/** @file\r
HMAC-SHA256 Wrapper Implementation over OpenSSL.\r
\r
-Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
#include "InternalCryptLib.h"\r
#include <openssl/hmac.h>\r
\r
-//\r
-// NOTE: OpenSSL redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h\r
-// #define HMAC_MAX_MD_CBLOCK_SIZE 144\r
-//\r
-#define HMAC_SHA256_CTX_SIZE (sizeof(void *) * 4 + sizeof(unsigned int) + \\r
- sizeof(unsigned char) * 144)\r
-\r
-/**\r
- Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations.\r
- (NOTE: This API is deprecated.\r
- Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.)\r
-\r
- @return The size, in bytes, of the context buffer required for HMAC-SHA256 operations.\r
-\r
-**/\r
-UINTN\r
-EFIAPI\r
-HmacSha256GetContextSize (\r
- VOID\r
- )\r
-{\r
- //\r
- // Retrieves the OpenSSL HMAC-SHA256 Context Size\r
- // NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the\r
- // fixed size as a workaround to make this API work for compatibility.\r
- // We should retire HmacSha256GetContextSize() in future, and use HmacSha256New()\r
- // and HmacSha256Free() for context allocation and release.\r
- //\r
- return (UINTN)HMAC_SHA256_CTX_SIZE;\r
-}\r
-\r
/**\r
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.\r
\r
//\r
// Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new()\r
//\r
- return (VOID *) HMAC_CTX_new ();\r
+ return (VOID *)HMAC_CTX_new ();\r
}\r
\r
/**\r
}\r
\r
/**\r
- Initializes user-supplied memory pointed by HmacSha256Context as HMAC-SHA256 context for\r
- subsequent use.\r
+ Set user-supplied key for subsequent use. It must be done before any\r
+ calling to HmacSha256Update().\r
\r
If HmacSha256Context is NULL, then return FALSE.\r
\r
- @param[out] HmacSha256Context Pointer to HMAC-SHA256 context being initialized.\r
+ @param[out] HmacSha256Context Pointer to HMAC-SHA256 context.\r
@param[in] Key Pointer to the user-supplied key.\r
@param[in] KeySize Key size in bytes.\r
\r
- @retval TRUE HMAC-SHA256 context initialization succeeded.\r
- @retval FALSE HMAC-SHA256 context initialization failed.\r
+ @retval TRUE The Key is set successfully.\r
+ @retval FALSE The Key is set unsuccessfully.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
-HmacSha256Init (\r
+HmacSha256SetKey (\r
OUT VOID *HmacSha256Context,\r
IN CONST UINT8 *Key,\r
IN UINTN KeySize\r
//\r
// Check input parameters.\r
//\r
- if (HmacSha256Context == NULL || KeySize > INT_MAX) {\r
+ if ((HmacSha256Context == NULL) || (KeySize > INT_MAX)) {\r
return FALSE;\r
}\r
\r
- //\r
- // OpenSSL HMAC-SHA256 Context Initialization\r
- //\r
- memset(HmacSha256Context, 0, HMAC_SHA256_CTX_SIZE);\r
- if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) {\r
- return FALSE;\r
- }\r
- if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32) KeySize, EVP_sha256(), NULL) != 1) {\r
+ if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32)KeySize, EVP_sha256 (), NULL) != 1) {\r
return FALSE;\r
}\r
\r
//\r
// Check input parameters.\r
//\r
- if (HmacSha256Context == NULL || NewHmacSha256Context == NULL) {\r
+ if ((HmacSha256Context == NULL) || (NewHmacSha256Context == NULL)) {\r
return FALSE;\r
}\r
\r
\r
This function performs HMAC-SHA256 digest on a data buffer of the specified size.\r
It can be called multiple times to compute the digest of long or discontinuous data streams.\r
- HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should not\r
- be finalized by HmacSha256Final(). Behavior with invalid context is undefined.\r
+ HMAC-SHA256 context should be initialized by HmacSha256New(), and should not be finalized\r
+ by HmacSha256Final(). Behavior with invalid context is undefined.\r
\r
If HmacSha256Context is NULL, then return FALSE.\r
\r
//\r
// Check invalid parameters, in case that only DataLength was checked in OpenSSL\r
//\r
- if (Data == NULL && DataSize != 0) {\r
+ if ((Data == NULL) && (DataSize != 0)) {\r
return FALSE;\r
}\r
\r
This function completes HMAC-SHA256 hash computation and retrieves the digest value into\r
the specified memory. After this function has been called, the HMAC-SHA256 context cannot\r
be used again.\r
- HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should\r
- not be finalized by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined.\r
+ HMAC-SHA256 context should be initialized by HmacSha256New(), and should not be finalized\r
+ by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined.\r
\r
If HmacSha256Context is NULL, then return FALSE.\r
If HmacValue is NULL, then return FALSE.\r
//\r
// Check input parameters.\r
//\r
- if (HmacSha256Context == NULL || HmacValue == NULL) {\r
+ if ((HmacSha256Context == NULL) || (HmacValue == NULL)) {\r
return FALSE;\r
}\r
\r
if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != 1) {\r
return FALSE;\r
}\r
+\r
if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) {\r
return FALSE;\r
}\r