[edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl submodule to v3.0
Yao, Jiewen
jiewen.yao at intel.com
Fri Dec 3 16:42:08 UTC 2021
Also, assuming you have done enough test, would you please provide:
1) size difference, Including PEI, SMM, DXE.
2) performance difference, Including PEI, SMM, DXE.
3) what unit test you have done (such as each crypto API)
4) what system test you have done (such as secure boot, trusted boot)
Thank you
Yao Jiewen
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney at intel.com>
> Sent: Saturday, December 4, 2021 12:33 AM
> To: devel at edk2.groups.io; kraxel at redhat.com; Kinney, Michael D
> <michael.d.kinney at intel.com>
> Cc: Yao, Jiewen <jiewen.yao at intel.com>; Wang, Jian J <jian.j.wang at intel.com>;
> Jiang, Guomin <guomin.jiang at intel.com>; Pawel Polawski
> <ppolawsk at redhat.com>; Philippe Mathieu-Daudé <philmd at redhat.com>; Lu,
> XiaoyuX <xiaoyux.lu at intel.com>
> Subject: RE: [edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl
> submodule to v3.0
>
> Hi Gerd,
>
> Thank you for starting this work!
>
> Can you point the community as a summary of the changes/improvements in
> v3.0 and your
> take on why it is important to upgrade TianoCore.
>
> Thanks,
>
> Mike
>
> > -----Original Message-----
> > From: devel at edk2.groups.io <devel at edk2.groups.io> On Behalf Of Gerd
> Hoffmann
> > Sent: Friday, December 3, 2021 8:07 AM
> > To: devel at edk2.groups.io
> > Cc: Yao, Jiewen <jiewen.yao at intel.com>; Wang, Jian J
> <jian.j.wang at intel.com>; Jiang, Guomin <guomin.jiang at intel.com>;
> > Pawel Polawski <ppolawsk at redhat.com>; Philippe Mathieu-Daudé
> <philmd at redhat.com>; Lu, XiaoyuX <xiaoyux.lu at intel.com>; Gerd
> > Hoffmann <kraxel at redhat.com>
> > Subject: [edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl
> submodule to v3.0
> >
> > Very first take on updating openssl to 3.0.
> >
> > Some hacks are in there still, only limited testing
> > (no CI runs), so cleary not complete yet. Review
> > comments and other hints are welcome nevertheless.
> >
> > take care,
> > Gerd
> >
> > Gerd Hoffmann (24):
> > CryptoPkg/openssl: update submodule to 3.0
> > CryptoPkg/openssl: process_files.pl: drop UefiAsm.conf
> > CryptoPkg/openssl: process_files.pl: expand *.a
> > CryptoPkg/openssl: process_files.pl: set api to 1.1.1
> > CryptoPkg/openssl: process_files.pl: change config header handling
> > CryptoPkg/openssl: process_files.pl: provider headers
> > CryptoPkg/openssl: process_files.pl: skip unused files
> > CryptoPkg/openssl: process_files.pl: clean up when done
> > CryptoPkg/openssl: process_files.pl: filter out crypto/buildinf.h
> > CryptoPkg/openssl: update generated files
> > CryptoPkg/BaseCryptLib: no openssl deprecation warnings please
> > CryptoPkg/BaseCryptLib; adapt CryptSm3.c to openssl 3.0 changes.
> > CryptoPkg/BaseCryptLib: add more bio print dummies
> > CryptoPkg/openssl: adapt rand_pool.c to openssl 3.0 changes
> > CryptoPkg/openssl: add dummy file store
> > CryptoPkg/openssl: move compiler_flags to buildinf.c
> > CryptoPkg/CrtLibSupport: add fcntl.h
> > CryptoPkg/CrtLibSupport: add strstr()
> > CryptoPkg/CrtLibSupport: add INT_MIN
> > CryptoPkg/CrtLibSupport: add UINT_MAX
> > CryptoPkg/CrtLibSupport: add MODULESDIR
> > CryptoPkg/openssl: process_files.pl: copy generated der/*.c source
> > files.
> > CryptoPkg/openssl: add generated files der source files
> > [hack] turn off -Werror
> >
> > CryptoPkg/Library/OpensslLib/OpensslLib.inf | 1305 +++++----
> > .../Library/OpensslLib/OpensslLibCrypto.inf | 1220 +++++---
> > .../Library/OpensslLib/OpensslLibX64.inf | 1 +
> > .../Library/OpensslLib/OpensslLibX64Gcc.inf | 1 +
> > .../Library/BaseCryptLib/InternalCryptLib.h | 2 +
> > CryptoPkg/Library/Include/CrtLibSupport.h | 4 +
> > CryptoPkg/Library/Include/crypto/bn_conf.h | 29 +
> > CryptoPkg/Library/Include/crypto/dso_conf.h | 8 +-
> > CryptoPkg/Library/Include/fcntl.h | 9 +
> > CryptoPkg/Library/Include/openssl/asn1.h | 1128 +++++++
> > CryptoPkg/Library/Include/openssl/asn1t.h | 946 ++++++
> > CryptoPkg/Library/Include/openssl/bio.h | 884 ++++++
> > CryptoPkg/Library/Include/openssl/cmp.h | 592 ++++
> > CryptoPkg/Library/Include/openssl/cms.h | 493 ++++
> > CryptoPkg/Library/Include/openssl/conf.h | 211 ++
> > .../Library/Include/openssl/configuration.h | 286 ++
> > CryptoPkg/Library/Include/openssl/crmf.h | 227 ++
> > CryptoPkg/Library/Include/openssl/crypto.h | 556 ++++
> > CryptoPkg/Library/Include/openssl/ct.h | 573 ++++
> > CryptoPkg/Library/Include/openssl/err.h | 492 ++++
> > CryptoPkg/Library/Include/openssl/ess.h | 128 +
> > CryptoPkg/Library/Include/openssl/fipskey.h | 36 +
> > CryptoPkg/Library/Include/openssl/lhash.h | 288 ++
> > CryptoPkg/Library/Include/openssl/ocsp.h | 483 +++
> > .../Library/Include/openssl/opensslconf.h | 348 ---
> > CryptoPkg/Library/Include/openssl/opensslv.h | 114 +
> > CryptoPkg/Library/Include/openssl/pkcs12.h | 350 +++
> > CryptoPkg/Library/Include/openssl/pkcs7.h | 427 +++
> > CryptoPkg/Library/Include/openssl/safestack.h | 297 ++
> > CryptoPkg/Library/Include/openssl/srp.h | 285 ++
> > CryptoPkg/Library/Include/openssl/ssl.h | 2585 +++++++++++++++++
> > CryptoPkg/Library/Include/openssl/ui.h | 407 +++
> > CryptoPkg/Library/Include/openssl/x509.h | 1276 ++++++++
> > CryptoPkg/Library/Include/openssl/x509_vfy.h | 894 ++++++
> > CryptoPkg/Library/Include/openssl/x509v3.h | 1450 +++++++++
> > CryptoPkg/Library/Include/prov/bio.h | 32 +
> > CryptoPkg/Library/Include/prov/blake2.h | 120 +
> > CryptoPkg/Library/Include/prov/ciphercommon.h | 361 +++
> > .../Library/Include/prov/ciphercommon_aead.h | 47 +
> > .../Library/Include/prov/ciphercommon_ccm.h | 100 +
> > .../Library/Include/prov/ciphercommon_gcm.h | 129 +
> > CryptoPkg/Library/Include/prov/der_digests.h | 160 +
> > CryptoPkg/Library/Include/prov/der_dsa.h | 94 +
> > CryptoPkg/Library/Include/prov/der_ec.h | 286 ++
> > CryptoPkg/Library/Include/prov/der_ecx.h | 50 +
> > CryptoPkg/Library/Include/prov/der_rsa.h | 187 ++
> > CryptoPkg/Library/Include/prov/der_sm2.h | 37 +
> > CryptoPkg/Library/Include/prov/der_wrap.h | 46 +
> > CryptoPkg/Library/Include/prov/digestcommon.h | 123 +
> > .../Library/Include/prov/implementations.h | 516 ++++
> > CryptoPkg/Library/Include/prov/kdfexchange.h | 24 +
> > CryptoPkg/Library/Include/prov/macsignature.h | 30 +
> > CryptoPkg/Library/Include/prov/md5_sha1.h | 36 +
> > CryptoPkg/Library/Include/prov/names.h | 327 +++
> > CryptoPkg/Library/Include/prov/proverr.h | 27 +
> > CryptoPkg/Library/Include/prov/provider_ctx.h | 40 +
> > .../Library/Include/prov/provider_util.h | 138 +
> > .../Library/Include/prov/providercommon.h | 24 +
> > .../Library/Include/prov/securitycheck.h | 30 +
> > CryptoPkg/Library/Include/prov/seeding.h | 41 +
> > CryptoPkg/Library/OpensslLib/buildinf.h | 2 +-
> > .../Library/BaseCryptLib/Hash/CryptSm3.c | 14 +-
> > .../Library/BaseCryptLib/SysCall/CrtWrapper.c | 10 +
> > .../OpensslLib/{buildinf.h => buildinf.c} | 3 +-
> > .../Library/OpensslLib/der_digests_gen.c | 160 +
> > CryptoPkg/Library/OpensslLib/der_rsa_gen.c | 174 ++
> > CryptoPkg/Library/OpensslLib/der_wrap_gen.c | 46 +
> > CryptoPkg/Library/OpensslLib/ossl_store.c | 11 +
> > CryptoPkg/Library/OpensslLib/rand_pool.c | 20 +-
> > CryptoPkg/Library/OpensslLib/openssl | 2 +-
> > CryptoPkg/Library/OpensslLib/process_files.pl | 79 +-
> > 71 files changed, 20510 insertions(+), 1351 deletions(-)
> > create mode 100644 CryptoPkg/Library/Include/crypto/bn_conf.h
> > create mode 100644 CryptoPkg/Library/Include/fcntl.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/asn1.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/asn1t.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/bio.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/cmp.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/cms.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/conf.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/configuration.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/crmf.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/crypto.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ct.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/err.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ess.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/fipskey.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/lhash.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ocsp.h
> > delete mode 100644 CryptoPkg/Library/Include/openssl/opensslconf.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/opensslv.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/pkcs12.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/pkcs7.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/safestack.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/srp.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ssl.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/ui.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/x509.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/x509_vfy.h
> > create mode 100644 CryptoPkg/Library/Include/openssl/x509v3.h
> > create mode 100644 CryptoPkg/Library/Include/prov/bio.h
> > create mode 100644 CryptoPkg/Library/Include/prov/blake2.h
> > create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon.h
> > create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon_aead.h
> > create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon_ccm.h
> > create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon_gcm.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_digests.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_dsa.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_ec.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_ecx.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_rsa.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_sm2.h
> > create mode 100644 CryptoPkg/Library/Include/prov/der_wrap.h
> > create mode 100644 CryptoPkg/Library/Include/prov/digestcommon.h
> > create mode 100644 CryptoPkg/Library/Include/prov/implementations.h
> > create mode 100644 CryptoPkg/Library/Include/prov/kdfexchange.h
> > create mode 100644 CryptoPkg/Library/Include/prov/macsignature.h
> > create mode 100644 CryptoPkg/Library/Include/prov/md5_sha1.h
> > create mode 100644 CryptoPkg/Library/Include/prov/names.h
> > create mode 100644 CryptoPkg/Library/Include/prov/proverr.h
> > create mode 100644 CryptoPkg/Library/Include/prov/provider_ctx.h
> > create mode 100644 CryptoPkg/Library/Include/prov/provider_util.h
> > create mode 100644 CryptoPkg/Library/Include/prov/providercommon.h
> > create mode 100644 CryptoPkg/Library/Include/prov/securitycheck.h
> > create mode 100644 CryptoPkg/Library/Include/prov/seeding.h
> > copy CryptoPkg/Library/OpensslLib/{buildinf.h => buildinf.c} (50%)
> > create mode 100644 CryptoPkg/Library/OpensslLib/der_digests_gen.c
> > create mode 100644 CryptoPkg/Library/OpensslLib/der_rsa_gen.c
> > create mode 100644 CryptoPkg/Library/OpensslLib/der_wrap_gen.c
> >
> > --
> > 2.33.1
> >
> >
> >
> >
> >
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#84331): https://edk2.groups.io/g/devel/message/84331
Mute This Topic: https://groups.io/mt/87479913/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list