CryptoPkg/BaseCryptLib: replace HmacXxxInit API with HmacXxxSetKey

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1792

HmacXxxInit() is supposed to be initialize user supplied buffer as HMAC
context, as well as user supplied key. Currently it has no real use cases.

Due to BZ1792, the user has no way to get correct size of context buffer
after it's fixed, and then cannot make use of HmacXxxInit to initialize
it.

So it's decided to replace it with HmacXxxSetKey to keep the functionality
of supplying a key to HMAC, but drop all other initialization works. The
user can still get HMAC context via HmacXxxNew interface, which hides the
details about the context.

Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Xiaoyu Lu <xiaoyux.lu@intel.com>

1 files changed, 10 insertions, 17 deletions

diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
index 7d7df9640e..8126fb525f 100644
--- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
+++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c
@@ -79,22 +79,22 @@ HmacSha1Free (
 }

 

 /**

-  Initializes user-supplied memory pointed by HmacSha1Context as HMAC-SHA1 context for

-  subsequent use.

+  Set user-supplied key for subsequent use. It must be done before any

+  calling to HmacSha1Update().

 

   If HmacSha1Context is NULL, then return FALSE.

 

-  @param[out]  HmacSha1Context  Pointer to HMAC-SHA1 context being initialized.

+  @param[out]  HmacSha1Context  Pointer to HMAC-SHA1 context.

   @param[in]   Key              Pointer to the user-supplied key.

   @param[in]   KeySize          Key size in bytes.

 

-  @retval TRUE   HMAC-SHA1 context initialization succeeded.

-  @retval FALSE  HMAC-SHA1 context initialization failed.

+  @retval TRUE   The Key is set successfully.

+  @retval FALSE  The Key is set unsuccessfully.

 

 **/

 BOOLEAN

 EFIAPI

-HmacSha1Init (

+HmacSha1SetKey (

   OUT  VOID         *HmacSha1Context,

   IN   CONST UINT8  *Key,

   IN   UINTN        KeySize

@@ -107,13 +107,6 @@ HmacSha1Init (
     return FALSE;

   }

 

-  //

-  // OpenSSL HMAC-SHA1 Context Initialization

-  //

-  memset(HmacSha1Context, 0, HMAC_SHA1_CTX_SIZE);

-  if (HMAC_CTX_reset ((HMAC_CTX *)HmacSha1Context) != 1) {

-    return FALSE;

-  }

   if (HMAC_Init_ex ((HMAC_CTX *)HmacSha1Context, Key, (UINT32) KeySize, EVP_sha1(), NULL) != 1) {

     return FALSE;

   }

@@ -160,8 +153,8 @@ HmacSha1Duplicate (
 

   This function performs HMAC-SHA1 digest on a data buffer of the specified size.

   It can be called multiple times to compute the digest of long or discontinuous data streams.

-  HMAC-SHA1 context should be already correctly initialized by HmacSha1Init(), and should not

-  be finalized by HmacSha1Final(). Behavior with invalid context is undefined.

+  HMAC-SHA1 context should be initialized by HmacSha1New(), and should not be finalized by

+  HmacSha1Final(). Behavior with invalid context is undefined.

 

   If HmacSha1Context is NULL, then return FALSE.

 

@@ -211,8 +204,8 @@ HmacSha1Update (
   This function completes HMAC-SHA1 digest computation and retrieves the digest value into

   the specified memory. After this function has been called, the HMAC-SHA1 context cannot

   be used again.

-  HMAC-SHA1 context should be already correctly initialized by HmacSha1Init(), and should

-  not be finalized by HmacSha1Final(). Behavior with invalid HMAC-SHA1 context is undefined.

+  HMAC-SHA1 context should be initialized by HmacSha1New(), and should not be finalized by

+  HmacSha1Final(). Behavior with invalid HMAC-SHA1 context is undefined.

 

   If HmacSha1Context is NULL, then return FALSE.

   If HmacValue is NULL, then return FALSE.