From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web08.196.1607538797527496960 for ; Wed, 09 Dec 2020 10:33:17 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: divneil.r.wadhawan@intel.com) IronPort-SDR: uxOAKBvR86YxsxkE3dDgI+SPyutpe9fJVMhAK0G+3oFduLUHB76RaF+ItaGHOsHSyQ4UM+WvRt xES/vncQfYcA== X-IronPort-AV: E=McAfee;i="6000,8403,9830"; a="153366383" X-IronPort-AV: E=Sophos;i="5.78,405,1599548400"; d="scan'208";a="153366383" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Dec 2020 10:33:16 -0800 IronPort-SDR: 4ebyrdeFzWt8kgynjGgb78VeUclGGplcAfJ1GsZOGDeUV3aYAZiNAHQXkRzUFWlpZoJs3mGwW0 fZssljDwuj4g== X-IronPort-AV: E=Sophos;i="5.78,405,1599548400"; d="scan'208";a="364252947" Received: from drwadhaw-mobl.gar.corp.intel.com ([10.252.166.106]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Dec 2020 10:33:15 -0800 From: "Wadhawan, Divneil R" To: devel@edk2.groups.io Subject: [Patch 0/2] Extending the signing algorithms for Authenticated Variables Date: Thu, 10 Dec 2020 00:02:41 +0530 Message-Id: <20201209183243.30504-1-divneil.r.wadhawan@intel.com> X-Mailer: git-send-email 2.16.2.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Authenticated Variables currently only supports SHA256 as the digest algorithm. This patch series extends it to include SHA384 and SHA512. The series is composed of 2 patches. a. Unit Test for Authenticated Variables b. AuthService change to allow SHA384/SHA512 as digest algorithms. Divneil Rai Wadhawan (2): MdeModulePkg: Add unit test for Authenticated Variables SecurityPkg: Add support for SHA-384/SHA-512 digest algos .../Variable/RuntimeDxe/UnitTest/AuthVarUnitTest.c | 494 +++++++++++++++++++++ .../RuntimeDxe/UnitTest/PkNewRsa2048Sha256.c | 139 ++++++ .../RuntimeDxe/UnitTest/PkNewRsa3072Sha256.c | 179 ++++++++ .../RuntimeDxe/UnitTest/PkNewRsa3072Sha384.c | 179 ++++++++ .../RuntimeDxe/UnitTest/PkNewRsa4096Sha256.c | 219 +++++++++ .../RuntimeDxe/UnitTest/PkNewRsa4096Sha512.c | 219 +++++++++ .../Variable/RuntimeDxe/UnitTest/PkRsa2048Sha256.c | 139 ++++++ .../Variable/RuntimeDxe/UnitTest/PkRsa3072Sha256.c | 179 ++++++++ .../Variable/RuntimeDxe/UnitTest/PkRsa3072Sha384.c | 179 ++++++++ .../Variable/RuntimeDxe/UnitTest/PkRsa4096Sha256.c | 219 +++++++++ .../Variable/RuntimeDxe/UnitTest/PkRsa4096Sha512.c | 219 +++++++++ SecurityPkg/Library/AuthVariableLib/AuthService.c | 8 +- AuthVariableDigestUpdate.md | 41 ++ MdeModulePkg/MdeModulePkg.dsc | 4 + .../UnitTest/AuthVarUnitTestUefiShell.inf | 42 ++ 15 files changed, 2457 insertions(+), 2 deletions(-) create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/AuthVarUnitTest.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkNewRsa2048Sha256.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkNewRsa3072Sha256.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkNewRsa3072Sha384.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkNewRsa4096Sha256.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkNewRsa4096Sha512.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkRsa2048Sha256.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkRsa3072Sha256.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkRsa3072Sha384.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkRsa4096Sha256.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/PkRsa4096Sha512.c create mode 100644 AuthVariableDigestUpdate.md create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/UnitTest/AuthVarUnitTestUefiShell.inf -- 2.16.2.windows.1