From 9a1f14ad721bbcd833ec5108944c44a502392f03 Mon Sep 17 00:00:00 2001 From: Jian J Wang Date: Fri, 17 Jan 2020 11:06:31 +0800 Subject: [PATCH] CryptoPkg/BaseCryptLib: remove HmacXxxGetContextSize interface REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1792 Hmac(Md5|Sha1|Sha256)GetContextSize() use a deprecated macro HMAC_MAX_MD_CBLOCK defined in openssl. They should be dropped to avoid misuses in the future. For context allocation and release, use HmacXxxNew() and HmacXxxFree() instead. Cc: Xiaoyu Lu Cc: Laszlo Ersek Signed-off-by: Jian J Wang Reviewed-by: Laszlo Ersek Reviewed-by: Xiaoyu Lu --- CryptoPkg/Include/Library/BaseCryptLib.h | 53 +------------------ .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c | 33 +----------- .../BaseCryptLib/Hmac/CryptHmacMd5Null.c | 22 +------- .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c | 34 +----------- .../BaseCryptLib/Hmac/CryptHmacSha1Null.c | 22 +------- .../BaseCryptLib/Hmac/CryptHmacSha256.c | 33 +----------- .../BaseCryptLib/Hmac/CryptHmacSha256Null.c | 22 +------- .../BaseCryptLibNull/Hmac/CryptHmacMd5Null.c | 22 +------- .../BaseCryptLibNull/Hmac/CryptHmacSha1Null.c | 22 +------- .../Hmac/CryptHmacSha256Null.c | 22 +------- 10 files changed, 10 insertions(+), 275 deletions(-) diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h index 5fafcd72bc..8320fddc4c 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -4,7 +4,7 @@ primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security functionality enabling. -Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -1025,23 +1025,6 @@ Sm3HashAll ( // MAC (Message Authentication Code) Primitive //===================================================================================== -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations. - (NOTE: This API is deprecated. - Use HmacMd5New() / HmacMd5Free() for HMAC-MD5 Context operations.) - - If this interface is not supported, then return zero. - - @return The size, in bytes, of the context buffer required for HMAC-MD5 operations. - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -HmacMd5GetContextSize ( - VOID - ); - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use. @@ -1175,23 +1158,6 @@ HmacMd5Final ( OUT UINT8 *HmacValue ); -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations. - (NOTE: This API is deprecated. - Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.) - - If this interface is not supported, then return zero. - - @return The size, in bytes, of the context buffer required for HMAC-SHA1 operations. - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -HmacSha1GetContextSize ( - VOID - ); - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use. @@ -1325,23 +1291,6 @@ HmacSha1Final ( OUT UINT8 *HmacValue ); -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations. - (NOTE: This API is deprecated. - Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.) - - If this interface is not supported, then return zero. - - @return The size, in bytes, of the context buffer required for HMAC-SHA256 operations. - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -HmacSha256GetContextSize ( - VOID - ); - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c index 7d49dc2698..da46ce09f4 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c @@ -1,7 +1,7 @@ /** @file HMAC-MD5 Wrapper Implementation over OpenSSL. -Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -9,37 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "InternalCryptLib.h" #include -// -// NOTE: OpenSSL redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h -// #define HMAC_MAX_MD_CBLOCK_SIZE 144 -// -#define HMAC_MD5_CTX_SIZE (sizeof(void *) * 4 + sizeof(unsigned int) + \ - sizeof(unsigned char) * 144) - -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations. - (NOTE: This API is deprecated. - Use HmacMd5New() / HmacMd5Free() for HMAC-MD5 Context operations.) - - @return The size, in bytes, of the context buffer required for HMAC-MD5 operations. - -**/ -UINTN -EFIAPI -HmacMd5GetContextSize ( - VOID - ) -{ - // - // Retrieves the OpenSSL HMAC-MD5 Context Size - // NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the - // fixed size as a workaround to make this API work for compatibility. - // We should retire HmacMd5GetContextSize() in future, and use HmacMd5New() - // and HmacMd5Free() for context allocation and release. - // - return (UINTN) HMAC_MD5_CTX_SIZE; -} - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use. diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c index b77a2266db..5de55bf0d5 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c @@ -1,33 +1,13 @@ /** @file HMAC-MD5 Wrapper Implementation which does not provide real capabilities. -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include "InternalCryptLib.h" -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations. - (NOTE: This API is deprecated. - Use HmacMd5New() / HmacMd5Free() for HMAC-MD5 Context operations.) - - Return zero to indicate this interface is not supported. - - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -HmacMd5GetContextSize ( - VOID - ) -{ - ASSERT (FALSE); - return 0; -} - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use. diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c index 8126fb525f..7593ca55b1 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c @@ -1,7 +1,7 @@ /** @file HMAC-SHA1 Wrapper Implementation over OpenSSL. -Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -9,38 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "InternalCryptLib.h" #include -// -// NOTE: OpenSSL redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h -// #define HMAC_MAX_MD_CBLOCK_SIZE 144 -// -// -#define HMAC_SHA1_CTX_SIZE (sizeof(void *) * 4 + sizeof(unsigned int) + \ - sizeof(unsigned char) * 144) - -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations. - (NOTE: This API is deprecated. - Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.) - - @return The size, in bytes, of the context buffer required for HMAC-SHA1 operations. - -**/ -UINTN -EFIAPI -HmacSha1GetContextSize ( - VOID - ) -{ - // - // Retrieves the OpenSSL HMAC-SHA1 Context Size - // NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the - // fixed size as a workaround to make this API work for compatibility. - // We should retire HmacSha15GetContextSize() in future, and use HmacSha1New() - // and HmacSha1Free() for context allocation and release. - // - return (UINTN) HMAC_SHA1_CTX_SIZE; -} - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use. diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c index 84f204a542..e8c0f341b7 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c @@ -1,33 +1,13 @@ /** @file HMAC-SHA1 Wrapper Implementation which does not provide real capabilities. -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include "InternalCryptLib.h" -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations. - (NOTE: This API is deprecated. - Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.) - - Return zero to indicate this interface is not supported. - - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -HmacSha1GetContextSize ( - VOID - ) -{ - ASSERT (FALSE); - return 0; -} - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use. diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c index f8fd0b172a..3fdef064f9 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c @@ -1,7 +1,7 @@ /** @file HMAC-SHA256 Wrapper Implementation over OpenSSL. -Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -9,37 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "InternalCryptLib.h" #include -// -// NOTE: OpenSSL redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h -// #define HMAC_MAX_MD_CBLOCK_SIZE 144 -// -#define HMAC_SHA256_CTX_SIZE (sizeof(void *) * 4 + sizeof(unsigned int) + \ - sizeof(unsigned char) * 144) - -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations. - (NOTE: This API is deprecated. - Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.) - - @return The size, in bytes, of the context buffer required for HMAC-SHA256 operations. - -**/ -UINTN -EFIAPI -HmacSha256GetContextSize ( - VOID - ) -{ - // - // Retrieves the OpenSSL HMAC-SHA256 Context Size - // NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the - // fixed size as a workaround to make this API work for compatibility. - // We should retire HmacSha256GetContextSize() in future, and use HmacSha256New() - // and HmacSha256Free() for context allocation and release. - // - return (UINTN)HMAC_SHA256_CTX_SIZE; -} - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c index cededebaa0..2e3cb3bdfe 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c @@ -1,33 +1,13 @@ /** @file HMAC-SHA256 Wrapper Implementation which does not provide real capabilities. -Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include "InternalCryptLib.h" -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations. - (NOTE: This API is deprecated. - Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.) - - Return zero to indicate this interface is not supported. - - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -HmacSha256GetContextSize ( - VOID - ) -{ - ASSERT (FALSE); - return 0; -} - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c index b77a2266db..5de55bf0d5 100644 --- a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c +++ b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacMd5Null.c @@ -1,33 +1,13 @@ /** @file HMAC-MD5 Wrapper Implementation which does not provide real capabilities. -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include "InternalCryptLib.h" -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations. - (NOTE: This API is deprecated. - Use HmacMd5New() / HmacMd5Free() for HMAC-MD5 Context operations.) - - Return zero to indicate this interface is not supported. - - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -HmacMd5GetContextSize ( - VOID - ) -{ - ASSERT (FALSE); - return 0; -} - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use. diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c index 84f204a542..e8c0f341b7 100644 --- a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c +++ b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha1Null.c @@ -1,33 +1,13 @@ /** @file HMAC-SHA1 Wrapper Implementation which does not provide real capabilities. -Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include "InternalCryptLib.h" -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations. - (NOTE: This API is deprecated. - Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.) - - Return zero to indicate this interface is not supported. - - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -HmacSha1GetContextSize ( - VOID - ) -{ - ASSERT (FALSE); - return 0; -} - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use. diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c index cededebaa0..2e3cb3bdfe 100644 --- a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c +++ b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c @@ -1,33 +1,13 @@ /** @file HMAC-SHA256 Wrapper Implementation which does not provide real capabilities. -Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include "InternalCryptLib.h" -/** - Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations. - (NOTE: This API is deprecated. - Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.) - - Return zero to indicate this interface is not supported. - - @retval 0 This interface is not supported. - -**/ -UINTN -EFIAPI -HmacSha256GetContextSize ( - VOID - ) -{ - ASSERT (FALSE); - return 0; -} - /** Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. -- 2.39.2