From nobody Sun Feb  8 18:29:40 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as
 permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+39753+1787277+3901457@groups.io;
 helo=web01.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted
 sender)  smtp.mailfrom=bounce+27952+39753+1787277+3901457@groups.io;
	dmarc=fail(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1556525760; cv=none;
	d=zoho.com; s=zohoarc;
	b=ajBoWOTsio7rQ6qcsiFDgh1wl9Q5Pm2psctjO7Ihen3TcxYcWmZGkfe1dj4CO0zkgmkRaKkX+b7QUW3OkYWSBP4pYScnCul084hIbl/ZRYRF68Dv8KR/O8Lm46trprwSRx0nuhAvtuSvkwgGqIh+AhF1hXdUOEhQmHHmfwrLjZM=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
 s=zohoarc;
	t=1556525760;
 h=Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results;
	bh=5+YtT2BZyrid8JdW+Q14kdLpi+5pwv63Z+14BfvJVmA=;
	b=aglWYNGhaKZulw7nzQYBR8rZ1ke5RKWgjjmFdDEGS0w6mpIizEepeD82eGN8w1/ky4tXlRYkbd4j1kceZVemXCuN8f3kNogloecRuwSgZJWEbqbnTiCpH091YfQCNd8kvxrJQBEyVakHTDiWJ9iVTxmLyntu6/JXPfQe1bkEG2Q=
ARC-Authentication-Results: i=1; mx.zoho.com;
	dkim=pass;
	spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted
 sender)  smtp.mailfrom=bounce+27952+39753+1787277+3901457@groups.io;
	dmarc=fail header.from=<xiaoyux.lu@intel.com> (p=none dis=none)
 header.from=<xiaoyux.lu@intel.com>
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1556525760906672.9518930446905;
 Mon, 29 Apr 2019 01:16:00 -0700 (PDT)
Return-Path: <bounce+27952+39753+1787277+3901457@groups.io>
X-Received: from mga14.intel.com (mga14.intel.com [])
 by groups.io with SMTP; Mon, 29 Apr 2019 01:15:59 -0700
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
X-Received: from orsmga002.jf.intel.com ([10.7.209.21])
  by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 29 Apr 2019 01:15:59 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.60,409,1549958400";
   d="scan'208";a="154652255"
X-Received: from xiaoyu-dev.sh.intel.com ([10.239.47.11])
  by orsmga002.jf.intel.com with ESMTP; 29 Apr 2019 01:15:57 -0700
From: "Xiaoyu lu" <xiaoyux.lu@intel.com>
To: devel@edk2.groups.io
Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Ting Ye <ting.ye@intel.com>
Subject: [edk2-devel] [PATCH 3/3] CryptoPkg/BaseCryptLib: updata HMAC_ctx size
Date: Mon, 29 Apr 2019 04:15:27 -0400
Message-Id: <1556525727-14875-4-git-send-email-xiaoyux.lu@intel.com>
In-Reply-To: <1556525727-14875-1-git-send-email-xiaoyux.lu@intel.com>
References: <1556525727-14875-1-git-send-email-xiaoyux.lu@intel.com>
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,xiaoyux.lu@intel.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1556525760;
 bh=F1ElDqB+aB/AQbJVnkgIt9OK2l5BhLWhHDyGX8XlM6M=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=L4MNymxQ5zfqwbcyds/sWmy2JgduUyqlGtjdmFbyaJPN44oTWfmdYDrC321KhAUaZ+g
 qIltlAWLL6yaXGAZrc/9ZXa4XXhkdktnIkjA+6SkNTHXgSyzYwa+bKnnqgVAgI9IRyO5o
 RaoCkfy32bGfA57xft9iyJTa0tCQAEHlRAw=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"

From: Xiaoyu Lu <xiaoyux.lu@intel.com>

Openssl internally redefines the size of HMAC_CTX,
but there is no external definition.
So add an additional nubmer.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Ting Ye <ting.ye@intel.com>
Signed-off-by: Xiaoyu Lu <xiaoyux.lu@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c    | 11 ++++++++++-
 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c   | 12 ++++++++++--
 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c | 12 ++++++++++--
 3 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c b/CryptoPkg=
/Library/BaseCryptLib/Hmac/CryptHmacMd5.c
index 3134806..3ffb8e2 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c
@@ -9,8 +9,17 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include "InternalCryptLib.h"
 #include <openssl/hmac.h>
=20
+//
+// NOTE: HMAC_MAX_MD_CBLOCK is deprecated.
+//       #define HMAC_MAX_MD_CBLOCK 128
+//       Openssl redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h
+//       #define HMAC_MAX_MD_CBLOCK_SIZE     144
+//       But we need to compatible with previous API.
+//       So fix it with correct size 144-128 =3D 16.
+//
 #define HMAC_MD5_CTX_SIZE    sizeof(void *) * 4 + sizeof(unsigned int) + \
-                             sizeof(unsigned char) * HMAC_MAX_MD_CBLOCK
+                             sizeof(unsigned char) * (HMAC_MAX_MD_CBLOCK +=
 16)
+
=20
 /**
   Retrieves the size, in bytes, of the context buffer required for HMAC-MD=
5 operations.
diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c b/CryptoPk=
g/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
index bbe3df4..e59602e 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
@@ -9,8 +9,16 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include "InternalCryptLib.h"
 #include <openssl/hmac.h>
=20
-#define HMAC_SHA1_CTX_SIZE   sizeof(void *) * 4 + sizeof(unsigned int) + \
-                             sizeof(unsigned char) * HMAC_MAX_MD_CBLOCK
+//
+// NOTE: HMAC_MAX_MD_CBLOCK is deprecated.
+//       #define HMAC_MAX_MD_CBLOCK 128
+//       Openssl redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h
+//       #define HMAC_MAX_MD_CBLOCK_SIZE     144
+//       But we need to compatible with previous API.
+//       So fix it with correct size 144-128 =3D 16.
+//
+#define  HMAC_SHA1_CTX_SIZE   sizeof(void *) * 4 + sizeof(unsigned int) + \
+                             sizeof(unsigned char) * (HMAC_MAX_MD_CBLOCK +=
 16)
=20
 /**
   Retrieves the size, in bytes, of the context buffer required for HMAC-SH=
A1 operations.
diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c b/Crypto=
Pkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c
index ac9084f..8d0570b 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c
@@ -9,8 +9,16 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include "InternalCryptLib.h"
 #include <openssl/hmac.h>
=20
-#define HMAC_SHA256_CTX_SIZE   sizeof(void *) * 4 + sizeof(unsigned int) +=
 \
-                               sizeof(unsigned char) * HMAC_MAX_MD_CBLOCK
+//
+// NOTE: HMAC_MAX_MD_CBLOCK is deprecated.
+//       #define HMAC_MAX_MD_CBLOCK 128
+//       Openssl redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h
+//       #define HMAC_MAX_MD_CBLOCK_SIZE     144
+//       But we need to compatible with previous API.
+//       So fix it with correct size 144-128 =3D 16.
+//
+#define HMAC_SHA256_CTX_SIZE    sizeof(void *) * 4 + sizeof(unsigned int) =
+ \
+                             sizeof(unsigned char) * (HMAC_MAX_MD_CBLOCK +=
 16)
=20
 /**
   Retrieves the size, in bytes, of the context buffer required for HMAC-SH=
A256 operations.
--=20
2.7.4


-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#39753): https://edk2.groups.io/g/devel/message/39753
Mute This Topic: https://groups.io/mt/31381055/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-