| /** @file | |
| This file contains UEFI wrapper functions for RSA PKCS1v2 OAEP encryption routines. | |
| SPDX-License-Identifier: BSD-2-Clause-Patent | |
| Copyright (C) Microsoft Corporation. All Rights Reserved. | |
| Copyright (c) 2019, Intel Corporation. All rights reserved.<BR> | |
| **/ | |
| #include "InternalCryptLib.h" | |
| /** | |
| Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the | |
| encrypted message in a newly allocated buffer. | |
| Return FALSE to indicate this interface is not supported. | |
| @param[in] PublicKey A pointer to the DER-encoded X509 certificate that | |
| will be used to encrypt the data. | |
| @param[in] PublicKeySize Size of the X509 cert buffer. | |
| @param[in] InData Data to be encrypted. | |
| @param[in] InDataSize Size of the data buffer. | |
| @param[in] PrngSeed [Optional] If provided, a pointer to a random seed buffer | |
| to be used when initializing the PRNG. NULL otherwise. | |
| @param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer. | |
| 0 otherwise. | |
| @param[out] EncryptedData Pointer to an allocated buffer containing the encrypted | |
| message. | |
| @param[out] EncryptedDataSize Size of the encrypted message buffer. | |
| @retval FALSE This interface is not supported. | |
| **/ | |
| BOOLEAN | |
| EFIAPI | |
| Pkcs1v2Encrypt ( | |
| IN CONST UINT8 *PublicKey, | |
| IN UINTN PublicKeySize, | |
| IN UINT8 *InData, | |
| IN UINTN InDataSize, | |
| IN CONST UINT8 *PrngSeed OPTIONAL, | |
| IN UINTN PrngSeedSize OPTIONAL, | |
| OUT UINT8 **EncryptedData, | |
| OUT UINTN *EncryptedDataSize | |
| ) | |
| { | |
| ASSERT (FALSE); | |
| return FALSE; | |
| } | |
| /** | |
| Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the | |
| encrypted message in a newly allocated buffer. | |
| Things that can cause a failure include: | |
| - X509 key size does not match any known key size. | |
| - Fail to allocate an intermediate buffer. | |
| - Null pointer provided for a non-optional parameter. | |
| - Data size is too large for the provided key size (max size is a function of key size | |
| and hash digest size). | |
| @param[in] RsaContext A pointer to an RSA context created by RsaNew() and | |
| provisioned with a public key using RsaSetKey(). | |
| @param[in] InData Data to be encrypted. | |
| @param[in] InDataSize Size of the data buffer. | |
| @param[in] PrngSeed [Optional] If provided, a pointer to a random seed buffer | |
| to be used when initializing the PRNG. NULL otherwise. | |
| @param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer. | |
| 0 otherwise. | |
| @param[in] DigestLen [Optional] If provided, size of the hash used: | |
| SHA1_DIGEST_SIZE | |
| SHA256_DIGEST_SIZE | |
| SHA384_DIGEST_SIZE | |
| SHA512_DIGEST_SIZE | |
| 0 to use default (SHA1) | |
| @param[out] EncryptedData Pointer to an allocated buffer containing the encrypted | |
| message. | |
| @param[out] EncryptedDataSize Size of the encrypted message buffer. | |
| @retval TRUE Encryption was successful. | |
| @retval FALSE Encryption failed. | |
| **/ | |
| BOOLEAN | |
| EFIAPI | |
| RsaOaepEncrypt ( | |
| IN VOID *RsaContext, | |
| IN UINT8 *InData, | |
| IN UINTN InDataSize, | |
| IN CONST UINT8 *PrngSeed OPTIONAL, | |
| IN UINTN PrngSeedSize OPTIONAL, | |
| IN UINT16 DigestLen OPTIONAL, | |
| OUT UINT8 **EncryptedData, | |
| OUT UINTN *EncryptedDataSize | |
| ) | |
| { | |
| ASSERT (FALSE); | |
| return FALSE; | |
| } | |
| /** | |
| Decrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the | |
| decrypted message in a newly allocated buffer. | |
| Things that can cause a failure include: | |
| - Fail to parse private key. | |
| - Fail to allocate an intermediate buffer. | |
| - Null pointer provided for a non-optional parameter. | |
| @param[in] PrivateKey A pointer to the DER-encoded private key. | |
| @param[in] PrivateKeySize Size of the private key buffer. | |
| @param[in] EncryptedData Data to be decrypted. | |
| @param[in] EncryptedDataSize Size of the encrypted buffer. | |
| @param[out] OutData Pointer to an allocated buffer containing the encrypted | |
| message. | |
| @param[out] OutDataSize Size of the encrypted message buffer. | |
| @retval TRUE Encryption was successful. | |
| @retval FALSE Encryption failed. | |
| **/ | |
| BOOLEAN | |
| EFIAPI | |
| Pkcs1v2Decrypt ( | |
| IN CONST UINT8 *PrivateKey, | |
| IN UINTN PrivateKeySize, | |
| IN UINT8 *EncryptedData, | |
| IN UINTN EncryptedDataSize, | |
| OUT UINT8 **OutData, | |
| OUT UINTN *OutDataSize | |
| ) | |
| { | |
| ASSERT (FALSE); | |
| return FALSE; | |
| } | |
| /** | |
| Decrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the | |
| decrypted message in a newly allocated buffer. | |
| Things that can cause a failure include: | |
| - Fail to parse private key. | |
| - Fail to allocate an intermediate buffer. | |
| - Null pointer provided for a non-optional parameter. | |
| @param[in] RsaContext A pointer to an RSA context created by RsaNew() and | |
| provisioned with a private key using RsaSetKey(). | |
| @param[in] EncryptedData Data to be decrypted. | |
| @param[in] EncryptedDataSize Size of the encrypted buffer. | |
| @param[in] DigestLen [Optional] If provided, size of the hash used: | |
| SHA1_DIGEST_SIZE | |
| SHA256_DIGEST_SIZE | |
| SHA384_DIGEST_SIZE | |
| SHA512_DIGEST_SIZE | |
| 0 to use default (SHA1) | |
| @param[out] OutData Pointer to an allocated buffer containing the encrypted | |
| message. | |
| @param[out] OutDataSize Size of the encrypted message buffer. | |
| @retval TRUE Encryption was successful. | |
| @retval FALSE Encryption failed. | |
| **/ | |
| BOOLEAN | |
| EFIAPI | |
| RsaOaepDecrypt ( | |
| IN VOID *RsaContext, | |
| IN UINT8 *EncryptedData, | |
| IN UINTN EncryptedDataSize, | |
| IN UINT16 DigestLen OPTIONAL, | |
| OUT UINT8 **OutData, | |
| OUT UINTN *OutDataSize | |
| ) | |
| { | |
| ASSERT (FALSE); | |
| return FALSE; | |
| } |