/** @file\r
HMAC-SHA256 Wrapper Implementation over OpenSSL.\r
\r
-Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution. The full text of the license may be found at\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <openssl/hmac.h>\r
\r
/**\r
- Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations.\r
+ Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.\r
\r
- @return The size, in bytes, of the context buffer required for HMAC-SHA256 operations.\r
+ @return Pointer to the HMAC_CTX context that has been initialized.\r
+ If the allocations fails, HmacSha256New() returns NULL.\r
\r
**/\r
-UINTN\r
+VOID *\r
EFIAPI\r
-HmacSha256GetContextSize (\r
+HmacSha256New (\r
VOID\r
)\r
{\r
//\r
- // Retrieves the OpenSSL HMAC-SHA256 Context Size\r
+ // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new()\r
//\r
- return (UINTN) (sizeof (HMAC_CTX));\r
+ return (VOID *)HMAC_CTX_new ();\r
}\r
\r
/**\r
- Initializes user-supplied memory pointed by HmacSha256Context as HMAC-SHA256 context for\r
- subsequent use.\r
+ Release the specified HMAC_CTX context.\r
+\r
+ @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be released.\r
+\r
+**/\r
+VOID\r
+EFIAPI\r
+HmacSha256Free (\r
+ IN VOID *HmacSha256Ctx\r
+ )\r
+{\r
+ //\r
+ // Free OpenSSL HMAC_CTX Context\r
+ //\r
+ HMAC_CTX_free ((HMAC_CTX *)HmacSha256Ctx);\r
+}\r
+\r
+/**\r
+ Set user-supplied key for subsequent use. It must be done before any\r
+ calling to HmacSha256Update().\r
\r
If HmacSha256Context is NULL, then return FALSE.\r
\r
- @param[out] HmacSha256Context Pointer to HMAC-SHA256 context being initialized.\r
+ @param[out] HmacSha256Context Pointer to HMAC-SHA256 context.\r
@param[in] Key Pointer to the user-supplied key.\r
@param[in] KeySize Key size in bytes.\r
\r
- @retval TRUE HMAC-SHA256 context initialization succeeded.\r
- @retval FALSE HMAC-SHA256 context initialization failed.\r
+ @retval TRUE The Key is set successfully.\r
+ @retval FALSE The Key is set unsuccessfully.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
-HmacSha256Init (\r
+HmacSha256SetKey (\r
OUT VOID *HmacSha256Context,\r
IN CONST UINT8 *Key,\r
IN UINTN KeySize\r
//\r
// Check input parameters.\r
//\r
- if (HmacSha256Context == NULL || KeySize > INT_MAX) {\r
+ if ((HmacSha256Context == NULL) || (KeySize > INT_MAX)) {\r
return FALSE;\r
}\r
\r
- //\r
- // OpenSSL HMAC-SHA256 Context Initialization\r
- //\r
- HMAC_CTX_init (HmacSha256Context);\r
- HMAC_Init_ex (HmacSha256Context, Key, (UINT32) KeySize, EVP_sha256(), NULL);\r
+ if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32)KeySize, EVP_sha256 (), NULL) != 1) {\r
+ return FALSE;\r
+ }\r
\r
return TRUE;\r
}\r
//\r
// Check input parameters.\r
//\r
- if (HmacSha256Context == NULL || NewHmacSha256Context == NULL) {\r
+ if ((HmacSha256Context == NULL) || (NewHmacSha256Context == NULL)) {\r
return FALSE;\r
}\r
\r
- CopyMem (NewHmacSha256Context, HmacSha256Context, sizeof (HMAC_CTX));\r
+ if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacSha256Context, (HMAC_CTX *)HmacSha256Context) != 1) {\r
+ return FALSE;\r
+ }\r
\r
return TRUE;\r
}\r
\r
This function performs HMAC-SHA256 digest on a data buffer of the specified size.\r
It can be called multiple times to compute the digest of long or discontinuous data streams.\r
- HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should not\r
- be finalized by HmacSha256Final(). Behavior with invalid context is undefined.\r
+ HMAC-SHA256 context should be initialized by HmacSha256New(), and should not be finalized\r
+ by HmacSha256Final(). Behavior with invalid context is undefined.\r
\r
If HmacSha256Context is NULL, then return FALSE.\r
\r
//\r
// Check invalid parameters, in case that only DataLength was checked in OpenSSL\r
//\r
- if (Data == NULL && DataSize != 0) {\r
+ if ((Data == NULL) && (DataSize != 0)) {\r
return FALSE;\r
}\r
\r
//\r
// OpenSSL HMAC-SHA256 digest update\r
//\r
- HMAC_Update (HmacSha256Context, Data, DataSize);\r
+ if (HMAC_Update ((HMAC_CTX *)HmacSha256Context, Data, DataSize) != 1) {\r
+ return FALSE;\r
+ }\r
\r
return TRUE;\r
}\r
This function completes HMAC-SHA256 hash computation and retrieves the digest value into\r
the specified memory. After this function has been called, the HMAC-SHA256 context cannot\r
be used again.\r
- HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should\r
- not be finalized by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined.\r
+ HMAC-SHA256 context should be initialized by HmacSha256New(), and should not be finalized\r
+ by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined.\r
\r
If HmacSha256Context is NULL, then return FALSE.\r
- If HashValue is NULL, then return FALSE.\r
+ If HmacValue is NULL, then return FALSE.\r
\r
@param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context.\r
- @param[out] HashValue Pointer to a buffer that receives the HMAC-SHA256 digest\r
+ @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA256 digest\r
value (32 bytes).\r
\r
@retval TRUE HMAC-SHA256 digest computation succeeded.\r
//\r
// Check input parameters.\r
//\r
- if (HmacSha256Context == NULL || HmacValue == NULL) {\r
+ if ((HmacSha256Context == NULL) || (HmacValue == NULL)) {\r
return FALSE;\r
}\r
\r
//\r
// OpenSSL HMAC-SHA256 digest finalization\r
//\r
- HMAC_Final (HmacSha256Context, HmacValue, &Length);\r
- HMAC_CTX_cleanup (HmacSha256Context);\r
+ if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != 1) {\r
+ return FALSE;\r
+ }\r
+\r
+ if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) {\r
+ return FALSE;\r
+ }\r
\r
return TRUE;\r
}\r