X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=CryptoPkg%2FLibrary%2FBaseCryptLib%2FHmac%2FCryptHmacSha256.c;h=7e83551c1b22fc51fbc45610fe10bec64b03b161;hp=d6b3ae4883297f09d2e220487f1a736dd7493a51;hb=7c342378317039e632d9a1a5d4cf7c21aec8cb7a;hpb=4c270243995a4cba33955f6dfaa8ee93748ff843
diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c
index d6b3ae4883..7e83551c1b 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c
@@ -1,47 +1,14 @@
/** @file
HMAC-SHA256 Wrapper Implementation over OpenSSL.
-Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include "InternalCryptLib.h"
#include
-#define HMAC_SHA256_CTX_SIZE sizeof(void *) * 4 + sizeof(unsigned int) + \
- sizeof(unsigned char) * HMAC_MAX_MD_CBLOCK
-
-/**
- Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations.
- (NOTE: This API is deprecated.
- Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.)
-
- @return The size, in bytes, of the context buffer required for HMAC-SHA256 operations.
-
-**/
-UINTN
-EFIAPI
-HmacSha256GetContextSize (
- VOID
- )
-{
- //
- // Retrieves the OpenSSL HMAC-SHA256 Context Size
- // NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the
- // fixed size as a workaround to make this API work for compatibility.
- // We should retire HmacSha256GetContextSize() in future, and use HmacSha256New()
- // and HmacSha256Free() for context allocation and release.
- //
- return (UINTN)HMAC_SHA256_CTX_SIZE;
-}
-
/**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.
@@ -58,7 +25,7 @@ HmacSha256New (
//
// Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new()
//
- return (VOID *) HMAC_CTX_new ();
+ return (VOID *)HMAC_CTX_new ();
}
/**
@@ -80,22 +47,22 @@ HmacSha256Free (
}
/**
- Initializes user-supplied memory pointed by HmacSha256Context as HMAC-SHA256 context for
- subsequent use.
+ Set user-supplied key for subsequent use. It must be done before any
+ calling to HmacSha256Update().
If HmacSha256Context is NULL, then return FALSE.
- @param[out] HmacSha256Context Pointer to HMAC-SHA256 context being initialized.
+ @param[out] HmacSha256Context Pointer to HMAC-SHA256 context.
@param[in] Key Pointer to the user-supplied key.
@param[in] KeySize Key size in bytes.
- @retval TRUE HMAC-SHA256 context initialization succeeded.
- @retval FALSE HMAC-SHA256 context initialization failed.
+ @retval TRUE The Key is set successfully.
+ @retval FALSE The Key is set unsuccessfully.
**/
BOOLEAN
EFIAPI
-HmacSha256Init (
+HmacSha256SetKey (
OUT VOID *HmacSha256Context,
IN CONST UINT8 *Key,
IN UINTN KeySize
@@ -104,18 +71,11 @@ HmacSha256Init (
//
// Check input parameters.
//
- if (HmacSha256Context == NULL || KeySize > INT_MAX) {
+ if ((HmacSha256Context == NULL) || (KeySize > INT_MAX)) {
return FALSE;
}
- //
- // OpenSSL HMAC-SHA256 Context Initialization
- //
- memset(HmacSha256Context, 0, HMAC_SHA256_CTX_SIZE);
- if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) {
- return FALSE;
- }
- if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32) KeySize, EVP_sha256(), NULL) != 1) {
+ if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32)KeySize, EVP_sha256 (), NULL) != 1) {
return FALSE;
}
@@ -145,7 +105,7 @@ HmacSha256Duplicate (
//
// Check input parameters.
//
- if (HmacSha256Context == NULL || NewHmacSha256Context == NULL) {
+ if ((HmacSha256Context == NULL) || (NewHmacSha256Context == NULL)) {
return FALSE;
}
@@ -161,8 +121,8 @@ HmacSha256Duplicate (
This function performs HMAC-SHA256 digest on a data buffer of the specified size.
It can be called multiple times to compute the digest of long or discontinuous data streams.
- HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should not
- be finalized by HmacSha256Final(). Behavior with invalid context is undefined.
+ HMAC-SHA256 context should be initialized by HmacSha256New(), and should not be finalized
+ by HmacSha256Final(). Behavior with invalid context is undefined.
If HmacSha256Context is NULL, then return FALSE.
@@ -192,7 +152,7 @@ HmacSha256Update (
//
// Check invalid parameters, in case that only DataLength was checked in OpenSSL
//
- if (Data == NULL && DataSize != 0) {
+ if ((Data == NULL) && (DataSize != 0)) {
return FALSE;
}
@@ -212,8 +172,8 @@ HmacSha256Update (
This function completes HMAC-SHA256 hash computation and retrieves the digest value into
the specified memory. After this function has been called, the HMAC-SHA256 context cannot
be used again.
- HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should
- not be finalized by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined.
+ HMAC-SHA256 context should be initialized by HmacSha256New(), and should not be finalized
+ by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined.
If HmacSha256Context is NULL, then return FALSE.
If HmacValue is NULL, then return FALSE.
@@ -238,7 +198,7 @@ HmacSha256Final (
//
// Check input parameters.
//
- if (HmacSha256Context == NULL || HmacValue == NULL) {
+ if ((HmacSha256Context == NULL) || (HmacValue == NULL)) {
return FALSE;
}
@@ -248,6 +208,7 @@ HmacSha256Final (
if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != 1) {
return FALSE;
}
+
if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) {
return FALSE;
}