From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
"Sukerkar, Amol N" <amol.n.sukerkar@intel.com>
Cc: "Wang, Jian J" <jian.j.wang@intel.com>
Subject: Re: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API
Date: Wed, 5 Feb 2020 01:32:50 +0000 [thread overview]
Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503F91333E@shsmsx102.ccr.corp.intel.com> (raw)
In-Reply-To: <E92EE9817A31E24EB0585FDF735412F5B9E86BDA@ORSMSX113.amr.corp.intel.com>
Thank you Mike.
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Wednesday, February 5, 2020 9:04 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io; Sukerkar,
> Amol N <amol.n.sukerkar@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>
> Subject: RE: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
>
> Jiewen,
>
> Thanks for pointing to the content in MdePkg.
>
> I agree that we could include <IndustryStandard/Tpm20.h>
> in BaseHashApiLib implementation and use the subset of
> TPM_ALG_* define values for both the lib implementation
> and the PCD description. This will allow us to remove
> the extra #defines from the HashApiLib.h class.
>
> Mike
>
> > -----Original Message-----
> > From: Yao, Jiewen <jiewen.yao@intel.com>
> > Sent: Tuesday, February 4, 2020 2:54 PM
> > To: Kinney, Michael D <michael.d.kinney@intel.com>;
> > devel@edk2.groups.io; Sukerkar, Amol N
> > <amol.n.sukerkar@intel.com>
> > Cc: Wang, Jian J <jian.j.wang@intel.com>
> > Subject: RE: [Patch v10 2/2] CryptoPkg/BaseHashApiLib:
> > Implement Unified Hash Calculation API
> >
> > Mike
> > The problem of defining a set of algo ID is that I have
> > to remember the ID.
> > I feel frustrated whenever I need match one ID to the
> > other ID.
> >
> > Currently, UEFI secure boot and TCG trusted boot are
> > important feature. If we can align to one of them, it
> > is easier. I believe if we have a consistent ID
> > mapping, it will be much better for developer.
> >
> > Current TPM20.h is defined in MdePkg (not in
> > SecurityPkg) and is considered as an industry standard.
> > I do not see any dependency issue.
> >
> > We can define a new set - not a technical problem. I am
> > just not sure why we have to. Or we can define it with
> > the same value as TPM. See below list. I believe it
> > will cover majority of current usage and current
> > standard.
> > > > > + # 0x0004 - SHA1.<BR>
> > > > > + # 0x000B - SHA256.<BR>
> > > > > + # 0x000C - SHA384.<BR>
> > > > > + # 0x000D - SHA512.<BR>
> > > > > + # 0x0012 - SM3_256.<BR>
> > > > > + # 0x0027 - SHA3_256.<BR>
> > > > > + # 0x0028 - SHA3_384.<BR>
> > > > > + # 0x0029 - SHA3_512.<BR>
> >
> >
> >
> >
> > > -----Original Message-----
> > > From: Kinney, Michael D <michael.d.kinney@intel.com>
> > > Sent: Wednesday, February 5, 2020 12:26 AM
> > > To: Yao, Jiewen <jiewen.yao@intel.com>;
> > devel@edk2.groups.io; Kinney,
> > > Michael D <michael.d.kinney@intel.com>; Sukerkar,
> > Amol N
> > > <amol.n.sukerkar@intel.com>
> > > Cc: Wang, Jian J <jian.j.wang@intel.com>
> > > Subject: RE: [Patch v10 2/2]
> > CryptoPkg/BaseHashApiLib: Implement Unified Hash
> > > Calculation API
> > >
> > > Jiewen,
> > >
> > > I think UINT8 is fine. We can change default to 0x04
> > in DEC file.
> > >
> > > I will let Amol comment on why MD4 and MD5 are
> > included. If
> > > they are not required, then I agree they should be
> > removed.
> > >
> > > I do not see a reason to align with TCG spec. The
> > HashApiLib
> > > is a layer on top of BaseCryptLib and the use of hash
> > algorithms
> > > is not limited to TCG related content. The
> > BaseCryptLib
> > > could potentially adopt hash algorithms that are not
> > defined
> > > in the TCG specification. We also do not want
> > CryptoPkg to
> > > depend on the SecurityPkg.
> > >
> > > Thanks,
> > >
> > > Mike
> > >
> > > > -----Original Message-----
> > > > From: Yao, Jiewen <jiewen.yao@intel.com>
> > > > Sent: Monday, February 3, 2020 6:54 PM
> > > > To: Kinney, Michael D <michael.d.kinney@intel.com>;
> > > > devel@edk2.groups.io
> > > > Cc: Sukerkar, Amol N <amol.n.sukerkar@intel.com>;
> > Wang,
> > > > Jian J <jian.j.wang@intel.com>
> > > > Subject: RE: [Patch v10 2/2]
> > CryptoPkg/BaseHashApiLib:
> > > > Implement Unified Hash Calculation API
> > > >
> > > > Thanks Mike, to cover us during Chinese New Year
> > > > holiday.
> > > >
> > > > I am just back from vocation. A minor comment:
> > > >
> > > > The PcdHashApiLibPolicy is UINT8, but the value is
> > > > shown as 32bit 0x00000004.
> > > >
> > > > There are couple of ways to enhance:
> > > > 1) Define UINT8, and use 8bit style 0x04.
> > > > 2) Define UINT32, and use 32bit style 0x00000004.
> > > > 3) Define UINT16 (match TCG definition), and use
> > TCG
> > > > defined value. (Tpm20.h)
> > > > #define TPM_ALG_SHA1 (TPM_ALG_ID)(0x0004)
> > > > #define TPM_ALG_SHA256 (TPM_ALG_ID)(0x000B)
> > > > #define TPM_ALG_SHA384 (TPM_ALG_ID)(0x000C)
> > > > #define TPM_ALG_SHA512 (TPM_ALG_ID)(0x000D)
> > > > #define TPM_ALG_SM3_256 (TPM_ALG_ID)(0x0012)
> > > >
> > > > MD4 and MD5 are known as insecure and deprecated. I
> > > > doubt if we want to add such support. (I strong
> > > > recommend NO).
> > > >
> > > > If we can remove MD4 and MD5, I think we can use
> > #3.
> > > >
> > > > Thank you
> > > > Yao Jiewen
> > > >
> > > > > -----Original Message-----
> > > > > From: Kinney, Michael D
> > <michael.d.kinney@intel.com>
> > > > > Sent: Tuesday, February 4, 2020 7:36 AM
> > > > > To: devel@edk2.groups.io
> > > > > Cc: Sukerkar, Amol N <amol.n.sukerkar@intel.com>;
> > > > Yao, Jiewen
> > > > > <jiewen.yao@intel.com>; Wang, Jian J
> > > > <jian.j.wang@intel.com>
> > > > > Subject: [Patch v10 2/2]
> > CryptoPkg/BaseHashApiLib:
> > > > Implement Unified Hash
> > > > > Calculation API
> > > > >
> > > > > From: Amol N Sukerkar <amol.n.sukerkar@intel.com>
> > > > >
> > > > >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=2151
> > > > >
> > > > > This commit introduces a Unified Hash API to
> > > > calculate hash using a
> > > > > hashing algorithm specified by the PCD,
> > > > PcdHashApiLibPolicy. This library
> > > > > interfaces with the various hashing API, such as,
> > > > MD4, MD5, SHA1, SHA256,
> > > > > SHA512 and SM3_256 implemented in BaseCryptLib.
> > The
> > > > user can calculate
> > > > > the desired hash by setting PcdHashApiLibPolicy
> > to
> > > > appropriate value.
> > > > >
> > > > > This feature is documented in the Bugzilla,
> > > > >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=2151.
> > > > >
> > > > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > > > > Signed-off-by: Amol N Sukerkar
> > > > <amol.n.sukerkar@intel.com>
> > > > > Reviewed-by: Michael D Kinney
> > > > <michael.d.kinney@intel.com>
> > > > > ---
> > > > > CryptoPkg/CryptoPkg.dec |
> > 20
> > > > ++
> > > > > CryptoPkg/CryptoPkg.dsc |
> > 4
> > > > +-
> > > > > CryptoPkg/CryptoPkg.uni |
> > 18
> > > > +-
> > > > > CryptoPkg/Include/Library/HashApiLib.h |
> > 122
> > > > +++++++
> > > > > .../Library/BaseHashApiLib/BaseHashApiLib.c |
> > 330
> > > > ++++++++++++++++++
> > > > > .../Library/BaseHashApiLib/BaseHashApiLib.inf |
> > 44
> > > > +++
> > > > > .../Library/BaseHashApiLib/BaseHashApiLib.uni |
> > 17
> > > > +
> > > > > 7 files changed, 553 insertions(+), 2
> > deletions(-)
> > > > > create mode 100644
> > > > CryptoPkg/Include/Library/HashApiLib.h
> > > > > create mode 100644
> > > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > > > > create mode 100644
> > > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > > > > create mode 100644
> > > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > > > >
> > > > > diff --git a/CryptoPkg/CryptoPkg.dec
> > > > b/CryptoPkg/CryptoPkg.dec
> > > > > index 41af6e879e..8ad0fb5d61 100644
> > > > > --- a/CryptoPkg/CryptoPkg.dec
> > > > > +++ b/CryptoPkg/CryptoPkg.dec
> > > > > @@ -33,9 +33,29 @@ [LibraryClasses]
> > > > > ##
> > > > > TlsLib|Include/Library/TlsLib.h
> > > > >
> > > > > + ## @libraryclass Provides Unified API for
> > > > different hash implementations.
> > > > > + #
> > > > > + HashApiLib|Include/Library/HashApiLib.h
> > > > > +
> > > > > [Guids]
> > > > > ## Crypto package token space guid.
> > > > > gEfiCryptoPkgTokenSpaceGuid = {
> > 0x6bd7de60,
> > > > 0x9ef7, 0x4899, { 0x97,
> > > > > 0xd0, 0xab, 0xff, 0xfd, 0xe9, 0x70, 0xf2 } }
> > > > >
> > > > > +[PcdsFixedAtBuild, PcdsPatchableInModule,
> > > > PcdsDynamic, PcdsDynamicEx]
> > > > > + ## This PCD indicates the HASH algorithm to
> > > > calculate hash of data
> > > > > + # Based on the value set, the required
> > algorithm
> > > > is chosen to calculate
> > > > > + # the hash of data.<BR>
> > > > > + # The default hashing algorithm for
> > > > BaseHashApiLib is set to SHA256.<BR>
> > > > > + # 0x00000001 - MD4.<BR>
> > > > > + # 0x00000002 - MD5.<BR>
> > > > > + # 0x00000003 - SHA1.<BR>
> > > > > + # 0x00000004 - SHA256.<BR>
> > > > > + # 0x00000005 - SHA384.<BR>
> > > > > + # 0x00000006 - SHA512.<BR>
> > > > > + # 0x00000007 - SM3_256.<BR>
> > > > > + # @Prompt Set policy for hashing unsigned
> > image
> > > > for Secure Boot.
> > > > > + # @ValidRange 0x80000001 | 0x00000001 -
> > 0x00000007
> > > > > +
> > > > >
> > > >
> > gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x04|UI
> > > > NT8|0x00000001
> > > > > +
> > > > > [UserExtensions.TianoCore."ExtraFiles"]
> > > > > CryptoPkgExtra.uni
> > > > > diff --git a/CryptoPkg/CryptoPkg.dsc
> > > > b/CryptoPkg/CryptoPkg.dsc
> > > > > index ec43c1f0a4..9656a73b3c 100644
> > > > > --- a/CryptoPkg/CryptoPkg.dsc
> > > > > +++ b/CryptoPkg/CryptoPkg.dsc
> > > > > @@ -1,7 +1,7 @@
> > > > > ## @file
> > > > > # Cryptographic Library Package for UEFI
> > Security
> > > > Implementation.
> > > > > #
> > > > > -# Copyright (c) 2009 - 2018, Intel Corporation.
> > All
> > > > rights reserved.<BR>
> > > > > +# Copyright (c) 2009 - 2020, Intel Corporation.
> > All
> > > > rights reserved.<BR>
> > > > > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > #
> > > > > ##
> > > > > @@ -44,6 +44,7 @@ [LibraryClasses]
> > > > >
> > > > >
> > > >
> > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLi
> > > > b.inf
> > > > >
> > > >
> > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > > > > +
> > > >
> > HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApi
> > > > Lib.inf
> > > > >
> > > > > [LibraryClasses.ARM, LibraryClasses.AARCH64]
> > > > > #
> > > > > @@ -120,6 +121,7 @@ [Components]
> > > > > CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
> > > > > CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > > > >
> > CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> > > > > +
> > > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > > > >
> > > > > [Components.IA32, Components.X64]
> > > > > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > > > > diff --git a/CryptoPkg/CryptoPkg.uni
> > > > b/CryptoPkg/CryptoPkg.uni
> > > > > index beb0036ef5..0dae4c4045 100644
> > > > > --- a/CryptoPkg/CryptoPkg.uni
> > > > > +++ b/CryptoPkg/CryptoPkg.uni
> > > > > @@ -4,7 +4,7 @@
> > > > > // This Package provides cryptographic-related
> > > > libraries for UEFI security
> > > > > modules.
> > > > > // It also provides a test application to test
> > > > libraries.
> > > > > //
> > > > > -// Copyright (c) 2009 - 2018, Intel Corporation.
> > All
> > > > rights reserved.<BR>
> > > > > +// Copyright (c) 2009 - 2020, Intel Corporation.
> > All
> > > > rights reserved.<BR>
> > > > > //
> > > > > // SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > //
> > > > > @@ -17,3 +17,19 @@
> > > > >
> > > > >
> > > > >
> > > > > +#string
> > > >
> > STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_PRO
> > > > MPT
> > > > > #language en-US "HASH algorithm to calculate
> > hash"
> > > > > +
> > > > > +#string
> > > >
> > STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_HEL
> > > > P
> > > > > #language en-US "This PCD indicates the HASH
> > > > algorithm to calculate hash of
> > > > > data.<BR><BR>\n"
> > > > > +
> > > > "Based on the value set, the
> > > > > required algorithm is chosen to calculate\n"
> > > > > +
> > > > "the hash of data.<BR>\n"
> > > > > +
> > > > "The default hashing algorithm
> > > > > for BaseHashApiLib is set to SHA256.<BR>\n"
> > > > > +
> > > > "0x00000001 - MD4.<BR>\n"
> > > > > +
> > > > "0x00000002 - MD5.<BR>\n"
> > > > > +
> > > > "0x00000003 - SHA1.<BR>\n"
> > > > > +
> > > > "0x00000004 -
> > > > > SHA256.<BR>\n"
> > > > > +
> > > > "0x00000005 -
> > > > > SHA384.<BR>\n"
> > > > > +
> > > > "0x00000006 -
> > > > > SHA512.<BR>\n"
> > > > > +
> > > > "0x00000007 - SM3.<BR>"
> > > > > +
> > > > > +
> > > > > +
> > > > > diff --git
> > a/CryptoPkg/Include/Library/HashApiLib.h
> > > > > b/CryptoPkg/Include/Library/HashApiLib.h
> > > > > new file mode 100644
> > > > > index 0000000000..22068e5a17
> > > > > --- /dev/null
> > > > > +++ b/CryptoPkg/Include/Library/HashApiLib.h
> > > > > @@ -0,0 +1,122 @@
> > > > > +/** @file
> > > > > + Unified Hash API Defines
> > > > > +
> > > > > + This API when called will calculate the Hash
> > using
> > > > the
> > > > > + hashing algorithm specified by
> > > > PcdHashApiLibPolicy.
> > > > > +
> > > > > + Copyright (c) 2020, Intel Corporation. All
> > rights
> > > > reserved.<BR>
> > > > > + SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > +
> > > > > +**/
> > > > > +
> > > > > +#ifndef __BASEHASHAPILIB_H_
> > > > > +#define __BASEHASHAPILIB_H_
> > > > > +
> > > > > +typedef VOID *HASH_API_CONTEXT;
> > > > > +
> > > > > +//
> > > > > +// Hash Algorithms
> > > > > +//
> > > > > +#define HASH_API_ALGO_INVALID 0x00000000
> > > > > +#define HASH_API_ALGO_MD4 0x00000001
> > > > > +#define HASH_API_ALGO_MD5 0x00000002
> > > > > +#define HASH_API_ALGO_SHA1 0x00000003
> > > > > +#define HASH_API_ALGO_SHA256 0x00000004
> > > > > +#define HASH_API_ALGO_SHA384 0x00000005
> > > > > +#define HASH_API_ALGO_SHA512 0x00000006
> > > > > +#define HASH_API_ALGO_SM3_256 0x00000007
> > > > > +
> > > > > +/**
> > > > > + Retrieves the size, in bytes, of the context
> > > > buffer required for hash operations.
> > > > > +
> > > > > + @return The size, in bytes, of the context
> > buffer
> > > > required for hash operations.
> > > > > +**/
> > > > > +UINTN
> > > > > +EFIAPI
> > > > > +HashApiGetContextSize (
> > > > > + VOID
> > > > > + );
> > > > > +
> > > > > +/**
> > > > > + Init hash sequence.
> > > > > +
> > > > > + @param[out] HashContext Hash context.
> > > > > +
> > > > > + @retval TRUE Hash start and HashHandle
> > > > returned.
> > > > > + @retval FALSE Hash Init unsuccessful.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiInit (
> > > > > + OUT HASH_API_CONTEXT HashContext
> > > > > + );
> > > > > +
> > > > > +/**
> > > > > + Makes a copy of an existing hash context.
> > > > > +
> > > > > + @param[in] HashContext Hash context.
> > > > > + @param[out] NewHashContext New copy of hash
> > > > context.
> > > > > +
> > > > > + @retval TRUE Hash context copy
> > succeeded.
> > > > > + @retval FALSE Hash context copy failed.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiDuplicate (
> > > > > + IN HASH_API_CONTEXT HashContext,
> > > > > + OUT HASH_API_CONTEXT NewHashContext
> > > > > + );
> > > > > +
> > > > > +/**
> > > > > + Update hash data.
> > > > > +
> > > > > + @param[in] HashContext Hash context.
> > > > > + @param[in] DataToHash Data to be hashed.
> > > > > + @param[in] DataToHashLen Data size.
> > > > > +
> > > > > + @retval TRUE Hash updated.
> > > > > + @retval FALSE Hash updated
> > unsuccessful.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiUpdate (
> > > > > + IN HASH_API_CONTEXT HashContext,
> > > > > + IN VOID *DataToHash,
> > > > > + IN UINTN DataToHashLen
> > > > > + );
> > > > > +
> > > > > +/**
> > > > > + Hash complete.
> > > > > +
> > > > > + @param[in] HashContext Hash context.
> > > > > + @param[out] Digest Hash Digest.
> > > > > +
> > > > > + @retval TRUE Hash complete and Digest
> > is
> > > > returned.
> > > > > + @retval FALSE Hash complete
> > unsuccessful.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiFinal (
> > > > > + IN HASH_API_CONTEXT HashContext,
> > > > > + OUT UINT8 *Digest
> > > > > + );
> > > > > +
> > > > > +/**
> > > > > + Computes hash message digest of a input data
> > > > buffer.
> > > > > +
> > > > > + @param[in] DataToHash Data to be hashed.
> > > > > + @param[in] DataToHashLen Data size.
> > > > > + @param[out] Digest Hash Digest.
> > > > > +
> > > > > + @retval TRUE Hash digest computation
> > succeeded.
> > > > > + @retval FALSE Hash digest computation failed.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiHashAll (
> > > > > + IN CONST VOID *DataToHash,
> > > > > + IN UINTN DataToHashLen,
> > > > > + OUT UINT8 *Digest
> > > > > + );
> > > > > +
> > > > > +#endif
> > > > > diff --git
> > > > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > > > >
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > > > > new file mode 100644
> > > > > index 0000000000..277ef9f0b4
> > > > > --- /dev/null
> > > > > +++
> > > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > > > > @@ -0,0 +1,330 @@
> > > > > +/** @file
> > > > > + Unified Hash API Implementation
> > > > > +
> > > > > + This file implements the Unified Hash API.
> > > > > +
> > > > > + This API, when called, will calculate the Hash
> > > > using the
> > > > > + hashing algorithm specified by
> > > > PcdHashApiLibPolicy.
> > > > > +
> > > > > + Copyright (c) 2020, Intel Corporation. All
> > rights
> > > > reserved.<BR>
> > > > > + SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > +
> > > > > +**/
> > > > > +
> > > > > +#include <Base.h>
> > > > > +#include <Library/BaseLib.h>
> > > > > +#include <Library/BaseMemoryLib.h>
> > > > > +#include <Library/MemoryAllocationLib.h>
> > > > > +#include <Library/BaseCryptLib.h>
> > > > > +#include <Library/DebugLib.h>
> > > > > +#include <Library/PcdLib.h>
> > > > > +#include <Library/HashApiLib.h>
> > > > > +
> > > > > +/**
> > > > > + Retrieves the size, in bytes, of the context
> > > > buffer required for hash operations.
> > > > > +
> > > > > + @return The size, in bytes, of the context
> > buffer
> > > > required for hash operations.
> > > > > +**/
> > > > > +UINTN
> > > > > +EFIAPI
> > > > > +HashApiGetContextSize (
> > > > > + VOID
> > > > > + )
> > > > > +{
> > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > > > > + case HASH_API_ALGO_MD4:
> > > > > + return Md4GetContextSize ();
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_MD5:
> > > > > + return Md5GetContextSize ();
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA1:
> > > > > + return Sha1GetContextSize ();
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA256:
> > > > > + return Sha256GetContextSize ();
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA384:
> > > > > + return Sha384GetContextSize ();
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA512:
> > > > > + return Sha512GetContextSize ();
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SM3_256:
> > > > > + return Sm3GetContextSize ();
> > > > > + break;
> > > > > +
> > > > > + default:
> > > > > + ASSERT (FALSE);
> > > > > + return 0;
> > > > > + break;
> > > > > + }
> > > > > +}
> > > > > +
> > > > > +/**
> > > > > + Init hash sequence.
> > > > > +
> > > > > + @param[out] HashContext Hash context.
> > > > > +
> > > > > + @retval TRUE Hash start and HashHandle
> > > > returned.
> > > > > + @retval FALSE Hash Init unsuccessful.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiInit (
> > > > > + OUT HASH_API_CONTEXT HashContext
> > > > > + )
> > > > > +{
> > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > > > > + case HASH_API_ALGO_MD4:
> > > > > + return Md4Init (HashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_MD5:
> > > > > + return Md5Init (HashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA1:
> > > > > + return Sha1Init (HashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA256:
> > > > > + return Sha256Init (HashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA384:
> > > > > + return Sha384Init (HashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA512:
> > > > > + return Sha512Init (HashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SM3_256:
> > > > > + return Sm3Init (HashContext);
> > > > > + break;
> > > > > +
> > > > > + default:
> > > > > + ASSERT (FALSE);
> > > > > + return FALSE;
> > > > > + break;
> > > > > + }
> > > > > +}
> > > > > +
> > > > > +/**
> > > > > + Makes a copy of an existing hash context.
> > > > > +
> > > > > + @param[in] HashContext Hash context.
> > > > > + @param[out] NewHashContext New copy of hash
> > > > context.
> > > > > +
> > > > > + @retval TRUE Hash context copy
> > succeeded.
> > > > > + @retval FALSE Hash context copy failed.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiDuplicate (
> > > > > + IN HASH_API_CONTEXT HashContext,
> > > > > + OUT HASH_API_CONTEXT NewHashContext
> > > > > + )
> > > > > +{
> > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > > > > + case HASH_API_ALGO_MD4:
> > > > > + return Md4Duplicate (HashContext,
> > > > NewHashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_MD5:
> > > > > + return Md5Duplicate (HashContext,
> > > > NewHashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA1:
> > > > > + return Sha1Duplicate (HashContext,
> > > > NewHashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA256:
> > > > > + return Sha256Duplicate (HashContext,
> > > > NewHashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA384:
> > > > > + return Sha384Duplicate (HashContext,
> > > > NewHashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA512:
> > > > > + return Sha512Duplicate (HashContext,
> > > > NewHashContext);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SM3_256:
> > > > > + return Sm3Duplicate (HashContext,
> > > > NewHashContext);
> > > > > + break;
> > > > > +
> > > > > + default:
> > > > > + ASSERT (FALSE);
> > > > > + return FALSE;
> > > > > + break;
> > > > > + }
> > > > > +}
> > > > > +
> > > > > +/**
> > > > > + Update hash data.
> > > > > +
> > > > > + @param[in] HashContext Hash context.
> > > > > + @param[in] DataToHash Data to be hashed.
> > > > > + @param[in] DataToHashLen Data size.
> > > > > +
> > > > > + @retval TRUE Hash updated.
> > > > > + @retval FALSE Hash updated
> > unsuccessful.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiUpdate (
> > > > > + IN HASH_API_CONTEXT HashContext,
> > > > > + IN VOID *DataToHash,
> > > > > + IN UINTN DataToHashLen
> > > > > + )
> > > > > +{
> > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > > > > + case HASH_API_ALGO_MD4:
> > > > > + return Md4Update (HashContext, DataToHash,
> > > > DataToHashLen);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_MD5:
> > > > > + return Md5Update (HashContext, DataToHash,
> > > > DataToHashLen);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA1:
> > > > > + return Sha1Update (HashContext,
> > DataToHash,
> > > > DataToHashLen);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA256:
> > > > > + return Sha256Update (HashContext,
> > DataToHash,
> > > > DataToHashLen);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA384:
> > > > > + return Sha384Update (HashContext,
> > DataToHash,
> > > > DataToHashLen);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA512:
> > > > > + return Sha512Update (HashContext,
> > DataToHash,
> > > > DataToHashLen);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SM3_256:
> > > > > + return Sm3Update (HashContext, DataToHash,
> > > > DataToHashLen);
> > > > > + break;
> > > > > +
> > > > > + default:
> > > > > + ASSERT (FALSE);
> > > > > + return FALSE;
> > > > > + break;
> > > > > + }
> > > > > +}
> > > > > +
> > > > > +/**
> > > > > + Hash complete.
> > > > > +
> > > > > + @param[in] HashContext Hash context.
> > > > > + @param[out] Digest Hash Digest.
> > > > > +
> > > > > + @retval TRUE Hash complete and Digest
> > is
> > > > returned.
> > > > > + @retval FALSE Hash complete
> > unsuccessful.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiFinal (
> > > > > + IN HASH_API_CONTEXT HashContext,
> > > > > + OUT UINT8 *Digest
> > > > > + )
> > > > > +{
> > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > > > > + case HASH_API_ALGO_MD4:
> > > > > + return Md4Final (HashContext, Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_MD5:
> > > > > + return Md5Final (HashContext, Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA1:
> > > > > + return Sha1Final (HashContext, Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA256:
> > > > > + return Sha256Final (HashContext, Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA384:
> > > > > + return Sha384Final (HashContext, Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA512:
> > > > > + return Sha512Final (HashContext, Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SM3_256:
> > > > > + return Sm3Final (HashContext, Digest);
> > > > > + break;
> > > > > +
> > > > > + default:
> > > > > + ASSERT (FALSE);
> > > > > + return FALSE;
> > > > > + break;
> > > > > + }
> > > > > +}
> > > > > +
> > > > > +/**
> > > > > + Computes hash message digest of a input data
> > > > buffer.
> > > > > +
> > > > > + @param[in] DataToHash Data to be hashed.
> > > > > + @param[in] DataToHashLen Data size.
> > > > > + @param[out] Digest Hash Digest.
> > > > > +
> > > > > + @retval TRUE Hash digest computation
> > succeeded.
> > > > > + @retval FALSE Hash digest computation failed.
> > > > > +**/
> > > > > +BOOLEAN
> > > > > +EFIAPI
> > > > > +HashApiHashAll (
> > > > > + IN CONST VOID *DataToHash,
> > > > > + IN UINTN DataToHashLen,
> > > > > + OUT UINT8 *Digest
> > > > > + )
> > > > > +{
> > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > > > > + case HASH_API_ALGO_MD4:
> > > > > + return Md4HashAll (DataToHash,
> > DataToHashLen,
> > > > Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_MD5:
> > > > > + return Md5HashAll (DataToHash,
> > DataToHashLen,
> > > > Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA1:
> > > > > + return Sha1HashAll (DataToHash,
> > DataToHashLen,
> > > > Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA256:
> > > > > + return Sha256HashAll (DataToHash,
> > > > DataToHashLen, Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA384:
> > > > > + return Sha384HashAll (DataToHash,
> > > > DataToHashLen, Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SHA512:
> > > > > + return Sha512HashAll (DataToHash,
> > > > DataToHashLen, Digest);
> > > > > + break;
> > > > > +
> > > > > + case HASH_API_ALGO_SM3_256:
> > > > > + return Sm3HashAll (DataToHash,
> > DataToHashLen,
> > > > Digest);
> > > > > + break;
> > > > > +
> > > > > + default:
> > > > > + ASSERT (FALSE);
> > > > > + return FALSE;
> > > > > + break;
> > > > > + }
> > > > > +}
> > > > > diff --git
> > > >
> > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > > > >
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > > > > new file mode 100644
> > > > > index 0000000000..b4d8675ddd
> > > > > --- /dev/null
> > > > > +++
> > > >
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > > > > @@ -0,0 +1,44 @@
> > > > > +## @file
> > > > > +# Provides Unified API for Hash Calculation
> > > > > +#
> > > > > +# This library is BaseHashApiLib. It will
> > redirect
> > > > hash request to
> > > > > +# each individual hash API, such as SHA1,
> > SHA256,
> > > > SHA384, SM3 based
> > > > > +# on hashing algorithm specified by
> > > > PcdHashApiLibPolicy.
> > > > > +#
> > > > > +# Copyright (c) 2020, Intel Corporation. All
> > rights
> > > > reserved.<BR>
> > > > > +# SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > +#
> > > > > +##
> > > > > +
> > > > > +[Defines]
> > > > > + INF_VERSION = 0x00010005
> > > > > + BASE_NAME =
> > BaseHashApiLib
> > > > > + MODULE_UNI_FILE =
> > > > BaseHashApiLib.uni
> > > > > + FILE_GUID = B1E566DD-
> > DE7C-
> > > > 4F04-BDA0-B1295D3BE927
> > > > > + MODULE_TYPE = BASE
> > > > > + VERSION_STRING = 1.0
> > > > > + LIBRARY_CLASS =
> > BaseHashApiLib
> > > > > +
> > > > > +#
> > > > > +# The following information is for reference
> > only
> > > > and not required by the build
> > > > > tools.
> > > > > +#
> > > > > +# VALID_ARCHITECTURES = IA32 X64
> > > > > +#
> > > > > +
> > > > > +[Sources]
> > > > > + BaseHashApiLib.c
> > > > > +
> > > > > +[Packages]
> > > > > + MdePkg/MdePkg.dec
> > > > > + CryptoPkg/CryptoPkg.dec
> > > > > +
> > > > > +[LibraryClasses]
> > > > > + BaseLib
> > > > > + BaseMemoryLib
> > > > > + DebugLib
> > > > > + MemoryAllocationLib
> > > > > + BaseCryptLib
> > > > > + PcdLib
> > > > > +
> > > > > +[Pcd]
> > > > > +
> > gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy
> > > > ## CONSUMES
> > > > > diff --git
> > > >
> > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > > > >
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > > > > new file mode 100644
> > > > > index 0000000000..49ba82e86f
> > > > > --- /dev/null
> > > > > +++
> > > >
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > > > > @@ -0,0 +1,17 @@
> > > > > +// /** @file
> > > > > +// Provides Unified API for Hash Calculation
> > > > > +//
> > > > > +// This library is BaseHashApiLib. It will
> > redirect
> > > > hash request to
> > > > > +// each individual hash API, such as SHA1,
> > SHA256,
> > > > SHA384, SM3 based
> > > > > +// on hashing algorithm specified by
> > > > PcdHashApiLibPolicy.
> > > > > +//
> > > > > +// Copyright (c) 2020, Intel Corporation. All
> > rights
> > > > reserved.<BR>
> > > > > +//
> > > > > +// SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > +//
> > > > > +// **/
> > > > > +
> > > > > +
> > > > > +#string STR_MODULE_ABSTRACT
> > #language
> > > > en-US "Provides hash
> > > > > service by specified hash handler"
> > > > > +
> > > > > +#string STR_MODULE_DESCRIPTION
> > #language
> > > > en-US "This library is
> > > > > Unified Hash API. It will redirect hash request
> > to
> > > > the hash handler specified by
> > > > > PcdHashApiLibPolicy."
> > > > > --
> > > > > 2.21.0.windows.1
next prev parent reply other threads:[~2020-02-05 1:32 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-03 23:35 [Patch v10 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API Michael D Kinney
2020-02-03 23:35 ` [Patch v10 1/2] CryptoPkg: Add CryptoPkg Token Space GUID Michael D Kinney
2020-02-03 23:35 ` [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API Michael D Kinney
2020-02-04 2:53 ` Yao, Jiewen
2020-02-04 5:24 ` [edk2-devel] " Zhang, Chao B
2020-02-04 16:29 ` Michael D Kinney
2020-02-04 16:26 ` Michael D Kinney
2020-02-04 17:10 ` Sukerkar, Amol N
2020-02-04 18:30 ` Sukerkar, Amol N
2020-02-04 23:06 ` Yao, Jiewen
2020-02-04 23:15 ` Sukerkar, Amol N
2020-02-04 23:20 ` Yao, Jiewen
2020-02-04 23:22 ` Sukerkar, Amol N
2020-02-04 22:54 ` Yao, Jiewen
2020-02-05 1:04 ` Michael D Kinney
2020-02-05 1:32 ` Yao, Jiewen [this message]
2020-02-05 11:00 ` [edk2-devel] " Laszlo Ersek
2020-02-05 13:53 ` Wang, Jian J
2020-02-05 16:18 ` Michael D Kinney
2020-02-05 21:23 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=74D8A39837DF1E4DA445A8C0B3885C503F91333E@shsmsx102.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox