* [PATCH 0/2] CryptoPkg: Add BigNum support
@ 2022-01-29 22:09 yi1 li
2022-01-29 22:09 ` [PATCH 1/2] " yi1 li
2022-01-29 22:09 ` [PATCH 2/2] CryptoPkg: Add BigNum NullLib yi1 li
0 siblings, 2 replies; 7+ messages in thread
From: yi1 li @ 2022-01-29 22:09 UTC (permalink / raw)
To: devel; +Cc: yi1 li
This patch series is used to add CryptBn library, which is wrapped
over OpenSSL. The implementation provides CryptBn library functions
for EFI BaseCrypt protocol and EFI BaseCrypt Configuration Protocol.
yi1 li (2):
CryptoPkg: Add BigNum support
CryptoPkg: Add BigNum NullLib
CryptoPkg/CryptoPkg.dsc | 1 +
CryptoPkg/Driver/Crypto.c | 522 ++++++++++++++-
CryptoPkg/Include/Library/BaseCryptLib.h | 423 +++++++++++++
.../Pcd/PcdCryptoServiceFamilyEnable.h | 30 +
.../Library/BaseCryptLib/BaseCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c | 594 ++++++++++++++++++
.../Library/BaseCryptLib/Bn/CryptBnNull.c | 525 ++++++++++++++++
.../Library/BaseCryptLib/PeiCryptLib.inf | 1 +
.../Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
.../BaseCryptLibNull/BaseCryptLibNull.inf | 1 +
.../Library/BaseCryptLibNull/Bn/CryptBnNull.c | 525 ++++++++++++++++
.../BaseCryptLibOnProtocolPpi/CryptLib.c | 497 +++++++++++++++
CryptoPkg/Private/Protocol/Crypto.h | 434 +++++++++++++
13 files changed, 3554 insertions(+), 2 deletions(-)
create mode 100644 CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c
create mode 100644 CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
--
2.33.0.windows.2
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 1/2] CryptoPkg: Add BigNum support
2022-01-29 22:09 [PATCH 0/2] CryptoPkg: Add BigNum support yi1 li
@ 2022-01-29 22:09 ` yi1 li
2022-01-29 22:09 ` [PATCH 2/2] CryptoPkg: Add BigNum NullLib yi1 li
1 sibling, 0 replies; 7+ messages in thread
From: yi1 li @ 2022-01-29 22:09 UTC (permalink / raw)
To: devel; +Cc: yi1 li, Jiewen Yao, Jian J Wang, Xiaoyu Lu, Guomin Jiang
This patch is used to add CryptBn library, which is wrapped
over OpenSSL. The implementation provides CryptBn library functions
for EFI BaseCrypt protocol and EFI BaseCrypt Configuration Protocol.
Signed-off-by: yi1 li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
---
CryptoPkg/CryptoPkg.dsc | 1 +
CryptoPkg/Driver/Crypto.c | 522 ++++++++++++++-
CryptoPkg/Include/Library/BaseCryptLib.h | 423 +++++++++++++
.../Pcd/PcdCryptoServiceFamilyEnable.h | 30 +
.../Library/BaseCryptLib/BaseCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c | 594 ++++++++++++++++++
.../Library/BaseCryptLib/PeiCryptLib.inf | 1 +
.../Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
.../BaseCryptLibOnProtocolPpi/CryptLib.c | 497 +++++++++++++++
CryptoPkg/Private/Protocol/Crypto.h | 434 +++++++++++++
10 files changed, 2503 insertions(+), 2 deletions(-)
create mode 100644 CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c
diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
index 0aa72ed87846..4b14db884078 100644
--- a/CryptoPkg/CryptoPkg.dsc
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -165,6 +165,7 @@
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
+ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
!endif
!if $(CRYPTO_SERVICES) == MIN_PEI
diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index d5d6aa8e5820..a5b3a2f46fbb 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -4470,6 +4470,499 @@ CryptoServiceTlsGetCertRevocationList (
return CALL_BASECRYPTLIB (TlsGet.Services.CertRevocationList, TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED);
}
+/**
+ Allocate new Big Number.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+CryptoServiceBigNumInit (
+ VOID
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.Init, BigNumInit, (), NULL);
+}
+
+/**
+ Allocate new Big Number and assign the provided value to it.
+
+ @param[in] Buf Big endian encoded buffer.
+ @param[in] Len Buffer length.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+CryptoServiceBigNumFromBin (
+ IN CONST UINT8 *Buf,
+ IN UINTN Len
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.FromBin, BigNumFromBin, (Buf, Len), NULL);
+}
+
+/**
+ Convert the absolute value of Bn into big-endian form and store it at Buf.
+ The Buf array should have at least BigNumBytes() in it.
+
+ @param[in] Bn Big number to convert.
+ @param[out] Buf Output buffer.
+
+ @retval The length of the big-endian number placed at Buf or -1 on error.
+**/
+INTN
+EFIAPI
+CryptoServiceBigNumToBin (
+ IN VOID *Bn,
+ OUT UINT8 *Buf
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.ToBin, BigNumToBin, (Bn, Buf), -1);
+}
+
+/**
+ Free the Big Number.
+
+ @param[in] Bn Big number to free.
+ @param[in] Clear TRUE if the buffer should be cleared.
+**/
+VOID
+EFIAPI
+CryptoServiceBigNumFree (
+ IN VOID *Bn,
+ IN BOOLEAN Clear
+ )
+{
+ CALL_VOID_BASECRYPTLIB (Bn.Services.Free, BigNumFree, (Bn, Clear));
+}
+
+/**
+ Calculate the sum of two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA + BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumAdd (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.Add, BigNumAdd, (BnA, BnB, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Subtract two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA - BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumSub (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.Sub, BigNumSub, (BnA, BnB, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Calculate remainder: BnRes = BnA % BnB.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA % BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.Mod, BigNumMod, (BnA, BnB, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Compute BnA to the BnP-th power modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized.
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnP Big number (power).
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result of (BnA ^ BnP) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumExpMod (
+ IN VOID *BnA,
+ IN VOID *BnP,
+ IN VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.ExpMod, BigNumExpMod, (BnA, BnP, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Compute BnA inverse modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumInverseMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.InverseMod, BigNumInverseMod, (BnA, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Divide two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that BnA / BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumDiv (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.Div, BigNumDiv, (BnA, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Multiply two Big Numbers modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumMulMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.MulMod, BigNumMulMod, (BnA, BnB, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Compare two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+
+ @retval 0 BnA == BnB.
+ @retval 1 BnA > BnB.
+ @retval -1 BnA < BnB.
+**/
+INTN
+EFIAPI
+CryptoServiceBigNumCmp (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.Cmp, BigNumCmp, (BnA, BnB), 0);
+}
+
+/**
+ Get number of bits in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bits.
+**/
+UINTN
+EFIAPI
+CryptoServiceBigNumBits (
+ IN CONST VOID *Bn
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.Bits, BigNumBits, (Bn), 0);
+}
+
+/**
+ Get number of bytes in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bytes.
+**/
+UINTN
+EFIAPI
+CryptoServiceBigNumBytes (
+ IN CONST VOID *Bn
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.Bytes, BigNumBytes, (Bn), 0);
+}
+
+/**
+ Checks if Big Number equals to the given Num.
+
+ @param[in] Bn Big number.
+ @param[in] Num Number.
+
+ @retval TRUE iff Bn == Num.
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+CryptoServiceBigNumIsWord (
+ IN CONST VOID *Bn,
+ IN UINTN Num
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.IsWord, BigNumIsWord, (Bn, Num), FALSE);
+}
+
+/**
+ Checks if Big Number is odd.
+
+ @param[in] Bn Big number.
+
+ @retval TRUE Bn is odd (Bn % 2 == 1).
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+CryptoServiceBigNumIsOdd (
+ IN CONST VOID *Bn
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.IsOdd, BigNumIsOdd, (Bn), FALSE);
+}
+
+/**
+ Copy Big number.
+
+ @param[out] BnDst Destination.
+ @param[in] BnSrc Source.
+
+ @retval BnDst on success.
+ @retval NULL otherwise.
+**/
+VOID *
+EFIAPI
+CryptoServiceBigNumCopy (
+ OUT VOID *BnDst,
+ IN CONST VOID *BnSrc
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.Copy, BigNumCopy, (BnDst, BnSrc), NULL);
+}
+
+/**
+ Get constant Big number with value of "1".
+ This may be used to save expensive allocations.
+
+ @retval Big Number with value of 1.
+**/
+CONST VOID *
+EFIAPI
+CryptoServiceBigNumValueOne (
+ VOID
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.ValueOne, BigNumValueOne, (), NULL);
+}
+
+/**
+ Shift right Big Number.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] Bn Big number.
+ @param[in] n Number of bits to shift.
+ @param[out] BnRes The result.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumRShift (
+ IN CONST VOID *Bn,
+ IN UINTN n,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.RShift, BigNumRShift, (Bn, n, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Mark Big Number for constant time computations.
+ This function should be called before any constant time computations are
+ performed on the given Big number.
+
+ @param[in] Bn Big number.
+**/
+VOID
+EFIAPI
+CryptoServiceBigNumConsttime (
+ IN VOID *Bn
+ )
+{
+ CALL_VOID_BASECRYPTLIB (Bn.Services.Consttime, BigNumConsttime, (Bn));
+}
+
+/**
+ Calculate square modulo.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumSqrMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.SqrMod, BigNumSqrMod, (BnA, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Create new Big Number computation context. This is an opaque structure
+ which should be passed to any function that requires it. The BN context is
+ needed to optimize calculations and expensive allocations.
+
+ @retval Big Number context struct or NULL on failure.
+**/
+VOID *
+EFIAPI
+CryptoServiceBigNumNewContext (
+ VOID
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.NewContext, BigNumNewContext, (), NULL);
+}
+
+/**
+ Free Big Number context that was allocated with BigNumNewContext().
+
+ @param[in] BnCtx Big number context to free.
+**/
+VOID
+EFIAPI
+CryptoServiceBigNumContextFree (
+ IN VOID *BnCtx
+ )
+{
+ CALL_VOID_BASECRYPTLIB (Bn.Services.ContextFree, BigNumContextFree, (BnCtx));
+}
+
+/**
+ Set Big Number to a given value.
+
+ @param[in] Bn Big number to set.
+ @param[in] Val Value to set.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumSetUint (
+ IN VOID *Bn,
+ IN UINTN Val
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.SetUint, BigNumSetUint, (Bn, Val), EFI_UNSUPPORTED);
+}
+
+/**
+ Add two Big Numbers modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA + BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+CryptoServiceBigNumAddMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ return CALL_BASECRYPTLIB (Bn.Services.AddMod, BigNumAddMod, (BnA, BnB, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
/// Version
CryptoServiceGetCryptoVersion,
@@ -4670,5 +5163,32 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
CryptoServiceTlsGetCaCertificate,
CryptoServiceTlsGetHostPublicCert,
CryptoServiceTlsGetHostPrivateKey,
- CryptoServiceTlsGetCertRevocationList
+ CryptoServiceTlsGetCertRevocationList,
+
+ // Big Numbers
+ CryptoServiceBigNumInit,
+ CryptoServiceBigNumFromBin,
+ CryptoServiceBigNumToBin,
+ CryptoServiceBigNumFree,
+ CryptoServiceBigNumAdd,
+ CryptoServiceBigNumSub,
+ CryptoServiceBigNumMod,
+ CryptoServiceBigNumExpMod,
+ CryptoServiceBigNumInverseMod,
+ CryptoServiceBigNumDiv,
+ CryptoServiceBigNumMulMod,
+ CryptoServiceBigNumCmp,
+ CryptoServiceBigNumBits,
+ CryptoServiceBigNumBytes,
+ CryptoServiceBigNumIsWord,
+ CryptoServiceBigNumIsOdd,
+ CryptoServiceBigNumCopy,
+ CryptoServiceBigNumValueOne,
+ CryptoServiceBigNumRShift,
+ CryptoServiceBigNumConsttime,
+ CryptoServiceBigNumSqrMod,
+ CryptoServiceBigNumNewContext,
+ CryptoServiceBigNumContextFree,
+ CryptoServiceBigNumSetUint,
+ CryptoServiceBigNumAddMod,
};
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index f4bc7c0d73d9..d64ea5b3dd94 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -2403,4 +2403,427 @@ HkdfSha256ExtractAndExpand (
IN UINTN OutSize
);
+// =====================================================================================
+// Big number primitives
+// =====================================================================================
+
+/**
+ Allocate new Big Number.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumInit (
+ VOID
+ );
+
+/**
+ Allocate new Big Number and assign the provided value to it.
+
+ @param[in] Buf Big endian encoded buffer.
+ @param[in] Len Buffer length.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumFromBin (
+ IN CONST UINT8 *Buf,
+ IN UINTN Len
+ );
+
+/**
+ Convert the absolute value of Bn into big-endian form and store it at Buf.
+ The Buf array should have at least BigNumBytes() in it.
+
+ @param[in] Bn Big number to convert.
+ @param[out] Buf Output buffer.
+
+ @retval The length of the big-endian number placed at Buf or -1 on error.
+**/
+INTN
+EFIAPI
+BigNumToBin (
+ IN VOID *Bn,
+ OUT UINT8 *Buf
+ );
+
+/**
+ Free the Big Number.
+
+ @param[in] Bn Big number to free.
+ @param[in] Clear TRUE if the buffer should be cleared.
+**/
+VOID
+EFIAPI
+BigNumFree (
+ IN VOID *Bn,
+ IN BOOLEAN Clear
+ );
+
+/**
+ Calculate the sum of two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA + BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAdd (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ );
+
+/**
+ Subtract two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA - BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSub (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ );
+
+/**
+ Calculate remainder: BnRes = BnA % BnB.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA % BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ );
+
+/**
+ Compute BnA to the BnP-th power modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnP Big number (power).
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result of (BnA ^ BnP) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumExpMod (
+ IN VOID *BnA,
+ IN VOID *BnP,
+ IN VOID *BnM,
+ OUT VOID *BnRes
+ );
+
+/**
+ Compute BnA inverse modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumInverseMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ );
+
+/**
+ Divide two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that BnA / BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumDiv (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ );
+
+/**
+ Multiply two Big Numbers modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMulMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ );
+
+/**
+ Compare two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+
+ @retval 0 BnA == BnB.
+ @retval 1 BnA > BnB.
+ @retval -1 BnA < BnB.
+**/
+INTN
+EFIAPI
+BigNumCmp (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB
+ );
+
+/**
+ Get number of bits in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bits.
+**/
+
+UINTN
+EFIAPI
+BigNumBits (
+ IN CONST VOID *Bn
+ );
+
+/**
+ Get number of bytes in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bytes.
+**/
+UINTN
+EFIAPI
+BigNumBytes (
+ IN CONST VOID *Bn
+ );
+
+/**
+ Checks if Big Number equals to the given Num.
+
+ @param[in] Bn Big number.
+ @param[in] Num Number.
+
+ @retval TRUE iff Bn == Num.
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsWord (
+ IN CONST VOID *Bn,
+ IN UINTN Num
+ );
+
+/**
+ Checks if Big Number is odd.
+
+ @param[in] Bn Big number.
+
+ @retval TRUE Bn is odd (Bn % 2 == 1).
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsOdd (
+ IN CONST VOID *Bn
+ );
+
+/**
+ Copy Big number.
+
+ @param[out] BnDst Destination.
+ @param[in] BnSrc Source.
+
+ @retval BnDst on success.
+ @retval NULL otherwise.
+**/
+VOID *
+EFIAPI
+BigNumCopy (
+ OUT VOID *BnDst,
+ IN CONST VOID *BnSrc
+ );
+
+/**
+ Get constant Big number with value of "1".
+ This may be used to save expensive allocations.
+
+ @retval Big Number with value of 1.
+**/
+CONST VOID *
+EFIAPI
+BigNumValueOne (
+ VOID
+ );
+
+/**
+ Shift right Big Number.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] Bn Big number.
+ @param[in] n Number of bits to shift.
+ @param[out] BnRes The result.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumRShift (
+ IN CONST VOID *Bn,
+ IN UINTN n,
+ OUT VOID *BnRes
+ );
+
+/**
+ Mark Big Number for constant time computations.
+ This function should be called before any constant time computations are
+ performed on the given Big number.
+
+ @param[in] Bn Big number.
+**/
+VOID
+EFIAPI
+BigNumConsttime (
+ IN VOID *Bn
+ );
+
+/**
+ Calculate square modulo.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSqrMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ );
+
+/**
+ Create new Big Number computation context. This is an opaque structure
+ which should be passed to any function that requires it. The BN context is
+ needed to optimize calculations and expensive allocations.
+
+ @retval Big Number context struct or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumNewContext (
+ VOID
+ );
+
+/**
+ Free Big Number context that was allocated with BigNumNewContext().
+
+ @param[in] BnCtx Big number context to free.
+**/
+VOID
+EFIAPI
+BigNumContextFree (
+ IN VOID *BnCtx
+ );
+
+/**
+ Set Big Number to a given value.
+
+ @param[in] Bn Big number to set.
+ @param[in] Val Value to set.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSetUint (
+ IN VOID *Bn,
+ IN UINTN Val
+ );
+
+/**
+ Add two Big Numbers modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA + BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAddMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ );
+
#endif // __BASE_CRYPT_LIB_H__
diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
index 5186a54759ae..31b4728167de 100644
--- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
+++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
@@ -288,6 +288,36 @@ typedef struct {
} Services;
UINT32 Family;
} TlsGet;
+ union {
+ struct {
+ UINT8 Init : 1;
+ UINT8 FromBin : 1;
+ UINT8 ToBin : 1;
+ UINT8 Free : 1;
+ UINT8 Add : 1;
+ UINT8 Sub : 1;
+ UINT8 Mod : 1;
+ UINT8 ExpMod : 1;
+ UINT8 InverseMod : 1;
+ UINT8 Div : 1;
+ UINT8 MulMod : 1;
+ UINT8 Cmp : 1;
+ UINT8 Bits : 1;
+ UINT8 Bytes : 1;
+ UINT8 IsWord : 1;
+ UINT8 IsOdd : 1;
+ UINT8 Copy : 1;
+ UINT8 ValueOne : 1;
+ UINT8 RShift : 1;
+ UINT8 Consttime : 1;
+ UINT8 SqrMod : 1;
+ UINT8 NewContext : 1;
+ UINT8 ContextFree : 1;
+ UINT8 SetUint : 1;
+ UINT8 AddMod : 1;
+ } Services;
+ UINT32 Family;
+ } Bn;
} PCD_CRYPTO_SERVICE_FAMILY_ENABLE;
#endif
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 49703fa4c963..3c3564197ee7 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -52,6 +52,7 @@
Pk/CryptRsaPss.c
Pk/CryptRsaPssSign.c
Pem/CryptPem.c
+ Bn/CryptBn.c
SysCall/CrtWrapper.c
SysCall/TimerWrapper.c
diff --git a/CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c
new file mode 100644
index 000000000000..2e9f1cbea67f
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c
@@ -0,0 +1,594 @@
+/** @file Big number API implementation based on OpenSSL
+
+ Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Base.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/BaseCryptLib.h>
+#include <Library/DebugLib.h>
+#include <Library/PcdLib.h>
+#include <openssl/bn.h>
+
+/**
+ Allocate new Big Number.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumInit (
+ VOID
+ )
+{
+ return BN_new ();
+}
+
+/**
+ Allocate new Big Number and assign the provided value to it.
+
+ @param[in] Buf Big endian encoded buffer.
+ @param[in] Len Buffer length.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumFromBin (
+ IN CONST UINT8 *Buf,
+ IN UINTN Len
+ )
+{
+ return BN_bin2bn (Buf, (int)Len, NULL);
+}
+
+/**
+ Convert the absolute value of Bn into big-endian form and store it at Buf.
+ The Buf array should have at least BigNumBytes() in it.
+
+ @param[in] Bn Big number to convert.
+ @param[out] Buf Output buffer.
+
+ @retval The length of the big-endian number placed at Buf or -1 on error.
+**/
+INTN
+EFIAPI
+BigNumToBin (
+ IN VOID *Bn,
+ OUT UINT8 *Buf
+ )
+{
+ return BN_bn2bin (Bn, Buf);
+}
+
+/**
+ Free the Big Number.
+
+ @param[in] Bn Big number to free.
+ @param[in] Clear TRUE if the buffer should be cleared.
+**/
+VOID
+EFIAPI
+BigNumFree (
+ IN VOID *Bn,
+ IN BOOLEAN Clear
+ )
+{
+ if (Clear) {
+ BN_clear_free (Bn);
+ } else {
+ BN_free (Bn);
+ }
+}
+
+/**
+ Calculate the sum of two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA + BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAdd (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ return BN_add (BnRes, BnA, BnB) ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
+
+/**
+ Subtract two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA - BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSub (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ return BN_sub (BnRes, BnA, BnB) ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
+
+/**
+ Calculate remainder: BnRes = BnA % BnB.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA % BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ int Res;
+ BN_CTX *Bnctx;
+
+ Bnctx = BN_CTX_new ();
+ if (!Bnctx) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ Res = BN_mod (BnRes, BnA, BnB, Bnctx);
+ BN_CTX_free (Bnctx);
+
+ return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
+
+/**
+ Compute BnA to the BnP-th power modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnP Big number (power).
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result of (BnA ^ BnP) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumExpMod (
+ IN VOID *BnA,
+ IN VOID *BnP,
+ IN VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ int Res;
+ BN_CTX *Bnctx;
+
+ Bnctx = BN_CTX_new ();
+ if (!Bnctx) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ Res = BN_mod_exp (BnRes, BnA, BnP, BnM, Bnctx);
+ BN_CTX_free (Bnctx);
+
+ return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
+
+/**
+ Compute BnA inverse modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumInverseMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ BIGNUM *Res;
+ BN_CTX *Bnctx;
+
+ Bnctx = BN_CTX_new ();
+ if (!Bnctx) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ Res = BN_mod_inverse (BnRes, BnA, BnM, Bnctx);
+ BN_CTX_free (Bnctx);
+
+ return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
+
+/**
+ Divide two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that BnA / BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumDiv (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ int Res;
+ BN_CTX *Bnctx;
+
+ Bnctx = BN_CTX_new ();
+ if (!Bnctx) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ Res = BN_div (BnRes, NULL, BnA, BnM, Bnctx);
+ BN_CTX_free (Bnctx);
+
+ return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
+
+/**
+ Multiply two Big Numbers modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMulMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ int Res;
+ BN_CTX *Bnctx;
+
+ Bnctx = BN_CTX_new ();
+ if (!Bnctx) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ Res = BN_mod_mul (BnRes, BnA, BnB, BnM, Bnctx);
+ BN_CTX_free (Bnctx);
+
+ return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
+
+/**
+ Compare two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+
+ @retval 0 BnA == BnB.
+ @retval 1 BnA > BnB.
+ @retval -1 BnA < BnB.
+**/
+INTN
+EFIAPI
+BigNumCmp (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB
+ )
+{
+ return BN_cmp (BnA, BnB);
+}
+
+/**
+ Get number of bits in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bits.
+**/
+UINTN
+EFIAPI
+BigNumBits (
+ IN CONST VOID *Bn
+ )
+{
+ return BN_num_bits (Bn);
+}
+
+/**
+ Get number of bytes in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bytes.
+**/
+UINTN
+EFIAPI
+BigNumBytes (
+ IN CONST VOID *Bn
+ )
+{
+ return BN_num_bytes (Bn);
+}
+
+/**
+ Checks if Big Number equals to the given Num.
+
+ @param[in] Bn Big number.
+ @param[in] Num Number.
+
+ @retval TRUE iff Bn == Num.
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsWord (
+ IN CONST VOID *Bn,
+ IN UINTN Num
+ )
+{
+ return !!BN_is_word (Bn, Num);
+}
+
+/**
+ Checks if Big Number is odd.
+
+ @param[in] Bn Big number.
+
+ @retval TRUE Bn is odd (Bn % 2 == 1).
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsOdd (
+ IN CONST VOID *Bn
+ )
+{
+ return !!BN_is_odd (Bn);
+}
+
+/**
+ Copy Big number.
+
+ @param[out] BnDst Destination.
+ @param[in] BnSrc Source.
+
+ @retval BnDst on success.
+ @retval NULL otherwise.
+**/
+VOID *
+EFIAPI
+BigNumCopy (
+ OUT VOID *BnDst,
+ IN CONST VOID *BnSrc
+ )
+{
+ return BN_copy (BnDst, BnSrc);
+}
+
+/**
+ Get constant Big number with value of "1".
+ This may be used to save expensive allocations.
+
+ @retval Big Number with value of 1.
+**/
+CONST VOID *
+EFIAPI
+BigNumValueOne (
+ VOID
+ )
+{
+ return BN_value_one ();
+}
+
+/**
+ Shift right Big Number.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] Bn Big number.
+ @param[in] n Number of bits to shift.
+ @param[out] BnRes The result.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumRShift (
+ IN CONST VOID *Bn,
+ IN UINTN n,
+ OUT VOID *BnRes
+ )
+{
+ // BN_rshift() does not modify the first argument, so we remove const.
+ if (BN_rshift ((BIGNUM *)Bn, BnRes, (int)n) == 1) {
+ return EFI_SUCCESS;
+ } else {
+ return EFI_PROTOCOL_ERROR;
+ }
+}
+
+/**
+ Mark Big Number for constant time computations.
+ This function should be called before any constant time computations are
+ performed on the given Big number.
+
+ @param[in] Bn Big number
+**/
+VOID
+EFIAPI
+BigNumConsttime (
+ IN VOID *Bn
+ )
+{
+ BN_set_flags (Bn, BN_FLG_CONSTTIME);
+}
+
+/**
+ Calculate square modulo.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSqrMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ int Res;
+ BN_CTX *Ctx;
+
+ Ctx = BN_CTX_new ();
+ if (!Ctx) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ Res = BN_mod_sqr (BnRes, BnA, BnM, Ctx);
+ BN_CTX_free (Ctx);
+
+ return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
+
+/**
+ Create new Big Number computation context. This is an opaque structure
+ which should be passed to any function that requires it. The BN context is
+ needed to optimize calculations and expensive allocations.
+
+ @retval Big Number context struct or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumNewContext (
+ VOID
+ )
+{
+ return BN_CTX_new ();
+}
+
+/**
+ Free Big Number context that was allocated with BigNumNewContext().
+
+ @param[in] BnCtx Big number context to free.
+**/
+VOID
+EFIAPI
+BigNumContextFree (
+ IN VOID *BnCtx
+ )
+{
+ BN_CTX_free (BnCtx);
+}
+
+/**
+ Set Big Number to a given value.
+
+ @param[in] Bn Big number to set.
+ @param[in] Val Value to set.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSetUint (
+ IN VOID *Bn,
+ IN UINTN Val
+ )
+{
+ return BN_set_word (Bn, Val) == 1 ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
+
+/**
+ Add two Big Numbers modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA + BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAddMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ int Res;
+ BN_CTX *Bnctx;
+
+ Bnctx = BN_CTX_new ();
+ if (!Bnctx) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+
+ Res = BN_mod_add (BnRes, BnA, BnB, BnM, Bnctx);
+ BN_CTX_free (Bnctx);
+
+ return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index 0cab5f3ce36c..75d87afbdc03 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -59,6 +59,7 @@
Pk/CryptRsaPssSignNull.c
Pem/CryptPemNull.c
Rand/CryptRandNull.c
+ Bn/CryptBn.c
SysCall/CrtWrapper.c
SysCall/ConstantTimeClock.c
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index e6470d7a2127..420cef88efb1 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -56,7 +56,7 @@
Pk/CryptRsaPss.c
Pk/CryptRsaPssSignNull.c
Pem/CryptPem.c
-
+ Bn/CryptBn.c
SysCall/CrtWrapper.c
SysCall/ConstantTimeClock.c
SysCall/BaseMemAllocation.c
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index c8df259ea963..6c5025ff6a6a 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -3580,3 +3580,500 @@ TlsGetCertRevocationList (
{
CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), EFI_UNSUPPORTED);
}
+
+// =====================================================================================
+// Big number primitive
+// =====================================================================================
+
+/**
+ Allocate new Big Number.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumInit (
+ VOID
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumInit, (), NULL);
+}
+
+/**
+ Allocate new Big Number and assign the provided value to it.
+
+ @param[in] Buf Big endian encoded buffer.
+ @param[in] Len Buffer length.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumFromBin (
+ IN CONST UINT8 *Buf,
+ IN UINTN Len
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL);
+}
+
+/**
+ Convert the absolute value of Bn into big-endian form and store it at Buf.
+ The Buf array should have at least BigNumBytes() in it.
+
+ @param[in] Bn Big number to convert.
+ @param[out] Buf Output buffer.
+
+ @retval The length of the big-endian number placed at Buf or -1 on error.
+**/
+INTN
+EFIAPI
+BigNumToBin (
+ IN VOID *Bn,
+ OUT UINT8 *Buf
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1);
+}
+
+/**
+ Free the Big Number.
+
+ @param[in] Bn Big number to free.
+ @param[in] Clear TRUE if the buffer should be cleared.
+**/
+VOID
+EFIAPI
+BigNumFree (
+ IN VOID *Bn,
+ IN BOOLEAN Clear
+ )
+{
+ CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear));
+}
+
+/**
+ Calculate the sum of two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA + BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAdd (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Subtract two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA - BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSub (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Calculate remainder: BnRes = BnA % BnB
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA % BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Compute BnA to the BnP-th power modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnP Big number (power).
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result of (BnA ^ BnP) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumExpMod (
+ IN VOID *BnA,
+ IN VOID *BnP,
+ IN VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Compute BnA inverse modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumInverseMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Divide two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that BnA / BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumDiv (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Multiply two Big Numbers modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMulMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Compare two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+
+ @retval 0 BnA == BnB.
+ @retval 1 BnA > BnB.
+ @retval -1 BnA < BnB.
+**/
+INTN
+EFIAPI
+BigNumCmp (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0);
+}
+
+/**
+ Get number of bits in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bits.
+**/
+UINTN
+EFIAPI
+BigNumBits (
+ IN CONST VOID *Bn
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0);
+}
+
+/**
+ Get number of bytes in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bytes.
+**/
+UINTN
+EFIAPI
+BigNumBytes (
+ IN CONST VOID *Bn
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0);
+}
+
+/**
+ Checks if Big Number equals to the given Num.
+
+ @param[in] Bn Big number.
+ @param[in] Num Number.
+
+ @retval TRUE iff Bn == Num.
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsWord (
+ IN CONST VOID *Bn,
+ IN UINTN Num
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE);
+}
+
+/**
+ Checks if Big Number is odd.
+
+ @param[in] Bn Big number.
+
+ @retval TRUE Bn is odd (Bn % 2 == 1).
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsOdd (
+ IN CONST VOID *Bn
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE);
+}
+
+/**
+ Copy Big number.
+
+ @param[out] BnDst Destination.
+ @param[in] BnSrc Source.
+
+ @retval BnDst on success.
+ @retval NULL otherwise.
+**/
+VOID *
+EFIAPI
+BigNumCopy (
+ OUT VOID *BnDst,
+ IN CONST VOID *BnSrc
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL);
+}
+
+/**
+ Get constant Big number with value of "1".
+ This may be used to save expensive allocations.
+
+ @retval Big Number with value of 1.
+**/
+CONST VOID *
+EFIAPI
+BigNumValueOne (
+ VOID
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL);
+}
+
+/**
+ Shift right Big Number.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] Bn Big number.
+ @param[in] n Number of bits to shift.
+ @param[out] BnRes The result.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumRShift (
+ IN CONST VOID *Bn,
+ IN UINTN n,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, n, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Mark Big Number for constant time computations.
+ This function should be called before any constant time computations are
+ performed on the given Big number.
+
+ @param[in] Bn Big number.
+**/
+VOID
+EFIAPI
+BigNumConsttime (
+ IN VOID *Bn
+ )
+{
+ CALL_VOID_CRYPTO_SERVICE (BigNumConsttime, (Bn));
+}
+
+/**
+ Calculate square modulo.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSqrMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), EFI_UNSUPPORTED);
+}
+
+/**
+ Create new Big Number computation context. This is an opaque structure
+ which should be passed to any function that requires it. The BN context is
+ needed to optimize calculations and expensive allocations.
+
+ @retval Big Number context struct or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumNewContext (
+ VOID
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL);
+}
+
+/**
+ Free Big Number context that was allocated with BigNumNewContext().
+
+ @param[in] BnCtx Big number context to free.
+**/
+VOID
+EFIAPI
+BigNumContextFree (
+ IN VOID *BnCtx
+ )
+{
+ CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx));
+}
+
+/**
+ Set Big Number to a given value.
+
+ @param[in] Bn Big number to set.
+ @param[in] Val Value to set.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSetUint (
+ IN VOID *Bn,
+ IN UINTN Val
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), EFI_UNSUPPORTED);
+}
+
+/**
+ Add two Big Numbers modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA + BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAddMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), EFI_UNSUPPORTED);
+}
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index e378a8a8c60e..1be21b7ff690 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -3457,6 +3457,412 @@ BOOLEAN
IN UINT16 SaltLen
);
+// =====================================================================================
+// Big Number Primitive
+// =====================================================================================
+
+/**
+ Allocate new Big Number.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+typedef
+VOID *
+(EFIAPI *EDKII_CRYPTO_BIGNUM_INIT)(
+ VOID
+ );
+
+/**
+ Allocate new Big Number and assign the provided value to it.
+
+ @param[in] Buf Big endian encoded buffer.
+ @param[in] Len Buffer length.
+
+ @retval New EDKII_CRYPTO_BIGNUM_ opaque structure or NULL on failure.
+**/
+typedef
+VOID *
+(EFIAPI *EDKII_CRYPTO_BIGNUM_FROM_BIN)(
+ IN CONST UINT8 *Buf,
+ IN UINTN Len
+ );
+
+/**
+ Convert the absolute value of Bn into big-endian form and store it at Buf.
+ The Buf array should have at least EDKII_CRYPTO_BIGNUM_Bytes() in it.
+
+ @param[in] Bn Big number to convert.
+ @param[out] Buf Output buffer.
+
+ @retval The length of the big-endian number placed at Buf or -1 on error.
+**/
+typedef
+INTN
+(EFIAPI *EDKII_CRYPTO_BIGNUM_TO_BIN)(
+ IN VOID *Bn,
+ OUT UINT8 *Buf
+ );
+
+/**
+ Free the Big Number.
+
+ @param[in] Bn Big number to free.
+ @param[in] Clear TRUE if the buffer should be cleared.
+**/
+typedef
+VOID
+(EFIAPI *EDKII_CRYPTO_BIGNUM_FREE)(
+ IN VOID *Bn,
+ IN BOOLEAN Clear
+ );
+
+/**
+ Calculate the sum of two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA + BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_ADD)(
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ );
+
+/**
+ Subtract two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA - BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_SUB)(
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ );
+
+/**
+ Calculate remainder: BnRes = BnA % BnB.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA % BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_MOD)(
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ );
+
+/**
+ Compute BnA to the BnP-th power modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnP Big number (power).
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result of BnA ^ BnP % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_EXP_MOD)(
+ IN VOID *BnA,
+ IN VOID *BnP,
+ IN VOID *BnM,
+ OUT VOID *BnRes
+ );
+
+/**
+ Compute BnA inverse modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_INVERSE_MOD)(
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ );
+
+/**
+ Divide two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that BnA / BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_DIV)(
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ );
+
+/**
+ Multiply two Big Numbers modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_MUL_MOD)(
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ );
+
+/**
+ Compare two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+
+ @retval 0 BnA == BnB.
+ @retval 1 BnA > BnB.
+ @retval -1 BnA < BnB.
+**/
+typedef
+INTN
+(EFIAPI *EDKII_CRYPTO_BIGNUM_CMP)(
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB
+ );
+
+/**
+ Get number of bits in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bits.
+**/
+typedef
+
+UINTN
+(EFIAPI *EDKII_CRYPTO_BIGNUM_BITS)(
+ IN CONST VOID *Bn
+ );
+
+/**
+ Get number of bytes in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bytes.
+**/
+typedef
+UINTN
+(EFIAPI *EDKII_CRYPTO_BIGNUM_BYTES)(
+ IN CONST VOID *Bn
+ );
+
+/**
+ Checks if Big Number equals to the given Num.
+
+ @param[in] Bn Big number.
+ @param[in] Num Number.
+
+ @retval TRUE iff Bn == Num.
+ @retval FALSE otherwise.
+**/
+typedef
+BOOLEAN
+(EFIAPI *EDKII_CRYPTO_BIGNUM_IS_WORD)(
+ IN CONST VOID *Bn,
+ IN UINTN Num
+ );
+
+/**
+ Checks if Big Number is odd.
+
+ @param[in] Bn Big number.
+
+ @retval TRUE Bn is odd (Bn % 2 == 1).
+ @retval FALSE otherwise.
+**/
+typedef
+BOOLEAN
+(EFIAPI *EDKII_CRYPTO_BIGNUM_IS_ODD)(
+ IN CONST VOID *Bn
+ );
+
+/**
+ Copy Big number.
+
+ @param[out] BnDst Destination.
+ @param[in] BnSrc Source.
+
+ @retval BnDst on success.
+ @retval NULL otherwise.
+**/
+typedef
+VOID *
+(EFIAPI *EDKII_CRYPTO_BIGNUM_COPY)(
+ OUT VOID *BnDst,
+ IN CONST VOID *BnSrc
+ );
+
+/**
+ Get constant Big number with value of "1".
+ This may be used to save expensive allocations.
+
+ @retval Big Number with value of 1.
+**/
+typedef
+CONST VOID *
+(EFIAPI *EDKII_CRYPTO_BIGNUM_VALUE_ONE)(
+ VOID
+ );
+
+/**
+ Shift right Big Number.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_R_SHIFT)(
+ IN CONST VOID *Bn,
+ IN UINTN n,
+ OUT VOID *BnRes
+ );
+
+/**
+ Mark Big Number for constant time computations.
+ This function should be called before any constant time computations are
+ performed on the given Big number.
+
+ @param[in] Bn Big number.
+**/
+typedef
+VOID
+(EFIAPI *EDKII_CRYPTO_BIGNUM_CONSTTIME)(
+ IN VOID *Bn
+ );
+
+/**
+ Calculate square modulo.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_SQR_MOD)(
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ );
+
+/**
+ Create new Big Number computation context. This is an opaque structure.
+ which should be passed to any function that requires it. The BN context is
+ needed to optimize calculations and expensive allocations.
+
+ @retval Big Number context struct or NULL on failure.
+**/
+typedef
+VOID *
+(EFIAPI *EDKII_CRYPTO_BIGNUM_NEW_CONTEXT)(
+ VOID
+ );
+
+/**
+ Free Big Number context that was allocated with EDKII_CRYPTO_BIGNUM_NewContext().
+
+ @param[in] BnCtx Big number context to free.
+**/
+typedef
+VOID
+(EFIAPI *EDKII_CRYPTO_BIGNUM_CONTEXT_FREE)(
+ IN VOID *BnCtx
+ );
+
+/**
+ Set Big Number to a given value.
+
+ @param[in] Bn Big number to set.
+ @param[in] Val Value to set.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_SET_UINT)(
+ IN VOID *Bn,
+ IN UINTN Val
+ );
+
+/**
+ Add two Big Numbers modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA + BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CRYPTO_BIGNUM_ADD_MOD)(
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ );
+
///
/// EDK II Crypto Protocol
///
@@ -3641,6 +4047,34 @@ struct _EDKII_CRYPTO_PROTOCOL {
EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocationList;
+
+ /// Big Number
+ EDKII_CRYPTO_BIGNUM_INIT BigNumInit;
+ EDKII_CRYPTO_BIGNUM_FROM_BIN BigNumFromBin;
+ EDKII_CRYPTO_BIGNUM_TO_BIN BigNumToBin;
+ EDKII_CRYPTO_BIGNUM_FREE BigNumFree;
+ EDKII_CRYPTO_BIGNUM_ADD BigNumAdd;
+ EDKII_CRYPTO_BIGNUM_SUB BigNumSub;
+ EDKII_CRYPTO_BIGNUM_MOD BigNumMod;
+ EDKII_CRYPTO_BIGNUM_EXP_MOD BigNumExpMod;
+ EDKII_CRYPTO_BIGNUM_INVERSE_MOD BigNumInverseMod;
+ EDKII_CRYPTO_BIGNUM_DIV BigNumDiv;
+ EDKII_CRYPTO_BIGNUM_MUL_MOD BigNumMulMod;
+ EDKII_CRYPTO_BIGNUM_CMP BigNumCmp;
+ EDKII_CRYPTO_BIGNUM_BITS BigNumBits;
+ EDKII_CRYPTO_BIGNUM_BYTES BigNumBytes;
+ EDKII_CRYPTO_BIGNUM_IS_WORD BigNumIsWord;
+ EDKII_CRYPTO_BIGNUM_IS_ODD BigNumIsOdd;
+ EDKII_CRYPTO_BIGNUM_COPY BigNumCopy;
+ EDKII_CRYPTO_BIGNUM_VALUE_ONE BigNumValueOne;
+ EDKII_CRYPTO_BIGNUM_R_SHIFT BigNumRShift;
+ EDKII_CRYPTO_BIGNUM_CONSTTIME BigNumConsttime;
+ EDKII_CRYPTO_BIGNUM_SQR_MOD BigNumSqrMod;
+ EDKII_CRYPTO_BIGNUM_NEW_CONTEXT BigNumNewContext;
+ EDKII_CRYPTO_BIGNUM_CONTEXT_FREE BigNumContextFree;
+ EDKII_CRYPTO_BIGNUM_SET_UINT BigNumSetUint;
+ EDKII_CRYPTO_BIGNUM_ADD_MOD BigNumAddMod;
+
/// RSA PSS
EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
--
2.33.0.windows.2
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 2/2] CryptoPkg: Add BigNum NullLib
2022-01-29 22:09 [PATCH 0/2] CryptoPkg: Add BigNum support yi1 li
2022-01-29 22:09 ` [PATCH 1/2] " yi1 li
@ 2022-01-29 22:09 ` yi1 li
2022-01-30 0:04 ` Yao, Jiewen
1 sibling, 1 reply; 7+ messages in thread
From: yi1 li @ 2022-01-29 22:09 UTC (permalink / raw)
To: devel; +Cc: yi1 li, Jiewen Yao, Jian J Wang, Xiaoyu Lu, Guomin Jiang
This patch is used to add CryptBnNull library, which is used to
optimize code size.
Signed-off-by: yi1 li <yi1.li@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
---
.../Library/BaseCryptLib/Bn/CryptBnNull.c | 525 ++++++++++++++++++
.../Library/BaseCryptLib/PeiCryptLib.inf | 2 +-
.../Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
.../BaseCryptLibNull/BaseCryptLibNull.inf | 1 +
.../Library/BaseCryptLibNull/Bn/CryptBnNull.c | 525 ++++++++++++++++++
5 files changed, 1053 insertions(+), 2 deletions(-)
create mode 100644 CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
new file mode 100644
index 000000000000..9f220ba41058
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
@@ -0,0 +1,525 @@
+/** @file
+ Big number API implementation based on OpenSSL
+
+ Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseCryptLib.h>
+#include <Library/DebugLib.h>
+
+/**
+ Allocate new Big Number.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumInit (
+ VOID
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Allocate new Big Number and assign the provided value to it.
+
+ @param[in] Buf Big endian encoded buffer.
+ @param[in] Len Buffer length.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumFromBin (
+ IN CONST UINT8 *Buf,
+ IN UINTN Len
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Convert the absolute value of Bn into big-endian form and store it at Buf.
+ The Buf array should have at least BigNumBytes() in it.
+
+ @param[in] Bn Big number to convert.
+ @param[out] Buf Output buffer.
+
+ @retval The length of the big-endian number placed at Buf or -1 on error.
+**/
+INTN
+EFIAPI
+BigNumToBin (
+ IN VOID *Bn,
+ OUT UINT8 *Buf
+ )
+{
+ ASSERT (FALSE);
+ return -1;
+}
+
+/**
+ Free the Big Number.
+
+ @param[in] Bn Big number to free.
+ @param[in] Clear TRUE if the buffer should be cleared.
+**/
+VOID
+EFIAPI
+BigNumFree (
+ IN VOID *Bn,
+ IN BOOLEAN Clear
+ )
+{
+ ASSERT (FALSE);
+}
+
+/**
+ Calculate the sum of two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA + BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAdd (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Subtract two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA - BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSub (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Calculate remainder: BnRes = BnA % BnB.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA % BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Compute BnA to the BnP-th power modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized.
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnP Big number (power).
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result of (BnA ^ BnP) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumExpMod (
+ IN VOID *BnA,
+ IN VOID *BnP,
+ IN VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Compute BnA inverse modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumInverseMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Divide two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that BnA / BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumDiv (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Multiply two Big Numbers modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMulMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Compare two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+
+ @retval 0 BnA == BnB.
+ @retval 1 BnA > BnB.
+ @retval -1 BnA < BnB.
+**/
+INTN
+EFIAPI
+BigNumCmp (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB
+ )
+{
+ ASSERT (FALSE);
+ return 0;
+}
+
+/**
+ Get number of bits in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bits.
+**/
+UINTN
+EFIAPI
+BigNumBits (
+ IN CONST VOID *Bn
+ )
+{
+ ASSERT (FALSE);
+ return 0;
+}
+
+/**
+ Get number of bytes in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bytes.
+**/
+UINTN
+EFIAPI
+BigNumBytes (
+ IN CONST VOID *Bn
+ )
+{
+ ASSERT (FALSE);
+ return 0;
+}
+
+/**
+ Checks if Big Number equals to the given Num.
+
+ @param[in] Bn Big number.
+ @param[in] Num Number.
+
+ @retval TRUE iff Bn == Num.
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsWord (
+ IN CONST VOID *Bn,
+ IN UINTN Num
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Checks if Big Number is odd.
+
+ @param[in] Bn Big number.
+
+ @retval TRUE Bn is odd (Bn % 2 == 1).
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsOdd (
+ IN CONST VOID *Bn
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Copy Big number.
+
+ @param[out] BnDst Destination.
+ @param[in] BnSrc Source.
+
+ @retval BnDst on success.
+ @retval NULL otherwise.
+**/
+VOID *
+EFIAPI
+BigNumCopy (
+ OUT VOID *BnDst,
+ IN CONST VOID *BnSrc
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Get constant Big number with value of "1".
+ This may be used to save expensive allocations.
+
+ @retval Big Number with value of 1.
+**/
+CONST VOID *
+EFIAPI
+BigNumValueOne (
+ VOID
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Shift right Big Number.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] Bn Big number.
+ @param[in] n Number of bits to shift.
+ @param[out] BnRes The result.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumRShift (
+ IN CONST VOID *Bn,
+ IN UINTN n,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Mark Big Number for constant time computations.
+ This function should be called before any constant time computations are
+ performed on the given Big number.
+
+ @param[in] Bn Big number.
+**/
+VOID
+EFIAPI
+BigNumConsttime (
+ IN VOID *Bn
+ )
+{
+ ASSERT (FALSE);
+}
+
+/**
+ Calculate square modulo.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSqrMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Create new Big Number computation context. This is an opaque structure
+ which should be passed to any function that requires it. The BN context is
+ needed to optimize calculations and expensive allocations.
+
+ @retval Big Number context struct or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumNewContext (
+ VOID
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Free Big Number context that was allocated with BigNumNewContext().
+
+ @param[in] BnCtx Big number context to free.
+**/
+VOID
+EFIAPI
+BigNumContextFree (
+ IN VOID *BnCtx
+ )
+{
+ ASSERT (FALSE);
+}
+
+/**
+ Set Big Number to a given value.
+
+ @param[in] Bn Big number to set.
+ @param[in] Val Value to set.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSetUint (
+ IN VOID *Bn,
+ IN UINTN Val
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Add two Big Numbers modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA + BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAddMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index 75d87afbdc03..d080e665c218 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -59,7 +59,7 @@
Pk/CryptRsaPssSignNull.c
Pem/CryptPemNull.c
Rand/CryptRandNull.c
- Bn/CryptBn.c
+ Bn/CryptBnNull.c
SysCall/CrtWrapper.c
SysCall/ConstantTimeClock.c
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index 420cef88efb1..8a3fec9b076c 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -56,7 +56,7 @@
Pk/CryptRsaPss.c
Pk/CryptRsaPssSignNull.c
Pem/CryptPem.c
- Bn/CryptBn.c
+ Bn/CryptBnNull.c
SysCall/CrtWrapper.c
SysCall/ConstantTimeClock.c
SysCall/BaseMemAllocation.c
diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
index faf959827b90..1fb4d5c54d4f 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
+++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
@@ -52,6 +52,7 @@
Rand/CryptRandNull.c
Pk/CryptRsaPssNull.c
Pk/CryptRsaPssSignNull.c
+ Bn/CryptBnNull.c
[Packages]
MdePkg/MdePkg.dec
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
new file mode 100644
index 000000000000..9f220ba41058
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
@@ -0,0 +1,525 @@
+/** @file
+ Big number API implementation based on OpenSSL
+
+ Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
+ SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/BaseCryptLib.h>
+#include <Library/DebugLib.h>
+
+/**
+ Allocate new Big Number.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumInit (
+ VOID
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Allocate new Big Number and assign the provided value to it.
+
+ @param[in] Buf Big endian encoded buffer.
+ @param[in] Len Buffer length.
+
+ @retval New BigNum opaque structure or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumFromBin (
+ IN CONST UINT8 *Buf,
+ IN UINTN Len
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Convert the absolute value of Bn into big-endian form and store it at Buf.
+ The Buf array should have at least BigNumBytes() in it.
+
+ @param[in] Bn Big number to convert.
+ @param[out] Buf Output buffer.
+
+ @retval The length of the big-endian number placed at Buf or -1 on error.
+**/
+INTN
+EFIAPI
+BigNumToBin (
+ IN VOID *Bn,
+ OUT UINT8 *Buf
+ )
+{
+ ASSERT (FALSE);
+ return -1;
+}
+
+/**
+ Free the Big Number.
+
+ @param[in] Bn Big number to free.
+ @param[in] Clear TRUE if the buffer should be cleared.
+**/
+VOID
+EFIAPI
+BigNumFree (
+ IN VOID *Bn,
+ IN BOOLEAN Clear
+ )
+{
+ ASSERT (FALSE);
+}
+
+/**
+ Calculate the sum of two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA + BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAdd (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Subtract two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA - BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSub (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Calculate remainder: BnRes = BnA % BnB.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[out] BnRes The result of BnA % BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Compute BnA to the BnP-th power modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized.
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnP Big number (power).
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result of (BnA ^ BnP) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumExpMod (
+ IN VOID *BnA,
+ IN VOID *BnP,
+ IN VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Compute BnA inverse modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumInverseMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Divide two Big Numbers.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that BnA / BnB.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumDiv (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Multiply two Big Numbers modulo BnM.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA * BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumMulMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Compare two Big Numbers.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+
+ @retval 0 BnA == BnB.
+ @retval 1 BnA > BnB.
+ @retval -1 BnA < BnB.
+**/
+INTN
+EFIAPI
+BigNumCmp (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB
+ )
+{
+ ASSERT (FALSE);
+ return 0;
+}
+
+/**
+ Get number of bits in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bits.
+**/
+UINTN
+EFIAPI
+BigNumBits (
+ IN CONST VOID *Bn
+ )
+{
+ ASSERT (FALSE);
+ return 0;
+}
+
+/**
+ Get number of bytes in Bn.
+
+ @param[in] Bn Big number.
+
+ @retval Number of bytes.
+**/
+UINTN
+EFIAPI
+BigNumBytes (
+ IN CONST VOID *Bn
+ )
+{
+ ASSERT (FALSE);
+ return 0;
+}
+
+/**
+ Checks if Big Number equals to the given Num.
+
+ @param[in] Bn Big number.
+ @param[in] Num Number.
+
+ @retval TRUE iff Bn == Num.
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsWord (
+ IN CONST VOID *Bn,
+ IN UINTN Num
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Checks if Big Number is odd.
+
+ @param[in] Bn Big number.
+
+ @retval TRUE Bn is odd (Bn % 2 == 1).
+ @retval FALSE otherwise.
+**/
+BOOLEAN
+EFIAPI
+BigNumIsOdd (
+ IN CONST VOID *Bn
+ )
+{
+ ASSERT (FALSE);
+ return FALSE;
+}
+
+/**
+ Copy Big number.
+
+ @param[out] BnDst Destination.
+ @param[in] BnSrc Source.
+
+ @retval BnDst on success.
+ @retval NULL otherwise.
+**/
+VOID *
+EFIAPI
+BigNumCopy (
+ OUT VOID *BnDst,
+ IN CONST VOID *BnSrc
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Get constant Big number with value of "1".
+ This may be used to save expensive allocations.
+
+ @retval Big Number with value of 1.
+**/
+CONST VOID *
+EFIAPI
+BigNumValueOne (
+ VOID
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Shift right Big Number.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] Bn Big number.
+ @param[in] n Number of bits to shift.
+ @param[out] BnRes The result.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumRShift (
+ IN CONST VOID *Bn,
+ IN UINTN n,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Mark Big Number for constant time computations.
+ This function should be called before any constant time computations are
+ performed on the given Big number.
+
+ @param[in] Bn Big number.
+**/
+VOID
+EFIAPI
+BigNumConsttime (
+ IN VOID *Bn
+ )
+{
+ ASSERT (FALSE);
+}
+
+/**
+ Calculate square modulo.
+ Please note, all "out" Big number arguments should be properly initialized
+ by calling to BigNumInit() or BigNumFromBin() functions.
+
+ @param[in] BnA Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSqrMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Create new Big Number computation context. This is an opaque structure
+ which should be passed to any function that requires it. The BN context is
+ needed to optimize calculations and expensive allocations.
+
+ @retval Big Number context struct or NULL on failure.
+**/
+VOID *
+EFIAPI
+BigNumNewContext (
+ VOID
+ )
+{
+ ASSERT (FALSE);
+ return NULL;
+}
+
+/**
+ Free Big Number context that was allocated with BigNumNewContext().
+
+ @param[in] BnCtx Big number context to free.
+**/
+VOID
+EFIAPI
+BigNumContextFree (
+ IN VOID *BnCtx
+ )
+{
+ ASSERT (FALSE);
+}
+
+/**
+ Set Big Number to a given value.
+
+ @param[in] Bn Big number to set.
+ @param[in] Val Value to set.
+**/
+EFI_STATUS
+EFIAPI
+BigNumSetUint (
+ IN VOID *Bn,
+ IN UINTN Val
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
+
+/**
+ Add two Big Numbers modulo BnM.
+
+ @param[in] BnA Big number.
+ @param[in] BnB Big number.
+ @param[in] BnM Big number (modulo).
+ @param[out] BnRes The result, such that (BnA + BnB) % BnM.
+
+ @retval EFI_SUCCESS On success.
+ @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
+ @retval EFI_PROTOCOL_ERROR Otherwise.
+**/
+EFI_STATUS
+EFIAPI
+BigNumAddMod (
+ IN CONST VOID *BnA,
+ IN CONST VOID *BnB,
+ IN CONST VOID *BnM,
+ OUT VOID *BnRes
+ )
+{
+ ASSERT (FALSE);
+ return EFI_UNSUPPORTED;
+}
--
2.33.0.windows.2
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH 2/2] CryptoPkg: Add BigNum NullLib
2022-01-29 22:09 ` [PATCH 2/2] CryptoPkg: Add BigNum NullLib yi1 li
@ 2022-01-30 0:04 ` Yao, Jiewen
2022-01-30 17:08 ` yi1 li
0 siblings, 1 reply; 7+ messages in thread
From: Yao, Jiewen @ 2022-01-30 0:04 UTC (permalink / raw)
To: Li, Yi1; +Cc: devel@edk2.groups.io, Wang, Jian J, Xiaoyu Lu, Jiang, Guomin
thank you
since you are talking about size optimization, would you please share the result?
thank you!
Yao, Jiewen
> 在 2022年1月30日,上午6:10,Li, Yi1 <yi1.li@intel.com> 写道:
>
> This patch is used to add CryptBnNull library, which is used to
> optimize code size.
>
> Signed-off-by: yi1 li <yi1.li@intel.com>
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
> ---
> .../Library/BaseCryptLib/Bn/CryptBnNull.c | 525 ++++++++++++++++++
> .../Library/BaseCryptLib/PeiCryptLib.inf | 2 +-
> .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
> .../BaseCryptLibNull/BaseCryptLibNull.inf | 1 +
> .../Library/BaseCryptLibNull/Bn/CryptBnNull.c | 525 ++++++++++++++++++
> 5 files changed, 1053 insertions(+), 2 deletions(-)
> create mode 100644 CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
> new file mode 100644
> index 000000000000..9f220ba41058
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
> @@ -0,0 +1,525 @@
> +/** @file
> + Big number API implementation based on OpenSSL
> +
> + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include <Library/BaseCryptLib.h>
> +#include <Library/DebugLib.h>
> +
> +/**
> + Allocate new Big Number.
> +
> + @retval New BigNum opaque structure or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumInit (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Allocate new Big Number and assign the provided value to it.
> +
> + @param[in] Buf Big endian encoded buffer.
> + @param[in] Len Buffer length.
> +
> + @retval New BigNum opaque structure or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumFromBin (
> + IN CONST UINT8 *Buf,
> + IN UINTN Len
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Convert the absolute value of Bn into big-endian form and store it at Buf.
> + The Buf array should have at least BigNumBytes() in it.
> +
> + @param[in] Bn Big number to convert.
> + @param[out] Buf Output buffer.
> +
> + @retval The length of the big-endian number placed at Buf or -1 on error.
> +**/
> +INTN
> +EFIAPI
> +BigNumToBin (
> + IN VOID *Bn,
> + OUT UINT8 *Buf
> + )
> +{
> + ASSERT (FALSE);
> + return -1;
> +}
> +
> +/**
> + Free the Big Number.
> +
> + @param[in] Bn Big number to free.
> + @param[in] Clear TRUE if the buffer should be cleared.
> +**/
> +VOID
> +EFIAPI
> +BigNumFree (
> + IN VOID *Bn,
> + IN BOOLEAN Clear
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Calculate the sum of two Big Numbers.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA + BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumAdd (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Subtract two Big Numbers.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA - BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSub (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Calculate remainder: BnRes = BnA % BnB.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA % BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compute BnA to the BnP-th power modulo BnM.
> + Please note, all "out" Big number arguments should be properly initialized.
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnP Big number (power).
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result of (BnA ^ BnP) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumExpMod (
> + IN VOID *BnA,
> + IN VOID *BnP,
> + IN VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compute BnA inverse modulo BnM.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumInverseMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Divide two Big Numbers.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that BnA / BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumDiv (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Multiply two Big Numbers modulo BnM.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA * BnB) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumMulMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compare two Big Numbers.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> +
> + @retval 0 BnA == BnB.
> + @retval 1 BnA > BnB.
> + @retval -1 BnA < BnB.
> +**/
> +INTN
> +EFIAPI
> +BigNumCmp (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Get number of bits in Bn.
> +
> + @param[in] Bn Big number.
> +
> + @retval Number of bits.
> +**/
> +UINTN
> +EFIAPI
> +BigNumBits (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Get number of bytes in Bn.
> +
> + @param[in] Bn Big number.
> +
> + @retval Number of bytes.
> +**/
> +UINTN
> +EFIAPI
> +BigNumBytes (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Checks if Big Number equals to the given Num.
> +
> + @param[in] Bn Big number.
> + @param[in] Num Number.
> +
> + @retval TRUE iff Bn == Num.
> + @retval FALSE otherwise.
> +**/
> +BOOLEAN
> +EFIAPI
> +BigNumIsWord (
> + IN CONST VOID *Bn,
> + IN UINTN Num
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> +/**
> + Checks if Big Number is odd.
> +
> + @param[in] Bn Big number.
> +
> + @retval TRUE Bn is odd (Bn % 2 == 1).
> + @retval FALSE otherwise.
> +**/
> +BOOLEAN
> +EFIAPI
> +BigNumIsOdd (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> +/**
> + Copy Big number.
> +
> + @param[out] BnDst Destination.
> + @param[in] BnSrc Source.
> +
> + @retval BnDst on success.
> + @retval NULL otherwise.
> +**/
> +VOID *
> +EFIAPI
> +BigNumCopy (
> + OUT VOID *BnDst,
> + IN CONST VOID *BnSrc
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Get constant Big number with value of "1".
> + This may be used to save expensive allocations.
> +
> + @retval Big Number with value of 1.
> +**/
> +CONST VOID *
> +EFIAPI
> +BigNumValueOne (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Shift right Big Number.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] Bn Big number.
> + @param[in] n Number of bits to shift.
> + @param[out] BnRes The result.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumRShift (
> + IN CONST VOID *Bn,
> + IN UINTN n,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Mark Big Number for constant time computations.
> + This function should be called before any constant time computations are
> + performed on the given Big number.
> +
> + @param[in] Bn Big number.
> +**/
> +VOID
> +EFIAPI
> +BigNumConsttime (
> + IN VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Calculate square modulo.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSqrMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Create new Big Number computation context. This is an opaque structure
> + which should be passed to any function that requires it. The BN context is
> + needed to optimize calculations and expensive allocations.
> +
> + @retval Big Number context struct or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumNewContext (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Free Big Number context that was allocated with BigNumNewContext().
> +
> + @param[in] BnCtx Big number context to free.
> +**/
> +VOID
> +EFIAPI
> +BigNumContextFree (
> + IN VOID *BnCtx
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Set Big Number to a given value.
> +
> + @param[in] Bn Big number to set.
> + @param[in] Val Value to set.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSetUint (
> + IN VOID *Bn,
> + IN UINTN Val
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Add two Big Numbers modulo BnM.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA + BnB) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumAddMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> index 75d87afbdc03..d080e665c218 100644
> --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> @@ -59,7 +59,7 @@
> Pk/CryptRsaPssSignNull.c
> Pem/CryptPemNull.c
> Rand/CryptRandNull.c
> - Bn/CryptBn.c
> + Bn/CryptBnNull.c
>
> SysCall/CrtWrapper.c
> SysCall/ConstantTimeClock.c
> diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> index 420cef88efb1..8a3fec9b076c 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> @@ -56,7 +56,7 @@
> Pk/CryptRsaPss.c
> Pk/CryptRsaPssSignNull.c
> Pem/CryptPem.c
> - Bn/CryptBn.c
> + Bn/CryptBnNull.c
> SysCall/CrtWrapper.c
> SysCall/ConstantTimeClock.c
> SysCall/BaseMemAllocation.c
> diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> index faf959827b90..1fb4d5c54d4f 100644
> --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> @@ -52,6 +52,7 @@
> Rand/CryptRandNull.c
> Pk/CryptRsaPssNull.c
> Pk/CryptRsaPssSignNull.c
> + Bn/CryptBnNull.c
>
> [Packages]
> MdePkg/MdePkg.dec
> diff --git a/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
> new file mode 100644
> index 000000000000..9f220ba41058
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
> @@ -0,0 +1,525 @@
> +/** @file
> + Big number API implementation based on OpenSSL
> +
> + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include <Library/BaseCryptLib.h>
> +#include <Library/DebugLib.h>
> +
> +/**
> + Allocate new Big Number.
> +
> + @retval New BigNum opaque structure or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumInit (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Allocate new Big Number and assign the provided value to it.
> +
> + @param[in] Buf Big endian encoded buffer.
> + @param[in] Len Buffer length.
> +
> + @retval New BigNum opaque structure or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumFromBin (
> + IN CONST UINT8 *Buf,
> + IN UINTN Len
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Convert the absolute value of Bn into big-endian form and store it at Buf.
> + The Buf array should have at least BigNumBytes() in it.
> +
> + @param[in] Bn Big number to convert.
> + @param[out] Buf Output buffer.
> +
> + @retval The length of the big-endian number placed at Buf or -1 on error.
> +**/
> +INTN
> +EFIAPI
> +BigNumToBin (
> + IN VOID *Bn,
> + OUT UINT8 *Buf
> + )
> +{
> + ASSERT (FALSE);
> + return -1;
> +}
> +
> +/**
> + Free the Big Number.
> +
> + @param[in] Bn Big number to free.
> + @param[in] Clear TRUE if the buffer should be cleared.
> +**/
> +VOID
> +EFIAPI
> +BigNumFree (
> + IN VOID *Bn,
> + IN BOOLEAN Clear
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Calculate the sum of two Big Numbers.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA + BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumAdd (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Subtract two Big Numbers.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA - BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSub (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Calculate remainder: BnRes = BnA % BnB.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA % BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compute BnA to the BnP-th power modulo BnM.
> + Please note, all "out" Big number arguments should be properly initialized.
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnP Big number (power).
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result of (BnA ^ BnP) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumExpMod (
> + IN VOID *BnA,
> + IN VOID *BnP,
> + IN VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compute BnA inverse modulo BnM.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumInverseMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Divide two Big Numbers.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that BnA / BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumDiv (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Multiply two Big Numbers modulo BnM.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA * BnB) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumMulMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compare two Big Numbers.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> +
> + @retval 0 BnA == BnB.
> + @retval 1 BnA > BnB.
> + @retval -1 BnA < BnB.
> +**/
> +INTN
> +EFIAPI
> +BigNumCmp (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Get number of bits in Bn.
> +
> + @param[in] Bn Big number.
> +
> + @retval Number of bits.
> +**/
> +UINTN
> +EFIAPI
> +BigNumBits (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Get number of bytes in Bn.
> +
> + @param[in] Bn Big number.
> +
> + @retval Number of bytes.
> +**/
> +UINTN
> +EFIAPI
> +BigNumBytes (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Checks if Big Number equals to the given Num.
> +
> + @param[in] Bn Big number.
> + @param[in] Num Number.
> +
> + @retval TRUE iff Bn == Num.
> + @retval FALSE otherwise.
> +**/
> +BOOLEAN
> +EFIAPI
> +BigNumIsWord (
> + IN CONST VOID *Bn,
> + IN UINTN Num
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> +/**
> + Checks if Big Number is odd.
> +
> + @param[in] Bn Big number.
> +
> + @retval TRUE Bn is odd (Bn % 2 == 1).
> + @retval FALSE otherwise.
> +**/
> +BOOLEAN
> +EFIAPI
> +BigNumIsOdd (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> +/**
> + Copy Big number.
> +
> + @param[out] BnDst Destination.
> + @param[in] BnSrc Source.
> +
> + @retval BnDst on success.
> + @retval NULL otherwise.
> +**/
> +VOID *
> +EFIAPI
> +BigNumCopy (
> + OUT VOID *BnDst,
> + IN CONST VOID *BnSrc
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Get constant Big number with value of "1".
> + This may be used to save expensive allocations.
> +
> + @retval Big Number with value of 1.
> +**/
> +CONST VOID *
> +EFIAPI
> +BigNumValueOne (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Shift right Big Number.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] Bn Big number.
> + @param[in] n Number of bits to shift.
> + @param[out] BnRes The result.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumRShift (
> + IN CONST VOID *Bn,
> + IN UINTN n,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Mark Big Number for constant time computations.
> + This function should be called before any constant time computations are
> + performed on the given Big number.
> +
> + @param[in] Bn Big number.
> +**/
> +VOID
> +EFIAPI
> +BigNumConsttime (
> + IN VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Calculate square modulo.
> + Please note, all "out" Big number arguments should be properly initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSqrMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Create new Big Number computation context. This is an opaque structure
> + which should be passed to any function that requires it. The BN context is
> + needed to optimize calculations and expensive allocations.
> +
> + @retval Big Number context struct or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumNewContext (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Free Big Number context that was allocated with BigNumNewContext().
> +
> + @param[in] BnCtx Big number context to free.
> +**/
> +VOID
> +EFIAPI
> +BigNumContextFree (
> + IN VOID *BnCtx
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Set Big Number to a given value.
> +
> + @param[in] Bn Big number to set.
> + @param[in] Val Value to set.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSetUint (
> + IN VOID *Bn,
> + IN UINTN Val
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Add two Big Numbers modulo BnM.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA + BnB) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumAddMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> --
> 2.33.0.windows.2
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2/2] CryptoPkg: Add BigNum NullLib
2022-01-30 0:04 ` Yao, Jiewen
@ 2022-01-30 17:08 ` yi1 li
2022-01-31 1:10 ` Yao, Jiewen
0 siblings, 1 reply; 7+ messages in thread
From: yi1 li @ 2022-01-30 17:08 UTC (permalink / raw)
To: Yao, Jiewen; +Cc: devel@edk2.groups.io, Wang, Jian J, Xiaoyu Lu, Jiang, Guomin
Hi Jiewen
With build cmd 'build -p .\Edk2\CryptoPkg\CryptoPkg.dsc -t VS2019 -a X64 -D CRYPTO_SERVICES=ALL':
CryptDxe.efi will be 813,504 bytes without CryptBn;
will be 815,040 bytes with CryptBnNull;
will be 815,360 bytes with CryptBn;
This patch has little effect on binary size since the dependent Openssl library is already enabled in EDK2.
And CryptBnNull can also be used in drivers(such pei,smm) which do not need Bn instance.
Thanks.
-----Original Message-----
From: Yao, Jiewen <jiewen.yao@intel.com>
Sent: Sunday, January 30, 2022 8:04 AM
To: Li, Yi1 <yi1.li@intel.com>
Cc: devel@edk2.groups.io; Wang, Jian J <jian.j.wang@intel.com>; Xiaoyu Lu <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
Subject: Re: [PATCH 2/2] CryptoPkg: Add BigNum NullLib
thank you
since you are talking about size optimization, would you please share the result?
thank you!
Yao, Jiewen
> 在 2022年1月30日,上午6:10,Li, Yi1 <yi1.li@intel.com> 写道:
>
> This patch is used to add CryptBnNull library, which is used to
> optimize code size.
>
> Signed-off-by: yi1 li <yi1.li@intel.com>
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
> ---
> .../Library/BaseCryptLib/Bn/CryptBnNull.c | 525 ++++++++++++++++++
> .../Library/BaseCryptLib/PeiCryptLib.inf | 2 +-
> .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
> .../BaseCryptLibNull/BaseCryptLibNull.inf | 1 +
> .../Library/BaseCryptLibNull/Bn/CryptBnNull.c | 525 ++++++++++++++++++
> 5 files changed, 1053 insertions(+), 2 deletions(-) create mode 100644
> CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
> create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
> b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
> new file mode 100644
> index 000000000000..9f220ba41058
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
> @@ -0,0 +1,525 @@
> +/** @file
> + Big number API implementation based on OpenSSL
> +
> + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include <Library/BaseCryptLib.h>
> +#include <Library/DebugLib.h>
> +
> +/**
> + Allocate new Big Number.
> +
> + @retval New BigNum opaque structure or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumInit (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Allocate new Big Number and assign the provided value to it.
> +
> + @param[in] Buf Big endian encoded buffer.
> + @param[in] Len Buffer length.
> +
> + @retval New BigNum opaque structure or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumFromBin (
> + IN CONST UINT8 *Buf,
> + IN UINTN Len
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Convert the absolute value of Bn into big-endian form and store it at Buf.
> + The Buf array should have at least BigNumBytes() in it.
> +
> + @param[in] Bn Big number to convert.
> + @param[out] Buf Output buffer.
> +
> + @retval The length of the big-endian number placed at Buf or -1 on error.
> +**/
> +INTN
> +EFIAPI
> +BigNumToBin (
> + IN VOID *Bn,
> + OUT UINT8 *Buf
> + )
> +{
> + ASSERT (FALSE);
> + return -1;
> +}
> +
> +/**
> + Free the Big Number.
> +
> + @param[in] Bn Big number to free.
> + @param[in] Clear TRUE if the buffer should be cleared.
> +**/
> +VOID
> +EFIAPI
> +BigNumFree (
> + IN VOID *Bn,
> + IN BOOLEAN Clear
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Calculate the sum of two Big Numbers.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA + BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumAdd (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Subtract two Big Numbers.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA - BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSub (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Calculate remainder: BnRes = BnA % BnB.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA % BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compute BnA to the BnP-th power modulo BnM.
> + Please note, all "out" Big number arguments should be properly initialized.
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnP Big number (power).
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result of (BnA ^ BnP) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumExpMod (
> + IN VOID *BnA,
> + IN VOID *BnP,
> + IN VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compute BnA inverse modulo BnM.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumInverseMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Divide two Big Numbers.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that BnA / BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumDiv (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Multiply two Big Numbers modulo BnM.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA * BnB) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumMulMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compare two Big Numbers.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> +
> + @retval 0 BnA == BnB.
> + @retval 1 BnA > BnB.
> + @retval -1 BnA < BnB.
> +**/
> +INTN
> +EFIAPI
> +BigNumCmp (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Get number of bits in Bn.
> +
> + @param[in] Bn Big number.
> +
> + @retval Number of bits.
> +**/
> +UINTN
> +EFIAPI
> +BigNumBits (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Get number of bytes in Bn.
> +
> + @param[in] Bn Big number.
> +
> + @retval Number of bytes.
> +**/
> +UINTN
> +EFIAPI
> +BigNumBytes (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Checks if Big Number equals to the given Num.
> +
> + @param[in] Bn Big number.
> + @param[in] Num Number.
> +
> + @retval TRUE iff Bn == Num.
> + @retval FALSE otherwise.
> +**/
> +BOOLEAN
> +EFIAPI
> +BigNumIsWord (
> + IN CONST VOID *Bn,
> + IN UINTN Num
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> +/**
> + Checks if Big Number is odd.
> +
> + @param[in] Bn Big number.
> +
> + @retval TRUE Bn is odd (Bn % 2 == 1).
> + @retval FALSE otherwise.
> +**/
> +BOOLEAN
> +EFIAPI
> +BigNumIsOdd (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> +/**
> + Copy Big number.
> +
> + @param[out] BnDst Destination.
> + @param[in] BnSrc Source.
> +
> + @retval BnDst on success.
> + @retval NULL otherwise.
> +**/
> +VOID *
> +EFIAPI
> +BigNumCopy (
> + OUT VOID *BnDst,
> + IN CONST VOID *BnSrc
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Get constant Big number with value of "1".
> + This may be used to save expensive allocations.
> +
> + @retval Big Number with value of 1.
> +**/
> +CONST VOID *
> +EFIAPI
> +BigNumValueOne (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Shift right Big Number.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] Bn Big number.
> + @param[in] n Number of bits to shift.
> + @param[out] BnRes The result.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumRShift (
> + IN CONST VOID *Bn,
> + IN UINTN n,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Mark Big Number for constant time computations.
> + This function should be called before any constant time
> +computations are
> + performed on the given Big number.
> +
> + @param[in] Bn Big number.
> +**/
> +VOID
> +EFIAPI
> +BigNumConsttime (
> + IN VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Calculate square modulo.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSqrMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Create new Big Number computation context. This is an opaque
> +structure
> + which should be passed to any function that requires it. The BN
> +context is
> + needed to optimize calculations and expensive allocations.
> +
> + @retval Big Number context struct or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumNewContext (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Free Big Number context that was allocated with BigNumNewContext().
> +
> + @param[in] BnCtx Big number context to free.
> +**/
> +VOID
> +EFIAPI
> +BigNumContextFree (
> + IN VOID *BnCtx
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Set Big Number to a given value.
> +
> + @param[in] Bn Big number to set.
> + @param[in] Val Value to set.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSetUint (
> + IN VOID *Bn,
> + IN UINTN Val
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Add two Big Numbers modulo BnM.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA + BnB) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumAddMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> index 75d87afbdc03..d080e665c218 100644
> --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> @@ -59,7 +59,7 @@
> Pk/CryptRsaPssSignNull.c
> Pem/CryptPemNull.c
> Rand/CryptRandNull.c
> - Bn/CryptBn.c
> + Bn/CryptBnNull.c
>
> SysCall/CrtWrapper.c
> SysCall/ConstantTimeClock.c
> diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> index 420cef88efb1..8a3fec9b076c 100644
> --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> @@ -56,7 +56,7 @@
> Pk/CryptRsaPss.c
> Pk/CryptRsaPssSignNull.c
> Pem/CryptPem.c
> - Bn/CryptBn.c
> + Bn/CryptBnNull.c
> SysCall/CrtWrapper.c
> SysCall/ConstantTimeClock.c
> SysCall/BaseMemAllocation.c
> diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> index faf959827b90..1fb4d5c54d4f 100644
> --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> @@ -52,6 +52,7 @@
> Rand/CryptRandNull.c
> Pk/CryptRsaPssNull.c
> Pk/CryptRsaPssSignNull.c
> + Bn/CryptBnNull.c
>
> [Packages]
> MdePkg/MdePkg.dec
> diff --git a/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
> b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
> new file mode 100644
> index 000000000000..9f220ba41058
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
> @@ -0,0 +1,525 @@
> +/** @file
> + Big number API implementation based on OpenSSL
> +
> + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
> + SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include <Library/BaseCryptLib.h>
> +#include <Library/DebugLib.h>
> +
> +/**
> + Allocate new Big Number.
> +
> + @retval New BigNum opaque structure or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumInit (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Allocate new Big Number and assign the provided value to it.
> +
> + @param[in] Buf Big endian encoded buffer.
> + @param[in] Len Buffer length.
> +
> + @retval New BigNum opaque structure or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumFromBin (
> + IN CONST UINT8 *Buf,
> + IN UINTN Len
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Convert the absolute value of Bn into big-endian form and store it at Buf.
> + The Buf array should have at least BigNumBytes() in it.
> +
> + @param[in] Bn Big number to convert.
> + @param[out] Buf Output buffer.
> +
> + @retval The length of the big-endian number placed at Buf or -1 on error.
> +**/
> +INTN
> +EFIAPI
> +BigNumToBin (
> + IN VOID *Bn,
> + OUT UINT8 *Buf
> + )
> +{
> + ASSERT (FALSE);
> + return -1;
> +}
> +
> +/**
> + Free the Big Number.
> +
> + @param[in] Bn Big number to free.
> + @param[in] Clear TRUE if the buffer should be cleared.
> +**/
> +VOID
> +EFIAPI
> +BigNumFree (
> + IN VOID *Bn,
> + IN BOOLEAN Clear
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Calculate the sum of two Big Numbers.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA + BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumAdd (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Subtract two Big Numbers.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA - BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSub (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Calculate remainder: BnRes = BnA % BnB.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[out] BnRes The result of BnA % BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compute BnA to the BnP-th power modulo BnM.
> + Please note, all "out" Big number arguments should be properly initialized.
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnP Big number (power).
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result of (BnA ^ BnP) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumExpMod (
> + IN VOID *BnA,
> + IN VOID *BnP,
> + IN VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compute BnA inverse modulo BnM.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumInverseMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Divide two Big Numbers.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that BnA / BnB.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumDiv (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Multiply two Big Numbers modulo BnM.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA * BnB) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumMulMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Compare two Big Numbers.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> +
> + @retval 0 BnA == BnB.
> + @retval 1 BnA > BnB.
> + @retval -1 BnA < BnB.
> +**/
> +INTN
> +EFIAPI
> +BigNumCmp (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Get number of bits in Bn.
> +
> + @param[in] Bn Big number.
> +
> + @retval Number of bits.
> +**/
> +UINTN
> +EFIAPI
> +BigNumBits (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Get number of bytes in Bn.
> +
> + @param[in] Bn Big number.
> +
> + @retval Number of bytes.
> +**/
> +UINTN
> +EFIAPI
> +BigNumBytes (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return 0;
> +}
> +
> +/**
> + Checks if Big Number equals to the given Num.
> +
> + @param[in] Bn Big number.
> + @param[in] Num Number.
> +
> + @retval TRUE iff Bn == Num.
> + @retval FALSE otherwise.
> +**/
> +BOOLEAN
> +EFIAPI
> +BigNumIsWord (
> + IN CONST VOID *Bn,
> + IN UINTN Num
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> +/**
> + Checks if Big Number is odd.
> +
> + @param[in] Bn Big number.
> +
> + @retval TRUE Bn is odd (Bn % 2 == 1).
> + @retval FALSE otherwise.
> +**/
> +BOOLEAN
> +EFIAPI
> +BigNumIsOdd (
> + IN CONST VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> +
> +/**
> + Copy Big number.
> +
> + @param[out] BnDst Destination.
> + @param[in] BnSrc Source.
> +
> + @retval BnDst on success.
> + @retval NULL otherwise.
> +**/
> +VOID *
> +EFIAPI
> +BigNumCopy (
> + OUT VOID *BnDst,
> + IN CONST VOID *BnSrc
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Get constant Big number with value of "1".
> + This may be used to save expensive allocations.
> +
> + @retval Big Number with value of 1.
> +**/
> +CONST VOID *
> +EFIAPI
> +BigNumValueOne (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Shift right Big Number.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] Bn Big number.
> + @param[in] n Number of bits to shift.
> + @param[out] BnRes The result.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumRShift (
> + IN CONST VOID *Bn,
> + IN UINTN n,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Mark Big Number for constant time computations.
> + This function should be called before any constant time
> +computations are
> + performed on the given Big number.
> +
> + @param[in] Bn Big number.
> +**/
> +VOID
> +EFIAPI
> +BigNumConsttime (
> + IN VOID *Bn
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Calculate square modulo.
> + Please note, all "out" Big number arguments should be properly
> +initialized
> + by calling to BigNumInit() or BigNumFromBin() functions.
> +
> + @param[in] BnA Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSqrMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Create new Big Number computation context. This is an opaque
> +structure
> + which should be passed to any function that requires it. The BN
> +context is
> + needed to optimize calculations and expensive allocations.
> +
> + @retval Big Number context struct or NULL on failure.
> +**/
> +VOID *
> +EFIAPI
> +BigNumNewContext (
> + VOID
> + )
> +{
> + ASSERT (FALSE);
> + return NULL;
> +}
> +
> +/**
> + Free Big Number context that was allocated with BigNumNewContext().
> +
> + @param[in] BnCtx Big number context to free.
> +**/
> +VOID
> +EFIAPI
> +BigNumContextFree (
> + IN VOID *BnCtx
> + )
> +{
> + ASSERT (FALSE);
> +}
> +
> +/**
> + Set Big Number to a given value.
> +
> + @param[in] Bn Big number to set.
> + @param[in] Val Value to set.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumSetUint (
> + IN VOID *Bn,
> + IN UINTN Val
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> +
> +/**
> + Add two Big Numbers modulo BnM.
> +
> + @param[in] BnA Big number.
> + @param[in] BnB Big number.
> + @param[in] BnM Big number (modulo).
> + @param[out] BnRes The result, such that (BnA + BnB) % BnM.
> +
> + @retval EFI_SUCCESS On success.
> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
> + @retval EFI_PROTOCOL_ERROR Otherwise.
> +**/
> +EFI_STATUS
> +EFIAPI
> +BigNumAddMod (
> + IN CONST VOID *BnA,
> + IN CONST VOID *BnB,
> + IN CONST VOID *BnM,
> + OUT VOID *BnRes
> + )
> +{
> + ASSERT (FALSE);
> + return EFI_UNSUPPORTED;
> +}
> --
> 2.33.0.windows.2
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2/2] CryptoPkg: Add BigNum NullLib
2022-01-30 17:08 ` yi1 li
@ 2022-01-31 1:10 ` Yao, Jiewen
2022-02-08 8:30 ` yi1 li
0 siblings, 1 reply; 7+ messages in thread
From: Yao, Jiewen @ 2022-01-31 1:10 UTC (permalink / raw)
To: Li, Yi1; +Cc: devel@edk2.groups.io, Wang, Jian J, Xiaoyu Lu, Jiang, Guomin
Hi
Then I don’t understand why we need this feature. Please submit a bugzilla to describe the problem statement. (Not the solution)
Also please provide the size difference in pei and smm before and after your patch.
Not only the crypto bin but also the individual driver using crypto lib, such as var auth driver. We
thank you!
Yao, Jiewen
> 在 2022年1月31日,上午1:08,Li, Yi1 <yi1.li@intel.com> 写道:
>
> Hi Jiewen
> With build cmd 'build -p .\Edk2\CryptoPkg\CryptoPkg.dsc -t VS2019 -a X64 -D CRYPTO_SERVICES=ALL':
> CryptDxe.efi will be 813,504 bytes without CryptBn;
> will be 815,040 bytes with CryptBnNull;
> will be 815,360 bytes with CryptBn;
> This patch has little effect on binary size since the dependent Openssl library is already enabled in EDK2.
> And CryptBnNull can also be used in drivers(such pei,smm) which do not need Bn instance.
>
> Thanks.
> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: Sunday, January 30, 2022 8:04 AM
> To: Li, Yi1 <yi1.li@intel.com>
> Cc: devel@edk2.groups.io; Wang, Jian J <jian.j.wang@intel.com>; Xiaoyu Lu <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
> Subject: Re: [PATCH 2/2] CryptoPkg: Add BigNum NullLib
>
> thank you
> since you are talking about size optimization, would you please share the result?
>
> thank you!
> Yao, Jiewen
>
>
>> 在 2022年1月30日,上午6:10,Li, Yi1 <yi1.li@intel.com> 写道:
>>
>> This patch is used to add CryptBnNull library, which is used to
>> optimize code size.
>>
>> Signed-off-by: yi1 li <yi1.li@intel.com>
>>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Jian J Wang <jian.j.wang@intel.com>
>> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
>> Cc: Guomin Jiang <guomin.jiang@intel.com>
>> ---
>> .../Library/BaseCryptLib/Bn/CryptBnNull.c | 525 ++++++++++++++++++
>> .../Library/BaseCryptLib/PeiCryptLib.inf | 2 +-
>> .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
>> .../BaseCryptLibNull/BaseCryptLibNull.inf | 1 +
>> .../Library/BaseCryptLibNull/Bn/CryptBnNull.c | 525 ++++++++++++++++++
>> 5 files changed, 1053 insertions(+), 2 deletions(-) create mode 100644
>> CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
>> create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>>
>> diff --git a/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
>> b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
>> new file mode 100644
>> index 000000000000..9f220ba41058
>> --- /dev/null
>> +++ b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
>> @@ -0,0 +1,525 @@
>> +/** @file
>> + Big number API implementation based on OpenSSL
>> +
>> + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>> + SPDX-License-Identifier: BSD-2-Clause-Patent
>> +
>> +**/
>> +
>> +#include <Library/BaseCryptLib.h>
>> +#include <Library/DebugLib.h>
>> +
>> +/**
>> + Allocate new Big Number.
>> +
>> + @retval New BigNum opaque structure or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumInit (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Allocate new Big Number and assign the provided value to it.
>> +
>> + @param[in] Buf Big endian encoded buffer.
>> + @param[in] Len Buffer length.
>> +
>> + @retval New BigNum opaque structure or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumFromBin (
>> + IN CONST UINT8 *Buf,
>> + IN UINTN Len
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Convert the absolute value of Bn into big-endian form and store it at Buf.
>> + The Buf array should have at least BigNumBytes() in it.
>> +
>> + @param[in] Bn Big number to convert.
>> + @param[out] Buf Output buffer.
>> +
>> + @retval The length of the big-endian number placed at Buf or -1 on error.
>> +**/
>> +INTN
>> +EFIAPI
>> +BigNumToBin (
>> + IN VOID *Bn,
>> + OUT UINT8 *Buf
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return -1;
>> +}
>> +
>> +/**
>> + Free the Big Number.
>> +
>> + @param[in] Bn Big number to free.
>> + @param[in] Clear TRUE if the buffer should be cleared.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumFree (
>> + IN VOID *Bn,
>> + IN BOOLEAN Clear
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Calculate the sum of two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA + BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumAdd (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Subtract two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA - BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSub (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Calculate remainder: BnRes = BnA % BnB.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA % BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compute BnA to the BnP-th power modulo BnM.
>> + Please note, all "out" Big number arguments should be properly initialized.
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnP Big number (power).
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result of (BnA ^ BnP) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumExpMod (
>> + IN VOID *BnA,
>> + IN VOID *BnP,
>> + IN VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compute BnA inverse modulo BnM.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumInverseMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Divide two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that BnA / BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumDiv (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Multiply two Big Numbers modulo BnM.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA * BnB) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumMulMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compare two Big Numbers.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> +
>> + @retval 0 BnA == BnB.
>> + @retval 1 BnA > BnB.
>> + @retval -1 BnA < BnB.
>> +**/
>> +INTN
>> +EFIAPI
>> +BigNumCmp (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Get number of bits in Bn.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval Number of bits.
>> +**/
>> +UINTN
>> +EFIAPI
>> +BigNumBits (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Get number of bytes in Bn.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval Number of bytes.
>> +**/
>> +UINTN
>> +EFIAPI
>> +BigNumBytes (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Checks if Big Number equals to the given Num.
>> +
>> + @param[in] Bn Big number.
>> + @param[in] Num Number.
>> +
>> + @retval TRUE iff Bn == Num.
>> + @retval FALSE otherwise.
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +BigNumIsWord (
>> + IN CONST VOID *Bn,
>> + IN UINTN Num
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return FALSE;
>> +}
>> +
>> +/**
>> + Checks if Big Number is odd.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval TRUE Bn is odd (Bn % 2 == 1).
>> + @retval FALSE otherwise.
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +BigNumIsOdd (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return FALSE;
>> +}
>> +
>> +/**
>> + Copy Big number.
>> +
>> + @param[out] BnDst Destination.
>> + @param[in] BnSrc Source.
>> +
>> + @retval BnDst on success.
>> + @retval NULL otherwise.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumCopy (
>> + OUT VOID *BnDst,
>> + IN CONST VOID *BnSrc
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Get constant Big number with value of "1".
>> + This may be used to save expensive allocations.
>> +
>> + @retval Big Number with value of 1.
>> +**/
>> +CONST VOID *
>> +EFIAPI
>> +BigNumValueOne (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Shift right Big Number.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] Bn Big number.
>> + @param[in] n Number of bits to shift.
>> + @param[out] BnRes The result.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumRShift (
>> + IN CONST VOID *Bn,
>> + IN UINTN n,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Mark Big Number for constant time computations.
>> + This function should be called before any constant time
>> +computations are
>> + performed on the given Big number.
>> +
>> + @param[in] Bn Big number.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumConsttime (
>> + IN VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Calculate square modulo.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSqrMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Create new Big Number computation context. This is an opaque
>> +structure
>> + which should be passed to any function that requires it. The BN
>> +context is
>> + needed to optimize calculations and expensive allocations.
>> +
>> + @retval Big Number context struct or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumNewContext (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Free Big Number context that was allocated with BigNumNewContext().
>> +
>> + @param[in] BnCtx Big number context to free.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumContextFree (
>> + IN VOID *BnCtx
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Set Big Number to a given value.
>> +
>> + @param[in] Bn Big number to set.
>> + @param[in] Val Value to set.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSetUint (
>> + IN VOID *Bn,
>> + IN UINTN Val
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Add two Big Numbers modulo BnM.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA + BnB) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumAddMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
>> b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
>> index 75d87afbdc03..d080e665c218 100644
>> --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
>> +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
>> @@ -59,7 +59,7 @@
>> Pk/CryptRsaPssSignNull.c
>> Pem/CryptPemNull.c
>> Rand/CryptRandNull.c
>> - Bn/CryptBn.c
>> + Bn/CryptBnNull.c
>>
>> SysCall/CrtWrapper.c
>> SysCall/ConstantTimeClock.c
>> diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
>> b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
>> index 420cef88efb1..8a3fec9b076c 100644
>> --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
>> +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
>> @@ -56,7 +56,7 @@
>> Pk/CryptRsaPss.c
>> Pk/CryptRsaPssSignNull.c
>> Pem/CryptPem.c
>> - Bn/CryptBn.c
>> + Bn/CryptBnNull.c
>> SysCall/CrtWrapper.c
>> SysCall/ConstantTimeClock.c
>> SysCall/BaseMemAllocation.c
>> diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
>> b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
>> index faf959827b90..1fb4d5c54d4f 100644
>> --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
>> +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
>> @@ -52,6 +52,7 @@
>> Rand/CryptRandNull.c
>> Pk/CryptRsaPssNull.c
>> Pk/CryptRsaPssSignNull.c
>> + Bn/CryptBnNull.c
>>
>> [Packages]
>> MdePkg/MdePkg.dec
>> diff --git a/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>> b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>> new file mode 100644
>> index 000000000000..9f220ba41058
>> --- /dev/null
>> +++ b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>> @@ -0,0 +1,525 @@
>> +/** @file
>> + Big number API implementation based on OpenSSL
>> +
>> + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>> + SPDX-License-Identifier: BSD-2-Clause-Patent
>> +
>> +**/
>> +
>> +#include <Library/BaseCryptLib.h>
>> +#include <Library/DebugLib.h>
>> +
>> +/**
>> + Allocate new Big Number.
>> +
>> + @retval New BigNum opaque structure or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumInit (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Allocate new Big Number and assign the provided value to it.
>> +
>> + @param[in] Buf Big endian encoded buffer.
>> + @param[in] Len Buffer length.
>> +
>> + @retval New BigNum opaque structure or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumFromBin (
>> + IN CONST UINT8 *Buf,
>> + IN UINTN Len
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Convert the absolute value of Bn into big-endian form and store it at Buf.
>> + The Buf array should have at least BigNumBytes() in it.
>> +
>> + @param[in] Bn Big number to convert.
>> + @param[out] Buf Output buffer.
>> +
>> + @retval The length of the big-endian number placed at Buf or -1 on error.
>> +**/
>> +INTN
>> +EFIAPI
>> +BigNumToBin (
>> + IN VOID *Bn,
>> + OUT UINT8 *Buf
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return -1;
>> +}
>> +
>> +/**
>> + Free the Big Number.
>> +
>> + @param[in] Bn Big number to free.
>> + @param[in] Clear TRUE if the buffer should be cleared.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumFree (
>> + IN VOID *Bn,
>> + IN BOOLEAN Clear
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Calculate the sum of two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA + BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumAdd (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Subtract two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA - BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSub (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Calculate remainder: BnRes = BnA % BnB.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA % BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compute BnA to the BnP-th power modulo BnM.
>> + Please note, all "out" Big number arguments should be properly initialized.
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnP Big number (power).
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result of (BnA ^ BnP) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumExpMod (
>> + IN VOID *BnA,
>> + IN VOID *BnP,
>> + IN VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compute BnA inverse modulo BnM.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumInverseMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Divide two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that BnA / BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumDiv (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Multiply two Big Numbers modulo BnM.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA * BnB) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumMulMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compare two Big Numbers.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> +
>> + @retval 0 BnA == BnB.
>> + @retval 1 BnA > BnB.
>> + @retval -1 BnA < BnB.
>> +**/
>> +INTN
>> +EFIAPI
>> +BigNumCmp (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Get number of bits in Bn.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval Number of bits.
>> +**/
>> +UINTN
>> +EFIAPI
>> +BigNumBits (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Get number of bytes in Bn.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval Number of bytes.
>> +**/
>> +UINTN
>> +EFIAPI
>> +BigNumBytes (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Checks if Big Number equals to the given Num.
>> +
>> + @param[in] Bn Big number.
>> + @param[in] Num Number.
>> +
>> + @retval TRUE iff Bn == Num.
>> + @retval FALSE otherwise.
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +BigNumIsWord (
>> + IN CONST VOID *Bn,
>> + IN UINTN Num
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return FALSE;
>> +}
>> +
>> +/**
>> + Checks if Big Number is odd.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval TRUE Bn is odd (Bn % 2 == 1).
>> + @retval FALSE otherwise.
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +BigNumIsOdd (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return FALSE;
>> +}
>> +
>> +/**
>> + Copy Big number.
>> +
>> + @param[out] BnDst Destination.
>> + @param[in] BnSrc Source.
>> +
>> + @retval BnDst on success.
>> + @retval NULL otherwise.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumCopy (
>> + OUT VOID *BnDst,
>> + IN CONST VOID *BnSrc
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Get constant Big number with value of "1".
>> + This may be used to save expensive allocations.
>> +
>> + @retval Big Number with value of 1.
>> +**/
>> +CONST VOID *
>> +EFIAPI
>> +BigNumValueOne (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Shift right Big Number.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] Bn Big number.
>> + @param[in] n Number of bits to shift.
>> + @param[out] BnRes The result.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumRShift (
>> + IN CONST VOID *Bn,
>> + IN UINTN n,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Mark Big Number for constant time computations.
>> + This function should be called before any constant time
>> +computations are
>> + performed on the given Big number.
>> +
>> + @param[in] Bn Big number.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumConsttime (
>> + IN VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Calculate square modulo.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSqrMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Create new Big Number computation context. This is an opaque
>> +structure
>> + which should be passed to any function that requires it. The BN
>> +context is
>> + needed to optimize calculations and expensive allocations.
>> +
>> + @retval Big Number context struct or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumNewContext (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Free Big Number context that was allocated with BigNumNewContext().
>> +
>> + @param[in] BnCtx Big number context to free.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumContextFree (
>> + IN VOID *BnCtx
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Set Big Number to a given value.
>> +
>> + @param[in] Bn Big number to set.
>> + @param[in] Val Value to set.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSetUint (
>> + IN VOID *Bn,
>> + IN UINTN Val
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Add two Big Numbers modulo BnM.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA + BnB) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumAddMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> --
>> 2.33.0.windows.2
>>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2/2] CryptoPkg: Add BigNum NullLib
2022-01-31 1:10 ` Yao, Jiewen
@ 2022-02-08 8:30 ` yi1 li
0 siblings, 0 replies; 7+ messages in thread
From: yi1 li @ 2022-02-08 8:30 UTC (permalink / raw)
To: Yao, Jiewen; +Cc: devel@edk2.groups.io, Wang, Jian J, Xiaoyu Lu, Jiang, Guomin
Hi
I have created Bugzilla to describe why we need to add this feature: https://bugzilla.tianocore.org/show_bug.cgi?id=3828.
We will provide related information by comments such Bin size difference and more.
Thanks!
-----Original Message-----
From: Yao, Jiewen <jiewen.yao@intel.com>
Sent: Monday, January 31, 2022 9:10 AM
To: Li, Yi1 <yi1.li@intel.com>
Cc: devel@edk2.groups.io; Wang, Jian J <jian.j.wang@intel.com>; Xiaoyu Lu <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
Subject: Re: [PATCH 2/2] CryptoPkg: Add BigNum NullLib
Hi
Then I don’t understand why we need this feature. Please submit a bugzilla to describe the problem statement. (Not the solution)
Also please provide the size difference in pei and smm before and after your patch.
Not only the crypto bin but also the individual driver using crypto lib, such as var auth driver. We
thank you!
Yao, Jiewen
> 在 2022年1月31日,上午1:08,Li, Yi1 <yi1.li@intel.com> 写道:
>
> Hi Jiewen
> With build cmd 'build -p .\Edk2\CryptoPkg\CryptoPkg.dsc -t VS2019 -a X64 -D CRYPTO_SERVICES=ALL':
> CryptDxe.efi will be 813,504 bytes without CryptBn; will be 815,040
> bytes with CryptBnNull; will be 815,360 bytes with CryptBn; This patch
> has little effect on binary size since the dependent Openssl library is already enabled in EDK2.
> And CryptBnNull can also be used in drivers(such pei,smm) which do not need Bn instance.
>
> Thanks.
> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: Sunday, January 30, 2022 8:04 AM
> To: Li, Yi1 <yi1.li@intel.com>
> Cc: devel@edk2.groups.io; Wang, Jian J <jian.j.wang@intel.com>; Xiaoyu
> Lu <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>
> Subject: Re: [PATCH 2/2] CryptoPkg: Add BigNum NullLib
>
> thank you
> since you are talking about size optimization, would you please share the result?
>
> thank you!
> Yao, Jiewen
>
>
>> 在 2022年1月30日,上午6:10,Li, Yi1 <yi1.li@intel.com> 写道:
>>
>> This patch is used to add CryptBnNull library, which is used to
>> optimize code size.
>>
>> Signed-off-by: yi1 li <yi1.li@intel.com>
>>
>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>> Cc: Jian J Wang <jian.j.wang@intel.com>
>> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
>> Cc: Guomin Jiang <guomin.jiang@intel.com>
>> ---
>> .../Library/BaseCryptLib/Bn/CryptBnNull.c | 525 ++++++++++++++++++
>> .../Library/BaseCryptLib/PeiCryptLib.inf | 2 +-
>> .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +-
>> .../BaseCryptLibNull/BaseCryptLibNull.inf | 1 +
>> .../Library/BaseCryptLibNull/Bn/CryptBnNull.c | 525
>> ++++++++++++++++++
>> 5 files changed, 1053 insertions(+), 2 deletions(-) create mode
>> 100644 CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
>> create mode 100644
>> CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>>
>> diff --git a/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
>> b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
>> new file mode 100644
>> index 000000000000..9f220ba41058
>> --- /dev/null
>> +++ b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c
>> @@ -0,0 +1,525 @@
>> +/** @file
>> + Big number API implementation based on OpenSSL
>> +
>> + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>> + SPDX-License-Identifier: BSD-2-Clause-Patent
>> +
>> +**/
>> +
>> +#include <Library/BaseCryptLib.h>
>> +#include <Library/DebugLib.h>
>> +
>> +/**
>> + Allocate new Big Number.
>> +
>> + @retval New BigNum opaque structure or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumInit (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Allocate new Big Number and assign the provided value to it.
>> +
>> + @param[in] Buf Big endian encoded buffer.
>> + @param[in] Len Buffer length.
>> +
>> + @retval New BigNum opaque structure or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumFromBin (
>> + IN CONST UINT8 *Buf,
>> + IN UINTN Len
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Convert the absolute value of Bn into big-endian form and store it at Buf.
>> + The Buf array should have at least BigNumBytes() in it.
>> +
>> + @param[in] Bn Big number to convert.
>> + @param[out] Buf Output buffer.
>> +
>> + @retval The length of the big-endian number placed at Buf or -1 on error.
>> +**/
>> +INTN
>> +EFIAPI
>> +BigNumToBin (
>> + IN VOID *Bn,
>> + OUT UINT8 *Buf
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return -1;
>> +}
>> +
>> +/**
>> + Free the Big Number.
>> +
>> + @param[in] Bn Big number to free.
>> + @param[in] Clear TRUE if the buffer should be cleared.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumFree (
>> + IN VOID *Bn,
>> + IN BOOLEAN Clear
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Calculate the sum of two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA + BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumAdd (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Subtract two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA - BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSub (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Calculate remainder: BnRes = BnA % BnB.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA % BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compute BnA to the BnP-th power modulo BnM.
>> + Please note, all "out" Big number arguments should be properly initialized.
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnP Big number (power).
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result of (BnA ^ BnP) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumExpMod (
>> + IN VOID *BnA,
>> + IN VOID *BnP,
>> + IN VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compute BnA inverse modulo BnM.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumInverseMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Divide two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that BnA / BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumDiv (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Multiply two Big Numbers modulo BnM.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA * BnB) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumMulMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compare two Big Numbers.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> +
>> + @retval 0 BnA == BnB.
>> + @retval 1 BnA > BnB.
>> + @retval -1 BnA < BnB.
>> +**/
>> +INTN
>> +EFIAPI
>> +BigNumCmp (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Get number of bits in Bn.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval Number of bits.
>> +**/
>> +UINTN
>> +EFIAPI
>> +BigNumBits (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Get number of bytes in Bn.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval Number of bytes.
>> +**/
>> +UINTN
>> +EFIAPI
>> +BigNumBytes (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Checks if Big Number equals to the given Num.
>> +
>> + @param[in] Bn Big number.
>> + @param[in] Num Number.
>> +
>> + @retval TRUE iff Bn == Num.
>> + @retval FALSE otherwise.
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +BigNumIsWord (
>> + IN CONST VOID *Bn,
>> + IN UINTN Num
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return FALSE;
>> +}
>> +
>> +/**
>> + Checks if Big Number is odd.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval TRUE Bn is odd (Bn % 2 == 1).
>> + @retval FALSE otherwise.
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +BigNumIsOdd (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return FALSE;
>> +}
>> +
>> +/**
>> + Copy Big number.
>> +
>> + @param[out] BnDst Destination.
>> + @param[in] BnSrc Source.
>> +
>> + @retval BnDst on success.
>> + @retval NULL otherwise.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumCopy (
>> + OUT VOID *BnDst,
>> + IN CONST VOID *BnSrc
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Get constant Big number with value of "1".
>> + This may be used to save expensive allocations.
>> +
>> + @retval Big Number with value of 1.
>> +**/
>> +CONST VOID *
>> +EFIAPI
>> +BigNumValueOne (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Shift right Big Number.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] Bn Big number.
>> + @param[in] n Number of bits to shift.
>> + @param[out] BnRes The result.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumRShift (
>> + IN CONST VOID *Bn,
>> + IN UINTN n,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Mark Big Number for constant time computations.
>> + This function should be called before any constant time
>> +computations are
>> + performed on the given Big number.
>> +
>> + @param[in] Bn Big number.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumConsttime (
>> + IN VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Calculate square modulo.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSqrMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Create new Big Number computation context. This is an opaque
>> +structure
>> + which should be passed to any function that requires it. The BN
>> +context is
>> + needed to optimize calculations and expensive allocations.
>> +
>> + @retval Big Number context struct or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumNewContext (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Free Big Number context that was allocated with BigNumNewContext().
>> +
>> + @param[in] BnCtx Big number context to free.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumContextFree (
>> + IN VOID *BnCtx
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Set Big Number to a given value.
>> +
>> + @param[in] Bn Big number to set.
>> + @param[in] Val Value to set.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSetUint (
>> + IN VOID *Bn,
>> + IN UINTN Val
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Add two Big Numbers modulo BnM.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA + BnB) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumAddMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
>> b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
>> index 75d87afbdc03..d080e665c218 100644
>> --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
>> +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
>> @@ -59,7 +59,7 @@
>> Pk/CryptRsaPssSignNull.c
>> Pem/CryptPemNull.c
>> Rand/CryptRandNull.c
>> - Bn/CryptBn.c
>> + Bn/CryptBnNull.c
>>
>> SysCall/CrtWrapper.c
>> SysCall/ConstantTimeClock.c
>> diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
>> b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
>> index 420cef88efb1..8a3fec9b076c 100644
>> --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
>> +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
>> @@ -56,7 +56,7 @@
>> Pk/CryptRsaPss.c
>> Pk/CryptRsaPssSignNull.c
>> Pem/CryptPem.c
>> - Bn/CryptBn.c
>> + Bn/CryptBnNull.c
>> SysCall/CrtWrapper.c
>> SysCall/ConstantTimeClock.c
>> SysCall/BaseMemAllocation.c
>> diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
>> b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
>> index faf959827b90..1fb4d5c54d4f 100644
>> --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
>> +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
>> @@ -52,6 +52,7 @@
>> Rand/CryptRandNull.c
>> Pk/CryptRsaPssNull.c
>> Pk/CryptRsaPssSignNull.c
>> + Bn/CryptBnNull.c
>>
>> [Packages]
>> MdePkg/MdePkg.dec
>> diff --git a/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>> b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>> new file mode 100644
>> index 000000000000..9f220ba41058
>> --- /dev/null
>> +++ b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c
>> @@ -0,0 +1,525 @@
>> +/** @file
>> + Big number API implementation based on OpenSSL
>> +
>> + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR>
>> + SPDX-License-Identifier: BSD-2-Clause-Patent
>> +
>> +**/
>> +
>> +#include <Library/BaseCryptLib.h>
>> +#include <Library/DebugLib.h>
>> +
>> +/**
>> + Allocate new Big Number.
>> +
>> + @retval New BigNum opaque structure or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumInit (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Allocate new Big Number and assign the provided value to it.
>> +
>> + @param[in] Buf Big endian encoded buffer.
>> + @param[in] Len Buffer length.
>> +
>> + @retval New BigNum opaque structure or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumFromBin (
>> + IN CONST UINT8 *Buf,
>> + IN UINTN Len
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Convert the absolute value of Bn into big-endian form and store it at Buf.
>> + The Buf array should have at least BigNumBytes() in it.
>> +
>> + @param[in] Bn Big number to convert.
>> + @param[out] Buf Output buffer.
>> +
>> + @retval The length of the big-endian number placed at Buf or -1 on error.
>> +**/
>> +INTN
>> +EFIAPI
>> +BigNumToBin (
>> + IN VOID *Bn,
>> + OUT UINT8 *Buf
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return -1;
>> +}
>> +
>> +/**
>> + Free the Big Number.
>> +
>> + @param[in] Bn Big number to free.
>> + @param[in] Clear TRUE if the buffer should be cleared.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumFree (
>> + IN VOID *Bn,
>> + IN BOOLEAN Clear
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Calculate the sum of two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA + BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumAdd (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Subtract two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA - BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSub (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Calculate remainder: BnRes = BnA % BnB.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[out] BnRes The result of BnA % BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compute BnA to the BnP-th power modulo BnM.
>> + Please note, all "out" Big number arguments should be properly initialized.
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnP Big number (power).
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result of (BnA ^ BnP) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumExpMod (
>> + IN VOID *BnA,
>> + IN VOID *BnP,
>> + IN VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compute BnA inverse modulo BnM.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA * BnRes) % BnM == 1.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumInverseMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Divide two Big Numbers.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that BnA / BnB.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumDiv (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Multiply two Big Numbers modulo BnM.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA * BnB) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumMulMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Compare two Big Numbers.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> +
>> + @retval 0 BnA == BnB.
>> + @retval 1 BnA > BnB.
>> + @retval -1 BnA < BnB.
>> +**/
>> +INTN
>> +EFIAPI
>> +BigNumCmp (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Get number of bits in Bn.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval Number of bits.
>> +**/
>> +UINTN
>> +EFIAPI
>> +BigNumBits (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Get number of bytes in Bn.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval Number of bytes.
>> +**/
>> +UINTN
>> +EFIAPI
>> +BigNumBytes (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return 0;
>> +}
>> +
>> +/**
>> + Checks if Big Number equals to the given Num.
>> +
>> + @param[in] Bn Big number.
>> + @param[in] Num Number.
>> +
>> + @retval TRUE iff Bn == Num.
>> + @retval FALSE otherwise.
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +BigNumIsWord (
>> + IN CONST VOID *Bn,
>> + IN UINTN Num
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return FALSE;
>> +}
>> +
>> +/**
>> + Checks if Big Number is odd.
>> +
>> + @param[in] Bn Big number.
>> +
>> + @retval TRUE Bn is odd (Bn % 2 == 1).
>> + @retval FALSE otherwise.
>> +**/
>> +BOOLEAN
>> +EFIAPI
>> +BigNumIsOdd (
>> + IN CONST VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return FALSE;
>> +}
>> +
>> +/**
>> + Copy Big number.
>> +
>> + @param[out] BnDst Destination.
>> + @param[in] BnSrc Source.
>> +
>> + @retval BnDst on success.
>> + @retval NULL otherwise.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumCopy (
>> + OUT VOID *BnDst,
>> + IN CONST VOID *BnSrc
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Get constant Big number with value of "1".
>> + This may be used to save expensive allocations.
>> +
>> + @retval Big Number with value of 1.
>> +**/
>> +CONST VOID *
>> +EFIAPI
>> +BigNumValueOne (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Shift right Big Number.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] Bn Big number.
>> + @param[in] n Number of bits to shift.
>> + @param[out] BnRes The result.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumRShift (
>> + IN CONST VOID *Bn,
>> + IN UINTN n,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Mark Big Number for constant time computations.
>> + This function should be called before any constant time
>> +computations are
>> + performed on the given Big number.
>> +
>> + @param[in] Bn Big number.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumConsttime (
>> + IN VOID *Bn
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Calculate square modulo.
>> + Please note, all "out" Big number arguments should be properly
>> +initialized
>> + by calling to BigNumInit() or BigNumFromBin() functions.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA ^ 2) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSqrMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Create new Big Number computation context. This is an opaque
>> +structure
>> + which should be passed to any function that requires it. The BN
>> +context is
>> + needed to optimize calculations and expensive allocations.
>> +
>> + @retval Big Number context struct or NULL on failure.
>> +**/
>> +VOID *
>> +EFIAPI
>> +BigNumNewContext (
>> + VOID
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return NULL;
>> +}
>> +
>> +/**
>> + Free Big Number context that was allocated with BigNumNewContext().
>> +
>> + @param[in] BnCtx Big number context to free.
>> +**/
>> +VOID
>> +EFIAPI
>> +BigNumContextFree (
>> + IN VOID *BnCtx
>> + )
>> +{
>> + ASSERT (FALSE);
>> +}
>> +
>> +/**
>> + Set Big Number to a given value.
>> +
>> + @param[in] Bn Big number to set.
>> + @param[in] Val Value to set.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumSetUint (
>> + IN VOID *Bn,
>> + IN UINTN Val
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> +
>> +/**
>> + Add two Big Numbers modulo BnM.
>> +
>> + @param[in] BnA Big number.
>> + @param[in] BnB Big number.
>> + @param[in] BnM Big number (modulo).
>> + @param[out] BnRes The result, such that (BnA + BnB) % BnM.
>> +
>> + @retval EFI_SUCCESS On success.
>> + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures.
>> + @retval EFI_PROTOCOL_ERROR Otherwise.
>> +**/
>> +EFI_STATUS
>> +EFIAPI
>> +BigNumAddMod (
>> + IN CONST VOID *BnA,
>> + IN CONST VOID *BnB,
>> + IN CONST VOID *BnM,
>> + OUT VOID *BnRes
>> + )
>> +{
>> + ASSERT (FALSE);
>> + return EFI_UNSUPPORTED;
>> +}
>> --
>> 2.33.0.windows.2
>>
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2022-02-08 8:30 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-01-29 22:09 [PATCH 0/2] CryptoPkg: Add BigNum support yi1 li
2022-01-29 22:09 ` [PATCH 1/2] " yi1 li
2022-01-29 22:09 ` [PATCH 2/2] CryptoPkg: Add BigNum NullLib yi1 li
2022-01-30 0:04 ` Yao, Jiewen
2022-01-30 17:08 ` yi1 li
2022-01-31 1:10 ` Yao, Jiewen
2022-02-08 8:30 ` yi1 li
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox