* [PATCH v6 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib.
@ 2022-03-17 4:34 Li, Zhihao
2022-03-17 14:12 ` Yao, Jiewen
0 siblings, 1 reply; 7+ messages in thread
From: Li, Zhihao @ 2022-03-17 4:34 UTC (permalink / raw)
To: devel; +Cc: Jiewen Yao, Jian J Wang, Xiaoyu Lu, Guomin Jiang, Siyuan Fu
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3596
Parallel hash function ParallelHash256HashAll, as defined in NIST's
Special Publication 800-185, published December 2016. It utilizes
multi-process to calculate the digest.
Passed CI test.
Onprotocol version code passed test.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Zhihao Li <zhihao.li@intel.com>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
---
CryptoPkg/Driver/Crypto.c | 38 ++-
CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c | 282 ++++++++++++++++++++
CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c | 278 +++++++++++++++++++
CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c | 40 +++
CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c | 166 ++++++++++++
CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c | 107 ++++++++
CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c | 40 +++
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 34 ++-
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c | 145 ++++++++++
CryptoPkg/CryptoPkg.ci.yaml | 4 +-
CryptoPkg/Include/Library/BaseCryptLib.h | 31 ++-
CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h | 8 +-
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +-
CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h | 201 ++++++++++++++
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 3 +-
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 3 +-
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 8 +-
CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 3 +-
CryptoPkg/Library/Include/CrtLibSupport.h | 3 +-
CryptoPkg/Private/Protocol/Crypto.h | 35 ++-
CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 4 +
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf | 4 +
22 files changed, 1426 insertions(+), 14 deletions(-)
diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index d5d6aa8e5820..5a9245c07cc5 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -3,7 +3,7 @@
from BaseCryptLib and TlsLib.
Copyright (C) Microsoft Corporation. All rights reserved.
- Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -4470,6 +4470,38 @@ CryptoServiceTlsGetCertRevocationList (
return CALL_BASECRYPTLIB (TlsGet.Services.CertRevocationList, TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED);
}
+/**
+ Parallel hash function ParallelHash256, as defined in NIST's Special Publication 800-185,
+ published December 2016.
+
+ @param[in] Input Pointer to the input message (X).
+ @param[in] InputByteLen The number(>0) of input bytes provided for the input data.
+ @param[in] BlockSize The size of each block (B).
+ @param[out] Output Pointer to the output buffer.
+ @param[in] OutputByteLen The desired number of output bytes (L).
+ @param[in] Customization Pointer to the customization string (S).
+ @param[in] CustomByteLen The length of the customization string in bytes.
+
+ @retval TRUE ParallelHash256 digest computation succeeded.
+ @retval FALSE ParallelHash256 digest computation failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+CryptoServiceParallelHash256HashAll (
+ IN CONST VOID *Input,
+ IN UINTN InputByteLen,
+ IN UINTN BlockSize,
+ OUT VOID *Output,
+ IN UINTN OutputByteLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomByteLen
+ )
+{
+ return CALL_BASECRYPTLIB (ParallelHash.Services.HashAll, ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE);
+}
+
const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
/// Version
CryptoServiceGetCryptoVersion,
@@ -4670,5 +4702,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
CryptoServiceTlsGetCaCertificate,
CryptoServiceTlsGetHostPublicCert,
CryptoServiceTlsGetHostPrivateKey,
- CryptoServiceTlsGetCertRevocationList
+ CryptoServiceTlsGetCertRevocationList,
+ /// Parallel hash
+ CryptoServiceParallelHash256HashAll
};
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
new file mode 100644
index 000000000000..2a9eaf9eec40
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
@@ -0,0 +1,282 @@
+/** @file
+ cSHAKE-256 Digest Wrapper Implementations.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "CryptParallelHash.h"
+
+#define CSHAKE256_SECURITY_STRENGTH 256
+#define CSHAKE256_RATE_IN_BYTES 136
+
+CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] = { 0 };
+
+/**
+ CShake256 initial function.
+
+ Initializes user-supplied memory pointed by CShake256Context as cSHAKE-256 hash context for
+ subsequent use.
+
+ @param[out] CShake256Context Pointer to cSHAKE-256 context being initialized.
+ @param[in] OutputLen The desired number of output length in bytes.
+ @param[in] Name Pointer to the function name string.
+ @param[in] NameLen The length of the function name in bytes.
+ @param[in] Customization Pointer to the customization string.
+ @param[in] CustomizationLen The length of the customization string in bytes.
+
+ @retval TRUE cSHAKE-256 context initialization succeeded.
+ @retval FALSE cSHAKE-256 context initialization failed.
+ @retval FALSE This interface is not supported.
+**/
+BOOLEAN
+EFIAPI
+CShake256Init (
+ OUT VOID *CShake256Context,
+ IN UINTN OutputLen,
+ IN CONST VOID *Name,
+ IN UINTN NameLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomizationLen
+ )
+{
+ BOOLEAN Status;
+ UINT8 EncBuf[sizeof (UINTN) + 1];
+ UINTN EncLen;
+ UINTN AbsorbLen;
+ UINTN PadLen;
+
+ //
+ // Check input parameters.
+ //
+ if ((CShake256Context == NULL) || (OutputLen == 0) || ((NameLen != 0) && (Name == NULL)) || ((CustomizationLen != 0) && (Customization == NULL))) {
+ return FALSE;
+ }
+
+ //
+ // Initialize KECCAK context with pad value and block size.
+ //
+ if ((NameLen == 0) && (CustomizationLen == 0)) {
+ //
+ // When N and S are both empty strings, cSHAKE(X, L, N, S) is equivalent to
+ // SHAKE as defined in FIPS 202.
+ //
+ Status = (BOOLEAN)KeccakInit (
+ (Keccak1600_Ctx *)CShake256Context,
+ '\x1f',
+ (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2) / 8,
+ OutputLen
+ );
+
+ return Status;
+ } else {
+ Status = (BOOLEAN)KeccakInit (
+ (Keccak1600_Ctx *)CShake256Context,
+ '\x04',
+ (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2) / 8,
+ OutputLen
+ );
+ if (!Status) {
+ return FALSE;
+ }
+
+ AbsorbLen = 0;
+ //
+ // Absorb Absorb bytepad(.., rate).
+ //
+ EncLen = LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES);
+ Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, EncBuf, EncLen);
+ if (!Status) {
+ return FALSE;
+ }
+
+ AbsorbLen += EncLen;
+
+ //
+ // Absorb encode_string(N).
+ //
+ EncLen = LeftEncode (EncBuf, NameLen * 8);
+ Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, EncBuf, EncLen);
+ if (!Status) {
+ return FALSE;
+ }
+
+ AbsorbLen += EncLen;
+ Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, Name, NameLen);
+ if (!Status) {
+ return FALSE;
+ }
+
+ AbsorbLen += NameLen;
+
+ //
+ // Absorb encode_string(S).
+ //
+ EncLen = LeftEncode (EncBuf, CustomizationLen * 8);
+ Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, EncBuf, EncLen);
+ if (!Status) {
+ return FALSE;
+ }
+
+ AbsorbLen += EncLen;
+ Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, Customization, CustomizationLen);
+ if (!Status) {
+ return FALSE;
+ }
+
+ AbsorbLen += CustomizationLen;
+
+ //
+ // Absorb zero padding up to rate.
+ //
+ PadLen = CSHAKE256_RATE_IN_BYTES - AbsorbLen % CSHAKE256_RATE_IN_BYTES;
+ Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, mZeroPadding, PadLen);
+ if (!Status) {
+ return FALSE;
+ }
+
+ return TRUE;
+ }
+}
+
+/**
+ Digests the input data and updates cSHAKE-256 context.
+
+ This function performs cSHAKE-256 digest on a data buffer of the specified size.
+ It can be called multiple times to compute the digest of long or discontinuous data streams.
+ cSHAKE-256 context should be already correctly initialized by CShake256Init(), and should not be finalized
+ by CShake256Final(). Behavior with invalid context is undefined.
+
+ @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval TRUE cSHAKE-256 data digest succeeded.
+ @retval FALSE cSHAKE-256 data digest failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+CShake256Update (
+ IN OUT VOID *CShake256Context,
+ IN CONST VOID *Data,
+ IN UINTN DataSize
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if (CShake256Context == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Check invalid parameters, in case that only DataLength was checked in OpenSSL.
+ //
+ if ((Data == NULL) && (DataSize != 0)) {
+ return FALSE;
+ }
+
+ return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context, Data, DataSize));
+}
+
+/**
+ Completes computation of the cSHAKE-256 digest value.
+
+ This function completes cSHAKE-256 hash computation and retrieves the digest value into
+ the specified memory. After this function has been called, the cSHAKE-256 context cannot
+ be used again.
+ cSHAKE-256 context should be already correctly initialized by CShake256Init(), and should not be
+ finalized by CShake256Final(). Behavior with invalid cSHAKE-256 context is undefined.
+
+ @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.
+ @param[out] HashValue Pointer to a buffer that receives the cSHAKE-256 digest
+ value.
+
+ @retval TRUE cSHAKE-256 digest computation succeeded.
+ @retval FALSE cSHAKE-256 digest computation failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+CShake256Final (
+ IN OUT VOID *CShake256Context,
+ OUT UINT8 *HashValue
+ )
+{
+ //
+ // Check input parameters.
+ //
+ if ((CShake256Context == NULL) || (HashValue == NULL)) {
+ return FALSE;
+ }
+
+ //
+ // cSHAKE-256 Hash Finalization.
+ //
+ return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context, HashValue));
+}
+
+/**
+ Computes the CSHAKE-256 message digest of a input data buffer.
+
+ This function performs the CSHAKE-256 message digest of a given data buffer, and places
+ the digest value into the specified memory.
+
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+ @param[in] OutputLen Size of output in bytes.
+ @param[in] Name Pointer to the function name string.
+ @param[in] NameLen Size of the function name in bytes.
+ @param[in] Customization Pointer to the customization string.
+ @param[in] CustomizationLen Size of the customization string in bytes.
+ @param[out] HashValue Pointer to a buffer that receives the CSHAKE-256 digest
+ value.
+
+ @retval TRUE CSHAKE-256 digest computation succeeded.
+ @retval FALSE CSHAKE-256 digest computation failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+CShake256HashAll (
+ IN CONST VOID *Data,
+ IN UINTN DataSize,
+ IN UINTN OutputLen,
+ IN CONST VOID *Name,
+ IN UINTN NameLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomizationLen,
+ OUT UINT8 *HashValue
+ )
+{
+ BOOLEAN Status;
+ Keccak1600_Ctx Ctx;
+
+ //
+ // Check input parameters.
+ //
+ if (HashValue == NULL) {
+ return FALSE;
+ }
+
+ if ((Data == NULL) && (DataSize != 0)) {
+ return FALSE;
+ }
+
+ Status = CShake256Init (&Ctx, OutputLen, Name, NameLen, Customization, CustomizationLen);
+ if (!Status) {
+ return FALSE;
+ }
+
+ Status = CShake256Update (&Ctx, Data, DataSize);
+ if (!Status) {
+ return FALSE;
+ }
+
+ return CShake256Final (&Ctx, HashValue);
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
new file mode 100644
index 000000000000..f7ce9dbf523e
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
@@ -0,0 +1,278 @@
+/** @file
+ ParallelHash Implementation.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "CryptParallelHash.h"
+#include <Library/MmServicesTableLib.h>
+#include <Library/SynchronizationLib.h>
+
+#define PARALLELHASH_CUSTOMIZATION "ParallelHash"
+
+UINTN mBlockNum;
+UINTN mBlockSize;
+UINTN mLastBlockSize;
+UINT8 *mInput;
+UINTN mBlockResultSize;
+UINT8 *mBlockHashResult;
+BOOLEAN *mBlockIsCompleted;
+SPIN_LOCK *mSpinLockList;
+
+/**
+ Complete computation of digest of each block.
+
+ Each AP perform the function called by BSP.
+
+ @param[in] ProcedureArgument Argument of the procedure.
+**/
+VOID
+EFIAPI
+ParallelHashApExecute (
+ IN VOID *ProcedureArgument
+ )
+{
+ UINTN Index;
+ BOOLEAN Status;
+
+ for (Index = 0; Index < mBlockNum; Index++) {
+ if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
+ //
+ // Completed, try next one.
+ //
+ if (mBlockIsCompleted[Index]) {
+ ReleaseSpinLock (&mSpinLockList[Index]);
+ continue;
+ }
+
+ //
+ // Calculate CShake256 for this block.
+ //
+ Status = CShake256HashAll (
+ mInput + Index * mBlockSize,
+ (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
+ mBlockResultSize,
+ NULL,
+ 0,
+ NULL,
+ 0,
+ mBlockHashResult + Index * mBlockResultSize
+ );
+ if (!EFI_ERROR (Status)) {
+ mBlockIsCompleted[Index] = TRUE;
+ }
+
+ ReleaseSpinLock (&mSpinLockList[Index]);
+ }
+ }
+}
+
+/**
+ Dispatch the block task to each AP in SMM mode.
+
+**/
+VOID
+EFIAPI
+MmDispatchBlockToAP (
+ VOID
+ )
+{
+ UINTN Index;
+
+ for (Index = 0; Index < gMmst->NumberOfCpus; Index++) {
+ if (Index != gMmst->CurrentlyExecutingCpu) {
+ gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL);
+ }
+ }
+
+ return;
+}
+
+/**
+ Parallel hash function ParallelHash256, as defined in NIST's Special Publication 800-185,
+ published December 2016.
+
+ @param[in] Input Pointer to the input message (X).
+ @param[in] InputByteLen The number(>0) of input bytes provided for the input data.
+ @param[in] BlockSize The size of each block (B).
+ @param[out] Output Pointer to the output buffer.
+ @param[in] OutputByteLen The desired number of output bytes (L).
+ @param[in] Customization Pointer to the customization string (S).
+ @param[in] CustomByteLen The length of the customization string in bytes.
+
+ @retval TRUE ParallelHash256 digest computation succeeded.
+ @retval FALSE ParallelHash256 digest computation failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+ParallelHash256HashAll (
+ IN CONST VOID *Input,
+ IN UINTN InputByteLen,
+ IN UINTN BlockSize,
+ OUT VOID *Output,
+ IN UINTN OutputByteLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomByteLen
+ )
+{
+ UINT8 EncBufB[sizeof (UINTN)+1];
+ UINTN EncSizeB;
+ UINT8 EncBufN[sizeof (UINTN)+1];
+ UINTN EncSizeN;
+ UINT8 EncBufL[sizeof (UINTN)+1];
+ UINTN EncSizeL;
+ UINTN Index;
+ UINT8 *CombinedInput;
+ UINTN CombinedInputSize;
+ BOOLEAN AllCompleted;
+ UINTN Offset;
+ BOOLEAN ReturnValue;
+
+ if ((InputByteLen == 0) || (OutputByteLen == 0) || (BlockSize == 0)) {
+ return FALSE;
+ }
+
+ if ((Input == NULL) || (Output == NULL)) {
+ return FALSE;
+ }
+
+ if ((CustomByteLen != 0) && (Customization == NULL)) {
+ return FALSE;
+ }
+
+ mBlockSize = BlockSize;
+
+ //
+ // Calculate block number n.
+ //
+ mBlockNum = InputByteLen % mBlockSize == 0 ? InputByteLen / mBlockSize : InputByteLen / mBlockSize + 1;
+
+ //
+ // Set hash result size of each block in bytes.
+ //
+ mBlockResultSize = OutputByteLen;
+
+ //
+ // Encode B, n, L to string and record size.
+ //
+ EncSizeB = LeftEncode (EncBufB, mBlockSize);
+ EncSizeN = RightEncode (EncBufN, mBlockNum);
+ EncSizeL = RightEncode (EncBufL, OutputByteLen * CHAR_BIT);
+
+ //
+ // Allocate buffer for combined input (newX), Block completed flag and SpinLock.
+ //
+ CombinedInputSize = EncSizeB + EncSizeN + EncSizeL + mBlockNum * mBlockResultSize;
+ CombinedInput = AllocateZeroPool (CombinedInputSize);
+ mBlockIsCompleted = AllocateZeroPool (mBlockNum * sizeof (BOOLEAN));
+ mSpinLockList = AllocatePool (mBlockNum * sizeof (SPIN_LOCK));
+ if ((CombinedInput == NULL) || (mBlockIsCompleted == NULL) || (mSpinLockList == NULL)) {
+ ReturnValue = FALSE;
+ goto Exit;
+ }
+
+ //
+ // Fill LeftEncode(B).
+ //
+ CopyMem (CombinedInput, EncBufB, EncSizeB);
+
+ //
+ // Prepare for parallel hash.
+ //
+ mBlockHashResult = CombinedInput + EncSizeB;
+ mInput = (UINT8 *)Input;
+ mLastBlockSize = InputByteLen % mBlockSize == 0 ? mBlockSize : InputByteLen % mBlockSize;
+
+ //
+ // Initialize SpinLock for each result block.
+ //
+ for (Index = 0; Index < mBlockNum; Index++) {
+ InitializeSpinLock (&mSpinLockList[Index]);
+ }
+
+ //
+ // Dispatch blocklist to each AP.
+ //
+ if (gMmst != NULL) {
+ MmDispatchBlockToAP ();
+ }
+
+ //
+ // Wait until all block hash completed.
+ //
+ do {
+ AllCompleted = TRUE;
+ for (Index = 0; Index < mBlockNum; Index++) {
+ if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
+ if (!mBlockIsCompleted[Index]) {
+ AllCompleted = FALSE;
+ ReturnValue = CShake256HashAll (
+ mInput + Index * mBlockSize,
+ (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
+ mBlockResultSize,
+ NULL,
+ 0,
+ NULL,
+ 0,
+ mBlockHashResult + Index * mBlockResultSize
+ );
+ if (ReturnValue) {
+ mBlockIsCompleted[Index] = TRUE;
+ }
+
+ ReleaseSpinLock (&mSpinLockList[Index]);
+ break;
+ }
+
+ ReleaseSpinLock (&mSpinLockList[Index]);
+ } else {
+ AllCompleted = FALSE;
+ break;
+ }
+ }
+ } while (!AllCompleted);
+
+ //
+ // Fill LeftEncode(n).
+ //
+ Offset = EncSizeB + mBlockNum * mBlockResultSize;
+ CopyMem (CombinedInput + Offset, EncBufN, EncSizeN);
+
+ //
+ // Fill LeftEncode(L).
+ //
+ Offset += EncSizeN;
+ CopyMem (CombinedInput + Offset, EncBufL, EncSizeL);
+
+ ReturnValue = CShake256HashAll (
+ CombinedInput,
+ CombinedInputSize,
+ OutputByteLen,
+ PARALLELHASH_CUSTOMIZATION,
+ AsciiStrLen (PARALLELHASH_CUSTOMIZATION),
+ Customization,
+ CustomByteLen,
+ Output
+ );
+
+Exit:
+ ZeroMem (CombinedInput, CombinedInputSize);
+
+ if (CombinedInput != NULL) {
+ FreePool (CombinedInput);
+ }
+
+ if (mSpinLockList != NULL) {
+ FreePool ((VOID *)mSpinLockList);
+ }
+
+ if (mBlockIsCompleted != NULL) {
+ FreePool (mBlockIsCompleted);
+ }
+
+ return ReturnValue;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
new file mode 100644
index 000000000000..2bf89594def5
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
@@ -0,0 +1,40 @@
+/** @file
+ ParallelHash Implementation which does not provide real capabilities.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+
+/**
+ Parallel hash function ParallelHash256, as defined in NIST's Special Publication 800-185,
+ published December 2016.
+
+ @param[in] Input Pointer to the input message (X).
+ @param[in] InputByteLen The number(>0) of input bytes provided for the input data.
+ @param[in] BlockSize The size of each block (B).
+ @param[out] Output Pointer to the output buffer.
+ @param[in] OutputByteLen The desired number of output bytes (L).
+ @param[in] Customization Pointer to the customization string (S).
+ @param[in] CustomByteLen The length of the customization string in bytes.
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+ParallelHash256HashAll (
+ IN CONST VOID *Input,
+ IN UINTN InputByteLen,
+ IN UINTN BlockSize,
+ OUT VOID *Output,
+ IN UINTN OutputByteLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomByteLen
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
new file mode 100644
index 000000000000..6abafc3c00e6
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
@@ -0,0 +1,166 @@
+/** @file
+ SHA3 realted functions from OpenSSL.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+https://www.openssl.org/source/license.html
+**/
+
+#include "CryptParallelHash.h"
+
+/**
+ Keccak initial fuction.
+
+ Set up state with specified capacity.
+
+ @param[out] Context Pointer to the context being initialized.
+ @param[in] Pad Delimited Suffix.
+ @param[in] BlockSize Size of context block.
+ @param[in] MessageDigestLen Size of message digest in bytes.
+
+ @retval 1 Initialize successfully.
+ @retval 0 Fail to initialize.
+**/
+UINT8
+EFIAPI
+KeccakInit (
+ OUT Keccak1600_Ctx *Context,
+ IN UINT8 Pad,
+ IN UINTN BlockSize,
+ IN UINTN MessageDigestLen
+ )
+{
+ if (BlockSize <= sizeof (Context->buf)) {
+ memset (Context->A, 0, sizeof (Context->A));
+
+ Context->num = 0;
+ Context->block_size = BlockSize;
+ Context->md_size = MessageDigestLen;
+ Context->pad = Pad;
+
+ return 1;
+ }
+
+ return 0;
+}
+
+/**
+ Sha3 update fuction.
+
+ This function performs Sha3 digest on a data buffer of the specified size.
+ It can be called multiple times to compute the digest of long or discontinuous data streams.
+
+ @param[in,out] Context Pointer to the Keccak context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval 1 Update successfully.
+**/
+UINT8
+EFIAPI
+Sha3Update (
+ IN OUT Keccak1600_Ctx *Context,
+ IN const VOID *Data,
+ IN UINTN DataSize
+ )
+{
+ const UINT8 *DataCopy;
+ UINTN BlockSize;
+ UINTN Num;
+ UINTN Rem;
+
+ DataCopy = Data;
+ BlockSize = (UINT8)(Context->block_size);
+
+ if (DataSize == 0) {
+ return 1;
+ }
+
+ if ((Num = Context->num) != 0) {
+ //
+ // process intermediate buffer
+ //
+ Rem = BlockSize - Num;
+
+ if (DataSize < Rem) {
+ memcpy (Context->buf + Num, DataCopy, DataSize);
+ Context->num += DataSize;
+ return 1;
+ }
+
+ //
+ // We have enough data to fill or overflow the intermediate
+ // buffer. So we append |Rem| bytes and process the block,
+ // leaving the rest for later processing.
+ //
+ memcpy (Context->buf + Num, DataCopy, Rem);
+ DataCopy += Rem;
+ DataSize -= Rem;
+ (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
+ Context->num = 0;
+ // Context->buf is processed, Context->num is guaranteed to be zero.
+ }
+
+ if (DataSize >= BlockSize) {
+ Rem = SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize);
+ } else {
+ Rem = DataSize;
+ }
+
+ if (Rem > 0) {
+ memcpy (Context->buf, DataCopy + DataSize - Rem, Rem);
+ Context->num = Rem;
+ }
+
+ return 1;
+}
+
+/**
+ Completes computation of Sha3 message digest.
+
+ This function completes sha3 hash computation and retrieves the digest value into
+ the specified memory. After this function has been called, the keccak context cannot
+ be used again.
+
+ @param[in, out] Context Pointer to the keccak context.
+ @param[out] MessageDigest Pointer to a buffer that receives the message digest.
+
+ @retval 1 Meaasge digest computation succeeded.
+**/
+UINT8
+EFIAPI
+Sha3Final (
+ IN OUT Keccak1600_Ctx *Context,
+ OUT UINT8 *MessageDigest
+ )
+{
+ UINTN BlockSize;
+ UINTN Num;
+
+ BlockSize = Context->block_size;
+ Num = Context->num;
+
+ if (Context->md_size == 0) {
+ return 1;
+ }
+
+ //
+ // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1|
+ // in which case both byte operations below are performed on
+ // same byte.
+ //
+ memset (Context->buf + Num, 0, BlockSize - Num);
+ Context->buf[Num] = Context->pad;
+ Context->buf[BlockSize - 1] |= 0x80;
+
+ (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
+
+ SHA3_squeeze (Context->A, MessageDigest, Context->md_size, BlockSize);
+
+ return 1;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
new file mode 100644
index 000000000000..12c46cfbcd59
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
@@ -0,0 +1,107 @@
+/** @file
+ Encode realted functions from Xkcp.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+Copyright 2022 The eXtended Keccak Code Package (XKCP)
+https://github.com/XKCP/XKCP
+Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles Van Assche.
+Implementation by the designers, hereby denoted as "the implementer".
+For more information, feedback or questions, please refer to the Keccak Team website:
+https://keccak.team/
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+
+**/
+
+#include "CryptParallelHash.h"
+
+/**
+ Encode function from XKCP.
+
+ Encodes the input as a byte string in a way that can be unambiguously parsed
+ from the beginning of the string by inserting the length of the byte string
+ before the byte string representation of input.
+
+ @param[out] EncBuf Result of left encode.
+ @param[in] Value Input of left encode.
+
+ @retval EncLen Size of encode result in bytes.
+**/
+UINTN
+EFIAPI
+LeftEncode (
+ OUT UINT8 *EncBuf,
+ IN UINTN Value
+ )
+{
+ UINT32 BlockNum;
+ UINT32 EncLen;
+ UINT32 Index;
+ UINTN ValueCopy;
+
+ for ( ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum < sizeof (UINTN)); ++BlockNum, ValueCopy >>= 8 ) {
+ //
+ // Empty
+ //
+ }
+
+ if (BlockNum == 0) {
+ BlockNum = 1;
+ }
+
+ for (Index = 1; Index <= BlockNum; ++Index) {
+ EncBuf[Index] = (UINT8)(Value >> (8 * (BlockNum - Index)));
+ }
+
+ EncBuf[0] = (UINT8)BlockNum;
+ EncLen = BlockNum + 1;
+
+ return EncLen;
+}
+
+/**
+ Encode function from XKCP.
+
+ Encodes the input as a byte string in a way that can be unambiguously parsed
+ from the end of the string by inserting the length of the byte string after
+ the byte string representation of input.
+
+ @param[out] EncBuf Result of right encode.
+ @param[in] Value Input of right encode.
+
+ @retval EncLen Size of encode result in bytes.
+**/
+UINTN
+EFIAPI
+RightEncode (
+ OUT UINT8 *EncBuf,
+ IN UINTN Value
+ )
+{
+ UINT32 BlockNum;
+ UINT32 EncLen;
+ UINT32 Index;
+ UINTN ValueCopy;
+
+ for (ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum < sizeof (UINTN)); ++BlockNum, ValueCopy >>= 8) {
+ //
+ // Empty
+ //
+ }
+
+ if (BlockNum == 0) {
+ BlockNum = 1;
+ }
+
+ for (Index = 1; Index <= BlockNum; ++Index) {
+ EncBuf[Index-1] = (UINT8)(Value >> (8 * (BlockNum-Index)));
+ }
+
+ EncBuf[BlockNum] = (UINT8)BlockNum;
+ EncLen = BlockNum + 1;
+
+ return EncLen;
+}
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
new file mode 100644
index 000000000000..2bf89594def5
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
@@ -0,0 +1,40 @@
+/** @file
+ ParallelHash Implementation which does not provide real capabilities.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+
+/**
+ Parallel hash function ParallelHash256, as defined in NIST's Special Publication 800-185,
+ published December 2016.
+
+ @param[in] Input Pointer to the input message (X).
+ @param[in] InputByteLen The number(>0) of input bytes provided for the input data.
+ @param[in] BlockSize The size of each block (B).
+ @param[out] Output Pointer to the output buffer.
+ @param[in] OutputByteLen The desired number of output bytes (L).
+ @param[in] Customization Pointer to the customization string (S).
+ @param[in] CustomByteLen The length of the customization string in bytes.
+
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+ParallelHash256HashAll (
+ IN CONST VOID *Input,
+ IN UINTN InputByteLen,
+ IN UINTN BlockSize,
+ OUT VOID *Output,
+ IN UINTN OutputByteLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomByteLen
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index c8df259ea963..8ee1b53cf957 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -3,7 +3,7 @@
Protocol/PPI.
Copyright (C) Microsoft Corporation. All rights reserved.
- Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -870,6 +870,38 @@ Sha512HashAll (
CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), FALSE);
}
+/**
+ Parallel hash function ParallelHash256, as defined in NIST's Special Publication 800-185,
+ published December 2016.
+
+ @param[in] Input Pointer to the input message (X).
+ @param[in] InputByteLen The number(>0) of input bytes provided for the input data.
+ @param[in] BlockSize The size of each block (B).
+ @param[out] Output Pointer to the output buffer.
+ @param[in] OutputByteLen The desired number of output bytes (L).
+ @param[in] Customization Pointer to the customization string (S).
+ @param[in] CustomByteLen The length of the customization string in bytes.
+
+ @retval TRUE ParallelHash256 digest computation succeeded.
+ @retval FALSE ParallelHash256 digest computation failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+ParallelHash256HashAll (
+ IN CONST VOID *Input,
+ IN UINTN InputByteLen,
+ IN UINTN BlockSize,
+ OUT VOID *Output,
+ IN UINTN OutputByteLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomByteLen
+ )
+{
+ CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE);
+}
+
/**
Retrieves the size, in bytes, of the context buffer required for SM3 hash operations.
diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
new file mode 100644
index 000000000000..fb57e91a9f16
--- /dev/null
+++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
@@ -0,0 +1,145 @@
+/** @file
+ Application for Parallelhash Function Validation.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "TestBaseCryptLib.h"
+
+//
+// Parallelhash Test Sample common parameters.
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN OutputByteLen = 64;
+
+//
+// Parallelhash Test Sample #1 from NIST Special Publication 800-185.
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample1[] = {
+ // input data of sample1.
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+ 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
+};
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample1ByteLen = 24; // Length of sample1 input data in bytes.
+GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample1 = ""; // Customization string (S) of sample1.
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample1ByteLen = 0; // Customization string length of sample1 in bytes.
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample1 = 8; // Block size of sample1.
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample1[] = {
+ // Expected output data of sample1.
+ 0xbc, 0x1e, 0xf1, 0x24, 0xda, 0x34, 0x49, 0x5e, 0x94, 0x8e, 0xad, 0x20, 0x7d, 0xd9, 0x84, 0x22,
+ 0x35, 0xda, 0x43, 0x2d, 0x2b, 0xbc, 0x54, 0xb4, 0xc1, 0x10, 0xe6, 0x4c, 0x45, 0x11, 0x05, 0x53,
+ 0x1b, 0x7f, 0x2a, 0x3e, 0x0c, 0xe0, 0x55, 0xc0, 0x28, 0x05, 0xe7, 0xc2, 0xde, 0x1f, 0xb7, 0x46,
+ 0xaf, 0x97, 0xa1, 0xd0, 0x01, 0xf4, 0x3b, 0x82, 0x4e, 0x31, 0xb8, 0x76, 0x12, 0x41, 0x04, 0x29
+};
+
+//
+// Parallelhash Test Sample #2 from NIST Special Publication 800-185.
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 *InputSample2 = InputSample1; // Input of sample2 is same as sample1.
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample2ByteLen = 24; // Length of sample2 input data in bytes.
+GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample2 = "Parallel Data"; // Customization string (S) of sample2.
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample2ByteLen = 13; // Customization string length of sample2 in bytes.
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample2 = 8; // Block size of sample2.
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample2[] = {
+ // Expected output data of sample2.
+ 0xcd, 0xf1, 0x52, 0x89, 0xb5, 0x4f, 0x62, 0x12, 0xb4, 0xbc, 0x27, 0x05, 0x28, 0xb4, 0x95, 0x26,
+ 0x00, 0x6d, 0xd9, 0xb5, 0x4e, 0x2b, 0x6a, 0xdd, 0x1e, 0xf6, 0x90, 0x0d, 0xda, 0x39, 0x63, 0xbb,
+ 0x33, 0xa7, 0x24, 0x91, 0xf2, 0x36, 0x96, 0x9c, 0xa8, 0xaf, 0xae, 0xa2, 0x9c, 0x68, 0x2d, 0x47,
+ 0xa3, 0x93, 0xc0, 0x65, 0xb3, 0x8e, 0x29, 0xfa, 0xe6, 0x51, 0xa2, 0x09, 0x1c, 0x83, 0x31, 0x10
+};
+
+//
+// Parallelhash Test Sample #3 from NIST Special Publication 800-185.
+//
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample3[] = {
+ // input data of sample3.
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x10, 0x11, 0x12, 0x13,
+ 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+ 0x28, 0x29, 0x2a, 0x2b, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
+ 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x50, 0x51, 0x52, 0x53,
+ 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b
+};
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample3ByteLen = 72; // Length of sample3 input data in bytes.
+GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample3 = "Parallel Data"; // Customization string (S) of sample3.
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample3ByteLen = 13; // Customization string length of sample3 in bytes.
+GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample3 = 12; // Block size of sample3.
+GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample3[] = {
+ // Expected output data of sample3.
+ 0x69, 0xd0, 0xfc, 0xb7, 0x64, 0xea, 0x05, 0x5d, 0xd0, 0x93, 0x34, 0xbc, 0x60, 0x21, 0xcb, 0x7e,
+ 0x4b, 0x61, 0x34, 0x8d, 0xff, 0x37, 0x5d, 0xa2, 0x62, 0x67, 0x1c, 0xde, 0xc3, 0xef, 0xfa, 0x8d,
+ 0x1b, 0x45, 0x68, 0xa6, 0xcc, 0xe1, 0x6b, 0x1c, 0xad, 0x94, 0x6d, 0xdd, 0xe2, 0x7f, 0x6c, 0xe2,
+ 0xb8, 0xde, 0xe4, 0xcd, 0x1b, 0x24, 0x85, 0x1e, 0xbf, 0x00, 0xeb, 0x90, 0xd4, 0x38, 0x13, 0xe9
+};
+
+UNIT_TEST_STATUS
+EFIAPI
+TestVerifyParallelHash256HashAll (
+ IN UNIT_TEST_CONTEXT Context
+ )
+{
+ BOOLEAN Status;
+ UINT8 Output[64];
+
+ //
+ // Test #1 using sample1.
+ //
+ Status = ParallelHash256HashAll (
+ InputSample1,
+ InputSample1ByteLen,
+ BlockSizeSample1,
+ Output,
+ OutputByteLen,
+ CustomizationSample1,
+ CustomSample1ByteLen
+ );
+ UT_ASSERT_TRUE (Status);
+
+ // Check the output with the expected output.
+ UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample1, OutputByteLen);
+
+ //
+ // Test #2 using sample2.
+ //
+ Status = ParallelHash256HashAll (
+ InputSample2,
+ InputSample2ByteLen,
+ BlockSizeSample2,
+ Output,
+ OutputByteLen,
+ CustomizationSample2,
+ CustomSample2ByteLen
+ );
+ UT_ASSERT_TRUE (Status);
+
+ // Check the output with the expected output.
+ UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample2, OutputByteLen);
+
+ //
+ // Test #3 using sample3.
+ //
+ Status = ParallelHash256HashAll (
+ InputSample3,
+ InputSample3ByteLen,
+ BlockSizeSample3,
+ Output,
+ OutputByteLen,
+ CustomizationSample3,
+ CustomSample3ByteLen
+ );
+ UT_ASSERT_TRUE (Status);
+
+ // Check the output with the expected output.
+ UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample3, OutputByteLen);
+
+ return EFI_SUCCESS;
+}
+
+TEST_DESC mParallelhashTest[] = {
+ //
+ // -----Description------------------------------Class----------------------Function-----------------Pre---Post--Context
+ //
+ { "TestVerifyParallelHash256HashAll()", "CryptoPkg.BaseCryptLib.ParallelHash256HashAll", TestVerifyParallelHash256HashAll, NULL, NULL, NULL },
+};
+
+UINTN mParallelhashTestNum = ARRAY_SIZE (mParallelhashTest);
diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
index eeb388ae71c5..e21fafac1efe 100644
--- a/CryptoPkg/CryptoPkg.ci.yaml
+++ b/CryptoPkg/CryptoPkg.ci.yaml
@@ -2,7 +2,7 @@
# CI configuration for CryptoPkg
#
# Copyright (c) Microsoft Corporation
-# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
##
{
@@ -34,6 +34,8 @@
"Library/OpensslLib/rand_pool.c",
# This has OpenSSL interfaces that aren't UEFI spec compliant
"Library/Include/CrtLibSupport.h",
+ # This has OpenSSL interfaces that aren't UEFI spec compliant
+ "Library/BaseCryptLib/Hash/CryptParallelHash.h",
# These directories contain auto-generated OpenSSL content
"Library/OpensslLib",
"Library/IntrinsicLib",
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index f4bc7c0d73d9..7d1499350a49 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -4,7 +4,7 @@
primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
functionality enabling.
-Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -753,6 +753,35 @@ Sha512HashAll (
OUT UINT8 *HashValue
);
+/**
+ Parallel hash function ParallelHash256, as defined in NIST's Special Publication 800-185,
+ published December 2016.
+
+ @param[in] Input Pointer to the input message (X).
+ @param[in] InputByteLen The number(>0) of input bytes provided for the input data.
+ @param[in] BlockSize The size of each block (B).
+ @param[out] Output Pointer to the output buffer.
+ @param[in] OutputByteLen The desired number of output bytes (L).
+ @param[in] Customization Pointer to the customization string (S).
+ @param[in] CustomByteLen The length of the customization string in bytes.
+
+ @retval TRUE ParallelHash256 digest computation succeeded.
+ @retval FALSE ParallelHash256 digest computation failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+ParallelHash256HashAll (
+ IN CONST VOID *Input,
+ IN UINTN InputByteLen,
+ IN UINTN BlockSize,
+ OUT VOID *Output,
+ IN UINTN OutputByteLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomByteLen
+ );
+
/**
Retrieves the size, in bytes, of the context buffer required for SM3 hash operations.
diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
index 5186a54759ae..77330961352e 100644
--- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
+++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
@@ -2,7 +2,7 @@
Defines the PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure associated with
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.
- Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -288,6 +288,12 @@ typedef struct {
} Services;
UINT32 Family;
} TlsGet;
+ union {
+ struct {
+ UINT8 HashAll : 1;
+ } Services;
+ UINT32 Family;
+ } ParallelHash;
} PCD_CRYPTO_SERVICE_FAMILY_ENABLE;
#endif
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 49703fa4c963..15cf3dab105c 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -6,7 +6,7 @@
# This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
-# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -34,6 +34,7 @@
Hash/CryptSha256.c
Hash/CryptSha512.c
Hash/CryptSm3.c
+ Hash/CryptParallelHashNull.c
Hmac/CryptHmacSha256.c
Kdf/CryptHkdf.c
Cipher/CryptAes.c
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
new file mode 100644
index 000000000000..fe08d4928e8d
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
@@ -0,0 +1,201 @@
+/** @file
+ ParallelHash related function and type declaration.
+
+Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+https://www.openssl.org/source/license.html
+
+Copyright 2022 The eXtended Keccak Code Package (XKCP)
+https://github.com/XKCP/XKCP
+Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles Van Assche.
+Implementation by the designers, hereby denoted as "the implementer".
+For more information, feedback or questions, please refer to the Keccak Team website:
+https://keccak.team/
+To the extent possible under law, the implementer has waived all copyright
+and related or neighboring rights to the source code in this file.
+http://creativecommons.org/publicdomain/zero/1.0/
+**/
+
+#include "InternalCryptLib.h"
+
+#define KECCAK1600_WIDTH 1600
+
+//
+// This struct referring to m_sha3.c from opessl and modified its type name.
+//
+typedef struct {
+ uint64_t A[5][5];
+ size_t block_size; /* cached ctx->digest->block_size */
+ size_t md_size; /* output length, variable in XOF */
+ size_t num; /* used bytes in below buffer */
+ unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
+ unsigned char pad;
+} Keccak1600_Ctx;
+
+/**
+ SHA3_absorb can be called multiple times, but at each invocation
+ largest multiple of |r| out of |len| bytes are processed. Then
+ remaining amount of bytes is returned. This is done to spare caller
+ trouble of calculating the largest multiple of |r|. |r| can be viewed
+ as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104,
+ 72, but can also be (1600 - 448)/8 = 144. All this means that message
+ padding and intermediate sub-block buffering, byte- or bitwise, is
+ caller's responsibility.
+**/
+size_t
+SHA3_absorb (
+ uint64_t A[5][5],
+ const unsigned char *inp,
+ size_t len,
+ size_t r
+ );
+
+/**
+ SHA3_squeeze is called once at the end to generate |out| hash value
+ of |len| bytes.
+**/
+void
+SHA3_squeeze (
+ uint64_t A[5][5],
+ unsigned char *out,
+ size_t len,
+ size_t r
+ );
+
+/**
+ Encode function from XKCP.
+
+ Encodes the input as a byte string in a way that can be unambiguously parsed
+ from the beginning of the string by inserting the length of the byte string
+ before the byte string representation of input.
+
+ @param[out] EncBuf Result of left encode.
+ @param[in] Value Input of left encode.
+
+ @retval EncLen Size of encode result in bytes.
+**/
+UINTN
+EFIAPI
+LeftEncode (
+ OUT UINT8 *EncBuf,
+ IN UINTN Value
+ );
+
+/**
+ Encode function from XKCP.
+
+ Encodes the input as a byte string in a way that can be unambiguously parsed
+ from the end of the string by inserting the length of the byte string after
+ the byte string representation of input.
+
+ @param[out] EncBuf Result of right encode.
+ @param[in] Value Input of right encode.
+
+ @retval EncLen Size of encode result in bytes.
+**/
+UINTN
+EFIAPI
+RightEncode (
+ OUT UINT8 *EncBuf,
+ IN UINTN Value
+ );
+
+/**
+ Keccak initial fuction.
+
+ Set up state with specified capacity.
+
+ @param[out] Context Pointer to the context being initialized.
+ @param[in] Pad Delimited Suffix.
+ @param[in] BlockSize Size of context block.
+ @param[in] MessageDigestLen Size of message digest in bytes.
+
+ @retval 1 Initialize successfully.
+ @retval 0 Fail to initialize.
+**/
+UINT8
+EFIAPI
+KeccakInit (
+ OUT Keccak1600_Ctx *Context,
+ IN UINT8 Pad,
+ IN UINTN BlockSize,
+ IN UINTN MessageDigstLen
+ );
+
+/**
+ Sha3 update fuction.
+
+ This function performs Sha3 digest on a data buffer of the specified size.
+ It can be called multiple times to compute the digest of long or discontinuous data streams.
+
+ @param[in,out] Context Pointer to the Keccak context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+
+ @retval 1 Update successfully.
+**/
+UINT8
+EFIAPI
+Sha3Update (
+ IN OUT Keccak1600_Ctx *Context,
+ IN const VOID *Data,
+ IN UINTN DataSize
+ );
+
+/**
+ Completes computation of Sha3 message digest.
+
+ This function completes sha3 hash computation and retrieves the digest value into
+ the specified memory. After this function has been called, the keccak context cannot
+ be used again.
+
+ @param[in, out] Context Pointer to the keccak context.
+ @param[out] MessageDigest Pointer to a buffer that receives the message digest.
+
+ @retval 1 Meaasge digest computation succeeded.
+**/
+UINT8
+EFIAPI
+Sha3Final (
+ IN OUT Keccak1600_Ctx *Context,
+ OUT UINT8 *MessageDigest
+ );
+
+/**
+ Computes the CSHAKE-256 message digest of a input data buffer.
+
+ This function performs the CSHAKE-256 message digest of a given data buffer, and places
+ the digest value into the specified memory.
+
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataSize Size of Data buffer in bytes.
+ @param[in] OutputLen Size of output in bytes.
+ @param[in] Name Pointer to the function name string.
+ @param[in] NameLen Size of the function name in bytes.
+ @param[in] Customization Pointer to the customization string.
+ @param[in] CustomizationLen Size of the customization string in bytes.
+ @param[out] HashValue Pointer to a buffer that receives the CSHAKE-256 digest
+ value.
+
+ @retval TRUE CSHAKE-256 digest computation succeeded.
+ @retval FALSE CSHAKE-256 digest computation failed.
+ @retval FALSE This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+CShake256HashAll (
+ IN CONST VOID *Data,
+ IN UINTN DataSize,
+ IN UINTN OutputLen,
+ IN CONST VOID *Name,
+ IN UINTN NameLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomizationLen,
+ OUT UINT8 *HashValue
+ );
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index 0cab5f3ce36c..bf1563b06407 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -13,7 +13,7 @@
# PEM handler functions, and pseudorandom number generator functions are not
# supported in this instance.
#
-# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -40,6 +40,7 @@
Hash/CryptSha256.c
Hash/CryptSm3.c
Hash/CryptSha512.c
+ Hash/CryptParallelHashNull.c
Hmac/CryptHmacSha256.c
Kdf/CryptHkdf.c
Cipher/CryptAesNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index fdbb6edfd23e..6742da0be4fe 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -11,7 +11,7 @@
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
-# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2021, Hewlett Packard Enterprise Development LP. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -40,6 +40,7 @@
Hash/CryptSha256.c
Hash/CryptSm3.c
Hash/CryptSha512.c
+ Hash/CryptParallelHashNull.c
Hmac/CryptHmacSha256.c
Kdf/CryptHkdf.c
Cipher/CryptAes.c
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index e6470d7a2127..8f39517f78b7 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -10,7 +10,7 @@
# RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
-# Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -38,6 +38,10 @@
Hash/CryptSha256.c
Hash/CryptSm3.c
Hash/CryptSha512.c
+ Hash/CryptSha3.c
+ Hash/CryptXkcp.c
+ Hash/CryptCShake256.c
+ Hash/CryptParallelHash.c
Hmac/CryptHmacSha256.c
Kdf/CryptHkdfNull.c
Cipher/CryptAes.c
@@ -85,6 +89,8 @@
OpensslLib
IntrinsicLib
PrintLib
+ MmServicesTableLib
+ SynchronizationLib
#
# Remove these [BuildOptions] after this library is cleaned up
diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
index faf959827b90..63d1d82d1914 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
+++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
@@ -6,7 +6,7 @@
# This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
-# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -34,6 +34,7 @@
Hash/CryptSha256Null.c
Hash/CryptSha512Null.c
Hash/CryptSm3Null.c
+ Hash/CryptParallelHashNull.c
Hmac/CryptHmacSha256Null.c
Kdf/CryptHkdfNull.c
Cipher/CryptAesNull.c
diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h b/CryptoPkg/Library/Include/CrtLibSupport.h
index d257dca8fa9b..b76b140a7acf 100644
--- a/CryptoPkg/Library/Include/CrtLibSupport.h
+++ b/CryptoPkg/Library/Include/CrtLibSupport.h
@@ -2,7 +2,7 @@
Root include file of C runtime library to support building the third-party
cryptographic library.
-Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -111,6 +111,7 @@ typedef UINT8 u_char;
typedef UINT32 uid_t;
typedef UINT32 gid_t;
typedef CHAR16 wchar_t;
+typedef UINT64 uint64_t;
//
// File operations are not required for EFI building,
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index e378a8a8c60e..de45778c7d42 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -2,7 +2,7 @@
This Protocol provides Crypto services to DXE modules
Copyright (C) Microsoft Corporation. All rights reserved.
- Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -21,7 +21,7 @@
/// the EDK II Crypto Protocol is extended, this version define must be
/// increased.
///
-#define EDKII_CRYPTO_VERSION 7
+#define EDKII_CRYPTO_VERSION 8
///
/// EDK II Crypto Protocol forward declaration
@@ -3383,6 +3383,35 @@ EFI_STATUS
IN OUT UINTN *DataSize
);
+/**
+ Parallel hash function ParallelHash256, as defined in NIST's Special Publication 800-185,
+ published December 2016.
+
+ @param[in] Input Pointer to the input message (X).
+ @param[in] InputByteLen The number(>0) of input bytes provided for the input data.
+ @param[in] BlockSize The size of each block (B).
+ @param[out] Output Pointer to the output buffer.
+ @param[in] OutputByteLen The desired number of output bytes (L).
+ @param[in] Customization Pointer to the customization string (S).
+ @param[in] CustomByteLen The length of the customization string in bytes.
+
+ @retval TRUE ParallelHash256 digest computation succeeded.
+ @retval FALSE ParallelHash256 digest computation failed.
+ @retval FALSE This interface is not supported.
+
+**/
+typedef
+BOOLEAN
+(EFIAPI *EDKII_CRYPTO_PARALLEL_HASH_ALL)(
+ IN CONST VOID *Input,
+ IN UINTN InputByteLen,
+ IN UINTN BlockSize,
+ OUT VOID *Output,
+ IN UINTN OutputByteLen,
+ IN CONST VOID *Customization,
+ IN UINTN CustomByteLen
+ );
+
/**
Carries out the RSA-SSA signature generation with EMSA-PSS encoding scheme.
@@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocationList;
+ /// Parallel hash
+ EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
/// RSA PSS
EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
diff --git a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
index ff0af36bcc80..c50a9cc4dc9f 100644
--- a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
+++ b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
@@ -2,6 +2,7 @@
# CryptoPkg DSC file used to build host-based unit tests.
#
# Copyright (c) Microsoft Corporation.<BR>
+# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -21,6 +22,9 @@
[LibraryClasses]
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
+ MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
+ SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
+ TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf
[LibraryClasses.AARCH64, LibraryClasses.ARM]
RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
index 00c869265080..399db596c2d1 100644
--- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
+++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
@@ -2,6 +2,7 @@
# Host-based UnitTest for BaseCryptLib
#
# Copyright (c) Microsoft Corporation.<BR>
+# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
##
@@ -35,6 +36,7 @@
Pkcs7EkuTests.c
OaepEncryptTests.c
RsaPssTests.c
+ ParallelhashTests.c
[Packages]
MdePkg/MdePkg.dec
@@ -45,3 +47,5 @@
DebugLib
BaseCryptLib
UnitTestLib
+ MmServicesTableLib
+ SynchronizationLib
--
2.26.2.windows.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib.
2022-03-17 4:34 [PATCH v6 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib Li, Zhihao
@ 2022-03-17 14:12 ` Yao, Jiewen
2022-03-17 16:27 ` Li, Zhihao
0 siblings, 1 reply; 7+ messages in thread
From: Yao, Jiewen @ 2022-03-17 14:12 UTC (permalink / raw)
To: Li, Zhihao, devel@edk2.groups.io
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Fu, Siyuan
Hey
Are you following the guideline - don't put new field in the middle ?
ParallelHash256HashAll API is still in the middle......
> @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
>
> EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
>
> EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> TlsGetCertRevocationList;
>
> + /// Parallel hash
>
> + EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
>
> /// RSA PSS
>
> EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
>
> EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
>
> -----Original Message-----
> From: Li, Zhihao <zhihao.li@intel.com>
> Sent: Thursday, March 17, 2022 12:35 PM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>;
> Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>;
> Fu, Siyuan <siyuan.fu@intel.com>
> Subject: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> ParallelHash256HashAll in BaseCryptLib.
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3596
>
> Parallel hash function ParallelHash256HashAll, as defined in NIST's
> Special Publication 800-185, published December 2016. It utilizes
> multi-process to calculate the digest.
>
> Passed CI test.
> Onprotocol version code passed test.
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
> Cc: Siyuan Fu <siyuan.fu@intel.com>
> Cc: Zhihao Li <zhihao.li@intel.com>
>
> Signed-off-by: Zhihao Li <zhihao.li@intel.com>
> ---
> CryptoPkg/Driver/Crypto.c | 38 ++-
> CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c | 282
> ++++++++++++++++++++
> CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c | 278
> +++++++++++++++++++
> CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c | 40 +++
> CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c | 166
> ++++++++++++
> CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c | 107 ++++++++
> CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c | 40 +++
> CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 34 ++-
> CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c | 145
> ++++++++++
> CryptoPkg/CryptoPkg.ci.yaml | 4 +-
> CryptoPkg/Include/Library/BaseCryptLib.h | 31 ++-
> CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h | 8 +-
> CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +-
> CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h | 201
> ++++++++++++++
> CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 3 +-
> CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 3 +-
> CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 8 +-
> CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 3 +-
> CryptoPkg/Library/Include/CrtLibSupport.h | 3 +-
> CryptoPkg/Private/Protocol/Crypto.h | 35 ++-
> CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 4 +
> CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf | 4 +
> 22 files changed, 1426 insertions(+), 14 deletions(-)
>
> diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
> index d5d6aa8e5820..5a9245c07cc5 100644
> --- a/CryptoPkg/Driver/Crypto.c
> +++ b/CryptoPkg/Driver/Crypto.c
> @@ -3,7 +3,7 @@
> from BaseCryptLib and TlsLib.
>
>
>
> Copyright (C) Microsoft Corporation. All rights reserved.
>
> - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
>
> + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
>
>
> **/
>
> @@ -4470,6 +4470,38 @@ CryptoServiceTlsGetCertRevocationList (
> return CALL_BASECRYPTLIB (TlsGet.Services.CertRevocationList,
> TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED);
>
> }
>
>
>
> +/**
>
> + Parallel hash function ParallelHash256, as defined in NIST's Special Publication
> 800-185,
>
> + published December 2016.
>
> +
>
> + @param[in] Input Pointer to the input message (X).
>
> + @param[in] InputByteLen The number(>0) of input bytes provided for the
> input data.
>
> + @param[in] BlockSize The size of each block (B).
>
> + @param[out] Output Pointer to the output buffer.
>
> + @param[in] OutputByteLen The desired number of output bytes (L).
>
> + @param[in] Customization Pointer to the customization string (S).
>
> + @param[in] CustomByteLen The length of the customization string in bytes.
>
> +
>
> + @retval TRUE ParallelHash256 digest computation succeeded.
>
> + @retval FALSE ParallelHash256 digest computation failed.
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +CryptoServiceParallelHash256HashAll (
>
> + IN CONST VOID *Input,
>
> + IN UINTN InputByteLen,
>
> + IN UINTN BlockSize,
>
> + OUT VOID *Output,
>
> + IN UINTN OutputByteLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomByteLen
>
> + )
>
> +{
>
> + return CALL_BASECRYPTLIB (ParallelHash.Services.HashAll,
> ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output, OutputByteLen,
> Customization, CustomByteLen), FALSE);
>
> +}
>
> +
>
> const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
>
> /// Version
>
> CryptoServiceGetCryptoVersion,
>
> @@ -4670,5 +4702,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
> CryptoServiceTlsGetCaCertificate,
>
> CryptoServiceTlsGetHostPublicCert,
>
> CryptoServiceTlsGetHostPrivateKey,
>
> - CryptoServiceTlsGetCertRevocationList
>
> + CryptoServiceTlsGetCertRevocationList,
>
> + /// Parallel hash
>
> + CryptoServiceParallelHash256HashAll
>
> };
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> new file mode 100644
> index 000000000000..2a9eaf9eec40
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> @@ -0,0 +1,282 @@
> +/** @file
>
> + cSHAKE-256 Digest Wrapper Implementations.
>
> +
>
> +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include "CryptParallelHash.h"
>
> +
>
> +#define CSHAKE256_SECURITY_STRENGTH 256
>
> +#define CSHAKE256_RATE_IN_BYTES 136
>
> +
>
> +CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] = { 0 };
>
> +
>
> +/**
>
> + CShake256 initial function.
>
> +
>
> + Initializes user-supplied memory pointed by CShake256Context as cSHAKE-256
> hash context for
>
> + subsequent use.
>
> +
>
> + @param[out] CShake256Context Pointer to cSHAKE-256 context being
> initialized.
>
> + @param[in] OutputLen The desired number of output length in bytes.
>
> + @param[in] Name Pointer to the function name string.
>
> + @param[in] NameLen The length of the function name in bytes.
>
> + @param[in] Customization Pointer to the customization string.
>
> + @param[in] CustomizationLen The length of the customization string in
> bytes.
>
> +
>
> + @retval TRUE cSHAKE-256 context initialization succeeded.
>
> + @retval FALSE cSHAKE-256 context initialization failed.
>
> + @retval FALSE This interface is not supported.
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +CShake256Init (
>
> + OUT VOID *CShake256Context,
>
> + IN UINTN OutputLen,
>
> + IN CONST VOID *Name,
>
> + IN UINTN NameLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomizationLen
>
> + )
>
> +{
>
> + BOOLEAN Status;
>
> + UINT8 EncBuf[sizeof (UINTN) + 1];
>
> + UINTN EncLen;
>
> + UINTN AbsorbLen;
>
> + UINTN PadLen;
>
> +
>
> + //
>
> + // Check input parameters.
>
> + //
>
> + if ((CShake256Context == NULL) || (OutputLen == 0) || ((NameLen != 0) &&
> (Name == NULL)) || ((CustomizationLen != 0) && (Customization == NULL))) {
>
> + return FALSE;
>
> + }
>
> +
>
> + //
>
> + // Initialize KECCAK context with pad value and block size.
>
> + //
>
> + if ((NameLen == 0) && (CustomizationLen == 0)) {
>
> + //
>
> + // When N and S are both empty strings, cSHAKE(X, L, N, S) is equivalent to
>
> + // SHAKE as defined in FIPS 202.
>
> + //
>
> + Status = (BOOLEAN)KeccakInit (
>
> + (Keccak1600_Ctx *)CShake256Context,
>
> + '\x1f',
>
> + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2) / 8,
>
> + OutputLen
>
> + );
>
> +
>
> + return Status;
>
> + } else {
>
> + Status = (BOOLEAN)KeccakInit (
>
> + (Keccak1600_Ctx *)CShake256Context,
>
> + '\x04',
>
> + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2) / 8,
>
> + OutputLen
>
> + );
>
> + if (!Status) {
>
> + return FALSE;
>
> + }
>
> +
>
> + AbsorbLen = 0;
>
> + //
>
> + // Absorb Absorb bytepad(.., rate).
>
> + //
>
> + EncLen = LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES);
>
> + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> EncBuf, EncLen);
>
> + if (!Status) {
>
> + return FALSE;
>
> + }
>
> +
>
> + AbsorbLen += EncLen;
>
> +
>
> + //
>
> + // Absorb encode_string(N).
>
> + //
>
> + EncLen = LeftEncode (EncBuf, NameLen * 8);
>
> + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> EncBuf, EncLen);
>
> + if (!Status) {
>
> + return FALSE;
>
> + }
>
> +
>
> + AbsorbLen += EncLen;
>
> + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> Name, NameLen);
>
> + if (!Status) {
>
> + return FALSE;
>
> + }
>
> +
>
> + AbsorbLen += NameLen;
>
> +
>
> + //
>
> + // Absorb encode_string(S).
>
> + //
>
> + EncLen = LeftEncode (EncBuf, CustomizationLen * 8);
>
> + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> EncBuf, EncLen);
>
> + if (!Status) {
>
> + return FALSE;
>
> + }
>
> +
>
> + AbsorbLen += EncLen;
>
> + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> Customization, CustomizationLen);
>
> + if (!Status) {
>
> + return FALSE;
>
> + }
>
> +
>
> + AbsorbLen += CustomizationLen;
>
> +
>
> + //
>
> + // Absorb zero padding up to rate.
>
> + //
>
> + PadLen = CSHAKE256_RATE_IN_BYTES - AbsorbLen %
> CSHAKE256_RATE_IN_BYTES;
>
> + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> mZeroPadding, PadLen);
>
> + if (!Status) {
>
> + return FALSE;
>
> + }
>
> +
>
> + return TRUE;
>
> + }
>
> +}
>
> +
>
> +/**
>
> + Digests the input data and updates cSHAKE-256 context.
>
> +
>
> + This function performs cSHAKE-256 digest on a data buffer of the specified
> size.
>
> + It can be called multiple times to compute the digest of long or discontinuous
> data streams.
>
> + cSHAKE-256 context should be already correctly initialized by CShake256Init(),
> and should not be finalized
>
> + by CShake256Final(). Behavior with invalid context is undefined.
>
> +
>
> + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.
>
> + @param[in] Data Pointer to the buffer containing the data to be
> hashed.
>
> + @param[in] DataSize Size of Data buffer in bytes.
>
> +
>
> + @retval TRUE cSHAKE-256 data digest succeeded.
>
> + @retval FALSE cSHAKE-256 data digest failed.
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +CShake256Update (
>
> + IN OUT VOID *CShake256Context,
>
> + IN CONST VOID *Data,
>
> + IN UINTN DataSize
>
> + )
>
> +{
>
> + //
>
> + // Check input parameters.
>
> + //
>
> + if (CShake256Context == NULL) {
>
> + return FALSE;
>
> + }
>
> +
>
> + //
>
> + // Check invalid parameters, in case that only DataLength was checked in
> OpenSSL.
>
> + //
>
> + if ((Data == NULL) && (DataSize != 0)) {
>
> + return FALSE;
>
> + }
>
> +
>
> + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context, Data,
> DataSize));
>
> +}
>
> +
>
> +/**
>
> + Completes computation of the cSHAKE-256 digest value.
>
> +
>
> + This function completes cSHAKE-256 hash computation and retrieves the
> digest value into
>
> + the specified memory. After this function has been called, the cSHAKE-256
> context cannot
>
> + be used again.
>
> + cSHAKE-256 context should be already correctly initialized by CShake256Init(),
> and should not be
>
> + finalized by CShake256Final(). Behavior with invalid cSHAKE-256 context is
> undefined.
>
> +
>
> + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.
>
> + @param[out] HashValue Pointer to a buffer that receives the cSHAKE-
> 256 digest
>
> + value.
>
> +
>
> + @retval TRUE cSHAKE-256 digest computation succeeded.
>
> + @retval FALSE cSHAKE-256 digest computation failed.
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +CShake256Final (
>
> + IN OUT VOID *CShake256Context,
>
> + OUT UINT8 *HashValue
>
> + )
>
> +{
>
> + //
>
> + // Check input parameters.
>
> + //
>
> + if ((CShake256Context == NULL) || (HashValue == NULL)) {
>
> + return FALSE;
>
> + }
>
> +
>
> + //
>
> + // cSHAKE-256 Hash Finalization.
>
> + //
>
> + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context,
> HashValue));
>
> +}
>
> +
>
> +/**
>
> + Computes the CSHAKE-256 message digest of a input data buffer.
>
> +
>
> + This function performs the CSHAKE-256 message digest of a given data buffer,
> and places
>
> + the digest value into the specified memory.
>
> +
>
> + @param[in] Data Pointer to the buffer containing the data to be
> hashed.
>
> + @param[in] DataSize Size of Data buffer in bytes.
>
> + @param[in] OutputLen Size of output in bytes.
>
> + @param[in] Name Pointer to the function name string.
>
> + @param[in] NameLen Size of the function name in bytes.
>
> + @param[in] Customization Pointer to the customization string.
>
> + @param[in] CustomizationLen Size of the customization string in bytes.
>
> + @param[out] HashValue Pointer to a buffer that receives the CSHAKE-
> 256 digest
>
> + value.
>
> +
>
> + @retval TRUE CSHAKE-256 digest computation succeeded.
>
> + @retval FALSE CSHAKE-256 digest computation failed.
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +CShake256HashAll (
>
> + IN CONST VOID *Data,
>
> + IN UINTN DataSize,
>
> + IN UINTN OutputLen,
>
> + IN CONST VOID *Name,
>
> + IN UINTN NameLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomizationLen,
>
> + OUT UINT8 *HashValue
>
> + )
>
> +{
>
> + BOOLEAN Status;
>
> + Keccak1600_Ctx Ctx;
>
> +
>
> + //
>
> + // Check input parameters.
>
> + //
>
> + if (HashValue == NULL) {
>
> + return FALSE;
>
> + }
>
> +
>
> + if ((Data == NULL) && (DataSize != 0)) {
>
> + return FALSE;
>
> + }
>
> +
>
> + Status = CShake256Init (&Ctx, OutputLen, Name, NameLen, Customization,
> CustomizationLen);
>
> + if (!Status) {
>
> + return FALSE;
>
> + }
>
> +
>
> + Status = CShake256Update (&Ctx, Data, DataSize);
>
> + if (!Status) {
>
> + return FALSE;
>
> + }
>
> +
>
> + return CShake256Final (&Ctx, HashValue);
>
> +}
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> new file mode 100644
> index 000000000000..f7ce9dbf523e
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> @@ -0,0 +1,278 @@
> +/** @file
>
> + ParallelHash Implementation.
>
> +
>
> +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include "CryptParallelHash.h"
>
> +#include <Library/MmServicesTableLib.h>
>
> +#include <Library/SynchronizationLib.h>
>
> +
>
> +#define PARALLELHASH_CUSTOMIZATION "ParallelHash"
>
> +
>
> +UINTN mBlockNum;
>
> +UINTN mBlockSize;
>
> +UINTN mLastBlockSize;
>
> +UINT8 *mInput;
>
> +UINTN mBlockResultSize;
>
> +UINT8 *mBlockHashResult;
>
> +BOOLEAN *mBlockIsCompleted;
>
> +SPIN_LOCK *mSpinLockList;
>
> +
>
> +/**
>
> + Complete computation of digest of each block.
>
> +
>
> + Each AP perform the function called by BSP.
>
> +
>
> + @param[in] ProcedureArgument Argument of the procedure.
>
> +**/
>
> +VOID
>
> +EFIAPI
>
> +ParallelHashApExecute (
>
> + IN VOID *ProcedureArgument
>
> + )
>
> +{
>
> + UINTN Index;
>
> + BOOLEAN Status;
>
> +
>
> + for (Index = 0; Index < mBlockNum; Index++) {
>
> + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
>
> + //
>
> + // Completed, try next one.
>
> + //
>
> + if (mBlockIsCompleted[Index]) {
>
> + ReleaseSpinLock (&mSpinLockList[Index]);
>
> + continue;
>
> + }
>
> +
>
> + //
>
> + // Calculate CShake256 for this block.
>
> + //
>
> + Status = CShake256HashAll (
>
> + mInput + Index * mBlockSize,
>
> + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
>
> + mBlockResultSize,
>
> + NULL,
>
> + 0,
>
> + NULL,
>
> + 0,
>
> + mBlockHashResult + Index * mBlockResultSize
>
> + );
>
> + if (!EFI_ERROR (Status)) {
>
> + mBlockIsCompleted[Index] = TRUE;
>
> + }
>
> +
>
> + ReleaseSpinLock (&mSpinLockList[Index]);
>
> + }
>
> + }
>
> +}
>
> +
>
> +/**
>
> + Dispatch the block task to each AP in SMM mode.
>
> +
>
> +**/
>
> +VOID
>
> +EFIAPI
>
> +MmDispatchBlockToAP (
>
> + VOID
>
> + )
>
> +{
>
> + UINTN Index;
>
> +
>
> + for (Index = 0; Index < gMmst->NumberOfCpus; Index++) {
>
> + if (Index != gMmst->CurrentlyExecutingCpu) {
>
> + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL);
>
> + }
>
> + }
>
> +
>
> + return;
>
> +}
>
> +
>
> +/**
>
> + Parallel hash function ParallelHash256, as defined in NIST's Special Publication
> 800-185,
>
> + published December 2016.
>
> +
>
> + @param[in] Input Pointer to the input message (X).
>
> + @param[in] InputByteLen The number(>0) of input bytes provided for the
> input data.
>
> + @param[in] BlockSize The size of each block (B).
>
> + @param[out] Output Pointer to the output buffer.
>
> + @param[in] OutputByteLen The desired number of output bytes (L).
>
> + @param[in] Customization Pointer to the customization string (S).
>
> + @param[in] CustomByteLen The length of the customization string in bytes.
>
> +
>
> + @retval TRUE ParallelHash256 digest computation succeeded.
>
> + @retval FALSE ParallelHash256 digest computation failed.
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +ParallelHash256HashAll (
>
> + IN CONST VOID *Input,
>
> + IN UINTN InputByteLen,
>
> + IN UINTN BlockSize,
>
> + OUT VOID *Output,
>
> + IN UINTN OutputByteLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomByteLen
>
> + )
>
> +{
>
> + UINT8 EncBufB[sizeof (UINTN)+1];
>
> + UINTN EncSizeB;
>
> + UINT8 EncBufN[sizeof (UINTN)+1];
>
> + UINTN EncSizeN;
>
> + UINT8 EncBufL[sizeof (UINTN)+1];
>
> + UINTN EncSizeL;
>
> + UINTN Index;
>
> + UINT8 *CombinedInput;
>
> + UINTN CombinedInputSize;
>
> + BOOLEAN AllCompleted;
>
> + UINTN Offset;
>
> + BOOLEAN ReturnValue;
>
> +
>
> + if ((InputByteLen == 0) || (OutputByteLen == 0) || (BlockSize == 0)) {
>
> + return FALSE;
>
> + }
>
> +
>
> + if ((Input == NULL) || (Output == NULL)) {
>
> + return FALSE;
>
> + }
>
> +
>
> + if ((CustomByteLen != 0) && (Customization == NULL)) {
>
> + return FALSE;
>
> + }
>
> +
>
> + mBlockSize = BlockSize;
>
> +
>
> + //
>
> + // Calculate block number n.
>
> + //
>
> + mBlockNum = InputByteLen % mBlockSize == 0 ? InputByteLen / mBlockSize :
> InputByteLen / mBlockSize + 1;
>
> +
>
> + //
>
> + // Set hash result size of each block in bytes.
>
> + //
>
> + mBlockResultSize = OutputByteLen;
>
> +
>
> + //
>
> + // Encode B, n, L to string and record size.
>
> + //
>
> + EncSizeB = LeftEncode (EncBufB, mBlockSize);
>
> + EncSizeN = RightEncode (EncBufN, mBlockNum);
>
> + EncSizeL = RightEncode (EncBufL, OutputByteLen * CHAR_BIT);
>
> +
>
> + //
>
> + // Allocate buffer for combined input (newX), Block completed flag and
> SpinLock.
>
> + //
>
> + CombinedInputSize = EncSizeB + EncSizeN + EncSizeL + mBlockNum *
> mBlockResultSize;
>
> + CombinedInput = AllocateZeroPool (CombinedInputSize);
>
> + mBlockIsCompleted = AllocateZeroPool (mBlockNum * sizeof (BOOLEAN));
>
> + mSpinLockList = AllocatePool (mBlockNum * sizeof (SPIN_LOCK));
>
> + if ((CombinedInput == NULL) || (mBlockIsCompleted == NULL) ||
> (mSpinLockList == NULL)) {
>
> + ReturnValue = FALSE;
>
> + goto Exit;
>
> + }
>
> +
>
> + //
>
> + // Fill LeftEncode(B).
>
> + //
>
> + CopyMem (CombinedInput, EncBufB, EncSizeB);
>
> +
>
> + //
>
> + // Prepare for parallel hash.
>
> + //
>
> + mBlockHashResult = CombinedInput + EncSizeB;
>
> + mInput = (UINT8 *)Input;
>
> + mLastBlockSize = InputByteLen % mBlockSize == 0 ? mBlockSize :
> InputByteLen % mBlockSize;
>
> +
>
> + //
>
> + // Initialize SpinLock for each result block.
>
> + //
>
> + for (Index = 0; Index < mBlockNum; Index++) {
>
> + InitializeSpinLock (&mSpinLockList[Index]);
>
> + }
>
> +
>
> + //
>
> + // Dispatch blocklist to each AP.
>
> + //
>
> + if (gMmst != NULL) {
>
> + MmDispatchBlockToAP ();
>
> + }
>
> +
>
> + //
>
> + // Wait until all block hash completed.
>
> + //
>
> + do {
>
> + AllCompleted = TRUE;
>
> + for (Index = 0; Index < mBlockNum; Index++) {
>
> + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
>
> + if (!mBlockIsCompleted[Index]) {
>
> + AllCompleted = FALSE;
>
> + ReturnValue = CShake256HashAll (
>
> + mInput + Index * mBlockSize,
>
> + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
>
> + mBlockResultSize,
>
> + NULL,
>
> + 0,
>
> + NULL,
>
> + 0,
>
> + mBlockHashResult + Index * mBlockResultSize
>
> + );
>
> + if (ReturnValue) {
>
> + mBlockIsCompleted[Index] = TRUE;
>
> + }
>
> +
>
> + ReleaseSpinLock (&mSpinLockList[Index]);
>
> + break;
>
> + }
>
> +
>
> + ReleaseSpinLock (&mSpinLockList[Index]);
>
> + } else {
>
> + AllCompleted = FALSE;
>
> + break;
>
> + }
>
> + }
>
> + } while (!AllCompleted);
>
> +
>
> + //
>
> + // Fill LeftEncode(n).
>
> + //
>
> + Offset = EncSizeB + mBlockNum * mBlockResultSize;
>
> + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN);
>
> +
>
> + //
>
> + // Fill LeftEncode(L).
>
> + //
>
> + Offset += EncSizeN;
>
> + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL);
>
> +
>
> + ReturnValue = CShake256HashAll (
>
> + CombinedInput,
>
> + CombinedInputSize,
>
> + OutputByteLen,
>
> + PARALLELHASH_CUSTOMIZATION,
>
> + AsciiStrLen (PARALLELHASH_CUSTOMIZATION),
>
> + Customization,
>
> + CustomByteLen,
>
> + Output
>
> + );
>
> +
>
> +Exit:
>
> + ZeroMem (CombinedInput, CombinedInputSize);
>
> +
>
> + if (CombinedInput != NULL) {
>
> + FreePool (CombinedInput);
>
> + }
>
> +
>
> + if (mSpinLockList != NULL) {
>
> + FreePool ((VOID *)mSpinLockList);
>
> + }
>
> +
>
> + if (mBlockIsCompleted != NULL) {
>
> + FreePool (mBlockIsCompleted);
>
> + }
>
> +
>
> + return ReturnValue;
>
> +}
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> new file mode 100644
> index 000000000000..2bf89594def5
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> @@ -0,0 +1,40 @@
> +/** @file
>
> + ParallelHash Implementation which does not provide real capabilities.
>
> +
>
> +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include "InternalCryptLib.h"
>
> +
>
> +/**
>
> + Parallel hash function ParallelHash256, as defined in NIST's Special Publication
> 800-185,
>
> + published December 2016.
>
> +
>
> + @param[in] Input Pointer to the input message (X).
>
> + @param[in] InputByteLen The number(>0) of input bytes provided for the
> input data.
>
> + @param[in] BlockSize The size of each block (B).
>
> + @param[out] Output Pointer to the output buffer.
>
> + @param[in] OutputByteLen The desired number of output bytes (L).
>
> + @param[in] Customization Pointer to the customization string (S).
>
> + @param[in] CustomByteLen The length of the customization string in bytes.
>
> +
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +ParallelHash256HashAll (
>
> + IN CONST VOID *Input,
>
> + IN UINTN InputByteLen,
>
> + IN UINTN BlockSize,
>
> + OUT VOID *Output,
>
> + IN UINTN OutputByteLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomByteLen
>
> + )
>
> +{
>
> + ASSERT (FALSE);
>
> + return FALSE;
>
> +}
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> new file mode 100644
> index 000000000000..6abafc3c00e6
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> @@ -0,0 +1,166 @@
> +/** @file
>
> + SHA3 realted functions from OpenSSL.
>
> +
>
> +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
>
> +Licensed under the OpenSSL license (the "License"). You may not use
>
> +this file except in compliance with the License. You can obtain a copy
>
> +in the file LICENSE in the source distribution or at
>
> +https://www.openssl.org/source/license.html
>
> +**/
>
> +
>
> +#include "CryptParallelHash.h"
>
> +
>
> +/**
>
> + Keccak initial fuction.
>
> +
>
> + Set up state with specified capacity.
>
> +
>
> + @param[out] Context Pointer to the context being initialized.
>
> + @param[in] Pad Delimited Suffix.
>
> + @param[in] BlockSize Size of context block.
>
> + @param[in] MessageDigestLen Size of message digest in bytes.
>
> +
>
> + @retval 1 Initialize successfully.
>
> + @retval 0 Fail to initialize.
>
> +**/
>
> +UINT8
>
> +EFIAPI
>
> +KeccakInit (
>
> + OUT Keccak1600_Ctx *Context,
>
> + IN UINT8 Pad,
>
> + IN UINTN BlockSize,
>
> + IN UINTN MessageDigestLen
>
> + )
>
> +{
>
> + if (BlockSize <= sizeof (Context->buf)) {
>
> + memset (Context->A, 0, sizeof (Context->A));
>
> +
>
> + Context->num = 0;
>
> + Context->block_size = BlockSize;
>
> + Context->md_size = MessageDigestLen;
>
> + Context->pad = Pad;
>
> +
>
> + return 1;
>
> + }
>
> +
>
> + return 0;
>
> +}
>
> +
>
> +/**
>
> + Sha3 update fuction.
>
> +
>
> + This function performs Sha3 digest on a data buffer of the specified size.
>
> + It can be called multiple times to compute the digest of long or discontinuous
> data streams.
>
> +
>
> + @param[in,out] Context Pointer to the Keccak context.
>
> + @param[in] Data Pointer to the buffer containing the data to be hashed.
>
> + @param[in] DataSize Size of Data buffer in bytes.
>
> +
>
> + @retval 1 Update successfully.
>
> +**/
>
> +UINT8
>
> +EFIAPI
>
> +Sha3Update (
>
> + IN OUT Keccak1600_Ctx *Context,
>
> + IN const VOID *Data,
>
> + IN UINTN DataSize
>
> + )
>
> +{
>
> + const UINT8 *DataCopy;
>
> + UINTN BlockSize;
>
> + UINTN Num;
>
> + UINTN Rem;
>
> +
>
> + DataCopy = Data;
>
> + BlockSize = (UINT8)(Context->block_size);
>
> +
>
> + if (DataSize == 0) {
>
> + return 1;
>
> + }
>
> +
>
> + if ((Num = Context->num) != 0) {
>
> + //
>
> + // process intermediate buffer
>
> + //
>
> + Rem = BlockSize - Num;
>
> +
>
> + if (DataSize < Rem) {
>
> + memcpy (Context->buf + Num, DataCopy, DataSize);
>
> + Context->num += DataSize;
>
> + return 1;
>
> + }
>
> +
>
> + //
>
> + // We have enough data to fill or overflow the intermediate
>
> + // buffer. So we append |Rem| bytes and process the block,
>
> + // leaving the rest for later processing.
>
> + //
>
> + memcpy (Context->buf + Num, DataCopy, Rem);
>
> + DataCopy += Rem;
>
> + DataSize -= Rem;
>
> + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
>
> + Context->num = 0;
>
> + // Context->buf is processed, Context->num is guaranteed to be zero.
>
> + }
>
> +
>
> + if (DataSize >= BlockSize) {
>
> + Rem = SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize);
>
> + } else {
>
> + Rem = DataSize;
>
> + }
>
> +
>
> + if (Rem > 0) {
>
> + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem);
>
> + Context->num = Rem;
>
> + }
>
> +
>
> + return 1;
>
> +}
>
> +
>
> +/**
>
> + Completes computation of Sha3 message digest.
>
> +
>
> + This function completes sha3 hash computation and retrieves the digest value
> into
>
> + the specified memory. After this function has been called, the keccak context
> cannot
>
> + be used again.
>
> +
>
> + @param[in, out] Context Pointer to the keccak context.
>
> + @param[out] MessageDigest Pointer to a buffer that receives the
> message digest.
>
> +
>
> + @retval 1 Meaasge digest computation succeeded.
>
> +**/
>
> +UINT8
>
> +EFIAPI
>
> +Sha3Final (
>
> + IN OUT Keccak1600_Ctx *Context,
>
> + OUT UINT8 *MessageDigest
>
> + )
>
> +{
>
> + UINTN BlockSize;
>
> + UINTN Num;
>
> +
>
> + BlockSize = Context->block_size;
>
> + Num = Context->num;
>
> +
>
> + if (Context->md_size == 0) {
>
> + return 1;
>
> + }
>
> +
>
> + //
>
> + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1|
>
> + // in which case both byte operations below are performed on
>
> + // same byte.
>
> + //
>
> + memset (Context->buf + Num, 0, BlockSize - Num);
>
> + Context->buf[Num] = Context->pad;
>
> + Context->buf[BlockSize - 1] |= 0x80;
>
> +
>
> + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
>
> +
>
> + SHA3_squeeze (Context->A, MessageDigest, Context->md_size, BlockSize);
>
> +
>
> + return 1;
>
> +}
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> new file mode 100644
> index 000000000000..12c46cfbcd59
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> @@ -0,0 +1,107 @@
> +/** @file
>
> + Encode realted functions from Xkcp.
>
> +
>
> +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +Copyright 2022 The eXtended Keccak Code Package (XKCP)
>
> +https://github.com/XKCP/XKCP
>
> +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles
> Van Assche.
>
> +Implementation by the designers, hereby denoted as "the implementer".
>
> +For more information, feedback or questions, please refer to the Keccak Team
> website:
>
> +https://keccak.team/
>
> +To the extent possible under law, the implementer has waived all copyright
>
> +and related or neighboring rights to the source code in this file.
>
> +http://creativecommons.org/publicdomain/zero/1.0/
>
> +
>
> +**/
>
> +
>
> +#include "CryptParallelHash.h"
>
> +
>
> +/**
>
> + Encode function from XKCP.
>
> +
>
> + Encodes the input as a byte string in a way that can be unambiguously parsed
>
> + from the beginning of the string by inserting the length of the byte string
>
> + before the byte string representation of input.
>
> +
>
> + @param[out] EncBuf Result of left encode.
>
> + @param[in] Value Input of left encode.
>
> +
>
> + @retval EncLen Size of encode result in bytes.
>
> +**/
>
> +UINTN
>
> +EFIAPI
>
> +LeftEncode (
>
> + OUT UINT8 *EncBuf,
>
> + IN UINTN Value
>
> + )
>
> +{
>
> + UINT32 BlockNum;
>
> + UINT32 EncLen;
>
> + UINT32 Index;
>
> + UINTN ValueCopy;
>
> +
>
> + for ( ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum < sizeof
> (UINTN)); ++BlockNum, ValueCopy >>= 8 ) {
>
> + //
>
> + // Empty
>
> + //
>
> + }
>
> +
>
> + if (BlockNum == 0) {
>
> + BlockNum = 1;
>
> + }
>
> +
>
> + for (Index = 1; Index <= BlockNum; ++Index) {
>
> + EncBuf[Index] = (UINT8)(Value >> (8 * (BlockNum - Index)));
>
> + }
>
> +
>
> + EncBuf[0] = (UINT8)BlockNum;
>
> + EncLen = BlockNum + 1;
>
> +
>
> + return EncLen;
>
> +}
>
> +
>
> +/**
>
> + Encode function from XKCP.
>
> +
>
> + Encodes the input as a byte string in a way that can be unambiguously parsed
>
> + from the end of the string by inserting the length of the byte string after
>
> + the byte string representation of input.
>
> +
>
> + @param[out] EncBuf Result of right encode.
>
> + @param[in] Value Input of right encode.
>
> +
>
> + @retval EncLen Size of encode result in bytes.
>
> +**/
>
> +UINTN
>
> +EFIAPI
>
> +RightEncode (
>
> + OUT UINT8 *EncBuf,
>
> + IN UINTN Value
>
> + )
>
> +{
>
> + UINT32 BlockNum;
>
> + UINT32 EncLen;
>
> + UINT32 Index;
>
> + UINTN ValueCopy;
>
> +
>
> + for (ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum < sizeof
> (UINTN)); ++BlockNum, ValueCopy >>= 8) {
>
> + //
>
> + // Empty
>
> + //
>
> + }
>
> +
>
> + if (BlockNum == 0) {
>
> + BlockNum = 1;
>
> + }
>
> +
>
> + for (Index = 1; Index <= BlockNum; ++Index) {
>
> + EncBuf[Index-1] = (UINT8)(Value >> (8 * (BlockNum-Index)));
>
> + }
>
> +
>
> + EncBuf[BlockNum] = (UINT8)BlockNum;
>
> + EncLen = BlockNum + 1;
>
> +
>
> + return EncLen;
>
> +}
>
> diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> new file mode 100644
> index 000000000000..2bf89594def5
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> @@ -0,0 +1,40 @@
> +/** @file
>
> + ParallelHash Implementation which does not provide real capabilities.
>
> +
>
> +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include "InternalCryptLib.h"
>
> +
>
> +/**
>
> + Parallel hash function ParallelHash256, as defined in NIST's Special Publication
> 800-185,
>
> + published December 2016.
>
> +
>
> + @param[in] Input Pointer to the input message (X).
>
> + @param[in] InputByteLen The number(>0) of input bytes provided for the
> input data.
>
> + @param[in] BlockSize The size of each block (B).
>
> + @param[out] Output Pointer to the output buffer.
>
> + @param[in] OutputByteLen The desired number of output bytes (L).
>
> + @param[in] Customization Pointer to the customization string (S).
>
> + @param[in] CustomByteLen The length of the customization string in bytes.
>
> +
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +ParallelHash256HashAll (
>
> + IN CONST VOID *Input,
>
> + IN UINTN InputByteLen,
>
> + IN UINTN BlockSize,
>
> + OUT VOID *Output,
>
> + IN UINTN OutputByteLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomByteLen
>
> + )
>
> +{
>
> + ASSERT (FALSE);
>
> + return FALSE;
>
> +}
>
> diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> index c8df259ea963..8ee1b53cf957 100644
> --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> @@ -3,7 +3,7 @@
> Protocol/PPI.
>
>
>
> Copyright (C) Microsoft Corporation. All rights reserved.
>
> - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
>
> + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
>
>
> **/
>
> @@ -870,6 +870,38 @@ Sha512HashAll (
> CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), FALSE);
>
> }
>
>
>
> +/**
>
> + Parallel hash function ParallelHash256, as defined in NIST's Special Publication
> 800-185,
>
> + published December 2016.
>
> +
>
> + @param[in] Input Pointer to the input message (X).
>
> + @param[in] InputByteLen The number(>0) of input bytes provided for the
> input data.
>
> + @param[in] BlockSize The size of each block (B).
>
> + @param[out] Output Pointer to the output buffer.
>
> + @param[in] OutputByteLen The desired number of output bytes (L).
>
> + @param[in] Customization Pointer to the customization string (S).
>
> + @param[in] CustomByteLen The length of the customization string in bytes.
>
> +
>
> + @retval TRUE ParallelHash256 digest computation succeeded.
>
> + @retval FALSE ParallelHash256 digest computation failed.
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +ParallelHash256HashAll (
>
> + IN CONST VOID *Input,
>
> + IN UINTN InputByteLen,
>
> + IN UINTN BlockSize,
>
> + OUT VOID *Output,
>
> + IN UINTN OutputByteLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomByteLen
>
> + )
>
> +{
>
> + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen,
> BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE);
>
> +}
>
> +
>
> /**
>
> Retrieves the size, in bytes, of the context buffer required for SM3 hash
> operations.
>
>
>
> diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> new file mode 100644
> index 000000000000..fb57e91a9f16
> --- /dev/null
> +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> @@ -0,0 +1,145 @@
> +/** @file
>
> + Application for Parallelhash Function Validation.
>
> +
>
> +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include "TestBaseCryptLib.h"
>
> +
>
> +//
>
> +// Parallelhash Test Sample common parameters.
>
> +//
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN OutputByteLen = 64;
>
> +
>
> +//
>
> +// Parallelhash Test Sample #1 from NIST Special Publication 800-185.
>
> +//
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample1[] = {
>
> + // input data of sample1.
>
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x10, 0x11, 0x12, 0x13, 0x14,
> 0x15, 0x16, 0x17,
>
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
>
> +};
>
> +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample1ByteLen = 24;
> // Length of sample1 input data in bytes.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample1
> = ""; // Customization string (S) of sample1.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample1ByteLen = 0;
> // Customization string length of sample1 in bytes.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample1 = 8;
> // Block size of sample1.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample1[]
> = {
>
> + // Expected output data of sample1.
>
> + 0xbc, 0x1e, 0xf1, 0x24, 0xda, 0x34, 0x49, 0x5e, 0x94, 0x8e, 0xad, 0x20, 0x7d,
> 0xd9, 0x84, 0x22,
>
> + 0x35, 0xda, 0x43, 0x2d, 0x2b, 0xbc, 0x54, 0xb4, 0xc1, 0x10, 0xe6, 0x4c, 0x45,
> 0x11, 0x05, 0x53,
>
> + 0x1b, 0x7f, 0x2a, 0x3e, 0x0c, 0xe0, 0x55, 0xc0, 0x28, 0x05, 0xe7, 0xc2, 0xde,
> 0x1f, 0xb7, 0x46,
>
> + 0xaf, 0x97, 0xa1, 0xd0, 0x01, 0xf4, 0x3b, 0x82, 0x4e, 0x31, 0xb8, 0x76, 0x12,
> 0x41, 0x04, 0x29
>
> +};
>
> +
>
> +//
>
> +// Parallelhash Test Sample #2 from NIST Special Publication 800-185.
>
> +//
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 *InputSample2 =
> InputSample1; // Input of sample2 is same as sample1.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample2ByteLen = 24;
> // Length of sample2 input data in bytes.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample2
> = "Parallel Data"; // Customization string (S) of sample2.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample2ByteLen =
> 13; // Customization string length of sample2 in bytes.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample2 = 8;
> // Block size of sample2.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample2[]
> = {
>
> + // Expected output data of sample2.
>
> + 0xcd, 0xf1, 0x52, 0x89, 0xb5, 0x4f, 0x62, 0x12, 0xb4, 0xbc, 0x27, 0x05, 0x28,
> 0xb4, 0x95, 0x26,
>
> + 0x00, 0x6d, 0xd9, 0xb5, 0x4e, 0x2b, 0x6a, 0xdd, 0x1e, 0xf6, 0x90, 0x0d, 0xda,
> 0x39, 0x63, 0xbb,
>
> + 0x33, 0xa7, 0x24, 0x91, 0xf2, 0x36, 0x96, 0x9c, 0xa8, 0xaf, 0xae, 0xa2, 0x9c,
> 0x68, 0x2d, 0x47,
>
> + 0xa3, 0x93, 0xc0, 0x65, 0xb3, 0x8e, 0x29, 0xfa, 0xe6, 0x51, 0xa2, 0x09, 0x1c,
> 0x83, 0x31, 0x10
>
> +};
>
> +
>
> +//
>
> +// Parallelhash Test Sample #3 from NIST Special Publication 800-185.
>
> +//
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample3[] = {
>
> + // input data of sample3.
>
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x10,
> 0x11, 0x12, 0x13,
>
> + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x20, 0x21, 0x22, 0x23, 0x24,
> 0x25, 0x26, 0x27,
>
> + 0x28, 0x29, 0x2a, 0x2b, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
> 0x39, 0x3a, 0x3b,
>
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b, 0x50,
> 0x51, 0x52, 0x53,
>
> + 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b
>
> +};
>
> +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample3ByteLen = 72;
> // Length of sample3 input data in bytes.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample3
> = "Parallel Data"; // Customization string (S) of sample3.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample3ByteLen =
> 13; // Customization string length of sample3 in bytes.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample3 = 12;
> // Block size of sample3.
>
> +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample3[]
> = {
>
> + // Expected output data of sample3.
>
> + 0x69, 0xd0, 0xfc, 0xb7, 0x64, 0xea, 0x05, 0x5d, 0xd0, 0x93, 0x34, 0xbc, 0x60,
> 0x21, 0xcb, 0x7e,
>
> + 0x4b, 0x61, 0x34, 0x8d, 0xff, 0x37, 0x5d, 0xa2, 0x62, 0x67, 0x1c, 0xde, 0xc3,
> 0xef, 0xfa, 0x8d,
>
> + 0x1b, 0x45, 0x68, 0xa6, 0xcc, 0xe1, 0x6b, 0x1c, 0xad, 0x94, 0x6d, 0xdd, 0xe2,
> 0x7f, 0x6c, 0xe2,
>
> + 0xb8, 0xde, 0xe4, 0xcd, 0x1b, 0x24, 0x85, 0x1e, 0xbf, 0x00, 0xeb, 0x90, 0xd4,
> 0x38, 0x13, 0xe9
>
> +};
>
> +
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +TestVerifyParallelHash256HashAll (
>
> + IN UNIT_TEST_CONTEXT Context
>
> + )
>
> +{
>
> + BOOLEAN Status;
>
> + UINT8 Output[64];
>
> +
>
> + //
>
> + // Test #1 using sample1.
>
> + //
>
> + Status = ParallelHash256HashAll (
>
> + InputSample1,
>
> + InputSample1ByteLen,
>
> + BlockSizeSample1,
>
> + Output,
>
> + OutputByteLen,
>
> + CustomizationSample1,
>
> + CustomSample1ByteLen
>
> + );
>
> + UT_ASSERT_TRUE (Status);
>
> +
>
> + // Check the output with the expected output.
>
> + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample1, OutputByteLen);
>
> +
>
> + //
>
> + // Test #2 using sample2.
>
> + //
>
> + Status = ParallelHash256HashAll (
>
> + InputSample2,
>
> + InputSample2ByteLen,
>
> + BlockSizeSample2,
>
> + Output,
>
> + OutputByteLen,
>
> + CustomizationSample2,
>
> + CustomSample2ByteLen
>
> + );
>
> + UT_ASSERT_TRUE (Status);
>
> +
>
> + // Check the output with the expected output.
>
> + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample2, OutputByteLen);
>
> +
>
> + //
>
> + // Test #3 using sample3.
>
> + //
>
> + Status = ParallelHash256HashAll (
>
> + InputSample3,
>
> + InputSample3ByteLen,
>
> + BlockSizeSample3,
>
> + Output,
>
> + OutputByteLen,
>
> + CustomizationSample3,
>
> + CustomSample3ByteLen
>
> + );
>
> + UT_ASSERT_TRUE (Status);
>
> +
>
> + // Check the output with the expected output.
>
> + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample3, OutputByteLen);
>
> +
>
> + return EFI_SUCCESS;
>
> +}
>
> +
>
> +TEST_DESC mParallelhashTest[] = {
>
> + //
>
> + // -----Description------------------------------Class----------------------Function----
> -------------Pre---Post--Context
>
> + //
>
> + { "TestVerifyParallelHash256HashAll()",
> "CryptoPkg.BaseCryptLib.ParallelHash256HashAll",
> TestVerifyParallelHash256HashAll, NULL, NULL, NULL },
>
> +};
>
> +
>
> +UINTN mParallelhashTestNum = ARRAY_SIZE (mParallelhashTest);
>
> diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
> index eeb388ae71c5..e21fafac1efe 100644
> --- a/CryptoPkg/CryptoPkg.ci.yaml
> +++ b/CryptoPkg/CryptoPkg.ci.yaml
> @@ -2,7 +2,7 @@
> # CI configuration for CryptoPkg
>
> #
>
> # Copyright (c) Microsoft Corporation
>
> -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> +# Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
>
> ##
>
> {
>
> @@ -34,6 +34,8 @@
> "Library/OpensslLib/rand_pool.c",
>
> # This has OpenSSL interfaces that aren't UEFI spec compliant
>
> "Library/Include/CrtLibSupport.h",
>
> + # This has OpenSSL interfaces that aren't UEFI spec compliant
>
> + "Library/BaseCryptLib/Hash/CryptParallelHash.h",
>
> # These directories contain auto-generated OpenSSL content
>
> "Library/OpensslLib",
>
> "Library/IntrinsicLib",
>
> diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
> b/CryptoPkg/Include/Library/BaseCryptLib.h
> index f4bc7c0d73d9..7d1499350a49 100644
> --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> @@ -4,7 +4,7 @@
> primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
>
> functionality enabling.
>
>
>
> -Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
>
> +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
>
>
> **/
>
> @@ -753,6 +753,35 @@ Sha512HashAll (
> OUT UINT8 *HashValue
>
> );
>
>
>
> +/**
>
> + Parallel hash function ParallelHash256, as defined in NIST's Special Publication
> 800-185,
>
> + published December 2016.
>
> +
>
> + @param[in] Input Pointer to the input message (X).
>
> + @param[in] InputByteLen The number(>0) of input bytes provided for the
> input data.
>
> + @param[in] BlockSize The size of each block (B).
>
> + @param[out] Output Pointer to the output buffer.
>
> + @param[in] OutputByteLen The desired number of output bytes (L).
>
> + @param[in] Customization Pointer to the customization string (S).
>
> + @param[in] CustomByteLen The length of the customization string in bytes.
>
> +
>
> + @retval TRUE ParallelHash256 digest computation succeeded.
>
> + @retval FALSE ParallelHash256 digest computation failed.
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +ParallelHash256HashAll (
>
> + IN CONST VOID *Input,
>
> + IN UINTN InputByteLen,
>
> + IN UINTN BlockSize,
>
> + OUT VOID *Output,
>
> + IN UINTN OutputByteLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomByteLen
>
> + );
>
> +
>
> /**
>
> Retrieves the size, in bytes, of the context buffer required for SM3 hash
> operations.
>
>
>
> diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> index 5186a54759ae..77330961352e 100644
> --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> @@ -2,7 +2,7 @@
> Defines the PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure associated with
>
> gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.
>
>
>
> - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
>
> + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
>
>
> **/
>
> @@ -288,6 +288,12 @@ typedef struct {
> } Services;
>
> UINT32 Family;
>
> } TlsGet;
>
> + union {
>
> + struct {
>
> + UINT8 HashAll : 1;
>
> + } Services;
>
> + UINT32 Family;
>
> + } ParallelHash;
>
> } PCD_CRYPTO_SERVICE_FAMILY_ENABLE;
>
>
>
> #endif
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> index 49703fa4c963..15cf3dab105c 100644
> --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> @@ -6,7 +6,7 @@
> # This external input must be validated carefully to avoid security issues such as
>
> # buffer overflow or integer overflow.
>
> #
>
> -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
>
> +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
>
> # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> reserved.<BR>
>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
>
> #
>
> @@ -34,6 +34,7 @@
> Hash/CryptSha256.c
>
> Hash/CryptSha512.c
>
> Hash/CryptSm3.c
>
> + Hash/CryptParallelHashNull.c
>
> Hmac/CryptHmacSha256.c
>
> Kdf/CryptHkdf.c
>
> Cipher/CryptAes.c
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> new file mode 100644
> index 000000000000..fe08d4928e8d
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> @@ -0,0 +1,201 @@
> +/** @file
>
> + ParallelHash related function and type declaration.
>
> +
>
> +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
>
> +Licensed under the OpenSSL license (the "License"). You may not use
>
> +this file except in compliance with the License. You can obtain a copy
>
> +in the file LICENSE in the source distribution or at
>
> +https://www.openssl.org/source/license.html
>
> +
>
> +Copyright 2022 The eXtended Keccak Code Package (XKCP)
>
> +https://github.com/XKCP/XKCP
>
> +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles
> Van Assche.
>
> +Implementation by the designers, hereby denoted as "the implementer".
>
> +For more information, feedback or questions, please refer to the Keccak Team
> website:
>
> +https://keccak.team/
>
> +To the extent possible under law, the implementer has waived all copyright
>
> +and related or neighboring rights to the source code in this file.
>
> +http://creativecommons.org/publicdomain/zero/1.0/
>
> +**/
>
> +
>
> +#include "InternalCryptLib.h"
>
> +
>
> +#define KECCAK1600_WIDTH 1600
>
> +
>
> +//
>
> +// This struct referring to m_sha3.c from opessl and modified its type name.
>
> +//
>
> +typedef struct {
>
> + uint64_t A[5][5];
>
> + size_t block_size; /* cached ctx->digest->block_size */
>
> + size_t md_size; /* output length, variable in XOF */
>
> + size_t num; /* used bytes in below buffer */
>
> + unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
>
> + unsigned char pad;
>
> +} Keccak1600_Ctx;
>
> +
>
> +/**
>
> + SHA3_absorb can be called multiple times, but at each invocation
>
> + largest multiple of |r| out of |len| bytes are processed. Then
>
> + remaining amount of bytes is returned. This is done to spare caller
>
> + trouble of calculating the largest multiple of |r|. |r| can be viewed
>
> + as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104,
>
> + 72, but can also be (1600 - 448)/8 = 144. All this means that message
>
> + padding and intermediate sub-block buffering, byte- or bitwise, is
>
> + caller's responsibility.
>
> +**/
>
> +size_t
>
> +SHA3_absorb (
>
> + uint64_t A[5][5],
>
> + const unsigned char *inp,
>
> + size_t len,
>
> + size_t r
>
> + );
>
> +
>
> +/**
>
> + SHA3_squeeze is called once at the end to generate |out| hash value
>
> + of |len| bytes.
>
> +**/
>
> +void
>
> +SHA3_squeeze (
>
> + uint64_t A[5][5],
>
> + unsigned char *out,
>
> + size_t len,
>
> + size_t r
>
> + );
>
> +
>
> +/**
>
> + Encode function from XKCP.
>
> +
>
> + Encodes the input as a byte string in a way that can be unambiguously parsed
>
> + from the beginning of the string by inserting the length of the byte string
>
> + before the byte string representation of input.
>
> +
>
> + @param[out] EncBuf Result of left encode.
>
> + @param[in] Value Input of left encode.
>
> +
>
> + @retval EncLen Size of encode result in bytes.
>
> +**/
>
> +UINTN
>
> +EFIAPI
>
> +LeftEncode (
>
> + OUT UINT8 *EncBuf,
>
> + IN UINTN Value
>
> + );
>
> +
>
> +/**
>
> + Encode function from XKCP.
>
> +
>
> + Encodes the input as a byte string in a way that can be unambiguously parsed
>
> + from the end of the string by inserting the length of the byte string after
>
> + the byte string representation of input.
>
> +
>
> + @param[out] EncBuf Result of right encode.
>
> + @param[in] Value Input of right encode.
>
> +
>
> + @retval EncLen Size of encode result in bytes.
>
> +**/
>
> +UINTN
>
> +EFIAPI
>
> +RightEncode (
>
> + OUT UINT8 *EncBuf,
>
> + IN UINTN Value
>
> + );
>
> +
>
> +/**
>
> + Keccak initial fuction.
>
> +
>
> + Set up state with specified capacity.
>
> +
>
> + @param[out] Context Pointer to the context being initialized.
>
> + @param[in] Pad Delimited Suffix.
>
> + @param[in] BlockSize Size of context block.
>
> + @param[in] MessageDigestLen Size of message digest in bytes.
>
> +
>
> + @retval 1 Initialize successfully.
>
> + @retval 0 Fail to initialize.
>
> +**/
>
> +UINT8
>
> +EFIAPI
>
> +KeccakInit (
>
> + OUT Keccak1600_Ctx *Context,
>
> + IN UINT8 Pad,
>
> + IN UINTN BlockSize,
>
> + IN UINTN MessageDigstLen
>
> + );
>
> +
>
> +/**
>
> + Sha3 update fuction.
>
> +
>
> + This function performs Sha3 digest on a data buffer of the specified size.
>
> + It can be called multiple times to compute the digest of long or discontinuous
> data streams.
>
> +
>
> + @param[in,out] Context Pointer to the Keccak context.
>
> + @param[in] Data Pointer to the buffer containing the data to be hashed.
>
> + @param[in] DataSize Size of Data buffer in bytes.
>
> +
>
> + @retval 1 Update successfully.
>
> +**/
>
> +UINT8
>
> +EFIAPI
>
> +Sha3Update (
>
> + IN OUT Keccak1600_Ctx *Context,
>
> + IN const VOID *Data,
>
> + IN UINTN DataSize
>
> + );
>
> +
>
> +/**
>
> + Completes computation of Sha3 message digest.
>
> +
>
> + This function completes sha3 hash computation and retrieves the digest value
> into
>
> + the specified memory. After this function has been called, the keccak context
> cannot
>
> + be used again.
>
> +
>
> + @param[in, out] Context Pointer to the keccak context.
>
> + @param[out] MessageDigest Pointer to a buffer that receives the
> message digest.
>
> +
>
> + @retval 1 Meaasge digest computation succeeded.
>
> +**/
>
> +UINT8
>
> +EFIAPI
>
> +Sha3Final (
>
> + IN OUT Keccak1600_Ctx *Context,
>
> + OUT UINT8 *MessageDigest
>
> + );
>
> +
>
> +/**
>
> + Computes the CSHAKE-256 message digest of a input data buffer.
>
> +
>
> + This function performs the CSHAKE-256 message digest of a given data buffer,
> and places
>
> + the digest value into the specified memory.
>
> +
>
> + @param[in] Data Pointer to the buffer containing the data to be
> hashed.
>
> + @param[in] DataSize Size of Data buffer in bytes.
>
> + @param[in] OutputLen Size of output in bytes.
>
> + @param[in] Name Pointer to the function name string.
>
> + @param[in] NameLen Size of the function name in bytes.
>
> + @param[in] Customization Pointer to the customization string.
>
> + @param[in] CustomizationLen Size of the customization string in bytes.
>
> + @param[out] HashValue Pointer to a buffer that receives the CSHAKE-
> 256 digest
>
> + value.
>
> +
>
> + @retval TRUE CSHAKE-256 digest computation succeeded.
>
> + @retval FALSE CSHAKE-256 digest computation failed.
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +CShake256HashAll (
>
> + IN CONST VOID *Data,
>
> + IN UINTN DataSize,
>
> + IN UINTN OutputLen,
>
> + IN CONST VOID *Name,
>
> + IN UINTN NameLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomizationLen,
>
> + OUT UINT8 *HashValue
>
> + );
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> index 0cab5f3ce36c..bf1563b06407 100644
> --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> @@ -13,7 +13,7 @@
> # PEM handler functions, and pseudorandom number generator functions are
> not
>
> # supported in this instance.
>
> #
>
> -# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
>
> +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
>
> #
>
> ##
>
> @@ -40,6 +40,7 @@
> Hash/CryptSha256.c
>
> Hash/CryptSm3.c
>
> Hash/CryptSha512.c
>
> + Hash/CryptParallelHashNull.c
>
> Hmac/CryptHmacSha256.c
>
> Kdf/CryptHkdf.c
>
> Cipher/CryptAesNull.c
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> index fdbb6edfd23e..6742da0be4fe 100644
> --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> @@ -11,7 +11,7 @@
> # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
>
> # authenticode signature verification functions are not supported in this
> instance.
>
> #
>
> -# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
>
> +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
>
> # Copyright (c) 2021, Hewlett Packard Enterprise Development LP. All rights
> reserved.<BR>
>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
>
> #
>
> @@ -40,6 +40,7 @@
> Hash/CryptSha256.c
>
> Hash/CryptSm3.c
>
> Hash/CryptSha512.c
>
> + Hash/CryptParallelHashNull.c
>
> Hmac/CryptHmacSha256.c
>
> Kdf/CryptHkdf.c
>
> Cipher/CryptAes.c
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> index e6470d7a2127..8f39517f78b7 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> @@ -10,7 +10,7 @@
> # RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman
> functions, and
>
> # authenticode signature verification functions are not supported in this
> instance.
>
> #
>
> -# Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
>
> +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
>
> #
>
> ##
>
> @@ -38,6 +38,10 @@
> Hash/CryptSha256.c
>
> Hash/CryptSm3.c
>
> Hash/CryptSha512.c
>
> + Hash/CryptSha3.c
>
> + Hash/CryptXkcp.c
>
> + Hash/CryptCShake256.c
>
> + Hash/CryptParallelHash.c
>
> Hmac/CryptHmacSha256.c
>
> Kdf/CryptHkdfNull.c
>
> Cipher/CryptAes.c
>
> @@ -85,6 +89,8 @@
> OpensslLib
>
> IntrinsicLib
>
> PrintLib
>
> + MmServicesTableLib
>
> + SynchronizationLib
>
>
>
> #
>
> # Remove these [BuildOptions] after this library is cleaned up
>
> diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> index faf959827b90..63d1d82d1914 100644
> --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> @@ -6,7 +6,7 @@
> # This external input must be validated carefully to avoid security issues such as
>
> # buffer overflow or integer overflow.
>
> #
>
> -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
>
> +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
>
> # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> reserved.<BR>
>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
>
> #
>
> @@ -34,6 +34,7 @@
> Hash/CryptSha256Null.c
>
> Hash/CryptSha512Null.c
>
> Hash/CryptSm3Null.c
>
> + Hash/CryptParallelHashNull.c
>
> Hmac/CryptHmacSha256Null.c
>
> Kdf/CryptHkdfNull.c
>
> Cipher/CryptAesNull.c
>
> diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> b/CryptoPkg/Library/Include/CrtLibSupport.h
> index d257dca8fa9b..b76b140a7acf 100644
> --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> @@ -2,7 +2,7 @@
> Root include file of C runtime library to support building the third-party
>
> cryptographic library.
>
>
>
> -Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
>
> +Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
>
> Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> reserved.<BR>
>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
>
>
> @@ -111,6 +111,7 @@ typedef UINT8 u_char;
> typedef UINT32 uid_t;
>
> typedef UINT32 gid_t;
>
> typedef CHAR16 wchar_t;
>
> +typedef UINT64 uint64_t;
>
>
>
> //
>
> // File operations are not required for EFI building,
>
> diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> b/CryptoPkg/Private/Protocol/Crypto.h
> index e378a8a8c60e..de45778c7d42 100644
> --- a/CryptoPkg/Private/Protocol/Crypto.h
> +++ b/CryptoPkg/Private/Protocol/Crypto.h
> @@ -2,7 +2,7 @@
> This Protocol provides Crypto services to DXE modules
>
>
>
> Copyright (C) Microsoft Corporation. All rights reserved.
>
> - Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
>
> + Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
>
>
> **/
>
> @@ -21,7 +21,7 @@
> /// the EDK II Crypto Protocol is extended, this version define must be
>
> /// increased.
>
> ///
>
> -#define EDKII_CRYPTO_VERSION 7
>
> +#define EDKII_CRYPTO_VERSION 8
>
>
>
> ///
>
> /// EDK II Crypto Protocol forward declaration
>
> @@ -3383,6 +3383,35 @@ EFI_STATUS
> IN OUT UINTN *DataSize
>
> );
>
>
>
> +/**
>
> + Parallel hash function ParallelHash256, as defined in NIST's Special Publication
> 800-185,
>
> + published December 2016.
>
> +
>
> + @param[in] Input Pointer to the input message (X).
>
> + @param[in] InputByteLen The number(>0) of input bytes provided for the
> input data.
>
> + @param[in] BlockSize The size of each block (B).
>
> + @param[out] Output Pointer to the output buffer.
>
> + @param[in] OutputByteLen The desired number of output bytes (L).
>
> + @param[in] Customization Pointer to the customization string (S).
>
> + @param[in] CustomByteLen The length of the customization string in bytes.
>
> +
>
> + @retval TRUE ParallelHash256 digest computation succeeded.
>
> + @retval FALSE ParallelHash256 digest computation failed.
>
> + @retval FALSE This interface is not supported.
>
> +
>
> +**/
>
> +typedef
>
> +BOOLEAN
>
> +(EFIAPI *EDKII_CRYPTO_PARALLEL_HASH_ALL)(
>
> + IN CONST VOID *Input,
>
> + IN UINTN InputByteLen,
>
> + IN UINTN BlockSize,
>
> + OUT VOID *Output,
>
> + IN UINTN OutputByteLen,
>
> + IN CONST VOID *Customization,
>
> + IN UINTN CustomByteLen
>
> + );
>
> +
>
> /**
>
> Carries out the RSA-SSA signature generation with EMSA-PSS encoding scheme.
>
>
>
> @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
>
> EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
>
> EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> TlsGetCertRevocationList;
>
> + /// Parallel hash
>
> + EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
>
> /// RSA PSS
>
> EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
>
> EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
>
> diff --git a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> index ff0af36bcc80..c50a9cc4dc9f 100644
> --- a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> +++ b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> @@ -2,6 +2,7 @@
> # CryptoPkg DSC file used to build host-based unit tests.
>
> #
>
> # Copyright (c) Microsoft Corporation.<BR>
>
> +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
>
> #
>
> ##
>
> @@ -21,6 +22,9 @@
> [LibraryClasses]
>
> OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
>
> +
> MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib
> .inf
>
> +
> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizati
> onLib.inf
>
> +
> TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat
> e.inf
>
>
>
> [LibraryClasses.AARCH64, LibraryClasses.ARM]
>
> RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
>
> diff --git
> a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> index 00c869265080..399db596c2d1 100644
> --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> @@ -2,6 +2,7 @@
> # Host-based UnitTest for BaseCryptLib
>
> #
>
> # Copyright (c) Microsoft Corporation.<BR>
>
> +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
>
> ##
>
>
>
> @@ -35,6 +36,7 @@
> Pkcs7EkuTests.c
>
> OaepEncryptTests.c
>
> RsaPssTests.c
>
> + ParallelhashTests.c
>
>
>
> [Packages]
>
> MdePkg/MdePkg.dec
>
> @@ -45,3 +47,5 @@
> DebugLib
>
> BaseCryptLib
>
> UnitTestLib
>
> + MmServicesTableLib
>
> + SynchronizationLib
>
> --
> 2.26.2.windows.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib.
2022-03-17 14:12 ` Yao, Jiewen
@ 2022-03-17 16:27 ` Li, Zhihao
2022-03-18 0:56 ` Yao, Jiewen
0 siblings, 1 reply; 7+ messages in thread
From: Li, Zhihao @ 2022-03-17 16:27 UTC (permalink / raw)
To: Yao, Jiewen, devel@edk2.groups.io
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Fu, Siyuan
Because it will cause patch to fail in CI test while to succeed if follow the setting.
Failed test: https://github.com/tianocore/edk2/pull/2535
I guess it's because data structure EDKII_CRYPTO_PROTOCOL( mEdkiiCrypto) doesn't have /// RSA PSS members in Crypto.c
> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: Thursday, March 17, 2022 10:13 PM
> To: Li, Zhihao <zhihao.li@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>;
> Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> ParallelHash256HashAll in BaseCryptLib.
>
> Hey
> Are you following the guideline - don't put new field in the middle ?
>
> ParallelHash256HashAll API is still in the middle......
>
>
> > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
> >
> > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
> >
> > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > TlsGetCertRevocationList;
> >
> > + /// Parallel hash
> >
> > + EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
> >
> > /// RSA PSS
> >
> > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> >
> > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> >
>
>
> > -----Original Message-----
> > From: Li, Zhihao <zhihao.li@intel.com>
> > Sent: Thursday, March 17, 2022 12:35 PM
> > To: devel@edk2.groups.io
> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>;
> > Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin
> <guomin.jiang@intel.com>;
> > Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > ParallelHash256HashAll in BaseCryptLib.
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3596
> >
> > Parallel hash function ParallelHash256HashAll, as defined in NIST's
> > Special Publication 800-185, published December 2016. It utilizes
> > multi-process to calculate the digest.
> >
> > Passed CI test.
> > Onprotocol version code passed test.
> >
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> > Cc: Guomin Jiang <guomin.jiang@intel.com>
> > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > Cc: Zhihao Li <zhihao.li@intel.com>
> >
> > Signed-off-by: Zhihao Li <zhihao.li@intel.com>
> > ---
> > CryptoPkg/Driver/Crypto.c | 38 ++-
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c | 282
> > ++++++++++++++++++++
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c | 278
> > +++++++++++++++++++
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c | 40 +++
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c | 166
> > ++++++++++++
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c | 107
> ++++++++
> > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c | 40
> +++
> > CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 34 ++-
> > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c | 145
> > ++++++++++
> > CryptoPkg/CryptoPkg.ci.yaml | 4 +-
> > CryptoPkg/Include/Library/BaseCryptLib.h | 31 ++-
> > CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h | 8 +-
> > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +-
> > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h | 201
> > ++++++++++++++
> > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 3 +-
> > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 3 +-
> > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 8 +-
> > CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 3 +-
> > CryptoPkg/Library/Include/CrtLibSupport.h | 3 +-
> > CryptoPkg/Private/Protocol/Crypto.h | 35 ++-
> > CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 4 +
> > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf | 4
> +
> > 22 files changed, 1426 insertions(+), 14 deletions(-)
> >
> > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
> > index d5d6aa8e5820..5a9245c07cc5 100644
> > --- a/CryptoPkg/Driver/Crypto.c
> > +++ b/CryptoPkg/Driver/Crypto.c
> > @@ -3,7 +3,7 @@
> > from BaseCryptLib and TlsLib.
> >
> >
> >
> > Copyright (C) Microsoft Corporation. All rights reserved.
> >
> > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> >
> > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> >
> >
> > **/
> >
> > @@ -4470,6 +4470,38 @@ CryptoServiceTlsGetCertRevocationList (
> > return CALL_BASECRYPTLIB (TlsGet.Services.CertRevocationList,
> > TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED);
> >
> > }
> >
> >
> >
> > +/**
> >
> > + Parallel hash function ParallelHash256, as defined in NIST's Special
> Publication
> > 800-185,
> >
> > + published December 2016.
> >
> > +
> >
> > + @param[in] Input Pointer to the input message (X).
> >
> > + @param[in] InputByteLen The number(>0) of input bytes provided for the
> > input data.
> >
> > + @param[in] BlockSize The size of each block (B).
> >
> > + @param[out] Output Pointer to the output buffer.
> >
> > + @param[in] OutputByteLen The desired number of output bytes (L).
> >
> > + @param[in] Customization Pointer to the customization string (S).
> >
> > + @param[in] CustomByteLen The length of the customization string in
> bytes.
> >
> > +
> >
> > + @retval TRUE ParallelHash256 digest computation succeeded.
> >
> > + @retval FALSE ParallelHash256 digest computation failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +CryptoServiceParallelHash256HashAll (
> >
> > + IN CONST VOID *Input,
> >
> > + IN UINTN InputByteLen,
> >
> > + IN UINTN BlockSize,
> >
> > + OUT VOID *Output,
> >
> > + IN UINTN OutputByteLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomByteLen
> >
> > + )
> >
> > +{
> >
> > + return CALL_BASECRYPTLIB (ParallelHash.Services.HashAll,
> > ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output,
> OutputByteLen,
> > Customization, CustomByteLen), FALSE);
> >
> > +}
> >
> > +
> >
> > const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
> >
> > /// Version
> >
> > CryptoServiceGetCryptoVersion,
> >
> > @@ -4670,5 +4702,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
> > CryptoServiceTlsGetCaCertificate,
> >
> > CryptoServiceTlsGetHostPublicCert,
> >
> > CryptoServiceTlsGetHostPrivateKey,
> >
> > - CryptoServiceTlsGetCertRevocationList
> >
> > + CryptoServiceTlsGetCertRevocationList,
> >
> > + /// Parallel hash
> >
> > + CryptoServiceParallelHash256HashAll
> >
> > };
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > new file mode 100644
> > index 000000000000..2a9eaf9eec40
> > --- /dev/null
> > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > @@ -0,0 +1,282 @@
> > +/** @file
> >
> > + cSHAKE-256 Digest Wrapper Implementations.
> >
> > +
> >
> > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +
> >
> > +**/
> >
> > +
> >
> > +#include "CryptParallelHash.h"
> >
> > +
> >
> > +#define CSHAKE256_SECURITY_STRENGTH 256
> >
> > +#define CSHAKE256_RATE_IN_BYTES 136
> >
> > +
> >
> > +CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] = { 0 };
> >
> > +
> >
> > +/**
> >
> > + CShake256 initial function.
> >
> > +
> >
> > + Initializes user-supplied memory pointed by CShake256Context as cSHAKE-
> 256
> > hash context for
> >
> > + subsequent use.
> >
> > +
> >
> > + @param[out] CShake256Context Pointer to cSHAKE-256 context being
> > initialized.
> >
> > + @param[in] OutputLen The desired number of output length in bytes.
> >
> > + @param[in] Name Pointer to the function name string.
> >
> > + @param[in] NameLen The length of the function name in bytes.
> >
> > + @param[in] Customization Pointer to the customization string.
> >
> > + @param[in] CustomizationLen The length of the customization string in
> > bytes.
> >
> > +
> >
> > + @retval TRUE cSHAKE-256 context initialization succeeded.
> >
> > + @retval FALSE cSHAKE-256 context initialization failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +CShake256Init (
> >
> > + OUT VOID *CShake256Context,
> >
> > + IN UINTN OutputLen,
> >
> > + IN CONST VOID *Name,
> >
> > + IN UINTN NameLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomizationLen
> >
> > + )
> >
> > +{
> >
> > + BOOLEAN Status;
> >
> > + UINT8 EncBuf[sizeof (UINTN) + 1];
> >
> > + UINTN EncLen;
> >
> > + UINTN AbsorbLen;
> >
> > + UINTN PadLen;
> >
> > +
> >
> > + //
> >
> > + // Check input parameters.
> >
> > + //
> >
> > + if ((CShake256Context == NULL) || (OutputLen == 0) || ((NameLen != 0) &&
> > (Name == NULL)) || ((CustomizationLen != 0) && (Customization == NULL))) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + //
> >
> > + // Initialize KECCAK context with pad value and block size.
> >
> > + //
> >
> > + if ((NameLen == 0) && (CustomizationLen == 0)) {
> >
> > + //
> >
> > + // When N and S are both empty strings, cSHAKE(X, L, N, S) is equivalent to
> >
> > + // SHAKE as defined in FIPS 202.
> >
> > + //
> >
> > + Status = (BOOLEAN)KeccakInit (
> >
> > + (Keccak1600_Ctx *)CShake256Context,
> >
> > + '\x1f',
> >
> > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2) /
> 8,
> >
> > + OutputLen
> >
> > + );
> >
> > +
> >
> > + return Status;
> >
> > + } else {
> >
> > + Status = (BOOLEAN)KeccakInit (
> >
> > + (Keccak1600_Ctx *)CShake256Context,
> >
> > + '\x04',
> >
> > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2) /
> 8,
> >
> > + OutputLen
> >
> > + );
> >
> > + if (!Status) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + AbsorbLen = 0;
> >
> > + //
> >
> > + // Absorb Absorb bytepad(.., rate).
> >
> > + //
> >
> > + EncLen = LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES);
> >
> > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > EncBuf, EncLen);
> >
> > + if (!Status) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + AbsorbLen += EncLen;
> >
> > +
> >
> > + //
> >
> > + // Absorb encode_string(N).
> >
> > + //
> >
> > + EncLen = LeftEncode (EncBuf, NameLen * 8);
> >
> > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > EncBuf, EncLen);
> >
> > + if (!Status) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + AbsorbLen += EncLen;
> >
> > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > Name, NameLen);
> >
> > + if (!Status) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + AbsorbLen += NameLen;
> >
> > +
> >
> > + //
> >
> > + // Absorb encode_string(S).
> >
> > + //
> >
> > + EncLen = LeftEncode (EncBuf, CustomizationLen * 8);
> >
> > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > EncBuf, EncLen);
> >
> > + if (!Status) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + AbsorbLen += EncLen;
> >
> > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > Customization, CustomizationLen);
> >
> > + if (!Status) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + AbsorbLen += CustomizationLen;
> >
> > +
> >
> > + //
> >
> > + // Absorb zero padding up to rate.
> >
> > + //
> >
> > + PadLen = CSHAKE256_RATE_IN_BYTES - AbsorbLen %
> > CSHAKE256_RATE_IN_BYTES;
> >
> > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > mZeroPadding, PadLen);
> >
> > + if (!Status) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + return TRUE;
> >
> > + }
> >
> > +}
> >
> > +
> >
> > +/**
> >
> > + Digests the input data and updates cSHAKE-256 context.
> >
> > +
> >
> > + This function performs cSHAKE-256 digest on a data buffer of the specified
> > size.
> >
> > + It can be called multiple times to compute the digest of long or
> discontinuous
> > data streams.
> >
> > + cSHAKE-256 context should be already correctly initialized by
> CShake256Init(),
> > and should not be finalized
> >
> > + by CShake256Final(). Behavior with invalid context is undefined.
> >
> > +
> >
> > + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.
> >
> > + @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> >
> > + @param[in] DataSize Size of Data buffer in bytes.
> >
> > +
> >
> > + @retval TRUE cSHAKE-256 data digest succeeded.
> >
> > + @retval FALSE cSHAKE-256 data digest failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +CShake256Update (
> >
> > + IN OUT VOID *CShake256Context,
> >
> > + IN CONST VOID *Data,
> >
> > + IN UINTN DataSize
> >
> > + )
> >
> > +{
> >
> > + //
> >
> > + // Check input parameters.
> >
> > + //
> >
> > + if (CShake256Context == NULL) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + //
> >
> > + // Check invalid parameters, in case that only DataLength was checked in
> > OpenSSL.
> >
> > + //
> >
> > + if ((Data == NULL) && (DataSize != 0)) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> Data,
> > DataSize));
> >
> > +}
> >
> > +
> >
> > +/**
> >
> > + Completes computation of the cSHAKE-256 digest value.
> >
> > +
> >
> > + This function completes cSHAKE-256 hash computation and retrieves the
> > digest value into
> >
> > + the specified memory. After this function has been called, the cSHAKE-256
> > context cannot
> >
> > + be used again.
> >
> > + cSHAKE-256 context should be already correctly initialized by
> CShake256Init(),
> > and should not be
> >
> > + finalized by CShake256Final(). Behavior with invalid cSHAKE-256 context is
> > undefined.
> >
> > +
> >
> > + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.
> >
> > + @param[out] HashValue Pointer to a buffer that receives the
> cSHAKE-
> > 256 digest
> >
> > + value.
> >
> > +
> >
> > + @retval TRUE cSHAKE-256 digest computation succeeded.
> >
> > + @retval FALSE cSHAKE-256 digest computation failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +CShake256Final (
> >
> > + IN OUT VOID *CShake256Context,
> >
> > + OUT UINT8 *HashValue
> >
> > + )
> >
> > +{
> >
> > + //
> >
> > + // Check input parameters.
> >
> > + //
> >
> > + if ((CShake256Context == NULL) || (HashValue == NULL)) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + //
> >
> > + // cSHAKE-256 Hash Finalization.
> >
> > + //
> >
> > + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context,
> > HashValue));
> >
> > +}
> >
> > +
> >
> > +/**
> >
> > + Computes the CSHAKE-256 message digest of a input data buffer.
> >
> > +
> >
> > + This function performs the CSHAKE-256 message digest of a given data
> buffer,
> > and places
> >
> > + the digest value into the specified memory.
> >
> > +
> >
> > + @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> >
> > + @param[in] DataSize Size of Data buffer in bytes.
> >
> > + @param[in] OutputLen Size of output in bytes.
> >
> > + @param[in] Name Pointer to the function name string.
> >
> > + @param[in] NameLen Size of the function name in bytes.
> >
> > + @param[in] Customization Pointer to the customization string.
> >
> > + @param[in] CustomizationLen Size of the customization string in bytes.
> >
> > + @param[out] HashValue Pointer to a buffer that receives the CSHAKE-
> > 256 digest
> >
> > + value.
> >
> > +
> >
> > + @retval TRUE CSHAKE-256 digest computation succeeded.
> >
> > + @retval FALSE CSHAKE-256 digest computation failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +CShake256HashAll (
> >
> > + IN CONST VOID *Data,
> >
> > + IN UINTN DataSize,
> >
> > + IN UINTN OutputLen,
> >
> > + IN CONST VOID *Name,
> >
> > + IN UINTN NameLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomizationLen,
> >
> > + OUT UINT8 *HashValue
> >
> > + )
> >
> > +{
> >
> > + BOOLEAN Status;
> >
> > + Keccak1600_Ctx Ctx;
> >
> > +
> >
> > + //
> >
> > + // Check input parameters.
> >
> > + //
> >
> > + if (HashValue == NULL) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + if ((Data == NULL) && (DataSize != 0)) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + Status = CShake256Init (&Ctx, OutputLen, Name, NameLen, Customization,
> > CustomizationLen);
> >
> > + if (!Status) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + Status = CShake256Update (&Ctx, Data, DataSize);
> >
> > + if (!Status) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + return CShake256Final (&Ctx, HashValue);
> >
> > +}
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > new file mode 100644
> > index 000000000000..f7ce9dbf523e
> > --- /dev/null
> > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > @@ -0,0 +1,278 @@
> > +/** @file
> >
> > + ParallelHash Implementation.
> >
> > +
> >
> > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +
> >
> > +**/
> >
> > +
> >
> > +#include "CryptParallelHash.h"
> >
> > +#include <Library/MmServicesTableLib.h>
> >
> > +#include <Library/SynchronizationLib.h>
> >
> > +
> >
> > +#define PARALLELHASH_CUSTOMIZATION "ParallelHash"
> >
> > +
> >
> > +UINTN mBlockNum;
> >
> > +UINTN mBlockSize;
> >
> > +UINTN mLastBlockSize;
> >
> > +UINT8 *mInput;
> >
> > +UINTN mBlockResultSize;
> >
> > +UINT8 *mBlockHashResult;
> >
> > +BOOLEAN *mBlockIsCompleted;
> >
> > +SPIN_LOCK *mSpinLockList;
> >
> > +
> >
> > +/**
> >
> > + Complete computation of digest of each block.
> >
> > +
> >
> > + Each AP perform the function called by BSP.
> >
> > +
> >
> > + @param[in] ProcedureArgument Argument of the procedure.
> >
> > +**/
> >
> > +VOID
> >
> > +EFIAPI
> >
> > +ParallelHashApExecute (
> >
> > + IN VOID *ProcedureArgument
> >
> > + )
> >
> > +{
> >
> > + UINTN Index;
> >
> > + BOOLEAN Status;
> >
> > +
> >
> > + for (Index = 0; Index < mBlockNum; Index++) {
> >
> > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> >
> > + //
> >
> > + // Completed, try next one.
> >
> > + //
> >
> > + if (mBlockIsCompleted[Index]) {
> >
> > + ReleaseSpinLock (&mSpinLockList[Index]);
> >
> > + continue;
> >
> > + }
> >
> > +
> >
> > + //
> >
> > + // Calculate CShake256 for this block.
> >
> > + //
> >
> > + Status = CShake256HashAll (
> >
> > + mInput + Index * mBlockSize,
> >
> > + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
> >
> > + mBlockResultSize,
> >
> > + NULL,
> >
> > + 0,
> >
> > + NULL,
> >
> > + 0,
> >
> > + mBlockHashResult + Index * mBlockResultSize
> >
> > + );
> >
> > + if (!EFI_ERROR (Status)) {
> >
> > + mBlockIsCompleted[Index] = TRUE;
> >
> > + }
> >
> > +
> >
> > + ReleaseSpinLock (&mSpinLockList[Index]);
> >
> > + }
> >
> > + }
> >
> > +}
> >
> > +
> >
> > +/**
> >
> > + Dispatch the block task to each AP in SMM mode.
> >
> > +
> >
> > +**/
> >
> > +VOID
> >
> > +EFIAPI
> >
> > +MmDispatchBlockToAP (
> >
> > + VOID
> >
> > + )
> >
> > +{
> >
> > + UINTN Index;
> >
> > +
> >
> > + for (Index = 0; Index < gMmst->NumberOfCpus; Index++) {
> >
> > + if (Index != gMmst->CurrentlyExecutingCpu) {
> >
> > + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL);
> >
> > + }
> >
> > + }
> >
> > +
> >
> > + return;
> >
> > +}
> >
> > +
> >
> > +/**
> >
> > + Parallel hash function ParallelHash256, as defined in NIST's Special
> Publication
> > 800-185,
> >
> > + published December 2016.
> >
> > +
> >
> > + @param[in] Input Pointer to the input message (X).
> >
> > + @param[in] InputByteLen The number(>0) of input bytes provided for the
> > input data.
> >
> > + @param[in] BlockSize The size of each block (B).
> >
> > + @param[out] Output Pointer to the output buffer.
> >
> > + @param[in] OutputByteLen The desired number of output bytes (L).
> >
> > + @param[in] Customization Pointer to the customization string (S).
> >
> > + @param[in] CustomByteLen The length of the customization string in
> bytes.
> >
> > +
> >
> > + @retval TRUE ParallelHash256 digest computation succeeded.
> >
> > + @retval FALSE ParallelHash256 digest computation failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +ParallelHash256HashAll (
> >
> > + IN CONST VOID *Input,
> >
> > + IN UINTN InputByteLen,
> >
> > + IN UINTN BlockSize,
> >
> > + OUT VOID *Output,
> >
> > + IN UINTN OutputByteLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomByteLen
> >
> > + )
> >
> > +{
> >
> > + UINT8 EncBufB[sizeof (UINTN)+1];
> >
> > + UINTN EncSizeB;
> >
> > + UINT8 EncBufN[sizeof (UINTN)+1];
> >
> > + UINTN EncSizeN;
> >
> > + UINT8 EncBufL[sizeof (UINTN)+1];
> >
> > + UINTN EncSizeL;
> >
> > + UINTN Index;
> >
> > + UINT8 *CombinedInput;
> >
> > + UINTN CombinedInputSize;
> >
> > + BOOLEAN AllCompleted;
> >
> > + UINTN Offset;
> >
> > + BOOLEAN ReturnValue;
> >
> > +
> >
> > + if ((InputByteLen == 0) || (OutputByteLen == 0) || (BlockSize == 0)) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + if ((Input == NULL) || (Output == NULL)) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + if ((CustomByteLen != 0) && (Customization == NULL)) {
> >
> > + return FALSE;
> >
> > + }
> >
> > +
> >
> > + mBlockSize = BlockSize;
> >
> > +
> >
> > + //
> >
> > + // Calculate block number n.
> >
> > + //
> >
> > + mBlockNum = InputByteLen % mBlockSize == 0 ? InputByteLen / mBlockSize :
> > InputByteLen / mBlockSize + 1;
> >
> > +
> >
> > + //
> >
> > + // Set hash result size of each block in bytes.
> >
> > + //
> >
> > + mBlockResultSize = OutputByteLen;
> >
> > +
> >
> > + //
> >
> > + // Encode B, n, L to string and record size.
> >
> > + //
> >
> > + EncSizeB = LeftEncode (EncBufB, mBlockSize);
> >
> > + EncSizeN = RightEncode (EncBufN, mBlockNum);
> >
> > + EncSizeL = RightEncode (EncBufL, OutputByteLen * CHAR_BIT);
> >
> > +
> >
> > + //
> >
> > + // Allocate buffer for combined input (newX), Block completed flag and
> > SpinLock.
> >
> > + //
> >
> > + CombinedInputSize = EncSizeB + EncSizeN + EncSizeL + mBlockNum *
> > mBlockResultSize;
> >
> > + CombinedInput = AllocateZeroPool (CombinedInputSize);
> >
> > + mBlockIsCompleted = AllocateZeroPool (mBlockNum * sizeof (BOOLEAN));
> >
> > + mSpinLockList = AllocatePool (mBlockNum * sizeof (SPIN_LOCK));
> >
> > + if ((CombinedInput == NULL) || (mBlockIsCompleted == NULL) ||
> > (mSpinLockList == NULL)) {
> >
> > + ReturnValue = FALSE;
> >
> > + goto Exit;
> >
> > + }
> >
> > +
> >
> > + //
> >
> > + // Fill LeftEncode(B).
> >
> > + //
> >
> > + CopyMem (CombinedInput, EncBufB, EncSizeB);
> >
> > +
> >
> > + //
> >
> > + // Prepare for parallel hash.
> >
> > + //
> >
> > + mBlockHashResult = CombinedInput + EncSizeB;
> >
> > + mInput = (UINT8 *)Input;
> >
> > + mLastBlockSize = InputByteLen % mBlockSize == 0 ? mBlockSize :
> > InputByteLen % mBlockSize;
> >
> > +
> >
> > + //
> >
> > + // Initialize SpinLock for each result block.
> >
> > + //
> >
> > + for (Index = 0; Index < mBlockNum; Index++) {
> >
> > + InitializeSpinLock (&mSpinLockList[Index]);
> >
> > + }
> >
> > +
> >
> > + //
> >
> > + // Dispatch blocklist to each AP.
> >
> > + //
> >
> > + if (gMmst != NULL) {
> >
> > + MmDispatchBlockToAP ();
> >
> > + }
> >
> > +
> >
> > + //
> >
> > + // Wait until all block hash completed.
> >
> > + //
> >
> > + do {
> >
> > + AllCompleted = TRUE;
> >
> > + for (Index = 0; Index < mBlockNum; Index++) {
> >
> > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> >
> > + if (!mBlockIsCompleted[Index]) {
> >
> > + AllCompleted = FALSE;
> >
> > + ReturnValue = CShake256HashAll (
> >
> > + mInput + Index * mBlockSize,
> >
> > + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
> >
> > + mBlockResultSize,
> >
> > + NULL,
> >
> > + 0,
> >
> > + NULL,
> >
> > + 0,
> >
> > + mBlockHashResult + Index * mBlockResultSize
> >
> > + );
> >
> > + if (ReturnValue) {
> >
> > + mBlockIsCompleted[Index] = TRUE;
> >
> > + }
> >
> > +
> >
> > + ReleaseSpinLock (&mSpinLockList[Index]);
> >
> > + break;
> >
> > + }
> >
> > +
> >
> > + ReleaseSpinLock (&mSpinLockList[Index]);
> >
> > + } else {
> >
> > + AllCompleted = FALSE;
> >
> > + break;
> >
> > + }
> >
> > + }
> >
> > + } while (!AllCompleted);
> >
> > +
> >
> > + //
> >
> > + // Fill LeftEncode(n).
> >
> > + //
> >
> > + Offset = EncSizeB + mBlockNum * mBlockResultSize;
> >
> > + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN);
> >
> > +
> >
> > + //
> >
> > + // Fill LeftEncode(L).
> >
> > + //
> >
> > + Offset += EncSizeN;
> >
> > + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL);
> >
> > +
> >
> > + ReturnValue = CShake256HashAll (
> >
> > + CombinedInput,
> >
> > + CombinedInputSize,
> >
> > + OutputByteLen,
> >
> > + PARALLELHASH_CUSTOMIZATION,
> >
> > + AsciiStrLen (PARALLELHASH_CUSTOMIZATION),
> >
> > + Customization,
> >
> > + CustomByteLen,
> >
> > + Output
> >
> > + );
> >
> > +
> >
> > +Exit:
> >
> > + ZeroMem (CombinedInput, CombinedInputSize);
> >
> > +
> >
> > + if (CombinedInput != NULL) {
> >
> > + FreePool (CombinedInput);
> >
> > + }
> >
> > +
> >
> > + if (mSpinLockList != NULL) {
> >
> > + FreePool ((VOID *)mSpinLockList);
> >
> > + }
> >
> > +
> >
> > + if (mBlockIsCompleted != NULL) {
> >
> > + FreePool (mBlockIsCompleted);
> >
> > + }
> >
> > +
> >
> > + return ReturnValue;
> >
> > +}
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > new file mode 100644
> > index 000000000000..2bf89594def5
> > --- /dev/null
> > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > @@ -0,0 +1,40 @@
> > +/** @file
> >
> > + ParallelHash Implementation which does not provide real capabilities.
> >
> > +
> >
> > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +
> >
> > +**/
> >
> > +
> >
> > +#include "InternalCryptLib.h"
> >
> > +
> >
> > +/**
> >
> > + Parallel hash function ParallelHash256, as defined in NIST's Special
> Publication
> > 800-185,
> >
> > + published December 2016.
> >
> > +
> >
> > + @param[in] Input Pointer to the input message (X).
> >
> > + @param[in] InputByteLen The number(>0) of input bytes provided for the
> > input data.
> >
> > + @param[in] BlockSize The size of each block (B).
> >
> > + @param[out] Output Pointer to the output buffer.
> >
> > + @param[in] OutputByteLen The desired number of output bytes (L).
> >
> > + @param[in] Customization Pointer to the customization string (S).
> >
> > + @param[in] CustomByteLen The length of the customization string in
> bytes.
> >
> > +
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +ParallelHash256HashAll (
> >
> > + IN CONST VOID *Input,
> >
> > + IN UINTN InputByteLen,
> >
> > + IN UINTN BlockSize,
> >
> > + OUT VOID *Output,
> >
> > + IN UINTN OutputByteLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomByteLen
> >
> > + )
> >
> > +{
> >
> > + ASSERT (FALSE);
> >
> > + return FALSE;
> >
> > +}
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > new file mode 100644
> > index 000000000000..6abafc3c00e6
> > --- /dev/null
> > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > @@ -0,0 +1,166 @@
> > +/** @file
> >
> > + SHA3 realted functions from OpenSSL.
> >
> > +
> >
> > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +
> >
> > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> >
> > +Licensed under the OpenSSL license (the "License"). You may not use
> >
> > +this file except in compliance with the License. You can obtain a copy
> >
> > +in the file LICENSE in the source distribution or at
> >
> > +https://www.openssl.org/source/license.html
> >
> > +**/
> >
> > +
> >
> > +#include "CryptParallelHash.h"
> >
> > +
> >
> > +/**
> >
> > + Keccak initial fuction.
> >
> > +
> >
> > + Set up state with specified capacity.
> >
> > +
> >
> > + @param[out] Context Pointer to the context being initialized.
> >
> > + @param[in] Pad Delimited Suffix.
> >
> > + @param[in] BlockSize Size of context block.
> >
> > + @param[in] MessageDigestLen Size of message digest in bytes.
> >
> > +
> >
> > + @retval 1 Initialize successfully.
> >
> > + @retval 0 Fail to initialize.
> >
> > +**/
> >
> > +UINT8
> >
> > +EFIAPI
> >
> > +KeccakInit (
> >
> > + OUT Keccak1600_Ctx *Context,
> >
> > + IN UINT8 Pad,
> >
> > + IN UINTN BlockSize,
> >
> > + IN UINTN MessageDigestLen
> >
> > + )
> >
> > +{
> >
> > + if (BlockSize <= sizeof (Context->buf)) {
> >
> > + memset (Context->A, 0, sizeof (Context->A));
> >
> > +
> >
> > + Context->num = 0;
> >
> > + Context->block_size = BlockSize;
> >
> > + Context->md_size = MessageDigestLen;
> >
> > + Context->pad = Pad;
> >
> > +
> >
> > + return 1;
> >
> > + }
> >
> > +
> >
> > + return 0;
> >
> > +}
> >
> > +
> >
> > +/**
> >
> > + Sha3 update fuction.
> >
> > +
> >
> > + This function performs Sha3 digest on a data buffer of the specified size.
> >
> > + It can be called multiple times to compute the digest of long or
> discontinuous
> > data streams.
> >
> > +
> >
> > + @param[in,out] Context Pointer to the Keccak context.
> >
> > + @param[in] Data Pointer to the buffer containing the data to be
> hashed.
> >
> > + @param[in] DataSize Size of Data buffer in bytes.
> >
> > +
> >
> > + @retval 1 Update successfully.
> >
> > +**/
> >
> > +UINT8
> >
> > +EFIAPI
> >
> > +Sha3Update (
> >
> > + IN OUT Keccak1600_Ctx *Context,
> >
> > + IN const VOID *Data,
> >
> > + IN UINTN DataSize
> >
> > + )
> >
> > +{
> >
> > + const UINT8 *DataCopy;
> >
> > + UINTN BlockSize;
> >
> > + UINTN Num;
> >
> > + UINTN Rem;
> >
> > +
> >
> > + DataCopy = Data;
> >
> > + BlockSize = (UINT8)(Context->block_size);
> >
> > +
> >
> > + if (DataSize == 0) {
> >
> > + return 1;
> >
> > + }
> >
> > +
> >
> > + if ((Num = Context->num) != 0) {
> >
> > + //
> >
> > + // process intermediate buffer
> >
> > + //
> >
> > + Rem = BlockSize - Num;
> >
> > +
> >
> > + if (DataSize < Rem) {
> >
> > + memcpy (Context->buf + Num, DataCopy, DataSize);
> >
> > + Context->num += DataSize;
> >
> > + return 1;
> >
> > + }
> >
> > +
> >
> > + //
> >
> > + // We have enough data to fill or overflow the intermediate
> >
> > + // buffer. So we append |Rem| bytes and process the block,
> >
> > + // leaving the rest for later processing.
> >
> > + //
> >
> > + memcpy (Context->buf + Num, DataCopy, Rem);
> >
> > + DataCopy += Rem;
> >
> > + DataSize -= Rem;
> >
> > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> >
> > + Context->num = 0;
> >
> > + // Context->buf is processed, Context->num is guaranteed to be zero.
> >
> > + }
> >
> > +
> >
> > + if (DataSize >= BlockSize) {
> >
> > + Rem = SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize);
> >
> > + } else {
> >
> > + Rem = DataSize;
> >
> > + }
> >
> > +
> >
> > + if (Rem > 0) {
> >
> > + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem);
> >
> > + Context->num = Rem;
> >
> > + }
> >
> > +
> >
> > + return 1;
> >
> > +}
> >
> > +
> >
> > +/**
> >
> > + Completes computation of Sha3 message digest.
> >
> > +
> >
> > + This function completes sha3 hash computation and retrieves the digest
> value
> > into
> >
> > + the specified memory. After this function has been called, the keccak
> context
> > cannot
> >
> > + be used again.
> >
> > +
> >
> > + @param[in, out] Context Pointer to the keccak context.
> >
> > + @param[out] MessageDigest Pointer to a buffer that receives the
> > message digest.
> >
> > +
> >
> > + @retval 1 Meaasge digest computation succeeded.
> >
> > +**/
> >
> > +UINT8
> >
> > +EFIAPI
> >
> > +Sha3Final (
> >
> > + IN OUT Keccak1600_Ctx *Context,
> >
> > + OUT UINT8 *MessageDigest
> >
> > + )
> >
> > +{
> >
> > + UINTN BlockSize;
> >
> > + UINTN Num;
> >
> > +
> >
> > + BlockSize = Context->block_size;
> >
> > + Num = Context->num;
> >
> > +
> >
> > + if (Context->md_size == 0) {
> >
> > + return 1;
> >
> > + }
> >
> > +
> >
> > + //
> >
> > + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1|
> >
> > + // in which case both byte operations below are performed on
> >
> > + // same byte.
> >
> > + //
> >
> > + memset (Context->buf + Num, 0, BlockSize - Num);
> >
> > + Context->buf[Num] = Context->pad;
> >
> > + Context->buf[BlockSize - 1] |= 0x80;
> >
> > +
> >
> > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> >
> > +
> >
> > + SHA3_squeeze (Context->A, MessageDigest, Context->md_size, BlockSize);
> >
> > +
> >
> > + return 1;
> >
> > +}
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > new file mode 100644
> > index 000000000000..12c46cfbcd59
> > --- /dev/null
> > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > @@ -0,0 +1,107 @@
> > +/** @file
> >
> > + Encode realted functions from Xkcp.
> >
> > +
> >
> > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +
> >
> > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> >
> > +https://github.com/XKCP/XKCP
> >
> > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles
> > Van Assche.
> >
> > +Implementation by the designers, hereby denoted as "the implementer".
> >
> > +For more information, feedback or questions, please refer to the Keccak
> Team
> > website:
> >
> > +https://keccak.team/
> >
> > +To the extent possible under law, the implementer has waived all copyright
> >
> > +and related or neighboring rights to the source code in this file.
> >
> > +http://creativecommons.org/publicdomain/zero/1.0/
> >
> > +
> >
> > +**/
> >
> > +
> >
> > +#include "CryptParallelHash.h"
> >
> > +
> >
> > +/**
> >
> > + Encode function from XKCP.
> >
> > +
> >
> > + Encodes the input as a byte string in a way that can be unambiguously
> parsed
> >
> > + from the beginning of the string by inserting the length of the byte string
> >
> > + before the byte string representation of input.
> >
> > +
> >
> > + @param[out] EncBuf Result of left encode.
> >
> > + @param[in] Value Input of left encode.
> >
> > +
> >
> > + @retval EncLen Size of encode result in bytes.
> >
> > +**/
> >
> > +UINTN
> >
> > +EFIAPI
> >
> > +LeftEncode (
> >
> > + OUT UINT8 *EncBuf,
> >
> > + IN UINTN Value
> >
> > + )
> >
> > +{
> >
> > + UINT32 BlockNum;
> >
> > + UINT32 EncLen;
> >
> > + UINT32 Index;
> >
> > + UINTN ValueCopy;
> >
> > +
> >
> > + for ( ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum < sizeof
> > (UINTN)); ++BlockNum, ValueCopy >>= 8 ) {
> >
> > + //
> >
> > + // Empty
> >
> > + //
> >
> > + }
> >
> > +
> >
> > + if (BlockNum == 0) {
> >
> > + BlockNum = 1;
> >
> > + }
> >
> > +
> >
> > + for (Index = 1; Index <= BlockNum; ++Index) {
> >
> > + EncBuf[Index] = (UINT8)(Value >> (8 * (BlockNum - Index)));
> >
> > + }
> >
> > +
> >
> > + EncBuf[0] = (UINT8)BlockNum;
> >
> > + EncLen = BlockNum + 1;
> >
> > +
> >
> > + return EncLen;
> >
> > +}
> >
> > +
> >
> > +/**
> >
> > + Encode function from XKCP.
> >
> > +
> >
> > + Encodes the input as a byte string in a way that can be unambiguously
> parsed
> >
> > + from the end of the string by inserting the length of the byte string after
> >
> > + the byte string representation of input.
> >
> > +
> >
> > + @param[out] EncBuf Result of right encode.
> >
> > + @param[in] Value Input of right encode.
> >
> > +
> >
> > + @retval EncLen Size of encode result in bytes.
> >
> > +**/
> >
> > +UINTN
> >
> > +EFIAPI
> >
> > +RightEncode (
> >
> > + OUT UINT8 *EncBuf,
> >
> > + IN UINTN Value
> >
> > + )
> >
> > +{
> >
> > + UINT32 BlockNum;
> >
> > + UINT32 EncLen;
> >
> > + UINT32 Index;
> >
> > + UINTN ValueCopy;
> >
> > +
> >
> > + for (ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum < sizeof
> > (UINTN)); ++BlockNum, ValueCopy >>= 8) {
> >
> > + //
> >
> > + // Empty
> >
> > + //
> >
> > + }
> >
> > +
> >
> > + if (BlockNum == 0) {
> >
> > + BlockNum = 1;
> >
> > + }
> >
> > +
> >
> > + for (Index = 1; Index <= BlockNum; ++Index) {
> >
> > + EncBuf[Index-1] = (UINT8)(Value >> (8 * (BlockNum-Index)));
> >
> > + }
> >
> > +
> >
> > + EncBuf[BlockNum] = (UINT8)BlockNum;
> >
> > + EncLen = BlockNum + 1;
> >
> > +
> >
> > + return EncLen;
> >
> > +}
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > new file mode 100644
> > index 000000000000..2bf89594def5
> > --- /dev/null
> > +++ b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > @@ -0,0 +1,40 @@
> > +/** @file
> >
> > + ParallelHash Implementation which does not provide real capabilities.
> >
> > +
> >
> > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +
> >
> > +**/
> >
> > +
> >
> > +#include "InternalCryptLib.h"
> >
> > +
> >
> > +/**
> >
> > + Parallel hash function ParallelHash256, as defined in NIST's Special
> Publication
> > 800-185,
> >
> > + published December 2016.
> >
> > +
> >
> > + @param[in] Input Pointer to the input message (X).
> >
> > + @param[in] InputByteLen The number(>0) of input bytes provided for the
> > input data.
> >
> > + @param[in] BlockSize The size of each block (B).
> >
> > + @param[out] Output Pointer to the output buffer.
> >
> > + @param[in] OutputByteLen The desired number of output bytes (L).
> >
> > + @param[in] Customization Pointer to the customization string (S).
> >
> > + @param[in] CustomByteLen The length of the customization string in
> bytes.
> >
> > +
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +ParallelHash256HashAll (
> >
> > + IN CONST VOID *Input,
> >
> > + IN UINTN InputByteLen,
> >
> > + IN UINTN BlockSize,
> >
> > + OUT VOID *Output,
> >
> > + IN UINTN OutputByteLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomByteLen
> >
> > + )
> >
> > +{
> >
> > + ASSERT (FALSE);
> >
> > + return FALSE;
> >
> > +}
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > index c8df259ea963..8ee1b53cf957 100644
> > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > @@ -3,7 +3,7 @@
> > Protocol/PPI.
> >
> >
> >
> > Copyright (C) Microsoft Corporation. All rights reserved.
> >
> > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> >
> > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> >
> >
> > **/
> >
> > @@ -870,6 +870,38 @@ Sha512HashAll (
> > CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue), FALSE);
> >
> > }
> >
> >
> >
> > +/**
> >
> > + Parallel hash function ParallelHash256, as defined in NIST's Special
> Publication
> > 800-185,
> >
> > + published December 2016.
> >
> > +
> >
> > + @param[in] Input Pointer to the input message (X).
> >
> > + @param[in] InputByteLen The number(>0) of input bytes provided for the
> > input data.
> >
> > + @param[in] BlockSize The size of each block (B).
> >
> > + @param[out] Output Pointer to the output buffer.
> >
> > + @param[in] OutputByteLen The desired number of output bytes (L).
> >
> > + @param[in] Customization Pointer to the customization string (S).
> >
> > + @param[in] CustomByteLen The length of the customization string in
> bytes.
> >
> > +
> >
> > + @retval TRUE ParallelHash256 digest computation succeeded.
> >
> > + @retval FALSE ParallelHash256 digest computation failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +ParallelHash256HashAll (
> >
> > + IN CONST VOID *Input,
> >
> > + IN UINTN InputByteLen,
> >
> > + IN UINTN BlockSize,
> >
> > + OUT VOID *Output,
> >
> > + IN UINTN OutputByteLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomByteLen
> >
> > + )
> >
> > +{
> >
> > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen,
> > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE);
> >
> > +}
> >
> > +
> >
> > /**
> >
> > Retrieves the size, in bytes, of the context buffer required for SM3 hash
> > operations.
> >
> >
> >
> > diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > new file mode 100644
> > index 000000000000..fb57e91a9f16
> > --- /dev/null
> > +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > @@ -0,0 +1,145 @@
> > +/** @file
> >
> > + Application for Parallelhash Function Validation.
> >
> > +
> >
> > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +
> >
> > +**/
> >
> > +
> >
> > +#include "TestBaseCryptLib.h"
> >
> > +
> >
> > +//
> >
> > +// Parallelhash Test Sample common parameters.
> >
> > +//
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN OutputByteLen = 64;
> >
> > +
> >
> > +//
> >
> > +// Parallelhash Test Sample #1 from NIST Special Publication 800-185.
> >
> > +//
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample1[] = {
> >
> > + // input data of sample1.
> >
> > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x10, 0x11, 0x12, 0x13,
> 0x14,
> > 0x15, 0x16, 0x17,
> >
> > + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
> >
> > +};
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample1ByteLen =
> 24;
> > // Length of sample1 input data in bytes.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> *CustomizationSample1
> > = ""; // Customization string (S) of sample1.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample1ByteLen =
> 0;
> > // Customization string length of sample1 in bytes.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample1 = 8;
> > // Block size of sample1.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> ExpectOutputSample1[]
> > = {
> >
> > + // Expected output data of sample1.
> >
> > + 0xbc, 0x1e, 0xf1, 0x24, 0xda, 0x34, 0x49, 0x5e, 0x94, 0x8e, 0xad, 0x20,
> 0x7d,
> > 0xd9, 0x84, 0x22,
> >
> > + 0x35, 0xda, 0x43, 0x2d, 0x2b, 0xbc, 0x54, 0xb4, 0xc1, 0x10, 0xe6, 0x4c,
> 0x45,
> > 0x11, 0x05, 0x53,
> >
> > + 0x1b, 0x7f, 0x2a, 0x3e, 0x0c, 0xe0, 0x55, 0xc0, 0x28, 0x05, 0xe7, 0xc2, 0xde,
> > 0x1f, 0xb7, 0x46,
> >
> > + 0xaf, 0x97, 0xa1, 0xd0, 0x01, 0xf4, 0x3b, 0x82, 0x4e, 0x31, 0xb8, 0x76, 0x12,
> > 0x41, 0x04, 0x29
> >
> > +};
> >
> > +
> >
> > +//
> >
> > +// Parallelhash Test Sample #2 from NIST Special Publication 800-185.
> >
> > +//
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 *InputSample2 =
> > InputSample1; // Input of sample2 is same as sample1.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample2ByteLen =
> 24;
> > // Length of sample2 input data in bytes.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> *CustomizationSample2
> > = "Parallel Data"; // Customization string (S) of sample2.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample2ByteLen =
> > 13; // Customization string length of sample2 in bytes.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample2 = 8;
> > // Block size of sample2.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> ExpectOutputSample2[]
> > = {
> >
> > + // Expected output data of sample2.
> >
> > + 0xcd, 0xf1, 0x52, 0x89, 0xb5, 0x4f, 0x62, 0x12, 0xb4, 0xbc, 0x27, 0x05, 0x28,
> > 0xb4, 0x95, 0x26,
> >
> > + 0x00, 0x6d, 0xd9, 0xb5, 0x4e, 0x2b, 0x6a, 0xdd, 0x1e, 0xf6, 0x90, 0x0d,
> 0xda,
> > 0x39, 0x63, 0xbb,
> >
> > + 0x33, 0xa7, 0x24, 0x91, 0xf2, 0x36, 0x96, 0x9c, 0xa8, 0xaf, 0xae, 0xa2, 0x9c,
> > 0x68, 0x2d, 0x47,
> >
> > + 0xa3, 0x93, 0xc0, 0x65, 0xb3, 0x8e, 0x29, 0xfa, 0xe6, 0x51, 0xa2, 0x09, 0x1c,
> > 0x83, 0x31, 0x10
> >
> > +};
> >
> > +
> >
> > +//
> >
> > +// Parallelhash Test Sample #3 from NIST Special Publication 800-185.
> >
> > +//
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample3[] = {
> >
> > + // input data of sample3.
> >
> > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
> 0x10,
> > 0x11, 0x12, 0x13,
> >
> > + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x20, 0x21, 0x22, 0x23,
> 0x24,
> > 0x25, 0x26, 0x27,
> >
> > + 0x28, 0x29, 0x2a, 0x2b, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> 0x38,
> > 0x39, 0x3a, 0x3b,
> >
> > + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b,
> 0x50,
> > 0x51, 0x52, 0x53,
> >
> > + 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b
> >
> > +};
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample3ByteLen =
> 72;
> > // Length of sample3 input data in bytes.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> *CustomizationSample3
> > = "Parallel Data"; // Customization string (S) of sample3.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample3ByteLen =
> > 13; // Customization string length of sample3 in bytes.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample3 = 12;
> > // Block size of sample3.
> >
> > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> ExpectOutputSample3[]
> > = {
> >
> > + // Expected output data of sample3.
> >
> > + 0x69, 0xd0, 0xfc, 0xb7, 0x64, 0xea, 0x05, 0x5d, 0xd0, 0x93, 0x34, 0xbc, 0x60,
> > 0x21, 0xcb, 0x7e,
> >
> > + 0x4b, 0x61, 0x34, 0x8d, 0xff, 0x37, 0x5d, 0xa2, 0x62, 0x67, 0x1c, 0xde, 0xc3,
> > 0xef, 0xfa, 0x8d,
> >
> > + 0x1b, 0x45, 0x68, 0xa6, 0xcc, 0xe1, 0x6b, 0x1c, 0xad, 0x94, 0x6d, 0xdd,
> 0xe2,
> > 0x7f, 0x6c, 0xe2,
> >
> > + 0xb8, 0xde, 0xe4, 0xcd, 0x1b, 0x24, 0x85, 0x1e, 0xbf, 0x00, 0xeb, 0x90,
> 0xd4,
> > 0x38, 0x13, 0xe9
> >
> > +};
> >
> > +
> >
> > +UNIT_TEST_STATUS
> >
> > +EFIAPI
> >
> > +TestVerifyParallelHash256HashAll (
> >
> > + IN UNIT_TEST_CONTEXT Context
> >
> > + )
> >
> > +{
> >
> > + BOOLEAN Status;
> >
> > + UINT8 Output[64];
> >
> > +
> >
> > + //
> >
> > + // Test #1 using sample1.
> >
> > + //
> >
> > + Status = ParallelHash256HashAll (
> >
> > + InputSample1,
> >
> > + InputSample1ByteLen,
> >
> > + BlockSizeSample1,
> >
> > + Output,
> >
> > + OutputByteLen,
> >
> > + CustomizationSample1,
> >
> > + CustomSample1ByteLen
> >
> > + );
> >
> > + UT_ASSERT_TRUE (Status);
> >
> > +
> >
> > + // Check the output with the expected output.
> >
> > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample1, OutputByteLen);
> >
> > +
> >
> > + //
> >
> > + // Test #2 using sample2.
> >
> > + //
> >
> > + Status = ParallelHash256HashAll (
> >
> > + InputSample2,
> >
> > + InputSample2ByteLen,
> >
> > + BlockSizeSample2,
> >
> > + Output,
> >
> > + OutputByteLen,
> >
> > + CustomizationSample2,
> >
> > + CustomSample2ByteLen
> >
> > + );
> >
> > + UT_ASSERT_TRUE (Status);
> >
> > +
> >
> > + // Check the output with the expected output.
> >
> > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample2, OutputByteLen);
> >
> > +
> >
> > + //
> >
> > + // Test #3 using sample3.
> >
> > + //
> >
> > + Status = ParallelHash256HashAll (
> >
> > + InputSample3,
> >
> > + InputSample3ByteLen,
> >
> > + BlockSizeSample3,
> >
> > + Output,
> >
> > + OutputByteLen,
> >
> > + CustomizationSample3,
> >
> > + CustomSample3ByteLen
> >
> > + );
> >
> > + UT_ASSERT_TRUE (Status);
> >
> > +
> >
> > + // Check the output with the expected output.
> >
> > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample3, OutputByteLen);
> >
> > +
> >
> > + return EFI_SUCCESS;
> >
> > +}
> >
> > +
> >
> > +TEST_DESC mParallelhashTest[] = {
> >
> > + //
> >
> > + // -----Description------------------------------Class----------------------Function--
> --
> > -------------Pre---Post--Context
> >
> > + //
> >
> > + { "TestVerifyParallelHash256HashAll()",
> > "CryptoPkg.BaseCryptLib.ParallelHash256HashAll",
> > TestVerifyParallelHash256HashAll, NULL, NULL, NULL },
> >
> > +};
> >
> > +
> >
> > +UINTN mParallelhashTestNum = ARRAY_SIZE (mParallelhashTest);
> >
> > diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
> > index eeb388ae71c5..e21fafac1efe 100644
> > --- a/CryptoPkg/CryptoPkg.ci.yaml
> > +++ b/CryptoPkg/CryptoPkg.ci.yaml
> > @@ -2,7 +2,7 @@
> > # CI configuration for CryptoPkg
> >
> > #
> >
> > # Copyright (c) Microsoft Corporation
> >
> > -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> >
> > +# Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > ##
> >
> > {
> >
> > @@ -34,6 +34,8 @@
> > "Library/OpensslLib/rand_pool.c",
> >
> > # This has OpenSSL interfaces that aren't UEFI spec compliant
> >
> > "Library/Include/CrtLibSupport.h",
> >
> > + # This has OpenSSL interfaces that aren't UEFI spec compliant
> >
> > + "Library/BaseCryptLib/Hash/CryptParallelHash.h",
> >
> > # These directories contain auto-generated OpenSSL content
> >
> > "Library/OpensslLib",
> >
> > "Library/IntrinsicLib",
> >
> > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
> > b/CryptoPkg/Include/Library/BaseCryptLib.h
> > index f4bc7c0d73d9..7d1499350a49 100644
> > --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> > @@ -4,7 +4,7 @@
> > primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
> >
> > functionality enabling.
> >
> >
> >
> > -Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> >
> > +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> >
> >
> > **/
> >
> > @@ -753,6 +753,35 @@ Sha512HashAll (
> > OUT UINT8 *HashValue
> >
> > );
> >
> >
> >
> > +/**
> >
> > + Parallel hash function ParallelHash256, as defined in NIST's Special
> Publication
> > 800-185,
> >
> > + published December 2016.
> >
> > +
> >
> > + @param[in] Input Pointer to the input message (X).
> >
> > + @param[in] InputByteLen The number(>0) of input bytes provided for the
> > input data.
> >
> > + @param[in] BlockSize The size of each block (B).
> >
> > + @param[out] Output Pointer to the output buffer.
> >
> > + @param[in] OutputByteLen The desired number of output bytes (L).
> >
> > + @param[in] Customization Pointer to the customization string (S).
> >
> > + @param[in] CustomByteLen The length of the customization string in
> bytes.
> >
> > +
> >
> > + @retval TRUE ParallelHash256 digest computation succeeded.
> >
> > + @retval FALSE ParallelHash256 digest computation failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +ParallelHash256HashAll (
> >
> > + IN CONST VOID *Input,
> >
> > + IN UINTN InputByteLen,
> >
> > + IN UINTN BlockSize,
> >
> > + OUT VOID *Output,
> >
> > + IN UINTN OutputByteLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomByteLen
> >
> > + );
> >
> > +
> >
> > /**
> >
> > Retrieves the size, in bytes, of the context buffer required for SM3 hash
> > operations.
> >
> >
> >
> > diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > index 5186a54759ae..77330961352e 100644
> > --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > @@ -2,7 +2,7 @@
> > Defines the PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure associated
> with
> >
> > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.
> >
> >
> >
> > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> >
> > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> >
> >
> > **/
> >
> > @@ -288,6 +288,12 @@ typedef struct {
> > } Services;
> >
> > UINT32 Family;
> >
> > } TlsGet;
> >
> > + union {
> >
> > + struct {
> >
> > + UINT8 HashAll : 1;
> >
> > + } Services;
> >
> > + UINT32 Family;
> >
> > + } ParallelHash;
> >
> > } PCD_CRYPTO_SERVICE_FAMILY_ENABLE;
> >
> >
> >
> > #endif
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > index 49703fa4c963..15cf3dab105c 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > @@ -6,7 +6,7 @@
> > # This external input must be validated carefully to avoid security issues such
> as
> >
> > # buffer overflow or integer overflow.
> >
> > #
> >
> > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> >
> > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> > reserved.<BR>
> >
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > #
> >
> > @@ -34,6 +34,7 @@
> > Hash/CryptSha256.c
> >
> > Hash/CryptSha512.c
> >
> > Hash/CryptSm3.c
> >
> > + Hash/CryptParallelHashNull.c
> >
> > Hmac/CryptHmacSha256.c
> >
> > Kdf/CryptHkdf.c
> >
> > Cipher/CryptAes.c
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > new file mode 100644
> > index 000000000000..fe08d4928e8d
> > --- /dev/null
> > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > @@ -0,0 +1,201 @@
> > +/** @file
> >
> > + ParallelHash related function and type declaration.
> >
> > +
> >
> > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > +
> >
> > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> >
> > +Licensed under the OpenSSL license (the "License"). You may not use
> >
> > +this file except in compliance with the License. You can obtain a copy
> >
> > +in the file LICENSE in the source distribution or at
> >
> > +https://www.openssl.org/source/license.html
> >
> > +
> >
> > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> >
> > +https://github.com/XKCP/XKCP
> >
> > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles
> > Van Assche.
> >
> > +Implementation by the designers, hereby denoted as "the implementer".
> >
> > +For more information, feedback or questions, please refer to the Keccak
> Team
> > website:
> >
> > +https://keccak.team/
> >
> > +To the extent possible under law, the implementer has waived all copyright
> >
> > +and related or neighboring rights to the source code in this file.
> >
> > +http://creativecommons.org/publicdomain/zero/1.0/
> >
> > +**/
> >
> > +
> >
> > +#include "InternalCryptLib.h"
> >
> > +
> >
> > +#define KECCAK1600_WIDTH 1600
> >
> > +
> >
> > +//
> >
> > +// This struct referring to m_sha3.c from opessl and modified its type name.
> >
> > +//
> >
> > +typedef struct {
> >
> > + uint64_t A[5][5];
> >
> > + size_t block_size; /* cached ctx->digest->block_size */
> >
> > + size_t md_size; /* output length, variable in XOF */
> >
> > + size_t num; /* used bytes in below buffer */
> >
> > + unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
> >
> > + unsigned char pad;
> >
> > +} Keccak1600_Ctx;
> >
> > +
> >
> > +/**
> >
> > + SHA3_absorb can be called multiple times, but at each invocation
> >
> > + largest multiple of |r| out of |len| bytes are processed. Then
> >
> > + remaining amount of bytes is returned. This is done to spare caller
> >
> > + trouble of calculating the largest multiple of |r|. |r| can be viewed
> >
> > + as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104,
> >
> > + 72, but can also be (1600 - 448)/8 = 144. All this means that message
> >
> > + padding and intermediate sub-block buffering, byte- or bitwise, is
> >
> > + caller's responsibility.
> >
> > +**/
> >
> > +size_t
> >
> > +SHA3_absorb (
> >
> > + uint64_t A[5][5],
> >
> > + const unsigned char *inp,
> >
> > + size_t len,
> >
> > + size_t r
> >
> > + );
> >
> > +
> >
> > +/**
> >
> > + SHA3_squeeze is called once at the end to generate |out| hash value
> >
> > + of |len| bytes.
> >
> > +**/
> >
> > +void
> >
> > +SHA3_squeeze (
> >
> > + uint64_t A[5][5],
> >
> > + unsigned char *out,
> >
> > + size_t len,
> >
> > + size_t r
> >
> > + );
> >
> > +
> >
> > +/**
> >
> > + Encode function from XKCP.
> >
> > +
> >
> > + Encodes the input as a byte string in a way that can be unambiguously
> parsed
> >
> > + from the beginning of the string by inserting the length of the byte string
> >
> > + before the byte string representation of input.
> >
> > +
> >
> > + @param[out] EncBuf Result of left encode.
> >
> > + @param[in] Value Input of left encode.
> >
> > +
> >
> > + @retval EncLen Size of encode result in bytes.
> >
> > +**/
> >
> > +UINTN
> >
> > +EFIAPI
> >
> > +LeftEncode (
> >
> > + OUT UINT8 *EncBuf,
> >
> > + IN UINTN Value
> >
> > + );
> >
> > +
> >
> > +/**
> >
> > + Encode function from XKCP.
> >
> > +
> >
> > + Encodes the input as a byte string in a way that can be unambiguously
> parsed
> >
> > + from the end of the string by inserting the length of the byte string after
> >
> > + the byte string representation of input.
> >
> > +
> >
> > + @param[out] EncBuf Result of right encode.
> >
> > + @param[in] Value Input of right encode.
> >
> > +
> >
> > + @retval EncLen Size of encode result in bytes.
> >
> > +**/
> >
> > +UINTN
> >
> > +EFIAPI
> >
> > +RightEncode (
> >
> > + OUT UINT8 *EncBuf,
> >
> > + IN UINTN Value
> >
> > + );
> >
> > +
> >
> > +/**
> >
> > + Keccak initial fuction.
> >
> > +
> >
> > + Set up state with specified capacity.
> >
> > +
> >
> > + @param[out] Context Pointer to the context being initialized.
> >
> > + @param[in] Pad Delimited Suffix.
> >
> > + @param[in] BlockSize Size of context block.
> >
> > + @param[in] MessageDigestLen Size of message digest in bytes.
> >
> > +
> >
> > + @retval 1 Initialize successfully.
> >
> > + @retval 0 Fail to initialize.
> >
> > +**/
> >
> > +UINT8
> >
> > +EFIAPI
> >
> > +KeccakInit (
> >
> > + OUT Keccak1600_Ctx *Context,
> >
> > + IN UINT8 Pad,
> >
> > + IN UINTN BlockSize,
> >
> > + IN UINTN MessageDigstLen
> >
> > + );
> >
> > +
> >
> > +/**
> >
> > + Sha3 update fuction.
> >
> > +
> >
> > + This function performs Sha3 digest on a data buffer of the specified size.
> >
> > + It can be called multiple times to compute the digest of long or
> discontinuous
> > data streams.
> >
> > +
> >
> > + @param[in,out] Context Pointer to the Keccak context.
> >
> > + @param[in] Data Pointer to the buffer containing the data to be
> hashed.
> >
> > + @param[in] DataSize Size of Data buffer in bytes.
> >
> > +
> >
> > + @retval 1 Update successfully.
> >
> > +**/
> >
> > +UINT8
> >
> > +EFIAPI
> >
> > +Sha3Update (
> >
> > + IN OUT Keccak1600_Ctx *Context,
> >
> > + IN const VOID *Data,
> >
> > + IN UINTN DataSize
> >
> > + );
> >
> > +
> >
> > +/**
> >
> > + Completes computation of Sha3 message digest.
> >
> > +
> >
> > + This function completes sha3 hash computation and retrieves the digest
> value
> > into
> >
> > + the specified memory. After this function has been called, the keccak
> context
> > cannot
> >
> > + be used again.
> >
> > +
> >
> > + @param[in, out] Context Pointer to the keccak context.
> >
> > + @param[out] MessageDigest Pointer to a buffer that receives the
> > message digest.
> >
> > +
> >
> > + @retval 1 Meaasge digest computation succeeded.
> >
> > +**/
> >
> > +UINT8
> >
> > +EFIAPI
> >
> > +Sha3Final (
> >
> > + IN OUT Keccak1600_Ctx *Context,
> >
> > + OUT UINT8 *MessageDigest
> >
> > + );
> >
> > +
> >
> > +/**
> >
> > + Computes the CSHAKE-256 message digest of a input data buffer.
> >
> > +
> >
> > + This function performs the CSHAKE-256 message digest of a given data
> buffer,
> > and places
> >
> > + the digest value into the specified memory.
> >
> > +
> >
> > + @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> >
> > + @param[in] DataSize Size of Data buffer in bytes.
> >
> > + @param[in] OutputLen Size of output in bytes.
> >
> > + @param[in] Name Pointer to the function name string.
> >
> > + @param[in] NameLen Size of the function name in bytes.
> >
> > + @param[in] Customization Pointer to the customization string.
> >
> > + @param[in] CustomizationLen Size of the customization string in bytes.
> >
> > + @param[out] HashValue Pointer to a buffer that receives the CSHAKE-
> > 256 digest
> >
> > + value.
> >
> > +
> >
> > + @retval TRUE CSHAKE-256 digest computation succeeded.
> >
> > + @retval FALSE CSHAKE-256 digest computation failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +BOOLEAN
> >
> > +EFIAPI
> >
> > +CShake256HashAll (
> >
> > + IN CONST VOID *Data,
> >
> > + IN UINTN DataSize,
> >
> > + IN UINTN OutputLen,
> >
> > + IN CONST VOID *Name,
> >
> > + IN UINTN NameLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomizationLen,
> >
> > + OUT UINT8 *HashValue
> >
> > + );
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > index 0cab5f3ce36c..bf1563b06407 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > @@ -13,7 +13,7 @@
> > # PEM handler functions, and pseudorandom number generator functions are
> > not
> >
> > # supported in this instance.
> >
> > #
> >
> > -# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> >
> > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > #
> >
> > ##
> >
> > @@ -40,6 +40,7 @@
> > Hash/CryptSha256.c
> >
> > Hash/CryptSm3.c
> >
> > Hash/CryptSha512.c
> >
> > + Hash/CryptParallelHashNull.c
> >
> > Hmac/CryptHmacSha256.c
> >
> > Kdf/CryptHkdf.c
> >
> > Cipher/CryptAesNull.c
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > index fdbb6edfd23e..6742da0be4fe 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > @@ -11,7 +11,7 @@
> > # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
> >
> > # authenticode signature verification functions are not supported in this
> > instance.
> >
> > #
> >
> > -# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
> >
> > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > # Copyright (c) 2021, Hewlett Packard Enterprise Development LP. All rights
> > reserved.<BR>
> >
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > #
> >
> > @@ -40,6 +40,7 @@
> > Hash/CryptSha256.c
> >
> > Hash/CryptSm3.c
> >
> > Hash/CryptSha512.c
> >
> > + Hash/CryptParallelHashNull.c
> >
> > Hmac/CryptHmacSha256.c
> >
> > Kdf/CryptHkdf.c
> >
> > Cipher/CryptAes.c
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > index e6470d7a2127..8f39517f78b7 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > @@ -10,7 +10,7 @@
> > # RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman
> > functions, and
> >
> > # authenticode signature verification functions are not supported in this
> > instance.
> >
> > #
> >
> > -# Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> >
> > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > #
> >
> > ##
> >
> > @@ -38,6 +38,10 @@
> > Hash/CryptSha256.c
> >
> > Hash/CryptSm3.c
> >
> > Hash/CryptSha512.c
> >
> > + Hash/CryptSha3.c
> >
> > + Hash/CryptXkcp.c
> >
> > + Hash/CryptCShake256.c
> >
> > + Hash/CryptParallelHash.c
> >
> > Hmac/CryptHmacSha256.c
> >
> > Kdf/CryptHkdfNull.c
> >
> > Cipher/CryptAes.c
> >
> > @@ -85,6 +89,8 @@
> > OpensslLib
> >
> > IntrinsicLib
> >
> > PrintLib
> >
> > + MmServicesTableLib
> >
> > + SynchronizationLib
> >
> >
> >
> > #
> >
> > # Remove these [BuildOptions] after this library is cleaned up
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > index faf959827b90..63d1d82d1914 100644
> > --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > @@ -6,7 +6,7 @@
> > # This external input must be validated carefully to avoid security issues such
> as
> >
> > # buffer overflow or integer overflow.
> >
> > #
> >
> > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> >
> > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> > reserved.<BR>
> >
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > #
> >
> > @@ -34,6 +34,7 @@
> > Hash/CryptSha256Null.c
> >
> > Hash/CryptSha512Null.c
> >
> > Hash/CryptSm3Null.c
> >
> > + Hash/CryptParallelHashNull.c
> >
> > Hmac/CryptHmacSha256Null.c
> >
> > Kdf/CryptHkdfNull.c
> >
> > Cipher/CryptAesNull.c
> >
> > diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> > b/CryptoPkg/Library/Include/CrtLibSupport.h
> > index d257dca8fa9b..b76b140a7acf 100644
> > --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> > +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> > @@ -2,7 +2,7 @@
> > Root include file of C runtime library to support building the third-party
> >
> > cryptographic library.
> >
> >
> >
> > -Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> >
> > +Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> > reserved.<BR>
> >
> > SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> >
> >
> > @@ -111,6 +111,7 @@ typedef UINT8 u_char;
> > typedef UINT32 uid_t;
> >
> > typedef UINT32 gid_t;
> >
> > typedef CHAR16 wchar_t;
> >
> > +typedef UINT64 uint64_t;
> >
> >
> >
> > //
> >
> > // File operations are not required for EFI building,
> >
> > diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> > b/CryptoPkg/Private/Protocol/Crypto.h
> > index e378a8a8c60e..de45778c7d42 100644
> > --- a/CryptoPkg/Private/Protocol/Crypto.h
> > +++ b/CryptoPkg/Private/Protocol/Crypto.h
> > @@ -2,7 +2,7 @@
> > This Protocol provides Crypto services to DXE modules
> >
> >
> >
> > Copyright (C) Microsoft Corporation. All rights reserved.
> >
> > - Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
> >
> > + Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> >
> > SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> >
> >
> > **/
> >
> > @@ -21,7 +21,7 @@
> > /// the EDK II Crypto Protocol is extended, this version define must be
> >
> > /// increased.
> >
> > ///
> >
> > -#define EDKII_CRYPTO_VERSION 7
> >
> > +#define EDKII_CRYPTO_VERSION 8
> >
> >
> >
> > ///
> >
> > /// EDK II Crypto Protocol forward declaration
> >
> > @@ -3383,6 +3383,35 @@ EFI_STATUS
> > IN OUT UINTN *DataSize
> >
> > );
> >
> >
> >
> > +/**
> >
> > + Parallel hash function ParallelHash256, as defined in NIST's Special
> Publication
> > 800-185,
> >
> > + published December 2016.
> >
> > +
> >
> > + @param[in] Input Pointer to the input message (X).
> >
> > + @param[in] InputByteLen The number(>0) of input bytes provided for the
> > input data.
> >
> > + @param[in] BlockSize The size of each block (B).
> >
> > + @param[out] Output Pointer to the output buffer.
> >
> > + @param[in] OutputByteLen The desired number of output bytes (L).
> >
> > + @param[in] Customization Pointer to the customization string (S).
> >
> > + @param[in] CustomByteLen The length of the customization string in
> bytes.
> >
> > +
> >
> > + @retval TRUE ParallelHash256 digest computation succeeded.
> >
> > + @retval FALSE ParallelHash256 digest computation failed.
> >
> > + @retval FALSE This interface is not supported.
> >
> > +
> >
> > +**/
> >
> > +typedef
> >
> > +BOOLEAN
> >
> > +(EFIAPI *EDKII_CRYPTO_PARALLEL_HASH_ALL)(
> >
> > + IN CONST VOID *Input,
> >
> > + IN UINTN InputByteLen,
> >
> > + IN UINTN BlockSize,
> >
> > + OUT VOID *Output,
> >
> > + IN UINTN OutputByteLen,
> >
> > + IN CONST VOID *Customization,
> >
> > + IN UINTN CustomByteLen
> >
> > + );
> >
> > +
> >
> > /**
> >
> > Carries out the RSA-SSA signature generation with EMSA-PSS encoding
> scheme.
> >
> >
> >
> > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
> >
> > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
> >
> > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > TlsGetCertRevocationList;
> >
> > + /// Parallel hash
> >
> > + EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
> >
> > /// RSA PSS
> >
> > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> >
> > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> >
> > diff --git a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > index ff0af36bcc80..c50a9cc4dc9f 100644
> > --- a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > +++ b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > @@ -2,6 +2,7 @@
> > # CryptoPkg DSC file used to build host-based unit tests.
> >
> > #
> >
> > # Copyright (c) Microsoft Corporation.<BR>
> >
> > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > #
> >
> > ##
> >
> > @@ -21,6 +22,9 @@
> > [LibraryClasses]
> >
> > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> >
> > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
> >
> > +
> >
> MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib
> > .inf
> >
> > +
> >
> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizati
> > onLib.inf
> >
> > +
> >
> TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat
> > e.inf
> >
> >
> >
> > [LibraryClasses.AARCH64, LibraryClasses.ARM]
> >
> > RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> >
> > diff --git
> > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > index 00c869265080..399db596c2d1 100644
> > --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > +++
> b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > @@ -2,6 +2,7 @@
> > # Host-based UnitTest for BaseCryptLib
> >
> > #
> >
> > # Copyright (c) Microsoft Corporation.<BR>
> >
> > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> >
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > ##
> >
> >
> >
> > @@ -35,6 +36,7 @@
> > Pkcs7EkuTests.c
> >
> > OaepEncryptTests.c
> >
> > RsaPssTests.c
> >
> > + ParallelhashTests.c
> >
> >
> >
> > [Packages]
> >
> > MdePkg/MdePkg.dec
> >
> > @@ -45,3 +47,5 @@
> > DebugLib
> >
> > BaseCryptLib
> >
> > UnitTestLib
> >
> > + MmServicesTableLib
> >
> > + SynchronizationLib
> >
> > --
> > 2.26.2.windows.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib.
2022-03-17 16:27 ` Li, Zhihao
@ 2022-03-18 0:56 ` Yao, Jiewen
2022-03-18 1:52 ` Li, Zhihao
0 siblings, 1 reply; 7+ messages in thread
From: Yao, Jiewen @ 2022-03-18 0:56 UTC (permalink / raw)
To: Li, Zhihao, devel@edk2.groups.io
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Fu, Siyuan
What is root cause of failure?
I don't understand.
> -----Original Message-----
> From: Li, Zhihao <zhihao.li@intel.com>
> Sent: Friday, March 18, 2022 12:27 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>;
> Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> ParallelHash256HashAll in BaseCryptLib.
>
> Because it will cause patch to fail in CI test while to succeed if follow the setting.
> Failed test: https://github.com/tianocore/edk2/pull/2535
>
> I guess it's because data structure EDKII_CRYPTO_PROTOCOL( mEdkiiCrypto)
> doesn't have /// RSA PSS members in Crypto.c
>
> > -----Original Message-----
> > From: Yao, Jiewen <jiewen.yao@intel.com>
> > Sent: Thursday, March 17, 2022 10:13 PM
> > To: Li, Zhihao <zhihao.li@intel.com>; devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> <xiaoyu1.lu@intel.com>;
> > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > ParallelHash256HashAll in BaseCryptLib.
> >
> > Hey
> > Are you following the guideline - don't put new field in the middle ?
> >
> > ParallelHash256HashAll API is still in the middle......
> >
> >
> > > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
> > >
> > > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
> > >
> > > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > > TlsGetCertRevocationList;
> > >
> > > + /// Parallel hash
> > >
> > > + EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
> > >
> > > /// RSA PSS
> > >
> > > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> > >
> > > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> > >
> >
> >
> > > -----Original Message-----
> > > From: Li, Zhihao <zhihao.li@intel.com>
> > > Sent: Thursday, March 17, 2022 12:35 PM
> > > To: devel@edk2.groups.io
> > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> > <jian.j.wang@intel.com>;
> > > Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin
> > <guomin.jiang@intel.com>;
> > > Fu, Siyuan <siyuan.fu@intel.com>
> > > Subject: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > ParallelHash256HashAll in BaseCryptLib.
> > >
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3596
> > >
> > > Parallel hash function ParallelHash256HashAll, as defined in NIST's
> > > Special Publication 800-185, published December 2016. It utilizes
> > > multi-process to calculate the digest.
> > >
> > > Passed CI test.
> > > Onprotocol version code passed test.
> > >
> > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> > > Cc: Guomin Jiang <guomin.jiang@intel.com>
> > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > Cc: Zhihao Li <zhihao.li@intel.com>
> > >
> > > Signed-off-by: Zhihao Li <zhihao.li@intel.com>
> > > ---
> > > CryptoPkg/Driver/Crypto.c | 38 ++-
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c | 282
> > > ++++++++++++++++++++
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c | 278
> > > +++++++++++++++++++
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c | 40
> +++
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c | 166
> > > ++++++++++++
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c | 107
> > ++++++++
> > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c | 40
> > +++
> > > CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 34 ++-
> > > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c | 145
> > > ++++++++++
> > > CryptoPkg/CryptoPkg.ci.yaml | 4 +-
> > > CryptoPkg/Include/Library/BaseCryptLib.h | 31 ++-
> > > CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h | 8 +-
> > > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +-
> > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h | 201
> > > ++++++++++++++
> > > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 3 +-
> > > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 3 +-
> > > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 8 +-
> > > CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 3 +-
> > > CryptoPkg/Library/Include/CrtLibSupport.h | 3 +-
> > > CryptoPkg/Private/Protocol/Crypto.h | 35 ++-
> > > CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 4 +
> > > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf |
> 4
> > +
> > > 22 files changed, 1426 insertions(+), 14 deletions(-)
> > >
> > > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
> > > index d5d6aa8e5820..5a9245c07cc5 100644
> > > --- a/CryptoPkg/Driver/Crypto.c
> > > +++ b/CryptoPkg/Driver/Crypto.c
> > > @@ -3,7 +3,7 @@
> > > from BaseCryptLib and TlsLib.
> > >
> > >
> > >
> > > Copyright (C) Microsoft Corporation. All rights reserved.
> > >
> > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > >
> > >
> > > **/
> > >
> > > @@ -4470,6 +4470,38 @@ CryptoServiceTlsGetCertRevocationList (
> > > return CALL_BASECRYPTLIB (TlsGet.Services.CertRevocationList,
> > > TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED);
> > >
> > > }
> > >
> > >
> > >
> > > +/**
> > >
> > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > Publication
> > > 800-185,
> > >
> > > + published December 2016.
> > >
> > > +
> > >
> > > + @param[in] Input Pointer to the input message (X).
> > >
> > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> the
> > > input data.
> > >
> > > + @param[in] BlockSize The size of each block (B).
> > >
> > > + @param[out] Output Pointer to the output buffer.
> > >
> > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > >
> > > + @param[in] Customization Pointer to the customization string (S).
> > >
> > > + @param[in] CustomByteLen The length of the customization string in
> > bytes.
> > >
> > > +
> > >
> > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > >
> > > + @retval FALSE ParallelHash256 digest computation failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +CryptoServiceParallelHash256HashAll (
> > >
> > > + IN CONST VOID *Input,
> > >
> > > + IN UINTN InputByteLen,
> > >
> > > + IN UINTN BlockSize,
> > >
> > > + OUT VOID *Output,
> > >
> > > + IN UINTN OutputByteLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomByteLen
> > >
> > > + )
> > >
> > > +{
> > >
> > > + return CALL_BASECRYPTLIB (ParallelHash.Services.HashAll,
> > > ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output,
> > OutputByteLen,
> > > Customization, CustomByteLen), FALSE);
> > >
> > > +}
> > >
> > > +
> > >
> > > const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
> > >
> > > /// Version
> > >
> > > CryptoServiceGetCryptoVersion,
> > >
> > > @@ -4670,5 +4702,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =
> {
> > > CryptoServiceTlsGetCaCertificate,
> > >
> > > CryptoServiceTlsGetHostPublicCert,
> > >
> > > CryptoServiceTlsGetHostPrivateKey,
> > >
> > > - CryptoServiceTlsGetCertRevocationList
> > >
> > > + CryptoServiceTlsGetCertRevocationList,
> > >
> > > + /// Parallel hash
> > >
> > > + CryptoServiceParallelHash256HashAll
> > >
> > > };
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > new file mode 100644
> > > index 000000000000..2a9eaf9eec40
> > > --- /dev/null
> > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > @@ -0,0 +1,282 @@
> > > +/** @file
> > >
> > > + cSHAKE-256 Digest Wrapper Implementations.
> > >
> > > +
> > >
> > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > +
> > >
> > > +**/
> > >
> > > +
> > >
> > > +#include "CryptParallelHash.h"
> > >
> > > +
> > >
> > > +#define CSHAKE256_SECURITY_STRENGTH 256
> > >
> > > +#define CSHAKE256_RATE_IN_BYTES 136
> > >
> > > +
> > >
> > > +CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] = { 0 };
> > >
> > > +
> > >
> > > +/**
> > >
> > > + CShake256 initial function.
> > >
> > > +
> > >
> > > + Initializes user-supplied memory pointed by CShake256Context as cSHAKE-
> > 256
> > > hash context for
> > >
> > > + subsequent use.
> > >
> > > +
> > >
> > > + @param[out] CShake256Context Pointer to cSHAKE-256 context being
> > > initialized.
> > >
> > > + @param[in] OutputLen The desired number of output length in bytes.
> > >
> > > + @param[in] Name Pointer to the function name string.
> > >
> > > + @param[in] NameLen The length of the function name in bytes.
> > >
> > > + @param[in] Customization Pointer to the customization string.
> > >
> > > + @param[in] CustomizationLen The length of the customization string in
> > > bytes.
> > >
> > > +
> > >
> > > + @retval TRUE cSHAKE-256 context initialization succeeded.
> > >
> > > + @retval FALSE cSHAKE-256 context initialization failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +CShake256Init (
> > >
> > > + OUT VOID *CShake256Context,
> > >
> > > + IN UINTN OutputLen,
> > >
> > > + IN CONST VOID *Name,
> > >
> > > + IN UINTN NameLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomizationLen
> > >
> > > + )
> > >
> > > +{
> > >
> > > + BOOLEAN Status;
> > >
> > > + UINT8 EncBuf[sizeof (UINTN) + 1];
> > >
> > > + UINTN EncLen;
> > >
> > > + UINTN AbsorbLen;
> > >
> > > + UINTN PadLen;
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Check input parameters.
> > >
> > > + //
> > >
> > > + if ((CShake256Context == NULL) || (OutputLen == 0) || ((NameLen != 0)
> &&
> > > (Name == NULL)) || ((CustomizationLen != 0) && (Customization == NULL))) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Initialize KECCAK context with pad value and block size.
> > >
> > > + //
> > >
> > > + if ((NameLen == 0) && (CustomizationLen == 0)) {
> > >
> > > + //
> > >
> > > + // When N and S are both empty strings, cSHAKE(X, L, N, S) is equivalent
> to
> > >
> > > + // SHAKE as defined in FIPS 202.
> > >
> > > + //
> > >
> > > + Status = (BOOLEAN)KeccakInit (
> > >
> > > + (Keccak1600_Ctx *)CShake256Context,
> > >
> > > + '\x1f',
> > >
> > > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2)
> /
> > 8,
> > >
> > > + OutputLen
> > >
> > > + );
> > >
> > > +
> > >
> > > + return Status;
> > >
> > > + } else {
> > >
> > > + Status = (BOOLEAN)KeccakInit (
> > >
> > > + (Keccak1600_Ctx *)CShake256Context,
> > >
> > > + '\x04',
> > >
> > > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * 2)
> /
> > 8,
> > >
> > > + OutputLen
> > >
> > > + );
> > >
> > > + if (!Status) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + AbsorbLen = 0;
> > >
> > > + //
> > >
> > > + // Absorb Absorb bytepad(.., rate).
> > >
> > > + //
> > >
> > > + EncLen = LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES);
> > >
> > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > EncBuf, EncLen);
> > >
> > > + if (!Status) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + AbsorbLen += EncLen;
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Absorb encode_string(N).
> > >
> > > + //
> > >
> > > + EncLen = LeftEncode (EncBuf, NameLen * 8);
> > >
> > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > EncBuf, EncLen);
> > >
> > > + if (!Status) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + AbsorbLen += EncLen;
> > >
> > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> *)CShake256Context,
> > > Name, NameLen);
> > >
> > > + if (!Status) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + AbsorbLen += NameLen;
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Absorb encode_string(S).
> > >
> > > + //
> > >
> > > + EncLen = LeftEncode (EncBuf, CustomizationLen * 8);
> > >
> > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > EncBuf, EncLen);
> > >
> > > + if (!Status) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + AbsorbLen += EncLen;
> > >
> > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> *)CShake256Context,
> > > Customization, CustomizationLen);
> > >
> > > + if (!Status) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + AbsorbLen += CustomizationLen;
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Absorb zero padding up to rate.
> > >
> > > + //
> > >
> > > + PadLen = CSHAKE256_RATE_IN_BYTES - AbsorbLen %
> > > CSHAKE256_RATE_IN_BYTES;
> > >
> > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > mZeroPadding, PadLen);
> > >
> > > + if (!Status) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + return TRUE;
> > >
> > > + }
> > >
> > > +}
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Digests the input data and updates cSHAKE-256 context.
> > >
> > > +
> > >
> > > + This function performs cSHAKE-256 digest on a data buffer of the specified
> > > size.
> > >
> > > + It can be called multiple times to compute the digest of long or
> > discontinuous
> > > data streams.
> > >
> > > + cSHAKE-256 context should be already correctly initialized by
> > CShake256Init(),
> > > and should not be finalized
> > >
> > > + by CShake256Final(). Behavior with invalid context is undefined.
> > >
> > > +
> > >
> > > + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.
> > >
> > > + @param[in] Data Pointer to the buffer containing the data to
> be
> > > hashed.
> > >
> > > + @param[in] DataSize Size of Data buffer in bytes.
> > >
> > > +
> > >
> > > + @retval TRUE cSHAKE-256 data digest succeeded.
> > >
> > > + @retval FALSE cSHAKE-256 data digest failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +CShake256Update (
> > >
> > > + IN OUT VOID *CShake256Context,
> > >
> > > + IN CONST VOID *Data,
> > >
> > > + IN UINTN DataSize
> > >
> > > + )
> > >
> > > +{
> > >
> > > + //
> > >
> > > + // Check input parameters.
> > >
> > > + //
> > >
> > > + if (CShake256Context == NULL) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Check invalid parameters, in case that only DataLength was checked in
> > > OpenSSL.
> > >
> > > + //
> > >
> > > + if ((Data == NULL) && (DataSize != 0)) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > Data,
> > > DataSize));
> > >
> > > +}
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Completes computation of the cSHAKE-256 digest value.
> > >
> > > +
> > >
> > > + This function completes cSHAKE-256 hash computation and retrieves the
> > > digest value into
> > >
> > > + the specified memory. After this function has been called, the cSHAKE-256
> > > context cannot
> > >
> > > + be used again.
> > >
> > > + cSHAKE-256 context should be already correctly initialized by
> > CShake256Init(),
> > > and should not be
> > >
> > > + finalized by CShake256Final(). Behavior with invalid cSHAKE-256 context is
> > > undefined.
> > >
> > > +
> > >
> > > + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.
> > >
> > > + @param[out] HashValue Pointer to a buffer that receives the
> > cSHAKE-
> > > 256 digest
> > >
> > > + value.
> > >
> > > +
> > >
> > > + @retval TRUE cSHAKE-256 digest computation succeeded.
> > >
> > > + @retval FALSE cSHAKE-256 digest computation failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +CShake256Final (
> > >
> > > + IN OUT VOID *CShake256Context,
> > >
> > > + OUT UINT8 *HashValue
> > >
> > > + )
> > >
> > > +{
> > >
> > > + //
> > >
> > > + // Check input parameters.
> > >
> > > + //
> > >
> > > + if ((CShake256Context == NULL) || (HashValue == NULL)) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + //
> > >
> > > + // cSHAKE-256 Hash Finalization.
> > >
> > > + //
> > >
> > > + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context,
> > > HashValue));
> > >
> > > +}
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Computes the CSHAKE-256 message digest of a input data buffer.
> > >
> > > +
> > >
> > > + This function performs the CSHAKE-256 message digest of a given data
> > buffer,
> > > and places
> > >
> > > + the digest value into the specified memory.
> > >
> > > +
> > >
> > > + @param[in] Data Pointer to the buffer containing the data to be
> > > hashed.
> > >
> > > + @param[in] DataSize Size of Data buffer in bytes.
> > >
> > > + @param[in] OutputLen Size of output in bytes.
> > >
> > > + @param[in] Name Pointer to the function name string.
> > >
> > > + @param[in] NameLen Size of the function name in bytes.
> > >
> > > + @param[in] Customization Pointer to the customization string.
> > >
> > > + @param[in] CustomizationLen Size of the customization string in bytes.
> > >
> > > + @param[out] HashValue Pointer to a buffer that receives the
> CSHAKE-
> > > 256 digest
> > >
> > > + value.
> > >
> > > +
> > >
> > > + @retval TRUE CSHAKE-256 digest computation succeeded.
> > >
> > > + @retval FALSE CSHAKE-256 digest computation failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +CShake256HashAll (
> > >
> > > + IN CONST VOID *Data,
> > >
> > > + IN UINTN DataSize,
> > >
> > > + IN UINTN OutputLen,
> > >
> > > + IN CONST VOID *Name,
> > >
> > > + IN UINTN NameLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomizationLen,
> > >
> > > + OUT UINT8 *HashValue
> > >
> > > + )
> > >
> > > +{
> > >
> > > + BOOLEAN Status;
> > >
> > > + Keccak1600_Ctx Ctx;
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Check input parameters.
> > >
> > > + //
> > >
> > > + if (HashValue == NULL) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + if ((Data == NULL) && (DataSize != 0)) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + Status = CShake256Init (&Ctx, OutputLen, Name, NameLen, Customization,
> > > CustomizationLen);
> > >
> > > + if (!Status) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + Status = CShake256Update (&Ctx, Data, DataSize);
> > >
> > > + if (!Status) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + return CShake256Final (&Ctx, HashValue);
> > >
> > > +}
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > new file mode 100644
> > > index 000000000000..f7ce9dbf523e
> > > --- /dev/null
> > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > @@ -0,0 +1,278 @@
> > > +/** @file
> > >
> > > + ParallelHash Implementation.
> > >
> > > +
> > >
> > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > +
> > >
> > > +**/
> > >
> > > +
> > >
> > > +#include "CryptParallelHash.h"
> > >
> > > +#include <Library/MmServicesTableLib.h>
> > >
> > > +#include <Library/SynchronizationLib.h>
> > >
> > > +
> > >
> > > +#define PARALLELHASH_CUSTOMIZATION "ParallelHash"
> > >
> > > +
> > >
> > > +UINTN mBlockNum;
> > >
> > > +UINTN mBlockSize;
> > >
> > > +UINTN mLastBlockSize;
> > >
> > > +UINT8 *mInput;
> > >
> > > +UINTN mBlockResultSize;
> > >
> > > +UINT8 *mBlockHashResult;
> > >
> > > +BOOLEAN *mBlockIsCompleted;
> > >
> > > +SPIN_LOCK *mSpinLockList;
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Complete computation of digest of each block.
> > >
> > > +
> > >
> > > + Each AP perform the function called by BSP.
> > >
> > > +
> > >
> > > + @param[in] ProcedureArgument Argument of the procedure.
> > >
> > > +**/
> > >
> > > +VOID
> > >
> > > +EFIAPI
> > >
> > > +ParallelHashApExecute (
> > >
> > > + IN VOID *ProcedureArgument
> > >
> > > + )
> > >
> > > +{
> > >
> > > + UINTN Index;
> > >
> > > + BOOLEAN Status;
> > >
> > > +
> > >
> > > + for (Index = 0; Index < mBlockNum; Index++) {
> > >
> > > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> > >
> > > + //
> > >
> > > + // Completed, try next one.
> > >
> > > + //
> > >
> > > + if (mBlockIsCompleted[Index]) {
> > >
> > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > >
> > > + continue;
> > >
> > > + }
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Calculate CShake256 for this block.
> > >
> > > + //
> > >
> > > + Status = CShake256HashAll (
> > >
> > > + mInput + Index * mBlockSize,
> > >
> > > + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
> > >
> > > + mBlockResultSize,
> > >
> > > + NULL,
> > >
> > > + 0,
> > >
> > > + NULL,
> > >
> > > + 0,
> > >
> > > + mBlockHashResult + Index * mBlockResultSize
> > >
> > > + );
> > >
> > > + if (!EFI_ERROR (Status)) {
> > >
> > > + mBlockIsCompleted[Index] = TRUE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > >
> > > + }
> > >
> > > + }
> > >
> > > +}
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Dispatch the block task to each AP in SMM mode.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +VOID
> > >
> > > +EFIAPI
> > >
> > > +MmDispatchBlockToAP (
> > >
> > > + VOID
> > >
> > > + )
> > >
> > > +{
> > >
> > > + UINTN Index;
> > >
> > > +
> > >
> > > + for (Index = 0; Index < gMmst->NumberOfCpus; Index++) {
> > >
> > > + if (Index != gMmst->CurrentlyExecutingCpu) {
> > >
> > > + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL);
> > >
> > > + }
> > >
> > > + }
> > >
> > > +
> > >
> > > + return;
> > >
> > > +}
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > Publication
> > > 800-185,
> > >
> > > + published December 2016.
> > >
> > > +
> > >
> > > + @param[in] Input Pointer to the input message (X).
> > >
> > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> the
> > > input data.
> > >
> > > + @param[in] BlockSize The size of each block (B).
> > >
> > > + @param[out] Output Pointer to the output buffer.
> > >
> > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > >
> > > + @param[in] Customization Pointer to the customization string (S).
> > >
> > > + @param[in] CustomByteLen The length of the customization string in
> > bytes.
> > >
> > > +
> > >
> > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > >
> > > + @retval FALSE ParallelHash256 digest computation failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +ParallelHash256HashAll (
> > >
> > > + IN CONST VOID *Input,
> > >
> > > + IN UINTN InputByteLen,
> > >
> > > + IN UINTN BlockSize,
> > >
> > > + OUT VOID *Output,
> > >
> > > + IN UINTN OutputByteLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomByteLen
> > >
> > > + )
> > >
> > > +{
> > >
> > > + UINT8 EncBufB[sizeof (UINTN)+1];
> > >
> > > + UINTN EncSizeB;
> > >
> > > + UINT8 EncBufN[sizeof (UINTN)+1];
> > >
> > > + UINTN EncSizeN;
> > >
> > > + UINT8 EncBufL[sizeof (UINTN)+1];
> > >
> > > + UINTN EncSizeL;
> > >
> > > + UINTN Index;
> > >
> > > + UINT8 *CombinedInput;
> > >
> > > + UINTN CombinedInputSize;
> > >
> > > + BOOLEAN AllCompleted;
> > >
> > > + UINTN Offset;
> > >
> > > + BOOLEAN ReturnValue;
> > >
> > > +
> > >
> > > + if ((InputByteLen == 0) || (OutputByteLen == 0) || (BlockSize == 0)) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + if ((Input == NULL) || (Output == NULL)) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + if ((CustomByteLen != 0) && (Customization == NULL)) {
> > >
> > > + return FALSE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + mBlockSize = BlockSize;
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Calculate block number n.
> > >
> > > + //
> > >
> > > + mBlockNum = InputByteLen % mBlockSize == 0 ? InputByteLen /
> mBlockSize :
> > > InputByteLen / mBlockSize + 1;
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Set hash result size of each block in bytes.
> > >
> > > + //
> > >
> > > + mBlockResultSize = OutputByteLen;
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Encode B, n, L to string and record size.
> > >
> > > + //
> > >
> > > + EncSizeB = LeftEncode (EncBufB, mBlockSize);
> > >
> > > + EncSizeN = RightEncode (EncBufN, mBlockNum);
> > >
> > > + EncSizeL = RightEncode (EncBufL, OutputByteLen * CHAR_BIT);
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Allocate buffer for combined input (newX), Block completed flag and
> > > SpinLock.
> > >
> > > + //
> > >
> > > + CombinedInputSize = EncSizeB + EncSizeN + EncSizeL + mBlockNum *
> > > mBlockResultSize;
> > >
> > > + CombinedInput = AllocateZeroPool (CombinedInputSize);
> > >
> > > + mBlockIsCompleted = AllocateZeroPool (mBlockNum * sizeof (BOOLEAN));
> > >
> > > + mSpinLockList = AllocatePool (mBlockNum * sizeof (SPIN_LOCK));
> > >
> > > + if ((CombinedInput == NULL) || (mBlockIsCompleted == NULL) ||
> > > (mSpinLockList == NULL)) {
> > >
> > > + ReturnValue = FALSE;
> > >
> > > + goto Exit;
> > >
> > > + }
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Fill LeftEncode(B).
> > >
> > > + //
> > >
> > > + CopyMem (CombinedInput, EncBufB, EncSizeB);
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Prepare for parallel hash.
> > >
> > > + //
> > >
> > > + mBlockHashResult = CombinedInput + EncSizeB;
> > >
> > > + mInput = (UINT8 *)Input;
> > >
> > > + mLastBlockSize = InputByteLen % mBlockSize == 0 ? mBlockSize :
> > > InputByteLen % mBlockSize;
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Initialize SpinLock for each result block.
> > >
> > > + //
> > >
> > > + for (Index = 0; Index < mBlockNum; Index++) {
> > >
> > > + InitializeSpinLock (&mSpinLockList[Index]);
> > >
> > > + }
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Dispatch blocklist to each AP.
> > >
> > > + //
> > >
> > > + if (gMmst != NULL) {
> > >
> > > + MmDispatchBlockToAP ();
> > >
> > > + }
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Wait until all block hash completed.
> > >
> > > + //
> > >
> > > + do {
> > >
> > > + AllCompleted = TRUE;
> > >
> > > + for (Index = 0; Index < mBlockNum; Index++) {
> > >
> > > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> > >
> > > + if (!mBlockIsCompleted[Index]) {
> > >
> > > + AllCompleted = FALSE;
> > >
> > > + ReturnValue = CShake256HashAll (
> > >
> > > + mInput + Index * mBlockSize,
> > >
> > > + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
> > >
> > > + mBlockResultSize,
> > >
> > > + NULL,
> > >
> > > + 0,
> > >
> > > + NULL,
> > >
> > > + 0,
> > >
> > > + mBlockHashResult + Index * mBlockResultSize
> > >
> > > + );
> > >
> > > + if (ReturnValue) {
> > >
> > > + mBlockIsCompleted[Index] = TRUE;
> > >
> > > + }
> > >
> > > +
> > >
> > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > >
> > > + break;
> > >
> > > + }
> > >
> > > +
> > >
> > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > >
> > > + } else {
> > >
> > > + AllCompleted = FALSE;
> > >
> > > + break;
> > >
> > > + }
> > >
> > > + }
> > >
> > > + } while (!AllCompleted);
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Fill LeftEncode(n).
> > >
> > > + //
> > >
> > > + Offset = EncSizeB + mBlockNum * mBlockResultSize;
> > >
> > > + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN);
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Fill LeftEncode(L).
> > >
> > > + //
> > >
> > > + Offset += EncSizeN;
> > >
> > > + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL);
> > >
> > > +
> > >
> > > + ReturnValue = CShake256HashAll (
> > >
> > > + CombinedInput,
> > >
> > > + CombinedInputSize,
> > >
> > > + OutputByteLen,
> > >
> > > + PARALLELHASH_CUSTOMIZATION,
> > >
> > > + AsciiStrLen (PARALLELHASH_CUSTOMIZATION),
> > >
> > > + Customization,
> > >
> > > + CustomByteLen,
> > >
> > > + Output
> > >
> > > + );
> > >
> > > +
> > >
> > > +Exit:
> > >
> > > + ZeroMem (CombinedInput, CombinedInputSize);
> > >
> > > +
> > >
> > > + if (CombinedInput != NULL) {
> > >
> > > + FreePool (CombinedInput);
> > >
> > > + }
> > >
> > > +
> > >
> > > + if (mSpinLockList != NULL) {
> > >
> > > + FreePool ((VOID *)mSpinLockList);
> > >
> > > + }
> > >
> > > +
> > >
> > > + if (mBlockIsCompleted != NULL) {
> > >
> > > + FreePool (mBlockIsCompleted);
> > >
> > > + }
> > >
> > > +
> > >
> > > + return ReturnValue;
> > >
> > > +}
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > new file mode 100644
> > > index 000000000000..2bf89594def5
> > > --- /dev/null
> > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > @@ -0,0 +1,40 @@
> > > +/** @file
> > >
> > > + ParallelHash Implementation which does not provide real capabilities.
> > >
> > > +
> > >
> > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > +
> > >
> > > +**/
> > >
> > > +
> > >
> > > +#include "InternalCryptLib.h"
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > Publication
> > > 800-185,
> > >
> > > + published December 2016.
> > >
> > > +
> > >
> > > + @param[in] Input Pointer to the input message (X).
> > >
> > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> the
> > > input data.
> > >
> > > + @param[in] BlockSize The size of each block (B).
> > >
> > > + @param[out] Output Pointer to the output buffer.
> > >
> > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > >
> > > + @param[in] Customization Pointer to the customization string (S).
> > >
> > > + @param[in] CustomByteLen The length of the customization string in
> > bytes.
> > >
> > > +
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +ParallelHash256HashAll (
> > >
> > > + IN CONST VOID *Input,
> > >
> > > + IN UINTN InputByteLen,
> > >
> > > + IN UINTN BlockSize,
> > >
> > > + OUT VOID *Output,
> > >
> > > + IN UINTN OutputByteLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomByteLen
> > >
> > > + )
> > >
> > > +{
> > >
> > > + ASSERT (FALSE);
> > >
> > > + return FALSE;
> > >
> > > +}
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > new file mode 100644
> > > index 000000000000..6abafc3c00e6
> > > --- /dev/null
> > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > @@ -0,0 +1,166 @@
> > > +/** @file
> > >
> > > + SHA3 realted functions from OpenSSL.
> > >
> > > +
> > >
> > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > +
> > >
> > > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> > >
> > > +Licensed under the OpenSSL license (the "License"). You may not use
> > >
> > > +this file except in compliance with the License. You can obtain a copy
> > >
> > > +in the file LICENSE in the source distribution or at
> > >
> > > +https://www.openssl.org/source/license.html
> > >
> > > +**/
> > >
> > > +
> > >
> > > +#include "CryptParallelHash.h"
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Keccak initial fuction.
> > >
> > > +
> > >
> > > + Set up state with specified capacity.
> > >
> > > +
> > >
> > > + @param[out] Context Pointer to the context being initialized.
> > >
> > > + @param[in] Pad Delimited Suffix.
> > >
> > > + @param[in] BlockSize Size of context block.
> > >
> > > + @param[in] MessageDigestLen Size of message digest in bytes.
> > >
> > > +
> > >
> > > + @retval 1 Initialize successfully.
> > >
> > > + @retval 0 Fail to initialize.
> > >
> > > +**/
> > >
> > > +UINT8
> > >
> > > +EFIAPI
> > >
> > > +KeccakInit (
> > >
> > > + OUT Keccak1600_Ctx *Context,
> > >
> > > + IN UINT8 Pad,
> > >
> > > + IN UINTN BlockSize,
> > >
> > > + IN UINTN MessageDigestLen
> > >
> > > + )
> > >
> > > +{
> > >
> > > + if (BlockSize <= sizeof (Context->buf)) {
> > >
> > > + memset (Context->A, 0, sizeof (Context->A));
> > >
> > > +
> > >
> > > + Context->num = 0;
> > >
> > > + Context->block_size = BlockSize;
> > >
> > > + Context->md_size = MessageDigestLen;
> > >
> > > + Context->pad = Pad;
> > >
> > > +
> > >
> > > + return 1;
> > >
> > > + }
> > >
> > > +
> > >
> > > + return 0;
> > >
> > > +}
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Sha3 update fuction.
> > >
> > > +
> > >
> > > + This function performs Sha3 digest on a data buffer of the specified size.
> > >
> > > + It can be called multiple times to compute the digest of long or
> > discontinuous
> > > data streams.
> > >
> > > +
> > >
> > > + @param[in,out] Context Pointer to the Keccak context.
> > >
> > > + @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > >
> > > + @param[in] DataSize Size of Data buffer in bytes.
> > >
> > > +
> > >
> > > + @retval 1 Update successfully.
> > >
> > > +**/
> > >
> > > +UINT8
> > >
> > > +EFIAPI
> > >
> > > +Sha3Update (
> > >
> > > + IN OUT Keccak1600_Ctx *Context,
> > >
> > > + IN const VOID *Data,
> > >
> > > + IN UINTN DataSize
> > >
> > > + )
> > >
> > > +{
> > >
> > > + const UINT8 *DataCopy;
> > >
> > > + UINTN BlockSize;
> > >
> > > + UINTN Num;
> > >
> > > + UINTN Rem;
> > >
> > > +
> > >
> > > + DataCopy = Data;
> > >
> > > + BlockSize = (UINT8)(Context->block_size);
> > >
> > > +
> > >
> > > + if (DataSize == 0) {
> > >
> > > + return 1;
> > >
> > > + }
> > >
> > > +
> > >
> > > + if ((Num = Context->num) != 0) {
> > >
> > > + //
> > >
> > > + // process intermediate buffer
> > >
> > > + //
> > >
> > > + Rem = BlockSize - Num;
> > >
> > > +
> > >
> > > + if (DataSize < Rem) {
> > >
> > > + memcpy (Context->buf + Num, DataCopy, DataSize);
> > >
> > > + Context->num += DataSize;
> > >
> > > + return 1;
> > >
> > > + }
> > >
> > > +
> > >
> > > + //
> > >
> > > + // We have enough data to fill or overflow the intermediate
> > >
> > > + // buffer. So we append |Rem| bytes and process the block,
> > >
> > > + // leaving the rest for later processing.
> > >
> > > + //
> > >
> > > + memcpy (Context->buf + Num, DataCopy, Rem);
> > >
> > > + DataCopy += Rem;
> > >
> > > + DataSize -= Rem;
> > >
> > > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> > >
> > > + Context->num = 0;
> > >
> > > + // Context->buf is processed, Context->num is guaranteed to be zero.
> > >
> > > + }
> > >
> > > +
> > >
> > > + if (DataSize >= BlockSize) {
> > >
> > > + Rem = SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize);
> > >
> > > + } else {
> > >
> > > + Rem = DataSize;
> > >
> > > + }
> > >
> > > +
> > >
> > > + if (Rem > 0) {
> > >
> > > + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem);
> > >
> > > + Context->num = Rem;
> > >
> > > + }
> > >
> > > +
> > >
> > > + return 1;
> > >
> > > +}
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Completes computation of Sha3 message digest.
> > >
> > > +
> > >
> > > + This function completes sha3 hash computation and retrieves the digest
> > value
> > > into
> > >
> > > + the specified memory. After this function has been called, the keccak
> > context
> > > cannot
> > >
> > > + be used again.
> > >
> > > +
> > >
> > > + @param[in, out] Context Pointer to the keccak context.
> > >
> > > + @param[out] MessageDigest Pointer to a buffer that receives the
> > > message digest.
> > >
> > > +
> > >
> > > + @retval 1 Meaasge digest computation succeeded.
> > >
> > > +**/
> > >
> > > +UINT8
> > >
> > > +EFIAPI
> > >
> > > +Sha3Final (
> > >
> > > + IN OUT Keccak1600_Ctx *Context,
> > >
> > > + OUT UINT8 *MessageDigest
> > >
> > > + )
> > >
> > > +{
> > >
> > > + UINTN BlockSize;
> > >
> > > + UINTN Num;
> > >
> > > +
> > >
> > > + BlockSize = Context->block_size;
> > >
> > > + Num = Context->num;
> > >
> > > +
> > >
> > > + if (Context->md_size == 0) {
> > >
> > > + return 1;
> > >
> > > + }
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1|
> > >
> > > + // in which case both byte operations below are performed on
> > >
> > > + // same byte.
> > >
> > > + //
> > >
> > > + memset (Context->buf + Num, 0, BlockSize - Num);
> > >
> > > + Context->buf[Num] = Context->pad;
> > >
> > > + Context->buf[BlockSize - 1] |= 0x80;
> > >
> > > +
> > >
> > > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> > >
> > > +
> > >
> > > + SHA3_squeeze (Context->A, MessageDigest, Context->md_size, BlockSize);
> > >
> > > +
> > >
> > > + return 1;
> > >
> > > +}
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > new file mode 100644
> > > index 000000000000..12c46cfbcd59
> > > --- /dev/null
> > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > @@ -0,0 +1,107 @@
> > > +/** @file
> > >
> > > + Encode realted functions from Xkcp.
> > >
> > > +
> > >
> > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > +
> > >
> > > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> > >
> > > +https://github.com/XKCP/XKCP
> > >
> > > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and
> Gilles
> > > Van Assche.
> > >
> > > +Implementation by the designers, hereby denoted as "the implementer".
> > >
> > > +For more information, feedback or questions, please refer to the Keccak
> > Team
> > > website:
> > >
> > > +https://keccak.team/
> > >
> > > +To the extent possible under law, the implementer has waived all copyright
> > >
> > > +and related or neighboring rights to the source code in this file.
> > >
> > > +http://creativecommons.org/publicdomain/zero/1.0/
> > >
> > > +
> > >
> > > +**/
> > >
> > > +
> > >
> > > +#include "CryptParallelHash.h"
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Encode function from XKCP.
> > >
> > > +
> > >
> > > + Encodes the input as a byte string in a way that can be unambiguously
> > parsed
> > >
> > > + from the beginning of the string by inserting the length of the byte string
> > >
> > > + before the byte string representation of input.
> > >
> > > +
> > >
> > > + @param[out] EncBuf Result of left encode.
> > >
> > > + @param[in] Value Input of left encode.
> > >
> > > +
> > >
> > > + @retval EncLen Size of encode result in bytes.
> > >
> > > +**/
> > >
> > > +UINTN
> > >
> > > +EFIAPI
> > >
> > > +LeftEncode (
> > >
> > > + OUT UINT8 *EncBuf,
> > >
> > > + IN UINTN Value
> > >
> > > + )
> > >
> > > +{
> > >
> > > + UINT32 BlockNum;
> > >
> > > + UINT32 EncLen;
> > >
> > > + UINT32 Index;
> > >
> > > + UINTN ValueCopy;
> > >
> > > +
> > >
> > > + for ( ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum < sizeof
> > > (UINTN)); ++BlockNum, ValueCopy >>= 8 ) {
> > >
> > > + //
> > >
> > > + // Empty
> > >
> > > + //
> > >
> > > + }
> > >
> > > +
> > >
> > > + if (BlockNum == 0) {
> > >
> > > + BlockNum = 1;
> > >
> > > + }
> > >
> > > +
> > >
> > > + for (Index = 1; Index <= BlockNum; ++Index) {
> > >
> > > + EncBuf[Index] = (UINT8)(Value >> (8 * (BlockNum - Index)));
> > >
> > > + }
> > >
> > > +
> > >
> > > + EncBuf[0] = (UINT8)BlockNum;
> > >
> > > + EncLen = BlockNum + 1;
> > >
> > > +
> > >
> > > + return EncLen;
> > >
> > > +}
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Encode function from XKCP.
> > >
> > > +
> > >
> > > + Encodes the input as a byte string in a way that can be unambiguously
> > parsed
> > >
> > > + from the end of the string by inserting the length of the byte string after
> > >
> > > + the byte string representation of input.
> > >
> > > +
> > >
> > > + @param[out] EncBuf Result of right encode.
> > >
> > > + @param[in] Value Input of right encode.
> > >
> > > +
> > >
> > > + @retval EncLen Size of encode result in bytes.
> > >
> > > +**/
> > >
> > > +UINTN
> > >
> > > +EFIAPI
> > >
> > > +RightEncode (
> > >
> > > + OUT UINT8 *EncBuf,
> > >
> > > + IN UINTN Value
> > >
> > > + )
> > >
> > > +{
> > >
> > > + UINT32 BlockNum;
> > >
> > > + UINT32 EncLen;
> > >
> > > + UINT32 Index;
> > >
> > > + UINTN ValueCopy;
> > >
> > > +
> > >
> > > + for (ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum < sizeof
> > > (UINTN)); ++BlockNum, ValueCopy >>= 8) {
> > >
> > > + //
> > >
> > > + // Empty
> > >
> > > + //
> > >
> > > + }
> > >
> > > +
> > >
> > > + if (BlockNum == 0) {
> > >
> > > + BlockNum = 1;
> > >
> > > + }
> > >
> > > +
> > >
> > > + for (Index = 1; Index <= BlockNum; ++Index) {
> > >
> > > + EncBuf[Index-1] = (UINT8)(Value >> (8 * (BlockNum-Index)));
> > >
> > > + }
> > >
> > > +
> > >
> > > + EncBuf[BlockNum] = (UINT8)BlockNum;
> > >
> > > + EncLen = BlockNum + 1;
> > >
> > > +
> > >
> > > + return EncLen;
> > >
> > > +}
> > >
> > > diff --git
> a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > new file mode 100644
> > > index 000000000000..2bf89594def5
> > > --- /dev/null
> > > +++ b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > @@ -0,0 +1,40 @@
> > > +/** @file
> > >
> > > + ParallelHash Implementation which does not provide real capabilities.
> > >
> > > +
> > >
> > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > +
> > >
> > > +**/
> > >
> > > +
> > >
> > > +#include "InternalCryptLib.h"
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > Publication
> > > 800-185,
> > >
> > > + published December 2016.
> > >
> > > +
> > >
> > > + @param[in] Input Pointer to the input message (X).
> > >
> > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> the
> > > input data.
> > >
> > > + @param[in] BlockSize The size of each block (B).
> > >
> > > + @param[out] Output Pointer to the output buffer.
> > >
> > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > >
> > > + @param[in] Customization Pointer to the customization string (S).
> > >
> > > + @param[in] CustomByteLen The length of the customization string in
> > bytes.
> > >
> > > +
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +ParallelHash256HashAll (
> > >
> > > + IN CONST VOID *Input,
> > >
> > > + IN UINTN InputByteLen,
> > >
> > > + IN UINTN BlockSize,
> > >
> > > + OUT VOID *Output,
> > >
> > > + IN UINTN OutputByteLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomByteLen
> > >
> > > + )
> > >
> > > +{
> > >
> > > + ASSERT (FALSE);
> > >
> > > + return FALSE;
> > >
> > > +}
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > index c8df259ea963..8ee1b53cf957 100644
> > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > @@ -3,7 +3,7 @@
> > > Protocol/PPI.
> > >
> > >
> > >
> > > Copyright (C) Microsoft Corporation. All rights reserved.
> > >
> > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > >
> > >
> > > **/
> > >
> > > @@ -870,6 +870,38 @@ Sha512HashAll (
> > > CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue),
> FALSE);
> > >
> > > }
> > >
> > >
> > >
> > > +/**
> > >
> > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > Publication
> > > 800-185,
> > >
> > > + published December 2016.
> > >
> > > +
> > >
> > > + @param[in] Input Pointer to the input message (X).
> > >
> > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> the
> > > input data.
> > >
> > > + @param[in] BlockSize The size of each block (B).
> > >
> > > + @param[out] Output Pointer to the output buffer.
> > >
> > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > >
> > > + @param[in] Customization Pointer to the customization string (S).
> > >
> > > + @param[in] CustomByteLen The length of the customization string in
> > bytes.
> > >
> > > +
> > >
> > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > >
> > > + @retval FALSE ParallelHash256 digest computation failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +ParallelHash256HashAll (
> > >
> > > + IN CONST VOID *Input,
> > >
> > > + IN UINTN InputByteLen,
> > >
> > > + IN UINTN BlockSize,
> > >
> > > + OUT VOID *Output,
> > >
> > > + IN UINTN OutputByteLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomByteLen
> > >
> > > + )
> > >
> > > +{
> > >
> > > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen,
> > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE);
> > >
> > > +}
> > >
> > > +
> > >
> > > /**
> > >
> > > Retrieves the size, in bytes, of the context buffer required for SM3 hash
> > > operations.
> > >
> > >
> > >
> > > diff --git
> a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > new file mode 100644
> > > index 000000000000..fb57e91a9f16
> > > --- /dev/null
> > > +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > @@ -0,0 +1,145 @@
> > > +/** @file
> > >
> > > + Application for Parallelhash Function Validation.
> > >
> > > +
> > >
> > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > +
> > >
> > > +**/
> > >
> > > +
> > >
> > > +#include "TestBaseCryptLib.h"
> > >
> > > +
> > >
> > > +//
> > >
> > > +// Parallelhash Test Sample common parameters.
> > >
> > > +//
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN OutputByteLen = 64;
> > >
> > > +
> > >
> > > +//
> > >
> > > +// Parallelhash Test Sample #1 from NIST Special Publication 800-185.
> > >
> > > +//
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample1[] = {
> > >
> > > + // input data of sample1.
> > >
> > > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x10, 0x11, 0x12, 0x13,
> > 0x14,
> > > 0x15, 0x16, 0x17,
> > >
> > > + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
> > >
> > > +};
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample1ByteLen =
> > 24;
> > > // Length of sample1 input data in bytes.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > *CustomizationSample1
> > > = ""; // Customization string (S) of sample1.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample1ByteLen
> =
> > 0;
> > > // Customization string length of sample1 in bytes.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample1 = 8;
> > > // Block size of sample1.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > ExpectOutputSample1[]
> > > = {
> > >
> > > + // Expected output data of sample1.
> > >
> > > + 0xbc, 0x1e, 0xf1, 0x24, 0xda, 0x34, 0x49, 0x5e, 0x94, 0x8e, 0xad, 0x20,
> > 0x7d,
> > > 0xd9, 0x84, 0x22,
> > >
> > > + 0x35, 0xda, 0x43, 0x2d, 0x2b, 0xbc, 0x54, 0xb4, 0xc1, 0x10, 0xe6, 0x4c,
> > 0x45,
> > > 0x11, 0x05, 0x53,
> > >
> > > + 0x1b, 0x7f, 0x2a, 0x3e, 0x0c, 0xe0, 0x55, 0xc0, 0x28, 0x05, 0xe7, 0xc2,
> 0xde,
> > > 0x1f, 0xb7, 0x46,
> > >
> > > + 0xaf, 0x97, 0xa1, 0xd0, 0x01, 0xf4, 0x3b, 0x82, 0x4e, 0x31, 0xb8, 0x76,
> 0x12,
> > > 0x41, 0x04, 0x29
> > >
> > > +};
> > >
> > > +
> > >
> > > +//
> > >
> > > +// Parallelhash Test Sample #2 from NIST Special Publication 800-185.
> > >
> > > +//
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 *InputSample2 =
> > > InputSample1; // Input of sample2 is same as sample1.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample2ByteLen =
> > 24;
> > > // Length of sample2 input data in bytes.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > *CustomizationSample2
> > > = "Parallel Data"; // Customization string (S) of sample2.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample2ByteLen
> =
> > > 13; // Customization string length of sample2 in bytes.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample2 = 8;
> > > // Block size of sample2.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > ExpectOutputSample2[]
> > > = {
> > >
> > > + // Expected output data of sample2.
> > >
> > > + 0xcd, 0xf1, 0x52, 0x89, 0xb5, 0x4f, 0x62, 0x12, 0xb4, 0xbc, 0x27, 0x05,
> 0x28,
> > > 0xb4, 0x95, 0x26,
> > >
> > > + 0x00, 0x6d, 0xd9, 0xb5, 0x4e, 0x2b, 0x6a, 0xdd, 0x1e, 0xf6, 0x90, 0x0d,
> > 0xda,
> > > 0x39, 0x63, 0xbb,
> > >
> > > + 0x33, 0xa7, 0x24, 0x91, 0xf2, 0x36, 0x96, 0x9c, 0xa8, 0xaf, 0xae, 0xa2,
> 0x9c,
> > > 0x68, 0x2d, 0x47,
> > >
> > > + 0xa3, 0x93, 0xc0, 0x65, 0xb3, 0x8e, 0x29, 0xfa, 0xe6, 0x51, 0xa2, 0x09,
> 0x1c,
> > > 0x83, 0x31, 0x10
> > >
> > > +};
> > >
> > > +
> > >
> > > +//
> > >
> > > +// Parallelhash Test Sample #3 from NIST Special Publication 800-185.
> > >
> > > +//
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample3[] = {
> > >
> > > + // input data of sample3.
> > >
> > > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
> > 0x10,
> > > 0x11, 0x12, 0x13,
> > >
> > > + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x20, 0x21, 0x22, 0x23,
> > 0x24,
> > > 0x25, 0x26, 0x27,
> > >
> > > + 0x28, 0x29, 0x2a, 0x2b, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> > 0x38,
> > > 0x39, 0x3a, 0x3b,
> > >
> > > + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b,
> > 0x50,
> > > 0x51, 0x52, 0x53,
> > >
> > > + 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b
> > >
> > > +};
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample3ByteLen =
> > 72;
> > > // Length of sample3 input data in bytes.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > *CustomizationSample3
> > > = "Parallel Data"; // Customization string (S) of sample3.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample3ByteLen
> =
> > > 13; // Customization string length of sample3 in bytes.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample3 =
> 12;
> > > // Block size of sample3.
> > >
> > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > ExpectOutputSample3[]
> > > = {
> > >
> > > + // Expected output data of sample3.
> > >
> > > + 0x69, 0xd0, 0xfc, 0xb7, 0x64, 0xea, 0x05, 0x5d, 0xd0, 0x93, 0x34, 0xbc,
> 0x60,
> > > 0x21, 0xcb, 0x7e,
> > >
> > > + 0x4b, 0x61, 0x34, 0x8d, 0xff, 0x37, 0x5d, 0xa2, 0x62, 0x67, 0x1c, 0xde,
> 0xc3,
> > > 0xef, 0xfa, 0x8d,
> > >
> > > + 0x1b, 0x45, 0x68, 0xa6, 0xcc, 0xe1, 0x6b, 0x1c, 0xad, 0x94, 0x6d, 0xdd,
> > 0xe2,
> > > 0x7f, 0x6c, 0xe2,
> > >
> > > + 0xb8, 0xde, 0xe4, 0xcd, 0x1b, 0x24, 0x85, 0x1e, 0xbf, 0x00, 0xeb, 0x90,
> > 0xd4,
> > > 0x38, 0x13, 0xe9
> > >
> > > +};
> > >
> > > +
> > >
> > > +UNIT_TEST_STATUS
> > >
> > > +EFIAPI
> > >
> > > +TestVerifyParallelHash256HashAll (
> > >
> > > + IN UNIT_TEST_CONTEXT Context
> > >
> > > + )
> > >
> > > +{
> > >
> > > + BOOLEAN Status;
> > >
> > > + UINT8 Output[64];
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Test #1 using sample1.
> > >
> > > + //
> > >
> > > + Status = ParallelHash256HashAll (
> > >
> > > + InputSample1,
> > >
> > > + InputSample1ByteLen,
> > >
> > > + BlockSizeSample1,
> > >
> > > + Output,
> > >
> > > + OutputByteLen,
> > >
> > > + CustomizationSample1,
> > >
> > > + CustomSample1ByteLen
> > >
> > > + );
> > >
> > > + UT_ASSERT_TRUE (Status);
> > >
> > > +
> > >
> > > + // Check the output with the expected output.
> > >
> > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample1,
> OutputByteLen);
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Test #2 using sample2.
> > >
> > > + //
> > >
> > > + Status = ParallelHash256HashAll (
> > >
> > > + InputSample2,
> > >
> > > + InputSample2ByteLen,
> > >
> > > + BlockSizeSample2,
> > >
> > > + Output,
> > >
> > > + OutputByteLen,
> > >
> > > + CustomizationSample2,
> > >
> > > + CustomSample2ByteLen
> > >
> > > + );
> > >
> > > + UT_ASSERT_TRUE (Status);
> > >
> > > +
> > >
> > > + // Check the output with the expected output.
> > >
> > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample2,
> OutputByteLen);
> > >
> > > +
> > >
> > > + //
> > >
> > > + // Test #3 using sample3.
> > >
> > > + //
> > >
> > > + Status = ParallelHash256HashAll (
> > >
> > > + InputSample3,
> > >
> > > + InputSample3ByteLen,
> > >
> > > + BlockSizeSample3,
> > >
> > > + Output,
> > >
> > > + OutputByteLen,
> > >
> > > + CustomizationSample3,
> > >
> > > + CustomSample3ByteLen
> > >
> > > + );
> > >
> > > + UT_ASSERT_TRUE (Status);
> > >
> > > +
> > >
> > > + // Check the output with the expected output.
> > >
> > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample3,
> OutputByteLen);
> > >
> > > +
> > >
> > > + return EFI_SUCCESS;
> > >
> > > +}
> > >
> > > +
> > >
> > > +TEST_DESC mParallelhashTest[] = {
> > >
> > > + //
> > >
> > > + // -----Description------------------------------Class----------------------
> Function--
> > --
> > > -------------Pre---Post--Context
> > >
> > > + //
> > >
> > > + { "TestVerifyParallelHash256HashAll()",
> > > "CryptoPkg.BaseCryptLib.ParallelHash256HashAll",
> > > TestVerifyParallelHash256HashAll, NULL, NULL, NULL },
> > >
> > > +};
> > >
> > > +
> > >
> > > +UINTN mParallelhashTestNum = ARRAY_SIZE (mParallelhashTest);
> > >
> > > diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
> > > index eeb388ae71c5..e21fafac1efe 100644
> > > --- a/CryptoPkg/CryptoPkg.ci.yaml
> > > +++ b/CryptoPkg/CryptoPkg.ci.yaml
> > > @@ -2,7 +2,7 @@
> > > # CI configuration for CryptoPkg
> > >
> > > #
> > >
> > > # Copyright (c) Microsoft Corporation
> > >
> > > -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > +# Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > ##
> > >
> > > {
> > >
> > > @@ -34,6 +34,8 @@
> > > "Library/OpensslLib/rand_pool.c",
> > >
> > > # This has OpenSSL interfaces that aren't UEFI spec compliant
> > >
> > > "Library/Include/CrtLibSupport.h",
> > >
> > > + # This has OpenSSL interfaces that aren't UEFI spec compliant
> > >
> > > + "Library/BaseCryptLib/Hash/CryptParallelHash.h",
> > >
> > > # These directories contain auto-generated OpenSSL content
> > >
> > > "Library/OpensslLib",
> > >
> > > "Library/IntrinsicLib",
> > >
> > > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
> > > b/CryptoPkg/Include/Library/BaseCryptLib.h
> > > index f4bc7c0d73d9..7d1499350a49 100644
> > > --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> > > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> > > @@ -4,7 +4,7 @@
> > > primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
> > >
> > > functionality enabling.
> > >
> > >
> > >
> > > -Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > >
> > >
> > > **/
> > >
> > > @@ -753,6 +753,35 @@ Sha512HashAll (
> > > OUT UINT8 *HashValue
> > >
> > > );
> > >
> > >
> > >
> > > +/**
> > >
> > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > Publication
> > > 800-185,
> > >
> > > + published December 2016.
> > >
> > > +
> > >
> > > + @param[in] Input Pointer to the input message (X).
> > >
> > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> the
> > > input data.
> > >
> > > + @param[in] BlockSize The size of each block (B).
> > >
> > > + @param[out] Output Pointer to the output buffer.
> > >
> > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > >
> > > + @param[in] Customization Pointer to the customization string (S).
> > >
> > > + @param[in] CustomByteLen The length of the customization string in
> > bytes.
> > >
> > > +
> > >
> > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > >
> > > + @retval FALSE ParallelHash256 digest computation failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +ParallelHash256HashAll (
> > >
> > > + IN CONST VOID *Input,
> > >
> > > + IN UINTN InputByteLen,
> > >
> > > + IN UINTN BlockSize,
> > >
> > > + OUT VOID *Output,
> > >
> > > + IN UINTN OutputByteLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomByteLen
> > >
> > > + );
> > >
> > > +
> > >
> > > /**
> > >
> > > Retrieves the size, in bytes, of the context buffer required for SM3 hash
> > > operations.
> > >
> > >
> > >
> > > diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > index 5186a54759ae..77330961352e 100644
> > > --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > @@ -2,7 +2,7 @@
> > > Defines the PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure associated
> > with
> > >
> > > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.
> > >
> > >
> > >
> > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > >
> > >
> > > **/
> > >
> > > @@ -288,6 +288,12 @@ typedef struct {
> > > } Services;
> > >
> > > UINT32 Family;
> > >
> > > } TlsGet;
> > >
> > > + union {
> > >
> > > + struct {
> > >
> > > + UINT8 HashAll : 1;
> > >
> > > + } Services;
> > >
> > > + UINT32 Family;
> > >
> > > + } ParallelHash;
> > >
> > > } PCD_CRYPTO_SERVICE_FAMILY_ENABLE;
> > >
> > >
> > >
> > > #endif
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > index 49703fa4c963..15cf3dab105c 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > @@ -6,7 +6,7 @@
> > > # This external input must be validated carefully to avoid security issues
> such
> > as
> > >
> > > # buffer overflow or integer overflow.
> > >
> > > #
> > >
> > > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> > > reserved.<BR>
> > >
> > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > #
> > >
> > > @@ -34,6 +34,7 @@
> > > Hash/CryptSha256.c
> > >
> > > Hash/CryptSha512.c
> > >
> > > Hash/CryptSm3.c
> > >
> > > + Hash/CryptParallelHashNull.c
> > >
> > > Hmac/CryptHmacSha256.c
> > >
> > > Kdf/CryptHkdf.c
> > >
> > > Cipher/CryptAes.c
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > new file mode 100644
> > > index 000000000000..fe08d4928e8d
> > > --- /dev/null
> > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > @@ -0,0 +1,201 @@
> > > +/** @file
> > >
> > > + ParallelHash related function and type declaration.
> > >
> > > +
> > >
> > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > +
> > >
> > > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> > >
> > > +Licensed under the OpenSSL license (the "License"). You may not use
> > >
> > > +this file except in compliance with the License. You can obtain a copy
> > >
> > > +in the file LICENSE in the source distribution or at
> > >
> > > +https://www.openssl.org/source/license.html
> > >
> > > +
> > >
> > > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> > >
> > > +https://github.com/XKCP/XKCP
> > >
> > > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and
> Gilles
> > > Van Assche.
> > >
> > > +Implementation by the designers, hereby denoted as "the implementer".
> > >
> > > +For more information, feedback or questions, please refer to the Keccak
> > Team
> > > website:
> > >
> > > +https://keccak.team/
> > >
> > > +To the extent possible under law, the implementer has waived all copyright
> > >
> > > +and related or neighboring rights to the source code in this file.
> > >
> > > +http://creativecommons.org/publicdomain/zero/1.0/
> > >
> > > +**/
> > >
> > > +
> > >
> > > +#include "InternalCryptLib.h"
> > >
> > > +
> > >
> > > +#define KECCAK1600_WIDTH 1600
> > >
> > > +
> > >
> > > +//
> > >
> > > +// This struct referring to m_sha3.c from opessl and modified its type name.
> > >
> > > +//
> > >
> > > +typedef struct {
> > >
> > > + uint64_t A[5][5];
> > >
> > > + size_t block_size; /* cached ctx->digest->block_size */
> > >
> > > + size_t md_size; /* output length, variable in XOF */
> > >
> > > + size_t num; /* used bytes in below buffer */
> > >
> > > + unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
> > >
> > > + unsigned char pad;
> > >
> > > +} Keccak1600_Ctx;
> > >
> > > +
> > >
> > > +/**
> > >
> > > + SHA3_absorb can be called multiple times, but at each invocation
> > >
> > > + largest multiple of |r| out of |len| bytes are processed. Then
> > >
> > > + remaining amount of bytes is returned. This is done to spare caller
> > >
> > > + trouble of calculating the largest multiple of |r|. |r| can be viewed
> > >
> > > + as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104,
> > >
> > > + 72, but can also be (1600 - 448)/8 = 144. All this means that message
> > >
> > > + padding and intermediate sub-block buffering, byte- or bitwise, is
> > >
> > > + caller's responsibility.
> > >
> > > +**/
> > >
> > > +size_t
> > >
> > > +SHA3_absorb (
> > >
> > > + uint64_t A[5][5],
> > >
> > > + const unsigned char *inp,
> > >
> > > + size_t len,
> > >
> > > + size_t r
> > >
> > > + );
> > >
> > > +
> > >
> > > +/**
> > >
> > > + SHA3_squeeze is called once at the end to generate |out| hash value
> > >
> > > + of |len| bytes.
> > >
> > > +**/
> > >
> > > +void
> > >
> > > +SHA3_squeeze (
> > >
> > > + uint64_t A[5][5],
> > >
> > > + unsigned char *out,
> > >
> > > + size_t len,
> > >
> > > + size_t r
> > >
> > > + );
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Encode function from XKCP.
> > >
> > > +
> > >
> > > + Encodes the input as a byte string in a way that can be unambiguously
> > parsed
> > >
> > > + from the beginning of the string by inserting the length of the byte string
> > >
> > > + before the byte string representation of input.
> > >
> > > +
> > >
> > > + @param[out] EncBuf Result of left encode.
> > >
> > > + @param[in] Value Input of left encode.
> > >
> > > +
> > >
> > > + @retval EncLen Size of encode result in bytes.
> > >
> > > +**/
> > >
> > > +UINTN
> > >
> > > +EFIAPI
> > >
> > > +LeftEncode (
> > >
> > > + OUT UINT8 *EncBuf,
> > >
> > > + IN UINTN Value
> > >
> > > + );
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Encode function from XKCP.
> > >
> > > +
> > >
> > > + Encodes the input as a byte string in a way that can be unambiguously
> > parsed
> > >
> > > + from the end of the string by inserting the length of the byte string after
> > >
> > > + the byte string representation of input.
> > >
> > > +
> > >
> > > + @param[out] EncBuf Result of right encode.
> > >
> > > + @param[in] Value Input of right encode.
> > >
> > > +
> > >
> > > + @retval EncLen Size of encode result in bytes.
> > >
> > > +**/
> > >
> > > +UINTN
> > >
> > > +EFIAPI
> > >
> > > +RightEncode (
> > >
> > > + OUT UINT8 *EncBuf,
> > >
> > > + IN UINTN Value
> > >
> > > + );
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Keccak initial fuction.
> > >
> > > +
> > >
> > > + Set up state with specified capacity.
> > >
> > > +
> > >
> > > + @param[out] Context Pointer to the context being initialized.
> > >
> > > + @param[in] Pad Delimited Suffix.
> > >
> > > + @param[in] BlockSize Size of context block.
> > >
> > > + @param[in] MessageDigestLen Size of message digest in bytes.
> > >
> > > +
> > >
> > > + @retval 1 Initialize successfully.
> > >
> > > + @retval 0 Fail to initialize.
> > >
> > > +**/
> > >
> > > +UINT8
> > >
> > > +EFIAPI
> > >
> > > +KeccakInit (
> > >
> > > + OUT Keccak1600_Ctx *Context,
> > >
> > > + IN UINT8 Pad,
> > >
> > > + IN UINTN BlockSize,
> > >
> > > + IN UINTN MessageDigstLen
> > >
> > > + );
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Sha3 update fuction.
> > >
> > > +
> > >
> > > + This function performs Sha3 digest on a data buffer of the specified size.
> > >
> > > + It can be called multiple times to compute the digest of long or
> > discontinuous
> > > data streams.
> > >
> > > +
> > >
> > > + @param[in,out] Context Pointer to the Keccak context.
> > >
> > > + @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > >
> > > + @param[in] DataSize Size of Data buffer in bytes.
> > >
> > > +
> > >
> > > + @retval 1 Update successfully.
> > >
> > > +**/
> > >
> > > +UINT8
> > >
> > > +EFIAPI
> > >
> > > +Sha3Update (
> > >
> > > + IN OUT Keccak1600_Ctx *Context,
> > >
> > > + IN const VOID *Data,
> > >
> > > + IN UINTN DataSize
> > >
> > > + );
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Completes computation of Sha3 message digest.
> > >
> > > +
> > >
> > > + This function completes sha3 hash computation and retrieves the digest
> > value
> > > into
> > >
> > > + the specified memory. After this function has been called, the keccak
> > context
> > > cannot
> > >
> > > + be used again.
> > >
> > > +
> > >
> > > + @param[in, out] Context Pointer to the keccak context.
> > >
> > > + @param[out] MessageDigest Pointer to a buffer that receives the
> > > message digest.
> > >
> > > +
> > >
> > > + @retval 1 Meaasge digest computation succeeded.
> > >
> > > +**/
> > >
> > > +UINT8
> > >
> > > +EFIAPI
> > >
> > > +Sha3Final (
> > >
> > > + IN OUT Keccak1600_Ctx *Context,
> > >
> > > + OUT UINT8 *MessageDigest
> > >
> > > + );
> > >
> > > +
> > >
> > > +/**
> > >
> > > + Computes the CSHAKE-256 message digest of a input data buffer.
> > >
> > > +
> > >
> > > + This function performs the CSHAKE-256 message digest of a given data
> > buffer,
> > > and places
> > >
> > > + the digest value into the specified memory.
> > >
> > > +
> > >
> > > + @param[in] Data Pointer to the buffer containing the data to be
> > > hashed.
> > >
> > > + @param[in] DataSize Size of Data buffer in bytes.
> > >
> > > + @param[in] OutputLen Size of output in bytes.
> > >
> > > + @param[in] Name Pointer to the function name string.
> > >
> > > + @param[in] NameLen Size of the function name in bytes.
> > >
> > > + @param[in] Customization Pointer to the customization string.
> > >
> > > + @param[in] CustomizationLen Size of the customization string in bytes.
> > >
> > > + @param[out] HashValue Pointer to a buffer that receives the
> CSHAKE-
> > > 256 digest
> > >
> > > + value.
> > >
> > > +
> > >
> > > + @retval TRUE CSHAKE-256 digest computation succeeded.
> > >
> > > + @retval FALSE CSHAKE-256 digest computation failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +BOOLEAN
> > >
> > > +EFIAPI
> > >
> > > +CShake256HashAll (
> > >
> > > + IN CONST VOID *Data,
> > >
> > > + IN UINTN DataSize,
> > >
> > > + IN UINTN OutputLen,
> > >
> > > + IN CONST VOID *Name,
> > >
> > > + IN UINTN NameLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomizationLen,
> > >
> > > + OUT UINT8 *HashValue
> > >
> > > + );
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > index 0cab5f3ce36c..bf1563b06407 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > @@ -13,7 +13,7 @@
> > > # PEM handler functions, and pseudorandom number generator functions
> are
> > > not
> > >
> > > # supported in this instance.
> > >
> > > #
> > >
> > > -# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > #
> > >
> > > ##
> > >
> > > @@ -40,6 +40,7 @@
> > > Hash/CryptSha256.c
> > >
> > > Hash/CryptSm3.c
> > >
> > > Hash/CryptSha512.c
> > >
> > > + Hash/CryptParallelHashNull.c
> > >
> > > Hmac/CryptHmacSha256.c
> > >
> > > Kdf/CryptHkdf.c
> > >
> > > Cipher/CryptAesNull.c
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > index fdbb6edfd23e..6742da0be4fe 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > @@ -11,7 +11,7 @@
> > > # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions,
> and
> > >
> > > # authenticode signature verification functions are not supported in this
> > > instance.
> > >
> > > #
> > >
> > > -# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
> > >
> > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > # Copyright (c) 2021, Hewlett Packard Enterprise Development LP. All rights
> > > reserved.<BR>
> > >
> > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > #
> > >
> > > @@ -40,6 +40,7 @@
> > > Hash/CryptSha256.c
> > >
> > > Hash/CryptSm3.c
> > >
> > > Hash/CryptSha512.c
> > >
> > > + Hash/CryptParallelHashNull.c
> > >
> > > Hmac/CryptHmacSha256.c
> > >
> > > Kdf/CryptHkdf.c
> > >
> > > Cipher/CryptAes.c
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > index e6470d7a2127..8f39517f78b7 100644
> > > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > @@ -10,7 +10,7 @@
> > > # RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman
> > > functions, and
> > >
> > > # authenticode signature verification functions are not supported in this
> > > instance.
> > >
> > > #
> > >
> > > -# Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> > >
> > > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > #
> > >
> > > ##
> > >
> > > @@ -38,6 +38,10 @@
> > > Hash/CryptSha256.c
> > >
> > > Hash/CryptSm3.c
> > >
> > > Hash/CryptSha512.c
> > >
> > > + Hash/CryptSha3.c
> > >
> > > + Hash/CryptXkcp.c
> > >
> > > + Hash/CryptCShake256.c
> > >
> > > + Hash/CryptParallelHash.c
> > >
> > > Hmac/CryptHmacSha256.c
> > >
> > > Kdf/CryptHkdfNull.c
> > >
> > > Cipher/CryptAes.c
> > >
> > > @@ -85,6 +89,8 @@
> > > OpensslLib
> > >
> > > IntrinsicLib
> > >
> > > PrintLib
> > >
> > > + MmServicesTableLib
> > >
> > > + SynchronizationLib
> > >
> > >
> > >
> > > #
> > >
> > > # Remove these [BuildOptions] after this library is cleaned up
> > >
> > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > index faf959827b90..63d1d82d1914 100644
> > > --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > @@ -6,7 +6,7 @@
> > > # This external input must be validated carefully to avoid security issues
> such
> > as
> > >
> > > # buffer overflow or integer overflow.
> > >
> > > #
> > >
> > > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> > > reserved.<BR>
> > >
> > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > #
> > >
> > > @@ -34,6 +34,7 @@
> > > Hash/CryptSha256Null.c
> > >
> > > Hash/CryptSha512Null.c
> > >
> > > Hash/CryptSm3Null.c
> > >
> > > + Hash/CryptParallelHashNull.c
> > >
> > > Hmac/CryptHmacSha256Null.c
> > >
> > > Kdf/CryptHkdfNull.c
> > >
> > > Cipher/CryptAesNull.c
> > >
> > > diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> > > b/CryptoPkg/Library/Include/CrtLibSupport.h
> > > index d257dca8fa9b..b76b140a7acf 100644
> > > --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> > > +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> > > @@ -2,7 +2,7 @@
> > > Root include file of C runtime library to support building the third-party
> > >
> > > cryptographic library.
> > >
> > >
> > >
> > > -Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> > >
> > > +Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> > > reserved.<BR>
> > >
> > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > >
> > >
> > > @@ -111,6 +111,7 @@ typedef UINT8 u_char;
> > > typedef UINT32 uid_t;
> > >
> > > typedef UINT32 gid_t;
> > >
> > > typedef CHAR16 wchar_t;
> > >
> > > +typedef UINT64 uint64_t;
> > >
> > >
> > >
> > > //
> > >
> > > // File operations are not required for EFI building,
> > >
> > > diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> > > b/CryptoPkg/Private/Protocol/Crypto.h
> > > index e378a8a8c60e..de45778c7d42 100644
> > > --- a/CryptoPkg/Private/Protocol/Crypto.h
> > > +++ b/CryptoPkg/Private/Protocol/Crypto.h
> > > @@ -2,7 +2,7 @@
> > > This Protocol provides Crypto services to DXE modules
> > >
> > >
> > >
> > > Copyright (C) Microsoft Corporation. All rights reserved.
> > >
> > > - Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
> > >
> > > + Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > >
> > >
> > > **/
> > >
> > > @@ -21,7 +21,7 @@
> > > /// the EDK II Crypto Protocol is extended, this version define must be
> > >
> > > /// increased.
> > >
> > > ///
> > >
> > > -#define EDKII_CRYPTO_VERSION 7
> > >
> > > +#define EDKII_CRYPTO_VERSION 8
> > >
> > >
> > >
> > > ///
> > >
> > > /// EDK II Crypto Protocol forward declaration
> > >
> > > @@ -3383,6 +3383,35 @@ EFI_STATUS
> > > IN OUT UINTN *DataSize
> > >
> > > );
> > >
> > >
> > >
> > > +/**
> > >
> > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > Publication
> > > 800-185,
> > >
> > > + published December 2016.
> > >
> > > +
> > >
> > > + @param[in] Input Pointer to the input message (X).
> > >
> > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> the
> > > input data.
> > >
> > > + @param[in] BlockSize The size of each block (B).
> > >
> > > + @param[out] Output Pointer to the output buffer.
> > >
> > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > >
> > > + @param[in] Customization Pointer to the customization string (S).
> > >
> > > + @param[in] CustomByteLen The length of the customization string in
> > bytes.
> > >
> > > +
> > >
> > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > >
> > > + @retval FALSE ParallelHash256 digest computation failed.
> > >
> > > + @retval FALSE This interface is not supported.
> > >
> > > +
> > >
> > > +**/
> > >
> > > +typedef
> > >
> > > +BOOLEAN
> > >
> > > +(EFIAPI *EDKII_CRYPTO_PARALLEL_HASH_ALL)(
> > >
> > > + IN CONST VOID *Input,
> > >
> > > + IN UINTN InputByteLen,
> > >
> > > + IN UINTN BlockSize,
> > >
> > > + OUT VOID *Output,
> > >
> > > + IN UINTN OutputByteLen,
> > >
> > > + IN CONST VOID *Customization,
> > >
> > > + IN UINTN CustomByteLen
> > >
> > > + );
> > >
> > > +
> > >
> > > /**
> > >
> > > Carries out the RSA-SSA signature generation with EMSA-PSS encoding
> > scheme.
> > >
> > >
> > >
> > > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
> > >
> > > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
> > >
> > > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > > TlsGetCertRevocationList;
> > >
> > > + /// Parallel hash
> > >
> > > + EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
> > >
> > > /// RSA PSS
> > >
> > > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> > >
> > > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> > >
> > > diff --git a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > index ff0af36bcc80..c50a9cc4dc9f 100644
> > > --- a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > +++ b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > @@ -2,6 +2,7 @@
> > > # CryptoPkg DSC file used to build host-based unit tests.
> > >
> > > #
> > >
> > > # Copyright (c) Microsoft Corporation.<BR>
> > >
> > > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > #
> > >
> > > ##
> > >
> > > @@ -21,6 +22,9 @@
> > > [LibraryClasses]
> > >
> > > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > >
> > >
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
> > >
> > > +
> > >
> >
> MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib
> > > .inf
> > >
> > > +
> > >
> >
> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizati
> > > onLib.inf
> > >
> > > +
> > >
> >
> TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat
> > > e.inf
> > >
> > >
> > >
> > > [LibraryClasses.AARCH64, LibraryClasses.ARM]
> > >
> > > RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> > >
> > > diff --git
> > > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > index 00c869265080..399db596c2d1 100644
> > > ---
> a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > +++
> > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > @@ -2,6 +2,7 @@
> > > # Host-based UnitTest for BaseCryptLib
> > >
> > > #
> > >
> > > # Copyright (c) Microsoft Corporation.<BR>
> > >
> > > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > >
> > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > ##
> > >
> > >
> > >
> > > @@ -35,6 +36,7 @@
> > > Pkcs7EkuTests.c
> > >
> > > OaepEncryptTests.c
> > >
> > > RsaPssTests.c
> > >
> > > + ParallelhashTests.c
> > >
> > >
> > >
> > > [Packages]
> > >
> > > MdePkg/MdePkg.dec
> > >
> > > @@ -45,3 +47,5 @@
> > > DebugLib
> > >
> > > BaseCryptLib
> > >
> > > UnitTestLib
> > >
> > > + MmServicesTableLib
> > >
> > > + SynchronizationLib
> > >
> > > --
> > > 2.26.2.windows.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib.
2022-03-18 0:56 ` Yao, Jiewen
@ 2022-03-18 1:52 ` Li, Zhihao
2022-03-18 1:59 ` Yao, Jiewen
0 siblings, 1 reply; 7+ messages in thread
From: Li, Zhihao @ 2022-03-18 1:52 UTC (permalink / raw)
To: Yao, Jiewen, devel@edk2.groups.io
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Fu, Siyuan
Build CryptoPei and CryptoSmm driver report this error.
INFO - /home/vsts/work/1/s/CryptoPkg/Driver/Crypto.c:4707:3: error: initialization of 'BOOLEAN (__attribute__((ms_abi)) *)(void *, const UINT8 *, UINTN, UINT16, UINT16, UINT8 *, UINTN *)' from incompatible pointer type 'BOOLEAN (__attribute__((ms_abi)) *)(const void *, UINTN, UINTN, void *, UINTN, const void *, UINTN)' [-Werror=incompatible-pointer-types]
INFO - 4707 | CryptoServiceParallelHash256HashAll
In Crypto.c:
const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
...
CryptoServiceTlsGetHostPrivateKey,
CryptoServiceTlsGetCertRevocationList,
/// Parallel hash
CryptoServiceParallelHash256HashAll
};
In Crypto.h
struct _EDKII_CRYPTO_PROTOCOL {
...
EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocationList;
/// RSA PSS
EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
/// Parallel hash
EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
};
And
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_PSS_SIGN)(
IN VOID *RsaContext,
IN CONST UINT8 *Message,
IN UINTN MsgSize,
IN UINT16 DigestLen,
IN UINT16 SaltLen,
OUT UINT8 *Signature,
IN OUT UINTN *SigSize
);
So I think solve this error need to put ParallelHash256HashAll before RsaPssSign.
And test result is successful.
Is there anything wrong with my judgment?
> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: Friday, March 18, 2022 8:56 AM
> To: Li, Zhihao <zhihao.li@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>;
> Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> ParallelHash256HashAll in BaseCryptLib.
>
> What is root cause of failure?
>
> I don't understand.
>
> > -----Original Message-----
> > From: Li, Zhihao <zhihao.li@intel.com>
> > Sent: Friday, March 18, 2022 12:27 AM
> > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> <xiaoyu1.lu@intel.com>;
> > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > ParallelHash256HashAll in BaseCryptLib.
> >
> > Because it will cause patch to fail in CI test while to succeed if follow the
> setting.
> > Failed test: https://github.com/tianocore/edk2/pull/2535
> >
> > I guess it's because data structure EDKII_CRYPTO_PROTOCOL( mEdkiiCrypto)
> > doesn't have /// RSA PSS members in Crypto.c
> >
> > > -----Original Message-----
> > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > Sent: Thursday, March 17, 2022 10:13 PM
> > > To: Li, Zhihao <zhihao.li@intel.com>; devel@edk2.groups.io
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> > <xiaoyu1.lu@intel.com>;
> > > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > ParallelHash256HashAll in BaseCryptLib.
> > >
> > > Hey
> > > Are you following the guideline - don't put new field in the middle ?
> > >
> > > ParallelHash256HashAll API is still in the middle......
> > >
> > >
> > > > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > > > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT
> TlsGetHostPublicCert;
> > > >
> > > > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY
> TlsGetHostPrivateKey;
> > > >
> > > > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > > > TlsGetCertRevocationList;
> > > >
> > > > + /// Parallel hash
> > > >
> > > > + EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
> > > >
> > > > /// RSA PSS
> > > >
> > > > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> > > >
> > > > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> > > >
> > >
> > >
> > > > -----Original Message-----
> > > > From: Li, Zhihao <zhihao.li@intel.com>
> > > > Sent: Thursday, March 17, 2022 12:35 PM
> > > > To: devel@edk2.groups.io
> > > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> > > <jian.j.wang@intel.com>;
> > > > Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin
> > > <guomin.jiang@intel.com>;
> > > > Fu, Siyuan <siyuan.fu@intel.com>
> > > > Subject: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > > ParallelHash256HashAll in BaseCryptLib.
> > > >
> > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3596
> > > >
> > > > Parallel hash function ParallelHash256HashAll, as defined in NIST's
> > > > Special Publication 800-185, published December 2016. It utilizes
> > > > multi-process to calculate the digest.
> > > >
> > > > Passed CI test.
> > > > Onprotocol version code passed test.
> > > >
> > > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> > > > Cc: Guomin Jiang <guomin.jiang@intel.com>
> > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > Cc: Zhihao Li <zhihao.li@intel.com>
> > > >
> > > > Signed-off-by: Zhihao Li <zhihao.li@intel.com>
> > > > ---
> > > > CryptoPkg/Driver/Crypto.c | 38 ++-
> > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c | 282
> > > > ++++++++++++++++++++
> > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c | 278
> > > > +++++++++++++++++++
> > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c | 40
> > +++
> > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c | 166
> > > > ++++++++++++
> > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c | 107
> > > ++++++++
> > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c |
> 40
> > > +++
> > > > CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 34
> ++-
> > > > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c |
> 145
> > > > ++++++++++
> > > > CryptoPkg/CryptoPkg.ci.yaml | 4 +-
> > > > CryptoPkg/Include/Library/BaseCryptLib.h | 31 ++-
> > > > CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h | 8 +-
> > > > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +-
> > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h | 201
> > > > ++++++++++++++
> > > > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 3 +-
> > > > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 3 +-
> > > > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 8 +-
> > > > CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 3 +-
> > > > CryptoPkg/Library/Include/CrtLibSupport.h | 3 +-
> > > > CryptoPkg/Private/Protocol/Crypto.h | 35 ++-
> > > > CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 4 +
> > > > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf |
> > 4
> > > +
> > > > 22 files changed, 1426 insertions(+), 14 deletions(-)
> > > >
> > > > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
> > > > index d5d6aa8e5820..5a9245c07cc5 100644
> > > > --- a/CryptoPkg/Driver/Crypto.c
> > > > +++ b/CryptoPkg/Driver/Crypto.c
> > > > @@ -3,7 +3,7 @@
> > > > from BaseCryptLib and TlsLib.
> > > >
> > > >
> > > >
> > > > Copyright (C) Microsoft Corporation. All rights reserved.
> > > >
> > > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > >
> > > >
> > > > **/
> > > >
> > > > @@ -4470,6 +4470,38 @@ CryptoServiceTlsGetCertRevocationList (
> > > > return CALL_BASECRYPTLIB (TlsGet.Services.CertRevocationList,
> > > > TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED);
> > > >
> > > > }
> > > >
> > > >
> > > >
> > > > +/**
> > > >
> > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > Publication
> > > > 800-185,
> > > >
> > > > + published December 2016.
> > > >
> > > > +
> > > >
> > > > + @param[in] Input Pointer to the input message (X).
> > > >
> > > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> > the
> > > > input data.
> > > >
> > > > + @param[in] BlockSize The size of each block (B).
> > > >
> > > > + @param[out] Output Pointer to the output buffer.
> > > >
> > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > >
> > > > + @param[in] Customization Pointer to the customization string (S).
> > > >
> > > > + @param[in] CustomByteLen The length of the customization string in
> > > bytes.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > >
> > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +CryptoServiceParallelHash256HashAll (
> > > >
> > > > + IN CONST VOID *Input,
> > > >
> > > > + IN UINTN InputByteLen,
> > > >
> > > > + IN UINTN BlockSize,
> > > >
> > > > + OUT VOID *Output,
> > > >
> > > > + IN UINTN OutputByteLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomByteLen
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + return CALL_BASECRYPTLIB (ParallelHash.Services.HashAll,
> > > > ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output,
> > > OutputByteLen,
> > > > Customization, CustomByteLen), FALSE);
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
> > > >
> > > > /// Version
> > > >
> > > > CryptoServiceGetCryptoVersion,
> > > >
> > > > @@ -4670,5 +4702,7 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto
> =
> > {
> > > > CryptoServiceTlsGetCaCertificate,
> > > >
> > > > CryptoServiceTlsGetHostPublicCert,
> > > >
> > > > CryptoServiceTlsGetHostPrivateKey,
> > > >
> > > > - CryptoServiceTlsGetCertRevocationList
> > > >
> > > > + CryptoServiceTlsGetCertRevocationList,
> > > >
> > > > + /// Parallel hash
> > > >
> > > > + CryptoServiceParallelHash256HashAll
> > > >
> > > > };
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > > new file mode 100644
> > > > index 000000000000..2a9eaf9eec40
> > > > --- /dev/null
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > > @@ -0,0 +1,282 @@
> > > > +/** @file
> > > >
> > > > + cSHAKE-256 Digest Wrapper Implementations.
> > > >
> > > > +
> > > >
> > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +
> > > >
> > > > +#include "CryptParallelHash.h"
> > > >
> > > > +
> > > >
> > > > +#define CSHAKE256_SECURITY_STRENGTH 256
> > > >
> > > > +#define CSHAKE256_RATE_IN_BYTES 136
> > > >
> > > > +
> > > >
> > > > +CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] = { 0 };
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + CShake256 initial function.
> > > >
> > > > +
> > > >
> > > > + Initializes user-supplied memory pointed by CShake256Context as
> cSHAKE-
> > > 256
> > > > hash context for
> > > >
> > > > + subsequent use.
> > > >
> > > > +
> > > >
> > > > + @param[out] CShake256Context Pointer to cSHAKE-256 context being
> > > > initialized.
> > > >
> > > > + @param[in] OutputLen The desired number of output length in
> bytes.
> > > >
> > > > + @param[in] Name Pointer to the function name string.
> > > >
> > > > + @param[in] NameLen The length of the function name in bytes.
> > > >
> > > > + @param[in] Customization Pointer to the customization string.
> > > >
> > > > + @param[in] CustomizationLen The length of the customization string in
> > > > bytes.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE cSHAKE-256 context initialization succeeded.
> > > >
> > > > + @retval FALSE cSHAKE-256 context initialization failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +CShake256Init (
> > > >
> > > > + OUT VOID *CShake256Context,
> > > >
> > > > + IN UINTN OutputLen,
> > > >
> > > > + IN CONST VOID *Name,
> > > >
> > > > + IN UINTN NameLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomizationLen
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + BOOLEAN Status;
> > > >
> > > > + UINT8 EncBuf[sizeof (UINTN) + 1];
> > > >
> > > > + UINTN EncLen;
> > > >
> > > > + UINTN AbsorbLen;
> > > >
> > > > + UINTN PadLen;
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Check input parameters.
> > > >
> > > > + //
> > > >
> > > > + if ((CShake256Context == NULL) || (OutputLen == 0) || ((NameLen != 0)
> > &&
> > > > (Name == NULL)) || ((CustomizationLen != 0) && (Customization == NULL)))
> {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Initialize KECCAK context with pad value and block size.
> > > >
> > > > + //
> > > >
> > > > + if ((NameLen == 0) && (CustomizationLen == 0)) {
> > > >
> > > > + //
> > > >
> > > > + // When N and S are both empty strings, cSHAKE(X, L, N, S) is equivalent
> > to
> > > >
> > > > + // SHAKE as defined in FIPS 202.
> > > >
> > > > + //
> > > >
> > > > + Status = (BOOLEAN)KeccakInit (
> > > >
> > > > + (Keccak1600_Ctx *)CShake256Context,
> > > >
> > > > + '\x1f',
> > > >
> > > > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH *
> 2)
> > /
> > > 8,
> > > >
> > > > + OutputLen
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > + return Status;
> > > >
> > > > + } else {
> > > >
> > > > + Status = (BOOLEAN)KeccakInit (
> > > >
> > > > + (Keccak1600_Ctx *)CShake256Context,
> > > >
> > > > + '\x04',
> > > >
> > > > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH *
> 2)
> > /
> > > 8,
> > > >
> > > > + OutputLen
> > > >
> > > > + );
> > > >
> > > > + if (!Status) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + AbsorbLen = 0;
> > > >
> > > > + //
> > > >
> > > > + // Absorb Absorb bytepad(.., rate).
> > > >
> > > > + //
> > > >
> > > > + EncLen = LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES);
> > > >
> > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > > EncBuf, EncLen);
> > > >
> > > > + if (!Status) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + AbsorbLen += EncLen;
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Absorb encode_string(N).
> > > >
> > > > + //
> > > >
> > > > + EncLen = LeftEncode (EncBuf, NameLen * 8);
> > > >
> > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > > EncBuf, EncLen);
> > > >
> > > > + if (!Status) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + AbsorbLen += EncLen;
> > > >
> > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > *)CShake256Context,
> > > > Name, NameLen);
> > > >
> > > > + if (!Status) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + AbsorbLen += NameLen;
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Absorb encode_string(S).
> > > >
> > > > + //
> > > >
> > > > + EncLen = LeftEncode (EncBuf, CustomizationLen * 8);
> > > >
> > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > > EncBuf, EncLen);
> > > >
> > > > + if (!Status) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + AbsorbLen += EncLen;
> > > >
> > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > *)CShake256Context,
> > > > Customization, CustomizationLen);
> > > >
> > > > + if (!Status) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + AbsorbLen += CustomizationLen;
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Absorb zero padding up to rate.
> > > >
> > > > + //
> > > >
> > > > + PadLen = CSHAKE256_RATE_IN_BYTES - AbsorbLen %
> > > > CSHAKE256_RATE_IN_BYTES;
> > > >
> > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > > mZeroPadding, PadLen);
> > > >
> > > > + if (!Status) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + return TRUE;
> > > >
> > > > + }
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Digests the input data and updates cSHAKE-256 context.
> > > >
> > > > +
> > > >
> > > > + This function performs cSHAKE-256 digest on a data buffer of the
> specified
> > > > size.
> > > >
> > > > + It can be called multiple times to compute the digest of long or
> > > discontinuous
> > > > data streams.
> > > >
> > > > + cSHAKE-256 context should be already correctly initialized by
> > > CShake256Init(),
> > > > and should not be finalized
> > > >
> > > > + by CShake256Final(). Behavior with invalid context is undefined.
> > > >
> > > > +
> > > >
> > > > + @param[in, out] CShake256Context Pointer to the cSHAKE-256
> context.
> > > >
> > > > + @param[in] Data Pointer to the buffer containing the data to
> > be
> > > > hashed.
> > > >
> > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE cSHAKE-256 data digest succeeded.
> > > >
> > > > + @retval FALSE cSHAKE-256 data digest failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +CShake256Update (
> > > >
> > > > + IN OUT VOID *CShake256Context,
> > > >
> > > > + IN CONST VOID *Data,
> > > >
> > > > + IN UINTN DataSize
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + //
> > > >
> > > > + // Check input parameters.
> > > >
> > > > + //
> > > >
> > > > + if (CShake256Context == NULL) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Check invalid parameters, in case that only DataLength was checked in
> > > > OpenSSL.
> > > >
> > > > + //
> > > >
> > > > + if ((Data == NULL) && (DataSize != 0)) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > Data,
> > > > DataSize));
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Completes computation of the cSHAKE-256 digest value.
> > > >
> > > > +
> > > >
> > > > + This function completes cSHAKE-256 hash computation and retrieves the
> > > > digest value into
> > > >
> > > > + the specified memory. After this function has been called, the cSHAKE-
> 256
> > > > context cannot
> > > >
> > > > + be used again.
> > > >
> > > > + cSHAKE-256 context should be already correctly initialized by
> > > CShake256Init(),
> > > > and should not be
> > > >
> > > > + finalized by CShake256Final(). Behavior with invalid cSHAKE-256 context
> is
> > > > undefined.
> > > >
> > > > +
> > > >
> > > > + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context.
> > > >
> > > > + @param[out] HashValue Pointer to a buffer that receives the
> > > cSHAKE-
> > > > 256 digest
> > > >
> > > > + value.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE cSHAKE-256 digest computation succeeded.
> > > >
> > > > + @retval FALSE cSHAKE-256 digest computation failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +CShake256Final (
> > > >
> > > > + IN OUT VOID *CShake256Context,
> > > >
> > > > + OUT UINT8 *HashValue
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + //
> > > >
> > > > + // Check input parameters.
> > > >
> > > > + //
> > > >
> > > > + if ((CShake256Context == NULL) || (HashValue == NULL)) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // cSHAKE-256 Hash Finalization.
> > > >
> > > > + //
> > > >
> > > > + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context,
> > > > HashValue));
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Computes the CSHAKE-256 message digest of a input data buffer.
> > > >
> > > > +
> > > >
> > > > + This function performs the CSHAKE-256 message digest of a given data
> > > buffer,
> > > > and places
> > > >
> > > > + the digest value into the specified memory.
> > > >
> > > > +
> > > >
> > > > + @param[in] Data Pointer to the buffer containing the data to
> be
> > > > hashed.
> > > >
> > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > >
> > > > + @param[in] OutputLen Size of output in bytes.
> > > >
> > > > + @param[in] Name Pointer to the function name string.
> > > >
> > > > + @param[in] NameLen Size of the function name in bytes.
> > > >
> > > > + @param[in] Customization Pointer to the customization string.
> > > >
> > > > + @param[in] CustomizationLen Size of the customization string in bytes.
> > > >
> > > > + @param[out] HashValue Pointer to a buffer that receives the
> > CSHAKE-
> > > > 256 digest
> > > >
> > > > + value.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE CSHAKE-256 digest computation succeeded.
> > > >
> > > > + @retval FALSE CSHAKE-256 digest computation failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +CShake256HashAll (
> > > >
> > > > + IN CONST VOID *Data,
> > > >
> > > > + IN UINTN DataSize,
> > > >
> > > > + IN UINTN OutputLen,
> > > >
> > > > + IN CONST VOID *Name,
> > > >
> > > > + IN UINTN NameLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomizationLen,
> > > >
> > > > + OUT UINT8 *HashValue
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + BOOLEAN Status;
> > > >
> > > > + Keccak1600_Ctx Ctx;
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Check input parameters.
> > > >
> > > > + //
> > > >
> > > > + if (HashValue == NULL) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if ((Data == NULL) && (DataSize != 0)) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + Status = CShake256Init (&Ctx, OutputLen, Name, NameLen,
> Customization,
> > > > CustomizationLen);
> > > >
> > > > + if (!Status) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + Status = CShake256Update (&Ctx, Data, DataSize);
> > > >
> > > > + if (!Status) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + return CShake256Final (&Ctx, HashValue);
> > > >
> > > > +}
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > > new file mode 100644
> > > > index 000000000000..f7ce9dbf523e
> > > > --- /dev/null
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > > @@ -0,0 +1,278 @@
> > > > +/** @file
> > > >
> > > > + ParallelHash Implementation.
> > > >
> > > > +
> > > >
> > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +
> > > >
> > > > +#include "CryptParallelHash.h"
> > > >
> > > > +#include <Library/MmServicesTableLib.h>
> > > >
> > > > +#include <Library/SynchronizationLib.h>
> > > >
> > > > +
> > > >
> > > > +#define PARALLELHASH_CUSTOMIZATION "ParallelHash"
> > > >
> > > > +
> > > >
> > > > +UINTN mBlockNum;
> > > >
> > > > +UINTN mBlockSize;
> > > >
> > > > +UINTN mLastBlockSize;
> > > >
> > > > +UINT8 *mInput;
> > > >
> > > > +UINTN mBlockResultSize;
> > > >
> > > > +UINT8 *mBlockHashResult;
> > > >
> > > > +BOOLEAN *mBlockIsCompleted;
> > > >
> > > > +SPIN_LOCK *mSpinLockList;
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Complete computation of digest of each block.
> > > >
> > > > +
> > > >
> > > > + Each AP perform the function called by BSP.
> > > >
> > > > +
> > > >
> > > > + @param[in] ProcedureArgument Argument of the procedure.
> > > >
> > > > +**/
> > > >
> > > > +VOID
> > > >
> > > > +EFIAPI
> > > >
> > > > +ParallelHashApExecute (
> > > >
> > > > + IN VOID *ProcedureArgument
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + UINTN Index;
> > > >
> > > > + BOOLEAN Status;
> > > >
> > > > +
> > > >
> > > > + for (Index = 0; Index < mBlockNum; Index++) {
> > > >
> > > > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> > > >
> > > > + //
> > > >
> > > > + // Completed, try next one.
> > > >
> > > > + //
> > > >
> > > > + if (mBlockIsCompleted[Index]) {
> > > >
> > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > >
> > > > + continue;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Calculate CShake256 for this block.
> > > >
> > > > + //
> > > >
> > > > + Status = CShake256HashAll (
> > > >
> > > > + mInput + Index * mBlockSize,
> > > >
> > > > + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
> > > >
> > > > + mBlockResultSize,
> > > >
> > > > + NULL,
> > > >
> > > > + 0,
> > > >
> > > > + NULL,
> > > >
> > > > + 0,
> > > >
> > > > + mBlockHashResult + Index * mBlockResultSize
> > > >
> > > > + );
> > > >
> > > > + if (!EFI_ERROR (Status)) {
> > > >
> > > > + mBlockIsCompleted[Index] = TRUE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > >
> > > > + }
> > > >
> > > > + }
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Dispatch the block task to each AP in SMM mode.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +VOID
> > > >
> > > > +EFIAPI
> > > >
> > > > +MmDispatchBlockToAP (
> > > >
> > > > + VOID
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + UINTN Index;
> > > >
> > > > +
> > > >
> > > > + for (Index = 0; Index < gMmst->NumberOfCpus; Index++) {
> > > >
> > > > + if (Index != gMmst->CurrentlyExecutingCpu) {
> > > >
> > > > + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL);
> > > >
> > > > + }
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + return;
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > Publication
> > > > 800-185,
> > > >
> > > > + published December 2016.
> > > >
> > > > +
> > > >
> > > > + @param[in] Input Pointer to the input message (X).
> > > >
> > > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> > the
> > > > input data.
> > > >
> > > > + @param[in] BlockSize The size of each block (B).
> > > >
> > > > + @param[out] Output Pointer to the output buffer.
> > > >
> > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > >
> > > > + @param[in] Customization Pointer to the customization string (S).
> > > >
> > > > + @param[in] CustomByteLen The length of the customization string in
> > > bytes.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > >
> > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +ParallelHash256HashAll (
> > > >
> > > > + IN CONST VOID *Input,
> > > >
> > > > + IN UINTN InputByteLen,
> > > >
> > > > + IN UINTN BlockSize,
> > > >
> > > > + OUT VOID *Output,
> > > >
> > > > + IN UINTN OutputByteLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomByteLen
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + UINT8 EncBufB[sizeof (UINTN)+1];
> > > >
> > > > + UINTN EncSizeB;
> > > >
> > > > + UINT8 EncBufN[sizeof (UINTN)+1];
> > > >
> > > > + UINTN EncSizeN;
> > > >
> > > > + UINT8 EncBufL[sizeof (UINTN)+1];
> > > >
> > > > + UINTN EncSizeL;
> > > >
> > > > + UINTN Index;
> > > >
> > > > + UINT8 *CombinedInput;
> > > >
> > > > + UINTN CombinedInputSize;
> > > >
> > > > + BOOLEAN AllCompleted;
> > > >
> > > > + UINTN Offset;
> > > >
> > > > + BOOLEAN ReturnValue;
> > > >
> > > > +
> > > >
> > > > + if ((InputByteLen == 0) || (OutputByteLen == 0) || (BlockSize == 0)) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if ((Input == NULL) || (Output == NULL)) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if ((CustomByteLen != 0) && (Customization == NULL)) {
> > > >
> > > > + return FALSE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + mBlockSize = BlockSize;
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Calculate block number n.
> > > >
> > > > + //
> > > >
> > > > + mBlockNum = InputByteLen % mBlockSize == 0 ? InputByteLen /
> > mBlockSize :
> > > > InputByteLen / mBlockSize + 1;
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Set hash result size of each block in bytes.
> > > >
> > > > + //
> > > >
> > > > + mBlockResultSize = OutputByteLen;
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Encode B, n, L to string and record size.
> > > >
> > > > + //
> > > >
> > > > + EncSizeB = LeftEncode (EncBufB, mBlockSize);
> > > >
> > > > + EncSizeN = RightEncode (EncBufN, mBlockNum);
> > > >
> > > > + EncSizeL = RightEncode (EncBufL, OutputByteLen * CHAR_BIT);
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Allocate buffer for combined input (newX), Block completed flag and
> > > > SpinLock.
> > > >
> > > > + //
> > > >
> > > > + CombinedInputSize = EncSizeB + EncSizeN + EncSizeL + mBlockNum *
> > > > mBlockResultSize;
> > > >
> > > > + CombinedInput = AllocateZeroPool (CombinedInputSize);
> > > >
> > > > + mBlockIsCompleted = AllocateZeroPool (mBlockNum * sizeof
> (BOOLEAN));
> > > >
> > > > + mSpinLockList = AllocatePool (mBlockNum * sizeof (SPIN_LOCK));
> > > >
> > > > + if ((CombinedInput == NULL) || (mBlockIsCompleted == NULL) ||
> > > > (mSpinLockList == NULL)) {
> > > >
> > > > + ReturnValue = FALSE;
> > > >
> > > > + goto Exit;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Fill LeftEncode(B).
> > > >
> > > > + //
> > > >
> > > > + CopyMem (CombinedInput, EncBufB, EncSizeB);
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Prepare for parallel hash.
> > > >
> > > > + //
> > > >
> > > > + mBlockHashResult = CombinedInput + EncSizeB;
> > > >
> > > > + mInput = (UINT8 *)Input;
> > > >
> > > > + mLastBlockSize = InputByteLen % mBlockSize == 0 ? mBlockSize :
> > > > InputByteLen % mBlockSize;
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Initialize SpinLock for each result block.
> > > >
> > > > + //
> > > >
> > > > + for (Index = 0; Index < mBlockNum; Index++) {
> > > >
> > > > + InitializeSpinLock (&mSpinLockList[Index]);
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Dispatch blocklist to each AP.
> > > >
> > > > + //
> > > >
> > > > + if (gMmst != NULL) {
> > > >
> > > > + MmDispatchBlockToAP ();
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Wait until all block hash completed.
> > > >
> > > > + //
> > > >
> > > > + do {
> > > >
> > > > + AllCompleted = TRUE;
> > > >
> > > > + for (Index = 0; Index < mBlockNum; Index++) {
> > > >
> > > > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> > > >
> > > > + if (!mBlockIsCompleted[Index]) {
> > > >
> > > > + AllCompleted = FALSE;
> > > >
> > > > + ReturnValue = CShake256HashAll (
> > > >
> > > > + mInput + Index * mBlockSize,
> > > >
> > > > + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
> > > >
> > > > + mBlockResultSize,
> > > >
> > > > + NULL,
> > > >
> > > > + 0,
> > > >
> > > > + NULL,
> > > >
> > > > + 0,
> > > >
> > > > + mBlockHashResult + Index * mBlockResultSize
> > > >
> > > > + );
> > > >
> > > > + if (ReturnValue) {
> > > >
> > > > + mBlockIsCompleted[Index] = TRUE;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > >
> > > > + break;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > >
> > > > + } else {
> > > >
> > > > + AllCompleted = FALSE;
> > > >
> > > > + break;
> > > >
> > > > + }
> > > >
> > > > + }
> > > >
> > > > + } while (!AllCompleted);
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Fill LeftEncode(n).
> > > >
> > > > + //
> > > >
> > > > + Offset = EncSizeB + mBlockNum * mBlockResultSize;
> > > >
> > > > + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN);
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Fill LeftEncode(L).
> > > >
> > > > + //
> > > >
> > > > + Offset += EncSizeN;
> > > >
> > > > + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL);
> > > >
> > > > +
> > > >
> > > > + ReturnValue = CShake256HashAll (
> > > >
> > > > + CombinedInput,
> > > >
> > > > + CombinedInputSize,
> > > >
> > > > + OutputByteLen,
> > > >
> > > > + PARALLELHASH_CUSTOMIZATION,
> > > >
> > > > + AsciiStrLen (PARALLELHASH_CUSTOMIZATION),
> > > >
> > > > + Customization,
> > > >
> > > > + CustomByteLen,
> > > >
> > > > + Output
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > +Exit:
> > > >
> > > > + ZeroMem (CombinedInput, CombinedInputSize);
> > > >
> > > > +
> > > >
> > > > + if (CombinedInput != NULL) {
> > > >
> > > > + FreePool (CombinedInput);
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if (mSpinLockList != NULL) {
> > > >
> > > > + FreePool ((VOID *)mSpinLockList);
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if (mBlockIsCompleted != NULL) {
> > > >
> > > > + FreePool (mBlockIsCompleted);
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + return ReturnValue;
> > > >
> > > > +}
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > > new file mode 100644
> > > > index 000000000000..2bf89594def5
> > > > --- /dev/null
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > > @@ -0,0 +1,40 @@
> > > > +/** @file
> > > >
> > > > + ParallelHash Implementation which does not provide real capabilities.
> > > >
> > > > +
> > > >
> > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +
> > > >
> > > > +#include "InternalCryptLib.h"
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > Publication
> > > > 800-185,
> > > >
> > > > + published December 2016.
> > > >
> > > > +
> > > >
> > > > + @param[in] Input Pointer to the input message (X).
> > > >
> > > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> > the
> > > > input data.
> > > >
> > > > + @param[in] BlockSize The size of each block (B).
> > > >
> > > > + @param[out] Output Pointer to the output buffer.
> > > >
> > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > >
> > > > + @param[in] Customization Pointer to the customization string (S).
> > > >
> > > > + @param[in] CustomByteLen The length of the customization string in
> > > bytes.
> > > >
> > > > +
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +ParallelHash256HashAll (
> > > >
> > > > + IN CONST VOID *Input,
> > > >
> > > > + IN UINTN InputByteLen,
> > > >
> > > > + IN UINTN BlockSize,
> > > >
> > > > + OUT VOID *Output,
> > > >
> > > > + IN UINTN OutputByteLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomByteLen
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + ASSERT (FALSE);
> > > >
> > > > + return FALSE;
> > > >
> > > > +}
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > > new file mode 100644
> > > > index 000000000000..6abafc3c00e6
> > > > --- /dev/null
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > > @@ -0,0 +1,166 @@
> > > > +/** @file
> > > >
> > > > + SHA3 realted functions from OpenSSL.
> > > >
> > > > +
> > > >
> > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > +
> > > >
> > > > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> > > >
> > > > +Licensed under the OpenSSL license (the "License"). You may not use
> > > >
> > > > +this file except in compliance with the License. You can obtain a copy
> > > >
> > > > +in the file LICENSE in the source distribution or at
> > > >
> > > > +https://www.openssl.org/source/license.html
> > > >
> > > > +**/
> > > >
> > > > +
> > > >
> > > > +#include "CryptParallelHash.h"
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Keccak initial fuction.
> > > >
> > > > +
> > > >
> > > > + Set up state with specified capacity.
> > > >
> > > > +
> > > >
> > > > + @param[out] Context Pointer to the context being initialized.
> > > >
> > > > + @param[in] Pad Delimited Suffix.
> > > >
> > > > + @param[in] BlockSize Size of context block.
> > > >
> > > > + @param[in] MessageDigestLen Size of message digest in bytes.
> > > >
> > > > +
> > > >
> > > > + @retval 1 Initialize successfully.
> > > >
> > > > + @retval 0 Fail to initialize.
> > > >
> > > > +**/
> > > >
> > > > +UINT8
> > > >
> > > > +EFIAPI
> > > >
> > > > +KeccakInit (
> > > >
> > > > + OUT Keccak1600_Ctx *Context,
> > > >
> > > > + IN UINT8 Pad,
> > > >
> > > > + IN UINTN BlockSize,
> > > >
> > > > + IN UINTN MessageDigestLen
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + if (BlockSize <= sizeof (Context->buf)) {
> > > >
> > > > + memset (Context->A, 0, sizeof (Context->A));
> > > >
> > > > +
> > > >
> > > > + Context->num = 0;
> > > >
> > > > + Context->block_size = BlockSize;
> > > >
> > > > + Context->md_size = MessageDigestLen;
> > > >
> > > > + Context->pad = Pad;
> > > >
> > > > +
> > > >
> > > > + return 1;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + return 0;
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Sha3 update fuction.
> > > >
> > > > +
> > > >
> > > > + This function performs Sha3 digest on a data buffer of the specified size.
> > > >
> > > > + It can be called multiple times to compute the digest of long or
> > > discontinuous
> > > > data streams.
> > > >
> > > > +
> > > >
> > > > + @param[in,out] Context Pointer to the Keccak context.
> > > >
> > > > + @param[in] Data Pointer to the buffer containing the data to be
> > > hashed.
> > > >
> > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > >
> > > > +
> > > >
> > > > + @retval 1 Update successfully.
> > > >
> > > > +**/
> > > >
> > > > +UINT8
> > > >
> > > > +EFIAPI
> > > >
> > > > +Sha3Update (
> > > >
> > > > + IN OUT Keccak1600_Ctx *Context,
> > > >
> > > > + IN const VOID *Data,
> > > >
> > > > + IN UINTN DataSize
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + const UINT8 *DataCopy;
> > > >
> > > > + UINTN BlockSize;
> > > >
> > > > + UINTN Num;
> > > >
> > > > + UINTN Rem;
> > > >
> > > > +
> > > >
> > > > + DataCopy = Data;
> > > >
> > > > + BlockSize = (UINT8)(Context->block_size);
> > > >
> > > > +
> > > >
> > > > + if (DataSize == 0) {
> > > >
> > > > + return 1;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if ((Num = Context->num) != 0) {
> > > >
> > > > + //
> > > >
> > > > + // process intermediate buffer
> > > >
> > > > + //
> > > >
> > > > + Rem = BlockSize - Num;
> > > >
> > > > +
> > > >
> > > > + if (DataSize < Rem) {
> > > >
> > > > + memcpy (Context->buf + Num, DataCopy, DataSize);
> > > >
> > > > + Context->num += DataSize;
> > > >
> > > > + return 1;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // We have enough data to fill or overflow the intermediate
> > > >
> > > > + // buffer. So we append |Rem| bytes and process the block,
> > > >
> > > > + // leaving the rest for later processing.
> > > >
> > > > + //
> > > >
> > > > + memcpy (Context->buf + Num, DataCopy, Rem);
> > > >
> > > > + DataCopy += Rem;
> > > >
> > > > + DataSize -= Rem;
> > > >
> > > > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> > > >
> > > > + Context->num = 0;
> > > >
> > > > + // Context->buf is processed, Context->num is guaranteed to be zero.
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if (DataSize >= BlockSize) {
> > > >
> > > > + Rem = SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize);
> > > >
> > > > + } else {
> > > >
> > > > + Rem = DataSize;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if (Rem > 0) {
> > > >
> > > > + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem);
> > > >
> > > > + Context->num = Rem;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + return 1;
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Completes computation of Sha3 message digest.
> > > >
> > > > +
> > > >
> > > > + This function completes sha3 hash computation and retrieves the digest
> > > value
> > > > into
> > > >
> > > > + the specified memory. After this function has been called, the keccak
> > > context
> > > > cannot
> > > >
> > > > + be used again.
> > > >
> > > > +
> > > >
> > > > + @param[in, out] Context Pointer to the keccak context.
> > > >
> > > > + @param[out] MessageDigest Pointer to a buffer that receives the
> > > > message digest.
> > > >
> > > > +
> > > >
> > > > + @retval 1 Meaasge digest computation succeeded.
> > > >
> > > > +**/
> > > >
> > > > +UINT8
> > > >
> > > > +EFIAPI
> > > >
> > > > +Sha3Final (
> > > >
> > > > + IN OUT Keccak1600_Ctx *Context,
> > > >
> > > > + OUT UINT8 *MessageDigest
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + UINTN BlockSize;
> > > >
> > > > + UINTN Num;
> > > >
> > > > +
> > > >
> > > > + BlockSize = Context->block_size;
> > > >
> > > > + Num = Context->num;
> > > >
> > > > +
> > > >
> > > > + if (Context->md_size == 0) {
> > > >
> > > > + return 1;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1|
> > > >
> > > > + // in which case both byte operations below are performed on
> > > >
> > > > + // same byte.
> > > >
> > > > + //
> > > >
> > > > + memset (Context->buf + Num, 0, BlockSize - Num);
> > > >
> > > > + Context->buf[Num] = Context->pad;
> > > >
> > > > + Context->buf[BlockSize - 1] |= 0x80;
> > > >
> > > > +
> > > >
> > > > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> > > >
> > > > +
> > > >
> > > > + SHA3_squeeze (Context->A, MessageDigest, Context->md_size,
> BlockSize);
> > > >
> > > > +
> > > >
> > > > + return 1;
> > > >
> > > > +}
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > > new file mode 100644
> > > > index 000000000000..12c46cfbcd59
> > > > --- /dev/null
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > > @@ -0,0 +1,107 @@
> > > > +/** @file
> > > >
> > > > + Encode realted functions from Xkcp.
> > > >
> > > > +
> > > >
> > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > +
> > > >
> > > > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> > > >
> > > > +https://github.com/XKCP/XKCP
> > > >
> > > > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and
> > Gilles
> > > > Van Assche.
> > > >
> > > > +Implementation by the designers, hereby denoted as "the implementer".
> > > >
> > > > +For more information, feedback or questions, please refer to the Keccak
> > > Team
> > > > website:
> > > >
> > > > +https://keccak.team/
> > > >
> > > > +To the extent possible under law, the implementer has waived all
> copyright
> > > >
> > > > +and related or neighboring rights to the source code in this file.
> > > >
> > > > +http://creativecommons.org/publicdomain/zero/1.0/
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +
> > > >
> > > > +#include "CryptParallelHash.h"
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Encode function from XKCP.
> > > >
> > > > +
> > > >
> > > > + Encodes the input as a byte string in a way that can be unambiguously
> > > parsed
> > > >
> > > > + from the beginning of the string by inserting the length of the byte string
> > > >
> > > > + before the byte string representation of input.
> > > >
> > > > +
> > > >
> > > > + @param[out] EncBuf Result of left encode.
> > > >
> > > > + @param[in] Value Input of left encode.
> > > >
> > > > +
> > > >
> > > > + @retval EncLen Size of encode result in bytes.
> > > >
> > > > +**/
> > > >
> > > > +UINTN
> > > >
> > > > +EFIAPI
> > > >
> > > > +LeftEncode (
> > > >
> > > > + OUT UINT8 *EncBuf,
> > > >
> > > > + IN UINTN Value
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + UINT32 BlockNum;
> > > >
> > > > + UINT32 EncLen;
> > > >
> > > > + UINT32 Index;
> > > >
> > > > + UINTN ValueCopy;
> > > >
> > > > +
> > > >
> > > > + for ( ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum <
> sizeof
> > > > (UINTN)); ++BlockNum, ValueCopy >>= 8 ) {
> > > >
> > > > + //
> > > >
> > > > + // Empty
> > > >
> > > > + //
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if (BlockNum == 0) {
> > > >
> > > > + BlockNum = 1;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + for (Index = 1; Index <= BlockNum; ++Index) {
> > > >
> > > > + EncBuf[Index] = (UINT8)(Value >> (8 * (BlockNum - Index)));
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + EncBuf[0] = (UINT8)BlockNum;
> > > >
> > > > + EncLen = BlockNum + 1;
> > > >
> > > > +
> > > >
> > > > + return EncLen;
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Encode function from XKCP.
> > > >
> > > > +
> > > >
> > > > + Encodes the input as a byte string in a way that can be unambiguously
> > > parsed
> > > >
> > > > + from the end of the string by inserting the length of the byte string after
> > > >
> > > > + the byte string representation of input.
> > > >
> > > > +
> > > >
> > > > + @param[out] EncBuf Result of right encode.
> > > >
> > > > + @param[in] Value Input of right encode.
> > > >
> > > > +
> > > >
> > > > + @retval EncLen Size of encode result in bytes.
> > > >
> > > > +**/
> > > >
> > > > +UINTN
> > > >
> > > > +EFIAPI
> > > >
> > > > +RightEncode (
> > > >
> > > > + OUT UINT8 *EncBuf,
> > > >
> > > > + IN UINTN Value
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + UINT32 BlockNum;
> > > >
> > > > + UINT32 EncLen;
> > > >
> > > > + UINT32 Index;
> > > >
> > > > + UINTN ValueCopy;
> > > >
> > > > +
> > > >
> > > > + for (ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum <
> sizeof
> > > > (UINTN)); ++BlockNum, ValueCopy >>= 8) {
> > > >
> > > > + //
> > > >
> > > > + // Empty
> > > >
> > > > + //
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + if (BlockNum == 0) {
> > > >
> > > > + BlockNum = 1;
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + for (Index = 1; Index <= BlockNum; ++Index) {
> > > >
> > > > + EncBuf[Index-1] = (UINT8)(Value >> (8 * (BlockNum-Index)));
> > > >
> > > > + }
> > > >
> > > > +
> > > >
> > > > + EncBuf[BlockNum] = (UINT8)BlockNum;
> > > >
> > > > + EncLen = BlockNum + 1;
> > > >
> > > > +
> > > >
> > > > + return EncLen;
> > > >
> > > > +}
> > > >
> > > > diff --git
> > a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > > b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > > new file mode 100644
> > > > index 000000000000..2bf89594def5
> > > > --- /dev/null
> > > > +++ b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > > @@ -0,0 +1,40 @@
> > > > +/** @file
> > > >
> > > > + ParallelHash Implementation which does not provide real capabilities.
> > > >
> > > > +
> > > >
> > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +
> > > >
> > > > +#include "InternalCryptLib.h"
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > Publication
> > > > 800-185,
> > > >
> > > > + published December 2016.
> > > >
> > > > +
> > > >
> > > > + @param[in] Input Pointer to the input message (X).
> > > >
> > > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> > the
> > > > input data.
> > > >
> > > > + @param[in] BlockSize The size of each block (B).
> > > >
> > > > + @param[out] Output Pointer to the output buffer.
> > > >
> > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > >
> > > > + @param[in] Customization Pointer to the customization string (S).
> > > >
> > > > + @param[in] CustomByteLen The length of the customization string in
> > > bytes.
> > > >
> > > > +
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +ParallelHash256HashAll (
> > > >
> > > > + IN CONST VOID *Input,
> > > >
> > > > + IN UINTN InputByteLen,
> > > >
> > > > + IN UINTN BlockSize,
> > > >
> > > > + OUT VOID *Output,
> > > >
> > > > + IN UINTN OutputByteLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomByteLen
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + ASSERT (FALSE);
> > > >
> > > > + return FALSE;
> > > >
> > > > +}
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > index c8df259ea963..8ee1b53cf957 100644
> > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > @@ -3,7 +3,7 @@
> > > > Protocol/PPI.
> > > >
> > > >
> > > >
> > > > Copyright (C) Microsoft Corporation. All rights reserved.
> > > >
> > > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > >
> > > >
> > > > **/
> > > >
> > > > @@ -870,6 +870,38 @@ Sha512HashAll (
> > > > CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue),
> > FALSE);
> > > >
> > > > }
> > > >
> > > >
> > > >
> > > > +/**
> > > >
> > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > Publication
> > > > 800-185,
> > > >
> > > > + published December 2016.
> > > >
> > > > +
> > > >
> > > > + @param[in] Input Pointer to the input message (X).
> > > >
> > > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> > the
> > > > input data.
> > > >
> > > > + @param[in] BlockSize The size of each block (B).
> > > >
> > > > + @param[out] Output Pointer to the output buffer.
> > > >
> > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > >
> > > > + @param[in] Customization Pointer to the customization string (S).
> > > >
> > > > + @param[in] CustomByteLen The length of the customization string in
> > > bytes.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > >
> > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +ParallelHash256HashAll (
> > > >
> > > > + IN CONST VOID *Input,
> > > >
> > > > + IN UINTN InputByteLen,
> > > >
> > > > + IN UINTN BlockSize,
> > > >
> > > > + OUT VOID *Output,
> > > >
> > > > + IN UINTN OutputByteLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomByteLen
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen,
> > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen), FALSE);
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > /**
> > > >
> > > > Retrieves the size, in bytes, of the context buffer required for SM3 hash
> > > > operations.
> > > >
> > > >
> > > >
> > > > diff --git
> > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > > new file mode 100644
> > > > index 000000000000..fb57e91a9f16
> > > > --- /dev/null
> > > > +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > > @@ -0,0 +1,145 @@
> > > > +/** @file
> > > >
> > > > + Application for Parallelhash Function Validation.
> > > >
> > > > +
> > > >
> > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +
> > > >
> > > > +#include "TestBaseCryptLib.h"
> > > >
> > > > +
> > > >
> > > > +//
> > > >
> > > > +// Parallelhash Test Sample common parameters.
> > > >
> > > > +//
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN OutputByteLen =
> 64;
> > > >
> > > > +
> > > >
> > > > +//
> > > >
> > > > +// Parallelhash Test Sample #1 from NIST Special Publication 800-185.
> > > >
> > > > +//
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample1[] = {
> > > >
> > > > + // input data of sample1.
> > > >
> > > > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x10, 0x11, 0x12, 0x13,
> > > 0x14,
> > > > 0x15, 0x16, 0x17,
> > > >
> > > > + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
> > > >
> > > > +};
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample1ByteLen
> =
> > > 24;
> > > > // Length of sample1 input data in bytes.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > > *CustomizationSample1
> > > > = ""; // Customization string (S) of sample1.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> CustomSample1ByteLen
> > =
> > > 0;
> > > > // Customization string length of sample1 in bytes.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample1 =
> 8;
> > > > // Block size of sample1.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > > ExpectOutputSample1[]
> > > > = {
> > > >
> > > > + // Expected output data of sample1.
> > > >
> > > > + 0xbc, 0x1e, 0xf1, 0x24, 0xda, 0x34, 0x49, 0x5e, 0x94, 0x8e, 0xad, 0x20,
> > > 0x7d,
> > > > 0xd9, 0x84, 0x22,
> > > >
> > > > + 0x35, 0xda, 0x43, 0x2d, 0x2b, 0xbc, 0x54, 0xb4, 0xc1, 0x10, 0xe6, 0x4c,
> > > 0x45,
> > > > 0x11, 0x05, 0x53,
> > > >
> > > > + 0x1b, 0x7f, 0x2a, 0x3e, 0x0c, 0xe0, 0x55, 0xc0, 0x28, 0x05, 0xe7, 0xc2,
> > 0xde,
> > > > 0x1f, 0xb7, 0x46,
> > > >
> > > > + 0xaf, 0x97, 0xa1, 0xd0, 0x01, 0xf4, 0x3b, 0x82, 0x4e, 0x31, 0xb8, 0x76,
> > 0x12,
> > > > 0x41, 0x04, 0x29
> > > >
> > > > +};
> > > >
> > > > +
> > > >
> > > > +//
> > > >
> > > > +// Parallelhash Test Sample #2 from NIST Special Publication 800-185.
> > > >
> > > > +//
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 *InputSample2
> =
> > > > InputSample1; // Input of sample2 is same as sample1.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample2ByteLen
> =
> > > 24;
> > > > // Length of sample2 input data in bytes.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > > *CustomizationSample2
> > > > = "Parallel Data"; // Customization string (S) of sample2.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> CustomSample2ByteLen
> > =
> > > > 13; // Customization string length of sample2 in bytes.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample2 =
> 8;
> > > > // Block size of sample2.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > > ExpectOutputSample2[]
> > > > = {
> > > >
> > > > + // Expected output data of sample2.
> > > >
> > > > + 0xcd, 0xf1, 0x52, 0x89, 0xb5, 0x4f, 0x62, 0x12, 0xb4, 0xbc, 0x27, 0x05,
> > 0x28,
> > > > 0xb4, 0x95, 0x26,
> > > >
> > > > + 0x00, 0x6d, 0xd9, 0xb5, 0x4e, 0x2b, 0x6a, 0xdd, 0x1e, 0xf6, 0x90, 0x0d,
> > > 0xda,
> > > > 0x39, 0x63, 0xbb,
> > > >
> > > > + 0x33, 0xa7, 0x24, 0x91, 0xf2, 0x36, 0x96, 0x9c, 0xa8, 0xaf, 0xae, 0xa2,
> > 0x9c,
> > > > 0x68, 0x2d, 0x47,
> > > >
> > > > + 0xa3, 0x93, 0xc0, 0x65, 0xb3, 0x8e, 0x29, 0xfa, 0xe6, 0x51, 0xa2, 0x09,
> > 0x1c,
> > > > 0x83, 0x31, 0x10
> > > >
> > > > +};
> > > >
> > > > +
> > > >
> > > > +//
> > > >
> > > > +// Parallelhash Test Sample #3 from NIST Special Publication 800-185.
> > > >
> > > > +//
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample3[] = {
> > > >
> > > > + // input data of sample3.
> > > >
> > > > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
> > > 0x10,
> > > > 0x11, 0x12, 0x13,
> > > >
> > > > + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x20, 0x21, 0x22, 0x23,
> > > 0x24,
> > > > 0x25, 0x26, 0x27,
> > > >
> > > > + 0x28, 0x29, 0x2a, 0x2b, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> > > 0x38,
> > > > 0x39, 0x3a, 0x3b,
> > > >
> > > > + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b,
> > > 0x50,
> > > > 0x51, 0x52, 0x53,
> > > >
> > > > + 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b
> > > >
> > > > +};
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample3ByteLen
> =
> > > 72;
> > > > // Length of sample3 input data in bytes.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > > *CustomizationSample3
> > > > = "Parallel Data"; // Customization string (S) of sample3.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> CustomSample3ByteLen
> > =
> > > > 13; // Customization string length of sample3 in bytes.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample3 =
> > 12;
> > > > // Block size of sample3.
> > > >
> > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > > ExpectOutputSample3[]
> > > > = {
> > > >
> > > > + // Expected output data of sample3.
> > > >
> > > > + 0x69, 0xd0, 0xfc, 0xb7, 0x64, 0xea, 0x05, 0x5d, 0xd0, 0x93, 0x34, 0xbc,
> > 0x60,
> > > > 0x21, 0xcb, 0x7e,
> > > >
> > > > + 0x4b, 0x61, 0x34, 0x8d, 0xff, 0x37, 0x5d, 0xa2, 0x62, 0x67, 0x1c, 0xde,
> > 0xc3,
> > > > 0xef, 0xfa, 0x8d,
> > > >
> > > > + 0x1b, 0x45, 0x68, 0xa6, 0xcc, 0xe1, 0x6b, 0x1c, 0xad, 0x94, 0x6d, 0xdd,
> > > 0xe2,
> > > > 0x7f, 0x6c, 0xe2,
> > > >
> > > > + 0xb8, 0xde, 0xe4, 0xcd, 0x1b, 0x24, 0x85, 0x1e, 0xbf, 0x00, 0xeb, 0x90,
> > > 0xd4,
> > > > 0x38, 0x13, 0xe9
> > > >
> > > > +};
> > > >
> > > > +
> > > >
> > > > +UNIT_TEST_STATUS
> > > >
> > > > +EFIAPI
> > > >
> > > > +TestVerifyParallelHash256HashAll (
> > > >
> > > > + IN UNIT_TEST_CONTEXT Context
> > > >
> > > > + )
> > > >
> > > > +{
> > > >
> > > > + BOOLEAN Status;
> > > >
> > > > + UINT8 Output[64];
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Test #1 using sample1.
> > > >
> > > > + //
> > > >
> > > > + Status = ParallelHash256HashAll (
> > > >
> > > > + InputSample1,
> > > >
> > > > + InputSample1ByteLen,
> > > >
> > > > + BlockSizeSample1,
> > > >
> > > > + Output,
> > > >
> > > > + OutputByteLen,
> > > >
> > > > + CustomizationSample1,
> > > >
> > > > + CustomSample1ByteLen
> > > >
> > > > + );
> > > >
> > > > + UT_ASSERT_TRUE (Status);
> > > >
> > > > +
> > > >
> > > > + // Check the output with the expected output.
> > > >
> > > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample1,
> > OutputByteLen);
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Test #2 using sample2.
> > > >
> > > > + //
> > > >
> > > > + Status = ParallelHash256HashAll (
> > > >
> > > > + InputSample2,
> > > >
> > > > + InputSample2ByteLen,
> > > >
> > > > + BlockSizeSample2,
> > > >
> > > > + Output,
> > > >
> > > > + OutputByteLen,
> > > >
> > > > + CustomizationSample2,
> > > >
> > > > + CustomSample2ByteLen
> > > >
> > > > + );
> > > >
> > > > + UT_ASSERT_TRUE (Status);
> > > >
> > > > +
> > > >
> > > > + // Check the output with the expected output.
> > > >
> > > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample2,
> > OutputByteLen);
> > > >
> > > > +
> > > >
> > > > + //
> > > >
> > > > + // Test #3 using sample3.
> > > >
> > > > + //
> > > >
> > > > + Status = ParallelHash256HashAll (
> > > >
> > > > + InputSample3,
> > > >
> > > > + InputSample3ByteLen,
> > > >
> > > > + BlockSizeSample3,
> > > >
> > > > + Output,
> > > >
> > > > + OutputByteLen,
> > > >
> > > > + CustomizationSample3,
> > > >
> > > > + CustomSample3ByteLen
> > > >
> > > > + );
> > > >
> > > > + UT_ASSERT_TRUE (Status);
> > > >
> > > > +
> > > >
> > > > + // Check the output with the expected output.
> > > >
> > > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample3,
> > OutputByteLen);
> > > >
> > > > +
> > > >
> > > > + return EFI_SUCCESS;
> > > >
> > > > +}
> > > >
> > > > +
> > > >
> > > > +TEST_DESC mParallelhashTest[] = {
> > > >
> > > > + //
> > > >
> > > > + // -----Description------------------------------Class----------------------
> > Function--
> > > --
> > > > -------------Pre---Post--Context
> > > >
> > > > + //
> > > >
> > > > + { "TestVerifyParallelHash256HashAll()",
> > > > "CryptoPkg.BaseCryptLib.ParallelHash256HashAll",
> > > > TestVerifyParallelHash256HashAll, NULL, NULL, NULL },
> > > >
> > > > +};
> > > >
> > > > +
> > > >
> > > > +UINTN mParallelhashTestNum = ARRAY_SIZE (mParallelhashTest);
> > > >
> > > > diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
> > > > index eeb388ae71c5..e21fafac1efe 100644
> > > > --- a/CryptoPkg/CryptoPkg.ci.yaml
> > > > +++ b/CryptoPkg/CryptoPkg.ci.yaml
> > > > @@ -2,7 +2,7 @@
> > > > # CI configuration for CryptoPkg
> > > >
> > > > #
> > > >
> > > > # Copyright (c) Microsoft Corporation
> > > >
> > > > -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +# Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > ##
> > > >
> > > > {
> > > >
> > > > @@ -34,6 +34,8 @@
> > > > "Library/OpensslLib/rand_pool.c",
> > > >
> > > > # This has OpenSSL interfaces that aren't UEFI spec compliant
> > > >
> > > > "Library/Include/CrtLibSupport.h",
> > > >
> > > > + # This has OpenSSL interfaces that aren't UEFI spec compliant
> > > >
> > > > + "Library/BaseCryptLib/Hash/CryptParallelHash.h",
> > > >
> > > > # These directories contain auto-generated OpenSSL content
> > > >
> > > > "Library/OpensslLib",
> > > >
> > > > "Library/IntrinsicLib",
> > > >
> > > > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > b/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > index f4bc7c0d73d9..7d1499350a49 100644
> > > > --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > @@ -4,7 +4,7 @@
> > > > primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
> > > >
> > > > functionality enabling.
> > > >
> > > >
> > > >
> > > > -Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > >
> > > >
> > > > **/
> > > >
> > > > @@ -753,6 +753,35 @@ Sha512HashAll (
> > > > OUT UINT8 *HashValue
> > > >
> > > > );
> > > >
> > > >
> > > >
> > > > +/**
> > > >
> > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > Publication
> > > > 800-185,
> > > >
> > > > + published December 2016.
> > > >
> > > > +
> > > >
> > > > + @param[in] Input Pointer to the input message (X).
> > > >
> > > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> > the
> > > > input data.
> > > >
> > > > + @param[in] BlockSize The size of each block (B).
> > > >
> > > > + @param[out] Output Pointer to the output buffer.
> > > >
> > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > >
> > > > + @param[in] Customization Pointer to the customization string (S).
> > > >
> > > > + @param[in] CustomByteLen The length of the customization string in
> > > bytes.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > >
> > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +ParallelHash256HashAll (
> > > >
> > > > + IN CONST VOID *Input,
> > > >
> > > > + IN UINTN InputByteLen,
> > > >
> > > > + IN UINTN BlockSize,
> > > >
> > > > + OUT VOID *Output,
> > > >
> > > > + IN UINTN OutputByteLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomByteLen
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > /**
> > > >
> > > > Retrieves the size, in bytes, of the context buffer required for SM3 hash
> > > > operations.
> > > >
> > > >
> > > >
> > > > diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > index 5186a54759ae..77330961352e 100644
> > > > --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > @@ -2,7 +2,7 @@
> > > > Defines the PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure
> associated
> > > with
> > > >
> > > > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.
> > > >
> > > >
> > > >
> > > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > >
> > > >
> > > > **/
> > > >
> > > > @@ -288,6 +288,12 @@ typedef struct {
> > > > } Services;
> > > >
> > > > UINT32 Family;
> > > >
> > > > } TlsGet;
> > > >
> > > > + union {
> > > >
> > > > + struct {
> > > >
> > > > + UINT8 HashAll : 1;
> > > >
> > > > + } Services;
> > > >
> > > > + UINT32 Family;
> > > >
> > > > + } ParallelHash;
> > > >
> > > > } PCD_CRYPTO_SERVICE_FAMILY_ENABLE;
> > > >
> > > >
> > > >
> > > > #endif
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > index 49703fa4c963..15cf3dab105c 100644
> > > > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > @@ -6,7 +6,7 @@
> > > > # This external input must be validated carefully to avoid security issues
> > such
> > > as
> > > >
> > > > # buffer overflow or integer overflow.
> > > >
> > > > #
> > > >
> > > > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All
> rights
> > > > reserved.<BR>
> > > >
> > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > #
> > > >
> > > > @@ -34,6 +34,7 @@
> > > > Hash/CryptSha256.c
> > > >
> > > > Hash/CryptSha512.c
> > > >
> > > > Hash/CryptSm3.c
> > > >
> > > > + Hash/CryptParallelHashNull.c
> > > >
> > > > Hmac/CryptHmacSha256.c
> > > >
> > > > Kdf/CryptHkdf.c
> > > >
> > > > Cipher/CryptAes.c
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > > new file mode 100644
> > > > index 000000000000..fe08d4928e8d
> > > > --- /dev/null
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > > @@ -0,0 +1,201 @@
> > > > +/** @file
> > > >
> > > > + ParallelHash related function and type declaration.
> > > >
> > > > +
> > > >
> > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > +
> > > >
> > > > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> > > >
> > > > +Licensed under the OpenSSL license (the "License"). You may not use
> > > >
> > > > +this file except in compliance with the License. You can obtain a copy
> > > >
> > > > +in the file LICENSE in the source distribution or at
> > > >
> > > > +https://www.openssl.org/source/license.html
> > > >
> > > > +
> > > >
> > > > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> > > >
> > > > +https://github.com/XKCP/XKCP
> > > >
> > > > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and
> > Gilles
> > > > Van Assche.
> > > >
> > > > +Implementation by the designers, hereby denoted as "the implementer".
> > > >
> > > > +For more information, feedback or questions, please refer to the Keccak
> > > Team
> > > > website:
> > > >
> > > > +https://keccak.team/
> > > >
> > > > +To the extent possible under law, the implementer has waived all
> copyright
> > > >
> > > > +and related or neighboring rights to the source code in this file.
> > > >
> > > > +http://creativecommons.org/publicdomain/zero/1.0/
> > > >
> > > > +**/
> > > >
> > > > +
> > > >
> > > > +#include "InternalCryptLib.h"
> > > >
> > > > +
> > > >
> > > > +#define KECCAK1600_WIDTH 1600
> > > >
> > > > +
> > > >
> > > > +//
> > > >
> > > > +// This struct referring to m_sha3.c from opessl and modified its type
> name.
> > > >
> > > > +//
> > > >
> > > > +typedef struct {
> > > >
> > > > + uint64_t A[5][5];
> > > >
> > > > + size_t block_size; /* cached ctx->digest->block_size */
> > > >
> > > > + size_t md_size; /* output length, variable in XOF */
> > > >
> > > > + size_t num; /* used bytes in below buffer */
> > > >
> > > > + unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
> > > >
> > > > + unsigned char pad;
> > > >
> > > > +} Keccak1600_Ctx;
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + SHA3_absorb can be called multiple times, but at each invocation
> > > >
> > > > + largest multiple of |r| out of |len| bytes are processed. Then
> > > >
> > > > + remaining amount of bytes is returned. This is done to spare caller
> > > >
> > > > + trouble of calculating the largest multiple of |r|. |r| can be viewed
> > > >
> > > > + as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104,
> > > >
> > > > + 72, but can also be (1600 - 448)/8 = 144. All this means that message
> > > >
> > > > + padding and intermediate sub-block buffering, byte- or bitwise, is
> > > >
> > > > + caller's responsibility.
> > > >
> > > > +**/
> > > >
> > > > +size_t
> > > >
> > > > +SHA3_absorb (
> > > >
> > > > + uint64_t A[5][5],
> > > >
> > > > + const unsigned char *inp,
> > > >
> > > > + size_t len,
> > > >
> > > > + size_t r
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + SHA3_squeeze is called once at the end to generate |out| hash value
> > > >
> > > > + of |len| bytes.
> > > >
> > > > +**/
> > > >
> > > > +void
> > > >
> > > > +SHA3_squeeze (
> > > >
> > > > + uint64_t A[5][5],
> > > >
> > > > + unsigned char *out,
> > > >
> > > > + size_t len,
> > > >
> > > > + size_t r
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Encode function from XKCP.
> > > >
> > > > +
> > > >
> > > > + Encodes the input as a byte string in a way that can be unambiguously
> > > parsed
> > > >
> > > > + from the beginning of the string by inserting the length of the byte string
> > > >
> > > > + before the byte string representation of input.
> > > >
> > > > +
> > > >
> > > > + @param[out] EncBuf Result of left encode.
> > > >
> > > > + @param[in] Value Input of left encode.
> > > >
> > > > +
> > > >
> > > > + @retval EncLen Size of encode result in bytes.
> > > >
> > > > +**/
> > > >
> > > > +UINTN
> > > >
> > > > +EFIAPI
> > > >
> > > > +LeftEncode (
> > > >
> > > > + OUT UINT8 *EncBuf,
> > > >
> > > > + IN UINTN Value
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Encode function from XKCP.
> > > >
> > > > +
> > > >
> > > > + Encodes the input as a byte string in a way that can be unambiguously
> > > parsed
> > > >
> > > > + from the end of the string by inserting the length of the byte string after
> > > >
> > > > + the byte string representation of input.
> > > >
> > > > +
> > > >
> > > > + @param[out] EncBuf Result of right encode.
> > > >
> > > > + @param[in] Value Input of right encode.
> > > >
> > > > +
> > > >
> > > > + @retval EncLen Size of encode result in bytes.
> > > >
> > > > +**/
> > > >
> > > > +UINTN
> > > >
> > > > +EFIAPI
> > > >
> > > > +RightEncode (
> > > >
> > > > + OUT UINT8 *EncBuf,
> > > >
> > > > + IN UINTN Value
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Keccak initial fuction.
> > > >
> > > > +
> > > >
> > > > + Set up state with specified capacity.
> > > >
> > > > +
> > > >
> > > > + @param[out] Context Pointer to the context being initialized.
> > > >
> > > > + @param[in] Pad Delimited Suffix.
> > > >
> > > > + @param[in] BlockSize Size of context block.
> > > >
> > > > + @param[in] MessageDigestLen Size of message digest in bytes.
> > > >
> > > > +
> > > >
> > > > + @retval 1 Initialize successfully.
> > > >
> > > > + @retval 0 Fail to initialize.
> > > >
> > > > +**/
> > > >
> > > > +UINT8
> > > >
> > > > +EFIAPI
> > > >
> > > > +KeccakInit (
> > > >
> > > > + OUT Keccak1600_Ctx *Context,
> > > >
> > > > + IN UINT8 Pad,
> > > >
> > > > + IN UINTN BlockSize,
> > > >
> > > > + IN UINTN MessageDigstLen
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Sha3 update fuction.
> > > >
> > > > +
> > > >
> > > > + This function performs Sha3 digest on a data buffer of the specified size.
> > > >
> > > > + It can be called multiple times to compute the digest of long or
> > > discontinuous
> > > > data streams.
> > > >
> > > > +
> > > >
> > > > + @param[in,out] Context Pointer to the Keccak context.
> > > >
> > > > + @param[in] Data Pointer to the buffer containing the data to be
> > > hashed.
> > > >
> > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > >
> > > > +
> > > >
> > > > + @retval 1 Update successfully.
> > > >
> > > > +**/
> > > >
> > > > +UINT8
> > > >
> > > > +EFIAPI
> > > >
> > > > +Sha3Update (
> > > >
> > > > + IN OUT Keccak1600_Ctx *Context,
> > > >
> > > > + IN const VOID *Data,
> > > >
> > > > + IN UINTN DataSize
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Completes computation of Sha3 message digest.
> > > >
> > > > +
> > > >
> > > > + This function completes sha3 hash computation and retrieves the digest
> > > value
> > > > into
> > > >
> > > > + the specified memory. After this function has been called, the keccak
> > > context
> > > > cannot
> > > >
> > > > + be used again.
> > > >
> > > > +
> > > >
> > > > + @param[in, out] Context Pointer to the keccak context.
> > > >
> > > > + @param[out] MessageDigest Pointer to a buffer that receives the
> > > > message digest.
> > > >
> > > > +
> > > >
> > > > + @retval 1 Meaasge digest computation succeeded.
> > > >
> > > > +**/
> > > >
> > > > +UINT8
> > > >
> > > > +EFIAPI
> > > >
> > > > +Sha3Final (
> > > >
> > > > + IN OUT Keccak1600_Ctx *Context,
> > > >
> > > > + OUT UINT8 *MessageDigest
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > +/**
> > > >
> > > > + Computes the CSHAKE-256 message digest of a input data buffer.
> > > >
> > > > +
> > > >
> > > > + This function performs the CSHAKE-256 message digest of a given data
> > > buffer,
> > > > and places
> > > >
> > > > + the digest value into the specified memory.
> > > >
> > > > +
> > > >
> > > > + @param[in] Data Pointer to the buffer containing the data to
> be
> > > > hashed.
> > > >
> > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > >
> > > > + @param[in] OutputLen Size of output in bytes.
> > > >
> > > > + @param[in] Name Pointer to the function name string.
> > > >
> > > > + @param[in] NameLen Size of the function name in bytes.
> > > >
> > > > + @param[in] Customization Pointer to the customization string.
> > > >
> > > > + @param[in] CustomizationLen Size of the customization string in bytes.
> > > >
> > > > + @param[out] HashValue Pointer to a buffer that receives the
> > CSHAKE-
> > > > 256 digest
> > > >
> > > > + value.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE CSHAKE-256 digest computation succeeded.
> > > >
> > > > + @retval FALSE CSHAKE-256 digest computation failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +BOOLEAN
> > > >
> > > > +EFIAPI
> > > >
> > > > +CShake256HashAll (
> > > >
> > > > + IN CONST VOID *Data,
> > > >
> > > > + IN UINTN DataSize,
> > > >
> > > > + IN UINTN OutputLen,
> > > >
> > > > + IN CONST VOID *Name,
> > > >
> > > > + IN UINTN NameLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomizationLen,
> > > >
> > > > + OUT UINT8 *HashValue
> > > >
> > > > + );
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > index 0cab5f3ce36c..bf1563b06407 100644
> > > > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > @@ -13,7 +13,7 @@
> > > > # PEM handler functions, and pseudorandom number generator functions
> > are
> > > > not
> > > >
> > > > # supported in this instance.
> > > >
> > > > #
> > > >
> > > > -# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > #
> > > >
> > > > ##
> > > >
> > > > @@ -40,6 +40,7 @@
> > > > Hash/CryptSha256.c
> > > >
> > > > Hash/CryptSm3.c
> > > >
> > > > Hash/CryptSha512.c
> > > >
> > > > + Hash/CryptParallelHashNull.c
> > > >
> > > > Hmac/CryptHmacSha256.c
> > > >
> > > > Kdf/CryptHkdf.c
> > > >
> > > > Cipher/CryptAesNull.c
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > index fdbb6edfd23e..6742da0be4fe 100644
> > > > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > @@ -11,7 +11,7 @@
> > > > # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions,
> > and
> > > >
> > > > # authenticode signature verification functions are not supported in this
> > > > instance.
> > > >
> > > > #
> > > >
> > > > -# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > # Copyright (c) 2021, Hewlett Packard Enterprise Development LP. All
> rights
> > > > reserved.<BR>
> > > >
> > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > #
> > > >
> > > > @@ -40,6 +40,7 @@
> > > > Hash/CryptSha256.c
> > > >
> > > > Hash/CryptSm3.c
> > > >
> > > > Hash/CryptSha512.c
> > > >
> > > > + Hash/CryptParallelHashNull.c
> > > >
> > > > Hmac/CryptHmacSha256.c
> > > >
> > > > Kdf/CryptHkdf.c
> > > >
> > > > Cipher/CryptAes.c
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > index e6470d7a2127..8f39517f78b7 100644
> > > > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > @@ -10,7 +10,7 @@
> > > > # RSA external functions, PKCS#7 SignedData sign functions, Diffie-
> Hellman
> > > > functions, and
> > > >
> > > > # authenticode signature verification functions are not supported in this
> > > > instance.
> > > >
> > > > #
> > > >
> > > > -# Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > #
> > > >
> > > > ##
> > > >
> > > > @@ -38,6 +38,10 @@
> > > > Hash/CryptSha256.c
> > > >
> > > > Hash/CryptSm3.c
> > > >
> > > > Hash/CryptSha512.c
> > > >
> > > > + Hash/CryptSha3.c
> > > >
> > > > + Hash/CryptXkcp.c
> > > >
> > > > + Hash/CryptCShake256.c
> > > >
> > > > + Hash/CryptParallelHash.c
> > > >
> > > > Hmac/CryptHmacSha256.c
> > > >
> > > > Kdf/CryptHkdfNull.c
> > > >
> > > > Cipher/CryptAes.c
> > > >
> > > > @@ -85,6 +89,8 @@
> > > > OpensslLib
> > > >
> > > > IntrinsicLib
> > > >
> > > > PrintLib
> > > >
> > > > + MmServicesTableLib
> > > >
> > > > + SynchronizationLib
> > > >
> > > >
> > > >
> > > > #
> > > >
> > > > # Remove these [BuildOptions] after this library is cleaned up
> > > >
> > > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > index faf959827b90..63d1d82d1914 100644
> > > > --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > @@ -6,7 +6,7 @@
> > > > # This external input must be validated carefully to avoid security issues
> > such
> > > as
> > > >
> > > > # buffer overflow or integer overflow.
> > > >
> > > > #
> > > >
> > > > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All
> rights
> > > > reserved.<BR>
> > > >
> > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > #
> > > >
> > > > @@ -34,6 +34,7 @@
> > > > Hash/CryptSha256Null.c
> > > >
> > > > Hash/CryptSha512Null.c
> > > >
> > > > Hash/CryptSm3Null.c
> > > >
> > > > + Hash/CryptParallelHashNull.c
> > > >
> > > > Hmac/CryptHmacSha256Null.c
> > > >
> > > > Kdf/CryptHkdfNull.c
> > > >
> > > > Cipher/CryptAesNull.c
> > > >
> > > > diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > b/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > index d257dca8fa9b..b76b140a7acf 100644
> > > > --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > @@ -2,7 +2,7 @@
> > > > Root include file of C runtime library to support building the third-party
> > > >
> > > > cryptographic library.
> > > >
> > > >
> > > >
> > > > -Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > +Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> > > > reserved.<BR>
> > > >
> > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > >
> > > >
> > > > @@ -111,6 +111,7 @@ typedef UINT8 u_char;
> > > > typedef UINT32 uid_t;
> > > >
> > > > typedef UINT32 gid_t;
> > > >
> > > > typedef CHAR16 wchar_t;
> > > >
> > > > +typedef UINT64 uint64_t;
> > > >
> > > >
> > > >
> > > > //
> > > >
> > > > // File operations are not required for EFI building,
> > > >
> > > > diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> > > > b/CryptoPkg/Private/Protocol/Crypto.h
> > > > index e378a8a8c60e..de45778c7d42 100644
> > > > --- a/CryptoPkg/Private/Protocol/Crypto.h
> > > > +++ b/CryptoPkg/Private/Protocol/Crypto.h
> > > > @@ -2,7 +2,7 @@
> > > > This Protocol provides Crypto services to DXE modules
> > > >
> > > >
> > > >
> > > > Copyright (C) Microsoft Corporation. All rights reserved.
> > > >
> > > > - Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > + Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > >
> > > >
> > > > **/
> > > >
> > > > @@ -21,7 +21,7 @@
> > > > /// the EDK II Crypto Protocol is extended, this version define must be
> > > >
> > > > /// increased.
> > > >
> > > > ///
> > > >
> > > > -#define EDKII_CRYPTO_VERSION 7
> > > >
> > > > +#define EDKII_CRYPTO_VERSION 8
> > > >
> > > >
> > > >
> > > > ///
> > > >
> > > > /// EDK II Crypto Protocol forward declaration
> > > >
> > > > @@ -3383,6 +3383,35 @@ EFI_STATUS
> > > > IN OUT UINTN *DataSize
> > > >
> > > > );
> > > >
> > > >
> > > >
> > > > +/**
> > > >
> > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > Publication
> > > > 800-185,
> > > >
> > > > + published December 2016.
> > > >
> > > > +
> > > >
> > > > + @param[in] Input Pointer to the input message (X).
> > > >
> > > > + @param[in] InputByteLen The number(>0) of input bytes provided for
> > the
> > > > input data.
> > > >
> > > > + @param[in] BlockSize The size of each block (B).
> > > >
> > > > + @param[out] Output Pointer to the output buffer.
> > > >
> > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > >
> > > > + @param[in] Customization Pointer to the customization string (S).
> > > >
> > > > + @param[in] CustomByteLen The length of the customization string in
> > > bytes.
> > > >
> > > > +
> > > >
> > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > >
> > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > >
> > > > + @retval FALSE This interface is not supported.
> > > >
> > > > +
> > > >
> > > > +**/
> > > >
> > > > +typedef
> > > >
> > > > +BOOLEAN
> > > >
> > > > +(EFIAPI *EDKII_CRYPTO_PARALLEL_HASH_ALL)(
> > > >
> > > > + IN CONST VOID *Input,
> > > >
> > > > + IN UINTN InputByteLen,
> > > >
> > > > + IN UINTN BlockSize,
> > > >
> > > > + OUT VOID *Output,
> > > >
> > > > + IN UINTN OutputByteLen,
> > > >
> > > > + IN CONST VOID *Customization,
> > > >
> > > > + IN UINTN CustomByteLen
> > > >
> > > > + );
> > > >
> > > > +
> > > >
> > > > /**
> > > >
> > > > Carries out the RSA-SSA signature generation with EMSA-PSS encoding
> > > scheme.
> > > >
> > > >
> > > >
> > > > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > > > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT
> TlsGetHostPublicCert;
> > > >
> > > > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY
> TlsGetHostPrivateKey;
> > > >
> > > > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > > > TlsGetCertRevocationList;
> > > >
> > > > + /// Parallel hash
> > > >
> > > > + EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
> > > >
> > > > /// RSA PSS
> > > >
> > > > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> > > >
> > > > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> > > >
> > > > diff --git a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > index ff0af36bcc80..c50a9cc4dc9f 100644
> > > > --- a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > +++ b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > @@ -2,6 +2,7 @@
> > > > # CryptoPkg DSC file used to build host-based unit tests.
> > > >
> > > > #
> > > >
> > > > # Copyright (c) Microsoft Corporation.<BR>
> > > >
> > > > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > #
> > > >
> > > > ##
> > > >
> > > > @@ -21,6 +22,9 @@
> > > > [LibraryClasses]
> > > >
> > > > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > > >
> > > >
> > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
> > > >
> > > > +
> > > >
> > >
> >
> MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib
> > > > .inf
> > > >
> > > > +
> > > >
> > >
> >
> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizati
> > > > onLib.inf
> > > >
> > > > +
> > > >
> > >
> >
> TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat
> > > > e.inf
> > > >
> > > >
> > > >
> > > > [LibraryClasses.AARCH64, LibraryClasses.ARM]
> > > >
> > > > RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> > > >
> > > > diff --git
> > > > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > index 00c869265080..399db596c2d1 100644
> > > > ---
> > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > +++
> > > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > @@ -2,6 +2,7 @@
> > > > # Host-based UnitTest for BaseCryptLib
> > > >
> > > > #
> > > >
> > > > # Copyright (c) Microsoft Corporation.<BR>
> > > >
> > > > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > >
> > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > >
> > > > ##
> > > >
> > > >
> > > >
> > > > @@ -35,6 +36,7 @@
> > > > Pkcs7EkuTests.c
> > > >
> > > > OaepEncryptTests.c
> > > >
> > > > RsaPssTests.c
> > > >
> > > > + ParallelhashTests.c
> > > >
> > > >
> > > >
> > > > [Packages]
> > > >
> > > > MdePkg/MdePkg.dec
> > > >
> > > > @@ -45,3 +47,5 @@
> > > > DebugLib
> > > >
> > > > BaseCryptLib
> > > >
> > > > UnitTestLib
> > > >
> > > > + MmServicesTableLib
> > > >
> > > > + SynchronizationLib
> > > >
> > > > --
> > > > 2.26.2.windows.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib.
2022-03-18 1:52 ` Li, Zhihao
@ 2022-03-18 1:59 ` Yao, Jiewen
2022-03-18 2:00 ` Li, Zhihao
0 siblings, 1 reply; 7+ messages in thread
From: Yao, Jiewen @ 2022-03-18 1:59 UTC (permalink / raw)
To: Li, Zhihao, devel@edk2.groups.io
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Fu, Siyuan, Yao, Jiewen
Yes. It seems we missed RsaPssSign and RsaPssVerify in previous patch. Sigh...
Would you please help to add them?
> -----Original Message-----
> From: Li, Zhihao <zhihao.li@intel.com>
> Sent: Friday, March 18, 2022 9:53 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>;
> Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> ParallelHash256HashAll in BaseCryptLib.
>
> Build CryptoPei and CryptoSmm driver report this error.
>
> INFO - /home/vsts/work/1/s/CryptoPkg/Driver/Crypto.c:4707:3: error:
> initialization of 'BOOLEAN (__attribute__((ms_abi)) *)(void *, const UINT8 *,
> UINTN, UINT16, UINT16, UINT8 *, UINTN *)' from incompatible pointer type
> 'BOOLEAN (__attribute__((ms_abi)) *)(const void *, UINTN, UINTN, void *,
> UINTN, const void *, UINTN)' [-Werror=incompatible-pointer-types]
> INFO - 4707 | CryptoServiceParallelHash256HashAll
>
> In Crypto.c:
> const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
> ...
> CryptoServiceTlsGetHostPrivateKey,
> CryptoServiceTlsGetCertRevocationList,
> /// Parallel hash
> CryptoServiceParallelHash256HashAll
> };
> In Crypto.h
> struct _EDKII_CRYPTO_PROTOCOL {
> ...
> EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> TlsGetCertRevocationList;
> /// RSA PSS
> EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> /// Parallel hash
> EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
> };
> And
> typedef
> BOOLEAN
> (EFIAPI *EDKII_CRYPTO_RSA_PSS_SIGN)(
> IN VOID *RsaContext,
> IN CONST UINT8 *Message,
> IN UINTN MsgSize,
> IN UINT16 DigestLen,
> IN UINT16 SaltLen,
> OUT UINT8 *Signature,
> IN OUT UINTN *SigSize
> );
>
> So I think solve this error need to put ParallelHash256HashAll before RsaPssSign.
> And test result is successful.
> Is there anything wrong with my judgment?
>
>
> > -----Original Message-----
> > From: Yao, Jiewen <jiewen.yao@intel.com>
> > Sent: Friday, March 18, 2022 8:56 AM
> > To: Li, Zhihao <zhihao.li@intel.com>; devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> <xiaoyu1.lu@intel.com>;
> > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > ParallelHash256HashAll in BaseCryptLib.
> >
> > What is root cause of failure?
> >
> > I don't understand.
> >
> > > -----Original Message-----
> > > From: Li, Zhihao <zhihao.li@intel.com>
> > > Sent: Friday, March 18, 2022 12:27 AM
> > > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> > <xiaoyu1.lu@intel.com>;
> > > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > ParallelHash256HashAll in BaseCryptLib.
> > >
> > > Because it will cause patch to fail in CI test while to succeed if follow the
> > setting.
> > > Failed test: https://github.com/tianocore/edk2/pull/2535
> > >
> > > I guess it's because data structure EDKII_CRYPTO_PROTOCOL( mEdkiiCrypto)
> > > doesn't have /// RSA PSS members in Crypto.c
> > >
> > > > -----Original Message-----
> > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > Sent: Thursday, March 17, 2022 10:13 PM
> > > > To: Li, Zhihao <zhihao.li@intel.com>; devel@edk2.groups.io
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> > > <xiaoyu1.lu@intel.com>;
> > > > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan
> <siyuan.fu@intel.com>
> > > > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > > ParallelHash256HashAll in BaseCryptLib.
> > > >
> > > > Hey
> > > > Are you following the guideline - don't put new field in the middle ?
> > > >
> > > > ParallelHash256HashAll API is still in the middle......
> > > >
> > > >
> > > > > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > > > > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT
> > TlsGetHostPublicCert;
> > > > >
> > > > > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY
> > TlsGetHostPrivateKey;
> > > > >
> > > > > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > > > > TlsGetCertRevocationList;
> > > > >
> > > > > + /// Parallel hash
> > > > >
> > > > > + EDKII_CRYPTO_PARALLEL_HASH_ALL
> ParallelHash256HashAll;
> > > > >
> > > > > /// RSA PSS
> > > > >
> > > > > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> > > > >
> > > > > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> > > > >
> > > >
> > > >
> > > > > -----Original Message-----
> > > > > From: Li, Zhihao <zhihao.li@intel.com>
> > > > > Sent: Thursday, March 17, 2022 12:35 PM
> > > > > To: devel@edk2.groups.io
> > > > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> > > > <jian.j.wang@intel.com>;
> > > > > Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin
> > > > <guomin.jiang@intel.com>;
> > > > > Fu, Siyuan <siyuan.fu@intel.com>
> > > > > Subject: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > > > ParallelHash256HashAll in BaseCryptLib.
> > > > >
> > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3596
> > > > >
> > > > > Parallel hash function ParallelHash256HashAll, as defined in NIST's
> > > > > Special Publication 800-185, published December 2016. It utilizes
> > > > > multi-process to calculate the digest.
> > > > >
> > > > > Passed CI test.
> > > > > Onprotocol version code passed test.
> > > > >
> > > > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> > > > > Cc: Guomin Jiang <guomin.jiang@intel.com>
> > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > Cc: Zhihao Li <zhihao.li@intel.com>
> > > > >
> > > > > Signed-off-by: Zhihao Li <zhihao.li@intel.com>
> > > > > ---
> > > > > CryptoPkg/Driver/Crypto.c | 38 ++-
> > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c | 282
> > > > > ++++++++++++++++++++
> > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c | 278
> > > > > +++++++++++++++++++
> > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c |
> 40
> > > +++
> > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c | 166
> > > > > ++++++++++++
> > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c | 107
> > > > ++++++++
> > > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c |
> > 40
> > > > +++
> > > > > CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 34
> > ++-
> > > > > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c |
> > 145
> > > > > ++++++++++
> > > > > CryptoPkg/CryptoPkg.ci.yaml | 4 +-
> > > > > CryptoPkg/Include/Library/BaseCryptLib.h | 31 ++-
> > > > > CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h | 8 +-
> > > > > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +-
> > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h | 201
> > > > > ++++++++++++++
> > > > > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 3 +-
> > > > > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 3 +-
> > > > > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 8 +-
> > > > > CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 3 +-
> > > > > CryptoPkg/Library/Include/CrtLibSupport.h | 3 +-
> > > > > CryptoPkg/Private/Protocol/Crypto.h | 35 ++-
> > > > > CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 4 +
> > > > > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> |
> > > 4
> > > > +
> > > > > 22 files changed, 1426 insertions(+), 14 deletions(-)
> > > > >
> > > > > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
> > > > > index d5d6aa8e5820..5a9245c07cc5 100644
> > > > > --- a/CryptoPkg/Driver/Crypto.c
> > > > > +++ b/CryptoPkg/Driver/Crypto.c
> > > > > @@ -3,7 +3,7 @@
> > > > > from BaseCryptLib and TlsLib.
> > > > >
> > > > >
> > > > >
> > > > > Copyright (C) Microsoft Corporation. All rights reserved.
> > > > >
> > > > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > >
> > > > >
> > > > > **/
> > > > >
> > > > > @@ -4470,6 +4470,38 @@ CryptoServiceTlsGetCertRevocationList (
> > > > > return CALL_BASECRYPTLIB (TlsGet.Services.CertRevocationList,
> > > > > TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED);
> > > > >
> > > > > }
> > > > >
> > > > >
> > > > >
> > > > > +/**
> > > > >
> > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > Publication
> > > > > 800-185,
> > > > >
> > > > > + published December 2016.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] Input Pointer to the input message (X).
> > > > >
> > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> for
> > > the
> > > > > input data.
> > > > >
> > > > > + @param[in] BlockSize The size of each block (B).
> > > > >
> > > > > + @param[out] Output Pointer to the output buffer.
> > > > >
> > > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > >
> > > > > + @param[in] CustomByteLen The length of the customization string
> in
> > > > bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > >
> > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +CryptoServiceParallelHash256HashAll (
> > > > >
> > > > > + IN CONST VOID *Input,
> > > > >
> > > > > + IN UINTN InputByteLen,
> > > > >
> > > > > + IN UINTN BlockSize,
> > > > >
> > > > > + OUT VOID *Output,
> > > > >
> > > > > + IN UINTN OutputByteLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomByteLen
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + return CALL_BASECRYPTLIB (ParallelHash.Services.HashAll,
> > > > > ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output,
> > > > OutputByteLen,
> > > > > Customization, CustomByteLen), FALSE);
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
> > > > >
> > > > > /// Version
> > > > >
> > > > > CryptoServiceGetCryptoVersion,
> > > > >
> > > > > @@ -4670,5 +4702,7 @@ const EDKII_CRYPTO_PROTOCOL
> mEdkiiCrypto
> > =
> > > {
> > > > > CryptoServiceTlsGetCaCertificate,
> > > > >
> > > > > CryptoServiceTlsGetHostPublicCert,
> > > > >
> > > > > CryptoServiceTlsGetHostPrivateKey,
> > > > >
> > > > > - CryptoServiceTlsGetCertRevocationList
> > > > >
> > > > > + CryptoServiceTlsGetCertRevocationList,
> > > > >
> > > > > + /// Parallel hash
> > > > >
> > > > > + CryptoServiceParallelHash256HashAll
> > > > >
> > > > > };
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > > > new file mode 100644
> > > > > index 000000000000..2a9eaf9eec40
> > > > > --- /dev/null
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > > > @@ -0,0 +1,282 @@
> > > > > +/** @file
> > > > >
> > > > > + cSHAKE-256 Digest Wrapper Implementations.
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +
> > > > >
> > > > > +#include "CryptParallelHash.h"
> > > > >
> > > > > +
> > > > >
> > > > > +#define CSHAKE256_SECURITY_STRENGTH 256
> > > > >
> > > > > +#define CSHAKE256_RATE_IN_BYTES 136
> > > > >
> > > > > +
> > > > >
> > > > > +CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] = { 0 };
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + CShake256 initial function.
> > > > >
> > > > > +
> > > > >
> > > > > + Initializes user-supplied memory pointed by CShake256Context as
> > cSHAKE-
> > > > 256
> > > > > hash context for
> > > > >
> > > > > + subsequent use.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[out] CShake256Context Pointer to cSHAKE-256 context being
> > > > > initialized.
> > > > >
> > > > > + @param[in] OutputLen The desired number of output length in
> > bytes.
> > > > >
> > > > > + @param[in] Name Pointer to the function name string.
> > > > >
> > > > > + @param[in] NameLen The length of the function name in bytes.
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string.
> > > > >
> > > > > + @param[in] CustomizationLen The length of the customization string
> in
> > > > > bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE cSHAKE-256 context initialization succeeded.
> > > > >
> > > > > + @retval FALSE cSHAKE-256 context initialization failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +CShake256Init (
> > > > >
> > > > > + OUT VOID *CShake256Context,
> > > > >
> > > > > + IN UINTN OutputLen,
> > > > >
> > > > > + IN CONST VOID *Name,
> > > > >
> > > > > + IN UINTN NameLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomizationLen
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + BOOLEAN Status;
> > > > >
> > > > > + UINT8 EncBuf[sizeof (UINTN) + 1];
> > > > >
> > > > > + UINTN EncLen;
> > > > >
> > > > > + UINTN AbsorbLen;
> > > > >
> > > > > + UINTN PadLen;
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Check input parameters.
> > > > >
> > > > > + //
> > > > >
> > > > > + if ((CShake256Context == NULL) || (OutputLen == 0) || ((NameLen != 0)
> > > &&
> > > > > (Name == NULL)) || ((CustomizationLen != 0) && (Customization ==
> NULL)))
> > {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Initialize KECCAK context with pad value and block size.
> > > > >
> > > > > + //
> > > > >
> > > > > + if ((NameLen == 0) && (CustomizationLen == 0)) {
> > > > >
> > > > > + //
> > > > >
> > > > > + // When N and S are both empty strings, cSHAKE(X, L, N, S) is
> equivalent
> > > to
> > > > >
> > > > > + // SHAKE as defined in FIPS 202.
> > > > >
> > > > > + //
> > > > >
> > > > > + Status = (BOOLEAN)KeccakInit (
> > > > >
> > > > > + (Keccak1600_Ctx *)CShake256Context,
> > > > >
> > > > > + '\x1f',
> > > > >
> > > > > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH
> *
> > 2)
> > > /
> > > > 8,
> > > > >
> > > > > + OutputLen
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > + return Status;
> > > > >
> > > > > + } else {
> > > > >
> > > > > + Status = (BOOLEAN)KeccakInit (
> > > > >
> > > > > + (Keccak1600_Ctx *)CShake256Context,
> > > > >
> > > > > + '\x04',
> > > > >
> > > > > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH
> *
> > 2)
> > > /
> > > > 8,
> > > > >
> > > > > + OutputLen
> > > > >
> > > > > + );
> > > > >
> > > > > + if (!Status) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + AbsorbLen = 0;
> > > > >
> > > > > + //
> > > > >
> > > > > + // Absorb Absorb bytepad(.., rate).
> > > > >
> > > > > + //
> > > > >
> > > > > + EncLen = LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES);
> > > > >
> > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> *)CShake256Context,
> > > > > EncBuf, EncLen);
> > > > >
> > > > > + if (!Status) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + AbsorbLen += EncLen;
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Absorb encode_string(N).
> > > > >
> > > > > + //
> > > > >
> > > > > + EncLen = LeftEncode (EncBuf, NameLen * 8);
> > > > >
> > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> *)CShake256Context,
> > > > > EncBuf, EncLen);
> > > > >
> > > > > + if (!Status) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + AbsorbLen += EncLen;
> > > > >
> > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > > *)CShake256Context,
> > > > > Name, NameLen);
> > > > >
> > > > > + if (!Status) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + AbsorbLen += NameLen;
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Absorb encode_string(S).
> > > > >
> > > > > + //
> > > > >
> > > > > + EncLen = LeftEncode (EncBuf, CustomizationLen * 8);
> > > > >
> > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> *)CShake256Context,
> > > > > EncBuf, EncLen);
> > > > >
> > > > > + if (!Status) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + AbsorbLen += EncLen;
> > > > >
> > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > > *)CShake256Context,
> > > > > Customization, CustomizationLen);
> > > > >
> > > > > + if (!Status) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + AbsorbLen += CustomizationLen;
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Absorb zero padding up to rate.
> > > > >
> > > > > + //
> > > > >
> > > > > + PadLen = CSHAKE256_RATE_IN_BYTES - AbsorbLen %
> > > > > CSHAKE256_RATE_IN_BYTES;
> > > > >
> > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> *)CShake256Context,
> > > > > mZeroPadding, PadLen);
> > > > >
> > > > > + if (!Status) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + return TRUE;
> > > > >
> > > > > + }
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Digests the input data and updates cSHAKE-256 context.
> > > > >
> > > > > +
> > > > >
> > > > > + This function performs cSHAKE-256 digest on a data buffer of the
> > specified
> > > > > size.
> > > > >
> > > > > + It can be called multiple times to compute the digest of long or
> > > > discontinuous
> > > > > data streams.
> > > > >
> > > > > + cSHAKE-256 context should be already correctly initialized by
> > > > CShake256Init(),
> > > > > and should not be finalized
> > > > >
> > > > > + by CShake256Final(). Behavior with invalid context is undefined.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in, out] CShake256Context Pointer to the cSHAKE-256
> > context.
> > > > >
> > > > > + @param[in] Data Pointer to the buffer containing the data
> to
> > > be
> > > > > hashed.
> > > > >
> > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE cSHAKE-256 data digest succeeded.
> > > > >
> > > > > + @retval FALSE cSHAKE-256 data digest failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +CShake256Update (
> > > > >
> > > > > + IN OUT VOID *CShake256Context,
> > > > >
> > > > > + IN CONST VOID *Data,
> > > > >
> > > > > + IN UINTN DataSize
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + //
> > > > >
> > > > > + // Check input parameters.
> > > > >
> > > > > + //
> > > > >
> > > > > + if (CShake256Context == NULL) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Check invalid parameters, in case that only DataLength was checked
> in
> > > > > OpenSSL.
> > > > >
> > > > > + //
> > > > >
> > > > > + if ((Data == NULL) && (DataSize != 0)) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context,
> > > > Data,
> > > > > DataSize));
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Completes computation of the cSHAKE-256 digest value.
> > > > >
> > > > > +
> > > > >
> > > > > + This function completes cSHAKE-256 hash computation and retrieves
> the
> > > > > digest value into
> > > > >
> > > > > + the specified memory. After this function has been called, the cSHAKE-
> > 256
> > > > > context cannot
> > > > >
> > > > > + be used again.
> > > > >
> > > > > + cSHAKE-256 context should be already correctly initialized by
> > > > CShake256Init(),
> > > > > and should not be
> > > > >
> > > > > + finalized by CShake256Final(). Behavior with invalid cSHAKE-256
> context
> > is
> > > > > undefined.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in, out] CShake256Context Pointer to the cSHAKE-256
> context.
> > > > >
> > > > > + @param[out] HashValue Pointer to a buffer that receives the
> > > > cSHAKE-
> > > > > 256 digest
> > > > >
> > > > > + value.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE cSHAKE-256 digest computation succeeded.
> > > > >
> > > > > + @retval FALSE cSHAKE-256 digest computation failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +CShake256Final (
> > > > >
> > > > > + IN OUT VOID *CShake256Context,
> > > > >
> > > > > + OUT UINT8 *HashValue
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + //
> > > > >
> > > > > + // Check input parameters.
> > > > >
> > > > > + //
> > > > >
> > > > > + if ((CShake256Context == NULL) || (HashValue == NULL)) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // cSHAKE-256 Hash Finalization.
> > > > >
> > > > > + //
> > > > >
> > > > > + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context,
> > > > > HashValue));
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Computes the CSHAKE-256 message digest of a input data buffer.
> > > > >
> > > > > +
> > > > >
> > > > > + This function performs the CSHAKE-256 message digest of a given data
> > > > buffer,
> > > > > and places
> > > > >
> > > > > + the digest value into the specified memory.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] Data Pointer to the buffer containing the data to
> > be
> > > > > hashed.
> > > > >
> > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > >
> > > > > + @param[in] OutputLen Size of output in bytes.
> > > > >
> > > > > + @param[in] Name Pointer to the function name string.
> > > > >
> > > > > + @param[in] NameLen Size of the function name in bytes.
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string.
> > > > >
> > > > > + @param[in] CustomizationLen Size of the customization string in
> bytes.
> > > > >
> > > > > + @param[out] HashValue Pointer to a buffer that receives the
> > > CSHAKE-
> > > > > 256 digest
> > > > >
> > > > > + value.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE CSHAKE-256 digest computation succeeded.
> > > > >
> > > > > + @retval FALSE CSHAKE-256 digest computation failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +CShake256HashAll (
> > > > >
> > > > > + IN CONST VOID *Data,
> > > > >
> > > > > + IN UINTN DataSize,
> > > > >
> > > > > + IN UINTN OutputLen,
> > > > >
> > > > > + IN CONST VOID *Name,
> > > > >
> > > > > + IN UINTN NameLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomizationLen,
> > > > >
> > > > > + OUT UINT8 *HashValue
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + BOOLEAN Status;
> > > > >
> > > > > + Keccak1600_Ctx Ctx;
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Check input parameters.
> > > > >
> > > > > + //
> > > > >
> > > > > + if (HashValue == NULL) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if ((Data == NULL) && (DataSize != 0)) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + Status = CShake256Init (&Ctx, OutputLen, Name, NameLen,
> > Customization,
> > > > > CustomizationLen);
> > > > >
> > > > > + if (!Status) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + Status = CShake256Update (&Ctx, Data, DataSize);
> > > > >
> > > > > + if (!Status) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + return CShake256Final (&Ctx, HashValue);
> > > > >
> > > > > +}
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > > > new file mode 100644
> > > > > index 000000000000..f7ce9dbf523e
> > > > > --- /dev/null
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > > > @@ -0,0 +1,278 @@
> > > > > +/** @file
> > > > >
> > > > > + ParallelHash Implementation.
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +
> > > > >
> > > > > +#include "CryptParallelHash.h"
> > > > >
> > > > > +#include <Library/MmServicesTableLib.h>
> > > > >
> > > > > +#include <Library/SynchronizationLib.h>
> > > > >
> > > > > +
> > > > >
> > > > > +#define PARALLELHASH_CUSTOMIZATION "ParallelHash"
> > > > >
> > > > > +
> > > > >
> > > > > +UINTN mBlockNum;
> > > > >
> > > > > +UINTN mBlockSize;
> > > > >
> > > > > +UINTN mLastBlockSize;
> > > > >
> > > > > +UINT8 *mInput;
> > > > >
> > > > > +UINTN mBlockResultSize;
> > > > >
> > > > > +UINT8 *mBlockHashResult;
> > > > >
> > > > > +BOOLEAN *mBlockIsCompleted;
> > > > >
> > > > > +SPIN_LOCK *mSpinLockList;
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Complete computation of digest of each block.
> > > > >
> > > > > +
> > > > >
> > > > > + Each AP perform the function called by BSP.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] ProcedureArgument Argument of the procedure.
> > > > >
> > > > > +**/
> > > > >
> > > > > +VOID
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +ParallelHashApExecute (
> > > > >
> > > > > + IN VOID *ProcedureArgument
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + UINTN Index;
> > > > >
> > > > > + BOOLEAN Status;
> > > > >
> > > > > +
> > > > >
> > > > > + for (Index = 0; Index < mBlockNum; Index++) {
> > > > >
> > > > > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> > > > >
> > > > > + //
> > > > >
> > > > > + // Completed, try next one.
> > > > >
> > > > > + //
> > > > >
> > > > > + if (mBlockIsCompleted[Index]) {
> > > > >
> > > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > > >
> > > > > + continue;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Calculate CShake256 for this block.
> > > > >
> > > > > + //
> > > > >
> > > > > + Status = CShake256HashAll (
> > > > >
> > > > > + mInput + Index * mBlockSize,
> > > > >
> > > > > + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
> > > > >
> > > > > + mBlockResultSize,
> > > > >
> > > > > + NULL,
> > > > >
> > > > > + 0,
> > > > >
> > > > > + NULL,
> > > > >
> > > > > + 0,
> > > > >
> > > > > + mBlockHashResult + Index * mBlockResultSize
> > > > >
> > > > > + );
> > > > >
> > > > > + if (!EFI_ERROR (Status)) {
> > > > >
> > > > > + mBlockIsCompleted[Index] = TRUE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > > >
> > > > > + }
> > > > >
> > > > > + }
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Dispatch the block task to each AP in SMM mode.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +VOID
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +MmDispatchBlockToAP (
> > > > >
> > > > > + VOID
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + UINTN Index;
> > > > >
> > > > > +
> > > > >
> > > > > + for (Index = 0; Index < gMmst->NumberOfCpus; Index++) {
> > > > >
> > > > > + if (Index != gMmst->CurrentlyExecutingCpu) {
> > > > >
> > > > > + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL);
> > > > >
> > > > > + }
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + return;
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > Publication
> > > > > 800-185,
> > > > >
> > > > > + published December 2016.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] Input Pointer to the input message (X).
> > > > >
> > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> for
> > > the
> > > > > input data.
> > > > >
> > > > > + @param[in] BlockSize The size of each block (B).
> > > > >
> > > > > + @param[out] Output Pointer to the output buffer.
> > > > >
> > > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > >
> > > > > + @param[in] CustomByteLen The length of the customization string
> in
> > > > bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > >
> > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +ParallelHash256HashAll (
> > > > >
> > > > > + IN CONST VOID *Input,
> > > > >
> > > > > + IN UINTN InputByteLen,
> > > > >
> > > > > + IN UINTN BlockSize,
> > > > >
> > > > > + OUT VOID *Output,
> > > > >
> > > > > + IN UINTN OutputByteLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomByteLen
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + UINT8 EncBufB[sizeof (UINTN)+1];
> > > > >
> > > > > + UINTN EncSizeB;
> > > > >
> > > > > + UINT8 EncBufN[sizeof (UINTN)+1];
> > > > >
> > > > > + UINTN EncSizeN;
> > > > >
> > > > > + UINT8 EncBufL[sizeof (UINTN)+1];
> > > > >
> > > > > + UINTN EncSizeL;
> > > > >
> > > > > + UINTN Index;
> > > > >
> > > > > + UINT8 *CombinedInput;
> > > > >
> > > > > + UINTN CombinedInputSize;
> > > > >
> > > > > + BOOLEAN AllCompleted;
> > > > >
> > > > > + UINTN Offset;
> > > > >
> > > > > + BOOLEAN ReturnValue;
> > > > >
> > > > > +
> > > > >
> > > > > + if ((InputByteLen == 0) || (OutputByteLen == 0) || (BlockSize == 0)) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if ((Input == NULL) || (Output == NULL)) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if ((CustomByteLen != 0) && (Customization == NULL)) {
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + mBlockSize = BlockSize;
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Calculate block number n.
> > > > >
> > > > > + //
> > > > >
> > > > > + mBlockNum = InputByteLen % mBlockSize == 0 ? InputByteLen /
> > > mBlockSize :
> > > > > InputByteLen / mBlockSize + 1;
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Set hash result size of each block in bytes.
> > > > >
> > > > > + //
> > > > >
> > > > > + mBlockResultSize = OutputByteLen;
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Encode B, n, L to string and record size.
> > > > >
> > > > > + //
> > > > >
> > > > > + EncSizeB = LeftEncode (EncBufB, mBlockSize);
> > > > >
> > > > > + EncSizeN = RightEncode (EncBufN, mBlockNum);
> > > > >
> > > > > + EncSizeL = RightEncode (EncBufL, OutputByteLen * CHAR_BIT);
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Allocate buffer for combined input (newX), Block completed flag and
> > > > > SpinLock.
> > > > >
> > > > > + //
> > > > >
> > > > > + CombinedInputSize = EncSizeB + EncSizeN + EncSizeL + mBlockNum *
> > > > > mBlockResultSize;
> > > > >
> > > > > + CombinedInput = AllocateZeroPool (CombinedInputSize);
> > > > >
> > > > > + mBlockIsCompleted = AllocateZeroPool (mBlockNum * sizeof
> > (BOOLEAN));
> > > > >
> > > > > + mSpinLockList = AllocatePool (mBlockNum * sizeof (SPIN_LOCK));
> > > > >
> > > > > + if ((CombinedInput == NULL) || (mBlockIsCompleted == NULL) ||
> > > > > (mSpinLockList == NULL)) {
> > > > >
> > > > > + ReturnValue = FALSE;
> > > > >
> > > > > + goto Exit;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Fill LeftEncode(B).
> > > > >
> > > > > + //
> > > > >
> > > > > + CopyMem (CombinedInput, EncBufB, EncSizeB);
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Prepare for parallel hash.
> > > > >
> > > > > + //
> > > > >
> > > > > + mBlockHashResult = CombinedInput + EncSizeB;
> > > > >
> > > > > + mInput = (UINT8 *)Input;
> > > > >
> > > > > + mLastBlockSize = InputByteLen % mBlockSize == 0 ? mBlockSize :
> > > > > InputByteLen % mBlockSize;
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Initialize SpinLock for each result block.
> > > > >
> > > > > + //
> > > > >
> > > > > + for (Index = 0; Index < mBlockNum; Index++) {
> > > > >
> > > > > + InitializeSpinLock (&mSpinLockList[Index]);
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Dispatch blocklist to each AP.
> > > > >
> > > > > + //
> > > > >
> > > > > + if (gMmst != NULL) {
> > > > >
> > > > > + MmDispatchBlockToAP ();
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Wait until all block hash completed.
> > > > >
> > > > > + //
> > > > >
> > > > > + do {
> > > > >
> > > > > + AllCompleted = TRUE;
> > > > >
> > > > > + for (Index = 0; Index < mBlockNum; Index++) {
> > > > >
> > > > > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> > > > >
> > > > > + if (!mBlockIsCompleted[Index]) {
> > > > >
> > > > > + AllCompleted = FALSE;
> > > > >
> > > > > + ReturnValue = CShake256HashAll (
> > > > >
> > > > > + mInput + Index * mBlockSize,
> > > > >
> > > > > + (Index == (mBlockNum - 1)) ? mLastBlockSize :
> mBlockSize,
> > > > >
> > > > > + mBlockResultSize,
> > > > >
> > > > > + NULL,
> > > > >
> > > > > + 0,
> > > > >
> > > > > + NULL,
> > > > >
> > > > > + 0,
> > > > >
> > > > > + mBlockHashResult + Index * mBlockResultSize
> > > > >
> > > > > + );
> > > > >
> > > > > + if (ReturnValue) {
> > > > >
> > > > > + mBlockIsCompleted[Index] = TRUE;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > > >
> > > > > + break;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > > >
> > > > > + } else {
> > > > >
> > > > > + AllCompleted = FALSE;
> > > > >
> > > > > + break;
> > > > >
> > > > > + }
> > > > >
> > > > > + }
> > > > >
> > > > > + } while (!AllCompleted);
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Fill LeftEncode(n).
> > > > >
> > > > > + //
> > > > >
> > > > > + Offset = EncSizeB + mBlockNum * mBlockResultSize;
> > > > >
> > > > > + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN);
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Fill LeftEncode(L).
> > > > >
> > > > > + //
> > > > >
> > > > > + Offset += EncSizeN;
> > > > >
> > > > > + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL);
> > > > >
> > > > > +
> > > > >
> > > > > + ReturnValue = CShake256HashAll (
> > > > >
> > > > > + CombinedInput,
> > > > >
> > > > > + CombinedInputSize,
> > > > >
> > > > > + OutputByteLen,
> > > > >
> > > > > + PARALLELHASH_CUSTOMIZATION,
> > > > >
> > > > > + AsciiStrLen (PARALLELHASH_CUSTOMIZATION),
> > > > >
> > > > > + Customization,
> > > > >
> > > > > + CustomByteLen,
> > > > >
> > > > > + Output
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > +Exit:
> > > > >
> > > > > + ZeroMem (CombinedInput, CombinedInputSize);
> > > > >
> > > > > +
> > > > >
> > > > > + if (CombinedInput != NULL) {
> > > > >
> > > > > + FreePool (CombinedInput);
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if (mSpinLockList != NULL) {
> > > > >
> > > > > + FreePool ((VOID *)mSpinLockList);
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if (mBlockIsCompleted != NULL) {
> > > > >
> > > > > + FreePool (mBlockIsCompleted);
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + return ReturnValue;
> > > > >
> > > > > +}
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > > > new file mode 100644
> > > > > index 000000000000..2bf89594def5
> > > > > --- /dev/null
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > > > @@ -0,0 +1,40 @@
> > > > > +/** @file
> > > > >
> > > > > + ParallelHash Implementation which does not provide real capabilities.
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +
> > > > >
> > > > > +#include "InternalCryptLib.h"
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > Publication
> > > > > 800-185,
> > > > >
> > > > > + published December 2016.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] Input Pointer to the input message (X).
> > > > >
> > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> for
> > > the
> > > > > input data.
> > > > >
> > > > > + @param[in] BlockSize The size of each block (B).
> > > > >
> > > > > + @param[out] Output Pointer to the output buffer.
> > > > >
> > > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > >
> > > > > + @param[in] CustomByteLen The length of the customization string
> in
> > > > bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +ParallelHash256HashAll (
> > > > >
> > > > > + IN CONST VOID *Input,
> > > > >
> > > > > + IN UINTN InputByteLen,
> > > > >
> > > > > + IN UINTN BlockSize,
> > > > >
> > > > > + OUT VOID *Output,
> > > > >
> > > > > + IN UINTN OutputByteLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomByteLen
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + ASSERT (FALSE);
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > +}
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > > > new file mode 100644
> > > > > index 000000000000..6abafc3c00e6
> > > > > --- /dev/null
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > > > @@ -0,0 +1,166 @@
> > > > > +/** @file
> > > > >
> > > > > + SHA3 realted functions from OpenSSL.
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> > > > >
> > > > > +Licensed under the OpenSSL license (the "License"). You may not use
> > > > >
> > > > > +this file except in compliance with the License. You can obtain a copy
> > > > >
> > > > > +in the file LICENSE in the source distribution or at
> > > > >
> > > > > +https://www.openssl.org/source/license.html
> > > > >
> > > > > +**/
> > > > >
> > > > > +
> > > > >
> > > > > +#include "CryptParallelHash.h"
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Keccak initial fuction.
> > > > >
> > > > > +
> > > > >
> > > > > + Set up state with specified capacity.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[out] Context Pointer to the context being initialized.
> > > > >
> > > > > + @param[in] Pad Delimited Suffix.
> > > > >
> > > > > + @param[in] BlockSize Size of context block.
> > > > >
> > > > > + @param[in] MessageDigestLen Size of message digest in bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval 1 Initialize successfully.
> > > > >
> > > > > + @retval 0 Fail to initialize.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINT8
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +KeccakInit (
> > > > >
> > > > > + OUT Keccak1600_Ctx *Context,
> > > > >
> > > > > + IN UINT8 Pad,
> > > > >
> > > > > + IN UINTN BlockSize,
> > > > >
> > > > > + IN UINTN MessageDigestLen
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + if (BlockSize <= sizeof (Context->buf)) {
> > > > >
> > > > > + memset (Context->A, 0, sizeof (Context->A));
> > > > >
> > > > > +
> > > > >
> > > > > + Context->num = 0;
> > > > >
> > > > > + Context->block_size = BlockSize;
> > > > >
> > > > > + Context->md_size = MessageDigestLen;
> > > > >
> > > > > + Context->pad = Pad;
> > > > >
> > > > > +
> > > > >
> > > > > + return 1;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + return 0;
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Sha3 update fuction.
> > > > >
> > > > > +
> > > > >
> > > > > + This function performs Sha3 digest on a data buffer of the specified
> size.
> > > > >
> > > > > + It can be called multiple times to compute the digest of long or
> > > > discontinuous
> > > > > data streams.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in,out] Context Pointer to the Keccak context.
> > > > >
> > > > > + @param[in] Data Pointer to the buffer containing the data to be
> > > > hashed.
> > > > >
> > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval 1 Update successfully.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINT8
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +Sha3Update (
> > > > >
> > > > > + IN OUT Keccak1600_Ctx *Context,
> > > > >
> > > > > + IN const VOID *Data,
> > > > >
> > > > > + IN UINTN DataSize
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + const UINT8 *DataCopy;
> > > > >
> > > > > + UINTN BlockSize;
> > > > >
> > > > > + UINTN Num;
> > > > >
> > > > > + UINTN Rem;
> > > > >
> > > > > +
> > > > >
> > > > > + DataCopy = Data;
> > > > >
> > > > > + BlockSize = (UINT8)(Context->block_size);
> > > > >
> > > > > +
> > > > >
> > > > > + if (DataSize == 0) {
> > > > >
> > > > > + return 1;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if ((Num = Context->num) != 0) {
> > > > >
> > > > > + //
> > > > >
> > > > > + // process intermediate buffer
> > > > >
> > > > > + //
> > > > >
> > > > > + Rem = BlockSize - Num;
> > > > >
> > > > > +
> > > > >
> > > > > + if (DataSize < Rem) {
> > > > >
> > > > > + memcpy (Context->buf + Num, DataCopy, DataSize);
> > > > >
> > > > > + Context->num += DataSize;
> > > > >
> > > > > + return 1;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // We have enough data to fill or overflow the intermediate
> > > > >
> > > > > + // buffer. So we append |Rem| bytes and process the block,
> > > > >
> > > > > + // leaving the rest for later processing.
> > > > >
> > > > > + //
> > > > >
> > > > > + memcpy (Context->buf + Num, DataCopy, Rem);
> > > > >
> > > > > + DataCopy += Rem;
> > > > >
> > > > > + DataSize -= Rem;
> > > > >
> > > > > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> > > > >
> > > > > + Context->num = 0;
> > > > >
> > > > > + // Context->buf is processed, Context->num is guaranteed to be zero.
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if (DataSize >= BlockSize) {
> > > > >
> > > > > + Rem = SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize);
> > > > >
> > > > > + } else {
> > > > >
> > > > > + Rem = DataSize;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if (Rem > 0) {
> > > > >
> > > > > + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem);
> > > > >
> > > > > + Context->num = Rem;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + return 1;
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Completes computation of Sha3 message digest.
> > > > >
> > > > > +
> > > > >
> > > > > + This function completes sha3 hash computation and retrieves the
> digest
> > > > value
> > > > > into
> > > > >
> > > > > + the specified memory. After this function has been called, the keccak
> > > > context
> > > > > cannot
> > > > >
> > > > > + be used again.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in, out] Context Pointer to the keccak context.
> > > > >
> > > > > + @param[out] MessageDigest Pointer to a buffer that receives the
> > > > > message digest.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval 1 Meaasge digest computation succeeded.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINT8
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +Sha3Final (
> > > > >
> > > > > + IN OUT Keccak1600_Ctx *Context,
> > > > >
> > > > > + OUT UINT8 *MessageDigest
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + UINTN BlockSize;
> > > > >
> > > > > + UINTN Num;
> > > > >
> > > > > +
> > > > >
> > > > > + BlockSize = Context->block_size;
> > > > >
> > > > > + Num = Context->num;
> > > > >
> > > > > +
> > > > >
> > > > > + if (Context->md_size == 0) {
> > > > >
> > > > > + return 1;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1|
> > > > >
> > > > > + // in which case both byte operations below are performed on
> > > > >
> > > > > + // same byte.
> > > > >
> > > > > + //
> > > > >
> > > > > + memset (Context->buf + Num, 0, BlockSize - Num);
> > > > >
> > > > > + Context->buf[Num] = Context->pad;
> > > > >
> > > > > + Context->buf[BlockSize - 1] |= 0x80;
> > > > >
> > > > > +
> > > > >
> > > > > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> > > > >
> > > > > +
> > > > >
> > > > > + SHA3_squeeze (Context->A, MessageDigest, Context->md_size,
> > BlockSize);
> > > > >
> > > > > +
> > > > >
> > > > > + return 1;
> > > > >
> > > > > +}
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > > > new file mode 100644
> > > > > index 000000000000..12c46cfbcd59
> > > > > --- /dev/null
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > > > @@ -0,0 +1,107 @@
> > > > > +/** @file
> > > > >
> > > > > + Encode realted functions from Xkcp.
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> > > > >
> > > > > +https://github.com/XKCP/XKCP
> > > > >
> > > > > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and
> > > Gilles
> > > > > Van Assche.
> > > > >
> > > > > +Implementation by the designers, hereby denoted as "the implementer".
> > > > >
> > > > > +For more information, feedback or questions, please refer to the Keccak
> > > > Team
> > > > > website:
> > > > >
> > > > > +https://keccak.team/
> > > > >
> > > > > +To the extent possible under law, the implementer has waived all
> > copyright
> > > > >
> > > > > +and related or neighboring rights to the source code in this file.
> > > > >
> > > > > +http://creativecommons.org/publicdomain/zero/1.0/
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +
> > > > >
> > > > > +#include "CryptParallelHash.h"
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Encode function from XKCP.
> > > > >
> > > > > +
> > > > >
> > > > > + Encodes the input as a byte string in a way that can be unambiguously
> > > > parsed
> > > > >
> > > > > + from the beginning of the string by inserting the length of the byte
> string
> > > > >
> > > > > + before the byte string representation of input.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[out] EncBuf Result of left encode.
> > > > >
> > > > > + @param[in] Value Input of left encode.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval EncLen Size of encode result in bytes.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINTN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +LeftEncode (
> > > > >
> > > > > + OUT UINT8 *EncBuf,
> > > > >
> > > > > + IN UINTN Value
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + UINT32 BlockNum;
> > > > >
> > > > > + UINT32 EncLen;
> > > > >
> > > > > + UINT32 Index;
> > > > >
> > > > > + UINTN ValueCopy;
> > > > >
> > > > > +
> > > > >
> > > > > + for ( ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum <
> > sizeof
> > > > > (UINTN)); ++BlockNum, ValueCopy >>= 8 ) {
> > > > >
> > > > > + //
> > > > >
> > > > > + // Empty
> > > > >
> > > > > + //
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if (BlockNum == 0) {
> > > > >
> > > > > + BlockNum = 1;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + for (Index = 1; Index <= BlockNum; ++Index) {
> > > > >
> > > > > + EncBuf[Index] = (UINT8)(Value >> (8 * (BlockNum - Index)));
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + EncBuf[0] = (UINT8)BlockNum;
> > > > >
> > > > > + EncLen = BlockNum + 1;
> > > > >
> > > > > +
> > > > >
> > > > > + return EncLen;
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Encode function from XKCP.
> > > > >
> > > > > +
> > > > >
> > > > > + Encodes the input as a byte string in a way that can be unambiguously
> > > > parsed
> > > > >
> > > > > + from the end of the string by inserting the length of the byte string
> after
> > > > >
> > > > > + the byte string representation of input.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[out] EncBuf Result of right encode.
> > > > >
> > > > > + @param[in] Value Input of right encode.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval EncLen Size of encode result in bytes.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINTN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +RightEncode (
> > > > >
> > > > > + OUT UINT8 *EncBuf,
> > > > >
> > > > > + IN UINTN Value
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + UINT32 BlockNum;
> > > > >
> > > > > + UINT32 EncLen;
> > > > >
> > > > > + UINT32 Index;
> > > > >
> > > > > + UINTN ValueCopy;
> > > > >
> > > > > +
> > > > >
> > > > > + for (ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum <
> > sizeof
> > > > > (UINTN)); ++BlockNum, ValueCopy >>= 8) {
> > > > >
> > > > > + //
> > > > >
> > > > > + // Empty
> > > > >
> > > > > + //
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + if (BlockNum == 0) {
> > > > >
> > > > > + BlockNum = 1;
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + for (Index = 1; Index <= BlockNum; ++Index) {
> > > > >
> > > > > + EncBuf[Index-1] = (UINT8)(Value >> (8 * (BlockNum-Index)));
> > > > >
> > > > > + }
> > > > >
> > > > > +
> > > > >
> > > > > + EncBuf[BlockNum] = (UINT8)BlockNum;
> > > > >
> > > > > + EncLen = BlockNum + 1;
> > > > >
> > > > > +
> > > > >
> > > > > + return EncLen;
> > > > >
> > > > > +}
> > > > >
> > > > > diff --git
> > > a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > > > b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > > > new file mode 100644
> > > > > index 000000000000..2bf89594def5
> > > > > --- /dev/null
> > > > > +++ b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > > > @@ -0,0 +1,40 @@
> > > > > +/** @file
> > > > >
> > > > > + ParallelHash Implementation which does not provide real capabilities.
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +
> > > > >
> > > > > +#include "InternalCryptLib.h"
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > Publication
> > > > > 800-185,
> > > > >
> > > > > + published December 2016.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] Input Pointer to the input message (X).
> > > > >
> > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> for
> > > the
> > > > > input data.
> > > > >
> > > > > + @param[in] BlockSize The size of each block (B).
> > > > >
> > > > > + @param[out] Output Pointer to the output buffer.
> > > > >
> > > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > >
> > > > > + @param[in] CustomByteLen The length of the customization string
> in
> > > > bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +ParallelHash256HashAll (
> > > > >
> > > > > + IN CONST VOID *Input,
> > > > >
> > > > > + IN UINTN InputByteLen,
> > > > >
> > > > > + IN UINTN BlockSize,
> > > > >
> > > > > + OUT VOID *Output,
> > > > >
> > > > > + IN UINTN OutputByteLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomByteLen
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + ASSERT (FALSE);
> > > > >
> > > > > + return FALSE;
> > > > >
> > > > > +}
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > > index c8df259ea963..8ee1b53cf957 100644
> > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > > @@ -3,7 +3,7 @@
> > > > > Protocol/PPI.
> > > > >
> > > > >
> > > > >
> > > > > Copyright (C) Microsoft Corporation. All rights reserved.
> > > > >
> > > > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > >
> > > > >
> > > > > **/
> > > > >
> > > > > @@ -870,6 +870,38 @@ Sha512HashAll (
> > > > > CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue),
> > > FALSE);
> > > > >
> > > > > }
> > > > >
> > > > >
> > > > >
> > > > > +/**
> > > > >
> > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > Publication
> > > > > 800-185,
> > > > >
> > > > > + published December 2016.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] Input Pointer to the input message (X).
> > > > >
> > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> for
> > > the
> > > > > input data.
> > > > >
> > > > > + @param[in] BlockSize The size of each block (B).
> > > > >
> > > > > + @param[out] Output Pointer to the output buffer.
> > > > >
> > > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > >
> > > > > + @param[in] CustomByteLen The length of the customization string
> in
> > > > bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > >
> > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +ParallelHash256HashAll (
> > > > >
> > > > > + IN CONST VOID *Input,
> > > > >
> > > > > + IN UINTN InputByteLen,
> > > > >
> > > > > + IN UINTN BlockSize,
> > > > >
> > > > > + OUT VOID *Output,
> > > > >
> > > > > + IN UINTN OutputByteLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomByteLen
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input, InputByteLen,
> > > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen),
> FALSE);
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > /**
> > > > >
> > > > > Retrieves the size, in bytes, of the context buffer required for SM3 hash
> > > > > operations.
> > > > >
> > > > >
> > > > >
> > > > > diff --git
> > > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > > > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > > > new file mode 100644
> > > > > index 000000000000..fb57e91a9f16
> > > > > --- /dev/null
> > > > > +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > > > @@ -0,0 +1,145 @@
> > > > > +/** @file
> > > > >
> > > > > + Application for Parallelhash Function Validation.
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +
> > > > >
> > > > > +#include "TestBaseCryptLib.h"
> > > > >
> > > > > +
> > > > >
> > > > > +//
> > > > >
> > > > > +// Parallelhash Test Sample common parameters.
> > > > >
> > > > > +//
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN OutputByteLen =
> > 64;
> > > > >
> > > > > +
> > > > >
> > > > > +//
> > > > >
> > > > > +// Parallelhash Test Sample #1 from NIST Special Publication 800-185.
> > > > >
> > > > > +//
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample1[] =
> {
> > > > >
> > > > > + // input data of sample1.
> > > > >
> > > > > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x10, 0x11, 0x12, 0x13,
> > > > 0x14,
> > > > > 0x15, 0x16, 0x17,
> > > > >
> > > > > + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
> > > > >
> > > > > +};
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> InputSample1ByteLen
> > =
> > > > 24;
> > > > > // Length of sample1 input data in bytes.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > > > *CustomizationSample1
> > > > > = ""; // Customization string (S) of sample1.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> > CustomSample1ByteLen
> > > =
> > > > 0;
> > > > > // Customization string length of sample1 in bytes.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample1
> =
> > 8;
> > > > > // Block size of sample1.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > > > ExpectOutputSample1[]
> > > > > = {
> > > > >
> > > > > + // Expected output data of sample1.
> > > > >
> > > > > + 0xbc, 0x1e, 0xf1, 0x24, 0xda, 0x34, 0x49, 0x5e, 0x94, 0x8e, 0xad, 0x20,
> > > > 0x7d,
> > > > > 0xd9, 0x84, 0x22,
> > > > >
> > > > > + 0x35, 0xda, 0x43, 0x2d, 0x2b, 0xbc, 0x54, 0xb4, 0xc1, 0x10, 0xe6, 0x4c,
> > > > 0x45,
> > > > > 0x11, 0x05, 0x53,
> > > > >
> > > > > + 0x1b, 0x7f, 0x2a, 0x3e, 0x0c, 0xe0, 0x55, 0xc0, 0x28, 0x05, 0xe7, 0xc2,
> > > 0xde,
> > > > > 0x1f, 0xb7, 0x46,
> > > > >
> > > > > + 0xaf, 0x97, 0xa1, 0xd0, 0x01, 0xf4, 0x3b, 0x82, 0x4e, 0x31, 0xb8, 0x76,
> > > 0x12,
> > > > > 0x41, 0x04, 0x29
> > > > >
> > > > > +};
> > > > >
> > > > > +
> > > > >
> > > > > +//
> > > > >
> > > > > +// Parallelhash Test Sample #2 from NIST Special Publication 800-185.
> > > > >
> > > > > +//
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 *InputSample2
> > =
> > > > > InputSample1; // Input of sample2 is same as sample1.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> InputSample2ByteLen
> > =
> > > > 24;
> > > > > // Length of sample2 input data in bytes.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > > > *CustomizationSample2
> > > > > = "Parallel Data"; // Customization string (S) of sample2.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> > CustomSample2ByteLen
> > > =
> > > > > 13; // Customization string length of sample2 in bytes.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample2
> =
> > 8;
> > > > > // Block size of sample2.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > > > ExpectOutputSample2[]
> > > > > = {
> > > > >
> > > > > + // Expected output data of sample2.
> > > > >
> > > > > + 0xcd, 0xf1, 0x52, 0x89, 0xb5, 0x4f, 0x62, 0x12, 0xb4, 0xbc, 0x27, 0x05,
> > > 0x28,
> > > > > 0xb4, 0x95, 0x26,
> > > > >
> > > > > + 0x00, 0x6d, 0xd9, 0xb5, 0x4e, 0x2b, 0x6a, 0xdd, 0x1e, 0xf6, 0x90, 0x0d,
> > > > 0xda,
> > > > > 0x39, 0x63, 0xbb,
> > > > >
> > > > > + 0x33, 0xa7, 0x24, 0x91, 0xf2, 0x36, 0x96, 0x9c, 0xa8, 0xaf, 0xae, 0xa2,
> > > 0x9c,
> > > > > 0x68, 0x2d, 0x47,
> > > > >
> > > > > + 0xa3, 0x93, 0xc0, 0x65, 0xb3, 0x8e, 0x29, 0xfa, 0xe6, 0x51, 0xa2, 0x09,
> > > 0x1c,
> > > > > 0x83, 0x31, 0x10
> > > > >
> > > > > +};
> > > > >
> > > > > +
> > > > >
> > > > > +//
> > > > >
> > > > > +// Parallelhash Test Sample #3 from NIST Special Publication 800-185.
> > > > >
> > > > > +//
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample3[] =
> {
> > > > >
> > > > > + // input data of sample3.
> > > > >
> > > > > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
> > > > 0x10,
> > > > > 0x11, 0x12, 0x13,
> > > > >
> > > > > + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x20, 0x21, 0x22, 0x23,
> > > > 0x24,
> > > > > 0x25, 0x26, 0x27,
> > > > >
> > > > > + 0x28, 0x29, 0x2a, 0x2b, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> > > > 0x38,
> > > > > 0x39, 0x3a, 0x3b,
> > > > >
> > > > > + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b,
> > > > 0x50,
> > > > > 0x51, 0x52, 0x53,
> > > > >
> > > > > + 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b
> > > > >
> > > > > +};
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> InputSample3ByteLen
> > =
> > > > 72;
> > > > > // Length of sample3 input data in bytes.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > > > *CustomizationSample3
> > > > > = "Parallel Data"; // Customization string (S) of sample3.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> > CustomSample3ByteLen
> > > =
> > > > > 13; // Customization string length of sample3 in bytes.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample3
> =
> > > 12;
> > > > > // Block size of sample3.
> > > > >
> > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > > > ExpectOutputSample3[]
> > > > > = {
> > > > >
> > > > > + // Expected output data of sample3.
> > > > >
> > > > > + 0x69, 0xd0, 0xfc, 0xb7, 0x64, 0xea, 0x05, 0x5d, 0xd0, 0x93, 0x34, 0xbc,
> > > 0x60,
> > > > > 0x21, 0xcb, 0x7e,
> > > > >
> > > > > + 0x4b, 0x61, 0x34, 0x8d, 0xff, 0x37, 0x5d, 0xa2, 0x62, 0x67, 0x1c, 0xde,
> > > 0xc3,
> > > > > 0xef, 0xfa, 0x8d,
> > > > >
> > > > > + 0x1b, 0x45, 0x68, 0xa6, 0xcc, 0xe1, 0x6b, 0x1c, 0xad, 0x94, 0x6d, 0xdd,
> > > > 0xe2,
> > > > > 0x7f, 0x6c, 0xe2,
> > > > >
> > > > > + 0xb8, 0xde, 0xe4, 0xcd, 0x1b, 0x24, 0x85, 0x1e, 0xbf, 0x00, 0xeb, 0x90,
> > > > 0xd4,
> > > > > 0x38, 0x13, 0xe9
> > > > >
> > > > > +};
> > > > >
> > > > > +
> > > > >
> > > > > +UNIT_TEST_STATUS
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +TestVerifyParallelHash256HashAll (
> > > > >
> > > > > + IN UNIT_TEST_CONTEXT Context
> > > > >
> > > > > + )
> > > > >
> > > > > +{
> > > > >
> > > > > + BOOLEAN Status;
> > > > >
> > > > > + UINT8 Output[64];
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Test #1 using sample1.
> > > > >
> > > > > + //
> > > > >
> > > > > + Status = ParallelHash256HashAll (
> > > > >
> > > > > + InputSample1,
> > > > >
> > > > > + InputSample1ByteLen,
> > > > >
> > > > > + BlockSizeSample1,
> > > > >
> > > > > + Output,
> > > > >
> > > > > + OutputByteLen,
> > > > >
> > > > > + CustomizationSample1,
> > > > >
> > > > > + CustomSample1ByteLen
> > > > >
> > > > > + );
> > > > >
> > > > > + UT_ASSERT_TRUE (Status);
> > > > >
> > > > > +
> > > > >
> > > > > + // Check the output with the expected output.
> > > > >
> > > > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample1,
> > > OutputByteLen);
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Test #2 using sample2.
> > > > >
> > > > > + //
> > > > >
> > > > > + Status = ParallelHash256HashAll (
> > > > >
> > > > > + InputSample2,
> > > > >
> > > > > + InputSample2ByteLen,
> > > > >
> > > > > + BlockSizeSample2,
> > > > >
> > > > > + Output,
> > > > >
> > > > > + OutputByteLen,
> > > > >
> > > > > + CustomizationSample2,
> > > > >
> > > > > + CustomSample2ByteLen
> > > > >
> > > > > + );
> > > > >
> > > > > + UT_ASSERT_TRUE (Status);
> > > > >
> > > > > +
> > > > >
> > > > > + // Check the output with the expected output.
> > > > >
> > > > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample2,
> > > OutputByteLen);
> > > > >
> > > > > +
> > > > >
> > > > > + //
> > > > >
> > > > > + // Test #3 using sample3.
> > > > >
> > > > > + //
> > > > >
> > > > > + Status = ParallelHash256HashAll (
> > > > >
> > > > > + InputSample3,
> > > > >
> > > > > + InputSample3ByteLen,
> > > > >
> > > > > + BlockSizeSample3,
> > > > >
> > > > > + Output,
> > > > >
> > > > > + OutputByteLen,
> > > > >
> > > > > + CustomizationSample3,
> > > > >
> > > > > + CustomSample3ByteLen
> > > > >
> > > > > + );
> > > > >
> > > > > + UT_ASSERT_TRUE (Status);
> > > > >
> > > > > +
> > > > >
> > > > > + // Check the output with the expected output.
> > > > >
> > > > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample3,
> > > OutputByteLen);
> > > > >
> > > > > +
> > > > >
> > > > > + return EFI_SUCCESS;
> > > > >
> > > > > +}
> > > > >
> > > > > +
> > > > >
> > > > > +TEST_DESC mParallelhashTest[] = {
> > > > >
> > > > > + //
> > > > >
> > > > > + // -----Description------------------------------Class----------------------
> > > Function--
> > > > --
> > > > > -------------Pre---Post--Context
> > > > >
> > > > > + //
> > > > >
> > > > > + { "TestVerifyParallelHash256HashAll()",
> > > > > "CryptoPkg.BaseCryptLib.ParallelHash256HashAll",
> > > > > TestVerifyParallelHash256HashAll, NULL, NULL, NULL },
> > > > >
> > > > > +};
> > > > >
> > > > > +
> > > > >
> > > > > +UINTN mParallelhashTestNum = ARRAY_SIZE (mParallelhashTest);
> > > > >
> > > > > diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml
> > > > > index eeb388ae71c5..e21fafac1efe 100644
> > > > > --- a/CryptoPkg/CryptoPkg.ci.yaml
> > > > > +++ b/CryptoPkg/CryptoPkg.ci.yaml
> > > > > @@ -2,7 +2,7 @@
> > > > > # CI configuration for CryptoPkg
> > > > >
> > > > > #
> > > > >
> > > > > # Copyright (c) Microsoft Corporation
> > > > >
> > > > > -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +# Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > ##
> > > > >
> > > > > {
> > > > >
> > > > > @@ -34,6 +34,8 @@
> > > > > "Library/OpensslLib/rand_pool.c",
> > > > >
> > > > > # This has OpenSSL interfaces that aren't UEFI spec compliant
> > > > >
> > > > > "Library/Include/CrtLibSupport.h",
> > > > >
> > > > > + # This has OpenSSL interfaces that aren't UEFI spec compliant
> > > > >
> > > > > + "Library/BaseCryptLib/Hash/CryptParallelHash.h",
> > > > >
> > > > > # These directories contain auto-generated OpenSSL content
> > > > >
> > > > > "Library/OpensslLib",
> > > > >
> > > > > "Library/IntrinsicLib",
> > > > >
> > > > > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > > b/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > > index f4bc7c0d73d9..7d1499350a49 100644
> > > > > --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > > @@ -4,7 +4,7 @@
> > > > > primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI
> security
> > > > >
> > > > > functionality enabling.
> > > > >
> > > > >
> > > > >
> > > > > -Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > >
> > > > >
> > > > > **/
> > > > >
> > > > > @@ -753,6 +753,35 @@ Sha512HashAll (
> > > > > OUT UINT8 *HashValue
> > > > >
> > > > > );
> > > > >
> > > > >
> > > > >
> > > > > +/**
> > > > >
> > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > Publication
> > > > > 800-185,
> > > > >
> > > > > + published December 2016.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] Input Pointer to the input message (X).
> > > > >
> > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> for
> > > the
> > > > > input data.
> > > > >
> > > > > + @param[in] BlockSize The size of each block (B).
> > > > >
> > > > > + @param[out] Output Pointer to the output buffer.
> > > > >
> > > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > >
> > > > > + @param[in] CustomByteLen The length of the customization string
> in
> > > > bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > >
> > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +ParallelHash256HashAll (
> > > > >
> > > > > + IN CONST VOID *Input,
> > > > >
> > > > > + IN UINTN InputByteLen,
> > > > >
> > > > > + IN UINTN BlockSize,
> > > > >
> > > > > + OUT VOID *Output,
> > > > >
> > > > > + IN UINTN OutputByteLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomByteLen
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > /**
> > > > >
> > > > > Retrieves the size, in bytes, of the context buffer required for SM3 hash
> > > > > operations.
> > > > >
> > > > >
> > > > >
> > > > > diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > > b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > > index 5186a54759ae..77330961352e 100644
> > > > > --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > > +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > > @@ -2,7 +2,7 @@
> > > > > Defines the PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure
> > associated
> > > > with
> > > > >
> > > > > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.
> > > > >
> > > > >
> > > > >
> > > > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > >
> > > > >
> > > > > **/
> > > > >
> > > > > @@ -288,6 +288,12 @@ typedef struct {
> > > > > } Services;
> > > > >
> > > > > UINT32 Family;
> > > > >
> > > > > } TlsGet;
> > > > >
> > > > > + union {
> > > > >
> > > > > + struct {
> > > > >
> > > > > + UINT8 HashAll : 1;
> > > > >
> > > > > + } Services;
> > > > >
> > > > > + UINT32 Family;
> > > > >
> > > > > + } ParallelHash;
> > > > >
> > > > > } PCD_CRYPTO_SERVICE_FAMILY_ENABLE;
> > > > >
> > > > >
> > > > >
> > > > > #endif
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > > index 49703fa4c963..15cf3dab105c 100644
> > > > > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > > @@ -6,7 +6,7 @@
> > > > > # This external input must be validated carefully to avoid security issues
> > > such
> > > > as
> > > > >
> > > > > # buffer overflow or integer overflow.
> > > > >
> > > > > #
> > > > >
> > > > > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All
> > rights
> > > > > reserved.<BR>
> > > > >
> > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > #
> > > > >
> > > > > @@ -34,6 +34,7 @@
> > > > > Hash/CryptSha256.c
> > > > >
> > > > > Hash/CryptSha512.c
> > > > >
> > > > > Hash/CryptSm3.c
> > > > >
> > > > > + Hash/CryptParallelHashNull.c
> > > > >
> > > > > Hmac/CryptHmacSha256.c
> > > > >
> > > > > Kdf/CryptHkdf.c
> > > > >
> > > > > Cipher/CryptAes.c
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > > > new file mode 100644
> > > > > index 000000000000..fe08d4928e8d
> > > > > --- /dev/null
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > > > @@ -0,0 +1,201 @@
> > > > > +/** @file
> > > > >
> > > > > + ParallelHash related function and type declaration.
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> > > > >
> > > > > +Licensed under the OpenSSL license (the "License"). You may not use
> > > > >
> > > > > +this file except in compliance with the License. You can obtain a copy
> > > > >
> > > > > +in the file LICENSE in the source distribution or at
> > > > >
> > > > > +https://www.openssl.org/source/license.html
> > > > >
> > > > > +
> > > > >
> > > > > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> > > > >
> > > > > +https://github.com/XKCP/XKCP
> > > > >
> > > > > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and
> > > Gilles
> > > > > Van Assche.
> > > > >
> > > > > +Implementation by the designers, hereby denoted as "the implementer".
> > > > >
> > > > > +For more information, feedback or questions, please refer to the Keccak
> > > > Team
> > > > > website:
> > > > >
> > > > > +https://keccak.team/
> > > > >
> > > > > +To the extent possible under law, the implementer has waived all
> > copyright
> > > > >
> > > > > +and related or neighboring rights to the source code in this file.
> > > > >
> > > > > +http://creativecommons.org/publicdomain/zero/1.0/
> > > > >
> > > > > +**/
> > > > >
> > > > > +
> > > > >
> > > > > +#include "InternalCryptLib.h"
> > > > >
> > > > > +
> > > > >
> > > > > +#define KECCAK1600_WIDTH 1600
> > > > >
> > > > > +
> > > > >
> > > > > +//
> > > > >
> > > > > +// This struct referring to m_sha3.c from opessl and modified its type
> > name.
> > > > >
> > > > > +//
> > > > >
> > > > > +typedef struct {
> > > > >
> > > > > + uint64_t A[5][5];
> > > > >
> > > > > + size_t block_size; /* cached ctx->digest->block_size */
> > > > >
> > > > > + size_t md_size; /* output length, variable in XOF */
> > > > >
> > > > > + size_t num; /* used bytes in below buffer */
> > > > >
> > > > > + unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
> > > > >
> > > > > + unsigned char pad;
> > > > >
> > > > > +} Keccak1600_Ctx;
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + SHA3_absorb can be called multiple times, but at each invocation
> > > > >
> > > > > + largest multiple of |r| out of |len| bytes are processed. Then
> > > > >
> > > > > + remaining amount of bytes is returned. This is done to spare caller
> > > > >
> > > > > + trouble of calculating the largest multiple of |r|. |r| can be viewed
> > > > >
> > > > > + as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104,
> > > > >
> > > > > + 72, but can also be (1600 - 448)/8 = 144. All this means that message
> > > > >
> > > > > + padding and intermediate sub-block buffering, byte- or bitwise, is
> > > > >
> > > > > + caller's responsibility.
> > > > >
> > > > > +**/
> > > > >
> > > > > +size_t
> > > > >
> > > > > +SHA3_absorb (
> > > > >
> > > > > + uint64_t A[5][5],
> > > > >
> > > > > + const unsigned char *inp,
> > > > >
> > > > > + size_t len,
> > > > >
> > > > > + size_t r
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + SHA3_squeeze is called once at the end to generate |out| hash value
> > > > >
> > > > > + of |len| bytes.
> > > > >
> > > > > +**/
> > > > >
> > > > > +void
> > > > >
> > > > > +SHA3_squeeze (
> > > > >
> > > > > + uint64_t A[5][5],
> > > > >
> > > > > + unsigned char *out,
> > > > >
> > > > > + size_t len,
> > > > >
> > > > > + size_t r
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Encode function from XKCP.
> > > > >
> > > > > +
> > > > >
> > > > > + Encodes the input as a byte string in a way that can be unambiguously
> > > > parsed
> > > > >
> > > > > + from the beginning of the string by inserting the length of the byte
> string
> > > > >
> > > > > + before the byte string representation of input.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[out] EncBuf Result of left encode.
> > > > >
> > > > > + @param[in] Value Input of left encode.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval EncLen Size of encode result in bytes.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINTN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +LeftEncode (
> > > > >
> > > > > + OUT UINT8 *EncBuf,
> > > > >
> > > > > + IN UINTN Value
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Encode function from XKCP.
> > > > >
> > > > > +
> > > > >
> > > > > + Encodes the input as a byte string in a way that can be unambiguously
> > > > parsed
> > > > >
> > > > > + from the end of the string by inserting the length of the byte string
> after
> > > > >
> > > > > + the byte string representation of input.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[out] EncBuf Result of right encode.
> > > > >
> > > > > + @param[in] Value Input of right encode.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval EncLen Size of encode result in bytes.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINTN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +RightEncode (
> > > > >
> > > > > + OUT UINT8 *EncBuf,
> > > > >
> > > > > + IN UINTN Value
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Keccak initial fuction.
> > > > >
> > > > > +
> > > > >
> > > > > + Set up state with specified capacity.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[out] Context Pointer to the context being initialized.
> > > > >
> > > > > + @param[in] Pad Delimited Suffix.
> > > > >
> > > > > + @param[in] BlockSize Size of context block.
> > > > >
> > > > > + @param[in] MessageDigestLen Size of message digest in bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval 1 Initialize successfully.
> > > > >
> > > > > + @retval 0 Fail to initialize.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINT8
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +KeccakInit (
> > > > >
> > > > > + OUT Keccak1600_Ctx *Context,
> > > > >
> > > > > + IN UINT8 Pad,
> > > > >
> > > > > + IN UINTN BlockSize,
> > > > >
> > > > > + IN UINTN MessageDigstLen
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Sha3 update fuction.
> > > > >
> > > > > +
> > > > >
> > > > > + This function performs Sha3 digest on a data buffer of the specified
> size.
> > > > >
> > > > > + It can be called multiple times to compute the digest of long or
> > > > discontinuous
> > > > > data streams.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in,out] Context Pointer to the Keccak context.
> > > > >
> > > > > + @param[in] Data Pointer to the buffer containing the data to be
> > > > hashed.
> > > > >
> > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval 1 Update successfully.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINT8
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +Sha3Update (
> > > > >
> > > > > + IN OUT Keccak1600_Ctx *Context,
> > > > >
> > > > > + IN const VOID *Data,
> > > > >
> > > > > + IN UINTN DataSize
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Completes computation of Sha3 message digest.
> > > > >
> > > > > +
> > > > >
> > > > > + This function completes sha3 hash computation and retrieves the
> digest
> > > > value
> > > > > into
> > > > >
> > > > > + the specified memory. After this function has been called, the keccak
> > > > context
> > > > > cannot
> > > > >
> > > > > + be used again.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in, out] Context Pointer to the keccak context.
> > > > >
> > > > > + @param[out] MessageDigest Pointer to a buffer that receives the
> > > > > message digest.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval 1 Meaasge digest computation succeeded.
> > > > >
> > > > > +**/
> > > > >
> > > > > +UINT8
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +Sha3Final (
> > > > >
> > > > > + IN OUT Keccak1600_Ctx *Context,
> > > > >
> > > > > + OUT UINT8 *MessageDigest
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > +/**
> > > > >
> > > > > + Computes the CSHAKE-256 message digest of a input data buffer.
> > > > >
> > > > > +
> > > > >
> > > > > + This function performs the CSHAKE-256 message digest of a given data
> > > > buffer,
> > > > > and places
> > > > >
> > > > > + the digest value into the specified memory.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] Data Pointer to the buffer containing the data to
> > be
> > > > > hashed.
> > > > >
> > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > >
> > > > > + @param[in] OutputLen Size of output in bytes.
> > > > >
> > > > > + @param[in] Name Pointer to the function name string.
> > > > >
> > > > > + @param[in] NameLen Size of the function name in bytes.
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string.
> > > > >
> > > > > + @param[in] CustomizationLen Size of the customization string in
> bytes.
> > > > >
> > > > > + @param[out] HashValue Pointer to a buffer that receives the
> > > CSHAKE-
> > > > > 256 digest
> > > > >
> > > > > + value.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE CSHAKE-256 digest computation succeeded.
> > > > >
> > > > > + @retval FALSE CSHAKE-256 digest computation failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +EFIAPI
> > > > >
> > > > > +CShake256HashAll (
> > > > >
> > > > > + IN CONST VOID *Data,
> > > > >
> > > > > + IN UINTN DataSize,
> > > > >
> > > > > + IN UINTN OutputLen,
> > > > >
> > > > > + IN CONST VOID *Name,
> > > > >
> > > > > + IN UINTN NameLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomizationLen,
> > > > >
> > > > > + OUT UINT8 *HashValue
> > > > >
> > > > > + );
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > > index 0cab5f3ce36c..bf1563b06407 100644
> > > > > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > > @@ -13,7 +13,7 @@
> > > > > # PEM handler functions, and pseudorandom number generator
> functions
> > > are
> > > > > not
> > > > >
> > > > > # supported in this instance.
> > > > >
> > > > > #
> > > > >
> > > > > -# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > #
> > > > >
> > > > > ##
> > > > >
> > > > > @@ -40,6 +40,7 @@
> > > > > Hash/CryptSha256.c
> > > > >
> > > > > Hash/CryptSm3.c
> > > > >
> > > > > Hash/CryptSha512.c
> > > > >
> > > > > + Hash/CryptParallelHashNull.c
> > > > >
> > > > > Hmac/CryptHmacSha256.c
> > > > >
> > > > > Kdf/CryptHkdf.c
> > > > >
> > > > > Cipher/CryptAesNull.c
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > > index fdbb6edfd23e..6742da0be4fe 100644
> > > > > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > > @@ -11,7 +11,7 @@
> > > > > # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions,
> > > and
> > > > >
> > > > > # authenticode signature verification functions are not supported in this
> > > > > instance.
> > > > >
> > > > > #
> > > > >
> > > > > -# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > # Copyright (c) 2021, Hewlett Packard Enterprise Development LP. All
> > rights
> > > > > reserved.<BR>
> > > > >
> > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > #
> > > > >
> > > > > @@ -40,6 +40,7 @@
> > > > > Hash/CryptSha256.c
> > > > >
> > > > > Hash/CryptSm3.c
> > > > >
> > > > > Hash/CryptSha512.c
> > > > >
> > > > > + Hash/CryptParallelHashNull.c
> > > > >
> > > > > Hmac/CryptHmacSha256.c
> > > > >
> > > > > Kdf/CryptHkdf.c
> > > > >
> > > > > Cipher/CryptAes.c
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > > index e6470d7a2127..8f39517f78b7 100644
> > > > > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > > @@ -10,7 +10,7 @@
> > > > > # RSA external functions, PKCS#7 SignedData sign functions, Diffie-
> > Hellman
> > > > > functions, and
> > > > >
> > > > > # authenticode signature verification functions are not supported in this
> > > > > instance.
> > > > >
> > > > > #
> > > > >
> > > > > -# Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > #
> > > > >
> > > > > ##
> > > > >
> > > > > @@ -38,6 +38,10 @@
> > > > > Hash/CryptSha256.c
> > > > >
> > > > > Hash/CryptSm3.c
> > > > >
> > > > > Hash/CryptSha512.c
> > > > >
> > > > > + Hash/CryptSha3.c
> > > > >
> > > > > + Hash/CryptXkcp.c
> > > > >
> > > > > + Hash/CryptCShake256.c
> > > > >
> > > > > + Hash/CryptParallelHash.c
> > > > >
> > > > > Hmac/CryptHmacSha256.c
> > > > >
> > > > > Kdf/CryptHkdfNull.c
> > > > >
> > > > > Cipher/CryptAes.c
> > > > >
> > > > > @@ -85,6 +89,8 @@
> > > > > OpensslLib
> > > > >
> > > > > IntrinsicLib
> > > > >
> > > > > PrintLib
> > > > >
> > > > > + MmServicesTableLib
> > > > >
> > > > > + SynchronizationLib
> > > > >
> > > > >
> > > > >
> > > > > #
> > > > >
> > > > > # Remove these [BuildOptions] after this library is cleaned up
> > > > >
> > > > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > > b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > > index faf959827b90..63d1d82d1914 100644
> > > > > --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > > +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > > @@ -6,7 +6,7 @@
> > > > > # This external input must be validated carefully to avoid security issues
> > > such
> > > > as
> > > > >
> > > > > # buffer overflow or integer overflow.
> > > > >
> > > > > #
> > > > >
> > > > > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All
> > rights
> > > > > reserved.<BR>
> > > > >
> > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > #
> > > > >
> > > > > @@ -34,6 +34,7 @@
> > > > > Hash/CryptSha256Null.c
> > > > >
> > > > > Hash/CryptSha512Null.c
> > > > >
> > > > > Hash/CryptSm3Null.c
> > > > >
> > > > > + Hash/CryptParallelHashNull.c
> > > > >
> > > > > Hmac/CryptHmacSha256Null.c
> > > > >
> > > > > Kdf/CryptHkdfNull.c
> > > > >
> > > > > Cipher/CryptAesNull.c
> > > > >
> > > > > diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > > b/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > > index d257dca8fa9b..b76b140a7acf 100644
> > > > > --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > > +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > > @@ -2,7 +2,7 @@
> > > > > Root include file of C runtime library to support building the third-party
> > > > >
> > > > > cryptographic library.
> > > > >
> > > > >
> > > > >
> > > > > -Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > +Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All
> rights
> > > > > reserved.<BR>
> > > > >
> > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > >
> > > > >
> > > > > @@ -111,6 +111,7 @@ typedef UINT8 u_char;
> > > > > typedef UINT32 uid_t;
> > > > >
> > > > > typedef UINT32 gid_t;
> > > > >
> > > > > typedef CHAR16 wchar_t;
> > > > >
> > > > > +typedef UINT64 uint64_t;
> > > > >
> > > > >
> > > > >
> > > > > //
> > > > >
> > > > > // File operations are not required for EFI building,
> > > > >
> > > > > diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> > > > > b/CryptoPkg/Private/Protocol/Crypto.h
> > > > > index e378a8a8c60e..de45778c7d42 100644
> > > > > --- a/CryptoPkg/Private/Protocol/Crypto.h
> > > > > +++ b/CryptoPkg/Private/Protocol/Crypto.h
> > > > > @@ -2,7 +2,7 @@
> > > > > This Protocol provides Crypto services to DXE modules
> > > > >
> > > > >
> > > > >
> > > > > Copyright (C) Microsoft Corporation. All rights reserved.
> > > > >
> > > > > - Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > + Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > >
> > > > >
> > > > > **/
> > > > >
> > > > > @@ -21,7 +21,7 @@
> > > > > /// the EDK II Crypto Protocol is extended, this version define must be
> > > > >
> > > > > /// increased.
> > > > >
> > > > > ///
> > > > >
> > > > > -#define EDKII_CRYPTO_VERSION 7
> > > > >
> > > > > +#define EDKII_CRYPTO_VERSION 8
> > > > >
> > > > >
> > > > >
> > > > > ///
> > > > >
> > > > > /// EDK II Crypto Protocol forward declaration
> > > > >
> > > > > @@ -3383,6 +3383,35 @@ EFI_STATUS
> > > > > IN OUT UINTN *DataSize
> > > > >
> > > > > );
> > > > >
> > > > >
> > > > >
> > > > > +/**
> > > > >
> > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > Publication
> > > > > 800-185,
> > > > >
> > > > > + published December 2016.
> > > > >
> > > > > +
> > > > >
> > > > > + @param[in] Input Pointer to the input message (X).
> > > > >
> > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> for
> > > the
> > > > > input data.
> > > > >
> > > > > + @param[in] BlockSize The size of each block (B).
> > > > >
> > > > > + @param[out] Output Pointer to the output buffer.
> > > > >
> > > > > + @param[in] OutputByteLen The desired number of output bytes (L).
> > > > >
> > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > >
> > > > > + @param[in] CustomByteLen The length of the customization string
> in
> > > > bytes.
> > > > >
> > > > > +
> > > > >
> > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > >
> > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > >
> > > > > + @retval FALSE This interface is not supported.
> > > > >
> > > > > +
> > > > >
> > > > > +**/
> > > > >
> > > > > +typedef
> > > > >
> > > > > +BOOLEAN
> > > > >
> > > > > +(EFIAPI *EDKII_CRYPTO_PARALLEL_HASH_ALL)(
> > > > >
> > > > > + IN CONST VOID *Input,
> > > > >
> > > > > + IN UINTN InputByteLen,
> > > > >
> > > > > + IN UINTN BlockSize,
> > > > >
> > > > > + OUT VOID *Output,
> > > > >
> > > > > + IN UINTN OutputByteLen,
> > > > >
> > > > > + IN CONST VOID *Customization,
> > > > >
> > > > > + IN UINTN CustomByteLen
> > > > >
> > > > > + );
> > > > >
> > > > > +
> > > > >
> > > > > /**
> > > > >
> > > > > Carries out the RSA-SSA signature generation with EMSA-PSS encoding
> > > > scheme.
> > > > >
> > > > >
> > > > >
> > > > > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > > > > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT
> > TlsGetHostPublicCert;
> > > > >
> > > > > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY
> > TlsGetHostPrivateKey;
> > > > >
> > > > > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > > > > TlsGetCertRevocationList;
> > > > >
> > > > > + /// Parallel hash
> > > > >
> > > > > + EDKII_CRYPTO_PARALLEL_HASH_ALL
> ParallelHash256HashAll;
> > > > >
> > > > > /// RSA PSS
> > > > >
> > > > > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> > > > >
> > > > > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> > > > >
> > > > > diff --git a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > > b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > > index ff0af36bcc80..c50a9cc4dc9f 100644
> > > > > --- a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > > +++ b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > > @@ -2,6 +2,7 @@
> > > > > # CryptoPkg DSC file used to build host-based unit tests.
> > > > >
> > > > > #
> > > > >
> > > > > # Copyright (c) Microsoft Corporation.<BR>
> > > > >
> > > > > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > #
> > > > >
> > > > > ##
> > > > >
> > > > > @@ -21,6 +22,9 @@
> > > > > [LibraryClasses]
> > > > >
> > > > > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > > > >
> > > > >
> > > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
> > > > >
> > > > > +
> > > > >
> > > >
> > >
> >
> MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib
> > > > > .inf
> > > > >
> > > > > +
> > > > >
> > > >
> > >
> >
> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizati
> > > > > onLib.inf
> > > > >
> > > > > +
> > > > >
> > > >
> > >
> >
> TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat
> > > > > e.inf
> > > > >
> > > > >
> > > > >
> > > > > [LibraryClasses.AARCH64, LibraryClasses.ARM]
> > > > >
> > > > > RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> > > > >
> > > > > diff --git
> > > > >
> a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > >
> b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > > index 00c869265080..399db596c2d1 100644
> > > > > ---
> > > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > > +++
> > > > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > > @@ -2,6 +2,7 @@
> > > > > # Host-based UnitTest for BaseCryptLib
> > > > >
> > > > > #
> > > > >
> > > > > # Copyright (c) Microsoft Corporation.<BR>
> > > > >
> > > > > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > >
> > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > >
> > > > > ##
> > > > >
> > > > >
> > > > >
> > > > > @@ -35,6 +36,7 @@
> > > > > Pkcs7EkuTests.c
> > > > >
> > > > > OaepEncryptTests.c
> > > > >
> > > > > RsaPssTests.c
> > > > >
> > > > > + ParallelhashTests.c
> > > > >
> > > > >
> > > > >
> > > > > [Packages]
> > > > >
> > > > > MdePkg/MdePkg.dec
> > > > >
> > > > > @@ -45,3 +47,5 @@
> > > > > DebugLib
> > > > >
> > > > > BaseCryptLib
> > > > >
> > > > > UnitTestLib
> > > > >
> > > > > + MmServicesTableLib
> > > > >
> > > > > + SynchronizationLib
> > > > >
> > > > > --
> > > > > 2.26.2.windows.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib.
2022-03-18 1:59 ` Yao, Jiewen
@ 2022-03-18 2:00 ` Li, Zhihao
0 siblings, 0 replies; 7+ messages in thread
From: Li, Zhihao @ 2022-03-18 2:00 UTC (permalink / raw)
To: Yao, Jiewen, devel@edk2.groups.io
Cc: Wang, Jian J, Lu, Xiaoyu1, Jiang, Guomin, Fu, Siyuan
OK
> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: Friday, March 18, 2022 9:59 AM
> To: Li, Zhihao <zhihao.li@intel.com>; devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>;
> Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>;
> Yao, Jiewen <jiewen.yao@intel.com>
> Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> ParallelHash256HashAll in BaseCryptLib.
>
> Yes. It seems we missed RsaPssSign and RsaPssVerify in previous patch. Sigh...
>
> Would you please help to add them?
>
>
>
> > -----Original Message-----
> > From: Li, Zhihao <zhihao.li@intel.com>
> > Sent: Friday, March 18, 2022 9:53 AM
> > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> <xiaoyu1.lu@intel.com>;
> > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > ParallelHash256HashAll in BaseCryptLib.
> >
> > Build CryptoPei and CryptoSmm driver report this error.
> >
> > INFO - /home/vsts/work/1/s/CryptoPkg/Driver/Crypto.c:4707:3: error:
> > initialization of 'BOOLEAN (__attribute__((ms_abi)) *)(void *, const UINT8 *,
> > UINTN, UINT16, UINT16, UINT8 *, UINTN *)' from incompatible pointer type
> > 'BOOLEAN (__attribute__((ms_abi)) *)(const void *, UINTN, UINTN, void *,
> > UINTN, const void *, UINTN)' [-Werror=incompatible-pointer-types]
> > INFO - 4707 | CryptoServiceParallelHash256HashAll
> >
> > In Crypto.c:
> > const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
> > ...
> > CryptoServiceTlsGetHostPrivateKey,
> > CryptoServiceTlsGetCertRevocationList,
> > /// Parallel hash
> > CryptoServiceParallelHash256HashAll
> > };
> > In Crypto.h
> > struct _EDKII_CRYPTO_PROTOCOL {
> > ...
> > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > TlsGetCertRevocationList;
> > /// RSA PSS
> > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> > /// Parallel hash
> > EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
> > };
> > And
> > typedef
> > BOOLEAN
> > (EFIAPI *EDKII_CRYPTO_RSA_PSS_SIGN)(
> > IN VOID *RsaContext,
> > IN CONST UINT8 *Message,
> > IN UINTN MsgSize,
> > IN UINT16 DigestLen,
> > IN UINT16 SaltLen,
> > OUT UINT8 *Signature,
> > IN OUT UINTN *SigSize
> > );
> >
> > So I think solve this error need to put ParallelHash256HashAll before
> RsaPssSign.
> > And test result is successful.
> > Is there anything wrong with my judgment?
> >
> >
> > > -----Original Message-----
> > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > Sent: Friday, March 18, 2022 8:56 AM
> > > To: Li, Zhihao <zhihao.li@intel.com>; devel@edk2.groups.io
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> > <xiaoyu1.lu@intel.com>;
> > > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>
> > > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > ParallelHash256HashAll in BaseCryptLib.
> > >
> > > What is root cause of failure?
> > >
> > > I don't understand.
> > >
> > > > -----Original Message-----
> > > > From: Li, Zhihao <zhihao.li@intel.com>
> > > > Sent: Friday, March 18, 2022 12:27 AM
> > > > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io
> > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> > > <xiaoyu1.lu@intel.com>;
> > > > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan
> <siyuan.fu@intel.com>
> > > > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > > ParallelHash256HashAll in BaseCryptLib.
> > > >
> > > > Because it will cause patch to fail in CI test while to succeed if follow the
> > > setting.
> > > > Failed test: https://github.com/tianocore/edk2/pull/2535
> > > >
> > > > I guess it's because data structure
> EDKII_CRYPTO_PROTOCOL( mEdkiiCrypto)
> > > > doesn't have /// RSA PSS members in Crypto.c
> > > >
> > > > > -----Original Message-----
> > > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > > Sent: Thursday, March 17, 2022 10:13 PM
> > > > > To: Li, Zhihao <zhihao.li@intel.com>; devel@edk2.groups.io
> > > > > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1
> > > > <xiaoyu1.lu@intel.com>;
> > > > > Jiang, Guomin <guomin.jiang@intel.com>; Fu, Siyuan
> > <siyuan.fu@intel.com>
> > > > > Subject: RE: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > > > ParallelHash256HashAll in BaseCryptLib.
> > > > >
> > > > > Hey
> > > > > Are you following the guideline - don't put new field in the middle ?
> > > > >
> > > > > ParallelHash256HashAll API is still in the middle......
> > > > >
> > > > >
> > > > > > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > > > > > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT
> > > TlsGetHostPublicCert;
> > > > > >
> > > > > > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY
> > > TlsGetHostPrivateKey;
> > > > > >
> > > > > > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > > > > > TlsGetCertRevocationList;
> > > > > >
> > > > > > + /// Parallel hash
> > > > > >
> > > > > > + EDKII_CRYPTO_PARALLEL_HASH_ALL
> > ParallelHash256HashAll;
> > > > > >
> > > > > > /// RSA PSS
> > > > > >
> > > > > > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> > > > > >
> > > > > > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> > > > > >
> > > > >
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Li, Zhihao <zhihao.li@intel.com>
> > > > > > Sent: Thursday, March 17, 2022 12:35 PM
> > > > > > To: devel@edk2.groups.io
> > > > > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> > > > > <jian.j.wang@intel.com>;
> > > > > > Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin
> > > > > <guomin.jiang@intel.com>;
> > > > > > Fu, Siyuan <siyuan.fu@intel.com>
> > > > > > Subject: [PATCH v6 1/1] CryptoPkg: Add new hash algorithm
> > > > > > ParallelHash256HashAll in BaseCryptLib.
> > > > > >
> > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3596
> > > > > >
> > > > > > Parallel hash function ParallelHash256HashAll, as defined in NIST's
> > > > > > Special Publication 800-185, published December 2016. It utilizes
> > > > > > multi-process to calculate the digest.
> > > > > >
> > > > > > Passed CI test.
> > > > > > Onprotocol version code passed test.
> > > > > >
> > > > > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > > Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
> > > > > > Cc: Guomin Jiang <guomin.jiang@intel.com>
> > > > > > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > > > > > Cc: Zhihao Li <zhihao.li@intel.com>
> > > > > >
> > > > > > Signed-off-by: Zhihao Li <zhihao.li@intel.com>
> > > > > > ---
> > > > > > CryptoPkg/Driver/Crypto.c | 38 ++-
> > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c |
> 282
> > > > > > ++++++++++++++++++++
> > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c |
> 278
> > > > > > +++++++++++++++++++
> > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c |
> > 40
> > > > +++
> > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c | 166
> > > > > > ++++++++++++
> > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c | 107
> > > > > ++++++++
> > > > > > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> |
> > > 40
> > > > > +++
> > > > > > CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 34
> > > ++-
> > > > > > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c |
> > > 145
> > > > > > ++++++++++
> > > > > > CryptoPkg/CryptoPkg.ci.yaml | 4 +-
> > > > > > CryptoPkg/Include/Library/BaseCryptLib.h | 31 ++-
> > > > > > CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h | 8
> +-
> > > > > > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 +-
> > > > > > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h |
> 201
> > > > > > ++++++++++++++
> > > > > > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 3 +-
> > > > > > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 3 +-
> > > > > > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 8 +-
> > > > > > CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 3
> +-
> > > > > > CryptoPkg/Library/Include/CrtLibSupport.h | 3 +-
> > > > > > CryptoPkg/Private/Protocol/Crypto.h | 35 ++-
> > > > > > CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | 4 +
> > > > > >
> CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > |
> > > > 4
> > > > > +
> > > > > > 22 files changed, 1426 insertions(+), 14 deletions(-)
> > > > > >
> > > > > > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
> > > > > > index d5d6aa8e5820..5a9245c07cc5 100644
> > > > > > --- a/CryptoPkg/Driver/Crypto.c
> > > > > > +++ b/CryptoPkg/Driver/Crypto.c
> > > > > > @@ -3,7 +3,7 @@
> > > > > > from BaseCryptLib and TlsLib.
> > > > > >
> > > > > >
> > > > > >
> > > > > > Copyright (C) Microsoft Corporation. All rights reserved.
> > > > > >
> > > > > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > >
> > > > > >
> > > > > > **/
> > > > > >
> > > > > > @@ -4470,6 +4470,38 @@ CryptoServiceTlsGetCertRevocationList (
> > > > > > return CALL_BASECRYPTLIB (TlsGet.Services.CertRevocationList,
> > > > > > TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED);
> > > > > >
> > > > > > }
> > > > > >
> > > > > >
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > > Publication
> > > > > > 800-185,
> > > > > >
> > > > > > + published December 2016.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] Input Pointer to the input message (X).
> > > > > >
> > > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> > for
> > > > the
> > > > > > input data.
> > > > > >
> > > > > > + @param[in] BlockSize The size of each block (B).
> > > > > >
> > > > > > + @param[out] Output Pointer to the output buffer.
> > > > > >
> > > > > > + @param[in] OutputByteLen The desired number of output bytes
> (L).
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > > >
> > > > > > + @param[in] CustomByteLen The length of the customization
> string
> > in
> > > > > bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > > >
> > > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +CryptoServiceParallelHash256HashAll (
> > > > > >
> > > > > > + IN CONST VOID *Input,
> > > > > >
> > > > > > + IN UINTN InputByteLen,
> > > > > >
> > > > > > + IN UINTN BlockSize,
> > > > > >
> > > > > > + OUT VOID *Output,
> > > > > >
> > > > > > + IN UINTN OutputByteLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomByteLen
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + return CALL_BASECRYPTLIB (ParallelHash.Services.HashAll,
> > > > > > ParallelHash256HashAll, (Input, InputByteLen, BlockSize, Output,
> > > > > OutputByteLen,
> > > > > > Customization, CustomByteLen), FALSE);
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
> > > > > >
> > > > > > /// Version
> > > > > >
> > > > > > CryptoServiceGetCryptoVersion,
> > > > > >
> > > > > > @@ -4670,5 +4702,7 @@ const EDKII_CRYPTO_PROTOCOL
> > mEdkiiCrypto
> > > =
> > > > {
> > > > > > CryptoServiceTlsGetCaCertificate,
> > > > > >
> > > > > > CryptoServiceTlsGetHostPublicCert,
> > > > > >
> > > > > > CryptoServiceTlsGetHostPrivateKey,
> > > > > >
> > > > > > - CryptoServiceTlsGetCertRevocationList
> > > > > >
> > > > > > + CryptoServiceTlsGetCertRevocationList,
> > > > > >
> > > > > > + /// Parallel hash
> > > > > >
> > > > > > + CryptoServiceParallelHash256HashAll
> > > > > >
> > > > > > };
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > > > > new file mode 100644
> > > > > > index 000000000000..2a9eaf9eec40
> > > > > > --- /dev/null
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c
> > > > > > @@ -0,0 +1,282 @@
> > > > > > +/** @file
> > > > > >
> > > > > > + cSHAKE-256 Digest Wrapper Implementations.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#include "CryptParallelHash.h"
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#define CSHAKE256_SECURITY_STRENGTH 256
> > > > > >
> > > > > > +#define CSHAKE256_RATE_IN_BYTES 136
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] = { 0 };
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + CShake256 initial function.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Initializes user-supplied memory pointed by CShake256Context as
> > > cSHAKE-
> > > > > 256
> > > > > > hash context for
> > > > > >
> > > > > > + subsequent use.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[out] CShake256Context Pointer to cSHAKE-256 context
> being
> > > > > > initialized.
> > > > > >
> > > > > > + @param[in] OutputLen The desired number of output length in
> > > bytes.
> > > > > >
> > > > > > + @param[in] Name Pointer to the function name string.
> > > > > >
> > > > > > + @param[in] NameLen The length of the function name in bytes.
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string.
> > > > > >
> > > > > > + @param[in] CustomizationLen The length of the customization
> string
> > in
> > > > > > bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE cSHAKE-256 context initialization succeeded.
> > > > > >
> > > > > > + @retval FALSE cSHAKE-256 context initialization failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +CShake256Init (
> > > > > >
> > > > > > + OUT VOID *CShake256Context,
> > > > > >
> > > > > > + IN UINTN OutputLen,
> > > > > >
> > > > > > + IN CONST VOID *Name,
> > > > > >
> > > > > > + IN UINTN NameLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomizationLen
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + BOOLEAN Status;
> > > > > >
> > > > > > + UINT8 EncBuf[sizeof (UINTN) + 1];
> > > > > >
> > > > > > + UINTN EncLen;
> > > > > >
> > > > > > + UINTN AbsorbLen;
> > > > > >
> > > > > > + UINTN PadLen;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Check input parameters.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + if ((CShake256Context == NULL) || (OutputLen == 0) || ((NameLen !=
> 0)
> > > > &&
> > > > > > (Name == NULL)) || ((CustomizationLen != 0) && (Customization ==
> > NULL)))
> > > {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Initialize KECCAK context with pad value and block size.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + if ((NameLen == 0) && (CustomizationLen == 0)) {
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // When N and S are both empty strings, cSHAKE(X, L, N, S) is
> > equivalent
> > > > to
> > > > > >
> > > > > > + // SHAKE as defined in FIPS 202.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + Status = (BOOLEAN)KeccakInit (
> > > > > >
> > > > > > + (Keccak1600_Ctx *)CShake256Context,
> > > > > >
> > > > > > + '\x1f',
> > > > > >
> > > > > > + (KECCAK1600_WIDTH -
> CSHAKE256_SECURITY_STRENGTH
> > *
> > > 2)
> > > > /
> > > > > 8,
> > > > > >
> > > > > > + OutputLen
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return Status;
> > > > > >
> > > > > > + } else {
> > > > > >
> > > > > > + Status = (BOOLEAN)KeccakInit (
> > > > > >
> > > > > > + (Keccak1600_Ctx *)CShake256Context,
> > > > > >
> > > > > > + '\x04',
> > > > > >
> > > > > > + (KECCAK1600_WIDTH -
> CSHAKE256_SECURITY_STRENGTH
> > *
> > > 2)
> > > > /
> > > > > 8,
> > > > > >
> > > > > > + OutputLen
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > + if (!Status) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + AbsorbLen = 0;
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Absorb Absorb bytepad(.., rate).
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + EncLen = LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES);
> > > > > >
> > > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > *)CShake256Context,
> > > > > > EncBuf, EncLen);
> > > > > >
> > > > > > + if (!Status) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + AbsorbLen += EncLen;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Absorb encode_string(N).
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + EncLen = LeftEncode (EncBuf, NameLen * 8);
> > > > > >
> > > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > *)CShake256Context,
> > > > > > EncBuf, EncLen);
> > > > > >
> > > > > > + if (!Status) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + AbsorbLen += EncLen;
> > > > > >
> > > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > > > *)CShake256Context,
> > > > > > Name, NameLen);
> > > > > >
> > > > > > + if (!Status) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + AbsorbLen += NameLen;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Absorb encode_string(S).
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + EncLen = LeftEncode (EncBuf, CustomizationLen * 8);
> > > > > >
> > > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > *)CShake256Context,
> > > > > > EncBuf, EncLen);
> > > > > >
> > > > > > + if (!Status) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + AbsorbLen += EncLen;
> > > > > >
> > > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > > > *)CShake256Context,
> > > > > > Customization, CustomizationLen);
> > > > > >
> > > > > > + if (!Status) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + AbsorbLen += CustomizationLen;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Absorb zero padding up to rate.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + PadLen = CSHAKE256_RATE_IN_BYTES - AbsorbLen %
> > > > > > CSHAKE256_RATE_IN_BYTES;
> > > > > >
> > > > > > + Status = (BOOLEAN)Sha3Update ((Keccak1600_Ctx
> > *)CShake256Context,
> > > > > > mZeroPadding, PadLen);
> > > > > >
> > > > > > + if (!Status) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return TRUE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Digests the input data and updates cSHAKE-256 context.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + This function performs cSHAKE-256 digest on a data buffer of the
> > > specified
> > > > > > size.
> > > > > >
> > > > > > + It can be called multiple times to compute the digest of long or
> > > > > discontinuous
> > > > > > data streams.
> > > > > >
> > > > > > + cSHAKE-256 context should be already correctly initialized by
> > > > > CShake256Init(),
> > > > > > and should not be finalized
> > > > > >
> > > > > > + by CShake256Final(). Behavior with invalid context is undefined.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in, out] CShake256Context Pointer to the cSHAKE-256
> > > context.
> > > > > >
> > > > > > + @param[in] Data Pointer to the buffer containing the
> data
> > to
> > > > be
> > > > > > hashed.
> > > > > >
> > > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE cSHAKE-256 data digest succeeded.
> > > > > >
> > > > > > + @retval FALSE cSHAKE-256 data digest failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +CShake256Update (
> > > > > >
> > > > > > + IN OUT VOID *CShake256Context,
> > > > > >
> > > > > > + IN CONST VOID *Data,
> > > > > >
> > > > > > + IN UINTN DataSize
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Check input parameters.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + if (CShake256Context == NULL) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Check invalid parameters, in case that only DataLength was
> checked
> > in
> > > > > > OpenSSL.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + if ((Data == NULL) && (DataSize != 0)) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx
> *)CShake256Context,
> > > > > Data,
> > > > > > DataSize));
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Completes computation of the cSHAKE-256 digest value.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + This function completes cSHAKE-256 hash computation and retrieves
> > the
> > > > > > digest value into
> > > > > >
> > > > > > + the specified memory. After this function has been called, the
> cSHAKE-
> > > 256
> > > > > > context cannot
> > > > > >
> > > > > > + be used again.
> > > > > >
> > > > > > + cSHAKE-256 context should be already correctly initialized by
> > > > > CShake256Init(),
> > > > > > and should not be
> > > > > >
> > > > > > + finalized by CShake256Final(). Behavior with invalid cSHAKE-256
> > context
> > > is
> > > > > > undefined.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in, out] CShake256Context Pointer to the cSHAKE-256
> > context.
> > > > > >
> > > > > > + @param[out] HashValue Pointer to a buffer that receives the
> > > > > cSHAKE-
> > > > > > 256 digest
> > > > > >
> > > > > > + value.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE cSHAKE-256 digest computation succeeded.
> > > > > >
> > > > > > + @retval FALSE cSHAKE-256 digest computation failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +CShake256Final (
> > > > > >
> > > > > > + IN OUT VOID *CShake256Context,
> > > > > >
> > > > > > + OUT UINT8 *HashValue
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Check input parameters.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + if ((CShake256Context == NULL) || (HashValue == NULL)) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // cSHAKE-256 Hash Finalization.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context,
> > > > > > HashValue));
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Computes the CSHAKE-256 message digest of a input data buffer.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + This function performs the CSHAKE-256 message digest of a given
> data
> > > > > buffer,
> > > > > > and places
> > > > > >
> > > > > > + the digest value into the specified memory.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] Data Pointer to the buffer containing the data
> to
> > > be
> > > > > > hashed.
> > > > > >
> > > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > > >
> > > > > > + @param[in] OutputLen Size of output in bytes.
> > > > > >
> > > > > > + @param[in] Name Pointer to the function name string.
> > > > > >
> > > > > > + @param[in] NameLen Size of the function name in bytes.
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string.
> > > > > >
> > > > > > + @param[in] CustomizationLen Size of the customization string in
> > bytes.
> > > > > >
> > > > > > + @param[out] HashValue Pointer to a buffer that receives the
> > > > CSHAKE-
> > > > > > 256 digest
> > > > > >
> > > > > > + value.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE CSHAKE-256 digest computation succeeded.
> > > > > >
> > > > > > + @retval FALSE CSHAKE-256 digest computation failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +CShake256HashAll (
> > > > > >
> > > > > > + IN CONST VOID *Data,
> > > > > >
> > > > > > + IN UINTN DataSize,
> > > > > >
> > > > > > + IN UINTN OutputLen,
> > > > > >
> > > > > > + IN CONST VOID *Name,
> > > > > >
> > > > > > + IN UINTN NameLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomizationLen,
> > > > > >
> > > > > > + OUT UINT8 *HashValue
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + BOOLEAN Status;
> > > > > >
> > > > > > + Keccak1600_Ctx Ctx;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Check input parameters.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + if (HashValue == NULL) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if ((Data == NULL) && (DataSize != 0)) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Status = CShake256Init (&Ctx, OutputLen, Name, NameLen,
> > > Customization,
> > > > > > CustomizationLen);
> > > > > >
> > > > > > + if (!Status) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Status = CShake256Update (&Ctx, Data, DataSize);
> > > > > >
> > > > > > + if (!Status) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return CShake256Final (&Ctx, HashValue);
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > > > > new file mode 100644
> > > > > > index 000000000000..f7ce9dbf523e
> > > > > > --- /dev/null
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c
> > > > > > @@ -0,0 +1,278 @@
> > > > > > +/** @file
> > > > > >
> > > > > > + ParallelHash Implementation.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#include "CryptParallelHash.h"
> > > > > >
> > > > > > +#include <Library/MmServicesTableLib.h>
> > > > > >
> > > > > > +#include <Library/SynchronizationLib.h>
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#define PARALLELHASH_CUSTOMIZATION "ParallelHash"
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +UINTN mBlockNum;
> > > > > >
> > > > > > +UINTN mBlockSize;
> > > > > >
> > > > > > +UINTN mLastBlockSize;
> > > > > >
> > > > > > +UINT8 *mInput;
> > > > > >
> > > > > > +UINTN mBlockResultSize;
> > > > > >
> > > > > > +UINT8 *mBlockHashResult;
> > > > > >
> > > > > > +BOOLEAN *mBlockIsCompleted;
> > > > > >
> > > > > > +SPIN_LOCK *mSpinLockList;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Complete computation of digest of each block.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Each AP perform the function called by BSP.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] ProcedureArgument Argument of the procedure.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +VOID
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +ParallelHashApExecute (
> > > > > >
> > > > > > + IN VOID *ProcedureArgument
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + UINTN Index;
> > > > > >
> > > > > > + BOOLEAN Status;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + for (Index = 0; Index < mBlockNum; Index++) {
> > > > > >
> > > > > > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Completed, try next one.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + if (mBlockIsCompleted[Index]) {
> > > > > >
> > > > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > > > >
> > > > > > + continue;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Calculate CShake256 for this block.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + Status = CShake256HashAll (
> > > > > >
> > > > > > + mInput + Index * mBlockSize,
> > > > > >
> > > > > > + (Index == (mBlockNum - 1)) ? mLastBlockSize : mBlockSize,
> > > > > >
> > > > > > + mBlockResultSize,
> > > > > >
> > > > > > + NULL,
> > > > > >
> > > > > > + 0,
> > > > > >
> > > > > > + NULL,
> > > > > >
> > > > > > + 0,
> > > > > >
> > > > > > + mBlockHashResult + Index * mBlockResultSize
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > + if (!EFI_ERROR (Status)) {
> > > > > >
> > > > > > + mBlockIsCompleted[Index] = TRUE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Dispatch the block task to each AP in SMM mode.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +VOID
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +MmDispatchBlockToAP (
> > > > > >
> > > > > > + VOID
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + UINTN Index;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + for (Index = 0; Index < gMmst->NumberOfCpus; Index++) {
> > > > > >
> > > > > > + if (Index != gMmst->CurrentlyExecutingCpu) {
> > > > > >
> > > > > > + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL);
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > > Publication
> > > > > > 800-185,
> > > > > >
> > > > > > + published December 2016.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] Input Pointer to the input message (X).
> > > > > >
> > > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> > for
> > > > the
> > > > > > input data.
> > > > > >
> > > > > > + @param[in] BlockSize The size of each block (B).
> > > > > >
> > > > > > + @param[out] Output Pointer to the output buffer.
> > > > > >
> > > > > > + @param[in] OutputByteLen The desired number of output bytes
> (L).
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > > >
> > > > > > + @param[in] CustomByteLen The length of the customization
> string
> > in
> > > > > bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > > >
> > > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +ParallelHash256HashAll (
> > > > > >
> > > > > > + IN CONST VOID *Input,
> > > > > >
> > > > > > + IN UINTN InputByteLen,
> > > > > >
> > > > > > + IN UINTN BlockSize,
> > > > > >
> > > > > > + OUT VOID *Output,
> > > > > >
> > > > > > + IN UINTN OutputByteLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomByteLen
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + UINT8 EncBufB[sizeof (UINTN)+1];
> > > > > >
> > > > > > + UINTN EncSizeB;
> > > > > >
> > > > > > + UINT8 EncBufN[sizeof (UINTN)+1];
> > > > > >
> > > > > > + UINTN EncSizeN;
> > > > > >
> > > > > > + UINT8 EncBufL[sizeof (UINTN)+1];
> > > > > >
> > > > > > + UINTN EncSizeL;
> > > > > >
> > > > > > + UINTN Index;
> > > > > >
> > > > > > + UINT8 *CombinedInput;
> > > > > >
> > > > > > + UINTN CombinedInputSize;
> > > > > >
> > > > > > + BOOLEAN AllCompleted;
> > > > > >
> > > > > > + UINTN Offset;
> > > > > >
> > > > > > + BOOLEAN ReturnValue;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if ((InputByteLen == 0) || (OutputByteLen == 0) || (BlockSize == 0)) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if ((Input == NULL) || (Output == NULL)) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if ((CustomByteLen != 0) && (Customization == NULL)) {
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + mBlockSize = BlockSize;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Calculate block number n.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + mBlockNum = InputByteLen % mBlockSize == 0 ? InputByteLen /
> > > > mBlockSize :
> > > > > > InputByteLen / mBlockSize + 1;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Set hash result size of each block in bytes.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + mBlockResultSize = OutputByteLen;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Encode B, n, L to string and record size.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + EncSizeB = LeftEncode (EncBufB, mBlockSize);
> > > > > >
> > > > > > + EncSizeN = RightEncode (EncBufN, mBlockNum);
> > > > > >
> > > > > > + EncSizeL = RightEncode (EncBufL, OutputByteLen * CHAR_BIT);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Allocate buffer for combined input (newX), Block completed flag
> and
> > > > > > SpinLock.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + CombinedInputSize = EncSizeB + EncSizeN + EncSizeL + mBlockNum *
> > > > > > mBlockResultSize;
> > > > > >
> > > > > > + CombinedInput = AllocateZeroPool (CombinedInputSize);
> > > > > >
> > > > > > + mBlockIsCompleted = AllocateZeroPool (mBlockNum * sizeof
> > > (BOOLEAN));
> > > > > >
> > > > > > + mSpinLockList = AllocatePool (mBlockNum * sizeof (SPIN_LOCK));
> > > > > >
> > > > > > + if ((CombinedInput == NULL) || (mBlockIsCompleted == NULL) ||
> > > > > > (mSpinLockList == NULL)) {
> > > > > >
> > > > > > + ReturnValue = FALSE;
> > > > > >
> > > > > > + goto Exit;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Fill LeftEncode(B).
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + CopyMem (CombinedInput, EncBufB, EncSizeB);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Prepare for parallel hash.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + mBlockHashResult = CombinedInput + EncSizeB;
> > > > > >
> > > > > > + mInput = (UINT8 *)Input;
> > > > > >
> > > > > > + mLastBlockSize = InputByteLen % mBlockSize == 0 ? mBlockSize :
> > > > > > InputByteLen % mBlockSize;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Initialize SpinLock for each result block.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + for (Index = 0; Index < mBlockNum; Index++) {
> > > > > >
> > > > > > + InitializeSpinLock (&mSpinLockList[Index]);
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Dispatch blocklist to each AP.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + if (gMmst != NULL) {
> > > > > >
> > > > > > + MmDispatchBlockToAP ();
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Wait until all block hash completed.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + do {
> > > > > >
> > > > > > + AllCompleted = TRUE;
> > > > > >
> > > > > > + for (Index = 0; Index < mBlockNum; Index++) {
> > > > > >
> > > > > > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) {
> > > > > >
> > > > > > + if (!mBlockIsCompleted[Index]) {
> > > > > >
> > > > > > + AllCompleted = FALSE;
> > > > > >
> > > > > > + ReturnValue = CShake256HashAll (
> > > > > >
> > > > > > + mInput + Index * mBlockSize,
> > > > > >
> > > > > > + (Index == (mBlockNum - 1)) ? mLastBlockSize :
> > mBlockSize,
> > > > > >
> > > > > > + mBlockResultSize,
> > > > > >
> > > > > > + NULL,
> > > > > >
> > > > > > + 0,
> > > > > >
> > > > > > + NULL,
> > > > > >
> > > > > > + 0,
> > > > > >
> > > > > > + mBlockHashResult + Index * mBlockResultSize
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > + if (ReturnValue) {
> > > > > >
> > > > > > + mBlockIsCompleted[Index] = TRUE;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > > > >
> > > > > > + break;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + ReleaseSpinLock (&mSpinLockList[Index]);
> > > > > >
> > > > > > + } else {
> > > > > >
> > > > > > + AllCompleted = FALSE;
> > > > > >
> > > > > > + break;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > + } while (!AllCompleted);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Fill LeftEncode(n).
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + Offset = EncSizeB + mBlockNum * mBlockResultSize;
> > > > > >
> > > > > > + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Fill LeftEncode(L).
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + Offset += EncSizeN;
> > > > > >
> > > > > > + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + ReturnValue = CShake256HashAll (
> > > > > >
> > > > > > + CombinedInput,
> > > > > >
> > > > > > + CombinedInputSize,
> > > > > >
> > > > > > + OutputByteLen,
> > > > > >
> > > > > > + PARALLELHASH_CUSTOMIZATION,
> > > > > >
> > > > > > + AsciiStrLen (PARALLELHASH_CUSTOMIZATION),
> > > > > >
> > > > > > + Customization,
> > > > > >
> > > > > > + CustomByteLen,
> > > > > >
> > > > > > + Output
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Exit:
> > > > > >
> > > > > > + ZeroMem (CombinedInput, CombinedInputSize);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (CombinedInput != NULL) {
> > > > > >
> > > > > > + FreePool (CombinedInput);
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (mSpinLockList != NULL) {
> > > > > >
> > > > > > + FreePool ((VOID *)mSpinLockList);
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (mBlockIsCompleted != NULL) {
> > > > > >
> > > > > > + FreePool (mBlockIsCompleted);
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return ReturnValue;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > diff --git
> a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > > > > new file mode 100644
> > > > > > index 000000000000..2bf89594def5
> > > > > > --- /dev/null
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHashNull.c
> > > > > > @@ -0,0 +1,40 @@
> > > > > > +/** @file
> > > > > >
> > > > > > + ParallelHash Implementation which does not provide real capabilities.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#include "InternalCryptLib.h"
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > > Publication
> > > > > > 800-185,
> > > > > >
> > > > > > + published December 2016.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] Input Pointer to the input message (X).
> > > > > >
> > > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> > for
> > > > the
> > > > > > input data.
> > > > > >
> > > > > > + @param[in] BlockSize The size of each block (B).
> > > > > >
> > > > > > + @param[out] Output Pointer to the output buffer.
> > > > > >
> > > > > > + @param[in] OutputByteLen The desired number of output bytes
> (L).
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > > >
> > > > > > + @param[in] CustomByteLen The length of the customization
> string
> > in
> > > > > bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +ParallelHash256HashAll (
> > > > > >
> > > > > > + IN CONST VOID *Input,
> > > > > >
> > > > > > + IN UINTN InputByteLen,
> > > > > >
> > > > > > + IN UINTN BlockSize,
> > > > > >
> > > > > > + OUT VOID *Output,
> > > > > >
> > > > > > + IN UINTN OutputByteLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomByteLen
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + ASSERT (FALSE);
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > > > > new file mode 100644
> > > > > > index 000000000000..6abafc3c00e6
> > > > > > --- /dev/null
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c
> > > > > > @@ -0,0 +1,166 @@
> > > > > > +/** @file
> > > > > >
> > > > > > + SHA3 realted functions from OpenSSL.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> > > > > >
> > > > > > +Licensed under the OpenSSL license (the "License"). You may not use
> > > > > >
> > > > > > +this file except in compliance with the License. You can obtain a copy
> > > > > >
> > > > > > +in the file LICENSE in the source distribution or at
> > > > > >
> > > > > > +https://www.openssl.org/source/license.html
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#include "CryptParallelHash.h"
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Keccak initial fuction.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Set up state with specified capacity.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[out] Context Pointer to the context being initialized.
> > > > > >
> > > > > > + @param[in] Pad Delimited Suffix.
> > > > > >
> > > > > > + @param[in] BlockSize Size of context block.
> > > > > >
> > > > > > + @param[in] MessageDigestLen Size of message digest in bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval 1 Initialize successfully.
> > > > > >
> > > > > > + @retval 0 Fail to initialize.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINT8
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +KeccakInit (
> > > > > >
> > > > > > + OUT Keccak1600_Ctx *Context,
> > > > > >
> > > > > > + IN UINT8 Pad,
> > > > > >
> > > > > > + IN UINTN BlockSize,
> > > > > >
> > > > > > + IN UINTN MessageDigestLen
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + if (BlockSize <= sizeof (Context->buf)) {
> > > > > >
> > > > > > + memset (Context->A, 0, sizeof (Context->A));
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Context->num = 0;
> > > > > >
> > > > > > + Context->block_size = BlockSize;
> > > > > >
> > > > > > + Context->md_size = MessageDigestLen;
> > > > > >
> > > > > > + Context->pad = Pad;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return 1;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return 0;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Sha3 update fuction.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + This function performs Sha3 digest on a data buffer of the specified
> > size.
> > > > > >
> > > > > > + It can be called multiple times to compute the digest of long or
> > > > > discontinuous
> > > > > > data streams.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in,out] Context Pointer to the Keccak context.
> > > > > >
> > > > > > + @param[in] Data Pointer to the buffer containing the data to be
> > > > > hashed.
> > > > > >
> > > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval 1 Update successfully.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINT8
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +Sha3Update (
> > > > > >
> > > > > > + IN OUT Keccak1600_Ctx *Context,
> > > > > >
> > > > > > + IN const VOID *Data,
> > > > > >
> > > > > > + IN UINTN DataSize
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + const UINT8 *DataCopy;
> > > > > >
> > > > > > + UINTN BlockSize;
> > > > > >
> > > > > > + UINTN Num;
> > > > > >
> > > > > > + UINTN Rem;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + DataCopy = Data;
> > > > > >
> > > > > > + BlockSize = (UINT8)(Context->block_size);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (DataSize == 0) {
> > > > > >
> > > > > > + return 1;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if ((Num = Context->num) != 0) {
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // process intermediate buffer
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + Rem = BlockSize - Num;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (DataSize < Rem) {
> > > > > >
> > > > > > + memcpy (Context->buf + Num, DataCopy, DataSize);
> > > > > >
> > > > > > + Context->num += DataSize;
> > > > > >
> > > > > > + return 1;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // We have enough data to fill or overflow the intermediate
> > > > > >
> > > > > > + // buffer. So we append |Rem| bytes and process the block,
> > > > > >
> > > > > > + // leaving the rest for later processing.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + memcpy (Context->buf + Num, DataCopy, Rem);
> > > > > >
> > > > > > + DataCopy += Rem;
> > > > > >
> > > > > > + DataSize -= Rem;
> > > > > >
> > > > > > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> > > > > >
> > > > > > + Context->num = 0;
> > > > > >
> > > > > > + // Context->buf is processed, Context->num is guaranteed to be
> zero.
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (DataSize >= BlockSize) {
> > > > > >
> > > > > > + Rem = SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize);
> > > > > >
> > > > > > + } else {
> > > > > >
> > > > > > + Rem = DataSize;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (Rem > 0) {
> > > > > >
> > > > > > + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem);
> > > > > >
> > > > > > + Context->num = Rem;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return 1;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Completes computation of Sha3 message digest.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + This function completes sha3 hash computation and retrieves the
> > digest
> > > > > value
> > > > > > into
> > > > > >
> > > > > > + the specified memory. After this function has been called, the keccak
> > > > > context
> > > > > > cannot
> > > > > >
> > > > > > + be used again.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in, out] Context Pointer to the keccak context.
> > > > > >
> > > > > > + @param[out] MessageDigest Pointer to a buffer that receives the
> > > > > > message digest.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval 1 Meaasge digest computation succeeded.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINT8
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +Sha3Final (
> > > > > >
> > > > > > + IN OUT Keccak1600_Ctx *Context,
> > > > > >
> > > > > > + OUT UINT8 *MessageDigest
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + UINTN BlockSize;
> > > > > >
> > > > > > + UINTN Num;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + BlockSize = Context->block_size;
> > > > > >
> > > > > > + Num = Context->num;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (Context->md_size == 0) {
> > > > > >
> > > > > > + return 1;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1|
> > > > > >
> > > > > > + // in which case both byte operations below are performed on
> > > > > >
> > > > > > + // same byte.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + memset (Context->buf + Num, 0, BlockSize - Num);
> > > > > >
> > > > > > + Context->buf[Num] = Context->pad;
> > > > > >
> > > > > > + Context->buf[BlockSize - 1] |= 0x80;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + SHA3_squeeze (Context->A, MessageDigest, Context->md_size,
> > > BlockSize);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return 1;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > > > > new file mode 100644
> > > > > > index 000000000000..12c46cfbcd59
> > > > > > --- /dev/null
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c
> > > > > > @@ -0,0 +1,107 @@
> > > > > > +/** @file
> > > > > >
> > > > > > + Encode realted functions from Xkcp.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> > > > > >
> > > > > > +https://github.com/XKCP/XKCP
> > > > > >
> > > > > > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters
> and
> > > > Gilles
> > > > > > Van Assche.
> > > > > >
> > > > > > +Implementation by the designers, hereby denoted as "the
> implementer".
> > > > > >
> > > > > > +For more information, feedback or questions, please refer to the
> Keccak
> > > > > Team
> > > > > > website:
> > > > > >
> > > > > > +https://keccak.team/
> > > > > >
> > > > > > +To the extent possible under law, the implementer has waived all
> > > copyright
> > > > > >
> > > > > > +and related or neighboring rights to the source code in this file.
> > > > > >
> > > > > > +http://creativecommons.org/publicdomain/zero/1.0/
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#include "CryptParallelHash.h"
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Encode function from XKCP.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Encodes the input as a byte string in a way that can be
> unambiguously
> > > > > parsed
> > > > > >
> > > > > > + from the beginning of the string by inserting the length of the byte
> > string
> > > > > >
> > > > > > + before the byte string representation of input.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[out] EncBuf Result of left encode.
> > > > > >
> > > > > > + @param[in] Value Input of left encode.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval EncLen Size of encode result in bytes.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINTN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +LeftEncode (
> > > > > >
> > > > > > + OUT UINT8 *EncBuf,
> > > > > >
> > > > > > + IN UINTN Value
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + UINT32 BlockNum;
> > > > > >
> > > > > > + UINT32 EncLen;
> > > > > >
> > > > > > + UINT32 Index;
> > > > > >
> > > > > > + UINTN ValueCopy;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + for ( ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum <
> > > sizeof
> > > > > > (UINTN)); ++BlockNum, ValueCopy >>= 8 ) {
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Empty
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (BlockNum == 0) {
> > > > > >
> > > > > > + BlockNum = 1;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + for (Index = 1; Index <= BlockNum; ++Index) {
> > > > > >
> > > > > > + EncBuf[Index] = (UINT8)(Value >> (8 * (BlockNum - Index)));
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + EncBuf[0] = (UINT8)BlockNum;
> > > > > >
> > > > > > + EncLen = BlockNum + 1;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return EncLen;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Encode function from XKCP.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Encodes the input as a byte string in a way that can be
> unambiguously
> > > > > parsed
> > > > > >
> > > > > > + from the end of the string by inserting the length of the byte string
> > after
> > > > > >
> > > > > > + the byte string representation of input.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[out] EncBuf Result of right encode.
> > > > > >
> > > > > > + @param[in] Value Input of right encode.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval EncLen Size of encode result in bytes.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINTN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +RightEncode (
> > > > > >
> > > > > > + OUT UINT8 *EncBuf,
> > > > > >
> > > > > > + IN UINTN Value
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + UINT32 BlockNum;
> > > > > >
> > > > > > + UINT32 EncLen;
> > > > > >
> > > > > > + UINT32 Index;
> > > > > >
> > > > > > + UINTN ValueCopy;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + for (ValueCopy = Value, BlockNum = 0; ValueCopy && (BlockNum <
> > > sizeof
> > > > > > (UINTN)); ++BlockNum, ValueCopy >>= 8) {
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Empty
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + if (BlockNum == 0) {
> > > > > >
> > > > > > + BlockNum = 1;
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + for (Index = 1; Index <= BlockNum; ++Index) {
> > > > > >
> > > > > > + EncBuf[Index-1] = (UINT8)(Value >> (8 * (BlockNum-Index)));
> > > > > >
> > > > > > + }
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + EncBuf[BlockNum] = (UINT8)BlockNum;
> > > > > >
> > > > > > + EncLen = BlockNum + 1;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return EncLen;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > diff --git
> > > > a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > > > > b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > > > > new file mode 100644
> > > > > > index 000000000000..2bf89594def5
> > > > > > --- /dev/null
> > > > > > +++
> b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptParallelHashNull.c
> > > > > > @@ -0,0 +1,40 @@
> > > > > > +/** @file
> > > > > >
> > > > > > + ParallelHash Implementation which does not provide real capabilities.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#include "InternalCryptLib.h"
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > > Publication
> > > > > > 800-185,
> > > > > >
> > > > > > + published December 2016.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] Input Pointer to the input message (X).
> > > > > >
> > > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> > for
> > > > the
> > > > > > input data.
> > > > > >
> > > > > > + @param[in] BlockSize The size of each block (B).
> > > > > >
> > > > > > + @param[out] Output Pointer to the output buffer.
> > > > > >
> > > > > > + @param[in] OutputByteLen The desired number of output bytes
> (L).
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > > >
> > > > > > + @param[in] CustomByteLen The length of the customization
> string
> > in
> > > > > bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +ParallelHash256HashAll (
> > > > > >
> > > > > > + IN CONST VOID *Input,
> > > > > >
> > > > > > + IN UINTN InputByteLen,
> > > > > >
> > > > > > + IN UINTN BlockSize,
> > > > > >
> > > > > > + OUT VOID *Output,
> > > > > >
> > > > > > + IN UINTN OutputByteLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomByteLen
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + ASSERT (FALSE);
> > > > > >
> > > > > > + return FALSE;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > > > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > > > index c8df259ea963..8ee1b53cf957 100644
> > > > > > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > > > > > @@ -3,7 +3,7 @@
> > > > > > Protocol/PPI.
> > > > > >
> > > > > >
> > > > > >
> > > > > > Copyright (C) Microsoft Corporation. All rights reserved.
> > > > > >
> > > > > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > >
> > > > > >
> > > > > > **/
> > > > > >
> > > > > > @@ -870,6 +870,38 @@ Sha512HashAll (
> > > > > > CALL_CRYPTO_SERVICE (Sha512HashAll, (Data, DataSize, HashValue),
> > > > FALSE);
> > > > > >
> > > > > > }
> > > > > >
> > > > > >
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > > Publication
> > > > > > 800-185,
> > > > > >
> > > > > > + published December 2016.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] Input Pointer to the input message (X).
> > > > > >
> > > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> > for
> > > > the
> > > > > > input data.
> > > > > >
> > > > > > + @param[in] BlockSize The size of each block (B).
> > > > > >
> > > > > > + @param[out] Output Pointer to the output buffer.
> > > > > >
> > > > > > + @param[in] OutputByteLen The desired number of output bytes
> (L).
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > > >
> > > > > > + @param[in] CustomByteLen The length of the customization
> string
> > in
> > > > > bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > > >
> > > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +ParallelHash256HashAll (
> > > > > >
> > > > > > + IN CONST VOID *Input,
> > > > > >
> > > > > > + IN UINTN InputByteLen,
> > > > > >
> > > > > > + IN UINTN BlockSize,
> > > > > >
> > > > > > + OUT VOID *Output,
> > > > > >
> > > > > > + IN UINTN OutputByteLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomByteLen
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + CALL_CRYPTO_SERVICE (ParallelHash256HashAll, (Input,
> InputByteLen,
> > > > > > BlockSize, Output, OutputByteLen, Customization, CustomByteLen),
> > FALSE);
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > /**
> > > > > >
> > > > > > Retrieves the size, in bytes, of the context buffer required for SM3
> hash
> > > > > > operations.
> > > > > >
> > > > > >
> > > > > >
> > > > > > diff --git
> > > > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > > > > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > > > > new file mode 100644
> > > > > > index 000000000000..fb57e91a9f16
> > > > > > --- /dev/null
> > > > > > +++
> b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c
> > > > > > @@ -0,0 +1,145 @@
> > > > > > +/** @file
> > > > > >
> > > > > > + Application for Parallelhash Function Validation.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#include "TestBaseCryptLib.h"
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +// Parallelhash Test Sample common parameters.
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN OutputByteLen
> =
> > > 64;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +// Parallelhash Test Sample #1 from NIST Special Publication 800-185.
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample1[]
> =
> > {
> > > > > >
> > > > > > + // input data of sample1.
> > > > > >
> > > > > > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x10, 0x11, 0x12,
> 0x13,
> > > > > 0x14,
> > > > > > 0x15, 0x16, 0x17,
> > > > > >
> > > > > > + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27
> > > > > >
> > > > > > +};
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> > InputSample1ByteLen
> > > =
> > > > > 24;
> > > > > > // Length of sample1 input data in bytes.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > > > > *CustomizationSample1
> > > > > > = ""; // Customization string (S) of sample1.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> > > CustomSample1ByteLen
> > > > =
> > > > > 0;
> > > > > > // Customization string length of sample1 in bytes.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample1
> > =
> > > 8;
> > > > > > // Block size of sample1.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > > > > ExpectOutputSample1[]
> > > > > > = {
> > > > > >
> > > > > > + // Expected output data of sample1.
> > > > > >
> > > > > > + 0xbc, 0x1e, 0xf1, 0x24, 0xda, 0x34, 0x49, 0x5e, 0x94, 0x8e, 0xad,
> 0x20,
> > > > > 0x7d,
> > > > > > 0xd9, 0x84, 0x22,
> > > > > >
> > > > > > + 0x35, 0xda, 0x43, 0x2d, 0x2b, 0xbc, 0x54, 0xb4, 0xc1, 0x10, 0xe6,
> 0x4c,
> > > > > 0x45,
> > > > > > 0x11, 0x05, 0x53,
> > > > > >
> > > > > > + 0x1b, 0x7f, 0x2a, 0x3e, 0x0c, 0xe0, 0x55, 0xc0, 0x28, 0x05, 0xe7,
> 0xc2,
> > > > 0xde,
> > > > > > 0x1f, 0xb7, 0x46,
> > > > > >
> > > > > > + 0xaf, 0x97, 0xa1, 0xd0, 0x01, 0xf4, 0x3b, 0x82, 0x4e, 0x31, 0xb8,
> 0x76,
> > > > 0x12,
> > > > > > 0x41, 0x04, 0x29
> > > > > >
> > > > > > +};
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +// Parallelhash Test Sample #2 from NIST Special Publication 800-185.
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 *InputSample2
> > > =
> > > > > > InputSample1; // Input of sample2 is same as sample1.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> > InputSample2ByteLen
> > > =
> > > > > 24;
> > > > > > // Length of sample2 input data in bytes.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > > > > *CustomizationSample2
> > > > > > = "Parallel Data"; // Customization string (S) of sample2.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> > > CustomSample2ByteLen
> > > > =
> > > > > > 13; // Customization string length of sample2 in bytes.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample2
> > =
> > > 8;
> > > > > > // Block size of sample2.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > > > > ExpectOutputSample2[]
> > > > > > = {
> > > > > >
> > > > > > + // Expected output data of sample2.
> > > > > >
> > > > > > + 0xcd, 0xf1, 0x52, 0x89, 0xb5, 0x4f, 0x62, 0x12, 0xb4, 0xbc, 0x27,
> 0x05,
> > > > 0x28,
> > > > > > 0xb4, 0x95, 0x26,
> > > > > >
> > > > > > + 0x00, 0x6d, 0xd9, 0xb5, 0x4e, 0x2b, 0x6a, 0xdd, 0x1e, 0xf6, 0x90,
> 0x0d,
> > > > > 0xda,
> > > > > > 0x39, 0x63, 0xbb,
> > > > > >
> > > > > > + 0x33, 0xa7, 0x24, 0x91, 0xf2, 0x36, 0x96, 0x9c, 0xa8, 0xaf, 0xae,
> 0xa2,
> > > > 0x9c,
> > > > > > 0x68, 0x2d, 0x47,
> > > > > >
> > > > > > + 0xa3, 0x93, 0xc0, 0x65, 0xb3, 0x8e, 0x29, 0xfa, 0xe6, 0x51, 0xa2,
> 0x09,
> > > > 0x1c,
> > > > > > 0x83, 0x31, 0x10
> > > > > >
> > > > > > +};
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +// Parallelhash Test Sample #3 from NIST Special Publication 800-185.
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample3[]
> =
> > {
> > > > > >
> > > > > > + // input data of sample3.
> > > > > >
> > > > > > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a,
> 0x0b,
> > > > > 0x10,
> > > > > > 0x11, 0x12, 0x13,
> > > > > >
> > > > > > + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x20, 0x21, 0x22,
> 0x23,
> > > > > 0x24,
> > > > > > 0x25, 0x26, 0x27,
> > > > > >
> > > > > > + 0x28, 0x29, 0x2a, 0x2b, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36,
> 0x37,
> > > > > 0x38,
> > > > > > 0x39, 0x3a, 0x3b,
> > > > > >
> > > > > > + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a,
> 0x4b,
> > > > > 0x50,
> > > > > > 0x51, 0x52, 0x53,
> > > > > >
> > > > > > + 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b
> > > > > >
> > > > > > +};
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> > InputSample3ByteLen
> > > =
> > > > > 72;
> > > > > > // Length of sample3 input data in bytes.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID
> > > > > *CustomizationSample3
> > > > > > = "Parallel Data"; // Customization string (S) of sample3.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN
> > > CustomSample3ByteLen
> > > > =
> > > > > > 13; // Customization string length of sample3 in bytes.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample3
> > =
> > > > 12;
> > > > > > // Block size of sample3.
> > > > > >
> > > > > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8
> > > > > ExpectOutputSample3[]
> > > > > > = {
> > > > > >
> > > > > > + // Expected output data of sample3.
> > > > > >
> > > > > > + 0x69, 0xd0, 0xfc, 0xb7, 0x64, 0xea, 0x05, 0x5d, 0xd0, 0x93, 0x34,
> 0xbc,
> > > > 0x60,
> > > > > > 0x21, 0xcb, 0x7e,
> > > > > >
> > > > > > + 0x4b, 0x61, 0x34, 0x8d, 0xff, 0x37, 0x5d, 0xa2, 0x62, 0x67, 0x1c,
> 0xde,
> > > > 0xc3,
> > > > > > 0xef, 0xfa, 0x8d,
> > > > > >
> > > > > > + 0x1b, 0x45, 0x68, 0xa6, 0xcc, 0xe1, 0x6b, 0x1c, 0xad, 0x94, 0x6d,
> 0xdd,
> > > > > 0xe2,
> > > > > > 0x7f, 0x6c, 0xe2,
> > > > > >
> > > > > > + 0xb8, 0xde, 0xe4, 0xcd, 0x1b, 0x24, 0x85, 0x1e, 0xbf, 0x00, 0xeb,
> 0x90,
> > > > > 0xd4,
> > > > > > 0x38, 0x13, 0xe9
> > > > > >
> > > > > > +};
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +UNIT_TEST_STATUS
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +TestVerifyParallelHash256HashAll (
> > > > > >
> > > > > > + IN UNIT_TEST_CONTEXT Context
> > > > > >
> > > > > > + )
> > > > > >
> > > > > > +{
> > > > > >
> > > > > > + BOOLEAN Status;
> > > > > >
> > > > > > + UINT8 Output[64];
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Test #1 using sample1.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + Status = ParallelHash256HashAll (
> > > > > >
> > > > > > + InputSample1,
> > > > > >
> > > > > > + InputSample1ByteLen,
> > > > > >
> > > > > > + BlockSizeSample1,
> > > > > >
> > > > > > + Output,
> > > > > >
> > > > > > + OutputByteLen,
> > > > > >
> > > > > > + CustomizationSample1,
> > > > > >
> > > > > > + CustomSample1ByteLen
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > + UT_ASSERT_TRUE (Status);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + // Check the output with the expected output.
> > > > > >
> > > > > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample1,
> > > > OutputByteLen);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Test #2 using sample2.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + Status = ParallelHash256HashAll (
> > > > > >
> > > > > > + InputSample2,
> > > > > >
> > > > > > + InputSample2ByteLen,
> > > > > >
> > > > > > + BlockSizeSample2,
> > > > > >
> > > > > > + Output,
> > > > > >
> > > > > > + OutputByteLen,
> > > > > >
> > > > > > + CustomizationSample2,
> > > > > >
> > > > > > + CustomSample2ByteLen
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > + UT_ASSERT_TRUE (Status);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + // Check the output with the expected output.
> > > > > >
> > > > > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample2,
> > > > OutputByteLen);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // Test #3 using sample3.
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + Status = ParallelHash256HashAll (
> > > > > >
> > > > > > + InputSample3,
> > > > > >
> > > > > > + InputSample3ByteLen,
> > > > > >
> > > > > > + BlockSizeSample3,
> > > > > >
> > > > > > + Output,
> > > > > >
> > > > > > + OutputByteLen,
> > > > > >
> > > > > > + CustomizationSample3,
> > > > > >
> > > > > > + CustomSample3ByteLen
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > + UT_ASSERT_TRUE (Status);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + // Check the output with the expected output.
> > > > > >
> > > > > > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample3,
> > > > OutputByteLen);
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + return EFI_SUCCESS;
> > > > > >
> > > > > > +}
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +TEST_DESC mParallelhashTest[] = {
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + // -----Description------------------------------Class----------------------
> > > > Function--
> > > > > --
> > > > > > -------------Pre---Post--Context
> > > > > >
> > > > > > + //
> > > > > >
> > > > > > + { "TestVerifyParallelHash256HashAll()",
> > > > > > "CryptoPkg.BaseCryptLib.ParallelHash256HashAll",
> > > > > > TestVerifyParallelHash256HashAll, NULL, NULL, NULL },
> > > > > >
> > > > > > +};
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +UINTN mParallelhashTestNum = ARRAY_SIZE (mParallelhashTest);
> > > > > >
> > > > > > diff --git a/CryptoPkg/CryptoPkg.ci.yaml
> b/CryptoPkg/CryptoPkg.ci.yaml
> > > > > > index eeb388ae71c5..e21fafac1efe 100644
> > > > > > --- a/CryptoPkg/CryptoPkg.ci.yaml
> > > > > > +++ b/CryptoPkg/CryptoPkg.ci.yaml
> > > > > > @@ -2,7 +2,7 @@
> > > > > > # CI configuration for CryptoPkg
> > > > > >
> > > > > > #
> > > > > >
> > > > > > # Copyright (c) Microsoft Corporation
> > > > > >
> > > > > > -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +# Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > ##
> > > > > >
> > > > > > {
> > > > > >
> > > > > > @@ -34,6 +34,8 @@
> > > > > > "Library/OpensslLib/rand_pool.c",
> > > > > >
> > > > > > # This has OpenSSL interfaces that aren't UEFI spec compliant
> > > > > >
> > > > > > "Library/Include/CrtLibSupport.h",
> > > > > >
> > > > > > + # This has OpenSSL interfaces that aren't UEFI spec compliant
> > > > > >
> > > > > > + "Library/BaseCryptLib/Hash/CryptParallelHash.h",
> > > > > >
> > > > > > # These directories contain auto-generated OpenSSL content
> > > > > >
> > > > > > "Library/OpensslLib",
> > > > > >
> > > > > > "Library/IntrinsicLib",
> > > > > >
> > > > > > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > > > b/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > > > index f4bc7c0d73d9..7d1499350a49 100644
> > > > > > --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > > > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> > > > > > @@ -4,7 +4,7 @@
> > > > > > primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI
> > security
> > > > > >
> > > > > > functionality enabling.
> > > > > >
> > > > > >
> > > > > >
> > > > > > -Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > >
> > > > > >
> > > > > > **/
> > > > > >
> > > > > > @@ -753,6 +753,35 @@ Sha512HashAll (
> > > > > > OUT UINT8 *HashValue
> > > > > >
> > > > > > );
> > > > > >
> > > > > >
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > > Publication
> > > > > > 800-185,
> > > > > >
> > > > > > + published December 2016.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] Input Pointer to the input message (X).
> > > > > >
> > > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> > for
> > > > the
> > > > > > input data.
> > > > > >
> > > > > > + @param[in] BlockSize The size of each block (B).
> > > > > >
> > > > > > + @param[out] Output Pointer to the output buffer.
> > > > > >
> > > > > > + @param[in] OutputByteLen The desired number of output bytes
> (L).
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > > >
> > > > > > + @param[in] CustomByteLen The length of the customization
> string
> > in
> > > > > bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > > >
> > > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +ParallelHash256HashAll (
> > > > > >
> > > > > > + IN CONST VOID *Input,
> > > > > >
> > > > > > + IN UINTN InputByteLen,
> > > > > >
> > > > > > + IN UINTN BlockSize,
> > > > > >
> > > > > > + OUT VOID *Output,
> > > > > >
> > > > > > + IN UINTN OutputByteLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomByteLen
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > /**
> > > > > >
> > > > > > Retrieves the size, in bytes, of the context buffer required for SM3
> hash
> > > > > > operations.
> > > > > >
> > > > > >
> > > > > >
> > > > > > diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > > > b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > > > index 5186a54759ae..77330961352e 100644
> > > > > > --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > > > +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
> > > > > > @@ -2,7 +2,7 @@
> > > > > > Defines the PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure
> > > associated
> > > > > with
> > > > > >
> > > > > > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.
> > > > > >
> > > > > >
> > > > > >
> > > > > > - Copyright (c) 2019 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > + Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > >
> > > > > >
> > > > > > **/
> > > > > >
> > > > > > @@ -288,6 +288,12 @@ typedef struct {
> > > > > > } Services;
> > > > > >
> > > > > > UINT32 Family;
> > > > > >
> > > > > > } TlsGet;
> > > > > >
> > > > > > + union {
> > > > > >
> > > > > > + struct {
> > > > > >
> > > > > > + UINT8 HashAll : 1;
> > > > > >
> > > > > > + } Services;
> > > > > >
> > > > > > + UINT32 Family;
> > > > > >
> > > > > > + } ParallelHash;
> > > > > >
> > > > > > } PCD_CRYPTO_SERVICE_FAMILY_ENABLE;
> > > > > >
> > > > > >
> > > > > >
> > > > > > #endif
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > > > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > > > index 49703fa4c963..15cf3dab105c 100644
> > > > > > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > > > > > @@ -6,7 +6,7 @@
> > > > > > # This external input must be validated carefully to avoid security
> issues
> > > > such
> > > > > as
> > > > > >
> > > > > > # buffer overflow or integer overflow.
> > > > > >
> > > > > > #
> > > > > >
> > > > > > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All
> > > rights
> > > > > > reserved.<BR>
> > > > > >
> > > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > #
> > > > > >
> > > > > > @@ -34,6 +34,7 @@
> > > > > > Hash/CryptSha256.c
> > > > > >
> > > > > > Hash/CryptSha512.c
> > > > > >
> > > > > > Hash/CryptSm3.c
> > > > > >
> > > > > > + Hash/CryptParallelHashNull.c
> > > > > >
> > > > > > Hmac/CryptHmacSha256.c
> > > > > >
> > > > > > Kdf/CryptHkdf.c
> > > > > >
> > > > > > Cipher/CryptAes.c
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > > > > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > > > > new file mode 100644
> > > > > > index 000000000000..fe08d4928e8d
> > > > > > --- /dev/null
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.h
> > > > > > @@ -0,0 +1,201 @@
> > > > > > +/** @file
> > > > > >
> > > > > > + ParallelHash related function and type declaration.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
> > > > > >
> > > > > > +Licensed under the OpenSSL license (the "License"). You may not use
> > > > > >
> > > > > > +this file except in compliance with the License. You can obtain a copy
> > > > > >
> > > > > > +in the file LICENSE in the source distribution or at
> > > > > >
> > > > > > +https://www.openssl.org/source/license.html
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +Copyright 2022 The eXtended Keccak Code Package (XKCP)
> > > > > >
> > > > > > +https://github.com/XKCP/XKCP
> > > > > >
> > > > > > +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters
> and
> > > > Gilles
> > > > > > Van Assche.
> > > > > >
> > > > > > +Implementation by the designers, hereby denoted as "the
> implementer".
> > > > > >
> > > > > > +For more information, feedback or questions, please refer to the
> Keccak
> > > > > Team
> > > > > > website:
> > > > > >
> > > > > > +https://keccak.team/
> > > > > >
> > > > > > +To the extent possible under law, the implementer has waived all
> > > copyright
> > > > > >
> > > > > > +and related or neighboring rights to the source code in this file.
> > > > > >
> > > > > > +http://creativecommons.org/publicdomain/zero/1.0/
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#include "InternalCryptLib.h"
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +#define KECCAK1600_WIDTH 1600
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +// This struct referring to m_sha3.c from opessl and modified its type
> > > name.
> > > > > >
> > > > > > +//
> > > > > >
> > > > > > +typedef struct {
> > > > > >
> > > > > > + uint64_t A[5][5];
> > > > > >
> > > > > > + size_t block_size; /* cached ctx->digest->block_size */
> > > > > >
> > > > > > + size_t md_size; /* output length, variable in XOF */
> > > > > >
> > > > > > + size_t num; /* used bytes in below buffer */
> > > > > >
> > > > > > + unsigned char buf[KECCAK1600_WIDTH / 8 - 32];
> > > > > >
> > > > > > + unsigned char pad;
> > > > > >
> > > > > > +} Keccak1600_Ctx;
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + SHA3_absorb can be called multiple times, but at each invocation
> > > > > >
> > > > > > + largest multiple of |r| out of |len| bytes are processed. Then
> > > > > >
> > > > > > + remaining amount of bytes is returned. This is done to spare caller
> > > > > >
> > > > > > + trouble of calculating the largest multiple of |r|. |r| can be viewed
> > > > > >
> > > > > > + as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104,
> > > > > >
> > > > > > + 72, but can also be (1600 - 448)/8 = 144. All this means that message
> > > > > >
> > > > > > + padding and intermediate sub-block buffering, byte- or bitwise, is
> > > > > >
> > > > > > + caller's responsibility.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +size_t
> > > > > >
> > > > > > +SHA3_absorb (
> > > > > >
> > > > > > + uint64_t A[5][5],
> > > > > >
> > > > > > + const unsigned char *inp,
> > > > > >
> > > > > > + size_t len,
> > > > > >
> > > > > > + size_t r
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + SHA3_squeeze is called once at the end to generate |out| hash value
> > > > > >
> > > > > > + of |len| bytes.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +void
> > > > > >
> > > > > > +SHA3_squeeze (
> > > > > >
> > > > > > + uint64_t A[5][5],
> > > > > >
> > > > > > + unsigned char *out,
> > > > > >
> > > > > > + size_t len,
> > > > > >
> > > > > > + size_t r
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Encode function from XKCP.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Encodes the input as a byte string in a way that can be
> unambiguously
> > > > > parsed
> > > > > >
> > > > > > + from the beginning of the string by inserting the length of the byte
> > string
> > > > > >
> > > > > > + before the byte string representation of input.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[out] EncBuf Result of left encode.
> > > > > >
> > > > > > + @param[in] Value Input of left encode.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval EncLen Size of encode result in bytes.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINTN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +LeftEncode (
> > > > > >
> > > > > > + OUT UINT8 *EncBuf,
> > > > > >
> > > > > > + IN UINTN Value
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Encode function from XKCP.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Encodes the input as a byte string in a way that can be
> unambiguously
> > > > > parsed
> > > > > >
> > > > > > + from the end of the string by inserting the length of the byte string
> > after
> > > > > >
> > > > > > + the byte string representation of input.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[out] EncBuf Result of right encode.
> > > > > >
> > > > > > + @param[in] Value Input of right encode.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval EncLen Size of encode result in bytes.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINTN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +RightEncode (
> > > > > >
> > > > > > + OUT UINT8 *EncBuf,
> > > > > >
> > > > > > + IN UINTN Value
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Keccak initial fuction.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + Set up state with specified capacity.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[out] Context Pointer to the context being initialized.
> > > > > >
> > > > > > + @param[in] Pad Delimited Suffix.
> > > > > >
> > > > > > + @param[in] BlockSize Size of context block.
> > > > > >
> > > > > > + @param[in] MessageDigestLen Size of message digest in bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval 1 Initialize successfully.
> > > > > >
> > > > > > + @retval 0 Fail to initialize.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINT8
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +KeccakInit (
> > > > > >
> > > > > > + OUT Keccak1600_Ctx *Context,
> > > > > >
> > > > > > + IN UINT8 Pad,
> > > > > >
> > > > > > + IN UINTN BlockSize,
> > > > > >
> > > > > > + IN UINTN MessageDigstLen
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Sha3 update fuction.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + This function performs Sha3 digest on a data buffer of the specified
> > size.
> > > > > >
> > > > > > + It can be called multiple times to compute the digest of long or
> > > > > discontinuous
> > > > > > data streams.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in,out] Context Pointer to the Keccak context.
> > > > > >
> > > > > > + @param[in] Data Pointer to the buffer containing the data to be
> > > > > hashed.
> > > > > >
> > > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval 1 Update successfully.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINT8
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +Sha3Update (
> > > > > >
> > > > > > + IN OUT Keccak1600_Ctx *Context,
> > > > > >
> > > > > > + IN const VOID *Data,
> > > > > >
> > > > > > + IN UINTN DataSize
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Completes computation of Sha3 message digest.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + This function completes sha3 hash computation and retrieves the
> > digest
> > > > > value
> > > > > > into
> > > > > >
> > > > > > + the specified memory. After this function has been called, the keccak
> > > > > context
> > > > > > cannot
> > > > > >
> > > > > > + be used again.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in, out] Context Pointer to the keccak context.
> > > > > >
> > > > > > + @param[out] MessageDigest Pointer to a buffer that receives the
> > > > > > message digest.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval 1 Meaasge digest computation succeeded.
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +UINT8
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +Sha3Final (
> > > > > >
> > > > > > + IN OUT Keccak1600_Ctx *Context,
> > > > > >
> > > > > > + OUT UINT8 *MessageDigest
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Computes the CSHAKE-256 message digest of a input data buffer.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + This function performs the CSHAKE-256 message digest of a given
> data
> > > > > buffer,
> > > > > > and places
> > > > > >
> > > > > > + the digest value into the specified memory.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] Data Pointer to the buffer containing the data
> to
> > > be
> > > > > > hashed.
> > > > > >
> > > > > > + @param[in] DataSize Size of Data buffer in bytes.
> > > > > >
> > > > > > + @param[in] OutputLen Size of output in bytes.
> > > > > >
> > > > > > + @param[in] Name Pointer to the function name string.
> > > > > >
> > > > > > + @param[in] NameLen Size of the function name in bytes.
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string.
> > > > > >
> > > > > > + @param[in] CustomizationLen Size of the customization string in
> > bytes.
> > > > > >
> > > > > > + @param[out] HashValue Pointer to a buffer that receives the
> > > > CSHAKE-
> > > > > > 256 digest
> > > > > >
> > > > > > + value.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE CSHAKE-256 digest computation succeeded.
> > > > > >
> > > > > > + @retval FALSE CSHAKE-256 digest computation failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +EFIAPI
> > > > > >
> > > > > > +CShake256HashAll (
> > > > > >
> > > > > > + IN CONST VOID *Data,
> > > > > >
> > > > > > + IN UINTN DataSize,
> > > > > >
> > > > > > + IN UINTN OutputLen,
> > > > > >
> > > > > > + IN CONST VOID *Name,
> > > > > >
> > > > > > + IN UINTN NameLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomizationLen,
> > > > > >
> > > > > > + OUT UINT8 *HashValue
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > > > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > > > index 0cab5f3ce36c..bf1563b06407 100644
> > > > > > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > > > > > @@ -13,7 +13,7 @@
> > > > > > # PEM handler functions, and pseudorandom number generator
> > functions
> > > > are
> > > > > > not
> > > > > >
> > > > > > # supported in this instance.
> > > > > >
> > > > > > #
> > > > > >
> > > > > > -# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > #
> > > > > >
> > > > > > ##
> > > > > >
> > > > > > @@ -40,6 +40,7 @@
> > > > > > Hash/CryptSha256.c
> > > > > >
> > > > > > Hash/CryptSm3.c
> > > > > >
> > > > > > Hash/CryptSha512.c
> > > > > >
> > > > > > + Hash/CryptParallelHashNull.c
> > > > > >
> > > > > > Hmac/CryptHmacSha256.c
> > > > > >
> > > > > > Kdf/CryptHkdf.c
> > > > > >
> > > > > > Cipher/CryptAesNull.c
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > > > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > > > index fdbb6edfd23e..6742da0be4fe 100644
> > > > > > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > > > > > @@ -11,7 +11,7 @@
> > > > > > # functions, PKCS#7 SignedData sign functions, Diffie-Hellman
> functions,
> > > > and
> > > > > >
> > > > > > # authenticode signature verification functions are not supported in
> this
> > > > > > instance.
> > > > > >
> > > > > > #
> > > > > >
> > > > > > -# Copyright (c) 2009 - 2021, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > # Copyright (c) 2021, Hewlett Packard Enterprise Development LP. All
> > > rights
> > > > > > reserved.<BR>
> > > > > >
> > > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > #
> > > > > >
> > > > > > @@ -40,6 +40,7 @@
> > > > > > Hash/CryptSha256.c
> > > > > >
> > > > > > Hash/CryptSm3.c
> > > > > >
> > > > > > Hash/CryptSha512.c
> > > > > >
> > > > > > + Hash/CryptParallelHashNull.c
> > > > > >
> > > > > > Hmac/CryptHmacSha256.c
> > > > > >
> > > > > > Kdf/CryptHkdf.c
> > > > > >
> > > > > > Cipher/CryptAes.c
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > > > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > > > index e6470d7a2127..8f39517f78b7 100644
> > > > > > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > > > @@ -10,7 +10,7 @@
> > > > > > # RSA external functions, PKCS#7 SignedData sign functions, Diffie-
> > > Hellman
> > > > > > functions, and
> > > > > >
> > > > > > # authenticode signature verification functions are not supported in
> this
> > > > > > instance.
> > > > > >
> > > > > > #
> > > > > >
> > > > > > -# Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > #
> > > > > >
> > > > > > ##
> > > > > >
> > > > > > @@ -38,6 +38,10 @@
> > > > > > Hash/CryptSha256.c
> > > > > >
> > > > > > Hash/CryptSm3.c
> > > > > >
> > > > > > Hash/CryptSha512.c
> > > > > >
> > > > > > + Hash/CryptSha3.c
> > > > > >
> > > > > > + Hash/CryptXkcp.c
> > > > > >
> > > > > > + Hash/CryptCShake256.c
> > > > > >
> > > > > > + Hash/CryptParallelHash.c
> > > > > >
> > > > > > Hmac/CryptHmacSha256.c
> > > > > >
> > > > > > Kdf/CryptHkdfNull.c
> > > > > >
> > > > > > Cipher/CryptAes.c
> > > > > >
> > > > > > @@ -85,6 +89,8 @@
> > > > > > OpensslLib
> > > > > >
> > > > > > IntrinsicLib
> > > > > >
> > > > > > PrintLib
> > > > > >
> > > > > > + MmServicesTableLib
> > > > > >
> > > > > > + SynchronizationLib
> > > > > >
> > > > > >
> > > > > >
> > > > > > #
> > > > > >
> > > > > > # Remove these [BuildOptions] after this library is cleaned up
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > > > b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > > > index faf959827b90..63d1d82d1914 100644
> > > > > > --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > > > +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > > > > > @@ -6,7 +6,7 @@
> > > > > > # This external input must be validated carefully to avoid security
> issues
> > > > such
> > > > > as
> > > > > >
> > > > > > # buffer overflow or integer overflow.
> > > > > >
> > > > > > #
> > > > > >
> > > > > > -# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +# Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All
> > > rights
> > > > > > reserved.<BR>
> > > > > >
> > > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > #
> > > > > >
> > > > > > @@ -34,6 +34,7 @@
> > > > > > Hash/CryptSha256Null.c
> > > > > >
> > > > > > Hash/CryptSha512Null.c
> > > > > >
> > > > > > Hash/CryptSm3Null.c
> > > > > >
> > > > > > + Hash/CryptParallelHashNull.c
> > > > > >
> > > > > > Hmac/CryptHmacSha256Null.c
> > > > > >
> > > > > > Kdf/CryptHkdfNull.c
> > > > > >
> > > > > > Cipher/CryptAesNull.c
> > > > > >
> > > > > > diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > > > b/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > > > index d257dca8fa9b..b76b140a7acf 100644
> > > > > > --- a/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > > > +++ b/CryptoPkg/Library/Include/CrtLibSupport.h
> > > > > > @@ -2,7 +2,7 @@
> > > > > > Root include file of C runtime library to support building the third-
> party
> > > > > >
> > > > > > cryptographic library.
> > > > > >
> > > > > >
> > > > > >
> > > > > > -Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > +Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All
> > rights
> > > > > > reserved.<BR>
> > > > > >
> > > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > >
> > > > > >
> > > > > > @@ -111,6 +111,7 @@ typedef UINT8 u_char;
> > > > > > typedef UINT32 uid_t;
> > > > > >
> > > > > > typedef UINT32 gid_t;
> > > > > >
> > > > > > typedef CHAR16 wchar_t;
> > > > > >
> > > > > > +typedef UINT64 uint64_t;
> > > > > >
> > > > > >
> > > > > >
> > > > > > //
> > > > > >
> > > > > > // File operations are not required for EFI building,
> > > > > >
> > > > > > diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> > > > > > b/CryptoPkg/Private/Protocol/Crypto.h
> > > > > > index e378a8a8c60e..de45778c7d42 100644
> > > > > > --- a/CryptoPkg/Private/Protocol/Crypto.h
> > > > > > +++ b/CryptoPkg/Private/Protocol/Crypto.h
> > > > > > @@ -2,7 +2,7 @@
> > > > > > This Protocol provides Crypto services to DXE modules
> > > > > >
> > > > > >
> > > > > >
> > > > > > Copyright (C) Microsoft Corporation. All rights reserved.
> > > > > >
> > > > > > - Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > + Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > >
> > > > > >
> > > > > > **/
> > > > > >
> > > > > > @@ -21,7 +21,7 @@
> > > > > > /// the EDK II Crypto Protocol is extended, this version define must be
> > > > > >
> > > > > > /// increased.
> > > > > >
> > > > > > ///
> > > > > >
> > > > > > -#define EDKII_CRYPTO_VERSION 7
> > > > > >
> > > > > > +#define EDKII_CRYPTO_VERSION 8
> > > > > >
> > > > > >
> > > > > >
> > > > > > ///
> > > > > >
> > > > > > /// EDK II Crypto Protocol forward declaration
> > > > > >
> > > > > > @@ -3383,6 +3383,35 @@ EFI_STATUS
> > > > > > IN OUT UINTN *DataSize
> > > > > >
> > > > > > );
> > > > > >
> > > > > >
> > > > > >
> > > > > > +/**
> > > > > >
> > > > > > + Parallel hash function ParallelHash256, as defined in NIST's Special
> > > > > Publication
> > > > > > 800-185,
> > > > > >
> > > > > > + published December 2016.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @param[in] Input Pointer to the input message (X).
> > > > > >
> > > > > > + @param[in] InputByteLen The number(>0) of input bytes provided
> > for
> > > > the
> > > > > > input data.
> > > > > >
> > > > > > + @param[in] BlockSize The size of each block (B).
> > > > > >
> > > > > > + @param[out] Output Pointer to the output buffer.
> > > > > >
> > > > > > + @param[in] OutputByteLen The desired number of output bytes
> (L).
> > > > > >
> > > > > > + @param[in] Customization Pointer to the customization string (S).
> > > > > >
> > > > > > + @param[in] CustomByteLen The length of the customization
> string
> > in
> > > > > bytes.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > + @retval TRUE ParallelHash256 digest computation succeeded.
> > > > > >
> > > > > > + @retval FALSE ParallelHash256 digest computation failed.
> > > > > >
> > > > > > + @retval FALSE This interface is not supported.
> > > > > >
> > > > > > +
> > > > > >
> > > > > > +**/
> > > > > >
> > > > > > +typedef
> > > > > >
> > > > > > +BOOLEAN
> > > > > >
> > > > > > +(EFIAPI *EDKII_CRYPTO_PARALLEL_HASH_ALL)(
> > > > > >
> > > > > > + IN CONST VOID *Input,
> > > > > >
> > > > > > + IN UINTN InputByteLen,
> > > > > >
> > > > > > + IN UINTN BlockSize,
> > > > > >
> > > > > > + OUT VOID *Output,
> > > > > >
> > > > > > + IN UINTN OutputByteLen,
> > > > > >
> > > > > > + IN CONST VOID *Customization,
> > > > > >
> > > > > > + IN UINTN CustomByteLen
> > > > > >
> > > > > > + );
> > > > > >
> > > > > > +
> > > > > >
> > > > > > /**
> > > > > >
> > > > > > Carries out the RSA-SSA signature generation with EMSA-PSS
> encoding
> > > > > scheme.
> > > > > >
> > > > > >
> > > > > >
> > > > > > @@ -3641,6 +3670,8 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > > > > > EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT
> > > TlsGetHostPublicCert;
> > > > > >
> > > > > > EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY
> > > TlsGetHostPrivateKey;
> > > > > >
> > > > > > EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST
> > > > > > TlsGetCertRevocationList;
> > > > > >
> > > > > > + /// Parallel hash
> > > > > >
> > > > > > + EDKII_CRYPTO_PARALLEL_HASH_ALL
> > ParallelHash256HashAll;
> > > > > >
> > > > > > /// RSA PSS
> > > > > >
> > > > > > EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
> > > > > >
> > > > > > EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
> > > > > >
> > > > > > diff --git a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > > > b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > > > index ff0af36bcc80..c50a9cc4dc9f 100644
> > > > > > --- a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > > > +++ b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc
> > > > > > @@ -2,6 +2,7 @@
> > > > > > # CryptoPkg DSC file used to build host-based unit tests.
> > > > > >
> > > > > > #
> > > > > >
> > > > > > # Copyright (c) Microsoft Corporation.<BR>
> > > > > >
> > > > > > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > #
> > > > > >
> > > > > > ##
> > > > > >
> > > > > > @@ -21,6 +22,9 @@
> > > > > > [LibraryClasses]
> > > > > >
> > > > > > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > > > > >
> > > > > >
> > > >
> BaseCryptLib|CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf
> > > > > >
> > > > > > +
> > > > > >
> > > > >
> > > >
> > >
> >
> MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib
> > > > > > .inf
> > > > > >
> > > > > > +
> > > > > >
> > > > >
> > > >
> > >
> >
> SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizati
> > > > > > onLib.inf
> > > > > >
> > > > > > +
> > > > > >
> > > > >
> > > >
> > >
> >
> TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat
> > > > > > e.inf
> > > > > >
> > > > > >
> > > > > >
> > > > > > [LibraryClasses.AARCH64, LibraryClasses.ARM]
> > > > > >
> > > > > > RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf
> > > > > >
> > > > > > diff --git
> > > > > >
> > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > > >
> > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > > > index 00c869265080..399db596c2d1 100644
> > > > > > ---
> > > > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > > > +++
> > > > >
> b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf
> > > > > > @@ -2,6 +2,7 @@
> > > > > > # Host-based UnitTest for BaseCryptLib
> > > > > >
> > > > > > #
> > > > > >
> > > > > > # Copyright (c) Microsoft Corporation.<BR>
> > > > > >
> > > > > > +# Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> > > > > >
> > > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > >
> > > > > > ##
> > > > > >
> > > > > >
> > > > > >
> > > > > > @@ -35,6 +36,7 @@
> > > > > > Pkcs7EkuTests.c
> > > > > >
> > > > > > OaepEncryptTests.c
> > > > > >
> > > > > > RsaPssTests.c
> > > > > >
> > > > > > + ParallelhashTests.c
> > > > > >
> > > > > >
> > > > > >
> > > > > > [Packages]
> > > > > >
> > > > > > MdePkg/MdePkg.dec
> > > > > >
> > > > > > @@ -45,3 +47,5 @@
> > > > > > DebugLib
> > > > > >
> > > > > > BaseCryptLib
> > > > > >
> > > > > > UnitTestLib
> > > > > >
> > > > > > + MmServicesTableLib
> > > > > >
> > > > > > + SynchronizationLib
> > > > > >
> > > > > > --
> > > > > > 2.26.2.windows.1
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2022-03-18 2:01 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-03-17 4:34 [PATCH v6 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib Li, Zhihao
2022-03-17 14:12 ` Yao, Jiewen
2022-03-17 16:27 ` Li, Zhihao
2022-03-18 0:56 ` Yao, Jiewen
2022-03-18 1:52 ` Li, Zhihao
2022-03-18 1:59 ` Yao, Jiewen
2022-03-18 2:00 ` Li, Zhihao
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox