From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web09.2274.1646180902366421497 for ; Tue, 01 Mar 2022 16:28:26 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=bqdlm4wx; spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1646180905; x=1677716905; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=laadgpcJxdgOqJ0+eisTGXjL93HIdVv9yoJk42cqPfM=; b=bqdlm4wx1njzToahlv5QFIY0QjYzglxIhpvHRVYWazxmUDL18WauIY3r r6tv73ahuAulVBbY5eyrsA8WMDsspc9mgO9aWZTZpFMT/RA9tIE1BJD7/ 6ux953n5vlZ9siLqi5GdjN3wTkGCa2IpSJmFIRTAHXF8EK8z4tKiYrU/J DnINfIgjor4I+UL2wnFT3dMvaMbZ6lrZ2n9KuHln0JaCVV7BBfg4MLz6V R5dmGULHU4CYd/pEuCtmYhRdOFcC+qM5asoMx5BjBjvsrC5aigwDGHu0W 1H60nGj9gvx78dxvzyybrNjJRcsVrZeugP8/sANZ355ILKg3w+bn9TbB3 g==; X-IronPort-AV: E=McAfee;i="6200,9189,10273"; a="253006543" X-IronPort-AV: E=Sophos;i="5.90,146,1643702400"; d="scan'208";a="253006543" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Mar 2022 16:28:25 -0800 X-IronPort-AV: E=Sophos;i="5.90,146,1643702400"; d="scan'208";a="641482167" Received: from mxu9-mobl1.ccr.corp.intel.com ([10.238.2.184]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Mar 2022 16:28:23 -0800 From: "Min Xu" To: devel@edk2.groups.io Cc: Min Xu , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Gerd Hoffmann Subject: [PATCH 2/8] CryptoPkg: Add SecCryptLib Date: Wed, 2 Mar 2022 08:28:01 +0800 Message-Id: <20220302002807.982-3-min.m.xu@intel.com> X-Mailer: git-send-email 2.29.2.windows.2 In-Reply-To: <20220302002807.982-1-min.m.xu@intel.com> References: <20220302002807.982-1-min.m.xu@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853 This is the Cryptographic library instance for SEC. The motivation of this library is to support SHA384 in SEC phase for Td guest. So only Hash/CryptSha512.c is included which supports SHA384 and SHA512. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Cc: Gerd Hoffmann Signed-off-by: Min Xu --- CryptoPkg/CryptoPkg.dsc | 4 ++ .../Library/BaseCryptLib/SecCryptLib.inf | 67 +++++++++++++++++++ 2 files changed, 71 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 0aa72ed87846..b814e9616454 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -109,6 +109,9 @@ [LibraryClasses.ARM] ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf +[LibraryClasses.common.SEC] + BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf + [LibraryClasses.common.PEIM] PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf @@ -236,6 +239,7 @@ !if $(CRYPTO_SERVICES) == PACKAGE [Components] CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf + CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf new file mode 100644 index 000000000000..6ef2f67e35dd --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf @@ -0,0 +1,67 @@ +## @file +# Cryptographic Library Instance for SEC. +# +# Caution: This module requires additional review when modified. +# This library will have external input - signature. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. +# +# Copyright (c) 2021, Intel Corporation. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = SecCryptLib + FILE_GUID = 3689D343-0D32-4284-8053-BF10537990E8 + MODULE_TYPE = BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = BaseCryptLib|SEC + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 +# + +[Sources] + InternalCryptLib.h + Hash/CryptSha512.c + + SysCall/CrtWrapper.c + SysCall/ConstantTimeClock.c + SysCall/BaseMemAllocation.c + +[Packages] + MdePkg/MdePkg.dec + CryptoPkg/CryptoPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + MemoryAllocationLib + DebugLib + OpensslLib + IntrinsicLib + +# +# Remove these [BuildOptions] after this library is cleaned up +# +[BuildOptions] + # + # suppress the following warnings so we do not break the build with warnings-as-errors: + # C4090: 'function' : different 'const' qualifiers + # C4718: 'function call' : recursive call has no side effects, deleting + # + MSFT:*_*_*_CC_FLAGS = /wd4090 /wd4718 + + # -JCryptoPkg/Include : To disable the use of the system includes provided by RVCT + # --diag_remark=1 : Reduce severity of "#1-D: last line of file ends without a newline" + RVCT:*_*_ARM_CC_FLAGS = -JCryptoPkg/Include --diag_remark=1 + + GCC:*_CLANG35_*_CC_FLAGS = -std=c99 + GCC:*_CLANG38_*_CC_FLAGS = -std=c99 + GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types + + XCODE:*_*_*_CC_FLAGS = -std=c99 -- 2.29.2.windows.2