## @file\r
# Cryptographic Library Instance for PEIM.\r
#\r
-# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
-# This program and the accompanying materials\r
-# are licensed and made available under the terms and conditions of the BSD License\r
-# which accompanies this distribution. The full text of the license may be found at\r
-# http://opensource.org/licenses/bsd-license.php\r
-# \r
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
-# \r
+# Caution: This module requires additional review when modified.\r
+# This library will have external input - signature.\r
+# This external input must be validated carefully to avoid security issues such as\r
+# buffer overflow or integer overflow.\r
+#\r
+# Note:\r
+# HMAC-SHA256 functions, AES functions, RSA external\r
+# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509\r
+# certificate handler functions, authenticode signature verification functions,\r
+# PEM handler functions, and pseudorandom number generator functions are not\r
+# supported in this instance.\r
+#\r
+# Copyright (c) 2010 - 2022, Intel Corporation. All rights reserved.<BR>\r
+# SPDX-License-Identifier: BSD-2-Clause-Patent\r
+#\r
##\r
\r
[Defines]\r
INF_VERSION = 0x00010005\r
BASE_NAME = PeiCryptLib\r
+ MODULE_UNI_FILE = PeiCryptLib.uni\r
FILE_GUID = 9a2a4375-194c-4e97-9f67-547ec98d96ca\r
MODULE_TYPE = PEIM\r
VERSION_STRING = 1.0\r
- LIBRARY_CLASS = BaseCryptLib|PEIM PEI_CORE SEC\r
+ LIBRARY_CLASS = BaseCryptLib|PEIM PEI_CORE\r
\r
#\r
# The following information is for reference only and not required by the build tools.\r
#\r
\r
[Sources]\r
+ InternalCryptLib.h\r
Hash/CryptMd5.c\r
Hash/CryptSha1.c\r
Hash/CryptSha256.c\r
- Pk/CryptRsa.c\r
+ Hash/CryptSm3.c\r
+ Hash/CryptSha512.c\r
+ Hash/CryptParallelHashNull.c\r
+ Hmac/CryptHmac.c\r
+ Kdf/CryptHkdf.c\r
+ Cipher/CryptAesNull.c\r
+ Cipher/CryptAeadAesGcmNull.c\r
+ Pk/CryptRsaBasic.c\r
+ Pk/CryptRsaExtNull.c\r
+ Pk/CryptPkcs1OaepNull.c\r
+ Pk/CryptPkcs5Pbkdf2Null.c\r
+ Pk/CryptPkcs7SignNull.c\r
+ Pk/CryptPkcs7VerifyCommon.c\r
+ Pk/CryptPkcs7VerifyBase.c\r
+ Pk/CryptPkcs7VerifyEku.c\r
+ Pk/CryptDhNull.c\r
+ Pk/CryptX509Null.c\r
+ Pk/CryptAuthenticodeNull.c\r
+ Pk/CryptTsNull.c\r
+ Pk/CryptRsaPss.c\r
+ Pk/CryptRsaPssSignNull.c\r
+ Pk/CryptEcNull.c\r
+ Pem/CryptPemNull.c\r
+ Rand/CryptRandNull.c\r
+ Bn/CryptBnNull.c\r
\r
SysCall/CrtWrapper.c\r
+ SysCall/ConstantTimeClock.c\r
SysCall/BaseMemAllocation.c\r
\r
-[Sources.Ia32]\r
- SysCall/Ia32/MathMultS64x64.c | MSFT\r
- SysCall/Ia32/MathDivU64x64.c | MSFT\r
- SysCall/Ia32/MathReminderU64x64.c | MSFT\r
- SysCall/Ia32/MathLShiftS64.c | MSFT\r
- SysCall/Ia32/MathRShiftU64.c | MSFT\r
-\r
- SysCall/Ia32/MathMultS64x64.c | INTEL\r
- SysCall/Ia32/MathDivU64x64.c | INTEL\r
- SysCall/Ia32/MathReminderU64x64.c | INTEL\r
- SysCall/Ia32/MathLShiftS64.c | INTEL\r
- SysCall/Ia32/MathRShiftU64.c | INTEL\r
-\r
- SysCall/Ia32/MathMultS64x64.S | GCC\r
- SysCall/Ia32/MathDivU64x64.S | GCC\r
- SysCall/Ia32/MathReminderU64x64.S | GCC\r
- SysCall/Ia32/MathLShiftS64.S | GCC\r
- SysCall/Ia32/MathRShiftU64.S | GCC\r
-\r
[Packages]\r
MdePkg/MdePkg.dec\r
CryptoPkg/CryptoPkg.dec\r
OpensslLib\r
IntrinsicLib\r
\r
+[FixedPcd]\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled\r
+\r
#\r
# Remove these [BuildOptions] after this library is cleaned up\r
#\r
[BuildOptions]\r
- GCC:*_GCC44_IA32_CC_FLAGS = "-D__cdecl=__attribute__((cdecl))" "-D__declspec(t)=__attribute__((t))"\r
- \r
+ #\r
+ # suppress the following warnings so we do not break the build with warnings-as-errors:\r
+ # C4090: 'function' : different 'const' qualifiers\r
+ # C4718: 'function call' : recursive call has no side effects, deleting\r
+ #\r
+ MSFT:*_*_*_CC_FLAGS = /wd4090 /wd4718\r
+\r
+ GCC:*_CLANG35_*_CC_FLAGS = -std=c99\r
+ GCC:*_CLANG38_*_CC_FLAGS = -std=c99\r
+ GCC:*_CLANGPDB_*_CC_FLAGS = -std=c99 -Wno-error=incompatible-pointer-types\r
+\r
+ XCODE:*_*_*_CC_FLAGS = -std=c99\r