Mike, Can you explain #3? I have no idea how to update/modify the EDK2 CI. I know for MTL, we have this define there by default, that is why when I enabled crypto for RPMC feature for MTL we ran into the issue.
#4, I prefer a build error. Judah -----Original Message----- From: Kinney, Michael D <michael.d.kin...@intel.com> Sent: Monday, October 24, 2022 10:22 AM To: devel@edk2.groups.io; Vang, Judah <judah.v...@intel.com>; Kinney, Michael D <michael.d.kin...@intel.com> Subject: RE: [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes Hi Judah, There was an update to CryptoPkg pushed yesterday. 1) There is a CryptoPkg/Readme.md with tables and DSC content for services that are enabled in each phase. I think that needs updates too for the AES and KDF features. 2) The CryptoPkg.dsc file has recommended settings for PEI, DXE, SMM. I think they need to be updated for the AES and KDF features. 3) It looks like the SHA1 disable caused a build break. I would like to see the standard package builds for EDK II CI be updated to cover the failure case so we know that this case is covered in the future. It looks like the default is for SHA1 enabled and the build break is when define for SHA1 disabled is asserted. 4) There is an overlap between the defines to deprecate MD5 and SH1 and the structured PCD that allows those services to be disabled in the Crypto Protocol/PPI. The defines to deprecate MD5 and SH1 extend into the BaseCryptLib instance implementations such that a call to those services when static linking will generate a build error instead of a runtime ASSERT(). Which behavior do you prefer? Best regards, Mike > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Judah > Vang > Sent: Monday, October 24, 2022 9:42 AM > To: devel@edk2.groups.io > Subject: [edk2-devel] [PATCH V1 0/2] CryptoPkg bug fixes > > https://bugzilla.tianocore.org/show_bug.cgi?id=3991 > https://bugzilla.tianocore.org/show_bug.cgi?id=3992 > > There is a #define to deprecate Sha1 functions but not all the Sha1 > function are wrapped around this #define causing a build error. The > fix is to wrap all Sha1 functions with the #define. > > Need crypto AES to be supported for PEI phase and need crypto KDF to > be supported for SMM phase. > > Judah Vang (2): > CryptoPkg: Sha1 functions causing build errors > CryptoPkg: Need to enable crypto functions > > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +- > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +- > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c | 14 +++++++++++++- > 3 files changed, 15 insertions(+), 3 deletions(-) > > -- > 2.35.1.windows.2 > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#95619): https://edk2.groups.io/g/devel/message/95619 Mute This Topic: https://groups.io/mt/94539162/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
