From nobody Wed May 15 19:04:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+86219+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+86219+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1643494201; cv=none; d=zohomail.com; s=zohoarc; b=CYbNTdla7lKT2DGYUJJnnWB/5ledR9H87xVHKsxTLBSUfM5XOFPLugc2aNLv3av+5Qph01MWg+KqsmifqiWv9scPFPgLXRlE9hUhIcZdsjcPLotp+ua/P5NbI7eBr3CuFzb7kViFfQCbioxBLTYZ9RzhPqKqF58IHb2/3mmzLKs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1643494201; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=vDqNVSH3zdLK1KpPPphBCFkenT7x3kH2jqfG/eR1lWQ=; b=dWYBLz8PneOv6cQT3cnTzuuPXh9ZF4Lc9ZMyzIMKFNHmAU6SdRFqk7AxRM9loWwa+am4KgTdMaNR+0mPyAZxTgmqSCogfrbWshjxdfc5bjRpFP+MDFP+ORWf6G6ZwnrAxYasPBDUrEm8a6AJnGwLqrP6zPlVdXTQyGuVA/kzlN0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+86219+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1643494201263563.3351858605514; Sat, 29 Jan 2022 14:10:01 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id kx4PYY1788612x5AhLLy5Xpq; Sat, 29 Jan 2022 14:10:00 -0800 X-Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by mx.groups.io with SMTP id smtpd.web12.11933.1643494199187777212 for ; Sat, 29 Jan 2022 14:09:59 -0800 X-IronPort-AV: E=McAfee;i="6200,9189,10242"; a="271764563" X-IronPort-AV: E=Sophos;i="5.88,327,1635231600"; d="scan'208";a="271764563" X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jan 2022 14:09:58 -0800 X-IronPort-AV: E=Sophos;i="5.88,327,1635231600"; d="scan'208";a="675399643" X-Received: from shwdejointd178.ccr.corp.intel.com ([10.239.153.78]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jan 2022 14:09:56 -0800 From: "yi1 li" To: devel@edk2.groups.io Cc: yi1 li , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH 1/2] CryptoPkg: Add BigNum support Date: Sun, 30 Jan 2022 06:09:15 +0800 Message-Id: <19a83075cadeea3805d4c30d4924be26fff66e14.1643494016.git.yi1.li@intel.com> In-Reply-To: References: MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,yi1.li@intel.com X-Gm-Message-State: F2225sTfC7vBtwvKvV5nQK2Lx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1643494200; bh=qkhWQG6yckUeeieGvtznOwX2r6IuhK8Wuh0I2kWNMYg=; h=Cc:Date:From:Reply-To:Subject:To; b=IXr8y24cDFJvE/6nrMSE6xlgCiem0MtJSwb9OM/c6nskGigz/9eFDQwVj0aAfFrLPrS dlrJCAWvk0A0wrWDHEWFrYHfgJ5T6KRVDLwvwW+4ICjobxwjTVtb+FTHuxBC1EWD3Op0r Tcxm+oyEXgRKx1myX7/aNBjlPTl+NO2vXDU= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1643494203621100001 Content-Type: text/plain; charset="utf-8" This patch is used to add CryptBn library, which is wrapped over OpenSSL. The implementation provides CryptBn library functions for EFI BaseCrypt protocol and EFI BaseCrypt Configuration Protocol. Signed-off-by: yi1 li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.dsc | 1 + CryptoPkg/Driver/Crypto.c | 522 ++++++++++++++- CryptoPkg/Include/Library/BaseCryptLib.h | 423 +++++++++++++ .../Pcd/PcdCryptoServiceFamilyEnable.h | 30 + .../Library/BaseCryptLib/BaseCryptLib.inf | 1 + CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c | 594 ++++++++++++++++++ .../Library/BaseCryptLib/PeiCryptLib.inf | 1 + .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +- .../BaseCryptLibOnProtocolPpi/CryptLib.c | 497 +++++++++++++++ CryptoPkg/Private/Protocol/Crypto.h | 434 +++++++++++++ 10 files changed, 2503 insertions(+), 2 deletions(-) create mode 100644 CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 0aa72ed87846..4b14db884078 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -165,6 +165,7 @@ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Tls.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsSet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.TlsGet.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY !endif =20 !if $(CRYPTO_SERVICES) =3D=3D MIN_PEI diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c index d5d6aa8e5820..a5b3a2f46fbb 100644 --- a/CryptoPkg/Driver/Crypto.c +++ b/CryptoPkg/Driver/Crypto.c @@ -4470,6 +4470,499 @@ CryptoServiceTlsGetCertRevocationList ( return CALL_BASECRYPTLIB (TlsGet.Services.CertRevocationList, TlsGetCert= RevocationList, (Data, DataSize), EFI_UNSUPPORTED); } =20 +/** + Allocate new Big Number. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +CryptoServiceBigNumInit ( + VOID + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.Init, BigNumInit, (), NULL); +} + +/** + Allocate new Big Number and assign the provided value to it. + + @param[in] Buf Big endian encoded buffer. + @param[in] Len Buffer length. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +CryptoServiceBigNumFromBin ( + IN CONST UINT8 *Buf, + IN UINTN Len + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.FromBin, BigNumFromBin, (Buf, Len)= , NULL); +} + +/** + Convert the absolute value of Bn into big-endian form and store it at Bu= f. + The Buf array should have at least BigNumBytes() in it. + + @param[in] Bn Big number to convert. + @param[out] Buf Output buffer. + + @retval The length of the big-endian number placed at Buf or -1 on error. +**/ +INTN +EFIAPI +CryptoServiceBigNumToBin ( + IN VOID *Bn, + OUT UINT8 *Buf + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.ToBin, BigNumToBin, (Bn, Buf), -1); +} + +/** + Free the Big Number. + + @param[in] Bn Big number to free. + @param[in] Clear TRUE if the buffer should be cleared. +**/ +VOID +EFIAPI +CryptoServiceBigNumFree ( + IN VOID *Bn, + IN BOOLEAN Clear + ) +{ + CALL_VOID_BASECRYPTLIB (Bn.Services.Free, BigNumFree, (Bn, Clear)); +} + +/** + Calculate the sum of two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA + BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumAdd ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.Add, BigNumAdd, (BnA, BnB, BnRes),= EFI_UNSUPPORTED); +} + +/** + Subtract two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA - BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumSub ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.Sub, BigNumSub, (BnA, BnB, BnRes),= EFI_UNSUPPORTED); +} + +/** + Calculate remainder: BnRes =3D BnA % BnB. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA % BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.Mod, BigNumMod, (BnA, BnB, BnRes),= EFI_UNSUPPORTED); +} + +/** + Compute BnA to the BnP-th power modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed. + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnP Big number (power). + @param[in] BnM Big number (modulo). + @param[out] BnRes The result of (BnA ^ BnP) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumExpMod ( + IN VOID *BnA, + IN VOID *BnP, + IN VOID *BnM, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.ExpMod, BigNumExpMod, (BnA, BnP, B= nM, BnRes), EFI_UNSUPPORTED); +} + +/** + Compute BnA inverse modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnRes) % BnM =3D=3D 1. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumInverseMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.InverseMod, BigNumInverseMod, (BnA= , BnM, BnRes), EFI_UNSUPPORTED); +} + +/** + Divide two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that BnA / BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumDiv ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.Div, BigNumDiv, (BnA, BnM, BnRes),= EFI_UNSUPPORTED); +} + +/** + Multiply two Big Numbers modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumMulMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.MulMod, BigNumMulMod, (BnA, BnB, B= nM, BnRes), EFI_UNSUPPORTED); +} + +/** + Compare two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnB Big number. + + @retval 0 BnA =3D=3D BnB. + @retval 1 BnA > BnB. + @retval -1 BnA < BnB. +**/ +INTN +EFIAPI +CryptoServiceBigNumCmp ( + IN CONST VOID *BnA, + IN CONST VOID *BnB + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.Cmp, BigNumCmp, (BnA, BnB), 0); +} + +/** + Get number of bits in Bn. + + @param[in] Bn Big number. + + @retval Number of bits. +**/ +UINTN +EFIAPI +CryptoServiceBigNumBits ( + IN CONST VOID *Bn + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.Bits, BigNumBits, (Bn), 0); +} + +/** + Get number of bytes in Bn. + + @param[in] Bn Big number. + + @retval Number of bytes. +**/ +UINTN +EFIAPI +CryptoServiceBigNumBytes ( + IN CONST VOID *Bn + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.Bytes, BigNumBytes, (Bn), 0); +} + +/** + Checks if Big Number equals to the given Num. + + @param[in] Bn Big number. + @param[in] Num Number. + + @retval TRUE iff Bn =3D=3D Num. + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceBigNumIsWord ( + IN CONST VOID *Bn, + IN UINTN Num + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.IsWord, BigNumIsWord, (Bn, Num), F= ALSE); +} + +/** + Checks if Big Number is odd. + + @param[in] Bn Big number. + + @retval TRUE Bn is odd (Bn % 2 =3D=3D 1). + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceBigNumIsOdd ( + IN CONST VOID *Bn + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.IsOdd, BigNumIsOdd, (Bn), FALSE); +} + +/** + Copy Big number. + + @param[out] BnDst Destination. + @param[in] BnSrc Source. + + @retval BnDst on success. + @retval NULL otherwise. +**/ +VOID * +EFIAPI +CryptoServiceBigNumCopy ( + OUT VOID *BnDst, + IN CONST VOID *BnSrc + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.Copy, BigNumCopy, (BnDst, BnSrc), = NULL); +} + +/** + Get constant Big number with value of "1". + This may be used to save expensive allocations. + + @retval Big Number with value of 1. +**/ +CONST VOID * +EFIAPI +CryptoServiceBigNumValueOne ( + VOID + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.ValueOne, BigNumValueOne, (), NULL= ); +} + +/** + Shift right Big Number. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] Bn Big number. + @param[in] n Number of bits to shift. + @param[out] BnRes The result. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumRShift ( + IN CONST VOID *Bn, + IN UINTN n, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.RShift, BigNumRShift, (Bn, n, BnRe= s), EFI_UNSUPPORTED); +} + +/** + Mark Big Number for constant time computations. + This function should be called before any constant time computations are + performed on the given Big number. + + @param[in] Bn Big number. +**/ +VOID +EFIAPI +CryptoServiceBigNumConsttime ( + IN VOID *Bn + ) +{ + CALL_VOID_BASECRYPTLIB (Bn.Services.Consttime, BigNumConsttime, (Bn)); +} + +/** + Calculate square modulo. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA ^ 2) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumSqrMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.SqrMod, BigNumSqrMod, (BnA, BnM, B= nRes), EFI_UNSUPPORTED); +} + +/** + Create new Big Number computation context. This is an opaque structure + which should be passed to any function that requires it. The BN context = is + needed to optimize calculations and expensive allocations. + + @retval Big Number context struct or NULL on failure. +**/ +VOID * +EFIAPI +CryptoServiceBigNumNewContext ( + VOID + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.NewContext, BigNumNewContext, (), = NULL); +} + +/** + Free Big Number context that was allocated with BigNumNewContext(). + + @param[in] BnCtx Big number context to free. +**/ +VOID +EFIAPI +CryptoServiceBigNumContextFree ( + IN VOID *BnCtx + ) +{ + CALL_VOID_BASECRYPTLIB (Bn.Services.ContextFree, BigNumContextFree, (BnC= tx)); +} + +/** + Set Big Number to a given value. + + @param[in] Bn Big number to set. + @param[in] Val Value to set. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumSetUint ( + IN VOID *Bn, + IN UINTN Val + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.SetUint, BigNumSetUint, (Bn, Val),= EFI_UNSUPPORTED); +} + +/** + Add two Big Numbers modulo BnM. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA + BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +CryptoServiceBigNumAddMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + return CALL_BASECRYPTLIB (Bn.Services.AddMod, BigNumAddMod, (BnA, BnB, B= nM, BnRes), EFI_UNSUPPORTED); +} + const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =3D { /// Version CryptoServiceGetCryptoVersion, @@ -4670,5 +5163,32 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =3D { CryptoServiceTlsGetCaCertificate, CryptoServiceTlsGetHostPublicCert, CryptoServiceTlsGetHostPrivateKey, - CryptoServiceTlsGetCertRevocationList + CryptoServiceTlsGetCertRevocationList, + + // Big Numbers + CryptoServiceBigNumInit, + CryptoServiceBigNumFromBin, + CryptoServiceBigNumToBin, + CryptoServiceBigNumFree, + CryptoServiceBigNumAdd, + CryptoServiceBigNumSub, + CryptoServiceBigNumMod, + CryptoServiceBigNumExpMod, + CryptoServiceBigNumInverseMod, + CryptoServiceBigNumDiv, + CryptoServiceBigNumMulMod, + CryptoServiceBigNumCmp, + CryptoServiceBigNumBits, + CryptoServiceBigNumBytes, + CryptoServiceBigNumIsWord, + CryptoServiceBigNumIsOdd, + CryptoServiceBigNumCopy, + CryptoServiceBigNumValueOne, + CryptoServiceBigNumRShift, + CryptoServiceBigNumConsttime, + CryptoServiceBigNumSqrMod, + CryptoServiceBigNumNewContext, + CryptoServiceBigNumContextFree, + CryptoServiceBigNumSetUint, + CryptoServiceBigNumAddMod, }; diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/L= ibrary/BaseCryptLib.h index f4bc7c0d73d9..d64ea5b3dd94 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -2403,4 +2403,427 @@ HkdfSha256ExtractAndExpand ( IN UINTN OutSize ); =20 +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +// Big number primitives +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + Allocate new Big Number. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumInit ( + VOID + ); + +/** + Allocate new Big Number and assign the provided value to it. + + @param[in] Buf Big endian encoded buffer. + @param[in] Len Buffer length. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumFromBin ( + IN CONST UINT8 *Buf, + IN UINTN Len + ); + +/** + Convert the absolute value of Bn into big-endian form and store it at Bu= f. + The Buf array should have at least BigNumBytes() in it. + + @param[in] Bn Big number to convert. + @param[out] Buf Output buffer. + + @retval The length of the big-endian number placed at Buf or -1 on error. +**/ +INTN +EFIAPI +BigNumToBin ( + IN VOID *Bn, + OUT UINT8 *Buf + ); + +/** + Free the Big Number. + + @param[in] Bn Big number to free. + @param[in] Clear TRUE if the buffer should be cleared. +**/ +VOID +EFIAPI +BigNumFree ( + IN VOID *Bn, + IN BOOLEAN Clear + ); + +/** + Calculate the sum of two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA + BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAdd ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ); + +/** + Subtract two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA - BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSub ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ); + +/** + Calculate remainder: BnRes =3D BnA % BnB. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA % BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ); + +/** + Compute BnA to the BnP-th power modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnP Big number (power). + @param[in] BnM Big number (modulo). + @param[out] BnRes The result of (BnA ^ BnP) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumExpMod ( + IN VOID *BnA, + IN VOID *BnP, + IN VOID *BnM, + OUT VOID *BnRes + ); + +/** + Compute BnA inverse modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnRes) % BnM =3D=3D 1. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumInverseMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ); + +/** + Divide two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that BnA / BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumDiv ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ); + +/** + Multiply two Big Numbers modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMulMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ); + +/** + Compare two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnB Big number. + + @retval 0 BnA =3D=3D BnB. + @retval 1 BnA > BnB. + @retval -1 BnA < BnB. +**/ +INTN +EFIAPI +BigNumCmp ( + IN CONST VOID *BnA, + IN CONST VOID *BnB + ); + +/** + Get number of bits in Bn. + + @param[in] Bn Big number. + + @retval Number of bits. +**/ + +UINTN +EFIAPI +BigNumBits ( + IN CONST VOID *Bn + ); + +/** + Get number of bytes in Bn. + + @param[in] Bn Big number. + + @retval Number of bytes. +**/ +UINTN +EFIAPI +BigNumBytes ( + IN CONST VOID *Bn + ); + +/** + Checks if Big Number equals to the given Num. + + @param[in] Bn Big number. + @param[in] Num Number. + + @retval TRUE iff Bn =3D=3D Num. + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsWord ( + IN CONST VOID *Bn, + IN UINTN Num + ); + +/** + Checks if Big Number is odd. + + @param[in] Bn Big number. + + @retval TRUE Bn is odd (Bn % 2 =3D=3D 1). + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsOdd ( + IN CONST VOID *Bn + ); + +/** + Copy Big number. + + @param[out] BnDst Destination. + @param[in] BnSrc Source. + + @retval BnDst on success. + @retval NULL otherwise. +**/ +VOID * +EFIAPI +BigNumCopy ( + OUT VOID *BnDst, + IN CONST VOID *BnSrc + ); + +/** + Get constant Big number with value of "1". + This may be used to save expensive allocations. + + @retval Big Number with value of 1. +**/ +CONST VOID * +EFIAPI +BigNumValueOne ( + VOID + ); + +/** + Shift right Big Number. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] Bn Big number. + @param[in] n Number of bits to shift. + @param[out] BnRes The result. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumRShift ( + IN CONST VOID *Bn, + IN UINTN n, + OUT VOID *BnRes + ); + +/** + Mark Big Number for constant time computations. + This function should be called before any constant time computations are + performed on the given Big number. + + @param[in] Bn Big number. +**/ +VOID +EFIAPI +BigNumConsttime ( + IN VOID *Bn + ); + +/** + Calculate square modulo. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA ^ 2) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSqrMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ); + +/** + Create new Big Number computation context. This is an opaque structure + which should be passed to any function that requires it. The BN context = is + needed to optimize calculations and expensive allocations. + + @retval Big Number context struct or NULL on failure. +**/ +VOID * +EFIAPI +BigNumNewContext ( + VOID + ); + +/** + Free Big Number context that was allocated with BigNumNewContext(). + + @param[in] BnCtx Big number context to free. +**/ +VOID +EFIAPI +BigNumContextFree ( + IN VOID *BnCtx + ); + +/** + Set Big Number to a given value. + + @param[in] Bn Big number to set. + @param[in] Val Value to set. +**/ +EFI_STATUS +EFIAPI +BigNumSetUint ( + IN VOID *Bn, + IN UINTN Val + ); + +/** + Add two Big Numbers modulo BnM. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA + BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAddMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ); + #endif // __BASE_CRYPT_LIB_H__ diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h b/CryptoP= kg/Include/Pcd/PcdCryptoServiceFamilyEnable.h index 5186a54759ae..31b4728167de 100644 --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h @@ -288,6 +288,36 @@ typedef struct { } Services; UINT32 Family; } TlsGet; + union { + struct { + UINT8 Init : 1; + UINT8 FromBin : 1; + UINT8 ToBin : 1; + UINT8 Free : 1; + UINT8 Add : 1; + UINT8 Sub : 1; + UINT8 Mod : 1; + UINT8 ExpMod : 1; + UINT8 InverseMod : 1; + UINT8 Div : 1; + UINT8 MulMod : 1; + UINT8 Cmp : 1; + UINT8 Bits : 1; + UINT8 Bytes : 1; + UINT8 IsWord : 1; + UINT8 IsOdd : 1; + UINT8 Copy : 1; + UINT8 ValueOne : 1; + UINT8 RShift : 1; + UINT8 Consttime : 1; + UINT8 SqrMod : 1; + UINT8 NewContext : 1; + UINT8 ContextFree : 1; + UINT8 SetUint : 1; + UINT8 AddMod : 1; + } Services; + UINT32 Family; + } Bn; } PCD_CRYPTO_SERVICE_FAMILY_ENABLE; =20 #endif diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Li= brary/BaseCryptLib/BaseCryptLib.inf index 49703fa4c963..3c3564197ee7 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -52,6 +52,7 @@ Pk/CryptRsaPss.c Pk/CryptRsaPssSign.c Pem/CryptPem.c + Bn/CryptBn.c =20 SysCall/CrtWrapper.c SysCall/TimerWrapper.c diff --git a/CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c b/CryptoPkg/Librar= y/BaseCryptLib/Bn/CryptBn.c new file mode 100644 index 000000000000..2e9f1cbea67f --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBn.c @@ -0,0 +1,594 @@ +/** @file Big number API implementation based on OpenSSL + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include +#include +#include +#include +#include +#include +#include + +/** + Allocate new Big Number. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumInit ( + VOID + ) +{ + return BN_new (); +} + +/** + Allocate new Big Number and assign the provided value to it. + + @param[in] Buf Big endian encoded buffer. + @param[in] Len Buffer length. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumFromBin ( + IN CONST UINT8 *Buf, + IN UINTN Len + ) +{ + return BN_bin2bn (Buf, (int)Len, NULL); +} + +/** + Convert the absolute value of Bn into big-endian form and store it at Bu= f. + The Buf array should have at least BigNumBytes() in it. + + @param[in] Bn Big number to convert. + @param[out] Buf Output buffer. + + @retval The length of the big-endian number placed at Buf or -1 on error. +**/ +INTN +EFIAPI +BigNumToBin ( + IN VOID *Bn, + OUT UINT8 *Buf + ) +{ + return BN_bn2bin (Bn, Buf); +} + +/** + Free the Big Number. + + @param[in] Bn Big number to free. + @param[in] Clear TRUE if the buffer should be cleared. +**/ +VOID +EFIAPI +BigNumFree ( + IN VOID *Bn, + IN BOOLEAN Clear + ) +{ + if (Clear) { + BN_clear_free (Bn); + } else { + BN_free (Bn); + } +} + +/** + Calculate the sum of two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA + BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAdd ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + return BN_add (BnRes, BnA, BnB) ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} + +/** + Subtract two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA - BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSub ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + return BN_sub (BnRes, BnA, BnB) ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} + +/** + Calculate remainder: BnRes =3D BnA % BnB. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA % BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + int Res; + BN_CTX *Bnctx; + + Bnctx =3D BN_CTX_new (); + if (!Bnctx) { + return EFI_OUT_OF_RESOURCES; + } + + Res =3D BN_mod (BnRes, BnA, BnB, Bnctx); + BN_CTX_free (Bnctx); + + return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} + +/** + Compute BnA to the BnP-th power modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnP Big number (power). + @param[in] BnM Big number (modulo). + @param[out] BnRes The result of (BnA ^ BnP) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumExpMod ( + IN VOID *BnA, + IN VOID *BnP, + IN VOID *BnM, + OUT VOID *BnRes + ) +{ + int Res; + BN_CTX *Bnctx; + + Bnctx =3D BN_CTX_new (); + if (!Bnctx) { + return EFI_OUT_OF_RESOURCES; + } + + Res =3D BN_mod_exp (BnRes, BnA, BnP, BnM, Bnctx); + BN_CTX_free (Bnctx); + + return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} + +/** + Compute BnA inverse modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnRes) % BnM =3D=3D 1. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumInverseMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + BIGNUM *Res; + BN_CTX *Bnctx; + + Bnctx =3D BN_CTX_new (); + if (!Bnctx) { + return EFI_OUT_OF_RESOURCES; + } + + Res =3D BN_mod_inverse (BnRes, BnA, BnM, Bnctx); + BN_CTX_free (Bnctx); + + return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} + +/** + Divide two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that BnA / BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumDiv ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + int Res; + BN_CTX *Bnctx; + + Bnctx =3D BN_CTX_new (); + if (!Bnctx) { + return EFI_OUT_OF_RESOURCES; + } + + Res =3D BN_div (BnRes, NULL, BnA, BnM, Bnctx); + BN_CTX_free (Bnctx); + + return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} + +/** + Multiply two Big Numbers modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMulMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + int Res; + BN_CTX *Bnctx; + + Bnctx =3D BN_CTX_new (); + if (!Bnctx) { + return EFI_OUT_OF_RESOURCES; + } + + Res =3D BN_mod_mul (BnRes, BnA, BnB, BnM, Bnctx); + BN_CTX_free (Bnctx); + + return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} + +/** + Compare two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnB Big number. + + @retval 0 BnA =3D=3D BnB. + @retval 1 BnA > BnB. + @retval -1 BnA < BnB. +**/ +INTN +EFIAPI +BigNumCmp ( + IN CONST VOID *BnA, + IN CONST VOID *BnB + ) +{ + return BN_cmp (BnA, BnB); +} + +/** + Get number of bits in Bn. + + @param[in] Bn Big number. + + @retval Number of bits. +**/ +UINTN +EFIAPI +BigNumBits ( + IN CONST VOID *Bn + ) +{ + return BN_num_bits (Bn); +} + +/** + Get number of bytes in Bn. + + @param[in] Bn Big number. + + @retval Number of bytes. +**/ +UINTN +EFIAPI +BigNumBytes ( + IN CONST VOID *Bn + ) +{ + return BN_num_bytes (Bn); +} + +/** + Checks if Big Number equals to the given Num. + + @param[in] Bn Big number. + @param[in] Num Number. + + @retval TRUE iff Bn =3D=3D Num. + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsWord ( + IN CONST VOID *Bn, + IN UINTN Num + ) +{ + return !!BN_is_word (Bn, Num); +} + +/** + Checks if Big Number is odd. + + @param[in] Bn Big number. + + @retval TRUE Bn is odd (Bn % 2 =3D=3D 1). + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsOdd ( + IN CONST VOID *Bn + ) +{ + return !!BN_is_odd (Bn); +} + +/** + Copy Big number. + + @param[out] BnDst Destination. + @param[in] BnSrc Source. + + @retval BnDst on success. + @retval NULL otherwise. +**/ +VOID * +EFIAPI +BigNumCopy ( + OUT VOID *BnDst, + IN CONST VOID *BnSrc + ) +{ + return BN_copy (BnDst, BnSrc); +} + +/** + Get constant Big number with value of "1". + This may be used to save expensive allocations. + + @retval Big Number with value of 1. +**/ +CONST VOID * +EFIAPI +BigNumValueOne ( + VOID + ) +{ + return BN_value_one (); +} + +/** + Shift right Big Number. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] Bn Big number. + @param[in] n Number of bits to shift. + @param[out] BnRes The result. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumRShift ( + IN CONST VOID *Bn, + IN UINTN n, + OUT VOID *BnRes + ) +{ + // BN_rshift() does not modify the first argument, so we remove const. + if (BN_rshift ((BIGNUM *)Bn, BnRes, (int)n) =3D=3D 1) { + return EFI_SUCCESS; + } else { + return EFI_PROTOCOL_ERROR; + } +} + +/** + Mark Big Number for constant time computations. + This function should be called before any constant time computations are + performed on the given Big number. + + @param[in] Bn Big number +**/ +VOID +EFIAPI +BigNumConsttime ( + IN VOID *Bn + ) +{ + BN_set_flags (Bn, BN_FLG_CONSTTIME); +} + +/** + Calculate square modulo. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA ^ 2) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSqrMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + int Res; + BN_CTX *Ctx; + + Ctx =3D BN_CTX_new (); + if (!Ctx) { + return EFI_OUT_OF_RESOURCES; + } + + Res =3D BN_mod_sqr (BnRes, BnA, BnM, Ctx); + BN_CTX_free (Ctx); + + return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} + +/** + Create new Big Number computation context. This is an opaque structure + which should be passed to any function that requires it. The BN context = is + needed to optimize calculations and expensive allocations. + + @retval Big Number context struct or NULL on failure. +**/ +VOID * +EFIAPI +BigNumNewContext ( + VOID + ) +{ + return BN_CTX_new (); +} + +/** + Free Big Number context that was allocated with BigNumNewContext(). + + @param[in] BnCtx Big number context to free. +**/ +VOID +EFIAPI +BigNumContextFree ( + IN VOID *BnCtx + ) +{ + BN_CTX_free (BnCtx); +} + +/** + Set Big Number to a given value. + + @param[in] Bn Big number to set. + @param[in] Val Value to set. +**/ +EFI_STATUS +EFIAPI +BigNumSetUint ( + IN VOID *Bn, + IN UINTN Val + ) +{ + return BN_set_word (Bn, Val) =3D=3D 1 ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} + +/** + Add two Big Numbers modulo BnM. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA + BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAddMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + int Res; + BN_CTX *Bnctx; + + Bnctx =3D BN_CTX_new (); + if (!Bnctx) { + return EFI_OUT_OF_RESOURCES; + } + + Res =3D BN_mod_add (BnRes, BnA, BnB, BnM, Bnctx); + BN_CTX_free (Bnctx); + + return Res ? EFI_SUCCESS : EFI_PROTOCOL_ERROR; +} diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/PeiCryptLib.inf index 0cab5f3ce36c..75d87afbdc03 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -59,6 +59,7 @@ Pk/CryptRsaPssSignNull.c Pem/CryptPemNull.c Rand/CryptRandNull.c + Bn/CryptBn.c =20 SysCall/CrtWrapper.c SysCall/ConstantTimeClock.c diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SmmCryptLib.inf index e6470d7a2127..420cef88efb1 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -56,7 +56,7 @@ Pk/CryptRsaPss.c Pk/CryptRsaPssSignNull.c Pem/CryptPem.c - + Bn/CryptBn.c SysCall/CrtWrapper.c SysCall/ConstantTimeClock.c SysCall/BaseMemAllocation.c diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/Crypt= oPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c index c8df259ea963..6c5025ff6a6a 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c @@ -3580,3 +3580,500 @@ TlsGetCertRevocationList ( { CALL_CRYPTO_SERVICE (TlsGetCertRevocationList, (Data, DataSize), EFI_UNS= UPPORTED); } + +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +// Big number primitive +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + Allocate new Big Number. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumInit ( + VOID + ) +{ + CALL_CRYPTO_SERVICE (BigNumInit, (), NULL); +} + +/** + Allocate new Big Number and assign the provided value to it. + + @param[in] Buf Big endian encoded buffer. + @param[in] Len Buffer length. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumFromBin ( + IN CONST UINT8 *Buf, + IN UINTN Len + ) +{ + CALL_CRYPTO_SERVICE (BigNumFromBin, (Buf, Len), NULL); +} + +/** + Convert the absolute value of Bn into big-endian form and store it at Bu= f. + The Buf array should have at least BigNumBytes() in it. + + @param[in] Bn Big number to convert. + @param[out] Buf Output buffer. + + @retval The length of the big-endian number placed at Buf or -1 on error. +**/ +INTN +EFIAPI +BigNumToBin ( + IN VOID *Bn, + OUT UINT8 *Buf + ) +{ + CALL_CRYPTO_SERVICE (BigNumToBin, (Bn, Buf), -1); +} + +/** + Free the Big Number. + + @param[in] Bn Big number to free. + @param[in] Clear TRUE if the buffer should be cleared. +**/ +VOID +EFIAPI +BigNumFree ( + IN VOID *Bn, + IN BOOLEAN Clear + ) +{ + CALL_VOID_CRYPTO_SERVICE (BigNumFree, (Bn, Clear)); +} + +/** + Calculate the sum of two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA + BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAdd ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumAdd, (BnA, BnB, BnRes), EFI_UNSUPPORTED); +} + +/** + Subtract two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA - BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSub ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumSub, (BnA, BnB, BnRes), EFI_UNSUPPORTED); +} + +/** + Calculate remainder: BnRes =3D BnA % BnB + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA % BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumMod, (BnA, BnB, BnRes), EFI_UNSUPPORTED); +} + +/** + Compute BnA to the BnP-th power modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnP Big number (power). + @param[in] BnM Big number (modulo). + @param[out] BnRes The result of (BnA ^ BnP) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumExpMod ( + IN VOID *BnA, + IN VOID *BnP, + IN VOID *BnM, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumExpMod, (BnA, BnP, BnM, BnRes), EFI_UNSUPPORT= ED); +} + +/** + Compute BnA inverse modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnRes) % BnM =3D=3D 1. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumInverseMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumInverseMod, (BnA, BnM, BnRes), EFI_UNSUPPORTE= D); +} + +/** + Divide two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that BnA / BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumDiv ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumDiv, (BnA, BnM, BnRes), EFI_UNSUPPORTED); +} + +/** + Multiply two Big Numbers modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMulMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumMulMod, (BnA, BnB, BnM, BnRes), EFI_UNSUPPORT= ED); +} + +/** + Compare two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnB Big number. + + @retval 0 BnA =3D=3D BnB. + @retval 1 BnA > BnB. + @retval -1 BnA < BnB. +**/ +INTN +EFIAPI +BigNumCmp ( + IN CONST VOID *BnA, + IN CONST VOID *BnB + ) +{ + CALL_CRYPTO_SERVICE (BigNumCmp, (BnA, BnB), 0); +} + +/** + Get number of bits in Bn. + + @param[in] Bn Big number. + + @retval Number of bits. +**/ +UINTN +EFIAPI +BigNumBits ( + IN CONST VOID *Bn + ) +{ + CALL_CRYPTO_SERVICE (BigNumBits, (Bn), 0); +} + +/** + Get number of bytes in Bn. + + @param[in] Bn Big number. + + @retval Number of bytes. +**/ +UINTN +EFIAPI +BigNumBytes ( + IN CONST VOID *Bn + ) +{ + CALL_CRYPTO_SERVICE (BigNumBytes, (Bn), 0); +} + +/** + Checks if Big Number equals to the given Num. + + @param[in] Bn Big number. + @param[in] Num Number. + + @retval TRUE iff Bn =3D=3D Num. + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsWord ( + IN CONST VOID *Bn, + IN UINTN Num + ) +{ + CALL_CRYPTO_SERVICE (BigNumIsWord, (Bn, Num), FALSE); +} + +/** + Checks if Big Number is odd. + + @param[in] Bn Big number. + + @retval TRUE Bn is odd (Bn % 2 =3D=3D 1). + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsOdd ( + IN CONST VOID *Bn + ) +{ + CALL_CRYPTO_SERVICE (BigNumIsOdd, (Bn), FALSE); +} + +/** + Copy Big number. + + @param[out] BnDst Destination. + @param[in] BnSrc Source. + + @retval BnDst on success. + @retval NULL otherwise. +**/ +VOID * +EFIAPI +BigNumCopy ( + OUT VOID *BnDst, + IN CONST VOID *BnSrc + ) +{ + CALL_CRYPTO_SERVICE (BigNumCopy, (BnDst, BnSrc), NULL); +} + +/** + Get constant Big number with value of "1". + This may be used to save expensive allocations. + + @retval Big Number with value of 1. +**/ +CONST VOID * +EFIAPI +BigNumValueOne ( + VOID + ) +{ + CALL_CRYPTO_SERVICE (BigNumValueOne, (), NULL); +} + +/** + Shift right Big Number. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] Bn Big number. + @param[in] n Number of bits to shift. + @param[out] BnRes The result. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumRShift ( + IN CONST VOID *Bn, + IN UINTN n, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumRShift, (Bn, n, BnRes), EFI_UNSUPPORTED); +} + +/** + Mark Big Number for constant time computations. + This function should be called before any constant time computations are + performed on the given Big number. + + @param[in] Bn Big number. +**/ +VOID +EFIAPI +BigNumConsttime ( + IN VOID *Bn + ) +{ + CALL_VOID_CRYPTO_SERVICE (BigNumConsttime, (Bn)); +} + +/** + Calculate square modulo. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA ^ 2) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSqrMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumSqrMod, (BnA, BnM, BnRes), EFI_UNSUPPORTED); +} + +/** + Create new Big Number computation context. This is an opaque structure + which should be passed to any function that requires it. The BN context = is + needed to optimize calculations and expensive allocations. + + @retval Big Number context struct or NULL on failure. +**/ +VOID * +EFIAPI +BigNumNewContext ( + VOID + ) +{ + CALL_CRYPTO_SERVICE (BigNumNewContext, (), NULL); +} + +/** + Free Big Number context that was allocated with BigNumNewContext(). + + @param[in] BnCtx Big number context to free. +**/ +VOID +EFIAPI +BigNumContextFree ( + IN VOID *BnCtx + ) +{ + CALL_VOID_CRYPTO_SERVICE (BigNumContextFree, (BnCtx)); +} + +/** + Set Big Number to a given value. + + @param[in] Bn Big number to set. + @param[in] Val Value to set. +**/ +EFI_STATUS +EFIAPI +BigNumSetUint ( + IN VOID *Bn, + IN UINTN Val + ) +{ + CALL_CRYPTO_SERVICE (BigNumSetUint, (Bn, Val), EFI_UNSUPPORTED); +} + +/** + Add two Big Numbers modulo BnM. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA + BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAddMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), EFI_UNSUPPORT= ED); +} diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protoc= ol/Crypto.h index e378a8a8c60e..1be21b7ff690 100644 --- a/CryptoPkg/Private/Protocol/Crypto.h +++ b/CryptoPkg/Private/Protocol/Crypto.h @@ -3457,6 +3457,412 @@ BOOLEAN IN UINT16 SaltLen ); =20 +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +// Big Number Primitive +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + Allocate new Big Number. + + @retval New BigNum opaque structure or NULL on failure. +**/ +typedef +VOID * +(EFIAPI *EDKII_CRYPTO_BIGNUM_INIT)( + VOID + ); + +/** + Allocate new Big Number and assign the provided value to it. + + @param[in] Buf Big endian encoded buffer. + @param[in] Len Buffer length. + + @retval New EDKII_CRYPTO_BIGNUM_ opaque structure or NULL on failure. +**/ +typedef +VOID * +(EFIAPI *EDKII_CRYPTO_BIGNUM_FROM_BIN)( + IN CONST UINT8 *Buf, + IN UINTN Len + ); + +/** + Convert the absolute value of Bn into big-endian form and store it at Bu= f. + The Buf array should have at least EDKII_CRYPTO_BIGNUM_Bytes() in it. + + @param[in] Bn Big number to convert. + @param[out] Buf Output buffer. + + @retval The length of the big-endian number placed at Buf or -1 on error. +**/ +typedef +INTN +(EFIAPI *EDKII_CRYPTO_BIGNUM_TO_BIN)( + IN VOID *Bn, + OUT UINT8 *Buf + ); + +/** + Free the Big Number. + + @param[in] Bn Big number to free. + @param[in] Clear TRUE if the buffer should be cleared. +**/ +typedef +VOID +(EFIAPI *EDKII_CRYPTO_BIGNUM_FREE)( + IN VOID *Bn, + IN BOOLEAN Clear + ); + +/** + Calculate the sum of two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA + BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_ADD)( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ); + +/** + Subtract two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA - BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_SUB)( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ); + +/** + Calculate remainder: BnRes =3D BnA % BnB. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA % BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_MOD)( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ); + +/** + Compute BnA to the BnP-th power modulo BnM. + + @param[in] BnA Big number. + @param[in] BnP Big number (power). + @param[in] BnM Big number (modulo). + @param[out] BnRes The result of BnA ^ BnP % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_EXP_MOD)( + IN VOID *BnA, + IN VOID *BnP, + IN VOID *BnM, + OUT VOID *BnRes + ); + +/** + Compute BnA inverse modulo BnM. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnRes) % BnM =3D=3D 1. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_INVERSE_MOD)( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ); + +/** + Divide two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that BnA / BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_DIV)( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ); + +/** + Multiply two Big Numbers modulo BnM. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_MUL_MOD)( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ); + +/** + Compare two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnB Big number. + + @retval 0 BnA =3D=3D BnB. + @retval 1 BnA > BnB. + @retval -1 BnA < BnB. +**/ +typedef +INTN +(EFIAPI *EDKII_CRYPTO_BIGNUM_CMP)( + IN CONST VOID *BnA, + IN CONST VOID *BnB + ); + +/** + Get number of bits in Bn. + + @param[in] Bn Big number. + + @retval Number of bits. +**/ +typedef + +UINTN +(EFIAPI *EDKII_CRYPTO_BIGNUM_BITS)( + IN CONST VOID *Bn + ); + +/** + Get number of bytes in Bn. + + @param[in] Bn Big number. + + @retval Number of bytes. +**/ +typedef +UINTN +(EFIAPI *EDKII_CRYPTO_BIGNUM_BYTES)( + IN CONST VOID *Bn + ); + +/** + Checks if Big Number equals to the given Num. + + @param[in] Bn Big number. + @param[in] Num Number. + + @retval TRUE iff Bn =3D=3D Num. + @retval FALSE otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_BIGNUM_IS_WORD)( + IN CONST VOID *Bn, + IN UINTN Num + ); + +/** + Checks if Big Number is odd. + + @param[in] Bn Big number. + + @retval TRUE Bn is odd (Bn % 2 =3D=3D 1). + @retval FALSE otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_BIGNUM_IS_ODD)( + IN CONST VOID *Bn + ); + +/** + Copy Big number. + + @param[out] BnDst Destination. + @param[in] BnSrc Source. + + @retval BnDst on success. + @retval NULL otherwise. +**/ +typedef +VOID * +(EFIAPI *EDKII_CRYPTO_BIGNUM_COPY)( + OUT VOID *BnDst, + IN CONST VOID *BnSrc + ); + +/** + Get constant Big number with value of "1". + This may be used to save expensive allocations. + + @retval Big Number with value of 1. +**/ +typedef +CONST VOID * +(EFIAPI *EDKII_CRYPTO_BIGNUM_VALUE_ONE)( + VOID + ); + +/** + Shift right Big Number. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_R_SHIFT)( + IN CONST VOID *Bn, + IN UINTN n, + OUT VOID *BnRes + ); + +/** + Mark Big Number for constant time computations. + This function should be called before any constant time computations are + performed on the given Big number. + + @param[in] Bn Big number. +**/ +typedef +VOID +(EFIAPI *EDKII_CRYPTO_BIGNUM_CONSTTIME)( + IN VOID *Bn + ); + +/** + Calculate square modulo. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA ^ 2) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_SQR_MOD)( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ); + +/** + Create new Big Number computation context. This is an opaque structure. + which should be passed to any function that requires it. The BN context = is + needed to optimize calculations and expensive allocations. + + @retval Big Number context struct or NULL on failure. +**/ +typedef +VOID * +(EFIAPI *EDKII_CRYPTO_BIGNUM_NEW_CONTEXT)( + VOID + ); + +/** + Free Big Number context that was allocated with EDKII_CRYPTO_BIGNUM_NewC= ontext(). + + @param[in] BnCtx Big number context to free. +**/ +typedef +VOID +(EFIAPI *EDKII_CRYPTO_BIGNUM_CONTEXT_FREE)( + IN VOID *BnCtx + ); + +/** + Set Big Number to a given value. + + @param[in] Bn Big number to set. + @param[in] Val Value to set. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_SET_UINT)( + IN VOID *Bn, + IN UINTN Val + ); + +/** + Add two Big Numbers modulo BnM. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA + BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_CRYPTO_BIGNUM_ADD_MOD)( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ); + /// /// EDK II Crypto Protocol /// @@ -3641,6 +4047,34 @@ struct _EDKII_CRYPTO_PROTOCOL { EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert; EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey; EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocationL= ist; + + /// Big Number + EDKII_CRYPTO_BIGNUM_INIT BigNumInit; + EDKII_CRYPTO_BIGNUM_FROM_BIN BigNumFromBin; + EDKII_CRYPTO_BIGNUM_TO_BIN BigNumToBin; + EDKII_CRYPTO_BIGNUM_FREE BigNumFree; + EDKII_CRYPTO_BIGNUM_ADD BigNumAdd; + EDKII_CRYPTO_BIGNUM_SUB BigNumSub; + EDKII_CRYPTO_BIGNUM_MOD BigNumMod; + EDKII_CRYPTO_BIGNUM_EXP_MOD BigNumExpMod; + EDKII_CRYPTO_BIGNUM_INVERSE_MOD BigNumInverseMod; + EDKII_CRYPTO_BIGNUM_DIV BigNumDiv; + EDKII_CRYPTO_BIGNUM_MUL_MOD BigNumMulMod; + EDKII_CRYPTO_BIGNUM_CMP BigNumCmp; + EDKII_CRYPTO_BIGNUM_BITS BigNumBits; + EDKII_CRYPTO_BIGNUM_BYTES BigNumBytes; + EDKII_CRYPTO_BIGNUM_IS_WORD BigNumIsWord; + EDKII_CRYPTO_BIGNUM_IS_ODD BigNumIsOdd; + EDKII_CRYPTO_BIGNUM_COPY BigNumCopy; + EDKII_CRYPTO_BIGNUM_VALUE_ONE BigNumValueOne; + EDKII_CRYPTO_BIGNUM_R_SHIFT BigNumRShift; + EDKII_CRYPTO_BIGNUM_CONSTTIME BigNumConsttime; + EDKII_CRYPTO_BIGNUM_SQR_MOD BigNumSqrMod; + EDKII_CRYPTO_BIGNUM_NEW_CONTEXT BigNumNewContext; + EDKII_CRYPTO_BIGNUM_CONTEXT_FREE BigNumContextFree; + EDKII_CRYPTO_BIGNUM_SET_UINT BigNumSetUint; + EDKII_CRYPTO_BIGNUM_ADD_MOD BigNumAddMod; + /// RSA PSS EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign; EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify; --=20 2.33.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#86219): https://edk2.groups.io/g/devel/message/86219 Mute This Topic: https://groups.io/mt/88776238/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Wed May 15 19:04:12 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+86220+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+86220+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1643494203; cv=none; d=zohomail.com; s=zohoarc; b=XT7V3oPepIxxhG2MSvVEPOdmlNBVjOCGAAvxxXWoUxeYkzWWS9UcRx0gB2XHTJ6YjHz2bunjaHmYa0ZpT6XPvqyB6PjVUOqOi4lCOV4RVOBNPLLhqD+WKJczECJAytlsqLAXQcRGo4FANcFUTFOakfSkxycpM7PZ4lBOLa0jGbc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1643494203; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=nz5s2u0QiNJWkHzwd9nh5ePIGyUR0r4RfFlyfQwfYUA=; b=UVjjJ0lHLiY/2oel2EHpuFNHZeEvW/2bFVdc2F4HY18rchPNLXofEdCofNqQ+M7EcMCse5cf2TAQ9PPmj0le/8gCXFOxuS/vMEWRst/nw7R6HIHiIZK5nSWf2OWn2Gk4guE72T8Y1v/nCNgtZMNdBB93MWFsh9ZSKyheIe+4Aag= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+86220+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1643494203794969.0748534546034; Sat, 29 Jan 2022 14:10:03 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id AKfQYY1788612xRJGjCdBS68; Sat, 29 Jan 2022 14:10:03 -0800 X-Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by mx.groups.io with SMTP id smtpd.web12.11933.1643494199187777212 for ; Sat, 29 Jan 2022 14:10:02 -0800 X-IronPort-AV: E=McAfee;i="6200,9189,10242"; a="271764578" X-IronPort-AV: E=Sophos;i="5.88,327,1635231600"; d="scan'208";a="271764578" X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jan 2022 14:10:02 -0800 X-IronPort-AV: E=Sophos;i="5.88,327,1635231600"; d="scan'208";a="675399649" X-Received: from shwdejointd178.ccr.corp.intel.com ([10.239.153.78]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jan 2022 14:10:00 -0800 From: "yi1 li" To: devel@edk2.groups.io Cc: yi1 li , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH 2/2] CryptoPkg: Add BigNum NullLib Date: Sun, 30 Jan 2022 06:09:16 +0800 Message-Id: In-Reply-To: References: MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,yi1.li@intel.com X-Gm-Message-State: mPIeqAXprtsoWOVy1Wc2EKGXx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1643494203; bh=cWy5gIOvmR79V3Y/aOnHcYBiNLb+3/q5BXxGpdw8KIg=; h=Cc:Date:From:Reply-To:Subject:To; b=xFHjHwIdf5RXnqIeQjzomDoocL+Ernj3A2JmRuAQ03l5W3kARAhSCL7KAf3bToSVNui xINczBUyb+govdgV5LrW4+V2wAdE3nmRydeGT9vBnbCce42z/BscGwI9Wz8JcQCFIQEZ8 H1oNxibxn+EWGSOCPw5lItXBSOu6MhU6bPc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1643494205775100005 Content-Type: text/plain; charset="utf-8" This patch is used to add CryptBnNull library, which is used to optimize code size. Signed-off-by: yi1 li Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- .../Library/BaseCryptLib/Bn/CryptBnNull.c | 525 ++++++++++++++++++ .../Library/BaseCryptLib/PeiCryptLib.inf | 2 +- .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +- .../BaseCryptLibNull/BaseCryptLibNull.inf | 1 + .../Library/BaseCryptLibNull/Bn/CryptBnNull.c | 525 ++++++++++++++++++ 5 files changed, 1053 insertions(+), 2 deletions(-) create mode 100644 CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c diff --git a/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c b/CryptoPkg/Li= brary/BaseCryptLib/Bn/CryptBnNull.c new file mode 100644 index 000000000000..9f220ba41058 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Bn/CryptBnNull.c @@ -0,0 +1,525 @@ +/** @file + Big number API implementation based on OpenSSL + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include + +/** + Allocate new Big Number. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumInit ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Allocate new Big Number and assign the provided value to it. + + @param[in] Buf Big endian encoded buffer. + @param[in] Len Buffer length. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumFromBin ( + IN CONST UINT8 *Buf, + IN UINTN Len + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Convert the absolute value of Bn into big-endian form and store it at Bu= f. + The Buf array should have at least BigNumBytes() in it. + + @param[in] Bn Big number to convert. + @param[out] Buf Output buffer. + + @retval The length of the big-endian number placed at Buf or -1 on error. +**/ +INTN +EFIAPI +BigNumToBin ( + IN VOID *Bn, + OUT UINT8 *Buf + ) +{ + ASSERT (FALSE); + return -1; +} + +/** + Free the Big Number. + + @param[in] Bn Big number to free. + @param[in] Clear TRUE if the buffer should be cleared. +**/ +VOID +EFIAPI +BigNumFree ( + IN VOID *Bn, + IN BOOLEAN Clear + ) +{ + ASSERT (FALSE); +} + +/** + Calculate the sum of two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA + BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAdd ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Subtract two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA - BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSub ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Calculate remainder: BnRes =3D BnA % BnB. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA % BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Compute BnA to the BnP-th power modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed. + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnP Big number (power). + @param[in] BnM Big number (modulo). + @param[out] BnRes The result of (BnA ^ BnP) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumExpMod ( + IN VOID *BnA, + IN VOID *BnP, + IN VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Compute BnA inverse modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnRes) % BnM =3D=3D 1. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumInverseMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Divide two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that BnA / BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumDiv ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Multiply two Big Numbers modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMulMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Compare two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnB Big number. + + @retval 0 BnA =3D=3D BnB. + @retval 1 BnA > BnB. + @retval -1 BnA < BnB. +**/ +INTN +EFIAPI +BigNumCmp ( + IN CONST VOID *BnA, + IN CONST VOID *BnB + ) +{ + ASSERT (FALSE); + return 0; +} + +/** + Get number of bits in Bn. + + @param[in] Bn Big number. + + @retval Number of bits. +**/ +UINTN +EFIAPI +BigNumBits ( + IN CONST VOID *Bn + ) +{ + ASSERT (FALSE); + return 0; +} + +/** + Get number of bytes in Bn. + + @param[in] Bn Big number. + + @retval Number of bytes. +**/ +UINTN +EFIAPI +BigNumBytes ( + IN CONST VOID *Bn + ) +{ + ASSERT (FALSE); + return 0; +} + +/** + Checks if Big Number equals to the given Num. + + @param[in] Bn Big number. + @param[in] Num Number. + + @retval TRUE iff Bn =3D=3D Num. + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsWord ( + IN CONST VOID *Bn, + IN UINTN Num + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Checks if Big Number is odd. + + @param[in] Bn Big number. + + @retval TRUE Bn is odd (Bn % 2 =3D=3D 1). + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsOdd ( + IN CONST VOID *Bn + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Copy Big number. + + @param[out] BnDst Destination. + @param[in] BnSrc Source. + + @retval BnDst on success. + @retval NULL otherwise. +**/ +VOID * +EFIAPI +BigNumCopy ( + OUT VOID *BnDst, + IN CONST VOID *BnSrc + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Get constant Big number with value of "1". + This may be used to save expensive allocations. + + @retval Big Number with value of 1. +**/ +CONST VOID * +EFIAPI +BigNumValueOne ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Shift right Big Number. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] Bn Big number. + @param[in] n Number of bits to shift. + @param[out] BnRes The result. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumRShift ( + IN CONST VOID *Bn, + IN UINTN n, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Mark Big Number for constant time computations. + This function should be called before any constant time computations are + performed on the given Big number. + + @param[in] Bn Big number. +**/ +VOID +EFIAPI +BigNumConsttime ( + IN VOID *Bn + ) +{ + ASSERT (FALSE); +} + +/** + Calculate square modulo. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA ^ 2) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSqrMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Create new Big Number computation context. This is an opaque structure + which should be passed to any function that requires it. The BN context = is + needed to optimize calculations and expensive allocations. + + @retval Big Number context struct or NULL on failure. +**/ +VOID * +EFIAPI +BigNumNewContext ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Free Big Number context that was allocated with BigNumNewContext(). + + @param[in] BnCtx Big number context to free. +**/ +VOID +EFIAPI +BigNumContextFree ( + IN VOID *BnCtx + ) +{ + ASSERT (FALSE); +} + +/** + Set Big Number to a given value. + + @param[in] Bn Big number to set. + @param[in] Val Value to set. +**/ +EFI_STATUS +EFIAPI +BigNumSetUint ( + IN VOID *Bn, + IN UINTN Val + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Add two Big Numbers modulo BnM. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA + BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAddMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/PeiCryptLib.inf index 75d87afbdc03..d080e665c218 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -59,7 +59,7 @@ Pk/CryptRsaPssSignNull.c Pem/CryptPemNull.c Rand/CryptRandNull.c - Bn/CryptBn.c + Bn/CryptBnNull.c =20 SysCall/CrtWrapper.c SysCall/ConstantTimeClock.c diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SmmCryptLib.inf index 420cef88efb1..8a3fec9b076c 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -56,7 +56,7 @@ Pk/CryptRsaPss.c Pk/CryptRsaPssSignNull.c Pem/CryptPem.c - Bn/CryptBn.c + Bn/CryptBnNull.c SysCall/CrtWrapper.c SysCall/ConstantTimeClock.c SysCall/BaseMemAllocation.c diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/Cryp= toPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf index faf959827b90..1fb4d5c54d4f 100644 --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf @@ -52,6 +52,7 @@ Rand/CryptRandNull.c Pk/CryptRsaPssNull.c Pk/CryptRsaPssSignNull.c + Bn/CryptBnNull.c =20 [Packages] MdePkg/MdePkg.dec diff --git a/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c b/CryptoPk= g/Library/BaseCryptLibNull/Bn/CryptBnNull.c new file mode 100644 index 000000000000..9f220ba41058 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibNull/Bn/CryptBnNull.c @@ -0,0 +1,525 @@ +/** @file + Big number API implementation based on OpenSSL + + Copyright (c) 2022, Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include + +/** + Allocate new Big Number. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumInit ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Allocate new Big Number and assign the provided value to it. + + @param[in] Buf Big endian encoded buffer. + @param[in] Len Buffer length. + + @retval New BigNum opaque structure or NULL on failure. +**/ +VOID * +EFIAPI +BigNumFromBin ( + IN CONST UINT8 *Buf, + IN UINTN Len + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Convert the absolute value of Bn into big-endian form and store it at Bu= f. + The Buf array should have at least BigNumBytes() in it. + + @param[in] Bn Big number to convert. + @param[out] Buf Output buffer. + + @retval The length of the big-endian number placed at Buf or -1 on error. +**/ +INTN +EFIAPI +BigNumToBin ( + IN VOID *Bn, + OUT UINT8 *Buf + ) +{ + ASSERT (FALSE); + return -1; +} + +/** + Free the Big Number. + + @param[in] Bn Big number to free. + @param[in] Clear TRUE if the buffer should be cleared. +**/ +VOID +EFIAPI +BigNumFree ( + IN VOID *Bn, + IN BOOLEAN Clear + ) +{ + ASSERT (FALSE); +} + +/** + Calculate the sum of two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA + BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAdd ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Subtract two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA - BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSub ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Calculate remainder: BnRes =3D BnA % BnB. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[out] BnRes The result of BnA % BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Compute BnA to the BnP-th power modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed. + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnP Big number (power). + @param[in] BnM Big number (modulo). + @param[out] BnRes The result of (BnA ^ BnP) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumExpMod ( + IN VOID *BnA, + IN VOID *BnP, + IN VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Compute BnA inverse modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnRes) % BnM =3D=3D 1. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumInverseMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Divide two Big Numbers. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that BnA / BnB. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumDiv ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Multiply two Big Numbers modulo BnM. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA * BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumMulMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Compare two Big Numbers. + + @param[in] BnA Big number. + @param[in] BnB Big number. + + @retval 0 BnA =3D=3D BnB. + @retval 1 BnA > BnB. + @retval -1 BnA < BnB. +**/ +INTN +EFIAPI +BigNumCmp ( + IN CONST VOID *BnA, + IN CONST VOID *BnB + ) +{ + ASSERT (FALSE); + return 0; +} + +/** + Get number of bits in Bn. + + @param[in] Bn Big number. + + @retval Number of bits. +**/ +UINTN +EFIAPI +BigNumBits ( + IN CONST VOID *Bn + ) +{ + ASSERT (FALSE); + return 0; +} + +/** + Get number of bytes in Bn. + + @param[in] Bn Big number. + + @retval Number of bytes. +**/ +UINTN +EFIAPI +BigNumBytes ( + IN CONST VOID *Bn + ) +{ + ASSERT (FALSE); + return 0; +} + +/** + Checks if Big Number equals to the given Num. + + @param[in] Bn Big number. + @param[in] Num Number. + + @retval TRUE iff Bn =3D=3D Num. + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsWord ( + IN CONST VOID *Bn, + IN UINTN Num + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Checks if Big Number is odd. + + @param[in] Bn Big number. + + @retval TRUE Bn is odd (Bn % 2 =3D=3D 1). + @retval FALSE otherwise. +**/ +BOOLEAN +EFIAPI +BigNumIsOdd ( + IN CONST VOID *Bn + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Copy Big number. + + @param[out] BnDst Destination. + @param[in] BnSrc Source. + + @retval BnDst on success. + @retval NULL otherwise. +**/ +VOID * +EFIAPI +BigNumCopy ( + OUT VOID *BnDst, + IN CONST VOID *BnSrc + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Get constant Big number with value of "1". + This may be used to save expensive allocations. + + @retval Big Number with value of 1. +**/ +CONST VOID * +EFIAPI +BigNumValueOne ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Shift right Big Number. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] Bn Big number. + @param[in] n Number of bits to shift. + @param[out] BnRes The result. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumRShift ( + IN CONST VOID *Bn, + IN UINTN n, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Mark Big Number for constant time computations. + This function should be called before any constant time computations are + performed on the given Big number. + + @param[in] Bn Big number. +**/ +VOID +EFIAPI +BigNumConsttime ( + IN VOID *Bn + ) +{ + ASSERT (FALSE); +} + +/** + Calculate square modulo. + Please note, all "out" Big number arguments should be properly initializ= ed + by calling to BigNumInit() or BigNumFromBin() functions. + + @param[in] BnA Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA ^ 2) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumSqrMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Create new Big Number computation context. This is an opaque structure + which should be passed to any function that requires it. The BN context = is + needed to optimize calculations and expensive allocations. + + @retval Big Number context struct or NULL on failure. +**/ +VOID * +EFIAPI +BigNumNewContext ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Free Big Number context that was allocated with BigNumNewContext(). + + @param[in] BnCtx Big number context to free. +**/ +VOID +EFIAPI +BigNumContextFree ( + IN VOID *BnCtx + ) +{ + ASSERT (FALSE); +} + +/** + Set Big Number to a given value. + + @param[in] Bn Big number to set. + @param[in] Val Value to set. +**/ +EFI_STATUS +EFIAPI +BigNumSetUint ( + IN VOID *Bn, + IN UINTN Val + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} + +/** + Add two Big Numbers modulo BnM. + + @param[in] BnA Big number. + @param[in] BnB Big number. + @param[in] BnM Big number (modulo). + @param[out] BnRes The result, such that (BnA + BnB) % BnM. + + @retval EFI_SUCCESS On success. + @retval EFI_OUT_OF_RESOURCES In case of internal allocation failures. + @retval EFI_PROTOCOL_ERROR Otherwise. +**/ +EFI_STATUS +EFIAPI +BigNumAddMod ( + IN CONST VOID *BnA, + IN CONST VOID *BnB, + IN CONST VOID *BnM, + OUT VOID *BnRes + ) +{ + ASSERT (FALSE); + return EFI_UNSUPPORTED; +} --=20 2.33.0.windows.2 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#86220): https://edk2.groups.io/g/devel/message/86220 Mute This Topic: https://groups.io/mt/88776239/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-