public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Min Xu" <min.m.xu@intel.com>
To: devel@edk2.groups.io
Cc: Min Xu <min.m.xu@intel.com>, Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Xiaoyu Lu <xiaoyu1.lu@intel.com>,
	Guomin Jiang <guomin.jiang@intel.com>,
	Gerd Hoffmann <kraxel@redhat.com>
Subject: [PATCH 2/8] CryptoPkg: Add SecCryptLib
Date: Wed,  2 Mar 2022 08:28:01 +0800	[thread overview]
Message-ID: <20220302002807.982-3-min.m.xu@intel.com> (raw)
In-Reply-To: <20220302002807.982-1-min.m.xu@intel.com>

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853

This is the Cryptographic library instance for SEC. The motivation of
this library is to support SHA384 in SEC phase for Td guest. So only
Hash/CryptSha512.c is included which supports SHA384 and SHA512.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 CryptoPkg/CryptoPkg.dsc                       |  4 ++
 .../Library/BaseCryptLib/SecCryptLib.inf      | 67 +++++++++++++++++++
 2 files changed, 71 insertions(+)
 create mode 100644 CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf

diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
index 0aa72ed87846..b814e9616454 100644
--- a/CryptoPkg/CryptoPkg.dsc
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -109,6 +109,9 @@
 [LibraryClasses.ARM]
   ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
 
+[LibraryClasses.common.SEC]
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf
+
 [LibraryClasses.common.PEIM]
   PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
   ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
@@ -236,6 +239,7 @@
 !if $(CRYPTO_SERVICES) == PACKAGE
 [Components]
   CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+  CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf
   CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
   CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
   CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf
new file mode 100644
index 000000000000..6ef2f67e35dd
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf
@@ -0,0 +1,67 @@
+## @file
+#  Cryptographic Library Instance for SEC.
+#
+#  Caution: This module requires additional review when modified.
+#  This library will have external input - signature.
+#  This external input must be validated carefully to avoid security issues such as
+#  buffer overflow or integer overflow.
+#
+#  Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = SecCryptLib
+  FILE_GUID                      = 3689D343-0D32-4284-8053-BF10537990E8
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = BaseCryptLib|SEC
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64
+#
+
+[Sources]
+  InternalCryptLib.h
+  Hash/CryptSha512.c
+
+  SysCall/CrtWrapper.c
+  SysCall/ConstantTimeClock.c
+  SysCall/BaseMemAllocation.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  MemoryAllocationLib
+  DebugLib
+  OpensslLib
+  IntrinsicLib
+
+#
+# Remove these [BuildOptions] after this library is cleaned up
+#
+[BuildOptions]
+  #
+  # suppress the following warnings so we do not break the build with warnings-as-errors:
+  # C4090: 'function' : different 'const' qualifiers
+  # C4718: 'function call' : recursive call has no side effects, deleting
+  #
+  MSFT:*_*_*_CC_FLAGS = /wd4090 /wd4718
+
+  # -JCryptoPkg/Include : To disable the use of the system includes provided by RVCT
+  # --diag_remark=1     : Reduce severity of "#1-D: last line of file ends without a newline"
+  RVCT:*_*_ARM_CC_FLAGS = -JCryptoPkg/Include --diag_remark=1
+
+  GCC:*_CLANG35_*_CC_FLAGS = -std=c99
+  GCC:*_CLANG38_*_CC_FLAGS = -std=c99
+  GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types
+
+  XCODE:*_*_*_CC_FLAGS = -std=c99
-- 
2.29.2.windows.2


  parent reply	other threads:[~2022-03-02  0:28 UTC|newest]

Thread overview: 18+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-02  0:27 [PATCH 0/8] Enable RTMR based measurement and measure boot for Td guest Min Xu
2022-03-02  0:28 ` [PATCH 1/8] Security: Add HashLibBaseCryptoRouterTdx Min Xu
2022-03-02  0:28 ` Min Xu [this message]
2022-03-02  0:28 ` [PATCH 3/8] MdePkg: Add definition of EFI_CC_EVENT_HOB_GUID Min Xu
2022-03-02  1:52   ` 回复: " gaoliming
2022-03-03  7:13     ` [edk2-devel] " Min Xu
2022-03-02  0:28 ` [PATCH 4/8] OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV Min Xu
2022-03-02  0:28 ` [PATCH 5/8] MdePkg: Define CC Measure EventLog ACPI Table Min Xu
2022-03-09 15:35   ` Sami Mujawar
2022-03-10  5:48     ` Yao, Jiewen
2022-03-10 10:27       ` Sami Mujawar
2022-03-17 13:10         ` Sami Mujawar
2022-03-17 13:23           ` Yao, Jiewen
2022-03-17 13:25             ` Samer El-Haj-Mahmoud
2022-03-17 13:33               ` [edk2-devel] " Yao, Jiewen
2022-03-02  0:28 ` [PATCH 6/8] OvmfPkg: Add PCDs for LAML/LASA field in CC EVENTLOG ACPI table Min Xu
2022-03-02  0:28 ` [PATCH 7/8] OvmfPkg/IntelTdx: Add TdTcg2Dxe Min Xu
2022-03-02  0:28 ` [PATCH 8/8] OvmfPkg/IntelTdx: Enable RTMR based measurement and measure boot Min Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220302002807.982-3-min.m.xu@intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox