Topics

[PATCH v3 0/3] CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest interface


Zurcher, Christopher J
 

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2545

V3 changes:
Added list of valid Digest Names to EvpMdInit() header
Added missing copy of CryptEvpMdNull.c in BaseCryptLibNull folder

V2 changes:
Added NullLib implementation
Added Crypto Service implementation
Rebased Hash2DxeCrypto to use EVP interface instead of low-level functions
Removed unnecessary casts
Added "HashAll" utility function
Merged "New" and "Init" functions as well as "Final" and "Free" functions
Retained "Init/Update/Final" naming instead of "New/Update/Free" as this
conforms with common usage

Low-level interfaces to message digest (hash) functions have been deprecated
in OpenSSL 3. In order to upgrade to OpenSSL 3, all direct calls to
low-level functions (such as SHA256_Init() in CryptSha256.c) will need to
be replaced by EVP inteface calls.

References:
https://www.openssl.org/docs/manmaster/man7/evp.html
https://www.openssl.org/docs/manmaster/man3/SHA256_Init.html

Cc: Laszlo Ersek <lersek@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Xiaoyu Lu <xiaoyux.lu@...>

Christopher J Zurcher (3):
CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest interface
CryptoPkg: Add EVP to Crypto Service driver interface
SecurityPkg/Hash2DxeCrypto: Rebase Hash2DxeCrypto onto the EVP
interface

CryptoPkg/CryptoPkg.dsc | 3 +
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 1 +
CryptoPkg/Include/Library/BaseCryptLib.h | 129 ++++++++
CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h | 10 +
CryptoPkg/Private/Protocol/Crypto.h | 131 ++++++++
SecurityPkg/Hash2DxeCrypto/Driver.h | 1 -
CryptoPkg/Driver/Crypto.c | 152 ++++++++-
CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMd.c | 257 +++++++++++++++
CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMdNull.c | 128 ++++++++
CryptoPkg/Library/BaseCryptLibNull/Evp/CryptEvpMdNull.c | 128 ++++++++
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 144 ++++++++
SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c | 345 ++------------------
16 files changed, 1117 insertions(+), 316 deletions(-)
create mode 100644 CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMd.c
create mode 100644 CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMdNull.c
create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Evp/CryptEvpMdNull.c

--
2.28.0.windows.1


Yao, Jiewen
 

The series 1~3: reviewed-by: Jiewen Yao <Jiewen.yao@...>

I would like to wait for at least one week to see if anyone has size concern - Hash2DxeCrypto grew from ~26k to ~253k.

Thank you
Yao Jiewen

-----Original Message-----
From: Christopher J Zurcher <christopher.j.zurcher@...>
Sent: Wednesday, September 16, 2020 8:59 AM
To: devel@edk2.groups.io
Cc: Laszlo Ersek <lersek@...>; Yao, Jiewen <jiewen.yao@...>;
Wang, Jian J <jian.j.wang@...>; Lu, XiaoyuX <xiaoyux.lu@...>
Subject: [PATCH v3 0/3] CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest
interface

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2545

V3 changes:
Added list of valid Digest Names to EvpMdInit() header
Added missing copy of CryptEvpMdNull.c in BaseCryptLibNull folder

V2 changes:
Added NullLib implementation
Added Crypto Service implementation
Rebased Hash2DxeCrypto to use EVP interface instead of low-level functions
Removed unnecessary casts
Added "HashAll" utility function
Merged "New" and "Init" functions as well as "Final" and "Free" functions
Retained "Init/Update/Final" naming instead of "New/Update/Free" as this
conforms with common usage

Low-level interfaces to message digest (hash) functions have been deprecated
in OpenSSL 3. In order to upgrade to OpenSSL 3, all direct calls to
low-level functions (such as SHA256_Init() in CryptSha256.c) will need to
be replaced by EVP inteface calls.

References:
https://www.openssl.org/docs/manmaster/man7/evp.html
https://www.openssl.org/docs/manmaster/man3/SHA256_Init.html

Cc: Laszlo Ersek <lersek@...>
Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Xiaoyu Lu <xiaoyux.lu@...>

Christopher J Zurcher (3):
CryptoPkg/BaseCryptLib: Add EVP (Envelope) Digest interface
CryptoPkg: Add EVP to Crypto Service driver interface
SecurityPkg/Hash2DxeCrypto: Rebase Hash2DxeCrypto onto the EVP
interface

CryptoPkg/CryptoPkg.dsc | 3 +
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 1 +
CryptoPkg/Include/Library/BaseCryptLib.h | 129 ++++++++
CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h | 10 +
CryptoPkg/Private/Protocol/Crypto.h | 131 ++++++++
SecurityPkg/Hash2DxeCrypto/Driver.h | 1 -
CryptoPkg/Driver/Crypto.c | 152 ++++++++-
CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMd.c | 257
+++++++++++++++
CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMdNull.c | 128 ++++++++
CryptoPkg/Library/BaseCryptLibNull/Evp/CryptEvpMdNull.c | 128 ++++++++
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 144 ++++++++
SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.c | 345 ++------------------
16 files changed, 1117 insertions(+), 316 deletions(-)
create mode 100644 CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMd.c
create mode 100644 CryptoPkg/Library/BaseCryptLib/Evp/CryptEvpMdNull.c
create mode 100644
CryptoPkg/Library/BaseCryptLibNull/Evp/CryptEvpMdNull.c

--
2.28.0.windows.1