Reviewed-by: Jian J Wang <jian.j.w...@intel.com>
> -----Original Message----- > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of Imran > Desai > Sent: Wednesday, May 29, 2019 4:41 AM > To: devel@edk2.groups.io > Subject: [edk2-devel] [PATCH v2 4/5] SecurityPkg: set SM3 bit in TPM 2.0 hash > mask by default > > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=1781 > > EDK2 Support for SM3 digest algorithm is needed to enable TPM with SM3 PCR > banks. This digest algorithm is part of the China Crypto algorithm suite. > This integration has dependency on the openssl_1_1_1b integration into > edk2. > This patch sets SM3 bit in TPM2.0 hash mask by default. > > Signed-off-by: Imran Desai <imran.de...@intel.com> > Cc: Chao Zhang <chao.b.zh...@intel.com> > Cc: Jiewen Yao <jiewen....@intel.com> > Cc: Jian Wang <jian.j.w...@intel.com> > --- > SecurityPkg/SecurityPkg.dec | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec > index 3314f1854be4..fa3a4fcf5869 100644 > --- a/SecurityPkg/SecurityPkg.dec > +++ b/SecurityPkg/SecurityPkg.dec > @@ -438,9 +438,10 @@ [PcdsDynamic, PcdsDynamicEx] > # BIT1 - SHA256.<BR> > # BIT2 - SHA384.<BR> > # BIT3 - SHA512.<BR> > + # BIT4 - SM3_256.<BR> > # @Prompt Hash mask for TPM 2.0 > - # @ValidRange 0x80000001 | 0x00000000 - 0x0000000F > - > gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000000F|UINT32|0x00 > 010010 > + # @ValidRange 0x80000001 | 0x00000000 - 0x0000001F > + > gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000001F|UINT32|0x00 > 010010 > > ## This PCD indicated final BIOS supported Hash mask. > # Bios may choose to register a subset of PcdTpm2HashMask. > -- > 2.17.0 > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#42043): https://edk2.groups.io/g/devel/message/42043 Mute This Topic: https://groups.io/mt/31826563/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-