From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id C77BCAC10E0 for ; Wed, 30 Aug 2023 07:52:27 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=Uh3VMG24A5fHqswQnKbAQUEpYfwQfbH/IvQqyL7LTLA=; c=relaxed/simple; d=groups.io; h=From:To:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1693381946; v=1; b=aERaJKbwLK/RfefA4FMHFcvJ1qTL8IRkgScUdyntITzmCzT6MAOL3hH9hqqn+clFtG0KdMo7 RxQVfTL6T0NHdWldFxQhieXRQOF9b2jVSP9T8j+EA2Ci4OC5EPmq2jE+kFAXnHr2t44maKyXaOL /npakvq+E3+/sIjHfRVfz4pg= X-Received: by 127.0.0.2 with SMTP id bwKiYY7687511xUfAkD466cw; Wed, 30 Aug 2023 00:52:26 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web11.9013.1693381945374772998 for ; Wed, 30 Aug 2023 00:52:25 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10817"; a="378289101" X-IronPort-AV: E=Sophos;i="6.02,212,1688454000"; d="scan'208";a="378289101" X-Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Aug 2023 00:52:24 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10817"; a="742139695" X-IronPort-AV: E=Sophos;i="6.02,212,1688454000"; d="scan'208";a="742139695" X-Received: from shwdejointd777.ccr.corp.intel.com ([10.239.58.116]) by fmsmga007.fm.intel.com with ESMTP; 30 Aug 2023 00:52:23 -0700 From: "Wenxing Hou" To: devel@edk2.groups.io Subject: [edk2-devel] [edk2/add_mbedtls PATCH 0/9] *** Add HMAC/HKDF/RSA/HASH features based on Mbedtls *** Date: Wed, 30 Aug 2023 15:52:11 +0800 Message-Id: <20230830075220.2070-1-wenxing.hou@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: FhH9FEkscfCuLJy5SUDg22U4x7686176AA= Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=aERaJKbw; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io *** Add BaseCryptLibMbedTls for CryptoPkg, which can be an alternative to OpenSSL in some scenarios. There are four features in the patch: HMAC/HKDF/RSA/HASH.*** Wenxing Hou (9): CryptoPkg: Add mbedtls submodule for EDKII CryptoPkg: Add mbedtls_config and MbedTlsLib.inf CryptoPkg: Add HMAC functions based on Mbedtls CryptoPkg: Add HKDF functions based on Mbedtls CryptoPkg: Add RSA functions based on Mbedtls CryptoPkg: Add all .inf files for BaseCryptLibMbedTls CryptoPkg: Add Null functions for building pass CryptoPkg: Add MD5/SHA1/SHA2 functions based on Mbedtls CryptoPkg: Add Mbedtls submodule in CI .gitmodules | 3 + .pytool/CISettings.py | 2 + CryptoPkg/CryptoPkg.ci.yaml | 66 +- CryptoPkg/CryptoPkg.dec | 4 + CryptoPkg/CryptoPkgMbedTls.dsc | 280 ++ .../BaseCryptLibMbedTls/BaseCryptLib.inf | 81 + .../BaseCryptLibMbedTls/Bn/CryptBnNull.c | 520 +++ .../Cipher/CryptAeadAesGcmNull.c | 100 + .../BaseCryptLibMbedTls/Cipher/CryptAesNull.c | 159 + .../BaseCryptLibMbedTls/Hash/CryptMd5.c | 234 + .../BaseCryptLibMbedTls/Hash/CryptMd5Null.c | 163 + .../Hash/CryptParallelHashNull.c | 40 + .../BaseCryptLibMbedTls/Hash/CryptSha1.c | 234 + .../BaseCryptLibMbedTls/Hash/CryptSha1Null.c | 166 + .../BaseCryptLibMbedTls/Hash/CryptSha256.c | 227 + .../Hash/CryptSha256Null.c | 162 + .../BaseCryptLibMbedTls/Hash/CryptSha512.c | 447 ++ .../Hash/CryptSha512Null.c | 275 ++ .../BaseCryptLibMbedTls/Hash/CryptSm3Null.c | 164 + .../BaseCryptLibMbedTls/Hmac/CryptHmac.c | 620 +++ .../BaseCryptLibMbedTls/Hmac/CryptHmacNull.c | 359 ++ .../BaseCryptLibMbedTls/InternalCryptLib.h | 44 + .../BaseCryptLibMbedTls/Kdf/CryptHkdf.c | 372 ++ .../BaseCryptLibMbedTls/Kdf/CryptHkdfNull.c | 192 + .../BaseCryptLibMbedTls/PeiCryptLib.inf | 101 + .../BaseCryptLibMbedTls/PeiCryptLib.uni | 25 + .../BaseCryptLibMbedTls/Pem/CryptPemNull.c | 69 + .../Pk/CryptAuthenticodeNull.c | 45 + .../BaseCryptLibMbedTls/Pk/CryptDhNull.c | 150 + .../BaseCryptLibMbedTls/Pk/CryptEcNull.c | 578 +++ .../Pk/CryptPkcs1OaepNull.c | 51 + .../Pk/CryptPkcs5Pbkdf2Null.c | 48 + .../Pk/CryptPkcs7Internal.h | 83 + .../Pk/CryptPkcs7SignNull.c | 53 + .../Pk/CryptPkcs7VerifyEkuNull.c | 152 + .../Pk/CryptPkcs7VerifyEkuRuntime.c | 56 + .../Pk/CryptPkcs7VerifyNull.c | 163 + .../Pk/CryptPkcs7VerifyRuntime.c | 38 + .../BaseCryptLibMbedTls/Pk/CryptRsaBasic.c | 268 ++ .../Pk/CryptRsaBasicNull.c | 121 + .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c | 337 ++ .../BaseCryptLibMbedTls/Pk/CryptRsaExtNull.c | 117 + .../BaseCryptLibMbedTls/Pk/CryptRsaPss.c | 164 + .../BaseCryptLibMbedTls/Pk/CryptRsaPssNull.c | 46 + .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c | 231 + .../Pk/CryptRsaPssSignNull.c | 60 + .../BaseCryptLibMbedTls/Pk/CryptTsNull.c | 42 + .../BaseCryptLibMbedTls/Pk/CryptX509Null.c | 753 ++++ .../BaseCryptLibMbedTls/Rand/CryptRandNull.c | 56 + .../BaseCryptLibMbedTls/RuntimeCryptLib.inf | 92 + .../BaseCryptLibMbedTls/RuntimeCryptLib.uni | 22 + .../BaseCryptLibMbedTls/SecCryptLib.inf | 84 + .../BaseCryptLibMbedTls/SecCryptLib.uni | 17 + .../BaseCryptLibMbedTls/SmmCryptLib.inf | 92 + .../BaseCryptLibMbedTls/SmmCryptLib.uni | 22 + .../SysCall/ConstantTimeClock.c | 75 + .../BaseCryptLibMbedTls/SysCall/CrtWrapper.c | 58 + .../SysCall/RuntimeMemAllocation.c | 462 ++ .../SysCall/TimerWrapper.c | 198 + .../BaseCryptLibMbedTls/TestBaseCryptLib.inf | 78 + CryptoPkg/Library/MbedTlsLib/CrtWrapper.c | 96 + CryptoPkg/Library/MbedTlsLib/EcSm2Null.c | 495 +++ .../Include/mbedtls/mbedtls_config.h | 3823 +++++++++++++++++ CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 173 + .../Library/MbedTlsLib/MbedTlsLibFull.inf | 177 + CryptoPkg/Library/MbedTlsLib/mbedtls | 1 + 66 files changed, 14683 insertions(+), 3 deletions(-) create mode 100644 CryptoPkg/CryptoPkgMbedTls.dsc create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Bn/CryptBnNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAeadAesGcmNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Cipher/CryptAesNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5Null.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHashNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1Null.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha256.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha256Null.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha512.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha512Null.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3Null.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hmac/CryptHmac.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hmac/CryptHmacNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Kdf/CryptHkdf.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Kdf/CryptHkdfNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.uni create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pem/CryptPemNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptAuthenticodeNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptDhNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptEcNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs1OaepNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2Null.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7Internal.h create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7SignNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyEkuNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyEkuRuntime.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptPkcs7VerifyRuntime.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasic.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasicNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExtNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSignNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptTsNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509Null.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Rand/CryptRandNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.uni create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.inf create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.uni create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.uni create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/ConstantTimeClock.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/CrtWrapper.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/RuntimeMemAllocation.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/TimerWrapper.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf create mode 100644 CryptoPkg/Library/MbedTlsLib/CrtWrapper.c create mode 100644 CryptoPkg/Library/MbedTlsLib/EcSm2Null.c create mode 100644 CryptoPkg/Library/MbedTlsLib/Include/mbedtls/mbedtls_config.h create mode 100644 CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf create mode 100644 CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf create mode 160000 CryptoPkg/Library/MbedTlsLib/mbedtls -- 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108119): https://edk2.groups.io/g/devel/message/108119 Mute This Topic: https://groups.io/mt/101048094/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-