CryptoPkg/BaseCryptLib: remove HmacXxxGetContextSize interface

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1792

Hmac(Md5|Sha1|Sha256)GetContextSize() use a deprecated macro
HMAC_MAX_MD_CBLOCK defined in openssl. They should be dropped to
avoid misuses in the future. For context allocation and release,
use HmacXxxNew() and HmacXxxFree() instead.

Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Xiaoyu Lu <xiaoyux.lu@intel.com>
This commit is contained in:
Jian J Wang 2020-01-17 11:06:31 +08:00 committed by mergify[bot]
parent a23fdff6fb
commit 9a1f14ad72
10 changed files with 10 additions and 275 deletions

View File

@ -4,7 +4,7 @@
primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security primitives (Hash Serials, HMAC, RSA, Diffie-Hellman, etc) for UEFI security
functionality enabling. functionality enabling.
Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR> Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
@ -1025,23 +1025,6 @@ Sm3HashAll (
// MAC (Message Authentication Code) Primitive // MAC (Message Authentication Code) Primitive
//===================================================================================== //=====================================================================================
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations.
(NOTE: This API is deprecated.
Use HmacMd5New() / HmacMd5Free() for HMAC-MD5 Context operations.)
If this interface is not supported, then return zero.
@return The size, in bytes, of the context buffer required for HMAC-MD5 operations.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
HmacMd5GetContextSize (
VOID
);
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use.
@ -1175,23 +1158,6 @@ HmacMd5Final (
OUT UINT8 *HmacValue OUT UINT8 *HmacValue
); );
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations.
(NOTE: This API is deprecated.
Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.)
If this interface is not supported, then return zero.
@return The size, in bytes, of the context buffer required for HMAC-SHA1 operations.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
HmacSha1GetContextSize (
VOID
);
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.
@ -1325,23 +1291,6 @@ HmacSha1Final (
OUT UINT8 *HmacValue OUT UINT8 *HmacValue
); );
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations.
(NOTE: This API is deprecated.
Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.)
If this interface is not supported, then return zero.
@return The size, in bytes, of the context buffer required for HMAC-SHA256 operations.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
HmacSha256GetContextSize (
VOID
);
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.

View File

@ -1,7 +1,7 @@
/** @file /** @file
HMAC-MD5 Wrapper Implementation over OpenSSL. HMAC-MD5 Wrapper Implementation over OpenSSL.
Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR> Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
@ -9,37 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
#include <openssl/hmac.h> #include <openssl/hmac.h>
//
// NOTE: OpenSSL redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h
// #define HMAC_MAX_MD_CBLOCK_SIZE 144
//
#define HMAC_MD5_CTX_SIZE (sizeof(void *) * 4 + sizeof(unsigned int) + \
sizeof(unsigned char) * 144)
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations.
(NOTE: This API is deprecated.
Use HmacMd5New() / HmacMd5Free() for HMAC-MD5 Context operations.)
@return The size, in bytes, of the context buffer required for HMAC-MD5 operations.
**/
UINTN
EFIAPI
HmacMd5GetContextSize (
VOID
)
{
//
// Retrieves the OpenSSL HMAC-MD5 Context Size
// NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the
// fixed size as a workaround to make this API work for compatibility.
// We should retire HmacMd5GetContextSize() in future, and use HmacMd5New()
// and HmacMd5Free() for context allocation and release.
//
return (UINTN) HMAC_MD5_CTX_SIZE;
}
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use.

View File

@ -1,33 +1,13 @@
/** @file /** @file
HMAC-MD5 Wrapper Implementation which does not provide real capabilities. HMAC-MD5 Wrapper Implementation which does not provide real capabilities.
Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR> Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations.
(NOTE: This API is deprecated.
Use HmacMd5New() / HmacMd5Free() for HMAC-MD5 Context operations.)
Return zero to indicate this interface is not supported.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
HmacMd5GetContextSize (
VOID
)
{
ASSERT (FALSE);
return 0;
}
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use.

View File

@ -1,7 +1,7 @@
/** @file /** @file
HMAC-SHA1 Wrapper Implementation over OpenSSL. HMAC-SHA1 Wrapper Implementation over OpenSSL.
Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR> Copyright (c) 2010 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
@ -9,38 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
#include <openssl/hmac.h> #include <openssl/hmac.h>
//
// NOTE: OpenSSL redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h
// #define HMAC_MAX_MD_CBLOCK_SIZE 144
//
//
#define HMAC_SHA1_CTX_SIZE (sizeof(void *) * 4 + sizeof(unsigned int) + \
sizeof(unsigned char) * 144)
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations.
(NOTE: This API is deprecated.
Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.)
@return The size, in bytes, of the context buffer required for HMAC-SHA1 operations.
**/
UINTN
EFIAPI
HmacSha1GetContextSize (
VOID
)
{
//
// Retrieves the OpenSSL HMAC-SHA1 Context Size
// NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the
// fixed size as a workaround to make this API work for compatibility.
// We should retire HmacSha15GetContextSize() in future, and use HmacSha1New()
// and HmacSha1Free() for context allocation and release.
//
return (UINTN) HMAC_SHA1_CTX_SIZE;
}
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.

View File

@ -1,33 +1,13 @@
/** @file /** @file
HMAC-SHA1 Wrapper Implementation which does not provide real capabilities. HMAC-SHA1 Wrapper Implementation which does not provide real capabilities.
Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR> Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations.
(NOTE: This API is deprecated.
Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.)
Return zero to indicate this interface is not supported.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
HmacSha1GetContextSize (
VOID
)
{
ASSERT (FALSE);
return 0;
}
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.

View File

@ -1,7 +1,7 @@
/** @file /** @file
HMAC-SHA256 Wrapper Implementation over OpenSSL. HMAC-SHA256 Wrapper Implementation over OpenSSL.
Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
@ -9,37 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
#include <openssl/hmac.h> #include <openssl/hmac.h>
//
// NOTE: OpenSSL redefines the size of HMAC_CTX at crypto/hmac/hmac_lcl.h
// #define HMAC_MAX_MD_CBLOCK_SIZE 144
//
#define HMAC_SHA256_CTX_SIZE (sizeof(void *) * 4 + sizeof(unsigned int) + \
sizeof(unsigned char) * 144)
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations.
(NOTE: This API is deprecated.
Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.)
@return The size, in bytes, of the context buffer required for HMAC-SHA256 operations.
**/
UINTN
EFIAPI
HmacSha256GetContextSize (
VOID
)
{
//
// Retrieves the OpenSSL HMAC-SHA256 Context Size
// NOTE: HMAC_CTX object was made opaque in openssl-1.1.x, here we just use the
// fixed size as a workaround to make this API work for compatibility.
// We should retire HmacSha256GetContextSize() in future, and use HmacSha256New()
// and HmacSha256Free() for context allocation and release.
//
return (UINTN)HMAC_SHA256_CTX_SIZE;
}
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.

View File

@ -1,33 +1,13 @@
/** @file /** @file
HMAC-SHA256 Wrapper Implementation which does not provide real capabilities. HMAC-SHA256 Wrapper Implementation which does not provide real capabilities.
Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations.
(NOTE: This API is deprecated.
Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.)
Return zero to indicate this interface is not supported.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
HmacSha256GetContextSize (
VOID
)
{
ASSERT (FALSE);
return 0;
}
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.

View File

@ -1,33 +1,13 @@
/** @file /** @file
HMAC-MD5 Wrapper Implementation which does not provide real capabilities. HMAC-MD5 Wrapper Implementation which does not provide real capabilities.
Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR> Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-MD5 operations.
(NOTE: This API is deprecated.
Use HmacMd5New() / HmacMd5Free() for HMAC-MD5 Context operations.)
Return zero to indicate this interface is not supported.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
HmacMd5GetContextSize (
VOID
)
{
ASSERT (FALSE);
return 0;
}
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-MD5 use.

View File

@ -1,33 +1,13 @@
/** @file /** @file
HMAC-SHA1 Wrapper Implementation which does not provide real capabilities. HMAC-SHA1 Wrapper Implementation which does not provide real capabilities.
Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR> Copyright (c) 2012 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-SHA1 operations.
(NOTE: This API is deprecated.
Use HmacSha1New() / HmacSha1Free() for HMAC-SHA1 Context operations.)
Return zero to indicate this interface is not supported.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
HmacSha1GetContextSize (
VOID
)
{
ASSERT (FALSE);
return 0;
}
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA1 use.

View File

@ -1,33 +1,13 @@
/** @file /** @file
HMAC-SHA256 Wrapper Implementation which does not provide real capabilities. HMAC-SHA256 Wrapper Implementation which does not provide real capabilities.
Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
#include "InternalCryptLib.h" #include "InternalCryptLib.h"
/**
Retrieves the size, in bytes, of the context buffer required for HMAC-SHA256 operations.
(NOTE: This API is deprecated.
Use HmacSha256New() / HmacSha256Free() for HMAC-SHA256 Context operations.)
Return zero to indicate this interface is not supported.
@retval 0 This interface is not supported.
**/
UINTN
EFIAPI
HmacSha256GetContextSize (
VOID
)
{
ASSERT (FALSE);
return 0;
}
/** /**
Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use. Allocates and initializes one HMAC_CTX context for subsequent HMAC-SHA256 use.