sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
31,612 Commits 13 Branches 33 Tags
00b51e0d78a547dd78119ec44fcc74a01b6f79c8
Commit Graph

197 Commits

Author SHA1 Message Date
Yi Li
46226fb5d3 CryptoPkg: remove strcmp to syscall 
In rare cases the platform may not provide the full IntrinsicLib.
But openssl30 build always require strcmp, provide this function by
moving it into CrtWrapper.c.

Signed-off-by: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Brian J. Johnson <brian.johnson@hpe.com>
Tested-by: Kenneth Lautner <klautner@microsoft.com>
 2023-08-09 07:10:31 +00:00
Gerd Hoffmann
2a6dc1211f CryptoPkg/BaseCryptLib: drop BIO_* dummy functions 
openssl 3.0 requires a functional BIO_sprintf() implementation.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Brian J. Johnson <brian.johnson@hpe.com>
Tested-by: Kenneth Lautner <klautner@microsoft.com>
 2023-08-09 07:10:31 +00:00
Gerd Hoffmann
63c8d160ae CryptoPkg/BaseCryptLib: adapt CryptSm3.c to openssl 3.0 changes. 
Functions have been renamed.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Brian J. Johnson <brian.johnson@hpe.com>
Tested-by: Kenneth Lautner <klautner@microsoft.com>
 2023-08-09 07:10:31 +00:00
Gerd Hoffmann
84158d0ebe CryptoPkg/BaseCryptLib: no openssl deprecation warnings please 
Stop using deprecated interfaces is left as exercise for another day.
So please don't warn for now so -Werror builds can work.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Ard Biesheuvel <ardb@kernel.org>
Tested-by: Brian J. Johnson <brian.johnson@hpe.com>
Tested-by: Kenneth Lautner <klautner@microsoft.com>
 2023-08-09 07:10:31 +00:00
Rebecca Cran
9165a7e95e CryptoPkg: Delete CLANG35 and CLANG38 build flags; add CLANGDWARF flags 
Since CLANG35 and CLANG38 toolchains have been deleted from
tools_def.template, delete the build flags for them from CryptoPkg.

Since CLANGDWARF has replaced CLANG38, add build flags for it to the
CryptoPkg .inf files.

Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2023-05-10 10:58:16 +08:00
Michael Kubacki
84d77d9bf5 CryptoPkg: Fix conditionally uninitialized variable 
Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Checks the return value from `ASN1_get_object()` to verify values
set by the function are valid.

Note that the function returns literal `0x80`:
    `return (0x80);`

That is used to check the return value is as the case in other areas
of the code.

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
 2023-04-03 15:29:08 +00:00
Gerd Hoffmann
f335d91a3b CryptoPkg/BaseCryptLib: avoid using SHA512() 
In openssl 3.0 SHA512() goes through the provider logic,
requiring a huge amount of openssl code.  The individual
functions do not, so use them instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2023-03-07 09:59:50 +00:00
Gerd Hoffmann
5a6455e04c CryptoPkg/BaseCryptLib: avoid using SHA384() 
In openssl 3.0 SHA384() goes through the provider logic,
requiring a huge amount of openssl code.  The individual
functions do not, so use them instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2023-03-07 09:59:50 +00:00
Gerd Hoffmann
7fc183df71 CryptoPkg/BaseCryptLib: avoid using SHA256() 
In openssl 3.0 SHA256() goes through the provider logic,
requiring a huge amount of openssl code.  The individual
functions do not, so use them instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2023-03-07 09:59:50 +00:00
Gerd Hoffmann
437ed29f27 CryptoPkg/BaseCryptLib: avoid using SHA1() 
In openssl 3.0 SHA1() goes through the provider logic,
requiring a huge amount of openssl code.  The individual
functions do not, so use them instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2023-03-07 09:59:50 +00:00
Jake Garver
d0ff1cae3a CryptoPkg/Library: Reinstate ARM/AARCH64 sections in SmmCryptLib.inf 
These sections were removed mistakenly.  SmmCryptLib.inf supports these
architectures.

Signed-off-by: Jake Garver <jake@nvidia.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2023-01-26 08:59:29 +00:00
Judah Vang
39ba0f8dfc CryptoPkg: Need to enable crypto functions 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3992

V1: Enable CryptAes for PEI phase. Enable CryptHkdf for SMM phase.
    Update Readme.md

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Nishant C Mistry <nishant.c.mistry@intel.com>
Signed-off-by: Judah Vang <judah.vang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-12-20 01:39:32 +00:00
Zihong Yi
7de1c71dd2 CryptoPkg/BaseCryptLib:time overflow 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4167

In CrtLibSupport.h, time_t is defined as INT32, and its maximum value
is 2147483647. That is, the corresponding maximum timestamp is
2038-01-19 11:14:07. Therefore, overflow occurs when the test time
exceeds 2038-01-19 11:14:07. So change the type of time_t to INT64 and
also change the type of variables in function gmtime which calculated
with time_t.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Zihong Yi <yizihong@huawei.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-12-03 09:01:38 +00:00
Zhihao Li
5d5be45bd1 CryptPkg: Enable CryptoPkg BaseCryptLib ParallelHash for PEI and DXE 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4097

The BaseCryptLib in the CryptoPkg currently supports ParallelHash
algorithm for SMM. The MP Services PPI and MP Services Protocol
could be used to enable ParallelHash in PEI and DXE
versions of the BaseCryptLib.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Zhihao Li <zhihao.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-12-02 14:12:51 +00:00
Michael D Kinney
584b246e88 CryptoPkg: Fixed host-based unit tests 
* Build host-based tests using OpensslLib instance with all services
  enabled.
* Build host-based tests using performance optimized OpensslLib instance
  with all services enabled.
* Remove unused PCD gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled
* Remove redundant and unnecessary [BuildOptions]
* Limit host-based unit tests to only IA32/X64

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney
dd00f92b2f CryptoPkg/Library: Cleanup BaseCryptLib and TlsLib 
* Move SysCall/inet_pton.c from BaseCryptLib to TlsLib.  The functions
  in this file are only used by TlsLib instances and not any CryptLib
  instances.
* Fix type mismatch in call to FreePool() in TlsConfig.c
* Remove use of gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled from
  TslLib and CryptLib instances
* Add missing *Null.c files to SecCryptLib.inf and RuntimeCryptLib.inf.
* Remove ARM and AARCH64 sections from SmmCryptLib.inf that does not
  support those architectures.
* Add missing PrintLib dependencies to [LibraryClasses] sections of
  CryptLib INF files
* Remove extra library classes from [LibraryClasses] sections of
  CryptLib INF files
* Remove unnecessary warning disables from [BuildOptions] sections of
  TlsLib and CryptLib INF files
* Remove RVCT support from SecCryptLib.inf

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Cc: Rebecca Cran <quic_rcran@quicinc.com>
Cc: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney
8f8372439d CryptoPkg/Library/BaseCryptLib: Update internal functions/variables 
* Update BaseCryptLib internal worker functions to be 'STATIC'
* Update BaseCryptLib internal working functions to not use EFIAPI
* Add GLOBAL_REMOVE_IF_UNREFERENCED to BaseCryptLib global variables

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Michael D Kinney
8437368c69 CryptoPkg/Library/BaseCryptLib: Add missing UNI file and fix format 
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Christopher Zurcher <christopher.zurcher@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-24 07:49:43 +00:00
Chao Li
c5f4b4fd03 CryptoPkg: Add LOONGARCH64 architecture for EDK2 CI. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4053

Add LOONGARCH64 architecture for EDK2 CI testing.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Chao Li <lichao@loongson.cn>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2022-10-14 02:16:33 +00:00
Qi Zhang
8ecae3d641 CryptoPkg: add new X509 function. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4082

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-12 06:38:15 +00:00
Qi Zhang
f21a1d48fe CryptoPkg: Add EC key retrieving and signature interface. 
This patch is used to retrieve EC key from PEM and X509 and
carry out the EC-DSA signature and verify it.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4102

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-12 05:56:00 +00:00
Yuan Yu
3c9e2f239a CryptoPkg: Fix integer overflow 
SECSPERDAY is 86400 which exceeds the limit of a UINT16 which is 65536.
Therefore DayRemainder cannot use UINT16. This patch makes it UINT32.

Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Julien Grall <julien@xen.org>

Signed-off-by: Yuan Yu <yuanyu@google.com>
Reviewed-by: Ard Biesheuvel <ardb+tianocore@kernel.org>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-10-10 00:58:26 +00:00
Yi Li
d97ee3244d CryptoPkg/Test: Add unit test for CryptoEc 
Add unit test for CryptoEc.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-26 07:03:56 +00:00
Yi Li
988e4d8f5e CryptoPkg: Add EC support 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828

This patch is used to add CryptEc library, which is wrapped
over OpenSSL.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-26 07:03:56 +00:00
Yi Li
0e7aa6bf9e CryptoPkg: Fix pem heap-buffer-overflow due to BIO_snprintf() 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4075

Fake BIO_snprintf() does not actually print anything to buf,
it should return -1 as error.
0 will be considered a correct return value, the consumer may think that
the buf is valid and parse the buffer.
please refer to bugzilla link for details.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2022-09-26 01:39:52 +00:00
Yi Li
0c9d4ad788 CryptoPkg/Test: Add unit test for CryptoBn 
Add unit test for CryptoBn.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 10:08:24 +00:00
Yi Li
fd0ad0c346 CryptoPkg: Add BigNum support 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828

This patch is used to add CryptBn library, which is wrapped
over OpenSSL.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 10:08:24 +00:00
Qi Zhang
5f403cdc6a CryptoPkg: add UnitTest for AeadAesGcm. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 08:24:42 +00:00
Qi Zhang
a23f76e184 CryptoPkg: add AeadAesGcm support. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 08:24:42 +00:00
Qi Zhang
11b24ef0d7 CryptoPkg: add new Hkdf api in Crypt Lib. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4033

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 07:35:08 +00:00
Qi Zhang
f3c69cb5a1 CryptoPkg: add Hmac Sha384 to host UnitTest. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4025

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 06:55:58 +00:00
Qi Zhang
cbb3b6b950 CryptoPkg: Update CryptLib inf as the file name changed. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4025

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 06:55:58 +00:00
Qi Zhang
0b1a1bdc30 CryptoPkg: Add HMAC-SHA384 cipher support. 
Rename file from CryptHmacSha256 to CryptHmac and
add HmacSha384 and HmacSha256All funcitons.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4025

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 06:55:58 +00:00
Wenyi Xie
6f340acfb1 CryptoPkg/BaseCryptLib:Remove redundant init 
CertCtx is used to be defined as a struct and ZeroMem is called to
init this struct. But now CertCtx is defined as a point, so use
ZeroMem (&CertCtx, sizeof (CertCtx)) is not correct any more.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-09-23 00:36:29 +00:00
Min Xu
b1567b2e15 CryptoPkg: Add SecCryptLib 
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853

This is the Cryptographic library instance for SEC. The motivation of
this library is to support SHA384 in SEC phase for Td guest. So only
Hash/CryptSha512.c is included which supports SHA384 and SHA512. Other
cryptographics are added with the null version, such as CryptMd5Null.c.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
 2022-06-03 11:41:36 +00:00
Rebecca Cran
e9eeb0ad2b CryptoPkg: Remove RVCT support 
RVCT is obsolete and no longer used.
Remove support for it.

Signed-off-by: Rebecca Cran <quic_rcran@quicinc.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
 2022-05-13 14:58:54 +00:00
Yi Li
43613b2fe8 CryptoPkg: Rename PCD about openssl EC configuration 
PcdOpensslXXXEnabled is a more appropriate choice.

Signed-off-by: Yi Li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-05-11 00:04:39 +00:00
Yi Li
b06a007b64 CryptoPkg: Declare PcdEcEnabled in Library consuming OpensslLib 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3679
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3828

Tls/Base/Pei/Smm/RuntimeCryptLib.inf will use OpensslLib,
and the opensslconf.h in openssllib will use PcdEcEnabled,
but it is not declared in the inf file now,
it will cause warnings in some compilers.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-04-21 05:06:37 +00:00
Gerd Hoffmann
532bd4ec38 CryptoPkg/Crt: fix strcpy build on older VS compilers 
Drop 'restrict' keyword which older visual studio compiler
versions complain about.

Fixes: fab6285a73 ("CryptoPkg/CrtLibSupport: fix strcpy")
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-04-20 10:56:03 +00:00
Gerd Hoffmann
fab6285a73 CryptoPkg/CrtLibSupport: fix strcpy 
strcpy() returns a pointer to the destination string, AsciiStrCpyS()
does not.  So a simple #define does not work.  Create a function
instead.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2022-04-12 14:39:01 +00:00
Li, Zhihao
355515a06a CryptoPkg? Redefinition bug in CrtLibSupport.h. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3885

Parallel hash patch redefines uint_64 type in CrtLibSupport.h
which has been defined in openssl/include/openssl/e_os2.h.
CryptMd5.c including e_os2.h cause redefinition bug.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>

Signed-off-by: Zhihao Li <zhihao.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-03-26 10:40:04 +00:00
Zhihao Li
c1e662101a CryptoPkg: Add new hash algorithm ParallelHash256HashAll in BaseCryptLib. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3596

Parallel hash function ParallelHash256HashAll, as defined in NIST's
Special Publication 800-185, published December 2016. It utilizes
multi-process to calculate the digest.

Passed CI test.
Onprotocol version code passed test.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>

Signed-off-by: Zhihao Li <zhihao.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-03-18 06:49:18 +00:00
Michael Kubacki
7c34237831 CryptoPkg: Apply uncrustify changes 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737

Apply uncrustify changes to .c/.h files in the CryptoPkg package

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2021-12-07 17:24:28 +00:00
Michael D Kinney
c8f46130f8 CryptoPkg: Change OPTIONAL keyword usage style 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3760

Update all use of ', OPTIONAL' to ' OPTIONAL,' for function params.

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2021-12-07 17:24:28 +00:00
Bob Morgan
f22feb0e3b CryptoPkg/BaseCryptLib: Eliminate extra buffer copy in Pkcs7Verify() 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3617

Create a read-only openSSL BIO wrapper for the existing input
buffer passed to Pkcs7Verify() instead of copying the buffer
into an empty writable BIO which causes memory allocations
within openSSL.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Bob Morgan <bobm@nvidia.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2021-10-13 01:45:18 +00:00
Stewart, Chris (SW Architect) via groups.io
7b4a99be8a CryptoPkg: BaseCryptLib fix incorrect param order 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3550

Function ConvertAsn1TimeToEfiTime initializes timestamp to zeroes with
SetMem, but the actual parameters are out of order. The result is
the SetMem operation has no effect. The fix is to put the actual
parameters in the correct order.

Signed-off-by: Chris Stewart <chris.stewart@hp.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
 2021-08-24 00:35:06 +00:00
xueshengfeng
eba32695ee CryptoPkg/BaseCryptLib: Enabled CryptSha512 for Smm/Runtime drivers 
Intel Platform utility Syscfg/sysfwupdt will trigger SMI
to enter BIOS interface. then BIOS invoke EncodePassword
in SMM mode to check password.
it's need sha384(in CryptSha512.c) in SMM mode.

the origin SmmCryptLib.lib size is 1389KB,
after changed, the size is 1391KB.

the origin RuntimeCryptLib.lib size is 911KB,
after changed,the size is 913KB.

in SmmCryptLib.inf and RuntimeCryptLib.inf,
change CryptSha512NULL.c to CryptSha512.c.

https://bugzilla.tianocore.org/show_bug.cgi?id=3423

Signed-off-by: xueshengfeng <xueshengfeng@byosoft.com.cn>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2021-06-24 02:46:14 +00:00
Agrawal, Sachin
20ca528828 CryptoPkg: BaseCryptLib: Update Salt length requirement for RSA-PSS scheme. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3455

Enforce salt length to be equal to digest length for RSA-PSS
encoding scheme.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Sachin Agrawal <sachin.agrawal@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2021-06-23 15:19:44 +00:00
Sergei Dmitrouk
15ee7b7689 CryptoPkg/BaseCryptLib: Fix possible uninitialized use 
`Result` can be used uninitialized in both functions after following
either first or second `goto` statement.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Sergei Dmitrouk <sergei@posteo.net>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2021-05-19 01:39:49 +00:00
Sachin Agrawal
22ac5cc9d9 CryptoPkg: BaseCryptLib: Add RSA PSS verify support 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314

This patch uses Openssl's EVP API's to perform RSASSA-PSS verification
of a binary blob.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Signed-off-by: Sachin Agrawal <sachin.agrawal@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2021-05-14 03:35:33 +00:00