From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 96A20D802AE for ; Mon, 22 Apr 2024 01:34:05 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=+36Hmi+Hj4lkiGNNtwYOQ8W4YU97PegtYmsO/WaQCCc=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20240206; t=1713749644; v=1; b=MWBECWBCuOGhJmwhvIEvXqQM6oKbPlLnABPkBwy21FxomHuv3XCDOc8NWtWNOidMO5t9hG/5 FCsa7tuumcgzKYIYnx9z/9bFkag3KE4x2wSoySqJXxcTeRvz+ciiJTVFR1GL7vyz3on3MOSOOLt 2As5lpDJbg4IH0E2sMUbn5j/u98P0K1g3+TcPx28JoIiNJiK2h/U7NejaeSqY8AEJ3kFJIuQl50 gmjY88CqejXD53sQDv3+b1IsDM6pP8U8fh7TP++KSvMRPIcKblJSnpVQuIlqYb9wdAiyVLNchik LASljIRmtaypt+92M1Bt0kOdWUfLErW2tH2RHOO+pONMA== X-Received: by 127.0.0.2 with SMTP id MLPxYY7687511xcUVZOoqwAD; Sun, 21 Apr 2024 18:34:04 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.15]) by mx.groups.io with SMTP id smtpd.web10.8721.1713749643133819495 for ; Sun, 21 Apr 2024 18:34:03 -0700 X-CSE-ConnectionGUID: sCN7IEWoTDC4mqpTHJJFNQ== X-CSE-MsgGUID: q+2LShqwRvWTMkKH7NoWKw== X-IronPort-AV: E=McAfee;i="6600,9927,11051"; a="9442992" X-IronPort-AV: E=Sophos;i="6.07,219,1708416000"; d="scan'208";a="9442992" X-Received: from orviesa005.jf.intel.com ([10.64.159.145]) by fmvoesa109.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Apr 2024 18:34:03 -0700 X-CSE-ConnectionGUID: UEdzUhchRFaoFdyrmfDc8Q== X-CSE-MsgGUID: KAeo+QdHRBCXVHhnoiYjcg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,219,1708416000"; d="scan'208";a="28638959" X-Received: from shwdejointd777.ccr.corp.intel.com ([10.239.58.116]) by orviesa005.jf.intel.com with ESMTP; 21 Apr 2024 18:34:01 -0700 From: "Wenxing Hou" To: devel@edk2.groups.io Cc: Jiewen Yao , Yi Li Subject: [edk2-devel] [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls Date: Mon, 22 Apr 2024 09:33:56 +0800 Message-Id: <20240422013356.1147-1-wenxing.hou@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Sun, 21 Apr 2024 18:34:03 -0700 Resent-From: wenxing.hou@intel.com Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: y2zBTqeGmH3Z4Vnn04IHPm2Bx7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=MWBECWBC; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3 implementaion based on Openssl. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/CryptoPkg.ci.yaml | 1 + .../BaseCryptLibMbedTls/Hash/CryptCShake256.c | 282 +++++++++ .../Hash/CryptDispatchApDxe.c | 49 ++ .../Hash/CryptDispatchApMm.c | 35 ++ .../Hash/CryptDispatchApPei.c | 54 ++ .../Hash/CryptParallelHash.c | 254 ++++++++ .../Hash/CryptParallelHash.h | 231 +++++++ .../BaseCryptLibMbedTls/Hash/CryptSha3.c | 166 +++++ .../BaseCryptLibMbedTls/Hash/CryptSm3.c | 235 +++++++ .../BaseCryptLibMbedTls/Hash/CryptXkcp.c | 107 ++++ .../SysCall/DummyOpensslSupport.c | 595 ++++++++++++++++++ CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 6 + .../Library/MbedTlsLib/MbedTlsLibFull.inf | 6 + 13 files changed, 2021 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake2= 56.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatc= hApDxe.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatc= hApMm.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatc= hApPei.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParalle= lHash.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParalle= lHash.h create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpen= sslSupport.c diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml index b601bcf85c..046cc05163 100644 --- a/CryptoPkg/CryptoPkg.ci.yaml +++ b/CryptoPkg/CryptoPkg.ci.yaml @@ -40,6 +40,7 @@ "Library/Include/CrtLibSupport.h",=0D # This has OpenSSL interfaces that aren't UEFI spec compliant= =0D "Library/BaseCryptLib/Hash/CryptParallelHash.h",=0D + "Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h",=0D "Library/Include/fcntl.h",=0D # This has Mbedtls interfaces that aren't UEFI spec compliant= =0D "Library/Include/stdint.h",=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake256.c b/= CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake256.c new file mode 100644 index 0000000000..64d8fa97c5 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake256.c @@ -0,0 +1,282 @@ +/** @file=0D + cSHAKE-256 Digest Wrapper Implementations.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "CryptParallelHash.h"=0D +=0D +#define CSHAKE256_SECURITY_STRENGTH 256=0D +#define CSHAKE256_RATE_IN_BYTES 136=0D +=0D +CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] =3D { 0 };=0D +=0D +/**=0D + CShake256 initial function.=0D +=0D + Initializes user-supplied memory pointed by CShake256Context as cSHAKE-2= 56 hash context for=0D + subsequent use.=0D +=0D + @param[out] CShake256Context Pointer to cSHAKE-256 context being initia= lized.=0D + @param[in] OutputLen The desired number of output length in byt= es.=0D + @param[in] Name Pointer to the function name string.=0D + @param[in] NameLen The length of the function name in bytes.= =0D + @param[in] Customization Pointer to the customization string.=0D + @param[in] CustomizationLen The length of the customization string in = bytes.=0D +=0D + @retval TRUE cSHAKE-256 context initialization succeeded.=0D + @retval FALSE cSHAKE-256 context initialization failed.=0D + @retval FALSE This interface is not supported.=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +CShake256Init (=0D + OUT VOID *CShake256Context,=0D + IN UINTN OutputLen,=0D + IN CONST VOID *Name,=0D + IN UINTN NameLen,=0D + IN CONST VOID *Customization,=0D + IN UINTN CustomizationLen=0D + )=0D +{=0D + BOOLEAN Status;=0D + UINT8 EncBuf[sizeof (UINTN) + 1];=0D + UINTN EncLen;=0D + UINTN AbsorbLen;=0D + UINTN PadLen;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if ((CShake256Context =3D=3D NULL) || (OutputLen =3D=3D 0) || ((NameLen = !=3D 0) && (Name =3D=3D NULL)) || ((CustomizationLen !=3D 0) && (Customizat= ion =3D=3D NULL))) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Initialize KECCAK context with pad value and block size.=0D + //=0D + if ((NameLen =3D=3D 0) && (CustomizationLen =3D=3D 0)) {=0D + //=0D + // When N and S are both empty strings, cSHAKE(X, L, N, S) is equivale= nt to=0D + // SHAKE as defined in FIPS 202.=0D + //=0D + Status =3D (BOOLEAN)KeccakInit (=0D + (Keccak1600_Ctx *)CShake256Context,=0D + '\x1f',=0D + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * = 2) / 8,=0D + OutputLen=0D + );=0D +=0D + return Status;=0D + } else {=0D + Status =3D (BOOLEAN)KeccakInit (=0D + (Keccak1600_Ctx *)CShake256Context,=0D + '\x04',=0D + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * = 2) / 8,=0D + OutputLen=0D + );=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + AbsorbLen =3D 0;=0D + //=0D + // Absorb Absorb bytepad(.., rate).=0D + //=0D + EncLen =3D LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES);=0D + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, En= cBuf, EncLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + AbsorbLen +=3D EncLen;=0D +=0D + //=0D + // Absorb encode_string(N).=0D + //=0D + EncLen =3D LeftEncode (EncBuf, NameLen * 8);=0D + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, En= cBuf, EncLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + AbsorbLen +=3D EncLen;=0D + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context= , Name, NameLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + AbsorbLen +=3D NameLen;=0D +=0D + //=0D + // Absorb encode_string(S).=0D + //=0D + EncLen =3D LeftEncode (EncBuf, CustomizationLen * 8);=0D + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, En= cBuf, EncLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + AbsorbLen +=3D EncLen;=0D + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context= , Customization, CustomizationLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + AbsorbLen +=3D CustomizationLen;=0D +=0D + //=0D + // Absorb zero padding up to rate.=0D + //=0D + PadLen =3D CSHAKE256_RATE_IN_BYTES - AbsorbLen % CSHAKE256_RATE_IN_BYT= ES;=0D + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, mZ= eroPadding, PadLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + return TRUE;=0D + }=0D +}=0D +=0D +/**=0D + Digests the input data and updates cSHAKE-256 context.=0D +=0D + This function performs cSHAKE-256 digest on a data buffer of the specifi= ed size.=0D + It can be called multiple times to compute the digest of long or discont= inuous data streams.=0D + cSHAKE-256 context should be already correctly initialized by CShake256I= nit(), and should not be finalized=0D + by CShake256Final(). Behavior with invalid context is undefined.=0D +=0D + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.=0D + @param[in] Data Pointer to the buffer containing the= data to be hashed.=0D + @param[in] DataSize Size of Data buffer in bytes.=0D +=0D + @retval TRUE cSHAKE-256 data digest succeeded.=0D + @retval FALSE cSHAKE-256 data digest failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +CShake256Update (=0D + IN OUT VOID *CShake256Context,=0D + IN CONST VOID *Data,=0D + IN UINTN DataSize=0D + )=0D +{=0D + //=0D + // Check input parameters.=0D + //=0D + if (CShake256Context =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Check invalid parameters, in case that only DataLength was checked in= OpenSSL.=0D + //=0D + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) {=0D + return FALSE;=0D + }=0D +=0D + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context, Data, D= ataSize));=0D +}=0D +=0D +/**=0D + Completes computation of the cSHAKE-256 digest value.=0D +=0D + This function completes cSHAKE-256 hash computation and retrieves the di= gest value into=0D + the specified memory. After this function has been called, the cSHAKE-25= 6 context cannot=0D + be used again.=0D + cSHAKE-256 context should be already correctly initialized by CShake256I= nit(), and should not be=0D + finalized by CShake256Final(). Behavior with invalid cSHAKE-256 context = is undefined.=0D +=0D + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.=0D + @param[out] HashValue Pointer to a buffer that receives the= cSHAKE-256 digest=0D + value.=0D +=0D + @retval TRUE cSHAKE-256 digest computation succeeded.=0D + @retval FALSE cSHAKE-256 digest computation failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +CShake256Final (=0D + IN OUT VOID *CShake256Context,=0D + OUT UINT8 *HashValue=0D + )=0D +{=0D + //=0D + // Check input parameters.=0D + //=0D + if ((CShake256Context =3D=3D NULL) || (HashValue =3D=3D NULL)) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // cSHAKE-256 Hash Finalization.=0D + //=0D + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context, HashValu= e));=0D +}=0D +=0D +/**=0D + Computes the CSHAKE-256 message digest of a input data buffer.=0D +=0D + This function performs the CSHAKE-256 message digest of a given data buf= fer, and places=0D + the digest value into the specified memory.=0D +=0D + @param[in] Data Pointer to the buffer containing the dat= a to be hashed.=0D + @param[in] DataSize Size of Data buffer in bytes.=0D + @param[in] OutputLen Size of output in bytes.=0D + @param[in] Name Pointer to the function name string.=0D + @param[in] NameLen Size of the function name in bytes.=0D + @param[in] Customization Pointer to the customization string.=0D + @param[in] CustomizationLen Size of the customization string in byte= s.=0D + @param[out] HashValue Pointer to a buffer that receives the CS= HAKE-256 digest=0D + value.=0D +=0D + @retval TRUE CSHAKE-256 digest computation succeeded.=0D + @retval FALSE CSHAKE-256 digest computation failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +CShake256HashAll (=0D + IN CONST VOID *Data,=0D + IN UINTN DataSize,=0D + IN UINTN OutputLen,=0D + IN CONST VOID *Name,=0D + IN UINTN NameLen,=0D + IN CONST VOID *Customization,=0D + IN UINTN CustomizationLen,=0D + OUT UINT8 *HashValue=0D + )=0D +{=0D + BOOLEAN Status;=0D + Keccak1600_Ctx Ctx;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if (HashValue =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) {=0D + return FALSE;=0D + }=0D +=0D + Status =3D CShake256Init (&Ctx, OutputLen, Name, NameLen, Customization,= CustomizationLen);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + Status =3D CShake256Update (&Ctx, Data, DataSize);=0D + if (!Status) {=0D + return FALSE;=0D + }=0D +=0D + return CShake256Final (&Ctx, HashValue);=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApDxe.= c b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApDxe.c new file mode 100644 index 0000000000..34424a16f7 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApDxe.c @@ -0,0 +1,49 @@ +/** @file=0D + Dispatch Block to Aps in Dxe phase for parallelhash algorithm.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "CryptParallelHash.h"=0D +#include =0D +#include =0D +=0D +/**=0D + Dispatch the block task to each AP in PEI phase.=0D +=0D +**/=0D +VOID=0D +EFIAPI=0D +DispatchBlockToAp (=0D + VOID=0D + )=0D +{=0D + EFI_STATUS Status;=0D + EFI_MP_SERVICES_PROTOCOL *MpServices;=0D +=0D + Status =3D gBS->LocateProtocol (=0D + &gEfiMpServiceProtocolGuid,=0D + NULL,=0D + (VOID **)&MpServices=0D + );=0D + if (EFI_ERROR (Status)) {=0D + //=0D + // Failed to locate MpServices Protocol, do parallel hash by one core.= =0D + //=0D + DEBUG ((DEBUG_ERROR, "[DispatchBlockToApDxe] Failed to locate MpServic= es Protocol. Status =3D %r\n", Status));=0D + return;=0D + }=0D +=0D + Status =3D MpServices->StartupAllAPs (=0D + MpServices,=0D + ParallelHashApExecute,=0D + FALSE,=0D + NULL,=0D + 0,=0D + NULL,=0D + NULL=0D + );=0D + return;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApMm.c= b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApMm.c new file mode 100644 index 0000000000..bbd1024d71 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApMm.c @@ -0,0 +1,35 @@ +/** @file=0D + Dispatch the block task to each AP in Smm mode for parallelhash algorith= m.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "CryptParallelHash.h"=0D +#include =0D +=0D +/**=0D + Dispatch the block task to each AP in SMM mode.=0D +=0D +**/=0D +VOID=0D +EFIAPI=0D +DispatchBlockToAp (=0D + VOID=0D + )=0D +{=0D + UINTN Index;=0D +=0D + if (gMmst =3D=3D NULL) {=0D + return;=0D + }=0D +=0D + for (Index =3D 0; Index < gMmst->NumberOfCpus; Index++) {=0D + if (Index !=3D gMmst->CurrentlyExecutingCpu) {=0D + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL);=0D + }=0D + }=0D +=0D + return;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApPei.= c b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApPei.c new file mode 100644 index 0000000000..8d7f953285 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApPei.c @@ -0,0 +1,54 @@ +/** @file=0D + Dispatch Block to Aps in Pei phase for parallelhash algorithm.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "CryptParallelHash.h"=0D +#include =0D +#include =0D +#include =0D +#include =0D +=0D +/**=0D + Dispatch the block task to each AP in PEI phase.=0D +=0D +**/=0D +VOID=0D +EFIAPI=0D +DispatchBlockToAp (=0D + VOID=0D + )=0D +{=0D + EFI_STATUS Status;=0D + CONST EFI_PEI_SERVICES **PeiServices;=0D + EFI_PEI_MP_SERVICES_PPI *MpServicesPpi;=0D +=0D + PeiServices =3D GetPeiServicesTablePointer ();=0D + Status =3D (*PeiServices)->LocatePpi (=0D + PeiServices,=0D + &gEfiPeiMpServicesPpiGuid,=0D + 0,=0D + NULL,=0D + (VOID **)&MpServicesPpi=0D + );=0D + if (EFI_ERROR (Status)) {=0D + //=0D + // Failed to locate MpServices Ppi, do parallel hash by one core.=0D + //=0D + DEBUG ((DEBUG_ERROR, "[DispatchBlockToApPei] Failed to locate MpServic= es Ppi. Status =3D %r\n", Status));=0D + return;=0D + }=0D +=0D + Status =3D MpServicesPpi->StartupAllAPs (=0D + (CONST EFI_PEI_SERVICES **)PeiServices,=0D + MpServicesPpi,=0D + ParallelHashApExecute,=0D + FALSE,=0D + 0,=0D + NULL=0D + );=0D + return;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.c= b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.c new file mode 100644 index 0000000000..2c04d3e29e --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.c @@ -0,0 +1,254 @@ +/** @file=0D + ParallelHash Implementation.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "CryptParallelHash.h"=0D +#include =0D +=0D +#define PARALLELHASH_CUSTOMIZATION "ParallelHash"=0D +=0D +UINTN mBlockNum;=0D +UINTN mBlockSize;=0D +UINTN mLastBlockSize;=0D +UINT8 *mInput;=0D +UINTN mBlockResultSize;=0D +UINT8 *mBlockHashResult;=0D +BOOLEAN *mBlockIsCompleted;=0D +SPIN_LOCK *mSpinLockList;=0D +=0D +/**=0D + Complete computation of digest of each block.=0D +=0D + Each AP perform the function called by BSP.=0D +=0D + @param[in] ProcedureArgument Argument of the procedure.=0D +**/=0D +VOID=0D +EFIAPI=0D +ParallelHashApExecute (=0D + IN VOID *ProcedureArgument=0D + )=0D +{=0D + UINTN Index;=0D + BOOLEAN Status;=0D +=0D + for (Index =3D 0; Index < mBlockNum; Index++) {=0D + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {=0D + //=0D + // Completed, try next one.=0D + //=0D + if (mBlockIsCompleted[Index]) {=0D + ReleaseSpinLock (&mSpinLockList[Index]);=0D + continue;=0D + }=0D +=0D + //=0D + // Calculate CShake256 for this block.=0D + //=0D + Status =3D CShake256HashAll (=0D + mInput + Index * mBlockSize,=0D + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSize : mBlockS= ize,=0D + mBlockResultSize,=0D + NULL,=0D + 0,=0D + NULL,=0D + 0,=0D + mBlockHashResult + Index * mBlockResultSize=0D + );=0D + if (!EFI_ERROR (Status)) {=0D + mBlockIsCompleted[Index] =3D TRUE;=0D + }=0D +=0D + ReleaseSpinLock (&mSpinLockList[Index]);=0D + }=0D + }=0D +}=0D +=0D +/**=0D + Parallel hash function ParallelHash256, as defined in NIST's Special Pub= lication 800-185,=0D + published December 2016.=0D +=0D + @param[in] Input Pointer to the input message (X).=0D + @param[in] InputByteLen The number(>0) of input bytes provided for= the input data.=0D + @param[in] BlockSize The size of each block (B).=0D + @param[out] Output Pointer to the output buffer.=0D + @param[in] OutputByteLen The desired number of output bytes (L).=0D + @param[in] Customization Pointer to the customization string (S).=0D + @param[in] CustomByteLen The length of the customization string in = bytes.=0D +=0D + @retval TRUE ParallelHash256 digest computation succeeded.=0D + @retval FALSE ParallelHash256 digest computation failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +ParallelHash256HashAll (=0D + IN CONST VOID *Input,=0D + IN UINTN InputByteLen,=0D + IN UINTN BlockSize,=0D + OUT VOID *Output,=0D + IN UINTN OutputByteLen,=0D + IN CONST VOID *Customization,=0D + IN UINTN CustomByteLen=0D + )=0D +{=0D + UINT8 EncBufB[sizeof (UINTN)+1];=0D + UINTN EncSizeB;=0D + UINT8 EncBufN[sizeof (UINTN)+1];=0D + UINTN EncSizeN;=0D + UINT8 EncBufL[sizeof (UINTN)+1];=0D + UINTN EncSizeL;=0D + UINTN Index;=0D + UINT8 *CombinedInput;=0D + UINTN CombinedInputSize;=0D + BOOLEAN AllCompleted;=0D + UINTN Offset;=0D + BOOLEAN ReturnValue;=0D +=0D + if ((InputByteLen =3D=3D 0) || (OutputByteLen =3D=3D 0) || (BlockSize = =3D=3D 0)) {=0D + return FALSE;=0D + }=0D +=0D + if ((Input =3D=3D NULL) || (Output =3D=3D NULL)) {=0D + return FALSE;=0D + }=0D +=0D + if ((CustomByteLen !=3D 0) && (Customization =3D=3D NULL)) {=0D + return FALSE;=0D + }=0D +=0D + mBlockSize =3D BlockSize;=0D +=0D + //=0D + // Calculate block number n.=0D + //=0D + mBlockNum =3D InputByteLen % mBlockSize =3D=3D 0 ? InputByteLen / mBlock= Size : InputByteLen / mBlockSize + 1;=0D +=0D + //=0D + // Set hash result size of each block in bytes.=0D + //=0D + mBlockResultSize =3D OutputByteLen;=0D +=0D + //=0D + // Encode B, n, L to string and record size.=0D + //=0D + EncSizeB =3D LeftEncode (EncBufB, mBlockSize);=0D + EncSizeN =3D RightEncode (EncBufN, mBlockNum);=0D + EncSizeL =3D RightEncode (EncBufL, OutputByteLen * CHAR_BIT);=0D +=0D + //=0D + // Allocate buffer for combined input (newX), Block completed flag and S= pinLock.=0D + //=0D + CombinedInputSize =3D EncSizeB + EncSizeN + EncSizeL + mBlockNum * mBloc= kResultSize;=0D + CombinedInput =3D AllocateZeroPool (CombinedInputSize);=0D + mBlockIsCompleted =3D AllocateZeroPool (mBlockNum * sizeof (BOOLEAN));=0D + mSpinLockList =3D AllocatePool (mBlockNum * sizeof (SPIN_LOCK));=0D + if ((CombinedInput =3D=3D NULL) || (mBlockIsCompleted =3D=3D NULL) || (m= SpinLockList =3D=3D NULL)) {=0D + ReturnValue =3D FALSE;=0D + goto Exit;=0D + }=0D +=0D + //=0D + // Fill LeftEncode(B).=0D + //=0D + CopyMem (CombinedInput, EncBufB, EncSizeB);=0D +=0D + //=0D + // Prepare for parallel hash.=0D + //=0D + mBlockHashResult =3D CombinedInput + EncSizeB;=0D + mInput =3D (UINT8 *)Input;=0D + mLastBlockSize =3D InputByteLen % mBlockSize =3D=3D 0 ? mBlockSize : I= nputByteLen % mBlockSize;=0D +=0D + //=0D + // Initialize SpinLock for each result block.=0D + //=0D + for (Index =3D 0; Index < mBlockNum; Index++) {=0D + InitializeSpinLock (&mSpinLockList[Index]);=0D + }=0D +=0D + //=0D + // Dispatch blocklist to each AP.=0D + //=0D + DispatchBlockToAp ();=0D +=0D + //=0D + // Wait until all block hash completed.=0D + //=0D + do {=0D + AllCompleted =3D TRUE;=0D + for (Index =3D 0; Index < mBlockNum; Index++) {=0D + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {=0D + if (!mBlockIsCompleted[Index]) {=0D + AllCompleted =3D FALSE;=0D + ReturnValue =3D CShake256HashAll (=0D + mInput + Index * mBlockSize,=0D + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSize= : mBlockSize,=0D + mBlockResultSize,=0D + NULL,=0D + 0,=0D + NULL,=0D + 0,=0D + mBlockHashResult + Index * mBlockResultSize=0D + );=0D + if (ReturnValue) {=0D + mBlockIsCompleted[Index] =3D TRUE;=0D + }=0D +=0D + ReleaseSpinLock (&mSpinLockList[Index]);=0D + break;=0D + }=0D +=0D + ReleaseSpinLock (&mSpinLockList[Index]);=0D + } else {=0D + AllCompleted =3D FALSE;=0D + break;=0D + }=0D + }=0D + } while (!AllCompleted);=0D +=0D + //=0D + // Fill LeftEncode(n).=0D + //=0D + Offset =3D EncSizeB + mBlockNum * mBlockResultSize;=0D + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN);=0D +=0D + //=0D + // Fill LeftEncode(L).=0D + //=0D + Offset +=3D EncSizeN;=0D + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL);=0D +=0D + ReturnValue =3D CShake256HashAll (=0D + CombinedInput,=0D + CombinedInputSize,=0D + OutputByteLen,=0D + PARALLELHASH_CUSTOMIZATION,=0D + AsciiStrLen (PARALLELHASH_CUSTOMIZATION),=0D + Customization,=0D + CustomByteLen,=0D + Output=0D + );=0D +=0D +Exit:=0D + ZeroMem (CombinedInput, CombinedInputSize);=0D +=0D + if (CombinedInput !=3D NULL) {=0D + FreePool (CombinedInput);=0D + }=0D +=0D + if (mSpinLockList !=3D NULL) {=0D + FreePool ((VOID *)mSpinLockList);=0D + }=0D +=0D + if (mBlockIsCompleted !=3D NULL) {=0D + FreePool (mBlockIsCompleted);=0D + }=0D +=0D + return ReturnValue;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h= b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h new file mode 100644 index 0000000000..64af09c484 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h @@ -0,0 +1,231 @@ +/** @file=0D + ParallelHash related function and type declaration.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.=0D +Licensed under the OpenSSL license (the "License"). You may not use=0D +this file except in compliance with the License. You can obtain a copy=0D +in the file LICENSE in the source distribution or at=0D +https://www.openssl.org/source/license.html=0D +=0D +Copyright 2024 The eXtended Keccak Code Package (XKCP)=0D +https://github.com/XKCP/XKCP=0D +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles= Van Assche.=0D +Implementation by the designers, hereby denoted as "the implementer".=0D +For more information, feedback or questions, please refer to the Keccak Te= am website:=0D +https://keccak.team/=0D +To the extent possible under law, the implementer has waived all copyright= =0D +and related or neighboring rights to the source code in this file.=0D +http://creativecommons.org/publicdomain/zero/1.0/=0D +**/=0D +=0D +#ifndef CRYPT_PARALLE_HASH_H_=0D +#define CRYPT_PARALLE_HASH_H_=0D +=0D +#include "InternalCryptLib.h"=0D +=0D +#define KECCAK1600_WIDTH 1600=0D +=0D +typedef UINT64 uint64_t;=0D +=0D +//=0D +// This struct referring to m_sha3.c from opessl and modified its type nam= e.=0D +//=0D +typedef struct {=0D + uint64_t A[5][5];=0D + size_t block_size; /* cached ctx->digest->block_size */=0D + size_t md_size; /* output length, variable in XOF */=0D + size_t num; /* used bytes in below buffer */=0D + unsigned char buf[KECCAK1600_WIDTH / 8 - 32];=0D + unsigned char pad;=0D +} Keccak1600_Ctx;=0D +=0D +/**=0D + SHA3_absorb can be called multiple times, but at each invocation=0D + largest multiple of |r| out of |len| bytes are processed. Then=0D + remaining amount of bytes is returned. This is done to spare caller=0D + trouble of calculating the largest multiple of |r|. |r| can be viewed=0D + as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104,=0D + 72, but can also be (1600 - 448)/8 =3D 144. All this means that message= =0D + padding and intermediate sub-block buffering, byte- or bitwise, is=0D + caller's responsibility.=0D +**/=0D +size_t=0D +SHA3_absorb (=0D + uint64_t A[5][5],=0D + const unsigned char *inp,=0D + size_t len,=0D + size_t r=0D + );=0D +=0D +/**=0D + SHA3_squeeze is called once at the end to generate |out| hash value=0D + of |len| bytes.=0D +**/=0D +VOID=0D +SHA3_squeeze (=0D + uint64_t A[5][5],=0D + unsigned char *out,=0D + size_t len,=0D + size_t r=0D + );=0D +=0D +/**=0D + Encode function from XKCP.=0D +=0D + Encodes the input as a byte string in a way that can be unambiguously pa= rsed=0D + from the beginning of the string by inserting the length of the byte str= ing=0D + before the byte string representation of input.=0D +=0D + @param[out] EncBuf Result of left encode.=0D + @param[in] Value Input of left encode.=0D +=0D + @retval EncLen Size of encode result in bytes.=0D +**/=0D +UINTN=0D +EFIAPI=0D +LeftEncode (=0D + OUT UINT8 *EncBuf,=0D + IN UINTN Value=0D + );=0D +=0D +/**=0D + Encode function from XKCP.=0D +=0D + Encodes the input as a byte string in a way that can be unambiguously pa= rsed=0D + from the end of the string by inserting the length of the byte string af= ter=0D + the byte string representation of input.=0D +=0D + @param[out] EncBuf Result of right encode.=0D + @param[in] Value Input of right encode.=0D +=0D + @retval EncLen Size of encode result in bytes.=0D +**/=0D +UINTN=0D +EFIAPI=0D +RightEncode (=0D + OUT UINT8 *EncBuf,=0D + IN UINTN Value=0D + );=0D +=0D +/**=0D + Keccak initial fuction.=0D +=0D + Set up state with specified capacity.=0D +=0D + @param[out] Context Pointer to the context being initialized.= =0D + @param[in] Pad Delimited Suffix.=0D + @param[in] BlockSize Size of context block.=0D + @param[in] MessageDigestLen Size of message digest in bytes.=0D +=0D + @retval 1 Initialize successfully.=0D + @retval 0 Fail to initialize.=0D +**/=0D +UINT8=0D +EFIAPI=0D +KeccakInit (=0D + OUT Keccak1600_Ctx *Context,=0D + IN UINT8 Pad,=0D + IN UINTN BlockSize,=0D + IN UINTN MessageDigstLen=0D + );=0D +=0D +/**=0D + Sha3 update fuction.=0D +=0D + This function performs Sha3 digest on a data buffer of the specified siz= e.=0D + It can be called multiple times to compute the digest of long or discont= inuous data streams.=0D +=0D + @param[in,out] Context Pointer to the Keccak context.=0D + @param[in] Data Pointer to the buffer containing the data to be= hashed.=0D + @param[in] DataSize Size of Data buffer in bytes.=0D +=0D + @retval 1 Update successfully.=0D +**/=0D +UINT8=0D +EFIAPI=0D +Sha3Update (=0D + IN OUT Keccak1600_Ctx *Context,=0D + IN const VOID *Data,=0D + IN UINTN DataSize=0D + );=0D +=0D +/**=0D + Completes computation of Sha3 message digest.=0D +=0D + This function completes sha3 hash computation and retrieves the digest v= alue into=0D + the specified memory. After this function has been called, the keccak co= ntext cannot=0D + be used again.=0D +=0D + @param[in, out] Context Pointer to the keccak context.=0D + @param[out] MessageDigest Pointer to a buffer that receives the me= ssage digest.=0D +=0D + @retval 1 Meaasge digest computation succeeded.=0D +**/=0D +UINT8=0D +EFIAPI=0D +Sha3Final (=0D + IN OUT Keccak1600_Ctx *Context,=0D + OUT UINT8 *MessageDigest=0D + );=0D +=0D +/**=0D + Computes the CSHAKE-256 message digest of a input data buffer.=0D +=0D + This function performs the CSHAKE-256 message digest of a given data buf= fer, and places=0D + the digest value into the specified memory.=0D +=0D + @param[in] Data Pointer to the buffer containing the dat= a to be hashed.=0D + @param[in] DataSize Size of Data buffer in bytes.=0D + @param[in] OutputLen Size of output in bytes.=0D + @param[in] Name Pointer to the function name string.=0D + @param[in] NameLen Size of the function name in bytes.=0D + @param[in] Customization Pointer to the customization string.=0D + @param[in] CustomizationLen Size of the customization string in byte= s.=0D + @param[out] HashValue Pointer to a buffer that receives the CS= HAKE-256 digest=0D + value.=0D +=0D + @retval TRUE CSHAKE-256 digest computation succeeded.=0D + @retval FALSE CSHAKE-256 digest computation failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +CShake256HashAll (=0D + IN CONST VOID *Data,=0D + IN UINTN DataSize,=0D + IN UINTN OutputLen,=0D + IN CONST VOID *Name,=0D + IN UINTN NameLen,=0D + IN CONST VOID *Customization,=0D + IN UINTN CustomizationLen,=0D + OUT UINT8 *HashValue=0D + );=0D +=0D +/**=0D + Complete computation of digest of each block.=0D +=0D + Each AP perform the function called by BSP.=0D +=0D + @param[in] ProcedureArgument Argument of the procedure.=0D +**/=0D +VOID=0D +EFIAPI=0D +ParallelHashApExecute (=0D + IN VOID *ProcedureArgument=0D + );=0D +=0D +/**=0D + Dispatch the block task to each AP.=0D +=0D +**/=0D +VOID=0D +EFIAPI=0D +DispatchBlockToAp (=0D + VOID=0D + );=0D +=0D +#endif=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c new file mode 100644 index 0000000000..f85946d2b1 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c @@ -0,0 +1,166 @@ +/** @file=0D + SHA3 realted functions from OpenSSL.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.=0D +Licensed under the OpenSSL license (the "License"). You may not use=0D +this file except in compliance with the License. You can obtain a copy=0D +in the file LICENSE in the source distribution or at=0D +https://www.openssl.org/source/license.html=0D +**/=0D +=0D +#include "CryptParallelHash.h"=0D +=0D +/**=0D + Keccak initial fuction.=0D +=0D + Set up state with specified capacity.=0D +=0D + @param[out] Context Pointer to the context being initialized.= =0D + @param[in] Pad Delimited Suffix.=0D + @param[in] BlockSize Size of context block.=0D + @param[in] MessageDigestLen Size of message digest in bytes.=0D +=0D + @retval 1 Initialize successfully.=0D + @retval 0 Fail to initialize.=0D +**/=0D +UINT8=0D +EFIAPI=0D +KeccakInit (=0D + OUT Keccak1600_Ctx *Context,=0D + IN UINT8 Pad,=0D + IN UINTN BlockSize,=0D + IN UINTN MessageDigestLen=0D + )=0D +{=0D + if (BlockSize <=3D sizeof (Context->buf)) {=0D + memset (Context->A, 0, sizeof (Context->A));=0D +=0D + Context->num =3D 0;=0D + Context->block_size =3D BlockSize;=0D + Context->md_size =3D MessageDigestLen;=0D + Context->pad =3D Pad;=0D +=0D + return 1;=0D + }=0D +=0D + return 0;=0D +}=0D +=0D +/**=0D + Sha3 update fuction.=0D +=0D + This function performs Sha3 digest on a data buffer of the specified siz= e.=0D + It can be called multiple times to compute the digest of long or discont= inuous data streams.=0D +=0D + @param[in,out] Context Pointer to the Keccak context.=0D + @param[in] Data Pointer to the buffer containing the data to be= hashed.=0D + @param[in] DataSize Size of Data buffer in bytes.=0D +=0D + @retval 1 Update successfully.=0D +**/=0D +UINT8=0D +EFIAPI=0D +Sha3Update (=0D + IN OUT Keccak1600_Ctx *Context,=0D + IN const VOID *Data,=0D + IN UINTN DataSize=0D + )=0D +{=0D + const UINT8 *DataCopy;=0D + UINTN BlockSize;=0D + UINTN Num;=0D + UINTN Rem;=0D +=0D + DataCopy =3D Data;=0D + BlockSize =3D (UINT8)(Context->block_size);=0D +=0D + if (DataSize =3D=3D 0) {=0D + return 1;=0D + }=0D +=0D + if ((Num =3D Context->num) !=3D 0) {=0D + //=0D + // process intermediate buffer=0D + //=0D + Rem =3D BlockSize - Num;=0D +=0D + if (DataSize < Rem) {=0D + memcpy (Context->buf + Num, DataCopy, DataSize);=0D + Context->num +=3D DataSize;=0D + return 1;=0D + }=0D +=0D + //=0D + // We have enough data to fill or overflow the intermediate=0D + // buffer. So we append |Rem| bytes and process the block,=0D + // leaving the rest for later processing.=0D + //=0D + memcpy (Context->buf + Num, DataCopy, Rem);=0D + DataCopy +=3D Rem;=0D + DataSize -=3D Rem;=0D + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);=0D + Context->num =3D 0;=0D + // Context->buf is processed, Context->num is guaranteed to be zero.=0D + }=0D +=0D + if (DataSize >=3D BlockSize) {=0D + Rem =3D SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize);=0D + } else {=0D + Rem =3D DataSize;=0D + }=0D +=0D + if (Rem > 0) {=0D + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem);=0D + Context->num =3D Rem;=0D + }=0D +=0D + return 1;=0D +}=0D +=0D +/**=0D + Completes computation of Sha3 message digest.=0D +=0D + This function completes sha3 hash computation and retrieves the digest v= alue into=0D + the specified memory. After this function has been called, the keccak co= ntext cannot=0D + be used again.=0D +=0D + @param[in, out] Context Pointer to the keccak context.=0D + @param[out] MessageDigest Pointer to a buffer that receives the me= ssage digest.=0D +=0D + @retval 1 Meaasge digest computation succeeded.=0D +**/=0D +UINT8=0D +EFIAPI=0D +Sha3Final (=0D + IN OUT Keccak1600_Ctx *Context,=0D + OUT UINT8 *MessageDigest=0D + )=0D +{=0D + UINTN BlockSize;=0D + UINTN Num;=0D +=0D + BlockSize =3D Context->block_size;=0D + Num =3D Context->num;=0D +=0D + if (Context->md_size =3D=3D 0) {=0D + return 1;=0D + }=0D +=0D + //=0D + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1|=0D + // in which case both byte operations below are performed on=0D + // same byte.=0D + //=0D + memset (Context->buf + Num, 0, BlockSize - Num);=0D + Context->buf[Num] =3D Context->pad;=0D + Context->buf[BlockSize - 1] |=3D 0x80;=0D +=0D + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);=0D +=0D + SHA3_squeeze (Context->A, MessageDigest, Context->md_size, BlockSize);=0D +=0D + return 1;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c b/Crypto= Pkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c new file mode 100644 index 0000000000..1a442d714e --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c @@ -0,0 +1,235 @@ +/** @file=0D + SM3 Digest Wrapper Implementations over openssl.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +=0D +#include "InternalCryptLib.h"=0D +#include "internal/sm3.h"=0D +=0D +/**=0D + Retrieves the size, in bytes, of the context buffer required for SM3 has= h operations.=0D +=0D + @return The size, in bytes, of the context buffer required for SM3 hash= operations.=0D +=0D +**/=0D +UINTN=0D +EFIAPI=0D +Sm3GetContextSize (=0D + VOID=0D + )=0D +{=0D + //=0D + // Retrieves Openssl SM3 Context Size=0D + //=0D + return (UINTN)(sizeof (SM3_CTX));=0D +}=0D +=0D +/**=0D + Initializes user-supplied memory pointed by Sm3Context as SM3 hash conte= xt for=0D + subsequent use.=0D +=0D + If Sm3Context is NULL, then return FALSE.=0D +=0D + @param[out] Sm3Context Pointer to SM3 context being initialized.=0D +=0D + @retval TRUE SM3 context initialization succeeded.=0D + @retval FALSE SM3 context initialization failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +Sm3Init (=0D + OUT VOID *Sm3Context=0D + )=0D +{=0D + //=0D + // Check input parameters.=0D + //=0D + if (Sm3Context =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Openssl SM3 Context Initialization=0D + //=0D + ossl_sm3_init ((SM3_CTX *)Sm3Context);=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Makes a copy of an existing SM3 context.=0D +=0D + If Sm3Context is NULL, then return FALSE.=0D + If NewSm3Context is NULL, then return FALSE.=0D + If this interface is not supported, then return FALSE.=0D +=0D + @param[in] Sm3Context Pointer to SM3 context being copied.=0D + @param[out] NewSm3Context Pointer to new SM3 context.=0D +=0D + @retval TRUE SM3 context copy succeeded.=0D + @retval FALSE SM3 context copy failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +Sm3Duplicate (=0D + IN CONST VOID *Sm3Context,=0D + OUT VOID *NewSm3Context=0D + )=0D +{=0D + //=0D + // Check input parameters.=0D + //=0D + if ((Sm3Context =3D=3D NULL) || (NewSm3Context =3D=3D NULL)) {=0D + return FALSE;=0D + }=0D +=0D + CopyMem (NewSm3Context, Sm3Context, sizeof (SM3_CTX));=0D +=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Digests the input data and updates SM3 context.=0D +=0D + This function performs SM3 digest on a data buffer of the specified size= .=0D + It can be called multiple times to compute the digest of long or discont= inuous data streams.=0D + SM3 context should be already correctly initialized by Sm3Init(), and sh= ould not be finalized=0D + by Sm3Final(). Behavior with invalid context is undefined.=0D +=0D + If Sm3Context is NULL, then return FALSE.=0D +=0D + @param[in, out] Sm3Context Pointer to the SM3 context.=0D + @param[in] Data Pointer to the buffer containing the dat= a to be hashed.=0D + @param[in] DataSize Size of Data buffer in bytes.=0D +=0D + @retval TRUE SM3 data digest succeeded.=0D + @retval FALSE SM3 data digest failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +Sm3Update (=0D + IN OUT VOID *Sm3Context,=0D + IN CONST VOID *Data,=0D + IN UINTN DataSize=0D + )=0D +{=0D + //=0D + // Check input parameters.=0D + //=0D + if (Sm3Context =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Check invalid parameters, in case that only DataLength was checked in= Openssl=0D + //=0D + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Openssl SM3 Hash Update=0D + //=0D + ossl_sm3_update ((SM3_CTX *)Sm3Context, Data, DataSize);=0D +=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Completes computation of the SM3 digest value.=0D +=0D + This function completes SM3 hash computation and retrieves the digest va= lue into=0D + the specified memory. After this function has been called, the SM3 conte= xt cannot=0D + be used again.=0D + SM3 context should be already correctly initialized by Sm3Init(), and sh= ould not be=0D + finalized by Sm3Final(). Behavior with invalid SM3 context is undefined.= =0D +=0D + If Sm3Context is NULL, then return FALSE.=0D + If HashValue is NULL, then return FALSE.=0D +=0D + @param[in, out] Sm3Context Pointer to the SM3 context.=0D + @param[out] HashValue Pointer to a buffer that receives the SM= 3 digest=0D + value (32 bytes).=0D +=0D + @retval TRUE SM3 digest computation succeeded.=0D + @retval FALSE SM3 digest computation failed.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +Sm3Final (=0D + IN OUT VOID *Sm3Context,=0D + OUT UINT8 *HashValue=0D + )=0D +{=0D + //=0D + // Check input parameters.=0D + //=0D + if ((Sm3Context =3D=3D NULL) || (HashValue =3D=3D NULL)) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // Openssl SM3 Hash Finalization=0D + //=0D + ossl_sm3_final (HashValue, (SM3_CTX *)Sm3Context);=0D +=0D + return TRUE;=0D +}=0D +=0D +/**=0D + Computes the SM3 message digest of a input data buffer.=0D +=0D + This function performs the SM3 message digest of a given data buffer, an= d places=0D + the digest value into the specified memory.=0D +=0D + If this interface is not supported, then return FALSE.=0D +=0D + @param[in] Data Pointer to the buffer containing the data to be= hashed.=0D + @param[in] DataSize Size of Data buffer in bytes.=0D + @param[out] HashValue Pointer to a buffer that receives the SM3 diges= t=0D + value (32 bytes).=0D +=0D + @retval TRUE SM3 digest computation succeeded.=0D + @retval FALSE SM3 digest computation failed.=0D + @retval FALSE This interface is not supported.=0D +=0D +**/=0D +BOOLEAN=0D +EFIAPI=0D +Sm3HashAll (=0D + IN CONST VOID *Data,=0D + IN UINTN DataSize,=0D + OUT UINT8 *HashValue=0D + )=0D +{=0D + SM3_CTX Ctx;=0D +=0D + //=0D + // Check input parameters.=0D + //=0D + if (HashValue =3D=3D NULL) {=0D + return FALSE;=0D + }=0D +=0D + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) {=0D + return FALSE;=0D + }=0D +=0D + //=0D + // SM3 Hash Computation.=0D + //=0D + ossl_sm3_init (&Ctx);=0D +=0D + ossl_sm3_update (&Ctx, Data, DataSize);=0D +=0D + ossl_sm3_final (HashValue, &Ctx);=0D +=0D + return TRUE;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c new file mode 100644 index 0000000000..420ed11280 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c @@ -0,0 +1,107 @@ +/** @file=0D + Encode realted functions from Xkcp.=0D +=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +Copyright 2024 The eXtended Keccak Code Package (XKCP)=0D +https://github.com/XKCP/XKCP=0D +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles= Van Assche.=0D +Implementation by the designers, hereby denoted as "the implementer".=0D +For more information, feedback or questions, please refer to the Keccak Te= am website:=0D +https://keccak.team/=0D +To the extent possible under law, the implementer has waived all copyright= =0D +and related or neighboring rights to the source code in this file.=0D +http://creativecommons.org/publicdomain/zero/1.0/=0D +=0D +**/=0D +=0D +#include "CryptParallelHash.h"=0D +=0D +/**=0D + Encode function from XKCP.=0D +=0D + Encodes the input as a byte string in a way that can be unambiguously pa= rsed=0D + from the beginning of the string by inserting the length of the byte str= ing=0D + before the byte string representation of input.=0D +=0D + @param[out] EncBuf Result of left encode.=0D + @param[in] Value Input of left encode.=0D +=0D + @retval EncLen Size of encode result in bytes.=0D +**/=0D +UINTN=0D +EFIAPI=0D +LeftEncode (=0D + OUT UINT8 *EncBuf,=0D + IN UINTN Value=0D + )=0D +{=0D + UINT32 BlockNum;=0D + UINT32 EncLen;=0D + UINT32 Index;=0D + UINTN ValueCopy;=0D +=0D + for ( ValueCopy =3D Value, BlockNum =3D 0; ValueCopy && (BlockNum < size= of (UINTN)); ++BlockNum, ValueCopy >>=3D 8 ) {=0D + //=0D + // Empty=0D + //=0D + }=0D +=0D + if (BlockNum =3D=3D 0) {=0D + BlockNum =3D 1;=0D + }=0D +=0D + for (Index =3D 1; Index <=3D BlockNum; ++Index) {=0D + EncBuf[Index] =3D (UINT8)(Value >> (8 * (BlockNum - Index)));=0D + }=0D +=0D + EncBuf[0] =3D (UINT8)BlockNum;=0D + EncLen =3D BlockNum + 1;=0D +=0D + return EncLen;=0D +}=0D +=0D +/**=0D + Encode function from XKCP.=0D +=0D + Encodes the input as a byte string in a way that can be unambiguously pa= rsed=0D + from the end of the string by inserting the length of the byte string af= ter=0D + the byte string representation of input.=0D +=0D + @param[out] EncBuf Result of right encode.=0D + @param[in] Value Input of right encode.=0D +=0D + @retval EncLen Size of encode result in bytes.=0D +**/=0D +UINTN=0D +EFIAPI=0D +RightEncode (=0D + OUT UINT8 *EncBuf,=0D + IN UINTN Value=0D + )=0D +{=0D + UINT32 BlockNum;=0D + UINT32 EncLen;=0D + UINT32 Index;=0D + UINTN ValueCopy;=0D +=0D + for (ValueCopy =3D Value, BlockNum =3D 0; ValueCopy && (BlockNum < sizeo= f (UINTN)); ++BlockNum, ValueCopy >>=3D 8) {=0D + //=0D + // Empty=0D + //=0D + }=0D +=0D + if (BlockNum =3D=3D 0) {=0D + BlockNum =3D 1;=0D + }=0D +=0D + for (Index =3D 1; Index <=3D BlockNum; ++Index) {=0D + EncBuf[Index-1] =3D (UINT8)(Value >> (8 * (BlockNum-Index)));=0D + }=0D +=0D + EncBuf[BlockNum] =3D (UINT8)BlockNum;=0D + EncLen =3D BlockNum + 1;=0D +=0D + return EncLen;=0D +}=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupp= ort.c b/CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupport.c new file mode 100644 index 0000000000..c50001959c --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupport.c @@ -0,0 +1,595 @@ +/**=0D +Copyright (c) 2024, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +**/=0D +=0D +#include =0D +=0D +int errno =3D 0;=0D +=0D +FILE *stderr =3D NULL;=0D +FILE *stdin =3D NULL;=0D +FILE *stdout =3D NULL;=0D +=0D +typedef=0D + int=0D +(*SORT_COMPARE)(=0D + IN VOID *Buffer1,=0D + IN VOID *Buffer2=0D + );=0D +=0D +//=0D +// Duplicated from EDKII BaseSortLib for qsort() wrapper=0D +//=0D +STATIC=0D +VOID=0D +QuickSortWorker (=0D + IN OUT VOID *BufferToSort,=0D + IN CONST UINTN Count,=0D + IN CONST UINTN ElementSize,=0D + IN SORT_COMPARE CompareFunction,=0D + IN VOID *Buffer=0D + )=0D +{=0D + VOID *Pivot;=0D + UINTN LoopCount;=0D + UINTN NextSwapLocation;=0D +=0D + ASSERT (BufferToSort !=3D NULL);=0D + ASSERT (CompareFunction !=3D NULL);=0D + ASSERT (Buffer !=3D NULL);=0D +=0D + if ((Count < 2) || (ElementSize < 1)) {=0D + return;=0D + }=0D +=0D + NextSwapLocation =3D 0;=0D +=0D + //=0D + // Pick a pivot (we choose last element)=0D + //=0D + Pivot =3D ((UINT8 *)BufferToSort + ((Count - 1) * ElementSize));=0D +=0D + //=0D + // Now get the pivot such that all on "left" are below it=0D + // and everything "right" are above it=0D + //=0D + for (LoopCount =3D 0; LoopCount < Count - 1; LoopCount++) {=0D + //=0D + // If the element is less than the pivot=0D + //=0D + if (CompareFunction ((VOID *)((UINT8 *)BufferToSort + ((LoopCount) * E= lementSize)), Pivot) <=3D 0) {=0D + //=0D + // Swap=0D + //=0D + CopyMem (Buffer, (UINT8 *)BufferToSort + (NextSwapLocation * Element= Size), ElementSize);=0D + CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), (= UINT8 *)BufferToSort + ((LoopCount) * ElementSize), ElementSize);=0D + CopyMem ((UINT8 *)BufferToSort + ((LoopCount) * ElementSize), Buffer= , ElementSize);=0D +=0D + //=0D + // Increment NextSwapLocation=0D + //=0D + NextSwapLocation++;=0D + }=0D + }=0D +=0D + //=0D + // Swap pivot to its final position (NextSwapLocation)=0D + //=0D + CopyMem (Buffer, Pivot, ElementSize);=0D + CopyMem (Pivot, (UINT8 *)BufferToSort + (NextSwapLocation * ElementSize)= , ElementSize);=0D + CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), Buffe= r, ElementSize);=0D +=0D + //=0D + // Now recurse on 2 partial lists. Neither of these will have the 'pivo= t' element.=0D + // IE list is sorted left half, pivot element, sorted right half...=0D + //=0D + QuickSortWorker (=0D + BufferToSort,=0D + NextSwapLocation,=0D + ElementSize,=0D + CompareFunction,=0D + Buffer=0D + );=0D +=0D + QuickSortWorker (=0D + (UINT8 *)BufferToSort + (NextSwapLocation + 1) * ElementSize,=0D + Count - NextSwapLocation - 1,=0D + ElementSize,=0D + CompareFunction,=0D + Buffer=0D + );=0D +=0D + return;=0D +}=0D +=0D +// ---------------------------------------------------------=0D +// Standard C Run-time Library Interface Wrapper=0D +// ---------------------------------------------------------=0D +=0D +//=0D +// -- String Manipulation Routines --=0D +//=0D +=0D +/* Scan a string for the last occurrence of a character */=0D +char *=0D +strrchr (=0D + const char *str,=0D + int c=0D + )=0D +{=0D + char *save;=0D +=0D + for (save =3D NULL; ; ++str) {=0D + if (*str =3D=3D c) {=0D + save =3D (char *)str;=0D + }=0D +=0D + if (*str =3D=3D 0) {=0D + return (save);=0D + }=0D + }=0D +}=0D +=0D +/* Compare first n bytes of string s1 with string s2, ignoring case */=0D +int=0D +strncasecmp (=0D + const char *s1,=0D + const char *s2,=0D + size_t n=0D + )=0D +{=0D + int Val;=0D +=0D + ASSERT (s1 !=3D NULL);=0D + ASSERT (s2 !=3D NULL);=0D +=0D + if (n !=3D 0) {=0D + do {=0D + Val =3D tolower (*s1) - tolower (*s2);=0D + if (Val !=3D 0) {=0D + return Val;=0D + }=0D +=0D + ++s1;=0D + ++s2;=0D + if (*s1 =3D=3D '\0') {=0D + break;=0D + }=0D + } while (--n !=3D 0);=0D + }=0D +=0D + return 0;=0D +}=0D +=0D +/* Read formatted data from a string */=0D +int=0D +sscanf (=0D + const char *buffer,=0D + const char *format,=0D + ...=0D + )=0D +{=0D + //=0D + // Null sscanf() function implementation to satisfy the linker, since=0D + // no direct functionality logic dependency in present UEFI cases.=0D + //=0D + return 0;=0D +}=0D +=0D +/* Maps errnum to an error-message string */=0D +char *=0D +strerror (=0D + int errnum=0D + )=0D +{=0D + return NULL;=0D +}=0D +=0D +/* Computes the length of the maximum initial segment of the string pointe= d to by s1=0D + which consists entirely of characters from the string pointed to by s2.= */=0D +size_t=0D +strspn (=0D + const char *s1,=0D + const char *s2=0D + )=0D +{=0D + UINT8 Map[32];=0D + UINT32 Index;=0D + size_t Count;=0D +=0D + for (Index =3D 0; Index < 32; Index++) {=0D + Map[Index] =3D 0;=0D + }=0D +=0D + while (*s2) {=0D + Map[*s2 >> 3] |=3D (1 << (*s2 & 7));=0D + s2++;=0D + }=0D +=0D + if (*s1) {=0D + Count =3D 0;=0D + while (Map[*s1 >> 3] & (1 << (*s1 & 7))) {=0D + Count++;=0D + s1++;=0D + }=0D +=0D + return Count;=0D + }=0D +=0D + return 0;=0D +}=0D +=0D +/* Computes the length of the maximum initial segment of the string pointe= d to by s1=0D + which consists entirely of characters not from the string pointed to by= s2. */=0D +size_t=0D +strcspn (=0D + const char *s1,=0D + const char *s2=0D + )=0D +{=0D + UINT8 Map[32];=0D + UINT32 Index;=0D + size_t Count;=0D +=0D + for (Index =3D 0; Index < 32; Index++) {=0D + Map[Index] =3D 0;=0D + }=0D +=0D + while (*s2) {=0D + Map[*s2 >> 3] |=3D (1 << (*s2 & 7));=0D + s2++;=0D + }=0D +=0D + Map[0] |=3D 1;=0D +=0D + Count =3D 0;=0D + while (!(Map[*s1 >> 3] & (1 << (*s1 & 7)))) {=0D + Count++;=0D + s1++;=0D + }=0D +=0D + return Count;=0D +}=0D +=0D +char *=0D +strcpy (=0D + char *strDest,=0D + const char *strSource=0D + )=0D +{=0D + // AsciiStrCpyS (strDest, MAX_STRING_SIZE, strSource);=0D + // return strDest;=0D + return NULL;=0D +}=0D +=0D +//=0D +// -- Character Classification Routines --=0D +//=0D +=0D +/* Determines if a particular character is a decimal-digit character */=0D +int=0D +isdigit (=0D + int c=0D + )=0D +{=0D + //=0D + // ::=3D [0-9]=0D + //=0D + return (('0' <=3D (c)) && ((c) <=3D '9'));=0D +}=0D +=0D +/* Determine if an integer represents character that is a hex digit */=0D +int=0D +isxdigit (=0D + int c=0D + )=0D +{=0D + //=0D + // ::=3D [0-9] | [a-f] | [A-F]=0D + //=0D + return ((('0' <=3D (c)) && ((c) <=3D '9')) ||=0D + (('a' <=3D (c)) && ((c) <=3D 'f')) ||=0D + (('A' <=3D (c)) && ((c) <=3D 'F')));=0D +}=0D +=0D +/* Determines if a particular character represents a space character */=0D +int=0D +isspace (=0D + int c=0D + )=0D +{=0D + //=0D + // ::=3D [ ]=0D + //=0D + return ((c) =3D=3D ' ');=0D +}=0D +=0D +/* Determine if a particular character is an alphanumeric character */=0D +int=0D +isalnum (=0D + int c=0D + )=0D +{=0D + //=0D + // ::=3D [0-9] | [a-z] | [A-Z]=0D + //=0D + return ((('0' <=3D (c)) && ((c) <=3D '9')) ||=0D + (('a' <=3D (c)) && ((c) <=3D 'z')) ||=0D + (('A' <=3D (c)) && ((c) <=3D 'Z')));=0D +}=0D +=0D +/* Determines if a particular character is in upper case */=0D +int=0D +isupper (=0D + int c=0D + )=0D +{=0D + //=0D + // :=3D [A-Z]=0D + //=0D + return (('A' <=3D (c)) && ((c) <=3D 'Z'));=0D +}=0D +=0D +//=0D +// -- Data Conversion Routines --=0D +//=0D +=0D +/* Convert strings to a long-integer value */=0D +long=0D +strtol (=0D + const char *nptr,=0D + char **endptr,=0D + int base=0D + )=0D +{=0D + //=0D + // Null strtol() function implementation to satisfy the linker, since th= ere is=0D + // no direct functionality logic dependency in present UEFI cases.=0D + //=0D + return 0;=0D +}=0D +=0D +/* Convert strings to an unsigned long-integer value */=0D +unsigned long=0D +strtoul (=0D + const char *nptr,=0D + char **endptr,=0D + int base=0D + )=0D +{=0D + //=0D + // Null strtoul() function implementation to satisfy the linker, since t= here is=0D + // no direct functionality logic dependency in present UEFI cases.=0D + //=0D + return 0;=0D +}=0D +=0D +/* Convert character to lowercase */=0D +int=0D +tolower (=0D + int c=0D + )=0D +{=0D + if (('A' <=3D (c)) && ((c) <=3D 'Z')) {=0D + return (c - ('A' - 'a'));=0D + }=0D +=0D + return (c);=0D +}=0D +=0D +//=0D +// -- Searching and Sorting Routines --=0D +//=0D +=0D +/* Performs a quick sort */=0D +void=0D +qsort (=0D + void *base,=0D + size_t num,=0D + size_t width,=0D + int ( *compare )(const void *, const void *)=0D + )=0D +{=0D + VOID *Buffer;=0D +=0D + ASSERT (base !=3D NULL);=0D + ASSERT (compare !=3D NULL);=0D +=0D + //=0D + // Use CRT-style malloc to cover BS and RT memory allocation.=0D + //=0D + Buffer =3D malloc (width);=0D + ASSERT (Buffer !=3D NULL);=0D +=0D + //=0D + // Re-use PerformQuickSort() function Implementation in EDKII BaseSortLi= b.=0D + //=0D + QuickSortWorker (base, (UINTN)num, (UINTN)width, (SORT_COMPARE)compare, = Buffer);=0D +=0D + free (Buffer);=0D + return;=0D +}=0D +=0D +//=0D +// -- Process and Environment Control Routines --=0D +//=0D +=0D +/* Get a value from the current environment */=0D +char *=0D +getenv (=0D + const char *varname=0D + )=0D +{=0D + //=0D + // Null getenv() function implementation to satisfy the linker, since th= ere is=0D + // no direct functionality logic dependency in present UEFI cases.=0D + //=0D + return NULL;=0D +}=0D +=0D +/* Get a value from the current environment */=0D +char *=0D +secure_getenv (=0D + const char *varname=0D + )=0D +{=0D + //=0D + // Null secure_getenv() function implementation to satisfy the linker, s= ince=0D + // there is no direct functionality logic dependency in present UEFI cas= es.=0D + //=0D + // From the secure_getenv() manual: 'just like getenv() except that it=0D + // returns NULL in cases where "secure execution" is required'.=0D + //=0D + return NULL;=0D +}=0D +=0D +//=0D +// -- Stream I/O Routines --=0D +//=0D +=0D +/* Write data to a stream */=0D +size_t=0D +fwrite (=0D + const void *buffer,=0D + size_t size,=0D + size_t count,=0D + FILE *stream=0D + )=0D +{=0D + return 0;=0D +}=0D +=0D +#ifdef __GNUC__=0D +=0D +typedef=0D + VOID=0D +(EFIAPI *NoReturnFuncPtr)(=0D + VOID=0D + ) __attribute__ ((__noreturn__));=0D +=0D +STATIC=0D +VOID=0D +EFIAPI=0D +NopFunction (=0D + VOID=0D + )=0D +{=0D +}=0D +=0D +void=0D +abort (=0D + void=0D + )=0D +{=0D + NoReturnFuncPtr NoReturnFunc;=0D +=0D + NoReturnFunc =3D (NoReturnFuncPtr)NopFunction;=0D +=0D + NoReturnFunc ();=0D +}=0D +=0D +#else=0D +=0D +void=0D +abort (=0D + void=0D + )=0D +{=0D + // Do nothing=0D +}=0D +=0D +#endif=0D +=0D +int=0D +fclose (=0D + FILE *f=0D + )=0D +{=0D + return 0;=0D +}=0D +=0D +FILE *=0D +fopen (=0D + const char *c,=0D + const char *m=0D + )=0D +{=0D + return NULL;=0D +}=0D +=0D +size_t=0D +fread (=0D + void *b,=0D + size_t c,=0D + size_t i,=0D + FILE *f=0D + )=0D +{=0D + return 0;=0D +}=0D +=0D +uid_t=0D +getuid (=0D + void=0D + )=0D +{=0D + return 0;=0D +}=0D +=0D +uid_t=0D +geteuid (=0D + void=0D + )=0D +{=0D + return 0;=0D +}=0D +=0D +gid_t=0D +getgid (=0D + void=0D + )=0D +{=0D + return 0;=0D +}=0D +=0D +gid_t=0D +getegid (=0D + void=0D + )=0D +{=0D + return 0;=0D +}=0D +=0D +int=0D +printf (=0D + char const *fmt,=0D + ...=0D + )=0D +{=0D + return 0;=0D +}=0D +=0D +void *=0D +malloc (=0D + size_t a=0D + )=0D +{=0D + return NULL;=0D +}=0D +=0D +void *=0D +realloc (=0D + void *a,=0D + size_t b=0D + )=0D +{=0D + return NULL;=0D +}=0D +=0D +void=0D +free (=0D + void *b=0D + )=0D +{=0D +}=0D diff --git a/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf b/CryptoPkg/Librar= y/MbedTlsLib/MbedTlsLib.inf index adcf770902..93f8e69383 100644 --- a/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf +++ b/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf @@ -13,6 +13,7 @@ MODULE_TYPE =3D BASE=0D VERSION_STRING =3D 1.0=0D LIBRARY_CLASS =3D MbedTlsLib=0D + DEFINE OPENSSL_PATH =3D ../OpensslLib/openssl=0D =0D #=0D # The following information is for reference only and not required by the = build tools.=0D @@ -21,6 +22,11 @@ #=0D =0D [Sources]=0D +# Openssl files list starts here=0D + $(OPENSSL_PATH)/crypto/mem_clr.c=0D + $(OPENSSL_PATH)/crypto/sha/keccak1600.c=0D + $(OPENSSL_PATH)/crypto/sm3/sm3.c=0D +# Openssl files list ends here=0D Include/mbedtls/mbedtls_config.h=0D mbedtls/library/aes.c=0D mbedtls/library/asn1parse.c=0D diff --git a/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf b/CryptoPkg/Li= brary/MbedTlsLib/MbedTlsLibFull.inf index 7715392a9d..98695312cf 100644 --- a/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf +++ b/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf @@ -13,6 +13,7 @@ MODULE_TYPE =3D BASE=0D VERSION_STRING =3D 1.0=0D LIBRARY_CLASS =3D MbedTlsLib=0D + DEFINE OPENSSL_PATH =3D ../OpensslLib/openssl=0D =0D #=0D # The following information is for reference only and not required by the = build tools.=0D @@ -21,6 +22,11 @@ #=0D =0D [Sources]=0D +# Openssl files list starts here=0D + $(OPENSSL_PATH)/crypto/mem_clr.c=0D + $(OPENSSL_PATH)/crypto/sha/keccak1600.c=0D + $(OPENSSL_PATH)/crypto/sm3/sm3.c=0D +# Openssl files list ends here=0D Include/mbedtls/mbedtls_config.h=0D mbedtls/library/aes.c=0D mbedtls/library/asn1parse.c=0D --=20 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118058): https://edk2.groups.io/g/devel/message/118058 Mute This Topic: https://groups.io/mt/105662372/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-