[edk2-devel] [PATCH 0/1] CryptoPkg: move define to CrtLibSupport

Signed-off-by: Wenxing Hou Wenxing Hou (1): CryptoPkg: move define to CrtLibSupport CryptoPkg/Library/Include/CrtLibSupport.h | 15 +++ CryptoPkg/Library/Include/stdint.h| 10 -- 2 files changed, 15 insertions(+), 10 deletions(-) -- 2.26.2.windows.1

[edk2-devel] [PATCH 1/1] CryptoPkg: move define to CrtLibSupport

Signed-off-by: Wenxing Hou --- CryptoPkg/Library/Include/CrtLibSupport.h | 15 +++ CryptoPkg/Library/Include/stdint.h| 10 -- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/CryptoPkg/Library/Include/CrtLibSupport.h b/CryptoPkg/Library/Include

[edk2-devel] [PATCH 0/1] CryptoPkg: fix gcc build fail for CryptoPkgMbedtls

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4630 Enable MBEDTLS_NO_UDBL_DIVISION to fix GCC x64 build failure. Cc: Jiewen Yao Cc: Yi Li Cc: Guomin Jiang Signed-off-by: Wenxing Hou Wenxing Hou (1): CryptoPkg: fix gcc build fail for CryptoPkgMbedtls CryptoPkg/Library/MbedTlsLib

[edk2-devel] [PATCH 1/1] CryptoPkg: fix gcc build fail for CryptoPkgMbedtls

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4630 Enable MBEDTLS_NO_UDBL_DIVISION to fix GCC x64 build failure. Cc: Jiewen Yao Cc: Yi Li Cc: Guomin Jiang Signed-off-by: Wenxing Hou --- CryptoPkg/Library/MbedTlsLib/Include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion

Re: [edk2-devel] [PATCH 1/1] CryptoPkg: fix gcc build fail for CryptoPkgMbedtls

fix GCC x64 build failure. Cc: Jiewen Yao Cc: Yi Li Cc: Guomin Jiang Signed-off-by: Wenxing Hou --- CryptoPkg/Library/MbedTlsLib/Include/mbedtls/mbedtls_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CryptoPkg/Library/MbedTlsLib/Include/mbedtls/mbedtls_config.h

[edk2-devel] [PATCH] CryptoPkg: change the define

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4632 Move the define to stdint and add MACRO to prevent duplicate inclusion. Cc: Jiewen Yao Cc: Yi Li Cc: Guomin Jiang Signed-off-by: Wenxing Hou --- CryptoPkg/Library/Include/CrtLibSupport.h | 15 --- CryptoPkg/Library/Include

[edk2-devel] [PATCH v2] CryptoPkg: Fix redefinition error of int defines

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4632 Move the define to stdint and add MACRO to prevent duplicate inclusion. Cc: Jiewen Yao Cc: Yi Li Cc: Guomin Jiang Signed-off-by: Wenxing Hou --- CryptoPkg/Library/Include/CrtLibSupport.h | 15 --- CryptoPkg/Library/Include

[edk2-devel] [PATCH] CryptoPkg: Add dummy inttypes header to fix clang build

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4642 When use Mbedtls, there is a clang build error. Add dummy inttypes header to fix clang build. Cc: Jiewen Yao Cc: Yi Li Cc: Guomin Jiang Signed-off-by: Wenxing Hou --- CryptoPkg/CryptoPkg.ci.yaml | 1 + CryptoPkg/Library

[edk2-devel] [PATCH 0/2] Add support for TCG PFP 1.06

: Wenxing Hou Wenxing Hou (2): MdePkg: Add SPDM1.2 support. MdePkg: Add TCG PFP 1.06 support. MdePkg/Include/IndustryStandard/Spdm.h| 1110 - .../IndustryStandard/UefiTcgPlatform.h| 186 ++- 2 files changed, 1245 insertions(+), 51 deletions(-) -- 2.26.2.windows.1

[edk2-devel] [PATCH 1/2] MdePkg: Add SPDM1.2 support.

-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++-- 1 file changed, 1061 insertions(+), 49 deletions(-) diff --git a/MdePkg/Include/IndustryStandard/Spdm.h b/MdePkg/Include/IndustryStandard/Spdm.h index 4ec7a5ed1f..7940caa95e 100644 --- a/MdePkg/Include

[edk2-devel] [PATCH 2/2] MdePkg: Add TCG PFP 1.06 support.

Add support for TCG PC Client Platform Firmware Profile Specification 1.06. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- .../IndustryStandard/UefiTcgPlatform.h| 186 +- 1 file changed, 184 insertions(+), 2

[edk2-devel] [PATCH] MdePkg: Add UEFI 2.10 DeviceAuthentication

According to UEFI 2.10 spec 32.8.2 UEFI Device Signature Variable GUID and Variable Name section, add signature database for device authentication. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/Guid/DeviceAuthentication.h

[edk2-devel] [PATCH v2 0/2] MdePkg: Add UEFI 2.10 DeviceAuthentication

According to UEFI 2.10 spec 32.8.2 UEFI Device Signature Variable GUID and Variable Name section, add signature database for device authentication and add add gEfiDeviceSignatureDatabaseGuid to dec. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou

[edk2-devel] [PATCH v2 1/2] MdePkg: Add UEFI 2.10 DeviceAuthentication

According to UEFI 2.10 spec 32.8.2 UEFI Device Signature Variable GUID and Variable Name section, add signature database for device authentication. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/Guid/DeviceAuthentication.h

[edk2-devel] [PATCH v2 2/2] MdePkg: Add gEfiDeviceSignatureDatabaseGuid to dec

According to UEFI 2.10 spec 32.8.2 UEFI Device Signature Variable GUID and Variable Name section, add gEfiDeviceSignatureDatabaseGuid to dec. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/MdePkg.dec | 8 +++- 1 file changed, 7

[edk2-devel] [PATCH v2] MdePkg: Add TCG PFP 1.06 support.

Add support for TCG PC Client Platform Firmware Profile Specification 1.06. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h| 4 +- .../IndustryStandard/UefiTcgPlatform.h| 186

[edk2-devel] [PATCH] MdePkg: Add devAuthBoot GlobalVariable

According to UEFI 2.10 spec 3.3 Globally Defined Variables section, add devAuthBoot GlobalVariable. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/Guid/GlobalVariable.h | 8 +++- MdePkg/Include/Guid

[edk2-devel] [PATCH v3 0/2] Add UEFI 2.10 DeviceAuthentication and GUID

Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou Wenxing Hou (2): MdePkg: Add UEFI 2.10 DeviceAuthentication MdePkg: Add gEfiDeviceSignatureDatabaseGuid to dec MdePkg/Include/Guid/DeviceAuthentication.h | 61 ++ MdePkg

[edk2-devel] [PATCH v3 2/2] MdePkg: Add gEfiDeviceSignatureDatabaseGuid to dec

According to UEFI 2.10 spec 32.8.2 UEFI Device Signature Variable GUID and Variable Name section, add gEfiDeviceSignatureDatabaseGuid to dec. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/MdePkg.dec | 8 +++- 1 file changed, 7

[edk2-devel] [PATCH v3 1/2] MdePkg: Add UEFI 2.10 DeviceAuthentication

According to UEFI 2.10 spec 32.8.2 UEFI Device Signature Variable GUID and Variable Name section, add signature database for device authentication. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/Guid/DeviceAuthentication.h

[edk2-devel] [PATCH 1/3] CryptoPkg: Update OPTIONAL location for BaseCryptLibMbedTls

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4740 There is a wrong usage for OPTIONAL. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Library/BaseCryptLibMbedTls/Pk/CryptPkcs1OaepNull.c | 6 ++ CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptX509Null.c| 6

[edk2-devel] [PATCH 0/3] CryptoPkg: Optimize APIs in BaseCryptLibMbedTls

patch has paseed the EDKII CI test. https://github.com/tianocore/edk2/pull/5501 Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou Wenxing Hou (3): CryptoPkg: Update OPTIONAL location for BaseCryptLibMbedTls CryptoPkg: Update Md5/Sha1/Sha2 by using new mbedtls api CryptoPkg: Remove

[edk2-devel] [PATCH 2/3] CryptoPkg: Update Md5/Sha1/Sha2 by using new mbedtls api

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4741 Update Md5/Sha1/Sha2 by using mbedtls 3.0 api in BaseCryptLibMbedTls, because the old API may be deprecated when open some MACRO. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Library/BaseCryptLibMbedTls/Hash/CryptMd5.c

[edk2-devel] [PATCH 3/3] CryptoPkg: Remove interdependence for RsaPssVerify

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4742 Remove interdependence for RsaPssVerify, only use original mbedtls API. Because APIs such as Sha512Init may be closed by the platform PCD. And this patch optimize the hash flow. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou

[edk2-devel] [PATCH 1/9] MdePkg: Add SPDM1.2 support.

-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++-- 1 file changed, 1061 insertions(+), 49 deletions(-) diff --git a/MdePkg/Include/IndustryStandard/Spdm.h b/MdePkg/Include/IndustryStandard/Spdm.h index 4ec7a5ed1f..7940caa95e 100644 --- a/MdePkg/Include

[edk2-devel] [PATCH 2/9] MdePkg: Add TCG PFP 1.06 support.

Add support for TCG PC Client Platform Firmware Profile Specification 1.06. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h| 4 +- .../IndustryStandard/UefiTcgPlatform.h| 186

[edk2-devel] [PATCH 3/9] MdePkg: Add devAuthBoot GlobalVariable

According to UEFI 2.10 spec 3.3 Globally Defined Variables section, add devAuthBoot GlobalVariable. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/Guid/GlobalVariable.h | 8 +++- MdePkg/Include/Guid

[edk2-devel] [PATCH 0/9] Add DeviceSecurity feature based on PFP 1.06 spec

the EDKII CI: https://github.com/tianocore/edk2/pull/5508 Cc: Sean Brogan Cc: Joey Vagedes Cc: Michael D Kinney Cc: Liming Gao Cc: Andrew Fish Cc: Zhiguang Liu Cc: Rahul Kumar Cc: Jiewen Yao Signed-off-by: Wenxing Hou Wenxing Hou (9): MdePkg: Add SPDM1.2 support. MdePkg: Add TCG PFP

[edk2-devel] [PATCH 4/9] MdeModulePkg/Variable: Add TCG SPDM device measurement update

Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable. Cc: Liming Gao Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdeModulePkg/MdeModulePkg.dec | 5 +++ .../Variable/RuntimeDxe/Measurement.c | 38 --- .../RuntimeDxe/VariableRuntimeDxe.inf

[edk2-devel] [PATCH 7/9] .pytool/CISettings.py: add libspdm submodule.

Add DeviceSecurity submodule libspdm. Cc: Sean Brogan Cc: Joey Vagedes Cc: Michael D Kinney Cc: Liming Gao Signed-off-by: Wenxing Hou --- .pytool/CISettings.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py index ec3beb0dcf..314758da32

[edk2-devel] [PATCH 5/9] SecurityPkg: Add TCG PFP 1.06 support.

Add new api Tpm2ExtendNvIndex. It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX. Cc: Jiewen Yao Cc: Rahul Kumar Signed-off-by: Wenxing Hou --- SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++- .../HashLibBaseCryptoRouterDxe.c |

[edk2-devel] [PATCH 8/9] .gitmodule: Add libspdm submodule for EDKII

libspdm is submodule, which will be used in DeviceSecurity. Cc: Andrew Fish Cc: Michael D Kinney Cc: Michael D Kinney Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- .gitmodules| 3 +++ SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 + 2 files changed, 4

[edk2-devel] [PATCH 9/9] SecurityPkg: Add libspdm submodule

libspdm is submodule to support DeviceSecurity feature. Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SecurityPkg/DeviceSecurity/SpdmLib/libspdm b/SecurityPkg/DeviceSecurity/SpdmLib

[edk2-devel] [PATCH v2 0/9] Add DeviceSecurity feature based on PFP 1.06 spec

Yao Signed-off-by: Wenxing Hou Wenxing Hou (9): MdePkg: Add SPDM1.2 support. MdePkg: Add TCG PFP 1.06 support. MdePkg: Add devAuthBoot GlobalVariable MdeModulePkg/Variable: Add TCG SPDM device measurement update SecurityPkg: Add TCG PFP 1.06 support. SecurityPkg: add DeviceSecurity supp

[edk2-devel] [PATCH v2 1/9] MdePkg: Add SPDM1.2 support.

-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++-- 1 file changed, 1061 insertions(+), 49 deletions(-) diff --git a/MdePkg/Include/IndustryStandard/Spdm.h b/MdePkg/Include/IndustryStandard/Spdm.h index 4ec7a5ed1f..7940caa95e 100644 --- a/MdePkg/Include

[edk2-devel] [PATCH v2 2/9] MdePkg: Add TCG PFP 1.06 support.

Add support for TCG PC Client Platform Firmware Profile Specification 1.06. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h| 4 +- .../IndustryStandard/UefiTcgPlatform.h| 186

[edk2-devel] [PATCH v2 3/9] MdePkg: Add devAuthBoot GlobalVariable

According to UEFI 2.10 spec 3.3 Globally Defined Variables section, add devAuthBoot GlobalVariable. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/Guid/GlobalVariable.h | 8 +++- MdePkg/Include/Guid

[edk2-devel] [PATCH v2 4/9] MdeModulePkg/Variable: Add TCG SPDM device measurement update

Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable. Cc: Liming Gao Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdeModulePkg/MdeModulePkg.dec | 5 +++ .../Variable/RuntimeDxe/Measurement.c | 38 --- .../RuntimeDxe/VariableRuntimeDxe.inf

[edk2-devel] [PATCH v2 5/9] SecurityPkg: Add TCG PFP 1.06 support.

Add new api Tpm2ExtendNvIndex. It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX. Cc: Jiewen Yao Cc: Rahul Kumar Signed-off-by: Wenxing Hou --- SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++- .../HashLibBaseCryptoRouterDxe.c |

[edk2-devel] [PATCH v2 7/9] .pytool/CISettings.py: add libspdm submodule.

Add DeviceSecurity submodule libspdm. Cc: Sean Brogan Cc: Joey Vagedes Cc: Michael D Kinney Cc: Liming Gao Signed-off-by: Wenxing Hou Reviewed-by: Joey Vagedes --- .pytool/CISettings.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py

[edk2-devel] [PATCH v2 8/9] .gitmodule: Add libspdm submodule for EDKII

libspdm is submodule, which will be used in DeviceSecurity. Cc: Andrew Fish Cc: Michael D Kinney Cc: Michael D Kinney Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- .gitmodules| 3 +++ SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 + 2 files changed, 4

[edk2-devel] [PATCH v2 9/9] SecurityPkg: Add libspdm submodule

libspdm is submodule to support DeviceSecurity feature. Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SecurityPkg/DeviceSecurity/SpdmLib/libspdm b/SecurityPkg/DeviceSecurity/SpdmLib

Re: [edk2-devel] [PATCH 4/9] MdeModulePkg/Variable: Add TCG SPDM device measurement update

-devel] [PATCH 4/9] MdeModulePkg/Variable: Add TCG SPDM device measurement update Can you please fix the following typo? "PcdEnableSpdmDeviceAuthenticaion" Thanks, Michael On 4/1/2024 10:31 PM, Wenxing Hou wrote: > Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable. > > C

[edk2-devel] [PATCH v3 00/10] Add DeviceSecurity feature based on PFP 1.06 spec

oey Vagedes Cc: Andrew Fish Cc: Leif Lindholm Cc: Michael D Kinney Cc: Liming Gao Cc: Sean Brogan Cc: Joey Vagedes Cc: Zhiguang Liu Cc: Rahul Kumar Cc: Jiewen Yao Signed-off-by: Wenxing Hou Wenxing Hou (10): MdePkg: Add SPDM1.2 support. MdePkg: Add TCG PFP 1.06 support. MdePkg:

[edk2-devel] [PATCH v3 01/10] MdePkg: Add SPDM1.2 support.

-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++-- 1 file changed, 1061 insertions(+), 49 deletions(-) diff --git a/MdePkg/Include/IndustryStandard/Spdm.h b/MdePkg/Include/IndustryStandard/Spdm.h index 4ec7a5ed1f..7940caa95e 100644 --- a/MdePkg/Include

[edk2-devel] [PATCH v3 04/10] MdeModulePkg/Variable: Add TCG SPDM device measurement update

Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable. Cc: Liming Gao Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdeModulePkg/MdeModulePkg.dec | 5 +++ .../Variable/RuntimeDxe/Measurement.c | 38 --- .../RuntimeDxe/VariableRuntimeDxe.inf

[edk2-devel] [PATCH v3 02/10] MdePkg: Add TCG PFP 1.06 support.

Add support for TCG PC Client Platform Firmware Profile Specification 1.06. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h| 4 +- .../IndustryStandard/UefiTcgPlatform.h| 186

[edk2-devel] [PATCH v3 03/10] MdePkg: Add devAuthBoot GlobalVariable

According to UEFI 2.10 spec 3.3 Globally Defined Variables section, add devAuthBoot GlobalVariable. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou Reviewed-by: Liming Gao --- MdePkg/Include/Guid/GlobalVariable.h | 8 +++- MdePkg

[edk2-devel] [PATCH v3 07/10] .pytool/CISettings.py: add libspdm submodule.

Add DeviceSecurity submodule libspdm. Cc: Sean Brogan Cc: Joey Vagedes Cc: Michael D Kinney Cc: Liming Gao Signed-off-by: Wenxing Hou Reviewed-by: Joey Vagedes --- .pytool/CISettings.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py

[edk2-devel] [PATCH v3 05/10] SecurityPkg: Add TCG PFP 1.06 support.

Add new api Tpm2ExtendNvIndex. It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX. Cc: Jiewen Yao Cc: Rahul Kumar Signed-off-by: Wenxing Hou --- SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++- .../HashLibBaseCryptoRouterDxe.c |

[edk2-devel] [PATCH v3 09/10] SecurityPkg: Add libspdm submodule

libspdm is submodule to support DeviceSecurity feature. Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SecurityPkg/DeviceSecurity/SpdmLib/libspdm b/SecurityPkg/DeviceSecurity/SpdmLib

[edk2-devel] [PATCH v3 10/10] ReadMe.rst: Add libspdm submodule license

This patch add libspdm submodule license. Cc: Andrew Fish Cc: Leif Lindholm Cc: Michael D Kinney Signed-off-by: Wenxing Hou --- ReadMe.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/ReadMe.rst b/ReadMe.rst index 808ccd37af..cfd522fdbd 100644 --- a/ReadMe.rst +++ b/ReadMe.rst

[edk2-devel] [PATCH v3 08/10] .gitmodule: Add libspdm submodule for EDKII

libspdm is submodule, which will be used in DeviceSecurity. Cc: Andrew Fish Cc: Michael D Kinney Cc: Michael D Kinney Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- .gitmodules| 3 +++ SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 + 2 files changed, 4

Re: [edk2-devel] [PATCH 0/9] Add DeviceSecurity feature based on PFP 1.06 spec

platform-firmware-profile-specification/ > > The POC branch: > https://github.com/tianocore/edk2-staging/tree/DeviceSecurity > > And the PATCH set has passed the EDKII CI: > https://github.com/tianocore/edk2/pull/5508 > > Cc: Sean Brogan > Cc: Joey Vagedes > Cc: Mic

[edk2-devel] [PATCH 0/9] Add more crypt APIs based on Mbedtls

unit_test in EDKII and integration test for platform. And the patch hass passed the fuzz test: https://github.com/tianocore/edk2-staging/commit/4f19398053c92e4f7791d468a184530b6ab89128 Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou Wenxing Hou (9): CryptoPkg: Add AeadAesGcm based on Mbedtls

[edk2-devel] [PATCH 1/9] CryptoPkg: Add AeadAesGcm based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 AeadAesGcm implementation based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Cipher/CryptAeadAesGcm.c | 227 ++ 1 file changed, 227 insertions(+) create mode 100644

[edk2-devel] [PATCH 2/9] CryptoPkg: Add rand function for BaseCryptLibMbedTls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Add rand function for BaseCryptLibMbedTls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/CryptoPkg.ci.yaml | 1 + .../BaseCryptLibMbedTls/InternalCryptLib.h| 16 +++ .../BaseCryptLibMbedTls

[edk2-devel] [PATCH 3/9] CryptoPkg: Add Pem APIs based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement Pem API based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++ 1 file changed, 138 insertions(+) create mode 100644 CryptoPkg/Library

[edk2-devel] [PATCH 4/9] CryptoPkg: Add X509 functions based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 X.509 Certificate Handler Wrapper Implementation over MbedTLS. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptX509.c| 1924 + 1 file changed, 1924 insertions(+) create

[edk2-devel] [PATCH 5/9] CryptoPkg: Add Pkcs7 related functions based on Mbedtls

s Api. And the implementation has pass unit_tes and integration test. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/InternalCryptLib.h| 33 + .../Pk/CryptPkcs7Internal.h | 20 +- .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c |

[edk2-devel] [PATCH 8/9] CryptoPkg: Add AuthenticodeVerify based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement AuthenticodeVerify based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Pk/CryptAuthenticode.c| 214 ++ 1 file changed, 214 insertions(+) create mode 100644

[edk2-devel] [PATCH 7/9] CryptoPkg: Add more RSA related functions based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement more RSA functions such as RsaPkcs1Sign based Mbedlts. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 ++ .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c

[edk2-devel] [PATCH 9/9] CryptoPkg: Add ImageTimestampVerify based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Timestamp Countersignature Verification implementaion based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381 ++ 1 file changed, 381 insertions

[edk2-devel] [PATCH 6/9] CryptoPkg: Add Pkcs5 functions based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 ++ 1 file changed, 100 insertions

[edk2-devel] [PATCH v4 00/10] Add DeviceSecurity feature based on PFP 1.06 spec

Cc: Rahul Kumar Cc: Jiewen Yao Signed-off-by: Wenxing Hou Wenxing Hou (10): MdePkg: Add SPDM1.2 support. MdePkg: Add TCG PFP 1.06 support. MdePkg: Add devAuthBoot GlobalVariable MdeModulePkg/Variable: Add TCG SPDM device measurement update SecurityPkg: Add TCG PFP 1.06 support. Security

[edk2-devel] [PATCH v4 01/10] MdePkg: Add SPDM1.2 support.

-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h | 1110 ++-- 1 file changed, 1061 insertions(+), 49 deletions(-) diff --git a/MdePkg/Include/IndustryStandard/Spdm.h b/MdePkg/Include/IndustryStandard/Spdm.h index 4ec7a5ed1f..7940caa95e 100644 --- a/MdePkg/Include

[edk2-devel] [PATCH v4 02/10] MdePkg: Add TCG PFP 1.06 support.

Add support for TCG PC Client Platform Firmware Profile Specification 1.06. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdePkg/Include/IndustryStandard/Spdm.h| 4 +- .../IndustryStandard/UefiTcgPlatform.h| 186

[edk2-devel] [PATCH v4 03/10] MdePkg: Add devAuthBoot GlobalVariable

According to UEFI 2.10 spec 3.3 Globally Defined Variables section, add devAuthBoot GlobalVariable. Cc: Michael D Kinney Cc: Liming Gao Cc: Zhiguang Liu Cc: Jiewen Yao Signed-off-by: Wenxing Hou Reviewed-by: Liming Gao --- MdePkg/Include/Guid/GlobalVariable.h | 8 +++- MdePkg

[edk2-devel] [PATCH v4 04/10] MdeModulePkg/Variable: Add TCG SPDM device measurement update

Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable. Cc: Liming Gao Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- MdeModulePkg/MdeModulePkg.dec | 5 +++ .../Variable/RuntimeDxe/Measurement.c | 38 --- .../RuntimeDxe/VariableRuntimeDxe.inf

[edk2-devel] [PATCH v4 05/10] SecurityPkg: Add TCG PFP 1.06 support.

Add new api Tpm2ExtendNvIndex. It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX. Cc: Jiewen Yao Cc: Rahul Kumar Signed-off-by: Wenxing Hou Reviewed-by: Jiewen Yao --- SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++- .../HashLibBaseCryptoRouterDx

[edk2-devel] [PATCH v4 08/10] .gitmodule: Add libspdm submodule for EDKII

libspdm is submodule, which will be used in DeviceSecurity. Cc: Andrew Fish Cc: Michael D Kinney Cc: Michael D Kinney Cc: Jiewen Yao Signed-off-by: Wenxing Hou --- .gitmodules | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitmodules b/.gitmodules index 60d54b45eb..7f069abd3d

[edk2-devel] [PATCH v4 09/10] SecurityPkg: Add libspdm submodule

libspdm is submodule to support DeviceSecurity feature. Cc: Jiewen Yao Signed-off-by: Wenxing Hou Reviewed-by: Jiewen Yao --- SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 + 1 file changed, 1 insertion(+) create mode 16 SecurityPkg/DeviceSecurity/SpdmLib/libspdm diff --git a

[edk2-devel] [PATCH v4 10/10] ReadMe.rst: Add libspdm submodule license

This patch add libspdm submodule license. Cc: Andrew Fish Cc: Leif Lindholm Cc: Michael D Kinney Signed-off-by: Wenxing Hou --- ReadMe.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/ReadMe.rst b/ReadMe.rst index 808ccd37af..cfd522fdbd 100644 --- a/ReadMe.rst +++ b/ReadMe.rst

[edk2-devel] [PATCH v4 07/10] .pytool/CISettings.py: add libspdm submodule.

Add DeviceSecurity submodule libspdm. Cc: Sean Brogan Cc: Joey Vagedes Cc: Michael D Kinney Cc: Liming Gao Signed-off-by: Wenxing Hou Reviewed-by: Joey Vagedes --- .pytool/CISettings.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.pytool/CISettings.py b/.pytool/CISettings.py

Re: [edk2-devel] [PATCH v4 00/10] Add DeviceSecurity feature based on PFP 1.06 spec

questions about all the patches anymore. Thanks, Wenxing -Original Message- From: devel@edk2.groups.io On Behalf Of Wenxing Hou Sent: Thursday, April 18, 2024 5:28 PM To: devel@edk2.groups.io Cc: Andrew Fish ; Leif Lindholm ; Kinney, Michael D ; Liming Gao ; Sean Brogan ; Joey

[edk2-devel] [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3 implementaion based on Openssl. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/CryptoPkg.ci.yaml

[edk2-devel] [PATCH v2 0/9] Add more crypt APIs based on Mbedtls

Signed-off-by: Wenxing Hou Wenxing Hou (9): CryptoPkg: Add AeadAesGcm based on Mbedtls CryptoPkg: Add rand function for BaseCryptLibMbedTls CryptoPkg: Add Pem APIs based on Mbedtls CryptoPkg: Add X509 functions based on Mbedtls CryptoPkg: Add Pkcs7 related functions based on Mbedtls

[edk2-devel] [PATCH v2 2/9] CryptoPkg: Add rand function for BaseCryptLibMbedTls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Add rand function for BaseCryptLibMbedTls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/InternalCryptLib.h| 16 +++ .../BaseCryptLibMbedTls/Rand/CryptRand.c | 105

[edk2-devel] [PATCH v2 3/9] CryptoPkg: Add Pem APIs based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement Pem API based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++ 1 file changed, 138 insertions(+) create mode 100644 CryptoPkg/Library

[edk2-devel] [PATCH v2 4/9] CryptoPkg: Add X509 functions based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 X.509 Certificate Handler Wrapper Implementation over MbedTLS. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptX509.c| 1925 + 1 file changed, 1925 insertions(+) create

[edk2-devel] [PATCH v2 5/9] CryptoPkg: Add Pkcs7 related functions based on Mbedtls

s Api. And the implementation has pass unit_tes and integration test. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/InternalCryptLib.h| 33 + .../Pk/CryptPkcs7Internal.h | 29 +- .../BaseCryptLibMbedTls/Pk/CryptPkcs7Sign.c |

[edk2-devel] [PATCH v2 1/9] CryptoPkg: Add AeadAesGcm based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 AeadAesGcm implementation based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Cipher/CryptAeadAesGcm.c | 227 ++ 1 file changed, 227 insertions(+) create mode 100644

[edk2-devel] [PATCH v2 6/9] CryptoPkg: Add Pkcs5 functions based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 ++ 1 file changed, 100 insertions

[edk2-devel] [PATCH v2 7/9] CryptoPkg: Add more RSA related functions based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement more RSA functions such as RsaPkcs1Sign based Mbedlts. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptPkcs1Oaep.c | 278 ++ .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c

[edk2-devel] [PATCH v2 8/9] CryptoPkg: Add AuthenticodeVerify based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement AuthenticodeVerify based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Pk/CryptAuthenticode.c| 214 ++ 1 file changed, 214 insertions(+) create mode 100644

[edk2-devel] [PATCH v2 9/9] CryptoPkg: Add ImageTimestampVerify based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Timestamp Countersignature Verification implementaion based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381 ++ 1 file changed, 381 insertions

[edk2-devel] [PATCH v2] Add SHA3/SM3 functions with openssl for Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3 implementaion based on Openssl. And the implementaion has passed build check. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/Li

Re: [edk2-devel] [PATCH] Add SHA3/SM3 functions with openssl for Mbedtls

/show_bug.cgi?id=4177 Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3 implementaion based on Openssl. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/CryptoPkg.ci.yaml | 1 + .../BaseCryptLibMbedTls/Hash/CryptCShake256.c

Re: [edk2-devel] [PATCH v4 00/10] Add DeviceSecurity feature based on PFP 1.06 spec

> > Could you please review the PATCH v4? > > PS: Jiewen has reviewed all the PATCH. And I have fixed his feedback in PATCH > v4. > Jiewen has no questions about all the patches anymore. > > Thanks, > Wenxing > > > -Original Message- > From: dev

[edk2-devel] [PATCH v3 00/11] Add more crypt APIs based on Mbedtls

form reviewer; - Add SHA3/SM3 implementation; - Update *.inf files; Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou Wenxing Hou (11): CryptoPkg: Add AeadAesGcm based on Mbedtls CryptoPkg: Add rand function for BaseCryptLibMbedTls CryptoPkg: Add Pem APIs based on Mbedtls CryptoPkg

[edk2-devel] [PATCH v3 01/11] CryptoPkg: Add AeadAesGcm based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 AeadAesGcm implementation based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Cipher/CryptAeadAesGcm.c | 227 ++ 1 file changed, 227 insertions(+) create mode 100644

[edk2-devel] [PATCH v3 02/11] CryptoPkg: Add rand function for BaseCryptLibMbedTls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Add rand function for BaseCryptLibMbedTls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/Include/Library/BaseCryptLib.h | 2 + .../BaseCryptLibMbedTls/InternalCryptLib.h| 16 +++ .../BaseCryptLibMbedTls

[edk2-devel] [PATCH v3 03/11] CryptoPkg: Add Pem APIs based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement Pem API based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pem/CryptPem.c| 138 ++ 1 file changed, 138 insertions(+) create mode 100644 CryptoPkg/Library

[edk2-devel] [PATCH v3 05/11] CryptoPkg: Add Pkcs7 related functions based on Mbedtls

s Api. And the implementation has pass unit_tes and integration test. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- CryptoPkg/Include/Library/BaseCryptLib.h |2 + .../BaseCryptLibMbedTls/InternalCryptLib.h| 33 + .../Pk/CryptPkcs7Internal.h |

[edk2-devel] [PATCH v3 06/11] CryptoPkg: Add Pkcs5 functions based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 PBKDF2 Key Derivation Function Wrapper Implementation over MbedTLS. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptPkcs5Pbkdf2.c | 100 ++ 1 file changed, 100 insertions

[edk2-devel] [PATCH v3 04/11] CryptoPkg: Add X509 functions based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 X.509 Certificate Handler Wrapper Implementation over MbedTLS. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Pk/CryptX509.c| 1940 + 1 file changed, 1940 insertions(+) create

[edk2-devel] [PATCH v3 08/11] CryptoPkg: Add AuthenticodeVerify based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Implement AuthenticodeVerify based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Pk/CryptAuthenticode.c| 214 ++ 1 file changed, 214 insertions(+) create mode 100644

[edk2-devel] [PATCH v3 09/11] CryptoPkg: Add ImageTimestampVerify based on Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Timestamp Countersignature Verification implementaion based on Mbedtls. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Library/BaseCryptLibMbedTls/Pk/CryptTs.c | 381 ++ 1 file changed, 381 insertions

[edk2-devel] [PATCH v3 10/11] CryptoPkg: Update *.inf in BaseCryptLibMbedTls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Update all *.inf in BaseCryptLibMbedTls based on new implementation. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/BaseCryptLib.inf | 42 ++- .../BaseCryptLibMbedTls

[edk2-devel] [PATCH v3 11/11] Add SHA3/SM3 functions with openssl for Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Because the Mbedlts 3.3.0 doesn't have SHA3 and Sm3, the SHA3 and Sm3 implementaion based on Openssl. Cc: Jiewen Yao Cc: Yi Li Signed-off-by: Wenxing Hou --- .../Library/BaseCryptLibMbedTls/BaseCryptLib.inf

  1   2   >