From: "Gao, Zhichao" <zhichao.gao@intel.com>
To: "Jiang, Guomin" <guomin.jiang@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Wang, Jian J" <jian.j.wang@intel.com>,
"Lu, XiaoyuX" <xiaoyux.lu@intel.com>,
"Fu, Siyuan" <siyuan.fu@intel.com>,
"Kinney, Michael D" <michael.d.kinney@intel.com>,
"Yao, Jiewen" <jiewen.yao@intel.com>,
Philippe Mathieu-Daude <philmd@redhat.com>
Subject: Re: [edk2-devel] [PATCH V4 02/11] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
Date: Thu, 14 May 2020 05:58:44 +0000 [thread overview]
Message-ID: <DM6PR11MB4425F8160F7CC76847ACB129F6BC0@DM6PR11MB4425.namprd11.prod.outlook.com> (raw)
In-Reply-To: <DM6PR11MB29554C67ACA6A553F7FD022A9DBC0@DM6PR11MB2955.namprd11.prod.outlook.com>
Thanks for the reminder, Guomin.
I would fix it in next patch set.
Thanks,
Zhichao
> -----Original Message-----
> From: Jiang, Guomin <guomin.jiang@intel.com>
> Sent: Thursday, May 14, 2020 11:14 AM
> To: devel@edk2.groups.io; Gao, Zhichao <zhichao.gao@intel.com>
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX <xiaoyux.lu@intel.com>;
> Fu, Siyuan <siyuan.fu@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Philippe
> Mathieu-Daude <philmd@redhat.com>
> Subject: RE: [edk2-devel] [PATCH V4 02/11] CryptoPkg/BaseCrpytLib: Retire MD4
> algorithm
>
> Add commit inline.
>
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gao,
> > Zhichao
> > Sent: Tuesday, May 12, 2020 2:27 AM
> > To: devel@edk2.groups.io
> > Cc: Wang, Jian J <jian.j.wang@intel.com>; Lu, XiaoyuX
> > <xiaoyux.lu@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Kinney, Michael
> > D <michael.d.kinney@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>;
> > Philippe Mathieu-Daude <philmd@redhat.com>
> > Subject: [edk2-devel] [PATCH V4 02/11] CryptoPkg/BaseCrpytLib: Retire MD4
> > algorithm
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
> >
> > MD4 is not secure any longer.
> > Remove the MD4 support from edk2.
> > Change the MD4 field name in EDKII_CRYPTO_PROTOCOL to indicate the
> > function is unsupported any longer.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> > Cc: Siyuan Fu <siyuan.fu@intel.com>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>.
>
> The Cc format is incorrect and please remove '.' character at the end of line.
>
> > Cc: Philippe Mathieu-Daude <philmd@redhat.com>
> > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > ---
> > CryptoPkg/CryptoPkg.dsc | 1 -
> > CryptoPkg/Driver/Crypto.c | 135 ++---------
> > CryptoPkg/Include/Library/BaseCryptLib.h | 145 ------------
> > .../Library/BaseCryptLib/BaseCryptLib.inf | 3 +-
> > .../Library/BaseCryptLib/Hash/CryptMd4.c | 223 ------------------
> > .../Library/BaseCryptLib/Hash/CryptMd4Null.c | 143 -----------
> > .../Library/BaseCryptLib/PeiCryptLib.inf | 5 +-
> > .../Library/BaseCryptLib/PeiCryptLib.uni | 6 +-
> > .../Library/BaseCryptLib/RuntimeCryptLib.inf | 5 +-
> > .../Library/BaseCryptLib/RuntimeCryptLib.uni | 6 +-
> > .../Library/BaseCryptLib/SmmCryptLib.inf | 5 +-
> > .../Library/BaseCryptLib/SmmCryptLib.uni | 6 +-
> > .../BaseCryptLibNull/BaseCryptLibNull.inf | 1 -
> > .../BaseCryptLibNull/Hash/CryptMd4Null.c | 143 -----------
> > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 158 -------------
> > CryptoPkg/Private/Protocol/Crypto.h | 123 ++--------
> > 16 files changed, 52 insertions(+), 1056 deletions(-)
> > delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > delete mode 100644
> > CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> >
> > diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
> > index f79ff331cf..6ed7046563 100644
> > --- a/CryptoPkg/CryptoPkg.dsc
> > +++ b/CryptoPkg/CryptoPkg.dsc
> > @@ -140,7 +140,6 @@
> >
> > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacMd5.Fa
> > mily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> >
> > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha1.Fa
> > mily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> >
> > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.
> > Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> > - gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md4.Family
> > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md5.Family
> > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family
> > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> > gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family
> > | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
> > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
> > index ed0083cccf..c7a54182c7 100644
> > --- a/CryptoPkg/Driver/Crypto.c
> > +++ b/CryptoPkg/Driver/Crypto.c
> > @@ -124,161 +124,68 @@ CryptoServiceGetCryptoVersion (
> >
> > //=========================================================
> > ============================
> >
> > /**
> > - Retrieves the size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > -
> > - If this interface is not supported, then return zero.
> > -
> > - @return The size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > - @retval 0 This interface is not supported.
> > + MD4 is deprecated and unsupported any longer.
> > + Keep the function field for binary compability.
> >
> > **/
> > UINTN
> > EFIAPI
> > -CryptoServiceMd4GetContextSize (
> > +DeprecatedCryptoServiceMd4GetContextSize (
> > VOID
> > )
> > {
> > - return CALL_BASECRYPTLIB (Md4.Services.GetContextSize,
> > Md4GetContextSize, (), 0);
> > + return BaseCryptLibServiceDeprecated ("Md4GetContextSize"), 0;
> > }
> >
> > -/**
> > - Initializes user-supplied memory pointed by Md4Context as MD4 hash
> > context for
> > - subsequent use.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[out] Md4Context Pointer to MD4 context being initialized.
> > -
> > - @retval TRUE MD4 context initialization succeeded.
> > - @retval FALSE MD4 context initialization failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > BOOLEAN
> > EFIAPI
> > -CryptoServiceMd4Init (
> > +DeprecatedCryptoServiceMd4Init (
> > OUT VOID *Md4Context
> > )
> > {
> > - return CALL_BASECRYPTLIB (Md4.Services.Init, Md4Init, (Md4Context),
> > FALSE);
> > + return BaseCryptLibServiceDeprecated ("Md4Init"), FALSE;
> > }
> >
> > -/**
> > - Makes a copy of an existing MD4 context.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If NewMd4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in] Md4Context Pointer to MD4 context being copied.
> > - @param[out] NewMd4Context Pointer to new MD4 context.
> > -
> > - @retval TRUE MD4 context copy succeeded.
> > - @retval FALSE MD4 context copy failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > BOOLEAN
> > EFIAPI
> > -CryptoServiceMd4Duplicate (
> > +DeprecatedCryptoServiceMd4Duplicate (
> > IN CONST VOID *Md4Context,
> > OUT VOID *NewMd4Context
> > )
> > {
> > - return CALL_BASECRYPTLIB (Md4.Services.Duplicate, Md4Duplicate,
> > (Md4Context, NewMd4Context), FALSE);
> > + return BaseCryptLibServiceDeprecated ("Md4Duplicate"), FALSE;
> > }
> >
> > -/**
> > - Digests the input data and updates MD4 context.
> > -
> > - This function performs MD4 digest on a data buffer of the specified size.
> > - It can be called multiple times to compute the digest of long or
> > discontinuous data streams.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be finalized
> > - by Md4Final(). Behavior with invalid context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > -
> > - @retval TRUE MD4 data digest succeeded.
> > - @retval FALSE MD4 data digest failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > BOOLEAN
> > EFIAPI
> > -CryptoServiceMd4Update (
> > +DeprecatedCryptoServiceMd4Update (
> > IN OUT VOID *Md4Context,
> > IN CONST VOID *Data,
> > IN UINTN DataSize
> > )
> > {
> > - return CALL_BASECRYPTLIB (Md4.Services.Update, Md4Update,
> > (Md4Context, Data, DataSize), FALSE);
> > + return BaseCryptLibServiceDeprecated ("Md4Update"), FALSE;
> > }
> >
> > -/**
> > - Completes computation of the MD4 digest value.
> > -
> > - This function completes MD4 hash computation and retrieves the digest
> > value into
> > - the specified memory. After this function has been called, the MD4 context
> > cannot
> > - be used again.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be
> > - finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If HashValue is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4
> > digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > BOOLEAN
> > EFIAPI
> > -CryptoServiceMd4Final (
> > +DeprecatedCryptoServiceMd4Final (
> > IN OUT VOID *Md4Context,
> > OUT UINT8 *HashValue
> > )
> > {
> > - return CALL_BASECRYPTLIB (Md4.Services.Final, Md4Final, (Md4Context,
> > HashValue), FALSE);
> > + return BaseCryptLibServiceDeprecated ("Md4Final"), FALSE;
> > }
> >
> > -/**
> > - Computes the MD4 message digest of a input data buffer.
> > -
> > - This function performs the MD4 message digest of a given data buffer, and
> > places
> > - the digest value into the specified memory.
> > -
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4 digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > BOOLEAN
> > EFIAPI
> > -CryptoServiceMd4HashAll (
> > +DeprecatedCryptoServiceMd4HashAll (
> > IN CONST VOID *Data,
> > IN UINTN DataSize,
> > OUT UINT8 *HashValue
> > )
> > {
> > - return CALL_BASECRYPTLIB (Md4.Services.HashAll, Md4HashAll, (Data,
> > DataSize, HashValue), FALSE);
> > + return BaseCryptLibServiceDeprecated ("Md4HashAll"), FALSE;
> > }
> >
> > /**
> > @@ -4440,13 +4347,13 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =
> > {
> > CryptoServiceHmacSha256Duplicate,
> > CryptoServiceHmacSha256Update,
> > CryptoServiceHmacSha256Final,
> > - /// Md4
> > - CryptoServiceMd4GetContextSize,
> > - CryptoServiceMd4Init,
> > - CryptoServiceMd4Duplicate,
> > - CryptoServiceMd4Update,
> > - CryptoServiceMd4Final,
> > - CryptoServiceMd4HashAll,
> > + /// Md4 - deprecated and unsupported
> > + DeprecatedCryptoServiceMd4GetContextSize,
> > + DeprecatedCryptoServiceMd4Init,
> > + DeprecatedCryptoServiceMd4Duplicate,
> > + DeprecatedCryptoServiceMd4Update,
> > + DeprecatedCryptoServiceMd4Final,
> > + DeprecatedCryptoServiceMd4HashAll,
> > /// Md5
> > CryptoServiceMd5GetContextSize,
> > CryptoServiceMd5Init,
> > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
> > b/CryptoPkg/Include/Library/BaseCryptLib.h
> > index 5e8f2e0a10..c862f0334f 100644
> > --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> > @@ -14,11 +14,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > #include <Uefi/UefiBaseType.h>
> >
> > -///
> > -/// MD4 digest size in bytes
> > -///
> > -#define MD4_DIGEST_SIZE 16
> > -
> > ///
> > /// MD5 digest size in bytes
> > ///
> > @@ -77,146 +72,6 @@ typedef enum {
> > // One-Way Cryptographic Hash Primitives
> >
> > //=========================================================
> > ============================
> >
> > -/**
> > - Retrieves the size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > -
> > - If this interface is not supported, then return zero.
> > -
> > - @return The size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > - @retval 0 This interface is not supported.
> > -
> > -**/
> > -UINTN
> > -EFIAPI
> > -Md4GetContextSize (
> > - VOID
> > - );
> > -
> > -/**
> > - Initializes user-supplied memory pointed by Md4Context as MD4 hash
> > context for
> > - subsequent use.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[out] Md4Context Pointer to MD4 context being initialized.
> > -
> > - @retval TRUE MD4 context initialization succeeded.
> > - @retval FALSE MD4 context initialization failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Init (
> > - OUT VOID *Md4Context
> > - );
> > -
> > -/**
> > - Makes a copy of an existing MD4 context.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If NewMd4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in] Md4Context Pointer to MD4 context being copied.
> > - @param[out] NewMd4Context Pointer to new MD4 context.
> > -
> > - @retval TRUE MD4 context copy succeeded.
> > - @retval FALSE MD4 context copy failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Duplicate (
> > - IN CONST VOID *Md4Context,
> > - OUT VOID *NewMd4Context
> > - );
> > -
> > -/**
> > - Digests the input data and updates MD4 context.
> > -
> > - This function performs MD4 digest on a data buffer of the specified size.
> > - It can be called multiple times to compute the digest of long or
> > discontinuous data streams.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be finalized
> > - by Md4Final(). Behavior with invalid context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > -
> > - @retval TRUE MD4 data digest succeeded.
> > - @retval FALSE MD4 data digest failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Update (
> > - IN OUT VOID *Md4Context,
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize
> > - );
> > -
> > -/**
> > - Completes computation of the MD4 digest value.
> > -
> > - This function completes MD4 hash computation and retrieves the digest
> > value into
> > - the specified memory. After this function has been called, the MD4 context
> > cannot
> > - be used again.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be
> > - finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If HashValue is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4
> > digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Final (
> > - IN OUT VOID *Md4Context,
> > - OUT UINT8 *HashValue
> > - );
> > -
> > -/**
> > - Computes the MD4 message digest of a input data buffer.
> > -
> > - This function performs the MD4 message digest of a given data buffer, and
> > places
> > - the digest value into the specified memory.
> > -
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4 digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4HashAll (
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize,
> > - OUT UINT8 *HashValue
> > - );
> > -
> > /**
> > Retrieves the size, in bytes, of the context buffer required for MD5 hash
> > operations.
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > index a63ad66b4f..22992e7d43 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
> > @@ -6,7 +6,7 @@
> > # This external input must be validated carefully to avoid security issues
> > such as
> > # buffer overflow or integer overflow.
> > #
> > -# Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>
> > +# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> > reserved.<BR>
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > #
> > @@ -29,7 +29,6 @@
> >
> > [Sources]
> > InternalCryptLib.h
> > - Hash/CryptMd4.c
> > Hash/CryptMd5.c
> > Hash/CryptSha1.c
> > Hash/CryptSha256.c
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > deleted file mode 100644
> > index bc02da07b0..0000000000
> > --- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
> > +++ /dev/null
> > @@ -1,223 +0,0 @@
> > -/** @file
> > - MD4 Digest Wrapper Implementation over OpenSSL.
> > -
> > -Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
> > -SPDX-License-Identifier: BSD-2-Clause-Patent
> > -
> > -**/
> > -
> > -#include "InternalCryptLib.h"
> > -#include <openssl/md4.h>
> > -
> > -/**
> > - Retrieves the size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > -
> > - @return The size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > -
> > -**/
> > -UINTN
> > -EFIAPI
> > -Md4GetContextSize (
> > - VOID
> > - )
> > -{
> > - //
> > - // Retrieves the OpenSSL MD4 Context Size
> > - //
> > - return (UINTN) (sizeof (MD4_CTX));
> > -}
> > -
> > -/**
> > - Initializes user-supplied memory pointed by Md4Context as MD4 hash
> > context for
> > - subsequent use.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > -
> > - @param[out] Md4Context Pointer to MD4 context being initialized.
> > -
> > - @retval TRUE MD4 context initialization succeeded.
> > - @retval FALSE MD4 context initialization failed.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Init (
> > - OUT VOID *Md4Context
> > - )
> > -{
> > - //
> > - // Check input parameters.
> > - //
> > - if (Md4Context == NULL) {
> > - return FALSE;
> > - }
> > -
> > - //
> > - // OpenSSL MD4 Context Initialization
> > - //
> > - return (BOOLEAN) (MD4_Init ((MD4_CTX *) Md4Context));
> > -}
> > -
> > -/**
> > - Makes a copy of an existing MD4 context.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If NewMd4Context is NULL, then return FALSE.
> > -
> > - @param[in] Md4Context Pointer to MD4 context being copied.
> > - @param[out] NewMd4Context Pointer to new MD4 context.
> > -
> > - @retval TRUE MD4 context copy succeeded.
> > - @retval FALSE MD4 context copy failed.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Duplicate (
> > - IN CONST VOID *Md4Context,
> > - OUT VOID *NewMd4Context
> > - )
> > -{
> > - //
> > - // Check input parameters.
> > - //
> > - if (Md4Context == NULL || NewMd4Context == NULL) {
> > - return FALSE;
> > - }
> > -
> > - CopyMem (NewMd4Context, Md4Context, sizeof (MD4_CTX));
> > -
> > - return TRUE;
> > -}
> > -
> > -/**
> > - Digests the input data and updates MD4 context.
> > -
> > - This function performs MD4 digest on a data buffer of the specified size.
> > - It can be called multiple times to compute the digest of long or
> > discontinuous data streams.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be finalized
> > - by Md4Final(). Behavior with invalid context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > -
> > - @retval TRUE MD4 data digest succeeded.
> > - @retval FALSE MD4 data digest failed.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Update (
> > - IN OUT VOID *Md4Context,
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize
> > - )
> > -{
> > - //
> > - // Check input parameters.
> > - //
> > - if (Md4Context == NULL) {
> > - return FALSE;
> > - }
> > -
> > - //
> > - // Check invalid parameters, in case that only DataLength was checked in
> > OpenSSL
> > - //
> > - if (Data == NULL && DataSize != 0) {
> > - return FALSE;
> > - }
> > -
> > - //
> > - // OpenSSL MD4 Hash Update
> > - //
> > - return (BOOLEAN) (MD4_Update ((MD4_CTX *) Md4Context, Data,
> > DataSize));
> > -}
> > -
> > -/**
> > - Completes computation of the MD4 digest value.
> > -
> > - This function completes MD4 hash computation and retrieves the digest
> > value into
> > - the specified memory. After this function has been called, the MD4 context
> > cannot
> > - be used again.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be
> > - finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If HashValue is NULL, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4
> > digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Final (
> > - IN OUT VOID *Md4Context,
> > - OUT UINT8 *HashValue
> > - )
> > -{
> > - //
> > - // Check input parameters.
> > - //
> > - if (Md4Context == NULL || HashValue == NULL) {
> > - return FALSE;
> > - }
> > -
> > - //
> > - // OpenSSL MD4 Hash Finalization
> > - //
> > - return (BOOLEAN) (MD4_Final (HashValue, (MD4_CTX *) Md4Context));
> > -}
> > -
> > -/**
> > - Computes the MD4 message digest of a input data buffer.
> > -
> > - This function performs the MD4 message digest of a given data buffer, and
> > places
> > - the digest value into the specified memory.
> > -
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4 digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4HashAll (
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize,
> > - OUT UINT8 *HashValue
> > - )
> > -{
> > - //
> > - // Check input parameters.
> > - //
> > - if (HashValue == NULL) {
> > - return FALSE;
> > - }
> > - if (Data == NULL && DataSize != 0) {
> > - return FALSE;
> > - }
> > -
> > - //
> > - // OpenSSL MD4 Hash Computation.
> > - //
> > - if (MD4 (Data, DataSize, HashValue) == NULL) {
> > - return FALSE;
> > - } else {
> > - return TRUE;
> > - }
> > -}
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > deleted file mode 100644
> > index 610c61c713..0000000000
> > --- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
> > +++ /dev/null
> > @@ -1,143 +0,0 @@
> > -/** @file
> > - MD4 Digest Wrapper Implementation which does not provide real
> > capabilities.
> > -
> > -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
> > -SPDX-License-Identifier: BSD-2-Clause-Patent
> > -
> > -**/
> > -
> > -#include "InternalCryptLib.h"
> > -
> > -/**
> > - Retrieves the size, in bytes, of the context buffer required for MD4 hash
> > - operations.
> > -
> > - Return zero to indicate this interface is not supported.
> > -
> > - @retval 0 This interface is not supported.
> > -
> > -**/
> > -UINTN
> > -EFIAPI
> > -Md4GetContextSize (
> > - VOID
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return 0;
> > -}
> > -
> > -/**
> > - Initializes user-supplied memory pointed by Md4Context as MD4 hash
> > context for
> > - subsequent use.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[out] Md4Context Pointer to MD4 context being initialized.
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Init (
> > - OUT VOID *Md4Context
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > -
> > -/**
> > - Makes a copy of an existing MD4 context.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[in] Md4Context Pointer to MD4 context being copied.
> > - @param[out] NewMd4Context Pointer to new MD4 context.
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Duplicate (
> > - IN CONST VOID *Md4Context,
> > - OUT VOID *NewMd4Context
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > -
> > -/**
> > - Digests the input data and updates MD4 context.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Update (
> > - IN OUT VOID *Md4Context,
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > -
> > -/**
> > - Completes computation of the MD4 digest value.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4
> > digest
> > - value (16 bytes).
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Final (
> > - IN OUT VOID *Md4Context,
> > - OUT UINT8 *HashValue
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > -
> > -/**
> > - Computes the MD4 message digest of a input data buffer.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4 digest
> > - value (16 bytes).
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4HashAll (
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize,
> > - OUT UINT8 *HashValue
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > index c836c257f8..e9add0127d 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
> > @@ -6,14 +6,14 @@
> > # This external input must be validated carefully to avoid security issues
> > such as
> > # buffer overflow or integer overflow.
> > #
> > -# Note: MD4 Digest functions,
> > +# Note:
> > # HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4
> > functions, RSA external
> > # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions,
> > X.509
> > # certificate handler functions, authenticode signature verification
> > functions,
> > # PEM handler functions, and pseudorandom number generator functions
> > are not
> > # supported in this instance.
> > #
> > -# Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
> > +# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > #
> > ##
> > @@ -35,7 +35,6 @@
> >
> > [Sources]
> > InternalCryptLib.h
> > - Hash/CryptMd4Null.c
> > Hash/CryptMd5.c
> > Hash/CryptSha1.c
> > Hash/CryptSha256.c
> > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
> > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
> > index 9937555beb..374bfb3f65 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
> > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
> > @@ -6,13 +6,13 @@
> > // This external input must be validated carefully to avoid security issues
> > such as
> > // buffer overflow or integer overflow.
> > //
> > -// Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1
> > functions, AES/
> > +// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
> > // TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign
> > functions,
> > // Diffie-Hellman functions, X.509 certificate handler functions, authenticode
> > // signature verification functions, PEM handler functions, and
> > pseudorandom number
> > // generator functions are not supported in this instance.
> > //
> > -// Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> > +// Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> > //
> > // SPDX-License-Identifier: BSD-2-Clause-Patent
> > //
> > @@ -21,5 +21,5 @@
> >
> > #string STR_MODULE_ABSTRACT #language en-US "Cryptographic
> > Library Instance for PEIM"
> >
> > -#string STR_MODULE_DESCRIPTION #language en-US "Caution: This
> > module requires additional review when modified. This library will have
> > external input - signature. This external input must be validated carefully to
> > avoid security issues such as buffer overflow or integer overflow. Note: MD4
> > Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
> > TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign
> > functions, Diffie-Hellman functions, X.509 certificate handler functions,
> > authenticode signature verification functions, PEM handler functions, and
> > pseudorandom number generator functions are not supported in this
> > instance."
> > +#string STR_MODULE_DESCRIPTION #language en-US "Caution: This
> > module requires additional review when modified. This library will have
> > external input - signature. This external input must be validated carefully to
> > avoid security issues such as buffer overflow or integer overflow. Note:
> > HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions,
> > RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman
> > functions, X.509 certificate handler functions, authenticode signature
> > verification functions, PEM handler functions, and pseudorandom number
> > generator functions are not supported in this instance."
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > index e5b8ececc1..0a2eb03232 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
> > @@ -6,12 +6,12 @@
> > # This external input must be validated carefully to avoid security issues
> > such as
> > # buffer overflow or integer overflow.
> > #
> > -# Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest
> > functions,
> > +# Note: SHA-384 Digest functions, SHA-512 Digest functions,
> > # HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4
> > functions, RSA external
> > # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions,
> > and
> > # authenticode signature verification functions are not supported in this
> > instance.
> > #
> > -# Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>
> > +# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > # Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights
> > reserved.<BR>
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > #
> > @@ -35,7 +35,6 @@
> >
> > [Sources]
> > InternalCryptLib.h
> > - Hash/CryptMd4Null.c
> > Hash/CryptMd5.c
> > Hash/CryptSha1.c
> > Hash/CryptSha256.c
> > diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
> > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
> > index c0a16f1b84..b6d751176e 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
> > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
> > @@ -6,12 +6,12 @@
> > // This external input must be validated carefully to avoid security issues
> > such as
> > // buffer overflow or integer overflow.
> > //
> > -// Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1
> > functions, AES/
> > +// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
> > // TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign
> > functions,
> > // Diffie-Hellman functions, and authenticode signature verification
> > functions are
> > // not supported in this instance.
> > //
> > -// Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
> > +// Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
> > //
> > // SPDX-License-Identifier: BSD-2-Clause-Patent
> > //
> > @@ -20,5 +20,5 @@
> >
> > #string STR_MODULE_ABSTRACT #language en-US "Cryptographic
> > Library Instance for DXE_RUNTIME_DRIVER"
> >
> > -#string STR_MODULE_DESCRIPTION #language en-US "Caution: This
> > module requires additional review when modified. This library will have
> > external input - signature. This external input must be validated carefully to
> > avoid security issues such as buffer overflow or integer overflow. Note: MD4
> > Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
> > TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign
> > functions, Diffie-Hellman functions, and authenticode signature verification
> > functions are not supported in this instance."
> > +#string STR_MODULE_DESCRIPTION #language en-US "Caution: This
> > module requires additional review when modified. This library will have
> > external input - signature. This external input must be validated carefully to
> > avoid security issues such as buffer overflow or integer overflow. Note:
> > HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions,
> > RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman
> > functions, and authenticode signature verification functions are not
> > supported in this instance."
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > index cc0b65fd25..139983075e 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > @@ -6,12 +6,12 @@
> > # This external input must be validated carefully to avoid security issues
> > such as
> > # buffer overflow or integer overflow.
> > #
> > -# Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest
> > functions,
> > +# Note: SHA-384 Digest functions, SHA-512 Digest functions,
> > # HMAC-MD5 functions, HMAC-SHA1 functions, TDES/ARC4 functions, RSA
> > external
> > # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions,
> > and
> > # authenticode signature verification functions are not supported in this
> > instance.
> > #
> > -# Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
> > +# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > #
> > ##
> > @@ -34,7 +34,6 @@
> >
> > [Sources]
> > InternalCryptLib.h
> > - Hash/CryptMd4Null.c
> > Hash/CryptMd5.c
> > Hash/CryptSha1.c
> > Hash/CryptSha256.c
> > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
> > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
> > index 83485fbb90..b8d7953d2b 100644
> > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
> > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
> > @@ -6,12 +6,12 @@
> > // This external input must be validated carefully to avoid security issues
> > such as
> > // buffer overflow or integer overflow.
> > //
> > -// Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1
> > functions, AES/
> > +// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
> > // TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign
> > functions,
> > // Diffie-Hellman functions, and authenticode signature verification
> > functions are
> > // not supported in this instance.
> > //
> > -// Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
> > +// Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
> > //
> > // SPDX-License-Identifier: BSD-2-Clause-Patent
> > //
> > @@ -20,5 +20,5 @@
> >
> > #string STR_MODULE_ABSTRACT #language en-US "Cryptographic
> > Library Instance for SMM driver"
> >
> > -#string STR_MODULE_DESCRIPTION #language en-US "Caution: This
> > module requires additional review when modified. This library will have
> > external input - signature. This external input must be validated carefully to
> > avoid security issues such as buffer overflow or integer overflow. Note: MD4
> > Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
> > TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign
> > functions, Diffie-Hellman functions, and authenticode signature verification
> > functions are not supported in this instance."
> > +#string STR_MODULE_DESCRIPTION #language en-US "Caution: This
> > module requires additional review when modified. This library will have
> > external input - signature. This external input must be validated carefully to
> > avoid security issues such as buffer overflow or integer overflow. Note:
> > HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions,
> > RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman
> > functions, and authenticode signature verification functions are not
> > supported in this instance."
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > index 9b4991cbb0..b03681b146 100644
> > --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
> > @@ -29,7 +29,6 @@
> >
> > [Sources]
> > InternalCryptLib.h
> > - Hash/CryptMd4Null.c
> > Hash/CryptMd5Null.c
> > Hash/CryptSha1Null.c
> > Hash/CryptSha256Null.c
> > diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > deleted file mode 100644
> > index 610c61c713..0000000000
> > --- a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
> > +++ /dev/null
> > @@ -1,143 +0,0 @@
> > -/** @file
> > - MD4 Digest Wrapper Implementation which does not provide real
> > capabilities.
> > -
> > -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
> > -SPDX-License-Identifier: BSD-2-Clause-Patent
> > -
> > -**/
> > -
> > -#include "InternalCryptLib.h"
> > -
> > -/**
> > - Retrieves the size, in bytes, of the context buffer required for MD4 hash
> > - operations.
> > -
> > - Return zero to indicate this interface is not supported.
> > -
> > - @retval 0 This interface is not supported.
> > -
> > -**/
> > -UINTN
> > -EFIAPI
> > -Md4GetContextSize (
> > - VOID
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return 0;
> > -}
> > -
> > -/**
> > - Initializes user-supplied memory pointed by Md4Context as MD4 hash
> > context for
> > - subsequent use.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[out] Md4Context Pointer to MD4 context being initialized.
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Init (
> > - OUT VOID *Md4Context
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > -
> > -/**
> > - Makes a copy of an existing MD4 context.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[in] Md4Context Pointer to MD4 context being copied.
> > - @param[out] NewMd4Context Pointer to new MD4 context.
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Duplicate (
> > - IN CONST VOID *Md4Context,
> > - OUT VOID *NewMd4Context
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > -
> > -/**
> > - Digests the input data and updates MD4 context.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Update (
> > - IN OUT VOID *Md4Context,
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > -
> > -/**
> > - Completes computation of the MD4 digest value.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4
> > digest
> > - value (16 bytes).
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Final (
> > - IN OUT VOID *Md4Context,
> > - OUT UINT8 *HashValue
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > -
> > -/**
> > - Computes the MD4 message digest of a input data buffer.
> > -
> > - Return FALSE to indicate this interface is not supported.
> > -
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4 digest
> > - value (16 bytes).
> > -
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4HashAll (
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize,
> > - OUT UINT8 *HashValue
> > - )
> > -{
> > - ASSERT (FALSE);
> > - return FALSE;
> > -}
> > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > index c2a1df9afc..5e470028f4 100644
> > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
> > @@ -99,164 +99,6 @@ CryptoServiceNotAvailable (
> > // One-Way Cryptographic Hash Primitives
> >
> > //=========================================================
> > ============================
> >
> > -/**
> > - Retrieves the size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > -
> > - If this interface is not supported, then return zero.
> > -
> > - @return The size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > - @retval 0 This interface is not supported.
> > -
> > -**/
> > -UINTN
> > -EFIAPI
> > -Md4GetContextSize (
> > - VOID
> > - )
> > -{
> > - CALL_CRYPTO_SERVICE (Md4GetContextSize, (), 0);
> > -}
> > -
> > -/**
> > - Initializes user-supplied memory pointed by Md4Context as MD4 hash
> > context for
> > - subsequent use.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[out] Md4Context Pointer to MD4 context being initialized.
> > -
> > - @retval TRUE MD4 context initialization succeeded.
> > - @retval FALSE MD4 context initialization failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Init (
> > - OUT VOID *Md4Context
> > - )
> > -{
> > - CALL_CRYPTO_SERVICE (Md4Init, (Md4Context), FALSE);
> > -}
> > -
> > -/**
> > - Makes a copy of an existing MD4 context.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If NewMd4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in] Md4Context Pointer to MD4 context being copied.
> > - @param[out] NewMd4Context Pointer to new MD4 context.
> > -
> > - @retval TRUE MD4 context copy succeeded.
> > - @retval FALSE MD4 context copy failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Duplicate (
> > - IN CONST VOID *Md4Context,
> > - OUT VOID *NewMd4Context
> > - )
> > -{
> > - CALL_CRYPTO_SERVICE (Md4Duplicate, (Md4Context, NewMd4Context),
> > FALSE);
> > -}
> > -
> > -/**
> > - Digests the input data and updates MD4 context.
> > -
> > - This function performs MD4 digest on a data buffer of the specified size.
> > - It can be called multiple times to compute the digest of long or
> > discontinuous data streams.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be finalized
> > - by Md4Final(). Behavior with invalid context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > -
> > - @retval TRUE MD4 data digest succeeded.
> > - @retval FALSE MD4 data digest failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Update (
> > - IN OUT VOID *Md4Context,
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize
> > - )
> > -{
> > - CALL_CRYPTO_SERVICE (Md4Update, (Md4Context, Data, DataSize),
> > FALSE);
> > -}
> > -
> > -/**
> > - Completes computation of the MD4 digest value.
> > -
> > - This function completes MD4 hash computation and retrieves the digest
> > value into
> > - the specified memory. After this function has been called, the MD4 context
> > cannot
> > - be used again.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be
> > - finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If HashValue is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4
> > digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4Final (
> > - IN OUT VOID *Md4Context,
> > - OUT UINT8 *HashValue
> > - )
> > -{
> > - CALL_CRYPTO_SERVICE (Md4Final, (Md4Context, HashValue), FALSE);
> > -}
> > -
> > -/**
> > - Computes the MD4 message digest of a input data buffer.
> > -
> > - This function performs the MD4 message digest of a given data buffer, and
> > places
> > - the digest value into the specified memory.
> > -
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4 digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > -BOOLEAN
> > -EFIAPI
> > -Md4HashAll (
> > - IN CONST VOID *Data,
> > - IN UINTN DataSize,
> > - OUT UINT8 *HashValue
> > - )
> > -{
> > - CALL_CRYPTO_SERVICE (Md4HashAll, (Data, DataSize, HashValue), FALSE);
> > -}
> > -
> > /**
> > Retrieves the size, in bytes, of the context buffer required for MD5 hash
> > operations.
> >
> > diff --git a/CryptoPkg/Private/Protocol/Crypto.h
> > b/CryptoPkg/Private/Protocol/Crypto.h
> > index 40c387e002..ae0f29695c 100644
> > --- a/CryptoPkg/Private/Protocol/Crypto.h
> > +++ b/CryptoPkg/Private/Protocol/Crypto.h
> > @@ -451,145 +451,52 @@ BOOLEAN
> >
> > //=========================================================
> > ============================
> >
> > /**
> > - Retrieves the size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > -
> > - If this interface is not supported, then return zero.
> > -
> > - @return The size, in bytes, of the context buffer required for MD4 hash
> > operations.
> > - @retval 0 This interface is not supported.
> > + MD4 is deprecated and unsupported any longer.
> > + Keep the function field for binary compability.
> >
> > **/
> > typedef
> > UINTN
> > -(EFIAPI *EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE) (
> > +(EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE) (
> > VOID
> > );
> >
> >
> > -/**
> > - Initializes user-supplied memory pointed by Md4Context as MD4 hash
> > context for
> > - subsequent use.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[out] Md4Context Pointer to MD4 context being initialized.
> > -
> > - @retval TRUE MD4 context initialization succeeded.
> > - @retval FALSE MD4 context initialization failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > typedef
> > BOOLEAN
> > -(EFIAPI *EDKII_CRYPTO_MD4_INIT) (
> > +(EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_INIT) (
> > OUT VOID *Md4Context
> > );
> >
> >
> > -/**
> > - Makes a copy of an existing MD4 context.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If NewMd4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in] Md4Context Pointer to MD4 context being copied.
> > - @param[out] NewMd4Context Pointer to new MD4 context.
> > -
> > - @retval TRUE MD4 context copy succeeded.
> > - @retval FALSE MD4 context copy failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > typedef
> > BOOLEAN
> > -(EFIAPI *EDKII_CRYPTO_MD4_DUPLICATE) (
> > +(EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_DUPLICATE) (
> > IN CONST VOID *Md4Context,
> > OUT VOID *NewMd4Context
> > );
> >
> >
> > -/**
> > - Digests the input data and updates MD4 context.
> > -
> > - This function performs MD4 digest on a data buffer of the specified size.
> > - It can be called multiple times to compute the digest of long or
> > discontinuous data streams.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be finalized
> > - by Md4Final(). Behavior with invalid context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > -
> > - @retval TRUE MD4 data digest succeeded.
> > - @retval FALSE MD4 data digest failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > typedef
> > BOOLEAN
> > -(EFIAPI *EDKII_CRYPTO_MD4_UPDATE) (
> > +(EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_UPDATE) (
> > IN OUT VOID *Md4Context,
> > IN CONST VOID *Data,
> > IN UINTN DataSize
> > );
> >
> >
> > -/**
> > - Completes computation of the MD4 digest value.
> > -
> > - This function completes MD4 hash computation and retrieves the digest
> > value into
> > - the specified memory. After this function has been called, the MD4 context
> > cannot
> > - be used again.
> > - MD4 context should be already correctly initialized by Md4Init(), and should
> > not be
> > - finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
> > -
> > - If Md4Context is NULL, then return FALSE.
> > - If HashValue is NULL, then return FALSE.
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in, out] Md4Context Pointer to the MD4 context.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4
> > digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > typedef
> > BOOLEAN
> > -(EFIAPI *EDKII_CRYPTO_MD4_FINAL) (
> > +(EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_FINAL) (
> > IN OUT VOID *Md4Context,
> > OUT UINT8 *HashValue
> > );
> >
> >
> > -/**
> > - Computes the MD4 message digest of a input data buffer.
> > -
> > - This function performs the MD4 message digest of a given data buffer, and
> > places
> > - the digest value into the specified memory.
> > -
> > - If this interface is not supported, then return FALSE.
> > -
> > - @param[in] Data Pointer to the buffer containing the data to be
> > hashed.
> > - @param[in] DataSize Size of Data buffer in bytes.
> > - @param[out] HashValue Pointer to a buffer that receives the MD4 digest
> > - value (16 bytes).
> > -
> > - @retval TRUE MD4 digest computation succeeded.
> > - @retval FALSE MD4 digest computation failed.
> > - @retval FALSE This interface is not supported.
> > -
> > -**/
> > typedef
> > BOOLEAN
> > -(EFIAPI *EDKII_CRYPTO_MD4_HASH_ALL) (
> > +(EFIAPI *DEPRECATED_EDKII_CRYPTO_MD4_HASH_ALL) (
> > IN CONST VOID *Data,
> > IN UINTN DataSize,
> > OUT UINT8 *HashValue
> > @@ -4007,13 +3914,13 @@ struct _EDKII_CRYPTO_PROTOCOL {
> > EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate;
> > EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update;
> > EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final;
> > - /// Md4
> > - EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE Md4GetContextSize;
> > - EDKII_CRYPTO_MD4_INIT Md4Init;
> > - EDKII_CRYPTO_MD4_DUPLICATE Md4Duplicate;
> > - EDKII_CRYPTO_MD4_UPDATE Md4Update;
> > - EDKII_CRYPTO_MD4_FINAL Md4Final;
> > - EDKII_CRYPTO_MD4_HASH_ALL Md4HashAll;
> > + /// Md4 - deprecated and unsupported
> > + DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE
> > DeprecatedMd4GetContextSize;
> > + DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init;
> > + DEPRECATED_EDKII_CRYPTO_MD4_DUPLICATE
> > DeprecatedMd4Duplicate;
> > + DEPRECATED_EDKII_CRYPTO_MD4_UPDATE
> > DeprecatedMd4Update;
> > + DEPRECATED_EDKII_CRYPTO_MD4_FINAL DeprecatedMd4Final;
> > + DEPRECATED_EDKII_CRYPTO_MD4_HASH_ALL
> > DeprecatedMd4HashAll;
> > /// Md5
> > EDKII_CRYPTO_MD5_GET_CONTEXT_SIZE Md5GetContextSize;
> > EDKII_CRYPTO_MD5_INIT Md5Init;
> > --
> > 2.21.0.windows.1
> >
> >
> >
next prev parent reply other threads:[~2020-05-14 5:59 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-11 18:27 [PATCH V4 00/11] CryptoPkg: Retire the deprecated functions Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 01/11] CryptoPkg/CryptoDxe: Add function to indicate the deprecated algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 02/11] CryptoPkg/BaseCrpytLib: Retire MD4 algorithm Gao, Zhichao
2020-05-14 3:13 ` [edk2-devel] " Guomin Jiang
2020-05-14 5:58 ` Gao, Zhichao [this message]
2020-05-11 18:27 ` [PATCH V4 03/11] CryptoPkg/OpensslLib: Set MD4 disable in OpensslLib Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 04/11] CryptoPkg/BaseCryptLib: Retire ARC4 algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 05/11] CryptoPkg/OpensslLib: Set ARC4 disable in OpensslLib Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 06/11] CryptoPkg/BaseCryptLib: Retire the TDES algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 07/11] CryptoPkg/OpensslLib: Set TDES disable in OpensslLib Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 08/11] CryptoPkg/BaseCryptLib: Retire Aes Ecb mode algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 09/11] CryptoPkg/BaseCryptLib: Retire HMAC MD5 algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 10/11] CryptoPkg/BaseCryptLib: Retire HMAC SHA1 algorithm Gao, Zhichao
2020-05-11 18:27 ` [PATCH V4 11/11] CryptoPkg/Crypto.h: Update the version of Crypto Driver Gao, Zhichao
2020-05-13 13:48 ` [PATCH V4 00/11] CryptoPkg: Retire the deprecated functions Wang, Jian J
2020-05-14 2:49 ` Gao, Zhichao
2020-05-14 5:11 ` Wang, Jian J
2020-05-14 6:14 ` Gao, Zhichao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DM6PR11MB4425F8160F7CC76847ACB129F6BC0@DM6PR11MB4425.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox