CryptoPkg/Driver: add additional RSAES-OAEP crypto functions
Add new functions to CryptoPkg/Driver. Signed-off-by: Chris Ruffin <v-chruffin@microsoft.com> Cc: Chris Ruffin <cruffin@millcore.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Yi Li <yi1.li@intel.com> Cc: Wenxing Hou <wenxing.hou@intel.com> Reviewed-by: Yi Li <yi1.li@intel.com>
This commit is contained in:
Chris Ruffin
committed by
mergify[bot]
mergify[bot]
parent
89ff5da9f9
commit
503344cdbd
@@ -2825,6 +2825,119 @@ Pkcs1v2Encrypt (
|
||||
CALL_CRYPTO_SERVICE (Pkcs1v2Encrypt, (PublicKey, PublicKeySize, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), FALSE);
|
||||
}
|
||||
|
||||
/**
|
||||
Decrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the
|
||||
decrypted message in a newly allocated buffer.
|
||||
Things that can cause a failure include:
|
||||
- Fail to parse private key.
|
||||
- Fail to allocate an intermediate buffer.
|
||||
- Null pointer provided for a non-optional parameter.
|
||||
@param[in] PrivateKey A pointer to the DER-encoded private key.
|
||||
@param[in] PrivateKeySize Size of the private key buffer.
|
||||
@param[in] EncryptedData Data to be decrypted.
|
||||
@param[in] EncryptedDataSize Size of the encrypted buffer.
|
||||
@param[out] OutData Pointer to an allocated buffer containing the encrypted
|
||||
message.
|
||||
@param[out] OutDataSize Size of the encrypted message buffer.
|
||||
@retval TRUE Encryption was successful.
|
||||
@retval FALSE Encryption failed.
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
Pkcs1v2Decrypt (
|
||||
IN CONST UINT8 *PrivateKey,
|
||||
IN UINTN PrivateKeySize,
|
||||
IN UINT8 *EncryptedData,
|
||||
IN UINTN EncryptedDataSize,
|
||||
OUT UINT8 **OutData,
|
||||
OUT UINTN *OutDataSize
|
||||
)
|
||||
{
|
||||
CALL_CRYPTO_SERVICE (Pkcs1v2Decrypt, (PrivateKey, PrivateKeySize, EncryptedData, EncryptedDataSize, OutData, OutDataSize), FALSE);
|
||||
}
|
||||
|
||||
/**
|
||||
Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the
|
||||
encrypted message in a newly allocated buffer.
|
||||
Things that can cause a failure include:
|
||||
- X509 key size does not match any known key size.
|
||||
- Fail to allocate an intermediate buffer.
|
||||
- Null pointer provided for a non-optional parameter.
|
||||
- Data size is too large for the provided key size (max size is a function of key size
|
||||
and hash digest size).
|
||||
@param[in] RsaContext A pointer to an RSA context created by RsaNew() and
|
||||
provisioned with a public key using RsaSetKey().
|
||||
@param[in] InData Data to be encrypted.
|
||||
@param[in] InDataSize Size of the data buffer.
|
||||
@param[in] PrngSeed [Optional] If provided, a pointer to a random seed buffer
|
||||
to be used when initializing the PRNG. NULL otherwise.
|
||||
@param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer.
|
||||
0 otherwise.
|
||||
@param[in] DigestLen [Optional] If provided, size of the hash used:
|
||||
SHA1_DIGEST_SIZE
|
||||
SHA256_DIGEST_SIZE
|
||||
SHA384_DIGEST_SIZE
|
||||
SHA512_DIGEST_SIZE
|
||||
0 to use default (SHA1)
|
||||
@param[out] EncryptedData Pointer to an allocated buffer containing the encrypted
|
||||
message.
|
||||
@param[out] EncryptedDataSize Size of the encrypted message buffer.
|
||||
@retval TRUE Encryption was successful.
|
||||
@retval FALSE Encryption failed.
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
RsaOaepEncrypt (
|
||||
IN VOID *RsaContext,
|
||||
IN UINT8 *InData,
|
||||
IN UINTN InDataSize,
|
||||
IN CONST UINT8 *PrngSeed OPTIONAL,
|
||||
IN UINTN PrngSeedSize OPTIONAL,
|
||||
IN UINT16 DigestLen OPTIONAL,
|
||||
OUT UINT8 **EncryptedData,
|
||||
OUT UINTN *EncryptedDataSize
|
||||
)
|
||||
{
|
||||
CALL_CRYPTO_SERVICE (RsaOaepEncrypt, (RsaContext, InData, InDataSize, PrngSeed, PrngSeedSize, DigestLen, EncryptedData, EncryptedDataSize), FALSE);
|
||||
}
|
||||
|
||||
/**
|
||||
Decrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the
|
||||
decrypted message in a newly allocated buffer.
|
||||
Things that can cause a failure include:
|
||||
- Fail to parse private key.
|
||||
- Fail to allocate an intermediate buffer.
|
||||
- Null pointer provided for a non-optional parameter.
|
||||
@param[in] RsaContext A pointer to an RSA context created by RsaNew() and
|
||||
provisioned with a private key using RsaSetKey().
|
||||
@param[in] EncryptedData Data to be decrypted.
|
||||
@param[in] EncryptedDataSize Size of the encrypted buffer.
|
||||
@param[in] DigestLen [Optional] If provided, size of the hash used:
|
||||
SHA1_DIGEST_SIZE
|
||||
SHA256_DIGEST_SIZE
|
||||
SHA384_DIGEST_SIZE
|
||||
SHA512_DIGEST_SIZE
|
||||
0 to use default (SHA1)
|
||||
@param[out] OutData Pointer to an allocated buffer containing the encrypted
|
||||
message.
|
||||
@param[out] OutDataSize Size of the encrypted message buffer.
|
||||
@retval TRUE Encryption was successful.
|
||||
@retval FALSE Encryption failed.
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
RsaOaepDecrypt (
|
||||
IN VOID *RsaContext,
|
||||
IN UINT8 *EncryptedData,
|
||||
IN UINTN EncryptedDataSize,
|
||||
IN UINT16 DigestLen OPTIONAL,
|
||||
OUT UINT8 **OutData,
|
||||
OUT UINTN *OutDataSize
|
||||
)
|
||||
{
|
||||
CALL_CRYPTO_SERVICE (RsaOaepDecrypt, (RsaContext, EncryptedData, EncryptedDataSize, DigestLen, OutData, OutDataSize), FALSE);
|
||||
}
|
||||
|
||||
/**
|
||||
Get the signer's certificates from PKCS#7 signed data as described in "PKCS #7:
|
||||
Cryptographic Message Syntax Standard". The input signed data could be wrapped
|
||||
@@ -2850,6 +2963,7 @@ Pkcs1v2Encrypt (
|
||||
@retval FALSE Error occurs during the operation.
|
||||
@retval FALSE This interface is not supported.
|
||||
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
|
||||
Reference in New Issue
Block a user