Add SM3 functions with openssl for Mbedtls

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4177 Because the Mbedlts 3.3.0 doesn't have Sm3, the Sm3 implementaion is based on Openssl. Cc: Jiewen Yao <[email protected]> Cc: Yi Li <[email protected]> Signed-off-by: Wenxing Hou <[email protected]> Reviewed-by: Yi Li <[email protected]> Acked-by: Jiewen Yao <[email protected]>
makubacki · May 27, 2024 · 0828157 · 0828157
1 parent ed7a314
commit 0828157
Show file tree

Hide file tree

Showing 11 changed files with 1,010 additions and 8 deletions.
diff --git a/CryptoPkg/CryptoPkgMbedTls.dsc b/CryptoPkg/CryptoPkgMbedTls.dsc
@@ -88,6 +88,7 @@
   UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
   IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
   MbedTlsLib|CryptoPkg/Library/MbedTlsLib/MbedTlsLib.inf
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
   IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
   SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
 

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/BaseCryptLib.inf
@@ -31,10 +31,8 @@
   Hash/CryptSha1.c
   Hash/CryptSha256.c
   Hash/CryptSha512.c
-  Hash/CryptSm3Null.c
-
   Hash/CryptParallelHashNull.c
-
+  Hash/CryptSm3.c
   Hmac/CryptHmac.c
   Kdf/CryptHkdf.c
   Cipher/CryptAes.c
@@ -59,6 +57,8 @@
   Rand/CryptRand.c
 
   SysCall/CrtWrapper.c
+  SysCall/DummyOpensslSupport.c
+  SysCall/BaseMemAllocation.c
   SysCall/TimerWrapper.c
 
 [Packages]
@@ -72,6 +72,7 @@
   UefiRuntimeServicesTableLib
   DebugLib
   MbedTlsLib
+  OpensslLib
   PrintLib
   IntrinsicLib
   RngLib

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c b/CryptoPkg/Library/BaseCryptLibMbedTls/Hash/CryptSm3.c
@@ -0,0 +1,235 @@
+/** @file
+  SM3 Digest Wrapper Implementations over openssl.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+#include "internal/sm3.h"
+
+/**
+  Retrieves the size, in bytes, of the context buffer required for SM3 hash operations.
+
+  @return  The size, in bytes, of the context buffer required for SM3 hash operations.
+
+**/
+UINTN
+EFIAPI
+Sm3GetContextSize (
+  VOID
+  )
+{
+  //
+  // Retrieves Openssl SM3 Context Size
+  //
+  return (UINTN)(sizeof (SM3_CTX));
+}
+
+/**
+  Initializes user-supplied memory pointed by Sm3Context as SM3 hash context for
+  subsequent use.
+
+  If Sm3Context is NULL, then return FALSE.
+
+  @param[out]  Sm3Context  Pointer to SM3 context being initialized.
+
+  @retval TRUE   SM3 context initialization succeeded.
+  @retval FALSE  SM3 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sm3Init (
+  OUT  VOID  *Sm3Context
+  )
+{
+  //
+  // Check input parameters.
+  //
+  if (Sm3Context == NULL) {
+    return FALSE;
+  }
+
+  //
+  // Openssl SM3 Context Initialization
+  //
+  ossl_sm3_init ((SM3_CTX *)Sm3Context);
+  return TRUE;
+}
+
+/**
+  Makes a copy of an existing SM3 context.
+
+  If Sm3Context is NULL, then return FALSE.
+  If NewSm3Context is NULL, then return FALSE.
+  If this interface is not supported, then return FALSE.
+
+  @param[in]  Sm3Context     Pointer to SM3 context being copied.
+  @param[out] NewSm3Context  Pointer to new SM3 context.
+
+  @retval TRUE   SM3 context copy succeeded.
+  @retval FALSE  SM3 context copy failed.
+  @retval FALSE  This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sm3Duplicate (
+  IN   CONST VOID  *Sm3Context,
+  OUT  VOID        *NewSm3Context
+  )
+{
+  //
+  // Check input parameters.
+  //
+  if ((Sm3Context == NULL) || (NewSm3Context == NULL)) {
+    return FALSE;
+  }
+
+  CopyMem (NewSm3Context, Sm3Context, sizeof (SM3_CTX));
+
+  return TRUE;
+}
+
+/**
+  Digests the input data and updates SM3 context.
+
+  This function performs SM3 digest on a data buffer of the specified size.
+  It can be called multiple times to compute the digest of long or discontinuous data streams.
+  SM3 context should be already correctly initialized by Sm3Init(), and should not be finalized
+  by Sm3Final(). Behavior with invalid context is undefined.
+
+  If Sm3Context is NULL, then return FALSE.
+
+  @param[in, out]  Sm3Context     Pointer to the SM3 context.
+  @param[in]       Data           Pointer to the buffer containing the data to be hashed.
+  @param[in]       DataSize       Size of Data buffer in bytes.
+
+  @retval TRUE   SM3 data digest succeeded.
+  @retval FALSE  SM3 data digest failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sm3Update (
+  IN OUT  VOID        *Sm3Context,
+  IN      CONST VOID  *Data,
+  IN      UINTN       DataSize
+  )
+{
+  //
+  // Check input parameters.
+  //
+  if (Sm3Context == NULL) {
+    return FALSE;
+  }
+
+  //
+  // Check invalid parameters, in case that only DataLength was checked in Openssl
+  //
+  if ((Data == NULL) && (DataSize != 0)) {
+    return FALSE;
+  }
+
+  //
+  // Openssl SM3 Hash Update
+  //
+  ossl_sm3_update ((SM3_CTX *)Sm3Context, Data, DataSize);
+
+  return TRUE;
+}
+
+/**
+  Completes computation of the SM3 digest value.
+
+  This function completes SM3 hash computation and retrieves the digest value into
+  the specified memory. After this function has been called, the SM3 context cannot
+  be used again.
+  SM3 context should be already correctly initialized by Sm3Init(), and should not be
+  finalized by Sm3Final(). Behavior with invalid SM3 context is undefined.
+
+  If Sm3Context is NULL, then return FALSE.
+  If HashValue is NULL, then return FALSE.
+
+  @param[in, out]  Sm3Context     Pointer to the SM3 context.
+  @param[out]      HashValue      Pointer to a buffer that receives the SM3 digest
+                                  value (32 bytes).
+
+  @retval TRUE   SM3 digest computation succeeded.
+  @retval FALSE  SM3 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+Sm3Final (
+  IN OUT  VOID   *Sm3Context,
+  OUT     UINT8  *HashValue
+  )
+{
+  //
+  // Check input parameters.
+  //
+  if ((Sm3Context == NULL) || (HashValue == NULL)) {
+    return FALSE;
+  }
+
+  //
+  // Openssl SM3 Hash Finalization
+  //
+  ossl_sm3_final (HashValue, (SM3_CTX *)Sm3Context);
+
+  return TRUE;
+}
+
+/**
+  Computes the SM3 message digest of a input data buffer.
+
+  This function performs the SM3 message digest of a given data buffer, and places
+  the digest value into the specified memory.
+
+  If this interface is not supported, then return FALSE.
+
+  @param[in]   Data        Pointer to the buffer containing the data to be hashed.
+  @param[in]   DataSize    Size of Data buffer in bytes.
+  @param[out]  HashValue   Pointer to a buffer that receives the SM3 digest
+                           value (32 bytes).
+
+  @retval TRUE   SM3 digest computation succeeded.
+  @retval FALSE  SM3 digest computation failed.
+  @retval FALSE  This interface is not supported.
+
+**/
+BOOLEAN
+EFIAPI
+Sm3HashAll (
+  IN   CONST VOID  *Data,
+  IN   UINTN       DataSize,
+  OUT  UINT8       *HashValue
+  )
+{
+  SM3_CTX  Ctx;
+
+  //
+  // Check input parameters.
+  //
+  if (HashValue == NULL) {
+    return FALSE;
+  }
+
+  if ((Data == NULL) && (DataSize != 0)) {
+    return FALSE;
+  }
+
+  //
+  // SM3 Hash Computation.
+  //
+  ossl_sm3_init (&Ctx);
+
+  ossl_sm3_update (&Ctx, Data, DataSize);
+
+  ossl_sm3_final (HashValue, &Ctx);
+
+  return TRUE;
+}
diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/PeiCryptLib.inf
@@ -38,9 +38,9 @@
   Hash/CryptMd5.c
   Hash/CryptSha1.c
   Hash/CryptSha256.c
-  Hash/CryptSm3Null.c
   Hash/CryptSha512.c
   Hash/CryptParallelHashNull.c
+  Hash/CryptSm3.c
   Hmac/CryptHmac.c
   Kdf/CryptHkdf.c
   Cipher/CryptAes.c
@@ -65,6 +65,8 @@
   Bn/CryptBnNull.c
 
   SysCall/CrtWrapper.c
+  SysCall/DummyOpensslSupport.c
+  SysCall/BaseMemAllocation.c
   SysCall/ConstantTimeClock.c
 
 [Packages]
@@ -77,6 +79,7 @@
   MemoryAllocationLib
   DebugLib
   MbedTlsLib
+  OpensslLib
   IntrinsicLib
   PrintLib
   PeiServicesTablePointerLib

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/RuntimeCryptLib.inf
@@ -37,9 +37,9 @@
   Hash/CryptMd5.c
   Hash/CryptSha1.c
   Hash/CryptSha256.c
-  Hash/CryptSm3Null.c
   Hash/CryptSha512.c
   Hash/CryptParallelHashNull.c
+  Hash/CryptSm3.c
   Hmac/CryptHmac.c
   Kdf/CryptHkdf.c
   Cipher/CryptAes.c
@@ -65,6 +65,7 @@
 
   SysCall/CrtWrapper.c
   SysCall/TimerWrapper.c
+  SysCall/DummyOpensslSupport.c
   SysCall/RuntimeMemAllocation.c
 
 [Packages]
@@ -77,6 +78,7 @@
   UefiRuntimeServicesTableLib
   DebugLib
   MbedTlsLib
+  OpensslLib
   IntrinsicLib
   PrintLib
   RngLib

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/SecCryptLib.inf
@@ -29,7 +29,6 @@
 [Sources]
   InternalCryptLib.h
   Hash/CryptSha512.c
-
   Hash/CryptMd5Null.c
   Hash/CryptSha1Null.c
   Hash/CryptSha256Null.c

diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLibMbedTls/SmmCryptLib.inf
@@ -36,9 +36,9 @@
   Hash/CryptMd5.c
   Hash/CryptSha1.c
   Hash/CryptSha256.c
-  Hash/CryptSm3Null.c
   Hash/CryptSha512.c
   Hash/CryptParallelHashNull.c
+  Hash/CryptSm3.c
   Hmac/CryptHmac.c
   Kdf/CryptHkdf.c
   Cipher/CryptAes.c
@@ -63,6 +63,8 @@
   Rand/CryptRand.c
 
   SysCall/CrtWrapper.c
+  SysCall/DummyOpensslSupport.c
+  SysCall/BaseMemAllocation.c
   SysCall/ConstantTimeClock.c
 
 [Packages]
@@ -74,6 +76,7 @@
   BaseMemoryLib
   MemoryAllocationLib
   MbedTlsLib
+  OpensslLib
   IntrinsicLib
   PrintLib
   MmServicesTableLib