From nobody Tue Feb 10 10:59:19 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+59633+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+59633+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1589517615; cv=none; d=zohomail.com; s=zohoarc; b=Bf5n15vFoOPRQjEcFpl2pUvEhJlQ47nqZyN8PRVQMuApgCnwlNzznD3g8N3mcgAFzlecoleggwd5XnEZl5gjvfmhzynygIcghbXY+UWao81QzM5ZStfTiXpqPgiSrwHDEiDO6nRcDP6mVSqzyohe0igB0juez/ucrLURXZAjV4U= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1589517615; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=YmgMQmTdF3qzItu09K6akr6NuY066LanIB5yBuqlRAI=; b=g0rPv7wzNw3IKi9llNoFDXZCNCPkbj6WwNKEzdL/ZxvUIyedquWneDNbKfG0J0JaZiafU7jifHmkL7yhWQOIieg2Dk27ufl/bsnV9NxdTaOPAdQr14HR6p4F+pplv8RCBw1F9LPEtVvoAqioUQhVt01v7DEftTo+SU6jcajELoA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+59633+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1589517615910156.44236700022623; Thu, 14 May 2020 21:40:15 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id vJBMYY1788612x1LRCsz4M3i; Thu, 14 May 2020 21:40:15 -0700 X-Received: from mga18.intel.com (mga18.intel.com []) by mx.groups.io with SMTP id smtpd.web12.7588.1589517603632873743 for ; Thu, 14 May 2020 21:40:12 -0700 IronPort-SDR: i7a22qjpY+0lr3lQPmlWBqv8SL9d56FOObwxqGdBtGpSwFJZAE6N6lKR2FXHWQwwEZsVaI3WGH SA4agU2Zcw4A== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 May 2020 21:40:11 -0700 IronPort-SDR: Crll8DRgN0NJ7YxhPUm+7yxPIER8V/CZrepaCmoOLkZ8Sk2MHJod7apbbBFYeIKnOyeA5Etkk+ XhT9HIVc0sQQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,394,1583222400"; d="scan'208";a="307317470" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.114]) by FMSMGA003.fm.intel.com with ESMTP; 14 May 2020 21:40:08 -0700 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jian J Wang , Xiaoyu Lu , Siyuan Fu , Michael D Kinney , Jiewen Yao , Philippe Mathieu-Daude Subject: [edk2-devel] [PATCH V6 04/13] CryptoPkg/BaseCryptLib: Retire ARC4 algorithm Date: Fri, 15 May 2020 12:39:39 +0800 Message-Id: <20200515043948.15028-5-zhichao.gao@intel.com> In-Reply-To: <20200515043948.15028-1-zhichao.gao@intel.com> References: <20200515043948.15028-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: xXvN5Qx31a0ZLLLzLF50VcE1x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1589517615; bh=NUO2yRQ0/xiAHGkvDa6IKhM8dxcoyhlWvNK5KIQjOyo=; h=Cc:Date:From:Reply-To:Subject:To; b=OFluuED/dLrZYwuh8SpLN/ogS2/1PBeErzqPiApCMGol6cYswk0ket1rX+d03qYc7Uu mjyrkPgezMttc+fn4QxFTN0gsj0rqpPtt+bB8VHHN/nH1v5qLsB6Srx2DTkRmIU2ckmwY NEavDUcvvKCRV5Q1r8tOm6qMk/XjEretkgg= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1898 ARC4 is not secure any longer. Remove the ARC4 support from edk2. Change the ARC4 field name in EDKII_CRYPTO_PROTOCOL to indicate the function is unsupported any longer. Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Siyuan Fu Cc: Michael D Kinney Cc: Jiewen Yao Cc: Philippe Mathieu-Daude Reviewed-by: Jian J Wang Signed-off-by: Zhichao Gao --- CryptoPkg/Driver/Crypto.c | 95 +++----- CryptoPkg/Include/Library/BaseCryptLib.h | 132 ----------- .../Library/BaseCryptLib/BaseCryptLib.inf | 1 - .../Library/BaseCryptLib/Cipher/CryptArc4.c | 205 ------------------ .../BaseCryptLib/Cipher/CryptArc4Null.c | 124 ----------- .../Library/BaseCryptLib/PeiCryptLib.inf | 3 +- .../Library/BaseCryptLib/PeiCryptLib.uni | 4 +- .../Library/BaseCryptLib/RuntimeCryptLib.inf | 3 +- .../Library/BaseCryptLib/RuntimeCryptLib.uni | 4 +- .../Library/BaseCryptLib/SmmCryptLib.inf | 3 +- .../Library/BaseCryptLib/SmmCryptLib.uni | 4 +- .../BaseCryptLibNull/BaseCryptLibNull.inf | 1 - .../BaseCryptLibNull/Cipher/CryptArc4Null.c | 124 ----------- .../BaseCryptLibOnProtocolPpi/CryptLib.c | 147 ------------- CryptoPkg/Private/Protocol/Crypto.h | 115 ++-------- 15 files changed, 48 insertions(+), 917 deletions(-) delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c delete mode 100644 CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null= .c diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c index 53ee0edea5..af61482919 100644 --- a/CryptoPkg/Driver/Crypto.c +++ b/CryptoPkg/Driver/Crypto.c @@ -2037,150 +2037,107 @@ CryptoServiceAesCbcDecrypt ( } =20 /** - Retrieves the size, in bytes, of the context buffer required for ARC4 op= erations. - - If this interface is not supported, then return zero. + ARC4 is deprecated and unsupported any longer. + Keep the function field for binary compability. =20 - @return The size, in bytes, of the context buffer required for ARC4 ope= rations. @retval 0 This interface is not supported. =20 **/ UINTN EFIAPI -CryptoServiceArc4GetContextSize ( +DeprecatedCryptoServiceArc4GetContextSize ( VOID ) { - return CALL_BASECRYPTLIB (Arc4.Services.GetContextSize, Arc4GetContextSi= ze, (), 0); + return BaseCryptLibServiceDeprecated ("Arc4GetContextSize"), 0; } =20 /** - Initializes user-supplied memory as ARC4 context for subsequent use. - - This function initializes user-supplied memory pointed by Arc4Context as= ARC4 context. - In addition, it sets up all ARC4 key materials for subsequent encryption= and decryption - operations. - - If Arc4Context is NULL, then return FALSE. - If Key is NULL, then return FALSE. - If KeySize does not in the range of [5, 256] bytes, then return FALSE. - If this interface is not supported, then return FALSE. + ARC4 is deprecated and unsupported any longer. + Keep the function field for binary compability. =20 @param[out] Arc4Context Pointer to ARC4 context being initialized. @param[in] Key Pointer to the user-supplied ARC4 key. @param[in] KeySize Size of ARC4 key in bytes. =20 - @retval TRUE ARC4 context initialization succeeded. - @retval FALSE ARC4 context initialization failed. @retval FALSE This interface is not supported. =20 **/ BOOLEAN EFIAPI -CryptoServiceArc4Init ( +DeprecatedCryptoServiceArc4Init ( OUT VOID *Arc4Context, IN CONST UINT8 *Key, IN UINTN KeySize ) { - return CALL_BASECRYPTLIB (Arc4.Services.Init, Arc4Init, (Arc4Context, Ke= y, KeySize), FALSE); + return BaseCryptLibServiceDeprecated ("Arc4Init"), FALSE; } =20 /** - Performs ARC4 encryption on a data buffer of the specified size. - - This function performs ARC4 encryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - If this interface is not supported, then return FALSE. + ARC4 is deprecated and unsupported any longer. + Keep the function field for binary compability. =20 @param[in, out] Arc4Context Pointer to the ARC4 context. @param[in] Input Pointer to the buffer containing the data = to be encrypted. @param[in] InputSize Size of the Input buffer in bytes. @param[out] Output Pointer to a buffer that receives the ARC4= encryption output. =20 - @retval TRUE ARC4 encryption succeeded. - @retval FALSE ARC4 encryption failed. @retval FALSE This interface is not supported. =20 **/ BOOLEAN EFIAPI -CryptoServiceArc4Encrypt ( +DeprecatedCryptoServiceArc4Encrypt ( IN OUT VOID *Arc4Context, IN CONST UINT8 *Input, IN UINTN InputSize, OUT UINT8 *Output ) { - return CALL_BASECRYPTLIB (Arc4.Services.Encrypt, Arc4Encrypt, (Arc4Conte= xt, Input, InputSize, Output), FALSE); + return BaseCryptLibServiceDeprecated ("Arc4Encrypt"), FALSE; } =20 /** - Performs ARC4 decryption on a data buffer of the specified size. - - This function performs ARC4 decryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - If this interface is not supported, then return FALSE. + ARC4 is deprecated and unsupported any longer. + Keep the function field for binary compability. =20 @param[in, out] Arc4Context Pointer to the ARC4 context. @param[in] Input Pointer to the buffer containing the data = to be decrypted. @param[in] InputSize Size of the Input buffer in bytes. @param[out] Output Pointer to a buffer that receives the ARC4= decryption output. =20 - @retval TRUE ARC4 decryption succeeded. - @retval FALSE ARC4 decryption failed. @retval FALSE This interface is not supported. =20 **/ BOOLEAN EFIAPI -CryptoServiceArc4Decrypt ( +DeprecatedCryptoServiceArc4Decrypt ( IN OUT VOID *Arc4Context, IN UINT8 *Input, IN UINTN InputSize, OUT UINT8 *Output ) { - return CALL_BASECRYPTLIB (Arc4.Services.Decrypt, Arc4Decrypt, (Arc4Conte= xt, Input, InputSize, Output), FALSE); + return BaseCryptLibServiceDeprecated ("Arc4Decrypt"), FALSE; } =20 /** - Resets the ARC4 context to the initial state. - - The function resets the ARC4 context to the state it had immediately aft= er the - ARC4Init() function call. - Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but= ARC4 context - should be already correctly initialized by ARC4Init(). - - If Arc4Context is NULL, then return FALSE. - If this interface is not supported, then return FALSE. + ARC4 is deprecated and unsupported any longer. + Keep the function field for binary compability. =20 @param[in, out] Arc4Context Pointer to the ARC4 context. =20 - @retval TRUE ARC4 reset succeeded. - @retval FALSE ARC4 reset failed. @retval FALSE This interface is not supported. =20 **/ BOOLEAN EFIAPI -CryptoServiceArc4Reset ( +DeprecatedCryptoServiceArc4Reset ( IN OUT VOID *Arc4Context ) { - return CALL_BASECRYPTLIB (Arc4.Services.Reset, Arc4Reset, (Arc4Context),= FALSE); + return BaseCryptLibServiceDeprecated ("Arc4Reset"), FALSE; } =20 //=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D @@ -4502,12 +4459,12 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =3D { CryptoServiceAesEcbDecrypt, CryptoServiceAesCbcEncrypt, CryptoServiceAesCbcDecrypt, - /// Arc4 - CryptoServiceArc4GetContextSize, - CryptoServiceArc4Init, - CryptoServiceArc4Encrypt, - CryptoServiceArc4Decrypt, - CryptoServiceArc4Reset, + /// Arc4 - deprecated and unsupported + DeprecatedCryptoServiceArc4GetContextSize, + DeprecatedCryptoServiceArc4Init, + DeprecatedCryptoServiceArc4Encrypt, + DeprecatedCryptoServiceArc4Decrypt, + DeprecatedCryptoServiceArc4Reset, /// SM3 CryptoServiceSm3GetContextSize, CryptoServiceSm3Init, diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/L= ibrary/BaseCryptLib.h index c862f0334f..25e236c4a3 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -1667,138 +1667,6 @@ AesCbcDecrypt ( OUT UINT8 *Output ); =20 -/** - Retrieves the size, in bytes, of the context buffer required for ARC4 op= erations. - - If this interface is not supported, then return zero. - - @return The size, in bytes, of the context buffer required for ARC4 ope= rations. - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -Arc4GetContextSize ( - VOID - ); - -/** - Initializes user-supplied memory as ARC4 context for subsequent use. - - This function initializes user-supplied memory pointed by Arc4Context as= ARC4 context. - In addition, it sets up all ARC4 key materials for subsequent encryption= and decryption - operations. - - If Arc4Context is NULL, then return FALSE. - If Key is NULL, then return FALSE. - If KeySize does not in the range of [5, 256] bytes, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[out] Arc4Context Pointer to ARC4 context being initialized. - @param[in] Key Pointer to the user-supplied ARC4 key. - @param[in] KeySize Size of ARC4 key in bytes. - - @retval TRUE ARC4 context initialization succeeded. - @retval FALSE ARC4 context initialization failed. - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Init ( - OUT VOID *Arc4Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ); - -/** - Performs ARC4 encryption on a data buffer of the specified size. - - This function performs ARC4 encryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be encrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= encryption output. - - @retval TRUE ARC4 encryption succeeded. - @retval FALSE ARC4 encryption failed. - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Encrypt ( - IN OUT VOID *Arc4Context, - IN CONST UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ); - -/** - Performs ARC4 decryption on a data buffer of the specified size. - - This function performs ARC4 decryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be decrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= decryption output. - - @retval TRUE ARC4 decryption succeeded. - @retval FALSE ARC4 decryption failed. - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Decrypt ( - IN OUT VOID *Arc4Context, - IN UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ); - -/** - Resets the ARC4 context to the initial state. - - The function resets the ARC4 context to the state it had immediately aft= er the - ARC4Init() function call. - Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but= ARC4 context - should be already correctly initialized by ARC4Init(). - - If Arc4Context is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - - @retval TRUE ARC4 reset succeeded. - @retval FALSE ARC4 reset failed. - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Reset ( - IN OUT VOID *Arc4Context - ); - //=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Asymmetric Cryptography Primitive //=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Li= brary/BaseCryptLib/BaseCryptLib.inf index 22992e7d43..da38ea552f 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -40,7 +40,6 @@ Kdf/CryptHkdf.c Cipher/CryptAes.c Cipher/CryptTdes.c - Cipher/CryptArc4.c Pk/CryptRsaBasic.c Pk/CryptRsaExt.c Pk/CryptPkcs1Oaep.c diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c b/CryptoPkg/= Library/BaseCryptLib/Cipher/CryptArc4.c deleted file mode 100644 index 388d312bed..0000000000 --- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c +++ /dev/null @@ -1,205 +0,0 @@ -/** @file - ARC4 Wrapper Implementation over OpenSSL. - -Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "InternalCryptLib.h" -#include - -/** - Retrieves the size, in bytes, of the context buffer required for ARC4 op= erations. - - @return The size, in bytes, of the context buffer required for ARC4 ope= rations. - -**/ -UINTN -EFIAPI -Arc4GetContextSize ( - VOID - ) -{ - // - // Memory for 2 copies of RC4_KEY is allocated, one for working copy, an= d the other - // for backup copy. When Arc4Reset() is called, we can use the backup co= py to restore - // the working copy to the initial state. - // - return (UINTN) (2 * sizeof (RC4_KEY)); -} - -/** - Initializes user-supplied memory as ARC4 context for subsequent use. - - This function initializes user-supplied memory pointed by Arc4Context as= ARC4 context. - In addition, it sets up all ARC4 key materials for subsequent encryption= and decryption - operations. - - If Arc4Context is NULL, then return FALSE. - If Key is NULL, then return FALSE. - If KeySize does not in the range of [5, 256] bytes, then return FALSE. - - @param[out] Arc4Context Pointer to ARC4 context being initialized. - @param[in] Key Pointer to the user-supplied ARC4 key. - @param[in] KeySize Size of ARC4 key in bytes. - - @retval TRUE ARC4 context initialization succeeded. - @retval FALSE ARC4 context initialization failed. - -**/ -BOOLEAN -EFIAPI -Arc4Init ( - OUT VOID *Arc4Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - RC4_KEY *Rc4Key; - - // - // Check input parameters. - // - if (Arc4Context =3D=3D NULL || Key =3D=3D NULL || (KeySize < 5 || KeySiz= e > 256)) { - return FALSE; - } - - Rc4Key =3D (RC4_KEY *) Arc4Context; - - RC4_set_key (Rc4Key, (UINT32) KeySize, Key); - - CopyMem (Rc4Key + 1, Rc4Key, sizeof (RC4_KEY)); - - return TRUE; -} - -/** - Performs ARC4 encryption on a data buffer of the specified size. - - This function performs ARC4 encryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be encrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= encryption output. - - @retval TRUE ARC4 encryption succeeded. - @retval FALSE ARC4 encryption failed. - -**/ -BOOLEAN -EFIAPI -Arc4Encrypt ( - IN OUT VOID *Arc4Context, - IN CONST UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ) -{ - RC4_KEY *Rc4Key; - - // - // Check input parameters. - // - if (Arc4Context =3D=3D NULL || Input =3D=3D NULL || Output =3D=3D NULL |= | InputSize > INT_MAX) { - return FALSE; - } - - Rc4Key =3D (RC4_KEY *) Arc4Context; - - RC4 (Rc4Key, (UINT32) InputSize, Input, Output); - - return TRUE; -} - -/** - Performs ARC4 decryption on a data buffer of the specified size. - - This function performs ARC4 decryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be decrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= decryption output. - - @retval TRUE ARC4 decryption succeeded. - @retval FALSE ARC4 decryption failed. - -**/ -BOOLEAN -EFIAPI -Arc4Decrypt ( - IN OUT VOID *Arc4Context, - IN UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ) -{ - RC4_KEY *Rc4Key; - - // - // Check input parameters. - // - if (Arc4Context =3D=3D NULL || Input =3D=3D NULL || Output =3D=3D NULL |= | InputSize > INT_MAX) { - return FALSE; - } - - Rc4Key =3D (RC4_KEY *) Arc4Context; - - RC4 (Rc4Key, (UINT32) InputSize, Input, Output); - - return TRUE; -} - -/** - Resets the ARC4 context to the initial state. - - The function resets the ARC4 context to the state it had immediately aft= er the - ARC4Init() function call. - Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but= ARC4 context - should be already correctly initialized by ARC4Init(). - - If Arc4Context is NULL, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - - @retval TRUE ARC4 reset succeeded. - @retval FALSE ARC4 reset failed. - -**/ -BOOLEAN -EFIAPI -Arc4Reset ( - IN OUT VOID *Arc4Context - ) -{ - RC4_KEY *Rc4Key; - - // - // Check input parameters. - // - if (Arc4Context =3D=3D NULL) { - return FALSE; - } - - Rc4Key =3D (RC4_KEY *) Arc4Context; - - CopyMem (Rc4Key, Rc4Key + 1, sizeof (RC4_KEY)); - - return TRUE; -} diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c b/Crypto= Pkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c deleted file mode 100644 index 1f09bfa30e..0000000000 --- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c +++ /dev/null @@ -1,124 +0,0 @@ -/** @file - ARC4 Wrapper Implementation which does not provide real capabilities. - -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "InternalCryptLib.h" - -/** - Retrieves the size, in bytes, of the context buffer required for ARC4 op= erations. - - Return zero to indicate this interface is not supported. - - @retval 0 This interface is not supported. - - -**/ -UINTN -EFIAPI -Arc4GetContextSize ( - VOID - ) -{ - ASSERT (FALSE); - return 0; -} - -/** - Initializes user-supplied memory as ARC4 context for subsequent use. - - Return FALSE to indicate this interface is not supported. - - @param[out] Arc4Context Pointer to ARC4 context being initialized. - @param[in] Key Pointer to the user-supplied ARC4 key. - @param[in] KeySize Size of ARC4 key in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Init ( - OUT VOID *Arc4Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Performs ARC4 encryption on a data buffer of the specified size. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be encrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= encryption output. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Encrypt ( - IN OUT VOID *Arc4Context, - IN CONST UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Performs ARC4 decryption on a data buffer of the specified size. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be decrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= decryption output. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Decrypt ( - IN OUT VOID *Arc4Context, - IN UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Resets the ARC4 context to the initial state. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Reset ( - IN OUT VOID *Arc4Context - ) -{ - ASSERT (FALSE); - return FALSE; -} diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/PeiCryptLib.inf index e9add0127d..f43953b78c 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -7,7 +7,7 @@ # buffer overflow or integer overflow. # # Note: -# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions= , RSA external +# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA= external # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, = X.509 # certificate handler functions, authenticode signature verification func= tions, # PEM handler functions, and pseudorandom number generator functions are = not @@ -46,7 +46,6 @@ Kdf/CryptHkdfNull.c Cipher/CryptAesNull.c Cipher/CryptTdesNull.c - Cipher/CryptArc4Null.c Pk/CryptRsaBasic.c Pk/CryptRsaExtNull.c Pk/CryptPkcs1OaepNull.c diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni b/CryptoPkg/Lib= rary/BaseCryptLib/PeiCryptLib.uni index 374bfb3f65..5abd8e8dfb 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni @@ -7,7 +7,7 @@ // buffer overflow or integer overflow. // // Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ -// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign fun= ctions, +// TDES functions, RSA external functions, PKCS#7 SignedData sign function= s, // Diffie-Hellman functions, X.509 certificate handler functions, authenti= code // signature verification functions, PEM handler functions, and pseudorand= om number // generator functions are not supported in this instance. @@ -21,5 +21,5 @@ =20 #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Lib= rary Instance for PEIM" =20 -#string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: HMAC= -MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external= functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.5= 09 certificate handler functions, authenticode signature verification funct= ions, PEM handler functions, and pseudorandom number generator functions ar= e not supported in this instance." +#string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: HMAC= -MD5 functions, HMAC-SHA1 functions, AES/ TDES functions, RSA external func= tions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 ce= rtificate handler functions, authenticode signature verification functions,= PEM handler functions, and pseudorandom number generator functions are not= supported in this instance." =20 diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg= /Library/BaseCryptLib/RuntimeCryptLib.inf index 0a2eb03232..f1eb099b67 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -7,7 +7,7 @@ # buffer overflow or integer overflow. # # Note: SHA-384 Digest functions, SHA-512 Digest functions, -# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions= , RSA external +# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA= external # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, = and # authenticode signature verification functions are not supported in this= instance. # @@ -46,7 +46,6 @@ Kdf/CryptHkdfNull.c Cipher/CryptAesNull.c Cipher/CryptTdesNull.c - Cipher/CryptArc4Null.c Pk/CryptRsaBasic.c Pk/CryptRsaExtNull.c Pk/CryptPkcs1OaepNull.c diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni b/CryptoPkg= /Library/BaseCryptLib/RuntimeCryptLib.uni index b6d751176e..5a48d2a308 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni @@ -7,7 +7,7 @@ // buffer overflow or integer overflow. // // Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ -// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign fun= ctions, +// TDES functions, RSA external functions, PKCS#7 SignedData sign function= s, // Diffie-Hellman functions, and authenticode signature verification funct= ions are // not supported in this instance. // @@ -20,5 +20,5 @@ =20 #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Lib= rary Instance for DXE_RUNTIME_DRIVER" =20 -#string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: HMAC= -MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external= functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and= authenticode signature verification functions are not supported in this in= stance." +#string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: HMAC= -MD5 functions, HMAC-SHA1 functions, AES/ TDES functions, RSA external func= tions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and auth= enticode signature verification functions are not supported in this instanc= e." =20 diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SmmCryptLib.inf index 139983075e..3a94655775 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -7,7 +7,7 @@ # buffer overflow or integer overflow. # # Note: SHA-384 Digest functions, SHA-512 Digest functions, -# HMAC-MD5 functions, HMAC-SHA1 functions, TDES/ARC4 functions, RSA exter= nal +# HMAC-MD5 functions, HMAC-SHA1 functions, TDES functions, RSA external # functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, = and # authenticode signature verification functions are not supported in this= instance. # @@ -45,7 +45,6 @@ Kdf/CryptHkdfNull.c Cipher/CryptAes.c Cipher/CryptTdesNull.c - Cipher/CryptArc4Null.c Pk/CryptRsaBasic.c Pk/CryptRsaExtNull.c Pk/CryptPkcs1Oaep.c diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni b/CryptoPkg/Lib= rary/BaseCryptLib/SmmCryptLib.uni index b8d7953d2b..0561f107e8 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni @@ -7,7 +7,7 @@ // buffer overflow or integer overflow. // // Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ -// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign fun= ctions, +// TDES functions, RSA external functions, PKCS#7 SignedData sign function= s, // Diffie-Hellman functions, and authenticode signature verification funct= ions are // not supported in this instance. // @@ -20,5 +20,5 @@ =20 #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Lib= rary Instance for SMM driver" =20 -#string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: HMAC= -MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external= functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and= authenticode signature verification functions are not supported in this in= stance." +#string STR_MODULE_DESCRIPTION #language en-US "Caution: This mod= ule requires additional review when modified. This library will have extern= al input - signature. This external input must be validated carefully to av= oid security issues such as buffer overflow or integer overflow. Note: HMAC= -MD5 functions, HMAC-SHA1 functions, AES/ TDES functions, RSA external func= tions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and auth= enticode signature verification functions are not supported in this instanc= e." =20 diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/Cryp= toPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf index b03681b146..a205c9005d 100644 --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf @@ -40,7 +40,6 @@ Kdf/CryptHkdfNull.c Cipher/CryptAesNull.c Cipher/CryptTdesNull.c - Cipher/CryptArc4Null.c Pk/CryptRsaBasicNull.c Pk/CryptRsaExtNull.c Pk/CryptPkcs1OaepNull.c diff --git a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c b/Cr= yptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c deleted file mode 100644 index 1f09bfa30e..0000000000 --- a/CryptoPkg/Library/BaseCryptLibNull/Cipher/CryptArc4Null.c +++ /dev/null @@ -1,124 +0,0 @@ -/** @file - ARC4 Wrapper Implementation which does not provide real capabilities. - -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "InternalCryptLib.h" - -/** - Retrieves the size, in bytes, of the context buffer required for ARC4 op= erations. - - Return zero to indicate this interface is not supported. - - @retval 0 This interface is not supported. - - -**/ -UINTN -EFIAPI -Arc4GetContextSize ( - VOID - ) -{ - ASSERT (FALSE); - return 0; -} - -/** - Initializes user-supplied memory as ARC4 context for subsequent use. - - Return FALSE to indicate this interface is not supported. - - @param[out] Arc4Context Pointer to ARC4 context being initialized. - @param[in] Key Pointer to the user-supplied ARC4 key. - @param[in] KeySize Size of ARC4 key in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Init ( - OUT VOID *Arc4Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Performs ARC4 encryption on a data buffer of the specified size. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be encrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= encryption output. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Encrypt ( - IN OUT VOID *Arc4Context, - IN CONST UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Performs ARC4 decryption on a data buffer of the specified size. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be decrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= decryption output. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Decrypt ( - IN OUT VOID *Arc4Context, - IN UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Resets the ARC4 context to the initial state. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Reset ( - IN OUT VOID *Arc4Context - ) -{ - ASSERT (FALSE); - return FALSE; -} diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/Crypt= oPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c index 5e470028f4..77915bdb86 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c @@ -1892,153 +1892,6 @@ AesCbcDecrypt ( CALL_CRYPTO_SERVICE (AesCbcDecrypt, (AesContext, Input, InputSize, Ivec,= Output), FALSE); } =20 -/** - Retrieves the size, in bytes, of the context buffer required for ARC4 op= erations. - - If this interface is not supported, then return zero. - - @return The size, in bytes, of the context buffer required for ARC4 ope= rations. - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -Arc4GetContextSize ( - VOID - ) -{ - CALL_CRYPTO_SERVICE (Arc4GetContextSize, (), 0); -} - -/** - Initializes user-supplied memory as ARC4 context for subsequent use. - - This function initializes user-supplied memory pointed by Arc4Context as= ARC4 context. - In addition, it sets up all ARC4 key materials for subsequent encryption= and decryption - operations. - - If Arc4Context is NULL, then return FALSE. - If Key is NULL, then return FALSE. - If KeySize does not in the range of [5, 256] bytes, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[out] Arc4Context Pointer to ARC4 context being initialized. - @param[in] Key Pointer to the user-supplied ARC4 key. - @param[in] KeySize Size of ARC4 key in bytes. - - @retval TRUE ARC4 context initialization succeeded. - @retval FALSE ARC4 context initialization failed. - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Init ( - OUT VOID *Arc4Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - CALL_CRYPTO_SERVICE (Arc4Init, (Arc4Context, Key, KeySize), FALSE); -} - -/** - Performs ARC4 encryption on a data buffer of the specified size. - - This function performs ARC4 encryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be encrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= encryption output. - - @retval TRUE ARC4 encryption succeeded. - @retval FALSE ARC4 encryption failed. - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Encrypt ( - IN OUT VOID *Arc4Context, - IN CONST UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ) -{ - CALL_CRYPTO_SERVICE (Arc4Encrypt, (Arc4Context, Input, InputSize, Output= ), FALSE); -} - -/** - Performs ARC4 decryption on a data buffer of the specified size. - - This function performs ARC4 decryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be decrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= decryption output. - - @retval TRUE ARC4 decryption succeeded. - @retval FALSE ARC4 decryption failed. - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Decrypt ( - IN OUT VOID *Arc4Context, - IN UINT8 *Input, - IN UINTN InputSize, - OUT UINT8 *Output - ) -{ - CALL_CRYPTO_SERVICE (Arc4Decrypt, (Arc4Context, Input, InputSize, Output= ), FALSE); -} - -/** - Resets the ARC4 context to the initial state. - - The function resets the ARC4 context to the state it had immediately aft= er the - ARC4Init() function call. - Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but= ARC4 context - should be already correctly initialized by ARC4Init(). - - If Arc4Context is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - - @retval TRUE ARC4 reset succeeded. - @retval FALSE ARC4 reset failed. - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -Arc4Reset ( - IN OUT VOID *Arc4Context - ) -{ - CALL_CRYPTO_SERVICE (Arc4Reset, (Arc4Context), FALSE); -} - //=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Asymmetric Cryptography Primitive //=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protoc= ol/Crypto.h index ae0f29695c..f36c5c1aff 100644 --- a/CryptoPkg/Private/Protocol/Crypto.h +++ b/CryptoPkg/Private/Protocol/Crypto.h @@ -2785,134 +2785,45 @@ BOOLEAN ); =20 /** - Retrieves the size, in bytes, of the context buffer required for ARC4 op= erations. - - If this interface is not supported, then return zero. - - @return The size, in bytes, of the context buffer required for ARC4 ope= rations. - @retval 0 This interface is not supported. + ARC4 is deprecated and unsupported any longer. + Keep the function field for binary compability. =20 **/ typedef UINTN -(EFIAPI *EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE) ( +(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE) ( VOID ); =20 -/** - Initializes user-supplied memory as ARC4 context for subsequent use. - - This function initializes user-supplied memory pointed by Arc4Context as= ARC4 context. - In addition, it sets up all ARC4 key materials for subsequent encryption= and decryption - operations. - - If Arc4Context is NULL, then return FALSE. - If Key is NULL, then return FALSE. - If KeySize does not in the range of [5, 256] bytes, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[out] Arc4Context Pointer to ARC4 context being initialized. - @param[in] Key Pointer to the user-supplied ARC4 key. - @param[in] KeySize Size of ARC4 key in bytes. - - @retval TRUE ARC4 context initialization succeeded. - @retval FALSE ARC4 context initialization failed. - @retval FALSE This interface is not supported. - -**/ typedef BOOLEAN -(EFIAPI *EDKII_CRYPTO_ARC4_INIT) ( +(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_INIT) ( OUT VOID *Arc4Context, IN CONST UINT8 *Key, IN UINTN KeySize ); =20 -/** - Performs ARC4 encryption on a data buffer of the specified size. - - This function performs ARC4 encryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be encrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= encryption output. - - @retval TRUE ARC4 encryption succeeded. - @retval FALSE ARC4 encryption failed. - @retval FALSE This interface is not supported. - -**/ typedef BOOLEAN -(EFIAPI *EDKII_CRYPTO_ARC4_ENCRYPT) ( +(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT) ( IN OUT VOID *Arc4Context, IN CONST UINT8 *Input, IN UINTN InputSize, OUT UINT8 *Output ); =20 -/** - Performs ARC4 decryption on a data buffer of the specified size. - - This function performs ARC4 decryption on data buffer pointed by Input, = of specified - size of InputSize. - Arc4Context should be already correctly initialized by Arc4Init(). Behav= ior with - invalid ARC4 context is undefined. - - If Arc4Context is NULL, then return FALSE. - If Input is NULL, then return FALSE. - If Output is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - @param[in] Input Pointer to the buffer containing the data = to be decrypted. - @param[in] InputSize Size of the Input buffer in bytes. - @param[out] Output Pointer to a buffer that receives the ARC4= decryption output. - - @retval TRUE ARC4 decryption succeeded. - @retval FALSE ARC4 decryption failed. - @retval FALSE This interface is not supported. - -**/ typedef BOOLEAN -(EFIAPI *EDKII_CRYPTO_ARC4_DECRYPT) ( +(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT) ( IN OUT VOID *Arc4Context, IN UINT8 *Input, IN UINTN InputSize, OUT UINT8 *Output ); =20 -/** - Resets the ARC4 context to the initial state. - - The function resets the ARC4 context to the state it had immediately aft= er the - ARC4Init() function call. - Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but= ARC4 context - should be already correctly initialized by ARC4Init(). - - If Arc4Context is NULL, then return FALSE. - If this interface is not supported, then return FALSE. - - @param[in, out] Arc4Context Pointer to the ARC4 context. - - @retval TRUE ARC4 reset succeeded. - @retval FALSE ARC4 reset failed. - @retval FALSE This interface is not supported. - -**/ typedef BOOLEAN -(EFIAPI *EDKII_CRYPTO_ARC4_RESET) ( +(EFIAPI *DEPRECATED_EDKII_CRYPTO_ARC4_RESET) ( IN OUT VOID *Arc4Context ); =20 @@ -4014,12 +3925,12 @@ struct _EDKII_CRYPTO_PROTOCOL { EDKII_CRYPTO_AES_ECB_DECRYPT AesEcbDecrypt; EDKII_CRYPTO_AES_CBC_ENCRYPT AesCbcEncrypt; EDKII_CRYPTO_AES_CBC_DECRYPT AesCbcDecrypt; - /// Arc4 - EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE Arc4GetContextSize; - EDKII_CRYPTO_ARC4_INIT Arc4Init; - EDKII_CRYPTO_ARC4_ENCRYPT Arc4Encrypt; - EDKII_CRYPTO_ARC4_DECRYPT Arc4Decrypt; - EDKII_CRYPTO_ARC4_RESET Arc4Reset; + /// Arc4 - deprecated and unsupported + DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE DeprecatedArc4GetContext= Size; + DEPRECATED_EDKII_CRYPTO_ARC4_INIT DeprecatedArc4Init; + DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT DeprecatedArc4Encrypt; + DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT DeprecatedArc4Decrypt; + DEPRECATED_EDKII_CRYPTO_ARC4_RESET DeprecatedArc4Reset; /// SM3 EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE Sm3GetContextSize; EDKII_CRYPTO_SM3_INIT Sm3Init; --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#59633): https://edk2.groups.io/g/devel/message/59633 Mute This Topic: https://groups.io/mt/74221327/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-