From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by mx.groups.io with SMTP id smtpd.web09.207.1580864668885307764 for ; Tue, 04 Feb 2020 17:04:29 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.100, mailfrom: michael.d.kinney@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Feb 2020 17:04:27 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,403,1574150400"; d="scan'208";a="378592669" Received: from orsmsx107.amr.corp.intel.com ([10.22.240.5]) by orsmga004.jf.intel.com with ESMTP; 04 Feb 2020 17:04:27 -0800 Received: from orsmsx123.amr.corp.intel.com (10.22.240.116) by ORSMSX107.amr.corp.intel.com (10.22.240.5) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 4 Feb 2020 17:04:27 -0800 Received: from orsmsx113.amr.corp.intel.com ([169.254.9.57]) by ORSMSX123.amr.corp.intel.com ([169.254.1.219]) with mapi id 14.03.0439.000; Tue, 4 Feb 2020 17:04:26 -0800 From: "Michael D Kinney" To: "Yao, Jiewen" , "devel@edk2.groups.io" , "Sukerkar, Amol N" , "Kinney, Michael D" CC: "Wang, Jian J" Subject: Re: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API Thread-Topic: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API Thread-Index: AQHV2wZa3OwDjhKTJ0CrGMXolNXGV6gLOJGggADzfoD//42MgA== Date: Wed, 5 Feb 2020 01:04:26 +0000 Message-ID: References: <20200203233548.7616-1-michael.d.kinney@intel.com> <20200203233548.7616-3-michael.d.kinney@intel.com> <74D8A39837DF1E4DA445A8C0B3885C503F910942@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C503F912A33@shsmsx102.ccr.corp.intel.com> In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503F912A33@shsmsx102.ccr.corp.intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.2.0.6 dlp-reaction: no-action x-originating-ip: [10.22.254.140] MIME-Version: 1.0 Return-Path: michael.d.kinney@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Jiewen, Thanks for pointing to the content in MdePkg. I agree that we could include =20 in BaseHashApiLib implementation and use the subset of TPM_ALG_* define values for both the lib implementation and the PCD description. This will allow us to remove the extra #defines from the HashApiLib.h class. Mike > -----Original Message----- > From: Yao, Jiewen > Sent: Tuesday, February 4, 2020 2:54 PM > To: Kinney, Michael D ; > devel@edk2.groups.io; Sukerkar, Amol N > > Cc: Wang, Jian J > Subject: RE: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: > Implement Unified Hash Calculation API >=20 > Mike > The problem of defining a set of algo ID is that I have > to remember the ID. > I feel frustrated whenever I need match one ID to the > other ID. >=20 > Currently, UEFI secure boot and TCG trusted boot are > important feature. If we can align to one of them, it > is easier. I believe if we have a consistent ID > mapping, it will be much better for developer. >=20 > Current TPM20.h is defined in MdePkg (not in > SecurityPkg) and is considered as an industry standard. > I do not see any dependency issue. >=20 > We can define a new set - not a technical problem. I am > just not sure why we have to. Or we can define it with > the same value as TPM. See below list. I believe it > will cover majority of current usage and current > standard. > > > > + # 0x0004 - SHA1.
> > > > + # 0x000B - SHA256.
> > > > + # 0x000C - SHA384.
> > > > + # 0x000D - SHA512.
> > > > + # 0x0012 - SM3_256.
> > > > + # 0x0027 - SHA3_256.
> > > > + # 0x0028 - SHA3_384.
> > > > + # 0x0029 - SHA3_512.
>=20 >=20 >=20 >=20 > > -----Original Message----- > > From: Kinney, Michael D > > Sent: Wednesday, February 5, 2020 12:26 AM > > To: Yao, Jiewen ; > devel@edk2.groups.io; Kinney, > > Michael D ; Sukerkar, > Amol N > > > > Cc: Wang, Jian J > > Subject: RE: [Patch v10 2/2] > CryptoPkg/BaseHashApiLib: Implement Unified Hash > > Calculation API > > > > Jiewen, > > > > I think UINT8 is fine. We can change default to 0x04 > in DEC file. > > > > I will let Amol comment on why MD4 and MD5 are > included. If > > they are not required, then I agree they should be > removed. > > > > I do not see a reason to align with TCG spec. The > HashApiLib > > is a layer on top of BaseCryptLib and the use of hash > algorithms > > is not limited to TCG related content. The > BaseCryptLib > > could potentially adopt hash algorithms that are not > defined > > in the TCG specification. We also do not want > CryptoPkg to > > depend on the SecurityPkg. > > > > Thanks, > > > > Mike > > > > > -----Original Message----- > > > From: Yao, Jiewen > > > Sent: Monday, February 3, 2020 6:54 PM > > > To: Kinney, Michael D ; > > > devel@edk2.groups.io > > > Cc: Sukerkar, Amol N ; > Wang, > > > Jian J > > > Subject: RE: [Patch v10 2/2] > CryptoPkg/BaseHashApiLib: > > > Implement Unified Hash Calculation API > > > > > > Thanks Mike, to cover us during Chinese New Year > > > holiday. > > > > > > I am just back from vocation. A minor comment: > > > > > > The PcdHashApiLibPolicy is UINT8, but the value is > > > shown as 32bit 0x00000004. > > > > > > There are couple of ways to enhance: > > > 1) Define UINT8, and use 8bit style 0x04. > > > 2) Define UINT32, and use 32bit style 0x00000004. > > > 3) Define UINT16 (match TCG definition), and use > TCG > > > defined value. (Tpm20.h) > > > #define TPM_ALG_SHA1 (TPM_ALG_ID)(0x0004) > > > #define TPM_ALG_SHA256 (TPM_ALG_ID)(0x000B) > > > #define TPM_ALG_SHA384 (TPM_ALG_ID)(0x000C) > > > #define TPM_ALG_SHA512 (TPM_ALG_ID)(0x000D) > > > #define TPM_ALG_SM3_256 (TPM_ALG_ID)(0x0012) > > > > > > MD4 and MD5 are known as insecure and deprecated. I > > > doubt if we want to add such support. (I strong > > > recommend NO). > > > > > > If we can remove MD4 and MD5, I think we can use > #3. > > > > > > Thank you > > > Yao Jiewen > > > > > > > -----Original Message----- > > > > From: Kinney, Michael D > > > > > Sent: Tuesday, February 4, 2020 7:36 AM > > > > To: devel@edk2.groups.io > > > > Cc: Sukerkar, Amol N ; > > > Yao, Jiewen > > > > ; Wang, Jian J > > > > > > > Subject: [Patch v10 2/2] > CryptoPkg/BaseHashApiLib: > > > Implement Unified Hash > > > > Calculation API > > > > > > > > From: Amol N Sukerkar > > > > > > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=3D2151 > > > > > > > > This commit introduces a Unified Hash API to > > > calculate hash using a > > > > hashing algorithm specified by the PCD, > > > PcdHashApiLibPolicy. This library > > > > interfaces with the various hashing API, such as, > > > MD4, MD5, SHA1, SHA256, > > > > SHA512 and SM3_256 implemented in BaseCryptLib. > The > > > user can calculate > > > > the desired hash by setting PcdHashApiLibPolicy > to > > > appropriate value. > > > > > > > > This feature is documented in the Bugzilla, > > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=3D2151. > > > > > > > > Cc: Jiewen Yao > > > > Cc: Jian J Wang > > > > Cc: Michael D Kinney > > > > Signed-off-by: Amol N Sukerkar > > > > > > > Reviewed-by: Michael D Kinney > > > > > > > --- > > > > CryptoPkg/CryptoPkg.dec | > 20 > > > ++ > > > > CryptoPkg/CryptoPkg.dsc | > 4 > > > +- > > > > CryptoPkg/CryptoPkg.uni | > 18 > > > +- > > > > CryptoPkg/Include/Library/HashApiLib.h | > 122 > > > +++++++ > > > > .../Library/BaseHashApiLib/BaseHashApiLib.c | > 330 > > > ++++++++++++++++++ > > > > .../Library/BaseHashApiLib/BaseHashApiLib.inf | > 44 > > > +++ > > > > .../Library/BaseHashApiLib/BaseHashApiLib.uni | > 17 > > > + > > > > 7 files changed, 553 insertions(+), 2 > deletions(-) > > > > create mode 100644 > > > CryptoPkg/Include/Library/HashApiLib.h > > > > create mode 100644 > > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > > > create mode 100644 > > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > > > create mode 100644 > > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni > > > > > > > > diff --git a/CryptoPkg/CryptoPkg.dec > > > b/CryptoPkg/CryptoPkg.dec > > > > index 41af6e879e..8ad0fb5d61 100644 > > > > --- a/CryptoPkg/CryptoPkg.dec > > > > +++ b/CryptoPkg/CryptoPkg.dec > > > > @@ -33,9 +33,29 @@ [LibraryClasses] > > > > ## > > > > TlsLib|Include/Library/TlsLib.h > > > > > > > > + ## @libraryclass Provides Unified API for > > > different hash implementations. > > > > + # > > > > + HashApiLib|Include/Library/HashApiLib.h > > > > + > > > > [Guids] > > > > ## Crypto package token space guid. > > > > gEfiCryptoPkgTokenSpaceGuid =3D { > 0x6bd7de60, > > > 0x9ef7, 0x4899, { 0x97, > > > > 0xd0, 0xab, 0xff, 0xfd, 0xe9, 0x70, 0xf2 } } > > > > > > > > +[PcdsFixedAtBuild, PcdsPatchableInModule, > > > PcdsDynamic, PcdsDynamicEx] > > > > + ## This PCD indicates the HASH algorithm to > > > calculate hash of data > > > > + # Based on the value set, the required > algorithm > > > is chosen to calculate > > > > + # the hash of data.
> > > > + # The default hashing algorithm for > > > BaseHashApiLib is set to SHA256.
> > > > + # 0x00000001 - MD4.
> > > > + # 0x00000002 - MD5.
> > > > + # 0x00000003 - SHA1.
> > > > + # 0x00000004 - SHA256.
> > > > + # 0x00000005 - SHA384.
> > > > + # 0x00000006 - SHA512.
> > > > + # 0x00000007 - SM3_256.
> > > > + # @Prompt Set policy for hashing unsigned > image > > > for Secure Boot. > > > > + # @ValidRange 0x80000001 | 0x00000001 - > 0x00000007 > > > > + > > > > > > > > gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x04|UI > > > NT8|0x00000001 > > > > + > > > > [UserExtensions.TianoCore."ExtraFiles"] > > > > CryptoPkgExtra.uni > > > > diff --git a/CryptoPkg/CryptoPkg.dsc > > > b/CryptoPkg/CryptoPkg.dsc > > > > index ec43c1f0a4..9656a73b3c 100644 > > > > --- a/CryptoPkg/CryptoPkg.dsc > > > > +++ b/CryptoPkg/CryptoPkg.dsc > > > > @@ -1,7 +1,7 @@ > > > > ## @file > > > > # Cryptographic Library Package for UEFI > Security > > > Implementation. > > > > # > > > > -# Copyright (c) 2009 - 2018, Intel Corporation. > All > > > rights reserved.
> > > > +# Copyright (c) 2009 - 2020, Intel Corporation. > All > > > rights reserved.
> > > > # SPDX-License-Identifier: BSD-2-Clause-Patent > > > > # > > > > ## > > > > @@ -44,6 +44,7 @@ [LibraryClasses] > > > > > > > > > > > > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLi > > > b.inf > > > > > > > > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > > > > + > > > > HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApi > > > Lib.inf > > > > > > > > [LibraryClasses.ARM, LibraryClasses.AARCH64] > > > > # > > > > @@ -120,6 +121,7 @@ [Components] > > > > CryptoPkg/Library/TlsLibNull/TlsLibNull.inf > > > > CryptoPkg/Library/OpensslLib/OpensslLib.inf > > > > > CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf > > > > + > > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > > > > > > > [Components.IA32, Components.X64] > > > > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > > > > diff --git a/CryptoPkg/CryptoPkg.uni > > > b/CryptoPkg/CryptoPkg.uni > > > > index beb0036ef5..0dae4c4045 100644 > > > > --- a/CryptoPkg/CryptoPkg.uni > > > > +++ b/CryptoPkg/CryptoPkg.uni > > > > @@ -4,7 +4,7 @@ > > > > // This Package provides cryptographic-related > > > libraries for UEFI security > > > > modules. > > > > // It also provides a test application to test > > > libraries. > > > > // > > > > -// Copyright (c) 2009 - 2018, Intel Corporation. > All > > > rights reserved.
> > > > +// Copyright (c) 2009 - 2020, Intel Corporation. > All > > > rights reserved.
> > > > // > > > > // SPDX-License-Identifier: BSD-2-Clause-Patent > > > > // > > > > @@ -17,3 +17,19 @@ > > > > > > > > > > > > > > > > +#string > > > > STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_PRO > > > MPT > > > > #language en-US "HASH algorithm to calculate > hash" > > > > + > > > > +#string > > > > STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_HEL > > > P > > > > #language en-US "This PCD indicates the HASH > > > algorithm to calculate hash of > > > > data.

\n" > > > > + > > > "Based on the value set, the > > > > required algorithm is chosen to calculate\n" > > > > + > > > "the hash of data.
\n" > > > > + > > > "The default hashing algorithm > > > > for BaseHashApiLib is set to SHA256.
\n" > > > > + > > > "0x00000001 - MD4.
\n" > > > > + > > > "0x00000002 - MD5.
\n" > > > > + > > > "0x00000003 - SHA1.
\n" > > > > + > > > "0x00000004 - > > > > SHA256.
\n" > > > > + > > > "0x00000005 - > > > > SHA384.
\n" > > > > + > > > "0x00000006 - > > > > SHA512.
\n" > > > > + > > > "0x00000007 - SM3.
" > > > > + > > > > + > > > > + > > > > diff --git > a/CryptoPkg/Include/Library/HashApiLib.h > > > > b/CryptoPkg/Include/Library/HashApiLib.h > > > > new file mode 100644 > > > > index 0000000000..22068e5a17 > > > > --- /dev/null > > > > +++ b/CryptoPkg/Include/Library/HashApiLib.h > > > > @@ -0,0 +1,122 @@ > > > > +/** @file > > > > + Unified Hash API Defines > > > > + > > > > + This API when called will calculate the Hash > using > > > the > > > > + hashing algorithm specified by > > > PcdHashApiLibPolicy. > > > > + > > > > + Copyright (c) 2020, Intel Corporation. All > rights > > > reserved.
> > > > + SPDX-License-Identifier: BSD-2-Clause-Patent > > > > + > > > > +**/ > > > > + > > > > +#ifndef __BASEHASHAPILIB_H_ > > > > +#define __BASEHASHAPILIB_H_ > > > > + > > > > +typedef VOID *HASH_API_CONTEXT; > > > > + > > > > +// > > > > +// Hash Algorithms > > > > +// > > > > +#define HASH_API_ALGO_INVALID 0x00000000 > > > > +#define HASH_API_ALGO_MD4 0x00000001 > > > > +#define HASH_API_ALGO_MD5 0x00000002 > > > > +#define HASH_API_ALGO_SHA1 0x00000003 > > > > +#define HASH_API_ALGO_SHA256 0x00000004 > > > > +#define HASH_API_ALGO_SHA384 0x00000005 > > > > +#define HASH_API_ALGO_SHA512 0x00000006 > > > > +#define HASH_API_ALGO_SM3_256 0x00000007 > > > > + > > > > +/** > > > > + Retrieves the size, in bytes, of the context > > > buffer required for hash operations. > > > > + > > > > + @return The size, in bytes, of the context > buffer > > > required for hash operations. > > > > +**/ > > > > +UINTN > > > > +EFIAPI > > > > +HashApiGetContextSize ( > > > > + VOID > > > > + ); > > > > + > > > > +/** > > > > + Init hash sequence. > > > > + > > > > + @param[out] HashContext Hash context. > > > > + > > > > + @retval TRUE Hash start and HashHandle > > > returned. > > > > + @retval FALSE Hash Init unsuccessful. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiInit ( > > > > + OUT HASH_API_CONTEXT HashContext > > > > + ); > > > > + > > > > +/** > > > > + Makes a copy of an existing hash context. > > > > + > > > > + @param[in] HashContext Hash context. > > > > + @param[out] NewHashContext New copy of hash > > > context. > > > > + > > > > + @retval TRUE Hash context copy > succeeded. > > > > + @retval FALSE Hash context copy failed. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiDuplicate ( > > > > + IN HASH_API_CONTEXT HashContext, > > > > + OUT HASH_API_CONTEXT NewHashContext > > > > + ); > > > > + > > > > +/** > > > > + Update hash data. > > > > + > > > > + @param[in] HashContext Hash context. > > > > + @param[in] DataToHash Data to be hashed. > > > > + @param[in] DataToHashLen Data size. > > > > + > > > > + @retval TRUE Hash updated. > > > > + @retval FALSE Hash updated > unsuccessful. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiUpdate ( > > > > + IN HASH_API_CONTEXT HashContext, > > > > + IN VOID *DataToHash, > > > > + IN UINTN DataToHashLen > > > > + ); > > > > + > > > > +/** > > > > + Hash complete. > > > > + > > > > + @param[in] HashContext Hash context. > > > > + @param[out] Digest Hash Digest. > > > > + > > > > + @retval TRUE Hash complete and Digest > is > > > returned. > > > > + @retval FALSE Hash complete > unsuccessful. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiFinal ( > > > > + IN HASH_API_CONTEXT HashContext, > > > > + OUT UINT8 *Digest > > > > + ); > > > > + > > > > +/** > > > > + Computes hash message digest of a input data > > > buffer. > > > > + > > > > + @param[in] DataToHash Data to be hashed. > > > > + @param[in] DataToHashLen Data size. > > > > + @param[out] Digest Hash Digest. > > > > + > > > > + @retval TRUE Hash digest computation > succeeded. > > > > + @retval FALSE Hash digest computation failed. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiHashAll ( > > > > + IN CONST VOID *DataToHash, > > > > + IN UINTN DataToHashLen, > > > > + OUT UINT8 *Digest > > > > + ); > > > > + > > > > +#endif > > > > diff --git > > > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > > > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > > > new file mode 100644 > > > > index 0000000000..277ef9f0b4 > > > > --- /dev/null > > > > +++ > > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > > > @@ -0,0 +1,330 @@ > > > > +/** @file > > > > + Unified Hash API Implementation > > > > + > > > > + This file implements the Unified Hash API. > > > > + > > > > + This API, when called, will calculate the Hash > > > using the > > > > + hashing algorithm specified by > > > PcdHashApiLibPolicy. > > > > + > > > > + Copyright (c) 2020, Intel Corporation. All > rights > > > reserved.
> > > > + SPDX-License-Identifier: BSD-2-Clause-Patent > > > > + > > > > +**/ > > > > + > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > +#include > > > > + > > > > +/** > > > > + Retrieves the size, in bytes, of the context > > > buffer required for hash operations. > > > > + > > > > + @return The size, in bytes, of the context > buffer > > > required for hash operations. > > > > +**/ > > > > +UINTN > > > > +EFIAPI > > > > +HashApiGetContextSize ( > > > > + VOID > > > > + ) > > > > +{ > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > > > + case HASH_API_ALGO_MD4: > > > > + return Md4GetContextSize (); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_MD5: > > > > + return Md5GetContextSize (); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA1: > > > > + return Sha1GetContextSize (); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA256: > > > > + return Sha256GetContextSize (); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA384: > > > > + return Sha384GetContextSize (); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA512: > > > > + return Sha512GetContextSize (); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SM3_256: > > > > + return Sm3GetContextSize (); > > > > + break; > > > > + > > > > + default: > > > > + ASSERT (FALSE); > > > > + return 0; > > > > + break; > > > > + } > > > > +} > > > > + > > > > +/** > > > > + Init hash sequence. > > > > + > > > > + @param[out] HashContext Hash context. > > > > + > > > > + @retval TRUE Hash start and HashHandle > > > returned. > > > > + @retval FALSE Hash Init unsuccessful. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiInit ( > > > > + OUT HASH_API_CONTEXT HashContext > > > > + ) > > > > +{ > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > > > + case HASH_API_ALGO_MD4: > > > > + return Md4Init (HashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_MD5: > > > > + return Md5Init (HashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA1: > > > > + return Sha1Init (HashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA256: > > > > + return Sha256Init (HashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA384: > > > > + return Sha384Init (HashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA512: > > > > + return Sha512Init (HashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SM3_256: > > > > + return Sm3Init (HashContext); > > > > + break; > > > > + > > > > + default: > > > > + ASSERT (FALSE); > > > > + return FALSE; > > > > + break; > > > > + } > > > > +} > > > > + > > > > +/** > > > > + Makes a copy of an existing hash context. > > > > + > > > > + @param[in] HashContext Hash context. > > > > + @param[out] NewHashContext New copy of hash > > > context. > > > > + > > > > + @retval TRUE Hash context copy > succeeded. > > > > + @retval FALSE Hash context copy failed. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiDuplicate ( > > > > + IN HASH_API_CONTEXT HashContext, > > > > + OUT HASH_API_CONTEXT NewHashContext > > > > + ) > > > > +{ > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > > > + case HASH_API_ALGO_MD4: > > > > + return Md4Duplicate (HashContext, > > > NewHashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_MD5: > > > > + return Md5Duplicate (HashContext, > > > NewHashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA1: > > > > + return Sha1Duplicate (HashContext, > > > NewHashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA256: > > > > + return Sha256Duplicate (HashContext, > > > NewHashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA384: > > > > + return Sha384Duplicate (HashContext, > > > NewHashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA512: > > > > + return Sha512Duplicate (HashContext, > > > NewHashContext); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SM3_256: > > > > + return Sm3Duplicate (HashContext, > > > NewHashContext); > > > > + break; > > > > + > > > > + default: > > > > + ASSERT (FALSE); > > > > + return FALSE; > > > > + break; > > > > + } > > > > +} > > > > + > > > > +/** > > > > + Update hash data. > > > > + > > > > + @param[in] HashContext Hash context. > > > > + @param[in] DataToHash Data to be hashed. > > > > + @param[in] DataToHashLen Data size. > > > > + > > > > + @retval TRUE Hash updated. > > > > + @retval FALSE Hash updated > unsuccessful. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiUpdate ( > > > > + IN HASH_API_CONTEXT HashContext, > > > > + IN VOID *DataToHash, > > > > + IN UINTN DataToHashLen > > > > + ) > > > > +{ > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > > > + case HASH_API_ALGO_MD4: > > > > + return Md4Update (HashContext, DataToHash, > > > DataToHashLen); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_MD5: > > > > + return Md5Update (HashContext, DataToHash, > > > DataToHashLen); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA1: > > > > + return Sha1Update (HashContext, > DataToHash, > > > DataToHashLen); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA256: > > > > + return Sha256Update (HashContext, > DataToHash, > > > DataToHashLen); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA384: > > > > + return Sha384Update (HashContext, > DataToHash, > > > DataToHashLen); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA512: > > > > + return Sha512Update (HashContext, > DataToHash, > > > DataToHashLen); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SM3_256: > > > > + return Sm3Update (HashContext, DataToHash, > > > DataToHashLen); > > > > + break; > > > > + > > > > + default: > > > > + ASSERT (FALSE); > > > > + return FALSE; > > > > + break; > > > > + } > > > > +} > > > > + > > > > +/** > > > > + Hash complete. > > > > + > > > > + @param[in] HashContext Hash context. > > > > + @param[out] Digest Hash Digest. > > > > + > > > > + @retval TRUE Hash complete and Digest > is > > > returned. > > > > + @retval FALSE Hash complete > unsuccessful. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiFinal ( > > > > + IN HASH_API_CONTEXT HashContext, > > > > + OUT UINT8 *Digest > > > > + ) > > > > +{ > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > > > + case HASH_API_ALGO_MD4: > > > > + return Md4Final (HashContext, Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_MD5: > > > > + return Md5Final (HashContext, Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA1: > > > > + return Sha1Final (HashContext, Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA256: > > > > + return Sha256Final (HashContext, Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA384: > > > > + return Sha384Final (HashContext, Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA512: > > > > + return Sha512Final (HashContext, Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SM3_256: > > > > + return Sm3Final (HashContext, Digest); > > > > + break; > > > > + > > > > + default: > > > > + ASSERT (FALSE); > > > > + return FALSE; > > > > + break; > > > > + } > > > > +} > > > > + > > > > +/** > > > > + Computes hash message digest of a input data > > > buffer. > > > > + > > > > + @param[in] DataToHash Data to be hashed. > > > > + @param[in] DataToHashLen Data size. > > > > + @param[out] Digest Hash Digest. > > > > + > > > > + @retval TRUE Hash digest computation > succeeded. > > > > + @retval FALSE Hash digest computation failed. > > > > +**/ > > > > +BOOLEAN > > > > +EFIAPI > > > > +HashApiHashAll ( > > > > + IN CONST VOID *DataToHash, > > > > + IN UINTN DataToHashLen, > > > > + OUT UINT8 *Digest > > > > + ) > > > > +{ > > > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > > > + case HASH_API_ALGO_MD4: > > > > + return Md4HashAll (DataToHash, > DataToHashLen, > > > Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_MD5: > > > > + return Md5HashAll (DataToHash, > DataToHashLen, > > > Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA1: > > > > + return Sha1HashAll (DataToHash, > DataToHashLen, > > > Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA256: > > > > + return Sha256HashAll (DataToHash, > > > DataToHashLen, Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA384: > > > > + return Sha384HashAll (DataToHash, > > > DataToHashLen, Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SHA512: > > > > + return Sha512HashAll (DataToHash, > > > DataToHashLen, Digest); > > > > + break; > > > > + > > > > + case HASH_API_ALGO_SM3_256: > > > > + return Sm3HashAll (DataToHash, > DataToHashLen, > > > Digest); > > > > + break; > > > > + > > > > + default: > > > > + ASSERT (FALSE); > > > > + return FALSE; > > > > + break; > > > > + } > > > > +} > > > > diff --git > > > > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > > > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > > > new file mode 100644 > > > > index 0000000000..b4d8675ddd > > > > --- /dev/null > > > > +++ > > > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > > > @@ -0,0 +1,44 @@ > > > > +## @file > > > > +# Provides Unified API for Hash Calculation > > > > +# > > > > +# This library is BaseHashApiLib. It will > redirect > > > hash request to > > > > +# each individual hash API, such as SHA1, > SHA256, > > > SHA384, SM3 based > > > > +# on hashing algorithm specified by > > > PcdHashApiLibPolicy. > > > > +# > > > > +# Copyright (c) 2020, Intel Corporation. All > rights > > > reserved.
> > > > +# SPDX-License-Identifier: BSD-2-Clause-Patent > > > > +# > > > > +## > > > > + > > > > +[Defines] > > > > + INF_VERSION =3D 0x00010005 > > > > + BASE_NAME =3D > BaseHashApiLib > > > > + MODULE_UNI_FILE =3D > > > BaseHashApiLib.uni > > > > + FILE_GUID =3D B1E566DD- > DE7C- > > > 4F04-BDA0-B1295D3BE927 > > > > + MODULE_TYPE =3D BASE > > > > + VERSION_STRING =3D 1.0 > > > > + LIBRARY_CLASS =3D > BaseHashApiLib > > > > + > > > > +# > > > > +# The following information is for reference > only > > > and not required by the build > > > > tools. > > > > +# > > > > +# VALID_ARCHITECTURES =3D IA32 X64 > > > > +# > > > > + > > > > +[Sources] > > > > + BaseHashApiLib.c > > > > + > > > > +[Packages] > > > > + MdePkg/MdePkg.dec > > > > + CryptoPkg/CryptoPkg.dec > > > > + > > > > +[LibraryClasses] > > > > + BaseLib > > > > + BaseMemoryLib > > > > + DebugLib > > > > + MemoryAllocationLib > > > > + BaseCryptLib > > > > + PcdLib > > > > + > > > > +[Pcd] > > > > + > gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy > > > ## CONSUMES > > > > diff --git > > > > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni > > > > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni > > > > new file mode 100644 > > > > index 0000000000..49ba82e86f > > > > --- /dev/null > > > > +++ > > > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni > > > > @@ -0,0 +1,17 @@ > > > > +// /** @file > > > > +// Provides Unified API for Hash Calculation > > > > +// > > > > +// This library is BaseHashApiLib. It will > redirect > > > hash request to > > > > +// each individual hash API, such as SHA1, > SHA256, > > > SHA384, SM3 based > > > > +// on hashing algorithm specified by > > > PcdHashApiLibPolicy. > > > > +// > > > > +// Copyright (c) 2020, Intel Corporation. All > rights > > > reserved.
> > > > +// > > > > +// SPDX-License-Identifier: BSD-2-Clause-Patent > > > > +// > > > > +// **/ > > > > + > > > > + > > > > +#string STR_MODULE_ABSTRACT > #language > > > en-US "Provides hash > > > > service by specified hash handler" > > > > + > > > > +#string STR_MODULE_DESCRIPTION > #language > > > en-US "This library is > > > > Unified Hash API. It will redirect hash request > to > > > the hash handler specified by > > > > PcdHashApiLibPolicy." > > > > -- > > > > 2.21.0.windows.1