From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web11.3703.1580806883683671806 for ; Tue, 04 Feb 2020 01:01:24 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: jian.j.wang@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Feb 2020 01:01:23 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,398,1574150400"; d="scan'208";a="263765159" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by fmsmga002.fm.intel.com with ESMTP; 04 Feb 2020 01:01:23 -0800 Received: from fmsmsx118.amr.corp.intel.com (10.18.116.18) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 4 Feb 2020 01:01:23 -0800 Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by fmsmsx118.amr.corp.intel.com (10.18.116.18) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 4 Feb 2020 01:01:22 -0800 Received: from shsmsx107.ccr.corp.intel.com ([169.254.9.46]) by SHSMSX104.ccr.corp.intel.com ([169.254.5.5]) with mapi id 14.03.0439.000; Tue, 4 Feb 2020 17:01:20 +0800 From: "Wang, Jian J" To: "Kinney, Michael D" , "devel@edk2.groups.io" CC: "Lu, XiaoyuX" Subject: Re: [Patch 5/5] CryptoPkg/CryptoPkg.dsc: Add build of Crypto libraries/modules Thread-Topic: [Patch 5/5] CryptoPkg/CryptoPkg.dsc: Add build of Crypto libraries/modules Thread-Index: AQHV1zsGiXUt/3TZmU6UM/iV0cQU6agKxNQw Date: Tue, 4 Feb 2020 09:01:20 +0000 Message-ID: References: <20200130070037.8516-1-michael.d.kinney@intel.com> <20200130070037.8516-6-michael.d.kinney@intel.com> In-Reply-To: <20200130070037.8516-6-michael.d.kinney@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZTE5MDA4NjItN2Y3OC00M2JiLWJlZTMtZDE2ZWFmZDYyOGFiIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiWVlVaE5NN3M1SHNqUlZISndqaE9PXC9IUnVkcytpY1wvaUxXdXBER3owTFBlSnU3NkNPN1VlM0JhS1ZzbEdWYjI1In0= x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.2.0.6 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: jian.j.wang@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jian J Wang Regards, Jian > -----Original Message----- > From: Kinney, Michael D > Sent: Thursday, January 30, 2020 3:01 PM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Lu, XiaoyuX > Subject: [Patch 5/5] CryptoPkg/CryptoPkg.dsc: Add build of Crypto > libraries/modules >=20 > https://bugzilla.tianocore.org/show_bug.cgi?id=3D2420 >=20 > Based on the following package with changes to merge into > CryptoPkg. >=20 > https://github.com/microsoft/mu_plus/tree/dev/201908/SharedCryptoPkg >=20 > Add Crypto library instances and modules that consume/produce > the EDK II Crypto Protocols/PPIs to the CryptoPkg DSC file. >=20 > The default build of CryptoPkg performs a package verification > build. >=20 > The CRYPTO_SERVICES define is added that supports the following > settings. >=20 > * PACKAGE - Package verification build of all components. Null > versions of libraries are used to minimize build time= s. > * ALL - Build PEIM, DXE, and SMM drivers. Protocols and PPIs > publish all services. > * NONE - Build PEIM, DXE, and SMM drivers. Protocols and PPIs > publish no services. Used to verify compiler/linker > optimizations are working correctly. > * MIN_PEI - Build PEIM with PPI that publishes minimum required > services. > * MIN_DXE_MIN_SMM - Build DXE and SMM drivers with Protocols that publish > minimum required services. >=20 > Cc: Jian J Wang > Cc: Xiaoyu Lu > Signed-off-by: Michael D Kinney > --- > CryptoPkg/CryptoPkg.dsc | 209 +++++++++++++++++++++++++++++++++++----- > 1 file changed, 183 insertions(+), 26 deletions(-) >=20 > diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc > index ec43c1f0a4..72324fe75f 100644 > --- a/CryptoPkg/CryptoPkg.dsc > +++ b/CryptoPkg/CryptoPkg.dsc > @@ -1,7 +1,8 @@ > ## @file > # Cryptographic Library Package for UEFI Security Implementation. > +# PEIM, DXE Driver, and SMM Driver with all crypto services enabled. > # > -# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved. > +# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved. > # SPDX-License-Identifier: BSD-2-Clause-Patent > # > ## > @@ -21,6 +22,28 @@ [Defines] > BUILD_TARGETS =3D DEBUG|RELEASE|NOOPT > SKUID_IDENTIFIER =3D DEFAULT >=20 > + # > + # Flavor of PEI, DXE, SMM modules to build. > + # Must be one of ALL, NONE, MIN_PEI, MIN_DXE_MIN_SMM. > + # Default is ALL that is used for package build verification. > + # PACKAGE - Package verification build of all components. N= ull > + # versions of libraries are used to minimize build= times. > + # ALL - Build PEIM, DXE, and SMM drivers. Protocols and= PPIs > + # publish all services. > + # NONE - Build PEIM, DXE, and SMM drivers. Protocols and= PPIs > + # publish no services. Used to verify compiler/li= nker > + # optimizations are working correctly. > + # MIN_PEI - Build PEIM with PPI that publishes minimum requi= red > + # services. > + # MIN_DXE_MIN_SMM - Build DXE and SMM drivers with Protocols that > publish > + # minimum required services. > + # > + DEFINE CRYPTO_SERVICES =3D PACKAGE > +!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_PEI > MIN_DXE_MIN_SMM" > +!else > + !error CRYPTO_SERVICES must be set to one of PACKAGE ALL NONE MIN_PEI > MIN_DXE_MIN_SMM. > +!endif > + >=20 > ################################################################# > ############### > # > # Library Class section - list of all Library Classes needed by this Pla= tform. > @@ -29,21 +52,12 @@ [Defines] > [LibraryClasses] > BaseLib|MdePkg/Library/BaseLib/BaseLib.inf > BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf > - > MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryA > llocationLib.inf > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf > DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf > - > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDe > bugPrintErrorLevelLib.inf > - PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf > - UefiLib|MdePkg/Library/UefiLib/UefiLib.inf > - DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf >=20 > UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBoot= S > ervicesTableLib.inf > - > UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/Ue > fiRuntimeServicesTableLib.inf > - UefiRuntimeLib|MdePkg/Library/UefiRuntimeLib/UefiRuntimeLib.inf >=20 > UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryP= oin > t.inf > - > UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiAp= pli > cationEntryPoint.inf > - > - IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > - OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > + BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf >=20 > [LibraryClasses.ARM, LibraryClasses.AARCH64] > # > @@ -57,41 +71,140 @@ [LibraryClasses.ARM, LibraryClasses.AARCH64] > # Add support for stack protector > NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf >=20 > +[LibraryClasses.common.PEIM] > + PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf > + > MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllo > cationLib.inf > + > PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/PeiS= ervi > cesTablePointerLib.inf > + PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf > + HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf > + > +[LibraryClasses.common.DXE_SMM_DRIVER] > + > SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTable > Lib.inf > + > MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemory > AllocationLib.inf > + > +!if $(CRYPTO_SERVICES) IN "ALL NONE MIN_PEI MIN_DXE_MIN_SMM" > +[LibraryClasses] > + > MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryA > llocationLib.inf > + > DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDe > bugLibReportStatusCode.inf > + > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDe > bugPrintErrorLevelLib.inf > + > OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/ > OemHookStatusCodeLibNull.inf > + PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf > + DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf > + PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf > + > TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat > e.inf > + > UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/Ue > fiRuntimeServicesTableLib.inf #??? > + IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf > #??? > + OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > + IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > + SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf > + > [LibraryClasses.ARM] > ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf >=20 > [LibraryClasses.common.PEIM] > + PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf > + > ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiRepo > rtStatusCodeLib.inf > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf > + > +[LibraryClasses.IA32.PEIM, LibraryClasses.X64.PEIM] > + > PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/P= eiSe > rvicesTablePointerLibIdt.inf > + > +[LibraryClasses.ARM.PEIM, LibraryClasses.AARCH64.PEIM] > + > PeiServicesTablePointerLib|ArmPkg/Library/PeiServicesTablePointerLib/PeiS= ervi > cesTablePointerLib.inf >=20 > [LibraryClasses.common.DXE_DRIVER] > + > ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeRep > ortStatusCodeLib.inf > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > - > -[LibraryClasses.common.DXE_RUNTIME_DRIVER] > - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > + TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf >=20 > [LibraryClasses.common.DXE_SMM_DRIVER] > + > ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/SmmR > eportStatusCodeLib.inf > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > - > -[LibraryClasses.common.UEFI_DRIVER] > - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > - > -[LibraryClasses.common.UEFI_APPLICATION] > - BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > + TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf > +!endif >=20 >=20 > ################################################################# > ############### > # > # Pcd Section - list of all EDK II PCD Entries defined by this Platform > # >=20 > ################################################################# > ############### > -[PcdsFeatureFlag] > - gEfiMdePkgTokenSpaceGuid.PcdComponentName2Disable|TRUE > - gEfiMdePkgTokenSpaceGuid.PcdDriverDiagnostics2Disable|TRUE > - > [PcdsFixedAtBuild] > gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0f > gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000000 > gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x06 >=20 > +!if $(CRYPTO_SERVICES) IN "PACKAGE ALL" > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacMd5.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fam > ily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md4.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md5.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tdes.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | > PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > +!endif > + > +!if $(CRYPTO_SERVICES) =3D=3D MIN_PEI > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fam > ily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pkc= s > 1Verify | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.New > | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fre= e > | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Set= K > ey | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pk= c > s5HashPassword | TRUE > +!endif > + > +!if $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fam > ily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pk= c > s1v2Encrypt | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pk= c > s5HashPassword | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pk= c > s7Verify | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Ve= ri > fyEKUsInPkcs7Signature | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pk= c > s7GetSigners | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pk= c > s7FreeSigners | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Au= t > henticodeVerify | TRUE > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pkc= s > 1Verify | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.New > | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Fre= e > | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Set= K > ey | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Get= P > ublicKeyFromX509 | TRUE > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services. > HashAll | FALSE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.Ge= t > SubjectName | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.Ge= t > CommonName | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.Ge= t > OrganizationName | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.Ge= t > TBSCert | TRUE > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Ini= t > | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cbc= E > ncrypt | TRUE > + > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Cbc > Decrypt | TRUE > +!endif > + >=20 > ################################################################# > ################################## > # > # Components Section - list of the modules and components that will be > processed by compilation > @@ -110,9 +223,11 @@ [PcdsFixedAtBuild] > # generated for it, but the binary will not be put into any firmwa= re volume. > # >=20 > ################################################################# > ################################## > +!if $(CRYPTO_SERVICES) =3D=3D PACKAGE > [Components] > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > + CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > @@ -121,8 +236,50 @@ [Components] > CryptoPkg/Library/OpensslLib/OpensslLib.inf > CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf >=20 > + CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf > + CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf > + CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf > +!endif > + > +!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_PEI" > +[Components.IA32, Components.X64, Components.ARM, > Components.AARCH64] > + CryptoPkg/Driver/CryptoPei.inf { > + > + !if $(CRYPTO_SERVICES) =3D=3D ALL > + FILE_GUID =3D 8DF53C2E-3380-495F-A8B7-370CFE28E1C6 > + !elseif $(CRYPTO_SERVICES) =3D=3D NONE > + FILE_GUID =3D E5A97EE3-71CC-407F-9DA9-6BE0C8A6C7DF > + !elseif $(CRYPTO_SERVICES) =3D=3D MIN_PEI > + FILE_GUID =3D 0F5827A9-35FD-4F41-8D38-9BAFCE594D31 > + !endif > + } > +!endif > + > +!if $(CRYPTO_SERVICES) IN "PACKAGE ALL NONE MIN_DXE_MIN_SMM" > +[Components.IA32, Components.X64, Components.AARCH64] > + CryptoPkg/Driver/CryptoDxe.inf { > + > + !if $(CRYPTO_SERVICES) =3D=3D ALL > + FILE_GUID =3D D9444B06-060D-42C5-9344-F04707BE0169 > + !elseif $(CRYPTO_SERVICES) =3D=3D NONE > + FILE_GUID =3D C7A340F4-A6CC-4F95-A2DA-42BEA4C3944A > + !elseif $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM > + FILE_GUID =3D DDF5BE9E-159A-4B77-B6D7-82B84B5763A2 > + !endif > + } > + > [Components.IA32, Components.X64] > - CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > + CryptoPkg/Driver/CryptoSmm.inf { > + > + !if $(CRYPTO_SERVICES) =3D=3D ALL > + FILE_GUID =3D A3542CE8-77F7-49DC-A834-45D37D2EC1FA > + !elseif $(CRYPTO_SERVICES) =3D=3D NONE > + FILE_GUID =3D 6DCB3127-01E7-4131-A487-DC77A965A541 > + !elseif $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM > + FILE_GUID =3D 85F7EA15-3A2B-474A-8875-180542CD6BF3 > + !endif > + } > +!endif >=20 > [BuildOptions] > *_*_*_CC_FLAGS =3D -D DISABLE_NEW_DEPRECATED_INTERFACES > -- > 2.21.0.windows.1