Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade for OpenSSL 1.1.1p #131

Merged
merged 4 commits into from
Jul 4, 2022
Merged

Upgrade for OpenSSL 1.1.1p #131

merged 4 commits into from
Jul 4, 2022

Conversation

jinghe-INTC
Copy link
Contributor

No description provided.

upgrade for openssl 1.1.1p
075df2b 
Signed-off-by: Jing He <jing.j.he@intel.com>
@jinghe-INTC jinghe-INTC changed the title Upgrade 1.1.1p Upgrade for OpenSSL 1.1.1p Jul 1, 2022
@jinghe-INTC
Copy link
Contributor Author

All the removed lines for the assembly files were based on the difference between the generated files from
x86_64-mont5.pl from 1.1.1p
to
x86_64-mont5.pl from 1.1.1o and eariler

jbdelcuv
jbdelcuv approved these changes Jul 1, 2022
View reviewed changes
Copy link
Contributor

@jbdelcuv jbdelcuv left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.
Don't we also need to update the patch files to account for the changes in the assembly files?

Jing He added 3 commits July 4, 2022 00:15
generated by: $ diff ../openssl_source/openssl-1.1.1p/crypto/bn/x86_6…
aa5093e 
…4-mont5.s ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.s

Signed-off-by: Jing He <jing.j.he@intel.com>
generated by: (WSL) $ diff ../openssl_source/openssl-1.1.1p/crypto/bn…
5828cd6 
…/x86_64-mont5.asm ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.asm

Signed-off-by: Jing He <jing.j.he@intel.com>
upgrade for openssl 1.1.1p
7796789 
Signed-off-by: Jing He <jing.j.he@intel.com>
@jinghe-INTC
Copy link
Contributor Author

Looks good. Don't we also need to update the patch files to account for the changes in the assembly files?

That's reasonable. I will add a diff file for the changes.

@jinghe-INTC jinghe-INTC merged commit 4c0b9a2 into intel:master Jul 4, 2022
@jinghe-INTC jinghe-INTC deleted the upgrade_1.1.1p branch July 4, 2022 06:36
jinghe-INTC pushed a commit that referenced this pull request Sep 22, 2022
@johnvenn @veehaitch
@dashuaic @lzha101
Support tls openssl1_1_1q (#137)
e91d0cb 
* update architecture doc (#115)

Signed-off-by: Jing He <jing.j.he@intel.com>

* Linux: small fixes (#111)

* Linux: fix Nix detection

Detect the `OS_ID` of Nix by probing for the presence of the `NIX_STORE`
environment variable instead of `NIX_PATH`. The latter is only set in a
`nix-shell` session but isn't when building a derivation through
`nix-build`. In contrast, the `NIX_STORE` environment variable is set in
both cases.

Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>

* Linux: call binaries relative to PATH

Using an absolute path to call binaries is incompatible with
distributions which do not follow the Filesystem Hierachy Standard;
Nix is an example. Also, it is inconsistent with the rest of the code
base, let alone superfluous.

Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>

* Linux: properly extract GCC major version

Calling `gcc -dumpversion` yields the full version string, e.g.,
`10.3.0`. The `build_openssl.sh` bash script uses the `-ge` number
comparison operator to check if the returned version is at least
8. This results in an error if the returned GCC version includes a patch
version; "10.3.0" isn't a valid number.

This commit fixes the version detection by only extracting the relevant
major version of GCC.

Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>

* add an option to make it possible to build on non-intel platform (#116)

* add a built flag "SKIP_INTELCPU_CHECK" for non-intel platform, ref #113
* Update README.md

Signed-off-by: Jing He <jing.j.he@intel.com>

* Update build script (#119)

* update build scripts, removing OPENSSL_INSTALL_DIR
* update tsgxssl file to remove full path

Signed-off-by: Jing He <jing.j.he@intel.com>

* Upgrade to take OpenSSL 1.1.1n (#120)

* Fix windows tsgxssl code (#122)

* use the _t.h of the generated version instead of the saved one

Signed-off-by: Jing He <jing.j.he@intel.com>

* fix the last file

Signed-off-by: Jing He <jing.j.he@intel.com>

* remove unnecessary including of sgx_trts.h

Signed-off-by: Jing He <jing.j.he@intel.com>

* correct the tcommon.h file name

Signed-off-by: Jing He <jing.j.he@intel.com>

* upgrade to OpenSSL 1.1.1o (#124)

* add build dependence path for td migration build (#130)

* add build dependence path for td migration build

* revert untrusted part changes, since only need trusted part

* Upgrade for OpenSSL 1.1.1p (#131)

* upgrade for openssl 1.1.1p

Signed-off-by: Jing He <jing.j.he@intel.com>

* generated by:  $ diff ../openssl_source/openssl-1.1.1p/crypto/bn/x86_64-mont5.s ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.s

Signed-off-by: Jing He <jing.j.he@intel.com>

* generated by: (WSL) $ diff ../openssl_source/openssl-1.1.1p/crypto/bn/x86_64-mont5.asm ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.asm

Signed-off-by: Jing He <jing.j.he@intel.com>

* upgrade for openssl 1.1.1p

Signed-off-by: Jing He <jing.j.he@intel.com>

* correct the result of tool.txt (#117)

Signed-off-by: Jing He <jing.j.he@intel.com>

* update for OpenSSL upgrading to 1.1.1q (#132)

* update for OpenSSL upgrading to 1.1.1q

Signed-off-by: Jing He <jing.j.he@intel.com>

* update

Signed-off-by: Jing He <jing.j.he@intel.com>

* Directly use the macro value instead of including a header file. (#136)

Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>

Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>

Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>
Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>
Co-authored-by: jinghe-INTC <jing.j.he@intel.com>
Co-authored-by: Vincent Haupert <mail@vincent-haupert.de>
Co-authored-by: dashuaic <dashuai.cheng@intel.com>
Co-authored-by: lzha101 <lili.z.zhang@intel.com>
jinghe-INTC pushed a commit that referenced this pull request Mar 2, 2023
@johnvenn @veehaitch
@dashuaic @lzha101
Support tls (#152)
d5cff4a 
* update architecture doc (#115)

Signed-off-by: Jing He <jing.j.he@intel.com>

* Linux: small fixes (#111)

* Linux: fix Nix detection

Detect the `OS_ID` of Nix by probing for the presence of the `NIX_STORE`
environment variable instead of `NIX_PATH`. The latter is only set in a
`nix-shell` session but isn't when building a derivation through
`nix-build`. In contrast, the `NIX_STORE` environment variable is set in
both cases.

Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>

* Linux: call binaries relative to PATH

Using an absolute path to call binaries is incompatible with
distributions which do not follow the Filesystem Hierachy Standard;
Nix is an example. Also, it is inconsistent with the rest of the code
base, let alone superfluous.

Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>

* Linux: properly extract GCC major version

Calling `gcc -dumpversion` yields the full version string, e.g.,
`10.3.0`. The `build_openssl.sh` bash script uses the `-ge` number
comparison operator to check if the returned version is at least
8. This results in an error if the returned GCC version includes a patch
version; "10.3.0" isn't a valid number.

This commit fixes the version detection by only extracting the relevant
major version of GCC.

Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>

* add an option to make it possible to build on non-intel platform (#116)

* add a built flag "SKIP_INTELCPU_CHECK" for non-intel platform, ref #113
* Update README.md

Signed-off-by: Jing He <jing.j.he@intel.com>

* Update build script (#119)

* update build scripts, removing OPENSSL_INSTALL_DIR
* update tsgxssl file to remove full path

Signed-off-by: Jing He <jing.j.he@intel.com>

* Upgrade to take OpenSSL 1.1.1n (#120)

* Fix windows tsgxssl code (#122)

* use the _t.h of the generated version instead of the saved one

Signed-off-by: Jing He <jing.j.he@intel.com>

* fix the last file

Signed-off-by: Jing He <jing.j.he@intel.com>

* remove unnecessary including of sgx_trts.h

Signed-off-by: Jing He <jing.j.he@intel.com>

* correct the tcommon.h file name

Signed-off-by: Jing He <jing.j.he@intel.com>

* upgrade to OpenSSL 1.1.1o (#124)

* add build dependence path for td migration build (#130)

* add build dependence path for td migration build

* revert untrusted part changes, since only need trusted part

* Upgrade for OpenSSL 1.1.1p (#131)

* upgrade for openssl 1.1.1p

Signed-off-by: Jing He <jing.j.he@intel.com>

* generated by:  $ diff ../openssl_source/openssl-1.1.1p/crypto/bn/x86_64-mont5.s ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.s

Signed-off-by: Jing He <jing.j.he@intel.com>

* generated by: (WSL) $ diff ../openssl_source/openssl-1.1.1p/crypto/bn/x86_64-mont5.asm ../openssl_source/openssl-1.1.1o/crypto/bn/x86_64-mont5.asm

Signed-off-by: Jing He <jing.j.he@intel.com>

* upgrade for openssl 1.1.1p

Signed-off-by: Jing He <jing.j.he@intel.com>

* correct the result of tool.txt (#117)

Signed-off-by: Jing He <jing.j.he@intel.com>

* update for OpenSSL upgrading to 1.1.1q (#132)

* update for OpenSSL upgrading to 1.1.1q

Signed-off-by: Jing He <jing.j.he@intel.com>

* update

Signed-off-by: Jing He <jing.j.he@intel.com>

* Directly use the macro value instead of including a header file. (#136)

Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>

Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>

* Remove the permission modification line in Makefile.

Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>

* Update unit test code (#141)

* update unit test code: keygen test of RSA and EC
* update project settings
* update Windows test code


Signed-off-by: Jing He <jing.j.he@intel.com>

* *upgrade for openssl 1.1.1s (#139)

*upgrade for openssl 1.1.1s
*update unit test sample with generated key file

Signed-off-by: Jing He <jing.j.he@intel.com>

* enhance security of the test app (#145)

Signed-off-by: Jing He <jing.j.he@intel.com>

* Upgrade 1.1.1t (#150)

* upgrade to 1.1.1t


Signed-off-by: Jing He <jing.j.he@intel.com>

* update version

---------

Signed-off-by: Jing He <jing.j.he@intel.com>
Signed-off-by: Vincent Haupert <mail@vincent-haupert.de>
Signed-off-by: Zhang, Lili Z <lili.z.zhang@intel.com>
Co-authored-by: jinghe-INTC <jing.j.he@intel.com>
Co-authored-by: Vincent Haupert <mail@vincent-haupert.de>
Co-authored-by: dashuaic <dashuai.cheng@intel.com>
Co-authored-by: lzha101 <lili.z.zhang@intel.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fchinchilla fchinchilla fchinchilla approved these changes

@jbdelcuv jbdelcuv jbdelcuv approved these changes

@lzha101 lzha101 lzha101 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jinghe-INTC @lzha101 @jbdelcuv @fchinchilla