.io>
mailto:devel@edk2.groups.io>> 代表 Wenxing Hou
发送时间: 2024年5月27日 12:24
收件人: gaoliming mailto:gaolim...@byosoft.com.cn>>;
devel@edk2.groups.io<mailto:devel@edk2.groups.io>; Kinney, Michael D
mailto:michael.d.kin...@intel.com>>; 'Andrew Fish'
mailto:af...@apple.com>>
. In this phase, only bug fixes will be
accepted
(https://github.com/tianocore/tianocore.github.io/wiki/HardFeatureFreeze).
So, this patch set may be merged after the stable tag is created.
Thanks
Liming
发件人: devel@edk2.groups.io<mailto:devel@edk2.groups.io>
mailto:devel@edk2.groups.io>> 代表
r issue;
- Fix Pkcs7 memory leak;
v3 changes:
- Fix some issues form reviewer;
- Add SHA3/SM3 implementation;
- Update *.inf files;
v4 changes:
- Delete SHA3 implementation;
- Complete Sm3 by linking OopensslLib;
- collection data for platform integration test for newly implemented APIs;
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Update all *.inf in BaseCryptLibMbedTls based on new implementation.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
.../BaseCryptLibMbedTls/BaseCryptLib.inf | 42
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Because the Mbedlts 3.3.0 doesn't have Sm3, the Sm3
implementaion is based on Openssl.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
CryptoPkg/CryptoPkgMbedTls.dsc
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Timestamp Countersignature Verification implementaion based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
.../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement AuthenticodeVerify based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
.../Pk/CryptAuthenticode.c| 214 ++
1 file changed
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement more RSA functions such as RsaPkcs1Sign based Mbedlts.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
.../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
X.509 Certificate Handler Wrapper Implementation over MbedTLS.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
.../BaseCryptLibMbedTls/Pk/CryptX509.c| 1940 +
1
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
.../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100
test.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
CryptoPkg/Include/Library/BaseCryptLib.h |2 +
.../BaseCryptLibMbedTls/InternalCryptLib.h| 33 +
.../Pk/CryptPkcs7Internal.h | 29 +-
.../BaseCryptLibMbedTls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement Pem API based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
.../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++
1 file changed, 138
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Add rand function for BaseCryptLibMbedTls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
CryptoPkg/Include/Library/BaseCryptLib.h | 2 +
.../BaseCryptLibMbedTls
implemented APIs;
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
Wenxing Hou (11):
CryptoPkg: Add AeadAesGcm based on Mbedtls
CryptoPkg: Add rand function for BaseCryptLibMbedTls
CryptoPkg: Add Pem APIs based on Mbedtls
CryptoPkg: Add X509
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
AeadAesGcm implementation based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Reviewed-by: Yi Li
Acked-by: Jiewen Yao
---
.../Cipher/CryptAeadAesGcm.c | 227 ++
1 file changed, 227
s.
> >
> > The patch has passed the EDKII CI check:
> > https://github.com/tianocore/edk2/pull/5552
> >
> > And the patch has passed unit_test in EDKII and integration test for
> platform.
> > And the patch hass passed the fuzz test:
> > https://gith
passed unit_test in EDKII and integration test for
platform.
> And the patch hass passed the fuzz test:
> https://github.com/tianocore/edk2-staging/commit/4f19398053c92e4f7791d
> 4
> 68a184530b6ab89128
>
> v2 changes:
> - Fix format variable name/hardcode number issue;
&g
some issues form reviewer;
- Add SHA3/SM3 implementation;
- Update *.inf files;
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Wenxing Hou (11):
CryptoPkg: Add AeadAesGcm based on Mbedtls
CryptoPkg: Add rand function for BaseCryptLibMbedTls
CryptoPkg: Add Pem APIs based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3
implementaion based on Openssl.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Library/BaseCryptLibMbedTls/BaseCryptLib.inf | 11
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement more RSA functions such as RsaPkcs1Sign based Mbedlts.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 ++
.../BaseCryptLibMbedTls/Pk/CryptRsaExt.c
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Update all *.inf in BaseCryptLibMbedTls based on new implementation.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/BaseCryptLib.inf | 42 ++-
.../BaseCryptLibMbedTls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Timestamp Countersignature Verification implementaion based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381 ++
1 file changed, 381 insertions
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement AuthenticodeVerify based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Pk/CryptAuthenticode.c| 214 ++
1 file changed, 214 insertions(+)
create mode 100644
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
X.509 Certificate Handler Wrapper Implementation over MbedTLS.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptX509.c| 1940 +
1 file changed, 1940 insertions(+)
create
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 ++
1 file changed, 100 insertions
.
And the implementation has pass unit_tes and integration test.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
CryptoPkg/Include/Library/BaseCryptLib.h |2 +
.../BaseCryptLibMbedTls/InternalCryptLib.h| 33 +
.../Pk/CryptPkcs7Internal.h | 29
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement Pem API based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++
1 file changed, 138 insertions(+)
create mode 100644 CryptoPkg/Library
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Add rand function for BaseCryptLibMbedTls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
CryptoPkg/Include/Library/BaseCryptLib.h | 2 +
.../BaseCryptLibMbedTls/InternalCryptLib.h| 16 +++
.../BaseCryptLibMbedTls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
AeadAesGcm implementation based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Cipher/CryptAeadAesGcm.c | 227 ++
1 file changed, 227 insertions(+)
create mode 100644
form reviewer;
- Add SHA3/SM3 implementation;
- Update *.inf files;
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Wenxing Hou (11):
CryptoPkg: Add AeadAesGcm based on Mbedtls
CryptoPkg: Add rand function for BaseCryptLibMbedTls
CryptoPkg: Add Pem APIs based on Mbedtls
CryptoPkg
>
> Could you please review the PATCH v4?
>
> PS: Jiewen has reviewed all the PATCH. And I have fixed his feedback in PATCH
> v4.
> Jiewen has no questions about all the patches anymore.
>
> Thanks,
> Wenxing
>
>
> -Original Message-
> From: dev
/show_bug.cgi?id=4177
Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3
implementaion based on Openssl.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
CryptoPkg/CryptoPkg.ci.yaml | 1 +
.../BaseCryptLibMbedTls/Hash/CryptCShake256.c | 282
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3
implementaion based on Openssl.
And the implementaion has passed build check.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
CryptoPkg/Library
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Timestamp Countersignature Verification implementaion based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381 ++
1 file changed, 381 insertions
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement AuthenticodeVerify based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Pk/CryptAuthenticode.c| 214 ++
1 file changed, 214 insertions(+)
create mode 100644
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement more RSA functions such as RsaPkcs1Sign based Mbedlts.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 ++
.../BaseCryptLibMbedTls/Pk/CryptRsaExt.c
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 ++
1 file changed, 100 insertions
.
And the implementation has pass unit_tes and integration test.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/InternalCryptLib.h| 33 +
.../Pk/CryptPkcs7Internal.h | 29 +-
.../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c | 615
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
AeadAesGcm implementation based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Cipher/CryptAeadAesGcm.c | 227 ++
1 file changed, 227 insertions(+)
create mode 100644
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
X.509 Certificate Handler Wrapper Implementation over MbedTLS.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptX509.c| 1925 +
1 file changed, 1925 insertions(+)
create
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement Pem API based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++
1 file changed, 138 insertions(+)
create mode 100644 CryptoPkg/Library
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Add rand function for BaseCryptLibMbedTls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/InternalCryptLib.h| 16 +++
.../BaseCryptLibMbedTls/Rand/CryptRand.c | 105
Signed-off-by: Wenxing Hou
Wenxing Hou (9):
CryptoPkg: Add AeadAesGcm based on Mbedtls
CryptoPkg: Add rand function for BaseCryptLibMbedTls
CryptoPkg: Add Pem APIs based on Mbedtls
CryptoPkg: Add X509 functions based on Mbedtls
CryptoPkg: Add Pkcs7 related functions based on Mbedtls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3
implementaion based on Openssl.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
CryptoPkg/CryptoPkg.ci.yaml | 1
no questions about all the patches anymore.
Thanks,
Wenxing
-Original Message-
From: devel@edk2.groups.io On Behalf Of Wenxing Hou
Sent: Thursday, April 18, 2024 5:28 PM
To: devel@edk2.groups.io
Cc: Andrew Fish ; Leif Lindholm ;
Kinney, Michael D ; Liming Gao
; Sean Brogan ; Joey
Add DeviceSecurity submodule libspdm.
Cc: Sean Brogan
Cc: Joey Vagedes
Cc: Michael D Kinney
Cc: Liming Gao
Signed-off-by: Wenxing Hou
Reviewed-by: Joey Vagedes
---
.pytool/CISettings.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
This patch add libspdm submodule license.
Cc: Andrew Fish
Cc: Leif Lindholm
Cc: Michael D Kinney
Signed-off-by: Wenxing Hou
---
ReadMe.rst | 1 +
1 file changed, 1 insertion(+)
diff --git a/ReadMe.rst b/ReadMe.rst
index 808ccd37af..cfd522fdbd 100644
--- a/ReadMe.rst
+++ b/ReadMe.rst
libspdm is submodule to support DeviceSecurity feature.
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
Reviewed-by: Jiewen Yao
---
SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 +
1 file changed, 1 insertion(+)
create mode 16 SecurityPkg/DeviceSecurity/SpdmLib/libspdm
diff --git
libspdm is submodule, which will be used in DeviceSecurity.
Cc: Andrew Fish
Cc: Michael D Kinney
Cc: Michael D Kinney
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
.gitmodules | 3 +++
1 file changed, 3 insertions(+)
diff --git a/.gitmodules b/.gitmodules
index 60d54b45eb..7f069abd3d
Add new api Tpm2ExtendNvIndex.
It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX.
Cc: Jiewen Yao
Cc: Rahul Kumar
Signed-off-by: Wenxing Hou
Reviewed-by: Jiewen Yao
---
SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++-
.../HashLibBaseCryptoRouterDx
Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable.
Cc: Liming Gao
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdeModulePkg/MdeModulePkg.dec | 5 +++
.../Variable/RuntimeDxe/Measurement.c | 38 ---
.../RuntimeDxe/VariableRuntimeDxe.inf
According to UEFI 2.10 spec 3.3 Globally Defined Variables section,
add devAuthBoot GlobalVariable.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
Reviewed-by: Liming Gao
---
MdePkg/Include/Guid/GlobalVariable.h | 8 +++-
MdePkg
Add support for
TCG PC Client Platform Firmware Profile Specification 1.06.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdePkg/Include/IndustryStandard/Spdm.h| 4 +-
.../IndustryStandard/UefiTcgPlatform.h| 186
-by: Wenxing Hou
---
MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++--
1 file changed, 1061 insertions(+), 49 deletions(-)
diff --git a/MdePkg/Include/IndustryStandard/Spdm.h
b/MdePkg/Include/IndustryStandard/Spdm.h
index 4ec7a5ed1f..7940caa95e 100644
--- a/MdePkg/Include
Cc: Rahul Kumar
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
Wenxing Hou (10):
MdePkg: Add SPDM1.2 support.
MdePkg: Add TCG PFP 1.06 support.
MdePkg: Add devAuthBoot GlobalVariable
MdeModulePkg/Variable: Add TCG SPDM device measurement update
SecurityPkg: Add TCG PFP 1.06 support.
Security
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 ++
1 file changed, 100 insertions
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Timestamp Countersignature Verification implementaion based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381 ++
1 file changed, 381 insertions
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement AuthenticodeVerify based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Pk/CryptAuthenticode.c| 214 ++
1 file changed, 214 insertions(+)
create mode 100644
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement more RSA functions such as RsaPkcs1Sign based Mbedlts.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 ++
.../BaseCryptLibMbedTls/Pk/CryptRsaExt.c
.
And the implementation has pass unit_tes and integration test.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/InternalCryptLib.h| 33 +
.../Pk/CryptPkcs7Internal.h | 20 +-
.../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c | 615
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
X.509 Certificate Handler Wrapper Implementation over MbedTLS.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pk/CryptX509.c| 1924 +
1 file changed, 1924 insertions(+)
create
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Implement Pem API based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++
1 file changed, 138 insertions(+)
create mode 100644 CryptoPkg/Library
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
Add rand function for BaseCryptLibMbedTls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
CryptoPkg/CryptoPkg.ci.yaml | 1 +
.../BaseCryptLibMbedTls/InternalCryptLib.h| 16 +++
.../BaseCryptLibMbedTls
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177
AeadAesGcm implementation based on Mbedtls.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Cipher/CryptAeadAesGcm.c | 227 ++
1 file changed, 227 insertions(+)
create mode 100644
unit_test in EDKII and integration test for platform.
And the patch hass passed the fuzz test:
https://github.com/tianocore/edk2-staging/commit/4f19398053c92e4f7791d468a184530b6ab89128
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Wenxing Hou (9):
CryptoPkg: Add AeadAesGcm based on Mbedtls
ofile-specification/
>
> The POC branch:
> https://github.com/tianocore/edk2-staging/tree/DeviceSecurity
>
> And the PATCH set has passed the EDKII CI:
> https://github.com/tianocore/edk2/pull/5508
>
> Cc: Sean Brogan
> Cc: Joey Vagedes
> Cc: Michael D Kinney
>
libspdm is submodule, which will be used in DeviceSecurity.
Cc: Andrew Fish
Cc: Michael D Kinney
Cc: Michael D Kinney
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
.gitmodules| 3 +++
SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 +
2 files changed, 4
This patch add libspdm submodule license.
Cc: Andrew Fish
Cc: Leif Lindholm
Cc: Michael D Kinney
Signed-off-by: Wenxing Hou
---
ReadMe.rst | 1 +
1 file changed, 1 insertion(+)
diff --git a/ReadMe.rst b/ReadMe.rst
index 808ccd37af..cfd522fdbd 100644
--- a/ReadMe.rst
+++ b/ReadMe.rst
libspdm is submodule to support DeviceSecurity feature.
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SecurityPkg/DeviceSecurity/SpdmLib/libspdm
b/SecurityPkg/DeviceSecurity/SpdmLib
Add new api Tpm2ExtendNvIndex.
It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX.
Cc: Jiewen Yao
Cc: Rahul Kumar
Signed-off-by: Wenxing Hou
---
SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++-
.../HashLibBaseCryptoRouterDxe.c |
Add DeviceSecurity submodule libspdm.
Cc: Sean Brogan
Cc: Joey Vagedes
Cc: Michael D Kinney
Cc: Liming Gao
Signed-off-by: Wenxing Hou
Reviewed-by: Joey Vagedes
---
.pytool/CISettings.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
According to UEFI 2.10 spec 3.3 Globally Defined Variables section,
add devAuthBoot GlobalVariable.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
Reviewed-by: Liming Gao
---
MdePkg/Include/Guid/GlobalVariable.h | 8 +++-
MdePkg
Add support for
TCG PC Client Platform Firmware Profile Specification 1.06.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdePkg/Include/IndustryStandard/Spdm.h| 4 +-
.../IndustryStandard/UefiTcgPlatform.h| 186
Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable.
Cc: Liming Gao
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdeModulePkg/MdeModulePkg.dec | 5 +++
.../Variable/RuntimeDxe/Measurement.c | 38 ---
.../RuntimeDxe/VariableRuntimeDxe.inf
-by: Wenxing Hou
---
MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++--
1 file changed, 1061 insertions(+), 49 deletions(-)
diff --git a/MdePkg/Include/IndustryStandard/Spdm.h
b/MdePkg/Include/IndustryStandard/Spdm.h
index 4ec7a5ed1f..7940caa95e 100644
--- a/MdePkg/Include
oey Vagedes
Cc: Andrew Fish
Cc: Leif Lindholm
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Sean Brogan
Cc: Joey Vagedes
Cc: Zhiguang Liu
Cc: Rahul Kumar
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
Wenxing Hou (10):
MdePkg: Add SPDM1.2 support.
MdePkg: Add TCG PFP 1.06 support.
MdePkg:
-devel] [PATCH 4/9] MdeModulePkg/Variable: Add TCG SPDM
device measurement update
Can you please fix the following typo? "PcdEnableSpdmDeviceAuthenticaion"
Thanks,
Michael
On 4/1/2024 10:31 PM, Wenxing Hou wrote:
> Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable.
>
> C
libspdm is submodule, which will be used in DeviceSecurity.
Cc: Andrew Fish
Cc: Michael D Kinney
Cc: Michael D Kinney
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
.gitmodules| 3 +++
SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 +
2 files changed, 4
libspdm is submodule to support DeviceSecurity feature.
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SecurityPkg/DeviceSecurity/SpdmLib/libspdm
b/SecurityPkg/DeviceSecurity/SpdmLib
Add DeviceSecurity submodule libspdm.
Cc: Sean Brogan
Cc: Joey Vagedes
Cc: Michael D Kinney
Cc: Liming Gao
Signed-off-by: Wenxing Hou
Reviewed-by: Joey Vagedes
---
.pytool/CISettings.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
Add new api Tpm2ExtendNvIndex.
It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX.
Cc: Jiewen Yao
Cc: Rahul Kumar
Signed-off-by: Wenxing Hou
---
SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++-
.../HashLibBaseCryptoRouterDxe.c |
Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable.
Cc: Liming Gao
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdeModulePkg/MdeModulePkg.dec | 5 +++
.../Variable/RuntimeDxe/Measurement.c | 38 ---
.../RuntimeDxe/VariableRuntimeDxe.inf
According to UEFI 2.10 spec 3.3 Globally Defined Variables section,
add devAuthBoot GlobalVariable.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdePkg/Include/Guid/GlobalVariable.h | 8 +++-
MdePkg/Include/Guid
Add support for
TCG PC Client Platform Firmware Profile Specification 1.06.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdePkg/Include/IndustryStandard/Spdm.h| 4 +-
.../IndustryStandard/UefiTcgPlatform.h| 186
-by: Wenxing Hou
---
MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++--
1 file changed, 1061 insertions(+), 49 deletions(-)
diff --git a/MdePkg/Include/IndustryStandard/Spdm.h
b/MdePkg/Include/IndustryStandard/Spdm.h
index 4ec7a5ed1f..7940caa95e 100644
--- a/MdePkg/Include
Yao
Signed-off-by: Wenxing Hou
Wenxing Hou (9):
MdePkg: Add SPDM1.2 support.
MdePkg: Add TCG PFP 1.06 support.
MdePkg: Add devAuthBoot GlobalVariable
MdeModulePkg/Variable: Add TCG SPDM device measurement update
SecurityPkg: Add TCG PFP 1.06 support.
SecurityPkg: add DeviceSecurity supp
libspdm is submodule to support DeviceSecurity feature.
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/SecurityPkg/DeviceSecurity/SpdmLib/libspdm
b/SecurityPkg/DeviceSecurity/SpdmLib
libspdm is submodule, which will be used in DeviceSecurity.
Cc: Andrew Fish
Cc: Michael D Kinney
Cc: Michael D Kinney
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
.gitmodules| 3 +++
SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 +
2 files changed, 4
Add new api Tpm2ExtendNvIndex.
It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX.
Cc: Jiewen Yao
Cc: Rahul Kumar
Signed-off-by: Wenxing Hou
---
SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++-
.../HashLibBaseCryptoRouterDxe.c |
Add DeviceSecurity submodule libspdm.
Cc: Sean Brogan
Cc: Joey Vagedes
Cc: Michael D Kinney
Cc: Liming Gao
Signed-off-by: Wenxing Hou
---
.pytool/CISettings.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py
index ec3beb0dcf..314758da32
Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable.
Cc: Liming Gao
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdeModulePkg/MdeModulePkg.dec | 5 +++
.../Variable/RuntimeDxe/Measurement.c | 38 ---
.../RuntimeDxe/VariableRuntimeDxe.inf
According to UEFI 2.10 spec 3.3 Globally Defined Variables section,
add devAuthBoot GlobalVariable.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdePkg/Include/Guid/GlobalVariable.h | 8 +++-
MdePkg/Include/Guid
the EDKII CI:
https://github.com/tianocore/edk2/pull/5508
Cc: Sean Brogan
Cc: Joey Vagedes
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Andrew Fish
Cc: Zhiguang Liu
Cc: Rahul Kumar
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
Wenxing Hou (9):
MdePkg: Add SPDM1.2 support.
MdePkg: Add TCG PFP
-by: Wenxing Hou
---
MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++--
1 file changed, 1061 insertions(+), 49 deletions(-)
diff --git a/MdePkg/Include/IndustryStandard/Spdm.h
b/MdePkg/Include/IndustryStandard/Spdm.h
index 4ec7a5ed1f..7940caa95e 100644
--- a/MdePkg/Include
Add support for
TCG PC Client Platform Firmware Profile Specification 1.06.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdePkg/Include/IndustryStandard/Spdm.h| 4 +-
.../IndustryStandard/UefiTcgPlatform.h| 186
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4742
Remove interdependence for RsaPssVerify, only use original
mbedtls API.
Because APIs such as Sha512Init may be closed by the platform PCD.
And this patch optimize the hash flow.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4741
Update Md5/Sha1/Sha2 by using mbedtls 3.0 api in BaseCryptLibMbedTls,
because the old API may be deprecated when open some MACRO.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Library/BaseCryptLibMbedTls/Hash/CryptMd5.c
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4740
There is a wrong usage for OPTIONAL.
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
---
.../Library/BaseCryptLibMbedTls/Pk/CryptPkcs1OaepNull.c | 6 ++
CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509Null.c| 6
.
And these patch has paseed the EDKII CI test.
https://github.com/tianocore/edk2/pull/5501
Cc: Jiewen Yao
Cc: Yi Li
Signed-off-by: Wenxing Hou
Wenxing Hou (3):
CryptoPkg: Update OPTIONAL location for BaseCryptLibMbedTls
CryptoPkg: Update Md5/Sha1/Sha2 by using new mbedtls api
CryptoPkg: Remove
According to UEFI 2.10 spec
32.8.2 UEFI Device Signature Variable GUID and Variable Name section,
add gEfiDeviceSignatureDatabaseGuid to dec.
Cc: Michael D Kinney
Cc: Liming Gao
Cc: Zhiguang Liu
Cc: Jiewen Yao
Signed-off-by: Wenxing Hou
---
MdePkg/MdePkg.dec | 8 +++-
1 file changed, 7
1 - 100 of 170 matches
Mail list logo