+++ /dev/null
-/** @file\r
- HMAC-SHA256 Wrapper Implementation over OpenSSL.\r
-\r
-Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR>\r
-SPDX-License-Identifier: BSD-2-Clause-Patent\r
-\r
-**/\r
-\r
-#include "InternalCryptLib.h"\r
-#include <openssl/hmac.h>\r
-\r
-/**\r
- Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.\r
-\r
- @return Pointer to the HMAC_CTX context that has been initialized.\r
- If the allocations fails, HmacSha256New() returns NULL.\r
-\r
-**/\r
-VOID *\r
-EFIAPI\r
-HmacSha256New (\r
- VOID\r
- )\r
-{\r
- //\r
- // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new()\r
- //\r
- return (VOID *)HMAC_CTX_new ();\r
-}\r
-\r
-/**\r
- Release the specified HMAC_CTX context.\r
-\r
- @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be released.\r
-\r
-**/\r
-VOID\r
-EFIAPI\r
-HmacSha256Free (\r
- IN VOID *HmacSha256Ctx\r
- )\r
-{\r
- //\r
- // Free OpenSSL HMAC_CTX Context\r
- //\r
- HMAC_CTX_free ((HMAC_CTX *)HmacSha256Ctx);\r
-}\r
-\r
-/**\r
- Set user-supplied key for subsequent use. It must be done before any\r
- calling to HmacSha256Update().\r
-\r
- If HmacSha256Context is NULL, then return FALSE.\r
-\r
- @param[out] HmacSha256Context Pointer to HMAC-SHA256 context.\r
- @param[in] Key Pointer to the user-supplied key.\r
- @param[in] KeySize Key size in bytes.\r
-\r
- @retval TRUE The Key is set successfully.\r
- @retval FALSE The Key is set unsuccessfully.\r
-\r
-**/\r
-BOOLEAN\r
-EFIAPI\r
-HmacSha256SetKey (\r
- OUT VOID *HmacSha256Context,\r
- IN CONST UINT8 *Key,\r
- IN UINTN KeySize\r
- )\r
-{\r
- //\r
- // Check input parameters.\r
- //\r
- if ((HmacSha256Context == NULL) || (KeySize > INT_MAX)) {\r
- return FALSE;\r
- }\r
-\r
- if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32)KeySize, EVP_sha256 (), NULL) != 1) {\r
- return FALSE;\r
- }\r
-\r
- return TRUE;\r
-}\r
-\r
-/**\r
- Makes a copy of an existing HMAC-SHA256 context.\r
-\r
- If HmacSha256Context is NULL, then return FALSE.\r
- If NewHmacSha256Context is NULL, then return FALSE.\r
-\r
- @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being copied.\r
- @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context.\r
-\r
- @retval TRUE HMAC-SHA256 context copy succeeded.\r
- @retval FALSE HMAC-SHA256 context copy failed.\r
-\r
-**/\r
-BOOLEAN\r
-EFIAPI\r
-HmacSha256Duplicate (\r
- IN CONST VOID *HmacSha256Context,\r
- OUT VOID *NewHmacSha256Context\r
- )\r
-{\r
- //\r
- // Check input parameters.\r
- //\r
- if ((HmacSha256Context == NULL) || (NewHmacSha256Context == NULL)) {\r
- return FALSE;\r
- }\r
-\r
- if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacSha256Context, (HMAC_CTX *)HmacSha256Context) != 1) {\r
- return FALSE;\r
- }\r
-\r
- return TRUE;\r
-}\r
-\r
-/**\r
- Digests the input data and updates HMAC-SHA256 context.\r
-\r
- This function performs HMAC-SHA256 digest on a data buffer of the specified size.\r
- It can be called multiple times to compute the digest of long or discontinuous data streams.\r
- HMAC-SHA256 context should be initialized by HmacSha256New(), and should not be finalized\r
- by HmacSha256Final(). Behavior with invalid context is undefined.\r
-\r
- If HmacSha256Context is NULL, then return FALSE.\r
-\r
- @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context.\r
- @param[in] Data Pointer to the buffer containing the data to be digested.\r
- @param[in] DataSize Size of Data buffer in bytes.\r
-\r
- @retval TRUE HMAC-SHA256 data digest succeeded.\r
- @retval FALSE HMAC-SHA256 data digest failed.\r
-\r
-**/\r
-BOOLEAN\r
-EFIAPI\r
-HmacSha256Update (\r
- IN OUT VOID *HmacSha256Context,\r
- IN CONST VOID *Data,\r
- IN UINTN DataSize\r
- )\r
-{\r
- //\r
- // Check input parameters.\r
- //\r
- if (HmacSha256Context == NULL) {\r
- return FALSE;\r
- }\r
-\r
- //\r
- // Check invalid parameters, in case that only DataLength was checked in OpenSSL\r
- //\r
- if ((Data == NULL) && (DataSize != 0)) {\r
- return FALSE;\r
- }\r
-\r
- //\r
- // OpenSSL HMAC-SHA256 digest update\r
- //\r
- if (HMAC_Update ((HMAC_CTX *)HmacSha256Context, Data, DataSize) != 1) {\r
- return FALSE;\r
- }\r
-\r
- return TRUE;\r
-}\r
-\r
-/**\r
- Completes computation of the HMAC-SHA256 digest value.\r
-\r
- This function completes HMAC-SHA256 hash computation and retrieves the digest value into\r
- the specified memory. After this function has been called, the HMAC-SHA256 context cannot\r
- be used again.\r
- HMAC-SHA256 context should be initialized by HmacSha256New(), and should not be finalized\r
- by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined.\r
-\r
- If HmacSha256Context is NULL, then return FALSE.\r
- If HmacValue is NULL, then return FALSE.\r
-\r
- @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context.\r
- @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA256 digest\r
- value (32 bytes).\r
-\r
- @retval TRUE HMAC-SHA256 digest computation succeeded.\r
- @retval FALSE HMAC-SHA256 digest computation failed.\r
-\r
-**/\r
-BOOLEAN\r
-EFIAPI\r
-HmacSha256Final (\r
- IN OUT VOID *HmacSha256Context,\r
- OUT UINT8 *HmacValue\r
- )\r
-{\r
- UINT32 Length;\r
-\r
- //\r
- // Check input parameters.\r
- //\r
- if ((HmacSha256Context == NULL) || (HmacValue == NULL)) {\r
- return FALSE;\r
- }\r
-\r
- //\r
- // OpenSSL HMAC-SHA256 digest finalization\r
- //\r
- if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != 1) {\r
- return FALSE;\r
- }\r
-\r
- if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) {\r
- return FALSE;\r
- }\r
-\r
- return TRUE;\r
-}\r