[edk2-devel] [PATCH v3 09/11] CryptoPkg: Add Mbedtls submodule in CI

Li, Yi yi1.li at intel.com
Wed Oct 11 08:04:20 UTC 2023 

Hello .pytools maintainers and reviewers, any comments for this patch series?

Background:
https://github.com/tianocore/edk2-staging/blob/OpenSSL11_EOL/CryptoPkg/Readme-OpenSSL3.0.md#openssl30-mbedtls-dual-mode
This patch series is needed to resolve the limitation from OpenSSL 3.0 that provider based algorithms cannot work in pre-memory phase.
There are five features based on mbedtls in the patch series: HMAC/HKDF/RSA/HASH/AES.


Thanks,
Yi

-----Original Message-----
From: Hou, Wenxing <wenxing.hou at intel.com> 
Sent: Tuesday, October 10, 2023 9:50 AM
To: devel at edk2.groups.io; sean.brogan at microsoft.com; mikuback at linux.microsoft.com; Kinney, Michael D <michael.d.kinney at intel.com>; Gao, Liming <gaoliming at byosoft.com.cn>
Cc: Li, Yi1 <yi1.li at intel.com>
Subject: RE: [edk2-devel] [PATCH v3 09/11] CryptoPkg: Add Mbedtls submodule in CI

Hi all,

Could you help me take a look at this patch? 

Thank you very much!!



Thanks.
Wenxing



-----Original Message-----
From: Hou, Wenxing
Sent: Saturday, October 7, 2023 9:39 PM
To: devel at edk2.groups.io; sean.brogan at microsoft.com; mikuback at linux.microsoft.com; Kinney, Michael D <michael.d.kinney at intel.com>; gaoliming at byosoft.com.cn
Cc: Li, Yi1 <yi1.li at intel.com>
Subject: RE: [edk2-devel] [PATCH v3 09/11] CryptoPkg: Add Mbedtls submodule in CI

Hi all,


My patch is about enabling Mbedtls. And this patch will change the pytool.

Could you review this patch for the pytool change?

Thanks
Wenxing



-----Original Message-----
From: devel at edk2.groups.io <devel at edk2.groups.io> On Behalf Of Wenxing Hou
Sent: Thursday, September 28, 2023 11:34 PM
To: devel at edk2.groups.io
Cc: Yao, Jiewen <jiewen.yao at intel.com>; Li, Yi1 <yi1.li at intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu at intel.com>; Jiang, Guomin <guomin.jiang at intel.com>
Subject: [edk2-devel] [PATCH v3 09/11] CryptoPkg: Add Mbedtls submodule in CI

Change CI for new Mbedtls submodule.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Yi Li <yi1.li at intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu at intel.com>
Cc: Guomin Jiang <guomin.jiang at intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou at intel.com>
---
 .pytool/CISettings.py                  |  2 ++
 CryptoPkg/CryptoPkg.ci.yaml            | 12 +++++++++++-
 CryptoPkg/CryptoPkg.dec                |  3 ++-
 CryptoPkg/CryptoPkg.dsc                |  8 ++++++++
 CryptoPkg/Private/Library/MbedTlsLib.h | 12 ++++++++++++
 5 files changed, 35 insertions(+), 2 deletions(-)  create mode 100644 CryptoPkg/Private/Library/MbedTlsLib.h

diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py index 6fb7342f81..c5803a877c 100644
--- a/.pytool/CISettings.py
+++ b/.pytool/CISettings.py
@@ -199,6 +199,8 @@ class Settings(CiBuildSettingsManager, UpdateSettingsManager, SetupSettingsManag
             "MdePkg/Library/BaseFdtLib/libfdt", False))         rs.append(RequiredSubmodule(             "MdePkg/Library/MipiSysTLib/mipisyst", False))+        rs.append(RequiredSubmodule(+            "CryptoPkg/Library/MbedTlsLib/mbedtls", False))         return rs      def GetName(self):diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
index 59ba56d41e..967612230d 100644
--- a/CryptoPkg/CryptoPkg.ci.yaml
+++ b/CryptoPkg/CryptoPkg.ci.yaml
@@ -38,10 +38,20 @@
             # This has OpenSSL interfaces that aren't UEFI spec compliant             "Library/BaseCryptLib/Hash/CryptParallelHash.h",             "Library/Include/fcntl.h",+            # This has Mbedtls interfaces that aren't UEFI spec compliant+            "Library/Include/stdint.h",+            "Library/Include/stubs-32.h",             # These directories contain auto-generated OpenSSL content             "Library/OpensslLib",             "Library/IntrinsicLib",-            "Library/BaseCryptLib/Pk/CryptPkcs7VerifyBase.c"+            "Library/BaseCryptLib/Pk/CryptPkcs7VerifyBase.c",+            # mbedtls+            "Library/MbedTlsLib/mbedtls",+            # This has mbedtls interfaces that aren't UEFI spec compliant+            "Library/MbedTlsLib/EcSm2Null.c",+            "Library/MbedTlsLib/CrtWrapper.c",+            "Library/MbedTlsLib/Include/mbedtls/mbedtls_config.h",+            "Library/BaseCryptLibMbedTls/SysCall"         ]     },     "CompilerPlugin": {diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
index a5fa81a338..e613b6b1ae 100644
--- a/CryptoPkg/CryptoPkg.dec
+++ b/CryptoPkg/CryptoPkg.dec
@@ -28,9 +28,9 @@
   Library/OpensslLib/OpensslGen/include   Library/OpensslLib/OpensslGen/providers/common/include   Library/MbedTlsLib/Include-  Library/MbedTlsLib/mbedtls   Library/MbedTlsLib/mbedtls/include   Library/MbedTlsLib/mbedtls/include/mbedtls+  Library/MbedTlsLib/mbedtls/library  [LibraryClasses]   ##  @libraryclass  Provides basic library functions for cryptographic primitives.@@ -49,6 +49,7 @@
   ##  @libraryclass  Provides library functions from the openssl project.   #   OpensslLib|Private/Library/OpensslLib.h+  MbedTlsLib|Private/Library/MbedTlsLib.h    ##  @libraryclass  Provides compiler intrinsic functions required to link openssl project.   #diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
index a55dcb9668..6a0104a3bb 100644
--- a/CryptoPkg/CryptoPkg.dsc
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -364,6 +364,14 @@
   CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf   CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf   CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf+  CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf+  CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.inf+  CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf+  CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf+  CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf+  CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf+  CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf+  CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf   CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf   CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf   CryptoPkg/Library/TlsLib/TlsLib.infdiff --git a/CryptoPkg/Private/Library/MbedTlsLib.h b/CryptoPkg/Private/Library/MbedTlsLib.h
new file mode 100644
index 0000000000..30517a76d3
--- /dev/null
+++ b/CryptoPkg/Private/Library/MbedTlsLib.h
@@ -0,0 +1,12 @@
+/** @file+  MbedTlsLib class with APIs from the mbedtls project++ 
+Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>+
+SPDX-License-Identifier: BSD-2-Clause-Patent++**/++#ifndef 
+MBEDTLS_LIB_H_+#define MBEDTLS_LIB_H_++#endif--
2.26.2.windows.1



-=-=-=-=-=-=
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109161): https://edk2.groups.io/g/devel/message/109161
Mute This Topic: https://groups.io/mt/101639984/6360182
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [wenxing.hou at intel.com] -=-=-=-=-=-=




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109518): https://edk2.groups.io/g/devel/message/109518
Mute This Topic: https://groups.io/mt/101816236/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list