diff --git a/CryptoBinPkg/Driver/Bin/temp_CryptLib.c b/CryptoBinPkg/Driver/Bin/temp_CryptLib.c
index caaf2fe6..181a6701 100644
--- a/CryptoBinPkg/Driver/Bin/temp_CryptLib.c
+++ b/CryptoBinPkg/Driver/Bin/temp_CryptLib.c
@@ -100,7 +100,7 @@ CryptoServiceNotAvailable (
// AUTOGENERATED BY CryptoBinPkg\Driver\Packaging\generate_cryptodriver.py
// AUTOGENED AS temp_CryptLib.c
// DO NOT MODIFY
-// GENERATED ON: 2024-03-08 19:11:45.650770
+// GENERATED ON: 2024-04-08 11:12:11.608999
// =============================================================================
// HMACSHA256 functions
@@ -111,7 +111,7 @@ CryptoServiceNotAvailable (
@return Pointer to the HMAC_CTX context that has been initialized.
If the allocations fails, HmacSha256New() returns NULL.
**/
-// See BaseCryptLib.h:940
+// See BaseCryptLib.h:941
VOID *
EFIAPI
HmacSha256New (
@@ -125,7 +125,7 @@ HmacSha256New (
Release the specified HMAC_CTX context.
@param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be released.
**/
-// See BaseCryptLib.h:952
+// See BaseCryptLib.h:953
VOID
EFIAPI
HmacSha256Free (
@@ -147,7 +147,7 @@ HmacSha256Free (
@retval FALSE The Key is set unsuccessfully.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:974
+// See BaseCryptLib.h:975
BOOLEAN
EFIAPI
HmacSha256SetKey (
@@ -170,7 +170,7 @@ HmacSha256SetKey (
@retval FALSE HMAC-SHA256 context copy failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:997
+// See BaseCryptLib.h:998
BOOLEAN
EFIAPI
HmacSha256Duplicate (
@@ -196,7 +196,7 @@ HmacSha256Duplicate (
@retval FALSE HMAC-SHA256 data digest failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1024
+// See BaseCryptLib.h:1025
BOOLEAN
EFIAPI
HmacSha256Update (
@@ -225,7 +225,7 @@ HmacSha256Update (
@retval FALSE HMAC-SHA256 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1054
+// See BaseCryptLib.h:1055
BOOLEAN
EFIAPI
HmacSha256Final (
@@ -251,7 +251,7 @@ HmacSha256Final (
@retval FALSE HMAC-SHA256 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1081
+// See BaseCryptLib.h:1082
BOOLEAN
EFIAPI
HmacSha256All (
@@ -274,7 +274,7 @@ HmacSha256All (
@return Pointer to the HMAC_CTX context that has been initialized.
If the allocations fails, HmacSha384New() returns NULL.
**/
-// See BaseCryptLib.h:1098
+// See BaseCryptLib.h:1099
VOID *
EFIAPI
HmacSha384New (
@@ -288,7 +288,7 @@ HmacSha384New (
Release the specified HMAC_CTX context.
@param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be released.
**/
-// See BaseCryptLib.h:1110
+// See BaseCryptLib.h:1111
VOID
EFIAPI
HmacSha384Free (
@@ -310,7 +310,7 @@ HmacSha384Free (
@retval FALSE The Key is set unsuccessfully.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1132
+// See BaseCryptLib.h:1133
BOOLEAN
EFIAPI
HmacSha384SetKey (
@@ -333,7 +333,7 @@ HmacSha384SetKey (
@retval FALSE HMAC-SHA384 context copy failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1155
+// See BaseCryptLib.h:1156
BOOLEAN
EFIAPI
HmacSha384Duplicate (
@@ -359,7 +359,7 @@ HmacSha384Duplicate (
@retval FALSE HMAC-SHA384 data digest failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1182
+// See BaseCryptLib.h:1183
BOOLEAN
EFIAPI
HmacSha384Update (
@@ -388,7 +388,7 @@ HmacSha384Update (
@retval FALSE HMAC-SHA384 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1212
+// See BaseCryptLib.h:1213
BOOLEAN
EFIAPI
HmacSha384Final (
@@ -414,7 +414,7 @@ HmacSha384Final (
@retval FALSE HMAC-SHA384 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1239
+// See BaseCryptLib.h:1240
BOOLEAN
EFIAPI
HmacSha384All (
@@ -455,7 +455,7 @@ HmacSha384All (
@retval FALSE The key derivation operation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:2096
+// See BaseCryptLib.h:2097
BOOLEAN
EFIAPI
Pkcs5HashPassword (
@@ -497,7 +497,7 @@ Pkcs5HashPassword (
@retval TRUE Encryption was successful.
@retval FALSE Encryption failed.
**/
-// See BaseCryptLib.h:2138
+// See BaseCryptLib.h:2139
BOOLEAN
EFIAPI
Pkcs1v2Encrypt (
@@ -531,7 +531,7 @@ Pkcs1v2Encrypt (
@retval TRUE Encryption was successful.
@retval FALSE Encryption failed.
**/
-// See BaseCryptLib.h:2211
+// See BaseCryptLib.h:2219
BOOLEAN
EFIAPI
Pkcs1v2Decrypt (
@@ -568,7 +568,7 @@ Pkcs1v2Decrypt (
@retval FALSE Error occurs during the operation.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:2309
+// See BaseCryptLib.h:2324
BOOLEAN
EFIAPI
Pkcs7GetSigners (
@@ -588,7 +588,7 @@ Pkcs7GetSigners (
If this interface is not supported, then ASSERT().
@param[in] Certs Pointer to the certificates to be freed.
**/
-// See BaseCryptLib.h:2328
+// See BaseCryptLib.h:2343
VOID
EFIAPI
Pkcs7FreeSigners (
@@ -617,7 +617,7 @@ Pkcs7FreeSigners (
@retval TRUE The operation is finished successfully.
@retval FALSE Error occurs during the operation.
**/
-// See BaseCryptLib.h:2356
+// See BaseCryptLib.h:2371
BOOLEAN
EFIAPI
Pkcs7GetCertificatesList (
@@ -656,7 +656,7 @@ Pkcs7GetCertificatesList (
@retval FALSE PKCS#7 data signing failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:2395
+// See BaseCryptLib.h:2410
BOOLEAN
EFIAPI
Pkcs7Sign (
@@ -693,7 +693,7 @@ Pkcs7Sign (
@retval FALSE Invalid PKCS#7 signed data.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:2434
+// See BaseCryptLib.h:2449
BOOLEAN
EFIAPI
Pkcs7Verify (
@@ -736,7 +736,7 @@ Pkcs7Verify (
@retval EFI_INVALID_PARAMETER A parameter was invalid.
@retval EFI_NOT_FOUND One or more EKU's were not found in the signature.
**/
-// See BaseCryptLib.h:2477
+// See BaseCryptLib.h:2492
RETURN_STATUS
EFIAPI
VerifyEKUsInPkcs7Signature (
@@ -765,7 +765,7 @@ VerifyEKUsInPkcs7Signature (
@retval TRUE The P7Data was correctly formatted for processing.
@retval FALSE The P7Data was not correctly formatted for processing.
**/
-// See BaseCryptLib.h:2507
+// See BaseCryptLib.h:2522
BOOLEAN
EFIAPI
Pkcs7GetAttachedContent (
@@ -798,7 +798,7 @@ Pkcs7GetAttachedContent (
@retval FALSE Invalid Authenticode Signature.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:2540
+// See BaseCryptLib.h:2555
BOOLEAN
EFIAPI
AuthenticodeVerify (
@@ -829,7 +829,7 @@ AuthenticodeVerify (
@retval TRUE The specified Authenticode includes a valid RFC3161 Timestamp CounterSignature.
@retval FALSE No valid RFC3161 Timestamp CounterSignature in the specified Authenticode data.
**/
-// See BaseCryptLib.h:2571
+// See BaseCryptLib.h:2586
BOOLEAN
EFIAPI
ImageTimestampVerify (
@@ -853,7 +853,7 @@ ImageTimestampVerify (
If the allocations fails, DhNew() returns NULL.
If the interface is not supported, DhNew() returns NULL.
**/
-// See BaseCryptLib.h:2967
+// See BaseCryptLib.h:2982
VOID *
EFIAPI
DhNew (
@@ -868,7 +868,7 @@ DhNew (
If the interface is not supported, then ASSERT().
@param[in] DhContext Pointer to the DH context to be released.
**/
-// See BaseCryptLib.h:2981
+// See BaseCryptLib.h:2996
VOID
EFIAPI
DhFree (
@@ -896,7 +896,7 @@ DhFree (
@retval FALSE PRNG fails to generate random prime number with PrimeLength.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:3011
+// See BaseCryptLib.h:3026
BOOLEAN
EFIAPI
DhGenerateParameter (
@@ -927,7 +927,7 @@ DhGenerateParameter (
@retval FALSE Value of Prime is not a safe prime number.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:3043
+// See BaseCryptLib.h:3058
BOOLEAN
EFIAPI
DhSetParameter (
@@ -959,7 +959,7 @@ DhSetParameter (
@retval FALSE PublicKeySize is not large enough.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:3076
+// See BaseCryptLib.h:3091
BOOLEAN
EFIAPI
DhGenerateKey (
@@ -992,7 +992,7 @@ DhGenerateKey (
@retval FALSE KeySize is not large enough.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:3110
+// See BaseCryptLib.h:3125
BOOLEAN
EFIAPI
DhComputeKey (
@@ -1024,7 +1024,7 @@ DhComputeKey (
@retval FALSE Pseudorandom number generator does not have enough entropy for random generation.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:3142
+// See BaseCryptLib.h:3157
BOOLEAN
EFIAPI
RandomSeed (
@@ -1045,7 +1045,7 @@ RandomSeed (
@retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:3163
+// See BaseCryptLib.h:3178
BOOLEAN
EFIAPI
RandomBytes (
@@ -1065,7 +1065,7 @@ RandomBytes (
@return Pointer to the RSA context that has been initialized.
If the allocations fails, RsaNew() returns NULL.
**/
-// See BaseCryptLib.h:1474
+// See BaseCryptLib.h:1475
VOID *
EFIAPI
RsaNew (
@@ -1080,7 +1080,7 @@ RsaNew (
If RsaContext is NULL, then return FALSE.
@param[in] RsaContext Pointer to the RSA context to be released.
**/
-// See BaseCryptLib.h:1488
+// See BaseCryptLib.h:1489
VOID
EFIAPI
RsaFree (
@@ -1107,7 +1107,7 @@ RsaFree (
@retval TRUE RSA key component was set successfully.
@retval FALSE Invalid RSA key component tag.
**/
-// See BaseCryptLib.h:1516
+// See BaseCryptLib.h:1517
BOOLEAN
EFIAPI
RsaSetKey (
@@ -1143,7 +1143,7 @@ RsaSetKey (
@retval FALSE BnSize is too small.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1553
+// See BaseCryptLib.h:1554
BOOLEAN
EFIAPI
RsaGetKey (
@@ -1173,7 +1173,7 @@ RsaGetKey (
@retval FALSE Invalid RSA key component tag.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1585
+// See BaseCryptLib.h:1586
BOOLEAN
EFIAPI
RsaGenerateKey (
@@ -1202,7 +1202,7 @@ RsaGenerateKey (
@retval FALSE RSA key components are not valid.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1615
+// See BaseCryptLib.h:1616
BOOLEAN
EFIAPI
RsaCheckKey (
@@ -1234,7 +1234,7 @@ RsaCheckKey (
@retval FALSE SigSize is too small.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1648
+// See BaseCryptLib.h:1649
BOOLEAN
EFIAPI
RsaPkcs1Sign (
@@ -1263,7 +1263,7 @@ RsaPkcs1Sign (
@retval TRUE Valid signature encoded in PKCS1-v1_5.
@retval FALSE Invalid signature or invalid RSA context.
**/
-// See BaseCryptLib.h:1677
+// See BaseCryptLib.h:1678
BOOLEAN
EFIAPI
RsaPkcs1Verify (
@@ -1304,7 +1304,7 @@ RsaPkcs1Verify (
@retval FALSE SigSize is too small.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1719
+// See BaseCryptLib.h:1720
BOOLEAN
EFIAPI
RsaPssSign (
@@ -1335,7 +1335,7 @@ RsaPssSign (
@retval TRUE Valid signature encoded in RSASSA-PSS.
@retval FALSE Invalid signature or invalid RSA context.
**/
-// See BaseCryptLib.h:1749
+// See BaseCryptLib.h:1750
BOOLEAN
EFIAPI
RsaPssVerify (
@@ -1366,7 +1366,7 @@ RsaPssVerify (
@retval FALSE Invalid PEM key data or incorrect password.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1780
+// See BaseCryptLib.h:1781
BOOLEAN
EFIAPI
RsaGetPrivateKeyFromPem (
@@ -1393,7 +1393,7 @@ RsaGetPrivateKeyFromPem (
@retval FALSE Fail to retrieve RSA public key from X509 certificate.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1807
+// See BaseCryptLib.h:1808
BOOLEAN
EFIAPI
RsaGetPublicKeyFromX509 (
@@ -1422,13 +1422,19 @@ RsaGetPublicKeyFromX509 (
to be used when initializing the PRNG. NULL otherwise.
@param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer.
0 otherwise.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] EncryptedData Pointer to an allocated buffer containing the encrypted
message.
@param[out] EncryptedDataSize Size of the encrypted message buffer.
@retval TRUE Encryption was successful.
@retval FALSE Encryption failed.
**/
-// See BaseCryptLib.h:2178
+// See BaseCryptLib.h:2185
BOOLEAN
EFIAPI
RsaOaepEncrypt (
@@ -1437,11 +1443,12 @@ RsaOaepEncrypt (
IN UINTN InDataSize,
IN CONST UINT8 *PrngSeed OPTIONAL,
IN UINTN PrngSeedSize OPTIONAL,
+ IN UINT16 DigestLen OPTIONAL,
OUT UINT8 **EncryptedData,
OUT UINTN *EncryptedDataSize
)
{
- CALL_CRYPTO_SERVICE (RsaOaepEncrypt, (RsaContext, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), FALSE);
+ CALL_CRYPTO_SERVICE (RsaOaepEncrypt, (RsaContext, InData, InDataSize, PrngSeed, PrngSeedSize, DigestLen, EncryptedData, EncryptedDataSize), FALSE);
}
/**
@@ -1455,24 +1462,31 @@ RsaOaepEncrypt (
provisioned with a private key using RsaSetKey().
@param[in] EncryptedData Data to be decrypted.
@param[in] EncryptedDataSize Size of the encrypted buffer.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] OutData Pointer to an allocated buffer containing the encrypted
message.
@param[out] OutDataSize Size of the encrypted message buffer.
@retval TRUE Encryption was successful.
@retval FALSE Encryption failed.
**/
-// See BaseCryptLib.h:2243
+// See BaseCryptLib.h:2257
BOOLEAN
EFIAPI
RsaOaepDecrypt (
- IN VOID *RsaContext,
- IN UINT8 *EncryptedData,
- IN UINTN EncryptedDataSize,
- OUT UINT8 **OutData,
- OUT UINTN *OutDataSize
+ IN VOID *RsaContext,
+ IN UINT8 *EncryptedData,
+ IN UINTN EncryptedDataSize,
+ IN UINT16 DigestLen OPTIONAL,
+ OUT UINT8 **OutData,
+ OUT UINTN *OutDataSize
)
{
- CALL_CRYPTO_SERVICE (RsaOaepDecrypt, (RsaContext, EncryptedData, EncryptedDataSize, OutData, OutDataSize), FALSE);
+ CALL_CRYPTO_SERVICE (RsaOaepDecrypt, (RsaContext, EncryptedData, EncryptedDataSize, DigestLen, OutData, OutDataSize), FALSE);
}
// =============================================================================
@@ -1485,7 +1499,7 @@ RsaOaepDecrypt (
@return The size, in bytes, of the context buffer required for SHA-1 hash operations.
@retval 0 This interface is not supported.
**/
-// See BaseCryptLib.h:243
+// See BaseCryptLib.h:244
UINTN
EFIAPI
Sha1GetContextSize (
@@ -1505,7 +1519,7 @@ Sha1GetContextSize (
@retval FALSE SHA-1 context initialization failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:263
+// See BaseCryptLib.h:264
BOOLEAN
EFIAPI
Sha1Init (
@@ -1526,7 +1540,7 @@ Sha1Init (
@retval FALSE SHA-1 context copy failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:284
+// See BaseCryptLib.h:285
BOOLEAN
EFIAPI
Sha1Duplicate (
@@ -1552,7 +1566,7 @@ Sha1Duplicate (
@retval FALSE SHA-1 data digest failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:311
+// See BaseCryptLib.h:312
BOOLEAN
EFIAPI
Sha1Update (
@@ -1581,7 +1595,7 @@ Sha1Update (
@retval FALSE SHA-1 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:341
+// See BaseCryptLib.h:342
BOOLEAN
EFIAPI
Sha1Final (
@@ -1605,7 +1619,7 @@ Sha1Final (
@retval FALSE SHA-1 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:366
+// See BaseCryptLib.h:367
BOOLEAN
EFIAPI
Sha1HashAll (
@@ -1625,7 +1639,7 @@ Sha1HashAll (
Retrieves the size, in bytes, of the context buffer required for SHA-256 hash operations.
@return The size, in bytes, of the context buffer required for SHA-256 hash operations.
**/
-// See BaseCryptLib.h:382
+// See BaseCryptLib.h:383
UINTN
EFIAPI
Sha256GetContextSize (
@@ -1643,7 +1657,7 @@ Sha256GetContextSize (
@retval TRUE SHA-256 context initialization succeeded.
@retval FALSE SHA-256 context initialization failed.
**/
-// See BaseCryptLib.h:400
+// See BaseCryptLib.h:401
BOOLEAN
EFIAPI
Sha256Init (
@@ -1664,7 +1678,7 @@ Sha256Init (
@retval FALSE SHA-256 context copy failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:421
+// See BaseCryptLib.h:422
BOOLEAN
EFIAPI
Sha256Duplicate (
@@ -1688,7 +1702,7 @@ Sha256Duplicate (
@retval TRUE SHA-256 data digest succeeded.
@retval FALSE SHA-256 data digest failed.
**/
-// See BaseCryptLib.h:446
+// See BaseCryptLib.h:447
BOOLEAN
EFIAPI
Sha256Update (
@@ -1715,7 +1729,7 @@ Sha256Update (
@retval TRUE SHA-256 digest computation succeeded.
@retval FALSE SHA-256 digest computation failed.
**/
-// See BaseCryptLib.h:474
+// See BaseCryptLib.h:475
BOOLEAN
EFIAPI
Sha256Final (
@@ -1739,7 +1753,7 @@ Sha256Final (
@retval FALSE SHA-256 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:499
+// See BaseCryptLib.h:500
BOOLEAN
EFIAPI
Sha256HashAll (
@@ -1759,7 +1773,7 @@ Sha256HashAll (
Retrieves the size, in bytes, of the context buffer required for SHA-384 hash operations.
@return The size, in bytes, of the context buffer required for SHA-384 hash operations.
**/
-// See BaseCryptLib.h:513
+// See BaseCryptLib.h:514
UINTN
EFIAPI
Sha384GetContextSize (
@@ -1777,7 +1791,7 @@ Sha384GetContextSize (
@retval TRUE SHA-384 context initialization succeeded.
@retval FALSE SHA-384 context initialization failed.
**/
-// See BaseCryptLib.h:531
+// See BaseCryptLib.h:532
BOOLEAN
EFIAPI
Sha384Init (
@@ -1798,7 +1812,7 @@ Sha384Init (
@retval FALSE SHA-384 context copy failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:552
+// See BaseCryptLib.h:553
BOOLEAN
EFIAPI
Sha384Duplicate (
@@ -1822,7 +1836,7 @@ Sha384Duplicate (
@retval TRUE SHA-384 data digest succeeded.
@retval FALSE SHA-384 data digest failed.
**/
-// See BaseCryptLib.h:577
+// See BaseCryptLib.h:578
BOOLEAN
EFIAPI
Sha384Update (
@@ -1849,7 +1863,7 @@ Sha384Update (
@retval TRUE SHA-384 digest computation succeeded.
@retval FALSE SHA-384 digest computation failed.
**/
-// See BaseCryptLib.h:605
+// See BaseCryptLib.h:606
BOOLEAN
EFIAPI
Sha384Final (
@@ -1873,7 +1887,7 @@ Sha384Final (
@retval FALSE SHA-384 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:630
+// See BaseCryptLib.h:631
BOOLEAN
EFIAPI
Sha384HashAll (
@@ -1893,7 +1907,7 @@ Sha384HashAll (
Retrieves the size, in bytes, of the context buffer required for SHA-512 hash operations.
@return The size, in bytes, of the context buffer required for SHA-512 hash operations.
**/
-// See BaseCryptLib.h:644
+// See BaseCryptLib.h:645
UINTN
EFIAPI
Sha512GetContextSize (
@@ -1911,7 +1925,7 @@ Sha512GetContextSize (
@retval TRUE SHA-512 context initialization succeeded.
@retval FALSE SHA-512 context initialization failed.
**/
-// See BaseCryptLib.h:662
+// See BaseCryptLib.h:663
BOOLEAN
EFIAPI
Sha512Init (
@@ -1932,7 +1946,7 @@ Sha512Init (
@retval FALSE SHA-512 context copy failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:683
+// See BaseCryptLib.h:684
BOOLEAN
EFIAPI
Sha512Duplicate (
@@ -1956,7 +1970,7 @@ Sha512Duplicate (
@retval TRUE SHA-512 data digest succeeded.
@retval FALSE SHA-512 data digest failed.
**/
-// See BaseCryptLib.h:708
+// See BaseCryptLib.h:709
BOOLEAN
EFIAPI
Sha512Update (
@@ -1983,7 +1997,7 @@ Sha512Update (
@retval TRUE SHA-512 digest computation succeeded.
@retval FALSE SHA-512 digest computation failed.
**/
-// See BaseCryptLib.h:736
+// See BaseCryptLib.h:737
BOOLEAN
EFIAPI
Sha512Final (
@@ -2007,7 +2021,7 @@ Sha512Final (
@retval FALSE SHA-512 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:761
+// See BaseCryptLib.h:762
BOOLEAN
EFIAPI
Sha512HashAll (
@@ -2037,7 +2051,7 @@ Sha512HashAll (
@retval FALSE ParallelHash256 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:786
+// See BaseCryptLib.h:787
BOOLEAN
EFIAPI
ParallelHash256HashAll (
@@ -2077,7 +2091,7 @@ ParallelHash256HashAll (
@retval TRUE AEAD AES-GCM authenticated encryption succeeded.
@retval FALSE AEAD AES-GCM authenticated encryption failed.
**/
-// See BaseCryptLib.h:1404
+// See BaseCryptLib.h:1405
BOOLEAN
EFIAPI
AeadAesGcmEncrypt (
@@ -2119,7 +2133,7 @@ AeadAesGcmEncrypt (
@retval TRUE AEAD AES-GCM authenticated decryption succeeded.
@retval FALSE AEAD AES-GCM authenticated decryption failed.
**/
-// See BaseCryptLib.h:1446
+// See BaseCryptLib.h:1447
BOOLEAN
EFIAPI
AeadAesGcmDecrypt (
@@ -2159,7 +2173,7 @@ AeadAesGcmDecrypt (
The SubjectSize will be updated with the required size.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1834
+// See BaseCryptLib.h:1835
BOOLEAN
EFIAPI
X509GetSubjectName (
@@ -2195,7 +2209,7 @@ X509GetSubjectName (
CommonNameSize parameter.
@retval RETURN_UNSUPPORTED The operation is not supported.
**/
-// See BaseCryptLib.h:1869
+// See BaseCryptLib.h:1870
RETURN_STATUS
EFIAPI
X509GetCommonName (
@@ -2231,7 +2245,7 @@ X509GetCommonName (
CommonNameSize parameter.
@retval RETURN_UNSUPPORTED The operation is not supported.
**/
-// See BaseCryptLib.h:1904
+// See BaseCryptLib.h:1905
RETURN_STATUS
EFIAPI
X509GetOrganizationName (
@@ -2258,7 +2272,7 @@ X509GetOrganizationName (
trusted CA.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1931
+// See BaseCryptLib.h:1932
BOOLEAN
EFIAPI
X509VerifyCert (
@@ -2283,7 +2297,7 @@ X509VerifyCert (
@retval FALSE The operation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1956
+// See BaseCryptLib.h:1957
BOOLEAN
EFIAPI
X509ConstructCertificate (
@@ -2310,7 +2324,7 @@ X509ConstructCertificate (
@retval FALSE The construction operation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1983
+// See BaseCryptLib.h:1984
BOOLEAN
EFIAPI
X509ConstructCertificateStackV (
@@ -2335,7 +2349,7 @@ X509ConstructCertificateStackV (
@retval FALSE The construction operation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:2008
+// See BaseCryptLib.h:2009
BOOLEAN
EFIAPI
X509ConstructCertificateStack (
@@ -2357,7 +2371,7 @@ X509ConstructCertificateStack (
If the interface is not supported, then ASSERT().
@param[in] X509Cert Pointer to the X509 object to be released.
**/
-// See BaseCryptLib.h:2023
+// See BaseCryptLib.h:2024
VOID
EFIAPI
X509Free (
@@ -2372,7 +2386,7 @@ X509Free (
If the interface is not supported, then ASSERT().
@param[in] X509Stack Pointer to the X509 stack object to be released.
**/
-// See BaseCryptLib.h:2037
+// See BaseCryptLib.h:2038
VOID
EFIAPI
X509StackFree (
@@ -2395,7 +2409,7 @@ X509StackFree (
@retval TRUE The TBSCertificate was retrieved successfully.
@retval FALSE Invalid X.509 certificate.
**/
-// See BaseCryptLib.h:2060
+// See BaseCryptLib.h:2061
BOOLEAN
EFIAPI
X509GetTBSCert (
@@ -2420,7 +2434,7 @@ X509GetTBSCert (
@retval FALSE If Cert is NULL or CertSize is Zero.
@retval FALSE The operation is not supported.
**/
-// See BaseCryptLib.h:2597
+// See BaseCryptLib.h:2612
BOOLEAN
EFIAPI
X509GetVersion (
@@ -2452,7 +2466,7 @@ X509GetVersion (
SerialNumberSize parameter.
@retval FALSE The operation is not supported.
**/
-// See BaseCryptLib.h:2628
+// See BaseCryptLib.h:2643
BOOLEAN
EFIAPI
X509GetSerialNumber (
@@ -2480,7 +2494,7 @@ X509GetSerialNumber (
The CertIssuerSize will be updated with the required size.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:2656
+// See BaseCryptLib.h:2671
BOOLEAN
EFIAPI
X509GetIssuerName (
@@ -2509,7 +2523,7 @@ X509GetIssuerName (
is returned in the OidSize.
@retval FALSE The operation is not supported.
**/
-// See BaseCryptLib.h:2683
+// See BaseCryptLib.h:2698
BOOLEAN
EFIAPI
X509GetSignatureAlgorithm (
@@ -2540,7 +2554,7 @@ X509GetSignatureAlgorithm (
is returned in the ExtensionDataSize parameter.
@retval FALSE The operation is not supported.
**/
-// See BaseCryptLib.h:2712
+// See BaseCryptLib.h:2727
BOOLEAN
EFIAPI
X509GetExtensionData (
@@ -2572,7 +2586,7 @@ X509GetExtensionData (
@retval FALSE Invalid certificate, or Validity retrieve failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:2744
+// See BaseCryptLib.h:2759
BOOLEAN
EFIAPI
X509GetValidity (
@@ -2607,7 +2621,7 @@ X509GetValidity (
DateTimeSize parameter.
@retval FALSE The operation is not supported.
**/
-// See BaseCryptLib.h:2778
+// See BaseCryptLib.h:2793
BOOLEAN
EFIAPI
X509FormatDateTime (
@@ -2628,7 +2642,7 @@ X509FormatDateTime (
@retval FALSE Invalid certificate, or Usage is NULL
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:2820
+// See BaseCryptLib.h:2835
BOOLEAN
EFIAPI
X509GetKeyUsage (
@@ -2655,7 +2669,7 @@ X509GetKeyUsage (
is returned in the UsageSize parameter.
@retval FALSE The operation is not supported.
**/
-// See BaseCryptLib.h:2845
+// See BaseCryptLib.h:2860
BOOLEAN
EFIAPI
X509GetExtendedKeyUsage (
@@ -2682,7 +2696,7 @@ X509GetExtendedKeyUsage (
@retval FALSE Invalid certificate or the certificate was not issued by the given
trusted CA.
**/
-// See BaseCryptLib.h:2870
+// See BaseCryptLib.h:2885
BOOLEAN
EFIAPI
X509VerifyCertChain (
@@ -2710,7 +2724,7 @@ X509VerifyCertChain (
@retval TRUE Success.
@retval FALSE Failed to get certificate from certificate chain.
**/
-// See BaseCryptLib.h:2898
+// See BaseCryptLib.h:2913
BOOLEAN
EFIAPI
X509GetCertFromCertChain (
@@ -2740,7 +2754,7 @@ X509GetCertFromCertChain (
@retval FALSE If no Extension entry match oid.
@retval FALSE The operation is not supported.
**/
-// See BaseCryptLib.h:2946
+// See BaseCryptLib.h:2961
BOOLEAN
EFIAPI
X509GetExtendedBasicConstraints (
@@ -2766,7 +2780,7 @@ X509GetExtendedBasicConstraints (
@retval TRUE Get tag successful
@retval FALSe Failed to get tag or tag not match
**/
-// See BaseCryptLib.h:2919
+// See BaseCryptLib.h:2934
BOOLEAN
EFIAPI
Asn1GetTag (
@@ -2787,7 +2801,7 @@ Asn1GetTag (
Allocate new Big Number.
@retval New BigNum opaque structure or NULL on failure.
**/
-// See BaseCryptLib.h:3341
+// See BaseCryptLib.h:3356
VOID *
EFIAPI
BigNumInit (
@@ -2803,7 +2817,7 @@ BigNumInit (
@param[in] Len Buffer length.
@retval New BigNum opaque structure or NULL on failure.
**/
-// See BaseCryptLib.h:3355
+// See BaseCryptLib.h:3370
VOID *
EFIAPI
BigNumFromBin (
@@ -2821,7 +2835,7 @@ BigNumFromBin (
@param[out] Buf Output buffer.
@retval The length of the big-endian number placed at Buf or -1 on error.
**/
-// See BaseCryptLib.h:3371
+// See BaseCryptLib.h:3386
INTN
EFIAPI
BigNumToBin (
@@ -2837,7 +2851,7 @@ BigNumToBin (
@param[in] Bn Big number to free.
@param[in] Clear TRUE if the buffer should be cleared.
**/
-// See BaseCryptLib.h:3384
+// See BaseCryptLib.h:3399
VOID
EFIAPI
BigNumFree (
@@ -2858,7 +2872,7 @@ BigNumFree (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3403
+// See BaseCryptLib.h:3418
BOOLEAN
EFIAPI
BigNumAdd (
@@ -2880,7 +2894,7 @@ BigNumAdd (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3423
+// See BaseCryptLib.h:3438
BOOLEAN
EFIAPI
BigNumSub (
@@ -2902,7 +2916,7 @@ BigNumSub (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3443
+// See BaseCryptLib.h:3458
BOOLEAN
EFIAPI
BigNumMod (
@@ -2925,7 +2939,7 @@ BigNumMod (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3464
+// See BaseCryptLib.h:3479
BOOLEAN
EFIAPI
BigNumExpMod (
@@ -2948,7 +2962,7 @@ BigNumExpMod (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3485
+// See BaseCryptLib.h:3500
BOOLEAN
EFIAPI
BigNumInverseMod (
@@ -2970,7 +2984,7 @@ BigNumInverseMod (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3505
+// See BaseCryptLib.h:3520
BOOLEAN
EFIAPI
BigNumDiv (
@@ -2993,7 +3007,7 @@ BigNumDiv (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3526
+// See BaseCryptLib.h:3541
BOOLEAN
EFIAPI
BigNumMulMod (
@@ -3014,7 +3028,7 @@ BigNumMulMod (
@retval 1 BnA > BnB.
@retval -1 BnA < BnB.
**/
-// See BaseCryptLib.h:3545
+// See BaseCryptLib.h:3560
INTN
EFIAPI
BigNumCmp (
@@ -3030,7 +3044,7 @@ BigNumCmp (
@param[in] Bn Big number.
@retval Number of bits.
**/
-// See BaseCryptLib.h:3560
+// See BaseCryptLib.h:3575
UINTN
EFIAPI
BigNumBits (
@@ -3045,7 +3059,7 @@ BigNumBits (
@param[in] Bn Big number.
@retval Number of bytes.
**/
-// See BaseCryptLib.h:3573
+// See BaseCryptLib.h:3588
UINTN
EFIAPI
BigNumBytes (
@@ -3062,7 +3076,7 @@ BigNumBytes (
@retval TRUE iff Bn == Num.
@retval FALSE otherwise.
**/
-// See BaseCryptLib.h:3588
+// See BaseCryptLib.h:3603
BOOLEAN
EFIAPI
BigNumIsWord (
@@ -3079,7 +3093,7 @@ BigNumIsWord (
@retval TRUE Bn is odd (Bn % 2 == 1).
@retval FALSE otherwise.
**/
-// See BaseCryptLib.h:3603
+// See BaseCryptLib.h:3618
BOOLEAN
EFIAPI
BigNumIsOdd (
@@ -3096,7 +3110,7 @@ BigNumIsOdd (
@retval BnDst on success.
@retval NULL otherwise.
**/
-// See BaseCryptLib.h:3618
+// See BaseCryptLib.h:3633
VOID *
EFIAPI
BigNumCopy (
@@ -3117,7 +3131,7 @@ BigNumCopy (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3649
+// See BaseCryptLib.h:3664
BOOLEAN
EFIAPI
BigNumRShift (
@@ -3135,7 +3149,7 @@ BigNumRShift (
performed on the given Big number.
@param[in] Bn Big number.
**/
-// See BaseCryptLib.h:3664
+// See BaseCryptLib.h:3679
VOID
EFIAPI
BigNumConstTime (
@@ -3155,7 +3169,7 @@ BigNumConstTime (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3682
+// See BaseCryptLib.h:3697
BOOLEAN
EFIAPI
BigNumSqrMod (
@@ -3173,7 +3187,7 @@ BigNumSqrMod (
needed to optimize calculations and expensive allocations.
@retval Big Number context struct or NULL on failure.
**/
-// See BaseCryptLib.h:3697
+// See BaseCryptLib.h:3712
VOID *
EFIAPI
BigNumNewContext (
@@ -3187,7 +3201,7 @@ BigNumNewContext (
Free Big Number context that was allocated with BigNumNewContext().
@param[in] BnCtx Big number context to free.
**/
-// See BaseCryptLib.h:3708
+// See BaseCryptLib.h:3723
VOID
EFIAPI
BigNumContextFree (
@@ -3204,7 +3218,7 @@ BigNumContextFree (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3723
+// See BaseCryptLib.h:3738
BOOLEAN
EFIAPI
BigNumSetUint (
@@ -3224,7 +3238,7 @@ BigNumSetUint (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3741
+// See BaseCryptLib.h:3756
BOOLEAN
EFIAPI
BigNumAddMod (
@@ -3250,7 +3264,7 @@ BigNumAddMod (
@return The size, in bytes, of the context buffer required for AES operations.
@retval 0 This interface is not supported.
**/
-// See BaseCryptLib.h:1262
+// See BaseCryptLib.h:1263
UINTN
EFIAPI
AesGetContextSize (
@@ -3277,7 +3291,7 @@ AesGetContextSize (
@retval FALSE AES context initialization failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1290
+// See BaseCryptLib.h:1291
BOOLEAN
EFIAPI
AesInit (
@@ -3313,7 +3327,7 @@ AesInit (
@retval FALSE AES encryption failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1327
+// See BaseCryptLib.h:1328
BOOLEAN
EFIAPI
AesCbcEncrypt (
@@ -3351,7 +3365,7 @@ AesCbcEncrypt (
@retval FALSE AES decryption failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:1366
+// See BaseCryptLib.h:1367
BOOLEAN
EFIAPI
AesCbcDecrypt (
@@ -3376,7 +3390,7 @@ AesCbcDecrypt (
Retrieves the size, in bytes, of the context buffer required for SM3 hash operations.
@return The size, in bytes, of the context buffer required for SM3 hash operations.
**/
-// See BaseCryptLib.h:804
+// See BaseCryptLib.h:805
UINTN
EFIAPI
Sm3GetContextSize (
@@ -3394,7 +3408,7 @@ Sm3GetContextSize (
@retval TRUE SM3 context initialization succeeded.
@retval FALSE SM3 context initialization failed.
**/
-// See BaseCryptLib.h:822
+// See BaseCryptLib.h:823
BOOLEAN
EFIAPI
Sm3Init (
@@ -3415,7 +3429,7 @@ Sm3Init (
@retval FALSE SM3 context copy failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:843
+// See BaseCryptLib.h:844
BOOLEAN
EFIAPI
Sm3Duplicate (
@@ -3439,7 +3453,7 @@ Sm3Duplicate (
@retval TRUE SM3 data digest succeeded.
@retval FALSE SM3 data digest failed.
**/
-// See BaseCryptLib.h:868
+// See BaseCryptLib.h:869
BOOLEAN
EFIAPI
Sm3Update (
@@ -3466,7 +3480,7 @@ Sm3Update (
@retval TRUE SM3 digest computation succeeded.
@retval FALSE SM3 digest computation failed.
**/
-// See BaseCryptLib.h:896
+// See BaseCryptLib.h:897
BOOLEAN
EFIAPI
Sm3Final (
@@ -3490,7 +3504,7 @@ Sm3Final (
@retval FALSE SM3 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// See BaseCryptLib.h:921
+// See BaseCryptLib.h:922
BOOLEAN
EFIAPI
Sm3HashAll (
@@ -3519,7 +3533,7 @@ Sm3HashAll (
@retval TRUE Hkdf generated successfully.
@retval FALSE Hkdf generation failed.
**/
-// See BaseCryptLib.h:3190
+// See BaseCryptLib.h:3205
BOOLEAN
EFIAPI
HkdfSha256ExtractAndExpand (
@@ -3547,7 +3561,7 @@ HkdfSha256ExtractAndExpand (
@retval true Hkdf generated successfully.
@retval false Hkdf generation failed.
**/
-// See BaseCryptLib.h:3217
+// See BaseCryptLib.h:3232
BOOLEAN
EFIAPI
HkdfSha256Extract (
@@ -3573,7 +3587,7 @@ HkdfSha256Extract (
@retval TRUE Hkdf generated successfully.
@retval FALSE Hkdf generation failed.
**/
-// See BaseCryptLib.h:3242
+// See BaseCryptLib.h:3257
BOOLEAN
EFIAPI
HkdfSha256Expand (
@@ -3601,7 +3615,7 @@ HkdfSha256Expand (
@retval TRUE Hkdf generated successfully.
@retval FALSE Hkdf generation failed.
**/
-// See BaseCryptLib.h:3269
+// See BaseCryptLib.h:3284
BOOLEAN
EFIAPI
HkdfSha384ExtractAndExpand (
@@ -3629,7 +3643,7 @@ HkdfSha384ExtractAndExpand (
@retval true Hkdf generated successfully.
@retval false Hkdf generation failed.
**/
-// See BaseCryptLib.h:3296
+// See BaseCryptLib.h:3311
BOOLEAN
EFIAPI
HkdfSha384Extract (
@@ -3655,7 +3669,7 @@ HkdfSha384Extract (
@retval TRUE Hkdf generated successfully.
@retval FALSE Hkdf generation failed.
**/
-// See BaseCryptLib.h:3321
+// See BaseCryptLib.h:3336
BOOLEAN
EFIAPI
HkdfSha384Expand (
@@ -4627,7 +4641,7 @@ TlsGetExportKey (
@retval EcGroup object On success.
@retval NULL On failure.
**/
-// See BaseCryptLib.h:3765
+// See BaseCryptLib.h:3780
VOID *
EFIAPI
EcGroupInit (
@@ -4650,7 +4664,7 @@ EcGroupInit (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3786
+// See BaseCryptLib.h:3801
BOOLEAN
EFIAPI
EcGroupGetCurve (
@@ -4674,7 +4688,7 @@ EcGroupGetCurve (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3808
+// See BaseCryptLib.h:3823
BOOLEAN
EFIAPI
EcGroupGetOrder (
@@ -4689,7 +4703,7 @@ EcGroupGetOrder (
Free previously allocated EC group object using EcGroupInit().
@param[in] EcGroup EC group object to free.
**/
-// See BaseCryptLib.h:3820
+// See BaseCryptLib.h:3835
VOID
EFIAPI
EcGroupFree (
@@ -4706,7 +4720,7 @@ EcGroupFree (
@retval EC Point object On success.
@retval NULL On failure.
**/
-// See BaseCryptLib.h:3835
+// See BaseCryptLib.h:3850
VOID *
EFIAPI
EcPointInit (
@@ -4721,7 +4735,7 @@ EcPointInit (
@param[in] EcPoint EC Point to free.
@param[in] Clear TRUE iff the memory should be cleared.
**/
-// See BaseCryptLib.h:3847
+// See BaseCryptLib.h:3862
VOID
EFIAPI
EcPointDeInit (
@@ -4745,7 +4759,7 @@ EcPointDeInit (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3869
+// See BaseCryptLib.h:3884
BOOLEAN
EFIAPI
EcPointGetAffineCoordinates (
@@ -4769,7 +4783,7 @@ EcPointGetAffineCoordinates (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3891
+// See BaseCryptLib.h:3906
BOOLEAN
EFIAPI
EcPointSetAffineCoordinates (
@@ -4794,7 +4808,7 @@ EcPointSetAffineCoordinates (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3914
+// See BaseCryptLib.h:3929
BOOLEAN
EFIAPI
EcPointAdd (
@@ -4819,7 +4833,7 @@ EcPointAdd (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3937
+// See BaseCryptLib.h:3952
BOOLEAN
EFIAPI
EcPointMul (
@@ -4841,7 +4855,7 @@ EcPointMul (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3957
+// See BaseCryptLib.h:3972
BOOLEAN
EFIAPI
EcPointInvert (
@@ -4861,7 +4875,7 @@ EcPointInvert (
@retval TRUE On curve.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3975
+// See BaseCryptLib.h:3990
BOOLEAN
EFIAPI
EcPointIsOnCurve (
@@ -4880,7 +4894,7 @@ EcPointIsOnCurve (
@retval TRUE At infinity.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:3992
+// See BaseCryptLib.h:4007
BOOLEAN
EFIAPI
EcPointIsAtInfinity (
@@ -4900,7 +4914,7 @@ EcPointIsAtInfinity (
@retval TRUE A == B.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:4010
+// See BaseCryptLib.h:4025
BOOLEAN
EFIAPI
EcPointEqual (
@@ -4928,7 +4942,7 @@ EcPointEqual (
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// See BaseCryptLib.h:4036
+// See BaseCryptLib.h:4051
BOOLEAN
EFIAPI
EcPointSetCompressedCoordinates (
@@ -4949,7 +4963,7 @@ EcPointSetCompressedCoordinates (
@return Pointer to the Elliptic Curve Context that has been initialized.
If the allocations fails, EcNewByNid() returns NULL.
**/
-// See BaseCryptLib.h:4058
+// See BaseCryptLib.h:4073
VOID *
EFIAPI
EcNewByNid (
@@ -4963,7 +4977,7 @@ EcNewByNid (
Release the specified EC context.
@param[in] EcContext Pointer to the EC context to be released.
**/
-// See BaseCryptLib.h:4069
+// See BaseCryptLib.h:4084
VOID
EFIAPI
EcFree (
@@ -4999,7 +5013,7 @@ EcFree (
@retval FALSE EC public X,Y generation failed.
@retval FALSE PublicKeySize is not large enough.
**/
-// See BaseCryptLib.h:4101
+// See BaseCryptLib.h:4116
BOOLEAN
EFIAPI
EcGenerateKey (
@@ -5025,7 +5039,7 @@ EcGenerateKey (
@retval TRUE EC key component was retrieved successfully.
@retval FALSE Invalid EC key component.
**/
-// See BaseCryptLib.h:4123
+// See BaseCryptLib.h:4138
BOOLEAN
EFIAPI
EcGetPubKey (
@@ -5062,7 +5076,7 @@ EcGetPubKey (
@retval FALSE EC exchanged key generation failed.
@retval FALSE KeySize is not large enough.
**/
-// See BaseCryptLib.h:4156
+// See BaseCryptLib.h:4171
BOOLEAN
EFIAPI
EcDhComputeKey (
@@ -5090,7 +5104,7 @@ EcDhComputeKey (
@retval TRUE EC Private Key was retrieved successfully.
@retval FALSE Invalid PEM key data or incorrect password.
**/
-// See BaseCryptLib.h:4184
+// See BaseCryptLib.h:4199
BOOLEAN
EFIAPI
EcGetPrivateKeyFromPem (
@@ -5115,7 +5129,7 @@ EcGetPrivateKeyFromPem (
@retval TRUE EC Public Key was retrieved successfully.
@retval FALSE Fail to retrieve EC public key from X509 certificate.
**/
-// See BaseCryptLib.h:4209
+// See BaseCryptLib.h:4224
BOOLEAN
EFIAPI
EcGetPublicKeyFromX509 (
@@ -5150,7 +5164,7 @@ EcGetPublicKeyFromX509 (
@retval FALSE Signature generation failed.
@retval FALSE SigSize is too small.
**/
-// See BaseCryptLib.h:4246
+// See BaseCryptLib.h:4261
BOOLEAN
EFIAPI
EcDsaSign (
@@ -5183,7 +5197,7 @@ EcDsaSign (
@retval TRUE Valid signature encoded in EC-DSA.
@retval FALSE Invalid signature or invalid EC context.
**/
-// See BaseCryptLib.h:4280
+// See BaseCryptLib.h:4295
BOOLEAN
EFIAPI
EcDsaVerify (
diff --git a/CryptoBinPkg/Driver/Bin/temp_Crypto.c b/CryptoBinPkg/Driver/Bin/temp_Crypto.c
index dcff598d..cf3b1a59 100644
--- a/CryptoBinPkg/Driver/Bin/temp_Crypto.c
+++ b/CryptoBinPkg/Driver/Bin/temp_Crypto.c
@@ -39,7 +39,7 @@ CryptoServiceGetCryptoVersion (
// AUTOGENERATED BY CryptoBinPkg\Driver\Packaging\generate_cryptodriver.py
// AUTOGENED AS temp_Crypto.c
// DO NOT MODIFY
-// GENERATED ON: 2024-03-08 19:11:45.538056
+// GENERATED ON: 2024-04-08 11:12:11.496983
const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
/// Version
diff --git a/CryptoBinPkg/Driver/Bin/temp_Crypto.h b/CryptoBinPkg/Driver/Bin/temp_Crypto.h
index 31c5decf..d5926345 100644
--- a/CryptoBinPkg/Driver/Bin/temp_Crypto.h
+++ b/CryptoBinPkg/Driver/Bin/temp_Crypto.h
@@ -44,7 +44,7 @@ UINTN
// AUTOGENERATED BY CryptoBinPkg\Driver\Packaging\generate_cryptodriver.py
// AUTOGENED AS temp_Crypto.h
// DO NOT MODIFY
-// GENERATED ON: 2024-03-08 19:11:45.573512
+// GENERATED ON: 2024-04-08 11:12:11.528450
// =============================================================================
// HMACSHA256 functions
@@ -55,7 +55,7 @@ UINTN
@return Pointer to the HMAC_CTX context that has been initialized.
If the allocations fails, HmacSha256New() returns NULL.
**/
-// FROM BaseCryptLib.h:940
+// FROM BaseCryptLib.h:941
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_NEW)(
@@ -66,7 +66,7 @@ VOID *
Release the specified HMAC_CTX context.
@param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be released.
**/
-// FROM BaseCryptLib.h:952
+// FROM BaseCryptLib.h:953
typedef
VOID
(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_FREE)(
@@ -85,7 +85,7 @@ VOID
@retval FALSE The Key is set unsuccessfully.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:974
+// FROM BaseCryptLib.h:975
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_SET_KEY)(
@@ -105,7 +105,7 @@ BOOLEAN
@retval FALSE HMAC-SHA256 context copy failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:997
+// FROM BaseCryptLib.h:998
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_DUPLICATE)(
@@ -128,7 +128,7 @@ BOOLEAN
@retval FALSE HMAC-SHA256 data digest failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1024
+// FROM BaseCryptLib.h:1025
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_UPDATE)(
@@ -154,7 +154,7 @@ BOOLEAN
@retval FALSE HMAC-SHA256 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1054
+// FROM BaseCryptLib.h:1055
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_FINAL)(
@@ -177,7 +177,7 @@ BOOLEAN
@retval FALSE HMAC-SHA256 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1081
+// FROM BaseCryptLib.h:1082
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA256_ALL)(
@@ -197,7 +197,7 @@ BOOLEAN
@return Pointer to the HMAC_CTX context that has been initialized.
If the allocations fails, HmacSha384New() returns NULL.
**/
-// FROM BaseCryptLib.h:1098
+// FROM BaseCryptLib.h:1099
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_NEW)(
@@ -208,7 +208,7 @@ VOID *
Release the specified HMAC_CTX context.
@param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be released.
**/
-// FROM BaseCryptLib.h:1110
+// FROM BaseCryptLib.h:1111
typedef
VOID
(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FREE)(
@@ -227,7 +227,7 @@ VOID
@retval FALSE The Key is set unsuccessfully.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1132
+// FROM BaseCryptLib.h:1133
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_SET_KEY)(
@@ -247,7 +247,7 @@ BOOLEAN
@retval FALSE HMAC-SHA384 context copy failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1155
+// FROM BaseCryptLib.h:1156
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_DUPLICATE)(
@@ -270,7 +270,7 @@ BOOLEAN
@retval FALSE HMAC-SHA384 data digest failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1182
+// FROM BaseCryptLib.h:1183
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_UPDATE)(
@@ -296,7 +296,7 @@ BOOLEAN
@retval FALSE HMAC-SHA384 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1212
+// FROM BaseCryptLib.h:1213
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FINAL)(
@@ -319,7 +319,7 @@ BOOLEAN
@retval FALSE HMAC-SHA384 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1239
+// FROM BaseCryptLib.h:1240
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HMAC_SHA384_ALL)(
@@ -357,7 +357,7 @@ BOOLEAN
@retval FALSE The key derivation operation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:2096
+// FROM BaseCryptLib.h:2097
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_PKCS5_HASH_PASSWORD)(
@@ -396,7 +396,7 @@ BOOLEAN
@retval TRUE Encryption was successful.
@retval FALSE Encryption failed.
**/
-// FROM BaseCryptLib.h:2138
+// FROM BaseCryptLib.h:2139
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_PKCS1V2_ENCRYPT)(
@@ -427,7 +427,7 @@ BOOLEAN
@retval TRUE Encryption was successful.
@retval FALSE Encryption failed.
**/
-// FROM BaseCryptLib.h:2211
+// FROM BaseCryptLib.h:2219
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_PKCS1V2_DECRYPT)(
@@ -461,7 +461,7 @@ BOOLEAN
@retval FALSE Error occurs during the operation.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:2309
+// FROM BaseCryptLib.h:2324
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_PKCS7_GET_SIGNERS)(
@@ -478,7 +478,7 @@ BOOLEAN
If this interface is not supported, then ASSERT().
@param[in] Certs Pointer to the certificates to be freed.
**/
-// FROM BaseCryptLib.h:2328
+// FROM BaseCryptLib.h:2343
typedef
VOID
(EFIAPI *EDKII_CRYPTO_PKCS7_FREE_SIGNERS)(
@@ -504,7 +504,7 @@ VOID
@retval TRUE The operation is finished successfully.
@retval FALSE Error occurs during the operation.
**/
-// FROM BaseCryptLib.h:2356
+// FROM BaseCryptLib.h:2371
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_PKCS7_GET_CERTIFICATES_LIST)(
@@ -540,7 +540,7 @@ BOOLEAN
@retval FALSE PKCS#7 data signing failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:2395
+// FROM BaseCryptLib.h:2410
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_PKCS7_SIGN)(
@@ -574,7 +574,7 @@ BOOLEAN
@retval FALSE Invalid PKCS#7 signed data.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:2434
+// FROM BaseCryptLib.h:2449
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_PKCS7_VERIFY)(
@@ -614,7 +614,7 @@ BOOLEAN
@retval EFI_INVALID_PARAMETER A parameter was invalid.
@retval EFI_NOT_FOUND One or more EKU's were not found in the signature.
**/
-// FROM BaseCryptLib.h:2477
+// FROM BaseCryptLib.h:2492
typedef
RETURN_STATUS
(EFIAPI *EDKII_CRYPTO_VERIFY_EKUS_IN_PKCS7_SIGNATURE)(
@@ -640,7 +640,7 @@ RETURN_STATUS
@retval TRUE The P7Data was correctly formatted for processing.
@retval FALSE The P7Data was not correctly formatted for processing.
**/
-// FROM BaseCryptLib.h:2507
+// FROM BaseCryptLib.h:2522
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_PKCS7_GET_ATTACHED_CONTENT)(
@@ -670,7 +670,7 @@ BOOLEAN
@retval FALSE Invalid Authenticode Signature.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:2540
+// FROM BaseCryptLib.h:2555
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_AUTHENTICODE_VERIFY)(
@@ -698,7 +698,7 @@ BOOLEAN
@retval TRUE The specified Authenticode includes a valid RFC3161 Timestamp CounterSignature.
@retval FALSE No valid RFC3161 Timestamp CounterSignature in the specified Authenticode data.
**/
-// FROM BaseCryptLib.h:2571
+// FROM BaseCryptLib.h:2586
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_IMAGE_TIMESTAMP_VERIFY)(
@@ -719,7 +719,7 @@ BOOLEAN
If the allocations fails, DhNew() returns NULL.
If the interface is not supported, DhNew() returns NULL.
**/
-// FROM BaseCryptLib.h:2967
+// FROM BaseCryptLib.h:2982
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_DH_NEW)(
@@ -731,7 +731,7 @@ VOID *
If the interface is not supported, then ASSERT().
@param[in] DhContext Pointer to the DH context to be released.
**/
-// FROM BaseCryptLib.h:2981
+// FROM BaseCryptLib.h:2996
typedef
VOID
(EFIAPI *EDKII_CRYPTO_DH_FREE)(
@@ -756,7 +756,7 @@ VOID
@retval FALSE PRNG fails to generate random prime number with PrimeLength.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:3011
+// FROM BaseCryptLib.h:3026
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_DH_GENERATE_PARAMETER)(
@@ -784,7 +784,7 @@ BOOLEAN
@retval FALSE Value of Prime is not a safe prime number.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:3043
+// FROM BaseCryptLib.h:3058
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_DH_SET_PARAMETER)(
@@ -813,7 +813,7 @@ BOOLEAN
@retval FALSE PublicKeySize is not large enough.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:3076
+// FROM BaseCryptLib.h:3091
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_DH_GENERATE_KEY)(
@@ -843,7 +843,7 @@ BOOLEAN
@retval FALSE KeySize is not large enough.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:3110
+// FROM BaseCryptLib.h:3125
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_DH_COMPUTE_KEY)(
@@ -872,7 +872,7 @@ BOOLEAN
@retval FALSE Pseudorandom number generator does not have enough entropy for random generation.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:3142
+// FROM BaseCryptLib.h:3157
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RANDOM_SEED)(
@@ -890,7 +890,7 @@ BOOLEAN
@retval FALSE Pseudorandom number generator fails to generate due to lack of entropy.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:3163
+// FROM BaseCryptLib.h:3178
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RANDOM_BYTES)(
@@ -907,7 +907,7 @@ BOOLEAN
@return Pointer to the RSA context that has been initialized.
If the allocations fails, RsaNew() returns NULL.
**/
-// FROM BaseCryptLib.h:1474
+// FROM BaseCryptLib.h:1475
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_RSA_NEW)(
@@ -919,7 +919,7 @@ VOID *
If RsaContext is NULL, then return FALSE.
@param[in] RsaContext Pointer to the RSA context to be released.
**/
-// FROM BaseCryptLib.h:1488
+// FROM BaseCryptLib.h:1489
typedef
VOID
(EFIAPI *EDKII_CRYPTO_RSA_FREE)(
@@ -943,7 +943,7 @@ VOID
@retval TRUE RSA key component was set successfully.
@retval FALSE Invalid RSA key component tag.
**/
-// FROM BaseCryptLib.h:1516
+// FROM BaseCryptLib.h:1517
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_SET_KEY)(
@@ -976,7 +976,7 @@ BOOLEAN
@retval FALSE BnSize is too small.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1553
+// FROM BaseCryptLib.h:1554
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_GET_KEY)(
@@ -1003,7 +1003,7 @@ BOOLEAN
@retval FALSE Invalid RSA key component tag.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1585
+// FROM BaseCryptLib.h:1586
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_GENERATE_KEY)(
@@ -1029,7 +1029,7 @@ BOOLEAN
@retval FALSE RSA key components are not valid.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1615
+// FROM BaseCryptLib.h:1616
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_CHECK_KEY)(
@@ -1058,7 +1058,7 @@ BOOLEAN
@retval FALSE SigSize is too small.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1648
+// FROM BaseCryptLib.h:1649
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_PKCS1_SIGN)(
@@ -1084,7 +1084,7 @@ BOOLEAN
@retval TRUE Valid signature encoded in PKCS1-v1_5.
@retval FALSE Invalid signature or invalid RSA context.
**/
-// FROM BaseCryptLib.h:1677
+// FROM BaseCryptLib.h:1678
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_PKCS1_VERIFY)(
@@ -1122,7 +1122,7 @@ BOOLEAN
@retval FALSE SigSize is too small.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1719
+// FROM BaseCryptLib.h:1720
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_PSS_SIGN)(
@@ -1150,7 +1150,7 @@ BOOLEAN
@retval TRUE Valid signature encoded in RSASSA-PSS.
@retval FALSE Invalid signature or invalid RSA context.
**/
-// FROM BaseCryptLib.h:1749
+// FROM BaseCryptLib.h:1750
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_PSS_VERIFY)(
@@ -1178,7 +1178,7 @@ BOOLEAN
@retval FALSE Invalid PEM key data or incorrect password.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1780
+// FROM BaseCryptLib.h:1781
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM)(
@@ -1202,7 +1202,7 @@ BOOLEAN
@retval FALSE Fail to retrieve RSA public key from X509 certificate.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1807
+// FROM BaseCryptLib.h:1808
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509)(
@@ -1228,13 +1228,19 @@ BOOLEAN
to be used when initializing the PRNG. NULL otherwise.
@param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer.
0 otherwise.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] EncryptedData Pointer to an allocated buffer containing the encrypted
message.
@param[out] EncryptedDataSize Size of the encrypted message buffer.
@retval TRUE Encryption was successful.
@retval FALSE Encryption failed.
**/
-// FROM BaseCryptLib.h:2178
+// FROM BaseCryptLib.h:2185
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_OAEP_ENCRYPT)(
@@ -1243,6 +1249,7 @@ BOOLEAN
IN UINTN InDataSize,
IN CONST UINT8 *PrngSeed OPTIONAL,
IN UINTN PrngSeedSize OPTIONAL,
+ IN UINT16 DigestLen OPTIONAL,
OUT UINT8 **EncryptedData,
OUT UINTN *EncryptedDataSize
);
@@ -1258,21 +1265,28 @@ BOOLEAN
provisioned with a private key using RsaSetKey().
@param[in] EncryptedData Data to be decrypted.
@param[in] EncryptedDataSize Size of the encrypted buffer.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] OutData Pointer to an allocated buffer containing the encrypted
message.
@param[out] OutDataSize Size of the encrypted message buffer.
@retval TRUE Encryption was successful.
@retval FALSE Encryption failed.
**/
-// FROM BaseCryptLib.h:2243
+// FROM BaseCryptLib.h:2257
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_RSA_OAEP_DECRYPT)(
- IN VOID *RsaContext,
- IN UINT8 *EncryptedData,
- IN UINTN EncryptedDataSize,
- OUT UINT8 **OutData,
- OUT UINTN *OutDataSize
+ IN VOID *RsaContext,
+ IN UINT8 *EncryptedData,
+ IN UINTN EncryptedDataSize,
+ IN UINT16 DigestLen OPTIONAL,
+ OUT UINT8 **OutData,
+ OUT UINTN *OutDataSize
);
// =============================================================================
@@ -1285,7 +1299,7 @@ BOOLEAN
@return The size, in bytes, of the context buffer required for SHA-1 hash operations.
@retval 0 This interface is not supported.
**/
-// FROM BaseCryptLib.h:243
+// FROM BaseCryptLib.h:244
typedef
UINTN
(EFIAPI *EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE)(
@@ -1302,7 +1316,7 @@ UINTN
@retval FALSE SHA-1 context initialization failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:263
+// FROM BaseCryptLib.h:264
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA1_INIT)(
@@ -1320,7 +1334,7 @@ BOOLEAN
@retval FALSE SHA-1 context copy failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:284
+// FROM BaseCryptLib.h:285
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA1_DUPLICATE)(
@@ -1343,7 +1357,7 @@ BOOLEAN
@retval FALSE SHA-1 data digest failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:311
+// FROM BaseCryptLib.h:312
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA1_UPDATE)(
@@ -1369,7 +1383,7 @@ BOOLEAN
@retval FALSE SHA-1 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:341
+// FROM BaseCryptLib.h:342
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA1_FINAL)(
@@ -1390,7 +1404,7 @@ BOOLEAN
@retval FALSE SHA-1 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:366
+// FROM BaseCryptLib.h:367
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA1_HASH_ALL)(
@@ -1407,7 +1421,7 @@ BOOLEAN
Retrieves the size, in bytes, of the context buffer required for SHA-256 hash operations.
@return The size, in bytes, of the context buffer required for SHA-256 hash operations.
**/
-// FROM BaseCryptLib.h:382
+// FROM BaseCryptLib.h:383
typedef
UINTN
(EFIAPI *EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE)(
@@ -1422,7 +1436,7 @@ UINTN
@retval TRUE SHA-256 context initialization succeeded.
@retval FALSE SHA-256 context initialization failed.
**/
-// FROM BaseCryptLib.h:400
+// FROM BaseCryptLib.h:401
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA256_INIT)(
@@ -1440,7 +1454,7 @@ BOOLEAN
@retval FALSE SHA-256 context copy failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:421
+// FROM BaseCryptLib.h:422
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA256_DUPLICATE)(
@@ -1461,7 +1475,7 @@ BOOLEAN
@retval TRUE SHA-256 data digest succeeded.
@retval FALSE SHA-256 data digest failed.
**/
-// FROM BaseCryptLib.h:446
+// FROM BaseCryptLib.h:447
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA256_UPDATE)(
@@ -1485,7 +1499,7 @@ BOOLEAN
@retval TRUE SHA-256 digest computation succeeded.
@retval FALSE SHA-256 digest computation failed.
**/
-// FROM BaseCryptLib.h:474
+// FROM BaseCryptLib.h:475
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA256_FINAL)(
@@ -1506,7 +1520,7 @@ BOOLEAN
@retval FALSE SHA-256 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:499
+// FROM BaseCryptLib.h:500
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA256_HASH_ALL)(
@@ -1523,7 +1537,7 @@ BOOLEAN
Retrieves the size, in bytes, of the context buffer required for SHA-384 hash operations.
@return The size, in bytes, of the context buffer required for SHA-384 hash operations.
**/
-// FROM BaseCryptLib.h:513
+// FROM BaseCryptLib.h:514
typedef
UINTN
(EFIAPI *EDKII_CRYPTO_SHA384_GET_CONTEXT_SIZE)(
@@ -1538,7 +1552,7 @@ UINTN
@retval TRUE SHA-384 context initialization succeeded.
@retval FALSE SHA-384 context initialization failed.
**/
-// FROM BaseCryptLib.h:531
+// FROM BaseCryptLib.h:532
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA384_INIT)(
@@ -1556,7 +1570,7 @@ BOOLEAN
@retval FALSE SHA-384 context copy failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:552
+// FROM BaseCryptLib.h:553
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA384_DUPLICATE)(
@@ -1577,7 +1591,7 @@ BOOLEAN
@retval TRUE SHA-384 data digest succeeded.
@retval FALSE SHA-384 data digest failed.
**/
-// FROM BaseCryptLib.h:577
+// FROM BaseCryptLib.h:578
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA384_UPDATE)(
@@ -1601,7 +1615,7 @@ BOOLEAN
@retval TRUE SHA-384 digest computation succeeded.
@retval FALSE SHA-384 digest computation failed.
**/
-// FROM BaseCryptLib.h:605
+// FROM BaseCryptLib.h:606
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA384_FINAL)(
@@ -1622,7 +1636,7 @@ BOOLEAN
@retval FALSE SHA-384 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:630
+// FROM BaseCryptLib.h:631
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA384_HASH_ALL)(
@@ -1639,7 +1653,7 @@ BOOLEAN
Retrieves the size, in bytes, of the context buffer required for SHA-512 hash operations.
@return The size, in bytes, of the context buffer required for SHA-512 hash operations.
**/
-// FROM BaseCryptLib.h:644
+// FROM BaseCryptLib.h:645
typedef
UINTN
(EFIAPI *EDKII_CRYPTO_SHA512_GET_CONTEXT_SIZE)(
@@ -1654,7 +1668,7 @@ UINTN
@retval TRUE SHA-512 context initialization succeeded.
@retval FALSE SHA-512 context initialization failed.
**/
-// FROM BaseCryptLib.h:662
+// FROM BaseCryptLib.h:663
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA512_INIT)(
@@ -1672,7 +1686,7 @@ BOOLEAN
@retval FALSE SHA-512 context copy failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:683
+// FROM BaseCryptLib.h:684
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA512_DUPLICATE)(
@@ -1693,7 +1707,7 @@ BOOLEAN
@retval TRUE SHA-512 data digest succeeded.
@retval FALSE SHA-512 data digest failed.
**/
-// FROM BaseCryptLib.h:708
+// FROM BaseCryptLib.h:709
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA512_UPDATE)(
@@ -1717,7 +1731,7 @@ BOOLEAN
@retval TRUE SHA-512 digest computation succeeded.
@retval FALSE SHA-512 digest computation failed.
**/
-// FROM BaseCryptLib.h:736
+// FROM BaseCryptLib.h:737
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA512_FINAL)(
@@ -1738,7 +1752,7 @@ BOOLEAN
@retval FALSE SHA-512 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:761
+// FROM BaseCryptLib.h:762
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SHA512_HASH_ALL)(
@@ -1765,7 +1779,7 @@ BOOLEAN
@retval FALSE ParallelHash256 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:786
+// FROM BaseCryptLib.h:787
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_PARALLEL_HASH256_HASH_ALL)(
@@ -1802,7 +1816,7 @@ BOOLEAN
@retval TRUE AEAD AES-GCM authenticated encryption succeeded.
@retval FALSE AEAD AES-GCM authenticated encryption failed.
**/
-// FROM BaseCryptLib.h:1404
+// FROM BaseCryptLib.h:1405
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_AEAD_AES_GCM_ENCRYPT)(
@@ -1841,7 +1855,7 @@ BOOLEAN
@retval TRUE AEAD AES-GCM authenticated decryption succeeded.
@retval FALSE AEAD AES-GCM authenticated decryption failed.
**/
-// FROM BaseCryptLib.h:1446
+// FROM BaseCryptLib.h:1447
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_AEAD_AES_GCM_DECRYPT)(
@@ -1878,7 +1892,7 @@ BOOLEAN
The SubjectSize will be updated with the required size.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1834
+// FROM BaseCryptLib.h:1835
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_SUBJECT_NAME)(
@@ -1911,7 +1925,7 @@ BOOLEAN
CommonNameSize parameter.
@retval RETURN_UNSUPPORTED The operation is not supported.
**/
-// FROM BaseCryptLib.h:1869
+// FROM BaseCryptLib.h:1870
typedef
RETURN_STATUS
(EFIAPI *EDKII_CRYPTO_X509_GET_COMMON_NAME)(
@@ -1944,7 +1958,7 @@ RETURN_STATUS
CommonNameSize parameter.
@retval RETURN_UNSUPPORTED The operation is not supported.
**/
-// FROM BaseCryptLib.h:1904
+// FROM BaseCryptLib.h:1905
typedef
RETURN_STATUS
(EFIAPI *EDKII_CRYPTO_X509_GET_ORGANIZATION_NAME)(
@@ -1968,7 +1982,7 @@ RETURN_STATUS
trusted CA.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1931
+// FROM BaseCryptLib.h:1932
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_VERIFY_CERT)(
@@ -1990,7 +2004,7 @@ BOOLEAN
@retval FALSE The operation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1956
+// FROM BaseCryptLib.h:1957
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE)(
@@ -2014,7 +2028,7 @@ BOOLEAN
@retval FALSE The construction operation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1983
+// FROM BaseCryptLib.h:1984
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK_V)(
@@ -2036,7 +2050,7 @@ BOOLEAN
@retval FALSE The construction operation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:2008
+// FROM BaseCryptLib.h:2009
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK)(
@@ -2049,7 +2063,7 @@ BOOLEAN
If the interface is not supported, then ASSERT().
@param[in] X509Cert Pointer to the X509 object to be released.
**/
-// FROM BaseCryptLib.h:2023
+// FROM BaseCryptLib.h:2024
typedef
VOID
(EFIAPI *EDKII_CRYPTO_X509_FREE)(
@@ -2061,7 +2075,7 @@ VOID
If the interface is not supported, then ASSERT().
@param[in] X509Stack Pointer to the X509 stack object to be released.
**/
-// FROM BaseCryptLib.h:2037
+// FROM BaseCryptLib.h:2038
typedef
VOID
(EFIAPI *EDKII_CRYPTO_X509_STACK_FREE)(
@@ -2081,7 +2095,7 @@ VOID
@retval TRUE The TBSCertificate was retrieved successfully.
@retval FALSE Invalid X.509 certificate.
**/
-// FROM BaseCryptLib.h:2060
+// FROM BaseCryptLib.h:2061
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_TBSCERT)(
@@ -2103,7 +2117,7 @@ BOOLEAN
@retval FALSE If Cert is NULL or CertSize is Zero.
@retval FALSE The operation is not supported.
**/
-// FROM BaseCryptLib.h:2597
+// FROM BaseCryptLib.h:2612
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_VERSION)(
@@ -2132,7 +2146,7 @@ BOOLEAN
SerialNumberSize parameter.
@retval FALSE The operation is not supported.
**/
-// FROM BaseCryptLib.h:2628
+// FROM BaseCryptLib.h:2643
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_SERIAL_NUMBER)(
@@ -2157,7 +2171,7 @@ BOOLEAN
The CertIssuerSize will be updated with the required size.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:2656
+// FROM BaseCryptLib.h:2671
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_ISSUER_NAME)(
@@ -2183,7 +2197,7 @@ BOOLEAN
is returned in the OidSize.
@retval FALSE The operation is not supported.
**/
-// FROM BaseCryptLib.h:2683
+// FROM BaseCryptLib.h:2698
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_SIGNATURE_ALGORITHM)(
@@ -2211,7 +2225,7 @@ BOOLEAN
is returned in the ExtensionDataSize parameter.
@retval FALSE The operation is not supported.
**/
-// FROM BaseCryptLib.h:2712
+// FROM BaseCryptLib.h:2727
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_EXTENSION_DATA)(
@@ -2240,7 +2254,7 @@ BOOLEAN
@retval FALSE Invalid certificate, or Validity retrieve failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:2744
+// FROM BaseCryptLib.h:2759
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_VALIDITY)(
@@ -2272,7 +2286,7 @@ BOOLEAN
DateTimeSize parameter.
@retval FALSE The operation is not supported.
**/
-// FROM BaseCryptLib.h:2778
+// FROM BaseCryptLib.h:2793
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_FORMAT_DATE_TIME)(
@@ -2290,7 +2304,7 @@ BOOLEAN
@retval FALSE Invalid certificate, or Usage is NULL
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:2820
+// FROM BaseCryptLib.h:2835
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_KEY_USAGE)(
@@ -2314,7 +2328,7 @@ BOOLEAN
is returned in the UsageSize parameter.
@retval FALSE The operation is not supported.
**/
-// FROM BaseCryptLib.h:2845
+// FROM BaseCryptLib.h:2860
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_EXTENDED_KEY_USAGE)(
@@ -2338,7 +2352,7 @@ BOOLEAN
@retval FALSE Invalid certificate or the certificate was not issued by the given
trusted CA.
**/
-// FROM BaseCryptLib.h:2870
+// FROM BaseCryptLib.h:2885
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_VERIFY_CERT_CHAIN)(
@@ -2363,7 +2377,7 @@ BOOLEAN
@retval TRUE Success.
@retval FALSE Failed to get certificate from certificate chain.
**/
-// FROM BaseCryptLib.h:2898
+// FROM BaseCryptLib.h:2913
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_CERT_FROM_CERT_CHAIN)(
@@ -2390,7 +2404,7 @@ BOOLEAN
@retval FALSE If no Extension entry match oid.
@retval FALSE The operation is not supported.
**/
-// FROM BaseCryptLib.h:2946
+// FROM BaseCryptLib.h:2961
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_X509_GET_EXTENDED_BASIC_CONSTRAINTS)(
@@ -2413,7 +2427,7 @@ BOOLEAN
@retval TRUE Get tag successful
@retval FALSe Failed to get tag or tag not match
**/
-// FROM BaseCryptLib.h:2919
+// FROM BaseCryptLib.h:2934
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_ASN1_GET_TAG)(
@@ -2431,7 +2445,7 @@ BOOLEAN
Allocate new Big Number.
@retval New BigNum opaque structure or NULL on failure.
**/
-// FROM BaseCryptLib.h:3341
+// FROM BaseCryptLib.h:3356
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_BIG_NUM_INIT)(
@@ -2444,7 +2458,7 @@ VOID *
@param[in] Len Buffer length.
@retval New BigNum opaque structure or NULL on failure.
**/
-// FROM BaseCryptLib.h:3355
+// FROM BaseCryptLib.h:3370
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_BIG_NUM_FROM_BIN)(
@@ -2459,7 +2473,7 @@ VOID *
@param[out] Buf Output buffer.
@retval The length of the big-endian number placed at Buf or -1 on error.
**/
-// FROM BaseCryptLib.h:3371
+// FROM BaseCryptLib.h:3386
typedef
INTN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_TO_BIN)(
@@ -2472,7 +2486,7 @@ INTN
@param[in] Bn Big number to free.
@param[in] Clear TRUE if the buffer should be cleared.
**/
-// FROM BaseCryptLib.h:3384
+// FROM BaseCryptLib.h:3399
typedef
VOID
(EFIAPI *EDKII_CRYPTO_BIG_NUM_FREE)(
@@ -2490,7 +2504,7 @@ VOID
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3403
+// FROM BaseCryptLib.h:3418
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_ADD)(
@@ -2509,7 +2523,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3423
+// FROM BaseCryptLib.h:3438
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_SUB)(
@@ -2528,7 +2542,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3443
+// FROM BaseCryptLib.h:3458
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_MOD)(
@@ -2548,7 +2562,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3464
+// FROM BaseCryptLib.h:3479
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_EXP_MOD)(
@@ -2568,7 +2582,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3485
+// FROM BaseCryptLib.h:3500
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_INVERSE_MOD)(
@@ -2587,7 +2601,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3505
+// FROM BaseCryptLib.h:3520
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_DIV)(
@@ -2607,7 +2621,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3526
+// FROM BaseCryptLib.h:3541
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_MUL_MOD)(
@@ -2625,7 +2639,7 @@ BOOLEAN
@retval 1 BnA > BnB.
@retval -1 BnA < BnB.
**/
-// FROM BaseCryptLib.h:3545
+// FROM BaseCryptLib.h:3560
typedef
INTN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_CMP)(
@@ -2638,7 +2652,7 @@ INTN
@param[in] Bn Big number.
@retval Number of bits.
**/
-// FROM BaseCryptLib.h:3560
+// FROM BaseCryptLib.h:3575
typedef
UINTN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_BITS)(
@@ -2650,7 +2664,7 @@ UINTN
@param[in] Bn Big number.
@retval Number of bytes.
**/
-// FROM BaseCryptLib.h:3573
+// FROM BaseCryptLib.h:3588
typedef
UINTN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_BYTES)(
@@ -2664,7 +2678,7 @@ UINTN
@retval TRUE iff Bn == Num.
@retval FALSE otherwise.
**/
-// FROM BaseCryptLib.h:3588
+// FROM BaseCryptLib.h:3603
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_IS_WORD)(
@@ -2678,7 +2692,7 @@ BOOLEAN
@retval TRUE Bn is odd (Bn % 2 == 1).
@retval FALSE otherwise.
**/
-// FROM BaseCryptLib.h:3603
+// FROM BaseCryptLib.h:3618
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_IS_ODD)(
@@ -2692,7 +2706,7 @@ BOOLEAN
@retval BnDst on success.
@retval NULL otherwise.
**/
-// FROM BaseCryptLib.h:3618
+// FROM BaseCryptLib.h:3633
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_BIG_NUM_COPY)(
@@ -2710,7 +2724,7 @@ VOID *
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3649
+// FROM BaseCryptLib.h:3664
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_RSHIFT)(
@@ -2725,7 +2739,7 @@ BOOLEAN
performed on the given Big number.
@param[in] Bn Big number.
**/
-// FROM BaseCryptLib.h:3664
+// FROM BaseCryptLib.h:3679
typedef
VOID
(EFIAPI *EDKII_CRYPTO_BIG_NUM_CONST_TIME)(
@@ -2742,7 +2756,7 @@ VOID
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3682
+// FROM BaseCryptLib.h:3697
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_SQR_MOD)(
@@ -2757,7 +2771,7 @@ BOOLEAN
needed to optimize calculations and expensive allocations.
@retval Big Number context struct or NULL on failure.
**/
-// FROM BaseCryptLib.h:3697
+// FROM BaseCryptLib.h:3712
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_BIG_NUM_NEW_CONTEXT)(
@@ -2768,7 +2782,7 @@ VOID *
Free Big Number context that was allocated with BigNumNewContext().
@param[in] BnCtx Big number context to free.
**/
-// FROM BaseCryptLib.h:3708
+// FROM BaseCryptLib.h:3723
typedef
VOID
(EFIAPI *EDKII_CRYPTO_BIG_NUM_CONTEXT_FREE)(
@@ -2782,7 +2796,7 @@ VOID
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3723
+// FROM BaseCryptLib.h:3738
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_SET_UINT)(
@@ -2799,7 +2813,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3741
+// FROM BaseCryptLib.h:3756
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_BIG_NUM_ADD_MOD)(
@@ -2822,7 +2836,7 @@ BOOLEAN
@return The size, in bytes, of the context buffer required for AES operations.
@retval 0 This interface is not supported.
**/
-// FROM BaseCryptLib.h:1262
+// FROM BaseCryptLib.h:1263
typedef
UINTN
(EFIAPI *EDKII_CRYPTO_AES_GET_CONTEXT_SIZE)(
@@ -2846,7 +2860,7 @@ UINTN
@retval FALSE AES context initialization failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1290
+// FROM BaseCryptLib.h:1291
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_AES_INIT)(
@@ -2879,7 +2893,7 @@ BOOLEAN
@retval FALSE AES encryption failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1327
+// FROM BaseCryptLib.h:1328
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_AES_CBC_ENCRYPT)(
@@ -2914,7 +2928,7 @@ BOOLEAN
@retval FALSE AES decryption failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:1366
+// FROM BaseCryptLib.h:1367
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_AES_CBC_DECRYPT)(
@@ -2936,7 +2950,7 @@ BOOLEAN
Retrieves the size, in bytes, of the context buffer required for SM3 hash operations.
@return The size, in bytes, of the context buffer required for SM3 hash operations.
**/
-// FROM BaseCryptLib.h:804
+// FROM BaseCryptLib.h:805
typedef
UINTN
(EFIAPI *EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE)(
@@ -2951,7 +2965,7 @@ UINTN
@retval TRUE SM3 context initialization succeeded.
@retval FALSE SM3 context initialization failed.
**/
-// FROM BaseCryptLib.h:822
+// FROM BaseCryptLib.h:823
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SM3_INIT)(
@@ -2969,7 +2983,7 @@ BOOLEAN
@retval FALSE SM3 context copy failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:843
+// FROM BaseCryptLib.h:844
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SM3_DUPLICATE)(
@@ -2990,7 +3004,7 @@ BOOLEAN
@retval TRUE SM3 data digest succeeded.
@retval FALSE SM3 data digest failed.
**/
-// FROM BaseCryptLib.h:868
+// FROM BaseCryptLib.h:869
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SM3_UPDATE)(
@@ -3014,7 +3028,7 @@ BOOLEAN
@retval TRUE SM3 digest computation succeeded.
@retval FALSE SM3 digest computation failed.
**/
-// FROM BaseCryptLib.h:896
+// FROM BaseCryptLib.h:897
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SM3_FINAL)(
@@ -3035,7 +3049,7 @@ BOOLEAN
@retval FALSE SM3 digest computation failed.
@retval FALSE This interface is not supported.
**/
-// FROM BaseCryptLib.h:921
+// FROM BaseCryptLib.h:922
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_SM3_HASH_ALL)(
@@ -3061,7 +3075,7 @@ BOOLEAN
@retval TRUE Hkdf generated successfully.
@retval FALSE Hkdf generation failed.
**/
-// FROM BaseCryptLib.h:3190
+// FROM BaseCryptLib.h:3205
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HKDF_SHA256_EXTRACT_AND_EXPAND)(
@@ -3086,7 +3100,7 @@ BOOLEAN
@retval true Hkdf generated successfully.
@retval false Hkdf generation failed.
**/
-// FROM BaseCryptLib.h:3217
+// FROM BaseCryptLib.h:3232
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HKDF_SHA256_EXTRACT)(
@@ -3109,7 +3123,7 @@ BOOLEAN
@retval TRUE Hkdf generated successfully.
@retval FALSE Hkdf generation failed.
**/
-// FROM BaseCryptLib.h:3242
+// FROM BaseCryptLib.h:3257
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HKDF_SHA256_EXPAND)(
@@ -3134,7 +3148,7 @@ BOOLEAN
@retval TRUE Hkdf generated successfully.
@retval FALSE Hkdf generation failed.
**/
-// FROM BaseCryptLib.h:3269
+// FROM BaseCryptLib.h:3284
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HKDF_SHA384_EXTRACT_AND_EXPAND)(
@@ -3159,7 +3173,7 @@ BOOLEAN
@retval true Hkdf generated successfully.
@retval false Hkdf generation failed.
**/
-// FROM BaseCryptLib.h:3296
+// FROM BaseCryptLib.h:3311
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HKDF_SHA384_EXTRACT)(
@@ -3182,7 +3196,7 @@ BOOLEAN
@retval TRUE Hkdf generated successfully.
@retval FALSE Hkdf generation failed.
**/
-// FROM BaseCryptLib.h:3321
+// FROM BaseCryptLib.h:3336
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_HKDF_SHA384_EXPAND)(
@@ -4025,7 +4039,7 @@ EFI_STATUS
@retval EcGroup object On success.
@retval NULL On failure.
**/
-// FROM BaseCryptLib.h:3765
+// FROM BaseCryptLib.h:3780
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_EC_GROUP_INIT)(
@@ -4045,7 +4059,7 @@ VOID *
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3786
+// FROM BaseCryptLib.h:3801
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GROUP_GET_CURVE)(
@@ -4066,7 +4080,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3808
+// FROM BaseCryptLib.h:3823
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GROUP_GET_ORDER)(
@@ -4078,7 +4092,7 @@ BOOLEAN
Free previously allocated EC group object using EcGroupInit().
@param[in] EcGroup EC group object to free.
**/
-// FROM BaseCryptLib.h:3820
+// FROM BaseCryptLib.h:3835
typedef
VOID
(EFIAPI *EDKII_CRYPTO_EC_GROUP_FREE)(
@@ -4092,7 +4106,7 @@ VOID
@retval EC Point object On success.
@retval NULL On failure.
**/
-// FROM BaseCryptLib.h:3835
+// FROM BaseCryptLib.h:3850
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_EC_POINT_INIT)(
@@ -4104,7 +4118,7 @@ VOID *
@param[in] EcPoint EC Point to free.
@param[in] Clear TRUE iff the memory should be cleared.
**/
-// FROM BaseCryptLib.h:3847
+// FROM BaseCryptLib.h:3862
typedef
VOID
(EFIAPI *EDKII_CRYPTO_EC_POINT_DE_INIT)(
@@ -4125,7 +4139,7 @@ VOID
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3869
+// FROM BaseCryptLib.h:3884
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_GET_AFFINE_COORDINATES)(
@@ -4146,7 +4160,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3891
+// FROM BaseCryptLib.h:3906
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_SET_AFFINE_COORDINATES)(
@@ -4168,7 +4182,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3914
+// FROM BaseCryptLib.h:3929
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_ADD)(
@@ -4190,7 +4204,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3937
+// FROM BaseCryptLib.h:3952
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_MUL)(
@@ -4209,7 +4223,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3957
+// FROM BaseCryptLib.h:3972
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_INVERT)(
@@ -4226,7 +4240,7 @@ BOOLEAN
@retval TRUE On curve.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3975
+// FROM BaseCryptLib.h:3990
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_IS_ON_CURVE)(
@@ -4242,7 +4256,7 @@ BOOLEAN
@retval TRUE At infinity.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:3992
+// FROM BaseCryptLib.h:4007
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_IS_AT_INFINITY)(
@@ -4259,7 +4273,7 @@ BOOLEAN
@retval TRUE A == B.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:4010
+// FROM BaseCryptLib.h:4025
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_EQUAL)(
@@ -4284,7 +4298,7 @@ BOOLEAN
@retval TRUE On success.
@retval FALSE Otherwise.
**/
-// FROM BaseCryptLib.h:4036
+// FROM BaseCryptLib.h:4051
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_SET_COMPRESSED_COORDINATES)(
@@ -4302,7 +4316,7 @@ BOOLEAN
@return Pointer to the Elliptic Curve Context that has been initialized.
If the allocations fails, EcNewByNid() returns NULL.
**/
-// FROM BaseCryptLib.h:4058
+// FROM BaseCryptLib.h:4073
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_EC_NEW_BY_NID)(
@@ -4313,7 +4327,7 @@ VOID *
Release the specified EC context.
@param[in] EcContext Pointer to the EC context to be released.
**/
-// FROM BaseCryptLib.h:4069
+// FROM BaseCryptLib.h:4084
typedef
VOID
(EFIAPI *EDKII_CRYPTO_EC_FREE)(
@@ -4346,7 +4360,7 @@ VOID
@retval FALSE EC public X,Y generation failed.
@retval FALSE PublicKeySize is not large enough.
**/
-// FROM BaseCryptLib.h:4101
+// FROM BaseCryptLib.h:4116
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GENERATE_KEY)(
@@ -4369,7 +4383,7 @@ BOOLEAN
@retval TRUE EC key component was retrieved successfully.
@retval FALSE Invalid EC key component.
**/
-// FROM BaseCryptLib.h:4123
+// FROM BaseCryptLib.h:4138
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GET_PUB_KEY)(
@@ -4403,7 +4417,7 @@ BOOLEAN
@retval FALSE EC exchanged key generation failed.
@retval FALSE KeySize is not large enough.
**/
-// FROM BaseCryptLib.h:4156
+// FROM BaseCryptLib.h:4171
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_DH_COMPUTE_KEY)(
@@ -4428,7 +4442,7 @@ BOOLEAN
@retval TRUE EC Private Key was retrieved successfully.
@retval FALSE Invalid PEM key data or incorrect password.
**/
-// FROM BaseCryptLib.h:4184
+// FROM BaseCryptLib.h:4199
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GET_PRIVATE_KEY_FROM_PEM)(
@@ -4450,7 +4464,7 @@ BOOLEAN
@retval TRUE EC Public Key was retrieved successfully.
@retval FALSE Fail to retrieve EC public key from X509 certificate.
**/
-// FROM BaseCryptLib.h:4209
+// FROM BaseCryptLib.h:4224
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GET_PUBLIC_KEY_FROM_X509)(
@@ -4482,7 +4496,7 @@ BOOLEAN
@retval FALSE Signature generation failed.
@retval FALSE SigSize is too small.
**/
-// FROM BaseCryptLib.h:4246
+// FROM BaseCryptLib.h:4261
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_DSA_SIGN)(
@@ -4512,7 +4526,7 @@ BOOLEAN
@retval TRUE Valid signature encoded in EC-DSA.
@retval FALSE Invalid signature or invalid EC context.
**/
-// FROM BaseCryptLib.h:4280
+// FROM BaseCryptLib.h:4295
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_DSA_VERIFY)(
diff --git a/MU_BASECORE b/MU_BASECORE
index d093b84a..d6e01136 160000
--- a/MU_BASECORE
+++ b/MU_BASECORE
@@ -1 +1 @@
-Subproject commit d093b84ae7dcf27ab4554edfd1f8a80adc408e07
+Subproject commit d6e01136697c1aed85bb83cff98b74ec11e96e1a
diff --git a/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c b/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c
index 00e904dd..7634ab1f 100644
--- a/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c
+++ b/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c
@@ -3,7 +3,7 @@
SPDX-License-Identifier: BSD-2-Clause-Patent
- Copyright (C) 2016 Microsoft Corporation. All Rights Reserved.
+ Copyright (C) Microsoft Corporation. All Rights Reserved.
Copyright (c) 2019, Intel Corporation. All rights reserved.
**/
@@ -14,6 +14,37 @@
#include
#include
+/**
+ Retrieve a pointer to EVP message digest object.
+
+ @param[in] DigestLen Length of the message digest.
+
+**/
+STATIC
+const
+EVP_MD *
+GetEvpMD (
+ IN UINT16 DigestLen
+ )
+{
+ switch (DigestLen) {
+ case SHA1_DIGEST_SIZE:
+ return EVP_sha1 ();
+ break;
+ case SHA256_DIGEST_SIZE:
+ return EVP_sha256 ();
+ break;
+ case SHA384_DIGEST_SIZE:
+ return EVP_sha384 ();
+ break;
+ case SHA512_DIGEST_SIZE:
+ return EVP_sha512 ();
+ break;
+ default:
+ return NULL;
+ }
+}
+
/**
Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the
encrypted message in a newly allocated buffer.
@@ -34,6 +65,12 @@
to be used when initializing the PRNG. NULL otherwise.
@param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer.
0 otherwise.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] EncryptedData Pointer to an allocated buffer containing the encrypted
message.
@param[out] EncryptedDataSize Size of the encrypted message buffer.
@@ -50,6 +87,7 @@ InternalPkcs1v2Encrypt (
IN UINTN InDataSize,
IN CONST UINT8 *PrngSeed OPTIONAL,
IN UINTN PrngSeedSize OPTIONAL,
+ IN UINT16 DigestLen OPTIONAL,
OUT UINT8 **EncryptedData,
OUT UINTN *EncryptedDataSize
)
@@ -58,6 +96,7 @@ InternalPkcs1v2Encrypt (
EVP_PKEY_CTX *PkeyCtx;
UINT8 *OutData;
UINTN OutDataSize;
+ CONST EVP_MD *HashAlg;
//
// Check input parameters.
@@ -109,6 +148,21 @@ InternalPkcs1v2Encrypt (
goto _Exit;
}
+ if (DigestLen != 0) {
+ HashAlg = GetEvpMD (DigestLen);
+ if (HashAlg == NULL) {
+ goto _Exit;
+ }
+
+ if (EVP_PKEY_CTX_set_rsa_oaep_md (PkeyCtx, HashAlg) <= 0) {
+ goto _Exit;
+ }
+
+ if (EVP_PKEY_CTX_set_rsa_mgf1_md (PkeyCtx, HashAlg) <= 0) {
+ goto _Exit;
+ }
+ }
+
//
// Determine the required buffer length for malloc'ing.
//
@@ -258,7 +312,7 @@ Pkcs1v2Encrypt (
goto _Exit;
}
- Result = InternalPkcs1v2Encrypt (Pkey, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize);
+ Result = InternalPkcs1v2Encrypt (Pkey, InData, InDataSize, PrngSeed, PrngSeedSize, 0, EncryptedData, EncryptedDataSize);
_Exit:
//
@@ -280,7 +334,6 @@ Pkcs1v2Encrypt (
encrypted message in a newly allocated buffer.
Things that can cause a failure include:
- - X509 key size does not match any known key size.
- Fail to allocate an intermediate buffer.
- Null pointer provided for a non-optional parameter.
- Data size is too large for the provided key size (max size is a function of key size
@@ -294,6 +347,12 @@ Pkcs1v2Encrypt (
to be used when initializing the PRNG. NULL otherwise.
@param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer.
0 otherwise.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] EncryptedData Pointer to an allocated buffer containing the encrypted
message.
@param[out] EncryptedDataSize Size of the encrypted message buffer.
@@ -310,6 +369,7 @@ RsaOaepEncrypt (
IN UINTN InDataSize,
IN CONST UINT8 *PrngSeed OPTIONAL,
IN UINTN PrngSeedSize OPTIONAL,
+ IN UINT16 DigestLen OPTIONAL,
OUT UINT8 **EncryptedData,
OUT UINTN *EncryptedDataSize
)
@@ -340,7 +400,7 @@ RsaOaepEncrypt (
goto _Exit;
}
- Result = InternalPkcs1v2Encrypt (Pkey, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize);
+ Result = InternalPkcs1v2Encrypt (Pkey, InData, InDataSize, PrngSeed, PrngSeedSize, DigestLen, EncryptedData, EncryptedDataSize);
_Exit:
//
@@ -365,6 +425,12 @@ RsaOaepEncrypt (
@param[in] Pkey A pointer to an EVP_PKEY which will decrypt that data.
@param[in] EncryptedData Data to be decrypted.
@param[in] EncryptedDataSize Size of the encrypted buffer.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] OutData Pointer to an allocated buffer containing the encrypted
message.
@param[out] OutDataSize Size of the encrypted message buffer.
@@ -376,11 +442,12 @@ RsaOaepEncrypt (
BOOLEAN
EFIAPI
InternalPkcs1v2Decrypt (
- EVP_PKEY *Pkey,
- IN UINT8 *EncryptedData,
- IN UINTN EncryptedDataSize,
- OUT UINT8 **OutData,
- OUT UINTN *OutDataSize
+ EVP_PKEY *Pkey,
+ IN UINT8 *EncryptedData,
+ IN UINTN EncryptedDataSize,
+ IN UINT16 DigestLen OPTIONAL,
+ OUT UINT8 **OutData,
+ OUT UINTN *OutDataSize
)
{
BOOLEAN Result;
@@ -388,6 +455,7 @@ InternalPkcs1v2Decrypt (
UINT8 *TempData;
UINTN TempDataSize;
INTN ReturnCode;
+ CONST EVP_MD *HashAlg;
//
// Check input parameters.
@@ -428,6 +496,21 @@ InternalPkcs1v2Decrypt (
goto _Exit;
}
+ if (DigestLen != 0) {
+ HashAlg = GetEvpMD (DigestLen);
+ if (HashAlg == NULL) {
+ goto _Exit;
+ }
+
+ if (EVP_PKEY_CTX_set_rsa_oaep_md (PkeyCtx, HashAlg) <= 0) {
+ goto _Exit;
+ }
+
+ if (EVP_PKEY_CTX_set_rsa_mgf1_md (PkeyCtx, HashAlg) <= 0) {
+ goto _Exit;
+ }
+ }
+
//
// Determine the required buffer length for malloc'ing.
//
@@ -544,7 +627,7 @@ Pkcs1v2Decrypt (
goto _Exit;
}
- Result = InternalPkcs1v2Decrypt (Pkey, EncryptedData, EncryptedDataSize, OutData, OutDataSize);
+ Result = InternalPkcs1v2Decrypt (Pkey, EncryptedData, EncryptedDataSize, 0, OutData, OutDataSize);
_Exit:
if (Pkey != NULL) {
@@ -567,6 +650,12 @@ Pkcs1v2Decrypt (
provisioned with a private key using RsaSetKey().
@param[in] EncryptedData Data to be decrypted.
@param[in] EncryptedDataSize Size of the encrypted buffer.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] OutData Pointer to an allocated buffer containing the encrypted
message.
@param[out] OutDataSize Size of the encrypted message buffer.
@@ -578,11 +667,12 @@ Pkcs1v2Decrypt (
BOOLEAN
EFIAPI
RsaOaepDecrypt (
- IN VOID *RsaContext,
- IN UINT8 *EncryptedData,
- IN UINTN EncryptedDataSize,
- OUT UINT8 **OutData,
- OUT UINTN *OutDataSize
+ IN VOID *RsaContext,
+ IN UINT8 *EncryptedData,
+ IN UINTN EncryptedDataSize,
+ IN UINT16 DigestLen OPTIONAL,
+ OUT UINT8 **OutData,
+ OUT UINTN *OutDataSize
)
{
BOOLEAN Result;
@@ -613,7 +703,7 @@ RsaOaepDecrypt (
goto _Exit;
}
- Result = InternalPkcs1v2Decrypt (Pkey, EncryptedData, EncryptedDataSize, OutData, OutDataSize);
+ Result = InternalPkcs1v2Decrypt (Pkey, EncryptedData, EncryptedDataSize, DigestLen, OutData, OutDataSize);
_Exit:
if (Pkey != NULL) {
diff --git a/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1OaepNull.c b/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1OaepNull.c
index 6c87f636..01d3c5a7 100644
--- a/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1OaepNull.c
+++ b/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1OaepNull.c
@@ -3,7 +3,7 @@
SPDX-License-Identifier: BSD-2-Clause-Patent
- Copyright (C) 2016 Microsoft Corporation. All Rights Reserved.
+ Copyright (C) Microsoft Corporation. All Rights Reserved.
Copyright (c) 2019, Intel Corporation. All rights reserved.
**/
@@ -68,6 +68,12 @@ Pkcs1v2Encrypt (
to be used when initializing the PRNG. NULL otherwise.
@param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer.
0 otherwise.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] EncryptedData Pointer to an allocated buffer containing the encrypted
message.
@param[out] EncryptedDataSize Size of the encrypted message buffer.
@@ -84,6 +90,7 @@ RsaOaepEncrypt (
IN UINTN InDataSize,
IN CONST UINT8 *PrngSeed OPTIONAL,
IN UINTN PrngSeedSize OPTIONAL,
+ IN UINT16 DigestLen OPTIONAL,
OUT UINT8 **EncryptedData,
OUT UINTN *EncryptedDataSize
)
@@ -113,7 +120,6 @@ RsaOaepEncrypt (
@retval FALSE Encryption failed.
**/
-
BOOLEAN
EFIAPI
Pkcs1v2Decrypt (
@@ -142,6 +148,12 @@ Pkcs1v2Decrypt (
provisioned with a private key using RsaSetKey().
@param[in] EncryptedData Data to be decrypted.
@param[in] EncryptedDataSize Size of the encrypted buffer.
+ @param[in] DigestLen [Optional] If provided, size of the hash used:
+ SHA1_DIGEST_SIZE
+ SHA256_DIGEST_SIZE
+ SHA384_DIGEST_SIZE
+ SHA512_DIGEST_SIZE
+ 0 to use default (SHA1)
@param[out] OutData Pointer to an allocated buffer containing the encrypted
message.
@param[out] OutDataSize Size of the encrypted message buffer.
@@ -153,13 +165,14 @@ Pkcs1v2Decrypt (
BOOLEAN
EFIAPI
RsaOaepDecrypt (
- IN VOID *RsaContext,
- IN UINT8 *EncryptedData,
- IN UINTN EncryptedDataSize,
- OUT UINT8 **OutData,
- OUT UINTN *OutDataSize
+ IN VOID *RsaContext,
+ IN UINT8 *EncryptedData,
+ IN UINTN EncryptedDataSize,
+ IN UINT16 DigestLen OPTIONAL,
+ OUT UINT8 **OutData,
+ OUT UINTN *OutDataSize
)
{
ASSERT (FALSE);
return FALSE;
-};
+}