From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web12.5182.1644570393257412245 for ; Fri, 11 Feb 2022 01:06:33 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=n1Q81zbn; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: zhihao.li@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1644570393; x=1676106393; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=XRpmv4i00CZPzv9lkMxcXf3qoAmDPiAwl0onmncVLPM=; b=n1Q81zbnSrE8vvMugPHZCyyIIS8YEWtPViG34Hv5huXNS+kgdNrJNvRp Md58Mar4SwJvi3dldWyZnvxkbAlF/DPmi5qzHCkGG0STxhtL+NEB7Ah2r SeYV+8F/4mx7Aj2rU6ddhVsCeDzKCW46zGOnvB7LECS2HJa/H7JztKvej weIKVYPiMh3z96YC6VJO4JqIVMghSYlznphx3u+j1CgsMfa6tk0Ouzxnb 8zqMOeZgb4gfU38aWCHMqb4uZVwJU/5k85+QPfVoj2wjBOG/RFOs5/bJw e8wpnDV5bNqOpuulluhqapUR4CcT7+RhCkfK+98cdObS9n6qRXQk0BW44 Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10254"; a="249902887" X-IronPort-AV: E=Sophos;i="5.88,360,1635231600"; d="scan'208";a="249902887" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Feb 2022 01:05:25 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,360,1635231600"; d="scan'208";a="542009254" Received: from win_li.ccr.corp.intel.com ([10.239.157.34]) by orsmga008.jf.intel.com with ESMTP; 11 Feb 2022 01:05:23 -0800 From: "Li, Zhihao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Siyuan Fu Subject: [PATCH v1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib. Date: Fri, 11 Feb 2022 17:05:22 +0800 Message-Id: <20220211090522.1497-1-zhihao.li@intel.com> X-Mailer: git-send-email 2.26.2.windows.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3596 Parallel hash function ParallelHash256HashAll, as defined in NIST's Special Publication 800-185, published December 2016. It utilizes multi-process to calculate the digest. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Siyuan Fu Signed-off-by: Zhihao Li --- CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c | 3= 13 ++++++++++++++++++++ CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c | 2= 75 +++++++++++++++++ CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c | 1= 02 +++++++ CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c | = 53 ++++ CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c | 1= 52 ++++++++++ CryptoPkg/CryptoPkg.dec | = 9 +- CryptoPkg/Include/Library/BaseCryptLib.h | = 29 +- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | = 12 +- CryptoPkg/Library/Include/CrtLibSupport.h | = 5 +- CryptoPkg/Library/Include/sha3.h | = 32 ++ CryptoPkg/Library/Include/xkcp.h | = 23 ++ CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h | = 3 +- CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf | = 7 + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf | = 6 + 14 files changed, 1016 insertions(+), 5 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c b/CryptoP= kg/Library/BaseCryptLib/Hash/CryptCShake256.c new file mode 100644 index 0000000000..5efced3f46 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c @@ -0,0 +1,313 @@ +/** @file=0D + cSHAKE-256 Digest Wrapper Implementations.=0D +=0D +Copyright (c) 2022, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "InternalCryptLib.h"=0D +#include "sha3.h"=0D +#include "xkcp.h"=0D +=0D +#define CSHAKE256_SECURITY_STRENGTH 256=0D +#define CSHAKE256_RATE_IN_BYTES 136=0D +=0D +const CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] =3D {0};=0D +=0D +UINTN=0D +EFIAPI=0D +LeftEncode (=0D + OUT UINT8 *Encbuf,=0D + IN UINTN Value=0D + )=0D +{=0D + return left_encode (Encbuf, Value);=0D +}=0D +=0D +UINTN=0D +EFIAPI=0D +RightEncode (=0D + OUT UINT8 *Encbuf,=0D + IN UINTN Value=0D + )=0D +{=0D + return right_encode (Encbuf, Value);=0D +}=0D +=0D +/**=0D + Retrieves the size, in bytes, of the context buffer required for cSHAKE-= 256 hash operations.=0D +=0D + @return The size, in bytes, of the context buffer required for cSHAKE-2= 56 hash operations.=0D +=0D +**/=0D +UINTN=0D +EFIAPI=0D +CShake256GetContextSize (=0D + VOID=0D + )=0D +{=0D + return (UINTN) (sizeof (KECCAK1600_CTX));=0D +}=0D +=0D +/**=0D + Initializes user-supplied memory pointed by CShake256Context as cSHAKE-2= 56 hash context for=0D + subsequent use.=0D +=0D + @param[out] CShake256Context Pointer to cSHAKE-256 context being initi= alized.=0D + @param[in] OutputLen The desired number of output length in by= tes.=0D + @param[in] Name Pointer to the function name string.=0D + @param[in] NameLen The length of the function name in bytes.= =0D + @param[in] Customization Pointer to the customization string.=0D + @param[in] CustomizationLen The length of the customization string in= bytes.=0D +=0D + @retval TRUE cSHAKE-256 context initialization succeeded.=0D + @retval FALSE cSHAKE-256 context initialization failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +CShake256Init (=0D + OUT VOID *CShake256Context,=0D + IN UINTN OutputLen,=0D + IN CONST VOID *Name,=0D + IN UINTN NameLen,=0D + IN CONST VOID *Customization,=0D + IN UINTN CustomizationLen=0D + )=0D +{=0D + BOOLEAN Status;=0D + unsigned char EncBuf[sizeof(size_t)+1];=0D + UINTN EncLen;=0D + UINTN AbsorbLen;=0D + UINTN PadLen;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if (CShake256Context =3D=3D NULL ||=0D + OutputLen =3D=3D 0 ||=0D + (NameLen !=3D 0 && Name =3D=3D NULL) ||=0D + (CustomizationLen !=3D 0 && Customization =3D=3D NULL)) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Initialize KECCAK context with pad value and block size.=0D + //=0D + if (NameLen =3D=3D 0 && CustomizationLen =3D=3D 0) {=0D + //=0D + // When N and S are both empty strings, cSHAKE(X, L, N, S) is equivale= nt to=0D + // SHAKE as defined in FIPS 202.=0D + //=0D + return (BOOLEAN) init (=0D + (KECCAK1600_CTX *) CShake256Context,=0D + '\x1f',=0D + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2)= / 8,=0D + OutputLen=0D + );=0D + }=0D +=0D + Status =3D (BOOLEAN) init (=0D + (KECCAK1600_CTX *) CShake256Context,=0D + '\x04',=0D + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2)= / 8,=0D + OutputLen=0D + );=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + AbsorbLen =3D 0;=0D + //=0D + // Absorb Absorb bytepad(.., rate).=0D + //=0D + EncLen =3D left_encode (EncBuf, CSHAKE256_RATE_IN_BYTES);=0D + Status =3D (BOOLEAN) sha3_update ((KECCAK1600_CTX *) CShake256Context, E= ncBuf, EncLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D + AbsorbLen +=3D EncLen;=0D +=0D + //=0D + // Absorb encode_string(N).=0D + //=0D + EncLen =3D left_encode (EncBuf, NameLen * 8);=0D + Status =3D (BOOLEAN) sha3_update ((KECCAK1600_CTX *) CShake256Context, E= ncBuf, EncLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D + AbsorbLen +=3D EncLen;=0D + Status =3D (BOOLEAN) sha3_update ((KECCAK1600_CTX *) CShake256Context, N= ame, NameLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D + AbsorbLen +=3D NameLen;=0D +=0D + //=0D + // Absorb encode_string(S).=0D + //=0D + EncLen =3D left_encode (EncBuf, CustomizationLen * 8);=0D + Status =3D (BOOLEAN) sha3_update ((KECCAK1600_CTX *) CShake256Context, E= ncBuf, EncLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D + AbsorbLen +=3D EncLen;=0D + Status =3D (BOOLEAN) sha3_update ((KECCAK1600_CTX *) CShake256Context, C= ustomization, CustomizationLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D + AbsorbLen +=3D CustomizationLen;=0D +=0D + //=0D + // Absorb zero padding up to rate.=0D + //=0D + PadLen =3D CSHAKE256_RATE_IN_BYTES - AbsorbLen % CSHAKE256_RATE_IN_BYTES= ;=0D + Status =3D (BOOLEAN) sha3_update ((KECCAK1600_CTX *) CShake256Context, m= ZeroPadding, PadLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Digests the input data and updates cSHAKE-256 context.=0D +=0D + This function performs cSHAKE-256 digest on a data buffer of the specifi= ed size.=0D + It can be called multiple times to compute the digest of long or discont= inuous data streams.=0D + cSHAKE-256 context should be already correctly initialized by CShake256I= nit(), and should not be finalized=0D + by CShake256Final(). Behavior with invalid context is undefined.=0D +=0D + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.=0D + @param[in] Data Pointer to the buffer containing the= data to be hashed.=0D + @param[in] DataSize Size of Data buffer in bytes.=0D +=0D + @retval TRUE cSHAKE-256 data digest succeeded.=0D + @retval FALSE cSHAKE-256 data digest failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +CShake256Update (=0D + IN OUT VOID *CShake256Context,=0D + IN CONST VOID *Data,=0D + IN UINTN DataSize=0D + )=0D +{=0D + //=0D + // Check input parameters.=0D + //=0D + if (CShake256Context =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Check invalid parameters, in case that only DataLength was checked in= OpenSSL.=0D + //=0D + if (Data =3D=3D NULL && DataSize !=3D 0) {=0D + return FALSE;=0D + }=0D +=0D + return (BOOLEAN)(sha3_update ((KECCAK1600_CTX *) CShake256Context, Data,= DataSize));=0D +}=0D +=0D +/**=0D + Completes computation of the cSHAKE-256 digest value.=0D +=0D + This function completes cSHAKE-256 hash computation and retrieves the di= gest value into=0D + the specified memory. After this function has been called, the cSHAKE-25= 6 context cannot=0D + be used again.=0D + cSHAKE-256 context should be already correctly initialized by CShake256I= nit(), and should not be=0D + finalized by CShake256Final(). Behavior with invalid cSHAKE-256 context = is undefined.=0D +=0D + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.=0D + @param[out] HashValue Pointer to a buffer that receives the= cSHAKE-256 digest=0D + value.=0D +=0D + @retval TRUE cSHAKE-256 digest computation succeeded.=0D + @retval FALSE cSHAKE-256 digest computation failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +CShake256Final (=0D + IN OUT VOID *CShake256Context,=0D + OUT UINT8 *HashValue=0D + )=0D +{=0D + //=0D + // Check input parameters.=0D + //=0D + if (CShake256Context =3D=3D NULL || HashValue =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // cSHAKE-256 Hash Finalization.=0D + //=0D + return (BOOLEAN) (sha3_final ((KECCAK1600_CTX *) CShake256Context, HashV= alue));=0D +}=0D +=0D +/**=0D + Computes the CSHAKE-256 message digest of a input data buffer.=0D +=0D + This function performs the CSHAKE-256 message digest of a given data buf= fer, and places=0D + the digest value into the specified memory.=0D +=0D + @param[in] Data Pointer to the buffer containing the dat= a to be hashed.=0D + @param[in] DataSize Size of Data buffer in bytes.=0D + @param[in] OutputLen Size of output in bytes.=0D + @param[in] Name Pointer to the function name string.=0D + @param[in] NameLen Size of the function name in bytes.=0D + @param[in] Customization Pointer to the customization string.=0D + @param[in] CustomizationLen Size of the customization string in byte= s.=0D + @param[out] HashValue Pointer to a buffer that receives the CS= HAKE-256 digest=0D + value.=0D +=0D + @retval TRUE CSHAKE-256 digest computation succeeded.=0D + @retval FALSE CSHAKE-256 digest computation failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +CShake256HashAll (=0D + IN CONST VOID *Data,=0D + IN UINTN DataSize,=0D + IN UINTN OutputLen,=0D + IN CONST VOID *Name,=0D + IN UINTN NameLen,=0D + IN CONST VOID *Customization,=0D + IN UINTN CustomizationLen,=0D + OUT UINT8 *HashValue=0D + )=0D +{=0D + BOOLEAN Status;=0D + KECCAK1600_CTX Ctx;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if (HashValue =3D=3D NULL) {=0D + return FALSE;=0D + }=0D + if (Data =3D=3D NULL && DataSize !=3D 0) {=0D + return FALSE;=0D + }=0D +=0D + Status =3D CShake256Init (&Ctx, OutputLen, Name, NameLen, Customization,= CustomizationLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + Status =3D CShake256Update (&Ctx, Data, DataSize);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + return CShake256Final (&Ctx, HashValue);=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c b/Cryp= toPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c new file mode 100644 index 0000000000..3eaa7c2ceb --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c @@ -0,0 +1,275 @@ +/** @file=0D + ParallelHash Implementation.=0D +=0D +Copyright (c) 2022, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "InternalCryptLib.h"=0D +#include =0D +#include =0D +#include =0D +=0D +=0D +UINT16 mBlockNum;=0D +UINTN mBlockSize;=0D +UINTN mLastBlockSize;=0D +UINT8 *mInput;=0D +UINTN mBlockResultSize;=0D +UINT8 *mBlockHashResult;=0D +BOOLEAN *mBlockIsCompleted;=0D +SPIN_LOCK *mSpinLockList;=0D +=0D +UINTN LeftEncode (OUT UINT8 *Encbuf, IN UINTN Value);=0D +UINTN RightEncode (OUT UINT8 *Encbuf, IN UINTN Value);=0D +=0D +BOOLEAN=0D +EFIAPI=0D +CShake256HashAll (=0D + IN CONST VOID *Data,=0D + IN UINTN DataSize,=0D + IN UINTN OutputLen,=0D + IN CONST VOID *Name,=0D + IN UINTN NameLen,=0D + IN CONST VOID *Customization,=0D + IN UINTN CustomizationLen,=0D + OUT UINT8 *HashValue=0D + );=0D +=0D +VOID=0D +EFIAPI=0D +ParallelHashApExecute (=0D + IN VOID *ProcedureArgument=0D + )=0D +{=0D + UINTN Index;=0D + BOOLEAN Status;=0D +=0D + for (Index =3D 0; Index < mBlockNum; Index++) {=0D + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {=0D + //=0D + // Completed, try next one.=0D + //=0D + if (mBlockIsCompleted[Index])=0D + {=0D + ReleaseSpinLock (&mSpinLockList[Index]);=0D + continue;=0D + }=0D + //=0D + // Calculate CShake256 for this block.=0D + //=0D + Status =3D CShake256HashAll (=0D + mInput + Index * mBlockSize,=0D + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSize : mBlockS= ize,=0D + mBlockResultSize,=0D + NULL,=0D + 0,=0D + NULL,=0D + 0,=0D + mBlockHashResult + Index * mBlockResultSize=0D + );=0D + if (!EFI_ERROR (Status)){=0D + mBlockIsCompleted[Index] =3D TRUE;=0D + }=0D + ReleaseSpinLock (&mSpinLockList[Index]);=0D + }=0D + }=0D +}=0D +=0D +/**=0D + Parallel hash function ParallelHash256, as defined in NIST's Special Pub= lication 800-185,=0D + published December 2016.=0D +=0D + @param Input[in] Pointer to the input message (X).=0D + @param InputByteLen[in] The number(>0) of input bytes provided for = the input data.=0D + @param Output[out] Pointer to the output buffer.=0D + @param OutputByteLen[in] The desired number of output bytes (L).=0D + @param Customization[in] Pointer to the customization string (S).=0D + @param CustomByteLen[in] The length of the customization string in b= ytes.=0D +=0D + @retval TRUE ParallelHash256 digest computation succeeded.=0D + @retval FALSE ParallelHash256 digest computation failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +*/=0D +BOOLEAN=0D +EFIAPI=0D +ParallelHash256HashAll (=0D + IN CONST VOID *Input,=0D + IN UINTN InputByteLen,=0D + OUT VOID *Output,=0D + IN UINTN OutputByteLen,=0D + IN CONST VOID *Customization,=0D + IN UINTN CustomByteLen=0D + )=0D +=0D +{=0D + UINT8 EncBufB[sizeof(UINTN)+1];=0D + UINTN EncSizeB;=0D + UINT8 EncBufN[sizeof(UINTN)+1];=0D + UINTN EncSizeN;=0D + UINT8 EncBufL[sizeof(UINTN)+1];=0D + UINTN EncSizeL;=0D + UINTN Index;=0D + UINT8 *CombinedInput;=0D + UINTN CombinedInputSize;=0D + EFI_STATUS Status;=0D + UINTN StartedApNum;=0D + BOOLEAN AllCompleted;=0D + UINTN Offset;=0D + BOOLEAN ReturnValue;=0D +=0D + if (InputByteLen =3D=3D 0 || OutputByteLen =3D=3D 0) {=0D + return FALSE;=0D + }=0D +=0D + if (Input =3D=3D NULL || Output =3D=3D NULL){=0D + return FALSE;=0D + }=0D +=0D + if (CustomByteLen !=3D 0 && Customization =3D=3D NULL){=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Get Block number n.=0D + //=0D + mBlockNum =3D PcdGet16 (PcdParallelHashBlockNumber);=0D +=0D + if (mBlockNum < 1 || InputByteLen < mBlockNum - 1){=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Set hash result size of each block in bytes.=0D + //=0D + mBlockResultSize =3D OutputByteLen;=0D +=0D + //=0D + // calculate the block byte length B.=0D + //=0D + mBlockSize =3D InputByteLen % mBlockNum =3D=3D 0 ? InputByteLen / mBlock= Num : InputByteLen / (mBlockNum - 1);=0D +=0D + //=0D + // Encode B, n, L to string and record size.=0D + //=0D + EncSizeB =3D LeftEncode (EncBufB, mBlockSize);=0D + EncSizeN =3D RightEncode (EncBufN, mBlockNum);=0D + EncSizeL =3D RightEncode (EncBufL, OutputByteLen * CHAR_BIT);=0D +=0D + //=0D + // Allocate buffer for combined input (newX), Block completed flag and S= pinLock.=0D + //=0D + CombinedInputSize =3D EncSizeB + EncSizeN + EncSizeL + mBlockNum * mBloc= kResultSize;=0D + CombinedInput =3D AllocateZeroPool (CombinedInputSize);=0D + mBlockIsCompleted =3D AllocateZeroPool (mBlockNum * sizeof (BOOLEAN));=0D + mSpinLockList =3D AllocatePool (mBlockNum * sizeof (SPIN_LOCK));=0D + if (CombinedInput =3D=3D NULL || mBlockIsCompleted =3D=3D NULL || mSpinL= ockList =3D=3D NULL) {=0D + ReturnValue =3D FALSE;=0D + goto Exit;=0D + }=0D +=0D + //=0D + // Fill LeftEncode(B).=0D + //=0D + CopyMem (CombinedInput, EncBufB, EncSizeB);=0D +=0D + //=0D + // Prepare for parallel hash.=0D + //=0D + mBlockHashResult =3D CombinedInput + EncSizeB;=0D + mInput =3D Input;=0D + mLastBlockSize =3D InputByteLen % mBlockSize =3D=3D 0 ? mBlockSize : Inp= utByteLen % mBlockSize;=0D +=0D + //=0D + // Initialize SpinLock for each result block.=0D + //=0D + for (Index =3D 0; Index < mBlockNum; Index++) {=0D + InitializeSpinLock (&mSpinLockList[Index]);=0D + }=0D +=0D + //=0D + // Dispatch blocklist to each AP.=0D + //=0D + StartedApNum =3D 0;=0D + for (Index =3D 0; Index < gMmst->NumberOfCpus; Index++) {=0D + if (Index !=3D gMmst->CurrentlyExecutingCpu) {=0D + Status =3D gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NUL= L);=0D + if (!EFI_ERROR (Status)) {=0D + StartedApNum++;=0D + }=0D + }=0D + }=0D +=0D + //=0D + // Wait until all block hash completed.=0D + //=0D + do {=0D + AllCompleted =3D TRUE;=0D + for (Index =3D 0; Index < mBlockNum; Index++) {=0D + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {=0D + if (!mBlockIsCompleted[Index]) {=0D + AllCompleted =3D FALSE;=0D + ReturnValue =3D CShake256HashAll (=0D + mInput + Index * mBlockSize,=0D + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSize : mBl= ockSize,=0D + mBlockResultSize,=0D + NULL,=0D + 0,=0D + NULL,=0D + 0,=0D + mBlockHashResult + Index * mBlockResultSize=0D + );=0D + if (ReturnValue){=0D + mBlockIsCompleted[Index] =3D TRUE;=0D + }=0D + ReleaseSpinLock (&mSpinLockList[Index]);=0D + break;=0D + }=0D + ReleaseSpinLock (&mSpinLockList[Index]);=0D + } else {=0D + AllCompleted =3D FALSE;=0D + break;=0D + }=0D + }=0D + } while (!AllCompleted);=0D +=0D + //=0D + // Fill LeftEncode(n).=0D + //=0D + Offset =3D EncSizeB + mBlockNum * mBlockResultSize;=0D + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN);=0D +=0D + //=0D + // Fill LeftEncode(L).=0D + //=0D + Offset +=3D EncSizeN;=0D + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL);=0D +=0D + ReturnValue =3D CShake256HashAll (=0D + CombinedInput,=0D + CombinedInputSize,=0D + OutputByteLen,=0D + PARALLELHASH_CUSTOMIZATION,=0D + AsciiStrLen(PARALLELHASH_CUSTOMIZATION),=0D + Customization,=0D + CustomByteLen,=0D + Output=0D + );=0D +=0D +Exit:=0D + ZeroMem (CombinedInput, CombinedInputSize);=0D +=0D + if (CombinedInput !=3D NULL){=0D + FreePool (CombinedInput);=0D + }=0D + if (mSpinLockList !=3D NULL){=0D + FreePool (mSpinLockList);=0D + }=0D + if (mBlockIsCompleted !=3D NULL){=0D + FreePool (mBlockIsCompleted);=0D + }=0D +=0D + return ReturnValue;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c b/CryptoPkg/Li= brary/BaseCryptLib/Hash/CryptSha3.c new file mode 100644 index 0000000000..b170c463de --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c @@ -0,0 +1,102 @@ +/** @file=0D + SHA3 realted functions from OpenSSL.=0D +=0D +Copyright (c) 2022, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.=0D +Licensed under the OpenSSL license (the "License"). You may not use=0D +this file except in compliance with the License. You can obtain a copy=0D +in the file LICENSE in the source distribution or at=0D +https://www.openssl.org/source/license.html=0D +=0D +**/=0D +=0D +#include "sha3.h"=0D +=0D +size_t SHA3_absorb(uint64_t A[5][5], const unsigned char *inp, size_t len,= =0D + size_t r);=0D +void SHA3_squeeze(uint64_t A[5][5], unsigned char *out, size_t len, size_t= r);=0D +=0D +int init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bsz, size_t md_siz= e)=0D +{=0D + if (bsz <=3D sizeof(ctx->buf)) {=0D + memset(ctx->A, 0, sizeof(ctx->A));=0D +=0D + ctx->num =3D 0;=0D + ctx->block_size =3D bsz;=0D + ctx->md_size =3D md_size;=0D + ctx->pad =3D pad;=0D +=0D + return 1;=0D + }=0D +=0D + return 0;=0D +}=0D +=0D +=0D +int sha3_update(KECCAK1600_CTX *ctx, const void *_inp, size_t len)=0D +{=0D + const unsigned char *inp =3D _inp;=0D + size_t bsz =3D ctx->block_size;=0D + size_t num, rem;=0D +=0D + if (len =3D=3D 0)=0D + return 1;=0D +=0D + if ((num =3D ctx->num) !=3D 0) { /* process intermediate buffer? = */=0D + rem =3D bsz - num;=0D +=0D + if (len < rem) {=0D + memcpy(ctx->buf + num, inp, len);=0D + ctx->num +=3D len;=0D + return 1;=0D + }=0D + /*=0D + * We have enough data to fill or overflow the intermediate=0D + * buffer. So we append |rem| bytes and process the block,=0D + * leaving the rest for later processing...=0D + */=0D + memcpy(ctx->buf + num, inp, rem);=0D + inp +=3D rem, len -=3D rem;=0D + (void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);=0D + ctx->num =3D 0;=0D + /* ctx->buf is processed, ctx->num is guaranteed to be zero */=0D + }=0D +=0D + if (len >=3D bsz)=0D + rem =3D SHA3_absorb(ctx->A, inp, len, bsz);=0D + else=0D + rem =3D len;=0D +=0D + if (rem) {=0D + memcpy(ctx->buf, inp + len - rem, rem);=0D + ctx->num =3D rem;=0D + }=0D +=0D + return 1;=0D +}=0D +=0D +int sha3_final(KECCAK1600_CTX *ctx, unsigned char *md)=0D +{=0D + size_t bsz =3D ctx->block_size;=0D + size_t num =3D ctx->num;=0D +=0D + if (ctx->md_size =3D=3D 0)=0D + return 1;=0D +=0D + /*=0D + * Pad the data with 10*1. Note that |num| can be |bsz - 1|=0D + * in which case both byte operations below are performed on=0D + * same byte...=0D + */=0D + memset(ctx->buf + num, 0, bsz - num);=0D + ctx->buf[num] =3D ctx->pad;=0D + ctx->buf[bsz - 1] |=3D 0x80;=0D +=0D + (void)SHA3_absorb(ctx->A, ctx->buf, bsz, bsz);=0D +=0D + SHA3_squeeze(ctx->A, md, ctx->md_size, bsz);=0D +=0D + return 1;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c b/CryptoPkg/Li= brary/BaseCryptLib/Hash/CryptXkcp.c new file mode 100644 index 0000000000..b2a40ee044 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c @@ -0,0 +1,53 @@ +/** @file=0D + Encode realted functions from Xkcp.=0D +=0D +Copyright (c) 2022, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +The eXtended Keccak Code Package (XKCP)=0D +https://github.com/XKCP/XKCP=0D +Keccak, designed by Guido Bertoni, Joan Daemen, Micha=C3=ABl Peeters and G= illes Van Assche.=0D +Implementation by the designers, hereby denoted as "the implementer".=0D +For more information, feedback or questions, please refer to the Keccak Te= am website:=0D +https://keccak.team/=0D +To the extent possible under law, the implementer has waived all copyright= =0D +and related or neighboring rights to the source code in this file.=0D +http://creativecommons.org/publicdomain/zero/1.0/=0D +=0D +**/=0D +=0D +#include "xkcp.h"=0D +=0D +unsigned int left_encode(unsigned char * encbuf, size_t value)=0D +{=0D + unsigned int n, i;=0D + size_t v;=0D +=0D + for ( v =3D value, n =3D 0; v && (n < sizeof(size_t)); ++n, v >>=3D 8 = )=0D + ; /* empty */=0D + if (n =3D=3D 0)=0D + n =3D 1;=0D + for ( i =3D 1; i <=3D n; ++i )=0D + {=0D + encbuf[i] =3D (unsigned char)(value >> (8 * (n-i)));=0D + }=0D + encbuf[0] =3D (unsigned char)n;=0D + return n + 1;=0D +}=0D +=0D +unsigned int right_encode(unsigned char * encbuf, size_t value)=0D +{=0D + unsigned int n, i;=0D + size_t v;=0D +=0D + for ( v =3D value, n =3D 0; v && (n < sizeof(size_t)); ++n, v >>=3D 8 = )=0D + ; /* empty */=0D + if (n =3D=3D 0)=0D + n =3D 1;=0D + for ( i =3D 1; i <=3D n; ++i )=0D + {=0D + encbuf[i-1] =3D (unsigned char)(value >> (8 * (n-i)));=0D + }=0D + encbuf[n] =3D (unsigned char)n;=0D + return n + 1;=0D +}=0D diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests= .c b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c new file mode 100644 index 0000000000..052ab3a0d6 --- /dev/null +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c @@ -0,0 +1,152 @@ +/** @file=0D + Application for Parallelhash Function Validation.=0D +=0D +Copyright (c) 2022, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "TestBaseCryptLib.h"=0D +=0D +//=0D +// Parallelhash Test Sample common parameters.=0D +//=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN OutputByteLen =3D 64;=0D +=0D +//=0D +// Parallelhash Test Sample #1 from NIST Special Publication 800-185.=0D +//=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample1[] =3D {= =0D + // input data of sample1.=0D + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x10, 0x11, 0x12, 0x13, = 0x14, 0x15, 0x16, 0x17,=0D + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27=0D +};=0D +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample1ByteLen =3D 24= ; // Length of sample1 input data in bytes.=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample1 =3D ""= ; // Customization string (S) of sample1.=0D +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample1ByteLen =3D 0;= // Customization string length of sample1 in bytes.=0D +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample1 =3D 8;= // Block size of sample1.=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample1[] =3D {= =0D + // Expected output data of sample1.=0D + 0xbc, 0x1e, 0xf1, 0x24, 0xda, 0x34, 0x49, 0x5e, 0x94, 0x8e, 0xad, 0x20, = 0x7d, 0xd9, 0x84, 0x22,=0D + 0x35, 0xda, 0x43, 0x2d, 0x2b, 0xbc, 0x54, 0xb4, 0xc1, 0x10, 0xe6, 0x4c, = 0x45, 0x11, 0x05, 0x53,=0D + 0x1b, 0x7f, 0x2a, 0x3e, 0x0c, 0xe0, 0x55, 0xc0, 0x28, 0x05, 0xe7, 0xc2, = 0xde, 0x1f, 0xb7, 0x46,=0D + 0xaf, 0x97, 0xa1, 0xd0, 0x01, 0xf4, 0x3b, 0x82, 0x4e, 0x31, 0xb8, 0x76, = 0x12, 0x41, 0x04, 0x29=0D +};=0D +=0D +//=0D +// Parallelhash Test Sample #2 from NIST Special Publication 800-185.=0D +//=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 *InputSample2 =3D In= putSample1; // Input of sample2 is same as sample1.=0D +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample2ByteLen =3D 24= ; // Length of sample2 input data in bytes.=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample2 =3D "P= arallel Data"; // Customization string (S) of sample2.=0D +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample2ByteLen =3D 13= ; // Customization string length of sample2 in bytes.= =0D +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample2 =3D 8;= // Block size of sample2.=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample2[] =3D {= =0D + // Expected output data of sample2.=0D + 0xcd, 0xf1, 0x52, 0x89, 0xb5, 0x4f, 0x62, 0x12, 0xb4, 0xbc, 0x27, 0x05, = 0x28, 0xb4, 0x95, 0x26,=0D + 0x00, 0x6d, 0xd9, 0xb5, 0x4e, 0x2b, 0x6a, 0xdd, 0x1e, 0xf6, 0x90, 0x0d, = 0xda, 0x39, 0x63, 0xbb,=0D + 0x33, 0xa7, 0x24, 0x91, 0xf2, 0x36, 0x96, 0x9c, 0xa8, 0xaf, 0xae, 0xa2, = 0x9c, 0x68, 0x2d, 0x47,=0D + 0xa3, 0x93, 0xc0, 0x65, 0xb3, 0x8e, 0x29, 0xfa, 0xe6, 0x51, 0xa2, 0x09, = 0x1c, 0x83, 0x31, 0x10=0D +};=0D +=0D +//=0D +// Parallelhash Test Sample #3 from NIST Special Publication 800-185.=0D +//=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample3[] =3D {= =0D + // input data of sample3.=0D + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, = 0x10, 0x11, 0x12, 0x13,=0D + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x20, 0x21, 0x22, 0x23, = 0x24, 0x25, 0x26, 0x27,=0D + 0x28, 0x29, 0x2a, 0x2b, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, = 0x38, 0x39, 0x3a, 0x3b,=0D + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, = 0x50, 0x51, 0x52, 0x53,=0D + 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b=0D +};=0D +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample3ByteLen =3D 72= ; // Length of sample3 input data in bytes.=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample3 =3D "P= arallel Data"; // Customization string (S) of sample3.=0D +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample3ByteLen =3D 13= ; // Customization string length of sample3 in bytes.= =0D +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample3 =3D 12= ; // Block size of sample3.=0D +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample3[] =3D {= =0D + // Expected output data of sample3.=0D + 0x69, 0xd0, 0xfc, 0xb7, 0x64, 0xea, 0x05, 0x5d, 0xd0, 0x93, 0x34, 0xbc, = 0x60, 0x21, 0xcb, 0x7e,=0D + 0x4b, 0x61, 0x34, 0x8d, 0xff, 0x37, 0x5d, 0xa2, 0x62, 0x67, 0x1c, 0xde, = 0xc3, 0xef, 0xfa, 0x8d,=0D + 0x1b, 0x45, 0x68, 0xa6, 0xcc, 0xe1, 0x6b, 0x1c, 0xad, 0x94, 0x6d, 0xdd, = 0xe2, 0x7f, 0x6c, 0xe2,=0D + 0xb8, 0xde, 0xe4, 0xcd, 0x1b, 0x24, 0x85, 0x1e, 0xbf, 0x00, 0xeb, 0x90, = 0xd4, 0x38, 0x13, 0xe9=0D +};=0D +=0D +UNIT_TEST_STATUS=0D +EFIAPI=0D +TestVerifyParallelHash256HashAll (=0D + IN UNIT_TEST_CONTEXT Context=0D + )=0D +{=0D + BOOLEAN Status;=0D + UINT16 OriginalParallelHashBlockNumber;=0D + UINT8 Output[64];=0D +=0D + // Restore original PcdParallelHashBlockNumber.=0D + OriginalParallelHashBlockNumber =3D PcdGet16 (PcdParallelHashBlockNumber= );=0D +=0D + //=0D + // Test #1 using sample1.=0D + //=0D + PcdSet16S (PcdParallelHashBlockNumber, InputSample1ByteLen / BlockSizeSa= mple1);=0D + Status =3D ParallelHash256HashAll (=0D + InputSample1,=0D + InputSample1ByteLen,=0D + Output,=0D + OutputByteLen,=0D + CustomizationSample1,=0D + CustomSample1ByteLen=0D + );=0D + UT_ASSERT_TRUE (Status);=0D +=0D + // Check the output with the expected output.=0D + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample1, OutputByteLen);=0D +=0D + //=0D + // Test #2 using sample2.=0D + //=0D + PcdSet16S (PcdParallelHashBlockNumber, InputSample2ByteLen / BlockSizeSa= mple2);=0D + Status =3D ParallelHash256HashAll (=0D + InputSample2,=0D + InputSample2ByteLen,=0D + Output,=0D + OutputByteLen,=0D + CustomizationSample2,=0D + CustomSample2ByteLen=0D + );=0D + UT_ASSERT_TRUE (Status);=0D +=0D + // Check the output with the expected output.=0D + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample2, OutputByteLen);=0D +=0D + //=0D + // Test #3 using sample3.=0D + //=0D + PcdSet16S (PcdParallelHashBlockNumber, InputSample3ByteLen / BlockSizeSa= mple3);=0D + Status =3D ParallelHash256HashAll (=0D + InputSample3,=0D + InputSample3ByteLen,=0D + Output,=0D + OutputByteLen,=0D + CustomizationSample3,=0D + CustomSample3ByteLen=0D + );=0D + UT_ASSERT_TRUE (Status);=0D +=0D + // Check the output with the expected output.=0D + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample3, OutputByteLen);=0D +=0D + // Recover original PcdParallelHashBlockNumber.=0D + PcdSet16S (PcdParallelHashBlockNumber, OriginalParallelHashBlockNumber);= =0D +=0D + return EFI_SUCCESS;=0D +}=0D +=0D +TEST_DESC mParallelhashTest[] =3D {=0D + //=0D + // -----Description------------------------------Class------------------= ----Function-----------------Pre---Post--Context=0D + //=0D + { "TestVerifyParallelHash256HashAll()", "CryptoPkg.BaseCryptLib.Parallel= Hash256HashAll", TestVerifyParallelHash256HashAll, NULL, NULL, NULL },=0D +};=0D +=0D +UINTN mParallelhashTestNum =3D ARRAY_SIZE (mParallelhashTest);=0D diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec index 5888941bab..3af55d9c10 100644 --- a/CryptoPkg/CryptoPkg.dec +++ b/CryptoPkg/CryptoPkg.dec @@ -4,7 +4,7 @@ # This Package provides cryptographic-related libraries for UEFI security= modules.=0D # It also provides a test application to test libraries.=0D #=0D -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
= =0D +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.
= =0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D ##=0D @@ -81,5 +81,12 @@ # @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004, 0x00000008= , 0x00000010=0D gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x0000= 0001=0D =0D +[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]=0D + ## This PCD indicates the block number of parallel hash=0D + # Based on the value set, parallel hash can chose the block=0D + # number to calculate specific hash.
=0D + # The number can be set by platform team according to the core number.= =0D + gEfiCryptoPkgTokenSpaceGuid.PcdParallelHashBlockNumber|0x0100|UINT16|0x0= 0000003=0D +=0D [UserExtensions.TianoCore."ExtraFiles"]=0D CryptoPkgExtra.uni=0D diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/L= ibrary/BaseCryptLib.h index f4bc7c0d73..0b274b1257 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -4,7 +4,7 @@ primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI secur= ity=0D functionality enabling.=0D =0D -Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D @@ -753,6 +753,33 @@ Sha512HashAll ( OUT UINT8 *HashValue=0D );=0D =0D +/**=0D + Parallel hash function ParallelHash256, as defined in NIST's Special Pub= lication 800-185,=0D + published December 2016.=0D +=0D + @param[in] Input Pointer to the input message (X).=0D + @param[in] InputByteLen The number(>0) of input bytes provided for= the input data.=0D + @param[out] Output Pointer to the output buffer.=0D + @param[in] OutputByteLen The desired number of output bytes (L).=0D + @param[in] Customization Pointer to the customization string (S).=0D + @param[in] CustomByteLen The length of the customization string in = bytes.=0D +=0D + @retval TRUE ParallelHash256 digest computation succeeded.=0D + @retval FALSE ParallelHash256 digest computation failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +ParallelHash256HashAll (=0D + IN CONST VOID *Input,=0D + IN UINTN InputByteLen,=0D + OUT VOID *Output,=0D + IN UINTN OutputByteLen,=0D + IN CONST VOID *Customization,=0D + IN UINTN CustomByteLen=0D + );=0D +=0D /**=0D Retrieves the size, in bytes, of the context buffer required for SM3 has= h operations.=0D =0D diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SmmCryptLib.inf index e6470d7a21..70159163d4 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -10,7 +10,7 @@ # RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellma= n functions, and=0D # authenticode signature verification functions are not supported in this= instance.=0D #=0D -# Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.
= =0D +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.
= =0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D ##=0D @@ -38,6 +38,10 @@ Hash/CryptSha256.c=0D Hash/CryptSm3.c=0D Hash/CryptSha512.c=0D + Hash/CryptSha3.c=0D + Hash/CryptXkcp.c=0D + Hash/CryptCShake256.c=0D + Hash/CryptParallelHash.c=0D Hmac/CryptHmacSha256.c=0D Kdf/CryptHkdfNull.c=0D Cipher/CryptAes.c=0D @@ -85,6 +89,9 @@ OpensslLib=0D IntrinsicLib=0D PrintLib=0D + MmServicesTableLib=0D + SynchronizationLib=0D + PcdLib=0D =0D #=0D # Remove these [BuildOptions] after this library is cleaned up=0D @@ -101,3 +108,6 @@ GCC:*_CLANG35_*_CC_FLAGS =3D -std=3Dc99=0D GCC:*_CLANG38_*_CC_FLAGS =3D -std=3Dc99=0D GCC:*_CLANGPDB_*_CC_FLAGS =3D -std=3Dc99 -Wno-error=3Dincompatible-point= er-types=0D +=0D +[Pcd]=0D + gEfiCryptoPkgTokenSpaceGuid.PcdParallelHashBlockNumber=0D diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h b/CryptoPkg/Library/= Include/CrtLibSupport.h index d257dca8fa..35d9c62a0b 100644 --- a/CryptoPkg/Library/Include/CrtLibSupport.h +++ b/CryptoPkg/Library/Include/CrtLibSupport.h @@ -2,7 +2,7 @@ Root include file of C runtime library to support building the third-par= ty=0D cryptographic library.=0D =0D -Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.
=0D Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights = reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D @@ -21,6 +21,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent =0D #define MAX_STRING_SIZE 0x1000=0D =0D +#define PARALLELHASH_CUSTOMIZATION "ParallelHash"=0D +=0D //=0D // We already have "no-ui" in out Configure invocation.=0D // but the code still fails to compile.=0D @@ -111,6 +113,7 @@ typedef UINT8 u_char; typedef UINT32 uid_t;=0D typedef UINT32 gid_t;=0D typedef CHAR16 wchar_t;=0D +typedef UINT64 uint64_t;=0D =0D //=0D // File operations are not required for EFI building,=0D diff --git a/CryptoPkg/Library/Include/sha3.h b/CryptoPkg/Library/Include/s= ha3.h new file mode 100644 index 0000000000..71b4c75548 --- /dev/null +++ b/CryptoPkg/Library/Include/sha3.h @@ -0,0 +1,32 @@ +/** @file=0D + SHA3 realted functions from OpenSSL.=0D +=0D +Copyright (c) 2022, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.=0D +Licensed under the OpenSSL license (the "License"). You may not use=0D +this file except in compliance with the License. You can obtain a copy=0D +in the file LICENSE in the source distribution or at=0D +https://www.openssl.org/source/license.html=0D +=0D +**/=0D +=0D +#include =0D +=0D +#define KECCAK1600_WIDTH 1600=0D +=0D +typedef struct {=0D + uint64_t A[5][5];=0D + size_t block_size; /* cached ctx->digest->block_size */=0D + size_t md_size; /* output length, variable in XOF */=0D + size_t num; /* used bytes in below buffer */=0D + unsigned char buf[KECCAK1600_WIDTH / 8 - 32];=0D + unsigned char pad;=0D +} KECCAK1600_CTX;=0D +=0D +int init(KECCAK1600_CTX *ctx, unsigned char pad, size_t bsz, size_t md_siz= e);=0D +=0D +int sha3_update(KECCAK1600_CTX *ctx, const void *_inp, size_t len);=0D +=0D +int sha3_final(KECCAK1600_CTX *ctx, unsigned char *md);=0D diff --git a/CryptoPkg/Library/Include/xkcp.h b/CryptoPkg/Library/Include/x= kcp.h new file mode 100644 index 0000000000..b328d672e4 --- /dev/null +++ b/CryptoPkg/Library/Include/xkcp.h @@ -0,0 +1,23 @@ +/** @file=0D + Encode realted functions from Xkcp.=0D +=0D +Copyright (c) 2022, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +The eXtended Keccak Code Package (XKCP)=0D +https://github.com/XKCP/XKCP=0D +Keccak, designed by Guido Bertoni, Joan Daemen, Micha=C3=ABl Peeters and G= illes Van Assche.=0D +Implementation by the designers, hereby denoted as "the implementer".=0D +For more information, feedback or questions, please refer to the Keccak Te= am website:=0D +https://keccak.team/=0D +To the extent possible under law, the implementer has waived all copyright= =0D +and related or neighboring rights to the source code in this file.=0D +http://creativecommons.org/publicdomain/zero/1.0/=0D +=0D +**/=0D +=0D +#include =0D +=0D +unsigned int left_encode(unsigned char * encbuf, size_t value);=0D +=0D +unsigned int right_encode(unsigned char * encbuf, size_t value);=0D diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.= h b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h index a6b3482742..0bffd687c2 100644 --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h @@ -1,7 +1,7 @@ /** @file=0D Application for Cryptographic Primitives Validation.=0D =0D -Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D @@ -19,6 +19,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include =0D #include =0D #include =0D +#include =0D // #include =0D #include =0D // #include =0D diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibH= ost.inf b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost= .inf index 00c8692650..61a59d6a47 100644 --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf @@ -2,6 +2,7 @@ # Host-based UnitTest for BaseCryptLib=0D #=0D # Copyright (c) Microsoft Corporation.
=0D +# Copyright (c) 2022, Intel Corporation. All rights reserved.
=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D ##=0D =0D @@ -35,6 +36,7 @@ Pkcs7EkuTests.c=0D OaepEncryptTests.c=0D RsaPssTests.c=0D + ParallelhashTests.c=0D =0D [Packages]=0D MdePkg/MdePkg.dec=0D @@ -45,3 +47,8 @@ DebugLib=0D BaseCryptLib=0D UnitTestLib=0D + PcdLib=0D +=0D +[Pcd]=0D + gEfiCryptoPkgTokenSpaceGuid.PcdParallelHashBlockNumber=0D +=0D diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibS= hell.inf b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShe= ll.inf index ca789aa6ad..682f25a754 100644 --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf @@ -2,6 +2,7 @@ # BaseCryptLib UnitTest built for execution in UEFI Shell.=0D #=0D # Copyright (c) Microsoft Corporation.
=0D +# Copyright (c) 2022, Intel Corporation. All rights reserved.
=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D ##=0D =0D @@ -36,6 +37,7 @@ Pkcs7EkuTests.c=0D OaepEncryptTests.c=0D RsaPssTests.c=0D + ParallelhashTests.c=0D =0D [Packages]=0D MdePkg/MdePkg.dec=0D @@ -48,3 +50,7 @@ UnitTestLib=0D PrintLib=0D BaseCryptLib=0D + PcdLib=0D +=0D +[Pcd]=0D + gEfiCryptoPkgTokenSpaceGuid.PcdParallelHashBlockNumber=0D --=20 2.26.2.windows.1