Chris Ruffin
503344cdbd
CryptoPkg/Driver: add additional RSAES-OAEP crypto functions
...
Add new functions to CryptoPkg/Driver.
Signed-off-by: Chris Ruffin <v-chruffin@microsoft.com >
Cc: Chris Ruffin <cruffin@millcore.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2024-04-07 03:55:04 +00:00
Chris Ruffin
89ff5da9f9
CryptoPkg/BaseCryptLib: add additional RSAES-OAEP crypto functions
...
Expand the availability of the RSAES-OAEP crypto capability in
BaseCryptLib. Applications using RSA crypto functions directly from
OpensslLib can transition to BaseCryptLib to take advantage of the
shared crypto feature in CryptoDxe.
Pkcs1v2Decrypt(): decryption using DER-encoded private key
RsaOaepEncrypt(): encryption using RSA contexts
RsaOaepDecrypt(): decryption using RSA contexts
Fixes: https://bugzilla.tianocore.org/show_bug.cgi?id=4732
Gihub PR: https://github.com/tianocore/edk2/pull/5473
Signed-off-by: Chris Ruffin <v-chruffin@microsoft.com >
Cc: Chris Ruffin <cruffin@millcore.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2024-04-07 03:55:04 +00:00
Hou, Wenxing
8f698f0a64
CryptoPkg: Remove interdependence for RsaPssVerify
...
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4742
Remove interdependence for RsaPssVerify, only use original
mbedtls API.
Because APIs such as Sha512Init may be closed by the platform PCD.
And this patch optimize the hash flow.
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2024-04-01 02:48:15 +00:00
Hou, Wenxing
d402de2222
CryptoPkg: Update Md5/Sha1/Sha2 by using new mbedtls api
...
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4741
Update Md5/Sha1/Sha2 by using mbedtls 3.0 api in BaseCryptLibMbedTls,
because the old API may be deprecated when open some MACRO.
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2024-04-01 02:48:15 +00:00
Hou, Wenxing
278250045b
CryptoPkg: Update OPTIONAL location for BaseCryptLibMbedTls
...
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4740
There is a wrong usage for OPTIONAL.
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2024-04-01 02:48:15 +00:00
Hou, Wenxing
0c6d29be8b
CryptoPkg: Add dummy inttypes header to fix clang build
...
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4642
When use Mbedtls, there is a clang build error.
Add dummy inttypes header to fix clang build.
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2024-01-22 03:02:37 +00:00
Hou, Wenxing
e7cfdc5f14
CryptoPkg: Fix redefinition error of int defines
...
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4632
Move the define to stdint and add MACRO to prevent duplicate inclusion.
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2024-01-10 15:34:28 +00:00
Hou, Wenxing
e7152e6186
CryptoPkg: fix gcc build fail for CryptoPkgMbedtls
...
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4630
Enable MBEDTLS_NO_UDBL_DIVISION to fix GCC x64 build failure.
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2024-01-08 09:34:31 +00:00
Hou, Wenxing
e449451770
CryptoPkg: move define to CrtLibSupport
...
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4632
The before code will cause redefine error.
This patch move them to CrtLibSupport header.
But Openssl has already defined them internally,
need to increase support for OPENSLL_SYS_UEFI judgment.
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2024-01-04 09:50:35 +00:00
Wenxing Hou
eebd446875
CryptoPkg: Add CryptAes functions based on Mbedtls Add CryptAes APIS.
...
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2023-10-12 05:31:19 +00:00
Wenxing Hou
c5fedb030a
CryptoPkg: Add MD5/SHA1/SHA2 functions based on Mbedtls
...
Add MD5/SHA1/SHA256/SHA384/SHA512 APIs.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2023-10-12 05:31:19 +00:00
Wenxing Hou
4049ca493c
CryptoPkg: Add Null functions for building pass
...
Add Null functions to build. These feature are not supported now.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2023-10-12 05:31:19 +00:00
Wenxing Hou
b26f7dfe29
CryptoPkg: Add all .inf files for BaseCryptLibMbedTls
...
Add .inf files and other support files.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2023-10-12 05:31:19 +00:00
Wenxing Hou
97f51f2e9b
CryptoPkg: Add RSA functions based on Mbedtls
...
Add RSA APIs.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2023-10-12 05:31:19 +00:00
Wenxing Hou
60222e7eb9
CryptoPkg: Add HKDF functions based on Mbedtls
...
Add HKDF APIs.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2023-10-12 05:31:19 +00:00
Wenxing Hou
731aa70881
CryptoPkg: Add HMAC functions based on Mbedtls
...
Add HMAC APIS.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
2023-10-12 05:31:19 +00:00
Wenxing Hou
586f05b9de
CryptoPkg: Add mbedtls_config and MbedTlsLib.inf
...
Add MbedTlsLib support.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2023-10-12 05:31:19 +00:00
Wenxing Hou
1a79cc7d95
CryptoPkg: Add mbedtls submodule for EDKII
...
Add mbedtls 3.3.0 as submodule in CryptoPkg.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Yi Li <yi1.li@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com >
2023-10-12 05:31:19 +00:00
Gerd Hoffmann
4ddd8ac3a2
CryptoPkg/TlsLib: fix tls cipher configuration
...
Trying to configure the TLS ciphers can lead to TLS handshake failures
because TlsCipherMappingTable is not in line with the ciphers actually
supported by OpensslLib.
Fix that by removing TlsCipherMappingTable altogether. Use
SSL_get_ciphers() instead to get the stack of ciphers supported by
openssl. Name and ID of the ciphers can be queried using the
SSL_CIPHER_get_name() and SSL_CIPHER_get_protocol_id() functions,
which allows us to map IDs to names without a hard-code table.
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=2541
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Message-Id: <20231004092003.3809321-1-kraxel@redhat.com >
Reviewed-by: Laszlo Ersek <lersek@redhat.com >
Reviewed-by: Yi Li <yi1.li@intel.com >
2023-10-08 10:46:45 +00:00
Sheng Wei
24da5c2f28
CryptoPkg/BaseCryptLib: add sha384 and sha512 to ImageTimestampVerify
...
Register and initialize sha384/sha512 digest algorithms
for PKCS#7 Handling.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3413
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Jian J Wang <jian.j.wang@intel.com >
Cc: Min Xu <min.m.xu@intel.com >
Cc: Zeyi Chen <zeyi.chen@intel.com >
Cc: Fiona Wang <fiona.wang@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Cc: Michael D Kinney <michael.d.kinney@intel.com >
Signed-off-by: Sheng Wei <w.sheng@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
2023-09-07 06:12:18 +00:00
Yi Li
991515a058
CryptoPkg: remove BN and EC accel for size optimization
...
BN and EC have not been fully tested, and will greatly increase
the size of the Crypto driver(>150KB).
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
46226fb5d3
CryptoPkg: remove strcmp to syscall
...
In rare cases the platform may not provide the full IntrinsicLib.
But openssl30 build always require strcmp, provide this function by
moving it into CrtWrapper.c.
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
c0aeb92663
CryptoPkg: run configure.py to update all generated files
...
cd */edk2/CryptoPkg/Library/OpensslLib
python configure.py
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
dfa6147a79
CryptoPkg: add more dummy implement of openssl for size optimization
...
Add dummy implement of Encoder, Pkcs12 and sslserver.
OpenSSL libraries which don't need these features can include
these files to reduce the size of output.
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
2bead79cfc
CryptoPkg: add implemention of _ftol2_sse() to avoid build error
...
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
b2ff8e45db
CryptoPkg: add define of maximum unsigned size_t
...
Used by openssl30 source code.
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
4b5faa5775
CryptoPkg: add missing gcc instructions
...
Used when build IA32 CryptoPkg by gcc, the definition of the
instructions can be found at:
https://gcc.gnu.org/onlinedocs/gccint/Integer-library-routines.html
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
43e0ede26b
CryptoPkg: Enable memcpy sys call in RISCV64 build
...
When build Openssl30, compiler optimization may use memcpy()
for memory copy.
Need enable it in RISCV64 build also.
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
bdf3142eb7
CryptoPkg/TlsLib: use unsigned long for ErrorCode
...
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
20193b20b5
CryptoPkg: disable C4133 warning in openssl libraries
...
Disable warning as error of C4133:
v3_genn.c(101): warning C4133: 'function': incompatible types
- from 'ASN1_TYPE *' to 'const ASN1_STRING *'.
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
bf1ff73c8c
CryptoPkg: Add instrinsics to support building openssl3 on IA32 windows
...
This dependency is needed to build openssl lib with openssl3
under IA32 Windows, so added implementation for _alldiv, _aulldiv,
_aullrem and _alldvrm instrinsics.
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
cea8e3b513
CryptoPkg: adapt 3.0 change in SslNull.c
...
Type of input params changed in openssl30.
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
ea7a37d352
CryptoPkg: use UEFI provider as default
...
Added UEFI provider which removed unused features to
optimize the size of openssl3.
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
9b9b331e0f
CryptoPkg: Move all UEFI implement of openssl to OpensslStub
...
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
5e1900f266
CryptoPkg/openssl: adapt EcSm2Null.c for openssl 3.0
...
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
174a306ccd
CryptoPkg/openssl: store dummy update for openssl 3.0
...
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
3af00aec7f
CryptoPkg/openssl: move compiler_flags to buildinf.c
...
Seems with openssl 3.0 this is used by multiple source files,
so we get duplicate symbol errors when linking. Fix that by
moving compiler_flags from header file to a source file.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
c638d1f672
CryptoPkg/openssl: adapt rand_pool.c to openssl 3.0 changes
...
Some functions have been renamed.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
eac38f74c4
CryptoPkg/TlsLib: ERR_GET_FUNC is gone
...
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
2a6dc1211f
CryptoPkg/BaseCryptLib: drop BIO_* dummy functions
...
openssl 3.0 requires a functional BIO_sprintf() implementation.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
63c8d160ae
CryptoPkg/BaseCryptLib: adapt CryptSm3.c to openssl 3.0 changes.
...
Functions have been renamed.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
84158d0ebe
CryptoPkg/BaseCryptLib: no openssl deprecation warnings please
...
Stop using deprecated interfaces is left as exercise for another day.
So please don't warn for now so -Werror builds can work.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
ac492c3ead
CryptoPkg/openssl: UefiAsm.conf update for openssl 3.0
...
New naming convention for the configs: UEFI-${efiarch}-${compiler}.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
81f5aa0700
CryptoPkg/openssl: add openssl3 configure scripts
...
Rewrite the script to configure openssl 3.0 from scratch. It's two
scripts now:
* Tiny helper script, dumping the perl configdata as json.
* Actual configure.py script, written in python, which copies over
the generated files to openssl-gen and updates the OpensslLib*.inf
file lists and build flags.
The configuration workflow has changed a bit:
* All generated files are stored in the OpensslGen directory tree.
* For ec/no-ec builds two different header files are used. Default is
the ec variant, and the new EDK2_OPENSSL_NOEC define is used to
select the no-ec build. A five line wrapper include is used to pick
the one or the other.
* For non-accel builds -DOPENSSL_NO_ASM on the command line is used
(same as before).
* For configration defines the OPENSSL_FLAGS_$(variant) variable is
used, where variant is the architecture for the accelerated builds
and 'NOASM' for the non-accelerated builds.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
7cede6d5f4
CryptoPkg/openssl: update Openssl*.inf files for openssl 3.0
...
The configure workflow as changed, see the commit adding the configure
script for details. Adapt the *.inf files to the changes. The
configuration define handling has changed a bit. The new configure
script will build a single per-arch file list, which simplifies the
Accel configs.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Yi Li
49a113a7a4
CryptoPkg/openssl: cleanup all openssl1.1.1 generated files and code
...
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com >
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Gerd Hoffmann
9d6d237c3c
CryptoPkg/openssl: update submodule to openssl-3.0.9
...
Signed-off-by: Yi Li <yi1.li@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
Acked-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Ard Biesheuvel <ardb@kernel.org >
Tested-by: Brian J. Johnson <brian.johnson@hpe.com >
Tested-by: Kenneth Lautner <klautner@microsoft.com >
2023-08-09 07:10:31 +00:00
Sheng Wei
b2de9ec5a7
CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1u
...
Cc: Jian J Wang <jian.j.wang@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Sheng Wei <w.sheng@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
2023-07-20 07:45:40 +00:00
Rebecca Cran
9165a7e95e
CryptoPkg: Delete CLANG35 and CLANG38 build flags; add CLANGDWARF flags
...
Since CLANG35 and CLANG38 toolchains have been deleted from
tools_def.template, delete the build flags for them from CryptoPkg.
Since CLANGDWARF has replaced CLANG38, add build flags for it to the
CryptoPkg .inf files.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com >
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com >
2023-05-10 10:58:16 +08:00
Yi Li
e3d2c08322
CryptoPkg: Enable DXE_CORE support in DxeCryptLib.inf
...
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4413
Make the DXE_CORE module able to call the crypto protocol,
which can reduce FV size on platforms using the Crypto Binaries.
Cc: Jian J Wang <jian.j.wang@intel.com >
Cc: Jiewen Yao <jiewen.yao@intel.com >
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com >
Cc: Guomin Jiang <guomin.jiang@intel.com >
Signed-off-by: Yi Li <yi1.li@intel.com >
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com >
2023-04-19 03:59:33 +00:00
