From nobody Mon Feb 9 04:59:29 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108138+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108138+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1693383888; cv=none; d=zohomail.com; s=zohoarc; b=SSlkzcu0Zc9J7pLPJX9LkIHMzQz2sqpAad7E4zdIp0uJgsEZ2dG2Xrd6i+T7bofTrVraKV+S8OQxITi4tWQyBfbEDiE5JwfOsdiqPxo7rq+kctYVLqdHRfj483LODc/Z7Bd9HaLBNKxoLYkPwVIbkM4qEnjwgZLidI/0p5tK57Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1693383888; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=YeqgCYxFEgNhWTdfoIt2tBcEQ4G5xrQoumw8wUTe8lA=; b=ANVSJUUFSewO2NZTVQ0TfdsImv2IXX40k57KWraxQjOTwVNP1fB8tILvnHS9HdXbgRUfyNhFwI2YK0bQBRCYcP6jMQzgEhrgr0d0BtP7rSVjibkAZOdrOc69RDgGODnSm0hwt0xXn5/dPtrXxZDN85TUdvu3zy+eaedYE1MjKJQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108138+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1693383888447199.94833555632567; Wed, 30 Aug 2023 01:24:48 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=4yRsH4B8Rs+46lz/TWdO6tgNyv73r9MVwzTtthXO3hQ=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1693383888; v=1; b=ElaKUwEgOjxo/HYeeCWfMEO2AKyTPY9NZNBpYxk5v7Ft1fyoLcWe8Nf6GRryRE4lpeOa6Md8 jvxpSncJfWlbg4w7XmqvEp7FaPy4WVcVfyGBWpp8TJkwbsNP7OXffJRTspy5DjKNWmQf/AaRxPT ISBRilve7qZCqZ/5zSFuFLLA= X-Received: by 127.0.0.2 with SMTP id uqFmYY1788612xLT7rUhxb9G; Wed, 30 Aug 2023 01:24:48 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web10.9480.1693383885625467457 for ; Wed, 30 Aug 2023 01:24:47 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10817"; a="461957615" X-IronPort-AV: E=Sophos;i="6.02,213,1688454000"; d="scan'208";a="461957615" X-Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Aug 2023 01:24:27 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10817"; a="829147994" X-IronPort-AV: E=Sophos;i="6.02,213,1688454000"; d="scan'208";a="829147994" X-Received: from shwdejointd777.ccr.corp.intel.com ([10.239.58.116]) by FMSMGA003.fm.intel.com with ESMTP; 30 Aug 2023 01:24:25 -0700 From: "Wenxing Hou" To: devel@edk2.groups.io Cc: Jiewen Yao , Yi Li , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH 8/9] CryptoPkg: Add MD5/SHA1/SHA2 functions based on Mbedtls Date: Wed, 30 Aug 2023 16:24:04 +0800 Message-Id: <20230830082405.2148-9-wenxing.hou@intel.com> In-Reply-To: <20230830082405.2148-1-wenxing.hou@intel.com> References: <20230830082405.2148-1-wenxing.hou@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: zajc0tMLKimKeUyLGVknvTWHx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1693383890002100009 Content-Type: text/plain; charset="utf-8" Add MD5/SHA1/SHA256/SHA384/SHA512 APIs. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Cc: Jiewen Yao cc: Yi Li Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/Hash/CryptMd5.c | 234 +++++++++ .../BaseCryptLibMbedTls/Hash/CryptSha1.c | 234 +++++++++ .../BaseCryptLibMbedTls/Hash/CryptSha256.c | 227 +++++++++ .../BaseCryptLibMbedTls/Hash/CryptSha512.c | 447 ++++++++++++++++++ 4 files changed, 1142 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha256.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha512.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5.c b/Crypto= Pkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5.c new file mode 100644 index 0000000000..102f1d1a16 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptMd5.c @@ -0,0 +1,234 @@ +/** @file + MD5 Digest Wrapper Implementation over MbedTLS. + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include +#include + +#ifdef ENABLE_MD5_DEPRECATED_INTERFACES + +/** + Retrieves the size, in bytes, of the context buffer required for MD5 has= h operations. + + @return The size, in bytes, of the context buffer required for MD5 hash= operations. + +**/ +UINTN +EFIAPI +Md5GetContextSize ( + VOID + ) +{ + // + // Retrieves the MD5 Context Size + // + return (UINTN)(sizeof (mbedtls_md5_context)); +} + +/** + Initializes user-supplied memory pointed by Md5Context as MD5 hash conte= xt for + subsequent use. + + If Md5Context is NULL, then return FALSE. + + @param[out] Md5Context Pointer to MD5 context being initialized. + + @retval TRUE MD5 context initialization succeeded. + @retval FALSE MD5 context initialization failed. + +**/ +BOOLEAN +EFIAPI +Md5Init ( + OUT VOID *Md5Context + ) +{ + INT32 Ret; + + if (Md5Context =3D=3D NULL) { + return FALSE; + } + + mbedtls_md5_init (Md5Context); + + Ret =3D mbedtls_md5_starts_ret (Md5Context); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Makes a copy of an existing MD5 context. + + If Md5Context is NULL, then return FALSE. + If NewMd5Context is NULL, then return FALSE. + + @param[in] Md5Context Pointer to MD5 context being copied. + @param[out] NewMd5Context Pointer to new MD5 context. + + @retval TRUE MD5 context copy succeeded. + @retval FALSE MD5 context copy failed. + +**/ +BOOLEAN +EFIAPI +Md5Duplicate ( + IN CONST VOID *Md5Context, + OUT VOID *NewMd5Context + ) +{ + if ((Md5Context =3D=3D NULL) || (NewMd5Context =3D=3D NULL)) { + return FALSE; + } + + mbedtls_md5_clone (NewMd5Context, Md5Context); + + return TRUE; +} + +/** + Digests the input data and updates MD5 context. + + This function performs MD5 digest on a data buffer of the specified size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + MD5 context should be already correctly initialized by Md5Init(), and sh= ould not be finalized + by Md5Final(). Behavior with invalid context is undefined. + + If Md5Context is NULL, then return FALSE. + + @param[in, out] Md5Context Pointer to the MD5 context. + @param[in] Data Pointer to the buffer containing the data t= o be hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE MD5 data digest succeeded. + @retval FALSE MD5 data digest failed. + +**/ +BOOLEAN +EFIAPI +Md5Update ( + IN OUT VOID *Md5Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + INT32 Ret; + + if (Md5Context =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_md5_update_ret (Md5Context, Data, DataSize); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Completes computation of the MD5 digest value. + + This function completes MD5 hash computation and retrieves the digest va= lue into + the specified memory. After this function has been called, the MD5 conte= xt cannot + be used again. + MD5 context should be already correctly initialized by Md5Init(), and sh= ould not be + finalized by Md5Final(). Behavior with invalid MD5 context is undefined. + + If Md5Context is NULL, then return FALSE. + If HashValue is NULL, then return FALSE. + + @param[in, out] Md5Context Pointer to the MD5 context. + @param[out] HashValue Pointer to a buffer that receives the MD5 d= igest + value (16 bytes). + + @retval TRUE MD5 digest computation succeeded. + @retval FALSE MD5 digest computation failed. + +**/ +BOOLEAN +EFIAPI +Md5Final ( + IN OUT VOID *Md5Context, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if ((Md5Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { + return FALSE; + } + + Ret =3D mbedtls_md5_finish_ret (Md5Context, HashValue); + mbedtls_md5_free (Md5Context); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Computes the MD5 message digest of a input data buffer. + + This function performs the MD5 message digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[out] HashValue Pointer to a buffer that receives the MD5 digest + value (16 bytes). + + @retval TRUE MD5 digest computation succeeded. + @retval FALSE MD5 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Md5HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if (HashValue =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_md5_ret (Data, DataSize, HashValue); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +#endif diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1.c new file mode 100644 index 0000000000..ea52da205d --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha1.c @@ -0,0 +1,234 @@ +/** @file + SHA-1 Digest Wrapper Implementation over MbedTLS. + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include +#include + +#ifndef DISABLE_SHA1_DEPRECATED_INTERFACES + +/** + Retrieves the size, in bytes, of the context buffer required for SHA-1 h= ash operations. + + @return The size, in bytes, of the context buffer required for SHA-1 ha= sh operations. + +**/ +UINTN +EFIAPI +Sha1GetContextSize ( + VOID + ) +{ + // + // Retrieves MbedTLS SHA Context Size + // + return (UINTN)(sizeof (mbedtls_sha1_context)); +} + +/** + Initializes user-supplied memory pointed by Sha1Context as SHA-1 hash co= ntext for + subsequent use. + + If Sha1Context is NULL, then return FALSE. + + @param[out] Sha1Context Pointer to SHA-1 context being initialized. + + @retval TRUE SHA-1 context initialization succeeded. + @retval FALSE SHA-1 context initialization failed. + +**/ +BOOLEAN +EFIAPI +Sha1Init ( + OUT VOID *Sha1Context + ) +{ + INT32 Ret; + + if (Sha1Context =3D=3D NULL) { + return FALSE; + } + + mbedtls_sha1_init (Sha1Context); + + Ret =3D mbedtls_sha1_starts_ret (Sha1Context); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Makes a copy of an existing SHA-1 context. + + If Sha1Context is NULL, then return FALSE. + If NewSha1Context is NULL, then return FALSE. + + @param[in] Sha1Context Pointer to SHA-1 context being copied. + @param[out] NewSha1Context Pointer to new SHA-1 context. + + @retval TRUE SHA-1 context copy succeeded. + @retval FALSE SHA-1 context copy failed. + +**/ +BOOLEAN +EFIAPI +Sha1Duplicate ( + IN CONST VOID *Sha1Context, + OUT VOID *NewSha1Context + ) +{ + if ((Sha1Context =3D=3D NULL) || (NewSha1Context =3D=3D NULL)) { + return FALSE; + } + + mbedtls_sha1_clone (NewSha1Context, Sha1Context); + + return TRUE; +} + +/** + Digests the input data and updates SHA-1 context. + + This function performs SHA-1 digest on a data buffer of the specified si= ze. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + SHA-1 context should be already correctly initialized by Sha1Init(), and= should not be finalized + by Sha1Final(). Behavior with invalid context is undefined. + + If Sha1Context is NULL, then return FALSE. + + @param[in, out] Sha1Context Pointer to the SHA-1 context. + @param[in] Data Pointer to the buffer containing the data = to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE SHA-1 data digest succeeded. + @retval FALSE SHA-1 data digest failed. + +**/ +BOOLEAN +EFIAPI +Sha1Update ( + IN OUT VOID *Sha1Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + INT32 Ret; + + if (Sha1Context =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_sha1_update_ret (Sha1Context, Data, DataSize); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Completes computation of the SHA-1 digest value. + + This function completes SHA-1 hash computation and retrieves the digest = value into + the specified memory. After this function has been called, the SHA-1 con= text cannot + be used again. + SHA-1 context should be already correctly initialized by Sha1Init(), and= should not be + finalized by Sha1Final(). Behavior with invalid SHA-1 context is undefin= ed. + + If Sha1Context is NULL, then return FALSE. + If HashValue is NULL, then return FALSE. + + @param[in, out] Sha1Context Pointer to the SHA-1 context. + @param[out] HashValue Pointer to a buffer that receives the SHA-= 1 digest + value (20 bytes). + + @retval TRUE SHA-1 digest computation succeeded. + @retval FALSE SHA-1 digest computation failed. + +**/ +BOOLEAN +EFIAPI +Sha1Final ( + IN OUT VOID *Sha1Context, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if ((Sha1Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { + return FALSE; + } + + Ret =3D mbedtls_sha1_finish_ret (Sha1Context, HashValue); + mbedtls_sha1_free (Sha1Context); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Computes the SHA-1 message digest of a input data buffer. + + This function performs the SHA-1 message digest of a given data buffer, = and places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[out] HashValue Pointer to a buffer that receives the SHA-1 dig= est + value (20 bytes). + + @retval TRUE SHA-1 digest computation succeeded. + @retval FALSE SHA-1 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sha1HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if (HashValue =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_sha1_ret (Data, DataSize, HashValue); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +#endif diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha256.c b/Cry= ptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha256.c new file mode 100644 index 0000000000..e30a6c1b4b --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha256.c @@ -0,0 +1,227 @@ +/** @file + SHA-256 Digest Wrapper Implementation over MbedTLS. + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include +#include + +/** + Retrieves the size, in bytes, of the context buffer required for SHA-256= hash operations. + + @return The size, in bytes, of the context buffer required for SHA-256 = hash operations. + +**/ +UINTN +EFIAPI +Sha256GetContextSize ( + VOID + ) +{ + return (UINTN)(sizeof (mbedtls_sha256_context)); +} + +/** + Initializes user-supplied memory pointed by Sha256Context as SHA-256 has= h context for + subsequent use. + + If Sha256Context is NULL, then return FALSE. + + @param[out] Sha256Context Pointer to SHA-256 context being initialized. + + @retval TRUE SHA-256 context initialization succeeded. + @retval FALSE SHA-256 context initialization failed. + +**/ +BOOLEAN +EFIAPI +Sha256Init ( + OUT VOID *Sha256Context + ) +{ + INT32 Ret; + + if (Sha256Context =3D=3D NULL) { + return FALSE; + } + + mbedtls_sha256_init (Sha256Context); + + Ret =3D mbedtls_sha256_starts_ret (Sha256Context, FALSE); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Makes a copy of an existing SHA-256 context. + + If Sha256Context is NULL, then return FALSE. + If NewSha256Context is NULL, then return FALSE. + + @param[in] Sha256Context Pointer to SHA-256 context being copied. + @param[out] NewSha256Context Pointer to new SHA-256 context. + + @retval TRUE SHA-256 context copy succeeded. + @retval FALSE SHA-256 context copy failed. + +**/ +BOOLEAN +EFIAPI +Sha256Duplicate ( + IN CONST VOID *Sha256Context, + OUT VOID *NewSha256Context + ) +{ + if ((Sha256Context =3D=3D NULL) || (NewSha256Context =3D=3D NULL)) { + return FALSE; + } + + mbedtls_sha256_clone (NewSha256Context, Sha256Context); + + return TRUE; +} + +/** + Digests the input data and updates SHA-256 context. + + This function performs SHA-256 digest on a data buffer of the specified = size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + SHA-256 context should be already correctly initialized by Sha256Init(),= and should not be finalized + by Sha256Final(). Behavior with invalid context is undefined. + + If Sha256Context is NULL, then return FALSE. + + @param[in, out] Sha256Context Pointer to the SHA-256 context. + @param[in] Data Pointer to the buffer containing the dat= a to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE SHA-256 data digest succeeded. + @retval FALSE SHA-256 data digest failed. + +**/ +BOOLEAN +EFIAPI +Sha256Update ( + IN OUT VOID *Sha256Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + INT32 Ret; + + if (Sha256Context =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_sha256_update_ret (Sha256Context, Data, DataSize); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Completes computation of the SHA-256 digest value. + + This function completes SHA-256 hash computation and retrieves the diges= t value into + the specified memory. After this function has been called, the SHA-256 c= ontext cannot + be used again. + SHA-256 context should be already correctly initialized by Sha256Init(),= and should not be + finalized by Sha256Final(). Behavior with invalid SHA-256 context is und= efined. + + If Sha256Context is NULL, then return FALSE. + If HashValue is NULL, then return FALSE. + + @param[in, out] Sha256Context Pointer to the SHA-256 context. + @param[out] HashValue Pointer to a buffer that receives the SH= A-256 digest + value (32 bytes). + + @retval TRUE SHA-256 digest computation succeeded. + @retval FALSE SHA-256 digest computation failed. + +**/ +BOOLEAN +EFIAPI +Sha256Final ( + IN OUT VOID *Sha256Context, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if ((Sha256Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { + return FALSE; + } + + Ret =3D mbedtls_sha256_finish_ret (Sha256Context, HashValue); + mbedtls_sha256_free (Sha256Context); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Computes the SHA-256 message digest of a input data buffer. + + This function performs the SHA-256 message digest of a given data buffer= , and places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[out] HashValue Pointer to a buffer that receives the SHA-256 d= igest + value (32 bytes). + + @retval TRUE SHA-256 digest computation succeeded. + @retval FALSE SHA-256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sha256HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if (HashValue =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_sha256_ret (Data, DataSize, HashValue, FALSE); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha512.c b/Cry= ptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha512.c new file mode 100644 index 0000000000..af7fc876d4 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSha512.c @@ -0,0 +1,447 @@ +/** @file + SHA-384 and SHA-512 Digest Wrapper Implementations over MbedTLS. + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include +#include + +/** + Retrieves the size, in bytes, of the context buffer required for SHA-384= hash operations. + + @return The size, in bytes, of the context buffer required for SHA-384 = hash operations. + +**/ +UINTN +EFIAPI +Sha384GetContextSize ( + VOID + ) +{ + return (UINTN)(sizeof (mbedtls_sha512_context)); +} + +/** + Initializes user-supplied memory pointed by Sha384Context as SHA-384 has= h context for + subsequent use. + + If Sha384Context is NULL, then return FALSE. + + @param[out] Sha384Context Pointer to SHA-384 context being initialized. + + @retval TRUE SHA-384 context initialization succeeded. + @retval FALSE SHA-384 context initialization failed. + +**/ +BOOLEAN +EFIAPI +Sha384Init ( + OUT VOID *Sha384Context + ) +{ + INT32 Ret; + + if (Sha384Context =3D=3D NULL) { + return FALSE; + } + + mbedtls_sha512_init (Sha384Context); + + Ret =3D mbedtls_sha512_starts_ret (Sha384Context, TRUE); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Makes a copy of an existing SHA-384 context. + + If Sha384Context is NULL, then return FALSE. + If NewSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] Sha384Context Pointer to SHA-384 context being copied. + @param[out] NewSha384Context Pointer to new SHA-384 context. + + @retval TRUE SHA-384 context copy succeeded. + @retval FALSE SHA-384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sha384Duplicate ( + IN CONST VOID *Sha384Context, + OUT VOID *NewSha384Context + ) +{ + if ((Sha384Context =3D=3D NULL) || (NewSha384Context =3D=3D NULL)) { + return FALSE; + } + + mbedtls_sha512_clone (NewSha384Context, Sha384Context); + + return TRUE; +} + +/** + Digests the input data and updates SHA-384 context. + + This function performs SHA-384 digest on a data buffer of the specified = size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + SHA-384 context should be already correctly initialized by Sha384Init(),= and should not be finalized + by Sha384Final(). Behavior with invalid context is undefined. + + If Sha384Context is NULL, then return FALSE. + + @param[in, out] Sha384Context Pointer to the SHA-384 context. + @param[in] Data Pointer to the buffer containing the dat= a to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE SHA-384 data digest succeeded. + @retval FALSE SHA-384 data digest failed. + +**/ +BOOLEAN +EFIAPI +Sha384Update ( + IN OUT VOID *Sha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + INT32 Ret; + + if (Sha384Context =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_sha512_update_ret (Sha384Context, Data, DataSize); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Completes computation of the SHA-384 digest value. + + This function completes SHA-384 hash computation and retrieves the diges= t value into + the specified memory. After this function has been called, the SHA-384 c= ontext cannot + be used again. + SHA-384 context should be already correctly initialized by Sha384Init(),= and should not be + finalized by Sha384Final(). Behavior with invalid SHA-384 context is und= efined. + + If Sha384Context is NULL, then return FALSE. + If HashValue is NULL, then return FALSE. + + @param[in, out] Sha384Context Pointer to the SHA-384 context. + @param[out] HashValue Pointer to a buffer that receives the SH= A-384 digest + value (48 bytes). + + @retval TRUE SHA-384 digest computation succeeded. + @retval FALSE SHA-384 digest computation failed. + +**/ +BOOLEAN +EFIAPI +Sha384Final ( + IN OUT VOID *Sha384Context, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if ((Sha384Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { + return FALSE; + } + + Ret =3D mbedtls_sha512_finish_ret (Sha384Context, HashValue); + mbedtls_sha512_free (Sha384Context); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Computes the SHA-384 message digest of a input data buffer. + + This function performs the SHA-384 message digest of a given data buffer= , and places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[out] HashValue Pointer to a buffer that receives the SHA-384 d= igest + value (48 bytes). + + @retval TRUE SHA-384 digest computation succeeded. + @retval FALSE SHA-384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sha384HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if (HashValue =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_sha512_ret (Data, DataSize, HashValue, TRUE); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Retrieves the size, in bytes, of the context buffer required for SHA-512= hash operations. + + @return The size, in bytes, of the context buffer required for SHA-512 = hash operations. + +**/ +UINTN +EFIAPI +Sha512GetContextSize ( + VOID + ) +{ + return (UINTN)(sizeof (mbedtls_sha512_context)); +} + +/** + Initializes user-supplied memory pointed by Sha512Context as SHA-512 has= h context for + subsequent use. + + If Sha512Context is NULL, then return FALSE. + + @param[out] Sha512Context Pointer to SHA-512 context being initialized. + + @retval TRUE SHA-512 context initialization succeeded. + @retval FALSE SHA-512 context initialization failed. + +**/ +BOOLEAN +EFIAPI +Sha512Init ( + OUT VOID *Sha512Context + ) +{ + INT32 Ret; + + if (Sha512Context =3D=3D NULL) { + return FALSE; + } + + mbedtls_sha512_init (Sha512Context); + + Ret =3D mbedtls_sha512_starts_ret (Sha512Context, FALSE); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Makes a copy of an existing SHA-512 context. + + If Sha512Context is NULL, then return FALSE. + If NewSha512Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] Sha512Context Pointer to SHA-512 context being copied. + @param[out] NewSha512Context Pointer to new SHA-512 context. + + @retval TRUE SHA-512 context copy succeeded. + @retval FALSE SHA-512 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sha512Duplicate ( + IN CONST VOID *Sha512Context, + OUT VOID *NewSha512Context + ) +{ + if ((Sha512Context =3D=3D NULL) || (NewSha512Context =3D=3D NULL)) { + return FALSE; + } + + mbedtls_sha512_clone (NewSha512Context, Sha512Context); + + return TRUE; +} + +/** + Digests the input data and updates SHA-512 context. + + This function performs SHA-512 digest on a data buffer of the specified = size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + SHA-512 context should be already correctly initialized by Sha512Init(),= and should not be finalized + by Sha512Final(). Behavior with invalid context is undefined. + + If Sha512Context is NULL, then return FALSE. + + @param[in, out] Sha512Context Pointer to the SHA-512 context. + @param[in] Data Pointer to the buffer containing the dat= a to be hashed. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE SHA-512 data digest succeeded. + @retval FALSE SHA-512 data digest failed. + +**/ +BOOLEAN +EFIAPI +Sha512Update ( + IN OUT VOID *Sha512Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + INT32 Ret; + + if (Sha512Context =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_sha512_update_ret (Sha512Context, Data, DataSize); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Completes computation of the SHA-512 digest value. + + This function completes SHA-512 hash computation and retrieves the diges= t value into + the specified memory. After this function has been called, the SHA-512 c= ontext cannot + be used again. + SHA-512 context should be already correctly initialized by Sha512Init(),= and should not be + finalized by Sha512Final(). Behavior with invalid SHA-512 context is und= efined. + + If Sha512Context is NULL, then return FALSE. + If HashValue is NULL, then return FALSE. + + @param[in, out] Sha512Context Pointer to the SHA-512 context. + @param[out] HashValue Pointer to a buffer that receives the SH= A-512 digest + value (64 bytes). + + @retval TRUE SHA-512 digest computation succeeded. + @retval FALSE SHA-512 digest computation failed. + +**/ +BOOLEAN +EFIAPI +Sha512Final ( + IN OUT VOID *Sha512Context, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if ((Sha512Context =3D=3D NULL) || (HashValue =3D=3D NULL)) { + return FALSE; + } + + Ret =3D mbedtls_sha512_finish_ret (Sha512Context, HashValue); + mbedtls_sha512_free (Sha512Context); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} + +/** + Computes the SHA-512 message digest of a input data buffer. + + This function performs the SHA-512 message digest of a given data buffer= , and places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= hashed. + @param[in] DataSize Size of Data buffer in bytes. + @param[out] HashValue Pointer to a buffer that receives the SHA-512 d= igest + value (64 bytes). + + @retval TRUE SHA-512 digest computation succeeded. + @retval FALSE SHA-512 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +Sha512HashAll ( + IN CONST VOID *Data, + IN UINTN DataSize, + OUT UINT8 *HashValue + ) +{ + INT32 Ret; + + if (HashValue =3D=3D NULL) { + return FALSE; + } + + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + if (DataSize > INT_MAX) { + return FALSE; + } + + Ret =3D mbedtls_sha512_ret (Data, DataSize, HashValue, FALSE); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108138): https://edk2.groups.io/g/devel/message/108138 Mute This Topic: https://groups.io/mt/101048358/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-