From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io, wenxing.hou@intel.com
Subject: Re: [edk2-devel] [edk2/add_mbedtls PATCH 0/9] *** Add HMAC/HKDF/RSA/HASH features based on Mbedtls ***
Date: Wed, 30 Aug 2023 13:49:21 -0400 [thread overview]
Message-ID: <fba4820e-cfd9-4bd2-953d-fcd4068e484a@linux.microsoft.com> (raw)
In-Reply-To: <20230830075220.2070-1-wenxing.hou@intel.com>
It would be great if you could update the CryptoPkg Readme.md file for
this series.
Thanks,
Michael
On 8/30/2023 3:52 AM, Wenxing Hou wrote:
> *** Add BaseCryptLibMbedTls for CryptoPkg, which can be an alternative to OpenSSL in some scenarios. There are four features in the patch: HMAC/HKDF/RSA/HASH.***
>
> Wenxing Hou (9):
> CryptoPkg: Add mbedtls submodule for EDKII
> CryptoPkg: Add mbedtls_config and MbedTlsLib.inf
> CryptoPkg: Add HMAC functions based on Mbedtls
> CryptoPkg: Add HKDF functions based on Mbedtls
> CryptoPkg: Add RSA functions based on Mbedtls
> CryptoPkg: Add all .inf files for BaseCryptLibMbedTls
> CryptoPkg: Add Null functions for building pass
> CryptoPkg: Add MD5/SHA1/SHA2 functions based on Mbedtls
> CryptoPkg: Add Mbedtls submodule in CI
>
> .gitmodules | 3 +
> .pytool/CISettings.py | 2 +
> CryptoPkg/CryptoPkg.ci.yaml | 66 +-
> CryptoPkg/CryptoPkg.dec | 4 +
> CryptoPkg/CryptoPkgMbedTls.dsc | 280 ++
> .../BaseCryptLibMbedTls/BaseCryptLib.inf | 81 +
> .../BaseCryptLibMbedTls/Bn/CryptBnNull.c | 520 +++
> .../Cipher/CryptAeadAesGcmNull.c | 100 +
> .../BaseCryptLibMbedTls/Cipher/CryptAesNull.c | 159 +
> .../BaseCryptLibMbedTls/Hash/CryptMd5.c | 234 +
> .../BaseCryptLibMbedTls/Hash/CryptMd5Null.c | 163 +
> .../Hash/CryptParallelHashNull.c | 40 +
> .../BaseCryptLibMbedTls/Hash/CryptSha1.c | 234 +
> .../BaseCryptLibMbedTls/Hash/CryptSha1Null.c | 166 +
> .../BaseCryptLibMbedTls/Hash/CryptSha256.c | 227 +
> .../Hash/CryptSha256Null.c | 162 +
> .../BaseCryptLibMbedTls/Hash/CryptSha512.c | 447 ++
> .../Hash/CryptSha512Null.c | 275 ++
> .../BaseCryptLibMbedTls/Hash/CryptSm3Null.c | 164 +
> .../BaseCryptLibMbedTls/Hmac/CryptHmac.c | 620 +++
> .../BaseCryptLibMbedTls/Hmac/CryptHmacNull.c | 359 ++
> .../BaseCryptLibMbedTls/InternalCryptLib.h | 44 +
> .../BaseCryptLibMbedTls/Kdf/CryptHkdf.c | 372 ++
> .../BaseCryptLibMbedTls/Kdf/CryptHkdfNull.c | 192 +
> .../BaseCryptLibMbedTls/PeiCryptLib.inf | 101 +
> .../BaseCryptLibMbedTls/PeiCryptLib.uni | 25 +
> .../BaseCryptLibMbedTls/Pem/CryptPemNull.c | 69 +
> .../Pk/CryptAuthenticodeNull.c | 45 +
> .../BaseCryptLibMbedTls/Pk/CryptDhNull.c | 150 +
> .../BaseCryptLibMbedTls/Pk/CryptEcNull.c | 578 +++
> .../Pk/CryptPkcs1OaepNull.c | 51 +
> .../Pk/CryptPkcs5Pbkdf2Null.c | 48 +
> .../Pk/CryptPkcs7Internal.h | 83 +
> .../Pk/CryptPkcs7SignNull.c | 53 +
> .../Pk/CryptPkcs7VerifyEkuNull.c | 152 +
> .../Pk/CryptPkcs7VerifyEkuRuntime.c | 56 +
> .../Pk/CryptPkcs7VerifyNull.c | 163 +
> .../Pk/CryptPkcs7VerifyRuntime.c | 38 +
> .../BaseCryptLibMbedTls/Pk/CryptRsaBasic.c | 268 ++
> .../Pk/CryptRsaBasicNull.c | 121 +
> .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c | 337 ++
> .../BaseCryptLibMbedTls/Pk/CryptRsaExtNull.c | 117 +
> .../BaseCryptLibMbedTls/Pk/CryptRsaPss.c | 164 +
> .../BaseCryptLibMbedTls/Pk/CryptRsaPssNull.c | 46 +
> .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c | 231 +
> .../Pk/CryptRsaPssSignNull.c | 60 +
> .../BaseCryptLibMbedTls/Pk/CryptTsNull.c | 42 +
> .../BaseCryptLibMbedTls/Pk/CryptX509Null.c | 753 ++++
> .../BaseCryptLibMbedTls/Rand/CryptRandNull.c | 56 +
> .../BaseCryptLibMbedTls/RuntimeCryptLib.inf | 92 +
> .../BaseCryptLibMbedTls/RuntimeCryptLib.uni | 22 +
> .../BaseCryptLibMbedTls/SecCryptLib.inf | 84 +
> .../BaseCryptLibMbedTls/SecCryptLib.uni | 17 +
> .../BaseCryptLibMbedTls/SmmCryptLib.inf | 92 +
> .../BaseCryptLibMbedTls/SmmCryptLib.uni | 22 +
> .../SysCall/ConstantTimeClock.c | 75 +
> .../BaseCryptLibMbedTls/SysCall/CrtWrapper.c | 58 +
> .../SysCall/RuntimeMemAllocation.c | 462 ++
> .../SysCall/TimerWrapper.c | 198 +
> .../BaseCryptLibMbedTls/TestBaseCryptLib.inf | 78 +
> CryptoPkg/Library/MbedTlsLib/CrtWrapper.c | 96 +
> CryptoPkg/Library/MbedTlsLib/EcSm2Null.c | 495 +++
> .../Include/mbedtls/mbedtls_config.h | 3823 +++++++++++++++++
> CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 173 +
> .../Library/MbedTlsLib/MbedTlsLibFull.inf | 177 +
> CryptoPkg/Library/MbedTlsLib/mbedtls | 1 +
> 66 files changed, 14683 insertions(+), 3 deletions(-)
> create mode 100644 CryptoPkg/CryptoPkgMbedTls.dsc
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Bn/CryptBnNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcmNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAesNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5Null.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHashNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1Null.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha256.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha256Null.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha512.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha512Null.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3Null.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hmac/CryptHmac.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hmac/CryptHmacNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Kdf/CryptHkdf.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Kdf/CryptHkdfNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.uni
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPemNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticodeNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptDhNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptEcNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1OaepNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2Null.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7SignNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyEkuNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyEkuRuntime.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyRuntime.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasic.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasicNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExtNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSignNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTsNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509Null.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.uni
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.inf
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.uni
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.uni
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/ConstantTimeClock.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/CrtWrapper.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/RuntimeMemAllocation.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/TimerWrapper.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf
> create mode 100644 CryptoPkg/Library/MbedTlsLib/CrtWrapper.c
> create mode 100644 CryptoPkg/Library/MbedTlsLib/EcSm2Null.c
> create mode 100644 CryptoPkg/Library/MbedTlsLib/Include/mbedtls/mbedtls_config.h
> create mode 100644 CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf
> create mode 100644 CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf
> create mode 160000 CryptoPkg/Library/MbedTlsLib/mbedtls
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#108151): https://edk2.groups.io/g/devel/message/108151
Mute This Topic: https://groups.io/mt/101048094/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
next prev parent reply other threads:[~2023-08-30 17:49 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-30 7:52 [edk2-devel] [edk2/add_mbedtls PATCH 0/9] *** Add HMAC/HKDF/RSA/HASH features based on Mbedtls *** Wenxing Hou
2023-08-30 7:52 ` [edk2-devel] [edk2/add_mbedtls PATCH 1/9] CryptoPkg: Add mbedtls submodule for EDKII Wenxing Hou
2023-08-30 7:52 ` [edk2-devel] [edk2/add_mbedtls PATCH 2/9] CryptoPkg: Add mbedtls_config and MbedTlsLib.inf Wenxing Hou
2023-08-30 7:52 ` [edk2-devel] [edk2/add_mbedtls PATCH 3/9] CryptoPkg: Add HMAC functions based on Mbedtls Wenxing Hou
2023-08-30 7:52 ` [edk2-devel] [edk2/add_mbedtls PATCH 4/9] CryptoPkg: Add HKDF " Wenxing Hou
2023-08-30 7:52 ` [edk2-devel] [edk2/add_mbedtls PATCH 5/9] CryptoPkg: Add RSA " Wenxing Hou
2023-08-30 7:52 ` [edk2-devel] [edk2/add_mbedtls PATCH 6/9] CryptoPkg: Add all .inf files for BaseCryptLibMbedTls Wenxing Hou
2023-08-30 7:52 ` [edk2-devel] [edk2/add_mbedtls PATCH 7/9] CryptoPkg: Add Null functions for building pass Wenxing Hou
2023-08-30 7:52 ` [edk2-devel] [edk2/add_mbedtls PATCH 8/9] CryptoPkg: Add MD5/SHA1/SHA2 functions based on Mbedtls Wenxing Hou
2023-08-30 7:52 ` [edk2-devel] [edk2/add_mbedtls PATCH 9/9] CryptoPkg: Add Mbedtls submodule in CI Wenxing Hou
2023-08-30 17:49 ` Michael Kubacki [this message]
2023-08-30 18:56 ` [edk2-devel] [edk2/add_mbedtls PATCH 0/9] *** Add HMAC/HKDF/RSA/HASH features based on Mbedtls *** Sean
2023-08-31 0:09 ` Yao, Jiewen
2023-08-31 2:34 ` Yao, Jiewen
2023-08-31 11:14 ` Leif Lindholm
2023-08-31 15:45 ` Michael D Kinney
2023-08-31 16:07 ` Yao, Jiewen
2023-08-31 17:24 ` Michael D Kinney
2023-08-31 17:52 ` Sean
2023-08-31 18:45 ` Michael D Kinney
2023-08-31 18:49 ` Sean
2023-09-04 6:04 ` Li, Yi
2023-08-31 8:25 ` Li, Yi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fba4820e-cfd9-4bd2-953d-fcd4068e484a@linux.microsoft.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox