Re: [PATCH 1/2] Reconfigure OpensslLib to add elliptic curve chipher algorithms


Yao, Jiewen
 

Hello Vineel
May I know if you have send out v2?

-----Original Message-----
From: Vineel Kovvuri <vineelko@...>
Sent: Tuesday, October 19, 2021 4:06 AM
To: Yao, Jiewen <jiewen.yao@...>; Vineel Kovvuri
<vineel.kovvuri@...>; devel@edk2.groups.io; Sean Brogan
<sean.brogan@...>; Bret Barkelew
<Bret.Barkelew@...>; Mike Turner
<Michael.Turner@...>
Cc: Jancarlo Perez <jpere@...>
Subject: RE: [PATCH 1/2] Reconfigure OpensslLib to add elliptic curve chipher
algorithms

Hi Jiewen,

Sorry for the build break. I will fix this locally and send you the patch.

Thanks,
Vineel

-----Original Message-----
From: Yao, Jiewen <jiewen.yao@...>
Sent: Saturday, October 16, 2021 7:49 PM
To: Vineel Kovvuri <vineel.kovvuri@...>; devel@edk2.groups.io; Sean
Brogan <sean.brogan@...>; Bret Barkelew
<Bret.Barkelew@...>; Mike Turner
<Michael.Turner@...>
Cc: Vineel Kovvuri <vineelko@...>
Subject: [EXTERNAL] RE: [PATCH 1/2] Reconfigure OpensslLib to add elliptic
curve chipher algorithms

Hi
This patch fails in the P-R -
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.c
om%2Ftianocore%2Fedk2%2Fpull%2F2073&amp;data=04%7C01%7Cvineelko%4
0microsoft.com%7C5d3643d0f0ec4bb48ba608d99118b6e7%7C72f988bf86f141
af91ab2d7cd011db47%7C1%7C0%7C637700357621360496%7CUnknown%7CT
WFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXV
CI6Mn0%3D%7C1000&amp;sdata=NbiiW6sHXAfHEkkL7aBbnGlZoYXbAzmkgzeqb
biuJ6Q%3D&amp;reserved=0. Please double check.

You are encourage to try P-R by yourself before submit the patch.

Thank you
Yao Jiewen

-----Original Message-----
From: Vineel Kovvuri <vineel.kovvuri@...>
Sent: Tuesday, October 12, 2021 1:38 PM
To: devel@edk2.groups.io; Yao, Jiewen <jiewen.yao@...>;
sean.brogan@...; bret.barkelew@...;
Michael.Turner@...
Cc: Vineel Kovvuri <vineelko@...>
Subject: [PATCH 1/2] Reconfigure OpensslLib to add elliptic curve
chipher algorithms

This commit is a cherry pick of project mu's commit
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgith
ub.com%2Fmicrosoft%2Fmu_tiano_plus%2Fcommit%2F1f3b135ddc821718a78c
3&am
p;data=04%7C01%7Cvineelko%40microsoft.com%7C5d3643d0f0ec4bb48ba608
d991
18b6e7%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637700357621
360496
%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLC
JBTiI6I
k1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=OFSVeefYJN%2Bq1BgGMKAJ0
H%2B2wfX
%2Bbn%2B4rmppat62i1o%3D&amp;reserved=0
52316197889c5d3e0c2

Reconfigure OpensslLib to add elliptic curve chipher algorithms.
The only file manually changed is process_files.pl.
Running the script changes the other three files.

BugZilla:
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugz
illa.tianocore.org%2Fshow_bug.cgi%3Fid%3D3679&amp;data=04%7C01%7Cvin
ee
lko%40microsoft.com%7C5d3643d0f0ec4bb48ba608d99118b6e7%7C72f988bf8
6f14
1af91ab2d7cd011db47%7C1%7C0%7C637700357621360496%7CUnknown%7CT
WFpbGZsb
3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%
3D%
7C1000&amp;sdata=hUoZ%2F%2BTHW4aIvzk2N%2BCgtSqQ9igntGGt2vtlOgPTE
KY%3D&
amp;reserved=0

Signed-off-by: Vineel Kovvuri <vineelko@...>
---
.../Library/Include/openssl/opensslconf.h | 25 ++--------
CryptoPkg/Library/OpensslLib/OpensslLib.inf | 50 +++++++++++++++++++
.../Library/OpensslLib/OpensslLibCrypto.inf | 50 +++++++++++++++++++
CryptoPkg/Library/OpensslLib/process_files.pl | 1 -
4 files changed, 105 insertions(+), 21 deletions(-)

diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
b/CryptoPkg/Library/Include/openssl/opensslconf.h
index b8d59aebe8..09a6641ffc 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
@@ -55,9 +55,6 @@ extern "C" {
#ifndef OPENSSL_NO_DSA
# define OPENSSL_NO_DSA
#endif
-#ifndef OPENSSL_NO_EC
-# define OPENSSL_NO_EC
-#endif
#ifndef OPENSSL_NO_IDEA
# define OPENSSL_NO_IDEA
#endif
@@ -88,9 +85,6 @@ extern "C" {
#ifndef OPENSSL_NO_SEED
# define OPENSSL_NO_SEED
#endif
-#ifndef OPENSSL_NO_SM2
-# define OPENSSL_NO_SM2
-#endif
#ifndef OPENSSL_NO_SRP
# define OPENSSL_NO_SRP
#endif
@@ -154,12 +148,6 @@ extern "C" {
#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 # define
OPENSSL_NO_EC_NISTP_64_GCC_128 #endif -#ifndef OPENSSL_NO_ECDH -#
define OPENSSL_NO_ECDH -#endif -#ifndef OPENSSL_NO_ECDSA -# define
OPENSSL_NO_ECDSA -#endif #ifndef OPENSSL_NO_EGD # define
OPENSSL_NO_EGD #endif @@ -226,9 +214,6 @@ extern "C" { #ifndef
OPENSSL_NO_TESTS # define OPENSSL_NO_TESTS #endif -#ifndef
OPENSSL_NO_TLS1_3 -# define OPENSSL_NO_TLS1_3 -#endif #ifndef
OPENSSL_NO_UBSAN # define OPENSSL_NO_UBSAN #endif @@ -265,11
+250,11
@@ extern "C" {
# undef DECLARE_DEPRECATED
# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
# endif
-#elif defined(__SUNPRO_C)
-#if (__SUNPRO_C >= 0x5130)
-#undef DECLARE_DEPRECATED
-#define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
-#endif
+# elif defined(__SUNPRO_C)
+# if (__SUNPRO_C >= 0x5130)
+# undef DECLARE_DEPRECATED
+# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
+# endif
# endif
#endif

diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
index d84bde056a..bd3d9cc90f 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf
@@ -199,6 +199,43 @@
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
+ $(OPENSSL_PATH)/crypto/ec/curve25519.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
+ $(OPENSSL_PATH)/crypto/ec/ec_check.c
+ $(OPENSSL_PATH)/crypto/ec/ec_curve.c
+ $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
+ $(OPENSSL_PATH)/crypto/ec/ec_err.c
+ $(OPENSSL_PATH)/crypto/ec/ec_key.c
+ $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_lib.c
+ $(OPENSSL_PATH)/crypto/ec/ec_mult.c
+ $(OPENSSL_PATH)/crypto/ec/ec_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_print.c
+ $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
+ $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
+ $(OPENSSL_PATH)/crypto/ec/eck_prn.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
$(OPENSSL_PATH)/crypto/err/err.c
$(OPENSSL_PATH)/crypto/err/err_prn.c
$(OPENSSL_PATH)/crypto/evp/bio_b64.c
@@ -384,6 +421,10 @@
$(OPENSSL_PATH)/crypto/siphash/siphash.c
$(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
$(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_err.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c
$(OPENSSL_PATH)/crypto/sm3/m_sm3.c
$(OPENSSL_PATH)/crypto/sm3/sm3.c
$(OPENSSL_PATH)/crypto/sm4/sm4.c
@@ -496,6 +537,15 @@
$(OPENSSL_PATH)/crypto/conf/conf_local.h
$(OPENSSL_PATH)/crypto/dh/dh_local.h
$(OPENSSL_PATH)/crypto/dso/dso_local.h
+ $(OPENSSL_PATH)/crypto/ec/ec_local.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/field.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/word.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
$(OPENSSL_PATH)/crypto/evp/evp_local.h
$(OPENSSL_PATH)/crypto/hmac/hmac_local.h
$(OPENSSL_PATH)/crypto/lhash/lhash_local.h
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
index cdeed0d073..38ccf1a5b6 100644
--- a/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+++ b/CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
@@ -199,6 +199,43 @@
$(OPENSSL_PATH)/crypto/dso/dso_vms.c
$(OPENSSL_PATH)/crypto/dso/dso_win32.c
$(OPENSSL_PATH)/crypto/ebcdic.c
+ $(OPENSSL_PATH)/crypto/ec/curve25519.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_tables.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/eddsa.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/f_generic.c
+ $(OPENSSL_PATH)/crypto/ec/curve448/scalar.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ec2_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ec_ameth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_asn1.c
+ $(OPENSSL_PATH)/crypto/ec/ec_check.c
+ $(OPENSSL_PATH)/crypto/ec/ec_curve.c
+ $(OPENSSL_PATH)/crypto/ec/ec_cvt.c
+ $(OPENSSL_PATH)/crypto/ec/ec_err.c
+ $(OPENSSL_PATH)/crypto/ec/ec_key.c
+ $(OPENSSL_PATH)/crypto/ec/ec_kmeth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_lib.c
+ $(OPENSSL_PATH)/crypto/ec/ec_mult.c
+ $(OPENSSL_PATH)/crypto/ec/ec_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ec_pmeth.c
+ $(OPENSSL_PATH)/crypto/ec/ec_print.c
+ $(OPENSSL_PATH)/crypto/ec/ecdh_kdf.c
+ $(OPENSSL_PATH)/crypto/ec/ecdh_ossl.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_ossl.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_sign.c
+ $(OPENSSL_PATH)/crypto/ec/ecdsa_vrf.c
+ $(OPENSSL_PATH)/crypto/ec/eck_prn.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_mont.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nist.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp224.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp256.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistp521.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_nistputil.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_oct.c
+ $(OPENSSL_PATH)/crypto/ec/ecp_smpl.c
+ $(OPENSSL_PATH)/crypto/ec/ecx_meth.c
$(OPENSSL_PATH)/crypto/err/err.c
$(OPENSSL_PATH)/crypto/err/err_prn.c
$(OPENSSL_PATH)/crypto/evp/bio_b64.c
@@ -384,6 +421,10 @@
$(OPENSSL_PATH)/crypto/siphash/siphash.c
$(OPENSSL_PATH)/crypto/siphash/siphash_ameth.c
$(OPENSSL_PATH)/crypto/siphash/siphash_pmeth.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_crypt.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_err.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_pmeth.c
+ $(OPENSSL_PATH)/crypto/sm2/sm2_sign.c
$(OPENSSL_PATH)/crypto/sm3/m_sm3.c
$(OPENSSL_PATH)/crypto/sm3/sm3.c
$(OPENSSL_PATH)/crypto/sm4/sm4.c
@@ -496,6 +537,15 @@
$(OPENSSL_PATH)/crypto/conf/conf_local.h
$(OPENSSL_PATH)/crypto/dh/dh_local.h
$(OPENSSL_PATH)/crypto/dso/dso_local.h
+ $(OPENSSL_PATH)/crypto/ec/ec_local.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448_local.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/curve448utils.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/ed448.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/field.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/point_448.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/word.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/arch_intrinsics.h
+ $(OPENSSL_PATH)/crypto/ec/curve448/arch_32/f_impl.h
$(OPENSSL_PATH)/crypto/evp/evp_local.h
$(OPENSSL_PATH)/crypto/hmac/hmac_local.h
$(OPENSSL_PATH)/crypto/lhash/lhash_local.h
diff --git a/CryptoPkg/Library/OpensslLib/process_files.pl
b/CryptoPkg/Library/OpensslLib/process_files.pl
index 42bff05fa6..2ebfbbbca0 100755
--- a/CryptoPkg/Library/OpensslLib/process_files.pl
+++ b/CryptoPkg/Library/OpensslLib/process_files.pl
@@ -169,7 +169,6 @@ BEGIN {
"no-dgram",
"no-dsa",
"no-dynamic-engine",
- "no-ec",
"no-ec2m",
"no-engine",
"no-err",
--
2.17.1

Join devel@edk2.groups.io to automatically receive all group messages.