From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id D0D5E740034 for ; Mon, 22 Apr 2024 07:44:00 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=Juv8WQbRc+6iLXyis66bM5HxbsjgVphDffj6yu8CPI0=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1713771839; v=1; b=MJI5dE2QiL3CNyG1BdUC/p1cdAYvjDZTiCZUMtKvzuYuvTvIullNotiP2mM0yim6EK0xX6uc JJlgUAd9HUfbS4KntCPdUo3GYapNSsEeeBcIwo4S4u3zO9ZUb0/7IqOtzTqyQInXqB09nPlR3pc hXnKrZ85Q+o601rLs8FD6lmuFjEsaociZNzrSD7K0ikIr+Af9Az/5wWilpcjIzakVK9LKkVUJ1t dkCgkPSXJruEDHoza/R6BqYH90hQMuqs3ObJXv08LIS2vINqqmQ2E1rw9/zKx079mFYdBxkzBzx CRv4cSH8X8QoOuX8kLaGkK0QpR6MAcvrfZzoJ4EQi0vCQ== X-Received: by 127.0.0.2 with SMTP id WLquYY7687511xO2qCSaW3JF; Mon, 22 Apr 2024 00:43:59 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.19]) by mx.groups.io with SMTP id smtpd.web10.13039.1713771833681201975 for ; Mon, 22 Apr 2024 00:43:53 -0700 X-CSE-ConnectionGUID: Q5ptCi8xT2KuVYSs2wSZVA== X-CSE-MsgGUID: wa+uiUG/TbKcqGX6z2cu2g== X-IronPort-AV: E=McAfee;i="6600,9927,11051"; a="9161773" X-IronPort-AV: E=Sophos;i="6.07,220,1708416000"; d="scan'208";a="9161773" X-Received: from fmviesa002.fm.intel.com ([10.60.135.142]) by fmvoesa113.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Apr 2024 00:43:28 -0700 X-CSE-ConnectionGUID: oDNgAjKXTRGt5YIlS4zTWg== X-CSE-MsgGUID: anGpDRJ1QCiiPXmDiDzKFg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,220,1708416000"; d="scan'208";a="47225949" X-Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by fmviesa002.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 22 Apr 2024 00:43:13 -0700 X-Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Mon, 22 Apr 2024 00:43:12 -0700 X-Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Mon, 22 Apr 2024 00:43:12 -0700 X-Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.100) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Mon, 22 Apr 2024 00:43:12 -0700 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com (2603:10b6:a03:45a::10) by PH7PR11MB5793.namprd11.prod.outlook.com (2603:10b6:510:13a::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.20; Mon, 22 Apr 2024 07:43:08 +0000 X-Received: from SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::301:5dbd:207b:5578]) by SJ1PR11MB6227.namprd11.prod.outlook.com ([fe80::301:5dbd:207b:5578%4]) with mapi id 15.20.7519.018; Mon, 22 Apr 2024 07:43:08 +0000 From: "Li, Yi" To: "Hou, Wenxing" , "devel@edk2.groups.io" CC: "Yao, Jiewen" Subject: Re: [edk2-devel] [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls Thread-Topic: [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls Thread-Index: AQHalFUsI+WtdIZyqE66XVN7RQDmhLFz5o/w Date: Mon, 22 Apr 2024 07:43:08 +0000 Message-ID: References: <20240422013356.1147-1-wenxing.hou@intel.com> In-Reply-To: <20240422013356.1147-1-wenxing.hou@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SJ1PR11MB6227:EE_|PH7PR11MB5793:EE_ x-ms-office365-filtering-correlation-id: 7ccf729b-8241-48c1-b9bf-08dc629fda88 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: =?us-ascii?Q?WHJH5tVQGTFU2/2zhKR281xptG1/RGkcS1WeT1Nbvvh8beXXL9xj9p426AHF?= =?us-ascii?Q?/1hgLVeFIZa8uACCYtaBPyDTKtzJT7Gd9MjMcLQdzMNKo+hu5vc9SDueyOnF?= =?us-ascii?Q?Rglfb0yEkzEtbpswF6Xt2H8ZtB9cT70uT9IQZjyJnv9UIFE2rzdH5Ahip3OK?= =?us-ascii?Q?B1SXtlx6xB72oNLnHv1LJMa2Rj30Wlp3H7bH76xhqbpDHgKrHNh30nP1hv0O?= =?us-ascii?Q?zBzJy/kfeDvsg+3iw0CP0mBieTFIyug1cvdZ+xH2vI9aQiX7vttWirvqKZSo?= =?us-ascii?Q?tECckaypNPCCnpBcKDzGC+Aa/xyqdCw94uS2AOBdFe58BwSmFcWpYr6+IJ+P?= =?us-ascii?Q?pfaEODPvym3kYNleZnvIUmXRsYJXG3ucYI2gEDgoAbxlhB0KLlQ13KoYOvt6?= =?us-ascii?Q?FeWJa/0EnO/USWx55axAo1Gn7C/WfmDpLMvDeObuWhN7HBRSVdnfaFrRZ9TB?= =?us-ascii?Q?PFlV3LOvocP+uDEmae8d2x7XPaVOzIrlLxVvhQF70bm+IvMxRsEUHxN14RBT?= =?us-ascii?Q?PrbjGEz6MphW1hkPMCNFJ3WgoYydouWToco5VKJUursyXkaVywSlbGXeR6De?= =?us-ascii?Q?6bRJrrQFb2IOhqlazz2vDKGvHw1F9mw4NQ97r3iwS4KmHIRqVQKa3+6zZEo3?= =?us-ascii?Q?RZ0NLnxQ1YNbks39am2iQB1gfB8SBgL5Ni9gWXKeSpfImGuMSYkFjmzqjJad?= =?us-ascii?Q?0eoKfZ7MuxKWy4TCdh7juIM4DXsRgGroBFjzxrnSmc0ttg5pyuWxtB5dNvZS?= =?us-ascii?Q?IGOvIa990ddc9bDMLQRjo3fDRK5MN/ysJHROyi/DpOQ5y0DvYsn0XKtOByBf?= =?us-ascii?Q?q9sEvHxXnd7fKV9gr33ZWva3mppfwxyRUmdQ04uAV5PlBYTORjCyl6h0mUmG?= =?us-ascii?Q?WghGbOgj634GrWaYB18mUt8IfxOvBaWweQnY3TE9F6nmS32t4dZGtZJzzFAq?= =?us-ascii?Q?Qlq16oxBY14QUYWII5evPmUNyd3dSvL9jF5sRc0ZijNQJrWkzhuNX3l4VeXL?= =?us-ascii?Q?0IAF1GclmQ+u3KDOzMdDOHk8JdsJ+9wLqgxb/p/ACYfOfFuhot+L3F9HPxwW?= =?us-ascii?Q?EcCHXTHEIC06zFewYbeL6Ur/C6ej2Wt5xFRytn9bLPuoEX4b10WPAaHcjMTH?= =?us-ascii?Q?gMwhLzpOdQ2fZzr6zEaRGDilpxyK1mMNTyiiQQwjan+Fz+sHJKhqmGuV3VOL?= =?us-ascii?Q?K/BfnwKqXiwLORasRpxvLBT0CeMX+fhuV6RCR+co6yCCk8jEkO4CeRiNkwYo?= =?us-ascii?Q?jJBu3z21+L/70z/a1/5zhcrFWn7ujJadzigulJ0TeYns4bdalT1dw1G2xEn6?= =?us-ascii?Q?SjU=3D?= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?iE/KRmPhmqhDp1R6BjgKP+VPmAeO/GXVH77HUSF3sJXDOyajABJF+F+wKLB0?= =?us-ascii?Q?Owcdzq97qV+orqwKgxLhYH4pyfR9ziap8HWg0oniPPs5DWBrh54s/CprNC1p?= =?us-ascii?Q?A3Zfj/dx4yFrId4+H9qjVZ9drRiXVR8018CChMULMROq0mn+OCqvOL54RZaD?= =?us-ascii?Q?YEEongEyx22MCrQE6qMX/lOZV0ows/Qj8tn1R6RQifNtCfo909A090xUnQ2D?= =?us-ascii?Q?5RGTprfjAVQ7jksn6sOWN3S/fOI75uWWVAMPnjaYDZnimwq7aRCIxSXTjbSq?= =?us-ascii?Q?ZTZalt0yu3X503/pTRCvEEXZSemIKwLNr+UrW8MxKcJa3MV/A2CjKrLr8MsS?= =?us-ascii?Q?coFxE8qBQKGcYrUadX7WsDC59y7YoL9/Jo3m353jxBv2kmlRdzlCIKJlw148?= =?us-ascii?Q?21iCq72M3T3UMV4ymuQQFpVJDtVi/rrPTPZtv1suj9A8TmxK04qfMBpPJgn8?= =?us-ascii?Q?3MZ/oEUIyy/UdgxKYG7XytomOx1VpAIzQ9+F20WWGseXZqIIZIOCssmQoGaK?= =?us-ascii?Q?yiP8DS5J8QmoSSF7kcS5VoZ1qKmSs20DT9QARuw1GTHrC+iRGaJN6VoFhX1V?= =?us-ascii?Q?PzGLM6kX4ZeyNcVXxAK0qNmgIf2iAjqexSEAtZ+Y6yBaEu9EP2+hxV0hSaj4?= =?us-ascii?Q?hkRScROnoMYnbSweiQgXLztpImjEjjcT9yUSFa4AanYdx7Emk1qZ2Ibhubzi?= =?us-ascii?Q?7XaNeQ8MKsWZcBxqPQNBPRLjgWyVVvbvK4PawaXquekT2vTpW4Wp3fHOZ3f8?= =?us-ascii?Q?1hocrNKtsE3UvEUY7iNkveZrRnZ+zkaZJJEBKXFY69MRnFdRiWktCbEMGqlr?= =?us-ascii?Q?HlrsnObqTieLfM8N5XLzvuUMFoq1LswHt/fjWOIdf0KOTJigRZCujm/kYWIY?= =?us-ascii?Q?WY8ruRt30q9LQNdY90eT4kuz781CS6rBSwNplkCFkWeGcuUQGkXBBL3yviuw?= =?us-ascii?Q?uuyH0BwcBdH6B3wKUkgNYNr4S9hHQok2fYoZa+GBdyUnaiXj65VaVgsO7253?= =?us-ascii?Q?cUdeGSFxxS+qOKPAWLA2IL+SD+wE6CNDFjqZeVAxQivfbX9P1Np7AzEdjsRO?= =?us-ascii?Q?6i+fKuh4TLpDaIq6WDWbjWenfc5ZW8fSqOuzP0HIR733ogjmlAk/uZVqyGSw?= =?us-ascii?Q?9L26WbcBRHWrr6fNHItQmQBXa7J4zvDj7oc1jq4suFnEluCYRZKsaashlryK?= =?us-ascii?Q?sxwJf8BCZFgig4NJUBUQsq+DA8Us07QDF4DrPKOau4UpsH7+ViuTsciy6N7L?= =?us-ascii?Q?wSMUSBfxXGCaMGnZN05ruyuU+ORdNXXZQvxkm5EGTxfAnMCmHWc7U2pPs515?= =?us-ascii?Q?P+pAb4COECv/q5G/C8kxAzQFmMhNwVsX2uZNt0P7goYyTVtBaobDL/XeAvHT?= =?us-ascii?Q?vw0cpXn34WZ07VfUHtDQBKQ/rUKXyLsG8ECUWMEnmauGN/IPsy8ioVY3aXNY?= =?us-ascii?Q?PocZJCH+Y2WxKwq6krCIJWrTzQQoLdQymoURT+UotBplAGO8smxYmiyN5tXZ?= =?us-ascii?Q?1nIeOIPswTBoVwo+xWYjaqvIi1SXN1DsEesrBsOBQSXsB2T7o32HXgGKCsZq?= =?us-ascii?Q?c5qvMAAZI+F+KaLsnbQ=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SJ1PR11MB6227.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7ccf729b-8241-48c1-b9bf-08dc629fda88 X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Apr 2024 07:43:08.5082 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: GW2HJNCRiDB0OVkE1DBSD1+gdEYDl6fos+81YTY9tmT8pSfWlKyA/Mp5bxYjpHXqBhg9KdcGXYgcRGY9sD6acw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR11MB5793 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 22 Apr 2024 00:43:53 -0700 Resent-From: yi1.li@intel.com Reply-To: devel@edk2.groups.io,yi1.li@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: treIx6Gx4ntpem4mRsuAOAQYx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=MJI5dE2Q; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io Adding a copy of BaseCryptLib/Sm3/Sha3 seems like a workaround to me. I prefer to use files directly from BaseCryptLib, such like: DEFINE BASE_CRYPT_PATH =3D ../BaseCryptLib [Sources] $(BASE_CRYPT_PATH)/Hash/CryptDispatchApDxe.c ... Then I think DummyOpensslSupport.c should not be needed. Regards, Yi -----Original Message----- From: Hou, Wenxing =20 Sent: Monday, April 22, 2024 9:34 AM To: devel@edk2.groups.io Cc: Yao, Jiewen ; Li, Yi1 Subject: [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3 implementaion based on Openssl. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/CryptoPkg.ci.yaml | 1 + .../BaseCryptLibMbedTls/Hash/CryptCShake256.c | 282 +++++++++ .../Hash/CryptDispatchApDxe.c | 49 ++ .../Hash/CryptDispatchApMm.c | 35 ++ .../Hash/CryptDispatchApPei.c | 54 ++ .../Hash/CryptParallelHash.c | 254 ++++++++ .../Hash/CryptParallelHash.h | 231 +++++++ .../BaseCryptLibMbedTls/Hash/CryptSha3.c | 166 +++++ .../BaseCryptLibMbedTls/Hash/CryptSm3.c | 235 +++++++ .../BaseCryptLibMbedTls/Hash/CryptXkcp.c | 107 ++++ .../SysCall/DummyOpensslSupport.c | 595 ++++++++++++++++++ CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf | 6 + .../Library/MbedTlsLib/MbedTlsLibFull.inf | 6 + 13 files changed, 2021 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake2= 56.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatc= hApDxe.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatc= hApMm.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatc= hApPei.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParalle= lHash.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParalle= lHash.h create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpen= sslSupport.c diff --git a/CryptoPkg/CryptoPkg.ci.yaml b/CryptoPkg/CryptoPkg.ci.yaml index b601bcf85c..046cc05163 100644 --- a/CryptoPkg/CryptoPkg.ci.yaml +++ b/CryptoPkg/CryptoPkg.ci.yaml @@ -40,6 +40,7 @@ "Library/Include/CrtLibSupport.h", # This has OpenSSL interfaces that aren't UEFI spec compliant "Library/BaseCryptLib/Hash/CryptParallelHash.h", + "Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h", "Library/Include/fcntl.h", # This has Mbedtls interfaces that aren't UEFI spec compliant "Library/Include/stdint.h", diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake256.c b/= CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake256.c new file mode 100644 index 0000000000..64d8fa97c5 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptCShake256.c @@ -0,0 +1,282 @@ +/** @file + cSHAKE-256 Digest Wrapper Implementations. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" + +#define CSHAKE256_SECURITY_STRENGTH 256 +#define CSHAKE256_RATE_IN_BYTES 136 + +CONST CHAR8 mZeroPadding[CSHAKE256_RATE_IN_BYTES] =3D { 0 }; + +/** + CShake256 initial function. + + Initializes user-supplied memory pointed by CShake256Context as cSHAKE-2= 56 hash context for + subsequent use. + + @param[out] CShake256Context Pointer to cSHAKE-256 context being initia= lized. + @param[in] OutputLen The desired number of output length in byt= es. + @param[in] Name Pointer to the function name string. + @param[in] NameLen The length of the function name in bytes. + @param[in] Customization Pointer to the customization string. + @param[in] CustomizationLen The length of the customization string in = bytes. + + @retval TRUE cSHAKE-256 context initialization succeeded. + @retval FALSE cSHAKE-256 context initialization failed. + @retval FALSE This interface is not supported. +**/ +BOOLEAN +EFIAPI +CShake256Init ( + OUT VOID *CShake256Context, + IN UINTN OutputLen, + IN CONST VOID *Name, + IN UINTN NameLen, + IN CONST VOID *Customization, + IN UINTN CustomizationLen + ) +{ + BOOLEAN Status; + UINT8 EncBuf[sizeof (UINTN) + 1]; + UINTN EncLen; + UINTN AbsorbLen; + UINTN PadLen; + + // + // Check input parameters. + // + if ((CShake256Context =3D=3D NULL) || (OutputLen =3D=3D 0) || ((NameLen = !=3D 0) && (Name =3D=3D NULL)) || ((CustomizationLen !=3D 0) && (Customizat= ion =3D=3D NULL))) { + return FALSE; + } + + // + // Initialize KECCAK context with pad value and block size. + // + if ((NameLen =3D=3D 0) && (CustomizationLen =3D=3D 0)) { + // + // When N and S are both empty strings, cSHAKE(X, L, N, S) is equivale= nt to + // SHAKE as defined in FIPS 202. + // + Status =3D (BOOLEAN)KeccakInit ( + (Keccak1600_Ctx *)CShake256Context, + '\x1f', + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * = 2) / 8, + OutputLen + ); + + return Status; + } else { + Status =3D (BOOLEAN)KeccakInit ( + (Keccak1600_Ctx *)CShake256Context, + '\x04', + (KECCAK1600_WIDTH - CSHAKE256_SECURITY_STRENGTH * = 2) / 8, + OutputLen + ); + if (!Status) { + return FALSE; + } + + AbsorbLen =3D 0; + // + // Absorb Absorb bytepad(.., rate). + // + EncLen =3D LeftEncode (EncBuf, CSHAKE256_RATE_IN_BYTES); + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, En= cBuf, EncLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D EncLen; + + // + // Absorb encode_string(N). + // + EncLen =3D LeftEncode (EncBuf, NameLen * 8); + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, En= cBuf, EncLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D EncLen; + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context= , Name, NameLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D NameLen; + + // + // Absorb encode_string(S). + // + EncLen =3D LeftEncode (EncBuf, CustomizationLen * 8); + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, En= cBuf, EncLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D EncLen; + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context= , Customization, CustomizationLen); + if (!Status) { + return FALSE; + } + + AbsorbLen +=3D CustomizationLen; + + // + // Absorb zero padding up to rate. + // + PadLen =3D CSHAKE256_RATE_IN_BYTES - AbsorbLen % CSHAKE256_RATE_IN_BYT= ES; + Status =3D (BOOLEAN)Sha3Update ((Keccak1600_Ctx *)CShake256Context, mZ= eroPadding, PadLen); + if (!Status) { + return FALSE; + } + + return TRUE; + } +} + +/** + Digests the input data and updates cSHAKE-256 context. + + This function performs cSHAKE-256 digest on a data buffer of the specifi= ed size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + cSHAKE-256 context should be already correctly initialized by CShake256I= nit(), and should not be finalized + by CShake256Final(). Behavior with invalid context is undefined. + + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context. + @param[in] Data Pointer to the buffer containing the= data to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE cSHAKE-256 data digest succeeded. + @retval FALSE cSHAKE-256 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CShake256Update ( + IN OUT VOID *CShake256Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + // + // Check input parameters. + // + if (CShake256Context =3D=3D NULL) { + return FALSE; + } + + // + // Check invalid parameters, in case that only DataLength was checked in= OpenSSL. + // + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + return (BOOLEAN)(Sha3Update ((Keccak1600_Ctx *)CShake256Context, Data, D= ataSize)); +} + +/** + Completes computation of the cSHAKE-256 digest value. + + This function completes cSHAKE-256 hash computation and retrieves the di= gest value into + the specified memory. After this function has been called, the cSHAKE-25= 6 context cannot + be used again. + cSHAKE-256 context should be already correctly initialized by CShake256I= nit(), and should not be + finalized by CShake256Final(). Behavior with invalid cSHAKE-256 context = is undefined. + + @param[in, out] CShake256Context Pointer to the cSHAKE-256 context. + @param[out] HashValue Pointer to a buffer that receives the= cSHAKE-256 digest + value. + + @retval TRUE cSHAKE-256 digest computation succeeded. + @retval FALSE cSHAKE-256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CShake256Final ( + IN OUT VOID *CShake256Context, + OUT UINT8 *HashValue + ) +{ + // + // Check input parameters. + // + if ((CShake256Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { + return FALSE; + } + + // + // cSHAKE-256 Hash Finalization. + // + return (BOOLEAN)(Sha3Final ((Keccak1600_Ctx *)CShake256Context, HashValu= e)); +} + +/** + Computes the CSHAKE-256 message digest of a input data buffer. + + This function performs the CSHAKE-256 message digest of a given data buf= fer, and places + the digest value into the specified memory. + + @param[in] Data Pointer to the buffer containing the dat= a to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] OutputLen Size of output in bytes. + @param[in] Name Pointer to the function name string. + @param[in] NameLen Size of the function name in bytes. + @param[in] Customization Pointer to the customization string. + @param[in] CustomizationLen Size of the customization string in byte= s. + @param[out] HashValue Pointer to a buffer that receives the CS= HAKE-256 digest + value. + + @retval TRUE CSHAKE-256 digest computation succeeded. + @retval FALSE CSHAKE-256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CShake256HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN UINTN OutputLen, + IN CONST VOID *Name, + IN UINTN NameLen, + IN CONST VOID *Customization, + IN UINTN CustomizationLen, + OUT UINT8 *HashValue + ) +{ + BOOLEAN Status; + Keccak1600_Ctx Ctx; + + // + // Check input parameters. + // + if (HashValue =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + Status =3D CShake256Init (&Ctx, OutputLen, Name, NameLen, Customization,= CustomizationLen); + if (!Status) { + return FALSE; + } + + Status =3D CShake256Update (&Ctx, Data, DataSize); + if (!Status) { + return FALSE; + } + + return CShake256Final (&Ctx, HashValue); +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApDxe.= c b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApDxe.c new file mode 100644 index 0000000000..34424a16f7 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApDxe.c @@ -0,0 +1,49 @@ +/** @file + Dispatch Block to Aps in Dxe phase for parallelhash algorithm. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" +#include +#include + +/** + Dispatch the block task to each AP in PEI phase. + +**/ +VOID +EFIAPI +DispatchBlockToAp ( + VOID + ) +{ + EFI_STATUS Status; + EFI_MP_SERVICES_PROTOCOL *MpServices; + + Status =3D gBS->LocateProtocol ( + &gEfiMpServiceProtocolGuid, + NULL, + (VOID **)&MpServices + ); + if (EFI_ERROR (Status)) { + // + // Failed to locate MpServices Protocol, do parallel hash by one core. + // + DEBUG ((DEBUG_ERROR, "[DispatchBlockToApDxe] Failed to locate MpServic= es Protocol. Status =3D %r\n", Status)); + return; + } + + Status =3D MpServices->StartupAllAPs ( + MpServices, + ParallelHashApExecute, + FALSE, + NULL, + 0, + NULL, + NULL + ); + return; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApMm.c= b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApMm.c new file mode 100644 index 0000000000..bbd1024d71 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApMm.c @@ -0,0 +1,35 @@ +/** @file + Dispatch the block task to each AP in Smm mode for parallelhash algorith= m. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" +#include + +/** + Dispatch the block task to each AP in SMM mode. + +**/ +VOID +EFIAPI +DispatchBlockToAp ( + VOID + ) +{ + UINTN Index; + + if (gMmst =3D=3D NULL) { + return; + } + + for (Index =3D 0; Index < gMmst->NumberOfCpus; Index++) { + if (Index !=3D gMmst->CurrentlyExecutingCpu) { + gMmst->MmStartupThisAp (ParallelHashApExecute, Index, NULL); + } + } + + return; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApPei.= c b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApPei.c new file mode 100644 index 0000000000..8d7f953285 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptDispatchApPei.c @@ -0,0 +1,54 @@ +/** @file + Dispatch Block to Aps in Pei phase for parallelhash algorithm. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" +#include +#include +#include +#include + +/** + Dispatch the block task to each AP in PEI phase. + +**/ +VOID +EFIAPI +DispatchBlockToAp ( + VOID + ) +{ + EFI_STATUS Status; + CONST EFI_PEI_SERVICES **PeiServices; + EFI_PEI_MP_SERVICES_PPI *MpServicesPpi; + + PeiServices =3D GetPeiServicesTablePointer (); + Status =3D (*PeiServices)->LocatePpi ( + PeiServices, + &gEfiPeiMpServicesPpiGuid, + 0, + NULL, + (VOID **)&MpServicesPpi + ); + if (EFI_ERROR (Status)) { + // + // Failed to locate MpServices Ppi, do parallel hash by one core. + // + DEBUG ((DEBUG_ERROR, "[DispatchBlockToApPei] Failed to locate MpServic= es Ppi. Status =3D %r\n", Status)); + return; + } + + Status =3D MpServicesPpi->StartupAllAPs ( + (CONST EFI_PEI_SERVICES **)PeiServices, + MpServicesPpi, + ParallelHashApExecute, + FALSE, + 0, + NULL + ); + return; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.c= b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.c new file mode 100644 index 0000000000..2c04d3e29e --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.c @@ -0,0 +1,254 @@ +/** @file + ParallelHash Implementation. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "CryptParallelHash.h" +#include + +#define PARALLELHASH_CUSTOMIZATION "ParallelHash" + +UINTN mBlockNum; +UINTN mBlockSize; +UINTN mLastBlockSize; +UINT8 *mInput; +UINTN mBlockResultSize; +UINT8 *mBlockHashResult; +BOOLEAN *mBlockIsCompleted; +SPIN_LOCK *mSpinLockList; + +/** + Complete computation of digest of each block. + + Each AP perform the function called by BSP. + + @param[in] ProcedureArgument Argument of the procedure. +**/ +VOID +EFIAPI +ParallelHashApExecute ( + IN VOID *ProcedureArgument + ) +{ + UINTN Index; + BOOLEAN Status; + + for (Index =3D 0; Index < mBlockNum; Index++) { + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) { + // + // Completed, try next one. + // + if (mBlockIsCompleted[Index]) { + ReleaseSpinLock (&mSpinLockList[Index]); + continue; + } + + // + // Calculate CShake256 for this block. + // + Status =3D CShake256HashAll ( + mInput + Index * mBlockSize, + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSize : mBlockS= ize, + mBlockResultSize, + NULL, + 0, + NULL, + 0, + mBlockHashResult + Index * mBlockResultSize + ); + if (!EFI_ERROR (Status)) { + mBlockIsCompleted[Index] =3D TRUE; + } + + ReleaseSpinLock (&mSpinLockList[Index]); + } + } +} + +/** + Parallel hash function ParallelHash256, as defined in NIST's Special Pub= lication 800-185, + published December 2016. + + @param[in] Input Pointer to the input message (X). + @param[in] InputByteLen The number(>0) of input bytes provided for= the input data. + @param[in] BlockSize The size of each block (B). + @param[out] Output Pointer to the output buffer. + @param[in] OutputByteLen The desired number of output bytes (L). + @param[in] Customization Pointer to the customization string (S). + @param[in] CustomByteLen The length of the customization string in = bytes. + + @retval TRUE ParallelHash256 digest computation succeeded. + @retval FALSE ParallelHash256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +ParallelHash256HashAll ( + IN CONST VOID *Input, + IN UINTN InputByteLen, + IN UINTN BlockSize, + OUT VOID *Output, + IN UINTN OutputByteLen, + IN CONST VOID *Customization, + IN UINTN CustomByteLen + ) +{ + UINT8 EncBufB[sizeof (UINTN)+1]; + UINTN EncSizeB; + UINT8 EncBufN[sizeof (UINTN)+1]; + UINTN EncSizeN; + UINT8 EncBufL[sizeof (UINTN)+1]; + UINTN EncSizeL; + UINTN Index; + UINT8 *CombinedInput; + UINTN CombinedInputSize; + BOOLEAN AllCompleted; + UINTN Offset; + BOOLEAN ReturnValue; + + if ((InputByteLen =3D=3D 0) || (OutputByteLen =3D=3D 0) || (BlockSize = =3D=3D 0)) { + return FALSE; + } + + if ((Input =3D=3D NULL) || (Output =3D=3D NULL)) { + return FALSE; + } + + if ((CustomByteLen !=3D 0) && (Customization =3D=3D NULL)) { + return FALSE; + } + + mBlockSize =3D BlockSize; + + // + // Calculate block number n. + // + mBlockNum =3D InputByteLen % mBlockSize =3D=3D 0 ? InputByteLen / mBlock= Size : InputByteLen / mBlockSize + 1; + + // + // Set hash result size of each block in bytes. + // + mBlockResultSize =3D OutputByteLen; + + // + // Encode B, n, L to string and record size. + // + EncSizeB =3D LeftEncode (EncBufB, mBlockSize); + EncSizeN =3D RightEncode (EncBufN, mBlockNum); + EncSizeL =3D RightEncode (EncBufL, OutputByteLen * CHAR_BIT); + + // + // Allocate buffer for combined input (newX), Block completed flag and S= pinLock. + // + CombinedInputSize =3D EncSizeB + EncSizeN + EncSizeL + mBlockNum * mBloc= kResultSize; + CombinedInput =3D AllocateZeroPool (CombinedInputSize); + mBlockIsCompleted =3D AllocateZeroPool (mBlockNum * sizeof (BOOLEAN)); + mSpinLockList =3D AllocatePool (mBlockNum * sizeof (SPIN_LOCK)); + if ((CombinedInput =3D=3D NULL) || (mBlockIsCompleted =3D=3D NULL) || (m= SpinLockList =3D=3D NULL)) { + ReturnValue =3D FALSE; + goto Exit; + } + + // + // Fill LeftEncode(B). + // + CopyMem (CombinedInput, EncBufB, EncSizeB); + + // + // Prepare for parallel hash. + // + mBlockHashResult =3D CombinedInput + EncSizeB; + mInput =3D (UINT8 *)Input; + mLastBlockSize =3D InputByteLen % mBlockSize =3D=3D 0 ? mBlockSize : I= nputByteLen % mBlockSize; + + // + // Initialize SpinLock for each result block. + // + for (Index =3D 0; Index < mBlockNum; Index++) { + InitializeSpinLock (&mSpinLockList[Index]); + } + + // + // Dispatch blocklist to each AP. + // + DispatchBlockToAp (); + + // + // Wait until all block hash completed. + // + do { + AllCompleted =3D TRUE; + for (Index =3D 0; Index < mBlockNum; Index++) { + if (AcquireSpinLockOrFail (&mSpinLockList[Index])) { + if (!mBlockIsCompleted[Index]) { + AllCompleted =3D FALSE; + ReturnValue =3D CShake256HashAll ( + mInput + Index * mBlockSize, + (Index =3D=3D (mBlockNum - 1)) ? mLastBlockSize= : mBlockSize, + mBlockResultSize, + NULL, + 0, + NULL, + 0, + mBlockHashResult + Index * mBlockResultSize + ); + if (ReturnValue) { + mBlockIsCompleted[Index] =3D TRUE; + } + + ReleaseSpinLock (&mSpinLockList[Index]); + break; + } + + ReleaseSpinLock (&mSpinLockList[Index]); + } else { + AllCompleted =3D FALSE; + break; + } + } + } while (!AllCompleted); + + // + // Fill LeftEncode(n). + // + Offset =3D EncSizeB + mBlockNum * mBlockResultSize; + CopyMem (CombinedInput + Offset, EncBufN, EncSizeN); + + // + // Fill LeftEncode(L). + // + Offset +=3D EncSizeN; + CopyMem (CombinedInput + Offset, EncBufL, EncSizeL); + + ReturnValue =3D CShake256HashAll ( + CombinedInput, + CombinedInputSize, + OutputByteLen, + PARALLELHASH_CUSTOMIZATION, + AsciiStrLen (PARALLELHASH_CUSTOMIZATION), + Customization, + CustomByteLen, + Output + ); + +Exit: + ZeroMem (CombinedInput, CombinedInputSize); + + if (CombinedInput !=3D NULL) { + FreePool (CombinedInput); + } + + if (mSpinLockList !=3D NULL) { + FreePool ((VOID *)mSpinLockList); + } + + if (mBlockIsCompleted !=3D NULL) { + FreePool (mBlockIsCompleted); + } + + return ReturnValue; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h= b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h new file mode 100644 index 0000000000..64af09c484 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptParallelHash.h @@ -0,0 +1,231 @@ +/** @file + ParallelHash related function and type declaration. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +https://www.openssl.org/source/license.html + +Copyright 2024 The eXtended Keccak Code Package (XKCP) +https://github.com/XKCP/XKCP +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles= Van Assche. +Implementation by the designers, hereby denoted as "the implementer". +For more information, feedback or questions, please refer to the Keccak Te= am website: +https://keccak.team/ +To the extent possible under law, the implementer has waived all copyright +and related or neighboring rights to the source code in this file. +http://creativecommons.org/publicdomain/zero/1.0/ +**/ + +#ifndef CRYPT_PARALLE_HASH_H_ +#define CRYPT_PARALLE_HASH_H_ + +#include "InternalCryptLib.h" + +#define KECCAK1600_WIDTH 1600 + +typedef UINT64 uint64_t; + +// +// This struct referring to m_sha3.c from opessl and modified its type nam= e. +// +typedef struct { + uint64_t A[5][5]; + size_t block_size; /* cached ctx->digest->block_size */ + size_t md_size; /* output length, variable in XOF */ + size_t num; /* used bytes in below buffer */ + unsigned char buf[KECCAK1600_WIDTH / 8 - 32]; + unsigned char pad; +} Keccak1600_Ctx; + +/** + SHA3_absorb can be called multiple times, but at each invocation + largest multiple of |r| out of |len| bytes are processed. Then + remaining amount of bytes is returned. This is done to spare caller + trouble of calculating the largest multiple of |r|. |r| can be viewed + as blocksize. It is commonly (1600 - 256*n)/8, e.g. 168, 136, 104, + 72, but can also be (1600 - 448)/8 =3D 144. All this means that message + padding and intermediate sub-block buffering, byte- or bitwise, is + caller's responsibility. +**/ +size_t +SHA3_absorb ( + uint64_t A[5][5], + const unsigned char *inp, + size_t len, + size_t r + ); + +/** + SHA3_squeeze is called once at the end to generate |out| hash value + of |len| bytes. +**/ +VOID +SHA3_squeeze ( + uint64_t A[5][5], + unsigned char *out, + size_t len, + size_t r + ); + +/** + Encode function from XKCP. + + Encodes the input as a byte string in a way that can be unambiguously pa= rsed + from the beginning of the string by inserting the length of the byte str= ing + before the byte string representation of input. + + @param[out] EncBuf Result of left encode. + @param[in] Value Input of left encode. + + @retval EncLen Size of encode result in bytes. +**/ +UINTN +EFIAPI +LeftEncode ( + OUT UINT8 *EncBuf, + IN UINTN Value + ); + +/** + Encode function from XKCP. + + Encodes the input as a byte string in a way that can be unambiguously pa= rsed + from the end of the string by inserting the length of the byte string af= ter + the byte string representation of input. + + @param[out] EncBuf Result of right encode. + @param[in] Value Input of right encode. + + @retval EncLen Size of encode result in bytes. +**/ +UINTN +EFIAPI +RightEncode ( + OUT UINT8 *EncBuf, + IN UINTN Value + ); + +/** + Keccak initial fuction. + + Set up state with specified capacity. + + @param[out] Context Pointer to the context being initialized. + @param[in] Pad Delimited Suffix. + @param[in] BlockSize Size of context block. + @param[in] MessageDigestLen Size of message digest in bytes. + + @retval 1 Initialize successfully. + @retval 0 Fail to initialize. +**/ +UINT8 +EFIAPI +KeccakInit ( + OUT Keccak1600_Ctx *Context, + IN UINT8 Pad, + IN UINTN BlockSize, + IN UINTN MessageDigstLen + ); + +/** + Sha3 update fuction. + + This function performs Sha3 digest on a data buffer of the specified siz= e. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + + @param[in,out] Context Pointer to the Keccak context. + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval 1 Update successfully. +**/ +UINT8 +EFIAPI +Sha3Update ( + IN OUT Keccak1600_Ctx *Context, + IN const VOID *Data, + IN UINTN DataSize + ); + +/** + Completes computation of Sha3 message digest. + + This function completes sha3 hash computation and retrieves the digest v= alue into + the specified memory. After this function has been called, the keccak co= ntext cannot + be used again. + + @param[in, out] Context Pointer to the keccak context. + @param[out] MessageDigest Pointer to a buffer that receives the me= ssage digest. + + @retval 1 Meaasge digest computation succeeded. +**/ +UINT8 +EFIAPI +Sha3Final ( + IN OUT Keccak1600_Ctx *Context, + OUT UINT8 *MessageDigest + ); + +/** + Computes the CSHAKE-256 message digest of a input data buffer. + + This function performs the CSHAKE-256 message digest of a given data buf= fer, and places + the digest value into the specified memory. + + @param[in] Data Pointer to the buffer containing the dat= a to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] OutputLen Size of output in bytes. + @param[in] Name Pointer to the function name string. + @param[in] NameLen Size of the function name in bytes. + @param[in] Customization Pointer to the customization string. + @param[in] CustomizationLen Size of the customization string in byte= s. + @param[out] HashValue Pointer to a buffer that receives the CS= HAKE-256 digest + value. + + @retval TRUE CSHAKE-256 digest computation succeeded. + @retval FALSE CSHAKE-256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CShake256HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN UINTN OutputLen, + IN CONST VOID *Name, + IN UINTN NameLen, + IN CONST VOID *Customization, + IN UINTN CustomizationLen, + OUT UINT8 *HashValue + ); + +/** + Complete computation of digest of each block. + + Each AP perform the function called by BSP. + + @param[in] ProcedureArgument Argument of the procedure. +**/ +VOID +EFIAPI +ParallelHashApExecute ( + IN VOID *ProcedureArgument + ); + +/** + Dispatch the block task to each AP. + +**/ +VOID +EFIAPI +DispatchBlockToAp ( + VOID + ); + +#endif diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c new file mode 100644 index 0000000000..f85946d2b1 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha3.c @@ -0,0 +1,166 @@ +/** @file + SHA3 realted functions from OpenSSL. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +Copyright 2024 The OpenSSL Project Authors. All Rights Reserved. +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +https://www.openssl.org/source/license.html +**/ + +#include "CryptParallelHash.h" + +/** + Keccak initial fuction. + + Set up state with specified capacity. + + @param[out] Context Pointer to the context being initialized. + @param[in] Pad Delimited Suffix. + @param[in] BlockSize Size of context block. + @param[in] MessageDigestLen Size of message digest in bytes. + + @retval 1 Initialize successfully. + @retval 0 Fail to initialize. +**/ +UINT8 +EFIAPI +KeccakInit ( + OUT Keccak1600_Ctx *Context, + IN UINT8 Pad, + IN UINTN BlockSize, + IN UINTN MessageDigestLen + ) +{ + if (BlockSize <=3D sizeof (Context->buf)) { + memset (Context->A, 0, sizeof (Context->A)); + + Context->num =3D 0; + Context->block_size =3D BlockSize; + Context->md_size =3D MessageDigestLen; + Context->pad =3D Pad; + + return 1; + } + + return 0; +} + +/** + Sha3 update fuction. + + This function performs Sha3 digest on a data buffer of the specified siz= e. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + + @param[in,out] Context Pointer to the Keccak context. + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval 1 Update successfully. +**/ +UINT8 +EFIAPI +Sha3Update ( + IN OUT Keccak1600_Ctx *Context, + IN const VOID *Data, + IN UINTN DataSize + ) +{ + const UINT8 *DataCopy; + UINTN BlockSize; + UINTN Num; + UINTN Rem; + + DataCopy =3D Data; + BlockSize =3D (UINT8)(Context->block_size); + + if (DataSize =3D=3D 0) { + return 1; + } + + if ((Num =3D Context->num) !=3D 0) { + // + // process intermediate buffer + // + Rem =3D BlockSize - Num; + + if (DataSize < Rem) { + memcpy (Context->buf + Num, DataCopy, DataSize); + Context->num +=3D DataSize; + return 1; + } + + // + // We have enough data to fill or overflow the intermediate + // buffer. So we append |Rem| bytes and process the block, + // leaving the rest for later processing. + // + memcpy (Context->buf + Num, DataCopy, Rem); + DataCopy +=3D Rem; + DataSize -=3D Rem; + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize); + Context->num =3D 0; + // Context->buf is processed, Context->num is guaranteed to be zero. + } + + if (DataSize >=3D BlockSize) { + Rem =3D SHA3_absorb (Context->A, DataCopy, DataSize, BlockSize); + } else { + Rem =3D DataSize; + } + + if (Rem > 0) { + memcpy (Context->buf, DataCopy + DataSize - Rem, Rem); + Context->num =3D Rem; + } + + return 1; +} + +/** + Completes computation of Sha3 message digest. + + This function completes sha3 hash computation and retrieves the digest v= alue into + the specified memory. After this function has been called, the keccak co= ntext cannot + be used again. + + @param[in, out] Context Pointer to the keccak context. + @param[out] MessageDigest Pointer to a buffer that receives the me= ssage digest. + + @retval 1 Meaasge digest computation succeeded. +**/ +UINT8 +EFIAPI +Sha3Final ( + IN OUT Keccak1600_Ctx *Context, + OUT UINT8 *MessageDigest + ) +{ + UINTN BlockSize; + UINTN Num; + + BlockSize =3D Context->block_size; + Num =3D Context->num; + + if (Context->md_size =3D=3D 0) { + return 1; + } + + // + // Pad the data with 10*1. Note that |Num| can be |BlockSize - 1| + // in which case both byte operations below are performed on + // same byte. + // + memset (Context->buf + Num, 0, BlockSize - Num); + Context->buf[Num] =3D Context->pad; + Context->buf[BlockSize - 1] |=3D 0x80; + + (void)SHA3_absorb (Context->A, Context->buf, BlockSize, BlockSize); + + SHA3_squeeze (Context->A, MessageDigest, Context->md_size, BlockSize); + + return 1; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c b/Crypto= Pkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c new file mode 100644 index 0000000000..1a442d714e --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c @@ -0,0 +1,235 @@ +/** @file + SM3 Digest Wrapper Implementations over openssl. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include "internal/sm3.h" + +/** + Retrieves the size, in bytes, of the context buffer required for SM3 has= h operations. + + @return The size, in bytes, of the context buffer required for SM3 hash= operations. + +**/ +UINTN +EFIAPI +Sm3GetContextSize ( + VOID + ) +{ + // + // Retrieves Openssl SM3 Context Size + // + return (UINTN)(sizeof (SM3_CTX)); +} + +/** + Initializes user-supplied memory pointed by Sm3Context as SM3 hash conte= xt for + subsequent use. + + If Sm3Context is NULL, then return FALSE. + + @param[out] Sm3Context Pointer to SM3 context being initialized. + + @retval TRUE SM3 context initialization succeeded. + @retval FALSE SM3 context initialization failed. + +**/ +BOOLEAN +EFIAPI +Sm3Init ( + OUT VOID *Sm3Context + ) +{ + // + // Check input parameters. + // + if (Sm3Context =3D=3D NULL) { + return FALSE; + } + + // + // Openssl SM3 Context Initialization + // + ossl_sm3_init ((SM3_CTX *)Sm3Context); + return TRUE; +} + +/** + Makes a copy of an existing SM3 context. + + If Sm3Context is NULL, then return FALSE. + If NewSm3Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] Sm3Context Pointer to SM3 context being copied. + @param[out] NewSm3Context Pointer to new SM3 context. + + @retval TRUE SM3 context copy succeeded. + @retval FALSE SM3 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sm3Duplicate ( + IN CONST VOID *Sm3Context, + OUT VOID *NewSm3Context + ) +{ + // + // Check input parameters. + // + if ((Sm3Context =3D=3D NULL) || (NewSm3Context =3D=3D NULL)) { + return FALSE; + } + + CopyMem (NewSm3Context, Sm3Context, sizeof (SM3_CTX)); + + return TRUE; +} + +/** + Digests the input data and updates SM3 context. + + This function performs SM3 digest on a data buffer of the specified size= . + It can be called multiple times to compute the digest of long or discont= inuous data streams. + SM3 context should be already correctly initialized by Sm3Init(), and sh= ould not be finalized + by Sm3Final(). Behavior with invalid context is undefined. + + If Sm3Context is NULL, then return FALSE. + + @param[in, out] Sm3Context Pointer to the SM3 context. + @param[in] Data Pointer to the buffer containing the dat= a to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE SM3 data digest succeeded. + @retval FALSE SM3 data digest failed. + +**/ +BOOLEAN +EFIAPI +Sm3Update ( + IN OUT VOID *Sm3Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + // + // Check input parameters. + // + if (Sm3Context =3D=3D NULL) { + return FALSE; + } + + // + // Check invalid parameters, in case that only DataLength was checked in= Openssl + // + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + // + // Openssl SM3 Hash Update + // + ossl_sm3_update ((SM3_CTX *)Sm3Context, Data, DataSize); + + return TRUE; +} + +/** + Completes computation of the SM3 digest value. + + This function completes SM3 hash computation and retrieves the digest va= lue into + the specified memory. After this function has been called, the SM3 conte= xt cannot + be used again. + SM3 context should be already correctly initialized by Sm3Init(), and sh= ould not be + finalized by Sm3Final(). Behavior with invalid SM3 context is undefined. + + If Sm3Context is NULL, then return FALSE. + If HashValue is NULL, then return FALSE. + + @param[in, out] Sm3Context Pointer to the SM3 context. + @param[out] HashValue Pointer to a buffer that receives the SM= 3 digest + value (32 bytes). + + @retval TRUE SM3 digest computation succeeded. + @retval FALSE SM3 digest computation failed. + +**/ +BOOLEAN +EFIAPI +Sm3Final ( + IN OUT VOID *Sm3Context, + OUT UINT8 *HashValue + ) +{ + // + // Check input parameters. + // + if ((Sm3Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { + return FALSE; + } + + // + // Openssl SM3 Hash Finalization + // + ossl_sm3_final (HashValue, (SM3_CTX *)Sm3Context); + + return TRUE; +} + +/** + Computes the SM3 message digest of a input data buffer. + + This function performs the SM3 message digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[out] HashValue Pointer to a buffer that receives the SM3 diges= t + value (32 bytes). + + @retval TRUE SM3 digest computation succeeded. + @retval FALSE SM3 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sm3HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + OUT UINT8 *HashValue + ) +{ + SM3_CTX Ctx; + + // + // Check input parameters. + // + if (HashValue =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + // + // SM3 Hash Computation. + // + ossl_sm3_init (&Ctx); + + ossl_sm3_update (&Ctx, Data, DataSize); + + ossl_sm3_final (HashValue, &Ctx); + + return TRUE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c new file mode 100644 index 0000000000..420ed11280 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptXkcp.c @@ -0,0 +1,107 @@ +/** @file + Encode realted functions from Xkcp. + +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +Copyright 2024 The eXtended Keccak Code Package (XKCP) +https://github.com/XKCP/XKCP +Keccak, designed by Guido Bertoni, Joan Daemen, Michael Peeters and Gilles= Van Assche. +Implementation by the designers, hereby denoted as "the implementer". +For more information, feedback or questions, please refer to the Keccak Te= am website: +https://keccak.team/ +To the extent possible under law, the implementer has waived all copyright +and related or neighboring rights to the source code in this file. +http://creativecommons.org/publicdomain/zero/1.0/ + +**/ + +#include "CryptParallelHash.h" + +/** + Encode function from XKCP. + + Encodes the input as a byte string in a way that can be unambiguously pa= rsed + from the beginning of the string by inserting the length of the byte str= ing + before the byte string representation of input. + + @param[out] EncBuf Result of left encode. + @param[in] Value Input of left encode. + + @retval EncLen Size of encode result in bytes. +**/ +UINTN +EFIAPI +LeftEncode ( + OUT UINT8 *EncBuf, + IN UINTN Value + ) +{ + UINT32 BlockNum; + UINT32 EncLen; + UINT32 Index; + UINTN ValueCopy; + + for ( ValueCopy =3D Value, BlockNum =3D 0; ValueCopy && (BlockNum < size= of (UINTN)); ++BlockNum, ValueCopy >>=3D 8 ) { + // + // Empty + // + } + + if (BlockNum =3D=3D 0) { + BlockNum =3D 1; + } + + for (Index =3D 1; Index <=3D BlockNum; ++Index) { + EncBuf[Index] =3D (UINT8)(Value >> (8 * (BlockNum - Index))); + } + + EncBuf[0] =3D (UINT8)BlockNum; + EncLen =3D BlockNum + 1; + + return EncLen; +} + +/** + Encode function from XKCP. + + Encodes the input as a byte string in a way that can be unambiguously pa= rsed + from the end of the string by inserting the length of the byte string af= ter + the byte string representation of input. + + @param[out] EncBuf Result of right encode. + @param[in] Value Input of right encode. + + @retval EncLen Size of encode result in bytes. +**/ +UINTN +EFIAPI +RightEncode ( + OUT UINT8 *EncBuf, + IN UINTN Value + ) +{ + UINT32 BlockNum; + UINT32 EncLen; + UINT32 Index; + UINTN ValueCopy; + + for (ValueCopy =3D Value, BlockNum =3D 0; ValueCopy && (BlockNum < sizeo= f (UINTN)); ++BlockNum, ValueCopy >>=3D 8) { + // + // Empty + // + } + + if (BlockNum =3D=3D 0) { + BlockNum =3D 1; + } + + for (Index =3D 1; Index <=3D BlockNum; ++Index) { + EncBuf[Index-1] =3D (UINT8)(Value >> (8 * (BlockNum-Index))); + } + + EncBuf[BlockNum] =3D (UINT8)BlockNum; + EncLen =3D BlockNum + 1; + + return EncLen; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupp= ort.c b/CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupport.c new file mode 100644 index 0000000000..c50001959c --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/DummyOpensslSupport.c @@ -0,0 +1,595 @@ +/** +Copyright (c) 2024, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent +**/ + +#include + +int errno =3D 0; + +FILE *stderr =3D NULL; +FILE *stdin =3D NULL; +FILE *stdout =3D NULL; + +typedef + int +(*SORT_COMPARE)( + IN VOID *Buffer1, + IN VOID *Buffer2 + ); + +// +// Duplicated from EDKII BaseSortLib for qsort() wrapper +// +STATIC +VOID +QuickSortWorker ( + IN OUT VOID *BufferToSort, + IN CONST UINTN Count, + IN CONST UINTN ElementSize, + IN SORT_COMPARE CompareFunction, + IN VOID *Buffer + ) +{ + VOID *Pivot; + UINTN LoopCount; + UINTN NextSwapLocation; + + ASSERT (BufferToSort !=3D NULL); + ASSERT (CompareFunction !=3D NULL); + ASSERT (Buffer !=3D NULL); + + if ((Count < 2) || (ElementSize < 1)) { + return; + } + + NextSwapLocation =3D 0; + + // + // Pick a pivot (we choose last element) + // + Pivot =3D ((UINT8 *)BufferToSort + ((Count - 1) * ElementSize)); + + // + // Now get the pivot such that all on "left" are below it + // and everything "right" are above it + // + for (LoopCount =3D 0; LoopCount < Count - 1; LoopCount++) { + // + // If the element is less than the pivot + // + if (CompareFunction ((VOID *)((UINT8 *)BufferToSort + ((LoopCount) * E= lementSize)), Pivot) <=3D 0) { + // + // Swap + // + CopyMem (Buffer, (UINT8 *)BufferToSort + (NextSwapLocation * Element= Size), ElementSize); + CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), (= UINT8 *)BufferToSort + ((LoopCount) * ElementSize), ElementSize); + CopyMem ((UINT8 *)BufferToSort + ((LoopCount) * ElementSize), Buffer= , ElementSize); + + // + // Increment NextSwapLocation + // + NextSwapLocation++; + } + } + + // + // Swap pivot to its final position (NextSwapLocation) + // + CopyMem (Buffer, Pivot, ElementSize); + CopyMem (Pivot, (UINT8 *)BufferToSort + (NextSwapLocation * ElementSize)= , ElementSize); + CopyMem ((UINT8 *)BufferToSort + (NextSwapLocation * ElementSize), Buffe= r, ElementSize); + + // + // Now recurse on 2 partial lists. Neither of these will have the 'pivo= t' element. + // IE list is sorted left half, pivot element, sorted right half... + // + QuickSortWorker ( + BufferToSort, + NextSwapLocation, + ElementSize, + CompareFunction, + Buffer + ); + + QuickSortWorker ( + (UINT8 *)BufferToSort + (NextSwapLocation + 1) * ElementSize, + Count - NextSwapLocation - 1, + ElementSize, + CompareFunction, + Buffer + ); + + return; +} + +// --------------------------------------------------------- +// Standard C Run-time Library Interface Wrapper +// --------------------------------------------------------- + +// +// -- String Manipulation Routines -- +// + +/* Scan a string for the last occurrence of a character */ +char * +strrchr ( + const char *str, + int c + ) +{ + char *save; + + for (save =3D NULL; ; ++str) { + if (*str =3D=3D c) { + save =3D (char *)str; + } + + if (*str =3D=3D 0) { + return (save); + } + } +} + +/* Compare first n bytes of string s1 with string s2, ignoring case */ +int +strncasecmp ( + const char *s1, + const char *s2, + size_t n + ) +{ + int Val; + + ASSERT (s1 !=3D NULL); + ASSERT (s2 !=3D NULL); + + if (n !=3D 0) { + do { + Val =3D tolower (*s1) - tolower (*s2); + if (Val !=3D 0) { + return Val; + } + + ++s1; + ++s2; + if (*s1 =3D=3D '\0') { + break; + } + } while (--n !=3D 0); + } + + return 0; +} + +/* Read formatted data from a string */ +int +sscanf ( + const char *buffer, + const char *format, + ... + ) +{ + // + // Null sscanf() function implementation to satisfy the linker, since + // no direct functionality logic dependency in present UEFI cases. + // + return 0; +} + +/* Maps errnum to an error-message string */ +char * +strerror ( + int errnum + ) +{ + return NULL; +} + +/* Computes the length of the maximum initial segment of the string pointe= d to by s1 + which consists entirely of characters from the string pointed to by s2.= */ +size_t +strspn ( + const char *s1, + const char *s2 + ) +{ + UINT8 Map[32]; + UINT32 Index; + size_t Count; + + for (Index =3D 0; Index < 32; Index++) { + Map[Index] =3D 0; + } + + while (*s2) { + Map[*s2 >> 3] |=3D (1 << (*s2 & 7)); + s2++; + } + + if (*s1) { + Count =3D 0; + while (Map[*s1 >> 3] & (1 << (*s1 & 7))) { + Count++; + s1++; + } + + return Count; + } + + return 0; +} + +/* Computes the length of the maximum initial segment of the string pointe= d to by s1 + which consists entirely of characters not from the string pointed to by= s2. */ +size_t +strcspn ( + const char *s1, + const char *s2 + ) +{ + UINT8 Map[32]; + UINT32 Index; + size_t Count; + + for (Index =3D 0; Index < 32; Index++) { + Map[Index] =3D 0; + } + + while (*s2) { + Map[*s2 >> 3] |=3D (1 << (*s2 & 7)); + s2++; + } + + Map[0] |=3D 1; + + Count =3D 0; + while (!(Map[*s1 >> 3] & (1 << (*s1 & 7)))) { + Count++; + s1++; + } + + return Count; +} + +char * +strcpy ( + char *strDest, + const char *strSource + ) +{ + // AsciiStrCpyS (strDest, MAX_STRING_SIZE, strSource); + // return strDest; + return NULL; +} + +// +// -- Character Classification Routines -- +// + +/* Determines if a particular character is a decimal-digit character */ +int +isdigit ( + int c + ) +{ + // + // ::=3D [0-9] + // + return (('0' <=3D (c)) && ((c) <=3D '9')); +} + +/* Determine if an integer represents character that is a hex digit */ +int +isxdigit ( + int c + ) +{ + // + // ::=3D [0-9] | [a-f] | [A-F] + // + return ((('0' <=3D (c)) && ((c) <=3D '9')) || + (('a' <=3D (c)) && ((c) <=3D 'f')) || + (('A' <=3D (c)) && ((c) <=3D 'F'))); +} + +/* Determines if a particular character represents a space character */ +int +isspace ( + int c + ) +{ + // + // ::=3D [ ] + // + return ((c) =3D=3D ' '); +} + +/* Determine if a particular character is an alphanumeric character */ +int +isalnum ( + int c + ) +{ + // + // ::=3D [0-9] | [a-z] | [A-Z] + // + return ((('0' <=3D (c)) && ((c) <=3D '9')) || + (('a' <=3D (c)) && ((c) <=3D 'z')) || + (('A' <=3D (c)) && ((c) <=3D 'Z'))); +} + +/* Determines if a particular character is in upper case */ +int +isupper ( + int c + ) +{ + // + // :=3D [A-Z] + // + return (('A' <=3D (c)) && ((c) <=3D 'Z')); +} + +// +// -- Data Conversion Routines -- +// + +/* Convert strings to a long-integer value */ +long +strtol ( + const char *nptr, + char **endptr, + int base + ) +{ + // + // Null strtol() function implementation to satisfy the linker, since th= ere is + // no direct functionality logic dependency in present UEFI cases. + // + return 0; +} + +/* Convert strings to an unsigned long-integer value */ +unsigned long +strtoul ( + const char *nptr, + char **endptr, + int base + ) +{ + // + // Null strtoul() function implementation to satisfy the linker, since t= here is + // no direct functionality logic dependency in present UEFI cases. + // + return 0; +} + +/* Convert character to lowercase */ +int +tolower ( + int c + ) +{ + if (('A' <=3D (c)) && ((c) <=3D 'Z')) { + return (c - ('A' - 'a')); + } + + return (c); +} + +// +// -- Searching and Sorting Routines -- +// + +/* Performs a quick sort */ +void +qsort ( + void *base, + size_t num, + size_t width, + int ( *compare )(const void *, const void *) + ) +{ + VOID *Buffer; + + ASSERT (base !=3D NULL); + ASSERT (compare !=3D NULL); + + // + // Use CRT-style malloc to cover BS and RT memory allocation. + // + Buffer =3D malloc (width); + ASSERT (Buffer !=3D NULL); + + // + // Re-use PerformQuickSort() function Implementation in EDKII BaseSortLi= b. + // + QuickSortWorker (base, (UINTN)num, (UINTN)width, (SORT_COMPARE)compare, = Buffer); + + free (Buffer); + return; +} + +// +// -- Process and Environment Control Routines -- +// + +/* Get a value from the current environment */ +char * +getenv ( + const char *varname + ) +{ + // + // Null getenv() function implementation to satisfy the linker, since th= ere is + // no direct functionality logic dependency in present UEFI cases. + // + return NULL; +} + +/* Get a value from the current environment */ +char * +secure_getenv ( + const char *varname + ) +{ + // + // Null secure_getenv() function implementation to satisfy the linker, s= ince + // there is no direct functionality logic dependency in present UEFI cas= es. + // + // From the secure_getenv() manual: 'just like getenv() except that it + // returns NULL in cases where "secure execution" is required'. + // + return NULL; +} + +// +// -- Stream I/O Routines -- +// + +/* Write data to a stream */ +size_t +fwrite ( + const void *buffer, + size_t size, + size_t count, + FILE *stream + ) +{ + return 0; +} + +#ifdef __GNUC__ + +typedef + VOID +(EFIAPI *NoReturnFuncPtr)( + VOID + ) __attribute__ ((__noreturn__)); + +STATIC +VOID +EFIAPI +NopFunction ( + VOID + ) +{ +} + +void +abort ( + void + ) +{ + NoReturnFuncPtr NoReturnFunc; + + NoReturnFunc =3D (NoReturnFuncPtr)NopFunction; + + NoReturnFunc (); +} + +#else + +void +abort ( + void + ) +{ + // Do nothing +} + +#endif + +int +fclose ( + FILE *f + ) +{ + return 0; +} + +FILE * +fopen ( + const char *c, + const char *m + ) +{ + return NULL; +} + +size_t +fread ( + void *b, + size_t c, + size_t i, + FILE *f + ) +{ + return 0; +} + +uid_t +getuid ( + void + ) +{ + return 0; +} + +uid_t +geteuid ( + void + ) +{ + return 0; +} + +gid_t +getgid ( + void + ) +{ + return 0; +} + +gid_t +getegid ( + void + ) +{ + return 0; +} + +int +printf ( + char const *fmt, + ... + ) +{ + return 0; +} + +void * +malloc ( + size_t a + ) +{ + return NULL; +} + +void * +realloc ( + void *a, + size_t b + ) +{ + return NULL; +} + +void +free ( + void *b + ) +{ +} diff --git a/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf b/CryptoPkg/Librar= y/MbedTlsLib/MbedTlsLib.inf index adcf770902..93f8e69383 100644 --- a/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf +++ b/CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf @@ -13,6 +13,7 @@ MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D MbedTlsLib + DEFINE OPENSSL_PATH =3D ../OpensslLib/openssl =20 # # The following information is for reference only and not required by the = build tools. @@ -21,6 +22,11 @@ # =20 [Sources] +# Openssl files list starts here + $(OPENSSL_PATH)/crypto/mem_clr.c + $(OPENSSL_PATH)/crypto/sha/keccak1600.c + $(OPENSSL_PATH)/crypto/sm3/sm3.c +# Openssl files list ends here Include/mbedtls/mbedtls_config.h mbedtls/library/aes.c mbedtls/library/asn1parse.c diff --git a/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf b/CryptoPkg/Li= brary/MbedTlsLib/MbedTlsLibFull.inf index 7715392a9d..98695312cf 100644 --- a/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf +++ b/CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf @@ -13,6 +13,7 @@ MODULE_TYPE =3D BASE VERSION_STRING =3D 1.0 LIBRARY_CLASS =3D MbedTlsLib + DEFINE OPENSSL_PATH =3D ../OpensslLib/openssl =20 # # The following information is for reference only and not required by the = build tools. @@ -21,6 +22,11 @@ # =20 [Sources] +# Openssl files list starts here + $(OPENSSL_PATH)/crypto/mem_clr.c + $(OPENSSL_PATH)/crypto/sha/keccak1600.c + $(OPENSSL_PATH)/crypto/sm3/sm3.c +# Openssl files list ends here Include/mbedtls/mbedtls_config.h mbedtls/library/aes.c mbedtls/library/asn1parse.c --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118071): https://edk2.groups.io/g/devel/message/118071 Mute This Topic: https://groups.io/mt/105662372/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-