BaseHashLib: Implement a Unified API for Hash Calculation

Sukerkar, Amol N Wed, 18 Dec 2019 14:17:27 -0800

Currently the UEFI drivers using the SHA/SM3 hashing algorithms use hard-coded 
API to calculate the hash, such as, sha_256(…), etc. Since SHA384 and/or SM3 
are being increasingly adopted, it becomes cumbersome to modify the driver with 
SHA384 or SM3 calls for each application.


To better achieve this, we are proposing a unified API which can be used by 
UEFI drivers that provides the drivers with flexibility to use the hashing 
algorithm they desired or the strongest hashing algorithm the system supports 
(with openssl). Attached is the design proposal for the same and we request 
feedback from the community before we begin the process of making the changes 
to EDK2 repo.

Alternatively, the design document is also attached to Bugzilla, 
https://bugzilla.tianocore.org/show_bug.cgi?id=2151. You can also provide the 
feedback in the Bugzilla.

Sukerkar, Amol N (6):
  SecurityPkg/BaseHashLib: Implement a unified API for Hash Calculation
  SecurityPkg/HashApiInstanceSha1: Implement API registration mechanism
    for SHA1
  SecurityPkg/HashApiInstanceSha256: Implement API registration
    mechanism for SHA256
  SecurityPkg/HashApiInstanceSha384: Implement API registration
    mechanism for SHA384
  SecurityPkg/BaseHashLib: Modified the Registation Mechanism for
    BaseHashLib
  SecurityPkg/HashApiInstanceSM3: Implement API registration mechanism
    for SM3

 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.c                    | 252 
+++++++++++++
 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.c                    | 396 
++++++++++++++++++++
 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.c       | 128 
+++++++
 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.c   | 128 
+++++++
 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.c   | 128 
+++++++
 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.c         | 128 
+++++++
 SecurityPkg/Include/Library/BaseHashLib.h                           | 153 
++++++++
 SecurityPkg/Library/BaseHashLib/BaseHashLibCommon.h                 |  35 ++
 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.inf                  |  47 +++
 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.uni                  |  18 +
 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.inf                  |  48 +++
 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.uni                  |  18 +
 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.inf     |  40 ++
 SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.uni     |  16 +
 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.inf |  40 ++
 SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.uni |  16 +
 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.inf |  40 ++
 SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.uni |  16 +
 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.inf       |  40 ++
 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.uni       |  16 +
 SecurityPkg/SecurityPkg.dec                                         |  19 +
 SecurityPkg/SecurityPkg.dsc                                         |  11 +
 SecurityPkg/SecurityPkg.uni                                         |  14 +
 23 files changed, 1747 insertions(+)
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.c
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.c
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.c
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.c
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.c
 create mode 100644 SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.c
 create mode 100644 SecurityPkg/Include/Library/BaseHashLib.h
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibCommon.h
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.inf
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibDxe.uni
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.inf
 create mode 100644 SecurityPkg/Library/BaseHashLib/BaseHashLibPei.uni
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.inf
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSha1/HashApiInstanceSha1.uni
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.inf
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSha256/HashApiInstanceSha256.uni
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.inf
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSha384/HashApiInstanceSha384.uni
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.inf
 create mode 100644 
SecurityPkg/Library/HashApiInstanceSm3/HashApiInstanceSm3.uni

-- 
2.16.2.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#52384): https://edk2.groups.io/g/devel/message/52384
Mute This Topic: https://groups.io/mt/68808194/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v1 0/6] SecurityPkg/BaseHashLib: Implement a Unified API for Hash Calculation

Reply via email to