From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web10.1016.1580841009191999665 for ; Tue, 04 Feb 2020 10:30:09 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=m7eGrGX5; spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: amol.n.sukerkar@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Feb 2020 10:30:07 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,402,1574150400"; d="scan'208";a="279138911" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by FMSMGA003.fm.intel.com with ESMTP; 04 Feb 2020 10:30:07 -0800 Received: from fmsmsx111.amr.corp.intel.com (10.18.116.5) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 4 Feb 2020 10:30:07 -0800 Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by fmsmsx111.amr.corp.intel.com (10.18.116.5) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 4 Feb 2020 10:30:06 -0800 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.102) by edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 4 Feb 2020 10:30:07 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IpVeWCAEJ3VLfGYIbteatJgTdax0SW/2+5AaQcLNdjFnQbUDHE8ElPCOywUmutECVu95E1li3GZ2yxlSYNyLmaJ5mxDeJ99MQCtw0ej2C/jbFupLG6wyB8KXb+Y6oBFkIq3OqSnbnivdrlsYTAb2X1dF7glXwvv9aPo9geIUN/na6j/o+7GBvl39DgQyb/H9RvNptl9eCJ3Tm6ExY06TAbuHs01QCeUGy7A8dan+xl/mDISEcYWA0ttoHTByRFsw0ncgeg1VPEEAWj+N7X5B4UI3a5ujB9VLzV2p/dHKccNVkXbAVqrNrbB9/tzac1dBX0LxQO5FC4LFHwzsetBxOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BTD4OEj5KxhrXTWxu4NlqqTPo+lb078VrpPtto6icI4=; b=aLz6e5zyPbWF4CzWvVYcezMHy7th2BMjY4gd4/jrAirtzoFsZtyEp9A7vJusewDD9jD+eKneqzbMw+ouCNyzybTzFO00AzZzRD82A+bpkFLgqETAP0dsTnOvYEPsGYlxScDRjKEcK3LQJvcru7tDIaXoJo6PavV0kdpyBZKqeHOMMqo6hKeWxF6btF4YzYCdlGDvNbmTFaignkS0RYe1pPghx43YSH2IFv6CbV32LiP80Z9HrkQFJR0wwsk15fuU5oIdjQpJni38USIXsYCf9poHw4ZuZllAXwXuRJmOqS51jhEtXZRq02olJeQOwUeY3LQmcT1zgb2a4itOwW5oOg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BTD4OEj5KxhrXTWxu4NlqqTPo+lb078VrpPtto6icI4=; b=m7eGrGX5JHX8eWHEsgpHlMUXglvx/bUnPeppRHgBjFIozzhlkdFwUSZgooRUaeUE0jNh5HwIw/cOQSwU+lTF82KVl3ovsCZjhrRLOemZz8uxdT1l/dvtRG2gXzwIz39aP996fXo8BpuysBMb3jBlsFhZ3TJXfFeEUeWLjdFUMls= Received: from SN6PR11MB2893.namprd11.prod.outlook.com (20.176.241.151) by SN6PR11MB2926.namprd11.prod.outlook.com (52.135.124.147) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2686.26; Tue, 4 Feb 2020 18:30:04 +0000 Received: from SN6PR11MB2893.namprd11.prod.outlook.com ([fe80::e59c:2d4b:b97c:9676]) by SN6PR11MB2893.namprd11.prod.outlook.com ([fe80::e59c:2d4b:b97c:9676%7]) with mapi id 15.20.2686.034; Tue, 4 Feb 2020 18:30:04 +0000 From: "Sukerkar, Amol N" To: "Kinney, Michael D" , "Yao, Jiewen" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Sukerkar, Amol N" Subject: Re: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API Thread-Topic: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API Thread-Index: AQHV2uq9LarSu+1k8ECkh7/d2NhT/6gKVtqAgADi/oCAAAoEcIAAGDuA Date: Tue, 4 Feb 2020 18:30:04 +0000 Message-ID: References: <20200203233548.7616-1-michael.d.kinney@intel.com> <20200203233548.7616-3-michael.d.kinney@intel.com> <74D8A39837DF1E4DA445A8C0B3885C503F910942@shsmsx102.ccr.corp.intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-reaction: no-action dlp-version: 11.2.0.6 dlp-product: dlpe-windows authentication-results: spf=none (sender IP is ) smtp.mailfrom=amol.n.sukerkar@intel.com; x-originating-ip: [192.55.52.202] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a653195a-09b2-4ade-e8a1-08d7a9a040f1 x-ms-traffictypediagnostic: SN6PR11MB2926: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:5797; x-forefront-prvs: 03030B9493 x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(366004)(396003)(136003)(376002)(39860400002)(346002)(189003)(199004)(316002)(26005)(6506007)(186003)(52536014)(19627235002)(71200400001)(2906002)(55016002)(66556008)(66446008)(8936002)(110136005)(64756008)(66476007)(76116006)(2940100002)(53546011)(54906003)(66946007)(30864003)(966005)(7696005)(33656002)(478600001)(81156014)(81166006)(5660300002)(107886003)(86362001)(9686003)(4326008)(8676002)(559001)(579004);DIR:OUT;SFP:1102;SCL:1;SRVR:SN6PR11MB2926;H:SN6PR11MB2893.namprd11.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: h4Bnyan9dPzmV1aj781cHEUKPlHnIK9MzTIHRhUhOytdHE/bVifhjWtMr9YmVd9G28kSh6n+YtEeTG5v+7xieal3e5mL9AW616tJ++jgVtBhgX6hgzczeSwc6KfkjM2k5JIthWZB1L2YRxoROq36Wn50g4uGAI+5yiFeKV7xYxb/EiV0Pyf8R7XuRq8x32zZw7InvICjcdaoqxJ1tRjuB/U1O3Q5QEECN2NC3uvv/IWc0WZaPZQXYw62+OeMqqFNmi17B533bBz+RLwheHThed8GxavVT2J0yR9ogC4o7XvGrcJa8bcg31VXFDquMTbZhwUC7eZOskoju2CmSddzWmaaYErWemBS6nRBpNNhl+XEtoy1qLPrRPWeK/Jm2wWV4vnd5LNQPV0gRHmjzfKzO+kV2TJVED9tt5s+BT9zQ/GCxF3CF5gU9JMyCWqSLh8GSPpc/ykh2wC9wWfHRANFrCEXpPRAuul0RKH99K7T9jWq0HUE3DM2z/hFkCCQUleZGVn7dJJHkfvOxe4J6c5BIg== x-ms-exchange-antispam-messagedata: WYjM6h0b/IhkSarBZjdRejfho/zblc4mspxyJXffR9e5HbseTyW7JMsCNThITT3JgawY6QLC6aLeG9AASLD4Mrlvlm9urUFI2QTVK+uaWMTUHG2qZilhazedH18ZKgje0yt99+hBjQe3KjJ5IdWSzw== MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: a653195a-09b2-4ade-e8a1-08d7a9a040f1 X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Feb 2020 18:30:04.4222 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: QOQJ82CkQGeJ9f0a/lAm1oYHKvi96//7QLlivG0yRRk0AD0fTQhI0JBZ455o01oDO7uREfCfGDHrpAnqDPmvqGKzTOhZhlm1p3YbH5tE3Ag= X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR11MB2926 Return-Path: amol.n.sukerkar@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Mike, Jiewen and Jian, Do I need to follow any crypto review guidelines for this patch? I am not e= nabling any new crypto. Need your input. Thanks, Amol -----Original Message----- From: Sukerkar, Amol N =20 Sent: Tuesday, February 04, 2020 10:10 AM To: Kinney, Michael D ; Yao, Jiewen ; devel@edk2.groups.io Cc: Wang, Jian J ; Sukerkar, Amol N Subject: RE: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Ha= sh Calculation API Hi Jiewen and Mike, I agree with general statement that MD4 and MD5 are deprecated. However, Al= though not MD4, UEFI spec 2.8 still mentions MD5 (and does not mention that= it is deprecated). That is the reason MD4 and MD5 were included. If there is going to be an update to UEFI spec deprecating MD5 as well, we = can definitely go ahead and remove MD5 (and MD4). I believe the decision is= should we wait until the change to UEFI spec or make the change right now.= Let me know which approach we should be following. Thanks, Amol -----Original Message----- From: Kinney, Michael D Sent: Tuesday, February 04, 2020 9:26 AM To: Yao, Jiewen ; devel@edk2.groups.io; Kinney, Micha= el D ; Sukerkar, Amol N Cc: Wang, Jian J Subject: RE: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Ha= sh Calculation API Jiewen, I think UINT8 is fine. We can change default to 0x04 in DEC file. I will let Amol comment on why MD4 and MD5 are included. If they are not r= equired, then I agree they should be removed. I do not see a reason to align with TCG spec. The HashApiLib is a layer on= top of BaseCryptLib and the use of hash algorithms is not limited to TCG r= elated content. The BaseCryptLib could potentially adopt hash algorithms t= hat are not defined in the TCG specification. We also do not want CryptoPk= g to depend on the SecurityPkg. Thanks, Mike > -----Original Message----- > From: Yao, Jiewen > Sent: Monday, February 3, 2020 6:54 PM > To: Kinney, Michael D ;=20 > devel@edk2.groups.io > Cc: Sukerkar, Amol N ; Wang, Jian J=20 > > Subject: RE: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: > Implement Unified Hash Calculation API >=20 > Thanks Mike, to cover us during Chinese New Year holiday. >=20 > I am just back from vocation. A minor comment: >=20 > The PcdHashApiLibPolicy is UINT8, but the value is shown as 32bit=20 > 0x00000004. >=20 > There are couple of ways to enhance: > 1) Define UINT8, and use 8bit style 0x04. > 2) Define UINT32, and use 32bit style 0x00000004. > 3) Define UINT16 (match TCG definition), and use TCG defined value.=20 > (Tpm20.h) > #define TPM_ALG_SHA1 (TPM_ALG_ID)(0x0004) > #define TPM_ALG_SHA256 (TPM_ALG_ID)(0x000B) > #define TPM_ALG_SHA384 (TPM_ALG_ID)(0x000C) > #define TPM_ALG_SHA512 (TPM_ALG_ID)(0x000D) > #define TPM_ALG_SM3_256 (TPM_ALG_ID)(0x0012) >=20 > MD4 and MD5 are known as insecure and deprecated. I doubt if we want=20 > to add such support. (I strong recommend NO). >=20 > If we can remove MD4 and MD5, I think we can use #3. >=20 > Thank you > Yao Jiewen >=20 > > -----Original Message----- > > From: Kinney, Michael D > > Sent: Tuesday, February 4, 2020 7:36 AM > > To: devel@edk2.groups.io > > Cc: Sukerkar, Amol N ; > Yao, Jiewen > > ; Wang, Jian J > > > Subject: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: > Implement Unified Hash > > Calculation API > > > > From: Amol N Sukerkar > > > > https://bugzilla.tianocore.org/show_bug.cgi?id=3D2151 > > > > This commit introduces a Unified Hash API to > calculate hash using a > > hashing algorithm specified by the PCD, > PcdHashApiLibPolicy. This library > > interfaces with the various hashing API, such as, > MD4, MD5, SHA1, SHA256, > > SHA512 and SM3_256 implemented in BaseCryptLib. The > user can calculate > > the desired hash by setting PcdHashApiLibPolicy to > appropriate value. > > > > This feature is documented in the Bugzilla,=20 > > https://bugzilla.tianocore.org/show_bug.cgi?id=3D2151. > > > > Cc: Jiewen Yao > > Cc: Jian J Wang > > Cc: Michael D Kinney > > Signed-off-by: Amol N Sukerkar > > > Reviewed-by: Michael D Kinney > > > --- > > CryptoPkg/CryptoPkg.dec | 20 > ++ > > CryptoPkg/CryptoPkg.dsc | 4 > +- > > CryptoPkg/CryptoPkg.uni | 18 > +- > > CryptoPkg/Include/Library/HashApiLib.h | 122 > +++++++ > > .../Library/BaseHashApiLib/BaseHashApiLib.c | 330 > ++++++++++++++++++ > > .../Library/BaseHashApiLib/BaseHashApiLib.inf | 44 > +++ > > .../Library/BaseHashApiLib/BaseHashApiLib.uni | 17 > + > > 7 files changed, 553 insertions(+), 2 deletions(-) create mode > > 100644 > CryptoPkg/Include/Library/HashApiLib.h > > create mode 100644 > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > create mode 100644 > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > create mode 100644 > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni > > > > diff --git a/CryptoPkg/CryptoPkg.dec > b/CryptoPkg/CryptoPkg.dec > > index 41af6e879e..8ad0fb5d61 100644 > > --- a/CryptoPkg/CryptoPkg.dec > > +++ b/CryptoPkg/CryptoPkg.dec > > @@ -33,9 +33,29 @@ [LibraryClasses] > > ## > > TlsLib|Include/Library/TlsLib.h > > > > + ## @libraryclass Provides Unified API for > different hash implementations. > > + # > > + HashApiLib|Include/Library/HashApiLib.h > > + > > [Guids] > > ## Crypto package token space guid. > > gEfiCryptoPkgTokenSpaceGuid =3D { 0x6bd7de60, > 0x9ef7, 0x4899, { 0x97, > > 0xd0, 0xab, 0xff, 0xfd, 0xe9, 0x70, 0xf2 } } > > > > +[PcdsFixedAtBuild, PcdsPatchableInModule, > PcdsDynamic, PcdsDynamicEx] > > + ## This PCD indicates the HASH algorithm to > calculate hash of data > > + # Based on the value set, the required algorithm > is chosen to calculate > > + # the hash of data.
> > + # The default hashing algorithm for > BaseHashApiLib is set to SHA256.
> > + # 0x00000001 - MD4.
> > + # 0x00000002 - MD5.
> > + # 0x00000003 - SHA1.
> > + # 0x00000004 - SHA256.
> > + # 0x00000005 - SHA384.
> > + # 0x00000006 - SHA512.
> > + # 0x00000007 - SM3_256.
> > + # @Prompt Set policy for hashing unsigned image > for Secure Boot. > > + # @ValidRange 0x80000001 | 0x00000001 - 0x00000007 > > + > > > gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x04|UI > NT8|0x00000001 > > + > > [UserExtensions.TianoCore."ExtraFiles"] > > CryptoPkgExtra.uni > > diff --git a/CryptoPkg/CryptoPkg.dsc > b/CryptoPkg/CryptoPkg.dsc > > index ec43c1f0a4..9656a73b3c 100644 > > --- a/CryptoPkg/CryptoPkg.dsc > > +++ b/CryptoPkg/CryptoPkg.dsc > > @@ -1,7 +1,7 @@ > > ## @file > > # Cryptographic Library Package for UEFI Security > Implementation. > > # > > -# Copyright (c) 2009 - 2018, Intel Corporation. All > rights reserved.
> > +# Copyright (c) 2009 - 2020, Intel Corporation. All > rights reserved.
> > # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -44,6 > > +44,7 @@ [LibraryClasses] > > > > > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLi > b.inf > > > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > > + > HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApi > Lib.inf > > > > [LibraryClasses.ARM, LibraryClasses.AARCH64] > > # > > @@ -120,6 +121,7 @@ [Components] > > CryptoPkg/Library/TlsLibNull/TlsLibNull.inf > > CryptoPkg/Library/OpensslLib/OpensslLib.inf > > CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf > > + > CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > > > [Components.IA32, Components.X64] > > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > > diff --git a/CryptoPkg/CryptoPkg.uni > b/CryptoPkg/CryptoPkg.uni > > index beb0036ef5..0dae4c4045 100644 > > --- a/CryptoPkg/CryptoPkg.uni > > +++ b/CryptoPkg/CryptoPkg.uni > > @@ -4,7 +4,7 @@ > > // This Package provides cryptographic-related > libraries for UEFI security > > modules. > > // It also provides a test application to test > libraries. > > // > > -// Copyright (c) 2009 - 2018, Intel Corporation. All > rights reserved.
> > +// Copyright (c) 2009 - 2020, Intel Corporation. All > rights reserved.
> > // > > // SPDX-License-Identifier: BSD-2-Clause-Patent // @@ -17,3 +17,19=20 > > @@ > > > > > > > > +#string > STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_PRO > MPT > > #language en-US "HASH algorithm to calculate hash" > > + > > +#string > STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_HEL > P > > #language en-US "This PCD indicates the HASH > algorithm to calculate hash of > > data.

\n" > > + > "Based on the value set, the > > required algorithm is chosen to calculate\n" > > + > "the hash of data.
\n" > > + > "The default hashing algorithm > > for BaseHashApiLib is set to SHA256.
\n" > > + > "0x00000001 - MD4.
\n" > > + > "0x00000002 - MD5.
\n" > > + > "0x00000003 - SHA1.
\n" > > + > "0x00000004 - > > SHA256.
\n" > > + > "0x00000005 - > > SHA384.
\n" > > + > "0x00000006 - > > SHA512.
\n" > > + > "0x00000007 - SM3.
" > > + > > + > > + > > diff --git a/CryptoPkg/Include/Library/HashApiLib.h > > b/CryptoPkg/Include/Library/HashApiLib.h > > new file mode 100644 > > index 0000000000..22068e5a17 > > --- /dev/null > > +++ b/CryptoPkg/Include/Library/HashApiLib.h > > @@ -0,0 +1,122 @@ > > +/** @file > > + Unified Hash API Defines > > + > > + This API when called will calculate the Hash using > the > > + hashing algorithm specified by > PcdHashApiLibPolicy. > > + > > + Copyright (c) 2020, Intel Corporation. All rights > reserved.
> > + SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > + > > +#ifndef __BASEHASHAPILIB_H_ > > +#define __BASEHASHAPILIB_H_ > > + > > +typedef VOID *HASH_API_CONTEXT; > > + > > +// > > +// Hash Algorithms > > +// > > +#define HASH_API_ALGO_INVALID 0x00000000 > > +#define HASH_API_ALGO_MD4 0x00000001 > > +#define HASH_API_ALGO_MD5 0x00000002 > > +#define HASH_API_ALGO_SHA1 0x00000003 > > +#define HASH_API_ALGO_SHA256 0x00000004 > > +#define HASH_API_ALGO_SHA384 0x00000005 > > +#define HASH_API_ALGO_SHA512 0x00000006 > > +#define HASH_API_ALGO_SM3_256 0x00000007 > > + > > +/** > > + Retrieves the size, in bytes, of the context > buffer required for hash operations. > > + > > + @return The size, in bytes, of the context buffer > required for hash operations. > > +**/ > > +UINTN > > +EFIAPI > > +HashApiGetContextSize ( > > + VOID > > + ); > > + > > +/** > > + Init hash sequence. > > + > > + @param[out] HashContext Hash context. > > + > > + @retval TRUE Hash start and HashHandle > returned. > > + @retval FALSE Hash Init unsuccessful. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiInit ( > > + OUT HASH_API_CONTEXT HashContext > > + ); > > + > > +/** > > + Makes a copy of an existing hash context. > > + > > + @param[in] HashContext Hash context. > > + @param[out] NewHashContext New copy of hash > context. > > + > > + @retval TRUE Hash context copy succeeded. > > + @retval FALSE Hash context copy failed. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiDuplicate ( > > + IN HASH_API_CONTEXT HashContext, > > + OUT HASH_API_CONTEXT NewHashContext > > + ); > > + > > +/** > > + Update hash data. > > + > > + @param[in] HashContext Hash context. > > + @param[in] DataToHash Data to be hashed. > > + @param[in] DataToHashLen Data size. > > + > > + @retval TRUE Hash updated. > > + @retval FALSE Hash updated unsuccessful. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiUpdate ( > > + IN HASH_API_CONTEXT HashContext, > > + IN VOID *DataToHash, > > + IN UINTN DataToHashLen > > + ); > > + > > +/** > > + Hash complete. > > + > > + @param[in] HashContext Hash context. > > + @param[out] Digest Hash Digest. > > + > > + @retval TRUE Hash complete and Digest is > returned. > > + @retval FALSE Hash complete unsuccessful. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiFinal ( > > + IN HASH_API_CONTEXT HashContext, > > + OUT UINT8 *Digest > > + ); > > + > > +/** > > + Computes hash message digest of a input data > buffer. > > + > > + @param[in] DataToHash Data to be hashed. > > + @param[in] DataToHashLen Data size. > > + @param[out] Digest Hash Digest. > > + > > + @retval TRUE Hash digest computation succeeded. > > + @retval FALSE Hash digest computation failed. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiHashAll ( > > + IN CONST VOID *DataToHash, > > + IN UINTN DataToHashLen, > > + OUT UINT8 *Digest > > + ); > > + > > +#endif > > diff --git > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > new file mode 100644 > > index 0000000000..277ef9f0b4 > > --- /dev/null > > +++ > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c > > @@ -0,0 +1,330 @@ > > +/** @file > > + Unified Hash API Implementation > > + > > + This file implements the Unified Hash API. > > + > > + This API, when called, will calculate the Hash > using the > > + hashing algorithm specified by > PcdHashApiLibPolicy. > > + > > + Copyright (c) 2020, Intel Corporation. All rights > reserved.
> > + SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > + > > +#include > > +#include > > +#include > > +#include #include=20 > > + #include #include=20 > > + #include > > + > > +/** > > + Retrieves the size, in bytes, of the context > buffer required for hash operations. > > + > > + @return The size, in bytes, of the context buffer > required for hash operations. > > +**/ > > +UINTN > > +EFIAPI > > +HashApiGetContextSize ( > > + VOID > > + ) > > +{ > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > + case HASH_API_ALGO_MD4: > > + return Md4GetContextSize (); > > + break; > > + > > + case HASH_API_ALGO_MD5: > > + return Md5GetContextSize (); > > + break; > > + > > + case HASH_API_ALGO_SHA1: > > + return Sha1GetContextSize (); > > + break; > > + > > + case HASH_API_ALGO_SHA256: > > + return Sha256GetContextSize (); > > + break; > > + > > + case HASH_API_ALGO_SHA384: > > + return Sha384GetContextSize (); > > + break; > > + > > + case HASH_API_ALGO_SHA512: > > + return Sha512GetContextSize (); > > + break; > > + > > + case HASH_API_ALGO_SM3_256: > > + return Sm3GetContextSize (); > > + break; > > + > > + default: > > + ASSERT (FALSE); > > + return 0; > > + break; > > + } > > +} > > + > > +/** > > + Init hash sequence. > > + > > + @param[out] HashContext Hash context. > > + > > + @retval TRUE Hash start and HashHandle > returned. > > + @retval FALSE Hash Init unsuccessful. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiInit ( > > + OUT HASH_API_CONTEXT HashContext > > + ) > > +{ > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > + case HASH_API_ALGO_MD4: > > + return Md4Init (HashContext); > > + break; > > + > > + case HASH_API_ALGO_MD5: > > + return Md5Init (HashContext); > > + break; > > + > > + case HASH_API_ALGO_SHA1: > > + return Sha1Init (HashContext); > > + break; > > + > > + case HASH_API_ALGO_SHA256: > > + return Sha256Init (HashContext); > > + break; > > + > > + case HASH_API_ALGO_SHA384: > > + return Sha384Init (HashContext); > > + break; > > + > > + case HASH_API_ALGO_SHA512: > > + return Sha512Init (HashContext); > > + break; > > + > > + case HASH_API_ALGO_SM3_256: > > + return Sm3Init (HashContext); > > + break; > > + > > + default: > > + ASSERT (FALSE); > > + return FALSE; > > + break; > > + } > > +} > > + > > +/** > > + Makes a copy of an existing hash context. > > + > > + @param[in] HashContext Hash context. > > + @param[out] NewHashContext New copy of hash > context. > > + > > + @retval TRUE Hash context copy succeeded. > > + @retval FALSE Hash context copy failed. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiDuplicate ( > > + IN HASH_API_CONTEXT HashContext, > > + OUT HASH_API_CONTEXT NewHashContext > > + ) > > +{ > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > + case HASH_API_ALGO_MD4: > > + return Md4Duplicate (HashContext, > NewHashContext); > > + break; > > + > > + case HASH_API_ALGO_MD5: > > + return Md5Duplicate (HashContext, > NewHashContext); > > + break; > > + > > + case HASH_API_ALGO_SHA1: > > + return Sha1Duplicate (HashContext, > NewHashContext); > > + break; > > + > > + case HASH_API_ALGO_SHA256: > > + return Sha256Duplicate (HashContext, > NewHashContext); > > + break; > > + > > + case HASH_API_ALGO_SHA384: > > + return Sha384Duplicate (HashContext, > NewHashContext); > > + break; > > + > > + case HASH_API_ALGO_SHA512: > > + return Sha512Duplicate (HashContext, > NewHashContext); > > + break; > > + > > + case HASH_API_ALGO_SM3_256: > > + return Sm3Duplicate (HashContext, > NewHashContext); > > + break; > > + > > + default: > > + ASSERT (FALSE); > > + return FALSE; > > + break; > > + } > > +} > > + > > +/** > > + Update hash data. > > + > > + @param[in] HashContext Hash context. > > + @param[in] DataToHash Data to be hashed. > > + @param[in] DataToHashLen Data size. > > + > > + @retval TRUE Hash updated. > > + @retval FALSE Hash updated unsuccessful. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiUpdate ( > > + IN HASH_API_CONTEXT HashContext, > > + IN VOID *DataToHash, > > + IN UINTN DataToHashLen > > + ) > > +{ > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > + case HASH_API_ALGO_MD4: > > + return Md4Update (HashContext, DataToHash, > DataToHashLen); > > + break; > > + > > + case HASH_API_ALGO_MD5: > > + return Md5Update (HashContext, DataToHash, > DataToHashLen); > > + break; > > + > > + case HASH_API_ALGO_SHA1: > > + return Sha1Update (HashContext, DataToHash, > DataToHashLen); > > + break; > > + > > + case HASH_API_ALGO_SHA256: > > + return Sha256Update (HashContext, DataToHash, > DataToHashLen); > > + break; > > + > > + case HASH_API_ALGO_SHA384: > > + return Sha384Update (HashContext, DataToHash, > DataToHashLen); > > + break; > > + > > + case HASH_API_ALGO_SHA512: > > + return Sha512Update (HashContext, DataToHash, > DataToHashLen); > > + break; > > + > > + case HASH_API_ALGO_SM3_256: > > + return Sm3Update (HashContext, DataToHash, > DataToHashLen); > > + break; > > + > > + default: > > + ASSERT (FALSE); > > + return FALSE; > > + break; > > + } > > +} > > + > > +/** > > + Hash complete. > > + > > + @param[in] HashContext Hash context. > > + @param[out] Digest Hash Digest. > > + > > + @retval TRUE Hash complete and Digest is > returned. > > + @retval FALSE Hash complete unsuccessful. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiFinal ( > > + IN HASH_API_CONTEXT HashContext, > > + OUT UINT8 *Digest > > + ) > > +{ > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > + case HASH_API_ALGO_MD4: > > + return Md4Final (HashContext, Digest); > > + break; > > + > > + case HASH_API_ALGO_MD5: > > + return Md5Final (HashContext, Digest); > > + break; > > + > > + case HASH_API_ALGO_SHA1: > > + return Sha1Final (HashContext, Digest); > > + break; > > + > > + case HASH_API_ALGO_SHA256: > > + return Sha256Final (HashContext, Digest); > > + break; > > + > > + case HASH_API_ALGO_SHA384: > > + return Sha384Final (HashContext, Digest); > > + break; > > + > > + case HASH_API_ALGO_SHA512: > > + return Sha512Final (HashContext, Digest); > > + break; > > + > > + case HASH_API_ALGO_SM3_256: > > + return Sm3Final (HashContext, Digest); > > + break; > > + > > + default: > > + ASSERT (FALSE); > > + return FALSE; > > + break; > > + } > > +} > > + > > +/** > > + Computes hash message digest of a input data > buffer. > > + > > + @param[in] DataToHash Data to be hashed. > > + @param[in] DataToHashLen Data size. > > + @param[out] Digest Hash Digest. > > + > > + @retval TRUE Hash digest computation succeeded. > > + @retval FALSE Hash digest computation failed. > > +**/ > > +BOOLEAN > > +EFIAPI > > +HashApiHashAll ( > > + IN CONST VOID *DataToHash, > > + IN UINTN DataToHashLen, > > + OUT UINT8 *Digest > > + ) > > +{ > > + switch (PcdGet8 (PcdHashApiLibPolicy)) { > > + case HASH_API_ALGO_MD4: > > + return Md4HashAll (DataToHash, DataToHashLen, > Digest); > > + break; > > + > > + case HASH_API_ALGO_MD5: > > + return Md5HashAll (DataToHash, DataToHashLen, > Digest); > > + break; > > + > > + case HASH_API_ALGO_SHA1: > > + return Sha1HashAll (DataToHash, DataToHashLen, > Digest); > > + break; > > + > > + case HASH_API_ALGO_SHA256: > > + return Sha256HashAll (DataToHash, > DataToHashLen, Digest); > > + break; > > + > > + case HASH_API_ALGO_SHA384: > > + return Sha384HashAll (DataToHash, > DataToHashLen, Digest); > > + break; > > + > > + case HASH_API_ALGO_SHA512: > > + return Sha512HashAll (DataToHash, > DataToHashLen, Digest); > > + break; > > + > > + case HASH_API_ALGO_SM3_256: > > + return Sm3HashAll (DataToHash, DataToHashLen, > Digest); > > + break; > > + > > + default: > > + ASSERT (FALSE); > > + return FALSE; > > + break; > > + } > > +} > > diff --git > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > new file mode 100644 > > index 0000000000..b4d8675ddd > > --- /dev/null > > +++ > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf > > @@ -0,0 +1,44 @@ > > +## @file > > +# Provides Unified API for Hash Calculation # # This library is=20 > > +BaseHashApiLib. It will redirect > hash request to > > +# each individual hash API, such as SHA1, SHA256, > SHA384, SM3 based > > +# on hashing algorithm specified by > PcdHashApiLibPolicy. > > +# > > +# Copyright (c) 2020, Intel Corporation. All rights > reserved.
> > +# SPDX-License-Identifier: BSD-2-Clause-Patent # ## > > + > > +[Defines] > > + INF_VERSION =3D 0x00010005 > > + BASE_NAME =3D BaseHashApiLib > > + MODULE_UNI_FILE =3D > BaseHashApiLib.uni > > + FILE_GUID =3D B1E566DD-DE7C- > 4F04-BDA0-B1295D3BE927 > > + MODULE_TYPE =3D BASE > > + VERSION_STRING =3D 1.0 > > + LIBRARY_CLASS =3D BaseHashApiLib > > + > > +# > > +# The following information is for reference only > and not required by the build > > tools. > > +# > > +# VALID_ARCHITECTURES =3D IA32 X64 > > +# > > + > > +[Sources] > > + BaseHashApiLib.c > > + > > +[Packages] > > + MdePkg/MdePkg.dec > > + CryptoPkg/CryptoPkg.dec > > + > > +[LibraryClasses] > > + BaseLib > > + BaseMemoryLib > > + DebugLib > > + MemoryAllocationLib > > + BaseCryptLib > > + PcdLib > > + > > +[Pcd] > > + gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy > ## CONSUMES > > diff --git > a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni > > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni > > new file mode 100644 > > index 0000000000..49ba82e86f > > --- /dev/null > > +++ > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni > > @@ -0,0 +1,17 @@ > > +// /** @file > > +// Provides Unified API for Hash Calculation // // This library is=20 > > +BaseHashApiLib. It will redirect > hash request to > > +// each individual hash API, such as SHA1, SHA256, > SHA384, SM3 based > > +// on hashing algorithm specified by > PcdHashApiLibPolicy. > > +// > > +// Copyright (c) 2020, Intel Corporation. All rights > reserved.
> > +// > > +// SPDX-License-Identifier: BSD-2-Clause-Patent // // **/ > > + > > + > > +#string STR_MODULE_ABSTRACT #language > en-US "Provides hash > > service by specified hash handler" > > + > > +#string STR_MODULE_DESCRIPTION #language > en-US "This library is > > Unified Hash API. It will redirect hash request to > the hash handler specified by > > PcdHashApiLibPolicy." > > -- > > 2.21.0.windows.1