From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web09.299.1665194991354672730 for ; Fri, 07 Oct 2022 19:09:51 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=XhCHmxgF; spf=pass (domain: intel.com, ip: 134.134.136.31, mailfrom: yi1.li@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1665194991; x=1696730991; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=TJqZtxS59pelDYqtWu2qsSP/MCuOSK0n1w6WLGWaYPw=; b=XhCHmxgFlhhrDDh4tQZqSI/34eN04/NxT0pb2D2vVw7YAfqxyPF5MI1Q tiin4gF4y3FfnDOiQ37hGLeNBkgnTrunJT1l9Ne6idUkVeOpOo14YqZ0/ FhMeX3a9nfrANfGPzBbeQdA6IBHIvH6+pnfuCv/uoaRKlkmtWsX1X6UMT m8/uu+P3a8NOVXkvXQddlxrvclzIS+RolyttdgAOSRBxHOKkuf0bm467t YOhEarKt1JWcGSuZKm3DVe/m6kKwl93oNbPv7ZEA2wEpGis+lNyzlJbPM 7cYuoOyd0glSnAon69e9hAwKOrxkVlftiJLDx2CybWdWCzR7NxDzZDzkY g==; X-IronPort-AV: E=McAfee;i="6500,9779,10493"; a="365828989" X-IronPort-AV: E=Sophos;i="5.95,168,1661842800"; d="scan'208";a="365828989" Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Oct 2022 19:09:50 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10493"; a="954275879" X-IronPort-AV: E=Sophos;i="5.95,168,1661842800"; d="scan'208";a="954275879" Received: from liyi4-desktop.ccr.corp.intel.com ([10.239.153.82]) by fmsmga005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Oct 2022 19:09:48 -0700 From: "Li, Yi" To: devel@edk2.groups.io Cc: Yi Li , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Michael D Kinney , Liming Gao Subject: [PATCH V2 0/3] CryptoPkg: Extend Tls library Date: Sat, 8 Oct 2022 10:09:36 +0800 Message-Id: X-Mailer: git-send-email 2.31.1.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3892 Review PR: https://github.com/tianocore/edk2/pull/3400 This patch sequence is used to extend Tls library, which are wrapped over OpenSSL. The implementation provides library functions for EFI DXE dirver and Protocol. All APIs passed unit test and fuzzing test, detail as: 1. Unit test: New Tls APIs tested on Intel platform as part of WIFI WPA3 feature. 2. Fuzzing test: Various Fuzz Testing are employed across the all introduced APIs, and the test is used AFL (2.52b) and Libfuzzer (clang+llvm-11.0.0) as the fuzzer, based on HBFA. Fuzzing Pass Rate is 100%; The Code Coverage of new APIs is 91%. All test case show in: https://github.com/liyi77/edk2-staging/tree/HBFA/HBFA/UefiHostFuzzTestCasePkg/TestCase/CryptoPkg V2 change: Move the newly added APIs to the end of struct PCD. Tested-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Michael D Kinney Cc: Liming Gao Signed-off-by: Yi Li Yi Li (3): MdePkg: Add Tls configuration related define CryptoPkg: Extend Tls function library CryptoPkg: Add new Tls APIs to DXE and protocol CryptoPkg/Driver/Crypto.c | 155 ++++++- CryptoPkg/Include/Library/TlsLib.h | 126 +++++- .../Pcd/PcdCryptoServiceFamilyEnable.h | 5 + .../BaseCryptLibOnProtocolPpi/CryptLib.c | 146 ++++++- CryptoPkg/Library/TlsLib/InternalTlsLib.h | 4 + CryptoPkg/Library/TlsLib/TlsConfig.c | 412 ++++++++++++++++-- CryptoPkg/Library/TlsLib/TlsProcess.c | 32 ++ CryptoPkg/Library/TlsLibNull/TlsConfigNull.c | 123 +++++- CryptoPkg/Library/TlsLibNull/TlsProcessNull.c | 23 + CryptoPkg/Private/Protocol/Crypto.h | 136 +++++- MdePkg/Include/IndustryStandard/Tls1.h | 110 +++-- 11 files changed, 1199 insertions(+), 73 deletions(-) -- 2.31.1.windows.1