CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c

   1 /** @file
   2   HMAC-SHA1 Wrapper Implementation over OpenSSL.
   3
   4 Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
   5 SPDX-License-Identifier: BSD-2-Clause-Patent
   6
   7 **/
   8
   9 #include "InternalCryptLib.h"
  10 #include <openssl/hmac.h>
  11
  12 #define HMAC_SHA1_CTX_SIZE   sizeof(void *) * 4 + sizeof(unsigned int) + \
  13                              sizeof(unsigned char) * HMAC_MAX_MD_CBLOCK
  14
  15 /**
  16   Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations.
  17   (NOTE: This API is deprecated.
  18          Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.)
  19
  20   @return  The size, in bytes, of the context buffer required for HMAC-SHA1 operations.
  21
  22 **/
  23 UINTN
  24 EFIAPI
  25 HmacSha1GetContextSize (
  26   VOID
  27   )
  28 {
  29   //
  30   // Retrieves the OpenSSL HMAC-SHA1 Context Size
  31   // NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the
  32   //       fixed size as a workaround to make this API work for compatibility.
  33   //       We should retire HmacSha15GetContextSize() in future, and use HmacSha1New()
  34   //       and HmacSha1Free() for context allocation and release.
  35   //
  36   return (UINTN) HMAC_SHA1_CTX_SIZE;
  37 }
  38
  39 /**
  40   Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
  41
  42   @return  Pointer to the HMAC_CTX context that has been initialized.
  43            If the allocations fails, HmacSha1New() returns NULL.
  44
  45 **/
  46 VOID *
  47 EFIAPI
  48 HmacSha1New (
  49   VOID
  50   )
  51 {
  52   //
  53   // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new()
  54   //
  55   return (VOID *) HMAC_CTX_new ();
  56 }
  57
  58 /**
  59   Release the specified HMAC_CTX context.
  60
  61   @param[in]  HmacSha1Ctx  Pointer to the HMAC_CTX context to be released.
  62
  63 **/
  64 VOID
  65 EFIAPI
  66 HmacSha1Free (
  67   IN  VOID  *HmacSha1Ctx
  68   )
  69 {
  70   //
  71   // Free OpenSSL HMAC_CTX Context
  72   //
  73   HMAC_CTX_free ((HMAC_CTX *)HmacSha1Ctx);
  74 }
  75
  76 /**
  77   Initializes user-supplied memory pointed by HmacSha1Context as HMAC-SHA1 context for
  78   subsequent use.
  79
  80   If HmacSha1Context is NULL, then return FALSE.
  81
  82   @param[out]  HmacSha1Context  Pointer to HMAC-SHA1 context being initialized.
  83   @param[in]   Key              Pointer to the user-supplied key.
  84   @param[in]   KeySize          Key size in bytes.
  85
  86   @retval TRUE   HMAC-SHA1 context initialization succeeded.
  87   @retval FALSE  HMAC-SHA1 context initialization failed.
  88
  89 **/
  90 BOOLEAN
  91 EFIAPI
  92 HmacSha1Init (
  93   OUT  VOID         *HmacSha1Context,
  94   IN   CONST UINT8  *Key,
  95   IN   UINTN        KeySize
  96   )
  97 {
  98   //
  99   // Check input parameters.
 100   //
 101   if (HmacSha1Context == NULL || KeySize > INT_MAX) {
 102     return FALSE;
 103   }
 104
 105   //
 106   // OpenSSL HMAC-SHA1 Context Initialization
 107   //
 108   memset(HmacSha1Context, 0, HMAC_SHA1_CTX_SIZE);
 109   if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha1Context) != 1) {
 110     return FALSE;
 111   }
 112   if (HMAC_Init_ex ((HMAC_CTX *)HmacSha1Context, Key, (UINT32) KeySize, EVP_sha1(), NULL) != 1) {
 113     return FALSE;
 114   }
 115
 116   return TRUE;
 117 }
 118
 119 /**
 120   Makes a copy of an existing HMAC-SHA1 context.
 121
 122   If HmacSha1Context is NULL, then return FALSE.
 123   If NewHmacSha1Context is NULL, then return FALSE.
 124
 125   @param[in]  HmacSha1Context     Pointer to HMAC-SHA1 context being copied.
 126   @param[out] NewHmacSha1Context  Pointer to new HMAC-SHA1 context.
 127
 128   @retval TRUE   HMAC-SHA1 context copy succeeded.
 129   @retval FALSE  HMAC-SHA1 context copy failed.
 130
 131 **/
 132 BOOLEAN
 133 EFIAPI
 134 HmacSha1Duplicate (
 135   IN   CONST VOID  *HmacSha1Context,
 136   OUT  VOID        *NewHmacSha1Context
 137   )
 138 {
 139   //
 140   // Check input parameters.
 141   //
 142   if (HmacSha1Context == NULL || NewHmacSha1Context == NULL) {
 143     return FALSE;
 144   }
 145
 146   if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacSha1Context, (HMAC_CTX *)HmacSha1Context) != 1) {
 147     return FALSE;
 148   }
 149
 150   return TRUE;
 151 }
 152
 153 /**
 154   Digests the input data and updates HMAC-SHA1 context.
 155
 156   This function performs HMAC-SHA1 digest on a data buffer of the specified size.
 157   It can be called multiple times to compute the digest of long or discontinuous data streams.
 158   HMAC-SHA1 context should be already correctly initialized by HmacSha1Init(), and should not
 159   be finalized by HmacSha1Final(). Behavior with invalid context is undefined.
 160
 161   If HmacSha1Context is NULL, then return FALSE.
 162
 163   @param[in, out]  HmacSha1Context Pointer to the HMAC-SHA1 context.
 164   @param[in]       Data            Pointer to the buffer containing the data to be digested.
 165   @param[in]       DataSize        Size of Data buffer in bytes.
 166
 167   @retval TRUE   HMAC-SHA1 data digest succeeded.
 168   @retval FALSE  HMAC-SHA1 data digest failed.
 169
 170 **/
 171 BOOLEAN
 172 EFIAPI
 173 HmacSha1Update (
 174   IN OUT  VOID        *HmacSha1Context,
 175   IN      CONST VOID  *Data,
 176   IN      UINTN       DataSize
 177   )
 178 {
 179   //
 180   // Check input parameters.
 181   //
 182   if (HmacSha1Context == NULL) {
 183     return FALSE;
 184   }
 185
 186   //
 187   // Check invalid parameters, in case that only DataLength was checked in OpenSSL
 188   //
 189   if (Data == NULL && DataSize != 0) {
 190     return FALSE;
 191   }
 192
 193   //
 194   // OpenSSL HMAC-SHA1 digest update
 195   //
 196   if (HMAC_Update ((HMAC_CTX *)HmacSha1Context, Data, DataSize) != 1) {
 197     return FALSE;
 198   }
 199
 200   return TRUE;
 201 }
 202
 203 /**
 204   Completes computation of the HMAC-SHA1 digest value.
 205
 206   This function completes HMAC-SHA1 digest computation and retrieves the digest value into
 207   the specified memory. After this function has been called, the HMAC-SHA1 context cannot
 208   be used again.
 209   HMAC-SHA1 context should be already correctly initialized by HmacSha1Init(), and should
 210   not be finalized by HmacSha1Final(). Behavior with invalid HMAC-SHA1 context is undefined.
 211
 212   If HmacSha1Context is NULL, then return FALSE.
 213   If HmacValue is NULL, then return FALSE.
 214
 215   @param[in, out]  HmacSha1Context  Pointer to the HMAC-SHA1 context.
 216   @param[out]      HmacValue        Pointer to a buffer that receives the HMAC-SHA1 digest
 217                                     value (20 bytes).
 218
 219   @retval TRUE   HMAC-SHA1 digest computation succeeded.
 220   @retval FALSE  HMAC-SHA1 digest computation failed.
 221
 222 **/
 223 BOOLEAN
 224 EFIAPI
 225 HmacSha1Final (
 226   IN OUT  VOID   *HmacSha1Context,
 227   OUT     UINT8  *HmacValue
 228   )
 229 {
 230   UINT32  Length;
 231
 232   //
 233   // Check input parameters.
 234   //
 235   if (HmacSha1Context == NULL || HmacValue == NULL) {
 236     return FALSE;
 237   }
 238
 239   //
 240   // OpenSSL HMAC-SHA1 digest finalization
 241   //
 242   if (HMAC_Final ((HMAC_CTX *)HmacSha1Context, HmacValue, &Length) != 1) {
 243     return FALSE;
 244   }
 245   if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha1Context) != 1) {
 246     return FALSE;
 247   }
 248
 249   return TRUE;
 250 }