diff options
author | Zhichao Gao <zhichao.gao@intel.com> | 2020-04-17 15:37:59 +0800 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-05-15 07:22:36 +0000 |
commit | 0a6fc3d0676f6f64bc54c61ab06c751534616dd8 (patch) | |
tree | 1fe8f7fdf8096d8a405cfa2236d03d1a081ca13a /CryptoPkg/Library/BaseCryptLib | |
parent | aaa90aacaf317e43678115c5d008964590dc4060 (diff) | |
download | edk2-0a6fc3d0676f6f64bc54c61ab06c751534616dd8.tar.gz edk2-0a6fc3d0676f6f64bc54c61ab06c751534616dd8.tar.bz2 edk2-0a6fc3d0676f6f64bc54c61ab06c751534616dd8.zip |
CryptoPkg/BaseCrpytLib: Retire MD4 algorithm
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898
MD4 is not secure any longer.
Remove the MD4 support from edk2.
Change the MD4 field name in EDKII_CRYPTO_PROTOCOL to indicate the
function is unsupported any longer.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Diffstat (limited to 'CryptoPkg/Library/BaseCryptLib')
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 3 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c | 223 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c | 143 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 5 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni | 6 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 5 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni | 6 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 5 | ||||
-rw-r--r-- | CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni | 6 |
9 files changed, 16 insertions, 386 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf index a63ad66b4f..22992e7d43 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -6,7 +6,7 @@ # This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
-# Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -29,7 +29,6 @@ [Sources]
InternalCryptLib.h
- Hash/CryptMd4.c
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c deleted file mode 100644 index bc02da07b0..0000000000 --- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c +++ /dev/null @@ -1,223 +0,0 @@ -/** @file
- MD4 Digest Wrapper Implementation over OpenSSL.
-
-Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-#include <openssl/md4.h>
-
-/**
- Retrieves the size, in bytes, of the context buffer required for MD4 hash operations.
-
- @return The size, in bytes, of the context buffer required for MD4 hash operations.
-
-**/
-UINTN
-EFIAPI
-Md4GetContextSize (
- VOID
- )
-{
- //
- // Retrieves the OpenSSL MD4 Context Size
- //
- return (UINTN) (sizeof (MD4_CTX));
-}
-
-/**
- Initializes user-supplied memory pointed by Md4Context as MD4 hash context for
- subsequent use.
-
- If Md4Context is NULL, then return FALSE.
-
- @param[out] Md4Context Pointer to MD4 context being initialized.
-
- @retval TRUE MD4 context initialization succeeded.
- @retval FALSE MD4 context initialization failed.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Init (
- OUT VOID *Md4Context
- )
-{
- //
- // Check input parameters.
- //
- if (Md4Context == NULL) {
- return FALSE;
- }
-
- //
- // OpenSSL MD4 Context Initialization
- //
- return (BOOLEAN) (MD4_Init ((MD4_CTX *) Md4Context));
-}
-
-/**
- Makes a copy of an existing MD4 context.
-
- If Md4Context is NULL, then return FALSE.
- If NewMd4Context is NULL, then return FALSE.
-
- @param[in] Md4Context Pointer to MD4 context being copied.
- @param[out] NewMd4Context Pointer to new MD4 context.
-
- @retval TRUE MD4 context copy succeeded.
- @retval FALSE MD4 context copy failed.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Duplicate (
- IN CONST VOID *Md4Context,
- OUT VOID *NewMd4Context
- )
-{
- //
- // Check input parameters.
- //
- if (Md4Context == NULL || NewMd4Context == NULL) {
- return FALSE;
- }
-
- CopyMem (NewMd4Context, Md4Context, sizeof (MD4_CTX));
-
- return TRUE;
-}
-
-/**
- Digests the input data and updates MD4 context.
-
- This function performs MD4 digest on a data buffer of the specified size.
- It can be called multiple times to compute the digest of long or discontinuous data streams.
- MD4 context should be already correctly initialized by Md4Init(), and should not be finalized
- by Md4Final(). Behavior with invalid context is undefined.
-
- If Md4Context is NULL, then return FALSE.
-
- @param[in, out] Md4Context Pointer to the MD4 context.
- @param[in] Data Pointer to the buffer containing the data to be hashed.
- @param[in] DataSize Size of Data buffer in bytes.
-
- @retval TRUE MD4 data digest succeeded.
- @retval FALSE MD4 data digest failed.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Update (
- IN OUT VOID *Md4Context,
- IN CONST VOID *Data,
- IN UINTN DataSize
- )
-{
- //
- // Check input parameters.
- //
- if (Md4Context == NULL) {
- return FALSE;
- }
-
- //
- // Check invalid parameters, in case that only DataLength was checked in OpenSSL
- //
- if (Data == NULL && DataSize != 0) {
- return FALSE;
- }
-
- //
- // OpenSSL MD4 Hash Update
- //
- return (BOOLEAN) (MD4_Update ((MD4_CTX *) Md4Context, Data, DataSize));
-}
-
-/**
- Completes computation of the MD4 digest value.
-
- This function completes MD4 hash computation and retrieves the digest value into
- the specified memory. After this function has been called, the MD4 context cannot
- be used again.
- MD4 context should be already correctly initialized by Md4Init(), and should not be
- finalized by Md4Final(). Behavior with invalid MD4 context is undefined.
-
- If Md4Context is NULL, then return FALSE.
- If HashValue is NULL, then return FALSE.
-
- @param[in, out] Md4Context Pointer to the MD4 context.
- @param[out] HashValue Pointer to a buffer that receives the MD4 digest
- value (16 bytes).
-
- @retval TRUE MD4 digest computation succeeded.
- @retval FALSE MD4 digest computation failed.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Final (
- IN OUT VOID *Md4Context,
- OUT UINT8 *HashValue
- )
-{
- //
- // Check input parameters.
- //
- if (Md4Context == NULL || HashValue == NULL) {
- return FALSE;
- }
-
- //
- // OpenSSL MD4 Hash Finalization
- //
- return (BOOLEAN) (MD4_Final (HashValue, (MD4_CTX *) Md4Context));
-}
-
-/**
- Computes the MD4 message digest of a input data buffer.
-
- This function performs the MD4 message digest of a given data buffer, and places
- the digest value into the specified memory.
-
- If this interface is not supported, then return FALSE.
-
- @param[in] Data Pointer to the buffer containing the data to be hashed.
- @param[in] DataSize Size of Data buffer in bytes.
- @param[out] HashValue Pointer to a buffer that receives the MD4 digest
- value (16 bytes).
-
- @retval TRUE MD4 digest computation succeeded.
- @retval FALSE MD4 digest computation failed.
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4HashAll (
- IN CONST VOID *Data,
- IN UINTN DataSize,
- OUT UINT8 *HashValue
- )
-{
- //
- // Check input parameters.
- //
- if (HashValue == NULL) {
- return FALSE;
- }
- if (Data == NULL && DataSize != 0) {
- return FALSE;
- }
-
- //
- // OpenSSL MD4 Hash Computation.
- //
- if (MD4 (Data, DataSize, HashValue) == NULL) {
- return FALSE;
- } else {
- return TRUE;
- }
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c deleted file mode 100644 index 610c61c713..0000000000 --- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c +++ /dev/null @@ -1,143 +0,0 @@ -/** @file
- MD4 Digest Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
- Retrieves the size, in bytes, of the context buffer required for MD4 hash
- operations.
-
- Return zero to indicate this interface is not supported.
-
- @retval 0 This interface is not supported.
-
-**/
-UINTN
-EFIAPI
-Md4GetContextSize (
- VOID
- )
-{
- ASSERT (FALSE);
- return 0;
-}
-
-/**
- Initializes user-supplied memory pointed by Md4Context as MD4 hash context for
- subsequent use.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[out] Md4Context Pointer to MD4 context being initialized.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Init (
- OUT VOID *Md4Context
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Makes a copy of an existing MD4 context.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in] Md4Context Pointer to MD4 context being copied.
- @param[out] NewMd4Context Pointer to new MD4 context.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Duplicate (
- IN CONST VOID *Md4Context,
- OUT VOID *NewMd4Context
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Digests the input data and updates MD4 context.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Md4Context Pointer to the MD4 context.
- @param[in] Data Pointer to the buffer containing the data to be hashed.
- @param[in] DataSize Size of Data buffer in bytes.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Update (
- IN OUT VOID *Md4Context,
- IN CONST VOID *Data,
- IN UINTN DataSize
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Completes computation of the MD4 digest value.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Md4Context Pointer to the MD4 context.
- @param[out] HashValue Pointer to a buffer that receives the MD4 digest
- value (16 bytes).
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4Final (
- IN OUT VOID *Md4Context,
- OUT UINT8 *HashValue
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Computes the MD4 message digest of a input data buffer.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in] Data Pointer to the buffer containing the data to be hashed.
- @param[in] DataSize Size of Data buffer in bytes.
- @param[out] HashValue Pointer to a buffer that receives the MD4 digest
- value (16 bytes).
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Md4HashAll (
- IN CONST VOID *Data,
- IN UINTN DataSize,
- OUT UINT8 *HashValue
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf index c836c257f8..e9add0127d 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -6,14 +6,14 @@ # This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
-# Note: MD4 Digest functions,
+# Note:
# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509
# certificate handler functions, authenticode signature verification functions,
# PEM handler functions, and pseudorandom number generator functions are not
# supported in this instance.
#
-# Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -35,7 +35,6 @@ [Sources]
InternalCryptLib.h
- Hash/CryptMd4Null.c
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni index 9937555beb..374bfb3f65 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni @@ -6,13 +6,13 @@ // This external input must be validated carefully to avoid security issues such as
// buffer overflow or integer overflow.
//
-// Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
+// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, X.509 certificate handler functions, authenticode
// signature verification functions, PEM handler functions, and pseudorandom number
// generator functions are not supported in this instance.
//
-// Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
//
// SPDX-License-Identifier: BSD-2-Clause-Patent
//
@@ -21,5 +21,5 @@ #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for PEIM"
-#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."
+#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf index e5b8ececc1..0a2eb03232 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -6,12 +6,12 @@ # This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
-# Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,
+# Note: SHA-384 Digest functions, SHA-512 Digest functions,
# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
-# Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -35,7 +35,6 @@ [Sources]
InternalCryptLib.h
- Hash/CryptMd4Null.c
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni index c0a16f1b84..b6d751176e 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni @@ -6,12 +6,12 @@ // This external input must be validated carefully to avoid security issues such as
// buffer overflow or integer overflow.
//
-// Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
+// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, and authenticode signature verification functions are
// not supported in this instance.
//
-// Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
//
// SPDX-License-Identifier: BSD-2-Clause-Patent
//
@@ -20,5 +20,5 @@ #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for DXE_RUNTIME_DRIVER"
-#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
+#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf index cc0b65fd25..139983075e 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -6,12 +6,12 @@ # This external input must be validated carefully to avoid security issues such as
# buffer overflow or integer overflow.
#
-# Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,
+# Note: SHA-384 Digest functions, SHA-512 Digest functions,
# HMAC-MD5 functions, HMAC-SHA1 functions, TDES/ARC4 functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
-# Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -34,7 +34,6 @@ [Sources]
InternalCryptLib.h
- Hash/CryptMd4Null.c
Hash/CryptMd5.c
Hash/CryptSha1.c
Hash/CryptSha256.c
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni index 83485fbb90..b8d7953d2b 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni @@ -6,12 +6,12 @@ // This external input must be validated carefully to avoid security issues such as
// buffer overflow or integer overflow.
//
-// Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/
+// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, and authenticode signature verification functions are
// not supported in this instance.
//
-// Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
//
// SPDX-License-Identifier: BSD-2-Clause-Patent
//
@@ -20,5 +20,5 @@ #string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for SMM driver"
-#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
+#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
|