From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.nue.novell.com (smtp.nue.novell.com [195.135.221.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 5076D21DFA917 for ; Mon, 27 Mar 2017 02:56:43 -0700 (PDT) Received: from emea4-mta.ukb.novell.com ([10.120.13.87]) by smtp.nue.novell.com with ESMTP (TLS encrypted); Mon, 27 Mar 2017 11:56:41 +0200 Received: from GaryWorkstation (nwb-a10-snat.microfocus.com [10.120.13.201]) by emea4-mta.ukb.novell.com with ESMTP (TLS encrypted); Mon, 27 Mar 2017 10:56:24 +0100 Date: Mon, 27 Mar 2017 17:56:17 +0800 From: Gary Lin To: Laszlo Ersek Cc: Qin Long , edk2-devel@lists.01.org, ting.ye@intel.com, jiaxin.wu@intel.com, ard.biesheuvel@linaro.org, ronald.cron@arm.com, Moso.Lee@citrix.com, thomas.palmer@hpe.com Message-ID: <20170327095617.ukr35artwmmlm6tz@GaryWorkstation> References: <20170323131932.6168-1-qin.long@intel.com> <20170323131932.6168-10-qin.long@intel.com> MIME-Version: 1.0 In-Reply-To: User-Agent: Mutt/1.6.2 (2016-07-01) Subject: Re: [PATCH v2 09/11] CryptoPkg: Update HMAC Wrapper with opaque HMAC_CTX object. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Mar 2017 09:56:43 -0000 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Mar 23, 2017 at 07:37:08PM +0100, Laszlo Ersek wrote: > On 03/23/17 14:19, Qin Long wrote: > > OpenSSL-1.1.xx makes most data structures opaque. > > This patch updated HMAC Wrapper implementation with opaque > > HMAC_CTX object. > > The HmacXXGetContextSize() is marked as deprecated, and updated > > to use the fixed HMAC_CTX size, which is just kept for compatibility. > > New APIs (HmacXXNew(), HmacXXFree()) were added as the recommended > > HMAC_CTX usage interfaces for HMAC-XXXX operations. > > > > Cc: Ting Ye > > Cc: Laszlo Ersek > > Cc: Ard Biesheuvel > > Cc: Gary Lin > > Cc: Ronald Cron > > Contributed-under: TianoCore Contribution Agreement 1.0 > > Signed-off-by: Qin Long > > --- > > CryptoPkg/Include/Library/BaseCryptLib.h | 93 +++++++++++++++++++++- > > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c | 77 +++++++++++++++--- > > .../Library/BaseCryptLib/Hmac/CryptHmacMd5Null.c | 40 +++++++++- > > .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c | 75 +++++++++++++++-- > > .../Library/BaseCryptLib/Hmac/CryptHmacSha1Null.c | 40 +++++++++- > > .../Library/BaseCryptLib/Hmac/CryptHmacSha256.c | 75 +++++++++++++++-- > > .../BaseCryptLib/Hmac/CryptHmacSha256Null.c | 40 +++++++++- > > 7 files changed, 411 insertions(+), 29 deletions(-) > > I think the code modified in this patch is exercised as part of Secure > Boot image verification (SHA1, SHA256), so: > Actually, Secure Boot has nothing to do with HMAC, and the current HMAC user is only CryptoPkg/Application/Cryptest/HmacVerify.c The hash functions come from CryptoPkg/Library/BaseCryptLib/Hash/. Gary Lin > Tested-by: Laszlo Ersek > > (Tested as described in > .) > > Thanks! > Laszlo >