From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id EFEDF941218 for ; Wed, 24 Apr 2024 08:27:30 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=0yBD0J2Ihi3l03lm+30+ekqxC/mFMFqgMiMzkw/vPmE=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type; s=20240206; t=1713947249; v=1; b=s0KC9iXr04bLAq1CpjTHbIt9MwnYV6rqFV9Gk/5vtuJITcxnLulvcif7mko4indwZT25v6TF jHfJuN7JH4hZUQALfne354DzbkS2OAxbZ0fGrPGivhrTz69mnQfZhZvNxl6fLstnEGpcPhMsY07 7ACge2OvI2/SJOEdp8hTAf+UE7+xW41p3fzggyDQ9riyVcgnbwOlzRIa/tENwongK65nv2KCyEB jDG3ISBRQv9v3L481/XVndnZytQppM2Ju1h9R72VJ7AEhd2DU1t8KYyxZQKBMKTYKoMs7kVXceT +kx4ZdgLhIW6bQtU7GBB4Uc6SrnRRs2lzixYqj7wt8SvA== X-Received: by 127.0.0.2 with SMTP id lJYqYY7687511xspJ3ebV2VZ; Wed, 24 Apr 2024 01:27:29 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.19]) by mx.groups.io with SMTP id smtpd.web11.11562.1713947247822690117 for ; Wed, 24 Apr 2024 01:27:27 -0700 X-CSE-ConnectionGUID: 2PYFOLq4QKq/w0xB5Sy7TA== X-CSE-MsgGUID: cPj2U6Q1S1uaFDxsxBN7Wg== X-IronPort-AV: E=McAfee;i="6600,9927,11053"; a="9436488" X-IronPort-AV: E=Sophos;i="6.07,225,1708416000"; d="scan'208";a="9436488" X-Received: from orviesa004.jf.intel.com ([10.64.159.144]) by orvoesa111.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Apr 2024 01:27:26 -0700 X-CSE-ConnectionGUID: 5fUIi+VlQn+zeUh9d3WSWw== X-CSE-MsgGUID: yWp2I5g/S+mBHeuoA9tPkQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,225,1708416000"; d="scan'208";a="29454311" X-Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orviesa004.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 24 Apr 2024 01:27:26 -0700 X-Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 24 Apr 2024 01:27:25 -0700 X-Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Wed, 24 Apr 2024 01:27:25 -0700 X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.100) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 24 Apr 2024 01:27:25 -0700 X-Received: from PH0PR11MB5046.namprd11.prod.outlook.com (2603:10b6:510:3b::20) by IA0PR11MB7953.namprd11.prod.outlook.com (2603:10b6:208:40d::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.30; Wed, 24 Apr 2024 08:27:21 +0000 X-Received: from PH0PR11MB5046.namprd11.prod.outlook.com ([fe80::c253:f1ee:bfd7:6991]) by PH0PR11MB5046.namprd11.prod.outlook.com ([fe80::c253:f1ee:bfd7:6991%6]) with mapi id 15.20.7519.021; Wed, 24 Apr 2024 08:27:21 +0000 From: "Wenxing Hou" To: "Li, Yi1" , "devel@edk2.groups.io" CC: "Yao, Jiewen" Subject: Re: [edk2-devel] [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls Thread-Topic: [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls Thread-Index: AQHalFUsI+WtdIZyqE66XVN7RQDmhLFz5o/wgAMy0RA= Date: Wed, 24 Apr 2024 08:27:21 +0000 Message-ID: References: <20240422013356.1147-1-wenxing.hou@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PH0PR11MB5046:EE_|IA0PR11MB7953:EE_ x-ms-office365-filtering-correlation-id: a2cf781e-3d24-4518-d016-08dc64385cc0 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: =?us-ascii?Q?/hm/B0d+W6lYHx76X4ZqBg4ftjlveb3zmss++uyGy7LB9FwKnlMBdz2C8N3C?= =?us-ascii?Q?3SoLE4gl2SZcJB24eZeVbEjgP6F4tDTyLdKj59RPrzN7xyPABAlpfh+884Pz?= =?us-ascii?Q?a2aXfJk78jvXy5mO2NgaAT8j74Q2KtvIu7CSf4q2kHdpmOt/WkN6Y5hOJXnW?= =?us-ascii?Q?FNeT0JcK3xrj5OBKEw+ZLm7k+tT9nVvw9LXbSGSQica76Ofudv8Kt4MQ2mX5?= =?us-ascii?Q?oByvTsZg21Fm1TjWWg64CcYqXL5kwvf+ewro2YA8dgbrFAN6xZzdSEZtGv4Y?= =?us-ascii?Q?S7UZgTIfb0vMG5h8ihHHbT0ZX8XwsKy16zgkGxCoFUmolq6dhZKnmtzf/mLy?= =?us-ascii?Q?SPCHd5XiswipjYEJUB9wb4IBcg3M1Sr++a6sxPksCSYfZ6TkJVbazPiCABFv?= =?us-ascii?Q?xOvvpmzjIDxzzYu98+IwVF7b8538zKhbe/cdlobAO5uqN5szWy8Ijae4jP5R?= =?us-ascii?Q?/jc3+OoJhF503Te8ooQloCLGMA5Bm6ZtKmTtU8m3GvgR4YBSeVJLyjZMQY2P?= =?us-ascii?Q?ijGQGdaBlMckoZZ46ily/BGI7C4TeUkJ/yIazDprTqgZd/NdDQLkxNWPl6ko?= =?us-ascii?Q?aCN1Ot4ACTYd9syGUzLpw0liJNwxmZLDmZGeZft1FKRcOap0eGwd8VGo5PAn?= =?us-ascii?Q?ayY0mIDascNMg+jyF0mtpVpSejySSgBP715M9grLaiyBWlwM/mYrE2pi+aN5?= =?us-ascii?Q?eNvWIUcsRCUtiiKWL2Z3nlGf0i30g1mAWHa7uZXQ9OqqOJXSI8A0MbX7SVNY?= =?us-ascii?Q?87RBtkFcapkTCp3WChwopMqAOwRcMLPuZHi1Yd7sdDEIHhX99TPHs0JSNXDx?= =?us-ascii?Q?WSq0eUgjgSLAVqQkS1BUppnqd0AMH0S98g0lIx0tQ+7wtAf9ZpiJooRtxiEU?= =?us-ascii?Q?cCbed1HWtKe1OJ1qQEaOHV1YND8t8ZBoQ7/ibDfOeWMQcl/s0aYAvtlG2eGr?= =?us-ascii?Q?QghDze07RVCi3BTYnNR0V9OD1Hm8ltZaH0Z3xyQW3iOD8up8FVwmGOtpiV4i?= =?us-ascii?Q?fM0hqii8Qz6xaLYG/bi/8ZBvKevXczxOozEuvIF4Kqe2+LQd5iit9TcoWROK?= =?us-ascii?Q?dBNzIX9SsrkhQypUpwf/9in7DGmiTm0HN3wGwpm/E55vWMiw4oU2q5vDb3n5?= =?us-ascii?Q?a3rSPYxZGcOTSN0UYl0tONUZJr7l68F4vlbJxWxTw+YnVIW9uQTCP7L8Un7E?= =?us-ascii?Q?lPQr5z5Wfry0posi55cXJLg31LwATZUkaTaX39UiX8QAIUT7OP5NLSkkbTWC?= =?us-ascii?Q?sZDG6oGGtKlqQnuH8pj8kTG1ALMW0cvtI3+/7xXJXQ=3D=3D?= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?Xlqzgz90NTT4iwpwKY6dPAj60EY6OFO5FjBjrzQzdJZT6WMj4ElXidfQMuqf?= =?us-ascii?Q?I4ESQZS5WZBpViKDvLrnQkeNCneLz1xxFhrhkoYc14TYF1uLiQ6hr5qbDy6D?= =?us-ascii?Q?oGvQCfmL24JaqvpS5v+Yf1vN7Fxgn8HcH7oUxCz7/Ia6ZSGwBVvY3j/61llC?= =?us-ascii?Q?XkEdgrQ05GY0PGleaBDUj9D9FGsdf4YIeSqDMC82TnBCM0VX4LZ8hxiOp5Fw?= =?us-ascii?Q?m1MWYQ2tnz2aQkqlq6kXjUqfLTzsDBivKxXCe/Fe8vELlN6NG2qIQHp9GCEn?= =?us-ascii?Q?Cb0IBU6ypxdg01Sb7BP6I+kTlanUzExa31PRUJYI9PLXV0rpfbbNTdVJ06CD?= =?us-ascii?Q?Y0pCBi5b1vklnWATl+QIW/DP7YHeuQTAmRQf2+b9bqETPbIL+CicR2BjiMV/?= =?us-ascii?Q?QsPuN8hNz/pJ4N17ICzPiKOlWO1Y+9gtpxAqJpYRe7cZyxMpEPfQAXAiQsUc?= =?us-ascii?Q?krvwKSy+E5YvgJ9y7BhWniwJ/++LB44YBgqWsncVT8m5j045knRBYycsu/o8?= =?us-ascii?Q?C3yW2GMg7+8o2Yi6EzDf0JUpUWXRLtLwJI9SMjW45bQykSNAk5znWpWi7Iwd?= =?us-ascii?Q?+DBcJ1dOb72k8smHsvaUfGW19NOPwssmOSvRfY7IWDn/FqtbkeWof4lK/M81?= =?us-ascii?Q?6u7ixcRJxnEFKK4anU1LSzpihcKdLhXD2Zo51FX9u3WHa2Tdn5cv2UyANEp3?= =?us-ascii?Q?egdQpldR7S+tZTH5NFQMIB1JBouj3mWPAMuZi1jnMpqGHU0zDuGHu0Uu41US?= =?us-ascii?Q?UIxxDi5dFA1PQY3/QIkay5cbtObCgEjws9EvM9faPosx73xsHo03+ql1HzDb?= =?us-ascii?Q?DMJe+GJTOBVxHybMxH428yfgNxl9za2hSetVq27ENpdJZjAstPGB79Pop2Tt?= =?us-ascii?Q?LxKwXz4mHMNUGvuEuMK5ayhezaM+H8x/pzi03QShmyhssGTIz+W1q/mN6d4I?= =?us-ascii?Q?IXh4fmnU2e8/es7noD8GMaWva+xZ/RpBqJ097qt8o6sYVipx8qwP9cUVl+xw?= =?us-ascii?Q?YyntA53zK57wn2Bn6mxnfLmAeDKH7OMRmxGVfKPVIxgchcUPo5wwE1ryPad4?= =?us-ascii?Q?9CiM0AgsmpXWMmBLjI8vFuo59djEcBj1OGcZQAJDKfa0QBB4oda96Jqq4glx?= =?us-ascii?Q?EKC5KiXad84uKr5JYPSrh+nkvDvGhBvHxOUfcNMXQIFHTo5nb2TB/TKHaBvx?= =?us-ascii?Q?YdSREeK5W7O6pV37NITUUw8gkBeZD0DlpKM+ZH8YkiGiANcFPtlreKQ3tNye?= =?us-ascii?Q?cHE0BEVjOUFzKeDPOUpZR0qI4mtLVOua233JVSK2f3Rcg9RX8lkpe3WMh+hy?= =?us-ascii?Q?CLwwP5i45SxF1m+s+GpADPm88jC+lB0Ple74H/LMEaUWeyilKES1jhrPvYFC?= =?us-ascii?Q?ZH16H7LDD88e/zywajfvYhVB8GpVACAVoI6lJ04x5ySFjcRy9jUskw76Mh5u?= =?us-ascii?Q?6at/jR0cthi4CYbpFXIItdlE8nOied17tyH7GupKycoKfzJFLkfPUA9yaGjo?= =?us-ascii?Q?ro8w7UWd1hQaQv5LTrXOMV3SPVPsZFHlRP1X+gQig69S6Y5tkDtmP5TD4R3I?= =?us-ascii?Q?0ah8+hvGeqiJGg5LiyXU4uODsupoYdP+pOizoQZa?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5046.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: a2cf781e-3d24-4518-d016-08dc64385cc0 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Apr 2024 08:27:21.6360 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: d/aBDOxTkMRTpT+rZCK+gT6/NHQGAPwRzByxUXbI7Kc5ISaAt0fdGNCpeaU1DE7w8c6k8LDfqgFfz4t+pQVELg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR11MB7953 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Wed, 24 Apr 2024 01:27:28 -0700 Resent-From: wenxing.hou@intel.com Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 1BHCmp1EJZsIUEFICB4zkbbwx7686176AA= Content-Language: en-US Content-Type: multipart/mixed; boundary="_002_PH0PR11MB5046552C35E25DF11A324D21F7102PH0PR11MB5046namp_" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=s0KC9iXr; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io --_002_PH0PR11MB5046552C35E25DF11A324D21F7102PH0PR11MB5046namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Yi, Thanks for your feedback. I have changed the code and sent the PATCH v2. Please review the PATCH v2. Thanks, Wenxing -----Original Message----- From: Li, Yi1 =20 Sent: Monday, April 22, 2024 3:43 PM To: Hou, Wenxing ; devel@edk2.groups.io Cc: Yao, Jiewen Subject: RE: [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls Adding a copy of BaseCryptLib/Sm3/Sha3 seems like a workaround to me. I prefer to use files directly from BaseCryptLib, such like: DEFINE BASE_CRYPT_PATH =3D ../BaseCryptLib [Sources] $(BASE_CRYPT_PATH)/Hash/CryptDispatchApDxe.c ... Then I think DummyOpensslSupport.c should not be needed. Regards, Yi -----Original Message----- From: Hou, Wenxing =20 Sent: Monday, April 22, 2024 9:34 AM To: devel@edk2.groups.io Cc: Yao, Jiewen ; Li, Yi1 Subject: [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3 implementaion based on Openssl. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/CryptoPkg.ci.yaml | 1 + .../BaseCryptLibMbedTls/Hash/CryptCShake256.c | 282 +++++++++ .../Hash/CryptDispatchApDxe.c | 49 ++ .../Hash/CryptDispatchApMm.c | 35 ++ .../Hash/CryptDispatchApPei.c | 54 ++ .../Hash/CryptParallelHash.c | 254 ++++++++ .../Hash/CryptParallelHash.h | 231 +++++++ .../BaseCryptLibMbedTls/Hash/CryptSha3.c | 166 +++++ .../BaseCryptLibMbedTls/Hash/CryptSm3.c | 235 +++++++ .../BaseCryptLibMbedTls/Hash/CryptXkcp.c | 107 ++++ .../SysCall/DummyOpensslSupport.c | 595 ++++++++++++++++++ CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 6 + .../Library/MbedTlsLib/MbedTlsLibFull.inf | 6 + 13 files changed, 2021 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake2= 56.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatc= hApDxe.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatc= hApMm.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatc= hApPei.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParalle= lHash.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParalle= lHash.h create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpen= sslSupport.c diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml index b601bcf85c..046cc05163 100644 --- a/CryptoPkg/CryptoPkg.ci.yaml +++ b/CryptoPkg/CryptoPkg.ci.yaml @@ -40,6 +40,7 @@ "Library/Include/CrtLibSupport.h", # This has OpenSSL interfaces that aren't UEFI spec compliant "Library/BaseCryptLib/Hash/CryptParallelHash.h", + "Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h", "Library/Include/fcntl.h", # This has Mbedtls interfaces that aren't UEFI spec compliant "Library/Include/stdint.h", diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake256.c b/= CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake256.c new file mode 100644 index 0000000000..64d8fa97c5 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake256.c @@ -0,0 +1,282 @@ +/** @file + cSHAKE-256 Digest Wrapper Implementations. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" + +#define CSHAKE256_SECURITY_STRENGTH 256 +#define CSHAKE256_RATE_IN_BYTES 136 + +CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] =3D { 0 }; + +/** + CShake256 initial function. + + Initializes user-supplied memory pointed by CShake256Context as cSHAKE-2= 56 hash context for + subsequent use. + + @param[out] CShake256Context Pointer to cSHAKE-256 context being initia= lized. + @param[in] OutputLen The desired number of output length in byt= es. + @param[in] Name Pointer to the function name string. + @param[in] NameLen The length of the function name in bytes. + @param[in] Customization Pointer to the customization string. + @param[in] CustomizationLen The length of the customization string in = bytes. + + @retval TRUE cSHAKE-256 context initialization succeeded. + @retval FALSE cSHAKE-256 context initialization failed. + @retval FALSE This interface is not supported. +**/ +BOOLEAN +EFIAPI +CShake256Init ( + OUT VOID *CShake256Context, + IN UINTN OutputLen, + IN CONST VOID *Name, + IN UINTN NameLen, + IN CONST VOID *Customization, + IN UINTN CustomizationLen + ) +{ + BOOLEAN Status; + UINT8 EncBuf[sizeof (UINTN) + 1]; + UINTN EncLen; + UINTN AbsorbLen; + UINTN PadLen; + + // + // Check input parameters. + // + if ((CShake256Context =3D=3D NULL) || (OutputLen =3D=3D 0) || ((NameLen = !=3D 0) && (Name =3D=3D NULL)) || ((CustomizationLen !=3D 0) && (Customizat= ion =3D=3D NULL))) { + return FALSE; + } + + // + // Initialize KECCAK context with pad value and block size. + // + if ((NameLen =3D=3D 0) && (CustomizationLen =3D=3D 0)) { + // + // When N and S are both empty strings, cSHAKE(X, L, N, S) is equivale= nt to + // SHAKE as defined in FIPS 202. + // + Status =3D (BOOLEAN)KeccakInit ( + (Keccak1600_Ctx *)CShake256Context, + '\x1f', + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * = 2) / 8, + OutputLen + ); + + return Status; + } else { + Status =3D (BOOLEAN)KeccakInit ( + (Keccak1600_Ctx *)CShake256Context, + '\x04', + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * = 2) / 8, + OutputLen + ); + if (!Status) { + return FALSE; + } + + AbsorbLen =3D 0; + // + // Absorb Absorb bytepad(.., rate). + // + EncLen =3D LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES); + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, En= cBuf, EncLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D EncLen; + + // + // Absorb encode_string(N). + // + EncLen =3D LeftEncode (EncBuf, NameLen * 8); + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, En= cBuf, EncLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D EncLen; + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context= , Name, NameLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D NameLen; + + // + // Absorb encode_string(S). + // + EncLen =3D LeftEncode (EncBuf, CustomizationLen * 8); + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, En= cBuf, EncLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D EncLen; + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context= , Customization, CustomizationLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D CustomizationLen; + + // + // Absorb zero padding up to rate. + // + PadLen =3D CSHAKE256_RATE_IN_BYTES - AbsorbLen % CSHAKE256_RATE_IN_BYT= ES; + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, mZ= eroPadding, PadLen); + if (!Status) { + return FALSE; + } + + return TRUE; + } +} + +/** + Digests the input data and updates cSHAKE-256 context. + + This function performs cSHAKE-256 digest on a data buffer of the specifi= ed size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + cSHAKE-256 context should be already correctly initialized by CShake256I= nit(), and should not be finalized + by CShake256Final(). Behavior with invalid context is undefined. + + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context. + @param[in] Data Pointer to the buffer containing the= data to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE cSHAKE-256 data digest succeeded. + @retval FALSE cSHAKE-256 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CShake256Update ( + IN OUT VOID *CShake256Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + // + // Check input parameters. + // + if (CShake256Context =3D=3D NULL) { + return FALSE; + } + + // + // Check invalid parameters, in case that only DataLength was checked in= OpenSSL. + // + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context, Data, D= ataSize)); +} + +/** + Completes computation of the cSHAKE-256 digest value. + + This function completes cSHAKE-256 hash computation and retrieves the di= gest value into + the specified memory. After this function has been called, the cSHAKE-25= 6 context cannot + be used again. + cSHAKE-256 context should be already correctly initialized by CShake256I= nit(), and should not be + finalized by CShake256Final(). Behavior with invalid cSHAKE-256 context = is undefined. + + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context. + @param[out] HashValue Pointer to a buffer that receives the= cSHAKE-256 digest + value. + + @retval TRUE cSHAKE-256 digest computation succeeded. + @retval FALSE cSHAKE-256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CShake256Final ( + IN OUT VOID *CShake256Context, + OUT UINT8 *HashValue + ) +{ + // + // Check input parameters. + // + if ((CShake256Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { + return FALSE; + } + + // + // cSHAKE-256 Hash Finalization. + // + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context, HashValu= e)); +} + +/** + Computes the CSHAKE-256 message digest of a input data buffer. + + This function performs the CSHAKE-256 message digest of a given data buf= fer, and places + the digest value into the specified memory. + + @param[in] Data Pointer to the buffer containing the dat= a to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] OutputLen Size of output in bytes. + @param[in] Name Pointer to the function name string. + @param[in] NameLen Size of the function name in bytes. + @param[in] Customization Pointer to the customization string. + @param[in] CustomizationLen Size of the customization string in byte= s. + @param[out] HashValue Pointer to a buffer that receives the CS= HAKE-256 digest + value. + + @retval TRUE CSHAKE-256 digest computation succeeded. + @retval FALSE CSHAKE-256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CShake256HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN UINTN OutputLen, + IN CONST VOID *Name, + IN UINTN NameLen, + IN CONST VOID *Customization, + IN UINTN CustomizationLen, + OUT UINT8 *HashValue + ) +{ + BOOLEAN Status; + Keccak1600_Ctx Ctx; + + // + // Check input parameters. + // + if (HashValue =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + Status =3D CShake256Init (&Ctx, OutputLen, Name, NameLen, Customization,= CustomizationLen); + if (!Status) { + return FALSE; + } + + Status =3D CShake256Update (&Ctx, Data, DataSize); + if (!Status) { + return FALSE; + } + + return CShake256Final (&Ctx, HashValue); +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApDxe.= c b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApDxe.c new file mode 100644 index 0000000000..34424a16f7 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApDxe.c @@ -0,0 +1,49 @@ +/** @file + Dispatch Block to Aps in Dxe phase for parallelhash algorithm. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" +#include +#include + +/** + Dispatch the block task to each AP in PEI phase. + +**/ +VOID +EFIAPI +DispatchBlockToAp ( + VOID + ) +{ + EFI_STATUS Status; + EFI_MP_SERVICES_PROTOCOL *MpServices; + + Status =3D gBS->LocateProtocol ( + &gEfiMpServiceProtocolGuid, + NULL, + (VOID **)&MpServices + ); + if (EFI_ERROR (Status)) { + // + // Failed to locate MpServices Protocol, do parallel hash by one core. + // + DEBUG ((DEBUG_ERROR, "[DispatchBlockToApDxe] Failed to locate MpServic= es Protocol. Status =3D %r\n", Status)); + return; + } + + Status =3D MpServices->StartupAllAPs ( + MpServices, + ParallelHashApExecute, + FALSE, + NULL, + 0, + NULL, + NULL + ); + return; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApMm.c= b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApMm.c new file mode 100644 index 0000000000..bbd1024d71 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApMm.c @@ -0,0 +1,35 @@ +/** @file + Dispatch the block task to each AP in Smm mode for parallelhash algorith= m. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" +#include + +/** + Dispatch the block task to each AP in SMM mode. + +**/ +VOID +EFIAPI +DispatchBlockToAp ( + VOID + ) +{ + UINTN Index; + + if (gMmst =3D=3D NULL) { + return; + } + + for (Index =3D 0; Index < gMmst->NumberOfCpus; Index++) { + if (Index !=3D gMmst->CurrentlyExecutingCpu) { + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL); + } + } + + return; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApPei.= c b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApPei.c new file mode 100644 index 0000000000..8d7f953285 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApPei.c @@ -0,0 +1,54 @@ +/** @file + Dispatch Block to Aps in Pei phase for parallelhash algorithm. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" +#include +#include +#include +#include + +/** + Dispatch the block task to each AP in PEI phase. + +**/ +VOID +EFIAPI +DispatchBlockToAp ( + VOID + ) +{ + EFI_STATUS Status; + CONST EFI_PEI_SERVICES **PeiServices; + EFI_PEI_MP_SERVICES_PPI *MpServicesPpi; + + PeiServices =3D GetPeiServicesTablePointer (); + Status =3D (*PeiServices)->LocatePpi ( + PeiServices, + &gEfiPeiMpServicesPpiGuid, + 0, + NULL, + (VOID **)&MpServicesPpi + ); + if (EFI_ERROR (Status)) { + // + // Failed to locate MpServices Ppi, do parallel hash by one core. + // + DEBUG ((DEBUG_ERROR, "[DispatchBlockToApPei] Failed to locate MpServic= es Ppi. Status =3D %r\n", Status)); + return; + } + + Status =3D MpServicesPpi->StartupAllAPs ( + (CONST EFI_PEI_SERVICES **)PeiServices, + MpServicesPpi, + ParallelHashApExecute, + FALSE, + 0, + NULL + ); + return; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.c= b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.c new file mode 100644 index 0000000000..2c04d3e29e --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.c @@ -0,0 +1,254 @@ +/** @file + ParallelHash Implementation. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" +#include + +#define PARALLELHASH_CUSTOMIZATION "ParallelHash" + +UINTN mBlockNum; +UINTN mBlockSize; +UINTN mLastBlockSize; +UINT8 *mInput; +UINTN mBlockResultSize; +UINT8 *mBlockHashResult; +BOOLEAN *mBlockIsCompleted; +SPIN_LOCK *mSpinLockList; + +/** + Complete computation of digest of each block. + + Each AP perform the function called by BSP. + + @param[in] ProcedureArgument Argument of the procedure. +**/ +VOID +EFIAPI +ParallelHashApExecute ( + IN VOID *ProcedureArgument + ) +{ + UINTN Index; + BOOLEAN Status; + + for (Index =3D 0; Index < mBlockNum; Index++) { + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) { + // + // Completed, try next one. + // + if (mBlockIsCompleted[Index]) { + ReleaseSpinLock (&mSpinLockList[Index]); + continue; + } + + // + // Calculate CShake256 for this block. + // + Status =3D CShake256HashAll ( + mInput + Index * mBlockSize, + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSize : mBlockS= ize, + mBlockResultSize, + NULL, + 0, + NULL, + 0, + mBlockHashResult + Index * mBlockResultSize + ); + if (!EFI_ERROR (Status)) { + mBlockIsCompleted[Index] =3D TRUE; + } + + ReleaseSpinLock (&mSpinLockList[Index]); + } + } +} + +/** + Parallel hash function ParallelHash256, as defined in NIST's Special Pub= lication 800-185, + published December 2016. + + @param[in] Input Pointer to the input message (X). + @param[in] InputByteLen The number(>0) of input bytes provided for= the input data. + @param[in] BlockSize The size of each block (B). + @param[out] Output Pointer to the output buffer. + @param[in] OutputByteLen The desired number of output bytes (L). + @param[in] Customization Pointer to the customization string (S). + @param[in] CustomByteLen The length of the customization string in = bytes. + + @retval TRUE ParallelHash256 digest computation succeeded. + @retval FALSE ParallelHash256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +ParallelHash256HashAll ( + IN CONST VOID *Input, + IN UINTN InputByteLen, + IN UINTN BlockSize, + OUT VOID *Output, + IN UINTN OutputByteLen, + IN CONST VOID *Customization, + IN UINTN CustomByteLen + ) +{ + UINT8 EncBufB[sizeof (UINTN)+1]; + UINTN EncSizeB; + UINT8 EncBufN[sizeof (UINTN)+1]; + UINTN EncSizeN; + UINT8 EncBufL[sizeof (UINTN)+1]; + UINTN EncSizeL; + UINTN Index; + UINT8 *CombinedInput; + UINTN CombinedInputSize; + BOOLEAN AllCompleted; + UINTN Offset; + BOOLEAN ReturnValue; + + if ((InputByteLen =3D=3D 0) || (OutputByteLen =3D=3D 0) || (BlockSize = =3D=3D 0)) { + return FALSE; + } + + if ((Input =3D=3D NULL) || (Output =3D=3D NULL)) { + return FALSE; + } + + if ((CustomByteLen !=3D 0) && (Customization =3D=3D NULL)) { + return FALSE; + } + + mBlockSize =3D BlockSize; + + // + // Calculate block number n. + // + mBlockNum =3D InputByteLen % mBlockSize =3D=3D 0 ? InputByteLen / mBlock= Size : InputByteLen / mBlockSize + 1; + + // + // Set hash result size of each block in bytes. + // + mBlockResultSize =3D OutputByteLen; + + // + // Encode B, n, L to string and record size. + // + EncSizeB =3D LeftEncode (EncBufB, mBlockSize); + EncSizeN =3D RightEncode (EncBufN, mBlockNum); + EncSizeL =3D RightEncode (EncBufL, OutputByteLen * CHAR_BIT); + + // + // Allocate buffer for combined input (newX), Block completed flag and S= pinLock. + // + CombinedInputSize =3D EncSizeB + EncSizeN + EncSizeL + mBlockNum * mBloc= kResultSize; + CombinedInput =3D AllocateZeroPool (CombinedInputSize); + mBlockIsCompleted =3D AllocateZeroPool (mBlockNum * sizeof (BOOLEAN)); + mSpinLockList =3D AllocatePool (mBlockNum * sizeof (SPIN_LOCK)); + if ((CombinedInput =3D=3D NULL) || (mBlockIsCompleted =3D=3D NULL) || (m= SpinLockList =3D=3D NULL)) { + ReturnValue =3D FALSE; + goto Exit; + } + + // + // Fill LeftEncode(B). + // + CopyMem (CombinedInput, EncBufB, EncSizeB); + + // + // Prepare for parallel hash. + // + mBlockHashResult =3D CombinedInput + EncSizeB; + mInput =3D (UINT8 *)Input; + mLastBlockSize =3D InputByteLen % mBlockSize =3D=3D 0 ? mBlockSize : I= nputByteLen % mBlockSize; + + // + // Initialize SpinLock for each result block. + // + for (Index =3D 0; Index < mBlockNum; Index++) { + InitializeSpinLock (&mSpinLockList[Index]); + } + + // + // Dispatch blocklist to each AP. + // + DispatchBlockToAp (); + + // + // Wait until all block hash completed. + // + do { + AllCompleted =3D TRUE; + for (Index =3D 0; Index < mBlockNum; Index++) { + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) { + if (!mBlockIsCompleted[Index]) { + AllCompleted =3D FALSE; + ReturnValue =3D CShake256HashAll ( + mInput + Index * mBlockSize, + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSize= : mBlockSize, + mBlockResultSize, + NULL, + 0, + NULL, + 0, + mBlockHashResult + Index * mBlockResultSize + ); + if (ReturnValue) { + mBlockIsCompleted[Index] =3D TRUE; + } + + ReleaseSpinLock (&mSpinLockList[Index]); + break; + } + + ReleaseSpinLock (&mSpinLockList[Index]); + } else { + AllCompleted =3D FALSE; + break; + } + } + } while (!AllCompleted); + + // + // Fill LeftEncode(n). + // + Offset =3D EncSizeB + mBlockNum * mBlockResultSize; + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN); + + // + // Fill LeftEncode(L). + // + Offset +=3D EncSizeN; + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL); + + ReturnValue =3D CShake256HashAll ( + CombinedInput, + CombinedInputSize, + OutputByteLen, + PARALLELHASH_CUSTOMIZATION, + AsciiStrLen (PARALLELHASH_CUSTOMIZATION), + Customization, + CustomByteLen, + Output + ); + +Exit: + ZeroMem (CombinedInput, CombinedInputSize); + + if (CombinedInput !=3D NULL) { + FreePool (CombinedInput); + } + + if (mSpinLockList !=3D NULL) { + FreePool ((VOID *)mSpinLockList); + } + + if (mBlockIsCompleted !=3D NULL) { + FreePool (mBlockIsCompleted); + } + + return ReturnValue; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h= b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h new file mode 100644 index 0000000000..64af09c484 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h @@ -0,0 +1,231 @@ +/** @file + ParallelHash related function and type declaration. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +https://www.openssl.org/source/license.html + +Copyright 2024 The eXtended Keccak Code Package (XKCP) +https://github.com/XKCP/XKCP +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles= Van Assche. +Implementation by the designers, hereby denoted as "the implementer". +For more information, feedback or questions, please refer to the Keccak Te= am website: +https://keccak.team/ +To the extent possible under law, the implementer has waived all copyright +and related or neighboring rights to the source code in this file. +http://creativecommons.org/publicdomain/zero/1.0/ +**/ + +#ifndef CRYPT_PARALLE_HASH_H_ +#define CRYPT_PARALLE_HASH_H_ + +#include "InternalCryptLib.h" + +#define KECCAK1600_WIDTH 1600 + +typedef UINT64 uint64_t; + +// +// This struct referring to m_sha3.c from opessl and modified its type nam= e. +// +typedef struct { + uint64_t A[5][5]; + size_t block_size; /* cached ctx->digest->block_size */ + size_t md_size; /* output length, variable in XOF */ + size_t num; /* used bytes in below buffer */ + unsigned char buf[KECCAK1600_WIDTH / 8 - 32]; + unsigned char pad; +} Keccak1600_Ctx; + +/** + SHA3_absorb can be called multiple times, but at each invocation + largest multiple of |r| out of |len| bytes are processed. Then + remaining amount of bytes is returned. This is done to spare caller + trouble of calculating the largest multiple of |r|. |r| can be viewed + as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104, + 72, but can also be (1600 - 448)/8 =3D 144. All this means that message + padding and intermediate sub-block buffering, byte- or bitwise, is + caller's responsibility. +**/ +size_t +SHA3_absorb ( + uint64_t A[5][5], + const unsigned char *inp, + size_t len, + size_t r + ); + +/** + SHA3_squeeze is called once at the end to generate |out| hash value + of |len| bytes. +**/ +VOID +SHA3_squeeze ( + uint64_t A[5][5], + unsigned char *out, + size_t len, + size_t r + ); + +/** + Encode function from XKCP. + + Encodes the input as a byte string in a way that can be unambiguously pa= rsed + from the beginning of the string by inserting the length of the byte str= ing + before the byte string representation of input. + + @param[out] EncBuf Result of left encode. + @param[in] Value Input of left encode. + + @retval EncLen Size of encode result in bytes. +**/ +UINTN +EFIAPI +LeftEncode ( + OUT UINT8 *EncBuf, + IN UINTN Value + ); + +/** + Encode function from XKCP. + + Encodes the input as a byte string in a way that can be unambiguously pa= rsed + from the end of the string by inserting the length of the byte string af= ter + the byte string representation of input. + + @param[out] EncBuf Result of right encode. + @param[in] Value Input of right encode. + + @retval EncLen Size of encode result in bytes. +**/ +UINTN +EFIAPI +RightEncode ( + OUT UINT8 *EncBuf, + IN UINTN Value + ); + +/** + Keccak initial fuction. + + Set up state with specified capacity. + + @param[out] Context Pointer to the context being initialized. + @param[in] Pad Delimited Suffix. + @param[in] BlockSize Size of context block. + @param[in] MessageDigestLen Size of message digest in bytes. + + @retval 1 Initialize successfully. + @retval 0 Fail to initialize. +**/ +UINT8 +EFIAPI +KeccakInit ( + OUT Keccak1600_Ctx *Context, + IN UINT8 Pad, + IN UINTN BlockSize, + IN UINTN MessageDigstLen + ); + +/** + Sha3 update fuction. + + This function performs Sha3 digest on a data buffer of the specified siz= e. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + + @param[in,out] Context Pointer to the Keccak context. + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval 1 Update successfully. +**/ +UINT8 +EFIAPI +Sha3Update ( + IN OUT Keccak1600_Ctx *Context, + IN const VOID *Data, + IN UINTN DataSize + ); + +/** + Completes computation of Sha3 message digest. + + This function completes sha3 hash computation and retrieves the digest v= alue into + the specified memory. After this function has been called, the keccak co= ntext cannot + be used again. + + @param[in, out] Context Pointer to the keccak context. + @param[out] MessageDigest Pointer to a buffer that receives the me= ssage digest. + + @retval 1 Meaasge digest computation succeeded. +**/ +UINT8 +EFIAPI +Sha3Final ( + IN OUT Keccak1600_Ctx *Context, + OUT UINT8 *MessageDigest + ); + +/** + Computes the CSHAKE-256 message digest of a input data buffer. + + This function performs the CSHAKE-256 message digest of a given data buf= fer, and places + the digest value into the specified memory. + + @param[in] Data Pointer to the buffer containing the dat= a to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] OutputLen Size of output in bytes. + @param[in] Name Pointer to the function name string. + @param[in] NameLen Size of the function name in bytes. + @param[in] Customization Pointer to the customization string. + @param[in] CustomizationLen Size of the customization string in byte= s. + @param[out] HashValue Pointer to a buffer that receives the CS= HAKE-256 digest + value. + + @retval TRUE CSHAKE-256 digest computation succeeded. + @retval FALSE CSHAKE-256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CShake256HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN UINTN OutputLen, + IN CONST VOID *Name, + IN UINTN NameLen, + IN CONST VOID *Customization, + IN UINTN CustomizationLen, + OUT UINT8 *HashValue + ); + +/** + Complete computation of digest of each block. + + Each AP perform the function called by BSP. + + @param[in] ProcedureArgument Argument of the procedure. +**/ +VOID +EFIAPI +ParallelHashApExecute ( + IN VOID *ProcedureArgument + ); + +/** + Dispatch the block task to each AP. + +**/ +VOID +EFIAPI +DispatchBlockToAp ( + VOID + ); + +#endif diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c new file mode 100644 index 0000000000..f85946d2b1 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c @@ -0,0 +1,166 @@ +/** @file + SHA3 realted functions from OpenSSL. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +https://www.openssl.org/source/license.html +**/ + +#include "CryptParallelHash.h" + +/** + Keccak initial fuction. + + Set up state with specified capacity. + + @param[out] Context Pointer to the context being initialized. + @param[in] Pad Delimited Suffix. + @param[in] BlockSize Size of context block. + @param[in] MessageDigestLen Size of message digest in bytes. + + @retval 1 Initialize successfully. + @retval 0 Fail to initialize. +**/ +UINT8 +EFIAPI +KeccakInit ( + OUT Keccak1600_Ctx *Context, + IN UINT8 Pad, + IN UINTN BlockSize, + IN UINTN MessageDigestLen + ) +{ + if (BlockSize <=3D sizeof (Context->buf)) { + memset (Context->A, 0, sizeof (Context->A)); + + Context->num =3D 0; + Context->block_size =3D BlockSize; + Context->md_size =3D MessageDigestLen; + Context->pad =3D Pad; + + return 1; + } + + return 0; +} + +/** + Sha3 update fuction. + + This function performs Sha3 digest on a data buffer of the specified siz= e. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + + @param[in,out] Context Pointer to the Keccak context. + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval 1 Update successfully. +**/ +UINT8 +EFIAPI +Sha3Update ( + IN OUT Keccak1600_Ctx *Context, + IN const VOID *Data, + IN UINTN DataSize + ) +{ + const UINT8 *DataCopy; + UINTN BlockSize; + UINTN Num; + UINTN Rem; + + DataCopy =3D Data; + BlockSize =3D (UINT8)(Context->block_size); + + if (DataSize =3D=3D 0) { + return 1; + } + + if ((Num =3D Context->num) !=3D 0) { + // + // process intermediate buffer + // + Rem =3D BlockSize - Num; + + if (DataSize < Rem) { + memcpy (Context->buf + Num, DataCopy, DataSize); + Context->num +=3D DataSize; + return 1; + } + + // + // We have enough data to fill or overflow the intermediate + // buffer. So we append |Rem| bytes and process the block, + // leaving the rest for later processing. + // + memcpy (Context->buf + Num, DataCopy, Rem); + DataCopy +=3D Rem; + DataSize -=3D Rem; + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize); + Context->num =3D 0; + // Context->buf is processed, Context->num is guaranteed to be zero. + } + + if (DataSize >=3D BlockSize) { + Rem =3D SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize); + } else { + Rem =3D DataSize; + } + + if (Rem > 0) { + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem); + Context->num =3D Rem; + } + + return 1; +} + +/** + Completes computation of Sha3 message digest. + + This function completes sha3 hash computation and retrieves the digest v= alue into + the specified memory. After this function has been called, the keccak co= ntext cannot + be used again. + + @param[in, out] Context Pointer to the keccak context. + @param[out] MessageDigest Pointer to a buffer that receives the me= ssage digest. + + @retval 1 Meaasge digest computation succeeded. +**/ +UINT8 +EFIAPI +Sha3Final ( + IN OUT Keccak1600_Ctx *Context, + OUT UINT8 *MessageDigest + ) +{ + UINTN BlockSize; + UINTN Num; + + BlockSize =3D Context->block_size; + Num =3D Context->num; + + if (Context->md_size =3D=3D 0) { + return 1; + } + + // + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1| + // in which case both byte operations below are performed on + // same byte. + // + memset (Context->buf + Num, 0, BlockSize - Num); + Context->buf[Num] =3D Context->pad; + Context->buf[BlockSize - 1] |=3D 0x80; + + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize); + + SHA3_squeeze (Context->A, MessageDigest, Context->md_size, BlockSize); + + return 1; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c b/Crypto= Pkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c new file mode 100644 index 0000000000..1a442d714e --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c @@ -0,0 +1,235 @@ +/** @file + SM3 Digest Wrapper Implementations over openssl. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include "internal/sm3.h" + +/** + Retrieves the size, in bytes, of the context buffer required for SM3 has= h operations. + + @return The size, in bytes, of the context buffer required for SM3 hash= operations. + +**/ +UINTN +EFIAPI +Sm3GetContextSize ( + VOID + ) +{ + // + // Retrieves Openssl SM3 Context Size + // + return (UINTN)(sizeof (SM3_CTX)); +} + +/** + Initializes user-supplied memory pointed by Sm3Context as SM3 hash conte= xt for + subsequent use. + + If Sm3Context is NULL, then return FALSE. + + @param[out] Sm3Context Pointer to SM3 context being initialized. + + @retval TRUE SM3 context initialization succeeded. + @retval FALSE SM3 context initialization failed. + +**/ +BOOLEAN +EFIAPI +Sm3Init ( + OUT VOID *Sm3Context + ) +{ + // + // Check input parameters. + // + if (Sm3Context =3D=3D NULL) { + return FALSE; + } + + // + // Openssl SM3 Context Initialization + // + ossl_sm3_init ((SM3_CTX *)Sm3Context); + return TRUE; +} + +/** + Makes a copy of an existing SM3 context. + + If Sm3Context is NULL, then return FALSE. + If NewSm3Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] Sm3Context Pointer to SM3 context being copied. + @param[out] NewSm3Context Pointer to new SM3 context. + + @retval TRUE SM3 context copy succeeded. + @retval FALSE SM3 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sm3Duplicate ( + IN CONST VOID *Sm3Context, + OUT VOID *NewSm3Context + ) +{ + // + // Check input parameters. + // + if ((Sm3Context =3D=3D NULL) || (NewSm3Context =3D=3D NULL)) { + return FALSE; + } + + CopyMem (NewSm3Context, Sm3Context, sizeof (SM3_CTX)); + + return TRUE; +} + +/** + Digests the input data and updates SM3 context. + + This function performs SM3 digest on a data buffer of the specified size= . + It can be called multiple times to compute the digest of long or discont= inuous data streams. + SM3 context should be already correctly initialized by Sm3Init(), and sh= ould not be finalized + by Sm3Final(). Behavior with invalid context is undefined. + + If Sm3Context is NULL, then return FALSE. + + @param[in, out] Sm3Context Pointer to the SM3 context. + @param[in] Data Pointer to the buffer containing the dat= a to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE SM3 data digest succeeded. + @retval FALSE SM3 data digest failed. + +**/ +BOOLEAN +EFIAPI +Sm3Update ( + IN OUT VOID *Sm3Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + // + // Check input parameters. + // + if (Sm3Context =3D=3D NULL) { + return FALSE; + } + + // + // Check invalid parameters, in case that only DataLength was checked in= Openssl + // + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + // + // Openssl SM3 Hash Update + // + ossl_sm3_update ((SM3_CTX *)Sm3Context, Data, DataSize); + + return TRUE; +} + +/** + Completes computation of the SM3 digest value. + + This function completes SM3 hash computation and retrieves the digest va= lue into + the specified memory. After this function has been called, the SM3 conte= xt cannot + be used again. + SM3 context should be already correctly initialized by Sm3Init(), and sh= ould not be + finalized by Sm3Final(). Behavior with invalid SM3 context is undefined. + + If Sm3Context is NULL, then return FALSE. + If HashValue is NULL, then return FALSE. + + @param[in, out] Sm3Context Pointer to the SM3 context. + @param[out] HashValue Pointer to a buffer that receives the SM= 3 digest + value (32 bytes). + + @retval TRUE SM3 digest computation succeeded. + @retval FALSE SM3 digest computation failed. + +**/ +BOOLEAN +EFIAPI +Sm3Final ( + IN OUT VOID *Sm3Context, + OUT UINT8 *HashValue + ) +{ + // + // Check input parameters. + // + if ((Sm3Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { + return FALSE; + } + + // + // Openssl SM3 Hash Finalization + // + ossl_sm3_final (HashValue, (SM3_CTX *)Sm3Context); + + return TRUE; +} + +/** + Computes the SM3 message digest of a input data buffer. + + This function performs the SM3 message digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[out] HashValue Pointer to a buffer that receives the SM3 diges= t + value (32 bytes). + + @retval TRUE SM3 digest computation succeeded. + @retval FALSE SM3 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sm3HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + OUT UINT8 *HashValue + ) +{ + SM3_CTX Ctx; + + // + // Check input parameters. + // + if (HashValue =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + // + // SM3 Hash Computation. + // + ossl_sm3_init (&Ctx); + + ossl_sm3_update (&Ctx, Data, DataSize); + + ossl_sm3_final (HashValue, &Ctx); + + return TRUE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c new file mode 100644 index 0000000000..420ed11280 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c @@ -0,0 +1,107 @@ +/** @file + Encode realted functions from Xkcp. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +Copyright 2024 The eXtended Keccak Code Package (XKCP) +https://github.com/XKCP/XKCP +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles= Van Assche. +Implementation by the designers, hereby denoted as "the implementer". +For more information, feedback or questions, please refer to the Keccak Te= am website: +https://keccak.team/ +To the extent possible under law, the implementer has waived all copyright +and related or neighboring rights to the source code in this file. +http://creativecommons.org/publicdomain/zero/1.0/ + +**/ + +#include "CryptParallelHash.h" + +/** + Encode function from XKCP. + + Encodes the input as a byte string in a way that can be unambiguously pa= rsed + from the beginning of the string by inserting the length of the byte str= ing + before the byte string representation of input. + + @param[out] EncBuf Result of left encode. + @param[in] Value Input of left encode. + + @retval EncLen Size of encode result in bytes. +**/ +UINTN +EFIAPI +LeftEncode ( + OUT UINT8 *EncBuf, + IN UINTN Value + ) +{ + UINT32 BlockNum; + UINT32 EncLen; + UINT32 Index; + UINTN ValueCopy; + + for ( ValueCopy =3D Value, BlockNum =3D 0; ValueCopy && (BlockNum < size= of (UINTN)); ++BlockNum, ValueCopy >>=3D 8 ) { + // + // Empty + // + } + + if (BlockNum =3D=3D 0) { + BlockNum =3D 1; + } + + for (Index =3D 1; Index <=3D BlockNum; ++Index) { + EncBuf[Index] =3D (UINT8)(Value >> (8 * (BlockNum - Index))); + } + + EncBuf[0] =3D (UINT8)BlockNum; + EncLen =3D BlockNum + 1; + + return EncLen; +} + +/** + Encode function from XKCP. + + Encodes the input as a byte string in a way that can be unambiguously pa= rsed + from the end of the string by inserting the length of the byte string af= ter + the byte string representation of input. + + @param[out] EncBuf Result of right encode. + @param[in] Value Input of right encode. + + @retval EncLen Size of encode result in bytes. +**/ +UINTN +EFIAPI +RightEncode ( + OUT UINT8 *EncBuf, + IN UINTN Value + ) +{ + UINT32 BlockNum; + UINT32 EncLen; + UINT32 Index; + UINTN ValueCopy; + + for (ValueCopy =3D Value, BlockNum =3D 0; ValueCopy && (BlockNum < sizeo= f (UINTN)); ++BlockNum, ValueCopy >>=3D 8) { + // + // Empty + // + } + + if (BlockNum =3D=3D 0) { + BlockNum =3D 1; + } + + for (Index =3D 1; Index <=3D BlockNum; ++Index) { + EncBuf[Index-1] =3D (UINT8)(Value >> (8 * (BlockNum-Index))); + } + + EncBuf[BlockNum] =3D (UINT8)BlockNum; + EncLen =3D BlockNum + 1; + + return EncLen; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupp= ort.c b/CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupport.c new file mode 100644 index 0000000000..c50001959c --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupport.c @@ -0,0 +1,595 @@ +/** +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +int errno =3D 0; + +FILE *stderr =3D NULL; +FILE *stdin =3D NULL; +FILE *stdout =3D NULL; + +typedef + int +(*SORT_COMPARE)( + IN VOID *Buffer1, + IN VOID *Buffer2 + ); + +// +// Duplicated from EDKII BaseSortLib for qsort() wrapper +// +STATIC +VOID +QuickSortWorker ( + IN OUT VOID *BufferToSort, + IN CONST UINTN Count, + IN CONST UINTN ElementSize, + IN SORT_COMPARE CompareFunction, + IN VOID *Buffer + ) +{ + VOID *Pivot; + UINTN LoopCount; + UINTN NextSwapLocation; + + ASSERT (BufferToSort !=3D NULL); + ASSERT (CompareFunction !=3D NULL); + ASSERT (Buffer !=3D NULL); + + if ((Count < 2) || (ElementSize < 1)) { + return; + } + + NextSwapLocation =3D 0; + + // + // Pick a pivot (we choose last element) + // + Pivot =3D ((UINT8 *)BufferToSort + ((Count - 1) * ElementSize)); + + // + // Now get the pivot such that all on "left" are below it + // and everything "right" are above it + // + for (LoopCount =3D 0; LoopCount < Count - 1; LoopCount++) { + // + // If the element is less than the pivot + // + if (CompareFunction ((VOID *)((UINT8 *)BufferToSort + ((LoopCount) * E= lementSize)), Pivot) <=3D 0) { + // + // Swap + // + CopyMem (Buffer, (UINT8 *)BufferToSort + (NextSwapLocation * Element= Size), ElementSize); + CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), (= UINT8 *)BufferToSort + ((LoopCount) * ElementSize), ElementSize); + CopyMem ((UINT8 *)BufferToSort + ((LoopCount) * ElementSize), Buffer= , ElementSize); + + // + // Increment NextSwapLocation + // + NextSwapLocation++; + } + } + + // + // Swap pivot to its final position (NextSwapLocation) + // + CopyMem (Buffer, Pivot, ElementSize); + CopyMem (Pivot, (UINT8 *)BufferToSort + (NextSwapLocation * ElementSize)= , ElementSize); + CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), Buffe= r, ElementSize); + + // + // Now recurse on 2 partial lists. Neither of these will have the 'pivo= t' element. + // IE list is sorted left half, pivot element, sorted right half... + // + QuickSortWorker ( + BufferToSort, + NextSwapLocation, + ElementSize, + CompareFunction, + Buffer + ); + + QuickSortWorker ( + (UINT8 *)BufferToSort + (NextSwapLocation + 1) * ElementSize, + Count - NextSwapLocation - 1, + ElementSize, + CompareFunction, + Buffer + ); + + return; +} + +// --------------------------------------------------------- +// Standard C Run-time Library Interface Wrapper +// --------------------------------------------------------- + +// +// -- String Manipulation Routines -- +// + +/* Scan a string for the last occurrence of a character */ +char * +strrchr ( + const char *str, + int c + ) +{ + char *save; + + for (save =3D NULL; ; ++str) { + if (*str =3D=3D c) { + save =3D (char *)str; + } + + if (*str =3D=3D 0) { + return (save); + } + } +} + +/* Compare first n bytes of string s1 with string s2, ignoring case */ +int +strncasecmp ( + const char *s1, + const char *s2, + size_t n + ) +{ + int Val; + + ASSERT (s1 !=3D NULL); + ASSERT (s2 !=3D NULL); + + if (n !=3D 0) { + do { + Val =3D tolower (*s1) - tolower (*s2); + if (Val !=3D 0) { + return Val; + } + + ++s1; + ++s2; + if (*s1 =3D=3D '\0') { + break; + } + } while (--n !=3D 0); + } + + return 0; +} + +/* Read formatted data from a string */ +int +sscanf ( + const char *buffer, + const char *format, + ... + ) +{ + // + // Null sscanf() function implementation to satisfy the linker, since + // no direct functionality logic dependency in present UEFI cases. + // + return 0; +} + +/* Maps errnum to an error-message string */ +char * +strerror ( + int errnum + ) +{ + return NULL; +} + +/* Computes the length of the maximum initial segment of the string pointe= d to by s1 + which consists entirely of characters from the string pointed to by s2.= */ +size_t +strspn ( + const char *s1, + const char *s2 + ) +{ + UINT8 Map[32]; + UINT32 Index; + size_t Count; + + for (Index =3D 0; Index < 32; Index++) { + Map[Index] =3D 0; + } + + while (*s2) { + Map[*s2 >> 3] |=3D (1 << (*s2 & 7)); + s2++; + } + + if (*s1) { + Count =3D 0; + while (Map[*s1 >> 3] & (1 << (*s1 & 7))) { + Count++; + s1++; + } + + return Count; + } + + return 0; +} + +/* Computes the length of the maximum initial segment of the string pointe= d to by s1 + which consists entirely of characters not from the string pointed to by= s2. */ +size_t +strcspn ( + const char *s1, + const char *s2 + ) +{ + UINT8 Map[32]; + UINT32 Index; + size_t Count; + + for (Index =3D 0; Index < 32; Index++) { + Map[Index] =3D 0; + } + + while (*s2) { + Map[*s2 >> 3] |=3D (1 << (*s2 & 7)); + s2++; + } + + Map[0] |=3D 1; + + Count =3D 0; + while (!(Map[*s1 >> 3] & (1 << (*s1 & 7)))) { + Count++; + s1++; + } + + return Count; +} + +char * +strcpy ( + char *strDest, + const char *strSource + ) +{ + // AsciiStrCpyS (strDest, MAX_STRING_SIZE, strSource); + // return strDest; + return NULL; +} + +// +// -- Character Classification Routines -- +// + +/* Determines if a particular character is a decimal-digit character */ +int +isdigit ( + int c + ) +{ + // + // ::=3D [0-9] + // + return (('0' <=3D (c)) && ((c) <=3D '9')); +} + +/* Determine if an integer represents character that is a hex digit */ +int +isxdigit ( + int c + ) +{ + // + // ::=3D [0-9] | [a-f] | [A-F] + // + return ((('0' <=3D (c)) && ((c) <=3D '9')) || + (('a' <=3D (c)) && ((c) <=3D 'f')) || + (('A' <=3D (c)) && ((c) <=3D 'F'))); +} + +/* Determines if a particular character represents a space character */ +int +isspace ( + int c + ) +{ + // + // ::=3D [ ] + // + return ((c) =3D=3D ' '); +} + +/* Determine if a particular character is an alphanumeric character */ +int +isalnum ( + int c + ) +{ + // + // ::=3D [0-9] | [a-z] | [A-Z] + // + return ((('0' <=3D (c)) && ((c) <=3D '9')) || + (('a' <=3D (c)) && ((c) <=3D 'z')) || + (('A' <=3D (c)) && ((c) <=3D 'Z'))); +} + +/* Determines if a particular character is in upper case */ +int +isupper ( + int c + ) +{ + // + // :=3D [A-Z] + // + return (('A' <=3D (c)) && ((c) <=3D 'Z')); +} + +// +// -- Data Conversion Routines -- +// + +/* Convert strings to a long-integer value */ +long +strtol ( + const char *nptr, + char **endptr, + int base + ) +{ + // + // Null strtol() function implementation to satisfy the linker, since th= ere is + // no direct functionality logic dependency in present UEFI cases. + // + return 0; +} + +/* Convert strings to an unsigned long-integer value */ +unsigned long +strtoul ( + const char *nptr, + char **endptr, + int base + ) +{ + // + // Null strtoul() function implementation to satisfy the linker, since t= here is + // no direct functionality logic dependency in present UEFI cases. + // + return 0; +} + +/* Convert character to lowercase */ +int +tolower ( + int c + ) +{ + if (('A' <=3D (c)) && ((c) <=3D 'Z')) { + return (c - ('A' - 'a')); + } + + return (c); +} + +// +// -- Searching and Sorting Routines -- +// + +/* Performs a quick sort */ +void +qsort ( + void *base, + size_t num, + size_t width, + int ( *compare )(const void *, const void *) + ) +{ + VOID *Buffer; + + ASSERT (base !=3D NULL); + ASSERT (compare !=3D NULL); + + // + // Use CRT-style malloc to cover BS and RT memory allocation. + // + Buffer =3D malloc (width); + ASSERT (Buffer !=3D NULL); + + // + // Re-use PerformQuickSort() function Implementation in EDKII BaseSortLi= b. + // + QuickSortWorker (base, (UINTN)num, (UINTN)width, (SORT_COMPARE)compare, = Buffer); + + free (Buffer); + return; +} + +// +// -- Process and Environment Control Routines -- +// + +/* Get a value from the current environment */ +char * +getenv ( + const char *varname + ) +{ + // + // Null getenv() function implementation to satisfy the linker, since th= ere is + // no direct functionality logic dependency in present UEFI cases. + // + return NULL; +} + +/* Get a value from the current environment */ +char * +secure_getenv ( + const char *varname + ) +{ + // + // Null secure_getenv() function implementation to satisfy the linker, s= ince + // there is no direct functionality logic dependency in present UEFI cas= es. + // + // From the secure_getenv() manual: 'just like getenv() except that it + // returns NULL in cases where "secure execution" is required'. + // + return NULL; +} + +// +// -- Stream I/O Routines -- +// + +/* Write data to a stream */ +size_t +fwrite ( + const void *buffer, + size_t size, + size_t count, + FILE *stream + ) +{ + return 0; +} + +#ifdef __GNUC__ + +typedef + VOID +(EFIAPI *NoReturnFuncPtr)( + VOID + ) __attribute__ ((__noreturn__)); + +STATIC +VOID +EFIAPI +NopFunction ( + VOID + ) +{ +} + +void +abort ( + void + ) +{ + NoReturnFuncPtr NoReturnFunc; + + NoReturnFunc =3D (NoReturnFuncPtr)NopFunction; + + NoReturnFunc (); +} + +#else + +void +abort ( + void + ) +{ + // Do nothing +} + +#endif + +int +fclose ( + FILE *f + ) +{ + return 0; +} + +FILE * +fopen ( + const char *c, + const char *m + ) +{ + return NULL; +} + +size_t +fread ( + void *b, + size_t c, + size_t i, + FILE *f + ) +{ + return 0; +} + +uid_t +getuid ( + void + ) +{ + return 0; +} + +uid_t +geteuid ( + void + ) +{ + return 0; +} + +gid_t +getgid ( + void + ) +{ + return 0; +} + +gid_t +getegid ( + void + ) +{ + return 0; +} + +int +printf ( + char const *fmt, + ... + ) +{ + return 0; +} + +void * +malloc ( + size_t a + ) +{ + return NULL; +} + +void * +realloc ( + void *a, + size_t b + ) +{ + return NULL; +} + +void +free ( + void *b + ) +{ +} diff --git a/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf b/CryptoPkg/Librar= y/MbedTlsLib/MbedTlsLib.inf index adcf770902..93f8e69383 100644 --- a/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf +++ b/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf @@ -13,6 +13,7 @@ MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D MbedTlsLib + DEFINE OPENSSL_PATH =3D ../OpensslLib/openssl =20 # # The following information is for reference only and not required by the = build tools. @@ -21,6 +22,11 @@ # =20 [Sources] +# Openssl files list starts here + $(OPENSSL_PATH)/crypto/mem_clr.c + $(OPENSSL_PATH)/crypto/sha/keccak1600.c + $(OPENSSL_PATH)/crypto/sm3/sm3.c +# Openssl files list ends here Include/mbedtls/mbedtls_config.h mbedtls/library/aes.c mbedtls/library/asn1parse.c diff --git a/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf b/CryptoPkg/Li= brary/MbedTlsLib/MbedTlsLibFull.inf index 7715392a9d..98695312cf 100644 --- a/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf +++ b/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf @@ -13,6 +13,7 @@ MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D MbedTlsLib + DEFINE OPENSSL_PATH =3D ../OpensslLib/openssl =20 # # The following information is for reference only and not required by the = build tools. @@ -21,6 +22,11 @@ # =20 [Sources] +# Openssl files list starts here + $(OPENSSL_PATH)/crypto/mem_clr.c + $(OPENSSL_PATH)/crypto/sha/keccak1600.c + $(OPENSSL_PATH)/crypto/sm3/sm3.c +# Openssl files list ends here Include/mbedtls/mbedtls_config.h mbedtls/library/aes.c mbedtls/library/asn1parse.c --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118184): https://edk2.groups.io/g/devel/message/118184 Mute This Topic: https://groups.io/mt/105662372/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- --_002_PH0PR11MB5046552C35E25DF11A324D21F7102PH0PR11MB5046namp_ Content-Type: message/rfc822 Content-Disposition: attachment; creation-date="Wed, 24 Apr 2024 08:27:18 GMT"; modification-date="Wed, 24 Apr 2024 08:27:20 GMT" Received: from CY8PR11MB7267.namprd11.prod.outlook.com (2603:10b6:930:9a::13) by PH0PR11MB5046.namprd11.prod.outlook.com with HTTPS; Wed, 24 Apr 2024 08:25:13 +0000 Received: from CH0PR03CA0372.namprd03.prod.outlook.com (2603:10b6:610:119::10) by CY8PR11MB7267.namprd11.prod.outlook.com (2603:10b6:930:9a::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.19; Wed, 24 Apr 2024 08:25:11 +0000 Received: from DS3PEPF000099DE.namprd04.prod.outlook.com (2603:10b6:610:119:cafe::62) by CH0PR03CA0372.outlook.office365.com (2603:10b6:610:119::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.22 via Frontend Transport; Wed, 24 Apr 2024 08:25:11 +0000 Received: from edgegateway.intel.com (134.134.137.100) by DS3PEPF000099DE.mail.protection.outlook.com (10.167.17.200) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.19 via Frontend Transport; Wed, 24 Apr 2024 08:25:11 +0000 Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by edgegateway.intel.com (10.7.248.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 24 Apr 2024 01:25:05 -0700 Received: from orsmsx603.amr.corp.intel.com (10.22.229.16) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 24 Apr 2024 01:25:04 -0700 Received: from orviesa007.jf.intel.com (10.64.159.147) by orsmsx603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Wed, 24 Apr 2024 01:25:04 -0700 Received: from orvoesa107.jf.intel.com ([10.18.183.147]) by orviesa007-1.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Apr 2024 01:25:03 -0700 Received: from mail05.groups.io ([45.79.224.7]) by mgamail.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Apr 2024 01:24:56 -0700 From: "Hou, Wenxing" To: "devel@edk2.groups.io" CC: "Yao, Jiewen" , "Li, Yi1" Subject: [edk2-devel] [PATCH v2] Add SHA3/SM3 functions with openssl for Mbedtls Thread-Topic: [edk2-devel] [PATCH v2] Add SHA3/SM3 functions with openssl for Mbedtls Thread-Index: AQHaliDtz3yU9G5jFEGthxyZ171X6g== Sender: "devel@edk2.groups.io" Date: Wed, 24 Apr 2024 08:24:49 +0000 Message-ID: <17C929CCD7003D47.14591@groups.io> List-Help: List-Subscribe: List-Unsubscribe: Reply-To: "devel@edk2.groups.io" , "Hou, Wenxing" Content-Language: en-US X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Organization-AuthSource: ORSMSX603.amr.corp.intel.com X-MS-Has-Attach: X-Auto-Response-Suppress: All X-MS-Exchange-Organization-Network-Message-Id: 89a57939-b6c4-4a6b-9b96-08dc64380f22 X-MS-Exchange-Organization-SCL: 1 X-MS-TNEF-Correlator: X-MS-Exchange-Organization-RecordReviewCfmType: 0 x-ms-exchange-organization-originalserveripaddress: 10.167.17.200 x-ms-exchange-organization-originalclientipaddress: 10.64.159.147 x-ms-publictraffictype: Email received-spf: None (mgamail.intel.com: no sender authenticity information available from domain of postmaster@mail05.groups.io) identity=helo; client-ip=45.79.224.7; receiver=mgamail.intel.com; envelope-from="bounce+27952+118183+6360182+10613013@groups.io"; x-sender="postmaster@mail05.groups.io"; x-conformance=sidf_compatible Resent-From: authentication-results: spf=softfail (sender IP is 134.134.137.100) smtp.mailfrom=groups.io; dkim=pass (signature was verified) header.d=groups.io;dmarc=fail action=none header.from=intel.com; x-forefront-antispam-report: CIP:134.134.137.100;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:edgegateway.intel.com;PTR:edgegateway.intel.com;CAT:NONE;SFS:(13230031)(82310400014);DIR:INB; x-ms-office365-filtering-correlation-id: 89a57939-b6c4-4a6b-9b96-08dc64380f22 x-ms-traffictypediagnostic: DS3PEPF000099DE:EE_|CY8PR11MB7267:EE_|PH0PR11MB5046:EE_ x-microsoft-antispam: BCL:0;ARA:13230031|82310400014; x-ms-exchange-crosstenant-originalarrivaltime: 24 Apr 2024 08:25:11.3390 (UTC) x-ms-exchange-crosstenant-network-message-id: 89a57939-b6c4-4a6b-9b96-08dc64380f22 x-ms-exchange-crosstenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d x-ms-exchange-crosstenant-fromentityheader: HybridOnPrem x-ms-exchange-transport-crosstenantheadersstamped: CY8PR11MB7267 x-ms-exchange-transport-endtoendlatency: 00:00:01.7295185 x-ms-exchange-processed-by-bccfoldering: 15.20.7519.018 x-ms-exchange-crosstenant-authas: Anonymous x-ms-exchange-crosstenant-authsource: ORSMSX603.amr.corp.intel.com x-ironport-av: E=Sophos;i="6.07,225,1708416000"; d="scan'208";a="47894483" x-extloop1: 1 x-organizationheaderspreserved: ORSMSX611.amr.corp.intel.com x-crosspremisesheaderspromoted: DS3PEPF000099DE.namprd04.prod.outlook.com x-crosspremisesheadersfiltered: DS3PEPF000099DE.namprd04.prod.outlook.com x-originatororg: intel.onmicrosoft.com x-eopattributedmessage: 0 x-ms-exchange-crosstenant-originalattributedtenantconnectingip: TenantId=46c98d88-e344-4ed4-8496-4ed7712e255d;Ip=[134.134.137.100];Helo=[edgegateway.intel.com] X-Microsoft-Antispam-Mailbox-Delivery: ucf:1;jmr:0;auth:0;dest:C;OFR:CustomRules;ENG:(910001)(944506478)(944626604)(920097)(930097)(140003); X-Microsoft-Antispam-Message-Info: =?iso-8859-1?Q?7KwbHoMbpNPaOD2y2fpB+aOhhiBLx55h5c6bTi+LrxA1Eg+1E8RIaYDYm4?= =?iso-8859-1?Q?Pvn36n6Kzw98ED/fhB/9yaLH+DyRdZn+3TvF9QPeC+Y21DVddXGEaRC7wh?= =?iso-8859-1?Q?h2XQKjWCAwVAjU5EVP6YWttwSX4fMr62ccmwEPq1tvws6FS8nBcs1HkPYl?= =?iso-8859-1?Q?bIWf64brqIK0VKoXPGEVDEgoXC0wYVJFuHDLyWhN/i+eaGxVrS/5keJAw5?= =?iso-8859-1?Q?V9qogJ2fgj0E+Bs/4PdZwIdbxW1DCm1Sg30X2ltIIoP6FHAAB6YMyjV5KP?= =?iso-8859-1?Q?0VajdMkrJNmVs0Uc18erkUgGIEXDzF+TZRsLb3xyPk8p8RwOAkLXgA2tY+?= =?iso-8859-1?Q?UtqUfvz0kbWJucMUDrLp2ZRQK00Cdb958ArcxULMgJUGXpOSZS8Ww/Zv/s?= =?iso-8859-1?Q?1PVEZBE5XcQ7sLZrDJZa8wtnkT2wHulZyUrXA9Ip9oUDoMRQawgbQilxGq?= =?iso-8859-1?Q?VISCzDczmkwffoHInKxFoHsPQUAygBGH4agXSjUox4vu9XC1MbNPY8lGN4?= =?iso-8859-1?Q?ZyMrMOqYbzk0u9PXaVD0IMGw1FL5qVFako9LYbZ/AwZxPuu637bFsC0WVp?= =?iso-8859-1?Q?pC88Nyp48acOj7IHFTr/JzCP3ugG/rct8aJGrwEgD8nFV5kMQgUArhhQPj?= =?iso-8859-1?Q?JSh3ciGlP5F9NO5M5yIGxoyuS5YuSR3+mXmG3Pph7RkzZJjEQWX2c9uXTI?= =?iso-8859-1?Q?l54d+ex7ckDecL9+jCThe60wnhbpqALUU58HoAcpU1KfUzJpbowdwfX56o?= =?iso-8859-1?Q?Y/4/4DAq7gYmWA/EViX8SEXyqZIV1E7bLkdhc9ZDx3qK2xFcPDNX4WapO8?= =?iso-8859-1?Q?e684kJ9kyYTfSSg84oX/hodZpMyUyCdo7SS4ii7rz8yxTHBnV1Q2v6LYHS?= =?iso-8859-1?Q?MnZAmgnyDHrWqr5hKj1LMzViUFQta7ExBzfU5zLsEpf2GMbGJ9/mc+xaqs?= =?iso-8859-1?Q?OXttLLmzG50E4+y8oHldsfWpB/SlwoXRVr85Hv7vm46BZW1M9UHVX5vuda?= =?iso-8859-1?Q?S4wTLI01WroZEPbxREdS7kz696j3OB3Hu56LG9i2g9JZ8ma4MqpUlTqP/S?= =?iso-8859-1?Q?DIXDjNJdcldLLSsR7CEElSuhZ73j6tNlDPWHnPvxXtSNAxbzGHmsJ7Clpl?= =?iso-8859-1?Q?hpi617huf9EK1h9Ut5S6yXfRkhtSLqHZO+R3q99Gj3tb9PMPSt1dcnXUMd?= =?iso-8859-1?Q?4bFDVmyHxJqzthnxQjO4Ax9GJYvsxEhCjCxQ5DsiGIWGmnUFd6xrspoB/R?= =?iso-8859-1?Q?zGjHmGBBfcI3nC5qwKehUYMwcOZXhnN+97BcK7Gu1DLnO4Bg22hvnGM1fy?= =?iso-8859-1?Q?K6RnvIEOqNMW2jAUac8FG0kkbQVfhGmR1v//rf1g3RLvhYHGaZzYntugZt?= =?iso-8859-1?Q?aRUB6NxJoEsFl5//p2rWKXHfisTmAuximbyRr9yS/N7J5C3Kv0/sQGwVDv?= =?iso-8859-1?Q?3S9Gu8jk4upDLNzhCiCus0Ms01o0qp1zVtH/eQzu3euxZTUllodxPttBo9?= =?iso-8859-1?Q?PNboTBGwVLUb1vSCfYN2qH1N/mQx77RM5AqDyCWpi8xkuO1eGnyWd1SV7x?= =?iso-8859-1?Q?PK9I9KJtP6Cak+mVtfblFzGDAkflSncgsg71DTmKbiOJuxnYN/HwWlpfHj?= =?iso-8859-1?Q?RwMYe/D1+OGXLJW/Stk6x/2OJiiLfeypJekhFRECYgsOPgcGS+3SIaKRFC?= =?iso-8859-1?Q?QjM9brPkePFs30In1/mCUCYsyrZJD0cXKsP99u7YNpRt3REGbzHJacglH8?= =?iso-8859-1?Q?5gbXgGq3KNb/VGdbM/PZ18HWttJ9e208DzupUBMeekXtdIwYmIJIfUHGSo?= =?iso-8859-1?Q?DvQlVA5mjZ93IyuIxmdAt4V2OOMDlfwbEopXAvPfpP4sU3MLlx3y8KAGN+?= =?iso-8859-1?Q?8lKsDJlUgnflF8Ag=3D=3D?= Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177=0D =0D Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3=0D implementaion based on Openssl.=0D And the implementaion has passed build check.=0D =0D Cc: Jiewen Yao =0D Cc: Yi Li =0D Signed-off-by: Wenxing Hou =0D ---=0D CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf | 9 +++++++--=0D CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf | 9 +++++++--=0D .../Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf | 3 ++-=0D CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf | 9 +++++++--=0D .../Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf | 4 +++-=0D CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 6 ++++++=0D CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf | 6 ++++++=0D 7 files changed, 38 insertions(+), 8 deletions(-)=0D =0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf b/Crypt= oPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf=0D index 16def792c5..999054500f 100644=0D --- a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf=0D +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf=0D @@ -18,6 +18,7 @@=0D MODULE_TYPE =3D DXE_DRIVER=0D VERSION_STRING =3D 1.0=0D LIBRARY_CLASS =3D BaseCryptLib|DXE_DRIVER DXE_CORE UEFI= _APPLICATION UEFI_DRIVER=0D + DEFINE BASE_CRYPT_PATH =3D ../BaseCryptLib=0D =0D #=0D # The following information is for reference only and not required by the = build tools.=0D @@ -31,10 +32,14 @@=0D Cipher/CryptAes.c=0D Hash/CryptSha256.c=0D Hash/CryptSha512.c=0D - Hash/CryptParallelHashNull.c=0D - Hash/CryptSm3Null.c=0D Hash/CryptMd5.c=0D Hash/CryptSha1.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptCShake256.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptDispatchApDxe.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptParallelHash.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptSha3.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptSm3.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptXkcp.c=0D Hmac/CryptHmac.c=0D Kdf/CryptHkdf.c=0D Pk/CryptRsaBasic.c=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf b/Crypto= Pkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf=0D index 72b22a24e8..a153c0c8e4 100644=0D --- a/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf=0D +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf=0D @@ -26,6 +26,7 @@=0D MODULE_TYPE =3D PEIM=0D VERSION_STRING =3D 1.0=0D LIBRARY_CLASS =3D BaseCryptLib|PEIM PEI_CORE=0D + DEFINE BASE_CRYPT_PATH =3D ../BaseCryptLib=0D =0D #=0D # The following information is for reference only and not required by the = build tools.=0D @@ -38,9 +39,13 @@=0D Hash/CryptMd5.c=0D Hash/CryptSha1.c=0D Hash/CryptSha256.c=0D - Hash/CryptSm3Null.c=0D Hash/CryptSha512.c=0D - Hash/CryptParallelHashNull.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptCShake256.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptDispatchApPei.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptParallelHash.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptSha3.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptSm3.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptXkcp.c=0D Hmac/CryptHmac.c=0D Kdf/CryptHkdf.c=0D Cipher/CryptAes.c=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf b/Cr= yptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf=0D index 9f17ef00bf..1b33dbdaad 100644=0D --- a/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf=0D +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf=0D @@ -25,6 +25,7 @@=0D VERSION_STRING =3D 1.0=0D LIBRARY_CLASS =3D BaseCryptLib|DXE_RUNTIME_DRIVER=0D CONSTRUCTOR =3D RuntimeCryptLibConstructor=0D + DEFINE BASE_CRYPT_PATH =3D ../BaseCryptLib=0D =0D #=0D # The following information is for reference only and not required by the = build tools.=0D @@ -37,9 +38,9 @@=0D Hash/CryptMd5.c=0D Hash/CryptSha1.c=0D Hash/CryptSha256.c=0D - Hash/CryptSm3Null.c=0D Hash/CryptSha512.c=0D Hash/CryptParallelHashNull.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptSm3.c=0D Hmac/CryptHmac.c=0D Kdf/CryptHkdf.c=0D Cipher/CryptAes.c=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf b/Crypto= Pkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf=0D index 40c56d1b7d..d9a9cb8d10 100644=0D --- a/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf=0D +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf=0D @@ -24,6 +24,7 @@=0D VERSION_STRING =3D 1.0=0D PI_SPECIFICATION_VERSION =3D 0x0001000A=0D LIBRARY_CLASS =3D BaseCryptLib|DXE_SMM_DRIVER SMM_CORE = MM_STANDALONE=0D + DEFINE BASE_CRYPT_PATH =3D ../BaseCryptLib=0D =0D #=0D # The following information is for reference only and not required by the = build tools.=0D @@ -36,9 +37,13 @@=0D Hash/CryptMd5.c=0D Hash/CryptSha1.c=0D Hash/CryptSha256.c=0D - Hash/CryptSm3Null.c=0D Hash/CryptSha512.c=0D - Hash/CryptParallelHashNull.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptCShake256.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptDispatchApMm.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptParallelHash.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptSha3.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptSm3.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptXkcp.c=0D Hmac/CryptHmac.c=0D Kdf/CryptHkdf.c=0D Cipher/CryptAes.c=0D diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf b/C= ryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf=0D index def990b996..6a7f4bdbf6 100644=0D --- a/CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf=0D +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf=0D @@ -18,6 +18,7 @@=0D MODULE_TYPE =3D DXE_DRIVER=0D VERSION_STRING =3D 1.0=0D LIBRARY_CLASS =3D BaseCryptLib|DXE_DRIVER DXE_CORE UEFI= _APPLICATION UEFI_DRIVER=0D + DEFINE BASE_CRYPT_PATH =3D ../BaseCryptLib=0D =0D #=0D # The following information is for reference only and not required by the = build tools.=0D @@ -31,9 +32,10 @@=0D Cipher/CryptAes.c=0D Hash/CryptSha256.c=0D Hash/CryptSha512.c=0D - Hash/CryptSm3Null.c=0D Hash/CryptMd5.c=0D Hash/CryptSha1.c=0D + $(BASE_CRYPT_PATH)/Hash/CryptSm3.c=0D + Hash/CryptParallelHashNull.c=0D Hmac/CryptHmac.c=0D Kdf/CryptHkdf.c=0D Pk/CryptRsaBasic.c=0D diff --git a/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf b/CryptoPkg/Librar= y/MbedTlsLib/MbedTlsLib.inf=0D index adcf770902..93f8e69383 100644=0D --- a/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf=0D +++ b/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf=0D @@ -13,6 +13,7 @@=0D MODULE_TYPE =3D BASE=0D VERSION_STRING =3D 1.0=0D LIBRARY_CLASS =3D MbedTlsLib=0D + DEFINE OPENSSL_PATH =3D ../OpensslLib/openssl=0D =0D #=0D # The following information is for reference only and not required by the = build tools.=0D @@ -21,6 +22,11 @@=0D #=0D =0D [Sources]=0D +# Openssl files list starts here=0D + $(OPENSSL_PATH)/crypto/mem_clr.c=0D + $(OPENSSL_PATH)/crypto/sha/keccak1600.c=0D + $(OPENSSL_PATH)/crypto/sm3/sm3.c=0D +# Openssl files list ends here=0D Include/mbedtls/mbedtls_config.h=0D mbedtls/library/aes.c=0D mbedtls/library/asn1parse.c=0D diff --git a/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf b/CryptoPkg/Li= brary/MbedTlsLib/MbedTlsLibFull.inf=0D index 7715392a9d..98695312cf 100644=0D --- a/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf=0D +++ b/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf=0D @@ -13,6 +13,7 @@=0D MODULE_TYPE =3D BASE=0D VERSION_STRING =3D 1.0=0D LIBRARY_CLASS =3D MbedTlsLib=0D + DEFINE OPENSSL_PATH =3D ../OpensslLib/openssl=0D =0D #=0D # The following information is for reference only and not required by the = build tools.=0D @@ -21,6 +22,11 @@=0D #=0D =0D [Sources]=0D +# Openssl files list starts here=0D + $(OPENSSL_PATH)/crypto/mem_clr.c=0D + $(OPENSSL_PATH)/crypto/sha/keccak1600.c=0D + $(OPENSSL_PATH)/crypto/sm3/sm3.c=0D +# Openssl files list ends here=0D Include/mbedtls/mbedtls_config.h=0D mbedtls/library/aes.c=0D mbedtls/library/asn1parse.c=0D -- =0D 2.26.2.windows.1=0D =0D -=3D-=3D-=3D-=3D-=3D-=3D=0A= Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118183): https://edk2.groups.io/g/devel/message/118183 Mute This Topic: https://groups.io/mt/105706562/6360182 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [wenxing.hou@intel.com] -=3D-=3D-=3D-=3D-=3D-=3D=0A= --_002_PH0PR11MB5046552C35E25DF11A324D21F7102PH0PR11MB5046namp_--