[edk2-devel] [Patch 00/12] CryptoPkg: Remove EC PCD and merge perf opt OpensslLibs
Michael D Kinney
michael.d.kinney at intel.com
Tue Oct 11 15:03:46 UTC 2022
The recent addition of the Ecliptic Curve (EC) feature and the performance
optimization features increased the complexity for platforms to integrate
and enable these features. This series simplifies the platform configuration
as much as possible and improves the ability to manage the the size impact
of cryptographic services in each FW phase. A Readme.md is also added that
provides an overview of the CryptoPkg design and features along with platform
integration recommendations.
This series also addresses private library class declarations missing from
CryptoPkg.dec and library instances not producing all the APIs defined
by the library classes. A review of the CryptoPkg EDK II meta data files identified
a number of additional cleanups. The CryptoPkg.dsc file was also updated to
improve CI coverage for future CryptoPkg changes and identified some
unit test bug fixes.
PR: https://github.com/tianocore/edk2/pull/3443
Branch: https://github.com/mdkinney/edk2/tree/CryptoPkg_RemoveEcPcd_MergeOptimizedOpensslLibs
Readme: https://github.com/mdkinney/edk2/blob/CryptoPkg_RemoveEcPcd_MergeOptimizedOpensslLibs/CryptoPkg/Readme.md
Change Summary
==============
* Document disabled/deprecated cryptographic services
* Add missing UNI files in BaseCryptLib
* Update BaseCryptLib internal functions to be STATIC and remove EFIAPI
* Add GLOBAL_REMOVE_IF_UNREFERENCED to BaseCryptLib global variables
* Fix BaseCryptLib unit tests
* Cleanup BaseCryptLib and TlsLib INF files and
* Move SysCall/inet_pton.c from BaseCryptLib to TlsLib that uses it.
* Merge 4 performance optimized INFs into OpensslLib*Accel.inf
* Remove use of PcdOpensslEcEnabled and use OpensslLibFull*.inf instead
* Add OpensslLib and IntrinsicLib to CryptoPkg.dec as private library classes
* Update all OpensslLib instances to always produce all APIs in OpensslLib class
* Move PrintLib dependency from OpensslLib INF files to BaseCryptLib INF files
* Update CryptoPkg.dsc files to provide full CI test coverage across all the
supported combinations of OpensslLib, BaseCryptLib, and TlsLib instances.
* Remove PACKAGE profile from CryptoPkg.dsc and add TARGET_UNIT_TESTS
profile. Adding TARGET_UNIT_TESTS profile is required to prevent a few unit
test artifacts being included in non unit test builds of components.
* Add CryptoPkg Readme.md with overview and platform integration details.
* Update host-based unit tests to always use OpensslLibFull.inf and add unit
test coverage for OpensslLibFullAccel.inf.
* Add Readme.md with CryptoPkg overview and platform integration
documentation
Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Jian J Wang <jian.j.wang at intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu at intel.com>
Cc: Guomin Jiang <guomin.jiang at intel.com>
Cc: Christopher Zurcher <christopher.zurcher at microsoft.com>
Cc: Rebecca Cran <quic_rcran at quicinc.com>
Cc: Ard Biesheuvel <ardb at kernel.org>
Signed-off-by: Michael D Kinney <michael.d.kinney at intel.com>
Michael D Kinney (12):
CryptoPkg: Document and disable deprecated crypto services
CryptoPkg/Library/BaseCryptLib: Add missing UNI file and fix format
CryptoPkg/Library/BaseCryptLib: Update internal functions/variables
CryptoPkg/Test/UnitTest/Library/BaseCryptLib: Unit test fixes
CryptoPkg/Library: Cleanup BaseCryptLib and TlsLib
CryptoPkg/Library/OpensslLib: Combine all performance optimized INFs
CryptoPkg/Library/OpensslLib: Produce consistent set of APIs
CryptoPkg/Library/OpensslLib: Remove PrintLib from INF files
CryptoPkg: Remove PcdOpensslEcEnabled from CryptoPkg.dec
CryptoPkg: Update DSC to improve CI test coverage
CryptoPkg: Fixed host-based unit tests
CryptoPkg: Add Readme.md
CryptoPkg/CryptoPkg.ci.yaml | 11 +-
CryptoPkg/CryptoPkg.dec | 42 +-
CryptoPkg/CryptoPkg.dsc | 460 +++++++++---
.../Pcd/PcdCryptoServiceFamilyEnable.h | 122 +--
.../Library/BaseCryptLib/BaseCryptLib.inf | 10 +-
.../Library/BaseCryptLib/BaseCryptLib.uni | 2 -
.../Library/BaseCryptLib/Hmac/CryptHmac.c | 7 +
.../Library/BaseCryptLib/Kdf/CryptHkdf.c | 5 +-
.../Library/BaseCryptLib/PeiCryptLib.inf | 8 +-
.../Library/BaseCryptLib/PeiCryptLib.uni | 2 -
.../BaseCryptLib/Pk/CryptAuthenticode.c | 2 +-
.../BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c | 3 +-
.../BaseCryptLib/Pk/CryptPkcs7VerifyEku.c | 3 +
CryptoPkg/Library/BaseCryptLib/Pk/CryptTs.c | 44 +-
.../Library/BaseCryptLib/RuntimeCryptLib.inf | 9 +-
.../Library/BaseCryptLib/RuntimeCryptLib.uni | 2 -
.../Library/BaseCryptLib/SecCryptLib.inf | 13 +-
.../{SmmCryptLib.uni => SecCryptLib.uni} | 11 +-
.../Library/BaseCryptLib/SmmCryptLib.inf | 12 -
.../Library/BaseCryptLib/SmmCryptLib.uni | 2 -
.../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 22 +-
.../Library/Include/openssl/opensslconf.h | 328 +++++++-
.../Include/openssl/opensslconf_generated.h | 333 ---------
CryptoPkg/Library/OpensslLib/EcSm2Null.c | 291 ++++++++
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 133 ++--
CryptoPkg/Library/OpensslLib/OpensslLib.uni | 10 +-
...nsslLibIa32Gcc.inf => OpensslLibAccel.inf} | 189 +++--
.../Library/OpensslLib/OpensslLibAccel.uni | 14 +
.../OpensslLib/OpensslLibConstructor.c | 6 +-
.../Library/OpensslLib/OpensslLibCrypto.inf | 185 +++--
.../Library/OpensslLib/OpensslLibCrypto.uni | 11 +-
.../{OpensslLib.inf => OpensslLibFull.inf} | 143 ++--
.../{OpensslLib.uni => OpensslLibFull.uni} | 10 +-
...sslLibIa32.inf => OpensslLibFullAccel.inf} | 192 +++--
.../OpensslLib/OpensslLibFullAccel.uni | 14 +
.../Library/OpensslLib/OpensslLibX64.inf | 706 ------------------
.../Library/OpensslLib/OpensslLibX64Gcc.inf | 706 ------------------
CryptoPkg/Library/OpensslLib/SslNull.c | 405 ++++++++++
.../SysCall/inet_pton.c | 0
CryptoPkg/Library/TlsLib/TlsConfig.c | 2 +-
CryptoPkg/Library/TlsLib/TlsLib.inf | 12 +-
CryptoPkg/Private/Library/IntrinsicLib.h | 16 +
CryptoPkg/Private/Library/OpensslLib.h | 14 +
CryptoPkg/Readme.md | 498 ++++++++++++
CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 17 +-
.../UnitTest/Library/BaseCryptLib/HmacTests.c | 17 +-
.../UnitTest/Library/BaseCryptLib/TSTests.c | 2 +-
.../TestBaseCryptLibHostAccel.inf | 55 ++
48 files changed, 2667 insertions(+), 2434 deletions(-)
copy CryptoPkg/Library/BaseCryptLib/{SmmCryptLib.uni => SecCryptLib.uni} (74%)
delete mode 100644 CryptoPkg/Library/Include/openssl/opensslconf_generated.h
create mode 100644 CryptoPkg/Library/OpensslLib/EcSm2Null.c
rename CryptoPkg/Library/OpensslLib/{OpensslLibIa32Gcc.inf => OpensslLibAccel.inf} (79%)
create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibAccel.uni
copy CryptoPkg/Library/OpensslLib/{OpensslLib.inf => OpensslLibFull.inf} (80%)
copy CryptoPkg/Library/OpensslLib/{OpensslLib.uni => OpensslLibFull.uni} (56%)
rename CryptoPkg/Library/OpensslLib/{OpensslLibIa32.inf => OpensslLibFullAccel.inf} (79%)
create mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.uni
delete mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibX64.inf
delete mode 100644 CryptoPkg/Library/OpensslLib/OpensslLibX64Gcc.inf
create mode 100644 CryptoPkg/Library/OpensslLib/SslNull.c
rename CryptoPkg/Library/{BaseCryptLib => TlsLib}/SysCall/inet_pton.c (100%)
create mode 100644 CryptoPkg/Private/Library/IntrinsicLib.h
create mode 100644 CryptoPkg/Private/Library/OpensslLib.h
create mode 100644 CryptoPkg/Readme.md
create mode 100644 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHostAccel.inf
--
2.37.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#94993): https://edk2.groups.io/g/devel/message/94993
Mute This Topic: https://groups.io/mt/94260718/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list