[edk2-devel] [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API
Sukerkar, Amol N
amol.n.sukerkar at intel.com
Tue Feb 4 17:10:20 UTC 2020
Hi Jiewen and Mike,
I agree with general statement that MD4 and MD5 are deprecated. However, Although not MD4, UEFI spec 2.8 still mentions MD5 (and does not mention that it is deprecated). That is the reason MD4 and MD5 were included.
If there is going to be an update to UEFI spec deprecating MD5 as well, we can definitely go ahead and remove MD5 (and MD4). I believe the decision is should we wait until the change to UEFI spec or make the change right now. Let me know which approach we should be following.
Thanks,
Amol
-----Original Message-----
From: Kinney, Michael D <michael.d.kinney at intel.com>
Sent: Tuesday, February 04, 2020 9:26 AM
To: Yao, Jiewen <jiewen.yao at intel.com>; devel at edk2.groups.io; Kinney, Michael D <michael.d.kinney at intel.com>; Sukerkar, Amol N <amol.n.sukerkar at intel.com>
Cc: Wang, Jian J <jian.j.wang at intel.com>
Subject: RE: [Patch v10 2/2] CryptoPkg/BaseHashApiLib: Implement Unified Hash Calculation API
Jiewen,
I think UINT8 is fine. We can change default to 0x04 in DEC file.
I will let Amol comment on why MD4 and MD5 are included. If they are not required, then I agree they should be removed.
I do not see a reason to align with TCG spec. The HashApiLib is a layer on top of BaseCryptLib and the use of hash algorithms is not limited to TCG related content. The BaseCryptLib could potentially adopt hash algorithms that are not defined in the TCG specification. We also do not want CryptoPkg to depend on the SecurityPkg.
Thanks,
Mike
> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao at intel.com>
> Sent: Monday, February 3, 2020 6:54 PM
> To: Kinney, Michael D <michael.d.kinney at intel.com>;
> devel at edk2.groups.io
> Cc: Sukerkar, Amol N <amol.n.sukerkar at intel.com>; Wang, Jian J
> <jian.j.wang at intel.com>
> Subject: RE: [Patch v10 2/2] CryptoPkg/BaseHashApiLib:
> Implement Unified Hash Calculation API
>
> Thanks Mike, to cover us during Chinese New Year holiday.
>
> I am just back from vocation. A minor comment:
>
> The PcdHashApiLibPolicy is UINT8, but the value is shown as 32bit
> 0x00000004.
>
> There are couple of ways to enhance:
> 1) Define UINT8, and use 8bit style 0x04.
> 2) Define UINT32, and use 32bit style 0x00000004.
> 3) Define UINT16 (match TCG definition), and use TCG defined value.
> (Tpm20.h)
> #define TPM_ALG_SHA1 (TPM_ALG_ID)(0x0004)
> #define TPM_ALG_SHA256 (TPM_ALG_ID)(0x000B)
> #define TPM_ALG_SHA384 (TPM_ALG_ID)(0x000C)
> #define TPM_ALG_SHA512 (TPM_ALG_ID)(0x000D)
> #define TPM_ALG_SM3_256 (TPM_ALG_ID)(0x0012)
>
> MD4 and MD5 are known as insecure and deprecated. I doubt if we want
> to add such support. (I strong recommend NO).
>
> If we can remove MD4 and MD5, I think we can use #3.
>
> Thank you
> Yao Jiewen
>
> > -----Original Message-----
> > From: Kinney, Michael D <michael.d.kinney at intel.com>
> > Sent: Tuesday, February 4, 2020 7:36 AM
> > To: devel at edk2.groups.io
> > Cc: Sukerkar, Amol N <amol.n.sukerkar at intel.com>;
> Yao, Jiewen
> > <jiewen.yao at intel.com>; Wang, Jian J
> <jian.j.wang at intel.com>
> > Subject: [Patch v10 2/2] CryptoPkg/BaseHashApiLib:
> Implement Unified Hash
> > Calculation API
> >
> > From: Amol N Sukerkar <amol.n.sukerkar at intel.com>
> >
> > https://bugzilla.tianocore.org/show_bug.cgi?id=2151
> >
> > This commit introduces a Unified Hash API to
> calculate hash using a
> > hashing algorithm specified by the PCD,
> PcdHashApiLibPolicy. This library
> > interfaces with the various hashing API, such as,
> MD4, MD5, SHA1, SHA256,
> > SHA512 and SM3_256 implemented in BaseCryptLib. The
> user can calculate
> > the desired hash by setting PcdHashApiLibPolicy to
> appropriate value.
> >
> > This feature is documented in the Bugzilla,
> > https://bugzilla.tianocore.org/show_bug.cgi?id=2151.
> >
> > Cc: Jiewen Yao <jiewen.yao at intel.com>
> > Cc: Jian J Wang <jian.j.wang at intel.com>
> > Cc: Michael D Kinney <michael.d.kinney at intel.com>
> > Signed-off-by: Amol N Sukerkar
> <amol.n.sukerkar at intel.com>
> > Reviewed-by: Michael D Kinney
> <michael.d.kinney at intel.com>
> > ---
> > CryptoPkg/CryptoPkg.dec | 20
> ++
> > CryptoPkg/CryptoPkg.dsc | 4
> +-
> > CryptoPkg/CryptoPkg.uni | 18
> +-
> > CryptoPkg/Include/Library/HashApiLib.h | 122
> +++++++
> > .../Library/BaseHashApiLib/BaseHashApiLib.c | 330
> ++++++++++++++++++
> > .../Library/BaseHashApiLib/BaseHashApiLib.inf | 44
> +++
> > .../Library/BaseHashApiLib/BaseHashApiLib.uni | 17
> +
> > 7 files changed, 553 insertions(+), 2 deletions(-) create mode
> > 100644
> CryptoPkg/Include/Library/HashApiLib.h
> > create mode 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > create mode 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > create mode 100644
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> >
> > diff --git a/CryptoPkg/CryptoPkg.dec
> b/CryptoPkg/CryptoPkg.dec
> > index 41af6e879e..8ad0fb5d61 100644
> > --- a/CryptoPkg/CryptoPkg.dec
> > +++ b/CryptoPkg/CryptoPkg.dec
> > @@ -33,9 +33,29 @@ [LibraryClasses]
> > ##
> > TlsLib|Include/Library/TlsLib.h
> >
> > + ## @libraryclass Provides Unified API for
> different hash implementations.
> > + #
> > + HashApiLib|Include/Library/HashApiLib.h
> > +
> > [Guids]
> > ## Crypto package token space guid.
> > gEfiCryptoPkgTokenSpaceGuid = { 0x6bd7de60,
> 0x9ef7, 0x4899, { 0x97,
> > 0xd0, 0xab, 0xff, 0xfd, 0xe9, 0x70, 0xf2 } }
> >
> > +[PcdsFixedAtBuild, PcdsPatchableInModule,
> PcdsDynamic, PcdsDynamicEx]
> > + ## This PCD indicates the HASH algorithm to
> calculate hash of data
> > + # Based on the value set, the required algorithm
> is chosen to calculate
> > + # the hash of data.<BR>
> > + # The default hashing algorithm for
> BaseHashApiLib is set to SHA256.<BR>
> > + # 0x00000001 - MD4.<BR>
> > + # 0x00000002 - MD5.<BR>
> > + # 0x00000003 - SHA1.<BR>
> > + # 0x00000004 - SHA256.<BR>
> > + # 0x00000005 - SHA384.<BR>
> > + # 0x00000006 - SHA512.<BR>
> > + # 0x00000007 - SM3_256.<BR>
> > + # @Prompt Set policy for hashing unsigned image
> for Secure Boot.
> > + # @ValidRange 0x80000001 | 0x00000001 - 0x00000007
> > +
> >
> gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy|0x04|UI
> NT8|0x00000001
> > +
> > [UserExtensions.TianoCore."ExtraFiles"]
> > CryptoPkgExtra.uni
> > diff --git a/CryptoPkg/CryptoPkg.dsc
> b/CryptoPkg/CryptoPkg.dsc
> > index ec43c1f0a4..9656a73b3c 100644
> > --- a/CryptoPkg/CryptoPkg.dsc
> > +++ b/CryptoPkg/CryptoPkg.dsc
> > @@ -1,7 +1,7 @@
> > ## @file
> > # Cryptographic Library Package for UEFI Security
> Implementation.
> > #
> > -# Copyright (c) 2009 - 2018, Intel Corporation. All
> rights reserved.<BR>
> > +# Copyright (c) 2009 - 2020, Intel Corporation. All
> rights reserved.<BR>
> > # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -44,6
> > +44,7 @@ [LibraryClasses]
> >
> >
> IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLi
> b.inf
> >
> OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > +
> HashApiLib|CryptoPkg/Library/BaseHashApiLib/BaseHashApi
> Lib.inf
> >
> > [LibraryClasses.ARM, LibraryClasses.AARCH64]
> > #
> > @@ -120,6 +121,7 @@ [Components]
> > CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
> > CryptoPkg/Library/OpensslLib/OpensslLib.inf
> > CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
> > +
> CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> >
> > [Components.IA32, Components.X64]
> > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
> > diff --git a/CryptoPkg/CryptoPkg.uni
> b/CryptoPkg/CryptoPkg.uni
> > index beb0036ef5..0dae4c4045 100644
> > --- a/CryptoPkg/CryptoPkg.uni
> > +++ b/CryptoPkg/CryptoPkg.uni
> > @@ -4,7 +4,7 @@
> > // This Package provides cryptographic-related
> libraries for UEFI security
> > modules.
> > // It also provides a test application to test
> libraries.
> > //
> > -// Copyright (c) 2009 - 2018, Intel Corporation. All
> rights reserved.<BR>
> > +// Copyright (c) 2009 - 2020, Intel Corporation. All
> rights reserved.<BR>
> > //
> > // SPDX-License-Identifier: BSD-2-Clause-Patent // @@ -17,3 +17,19
> > @@
> >
> >
> >
> > +#string
> STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_PRO
> MPT
> > #language en-US "HASH algorithm to calculate hash"
> > +
> > +#string
> STR_gEfiCryptoPkgTokenSpaceGuid_PcdHashApiLibPolicy_HEL
> P
> > #language en-US "This PCD indicates the HASH
> algorithm to calculate hash of
> > data.<BR><BR>\n"
> > +
> "Based on the value set, the
> > required algorithm is chosen to calculate\n"
> > +
> "the hash of data.<BR>\n"
> > +
> "The default hashing algorithm
> > for BaseHashApiLib is set to SHA256.<BR>\n"
> > +
> "0x00000001 - MD4.<BR>\n"
> > +
> "0x00000002 - MD5.<BR>\n"
> > +
> "0x00000003 - SHA1.<BR>\n"
> > +
> "0x00000004 -
> > SHA256.<BR>\n"
> > +
> "0x00000005 -
> > SHA384.<BR>\n"
> > +
> "0x00000006 -
> > SHA512.<BR>\n"
> > +
> "0x00000007 - SM3.<BR>"
> > +
> > +
> > +
> > diff --git a/CryptoPkg/Include/Library/HashApiLib.h
> > b/CryptoPkg/Include/Library/HashApiLib.h
> > new file mode 100644
> > index 0000000000..22068e5a17
> > --- /dev/null
> > +++ b/CryptoPkg/Include/Library/HashApiLib.h
> > @@ -0,0 +1,122 @@
> > +/** @file
> > + Unified Hash API Defines
> > +
> > + This API when called will calculate the Hash using
> the
> > + hashing algorithm specified by
> PcdHashApiLibPolicy.
> > +
> > + Copyright (c) 2020, Intel Corporation. All rights
> reserved.<BR>
> > + SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#ifndef __BASEHASHAPILIB_H_
> > +#define __BASEHASHAPILIB_H_
> > +
> > +typedef VOID *HASH_API_CONTEXT;
> > +
> > +//
> > +// Hash Algorithms
> > +//
> > +#define HASH_API_ALGO_INVALID 0x00000000
> > +#define HASH_API_ALGO_MD4 0x00000001
> > +#define HASH_API_ALGO_MD5 0x00000002
> > +#define HASH_API_ALGO_SHA1 0x00000003
> > +#define HASH_API_ALGO_SHA256 0x00000004
> > +#define HASH_API_ALGO_SHA384 0x00000005
> > +#define HASH_API_ALGO_SHA512 0x00000006
> > +#define HASH_API_ALGO_SM3_256 0x00000007
> > +
> > +/**
> > + Retrieves the size, in bytes, of the context
> buffer required for hash operations.
> > +
> > + @return The size, in bytes, of the context buffer
> required for hash operations.
> > +**/
> > +UINTN
> > +EFIAPI
> > +HashApiGetContextSize (
> > + VOID
> > + );
> > +
> > +/**
> > + Init hash sequence.
> > +
> > + @param[out] HashContext Hash context.
> > +
> > + @retval TRUE Hash start and HashHandle
> returned.
> > + @retval FALSE Hash Init unsuccessful.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiInit (
> > + OUT HASH_API_CONTEXT HashContext
> > + );
> > +
> > +/**
> > + Makes a copy of an existing hash context.
> > +
> > + @param[in] HashContext Hash context.
> > + @param[out] NewHashContext New copy of hash
> context.
> > +
> > + @retval TRUE Hash context copy succeeded.
> > + @retval FALSE Hash context copy failed.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiDuplicate (
> > + IN HASH_API_CONTEXT HashContext,
> > + OUT HASH_API_CONTEXT NewHashContext
> > + );
> > +
> > +/**
> > + Update hash data.
> > +
> > + @param[in] HashContext Hash context.
> > + @param[in] DataToHash Data to be hashed.
> > + @param[in] DataToHashLen Data size.
> > +
> > + @retval TRUE Hash updated.
> > + @retval FALSE Hash updated unsuccessful.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiUpdate (
> > + IN HASH_API_CONTEXT HashContext,
> > + IN VOID *DataToHash,
> > + IN UINTN DataToHashLen
> > + );
> > +
> > +/**
> > + Hash complete.
> > +
> > + @param[in] HashContext Hash context.
> > + @param[out] Digest Hash Digest.
> > +
> > + @retval TRUE Hash complete and Digest is
> returned.
> > + @retval FALSE Hash complete unsuccessful.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiFinal (
> > + IN HASH_API_CONTEXT HashContext,
> > + OUT UINT8 *Digest
> > + );
> > +
> > +/**
> > + Computes hash message digest of a input data
> buffer.
> > +
> > + @param[in] DataToHash Data to be hashed.
> > + @param[in] DataToHashLen Data size.
> > + @param[out] Digest Hash Digest.
> > +
> > + @retval TRUE Hash digest computation succeeded.
> > + @retval FALSE Hash digest computation failed.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiHashAll (
> > + IN CONST VOID *DataToHash,
> > + IN UINTN DataToHashLen,
> > + OUT UINT8 *Digest
> > + );
> > +
> > +#endif
> > diff --git
> a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > new file mode 100644
> > index 0000000000..277ef9f0b4
> > --- /dev/null
> > +++
> b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.c
> > @@ -0,0 +1,330 @@
> > +/** @file
> > + Unified Hash API Implementation
> > +
> > + This file implements the Unified Hash API.
> > +
> > + This API, when called, will calculate the Hash
> using the
> > + hashing algorithm specified by
> PcdHashApiLibPolicy.
> > +
> > + Copyright (c) 2020, Intel Corporation. All rights
> reserved.<BR>
> > + SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#include <Base.h>
> > +#include <Library/BaseLib.h>
> > +#include <Library/BaseMemoryLib.h>
> > +#include <Library/MemoryAllocationLib.h> #include
> > +<Library/BaseCryptLib.h> #include <Library/DebugLib.h> #include
> > +<Library/PcdLib.h> #include <Library/HashApiLib.h>
> > +
> > +/**
> > + Retrieves the size, in bytes, of the context
> buffer required for hash operations.
> > +
> > + @return The size, in bytes, of the context buffer
> required for hash operations.
> > +**/
> > +UINTN
> > +EFIAPI
> > +HashApiGetContextSize (
> > + VOID
> > + )
> > +{
> > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > + case HASH_API_ALGO_MD4:
> > + return Md4GetContextSize ();
> > + break;
> > +
> > + case HASH_API_ALGO_MD5:
> > + return Md5GetContextSize ();
> > + break;
> > +
> > + case HASH_API_ALGO_SHA1:
> > + return Sha1GetContextSize ();
> > + break;
> > +
> > + case HASH_API_ALGO_SHA256:
> > + return Sha256GetContextSize ();
> > + break;
> > +
> > + case HASH_API_ALGO_SHA384:
> > + return Sha384GetContextSize ();
> > + break;
> > +
> > + case HASH_API_ALGO_SHA512:
> > + return Sha512GetContextSize ();
> > + break;
> > +
> > + case HASH_API_ALGO_SM3_256:
> > + return Sm3GetContextSize ();
> > + break;
> > +
> > + default:
> > + ASSERT (FALSE);
> > + return 0;
> > + break;
> > + }
> > +}
> > +
> > +/**
> > + Init hash sequence.
> > +
> > + @param[out] HashContext Hash context.
> > +
> > + @retval TRUE Hash start and HashHandle
> returned.
> > + @retval FALSE Hash Init unsuccessful.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiInit (
> > + OUT HASH_API_CONTEXT HashContext
> > + )
> > +{
> > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > + case HASH_API_ALGO_MD4:
> > + return Md4Init (HashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_MD5:
> > + return Md5Init (HashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA1:
> > + return Sha1Init (HashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA256:
> > + return Sha256Init (HashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA384:
> > + return Sha384Init (HashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA512:
> > + return Sha512Init (HashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SM3_256:
> > + return Sm3Init (HashContext);
> > + break;
> > +
> > + default:
> > + ASSERT (FALSE);
> > + return FALSE;
> > + break;
> > + }
> > +}
> > +
> > +/**
> > + Makes a copy of an existing hash context.
> > +
> > + @param[in] HashContext Hash context.
> > + @param[out] NewHashContext New copy of hash
> context.
> > +
> > + @retval TRUE Hash context copy succeeded.
> > + @retval FALSE Hash context copy failed.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiDuplicate (
> > + IN HASH_API_CONTEXT HashContext,
> > + OUT HASH_API_CONTEXT NewHashContext
> > + )
> > +{
> > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > + case HASH_API_ALGO_MD4:
> > + return Md4Duplicate (HashContext,
> NewHashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_MD5:
> > + return Md5Duplicate (HashContext,
> NewHashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA1:
> > + return Sha1Duplicate (HashContext,
> NewHashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA256:
> > + return Sha256Duplicate (HashContext,
> NewHashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA384:
> > + return Sha384Duplicate (HashContext,
> NewHashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA512:
> > + return Sha512Duplicate (HashContext,
> NewHashContext);
> > + break;
> > +
> > + case HASH_API_ALGO_SM3_256:
> > + return Sm3Duplicate (HashContext,
> NewHashContext);
> > + break;
> > +
> > + default:
> > + ASSERT (FALSE);
> > + return FALSE;
> > + break;
> > + }
> > +}
> > +
> > +/**
> > + Update hash data.
> > +
> > + @param[in] HashContext Hash context.
> > + @param[in] DataToHash Data to be hashed.
> > + @param[in] DataToHashLen Data size.
> > +
> > + @retval TRUE Hash updated.
> > + @retval FALSE Hash updated unsuccessful.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiUpdate (
> > + IN HASH_API_CONTEXT HashContext,
> > + IN VOID *DataToHash,
> > + IN UINTN DataToHashLen
> > + )
> > +{
> > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > + case HASH_API_ALGO_MD4:
> > + return Md4Update (HashContext, DataToHash,
> DataToHashLen);
> > + break;
> > +
> > + case HASH_API_ALGO_MD5:
> > + return Md5Update (HashContext, DataToHash,
> DataToHashLen);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA1:
> > + return Sha1Update (HashContext, DataToHash,
> DataToHashLen);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA256:
> > + return Sha256Update (HashContext, DataToHash,
> DataToHashLen);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA384:
> > + return Sha384Update (HashContext, DataToHash,
> DataToHashLen);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA512:
> > + return Sha512Update (HashContext, DataToHash,
> DataToHashLen);
> > + break;
> > +
> > + case HASH_API_ALGO_SM3_256:
> > + return Sm3Update (HashContext, DataToHash,
> DataToHashLen);
> > + break;
> > +
> > + default:
> > + ASSERT (FALSE);
> > + return FALSE;
> > + break;
> > + }
> > +}
> > +
> > +/**
> > + Hash complete.
> > +
> > + @param[in] HashContext Hash context.
> > + @param[out] Digest Hash Digest.
> > +
> > + @retval TRUE Hash complete and Digest is
> returned.
> > + @retval FALSE Hash complete unsuccessful.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiFinal (
> > + IN HASH_API_CONTEXT HashContext,
> > + OUT UINT8 *Digest
> > + )
> > +{
> > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > + case HASH_API_ALGO_MD4:
> > + return Md4Final (HashContext, Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_MD5:
> > + return Md5Final (HashContext, Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA1:
> > + return Sha1Final (HashContext, Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA256:
> > + return Sha256Final (HashContext, Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA384:
> > + return Sha384Final (HashContext, Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA512:
> > + return Sha512Final (HashContext, Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SM3_256:
> > + return Sm3Final (HashContext, Digest);
> > + break;
> > +
> > + default:
> > + ASSERT (FALSE);
> > + return FALSE;
> > + break;
> > + }
> > +}
> > +
> > +/**
> > + Computes hash message digest of a input data
> buffer.
> > +
> > + @param[in] DataToHash Data to be hashed.
> > + @param[in] DataToHashLen Data size.
> > + @param[out] Digest Hash Digest.
> > +
> > + @retval TRUE Hash digest computation succeeded.
> > + @retval FALSE Hash digest computation failed.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +HashApiHashAll (
> > + IN CONST VOID *DataToHash,
> > + IN UINTN DataToHashLen,
> > + OUT UINT8 *Digest
> > + )
> > +{
> > + switch (PcdGet8 (PcdHashApiLibPolicy)) {
> > + case HASH_API_ALGO_MD4:
> > + return Md4HashAll (DataToHash, DataToHashLen,
> Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_MD5:
> > + return Md5HashAll (DataToHash, DataToHashLen,
> Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA1:
> > + return Sha1HashAll (DataToHash, DataToHashLen,
> Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA256:
> > + return Sha256HashAll (DataToHash,
> DataToHashLen, Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA384:
> > + return Sha384HashAll (DataToHash,
> DataToHashLen, Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SHA512:
> > + return Sha512HashAll (DataToHash,
> DataToHashLen, Digest);
> > + break;
> > +
> > + case HASH_API_ALGO_SM3_256:
> > + return Sm3HashAll (DataToHash, DataToHashLen,
> Digest);
> > + break;
> > +
> > + default:
> > + ASSERT (FALSE);
> > + return FALSE;
> > + break;
> > + }
> > +}
> > diff --git
> a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > new file mode 100644
> > index 0000000000..b4d8675ddd
> > --- /dev/null
> > +++
> b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.inf
> > @@ -0,0 +1,44 @@
> > +## @file
> > +# Provides Unified API for Hash Calculation # # This library is
> > +BaseHashApiLib. It will redirect
> hash request to
> > +# each individual hash API, such as SHA1, SHA256,
> SHA384, SM3 based
> > +# on hashing algorithm specified by
> PcdHashApiLibPolicy.
> > +#
> > +# Copyright (c) 2020, Intel Corporation. All rights
> reserved.<BR>
> > +# SPDX-License-Identifier: BSD-2-Clause-Patent # ##
> > +
> > +[Defines]
> > + INF_VERSION = 0x00010005
> > + BASE_NAME = BaseHashApiLib
> > + MODULE_UNI_FILE =
> BaseHashApiLib.uni
> > + FILE_GUID = B1E566DD-DE7C-
> 4F04-BDA0-B1295D3BE927
> > + MODULE_TYPE = BASE
> > + VERSION_STRING = 1.0
> > + LIBRARY_CLASS = BaseHashApiLib
> > +
> > +#
> > +# The following information is for reference only
> and not required by the build
> > tools.
> > +#
> > +# VALID_ARCHITECTURES = IA32 X64
> > +#
> > +
> > +[Sources]
> > + BaseHashApiLib.c
> > +
> > +[Packages]
> > + MdePkg/MdePkg.dec
> > + CryptoPkg/CryptoPkg.dec
> > +
> > +[LibraryClasses]
> > + BaseLib
> > + BaseMemoryLib
> > + DebugLib
> > + MemoryAllocationLib
> > + BaseCryptLib
> > + PcdLib
> > +
> > +[Pcd]
> > + gEfiCryptoPkgTokenSpaceGuid.PcdHashApiLibPolicy
> ## CONSUMES
> > diff --git
> a/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > new file mode 100644
> > index 0000000000..49ba82e86f
> > --- /dev/null
> > +++
> b/CryptoPkg/Library/BaseHashApiLib/BaseHashApiLib.uni
> > @@ -0,0 +1,17 @@
> > +// /** @file
> > +// Provides Unified API for Hash Calculation // // This library is
> > +BaseHashApiLib. It will redirect
> hash request to
> > +// each individual hash API, such as SHA1, SHA256,
> SHA384, SM3 based
> > +// on hashing algorithm specified by
> PcdHashApiLibPolicy.
> > +//
> > +// Copyright (c) 2020, Intel Corporation. All rights
> reserved.<BR>
> > +//
> > +// SPDX-License-Identifier: BSD-2-Clause-Patent // // **/
> > +
> > +
> > +#string STR_MODULE_ABSTRACT #language
> en-US "Provides hash
> > service by specified hash handler"
> > +
> > +#string STR_MODULE_DESCRIPTION #language
> en-US "This library is
> > Unified Hash API. It will redirect hash request to
> the hash handler specified by
> > PcdHashApiLibPolicy."
> > --
> > 2.21.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#53734): https://edk2.groups.io/g/devel/message/53734
Mute This Topic: https://groups.io/mt/70960524/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list