summaryrefslogtreecommitdiffstats
path: root/CryptoPkg/Library/BaseCryptLib
diff options
context:
space:
mode:
Diffstat (limited to 'CryptoPkg/Library/BaseCryptLib')
-rw-r--r--CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf1
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c205
-rw-r--r--CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c124
-rw-r--r--CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf3
-rw-r--r--CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni4
-rw-r--r--CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf3
-rw-r--r--CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni4
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf3
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni4
9 files changed, 9 insertions, 342 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
index 22992e7d43..da38ea552f 100644
--- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
@@ -40,7 +40,6 @@
Kdf/CryptHkdf.c
Cipher/CryptAes.c
Cipher/CryptTdes.c
- Cipher/CryptArc4.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExt.c
Pk/CryptPkcs1Oaep.c
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
deleted file mode 100644
index 388d312bed..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
+++ /dev/null
@@ -1,205 +0,0 @@
-/** @file
- ARC4 Wrapper Implementation over OpenSSL.
-
-Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-#include <openssl/rc4.h>
-
-/**
- Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
- @return The size, in bytes, of the context buffer required for ARC4 operations.
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
- VOID
- )
-{
- //
- // Memory for 2 copies of RC4_KEY is allocated, one for working copy, and the other
- // for backup copy. When Arc4Reset() is called, we can use the backup copy to restore
- // the working copy to the initial state.
- //
- return (UINTN) (2 * sizeof (RC4_KEY));
-}
-
-/**
- Initializes user-supplied memory as ARC4 context for subsequent use.
-
- This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
- In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
- operations.
-
- If Arc4Context is NULL, then return FALSE.
- If Key is NULL, then return FALSE.
- If KeySize does not in the range of [5, 256] bytes, then return FALSE.
-
- @param[out] Arc4Context Pointer to ARC4 context being initialized.
- @param[in] Key Pointer to the user-supplied ARC4 key.
- @param[in] KeySize Size of ARC4 key in bytes.
-
- @retval TRUE ARC4 context initialization succeeded.
- @retval FALSE ARC4 context initialization failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
- OUT VOID *Arc4Context,
- IN CONST UINT8 *Key,
- IN UINTN KeySize
- )
-{
- RC4_KEY *Rc4Key;
-
- //
- // Check input parameters.
- //
- if (Arc4Context == NULL || Key == NULL || (KeySize < 5 || KeySize > 256)) {
- return FALSE;
- }
-
- Rc4Key = (RC4_KEY *) Arc4Context;
-
- RC4_set_key (Rc4Key, (UINT32) KeySize, Key);
-
- CopyMem (Rc4Key + 1, Rc4Key, sizeof (RC4_KEY));
-
- return TRUE;
-}
-
-/**
- Performs ARC4 encryption on a data buffer of the specified size.
-
- This function performs ARC4 encryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be encrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
-
- @retval TRUE ARC4 encryption succeeded.
- @retval FALSE ARC4 encryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
- IN OUT VOID *Arc4Context,
- IN CONST UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- RC4_KEY *Rc4Key;
-
- //
- // Check input parameters.
- //
- if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
- return FALSE;
- }
-
- Rc4Key = (RC4_KEY *) Arc4Context;
-
- RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
-
- return TRUE;
-}
-
-/**
- Performs ARC4 decryption on a data buffer of the specified size.
-
- This function performs ARC4 decryption on data buffer pointed by Input, of specified
- size of InputSize.
- Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
- invalid ARC4 context is undefined.
-
- If Arc4Context is NULL, then return FALSE.
- If Input is NULL, then return FALSE.
- If Output is NULL, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be decrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
-
- @retval TRUE ARC4 decryption succeeded.
- @retval FALSE ARC4 decryption failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
- IN OUT VOID *Arc4Context,
- IN UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- RC4_KEY *Rc4Key;
-
- //
- // Check input parameters.
- //
- if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) {
- return FALSE;
- }
-
- Rc4Key = (RC4_KEY *) Arc4Context;
-
- RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
-
- return TRUE;
-}
-
-/**
- Resets the ARC4 context to the initial state.
-
- The function resets the ARC4 context to the state it had immediately after the
- ARC4Init() function call.
- Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
- should be already correctly initialized by ARC4Init().
-
- If Arc4Context is NULL, then return FALSE.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
-
- @retval TRUE ARC4 reset succeeded.
- @retval FALSE ARC4 reset failed.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
- IN OUT VOID *Arc4Context
- )
-{
- RC4_KEY *Rc4Key;
-
- //
- // Check input parameters.
- //
- if (Arc4Context == NULL) {
- return FALSE;
- }
-
- Rc4Key = (RC4_KEY *) Arc4Context;
-
- CopyMem (Rc4Key, Rc4Key + 1, sizeof (RC4_KEY));
-
- return TRUE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
deleted file mode 100644
index 1f09bfa30e..0000000000
--- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4Null.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/** @file
- ARC4 Wrapper Implementation which does not provide real capabilities.
-
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include "InternalCryptLib.h"
-
-/**
- Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
- Return zero to indicate this interface is not supported.
-
- @retval 0 This interface is not supported.
-
-
-**/
-UINTN
-EFIAPI
-Arc4GetContextSize (
- VOID
- )
-{
- ASSERT (FALSE);
- return 0;
-}
-
-/**
- Initializes user-supplied memory as ARC4 context for subsequent use.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[out] Arc4Context Pointer to ARC4 context being initialized.
- @param[in] Key Pointer to the user-supplied ARC4 key.
- @param[in] KeySize Size of ARC4 key in bytes.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Init (
- OUT VOID *Arc4Context,
- IN CONST UINT8 *Key,
- IN UINTN KeySize
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Performs ARC4 encryption on a data buffer of the specified size.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be encrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Encrypt (
- IN OUT VOID *Arc4Context,
- IN CONST UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Performs ARC4 decryption on a data buffer of the specified size.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
- @param[in] Input Pointer to the buffer containing the data to be decrypted.
- @param[in] InputSize Size of the Input buffer in bytes.
- @param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Decrypt (
- IN OUT VOID *Arc4Context,
- IN UINT8 *Input,
- IN UINTN InputSize,
- OUT UINT8 *Output
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
-
-/**
- Resets the ARC4 context to the initial state.
-
- Return FALSE to indicate this interface is not supported.
-
- @param[in, out] Arc4Context Pointer to the ARC4 context.
-
- @retval FALSE This interface is not supported.
-
-**/
-BOOLEAN
-EFIAPI
-Arc4Reset (
- IN OUT VOID *Arc4Context
- )
-{
- ASSERT (FALSE);
- return FALSE;
-}
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
index e9add0127d..f43953b78c 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf
@@ -7,7 +7,7 @@
# buffer overflow or integer overflow.
#
# Note:
-# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
+# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509
# certificate handler functions, authenticode signature verification functions,
# PEM handler functions, and pseudorandom number generator functions are not
@@ -46,7 +46,6 @@
Kdf/CryptHkdfNull.c
Cipher/CryptAesNull.c
Cipher/CryptTdesNull.c
- Cipher/CryptArc4Null.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
index 374bfb3f65..5abd8e8dfb 100644
--- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
+++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.uni
@@ -7,7 +7,7 @@
// buffer overflow or integer overflow.
//
// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
-// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
+// TDES functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, X.509 certificate handler functions, authenticode
// signature verification functions, PEM handler functions, and pseudorandom number
// generator functions are not supported in this instance.
@@ -21,5 +21,5 @@
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for PEIM"
-#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."
+#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, X.509 certificate handler functions, authenticode signature verification functions, PEM handler functions, and pseudorandom number generator functions are not supported in this instance."
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
index 0a2eb03232..f1eb099b67 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
@@ -7,7 +7,7 @@
# buffer overflow or integer overflow.
#
# Note: SHA-384 Digest functions, SHA-512 Digest functions,
-# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES/ARC4 functions, RSA external
+# HMAC-MD5 functions, HMAC-SHA1/SHA256 functions, AES/TDES functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
@@ -46,7 +46,6 @@
Kdf/CryptHkdfNull.c
Cipher/CryptAesNull.c
Cipher/CryptTdesNull.c
- Cipher/CryptArc4Null.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptPkcs1OaepNull.c
diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
index b6d751176e..5a48d2a308 100644
--- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
+++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.uni
@@ -7,7 +7,7 @@
// buffer overflow or integer overflow.
//
// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
-// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
+// TDES functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, and authenticode signature verification functions are
// not supported in this instance.
//
@@ -20,5 +20,5 @@
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for DXE_RUNTIME_DRIVER"
-#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
+#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
index 139983075e..3a94655775 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -7,7 +7,7 @@
# buffer overflow or integer overflow.
#
# Note: SHA-384 Digest functions, SHA-512 Digest functions,
-# HMAC-MD5 functions, HMAC-SHA1 functions, TDES/ARC4 functions, RSA external
+# HMAC-MD5 functions, HMAC-SHA1 functions, TDES functions, RSA external
# functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
# authenticode signature verification functions are not supported in this instance.
#
@@ -45,7 +45,6 @@
Kdf/CryptHkdfNull.c
Cipher/CryptAes.c
Cipher/CryptTdesNull.c
- Cipher/CryptArc4Null.c
Pk/CryptRsaBasic.c
Pk/CryptRsaExtNull.c
Pk/CryptPkcs1Oaep.c
diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
index b8d7953d2b..0561f107e8 100644
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.uni
@@ -7,7 +7,7 @@
// buffer overflow or integer overflow.
//
// Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/
-// TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions,
+// TDES functions, RSA external functions, PKCS#7 SignedData sign functions,
// Diffie-Hellman functions, and authenticode signature verification functions are
// not supported in this instance.
//
@@ -20,5 +20,5 @@
#string STR_MODULE_ABSTRACT #language en-US "Cryptographic Library Instance for SMM driver"
-#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES/ARC4 functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
+#string STR_MODULE_DESCRIPTION #language en-US "Caution: This module requires additional review when modified. This library will have external input - signature. This external input must be validated carefully to avoid security issues such as buffer overflow or integer overflow. Note: HMAC-MD5 functions, HMAC-SHA1 functions, AES/ TDES functions, RSA external functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and authenticode signature verification functions are not supported in this instance."
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 15:13:43 +0000