Would you please provide more information such as: 1) What test you have done 2) What is the size difference
Thank you Yao Jiewen > -----Original Message----- > From: Zhang, Qi1 <[email protected]> > Sent: Monday, August 22, 2022 8:20 PM > To: [email protected] > Cc: Zhang, Qi1 <[email protected]>; Yao, Jiewen <[email protected]>; > Wang, Jian J <[email protected]>; Lu, Xiaoyu1 <[email protected]>; > Jiang, Guomin <[email protected]> > Subject: [PATCH] CryptoPkg: Add HMAC-SHA384 cipher support. > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4025 > > Signed-off-by: Qi Zhang <[email protected]> > Cc: Jiewen Yao <[email protected]> > Cc: Jian J Wang <[email protected]> > Cc: Xiaoyu Lu <[email protected]> > Cc: Guomin Jiang <[email protected]> > --- > CryptoPkg/Driver/Crypto.c | 221 ++++++ > CryptoPkg/Include/Library/BaseCryptLib.h | 188 ++++++ > .../Pcd/PcdCryptoServiceFamilyEnable.h | 13 + > .../Library/BaseCryptLib/BaseCryptLib.inf | 2 +- > .../Library/BaseCryptLib/Hmac/CryptHmac.c | 629 ++++++++++++++++++ > .../Library/BaseCryptLib/Hmac/CryptHmacNull.c | 359 ++++++++++ > .../BaseCryptLib/Hmac/CryptHmacSha256.c | 217 ------ > .../BaseCryptLib/Hmac/CryptHmacSha256Null.c | 139 ---- > .../Library/BaseCryptLib/PeiCryptLib.inf | 2 +- > .../Library/BaseCryptLib/RuntimeCryptLib.inf | 2 +- > .../Library/BaseCryptLib/SecCryptLib.inf | 2 +- > .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +- > .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 +- > .../BaseCryptLibNull/BaseCryptLibNull.inf | 2 +- > .../BaseCryptLibNull/Hmac/CryptHmacNull.c | 359 ++++++++++ > .../Hmac/CryptHmacSha256Null.c | 139 ---- > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 212 ++++++ > CryptoPkg/Private/Protocol/Crypto.h | 197 ++++++ > .../UnitTest/Library/BaseCryptLib/HmacTests.c | 19 + > 19 files changed, 2204 insertions(+), 502 deletions(-) > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c > delete mode 100644 > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c > delete mode 100644 > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c > create mode 100644 > CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c > delete mode 100644 > CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c > > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c > index 76cb9f4da0..cdbba2b811 100644 > --- a/CryptoPkg/Driver/Crypto.c > +++ b/CryptoPkg/Driver/Crypto.c > @@ -1847,6 +1847,218 @@ CryptoServiceHmacSha256Final ( > return CALL_BASECRYPTLIB (HmacSha256.Services.Final, HmacSha256Final, > (HmacSha256Context, HmacValue), FALSE); > > } > > > > +/** > > + Computes the HMAC-SHA256 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA256 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest > > + value (32 bytes). > > + > > + @retval TRUE HMAC-SHA256 digest computation succeeded. > > + @retval FALSE HMAC-SHA256 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +CryptoServiceHmacSha256All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + return CALL_BASECRYPTLIB (HmacSha256.Services.All, HmacSha256All, (Data, > DataSize, Key, KeySize, HmacValue), FALSE); > > +} > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. > > + > > + @return Pointer to the HMAC_CTX context that has been initialized. > > + If the allocations fails, HmacSha384New() returns NULL. > > + > > +**/ > > +VOID * > > +EFIAPI > > +CryptoServiceHmacSha384New ( > > + VOID > > + ) > > +{ > > + return CALL_BASECRYPTLIB (HmacSha384.Services.New, HmacSha384New, (), > NULL); > > +} > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +VOID > > +EFIAPI > > +CryptoServiceHmacSha384Free ( > > + IN VOID *HmacSha384Ctx > > + ) > > +{ > > + CALL_VOID_BASECRYPTLIB (HmacSha384.Services.Free, HmacSha384Free, > (HmacSha384Ctx)); > > +} > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha384Update(). > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval TRUE The Key is set successfully. > > + @retval FALSE The Key is set unsuccessfully. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +CryptoServiceHmacSha384SetKey ( > > + OUT VOID *HmacSha384Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ) > > +{ > > + return CALL_BASECRYPTLIB (HmacSha384.Services.SetKey, > HmacSha384SetKey, (HmacSha384Context, Key, KeySize), FALSE); > > +} > > + > > +/** > > + Makes a copy of an existing HMAC-SHA384 context. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If NewHmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. > > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. > > + > > + @retval TRUE HMAC-SHA384 context copy succeeded. > > + @retval FALSE HMAC-SHA384 context copy failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +CryptoServiceHmacSha384Duplicate ( > > + IN CONST VOID *HmacSha384Context, > > + OUT VOID *NewHmacSha384Context > > + ) > > +{ > > + return CALL_BASECRYPTLIB (HmacSha384.Services.Duplicate, > HmacSha256Duplicate, (HmacSha384Context, NewHmacSha384Context), > FALSE); > > +} > > + > > +/** > > + Digests the input data and updates HMAC-SHA384 context. > > + > > + This function performs HMAC-SHA384 digest on a data buffer of the specified > size. > > + It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid context is undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval TRUE HMAC-SHA384 data digest succeeded. > > + @retval FALSE HMAC-SHA384 data digest failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +CryptoServiceHmacSha384Update ( > > + IN OUT VOID *HmacSha384Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ) > > +{ > > + return CALL_BASECRYPTLIB (HmacSha384.Services.Update, > HmacSha384Update, (HmacSha384Context, Data, DataSize), FALSE); > > +} > > + > > +/** > > + Completes computation of the HMAC-SHA384 digest value. > > + > > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into > > + the specified memory. After this function has been called, the HMAC-SHA384 > context cannot > > + be used again. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If HmacValue is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +CryptoServiceHmacSha384Final ( > > + IN OUT VOID *HmacSha384Context, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + return CALL_BASECRYPTLIB (HmacSha384.Services.Final, HmacSha384Final, > (HmacSha384Context, HmacValue), FALSE); > > +} > > + > > +/** > > + Computes the HMAC-SHA384 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA384 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +CryptoServiceHmacSha384All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + return CALL_BASECRYPTLIB (HmacSha384.Services.All, HmacSha384All, (Data, > DataSize, Key, KeySize, HmacValue), FALSE); > > +} > > + > > // > ================================================================= > ==================== > > // Symmetric Cryptography Primitive > > // > ================================================================= > ==================== > > @@ -4606,6 +4818,15 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = { > CryptoServiceHmacSha256Duplicate, > > CryptoServiceHmacSha256Update, > > CryptoServiceHmacSha256Final, > > + CryptoServiceHmacSha256All, > > + /// HMAC SHA384 > > + CryptoServiceHmacSha384New, > > + CryptoServiceHmacSha384Free, > > + CryptoServiceHmacSha384SetKey, > > + CryptoServiceHmacSha384Duplicate, > > + CryptoServiceHmacSha384Update, > > + CryptoServiceHmacSha384Final, > > + CryptoServiceHmacSha384All, > > /// Md4 - deprecated and unsupported > > DeprecatedCryptoServiceMd4GetContextSize, > > DeprecatedCryptoServiceMd4Init, > > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h > b/CryptoPkg/Include/Library/BaseCryptLib.h > index 7d1499350a..3a42e3494f 100644 > --- a/CryptoPkg/Include/Library/BaseCryptLib.h > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h > @@ -1045,6 +1045,194 @@ HmacSha256Final ( > OUT UINT8 *HmacValue > > ); > > > > +/** > > + Computes the HMAC-SHA256 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA256 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HashValue Pointer to a buffer that receives the HMAC-SHA256 > digest > > + value (32 bytes). > > + > > + @retval TRUE HMAC-SHA256 digest computation succeeded. > > + @retval FALSE HMAC-SHA256 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ); > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. > > + > > + @return Pointer to the HMAC_CTX context that has been initialized. > > + If the allocations fails, HmacSha384New() returns NULL. > > + > > +**/ > > +VOID * > > +EFIAPI > > +HmacSha384New ( > > + VOID > > + ); > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +VOID > > +EFIAPI > > +HmacSha384Free ( > > + IN VOID *HmacSha384Ctx > > + ); > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha384Update(). > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval TRUE The Key is set successfully. > > + @retval FALSE The Key is set unsuccessfully. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384SetKey ( > > + OUT VOID *HmacSha384Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ); > > + > > +/** > > + Makes a copy of an existing HMAC-SHA384 context. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If NewHmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. > > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. > > + > > + @retval TRUE HMAC-SHA384 context copy succeeded. > > + @retval FALSE HMAC-SHA384 context copy failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Duplicate ( > > + IN CONST VOID *HmacSha384Context, > > + OUT VOID *NewHmacSha384Context > > + ); > > + > > +/** > > + Digests the input data and updates HMAC-SHA384 context. > > + > > + This function performs HMAC-SHA384 digest on a data buffer of the specified > size. > > + It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid context is undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval TRUE HMAC-SHA384 data digest succeeded. > > + @retval FALSE HMAC-SHA384 data digest failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Update ( > > + IN OUT VOID *HmacSha384Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ); > > + > > +/** > > + Completes computation of the HMAC-SHA384 digest value. > > + > > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into > > + the specified memory. After this function has been called, the HMAC-SHA384 > context cannot > > + be used again. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If HmacValue is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Final ( > > + IN OUT VOID *HmacSha384Context, > > + OUT UINT8 *HmacValue > > + ); > > + > > +/** > > + Computes the HMAC-SHA384 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA384 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HashValue Pointer to a buffer that receives the HMAC-SHA384 > digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ); > > + > > // > ================================================================= > ==================== > > // Symmetric Cryptography Primitive > > // > ================================================================= > ==================== > > diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h > b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h > index 3d53c2f105..e646d8ac05 100644 > --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h > +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h > @@ -53,9 +53,22 @@ typedef struct { > UINT8 Duplicate : 1; > > UINT8 Update : 1; > > UINT8 Final : 1; > > + UINT8 All : 1; > > } Services; > > UINT32 Family; > > } HmacSha256; > > + union { > > + struct { > > + UINT8 New : 1; > > + UINT8 Free : 1; > > + UINT8 SetKey : 1; > > + UINT8 Duplicate : 1; > > + UINT8 Update : 1; > > + UINT8 Final : 1; > > + UINT8 All : 1; > > + } Services; > > + UINT32 Family; > > + } HmacSha384; > > union { > > struct { > > UINT8 GetContextSize : 1; > > diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > index 3d7b917103..2a9664ad3e 100644 > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > @@ -35,7 +35,7 @@ > Hash/CryptSha512.c > > Hash/CryptSm3.c > > Hash/CryptParallelHashNull.c > > - Hmac/CryptHmacSha256.c > > + Hmac/CryptHmac.c > > Kdf/CryptHkdf.c > > Cipher/CryptAes.c > > Pk/CryptRsaBasic.c > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c > new file mode 100644 > index 0000000000..2786267a0b > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c > @@ -0,0 +1,629 @@ > +/** @file > > + HMAC-SHA256/SHA384 Wrapper Implementation over OpenSSL. > > + > > +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.<BR> > > +SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > + > > +#include "InternalCryptLib.h" > > +#include <openssl/hmac.h> > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD > use. > > + > > + @return Pointer to the HMAC_CTX context that has been initialized. > > + If the allocations fails, HmacMdNew() returns NULL. > > + > > +**/ > > +VOID * > > +HmacMdNew ( > > + VOID > > + ) > > +{ > > + // > > + // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new() > > + // > > + return (VOID *)HMAC_CTX_new (); > > +} > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + @param[in] HmacMdCtx Pointer to the HMAC_CTX context to be released. > > + > > +**/ > > +VOID > > +HmacMdFree ( > > + IN VOID *HmacMdCtx > > + ) > > +{ > > + // > > + // Free OpenSSL HMAC_CTX Context > > + // > > + HMAC_CTX_free ((HMAC_CTX *)HmacMdCtx); > > +} > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacMdUpdate(). > > + > > + If HmacMdContext is NULL, then return FALSE. > > + > > + @param[in] Md Message Digest. > > + @param[out] HmacMdContext Pointer to HMAC-MD context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval TRUE The Key is set successfully. > > + @retval FALSE The Key is set unsuccessfully. > > + > > +**/ > > +BOOLEAN > > +HmacMdSetKey ( > > + IN CONST EVP_MD *Md, > > + OUT VOID *HmacMdContext, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ) > > +{ > > + // > > + // Check input parameters. > > + // > > + if ((HmacMdContext == NULL) || (KeySize > INT_MAX)) { > > + return FALSE; > > + } > > + > > + if (HMAC_Init_ex ((HMAC_CTX *)HmacMdContext, Key, (UINT32)KeySize, Md, > NULL) != 1) { > > + return FALSE; > > + } > > + > > + return TRUE; > > +} > > + > > +/** > > + Makes a copy of an existing HMAC-MD context. > > + > > + If HmacMdContext is NULL, then return FALSE. > > + If NewHmacMdContext is NULL, then return FALSE. > > + > > + @param[in] HmacMdContext Pointer to HMAC-MD context being copied. > > + @param[out] NewHmacMdContext Pointer to new HMAC-MD context. > > + > > + @retval TRUE HMAC-MD context copy succeeded. > > + @retval FALSE HMAC-MD context copy failed. > > + > > +**/ > > +BOOLEAN > > +HmacMdDuplicate ( > > + IN CONST VOID *HmacMdContext, > > + OUT VOID *NewHmacMdContext > > + ) > > +{ > > + // > > + // Check input parameters. > > + // > > + if ((HmacMdContext == NULL) || (NewHmacMdContext == NULL)) { > > + return FALSE; > > + } > > + > > + if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacMdContext, (HMAC_CTX > *)HmacMdContext) != 1) { > > + return FALSE; > > + } > > + > > + return TRUE; > > +} > > + > > +/** > > + Digests the input data and updates HMAC-MD context. > > + > > + This function performs HMAC-MD digest on a data buffer of the specified > size. > > + It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > + HMAC-MD context should be initialized by HmacMdNew(), and should not be > finalized > > + by HmacMdFinal(). Behavior with invalid context is undefined. > > + > > + If HmacMdContext is NULL, then return FALSE. > > + > > + @param[in, out] HmacMdContext Pointer to the HMAC-MD context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval TRUE HMAC-MD data digest succeeded. > > + @retval FALSE HMAC-MD data digest failed. > > + > > +**/ > > +BOOLEAN > > +HmacMdUpdate ( > > + IN OUT VOID *HmacMdContext, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ) > > +{ > > + // > > + // Check input parameters. > > + // > > + if (HmacMdContext == NULL) { > > + return FALSE; > > + } > > + > > + // > > + // Check invalid parameters, in case that only DataLength was checked in > OpenSSL > > + // > > + if ((Data == NULL) && (DataSize != 0)) { > > + return FALSE; > > + } > > + > > + // > > + // OpenSSL HMAC-MD digest update > > + // > > + if (HMAC_Update ((HMAC_CTX *)HmacMdContext, Data, DataSize) != 1) { > > + return FALSE; > > + } > > + > > + return TRUE; > > +} > > + > > +/** > > + Completes computation of the HMAC-MD digest value. > > + > > + This function completes HMAC-MD hash computation and retrieves the digest > value into > > + the specified memory. After this function has been called, the HMAC-MD > context cannot > > + be used again. > > + HMAC-MD context should be initialized by HmacMdNew(), and should not be > finalized > > + by HmacMdFinal(). Behavior with invalid HMAC-MD context is undefined. > > + > > + If HmacMdContext is NULL, then return FALSE. > > + If HmacValue is NULL, then return FALSE. > > + > > + @param[in, out] HmacMdContext Pointer to the HMAC-MD context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > MD digest > > + value. > > + > > + @retval TRUE HMAC-MD digest computation succeeded. > > + @retval FALSE HMAC-MD digest computation failed. > > + > > +**/ > > +BOOLEAN > > +HmacMdFinal ( > > + IN OUT VOID *HmacMdContext, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + UINT32 Length; > > + > > + // > > + // Check input parameters. > > + // > > + if ((HmacMdContext == NULL) || (HmacValue == NULL)) { > > + return FALSE; > > + } > > + > > + // > > + // OpenSSL HMAC-MD digest finalization > > + // > > + if (HMAC_Final ((HMAC_CTX *)HmacMdContext, HmacValue, &Length) != 1) { > > + return FALSE; > > + } > > + > > + if (HMAC_CTX_reset ((HMAC_CTX *)HmacMdContext) != 1) { > > + return FALSE; > > + } > > + > > + return TRUE; > > +} > > + > > +/** > > + Computes the HMAC-MD digest of a input data buffer. > > + > > + This function performs the HMAC-MD digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Md Message Digest. > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC-MD > digest > > + value. > > + > > + @retval TRUE HMAC-MD digest computation succeeded. > > + @retval FALSE HMAC-MD digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +HmacMdAll ( > > + IN CONST EVP_MD *Md, > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + UINT32 Length; > > + HMAC_CTX *Ctx; > > + BOOLEAN RetVal; > > + > > + Ctx = HMAC_CTX_new (); > > + if (Ctx == NULL) { > > + return FALSE; > > + } > > + > > + RetVal = (BOOLEAN)HMAC_CTX_reset (Ctx); > > + if (!RetVal) { > > + goto Done; > > + } > > + > > + RetVal = (BOOLEAN)HMAC_Init_ex (Ctx, Key, (UINT32)KeySize, Md, NULL); > > + if (!RetVal) { > > + goto Done; > > + } > > + > > + RetVal = (BOOLEAN)HMAC_Update (Ctx, Data, DataSize); > > + if (!RetVal) { > > + goto Done; > > + } > > + > > + RetVal = (BOOLEAN)HMAC_Final (Ctx, HmacValue, &Length); > > + if (!RetVal) { > > + goto Done; > > + } > > + > > +Done: > > + HMAC_CTX_free (Ctx); > > + > > + return RetVal; > > +} > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA256 use. > > + > > + @return Pointer to the HMAC_CTX context that has been initialized. > > + If the allocations fails, HmacSha256New() returns NULL. > > + > > +**/ > > +VOID * > > +EFIAPI > > +HmacSha256New ( > > + VOID > > + ) > > +{ > > + return HmacMdNew (); > > +} > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +VOID > > +EFIAPI > > +HmacSha256Free ( > > + IN VOID *HmacSha256Ctx > > + ) > > +{ > > + HmacMdFree (HmacSha256Ctx); > > +} > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha256Update(). > > + > > + If HmacSha256Context is NULL, then return FALSE. > > + > > + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval TRUE The Key is set successfully. > > + @retval FALSE The Key is set unsuccessfully. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256SetKey ( > > + OUT VOID *HmacSha256Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ) > > +{ > > + return HmacMdSetKey (EVP_sha256 (), HmacSha256Context, Key, KeySize); > > +} > > + > > +/** > > + Makes a copy of an existing HMAC-SHA256 context. > > + > > + If HmacSha256Context is NULL, then return FALSE. > > + If NewHmacSha256Context is NULL, then return FALSE. > > + > > + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. > > + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. > > + > > + @retval TRUE HMAC-SHA256 context copy succeeded. > > + @retval FALSE HMAC-SHA256 context copy failed. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256Duplicate ( > > + IN CONST VOID *HmacSha256Context, > > + OUT VOID *NewHmacSha256Context > > + ) > > +{ > > + return HmacMdDuplicate (HmacSha256Context, NewHmacSha256Context); > > +} > > + > > +/** > > + Digests the input data and updates HMAC-SHA256 context. > > + > > + This function performs HMAC-SHA256 digest on a data buffer of the specified > size. > > + It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > + HMAC-SHA256 context should be initialized by HmacSha256New(), and should > not be finalized > > + by HmacSha256Final(). Behavior with invalid context is undefined. > > + > > + If HmacSha256Context is NULL, then return FALSE. > > + > > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval TRUE HMAC-SHA256 data digest succeeded. > > + @retval FALSE HMAC-SHA256 data digest failed. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256Update ( > > + IN OUT VOID *HmacSha256Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ) > > +{ > > + return HmacMdUpdate (HmacSha256Context, Data, DataSize); > > +} > > + > > +/** > > + Completes computation of the HMAC-SHA256 digest value. > > + > > + This function completes HMAC-SHA256 hash computation and retrieves the > digest value into > > + the specified memory. After this function has been called, the HMAC-SHA256 > context cannot > > + be used again. > > + HMAC-SHA256 context should be initialized by HmacSha256New(), and should > not be finalized > > + by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is > undefined. > > + > > + If HmacSha256Context is NULL, then return FALSE. > > + If HmacValue is NULL, then return FALSE. > > + > > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA256 digest > > + value (32 bytes). > > + > > + @retval TRUE HMAC-SHA256 digest computation succeeded. > > + @retval FALSE HMAC-SHA256 digest computation failed. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256Final ( > > + IN OUT VOID *HmacSha256Context, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + return HmacMdFinal (HmacSha256Context, HmacValue); > > +} > > + > > +/** > > + Computes the HMAC-SHA256 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA256 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest > > + value (32 bytes). > > + > > + @retval TRUE HMAC-SHA256 digest computation succeeded. > > + @retval FALSE HMAC-SHA256 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + return HmacMdAll (EVP_sha256 (), Data, DataSize, Key, KeySize, HmacValue); > > +} > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. > > + > > + @return Pointer to the HMAC_CTX context that has been initialized. > > + If the allocations fails, HmacSha384New() returns NULL. > > + > > +**/ > > +VOID * > > +EFIAPI > > +HmacSha384New ( > > + VOID > > + ) > > +{ > > + return HmacMdNew (); > > +} > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +VOID > > +EFIAPI > > +HmacSha384Free ( > > + IN VOID *HmacSha384Ctx > > + ) > > +{ > > + HmacMdFree (HmacSha384Ctx); > > +} > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha384Update(). > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval TRUE The Key is set successfully. > > + @retval FALSE The Key is set unsuccessfully. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384SetKey ( > > + OUT VOID *HmacSha384Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ) > > +{ > > + return HmacMdSetKey (EVP_sha384 (), HmacSha384Context, Key, KeySize); > > +} > > + > > +/** > > + Makes a copy of an existing HMAC-SHA384 context. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If NewHmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. > > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. > > + > > + @retval TRUE HMAC-SHA384 context copy succeeded. > > + @retval FALSE HMAC-SHA384 context copy failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Duplicate ( > > + IN CONST VOID *HmacSha384Context, > > + OUT VOID *NewHmacSha384Context > > + ) > > +{ > > + return HmacMdDuplicate (HmacSha384Context, NewHmacSha384Context); > > +} > > + > > +/** > > + Digests the input data and updates HMAC-SHA384 context. > > + > > + This function performs HMAC-SHA384 digest on a data buffer of the specified > size. > > + It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid context is undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval TRUE HMAC-SHA384 data digest succeeded. > > + @retval FALSE HMAC-SHA384 data digest failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Update ( > > + IN OUT VOID *HmacSha384Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ) > > +{ > > + return HmacMdUpdate (HmacSha384Context, Data, DataSize); > > +} > > + > > +/** > > + Completes computation of the HMAC-SHA384 digest value. > > + > > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into > > + the specified memory. After this function has been called, the HMAC-SHA384 > context cannot > > + be used again. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If HmacValue is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Final ( > > + IN OUT VOID *HmacSha384Context, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + return HmacMdFinal (HmacSha384Context, HmacValue); > > +} > > + > > +/** > > + Computes the HMAC-SHA384 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA384 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + return HmacMdAll (EVP_sha384 (), Data, DataSize, Key, KeySize, HmacValue); > > +} > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c > new file mode 100644 > index 0000000000..0a76db41ec > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c > @@ -0,0 +1,359 @@ > +/** @file > > + HMAC-SHA256/SHA384 Wrapper Implementation which does not provide real > capabilities. > > + > > +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.<BR> > > +SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > + > > +#include "InternalCryptLib.h" > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA256 use. > > + > > + Return NULL to indicate this interface is not supported. > > + > > + @return NULL This interface is not supported.. > > + > > +**/ > > +VOID * > > +EFIAPI > > +HmacSha256New ( > > + VOID > > + ) > > +{ > > + ASSERT (FALSE); > > + return NULL; > > +} > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + This function will do nothing. > > + > > + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +VOID > > +EFIAPI > > +HmacSha256Free ( > > + IN VOID *HmacSha256Ctx > > + ) > > +{ > > + ASSERT (FALSE); > > + return; > > +} > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha256Update(). > > + > > + Return FALSE to indicate this interface is not supported. > > + > > + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256SetKey ( > > + OUT VOID *HmacSha256Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Makes a copy of an existing HMAC-SHA256 context. > > + > > + Return FALSE to indicate this interface is not supported. > > + > > + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. > > + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. > > + > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256Duplicate ( > > + IN CONST VOID *HmacSha256Context, > > + OUT VOID *NewHmacSha256Context > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Digests the input data and updates HMAC-SHA256 context. > > + > > + Return FALSE to indicate this interface is not supported. > > + > > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256Update ( > > + IN OUT VOID *HmacSha256Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Completes computation of the HMAC-SHA256 digest value. > > + > > + Return FALSE to indicate this interface is not supported. > > + > > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA256 digest > > + value (32 bytes). > > + > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256Final ( > > + IN OUT VOID *HmacSha256Context, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Computes the HMAC-SHA256 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA256 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest > > + value (32 bytes). > > + > > + @retval TRUE HMAC-SHA256 digest computation succeeded. > > + @retval FALSE HMAC-SHA256 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. > > + > > + @return Pointer to the HMAC_CTX context that has been initialized. > > + If the allocations fails, HmacSha384New() returns NULL. > > + > > +**/ > > +VOID * > > +EFIAPI > > +HmacSha384New ( > > + VOID > > + ) > > +{ > > + ASSERT (FALSE); > > + return NULL; > > +} > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +VOID > > +EFIAPI > > +HmacSha384Free ( > > + IN VOID *HmacSha384Ctx > > + ) > > +{ > > + ASSERT (FALSE); > > + return; > > +} > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha384Update(). > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval TRUE The Key is set successfully. > > + @retval FALSE The Key is set unsuccessfully. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384SetKey ( > > + OUT VOID *HmacSha384Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Makes a copy of an existing HMAC-SHA384 context. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If NewHmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. > > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. > > + > > + @retval TRUE HMAC-SHA384 context copy succeeded. > > + @retval FALSE HMAC-SHA384 context copy failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Duplicate ( > > + IN CONST VOID *HmacSha384Context, > > + OUT VOID *NewHmacSha384Context > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Digests the input data and updates HMAC-SHA384 context. > > + > > + This function performs HMAC-SHA384 digest on a data buffer of the specified > size. > > + It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid context is undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval TRUE HMAC-SHA384 data digest succeeded. > > + @retval FALSE HMAC-SHA384 data digest failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Update ( > > + IN OUT VOID *HmacSha384Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Completes computation of the HMAC-SHA384 digest value. > > + > > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into > > + the specified memory. After this function has been called, the HMAC-SHA384 > context cannot > > + be used again. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If HmacValue is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Final ( > > + IN OUT VOID *HmacSha384Context, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Computes the HMAC-SHA384 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA384 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c > deleted file mode 100644 > index 7e83551c1b..0000000000 > --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c > +++ /dev/null > @@ -1,217 +0,0 @@ > -/** @file > > - HMAC-SHA256 Wrapper Implementation over OpenSSL. > > - > > -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR> > > -SPDX-License-Identifier: BSD-2-Clause-Patent > > - > > -**/ > > - > > -#include "InternalCryptLib.h" > > -#include <openssl/hmac.h> > > - > > -/** > > - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 > use. > > - > > - @return Pointer to the HMAC_CTX context that has been initialized. > > - If the allocations fails, HmacSha256New() returns NULL. > > - > > -**/ > > -VOID * > > -EFIAPI > > -HmacSha256New ( > > - VOID > > - ) > > -{ > > - // > > - // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new() > > - // > > - return (VOID *)HMAC_CTX_new (); > > -} > > - > > -/** > > - Release the specified HMAC_CTX context. > > - > > - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. > > - > > -**/ > > -VOID > > -EFIAPI > > -HmacSha256Free ( > > - IN VOID *HmacSha256Ctx > > - ) > > -{ > > - // > > - // Free OpenSSL HMAC_CTX Context > > - // > > - HMAC_CTX_free ((HMAC_CTX *)HmacSha256Ctx); > > -} > > - > > -/** > > - Set user-supplied key for subsequent use. It must be done before any > > - calling to HmacSha256Update(). > > - > > - If HmacSha256Context is NULL, then return FALSE. > > - > > - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. > > - @param[in] Key Pointer to the user-supplied key. > > - @param[in] KeySize Key size in bytes. > > - > > - @retval TRUE The Key is set successfully. > > - @retval FALSE The Key is set unsuccessfully. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256SetKey ( > > - OUT VOID *HmacSha256Context, > > - IN CONST UINT8 *Key, > > - IN UINTN KeySize > > - ) > > -{ > > - // > > - // Check input parameters. > > - // > > - if ((HmacSha256Context == NULL) || (KeySize > INT_MAX)) { > > - return FALSE; > > - } > > - > > - if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32)KeySize, > EVP_sha256 (), NULL) != 1) { > > - return FALSE; > > - } > > - > > - return TRUE; > > -} > > - > > -/** > > - Makes a copy of an existing HMAC-SHA256 context. > > - > > - If HmacSha256Context is NULL, then return FALSE. > > - If NewHmacSha256Context is NULL, then return FALSE. > > - > > - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. > > - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. > > - > > - @retval TRUE HMAC-SHA256 context copy succeeded. > > - @retval FALSE HMAC-SHA256 context copy failed. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256Duplicate ( > > - IN CONST VOID *HmacSha256Context, > > - OUT VOID *NewHmacSha256Context > > - ) > > -{ > > - // > > - // Check input parameters. > > - // > > - if ((HmacSha256Context == NULL) || (NewHmacSha256Context == NULL)) { > > - return FALSE; > > - } > > - > > - if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacSha256Context, (HMAC_CTX > *)HmacSha256Context) != 1) { > > - return FALSE; > > - } > > - > > - return TRUE; > > -} > > - > > -/** > > - Digests the input data and updates HMAC-SHA256 context. > > - > > - This function performs HMAC-SHA256 digest on a data buffer of the specified > size. > > - It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > - HMAC-SHA256 context should be initialized by HmacSha256New(), and should > not be finalized > > - by HmacSha256Final(). Behavior with invalid context is undefined. > > - > > - If HmacSha256Context is NULL, then return FALSE. > > - > > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > - @param[in] Data Pointer to the buffer containing the > data to be > digested. > > - @param[in] DataSize Size of Data buffer in bytes. > > - > > - @retval TRUE HMAC-SHA256 data digest succeeded. > > - @retval FALSE HMAC-SHA256 data digest failed. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256Update ( > > - IN OUT VOID *HmacSha256Context, > > - IN CONST VOID *Data, > > - IN UINTN DataSize > > - ) > > -{ > > - // > > - // Check input parameters. > > - // > > - if (HmacSha256Context == NULL) { > > - return FALSE; > > - } > > - > > - // > > - // Check invalid parameters, in case that only DataLength was checked in > OpenSSL > > - // > > - if ((Data == NULL) && (DataSize != 0)) { > > - return FALSE; > > - } > > - > > - // > > - // OpenSSL HMAC-SHA256 digest update > > - // > > - if (HMAC_Update ((HMAC_CTX *)HmacSha256Context, Data, DataSize) != 1) { > > - return FALSE; > > - } > > - > > - return TRUE; > > -} > > - > > -/** > > - Completes computation of the HMAC-SHA256 digest value. > > - > > - This function completes HMAC-SHA256 hash computation and retrieves the > digest value into > > - the specified memory. After this function has been called, the HMAC-SHA256 > context cannot > > - be used again. > > - HMAC-SHA256 context should be initialized by HmacSha256New(), and should > not be finalized > > - by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is > undefined. > > - > > - If HmacSha256Context is NULL, then return FALSE. > > - If HmacValue is NULL, then return FALSE. > > - > > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > - @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA256 digest > > - value (32 bytes). > > - > > - @retval TRUE HMAC-SHA256 digest computation succeeded. > > - @retval FALSE HMAC-SHA256 digest computation failed. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256Final ( > > - IN OUT VOID *HmacSha256Context, > > - OUT UINT8 *HmacValue > > - ) > > -{ > > - UINT32 Length; > > - > > - // > > - // Check input parameters. > > - // > > - if ((HmacSha256Context == NULL) || (HmacValue == NULL)) { > > - return FALSE; > > - } > > - > > - // > > - // OpenSSL HMAC-SHA256 digest finalization > > - // > > - if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != > 1) { > > - return FALSE; > > - } > > - > > - if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) != 1) { > > - return FALSE; > > - } > > - > > - return TRUE; > > -} > > diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c > deleted file mode 100644 > index 2e3cb3bdfe..0000000000 > --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c > +++ /dev/null > @@ -1,139 +0,0 @@ > -/** @file > > - HMAC-SHA256 Wrapper Implementation which does not provide real > capabilities. > > - > > -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR> > > -SPDX-License-Identifier: BSD-2-Clause-Patent > > - > > -**/ > > - > > -#include "InternalCryptLib.h" > > - > > -/** > > - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 > use. > > - > > - Return NULL to indicate this interface is not supported. > > - > > - @return NULL This interface is not supported.. > > - > > -**/ > > -VOID * > > -EFIAPI > > -HmacSha256New ( > > - VOID > > - ) > > -{ > > - ASSERT (FALSE); > > - return NULL; > > -} > > - > > -/** > > - Release the specified HMAC_CTX context. > > - > > - This function will do nothing. > > - > > - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. > > - > > -**/ > > -VOID > > -EFIAPI > > -HmacSha256Free ( > > - IN VOID *HmacSha256Ctx > > - ) > > -{ > > - ASSERT (FALSE); > > - return; > > -} > > - > > -/** > > - Set user-supplied key for subsequent use. It must be done before any > > - calling to HmacSha256Update(). > > - > > - Return FALSE to indicate this interface is not supported. > > - > > - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. > > - @param[in] Key Pointer to the user-supplied key. > > - @param[in] KeySize Key size in bytes. > > - > > - @retval FALSE This interface is not supported. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256SetKey ( > > - OUT VOID *HmacSha256Context, > > - IN CONST UINT8 *Key, > > - IN UINTN KeySize > > - ) > > -{ > > - ASSERT (FALSE); > > - return FALSE; > > -} > > - > > -/** > > - Makes a copy of an existing HMAC-SHA256 context. > > - > > - Return FALSE to indicate this interface is not supported. > > - > > - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. > > - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. > > - > > - @retval FALSE This interface is not supported. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256Duplicate ( > > - IN CONST VOID *HmacSha256Context, > > - OUT VOID *NewHmacSha256Context > > - ) > > -{ > > - ASSERT (FALSE); > > - return FALSE; > > -} > > - > > -/** > > - Digests the input data and updates HMAC-SHA256 context. > > - > > - Return FALSE to indicate this interface is not supported. > > - > > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > - @param[in] Data Pointer to the buffer containing the > data to be > digested. > > - @param[in] DataSize Size of Data buffer in bytes. > > - > > - @retval FALSE This interface is not supported. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256Update ( > > - IN OUT VOID *HmacSha256Context, > > - IN CONST VOID *Data, > > - IN UINTN DataSize > > - ) > > -{ > > - ASSERT (FALSE); > > - return FALSE; > > -} > > - > > -/** > > - Completes computation of the HMAC-SHA256 digest value. > > - > > - Return FALSE to indicate this interface is not supported. > > - > > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > - @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA256 digest > > - value (32 bytes). > > - > > - @retval FALSE This interface is not supported. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256Final ( > > - IN OUT VOID *HmacSha256Context, > > - OUT UINT8 *HmacValue > > - ) > > -{ > > - ASSERT (FALSE); > > - return FALSE; > > -} > > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > index 01de27e037..f88f8312f6 100644 > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > @@ -41,7 +41,7 @@ > Hash/CryptSm3.c > > Hash/CryptSha512.c > > Hash/CryptParallelHashNull.c > > - Hmac/CryptHmacSha256.c > > + Hmac/CryptHmac.c > > Kdf/CryptHkdf.c > > Cipher/CryptAesNull.c > > Pk/CryptRsaBasic.c > > diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > index d28fb98b66..9213952701 100644 > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > @@ -41,7 +41,7 @@ > Hash/CryptSm3.c > > Hash/CryptSha512.c > > Hash/CryptParallelHashNull.c > > - Hmac/CryptHmacSha256.c > > + Hmac/CryptHmac.c > > Kdf/CryptHkdf.c > > Cipher/CryptAes.c > > Pk/CryptRsaBasic.c > > diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > index 070b44447e..0b1dd31c41 100644 > --- a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > @@ -34,7 +34,7 @@ > Hash/CryptSha256Null.c > > Hash/CryptSm3Null.c > > Hash/CryptParallelHashNull.c > > - Hmac/CryptHmacSha256Null.c > > + Hmac/CryptHmacNull.c > > Kdf/CryptHkdfNull.c > > Cipher/CryptAesNull.c > > Pk/CryptRsaBasicNull.c > > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > index 91a1715095..ed76520fcc 100644 > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > @@ -42,7 +42,7 @@ > Hash/CryptXkcp.c > > Hash/CryptCShake256.c > > Hash/CryptParallelHash.c > > - Hmac/CryptHmacSha256.c > > + Hmac/CryptHmac.c > > Kdf/CryptHkdfNull.c > > Cipher/CryptAes.c > > Pk/CryptRsaBasic.c > > diff --git a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf > index 11ff1c6931..63282dc5ab 100644 > --- a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf > @@ -28,7 +28,7 @@ > Hash/CryptSha256.c > > Hash/CryptSha512.c > > Hash/CryptSm3.c > > - Hmac/CryptHmacSha256.c > > + Hmac/CryptHmac.c > > Kdf/CryptHkdf.c > > Cipher/CryptAes.c > > Pk/CryptRsaBasic.c > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > index 63d1d82d19..728e0793ac 100644 > --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > @@ -35,7 +35,7 @@ > Hash/CryptSha512Null.c > > Hash/CryptSm3Null.c > > Hash/CryptParallelHashNull.c > > - Hmac/CryptHmacSha256Null.c > > + Hmac/CryptHmacNull.c > > Kdf/CryptHkdfNull.c > > Cipher/CryptAesNull.c > > Pk/CryptRsaBasicNull.c > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c > b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c > new file mode 100644 > index 0000000000..0a76db41ec > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c > @@ -0,0 +1,359 @@ > +/** @file > > + HMAC-SHA256/SHA384 Wrapper Implementation which does not provide real > capabilities. > > + > > +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.<BR> > > +SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > + > > +#include "InternalCryptLib.h" > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA256 use. > > + > > + Return NULL to indicate this interface is not supported. > > + > > + @return NULL This interface is not supported.. > > + > > +**/ > > +VOID * > > +EFIAPI > > +HmacSha256New ( > > + VOID > > + ) > > +{ > > + ASSERT (FALSE); > > + return NULL; > > +} > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + This function will do nothing. > > + > > + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +VOID > > +EFIAPI > > +HmacSha256Free ( > > + IN VOID *HmacSha256Ctx > > + ) > > +{ > > + ASSERT (FALSE); > > + return; > > +} > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha256Update(). > > + > > + Return FALSE to indicate this interface is not supported. > > + > > + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256SetKey ( > > + OUT VOID *HmacSha256Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Makes a copy of an existing HMAC-SHA256 context. > > + > > + Return FALSE to indicate this interface is not supported. > > + > > + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. > > + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. > > + > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256Duplicate ( > > + IN CONST VOID *HmacSha256Context, > > + OUT VOID *NewHmacSha256Context > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Digests the input data and updates HMAC-SHA256 context. > > + > > + Return FALSE to indicate this interface is not supported. > > + > > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256Update ( > > + IN OUT VOID *HmacSha256Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Completes computation of the HMAC-SHA256 digest value. > > + > > + Return FALSE to indicate this interface is not supported. > > + > > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA256 digest > > + value (32 bytes). > > + > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256Final ( > > + IN OUT VOID *HmacSha256Context, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Computes the HMAC-SHA256 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA256 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest > > + value (32 bytes). > > + > > + @retval TRUE HMAC-SHA256 digest computation succeeded. > > + @retval FALSE HMAC-SHA256 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. > > + > > + @return Pointer to the HMAC_CTX context that has been initialized. > > + If the allocations fails, HmacSha384New() returns NULL. > > + > > +**/ > > +VOID * > > +EFIAPI > > +HmacSha384New ( > > + VOID > > + ) > > +{ > > + ASSERT (FALSE); > > + return NULL; > > +} > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +VOID > > +EFIAPI > > +HmacSha384Free ( > > + IN VOID *HmacSha384Ctx > > + ) > > +{ > > + ASSERT (FALSE); > > + return; > > +} > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha384Update(). > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval TRUE The Key is set successfully. > > + @retval FALSE The Key is set unsuccessfully. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384SetKey ( > > + OUT VOID *HmacSha384Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Makes a copy of an existing HMAC-SHA384 context. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If NewHmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. > > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. > > + > > + @retval TRUE HMAC-SHA384 context copy succeeded. > > + @retval FALSE HMAC-SHA384 context copy failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Duplicate ( > > + IN CONST VOID *HmacSha384Context, > > + OUT VOID *NewHmacSha384Context > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Digests the input data and updates HMAC-SHA384 context. > > + > > + This function performs HMAC-SHA384 digest on a data buffer of the specified > size. > > + It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid context is undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval TRUE HMAC-SHA384 data digest succeeded. > > + @retval FALSE HMAC-SHA384 data digest failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Update ( > > + IN OUT VOID *HmacSha384Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Completes computation of the HMAC-SHA384 digest value. > > + > > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into > > + the specified memory. After this function has been called, the HMAC-SHA384 > context cannot > > + be used again. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If HmacValue is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Final ( > > + IN OUT VOID *HmacSha384Context, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > + > > +/** > > + Computes the HMAC-SHA384 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA384 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c > b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c > deleted file mode 100644 > index 2e3cb3bdfe..0000000000 > --- a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c > +++ /dev/null > @@ -1,139 +0,0 @@ > -/** @file > > - HMAC-SHA256 Wrapper Implementation which does not provide real > capabilities. > > - > > -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR> > > -SPDX-License-Identifier: BSD-2-Clause-Patent > > - > > -**/ > > - > > -#include "InternalCryptLib.h" > > - > > -/** > > - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 > use. > > - > > - Return NULL to indicate this interface is not supported. > > - > > - @return NULL This interface is not supported.. > > - > > -**/ > > -VOID * > > -EFIAPI > > -HmacSha256New ( > > - VOID > > - ) > > -{ > > - ASSERT (FALSE); > > - return NULL; > > -} > > - > > -/** > > - Release the specified HMAC_CTX context. > > - > > - This function will do nothing. > > - > > - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. > > - > > -**/ > > -VOID > > -EFIAPI > > -HmacSha256Free ( > > - IN VOID *HmacSha256Ctx > > - ) > > -{ > > - ASSERT (FALSE); > > - return; > > -} > > - > > -/** > > - Set user-supplied key for subsequent use. It must be done before any > > - calling to HmacSha256Update(). > > - > > - Return FALSE to indicate this interface is not supported. > > - > > - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. > > - @param[in] Key Pointer to the user-supplied key. > > - @param[in] KeySize Key size in bytes. > > - > > - @retval FALSE This interface is not supported. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256SetKey ( > > - OUT VOID *HmacSha256Context, > > - IN CONST UINT8 *Key, > > - IN UINTN KeySize > > - ) > > -{ > > - ASSERT (FALSE); > > - return FALSE; > > -} > > - > > -/** > > - Makes a copy of an existing HMAC-SHA256 context. > > - > > - Return FALSE to indicate this interface is not supported. > > - > > - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. > > - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. > > - > > - @retval FALSE This interface is not supported. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256Duplicate ( > > - IN CONST VOID *HmacSha256Context, > > - OUT VOID *NewHmacSha256Context > > - ) > > -{ > > - ASSERT (FALSE); > > - return FALSE; > > -} > > - > > -/** > > - Digests the input data and updates HMAC-SHA256 context. > > - > > - Return FALSE to indicate this interface is not supported. > > - > > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > - @param[in] Data Pointer to the buffer containing the > data to be > digested. > > - @param[in] DataSize Size of Data buffer in bytes. > > - > > - @retval FALSE This interface is not supported. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256Update ( > > - IN OUT VOID *HmacSha256Context, > > - IN CONST VOID *Data, > > - IN UINTN DataSize > > - ) > > -{ > > - ASSERT (FALSE); > > - return FALSE; > > -} > > - > > -/** > > - Completes computation of the HMAC-SHA256 digest value. > > - > > - Return FALSE to indicate this interface is not supported. > > - > > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. > > - @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA256 digest > > - value (32 bytes). > > - > > - @retval FALSE This interface is not supported. > > - > > -**/ > > -BOOLEAN > > -EFIAPI > > -HmacSha256Final ( > > - IN OUT VOID *HmacSha256Context, > > - OUT UINT8 *HmacValue > > - ) > > -{ > > - ASSERT (FALSE); > > - return FALSE; > > -} > > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > index 8ee1b53cf9..0218e9b594 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > @@ -1201,6 +1201,218 @@ HmacSha256Final ( > CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), > FALSE); > > } > > > > +/** > > + Computes the HMAC-SHA256 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA256 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest > > + value (32 bytes). > > + > > + @retval TRUE HMAC-SHA256 digest computation succeeded. > > + @retval FALSE HMAC-SHA256 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha256All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE); > > +} > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. > > + > > + @return Pointer to the HMAC_CTX context that has been initialized. > > + If the allocations fails, HmacSha384New() returns NULL. > > + > > +**/ > > +VOID * > > +EFIAPI > > +HmacSha384New ( > > + VOID > > + ) > > +{ > > + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); > > +} > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +VOID > > +EFIAPI > > +HmacSha384Free ( > > + IN VOID *HmacSha384Ctx > > + ) > > +{ > > + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); > > +} > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha384Update(). > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval TRUE The Key is set successfully. > > + @retval FALSE The Key is set unsuccessfully. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384SetKey ( > > + OUT VOID *HmacSha384Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ) > > +{ > > + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > KeySize), FALSE); > > +} > > + > > +/** > > + Makes a copy of an existing HMAC-SHA384 context. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If NewHmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. > > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. > > + > > + @retval TRUE HMAC-SHA384 context copy succeeded. > > + @retval FALSE HMAC-SHA384 context copy failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Duplicate ( > > + IN CONST VOID *HmacSha384Context, > > + OUT VOID *NewHmacSha384Context > > + ) > > +{ > > + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > NewHmacSha384Context), FALSE); > > +} > > + > > +/** > > + Digests the input data and updates HMAC-SHA384 context. > > + > > + This function performs HMAC-SHA384 digest on a data buffer of the specified > size. > > + It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid context is undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval TRUE HMAC-SHA384 data digest succeeded. > > + @retval FALSE HMAC-SHA384 data digest failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Update ( > > + IN OUT VOID *HmacSha384Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ) > > +{ > > + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, > DataSize), FALSE); > > +} > > + > > +/** > > + Completes computation of the HMAC-SHA384 digest value. > > + > > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into > > + the specified memory. After this function has been called, the HMAC-SHA384 > context cannot > > + be used again. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If HmacValue is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384Final ( > > + IN OUT VOID *HmacSha384Context, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > HmacValue), FALSE); > > +} > > + > > +/** > > + Computes the HMAC-SHA384 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA384 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +HmacSha384All ( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ) > > +{ > > + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE); > > +} > > + > > // > ================================================================= > ==================== > > // Symmetric Cryptography Primitive > > // > ================================================================= > ==================== > > diff --git a/CryptoPkg/Private/Protocol/Crypto.h > b/CryptoPkg/Private/Protocol/Crypto.h > index c417568e96..6c14cdedca 100644 > --- a/CryptoPkg/Private/Protocol/Crypto.h > +++ b/CryptoPkg/Private/Protocol/Crypto.h > @@ -266,6 +266,194 @@ BOOLEAN > OUT UINT8 *HmacValue > > ); > > > > +/** > > + Computes the HMAC-SHA256 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA256 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest > > + value (32 bytes). > > + > > + @retval TRUE HMAC-SHA256 digest computation succeeded. > > + @retval FALSE HMAC-SHA256 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +typedef > > +BOOLEAN > > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_ALL)( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ); > > + > > +/** > > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. > > + > > + @return Pointer to the HMAC_CTX context that has been initialized. > > + If the allocations fails, HmacSha384New() returns NULL. > > + > > +**/ > > +typedef > > +VOID * > > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_NEW)( > > + VOID > > + ); > > + > > +/** > > + Release the specified HMAC_CTX context. > > + > > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. > > + > > +**/ > > +typedef > > +VOID > > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FREE)( > > + IN VOID *HmacSha384Ctx > > + ); > > + > > +/** > > + Set user-supplied key for subsequent use. It must be done before any > > + calling to HmacSha384Update(). > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + > > + @retval TRUE The Key is set successfully. > > + @retval FALSE The Key is set unsuccessfully. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +typedef > > +BOOLEAN > > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_SET_KEY)( > > + OUT VOID *HmacSha384Context, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize > > + ); > > + > > +/** > > + Makes a copy of an existing HMAC-SHA384 context. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If NewHmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. > > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. > > + > > + @retval TRUE HMAC-SHA384 context copy succeeded. > > + @retval FALSE HMAC-SHA384 context copy failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +typedef > > +BOOLEAN > > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_DUPLICATE)( > > + IN CONST VOID *HmacSha384Context, > > + OUT VOID *NewHmacSha384Context > > + ); > > + > > +/** > > + Digests the input data and updates HMAC-SHA384 context. > > + > > + This function performs HMAC-SHA384 digest on a data buffer of the specified > size. > > + It can be called multiple times to compute the digest of long or > discontinuous > data streams. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid context is undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[in] Data Pointer to the buffer containing the > data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + > > + @retval TRUE HMAC-SHA384 data digest succeeded. > > + @retval FALSE HMAC-SHA384 data digest failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +typedef > > +BOOLEAN > > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_UPDATE)( > > + IN OUT VOID *HmacSha384Context, > > + IN CONST VOID *Data, > > + IN UINTN DataSize > > + ); > > + > > +/** > > + Completes computation of the HMAC-SHA384 digest value. > > + > > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into > > + the specified memory. After this function has been called, the HMAC-SHA384 > context cannot > > + be used again. > > + HMAC-SHA384 context should be initialized by HmacSha384New(), and should > not be finalized > > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. > > + > > + If HmacSha384Context is NULL, then return FALSE. > > + If HmacValue is NULL, then return FALSE. > > + If this interface is not supported, then return FALSE. > > + > > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. > > + @param[out] HmacValue Pointer to a buffer that receives the > HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +typedef > > +BOOLEAN > > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FINAL)( > > + IN OUT VOID *HmacSha384Context, > > + OUT UINT8 *HmacValue > > + ); > > + > > +/** > > + Computes the HMAC-SHA384 digest of a input data buffer. > > + > > + This function performs the HMAC-SHA384 digest of a given data buffer, and > places > > + the digest value into the specified memory. > > + > > + If this interface is not supported, then return FALSE. > > + > > + @param[in] Data Pointer to the buffer containing the data to be > digested. > > + @param[in] DataSize Size of Data buffer in bytes. > > + @param[in] Key Pointer to the user-supplied key. > > + @param[in] KeySize Key size in bytes. > > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest > > + value (48 bytes). > > + > > + @retval TRUE HMAC-SHA384 digest computation succeeded. > > + @retval FALSE HMAC-SHA384 digest computation failed. > > + @retval FALSE This interface is not supported. > > + > > +**/ > > +typedef > > +BOOLEAN > > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_ALL)( > > + IN CONST VOID *Data, > > + IN UINTN DataSize, > > + IN CONST UINT8 *Key, > > + IN UINTN KeySize, > > + OUT UINT8 *HmacValue > > + ); > > + > > // > ================================================================= > ==================== > > // One-Way Cryptographic Hash Primitives > > // > ================================================================= > ==================== > > @@ -3513,6 +3701,15 @@ struct _EDKII_CRYPTO_PROTOCOL { > EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate; > > EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update; > > EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final; > > + EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All; > > + /// HMAC SHA384 > > + EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New; > > + EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free; > > + EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey; > > + EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate; > > + EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update; > > + EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final; > > + EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All; > > /// Md4 - deprecated and unsupported > > DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE > DeprecatedMd4GetContextSize; > > DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init; > > diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c > index 595729424b..9c5b39410d 100644 > --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c > +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c > @@ -64,6 +64,23 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 > HmacSha256Digest[] = { > 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, > 0x2e, > 0x32, 0xcf, 0xf7 > > }; > > > > +// > > +// Key value for HMAC-SHA-384 validation. (From "4. Test Vectors" of IETF > RFC4231) > > +// > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha384Key[20] = { > > + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, > 0x0b, > 0x0b, 0x0b, 0x0b, > > + 0x0b, 0x0b, 0x0b, 0x0b > > +}; > > + > > +// > > +// Result for HMAC-SHA-384 ("Hi There"). (From "4. Test Vectors" of IETF > RFC4231) > > +// > > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha384Digest[] = { > > + 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, 0x6b, 0x08, 0x25, 0xf4, > 0xab, > 0x46, 0x90, 0x7f, > > + 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, 0x82, 0xaa, 0x03, 0x4c, > 0x7c, > 0xeb, 0xc5, 0x9c, > > + 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f, 0x4a, 0xf1, 0x52, 0xe8, > 0xb2, > 0xfa, 0x9c, 0xb6 > > +}; > > + > > typedef > > VOID * > > (EFIAPI *EFI_HMAC_NEW)( > > @@ -109,6 +126,7 @@ typedef struct { > // HMAC_TEST_CONTEXT mHmacMd5TestCtx = {MD5_DIGEST_SIZE, > HmacMd5New, HmacMd5SetKey, HmacMd5Update, HmacMd5Final, > HmacMd5Key, sizeof(HmacMd5Key), HmacMd5Digest}; > > // HMAC_TEST_CONTEXT mHmacSha1TestCtx = {SHA1_DIGEST_SIZE, > HmacSha1New, HmacSha1SetKey, HmacSha1Update, HmacSha1Final, > HmacSha1Key, sizeof(HmacSha1Key), HmacSha1Digest}; > > HMAC_TEST_CONTEXT mHmacSha256TestCtx = { SHA256_DIGEST_SIZE, > HmacSha256New, HmacSha256SetKey, HmacSha256Update, HmacSha256Final, > HmacSha256Key, sizeof (HmacSha256Key), HmacSha256Digest }; > > +HMAC_TEST_CONTEXT mHmacSha384TestCtx = { SHA384_DIGEST_SIZE, > HmacSha384New, HmacSha384SetKey, HmacSha384Update, HmacSha384Final, > HmacSha384Key, sizeof (HmacSha384Key), HmacSha384Digest }; > > > > UNIT_TEST_STATUS > > EFIAPI > > @@ -174,6 +192,7 @@ TEST_DESC mHmacTest[] = { > // > -----Description---------------------Class---------------------Function--------------- > Pre------------------Post------------Context > > // > > { "TestVerifyHmacSha256()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHmac, > TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha256TestCtx }, > > + { "TestVerifyHmacSha384()", "CryptoPkg.BaseCryptLib.Hmac", > TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, > &mHmacSha384TestCtx }, > > // These functions have been deprecated but they've been left commented out > for future reference > > // {"TestVerifyHmacMd5()", "CryptoPkg.BaseCryptLib.Hmac", > TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, > &mHmacMd5TestCtx}, > > // {"TestVerifyHmacSha1()", "CryptoPkg.BaseCryptLib.Hmac", > TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, > &mHmacSha1TestCtx}, > > -- > 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#92637): https://edk2.groups.io/g/devel/message/92637 Mute This Topic: https://groups.io/mt/93179727/21656 Group Owner: [email protected] Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
