From c22a32e1abd2c31c50bcf5eb160ccb5c0daf36ef Mon Sep 17 00:00:00 2001
From: Zhichao Gao <zhichao.gao@intel.com>
Date: Wed, 22 Apr 2020 17:44:12 +0800
Subject: CryptoPkg/BaseCryptLib: Retire ARC4 algorithm

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898

ARC4 is not secure any longer.
Remove the ARC4 support from edk2.
Change the ARC4 field name in EDKII_CRYPTO_PROTOCOL to indicate the
function is unsupported any longer.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 CryptoPkg/Driver/Crypto.c | 95 +++++++++++++----------------------------------
 1 file changed, 26 insertions(+), 69 deletions(-)

(limited to 'CryptoPkg/Driver')

diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index 53ee0edea5..af61482919 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -2037,150 +2037,107 @@ CryptoServiceAesCbcDecrypt (
 }
 
 /**
-  Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
-
-  If this interface is not supported, then return zero.
+  ARC4 is deprecated and unsupported any longer.
+  Keep the function field for binary compability.
 
-  @return  The size, in bytes, of the context buffer required for ARC4 operations.
   @retval  0   This interface is not supported.
 
 **/
 UINTN
 EFIAPI
-CryptoServiceArc4GetContextSize (
+DeprecatedCryptoServiceArc4GetContextSize (
   VOID
   )
 {
-  return CALL_BASECRYPTLIB (Arc4.Services.GetContextSize, Arc4GetContextSize, (), 0);
+  return BaseCryptLibServiceDeprecated ("Arc4GetContextSize"), 0;
 }
 
 /**
-  Initializes user-supplied memory as ARC4 context for subsequent use.
-
-  This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
-  In addition, it sets up all ARC4 key materials for subsequent encryption and decryption
-  operations.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Key is NULL, then return FALSE.
-  If KeySize does not in the range of [5, 256] bytes, then return FALSE.
-  If this interface is not supported, then return FALSE.
+  ARC4 is deprecated and unsupported any longer.
+  Keep the function field for binary compability.
 
   @param[out]  Arc4Context  Pointer to ARC4 context being initialized.
   @param[in]   Key          Pointer to the user-supplied ARC4 key.
   @param[in]   KeySize      Size of ARC4 key in bytes.
 
-  @retval TRUE   ARC4 context initialization succeeded.
-  @retval FALSE  ARC4 context initialization failed.
   @retval FALSE  This interface is not supported.
 
 **/
 BOOLEAN
 EFIAPI
-CryptoServiceArc4Init (
+DeprecatedCryptoServiceArc4Init (
   OUT  VOID         *Arc4Context,
   IN   CONST UINT8  *Key,
   IN   UINTN        KeySize
   )
 {
-  return CALL_BASECRYPTLIB (Arc4.Services.Init, Arc4Init, (Arc4Context, Key, KeySize), FALSE);
+  return BaseCryptLibServiceDeprecated ("Arc4Init"), FALSE;
 }
 
 /**
-  Performs ARC4 encryption on a data buffer of the specified size.
-
-  This function performs ARC4 encryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
+  ARC4 is deprecated and unsupported any longer.
+  Keep the function field for binary compability.
 
   @param[in, out]  Arc4Context  Pointer to the ARC4 context.
   @param[in]       Input        Pointer to the buffer containing the data to be encrypted.
   @param[in]       InputSize    Size of the Input buffer in bytes.
   @param[out]      Output       Pointer to a buffer that receives the ARC4 encryption output.
 
-  @retval TRUE   ARC4 encryption succeeded.
-  @retval FALSE  ARC4 encryption failed.
   @retval FALSE  This interface is not supported.
 
 **/
 BOOLEAN
 EFIAPI
-CryptoServiceArc4Encrypt (
+DeprecatedCryptoServiceArc4Encrypt (
   IN OUT  VOID         *Arc4Context,
   IN      CONST UINT8  *Input,
   IN      UINTN        InputSize,
   OUT     UINT8        *Output
   )
 {
-  return CALL_BASECRYPTLIB (Arc4.Services.Encrypt, Arc4Encrypt, (Arc4Context, Input, InputSize, Output), FALSE);
+  return BaseCryptLibServiceDeprecated ("Arc4Encrypt"), FALSE;
 }
 
 /**
-  Performs ARC4 decryption on a data buffer of the specified size.
-
-  This function performs ARC4 decryption on data buffer pointed by Input, of specified
-  size of InputSize.
-  Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
-  invalid ARC4 context is undefined.
-
-  If Arc4Context is NULL, then return FALSE.
-  If Input is NULL, then return FALSE.
-  If Output is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
+  ARC4 is deprecated and unsupported any longer.
+  Keep the function field for binary compability.
 
   @param[in, out]  Arc4Context  Pointer to the ARC4 context.
   @param[in]       Input        Pointer to the buffer containing the data to be decrypted.
   @param[in]       InputSize    Size of the Input buffer in bytes.
   @param[out]      Output       Pointer to a buffer that receives the ARC4 decryption output.
 
-  @retval TRUE   ARC4 decryption succeeded.
-  @retval FALSE  ARC4 decryption failed.
   @retval FALSE  This interface is not supported.
 
 **/
 BOOLEAN
 EFIAPI
-CryptoServiceArc4Decrypt (
+DeprecatedCryptoServiceArc4Decrypt (
   IN OUT  VOID   *Arc4Context,
   IN      UINT8  *Input,
   IN      UINTN  InputSize,
   OUT     UINT8  *Output
   )
 {
-  return CALL_BASECRYPTLIB (Arc4.Services.Decrypt, Arc4Decrypt, (Arc4Context, Input, InputSize, Output), FALSE);
+  return BaseCryptLibServiceDeprecated ("Arc4Decrypt"), FALSE;
 }
 
 /**
-  Resets the ARC4 context to the initial state.
-
-  The function resets the ARC4 context to the state it had immediately after the
-  ARC4Init() function call.
-  Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
-  should be already correctly initialized by ARC4Init().
-
-  If Arc4Context is NULL, then return FALSE.
-  If this interface is not supported, then return FALSE.
+  ARC4 is deprecated and unsupported any longer.
+  Keep the function field for binary compability.
 
   @param[in, out]  Arc4Context  Pointer to the ARC4 context.
 
-  @retval TRUE   ARC4 reset succeeded.
-  @retval FALSE  ARC4 reset failed.
   @retval FALSE  This interface is not supported.
 
 **/
 BOOLEAN
 EFIAPI
-CryptoServiceArc4Reset (
+DeprecatedCryptoServiceArc4Reset (
   IN OUT  VOID  *Arc4Context
   )
 {
-  return CALL_BASECRYPTLIB (Arc4.Services.Reset, Arc4Reset, (Arc4Context), FALSE);
+  return BaseCryptLibServiceDeprecated ("Arc4Reset"), FALSE;
 }
 
 //=====================================================================================
@@ -4502,12 +4459,12 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
   CryptoServiceAesEcbDecrypt,
   CryptoServiceAesCbcEncrypt,
   CryptoServiceAesCbcDecrypt,
-  /// Arc4
-  CryptoServiceArc4GetContextSize,
-  CryptoServiceArc4Init,
-  CryptoServiceArc4Encrypt,
-  CryptoServiceArc4Decrypt,
-  CryptoServiceArc4Reset,
+  /// Arc4 - deprecated and unsupported
+  DeprecatedCryptoServiceArc4GetContextSize,
+  DeprecatedCryptoServiceArc4Init,
+  DeprecatedCryptoServiceArc4Encrypt,
+  DeprecatedCryptoServiceArc4Decrypt,
+  DeprecatedCryptoServiceArc4Reset,
   /// SM3
   CryptoServiceSm3GetContextSize,
   CryptoServiceSm3Init,
-- 
cgit v1.2.3