Update CryptoPkg for new ciphers (HMAC, Block Cipher, etc) supports.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10997 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
309
CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
Normal file
309
CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c
Normal file
@@ -0,0 +1,309 @@
|
||||
/** @file
|
||||
AES Wrapper Implementation over OpenSSL.
|
||||
|
||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include "InternalCryptLib.h"
|
||||
#include <openssl/aes.h>
|
||||
|
||||
/**
|
||||
Retrieves the size, in bytes, of the context buffer required for AES operations.
|
||||
|
||||
@return The size, in bytes, of the context buffer required for AES operations.
|
||||
|
||||
**/
|
||||
UINTN
|
||||
EFIAPI
|
||||
AesGetContextSize (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
//
|
||||
// AES uses different key contexts for encryption and decryption, so here memory
|
||||
// for 2 copies of AES_KEY is allocated.
|
||||
//
|
||||
return (UINTN) (2 * sizeof (AES_KEY));
|
||||
}
|
||||
|
||||
/**
|
||||
Initializes user-supplied memory as AES context for subsequent use.
|
||||
|
||||
This function initializes user-supplied memory pointed by AesContext as AES context.
|
||||
In addtion, it sets up all AES key materials for subsequent encryption and decryption
|
||||
operations.
|
||||
There are 3 options for key length, 128 bits, 192 bits, and 256 bits.
|
||||
|
||||
If AesContext is NULL, then ASSERT().
|
||||
If Key is NULL, then ASSERT().
|
||||
If KeyLength is not valid, then ASSERT().
|
||||
|
||||
@param[out] AesContext Pointer to AES context being initialized.
|
||||
@param[in] Key Pointer to the user-supplied AES key.
|
||||
@param[in] KeyLength Length of AES key in bits.
|
||||
|
||||
@retval TRUE AES context initialization succeeded.
|
||||
@retval FALSE AES context initialization failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
AesInit (
|
||||
OUT VOID *AesContext,
|
||||
IN CONST UINT8 *Key,
|
||||
IN UINTN KeyLength
|
||||
)
|
||||
{
|
||||
AES_KEY *AesKey;
|
||||
|
||||
ASSERT (AesContext != NULL);
|
||||
//
|
||||
// AES Key Checking
|
||||
//
|
||||
ASSERT (Key != NULL);
|
||||
ASSERT ((KeyLength == 128) || (KeyLength == 192) || (KeyLength == 256));
|
||||
|
||||
//
|
||||
// Initialize AES encryption & decryption key schedule.
|
||||
//
|
||||
AesKey = (AES_KEY *) AesContext;
|
||||
if (AES_set_encrypt_key (Key, (UINT32) KeyLength, AesKey) != 0) {
|
||||
return FALSE;
|
||||
}
|
||||
if (AES_set_decrypt_key (Key, (UINT32) KeyLength, AesKey + 1) != 0) {
|
||||
return FALSE;
|
||||
}
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs AES encryption on a data buffer of the specified size in ECB mode.
|
||||
|
||||
This function performs AES encryption on data buffer pointed by Input, of specified
|
||||
size of InputSize, in ECB mode.
|
||||
InputSize must be multiple of block size (16 bytes). This function does not perform
|
||||
padding. Caller must perform padding, if necessary, to ensure valid input data size.
|
||||
AesContext should be already correctly initialized by AesInit(). Behavior with
|
||||
invalid AES context is undefined.
|
||||
|
||||
If AesContext is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If InputSize is not multiple of block size (16 bytes), then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in] AesContext Pointer to the AES context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be encrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[out] Output Pointer to a buffer that receives the AES encryption output.
|
||||
|
||||
@retval TRUE AES encryption succeeded.
|
||||
@retval FALSE AES encryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
AesEcbEncrypt (
|
||||
IN VOID *AesContext,
|
||||
IN CONST UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
AES_KEY *AesKey;
|
||||
|
||||
ASSERT (AesContext != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT ((InputSize % AES_BLOCK_SIZE) == 0);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
AesKey = (AES_KEY *) AesContext;
|
||||
|
||||
//
|
||||
// Perform AES data encryption with ECB mode (block-by-block)
|
||||
//
|
||||
while (InputSize > 0) {
|
||||
AES_ecb_encrypt (Input, Output, AesKey, AES_ENCRYPT);
|
||||
Input += AES_BLOCK_SIZE;
|
||||
Output += AES_BLOCK_SIZE;
|
||||
InputSize -= AES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs AES decryption on a data buffer of the specified size in ECB mode.
|
||||
|
||||
This function performs AES decryption on data buffer pointed by Input, of specified
|
||||
size of InputSize, in ECB mode.
|
||||
InputSize must be multiple of block size (16 bytes). This function does not perform
|
||||
padding. Caller must perform padding, if necessary, to ensure valid input data size.
|
||||
AesContext should be already correctly initialized by AesInit(). Behavior with
|
||||
invalid AES context is undefined.
|
||||
|
||||
If AesContext is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If InputSize is not multiple of block size (16 bytes), then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in] AesContext Pointer to the AES context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be decrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[out] Output Pointer to a buffer that receives the AES decryption output.
|
||||
|
||||
@retval TRUE AES decryption succeeded.
|
||||
@retval FALSE AES decryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
AesEcbDecrypt (
|
||||
IN VOID *AesContext,
|
||||
IN CONST UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
AES_KEY *AesKey;
|
||||
|
||||
ASSERT (AesContext != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT ((InputSize % AES_BLOCK_SIZE) == 0);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
AesKey = (AES_KEY *) AesContext;
|
||||
|
||||
//
|
||||
// Perform AES data decryption with ECB mode (block-by-block)
|
||||
//
|
||||
while (InputSize > 0) {
|
||||
AES_ecb_encrypt (Input, Output, AesKey + 1, AES_DECRYPT);
|
||||
Input += AES_BLOCK_SIZE;
|
||||
Output += AES_BLOCK_SIZE;
|
||||
InputSize -= AES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs AES encryption on a data buffer of the specified size in CBC mode.
|
||||
|
||||
This function performs AES encryption on data buffer pointed by Input, of specified
|
||||
size of InputSize, in CBC mode.
|
||||
InputSize must be multiple of block size (16 bytes). This function does not perform
|
||||
padding. Caller must perform padding, if necessary, to ensure valid input data size.
|
||||
Initialization vector should be one block size (16 bytes).
|
||||
AesContext should be already correctly initialized by AesInit(). Behavior with
|
||||
invalid AES context is undefined.
|
||||
|
||||
If AesContext is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If InputSize is not multiple of block size (16 bytes), then ASSERT().
|
||||
If Ivec is NULL, then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in] AesContext Pointer to the AES context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be encrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[in] Ivec Pointer to initialization vector.
|
||||
@param[out] Output Pointer to a buffer that receives the AES encryption output.
|
||||
|
||||
@retval TRUE AES encryption succeeded.
|
||||
@retval FALSE AES encryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
AesCbcEncrypt (
|
||||
IN VOID *AesContext,
|
||||
IN CONST UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
IN CONST UINT8 *Ivec,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
AES_KEY *AesKey;
|
||||
UINT8 IvecBuffer[AES_BLOCK_SIZE];
|
||||
|
||||
ASSERT (AesContext != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT ((InputSize % AES_BLOCK_SIZE) == 0);
|
||||
ASSERT (Ivec != NULL);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
AesKey = (AES_KEY *) AesContext;
|
||||
CopyMem (IvecBuffer, Ivec, AES_BLOCK_SIZE);
|
||||
|
||||
//
|
||||
// Perform AES data encryption with CBC mode
|
||||
//
|
||||
AES_cbc_encrypt (Input, Output, (UINT32) InputSize, AesKey, IvecBuffer, AES_ENCRYPT);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs AES decryption on a data buffer of the specified size in CBC mode.
|
||||
|
||||
This function performs AES decryption on data buffer pointed by Input, of specified
|
||||
size of InputSize, in CBC mode.
|
||||
InputSize must be multiple of block size (16 bytes). This function does not perform
|
||||
padding. Caller must perform padding, if necessary, to ensure valid input data size.
|
||||
Initialization vector should be one block size (16 bytes).
|
||||
AesContext should be already correctly initialized by AesInit(). Behavior with
|
||||
invalid AES context is undefined.
|
||||
|
||||
If AesContext is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If InputSize is not multiple of block size (16 bytes), then ASSERT().
|
||||
If Ivec is NULL, then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in] AesContext Pointer to the AES context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be encrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[in] Ivec Pointer to initialization vector.
|
||||
@param[out] Output Pointer to a buffer that receives the AES encryption output.
|
||||
|
||||
@retval TRUE AES decryption succeeded.
|
||||
@retval FALSE AES decryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
AesCbcDecrypt (
|
||||
IN VOID *AesContext,
|
||||
IN CONST UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
IN CONST UINT8 *Ivec,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
AES_KEY *AesKey;
|
||||
UINT8 IvecBuffer[AES_BLOCK_SIZE];
|
||||
|
||||
ASSERT (AesContext != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT ((InputSize % AES_BLOCK_SIZE) == 0);
|
||||
ASSERT (Ivec != NULL);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
AesKey = (AES_KEY *) AesContext;
|
||||
CopyMem (IvecBuffer, Ivec, AES_BLOCK_SIZE);
|
||||
|
||||
//
|
||||
// Perform AES data decryption with CBC mode
|
||||
//
|
||||
AES_cbc_encrypt (Input, Output, (UINT32) InputSize, AesKey + 1, IvecBuffer, AES_DECRYPT);
|
||||
|
||||
return TRUE;
|
||||
}
|
197
CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
Normal file
197
CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c
Normal file
@@ -0,0 +1,197 @@
|
||||
/** @file
|
||||
ARC4 Wrapper Implementation over OpenSSL.
|
||||
|
||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include "InternalCryptLib.h"
|
||||
#include <openssl/rc4.h>
|
||||
|
||||
/**
|
||||
Retrieves the size, in bytes, of the context buffer required for ARC4 operations.
|
||||
|
||||
@return The size, in bytes, of the context buffer required for ARC4 operations.
|
||||
|
||||
**/
|
||||
UINTN
|
||||
EFIAPI
|
||||
Arc4GetContextSize (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
//
|
||||
// Memory for 2 copies of RC4_KEY is allocated, one for working copy, and the other
|
||||
// for backup copy. When Arc4Reset() is called, we can use the backup copy to restore
|
||||
// the working copy to the initial state.
|
||||
//
|
||||
return (UINTN) (2 * sizeof(RC4_KEY));
|
||||
}
|
||||
|
||||
/**
|
||||
Initializes user-supplied memory as ARC4 context for subsequent use.
|
||||
|
||||
This function initializes user-supplied memory pointed by Arc4Context as ARC4 context.
|
||||
In addtion, it sets up all ARC4 key materials for subsequent encryption and decryption
|
||||
operations.
|
||||
|
||||
If Arc4Context is NULL, then ASSERT().
|
||||
If Key is NULL, then ASSERT().
|
||||
If KeySize does not in the range of [5, 256] bytes, then ASSERT().
|
||||
|
||||
@param[out] Arc4Context Pointer to ARC4 context being initialized.
|
||||
@param[in] Key Pointer to the user-supplied ARC4 key.
|
||||
@param[in] KeySize Size of ARC4 key in bytes.
|
||||
|
||||
@retval TRUE ARC4 context initialization succeeded.
|
||||
@retval FALSE ARC4 context initialization failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
Arc4Init (
|
||||
OUT VOID *Arc4Context,
|
||||
IN CONST UINT8 *Key,
|
||||
IN UINTN KeySize
|
||||
)
|
||||
{
|
||||
RC4_KEY *Rc4Key;
|
||||
|
||||
ASSERT (Arc4Context != NULL);
|
||||
ASSERT (Key != NULL);
|
||||
ASSERT ((KeySize >= 5) && (KeySize <= 256));
|
||||
|
||||
Rc4Key = (RC4_KEY *) Arc4Context;
|
||||
|
||||
RC4_set_key (Rc4Key, (UINT32) KeySize, Key);
|
||||
|
||||
CopyMem (Rc4Key + 1, Rc4Key, sizeof(RC4_KEY));
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs ARC4 encryption on a data buffer of the specified size.
|
||||
|
||||
This function performs ARC4 encryption on data buffer pointed by Input, of specified
|
||||
size of InputSize.
|
||||
Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
|
||||
invalid ARC4 context is undefined.
|
||||
|
||||
If Arc4Context is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in, out] Arc4Context Pointer to the ARC4 context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be encrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[out] Output Pointer to a buffer that receives the ARC4 encryption output.
|
||||
|
||||
@retval TRUE ARC4 encryption succeeded.
|
||||
@retval FALSE ARC4 encryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
Arc4Encrypt (
|
||||
IN OUT VOID *Arc4Context,
|
||||
IN CONST UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
RC4_KEY *Rc4Key;
|
||||
|
||||
ASSERT (Arc4Context != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
Rc4Key = (RC4_KEY *) Arc4Context;
|
||||
|
||||
RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs ARC4 decryption on a data buffer of the specified size.
|
||||
|
||||
This function performs ARC4 decryption on data buffer pointed by Input, of specified
|
||||
size of InputSize.
|
||||
Arc4Context should be already correctly initialized by Arc4Init(). Behavior with
|
||||
invalid ARC4 context is undefined.
|
||||
|
||||
If Arc4Context is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in, out] Arc4Context Pointer to the ARC4 context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be decrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[out] Output Pointer to a buffer that receives the ARC4 decryption output.
|
||||
|
||||
@retval TRUE ARC4 decryption succeeded.
|
||||
@retval FALSE ARC4 decryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
Arc4Decrypt (
|
||||
IN OUT VOID *Arc4Context,
|
||||
IN UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
RC4_KEY *Rc4Key;
|
||||
|
||||
ASSERT (Arc4Context != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
Rc4Key = (RC4_KEY *) Arc4Context;
|
||||
|
||||
RC4 (Rc4Key, (UINT32) InputSize, Input, Output);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Resets the ARC4 context to the initial state.
|
||||
|
||||
The function resets the ARC4 context to the state it had immediately after the
|
||||
ARC4Init() function call.
|
||||
Contrary to ARC4Init(), Arc4Reset() requires no secret key as input, but ARC4 context
|
||||
should be already correctly initialized by ARC4Init().
|
||||
|
||||
If Arc4Context is NULL, then ASSERT().
|
||||
|
||||
@param[in, out] Arc4Context Pointer to the ARC4 context.
|
||||
|
||||
@retval TRUE ARC4 reset succeeded.
|
||||
@retval FALSE ARC4 reset failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
Arc4Reset (
|
||||
IN OUT VOID *Arc4Context
|
||||
)
|
||||
{
|
||||
RC4_KEY *Rc4Key;
|
||||
|
||||
ASSERT (Arc4Context != NULL);
|
||||
|
||||
Rc4Key = (RC4_KEY *) Arc4Context;
|
||||
|
||||
CopyMem (Rc4Key, Rc4Key + 1, sizeof(RC4_KEY));
|
||||
|
||||
return TRUE;
|
||||
}
|
353
CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
Normal file
353
CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c
Normal file
@@ -0,0 +1,353 @@
|
||||
/** @file
|
||||
TDES Wrapper Implementation over OpenSSL.
|
||||
|
||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include "InternalCryptLib.h"
|
||||
#include <openssl/des.h>
|
||||
|
||||
/**
|
||||
Retrieves the size, in bytes, of the context buffer required for TDES operations.
|
||||
|
||||
@return The size, in bytes, of the context buffer required for TDES operations.
|
||||
|
||||
**/
|
||||
UINTN
|
||||
EFIAPI
|
||||
TdesGetContextSize (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
//
|
||||
// Memory for 3 copies of DES_key_schedule is allocated, for K1, K2 and K3 each.
|
||||
//
|
||||
return (UINTN) (3 * sizeof (DES_key_schedule));
|
||||
}
|
||||
|
||||
/**
|
||||
Initializes user-supplied memory as TDES context for subsequent use.
|
||||
|
||||
This function initializes user-supplied memory pointed by TdesContext as TDES context.
|
||||
In addtion, it sets up all TDES key materials for subsequent encryption and decryption
|
||||
operations.
|
||||
There are 3 key options as follows:
|
||||
KeyLength = 64, Keying option 1: K1 == K2 == K3 (Backward compatibility with DES)
|
||||
KeyLength = 128, Keying option 2: K1 != K2 and K3 = K1 (Less Security)
|
||||
KeyLength = 192 Keying option 3: K1 != K2 != K3 (Strongest)
|
||||
|
||||
If TdesContext is NULL, then ASSERT().
|
||||
If Key is NULL, then ASSERT().
|
||||
If KeyLength is not valid, then ASSERT().
|
||||
|
||||
@param[out] TdesContext Pointer to TDES context being initialized.
|
||||
@param[in] Key Pointer to the user-supplied TDES key.
|
||||
@param[in] KeyLength Length of TDES key in bits.
|
||||
|
||||
@retval TRUE TDES context initialization succeeded.
|
||||
@retval FALSE TDES context initialization failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
TdesInit (
|
||||
OUT VOID *TdesContext,
|
||||
IN CONST UINT8 *Key,
|
||||
IN UINTN KeyLength
|
||||
)
|
||||
{
|
||||
DES_key_schedule *KeySchedule;
|
||||
|
||||
ASSERT (TdesContext != NULL);
|
||||
ASSERT (Key != NULL);
|
||||
ASSERT ((KeyLength == 64) || (KeyLength == 128) || (KeyLength == 192));
|
||||
|
||||
KeySchedule = (DES_key_schedule *) TdesContext;
|
||||
|
||||
//
|
||||
//
|
||||
//
|
||||
if (DES_is_weak_key ((const_DES_cblock *) Key)) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
DES_set_key_unchecked ((const_DES_cblock *) Key, KeySchedule);
|
||||
|
||||
if (KeyLength == 64) {
|
||||
CopyMem (KeySchedule + 1, KeySchedule, sizeof (DES_key_schedule));
|
||||
CopyMem (KeySchedule + 2, KeySchedule, sizeof (DES_key_schedule));
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
if (DES_is_weak_key ((const_DES_cblock *) Key + 8)) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
DES_set_key_unchecked ((const_DES_cblock *) (Key + 8), KeySchedule + 1);
|
||||
|
||||
if (KeyLength == 128) {
|
||||
CopyMem (KeySchedule + 2, KeySchedule, sizeof (DES_key_schedule));
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
if (DES_is_weak_key ((const_DES_cblock *) Key + 16)) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
DES_set_key_unchecked ((const_DES_cblock *) (Key + 16), KeySchedule + 2);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs TDES encryption on a data buffer of the specified size in ECB mode.
|
||||
|
||||
This function performs TDES encryption on data buffer pointed by Input, of specified
|
||||
size of InputSize, in ECB mode.
|
||||
InputSize must be multiple of block size (8 bytes). This function does not perform
|
||||
padding. Caller must perform padding, if necessary, to ensure valid input data size.
|
||||
TdesContext should be already correctly initialized by TdesInit(). Behavior with
|
||||
invalid TDES context is undefined.
|
||||
|
||||
If TdesContext is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If InputSize is not multiple of block size (8 bytes), then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in] TdesContext Pointer to the TDES context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be encrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[out] Output Pointer to a buffer that receives the TDES encryption output.
|
||||
|
||||
@retval TRUE TDES encryption succeeded.
|
||||
@retval FALSE TDES encryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
TdesEcbEncrypt (
|
||||
IN VOID *TdesContext,
|
||||
IN CONST UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
DES_key_schedule *KeySchedule;
|
||||
|
||||
ASSERT (TdesContext != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT ((InputSize % TDES_BLOCK_SIZE) == 0);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
KeySchedule = (DES_key_schedule *) TdesContext;
|
||||
|
||||
while (InputSize > 0) {
|
||||
DES_ecb3_encrypt (
|
||||
(const_DES_cblock *) Input,
|
||||
(DES_cblock *) Output,
|
||||
KeySchedule,
|
||||
KeySchedule + 1,
|
||||
KeySchedule + 2,
|
||||
DES_ENCRYPT
|
||||
);
|
||||
Input += TDES_BLOCK_SIZE;
|
||||
Output += TDES_BLOCK_SIZE;
|
||||
InputSize -= TDES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs TDES decryption on a data buffer of the specified size in ECB mode.
|
||||
|
||||
This function performs TDES decryption on data buffer pointed by Input, of specified
|
||||
size of InputSize, in ECB mode.
|
||||
InputSize must be multiple of block size (8 bytes). This function does not perform
|
||||
padding. Caller must perform padding, if necessary, to ensure valid input data size.
|
||||
TdesContext should be already correctly initialized by TdesInit(). Behavior with
|
||||
invalid TDES context is undefined.
|
||||
|
||||
If TdesContext is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If InputSize is not multiple of block size (8 bytes), then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in] TdesContext Pointer to the TDES context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be decrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[out] Output Pointer to a buffer that receives the TDES decryption output.
|
||||
|
||||
@retval TRUE TDES decryption succeeded.
|
||||
@retval FALSE TDES decryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
TdesEcbDecrypt (
|
||||
IN VOID *TdesContext,
|
||||
IN CONST UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
DES_key_schedule *KeySchedule;
|
||||
|
||||
ASSERT (TdesContext != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT ((InputSize % TDES_BLOCK_SIZE) == 0);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
KeySchedule = (DES_key_schedule *) TdesContext;
|
||||
|
||||
while (InputSize > 0) {
|
||||
DES_ecb3_encrypt (
|
||||
(const_DES_cblock *) Input,
|
||||
(DES_cblock *) Output,
|
||||
KeySchedule,
|
||||
KeySchedule + 1,
|
||||
KeySchedule + 2,
|
||||
DES_DECRYPT
|
||||
);
|
||||
Input += TDES_BLOCK_SIZE;
|
||||
Output += TDES_BLOCK_SIZE;
|
||||
InputSize -= TDES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs TDES encryption on a data buffer of the specified size in CBC mode.
|
||||
|
||||
This function performs TDES encryption on data buffer pointed by Input, of specified
|
||||
size of InputSize, in CBC mode.
|
||||
InputSize must be multiple of block size (8 bytes). This function does not perform
|
||||
padding. Caller must perform padding, if necessary, to ensure valid input data size.
|
||||
Initialization vector should be one block size (8 bytes).
|
||||
TdesContext should be already correctly initialized by TdesInit(). Behavior with
|
||||
invalid TDES context is undefined.
|
||||
|
||||
If TdesContext is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If InputSize is not multiple of block size (8 bytes), then ASSERT().
|
||||
If Ivec is NULL, then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in] TdesContext Pointer to the TDES context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be encrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[in] Ivec Pointer to initialization vector.
|
||||
@param[out] Output Pointer to a buffer that receives the TDES encryption output.
|
||||
|
||||
@retval TRUE TDES encryption succeeded.
|
||||
@retval FALSE TDES encryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
TdesCbcEncrypt (
|
||||
IN VOID *TdesContext,
|
||||
IN CONST UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
IN CONST UINT8 *Ivec,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
DES_key_schedule *KeySchedule;
|
||||
UINT8 IvecBuffer[TDES_BLOCK_SIZE];
|
||||
|
||||
ASSERT (TdesContext != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT ((InputSize % TDES_BLOCK_SIZE) == 0);
|
||||
ASSERT (Ivec != NULL);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
KeySchedule = (DES_key_schedule *) TdesContext;
|
||||
CopyMem (IvecBuffer, Ivec, TDES_BLOCK_SIZE);
|
||||
|
||||
DES_ede3_cbc_encrypt (
|
||||
Input,
|
||||
Output,
|
||||
(UINT32) InputSize,
|
||||
KeySchedule,
|
||||
KeySchedule + 1,
|
||||
KeySchedule + 2,
|
||||
(DES_cblock *) IvecBuffer,
|
||||
DES_ENCRYPT
|
||||
);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
/**
|
||||
Performs TDES decryption on a data buffer of the specified size in CBC mode.
|
||||
|
||||
This function performs TDES decryption on data buffer pointed by Input, of specified
|
||||
size of InputSize, in CBC mode.
|
||||
InputSize must be multiple of block size (8 bytes). This function does not perform
|
||||
padding. Caller must perform padding, if necessary, to ensure valid input data size.
|
||||
Initialization vector should be one block size (8 bytes).
|
||||
TdesContext should be already correctly initialized by TdesInit(). Behavior with
|
||||
invalid TDES context is undefined.
|
||||
|
||||
If TdesContext is NULL, then ASSERT().
|
||||
If Input is NULL, then ASSERT().
|
||||
If InputSize is not multiple of block size (8 bytes), then ASSERT().
|
||||
If Ivec is NULL, then ASSERT().
|
||||
If Output is NULL, then ASSERT().
|
||||
|
||||
@param[in] TdesContext Pointer to the TDES context.
|
||||
@param[in] Input Pointer to the buffer containing the data to be encrypted.
|
||||
@param[in] InputSize Size of the Input buffer in bytes.
|
||||
@param[in] Ivec Pointer to initialization vector.
|
||||
@param[out] Output Pointer to a buffer that receives the TDES encryption output.
|
||||
|
||||
@retval TRUE TDES decryption succeeded.
|
||||
@retval FALSE TDES decryption failed.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
TdesCbcDecrypt (
|
||||
IN VOID *TdesContext,
|
||||
IN CONST UINT8 *Input,
|
||||
IN UINTN InputSize,
|
||||
IN CONST UINT8 *Ivec,
|
||||
OUT UINT8 *Output
|
||||
)
|
||||
{
|
||||
DES_key_schedule *KeySchedule;
|
||||
UINT8 IvecBuffer[TDES_BLOCK_SIZE];
|
||||
|
||||
ASSERT (TdesContext != NULL);
|
||||
ASSERT (Input != NULL);
|
||||
ASSERT ((InputSize % TDES_BLOCK_SIZE) == 0);
|
||||
ASSERT (Ivec != NULL);
|
||||
ASSERT (Output != NULL);
|
||||
|
||||
KeySchedule = (DES_key_schedule *) TdesContext;
|
||||
CopyMem (IvecBuffer, Ivec, TDES_BLOCK_SIZE);
|
||||
|
||||
DES_ede3_cbc_encrypt (
|
||||
Input,
|
||||
Output,
|
||||
(UINT32) InputSize,
|
||||
KeySchedule,
|
||||
KeySchedule + 1,
|
||||
KeySchedule + 2,
|
||||
(DES_cblock *) IvecBuffer,
|
||||
DES_DECRYPT
|
||||
);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
Reference in New Issue
Block a user