From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com []) by mx.groups.io with SMTP id smtpd.web10.12116.1600217946492239432 for ; Tue, 15 Sep 2020 17:59:07 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=fail (domain: intel.com, ip: , mailfrom: christopher.j.zurcher@intel.com) IronPort-SDR: rqOxU1JRyCFux3x4MTWgcu30rWl7q4JDPFmUFtex9GEES0L8RU/mUOhO4ZGs+33OZeDMxx87RP UncYQU8QOVQA== X-IronPort-AV: E=McAfee;i="6000,8403,9745"; a="147129208" X-IronPort-AV: E=Sophos;i="5.76,430,1592895600"; d="scan'208";a="147129208" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Sep 2020 17:59:05 -0700 IronPort-SDR: /Zv3zSEJU7IK8wnTAUN3dxz9a/Kt5JtN7swbAw9zw2hNTY1uXdgO/oc0A5Ul/YmwiaPTsB8oww FWgeAP7hBTKQ== X-IronPort-AV: E=Sophos;i="5.76,430,1592895600"; d="scan'208";a="483077552" Received: from cjzurch-desk.amr.corp.intel.com ([10.9.70.181]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Sep 2020 17:59:05 -0700 From: "Zurcher, Christopher J" To: devel@edk2.groups.io Cc: Laszlo Ersek , Jiewen Yao , Jian J Wang Subject: [PATCH v3 3/3] SecurityPkg/Hash2DxeCrypto: Rebase Hash2DxeCrypto onto the EVP interface Date: Tue, 15 Sep 2020 17:59:02 -0700 Message-Id: <20200916005902.6114-4-christopher.j.zurcher@intel.com> X-Mailer: git-send-email 2.28.0.windows.1 In-Reply-To: <20200916005902.6114-1-christopher.j.zurcher@intel.com> References: <20200916005902.6114-1-christopher.j.zurcher@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2545 Cc: Laszlo Ersek Cc: Jiewen Yao Cc: Jian J Wang Signed-off-by: Christopher J Zurcher --- SecurityPkg/Hash2DxeCrypto/Driver.h | 1 - SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c | 345 ++------------------ 2 files changed, 31 insertions(+), 315 deletions(-) diff --git a/SecurityPkg/Hash2DxeCrypto/Driver.h b/SecurityPkg/Hash2DxeCrypto/Driver.h index 7b8996912a..ac811b3977 100644 --- a/SecurityPkg/Hash2DxeCrypto/Driver.h +++ b/SecurityPkg/Hash2DxeCrypto/Driver.h @@ -50,7 +50,6 @@ typedef struct { LIST_ENTRY InstEntry; EFI_HASH2_PROTOCOL Hash2Protocol; VOID *HashContext; - VOID *HashInfoContext; BOOLEAN Updated; } HASH2_INSTANCE_DATA; diff --git a/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c b/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c index d96bc136e2..f31bc79f04 100644 --- a/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c +++ b/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c @@ -2,7 +2,7 @@ This module implements Hash2 Protocol. (C) Copyright 2015 Hewlett-Packard Development Company, L.P.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -18,241 +18,18 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "Driver.h" -/** - Retrieves the size, in bytes, of the context buffer required for hash operations. - - If this interface is not supported, then return zero. - - @return The size, in bytes, of the context buffer required for hash operations. - @retval 0 This interface is not supported. - -**/ -typedef -UINTN -(EFIAPI *EFI_HASH_GET_CONTEXT_SIZE) ( - VOID - ); - -/** - Initializes user-supplied memory pointed by Sha1Context as hash context for - subsequent use. - - If HashContext is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[out] HashContext Pointer to Hashcontext being initialized. - - @retval TRUE Hash context initialization succeeded. - @retval FALSE Hash context initialization failed. - @retval FALSE This interface is not supported. - -**/ -typedef -BOOLEAN -(EFIAPI *EFI_HASH_INIT) ( - OUT VOID *HashContext - ); - -/** - Digests the input data and updates Hash context. - - This function performs Hash digest on a data buffer of the specified size. - It can be called multiple times to compute the digest of long or discontinuous data streams. - Hash context should be already correctly initialized by HashInit(), and should not be finalized - by HashFinal(). Behavior with invalid context is undefined. - - If HashContext is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] HashContext Pointer to the Hash context. - @param[in] Data Pointer to the buffer containing the data to be hashed. - @param[in] DataSize Size of Data buffer in bytes. - - @retval TRUE SHA-1 data digest succeeded. - @retval FALSE SHA-1 data digest failed. - @retval FALSE This interface is not supported. - -**/ -typedef -BOOLEAN -(EFIAPI *EFI_HASH_UPDATE) ( - IN OUT VOID *HashContext, - IN CONST VOID *Data, - IN UINTN DataSize - ); - -/** - Completes computation of the Hash digest value. - - This function completes hash computation and retrieves the digest value into - the specified memory. After this function has been called, the Hash context cannot - be used again. - Hash context should be already correctly initialized by HashInit(), and should not be - finalized by HashFinal(). Behavior with invalid Hash context is undefined. - - If HashContext is NULL, then return FALSE. - If HashValue is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] HashContext Pointer to the Hash context. - @param[out] HashValue Pointer to a buffer that receives the Hash digest - value. - - @retval TRUE Hash digest computation succeeded. - @retval FALSE Hash digest computation failed. - @retval FALSE This interface is not supported. - -**/ -typedef -BOOLEAN -(EFIAPI *EFI_HASH_FINAL) ( - IN OUT VOID *HashContext, - OUT UINT8 *HashValue - ); - typedef struct { - EFI_GUID *Guid; - UINT32 HashSize; - EFI_HASH_GET_CONTEXT_SIZE GetContextSize; - EFI_HASH_INIT Init; - EFI_HASH_UPDATE Update; - EFI_HASH_FINAL Final; + EFI_GUID *Guid; + UINT32 HashSize; + CONST CHAR8 *DigestName; } EFI_HASH_INFO; EFI_HASH_INFO mHashInfo[] = { - {&gEfiHashAlgorithmMD5Guid, sizeof(EFI_MD5_HASH2), Md5GetContextSize, Md5Init, Md5Update, Md5Final }, - {&gEfiHashAlgorithmSha1Guid, sizeof(EFI_SHA1_HASH2), Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final }, - {&gEfiHashAlgorithmSha256Guid, sizeof(EFI_SHA256_HASH2), Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final }, - {&gEfiHashAlgorithmSha384Guid, sizeof(EFI_SHA384_HASH2), Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final }, - {&gEfiHashAlgorithmSha512Guid, sizeof(EFI_SHA512_HASH2), Sha512GetContextSize, Sha512Init, Sha512Update, Sha512Final }, -}; - -/** - Returns the size of the hash which results from a specific algorithm. - - @param[in] This Points to this instance of EFI_HASH2_PROTOCOL. - @param[in] HashAlgorithm Points to the EFI_GUID which identifies the algorithm to use. - @param[out] HashSize Holds the returned size of the algorithm's hash. - - @retval EFI_SUCCESS Hash size returned successfully. - @retval EFI_INVALID_PARAMETER This or HashSize is NULL. - @retval EFI_UNSUPPORTED The algorithm specified by HashAlgorithm is not supported by this driver - or HashAlgorithm is null. - -**/ -EFI_STATUS -EFIAPI -BaseCrypto2GetHashSize ( - IN CONST EFI_HASH2_PROTOCOL *This, - IN CONST EFI_GUID *HashAlgorithm, - OUT UINTN *HashSize - ); - -/** - Creates a hash for the specified message text. The hash is not extendable. - The output is final with any algorithm-required padding added by the function. - - @param[in] This Points to this instance of EFI_HASH2_PROTOCOL. - @param[in] HashAlgorithm Points to the EFI_GUID which identifies the algorithm to use. - @param[in] Message Points to the start of the message. - @param[in] MessageSize The size of Message, in bytes. - @param[in,out] Hash On input, points to a caller-allocated buffer of the size - returned by GetHashSize() for the specified HashAlgorithm. - On output, the buffer holds the resulting hash computed from the message. - - @retval EFI_SUCCESS Hash returned successfully. - @retval EFI_INVALID_PARAMETER This or Hash is NULL. - @retval EFI_UNSUPPORTED The algorithm specified by HashAlgorithm is not supported by this driver - or HashAlgorithm is Null. - @retval EFI_OUT_OF_RESOURCES Some resource required by the function is not available - or MessageSize is greater than platform maximum. - -**/ -EFI_STATUS -EFIAPI -BaseCrypto2Hash ( - IN CONST EFI_HASH2_PROTOCOL *This, - IN CONST EFI_GUID *HashAlgorithm, - IN CONST UINT8 *Message, - IN UINTN MessageSize, - IN OUT EFI_HASH2_OUTPUT *Hash - ); - -/** - This function must be called to initialize a digest calculation to be subsequently performed using the - EFI_HASH2_PROTOCOL functions HashUpdate() and HashFinal(). - - @param[in] This Points to this instance of EFI_HASH2_PROTOCOL. - @param[in] HashAlgorithm Points to the EFI_GUID which identifies the algorithm to use. - - @retval EFI_SUCCESS Initialized successfully. - @retval EFI_INVALID_PARAMETER This is NULL. - @retval EFI_UNSUPPORTED The algorithm specified by HashAlgorithm is not supported by this driver - or HashAlgorithm is Null. - @retval EFI_OUT_OF_RESOURCES Process failed due to lack of required resource. - @retval EFI_ALREADY_STARTED This function is called when the operation in progress is still in processing Hash(), - or HashInit() is already called before and not terminated by HashFinal() yet on the same instance. - -**/ -EFI_STATUS -EFIAPI -BaseCrypto2HashInit ( - IN CONST EFI_HASH2_PROTOCOL *This, - IN CONST EFI_GUID *HashAlgorithm - ); - -/** - Updates the hash of a computation in progress by adding a message text. - - @param[in] This Points to this instance of EFI_HASH2_PROTOCOL. - @param[in] Message Points to the start of the message. - @param[in] MessageSize The size of Message, in bytes. - - @retval EFI_SUCCESS Digest in progress updated successfully. - @retval EFI_INVALID_PARAMETER This or Hash is NULL. - @retval EFI_OUT_OF_RESOURCES Some resource required by the function is not available - or MessageSize is greater than platform maximum. - @retval EFI_NOT_READY This call was not preceded by a valid call to HashInit(), - or the operation in progress was terminated by a call to Hash() or HashFinal() on the same instance. - -**/ -EFI_STATUS -EFIAPI -BaseCrypto2HashUpdate ( - IN CONST EFI_HASH2_PROTOCOL *This, - IN CONST UINT8 *Message, - IN UINTN MessageSize - ); - -/** - Finalizes a hash operation in progress and returns calculation result. - The output is final with any necessary padding added by the function. - The hash may not be further updated or extended after HashFinal(). - - @param[in] This Points to this instance of EFI_HASH2_PROTOCOL. - @param[in,out] Hash On input, points to a caller-allocated buffer of the size - returned by GetHashSize() for the specified HashAlgorithm specified in preceding HashInit(). - On output, the buffer holds the resulting hash computed from the message. - - @retval EFI_SUCCESS Hash returned successfully. - @retval EFI_INVALID_PARAMETER This or Hash is NULL. - @retval EFI_NOT_READY This call was not preceded by a valid call to HashInit() and at least one call to HashUpdate(), - or the operation in progress was canceled by a call to Hash() on the same instance. - -**/ -EFI_STATUS -EFIAPI -BaseCrypto2HashFinal ( - IN CONST EFI_HASH2_PROTOCOL *This, - IN OUT EFI_HASH2_OUTPUT *Hash - ); - -EFI_HASH2_PROTOCOL mHash2Protocol = { - BaseCrypto2GetHashSize, - BaseCrypto2Hash, - BaseCrypto2HashInit, - BaseCrypto2HashUpdate, - BaseCrypto2HashFinal, + {&gEfiHashAlgorithmMD5Guid, sizeof(EFI_MD5_HASH2), "MD5"}, + {&gEfiHashAlgorithmSha1Guid, sizeof(EFI_SHA1_HASH2), "SHA1"}, + {&gEfiHashAlgorithmSha256Guid, sizeof(EFI_SHA256_HASH2), "SHA256"}, + {&gEfiHashAlgorithmSha384Guid, sizeof(EFI_SHA384_HASH2), "SHA384"}, + {&gEfiHashAlgorithmSha512Guid, sizeof(EFI_SHA512_HASH2), "SHA512"}, }; /** @@ -347,12 +124,7 @@ BaseCrypto2Hash ( IN OUT EFI_HASH2_OUTPUT *Hash ) { - EFI_HASH_INFO *HashInfo; - VOID *HashCtx; - UINTN CtxSize; - BOOLEAN Ret; EFI_STATUS Status; - HASH2_INSTANCE_DATA *Instance; Status = EFI_SUCCESS; @@ -364,60 +136,18 @@ BaseCrypto2Hash ( return EFI_UNSUPPORTED; } - HashInfo = GetHashInfo (HashAlgorithm); - if (HashInfo == NULL) { - return EFI_UNSUPPORTED; - } - - Instance = HASH2_INSTANCE_DATA_FROM_THIS(This); - if (Instance->HashContext != NULL) { - FreePool (Instance->HashContext); - } - Instance->HashInfoContext = NULL; - Instance->HashContext = NULL; - - // - // Start hash sequence - // - CtxSize = HashInfo->GetContextSize (); - if (CtxSize == 0) { - return EFI_UNSUPPORTED; - } - HashCtx = AllocatePool (CtxSize); - if (HashCtx == NULL) { - return EFI_OUT_OF_RESOURCES; + Status = This->HashInit (This, HashAlgorithm); + if (EFI_ERROR (Status)) { + return Status; } - Ret = HashInfo->Init (HashCtx); - if (!Ret) { - Status = EFI_OUT_OF_RESOURCES; - goto Done; + Status = This->HashUpdate (This, Message, MessageSize); + if (EFI_ERROR (Status)) { + return Status; } - // - // Setup the context - // - Instance->HashContext = HashCtx; - Instance->HashInfoContext = HashInfo; - - Ret = HashInfo->Update (HashCtx, Message, MessageSize); - if (!Ret) { - Status = EFI_OUT_OF_RESOURCES; - goto Done; - } + Status = This->HashFinal (This, Hash); - Ret = HashInfo->Final (HashCtx, (UINT8 *)Hash->Sha1Hash); - if (!Ret) { - Status = EFI_OUT_OF_RESOURCES; - goto Done; - } -Done: - // - // Cleanup the context - // - FreePool (HashCtx); - Instance->HashInfoContext = NULL; - Instance->HashContext = NULL; return Status; } @@ -446,8 +176,6 @@ BaseCrypto2HashInit ( { EFI_HASH_INFO *HashInfo; VOID *HashCtx; - UINTN CtxSize; - BOOLEAN Ret; HASH2_INSTANCE_DATA *Instance; if (This == NULL) { @@ -466,34 +194,23 @@ BaseCrypto2HashInit ( // // Consistency Check // - Instance = HASH2_INSTANCE_DATA_FROM_THIS(This); - if ((Instance->HashContext != NULL) || (Instance->HashInfoContext != NULL)) { + Instance = HASH2_INSTANCE_DATA_FROM_THIS (This); + if (Instance->HashContext != NULL) { return EFI_ALREADY_STARTED; } // // Start hash sequence // - CtxSize = HashInfo->GetContextSize (); - if (CtxSize == 0) { - return EFI_UNSUPPORTED; - } - HashCtx = AllocatePool (CtxSize); + HashCtx = EvpMdInit (HashInfo->DigestName); if (HashCtx == NULL) { return EFI_OUT_OF_RESOURCES; } - Ret = HashInfo->Init (HashCtx); - if (!Ret) { - FreePool (HashCtx); - return EFI_OUT_OF_RESOURCES; - } - // // Setup the context // Instance->HashContext = HashCtx; - Instance->HashInfoContext = HashInfo; Instance->Updated = FALSE; return EFI_SUCCESS; @@ -522,7 +239,6 @@ BaseCrypto2HashUpdate ( IN UINTN MessageSize ) { - EFI_HASH_INFO *HashInfo; VOID *HashCtx; BOOLEAN Ret; HASH2_INSTANCE_DATA *Instance; @@ -535,13 +251,12 @@ BaseCrypto2HashUpdate ( // Consistency Check // Instance = HASH2_INSTANCE_DATA_FROM_THIS(This); - if ((Instance->HashContext == NULL) || (Instance->HashInfoContext == NULL)) { + if (Instance->HashContext == NULL) { return EFI_NOT_READY; } - HashInfo = Instance->HashInfoContext; HashCtx = Instance->HashContext; - Ret = HashInfo->Update (HashCtx, Message, MessageSize); + Ret = EvpMdUpdate (HashCtx, Message, MessageSize); if (!Ret) { return EFI_OUT_OF_RESOURCES; } @@ -574,8 +289,6 @@ BaseCrypto2HashFinal ( IN OUT EFI_HASH2_OUTPUT *Hash ) { - EFI_HASH_INFO *HashInfo; - VOID *HashCtx; BOOLEAN Ret; HASH2_INSTANCE_DATA *Instance; @@ -587,20 +300,16 @@ BaseCrypto2HashFinal ( // Consistency Check // Instance = HASH2_INSTANCE_DATA_FROM_THIS(This); - if ((Instance->HashContext == NULL) || (Instance->HashInfoContext == NULL) || + if ((Instance->HashContext == NULL) || (!Instance->Updated)) { return EFI_NOT_READY; } - HashInfo = Instance->HashInfoContext; - HashCtx = Instance->HashContext; - Ret = HashInfo->Final (HashCtx, (UINT8 *)Hash->Sha1Hash); + Ret = EvpMdFinal (Instance->HashContext, (UINT8 *)Hash->Sha1Hash); // // Cleanup the context // - FreePool (HashCtx); - Instance->HashInfoContext = NULL; Instance->HashContext = NULL; Instance->Updated = FALSE; @@ -610,3 +319,11 @@ BaseCrypto2HashFinal ( return EFI_SUCCESS; } + +EFI_HASH2_PROTOCOL mHash2Protocol = { + BaseCrypto2GetHashSize, + BaseCrypto2Hash, + BaseCrypto2HashInit, + BaseCrypto2HashUpdate, + BaseCrypto2HashFinal, +}; -- 2.28.0.windows.1