CryptoPkg/BaseCryptLib: Retire HMAC MD5 algorithm

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1898 HMAC MD5 is not secure any longer. Remove the HMAC MD5 support from edk2. Change the HMAC MD5 field name in EDKII_CRYPTO_PROTOCOL to indicate the function is unsupported any longer. Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com> Cc: Siyuan Fu <siyuan.fu@intel.com> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Philippe Mathieu-Daude <philmd@redhat.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
2020-04-23 15:04:37 +08:00
parent 89db28b9c9
commit b6174e2d09
16 changed files with 55 additions and 960 deletions
--- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
+++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
@@ -7,7 +7,7 @@
 #  buffer overflow or integer overflow.
 #
 #  Note: SHA-384 Digest functions, SHA-512 Digest functions,
-#  HMAC-MD5 functions, HMAC-SHA1 functions, RSA external
+#  HMAC-SHA1 functions, RSA external
 #  functions, PKCS#7 SignedData sign functions, Diffie-Hellman functions, and
 #  authenticode signature verification functions are not supported in this instance.
 #
@@ -39,7 +39,6 @@
  Hash/CryptSha256.c
  Hash/CryptSm3.c
  Hash/CryptSha512Null.c
-  Hmac/CryptHmacMd5Null.c
  Hmac/CryptHmacSha1Null.c
  Hmac/CryptHmacSha256.c
  Kdf/CryptHkdfNull.c