• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /** @file
2   Runtime Cryptographic Driver Implementation, which produce one crypto
3   protocol.
4 
5 Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution.  The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php
10 
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13 
14 **/
15 
16 #include "CryptRuntime.h"
17 
18 //
19 // The handle onto which the Runtime Crypt Protocol instance is installed
20 //
21 EFI_HANDLE  mRuntimeCryptHandle = NULL;
22 
23 //
24 // The Runtime Crypt Protocol instance produced by this driver
25 //
26 EFI_RUNTIME_CRYPT_PROTOCOL  mRuntimeCryptProtocol = {
27   RuntimeCryptSha256GetContextSize,
28   RuntimeCryptSha256Init,
29   RuntimeCryptSha256Update,
30   RuntimeCryptSha256Final,
31   RuntimeCryptRsaNew,
32   RuntimeCryptRsaFree,
33   RuntimeCryptRsaSetKey,
34   RuntimeCryptRsaPkcs1Verify
35 };
36 
37 /**
38   Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
39 
40   @return  The size, in bytes, of the context buffer required for SHA-256 operations.
41 
42 **/
43 UINTN
44 EFIAPI
RuntimeCryptSha256GetContextSize(VOID)45 RuntimeCryptSha256GetContextSize (
46   VOID
47   )
48 {
49   return Sha256GetContextSize ();
50 }
51 
52 /**
53   Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
54   subsequent use.
55 
56   If Sha256Context is NULL, then return FALSE.
57 
58   @param[in, out]  Sha256Context  Pointer to SHA-256 Context being initialized.
59 
60   @retval TRUE   SHA-256 context initialization succeeded.
61   @retval FALSE  SHA-256 context initialization failed.
62 
63 **/
64 BOOLEAN
65 EFIAPI
RuntimeCryptSha256Init(IN OUT VOID * Sha256Context)66 RuntimeCryptSha256Init (
67   IN OUT  VOID  *Sha256Context
68   )
69 {
70   return Sha256Init (Sha256Context);
71 }
72 
73 /**
74   Performs SHA-256 digest on a data buffer of the specified length. This function can
75   be called multiple times to compute the digest of long or discontinuous data streams.
76 
77   If Sha256Context is NULL, then return FALSE.
78 
79   @param[in, out]  Sha256Context  Pointer to the SHA-256 context.
80   @param[in]       Data           Pointer to the buffer containing the data to be hashed.
81   @param[in]       DataLength     Length of Data buffer in bytes.
82 
83   @retval TRUE   SHA-256 data digest succeeded.
84   @retval FALSE  Invalid SHA-256 context. After Sha256Final function has been called, the
85                  SHA-256 context cannot be reused.
86 
87 **/
88 BOOLEAN
89 EFIAPI
RuntimeCryptSha256Update(IN OUT VOID * Sha256Context,IN CONST VOID * Data,IN UINTN DataLength)90 RuntimeCryptSha256Update (
91   IN OUT  VOID        *Sha256Context,
92   IN      CONST VOID  *Data,
93   IN      UINTN       DataLength
94   )
95 {
96   return Sha256Update (Sha256Context, Data, DataLength);
97 }
98 
99 /**
100   Completes SHA-256 hash computation and retrieves the digest value into the specified
101   memory. After this function has been called, the SHA-256 context cannot be used again.
102 
103   If Sha256Context is NULL, then return FALSE.
104   If HashValue is NULL, then return FALSE.
105 
106   @param[in, out]  Sha256Context  Pointer to SHA-256 context
107   @param[out]      HashValue      Pointer to a buffer that receives the SHA-256 digest
108                                   value (32 bytes).
109 
110   @retval TRUE   SHA-256 digest computation succeeded.
111   @retval FALSE  SHA-256 digest computation failed.
112 
113 **/
114 BOOLEAN
115 EFIAPI
RuntimeCryptSha256Final(IN OUT VOID * Sha256Context,OUT UINT8 * HashValue)116 RuntimeCryptSha256Final (
117   IN OUT  VOID   *Sha256Context,
118   OUT     UINT8  *HashValue
119   )
120 {
121   return Sha256Final (Sha256Context, HashValue);
122 }
123 
124 /**
125   Allocates and Initializes one RSA Context for subsequent use.
126 
127   @return  Pointer to the RSA Context that has been initialized.
128            If the allocations fails, RsaNew() returns NULL.
129 
130 **/
131 VOID *
132 EFIAPI
RuntimeCryptRsaNew(VOID)133 RuntimeCryptRsaNew (
134   VOID
135   )
136 {
137   return RsaNew ();
138 }
139 
140 /**
141   Release the specified RSA Context.
142 
143   @param[in]  RsaContext  Pointer to the RSA context to be released.
144 
145 **/
146 VOID
147 EFIAPI
RuntimeCryptRsaFree(IN VOID * RsaContext)148 RuntimeCryptRsaFree (
149   IN  VOID  *RsaContext
150   )
151 {
152   RsaFree (RsaContext);
153 }
154 
155 /**
156   Sets the tag-designated RSA key component into the established RSA context from
157   the user-specified nonnegative integer (octet string format represented in RSA
158   PKCS#1).
159 
160   If RsaContext is NULL, then return FALSE.
161 
162   @param[in, out]  RsaContext  Pointer to RSA context being set.
163   @param[in]       KeyTag      Tag of RSA key component being set.
164   @param[in]       BigNumber   Pointer to octet integer buffer.
165   @param[in]       BnLength    Length of big number buffer in bytes.
166 
167   @return  TRUE   RSA key component was set successfully.
168   @return  FALSE  Invalid RSA key component tag.
169 
170 **/
171 BOOLEAN
172 EFIAPI
RuntimeCryptRsaSetKey(IN OUT VOID * RsaContext,IN RSA_KEY_TAG KeyTag,IN CONST UINT8 * BigNumber,IN UINTN BnLength)173 RuntimeCryptRsaSetKey (
174   IN OUT VOID         *RsaContext,
175   IN     RSA_KEY_TAG  KeyTag,
176   IN     CONST UINT8  *BigNumber,
177   IN     UINTN        BnLength
178   )
179 {
180   return RsaSetKey (RsaContext, KeyTag, BigNumber, BnLength);
181 }
182 
183 /**
184   Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
185   RSA PKCS#1.
186 
187   If RsaContext is NULL, then return FALSE.
188   If MessageHash is NULL, then return FALSE.
189   If Signature is NULL, then return FALSE.
190   If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, return FALSE.
191 
192   @param[in]  RsaContext   Pointer to RSA context for signature verification.
193   @param[in]  MessageHash  Pointer to octet message hash to be checked.
194   @param[in]  HashLength   Length of the message hash in bytes.
195   @param[in]  Signature    Pointer to RSA PKCS1-v1_5 signature to be verified.
196   @param[in]  SigLength    Length of signature in bytes.
197 
198   @return  TRUE   Valid signature encoded in PKCS1-v1_5.
199   @return  FALSE  Invalid signature or invalid RSA context.
200 
201 **/
202 BOOLEAN
203 EFIAPI
RuntimeCryptRsaPkcs1Verify(IN VOID * RsaContext,IN CONST UINT8 * MessageHash,IN UINTN HashLength,IN CONST UINT8 * Signature,IN UINTN SigLength)204 RuntimeCryptRsaPkcs1Verify (
205   IN  VOID         *RsaContext,
206   IN  CONST UINT8  *MessageHash,
207   IN  UINTN        HashLength,
208   IN  CONST UINT8  *Signature,
209   IN  UINTN        SigLength
210   )
211 {
212   return RsaPkcs1Verify (RsaContext, MessageHash, HashLength, Signature, SigLength);
213 }
214 
215 /**
216   Entry Point for Runtime Cryptographic Driver.
217 
218   This function installs Runtime Crypt Protocol.
219 
220   @param ImageHandle     Image handle of this driver.
221   @param SystemTable     a Pointer to the EFI System Table.
222 
223   @retval  EFI_SUCEESS  Runtime Crypt Protocol is successfully installed
224   @return  Others       Some error occurs when installing Runtime Crypt Protocol.
225 
226 **/
227 EFI_STATUS
228 EFIAPI
CryptRuntimeDriverInitialize(IN EFI_HANDLE ImageHandle,IN EFI_SYSTEM_TABLE * SystemTable)229 CryptRuntimeDriverInitialize (
230   IN EFI_HANDLE                            ImageHandle,
231   IN EFI_SYSTEM_TABLE                      *SystemTable
232   )
233 {
234   EFI_STATUS  Status;
235 
236   //
237   // Install the Runtime Crypt Protocol onto a new handle
238   //
239   Status = gBS->InstallMultipleProtocolInterfaces (
240                   &mRuntimeCryptHandle,
241                   &gEfiRuntimeCryptProtocolGuid,
242                   &mRuntimeCryptProtocol,
243                   NULL
244                   );
245   ASSERT_EFI_ERROR (Status);
246 
247   return Status;
248 }
249