Update CryptoPkg for new ciphers (HMAC, Block Cipher, etc) supports.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10997 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
qlong
2010-11-02 06:06:38 +00:00
parent 85c0b5ee7f
commit a8c4464502
32 changed files with 5292 additions and 610 deletions

View File

@@ -0,0 +1,309 @@
/** @file
AES Wrapper Implementation over OpenSSL.
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "InternalCryptLib.h"
#include <openssl/aes.h>
/**
Retrieves the size, in bytes, of the context buffer required for AES operations.
@return The size, in bytes, of the context buffer required for AES operations.
**/
UINTN
EFIAPI
AesGetContextSize (
VOID
)
{
//
// AES uses different key contexts for encryption and decryption, so here memory
// for 2 copies of AES_KEY is allocated.
//
return (UINTN) (2 * sizeof (AES_KEY));
}
/**
Initializes user-supplied memory as AES context for subsequent use.
This function initializes user-supplied memory pointed by AesContext as AES context.
In addtion, it sets up all AES key materials for subsequent encryption and decryption
operations.
There are 3 options for key length, 128 bits, 192 bits, and 256 bits.
If AesContext is NULL, then ASSERT().
If Key is NULL, then ASSERT().
If KeyLength is not valid, then ASSERT().
@param[out] AesContext Pointer to AES context being initialized.
@param[in] Key Pointer to the user-supplied AES key.
@param[in] KeyLength Length of AES key in bits.
@retval TRUE AES context initialization succeeded.
@retval FALSE AES context initialization failed.
**/
BOOLEAN
EFIAPI
AesInit (
OUT VOID *AesContext,
IN CONST UINT8 *Key,
IN UINTN KeyLength
)
{
AES_KEY *AesKey;
ASSERT (AesContext != NULL);
//
// AES Key Checking
//
ASSERT (Key != NULL);
ASSERT ((KeyLength == 128) || (KeyLength == 192) || (KeyLength == 256));
//
// Initialize AES encryption & decryption key schedule.
//
AesKey = (AES_KEY *) AesContext;
if (AES_set_encrypt_key (Key, (UINT32) KeyLength, AesKey) != 0) {
return FALSE;
}
if (AES_set_decrypt_key (Key, (UINT32) KeyLength, AesKey + 1) != 0) {
return FALSE;
}
return TRUE;
}
/**
Performs AES encryption on a data buffer of the specified size in ECB mode.
This function performs AES encryption on data buffer pointed by Input, of specified
size of InputSize, in ECB mode.
InputSize must be multiple of block size (16 bytes). This function does not perform
padding. Caller must perform padding, if necessary, to ensure valid input data size.
AesContext should be already correctly initialized by AesInit(). Behavior with
invalid AES context is undefined.
If AesContext is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If InputSize is not multiple of block size (16 bytes), then ASSERT().
If Output is NULL, then ASSERT().
@param[in] AesContext Pointer to the AES context.
@param[in] Input Pointer to the buffer containing the data to be encrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the AES encryption output.
@retval TRUE AES encryption succeeded.
@retval FALSE AES encryption failed.
**/
BOOLEAN
EFIAPI
AesEcbEncrypt (
IN VOID *AesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
AES_KEY *AesKey;
ASSERT (AesContext != NULL);
ASSERT (Input != NULL);
ASSERT ((InputSize % AES_BLOCK_SIZE) == 0);
ASSERT (Output != NULL);
AesKey = (AES_KEY *) AesContext;
//
// Perform AES data encryption with ECB mode (block-by-block)
//
while (InputSize > 0) {
AES_ecb_encrypt (Input, Output, AesKey, AES_ENCRYPT);
Input += AES_BLOCK_SIZE;
Output += AES_BLOCK_SIZE;
InputSize -= AES_BLOCK_SIZE;
}
return TRUE;
}
/**
Performs AES decryption on a data buffer of the specified size in ECB mode.
This function performs AES decryption on data buffer pointed by Input, of specified
size of InputSize, in ECB mode.
InputSize must be multiple of block size (16 bytes). This function does not perform
padding. Caller must perform padding, if necessary, to ensure valid input data size.
AesContext should be already correctly initialized by AesInit(). Behavior with
invalid AES context is undefined.
If AesContext is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If InputSize is not multiple of block size (16 bytes), then ASSERT().
If Output is NULL, then ASSERT().
@param[in] AesContext Pointer to the AES context.
@param[in] Input Pointer to the buffer containing the data to be decrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the AES decryption output.
@retval TRUE AES decryption succeeded.
@retval FALSE AES decryption failed.
**/
BOOLEAN
EFIAPI
AesEcbDecrypt (
IN VOID *AesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
AES_KEY *AesKey;
ASSERT (AesContext != NULL);
ASSERT (Input != NULL);
ASSERT ((InputSize % AES_BLOCK_SIZE) == 0);
ASSERT (Output != NULL);
AesKey = (AES_KEY *) AesContext;
//
// Perform AES data decryption with ECB mode (block-by-block)
//
while (InputSize > 0) {
AES_ecb_encrypt (Input, Output, AesKey + 1, AES_DECRYPT);
Input += AES_BLOCK_SIZE;
Output += AES_BLOCK_SIZE;
InputSize -= AES_BLOCK_SIZE;
}
return TRUE;
}
/**
Performs AES encryption on a data buffer of the specified size in CBC mode.
This function performs AES encryption on data buffer pointed by Input, of specified
size of InputSize, in CBC mode.
InputSize must be multiple of block size (16 bytes). This function does not perform
padding. Caller must perform padding, if necessary, to ensure valid input data size.
Initialization vector should be one block size (16 bytes).
AesContext should be already correctly initialized by AesInit(). Behavior with
invalid AES context is undefined.
If AesContext is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If InputSize is not multiple of block size (16 bytes), then ASSERT().
If Ivec is NULL, then ASSERT().
If Output is NULL, then ASSERT().
@param[in] AesContext Pointer to the AES context.
@param[in] Input Pointer to the buffer containing the data to be encrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[in] Ivec Pointer to initialization vector.
@param[out] Output Pointer to a buffer that receives the AES encryption output.
@retval TRUE AES encryption succeeded.
@retval FALSE AES encryption failed.
**/
BOOLEAN
EFIAPI
AesCbcEncrypt (
IN VOID *AesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
IN CONST UINT8 *Ivec,
OUT UINT8 *Output
)
{
AES_KEY *AesKey;
UINT8 IvecBuffer[AES_BLOCK_SIZE];
ASSERT (AesContext != NULL);
ASSERT (Input != NULL);
ASSERT ((InputSize % AES_BLOCK_SIZE) == 0);
ASSERT (Ivec != NULL);
ASSERT (Output != NULL);
AesKey = (AES_KEY *) AesContext;
CopyMem (IvecBuffer, Ivec, AES_BLOCK_SIZE);
//
// Perform AES data encryption with CBC mode
//
AES_cbc_encrypt (Input, Output, (UINT32) InputSize, AesKey, IvecBuffer, AES_ENCRYPT);
return TRUE;
}
/**
Performs AES decryption on a data buffer of the specified size in CBC mode.
This function performs AES decryption on data buffer pointed by Input, of specified
size of InputSize, in CBC mode.
InputSize must be multiple of block size (16 bytes). This function does not perform
padding. Caller must perform padding, if necessary, to ensure valid input data size.
Initialization vector should be one block size (16 bytes).
AesContext should be already correctly initialized by AesInit(). Behavior with
invalid AES context is undefined.
If AesContext is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If InputSize is not multiple of block size (16 bytes), then ASSERT().
If Ivec is NULL, then ASSERT().
If Output is NULL, then ASSERT().
@param[in] AesContext Pointer to the AES context.
@param[in] Input Pointer to the buffer containing the data to be encrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[in] Ivec Pointer to initialization vector.
@param[out] Output Pointer to a buffer that receives the AES encryption output.
@retval TRUE AES decryption succeeded.
@retval FALSE AES decryption failed.
**/
BOOLEAN
EFIAPI
AesCbcDecrypt (
IN VOID *AesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
IN CONST UINT8 *Ivec,
OUT UINT8 *Output
)
{
AES_KEY *AesKey;
UINT8 IvecBuffer[AES_BLOCK_SIZE];
ASSERT (AesContext != NULL);
ASSERT (Input != NULL);
ASSERT ((InputSize % AES_BLOCK_SIZE) == 0);
ASSERT (Ivec != NULL);
ASSERT (Output != NULL);
AesKey = (AES_KEY *) AesContext;
CopyMem (IvecBuffer, Ivec, AES_BLOCK_SIZE);
//
// Perform AES data decryption with CBC mode
//
AES_cbc_encrypt (Input, Output, (UINT32) InputSize, AesKey + 1, IvecBuffer, AES_DECRYPT);
return TRUE;
}

View File

@@ -0,0 +1,197 @@
/** @file
ARC4 Wrapper Implementation over OpenSSL.
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "InternalCryptLib.h"
#include <openssl/rc4.h>
/**
Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
@return The size, in bytes, of the context buffer required for ARC4 operations.
**/
UINTN
EFIAPI
Arc4GetContextSize (
VOID
)
{
//
// Memory for 2 copies of RC4_KEY is allocated, one for working copy, and the other
// for backup copy. When Arc4Reset() is called, we can use the backup copy to restore
// the working copy to the initial state.
//
return (UINTN) (2 * sizeof(RC4_KEY));
}
/**
Initializes user-supplied memory as ARC4 context for subsequent use.
This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
In addtion, it sets up all ARC4 key materials for subsequent encryption and decryption
operations.
If Arc4Context is NULL, then ASSERT().
If Key is NULL, then ASSERT().
If KeySize does not in the range of [5, 256] bytes, then ASSERT().
@param[out] Arc4Context Pointer to ARC4 context being initialized.
@param[in] Key Pointer to the user-supplied ARC4 key.
@param[in] KeySize Size of ARC4 key in bytes.
@retval TRUE ARC4 context initialization succeeded.
@retval FALSE ARC4 context initialization failed.
**/
BOOLEAN
EFIAPI
Arc4Init (
OUT VOID *Arc4Context,
IN CONST UINT8 *Key,
IN UINTN KeySize
)
{
RC4_KEY *Rc4Key;
ASSERT (Arc4Context != NULL);
ASSERT (Key != NULL);
ASSERT ((KeySize >= 5) && (KeySize <= 256));
Rc4Key = (RC4_KEY *) Arc4Context;
RC4_set_key (Rc4Key, (UINT32) KeySize, Key);
CopyMem (Rc4Key + 1, Rc4Key, sizeof(RC4_KEY));
return TRUE;
}
/**
Performs ARC4 encryption on a data buffer of the specified size.
This function performs ARC4 encryption on data buffer pointed by Input, of specified
size of InputSize.
Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
invalid ARC4 context is undefined.
If Arc4Context is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If Output is NULL, then ASSERT().
@param[in, out] Arc4Context Pointer to the ARC4 context.
@param[in] Input Pointer to the buffer containing the data to be encrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
@retval TRUE ARC4 encryption succeeded.
@retval FALSE ARC4 encryption failed.
**/
BOOLEAN
EFIAPI
Arc4Encrypt (
IN OUT VOID *Arc4Context,
IN CONST UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
RC4_KEY *Rc4Key;
ASSERT (Arc4Context != NULL);
ASSERT (Input != NULL);
ASSERT (Output != NULL);
Rc4Key = (RC4_KEY *) Arc4Context;
RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
return TRUE;
}
/**
Performs ARC4 decryption on a data buffer of the specified size.
This function performs ARC4 decryption on data buffer pointed by Input, of specified
size of InputSize.
Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
invalid ARC4 context is undefined.
If Arc4Context is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If Output is NULL, then ASSERT().
@param[in, out] Arc4Context Pointer to the ARC4 context.
@param[in] Input Pointer to the buffer containing the data to be decrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
@retval TRUE ARC4 decryption succeeded.
@retval FALSE ARC4 decryption failed.
**/
BOOLEAN
EFIAPI
Arc4Decrypt (
IN OUT VOID *Arc4Context,
IN UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
RC4_KEY *Rc4Key;
ASSERT (Arc4Context != NULL);
ASSERT (Input != NULL);
ASSERT (Output != NULL);
Rc4Key = (RC4_KEY *) Arc4Context;
RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
return TRUE;
}
/**
Resets the ARC4 context to the initial state.
The function resets the ARC4 context to the state it had immediately after the
ARC4Init() function call.
Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
should be already correctly initialized by ARC4Init().
If Arc4Context is NULL, then ASSERT().
@param[in, out] Arc4Context Pointer to the ARC4 context.
@retval TRUE ARC4 reset succeeded.
@retval FALSE ARC4 reset failed.
**/
BOOLEAN
EFIAPI
Arc4Reset (
IN OUT VOID *Arc4Context
)
{
RC4_KEY *Rc4Key;
ASSERT (Arc4Context != NULL);
Rc4Key = (RC4_KEY *) Arc4Context;
CopyMem (Rc4Key, Rc4Key + 1, sizeof(RC4_KEY));
return TRUE;
}

View File

@@ -0,0 +1,353 @@
/** @file
TDES Wrapper Implementation over OpenSSL.
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "InternalCryptLib.h"
#include <openssl/des.h>
/**
Retrieves the size, in bytes, of the context buffer required for TDES operations.
@return The size, in bytes, of the context buffer required for TDES operations.
**/
UINTN
EFIAPI
TdesGetContextSize (
VOID
)
{
//
// Memory for 3 copies of DES_key_schedule is allocated, for K1, K2 and K3 each.
//
return (UINTN) (3 * sizeof (DES_key_schedule));
}
/**
Initializes user-supplied memory as TDES context for subsequent use.
This function initializes user-supplied memory pointed by TdesContext as TDES context.
In addtion, it sets up all TDES key materials for subsequent encryption and decryption
operations.
There are 3 key options as follows:
KeyLength = 64, Keying option 1: K1 == K2 == K3 (Backward compatibility with DES)
KeyLength = 128, Keying option 2: K1 != K2 and K3 = K1 (Less Security)
KeyLength = 192 Keying option 3: K1 != K2 != K3 (Strongest)
If TdesContext is NULL, then ASSERT().
If Key is NULL, then ASSERT().
If KeyLength is not valid, then ASSERT().
@param[out] TdesContext Pointer to TDES context being initialized.
@param[in] Key Pointer to the user-supplied TDES key.
@param[in] KeyLength Length of TDES key in bits.
@retval TRUE TDES context initialization succeeded.
@retval FALSE TDES context initialization failed.
**/
BOOLEAN
EFIAPI
TdesInit (
OUT VOID *TdesContext,
IN CONST UINT8 *Key,
IN UINTN KeyLength
)
{
DES_key_schedule *KeySchedule;
ASSERT (TdesContext != NULL);
ASSERT (Key != NULL);
ASSERT ((KeyLength == 64) || (KeyLength == 128) || (KeyLength == 192));
KeySchedule = (DES_key_schedule *) TdesContext;
//
//
//
if (DES_is_weak_key ((const_DES_cblock *) Key)) {
return FALSE;
}
DES_set_key_unchecked ((const_DES_cblock *) Key, KeySchedule);
if (KeyLength == 64) {
CopyMem (KeySchedule + 1, KeySchedule, sizeof (DES_key_schedule));
CopyMem (KeySchedule + 2, KeySchedule, sizeof (DES_key_schedule));
return TRUE;
}
if (DES_is_weak_key ((const_DES_cblock *) Key + 8)) {
return FALSE;
}
DES_set_key_unchecked ((const_DES_cblock *) (Key + 8), KeySchedule + 1);
if (KeyLength == 128) {
CopyMem (KeySchedule + 2, KeySchedule, sizeof (DES_key_schedule));
return TRUE;
}
if (DES_is_weak_key ((const_DES_cblock *) Key + 16)) {
return FALSE;
}
DES_set_key_unchecked ((const_DES_cblock *) (Key + 16), KeySchedule + 2);
return TRUE;
}
/**
Performs TDES encryption on a data buffer of the specified size in ECB mode.
This function performs TDES encryption on data buffer pointed by Input, of specified
size of InputSize, in ECB mode.
InputSize must be multiple of block size (8 bytes). This function does not perform
padding. Caller must perform padding, if necessary, to ensure valid input data size.
TdesContext should be already correctly initialized by TdesInit(). Behavior with
invalid TDES context is undefined.
If TdesContext is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If InputSize is not multiple of block size (8 bytes), then ASSERT().
If Output is NULL, then ASSERT().
@param[in] TdesContext Pointer to the TDES context.
@param[in] Input Pointer to the buffer containing the data to be encrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the TDES encryption output.
@retval TRUE TDES encryption succeeded.
@retval FALSE TDES encryption failed.
**/
BOOLEAN
EFIAPI
TdesEcbEncrypt (
IN VOID *TdesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
DES_key_schedule *KeySchedule;
ASSERT (TdesContext != NULL);
ASSERT (Input != NULL);
ASSERT ((InputSize % TDES_BLOCK_SIZE) == 0);
ASSERT (Output != NULL);
KeySchedule = (DES_key_schedule *) TdesContext;
while (InputSize > 0) {
DES_ecb3_encrypt (
(const_DES_cblock *) Input,
(DES_cblock *) Output,
KeySchedule,
KeySchedule + 1,
KeySchedule + 2,
DES_ENCRYPT
);
Input += TDES_BLOCK_SIZE;
Output += TDES_BLOCK_SIZE;
InputSize -= TDES_BLOCK_SIZE;
}
return TRUE;
}
/**
Performs TDES decryption on a data buffer of the specified size in ECB mode.
This function performs TDES decryption on data buffer pointed by Input, of specified
size of InputSize, in ECB mode.
InputSize must be multiple of block size (8 bytes). This function does not perform
padding. Caller must perform padding, if necessary, to ensure valid input data size.
TdesContext should be already correctly initialized by TdesInit(). Behavior with
invalid TDES context is undefined.
If TdesContext is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If InputSize is not multiple of block size (8 bytes), then ASSERT().
If Output is NULL, then ASSERT().
@param[in] TdesContext Pointer to the TDES context.
@param[in] Input Pointer to the buffer containing the data to be decrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[out] Output Pointer to a buffer that receives the TDES decryption output.
@retval TRUE TDES decryption succeeded.
@retval FALSE TDES decryption failed.
**/
BOOLEAN
EFIAPI
TdesEcbDecrypt (
IN VOID *TdesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
OUT UINT8 *Output
)
{
DES_key_schedule *KeySchedule;
ASSERT (TdesContext != NULL);
ASSERT (Input != NULL);
ASSERT ((InputSize % TDES_BLOCK_SIZE) == 0);
ASSERT (Output != NULL);
KeySchedule = (DES_key_schedule *) TdesContext;
while (InputSize > 0) {
DES_ecb3_encrypt (
(const_DES_cblock *) Input,
(DES_cblock *) Output,
KeySchedule,
KeySchedule + 1,
KeySchedule + 2,
DES_DECRYPT
);
Input += TDES_BLOCK_SIZE;
Output += TDES_BLOCK_SIZE;
InputSize -= TDES_BLOCK_SIZE;
}
return TRUE;
}
/**
Performs TDES encryption on a data buffer of the specified size in CBC mode.
This function performs TDES encryption on data buffer pointed by Input, of specified
size of InputSize, in CBC mode.
InputSize must be multiple of block size (8 bytes). This function does not perform
padding. Caller must perform padding, if necessary, to ensure valid input data size.
Initialization vector should be one block size (8 bytes).
TdesContext should be already correctly initialized by TdesInit(). Behavior with
invalid TDES context is undefined.
If TdesContext is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If InputSize is not multiple of block size (8 bytes), then ASSERT().
If Ivec is NULL, then ASSERT().
If Output is NULL, then ASSERT().
@param[in] TdesContext Pointer to the TDES context.
@param[in] Input Pointer to the buffer containing the data to be encrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[in] Ivec Pointer to initialization vector.
@param[out] Output Pointer to a buffer that receives the TDES encryption output.
@retval TRUE TDES encryption succeeded.
@retval FALSE TDES encryption failed.
**/
BOOLEAN
EFIAPI
TdesCbcEncrypt (
IN VOID *TdesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
IN CONST UINT8 *Ivec,
OUT UINT8 *Output
)
{
DES_key_schedule *KeySchedule;
UINT8 IvecBuffer[TDES_BLOCK_SIZE];
ASSERT (TdesContext != NULL);
ASSERT (Input != NULL);
ASSERT ((InputSize % TDES_BLOCK_SIZE) == 0);
ASSERT (Ivec != NULL);
ASSERT (Output != NULL);
KeySchedule = (DES_key_schedule *) TdesContext;
CopyMem (IvecBuffer, Ivec, TDES_BLOCK_SIZE);
DES_ede3_cbc_encrypt (
Input,
Output,
(UINT32) InputSize,
KeySchedule,
KeySchedule + 1,
KeySchedule + 2,
(DES_cblock *) IvecBuffer,
DES_ENCRYPT
);
return TRUE;
}
/**
Performs TDES decryption on a data buffer of the specified size in CBC mode.
This function performs TDES decryption on data buffer pointed by Input, of specified
size of InputSize, in CBC mode.
InputSize must be multiple of block size (8 bytes). This function does not perform
padding. Caller must perform padding, if necessary, to ensure valid input data size.
Initialization vector should be one block size (8 bytes).
TdesContext should be already correctly initialized by TdesInit(). Behavior with
invalid TDES context is undefined.
If TdesContext is NULL, then ASSERT().
If Input is NULL, then ASSERT().
If InputSize is not multiple of block size (8 bytes), then ASSERT().
If Ivec is NULL, then ASSERT().
If Output is NULL, then ASSERT().
@param[in] TdesContext Pointer to the TDES context.
@param[in] Input Pointer to the buffer containing the data to be encrypted.
@param[in] InputSize Size of the Input buffer in bytes.
@param[in] Ivec Pointer to initialization vector.
@param[out] Output Pointer to a buffer that receives the TDES encryption output.
@retval TRUE TDES decryption succeeded.
@retval FALSE TDES decryption failed.
**/
BOOLEAN
EFIAPI
TdesCbcDecrypt (
IN VOID *TdesContext,
IN CONST UINT8 *Input,
IN UINTN InputSize,
IN CONST UINT8 *Ivec,
OUT UINT8 *Output
)
{
DES_key_schedule *KeySchedule;
UINT8 IvecBuffer[TDES_BLOCK_SIZE];
ASSERT (TdesContext != NULL);
ASSERT (Input != NULL);
ASSERT ((InputSize % TDES_BLOCK_SIZE) == 0);
ASSERT (Ivec != NULL);
ASSERT (Output != NULL);
KeySchedule = (DES_key_schedule *) TdesContext;
CopyMem (IvecBuffer, Ivec, TDES_BLOCK_SIZE);
DES_ede3_cbc_encrypt (
Input,
Output,
(UINT32) InputSize,
KeySchedule,
KeySchedule + 1,
KeySchedule + 2,
(DES_cblock *) IvecBuffer,
DES_DECRYPT
);
return TRUE;
}