From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web11.26576.1661220078718360193 for ; Mon, 22 Aug 2022 19:01:19 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=CclSuXm9; spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1661220078; x=1692756078; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=sDDhihtzBvPIqKmEzFGxb0XBbEGNsDME5YVH9xKFJ7U=; b=CclSuXm9qSX1+OgkVWnt/Rr/hbxiqPAYsqmJ2Gxam8YS9PVUhkAAktfe 92K+xVSaxgHA8o8ruXlQDdxtmWTS8cIMc0U5ya/f58JR9zWSCP8ZToQcO AspjKutRClkoUaCnytRh8rd9H2Fa1As16RTrN1vx2CityjzsP5ypWgk7s owwKlKjnN847573aONII6QKgthMdIp+E6nTjigcz+xogyyo8y88KHGWqV NAVgpA4UmLca9SRCfId0nxb5Y6AMxZ1dGyeN9Lr0k10gNJSwTGtrFF5ta QNNsOnTfIz1N5rRG+peQqn75RFyidnS87K9XQnnC3wBLcp2gdust4Z7VE Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10447"; a="294356954" X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="294356954" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Aug 2022 19:00:53 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.93,256,1654585200"; d="scan'208";a="751511434" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by fmsmga001.fm.intel.com with ESMTP; 22 Aug 2022 19:00:52 -0700 Received: from fmsmsx601.amr.corp.intel.com (10.18.126.81) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31; Mon, 22 Aug 2022 19:00:52 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.31 via Frontend Transport; Mon, 22 Aug 2022 19:00:52 -0700 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.168) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2375.31; Mon, 22 Aug 2022 19:00:49 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QA0w912gTIVkxW3+dMOmjKsORJh7NH3WAsF2PchAvU16+N1AKol/uHlLWVuJ93pR/8SFRQ70GOD8FjwEZAWncGbOSg6lBl11Nz/2qS8KTujcDdGPzR46hF8SllEyG1g9Rbs0YDxSHoJvKvNqkd95ifOwkmC1mhSmsPHqRzSXIpQ5A1Q88mqlnr85Gi/rlxmhtaGuCYmlK8FwuirAD8ZYpoW2B2JyiB3QtbxKE3eCACO4/rTB1CkJXtUizEinJOvjBFNMq013jYUUyOUGzAvIN2svFR8UrTfWDiCndDMLndcsEAx2JGsMc3zNRQE67fFYuZqdVWLojo84uqB9Cei2fA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vnuoduleLBJRYGeasIk/VU2FXXLQM+U/SAjZMFm7YSc=; b=J260+QczVWtNvNnUXJzLbNsfCq49yX/IqYhu6hUF26Gkl5gt0OY6hWpJC77C5fjaDCt7D5S+UNQk95a/pczFnp9NeQbR/OYBynhdtYA0g9EIFOL5Q9NeR6DnCCP9nPogv0yWKTnSXaUsDCAhbRY8no2t/S+0eHQQe3u9wKX0N3/ROUuSAMt8QMvu0D5G5Ym0OVuOHZ0a0ryTdjdzaubmqUpZ33XOqNkjmAtpZ5wyhC5jmCjKHzXRXUmPIDgWZBVlC/M3quiUR25Bdsop5haPGh2sXn2/2JwRGyMvtgecFK4ejzK1P6QkK4ZR9y/zAOKQbor6xDRKx2piAHWobMZBzA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from MW4PR11MB5872.namprd11.prod.outlook.com (2603:10b6:303:169::14) by SJ0PR11MB4895.namprd11.prod.outlook.com (2603:10b6:a03:2de::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5546.18; Tue, 23 Aug 2022 02:00:40 +0000 Received: from MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::fd1b:7b1e:ffad:2f96]) by MW4PR11MB5872.namprd11.prod.outlook.com ([fe80::fd1b:7b1e:ffad:2f96%6]) with mapi id 15.20.5546.018; Tue, 23 Aug 2022 02:00:40 +0000 From: "Yao, Jiewen" To: "Zhang, Qi1" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Lu, Xiaoyu1" , "Jiang, Guomin" Subject: Re: [PATCH] CryptoPkg: Add HMAC-SHA384 cipher support. Thread-Topic: [PATCH] CryptoPkg: Add HMAC-SHA384 cipher support. Thread-Index: AQHYtiGWe/ZK9vrQ20e5osmD3dlM6K27u1Ng Date: Tue, 23 Aug 2022 02:00:40 +0000 Message-ID: References: <20220822121958.6137-1-qi1.zhang@intel.com> In-Reply-To: <20220822121958.6137-1-qi1.zhang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.6.500.17 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: ba4d52a0-175e-4642-3ec8-08da84ab47ba x-ms-traffictypediagnostic: SJ0PR11MB4895:EE_ x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 7l/8+JYKQ0qihQe1K2S/m2OmwEspFEbXMAyF1k2yFzWnqRqNs4W2TiSyzLl2FvjKnq+6fn9NY2TOb2fW0pGLpkfu5I4N5hS4XbTNkVhwHp2rTjDFLX97QbwjhDr61glGIPzQwA6dJ+yVn78gBbqs190m0vAYD95UkDlKols3RrNrz2Jziri5/1cEL5Kw5TtuD4KPzfktXQ2SzPYH/YnH0uaycSYOIUYe2rZVAPgbexm1yatWNiM07CKdG2YbtOP3HilJI2nPCep6gvgPpV8sjf8KMf8fIu9tA+TTj7RdUUQhf5X3RHyBYllXKeIAxXosl0QAla/TDyOP5lsttzOOzwH9MisyOzJVEJJD1MlKTRq7W9Ls6tCzNl2afRlEKlAKcHTxhEaZs7PW1BeuTMPTZZ3DAX1YgY+CGxPxjOrxr4vw05NCRWRa0mlc6kgJ3nkWy+qf5zKIhPW1B6sS9moZ/hSNQdMKgEEyPPcSz+mEPtOLMGTlQK3XyDAlfy9I8fl/fILTrp36g/5/AFDVXQBh8V7CR3pnafP+ZquNcB7yrPfId7JeyTkQkRpbLEppCwAjOd+xMrIEP/uay6wCim+aZmTSI4YO66AISAW2CYTHhwozv6/yZfQcLpV+06dqyzw3RdGE2u5cqki2x2CYP1MEx7DIr14TCQgOtyUi8HeR8ANY5a8x/RTAQAEJJoGdKw7dJA0dJuudMwOF+O7Xm1jl6x8pgNPy62nrOum336dyxB3dCEHyZ2Y9PEXKsNkI2SZFyTYPfD7yJB/Vtg3nv1TXbOIebllOXk8bsc5TAOAG/oc= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW4PR11MB5872.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230016)(136003)(346002)(376002)(39860400002)(396003)(366004)(66946007)(64756008)(8676002)(66446008)(4326008)(66556008)(76116006)(54906003)(110136005)(38070700005)(66476007)(122000001)(82960400001)(38100700002)(33656002)(86362001)(186003)(9686003)(26005)(966005)(7696005)(6506007)(41300700001)(478600001)(71200400001)(52536014)(55016003)(316002)(19627235002)(5660300002)(107886003)(2906002)(53546011)(83380400001)(8936002)(30864003)(559001)(579004);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?r0Alnk0uat+SHN5qCHVz4KOz8a8M4JMV1gAQPnLoSnFTZOizRrRtkEsC+IJG?= =?us-ascii?Q?tInkf1oaFeK8opn3aQd3beWltxfAsLnaiGReM2nvlezsGitiH+QTE1Q7SvD9?= =?us-ascii?Q?DLnqwCXxSgQAQSy3IHEGp9aWex7DY8IFQ0c74ucRcw/Gnhs+Df/EoJKOU/+p?= =?us-ascii?Q?fwDmkEnNumTb8YmsHrPA1b1Tt1avOd7kbmk2fOBLS1Ubin0rxqEX5KiDwI8t?= =?us-ascii?Q?mmh+8CAeoi8dJJOw8VSdwiIKqiQHWAQmmLKeqdkzp8FR0Au/8VKkfLitX6Gu?= =?us-ascii?Q?RNbmsdjHDm2LIyJJpOhOyzo4Ecyyd5YpeMgvEs4rXJ5/eAwzO7YzT0BiqkmM?= =?us-ascii?Q?1Zs7myq/dFyd7FBIE2zaMmQByh79/W2l2Ghh1K1/w86Lqb42OXUIdeXtifM2?= =?us-ascii?Q?fFybt/IlFDyfXaXgjplIAoMM2aJqqPdCap5WT6U53L1yb701RIjGRD9/yt2w?= =?us-ascii?Q?hmHZX8YR88Qi84s1nnTG2FIZVOA12hVSk1uNz+i8nP8cGEhZTXAIw1Vm6vkb?= =?us-ascii?Q?6ZQLF6/Waak+ooeiFf8J5b26exLrst0FuQi1+iLQUPXGV+6mfjAY7gJK7U9X?= =?us-ascii?Q?44jyRJclVmW6//J+3t2BtPHHCxXr/VgEgP/MqUYcMbOZe52IYn0CDGYSruh7?= =?us-ascii?Q?deBmN5R/Z6pInnTia1hzn9CVy85ww0nWNwKAhxCLdku/5p2MFKykvcWDPR1Z?= =?us-ascii?Q?oSpECJsI5NdV8AmWth/6AEds2Kw/UWWLNyyCKyyoFYmKqTkDv5ThIboBxh4Z?= =?us-ascii?Q?rBe6vvYkEpoc9ODM4yBzW2s+j/JJx6GVsJ3V6GUgP8/Z5pEieW67VbjH6jpF?= =?us-ascii?Q?UmF0eN+Lx7KUNqfsfs1gK0L3usF9T+3qRMlqMzOXzlwM1fSgln8G+TXZhVX6?= =?us-ascii?Q?yxfSc8doxbtpMAPSDpqKisPoaDRgy704jSKeA6nvC9GMAaZ65ouWCtI0sFlR?= =?us-ascii?Q?z5XiM4izwBEkll7qxgusZTRgmy6Dhq1YLOX/fjsW9ZdPyMiedITfVlLXkfqF?= =?us-ascii?Q?QZjl+IWGvGgDenHtC35kxHl5oJNQ8Y9zzQvZgRxzc70R2RL+HknWGfBBobvg?= =?us-ascii?Q?fZEmygOhlrzGrlqHbAAuf1yw0Dy/o0V/XrKL9a136AUH6cUdSjBLFiPJECuq?= =?us-ascii?Q?NAvHoxrzf103yVykWDjcmjOdpl0DFrLACJ0Ete904wKN9mYCBgwuEKDpkNmb?= =?us-ascii?Q?8VReeoke2pfTRFtybD8bJz+zm/XOzBKc5Gk9Hx8H42Ekqfwxnzn7oJTF090l?= =?us-ascii?Q?LsOcv4WlyFqLA2i7RDKliat5RS/H1Ywq8oGh7kICXvxPCt2+unXdNqoejALT?= =?us-ascii?Q?yKycaolnsqt+Y1L/2CA1JepDSAQP6VNUC0dfMCL0V+T+LjkPEuUlYQO1MxlF?= =?us-ascii?Q?ssyfB0r1Y5myIOFXR4OHOmeN0DxlidnNGQguY1Y1zcQGwJMT1kaTNS3WI32f?= =?us-ascii?Q?0aDEkZ1q+0Lu6w5aAoQTmgb0ql+iSDQK5+w9lw1PL9FXQN2mHWdcGsMgLnzL?= =?us-ascii?Q?2NO71bBq+uaKeZkfriV30dJ8Ha3Xg/plJ8Uv5RAA/pxoEo/Y+zhQpQE9LNUB?= =?us-ascii?Q?HfUsQmY3lL0eW8JhmndWLNrldun1l8Gvcx+k3azq?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4PR11MB5872.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: ba4d52a0-175e-4642-3ec8-08da84ab47ba X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Aug 2022 02:00:40.3539 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 36GIRnNfHRx8poebDjTN0awmI4WLO2n8lbDa7ennZPvP1BPhHPDhkNlq0lS8lIQDw4vzHJmzytrZBrsxourdGQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR11MB4895 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Would you please provide more information such as: 1) What test you have done 2) What is the size difference Thank you Yao Jiewen > -----Original Message----- > From: Zhang, Qi1 > Sent: Monday, August 22, 2022 8:20 PM > To: devel@edk2.groups.io > Cc: Zhang, Qi1 ; Yao, Jiewen ; > Wang, Jian J ; Lu, Xiaoyu1 ; > Jiang, Guomin > Subject: [PATCH] CryptoPkg: Add HMAC-SHA384 cipher support. >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4025 >=20 > Signed-off-by: Qi Zhang > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Xiaoyu Lu > Cc: Guomin Jiang > --- > CryptoPkg/Driver/Crypto.c | 221 ++++++ > CryptoPkg/Include/Library/BaseCryptLib.h | 188 ++++++ > .../Pcd/PcdCryptoServiceFamilyEnable.h | 13 + > .../Library/BaseCryptLib/BaseCryptLib.inf | 2 +- > .../Library/BaseCryptLib/Hmac/CryptHmac.c | 629 ++++++++++++++++++ > .../Library/BaseCryptLib/Hmac/CryptHmacNull.c | 359 ++++++++++ > .../BaseCryptLib/Hmac/CryptHmacSha256.c | 217 ------ > .../BaseCryptLib/Hmac/CryptHmacSha256Null.c | 139 ---- > .../Library/BaseCryptLib/PeiCryptLib.inf | 2 +- > .../Library/BaseCryptLib/RuntimeCryptLib.inf | 2 +- > .../Library/BaseCryptLib/SecCryptLib.inf | 2 +- > .../Library/BaseCryptLib/SmmCryptLib.inf | 2 +- > .../BaseCryptLib/UnitTestHostBaseCryptLib.inf | 2 +- > .../BaseCryptLibNull/BaseCryptLibNull.inf | 2 +- > .../BaseCryptLibNull/Hmac/CryptHmacNull.c | 359 ++++++++++ > .../Hmac/CryptHmacSha256Null.c | 139 ---- > .../BaseCryptLibOnProtocolPpi/CryptLib.c | 212 ++++++ > CryptoPkg/Private/Protocol/Crypto.h | 197 ++++++ > .../UnitTest/Library/BaseCryptLib/HmacTests.c | 19 + > 19 files changed, 2204 insertions(+), 502 deletions(-) > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c > create mode 100644 CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c > delete mode 100644 > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c > delete mode 100644 > CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c > create mode 100644 > CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c > delete mode 100644 > CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c >=20 > diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c > index 76cb9f4da0..cdbba2b811 100644 > --- a/CryptoPkg/Driver/Crypto.c > +++ b/CryptoPkg/Driver/Crypto.c > @@ -1847,6 +1847,218 @@ CryptoServiceHmacSha256Final ( > return CALL_BASECRYPTLIB (HmacSha256.Services.Final, HmacSha256Final, > (HmacSha256Context, HmacValue), FALSE); >=20 > } >=20 >=20 >=20 > +/** >=20 > + Computes the HMAC-SHA256 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA256 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA256 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CryptoServiceHmacSha256All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + return CALL_BASECRYPTLIB (HmacSha256.Services.All, HmacSha256All, (Dat= a, > DataSize, Key, KeySize, HmacValue), FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. >=20 > + >=20 > + @return Pointer to the HMAC_CTX context that has been initialized. >=20 > + If the allocations fails, HmacSha384New() returns NULL. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +EFIAPI >=20 > +CryptoServiceHmacSha384New ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + return CALL_BASECRYPTLIB (HmacSha384.Services.New, HmacSha384New, (), > NULL); >=20 > +} >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +CryptoServiceHmacSha384Free ( >=20 > + IN VOID *HmacSha384Ctx >=20 > + ) >=20 > +{ >=20 > + CALL_VOID_BASECRYPTLIB (HmacSha384.Services.Free, HmacSha384Free, > (HmacSha384Ctx)); >=20 > +} >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha384Update(). >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval TRUE The Key is set successfully. >=20 > + @retval FALSE The Key is set unsuccessfully. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CryptoServiceHmacSha384SetKey ( >=20 > + OUT VOID *HmacSha384Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ) >=20 > +{ >=20 > + return CALL_BASECRYPTLIB (HmacSha384.Services.SetKey, > HmacSha384SetKey, (HmacSha384Context, Key, KeySize), FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA384 context. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If NewHmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. >=20 > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 context copy succeeded. >=20 > + @retval FALSE HMAC-SHA384 context copy failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CryptoServiceHmacSha384Duplicate ( >=20 > + IN CONST VOID *HmacSha384Context, >=20 > + OUT VOID *NewHmacSha384Context >=20 > + ) >=20 > +{ >=20 > + return CALL_BASECRYPTLIB (HmacSha384.Services.Duplicate, > HmacSha256Duplicate, (HmacSha384Context, NewHmacSha384Context), > FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA384 context. >=20 > + >=20 > + This function performs HMAC-SHA384 digest on a data buffer of the spec= ified > size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid context is undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 data digest succeeded. >=20 > + @retval FALSE HMAC-SHA384 data digest failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CryptoServiceHmacSha384Update ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + return CALL_BASECRYPTLIB (HmacSha384.Services.Update, > HmacSha384Update, (HmacSha384Context, Data, DataSize), FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA384 digest value. >=20 > + >=20 > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into >=20 > + the specified memory. After this function has been called, the HMAC-SH= A384 > context cannot >=20 > + be used again. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If HmacValue is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CryptoServiceHmacSha384Final ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + return CALL_BASECRYPTLIB (HmacSha384.Services.Final, HmacSha384Final, > (HmacSha384Context, HmacValue), FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA384 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA384 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +CryptoServiceHmacSha384All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + return CALL_BASECRYPTLIB (HmacSha384.Services.All, HmacSha384All, (Dat= a, > DataSize, Key, KeySize, HmacValue), FALSE); >=20 > +} >=20 > + >=20 > // > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > // Symmetric Cryptography Primitive >=20 > // > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > @@ -4606,6 +4818,15 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =3D { > CryptoServiceHmacSha256Duplicate, >=20 > CryptoServiceHmacSha256Update, >=20 > CryptoServiceHmacSha256Final, >=20 > + CryptoServiceHmacSha256All, >=20 > + /// HMAC SHA384 >=20 > + CryptoServiceHmacSha384New, >=20 > + CryptoServiceHmacSha384Free, >=20 > + CryptoServiceHmacSha384SetKey, >=20 > + CryptoServiceHmacSha384Duplicate, >=20 > + CryptoServiceHmacSha384Update, >=20 > + CryptoServiceHmacSha384Final, >=20 > + CryptoServiceHmacSha384All, >=20 > /// Md4 - deprecated and unsupported >=20 > DeprecatedCryptoServiceMd4GetContextSize, >=20 > DeprecatedCryptoServiceMd4Init, >=20 > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h > b/CryptoPkg/Include/Library/BaseCryptLib.h > index 7d1499350a..3a42e3494f 100644 > --- a/CryptoPkg/Include/Library/BaseCryptLib.h > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h > @@ -1045,6 +1045,194 @@ HmacSha256Final ( > OUT UINT8 *HmacValue >=20 > ); >=20 >=20 >=20 > +/** >=20 > + Computes the HMAC-SHA256 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA256 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HashValue Pointer to a buffer that receives the HMAC-SH= A256 > digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA256 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ); >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. >=20 > + >=20 > + @return Pointer to the HMAC_CTX context that has been initialized. >=20 > + If the allocations fails, HmacSha384New() returns NULL. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +EFIAPI >=20 > +HmacSha384New ( >=20 > + VOID >=20 > + ); >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +HmacSha384Free ( >=20 > + IN VOID *HmacSha384Ctx >=20 > + ); >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha384Update(). >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval TRUE The Key is set successfully. >=20 > + @retval FALSE The Key is set unsuccessfully. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384SetKey ( >=20 > + OUT VOID *HmacSha384Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ); >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA384 context. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If NewHmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. >=20 > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 context copy succeeded. >=20 > + @retval FALSE HMAC-SHA384 context copy failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Duplicate ( >=20 > + IN CONST VOID *HmacSha384Context, >=20 > + OUT VOID *NewHmacSha384Context >=20 > + ); >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA384 context. >=20 > + >=20 > + This function performs HMAC-SHA384 digest on a data buffer of the spec= ified > size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid context is undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 data digest succeeded. >=20 > + @retval FALSE HMAC-SHA384 data digest failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Update ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ); >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA384 digest value. >=20 > + >=20 > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into >=20 > + the specified memory. After this function has been called, the HMAC-SH= A384 > context cannot >=20 > + be used again. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If HmacValue is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Final ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ); >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA384 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA384 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HashValue Pointer to a buffer that receives the HMAC-SH= A384 > digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ); >=20 > + >=20 > // > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > // Symmetric Cryptography Primitive >=20 > // > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h > b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h > index 3d53c2f105..e646d8ac05 100644 > --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h > +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h > @@ -53,9 +53,22 @@ typedef struct { > UINT8 Duplicate : 1; >=20 > UINT8 Update : 1; >=20 > UINT8 Final : 1; >=20 > + UINT8 All : 1; >=20 > } Services; >=20 > UINT32 Family; >=20 > } HmacSha256; >=20 > + union { >=20 > + struct { >=20 > + UINT8 New : 1; >=20 > + UINT8 Free : 1; >=20 > + UINT8 SetKey : 1; >=20 > + UINT8 Duplicate : 1; >=20 > + UINT8 Update : 1; >=20 > + UINT8 Final : 1; >=20 > + UINT8 All : 1; >=20 > + } Services; >=20 > + UINT32 Family; >=20 > + } HmacSha384; >=20 > union { >=20 > struct { >=20 > UINT8 GetContextSize : 1; >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > index 3d7b917103..2a9664ad3e 100644 > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > @@ -35,7 +35,7 @@ > Hash/CryptSha512.c >=20 > Hash/CryptSm3.c >=20 > Hash/CryptParallelHashNull.c >=20 > - Hmac/CryptHmacSha256.c >=20 > + Hmac/CryptHmac.c >=20 > Kdf/CryptHkdf.c >=20 > Cipher/CryptAes.c >=20 > Pk/CryptRsaBasic.c >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c > new file mode 100644 > index 0000000000..2786267a0b > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmac.c > @@ -0,0 +1,629 @@ > +/** @file >=20 > + HMAC-SHA256/SHA384 Wrapper Implementation over OpenSSL. >=20 > + >=20 > +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
>=20 > +SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#include "InternalCryptLib.h" >=20 > +#include >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD > use. >=20 > + >=20 > + @return Pointer to the HMAC_CTX context that has been initialized. >=20 > + If the allocations fails, HmacMdNew() returns NULL. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +HmacMdNew ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + // >=20 > + // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new() >=20 > + // >=20 > + return (VOID *)HMAC_CTX_new (); >=20 > +} >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + @param[in] HmacMdCtx Pointer to the HMAC_CTX context to be released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +HmacMdFree ( >=20 > + IN VOID *HmacMdCtx >=20 > + ) >=20 > +{ >=20 > + // >=20 > + // Free OpenSSL HMAC_CTX Context >=20 > + // >=20 > + HMAC_CTX_free ((HMAC_CTX *)HmacMdCtx); >=20 > +} >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacMdUpdate(). >=20 > + >=20 > + If HmacMdContext is NULL, then return FALSE. >=20 > + >=20 > + @param[in] Md Message Digest. >=20 > + @param[out] HmacMdContext Pointer to HMAC-MD context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval TRUE The Key is set successfully. >=20 > + @retval FALSE The Key is set unsuccessfully. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +HmacMdSetKey ( >=20 > + IN CONST EVP_MD *Md, >=20 > + OUT VOID *HmacMdContext, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ) >=20 > +{ >=20 > + // >=20 > + // Check input parameters. >=20 > + // >=20 > + if ((HmacMdContext =3D=3D NULL) || (KeySize > INT_MAX)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + if (HMAC_Init_ex ((HMAC_CTX *)HmacMdContext, Key, (UINT32)KeySize, Md, > NULL) !=3D 1) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + return TRUE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-MD context. >=20 > + >=20 > + If HmacMdContext is NULL, then return FALSE. >=20 > + If NewHmacMdContext is NULL, then return FALSE. >=20 > + >=20 > + @param[in] HmacMdContext Pointer to HMAC-MD context being copied. >=20 > + @param[out] NewHmacMdContext Pointer to new HMAC-MD context. >=20 > + >=20 > + @retval TRUE HMAC-MD context copy succeeded. >=20 > + @retval FALSE HMAC-MD context copy failed. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +HmacMdDuplicate ( >=20 > + IN CONST VOID *HmacMdContext, >=20 > + OUT VOID *NewHmacMdContext >=20 > + ) >=20 > +{ >=20 > + // >=20 > + // Check input parameters. >=20 > + // >=20 > + if ((HmacMdContext =3D=3D NULL) || (NewHmacMdContext =3D=3D NULL)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacMdContext, (HMAC_CTX > *)HmacMdContext) !=3D 1) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + return TRUE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-MD context. >=20 > + >=20 > + This function performs HMAC-MD digest on a data buffer of the specifie= d size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + HMAC-MD context should be initialized by HmacMdNew(), and should not b= e > finalized >=20 > + by HmacMdFinal(). Behavior with invalid context is undefined. >=20 > + >=20 > + If HmacMdContext is NULL, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacMdContext Pointer to the HMAC-MD context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE HMAC-MD data digest succeeded. >=20 > + @retval FALSE HMAC-MD data digest failed. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +HmacMdUpdate ( >=20 > + IN OUT VOID *HmacMdContext, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + // >=20 > + // Check input parameters. >=20 > + // >=20 > + if (HmacMdContext =3D=3D NULL) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + // >=20 > + // Check invalid parameters, in case that only DataLength was checked = in > OpenSSL >=20 > + // >=20 > + if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + // >=20 > + // OpenSSL HMAC-MD digest update >=20 > + // >=20 > + if (HMAC_Update ((HMAC_CTX *)HmacMdContext, Data, DataSize) !=3D 1) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + return TRUE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-MD digest value. >=20 > + >=20 > + This function completes HMAC-MD hash computation and retrieves the dig= est > value into >=20 > + the specified memory. After this function has been called, the HMAC-MD > context cannot >=20 > + be used again. >=20 > + HMAC-MD context should be initialized by HmacMdNew(), and should not b= e > finalized >=20 > + by HmacMdFinal(). Behavior with invalid HMAC-MD context is undefined. >=20 > + >=20 > + If HmacMdContext is NULL, then return FALSE. >=20 > + If HmacValue is NULL, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacMdContext Pointer to the HMAC-MD context. >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > MD digest >=20 > + value. >=20 > + >=20 > + @retval TRUE HMAC-MD digest computation succeeded. >=20 > + @retval FALSE HMAC-MD digest computation failed. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +HmacMdFinal ( >=20 > + IN OUT VOID *HmacMdContext, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + UINT32 Length; >=20 > + >=20 > + // >=20 > + // Check input parameters. >=20 > + // >=20 > + if ((HmacMdContext =3D=3D NULL) || (HmacValue =3D=3D NULL)) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + // >=20 > + // OpenSSL HMAC-MD digest finalization >=20 > + // >=20 > + if (HMAC_Final ((HMAC_CTX *)HmacMdContext, HmacValue, &Length) !=3D 1)= { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + if (HMAC_CTX_reset ((HMAC_CTX *)HmacMdContext) !=3D 1) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + return TRUE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the HMAC-MD digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-MD digest of a given data buffer, and = places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Md Message Digest. >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC-MD > digest >=20 > + value. >=20 > + >=20 > + @retval TRUE HMAC-MD digest computation succeeded. >=20 > + @retval FALSE HMAC-MD digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +HmacMdAll ( >=20 > + IN CONST EVP_MD *Md, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + UINT32 Length; >=20 > + HMAC_CTX *Ctx; >=20 > + BOOLEAN RetVal; >=20 > + >=20 > + Ctx =3D HMAC_CTX_new (); >=20 > + if (Ctx =3D=3D NULL) { >=20 > + return FALSE; >=20 > + } >=20 > + >=20 > + RetVal =3D (BOOLEAN)HMAC_CTX_reset (Ctx); >=20 > + if (!RetVal) { >=20 > + goto Done; >=20 > + } >=20 > + >=20 > + RetVal =3D (BOOLEAN)HMAC_Init_ex (Ctx, Key, (UINT32)KeySize, Md, NULL)= ; >=20 > + if (!RetVal) { >=20 > + goto Done; >=20 > + } >=20 > + >=20 > + RetVal =3D (BOOLEAN)HMAC_Update (Ctx, Data, DataSize); >=20 > + if (!RetVal) { >=20 > + goto Done; >=20 > + } >=20 > + >=20 > + RetVal =3D (BOOLEAN)HMAC_Final (Ctx, HmacValue, &Length); >=20 > + if (!RetVal) { >=20 > + goto Done; >=20 > + } >=20 > + >=20 > +Done: >=20 > + HMAC_CTX_free (Ctx); >=20 > + >=20 > + return RetVal; >=20 > +} >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA256 use. >=20 > + >=20 > + @return Pointer to the HMAC_CTX context that has been initialized. >=20 > + If the allocations fails, HmacSha256New() returns NULL. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +EFIAPI >=20 > +HmacSha256New ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + return HmacMdNew (); >=20 > +} >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +HmacSha256Free ( >=20 > + IN VOID *HmacSha256Ctx >=20 > + ) >=20 > +{ >=20 > + HmacMdFree (HmacSha256Ctx); >=20 > +} >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha256Update(). >=20 > + >=20 > + If HmacSha256Context is NULL, then return FALSE. >=20 > + >=20 > + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval TRUE The Key is set successfully. >=20 > + @retval FALSE The Key is set unsuccessfully. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256SetKey ( >=20 > + OUT VOID *HmacSha256Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ) >=20 > +{ >=20 > + return HmacMdSetKey (EVP_sha256 (), HmacSha256Context, Key, KeySize); >=20 > +} >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA256 context. >=20 > + >=20 > + If HmacSha256Context is NULL, then return FALSE. >=20 > + If NewHmacSha256Context is NULL, then return FALSE. >=20 > + >=20 > + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. >=20 > + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. >=20 > + >=20 > + @retval TRUE HMAC-SHA256 context copy succeeded. >=20 > + @retval FALSE HMAC-SHA256 context copy failed. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256Duplicate ( >=20 > + IN CONST VOID *HmacSha256Context, >=20 > + OUT VOID *NewHmacSha256Context >=20 > + ) >=20 > +{ >=20 > + return HmacMdDuplicate (HmacSha256Context, NewHmacSha256Context); >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA256 context. >=20 > + >=20 > + This function performs HMAC-SHA256 digest on a data buffer of the spec= ified > size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + HMAC-SHA256 context should be initialized by HmacSha256New(), and shou= ld > not be finalized >=20 > + by HmacSha256Final(). Behavior with invalid context is undefined. >=20 > + >=20 > + If HmacSha256Context is NULL, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE HMAC-SHA256 data digest succeeded. >=20 > + @retval FALSE HMAC-SHA256 data digest failed. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256Update ( >=20 > + IN OUT VOID *HmacSha256Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + return HmacMdUpdate (HmacSha256Context, Data, DataSize); >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA256 digest value. >=20 > + >=20 > + This function completes HMAC-SHA256 hash computation and retrieves the > digest value into >=20 > + the specified memory. After this function has been called, the HMAC-SH= A256 > context cannot >=20 > + be used again. >=20 > + HMAC-SHA256 context should be initialized by HmacSha256New(), and shou= ld > not be finalized >=20 > + by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is > undefined. >=20 > + >=20 > + If HmacSha256Context is NULL, then return FALSE. >=20 > + If HmacValue is NULL, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA256 digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA256 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA256 digest computation failed. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256Final ( >=20 > + IN OUT VOID *HmacSha256Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + return HmacMdFinal (HmacSha256Context, HmacValue); >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA256 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA256 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA256 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + return HmacMdAll (EVP_sha256 (), Data, DataSize, Key, KeySize, HmacVal= ue); >=20 > +} >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. >=20 > + >=20 > + @return Pointer to the HMAC_CTX context that has been initialized. >=20 > + If the allocations fails, HmacSha384New() returns NULL. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +EFIAPI >=20 > +HmacSha384New ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + return HmacMdNew (); >=20 > +} >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +HmacSha384Free ( >=20 > + IN VOID *HmacSha384Ctx >=20 > + ) >=20 > +{ >=20 > + HmacMdFree (HmacSha384Ctx); >=20 > +} >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha384Update(). >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval TRUE The Key is set successfully. >=20 > + @retval FALSE The Key is set unsuccessfully. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384SetKey ( >=20 > + OUT VOID *HmacSha384Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ) >=20 > +{ >=20 > + return HmacMdSetKey (EVP_sha384 (), HmacSha384Context, Key, KeySize); >=20 > +} >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA384 context. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If NewHmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. >=20 > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 context copy succeeded. >=20 > + @retval FALSE HMAC-SHA384 context copy failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Duplicate ( >=20 > + IN CONST VOID *HmacSha384Context, >=20 > + OUT VOID *NewHmacSha384Context >=20 > + ) >=20 > +{ >=20 > + return HmacMdDuplicate (HmacSha384Context, NewHmacSha384Context); >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA384 context. >=20 > + >=20 > + This function performs HMAC-SHA384 digest on a data buffer of the spec= ified > size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid context is undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 data digest succeeded. >=20 > + @retval FALSE HMAC-SHA384 data digest failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Update ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + return HmacMdUpdate (HmacSha384Context, Data, DataSize); >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA384 digest value. >=20 > + >=20 > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into >=20 > + the specified memory. After this function has been called, the HMAC-SH= A384 > context cannot >=20 > + be used again. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If HmacValue is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Final ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + return HmacMdFinal (HmacSha384Context, HmacValue); >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA384 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA384 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + return HmacMdAll (EVP_sha384 (), Data, DataSize, Key, KeySize, HmacVal= ue); >=20 > +} >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c > new file mode 100644 > index 0000000000..0a76db41ec > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacNull.c > @@ -0,0 +1,359 @@ > +/** @file >=20 > + HMAC-SHA256/SHA384 Wrapper Implementation which does not provide real > capabilities. >=20 > + >=20 > +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
>=20 > +SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#include "InternalCryptLib.h" >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA256 use. >=20 > + >=20 > + Return NULL to indicate this interface is not supported. >=20 > + >=20 > + @return NULL This interface is not supported.. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +EFIAPI >=20 > +HmacSha256New ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return NULL; >=20 > +} >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + This function will do nothing. >=20 > + >=20 > + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +HmacSha256Free ( >=20 > + IN VOID *HmacSha256Ctx >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return; >=20 > +} >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha256Update(). >=20 > + >=20 > + Return FALSE to indicate this interface is not supported. >=20 > + >=20 > + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256SetKey ( >=20 > + OUT VOID *HmacSha256Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA256 context. >=20 > + >=20 > + Return FALSE to indicate this interface is not supported. >=20 > + >=20 > + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. >=20 > + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. >=20 > + >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256Duplicate ( >=20 > + IN CONST VOID *HmacSha256Context, >=20 > + OUT VOID *NewHmacSha256Context >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA256 context. >=20 > + >=20 > + Return FALSE to indicate this interface is not supported. >=20 > + >=20 > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256Update ( >=20 > + IN OUT VOID *HmacSha256Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA256 digest value. >=20 > + >=20 > + Return FALSE to indicate this interface is not supported. >=20 > + >=20 > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA256 digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256Final ( >=20 > + IN OUT VOID *HmacSha256Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA256 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA256 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA256 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. >=20 > + >=20 > + @return Pointer to the HMAC_CTX context that has been initialized. >=20 > + If the allocations fails, HmacSha384New() returns NULL. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +EFIAPI >=20 > +HmacSha384New ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return NULL; >=20 > +} >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +HmacSha384Free ( >=20 > + IN VOID *HmacSha384Ctx >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return; >=20 > +} >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha384Update(). >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval TRUE The Key is set successfully. >=20 > + @retval FALSE The Key is set unsuccessfully. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384SetKey ( >=20 > + OUT VOID *HmacSha384Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA384 context. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If NewHmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. >=20 > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 context copy succeeded. >=20 > + @retval FALSE HMAC-SHA384 context copy failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Duplicate ( >=20 > + IN CONST VOID *HmacSha384Context, >=20 > + OUT VOID *NewHmacSha384Context >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA384 context. >=20 > + >=20 > + This function performs HMAC-SHA384 digest on a data buffer of the spec= ified > size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid context is undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 data digest succeeded. >=20 > + @retval FALSE HMAC-SHA384 data digest failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Update ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA384 digest value. >=20 > + >=20 > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into >=20 > + the specified memory. After this function has been called, the HMAC-SH= A384 > context cannot >=20 > + be used again. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If HmacValue is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Final ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA384 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA384 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c > deleted file mode 100644 > index 7e83551c1b..0000000000 > --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256.c > +++ /dev/null > @@ -1,217 +0,0 @@ > -/** @file >=20 > - HMAC-SHA256 Wrapper Implementation over OpenSSL. >=20 > - >=20 > -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
>=20 > -SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > -**/ >=20 > - >=20 > -#include "InternalCryptLib.h" >=20 > -#include >=20 > - >=20 > -/** >=20 > - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA= 256 > use. >=20 > - >=20 > - @return Pointer to the HMAC_CTX context that has been initialized. >=20 > - If the allocations fails, HmacSha256New() returns NULL. >=20 > - >=20 > -**/ >=20 > -VOID * >=20 > -EFIAPI >=20 > -HmacSha256New ( >=20 > - VOID >=20 > - ) >=20 > -{ >=20 > - // >=20 > - // Allocates & Initializes HMAC_CTX Context by OpenSSL HMAC_CTX_new() >=20 > - // >=20 > - return (VOID *)HMAC_CTX_new (); >=20 > -} >=20 > - >=20 > -/** >=20 > - Release the specified HMAC_CTX context. >=20 > - >=20 > - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. >=20 > - >=20 > -**/ >=20 > -VOID >=20 > -EFIAPI >=20 > -HmacSha256Free ( >=20 > - IN VOID *HmacSha256Ctx >=20 > - ) >=20 > -{ >=20 > - // >=20 > - // Free OpenSSL HMAC_CTX Context >=20 > - // >=20 > - HMAC_CTX_free ((HMAC_CTX *)HmacSha256Ctx); >=20 > -} >=20 > - >=20 > -/** >=20 > - Set user-supplied key for subsequent use. It must be done before any >=20 > - calling to HmacSha256Update(). >=20 > - >=20 > - If HmacSha256Context is NULL, then return FALSE. >=20 > - >=20 > - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. >=20 > - @param[in] Key Pointer to the user-supplied key. >=20 > - @param[in] KeySize Key size in bytes. >=20 > - >=20 > - @retval TRUE The Key is set successfully. >=20 > - @retval FALSE The Key is set unsuccessfully. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256SetKey ( >=20 > - OUT VOID *HmacSha256Context, >=20 > - IN CONST UINT8 *Key, >=20 > - IN UINTN KeySize >=20 > - ) >=20 > -{ >=20 > - // >=20 > - // Check input parameters. >=20 > - // >=20 > - if ((HmacSha256Context =3D=3D NULL) || (KeySize > INT_MAX)) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - if (HMAC_Init_ex ((HMAC_CTX *)HmacSha256Context, Key, (UINT32)KeySize, > EVP_sha256 (), NULL) !=3D 1) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - return TRUE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Makes a copy of an existing HMAC-SHA256 context. >=20 > - >=20 > - If HmacSha256Context is NULL, then return FALSE. >=20 > - If NewHmacSha256Context is NULL, then return FALSE. >=20 > - >=20 > - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. >=20 > - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. >=20 > - >=20 > - @retval TRUE HMAC-SHA256 context copy succeeded. >=20 > - @retval FALSE HMAC-SHA256 context copy failed. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256Duplicate ( >=20 > - IN CONST VOID *HmacSha256Context, >=20 > - OUT VOID *NewHmacSha256Context >=20 > - ) >=20 > -{ >=20 > - // >=20 > - // Check input parameters. >=20 > - // >=20 > - if ((HmacSha256Context =3D=3D NULL) || (NewHmacSha256Context =3D=3D NU= LL)) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - if (HMAC_CTX_copy ((HMAC_CTX *)NewHmacSha256Context, (HMAC_CTX > *)HmacSha256Context) !=3D 1) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - return TRUE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Digests the input data and updates HMAC-SHA256 context. >=20 > - >=20 > - This function performs HMAC-SHA256 digest on a data buffer of the spec= ified > size. >=20 > - It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > - HMAC-SHA256 context should be initialized by HmacSha256New(), and shou= ld > not be finalized >=20 > - by HmacSha256Final(). Behavior with invalid context is undefined. >=20 > - >=20 > - If HmacSha256Context is NULL, then return FALSE. >=20 > - >=20 > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. >=20 > - @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > - @param[in] DataSize Size of Data buffer in bytes. >=20 > - >=20 > - @retval TRUE HMAC-SHA256 data digest succeeded. >=20 > - @retval FALSE HMAC-SHA256 data digest failed. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256Update ( >=20 > - IN OUT VOID *HmacSha256Context, >=20 > - IN CONST VOID *Data, >=20 > - IN UINTN DataSize >=20 > - ) >=20 > -{ >=20 > - // >=20 > - // Check input parameters. >=20 > - // >=20 > - if (HmacSha256Context =3D=3D NULL) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - // >=20 > - // Check invalid parameters, in case that only DataLength was checked = in > OpenSSL >=20 > - // >=20 > - if ((Data =3D=3D NULL) && (DataSize !=3D 0)) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - // >=20 > - // OpenSSL HMAC-SHA256 digest update >=20 > - // >=20 > - if (HMAC_Update ((HMAC_CTX *)HmacSha256Context, Data, DataSize) !=3D 1= ) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - return TRUE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Completes computation of the HMAC-SHA256 digest value. >=20 > - >=20 > - This function completes HMAC-SHA256 hash computation and retrieves the > digest value into >=20 > - the specified memory. After this function has been called, the HMAC-SH= A256 > context cannot >=20 > - be used again. >=20 > - HMAC-SHA256 context should be initialized by HmacSha256New(), and shou= ld > not be finalized >=20 > - by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is > undefined. >=20 > - >=20 > - If HmacSha256Context is NULL, then return FALSE. >=20 > - If HmacValue is NULL, then return FALSE. >=20 > - >=20 > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context= . >=20 > - @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA256 digest >=20 > - value (32 bytes). >=20 > - >=20 > - @retval TRUE HMAC-SHA256 digest computation succeeded. >=20 > - @retval FALSE HMAC-SHA256 digest computation failed. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256Final ( >=20 > - IN OUT VOID *HmacSha256Context, >=20 > - OUT UINT8 *HmacValue >=20 > - ) >=20 > -{ >=20 > - UINT32 Length; >=20 > - >=20 > - // >=20 > - // Check input parameters. >=20 > - // >=20 > - if ((HmacSha256Context =3D=3D NULL) || (HmacValue =3D=3D NULL)) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - // >=20 > - // OpenSSL HMAC-SHA256 digest finalization >=20 > - // >=20 > - if (HMAC_Final ((HMAC_CTX *)HmacSha256Context, HmacValue, &Length) != =3D > 1) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha256Context) !=3D 1) { >=20 > - return FALSE; >=20 > - } >=20 > - >=20 > - return TRUE; >=20 > -} >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c > b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c > deleted file mode 100644 > index 2e3cb3bdfe..0000000000 > --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha256Null.c > +++ /dev/null > @@ -1,139 +0,0 @@ > -/** @file >=20 > - HMAC-SHA256 Wrapper Implementation which does not provide real > capabilities. >=20 > - >=20 > -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
>=20 > -SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > -**/ >=20 > - >=20 > -#include "InternalCryptLib.h" >=20 > - >=20 > -/** >=20 > - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA= 256 > use. >=20 > - >=20 > - Return NULL to indicate this interface is not supported. >=20 > - >=20 > - @return NULL This interface is not supported.. >=20 > - >=20 > -**/ >=20 > -VOID * >=20 > -EFIAPI >=20 > -HmacSha256New ( >=20 > - VOID >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return NULL; >=20 > -} >=20 > - >=20 > -/** >=20 > - Release the specified HMAC_CTX context. >=20 > - >=20 > - This function will do nothing. >=20 > - >=20 > - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. >=20 > - >=20 > -**/ >=20 > -VOID >=20 > -EFIAPI >=20 > -HmacSha256Free ( >=20 > - IN VOID *HmacSha256Ctx >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return; >=20 > -} >=20 > - >=20 > -/** >=20 > - Set user-supplied key for subsequent use. It must be done before any >=20 > - calling to HmacSha256Update(). >=20 > - >=20 > - Return FALSE to indicate this interface is not supported. >=20 > - >=20 > - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. >=20 > - @param[in] Key Pointer to the user-supplied key. >=20 > - @param[in] KeySize Key size in bytes. >=20 > - >=20 > - @retval FALSE This interface is not supported. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256SetKey ( >=20 > - OUT VOID *HmacSha256Context, >=20 > - IN CONST UINT8 *Key, >=20 > - IN UINTN KeySize >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Makes a copy of an existing HMAC-SHA256 context. >=20 > - >=20 > - Return FALSE to indicate this interface is not supported. >=20 > - >=20 > - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. >=20 > - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. >=20 > - >=20 > - @retval FALSE This interface is not supported. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256Duplicate ( >=20 > - IN CONST VOID *HmacSha256Context, >=20 > - OUT VOID *NewHmacSha256Context >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Digests the input data and updates HMAC-SHA256 context. >=20 > - >=20 > - Return FALSE to indicate this interface is not supported. >=20 > - >=20 > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. >=20 > - @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > - @param[in] DataSize Size of Data buffer in bytes. >=20 > - >=20 > - @retval FALSE This interface is not supported. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256Update ( >=20 > - IN OUT VOID *HmacSha256Context, >=20 > - IN CONST VOID *Data, >=20 > - IN UINTN DataSize >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Completes computation of the HMAC-SHA256 digest value. >=20 > - >=20 > - Return FALSE to indicate this interface is not supported. >=20 > - >=20 > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context= . >=20 > - @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA256 digest >=20 > - value (32 bytes). >=20 > - >=20 > - @retval FALSE This interface is not supported. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256Final ( >=20 > - IN OUT VOID *HmacSha256Context, >=20 > - OUT UINT8 *HmacValue >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return FALSE; >=20 > -} >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > index 01de27e037..f88f8312f6 100644 > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf > @@ -41,7 +41,7 @@ > Hash/CryptSm3.c >=20 > Hash/CryptSha512.c >=20 > Hash/CryptParallelHashNull.c >=20 > - Hmac/CryptHmacSha256.c >=20 > + Hmac/CryptHmac.c >=20 > Kdf/CryptHkdf.c >=20 > Cipher/CryptAesNull.c >=20 > Pk/CryptRsaBasic.c >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > index d28fb98b66..9213952701 100644 > --- a/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf > @@ -41,7 +41,7 @@ > Hash/CryptSm3.c >=20 > Hash/CryptSha512.c >=20 > Hash/CryptParallelHashNull.c >=20 > - Hmac/CryptHmacSha256.c >=20 > + Hmac/CryptHmac.c >=20 > Kdf/CryptHkdf.c >=20 > Cipher/CryptAes.c >=20 > Pk/CryptRsaBasic.c >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > index 070b44447e..0b1dd31c41 100644 > --- a/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/SecCryptLib.inf > @@ -34,7 +34,7 @@ > Hash/CryptSha256Null.c >=20 > Hash/CryptSm3Null.c >=20 > Hash/CryptParallelHashNull.c >=20 > - Hmac/CryptHmacSha256Null.c >=20 > + Hmac/CryptHmacNull.c >=20 > Kdf/CryptHkdfNull.c >=20 > Cipher/CryptAesNull.c >=20 > Pk/CryptRsaBasicNull.c >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > index 91a1715095..ed76520fcc 100644 > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf > @@ -42,7 +42,7 @@ > Hash/CryptXkcp.c >=20 > Hash/CryptCShake256.c >=20 > Hash/CryptParallelHash.c >=20 > - Hmac/CryptHmacSha256.c >=20 > + Hmac/CryptHmac.c >=20 > Kdf/CryptHkdfNull.c >=20 > Cipher/CryptAes.c >=20 > Pk/CryptRsaBasic.c >=20 > diff --git a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf > b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf > index 11ff1c6931..63282dc5ab 100644 > --- a/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf > +++ b/CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf > @@ -28,7 +28,7 @@ > Hash/CryptSha256.c >=20 > Hash/CryptSha512.c >=20 > Hash/CryptSm3.c >=20 > - Hmac/CryptHmacSha256.c >=20 > + Hmac/CryptHmac.c >=20 > Kdf/CryptHkdf.c >=20 > Cipher/CryptAes.c >=20 > Pk/CryptRsaBasic.c >=20 > diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > index 63d1d82d19..728e0793ac 100644 > --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf > @@ -35,7 +35,7 @@ > Hash/CryptSha512Null.c >=20 > Hash/CryptSm3Null.c >=20 > Hash/CryptParallelHashNull.c >=20 > - Hmac/CryptHmacSha256Null.c >=20 > + Hmac/CryptHmacNull.c >=20 > Kdf/CryptHkdfNull.c >=20 > Cipher/CryptAesNull.c >=20 > Pk/CryptRsaBasicNull.c >=20 > diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c > b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c > new file mode 100644 > index 0000000000..0a76db41ec > --- /dev/null > +++ b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacNull.c > @@ -0,0 +1,359 @@ > +/** @file >=20 > + HMAC-SHA256/SHA384 Wrapper Implementation which does not provide real > capabilities. >=20 > + >=20 > +Copyright (c) 2016 - 2022, Intel Corporation. All rights reserved.
>=20 > +SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#include "InternalCryptLib.h" >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA256 use. >=20 > + >=20 > + Return NULL to indicate this interface is not supported. >=20 > + >=20 > + @return NULL This interface is not supported.. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +EFIAPI >=20 > +HmacSha256New ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return NULL; >=20 > +} >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + This function will do nothing. >=20 > + >=20 > + @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +HmacSha256Free ( >=20 > + IN VOID *HmacSha256Ctx >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return; >=20 > +} >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha256Update(). >=20 > + >=20 > + Return FALSE to indicate this interface is not supported. >=20 > + >=20 > + @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256SetKey ( >=20 > + OUT VOID *HmacSha256Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA256 context. >=20 > + >=20 > + Return FALSE to indicate this interface is not supported. >=20 > + >=20 > + @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. >=20 > + @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. >=20 > + >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256Duplicate ( >=20 > + IN CONST VOID *HmacSha256Context, >=20 > + OUT VOID *NewHmacSha256Context >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA256 context. >=20 > + >=20 > + Return FALSE to indicate this interface is not supported. >=20 > + >=20 > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256Update ( >=20 > + IN OUT VOID *HmacSha256Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA256 digest value. >=20 > + >=20 > + Return FALSE to indicate this interface is not supported. >=20 > + >=20 > + @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA256 digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256Final ( >=20 > + IN OUT VOID *HmacSha256Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA256 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA256 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA256 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. >=20 > + >=20 > + @return Pointer to the HMAC_CTX context that has been initialized. >=20 > + If the allocations fails, HmacSha384New() returns NULL. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +EFIAPI >=20 > +HmacSha384New ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return NULL; >=20 > +} >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +HmacSha384Free ( >=20 > + IN VOID *HmacSha384Ctx >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return; >=20 > +} >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha384Update(). >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval TRUE The Key is set successfully. >=20 > + @retval FALSE The Key is set unsuccessfully. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384SetKey ( >=20 > + OUT VOID *HmacSha384Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA384 context. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If NewHmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. >=20 > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 context copy succeeded. >=20 > + @retval FALSE HMAC-SHA384 context copy failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Duplicate ( >=20 > + IN CONST VOID *HmacSha384Context, >=20 > + OUT VOID *NewHmacSha384Context >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA384 context. >=20 > + >=20 > + This function performs HMAC-SHA384 digest on a data buffer of the spec= ified > size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid context is undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 data digest succeeded. >=20 > + @retval FALSE HMAC-SHA384 data digest failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Update ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA384 digest value. >=20 > + >=20 > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into >=20 > + the specified memory. After this function has been called, the HMAC-SH= A384 > context cannot >=20 > + be used again. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If HmacValue is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Final ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA384 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA384 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + ASSERT (FALSE); >=20 > + return FALSE; >=20 > +} >=20 > diff --git a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.= c > b/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c > deleted file mode 100644 > index 2e3cb3bdfe..0000000000 > --- a/CryptoPkg/Library/BaseCryptLibNull/Hmac/CryptHmacSha256Null.c > +++ /dev/null > @@ -1,139 +0,0 @@ > -/** @file >=20 > - HMAC-SHA256 Wrapper Implementation which does not provide real > capabilities. >=20 > - >=20 > -Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.
>=20 > -SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > -**/ >=20 > - >=20 > -#include "InternalCryptLib.h" >=20 > - >=20 > -/** >=20 > - Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA= 256 > use. >=20 > - >=20 > - Return NULL to indicate this interface is not supported. >=20 > - >=20 > - @return NULL This interface is not supported.. >=20 > - >=20 > -**/ >=20 > -VOID * >=20 > -EFIAPI >=20 > -HmacSha256New ( >=20 > - VOID >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return NULL; >=20 > -} >=20 > - >=20 > -/** >=20 > - Release the specified HMAC_CTX context. >=20 > - >=20 > - This function will do nothing. >=20 > - >=20 > - @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be > released. >=20 > - >=20 > -**/ >=20 > -VOID >=20 > -EFIAPI >=20 > -HmacSha256Free ( >=20 > - IN VOID *HmacSha256Ctx >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return; >=20 > -} >=20 > - >=20 > -/** >=20 > - Set user-supplied key for subsequent use. It must be done before any >=20 > - calling to HmacSha256Update(). >=20 > - >=20 > - Return FALSE to indicate this interface is not supported. >=20 > - >=20 > - @param[out] HmacSha256Context Pointer to HMAC-SHA256 context. >=20 > - @param[in] Key Pointer to the user-supplied key. >=20 > - @param[in] KeySize Key size in bytes. >=20 > - >=20 > - @retval FALSE This interface is not supported. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256SetKey ( >=20 > - OUT VOID *HmacSha256Context, >=20 > - IN CONST UINT8 *Key, >=20 > - IN UINTN KeySize >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Makes a copy of an existing HMAC-SHA256 context. >=20 > - >=20 > - Return FALSE to indicate this interface is not supported. >=20 > - >=20 > - @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being > copied. >=20 > - @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 > context. >=20 > - >=20 > - @retval FALSE This interface is not supported. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256Duplicate ( >=20 > - IN CONST VOID *HmacSha256Context, >=20 > - OUT VOID *NewHmacSha256Context >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Digests the input data and updates HMAC-SHA256 context. >=20 > - >=20 > - Return FALSE to indicate this interface is not supported. >=20 > - >=20 > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. >=20 > - @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > - @param[in] DataSize Size of Data buffer in bytes. >=20 > - >=20 > - @retval FALSE This interface is not supported. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256Update ( >=20 > - IN OUT VOID *HmacSha256Context, >=20 > - IN CONST VOID *Data, >=20 > - IN UINTN DataSize >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Completes computation of the HMAC-SHA256 digest value. >=20 > - >=20 > - Return FALSE to indicate this interface is not supported. >=20 > - >=20 > - @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context= . >=20 > - @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA256 digest >=20 > - value (32 bytes). >=20 > - >=20 > - @retval FALSE This interface is not supported. >=20 > - >=20 > -**/ >=20 > -BOOLEAN >=20 > -EFIAPI >=20 > -HmacSha256Final ( >=20 > - IN OUT VOID *HmacSha256Context, >=20 > - OUT UINT8 *HmacValue >=20 > - ) >=20 > -{ >=20 > - ASSERT (FALSE); >=20 > - return FALSE; >=20 > -} >=20 > diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > index 8ee1b53cf9..0218e9b594 100644 > --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c > @@ -1201,6 +1201,218 @@ HmacSha256Final ( > CALL_CRYPTO_SERVICE (HmacSha256Final, (HmacSha256Context, HmacValue), > FALSE); >=20 > } >=20 >=20 >=20 > +/** >=20 > + Computes the HMAC-SHA256 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA256 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA256 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha256All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + CALL_CRYPTO_SERVICE (HmacSha256All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. >=20 > + >=20 > + @return Pointer to the HMAC_CTX context that has been initialized. >=20 > + If the allocations fails, HmacSha384New() returns NULL. >=20 > + >=20 > +**/ >=20 > +VOID * >=20 > +EFIAPI >=20 > +HmacSha384New ( >=20 > + VOID >=20 > + ) >=20 > +{ >=20 > + CALL_CRYPTO_SERVICE (HmacSha384New, (), NULL); >=20 > +} >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +VOID >=20 > +EFIAPI >=20 > +HmacSha384Free ( >=20 > + IN VOID *HmacSha384Ctx >=20 > + ) >=20 > +{ >=20 > + CALL_VOID_CRYPTO_SERVICE (HmacSha384Free, (HmacSha384Ctx)); >=20 > +} >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha384Update(). >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval TRUE The Key is set successfully. >=20 > + @retval FALSE The Key is set unsuccessfully. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384SetKey ( >=20 > + OUT VOID *HmacSha384Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ) >=20 > +{ >=20 > + CALL_CRYPTO_SERVICE (HmacSha384SetKey, (HmacSha384Context, Key, > KeySize), FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA384 context. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If NewHmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. >=20 > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 context copy succeeded. >=20 > + @retval FALSE HMAC-SHA384 context copy failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Duplicate ( >=20 > + IN CONST VOID *HmacSha384Context, >=20 > + OUT VOID *NewHmacSha384Context >=20 > + ) >=20 > +{ >=20 > + CALL_CRYPTO_SERVICE (HmacSha384Duplicate, (HmacSha384Context, > NewHmacSha384Context), FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA384 context. >=20 > + >=20 > + This function performs HMAC-SHA384 digest on a data buffer of the spec= ified > size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid context is undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 data digest succeeded. >=20 > + @retval FALSE HMAC-SHA384 data digest failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Update ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ) >=20 > +{ >=20 > + CALL_CRYPTO_SERVICE (HmacSha384Update, (HmacSha384Context, Data, > DataSize), FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA384 digest value. >=20 > + >=20 > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into >=20 > + the specified memory. After this function has been called, the HMAC-SH= A384 > context cannot >=20 > + be used again. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If HmacValue is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384Final ( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + CALL_CRYPTO_SERVICE (HmacSha384Final, (HmacSha384Context, > HmacValue), FALSE); >=20 > +} >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA384 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA384 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +BOOLEAN >=20 > +EFIAPI >=20 > +HmacSha384All ( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ) >=20 > +{ >=20 > + CALL_CRYPTO_SERVICE (HmacSha384All, (Data, DataSize, Key, KeySize, > HmacValue), FALSE); >=20 > +} >=20 > + >=20 > // > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > // Symmetric Cryptography Primitive >=20 > // > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > diff --git a/CryptoPkg/Private/Protocol/Crypto.h > b/CryptoPkg/Private/Protocol/Crypto.h > index c417568e96..6c14cdedca 100644 > --- a/CryptoPkg/Private/Protocol/Crypto.h > +++ b/CryptoPkg/Private/Protocol/Crypto.h > @@ -266,6 +266,194 @@ BOOLEAN > OUT UINT8 *HmacValue >=20 > ); >=20 >=20 >=20 > +/** >=20 > + Computes the HMAC-SHA256 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA256 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA256 digest >=20 > + value (32 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA256 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA256 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +typedef >=20 > +BOOLEAN >=20 > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_ALL)( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ); >=20 > + >=20 > +/** >=20 > + Allocates and initializes one HMAC_CTX context for subsequent HMAC- > SHA384 use. >=20 > + >=20 > + @return Pointer to the HMAC_CTX context that has been initialized. >=20 > + If the allocations fails, HmacSha384New() returns NULL. >=20 > + >=20 > +**/ >=20 > +typedef >=20 > +VOID * >=20 > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_NEW)( >=20 > + VOID >=20 > + ); >=20 > + >=20 > +/** >=20 > + Release the specified HMAC_CTX context. >=20 > + >=20 > + @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be > released. >=20 > + >=20 > +**/ >=20 > +typedef >=20 > +VOID >=20 > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FREE)( >=20 > + IN VOID *HmacSha384Ctx >=20 > + ); >=20 > + >=20 > +/** >=20 > + Set user-supplied key for subsequent use. It must be done before any >=20 > + calling to HmacSha384Update(). >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[out] HmacSha384Context Pointer to HMAC-SHA384 context. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + >=20 > + @retval TRUE The Key is set successfully. >=20 > + @retval FALSE The Key is set unsuccessfully. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +typedef >=20 > +BOOLEAN >=20 > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_SET_KEY)( >=20 > + OUT VOID *HmacSha384Context, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize >=20 > + ); >=20 > + >=20 > +/** >=20 > + Makes a copy of an existing HMAC-SHA384 context. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If NewHmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] HmacSha384Context Pointer to HMAC-SHA384 context being > copied. >=20 > + @param[out] NewHmacSha384Context Pointer to new HMAC-SHA384 > context. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 context copy succeeded. >=20 > + @retval FALSE HMAC-SHA384 context copy failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +typedef >=20 > +BOOLEAN >=20 > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_DUPLICATE)( >=20 > + IN CONST VOID *HmacSha384Context, >=20 > + OUT VOID *NewHmacSha384Context >=20 > + ); >=20 > + >=20 > +/** >=20 > + Digests the input data and updates HMAC-SHA384 context. >=20 > + >=20 > + This function performs HMAC-SHA384 digest on a data buffer of the spec= ified > size. >=20 > + It can be called multiple times to compute the digest of long or disco= ntinuous > data streams. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid context is undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context. >=20 > + @param[in] Data Pointer to the buffer containing th= e data to be > digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + >=20 > + @retval TRUE HMAC-SHA384 data digest succeeded. >=20 > + @retval FALSE HMAC-SHA384 data digest failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +typedef >=20 > +BOOLEAN >=20 > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_UPDATE)( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize >=20 > + ); >=20 > + >=20 > +/** >=20 > + Completes computation of the HMAC-SHA384 digest value. >=20 > + >=20 > + This function completes HMAC-SHA384 hash computation and retrieves the > digest value into >=20 > + the specified memory. After this function has been called, the HMAC-SH= A384 > context cannot >=20 > + be used again. >=20 > + HMAC-SHA384 context should be initialized by HmacSha384New(), and shou= ld > not be finalized >=20 > + by HmacSha384Final(). Behavior with invalid HMAC-SHA384 context is > undefined. >=20 > + >=20 > + If HmacSha384Context is NULL, then return FALSE. >=20 > + If HmacValue is NULL, then return FALSE. >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in, out] HmacSha384Context Pointer to the HMAC-SHA384 context= . >=20 > + @param[out] HmacValue Pointer to a buffer that receives = the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +typedef >=20 > +BOOLEAN >=20 > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FINAL)( >=20 > + IN OUT VOID *HmacSha384Context, >=20 > + OUT UINT8 *HmacValue >=20 > + ); >=20 > + >=20 > +/** >=20 > + Computes the HMAC-SHA384 digest of a input data buffer. >=20 > + >=20 > + This function performs the HMAC-SHA384 digest of a given data buffer, = and > places >=20 > + the digest value into the specified memory. >=20 > + >=20 > + If this interface is not supported, then return FALSE. >=20 > + >=20 > + @param[in] Data Pointer to the buffer containing the data to = be digested. >=20 > + @param[in] DataSize Size of Data buffer in bytes. >=20 > + @param[in] Key Pointer to the user-supplied key. >=20 > + @param[in] KeySize Key size in bytes. >=20 > + @param[out] HmacValue Pointer to a buffer that receives the HMAC- > SHA384 digest >=20 > + value (48 bytes). >=20 > + >=20 > + @retval TRUE HMAC-SHA384 digest computation succeeded. >=20 > + @retval FALSE HMAC-SHA384 digest computation failed. >=20 > + @retval FALSE This interface is not supported. >=20 > + >=20 > +**/ >=20 > +typedef >=20 > +BOOLEAN >=20 > +(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_ALL)( >=20 > + IN CONST VOID *Data, >=20 > + IN UINTN DataSize, >=20 > + IN CONST UINT8 *Key, >=20 > + IN UINTN KeySize, >=20 > + OUT UINT8 *HmacValue >=20 > + ); >=20 > + >=20 > // > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > // One-Way Cryptographic Hash Primitives >=20 > // > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > @@ -3513,6 +3701,15 @@ struct _EDKII_CRYPTO_PROTOCOL { > EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate= ; >=20 > EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update; >=20 > EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final; >=20 > + EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All; >=20 > + /// HMAC SHA384 >=20 > + EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New; >=20 > + EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free; >=20 > + EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey; >=20 > + EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate= ; >=20 > + EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update; >=20 > + EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final; >=20 > + EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All; >=20 > /// Md4 - deprecated and unsupported >=20 > DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE > DeprecatedMd4GetContextSize; >=20 > DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init; >=20 > diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c > b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c > index 595729424b..9c5b39410d 100644 > --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c > +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/HmacTests.c > @@ -64,6 +64,23 @@ GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 > HmacSha256Digest[] =3D { > 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c= , 0x2e, > 0x32, 0xcf, 0xf7 >=20 > }; >=20 >=20 >=20 > +// >=20 > +// Key value for HMAC-SHA-384 validation. (From "4. Test Vectors" of IET= F > RFC4231) >=20 > +// >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha384Key[20] =3D { >=20 > + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b= , 0x0b, > 0x0b, 0x0b, 0x0b, >=20 > + 0x0b, 0x0b, 0x0b, 0x0b >=20 > +}; >=20 > + >=20 > +// >=20 > +// Result for HMAC-SHA-384 ("Hi There"). (From "4. Test Vectors" of IETF > RFC4231) >=20 > +// >=20 > +GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 HmacSha384Digest[] =3D { >=20 > + 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, 0x6b, 0x08, 0x25, 0xf4= , 0xab, > 0x46, 0x90, 0x7f, >=20 > + 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, 0x82, 0xaa, 0x03, 0x4c= , 0x7c, > 0xeb, 0xc5, 0x9c, >=20 > + 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f, 0x4a, 0xf1, 0x52, 0xe8= , 0xb2, > 0xfa, 0x9c, 0xb6 >=20 > +}; >=20 > + >=20 > typedef >=20 > VOID * >=20 > (EFIAPI *EFI_HMAC_NEW)( >=20 > @@ -109,6 +126,7 @@ typedef struct { > // HMAC_TEST_CONTEXT mHmacMd5TestCtx =3D {MD5_DIGEST_SIZE, > HmacMd5New, HmacMd5SetKey, HmacMd5Update, HmacMd5Final, > HmacMd5Key, sizeof(HmacMd5Key), HmacMd5Digest}; >=20 > // HMAC_TEST_CONTEXT mHmacSha1TestCtx =3D {SHA1_DIGEST_SIZE, > HmacSha1New, HmacSha1SetKey, HmacSha1Update, HmacSha1Final, > HmacSha1Key, sizeof(HmacSha1Key), HmacSha1Digest}; >=20 > HMAC_TEST_CONTEXT mHmacSha256TestCtx =3D { SHA256_DIGEST_SIZE, > HmacSha256New, HmacSha256SetKey, HmacSha256Update, HmacSha256Final, > HmacSha256Key, sizeof (HmacSha256Key), HmacSha256Digest }; >=20 > +HMAC_TEST_CONTEXT mHmacSha384TestCtx =3D { SHA384_DIGEST_SIZE, > HmacSha384New, HmacSha384SetKey, HmacSha384Update, HmacSha384Final, > HmacSha384Key, sizeof (HmacSha384Key), HmacSha384Digest }; >=20 >=20 >=20 > UNIT_TEST_STATUS >=20 > EFIAPI >=20 > @@ -174,6 +192,7 @@ TEST_DESC mHmacTest[] =3D { > // -----Description---------------------Class---------------------Func= tion--------------- > Pre------------------Post------------Context >=20 > // >=20 > { "TestVerifyHmacSha256()", "CryptoPkg.BaseCryptLib.Hmac", TestVerifyH= mac, > TestVerifyHmacPreReq, TestVerifyHmacCleanUp, &mHmacSha256TestCtx }, >=20 > + { "TestVerifyHmacSha384()", "CryptoPkg.BaseCryptLib.Hmac", > TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, > &mHmacSha384TestCtx }, >=20 > // These functions have been deprecated but they've been left commente= d out > for future reference >=20 > // {"TestVerifyHmacMd5()", "CryptoPkg.BaseCryptLib.Hmac", > TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, > &mHmacMd5TestCtx}, >=20 > // {"TestVerifyHmacSha1()", "CryptoPkg.BaseCryptLib.Hmac", > TestVerifyHmac, TestVerifyHmacPreReq, TestVerifyHmacCleanUp, > &mHmacSha1TestCtx}, >=20 > -- > 2.26.2.windows.1