From: "Min Xu" <min.m.xu@intel.com>
To: devel@edk2.groups.io
Cc: Min Xu <min.m.xu@intel.com>, Jiewen Yao <jiewen.yao@intel.com>,
Jian J Wang <jian.j.wang@intel.com>,
Xiaoyu Lu <xiaoyu1.lu@intel.com>,
Guomin Jiang <guomin.jiang@intel.com>,
Gerd Hoffmann <kraxel@redhat.com>
Subject: [PATCH 2/8] CryptoPkg: Add SecCryptLib
Date: Wed, 2 Mar 2022 08:28:01 +0800 [thread overview]
Message-ID: <20220302002807.982-3-min.m.xu@intel.com> (raw)
In-Reply-To: <20220302002807.982-1-min.m.xu@intel.com>
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
This is the Cryptographic library instance for SEC. The motivation of
this library is to support SHA384 in SEC phase for Td guest. So only
Hash/CryptSha512.c is included which supports SHA384 and SHA512.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
CryptoPkg/CryptoPkg.dsc | 4 ++
.../Library/BaseCryptLib/SecCryptLib.inf | 67 +++++++++++++++++++
2 files changed, 71 insertions(+)
create mode 100644 CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf
diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
index 0aa72ed87846..b814e9616454 100644
--- a/CryptoPkg/CryptoPkg.dsc
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -109,6 +109,9 @@
[LibraryClasses.ARM]
ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
+[LibraryClasses.common.SEC]
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf
+
[LibraryClasses.common.PEIM]
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
@@ -236,6 +239,7 @@
!if $(CRYPTO_SERVICES) == PACKAGE
[Components]
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf
new file mode 100644
index 000000000000..6ef2f67e35dd
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf
@@ -0,0 +1,67 @@
+## @file
+# Cryptographic Library Instance for SEC.
+#
+# Caution: This module requires additional review when modified.
+# This library will have external input - signature.
+# This external input must be validated carefully to avoid security issues such as
+# buffer overflow or integer overflow.
+#
+# Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SecCryptLib
+ FILE_GUID = 3689D343-0D32-4284-8053-BF10537990E8
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = BaseCryptLib|SEC
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64
+#
+
+[Sources]
+ InternalCryptLib.h
+ Hash/CryptSha512.c
+
+ SysCall/CrtWrapper.c
+ SysCall/ConstantTimeClock.c
+ SysCall/BaseMemAllocation.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ MemoryAllocationLib
+ DebugLib
+ OpensslLib
+ IntrinsicLib
+
+#
+# Remove these [BuildOptions] after this library is cleaned up
+#
+[BuildOptions]
+ #
+ # suppress the following warnings so we do not break the build with warnings-as-errors:
+ # C4090: 'function' : different 'const' qualifiers
+ # C4718: 'function call' : recursive call has no side effects, deleting
+ #
+ MSFT:*_*_*_CC_FLAGS = /wd4090 /wd4718
+
+ # -JCryptoPkg/Include : To disable the use of the system includes provided by RVCT
+ # --diag_remark=1 : Reduce severity of "#1-D: last line of file ends without a newline"
+ RVCT:*_*_ARM_CC_FLAGS = -JCryptoPkg/Include --diag_remark=1
+
+ GCC:*_CLANG35_*_CC_FLAGS = -std=c99
+ GCC:*_CLANG38_*_CC_FLAGS = -std=c99
+ GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types
+
+ XCODE:*_*_*_CC_FLAGS = -std=c99
--
2.29.2.windows.2
next prev parent reply other threads:[~2022-03-02 0:28 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-02 0:27 [PATCH 0/8] Enable RTMR based measurement and measure boot for Td guest Min Xu
2022-03-02 0:28 ` [PATCH 1/8] Security: Add HashLibBaseCryptoRouterTdx Min Xu
2022-03-02 0:28 ` Min Xu [this message]
2022-03-02 0:28 ` [PATCH 3/8] MdePkg: Add definition of EFI_CC_EVENT_HOB_GUID Min Xu
2022-03-02 1:52 ` 回复: " gaoliming
2022-03-03 7:13 ` [edk2-devel] " Min Xu
2022-03-02 0:28 ` [PATCH 4/8] OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV Min Xu
2022-03-02 0:28 ` [PATCH 5/8] MdePkg: Define CC Measure EventLog ACPI Table Min Xu
2022-03-09 15:35 ` Sami Mujawar
2022-03-10 5:48 ` Yao, Jiewen
2022-03-10 10:27 ` Sami Mujawar
2022-03-17 13:10 ` Sami Mujawar
2022-03-17 13:23 ` Yao, Jiewen
2022-03-17 13:25 ` Samer El-Haj-Mahmoud
2022-03-17 13:33 ` [edk2-devel] " Yao, Jiewen
2022-03-02 0:28 ` [PATCH 6/8] OvmfPkg: Add PCDs for LAML/LASA field in CC EVENTLOG ACPI table Min Xu
2022-03-02 0:28 ` [PATCH 7/8] OvmfPkg/IntelTdx: Add TdTcg2Dxe Min Xu
2022-03-02 0:28 ` [PATCH 8/8] OvmfPkg/IntelTdx: Enable RTMR based measurement and measure boot Min Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220302002807.982-3-min.m.xu@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox