From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web10.4299.1646373997026562861 for ; Thu, 03 Mar 2022 22:06:37 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=dtw518g1; spf=pass (domain: intel.com, ip: 134.134.136.31, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1646373997; x=1677909997; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=XzCt2+1+Jtuf8QLqAv9RpQie4Ngi4YFBXNp4YE6Rv2M=; b=dtw518g1QuMUpRwk1ubTjGwM9qCVAiqmWzDlcO5MjmjbAN9JInWMVRK3 jDTZLmMbreIT/1UoNc6PDZqXQKAJFL7UFZwris+7esAZ96aQ+qc6UOAu6 w+gMdv4jAnWi7H/369jSgOHjsvTtoaYi6On25t5Zk6N0jBVuMLHFAPy07 rhEZ1F9bg4TbF/Un+POYhLjlYGcaU9Zh/Cc+hkrn5nV72zWTpq3U/XLAt uk+ooCUM/L7HRnOgJoynfirHUO3A7QDLrIHuSu3xxvF6/pXhz/su2OGH4 NIEjykbUjCio2jQyPq4PYUmvpY8paki22FJ34wLunE56HhEyCaXaEnBjd w==; X-IronPort-AV: E=McAfee;i="6200,9189,10275"; a="314618771" X-IronPort-AV: E=Sophos;i="5.90,154,1643702400"; d="scan'208";a="314618771" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Mar 2022 22:06:36 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,154,1643702400"; d="scan'208";a="552095007" Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by orsmga008.jf.intel.com with ESMTP; 03 Mar 2022 22:06:36 -0800 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.21; Thu, 3 Mar 2022 22:06:35 -0800 Received: from orsmsx609.amr.corp.intel.com (10.22.229.22) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.21; Thu, 3 Mar 2022 22:06:35 -0800 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx609.amr.corp.intel.com (10.22.229.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.21 via Frontend Transport; Thu, 3 Mar 2022 22:06:35 -0800 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.100) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.21; Thu, 3 Mar 2022 22:06:34 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EwHmd4N6dp3/3miW5xK2sQbibqVOQwSJTqvnSUHkt8Xi+4DwxFUklQaTLy6CjqEcHng+jowRF5ZYnV+mgKL1sM7QrVoUVF2rCbxjPZoIEWInxDBKGObmqQcAuv9+DkGhNA2kQg3lLPfFejIc7/p5u2+e0CB0fJZ1GKpGKGDPbgxtrHf8oF0U+VWMpsPawHcMG5hmo7sI/lNYYCWkPBcZXf8EnJmb4XBY0PhEvT0H0tiDPVzopQCvvbdMHLVciDtjY22AQwhkaHQ5A48kbLUJv+rZxaXoW3/oMCEAjltPWJrNiuot/qqimCbJ9ewuRDZHJC8bF+hyZXW8jPFdMhda+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=atNG4U11xK1g0WG/mvRYtzgSd5sFnYpjkEzA2ufCEpc=; b=Pa8G9d25DMenneBuzcSTSCoT2hC1YuMQDgBgeOgJaOb6ihdseLTRY4FsyVZ0drPE0KPlO8LvUuersFPZsa3p+Yijxn/dWcbJOxQBVXp3wHe9SFh/XXcTf9XV4rxzatox8q2TAnAMa39QBv2jqsnm5F19Klzta2OfpjNHWsnFQeFFvlRUpU9wzRKHE8fA9yHt5MgudL5WBfeANXfUKiZeaE5CLT7n9F3Wg/nVQPa7s8GWDnR5pGoXEc+DPh364iub6XnBG9bUZKJCkexrjQGMOi+mfHZDeyX9QjaufO8Sa++dh1Pfrcn6UKuPgEtHkqR/iD6lgVmUmi2QOYVLbCMrSA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by DM4PR11MB5406.namprd11.prod.outlook.com (2603:10b6:5:395::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5038.15; Fri, 4 Mar 2022 06:06:26 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::21db:e2fd:b9a3:9292]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::21db:e2fd:b9a3:9292%6]) with mapi id 15.20.5038.014; Fri, 4 Mar 2022 06:06:26 +0000 From: "Yao, Jiewen" To: "Li, Zhihao" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Lu, Xiaoyu1" , "Jiang, Guomin" , "Fu, Siyuan" Subject: Re: [PATCH v4 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib. Thread-Topic: [PATCH v4 1/1] CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib. Thread-Index: AQHYLhRKC68P/rH3bUmCFCzzvIQNwayuvhyw Date: Fri, 4 Mar 2022 06:06:26 +0000 Message-ID: References: <20220302090232.2157-1-zhihao.li@intel.com> In-Reply-To: <20220302090232.2157-1-zhihao.li@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.401.20 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a818570d-f5ca-43b7-a1e0-08d9fda51df6 x-ms-traffictypediagnostic: DM4PR11MB5406:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: jQNqv3t13ziPgEo+Vnjgc8Uq9LsXvmZ1g7+crKvWvoi6fE0ZIos3vBl0DbegJUw6qJF0UjaPFQUsB0m/XQS0rBoVOessIdoOzjxPd3wJp7ll53kCIQbeBEMspyazGNU0muXU/gS5X1d16zvHTcIbiGZYOTV5JTOiSlVLSb+x1Aq8UHT2TWqGA11WjBwBBBFrlsmK2oUyJktVg08S24iaNGURb8u5x5mXoKkagOCUHRCH9KvpfQ1v/pF/2suFBRa9HKILJvdcG6a2oqyLWuC1VIExgBo0DhmefeLnLAPw8JF8SnsWMSYB/r+IGe4IrOed2oYrDfYDPVaBtqMMKyhdE3ervUiFBi9iqdkVbhGMl5Md/tjtAcBLHP0DxXCD5aDjKpTM00S22VsteGd7h0BL+zBvvEFkcq+g0PewL/spdmTqghpn3yNZYWuFHKStphpXdisAA1Fo4/uD/edOmh/657wjaduur3sWnA6CjH0Y0w2lBpvdkyyY3r73cNV89yZFfFPnxn3+O5iuH++gwCSA9/crKxqfoUBvn26QKMh55CohHo24AJ7TjCStKXHRoHvxXdwpmSGPGxGeqnVfzZp91gp4nVtQVnL1HTimOm2gO7wk9NK4TbmbvmioxDcLb5HTKFrAtMU+bAPzr+Sm7kxgBccuvRMKcNOCwahDzhmBBHggUTAtDpGw7wIyHg2P+kDlbDCZPUGWEdWjk+qf24j2OAB0O+3tN+cea6ziLflxgxyuZc4rufy68lGioH5ElbLRaQAbbEFerdFq6yno5TzM+b1jXdOMeYXTKY9kX5DnG2cCk0Cy7crPENL7c0r8Z1lY x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(26005)(5660300002)(83380400001)(186003)(53546011)(107886003)(2906002)(6506007)(7696005)(55016003)(9686003)(8936002)(30864003)(122000001)(54906003)(52536014)(45080400002)(66476007)(66556008)(66446008)(316002)(82960400001)(71200400001)(38100700002)(19627235002)(508600001)(86362001)(33656002)(64756008)(38070700005)(76116006)(66946007)(966005)(8676002)(4326008)(110136005)(559001)(579004);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?nE4JqRnPQvOqym7O5wD2rvjTs7z+wmR7U4V3AjlLcXNOjDUKozd3maqtF6OU?= =?us-ascii?Q?Hh52DT4kCz+sqAk36usFCNa/MvVOsoM3wVlwIUKKtFKGtyQ57gphqJkne96A?= =?us-ascii?Q?gbzj/Lh+4yeil7Vu1O+sHD6qCj+z3inx4Ww6UgF5EVt1YPiVW3QN5A+YcAw1?= =?us-ascii?Q?rP16qXD3LjBACssMtXz9YtU5wxxT7uRaF0K/f6qDLKdU0YXjiCP79sYp+Brn?= =?us-ascii?Q?cWPt+QLFnfFXG4ZWWCILN+XX6b9OPFn4s8gswfu+zhrqVx5Vs0++KLHwZ721?= =?us-ascii?Q?cF78865aXxPZcLurxhw5In/3Hrl0Cc4Hb38FkHKy6IqQd0WuE3wRLcSP4ljH?= =?us-ascii?Q?/dzKLj0NLzWprvwza+Pn6yfmS3Kj9o9TnXnmNPjnW8nN3XBykKQUlMBxirF9?= =?us-ascii?Q?sMhRUjOh4w6rBsqCBIEw8AHtkyJtdmQXJ31H3GnGvh2TxdepCBVzH2jLOVe/?= =?us-ascii?Q?cgEqdJZ+OqLDDC98CXKt1Xd0yCHDOM8/B+YaB10B4UsruRXKdoXPi34F+22J?= =?us-ascii?Q?s8/ezD7vqHcEHrjRh/JbK2vO+NZ3+42r+ruMbGEityKEPPOUyvoLFp9YmdcM?= =?us-ascii?Q?Voioqp0P3EG6yxDlXYGtD+OKE1QnuK9ihH2IVTSmy8SqxKLZizGYxfS0gNDK?= =?us-ascii?Q?mtaBnRTb0rsEuzSnYUjoDvVhUCwzWqB0wUqs6ED1x58VdxhNV90RNEu/V5XJ?= =?us-ascii?Q?jdmFp+i66pMxGef3g5rnWdhzJtS3Nc0ih0oOdxfd4OV+2Sij60J2Jy5GjmeH?= =?us-ascii?Q?ZXuoUdvCH0vFPm4r7Pv2oz0BWU8U9EM0rjdwKjJEbay3r0eo3YiQ65PR57Dx?= =?us-ascii?Q?oM0KKYWMDS0oo8z3R5fpfSAcAnJz9ctZVDoUcqZA8xG/fEUw1X2Jk5HIKjG0?= =?us-ascii?Q?OKwL1JmQMnZHlcZ//eIG56eFVL3tIES/36rdc6MSFRA/kFgbm3LoQdzOE34Y?= =?us-ascii?Q?hawfF5YhV1PrB8Kp7H0LlTFiTVy7DKdF6P98rkM6cMudwn9ba7i7DVB8/PD3?= =?us-ascii?Q?GWSPrjuvyonRByNkVSojngreB9YLOrHH0zvrrMrjbKh7VxOMYicLdAI+sUtB?= =?us-ascii?Q?wRipbl8m6vW24tGoH+SuGEywswy49FxMUO8MmpbYjXSlbW8SnFyOeRDFmyJb?= =?us-ascii?Q?CHauStKWYV4oc7JaxQDHNxFPHLJSsDIiV5Vvev8elAoqKscuFEfynvdKkre3?= =?us-ascii?Q?EnZXLL5CCdSNlGz8KYYFIYEDITK9SE0YVmcxZSU4ulB2UKw16tkUn05lSO9e?= =?us-ascii?Q?xcformzLPCn+NoSnZS+PiMRxCG8pribTNvwXGxbZoLL3LbPDEpNk0UzZGYSO?= =?us-ascii?Q?LQu47f+s5CPLiuBxXc8D1evtDiPuO43yRz+Mu3XB5j9CcID59EBiAaYQxIrm?= =?us-ascii?Q?qCkWywUI9RONDPzx4Bst5A1G8vzdY1gQL3NW8PWUsbesWpR9j6hYPeE7n5iY?= =?us-ascii?Q?l7LNEqb28702Bcm5xHdtR1Txg0FsWiy2nmPeJGPrcXeSrDK7eyN6iHO8W9j+?= =?us-ascii?Q?pOG2nShraYAQABb0uinm9lKxjywHurTvLC1A9/zQq8bkGu+u3FRL9gI06fCa?= =?us-ascii?Q?ufsH5YGU3fg/tBRGveysCrc9aMhnigH1+Zedg1xOxMxYzgWrtwsyrEwPC4p4?= =?us-ascii?Q?TMV7hIAVp3vT7yxPmk9RSo8=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: a818570d-f5ca-43b7-a1e0-08d9fda51df6 X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Mar 2022 06:06:26.1582 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: HO0tZKbQowAymz/SYjq2801S2lB4dRIQYSsgWDljNA+8A2hK9YyczqMKm2eqQ5oeHtNRUsILpIIIxCL3WsJe3g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR11MB5406 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Thanks for the update. Comments below: 1) I don't think we should putting Keccak1600_Ctx in CrtLibSupport.h. It ha= s nothing to do with CRT lib. 2) Same feedback to SHA3_absorb and SHA3_squeeze. They have nothing to do w= ith CRT lib. 3) when you add new lib interfaces, you need add them to all instances. I f= ound you only changed SmmCryptLib.inf, but miss others. Please also update PEI, DXE, RuntimeDxe. NULL version implementation is acc= eptable. 4) I don't see you update CryptoPkg\Private\Protocol and Ppi. They should be 1:1 mapping with CryptoLib API. Thank you Yao Jiewen > -----Original Message----- > From: Li, Zhihao > Sent: Wednesday, March 2, 2022 5:03 PM > To: devel@edk2.groups.io > Cc: Yao, Jiewen ; Wang, Jian J ; > Lu, Xiaoyu1 ; Jiang, Guomin ; > Fu, Siyuan > Subject: [PATCH v4 1/1] CryptoPkg: Add new hash algorithm > ParallelHash256HashAll in BaseCryptLib. >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3596 >=20 > Parallel hash function ParallelHash256HashAll, as defined in NIST's > Special Publication 800-185, published December 2016. It utilizes > multi-process to calculate the digest. >=20 > Some modifications to pass CI test. >=20 > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Xiaoyu Lu > Cc: Guomin Jiang > Cc: Siyuan Fu > Cc: Zhihao Li >=20 > Signed-off-by: Zhihao Li > --- > CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c | = 381 > ++++++++++++++++++++ > CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c | = 350 > ++++++++++++++++++ > CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c | = 166 > +++++++++ > CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c | = 107 ++++++ > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c | = 145 > ++++++++ > CryptoPkg/Include/Library/BaseCryptLib.h | = 31 +- > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | = 8 +- > CryptoPkg/Library/Include/CrtLibSupport.h | = 38 +- > CryptoPkg/Test/CryptoPkgHostUnitTest.dsc | = 3 + > CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf | = 4 + > 10 files changed, 1230 insertions(+), 3 deletions(-) >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c > new file mode 100644 > index 000000000000..6b26d74d5413 > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptCShake256.c > @@ -0,0 +1,381 @@ > +/** @file >=20 > + cSHAKE-256 Digest Wrapper Implementations. >=20 > + >=20 > + Copyright (c) 2022, Intel Corporation. All rights reserved.
>=20 > + SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#include "InternalCryptLib.h" >=20 > + >=20 > +#define CSHAKE256_SECURITY_STRENGTH 256 >=20 > +#define CSHAKE256_RATE_IN_BYTES 136 >=20 > + >=20 > +const CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] =3D { 0 }; >=20 > + >=20 > +/** >=20 > + Encode function from XKCP. >=20 > + >=20 > + Encodes the input as a byte string in a way that can be unambiguously = parsed >=20 > + from the beginning of the string by inserting the length of the byte s= tring >=20 > + before the byte string representation of input. >=20 > + >=20 > + @param[out] EncBuf Result of left encode. >=20 > + @param[in] Value Input of left encode. >=20 > + >=20 > + @retval EncLen Size of encode result in bytes. >=20 > +**/ >=20 > +UINTN >=20 > +EFIAPI >=20 > +LeftEncode ( >=20 > + OUT UINT8 *EncBuf, >=20 > + IN UINTN Value >=20 > + ); >=20 > + >=20 > +/** >=20 > + Encode function from XKCP. >=20 > + >=20 > + Encodes the input as a byte string in a way that can be unambiguously = parsed >=20 > + from the end of the string by inserting the length of the byte string = after >=20 > + the byte string representation of input. >=20 > + >=20 > + @param[out] EncBuf Result of right encode. >=20 > + @param[in] Value Input of right encode. >=20 > + >=20 > + @retval EncLen Size of encode result in bytes. >=20 > +**/ >=20 > +UINTN >=20 > +EFIAPI >=20 > +RightEncode ( >=20 > + OUT UINT8 *EncBuf, >=20 > + IN UINTN Value >=20 > + ); >=20 > + >=20 > +/** >=20 > + Keccak initial fuction. >=20 > + >=20 > + Set up state with specified capacity. >=20 > + >=20 > + @param[out] Context Pointer to the context being initialized= . >=20 > + @param[in] Pad Delimited Suffix. >=20 > + @param[in] BlockSize Size of context block. >=20 > + @param[in] MessageDigestLen Size of message digest in bytes. >=20 > + >=20 > + @retval 1 Initialize successfully. >=20 > + @retval 0 Fail to initialize. >=20 > +**/ >=20 > +UINT8 >=20 > +EFIAPI >=20 > +KeccakInit ( >=20 > + OUT Keccak1600_Ctx *Context, >=20 > + IN UINT8 Pad, >=20 > + IN UINTN BlockSize, >=20 > + IN UINTN MessageDigstLen >=20 > + ); >=20 > + >=20 > +/** >=20 > + Sha3 update fuction. >=20 > + >=20 > + This function performs Sha3 digest on a data buffer of the specified s= ize. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + >=20 > + @param[in,out] Context Pointer to the Keccak context. >=20 > + @param[in] Data Pointer to the buffer containing the data to = be hashed. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval 1 Update successfully. >=20 > +**/ >=20 > +UINT8 >=20 > +EFIAPI >=20 > +Sha3Update ( >=20 > + IN OUT Keccak1600_Ctx *Context, >=20 > + IN const VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ); >=20 > + >=20 > +/** >=20 > + Completes computation of Sha3 message digest. >=20 > + >=20 > + This function completes sha3 hash computation and retrieves the digest= value > into >=20 > + the specified memory. After this function has been called, the keccak = context > cannot >=20 > + be used again. >=20 > + >=20 > + @param[in, out] Context Pointer to the keccak context. >=20 > + @param[out] MessageDigest Pointer to a buffer that receives the > message digest. >=20 > + >=20 > + @retval 1 Meaasge digest computation succeeded. >=20 > +**/ >=20 > +UINT8 >=20 > +EFIAPI >=20 > +Sha3Final ( >=20 > + IN OUT Keccak1600_Ctx *Context, >=20 > + OUT UINT8 *MessageDigest >=20 > + ); >=20 > + >=20 > +/** >=20 > + CShake256 initial function. >=20 > + >=20 > + Initializes user-supplied memory pointed by CShake256Context as cSHAKE= -256 > hash context for >=20 > + subsequent use. >=20 > + >=20 > + @param[out] CShake256Context Pointer to cSHAKE-256 context being > initialized. >=20 > + @param[in] OutputLen The desired number of output length in b= ytes. >=20 > + @param[in] Name Pointer to the function name string. >=20 > + @param[in] NameLen The length of the function name in bytes= . >=20 > + @param[in] Customization Pointer to the customization string. >=20 > + @param[in] CustomizationLen The length of the customization string i= n > bytes. >=20 > + >=20 > + @retval TRUE cSHAKE-256 context initialization succeeded. >=20 > + @retval FALSE cSHAKE-256 context initialization failed. >=20 > + @retval FALSE This interface is not supported. >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CShake256Init ( >=20 > + OUT VOID *CShake256Context, >=20 > + IN UINTN OutputLen, >=20 > + IN CONST VOID *Name, >=20 > + IN UINTN NameLen, >=20 > + IN CONST VOID *Customization, >=20 > + IN UINTN CustomizationLen >=20 > + ) >=20 > +{ >=20 > + BOOLEAN Status; >=20 > + UINT8 EncBuf[sizeof (UINTN) + 1]; >=20 > + UINTN EncLen; >=20 > + UINTN AbsorbLen; >=20 > + UINTN PadLen; >=20 > + >=20 > + // >=20 > + // Check input parameters. >=20 > + // >=20 > + if ((CShake256Context =3D=3D NULL) || (OutputLen =3D=3D 0) || ((NameLe= n !=3D 0) && > (Name =3D=3D NULL)) || ((CustomizationLen !=3D 0) && (Customization =3D= =3D NULL))) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + // >=20 > + // Initialize KECCAK context with pad value and block size. >=20 > + // >=20 > + if ((NameLen =3D=3D 0) && (CustomizationLen =3D=3D 0)) { >=20 > + // >=20 > + // When N and S are both empty strings, cSHAKE(X, L, N, S) is equiva= lent to >=20 > + // SHAKE as defined in FIPS 202. >=20 > + // >=20 > + Status =3D (BOOLEAN)KeccakInit ( >=20 > + (Keccak1600_Ctx *)CShake256Context, >=20 > + '\x1f', >=20 > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH = * 2) / 8, >=20 > + OutputLen >=20 > + ); >=20 > + >=20 > + return Status; >=20 > + } else { >=20 > + Status =3D (BOOLEAN)KeccakInit ( >=20 > + (Keccak1600_Ctx *)CShake256Context, >=20 > + '\x04', >=20 > + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH = * 2) / 8, >=20 > + OutputLen >=20 > + ); >=20 > + if (!Status) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + AbsorbLen =3D 0; >=20 > + // >=20 > + // Absorb Absorb bytepad(.., rate). >=20 > + // >=20 > + EncLen =3D LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES); >=20 > + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, > EncBuf, EncLen); >=20 > + if (!Status) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + AbsorbLen +=3D EncLen; >=20 > + >=20 > + // >=20 > + // Absorb encode_string(N). >=20 > + // >=20 > + EncLen =3D LeftEncode (EncBuf, NameLen * 8); >=20 > + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, > EncBuf, EncLen); >=20 > + if (!Status) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + AbsorbLen +=3D EncLen; >=20 > + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Conte= xt, > Name, NameLen); >=20 > + if (!Status) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + AbsorbLen +=3D NameLen; >=20 > + >=20 > + // >=20 > + // Absorb encode_string(S). >=20 > + // >=20 > + EncLen =3D LeftEncode (EncBuf, CustomizationLen * 8); >=20 > + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, > EncBuf, EncLen); >=20 > + if (!Status) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + AbsorbLen +=3D EncLen; >=20 > + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Conte= xt, > Customization, CustomizationLen); >=20 > + if (!Status) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + AbsorbLen +=3D CustomizationLen; >=20 > + >=20 > + // >=20 > + // Absorb zero padding up to rate. >=20 > + // >=20 > + PadLen =3D CSHAKE256_RATE_IN_BYTES - AbsorbLen % > CSHAKE256_RATE_IN_BYTES; >=20 > + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, > mZeroPadding, PadLen); >=20 > + if (!Status) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + return TRUE; >=20 > + } >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates cSHAKE-256 context. >=20 > + >=20 > + This function performs cSHAKE-256 digest on a data buffer of the speci= fied > size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + cSHAKE-256 context should be already correctly initialized by CShake25= 6Init(), > and should not be finalized >=20 > + by CShake256Final(). Behavior with invalid context is undefined. >=20 > + >=20 > + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context. >=20 > + @param[in] Data Pointer to the buffer containing t= he data to be > hashed. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE cSHAKE-256 data digest succeeded. >=20 > + @retval FALSE cSHAKE-256 data digest failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CShake256Update ( >=20 > + IN OUT VOID *CShake256Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + // >=20 > + // Check input parameters. >=20 > + // >=20 > + if (CShake256Context =3D=3D NULL) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + // >=20 > + // Check invalid parameters, in case that only DataLength was checked = in > OpenSSL. >=20 > + // >=20 > + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context, Data, > DataSize)); >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the cSHAKE-256 digest value. >=20 > + >=20 > + This function completes cSHAKE-256 hash computation and retrieves the > digest value into >=20 > + the specified memory. After this function has been called, the cSHAKE-= 256 > context cannot >=20 > + be used again. >=20 > + cSHAKE-256 context should be already correctly initialized by CShake25= 6Init(), > and should not be >=20 > + finalized by CShake256Final(). Behavior with invalid cSHAKE-256 contex= t is > undefined. >=20 > + >=20 > + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context. >=20 > + @param[out] HashValue Pointer to a buffer that receives t= he cSHAKE- > 256 digest >=20 > + value. >=20 > + >=20 > + @retval TRUE cSHAKE-256 digest computation succeeded. >=20 > + @retval FALSE cSHAKE-256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CShake256Final ( >=20 > + IN OUT VOID *CShake256Context, >=20 > + OUT UINT8 *HashValue >=20 > + ) >=20 > +{ >=20 > + // >=20 > + // Check input parameters. >=20 > + // >=20 > + if ((CShake256Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + // >=20 > + // cSHAKE-256 Hash Finalization. >=20 > + // >=20 > + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context, > HashValue)); >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the CSHAKE-256 message digest of a input data buffer. >=20 > + >=20 > + This function performs the CSHAKE-256 message digest of a given data b= uffer, > and places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the d= ata to be > hashed. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] OutputLen Size of output in bytes. >=20 > + @param[in] Name Pointer to the function name string. >=20 > + @param[in] NameLen Size of the function name in bytes. >=20 > + @param[in] Customization Pointer to the customization string. >=20 > + @param[in] CustomizationLen Size of the customization string in by= tes. >=20 > + @param[out] HashValue Pointer to a buffer that receives the = CSHAKE- > 256 digest >=20 > + value. >=20 > + >=20 > + @retval TRUE CSHAKE-256 digest computation succeeded. >=20 > + @retval FALSE CSHAKE-256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CShake256HashAll ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN UINTN OutputLen, >=20 > + IN CONST VOID *Name, >=20 > + IN UINTN NameLen, >=20 > + IN CONST VOID *Customization, >=20 > + IN UINTN CustomizationLen, >=20 > + OUT UINT8 *HashValue >=20 > + ) >=20 > +{ >=20 > + BOOLEAN Status; >=20 > + Keccak1600_Ctx Ctx; >=20 > + >=20 > + // >=20 > + // Check input parameters. >=20 > + // >=20 > + if (HashValue =3D=3D NULL) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + Status =3D CShake256Init (&Ctx, OutputLen, Name, NameLen, Customizatio= n, > CustomizationLen); >=20 > + if (!Status) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + Status =3D CShake256Update (&Ctx, Data, DataSize); >=20 > + if (!Status) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + return CShake256Final (&Ctx, HashValue); >=20 > +} >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c > new file mode 100644 > index 000000000000..825cc8ea6b20 > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptParallelHash.c > @@ -0,0 +1,350 @@ > +/** @file >=20 > + ParallelHash Implementation. >=20 > + >=20 > +Copyright (c) 2022, Intel Corporation. All rights reserved.
>=20 > +SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#include "InternalCryptLib.h" >=20 > +#include >=20 > +#include >=20 > + >=20 > +#define PARALLELHASH_CUSTOMIZATION "ParallelHash" >=20 > + >=20 > +UINTN mBlockNum; >=20 > +UINTN mBlockSize; >=20 > +UINTN mLastBlockSize; >=20 > +UINT8 *mInput; >=20 > +UINTN mBlockResultSize; >=20 > +UINT8 *mBlockHashResult; >=20 > +BOOLEAN *mBlockIsCompleted; >=20 > +SPIN_LOCK *mSpinLockList; >=20 > + >=20 > +/** >=20 > + Encode function from XKCP. >=20 > + >=20 > + Encodes the input as a byte string in a way that can be unambiguously = parsed >=20 > + from the beginning of the string by inserting the length of the byte s= tring >=20 > + before the byte string representation of input. >=20 > + >=20 > + @param[out] EncBuf Result of left encode. >=20 > + @param[in] Value Input of left encode. >=20 > + >=20 > + @retval EncLen Size of encode result in bytes. >=20 > +**/ >=20 > +UINTN >=20 > +EFIAPI >=20 > +LeftEncode ( >=20 > + OUT UINT8 *EncBuf, >=20 > + IN UINTN Value >=20 > + ); >=20 > + >=20 > +/** >=20 > + Encode function from XKCP. >=20 > + >=20 > + Encodes the input as a byte string in a way that can be unambiguously = parsed >=20 > + from the end of the string by inserting the length of the byte string = after >=20 > + the byte string representation of input. >=20 > + >=20 > + @param[out] EncBuf Result of right encode. >=20 > + @param[in] Value Input of right encode. >=20 > + >=20 > + @retval EncLen Size of encode result in bytes. >=20 > +**/ >=20 > +UINTN >=20 > +EFIAPI >=20 > +RightEncode ( >=20 > + OUT UINT8 *EncBuf, >=20 > + IN UINTN Value >=20 > + ); >=20 > + >=20 > +/** >=20 > + Computes the CSHAKE-256 message digest of a input data buffer. >=20 > + >=20 > + This function performs the CSHAKE-256 message digest of a given data b= uffer, > and places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the d= ata to be > hashed. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] OutputLen Size of output in bytes. >=20 > + @param[in] Name Pointer to the function name string. >=20 > + @param[in] NameLen Size of the function name in bytes. >=20 > + @param[in] Customization Pointer to the customization string. >=20 > + @param[in] CustomizationLen Size of the customization string in by= tes. >=20 > + @param[out] HashValue Pointer to a buffer that receives the = CSHAKE- > 256 digest >=20 > + value. >=20 > + >=20 > + @retval TRUE CSHAKE-256 digest computation succeeded. >=20 > + @retval FALSE CSHAKE-256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CShake256HashAll ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN UINTN OutputLen, >=20 > + IN CONST VOID *Name, >=20 > + IN UINTN NameLen, >=20 > + IN CONST VOID *Customization, >=20 > + IN UINTN CustomizationLen, >=20 > + OUT UINT8 *HashValue >=20 > + ); >=20 > + >=20 > +/** >=20 > + Complete computation of digest of each block. >=20 > + >=20 > + Each AP perform the function called by BSP. >=20 > + >=20 > + @param[in] ProcedureArgument Argument of the procedure. >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +ParallelHashApExecute ( >=20 > + IN VOID *ProcedureArgument >=20 > + ) >=20 > +{ >=20 > + UINTN Index; >=20 > + BOOLEAN Status; >=20 > + >=20 > + for (Index =3D 0; Index < mBlockNum; Index++) { >=20 > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) { >=20 > + // >=20 > + // Completed, try next one. >=20 > + // >=20 > + if (mBlockIsCompleted[Index]) { >=20 > + ReleaseSpinLock (&mSpinLockList[Index]); >=20 > + continue; >=20 > + } >=20 > + >=20 > + // >=20 > + // Calculate CShake256 for this block. >=20 > + // >=20 > + Status =3D CShake256HashAll ( >=20 > + mInput + Index * mBlockSize, >=20 > + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSize : mBloc= kSize, >=20 > + mBlockResultSize, >=20 > + NULL, >=20 > + 0, >=20 > + NULL, >=20 > + 0, >=20 > + mBlockHashResult + Index * mBlockResultSize >=20 > + ); >=20 > + if (!EFI_ERROR (Status)) { >=20 > + mBlockIsCompleted[Index] =3D TRUE; >=20 > + } >=20 > + >=20 > + ReleaseSpinLock (&mSpinLockList[Index]); >=20 > + } >=20 > + } >=20 > +} >=20 > + >=20 > +/** >=20 > + Dispatch the block task to each AP in SMM mode. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +MmDispatchBlockToAP ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + UINTN Index; >=20 > + >=20 > + for (Index =3D 0; Index < gMmst->NumberOfCpus; Index++) { >=20 > + if (Index !=3D gMmst->CurrentlyExecutingCpu) { >=20 > + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL); >=20 > + } >=20 > + } >=20 > + >=20 > + return; >=20 > +} >=20 > + >=20 > +/** >=20 > + Parallel hash function ParallelHash256, as defined in NIST's Special P= ublication > 800-185, >=20 > + published December 2016. >=20 > + >=20 > + @param[in] Input Pointer to the input message (X). >=20 > + @param[in] InputByteLen The number(>0) of input bytes provided f= or the > input data. >=20 > + @param[in] BlockSize The size of each block (B). >=20 > + @param[out] Output Pointer to the output buffer. >=20 > + @param[in] OutputByteLen The desired number of output bytes (L). >=20 > + @param[in] Customization Pointer to the customization string (S). >=20 > + @param[in] CustomByteLen The length of the customization string i= n bytes. >=20 > + >=20 > + @retval TRUE ParallelHash256 digest computation succeeded. >=20 > + @retval FALSE ParallelHash256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +ParallelHash256HashAll ( >=20 > + IN CONST VOID *Input, >=20 > + IN UINTN InputByteLen, >=20 > + IN UINTN BlockSize, >=20 > + OUT VOID *Output, >=20 > + IN UINTN OutputByteLen, >=20 > + IN CONST VOID *Customization, >=20 > + IN UINTN CustomByteLen >=20 > + ) >=20 > +{ >=20 > + UINT8 EncBufB[sizeof (UINTN)+1]; >=20 > + UINTN EncSizeB; >=20 > + UINT8 EncBufN[sizeof (UINTN)+1]; >=20 > + UINTN EncSizeN; >=20 > + UINT8 EncBufL[sizeof (UINTN)+1]; >=20 > + UINTN EncSizeL; >=20 > + UINTN Index; >=20 > + UINT8 *CombinedInput; >=20 > + UINTN CombinedInputSize; >=20 > + BOOLEAN AllCompleted; >=20 > + UINTN Offset; >=20 > + BOOLEAN ReturnValue; >=20 > + >=20 > + if ((InputByteLen =3D=3D 0) || (OutputByteLen =3D=3D 0) || (BlockSize = =3D=3D 0)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + if ((Input =3D=3D NULL) || (Output =3D=3D NULL)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + if ((CustomByteLen !=3D 0) && (Customization =3D=3D NULL)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + mBlockSize =3D BlockSize; >=20 > + >=20 > + // >=20 > + // Calculate block number n. >=20 > + // >=20 > + mBlockNum =3D InputByteLen % mBlockSize =3D=3D 0 ? InputByteLen / mBlo= ckSize : > InputByteLen / mBlockSize + 1; >=20 > + >=20 > + // >=20 > + // Set hash result size of each block in bytes. >=20 > + // >=20 > + mBlockResultSize =3D OutputByteLen; >=20 > + >=20 > + // >=20 > + // Encode B, n, L to string and record size. >=20 > + // >=20 > + EncSizeB =3D LeftEncode (EncBufB, mBlockSize); >=20 > + EncSizeN =3D RightEncode (EncBufN, mBlockNum); >=20 > + EncSizeL =3D RightEncode (EncBufL, OutputByteLen * CHAR_BIT); >=20 > + >=20 > + // >=20 > + // Allocate buffer for combined input (newX), Block completed flag and > SpinLock. >=20 > + // >=20 > + CombinedInputSize =3D EncSizeB + EncSizeN + EncSizeL + mBlockNum * > mBlockResultSize; >=20 > + CombinedInput =3D AllocateZeroPool (CombinedInputSize); >=20 > + mBlockIsCompleted =3D AllocateZeroPool (mBlockNum * sizeof (BOOLEAN)); >=20 > + mSpinLockList =3D AllocatePool (mBlockNum * sizeof (SPIN_LOCK)); >=20 > + if ((CombinedInput =3D=3D NULL) || (mBlockIsCompleted =3D=3D NULL) || > (mSpinLockList =3D=3D NULL)) { >=20 > + ReturnValue =3D FALSE; >=20 > + goto Exit; >=20 > + } >=20 > + >=20 > + // >=20 > + // Fill LeftEncode(B). >=20 > + // >=20 > + CopyMem (CombinedInput, EncBufB, EncSizeB); >=20 > + >=20 > + // >=20 > + // Prepare for parallel hash. >=20 > + // >=20 > + mBlockHashResult =3D CombinedInput + EncSizeB; >=20 > + mInput =3D (UINT8 *)Input; >=20 > + mLastBlockSize =3D InputByteLen % mBlockSize =3D=3D 0 ? mBlockSize : > InputByteLen % mBlockSize; >=20 > + >=20 > + // >=20 > + // Initialize SpinLock for each result block. >=20 > + // >=20 > + for (Index =3D 0; Index < mBlockNum; Index++) { >=20 > + InitializeSpinLock (&mSpinLockList[Index]); >=20 > + } >=20 > + >=20 > + // >=20 > + // Dispatch blocklist to each AP. >=20 > + // >=20 > + if (gMmst !=3D NULL) { >=20 > + MmDispatchBlockToAP (); >=20 > + } >=20 > + >=20 > + // >=20 > + // Wait until all block hash completed. >=20 > + // >=20 > + do { >=20 > + AllCompleted =3D TRUE; >=20 > + for (Index =3D 0; Index < mBlockNum; Index++) { >=20 > + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) { >=20 > + if (!mBlockIsCompleted[Index]) { >=20 > + AllCompleted =3D FALSE; >=20 > + ReturnValue =3D CShake256HashAll ( >=20 > + mInput + Index * mBlockSize, >=20 > + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSi= ze : mBlockSize, >=20 > + mBlockResultSize, >=20 > + NULL, >=20 > + 0, >=20 > + NULL, >=20 > + 0, >=20 > + mBlockHashResult + Index * mBlockResultSize >=20 > + ); >=20 > + if (ReturnValue) { >=20 > + mBlockIsCompleted[Index] =3D TRUE; >=20 > + } >=20 > + >=20 > + ReleaseSpinLock (&mSpinLockList[Index]); >=20 > + break; >=20 > + } >=20 > + >=20 > + ReleaseSpinLock (&mSpinLockList[Index]); >=20 > + } else { >=20 > + AllCompleted =3D FALSE; >=20 > + break; >=20 > + } >=20 > + } >=20 > + } while (!AllCompleted); >=20 > + >=20 > + // >=20 > + // Fill LeftEncode(n). >=20 > + // >=20 > + Offset =3D EncSizeB + mBlockNum * mBlockResultSize; >=20 > + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN); >=20 > + >=20 > + // >=20 > + // Fill LeftEncode(L). >=20 > + // >=20 > + Offset +=3D EncSizeN; >=20 > + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL); >=20 > + >=20 > + ReturnValue =3D CShake256HashAll ( >=20 > + CombinedInput, >=20 > + CombinedInputSize, >=20 > + OutputByteLen, >=20 > + PARALLELHASH_CUSTOMIZATION, >=20 > + AsciiStrLen (PARALLELHASH_CUSTOMIZATION), >=20 > + Customization, >=20 > + CustomByteLen, >=20 > + Output >=20 > + ); >=20 > + >=20 > +Exit: >=20 > + ZeroMem (CombinedInput, CombinedInputSize); >=20 > + >=20 > + if (CombinedInput !=3D NULL) { >=20 > + FreePool (CombinedInput); >=20 > + } >=20 > + >=20 > + if (mSpinLockList !=3D NULL) { >=20 > + FreePool ((VOID *)mSpinLockList); >=20 > + } >=20 > + >=20 > + if (mBlockIsCompleted !=3D NULL) { >=20 > + FreePool (mBlockIsCompleted); >=20 > + } >=20 > + >=20 > + return ReturnValue; >=20 > +} >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c > new file mode 100644 > index 000000000000..1b9b61a7b629 > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptSha3.c > @@ -0,0 +1,166 @@ > +/** @file >=20 > + SHA3 realted functions from OpenSSL. >=20 > + >=20 > + Copyright (c) 2022, Intel Corporation. All rights reserved.
>=20 > + SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > + Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. >=20 > + Licensed under the OpenSSL license (the "License"). You may not use >=20 > + this file except in compliance with the License. You can obtain a cop= y >=20 > + in the file LICENSE in the source distribution or at >=20 > + https://www.openssl.org/source/license.html >=20 > +**/ >=20 > + >=20 > +#include "InternalCryptLib.h" >=20 > + >=20 > +/** >=20 > + Keccak initial fuction. >=20 > + >=20 > + Set up state with specified capacity. >=20 > + >=20 > + @param[out] Context Pointer to the context being initialized= . >=20 > + @param[in] Pad Delimited Suffix. >=20 > + @param[in] BlockSize Size of context block. >=20 > + @param[in] MessageDigestLen Size of message digest in bytes. >=20 > + >=20 > + @retval 1 Initialize successfully. >=20 > + @retval 0 Fail to initialize. >=20 > +**/ >=20 > +UINT8 >=20 > +EFIAPI >=20 > +KeccakInit ( >=20 > + OUT Keccak1600_Ctx *Context, >=20 > + IN UINT8 Pad, >=20 > + IN UINTN BlockSize, >=20 > + IN UINTN MessageDigestLen >=20 > + ) >=20 > +{ >=20 > + if (BlockSize <=3D sizeof (Context->buf)) { >=20 > + memset (Context->A, 0, sizeof (Context->A)); >=20 > + >=20 > + Context->num =3D 0; >=20 > + Context->block_size =3D BlockSize; >=20 > + Context->md_size =3D MessageDigestLen; >=20 > + Context->pad =3D Pad; >=20 > + >=20 > + return 1; >=20 > + } >=20 > + >=20 > + return 0; >=20 > +} >=20 > + >=20 > +/** >=20 > + Sha3 update fuction. >=20 > + >=20 > + This function performs Sha3 digest on a data buffer of the specified s= ize. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + >=20 > + @param[in,out] Context Pointer to the Keccak context. >=20 > + @param[in] Data Pointer to the buffer containing the data to = be hashed. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval 1 Update successfully. >=20 > +**/ >=20 > +UINT8 >=20 > +EFIAPI >=20 > +Sha3Update ( >=20 > + IN OUT Keccak1600_Ctx *Context, >=20 > + IN const VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + const UINT8 *DataCopy; >=20 > + UINTN BlockSize; >=20 > + UINTN Num; >=20 > + UINTN Rem; >=20 > + >=20 > + DataCopy =3D Data; >=20 > + BlockSize =3D (UINT8)(Context->block_size); >=20 > + >=20 > + if (DataSize =3D=3D 0) { >=20 > + return 1; >=20 > + } >=20 > + >=20 > + if ((Num =3D Context->num) !=3D 0) { >=20 > + // >=20 > + // process intermediate buffer >=20 > + // >=20 > + Rem =3D BlockSize - Num; >=20 > + >=20 > + if (DataSize < Rem) { >=20 > + memcpy (Context->buf + Num, DataCopy, DataSize); >=20 > + Context->num +=3D DataSize; >=20 > + return 1; >=20 > + } >=20 > + >=20 > + // >=20 > + // We have enough data to fill or overflow the intermediate >=20 > + // buffer. So we append |Rem| bytes and process the block, >=20 > + // leaving the rest for later processing. >=20 > + // >=20 > + memcpy (Context->buf + Num, DataCopy, Rem); >=20 > + DataCopy +=3D Rem; >=20 > + DataSize -=3D Rem; >=20 > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize); >=20 > + Context->num =3D 0; >=20 > + // Context->buf is processed, Context->num is guaranteed to be zero. >=20 > + } >=20 > + >=20 > + if (DataSize >=3D BlockSize) { >=20 > + Rem =3D SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize); >=20 > + } else { >=20 > + Rem =3D DataSize; >=20 > + } >=20 > + >=20 > + if (Rem > 0) { >=20 > + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem); >=20 > + Context->num =3D Rem; >=20 > + } >=20 > + >=20 > + return 1; >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of Sha3 message digest. >=20 > + >=20 > + This function completes sha3 hash computation and retrieves the digest= value > into >=20 > + the specified memory. After this function has been called, the keccak = context > cannot >=20 > + be used again. >=20 > + >=20 > + @param[in, out] Context Pointer to the keccak context. >=20 > + @param[out] MessageDigest Pointer to a buffer that receives the > message digest. >=20 > + >=20 > + @retval 1 Meaasge digest computation succeeded. >=20 > +**/ >=20 > +UINT8 >=20 > +EFIAPI >=20 > +Sha3Final ( >=20 > + IN OUT Keccak1600_Ctx *Context, >=20 > + OUT UINT8 *MessageDigest >=20 > + ) >=20 > +{ >=20 > + UINTN BlockSize; >=20 > + UINTN Num; >=20 > + >=20 > + BlockSize =3D Context->block_size; >=20 > + Num =3D Context->num; >=20 > + >=20 > + if (Context->md_size =3D=3D 0) { >=20 > + return 1; >=20 > + } >=20 > + >=20 > + // >=20 > + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1| >=20 > + // in which case both byte operations below are performed on >=20 > + // same byte. >=20 > + // >=20 > + memset (Context->buf + Num, 0, BlockSize - Num); >=20 > + Context->buf[Num] =3D Context->pad; >=20 > + Context->buf[BlockSize - 1] |=3D 0x80; >=20 > + >=20 > + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize); >=20 > + >=20 > + SHA3_squeeze (Context->A, MessageDigest, Context->md_size, BlockSize); >=20 > + >=20 > + return 1; >=20 > +} >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c > new file mode 100644 > index 000000000000..3058289adc40 > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLib/Hash/CryptXkcp.c > @@ -0,0 +1,107 @@ > +/** @file >=20 > + Encode realted functions from Xkcp. >=20 > + >=20 > + Copyright (c) 2022, Intel Corporation. All rights reserved.
>=20 > + SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > + Copyright 2022 The eXtended Keccak Code Package (XKCP) >=20 > + https://github.com/XKCP/XKCP >=20 > + Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gi= lles > Van Assche. >=20 > + Implementation by the designers, hereby denoted as "the implementer". >=20 > + For more information, feedback or questions, please refer to the Kecca= k > Team website: >=20 > + https://keccak.team/ >=20 > + To the extent possible under law, the implementer has waived all copyr= ight >=20 > + and related or neighboring rights to the source code in this file. >=20 > + http://creativecommons.org/publicdomain/zero/1.0/ >=20 > + >=20 > +**/ >=20 > + >=20 > +#include "InternalCryptLib.h" >=20 > + >=20 > +/** >=20 > + Encode function from XKCP. >=20 > + >=20 > + Encodes the input as a byte string in a way that can be unambiguously = parsed >=20 > + from the beginning of the string by inserting the length of the byte s= tring >=20 > + before the byte string representation of input. >=20 > + >=20 > + @param[out] EncBuf Result of left encode. >=20 > + @param[in] Value Input of left encode. >=20 > + >=20 > + @retval EncLen Size of encode result in bytes. >=20 > +**/ >=20 > +UINTN >=20 > +EFIAPI >=20 > +LeftEncode ( >=20 > + OUT UINT8 *EncBuf, >=20 > + IN UINTN Value >=20 > + ) >=20 > +{ >=20 > + UINT32 BlockNum; >=20 > + UINT32 EncLen; >=20 > + UINT32 Index; >=20 > + UINTN ValueCopy; >=20 > + >=20 > + for ( ValueCopy =3D Value, BlockNum =3D 0; ValueCopy && (BlockNum < si= zeof > (UINTN)); ++BlockNum, ValueCopy >>=3D 8 ) { >=20 > + // >=20 > + // Empty >=20 > + // >=20 > + } >=20 > + >=20 > + if (BlockNum =3D=3D 0) { >=20 > + BlockNum =3D 1; >=20 > + } >=20 > + >=20 > + for (Index =3D 1; Index <=3D BlockNum; ++Index) { >=20 > + EncBuf[Index] =3D (UINT8)(Value >> (8 * (BlockNum - Index))); >=20 > + } >=20 > + >=20 > + EncBuf[0] =3D (UINT8)BlockNum; >=20 > + EncLen =3D BlockNum + 1; >=20 > + >=20 > + return EncLen; >=20 > +} >=20 > + >=20 > +/** >=20 > + Encode function from XKCP. >=20 > + >=20 > + Encodes the input as a byte string in a way that can be unambiguously = parsed >=20 > + from the end of the string by inserting the length of the byte string = after >=20 > + the byte string representation of input. >=20 > + >=20 > + @param[out] EncBuf Result of right encode. >=20 > + @param[in] Value Input of right encode. >=20 > + >=20 > + @retval EncLen Size of encode result in bytes. >=20 > +**/ >=20 > +UINTN >=20 > +EFIAPI >=20 > +RightEncode ( >=20 > + OUT UINT8 *EncBuf, >=20 > + IN UINTN Value >=20 > + ) >=20 > +{ >=20 > + UINT32 BlockNum; >=20 > + UINT32 EncLen; >=20 > + UINT32 Index; >=20 > + UINTN ValueCopy; >=20 > + >=20 > + for (ValueCopy =3D Value, BlockNum =3D 0; ValueCopy && (BlockNum < siz= eof > (UINTN)); ++BlockNum, ValueCopy >>=3D 8) { >=20 > + // >=20 > + // Empty >=20 > + // >=20 > + } >=20 > + >=20 > + if (BlockNum =3D=3D 0) { >=20 > + BlockNum =3D 1; >=20 > + } >=20 > + >=20 > + for (Index =3D 1; Index <=3D BlockNum; ++Index) { >=20 > + EncBuf[Index-1] =3D (UINT8)(Value >> (8 * (BlockNum-Index))); >=20 > + } >=20 > + >=20 > + EncBuf[BlockNum] =3D (UINT8)BlockNum; >=20 > + EncLen =3D BlockNum + 1; >=20 > + >=20 > + return EncLen; >=20 > +} >=20 > diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTes= ts.c > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c > new file mode 100644 > index 000000000000..fb57e91a9f16 > --- /dev/null > +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/ParallelhashTests.c > @@ -0,0 +1,145 @@ > +/** @file >=20 > + Application for Parallelhash Function Validation. >=20 > + >=20 > +Copyright (c) 2022, Intel Corporation. All rights reserved.
>=20 > +SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#include "TestBaseCryptLib.h" >=20 > + >=20 > +// >=20 > +// Parallelhash Test Sample common parameters. >=20 > +// >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINTN OutputByteLen =3D 64; >=20 > + >=20 > +// >=20 > +// Parallelhash Test Sample #1 from NIST Special Publication 800-185. >=20 > +// >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample1[] =3D { >=20 > + // input data of sample1. >=20 > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x10, 0x11, 0x12, 0x13= , 0x14, > 0x15, 0x16, 0x17, >=20 > + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27 >=20 > +}; >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample1ByteLen =3D 24; > // Length of sample1 input data in bytes. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample1 > =3D ""; // Customization string (S) of sample1. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample1ByteLen =3D 0; > // Customization string length of sample1 in bytes. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample1 =3D 8; > // Block size of sample1. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample1[] > =3D { >=20 > + // Expected output data of sample1. >=20 > + 0xbc, 0x1e, 0xf1, 0x24, 0xda, 0x34, 0x49, 0x5e, 0x94, 0x8e, 0xad, 0x20= , 0x7d, > 0xd9, 0x84, 0x22, >=20 > + 0x35, 0xda, 0x43, 0x2d, 0x2b, 0xbc, 0x54, 0xb4, 0xc1, 0x10, 0xe6, 0x4c= , 0x45, > 0x11, 0x05, 0x53, >=20 > + 0x1b, 0x7f, 0x2a, 0x3e, 0x0c, 0xe0, 0x55, 0xc0, 0x28, 0x05, 0xe7, 0xc2= , 0xde, > 0x1f, 0xb7, 0x46, >=20 > + 0xaf, 0x97, 0xa1, 0xd0, 0x01, 0xf4, 0x3b, 0x82, 0x4e, 0x31, 0xb8, 0x76= , 0x12, > 0x41, 0x04, 0x29 >=20 > +}; >=20 > + >=20 > +// >=20 > +// Parallelhash Test Sample #2 from NIST Special Publication 800-185. >=20 > +// >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 *InputSample2 =3D > InputSample1; // Input of sample2 is same as sample1. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample2ByteLen =3D 24; > // Length of sample2 input data in bytes. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample2 > =3D "Parallel Data"; // Customization string (S) of sample2. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample2ByteLen =3D > 13; // Customization string length of sample2 in = bytes. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample2 =3D 8; > // Block size of sample2. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample2[] > =3D { >=20 > + // Expected output data of sample2. >=20 > + 0xcd, 0xf1, 0x52, 0x89, 0xb5, 0x4f, 0x62, 0x12, 0xb4, 0xbc, 0x27, 0x05= , 0x28, > 0xb4, 0x95, 0x26, >=20 > + 0x00, 0x6d, 0xd9, 0xb5, 0x4e, 0x2b, 0x6a, 0xdd, 0x1e, 0xf6, 0x90, 0x0d= , 0xda, > 0x39, 0x63, 0xbb, >=20 > + 0x33, 0xa7, 0x24, 0x91, 0xf2, 0x36, 0x96, 0x9c, 0xa8, 0xaf, 0xae, 0xa2= , 0x9c, > 0x68, 0x2d, 0x47, >=20 > + 0xa3, 0x93, 0xc0, 0x65, 0xb3, 0x8e, 0x29, 0xfa, 0xe6, 0x51, 0xa2, 0x09= , 0x1c, > 0x83, 0x31, 0x10 >=20 > +}; >=20 > + >=20 > +// >=20 > +// Parallelhash Test Sample #3 from NIST Special Publication 800-185. >=20 > +// >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 InputSample3[] =3D { >=20 > + // input data of sample3. >=20 > + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b= , 0x10, > 0x11, 0x12, 0x13, >=20 > + 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x20, 0x21, 0x22, 0x23= , 0x24, > 0x25, 0x26, 0x27, >=20 > + 0x28, 0x29, 0x2a, 0x2b, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37= , 0x38, > 0x39, 0x3a, 0x3b, >=20 > + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4a, 0x4b= , 0x50, > 0x51, 0x52, 0x53, >=20 > + 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b >=20 > +}; >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN InputSample3ByteLen =3D 72; > // Length of sample3 input data in bytes. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST VOID *CustomizationSample3 > =3D "Parallel Data"; // Customization string (S) of sample3. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN CustomSample3ByteLen =3D > 13; // Customization string length of sample3 in = bytes. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED UINTN BlockSizeSample3 =3D 12; > // Block size of sample3. >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 ExpectOutputSample3[] > =3D { >=20 > + // Expected output data of sample3. >=20 > + 0x69, 0xd0, 0xfc, 0xb7, 0x64, 0xea, 0x05, 0x5d, 0xd0, 0x93, 0x34, 0xbc= , 0x60, > 0x21, 0xcb, 0x7e, >=20 > + 0x4b, 0x61, 0x34, 0x8d, 0xff, 0x37, 0x5d, 0xa2, 0x62, 0x67, 0x1c, 0xde= , 0xc3, > 0xef, 0xfa, 0x8d, >=20 > + 0x1b, 0x45, 0x68, 0xa6, 0xcc, 0xe1, 0x6b, 0x1c, 0xad, 0x94, 0x6d, 0xdd= , 0xe2, > 0x7f, 0x6c, 0xe2, >=20 > + 0xb8, 0xde, 0xe4, 0xcd, 0x1b, 0x24, 0x85, 0x1e, 0xbf, 0x00, 0xeb, 0x90= , 0xd4, > 0x38, 0x13, 0xe9 >=20 > +}; >=20 > + >=20 > +UNIT_TEST_STATUS >=20 > +EFIAPI >=20 > +TestVerifyParallelHash256HashAll ( >=20 > + IN UNIT_TEST_CONTEXT Context >=20 > + ) >=20 > +{ >=20 > + BOOLEAN Status; >=20 > + UINT8 Output[64]; >=20 > + >=20 > + // >=20 > + // Test #1 using sample1. >=20 > + // >=20 > + Status =3D ParallelHash256HashAll ( >=20 > + InputSample1, >=20 > + InputSample1ByteLen, >=20 > + BlockSizeSample1, >=20 > + Output, >=20 > + OutputByteLen, >=20 > + CustomizationSample1, >=20 > + CustomSample1ByteLen >=20 > + ); >=20 > + UT_ASSERT_TRUE (Status); >=20 > + >=20 > + // Check the output with the expected output. >=20 > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample1, OutputByteLen); >=20 > + >=20 > + // >=20 > + // Test #2 using sample2. >=20 > + // >=20 > + Status =3D ParallelHash256HashAll ( >=20 > + InputSample2, >=20 > + InputSample2ByteLen, >=20 > + BlockSizeSample2, >=20 > + Output, >=20 > + OutputByteLen, >=20 > + CustomizationSample2, >=20 > + CustomSample2ByteLen >=20 > + ); >=20 > + UT_ASSERT_TRUE (Status); >=20 > + >=20 > + // Check the output with the expected output. >=20 > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample2, OutputByteLen); >=20 > + >=20 > + // >=20 > + // Test #3 using sample3. >=20 > + // >=20 > + Status =3D ParallelHash256HashAll ( >=20 > + InputSample3, >=20 > + InputSample3ByteLen, >=20 > + BlockSizeSample3, >=20 > + Output, >=20 > + OutputByteLen, >=20 > + CustomizationSample3, >=20 > + CustomSample3ByteLen >=20 > + ); >=20 > + UT_ASSERT_TRUE (Status); >=20 > + >=20 > + // Check the output with the expected output. >=20 > + UT_ASSERT_MEM_EQUAL (Output, ExpectOutputSample3, OutputByteLen); >=20 > + >=20 > + return EFI_SUCCESS; >=20 > +} >=20 > + >=20 > +TEST_DESC mParallelhashTest[] =3D { >=20 > + // >=20 > + // -----Description------------------------------Class----------------= ------Function---- > -------------Pre---Post--Context >=20 > + // >=20 > + { "TestVerifyParallelHash256HashAll()", > "CryptoPkg.BaseCryptLib.ParallelHash256HashAll", > TestVerifyParallelHash256HashAll, NULL, NULL, NULL }, >=20 > +}; >=20 > + >=20 > +UINTN mParallelhashTestNum =3D ARRAY_SIZE (mParallelhashTest); >=20 > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h > b/CryptoPkg/Include/Library/BaseCryptLib.h > index f4bc7c0d73d9..7d1499350a49 100644 > --- a/CryptoPkg/Include/Library/BaseCryptLib.h > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h > @@ -4,7 +4,7 @@ > primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI sec= urity >=20 > functionality enabling. >=20 >=20 >=20 > -Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
>=20 > +Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.
>=20 > SPDX-License-Identifier: BSD-2-Clause-Patent >=20 >=20 >=20 > **/ >=20 > @@ -753,6 +753,35 @@ Sha512HashAll ( > OUT UINT8 *HashValue >=20 > ); >=20 >=20 >=20 > +/** >=20 > + Parallel hash function ParallelHash256, as defined in NIST's Special P= ublication > 800-185, >=20 > + published December 2016. >=20 > + >=20 > + @param[in] Input Pointer to the input message (X). >=20 > + @param[in] InputByteLen The number(>0) of input bytes provided f= or the > input data. >=20 > + @param[in] BlockSize The size of each block (B). >=20 > + @param[out] Output Pointer to the output buffer. >=20 > + @param[in] OutputByteLen The desired number of output bytes (L). >=20 > + @param[in] Customization Pointer to the customization string (S). >=20 > + @param[in] CustomByteLen The length of the customization string i= n bytes. >=20 > + >=20 > + @retval TRUE ParallelHash256 digest computation succeeded. >=20 > + @retval FALSE ParallelHash256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +ParallelHash256HashAll ( >=20 > + IN CONST VOID *Input, >=20 > + IN UINTN InputByteLen, >=20 > + IN UINTN BlockSize, >=20 > + OUT VOID *Output, >=20 > + IN UINTN OutputByteLen, >=20 > + IN CONST VOID *Customization, >=20 > + IN UINTN CustomByteLen >=20 > + ); >=20 > + >=20 > /** >=20 > Retrieves the size, in bytes, of the context buffer required for SM3 h= ash > operations. >=20 >=20 >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > index e6470d7a2127..8f39517f78b7 100644 > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > @@ -10,7 +10,7 @@ > # RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hell= man > functions, and >=20 > # authenticode signature verification functions are not supported in th= is > instance. >=20 > # >=20 > -# Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved. >=20 > +# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved. >=20 > # SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > # >=20 > ## >=20 > @@ -38,6 +38,10 @@ > Hash/CryptSha256.c >=20 > Hash/CryptSm3.c >=20 > Hash/CryptSha512.c >=20 > + Hash/CryptSha3.c >=20 > + Hash/CryptXkcp.c >=20 > + Hash/CryptCShake256.c >=20 > + Hash/CryptParallelHash.c >=20 > Hmac/CryptHmacSha256.c >=20 > Kdf/CryptHkdfNull.c >=20 > Cipher/CryptAes.c >=20 > @@ -85,6 +89,8 @@ > OpensslLib >=20 > IntrinsicLib >=20 > PrintLib >=20 > + MmServicesTableLib >=20 > + SynchronizationLib >=20 >=20 >=20 > # >=20 > # Remove these [BuildOptions] after this library is cleaned up >=20 > diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h > b/CryptoPkg/Library/Include/CrtLibSupport.h > index d257dca8fa9b..3471f7429206 100644 > --- a/CryptoPkg/Library/Include/CrtLibSupport.h > +++ b/CryptoPkg/Library/Include/CrtLibSupport.h > @@ -2,9 +2,14 @@ > Root include file of C runtime library to support building the third-p= arty >=20 > cryptographic library. >=20 >=20 >=20 > -Copyright (c) 2010 - 2021, Intel Corporation. All rights reserved.
>=20 > +Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.
>=20 > Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All right= s > reserved.
>=20 > SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > +Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved. >=20 > +Licensed under the OpenSSL license (the "License"). You may not use >=20 > +this file except in compliance with the License. You can obtain a copy >=20 > +in the file LICENSE in the source distribution or at >=20 > +https://www.openssl.org/source/license.html >=20 >=20 >=20 > **/ >=20 >=20 >=20 > @@ -21,6 +26,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent >=20 >=20 > #define MAX_STRING_SIZE 0x1000 >=20 >=20 >=20 > +#define KECCAK1600_WIDTH 1600 >=20 > + >=20 > // >=20 > // We already have "no-ui" in out Configure invocation. >=20 > // but the code still fails to compile. >=20 > @@ -111,6 +118,7 @@ typedef UINT8 u_char; > typedef UINT32 uid_t; >=20 > typedef UINT32 gid_t; >=20 > typedef CHAR16 wchar_t; >=20 > +typedef UINT64 uint64_t; >=20 >=20 >=20 > // >=20 > // File operations are not required for EFI building, >=20 > @@ -118,6 +126,18 @@ typedef CHAR16 wchar_t; > // >=20 > typedef VOID *FILE; >=20 >=20 >=20 > +// >=20 > +// This struct referring to m_sha3.c from opessl and modified its type n= ame. >=20 > +// >=20 > +typedef struct { >=20 > + uint64_t A[5][5]; >=20 > + size_t block_size; /* cached ctx->digest->block_size */ >=20 > + size_t md_size; /* output length, variable in XOF */ >=20 > + size_t num; /* used bytes in below buffer */ >=20 > + unsigned char buf[KECCAK1600_WIDTH / 8 - 32]; >=20 > + unsigned char pad; >=20 > +} Keccak1600_Ctx; >=20 > + >=20 > // >=20 > // Structures Definitions >=20 > // >=20 > @@ -371,6 +391,22 @@ secure_getenv ( > const char * >=20 > ); >=20 >=20 >=20 > +size_t >=20 > +SHA3_absorb ( >=20 > + uint64_t A[5][5], >=20 > + const unsigned char *inp, >=20 > + size_t len, >=20 > + size_t r >=20 > + ); >=20 > + >=20 > +void >=20 > +SHA3_squeeze ( >=20 > + uint64_t A[5][5], >=20 > + unsigned char *out, >=20 > + size_t len, >=20 > + size_t r >=20 > + ); >=20 > + >=20 > #if defined (__GNUC__) && (__GNUC__ >=3D 2) >=20 > void >=20 > abort ( >=20 > diff --git a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc > b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc > index ff0af36bcc80..ba6e1edb6015 100644 > --- a/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc > +++ b/CryptoPkg/Test/CryptoPkgHostUnitTest.dsc > @@ -21,6 +21,9 @@ > [LibraryClasses] >=20 > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf >=20 > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.i= nf >=20 > + > MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib > .inf >=20 > + > SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizat= i > onLib.inf >=20 > + > TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplat > e.inf >=20 >=20 >=20 > [LibraryClasses.AARCH64, LibraryClasses.ARM] >=20 > RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf >=20 > diff --git > a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf > index 00c869265080..399db596c2d1 100644 > --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.i= nf > +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.i= nf > @@ -2,6 +2,7 @@ > # Host-based UnitTest for BaseCryptLib >=20 > # >=20 > # Copyright (c) Microsoft Corporation.
>=20 > +# Copyright (c) 2022, Intel Corporation. All rights reserved.
>=20 > # SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > ## >=20 >=20 >=20 > @@ -35,6 +36,7 @@ > Pkcs7EkuTests.c >=20 > OaepEncryptTests.c >=20 > RsaPssTests.c >=20 > + ParallelhashTests.c >=20 >=20 >=20 > [Packages] >=20 > MdePkg/MdePkg.dec >=20 > @@ -45,3 +47,5 @@ > DebugLib >=20 > BaseCryptLib >=20 > UnitTestLib >=20 > + MmServicesTableLib >=20 > + SynchronizationLib >=20 > -- > 2.26.2.windows.1