From: "Gao, Zhichao" <zhichao.gao@intel.com>
To: devel@edk2.groups.io
Cc: Jian J Wang <jian.j.wang@intel.com>,
Xiaoyu Lu <xiaoyux.lu@intel.com>, Siyuan Fu <siyuan.fu@intel.com>,
Michael D Kinney <michael.d.kinney@intel.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Philippe Mathieu-Daude <philmd@redhat.com>
Subject: [PATCH V5 04/12] CryptoPkg/BaseCryptLib: Retire ARC4 algorithm
Date: Thu, 14 May 2020 17:27:44 +0800 [thread overview]
Message-ID: <20200514092752.1384-5-zhichao.gao@intel.com> (raw)
In-Reply-To: <20200514092752.1384-1-zhichao.gao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
ARC4 is not secure any longer.
Remove the ARC4 support from edk2.
Change the ARC4 field name in EDKII_CRYPTO_PROTOCOL to indicate the
function is unsupported any longer.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Philippe Mathieu-Daude <philmd@redhat.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
V5:
Add comments for deprecated functions.
CryptoPkg/Driver/Crypto.c | 95 +++-----
CryptoPkg/Include/Library/BaseCryptLib.h | 132 -----------
.../Library/BaseCryptLib/BaseCryptLib.inf | 1 -
.../Library/BaseCryptLib/Cipher/CryptArc4.c | 205 ------------------
.../BaseCryptLib/Cipher/CryptArc4Null.c | 124 -----------
.../Library/BaseCryptLib/PeiCryptLib.inf | 3 +-
.../Library/BaseCryptLib/PeiCryptLib.uni | 4 +-
.../Library/BaseCryptLib/RuntimeCryptLib.inf | 3 +-
.../Library/BaseCryptLib/RuntimeCryptLib.uni | 4 +-
.../Library/BaseCryptLib/SmmCryptLib.inf | 3 +-
.../Library/BaseCryptLib/SmmCryptLib.uni | 4 +-
.../BaseCryptLibNull/BaseCryptLibNull.inf | 1 -
.../BaseCryptLibNull/Cipher/CryptArc4Null.c | 124 -----------
.../BaseCryptLibOnProtocolPpi/CryptLib.c | 147 -------------
CryptoPkg/Private/Protocol/Crypto.h | 115 ++--------
15 files changed, 48 insertions(+), 917 deletions(-)
delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index 53ee0edea5..af61482919 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -2037,150 +2037,107 @@ CryptoServiceAesCbcDecrypt (
}
/**
- Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
- If this interface is not supported, then return zero.
+ ARC4 is deprecated and unsupported any longer.
+ Keep the function field for binary compability.
- @return The size, in bytes, of the context buffer required for ARC4 operations.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
-CryptoServiceArc4GetContextSize (
+DeprecatedCryptoServiceArc4GetContextSize (
VOID
)
{
- return CALL_BASECRYPTLIB (Arc4.Services.GetContextSize, Arc4GetContextSize, (), 0);
+ return BaseCryptLibServiceDeprecated ("Arc4GetContextSize"), 0;
}
/**
- Initializes user-supplied memory as ARC4 context for subsequent use.
-
- This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
- In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
- operations.
-
- If Arc4Context is NULL, then return FALSE.
- If Key is NULL, then return FALSE.
- If KeySize does not in the range of [5, 256] bytes, then return FALSE.
- If this interface is not supported, then return FALSE.
+ ARC4 is deprecated and unsupported any longer.
+ Keep the function field for binary compability.
@param[out] Arc4Context Pointer to ARC4 context being initialized.
@param[in] Key Pointer to the user-supplied ARC4 key.
@param[in] KeySize Size of ARC4 key in bytes.
- @retval TRUE ARC4 context initialization succeeded.
- @retval FALSE ARC4 context initialization failed.
@retval FALSE This interface is not supported.
**/
BOOLEAN
EFIAPI
-CryptoServiceArc4Init (
+DeprecatedCryptoServiceArc4Init (
OUT VOID *Arc4Context,
IN CONST UINT8 *Key,
IN UINTN KeySize
)
{
- return CALL_BASECRYPTLIB (Arc4.Services.Init, Arc4Init, (Arc4Context, Key, KeySize), FALSE);
+ return BaseCryptLibServiceDeprecated ("Arc4Init"), FALSE;
}
/**
- Performs ARC4 encryption on a data buffer of the specified size.
-
- This function performs ARC4 encryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
+ ARC4 is deprecated and unsupported any longer.
+ Keep the function field for binary compability.
@param[in, out] Arc4Context Pointer to the ARC4 context.
@param[in] Input Pointer to the buffer containing the data to be encrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
- @retval TRUE ARC4 encryption succeeded.
- @retval FALSE ARC4 encryption failed.
@retval FALSE This interface is not supported.
**/
BOOLEAN
EFIAPI
-CryptoServiceArc4Encrypt (
+DeprecatedCryptoServiceArc4Encrypt (
IN OUT VOID *Arc4Context,
IN CONST UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
- return CALL_BASECRYPTLIB (Arc4.Services.Encrypt, Arc4Encrypt, (Arc4Context, Input, InputSize, Output), FALSE);
+ return BaseCryptLibServiceDeprecated ("Arc4Encrypt"), FALSE;
}
/**
- Performs ARC4 decryption on a data buffer of the specified size.
-
- This function performs ARC4 decryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
+ ARC4 is deprecated and unsupported any longer.
+ Keep the function field for binary compability.
@param[in, out] Arc4Context Pointer to the ARC4 context.
@param[in] Input Pointer to the buffer containing the data to be decrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
- @retval TRUE ARC4 decryption succeeded.
- @retval FALSE ARC4 decryption failed.
@retval FALSE This interface is not supported.
**/
BOOLEAN
EFIAPI
-CryptoServiceArc4Decrypt (
+DeprecatedCryptoServiceArc4Decrypt (
IN OUT VOID *Arc4Context,
IN UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
- return CALL_BASECRYPTLIB (Arc4.Services.Decrypt, Arc4Decrypt, (Arc4Context, Input, InputSize, Output), FALSE);
+ return BaseCryptLibServiceDeprecated ("Arc4Decrypt"), FALSE;
}
/**
- Resets the ARC4 context to the initial state.
-
- The function resets the ARC4 context to the state it had immediately after the
- ARC4Init() function call.
- Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
- should be already correctly initialized by ARC4Init().
-
- If Arc4Context is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
+ ARC4 is deprecated and unsupported any longer.
+ Keep the function field for binary compability.
@param[in, out] Arc4Context Pointer to the ARC4 context.
- @retval TRUE ARC4 reset succeeded.
- @retval FALSE ARC4 reset failed.
@retval FALSE This interface is not supported.
**/
BOOLEAN
EFIAPI
-CryptoServiceArc4Reset (
+DeprecatedCryptoServiceArc4Reset (
IN OUT VOID *Arc4Context
)
{
- return CALL_BASECRYPTLIB (Arc4.Services.Reset, Arc4Reset, (Arc4Context), FALSE);
+ return BaseCryptLibServiceDeprecated ("Arc4Reset"), FALSE;
}
//=====================================================================================
@@ -4502,12 +4459,12 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
CryptoServiceAesEcbDecrypt,
CryptoServiceAesCbcEncrypt,
CryptoServiceAesCbcDecrypt,
- /// Arc4
- CryptoServiceArc4GetContextSize,
- CryptoServiceArc4Init,
- CryptoServiceArc4Encrypt,
- CryptoServiceArc4Decrypt,
- CryptoServiceArc4Reset,
+ /// Arc4 - deprecated and unsupported
+ DeprecatedCryptoServiceArc4GetContextSize,
+ DeprecatedCryptoServiceArc4Init,
+ DeprecatedCryptoServiceArc4Encrypt,
+ DeprecatedCryptoServiceArc4Decrypt,
+ DeprecatedCryptoServiceArc4Reset,
/// SM3
CryptoServiceSm3GetContextSize,
CryptoServiceSm3Init,
diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h
index c862f0334f..25e236c4a3 100644
--- a/CryptoPkg/Include/Library/BaseCryptLib.h
+++ b/CryptoPkg/Include/Library/BaseCryptLib.h
@@ -1667,138 +1667,6 @@ AesCbcDecrypt (
OUT UINT8 *Output
);
-/**
- Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
- If this interface is not supported, then return zero.
-
- @return The size, in bytes, of the context buffer required for ARC4 operations.
- @retval 0 This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
- VOID
- );
-
-/**
- Initializes user-supplied memory as ARC4 context for subsequent use.
-
- This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
- In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
- operations.
-
- If Arc4Context is NULL, then return FALSE.
- If Key is NULL, then return FALSE.
- If KeySize does not in the range of [5, 256] bytes, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[out] Arc4Context Pointer to ARC4 context being initialized.
- @param[in] Key Pointer to the user-supplied ARC4 key.
- @param[in] KeySize Size of ARC4 key in bytes.
-
- @retval TRUE ARC4 context initialization succeeded.
- @retval FALSE ARC4 context initialization failed.
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
- OUT VOID *Arc4Context,
- IN CONST UINT8 *Key,
- IN UINTN KeySize
- );
-
-/**
- Performs ARC4 encryption on a data buffer of the specified size.
-
- This function performs ARC4 encryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be encrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
-
- @retval TRUE ARC4 encryption succeeded.
- @retval FALSE ARC4 encryption failed.
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
- IN OUT VOID *Arc4Context,
- IN CONST UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- );
-
-/**
- Performs ARC4 decryption on a data buffer of the specified size.
-
- This function performs ARC4 decryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be decrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
-
- @retval TRUE ARC4 decryption succeeded.
- @retval FALSE ARC4 decryption failed.
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
- IN OUT VOID *Arc4Context,
- IN UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- );
-
-/**
- Resets the ARC4 context to the initial state.
-
- The function resets the ARC4 context to the state it had immediately after the
- ARC4Init() function call.
- Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
- should be already correctly initialized by ARC4Init().
-
- If Arc4Context is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
-
- @retval TRUE ARC4 reset succeeded.
- @retval FALSE ARC4 reset failed.
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
- IN OUT VOID *Arc4Context
- );
-
//=====================================================================================
// Asymmetric Cryptography Primitive
//=====================================================================================
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 22992e7d43..da38ea552f 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -40,7 +40,6 @@
Kdf/CryptHkdf.c
Cipher/CryptAes.c
Cipher/CryptTdes.c
- Cipher/CryptArc4.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExt.c
Pk/CryptPkcs1Oaep.c
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
deleted file mode 100644
index 388d312bed..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/** @file
- ARC4 Wrapper Implementation over OpenSSL.
-
-Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-#include <openssl/rc4.h>
-
-/**
- Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
- @return The size, in bytes, of the context buffer required for ARC4 operations.
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
- VOID
- )
-{
- //
- // Memory for 2 copies of RC4_KEY is allocated, one for working copy, and the other
- // for backup copy. When Arc4Reset() is called, we can use the backup copy to restore
- // the working copy to the initial state.
- //
- return (UINTN) (2 * sizeof (RC4_KEY));
-}
-
-/**
- Initializes user-supplied memory as ARC4 context for subsequent use.
-
- This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
- In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
- operations.
-
- If Arc4Context is NULL, then return FALSE.
- If Key is NULL, then return FALSE.
- If KeySize does not in the range of [5, 256] bytes, then return FALSE.
-
- @param[out] Arc4Context Pointer to ARC4 context being initialized.
- @param[in] Key Pointer to the user-supplied ARC4 key.
- @param[in] KeySize Size of ARC4 key in bytes.
-
- @retval TRUE ARC4 context initialization succeeded.
- @retval FALSE ARC4 context initialization failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
- OUT VOID *Arc4Context,
- IN CONST UINT8 *Key,
- IN UINTN KeySize
- )
-{
- RC4_KEY *Rc4Key;
-
- //
- // Check input parameters.
- //
- if (Arc4Context == NULL || Key == NULL || (KeySize < 5 || KeySize > 256)) {
- return FALSE;
- }
-
- Rc4Key = (RC4_KEY *) Arc4Context;
-
- RC4_set_key (Rc4Key, (UINT32) KeySize, Key);
-
- CopyMem (Rc4Key + 1, Rc4Key, sizeof (RC4_KEY));
-
- return TRUE;
-}
-
-/**
- Performs ARC4 encryption on a data buffer of the specified size.
-
- This function performs ARC4 encryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be encrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
-
- @retval TRUE ARC4 encryption succeeded.
- @retval FALSE ARC4 encryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
- IN OUT VOID *Arc4Context,
- IN CONST UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- RC4_KEY *Rc4Key;
-
- //
- // Check input parameters.
- //
- if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
- return FALSE;
- }
-
- Rc4Key = (RC4_KEY *) Arc4Context;
-
- RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
-
- return TRUE;
-}
-
-/**
- Performs ARC4 decryption on a data buffer of the specified size.
-
- This function performs ARC4 decryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be decrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
-
- @retval TRUE ARC4 decryption succeeded.
- @retval FALSE ARC4 decryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
- IN OUT VOID *Arc4Context,
- IN UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- RC4_KEY *Rc4Key;
-
- //
- // Check input parameters.
- //
- if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
- return FALSE;
- }
-
- Rc4Key = (RC4_KEY *) Arc4Context;
-
- RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
-
- return TRUE;
-}
-
-/**
- Resets the ARC4 context to the initial state.
-
- The function resets the ARC4 context to the state it had immediately after the
- ARC4Init() function call.
- Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
- should be already correctly initialized by ARC4Init().
-
- If Arc4Context is NULL, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
-
- @retval TRUE ARC4 reset succeeded.
- @retval FALSE ARC4 reset failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
- IN OUT VOID *Arc4Context
- )
-{
- RC4_KEY *Rc4Key;
-
- //
- // Check input parameters.
- //
- if (Arc4Context == NULL) {
- return FALSE;
- }
-
- Rc4Key = (RC4_KEY *) Arc4Context;
-
- CopyMem (Rc4Key, Rc4Key + 1, sizeof (RC4_KEY));
-
- return TRUE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
deleted file mode 100644
index 1f09bfa30e..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/** @file
- ARC4 Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
- Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
- Return zero to indicate this interface is not supported.
-
- @retval 0 This interface is not supported.
-
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
- VOID
- )
-{
- ASSERT (FALSE);
- return 0;
-}
-
-/**
- Initializes user-supplied memory as ARC4 context for subsequent use.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[out] Arc4Context Pointer to ARC4 context being initialized.
- @param[in] Key Pointer to the user-supplied ARC4 key.
- @param[in] KeySize Size of ARC4 key in bytes.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
- OUT VOID *Arc4Context,
- IN CONST UINT8 *Key,
- IN UINTN KeySize
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Performs ARC4 encryption on a data buffer of the specified size.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be encrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
- IN OUT VOID *Arc4Context,
- IN CONST UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Performs ARC4 decryption on a data buffer of the specified size.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be decrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
- IN OUT VOID *Arc4Context,
- IN UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Resets the ARC4 context to the initial state.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
- IN OUT VOID *Arc4Context
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index e9add0127d..f43953b78c 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -7,7 +7,7 @@
# buffer overflow or integer overflow.
#
# Note:
-# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
+# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509
# certificate handler functions, authenticode signature verification functions,
# PEM handler functions, and pseudorandom number generator functions are not
@@ -46,7 +46,6 @@
Kdf/CryptHkdfNull.c
Cipher/CryptAesNull.c
Cipher/CryptTdesNull.c
- Cipher/CryptArc4Null.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
index 374bfb3f65..5abd8e8dfb 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
@@ -7,7 +7,7 @@
// buffer overflow or integer overflow.
//
// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
-// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
+// TDES functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, X.509 certificate handler functions, authenticode
// signature verification functions, PEM handler functions, and pseudorandom number
// generator functions are not supported in this instance.
@@ -21,5 +21,5 @@
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for PEIM"
-#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."
+#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index 0a2eb03232..f1eb099b67 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -7,7 +7,7 @@
# buffer overflow or integer overflow.
#
# Note: SHA-384 Digest functions, SHA-512 Digest functions,
-# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
+# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
@@ -46,7 +46,6 @@
Kdf/CryptHkdfNull.c
Cipher/CryptAesNull.c
Cipher/CryptTdesNull.c
- Cipher/CryptArc4Null.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
index b6d751176e..5a48d2a308 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
@@ -7,7 +7,7 @@
// buffer overflow or integer overflow.
//
// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
-// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
+// TDES functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, and authenticode signature verification functions are
// not supported in this instance.
//
@@ -20,5 +20,5 @@
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for DXE_RUNTIME_DRIVER"
-#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
+#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index 139983075e..3a94655775 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -7,7 +7,7 @@
# buffer overflow or integer overflow.
#
# Note: SHA-384 Digest functions, SHA-512 Digest functions,
-# HMAC-MD5 functions, HMAC-SHA1 functions, TDES/ARC4 functions, RSA external
+# HMAC-MD5 functions, HMAC-SHA1 functions, TDES functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
@@ -45,7 +45,6 @@
Kdf/CryptHkdfNull.c
Cipher/CryptAes.c
Cipher/CryptTdesNull.c
- Cipher/CryptArc4Null.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptPkcs1Oaep.c
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
index b8d7953d2b..0561f107e8 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
@@ -7,7 +7,7 @@
// buffer overflow or integer overflow.
//
// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
-// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
+// TDES functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, and authenticode signature verification functions are
// not supported in this instance.
//
@@ -20,5 +20,5 @@
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for SMM driver"
-#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
+#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
index b03681b146..a205c9005d 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
+++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
@@ -40,7 +40,6 @@
Kdf/CryptHkdfNull.c
Cipher/CryptAesNull.c
Cipher/CryptTdesNull.c
- Cipher/CryptArc4Null.c
Pk/CryptRsaBasicNull.c
Pk/CryptRsaExtNull.c
Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c b/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
deleted file mode 100644
index 1f09bfa30e..0000000000
--- a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/** @file
- ARC4 Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
- Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
- Return zero to indicate this interface is not supported.
-
- @retval 0 This interface is not supported.
-
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
- VOID
- )
-{
- ASSERT (FALSE);
- return 0;
-}
-
-/**
- Initializes user-supplied memory as ARC4 context for subsequent use.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[out] Arc4Context Pointer to ARC4 context being initialized.
- @param[in] Key Pointer to the user-supplied ARC4 key.
- @param[in] KeySize Size of ARC4 key in bytes.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
- OUT VOID *Arc4Context,
- IN CONST UINT8 *Key,
- IN UINTN KeySize
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Performs ARC4 encryption on a data buffer of the specified size.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be encrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
- IN OUT VOID *Arc4Context,
- IN CONST UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Performs ARC4 decryption on a data buffer of the specified size.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be decrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
- IN OUT VOID *Arc4Context,
- IN UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Resets the ARC4 context to the initial state.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
- IN OUT VOID *Arc4Context
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index 5e470028f4..77915bdb86 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -1892,153 +1892,6 @@ AesCbcDecrypt (
CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec, Output), FALSE);
}
-/**
- Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
- If this interface is not supported, then return zero.
-
- @return The size, in bytes, of the context buffer required for ARC4 operations.
- @retval 0 This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
- VOID
- )
-{
- CALL_CRYPTO_SERVICE (Arc4GetContextSize, (), 0);
-}
-
-/**
- Initializes user-supplied memory as ARC4 context for subsequent use.
-
- This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
- In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
- operations.
-
- If Arc4Context is NULL, then return FALSE.
- If Key is NULL, then return FALSE.
- If KeySize does not in the range of [5, 256] bytes, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[out] Arc4Context Pointer to ARC4 context being initialized.
- @param[in] Key Pointer to the user-supplied ARC4 key.
- @param[in] KeySize Size of ARC4 key in bytes.
-
- @retval TRUE ARC4 context initialization succeeded.
- @retval FALSE ARC4 context initialization failed.
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
- OUT VOID *Arc4Context,
- IN CONST UINT8 *Key,
- IN UINTN KeySize
- )
-{
- CALL_CRYPTO_SERVICE (Arc4Init, (Arc4Context, Key, KeySize), FALSE);
-}
-
-/**
- Performs ARC4 encryption on a data buffer of the specified size.
-
- This function performs ARC4 encryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be encrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
-
- @retval TRUE ARC4 encryption succeeded.
- @retval FALSE ARC4 encryption failed.
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
- IN OUT VOID *Arc4Context,
- IN CONST UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- CALL_CRYPTO_SERVICE (Arc4Encrypt, (Arc4Context, Input, InputSize, Output), FALSE);
-}
-
-/**
- Performs ARC4 decryption on a data buffer of the specified size.
-
- This function performs ARC4 decryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be decrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
-
- @retval TRUE ARC4 decryption succeeded.
- @retval FALSE ARC4 decryption failed.
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
- IN OUT VOID *Arc4Context,
- IN UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- CALL_CRYPTO_SERVICE (Arc4Decrypt, (Arc4Context, Input, InputSize, Output), FALSE);
-}
-
-/**
- Resets the ARC4 context to the initial state.
-
- The function resets the ARC4 context to the state it had immediately after the
- ARC4Init() function call.
- Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
- should be already correctly initialized by ARC4Init().
-
- If Arc4Context is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
-
- @retval TRUE ARC4 reset succeeded.
- @retval FALSE ARC4 reset failed.
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
- IN OUT VOID *Arc4Context
- )
-{
- CALL_CRYPTO_SERVICE (Arc4Reset, (Arc4Context), FALSE);
-}
-
//=====================================================================================
// Asymmetric Cryptography Primitive
//=====================================================================================
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index ae0f29695c..f36c5c1aff 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -2785,134 +2785,45 @@ BOOLEAN
);
/**
- Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
- If this interface is not supported, then return zero.
-
- @return The size, in bytes, of the context buffer required for ARC4 operations.
- @retval 0 This interface is not supported.
+ ARC4 is deprecated and unsupported any longer.
+ Keep the function field for binary compability.
**/
typedef
UINTN
-(EFIAPI *EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE) (
+(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE) (
VOID
);
-/**
- Initializes user-supplied memory as ARC4 context for subsequent use.
-
- This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
- In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
- operations.
-
- If Arc4Context is NULL, then return FALSE.
- If Key is NULL, then return FALSE.
- If KeySize does not in the range of [5, 256] bytes, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[out] Arc4Context Pointer to ARC4 context being initialized.
- @param[in] Key Pointer to the user-supplied ARC4 key.
- @param[in] KeySize Size of ARC4 key in bytes.
-
- @retval TRUE ARC4 context initialization succeeded.
- @retval FALSE ARC4 context initialization failed.
- @retval FALSE This interface is not supported.
-
-**/
typedef
BOOLEAN
-(EFIAPI *EDKII_CRYPTO_ARC4_INIT) (
+(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_INIT) (
OUT VOID *Arc4Context,
IN CONST UINT8 *Key,
IN UINTN KeySize
);
-/**
- Performs ARC4 encryption on a data buffer of the specified size.
-
- This function performs ARC4 encryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be encrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
-
- @retval TRUE ARC4 encryption succeeded.
- @retval FALSE ARC4 encryption failed.
- @retval FALSE This interface is not supported.
-
-**/
typedef
BOOLEAN
-(EFIAPI *EDKII_CRYPTO_ARC4_ENCRYPT) (
+(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT) (
IN OUT VOID *Arc4Context,
IN CONST UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
);
-/**
- Performs ARC4 decryption on a data buffer of the specified size.
-
- This function performs ARC4 decryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be decrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
-
- @retval TRUE ARC4 decryption succeeded.
- @retval FALSE ARC4 decryption failed.
- @retval FALSE This interface is not supported.
-
-**/
typedef
BOOLEAN
-(EFIAPI *EDKII_CRYPTO_ARC4_DECRYPT) (
+(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT) (
IN OUT VOID *Arc4Context,
IN UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
);
-/**
- Resets the ARC4 context to the initial state.
-
- The function resets the ARC4 context to the state it had immediately after the
- ARC4Init() function call.
- Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
- should be already correctly initialized by ARC4Init().
-
- If Arc4Context is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
-
- @retval TRUE ARC4 reset succeeded.
- @retval FALSE ARC4 reset failed.
- @retval FALSE This interface is not supported.
-
-**/
typedef
BOOLEAN
-(EFIAPI *EDKII_CRYPTO_ARC4_RESET) (
+(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_RESET) (
IN OUT VOID *Arc4Context
);
@@ -4014,12 +3925,12 @@ struct _EDKII_CRYPTO_PROTOCOL {
EDKII_CRYPTO_AES_ECB_DECRYPT AesEcbDecrypt;
EDKII_CRYPTO_AES_CBC_ENCRYPT AesCbcEncrypt;
EDKII_CRYPTO_AES_CBC_DECRYPT AesCbcDecrypt;
- /// Arc4
- EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE Arc4GetContextSize;
- EDKII_CRYPTO_ARC4_INIT Arc4Init;
- EDKII_CRYPTO_ARC4_ENCRYPT Arc4Encrypt;
- EDKII_CRYPTO_ARC4_DECRYPT Arc4Decrypt;
- EDKII_CRYPTO_ARC4_RESET Arc4Reset;
+ /// Arc4 - deprecated and unsupported
+ DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE DeprecatedArc4GetContextSize;
+ DEPRECATED_EDKII_CRYPTO_ARC4_INIT DeprecatedArc4Init;
+ DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT DeprecatedArc4Encrypt;
+ DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT DeprecatedArc4Decrypt;
+ DEPRECATED_EDKII_CRYPTO_ARC4_RESET DeprecatedArc4Reset;
/// SM3
EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE Sm3GetContextSize;
EDKII_CRYPTO_SM3_INIT Sm3Init;
--
2.21.0.windows.1
next prev parent reply other threads:[~2020-05-14 9:28 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-14 9:27 [PATCH V5 00/12] CryptoPkg: Retire the deprecated functions Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 01/12] CryptoPkg/CryptoDxe: Add function to indicate the deprecated algorithm Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 02/12] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 03/12] CryptoPkg/OpensslLib: Set MD4 disable in OpensslLib Gao, Zhichao
2020-05-14 9:27 ` Gao, Zhichao [this message]
2020-05-14 9:27 ` [PATCH V5 05/12] CryptoPkg/OpensslLib: Set ARC4 " Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 06/12] CryptoPkg/BaseCryptLib: Retire the TDES algorithm Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 07/12] CryptoPkg/OpensslLib: Set TDES disable in OpensslLib Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 08/12] CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 09/12] CryptoPkg/OpensslLib: Remove the Aes Ecb file in the OpensslLib Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 10/12] CryptoPkg/BaseCryptLib: Retire HMAC MD5 algorithm Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 11/12] CryptoPkg/BaseCryptLib: Retire HMAC SHA1 algorithm Gao, Zhichao
2020-05-14 9:27 ` [PATCH V5 12/12] CryptoPkg/Crypto.h: Update the version of Crypto Driver Gao, Zhichao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200514092752.1384-5-zhichao.gao@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox