[PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

[PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

[Sukerkar, Amol N]

Currently, the UEFI drivers using the SHA/SM3 hashing algorithms use hard-coded
API to calculate the hash, for instance, sha_256(...), etc. Since SHA384 and/or
SM3_256 are being increasingly adopted for robustness, it becomes cumbersome to
modify each driver that calls into hash calculating API.

To better achieve this, we are proposing a Unified API, which can be used by UEFI
drivers, that provides the drivers with flexibility to use the desired hashing
algorithm based on the required robnustness.

Alternatively, the design document is also attached to Bugzilla,
https://bugzilla.tianocore.org/show_bug.cgi?id=2151.

Amol N Sukerkar (2):
  CryptoPkg: Add CryptoPkg Token Space GUID
  CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c   | 333 ++++++++++++++++++++
 CryptoPkg/CryptoPkg.dec                             |  26 +-
 CryptoPkg/CryptoPkg.dsc                             |   4 +-
 CryptoPkg/CryptoPkg.uni                             |  18 +-
 CryptoPkg/Include/Library/HashApiLib.h              | 122 +++++++
 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf |  44 +++
 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni |  17 +
 7 files changed, 561 insertions(+), 3 deletions(-)
 create mode 100644 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
 create mode 100644 CryptoPkg/Include/Library/HashApiLib.h
 create mode 100644 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
 create mode 100644 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni

-- 
2.16.2.windows.1

[PATCH v9 1/2] CryptoPkg: Add CryptoPkg Token Space GUID

[Sukerkar, Amol N]

Added CryptoPkg Token Space GUID to be able to define PCDs.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Amol N Sukerkar <amol.n.sukerkar@intel.com>
---

Notes:
    v6
    - removed file CryptoPkgTokenSpace.h
    
    v7
    - fixed typo
    
    v8
    - Fixed Author and signed-off-by name

 CryptoPkg/CryptoPkg.dec | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
index 08bedd57daad..16f08ea60926 100644
--- a/CryptoPkg/CryptoPkg.dec
+++ b/CryptoPkg/CryptoPkg.dec
@@ -4,7 +4,7 @@
 #  This Package provides cryptographic-related libraries for UEFI security modules.
 #  It also provides a test application to test libraries.
 #
-#  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
@@ -33,5 +33,9 @@ [LibraryClasses]
   ##
   TlsLib|Include/Library/TlsLib.h
 
+[Guids]
+  ## Crypto package token space guid.
+  gEfiCryptoPkgTokenSpaceGuid      = { 0xd3fb176, 0x9569, 0x4d51, { 0xa3, 0xef, 0x7d, 0x61, 0xc6, 0x4f, 0xea, 0xba }}
+
 [UserExtensions.TianoCore."ExtraFiles"]
   CryptoPkgExtra.uni
-- 
2.16.2.windows.1

[PATCH v9 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

[Sukerkar, Amol N]

This commit introduces a Unified Hash API to calculate hash using a
hashing algorithm specified by the PCD, PcdHashApiLibPolicy. This library
interfaces with the various hashing API, such as, MD4, MD5, SHA1, SHA256,
SHA512 and SM3_256 implemented in BaseCryptLib. The user can calculate
the desired hash by setting PcdHashApiLibPolicy to appropriate value.

This feature is documented in the Bugzilla,
https://bugzilla.tianocore.org/show_bug.cgi?id=2151.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Amol N Sukerkar <amol.n.sukerkar@intel.com>
---
 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c   | 333 ++++++++++++++++++++
 CryptoPkg/CryptoPkg.dec                             |  20 ++
 CryptoPkg/CryptoPkg.dsc                             |   4 +-
 CryptoPkg/CryptoPkg.uni                             |  18 +-
 CryptoPkg/Include/Library/HashApiLib.h              | 122 +++++++
 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf |  44 +++
 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni |  17 +
 7 files changed, 556 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
new file mode 100644
index 000000000000..0f5b594fb7c0
--- /dev/null
+++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
@@ -0,0 +1,333 @@
+/** @file
+  Unified Hash API Implementation
+
+  This file implements the Unified Hash API.
+
+  This API, when called, will calculate the Hash using the
+  hashing algorithm specified by PcdHashApiLibPolicy.
+
+  Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Base.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/BaseCryptLib.h>
+#include <Library/DebugLib.h>
+#include <Library/PcdLib.h>
+#include <Library/HashApiLib.h>
+
+/**
+  Retrieves the size, in bytes, of the context buffer required for hash operations.
+
+  @return  The size, in bytes, of the context buffer required for hash operations.
+
+**/
+UINTN
+EFIAPI
+HashApiGetContextSize (
+  VOID
+  )
+{
+  switch (PcdGet8 (PcdHashApiLibPolicy)) {
+    case HASH_API_ALGO_MD4:
+      return Md4GetContextSize ();
+      break;
+
+    case HASH_API_ALGO_MD5:
+      return Md5GetContextSize ();
+      break;
+
+    case HASH_API_ALGO_SHA1:
+      return Sha1GetContextSize ();
+      break;
+
+    case HASH_API_ALGO_SHA256:
+      return Sha256GetContextSize ();
+      break;
+
+    case HASH_API_ALGO_SHA384:
+      return Sha384GetContextSize ();
+      break;
+
+    case HASH_API_ALGO_SHA512:
+      return Sha512GetContextSize ();
+      break;
+
+    case HASH_API_ALGO_SM3_256:
+      return Sm3GetContextSize ();
+      break;
+
+    default:
+      ASSERT (FALSE);
+      return 0;
+      break;
+  }
+}
+
+/**
+  Init hash sequence.
+
+  @param[out] HashContext   Hash context.
+
+  @retval TRUE         Hash start and HashHandle returned.
+  @retval FALSE        Hash Init unsuccessful.
+**/
+BOOLEAN
+EFIAPI
+HashApiInit (
+  OUT  HASH_API_CONTEXT   *HashContext
+  )
+{
+  switch (PcdGet8 (PcdHashApiLibPolicy)) {
+    case HASH_API_ALGO_MD4:
+      return Md4Init (HashContext);
+      break;
+
+    case HASH_API_ALGO_MD5:
+      return Md5Init (HashContext);
+      break;
+
+    case HASH_API_ALGO_SHA1:
+      return Sha1Init (HashContext);
+      break;
+
+    case HASH_API_ALGO_SHA256:
+      return Sha256Init (HashContext);
+      break;
+
+    case HASH_API_ALGO_SHA384:
+      return Sha384Init (HashContext);
+      break;
+
+    case HASH_API_ALGO_SHA512:
+      return Sha512Init (HashContext);
+      break;
+
+    case HASH_API_ALGO_SM3_256:
+      return Sm3Init (HashContext);
+      break;
+
+    default:
+      ASSERT (FALSE);
+      return FALSE;
+      break;
+  }
+}
+
+/**
+  Makes a copy of an existing hash context.
+
+  @param[in]  HashContext     Hash context.
+  @param[out] NewHashContext  New copy of hash context.
+
+  @retval TRUE         Hash context copy succeeded.
+  @retval FALSE        Hash context copy failed.
+
+**/
+BOOLEAN
+EFIAPI
+HashApiDuplicate (
+  IN HASH_API_CONTEXT   *HashContext,
+  OUT  VOID             *NewHashContext
+  )
+{
+  switch (PcdGet8 (PcdHashApiLibPolicy)) {
+    case HASH_API_ALGO_MD4:
+      return Md4Duplicate (HashContext, NewHashContext);
+      break;
+
+    case HASH_API_ALGO_MD5:
+      return Md5Duplicate (HashContext, NewHashContext);
+      break;
+
+    case HASH_API_ALGO_SHA1:
+      return Sha1Duplicate (HashContext, NewHashContext);
+      break;
+
+    case HASH_API_ALGO_SHA256:
+      return Sha256Duplicate (HashContext, NewHashContext);
+      break;
+
+    case HASH_API_ALGO_SHA384:
+      return Sha384Duplicate (HashContext, NewHashContext);
+      break;
+
+    case HASH_API_ALGO_SHA512:
+      return Sha512Duplicate (HashContext, NewHashContext);
+      break;
+
+    case HASH_API_ALGO_SM3_256:
+      return Sm3Duplicate (HashContext, NewHashContext);
+      break;
+
+    default:
+      ASSERT (FALSE);
+      return FALSE;
+      break;
+  }
+}
+
+/**
+  Update hash data.
+
+  @param[in] HashContext   Hash context.
+  @param[in] DataToHash    Data to be hashed.
+  @param[in] DataToHashLen Data size.
+
+  @retval TRUE         Hash updated.
+  @retval FALSE        Hash updated unsuccessful.
+**/
+BOOLEAN
+EFIAPI
+HashApiUpdate (
+  IN HASH_API_CONTEXT   *HashContext,
+  IN VOID               *DataToHash,
+  IN UINTN              DataToHashLen
+  )
+{
+  switch (PcdGet8 (PcdHashApiLibPolicy)) {
+    case HASH_API_ALGO_MD4:
+      return Md4Update (HashContext, DataToHash, DataToHashLen);
+      break;
+
+    case HASH_API_ALGO_MD5:
+      return Md5Update (HashContext, DataToHash, DataToHashLen);
+      break;
+
+    case HASH_API_ALGO_SHA1:
+      return Sha1Update (HashContext, DataToHash, DataToHashLen);
+      break;
+
+    case HASH_API_ALGO_SHA256:
+      return Sha256Update (HashContext, DataToHash, DataToHashLen);
+      break;
+
+    case HASH_API_ALGO_SHA384:
+      return Sha384Update (HashContext, DataToHash, DataToHashLen);
+      break;
+
+    case HASH_API_ALGO_SHA512:
+      return Sha512Update (HashContext, DataToHash, DataToHashLen);
+      break;
+
+    case HASH_API_ALGO_SM3_256:
+      return Sm3Update (HashContext, DataToHash, DataToHashLen);
+      break;
+
+    default:
+      ASSERT (FALSE);
+      return FALSE;
+      break;
+  }
+}
+
+/**
+  Hash complete.
+
+  @param[in]  HashContext  Hash context.
+  @param[out] Digest       Hash Digest.
+
+  @retval TRUE         Hash complete and Digest is returned.
+  @retval FALSE        Hash complete unsuccessful.
+**/
+BOOLEAN
+EFIAPI
+HashApiFinal (
+  IN  HASH_API_CONTEXT    *HashContext,
+  OUT UINT8               *Digest
+  )
+{
+  switch (PcdGet8 (PcdHashApiLibPolicy)) {
+    case HASH_API_ALGO_MD4:
+      return Md4Final (HashContext, Digest);
+      break;
+
+    case HASH_API_ALGO_MD5:
+      return Md5Final (HashContext, Digest);
+      break;
+
+    case HASH_API_ALGO_SHA1:
+      return Sha1Final (HashContext, Digest);
+      break;
+
+    case HASH_API_ALGO_SHA256:
+      return Sha256Final (HashContext, Digest);
+      break;
+
+    case HASH_API_ALGO_SHA384:
+      return Sha384Final (HashContext, Digest);
+      break;
+
+    case HASH_API_ALGO_SHA512:
+      return Sha512Final (HashContext, Digest);
+      break;
+
+    case HASH_API_ALGO_SM3_256:
+      return Sm3Final (HashContext, Digest);
+      break;
+
+    default:
+      ASSERT (FALSE);
+      return FALSE;
+      break;
+  }
+}
+
+/**
+  Computes hash message digest of a input data buffer.
+
+  @param[in]  DataToHash     Data to be hashed.
+  @param[in]  DataToHashLen  Data size.
+  @param[out] Digest         Hash Digest.
+
+  @retval TRUE   Hash digest computation succeeded.
+  @retval FALSE  Hash digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+HashApiHashAll (
+  IN   CONST VOID   *DataToHash,
+  IN   UINTN        DataToHashLen,
+  OUT  UINT8        *Digest
+  )
+{
+  switch (PcdGet8 (PcdHashApiLibPolicy)) {
+    case HASH_API_ALGO_MD4:
+      return Md4HashAll (DataToHash, DataToHashLen, Digest);
+      break;
+
+    case HASH_API_ALGO_MD5:
+      return Md5HashAll (DataToHash, DataToHashLen, Digest);
+      break;
+
+    case HASH_API_ALGO_SHA1:
+      return Sha1HashAll (DataToHash, DataToHashLen, Digest);
+      break;
+
+    case HASH_API_ALGO_SHA256:
+      return Sha256HashAll (DataToHash, DataToHashLen, Digest);
+      break;
+
+    case HASH_API_ALGO_SHA384:
+      return Sha384HashAll (DataToHash, DataToHashLen, Digest);
+      break;
+
+    case HASH_API_ALGO_SHA512:
+      return Sha512HashAll (DataToHash, DataToHashLen, Digest);
+      break;
+
+    case HASH_API_ALGO_SM3_256:
+      return Sm3HashAll (DataToHash, DataToHashLen, Digest);
+      break;
+
+    default:
+      ASSERT (FALSE);
+      return FALSE;
+      break;
+  }
+}
diff --git a/CryptoPkg/CryptoPkg.dec b/CryptoPkg/CryptoPkg.dec
index 16f08ea60926..1e0c5f19d730 100644
--- a/CryptoPkg/CryptoPkg.dec
+++ b/CryptoPkg/CryptoPkg.dec
@@ -33,9 +33,29 @@ [LibraryClasses]
   ##
   TlsLib|Include/Library/TlsLib.h
 
+  ##  @libraryclass  Provides Unified API for different hash implementations.
+  #
+  HashApiLib|Include/Library/HashApiLib.h
+
 [Guids]
   ## Crypto package token space guid.
   gEfiCryptoPkgTokenSpaceGuid      = { 0xd3fb176, 0x9569, 0x4d51, { 0xa3, 0xef, 0x7d, 0x61, 0xc6, 0x4f, 0xea, 0xba }}
 
+[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
+  ## This PCD indicates the HASH algorithm to calculate hash of data
+  #  Based on the value set, the required algorithm is chosen to calculate
+  #  the hash of data.<BR>
+  #  The default hashing algorithm for BaseHashApiLib is set to SHA256.<BR>
+  #     0x00000001    - MD4.<BR>
+  #     0x00000002    - MD5.<BR>
+  #     0x00000003    - SHA1.<BR>
+  #     0x00000004    - SHA256.<BR>
+  #     0x00000005    - SHA384.<BR>
+  #     0x00000006    - SHA512.<BR>
+  #     0x00000007    - SM3_256.<BR>
+  # @Prompt Set policy for hashing unsigned image for Secure Boot.
+  # @ValidRange 0x80000001 | 0x00000001 - 0x00000007
+  gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x04|UINT8|0x00000001
+
 [UserExtensions.TianoCore."ExtraFiles"]
   CryptoPkgExtra.uni
diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc
index ec43c1f0a47e..9656a73b3c27 100644
--- a/CryptoPkg/CryptoPkg.dsc
+++ b/CryptoPkg/CryptoPkg.dsc
@@ -1,7 +1,7 @@
 ## @file
 #  Cryptographic Library Package for UEFI Security Implementation.
 #
-#  Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
@@ -44,6 +44,7 @@ [LibraryClasses]
 
   IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
   OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+  HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
 
 [LibraryClasses.ARM, LibraryClasses.AARCH64]
   #
@@ -120,6 +121,7 @@ [Components]
   CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
   CryptoPkg/Library/OpensslLib/OpensslLib.inf
   CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
 
 [Components.IA32, Components.X64]
   CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
diff --git a/CryptoPkg/CryptoPkg.uni b/CryptoPkg/CryptoPkg.uni
index beb0036ef583..0dae4c40454c 100644
--- a/CryptoPkg/CryptoPkg.uni
+++ b/CryptoPkg/CryptoPkg.uni
@@ -4,7 +4,7 @@
 // This Package provides cryptographic-related libraries for UEFI security modules.
 // It also provides a test application to test libraries.
 //
-// Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
 //
 // SPDX-License-Identifier: BSD-2-Clause-Patent
 //
@@ -17,3 +17,19 @@
 
 
 
+#string STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_PROMPT  #language en-US "HASH algorithm to calculate hash"
+
+#string STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_HELP  #language en-US "This PCD indicates the HASH algorithm to calculate hash of data.<BR><BR>\n"
+                                                                                        "Based on the value set, the required algorithm is chosen to calculate\n"
+                                                                                        "the hash of data.<BR>\n"
+                                                                                        "The default hashing algorithm for BaseHashApiLib is set to SHA256.<BR>\n"
+                                                                                        "0x00000001  -  MD4.<BR>\n"
+                                                                                        "0x00000002  -  MD5.<BR>\n"
+                                                                                        "0x00000003  -  SHA1.<BR>\n"
+                                                                                        "0x00000004  -  SHA256.<BR>\n"
+                                                                                        "0x00000005  -  SHA384.<BR>\n"
+                                                                                        "0x00000006  -  SHA512.<BR>\n"
+                                                                                        "0x00000007  -  SM3.<BR>"
+
+
+
diff --git a/CryptoPkg/Include/Library/HashApiLib.h b/CryptoPkg/Include/Library/HashApiLib.h
new file mode 100644
index 000000000000..4f01d72a2201
--- /dev/null
+++ b/CryptoPkg/Include/Library/HashApiLib.h
@@ -0,0 +1,122 @@
+/** @file
+  Unified Hash API Defines
+
+  This API when called will calculate the Hash using the
+  hashing algorithm specified by PcdHashApiLibPolicy.
+
+  Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+  SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef __BASEHASHAPILIB_H_
+#define __BASEHASHAPILIB_H_
+
+typedef VOID  *HASH_API_CONTEXT;
+
+//
+// Hash Algorithms
+//
+#define HASH_API_ALGO_INVALID    0x00000000
+#define HASH_API_ALGO_MD4        0x00000001
+#define HASH_API_ALGO_MD5        0x00000002
+#define HASH_API_ALGO_SHA1       0x00000003
+#define HASH_API_ALGO_SHA256     0x00000004
+#define HASH_API_ALGO_SHA384     0x00000005
+#define HASH_API_ALGO_SHA512     0x00000006
+#define HASH_API_ALGO_SM3_256    0x00000007
+
+/**
+  Retrieves the size of the context buffer required for hash operations.
+
+  @return  The size of the context buffer required for hash operations (in bytes).
+**/
+UINTN
+EFIAPI
+HashApiGetContextSize (
+  VOID
+);
+
+/**
+  Init hash sequence.
+
+  @param[out] HashContext   Hash context.
+
+  @retval TRUE         Hash start and HashHandle returned.
+  @retval FALSE        Hash Init unsuccessful.
+**/
+BOOLEAN
+EFIAPI
+HashApiInit (
+  OUT  HASH_API_CONTEXT   HashContext
+);
+
+/**
+  Makes a copy of an existing hash context.
+
+  @param[in]  HashContext     Hash context.
+  @param[out] NewHashContext  New copy of hash context.
+
+  @retval TRUE         Hash context copy succeeded.
+  @retval FALSE        Hash context copy failed.
+**/
+BOOLEAN
+EFIAPI
+HashApiDuplicate (
+  IN  HASH_API_CONTEXT   HashContext,
+  OUT HASH_API_CONTEXT   NewHashContext
+);
+
+/**
+  Update hash data.
+
+  @param[in] HashContext   Hash context.
+  @param[in] DataToHash    Data to be hashed.
+  @param[in] DataToHashLen Data size.
+
+  @retval TRUE         Hash updated.
+  @retval FALSE        Hash updated unsuccessful.
+**/
+BOOLEAN
+EFIAPI
+HashApiUpdate (
+  IN HASH_API_CONTEXT   HashContext,
+  IN VOID               *DataToHash,
+  IN UINTN              DataToHashLen
+);
+
+/**
+  Hash complete.
+
+  @param[in]  HashContext  Hash context.
+  @param[out] Digest       Hash Digest.
+
+  @retval TRUE         Hash complete and Digest is returned.
+  @retval FALSE        Hash complete unsuccessful.
+**/
+BOOLEAN
+EFIAPI
+HashApiFinal (
+  IN  HASH_API_CONTEXT    HashContext,
+  OUT UINT8               *Digest
+);
+
+/**
+  Computes hash message digest of a input data buffer.
+
+  @param[in]  DataToHash     Data to be hashed.
+  @param[in]  DataToHashLen  Data size.
+  @param[out] Digest         Hash Digest.
+
+  @retval TRUE   Hash digest computation succeeded.
+  @retval FALSE  Hash digest computation failed.
+**/
+BOOLEAN
+EFIAPI
+HashApiHashAll (
+  IN   CONST VOID   *DataToHash,
+  IN   UINTN        DataToHashLen,
+  OUT  UINT8        *Digest
+);
+
+#endif
diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
new file mode 100644
index 000000000000..92ff358475c4
--- /dev/null
+++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
@@ -0,0 +1,44 @@
+## @file
+#  Provides Unified API for Hash Calculation
+#
+#  This library is BaseHashApiLib. It will redirect hash request to
+#  each individual hash API, such as SHA1, SHA256, SHA384, SM3 based
+#  on hashing algorithm specified by PcdHashApiLibPolicy.
+#
+# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = BaseHashApiLib
+  MODULE_UNI_FILE                = BaseHashApiLib.uni
+  FILE_GUID                      = DDCBCFBA-8EEB-488a-96D6-097831A6E50B
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = BaseHashApiLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64
+#
+
+[Sources]
+  BaseHashApiLib.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  BaseMemoryLib
+  DebugLib
+  MemoryAllocationLib
+  BaseCryptLib
+  PcdLib
+
+[Pcd]
+  gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy    ## CONSUMES
diff --git a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
new file mode 100644
index 000000000000..49ba82e86f59
--- /dev/null
+++ b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
@@ -0,0 +1,17 @@
+// /** @file
+// Provides Unified API for Hash Calculation
+//
+// This library is BaseHashApiLib. It will redirect hash request to
+// each individual hash API, such as SHA1, SHA256, SHA384, SM3 based
+// on hashing algorithm specified by PcdHashApiLibPolicy.
+//
+// Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+//
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "Provides hash service by specified hash handler"
+
+#string STR_MODULE_DESCRIPTION          #language en-US "This library is Unified Hash API. It will redirect hash request to the hash handler specified by PcdHashApiLibPolicy."
-- 
2.16.2.windows.1

Re: [edk2-devel] [PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

[Michael D Kinney]

Hi Amol,

Thanks for the updates.  They all look great.

Series Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>

Mike


> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On
> Behalf Of Sukerkar, Amol N
> Sent: Monday, February 3, 2020 10:19 AM
> To: devel@edk2.groups.io
> Cc: Kinney, Michael D <michael.d.kinney@intel.com>;
> Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Agrawal, Sachin
> <sachin.agrawal@intel.com>; Musti, Srinivas
> <srinivas.musti@intel.com>; Lakkimsetti, Subash
> <subash.lakkimsetti@intel.com>; Mathews, John
> <john.mathews@intel.com>
> Subject: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> 
> Currently, the UEFI drivers using the SHA/SM3 hashing
> algorithms use hard-coded
> API to calculate the hash, for instance, sha_256(...),
> etc. Since SHA384 and/or
> SM3_256 are being increasingly adopted for robustness,
> it becomes cumbersome to
> modify each driver that calls into hash calculating
> API.
> 
> To better achieve this, we are proposing a Unified API,
> which can be used by UEFI
> drivers, that provides the drivers with flexibility to
> use the desired hashing
> algorithm based on the required robnustness.
> 
> Alternatively, the design document is also attached to
> Bugzilla,
> https://bugzilla.tianocore.org/show_bug.cgi?id=2151.
> 
> Amol N Sukerkar (2):
>   CryptoPkg: Add CryptoPkg Token Space GUID
>   CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> 
>  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c   |
> 333 ++++++++++++++++++++
>  CryptoPkg/CryptoPkg.dec                             |
> 26 +-
>  CryptoPkg/CryptoPkg.dsc                             |
> 4 +-
>  CryptoPkg/CryptoPkg.uni                             |
> 18 +-
>  CryptoPkg/Include/Library/HashApiLib.h              |
> 122 +++++++
>  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf |
> 44 +++
>  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni |
> 17 +
>  7 files changed, 561 insertions(+), 3 deletions(-)
>  create mode 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
>  create mode 100644
> CryptoPkg/Include/Library/HashApiLib.h
>  create mode 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
>  create mode 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> 
> --
> 2.16.2.windows.1
> 
> 
> 

Re: [edk2-devel] [PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

[Sukerkar, Amol N]

Thanks for the review, Mike!

~ Amol

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Michael D Kinney
Sent: Monday, February 03, 2020 11:36 AM
To: devel@edk2.groups.io; Sukerkar, Amol N <amol.n.sukerkar@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Agrawal, Sachin <sachin.agrawal@intel.com>; Musti, Srinivas <srinivas.musti@intel.com>; Lakkimsetti, Subash <subash.lakkimsetti@intel.com>; Mathews, John <john.mathews@intel.com>
Subject: Re: [edk2-devel] [PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

Hi Amol,

Thanks for the updates.  They all look great.

Series Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>

Mike


> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of 
> Sukerkar, Amol N
> Sent: Monday, February 3, 2020 10:19 AM
> To: devel@edk2.groups.io
> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Yao, Jiewen 
> <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Agrawal, 
> Sachin <sachin.agrawal@intel.com>; Musti, Srinivas 
> <srinivas.musti@intel.com>; Lakkimsetti, Subash 
> <subash.lakkimsetti@intel.com>; Mathews, John <john.mathews@intel.com>
> Subject: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API
> 
> Currently, the UEFI drivers using the SHA/SM3 hashing algorithms use 
> hard-coded API to calculate the hash, for instance, sha_256(...), etc. 
> Since SHA384 and/or
> SM3_256 are being increasingly adopted for robustness, it becomes 
> cumbersome to modify each driver that calls into hash calculating API.
> 
> To better achieve this, we are proposing a Unified API, which can be 
> used by UEFI drivers, that provides the drivers with flexibility to 
> use the desired hashing algorithm based on the required robnustness.
> 
> Alternatively, the design document is also attached to Bugzilla, 
> https://bugzilla.tianocore.org/show_bug.cgi?id=2151.
> 
> Amol N Sukerkar (2):
>   CryptoPkg: Add CryptoPkg Token Space GUID
>   CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API
> 
>  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c   |
> 333 ++++++++++++++++++++
>  CryptoPkg/CryptoPkg.dec                             |
> 26 +-
>  CryptoPkg/CryptoPkg.dsc                             |
> 4 +-
>  CryptoPkg/CryptoPkg.uni                             |
> 18 +-
>  CryptoPkg/Include/Library/HashApiLib.h              |
> 122 +++++++
>  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf |
> 44 +++
>  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni |
> 17 +
>  7 files changed, 561 insertions(+), 3 deletions(-)  create mode 
> 100644 CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
>  create mode 100644
> CryptoPkg/Include/Library/HashApiLib.h
>  create mode 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
>  create mode 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> 
> --
> 2.16.2.windows.1
> 
> 
> 

Re: [edk2-devel] [PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

[Michael D Kinney]

Hi Amol,

I prepared a branch an GitHub PR with this content.

The EDK II CI checks found duplicate GUID issues:

PROGRESS - --Running CryptoPkg: Guid Check Test NO-TARGET --
ERROR - Error Duplicate guid:  DDCBCFBA-8EEB-488A-96D6-097831A6E50B (2)
	GUID: DDCBCFBA-8EEB-488A-96D6-097831A6E50B NAME: HashLibBaseCryptoRouterPei FILE: /home/vsts/work/1/s/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
	GUID: DDCBCFBA-8EEB-488A-96D6-097831A6E50B NAME: BaseHashApiLib FILE: /home/vsts/work/1/s/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf

ERROR - Error Duplicate guid:  0D3FB176-9569-4D51-A3EF-7D61C64FEABA (2)
	GUID: 0D3FB176-9569-4D51-A3EF-7D61C64FEABA NAME: gEfiSecurityPkgTokenSpaceGuid FILE: /home/vsts/work/1/s/SecurityPkg/SecurityPkg.dec
	GUID: 0D3FB176-9569-4D51-A3EF-7D61C64FEABA NAME: gEfiCryptoPkgTokenSpaceGuid FILE: /home/vsts/work/1/s/CryptoPkg/CryptoPkg.dec

I generated new GUID value for the CryptoPkg Token Space GUID and a 
new GUID value for BaseHashLib.inf and restarted the EDK II CI checks.

Please let me know if you have any issues with the change I made:

    https://github.com/mdkinney/edk2/tree/BZ_2151_HashApiLib_V9

The GitHub PR is at:

    https://github.com/tianocore/edk2/pull/328

Thanks,

Mike


> -----Original Message-----
> From: Sukerkar, Amol N <amol.n.sukerkar@intel.com>
> Sent: Monday, February 3, 2020 10:55 AM
> To: devel@edk2.groups.io; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Agrawal, Sachin
> <sachin.agrawal@intel.com>; Musti, Srinivas
> <srinivas.musti@intel.com>; Lakkimsetti, Subash
> <subash.lakkimsetti@intel.com>; Mathews, John
> <john.mathews@intel.com>; Sukerkar, Amol N
> <amol.n.sukerkar@intel.com>
> Subject: RE: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> 
> Thanks for the review, Mike!
> 
> ~ Amol
> 
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On
> Behalf Of Michael D Kinney
> Sent: Monday, February 03, 2020 11:36 AM
> To: devel@edk2.groups.io; Sukerkar, Amol N
> <amol.n.sukerkar@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Agrawal, Sachin
> <sachin.agrawal@intel.com>; Musti, Srinivas
> <srinivas.musti@intel.com>; Lakkimsetti, Subash
> <subash.lakkimsetti@intel.com>; Mathews, John
> <john.mathews@intel.com>
> Subject: Re: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> 
> Hi Amol,
> 
> Thanks for the updates.  They all look great.
> 
> Series Reviewed-by: Michael D Kinney
> <michael.d.kinney@intel.com>
> 
> Mike
> 
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> Behalf Of
> > Sukerkar, Amol N
> > Sent: Monday, February 3, 2020 10:19 AM
> > To: devel@edk2.groups.io
> > Cc: Kinney, Michael D <michael.d.kinney@intel.com>;
> Yao, Jiewen
> > <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Agrawal,
> > Sachin <sachin.agrawal@intel.com>; Musti, Srinivas
> > <srinivas.musti@intel.com>; Lakkimsetti, Subash
> > <subash.lakkimsetti@intel.com>; Mathews, John
> <john.mathews@intel.com>
> > Subject: [edk2-devel] [PATCH v9 0/2]
> > CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> >
> > Currently, the UEFI drivers using the SHA/SM3 hashing
> algorithms use
> > hard-coded API to calculate the hash, for instance,
> sha_256(...), etc.
> > Since SHA384 and/or
> > SM3_256 are being increasingly adopted for
> robustness, it becomes
> > cumbersome to modify each driver that calls into hash
> calculating API.
> >
> > To better achieve this, we are proposing a Unified
> API, which can be
> > used by UEFI drivers, that provides the drivers with
> flexibility to
> > use the desired hashing algorithm based on the
> required robnustness.
> >
> > Alternatively, the design document is also attached
> to Bugzilla,
> > https://bugzilla.tianocore.org/show_bug.cgi?id=2151.
> >
> > Amol N Sukerkar (2):
> >   CryptoPkg: Add CryptoPkg Token Space GUID
> >   CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> >
> >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> |
> > 333 ++++++++++++++++++++
> >  CryptoPkg/CryptoPkg.dec
> |
> > 26 +-
> >  CryptoPkg/CryptoPkg.dsc
> |
> > 4 +-
> >  CryptoPkg/CryptoPkg.uni
> |
> > 18 +-
> >  CryptoPkg/Include/Library/HashApiLib.h
> |
> > 122 +++++++
> >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> |
> > 44 +++
> >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> |
> > 17 +
> >  7 files changed, 561 insertions(+), 3 deletions(-)
> create mode
> > 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> >  create mode 100644
> > CryptoPkg/Include/Library/HashApiLib.h
> >  create mode 100644
> > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> >  create mode 100644
> > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> >
> > --
> > 2.16.2.windows.1
> >
> >
> >
> 
> 
> 
> 

Re: [edk2-devel] [PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

[Sukerkar, Amol N]

Hi Mike,

I have no issue with generating new GUIDs.

Thanks,
Amol

-----Original Message-----
From: Kinney, Michael D <michael.d.kinney@intel.com> 
Sent: Monday, February 03, 2020 2:50 PM
To: Sukerkar, Amol N <amol.n.sukerkar@intel.com>; devel@edk2.groups.io; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Agrawal, Sachin <sachin.agrawal@intel.com>; Musti, Srinivas <srinivas.musti@intel.com>; Lakkimsetti, Subash <subash.lakkimsetti@intel.com>; Mathews, John <john.mathews@intel.com>
Subject: RE: [edk2-devel] [PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

Hi Amol,

I prepared a branch an GitHub PR with this content.

The EDK II CI checks found duplicate GUID issues:

PROGRESS - --Running CryptoPkg: Guid Check Test NO-TARGET -- ERROR - Error Duplicate guid:  DDCBCFBA-8EEB-488A-96D6-097831A6E50B (2)
	GUID: DDCBCFBA-8EEB-488A-96D6-097831A6E50B NAME: HashLibBaseCryptoRouterPei FILE: /home/vsts/work/1/s/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
	GUID: DDCBCFBA-8EEB-488A-96D6-097831A6E50B NAME: BaseHashApiLib FILE: /home/vsts/work/1/s/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf

ERROR - Error Duplicate guid:  0D3FB176-9569-4D51-A3EF-7D61C64FEABA (2)
	GUID: 0D3FB176-9569-4D51-A3EF-7D61C64FEABA NAME: gEfiSecurityPkgTokenSpaceGuid FILE: /home/vsts/work/1/s/SecurityPkg/SecurityPkg.dec
	GUID: 0D3FB176-9569-4D51-A3EF-7D61C64FEABA NAME: gEfiCryptoPkgTokenSpaceGuid FILE: /home/vsts/work/1/s/CryptoPkg/CryptoPkg.dec

I generated new GUID value for the CryptoPkg Token Space GUID and a new GUID value for BaseHashLib.inf and restarted the EDK II CI checks.

Please let me know if you have any issues with the change I made:

    https://github.com/mdkinney/edk2/tree/BZ_2151_HashApiLib_V9

The GitHub PR is at:

    https://github.com/tianocore/edk2/pull/328

Thanks,

Mike


> -----Original Message-----
> From: Sukerkar, Amol N <amol.n.sukerkar@intel.com>
> Sent: Monday, February 3, 2020 10:55 AM
> To: devel@edk2.groups.io; Kinney, Michael D 
> <michael.d.kinney@intel.com>
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J 
> <jian.j.wang@intel.com>; Agrawal, Sachin <sachin.agrawal@intel.com>; 
> Musti, Srinivas <srinivas.musti@intel.com>; Lakkimsetti, Subash 
> <subash.lakkimsetti@intel.com>; Mathews, John 
> <john.mathews@intel.com>; Sukerkar, Amol N <amol.n.sukerkar@intel.com>
> Subject: RE: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API
> 
> Thanks for the review, Mike!
> 
> ~ Amol
> 
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Michael 
> D Kinney
> Sent: Monday, February 03, 2020 11:36 AM
> To: devel@edk2.groups.io; Sukerkar, Amol N 
> <amol.n.sukerkar@intel.com>; Kinney, Michael D 
> <michael.d.kinney@intel.com>
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J 
> <jian.j.wang@intel.com>; Agrawal, Sachin <sachin.agrawal@intel.com>; 
> Musti, Srinivas <srinivas.musti@intel.com>; Lakkimsetti, Subash 
> <subash.lakkimsetti@intel.com>; Mathews, John <john.mathews@intel.com>
> Subject: Re: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API
> 
> Hi Amol,
> 
> Thanks for the updates.  They all look great.
> 
> Series Reviewed-by: Michael D Kinney
> <michael.d.kinney@intel.com>
> 
> Mike
> 
> 
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> Behalf Of
> > Sukerkar, Amol N
> > Sent: Monday, February 3, 2020 10:19 AM
> > To: devel@edk2.groups.io
> > Cc: Kinney, Michael D <michael.d.kinney@intel.com>;
> Yao, Jiewen
> > <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Agrawal,
> > Sachin <sachin.agrawal@intel.com>; Musti, Srinivas 
> > <srinivas.musti@intel.com>; Lakkimsetti, Subash 
> > <subash.lakkimsetti@intel.com>; Mathews, John
> <john.mathews@intel.com>
> > Subject: [edk2-devel] [PATCH v9 0/2]
> > CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> >
> > Currently, the UEFI drivers using the SHA/SM3 hashing
> algorithms use
> > hard-coded API to calculate the hash, for instance,
> sha_256(...), etc.
> > Since SHA384 and/or
> > SM3_256 are being increasingly adopted for
> robustness, it becomes
> > cumbersome to modify each driver that calls into hash
> calculating API.
> >
> > To better achieve this, we are proposing a Unified
> API, which can be
> > used by UEFI drivers, that provides the drivers with
> flexibility to
> > use the desired hashing algorithm based on the
> required robnustness.
> >
> > Alternatively, the design document is also attached
> to Bugzilla,
> > https://bugzilla.tianocore.org/show_bug.cgi?id=2151.
> >
> > Amol N Sukerkar (2):
> >   CryptoPkg: Add CryptoPkg Token Space GUID
> >   CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> >
> >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> |
> > 333 ++++++++++++++++++++
> >  CryptoPkg/CryptoPkg.dec
> |
> > 26 +-
> >  CryptoPkg/CryptoPkg.dsc
> |
> > 4 +-
> >  CryptoPkg/CryptoPkg.uni
> |
> > 18 +-
> >  CryptoPkg/Include/Library/HashApiLib.h
> |
> > 122 +++++++
> >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> |
> > 44 +++
> >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> |
> > 17 +
> >  7 files changed, 561 insertions(+), 3 deletions(-)
> create mode
> > 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> >  create mode 100644
> > CryptoPkg/Include/Library/HashApiLib.h
> >  create mode 100644
> > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> >  create mode 100644
> > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> >
> > --
> > 2.16.2.windows.1
> >
> >
> >
> 
> 
> 
> 

Re: [edk2-devel] [PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

[Michael D Kinney]

Amol,

One additional issue was found by the Linux/GCC build.

The lib class .h file was correct, but I missed that 
the context parameter updates were not propagated to the
BaseHashApiLib instance.  So there were function 
prototype mismatches between the class and the instance.

I have corrected these and pushed the branch again to 
re-run the EDK II CI checks.

https://github.com/mdkinney/edk2/tree/BZ_2151_HashApiLib_V9

Please review and let me know if you have any issues.

Thanks,

Mike

> -----Original Message-----
> From: Sukerkar, Amol N <amol.n.sukerkar@intel.com>
> Sent: Monday, February 3, 2020 2:04 PM
> To: Kinney, Michael D <michael.d.kinney@intel.com>;
> devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Agrawal, Sachin
> <sachin.agrawal@intel.com>; Musti, Srinivas
> <srinivas.musti@intel.com>; Lakkimsetti, Subash
> <subash.lakkimsetti@intel.com>; Mathews, John
> <john.mathews@intel.com>; Sukerkar, Amol N
> <amol.n.sukerkar@intel.com>
> Subject: RE: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> 
> Hi Mike,
> 
> I have no issue with generating new GUIDs.
> 
> Thanks,
> Amol
> 
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Monday, February 03, 2020 2:50 PM
> To: Sukerkar, Amol N <amol.n.sukerkar@intel.com>;
> devel@edk2.groups.io; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Agrawal, Sachin
> <sachin.agrawal@intel.com>; Musti, Srinivas
> <srinivas.musti@intel.com>; Lakkimsetti, Subash
> <subash.lakkimsetti@intel.com>; Mathews, John
> <john.mathews@intel.com>
> Subject: RE: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> 
> Hi Amol,
> 
> I prepared a branch an GitHub PR with this content.
> 
> The EDK II CI checks found duplicate GUID issues:
> 
> PROGRESS - --Running CryptoPkg: Guid Check Test NO-
> TARGET -- ERROR - Error Duplicate guid:  DDCBCFBA-8EEB-
> 488A-96D6-097831A6E50B (2)
> GUID: DDCBCFBA-8EEB-488A-96D6-097831A6E50B NAME:
> HashLibBaseCryptoRouterPei FILE:
> /home/vsts/work/1/s/SecurityPkg/Library/HashLibBaseCryp
> toRouter/HashLibBaseCryptoRouterPei.inf
> GUID: DDCBCFBA-8EEB-488A-96D6-097831A6E50B NAME:
> BaseHashApiLib FILE:
> /home/vsts/work/1/s/CryptoPkg/Library/BaseHashApiLib/Ba
> seHashApiLib.inf
> 
> ERROR - Error Duplicate guid:  0D3FB176-9569-4D51-A3EF-
> 7D61C64FEABA (2)
> GUID: 0D3FB176-9569-4D51-A3EF-7D61C64FEABA NAME:
> gEfiSecurityPkgTokenSpaceGuid FILE:
> /home/vsts/work/1/s/SecurityPkg/SecurityPkg.dec
> GUID: 0D3FB176-9569-4D51-A3EF-7D61C64FEABA NAME:
> gEfiCryptoPkgTokenSpaceGuid FILE:
> /home/vsts/work/1/s/CryptoPkg/CryptoPkg.dec
> 
> I generated new GUID value for the CryptoPkg Token
> Space GUID and a new GUID value for BaseHashLib.inf and
> restarted the EDK II CI checks.
> 
> Please let me know if you have any issues with the
> change I made:
> 
> 
> https://github.com/mdkinney/edk2/tree/BZ_2151_HashApiLi
> b_V9
> 
> The GitHub PR is at:
> 
>     https://github.com/tianocore/edk2/pull/328
> 
> Thanks,
> 
> Mike
> 
> 
> > -----Original Message-----
> > From: Sukerkar, Amol N <amol.n.sukerkar@intel.com>
> > Sent: Monday, February 3, 2020 10:55 AM
> > To: devel@edk2.groups.io; Kinney, Michael D
> > <michael.d.kinney@intel.com>
> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> > <jian.j.wang@intel.com>; Agrawal, Sachin
> <sachin.agrawal@intel.com>;
> > Musti, Srinivas <srinivas.musti@intel.com>;
> Lakkimsetti, Subash
> > <subash.lakkimsetti@intel.com>; Mathews, John
> > <john.mathews@intel.com>; Sukerkar, Amol N
> <amol.n.sukerkar@intel.com>
> > Subject: RE: [edk2-devel] [PATCH v9 0/2]
> > CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> >
> > Thanks for the review, Mike!
> >
> > ~ Amol
> >
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> Behalf Of Michael
> > D Kinney
> > Sent: Monday, February 03, 2020 11:36 AM
> > To: devel@edk2.groups.io; Sukerkar, Amol N
> > <amol.n.sukerkar@intel.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>
> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> > <jian.j.wang@intel.com>; Agrawal, Sachin
> <sachin.agrawal@intel.com>;
> > Musti, Srinivas <srinivas.musti@intel.com>;
> Lakkimsetti, Subash
> > <subash.lakkimsetti@intel.com>; Mathews, John
> <john.mathews@intel.com>
> > Subject: Re: [edk2-devel] [PATCH v9 0/2]
> > CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> >
> > Hi Amol,
> >
> > Thanks for the updates.  They all look great.
> >
> > Series Reviewed-by: Michael D Kinney
> > <michael.d.kinney@intel.com>
> >
> > Mike
> >
> >
> > > -----Original Message-----
> > > From: devel@edk2.groups.io <devel@edk2.groups.io>
> On
> > Behalf Of
> > > Sukerkar, Amol N
> > > Sent: Monday, February 3, 2020 10:19 AM
> > > To: devel@edk2.groups.io
> > > Cc: Kinney, Michael D <michael.d.kinney@intel.com>;
> > Yao, Jiewen
> > > <jiewen.yao@intel.com>; Wang, Jian J
> > <jian.j.wang@intel.com>; Agrawal,
> > > Sachin <sachin.agrawal@intel.com>; Musti, Srinivas
> > > <srinivas.musti@intel.com>; Lakkimsetti, Subash
> > > <subash.lakkimsetti@intel.com>; Mathews, John
> > <john.mathews@intel.com>
> > > Subject: [edk2-devel] [PATCH v9 0/2]
> > > CryptoPkg/BaseHashApiLib: Implement Unified Hash
> > Calculation API
> > >
> > > Currently, the UEFI drivers using the SHA/SM3
> hashing
> > algorithms use
> > > hard-coded API to calculate the hash, for instance,
> > sha_256(...), etc.
> > > Since SHA384 and/or
> > > SM3_256 are being increasingly adopted for
> > robustness, it becomes
> > > cumbersome to modify each driver that calls into
> hash
> > calculating API.
> > >
> > > To better achieve this, we are proposing a Unified
> > API, which can be
> > > used by UEFI drivers, that provides the drivers
> with
> > flexibility to
> > > use the desired hashing algorithm based on the
> > required robnustness.
> > >
> > > Alternatively, the design document is also attached
> > to Bugzilla,
> > >
> https://bugzilla.tianocore.org/show_bug.cgi?id=2151.
> > >
> > > Amol N Sukerkar (2):
> > >   CryptoPkg: Add CryptoPkg Token Space GUID
> > >   CryptoPkg/BaseHashApiLib: Implement Unified Hash
> > Calculation API
> > >
> > >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > |
> > > 333 ++++++++++++++++++++
> > >  CryptoPkg/CryptoPkg.dec
> > |
> > > 26 +-
> > >  CryptoPkg/CryptoPkg.dsc
> > |
> > > 4 +-
> > >  CryptoPkg/CryptoPkg.uni
> > |
> > > 18 +-
> > >  CryptoPkg/Include/Library/HashApiLib.h
> > |
> > > 122 +++++++
> > >
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > |
> > > 44 +++
> > >
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > |
> > > 17 +
> > >  7 files changed, 561 insertions(+), 3 deletions(-)
> > create mode
> > > 100644
> > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > >  create mode 100644
> > > CryptoPkg/Include/Library/HashApiLib.h
> > >  create mode 100644
> > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > >  create mode 100644
> > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > >
> > > --
> > > 2.16.2.windows.1
> > >
> > >
> > >
> >
> >
> > 
> >
> 
> 

Re: [edk2-devel] [PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

[Sukerkar, Amol N]

Thanks, Mike! Sorry, I seemed to have missed that. I reviewed and accept the change.

~ Amol

-----Original Message-----
From: Kinney, Michael D <michael.d.kinney@intel.com> 
Sent: Monday, February 03, 2020 3:19 PM
To: Sukerkar, Amol N <amol.n.sukerkar@intel.com>; devel@edk2.groups.io; Kinney, Michael D <michael.d.kinney@intel.com>
Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Agrawal, Sachin <sachin.agrawal@intel.com>; Musti, Srinivas <srinivas.musti@intel.com>; Lakkimsetti, Subash <subash.lakkimsetti@intel.com>; Mathews, John <john.mathews@intel.com>
Subject: RE: [edk2-devel] [PATCH v9 0/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API

Amol,

One additional issue was found by the Linux/GCC build.

The lib class .h file was correct, but I missed that the context parameter updates were not propagated to the BaseHashApiLib instance.  So there were function prototype mismatches between the class and the instance.

I have corrected these and pushed the branch again to re-run the EDK II CI checks.

https://github.com/mdkinney/edk2/tree/BZ_2151_HashApiLib_V9

Please review and let me know if you have any issues.

Thanks,

Mike

> -----Original Message-----
> From: Sukerkar, Amol N <amol.n.sukerkar@intel.com>
> Sent: Monday, February 3, 2020 2:04 PM
> To: Kinney, Michael D <michael.d.kinney@intel.com>; 
> devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J 
> <jian.j.wang@intel.com>; Agrawal, Sachin <sachin.agrawal@intel.com>; 
> Musti, Srinivas <srinivas.musti@intel.com>; Lakkimsetti, Subash 
> <subash.lakkimsetti@intel.com>; Mathews, John 
> <john.mathews@intel.com>; Sukerkar, Amol N <amol.n.sukerkar@intel.com>
> Subject: RE: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API
> 
> Hi Mike,
> 
> I have no issue with generating new GUIDs.
> 
> Thanks,
> Amol
> 
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Monday, February 03, 2020 2:50 PM
> To: Sukerkar, Amol N <amol.n.sukerkar@intel.com>; 
> devel@edk2.groups.io; Kinney, Michael D <michael.d.kinney@intel.com>
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J 
> <jian.j.wang@intel.com>; Agrawal, Sachin <sachin.agrawal@intel.com>; 
> Musti, Srinivas <srinivas.musti@intel.com>; Lakkimsetti, Subash 
> <subash.lakkimsetti@intel.com>; Mathews, John <john.mathews@intel.com>
> Subject: RE: [edk2-devel] [PATCH v9 0/2]
> CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API
> 
> Hi Amol,
> 
> I prepared a branch an GitHub PR with this content.
> 
> The EDK II CI checks found duplicate GUID issues:
> 
> PROGRESS - --Running CryptoPkg: Guid Check Test NO- TARGET -- ERROR - 
> Error Duplicate guid:  DDCBCFBA-8EEB- 488A-96D6-097831A6E50B (2)
> GUID: DDCBCFBA-8EEB-488A-96D6-097831A6E50B NAME:
> HashLibBaseCryptoRouterPei FILE:
> /home/vsts/work/1/s/SecurityPkg/Library/HashLibBaseCryp
> toRouter/HashLibBaseCryptoRouterPei.inf
> GUID: DDCBCFBA-8EEB-488A-96D6-097831A6E50B NAME:
> BaseHashApiLib FILE:
> /home/vsts/work/1/s/CryptoPkg/Library/BaseHashApiLib/Ba
> seHashApiLib.inf
> 
> ERROR - Error Duplicate guid:  0D3FB176-9569-4D51-A3EF- 7D61C64FEABA 
> (2)
> GUID: 0D3FB176-9569-4D51-A3EF-7D61C64FEABA NAME:
> gEfiSecurityPkgTokenSpaceGuid FILE:
> /home/vsts/work/1/s/SecurityPkg/SecurityPkg.dec
> GUID: 0D3FB176-9569-4D51-A3EF-7D61C64FEABA NAME:
> gEfiCryptoPkgTokenSpaceGuid FILE:
> /home/vsts/work/1/s/CryptoPkg/CryptoPkg.dec
> 
> I generated new GUID value for the CryptoPkg Token Space GUID and a 
> new GUID value for BaseHashLib.inf and restarted the EDK II CI checks.
> 
> Please let me know if you have any issues with the change I made:
> 
> 
> https://github.com/mdkinney/edk2/tree/BZ_2151_HashApiLi
> b_V9
> 
> The GitHub PR is at:
> 
>     https://github.com/tianocore/edk2/pull/328
> 
> Thanks,
> 
> Mike
> 
> 
> > -----Original Message-----
> > From: Sukerkar, Amol N <amol.n.sukerkar@intel.com>
> > Sent: Monday, February 3, 2020 10:55 AM
> > To: devel@edk2.groups.io; Kinney, Michael D 
> > <michael.d.kinney@intel.com>
> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J 
> > <jian.j.wang@intel.com>; Agrawal, Sachin
> <sachin.agrawal@intel.com>;
> > Musti, Srinivas <srinivas.musti@intel.com>;
> Lakkimsetti, Subash
> > <subash.lakkimsetti@intel.com>; Mathews, John 
> > <john.mathews@intel.com>; Sukerkar, Amol N
> <amol.n.sukerkar@intel.com>
> > Subject: RE: [edk2-devel] [PATCH v9 0/2]
> > CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> >
> > Thanks for the review, Mike!
> >
> > ~ Amol
> >
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On
> Behalf Of Michael
> > D Kinney
> > Sent: Monday, February 03, 2020 11:36 AM
> > To: devel@edk2.groups.io; Sukerkar, Amol N 
> > <amol.n.sukerkar@intel.com>; Kinney, Michael D 
> > <michael.d.kinney@intel.com>
> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J 
> > <jian.j.wang@intel.com>; Agrawal, Sachin
> <sachin.agrawal@intel.com>;
> > Musti, Srinivas <srinivas.musti@intel.com>;
> Lakkimsetti, Subash
> > <subash.lakkimsetti@intel.com>; Mathews, John
> <john.mathews@intel.com>
> > Subject: Re: [edk2-devel] [PATCH v9 0/2]
> > CryptoPkg/BaseHashApiLib: Implement Unified Hash
> Calculation API
> >
> > Hi Amol,
> >
> > Thanks for the updates.  They all look great.
> >
> > Series Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
> >
> > Mike
> >
> >
> > > -----Original Message-----
> > > From: devel@edk2.groups.io <devel@edk2.groups.io>
> On
> > Behalf Of
> > > Sukerkar, Amol N
> > > Sent: Monday, February 3, 2020 10:19 AM
> > > To: devel@edk2.groups.io
> > > Cc: Kinney, Michael D <michael.d.kinney@intel.com>;
> > Yao, Jiewen
> > > <jiewen.yao@intel.com>; Wang, Jian J
> > <jian.j.wang@intel.com>; Agrawal,
> > > Sachin <sachin.agrawal@intel.com>; Musti, Srinivas 
> > > <srinivas.musti@intel.com>; Lakkimsetti, Subash 
> > > <subash.lakkimsetti@intel.com>; Mathews, John
> > <john.mathews@intel.com>
> > > Subject: [edk2-devel] [PATCH v9 0/2]
> > > CryptoPkg/BaseHashApiLib: Implement Unified Hash
> > Calculation API
> > >
> > > Currently, the UEFI drivers using the SHA/SM3
> hashing
> > algorithms use
> > > hard-coded API to calculate the hash, for instance,
> > sha_256(...), etc.
> > > Since SHA384 and/or
> > > SM3_256 are being increasingly adopted for
> > robustness, it becomes
> > > cumbersome to modify each driver that calls into
> hash
> > calculating API.
> > >
> > > To better achieve this, we are proposing a Unified
> > API, which can be
> > > used by UEFI drivers, that provides the drivers
> with
> > flexibility to
> > > use the desired hashing algorithm based on the
> > required robnustness.
> > >
> > > Alternatively, the design document is also attached
> > to Bugzilla,
> > >
> https://bugzilla.tianocore.org/show_bug.cgi?id=2151.
> > >
> > > Amol N Sukerkar (2):
> > >   CryptoPkg: Add CryptoPkg Token Space GUID
> > >   CryptoPkg/BaseHashApiLib: Implement Unified Hash
> > Calculation API
> > >
> > >  CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > |
> > > 333 ++++++++++++++++++++
> > >  CryptoPkg/CryptoPkg.dec
> > |
> > > 26 +-
> > >  CryptoPkg/CryptoPkg.dsc
> > |
> > > 4 +-
> > >  CryptoPkg/CryptoPkg.uni
> > |
> > > 18 +-
> > >  CryptoPkg/Include/Library/HashApiLib.h
> > |
> > > 122 +++++++
> > >
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > |
> > > 44 +++
> > >
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > |
> > > 17 +
> > >  7 files changed, 561 insertions(+), 3 deletions(-)
> > create mode
> > > 100644
> > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > >  create mode 100644
> > > CryptoPkg/Include/Library/HashApiLib.h
> > >  create mode 100644
> > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > >  create mode 100644
> > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > >
> > > --
> > > 2.16.2.windows.1
> > >
> > >
> > >
> >
> >
> > 
> >
> 
>