1 /** @file 2 HMAC-SHA256 Wrapper Implementation over OpenSSL. 3 4 Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> 5 This program and the accompanying materials 6 are licensed and made available under the terms and conditions of the BSD License 7 which accompanies this distribution. The full text of the license may be found at 8 http://opensource.org/licenses/bsd-license.php 9 10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 12 13 **/ 14 15 #include "InternalCryptLib.h" 16 #include <openssl/hmac.h> 17 18 /** 19 Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations. 20 21 @return The size, in bytes, of the context buffer required for HMAC-SHA256 operations. 22 23 **/ 24 UINTN 25 EFIAPI 26 HmacSha256GetContextSize ( 27 VOID 28 ) 29 { 30 // 31 // Retrieves the OpenSSL HMAC-SHA256 Context Size 32 // 33 return (UINTN) (sizeof (HMAC_CTX)); 34 } 35 36 /** 37 Initializes user-supplied memory pointed by HmacSha256Context as HMAC-SHA256 context for 38 subsequent use. 39 40 If HmacSha256Context is NULL, then return FALSE. 41 42 @param[out] HmacSha256Context Pointer to HMAC-SHA256 context being initialized. 43 @param[in] Key Pointer to the user-supplied key. 44 @param[in] KeySize Key size in bytes. 45 46 @retval TRUE HMAC-SHA256 context initialization succeeded. 47 @retval FALSE HMAC-SHA256 context initialization failed. 48 49 **/ 50 BOOLEAN 51 EFIAPI 52 HmacSha256Init ( 53 OUT VOID *HmacSha256Context, 54 IN CONST UINT8 *Key, 55 IN UINTN KeySize 56 ) 57 { 58 // 59 // Check input parameters. 60 // 61 if (HmacSha256Context == NULL || KeySize > INT_MAX) { 62 return FALSE; 63 } 64 65 // 66 // OpenSSL HMAC-SHA256 Context Initialization 67 // 68 HMAC_CTX_init (HmacSha256Context); 69 HMAC_Init_ex (HmacSha256Context, Key, (UINT32) KeySize, EVP_sha256(), NULL); 70 71 return TRUE; 72 } 73 74 /** 75 Makes a copy of an existing HMAC-SHA256 context. 76 77 If HmacSha256Context is NULL, then return FALSE. 78 If NewHmacSha256Context is NULL, then return FALSE. 79 80 @param[in] HmacSha256Context Pointer to HMAC-SHA256 context being copied. 81 @param[out] NewHmacSha256Context Pointer to new HMAC-SHA256 context. 82 83 @retval TRUE HMAC-SHA256 context copy succeeded. 84 @retval FALSE HMAC-SHA256 context copy failed. 85 86 **/ 87 BOOLEAN 88 EFIAPI 89 HmacSha256Duplicate ( 90 IN CONST VOID *HmacSha256Context, 91 OUT VOID *NewHmacSha256Context 92 ) 93 { 94 // 95 // Check input parameters. 96 // 97 if (HmacSha256Context == NULL || NewHmacSha256Context == NULL) { 98 return FALSE; 99 } 100 101 CopyMem (NewHmacSha256Context, HmacSha256Context, sizeof (HMAC_CTX)); 102 103 return TRUE; 104 } 105 106 /** 107 Digests the input data and updates HMAC-SHA256 context. 108 109 This function performs HMAC-SHA256 digest on a data buffer of the specified size. 110 It can be called multiple times to compute the digest of long or discontinuous data streams. 111 HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should not 112 be finalized by HmacSha256Final(). Behavior with invalid context is undefined. 113 114 If HmacSha256Context is NULL, then return FALSE. 115 116 @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. 117 @param[in] Data Pointer to the buffer containing the data to be digested. 118 @param[in] DataSize Size of Data buffer in bytes. 119 120 @retval TRUE HMAC-SHA256 data digest succeeded. 121 @retval FALSE HMAC-SHA256 data digest failed. 122 123 **/ 124 BOOLEAN 125 EFIAPI 126 HmacSha256Update ( 127 IN OUT VOID *HmacSha256Context, 128 IN CONST VOID *Data, 129 IN UINTN DataSize 130 ) 131 { 132 // 133 // Check input parameters. 134 // 135 if (HmacSha256Context == NULL) { 136 return FALSE; 137 } 138 139 // 140 // Check invalid parameters, in case that only DataLength was checked in OpenSSL 141 // 142 if (Data == NULL && DataSize != 0) { 143 return FALSE; 144 } 145 146 // 147 // OpenSSL HMAC-SHA256 digest update 148 // 149 HMAC_Update (HmacSha256Context, Data, DataSize); 150 151 return TRUE; 152 } 153 154 /** 155 Completes computation of the HMAC-SHA256 digest value. 156 157 This function completes HMAC-SHA256 hash computation and retrieves the digest value into 158 the specified memory. After this function has been called, the HMAC-SHA256 context cannot 159 be used again. 160 HMAC-SHA256 context should be already correctly initialized by HmacSha256Init(), and should 161 not be finalized by HmacSha256Final(). Behavior with invalid HMAC-SHA256 context is undefined. 162 163 If HmacSha256Context is NULL, then return FALSE. 164 If HmacValue is NULL, then return FALSE. 165 166 @param[in, out] HmacSha256Context Pointer to the HMAC-SHA256 context. 167 @param[out] HmacValue Pointer to a buffer that receives the HMAC-SHA256 digest 168 value (32 bytes). 169 170 @retval TRUE HMAC-SHA256 digest computation succeeded. 171 @retval FALSE HMAC-SHA256 digest computation failed. 172 173 **/ 174 BOOLEAN 175 EFIAPI 176 HmacSha256Final ( 177 IN OUT VOID *HmacSha256Context, 178 OUT UINT8 *HmacValue 179 ) 180 { 181 UINT32 Length; 182 183 // 184 // Check input parameters. 185 // 186 if (HmacSha256Context == NULL || HmacValue == NULL) { 187 return FALSE; 188 } 189 190 // 191 // OpenSSL HMAC-SHA256 digest finalization 192 // 193 HMAC_Final (HmacSha256Context, HmacValue, &Length); 194 HMAC_CTX_cleanup (HmacSha256Context); 195 196 return TRUE; 197 } 198