## @file\r
# Package for cryptography modules.\r
#\r
-# This Package provides cryptographic-related libraries for UEFI\r
-# security modules.\r
+# This Package provides cryptographic-related libraries for UEFI security modules.\r
+# It also provides a test application to test libraries.\r
+#\r
+# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>\r
+# SPDX-License-Identifier: BSD-2-Clause-Patent\r
#\r
-# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>\r
-# This program and the accompanying materials\r
-# are licensed and made available under the terms and conditions of the BSD License\r
-# which accompanies this distribution. The full text of the license may be found at\r
-# http://opensource.org/licenses/bsd-license.php\r
-# \r
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
-# \r
##\r
\r
[Defines]\r
DEC_SPECIFICATION = 0x00010005\r
PACKAGE_NAME = CryptoPkg\r
+ PACKAGE_UNI_FILE = CryptoPkg.uni\r
PACKAGE_GUID = 36470E80-36F2-4ba0-8CC8-937C7D9FF888\r
- PACKAGE_VERSION = 0.93\r
+ PACKAGE_VERSION = 0.98\r
\r
[Includes]\r
Include\r
\r
+[Includes.Common.Private]\r
+ Private\r
+ Library/Include\r
+ Library/OpensslLib/openssl/include\r
+\r
[LibraryClasses]\r
## @libraryclass Provides basic library functions for cryptographic primitives.\r
##\r
BaseCryptLib|Include/Library/BaseCryptLib.h\r
\r
+ ## @libraryclass Provides TLS library functions for EFI TLS protocol.\r
+ ##\r
+ TlsLib|Include/Library/TlsLib.h\r
+\r
+ ## @libraryclass Provides Unified API for different hash implementations.\r
+ #\r
+ HashApiLib|Include/Library/HashApiLib.h\r
+\r
[Protocols]\r
- ## Include/Protocol/RuntimeCrypt.h\r
- gEfiRuntimeCryptProtocolGuid = { 0xe1475e0c, 0x1746, 0x4802, {0x86, 0x2e, 0x1, 0x1c, 0x2c, 0x2d, 0x9d, 0x86 }}\r
+ ## EDK II Crypto DXE protocol\r
+ # 2C2275C9-3A7B-426F-BE54-2D22BD9D1092\r
+ gEdkiiCryptoProtocolGuid = { 0x2C2275C9, 0x3A7B, 0x426F, { 0xBE, 0x54, 0x2D, 0x22, 0xBD, 0x9D, 0x10, 0x92 }}\r
+\r
+ ## EDK II Crypto SMM protocol\r
+ # F46B2EB2-E0D7-4C96-A3B1-CB7C572EB300\r
+ gEdkiiSmmCryptoProtocolGuid = { 0xF46B2EB2, 0xE0D7, 0x4C96, { 0xA3, 0xB1, 0xc, 0x61, 0xbb, 0x24, 0x5c, 0x42 }}\r
+\r
+[Ppis]\r
+ ## EDK II Crypto PPI\r
+ # 7DCE671B-C223-446A-A705-ED637AAF6771\r
+ gEdkiiCryptoPpiGuid = { 0x7DCE671B, 0xC223, 0x446A, { 0xA7, 0x05, 0xED, 0x63, 0x7A, 0xAF, 0x67, 0x71 }}\r
+\r
+[Guids]\r
+ ## Crypto package token space guid.\r
+ gEfiCryptoPkgTokenSpaceGuid = { 0x6bd7de60, 0x9ef7, 0x4899, { 0x97, 0xd0, 0xab, 0xff, 0xfd, 0xe9, 0x70, 0xf2 } }\r
+\r
+[PcdsFixedAtBuild]\r
+ ## Enable/Disable the families and individual services produced by the\r
+ # EDK II Crypto Protocols/PPIs. The default is all services disabled.\r
+ # This Structured PCD is associated with PCD_CRYPTO_SERVICE_FAMILY_ENABLE\r
+ # structure that is defined in Include/Pcd/PcdCryptoServiceFamilyEnable.h.\r
+ # @Prompt Enable/Disable EDK II Crypto Protocol/PPI services\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable|{0x00}|PCD_CRYPTO_SERVICE_FAMILY_ENABLE|0x00000002 {\r
+ <Packages>\r
+ CryptoPkg/CryptoPkg.dec\r
+ <HeaderFiles>\r
+ Pcd/PcdCryptoServiceFamilyEnable.h\r
+ }\r
+\r
+ ## This PCD indicates the HASH algorithm to calculate hash of data\r
+ # Based on the value set, the required algorithm is chosen to calculate\r
+ # the hash of data.<BR>\r
+ # The default hashing algorithm for BaseHashApiLib is set to SHA256.<BR>\r
+ # 0x00000001 - HASH_ALG_SHA1.<BR>\r
+ # 0x00000002 - HASH_ALG_SHA256.<BR>\r
+ # 0x00000004 - HASH_ALG_SHA384.<BR>\r
+ # 0x00000008 - HASH_ALG_SHA512.<BR>\r
+ # 0x00000010 - HASH_ALG_SM3_256.<BR>\r
+ # @Prompt Set policy for hashing unsigned image for Secure Boot.\r
+ # @ValidList 0x80000001 | 0x00000001, 0x00000002, 0x00000004, 0x00000008, 0x00000010\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x00000002|UINT32|0x00000001\r
+\r
+ ## Enable/Disable the ECC feature in openssl library. The default is disabled.\r
+ # If ECC feature is disabled, all related source files will not be compiled.\r
+ # @Prompt Enable/Disable ECC feature in openssl library\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled|FALSE|BOOLEAN|0x0000003\r
+ # Set it to TRUE if:\r
+ # 1) Platform needs ECC in TLS, or asymmetric cryptography services such as\r
+ # X509 certificate or PEM format data processing.\r
+ # 2) Platform needs to enable PcdCryptoServiceFamilyEnable.Ec service.\r
+ # Please note:\r
+ # ECC feature will cause a significant memory increase, approximate memory impact\r
+ # in below table for reference by platform developers with FW size limitations.\r
+ # Uncompressed LZMA Compressed\r
+ # CPU CRYPTO_SERVICES Module EC=FALSE EC=TRUE EC=FALSE EC=TRUE Increase\r
+ # ==== =============== ======== ======== ======= ======== ======= ========\r
+ # IA32 NONE CryptoPei 21536 21568 0 KB\r
+ # IA32 NONE CryptoDxe 21632 21696 0 KB\r
+ # IA32 NONE CryptoSmm 22976 23072 0 KB\r
+ # IA32 MIN_PEI CryptoPei 248992 249120 0 KB\r
+ # IA32 MIN_DXE_MIN_SMM CryptoDxe 636672 829568 288520 401034 113 KB\r
+ # IA32 MIN_DXE_MIN_SMM CryptoSmm 426048 601472 191517 296022 105 KB\r
+ # IA32 ALL CryptoPei 423840 598976 189047 293759 104 KB\r
+ # IA32 ALL CryptoDxe 645280 838144 292955 405277 113 KB\r
+ # IA32 ALL CryptoSmm 441888 617184 198779 303628 105 KB\r
+ # X64 NONE CryptoPei 29632 29664 0 KB\r
+ # X64 NONE CryptoDxe 29792 29792 0 KB\r
+ # X64 NONE CryptoSmm 31296 31296 0 KB\r
+ # X64 MIN_PEI CryptoPei 310784 310848 0 KB\r
+ # X64 MIN_DXE_MIN_SMM CryptoDxe 804288 1016256 311436 426596 115 KB\r
+ # X64 MIN_DXE_MIN_SMM CryptoSmm 543776 733920 204483 310775 106 KB\r
+ # X64 ALL CryptoPei 540384 730240 202494 308467 106 KB\r
+ # X64 ALL CryptoDxe 815392 1027296 316228 431321 115 KB\r
+ # X64 ALL CryptoSmm 563648 753696 213488 319644 106 KB\r
+\r
+[UserExtensions.TianoCore."ExtraFiles"]\r
+ CryptoPkgExtra.uni\r