From nobody Fri May 17 03:00:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+92653+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92653+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1661238391; cv=none; d=zohomail.com; s=zohoarc; b=Zcag+E9qgXvw/aVHCua/BUi1geWnwT9eo7IXRB14suLliPQHaSppCqVnmHY5+XH8ckCeQ1dvhPeDAyQx9CqzWpUrIU8piBbryQkq3BFpMZg7ewpSsBYfbCF3v7Jp+THaHWr4Dw1NIdtQHPUVtkYneCZz0E3petS1h6yJD6K8oIU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1661238391; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=0RakXmw671f3zbP0k+qWWYO1Tja8OCvhA0lTK5+7kjo=; b=Qd7V5wGS6e/9UseIhBSoH7Aklzjcgb09Kio2OivMU616XRnYM1uC1DMwOcGRb74Vu5oR+Un1eBPtHt8AfrpJvcwG/UgXg1fK03ocqpXZSlZ6EIUQdY2uCvemWXlDTHFl7YuPZwZoqBWS4ZReZSGH1bIVuA5g4IRTaYJPBjj1p10= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92653+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 16612383913761017.1172426062938; Tue, 23 Aug 2022 00:06:31 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 3wFIYY1788612x3CKuBNYHN6; Tue, 23 Aug 2022 00:06:31 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web12.28466.1661238389086803848 for ; Tue, 23 Aug 2022 00:06:30 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10447"; a="294893661" X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="294893661" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Aug 2022 00:06:30 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="677512592" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga004.fm.intel.com with ESMTP; 23 Aug 2022 00:06:28 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH 1/5] CryptoPkg: Add new hmac definition to cryptlib Date: Tue, 23 Aug 2022 15:06:19 +0800 Message-Id: <20220823070623.7002-2-qi1.zhang@intel.com> In-Reply-To: <20220823070623.7002-1-qi1.zhang@intel.com> References: <20220823070623.7002-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: bf2L3uL6F9YKkfy52mMfBm8Kx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1661238391; bh=2eCahaPluikMlHFpxfPvNlB8evK+0F4oZDcjVb/aUd0=; h=Cc:Date:From:Reply-To:Subject:To; b=EAVKPZWafy2F5vGZRg5af1mcFjfYBAgS59fo3ftiN0laVOjSwPCBQ7d2gm2xo6ojowQ A0Gl9Pa2FGzUOZyyLY6AzMLtJuNzxlpG/1yjxCOwJITWHFUNn5a73RyIIydLoNsUU2cJ1 /k6AjRQNMK4SuJFvoTmiIPhpI5PBxS5bJXY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1661238393176100004 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/Include/Library/BaseCryptLib.h | 188 +++++++++++++++++ .../Pcd/PcdCryptoServiceFamilyEnable.h | 13 ++ CryptoPkg/Private/Protocol/Crypto.h | 197 ++++++++++++++++++ 3 files changed, 398 insertions(+) diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/L= ibrary/BaseCryptLib.h index 7d1499350a..3a42e3494f 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -1045,6 +1045,194 @@ HmacSha256Final ( OUT UINT8 *HmacValue ); =20 +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HashValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ); + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ); + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ); + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ); + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ); + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ); + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ); + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HashValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ); + // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Symmetric Cryptography Primitive // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h b/CryptoP= kg/Include/Pcd/PcdCryptoServiceFamilyEnable.h index 3d53c2f105..e646d8ac05 100644 --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h @@ -53,9 +53,22 @@ typedef struct { UINT8 Duplicate : 1; UINT8 Update : 1; UINT8 Final : 1; + UINT8 All : 1; } Services; UINT32 Family; } HmacSha256; + union { + struct { + UINT8 New : 1; + UINT8 Free : 1; + UINT8 SetKey : 1; + UINT8 Duplicate : 1; + UINT8 Update : 1; + UINT8 Final : 1; + UINT8 All : 1; + } Services; + UINT32 Family; + } HmacSha384; union { struct { UINT8 GetContextSize : 1; diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protoc= ol/Crypto.h index c417568e96..6c14cdedca 100644 --- a/CryptoPkg/Private/Protocol/Crypto.h +++ b/CryptoPkg/Private/Protocol/Crypto.h @@ -266,6 +266,194 @@ BOOLEAN OUT UINT8 *HmacValue ); =20 +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_ALL)( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ); + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +typedef +VOID * +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_NEW)( + VOID + ); + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +typedef +VOID +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FREE)( + IN VOID *HmacSha384Ctx + ); + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_SET_KEY)( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ); + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_DUPLICATE)( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ); + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_UPDATE)( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ); + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FINAL)( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ); + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_ALL)( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ); + // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // One-Way Cryptographic Hash Primitives // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D @@ -3513,6 +3701,15 @@ struct _EDKII_CRYPTO_PROTOCOL { EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate; EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update; EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final; + EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All; + /// HMAC SHA384 + EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New; + EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free; + EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey; + EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate; + EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update; + EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final; + EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All; /// Md4 - deprecated and unsupported DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE DeprecatedMd4GetConte= xtSize; DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init; --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#92653): https://edk2.groups.io/g/devel/message/92653 Mute This Topic: https://groups.io/mt/93199405/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 03:00:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+92654+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92654+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1661238394; cv=none; d=zohomail.com; s=zohoarc; b=k+MDdDY9ujwbdBV3a5sSgMVXjHzJJ3abGAMqEV7r4aVLFUsLpRXLtZ+5TXQWH1LRT0WXyUPKjpO0ia+zQQKaykDW8KRhNU78joax3xriM6tGgqY6WRxzPOJ3PV0YXkIT9xdS67/uazwWFms4XUHc4Gs+zN0xBz6phrhLiaOqp78= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1661238394; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=IjeCC033QwiT+LRTbnIh5dClV/XioW4KKmemdVNxbwE=; b=QHzT7W4icsazv3Ay7eJMXiT4SK9NJZFujZ6qQZ6OJ7l/1P7x0i7uz2DFtChXCPwIN+ICXwpjId3ldSLAobhzuzEhkAwbTZTzrTNbfnvGzd8LmFzzvdjuI3llNIcT+B/PmrxGvM2M6uESCjUgx+8mxAZgI2QGLldm6erMAH6uakk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92654+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1661238394092113.58396824603017; Tue, 23 Aug 2022 00:06:34 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jgSrYY1788612x4qHRUU8RVM; Tue, 23 Aug 2022 00:06:33 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web12.28466.1661238389086803848 for ; Tue, 23 Aug 2022 00:06:33 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10447"; a="294893697" X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="294893697" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Aug 2022 00:06:32 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="677512602" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga004.fm.intel.com with ESMTP; 23 Aug 2022 00:06:30 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH 2/5] CryptoPkg: Add HMAC-SHA384 cipher support. Date: Tue, 23 Aug 2022 15:06:20 +0800 Message-Id: <20220823070623.7002-3-qi1.zhang@intel.com> In-Reply-To: <20220823070623.7002-1-qi1.zhang@intel.com> References: <20220823070623.7002-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: k6lP0hKwCVnr67pmpnUY6cOAx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1661238393; bh=HsGqLNTqnt3Gj9e6sJaHkzAegzWVgmoGdu4vel9fWaE=; h=Cc:Date:From:Reply-To:Subject:To; b=b7wIk6rzvd0ZD8EyWo+C0At0Hg9yJ99KDFJas+Y1DLKBp+ieDoMwkXo6mkXtF5I+XoM inS7jYgVVpZwuOtLEwUCSeTu+eftiGeOu7HJODbj17T/E4fkcjU0o60HV7ZItdCs/0A7N sWNOZA3h7NsMPSDCFp/AVotyxvDN6ocgCDw= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1661238395246100009 Content-Type: text/plain; charset="utf-8" Rename file from CryptHmacSha256 to CryptHmac and add HmacSha384 and HmacSha256All funcitons. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- .../Library/BaseCryptLib/Hmac/CryptHmac.c | 629 ++++++++++++++++++ .../Library/BaseCryptLib/Hmac/CryptHmacNull.c | 359 ++++++++++ .../BaseCryptLib/Hmac/CryptHmacSha256.c | 217 ------ .../BaseCryptLib/Hmac/CryptHmacSha256Null.c | 139 ---- .../BaseCryptLibNull/Hmac/CryptHmacNull.c | 359 ++++++++++ .../Hmac/CryptHmacSha256Null.c | 139 ---- 6 files changed, 1347 insertions(+), 495 deletions(-) create mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c create mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null= .c create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256= Null.c diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c b/CryptoPkg/Li= brary/BaseCryptLib/Hmac/CryptHmac.c new file mode 100644 index 0000000000..2786267a0b --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c @@ -0,0 +1,629 @@ +/** @file + HMAC-SHA256/SHA384 Wrapper Implementation over OpenSSL. + +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD us= e. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacMdNew() returns NULL. + +**/ +VOID * +HmacMdNew ( + VOID + ) +{ + // + // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new() + // + return (VOID *)HMAC_CTX_new (); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacMdCtx Pointer to the HMAC_CTX context to be released. + +**/ +VOID +HmacMdFree ( + IN VOID *HmacMdCtx + ) +{ + // + // Free OpenSSL HMAC_CTX Context + // + HMAC_CTX_free ((HMAC_CTX *)HmacMdCtx); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacMdUpdate(). + + If HmacMdContext is NULL, then return FALSE. + + @param[in] Md Message Digest. + @param[out] HmacMdContext Pointer to HMAC-MD context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + +**/ +BOOLEAN +HmacMdSetKey ( + IN CONST EVP_MD *Md, + OUT VOID *HmacMdContext, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + // + // Check input parameters. + // + if ((HmacMdContext =3D=3D NULL) || (KeySize > INT_MAX)) { + return FALSE; + } + + if (HMAC_Init_ex ((HMAC_CTX *)HmacMdContext, Key, (UINT32)KeySize, Md, N= ULL) !=3D 1) { + return FALSE; + } + + return TRUE; +} + +/** + Makes a copy of an existing HMAC-MD context. + + If HmacMdContext is NULL, then return FALSE. + If NewHmacMdContext is NULL, then return FALSE. + + @param[in] HmacMdContext Pointer to HMAC-MD context being copied. + @param[out] NewHmacMdContext Pointer to new HMAC-MD context. + + @retval TRUE HMAC-MD context copy succeeded. + @retval FALSE HMAC-MD context copy failed. + +**/ +BOOLEAN +HmacMdDuplicate ( + IN CONST VOID *HmacMdContext, + OUT VOID *NewHmacMdContext + ) +{ + // + // Check input parameters. + // + if ((HmacMdContext =3D=3D NULL) || (NewHmacMdContext =3D=3D NULL)) { + return FALSE; + } + + if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacMdContext, (HMAC_CTX *)HmacMdConte= xt) !=3D 1) { + return FALSE; + } + + return TRUE; +} + +/** + Digests the input data and updates HMAC-MD context. + + This function performs HMAC-MD digest on a data buffer of the specified = size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-MD context should be initialized by HmacMdNew(), and should not be = finalized + by HmacMdFinal(). Behavior with invalid context is undefined. + + If HmacMdContext is NULL, then return FALSE. + + @param[in, out] HmacMdContext Pointer to the HMAC-MD context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-MD data digest succeeded. + @retval FALSE HMAC-MD data digest failed. + +**/ +BOOLEAN +HmacMdUpdate ( + IN OUT VOID *HmacMdContext, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + // + // Check input parameters. + // + if (HmacMdContext =3D=3D NULL) { + return FALSE; + } + + // + // Check invalid parameters, in case that only DataLength was checked in= OpenSSL + // + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + // + // OpenSSL HMAC-MD digest update + // + if (HMAC_Update ((HMAC_CTX *)HmacMdContext, Data, DataSize) !=3D 1) { + return FALSE; + } + + return TRUE; +} + +/** + Completes computation of the HMAC-MD digest value. + + This function completes HMAC-MD hash computation and retrieves the diges= t value into + the specified memory. After this function has been called, the HMAC-MD c= ontext cannot + be used again. + HMAC-MD context should be initialized by HmacMdNew(), and should not be = finalized + by HmacMdFinal(). Behavior with invalid HMAC-MD context is undefined. + + If HmacMdContext is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + + @param[in, out] HmacMdContext Pointer to the HMAC-MD context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-MD digest + value. + + @retval TRUE HMAC-MD digest computation succeeded. + @retval FALSE HMAC-MD digest computation failed. + +**/ +BOOLEAN +HmacMdFinal ( + IN OUT VOID *HmacMdContext, + OUT UINT8 *HmacValue + ) +{ + UINT32 Length; + + // + // Check input parameters. + // + if ((HmacMdContext =3D=3D NULL) || (HmacValue =3D=3D NULL)) { + return FALSE; + } + + // + // OpenSSL HMAC-MD digest finalization + // + if (HMAC_Final ((HMAC_CTX *)HmacMdContext, HmacValue, &Length) !=3D 1) { + return FALSE; + } + + if (HMAC_CTX_reset ((HMAC_CTX *)HmacMdContext) !=3D 1) { + return FALSE; + } + + return TRUE; +} + +/** + Computes the HMAC-MD digest of a input data buffer. + + This function performs the HMAC-MD digest of a given data buffer, and pl= aces + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Md Message Digest. + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-MD d= igest + value. + + @retval TRUE HMAC-MD digest computation succeeded. + @retval FALSE HMAC-MD digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +HmacMdAll ( + IN CONST EVP_MD *Md, + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + UINT32 Length; + HMAC_CTX *Ctx; + BOOLEAN RetVal; + + Ctx =3D HMAC_CTX_new (); + if (Ctx =3D=3D NULL) { + return FALSE; + } + + RetVal =3D (BOOLEAN)HMAC_CTX_reset (Ctx); + if (!RetVal) { + goto Done; + } + + RetVal =3D (BOOLEAN)HMAC_Init_ex (Ctx, Key, (UINT32)KeySize, Md, NULL); + if (!RetVal) { + goto Done; + } + + RetVal =3D (BOOLEAN)HMAC_Update (Ctx, Data, DataSize); + if (!RetVal) { + goto Done; + } + + RetVal =3D (BOOLEAN)HMAC_Final (Ctx, HmacValue, &Length); + if (!RetVal) { + goto Done; + } + +Done: + HMAC_CTX_free (Ctx); + + return RetVal; +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha256New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha256New ( + VOID + ) +{ + return HmacMdNew (); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha256Free ( + IN VOID *HmacSha256Ctx + ) +{ + HmacMdFree (HmacSha256Ctx); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha256Update(). + + If HmacSha256Context is NULL, then return FALSE. + + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + +**/ +BOOLEAN +EFIAPI +HmacSha256SetKey ( + OUT VOID *HmacSha256Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + return HmacMdSetKey (EVP_sha256 (), HmacSha256Context, Key, KeySize); +} + +/** + Makes a copy of an existing HMAC-SHA256 context. + + If HmacSha256Context is NULL, then return FALSE. + If NewHmacSha256Context is NULL, then return FALSE. + + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. + + @retval TRUE HMAC-SHA256 context copy succeeded. + @retval FALSE HMAC-SHA256 context copy failed. + +**/ +BOOLEAN +EFIAPI +HmacSha256Duplicate ( + IN CONST VOID *HmacSha256Context, + OUT VOID *NewHmacSha256Context + ) +{ + return HmacMdDuplicate (HmacSha256Context, NewHmacSha256Context); +} + +/** + Digests the input data and updates HMAC-SHA256 context. + + This function performs HMAC-SHA256 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA256 context should be initialized by HmacSha256New(), and should= not be finalized + by HmacSha256Final(). Behavior with invalid context is undefined. + + If HmacSha256Context is NULL, then return FALSE. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA256 data digest succeeded. + @retval FALSE HMAC-SHA256 data digest failed. + +**/ +BOOLEAN +EFIAPI +HmacSha256Update ( + IN OUT VOID *HmacSha256Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + return HmacMdUpdate (HmacSha256Context, Data, DataSize); +} + +/** + Completes computation of the HMAC-SHA256 digest value. + + This function completes HMAC-SHA256 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA2= 56 context cannot + be used again. + HMAC-SHA256 context should be initialized by HmacSha256New(), and should= not be finalized + by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undef= ined. + + If HmacSha256Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + +**/ +BOOLEAN +EFIAPI +HmacSha256Final ( + IN OUT VOID *HmacSha256Context, + OUT UINT8 *HmacValue + ) +{ + return HmacMdFinal (HmacSha256Context, HmacValue); +} + +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + return HmacMdAll (EVP_sha256 (), Data, DataSize, Key, KeySize, HmacValue= ); +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ) +{ + return HmacMdNew (); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + HmacMdFree (HmacSha384Ctx); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + return HmacMdSetKey (EVP_sha384 (), HmacSha384Context, Key, KeySize); +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + return HmacMdDuplicate (HmacSha384Context, NewHmacSha384Context); +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + return HmacMdUpdate (HmacSha384Context, Data, DataSize); +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + return HmacMdFinal (HmacSha384Context, HmacValue); +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + return HmacMdAll (EVP_sha384 (), Data, DataSize, Key, KeySize, HmacValue= ); +} diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c b/CryptoPk= g/Library/BaseCryptLib/Hmac/CryptHmacNull.c new file mode 100644 index 0000000000..0a76db41ec --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c @@ -0,0 +1,359 @@ +/** @file + HMAC-SHA256/SHA384 Wrapper Implementation which does not provide real ca= pabilities. + +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. + + Return NULL to indicate this interface is not supported. + + @return NULL This interface is not supported.. + +**/ +VOID * +EFIAPI +HmacSha256New ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Release the specified HMAC_CTX context. + + This function will do nothing. + + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha256Free ( + IN VOID *HmacSha256Ctx + ) +{ + ASSERT (FALSE); + return; +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha256Update(). + + Return FALSE to indicate this interface is not supported. + + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256SetKey ( + OUT VOID *HmacSha256Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Makes a copy of an existing HMAC-SHA256 context. + + Return FALSE to indicate this interface is not supported. + + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Duplicate ( + IN CONST VOID *HmacSha256Context, + OUT VOID *NewHmacSha256Context + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Digests the input data and updates HMAC-SHA256 context. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Update ( + IN OUT VOID *HmacSha256Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Completes computation of the HMAC-SHA256 digest value. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest + value (32 bytes). + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Final ( + IN OUT VOID *HmacSha256Context, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + ASSERT (FALSE); + return; +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c b/Crypto= Pkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c deleted file mode 100644 index 7e83551c1b..0000000000 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c +++ /dev/null @@ -1,217 +0,0 @@ -/** @file - HMAC-SHA256 Wrapper Implementation over OpenSSL. - -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "InternalCryptLib.h" -#include - -/** - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. - - @return Pointer to the HMAC_CTX context that has been initialized. - If the allocations fails, HmacSha256New() returns NULL. - -**/ -VOID * -EFIAPI -HmacSha256New ( - VOID - ) -{ - // - // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new() - // - return (VOID *)HMAC_CTX_new (); -} - -/** - Release the specified HMAC_CTX context. - - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. - -**/ -VOID -EFIAPI -HmacSha256Free ( - IN VOID *HmacSha256Ctx - ) -{ - // - // Free OpenSSL HMAC_CTX Context - // - HMAC_CTX_free ((HMAC_CTX *)HmacSha256Ctx); -} - -/** - Set user-supplied key for subsequent use. It must be done before any - calling to HmacSha256Update(). - - If HmacSha256Context is NULL, then return FALSE. - - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. - @param[in] Key Pointer to the user-supplied key. - @param[in] KeySize Key size in bytes. - - @retval TRUE The Key is set successfully. - @retval FALSE The Key is set unsuccessfully. - -**/ -BOOLEAN -EFIAPI -HmacSha256SetKey ( - OUT VOID *HmacSha256Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - // - // Check input parameters. - // - if ((HmacSha256Context =3D=3D NULL) || (KeySize > INT_MAX)) { - return FALSE; - } - - if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32)KeySize, E= VP_sha256 (), NULL) !=3D 1) { - return FALSE; - } - - return TRUE; -} - -/** - Makes a copy of an existing HMAC-SHA256 context. - - If HmacSha256Context is NULL, then return FALSE. - If NewHmacSha256Context is NULL, then return FALSE. - - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. - - @retval TRUE HMAC-SHA256 context copy succeeded. - @retval FALSE HMAC-SHA256 context copy failed. - -**/ -BOOLEAN -EFIAPI -HmacSha256Duplicate ( - IN CONST VOID *HmacSha256Context, - OUT VOID *NewHmacSha256Context - ) -{ - // - // Check input parameters. - // - if ((HmacSha256Context =3D=3D NULL) || (NewHmacSha256Context =3D=3D NULL= )) { - return FALSE; - } - - if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacSha256Context, (HMAC_CTX *)HmacSha= 256Context) !=3D 1) { - return FALSE; - } - - return TRUE; -} - -/** - Digests the input data and updates HMAC-SHA256 context. - - This function performs HMAC-SHA256 digest on a data buffer of the specif= ied size. - It can be called multiple times to compute the digest of long or discont= inuous data streams. - HMAC-SHA256 context should be initialized by HmacSha256New(), and should= not be finalized - by HmacSha256Final(). Behavior with invalid context is undefined. - - If HmacSha256Context is NULL, then return FALSE. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[in] Data Pointer to the buffer containing the = data to be digested. - @param[in] DataSize Size of Data buffer in bytes. - - @retval TRUE HMAC-SHA256 data digest succeeded. - @retval FALSE HMAC-SHA256 data digest failed. - -**/ -BOOLEAN -EFIAPI -HmacSha256Update ( - IN OUT VOID *HmacSha256Context, - IN CONST VOID *Data, - IN UINTN DataSize - ) -{ - // - // Check input parameters. - // - if (HmacSha256Context =3D=3D NULL) { - return FALSE; - } - - // - // Check invalid parameters, in case that only DataLength was checked in= OpenSSL - // - if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { - return FALSE; - } - - // - // OpenSSL HMAC-SHA256 digest update - // - if (HMAC_Update ((HMAC_CTX *)HmacSha256Context, Data, DataSize) !=3D 1) { - return FALSE; - } - - return TRUE; -} - -/** - Completes computation of the HMAC-SHA256 digest value. - - This function completes HMAC-SHA256 hash computation and retrieves the d= igest value into - the specified memory. After this function has been called, the HMAC-SHA2= 56 context cannot - be used again. - HMAC-SHA256 context should be initialized by HmacSha256New(), and should= not be finalized - by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undef= ined. - - If HmacSha256Context is NULL, then return FALSE. - If HmacValue is NULL, then return FALSE. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest - value (32 bytes). - - @retval TRUE HMAC-SHA256 digest computation succeeded. - @retval FALSE HMAC-SHA256 digest computation failed. - -**/ -BOOLEAN -EFIAPI -HmacSha256Final ( - IN OUT VOID *HmacSha256Context, - OUT UINT8 *HmacValue - ) -{ - UINT32 Length; - - // - // Check input parameters. - // - if ((HmacSha256Context =3D=3D NULL) || (HmacValue =3D=3D NULL)) { - return FALSE; - } - - // - // OpenSSL HMAC-SHA256 digest finalization - // - if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) !=3D = 1) { - return FALSE; - } - - if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) !=3D 1) { - return FALSE; - } - - return TRUE; -} diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c b/Cr= yptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c deleted file mode 100644 index 2e3cb3bdfe..0000000000 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c +++ /dev/null @@ -1,139 +0,0 @@ -/** @file - HMAC-SHA256 Wrapper Implementation which does not provide real capabilit= ies. - -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "InternalCryptLib.h" - -/** - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. - - Return NULL to indicate this interface is not supported. - - @return NULL This interface is not supported.. - -**/ -VOID * -EFIAPI -HmacSha256New ( - VOID - ) -{ - ASSERT (FALSE); - return NULL; -} - -/** - Release the specified HMAC_CTX context. - - This function will do nothing. - - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. - -**/ -VOID -EFIAPI -HmacSha256Free ( - IN VOID *HmacSha256Ctx - ) -{ - ASSERT (FALSE); - return; -} - -/** - Set user-supplied key for subsequent use. It must be done before any - calling to HmacSha256Update(). - - Return FALSE to indicate this interface is not supported. - - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. - @param[in] Key Pointer to the user-supplied key. - @param[in] KeySize Key size in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256SetKey ( - OUT VOID *HmacSha256Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Makes a copy of an existing HMAC-SHA256 context. - - Return FALSE to indicate this interface is not supported. - - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Duplicate ( - IN CONST VOID *HmacSha256Context, - OUT VOID *NewHmacSha256Context - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Digests the input data and updates HMAC-SHA256 context. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[in] Data Pointer to the buffer containing the = data to be digested. - @param[in] DataSize Size of Data buffer in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Update ( - IN OUT VOID *HmacSha256Context, - IN CONST VOID *Data, - IN UINTN DataSize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Completes computation of the HMAC-SHA256 digest value. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest - value (32 bytes). - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Final ( - IN OUT VOID *HmacSha256Context, - OUT UINT8 *HmacValue - ) -{ - ASSERT (FALSE); - return FALSE; -} diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c b/Cryp= toPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c new file mode 100644 index 0000000000..0a76db41ec --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c @@ -0,0 +1,359 @@ +/** @file + HMAC-SHA256/SHA384 Wrapper Implementation which does not provide real ca= pabilities. + +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. + + Return NULL to indicate this interface is not supported. + + @return NULL This interface is not supported.. + +**/ +VOID * +EFIAPI +HmacSha256New ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Release the specified HMAC_CTX context. + + This function will do nothing. + + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha256Free ( + IN VOID *HmacSha256Ctx + ) +{ + ASSERT (FALSE); + return; +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha256Update(). + + Return FALSE to indicate this interface is not supported. + + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256SetKey ( + OUT VOID *HmacSha256Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Makes a copy of an existing HMAC-SHA256 context. + + Return FALSE to indicate this interface is not supported. + + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Duplicate ( + IN CONST VOID *HmacSha256Context, + OUT VOID *NewHmacSha256Context + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Digests the input data and updates HMAC-SHA256 context. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Update ( + IN OUT VOID *HmacSha256Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Completes computation of the HMAC-SHA256 digest value. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest + value (32 bytes). + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Final ( + IN OUT VOID *HmacSha256Context, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + ASSERT (FALSE); + return; +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c = b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c deleted file mode 100644 index 2e3cb3bdfe..0000000000 --- a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c +++ /dev/null @@ -1,139 +0,0 @@ -/** @file - HMAC-SHA256 Wrapper Implementation which does not provide real capabilit= ies. - -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "InternalCryptLib.h" - -/** - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. - - Return NULL to indicate this interface is not supported. - - @return NULL This interface is not supported.. - -**/ -VOID * -EFIAPI -HmacSha256New ( - VOID - ) -{ - ASSERT (FALSE); - return NULL; -} - -/** - Release the specified HMAC_CTX context. - - This function will do nothing. - - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. - -**/ -VOID -EFIAPI -HmacSha256Free ( - IN VOID *HmacSha256Ctx - ) -{ - ASSERT (FALSE); - return; -} - -/** - Set user-supplied key for subsequent use. It must be done before any - calling to HmacSha256Update(). - - Return FALSE to indicate this interface is not supported. - - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. - @param[in] Key Pointer to the user-supplied key. - @param[in] KeySize Key size in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256SetKey ( - OUT VOID *HmacSha256Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Makes a copy of an existing HMAC-SHA256 context. - - Return FALSE to indicate this interface is not supported. - - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Duplicate ( - IN CONST VOID *HmacSha256Context, - OUT VOID *NewHmacSha256Context - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Digests the input data and updates HMAC-SHA256 context. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[in] Data Pointer to the buffer containing the = data to be digested. - @param[in] DataSize Size of Data buffer in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Update ( - IN OUT VOID *HmacSha256Context, - IN CONST VOID *Data, - IN UINTN DataSize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Completes computation of the HMAC-SHA256 digest value. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest - value (32 bytes). - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Final ( - IN OUT VOID *HmacSha256Context, - OUT UINT8 *HmacValue - ) -{ - ASSERT (FALSE); - return FALSE; -} --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#92654): https://edk2.groups.io/g/devel/message/92654 Mute This Topic: https://groups.io/mt/93199407/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 03:00:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+92655+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92655+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1661238396; cv=none; d=zohomail.com; s=zohoarc; b=Zt4uAyUI991YDJ943VzvwicYahrImVguFBfEirtx8njXvH0StgPI3UBwrq0wSs3WiltVVR8zhDNEWnQ+BzZRLBqucnRtCIxTM6rktMpW4dputDdg5GQ9a5EPjJDbPxL14Ceek4n96TLtASOVSBHXHzPAqQWnDCKQ+oSd7LLx2t8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1661238396; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=YwTCWdJcJ/lqPNxuKHcPOnLacDT7OJYtdZfLdPqSuUI=; b=a4cVErrr+02COXnzQEW18d/NO+4y7NOi9qimsIH4EXmNFcFgwtvB7cSi3lH1j/C/iU3vkBTWifjna4z8MQSTcvQlL7THXVqSWfKk0D0HE1ZjVYCilow46f+TZCF5LsjIBDouQZyXEKzff1+AjryHz7f7Hmdj/CfuK5rIYxTXD3w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92655+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1661238396830569.516436005543; Tue, 23 Aug 2022 00:06:36 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id mYbEYY1788612xpjDbotdGyM; Tue, 23 Aug 2022 00:06:35 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web12.28466.1661238389086803848 for ; Tue, 23 Aug 2022 00:06:34 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10447"; a="294893712" X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="294893712" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Aug 2022 00:06:34 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="677512609" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga004.fm.intel.com with ESMTP; 23 Aug 2022 00:06:32 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH 3/5] CryptoPkg: Update CryptLib inf as the file name changed. Date: Tue, 23 Aug 2022 15:06:21 +0800 Message-Id: <20220823070623.7002-4-qi1.zhang@intel.com> In-Reply-To: <20220823070623.7002-1-qi1.zhang@intel.com> References: <20220823070623.7002-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: DYQaf5WugpedxCqQoF6GcX1Ox1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1661238395; bh=hN3ESulkDqlbYr6dt27wQv75icfpiaMyOpkUZLuw2j8=; h=Cc:Date:From:Reply-To:Subject:To; b=MDCXXXonGNzRVehkJhk+kvkexNpxZPAL+kLqEfrW0rfOdStC/bdeUdE4T53kgWOEc8J mx5KxuL927dBoA7CXemg69sO8bXHNnZZOTdwApJ+F3AyFPlC7oqh8W2XCjWduHIJTplz4 1NMAZoiJLlNtyMqCsvcZ4xm/t6a8OT6Wzpk= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1661238397203100013 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Li= brary/BaseCryptLib/BaseCryptLib.inf index 3d7b917103..2a9664ad3e 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -35,7 +35,7 @@ Hash/CryptSha512.c Hash/CryptSm3.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/PeiCryptLib.inf index 01de27e037..f88f8312f6 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -41,7 +41,7 @@ Hash/CryptSm3.c Hash/CryptSha512.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAesNull.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg= /Library/BaseCryptLib/RuntimeCryptLib.inf index d28fb98b66..9213952701 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -41,7 +41,7 @@ Hash/CryptSm3.c Hash/CryptSha512.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SecCryptLib.inf index 070b44447e..0b1dd31c41 100644 --- a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf @@ -34,7 +34,7 @@ Hash/CryptSha256Null.c Hash/CryptSm3Null.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256Null.c + Hmac/CryptHmacNull.c Kdf/CryptHkdfNull.c Cipher/CryptAesNull.c Pk/CryptRsaBasicNull.c diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SmmCryptLib.inf index 91a1715095..ed76520fcc 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -42,7 +42,7 @@ Hash/CryptXkcp.c Hash/CryptCShake256.c Hash/CryptParallelHash.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdfNull.c Cipher/CryptAes.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/Cryp= toPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf index 63d1d82d19..728e0793ac 100644 --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf @@ -35,7 +35,7 @@ Hash/CryptSha512Null.c Hash/CryptSm3Null.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256Null.c + Hmac/CryptHmacNull.c Kdf/CryptHkdfNull.c Cipher/CryptAesNull.c Pk/CryptRsaBasicNull.c --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#92655): https://edk2.groups.io/g/devel/message/92655 Mute This Topic: https://groups.io/mt/93199408/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 03:00:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+92656+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92656+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1661238397; cv=none; d=zohomail.com; s=zohoarc; b=d3wPOnxdzHU/miYDlcaqBTtDg2+G1/Yv+vxuwDGXFSn38irDpobNu1J6ep/79n0/+t5SeSs0UQKvwcyhcseig2zVx3vABjiwkbflPiOwGjnr6O9xCs/uu8pZh25PdPN8HnoNapuVAZFicvPbmZFZMNPdmBhlrICNahXW85yOCIw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1661238397; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=PBH/8S9f8e9Ugjpux6Qo55SFDY1OlH38PlBLelFH4Ps=; b=JlAvBFesSiUJA4401wQEpAmZ4R9Vue4Iqqr3nchXRu6K8cSaNIbBe+s3ZlXOv4HslQbBx3Vb+ZZBVAhNF6idJ+DU+VnUMz1X5cR0468c5wLyIf8I0SP6Ljwr6T7x87BcUnowBdb+rggjBDINZ11PbmXKl6tgpux1wJt7Osz8ZJI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92656+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1661238397476824.9416102379611; Tue, 23 Aug 2022 00:06:37 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id cfKPYY1788612xKkk8FjXXsT; Tue, 23 Aug 2022 00:06:37 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web12.28466.1661238389086803848 for ; Tue, 23 Aug 2022 00:06:36 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10447"; a="294893718" X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="294893718" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Aug 2022 00:06:36 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="677512618" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga004.fm.intel.com with ESMTP; 23 Aug 2022 00:06:34 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH 4/5] CryptoPkg: Add new hmac SHA api to Crypto Service. Date: Tue, 23 Aug 2022 15:06:22 +0800 Message-Id: <20220823070623.7002-5-qi1.zhang@intel.com> In-Reply-To: <20220823070623.7002-1-qi1.zhang@intel.com> References: <20220823070623.7002-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: ZFLygLEKT9CfkCzM2xyl0mMrx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1661238397; bh=HrmPR9qP+6hJaKKOzr7fCS+agxE/ON0rVNrj28K7pwk=; h=Cc:Date:From:Reply-To:Subject:To; b=oani7rNZLao28SN4MpRa/y2gtngGsAXSFJeNL3U+mKjtwyXAPNtF0QC4IrzYqi4kx31 MJixPG/qnimNQ8QlvOCIrbZ4UrsYo35sHktKt064nZ15jo4G0++ma4vo/C6aHDEDso36a oDjTwXRe0xZyLEiQci0JCSYOsjbHlYI3InE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1661238399261100017 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- CryptoPkg/CryptoPkg.dsc | 3 + CryptoPkg/Driver/Crypto.c | 221 ++++++++++++++++++ .../BaseCryptLibOnProtocolPpi/CryptLib.c | 212 +++++++++++++++++ 3 files changed, 436 insertions(+) diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 50e7721f25..417804f64f 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -147,6 +147,7 @@ =20 !if $(CRYPTO_SERVICES) IN "PACKAGE ALL" gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md5.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY @@ -172,6 +173,7 @@ =20 !if $(CRYPTO_SERVICES) =3D=3D MIN_PEI gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY @@ -186,6 +188,7 @@ =20 !if $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs1v2Encrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7Verify | TRUE diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c index 76cb9f4da0..cdbba2b811 100644 --- a/CryptoPkg/Driver/Crypto.c +++ b/CryptoPkg/Driver/Crypto.c @@ -1847,6 +1847,218 @@ CryptoServiceHmacSha256Final ( return CALL_BASECRYPTLIB (HmacSha256.Services.Final, HmacSha256Final, (H= macSha256Context, HmacValue), FALSE); } =20 +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + return CALL_BASECRYPTLIB (HmacSha256.Services.All, HmacSha256All, (Data,= DataSize, Key, KeySize, HmacValue), FALSE); +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +CryptoServiceHmacSha384New ( + VOID + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.New, HmacSha384New, (), NU= LL); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +CryptoServiceHmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + CALL_VOID_BASECRYPTLIB (HmacSha384.Services.Free, HmacSha384Free, (HmacS= ha384Ctx)); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.SetKey, HmacSha384SetKey, = (HmacSha384Context, Key, KeySize), FALSE); +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.Duplicate, HmacSha256Dupli= cate, (HmacSha384Context, NewHmacSha384Context), FALSE); +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.Update, HmacSha384Update, = (HmacSha384Context, Data, DataSize), FALSE); +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.Final, HmacSha384Final, (H= macSha384Context, HmacValue), FALSE); +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.All, HmacSha384All, (Data,= DataSize, Key, KeySize, HmacValue), FALSE); +} + // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Symmetric Cryptography Primitive // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D @@ -4606,6 +4818,15 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =3D { CryptoServiceHmacSha256Duplicate, CryptoServiceHmacSha256Update, CryptoServiceHmacSha256Final, + CryptoServiceHmacSha256All, + /// HMAC SHA384 + CryptoServiceHmacSha384New, + CryptoServiceHmacSha384Free, + CryptoServiceHmacSha384SetKey, + CryptoServiceHmacSha384Duplicate, + CryptoServiceHmacSha384Update, + CryptoServiceHmacSha384Final, + CryptoServiceHmacSha384All, /// Md4 - deprecated and unsupported DeprecatedCryptoServiceMd4GetContextSize, DeprecatedCryptoServiceMd4Init, diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/Crypt= oPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c index 8ee1b53cf9..0218e9b594 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c @@ -1201,6 +1201,218 @@ HmacSha256Final ( CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), FA= LSE); } =20 +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, HmacV= alue), FALSE); +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, KeySize)= , FALSE); +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, NewHmacSha= 384Context), FALSE); +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, DataSiz= e), FALSE); +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, HmacValue), FA= LSE); +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, HmacV= alue), FALSE); +} + // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Symmetric Cryptography Primitive // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#92656): https://edk2.groups.io/g/devel/message/92656 Mute This Topic: https://groups.io/mt/93199411/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Fri May 17 03:00:43 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+92657+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92657+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1661238399; cv=none; d=zohomail.com; s=zohoarc; b=LySnE4k+wxk3VumCnSO8Q1aUjJVHMtI8gLnT9JYvKJKT/qIKA28uM9lCcX0IW43fP59I37y+2e48S8wulK7OqlLEVytX0Cx7bGdZk70Kl+WDnuJqiUkZTTafS38p2mbw52kTOAlHwD3O/X2pDSoCPYJNekSlSCgsyYb6hGHfz+0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1661238399; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=HgSm6Acd+AztCUBOREQnNHhmWFhtuK+uuITi3p1zUmg=; b=N0i7kloqA/8jYOGE1fAUOKe1zUDDGHLm5/lrjCMcThbThj902NJD664YF+kGCEjIlRwHZkF1wc/XeDm1Cs0mEz9qnqnM3Wi26MW1TMmy12Y1puNqr+8X4oF56OuBTmJrs+VxhPpaTBm/I1kBEz7P5qmO8C5uHEc44mjxGZzjnno= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+92657+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1661238399919249.93157902287373; Tue, 23 Aug 2022 00:06:39 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id g3WPYY1788612xu0KsA2VRJI; Tue, 23 Aug 2022 00:06:39 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web12.28466.1661238389086803848 for ; Tue, 23 Aug 2022 00:06:38 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10447"; a="294893721" X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="294893721" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Aug 2022 00:06:38 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="677512635" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga004.fm.intel.com with ESMTP; 23 Aug 2022 00:06:36 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH 5/5] CryptoPkg: add Hmac Sha384 to host UnitTest. Date: Tue, 23 Aug 2022 15:06:23 +0800 Message-Id: <20220823070623.7002-6-qi1.zhang@intel.com> In-Reply-To: <20220823070623.7002-1-qi1.zhang@intel.com> References: <20220823070623.7002-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: A3u0HuoAOwe64fUeUI38H50Rx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1661238399; bh=5qp7FNMAPfD/jk0LC0P9haK+VBtdphv+dB1wIdjlAnY=; h=Cc:Date:From:Reply-To:Subject:To; b=KXWEAnWSdL4MblrvLyS1+Qco+oG39Myutg5e5EcQ0wmjKDDCcOwD5YEcCt84ghux3B8 5niUa0GIsm99IJlIZnHC6o7gapb61feeomsaX7TMY5GWmWm4q4aBufzMdieVsS8dyD1W3 LSbTXcD6bfFTgy4KNkO0TAOZciExwTOTHM4= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1661238401201100021 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang --- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 +- .../UnitTest/Library/BaseCryptLib/HmacTests.c | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf b/= CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf index 11ff1c6931..63282dc5ab 100644 --- a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf @@ -28,7 +28,7 @@ Hash/CryptSha256.c Hash/CryptSha512.c Hash/CryptSm3.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c b/Cry= ptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c index 595729424b..9c5b39410d 100644 --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c @@ -64,6 +64,23 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha256Dig= est[] =3D { 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, = 0x2e, 0x32, 0xcf, 0xf7 }; =20 +// +// Key value for HMAC-SHA-384 validation. (From "4. Test Vectors" of IETF = RFC4231) +// +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha384Key[20] =3D { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, = 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b +}; + +// +// Result for HMAC-SHA-384 ("Hi There"). (From "4. Test Vectors" of IETF R= FC4231) +// +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha384Digest[] =3D { + 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, 0x6b, 0x08, 0x25, 0xf4, = 0xab, 0x46, 0x90, 0x7f, + 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, 0x82, 0xaa, 0x03, 0x4c, = 0x7c, 0xeb, 0xc5, 0x9c, + 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f, 0x4a, 0xf1, 0x52, 0xe8, = 0xb2, 0xfa, 0x9c, 0xb6 +}; + typedef VOID * (EFIAPI *EFI_HMAC_NEW)( @@ -109,6 +126,7 @@ typedef struct { // HMAC_TEST_CONTEXT mHmacMd5TestCtx =3D {MD5_DIGEST_SIZE, Hma= cMd5New, HmacMd5SetKey, HmacMd5Update, HmacMd5Final, HmacMd5Key= , sizeof(HmacMd5Key), HmacMd5Digest}; // HMAC_TEST_CONTEXT mHmacSha1TestCtx =3D {SHA1_DIGEST_SIZE, Hma= cSha1New, HmacSha1SetKey, HmacSha1Update, HmacSha1Final, HmacSha1Ke= y, sizeof(HmacSha1Key), HmacSha1Digest}; HMAC_TEST_CONTEXT mHmacSha256TestCtx =3D { SHA256_DIGEST_SIZE, HmacSha256= New, HmacSha256SetKey, HmacSha256Update, HmacSha256Final, HmacSha256Key, si= zeof (HmacSha256Key), HmacSha256Digest }; +HMAC_TEST_CONTEXT mHmacSha384TestCtx =3D { SHA384_DIGEST_SIZE, HmacSha384= New, HmacSha384SetKey, HmacSha384Update, HmacSha384Final, HmacSha384Key, si= zeof (HmacSha384Key), HmacSha384Digest }; =20 UNIT_TEST_STATUS EFIAPI @@ -174,6 +192,7 @@ TEST_DESC mHmacTest[] =3D { // -----Description---------------------Class---------------------Functi= on---------------Pre------------------Post------------Context // { "TestVerifyHmacSha256()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHma= c, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha256TestCtx }, + { "TestVerifyHmacSha384()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHma= c, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha384TestCtx }, // These functions have been deprecated but they've been left commented = out for future reference // {"TestVerifyHmacMd5()", "CryptoPkg.BaseCryptLib.Hmac", TestVerif= yHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacMd5TestCtx}, // {"TestVerifyHmacSha1()", "CryptoPkg.BaseCryptLib.Hmac", TestVerif= yHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha1TestCtx}, --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#92657): https://edk2.groups.io/g/devel/message/92657 Mute This Topic: https://groups.io/mt/93199412/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-