CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c

   1 /** @file
   2   HMAC-SHA1 Wrapper Implementation over OpenSSL.
   3
   4 Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
   5 SPDX-License-Identifier: BSD-2-Clause-Patent
   6
   7 **/
   8
   9 #include "InternalCryptLib.h"
  10 #include <openssl/hmac.h>
  11
  12 //
  13 // NOTE: OpenSSL redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h
  14 //       #define HMAC_MAX_MD_CBLOCK_SIZE     144
  15 //
  16 //
  17 #define  HMAC_SHA1_CTX_SIZE   (sizeof(void *) * 4 + sizeof(unsigned int) + \
  18                              sizeof(unsigned char) * 144)
  19
  20 /**
  21   Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations.
  22   (NOTE: This API is deprecated.
  23          Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.)
  24
  25   @return  The size, in bytes, of the context buffer required for HMAC-SHA1 operations.
  26
  27 **/
  28 UINTN
  29 EFIAPI
  30 HmacSha1GetContextSize (
  31   VOID
  32   )
  33 {
  34   //
  35   // Retrieves the OpenSSL HMAC-SHA1 Context Size
  36   // NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the
  37   //       fixed size as a workaround to make this API work for compatibility.
  38   //       We should retire HmacSha15GetContextSize() in future, and use HmacSha1New()
  39   //       and HmacSha1Free() for context allocation and release.
  40   //
  41   return (UINTN) HMAC_SHA1_CTX_SIZE;
  42 }
  43
  44 /**
  45   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
  46
  47   @return  Pointer to the HMAC_CTX context that has been initialized.
  48            If the allocations fails, HmacSha1New() returns NULL.
  49
  50 **/
  51 VOID *
  52 EFIAPI
  53 HmacSha1New (
  54   VOID
  55   )
  56 {
  57   //
  58   // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new()
  59   //
  60   return (VOID *) HMAC_CTX_new ();
  61 }
  62
  63 /**
  64   Release the specified HMAC_CTX context.
  65
  66   @param[in]  HmacSha1Ctx  Pointer to the HMAC_CTX context to be released.
  67
  68 **/
  69 VOID
  70 EFIAPI
  71 HmacSha1Free (
  72   IN  VOID  *HmacSha1Ctx
  73   )
  74 {
  75   //
  76   // Free OpenSSL HMAC_CTX Context
  77   //
  78   HMAC_CTX_free ((HMAC_CTX *)HmacSha1Ctx);
  79 }
  80
  81 /**
  82   Initializes user-supplied memory pointed by HmacSha1Context as HMAC-SHA1 context for
  83   subsequent use.
  84
  85   If HmacSha1Context is NULL, then return FALSE.
  86
  87   @param[out]  HmacSha1Context  Pointer to HMAC-SHA1 context being initialized.
  88   @param[in]   Key              Pointer to the user-supplied key.
  89   @param[in]   KeySize          Key size in bytes.
  90
  91   @retval TRUE   HMAC-SHA1 context initialization succeeded.
  92   @retval FALSE  HMAC-SHA1 context initialization failed.
  93
  94 **/
  95 BOOLEAN
  96 EFIAPI
  97 HmacSha1Init (
  98   OUT  VOID         *HmacSha1Context,
  99   IN   CONST UINT8  *Key,
 100   IN   UINTN        KeySize
 101   )
 102 {
 103   //
 104   // Check input parameters.
 105   //
 106   if (HmacSha1Context == NULL || KeySize > INT_MAX) {
 107     return FALSE;
 108   }
 109
 110   //
 111   // OpenSSL HMAC-SHA1 Context Initialization
 112   //
 113   memset(HmacSha1Context, 0, HMAC_SHA1_CTX_SIZE);
 114   if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha1Context) != 1) {
 115     return FALSE;
 116   }
 117   if (HMAC_Init_ex ((HMAC_CTX *)HmacSha1Context, Key, (UINT32) KeySize, EVP_sha1(), NULL) != 1) {
 118     return FALSE;
 119   }
 120
 121   return TRUE;
 122 }
 123
 124 /**
 125   Makes a copy of an existing HMAC-SHA1 context.
 126
 127   If HmacSha1Context is NULL, then return FALSE.
 128   If NewHmacSha1Context is NULL, then return FALSE.
 129
 130   @param[in]  HmacSha1Context     Pointer to HMAC-SHA1 context being copied.
 131   @param[out] NewHmacSha1Context  Pointer to new HMAC-SHA1 context.
 132
 133   @retval TRUE   HMAC-SHA1 context copy succeeded.
 134   @retval FALSE  HMAC-SHA1 context copy failed.
 135
 136 **/
 137 BOOLEAN
 138 EFIAPI
 139 HmacSha1Duplicate (
 140   IN   CONST VOID  *HmacSha1Context,
 141   OUT  VOID        *NewHmacSha1Context
 142   )
 143 {
 144   //
 145   // Check input parameters.
 146   //
 147   if (HmacSha1Context == NULL || NewHmacSha1Context == NULL) {
 148     return FALSE;
 149   }
 150
 151   if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacSha1Context, (HMAC_CTX *)HmacSha1Context) != 1) {
 152     return FALSE;
 153   }
 154
 155   return TRUE;
 156 }
 157
 158 /**
 159   Digests the input data and updates HMAC-SHA1 context.
 160
 161   This function performs HMAC-SHA1 digest on a data buffer of the specified size.
 162   It can be called multiple times to compute the digest of long or discontinuous data streams.
 163   HMAC-SHA1 context should be already correctly initialized by HmacSha1Init(), and should not
 164   be finalized by HmacSha1Final(). Behavior with invalid context is undefined.
 165
 166   If HmacSha1Context is NULL, then return FALSE.
 167
 168   @param[in, out]  HmacSha1Context Pointer to the HMAC-SHA1 context.
 169   @param[in]       Data            Pointer to the buffer containing the data to be digested.
 170   @param[in]       DataSize        Size of Data buffer in bytes.
 171
 172   @retval TRUE   HMAC-SHA1 data digest succeeded.
 173   @retval FALSE  HMAC-SHA1 data digest failed.
 174
 175 **/
 176 BOOLEAN
 177 EFIAPI
 178 HmacSha1Update (
 179   IN OUT  VOID        *HmacSha1Context,
 180   IN      CONST VOID  *Data,
 181   IN      UINTN       DataSize
 182   )
 183 {
 184   //
 185   // Check input parameters.
 186   //
 187   if (HmacSha1Context == NULL) {
 188     return FALSE;
 189   }
 190
 191   //
 192   // Check invalid parameters, in case that only DataLength was checked in OpenSSL
 193   //
 194   if (Data == NULL && DataSize != 0) {
 195     return FALSE;
 196   }
 197
 198   //
 199   // OpenSSL HMAC-SHA1 digest update
 200   //
 201   if (HMAC_Update ((HMAC_CTX *)HmacSha1Context, Data, DataSize) != 1) {
 202     return FALSE;
 203   }
 204
 205   return TRUE;
 206 }
 207
 208 /**
 209   Completes computation of the HMAC-SHA1 digest value.
 210
 211   This function completes HMAC-SHA1 digest computation and retrieves the digest value into
 212   the specified memory. After this function has been called, the HMAC-SHA1 context cannot
 213   be used again.
 214   HMAC-SHA1 context should be already correctly initialized by HmacSha1Init(), and should
 215   not be finalized by HmacSha1Final(). Behavior with invalid HMAC-SHA1 context is undefined.
 216
 217   If HmacSha1Context is NULL, then return FALSE.
 218   If HmacValue is NULL, then return FALSE.
 219
 220   @param[in, out]  HmacSha1Context  Pointer to the HMAC-SHA1 context.
 221   @param[out]      HmacValue        Pointer to a buffer that receives the HMAC-SHA1 digest
 222                                     value (20 bytes).
 223
 224   @retval TRUE   HMAC-SHA1 digest computation succeeded.
 225   @retval FALSE  HMAC-SHA1 digest computation failed.
 226
 227 **/
 228 BOOLEAN
 229 EFIAPI
 230 HmacSha1Final (
 231   IN OUT  VOID   *HmacSha1Context,
 232   OUT     UINT8  *HmacValue
 233   )
 234 {
 235   UINT32  Length;
 236
 237   //
 238   // Check input parameters.
 239   //
 240   if (HmacSha1Context == NULL || HmacValue == NULL) {
 241     return FALSE;
 242   }
 243
 244   //
 245   // OpenSSL HMAC-SHA1 digest finalization
 246   //
 247   if (HMAC_Final ((HMAC_CTX *)HmacSha1Context, HmacValue, &Length) != 1) {
 248     return FALSE;
 249   }
 250   if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha1Context) != 1) {
 251     return FALSE;
 252   }
 253
 254   return TRUE;
 255 }