!if $(CRYPTO_SERVICES) IN "PACKAGE ALL"\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md5.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tdes.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.GetContextSize | TRUE\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Init | TRUE\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcEncrypt | TRUE\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcDecrypt | TRUE\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family | 0\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
!endif\r
\r
!if $(CRYPTO_SERVICES) == MIN_PEI\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.GetContextSize | TRUE\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Init | TRUE\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcEncrypt | TRUE\r
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcDecrypt | TRUE\r
/** @file\r
Defines the PCD_CRYPTO_SERVICE_FAMILY_ENABLE structure associated with\r
- gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.\r
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable that is used\r
+ to enable/disable crypto services at either the family scope or the\r
+ individual service scope. Platforms can minimize the number of enabled\r
+ services to reduce size.\r
+\r
+ The following services have been deprecated and must never be enabled.\r
+ The associated fields in this data structure are never removed or replaced\r
+ to preseve the binary layout of the data structure. New services are\r
+ always added to the end of the data structure.\r
+ * HmacMd5 family\r
+ * HmacSha1 family\r
+ * Md4 family\r
+ * Md5 family\r
+ * Tdes family\r
+ * Arc4 family\r
+ * Aes.Services.EcbEncrypt service\r
+ * Aes.Services.EcbDecrypt service\r
+\r
+ Is is recommended that the following services always be disabled and may\r
+ be deprecated in the future.\r
+ * Sha1 family\r
\r
Copyright (c) 2019 - 2022, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
typedef struct {\r
union {\r
struct {\r
- UINT8 New : 1;\r
- UINT8 Free : 1;\r
- UINT8 SetKey : 1;\r
- UINT8 Duplicate : 1;\r
- UINT8 Update : 1;\r
- UINT8 Final : 1;\r
+ UINT8 New : 1; // Deprecated\r
+ UINT8 Free : 1; // Deprecated\r
+ UINT8 SetKey : 1; // Deprecated\r
+ UINT8 Duplicate : 1; // Deprecated\r
+ UINT8 Update : 1; // Deprecated\r
+ UINT8 Final : 1; // Deprecated\r
} Services;\r
- UINT32 Family;\r
+ UINT32 Family; // Deprecated\r
} HmacMd5;\r
union {\r
struct {\r
- UINT8 New : 1;\r
- UINT8 Free : 1;\r
- UINT8 SetKey : 1;\r
- UINT8 Duplicate : 1;\r
- UINT8 Update : 1;\r
- UINT8 Final : 1;\r
+ UINT8 New : 1; // Deprecated\r
+ UINT8 Free : 1; // Deprecated\r
+ UINT8 SetKey : 1; // Deprecated\r
+ UINT8 Duplicate : 1; // Deprecated\r
+ UINT8 Update : 1; // Deprecated\r
+ UINT8 Final : 1; // Deprecated\r
} Services;\r
- UINT32 Family;\r
+ UINT32 Family; // Deprecated\r
} HmacSha1;\r
union {\r
struct {\r
} HmacSha384;\r
union {\r
struct {\r
- UINT8 GetContextSize : 1;\r
- UINT8 Init : 1;\r
- UINT8 Duplicate : 1;\r
- UINT8 Update : 1;\r
- UINT8 Final : 1;\r
- UINT8 HashAll : 1;\r
+ UINT8 GetContextSize : 1; // Deprecated\r
+ UINT8 Init : 1; // Deprecated\r
+ UINT8 Duplicate : 1; // Deprecated\r
+ UINT8 Update : 1; // Deprecated\r
+ UINT8 Final : 1; // Deprecated\r
+ UINT8 HashAll : 1; // Deprecated\r
} Services;\r
- UINT32 Family;\r
+ UINT32 Family; // Deprecated\r
} Md4;\r
union {\r
struct {\r
- UINT8 GetContextSize : 1;\r
- UINT8 Init : 1;\r
- UINT8 Duplicate : 1;\r
- UINT8 Update : 1;\r
- UINT8 Final : 1;\r
- UINT8 HashAll : 1;\r
+ UINT8 GetContextSize : 1; // Deprecated\r
+ UINT8 Init : 1; // Deprecated\r
+ UINT8 Duplicate : 1; // Deprecated\r
+ UINT8 Update : 1; // Deprecated\r
+ UINT8 Final : 1; // Deprecated\r
+ UINT8 HashAll : 1; // Deprecated\r
} Services;\r
UINT32 Family;\r
- } Md5;\r
+ } Md5; // Deprecated\r
union {\r
struct {\r
UINT8 Pkcs1v2Encrypt : 1;\r
} Rsa;\r
union {\r
struct {\r
- UINT8 GetContextSize : 1;\r
- UINT8 Init : 1;\r
- UINT8 Duplicate : 1;\r
- UINT8 Update : 1;\r
- UINT8 Final : 1;\r
- UINT8 HashAll : 1;\r
+ UINT8 GetContextSize : 1; // Recommend disable\r
+ UINT8 Init : 1; // Recommend disable\r
+ UINT8 Duplicate : 1; // Recommend disable\r
+ UINT8 Update : 1; // Recommend disable\r
+ UINT8 Final : 1; // Recommend disable\r
+ UINT8 HashAll : 1; // Recommend disable\r
} Services;\r
- UINT32 Family;\r
+ UINT32 Family; // Recommend disable\r
} Sha1;\r
union {\r
struct {\r
} X509;\r
union {\r
struct {\r
- UINT8 GetContextSize : 1;\r
- UINT8 Init : 1;\r
- UINT8 EcbEncrypt : 1;\r
- UINT8 EcbDecrypt : 1;\r
- UINT8 CbcEncrypt : 1;\r
- UINT8 CbcDecrypt : 1;\r
+ UINT8 GetContextSize : 1; // Deprecated\r
+ UINT8 Init : 1; // Deprecated\r
+ UINT8 EcbEncrypt : 1; // Deprecated\r
+ UINT8 EcbDecrypt : 1; // Deprecated\r
+ UINT8 CbcEncrypt : 1; // Deprecated\r
+ UINT8 CbcDecrypt : 1; // Deprecated\r
} Services;\r
- UINT32 Family;\r
+ UINT32 Family; // Deprecated\r
} Tdes;\r
union {\r
struct {\r
UINT8 GetContextSize : 1;\r
UINT8 Init : 1;\r
- UINT8 EcbEncrypt : 1;\r
- UINT8 EcbDecrypt : 1;\r
+ UINT8 EcbEncrypt : 1; // Deprecated\r
+ UINT8 EcbDecrypt : 1; // Deprecated\r
UINT8 CbcEncrypt : 1;\r
UINT8 CbcDecrypt : 1;\r
} Services;\r
} Aes;\r
union {\r
struct {\r
- UINT8 GetContextSize : 1;\r
- UINT8 Init : 1;\r
- UINT8 Encrypt : 1;\r
- UINT8 Decrypt : 1;\r
- UINT8 Reset : 1;\r
+ UINT8 GetContextSize : 1; // Deprecated\r
+ UINT8 Init : 1; // Deprecated\r
+ UINT8 Encrypt : 1; // Deprecated\r
+ UINT8 Decrypt : 1; // Deprecated\r
+ UINT8 Reset : 1; // Deprecated\r
} Services;\r
- UINT32 Family;\r
+ UINT32 Family; // Deprecated\r
} Arc4;\r
union {\r
struct {\r