tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
30,548 Commits 9 Branches 0 Tags 317 MiB
Commit Graph

419 Commits

Author SHA1 Message Date
Michael D Kinney 244ce33bdd CryptoPkg: Add Readme.md 
Add Readme.md that provides an overview of the CryptoPkg
and how to configure the use of cryptographic services in
a platform.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney 584b246e88 CryptoPkg: Fixed host-based unit tests 
* Build host-based tests using OpensslLib instance with all services
  enabled.
* Build host-based tests using performance optimized OpensslLib instance
  with all services enabled.
* Remove unused PCD gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
* Remove redundant and unnecessary [BuildOptions]
* Limit host-based unit tests to only IA32/X64

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney 0c9744787e CryptoPkg: Update DSC to improve CI test coverage 
With the addition of EC services and performance optimized versions
of the OpensslLib for IA32/X64, the CryptoPkg.dsc file is updated
to make sure all combinations are covered in CI builds.

* Use different output directory for each CRYPTO_SERVICES profile.
* Add FILE_GUID define names for CryptoPei, CryptoDxe, and CryptoSmm
  when they are linked with different OpensslLib instances.
* Update CryptoPei, CryptoDxe, CryptoSmm builds to include all
  combinations of OpensslLib library instances supported by each
  CPU architecture.
* Add TARGET_UINT_TESTS profile to CryptoPkg.dsc to build only
  the target-based unit tests. This reduces the size of CryptoPkg
  components not related to unit testing by removing unit test
  specific assert handlers. Build target-based unit tests using
  OpensslLibFull.inf and OpensslLibFullAccel.inf.
* Remove the PACKAGE profile and instead make the ALL profile
  the default for CI testing that enables all services for all
  modules.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney dfc7c3dc8c CryptoPkg: Remove PcdOpensslEcEnabled from CryptoPkg.dec 
Remove the PcdOpensslEcEnabled PCD that is no longer used.
The EC feature is selected by using one of the OpensslLib
instances that includes the EC features which are either
OpensslLibFull.inf or OpensslLibFullAccel.inf.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney a57b4c11a5 CryptoPkg/Library/OpensslLib: Remove PrintLib from INF files 
The OpensslLib instances do not directly use any PrintLib services.
Remove PrintLib from [LibraryClasses] sections of all OpensslLib
INF files.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney e75951ca89 CryptoPkg/Library/OpensslLib: Produce consistent set of APIs 
Update all OpensslLib instances so they produce all the APIs used
by the BaseCryptLib instances. Not producing the same set of APIs
for a library class does not follow the EDK II library class rules
and breaks the assumptions that consumers of the OpensslLib may
make about which services are present.

* Add missing declaration of the private library class OpensslLib
  to CryptoPkg.dec.
* Add SslNull.c with NULL implementations of SSL functions
* Add EcSm2Null.c with NULL implementations of EC/SM2 functions.
* Update OpensslLibCrypto.inf to include both SslNull.c and
  EcSm2Null.c so this library instance produces all the opensll
  APIs used by the BaseCryptLib instances.
* Update OpensslLib.inf and OpensslLibAccel.inf to include
  EcSm2Null.c so these library instances produce all the opensll
  APIs used by the BaseCryptLib instances.
* Add missing declaration of the private library class IntrinsicLib
  to CryptoPkg.dec

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney ea6d859b50 CryptoPkg/Library/OpensslLib: Combine all performance optimized INFs 
* Remove IA32/X64 specific INF files for performance
  optimized OpensslLib and combine into OpensslLibAccel.inf
  and OpensslLibFullAccel.inf.
* Remove use of PcdOpensslEcEnabled and let the platform
  select the EC feature by using either OpensslLibFull.inf
  or OpensslLibFullAccel.inf.
* With PcdOpensslEcEnabled removed, roll back style of opensslconf.h
  and remove  opensslconf_generated.h. Move the choice to disable
  EC/SM2 into OpensslLib INF files using OPENSSL_FLAGS define.
* Update OpensslLibContructor() API to be compatible with all
  FW phases by using types from Base.h and using RETURN_STATUS
  type and values instead of EFI_STATUS type and values.
* Add /wd4718 to VS2015x86 for IA32 and X64 to disable warning
  for recursive call with no side effects.  This is a false
  positive warning that is not produced with VS2017 or VS2019.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney dd00f92b2f CryptoPkg/Library: Cleanup BaseCryptLib and TlsLib 
* Move SysCall/inet_pton.c from BaseCryptLib to TlsLib.  The functions
  in this file are only used by TlsLib instances and not any CryptLib
  instances.
* Fix type mismatch in call to FreePool() in TlsConfig.c
* Remove use of gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled from
  TslLib and CryptLib instances
* Add missing *Null.c files to SecCryptLib.inf and RuntimeCryptLib.inf.
* Remove ARM and AARCH64 sections from SmmCryptLib.inf that does not
  support those architectures.
* Add missing PrintLib dependencies to [LibraryClasses] sections of
  CryptLib INF files
* Remove extra library classes from [LibraryClasses] sections of
  CryptLib INF files
* Remove unnecessary warning disables from [BuildOptions] sections of
  TlsLib and CryptLib INF files
* Remove RVCT support from SecCryptLib.inf

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Cc: Rebecca Cran <quic_rcran@quicinc.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney 961fadf60c CryptoPkg/Test/UnitTest/Library/BaseCryptLib: Unit test fixes 
* Update ImageTimeStampTest to return UNIT_TEST_PASSED instead of
  Status.  On success Status is TRUE(1), which was returning a unit
  test status of UNIT_TEST_ERROR_PREREQUISITE_NOT_MET.
* Update HmacTests to use the *Free() service from the HMAC family
  instead of FreePool().  Using FreePool() generates ASSERT() because
  the context being freed was not allocated using AllocatePool().

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney 8f8372439d CryptoPkg/Library/BaseCryptLib: Update internal functions/variables 
* Update BaseCryptLib internal worker functions to be 'STATIC'
* Update BaseCryptLib internal working functions to not use EFIAPI
* Add GLOBAL_REMOVE_IF_UNREFERENCED to BaseCryptLib global variables

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney 8437368c69 CryptoPkg/Library/BaseCryptLib: Add missing UNI file and fix format 
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney d7d9866ef4 CryptoPkg: Document and disable deprecated crypto services 
Also note services that are recommended to be disabled and
update CryptoPkg.dsc PcdCryptoServiceFamilyEnable settings
to disable all deprecated services.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Chao Li c5f4b4fd03 CryptoPkg: Add LOONGARCH64 architecture for EDK2 CI. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4053

Add LOONGARCH64 architecture for EDK2 CI testing.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Chao Li <lichao@loongson.cn>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2022-10-14 02:16:33 +00:00
Qi Zhang e7d7f02c8e CryptoPkg: add Unit Test for X509 new function. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4082

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-12 06:38:15 +00:00
Qi Zhang 22745df666 CryptoPkg: add new X509 function to Crypto Service. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4082

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-12 06:38:15 +00:00
Qi Zhang 8ecae3d641 CryptoPkg: add new X509 function. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4082

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-12 06:38:15 +00:00
Qi Zhang 190f77f8f4 CryptoPkg: add new X509 function definition. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4082

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-12 06:38:15 +00:00
Qi Zhang 0371032289 CryptoPkg: add unit test for EC key interface. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4102

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-12 05:56:00 +00:00
Qi Zhang 69a50a249b CryptoPkg: Add EC key interface to DXE and protocol 
The implementation provide EC key interface for EFI
 driver nad EFI BaseCrypt protocol.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4102

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-12 05:56:00 +00:00
Qi Zhang f21a1d48fe CryptoPkg: Add EC key retrieving and signature interface. 
This patch is used to retrieve EC key from PEM and X509 and
carry out the EC-DSA signature and verify it.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4102

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-12 05:56:00 +00:00
Yi Li 8db4e9f9a0 CryptoPkg: Add new Tls APIs to DXE and protocol 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3892

The implementation provides new Tls library functions
for Crypto EFI Driver and Protocol.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-10 06:29:51 +00:00
Yi Li bb78d969b7 CryptoPkg: Extend Tls function library 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3892

1. TlsSetSignatureAlgoList(): Configure the list of TLS signature algorithms
that should be used as part of the TLS session establishment.
This is needed for some WLAN Supplicant connection establishment flows
that allow only specific TLS signature algorithms to be used, e.g.,
Authenticate and Key Managmenet (AKM) suites that are SUITE-B compliant.

2. TlsSetEcCurve(): Configure the Elliptic Curve that should be used for
TLS flows the use cipher suite with EC,
e.g., TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.
This is needed for some WLAN Supplicant connection establishment flows
that allow only specific TLS signature algorithms to be used,
e.g., Authenticate and Key Managmenet (AKM) suites that are SUITE-B compliant.

3. TlsShutdown():
Shutdown the TLS connection without releasing the resources,
meaning a new connection can be started without calling TlsNew() and
without setting certificates etc.

4. TlsGetExportKey(): Derive keying material from a TLS connection using the
mechanism described in RFC 5705 and export the key material (needed
by EAP methods such as EAP-TTLS and EAP-PEAP).

5. TlsSetHostPrivateKeyEx(): This function adds the local private key
(PEM-encoded or PKCS#8 or DER-encoded private key) into the specified
TLS object for TLS negotiation. There is already a similar function
TlsSetHostPrivateKey(), the new Ex function introduces a new parameter
Password, set Password to NULL when useless.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-10 06:29:51 +00:00
Yuan Yu 3c9e2f239a CryptoPkg: Fix integer overflow 
SECSPERDAY is 86400 which exceeds the limit of a UINT16 which is 65536.
Therefore DayRemainder cannot use UINT16. This patch makes it UINT32.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien@xen.org>

Signed-off-by: Yuan Yu <yuanyu@google.com>
Reviewed-by: Ard Biesheuvel <ardb+tianocore@kernel.org>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-10 00:58:26 +00:00
Yi Li d97ee3244d CryptoPkg/Test: Add unit test for CryptoEc 
Add unit test for CryptoEc.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-26 07:03:56 +00:00
Yi Li 2157a23a86 CryptoPkg: Add ECC related usage reference 
Describes the use cases under which ECC needs to be enabled,
and provides the impact on memory size for developers' reference.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>

Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-26 07:03:56 +00:00
Yi Li 3b382f5b38 CryptoPkg: Add EC APIs to DXE and protocol 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828

The implementation provides CryptEc library functions
for EFI Driveer and EFI BaseCrypt Protocol.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-26 07:03:56 +00:00
Yi Li 988e4d8f5e CryptoPkg: Add EC support 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828

This patch is used to add CryptEc library, which is wrapped
over OpenSSL.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-26 07:03:56 +00:00
Yi Li 0e7aa6bf9e CryptoPkg: Fix pem heap-buffer-overflow due to BIO_snprintf() 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4075

Fake BIO_snprintf() does not actually print anything to buf,
it should return -1 as error.
0 will be considered a correct return value, the consumer may think that
the buf is valid and parse the buffer.
please refer to bugzilla link for details.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2022-09-26 01:39:52 +00:00
Michael D Kinney 582a7c9995 CryptoPkg: Add missing library mappings to DSC file 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4080

Add SynchronizationLib and MmServicesTableLib mappings that are
required for the CRYPTO_SERVICES set to ALL or MIN_DXE_MIN_SMM
builds.

Also update the family PCD settings for the PACKAGE and ALL
profiles to enable all families.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-24 02:47:18 +00:00
Christopher Zurcher a8e8c43a0e CryptoPkg/OpensslLib: Update generated files for native X64 
Cc: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Christopher Zurcher <christopher.zurcher@microsoft.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 11:07:54 +00:00
Christopher Zurcher 4102950a21 CryptoPkg/OpensslLib: Commit the auto-generated assembly files for IA32 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3654

Adding the auto-generated assembly files for IA32 architectures.

Cc: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Christopher Zurcher <christopher.zurcher@microsoft.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 11:07:54 +00:00
Christopher Zurcher 03f708090b CryptoPkg/OpensslLib: Add native instruction support for IA32 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3654

Adding native instruction support for accelerated OpenSSL features for
IA32 architecture, following the pattern set by the previous commits for
X64 native support.

Cc: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Christopher Zurcher <christopher.zurcher@microsoft.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 11:07:54 +00:00
Yi Li 0c9d4ad788 CryptoPkg/Test: Add unit test for CryptoBn 
Add unit test for CryptoBn.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 10:08:24 +00:00
Yi Li 42951543dd CryptoPkg: Add BigNum API to DXE and protocol 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828

The implementation provides CryptBn library functions
for EFI Driver and EFI BaseCrypt Protocol.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 10:08:24 +00:00
Yi Li fd0ad0c346 CryptoPkg: Add BigNum support 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828

This patch is used to add CryptBn library, which is wrapped
over OpenSSL.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 10:08:24 +00:00
Qi Zhang 5f403cdc6a CryptoPkg: add UnitTest for AeadAesGcm. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 08:24:42 +00:00
Qi Zhang 022787f806 CryptoPkg: add AeadAesGcm to Crypto Service. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 08:24:42 +00:00
Qi Zhang a23f76e184 CryptoPkg: add AeadAesGcm support. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 08:24:42 +00:00
Qi Zhang acbc5747bc CryptoPkg: add AeadAesGcm function() definition. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 08:24:42 +00:00
Qi Zhang b19793a2ec CryptoPkg: add Hkdf UnitTest. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4033

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 07:35:08 +00:00
Qi Zhang e919c390e8 CryptoPkg: add new Hkdf api to Crypto Service. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4033

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 07:35:08 +00:00
Qi Zhang 11b24ef0d7 CryptoPkg: add new Hkdf api in Crypt Lib. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4033

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 07:35:08 +00:00
Qi Zhang 1336476233 CryptoPkg: add new Hkdf api definition in Crypt Lib. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4033

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 07:35:08 +00:00
Qi Zhang f3c69cb5a1 CryptoPkg: add Hmac Sha384 to host UnitTest. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4025

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 06:55:58 +00:00
Qi Zhang 3f77ccb9c8 CryptoPkg: Add new hmac SHA api to Crypto Service. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4025

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 06:55:58 +00:00
Qi Zhang cbb3b6b950 CryptoPkg: Update CryptLib inf as the file name changed. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4025

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 06:55:58 +00:00
Qi Zhang 0b1a1bdc30 CryptoPkg: Add HMAC-SHA384 cipher support. 
Rename file from CryptHmacSha256 to CryptHmac and
add HmacSha384 and HmacSha256All funcitons.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4025

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 06:55:58 +00:00
Qi Zhang 7bb42e3249 CryptoPkg: Add new hmac definition to cryptlib 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4025

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 06:55:58 +00:00
Wenyi Xie 6f340acfb1 CryptoPkg/BaseCryptLib:Remove redundant init 
CertCtx is used to be defined as a struct and ZeroMem is called to
init this struct. But now CertCtx is defined as a point, so use
ZeroMem (&CertCtx, sizeof (CertCtx)) is not correct any more.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 00:36:29 +00:00
Min Xu b1567b2e15 CryptoPkg: Add SecCryptLib 
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853

This is the Cryptographic library instance for SEC. The motivation of
this library is to support SHA384 in SEC phase for Td guest. So only
Hash/CryptSha512.c is included which supports SHA384 and SHA512. Other
cryptographics are added with the null version, such as CryptMd5Null.c.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
 2022-06-03 11:41:36 +00:00