# CryptoSMM

## Index
0190

## Size
154A4h (87,204 bytes)

## Phase
DXE SMM (System Management Mode driver)

## Source Package
AmiCryptoPkg/CryptoProtocols

## Overview
CryptoSMM is an SMM driver that provides cryptographic services within System Management Mode. It implements SMM-safe versions of cryptographic operations including PKCS7 signature verification, certificate parsing, hashing, and encryption/decryption. This is a substantial driver (87 KB) that embeds significant portions of a crypto library (likely OpenSSL-derived) to enable trusted boot, secure firmware update verification, and measured boot operations within the SMM sandbox.

## Key Functions
- **ModuleEntryPoint** (0x4D0): Entry point; initializes the crypto protocol provider in SMM and installs the crypto protocol interface.
- **sub_584 (21 callees)**: Main crypto library initialization; sets up ASN.1/DER parsing context, PKCS7 verification state, and BIGNUM resources.
- **sub_15FC (7 callees)**: Crypto protocol implementation; wraps internal crypto functions into UEFI protocol-compatible interfaces for SMM callers.
- **sub_1780**: Crypto service cleanup and resource release on termination.

## Strings
- PKCS7 ASN.1 parsing: "Expected SEQUENCE (AlgorithmIdentifier)", "Expected SEQUENCE (AttributeTypeAndValue)"
- "No INTEGER tag found for version field"
- BIGNUM debug: "BIGNUM: %a failed"
- Large string table (382 total strings) indicating embedded crypto library data
- Build path: `AmiCryptoPkg\CryptoProtocols\CryptoSMM`

## Platform
Intel Purley (HR650X server platform)