From: "Zurcher, Christopher J" <christopher.j.zurcher@intel.com>
To: devel@edk2.groups.io
Cc: Laszlo Ersek <lersek@redhat.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Jian J Wang <jian.j.wang@intel.com>
Subject: [PATCH v2 3/3] SecurityPkg/Hash2DxeCrypto: Rebase Hash2DxeCrypto onto the EVP interface
Date: Mon, 14 Sep 2020 17:57:49 -0700 [thread overview]
Message-ID: <20200915005749.5331-4-christopher.j.zurcher@intel.com> (raw)
In-Reply-To: <20200915005749.5331-1-christopher.j.zurcher@intel.com>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2545
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Christopher J Zurcher <christopher.j.zurcher@intel.com>
---
SecurityPkg/Hash2DxeCrypto/Driver.h | 1 -
SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c | 345 ++------------------
2 files changed, 31 insertions(+), 315 deletions(-)
diff --git a/SecurityPkg/Hash2DxeCrypto/Driver.h b/SecurityPkg/Hash2DxeCrypto/Driver.h
index 7b8996912a..ac811b3977 100644
--- a/SecurityPkg/Hash2DxeCrypto/Driver.h
+++ b/SecurityPkg/Hash2DxeCrypto/Driver.h
@@ -50,7 +50,6 @@ typedef struct {
LIST_ENTRY InstEntry;
EFI_HASH2_PROTOCOL Hash2Protocol;
VOID *HashContext;
- VOID *HashInfoContext;
BOOLEAN Updated;
} HASH2_INSTANCE_DATA;
diff --git a/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c b/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c
index d96bc136e2..f31bc79f04 100644
--- a/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c
+++ b/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c
@@ -2,7 +2,7 @@
This module implements Hash2 Protocol.
(C) Copyright 2015 Hewlett-Packard Development Company, L.P.<BR>
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -18,241 +18,18 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "Driver.h"
-/**
- Retrieves the size, in bytes, of the context buffer required for hash operations.
-
- If this interface is not supported, then return zero.
-
- @return The size, in bytes, of the context buffer required for hash operations.
- @retval 0 This interface is not supported.
-
-**/
-typedef
-UINTN
-(EFIAPI *EFI_HASH_GET_CONTEXT_SIZE) (
- VOID
- );
-
-/**
- Initializes user-supplied memory pointed by Sha1Context as hash context for
- subsequent use.
-
- If HashContext is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[out] HashContext Pointer to Hashcontext being initialized.
-
- @retval TRUE Hash context initialization succeeded.
- @retval FALSE Hash context initialization failed.
- @retval FALSE This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EFI_HASH_INIT) (
- OUT VOID *HashContext
- );
-
-/**
- Digests the input data and updates Hash context.
-
- This function performs Hash digest on a data buffer of the specified size.
- It can be called multiple times to compute the digest of long or discontinuous data streams.
- Hash context should be already correctly initialized by HashInit(), and should not be finalized
- by HashFinal(). Behavior with invalid context is undefined.
-
- If HashContext is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] HashContext Pointer to the Hash context.
- @param[in] Data Pointer to the buffer containing the data to be hashed.
- @param[in] DataSize Size of Data buffer in bytes.
-
- @retval TRUE SHA-1 data digest succeeded.
- @retval FALSE SHA-1 data digest failed.
- @retval FALSE This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EFI_HASH_UPDATE) (
- IN OUT VOID *HashContext,
- IN CONST VOID *Data,
- IN UINTN DataSize
- );
-
-/**
- Completes computation of the Hash digest value.
-
- This function completes hash computation and retrieves the digest value into
- the specified memory. After this function has been called, the Hash context cannot
- be used again.
- Hash context should be already correctly initialized by HashInit(), and should not be
- finalized by HashFinal(). Behavior with invalid Hash context is undefined.
-
- If HashContext is NULL, then return FALSE.
- If HashValue is NULL, then return FALSE.
- If this interface is not supported, then return FALSE.
-
- @param[in, out] HashContext Pointer to the Hash context.
- @param[out] HashValue Pointer to a buffer that receives the Hash digest
- value.
-
- @retval TRUE Hash digest computation succeeded.
- @retval FALSE Hash digest computation failed.
- @retval FALSE This interface is not supported.
-
-**/
-typedef
-BOOLEAN
-(EFIAPI *EFI_HASH_FINAL) (
- IN OUT VOID *HashContext,
- OUT UINT8 *HashValue
- );
-
typedef struct {
- EFI_GUID *Guid;
- UINT32 HashSize;
- EFI_HASH_GET_CONTEXT_SIZE GetContextSize;
- EFI_HASH_INIT Init;
- EFI_HASH_UPDATE Update;
- EFI_HASH_FINAL Final;
+ EFI_GUID *Guid;
+ UINT32 HashSize;
+ CONST CHAR8 *DigestName;
} EFI_HASH_INFO;
EFI_HASH_INFO mHashInfo[] = {
- {&gEfiHashAlgorithmMD5Guid, sizeof(EFI_MD5_HASH2), Md5GetContextSize, Md5Init, Md5Update, Md5Final },
- {&gEfiHashAlgorithmSha1Guid, sizeof(EFI_SHA1_HASH2), Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final },
- {&gEfiHashAlgorithmSha256Guid, sizeof(EFI_SHA256_HASH2), Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final },
- {&gEfiHashAlgorithmSha384Guid, sizeof(EFI_SHA384_HASH2), Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final },
- {&gEfiHashAlgorithmSha512Guid, sizeof(EFI_SHA512_HASH2), Sha512GetContextSize, Sha512Init, Sha512Update, Sha512Final },
-};
-
-/**
- Returns the size of the hash which results from a specific algorithm.
-
- @param[in] This Points to this instance of EFI_HASH2_PROTOCOL.
- @param[in] HashAlgorithm Points to the EFI_GUID which identifies the algorithm to use.
- @param[out] HashSize Holds the returned size of the algorithm's hash.
-
- @retval EFI_SUCCESS Hash size returned successfully.
- @retval EFI_INVALID_PARAMETER This or HashSize is NULL.
- @retval EFI_UNSUPPORTED The algorithm specified by HashAlgorithm is not supported by this driver
- or HashAlgorithm is null.
-
-**/
-EFI_STATUS
-EFIAPI
-BaseCrypto2GetHashSize (
- IN CONST EFI_HASH2_PROTOCOL *This,
- IN CONST EFI_GUID *HashAlgorithm,
- OUT UINTN *HashSize
- );
-
-/**
- Creates a hash for the specified message text. The hash is not extendable.
- The output is final with any algorithm-required padding added by the function.
-
- @param[in] This Points to this instance of EFI_HASH2_PROTOCOL.
- @param[in] HashAlgorithm Points to the EFI_GUID which identifies the algorithm to use.
- @param[in] Message Points to the start of the message.
- @param[in] MessageSize The size of Message, in bytes.
- @param[in,out] Hash On input, points to a caller-allocated buffer of the size
- returned by GetHashSize() for the specified HashAlgorithm.
- On output, the buffer holds the resulting hash computed from the message.
-
- @retval EFI_SUCCESS Hash returned successfully.
- @retval EFI_INVALID_PARAMETER This or Hash is NULL.
- @retval EFI_UNSUPPORTED The algorithm specified by HashAlgorithm is not supported by this driver
- or HashAlgorithm is Null.
- @retval EFI_OUT_OF_RESOURCES Some resource required by the function is not available
- or MessageSize is greater than platform maximum.
-
-**/
-EFI_STATUS
-EFIAPI
-BaseCrypto2Hash (
- IN CONST EFI_HASH2_PROTOCOL *This,
- IN CONST EFI_GUID *HashAlgorithm,
- IN CONST UINT8 *Message,
- IN UINTN MessageSize,
- IN OUT EFI_HASH2_OUTPUT *Hash
- );
-
-/**
- This function must be called to initialize a digest calculation to be subsequently performed using the
- EFI_HASH2_PROTOCOL functions HashUpdate() and HashFinal().
-
- @param[in] This Points to this instance of EFI_HASH2_PROTOCOL.
- @param[in] HashAlgorithm Points to the EFI_GUID which identifies the algorithm to use.
-
- @retval EFI_SUCCESS Initialized successfully.
- @retval EFI_INVALID_PARAMETER This is NULL.
- @retval EFI_UNSUPPORTED The algorithm specified by HashAlgorithm is not supported by this driver
- or HashAlgorithm is Null.
- @retval EFI_OUT_OF_RESOURCES Process failed due to lack of required resource.
- @retval EFI_ALREADY_STARTED This function is called when the operation in progress is still in processing Hash(),
- or HashInit() is already called before and not terminated by HashFinal() yet on the same instance.
-
-**/
-EFI_STATUS
-EFIAPI
-BaseCrypto2HashInit (
- IN CONST EFI_HASH2_PROTOCOL *This,
- IN CONST EFI_GUID *HashAlgorithm
- );
-
-/**
- Updates the hash of a computation in progress by adding a message text.
-
- @param[in] This Points to this instance of EFI_HASH2_PROTOCOL.
- @param[in] Message Points to the start of the message.
- @param[in] MessageSize The size of Message, in bytes.
-
- @retval EFI_SUCCESS Digest in progress updated successfully.
- @retval EFI_INVALID_PARAMETER This or Hash is NULL.
- @retval EFI_OUT_OF_RESOURCES Some resource required by the function is not available
- or MessageSize is greater than platform maximum.
- @retval EFI_NOT_READY This call was not preceded by a valid call to HashInit(),
- or the operation in progress was terminated by a call to Hash() or HashFinal() on the same instance.
-
-**/
-EFI_STATUS
-EFIAPI
-BaseCrypto2HashUpdate (
- IN CONST EFI_HASH2_PROTOCOL *This,
- IN CONST UINT8 *Message,
- IN UINTN MessageSize
- );
-
-/**
- Finalizes a hash operation in progress and returns calculation result.
- The output is final with any necessary padding added by the function.
- The hash may not be further updated or extended after HashFinal().
-
- @param[in] This Points to this instance of EFI_HASH2_PROTOCOL.
- @param[in,out] Hash On input, points to a caller-allocated buffer of the size
- returned by GetHashSize() for the specified HashAlgorithm specified in preceding HashInit().
- On output, the buffer holds the resulting hash computed from the message.
-
- @retval EFI_SUCCESS Hash returned successfully.
- @retval EFI_INVALID_PARAMETER This or Hash is NULL.
- @retval EFI_NOT_READY This call was not preceded by a valid call to HashInit() and at least one call to HashUpdate(),
- or the operation in progress was canceled by a call to Hash() on the same instance.
-
-**/
-EFI_STATUS
-EFIAPI
-BaseCrypto2HashFinal (
- IN CONST EFI_HASH2_PROTOCOL *This,
- IN OUT EFI_HASH2_OUTPUT *Hash
- );
-
-EFI_HASH2_PROTOCOL mHash2Protocol = {
- BaseCrypto2GetHashSize,
- BaseCrypto2Hash,
- BaseCrypto2HashInit,
- BaseCrypto2HashUpdate,
- BaseCrypto2HashFinal,
+ {&gEfiHashAlgorithmMD5Guid, sizeof(EFI_MD5_HASH2), "MD5"},
+ {&gEfiHashAlgorithmSha1Guid, sizeof(EFI_SHA1_HASH2), "SHA1"},
+ {&gEfiHashAlgorithmSha256Guid, sizeof(EFI_SHA256_HASH2), "SHA256"},
+ {&gEfiHashAlgorithmSha384Guid, sizeof(EFI_SHA384_HASH2), "SHA384"},
+ {&gEfiHashAlgorithmSha512Guid, sizeof(EFI_SHA512_HASH2), "SHA512"},
};
/**
@@ -347,12 +124,7 @@ BaseCrypto2Hash (
IN OUT EFI_HASH2_OUTPUT *Hash
)
{
- EFI_HASH_INFO *HashInfo;
- VOID *HashCtx;
- UINTN CtxSize;
- BOOLEAN Ret;
EFI_STATUS Status;
- HASH2_INSTANCE_DATA *Instance;
Status = EFI_SUCCESS;
@@ -364,60 +136,18 @@ BaseCrypto2Hash (
return EFI_UNSUPPORTED;
}
- HashInfo = GetHashInfo (HashAlgorithm);
- if (HashInfo == NULL) {
- return EFI_UNSUPPORTED;
- }
-
- Instance = HASH2_INSTANCE_DATA_FROM_THIS(This);
- if (Instance->HashContext != NULL) {
- FreePool (Instance->HashContext);
- }
- Instance->HashInfoContext = NULL;
- Instance->HashContext = NULL;
-
- //
- // Start hash sequence
- //
- CtxSize = HashInfo->GetContextSize ();
- if (CtxSize == 0) {
- return EFI_UNSUPPORTED;
- }
- HashCtx = AllocatePool (CtxSize);
- if (HashCtx == NULL) {
- return EFI_OUT_OF_RESOURCES;
+ Status = This->HashInit (This, HashAlgorithm);
+ if (EFI_ERROR (Status)) {
+ return Status;
}
- Ret = HashInfo->Init (HashCtx);
- if (!Ret) {
- Status = EFI_OUT_OF_RESOURCES;
- goto Done;
+ Status = This->HashUpdate (This, Message, MessageSize);
+ if (EFI_ERROR (Status)) {
+ return Status;
}
- //
- // Setup the context
- //
- Instance->HashContext = HashCtx;
- Instance->HashInfoContext = HashInfo;
-
- Ret = HashInfo->Update (HashCtx, Message, MessageSize);
- if (!Ret) {
- Status = EFI_OUT_OF_RESOURCES;
- goto Done;
- }
+ Status = This->HashFinal (This, Hash);
- Ret = HashInfo->Final (HashCtx, (UINT8 *)Hash->Sha1Hash);
- if (!Ret) {
- Status = EFI_OUT_OF_RESOURCES;
- goto Done;
- }
-Done:
- //
- // Cleanup the context
- //
- FreePool (HashCtx);
- Instance->HashInfoContext = NULL;
- Instance->HashContext = NULL;
return Status;
}
@@ -446,8 +176,6 @@ BaseCrypto2HashInit (
{
EFI_HASH_INFO *HashInfo;
VOID *HashCtx;
- UINTN CtxSize;
- BOOLEAN Ret;
HASH2_INSTANCE_DATA *Instance;
if (This == NULL) {
@@ -466,34 +194,23 @@ BaseCrypto2HashInit (
//
// Consistency Check
//
- Instance = HASH2_INSTANCE_DATA_FROM_THIS(This);
- if ((Instance->HashContext != NULL) || (Instance->HashInfoContext != NULL)) {
+ Instance = HASH2_INSTANCE_DATA_FROM_THIS (This);
+ if (Instance->HashContext != NULL) {
return EFI_ALREADY_STARTED;
}
//
// Start hash sequence
//
- CtxSize = HashInfo->GetContextSize ();
- if (CtxSize == 0) {
- return EFI_UNSUPPORTED;
- }
- HashCtx = AllocatePool (CtxSize);
+ HashCtx = EvpMdInit (HashInfo->DigestName);
if (HashCtx == NULL) {
return EFI_OUT_OF_RESOURCES;
}
- Ret = HashInfo->Init (HashCtx);
- if (!Ret) {
- FreePool (HashCtx);
- return EFI_OUT_OF_RESOURCES;
- }
-
//
// Setup the context
//
Instance->HashContext = HashCtx;
- Instance->HashInfoContext = HashInfo;
Instance->Updated = FALSE;
return EFI_SUCCESS;
@@ -522,7 +239,6 @@ BaseCrypto2HashUpdate (
IN UINTN MessageSize
)
{
- EFI_HASH_INFO *HashInfo;
VOID *HashCtx;
BOOLEAN Ret;
HASH2_INSTANCE_DATA *Instance;
@@ -535,13 +251,12 @@ BaseCrypto2HashUpdate (
// Consistency Check
//
Instance = HASH2_INSTANCE_DATA_FROM_THIS(This);
- if ((Instance->HashContext == NULL) || (Instance->HashInfoContext == NULL)) {
+ if (Instance->HashContext == NULL) {
return EFI_NOT_READY;
}
- HashInfo = Instance->HashInfoContext;
HashCtx = Instance->HashContext;
- Ret = HashInfo->Update (HashCtx, Message, MessageSize);
+ Ret = EvpMdUpdate (HashCtx, Message, MessageSize);
if (!Ret) {
return EFI_OUT_OF_RESOURCES;
}
@@ -574,8 +289,6 @@ BaseCrypto2HashFinal (
IN OUT EFI_HASH2_OUTPUT *Hash
)
{
- EFI_HASH_INFO *HashInfo;
- VOID *HashCtx;
BOOLEAN Ret;
HASH2_INSTANCE_DATA *Instance;
@@ -587,20 +300,16 @@ BaseCrypto2HashFinal (
// Consistency Check
//
Instance = HASH2_INSTANCE_DATA_FROM_THIS(This);
- if ((Instance->HashContext == NULL) || (Instance->HashInfoContext == NULL) ||
+ if ((Instance->HashContext == NULL) ||
(!Instance->Updated)) {
return EFI_NOT_READY;
}
- HashInfo = Instance->HashInfoContext;
- HashCtx = Instance->HashContext;
- Ret = HashInfo->Final (HashCtx, (UINT8 *)Hash->Sha1Hash);
+ Ret = EvpMdFinal (Instance->HashContext, (UINT8 *)Hash->Sha1Hash);
//
// Cleanup the context
//
- FreePool (HashCtx);
- Instance->HashInfoContext = NULL;
Instance->HashContext = NULL;
Instance->Updated = FALSE;
@@ -610,3 +319,11 @@ BaseCrypto2HashFinal (
return EFI_SUCCESS;
}
+
+EFI_HASH2_PROTOCOL mHash2Protocol = {
+ BaseCrypto2GetHashSize,
+ BaseCrypto2Hash,
+ BaseCrypto2HashInit,
+ BaseCrypto2HashUpdate,
+ BaseCrypto2HashFinal,
+};
--
2.28.0.windows.1
next prev parent reply other threads:[~2020-09-15 0:58 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-15 0:57 [PATCH v2 0/3] CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest interface Zurcher, Christopher J
2020-09-15 0:57 ` [PATCH v2 1/3] " Zurcher, Christopher J
2020-09-15 0:57 ` [PATCH v2 2/3] CryptoPkg: Add EVP to Crypto Service driver interface Zurcher, Christopher J
2020-09-15 0:57 ` Zurcher, Christopher J [this message]
2020-09-15 1:21 ` [PATCH v2 0/3] CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest interface Yao, Jiewen
2020-09-15 2:54 ` Zurcher, Christopher J
2020-09-15 2:58 ` Yao, Jiewen
2020-09-15 8:01 ` [edk2-devel] " Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200915005749.5331-4-christopher.j.zurcher@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox