--- /dev/null
+/** @file\r
+ HMAC-SHA256 Wrapper Implementation over OpenSSL.\r
+\r
+Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials\r
+are licensed and made available under the terms and conditions of the BSD License\r
+which accompanies this distribution. The full text of the license may be found at\r
+http://opensource.org/licenses/bsd-license.php\r
+\r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+#include "InternalCryptLib.h"\r
+#include <openssl/hmac.h>\r
+\r
+/**\r
+ Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations.\r
+\r
+ @return The size, in bytes, of the context buffer required for HMAC-SHA256 operations.\r
+\r
+**/\r
+UINTN\r
+EFIAPI\r
+HmacSha256GetContextSize (\r
+ VOID\r
+ )\r
+{\r
+ //\r
+ // Retrieves the OpenSSL HMAC-SHA256 Context Size\r
+ //\r
+ return (UINTN) (sizeof (HMAC_CTX));\r
+}\r
+\r
+/**\r
+ Initializes user-supplied memory pointed by HmacSha256Context as HMAC-SHA256 context for\r
+ subsequent use.\r
+\r
+ If HmacSha256Context is NULL, then return FALSE.\r
+\r
+ @param[out] HmacSha256Context Pointer to HMAC-SHA256 context being initialized.\r
+ @param[in] Key Pointer to the user-supplied key.\r
+ @param[in] KeySize Key size in bytes.\r
+\r
+ @retval TRUE HMAC-SHA256 context initialization succeeded.\r
+ @retval FALSE HMAC-SHA256 context initialization failed.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+HmacSha256Init (\r
+ OUT VOID *HmacSha256Context,\r
+ IN CONST UINT8 *Key,\r
+ IN UINTN KeySize\r
+ )\r
+{\r
+ //\r
+ // Check input parameters.\r
+ //\r
+ if (HmacSha256Context == NULL || KeySize > INT_MAX) {\r
+ return FALSE;\r
+ }\r
+\r
+ //\r
+ // OpenSSL HMAC-SHA256 Context Initialization\r
+ //\r
+ HMAC_CTX_init (HmacSha256Context);\r
+ HMAC_Init_ex (HmacSha256Context, Key, (UINT32) KeySize, EVP_sha256(), NULL);\r
+\r
+ return TRUE;\r
+}\r
+\r
+/**\r
+ Makes a copy of an existing HMAC-SHA256 context.\r
+\r
+ If HmacSha256Context is NULL, then return FALSE.\r
+ If NewHmacSha256Context is NULL, then return FALSE.\r
+\r
+ @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being copied.\r
+ @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context.\r
+\r
+ @retval TRUE HMAC-SHA256 context copy succeeded.\r
+ @retval FALSE HMAC-SHA256 context copy failed.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+HmacSha256Duplicate (\r
+ IN CONST VOID *HmacSha256Context,\r
+ OUT VOID *NewHmacSha256Context\r
+ )\r
+{\r
+ //\r
+ // Check input parameters.\r
+ //\r
+ if (HmacSha256Context == NULL || NewHmacSha256Context == NULL) {\r
+ return FALSE;\r
+ }\r
+\r
+ CopyMem (NewHmacSha256Context, HmacSha256Context, sizeof (HMAC_CTX));\r
+\r
+ return TRUE;\r
+}\r
+\r
+/**\r
+ Digests the input data and updates HMAC-SHA256 context.\r
+\r
+ This function performs HMAC-SHA256 digest on a data buffer of the specified size.\r
+ It can be called multiple times to compute the digest of long or discontinuous data streams.\r
+ HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should not\r
+ be finalized by HmacSha256Final(). Behavior with invalid context is undefined.\r
+\r
+ If HmacSha256Context is NULL, then return FALSE.\r
+\r
+ @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context.\r
+ @param[in] Data Pointer to the buffer containing the data to be digested.\r
+ @param[in] DataSize Size of Data buffer in bytes.\r
+\r
+ @retval TRUE HMAC-SHA256 data digest succeeded.\r
+ @retval FALSE HMAC-SHA256 data digest failed.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+HmacSha256Update (\r
+ IN OUT VOID *HmacSha256Context,\r
+ IN CONST VOID *Data,\r
+ IN UINTN DataSize\r
+ )\r
+{\r
+ //\r
+ // Check input parameters.\r
+ //\r
+ if (HmacSha256Context == NULL) {\r
+ return FALSE;\r
+ }\r
+\r
+ //\r
+ // Check invalid parameters, in case that only DataLength was checked in OpenSSL\r
+ //\r
+ if (Data == NULL && DataSize != 0) {\r
+ return FALSE;\r
+ }\r
+\r
+ //\r
+ // OpenSSL HMAC-SHA256 digest update\r
+ //\r
+ HMAC_Update (HmacSha256Context, Data, DataSize);\r
+\r
+ return TRUE;\r
+}\r
+\r
+/**\r
+ Completes computation of the HMAC-SHA256 digest value.\r
+\r
+ This function completes HMAC-SHA256 hash computation and retrieves the digest value into\r
+ the specified memory. After this function has been called, the HMAC-SHA256 context cannot\r
+ be used again.\r
+ HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should\r
+ not be finalized by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined.\r
+\r
+ If HmacSha256Context is NULL, then return FALSE.\r
+ If HashValue is NULL, then return FALSE.\r
+\r
+ @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context.\r
+ @param[out] HashValue Pointer to a buffer that receives the HMAC-SHA256 digest\r
+ value (32 bytes).\r
+\r
+ @retval TRUE HMAC-SHA256 digest computation succeeded.\r
+ @retval FALSE HMAC-SHA256 digest computation failed.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+HmacSha256Final (\r
+ IN OUT VOID *HmacSha256Context,\r
+ OUT UINT8 *HmacValue\r
+ )\r
+{\r
+ UINT32 Length;\r
+\r
+ //\r
+ // Check input parameters.\r
+ //\r
+ if (HmacSha256Context == NULL || HmacValue == NULL) {\r
+ return FALSE;\r
+ }\r
+\r
+ //\r
+ // OpenSSL HMAC-SHA256 digest finalization\r
+ //\r
+ HMAC_Final (HmacSha256Context, HmacValue, &Length);\r
+ HMAC_CTX_cleanup (HmacSha256Context);\r
+\r
+ return TRUE;\r
+}\r