public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH v1 0/6] SecurityPkg/BaseHashLib: Implement a Unified API for Hash Calculation
@ 2019-12-18 21:32 Sukerkar, Amol N
  2019-12-18 21:32 ` [PATCH v1 1/6] SecurityPkg/BaseHashLib: Implement a unified " Sukerkar, Amol N
                   ` (5 more replies)
  0 siblings, 6 replies; 8+ messages in thread
From: Sukerkar, Amol N @ 2019-12-18 21:32 UTC (permalink / raw)
  To: devel

Currently the UEFI drivers using the SHA/SM3 hashing algorithms use hard-coded API to calculate the hash, such as, sha_256(…), etc. Since SHA384 and/or SM3 are being increasingly adopted, it becomes cumbersome to modify the driver with SHA384 or SM3 calls for each application.

To better achieve this, we are proposing a unified API which can be used by UEFI drivers that provides the drivers with flexibility to use the hashing algorithm they desired or the strongest hashing algorithm the system supports (with openssl). Attached is the design proposal for the same and we request feedback from the community before we begin the process of making the changes to EDK2 repo.

Alternatively, the design document is also attached to Bugzilla, https://bugzilla.tianocore.org/show_bug.cgi?id=2151. You can also provide the feedback in the Bugzilla.

Sukerkar, Amol N (6):
  SecurityPkg/BaseHashLib: Implement a unified API for Hash Calculation
  SecurityPkg/HashApiInstanceSha1: Implement API registration mechanism
    for SHA1
  SecurityPkg/HashApiInstanceSha256: Implement API registration
    mechanism for SHA256
  SecurityPkg/HashApiInstanceSha384: Implement API registration
    mechanism for SHA384
  SecurityPkg/BaseHashLib: Modified the Registation Mechanism for
    BaseHashLib
  SecurityPkg/HashApiInstanceSM3: Implement API registration mechanism
    for SM3

 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.c                    | 252 +++++++++++++
 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.c                    | 396 ++++++++++++++++++++
 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.c       | 128 +++++++
 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.c   | 128 +++++++
 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.c   | 128 +++++++
 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.c         | 128 +++++++
 SecurityPkg/Include/Library/BaseHashLib.h                           | 153 ++++++++
 SecurityPkg/Library/BaseHashLib/BaseHashLibCommon.h                 |  35 ++
 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.inf                  |  47 +++
 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.uni                  |  18 +
 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.inf                  |  48 +++
 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.uni                  |  18 +
 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.inf     |  40 ++
 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.uni     |  16 +
 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.inf |  40 ++
 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.uni |  16 +
 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.inf |  40 ++
 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.uni |  16 +
 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.inf       |  40 ++
 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.uni       |  16 +
 SecurityPkg/SecurityPkg.dec                                         |  19 +
 SecurityPkg/SecurityPkg.dsc                                         |  11 +
 SecurityPkg/SecurityPkg.uni                                         |  14 +
 23 files changed, 1747 insertions(+)
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.c
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.c
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.c
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.c
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.c
 create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.c
 create mode 100644 SecurityPkg/Include/Library/BaseHashLib.h
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibCommon.h
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.inf
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.uni
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.inf
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.uni
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.inf
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.uni
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.inf
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.uni
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.inf
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.uni
 create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.inf
 create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.uni

-- 
2.16.2.windows.1


^ permalink raw reply	[flat|nested] 8+ messages in thread
* [PATCH v1 0/6] SecurityPkg/BaseHashLib: Implement a Unified API for Hash Calculation
@ 2019-12-18 21:50 Sukerkar, Amol N
  2019-12-18 21:50 ` [PATCH v1 1/6] SecurityPkg/BaseHashLib: Implement a unified " Sukerkar, Amol N
  0 siblings, 1 reply; 8+ messages in thread
From: Sukerkar, Amol N @ 2019-12-18 21:50 UTC (permalink / raw)
  To: devel; +Cc: michael.d.kinney, sachin.agrawal, self

Currently the UEFI drivers using the SHA/SM3 hashing algorithms use hard-coded API to calculate the hash, such as, sha_256(…), etc. Since SHA384 and/or SM3 are being increasingly adopted, it becomes cumbersome to modify the driver with SHA384 or SM3 calls for each application.

To better achieve this, we are proposing a unified API which can be used by UEFI drivers that provides the drivers with flexibility to use the hashing algorithm they desired or the strongest hashing algorithm the system supports (with openssl). Attached is the design proposal for the same and we request feedback from the community before we begin the process of making the changes to EDK2 repo.

Alternatively, the design document is also attached to Bugzilla, https://bugzilla.tianocore.org/show_bug.cgi?id=2151. You can also provide the feedback in the Bugzilla.

Sukerkar, Amol N (6):
  SecurityPkg/BaseHashLib: Implement a unified API for Hash Calculation
  SecurityPkg/HashApiInstanceSha1: Implement API registration mechanism
    for SHA1
  SecurityPkg/HashApiInstanceSha256: Implement API registration
    mechanism for SHA256
  SecurityPkg/HashApiInstanceSha384: Implement API registration
    mechanism for SHA384
  SecurityPkg/BaseHashLib: Modified the Registation Mechanism for
    BaseHashLib
  SecurityPkg/HashApiInstanceSM3: Implement API registration mechanism
    for SM3

 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.c                    | 252 +++++++++++++
 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.c                    | 396 ++++++++++++++++++++
 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.c       | 128 +++++++
 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.c   | 128 +++++++
 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.c   | 128 +++++++
 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.c         | 128 +++++++
 SecurityPkg/Include/Library/BaseHashLib.h                           | 153 ++++++++
 SecurityPkg/Library/BaseHashLib/BaseHashLibCommon.h                 |  35 ++
 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.inf                  |  47 +++
 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.uni                  |  18 +
 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.inf                  |  48 +++
 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.uni                  |  18 +
 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.inf     |  40 ++
 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.uni     |  16 +
 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.inf |  40 ++
 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.uni |  16 +
 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.inf |  40 ++
 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.uni |  16 +
 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.inf       |  40 ++
 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.uni       |  16 +
 SecurityPkg/SecurityPkg.dec                                         |  19 +
 SecurityPkg/SecurityPkg.dsc                                         |  11 +
 SecurityPkg/SecurityPkg.uni                                         |  14 +
 23 files changed, 1747 insertions(+)
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.c
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.c
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.c
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.c
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.c
 create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.c
 create mode 100644 SecurityPkg/Include/Library/BaseHashLib.h
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibCommon.h
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.inf
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.uni
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.inf
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.uni
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.inf
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.uni
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.inf
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.uni
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.inf
 create mode 100644 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.uni
 create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.inf
 create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.uni

-- 
2.16.2.windows.1


^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2019-12-18 21:50 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-12-18 21:32 [PATCH v1 0/6] SecurityPkg/BaseHashLib: Implement a Unified API for Hash Calculation Sukerkar, Amol N
2019-12-18 21:32 ` [PATCH v1 1/6] SecurityPkg/BaseHashLib: Implement a unified " Sukerkar, Amol N
2019-12-18 21:32 ` [PATCH v1 2/6] SecurityPkg/HashApiInstanceSha1: Implement API registration mechanism for SHA1 Sukerkar, Amol N
2019-12-18 21:32 ` [PATCH v1 3/6] SecurityPkg/HashApiInstanceSha256: Implement API registration mechanism for SHA256 Sukerkar, Amol N
2019-12-18 21:32 ` [PATCH v1 4/6] SecurityPkg/HashApiInstanceSha384: Implement API registration mechanism for SHA384 Sukerkar, Amol N
2019-12-18 21:32 ` [PATCH v1 5/6] SecurityPkg/BaseHashLib: Modified the Registation Mechanism for BaseHashLib Sukerkar, Amol N
2019-12-18 21:32 ` [PATCH v1 6/6] SecurityPkg/HashApiInstanceSM3: Implement API registration mechanism for SM3 Sukerkar, Amol N
  -- strict thread matches above, loose matches on Subject: below --
2019-12-18 21:50 [PATCH v1 0/6] SecurityPkg/BaseHashLib: Implement a Unified API for Hash Calculation Sukerkar, Amol N
2019-12-18 21:50 ` [PATCH v1 1/6] SecurityPkg/BaseHashLib: Implement a unified " Sukerkar, Amol N

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox