From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=fail (domain: intel.com, ip: , mailfrom: xiaoyux.lu@intel.com) Received: from mga14.intel.com (mga14.intel.com []) by groups.io with SMTP; Mon, 29 Apr 2019 01:15:59 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 29 Apr 2019 01:15:59 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.60,409,1549958400"; d="scan'208";a="154652255" Received: from xiaoyu-dev.sh.intel.com ([10.239.47.11]) by orsmga002.jf.intel.com with ESMTP; 29 Apr 2019 01:15:57 -0700 From: "Xiaoyu lu" To: devel@edk2.groups.io Cc: Xiaoyu Lu , Jian J Wang , Ting Ye Subject: [PATCH 3/3] CryptoPkg/BaseCryptLib: updata HMAC_ctx size Date: Mon, 29 Apr 2019 04:15:27 -0400 Message-Id: <1556525727-14875-4-git-send-email-xiaoyux.lu@intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1556525727-14875-1-git-send-email-xiaoyux.lu@intel.com> References: <1556525727-14875-1-git-send-email-xiaoyux.lu@intel.com> From: Xiaoyu Lu Openssl internally redefines the size of HMAC_CTX, but there is no external definition. So add an additional nubmer. Cc: Jian J Wang Cc: Ting Ye Signed-off-by: Xiaoyu Lu --- CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c | 11 ++++++++++- CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c | 12 ++++++++++-- CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c | 12 ++++++++++-- 3 files changed, 30 insertions(+), 5 deletions(-) diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c index 3134806..3ffb8e2 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c @@ -9,8 +9,17 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "InternalCryptLib.h" #include +// +// NOTE: HMAC_MAX_MD_CBLOCK is deprecated. +// #define HMAC_MAX_MD_CBLOCK 128 +// Openssl redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h +// #define HMAC_MAX_MD_CBLOCK_SIZE 144 +// But we need to compatible with previous API. +// So fix it with correct size 144-128 = 16. +// #define HMAC_MD5_CTX_SIZE sizeof(void *) * 4 + sizeof(unsigned int) + \ - sizeof(unsigned char) * HMAC_MAX_MD_CBLOCK + sizeof(unsigned char) * (HMAC_MAX_MD_CBLOCK + 16) + /** Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations. diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c index bbe3df4..e59602e 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c @@ -9,8 +9,16 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "InternalCryptLib.h" #include -#define HMAC_SHA1_CTX_SIZE sizeof(void *) * 4 + sizeof(unsigned int) + \ - sizeof(unsigned char) * HMAC_MAX_MD_CBLOCK +// +// NOTE: HMAC_MAX_MD_CBLOCK is deprecated. +// #define HMAC_MAX_MD_CBLOCK 128 +// Openssl redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h +// #define HMAC_MAX_MD_CBLOCK_SIZE 144 +// But we need to compatible with previous API. +// So fix it with correct size 144-128 = 16. +// +#define HMAC_SHA1_CTX_SIZE sizeof(void *) * 4 + sizeof(unsigned int) + \ + sizeof(unsigned char) * (HMAC_MAX_MD_CBLOCK + 16) /** Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations. diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c index ac9084f..8d0570b 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c @@ -9,8 +9,16 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "InternalCryptLib.h" #include -#define HMAC_SHA256_CTX_SIZE sizeof(void *) * 4 + sizeof(unsigned int) + \ - sizeof(unsigned char) * HMAC_MAX_MD_CBLOCK +// +// NOTE: HMAC_MAX_MD_CBLOCK is deprecated. +// #define HMAC_MAX_MD_CBLOCK 128 +// Openssl redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h +// #define HMAC_MAX_MD_CBLOCK_SIZE 144 +// But we need to compatible with previous API. +// So fix it with correct size 144-128 = 16. +// +#define HMAC_SHA256_CTX_SIZE sizeof(void *) * 4 + sizeof(unsigned int) + \ + sizeof(unsigned char) * (HMAC_MAX_MD_CBLOCK + 16) /** Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations. -- 2.7.4