From 431cff653ac6e7f3c9b76d808b6095433d2318a6 Mon Sep 17 00:00:00 2001 From: Chris Ruffin Date: Fri, 12 Apr 2024 11:41:36 -0400 Subject: [PATCH] CryptoPkg/BaseCryptLib: add DigestLen to RsaOaepEncrypt(), RsaOaepDecrypt() (#80) ## Description Add DigestLen parameter to RsaOaepEncrypt(), RsaOaepDecrypt() so that SHA256, SAH384, SHA512 hash and MGF can be used with the API. - [ ] Impacts functionality? - [x] Impacts security? - [x] Breaking change? - [x] Includes tests? - [ ] Includes documentation? ## How This Was Tested Unit tests, wycheproof test vectors, end-to-end test with 3rd party application. ## Integration Instructions nuget needs to be built on a private mu_basecore branch. (contains changes from edk2 commit 89ff5da9f9787be29c173ad5d5c0beb0c262e3cc) (contains changes from edk2 commit 503344cdbd289e6f360f900551d1cc7c23f4b27a) --------- Co-authored-by: Chris Ruffin --- CryptoBinPkg/Driver/Bin/temp_CryptLib.c | 354 +++++++++--------- CryptoBinPkg/Driver/Bin/temp_Crypto.c | 2 +- CryptoBinPkg/Driver/Bin/temp_Crypto.h | 350 ++++++++--------- MU_BASECORE | 2 +- .../Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c | 122 +++++- .../BaseCryptLib/Pk/CryptPkcs1OaepNull.c | 29 +- 6 files changed, 495 insertions(+), 364 deletions(-) diff --git a/CryptoBinPkg/Driver/Bin/temp_CryptLib.c b/CryptoBinPkg/Driver/Bin/temp_CryptLib.c index caaf2fe..181a670 100644 --- a/CryptoBinPkg/Driver/Bin/temp_CryptLib.c +++ b/CryptoBinPkg/Driver/Bin/temp_CryptLib.c @@ -100,7 +100,7 @@ CryptoServiceNotAvailable ( // AUTOGENERATED BY CryptoBinPkg\Driver\Packaging\generate_cryptodriver.py // AUTOGENED AS temp_CryptLib.c // DO NOT MODIFY -// GENERATED ON: 2024-03-08 19:11:45.650770 +// GENERATED ON: 2024-04-08 11:12:11.608999 // ============================================================================= // HMACSHA256 functions @@ -111,7 +111,7 @@ CryptoServiceNotAvailable ( @return Pointer to the HMAC_CTX context that has been initialized. If the allocations fails, HmacSha256New() returns NULL. **/ -// See BaseCryptLib.h:940 +// See BaseCryptLib.h:941 VOID * EFIAPI HmacSha256New ( @@ -125,7 +125,7 @@ HmacSha256New ( Release the specified HMAC_CTX context. @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be released. **/ -// See BaseCryptLib.h:952 +// See BaseCryptLib.h:953 VOID EFIAPI HmacSha256Free ( @@ -147,7 +147,7 @@ HmacSha256Free ( @retval FALSE The Key is set unsuccessfully. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:974 +// See BaseCryptLib.h:975 BOOLEAN EFIAPI HmacSha256SetKey ( @@ -170,7 +170,7 @@ HmacSha256SetKey ( @retval FALSE HMAC-SHA256 context copy failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:997 +// See BaseCryptLib.h:998 BOOLEAN EFIAPI HmacSha256Duplicate ( @@ -196,7 +196,7 @@ HmacSha256Duplicate ( @retval FALSE HMAC-SHA256 data digest failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1024 +// See BaseCryptLib.h:1025 BOOLEAN EFIAPI HmacSha256Update ( @@ -225,7 +225,7 @@ HmacSha256Update ( @retval FALSE HMAC-SHA256 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1054 +// See BaseCryptLib.h:1055 BOOLEAN EFIAPI HmacSha256Final ( @@ -251,7 +251,7 @@ HmacSha256Final ( @retval FALSE HMAC-SHA256 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1081 +// See BaseCryptLib.h:1082 BOOLEAN EFIAPI HmacSha256All ( @@ -274,7 +274,7 @@ HmacSha256All ( @return Pointer to the HMAC_CTX context that has been initialized. If the allocations fails, HmacSha384New() returns NULL. **/ -// See BaseCryptLib.h:1098 +// See BaseCryptLib.h:1099 VOID * EFIAPI HmacSha384New ( @@ -288,7 +288,7 @@ HmacSha384New ( Release the specified HMAC_CTX context. @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be released. **/ -// See BaseCryptLib.h:1110 +// See BaseCryptLib.h:1111 VOID EFIAPI HmacSha384Free ( @@ -310,7 +310,7 @@ HmacSha384Free ( @retval FALSE The Key is set unsuccessfully. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1132 +// See BaseCryptLib.h:1133 BOOLEAN EFIAPI HmacSha384SetKey ( @@ -333,7 +333,7 @@ HmacSha384SetKey ( @retval FALSE HMAC-SHA384 context copy failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1155 +// See BaseCryptLib.h:1156 BOOLEAN EFIAPI HmacSha384Duplicate ( @@ -359,7 +359,7 @@ HmacSha384Duplicate ( @retval FALSE HMAC-SHA384 data digest failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1182 +// See BaseCryptLib.h:1183 BOOLEAN EFIAPI HmacSha384Update ( @@ -388,7 +388,7 @@ HmacSha384Update ( @retval FALSE HMAC-SHA384 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1212 +// See BaseCryptLib.h:1213 BOOLEAN EFIAPI HmacSha384Final ( @@ -414,7 +414,7 @@ HmacSha384Final ( @retval FALSE HMAC-SHA384 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1239 +// See BaseCryptLib.h:1240 BOOLEAN EFIAPI HmacSha384All ( @@ -455,7 +455,7 @@ HmacSha384All ( @retval FALSE The key derivation operation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:2096 +// See BaseCryptLib.h:2097 BOOLEAN EFIAPI Pkcs5HashPassword ( @@ -497,7 +497,7 @@ Pkcs5HashPassword ( @retval TRUE Encryption was successful. @retval FALSE Encryption failed. **/ -// See BaseCryptLib.h:2138 +// See BaseCryptLib.h:2139 BOOLEAN EFIAPI Pkcs1v2Encrypt ( @@ -531,7 +531,7 @@ Pkcs1v2Encrypt ( @retval TRUE Encryption was successful. @retval FALSE Encryption failed. **/ -// See BaseCryptLib.h:2211 +// See BaseCryptLib.h:2219 BOOLEAN EFIAPI Pkcs1v2Decrypt ( @@ -568,7 +568,7 @@ Pkcs1v2Decrypt ( @retval FALSE Error occurs during the operation. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:2309 +// See BaseCryptLib.h:2324 BOOLEAN EFIAPI Pkcs7GetSigners ( @@ -588,7 +588,7 @@ Pkcs7GetSigners ( If this interface is not supported, then ASSERT(). @param[in] Certs Pointer to the certificates to be freed. **/ -// See BaseCryptLib.h:2328 +// See BaseCryptLib.h:2343 VOID EFIAPI Pkcs7FreeSigners ( @@ -617,7 +617,7 @@ Pkcs7FreeSigners ( @retval TRUE The operation is finished successfully. @retval FALSE Error occurs during the operation. **/ -// See BaseCryptLib.h:2356 +// See BaseCryptLib.h:2371 BOOLEAN EFIAPI Pkcs7GetCertificatesList ( @@ -656,7 +656,7 @@ Pkcs7GetCertificatesList ( @retval FALSE PKCS#7 data signing failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:2395 +// See BaseCryptLib.h:2410 BOOLEAN EFIAPI Pkcs7Sign ( @@ -693,7 +693,7 @@ Pkcs7Sign ( @retval FALSE Invalid PKCS#7 signed data. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:2434 +// See BaseCryptLib.h:2449 BOOLEAN EFIAPI Pkcs7Verify ( @@ -736,7 +736,7 @@ Pkcs7Verify ( @retval EFI_INVALID_PARAMETER A parameter was invalid. @retval EFI_NOT_FOUND One or more EKU's were not found in the signature. **/ -// See BaseCryptLib.h:2477 +// See BaseCryptLib.h:2492 RETURN_STATUS EFIAPI VerifyEKUsInPkcs7Signature ( @@ -765,7 +765,7 @@ VerifyEKUsInPkcs7Signature ( @retval TRUE The P7Data was correctly formatted for processing. @retval FALSE The P7Data was not correctly formatted for processing. **/ -// See BaseCryptLib.h:2507 +// See BaseCryptLib.h:2522 BOOLEAN EFIAPI Pkcs7GetAttachedContent ( @@ -798,7 +798,7 @@ Pkcs7GetAttachedContent ( @retval FALSE Invalid Authenticode Signature. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:2540 +// See BaseCryptLib.h:2555 BOOLEAN EFIAPI AuthenticodeVerify ( @@ -829,7 +829,7 @@ AuthenticodeVerify ( @retval TRUE The specified Authenticode includes a valid RFC3161 Timestamp CounterSignature. @retval FALSE No valid RFC3161 Timestamp CounterSignature in the specified Authenticode data. **/ -// See BaseCryptLib.h:2571 +// See BaseCryptLib.h:2586 BOOLEAN EFIAPI ImageTimestampVerify ( @@ -853,7 +853,7 @@ ImageTimestampVerify ( If the allocations fails, DhNew() returns NULL. If the interface is not supported, DhNew() returns NULL. **/ -// See BaseCryptLib.h:2967 +// See BaseCryptLib.h:2982 VOID * EFIAPI DhNew ( @@ -868,7 +868,7 @@ DhNew ( If the interface is not supported, then ASSERT(). @param[in] DhContext Pointer to the DH context to be released. **/ -// See BaseCryptLib.h:2981 +// See BaseCryptLib.h:2996 VOID EFIAPI DhFree ( @@ -896,7 +896,7 @@ DhFree ( @retval FALSE PRNG fails to generate random prime number with PrimeLength. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:3011 +// See BaseCryptLib.h:3026 BOOLEAN EFIAPI DhGenerateParameter ( @@ -927,7 +927,7 @@ DhGenerateParameter ( @retval FALSE Value of Prime is not a safe prime number. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:3043 +// See BaseCryptLib.h:3058 BOOLEAN EFIAPI DhSetParameter ( @@ -959,7 +959,7 @@ DhSetParameter ( @retval FALSE PublicKeySize is not large enough. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:3076 +// See BaseCryptLib.h:3091 BOOLEAN EFIAPI DhGenerateKey ( @@ -992,7 +992,7 @@ DhGenerateKey ( @retval FALSE KeySize is not large enough. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:3110 +// See BaseCryptLib.h:3125 BOOLEAN EFIAPI DhComputeKey ( @@ -1024,7 +1024,7 @@ DhComputeKey ( @retval FALSE Pseudorandom number generator does not have enough entropy for random generation. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:3142 +// See BaseCryptLib.h:3157 BOOLEAN EFIAPI RandomSeed ( @@ -1045,7 +1045,7 @@ RandomSeed ( @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:3163 +// See BaseCryptLib.h:3178 BOOLEAN EFIAPI RandomBytes ( @@ -1065,7 +1065,7 @@ RandomBytes ( @return Pointer to the RSA context that has been initialized. If the allocations fails, RsaNew() returns NULL. **/ -// See BaseCryptLib.h:1474 +// See BaseCryptLib.h:1475 VOID * EFIAPI RsaNew ( @@ -1080,7 +1080,7 @@ RsaNew ( If RsaContext is NULL, then return FALSE. @param[in] RsaContext Pointer to the RSA context to be released. **/ -// See BaseCryptLib.h:1488 +// See BaseCryptLib.h:1489 VOID EFIAPI RsaFree ( @@ -1107,7 +1107,7 @@ RsaFree ( @retval TRUE RSA key component was set successfully. @retval FALSE Invalid RSA key component tag. **/ -// See BaseCryptLib.h:1516 +// See BaseCryptLib.h:1517 BOOLEAN EFIAPI RsaSetKey ( @@ -1143,7 +1143,7 @@ RsaSetKey ( @retval FALSE BnSize is too small. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1553 +// See BaseCryptLib.h:1554 BOOLEAN EFIAPI RsaGetKey ( @@ -1173,7 +1173,7 @@ RsaGetKey ( @retval FALSE Invalid RSA key component tag. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1585 +// See BaseCryptLib.h:1586 BOOLEAN EFIAPI RsaGenerateKey ( @@ -1202,7 +1202,7 @@ RsaGenerateKey ( @retval FALSE RSA key components are not valid. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1615 +// See BaseCryptLib.h:1616 BOOLEAN EFIAPI RsaCheckKey ( @@ -1234,7 +1234,7 @@ RsaCheckKey ( @retval FALSE SigSize is too small. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1648 +// See BaseCryptLib.h:1649 BOOLEAN EFIAPI RsaPkcs1Sign ( @@ -1263,7 +1263,7 @@ RsaPkcs1Sign ( @retval TRUE Valid signature encoded in PKCS1-v1_5. @retval FALSE Invalid signature or invalid RSA context. **/ -// See BaseCryptLib.h:1677 +// See BaseCryptLib.h:1678 BOOLEAN EFIAPI RsaPkcs1Verify ( @@ -1304,7 +1304,7 @@ RsaPkcs1Verify ( @retval FALSE SigSize is too small. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1719 +// See BaseCryptLib.h:1720 BOOLEAN EFIAPI RsaPssSign ( @@ -1335,7 +1335,7 @@ RsaPssSign ( @retval TRUE Valid signature encoded in RSASSA-PSS. @retval FALSE Invalid signature or invalid RSA context. **/ -// See BaseCryptLib.h:1749 +// See BaseCryptLib.h:1750 BOOLEAN EFIAPI RsaPssVerify ( @@ -1366,7 +1366,7 @@ RsaPssVerify ( @retval FALSE Invalid PEM key data or incorrect password. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1780 +// See BaseCryptLib.h:1781 BOOLEAN EFIAPI RsaGetPrivateKeyFromPem ( @@ -1393,7 +1393,7 @@ RsaGetPrivateKeyFromPem ( @retval FALSE Fail to retrieve RSA public key from X509 certificate. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1807 +// See BaseCryptLib.h:1808 BOOLEAN EFIAPI RsaGetPublicKeyFromX509 ( @@ -1422,13 +1422,19 @@ RsaGetPublicKeyFromX509 ( to be used when initializing the PRNG. NULL otherwise. @param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer. 0 otherwise. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] EncryptedData Pointer to an allocated buffer containing the encrypted message. @param[out] EncryptedDataSize Size of the encrypted message buffer. @retval TRUE Encryption was successful. @retval FALSE Encryption failed. **/ -// See BaseCryptLib.h:2178 +// See BaseCryptLib.h:2185 BOOLEAN EFIAPI RsaOaepEncrypt ( @@ -1437,11 +1443,12 @@ RsaOaepEncrypt ( IN UINTN InDataSize, IN CONST UINT8 *PrngSeed OPTIONAL, IN UINTN PrngSeedSize OPTIONAL, + IN UINT16 DigestLen OPTIONAL, OUT UINT8 **EncryptedData, OUT UINTN *EncryptedDataSize ) { - CALL_CRYPTO_SERVICE (RsaOaepEncrypt, (RsaContext, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize), FALSE); + CALL_CRYPTO_SERVICE (RsaOaepEncrypt, (RsaContext, InData, InDataSize, PrngSeed, PrngSeedSize, DigestLen, EncryptedData, EncryptedDataSize), FALSE); } /** @@ -1455,24 +1462,31 @@ RsaOaepEncrypt ( provisioned with a private key using RsaSetKey(). @param[in] EncryptedData Data to be decrypted. @param[in] EncryptedDataSize Size of the encrypted buffer. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] OutData Pointer to an allocated buffer containing the encrypted message. @param[out] OutDataSize Size of the encrypted message buffer. @retval TRUE Encryption was successful. @retval FALSE Encryption failed. **/ -// See BaseCryptLib.h:2243 +// See BaseCryptLib.h:2257 BOOLEAN EFIAPI RsaOaepDecrypt ( - IN VOID *RsaContext, - IN UINT8 *EncryptedData, - IN UINTN EncryptedDataSize, - OUT UINT8 **OutData, - OUT UINTN *OutDataSize + IN VOID *RsaContext, + IN UINT8 *EncryptedData, + IN UINTN EncryptedDataSize, + IN UINT16 DigestLen OPTIONAL, + OUT UINT8 **OutData, + OUT UINTN *OutDataSize ) { - CALL_CRYPTO_SERVICE (RsaOaepDecrypt, (RsaContext, EncryptedData, EncryptedDataSize, OutData, OutDataSize), FALSE); + CALL_CRYPTO_SERVICE (RsaOaepDecrypt, (RsaContext, EncryptedData, EncryptedDataSize, DigestLen, OutData, OutDataSize), FALSE); } // ============================================================================= @@ -1485,7 +1499,7 @@ RsaOaepDecrypt ( @return The size, in bytes, of the context buffer required for SHA-1 hash operations. @retval 0 This interface is not supported. **/ -// See BaseCryptLib.h:243 +// See BaseCryptLib.h:244 UINTN EFIAPI Sha1GetContextSize ( @@ -1505,7 +1519,7 @@ Sha1GetContextSize ( @retval FALSE SHA-1 context initialization failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:263 +// See BaseCryptLib.h:264 BOOLEAN EFIAPI Sha1Init ( @@ -1526,7 +1540,7 @@ Sha1Init ( @retval FALSE SHA-1 context copy failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:284 +// See BaseCryptLib.h:285 BOOLEAN EFIAPI Sha1Duplicate ( @@ -1552,7 +1566,7 @@ Sha1Duplicate ( @retval FALSE SHA-1 data digest failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:311 +// See BaseCryptLib.h:312 BOOLEAN EFIAPI Sha1Update ( @@ -1581,7 +1595,7 @@ Sha1Update ( @retval FALSE SHA-1 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:341 +// See BaseCryptLib.h:342 BOOLEAN EFIAPI Sha1Final ( @@ -1605,7 +1619,7 @@ Sha1Final ( @retval FALSE SHA-1 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:366 +// See BaseCryptLib.h:367 BOOLEAN EFIAPI Sha1HashAll ( @@ -1625,7 +1639,7 @@ Sha1HashAll ( Retrieves the size, in bytes, of the context buffer required for SHA-256 hash operations. @return The size, in bytes, of the context buffer required for SHA-256 hash operations. **/ -// See BaseCryptLib.h:382 +// See BaseCryptLib.h:383 UINTN EFIAPI Sha256GetContextSize ( @@ -1643,7 +1657,7 @@ Sha256GetContextSize ( @retval TRUE SHA-256 context initialization succeeded. @retval FALSE SHA-256 context initialization failed. **/ -// See BaseCryptLib.h:400 +// See BaseCryptLib.h:401 BOOLEAN EFIAPI Sha256Init ( @@ -1664,7 +1678,7 @@ Sha256Init ( @retval FALSE SHA-256 context copy failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:421 +// See BaseCryptLib.h:422 BOOLEAN EFIAPI Sha256Duplicate ( @@ -1688,7 +1702,7 @@ Sha256Duplicate ( @retval TRUE SHA-256 data digest succeeded. @retval FALSE SHA-256 data digest failed. **/ -// See BaseCryptLib.h:446 +// See BaseCryptLib.h:447 BOOLEAN EFIAPI Sha256Update ( @@ -1715,7 +1729,7 @@ Sha256Update ( @retval TRUE SHA-256 digest computation succeeded. @retval FALSE SHA-256 digest computation failed. **/ -// See BaseCryptLib.h:474 +// See BaseCryptLib.h:475 BOOLEAN EFIAPI Sha256Final ( @@ -1739,7 +1753,7 @@ Sha256Final ( @retval FALSE SHA-256 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:499 +// See BaseCryptLib.h:500 BOOLEAN EFIAPI Sha256HashAll ( @@ -1759,7 +1773,7 @@ Sha256HashAll ( Retrieves the size, in bytes, of the context buffer required for SHA-384 hash operations. @return The size, in bytes, of the context buffer required for SHA-384 hash operations. **/ -// See BaseCryptLib.h:513 +// See BaseCryptLib.h:514 UINTN EFIAPI Sha384GetContextSize ( @@ -1777,7 +1791,7 @@ Sha384GetContextSize ( @retval TRUE SHA-384 context initialization succeeded. @retval FALSE SHA-384 context initialization failed. **/ -// See BaseCryptLib.h:531 +// See BaseCryptLib.h:532 BOOLEAN EFIAPI Sha384Init ( @@ -1798,7 +1812,7 @@ Sha384Init ( @retval FALSE SHA-384 context copy failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:552 +// See BaseCryptLib.h:553 BOOLEAN EFIAPI Sha384Duplicate ( @@ -1822,7 +1836,7 @@ Sha384Duplicate ( @retval TRUE SHA-384 data digest succeeded. @retval FALSE SHA-384 data digest failed. **/ -// See BaseCryptLib.h:577 +// See BaseCryptLib.h:578 BOOLEAN EFIAPI Sha384Update ( @@ -1849,7 +1863,7 @@ Sha384Update ( @retval TRUE SHA-384 digest computation succeeded. @retval FALSE SHA-384 digest computation failed. **/ -// See BaseCryptLib.h:605 +// See BaseCryptLib.h:606 BOOLEAN EFIAPI Sha384Final ( @@ -1873,7 +1887,7 @@ Sha384Final ( @retval FALSE SHA-384 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:630 +// See BaseCryptLib.h:631 BOOLEAN EFIAPI Sha384HashAll ( @@ -1893,7 +1907,7 @@ Sha384HashAll ( Retrieves the size, in bytes, of the context buffer required for SHA-512 hash operations. @return The size, in bytes, of the context buffer required for SHA-512 hash operations. **/ -// See BaseCryptLib.h:644 +// See BaseCryptLib.h:645 UINTN EFIAPI Sha512GetContextSize ( @@ -1911,7 +1925,7 @@ Sha512GetContextSize ( @retval TRUE SHA-512 context initialization succeeded. @retval FALSE SHA-512 context initialization failed. **/ -// See BaseCryptLib.h:662 +// See BaseCryptLib.h:663 BOOLEAN EFIAPI Sha512Init ( @@ -1932,7 +1946,7 @@ Sha512Init ( @retval FALSE SHA-512 context copy failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:683 +// See BaseCryptLib.h:684 BOOLEAN EFIAPI Sha512Duplicate ( @@ -1956,7 +1970,7 @@ Sha512Duplicate ( @retval TRUE SHA-512 data digest succeeded. @retval FALSE SHA-512 data digest failed. **/ -// See BaseCryptLib.h:708 +// See BaseCryptLib.h:709 BOOLEAN EFIAPI Sha512Update ( @@ -1983,7 +1997,7 @@ Sha512Update ( @retval TRUE SHA-512 digest computation succeeded. @retval FALSE SHA-512 digest computation failed. **/ -// See BaseCryptLib.h:736 +// See BaseCryptLib.h:737 BOOLEAN EFIAPI Sha512Final ( @@ -2007,7 +2021,7 @@ Sha512Final ( @retval FALSE SHA-512 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:761 +// See BaseCryptLib.h:762 BOOLEAN EFIAPI Sha512HashAll ( @@ -2037,7 +2051,7 @@ Sha512HashAll ( @retval FALSE ParallelHash256 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:786 +// See BaseCryptLib.h:787 BOOLEAN EFIAPI ParallelHash256HashAll ( @@ -2077,7 +2091,7 @@ ParallelHash256HashAll ( @retval TRUE AEAD AES-GCM authenticated encryption succeeded. @retval FALSE AEAD AES-GCM authenticated encryption failed. **/ -// See BaseCryptLib.h:1404 +// See BaseCryptLib.h:1405 BOOLEAN EFIAPI AeadAesGcmEncrypt ( @@ -2119,7 +2133,7 @@ AeadAesGcmEncrypt ( @retval TRUE AEAD AES-GCM authenticated decryption succeeded. @retval FALSE AEAD AES-GCM authenticated decryption failed. **/ -// See BaseCryptLib.h:1446 +// See BaseCryptLib.h:1447 BOOLEAN EFIAPI AeadAesGcmDecrypt ( @@ -2159,7 +2173,7 @@ AeadAesGcmDecrypt ( The SubjectSize will be updated with the required size. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1834 +// See BaseCryptLib.h:1835 BOOLEAN EFIAPI X509GetSubjectName ( @@ -2195,7 +2209,7 @@ X509GetSubjectName ( CommonNameSize parameter. @retval RETURN_UNSUPPORTED The operation is not supported. **/ -// See BaseCryptLib.h:1869 +// See BaseCryptLib.h:1870 RETURN_STATUS EFIAPI X509GetCommonName ( @@ -2231,7 +2245,7 @@ X509GetCommonName ( CommonNameSize parameter. @retval RETURN_UNSUPPORTED The operation is not supported. **/ -// See BaseCryptLib.h:1904 +// See BaseCryptLib.h:1905 RETURN_STATUS EFIAPI X509GetOrganizationName ( @@ -2258,7 +2272,7 @@ X509GetOrganizationName ( trusted CA. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1931 +// See BaseCryptLib.h:1932 BOOLEAN EFIAPI X509VerifyCert ( @@ -2283,7 +2297,7 @@ X509VerifyCert ( @retval FALSE The operation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1956 +// See BaseCryptLib.h:1957 BOOLEAN EFIAPI X509ConstructCertificate ( @@ -2310,7 +2324,7 @@ X509ConstructCertificate ( @retval FALSE The construction operation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1983 +// See BaseCryptLib.h:1984 BOOLEAN EFIAPI X509ConstructCertificateStackV ( @@ -2335,7 +2349,7 @@ X509ConstructCertificateStackV ( @retval FALSE The construction operation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:2008 +// See BaseCryptLib.h:2009 BOOLEAN EFIAPI X509ConstructCertificateStack ( @@ -2357,7 +2371,7 @@ X509ConstructCertificateStack ( If the interface is not supported, then ASSERT(). @param[in] X509Cert Pointer to the X509 object to be released. **/ -// See BaseCryptLib.h:2023 +// See BaseCryptLib.h:2024 VOID EFIAPI X509Free ( @@ -2372,7 +2386,7 @@ X509Free ( If the interface is not supported, then ASSERT(). @param[in] X509Stack Pointer to the X509 stack object to be released. **/ -// See BaseCryptLib.h:2037 +// See BaseCryptLib.h:2038 VOID EFIAPI X509StackFree ( @@ -2395,7 +2409,7 @@ X509StackFree ( @retval TRUE The TBSCertificate was retrieved successfully. @retval FALSE Invalid X.509 certificate. **/ -// See BaseCryptLib.h:2060 +// See BaseCryptLib.h:2061 BOOLEAN EFIAPI X509GetTBSCert ( @@ -2420,7 +2434,7 @@ X509GetTBSCert ( @retval FALSE If Cert is NULL or CertSize is Zero. @retval FALSE The operation is not supported. **/ -// See BaseCryptLib.h:2597 +// See BaseCryptLib.h:2612 BOOLEAN EFIAPI X509GetVersion ( @@ -2452,7 +2466,7 @@ X509GetVersion ( SerialNumberSize parameter. @retval FALSE The operation is not supported. **/ -// See BaseCryptLib.h:2628 +// See BaseCryptLib.h:2643 BOOLEAN EFIAPI X509GetSerialNumber ( @@ -2480,7 +2494,7 @@ X509GetSerialNumber ( The CertIssuerSize will be updated with the required size. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:2656 +// See BaseCryptLib.h:2671 BOOLEAN EFIAPI X509GetIssuerName ( @@ -2509,7 +2523,7 @@ X509GetIssuerName ( is returned in the OidSize. @retval FALSE The operation is not supported. **/ -// See BaseCryptLib.h:2683 +// See BaseCryptLib.h:2698 BOOLEAN EFIAPI X509GetSignatureAlgorithm ( @@ -2540,7 +2554,7 @@ X509GetSignatureAlgorithm ( is returned in the ExtensionDataSize parameter. @retval FALSE The operation is not supported. **/ -// See BaseCryptLib.h:2712 +// See BaseCryptLib.h:2727 BOOLEAN EFIAPI X509GetExtensionData ( @@ -2572,7 +2586,7 @@ X509GetExtensionData ( @retval FALSE Invalid certificate, or Validity retrieve failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:2744 +// See BaseCryptLib.h:2759 BOOLEAN EFIAPI X509GetValidity ( @@ -2607,7 +2621,7 @@ X509GetValidity ( DateTimeSize parameter. @retval FALSE The operation is not supported. **/ -// See BaseCryptLib.h:2778 +// See BaseCryptLib.h:2793 BOOLEAN EFIAPI X509FormatDateTime ( @@ -2628,7 +2642,7 @@ X509FormatDateTime ( @retval FALSE Invalid certificate, or Usage is NULL @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:2820 +// See BaseCryptLib.h:2835 BOOLEAN EFIAPI X509GetKeyUsage ( @@ -2655,7 +2669,7 @@ X509GetKeyUsage ( is returned in the UsageSize parameter. @retval FALSE The operation is not supported. **/ -// See BaseCryptLib.h:2845 +// See BaseCryptLib.h:2860 BOOLEAN EFIAPI X509GetExtendedKeyUsage ( @@ -2682,7 +2696,7 @@ X509GetExtendedKeyUsage ( @retval FALSE Invalid certificate or the certificate was not issued by the given trusted CA. **/ -// See BaseCryptLib.h:2870 +// See BaseCryptLib.h:2885 BOOLEAN EFIAPI X509VerifyCertChain ( @@ -2710,7 +2724,7 @@ X509VerifyCertChain ( @retval TRUE Success. @retval FALSE Failed to get certificate from certificate chain. **/ -// See BaseCryptLib.h:2898 +// See BaseCryptLib.h:2913 BOOLEAN EFIAPI X509GetCertFromCertChain ( @@ -2740,7 +2754,7 @@ X509GetCertFromCertChain ( @retval FALSE If no Extension entry match oid. @retval FALSE The operation is not supported. **/ -// See BaseCryptLib.h:2946 +// See BaseCryptLib.h:2961 BOOLEAN EFIAPI X509GetExtendedBasicConstraints ( @@ -2766,7 +2780,7 @@ X509GetExtendedBasicConstraints ( @retval TRUE Get tag successful @retval FALSe Failed to get tag or tag not match **/ -// See BaseCryptLib.h:2919 +// See BaseCryptLib.h:2934 BOOLEAN EFIAPI Asn1GetTag ( @@ -2787,7 +2801,7 @@ Asn1GetTag ( Allocate new Big Number. @retval New BigNum opaque structure or NULL on failure. **/ -// See BaseCryptLib.h:3341 +// See BaseCryptLib.h:3356 VOID * EFIAPI BigNumInit ( @@ -2803,7 +2817,7 @@ BigNumInit ( @param[in] Len Buffer length. @retval New BigNum opaque structure or NULL on failure. **/ -// See BaseCryptLib.h:3355 +// See BaseCryptLib.h:3370 VOID * EFIAPI BigNumFromBin ( @@ -2821,7 +2835,7 @@ BigNumFromBin ( @param[out] Buf Output buffer. @retval The length of the big-endian number placed at Buf or -1 on error. **/ -// See BaseCryptLib.h:3371 +// See BaseCryptLib.h:3386 INTN EFIAPI BigNumToBin ( @@ -2837,7 +2851,7 @@ BigNumToBin ( @param[in] Bn Big number to free. @param[in] Clear TRUE if the buffer should be cleared. **/ -// See BaseCryptLib.h:3384 +// See BaseCryptLib.h:3399 VOID EFIAPI BigNumFree ( @@ -2858,7 +2872,7 @@ BigNumFree ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3403 +// See BaseCryptLib.h:3418 BOOLEAN EFIAPI BigNumAdd ( @@ -2880,7 +2894,7 @@ BigNumAdd ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3423 +// See BaseCryptLib.h:3438 BOOLEAN EFIAPI BigNumSub ( @@ -2902,7 +2916,7 @@ BigNumSub ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3443 +// See BaseCryptLib.h:3458 BOOLEAN EFIAPI BigNumMod ( @@ -2925,7 +2939,7 @@ BigNumMod ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3464 +// See BaseCryptLib.h:3479 BOOLEAN EFIAPI BigNumExpMod ( @@ -2948,7 +2962,7 @@ BigNumExpMod ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3485 +// See BaseCryptLib.h:3500 BOOLEAN EFIAPI BigNumInverseMod ( @@ -2970,7 +2984,7 @@ BigNumInverseMod ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3505 +// See BaseCryptLib.h:3520 BOOLEAN EFIAPI BigNumDiv ( @@ -2993,7 +3007,7 @@ BigNumDiv ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3526 +// See BaseCryptLib.h:3541 BOOLEAN EFIAPI BigNumMulMod ( @@ -3014,7 +3028,7 @@ BigNumMulMod ( @retval 1 BnA > BnB. @retval -1 BnA < BnB. **/ -// See BaseCryptLib.h:3545 +// See BaseCryptLib.h:3560 INTN EFIAPI BigNumCmp ( @@ -3030,7 +3044,7 @@ BigNumCmp ( @param[in] Bn Big number. @retval Number of bits. **/ -// See BaseCryptLib.h:3560 +// See BaseCryptLib.h:3575 UINTN EFIAPI BigNumBits ( @@ -3045,7 +3059,7 @@ BigNumBits ( @param[in] Bn Big number. @retval Number of bytes. **/ -// See BaseCryptLib.h:3573 +// See BaseCryptLib.h:3588 UINTN EFIAPI BigNumBytes ( @@ -3062,7 +3076,7 @@ BigNumBytes ( @retval TRUE iff Bn == Num. @retval FALSE otherwise. **/ -// See BaseCryptLib.h:3588 +// See BaseCryptLib.h:3603 BOOLEAN EFIAPI BigNumIsWord ( @@ -3079,7 +3093,7 @@ BigNumIsWord ( @retval TRUE Bn is odd (Bn % 2 == 1). @retval FALSE otherwise. **/ -// See BaseCryptLib.h:3603 +// See BaseCryptLib.h:3618 BOOLEAN EFIAPI BigNumIsOdd ( @@ -3096,7 +3110,7 @@ BigNumIsOdd ( @retval BnDst on success. @retval NULL otherwise. **/ -// See BaseCryptLib.h:3618 +// See BaseCryptLib.h:3633 VOID * EFIAPI BigNumCopy ( @@ -3117,7 +3131,7 @@ BigNumCopy ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3649 +// See BaseCryptLib.h:3664 BOOLEAN EFIAPI BigNumRShift ( @@ -3135,7 +3149,7 @@ BigNumRShift ( performed on the given Big number. @param[in] Bn Big number. **/ -// See BaseCryptLib.h:3664 +// See BaseCryptLib.h:3679 VOID EFIAPI BigNumConstTime ( @@ -3155,7 +3169,7 @@ BigNumConstTime ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3682 +// See BaseCryptLib.h:3697 BOOLEAN EFIAPI BigNumSqrMod ( @@ -3173,7 +3187,7 @@ BigNumSqrMod ( needed to optimize calculations and expensive allocations. @retval Big Number context struct or NULL on failure. **/ -// See BaseCryptLib.h:3697 +// See BaseCryptLib.h:3712 VOID * EFIAPI BigNumNewContext ( @@ -3187,7 +3201,7 @@ BigNumNewContext ( Free Big Number context that was allocated with BigNumNewContext(). @param[in] BnCtx Big number context to free. **/ -// See BaseCryptLib.h:3708 +// See BaseCryptLib.h:3723 VOID EFIAPI BigNumContextFree ( @@ -3204,7 +3218,7 @@ BigNumContextFree ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3723 +// See BaseCryptLib.h:3738 BOOLEAN EFIAPI BigNumSetUint ( @@ -3224,7 +3238,7 @@ BigNumSetUint ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3741 +// See BaseCryptLib.h:3756 BOOLEAN EFIAPI BigNumAddMod ( @@ -3250,7 +3264,7 @@ BigNumAddMod ( @return The size, in bytes, of the context buffer required for AES operations. @retval 0 This interface is not supported. **/ -// See BaseCryptLib.h:1262 +// See BaseCryptLib.h:1263 UINTN EFIAPI AesGetContextSize ( @@ -3277,7 +3291,7 @@ AesGetContextSize ( @retval FALSE AES context initialization failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1290 +// See BaseCryptLib.h:1291 BOOLEAN EFIAPI AesInit ( @@ -3313,7 +3327,7 @@ AesInit ( @retval FALSE AES encryption failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1327 +// See BaseCryptLib.h:1328 BOOLEAN EFIAPI AesCbcEncrypt ( @@ -3351,7 +3365,7 @@ AesCbcEncrypt ( @retval FALSE AES decryption failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:1366 +// See BaseCryptLib.h:1367 BOOLEAN EFIAPI AesCbcDecrypt ( @@ -3376,7 +3390,7 @@ AesCbcDecrypt ( Retrieves the size, in bytes, of the context buffer required for SM3 hash operations. @return The size, in bytes, of the context buffer required for SM3 hash operations. **/ -// See BaseCryptLib.h:804 +// See BaseCryptLib.h:805 UINTN EFIAPI Sm3GetContextSize ( @@ -3394,7 +3408,7 @@ Sm3GetContextSize ( @retval TRUE SM3 context initialization succeeded. @retval FALSE SM3 context initialization failed. **/ -// See BaseCryptLib.h:822 +// See BaseCryptLib.h:823 BOOLEAN EFIAPI Sm3Init ( @@ -3415,7 +3429,7 @@ Sm3Init ( @retval FALSE SM3 context copy failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:843 +// See BaseCryptLib.h:844 BOOLEAN EFIAPI Sm3Duplicate ( @@ -3439,7 +3453,7 @@ Sm3Duplicate ( @retval TRUE SM3 data digest succeeded. @retval FALSE SM3 data digest failed. **/ -// See BaseCryptLib.h:868 +// See BaseCryptLib.h:869 BOOLEAN EFIAPI Sm3Update ( @@ -3466,7 +3480,7 @@ Sm3Update ( @retval TRUE SM3 digest computation succeeded. @retval FALSE SM3 digest computation failed. **/ -// See BaseCryptLib.h:896 +// See BaseCryptLib.h:897 BOOLEAN EFIAPI Sm3Final ( @@ -3490,7 +3504,7 @@ Sm3Final ( @retval FALSE SM3 digest computation failed. @retval FALSE This interface is not supported. **/ -// See BaseCryptLib.h:921 +// See BaseCryptLib.h:922 BOOLEAN EFIAPI Sm3HashAll ( @@ -3519,7 +3533,7 @@ Sm3HashAll ( @retval TRUE Hkdf generated successfully. @retval FALSE Hkdf generation failed. **/ -// See BaseCryptLib.h:3190 +// See BaseCryptLib.h:3205 BOOLEAN EFIAPI HkdfSha256ExtractAndExpand ( @@ -3547,7 +3561,7 @@ HkdfSha256ExtractAndExpand ( @retval true Hkdf generated successfully. @retval false Hkdf generation failed. **/ -// See BaseCryptLib.h:3217 +// See BaseCryptLib.h:3232 BOOLEAN EFIAPI HkdfSha256Extract ( @@ -3573,7 +3587,7 @@ HkdfSha256Extract ( @retval TRUE Hkdf generated successfully. @retval FALSE Hkdf generation failed. **/ -// See BaseCryptLib.h:3242 +// See BaseCryptLib.h:3257 BOOLEAN EFIAPI HkdfSha256Expand ( @@ -3601,7 +3615,7 @@ HkdfSha256Expand ( @retval TRUE Hkdf generated successfully. @retval FALSE Hkdf generation failed. **/ -// See BaseCryptLib.h:3269 +// See BaseCryptLib.h:3284 BOOLEAN EFIAPI HkdfSha384ExtractAndExpand ( @@ -3629,7 +3643,7 @@ HkdfSha384ExtractAndExpand ( @retval true Hkdf generated successfully. @retval false Hkdf generation failed. **/ -// See BaseCryptLib.h:3296 +// See BaseCryptLib.h:3311 BOOLEAN EFIAPI HkdfSha384Extract ( @@ -3655,7 +3669,7 @@ HkdfSha384Extract ( @retval TRUE Hkdf generated successfully. @retval FALSE Hkdf generation failed. **/ -// See BaseCryptLib.h:3321 +// See BaseCryptLib.h:3336 BOOLEAN EFIAPI HkdfSha384Expand ( @@ -4627,7 +4641,7 @@ TlsGetExportKey ( @retval EcGroup object On success. @retval NULL On failure. **/ -// See BaseCryptLib.h:3765 +// See BaseCryptLib.h:3780 VOID * EFIAPI EcGroupInit ( @@ -4650,7 +4664,7 @@ EcGroupInit ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3786 +// See BaseCryptLib.h:3801 BOOLEAN EFIAPI EcGroupGetCurve ( @@ -4674,7 +4688,7 @@ EcGroupGetCurve ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3808 +// See BaseCryptLib.h:3823 BOOLEAN EFIAPI EcGroupGetOrder ( @@ -4689,7 +4703,7 @@ EcGroupGetOrder ( Free previously allocated EC group object using EcGroupInit(). @param[in] EcGroup EC group object to free. **/ -// See BaseCryptLib.h:3820 +// See BaseCryptLib.h:3835 VOID EFIAPI EcGroupFree ( @@ -4706,7 +4720,7 @@ EcGroupFree ( @retval EC Point object On success. @retval NULL On failure. **/ -// See BaseCryptLib.h:3835 +// See BaseCryptLib.h:3850 VOID * EFIAPI EcPointInit ( @@ -4721,7 +4735,7 @@ EcPointInit ( @param[in] EcPoint EC Point to free. @param[in] Clear TRUE iff the memory should be cleared. **/ -// See BaseCryptLib.h:3847 +// See BaseCryptLib.h:3862 VOID EFIAPI EcPointDeInit ( @@ -4745,7 +4759,7 @@ EcPointDeInit ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3869 +// See BaseCryptLib.h:3884 BOOLEAN EFIAPI EcPointGetAffineCoordinates ( @@ -4769,7 +4783,7 @@ EcPointGetAffineCoordinates ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3891 +// See BaseCryptLib.h:3906 BOOLEAN EFIAPI EcPointSetAffineCoordinates ( @@ -4794,7 +4808,7 @@ EcPointSetAffineCoordinates ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3914 +// See BaseCryptLib.h:3929 BOOLEAN EFIAPI EcPointAdd ( @@ -4819,7 +4833,7 @@ EcPointAdd ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3937 +// See BaseCryptLib.h:3952 BOOLEAN EFIAPI EcPointMul ( @@ -4841,7 +4855,7 @@ EcPointMul ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3957 +// See BaseCryptLib.h:3972 BOOLEAN EFIAPI EcPointInvert ( @@ -4861,7 +4875,7 @@ EcPointInvert ( @retval TRUE On curve. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3975 +// See BaseCryptLib.h:3990 BOOLEAN EFIAPI EcPointIsOnCurve ( @@ -4880,7 +4894,7 @@ EcPointIsOnCurve ( @retval TRUE At infinity. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:3992 +// See BaseCryptLib.h:4007 BOOLEAN EFIAPI EcPointIsAtInfinity ( @@ -4900,7 +4914,7 @@ EcPointIsAtInfinity ( @retval TRUE A == B. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:4010 +// See BaseCryptLib.h:4025 BOOLEAN EFIAPI EcPointEqual ( @@ -4928,7 +4942,7 @@ EcPointEqual ( @retval TRUE On success. @retval FALSE Otherwise. **/ -// See BaseCryptLib.h:4036 +// See BaseCryptLib.h:4051 BOOLEAN EFIAPI EcPointSetCompressedCoordinates ( @@ -4949,7 +4963,7 @@ EcPointSetCompressedCoordinates ( @return Pointer to the Elliptic Curve Context that has been initialized. If the allocations fails, EcNewByNid() returns NULL. **/ -// See BaseCryptLib.h:4058 +// See BaseCryptLib.h:4073 VOID * EFIAPI EcNewByNid ( @@ -4963,7 +4977,7 @@ EcNewByNid ( Release the specified EC context. @param[in] EcContext Pointer to the EC context to be released. **/ -// See BaseCryptLib.h:4069 +// See BaseCryptLib.h:4084 VOID EFIAPI EcFree ( @@ -4999,7 +5013,7 @@ EcFree ( @retval FALSE EC public X,Y generation failed. @retval FALSE PublicKeySize is not large enough. **/ -// See BaseCryptLib.h:4101 +// See BaseCryptLib.h:4116 BOOLEAN EFIAPI EcGenerateKey ( @@ -5025,7 +5039,7 @@ EcGenerateKey ( @retval TRUE EC key component was retrieved successfully. @retval FALSE Invalid EC key component. **/ -// See BaseCryptLib.h:4123 +// See BaseCryptLib.h:4138 BOOLEAN EFIAPI EcGetPubKey ( @@ -5062,7 +5076,7 @@ EcGetPubKey ( @retval FALSE EC exchanged key generation failed. @retval FALSE KeySize is not large enough. **/ -// See BaseCryptLib.h:4156 +// See BaseCryptLib.h:4171 BOOLEAN EFIAPI EcDhComputeKey ( @@ -5090,7 +5104,7 @@ EcDhComputeKey ( @retval TRUE EC Private Key was retrieved successfully. @retval FALSE Invalid PEM key data or incorrect password. **/ -// See BaseCryptLib.h:4184 +// See BaseCryptLib.h:4199 BOOLEAN EFIAPI EcGetPrivateKeyFromPem ( @@ -5115,7 +5129,7 @@ EcGetPrivateKeyFromPem ( @retval TRUE EC Public Key was retrieved successfully. @retval FALSE Fail to retrieve EC public key from X509 certificate. **/ -// See BaseCryptLib.h:4209 +// See BaseCryptLib.h:4224 BOOLEAN EFIAPI EcGetPublicKeyFromX509 ( @@ -5150,7 +5164,7 @@ EcGetPublicKeyFromX509 ( @retval FALSE Signature generation failed. @retval FALSE SigSize is too small. **/ -// See BaseCryptLib.h:4246 +// See BaseCryptLib.h:4261 BOOLEAN EFIAPI EcDsaSign ( @@ -5183,7 +5197,7 @@ EcDsaSign ( @retval TRUE Valid signature encoded in EC-DSA. @retval FALSE Invalid signature or invalid EC context. **/ -// See BaseCryptLib.h:4280 +// See BaseCryptLib.h:4295 BOOLEAN EFIAPI EcDsaVerify ( diff --git a/CryptoBinPkg/Driver/Bin/temp_Crypto.c b/CryptoBinPkg/Driver/Bin/temp_Crypto.c index dcff598..cf3b1a5 100644 --- a/CryptoBinPkg/Driver/Bin/temp_Crypto.c +++ b/CryptoBinPkg/Driver/Bin/temp_Crypto.c @@ -39,7 +39,7 @@ CryptoServiceGetCryptoVersion ( // AUTOGENERATED BY CryptoBinPkg\Driver\Packaging\generate_cryptodriver.py // AUTOGENED AS temp_Crypto.c // DO NOT MODIFY -// GENERATED ON: 2024-03-08 19:11:45.538056 +// GENERATED ON: 2024-04-08 11:12:11.496983 const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = { /// Version diff --git a/CryptoBinPkg/Driver/Bin/temp_Crypto.h b/CryptoBinPkg/Driver/Bin/temp_Crypto.h index 31c5dec..d592634 100644 --- a/CryptoBinPkg/Driver/Bin/temp_Crypto.h +++ b/CryptoBinPkg/Driver/Bin/temp_Crypto.h @@ -44,7 +44,7 @@ UINTN // AUTOGENERATED BY CryptoBinPkg\Driver\Packaging\generate_cryptodriver.py // AUTOGENED AS temp_Crypto.h // DO NOT MODIFY -// GENERATED ON: 2024-03-08 19:11:45.573512 +// GENERATED ON: 2024-04-08 11:12:11.528450 // ============================================================================= // HMACSHA256 functions @@ -55,7 +55,7 @@ UINTN @return Pointer to the HMAC_CTX context that has been initialized. If the allocations fails, HmacSha256New() returns NULL. **/ -// FROM BaseCryptLib.h:940 +// FROM BaseCryptLib.h:941 typedef VOID * (EFIAPI *EDKII_CRYPTO_HMAC_SHA256_NEW)( @@ -66,7 +66,7 @@ VOID * Release the specified HMAC_CTX context. @param[in] HmacSha256Ctx Pointer to the HMAC_CTX context to be released. **/ -// FROM BaseCryptLib.h:952 +// FROM BaseCryptLib.h:953 typedef VOID (EFIAPI *EDKII_CRYPTO_HMAC_SHA256_FREE)( @@ -85,7 +85,7 @@ VOID @retval FALSE The Key is set unsuccessfully. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:974 +// FROM BaseCryptLib.h:975 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA256_SET_KEY)( @@ -105,7 +105,7 @@ BOOLEAN @retval FALSE HMAC-SHA256 context copy failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:997 +// FROM BaseCryptLib.h:998 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA256_DUPLICATE)( @@ -128,7 +128,7 @@ BOOLEAN @retval FALSE HMAC-SHA256 data digest failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1024 +// FROM BaseCryptLib.h:1025 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA256_UPDATE)( @@ -154,7 +154,7 @@ BOOLEAN @retval FALSE HMAC-SHA256 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1054 +// FROM BaseCryptLib.h:1055 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA256_FINAL)( @@ -177,7 +177,7 @@ BOOLEAN @retval FALSE HMAC-SHA256 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1081 +// FROM BaseCryptLib.h:1082 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA256_ALL)( @@ -197,7 +197,7 @@ BOOLEAN @return Pointer to the HMAC_CTX context that has been initialized. If the allocations fails, HmacSha384New() returns NULL. **/ -// FROM BaseCryptLib.h:1098 +// FROM BaseCryptLib.h:1099 typedef VOID * (EFIAPI *EDKII_CRYPTO_HMAC_SHA384_NEW)( @@ -208,7 +208,7 @@ VOID * Release the specified HMAC_CTX context. @param[in] HmacSha384Ctx Pointer to the HMAC_CTX context to be released. **/ -// FROM BaseCryptLib.h:1110 +// FROM BaseCryptLib.h:1111 typedef VOID (EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FREE)( @@ -227,7 +227,7 @@ VOID @retval FALSE The Key is set unsuccessfully. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1132 +// FROM BaseCryptLib.h:1133 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA384_SET_KEY)( @@ -247,7 +247,7 @@ BOOLEAN @retval FALSE HMAC-SHA384 context copy failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1155 +// FROM BaseCryptLib.h:1156 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA384_DUPLICATE)( @@ -270,7 +270,7 @@ BOOLEAN @retval FALSE HMAC-SHA384 data digest failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1182 +// FROM BaseCryptLib.h:1183 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA384_UPDATE)( @@ -296,7 +296,7 @@ BOOLEAN @retval FALSE HMAC-SHA384 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1212 +// FROM BaseCryptLib.h:1213 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA384_FINAL)( @@ -319,7 +319,7 @@ BOOLEAN @retval FALSE HMAC-SHA384 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1239 +// FROM BaseCryptLib.h:1240 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HMAC_SHA384_ALL)( @@ -357,7 +357,7 @@ BOOLEAN @retval FALSE The key derivation operation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:2096 +// FROM BaseCryptLib.h:2097 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_PKCS5_HASH_PASSWORD)( @@ -396,7 +396,7 @@ BOOLEAN @retval TRUE Encryption was successful. @retval FALSE Encryption failed. **/ -// FROM BaseCryptLib.h:2138 +// FROM BaseCryptLib.h:2139 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_PKCS1V2_ENCRYPT)( @@ -427,7 +427,7 @@ BOOLEAN @retval TRUE Encryption was successful. @retval FALSE Encryption failed. **/ -// FROM BaseCryptLib.h:2211 +// FROM BaseCryptLib.h:2219 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_PKCS1V2_DECRYPT)( @@ -461,7 +461,7 @@ BOOLEAN @retval FALSE Error occurs during the operation. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:2309 +// FROM BaseCryptLib.h:2324 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_PKCS7_GET_SIGNERS)( @@ -478,7 +478,7 @@ BOOLEAN If this interface is not supported, then ASSERT(). @param[in] Certs Pointer to the certificates to be freed. **/ -// FROM BaseCryptLib.h:2328 +// FROM BaseCryptLib.h:2343 typedef VOID (EFIAPI *EDKII_CRYPTO_PKCS7_FREE_SIGNERS)( @@ -504,7 +504,7 @@ VOID @retval TRUE The operation is finished successfully. @retval FALSE Error occurs during the operation. **/ -// FROM BaseCryptLib.h:2356 +// FROM BaseCryptLib.h:2371 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_PKCS7_GET_CERTIFICATES_LIST)( @@ -540,7 +540,7 @@ BOOLEAN @retval FALSE PKCS#7 data signing failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:2395 +// FROM BaseCryptLib.h:2410 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_PKCS7_SIGN)( @@ -574,7 +574,7 @@ BOOLEAN @retval FALSE Invalid PKCS#7 signed data. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:2434 +// FROM BaseCryptLib.h:2449 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_PKCS7_VERIFY)( @@ -614,7 +614,7 @@ BOOLEAN @retval EFI_INVALID_PARAMETER A parameter was invalid. @retval EFI_NOT_FOUND One or more EKU's were not found in the signature. **/ -// FROM BaseCryptLib.h:2477 +// FROM BaseCryptLib.h:2492 typedef RETURN_STATUS (EFIAPI *EDKII_CRYPTO_VERIFY_EKUS_IN_PKCS7_SIGNATURE)( @@ -640,7 +640,7 @@ RETURN_STATUS @retval TRUE The P7Data was correctly formatted for processing. @retval FALSE The P7Data was not correctly formatted for processing. **/ -// FROM BaseCryptLib.h:2507 +// FROM BaseCryptLib.h:2522 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_PKCS7_GET_ATTACHED_CONTENT)( @@ -670,7 +670,7 @@ BOOLEAN @retval FALSE Invalid Authenticode Signature. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:2540 +// FROM BaseCryptLib.h:2555 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_AUTHENTICODE_VERIFY)( @@ -698,7 +698,7 @@ BOOLEAN @retval TRUE The specified Authenticode includes a valid RFC3161 Timestamp CounterSignature. @retval FALSE No valid RFC3161 Timestamp CounterSignature in the specified Authenticode data. **/ -// FROM BaseCryptLib.h:2571 +// FROM BaseCryptLib.h:2586 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_IMAGE_TIMESTAMP_VERIFY)( @@ -719,7 +719,7 @@ BOOLEAN If the allocations fails, DhNew() returns NULL. If the interface is not supported, DhNew() returns NULL. **/ -// FROM BaseCryptLib.h:2967 +// FROM BaseCryptLib.h:2982 typedef VOID * (EFIAPI *EDKII_CRYPTO_DH_NEW)( @@ -731,7 +731,7 @@ VOID * If the interface is not supported, then ASSERT(). @param[in] DhContext Pointer to the DH context to be released. **/ -// FROM BaseCryptLib.h:2981 +// FROM BaseCryptLib.h:2996 typedef VOID (EFIAPI *EDKII_CRYPTO_DH_FREE)( @@ -756,7 +756,7 @@ VOID @retval FALSE PRNG fails to generate random prime number with PrimeLength. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:3011 +// FROM BaseCryptLib.h:3026 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_DH_GENERATE_PARAMETER)( @@ -784,7 +784,7 @@ BOOLEAN @retval FALSE Value of Prime is not a safe prime number. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:3043 +// FROM BaseCryptLib.h:3058 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_DH_SET_PARAMETER)( @@ -813,7 +813,7 @@ BOOLEAN @retval FALSE PublicKeySize is not large enough. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:3076 +// FROM BaseCryptLib.h:3091 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_DH_GENERATE_KEY)( @@ -843,7 +843,7 @@ BOOLEAN @retval FALSE KeySize is not large enough. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:3110 +// FROM BaseCryptLib.h:3125 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_DH_COMPUTE_KEY)( @@ -872,7 +872,7 @@ BOOLEAN @retval FALSE Pseudorandom number generator does not have enough entropy for random generation. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:3142 +// FROM BaseCryptLib.h:3157 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RANDOM_SEED)( @@ -890,7 +890,7 @@ BOOLEAN @retval FALSE Pseudorandom number generator fails to generate due to lack of entropy. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:3163 +// FROM BaseCryptLib.h:3178 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RANDOM_BYTES)( @@ -907,7 +907,7 @@ BOOLEAN @return Pointer to the RSA context that has been initialized. If the allocations fails, RsaNew() returns NULL. **/ -// FROM BaseCryptLib.h:1474 +// FROM BaseCryptLib.h:1475 typedef VOID * (EFIAPI *EDKII_CRYPTO_RSA_NEW)( @@ -919,7 +919,7 @@ VOID * If RsaContext is NULL, then return FALSE. @param[in] RsaContext Pointer to the RSA context to be released. **/ -// FROM BaseCryptLib.h:1488 +// FROM BaseCryptLib.h:1489 typedef VOID (EFIAPI *EDKII_CRYPTO_RSA_FREE)( @@ -943,7 +943,7 @@ VOID @retval TRUE RSA key component was set successfully. @retval FALSE Invalid RSA key component tag. **/ -// FROM BaseCryptLib.h:1516 +// FROM BaseCryptLib.h:1517 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_SET_KEY)( @@ -976,7 +976,7 @@ BOOLEAN @retval FALSE BnSize is too small. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1553 +// FROM BaseCryptLib.h:1554 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_GET_KEY)( @@ -1003,7 +1003,7 @@ BOOLEAN @retval FALSE Invalid RSA key component tag. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1585 +// FROM BaseCryptLib.h:1586 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_GENERATE_KEY)( @@ -1029,7 +1029,7 @@ BOOLEAN @retval FALSE RSA key components are not valid. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1615 +// FROM BaseCryptLib.h:1616 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_CHECK_KEY)( @@ -1058,7 +1058,7 @@ BOOLEAN @retval FALSE SigSize is too small. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1648 +// FROM BaseCryptLib.h:1649 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_PKCS1_SIGN)( @@ -1084,7 +1084,7 @@ BOOLEAN @retval TRUE Valid signature encoded in PKCS1-v1_5. @retval FALSE Invalid signature or invalid RSA context. **/ -// FROM BaseCryptLib.h:1677 +// FROM BaseCryptLib.h:1678 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_PKCS1_VERIFY)( @@ -1122,7 +1122,7 @@ BOOLEAN @retval FALSE SigSize is too small. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1719 +// FROM BaseCryptLib.h:1720 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_PSS_SIGN)( @@ -1150,7 +1150,7 @@ BOOLEAN @retval TRUE Valid signature encoded in RSASSA-PSS. @retval FALSE Invalid signature or invalid RSA context. **/ -// FROM BaseCryptLib.h:1749 +// FROM BaseCryptLib.h:1750 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_PSS_VERIFY)( @@ -1178,7 +1178,7 @@ BOOLEAN @retval FALSE Invalid PEM key data or incorrect password. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1780 +// FROM BaseCryptLib.h:1781 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM)( @@ -1202,7 +1202,7 @@ BOOLEAN @retval FALSE Fail to retrieve RSA public key from X509 certificate. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1807 +// FROM BaseCryptLib.h:1808 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509)( @@ -1228,13 +1228,19 @@ BOOLEAN to be used when initializing the PRNG. NULL otherwise. @param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer. 0 otherwise. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] EncryptedData Pointer to an allocated buffer containing the encrypted message. @param[out] EncryptedDataSize Size of the encrypted message buffer. @retval TRUE Encryption was successful. @retval FALSE Encryption failed. **/ -// FROM BaseCryptLib.h:2178 +// FROM BaseCryptLib.h:2185 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_OAEP_ENCRYPT)( @@ -1243,6 +1249,7 @@ BOOLEAN IN UINTN InDataSize, IN CONST UINT8 *PrngSeed OPTIONAL, IN UINTN PrngSeedSize OPTIONAL, + IN UINT16 DigestLen OPTIONAL, OUT UINT8 **EncryptedData, OUT UINTN *EncryptedDataSize ); @@ -1258,21 +1265,28 @@ BOOLEAN provisioned with a private key using RsaSetKey(). @param[in] EncryptedData Data to be decrypted. @param[in] EncryptedDataSize Size of the encrypted buffer. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] OutData Pointer to an allocated buffer containing the encrypted message. @param[out] OutDataSize Size of the encrypted message buffer. @retval TRUE Encryption was successful. @retval FALSE Encryption failed. **/ -// FROM BaseCryptLib.h:2243 +// FROM BaseCryptLib.h:2257 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_RSA_OAEP_DECRYPT)( - IN VOID *RsaContext, - IN UINT8 *EncryptedData, - IN UINTN EncryptedDataSize, - OUT UINT8 **OutData, - OUT UINTN *OutDataSize + IN VOID *RsaContext, + IN UINT8 *EncryptedData, + IN UINTN EncryptedDataSize, + IN UINT16 DigestLen OPTIONAL, + OUT UINT8 **OutData, + OUT UINTN *OutDataSize ); // ============================================================================= @@ -1285,7 +1299,7 @@ BOOLEAN @return The size, in bytes, of the context buffer required for SHA-1 hash operations. @retval 0 This interface is not supported. **/ -// FROM BaseCryptLib.h:243 +// FROM BaseCryptLib.h:244 typedef UINTN (EFIAPI *EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE)( @@ -1302,7 +1316,7 @@ UINTN @retval FALSE SHA-1 context initialization failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:263 +// FROM BaseCryptLib.h:264 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA1_INIT)( @@ -1320,7 +1334,7 @@ BOOLEAN @retval FALSE SHA-1 context copy failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:284 +// FROM BaseCryptLib.h:285 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA1_DUPLICATE)( @@ -1343,7 +1357,7 @@ BOOLEAN @retval FALSE SHA-1 data digest failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:311 +// FROM BaseCryptLib.h:312 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA1_UPDATE)( @@ -1369,7 +1383,7 @@ BOOLEAN @retval FALSE SHA-1 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:341 +// FROM BaseCryptLib.h:342 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA1_FINAL)( @@ -1390,7 +1404,7 @@ BOOLEAN @retval FALSE SHA-1 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:366 +// FROM BaseCryptLib.h:367 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA1_HASH_ALL)( @@ -1407,7 +1421,7 @@ BOOLEAN Retrieves the size, in bytes, of the context buffer required for SHA-256 hash operations. @return The size, in bytes, of the context buffer required for SHA-256 hash operations. **/ -// FROM BaseCryptLib.h:382 +// FROM BaseCryptLib.h:383 typedef UINTN (EFIAPI *EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE)( @@ -1422,7 +1436,7 @@ UINTN @retval TRUE SHA-256 context initialization succeeded. @retval FALSE SHA-256 context initialization failed. **/ -// FROM BaseCryptLib.h:400 +// FROM BaseCryptLib.h:401 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA256_INIT)( @@ -1440,7 +1454,7 @@ BOOLEAN @retval FALSE SHA-256 context copy failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:421 +// FROM BaseCryptLib.h:422 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA256_DUPLICATE)( @@ -1461,7 +1475,7 @@ BOOLEAN @retval TRUE SHA-256 data digest succeeded. @retval FALSE SHA-256 data digest failed. **/ -// FROM BaseCryptLib.h:446 +// FROM BaseCryptLib.h:447 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA256_UPDATE)( @@ -1485,7 +1499,7 @@ BOOLEAN @retval TRUE SHA-256 digest computation succeeded. @retval FALSE SHA-256 digest computation failed. **/ -// FROM BaseCryptLib.h:474 +// FROM BaseCryptLib.h:475 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA256_FINAL)( @@ -1506,7 +1520,7 @@ BOOLEAN @retval FALSE SHA-256 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:499 +// FROM BaseCryptLib.h:500 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA256_HASH_ALL)( @@ -1523,7 +1537,7 @@ BOOLEAN Retrieves the size, in bytes, of the context buffer required for SHA-384 hash operations. @return The size, in bytes, of the context buffer required for SHA-384 hash operations. **/ -// FROM BaseCryptLib.h:513 +// FROM BaseCryptLib.h:514 typedef UINTN (EFIAPI *EDKII_CRYPTO_SHA384_GET_CONTEXT_SIZE)( @@ -1538,7 +1552,7 @@ UINTN @retval TRUE SHA-384 context initialization succeeded. @retval FALSE SHA-384 context initialization failed. **/ -// FROM BaseCryptLib.h:531 +// FROM BaseCryptLib.h:532 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA384_INIT)( @@ -1556,7 +1570,7 @@ BOOLEAN @retval FALSE SHA-384 context copy failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:552 +// FROM BaseCryptLib.h:553 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA384_DUPLICATE)( @@ -1577,7 +1591,7 @@ BOOLEAN @retval TRUE SHA-384 data digest succeeded. @retval FALSE SHA-384 data digest failed. **/ -// FROM BaseCryptLib.h:577 +// FROM BaseCryptLib.h:578 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA384_UPDATE)( @@ -1601,7 +1615,7 @@ BOOLEAN @retval TRUE SHA-384 digest computation succeeded. @retval FALSE SHA-384 digest computation failed. **/ -// FROM BaseCryptLib.h:605 +// FROM BaseCryptLib.h:606 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA384_FINAL)( @@ -1622,7 +1636,7 @@ BOOLEAN @retval FALSE SHA-384 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:630 +// FROM BaseCryptLib.h:631 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA384_HASH_ALL)( @@ -1639,7 +1653,7 @@ BOOLEAN Retrieves the size, in bytes, of the context buffer required for SHA-512 hash operations. @return The size, in bytes, of the context buffer required for SHA-512 hash operations. **/ -// FROM BaseCryptLib.h:644 +// FROM BaseCryptLib.h:645 typedef UINTN (EFIAPI *EDKII_CRYPTO_SHA512_GET_CONTEXT_SIZE)( @@ -1654,7 +1668,7 @@ UINTN @retval TRUE SHA-512 context initialization succeeded. @retval FALSE SHA-512 context initialization failed. **/ -// FROM BaseCryptLib.h:662 +// FROM BaseCryptLib.h:663 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA512_INIT)( @@ -1672,7 +1686,7 @@ BOOLEAN @retval FALSE SHA-512 context copy failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:683 +// FROM BaseCryptLib.h:684 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA512_DUPLICATE)( @@ -1693,7 +1707,7 @@ BOOLEAN @retval TRUE SHA-512 data digest succeeded. @retval FALSE SHA-512 data digest failed. **/ -// FROM BaseCryptLib.h:708 +// FROM BaseCryptLib.h:709 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA512_UPDATE)( @@ -1717,7 +1731,7 @@ BOOLEAN @retval TRUE SHA-512 digest computation succeeded. @retval FALSE SHA-512 digest computation failed. **/ -// FROM BaseCryptLib.h:736 +// FROM BaseCryptLib.h:737 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA512_FINAL)( @@ -1738,7 +1752,7 @@ BOOLEAN @retval FALSE SHA-512 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:761 +// FROM BaseCryptLib.h:762 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SHA512_HASH_ALL)( @@ -1765,7 +1779,7 @@ BOOLEAN @retval FALSE ParallelHash256 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:786 +// FROM BaseCryptLib.h:787 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_PARALLEL_HASH256_HASH_ALL)( @@ -1802,7 +1816,7 @@ BOOLEAN @retval TRUE AEAD AES-GCM authenticated encryption succeeded. @retval FALSE AEAD AES-GCM authenticated encryption failed. **/ -// FROM BaseCryptLib.h:1404 +// FROM BaseCryptLib.h:1405 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_AEAD_AES_GCM_ENCRYPT)( @@ -1841,7 +1855,7 @@ BOOLEAN @retval TRUE AEAD AES-GCM authenticated decryption succeeded. @retval FALSE AEAD AES-GCM authenticated decryption failed. **/ -// FROM BaseCryptLib.h:1446 +// FROM BaseCryptLib.h:1447 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_AEAD_AES_GCM_DECRYPT)( @@ -1878,7 +1892,7 @@ BOOLEAN The SubjectSize will be updated with the required size. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1834 +// FROM BaseCryptLib.h:1835 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_SUBJECT_NAME)( @@ -1911,7 +1925,7 @@ BOOLEAN CommonNameSize parameter. @retval RETURN_UNSUPPORTED The operation is not supported. **/ -// FROM BaseCryptLib.h:1869 +// FROM BaseCryptLib.h:1870 typedef RETURN_STATUS (EFIAPI *EDKII_CRYPTO_X509_GET_COMMON_NAME)( @@ -1944,7 +1958,7 @@ RETURN_STATUS CommonNameSize parameter. @retval RETURN_UNSUPPORTED The operation is not supported. **/ -// FROM BaseCryptLib.h:1904 +// FROM BaseCryptLib.h:1905 typedef RETURN_STATUS (EFIAPI *EDKII_CRYPTO_X509_GET_ORGANIZATION_NAME)( @@ -1968,7 +1982,7 @@ RETURN_STATUS trusted CA. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1931 +// FROM BaseCryptLib.h:1932 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_VERIFY_CERT)( @@ -1990,7 +2004,7 @@ BOOLEAN @retval FALSE The operation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1956 +// FROM BaseCryptLib.h:1957 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE)( @@ -2014,7 +2028,7 @@ BOOLEAN @retval FALSE The construction operation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1983 +// FROM BaseCryptLib.h:1984 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK_V)( @@ -2036,7 +2050,7 @@ BOOLEAN @retval FALSE The construction operation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:2008 +// FROM BaseCryptLib.h:2009 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK)( @@ -2049,7 +2063,7 @@ BOOLEAN If the interface is not supported, then ASSERT(). @param[in] X509Cert Pointer to the X509 object to be released. **/ -// FROM BaseCryptLib.h:2023 +// FROM BaseCryptLib.h:2024 typedef VOID (EFIAPI *EDKII_CRYPTO_X509_FREE)( @@ -2061,7 +2075,7 @@ VOID If the interface is not supported, then ASSERT(). @param[in] X509Stack Pointer to the X509 stack object to be released. **/ -// FROM BaseCryptLib.h:2037 +// FROM BaseCryptLib.h:2038 typedef VOID (EFIAPI *EDKII_CRYPTO_X509_STACK_FREE)( @@ -2081,7 +2095,7 @@ VOID @retval TRUE The TBSCertificate was retrieved successfully. @retval FALSE Invalid X.509 certificate. **/ -// FROM BaseCryptLib.h:2060 +// FROM BaseCryptLib.h:2061 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_TBSCERT)( @@ -2103,7 +2117,7 @@ BOOLEAN @retval FALSE If Cert is NULL or CertSize is Zero. @retval FALSE The operation is not supported. **/ -// FROM BaseCryptLib.h:2597 +// FROM BaseCryptLib.h:2612 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_VERSION)( @@ -2132,7 +2146,7 @@ BOOLEAN SerialNumberSize parameter. @retval FALSE The operation is not supported. **/ -// FROM BaseCryptLib.h:2628 +// FROM BaseCryptLib.h:2643 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_SERIAL_NUMBER)( @@ -2157,7 +2171,7 @@ BOOLEAN The CertIssuerSize will be updated with the required size. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:2656 +// FROM BaseCryptLib.h:2671 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_ISSUER_NAME)( @@ -2183,7 +2197,7 @@ BOOLEAN is returned in the OidSize. @retval FALSE The operation is not supported. **/ -// FROM BaseCryptLib.h:2683 +// FROM BaseCryptLib.h:2698 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_SIGNATURE_ALGORITHM)( @@ -2211,7 +2225,7 @@ BOOLEAN is returned in the ExtensionDataSize parameter. @retval FALSE The operation is not supported. **/ -// FROM BaseCryptLib.h:2712 +// FROM BaseCryptLib.h:2727 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_EXTENSION_DATA)( @@ -2240,7 +2254,7 @@ BOOLEAN @retval FALSE Invalid certificate, or Validity retrieve failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:2744 +// FROM BaseCryptLib.h:2759 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_VALIDITY)( @@ -2272,7 +2286,7 @@ BOOLEAN DateTimeSize parameter. @retval FALSE The operation is not supported. **/ -// FROM BaseCryptLib.h:2778 +// FROM BaseCryptLib.h:2793 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_FORMAT_DATE_TIME)( @@ -2290,7 +2304,7 @@ BOOLEAN @retval FALSE Invalid certificate, or Usage is NULL @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:2820 +// FROM BaseCryptLib.h:2835 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_KEY_USAGE)( @@ -2314,7 +2328,7 @@ BOOLEAN is returned in the UsageSize parameter. @retval FALSE The operation is not supported. **/ -// FROM BaseCryptLib.h:2845 +// FROM BaseCryptLib.h:2860 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_EXTENDED_KEY_USAGE)( @@ -2338,7 +2352,7 @@ BOOLEAN @retval FALSE Invalid certificate or the certificate was not issued by the given trusted CA. **/ -// FROM BaseCryptLib.h:2870 +// FROM BaseCryptLib.h:2885 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_VERIFY_CERT_CHAIN)( @@ -2363,7 +2377,7 @@ BOOLEAN @retval TRUE Success. @retval FALSE Failed to get certificate from certificate chain. **/ -// FROM BaseCryptLib.h:2898 +// FROM BaseCryptLib.h:2913 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_CERT_FROM_CERT_CHAIN)( @@ -2390,7 +2404,7 @@ BOOLEAN @retval FALSE If no Extension entry match oid. @retval FALSE The operation is not supported. **/ -// FROM BaseCryptLib.h:2946 +// FROM BaseCryptLib.h:2961 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_X509_GET_EXTENDED_BASIC_CONSTRAINTS)( @@ -2413,7 +2427,7 @@ BOOLEAN @retval TRUE Get tag successful @retval FALSe Failed to get tag or tag not match **/ -// FROM BaseCryptLib.h:2919 +// FROM BaseCryptLib.h:2934 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_ASN1_GET_TAG)( @@ -2431,7 +2445,7 @@ BOOLEAN Allocate new Big Number. @retval New BigNum opaque structure or NULL on failure. **/ -// FROM BaseCryptLib.h:3341 +// FROM BaseCryptLib.h:3356 typedef VOID * (EFIAPI *EDKII_CRYPTO_BIG_NUM_INIT)( @@ -2444,7 +2458,7 @@ VOID * @param[in] Len Buffer length. @retval New BigNum opaque structure or NULL on failure. **/ -// FROM BaseCryptLib.h:3355 +// FROM BaseCryptLib.h:3370 typedef VOID * (EFIAPI *EDKII_CRYPTO_BIG_NUM_FROM_BIN)( @@ -2459,7 +2473,7 @@ VOID * @param[out] Buf Output buffer. @retval The length of the big-endian number placed at Buf or -1 on error. **/ -// FROM BaseCryptLib.h:3371 +// FROM BaseCryptLib.h:3386 typedef INTN (EFIAPI *EDKII_CRYPTO_BIG_NUM_TO_BIN)( @@ -2472,7 +2486,7 @@ INTN @param[in] Bn Big number to free. @param[in] Clear TRUE if the buffer should be cleared. **/ -// FROM BaseCryptLib.h:3384 +// FROM BaseCryptLib.h:3399 typedef VOID (EFIAPI *EDKII_CRYPTO_BIG_NUM_FREE)( @@ -2490,7 +2504,7 @@ VOID @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3403 +// FROM BaseCryptLib.h:3418 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_ADD)( @@ -2509,7 +2523,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3423 +// FROM BaseCryptLib.h:3438 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_SUB)( @@ -2528,7 +2542,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3443 +// FROM BaseCryptLib.h:3458 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_MOD)( @@ -2548,7 +2562,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3464 +// FROM BaseCryptLib.h:3479 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_EXP_MOD)( @@ -2568,7 +2582,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3485 +// FROM BaseCryptLib.h:3500 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_INVERSE_MOD)( @@ -2587,7 +2601,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3505 +// FROM BaseCryptLib.h:3520 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_DIV)( @@ -2607,7 +2621,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3526 +// FROM BaseCryptLib.h:3541 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_MUL_MOD)( @@ -2625,7 +2639,7 @@ BOOLEAN @retval 1 BnA > BnB. @retval -1 BnA < BnB. **/ -// FROM BaseCryptLib.h:3545 +// FROM BaseCryptLib.h:3560 typedef INTN (EFIAPI *EDKII_CRYPTO_BIG_NUM_CMP)( @@ -2638,7 +2652,7 @@ INTN @param[in] Bn Big number. @retval Number of bits. **/ -// FROM BaseCryptLib.h:3560 +// FROM BaseCryptLib.h:3575 typedef UINTN (EFIAPI *EDKII_CRYPTO_BIG_NUM_BITS)( @@ -2650,7 +2664,7 @@ UINTN @param[in] Bn Big number. @retval Number of bytes. **/ -// FROM BaseCryptLib.h:3573 +// FROM BaseCryptLib.h:3588 typedef UINTN (EFIAPI *EDKII_CRYPTO_BIG_NUM_BYTES)( @@ -2664,7 +2678,7 @@ UINTN @retval TRUE iff Bn == Num. @retval FALSE otherwise. **/ -// FROM BaseCryptLib.h:3588 +// FROM BaseCryptLib.h:3603 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_IS_WORD)( @@ -2678,7 +2692,7 @@ BOOLEAN @retval TRUE Bn is odd (Bn % 2 == 1). @retval FALSE otherwise. **/ -// FROM BaseCryptLib.h:3603 +// FROM BaseCryptLib.h:3618 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_IS_ODD)( @@ -2692,7 +2706,7 @@ BOOLEAN @retval BnDst on success. @retval NULL otherwise. **/ -// FROM BaseCryptLib.h:3618 +// FROM BaseCryptLib.h:3633 typedef VOID * (EFIAPI *EDKII_CRYPTO_BIG_NUM_COPY)( @@ -2710,7 +2724,7 @@ VOID * @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3649 +// FROM BaseCryptLib.h:3664 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_RSHIFT)( @@ -2725,7 +2739,7 @@ BOOLEAN performed on the given Big number. @param[in] Bn Big number. **/ -// FROM BaseCryptLib.h:3664 +// FROM BaseCryptLib.h:3679 typedef VOID (EFIAPI *EDKII_CRYPTO_BIG_NUM_CONST_TIME)( @@ -2742,7 +2756,7 @@ VOID @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3682 +// FROM BaseCryptLib.h:3697 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_SQR_MOD)( @@ -2757,7 +2771,7 @@ BOOLEAN needed to optimize calculations and expensive allocations. @retval Big Number context struct or NULL on failure. **/ -// FROM BaseCryptLib.h:3697 +// FROM BaseCryptLib.h:3712 typedef VOID * (EFIAPI *EDKII_CRYPTO_BIG_NUM_NEW_CONTEXT)( @@ -2768,7 +2782,7 @@ VOID * Free Big Number context that was allocated with BigNumNewContext(). @param[in] BnCtx Big number context to free. **/ -// FROM BaseCryptLib.h:3708 +// FROM BaseCryptLib.h:3723 typedef VOID (EFIAPI *EDKII_CRYPTO_BIG_NUM_CONTEXT_FREE)( @@ -2782,7 +2796,7 @@ VOID @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3723 +// FROM BaseCryptLib.h:3738 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_SET_UINT)( @@ -2799,7 +2813,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3741 +// FROM BaseCryptLib.h:3756 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_BIG_NUM_ADD_MOD)( @@ -2822,7 +2836,7 @@ BOOLEAN @return The size, in bytes, of the context buffer required for AES operations. @retval 0 This interface is not supported. **/ -// FROM BaseCryptLib.h:1262 +// FROM BaseCryptLib.h:1263 typedef UINTN (EFIAPI *EDKII_CRYPTO_AES_GET_CONTEXT_SIZE)( @@ -2846,7 +2860,7 @@ UINTN @retval FALSE AES context initialization failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1290 +// FROM BaseCryptLib.h:1291 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_AES_INIT)( @@ -2879,7 +2893,7 @@ BOOLEAN @retval FALSE AES encryption failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1327 +// FROM BaseCryptLib.h:1328 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_AES_CBC_ENCRYPT)( @@ -2914,7 +2928,7 @@ BOOLEAN @retval FALSE AES decryption failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:1366 +// FROM BaseCryptLib.h:1367 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_AES_CBC_DECRYPT)( @@ -2936,7 +2950,7 @@ BOOLEAN Retrieves the size, in bytes, of the context buffer required for SM3 hash operations. @return The size, in bytes, of the context buffer required for SM3 hash operations. **/ -// FROM BaseCryptLib.h:804 +// FROM BaseCryptLib.h:805 typedef UINTN (EFIAPI *EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE)( @@ -2951,7 +2965,7 @@ UINTN @retval TRUE SM3 context initialization succeeded. @retval FALSE SM3 context initialization failed. **/ -// FROM BaseCryptLib.h:822 +// FROM BaseCryptLib.h:823 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SM3_INIT)( @@ -2969,7 +2983,7 @@ BOOLEAN @retval FALSE SM3 context copy failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:843 +// FROM BaseCryptLib.h:844 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SM3_DUPLICATE)( @@ -2990,7 +3004,7 @@ BOOLEAN @retval TRUE SM3 data digest succeeded. @retval FALSE SM3 data digest failed. **/ -// FROM BaseCryptLib.h:868 +// FROM BaseCryptLib.h:869 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SM3_UPDATE)( @@ -3014,7 +3028,7 @@ BOOLEAN @retval TRUE SM3 digest computation succeeded. @retval FALSE SM3 digest computation failed. **/ -// FROM BaseCryptLib.h:896 +// FROM BaseCryptLib.h:897 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SM3_FINAL)( @@ -3035,7 +3049,7 @@ BOOLEAN @retval FALSE SM3 digest computation failed. @retval FALSE This interface is not supported. **/ -// FROM BaseCryptLib.h:921 +// FROM BaseCryptLib.h:922 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_SM3_HASH_ALL)( @@ -3061,7 +3075,7 @@ BOOLEAN @retval TRUE Hkdf generated successfully. @retval FALSE Hkdf generation failed. **/ -// FROM BaseCryptLib.h:3190 +// FROM BaseCryptLib.h:3205 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HKDF_SHA256_EXTRACT_AND_EXPAND)( @@ -3086,7 +3100,7 @@ BOOLEAN @retval true Hkdf generated successfully. @retval false Hkdf generation failed. **/ -// FROM BaseCryptLib.h:3217 +// FROM BaseCryptLib.h:3232 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HKDF_SHA256_EXTRACT)( @@ -3109,7 +3123,7 @@ BOOLEAN @retval TRUE Hkdf generated successfully. @retval FALSE Hkdf generation failed. **/ -// FROM BaseCryptLib.h:3242 +// FROM BaseCryptLib.h:3257 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HKDF_SHA256_EXPAND)( @@ -3134,7 +3148,7 @@ BOOLEAN @retval TRUE Hkdf generated successfully. @retval FALSE Hkdf generation failed. **/ -// FROM BaseCryptLib.h:3269 +// FROM BaseCryptLib.h:3284 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HKDF_SHA384_EXTRACT_AND_EXPAND)( @@ -3159,7 +3173,7 @@ BOOLEAN @retval true Hkdf generated successfully. @retval false Hkdf generation failed. **/ -// FROM BaseCryptLib.h:3296 +// FROM BaseCryptLib.h:3311 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HKDF_SHA384_EXTRACT)( @@ -3182,7 +3196,7 @@ BOOLEAN @retval TRUE Hkdf generated successfully. @retval FALSE Hkdf generation failed. **/ -// FROM BaseCryptLib.h:3321 +// FROM BaseCryptLib.h:3336 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_HKDF_SHA384_EXPAND)( @@ -4025,7 +4039,7 @@ EFI_STATUS @retval EcGroup object On success. @retval NULL On failure. **/ -// FROM BaseCryptLib.h:3765 +// FROM BaseCryptLib.h:3780 typedef VOID * (EFIAPI *EDKII_CRYPTO_EC_GROUP_INIT)( @@ -4045,7 +4059,7 @@ VOID * @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3786 +// FROM BaseCryptLib.h:3801 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_GROUP_GET_CURVE)( @@ -4066,7 +4080,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3808 +// FROM BaseCryptLib.h:3823 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_GROUP_GET_ORDER)( @@ -4078,7 +4092,7 @@ BOOLEAN Free previously allocated EC group object using EcGroupInit(). @param[in] EcGroup EC group object to free. **/ -// FROM BaseCryptLib.h:3820 +// FROM BaseCryptLib.h:3835 typedef VOID (EFIAPI *EDKII_CRYPTO_EC_GROUP_FREE)( @@ -4092,7 +4106,7 @@ VOID @retval EC Point object On success. @retval NULL On failure. **/ -// FROM BaseCryptLib.h:3835 +// FROM BaseCryptLib.h:3850 typedef VOID * (EFIAPI *EDKII_CRYPTO_EC_POINT_INIT)( @@ -4104,7 +4118,7 @@ VOID * @param[in] EcPoint EC Point to free. @param[in] Clear TRUE iff the memory should be cleared. **/ -// FROM BaseCryptLib.h:3847 +// FROM BaseCryptLib.h:3862 typedef VOID (EFIAPI *EDKII_CRYPTO_EC_POINT_DE_INIT)( @@ -4125,7 +4139,7 @@ VOID @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3869 +// FROM BaseCryptLib.h:3884 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_POINT_GET_AFFINE_COORDINATES)( @@ -4146,7 +4160,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3891 +// FROM BaseCryptLib.h:3906 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_POINT_SET_AFFINE_COORDINATES)( @@ -4168,7 +4182,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3914 +// FROM BaseCryptLib.h:3929 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_POINT_ADD)( @@ -4190,7 +4204,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3937 +// FROM BaseCryptLib.h:3952 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_POINT_MUL)( @@ -4209,7 +4223,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3957 +// FROM BaseCryptLib.h:3972 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_POINT_INVERT)( @@ -4226,7 +4240,7 @@ BOOLEAN @retval TRUE On curve. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3975 +// FROM BaseCryptLib.h:3990 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_POINT_IS_ON_CURVE)( @@ -4242,7 +4256,7 @@ BOOLEAN @retval TRUE At infinity. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:3992 +// FROM BaseCryptLib.h:4007 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_POINT_IS_AT_INFINITY)( @@ -4259,7 +4273,7 @@ BOOLEAN @retval TRUE A == B. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:4010 +// FROM BaseCryptLib.h:4025 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_POINT_EQUAL)( @@ -4284,7 +4298,7 @@ BOOLEAN @retval TRUE On success. @retval FALSE Otherwise. **/ -// FROM BaseCryptLib.h:4036 +// FROM BaseCryptLib.h:4051 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_POINT_SET_COMPRESSED_COORDINATES)( @@ -4302,7 +4316,7 @@ BOOLEAN @return Pointer to the Elliptic Curve Context that has been initialized. If the allocations fails, EcNewByNid() returns NULL. **/ -// FROM BaseCryptLib.h:4058 +// FROM BaseCryptLib.h:4073 typedef VOID * (EFIAPI *EDKII_CRYPTO_EC_NEW_BY_NID)( @@ -4313,7 +4327,7 @@ VOID * Release the specified EC context. @param[in] EcContext Pointer to the EC context to be released. **/ -// FROM BaseCryptLib.h:4069 +// FROM BaseCryptLib.h:4084 typedef VOID (EFIAPI *EDKII_CRYPTO_EC_FREE)( @@ -4346,7 +4360,7 @@ VOID @retval FALSE EC public X,Y generation failed. @retval FALSE PublicKeySize is not large enough. **/ -// FROM BaseCryptLib.h:4101 +// FROM BaseCryptLib.h:4116 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_GENERATE_KEY)( @@ -4369,7 +4383,7 @@ BOOLEAN @retval TRUE EC key component was retrieved successfully. @retval FALSE Invalid EC key component. **/ -// FROM BaseCryptLib.h:4123 +// FROM BaseCryptLib.h:4138 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_GET_PUB_KEY)( @@ -4403,7 +4417,7 @@ BOOLEAN @retval FALSE EC exchanged key generation failed. @retval FALSE KeySize is not large enough. **/ -// FROM BaseCryptLib.h:4156 +// FROM BaseCryptLib.h:4171 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_DH_COMPUTE_KEY)( @@ -4428,7 +4442,7 @@ BOOLEAN @retval TRUE EC Private Key was retrieved successfully. @retval FALSE Invalid PEM key data or incorrect password. **/ -// FROM BaseCryptLib.h:4184 +// FROM BaseCryptLib.h:4199 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_GET_PRIVATE_KEY_FROM_PEM)( @@ -4450,7 +4464,7 @@ BOOLEAN @retval TRUE EC Public Key was retrieved successfully. @retval FALSE Fail to retrieve EC public key from X509 certificate. **/ -// FROM BaseCryptLib.h:4209 +// FROM BaseCryptLib.h:4224 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_GET_PUBLIC_KEY_FROM_X509)( @@ -4482,7 +4496,7 @@ BOOLEAN @retval FALSE Signature generation failed. @retval FALSE SigSize is too small. **/ -// FROM BaseCryptLib.h:4246 +// FROM BaseCryptLib.h:4261 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_DSA_SIGN)( @@ -4512,7 +4526,7 @@ BOOLEAN @retval TRUE Valid signature encoded in EC-DSA. @retval FALSE Invalid signature or invalid EC context. **/ -// FROM BaseCryptLib.h:4280 +// FROM BaseCryptLib.h:4295 typedef BOOLEAN (EFIAPI *EDKII_CRYPTO_EC_DSA_VERIFY)( diff --git a/MU_BASECORE b/MU_BASECORE index d093b84..d6e0113 160000 --- a/MU_BASECORE +++ b/MU_BASECORE @@ -1 +1 @@ -Subproject commit d093b84ae7dcf27ab4554edfd1f8a80adc408e07 +Subproject commit d6e01136697c1aed85bb83cff98b74ec11e96e1a diff --git a/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c b/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c index 00e904d..7634ab1 100644 --- a/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c +++ b/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1Oaep.c @@ -3,7 +3,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent - Copyright (C) 2016 Microsoft Corporation. All Rights Reserved. + Copyright (C) Microsoft Corporation. All Rights Reserved. Copyright (c) 2019, Intel Corporation. All rights reserved.
**/ @@ -14,6 +14,37 @@ #include #include +/** + Retrieve a pointer to EVP message digest object. + + @param[in] DigestLen Length of the message digest. + +**/ +STATIC +const +EVP_MD * +GetEvpMD ( + IN UINT16 DigestLen + ) +{ + switch (DigestLen) { + case SHA1_DIGEST_SIZE: + return EVP_sha1 (); + break; + case SHA256_DIGEST_SIZE: + return EVP_sha256 (); + break; + case SHA384_DIGEST_SIZE: + return EVP_sha384 (); + break; + case SHA512_DIGEST_SIZE: + return EVP_sha512 (); + break; + default: + return NULL; + } +} + /** Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the encrypted message in a newly allocated buffer. @@ -34,6 +65,12 @@ to be used when initializing the PRNG. NULL otherwise. @param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer. 0 otherwise. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] EncryptedData Pointer to an allocated buffer containing the encrypted message. @param[out] EncryptedDataSize Size of the encrypted message buffer. @@ -50,6 +87,7 @@ InternalPkcs1v2Encrypt ( IN UINTN InDataSize, IN CONST UINT8 *PrngSeed OPTIONAL, IN UINTN PrngSeedSize OPTIONAL, + IN UINT16 DigestLen OPTIONAL, OUT UINT8 **EncryptedData, OUT UINTN *EncryptedDataSize ) @@ -58,6 +96,7 @@ InternalPkcs1v2Encrypt ( EVP_PKEY_CTX *PkeyCtx; UINT8 *OutData; UINTN OutDataSize; + CONST EVP_MD *HashAlg; // // Check input parameters. @@ -109,6 +148,21 @@ InternalPkcs1v2Encrypt ( goto _Exit; } + if (DigestLen != 0) { + HashAlg = GetEvpMD (DigestLen); + if (HashAlg == NULL) { + goto _Exit; + } + + if (EVP_PKEY_CTX_set_rsa_oaep_md (PkeyCtx, HashAlg) <= 0) { + goto _Exit; + } + + if (EVP_PKEY_CTX_set_rsa_mgf1_md (PkeyCtx, HashAlg) <= 0) { + goto _Exit; + } + } + // // Determine the required buffer length for malloc'ing. // @@ -258,7 +312,7 @@ Pkcs1v2Encrypt ( goto _Exit; } - Result = InternalPkcs1v2Encrypt (Pkey, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize); + Result = InternalPkcs1v2Encrypt (Pkey, InData, InDataSize, PrngSeed, PrngSeedSize, 0, EncryptedData, EncryptedDataSize); _Exit: // @@ -280,7 +334,6 @@ Pkcs1v2Encrypt ( encrypted message in a newly allocated buffer. Things that can cause a failure include: - - X509 key size does not match any known key size. - Fail to allocate an intermediate buffer. - Null pointer provided for a non-optional parameter. - Data size is too large for the provided key size (max size is a function of key size @@ -294,6 +347,12 @@ Pkcs1v2Encrypt ( to be used when initializing the PRNG. NULL otherwise. @param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer. 0 otherwise. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] EncryptedData Pointer to an allocated buffer containing the encrypted message. @param[out] EncryptedDataSize Size of the encrypted message buffer. @@ -310,6 +369,7 @@ RsaOaepEncrypt ( IN UINTN InDataSize, IN CONST UINT8 *PrngSeed OPTIONAL, IN UINTN PrngSeedSize OPTIONAL, + IN UINT16 DigestLen OPTIONAL, OUT UINT8 **EncryptedData, OUT UINTN *EncryptedDataSize ) @@ -340,7 +400,7 @@ RsaOaepEncrypt ( goto _Exit; } - Result = InternalPkcs1v2Encrypt (Pkey, InData, InDataSize, PrngSeed, PrngSeedSize, EncryptedData, EncryptedDataSize); + Result = InternalPkcs1v2Encrypt (Pkey, InData, InDataSize, PrngSeed, PrngSeedSize, DigestLen, EncryptedData, EncryptedDataSize); _Exit: // @@ -365,6 +425,12 @@ RsaOaepEncrypt ( @param[in] Pkey A pointer to an EVP_PKEY which will decrypt that data. @param[in] EncryptedData Data to be decrypted. @param[in] EncryptedDataSize Size of the encrypted buffer. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] OutData Pointer to an allocated buffer containing the encrypted message. @param[out] OutDataSize Size of the encrypted message buffer. @@ -376,11 +442,12 @@ RsaOaepEncrypt ( BOOLEAN EFIAPI InternalPkcs1v2Decrypt ( - EVP_PKEY *Pkey, - IN UINT8 *EncryptedData, - IN UINTN EncryptedDataSize, - OUT UINT8 **OutData, - OUT UINTN *OutDataSize + EVP_PKEY *Pkey, + IN UINT8 *EncryptedData, + IN UINTN EncryptedDataSize, + IN UINT16 DigestLen OPTIONAL, + OUT UINT8 **OutData, + OUT UINTN *OutDataSize ) { BOOLEAN Result; @@ -388,6 +455,7 @@ InternalPkcs1v2Decrypt ( UINT8 *TempData; UINTN TempDataSize; INTN ReturnCode; + CONST EVP_MD *HashAlg; // // Check input parameters. @@ -428,6 +496,21 @@ InternalPkcs1v2Decrypt ( goto _Exit; } + if (DigestLen != 0) { + HashAlg = GetEvpMD (DigestLen); + if (HashAlg == NULL) { + goto _Exit; + } + + if (EVP_PKEY_CTX_set_rsa_oaep_md (PkeyCtx, HashAlg) <= 0) { + goto _Exit; + } + + if (EVP_PKEY_CTX_set_rsa_mgf1_md (PkeyCtx, HashAlg) <= 0) { + goto _Exit; + } + } + // // Determine the required buffer length for malloc'ing. // @@ -544,7 +627,7 @@ Pkcs1v2Decrypt ( goto _Exit; } - Result = InternalPkcs1v2Decrypt (Pkey, EncryptedData, EncryptedDataSize, OutData, OutDataSize); + Result = InternalPkcs1v2Decrypt (Pkey, EncryptedData, EncryptedDataSize, 0, OutData, OutDataSize); _Exit: if (Pkey != NULL) { @@ -567,6 +650,12 @@ Pkcs1v2Decrypt ( provisioned with a private key using RsaSetKey(). @param[in] EncryptedData Data to be decrypted. @param[in] EncryptedDataSize Size of the encrypted buffer. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] OutData Pointer to an allocated buffer containing the encrypted message. @param[out] OutDataSize Size of the encrypted message buffer. @@ -578,11 +667,12 @@ Pkcs1v2Decrypt ( BOOLEAN EFIAPI RsaOaepDecrypt ( - IN VOID *RsaContext, - IN UINT8 *EncryptedData, - IN UINTN EncryptedDataSize, - OUT UINT8 **OutData, - OUT UINTN *OutDataSize + IN VOID *RsaContext, + IN UINT8 *EncryptedData, + IN UINTN EncryptedDataSize, + IN UINT16 DigestLen OPTIONAL, + OUT UINT8 **OutData, + OUT UINTN *OutDataSize ) { BOOLEAN Result; @@ -613,7 +703,7 @@ RsaOaepDecrypt ( goto _Exit; } - Result = InternalPkcs1v2Decrypt (Pkey, EncryptedData, EncryptedDataSize, OutData, OutDataSize); + Result = InternalPkcs1v2Decrypt (Pkey, EncryptedData, EncryptedDataSize, DigestLen, OutData, OutDataSize); _Exit: if (Pkey != NULL) { diff --git a/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1OaepNull.c b/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1OaepNull.c index 6c87f63..01d3c5a 100644 --- a/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1OaepNull.c +++ b/OpensslPkg/Library/BaseCryptLib/Pk/CryptPkcs1OaepNull.c @@ -3,7 +3,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent - Copyright (C) 2016 Microsoft Corporation. All Rights Reserved. + Copyright (C) Microsoft Corporation. All Rights Reserved. Copyright (c) 2019, Intel Corporation. All rights reserved.
**/ @@ -68,6 +68,12 @@ Pkcs1v2Encrypt ( to be used when initializing the PRNG. NULL otherwise. @param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer. 0 otherwise. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] EncryptedData Pointer to an allocated buffer containing the encrypted message. @param[out] EncryptedDataSize Size of the encrypted message buffer. @@ -84,6 +90,7 @@ RsaOaepEncrypt ( IN UINTN InDataSize, IN CONST UINT8 *PrngSeed OPTIONAL, IN UINTN PrngSeedSize OPTIONAL, + IN UINT16 DigestLen OPTIONAL, OUT UINT8 **EncryptedData, OUT UINTN *EncryptedDataSize ) @@ -113,7 +120,6 @@ RsaOaepEncrypt ( @retval FALSE Encryption failed. **/ - BOOLEAN EFIAPI Pkcs1v2Decrypt ( @@ -142,6 +148,12 @@ Pkcs1v2Decrypt ( provisioned with a private key using RsaSetKey(). @param[in] EncryptedData Data to be decrypted. @param[in] EncryptedDataSize Size of the encrypted buffer. + @param[in] DigestLen [Optional] If provided, size of the hash used: + SHA1_DIGEST_SIZE + SHA256_DIGEST_SIZE + SHA384_DIGEST_SIZE + SHA512_DIGEST_SIZE + 0 to use default (SHA1) @param[out] OutData Pointer to an allocated buffer containing the encrypted message. @param[out] OutDataSize Size of the encrypted message buffer. @@ -153,13 +165,14 @@ Pkcs1v2Decrypt ( BOOLEAN EFIAPI RsaOaepDecrypt ( - IN VOID *RsaContext, - IN UINT8 *EncryptedData, - IN UINTN EncryptedDataSize, - OUT UINT8 **OutData, - OUT UINTN *OutDataSize + IN VOID *RsaContext, + IN UINT8 *EncryptedData, + IN UINTN EncryptedDataSize, + IN UINT16 DigestLen OPTIONAL, + OUT UINT8 **OutData, + OUT UINTN *OutDataSize ) { ASSERT (FALSE); return FALSE; -}; +}