Hi Gerd,
Thank you for starting this work!
Can you point the community as a summary of the changes/improvements in v3.0
and your
take on why it is important to upgrade TianoCore.
Thanks,
Mike
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd Hoffmann
> Sent: Friday, December 3, 2021 8:07 AM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen....@intel.com>; Wang, Jian J <jian.j.w...@intel.com>;
> Jiang, Guomin <guomin.ji...@intel.com>;
> Pawel Polawski <ppola...@redhat.com>; Philippe Mathieu-Daudé
> <phi...@redhat.com>; Lu, XiaoyuX <xiaoyux...@intel.com>; Gerd
> Hoffmann <kra...@redhat.com>
> Subject: [edk2-devel] [PATCH 00/24] CryptoPkg/openssl: update openssl
> submodule to v3.0
>
> Very first take on updating openssl to 3.0.
>
> Some hacks are in there still, only limited testing
> (no CI runs), so cleary not complete yet. Review
> comments and other hints are welcome nevertheless.
>
> take care,
> Gerd
>
> Gerd Hoffmann (24):
> CryptoPkg/openssl: update submodule to 3.0
> CryptoPkg/openssl: process_files.pl: drop UefiAsm.conf
> CryptoPkg/openssl: process_files.pl: expand *.a
> CryptoPkg/openssl: process_files.pl: set api to 1.1.1
> CryptoPkg/openssl: process_files.pl: change config header handling
> CryptoPkg/openssl: process_files.pl: provider headers
> CryptoPkg/openssl: process_files.pl: skip unused files
> CryptoPkg/openssl: process_files.pl: clean up when done
> CryptoPkg/openssl: process_files.pl: filter out crypto/buildinf.h
> CryptoPkg/openssl: update generated files
> CryptoPkg/BaseCryptLib: no openssl deprecation warnings please
> CryptoPkg/BaseCryptLib; adapt CryptSm3.c to openssl 3.0 changes.
> CryptoPkg/BaseCryptLib: add more bio print dummies
> CryptoPkg/openssl: adapt rand_pool.c to openssl 3.0 changes
> CryptoPkg/openssl: add dummy file store
> CryptoPkg/openssl: move compiler_flags to buildinf.c
> CryptoPkg/CrtLibSupport: add fcntl.h
> CryptoPkg/CrtLibSupport: add strstr()
> CryptoPkg/CrtLibSupport: add INT_MIN
> CryptoPkg/CrtLibSupport: add UINT_MAX
> CryptoPkg/CrtLibSupport: add MODULESDIR
> CryptoPkg/openssl: process_files.pl: copy generated der/*.c source
> files.
> CryptoPkg/openssl: add generated files der source files
> [hack] turn off -Werror
>
> CryptoPkg/Library/OpensslLib/OpensslLib.inf | 1305 +++++----
> .../Library/OpensslLib/OpensslLibCrypto.inf | 1220 +++++---
> .../Library/OpensslLib/OpensslLibX64.inf | 1 +
> .../Library/OpensslLib/OpensslLibX64Gcc.inf | 1 +
> .../Library/BaseCryptLib/InternalCryptLib.h | 2 +
> CryptoPkg/Library/Include/CrtLibSupport.h | 4 +
> CryptoPkg/Library/Include/crypto/bn_conf.h | 29 +
> CryptoPkg/Library/Include/crypto/dso_conf.h | 8 +-
> CryptoPkg/Library/Include/fcntl.h | 9 +
> CryptoPkg/Library/Include/openssl/asn1.h | 1128 +++++++
> CryptoPkg/Library/Include/openssl/asn1t.h | 946 ++++++
> CryptoPkg/Library/Include/openssl/bio.h | 884 ++++++
> CryptoPkg/Library/Include/openssl/cmp.h | 592 ++++
> CryptoPkg/Library/Include/openssl/cms.h | 493 ++++
> CryptoPkg/Library/Include/openssl/conf.h | 211 ++
> .../Library/Include/openssl/configuration.h | 286 ++
> CryptoPkg/Library/Include/openssl/crmf.h | 227 ++
> CryptoPkg/Library/Include/openssl/crypto.h | 556 ++++
> CryptoPkg/Library/Include/openssl/ct.h | 573 ++++
> CryptoPkg/Library/Include/openssl/err.h | 492 ++++
> CryptoPkg/Library/Include/openssl/ess.h | 128 +
> CryptoPkg/Library/Include/openssl/fipskey.h | 36 +
> CryptoPkg/Library/Include/openssl/lhash.h | 288 ++
> CryptoPkg/Library/Include/openssl/ocsp.h | 483 +++
> .../Library/Include/openssl/opensslconf.h | 348 ---
> CryptoPkg/Library/Include/openssl/opensslv.h | 114 +
> CryptoPkg/Library/Include/openssl/pkcs12.h | 350 +++
> CryptoPkg/Library/Include/openssl/pkcs7.h | 427 +++
> CryptoPkg/Library/Include/openssl/safestack.h | 297 ++
> CryptoPkg/Library/Include/openssl/srp.h | 285 ++
> CryptoPkg/Library/Include/openssl/ssl.h | 2585 +++++++++++++++++
> CryptoPkg/Library/Include/openssl/ui.h | 407 +++
> CryptoPkg/Library/Include/openssl/x509.h | 1276 ++++++++
> CryptoPkg/Library/Include/openssl/x509_vfy.h | 894 ++++++
> CryptoPkg/Library/Include/openssl/x509v3.h | 1450 +++++++++
> CryptoPkg/Library/Include/prov/bio.h | 32 +
> CryptoPkg/Library/Include/prov/blake2.h | 120 +
> CryptoPkg/Library/Include/prov/ciphercommon.h | 361 +++
> .../Library/Include/prov/ciphercommon_aead.h | 47 +
> .../Library/Include/prov/ciphercommon_ccm.h | 100 +
> .../Library/Include/prov/ciphercommon_gcm.h | 129 +
> CryptoPkg/Library/Include/prov/der_digests.h | 160 +
> CryptoPkg/Library/Include/prov/der_dsa.h | 94 +
> CryptoPkg/Library/Include/prov/der_ec.h | 286 ++
> CryptoPkg/Library/Include/prov/der_ecx.h | 50 +
> CryptoPkg/Library/Include/prov/der_rsa.h | 187 ++
> CryptoPkg/Library/Include/prov/der_sm2.h | 37 +
> CryptoPkg/Library/Include/prov/der_wrap.h | 46 +
> CryptoPkg/Library/Include/prov/digestcommon.h | 123 +
> .../Library/Include/prov/implementations.h | 516 ++++
> CryptoPkg/Library/Include/prov/kdfexchange.h | 24 +
> CryptoPkg/Library/Include/prov/macsignature.h | 30 +
> CryptoPkg/Library/Include/prov/md5_sha1.h | 36 +
> CryptoPkg/Library/Include/prov/names.h | 327 +++
> CryptoPkg/Library/Include/prov/proverr.h | 27 +
> CryptoPkg/Library/Include/prov/provider_ctx.h | 40 +
> .../Library/Include/prov/provider_util.h | 138 +
> .../Library/Include/prov/providercommon.h | 24 +
> .../Library/Include/prov/securitycheck.h | 30 +
> CryptoPkg/Library/Include/prov/seeding.h | 41 +
> CryptoPkg/Library/OpensslLib/buildinf.h | 2 +-
> .../Library/BaseCryptLib/Hash/CryptSm3.c | 14 +-
> .../Library/BaseCryptLib/SysCall/CrtWrapper.c | 10 +
> .../OpensslLib/{buildinf.h => buildinf.c} | 3 +-
> .../Library/OpensslLib/der_digests_gen.c | 160 +
> CryptoPkg/Library/OpensslLib/der_rsa_gen.c | 174 ++
> CryptoPkg/Library/OpensslLib/der_wrap_gen.c | 46 +
> CryptoPkg/Library/OpensslLib/ossl_store.c | 11 +
> CryptoPkg/Library/OpensslLib/rand_pool.c | 20 +-
> CryptoPkg/Library/OpensslLib/openssl | 2 +-
> CryptoPkg/Library/OpensslLib/process_files.pl | 79 +-
> 71 files changed, 20510 insertions(+), 1351 deletions(-)
> create mode 100644 CryptoPkg/Library/Include/crypto/bn_conf.h
> create mode 100644 CryptoPkg/Library/Include/fcntl.h
> create mode 100644 CryptoPkg/Library/Include/openssl/asn1.h
> create mode 100644 CryptoPkg/Library/Include/openssl/asn1t.h
> create mode 100644 CryptoPkg/Library/Include/openssl/bio.h
> create mode 100644 CryptoPkg/Library/Include/openssl/cmp.h
> create mode 100644 CryptoPkg/Library/Include/openssl/cms.h
> create mode 100644 CryptoPkg/Library/Include/openssl/conf.h
> create mode 100644 CryptoPkg/Library/Include/openssl/configuration.h
> create mode 100644 CryptoPkg/Library/Include/openssl/crmf.h
> create mode 100644 CryptoPkg/Library/Include/openssl/crypto.h
> create mode 100644 CryptoPkg/Library/Include/openssl/ct.h
> create mode 100644 CryptoPkg/Library/Include/openssl/err.h
> create mode 100644 CryptoPkg/Library/Include/openssl/ess.h
> create mode 100644 CryptoPkg/Library/Include/openssl/fipskey.h
> create mode 100644 CryptoPkg/Library/Include/openssl/lhash.h
> create mode 100644 CryptoPkg/Library/Include/openssl/ocsp.h
> delete mode 100644 CryptoPkg/Library/Include/openssl/opensslconf.h
> create mode 100644 CryptoPkg/Library/Include/openssl/opensslv.h
> create mode 100644 CryptoPkg/Library/Include/openssl/pkcs12.h
> create mode 100644 CryptoPkg/Library/Include/openssl/pkcs7.h
> create mode 100644 CryptoPkg/Library/Include/openssl/safestack.h
> create mode 100644 CryptoPkg/Library/Include/openssl/srp.h
> create mode 100644 CryptoPkg/Library/Include/openssl/ssl.h
> create mode 100644 CryptoPkg/Library/Include/openssl/ui.h
> create mode 100644 CryptoPkg/Library/Include/openssl/x509.h
> create mode 100644 CryptoPkg/Library/Include/openssl/x509_vfy.h
> create mode 100644 CryptoPkg/Library/Include/openssl/x509v3.h
> create mode 100644 CryptoPkg/Library/Include/prov/bio.h
> create mode 100644 CryptoPkg/Library/Include/prov/blake2.h
> create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon.h
> create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon_aead.h
> create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon_ccm.h
> create mode 100644 CryptoPkg/Library/Include/prov/ciphercommon_gcm.h
> create mode 100644 CryptoPkg/Library/Include/prov/der_digests.h
> create mode 100644 CryptoPkg/Library/Include/prov/der_dsa.h
> create mode 100644 CryptoPkg/Library/Include/prov/der_ec.h
> create mode 100644 CryptoPkg/Library/Include/prov/der_ecx.h
> create mode 100644 CryptoPkg/Library/Include/prov/der_rsa.h
> create mode 100644 CryptoPkg/Library/Include/prov/der_sm2.h
> create mode 100644 CryptoPkg/Library/Include/prov/der_wrap.h
> create mode 100644 CryptoPkg/Library/Include/prov/digestcommon.h
> create mode 100644 CryptoPkg/Library/Include/prov/implementations.h
> create mode 100644 CryptoPkg/Library/Include/prov/kdfexchange.h
> create mode 100644 CryptoPkg/Library/Include/prov/macsignature.h
> create mode 100644 CryptoPkg/Library/Include/prov/md5_sha1.h
> create mode 100644 CryptoPkg/Library/Include/prov/names.h
> create mode 100644 CryptoPkg/Library/Include/prov/proverr.h
> create mode 100644 CryptoPkg/Library/Include/prov/provider_ctx.h
> create mode 100644 CryptoPkg/Library/Include/prov/provider_util.h
> create mode 100644 CryptoPkg/Library/Include/prov/providercommon.h
> create mode 100644 CryptoPkg/Library/Include/prov/securitycheck.h
> create mode 100644 CryptoPkg/Library/Include/prov/seeding.h
> copy CryptoPkg/Library/OpensslLib/{buildinf.h => buildinf.c} (50%)
> create mode 100644 CryptoPkg/Library/OpensslLib/der_digests_gen.c
> create mode 100644 CryptoPkg/Library/OpensslLib/der_rsa_gen.c
> create mode 100644 CryptoPkg/Library/OpensslLib/der_wrap_gen.c
>
> --
> 2.33.1
>
>
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#84330): https://edk2.groups.io/g/devel/message/84330
Mute This Topic: https://groups.io/mt/87479913/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
