From nobody Thu May 2 07:07:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+40961+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40961+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1558129396; cv=none; d=zoho.com; s=zohoarc; b=UwfKW0cZFpXPjPqKvmAwn+um9IRl3HRsDYZKL02cLIvU3/taw0R1wcD8e95zN45DxAiPygtfPhgG+Lj1tWOG+rOFHkzovt0NQ8KGk52ExiTguWtmOFjREQQTCJZGGbhEuEfFROhH/lX6Dq2baraBGFj8kWf3eqPyurHSIH5CHrQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1558129396; h=Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=myHpaAbMYMfBYSIu4L4nH6cy8HncfFdC6o1dx2CWvaY=; b=i0Rkfoz17f3h8Vi7NczrciPjqIIDgfRDMRTlWB4L9y1IFAJjfk7rXPsi7XcRZtRNYOAGr8ULlWn9WGMnCRaqDpSTY/yIhFMatSsCiOGgMKRwNNC6KKEf+HYJ5eMItwWSt1z1IR8cDDcyNYf1q9SNXW9GGZSd8Td+aEnk0l+S+ss= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40961+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1558129396206200.68540336054923; Fri, 17 May 2019 14:43:16 -0700 (PDT) Return-Path: X-Received: from mga01.intel.com (mga01.intel.com []) by groups.io with SMTP; Fri, 17 May 2019 11:31:29 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 May 2019 11:31:28 -0700 X-ExtLoop1: 1 X-Received: from idesai-mac01.ch.intel.com ([10.78.25.143]) by fmsmga006.fm.intel.com with ESMTP; 17 May 2019 11:31:28 -0700 From: Imran Desai To: devel@edk2.groups.io Subject: [edk2-devel] [Enable measured boot with SM3 digest algorithm 1/4] sm3_enabling: Augment crypt interface with calls into openssl to calculate sm3 digest prior to exercising TPM2 calls for PCR extend Date: Fri, 17 May 2019 11:31:24 -0700 Message-Id: <20190517183127.38140-2-imran.desai@intel.com> In-Reply-To: <20190517183127.38140-1-imran.desai@intel.com> References: <20190517183127.38140-1-imran.desai@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,imran.desai@intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1558129395; bh=1Ja7+joPetAj3xaUDr2fVLkqWmE3ZLe5gGeJN3VsXa8=; h=Date:From:Reply-To:Subject:To; b=uQ+Sjl89XiGfj1jdGdTfA2AGbn0++hv//6xVnlYJ7/5uVjDsINbLED9AhpB2aghQH5d e30jABR/ADliHQhWuR06KsPq0mWXJM7EA7cRXIkkZJIGvnvaIobTTsc74RbnxiSdMlfCw dqhVggffxusNrGc1tLy2bMcOF79QjMS87a4= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" --- OvmfPkg/OvmfPkgX64.dsc | 2 + SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf | 46 ++++++ MdePkg/Include/Protocol/Hash.h | 5 + SecurityPkg/Include/Library/HashLib.h | 1 + SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.c | 155 ++++++= ++++++++++++++ SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.uni | 21 +++ 6 files changed, 230 insertions(+) diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 733a4c9d8a43..7e46d401a36f 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -635,6 +635,7 @@ [Components] NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } !if $(TPM2_CONFIG_ENABLE) =3D=3D TRUE SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf @@ -922,5 +923,6 @@ [Components] NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } !endif diff --git a/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf = b/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf new file mode 100644 index 000000000000..b2c68b784211 --- /dev/null +++ b/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf @@ -0,0 +1,46 @@ +## @file +# Provides BaseCrypto SM3 hash service +# +# This library can be registered to BaseCrypto router, to serve as hash e= ngine. +# +# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BS= D License +# which accompanies this distribution. The full text of the license may be= found at +# http://opensource.org/licenses/bsd-license.php +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMP= LIED. +# +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D HashInstanceLibSm3 + MODULE_UNI_FILE =3D HashInstanceLibSm3.uni + FILE_GUID =3D C5865D5D-9ACE-39FB-DC7C-0511891D40F9 + MODULE_TYPE =3D BASE + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D NULL + CONSTRUCTOR =3D HashInstanceLibSm3Constructor + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 +# + +[Sources] + HashInstanceLibSm3.c + +[Packages] + MdePkg/MdePkg.dec + SecurityPkg/SecurityPkg.dec + CryptoPkg/CryptoPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + DebugLib + Tpm2CommandLib + MemoryAllocationLib + BaseCryptLib diff --git a/MdePkg/Include/Protocol/Hash.h b/MdePkg/Include/Protocol/Hash.h index 931d7916ef1e..8abf1a4fa305 100644 --- a/MdePkg/Include/Protocol/Hash.h +++ b/MdePkg/Include/Protocol/Hash.h @@ -48,6 +48,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent 0xcaa4381e, 0x750c, 0x4770, {0xb8, 0x70, 0x7a, 0x23, 0xb4, 0xe4, 0x21,= 0x30 } \ } =20 +#define EFI_HASH_ALGORITHM_SM3_256_GUID \ + { \ + 0x251C7818, 0x0DBF, 0xE619, { 0x7F, 0xC2, 0xD6, 0xAC, 0x43, 0x42, 0x7D= , 0xA3 } \ + } + #define EFI_HASH_ALGORTIHM_MD5_GUID \ { \ 0xaf7c79c, 0x65b5, 0x4319, {0xb0, 0xae, 0x44, 0xec, 0x48, 0x4e, 0x4a, = 0xd7 } \ diff --git a/SecurityPkg/Include/Library/HashLib.h b/SecurityPkg/Include/Li= brary/HashLib.h index 63f08398788b..24b4c425d7b8 100644 --- a/SecurityPkg/Include/Library/HashLib.h +++ b/SecurityPkg/Include/Library/HashLib.h @@ -137,6 +137,7 @@ EFI_STATUS #define HASH_ALGORITHM_SHA256_GUID EFI_HASH_ALGORITHM_SHA256_GUID #define HASH_ALGORITHM_SHA384_GUID EFI_HASH_ALGORITHM_SHA384_GUID #define HASH_ALGORITHM_SHA512_GUID EFI_HASH_ALGORITHM_SHA512_GUID +#define HASH_ALGORITHM_SM3_256_GUID EFI_HASH_ALGORITHM_SM3_256_GUID =20 typedef struct { EFI_GUID HashGuid; diff --git a/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.c b/= SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.c new file mode 100644 index 000000000000..504475ca193a --- /dev/null +++ b/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.c @@ -0,0 +1,155 @@ +/** @file + This library is BaseCrypto SM3 hash instance. + It can be registered to BaseCrypto router, to serve as hash engine. + +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD = License +which accompanies this distribution. The full text of the license may be = found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLI= ED. + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include + +/** + The function set SM3 to digest list. + + @param DigestList digest list + @param Sm3Digest SM3 digest +**/ +VOID +Tpm2SetSm3ToDigestList ( + IN TPML_DIGEST_VALUES *DigestList, + IN UINT8 *Sm3Digest + ) +{ + DigestList->count =3D 1; + DigestList->digests[0].hashAlg =3D TPM_ALG_SM3_256; + CopyMem ( + DigestList->digests[0].digest.sm3_256, + Sm3Digest, + SM3_256_DIGEST_SIZE + ); +} + +/** + Start hash sequence. + + @param HashHandle Hash handle. + + @retval EFI_SUCCESS Hash sequence start and HandleHandle return= ed. + @retval EFI_OUT_OF_RESOURCES No enough resource to start hash. +**/ +EFI_STATUS +EFIAPI +Sm3HashInit ( + OUT HASH_HANDLE *HashHandle + ) +{ + VOID *Sm3Ctx; + UINTN CtxSize; + + CtxSize =3D Sm3GetContextSize (); + Sm3Ctx =3D AllocatePool (CtxSize); + ASSERT (Sm3Ctx !=3D NULL); + + Sm3Init (Sm3Ctx); + + *HashHandle =3D (HASH_HANDLE)Sm3Ctx; + + return EFI_SUCCESS; +} + +/** + Update hash sequence data. + + @param HashHandle Hash handle. + @param DataToHash Data to be hashed. + @param DataToHashLen Data size. + + @retval EFI_SUCCESS Hash sequence updated. +**/ +EFI_STATUS +EFIAPI +Sm3HashUpdate ( + IN HASH_HANDLE HashHandle, + IN VOID *DataToHash, + IN UINTN DataToHashLen + ) +{ + VOID *Sm3Ctx; + + Sm3Ctx =3D (VOID *)HashHandle; + Sm3Update (Sm3Ctx, DataToHash, DataToHashLen); + + return EFI_SUCCESS; +} + +/** + Complete hash sequence complete. + + @param HashHandle Hash handle. + @param DigestList Digest list. + + @retval EFI_SUCCESS Hash sequence complete and DigestList is returne= d. +**/ +EFI_STATUS +EFIAPI +Sm3HashFinal ( + IN HASH_HANDLE HashHandle, + OUT TPML_DIGEST_VALUES *DigestList + ) +{ + UINT8 Digest[SM3_256_DIGEST_SIZE]; + VOID *Sm3Ctx; + + Sm3Ctx =3D (VOID *)HashHandle; + Sm3Final (Sm3Ctx, Digest); + + FreePool (Sm3Ctx); + + Tpm2SetSm3ToDigestList (DigestList, Digest); + + return EFI_SUCCESS; +} + +HASH_INTERFACE mSm3InternalHashInstance =3D { + HASH_ALGORITHM_SM3_256_GUID, + Sm3HashInit, + Sm3HashUpdate, + Sm3HashFinal, +}; + +/** + The function register SM3 instance. + + @retval EFI_SUCCESS SM3 instance is registered, or system dose not sup= port register SM3 instance +**/ +EFI_STATUS +EFIAPI +HashInstanceLibSm3Constructor ( + VOID + ) +{ + EFI_STATUS Status; + + Status =3D RegisterHashInterfaceLib (&mSm3InternalHashInstance); + if ((Status =3D=3D EFI_SUCCESS) || (Status =3D=3D EFI_UNSUPPORTED)) { + // + // Unsupported means platform policy does not need this instance enabl= ed. + // + return EFI_SUCCESS; + } + return Status; +} diff --git a/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.uni = b/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.uni new file mode 100644 index 000000000000..8d985feeaca1 --- /dev/null +++ b/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.uni @@ -0,0 +1,21 @@ +// /** @file +// Provides BaseCrypto SM3 hash service +// +// This library can be registered to BaseCrypto router, to serve as hash e= ngine. +// +// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials +// are licensed and made available under the terms and conditions of the B= SD License +// which accompanies this distribution. The full text of the license may b= e found at +// http://opensource.org/licenses/bsd-license.php +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IM= PLIED. +// +// **/ + + +#string STR_MODULE_ABSTRACT #language en-US "Provides BaseCryp= to SM3 hash service" + +#string STR_MODULE_DESCRIPTION #language en-US "This library can = be registered to BaseCrypto router, to serve as hash engine." + --=20 2.17.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#40961): https://edk2.groups.io/g/devel/message/40961 Mute This Topic: https://groups.io/mt/31659814/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 2 07:07:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+40960+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40960+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1558129395; cv=none; d=zoho.com; s=zohoarc; b=lFBoTvRrqPXMR2XVxX9ktmcwVdlugaKdDMs8BbqelMWTVfYJeESSVfokWsYQ6eNr9qkjJXSK0sBywIZsaLoFqRFNkYcZRmC1fBMS00tWpDOxOpk2qYZI27ekScNiZSB1CJrcpFpaq/c7L+VQAQJZTGt+B/hUW+UbPy+MJpXYY4U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1558129395; h=Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=khHLDGcXvM9IDjgfCvyWjG0P9RpwBaQ1acW9m8Cd/gI=; b=V1Qi1AzJOr9545oBwXw+Q99vLbRCSO6iuPRvXI/iwhblIvJIVeA/Yr6yr2zEFQ+/CszSXVJ8IZ37JCBO8qrZnNaKLLAAx8vsJHyvXmmMRZXnFcEZ/4xoKSHN4RzBqyTVJrGssX+1PfxHwuJawmh+wsYHtWoEwEjbukMdiKKccCs= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40960+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1558129395779533.8764059463248; Fri, 17 May 2019 14:43:15 -0700 (PDT) Return-Path: X-Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by groups.io with SMTP; Fri, 17 May 2019 11:31:29 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 May 2019 11:31:28 -0700 X-ExtLoop1: 1 X-Received: from idesai-mac01.ch.intel.com ([10.78.25.143]) by fmsmga006.fm.intel.com with ESMTP; 17 May 2019 11:31:28 -0700 From: Imran Desai To: devel@edk2.groups.io Subject: [edk2-devel] [Enable measured boot with SM3 digest algorithm 2/4] sm3-enabling: Add SM3 TCG algorithm registry value to the PcdTpm2HashMask Date: Fri, 17 May 2019 11:31:25 -0700 Message-Id: <20190517183127.38140-3-imran.desai@intel.com> In-Reply-To: <20190517183127.38140-1-imran.desai@intel.com> References: <20190517183127.38140-1-imran.desai@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,imran.desai@intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1558129395; bh=6GSrC5X7F5sihBPX00H1GF1y4hHdO8e/PQqFTB8Ky54=; h=Date:From:Reply-To:Subject:To; b=tfEmv569L9vqf3r8iOnRIDdd+gTSsCS4WAg4y8vyHCCF8N4vzcT4xWfjkEsbHFH0IXf vA2+roWxdqtSxUcagAmQgyHjQNMFDSh74YhIxzzCwbxpOQxnMrl/26TYF6NtuXNqYdEDL qB9IEHWNow4HvxJmIa+57mg2V1mrLSq0iqM= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" --- SecurityPkg/SecurityPkg.dec | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 3314f1854be4..fa3a4fcf5869 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -438,9 +438,10 @@ [PcdsDynamic, PcdsDynamicEx] # BIT1 - SHA256.
# BIT2 - SHA384.
# BIT3 - SHA512.
+ # BIT4 - SM3_256.
# @Prompt Hash mask for TPM 2.0 - # @ValidRange 0x80000001 | 0x00000000 - 0x0000000F - gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000000F|UINT32|0x000100= 10 + # @ValidRange 0x80000001 | 0x00000000 - 0x0000001F + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000001F|UINT32|0x000100= 10 =20 ## This PCD indicated final BIOS supported Hash mask. # Bios may choose to register a subset of PcdTpm2HashMask. --=20 2.17.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#40960): https://edk2.groups.io/g/devel/message/40960 Mute This Topic: https://groups.io/mt/31659813/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 2 07:07:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+40962+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40962+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1558129396; cv=none; d=zoho.com; s=zohoarc; b=Dq23YffDqboRxz2sOSzWNcP7C7Kz6iSS9EDnLn1DFo6cFznhXZI70oNH9LHmC284xh2JUBtxwaC58VsTuOZ5aOTMELr6rksKQ2QaXhm4/MX15F7StmWc+ZJP9be48pwaCOUpLfrBrnr/aFPiPvP7r6guis6A5EFCPpIRDVviP9s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1558129396; h=Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=v9TJEswnYow4nrDR35IdONFepdo2BSTvt9W9hzZ5Fm8=; b=HJ9/s89QuVvH64j3n7HJC7Na8cZ7t04TUCK1nDFvcwJNMyj9aGjFvWIQbI+ZFYXTMeGBSvBa460n/bjGAaF1GdeabjLJSf4xuyMx6rDhUElAkO+HL/xjFxNbJOdw2dyBsSUeTSuOKPXex9HzLIldQqS5plB9Ee2y0ngE2UquMhg= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40962+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1558129396255476.9256826164283; Fri, 17 May 2019 14:43:16 -0700 (PDT) Return-Path: X-Received: from mga01.intel.com (mga01.intel.com []) by groups.io with SMTP; Fri, 17 May 2019 11:31:29 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 May 2019 11:31:28 -0700 X-ExtLoop1: 1 X-Received: from idesai-mac01.ch.intel.com ([10.78.25.143]) by fmsmga006.fm.intel.com with ESMTP; 17 May 2019 11:31:28 -0700 From: Imran Desai To: devel@edk2.groups.io Subject: [edk2-devel] [Enable measured boot with SM3 digest algorithm 3/4] sm3-enabling: Add SM3 guid reference in the TPM2 hash mask structure in HashLibBaseCryptoRouterCommon.c Date: Fri, 17 May 2019 11:31:26 -0700 Message-Id: <20190517183127.38140-4-imran.desai@intel.com> In-Reply-To: <20190517183127.38140-1-imran.desai@intel.com> References: <20190517183127.38140-1-imran.desai@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,imran.desai@intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1558129395; bh=C2qOQVSgjitHf72Z7M1Sl/dixTwHaQJ9lrGNnsloYiA=; h=Date:From:Reply-To:Subject:To; b=q5bqx3LY2HGMXDiW+/G/nVix+KWZ+RvkPDAIfruHOxnR66qCyfgwatOzdLn5RyiWypv Bu4rRAjZIWWPEPj2h3i79yXRiVAYOW0DvlzyF672GjO3eIbaZ+NJy2fwz6jJA9hYqwrzj 6N5uj3+aopCAHH64/PVbiIr2AwHf+tAzHzo= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" --- SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.= c | 1 + 1 file changed, 1 insertion(+) diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoR= outerCommon.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryp= toRouterCommon.c index 7f3bdab53066..aec874a9e072 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCo= mmon.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCo= mmon.c @@ -25,6 +25,7 @@ TPM2_HASH_MASK mTpm2HashMask[] =3D { {HASH_ALGORITHM_SHA256_GUID, HASH_ALG_SHA256}, {HASH_ALGORITHM_SHA384_GUID, HASH_ALG_SHA384}, {HASH_ALGORITHM_SHA512_GUID, HASH_ALG_SHA512}, + {HASH_ALGORITHM_SM3_256_GUID, HASH_ALG_SM3_256}, }; =20 /** --=20 2.17.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#40962): https://edk2.groups.io/g/devel/message/40962 Mute This Topic: https://groups.io/mt/31659815/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 2 07:07:19 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+40963+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40963+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1558129396; cv=none; d=zoho.com; s=zohoarc; b=OTcFWJfR8gPOGTNLhpwaOlXGXAToUOGtoXmnR+rtlpT8Ca35q2PRtVcHADjWnmJdVh/drHuvboF+Qp2b4dCY8EpAzQHXHR8MFS0SHpMFb/2hEhnbxSWPK/uMzgN/QB7G/xEEmUHCQOIW3/fWRFxd6qcjpDtphkzHVEryn4CmyFo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1558129396; h=Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=8HW3y3atX9+NjQY/tka1Qr3AUpx3IMtEQSkL+HRJuL8=; b=itT7dHszrfqnAo2w6EbYYVgy8ypgqio9m+FmZNA7cHrb5TPUc2BPl+5kQsjc81XADyK2QaJbD4zUM49tOCuO2G156GK5xT7q4uJYFF1Vi6QWVHKodUHl9TsgT5UYY2vXlleLMZCtjGA5DyjuOnHvMvzA34RlCunxHJM2CpGRjuM= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40963+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1558129396158134.58900736968906; Fri, 17 May 2019 14:43:16 -0700 (PDT) Return-Path: X-Received: from mga01.intel.com (mga01.intel.com []) by groups.io with SMTP; Fri, 17 May 2019 11:31:30 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 17 May 2019 11:31:28 -0700 X-ExtLoop1: 1 X-Received: from idesai-mac01.ch.intel.com ([10.78.25.143]) by fmsmga006.fm.intel.com with ESMTP; 17 May 2019 11:31:28 -0700 From: Imran Desai To: devel@edk2.groups.io Subject: [edk2-devel] [Enable measured boot with SM3 digest algorithm 4/4] sm3-enabling: Add SM3 hashinstance library information to all OvmfPkg and SecurityPkg Date: Fri, 17 May 2019 11:31:27 -0700 Message-Id: <20190517183127.38140-5-imran.desai@intel.com> In-Reply-To: <20190517183127.38140-1-imran.desai@intel.com> References: <20190517183127.38140-1-imran.desai@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,imran.desai@intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1558129395; bh=3RxmfD9mlJ3O7kKGj2glOetchave+u6cISupwY1ZgyQ=; h=Date:From:Reply-To:Subject:To; b=I2bBt6dEicNR6Lm5UtYkVgwonZ6M19ZrkZ3aCM7ARtIi5yWQRngnemu7A/BbPa7PZ2r JgzOEJYnzBdFhqIdBIYLVYr5tSzjeFfoAuxWSX1YiKeSqIa/mVOLdmc5SzwZ2bM1ZvvS6 /XVZvb8GpbDnoEVQ4cbIXN6SVXAAQ2m0SPw= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" --- OvmfPkg/OvmfPkgIa32.dsc | 2 ++ OvmfPkg/OvmfPkgIa32X64.dsc | 2 ++ SecurityPkg/SecurityPkg.dsc | 3 +++ 3 files changed, 7 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 578fc6c98ec8..fb5944aa6945 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -628,6 +628,7 @@ [Components] NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } !if $(TPM2_CONFIG_ENABLE) =3D=3D TRUE SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf @@ -914,5 +915,6 @@ [Components] NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } !endif diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index eade8f62d3de..64c231f735c2 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -636,6 +636,7 @@ [Components.IA32] NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } !if $(TPM2_CONFIG_ENABLE) =3D=3D TRUE SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf @@ -924,5 +925,6 @@ [Components.X64] NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } !endif diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index a2ee0528f0d2..044319ab5e36 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -222,6 +222,7 @@ [Components.IA32, Components.X64] SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.inf SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.inf + SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf =20 SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf { @@ -236,6 +237,7 @@ [Components.IA32, Components.X64] NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf } =20 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf { @@ -246,6 +248,7 @@ [Components.IA32, Components.X64] NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf NULL|SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384= .inf NULL|SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512= .inf + NULL|SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf } SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf { --=20 2.17.0 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#40963): https://edk2.groups.io/g/devel/message/40963 Mute This Topic: https://groups.io/mt/31659816/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-