[edk2-devel] [PATCH V2 0/7] CryptoPkg: Retire the deprecated functions

Gao, Zhichao zhichao.gao at intel.com
Thu Apr 23 09:58:10 UTC 2020 

OK.

Here is the main difference VS V1:
1. do not remove the field in the internal protocol structure: 
  a)directly call an assert function and return an error value.
  b)change the related field value to 0 to indicate the function is unsupported any longer
2. remove the HMAC MD5 and HMAC SHA1
3. using OPENSSL_NO_MD4, OPENSSL_NO_RC4, OPENSSL_NO_DES to disable the build of related function. Remove the source file of MD4, ARC4, TDES, AES EBC source file in the OpensslLib.inf and OpensslLibCrypto.inf
4. do not contain the change of MD5 and SHA1 because the change need to change the platform code first. I would sent the patch after finish the change for platform code.

I know the V1 get lots of feedback about the protocol changes. See #1.

Thanks,
Zhichao

> -----Original Message-----
> From: Yao, Jiewen
> Sent: Thursday, April 23, 2020 5:31 PM
> To: devel at edk2.groups.io; Gao, Zhichao <zhichao.gao at intel.com>
> Cc: Wang, Jian J <jian.j.wang at intel.com>; Lu, XiaoyuX <xiaoyux.lu at intel.com>;
> Fu, Siyuan <siyuan.fu at intel.com>; Kinney, Michael D
> <michael.d.kinney at intel.com>; Laszlo Ersek <lersek at redhat.com>; Yao, Jiewen
> <jiewen.yao at intel.com>
> Subject: RE: [edk2-devel] [PATCH V2 0/7] CryptoPkg: Retire the deprecated
> functions
> 
> Hello
> I think there are lots of feedback in v1 patch review.
> 
> Would you please give a summary on how they are addressed in this v2 ?
> 
> 
> > -----Original Message-----
> > From: devel at edk2.groups.io <devel at edk2.groups.io> On Behalf Of Gao,
> > Zhichao
> > Sent: Thursday, April 23, 2020 4:46 PM
> > To: devel at edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang at intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu at intel.com>; Fu, Siyuan <siyuan.fu at intel.com>; Kinney,
> > Michael D <michael.d.kinney at intel.com>; Yao, Jiewen
> > <jiewen.yao at intel.com>; Laszlo Ersek <lersek at redhat.com>
> > Subject: [edk2-devel] [PATCH V2 0/7] CryptoPkg: Retire the deprecated
> > functions
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> >
> > Retire below deprecated functions:
> > MD4, ARC4, TDES, AES ECB MODE, HMAC MD5, HMAC SHA1
> >
> > Update the Crypto Driver's version to indicate the binary change.
> >
> > Cc: Jian J Wang <jian.j.wang at intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu at intel.com>
> > Cc: Siyuan Fu <siyuan.fu at intel.com>
> > Cc: Michael D Kinney <michael.d.kinney at intel.com>
> > Cc: Jiewen Yao <jiewen.yao at intel.com>
> > Cc: Laszlo Ersek <lersek at redhat.com>
> > Signed-off-by: Zhichao Gao <zhichao.gao at intel.com>
> >
> > Zhichao Gao (7):
> >   CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
> >   CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
> >   CryptoPkg/BaseCryptLib: Retire the Tdes algorithm
> >   CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm
> >   CryptoPkg/BaseCryptLib: Retire HMAC MD5 algorithm
> >   CryptoPkg/BaseCryptLib: Retire HMAC SHA1 algorithm
> >   CryptoPkg/Crypto.h: Update the version of Crypto Driver
> >
> >  CryptoPkg/CryptoPkg.dsc                       |  46 +-
> >  CryptoPkg/Driver/Crypto.c                     |  62 +--
> >  CryptoPkg/Include/Library/BaseCryptLib.h      | 481 ------------------
> >  .../Library/BaseCryptLib/BaseCryptLib.inf     |   7 +-
> >  .../Library/BaseCryptLib/Cipher/CryptAes.c    | 114 -----
> >  .../BaseCryptLib/Cipher/CryptAesNull.c        |  52 --
> >  .../Library/BaseCryptLib/Cipher/CryptArc4.c   | 205 --------
> >  .../BaseCryptLib/Cipher/CryptArc4Null.c       | 124 -----
> >  .../Library/BaseCryptLib/Cipher/CryptTdes.c   | 364 -------------
> >  .../BaseCryptLib/Cipher/CryptTdesNull.c       | 160 ------
> >  .../Library/BaseCryptLib/Hash/CryptMd4.c      | 223 --------
> >  .../Library/BaseCryptLib/Hash/CryptMd4Null.c  | 143 ------
> > .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c  | 216 --------
> >  .../BaseCryptLib/Hmac/CryptHmacMd5Null.c      | 139 -----
> >  .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c | 216 --------
> >  .../BaseCryptLib/Hmac/CryptHmacSha1Null.c     | 139 -----
> >  .../Library/BaseCryptLib/PeiCryptLib.inf      |  11 +-
> >  CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c |   7 +-
> >  .../Library/BaseCryptLib/RuntimeCryptLib.inf  |  11 +-
> >  .../Library/BaseCryptLib/SmmCryptLib.inf      |  12 +-
> >  .../BaseCryptLibNull/BaseCryptLibNull.inf     |   5 -
> >  .../BaseCryptLibNull/Cipher/CryptAesNull.c    |  52 --
> >  .../BaseCryptLibNull/Cipher/CryptArc4Null.c   | 124 -----
> >  .../BaseCryptLibNull/Cipher/CryptTdesNull.c   | 160 ------
> >  .../BaseCryptLibNull/Hash/CryptMd4Null.c      | 143 ------
> >  .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c  | 139 -----
> > .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c | 139 -----
> >  .../Library/Include/openssl/opensslconf.h     |   9 +
> >  CryptoPkg/Library/OpensslLib/OpensslLib.inf   |  28 -
> >  .../Library/OpensslLib/OpensslLibCrypto.inf   |  28 -
> >  CryptoPkg/Private/Protocol/Crypto.h           |   2 +-
> >  31 files changed, 75 insertions(+), 3486 deletions(-)  delete mode
> > 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdesNull.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> >  delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptTdesNull.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c
> >  delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c
> >
> > --
> > 2.21.0.windows.1
> >
> >
> > 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#57946): https://edk2.groups.io/g/devel/message/57946
Mute This Topic: https://groups.io/mt/73214643/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list