tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-07-30 00:54:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

CryptoPkg: Add all .inf files for BaseCryptLibMbedTls

Browse Source 
Add .inf files and other support files.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Yi Li <yi1.li@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Reviewed-by: Yi Li <yi1.li@intel.com>
This commit is contained in:
Wenxing Hou 2023-08-18 15:21:47 +08:00 committed by mergify[bot]
parent 97f51f2e9b
commit b26f7dfe29
19 changed files with 1718 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CryptoPkg/CryptoPkg.dec
View File

@ -27,6 +27,10 @@
Library/OpensslLib/openssl/providers/implementations/include Library/OpensslLib/openssl/providers/implementations/include
Library/OpensslLib/OpensslGen/include Library/OpensslLib/OpensslGen/include
Library/OpensslLib/OpensslGen/providers/common/include Library/OpensslLib/OpensslGen/providers/common/include
Library/MbedTlsLib/Include
Library/MbedTlsLib/mbedtls
Library/MbedTlsLib/mbedtls/include
Library/MbedTlsLib/mbedtls/include/mbedtls
[LibraryClasses] [LibraryClasses]
## @libraryclass Provides basic library functions for cryptographic primitives. ## @libraryclass Provides basic library functions for cryptographic primitives.

280
CryptoPkg/CryptoPkgMbedTls.dsc Normal file
View File

@ -0,0 +1,280 @@
## @file
# Cryptographic Library Package for UEFI Security Implementation.
# PEIM, DXE Driver, and SMM Driver with all crypto services enabled.
#
# Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
################################################################################
#
# Defines Section - statements that will be processed to create a Makefile.
#
################################################################################
[Defines]
PLATFORM_NAME = CryptoPkg
PLATFORM_GUID = E1063286-6C8C-4c25-AEF0-67A9A5B6E6B6
PLATFORM_VERSION = 0.98
DSC_SPECIFICATION = 0x00010005
OUTPUT_DIRECTORY = Build/CryptoPkgMbed
SUPPORTED_ARCHITECTURES = IA32|X64|ARM|AARCH64|RISCV64
BUILD_TARGETS = DEBUG|RELEASE|NOOPT
SKUID_IDENTIFIER = DEFAULT
!ifndef CRYPTO_IMG_TYPE
DEFINE CRYPTO_IMG_TYPE = DXE_SMM
!endif
!if $(CRYPTO_IMG_TYPE) IN "PEI_DEFAULT PEI_PREMEM DXE_SMM"
!else
!error CRYPTO_IMG_TYPE must be set to one of PEI_DEFAULT PEI_PREMEM DXE_SMM.
!endif
################################################################################
#
# Library Class section - list of all Library Classes needed by this Platform.
#
################################################################################
!include MdePkg/MdeLibs.dsc.inc
[LibraryClasses]
BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
[LibraryClasses.ARM, LibraryClasses.AARCH64]
#
# It is not possible to prevent the ARM compiler for generic intrinsic functions.
# This library provides the instrinsic functions generate by a given compiler.
# [LibraryClasses.ARM, LibraryClasses.AARCH64] and NULL mean link this library
# into all ARM and AARCH64 images.
#
NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf
# Add support for stack protector
NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf
[LibraryClasses.common.PEIM]
PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf
MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf
PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf
PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf
HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf
[LibraryClasses.common.DXE_SMM_DRIVER]
SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf
SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
[LibraryClasses]
MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebugLibReportStatusCode.inf
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf
UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
MbedTlsLib|CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
[LibraryClasses.ARM]
ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
[LibraryClasses.common.PEIM]
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf
TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
[LibraryClasses.IA32.PEIM, LibraryClasses.X64.PEIM]
PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf
[LibraryClasses.ARM.PEIM, LibraryClasses.AARCH64.PEIM]
PeiServicesTablePointerLib|ArmPkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf
[LibraryClasses.common.DXE_DRIVER]
ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
[LibraryClasses.common.DXE_SMM_DRIVER]
ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/SmmReportStatusCodeLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf
TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
################################################################################
#
# Pcd Section - list of all EDK II PCD Entries defined by this Platform
#
################################################################################
[PcdsFixedAtBuild]
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0f
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000000
gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x06
!if $(CRYPTO_IMG_TYPE) IN "DXE_SMM"
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacMd5.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md4.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md5.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tdes.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
!endif
!if $(CRYPTO_IMG_TYPE) IN "PEI_DEFAULT"
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pkcs1Verify | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.New | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.SetKey | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Free | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Services.GetContextSize | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Services.Init | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Services.Update | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Services.Final | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.GetContextSize | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.Init | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.Update | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.Final | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.GetContextSize | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.Init | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.Update | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.Final | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.HashAll | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Services.GetContextSize | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Services.Init | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Services.Update | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Services.Final | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Services.HashAll | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Services.Duplicate | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Services.New | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Services.Free | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Services.SetKey | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Services.Duplicate | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Services.Update | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Services.Final | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Services.Sha256ExtractAndExpand | TRUE
!endif
!if $(CRYPTO_IMG_TYPE) IN "PEI_PREMEM"
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.GetContextSize | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.Init | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.Update | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.Final | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.GetContextSize | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.Init | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.Update | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.Final | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Services.HashAll | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Services.GetContextSize | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Services.Init | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Services.Update | TRUE
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Services.Final | TRUE
!endif
###################################################################################################
#
# Components Section - list of the modules and components that will be processed by compilation
# tools and the EDK II tools to generate PE32/PE32+/Coff image files.
#
# Note: The EDK II DSC file is not used to specify how compiled binary images get placed
# into firmware volume images. This section is just a list of modules to compile from
# source into UEFI-compliant binaries.
# It is the FDF file that contains information on combining binary files into firmware
# volume images, whose concept is beyond UEFI and is described in PI specification.
# Binary modules do not need to be listed in this section, as they should be
# specified in the FDF file. For example: Shell binary (Shell_Full.efi), FAT binary (Fat.efi),
# Logo (Logo.bmp), and etc.
# There may also be modules listed in this section that are not required in the FDF file,
# When a module listed here is excluded from FDF file, then UEFI-compliant binary will be
# generated for it, but the binary will not be put into any firmware volume.
#
###################################################################################################
!if $(CRYPTO_IMG_TYPE) IN "PEI_DEFAULT PEI_PREMEM"
[Components.IA32, Components.X64, Components.ARM, Components.AARCH64]
CryptoPkg/Driver/CryptoPei.inf {
<Defines>
!if "$(CRYPTO_SERVICES)" == "ALL"
FILE_GUID = 8DF53C2E-3380-495F-A8B7-370CFE28E1C6
!elseif "$(CRYPTO_SERVICES)" == "NONE"
FILE_GUID = E5A97EE3-71CC-407F-9DA9-6BE0C8A6C7DF
!elseif "$(CRYPTO_SERVICES)" == "MIN_PEI"
FILE_GUID = 0F5827A9-35FD-4F41-8D38-9BAFCE594D31
!endif
}
!endif
!if $(CRYPTO_IMG_TYPE) IN "DXE_SMM"
[Components.IA32, Components.X64, Components.AARCH64]
CryptoPkg/Driver/CryptoDxe.inf {
<Defines>
!if "$(CRYPTO_SERVICES)" == "ALL"
FILE_GUID = D9444B06-060D-42C5-9344-F04707BE0169
!elseif "$(CRYPTO_SERVICES)" == "NONE"
FILE_GUID = C7A340F4-A6CC-4F95-A2DA-42BEA4C3944A
!elseif "$(CRYPTO_SERVICES)" == MIN_DXE_MIN_SMM
FILE_GUID = DDF5BE9E-159A-4B77-B6D7-82B84B5763A2
!endif
}
[Components.IA32, Components.X64]
CryptoPkg/Driver/CryptoSmm.inf {
<Defines>
!if "$(CRYPTO_SERVICES)" == "ALL"
FILE_GUID = A3542CE8-77F7-49DC-A834-45D37D2EC1FA
!elseif "$(CRYPTO_SERVICES)" == "NONE"
FILE_GUID = 6DCB3127-01E7-4131-A487-DC77A965A541
!elseif "$(CRYPTO_SERVICES)" == MIN_DXE_MIN_SMM
FILE_GUID = 85F7EA15-3A2B-474A-8875-180542CD6BF3
!endif
}
!endif
[BuildOptions]
*_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES
MSFT:*_*_*_CC_FLAGS = /D ENABLE_MD5_DEPRECATED_INTERFACES
INTEL:*_*_*_CC_FLAGS = /D ENABLE_MD5_DEPRECATED_INTERFACES
GCC:*_*_*_CC_FLAGS = -D ENABLE_MD5_DEPRECATED_INTERFACES
RVCT:*_*_*_CC_FLAGS = -DENABLE_MD5_DEPRECATED_INTERFACES
!if $(CRYPTO_IMG_TYPE) IN "DXE_SMM"
MSFT:*_*_*_DLINK_FLAGS = /ALIGN:4096
GCC:*_GCC*_*_DLINK_FLAGS = -z common-page-size=0x1000
!endif

81
CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf Normal file
View File

@ -0,0 +1,81 @@
## @file
# Cryptographic Library Instance for DXE_DRIVER.
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
# This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
# Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = BaseCryptLib
FILE_GUID = 693C5308-AF95-4CE5-ADE9-CA011C2FC642
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = BaseCryptLib|DXE_DRIVER DXE_CORE UEFI_APPLICATION UEFI_DRIVER
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 ARM AARCH64
#
[Sources]
InternalCryptLib.h
Cipher/CryptAeadAesGcmNull.c
Cipher/CryptAes.c
Hash/CryptSha256.c
Hash/CryptSha512.c
Hash/CryptParallelHashNull.c
Hash/CryptSm3Null.c
Hash/CryptMd5.c
Hash/CryptSha1.c
Hmac/CryptHmac.c
Kdf/CryptHkdf.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptRsaPss.c
Pk/CryptRsaPssSignNull.c
Bn/CryptBnNull.c
Pem/CryptPemNull.c
Pk/CryptDhNull.c
Pk/CryptEcNull.c
Pk/CryptPkcs1OaepNull.c
Pk/CryptPkcs5Pbkdf2Null.c
Pk/CryptPkcs7SignNull.c
Pk/CryptPkcs7VerifyNull.c
Pk/CryptPkcs7VerifyEkuNull.c
Pk/CryptX509Null.c
Pk/CryptAuthenticodeNull.c
Pk/CryptTsNull.c
Rand/CryptRandNull.c
SysCall/CrtWrapper.c
SysCall/TimerWrapper.c
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
UefiRuntimeServicesTableLib
DebugLib
MbedTlsLib
PrintLib
IntrinsicLib
RngLib
SynchronizationLib
[Protocols]
gEfiMpServiceProtocolGuid
#
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
MSFT:*_*_*_CC_FLAGS = /GL-

101
CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf Normal file
View File

@ -0,0 +1,101 @@
## @file
# Cryptographic Library Instance for PEIM.
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
# This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
# Note:
# HMAC-SHA256 functions, AES functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509
# certificate handler functions, authenticode signature verification functions,
# PEM handler functions, and pseudorandom number generator functions are not
# supported in this instance.
#
# Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = PeiCryptLib
MODULE_UNI_FILE = PeiCryptLib.uni
FILE_GUID = 91E0A3C3-37A7-4AEE-8689-C5B0AD2C8E63
MODULE_TYPE = PEIM
VERSION_STRING = 1.0
LIBRARY_CLASS = BaseCryptLib|PEIM PEI_CORE
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64
#
[Sources]
InternalCryptLib.h
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
Hash/CryptSm3Null.c
Hash/CryptSha512.c
Hash/CryptParallelHashNull.c
Hmac/CryptHmac.c
Kdf/CryptHkdf.c
Cipher/CryptAes.c
Cipher/CryptAeadAesGcmNull.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptRsaPss.c
Pk/CryptRsaPssSignNull.c
Bn/CryptBnNull.c
Pem/CryptPemNull.c
Pk/CryptDhNull.c
Pk/CryptEcNull.c
Pk/CryptPkcs1OaepNull.c
Pk/CryptPkcs5Pbkdf2Null.c
Pk/CryptPkcs7SignNull.c
Pk/CryptPkcs7VerifyNull.c
Pk/CryptPkcs7VerifyEkuNull.c
Pk/CryptX509Null.c
Pk/CryptAuthenticodeNull.c
Pk/CryptTsNull.c
Rand/CryptRandNull.c
SysCall/CrtWrapper.c
SysCall/ConstantTimeClock.c
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
DebugLib
MbedTlsLib
IntrinsicLib
PrintLib
PeiServicesTablePointerLib
PeiServicesLib
SynchronizationLib
[Ppis]
gEfiPeiMpServicesPpiGuid
#
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
#
# suppress the following warnings so we do not break the build with warnings-as-errors:
# C4090: 'function' : different 'const' qualifiers
# C4718: 'function call' : recursive call has no side effects, deleting
#
MSFT:*_*_*_CC_FLAGS = /wd4090 /wd4718
GCC:*_CLANG35_*_CC_FLAGS = -std=c99
GCC:*_CLANG38_*_CC_FLAGS = -std=c99
GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types
XCODE:*_*_*_CC_FLAGS = -std=c99

25
CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.uni Normal file
View File

@ -0,0 +1,25 @@
// /** @file
// Cryptographic Library Instance for PEIM.
//
// Caution: This module requires additional review when modified.
// This library will have external input - signature.
// This external input must be validated carefully to avoid security issues such as
// buffer overflow or integer overflow.
//
// Note: AES
// functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, X.509 certificate handler functions, authenticode
// signature verification functions, PEM handler functions, and pseudorandom number
// generator functions are not supported in this instance.
//
// Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
//
// SPDX-License-Identifier: BSD-2-Clause-Patent
//
// **/
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for PEIM"
#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: AES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."

92
CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf Normal file
View File

@ -0,0 +1,92 @@
## @file
# Cryptographic Library Instance for DXE_RUNTIME_DRIVER.
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
# This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
# Note: SHA-384 Digest functions, SHA-512 Digest functions,
# HMAC-SHA256 functions, AES functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
# Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = RuntimeCryptLib
MODULE_UNI_FILE = RuntimeCryptLib.uni
FILE_GUID = D263B580-D9FC-4DC4-B445-578AAEFF530E
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = BaseCryptLib|DXE_RUNTIME_DRIVER
CONSTRUCTOR = RuntimeCryptLibConstructor
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 ARM AARCH64
#
[Sources]
InternalCryptLib.h
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
Hash/CryptSm3Null.c
Hash/CryptSha512.c
Hash/CryptParallelHashNull.c
Hmac/CryptHmac.c
Kdf/CryptHkdf.c
Cipher/CryptAes.c
Cipher/CryptAeadAesGcmNull.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptRsaPssNull.c
Pk/CryptRsaPssSignNull.c
Bn/CryptBnNull.c
Pem/CryptPemNull.c
Pk/CryptDhNull.c
Pk/CryptEcNull.c
Pk/CryptPkcs1OaepNull.c
Pk/CryptPkcs5Pbkdf2Null.c
Pk/CryptPkcs7SignNull.c
Pk/CryptPkcs7VerifyNull.c
Pk/CryptPkcs7VerifyEkuNull.c
Pk/CryptX509Null.c
Pk/CryptAuthenticodeNull.c
Pk/CryptTsNull.c
Rand/CryptRandNull.c
SysCall/CrtWrapper.c
SysCall/TimerWrapper.c
SysCall/RuntimeMemAllocation.c
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
UefiRuntimeServicesTableLib
DebugLib
MbedTlsLib
IntrinsicLib
PrintLib
#
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
#
# suppress the following warnings so we do not break the build with warnings-as-errors:
#
GCC:*_CLANG35_*_CC_FLAGS = -std=c99
GCC:*_CLANG38_*_CC_FLAGS = -std=c99
GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types
XCODE:*_*_*_CC_FLAGS = -std=c99

22
CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.uni Normal file
View File

@ -0,0 +1,22 @@
// /** @file
// Cryptographic Library Instance for DXE_RUNTIME_DRIVER.
//
// Caution: This module requires additional review when modified.
// This library will have external input - signature.
// This external input must be validated carefully to avoid security issues such as
// buffer overflow or integer overflow.
//
// Note: AES
// functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, and authenticode signature verification functions are
// not supported in this instance.
//
// Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
//
// SPDX-License-Identifier: BSD-2-Clause-Patent
//
// **/
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for DXE_RUNTIME_DRIVER"
#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: AES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."

84
CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.inf Normal file
View File

@ -0,0 +1,84 @@
## @file
# Cryptographic Library Instance for SEC.
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
# This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
# Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = SecCryptLib
MODULE_UNI_FILE = SecCryptLib.uni
FILE_GUID = 894C367F-254A-4563-8624-798D46EAD796
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = BaseCryptLib|SEC
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64
#
[Sources]
InternalCryptLib.h
Hash/CryptSha512.c
Hash/CryptMd5Null.c
Hash/CryptSha1Null.c
Hash/CryptSha256Null.c
Hash/CryptSm3Null.c
Hash/CryptParallelHashNull.c
Hmac/CryptHmacNull.c
Kdf/CryptHkdfNull.c
Cipher/CryptAesNull.c
Cipher/CryptAeadAesGcmNull.c
Pk/CryptRsaBasicNull.c
Pk/CryptRsaExtNull.c
Bn/CryptBnNull.c
Pem/CryptPemNull.c
Pk/CryptDhNull.c
Pk/CryptEcNull.c
Pk/CryptPkcs1OaepNull.c
Pk/CryptPkcs5Pbkdf2Null.c
Pk/CryptPkcs7SignNull.c
Pk/CryptPkcs7VerifyNull.c
Pk/CryptPkcs7VerifyEkuNull.c
Pk/CryptX509Null.c
Pk/CryptAuthenticodeNull.c
Pk/CryptTsNull.c
Rand/CryptRandNull.c
SysCall/CrtWrapper.c
SysCall/ConstantTimeClock.c
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
DebugLib
MbedTlsLib
IntrinsicLib
PrintLib
#
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
#
# suppress the following warnings so we do not break the build with warnings-as-errors:
#
GCC:*_CLANG35_*_CC_FLAGS = -std=c99
GCC:*_CLANG38_*_CC_FLAGS = -std=c99
GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types
XCODE:*_*_*_CC_FLAGS = -std=c99

17
CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.uni Normal file
View File

@ -0,0 +1,17 @@
// /** @file
// Cryptographic Library Instance for SEC driver.
//
// Caution: This module requires additional review when modified.
// This library will have external input - signature.
// This external input must be validated carefully to avoid security issues such as
// buffer overflow or integer overflow.
//
// Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
//
// SPDX-License-Identifier: BSD-2-Clause-Patent
//
// **/
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for SEC driver"
#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: AES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."

92
CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf Normal file
View File

@ -0,0 +1,92 @@
## @file
# Cryptographic Library Instance for SMM driver.
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
# This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
# Note: SHA-384 Digest functions, SHA-512 Digest functions,
# RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
# Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = SmmCryptLib
MODULE_UNI_FILE = SmmCryptLib.uni
FILE_GUID = CF104633-9901-4504-AD7A-91690926A253
MODULE_TYPE = DXE_SMM_DRIVER
VERSION_STRING = 1.0
PI_SPECIFICATION_VERSION = 0x0001000A
LIBRARY_CLASS = BaseCryptLib|DXE_SMM_DRIVER SMM_CORE MM_STANDALONE
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 ARM AARCH64
#
[Sources]
InternalCryptLib.h
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
Hash/CryptSm3Null.c
Hash/CryptSha512.c
Hash/CryptParallelHashNull.c
Hmac/CryptHmac.c
Kdf/CryptHkdf.c
Cipher/CryptAes.c
Cipher/CryptAeadAesGcmNull.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptRsaPss.c
Pk/CryptRsaPssSignNull.c
Bn/CryptBnNull.c
Pem/CryptPemNull.c
Pk/CryptDhNull.c
Pk/CryptEcNull.c
Pk/CryptPkcs1OaepNull.c
Pk/CryptPkcs5Pbkdf2Null.c
Pk/CryptPkcs7SignNull.c
Pk/CryptPkcs7VerifyNull.c
Pk/CryptPkcs7VerifyEkuNull.c
Pk/CryptX509Null.c
Pk/CryptAuthenticodeNull.c
Pk/CryptTsNull.c
Rand/CryptRandNull.c
SysCall/CrtWrapper.c
SysCall/ConstantTimeClock.c
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
MbedTlsLib
IntrinsicLib
PrintLib
MmServicesTableLib
SynchronizationLib
#
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
#
# suppress the following warnings so we do not break the build with warnings-as-errors:
#
XCODE:*_*_*_CC_FLAGS = -mmmx -msse -std=c99
GCC:*_CLANG35_*_CC_FLAGS = -std=c99
GCC:*_CLANG38_*_CC_FLAGS = -std=c99
GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types

22
CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.uni Normal file
View File

@ -0,0 +1,22 @@
// /** @file
// Cryptographic Library Instance for SMM driver.
//
// Caution: This module requires additional review when modified.
// This library will have external input - signature.
// This external input must be validated carefully to avoid security issues such as
// buffer overflow or integer overflow.
//
// Note: AES
// functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, and authenticode signature verification functions are
// not supported in this instance.
//
// Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
//
// SPDX-License-Identifier: BSD-2-Clause-Patent
//
// **/
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for SMM driver"
#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: AES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."

75
CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/ConstantTimeClock.c Normal file
View File

@ -0,0 +1,75 @@
/** @file
C Run-Time Libraries (CRT) Time Management Routines Wrapper Implementation
for MbedTLS-based Cryptographic Library.
This C file implements constant time value for time() and NULL for gmtime()
thus should not be used in library instances which require functionality
of following APIs which need system time support:
1) RsaGenerateKey
2) RsaCheckKey
3) RsaPkcs1Sign
4) Pkcs7Sign
5) DhGenerateParameter
6) DhGenerateKey
Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Base.h>
#include <Library/BaseMemoryLib.h>
typedef int time_t;
//
// Structures Definitions
//
struct tm {
int tm_sec; /* seconds after the minute [0-60] */
int tm_min; /* minutes after the hour [0-59] */
int tm_hour; /* hours since midnight [0-23] */
int tm_mday; /* day of the month [1-31] */
int tm_mon; /* months since January [0-11] */
int tm_year; /* years since 1900 */
int tm_wday; /* days since Sunday [0-6] */
int tm_yday; /* days since January 1 [0-365] */
int tm_isdst; /* Daylight Savings Time flag */
long tm_gmtoff; /* offset from CUT in seconds */
char *tm_zone; /* timezone abbreviation */
};
//
// -- Time Management Routines --
//
/**time function. **/
time_t
time (
time_t *timer
)
{
if (timer != NULL) {
*timer = 0;
}
return 0;
}
/**gmtime function. **/
struct tm *
gmtime (
const time_t *timer
)
{
return NULL;
}
/**_time64 function. **/
time_t
_time64 (
time_t *t
)
{
return time (t);
}

58
CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/CrtWrapper.c Normal file
View File

@ -0,0 +1,58 @@
/** @file
C Run-Time Libraries (CRT) Wrapper Implementation for MbedTLS-based
Cryptographic Library.
Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Base.h>
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
#include <stdio.h>
/**dummy mbedtls_printf function. **/
int
mbedtls_printf (
char const *fmt,
...
)
{
ASSERT (FALSE);
return 0;
}
/**dummy mbedtls_vsnprintf function. **/
int
mbedtls_vsnprintf (
char *str,
size_t size,
const char *format,
...
)
{
ASSERT (FALSE);
return 0;
}
/**strchr function. **/
char *
strchr (
const char *str,
int ch
)
{
return ScanMem8 (str, AsciiStrSize (str), (char)ch);
}
/**strcmp function. **/
int
strcmp (
const char *s1,
const char *s2
)
{
return (int)AsciiStrCmp (s1, s2);
}

462
CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/RuntimeMemAllocation.c Normal file
View File

@ -0,0 +1,462 @@
/** @file
Light-weight Memory Management Routines for MbedTLS-based Crypto
Library at Runtime Phase.
Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <CrtLibSupport.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiRuntimeLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Guid/EventGroup.h>
// ----------------------------------------------------------------
// Initial version. Needs further optimizations.
// ----------------------------------------------------------------
//
// Definitions for Runtime Memory Operations
//
#define RT_PAGE_SIZE 0x200
#define RT_PAGE_MASK 0x1FF
#define RT_PAGE_SHIFT 9
#define RT_SIZE_TO_PAGES(a) (((a) >> RT_PAGE_SHIFT) + (((a) & RT_PAGE_MASK) ? 1 : 0))
#define RT_PAGES_TO_SIZE(a) ((a) << RT_PAGE_SHIFT)
//
// Page Flag Definitions
//
#define RT_PAGE_FREE 0x00000000
#define RT_PAGE_USED 0x00000001
#define MIN_REQUIRED_BLOCKS 600
//
// Memory Page Table
//
typedef struct {
UINTN StartPageOffset; // Offset of the starting page allocated.
// Only available for USED pages.
UINT32 PageFlag; // Page Attributes.
} RT_MEMORY_PAGE_ENTRY;
typedef struct {
UINTN PageCount;
UINTN LastEmptyPageOffset;
UINT8 *DataAreaBase; // Pointer to data Area.
RT_MEMORY_PAGE_ENTRY Pages[1]; // Page Table Entries.
} RT_MEMORY_PAGE_TABLE;
//
// Global Page Table for Runtime Cryptographic Provider.
//
RT_MEMORY_PAGE_TABLE *mRTPageTable = NULL;
//
// Event for Runtime Address Conversion.
//
STATIC EFI_EVENT mVirtualAddressChangeEvent;
/**
Initializes pre-allocated memory pointed by ScratchBuffer for subsequent
runtime use.
@param[in, out] ScratchBuffer Pointer to user-supplied memory buffer.
@param[in] ScratchBufferSize Size of supplied buffer in bytes.
@retval EFI_SUCCESS Successful initialization.
**/
EFI_STATUS
InitializeScratchMemory (
IN OUT UINT8 *ScratchBuffer,
IN UINTN ScratchBufferSize
)
{
UINTN Index;
UINTN MemorySize;
//
// Parameters Checking
//
if (ScratchBuffer == NULL) {
return EFI_INVALID_PARAMETER;
}
if (ScratchBufferSize < MIN_REQUIRED_BLOCKS * 1024) {
return EFI_BUFFER_TOO_SMALL;
}
mRTPageTable = (RT_MEMORY_PAGE_TABLE *)ScratchBuffer;
//
// Initialize Internal Page Table for Memory Management
//
SetMem (mRTPageTable, ScratchBufferSize, 0xFF);
MemorySize = ScratchBufferSize - sizeof (RT_MEMORY_PAGE_TABLE) + sizeof (RT_MEMORY_PAGE_ENTRY);
mRTPageTable->PageCount = MemorySize / (RT_PAGE_SIZE + sizeof (RT_MEMORY_PAGE_ENTRY));
mRTPageTable->LastEmptyPageOffset = 0x0;
for (Index = 0; Index < mRTPageTable->PageCount; Index++) {
mRTPageTable->Pages[Index].PageFlag = RT_PAGE_FREE;
mRTPageTable->Pages[Index].StartPageOffset = 0;
}
mRTPageTable->DataAreaBase = ScratchBuffer + sizeof (RT_MEMORY_PAGE_TABLE) +
(mRTPageTable->PageCount - 1) * sizeof (RT_MEMORY_PAGE_ENTRY);
return EFI_SUCCESS;
}
/**
Look-up Free memory Region for object allocation.
@param[in] AllocationSize Bytes to be allocated.
@return Return available page offset for object allocation.
**/
UINTN
LookupFreeMemRegion (
IN UINTN AllocationSize
)
{
UINTN StartPageIndex;
UINTN Index;
UINTN SubIndex;
UINTN ReqPages;
StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->LastEmptyPageOffset);
ReqPages = RT_SIZE_TO_PAGES (AllocationSize);
if (ReqPages > mRTPageTable->PageCount) {
//
// No enough region for object allocation.
//
return (UINTN)(-1);
}
//
// Look up the free memory region with in current memory map table.
//
for (Index = StartPageIndex; Index <= (mRTPageTable->PageCount - ReqPages); ) {
//
// Check consecutive ReqPages pages.
//
for (SubIndex = 0; SubIndex < ReqPages; SubIndex++) {
if ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0) {
break;
}
}
if (SubIndex == ReqPages) {
//
// Succeed! Return the Starting Offset.
//
return RT_PAGES_TO_SIZE (Index);
}
//
// Failed! Skip current free memory pages and adjacent Used pages
//
while ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0) {
SubIndex++;
}
Index += SubIndex;
}
//
// Look up the free memory region from the beginning of the memory table
// until the StartCursorOffset
//
if (ReqPages > StartPageIndex) {
//
// No enough region for object allocation.
//
return (UINTN)(-1);
}
for (Index = 0; Index < (StartPageIndex - ReqPages); ) {
//
// Check Consecutive ReqPages Pages.
//
for (SubIndex = 0; SubIndex < ReqPages; SubIndex++) {
if ((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0) {
break;
}
}
if (SubIndex == ReqPages) {
//
// Succeed! Return the Starting Offset.
//
return RT_PAGES_TO_SIZE (Index);
}
//
// Failed! Skip current adjacent Used pages
//
while ((SubIndex < (StartPageIndex - ReqPages)) &&
((mRTPageTable->Pages[SubIndex + Index].PageFlag & RT_PAGE_USED) != 0))
{
SubIndex++;
}
Index += SubIndex;
}
//
// No available region for object allocation!
//
return (UINTN)(-1);
}
/**
Allocates a buffer at runtime phase.
@param[in] AllocationSize Bytes to be allocated.
@return A pointer to the allocated buffer or NULL if allocation fails.
**/
VOID *
RuntimeAllocateMem (
IN UINTN AllocationSize
)
{
UINT8 *AllocPtr;
UINTN ReqPages;
UINTN Index;
UINTN StartPage;
UINTN AllocOffset;
AllocPtr = NULL;
ReqPages = 0;
//
// Look for available consecutive memory region starting from LastEmptyPageOffset.
// If no proper memory region found, look up from the beginning.
// If still not found, return NULL to indicate failed allocation.
//
AllocOffset = LookupFreeMemRegion (AllocationSize);
if (AllocOffset == (UINTN)(-1)) {
return NULL;
}
//
// Allocates consecutive memory pages with length of Size. Update the page
// table status. Returns the starting address.
//
ReqPages = RT_SIZE_TO_PAGES (AllocationSize);
AllocPtr = mRTPageTable->DataAreaBase + AllocOffset;
StartPage = RT_SIZE_TO_PAGES (AllocOffset);
Index = 0;
while (Index < ReqPages) {
mRTPageTable->Pages[StartPage + Index].PageFlag |= RT_PAGE_USED;
mRTPageTable->Pages[StartPage + Index].StartPageOffset = AllocOffset;
Index++;
}
mRTPageTable->LastEmptyPageOffset = AllocOffset + RT_PAGES_TO_SIZE (ReqPages);
ZeroMem (AllocPtr, AllocationSize);
//
// Returns a VOID pointer to the allocated space
//
return AllocPtr;
}
/**
Frees a buffer that was previously allocated at runtime phase.
@param[in] Buffer Pointer to the buffer to free.
**/
VOID
RuntimeFreeMem (
IN VOID *Buffer
)
{
UINTN StartOffset;
UINTN StartPageIndex;
StartOffset = (UINTN)Buffer - (UINTN)mRTPageTable->DataAreaBase;
StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->Pages[RT_SIZE_TO_PAGES (StartOffset)].StartPageOffset);
while (StartPageIndex < mRTPageTable->PageCount) {
if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
(mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset))
{
//
// Free this page
//
mRTPageTable->Pages[StartPageIndex].PageFlag &= ~RT_PAGE_USED;
mRTPageTable->Pages[StartPageIndex].PageFlag |= RT_PAGE_FREE;
mRTPageTable->Pages[StartPageIndex].StartPageOffset = 0;
StartPageIndex++;
} else {
break;
}
}
return;
}
/**
Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE.
This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE
event. It converts a pointer to a new virtual address.
@param[in] Event The event whose notification function is being invoked.
@param[in] Context The pointer to the notification function's context.
**/
VOID
EFIAPI
RuntimeCryptLibAddressChangeEvent (
IN EFI_EVENT Event,
IN VOID *Context
)
{
//
// Converts a pointer for runtime memory management to a new virtual address.
//
EfiConvertPointer (0x0, (VOID **)&mRTPageTable->DataAreaBase);
EfiConvertPointer (0x0, (VOID **)&mRTPageTable);
}
/**
Constructor routine for runtime crypt library instance.
The constructor function pre-allocates space for runtime cryptographic operation.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The construction succeeded.
@retval EFI_OUT_OF_RESOURCE Failed to allocate memory.
**/
EFI_STATUS
EFIAPI
RuntimeCryptLibConstructor (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
VOID *Buffer;
//
// Pre-allocates runtime space for possible cryptographic operations
//
Buffer = AllocateRuntimePool (MIN_REQUIRED_BLOCKS * 1024);
Status = InitializeScratchMemory (Buffer, MIN_REQUIRED_BLOCKS * 1024);
if (EFI_ERROR (Status)) {
return Status;
}
//
// Create address change event
//
Status = gBS->CreateEventEx (
EVT_NOTIFY_SIGNAL,
TPL_NOTIFY,
RuntimeCryptLibAddressChangeEvent,
NULL,
&gEfiEventVirtualAddressChangeGuid,
&mVirtualAddressChangeEvent
);
ASSERT_EFI_ERROR (Status);
return Status;
}
//
// -- Memory-Allocation Routines Wrapper for UEFI-MbedTLS Library --
//
/** Allocates memory blocks. **/
VOID *
malloc (
size_t size
)
{
return RuntimeAllocateMem ((UINTN)size);
}
/** Reallocate memory blocks. **/
VOID *
realloc (
VOID *ptr,
size_t size
)
{
VOID *NewPtr;
UINTN StartOffset;
UINTN StartPageIndex;
UINTN PageCount;
if (ptr == NULL) {
return malloc (size);
}
//
// Get Original Size of ptr
//
StartOffset = (UINTN)ptr - (UINTN)mRTPageTable->DataAreaBase;
StartPageIndex = RT_SIZE_TO_PAGES (mRTPageTable->Pages[RT_SIZE_TO_PAGES (StartOffset)].StartPageOffset);
PageCount = 0;
while (StartPageIndex < mRTPageTable->PageCount) {
if (((mRTPageTable->Pages[StartPageIndex].PageFlag & RT_PAGE_USED) != 0) &&
(mRTPageTable->Pages[StartPageIndex].StartPageOffset == StartOffset))
{
StartPageIndex++;
PageCount++;
} else {
break;
}
}
if (size <= RT_PAGES_TO_SIZE (PageCount)) {
//
// Return the original pointer, if Caller try to reduce region size;
//
return ptr;
}
NewPtr = RuntimeAllocateMem ((UINTN)size);
if (NewPtr == NULL) {
return NULL;
}
CopyMem (NewPtr, ptr, RT_PAGES_TO_SIZE (PageCount));
RuntimeFreeMem (ptr);
return NewPtr;
}
/** Deallocates or frees a memory block. **/
VOID
free (
VOID *ptr
)
{
//
// In Standard C, free() handles a null pointer argument transparently. This
// is not true of RuntimeFreeMem() below, so protect it.
//
if (ptr != NULL) {
RuntimeFreeMem (ptr);
}
}

198
CryptoPkg/Library/BaseCryptLibMbedTls/SysCall/TimerWrapper.c Normal file
View File

@ -0,0 +1,198 @@
/** @file
C Run-Time Libraries (CRT) Time Management Routines Wrapper Implementation
for MbedTLS-based Cryptographic Library (used in DXE & RUNTIME).
Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Uefi.h>
#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
typedef int time_t;
//
// Structures Definitions
//
struct tm {
int tm_sec; /* seconds after the minute [0-60] */
int tm_min; /* minutes after the hour [0-59] */
int tm_hour; /* hours since midnight [0-23] */
int tm_mday; /* day of the month [1-31] */
int tm_mon; /* months since January [0-11] */
int tm_year; /* years since 1900 */
int tm_wday; /* days since Sunday [0-6] */
int tm_yday; /* days since January 1 [0-365] */
int tm_isdst; /* Daylight Savings Time flag */
long tm_gmtoff; /* offset from CUT in seconds */
char *tm_zone; /* timezone abbreviation */
};
//
// -- Time Management Routines --
//
#define IsLeap(y) (((y) % 4) == 0 && (((y) % 100) != 0 || ((y) % 400) == 0))
#define SECSPERMIN (60)
#define SECSPERHOUR (60 * 60)
#define SECSPERDAY (24 * SECSPERHOUR)
//
// The arrays give the cumulative number of days up to the first of the
// month number used as the index (1 -> 12) for regular and leap years.
// The value at index 13 is for the whole year.
//
UINTN CumulativeDays[2][14] = {
{
0,
0,
31,
31 + 28,
31 + 28 + 31,
31 + 28 + 31 + 30,
31 + 28 + 31 + 30 + 31,
31 + 28 + 31 + 30 + 31 + 30,
31 + 28 + 31 + 30 + 31 + 30 + 31,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30,
31 + 28 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30 + 31
},
{
0,
0,
31,
31 + 29,
31 + 29 + 31,
31 + 29 + 31 + 30,
31 + 29 + 31 + 30 + 31,
31 + 29 + 31 + 30 + 31 + 30,
31 + 29 + 31 + 30 + 31 + 30 + 31,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30,
31 + 29 + 31 + 30 + 31 + 30 + 31 + 31 + 30 + 31 + 30 + 31
}
};
/** Get the system time as seconds elapsed since midnight, January 1, 1970. **/
time_t
time (
time_t *timer
)
{
EFI_STATUS Status;
EFI_TIME Time;
time_t CalTime;
UINTN Year;
//
// Get the current time and date information
//
Status = gRT->GetTime (&Time, NULL);
if (EFI_ERROR (Status) || (Time.Year < 1970)) {
return 0;
}
//
// Years Handling
// UTime should now be set to 00:00:00 on Jan 1 of the current year.
//
for (Year = 1970, CalTime = 0; Year != Time.Year; Year++) {
CalTime = CalTime + (time_t)(CumulativeDays[IsLeap (Year)][13] * SECSPERDAY);
}
//
// Add in number of seconds for current Month, Day, Hour, Minute, Seconds, and TimeZone adjustment
//
CalTime = CalTime +
(time_t)((Time.TimeZone != EFI_UNSPECIFIED_TIMEZONE) ? (Time.TimeZone * 60) : 0) +
(time_t)(CumulativeDays[IsLeap (Time.Year)][Time.Month] * SECSPERDAY) +
(time_t)(((Time.Day > 0) ? Time.Day - 1 : 0) * SECSPERDAY) +
(time_t)(Time.Hour * SECSPERHOUR) +
(time_t)(Time.Minute * 60) +
(time_t)Time.Second;
if (timer != NULL) {
*timer = CalTime;
}
return CalTime;
}
/** Convert a time value from type time_t to struct tm. **/
struct tm *
gmtime (
const time_t *timer
)
{
struct tm *GmTime;
UINT16 DayNo;
UINT16 DayRemainder;
time_t Year;
time_t YearNo;
UINT16 TotalDays;
UINT16 MonthNo;
if (timer == NULL) {
return NULL;
}
GmTime = AllocateZeroPool (sizeof (struct tm));
if (GmTime == NULL) {
return NULL;
}
ZeroMem ((VOID *)GmTime, (UINTN)sizeof (struct tm));
DayNo = (UINT16)(*timer / SECSPERDAY);
DayRemainder = (UINT16)(*timer % SECSPERDAY);
GmTime->tm_sec = (int)(DayRemainder % SECSPERMIN);
GmTime->tm_min = (int)((DayRemainder % SECSPERHOUR) / SECSPERMIN);
GmTime->tm_hour = (int)(DayRemainder / SECSPERHOUR);
GmTime->tm_wday = (int)((DayNo + 4) % 7);
for (Year = 1970, YearNo = 0; DayNo > 0; Year++) {
TotalDays = (UINT16)(IsLeap (Year) ? 366 : 365);
if (DayNo >= TotalDays) {
DayNo = (UINT16)(DayNo - TotalDays);
YearNo++;
} else {
break;
}
}
GmTime->tm_year = (int)(YearNo + (1970 - 1900));
GmTime->tm_yday = (int)DayNo;
for (MonthNo = 12; MonthNo > 1; MonthNo--) {
if (DayNo >= CumulativeDays[IsLeap (Year)][MonthNo]) {
DayNo = (UINT16)(DayNo - (UINT16)(CumulativeDays[IsLeap (Year)][MonthNo]));
break;
}
}
GmTime->tm_mon = (int)MonthNo - 1;
GmTime->tm_mday = (int)DayNo + 1;
GmTime->tm_isdst = 0;
GmTime->tm_gmtoff = 0;
GmTime->tm_zone = NULL;
return GmTime;
}
/**_time64 function. **/
time_t
_time64 (
time_t *t
)
{
return time (t);
}

76
CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf Normal file
View File

@ -0,0 +1,76 @@
## @file
# Cryptographic Library Instance for DXE_DRIVER.
#
# Caution: This module requires additional review when modified.
# This library will have external input - signature.
# This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
# Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = BaseCryptLib
FILE_GUID = 9DD60CFE-9D05-41E2-8B9E-958E2A4C1913
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = BaseCryptLib|DXE_DRIVER DXE_CORE UEFI_APPLICATION UEFI_DRIVER
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 ARM AARCH64
#
[Sources]
InternalCryptLib.h
Cipher/CryptAeadAesGcmNull.c
Cipher/CryptAes.c
Hash/CryptSha256.c
Hash/CryptSha512.c
Hash/CryptSm3Null.c
Hash/CryptMd5.c
Hash/CryptSha1.c
Hmac/CryptHmac.c
Kdf/CryptHkdf.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptRsaPss.c
Pk/CryptRsaPssSignNull.c
Bn/CryptBnNull.c
Pem/CryptPemNull.c
Pk/CryptDhNull.c
Pk/CryptEcNull.c
Pk/CryptPkcs1OaepNull.c
Pk/CryptPkcs5Pbkdf2Null.c
Pk/CryptPkcs7SignNull.c
Pk/CryptPkcs7VerifyNull.c
Pk/CryptPkcs7VerifyEkuNull.c
Pk/CryptX509Null.c
Pk/CryptAuthenticodeNull.c
Pk/CryptTsNull.c
Rand/CryptRandNull.c
SysCall/CrtWrapper.c
[Packages]
MdePkg/MdePkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
UefiRuntimeServicesTableLib
DebugLib
MbedTlsLib
PrintLib
RngLib
#
# Remove these [BuildOptions] after this library is cleaned up
#
[BuildOptions]
MSFT:*_*_*_CC_FLAGS = /GL-

19
CryptoPkg/Library/Include/stdint.h Normal file
View File

@ -0,0 +1,19 @@
/** @file
Include file to support building the third-party cryptographic library.
Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <CrtLibSupport.h>
typedef INT8 int8_t;
typedef UINT8 uint8_t;
typedef INT16 int16_t;
typedef UINT16 uint16_t;
typedef INT32 int32_t;
typedef UINT32 uint32_t;
typedef INT64 int64_t;
typedef UINT64 uint64_t;
typedef UINTN uintptr_t;

9
CryptoPkg/Library/Include/stubs-32.h Normal file
View File

@ -0,0 +1,9 @@
/** @file
Include file to support building the third-party cryptographic library.
Copyright (c) 2023, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <CrtLibSupport.h>

2
CryptoPkg/Library/MbedTlsLib/EcSm2Null.c
View File

@ -12,7 +12,7 @@
#include <mbedtls/ecdh.h> #include <mbedtls/ecdh.h>
#include <mbedtls/ecdsa.h> #include <mbedtls/ecdsa.h>
#include <mbedtls/bignum.h> #include <mbedtls/bignum.h>
#include <library/bignum_core.h> #include <bignum_core.h>
/* /*
* Get the curve info for the internal identifier * Get the curve info for the internal identifier