[PATCH 0/5] Make the MD5 disable as default setting

Gao, Zhichao

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3003
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3021

MD5 is deprecated, make it disable as default for security.
It required to set MD5 enable explicitly if the module is still
using MD5. List the modules that are still using it:
iSCSI, Hash2DxeCrypto, CryptoDxe(Pei, Smm) (with PACKAGE or ALL config).

This patch set would affact the platforms that are using iSCSI

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Zailiang Sun <zailiang.sun@intel.com>
Cc: Yi Qian <yi.qian@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Roger Feng <roger.feng@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>

Zhichao Gao (5):
NetworkPkg/Defines: Make iSCSI disable as default
NetworkPkg: Enable MD5 while enable iSCSI
SecurityPkg/dsc: Explicitly enable MD5 for package build
CryptoPkg/dsc: Enable MD5 when CRYPTO_SERVICES enable MD5
CryptoPkg: Make the MD5 disable as default for security

CryptoPkg/CryptoPkg.dsc | 3 +++
CryptoPkg/Driver/Crypto.c | 4 ++--
CryptoPkg/Include/Library/BaseCryptLib.h | 2 +-
CryptoPkg/Library/BaseCryptLib/Hash/CryptMd5.c | 2 +-
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 2 +-
NetworkPkg/Network.dsc.inc | 5 +++++
NetworkPkg/NetworkDefines.dsc.inc | 4 ++--
SecurityPkg/SecurityPkg.dsc | 2 +-
8 files changed, 16 insertions(+), 8 deletions(-)


Join devel@edk2.groups.io to automatically receive all group messages.