/** @file\r
HMAC-MD5 Wrapper Implementation over OpenSSL.\r
\r
-Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution. The full text of the license may be found at\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "InternalCryptLib.h"\r
#include <openssl/hmac.h>\r
\r
+#define HMAC_MD5_CTX_SIZE sizeof(void *) * 4 + sizeof(unsigned int) + \\r
+ sizeof(unsigned char) * HMAC_MAX_MD_CBLOCK\r
+\r
/**\r
Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations.\r
+ (NOTE: This API is deprecated.\r
+ Use HmacMd5New() / HmacMd5Free() for HMAC-MD5 Context operations.)\r
\r
@return The size, in bytes, of the context buffer required for HMAC-MD5 operations.\r
\r
{\r
//\r
// Retrieves the OpenSSL HMAC-MD5 Context Size\r
+ // NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the\r
+ // fixed size as a workaround to make this API work for compatibility.\r
+ // We should retire HmacMd5GetContextSize() in future, and use HmacMd5New()\r
+ // and HmacMd5Free() for context allocation and release.\r
+ //\r
+ return (UINTN) HMAC_MD5_CTX_SIZE;\r
+}\r
+\r
+/**\r
+ Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use.\r
+\r
+ @return Pointer to the HMAC_CTX context that has been initialized.\r
+ If the allocations fails, HmacMd5New() returns NULL.\r
+\r
+**/\r
+VOID *\r
+EFIAPI\r
+HmacMd5New (\r
+ VOID\r
+ )\r
+{\r
+ //\r
+ // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new()\r
+ //\r
+ return (VOID *) HMAC_CTX_new ();\r
+}\r
+\r
+/**\r
+ Release the specified HMAC_CTX context.\r
+\r
+ @param[in] HmacMd5Ctx Pointer to the HMAC_CTX context to be released.\r
+\r
+**/\r
+VOID\r
+EFIAPI\r
+HmacMd5Free (\r
+ IN VOID *HmacMd5Ctx\r
+ )\r
+{\r
//\r
- return (UINTN)(sizeof (HMAC_CTX));\r
+ // Free OpenSSL HMAC_CTX Context\r
+ //\r
+ HMAC_CTX_free ((HMAC_CTX *)HmacMd5Ctx);\r
}\r
\r
/**\r
Initializes user-supplied memory pointed by HmacMd5Context as HMAC-MD5 context for\r
subsequent use.\r
\r
- If HmacMd5Context is NULL, then ASSERT().\r
+ If HmacMd5Context is NULL, then return FALSE.\r
\r
@param[out] HmacMd5Context Pointer to HMAC-MD5 context being initialized.\r
@param[in] Key Pointer to the user-supplied key.\r
)\r
{\r
//\r
- // ASSERT if HmacMd5Context is NULL.\r
+ // Check input parameters.\r
//\r
- ASSERT (HmacMd5Context != NULL);\r
+ if (HmacMd5Context == NULL || KeySize > INT_MAX) {\r
+ return FALSE;\r
+ }\r
\r
//\r
// OpenSSL HMAC-MD5 Context Initialization\r
//\r
- HMAC_CTX_init (HmacMd5Context);\r
- HMAC_Init_ex (HmacMd5Context, Key, (UINT32) KeySize, EVP_md5(), NULL);\r
+ memset(HmacMd5Context, 0, HMAC_MD5_CTX_SIZE);\r
+ if (HMAC_CTX_reset ((HMAC_CTX *)HmacMd5Context) != 1) {\r
+ return FALSE;\r
+ }\r
+ if (HMAC_Init_ex ((HMAC_CTX *)HmacMd5Context, Key, (UINT32) KeySize, EVP_md5(), NULL) != 1) {\r
+ return FALSE;\r
+ }\r
\r
return TRUE;\r
}\r
/**\r
Makes a copy of an existing HMAC-MD5 context.\r
\r
- If HmacMd5Context is NULL, then ASSERT().\r
- If NewHmacMd5Context is NULL, then ASSERT().\r
+ If HmacMd5Context is NULL, then return FALSE.\r
+ If NewHmacMd5Context is NULL, then return FALSE.\r
\r
@param[in] HmacMd5Context Pointer to HMAC-MD5 context being copied.\r
@param[out] NewHmacMd5Context Pointer to new HMAC-MD5 context.\r
OUT VOID *NewHmacMd5Context\r
)\r
{\r
- CopyMem (NewHmacMd5Context, HmacMd5Context, sizeof (HMAC_CTX));\r
+ //\r
+ // Check input parameters.\r
+ //\r
+ if (HmacMd5Context == NULL || NewHmacMd5Context == NULL) {\r
+ return FALSE;\r
+ }\r
+\r
+ if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacMd5Context, (HMAC_CTX *)HmacMd5Context) != 1) {\r
+ return FALSE;\r
+ }\r
\r
return TRUE;\r
}\r
\r
This function performs HMAC-MD5 digest on a data buffer of the specified size.\r
It can be called multiple times to compute the digest of long or discontinuous data streams.\r
- HMAC-MD5 context should be already correctly intialized by HmacMd5Init(), and should not be\r
+ HMAC-MD5 context should be already correctly initialized by HmacMd5Init(), and should not be\r
finalized by HmacMd5Final(). Behavior with invalid context is undefined.\r
\r
- If HmacMd5Context is NULL, then ASSERT().\r
+ If HmacMd5Context is NULL, then return FALSE.\r
\r
@param[in, out] HmacMd5Context Pointer to the HMAC-MD5 context.\r
@param[in] Data Pointer to the buffer containing the data to be digested.\r
)\r
{\r
//\r
- // ASSERT if HmacMd5Context is NULL\r
+ // Check input parameters.\r
//\r
- ASSERT (HmacMd5Context != NULL);\r
+ if (HmacMd5Context == NULL) {\r
+ return FALSE;\r
+ }\r
\r
//\r
- // ASSERT if invalid parameters, in case that only DataLength was checked in OpenSSL\r
+ // Check invalid parameters, in case that only DataLength was checked in OpenSSL\r
//\r
- if (Data == NULL) {\r
- ASSERT (DataSize == 0);\r
+ if (Data == NULL && DataSize != 0) {\r
+ return FALSE;\r
}\r
\r
//\r
// OpenSSL HMAC-MD5 digest update\r
//\r
- HMAC_Update (HmacMd5Context, Data, DataSize);\r
+ if (HMAC_Update ((HMAC_CTX *)HmacMd5Context, Data, DataSize) != 1) {\r
+ return FALSE;\r
+ }\r
\r
return TRUE;\r
}\r
This function completes HMAC-MD5 digest computation and retrieves the digest value into\r
the specified memory. After this function has been called, the HMAC-MD5 context cannot\r
be used again.\r
- HMAC-MD5 context should be already correctly intialized by HmacMd5Init(), and should not be\r
+ HMAC-MD5 context should be already correctly initialized by HmacMd5Init(), and should not be\r
finalized by HmacMd5Final(). Behavior with invalid HMAC-MD5 context is undefined.\r
\r
- If HmacMd5Context is NULL, then ASSERT().\r
- If HmacValue is NULL, then ASSERT().\r
+ If HmacMd5Context is NULL, then return FALSE.\r
+ If HmacValue is NULL, then return FALSE.\r
\r
@param[in, out] HmacMd5Context Pointer to the HMAC-MD5 context.\r
@param[out] HmacValue Pointer to a buffer that receives the HMAC-MD5 digest\r
UINT32 Length;\r
\r
//\r
- // ASSERT if HmacMd5Context is NULL or HmacValue is NULL\r
+ // Check input parameters.\r
//\r
- ASSERT (HmacMd5Context != NULL);\r
- ASSERT (HmacValue != NULL);\r
+ if (HmacMd5Context == NULL || HmacValue == NULL) {\r
+ return FALSE;\r
+ }\r
\r
//\r
// OpenSSL HMAC-MD5 digest finalization\r
//\r
- HMAC_Final (HmacMd5Context, HmacValue, &Length);\r
- HMAC_CTX_cleanup (HmacMd5Context);\r
+ if (HMAC_Final ((HMAC_CTX *)HmacMd5Context, HmacValue, &Length) != 1) {\r
+ return FALSE;\r
+ }\r
+ if (HMAC_CTX_reset ((HMAC_CTX *)HmacMd5Context) != 1) {\r
+ return FALSE;\r
+ }\r
\r
return TRUE;\r
}\r
projects / mirror_edk2.git / blobdiff