From nobody Thu May 16 08:05:24 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94153+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94153+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1663895700; cv=none; d=zohomail.com; s=zohoarc; b=jsc8vo0MnYgVFX8YIFjMAK9Low8oOQpukQHZub/L6fxl0RbZIaVI2rPUTnyWKScI79sYPKvwUg9LsxTz29gFYemz/4pwmggLP9zClDmEbXV3NHpsxM7+bG5ThvVP94JneiL7L2gVBgjq5sXTZrXcD+BxrY7TZKJzEN0vhzvhWM0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1663895700; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=1aAmPncSrmawtkzRlMeJYx5us2WKy8i83BPxTxFD23A=; b=mTDeGaMI2vhatU//+wUOdAi3ni/snp5TjlhwLzYvTURnnIXzS80yLHefYD12RFy/9Xx4cv3tZHkdEWsQOEFNjFI8RuhXsjHBX6Kh6ea5Om4EuC/Wbx4ape2vcmgj/eoWQZc3w/wfv91ZocU8ohMDKNnwU1VNOKT6Hc9p+3ndJ4w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94153+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1663895700420132.17513930039559; Thu, 22 Sep 2022 18:15:00 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jJQRYY1788612xLw8gLhvcNf; Thu, 22 Sep 2022 18:15:00 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.2812.1663895697563537089 for ; Thu, 22 Sep 2022 18:14:59 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10478"; a="301921142" X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="301921142" X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Sep 2022 18:14:59 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="762434908" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga001.fm.intel.com with ESMTP; 22 Sep 2022 18:14:57 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH v2 1/5] CryptoPkg: Add new hmac definition to cryptlib Date: Fri, 23 Sep 2022 09:14:48 +0800 Message-Id: <20220923011452.2446-2-qi1.zhang@intel.com> In-Reply-To: <20220923011452.2446-1-qi1.zhang@intel.com> References: <20220923011452.2446-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: ohtuSeagUpMRcq32u4jruJ6ex1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1663895700; bh=tt5MUtOUTAdDP7ecv4x3IVhX7P52yMO0TTPLWf6Kx00=; h=Cc:Date:From:Reply-To:Subject:To; b=GXmuKxJoWteieVVAU8igB5DLP7Lnzcibrpk2lBvLK/iDbd8U45OjonppjmDMvWEwMxF 5jzEv/PSTOaM/5JuHet3fheCTJ+zTqPEefCY8XzdFnc9Q0Rg2f17o2QOsSInmZQ+lArIz NOZKxAg5Cuo/S9bhZkCG5s2JUp8tAoE5e4w= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1663895701752100006 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Reviewed-by: Jiewen Yao --- CryptoPkg/Include/Library/BaseCryptLib.h | 188 ++++++++++++++++ .../Pcd/PcdCryptoServiceFamilyEnable.h | 13 ++ CryptoPkg/Private/Protocol/Crypto.h | 200 +++++++++++++++++- 3 files changed, 400 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/L= ibrary/BaseCryptLib.h index 7d1499350a..3a42e3494f 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -1045,6 +1045,194 @@ HmacSha256Final ( OUT UINT8 *HmacValue ); =20 +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HashValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ); + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ); + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ); + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ); + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ); + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ); + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ); + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HashValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ); + // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Symmetric Cryptography Primitive // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h b/CryptoP= kg/Include/Pcd/PcdCryptoServiceFamilyEnable.h index 3d53c2f105..e646d8ac05 100644 --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h @@ -53,9 +53,22 @@ typedef struct { UINT8 Duplicate : 1; UINT8 Update : 1; UINT8 Final : 1; + UINT8 All : 1; } Services; UINT32 Family; } HmacSha256; + union { + struct { + UINT8 New : 1; + UINT8 Free : 1; + UINT8 SetKey : 1; + UINT8 Duplicate : 1; + UINT8 Update : 1; + UINT8 Final : 1; + UINT8 All : 1; + } Services; + UINT32 Family; + } HmacSha384; union { struct { UINT8 GetContextSize : 1; diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protoc= ol/Crypto.h index c417568e96..23445cf1e8 100644 --- a/CryptoPkg/Private/Protocol/Crypto.h +++ b/CryptoPkg/Private/Protocol/Crypto.h @@ -21,7 +21,7 @@ /// the EDK II Crypto Protocol is extended, this version define must be /// increased. /// -#define EDKII_CRYPTO_VERSION 8 +#define EDKII_CRYPTO_VERSION 9 =20 /// /// EDK II Crypto Protocol forward declaration @@ -266,6 +266,194 @@ BOOLEAN OUT UINT8 *HmacValue ); =20 +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_ALL)( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ); + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +typedef +VOID * +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_NEW)( + VOID + ); + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +typedef +VOID +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FREE)( + IN VOID *HmacSha384Ctx + ); + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_SET_KEY)( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ); + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_DUPLICATE)( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ); + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_UPDATE)( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ); + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FINAL)( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ); + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_ALL)( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ); + // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // One-Way Cryptographic Hash Primitives // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D @@ -3675,6 +3863,16 @@ struct _EDKII_CRYPTO_PROTOCOL { EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify; /// Parallel hash EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAl= l; + /// HMAC SHA256 (continued) + EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All; + /// HMAC SHA384 + EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New; + EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free; + EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey; + EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate; + EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update; + EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final; + EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All; }; =20 extern GUID gEdkiiCryptoProtocolGuid; --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94153): https://edk2.groups.io/g/devel/message/94153 Mute This Topic: https://groups.io/mt/93861898/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 08:05:24 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94154+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94154+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1663895703; cv=none; d=zohomail.com; s=zohoarc; b=CPF21q0uQYlAJLGRI/n7Ttmb6HeaA1yhu1seNwRs7UpNfZ24Al3FqtZRLVBSCKXrpywZfbWkyaQ+CQDWZCym3wL9ULqrz/DjKIaFK2zAm5yoI9SDQU/otqnESfCKg0sFPzM0zqPFb5SnMDZ4hG7syiYrVrNI6yJJi+t9X0N7His= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1663895703; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=fJmdjMuakHPLaoqXsUBVLVumI/6QnA6fq78VIDZ/upw=; b=i4KQ+/N+K/mTaYXANDft1BcIVozuhOoQLLXiqyNOVnIkeYR0qxDD98QSqw0fnN0c7GXsdgKVTCp0OhjtF1VMah+BLIGIGeMAhvHplxf7A04RgmltrCiEcqPqp7ZymIxJQ6K207vUhLU/6Gfz25jof5paqGMREdNP1Zw0d17tOvk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94154+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1663895703196180.33791357283235; Thu, 22 Sep 2022 18:15:03 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id ThiIYY1788612xJAUyGCgehm; Thu, 22 Sep 2022 18:15:02 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.2812.1663895697563537089 for ; Thu, 22 Sep 2022 18:15:02 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10478"; a="301921171" X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="301921171" X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Sep 2022 18:15:01 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="762434945" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga001.fm.intel.com with ESMTP; 22 Sep 2022 18:14:59 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH v2 2/5] CryptoPkg: Add HMAC-SHA384 cipher support. Date: Fri, 23 Sep 2022 09:14:49 +0800 Message-Id: <20220923011452.2446-3-qi1.zhang@intel.com> In-Reply-To: <20220923011452.2446-1-qi1.zhang@intel.com> References: <20220923011452.2446-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: 02FryKMRBgaWAV5Krek8m1xWx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1663895702; bh=fUNaDPRDF3HDyzKW55sxylCN8/sBELyb/p+tdJ+y17E=; h=Cc:Date:From:Reply-To:Subject:To; b=cuIFijfc6AC6LVPOVAPTPrvU9yjmeieBv2Cxptbzslk5zJnLmtT/Rep+ytK0+lkqfF4 iJk8dKAerVN5e7ppaAGoIyl455PqkAEr3600UNv2c0vnD8lNmybwuFF7riDMmm2l9Lm5N S2HoXrQJNzlhuW9+Z96mNvHLxVqdRV3Ewx4= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1663895703757100009 Content-Type: text/plain; charset="utf-8" Rename file from CryptHmacSha256 to CryptHmac and add HmacSha384 and HmacSha256All funcitons. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Reviewed-by: Jiewen Yao --- .../Library/BaseCryptLib/Hmac/CryptHmac.c | 629 ++++++++++++++++++ .../Library/BaseCryptLib/Hmac/CryptHmacNull.c | 359 ++++++++++ .../BaseCryptLib/Hmac/CryptHmacSha256.c | 217 ------ .../BaseCryptLib/Hmac/CryptHmacSha256Null.c | 139 ---- .../BaseCryptLibNull/Hmac/CryptHmacNull.c | 359 ++++++++++ .../Hmac/CryptHmacSha256Null.c | 139 ---- 6 files changed, 1347 insertions(+), 495 deletions(-) create mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c create mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c delete mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null= .c create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c delete mode 100644 CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256= Null.c diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c b/CryptoPkg/Li= brary/BaseCryptLib/Hmac/CryptHmac.c new file mode 100644 index 0000000000..2786267a0b --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c @@ -0,0 +1,629 @@ +/** @file + HMAC-SHA256/SHA384 Wrapper Implementation over OpenSSL. + +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD us= e. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacMdNew() returns NULL. + +**/ +VOID * +HmacMdNew ( + VOID + ) +{ + // + // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new() + // + return (VOID *)HMAC_CTX_new (); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacMdCtx Pointer to the HMAC_CTX context to be released. + +**/ +VOID +HmacMdFree ( + IN VOID *HmacMdCtx + ) +{ + // + // Free OpenSSL HMAC_CTX Context + // + HMAC_CTX_free ((HMAC_CTX *)HmacMdCtx); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacMdUpdate(). + + If HmacMdContext is NULL, then return FALSE. + + @param[in] Md Message Digest. + @param[out] HmacMdContext Pointer to HMAC-MD context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + +**/ +BOOLEAN +HmacMdSetKey ( + IN CONST EVP_MD *Md, + OUT VOID *HmacMdContext, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + // + // Check input parameters. + // + if ((HmacMdContext =3D=3D NULL) || (KeySize > INT_MAX)) { + return FALSE; + } + + if (HMAC_Init_ex ((HMAC_CTX *)HmacMdContext, Key, (UINT32)KeySize, Md, N= ULL) !=3D 1) { + return FALSE; + } + + return TRUE; +} + +/** + Makes a copy of an existing HMAC-MD context. + + If HmacMdContext is NULL, then return FALSE. + If NewHmacMdContext is NULL, then return FALSE. + + @param[in] HmacMdContext Pointer to HMAC-MD context being copied. + @param[out] NewHmacMdContext Pointer to new HMAC-MD context. + + @retval TRUE HMAC-MD context copy succeeded. + @retval FALSE HMAC-MD context copy failed. + +**/ +BOOLEAN +HmacMdDuplicate ( + IN CONST VOID *HmacMdContext, + OUT VOID *NewHmacMdContext + ) +{ + // + // Check input parameters. + // + if ((HmacMdContext =3D=3D NULL) || (NewHmacMdContext =3D=3D NULL)) { + return FALSE; + } + + if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacMdContext, (HMAC_CTX *)HmacMdConte= xt) !=3D 1) { + return FALSE; + } + + return TRUE; +} + +/** + Digests the input data and updates HMAC-MD context. + + This function performs HMAC-MD digest on a data buffer of the specified = size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-MD context should be initialized by HmacMdNew(), and should not be = finalized + by HmacMdFinal(). Behavior with invalid context is undefined. + + If HmacMdContext is NULL, then return FALSE. + + @param[in, out] HmacMdContext Pointer to the HMAC-MD context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-MD data digest succeeded. + @retval FALSE HMAC-MD data digest failed. + +**/ +BOOLEAN +HmacMdUpdate ( + IN OUT VOID *HmacMdContext, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + // + // Check input parameters. + // + if (HmacMdContext =3D=3D NULL) { + return FALSE; + } + + // + // Check invalid parameters, in case that only DataLength was checked in= OpenSSL + // + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { + return FALSE; + } + + // + // OpenSSL HMAC-MD digest update + // + if (HMAC_Update ((HMAC_CTX *)HmacMdContext, Data, DataSize) !=3D 1) { + return FALSE; + } + + return TRUE; +} + +/** + Completes computation of the HMAC-MD digest value. + + This function completes HMAC-MD hash computation and retrieves the diges= t value into + the specified memory. After this function has been called, the HMAC-MD c= ontext cannot + be used again. + HMAC-MD context should be initialized by HmacMdNew(), and should not be = finalized + by HmacMdFinal(). Behavior with invalid HMAC-MD context is undefined. + + If HmacMdContext is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + + @param[in, out] HmacMdContext Pointer to the HMAC-MD context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-MD digest + value. + + @retval TRUE HMAC-MD digest computation succeeded. + @retval FALSE HMAC-MD digest computation failed. + +**/ +BOOLEAN +HmacMdFinal ( + IN OUT VOID *HmacMdContext, + OUT UINT8 *HmacValue + ) +{ + UINT32 Length; + + // + // Check input parameters. + // + if ((HmacMdContext =3D=3D NULL) || (HmacValue =3D=3D NULL)) { + return FALSE; + } + + // + // OpenSSL HMAC-MD digest finalization + // + if (HMAC_Final ((HMAC_CTX *)HmacMdContext, HmacValue, &Length) !=3D 1) { + return FALSE; + } + + if (HMAC_CTX_reset ((HMAC_CTX *)HmacMdContext) !=3D 1) { + return FALSE; + } + + return TRUE; +} + +/** + Computes the HMAC-MD digest of a input data buffer. + + This function performs the HMAC-MD digest of a given data buffer, and pl= aces + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Md Message Digest. + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-MD d= igest + value. + + @retval TRUE HMAC-MD digest computation succeeded. + @retval FALSE HMAC-MD digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +HmacMdAll ( + IN CONST EVP_MD *Md, + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + UINT32 Length; + HMAC_CTX *Ctx; + BOOLEAN RetVal; + + Ctx =3D HMAC_CTX_new (); + if (Ctx =3D=3D NULL) { + return FALSE; + } + + RetVal =3D (BOOLEAN)HMAC_CTX_reset (Ctx); + if (!RetVal) { + goto Done; + } + + RetVal =3D (BOOLEAN)HMAC_Init_ex (Ctx, Key, (UINT32)KeySize, Md, NULL); + if (!RetVal) { + goto Done; + } + + RetVal =3D (BOOLEAN)HMAC_Update (Ctx, Data, DataSize); + if (!RetVal) { + goto Done; + } + + RetVal =3D (BOOLEAN)HMAC_Final (Ctx, HmacValue, &Length); + if (!RetVal) { + goto Done; + } + +Done: + HMAC_CTX_free (Ctx); + + return RetVal; +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha256New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha256New ( + VOID + ) +{ + return HmacMdNew (); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha256Free ( + IN VOID *HmacSha256Ctx + ) +{ + HmacMdFree (HmacSha256Ctx); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha256Update(). + + If HmacSha256Context is NULL, then return FALSE. + + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + +**/ +BOOLEAN +EFIAPI +HmacSha256SetKey ( + OUT VOID *HmacSha256Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + return HmacMdSetKey (EVP_sha256 (), HmacSha256Context, Key, KeySize); +} + +/** + Makes a copy of an existing HMAC-SHA256 context. + + If HmacSha256Context is NULL, then return FALSE. + If NewHmacSha256Context is NULL, then return FALSE. + + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. + + @retval TRUE HMAC-SHA256 context copy succeeded. + @retval FALSE HMAC-SHA256 context copy failed. + +**/ +BOOLEAN +EFIAPI +HmacSha256Duplicate ( + IN CONST VOID *HmacSha256Context, + OUT VOID *NewHmacSha256Context + ) +{ + return HmacMdDuplicate (HmacSha256Context, NewHmacSha256Context); +} + +/** + Digests the input data and updates HMAC-SHA256 context. + + This function performs HMAC-SHA256 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA256 context should be initialized by HmacSha256New(), and should= not be finalized + by HmacSha256Final(). Behavior with invalid context is undefined. + + If HmacSha256Context is NULL, then return FALSE. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA256 data digest succeeded. + @retval FALSE HMAC-SHA256 data digest failed. + +**/ +BOOLEAN +EFIAPI +HmacSha256Update ( + IN OUT VOID *HmacSha256Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + return HmacMdUpdate (HmacSha256Context, Data, DataSize); +} + +/** + Completes computation of the HMAC-SHA256 digest value. + + This function completes HMAC-SHA256 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA2= 56 context cannot + be used again. + HMAC-SHA256 context should be initialized by HmacSha256New(), and should= not be finalized + by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undef= ined. + + If HmacSha256Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + +**/ +BOOLEAN +EFIAPI +HmacSha256Final ( + IN OUT VOID *HmacSha256Context, + OUT UINT8 *HmacValue + ) +{ + return HmacMdFinal (HmacSha256Context, HmacValue); +} + +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + return HmacMdAll (EVP_sha256 (), Data, DataSize, Key, KeySize, HmacValue= ); +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ) +{ + return HmacMdNew (); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + HmacMdFree (HmacSha384Ctx); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + return HmacMdSetKey (EVP_sha384 (), HmacSha384Context, Key, KeySize); +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + return HmacMdDuplicate (HmacSha384Context, NewHmacSha384Context); +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + return HmacMdUpdate (HmacSha384Context, Data, DataSize); +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + return HmacMdFinal (HmacSha384Context, HmacValue); +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + return HmacMdAll (EVP_sha384 (), Data, DataSize, Key, KeySize, HmacValue= ); +} diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c b/CryptoPk= g/Library/BaseCryptLib/Hmac/CryptHmacNull.c new file mode 100644 index 0000000000..0a76db41ec --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c @@ -0,0 +1,359 @@ +/** @file + HMAC-SHA256/SHA384 Wrapper Implementation which does not provide real ca= pabilities. + +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. + + Return NULL to indicate this interface is not supported. + + @return NULL This interface is not supported.. + +**/ +VOID * +EFIAPI +HmacSha256New ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Release the specified HMAC_CTX context. + + This function will do nothing. + + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha256Free ( + IN VOID *HmacSha256Ctx + ) +{ + ASSERT (FALSE); + return; +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha256Update(). + + Return FALSE to indicate this interface is not supported. + + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256SetKey ( + OUT VOID *HmacSha256Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Makes a copy of an existing HMAC-SHA256 context. + + Return FALSE to indicate this interface is not supported. + + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Duplicate ( + IN CONST VOID *HmacSha256Context, + OUT VOID *NewHmacSha256Context + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Digests the input data and updates HMAC-SHA256 context. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Update ( + IN OUT VOID *HmacSha256Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Completes computation of the HMAC-SHA256 digest value. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest + value (32 bytes). + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Final ( + IN OUT VOID *HmacSha256Context, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + ASSERT (FALSE); + return; +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c b/Crypto= Pkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c deleted file mode 100644 index 7e83551c1b..0000000000 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c +++ /dev/null @@ -1,217 +0,0 @@ -/** @file - HMAC-SHA256 Wrapper Implementation over OpenSSL. - -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "InternalCryptLib.h" -#include - -/** - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. - - @return Pointer to the HMAC_CTX context that has been initialized. - If the allocations fails, HmacSha256New() returns NULL. - -**/ -VOID * -EFIAPI -HmacSha256New ( - VOID - ) -{ - // - // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new() - // - return (VOID *)HMAC_CTX_new (); -} - -/** - Release the specified HMAC_CTX context. - - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. - -**/ -VOID -EFIAPI -HmacSha256Free ( - IN VOID *HmacSha256Ctx - ) -{ - // - // Free OpenSSL HMAC_CTX Context - // - HMAC_CTX_free ((HMAC_CTX *)HmacSha256Ctx); -} - -/** - Set user-supplied key for subsequent use. It must be done before any - calling to HmacSha256Update(). - - If HmacSha256Context is NULL, then return FALSE. - - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. - @param[in] Key Pointer to the user-supplied key. - @param[in] KeySize Key size in bytes. - - @retval TRUE The Key is set successfully. - @retval FALSE The Key is set unsuccessfully. - -**/ -BOOLEAN -EFIAPI -HmacSha256SetKey ( - OUT VOID *HmacSha256Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - // - // Check input parameters. - // - if ((HmacSha256Context =3D=3D NULL) || (KeySize > INT_MAX)) { - return FALSE; - } - - if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32)KeySize, E= VP_sha256 (), NULL) !=3D 1) { - return FALSE; - } - - return TRUE; -} - -/** - Makes a copy of an existing HMAC-SHA256 context. - - If HmacSha256Context is NULL, then return FALSE. - If NewHmacSha256Context is NULL, then return FALSE. - - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. - - @retval TRUE HMAC-SHA256 context copy succeeded. - @retval FALSE HMAC-SHA256 context copy failed. - -**/ -BOOLEAN -EFIAPI -HmacSha256Duplicate ( - IN CONST VOID *HmacSha256Context, - OUT VOID *NewHmacSha256Context - ) -{ - // - // Check input parameters. - // - if ((HmacSha256Context =3D=3D NULL) || (NewHmacSha256Context =3D=3D NULL= )) { - return FALSE; - } - - if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacSha256Context, (HMAC_CTX *)HmacSha= 256Context) !=3D 1) { - return FALSE; - } - - return TRUE; -} - -/** - Digests the input data and updates HMAC-SHA256 context. - - This function performs HMAC-SHA256 digest on a data buffer of the specif= ied size. - It can be called multiple times to compute the digest of long or discont= inuous data streams. - HMAC-SHA256 context should be initialized by HmacSha256New(), and should= not be finalized - by HmacSha256Final(). Behavior with invalid context is undefined. - - If HmacSha256Context is NULL, then return FALSE. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[in] Data Pointer to the buffer containing the = data to be digested. - @param[in] DataSize Size of Data buffer in bytes. - - @retval TRUE HMAC-SHA256 data digest succeeded. - @retval FALSE HMAC-SHA256 data digest failed. - -**/ -BOOLEAN -EFIAPI -HmacSha256Update ( - IN OUT VOID *HmacSha256Context, - IN CONST VOID *Data, - IN UINTN DataSize - ) -{ - // - // Check input parameters. - // - if (HmacSha256Context =3D=3D NULL) { - return FALSE; - } - - // - // Check invalid parameters, in case that only DataLength was checked in= OpenSSL - // - if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { - return FALSE; - } - - // - // OpenSSL HMAC-SHA256 digest update - // - if (HMAC_Update ((HMAC_CTX *)HmacSha256Context, Data, DataSize) !=3D 1) { - return FALSE; - } - - return TRUE; -} - -/** - Completes computation of the HMAC-SHA256 digest value. - - This function completes HMAC-SHA256 hash computation and retrieves the d= igest value into - the specified memory. After this function has been called, the HMAC-SHA2= 56 context cannot - be used again. - HMAC-SHA256 context should be initialized by HmacSha256New(), and should= not be finalized - by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undef= ined. - - If HmacSha256Context is NULL, then return FALSE. - If HmacValue is NULL, then return FALSE. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest - value (32 bytes). - - @retval TRUE HMAC-SHA256 digest computation succeeded. - @retval FALSE HMAC-SHA256 digest computation failed. - -**/ -BOOLEAN -EFIAPI -HmacSha256Final ( - IN OUT VOID *HmacSha256Context, - OUT UINT8 *HmacValue - ) -{ - UINT32 Length; - - // - // Check input parameters. - // - if ((HmacSha256Context =3D=3D NULL) || (HmacValue =3D=3D NULL)) { - return FALSE; - } - - // - // OpenSSL HMAC-SHA256 digest finalization - // - if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) !=3D = 1) { - return FALSE; - } - - if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) !=3D 1) { - return FALSE; - } - - return TRUE; -} diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c b/Cr= yptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c deleted file mode 100644 index 2e3cb3bdfe..0000000000 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c +++ /dev/null @@ -1,139 +0,0 @@ -/** @file - HMAC-SHA256 Wrapper Implementation which does not provide real capabilit= ies. - -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "InternalCryptLib.h" - -/** - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. - - Return NULL to indicate this interface is not supported. - - @return NULL This interface is not supported.. - -**/ -VOID * -EFIAPI -HmacSha256New ( - VOID - ) -{ - ASSERT (FALSE); - return NULL; -} - -/** - Release the specified HMAC_CTX context. - - This function will do nothing. - - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. - -**/ -VOID -EFIAPI -HmacSha256Free ( - IN VOID *HmacSha256Ctx - ) -{ - ASSERT (FALSE); - return; -} - -/** - Set user-supplied key for subsequent use. It must be done before any - calling to HmacSha256Update(). - - Return FALSE to indicate this interface is not supported. - - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. - @param[in] Key Pointer to the user-supplied key. - @param[in] KeySize Key size in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256SetKey ( - OUT VOID *HmacSha256Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Makes a copy of an existing HMAC-SHA256 context. - - Return FALSE to indicate this interface is not supported. - - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Duplicate ( - IN CONST VOID *HmacSha256Context, - OUT VOID *NewHmacSha256Context - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Digests the input data and updates HMAC-SHA256 context. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[in] Data Pointer to the buffer containing the = data to be digested. - @param[in] DataSize Size of Data buffer in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Update ( - IN OUT VOID *HmacSha256Context, - IN CONST VOID *Data, - IN UINTN DataSize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Completes computation of the HMAC-SHA256 digest value. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest - value (32 bytes). - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Final ( - IN OUT VOID *HmacSha256Context, - OUT UINT8 *HmacValue - ) -{ - ASSERT (FALSE); - return FALSE; -} diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c b/Cryp= toPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c new file mode 100644 index 0000000000..0a76db41ec --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c @@ -0,0 +1,359 @@ +/** @file + HMAC-SHA256/SHA384 Wrapper Implementation which does not provide real ca= pabilities. + +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. + + Return NULL to indicate this interface is not supported. + + @return NULL This interface is not supported.. + +**/ +VOID * +EFIAPI +HmacSha256New ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Release the specified HMAC_CTX context. + + This function will do nothing. + + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha256Free ( + IN VOID *HmacSha256Ctx + ) +{ + ASSERT (FALSE); + return; +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha256Update(). + + Return FALSE to indicate this interface is not supported. + + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256SetKey ( + OUT VOID *HmacSha256Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Makes a copy of an existing HMAC-SHA256 context. + + Return FALSE to indicate this interface is not supported. + + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Duplicate ( + IN CONST VOID *HmacSha256Context, + OUT VOID *NewHmacSha256Context + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Digests the input data and updates HMAC-SHA256 context. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Update ( + IN OUT VOID *HmacSha256Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Completes computation of the HMAC-SHA256 digest value. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest + value (32 bytes). + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256Final ( + IN OUT VOID *HmacSha256Context, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ) +{ + ASSERT (FALSE); + return NULL; +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + ASSERT (FALSE); + return; +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + ASSERT (FALSE); + return FALSE; +} diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c = b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c deleted file mode 100644 index 2e3cb3bdfe..0000000000 --- a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c +++ /dev/null @@ -1,139 +0,0 @@ -/** @file - HMAC-SHA256 Wrapper Implementation which does not provide real capabilit= ies. - -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include "InternalCryptLib.h" - -/** - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA25= 6 use. - - Return NULL to indicate this interface is not supported. - - @return NULL This interface is not supported.. - -**/ -VOID * -EFIAPI -HmacSha256New ( - VOID - ) -{ - ASSERT (FALSE); - return NULL; -} - -/** - Release the specified HMAC_CTX context. - - This function will do nothing. - - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be release= d. - -**/ -VOID -EFIAPI -HmacSha256Free ( - IN VOID *HmacSha256Ctx - ) -{ - ASSERT (FALSE); - return; -} - -/** - Set user-supplied key for subsequent use. It must be done before any - calling to HmacSha256Update(). - - Return FALSE to indicate this interface is not supported. - - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. - @param[in] Key Pointer to the user-supplied key. - @param[in] KeySize Key size in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256SetKey ( - OUT VOID *HmacSha256Context, - IN CONST UINT8 *Key, - IN UINTN KeySize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Makes a copy of an existing HMAC-SHA256 context. - - Return FALSE to indicate this interface is not supported. - - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being c= opied. - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Duplicate ( - IN CONST VOID *HmacSha256Context, - OUT VOID *NewHmacSha256Context - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Digests the input data and updates HMAC-SHA256 context. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[in] Data Pointer to the buffer containing the = data to be digested. - @param[in] DataSize Size of Data buffer in bytes. - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Update ( - IN OUT VOID *HmacSha256Context, - IN CONST VOID *Data, - IN UINTN DataSize - ) -{ - ASSERT (FALSE); - return FALSE; -} - -/** - Completes computation of the HMAC-SHA256 digest value. - - Return FALSE to indicate this interface is not supported. - - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. - @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA256 digest - value (32 bytes). - - @retval FALSE This interface is not supported. - -**/ -BOOLEAN -EFIAPI -HmacSha256Final ( - IN OUT VOID *HmacSha256Context, - OUT UINT8 *HmacValue - ) -{ - ASSERT (FALSE); - return FALSE; -} --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94154): https://edk2.groups.io/g/devel/message/94154 Mute This Topic: https://groups.io/mt/93861901/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 08:05:24 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94155+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94155+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1663895705; cv=none; d=zohomail.com; s=zohoarc; b=H0imoMCZ1It+EtOsSLcJctWYzXxkT14hj7fCesJkhEngPwRrccSySuXNNAJr/ehXqiXNJu6oXJzYNPy4zC+fg6nJna+BaoxmtljwoIXjGxwr8sbsoJxBpUhxB/tQnlfP5fhs6dj4CMZ4/llxTNXwdHSFpCm2DQoSAXsON00TVGs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1663895705; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=0XjFAK7k1kQ4rCKTS2sjvhOBSgb58PZs5mFVOpOmJQ8=; b=mqu9pzjh61XLAlaMYqn29rLdqzZuJGWgKJ4TJ7jzWH3Xln8Isg194AzkOG2SsYwpl56fX4f6v43F474Tktw3lHQopE/W4A669uNRTq+qyG299XIqZQ58kHFBgsqqiOq0ZdgGvXUHPx0GKAdnp4yN5bSOzD5CHjEcC8RIi6whdQU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94155+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1663895705953699.9973581305699; Thu, 22 Sep 2022 18:15:05 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id T3aBYY1788612xb3YCl8efCA; Thu, 22 Sep 2022 18:15:04 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.2812.1663895697563537089 for ; Thu, 22 Sep 2022 18:15:04 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10478"; a="301921184" X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="301921184" X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Sep 2022 18:15:03 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="762434979" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga001.fm.intel.com with ESMTP; 22 Sep 2022 18:15:01 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH v2 3/5] CryptoPkg: Update CryptLib inf as the file name changed. Date: Fri, 23 Sep 2022 09:14:50 +0800 Message-Id: <20220923011452.2446-4-qi1.zhang@intel.com> In-Reply-To: <20220923011452.2446-1-qi1.zhang@intel.com> References: <20220923011452.2446-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: PDj9LVeVhKziCVkAdJc2YIttx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1663895704; bh=vlGxbe9i8kE3ohbTNy0t7v0CR9TrUwnAP3F/iG+mPbc=; h=Cc:Date:From:Reply-To:Subject:To; b=V7cBy3ligGkpga0etXCnu2Ycg9BUpMXfXksVZCb5g6/sDcMDG+gRdwGD9XOCsaB5Iy7 uPJj9QA5Eoy37SyiHs9nW0qJb/WSvpRo8Hr8l2WuMcPDL0lOhbSjXvSomwjidaXc5kY+c KiKtdSiPuWt606XAbttKNk5Jry+P8dVW4JE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1663895707741100015 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Reviewed-by: Jiewen Yao --- CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +- CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Li= brary/BaseCryptLib/BaseCryptLib.inf index 3d7b917103..2a9664ad3e 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -35,7 +35,7 @@ Hash/CryptSha512.c Hash/CryptSm3.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/PeiCryptLib.inf index 01de27e037..f88f8312f6 100644 --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf @@ -41,7 +41,7 @@ Hash/CryptSm3.c Hash/CryptSha512.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAesNull.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf b/CryptoPkg= /Library/BaseCryptLib/RuntimeCryptLib.inf index d28fb98b66..9213952701 100644 --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -41,7 +41,7 @@ Hash/CryptSm3.c Hash/CryptSha512.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SecCryptLib.inf index 070b44447e..0b1dd31c41 100644 --- a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf @@ -34,7 +34,7 @@ Hash/CryptSha256Null.c Hash/CryptSm3Null.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256Null.c + Hmac/CryptHmacNull.c Kdf/CryptHkdfNull.c Cipher/CryptAesNull.c Pk/CryptRsaBasicNull.c diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf b/CryptoPkg/Lib= rary/BaseCryptLib/SmmCryptLib.inf index 91a1715095..ed76520fcc 100644 --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf @@ -42,7 +42,7 @@ Hash/CryptXkcp.c Hash/CryptCShake256.c Hash/CryptParallelHash.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdfNull.c Cipher/CryptAes.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf b/Cryp= toPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf index 63d1d82d19..728e0793ac 100644 --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf @@ -35,7 +35,7 @@ Hash/CryptSha512Null.c Hash/CryptSm3Null.c Hash/CryptParallelHashNull.c - Hmac/CryptHmacSha256Null.c + Hmac/CryptHmacNull.c Kdf/CryptHkdfNull.c Cipher/CryptAesNull.c Pk/CryptRsaBasicNull.c --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94155): https://edk2.groups.io/g/devel/message/94155 Mute This Topic: https://groups.io/mt/93861902/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 08:05:24 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94156+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94156+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1663895707; cv=none; d=zohomail.com; s=zohoarc; b=ezMea2aXR/XyPLw6rtKixHePow4/BZugrEiwFNrFgCXNoCdGehBP6ebV3gPuCvOc7AxROymDY+MncfKsCGgc5aie2LEDdxSYQKGH9i8+B5Jy1Pmh4hUGirrZcdHMc4P5O5HEMit7MqvemvnLpDgDTUiwJNDHbAE99ul8m5tIo8c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1663895707; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=E8B4zAarkK5VhyhlD4GMOQ6oaFckavr8hPlG0WON5xo=; b=XmBLm5WkHbL8Ab1jomB0QNJ+MGlVrnouRGRLnC0xuCF7t4pVTIpsqrsWT10ATqmRb6X1EsaQpdy54Z8uibQPhyGgK9+4nVYiQR9OAVgH3iEqyFKubq/RPx10ABS45u+RkaxLmdhaoBwuzcdrZ5Gr1R3PGCRMY4eeZkR1Fm2t5Dw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94156+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1663895707887466.7420678884688; Thu, 22 Sep 2022 18:15:07 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id ungtYY1788612xszPBXTcd6t; Thu, 22 Sep 2022 18:15:07 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.2812.1663895697563537089 for ; Thu, 22 Sep 2022 18:15:06 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10478"; a="301921217" X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="301921217" X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Sep 2022 18:15:05 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="762435013" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga001.fm.intel.com with ESMTP; 22 Sep 2022 18:15:03 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH v2 4/5] CryptoPkg: Add new hmac SHA api to Crypto Service. Date: Fri, 23 Sep 2022 09:14:51 +0800 Message-Id: <20220923011452.2446-5-qi1.zhang@intel.com> In-Reply-To: <20220923011452.2446-1-qi1.zhang@intel.com> References: <20220923011452.2446-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: LBnjCEBpKU2FBzWn1hJ3BGUGx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1663895707; bh=l2ga34OJ+G72yAH/YxuYi3en6iSPcNhksLSyXRtRJo0=; h=Cc:Date:From:Reply-To:Subject:To; b=Co7DhmlSqlsls6PJ5uiQ/QDuXv2n48W2mSCWHbaLt+qEcywIXcqtJwSNlPFv7mFxl6x BQ2fQncOeGBDwmt+TE1hUNKRUz5FHz+nBZhmNHr5P26npsuWqlUvqZqnRSMp/TdJp3rL8 45xBPPC7HhLSpQ/rTjd0FOs2Hily9O+vfyc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1663895709810100018 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Reviewed-by: Jiewen Yao --- CryptoPkg/CryptoPkg.dsc | 3 + CryptoPkg/Driver/Crypto.c | 224 +++++++++++++++++- .../BaseCryptLibOnProtocolPpi/CryptLib.c | 212 +++++++++++++++++ 3 files changed, 438 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 50e7721f25..417804f64f 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -147,6 +147,7 @@ =20 !if $(CRYPTO_SERVICES) IN "PACKAGE ALL" gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Md5.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Dh.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY @@ -172,6 +173,7 @@ =20 !if $(CRYPTO_SERVICES) =3D=3D MIN_PEI gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha1.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha256.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Sha384.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY @@ -186,6 +188,7 @@ =20 !if $(CRYPTO_SERVICES) =3D=3D MIN_DXE_MIN_SMM gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha256.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.HmacSha384.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs1v2Encrypt | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs5HashPassword | TRUE gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Pkcs.Services.P= kcs7Verify | TRUE diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c index 76cb9f4da0..d99be08022 100644 --- a/CryptoPkg/Driver/Crypto.c +++ b/CryptoPkg/Driver/Crypto.c @@ -1847,6 +1847,218 @@ CryptoServiceHmacSha256Final ( return CALL_BASECRYPTLIB (HmacSha256.Services.Final, HmacSha256Final, (H= macSha256Context, HmacValue), FALSE); } =20 +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + return CALL_BASECRYPTLIB (HmacSha256.Services.All, HmacSha256All, (Data,= DataSize, Key, KeySize, HmacValue), FALSE); +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +CryptoServiceHmacSha384New ( + VOID + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.New, HmacSha384New, (), NU= LL); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +CryptoServiceHmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + CALL_VOID_BASECRYPTLIB (HmacSha384.Services.Free, HmacSha384Free, (HmacS= ha384Ctx)); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.SetKey, HmacSha384SetKey, = (HmacSha384Context, Key, KeySize), FALSE); +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.Duplicate, HmacSha256Dupli= cate, (HmacSha384Context, NewHmacSha384Context), FALSE); +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.Update, HmacSha384Update, = (HmacSha384Context, Data, DataSize), FALSE); +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.Final, HmacSha384Final, (H= macSha384Context, HmacValue), FALSE); +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +CryptoServiceHmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + return CALL_BASECRYPTLIB (HmacSha384.Services.All, HmacSha384All, (Data,= DataSize, Key, KeySize, HmacValue), FALSE); +} + // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Symmetric Cryptography Primitive // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D @@ -4787,5 +4999,15 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =3D { CryptoServiceRsaPssSign, CryptoServiceRsaPssVerify, /// Parallel hash - CryptoServiceParallelHash256HashAll + CryptoServiceParallelHash256HashAll, + /// HMAC SHA256 (continued) + CryptoServiceHmacSha256All, + /// HMAC SHA384 + CryptoServiceHmacSha384New, + CryptoServiceHmacSha384Free, + CryptoServiceHmacSha384SetKey, + CryptoServiceHmacSha384Duplicate, + CryptoServiceHmacSha384Update, + CryptoServiceHmacSha384Final, + CryptoServiceHmacSha384All }; diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/Crypt= oPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c index 8ee1b53cf9..0218e9b594 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c @@ -1201,6 +1201,218 @@ HmacSha256Final ( CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), FA= LSE); } =20 +/** + Computes the HMAC-SHA256 digest of a input data buffer. + + This function performs the HMAC-SHA256 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA2= 56 digest + value (32 bytes). + + @retval TRUE HMAC-SHA256 digest computation succeeded. + @retval FALSE HMAC-SHA256 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha256All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, HmacV= alue), FALSE); +} + +/** + Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA38= 4 use. + + @return Pointer to the HMAC_CTX context that has been initialized. + If the allocations fails, HmacSha384New() returns NULL. + +**/ +VOID * +EFIAPI +HmacSha384New ( + VOID + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); +} + +/** + Release the specified HMAC_CTX context. + + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be release= d. + +**/ +VOID +EFIAPI +HmacSha384Free ( + IN VOID *HmacSha384Ctx + ) +{ + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); +} + +/** + Set user-supplied key for subsequent use. It must be done before any + calling to HmacSha384Update(). + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + + @retval TRUE The Key is set successfully. + @retval FALSE The Key is set unsuccessfully. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384SetKey ( + OUT VOID *HmacSha384Context, + IN CONST UINT8 *Key, + IN UINTN KeySize + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, KeySize)= , FALSE); +} + +/** + Makes a copy of an existing HMAC-SHA384 context. + + If HmacSha384Context is NULL, then return FALSE. + If NewHmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being c= opied. + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 context. + + @retval TRUE HMAC-SHA384 context copy succeeded. + @retval FALSE HMAC-SHA384 context copy failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Duplicate ( + IN CONST VOID *HmacSha384Context, + OUT VOID *NewHmacSha384Context + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, NewHmacSha= 384Context), FALSE); +} + +/** + Digests the input data and updates HMAC-SHA384 context. + + This function performs HMAC-SHA384 digest on a data buffer of the specif= ied size. + It can be called multiple times to compute the digest of long or discont= inuous data streams. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid context is undefined. + + If HmacSha384Context is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[in] Data Pointer to the buffer containing the = data to be digested. + @param[in] DataSize Size of Data buffer in bytes. + + @retval TRUE HMAC-SHA384 data digest succeeded. + @retval FALSE HMAC-SHA384 data digest failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Update ( + IN OUT VOID *HmacSha384Context, + IN CONST VOID *Data, + IN UINTN DataSize + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, DataSiz= e), FALSE); +} + +/** + Completes computation of the HMAC-SHA384 digest value. + + This function completes HMAC-SHA384 hash computation and retrieves the d= igest value into + the specified memory. After this function has been called, the HMAC-SHA3= 84 context cannot + be used again. + HMAC-SHA384 context should be initialized by HmacSha384New(), and should= not be finalized + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is undef= ined. + + If HmacSha384Context is NULL, then return FALSE. + If HmacValue is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. + @param[out] HmacValue Pointer to a buffer that receives th= e HMAC-SHA384 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384Final ( + IN OUT VOID *HmacSha384Context, + OUT UINT8 *HmacValue + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, HmacValue), FA= LSE); +} + +/** + Computes the HMAC-SHA384 digest of a input data buffer. + + This function performs the HMAC-SHA384 digest of a given data buffer, an= d places + the digest value into the specified memory. + + If this interface is not supported, then return FALSE. + + @param[in] Data Pointer to the buffer containing the data to be= digested. + @param[in] DataSize Size of Data buffer in bytes. + @param[in] Key Pointer to the user-supplied key. + @param[in] KeySize Key size in bytes. + @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA3= 84 digest + value (48 bytes). + + @retval TRUE HMAC-SHA384 digest computation succeeded. + @retval FALSE HMAC-SHA384 digest computation failed. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +HmacSha384All ( + IN CONST VOID *Data, + IN UINTN DataSize, + IN CONST UINT8 *Key, + IN UINTN KeySize, + OUT UINT8 *HmacValue + ) +{ + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, HmacV= alue), FALSE); +} + // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D // Symmetric Cryptography Primitive // =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94156): https://edk2.groups.io/g/devel/message/94156 Mute This Topic: https://groups.io/mt/93861905/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Thu May 16 08:05:24 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94157+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94157+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1663895708; cv=none; d=zohomail.com; s=zohoarc; b=WRnwjDFMGUWc5Va3qNmo2QaH0jGjRuUzIYYGl7DQjEwziK3PvZwIvPBnDrZjICRvND+OZrm9gk7hMFPEsHJKH1SwmtwYYpr4HzS0ToD7f23NPnahwdyz5n8F4y4bJux110t2yvenqDlQViZN7trMq/x5JYXriaQKKBKPXnT8tVc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1663895708; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=jzB+tmfjc/FxZLsl2Fhq86GMk1OwSmxNQjt2l6KW4Tk=; b=natyaRjdTBuWrN4jRy7E3bjjTXnkfmupZwKvd14zKU2edp5XKKe1dPef2gAIro5EJy1cCz8s6bXGhEBVPIPwzFzk7oU2slBV3CIP6YtXh7FMJhgTkkeI2TtFb5Y2/ZPjDKuashdjdh+jA3woO2622TB6QCAT9+JpADe8Pb1r/S8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94157+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1663895708882229.0346889066716; Thu, 22 Sep 2022 18:15:08 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id fgvtYY1788612xKiOj7z7Uh3; Thu, 22 Sep 2022 18:15:08 -0700 X-Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web11.2812.1663895697563537089 for ; Thu, 22 Sep 2022 18:15:07 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10478"; a="301921227" X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="301921227" X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Sep 2022 18:15:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,337,1654585200"; d="scan'208";a="762435052" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.129]) by fmsmga001.fm.intel.com with ESMTP; 22 Sep 2022 18:15:05 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH v2 5/5] CryptoPkg: add Hmac Sha384 to host UnitTest. Date: Fri, 23 Sep 2022 09:14:52 +0800 Message-Id: <20220923011452.2446-6-qi1.zhang@intel.com> In-Reply-To: <20220923011452.2446-1-qi1.zhang@intel.com> References: <20220923011452.2446-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: qBYjHXUys5ovBaNZPzBv29cQx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1663895708; bh=RV0Uy1laQjryqpNVd6kPyjwOqL4VZTdwCzTNGz5i2nc=; h=Cc:Date:From:Reply-To:Subject:To; b=WOnHNnAruXvneW+m1ZJIuWaMs4pHZGKhVL5+UYB3apV8s6nnZauoZSa6UzFSnHLkqdW ZUyjlqg7TrGNRnXCvjN62aywoIEw6tEOHjJawe5LrBoScTE1FtLv/3jAMf/FjHihK+voD I5koqwNvcJnYAEX+OM1qalpZWsA5yU4SUpE= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1663895709770100017 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Reviewed-by: Jiewen Yao --- .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 +- .../UnitTest/Library/BaseCryptLib/HmacTests.c | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf b/= CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf index 11ff1c6931..63282dc5ab 100644 --- a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf @@ -28,7 +28,7 @@ Hash/CryptSha256.c Hash/CryptSha512.c Hash/CryptSm3.c - Hmac/CryptHmacSha256.c + Hmac/CryptHmac.c Kdf/CryptHkdf.c Cipher/CryptAes.c Pk/CryptRsaBasic.c diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c b/Cry= ptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c index 595729424b..9c5b39410d 100644 --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c @@ -64,6 +64,23 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha256Dig= est[] =3D { 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, = 0x2e, 0x32, 0xcf, 0xf7 }; =20 +// +// Key value for HMAC-SHA-384 validation. (From "4. Test Vectors" of IETF = RFC4231) +// +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha384Key[20] =3D { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, = 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b +}; + +// +// Result for HMAC-SHA-384 ("Hi There"). (From "4. Test Vectors" of IETF R= FC4231) +// +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha384Digest[] =3D { + 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, 0x6b, 0x08, 0x25, 0xf4, = 0xab, 0x46, 0x90, 0x7f, + 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, 0x82, 0xaa, 0x03, 0x4c, = 0x7c, 0xeb, 0xc5, 0x9c, + 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f, 0x4a, 0xf1, 0x52, 0xe8, = 0xb2, 0xfa, 0x9c, 0xb6 +}; + typedef VOID * (EFIAPI *EFI_HMAC_NEW)( @@ -109,6 +126,7 @@ typedef struct { // HMAC_TEST_CONTEXT mHmacMd5TestCtx =3D {MD5_DIGEST_SIZE, Hma= cMd5New, HmacMd5SetKey, HmacMd5Update, HmacMd5Final, HmacMd5Key= , sizeof(HmacMd5Key), HmacMd5Digest}; // HMAC_TEST_CONTEXT mHmacSha1TestCtx =3D {SHA1_DIGEST_SIZE, Hma= cSha1New, HmacSha1SetKey, HmacSha1Update, HmacSha1Final, HmacSha1Ke= y, sizeof(HmacSha1Key), HmacSha1Digest}; HMAC_TEST_CONTEXT mHmacSha256TestCtx =3D { SHA256_DIGEST_SIZE, HmacSha256= New, HmacSha256SetKey, HmacSha256Update, HmacSha256Final, HmacSha256Key, si= zeof (HmacSha256Key), HmacSha256Digest }; +HMAC_TEST_CONTEXT mHmacSha384TestCtx =3D { SHA384_DIGEST_SIZE, HmacSha384= New, HmacSha384SetKey, HmacSha384Update, HmacSha384Final, HmacSha384Key, si= zeof (HmacSha384Key), HmacSha384Digest }; =20 UNIT_TEST_STATUS EFIAPI @@ -174,6 +192,7 @@ TEST_DESC mHmacTest[] =3D { // -----Description---------------------Class---------------------Functi= on---------------Pre------------------Post------------Context // { "TestVerifyHmacSha256()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHma= c, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha256TestCtx }, + { "TestVerifyHmacSha384()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyHma= c, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha384TestCtx }, // These functions have been deprecated but they've been left commented = out for future reference // {"TestVerifyHmacMd5()", "CryptoPkg.BaseCryptLib.Hmac", TestVerif= yHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacMd5TestCtx}, // {"TestVerifyHmacSha1()", "CryptoPkg.BaseCryptLib.Hmac", TestVerif= yHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha1TestCtx}, --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94157): https://edk2.groups.io/g/devel/message/94157 Mute This Topic: https://groups.io/mt/93861906/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-