openssl/opensslconf.h | 7 +-
> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 95 ++++++++++---------
> .../Library/OpensslLib/OpensslLibCrypto.inf | 95 ++++++++++---------
> 4 files changed, 108 insertions(+), 93 deletions(-)
>
> diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
> index 5888941bab4c..ebec64050b71 100644
> --- a/CryptoPkg/CryptoPkg.dec
> +++ b/CryptoPkg/CryptoPkg.dec
> @@ -81,5 +81,9 @@
> # @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010
> gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x00000001
>
> + ## Enable/Disable the ECC feature in openssl library. The default is disabled.
> + # If ECC feature is disabled, all related source files will not be compiled.
> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled|FALSE|BOOLEAN|0x0000003
> +
> [UserExtensions.TianoCore."ExtraFiles"]
> CryptoPkgExtra.uni
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 7ea976b2252e..1485b8c9f108 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -9,7 +9,7 @@
> * in the file LICENSE in the source distribution or at
> * https://www.openssl.org/source/license.html
> */
> -
> +#include <Library/PcdLib.h>
> #include <openssl/opensslv.h>
>
> #ifdef __cplusplus
> @@ -55,6 +55,11 @@ extern "C" {
> #ifndef OPENSSL_NO_DSA
> #define OPENSSL_NO_DSA
> #endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> + #ifndef OPENSSL_NO_EC
> +#define OPENSSL_NO_EC
> + #endif
> +#endif
> #ifndef OPENSSL_NO_IDEA
> #define OPENSSL_NO_IDEA
> #endif
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index 1d67ed55e1b1..459ac4864a4e 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -199,43 +199,43 @@
> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> $(OPENSSL_PATH)/crypto/err/err_prn.c
> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
> @@ -533,15 +533,15 @@
> $(OPENSSL_PATH)/crypto/conf/conf_local.h
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> @@ -633,6 +633,9 @@
> [LibraryClasses.ARM]
> ArmSoftFloatLib
>
> +[Pcd]
> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
> +
> [BuildOptions]
> #
> # Disables the following Visual Studio compiler warnings brought by openssl source,
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index 66ca5b1250c1..c9d69a368e3c 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -199,43 +199,43 @@
> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> $(OPENSSL_PATH)/crypto/err/err_prn.c
> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
> @@ -533,15 +533,15 @@
> $(OPENSSL_PATH)/crypto/conf/conf_local.h
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> @@ -582,6 +582,9 @@
> [LibraryClasses.ARM]
> ArmSoftFloatLib
>
> +[Pcd]
> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
> +
> [BuildOptions]
> #
> # Disables the following Visual Studio compiler warnings brought by openssl source,
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able
2022-04-25 15:52 ` PierreGondois
@ 2022-04-26 2:01 ` yi1 li
2022-04-26 8:14 ` PierreGondois
0 siblings, 1 reply; 13+ messages in thread
From: yi1 li @ 2022-04-26 2:01 UTC (permalink / raw)
To: Pierre Gondois
Cc: devel@edk2.groups.io, Yao, Jiewen, Feng, Bob C, Sami Mujawar
Hi Pierre,
Python Basetools module has enabled this feature recently, and this modules has updated to 0.17, just as pip-requirements.txt:
https://github.com/tianocore/edk2-basetools/commit/74460f5e33ef3e3790797e069095fc12003f0d00
https://github.com/tianocore/edk2/commit/c411566fad3d6d61a97edfa6e97a91688b175201
Please make sure your code is latest, and the python pip module is updated.
Regards,
Yi
-----Original Message-----
From: Pierre Gondois <pierre.gondois@arm.com>
Sent: Monday, April 25, 2022 11:53 PM
To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Feng, Bob C <bob.c.feng@intel.com>; Sami Mujawar <Sami.mujawar@arm.com>
Subject: Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able
Hello Yi1, Jiewen, and Bob,
As you mentioned in the cover letter, this patch relies on the following patch bf9230a9f3dd ("BaseTools: Add the FeatureFlagExpression usage to the Source Section")
https://github.com/tianocore/edk2/commit/bf9230a9f3dde065c3c8b4175ccd32e44e8f0362
I just wanted to signal that this patch is currently not in https://github.com/tianocore/edk2-basetools
It is thus not in any edk2basetools python module: the latest version of the edk2-basetools python module won't support the new build feature (cf pip-requirements.txt).
Thus someone who:
-relies on the edk2basetools python module -tries to build an edk2 module relying on OpenSSL will have a build break.
For instance, I get the following error when building:
build -a AARCH64 -t GCC5 -p SecurityPkg/SecurityPkg.dsc ...
"[some_path]/edk2/BaseTools/Bin/gcc_aarch64_linux_extdep/bin/aarch64-none-linux-gnu-gcc" @[some_path]/Build/SbsaQemu/DEBUG_GCC5/AARCH64/CryptoPkg/Library/OpensslLib/OpensslLib/OUTPUT/cc_resp.txt -c -o [some_path]/Build/SbsaQemu/DEBUG_GCC5/AARCH64/CryptoPkg/Library/OpensslLib/OpensslLib/OUTPUT/openssl/crypto/ec/curve25519.obj [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/curve25519.c
In file included from [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/curve25519.c:11:
[some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_local.h:48:24: error: unknown type name ‘EC_GROUP’
48 | int (*group_init) (EC_GROUP *);
This is due to the build system trying to build a file in $(OPENSSL_PATH)/crypto/ec/* even though gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled is set to FALSE by default. The new Pcd feature to build files conditionally on a Pcd value is not handled yet.
The edk2 CI doesn't seem to build modules relying on OpenSSL due to the CONTINUOUS_INTEGRATION flag, explaining why the patch passed the CI I think.
I added Bob as I think he knows more about BaseTools.
Regards,
Pierre
On 4/18/22 15:03, yi1 li via groups.io wrote:
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828
>
> Use PCD gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled to config-able source
> files list in OpensslLib.inf and OpensslLibCrypto.inf.
> If PcdEcEnabled equals to FALSE, this file will not be compiled.
>
> Signed-off-by: yi1 li <yi1.li@intel.com>
> ---
> CryptoPkg/CryptoPkg.dec | 4 +
> .../Library/Include/openssl/opensslconf.h | 7 +-
> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 95 ++++++++++---------
> .../Library/OpensslLib/OpensslLibCrypto.inf | 95 ++++++++++---------
> 4 files changed, 108 insertions(+), 93 deletions(-)
>
> diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec index
> 5888941bab4c..ebec64050b71 100644
> --- a/CryptoPkg/CryptoPkg.dec
> +++ b/CryptoPkg/CryptoPkg.dec
> @@ -81,5 +81,9 @@
> # @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010
>
> gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x00
> 000001
>
> + ## Enable/Disable the ECC feature in openssl library. The default is disabled.
> + # If ECC feature is disabled, all related source files will not be compiled.
> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled|FALSE|BOOLEAN|0x0000003
> +
> [UserExtensions.TianoCore."ExtraFiles"]
> CryptoPkgExtra.uni
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
> b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 7ea976b2252e..1485b8c9f108 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -9,7 +9,7 @@
> * in the file LICENSE in the source distribution or at
> * https://www.openssl.org/source/license.html
> */
> -
> +#include <Library/PcdLib.h>
> #include <openssl/opensslv.h>
>
> #ifdef __cplusplus
> @@ -55,6 +55,11 @@ extern "C" {
> #ifndef OPENSSL_NO_DSA
> #define OPENSSL_NO_DSA
> #endif
> +#if !FixedPcdGetBool (PcdEcEnabled)
> + #ifndef OPENSSL_NO_EC
> +#define OPENSSL_NO_EC
> + #endif
> +#endif
> #ifndef OPENSSL_NO_IDEA
> #define OPENSSL_NO_IDEA
> #endif
> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> index 1d67ed55e1b1..459ac4864a4e 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
> @@ -199,43 +199,43 @@
> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> $(OPENSSL_PATH)/crypto/err/err_prn.c
> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
> @@ -533,15 +533,15 @@
> $(OPENSSL_PATH)/crypto/conf/conf_local.h
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> @@ -633,6 +633,9 @@
> [LibraryClasses.ARM]
> ArmSoftFloatLib
>
> +[Pcd]
> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
> +
> [BuildOptions]
> #
> # Disables the following Visual Studio compiler warnings brought
> by openssl source, diff --git
> a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> index 66ca5b1250c1..c9d69a368e3c 100644
> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> @@ -199,43 +199,43 @@
> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
> $(OPENSSL_PATH)/crypto/ebcdic.c
> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/err/err.c
> $(OPENSSL_PATH)/crypto/err/err_prn.c
> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
> @@ -533,15 +533,15 @@
> $(OPENSSL_PATH)/crypto/conf/conf_local.h
> $(OPENSSL_PATH)/crypto/dh/dh_local.h
> $(OPENSSL_PATH)/crypto/dso/dso_local.h
> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
> $(OPENSSL_PATH)/crypto/evp/evp_local.h
> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
> @@ -582,6 +582,9 @@
> [LibraryClasses.ARM]
> ArmSoftFloatLib
>
> +[Pcd]
> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
> +
> [BuildOptions]
> #
> # Disables the following Visual Studio compiler warnings brought
> by openssl source,
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able
2022-04-26 2:01 ` yi1 li
@ 2022-04-26 8:14 ` PierreGondois
2022-04-26 8:33 ` Bob Feng
0 siblings, 1 reply; 13+ messages in thread
From: PierreGondois @ 2022-04-26 8:14 UTC (permalink / raw)
To: Li, Yi1; +Cc: devel@edk2.groups.io, Yao, Jiewen, Feng, Bob C, Sami Mujawar
Hi Yi1,
you are effectively correct, this was an issue in my setup.
The latest ekd2basetools package contains the FeatureFlagExpression
feature and everything works,
Regards,
Pierre
On 4/26/22 04:01, Li, Yi1 wrote:
> Hi Pierre,
>
> Python Basetools module has enabled this feature recently, and this modules has updated to 0.17, just as pip-requirements.txt:
> https://github.com/tianocore/edk2-basetools/commit/74460f5e33ef3e3790797e069095fc12003f0d00
> https://github.com/tianocore/edk2/commit/c411566fad3d6d61a97edfa6e97a91688b175201
>
> Please make sure your code is latest, and the python pip module is updated.
>
> Regards,
> Yi
>
> -----Original Message-----
> From: Pierre Gondois <pierre.gondois@arm.com>
> Sent: Monday, April 25, 2022 11:53 PM
> To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Feng, Bob C <bob.c.feng@intel.com>; Sami Mujawar <Sami.mujawar@arm.com>
> Subject: Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able
>
> Hello Yi1, Jiewen, and Bob,
>
> As you mentioned in the cover letter, this patch relies on the following patch bf9230a9f3dd ("BaseTools: Add the FeatureFlagExpression usage to the Source Section")
> https://github.com/tianocore/edk2/commit/bf9230a9f3dde065c3c8b4175ccd32e44e8f0362
>
> I just wanted to signal that this patch is currently not in https://github.com/tianocore/edk2-basetools
> It is thus not in any edk2basetools python module: the latest version of the edk2-basetools python module won't support the new build feature (cf pip-requirements.txt).
> Thus someone who:
> -relies on the edk2basetools python module -tries to build an edk2 module relying on OpenSSL will have a build break.
>
> For instance, I get the following error when building:
> build -a AARCH64 -t GCC5 -p SecurityPkg/SecurityPkg.dsc ...
> "[some_path]/edk2/BaseTools/Bin/gcc_aarch64_linux_extdep/bin/aarch64-none-linux-gnu-gcc" @[some_path]/Build/SbsaQemu/DEBUG_GCC5/AARCH64/CryptoPkg/Library/OpensslLib/OpensslLib/OUTPUT/cc_resp.txt -c -o [some_path]/Build/SbsaQemu/DEBUG_GCC5/AARCH64/CryptoPkg/Library/OpensslLib/OpensslLib/OUTPUT/openssl/crypto/ec/curve25519.obj [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/curve25519.c
> In file included from [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/curve25519.c:11:
> [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_local.h:48:24: error: unknown type name ‘EC_GROUP’
> 48 | int (*group_init) (EC_GROUP *);
>
> This is due to the build system trying to build a file in $(OPENSSL_PATH)/crypto/ec/* even though gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled is set to FALSE by default. The new Pcd feature to build files conditionally on a Pcd value is not handled yet.
> The edk2 CI doesn't seem to build modules relying on OpenSSL due to the CONTINUOUS_INTEGRATION flag, explaining why the patch passed the CI I think.
>
> I added Bob as I think he knows more about BaseTools.
>
> Regards,
> Pierre
>
> On 4/18/22 15:03, yi1 li via groups.io wrote:
>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828
>>
>> Use PCD gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled to config-able source
>> files list in OpensslLib.inf and OpensslLibCrypto.inf.
>> If PcdEcEnabled equals to FALSE, this file will not be compiled.
>>
>> Signed-off-by: yi1 li <yi1.li@intel.com>
>> ---
>> CryptoPkg/CryptoPkg.dec | 4 +
>> .../Library/Include/openssl/opensslconf.h | 7 +-
>> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 95 ++++++++++---------
>> .../Library/OpensslLib/OpensslLibCrypto.inf | 95 ++++++++++---------
>> 4 files changed, 108 insertions(+), 93 deletions(-)
>>
>> diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec index
>> 5888941bab4c..ebec64050b71 100644
>> --- a/CryptoPkg/CryptoPkg.dec
>> +++ b/CryptoPkg/CryptoPkg.dec
>> @@ -81,5 +81,9 @@
>> # @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010
>>
>> gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x00
>> 000001
>>
>> + ## Enable/Disable the ECC feature in openssl library. The default is disabled.
>> + # If ECC feature is disabled, all related source files will not be compiled.
>> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled|FALSE|BOOLEAN|0x0000003
>> +
>> [UserExtensions.TianoCore."ExtraFiles"]
>> CryptoPkgExtra.uni
>> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
>> b/CryptoPkg/Library/Include/openssl/opensslconf.h
>> index 7ea976b2252e..1485b8c9f108 100644
>> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
>> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
>> @@ -9,7 +9,7 @@
>> * in the file LICENSE in the source distribution or at
>> * https://www.openssl.org/source/license.html
>> */
>> -
>> +#include <Library/PcdLib.h>
>> #include <openssl/opensslv.h>
>>
>> #ifdef __cplusplus
>> @@ -55,6 +55,11 @@ extern "C" {
>> #ifndef OPENSSL_NO_DSA
>> #define OPENSSL_NO_DSA
>> #endif
>> +#if !FixedPcdGetBool (PcdEcEnabled)
>> + #ifndef OPENSSL_NO_EC
>> +#define OPENSSL_NO_EC
>> + #endif
>> +#endif
>> #ifndef OPENSSL_NO_IDEA
>> #define OPENSSL_NO_IDEA
>> #endif
>> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> index 1d67ed55e1b1..459ac4864a4e 100644
>> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> @@ -199,43 +199,43 @@
>> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
>> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
>> $(OPENSSL_PATH)/crypto/ebcdic.c
>> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
>> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
>> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
>> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> $(OPENSSL_PATH)/crypto/err/err.c
>> $(OPENSSL_PATH)/crypto/err/err_prn.c
>> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
>> @@ -533,15 +533,15 @@
>> $(OPENSSL_PATH)/crypto/conf/conf_local.h
>> $(OPENSSL_PATH)/crypto/dh/dh_local.h
>> $(OPENSSL_PATH)/crypto/dso/dso_local.h
>> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
>> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> $(OPENSSL_PATH)/crypto/evp/evp_local.h
>> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
>> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
>> @@ -633,6 +633,9 @@
>> [LibraryClasses.ARM]
>> ArmSoftFloatLib
>>
>> +[Pcd]
>> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
>> +
>> [BuildOptions]
>> #
>> # Disables the following Visual Studio compiler warnings brought
>> by openssl source, diff --git
>> a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
>> b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
>> index 66ca5b1250c1..c9d69a368e3c 100644
>> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
>> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
>> @@ -199,43 +199,43 @@
>> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
>> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
>> $(OPENSSL_PATH)/crypto/ebcdic.c
>> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
>> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
>> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
>> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> $(OPENSSL_PATH)/crypto/err/err.c
>> $(OPENSSL_PATH)/crypto/err/err_prn.c
>> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
>> @@ -533,15 +533,15 @@
>> $(OPENSSL_PATH)/crypto/conf/conf_local.h
>> $(OPENSSL_PATH)/crypto/dh/dh_local.h
>> $(OPENSSL_PATH)/crypto/dso/dso_local.h
>> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
>> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> $(OPENSSL_PATH)/crypto/evp/evp_local.h
>> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
>> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
>> @@ -582,6 +582,9 @@
>> [LibraryClasses.ARM]
>> ArmSoftFloatLib
>>
>> +[Pcd]
>> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
>> +
>> [BuildOptions]
>> #
>> # Disables the following Visual Studio compiler warnings brought
>> by openssl source,
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able
2022-04-26 8:14 ` PierreGondois
@ 2022-04-26 8:33 ` Bob Feng
0 siblings, 0 replies; 13+ messages in thread
From: Bob Feng @ 2022-04-26 8:33 UTC (permalink / raw)
To: Pierre Gondois, Li, Yi1; +Cc: devel@edk2.groups.io, Yao, Jiewen, Sami Mujawar
I just the synced the Yi's recent commit f4dfec6ca1 from edk2 to edk2-basetools repo. And the edk2-basetools 0.18 was created, you can use it.
Thanks,
Bob
-----Original Message-----
From: Pierre Gondois <pierre.gondois@arm.com>
Sent: Tuesday, April 26, 2022 4:14 PM
To: Li, Yi1 <yi1.li@intel.com>
Cc: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@intel.com>; Feng, Bob C <bob.c.feng@intel.com>; Sami Mujawar <Sami.mujawar@arm.com>
Subject: Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file config-able
Hi Yi1,
you are effectively correct, this was an issue in my setup.
The latest ekd2basetools package contains the FeatureFlagExpression feature and everything works,
Regards,
Pierre
On 4/26/22 04:01, Li, Yi1 wrote:
> Hi Pierre,
>
> Python Basetools module has enabled this feature recently, and this modules has updated to 0.17, just as pip-requirements.txt:
> https://github.com/tianocore/edk2-basetools/commit/74460f5e33ef3e37907
> 97e069095fc12003f0d00
> https://github.com/tianocore/edk2/commit/c411566fad3d6d61a97edfa6e97a9
> 1688b175201
>
> Please make sure your code is latest, and the python pip module is updated.
>
> Regards,
> Yi
>
> -----Original Message-----
> From: Pierre Gondois <pierre.gondois@arm.com>
> Sent: Monday, April 25, 2022 11:53 PM
> To: devel@edk2.groups.io; Li, Yi1 <yi1.li@intel.com>; Yao, Jiewen
> <jiewen.yao@intel.com>; Feng, Bob C <bob.c.feng@intel.com>; Sami
> Mujawar <Sami.mujawar@arm.com>
> Subject: Re: [edk2-devel] [PATCH 3/4] CryptoPkg: Make EC source file
> config-able
>
> Hello Yi1, Jiewen, and Bob,
>
> As you mentioned in the cover letter, this patch relies on the
> following patch bf9230a9f3dd ("BaseTools: Add the
> FeatureFlagExpression usage to the Source Section")
> https://github.com/tianocore/edk2/commit/bf9230a9f3dde065c3c8b4175ccd3
> 2e44e8f0362
>
> I just wanted to signal that this patch is currently not in
> https://github.com/tianocore/edk2-basetools
> It is thus not in any edk2basetools python module: the latest version of the edk2-basetools python module won't support the new build feature (cf pip-requirements.txt).
> Thus someone who:
> -relies on the edk2basetools python module -tries to build an edk2 module relying on OpenSSL will have a build break.
>
> For instance, I get the following error when building:
> build -a AARCH64 -t GCC5 -p SecurityPkg/SecurityPkg.dsc ...
> "[some_path]/edk2/BaseTools/Bin/gcc_aarch64_linux_extdep/bin/aarch64-n
> one-linux-gnu-gcc"
> @[some_path]/Build/SbsaQemu/DEBUG_GCC5/AARCH64/CryptoPkg/Library/Opens
> slLib/OpensslLib/OUTPUT/cc_resp.txt -c -o
> [some_path]/Build/SbsaQemu/DEBUG_GCC5/AARCH64/CryptoPkg/Library/Openss
> lLib/OpensslLib/OUTPUT/openssl/crypto/ec/curve25519.obj
> [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/curve2
> 5519.c In file included from
> [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/curve25519.c:11:
> [some_path]/edk2/CryptoPkg/Library/OpensslLib/openssl/crypto/ec/ec_local.h:48:24: error: unknown type name ‘EC_GROUP’
> 48 | int (*group_init) (EC_GROUP *);
>
> This is due to the build system trying to build a file in $(OPENSSL_PATH)/crypto/ec/* even though gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled is set to FALSE by default. The new Pcd feature to build files conditionally on a Pcd value is not handled yet.
> The edk2 CI doesn't seem to build modules relying on OpenSSL due to the CONTINUOUS_INTEGRATION flag, explaining why the patch passed the CI I think.
>
> I added Bob as I think he knows more about BaseTools.
>
> Regards,
> Pierre
>
> On 4/18/22 15:03, yi1 li via groups.io wrote:
>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828
>>
>> Use PCD gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled to config-able
>> source files list in OpensslLib.inf and OpensslLibCrypto.inf.
>> If PcdEcEnabled equals to FALSE, this file will not be compiled.
>>
>> Signed-off-by: yi1 li <yi1.li@intel.com>
>> ---
>> CryptoPkg/CryptoPkg.dec | 4 +
>> .../Library/Include/openssl/opensslconf.h | 7 +-
>> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 95 ++++++++++---------
>> .../Library/OpensslLib/OpensslLibCrypto.inf | 95 ++++++++++---------
>> 4 files changed, 108 insertions(+), 93 deletions(-)
>>
>> diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec index
>> 5888941bab4c..ebec64050b71 100644
>> --- a/CryptoPkg/CryptoPkg.dec
>> +++ b/CryptoPkg/CryptoPkg.dec
>> @@ -81,5 +81,9 @@
>> # @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004,
>> 0x00000008, 0x00000010
>>
>> gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x0
>> 0
>> 000001
>>
>> + ## Enable/Disable the ECC feature in openssl library. The default is disabled.
>> + # If ECC feature is disabled, all related source files will not be compiled.
>> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled|FALSE|BOOLEAN|0x0000003
>> +
>> [UserExtensions.TianoCore."ExtraFiles"]
>> CryptoPkgExtra.uni
>> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
>> b/CryptoPkg/Library/Include/openssl/opensslconf.h
>> index 7ea976b2252e..1485b8c9f108 100644
>> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
>> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
>> @@ -9,7 +9,7 @@
>> * in the file LICENSE in the source distribution or at
>> * https://www.openssl.org/source/license.html
>> */
>> -
>> +#include <Library/PcdLib.h>
>> #include <openssl/opensslv.h>
>>
>> #ifdef __cplusplus
>> @@ -55,6 +55,11 @@ extern "C" {
>> #ifndef OPENSSL_NO_DSA
>> #define OPENSSL_NO_DSA
>> #endif
>> +#if !FixedPcdGetBool (PcdEcEnabled)
>> + #ifndef OPENSSL_NO_EC
>> +#define OPENSSL_NO_EC
>> + #endif
>> +#endif
>> #ifndef OPENSSL_NO_IDEA
>> #define OPENSSL_NO_IDEA
>> #endif
>> diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> index 1d67ed55e1b1..459ac4864a4e 100644
>> --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
>> @@ -199,43 +199,43 @@
>> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
>> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
>> $(OPENSSL_PATH)/crypto/ebcdic.c
>> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
>> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
>> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
>> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> $(OPENSSL_PATH)/crypto/err/err.c
>> $(OPENSSL_PATH)/crypto/err/err_prn.c
>> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
>> @@ -533,15 +533,15 @@
>> $(OPENSSL_PATH)/crypto/conf/conf_local.h
>> $(OPENSSL_PATH)/crypto/dh/dh_local.h
>> $(OPENSSL_PATH)/crypto/dso/dso_local.h
>> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
>> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> $(OPENSSL_PATH)/crypto/evp/evp_local.h
>> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
>> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
>> @@ -633,6 +633,9 @@
>> [LibraryClasses.ARM]
>> ArmSoftFloatLib
>>
>> +[Pcd]
>> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
>> +
>> [BuildOptions]
>> #
>> # Disables the following Visual Studio compiler warnings brought
>> by openssl source, diff --git
>> a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
>> b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
>> index 66ca5b1250c1..c9d69a368e3c 100644
>> --- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
>> +++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
>> @@ -199,43 +199,43 @@
>> $(OPENSSL_PATH)/crypto/dso/dso_vms.c
>> $(OPENSSL_PATH)/crypto/dso/dso_win32.c
>> $(OPENSSL_PATH)/crypto/ebcdic.c
>> - $(OPENSSL_PATH)/crypto/ec/curve25519.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
>> - $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
>> - $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_check.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_curve.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_err.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_key.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_lib.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_mult.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
>> - $(OPENSSL_PATH)/crypto/ec/ec_print.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
>> - $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
>> - $(OPENSSL_PATH)/crypto/ec/eck_prn.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
>> - $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
>> - $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
>> + $(OPENSSL_PATH)/crypto/ec/curve25519.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec2_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_ameth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_asn1.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_check.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_curve.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_cvt.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_err.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_key.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_lib.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_mult.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ec_print.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/eck_prn.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_mont.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nist.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_oct.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/ecx_meth.c |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> $(OPENSSL_PATH)/crypto/err/err.c
>> $(OPENSSL_PATH)/crypto/err/err_prn.c
>> $(OPENSSL_PATH)/crypto/evp/bio_b64.c
>> @@ -533,15 +533,15 @@
>> $(OPENSSL_PATH)/crypto/conf/conf_local.h
>> $(OPENSSL_PATH)/crypto/dh/dh_local.h
>> $(OPENSSL_PATH)/crypto/dso/dso_local.h
>> - $(OPENSSL_PATH)/crypto/ec/ec_local.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/field.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/word.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
>> - $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
>> + $(OPENSSL_PATH)/crypto/ec/ec_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/field.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/word.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> + $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled
>> $(OPENSSL_PATH)/crypto/evp/evp_local.h
>> $(OPENSSL_PATH)/crypto/hmac/hmac_local.h
>> $(OPENSSL_PATH)/crypto/lhash/lhash_local.h
>> @@ -582,6 +582,9 @@
>> [LibraryClasses.ARM]
>> ArmSoftFloatLib
>>
>> +[Pcd]
>> + gEfiCryptoPkgTokenSpaceGuid.PcdEcEnabled ## CONSUMES
>> +
>> [BuildOptions]
>> #
>> # Disables the following Visual Studio compiler warnings brought
>> by openssl source,
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2022-04-26 8:33 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-04-18 13:03 [PATCH 0/4] !!TEST Fix warnings of EC feature yi1 li
2022-04-18 13:03 ` [PATCH 1/4] CryptoPkg: Add instrinsics to support building ECC on IA32 windows yi1 li
2022-04-18 15:24 ` [edk2-devel] " Michael D Kinney
2022-04-19 1:14 ` yi1 li
2022-04-19 0:51 ` Yao, Jiewen
2022-04-18 13:03 ` [PATCH 2/4] CryptoPkg: Reconfigure OpensslLib to add EC algorithms yi1 li
2022-04-18 13:03 ` [PATCH 3/4] CryptoPkg: Make EC source file config-able yi1 li
2022-04-18 15:21 ` [edk2-devel] " Michael D Kinney
2022-04-25 15:52 ` PierreGondois
2022-04-26 2:01 ` yi1 li
2022-04-26 8:14 ` PierreGondois
2022-04-26 8:33 ` Bob Feng
2022-04-18 13:03 ` [PATCH 4/4] CryptoPkg: Add PcdEcEnabled to Base/Pei/SmmCryptLib.inf yi1 li
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox