CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c

   1 /** @file
   2   HMAC-SHA1 Wrapper Implementation over OpenSSL.
   3
   4 Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
   5 SPDX-License-Identifier: BSD-2-Clause-Patent
   6
   7 **/
   8
   9 #include "InternalCryptLib.h"
  10 #include <openssl/hmac.h>
  11
  12 //
  13 // NOTE: OpenSSL redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h
  14 //       #define HMAC_MAX_MD_CBLOCK_SIZE     144
  15 //
  16 //
  17 #define  HMAC_SHA1_CTX_SIZE   (sizeof(void *) * 4 + sizeof(unsigned int) + \
  18                              sizeof(unsigned char) * 144)
  19
  20 /**
  21   Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations.
  22   (NOTE: This API is deprecated.
  23          Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.)
  24
  25   @return  The size, in bytes, of the context buffer required for HMAC-SHA1 operations.
  26
  27 **/
  28 UINTN
  29 EFIAPI
  30 HmacSha1GetContextSize (
  31   VOID
  32   )
  33 {
  34   //
  35   // Retrieves the OpenSSL HMAC-SHA1 Context Size
  36   // NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the
  37   //       fixed size as a workaround to make this API work for compatibility.
  38   //       We should retire HmacSha15GetContextSize() in future, and use HmacSha1New()
  39   //       and HmacSha1Free() for context allocation and release.
  40   //
  41   return (UINTN) HMAC_SHA1_CTX_SIZE;
  42 }
  43
  44 /**
  45   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
  46
  47   @return  Pointer to the HMAC_CTX context that has been initialized.
  48            If the allocations fails, HmacSha1New() returns NULL.
  49
  50 **/
  51 VOID *
  52 EFIAPI
  53 HmacSha1New (
  54   VOID
  55   )
  56 {
  57   //
  58   // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new()
  59   //
  60   return (VOID *) HMAC_CTX_new ();
  61 }
  62
  63 /**
  64   Release the specified HMAC_CTX context.
  65
  66   @param[in]  HmacSha1Ctx  Pointer to the HMAC_CTX context to be released.
  67
  68 **/
  69 VOID
  70 EFIAPI
  71 HmacSha1Free (
  72   IN  VOID  *HmacSha1Ctx
  73   )
  74 {
  75   //
  76   // Free OpenSSL HMAC_CTX Context
  77   //
  78   HMAC_CTX_free ((HMAC_CTX *)HmacSha1Ctx);
  79 }
  80
  81 /**
  82   Set user-supplied key for subsequent use. It must be done before any
  83   calling to HmacSha1Update().
  84
  85   If HmacSha1Context is NULL, then return FALSE.
  86
  87   @param[out]  HmacSha1Context  Pointer to HMAC-SHA1 context.
  88   @param[in]   Key              Pointer to the user-supplied key.
  89   @param[in]   KeySize          Key size in bytes.
  90
  91   @retval TRUE   The Key is set successfully.
  92   @retval FALSE  The Key is set unsuccessfully.
  93
  94 **/
  95 BOOLEAN
  96 EFIAPI
  97 HmacSha1SetKey (
  98   OUT  VOID         *HmacSha1Context,
  99   IN   CONST UINT8  *Key,
 100   IN   UINTN        KeySize
 101   )
 102 {
 103   //
 104   // Check input parameters.
 105   //
 106   if (HmacSha1Context == NULL || KeySize > INT_MAX) {
 107     return FALSE;
 108   }
 109
 110   if (HMAC_Init_ex ((HMAC_CTX *)HmacSha1Context, Key, (UINT32) KeySize, EVP_sha1(), NULL) != 1) {
 111     return FALSE;
 112   }
 113
 114   return TRUE;
 115 }
 116
 117 /**
 118   Makes a copy of an existing HMAC-SHA1 context.
 119
 120   If HmacSha1Context is NULL, then return FALSE.
 121   If NewHmacSha1Context is NULL, then return FALSE.
 122
 123   @param[in]  HmacSha1Context     Pointer to HMAC-SHA1 context being copied.
 124   @param[out] NewHmacSha1Context  Pointer to new HMAC-SHA1 context.
 125
 126   @retval TRUE   HMAC-SHA1 context copy succeeded.
 127   @retval FALSE  HMAC-SHA1 context copy failed.
 128
 129 **/
 130 BOOLEAN
 131 EFIAPI
 132 HmacSha1Duplicate (
 133   IN   CONST VOID  *HmacSha1Context,
 134   OUT  VOID        *NewHmacSha1Context
 135   )
 136 {
 137   //
 138   // Check input parameters.
 139   //
 140   if (HmacSha1Context == NULL || NewHmacSha1Context == NULL) {
 141     return FALSE;
 142   }
 143
 144   if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacSha1Context, (HMAC_CTX *)HmacSha1Context) != 1) {
 145     return FALSE;
 146   }
 147
 148   return TRUE;
 149 }
 150
 151 /**
 152   Digests the input data and updates HMAC-SHA1 context.
 153
 154   This function performs HMAC-SHA1 digest on a data buffer of the specified size.
 155   It can be called multiple times to compute the digest of long or discontinuous data streams.
 156   HMAC-SHA1 context should be initialized by HmacSha1New(), and should not be finalized by
 157   HmacSha1Final(). Behavior with invalid context is undefined.
 158
 159   If HmacSha1Context is NULL, then return FALSE.
 160
 161   @param[in, out]  HmacSha1Context Pointer to the HMAC-SHA1 context.
 162   @param[in]       Data            Pointer to the buffer containing the data to be digested.
 163   @param[in]       DataSize        Size of Data buffer in bytes.
 164
 165   @retval TRUE   HMAC-SHA1 data digest succeeded.
 166   @retval FALSE  HMAC-SHA1 data digest failed.
 167
 168 **/
 169 BOOLEAN
 170 EFIAPI
 171 HmacSha1Update (
 172   IN OUT  VOID        *HmacSha1Context,
 173   IN      CONST VOID  *Data,
 174   IN      UINTN       DataSize
 175   )
 176 {
 177   //
 178   // Check input parameters.
 179   //
 180   if (HmacSha1Context == NULL) {
 181     return FALSE;
 182   }
 183
 184   //
 185   // Check invalid parameters, in case that only DataLength was checked in OpenSSL
 186   //
 187   if (Data == NULL && DataSize != 0) {
 188     return FALSE;
 189   }
 190
 191   //
 192   // OpenSSL HMAC-SHA1 digest update
 193   //
 194   if (HMAC_Update ((HMAC_CTX *)HmacSha1Context, Data, DataSize) != 1) {
 195     return FALSE;
 196   }
 197
 198   return TRUE;
 199 }
 200
 201 /**
 202   Completes computation of the HMAC-SHA1 digest value.
 203
 204   This function completes HMAC-SHA1 digest computation and retrieves the digest value into
 205   the specified memory. After this function has been called, the HMAC-SHA1 context cannot
 206   be used again.
 207   HMAC-SHA1 context should be initialized by HmacSha1New(), and should not be finalized by
 208   HmacSha1Final(). Behavior with invalid HMAC-SHA1 context is undefined.
 209
 210   If HmacSha1Context is NULL, then return FALSE.
 211   If HmacValue is NULL, then return FALSE.
 212
 213   @param[in, out]  HmacSha1Context  Pointer to the HMAC-SHA1 context.
 214   @param[out]      HmacValue        Pointer to a buffer that receives the HMAC-SHA1 digest
 215                                     value (20 bytes).
 216
 217   @retval TRUE   HMAC-SHA1 digest computation succeeded.
 218   @retval FALSE  HMAC-SHA1 digest computation failed.
 219
 220 **/
 221 BOOLEAN
 222 EFIAPI
 223 HmacSha1Final (
 224   IN OUT  VOID   *HmacSha1Context,
 225   OUT     UINT8  *HmacValue
 226   )
 227 {
 228   UINT32  Length;
 229
 230   //
 231   // Check input parameters.
 232   //
 233   if (HmacSha1Context == NULL || HmacValue == NULL) {
 234     return FALSE;
 235   }
 236
 237   //
 238   // OpenSSL HMAC-SHA1 digest finalization
 239   //
 240   if (HMAC_Final ((HMAC_CTX *)HmacSha1Context, HmacValue, &Length) != 1) {
 241     return FALSE;
 242   }
 243   if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha1Context) != 1) {
 244     return FALSE;
 245   }
 246
 247   return TRUE;
 248 }