From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web10.834.1581719908329881469 for ; Fri, 14 Feb 2020 14:38:28 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: michael.d.kinney@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Feb 2020 14:38:28 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,442,1574150400"; d="scan'208";a="434933484" Received: from orsmsx106.amr.corp.intel.com ([10.22.225.133]) by fmsmga006.fm.intel.com with ESMTP; 14 Feb 2020 14:38:27 -0800 Received: from orsmsx116.amr.corp.intel.com (10.22.240.14) by ORSMSX106.amr.corp.intel.com (10.22.225.133) with Microsoft SMTP Server (TLS) id 14.3.439.0; Fri, 14 Feb 2020 14:38:27 -0800 Received: from orsmsx113.amr.corp.intel.com ([169.254.9.183]) by ORSMSX116.amr.corp.intel.com ([169.254.7.108]) with mapi id 14.03.0439.000; Fri, 14 Feb 2020 14:38:27 -0800 From: "Michael D Kinney" To: "Sukerkar, Amol N" , "devel@edk2.groups.io" , "Kinney, Michael D" CC: "Yao, Jiewen" , "Wang, Jian J" , "Agrawal, Sachin" , "Gao, Liming" Subject: Re: [PATCH v2 1/2] CryptoPkg/BaseHashApiLib: Align BaseHashApiLib with TPM 2.0 Implementation Thread-Topic: [PATCH v2 1/2] CryptoPkg/BaseHashApiLib: Align BaseHashApiLib with TPM 2.0 Implementation Thread-Index: AQHV42Fk9YQL/u03kE+473AEPZeVBqgbQ7jwgAADlpA= Date: Fri, 14 Feb 2020 22:38:27 +0000 Message-ID: References: <20200214180545.5872-1-amol.n.sukerkar@intel.com> <20200214180545.5872-2-amol.n.sukerkar@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.2.0.6 dlp-reaction: no-action x-originating-ip: [10.22.254.140] MIME-Version: 1.0 Return-Path: michael.d.kinney@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Amol, One additional comment. You added #include to the=20 HashApiLib.h class. The public APIs do not depend on any definitions from so this line should ne removed from CryptoPkg/Include/Library/HashApiLib.h. Instead, #include should be added to the BaseHashApiLib implementation in=20 the file CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c. Thanks, Mike > -----Original Message----- > From: Kinney, Michael D > Sent: Friday, February 14, 2020 2:30 PM > To: Sukerkar, Amol N ; > devel@edk2.groups.io; Kinney, Michael D > > Cc: Yao, Jiewen ; Wang, Jian J > ; Agrawal, Sachin > ; Gao, Liming > > Subject: RE: [PATCH v2 1/2] CryptoPkg/BaseHashApiLib: > Align BaseHashApiLib with TPM 2.0 Implementation >=20 > Amol, >=20 > Comments included below. >=20 > Mike >=20 > > -----Original Message----- > > From: Sukerkar, Amol N > > Sent: Friday, February 14, 2020 10:06 AM > > To: devel@edk2.groups.io > > Cc: Kinney, Michael D ; > > Yao, Jiewen ; Wang, Jian J > > ; Agrawal, Sachin > > ; Gao, Liming > > > > Subject: [PATCH v2 1/2] CryptoPkg/BaseHashApiLib: > Align > > BaseHashApiLib with TPM 2.0 Implementation > > > > Ref: > > https://bugzilla.tianocore.org/show_bug.cgi?id=3D2511 > > > > This commit aligns the baseHashApiLib with TPM 2.0 > > Implementation > > as follows: > > - Remove reference to MD4 and MD5 algorithms as they > > are deprecated > > - Align the enumerations for hashing algoerithms with > > the one used > > in TPM 2.0 implementation defined in > > IndustryStandard/Tpm20.h. > > > > Cc: Jiewen Yao > > Cc: Jian J Wang > > Cc: Michael D Kinney > > Signed-off-by: Amol N Sukerkar > > > > --- > > > > Notes: > > v2 > > - Fixed closed parentheses in commit message > > > > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c | > > 120 ++++++-------------- > > CryptoPkg/CryptoPkg.dec | > > 16 ++- > > CryptoPkg/CryptoPkg.uni | > > 12 +- > > CryptoPkg/Include/Library/HashApiLib.h | > > 14 +-- > > 4 files changed, 50 insertions(+), 112 deletions(-) > > > > diff --git > > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > index 277ef9f0b421..b87a82b06ce1 100644 > > --- > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > +++ > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > @@ -31,32 +31,24 @@ HashApiGetContextSize ( > > VOID > > ) > > { > > - switch (PcdGet8 (PcdHashApiLibPolicy)) { > > - case HASH_API_ALGO_MD4: > > - return Md4GetContextSize (); > > - break; > > - > > - case HASH_API_ALGO_MD5: > > - return Md5GetContextSize (); > > - break; > > - > > - case HASH_API_ALGO_SHA1: > > + switch (PcdGet16 (PcdHashApiLibPolicy)) { > > + case HASH_ALG_SHA1: > > return Sha1GetContextSize (); > > break; > > > > - case HASH_API_ALGO_SHA256: > > + case HASH_ALG_SHA256: > > return Sha256GetContextSize (); > > break; > > > > - case HASH_API_ALGO_SHA384: > > + case HASH_ALG_SHA384: > > return Sha384GetContextSize (); > > break; > > > > - case HASH_API_ALGO_SHA512: > > + case HASH_ALG_SHA512: > > return Sha512GetContextSize (); > > break; > > > > - case HASH_API_ALGO_SM3_256: > > + case HASH_ALG_SM3_256: > > return Sm3GetContextSize (); > > break; > > > > @@ -81,32 +73,24 @@ HashApiInit ( > > OUT HASH_API_CONTEXT HashContext > > ) > > { > > - switch (PcdGet8 (PcdHashApiLibPolicy)) { > > - case HASH_API_ALGO_MD4: > > - return Md4Init (HashContext); > > - break; > > - > > - case HASH_API_ALGO_MD5: > > - return Md5Init (HashContext); > > - break; > > - > > - case HASH_API_ALGO_SHA1: > > + switch (PcdGet16 (PcdHashApiLibPolicy)) { > > + case HASH_ALG_SHA1: > > return Sha1Init (HashContext); > > break; > > > > - case HASH_API_ALGO_SHA256: > > + case HASH_ALG_SHA256: > > return Sha256Init (HashContext); > > break; > > > > - case HASH_API_ALGO_SHA384: > > + case HASH_ALG_SHA384: > > return Sha384Init (HashContext); > > break; > > > > - case HASH_API_ALGO_SHA512: > > + case HASH_ALG_SHA512: > > return Sha512Init (HashContext); > > break; > > > > - case HASH_API_ALGO_SM3_256: > > + case HASH_ALG_SM3_256: > > return Sm3Init (HashContext); > > break; > > > > @@ -133,32 +117,24 @@ HashApiDuplicate ( > > OUT HASH_API_CONTEXT NewHashContext > > ) > > { > > - switch (PcdGet8 (PcdHashApiLibPolicy)) { > > - case HASH_API_ALGO_MD4: > > - return Md4Duplicate (HashContext, > > NewHashContext); > > - break; > > - > > - case HASH_API_ALGO_MD5: > > - return Md5Duplicate (HashContext, > > NewHashContext); > > - break; > > - > > - case HASH_API_ALGO_SHA1: > > + switch (PcdGet16 (PcdHashApiLibPolicy)) { > > + case HASH_ALG_SHA1: > > return Sha1Duplicate (HashContext, > > NewHashContext); > > break; > > > > - case HASH_API_ALGO_SHA256: > > + case HASH_ALG_SHA256: > > return Sha256Duplicate (HashContext, > > NewHashContext); > > break; > > > > - case HASH_API_ALGO_SHA384: > > + case HASH_ALG_SHA384: > > return Sha384Duplicate (HashContext, > > NewHashContext); > > break; > > > > - case HASH_API_ALGO_SHA512: > > + case HASH_ALG_SHA512: > > return Sha512Duplicate (HashContext, > > NewHashContext); > > break; > > > > - case HASH_API_ALGO_SM3_256: > > + case HASH_ALG_SM3_256: > > return Sm3Duplicate (HashContext, > > NewHashContext); > > break; > > > > @@ -187,32 +163,24 @@ HashApiUpdate ( > > IN UINTN DataToHashLen > > ) > > { > > - switch (PcdGet8 (PcdHashApiLibPolicy)) { > > - case HASH_API_ALGO_MD4: > > - return Md4Update (HashContext, DataToHash, > > DataToHashLen); > > - break; > > - > > - case HASH_API_ALGO_MD5: > > - return Md5Update (HashContext, DataToHash, > > DataToHashLen); > > - break; > > - > > - case HASH_API_ALGO_SHA1: > > + switch (PcdGet16 (PcdHashApiLibPolicy)) { > > + case HASH_ALG_SHA1: > > return Sha1Update (HashContext, DataToHash, > > DataToHashLen); > > break; > > > > - case HASH_API_ALGO_SHA256: > > + case HASH_ALG_SHA256: > > return Sha256Update (HashContext, DataToHash, > > DataToHashLen); > > break; > > > > - case HASH_API_ALGO_SHA384: > > + case HASH_ALG_SHA384: > > return Sha384Update (HashContext, DataToHash, > > DataToHashLen); > > break; > > > > - case HASH_API_ALGO_SHA512: > > + case HASH_ALG_SHA512: > > return Sha512Update (HashContext, DataToHash, > > DataToHashLen); > > break; > > > > - case HASH_API_ALGO_SM3_256: > > + case HASH_ALG_SM3_256: > > return Sm3Update (HashContext, DataToHash, > > DataToHashLen); > > break; > > > > @@ -239,32 +207,24 @@ HashApiFinal ( > > OUT UINT8 *Digest > > ) > > { > > - switch (PcdGet8 (PcdHashApiLibPolicy)) { > > - case HASH_API_ALGO_MD4: > > - return Md4Final (HashContext, Digest); > > - break; > > - > > - case HASH_API_ALGO_MD5: > > - return Md5Final (HashContext, Digest); > > - break; > > - > > - case HASH_API_ALGO_SHA1: > > + switch (PcdGet16 (PcdHashApiLibPolicy)) { > > + case HASH_ALG_SHA1: > > return Sha1Final (HashContext, Digest); > > break; > > > > - case HASH_API_ALGO_SHA256: > > + case HASH_ALG_SHA256: > > return Sha256Final (HashContext, Digest); > > break; > > > > - case HASH_API_ALGO_SHA384: > > + case HASH_ALG_SHA384: > > return Sha384Final (HashContext, Digest); > > break; > > > > - case HASH_API_ALGO_SHA512: > > + case HASH_ALG_SHA512: > > return Sha512Final (HashContext, Digest); > > break; > > > > - case HASH_API_ALGO_SM3_256: > > + case HASH_ALG_SM3_256: > > return Sm3Final (HashContext, Digest); > > break; > > > > @@ -293,32 +253,24 @@ HashApiHashAll ( > > OUT UINT8 *Digest > > ) > > { > > - switch (PcdGet8 (PcdHashApiLibPolicy)) { > > - case HASH_API_ALGO_MD4: > > - return Md4HashAll (DataToHash, DataToHashLen, > > Digest); > > - break; > > - > > - case HASH_API_ALGO_MD5: > > - return Md5HashAll (DataToHash, DataToHashLen, > > Digest); > > - break; > > - > > - case HASH_API_ALGO_SHA1: > > + switch (PcdGet16 (PcdHashApiLibPolicy)) { > > + case HASH_ALG_SHA1: > > return Sha1HashAll (DataToHash, DataToHashLen, > > Digest); > > break; > > > > - case HASH_API_ALGO_SHA256: > > + case HASH_ALG_SHA256: > > return Sha256HashAll (DataToHash, > DataToHashLen, > > Digest); > > break; > > > > - case HASH_API_ALGO_SHA384: > > + case HASH_ALG_SHA384: > > return Sha384HashAll (DataToHash, > DataToHashLen, > > Digest); > > break; > > > > - case HASH_API_ALGO_SHA512: > > + case HASH_ALG_SHA512: > > return Sha512HashAll (DataToHash, > DataToHashLen, > > Digest); > > break; > > > > - case HASH_API_ALGO_SM3_256: > > + case HASH_ALG_SM3_256: > > return Sm3HashAll (DataToHash, DataToHashLen, > > Digest); > > break; > > > > diff --git a/CryptoPkg/CryptoPkg.dec > > b/CryptoPkg/CryptoPkg.dec > > index 8bd63a76dd22..f185bcc82515 100644 > > --- a/CryptoPkg/CryptoPkg.dec > > +++ b/CryptoPkg/CryptoPkg.dec > > @@ -74,16 +74,14 @@ [PcdsFixedAtBuild, > > PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] > > # Based on the value set, the required algorithm > is > > chosen to calculate > > # the hash of data.
> > # The default hashing algorithm for > BaseHashApiLib > > is set to SHA256.
> > - # 0x00000001 - MD4.
> > - # 0x00000002 - MD5.
> > - # 0x00000003 - SHA1.
> > - # 0x00000004 - SHA256.
> > - # 0x00000005 - SHA384.
> > - # 0x00000006 - SHA512.
> > - # 0x00000007 - SM3_256.
> > + # 0x00000001 - SHA1.
> > + # 0x00000002 - SHA256.
> > + # 0x00000004 - SHA384.
> > + # 0x00000008 - SHA512.
> > + # 0x00000010 - SM3_256.
>=20 > Update the names to match the define names in Tpm20.h > such as HASH_ALG_SHA256. >=20 > > # @Prompt Set policy for hashing unsigned image > for > > Secure Boot. > > - # @ValidRange 0x80000001 | 0x00000001 - 0x00000007 > > - > > > gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x04|UI > > NT8|0x00000001 > > + # @ValidRange 0x80000001 | 0x00000001 - 0x00000010 >=20 > Using ValidRange is not correct because not all the > values from 0x0000001 - 0x00000010 are valid. Should > change to @ValidList. >=20 > # @ValidList 0x80000001 | 0x00000001, 0x00000002, > 0x00000004, 0x00000008, 0x00000010 >=20 > > + > > > gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x02|UI > > NT16|0x00000001 > > > > [UserExtensions.TianoCore."ExtraFiles"] > > CryptoPkgExtra.uni > > diff --git a/CryptoPkg/CryptoPkg.uni > > b/CryptoPkg/CryptoPkg.uni > > index 2222762f42ee..7e97ac7af8b7 100644 > > --- a/CryptoPkg/CryptoPkg.uni > > +++ b/CryptoPkg/CryptoPkg.uni > > @@ -21,13 +21,11 @@ > > > > "Based on the value set, the required algorithm is > > chosen to calculate\n" > > > > "the hash of data.
\n" > > > > "The default hashing algorithm for BaseHashApiLib is > > set to SHA256.
\n" > > - > > "0x00000001 - MD4.
\n" > > - > > "0x00000002 - MD5.
\n" > > - > > "0x00000003 - SHA1.
\n" > > - > > "0x00000004 - SHA256.
\n" > > - > > "0x00000005 - SHA384.
\n" > > - > > "0x00000006 - SHA512.
\n" > > - > > "0x00000007 - SM3.
" > > + > > "0x00000001 - SHA1.
\n" > > + > > "0x00000002 - SHA256.
\n" > > + > > "0x00000004 - SHA384.
\n" > > + > > "0x00000008 - SHA512.
\n" > > + > > "0x00000010 - SM3.
" >=20 > Update the names to match the define names in Tpm20.h > such as HASH_ALG_SHA256. >=20 > > > > #string > > > STR_gEfiCryptoPkgTokenSpaceGuid_PcdCryptoServiceFamilyE > > nable_PROMPT #language en-US "Enable/Disable EDK II > > Crypto Protocol/PPI services" > > > > diff --git a/CryptoPkg/Include/Library/HashApiLib.h > > b/CryptoPkg/Include/Library/HashApiLib.h > > index 22068e5a1756..b8b52ae15bd9 100644 > > --- a/CryptoPkg/Include/Library/HashApiLib.h > > +++ b/CryptoPkg/Include/Library/HashApiLib.h > > @@ -12,20 +12,10 @@ > > #ifndef __BASEHASHAPILIB_H_ > > #define __BASEHASHAPILIB_H_ >=20 > This define name does not match the pattern for > other includes and BASE should not be used here. > Please change to: >=20 > #ifndef __HASH_API_LIB_H_ > #define __HASH_API_LIB_H_ >=20 > > > > +#include > > + > > typedef VOID *HASH_API_CONTEXT; > > > > -// > > -// Hash Algorithms > > -// > > -#define HASH_API_ALGO_INVALID 0x00000000 > > -#define HASH_API_ALGO_MD4 0x00000001 > > -#define HASH_API_ALGO_MD5 0x00000002 > > -#define HASH_API_ALGO_SHA1 0x00000003 > > -#define HASH_API_ALGO_SHA256 0x00000004 > > -#define HASH_API_ALGO_SHA384 0x00000005 > > -#define HASH_API_ALGO_SHA512 0x00000006 > > -#define HASH_API_ALGO_SM3_256 0x00000007 > > - > > /** > > Retrieves the size, in bytes, of the context > buffer > > required for hash operations. > > > > -- > > 2.16.2.windows.1