CryptoPkg/BaseCrpytLib: Retire MD4 algorithm

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898

MD4 is not secure any longer.
Remove the MD4 support from edk2.
Change the MD4 field name in EDKII_CRYPTO_PROTOCOL to indicate the
function is unsupported any longer.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>

12 files changed, 16 insertions, 688 deletions

diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index a63ad66b4f..22992e7d43 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -6,7 +6,7 @@
 #  This external input must be validated carefully to avoid security issues such as

 #  buffer overflow or integer overflow.

 #

-#  Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>

+#  Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>

 #  Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights reserved.<BR>

 #  SPDX-License-Identifier: BSD-2-Clause-Patent

 #

@@ -29,7 +29,6 @@
 

 [Sources]

   InternalCryptLib.h

-  Hash/CryptMd4.c

   Hash/CryptMd5.c

   Hash/CryptSha1.c

   Hash/CryptSha256.c

diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
deleted file mode 100644
index bc02da07b0..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4.c
+++ /dev/null
@@ -1,223 +0,0 @@
-/** @file

-  MD4 Digest Wrapper Implementation over OpenSSL.

-

-Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>

-SPDX-License-Identifier: BSD-2-Clause-Patent

-

-**/

-

-#include "InternalCryptLib.h"

-#include <openssl/md4.h>

-

-/**

-  Retrieves the size, in bytes, of the context buffer required for MD4 hash operations.

-

-  @return  The size, in bytes, of the context buffer required for MD4 hash operations.

-

-**/

-UINTN

-EFIAPI

-Md4GetContextSize (

-  VOID

-  )

-{

-  //

-  // Retrieves the OpenSSL MD4 Context Size

-  //

-  return (UINTN) (sizeof (MD4_CTX));

-}

-

-/**

-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for

-  subsequent use.

-

-  If Md4Context is NULL, then return FALSE.

-

-  @param[out]  Md4Context  Pointer to MD4 context being initialized.

-

-  @retval TRUE   MD4 context initialization succeeded.

-  @retval FALSE  MD4 context initialization failed.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Init (

-  OUT  VOID  *Md4Context

-  )

-{

-  //

-  // Check input parameters.

-  //

-  if (Md4Context == NULL) {

-    return FALSE;

-  }

-

-  //

-  // OpenSSL MD4 Context Initialization

-  //

-  return (BOOLEAN) (MD4_Init ((MD4_CTX *) Md4Context));

-}

-

-/**

-  Makes a copy of an existing MD4 context.

-

-  If Md4Context is NULL, then return FALSE.

-  If NewMd4Context is NULL, then return FALSE.

-

-  @param[in]  Md4Context     Pointer to MD4 context being copied.

-  @param[out] NewMd4Context  Pointer to new MD4 context.

-

-  @retval TRUE   MD4 context copy succeeded.

-  @retval FALSE  MD4 context copy failed.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Duplicate (

-  IN   CONST VOID  *Md4Context,

-  OUT  VOID        *NewMd4Context

-  )

-{

-  //

-  // Check input parameters.

-  //

-  if (Md4Context == NULL || NewMd4Context == NULL) {

-    return FALSE;

-  }

-

-  CopyMem (NewMd4Context, Md4Context, sizeof (MD4_CTX));

-

-  return TRUE;

-}

-

-/**

-  Digests the input data and updates MD4 context.

-

-  This function performs MD4 digest on a data buffer of the specified size.

-  It can be called multiple times to compute the digest of long or discontinuous data streams.

-  MD4 context should be already correctly initialized by Md4Init(), and should not be finalized

-  by Md4Final(). Behavior with invalid context is undefined.

-

-  If Md4Context is NULL, then return FALSE.

-

-  @param[in, out]  Md4Context  Pointer to the MD4 context.

-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.

-  @param[in]       DataSize    Size of Data buffer in bytes.

-

-  @retval TRUE   MD4 data digest succeeded.

-  @retval FALSE  MD4 data digest failed.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Update (

-  IN OUT  VOID        *Md4Context,

-  IN      CONST VOID  *Data,

-  IN      UINTN       DataSize

-  )

-{

-  //

-  // Check input parameters.

-  //

-  if (Md4Context == NULL) {

-    return FALSE;

-  }

-

-  //

-  // Check invalid parameters, in case that only DataLength was checked in OpenSSL

-  //

-  if (Data == NULL && DataSize != 0) {

-    return FALSE;

-  }

-

-  //

-  // OpenSSL MD4 Hash Update

-  //

-  return (BOOLEAN) (MD4_Update ((MD4_CTX *) Md4Context, Data, DataSize));

-}

-

-/**

-  Completes computation of the MD4 digest value.

-

-  This function completes MD4 hash computation and retrieves the digest value into

-  the specified memory. After this function has been called, the MD4 context cannot

-  be used again.

-  MD4 context should be already correctly initialized by Md4Init(), and should not be

-  finalized by Md4Final(). Behavior with invalid MD4 context is undefined.

-

-  If Md4Context is NULL, then return FALSE.

-  If HashValue is NULL, then return FALSE.

-

-  @param[in, out]  Md4Context  Pointer to the MD4 context.

-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest

-                               value (16 bytes).

-

-  @retval TRUE   MD4 digest computation succeeded.

-  @retval FALSE  MD4 digest computation failed.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Final (

-  IN OUT  VOID   *Md4Context,

-  OUT     UINT8  *HashValue

-  )

-{

-  //

-  // Check input parameters.

-  //

-  if (Md4Context == NULL || HashValue == NULL) {

-    return FALSE;

-  }

-

-  //

-  // OpenSSL MD4 Hash Finalization

-  //

-  return (BOOLEAN) (MD4_Final (HashValue, (MD4_CTX *) Md4Context));

-}

-

-/**

-  Computes the MD4 message digest of a input data buffer.

-

-  This function performs the MD4 message digest of a given data buffer, and places

-  the digest value into the specified memory.

-

-  If this interface is not supported, then return FALSE.

-

-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.

-  @param[in]   DataSize    Size of Data buffer in bytes.

-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest

-                           value (16 bytes).

-

-  @retval TRUE   MD4 digest computation succeeded.

-  @retval FALSE  MD4 digest computation failed.

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4HashAll (

-  IN   CONST VOID  *Data,

-  IN   UINTN       DataSize,

-  OUT  UINT8       *HashValue

-  )

-{

-  //

-  // Check input parameters.

-  //

-  if (HashValue == NULL) {

-    return FALSE;

-  }

-  if (Data == NULL && DataSize != 0) {

-    return FALSE;

-  }

-

-  //

-  // OpenSSL MD4 Hash Computation.

-  //

-  if (MD4 (Data, DataSize, HashValue) == NULL) {

-    return FALSE;

-  } else {

-    return TRUE;

-  }

-}

diff --git a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c b/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
deleted file mode 100644
index 610c61c713..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Hash/CryptMd4Null.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/** @file

-  MD4 Digest Wrapper Implementation which does not provide real capabilities.

-

-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>

-SPDX-License-Identifier: BSD-2-Clause-Patent

-

-**/

-

-#include "InternalCryptLib.h"

-

-/**

-  Retrieves the size, in bytes, of the context buffer required for MD4 hash

-  operations.

-

-  Return zero to indicate this interface is not supported.

-

-  @retval  0   This interface is not supported.

-

-**/

-UINTN

-EFIAPI

-Md4GetContextSize (

-  VOID

-  )

-{

-  ASSERT (FALSE);

-  return 0;

-}

-

-/**

-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for

-  subsequent use.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[out]  Md4Context  Pointer to MD4 context being initialized.

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Init (

-  OUT  VOID  *Md4Context

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

-

-/**

-  Makes a copy of an existing MD4 context.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[in]  Md4Context     Pointer to MD4 context being copied.

-  @param[out] NewMd4Context  Pointer to new MD4 context.

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Duplicate (

-  IN   CONST VOID  *Md4Context,

-  OUT  VOID        *NewMd4Context

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

-

-/**

-  Digests the input data and updates MD4 context.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[in, out]  Md4Context  Pointer to the MD4 context.

-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.

-  @param[in]       DataSize    Size of Data buffer in bytes.

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Update (

-  IN OUT  VOID        *Md4Context,

-  IN      CONST VOID  *Data,

-  IN      UINTN       DataSize

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

-

-/**

-  Completes computation of the MD4 digest value.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[in, out]  Md4Context  Pointer to the MD4 context.

-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest

-                               value (16 bytes).

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Final (

-  IN OUT  VOID   *Md4Context,

-  OUT     UINT8  *HashValue

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

-

-/**

-  Computes the MD4 message digest of a input data buffer.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.

-  @param[in]   DataSize    Size of Data buffer in bytes.

-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest

-                           value (16 bytes).

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4HashAll (

-  IN   CONST VOID  *Data,

-  IN   UINTN       DataSize,

-  OUT  UINT8       *HashValue

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index c836c257f8..e9add0127d 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -6,14 +6,14 @@
 #  This external input must be validated carefully to avoid security issues such as

 #  buffer overflow or integer overflow.

 #

-#  Note: MD4 Digest functions,

+#  Note:

 #  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external

 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509

 #  certificate handler functions, authenticode signature verification functions,

 #  PEM handler functions, and pseudorandom number generator functions are not

 #  supported in this instance.

 #

-#  Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>

+#  Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>

 #  SPDX-License-Identifier: BSD-2-Clause-Patent

 #

 ##

@@ -35,7 +35,6 @@
 

 [Sources]

   InternalCryptLib.h

-  Hash/CryptMd4Null.c

   Hash/CryptMd5.c

   Hash/CryptSha1.c

   Hash/CryptSha256.c

diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
index 9937555beb..374bfb3f65 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
@@ -6,13 +6,13 @@
 // This external input must be validated carefully to avoid security issues such as

 // buffer overflow or integer overflow.

 //

-// Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/

+// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/

 // TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,

 // Diffie-Hellman functions, X.509 certificate handler functions, authenticode

 // signature verification functions, PEM handler functions, and pseudorandom number

 // generator functions are not supported in this instance.

 //

-// Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>

+// Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>

 //

 // SPDX-License-Identifier: BSD-2-Clause-Patent

 //

@@ -21,5 +21,5 @@
 

 #string STR_MODULE_ABSTRACT             #language en-US "Cryptographic Library Instance for PEIM"

 

-#string STR_MODULE_DESCRIPTION          #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."

+#string STR_MODULE_DESCRIPTION          #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."

 

diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index e5b8ececc1..0a2eb03232 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -6,12 +6,12 @@
 #  This external input must be validated carefully to avoid security issues such as

 #  buffer overflow or integer overflow.

 #

-#  Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,

+#  Note: SHA-384 Digest functions, SHA-512 Digest functions,

 #  HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external

 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and

 #  authenticode signature verification functions are not supported in this instance.

 #

-#  Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>

+#  Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>

 #  Copyright (c) 2020, Hewlett Packard Enterprise Development LP. All rights reserved.<BR>

 #  SPDX-License-Identifier: BSD-2-Clause-Patent

 #

@@ -35,7 +35,6 @@
 

 [Sources]

   InternalCryptLib.h

-  Hash/CryptMd4Null.c

   Hash/CryptMd5.c

   Hash/CryptSha1.c

   Hash/CryptSha256.c

diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
index c0a16f1b84..b6d751176e 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
@@ -6,12 +6,12 @@
 // This external input must be validated carefully to avoid security issues such as

 // buffer overflow or integer overflow.

 //

-// Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/

+// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/

 // TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,

 // Diffie-Hellman functions, and authenticode signature verification functions are

 // not supported in this instance.

 //

-// Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>

+// Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>

 //

 // SPDX-License-Identifier: BSD-2-Clause-Patent

 //

@@ -20,5 +20,5 @@
 

 #string STR_MODULE_ABSTRACT             #language en-US "Cryptographic Library Instance for DXE_RUNTIME_DRIVER"

 

-#string STR_MODULE_DESCRIPTION          #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."

+#string STR_MODULE_DESCRIPTION          #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."

 

diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index cc0b65fd25..139983075e 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -6,12 +6,12 @@
 #  This external input must be validated carefully to avoid security issues such as

 #  buffer overflow or integer overflow.

 #

-#  Note: MD4 Digest functions, SHA-384 Digest functions, SHA-512 Digest functions,

+#  Note: SHA-384 Digest functions, SHA-512 Digest functions,

 #  HMAC-MD5 functions, HMAC-SHA1 functions, TDES/ARC4 functions, RSA external

 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and

 #  authenticode signature verification functions are not supported in this instance.

 #

-#  Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>

+#  Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>

 #  SPDX-License-Identifier: BSD-2-Clause-Patent

 #

 ##

@@ -34,7 +34,6 @@
 

 [Sources]

   InternalCryptLib.h

-  Hash/CryptMd4Null.c

   Hash/CryptMd5.c

   Hash/CryptSha1.c

   Hash/CryptSha256.c

diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
index 83485fbb90..b8d7953d2b 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
@@ -6,12 +6,12 @@
 // This external input must be validated carefully to avoid security issues such as

 // buffer overflow or integer overflow.

 //

-// Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/

+// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/

 // TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,

 // Diffie-Hellman functions, and authenticode signature verification functions are

 // not supported in this instance.

 //

-// Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>

+// Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>

 //

 // SPDX-License-Identifier: BSD-2-Clause-Patent

 //

@@ -20,5 +20,5 @@
 

 #string STR_MODULE_ABSTRACT             #language en-US "Cryptographic Library Instance for SMM driver"

 

-#string STR_MODULE_DESCRIPTION          #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: MD4 Digest functions, HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."

+#string STR_MODULE_DESCRIPTION          #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."

 

diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
index 9b4991cbb0..b03681b146 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
+++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
@@ -29,7 +29,6 @@
 

 [Sources]

   InternalCryptLib.h

-  Hash/CryptMd4Null.c

   Hash/CryptMd5Null.c

   Hash/CryptSha1Null.c

   Hash/CryptSha256Null.c

diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c b/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
deleted file mode 100644
index 610c61c713..0000000000
--- a/CryptoPkg/Library/BaseCryptLibNull/Hash/CryptMd4Null.c
+++ /dev/null
@@ -1,143 +0,0 @@
-/** @file

-  MD4 Digest Wrapper Implementation which does not provide real capabilities.

-

-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>

-SPDX-License-Identifier: BSD-2-Clause-Patent

-

-**/

-

-#include "InternalCryptLib.h"

-

-/**

-  Retrieves the size, in bytes, of the context buffer required for MD4 hash

-  operations.

-

-  Return zero to indicate this interface is not supported.

-

-  @retval  0   This interface is not supported.

-

-**/

-UINTN

-EFIAPI

-Md4GetContextSize (

-  VOID

-  )

-{

-  ASSERT (FALSE);

-  return 0;

-}

-

-/**

-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for

-  subsequent use.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[out]  Md4Context  Pointer to MD4 context being initialized.

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Init (

-  OUT  VOID  *Md4Context

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

-

-/**

-  Makes a copy of an existing MD4 context.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[in]  Md4Context     Pointer to MD4 context being copied.

-  @param[out] NewMd4Context  Pointer to new MD4 context.

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Duplicate (

-  IN   CONST VOID  *Md4Context,

-  OUT  VOID        *NewMd4Context

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

-

-/**

-  Digests the input data and updates MD4 context.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[in, out]  Md4Context  Pointer to the MD4 context.

-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.

-  @param[in]       DataSize    Size of Data buffer in bytes.

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Update (

-  IN OUT  VOID        *Md4Context,

-  IN      CONST VOID  *Data,

-  IN      UINTN       DataSize

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

-

-/**

-  Completes computation of the MD4 digest value.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[in, out]  Md4Context  Pointer to the MD4 context.

-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest

-                               value (16 bytes).

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Final (

-  IN OUT  VOID   *Md4Context,

-  OUT     UINT8  *HashValue

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

-

-/**

-  Computes the MD4 message digest of a input data buffer.

-

-  Return FALSE to indicate this interface is not supported.

-

-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.

-  @param[in]   DataSize    Size of Data buffer in bytes.

-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest

-                           value (16 bytes).

-

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4HashAll (

-  IN   CONST VOID  *Data,

-  IN   UINTN       DataSize,

-  OUT  UINT8       *HashValue

-  )

-{

-  ASSERT (FALSE);

-  return FALSE;

-}

diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index c2a1df9afc..5e470028f4 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -100,164 +100,6 @@ CryptoServiceNotAvailable (
 //=====================================================================================

 

 /**

-  Retrieves the size, in bytes, of the context buffer required for MD4 hash operations.

-

-  If this interface is not supported, then return zero.

-

-  @return  The size, in bytes, of the context buffer required for MD4 hash operations.

-  @retval  0   This interface is not supported.

-

-**/

-UINTN

-EFIAPI

-Md4GetContextSize (

-  VOID

-  )

-{

-  CALL_CRYPTO_SERVICE (Md4GetContextSize, (), 0);

-}

-

-/**

-  Initializes user-supplied memory pointed by Md4Context as MD4 hash context for

-  subsequent use.

-

-  If Md4Context is NULL, then return FALSE.

-  If this interface is not supported, then return FALSE.

-

-  @param[out]  Md4Context  Pointer to MD4 context being initialized.

-

-  @retval TRUE   MD4 context initialization succeeded.

-  @retval FALSE  MD4 context initialization failed.

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Init (

-  OUT  VOID  *Md4Context

-  )

-{

-  CALL_CRYPTO_SERVICE (Md4Init, (Md4Context), FALSE);

-}

-

-/**

-  Makes a copy of an existing MD4 context.

-

-  If Md4Context is NULL, then return FALSE.

-  If NewMd4Context is NULL, then return FALSE.

-  If this interface is not supported, then return FALSE.

-

-  @param[in]  Md4Context     Pointer to MD4 context being copied.

-  @param[out] NewMd4Context  Pointer to new MD4 context.

-

-  @retval TRUE   MD4 context copy succeeded.

-  @retval FALSE  MD4 context copy failed.

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Duplicate (

-  IN   CONST VOID  *Md4Context,

-  OUT  VOID        *NewMd4Context

-  )

-{

-  CALL_CRYPTO_SERVICE (Md4Duplicate, (Md4Context, NewMd4Context), FALSE);

-}

-

-/**

-  Digests the input data and updates MD4 context.

-

-  This function performs MD4 digest on a data buffer of the specified size.

-  It can be called multiple times to compute the digest of long or discontinuous data streams.

-  MD4 context should be already correctly initialized by Md4Init(), and should not be finalized

-  by Md4Final(). Behavior with invalid context is undefined.

-

-  If Md4Context is NULL, then return FALSE.

-  If this interface is not supported, then return FALSE.

-

-  @param[in, out]  Md4Context  Pointer to the MD4 context.

-  @param[in]       Data        Pointer to the buffer containing the data to be hashed.

-  @param[in]       DataSize    Size of Data buffer in bytes.

-

-  @retval TRUE   MD4 data digest succeeded.

-  @retval FALSE  MD4 data digest failed.

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Update (

-  IN OUT  VOID        *Md4Context,

-  IN      CONST VOID  *Data,

-  IN      UINTN       DataSize

-  )

-{

-  CALL_CRYPTO_SERVICE (Md4Update, (Md4Context, Data, DataSize), FALSE);

-}

-

-/**

-  Completes computation of the MD4 digest value.

-

-  This function completes MD4 hash computation and retrieves the digest value into

-  the specified memory. After this function has been called, the MD4 context cannot

-  be used again.

-  MD4 context should be already correctly initialized by Md4Init(), and should not be

-  finalized by Md4Final(). Behavior with invalid MD4 context is undefined.

-

-  If Md4Context is NULL, then return FALSE.

-  If HashValue is NULL, then return FALSE.

-  If this interface is not supported, then return FALSE.

-

-  @param[in, out]  Md4Context  Pointer to the MD4 context.

-  @param[out]      HashValue   Pointer to a buffer that receives the MD4 digest

-                               value (16 bytes).

-

-  @retval TRUE   MD4 digest computation succeeded.

-  @retval FALSE  MD4 digest computation failed.

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4Final (

-  IN OUT  VOID   *Md4Context,

-  OUT     UINT8  *HashValue

-  )

-{

-  CALL_CRYPTO_SERVICE (Md4Final, (Md4Context, HashValue), FALSE);

-}

-

-/**

-  Computes the MD4 message digest of a input data buffer.

-

-  This function performs the MD4 message digest of a given data buffer, and places

-  the digest value into the specified memory.

-

-  If this interface is not supported, then return FALSE.

-

-  @param[in]   Data        Pointer to the buffer containing the data to be hashed.

-  @param[in]   DataSize    Size of Data buffer in bytes.

-  @param[out]  HashValue   Pointer to a buffer that receives the MD4 digest

-                           value (16 bytes).

-

-  @retval TRUE   MD4 digest computation succeeded.

-  @retval FALSE  MD4 digest computation failed.

-  @retval FALSE  This interface is not supported.

-

-**/

-BOOLEAN

-EFIAPI

-Md4HashAll (

-  IN   CONST VOID  *Data,

-  IN   UINTN       DataSize,

-  OUT  UINT8       *HashValue

-  )

-{

-  CALL_CRYPTO_SERVICE (Md4HashAll, (Data, DataSize, HashValue), FALSE);

-}

-

-/**

   Retrieves the size, in bytes, of the context buffer required for MD5 hash operations.

 

   If this interface is not supported, then return zero.