From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web10.1987.1576705847293132972 for ; Wed, 18 Dec 2019 13:50:47 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: amol.n.sukerkar@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Dec 2019 13:50:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,330,1571727600"; d="scan'208";a="240930671" Received: from ansukerk-mobl.amr.corp.intel.com ([10.78.16.174]) by fmsmga004.fm.intel.com with ESMTP; 18 Dec 2019 13:50:46 -0800 From: "Sukerkar, Amol N" To: devel@edk2.groups.io Cc: michael.d.kinney@intel.com, sachin.agrawal@intel.com, self Subject: [PATCH v1 0/6] SecurityPkg/BaseHashLib: Implement a Unified API for Hash Calculation Date: Wed, 18 Dec 2019 14:50:31 -0700 Message-Id: <20191218215037.1630-1-amol.n.sukerkar@intel.com> X-Mailer: git-send-email 2.24.1.windows.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Currently the UEFI drivers using the SHA/SM3 hashing algorithms use hard-coded API to calculate the hash, such as, sha_256(…), etc. Since SHA384 and/or SM3 are being increasingly adopted, it becomes cumbersome to modify the driver with SHA384 or SM3 calls for each application. To better achieve this, we are proposing a unified API which can be used by UEFI drivers that provides the drivers with flexibility to use the hashing algorithm they desired or the strongest hashing algorithm the system supports (with openssl). Attached is the design proposal for the same and we request feedback from the community before we begin the process of making the changes to EDK2 repo. Alternatively, the design document is also attached to Bugzilla, https://bugzilla.tianocore.org/show_bug.cgi?id=2151. You can also provide the feedback in the Bugzilla. Sukerkar, Amol N (6): SecurityPkg/BaseHashLib: Implement a unified API for Hash Calculation SecurityPkg/HashApiInstanceSha1: Implement API registration mechanism for SHA1 SecurityPkg/HashApiInstanceSha256: Implement API registration mechanism for SHA256 SecurityPkg/HashApiInstanceSha384: Implement API registration mechanism for SHA384 SecurityPkg/BaseHashLib: Modified the Registation Mechanism for BaseHashLib SecurityPkg/HashApiInstanceSM3: Implement API registration mechanism for SM3 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.c | 252 +++++++++++++ SecurityPkg/Library/BaseHashLib/BaseHashLibPei.c | 396 ++++++++++++++++++++ SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.c | 128 +++++++ SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.c | 128 +++++++ SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.c | 128 +++++++ SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.c | 128 +++++++ SecurityPkg/Include/Library/BaseHashLib.h | 153 ++++++++ SecurityPkg/Library/BaseHashLib/BaseHashLibCommon.h | 35 ++ SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.inf | 47 +++ SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.uni | 18 + SecurityPkg/Library/BaseHashLib/BaseHashLibPei.inf | 48 +++ SecurityPkg/Library/BaseHashLib/BaseHashLibPei.uni | 18 + SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.inf | 40 ++ SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.uni | 16 + SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.inf | 40 ++ SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.uni | 16 + SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.inf | 40 ++ SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.uni | 16 + SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.inf | 40 ++ SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.uni | 16 + SecurityPkg/SecurityPkg.dec | 19 + SecurityPkg/SecurityPkg.dsc | 11 + SecurityPkg/SecurityPkg.uni | 14 + 23 files changed, 1747 insertions(+) create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.c create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.c create mode 100644 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.c create mode 100644 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.c create mode 100644 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.c create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.c create mode 100644 SecurityPkg/Include/Library/BaseHashLib.h create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibCommon.h create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.inf create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.uni create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.inf create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.uni create mode 100644 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.inf create mode 100644 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.uni create mode 100644 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.inf create mode 100644 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.uni create mode 100644 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.inf create mode 100644 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.uni create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.inf create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.uni -- 2.16.2.windows.1