From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mx.groups.io with SMTP id smtpd.web09.2083.1665369628245893996 for ; Sun, 09 Oct 2022 19:40:28 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=ShoYVtFy; spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: yi1.li@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1665369628; x=1696905628; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=6/ypLzQ082uU/QuFbGOUpe/7xkvyEQ7HlrieA42VDj8=; b=ShoYVtFyQ5emHn2vDP7qrLcN8geyTApjbRJr700dGZuHQX3bD1JvCLHu rf8NZeaybhU8Q3jWE5wRwASThLFxJs/LAZsyPs8dfl7Wxvaf9JRjQOYSk 3pWSBrLDp+Z8dmRXcSkk19Tzf7lqaE6H4hAX5CoQUXTvavwWnHYVD8RqD yxoC/sGl//yZJl5jKufwfIZR7NFBOvWVd6SPojG+O+4Co2/VVojw3pmPa RjbNnK/vtozeIz8FjCLMUfCMYJiiwBb/DtoR1/a+2zj/3+H9hm7eu9t29 YAMlVuTozVLBrBH+GJH/cKF58hbQOlgsCpMRJmU5UO/mdubsntlYgnNZ5 g==; X-IronPort-AV: E=McAfee;i="6500,9779,10495"; a="302861952" X-IronPort-AV: E=Sophos;i="5.95,172,1661842800"; d="scan'208";a="302861952" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Oct 2022 19:40:27 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10495"; a="576893872" X-IronPort-AV: E=Sophos;i="5.95,172,1661842800"; d="scan'208";a="576893872" Received: from liyi4-desktop.ccr.corp.intel.com ([10.239.153.82]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Oct 2022 19:40:25 -0700 From: "Li, Yi" To: devel@edk2.groups.io Cc: Yi Li , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Michael D Kinney , Liming Gao Subject: [PATCH V3 0/3] CryptoPkg: Extend Tls library Date: Mon, 10 Oct 2022 10:39:56 +0800 Message-Id: X-Mailer: git-send-email 2.31.1.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3892 Review PR: https://github.com/tianocore/edk2/pull/3400 This patch sequence is used to extend Tls library, which are wrapped over OpenSSL. The implementation provides library functions for EFI DXE dirver and Protocol. All APIs passed unit test and fuzzing test, detail as: 1. Unit test: New Tls APIs tested on Intel platform as part of WIFI WPA3 feature. 2. Fuzzing test: Various Fuzz Testing are employed across the all introduced APIs, and the test is used AFL (2.52b) and Libfuzzer (clang+llvm-11.0.0) as the fuzzer, based on HBFA. Fuzzing Pass Rate is 100%; The Code Coverage of new APIs is 91%. All test case show in: https://github.com/liyi77/edk2-staging/tree/HBFA/HBFA/UefiHostFuzzTestCasePkg/TestCase/CryptoPkg V2 change: Move the newly added APIs to the end of struct PCD. V3 change: Corrected tls specification reference and tls cipher suite names. Tested-by: Yi Li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Michael D Kinney Cc: Liming Gao Signed-off-by: Yi Li Yi Li (3): MdePkg: Add Tls configuration related define CryptoPkg: Extend Tls function library CryptoPkg: Add new Tls APIs to DXE and protocol CryptoPkg/Driver/Crypto.c | 155 +++++++- CryptoPkg/Include/Library/TlsLib.h | 126 +++++- .../Pcd/PcdCryptoServiceFamilyEnable.h | 5 + .../BaseCryptLibOnProtocolPpi/CryptLib.c | 146 ++++++- CryptoPkg/Library/TlsLib/InternalTlsLib.h | 4 + CryptoPkg/Library/TlsLib/TlsConfig.c | 366 +++++++++++++++++- CryptoPkg/Library/TlsLib/TlsProcess.c | 32 ++ CryptoPkg/Library/TlsLibNull/TlsConfigNull.c | 123 +++++- CryptoPkg/Library/TlsLibNull/TlsProcessNull.c | 23 ++ CryptoPkg/Private/Protocol/Crypto.h | 136 ++++++- MdePkg/Include/IndustryStandard/Tls1.h | 112 ++++-- 11 files changed, 1177 insertions(+), 51 deletions(-) -- 2.31.1.windows.1