## @file # Cryptographic Library Package for UEFI Security Implementation. # PEIM, DXE Driver, and SMM Driver with all crypto services enabled. # # Copyright (c) 2009 - 2022, Intel Corporation. All rights reserved.
# Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights reserved.
# Copyright (c) 2022, Loongson Technology Corporation Limited. All rights reserved.
# Copyright (c) 2023, Arm Limited. All rights reserved.
# Copyright (c) 2024, American Megatrends International LLC. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## ################################################################################ # # Defines Section - statements that will be processed to create a Makefile. # ################################################################################ [Defines] PLATFORM_NAME = CryptoPkg PLATFORM_GUID = E1063286-6C8C-4c25-AEF0-67A9A5B6E6B6 PLATFORM_VERSION = 0.98 DSC_SPECIFICATION = 0x00010005 SUPPORTED_ARCHITECTURES = IA32|X64|ARM|AARCH64|RISCV64|LOONGARCH64 BUILD_TARGETS = DEBUG|RELEASE|NOOPT SKUID_IDENTIFIER = DEFAULT # # Flavor of PEI, DXE, SMM modules to build. # Must be one of ALL, NONE, MIN_PEI, MIN_DXE_MIN_SMM, TARGET_UINT_TESTS. # Default is ALL that is used for package build verification. # ALL - Build PEIM, DXE, and SMM drivers. Protocols and PPIs # publish all services. # NONE - Build PEIM, DXE, and SMM drivers. Protocols and PPIs # publish no services. Used to verify compiler/linker # optimizations are working correctly. # MIN_PEI - Build PEIM with PPI that publishes minimum required # services. # MIN_DXE_MIN_SMM - Build DXE and SMM drivers with Protocols that publish # minimum required services. # TARGET_UNIT_TESTS - Build target-based unit tests # DEFINE CRYPTO_SERVICES = ALL !if $(CRYPTO_SERVICES) IN "ALL NONE MIN_PEI MIN_DXE_MIN_SMM TARGET_UNIT_TESTS" !else !error CRYPTO_SERVICES must be set to one of ALL NONE MIN_PEI MIN_DXE_MIN_SMM TARGET_UNIT_TESTS. !endif # # Define different OUTPUT_DIRECTORY for each CRYPTO_SERVICES profile # !if $(CRYPTO_SERVICES) == ALL OUTPUT_DIRECTORY = Build/CryptoPkg/All !endif !if $(CRYPTO_SERVICES) == NONE OUTPUT_DIRECTORY = Build/CryptoPkg/None !endif !if $(CRYPTO_SERVICES) == MIN_PEI OUTPUT_DIRECTORY = Build/CryptoPkg/MinPei !endif !if $(CRYPTO_SERVICES) == MIN_DXE_MIN_SMM OUTPUT_DIRECTORY = Build/CryptoPkg/MinDxeMinSmm !endif !if $(CRYPTO_SERVICES) == TARGET_UNIT_TESTS OUTPUT_DIRECTORY = Build/CryptoPkg/TagetUnitTests !endif # # Define FILE_GUID names/values for CryptoPei, CryptopDxe, and CryptoSmm # drivers that are linked with different OpensslLib instances # DEFINE PEI_CRYPTO_GUID = C693A250-6B36-49B9-B7F3-7283F8136A72 DEFINE PEI_STD_GUID = EBD49F5C-6D8B-40D1-A56D-9AFA485A8661 DEFINE PEI_FULL_GUID = D51FCE59-6860-49C0-9B35-984470735D17 DEFINE PEI_STD_ACCEL_GUID = DCC9CB49-7BE2-47C6-864E-6DCC932360F9 DEFINE PEI_FULL_ACCEL_GUID = A10827AD-7598-4955-B661-52EE2B62B057 DEFINE DXE_CRYPTO_GUID = 31C17C54-325D-47D5-8622-888098F10E44 DEFINE DXE_STD_GUID = ADD6D05A-52A2-437B-98E7-DBFDA89352CD DEFINE DXE_FULL_GUID = AA83B296-F6EA-447F-B013-E80E98629CF8 DEFINE DXE_STD_ACCEL_GUID = 9FBDAD27-910C-4229-9EFF-A93BB5FE18C6 DEFINE DXE_FULL_ACCEL_GUID = 41A491D1-A972-468B-A299-DABF415A43B7 DEFINE SMM_CRYPTO_GUID = 1A1C9E13-5722-4636-AB73-31328EDE8BAF DEFINE SMM_STD_GUID = E4D7D1E3-E886-4412-A442-EFD6F2502DD3 DEFINE SMM_FULL_GUID = 1930CE7E-6598-48ED-8AB1-EBE7E85EC254 DEFINE SMM_STD_ACCEL_GUID = 828959D3-CEA6-4B79-B1FC-5AFA0D7F2144 DEFINE SMM_FULL_ACCEL_GUID = C1760694-AB3A-4532-8C6D-52D8F86EB1AA DEFINE MM_STANDALONE_CRYPTO_GUID = 4E14BAAE-8AA0-4F28-B1F0-53215E4DEA81 DEFINE MM_STANDALONE_STD_GUID = FB88FFE8-C6E3-4752-8E85-0865DF7CDB1F DEFINE MM_STANDALONE_FULL_GUID = 4A6F4C6E-6207-4801-9706-B9429936A38C DEFINE MM_STANDALONE_STD_ACCEL_GUID = 9EF13BFA-912E-4589-8D6A-3ECCF1156B5E DEFINE MM_STANDALONE_FULL_ACCEL_GUID = 0A13116A-D6BF-4E4A-90DC-615C4C0A711D !if $(CRYPTO_SERVICES) == TARGET_UNIT_TESTS !include UnitTestFrameworkPkg/UnitTestFrameworkPkgTarget.dsc.inc !endif ################################################################################ # # Library Class section - list of all Library Classes needed by this Platform. # ################################################################################ !include MdePkg/MdeLibs.dsc.inc [LibraryClasses] BaseLib|MdePkg/Library/BaseLib/BaseLib.inf BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf RngLib|MdePkg/Library/BaseRngLibNull/BaseRngLibNull.inf PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebugLibReportStatusCode.inf DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf [LibraryClasses.IA32, LibraryClasses.X64, LibraryClasses.AARCH64] RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf [LibraryClasses.ARM, LibraryClasses.AARCH64] ArmLib|ArmPkg/Library/ArmLib/ArmBaseLib.inf [LibraryClasses.ARM] ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf [LibraryClasses.common.SEC] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf # StackCheckLib is not linked for SEC modules by default, this package can link it against its SEC modules NULL|MdePkg/Library/StackCheckLibNull/StackCheckLibNull.inf [LibraryClasses.common.PEIM] PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLib/PeiServicesTablePointerLib.inf PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAllocationLib.inf HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf [LibraryClasses.IA32.PEIM, LibraryClasses.X64.PEIM] PeiServicesTablePointerLib|MdePkg/Library/PeiServicesTablePointerLibIdt/PeiServicesTablePointerLibIdt.inf [LibraryClasses.common.DXE_DRIVER] UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf [LibraryClasses.common.DXE_SMM_DRIVER] UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf MmServicesTableLib|MdePkg/Library/MmServicesTableLib/MmServicesTableLib.inf MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf ReportStatusCodeLib|MdeModulePkg/Library/SmmReportStatusCodeLib/SmmReportStatusCodeLib.inf PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf [LibraryClasses.common.MM_STANDALONE] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf MmServicesTableLib|MdePkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLib.inf StandaloneMmDriverEntryPoint|MdePkg/Library/StandaloneMmDriverEntryPoint/StandaloneMmDriverEntryPoint.inf TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf MemoryAllocationLib|StandaloneMmPkg/Library/StandaloneMmMemoryAllocationLib/StandaloneMmMemoryAllocationLib.inf [LibraryClasses.common.UEFI_APPLICATION] UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseReportStatusCodeLibNull.inf PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf ################################################################################ # # Pcd Section - list of all EDK II PCD Entries defined by this Platform # ################################################################################ [PcdsFixedAtBuild] gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x0f gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000000 gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x06 # # For ALL and TARGET_UINT_TESTS profiles, enable all non-deprecated families # and services in PcdCryptoServiceFamilyEnable. # !if $(CRYPTO_SERVICES) IN "ALL TARGET_UINT_TESTS" [PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.GetContextSize | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Init | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcEncrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcDecrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Arc4.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.RsaPss.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY !endif # # Enable minimum set of families/services in PcdCryptoServiceFamilyEnable # required by typical PEI phase. # !if $(CRYPTO_SERVICES) == MIN_PEI [PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha512.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sm3.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pkcs1Verify | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.New | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Free | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.SetKey | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs5HashPassword | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.GetContextSize | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Init | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcEncrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcDecrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY !endif # # Enable minimum set of families/services in PcdCryptoServiceFamilyEnable # required by typical DXE and SMM phases. # !if $(CRYPTO_SERVICES) == MIN_DXE_MIN_SMM [PcdsFixedAtBuild] gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs1v2Encrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs5HashPassword | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs7Verify | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.VerifyEKUsInPkcs7Signature | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs7GetSigners | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.Pkcs7FreeSigners | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.AuthenticodeVerify | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Random.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Pkcs1Verify | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.New | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.Free | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.SetKey | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Rsa.Services.GetPublicKeyFromX509 | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Services.HashAll | FALSE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.GetSubjectName | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.GetCommonName | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.GetOrganizationName | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.X509.Services.GetTBSCert | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.GetContextSize | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.Init | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcEncrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Aes.Services.CbcDecrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Services.Encrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Services.Decrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Hkdf.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY !endif ################################################################################################### # # Components Section - list of the modules and components that will be processed by compilation # tools and the EDK II tools to generate PE32/PE32+/Coff image files. # # Note: The EDK II DSC file is not used to specify how compiled binary images get placed # into firmware volume images. This section is just a list of modules to compile from # source into UEFI-compliant binaries. # It is the FDF file that contains information on combining binary files into firmware # volume images, whose concept is beyond UEFI and is described in PI specification. # Binary modules do not need to be listed in this section, as they should be # specified in the FDF file. For example: Shell binary (Shell_Full.efi), FAT binary (Fat.efi), # Logo (Logo.bmp), and etc. # There may also be modules listed in this section that are not required in the FDF file, # When a module listed here is excluded from FDF file, then UEFI-compliant binary will be # generated for it, but the binary will not be put into any firmware volume. # ################################################################################################### # # If profile is TARGET_UNIT_TESTS, then build target-based unit tests # using the OpensslLib, BaseCryptLib, and TlsLib with the largest set of # available services. # !if $(CRYPTO_SERVICES) == TARGET_UNIT_TESTS [Components.IA32, Components.X64, Components.ARM, Components.AARCH64] # # Target based unit tests # CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf { OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf MSFT:*_*_*_DLINK_FLAGS = /ALIGN:4096 /FILEALIGN:4096 /SUBSYSTEM:CONSOLE MSFT:DEBUG_*_*_DLINK_FLAGS = /EXPORT:InitializeDriver=$(IMAGE_ENTRY_POINT) /BASE:0x10000 MSFT:DEBUG_*_*_DLINK_FLAGS = /EXPORT:InitializeDriver=$(IMAGE_ENTRY_POINT) /BASE:0x10000 MSFT:NOOPT_*_*_DLINK_FLAGS = /EXPORT:InitializeDriver=$(IMAGE_ENTRY_POINT) /BASE:0x10000 } [Components.IA32, Components.X64, Components.AARCH64] CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf { FILE_GUID = B91B9A95-4D52-4501-A98F-A1711C14ED93 OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf MSFT:*_*_*_DLINK_FLAGS = /ALIGN:4096 /FILEALIGN:4096 /SUBSYSTEM:CONSOLE MSFT:DEBUG_*_*_DLINK_FLAGS = /EXPORT:InitializeDriver=$(IMAGE_ENTRY_POINT) /BASE:0x10000 MSFT:DEBUG_*_*_DLINK_FLAGS = /EXPORT:InitializeDriver=$(IMAGE_ENTRY_POINT) /BASE:0x10000 MSFT:NOOPT_*_*_DLINK_FLAGS = /EXPORT:InitializeDriver=$(IMAGE_ENTRY_POINT) /BASE:0x10000 } [Components.RISCV64] CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf { OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf } !endif # # If profile is ALL, then do verification build of all library instances. # !if $(CRYPTO_SERVICES) == ALL [Components] # # Build verification of all library instances # CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.inf CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf CryptoPkg/Library/BaseCryptLibMbedTls/TestBaseCryptLib.inf CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf CryptoPkg/Library/MbedTlsLib/MbedTlsLibFull.inf CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf CryptoPkg/Library/TlsLib/TlsLib.inf CryptoPkg/Library/TlsLibNull/TlsLibNull.inf CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf CryptoPkg/Library/OpensslLib/OpensslLib.inf CryptoPkg/Library/OpensslLib/OpensslLibFull.inf CryptoPkg/Library/OpensslLib/OpensslLibSm3.inf CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf CryptoPkg/Library/BaseCryptLibOnProtocolPpi/PeiCryptLib.inf CryptoPkg/Library/BaseCryptLibOnProtocolPpi/DxeCryptLib.inf CryptoPkg/Library/BaseCryptLibOnProtocolPpi/SmmCryptLib.inf CryptoPkg/Library/BaseCryptLibOnProtocolPpi/StandaloneMmCryptLib.inf # # Build verification of target-based unit tests # CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf { UnitTestLib|UnitTestFrameworkPkg/Library/UnitTestLib/UnitTestLib.inf UnitTestPersistenceLib|UnitTestFrameworkPkg/Library/UnitTestPersistenceLibNull/UnitTestPersistenceLibNull.inf UnitTestResultReportLib|UnitTestFrameworkPkg/Library/UnitTestResultReportLib/UnitTestResultReportLibConOut.inf OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf } [Components.IA32, Components.X64, Components.AARCH64] # # Build verification of IA32/X64/AARCH64 specific libraries # CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf !endif # # If profile is ALL or NONE or MIN_PEI, then build CryptoPei with all supported # OpensslLib instances. # !if $(CRYPTO_SERVICES) in "ALL NONE MIN_PEI" [Components] # # CryptoPei with OpensslLib instance without SSL or EC services # CryptoPkg/Driver/CryptoPei.inf { FILE_GUID = $(PEI_CRYPTO_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf } # # CryptoPei with OpensslLib instance without EC services # CryptoPkg/Driver/CryptoPei.inf { FILE_GUID = $(PEI_STD_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf } [Components.IA32, Components.X64, Components.ARM, Components.AARCH64] # # CryptoPei with OpensslLib instance with all services # CryptoPkg/Driver/CryptoPei.inf { FILE_GUID = $(PEI_FULL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf } [Components.IA32, Components.X64, Components.AARCH64] # # CryptoPei with IA32/X64/AARCH64 performance optimized OpensslLib instance without EC services # IA32/X64 assembly optimizations required larger alignments # CryptoPkg/Driver/CryptoPei.inf { FILE_GUID = $(PEI_STD_ACCEL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:64 MSFT:*_*_X64_DLINK_FLAGS = /ALIGN:256 } # # CryptoPei with IA32/X64/AARCH64 performance optimized OpensslLib instance all services # IA32/X64 assembly optimizations required larger alignments # CryptoPkg/Driver/CryptoPei.inf { FILE_GUID = $(PEI_FULL_ACCEL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:4096 MSFT:*_*_X64_DLINK_FLAGS = /ALIGN:4096 } !endif # # If profile is ALL or NONE or MIN_DXE_MIN_SMM, then build CryptoDxe and # CryptoSmm using all supported OpensslLib instances. # !if $(CRYPTO_SERVICES) in "ALL NONE MIN_DXE_MIN_SMM" [Components] # # CryptoDxe with OpensslLib instance with no SSL or EC services # CryptoPkg/Driver/CryptoDxe.inf { FILE_GUID = $(DXE_CRYPTO_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf } # # CryptoDxe with OpensslLib instance with no EC services # CryptoPkg/Driver/CryptoDxe.inf { FILE_GUID = $(DXE_STD_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf } [Components.IA32, Components.X64, Components.ARM, Components.AARCH64] # # CryptoDxe with OpensslLib instance with all services # CryptoPkg/Driver/CryptoDxe.inf { FILE_GUID = $(DXE_FULL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf } [Components.IA32, Components.X64, Components.AARCH64] # # CryptoDxe with IA32/X64/AARCH64 performance optimized OpensslLib instance with no EC services # with TLS feature enabled. # IA32/X64 assembly optimizations required larger alignments # CryptoPkg/Driver/CryptoDxe.inf { FILE_GUID = $(DXE_STD_ACCEL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:64 MSFT:*_*_X64_DLINK_FLAGS = /ALIGN:256 } # # CryptoDxe with IA32/X64/AARCH64 performance optimized OpensslLib instance with all services. # IA32/X64 assembly optimizations required larger alignments # CryptoPkg/Driver/CryptoDxe.inf { FILE_GUID = $(DXE_FULL_ACCEL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:4096 MSFT:*_*_X64_DLINK_FLAGS = /ALIGN:4096 } # # CryptoSmm with OpensslLib instance with no SSL or EC services # CryptoPkg/Driver/CryptoSmm.inf { FILE_GUID = $(SMM_CRYPTO_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf } # # CryptoSmm with OpensslLib instance with no SSL services # CryptoPkg/Driver/CryptoSmm.inf { FILE_GUID = $(SMM_STD_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf } # # CryptoSmm with OpensslLib instance with no all services # CryptoPkg/Driver/CryptoSmm.inf { FILE_GUID = $(SMM_FULL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf } # # CryptoSmm with IA32/X64/AARCH64 performance optimized OpensslLib instance with no EC services # IA32/X64 assembly optimizations required larger alignments # CryptoPkg/Driver/CryptoSmm.inf { FILE_GUID = $(SMM_STD_ACCEL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:64 MSFT:*_*_X64_DLINK_FLAGS = /ALIGN:256 } # # CryptoSmm with IA32/X64/AARCH64 performance optimized OpensslLib instance with all services # IA32/X64 assembly optimizations required larger alignments # CryptoPkg/Driver/CryptoSmm.inf { FILE_GUID = $(SMM_FULL_ACCEL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:4096 MSFT:*_*_X64_DLINK_FLAGS = /ALIGN:4096 } # # CryptoStandaloneMm with OpensslLib instance with no SSL or EC services # CryptoPkg/Driver/CryptoStandaloneMm.inf { FILE_GUID = $(MM_STANDALONE_CRYPTO_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf } # # CryptoStandaloneMm with OpensslLib instance with no SSL services # CryptoPkg/Driver/CryptoStandaloneMm.inf { FILE_GUID = $(MM_STANDALONE_STD_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf } # # CryptoStandaloneMm with OpensslLib instance with no all services # CryptoPkg/Driver/CryptoStandaloneMm.inf { FILE_GUID = $(MM_STANDALONE_FULL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFull.inf } # # CryptoStandaloneMm with IA32/X64/AARCH64 performance optimized OpensslLib instance with no EC services # IA32/X64 assembly optimizations required larger alignments # CryptoPkg/Driver/CryptoStandaloneMm.inf { FILE_GUID = $(MM_STANDALONE_STD_ACCEL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibAccel.inf MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:64 MSFT:*_*_X64_DLINK_FLAGS = /ALIGN:256 } # # CryptoStandaloneMm with IA32/X64/AARCH64 performance optimized OpensslLib instance with all services # IA32/X64 assembly optimizations required larger alignments # CryptoPkg/Driver/CryptoStandaloneMm.inf { FILE_GUID = $(MM_STANDALONE_FULL_ACCEL_GUID) OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibFullAccel.inf MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:4096 MSFT:*_*_X64_DLINK_FLAGS = /ALIGN:4096 } !endif [BuildOptions] RELEASE_*_*_CC_FLAGS = -DMDEPKG_NDEBUG *_*_*_CC_FLAGS = -D DISABLE_NEW_DEPRECATED_INTERFACES