From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id C92EEAC18B5 for ; Wed, 30 Aug 2023 17:49:24 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=COIe/rkfssCt34tC7Bmuvc7bt9AcxkgGggm2zcstCt4=; c=relaxed/simple; d=groups.io; h=DKIM-Filter:Message-ID:Date:MIME-Version:User-Agent:Subject:To:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1693417763; v=1; b=YHLkxlG55nB4B0k8QPYjgFx6ZhidrG0uR08WhKJpehkoMz512a5LeU4Bz/xGAU/z8YIlrdE5 CPaw8jRlNzsJj3aD7l92IPHyOtLEVIgq3tcjDopcxFP7Vw7eFK4BFDKYP1EsGfXWWY1AnShgCL7 +LxQheMRiZbG8WUdh9Q8GPJA= X-Received: by 127.0.0.2 with SMTP id 0QUsYY7687511xaC55szjlwn; Wed, 30 Aug 2023 10:49:23 -0700 X-Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by mx.groups.io with SMTP id smtpd.web11.1305.1693417762898537758 for ; Wed, 30 Aug 2023 10:49:23 -0700 X-Received: from [192.168.4.22] (unknown [47.201.241.95]) by linux.microsoft.com (Postfix) with ESMTPSA id 32EAF212A763; Wed, 30 Aug 2023 10:49:22 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 32EAF212A763 Message-ID: Date: Wed, 30 Aug 2023 13:49:21 -0400 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [edk2-devel] [edk2/add_mbedtls PATCH 0/9] *** Add HMAC/HKDF/RSA/HASH features based on Mbedtls *** To: devel@edk2.groups.io, wenxing.hou@intel.com References: <20230830075220.2070-1-wenxing.hou@intel.com> From: "Michael Kubacki" In-Reply-To: <20230830075220.2070-1-wenxing.hou@intel.com> Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,mikuback@linux.microsoft.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: sEiKSXeDW6m507j9X0hOJDpMx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=YHLkxlG5; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=linux.microsoft.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io It would be great if you could update the CryptoPkg Readme.md file for=20 this series. Thanks, Michael On 8/30/2023 3:52 AM, Wenxing Hou wrote: > *** Add BaseCryptLibMbedTls for CryptoPkg, which can be an alternative to= OpenSSL in some scenarios. There are four features in the patch: HMAC/HKDF= /RSA/HASH.*** >=20 > Wenxing Hou (9): > CryptoPkg: Add mbedtls submodule for EDKII > CryptoPkg: Add mbedtls_config and MbedTlsLib.inf > CryptoPkg: Add HMAC functions based on Mbedtls > CryptoPkg: Add HKDF functions based on Mbedtls > CryptoPkg: Add RSA functions based on Mbedtls > CryptoPkg: Add all .inf files for BaseCryptLibMbedTls > CryptoPkg: Add Null functions for building pass > CryptoPkg: Add MD5/SHA1/SHA2 functions based on Mbedtls > CryptoPkg: Add Mbedtls submodule in CI >=20 > .gitmodules | 3 + > .pytool/CISettings.py | 2 + > CryptoPkg/CryptoPkg.ci.yaml | 66 +- > CryptoPkg/CryptoPkg.dec | 4 + > CryptoPkg/CryptoPkgMbedTls.dsc | 280 ++ > .../BaseCryptLibMbedTls/BaseCryptLib.inf | 81 + > .../BaseCryptLibMbedTls/Bn/CryptBnNull.c | 520 +++ > .../Cipher/CryptAeadAesGcmNull.c | 100 + > .../BaseCryptLibMbedTls/Cipher/CryptAesNull.c | 159 + > .../BaseCryptLibMbedTls/Hash/CryptMd5.c | 234 + > .../BaseCryptLibMbedTls/Hash/CryptMd5Null.c | 163 + > .../Hash/CryptParallelHashNull.c | 40 + > .../BaseCryptLibMbedTls/Hash/CryptSha1.c | 234 + > .../BaseCryptLibMbedTls/Hash/CryptSha1Null.c | 166 + > .../BaseCryptLibMbedTls/Hash/CryptSha256.c | 227 + > .../Hash/CryptSha256Null.c | 162 + > .../BaseCryptLibMbedTls/Hash/CryptSha512.c | 447 ++ > .../Hash/CryptSha512Null.c | 275 ++ > .../BaseCryptLibMbedTls/Hash/CryptSm3Null.c | 164 + > .../BaseCryptLibMbedTls/Hmac/CryptHmac.c | 620 +++ > .../BaseCryptLibMbedTls/Hmac/CryptHmacNull.c | 359 ++ > .../BaseCryptLibMbedTls/InternalCryptLib.h | 44 + > .../BaseCryptLibMbedTls/Kdf/CryptHkdf.c | 372 ++ > .../BaseCryptLibMbedTls/Kdf/CryptHkdfNull.c | 192 + > .../BaseCryptLibMbedTls/PeiCryptLib.inf | 101 + > .../BaseCryptLibMbedTls/PeiCryptLib.uni | 25 + > .../BaseCryptLibMbedTls/Pem/CryptPemNull.c | 69 + > .../Pk/CryptAuthenticodeNull.c | 45 + > .../BaseCryptLibMbedTls/Pk/CryptDhNull.c | 150 + > .../BaseCryptLibMbedTls/Pk/CryptEcNull.c | 578 +++ > .../Pk/CryptPkcs1OaepNull.c | 51 + > .../Pk/CryptPkcs5Pbkdf2Null.c | 48 + > .../Pk/CryptPkcs7Internal.h | 83 + > .../Pk/CryptPkcs7SignNull.c | 53 + > .../Pk/CryptPkcs7VerifyEkuNull.c | 152 + > .../Pk/CryptPkcs7VerifyEkuRuntime.c | 56 + > .../Pk/CryptPkcs7VerifyNull.c | 163 + > .../Pk/CryptPkcs7VerifyRuntime.c | 38 + > .../BaseCryptLibMbedTls/Pk/CryptRsaBasic.c | 268 ++ > .../Pk/CryptRsaBasicNull.c | 121 + > .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c | 337 ++ > .../BaseCryptLibMbedTls/Pk/CryptRsaExtNull.c | 117 + > .../BaseCryptLibMbedTls/Pk/CryptRsaPss.c | 164 + > .../BaseCryptLibMbedTls/Pk/CryptRsaPssNull.c | 46 + > .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c | 231 + > .../Pk/CryptRsaPssSignNull.c | 60 + > .../BaseCryptLibMbedTls/Pk/CryptTsNull.c | 42 + > .../BaseCryptLibMbedTls/Pk/CryptX509Null.c | 753 ++++ > .../BaseCryptLibMbedTls/Rand/CryptRandNull.c | 56 + > .../BaseCryptLibMbedTls/RuntimeCryptLib.inf | 92 + > .../BaseCryptLibMbedTls/RuntimeCryptLib.uni | 22 + > .../BaseCryptLibMbedTls/SecCryptLib.inf | 84 + > .../BaseCryptLibMbedTls/SecCryptLib.uni | 17 + > .../BaseCryptLibMbedTls/SmmCryptLib.inf | 92 + > .../BaseCryptLibMbedTls/SmmCryptLib.uni | 22 + > .../SysCall/ConstantTimeClock.c | 75 + > .../BaseCryptLibMbedTls/SysCall/CrtWrapper.c | 58 + > .../SysCall/RuntimeMemAllocation.c | 462 ++ > .../SysCall/TimerWrapper.c | 198 + > .../BaseCryptLibMbedTls/TestBaseCryptLib.inf | 78 + > CryptoPkg/Library/MbedTlsLib/CrtWrapper.c | 96 + > CryptoPkg/Library/MbedTlsLib/EcSm2Null.c | 495 +++ > .../Include/mbedtls/mbedtls_config.h | 3823 +++++++++++++++++ > CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 173 + > .../Library/MbedTlsLib/MbedTlsLibFull.inf | 177 + > CryptoPkg/Library/MbedTlsLib/mbedtls | 1 + > 66 files changed, 14683 insertions(+), 3 deletions(-) > create mode 100644 CryptoPkg/CryptoPkgMbedTls.dsc > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.i= nf > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Bn/CryptBnNull= .c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAe= adAesGcmNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAe= sNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5.= c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5N= ull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptPara= llelHashNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1= .c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1= Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha2= 56.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha2= 56Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha5= 12.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha5= 12Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3N= ull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hmac/CryptHmac= .c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hmac/CryptHmac= Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptL= ib.h > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Kdf/CryptHkdf.= c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Kdf/CryptHkdfN= ull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.in= f > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.un= i > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPemNu= ll.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthen= ticodeNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptDhNull= .c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptEcNull= .c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1O= aepNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5P= bkdf2Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7I= nternal.h > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7S= ignNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7V= erifyEkuNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7V= erifyEkuRuntime.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7V= erifyNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7V= erifyRuntime.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBas= ic.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBas= icNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt= .c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt= Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss= .c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss= Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss= Sign.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss= SignNull.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTsNull= .c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509Nu= ll.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRand= Null.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLi= b.inf > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLi= b.uni > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.in= f > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.un= i > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.in= f > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.un= i > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/Consta= ntTimeClock.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/CrtWra= pper.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/Runtim= eMemAllocation.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/TimerW= rapper.c > create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptL= ib.inf > create mode 100644 CryptoPkg/Library/MbedTlsLib/CrtWrapper.c > create mode 100644 CryptoPkg/Library/MbedTlsLib/EcSm2Null.c > create mode 100644 CryptoPkg/Library/MbedTlsLib/Include/mbedtls/mbedtls= _config.h > create mode 100644 CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf > create mode 100644 CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf > create mode 160000 CryptoPkg/Library/MbedTlsLib/mbedtls >=20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108151): https://edk2.groups.io/g/devel/message/108151 Mute This Topic: https://groups.io/mt/101048094/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-