1 /** @file 2 Header file of Runtime Cryptographic Driver. 3 4 Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR> 5 This program and the accompanying materials 6 are licensed and made available under the terms and conditions of the BSD License 7 which accompanies this distribution. The full text of the license may be found at 8 http://opensource.org/licenses/bsd-license.php 9 10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 12 13 **/ 14 15 #ifndef _CRYPT_RUNTIME_H_ 16 #define _CRYPT_RUNTIME_H_ 17 18 #include <Uefi.h> 19 20 #include <Protocol/RuntimeCrypt.h> 21 22 #include <Library/DebugLib.h> 23 #include <Library/UefiDriverEntryPoint.h> 24 #include <Library/UefiBootServicesTableLib.h> 25 #include <Library/BaseCryptLib.h> 26 27 /** 28 Retrieves the size, in bytes, of the context buffer required for SHA-256 operations. 29 30 @return The size, in bytes, of the context buffer required for SHA-256 operations. 31 32 **/ 33 UINTN 34 EFIAPI 35 RuntimeCryptSha256GetContextSize ( 36 VOID 37 ); 38 39 40 /** 41 Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for 42 subsequent use. 43 44 If Sha256Context is NULL, then return FALSE. 45 46 @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized. 47 48 @retval TRUE SHA-256 context initialization succeeded. 49 @retval FALSE SHA-256 context initialization failed. 50 51 **/ 52 BOOLEAN 53 EFIAPI 54 RuntimeCryptSha256Init ( 55 IN OUT VOID *Sha256Context 56 ); 57 58 59 /** 60 Performs SHA-256 digest on a data buffer of the specified length. This function can 61 be called multiple times to compute the digest of long or discontinuous data streams. 62 63 If Sha256Context is NULL, then return FALSE. 64 65 @param[in, out] Sha256Context Pointer to the SHA-256 context. 66 @param[in] Data Pointer to the buffer containing the data to be hashed. 67 @param[in] DataLength Length of Data buffer in bytes. 68 69 @retval TRUE SHA-256 data digest succeeded. 70 @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the 71 SHA-256 context cannot be reused. 72 73 **/ 74 BOOLEAN 75 EFIAPI 76 RuntimeCryptSha256Update ( 77 IN OUT VOID *Sha256Context, 78 IN CONST VOID *Data, 79 IN UINTN DataLength 80 ); 81 82 83 /** 84 Completes SHA-256 hash computation and retrieves the digest value into the specified 85 memory. After this function has been called, the SHA-256 context cannot be used again. 86 87 If Sha256Context is NULL, then return FALSE. 88 If HashValue is NULL, then return FALSE. 89 90 @param[in, out] Sha256Context Pointer to SHA-256 context 91 @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest 92 value (32 bytes). 93 94 @retval TRUE SHA-256 digest computation succeeded. 95 @retval FALSE SHA-256 digest computation failed. 96 97 **/ 98 BOOLEAN 99 EFIAPI 100 RuntimeCryptSha256Final ( 101 IN OUT VOID *Sha256Context, 102 OUT UINT8 *HashValue 103 ); 104 105 /** 106 Allocates and Initializes one RSA Context for subsequent use. 107 108 @return Pointer to the RSA Context that has been initialized. 109 If the allocations fails, RsaNew() returns NULL. 110 111 **/ 112 VOID * 113 EFIAPI 114 RuntimeCryptRsaNew ( 115 VOID 116 ); 117 118 119 /** 120 Release the specified RSA Context. 121 122 @param[in] RsaContext Pointer to the RSA context to be released. 123 124 **/ 125 VOID 126 EFIAPI 127 RuntimeCryptRsaFree ( 128 IN VOID *RsaContext 129 ); 130 131 /** 132 Sets the tag-designated RSA key component into the established RSA context from 133 the user-specified nonnegative integer (octet string format represented in RSA 134 PKCS#1). 135 136 If RsaContext is NULL, then return FALSE. 137 138 @param[in, out] RsaContext Pointer to RSA context being set. 139 @param[in] KeyTag Tag of RSA key component being set. 140 @param[in] BigNumber Pointer to octet integer buffer. 141 @param[in] BnLength Length of big number buffer in bytes. 142 143 @return TRUE RSA key component was set successfully. 144 @return FALSE Invalid RSA key component tag. 145 146 **/ 147 BOOLEAN 148 EFIAPI 149 RuntimeCryptRsaSetKey ( 150 IN OUT VOID *RsaContext, 151 IN RSA_KEY_TAG KeyTag, 152 IN CONST UINT8 *BigNumber, 153 IN UINTN BnLength 154 ); 155 156 157 /** 158 Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in 159 RSA PKCS#1. 160 161 If RsaContext is NULL, then return FALSE. 162 If MessageHash is NULL, then return FALSE. 163 If Signature is NULL, then return FALSE. 164 If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, return FALSE. 165 166 @param[in] RsaContext Pointer to RSA context for signature verification. 167 @param[in] MessageHash Pointer to octet message hash to be checked. 168 @param[in] HashLength Length of the message hash in bytes. 169 @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified. 170 @param[in] SigLength Length of signature in bytes. 171 172 @return TRUE Valid signature encoded in PKCS1-v1_5. 173 @return FALSE Invalid signature or invalid RSA context. 174 175 **/ 176 BOOLEAN 177 EFIAPI 178 RuntimeCryptRsaPkcs1Verify ( 179 IN VOID *RsaContext, 180 IN CONST UINT8 *MessageHash, 181 IN UINTN HashLength, 182 IN CONST UINT8 *Signature, 183 IN UINTN SigLength 184 ); 185 186 #endif 187