]>
Commit | Line | Data |
---|---|---|
97f98500 HT |
1 | /** @file\r |
2 | The runtime cryptographic protocol.\r | |
3 | Only limited crypto primitives (SHA-256 and RSA) are provided for runtime\r | |
4 | authenticated variable service.\r | |
5 | \r | |
16d2c32c | 6 | Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>\r |
97f98500 HT |
7 | This program and the accompanying materials\r |
8 | are licensed and made available under the terms and conditions of the BSD License\r | |
9 | which accompanies this distribution. The full text of the license may be found at\r | |
10 | http://opensource.org/licenses/bsd-license.php\r | |
11 | \r | |
12 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
13 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
14 | \r | |
15 | **/\r | |
16 | \r | |
17 | #ifndef __EFI_RUNTIME_CRYPT_PROTOCOL_H__\r | |
18 | #define __EFI_RUNTIME_CRYPT_PROTOCOL_H__\r | |
19 | \r | |
20 | #include <Library/BaseCryptLib.h>\r | |
21 | \r | |
22 | ///\r | |
23 | /// Runtime Cryptographic Protocol GUID.\r | |
24 | ///\r | |
25 | #define EFI_RUNTIME_CRYPT_PROTOCOL_GUID \\r | |
26 | { \\r | |
27 | 0xe1475e0c, 0x1746, 0x4802, { 0x86, 0x2e, 0x1, 0x1c, 0x2c, 0x2d, 0x9d, 0x86 } \\r | |
28 | }\r | |
29 | \r | |
30 | /**\r | |
31 | Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.\r | |
32 | \r | |
33 | @return The size, in bytes, of the context buffer required for SHA-256 operations.\r | |
34 | \r | |
35 | **/\r | |
36 | typedef\r | |
37 | UINTN\r | |
38 | (EFIAPI *EFI_RUNTIME_CRYPT_SHA256_GET_CONTEXT_SIZE) (\r | |
39 | VOID\r | |
40 | );\r | |
41 | \r | |
42 | \r | |
43 | /**\r | |
44 | Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for\r | |
45 | subsequent use.\r | |
46 | \r | |
16d2c32c | 47 | If Sha256Context is NULL, then return FALSE.\r |
97f98500 HT |
48 | \r |
49 | @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.\r | |
50 | \r | |
51 | @retval TRUE SHA-256 context initialization succeeded.\r | |
52 | @retval FALSE SHA-256 context initialization failed.\r | |
53 | \r | |
54 | **/\r | |
55 | typedef\r | |
56 | BOOLEAN\r | |
57 | (EFIAPI *EFI_RUNTIME_CRYPT_SHA256_INIT) (\r | |
58 | IN OUT VOID *Sha256Context\r | |
59 | );\r | |
60 | \r | |
61 | \r | |
62 | /**\r | |
63 | Performs SHA-256 digest on a data buffer of the specified length. This function can\r | |
64 | be called multiple times to compute the digest of long or discontinuous data streams.\r | |
65 | \r | |
16d2c32c | 66 | If Sha256Context is NULL, then return FALSE.\r |
97f98500 HT |
67 | \r |
68 | @param[in, out] Sha256Context Pointer to the SHA-256 context.\r | |
69 | @param[in] Data Pointer to the buffer containing the data to be hashed.\r | |
70 | @param[in] DataLength Length of Data buffer in bytes.\r | |
71 | \r | |
72 | @retval TRUE SHA-256 data digest succeeded.\r | |
73 | @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the\r | |
74 | SHA-256 context cannot be reused.\r | |
75 | \r | |
76 | **/\r | |
77 | typedef\r | |
78 | BOOLEAN\r | |
79 | (EFIAPI *EFI_RUNTIME_CRYPT_SHA256_UPDATE) (\r | |
80 | IN OUT VOID *Sha256Context,\r | |
81 | IN CONST VOID *Data,\r | |
82 | IN UINTN DataLength\r | |
83 | );\r | |
84 | \r | |
85 | \r | |
86 | /**\r | |
87 | Completes SHA-256 hash computation and retrieves the digest value into the specified\r | |
88 | memory. After this function has been called, the SHA-256 context cannot be used again.\r | |
89 | \r | |
16d2c32c | 90 | If Sha256Context is NULL, then return FALSE.\r |
91 | If HashValue is NULL, then return FALSE.\r | |
97f98500 HT |
92 | \r |
93 | @param[in, out] Sha256Context Pointer to SHA-256 context\r | |
94 | @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest\r | |
95 | value (32 bytes).\r | |
96 | \r | |
97 | @retval TRUE SHA-256 digest computation succeeded.\r | |
98 | @retval FALSE SHA-256 digest computation failed.\r | |
99 | \r | |
100 | **/\r | |
101 | typedef\r | |
102 | BOOLEAN\r | |
103 | (EFIAPI *EFI_RUNTIME_CRYPT_SHA256_FINAL) (\r | |
104 | IN OUT VOID *Sha256Context,\r | |
105 | OUT UINT8 *HashValue\r | |
106 | );\r | |
107 | \r | |
108 | \r | |
109 | /**\r | |
110 | Allocates and Initializes one RSA Context for subsequent use.\r | |
111 | \r | |
112 | @return Pointer to the RSA Context that has been initialized.\r | |
113 | If the allocations fails, RsaNew() returns NULL.\r | |
114 | \r | |
115 | **/\r | |
116 | typedef\r | |
117 | VOID *\r | |
118 | (EFIAPI *EFI_RUNTIME_CRYPT_RSA_NEW) (\r | |
119 | VOID\r | |
120 | );\r | |
121 | \r | |
122 | /**\r | |
123 | Release the specified RSA Context.\r | |
124 | \r | |
125 | @param[in] RsaContext Pointer to the RSA context to be released.\r | |
126 | \r | |
127 | **/\r | |
128 | typedef\r | |
129 | VOID\r | |
130 | (EFIAPI *EFI_RUNTIME_CRYPT_RSA_FREE) (\r | |
131 | IN VOID *RsaContext\r | |
132 | );\r | |
133 | \r | |
134 | /**\r | |
135 | Sets the tag-designated RSA key component into the established RSA context from\r | |
136 | the user-specified nonnegative integer (octet string format represented in RSA\r | |
137 | PKCS#1).\r | |
138 | \r | |
16d2c32c | 139 | If RsaContext is NULL, then return FALSE.\r |
97f98500 HT |
140 | \r |
141 | @param[in, out] RsaContext Pointer to RSA context being set.\r | |
142 | @param[in] KeyTag Tag of RSA key component being set.\r | |
143 | @param[in] BigNumber Pointer to octet integer buffer.\r | |
144 | @param[in] BnLength Length of big number buffer in bytes.\r | |
145 | \r | |
146 | @return TRUE RSA key component was set successfully.\r | |
147 | @return FALSE Invalid RSA key component tag.\r | |
148 | \r | |
149 | **/\r | |
150 | typedef\r | |
151 | BOOLEAN\r | |
152 | (EFIAPI *EFI_RUNTIME_CRYPT_RSA_SET_KEY) (\r | |
153 | IN OUT VOID *RsaContext,\r | |
154 | IN RSA_KEY_TAG KeyTag,\r | |
155 | IN CONST UINT8 *BigNumber,\r | |
156 | IN UINTN BnLength\r | |
157 | );\r | |
158 | \r | |
159 | /**\r | |
160 | Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in\r | |
161 | RSA PKCS#1.\r | |
162 | \r | |
16d2c32c | 163 | If RsaContext is NULL, then return FALSE.\r |
164 | If MessageHash is NULL, then return FALSE.\r | |
165 | If Signature is NULL, then return FALSE.\r | |
166 | If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then return FALSE.\r | |
97f98500 HT |
167 | \r |
168 | @param[in] RsaContext Pointer to RSA context for signature verification.\r | |
169 | @param[in] MessageHash Pointer to octet message hash to be checked.\r | |
170 | @param[in] HashLength Length of the message hash in bytes.\r | |
171 | @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.\r | |
172 | @param[in] SigLength Length of signature in bytes.\r | |
173 | \r | |
174 | @return TRUE Valid signature encoded in PKCS1-v1_5.\r | |
175 | @return FALSE Invalid signature or invalid RSA context.\r | |
176 | \r | |
177 | **/\r | |
178 | typedef\r | |
179 | BOOLEAN\r | |
180 | (EFIAPI *EFI_RUNTIME_CRYPT_RSA_PKCS1_VERIFY) (\r | |
181 | IN VOID *RsaContext,\r | |
182 | IN CONST UINT8 *MessageHash,\r | |
183 | IN UINTN HashLength,\r | |
8c5720b4 | 184 | IN CONST UINT8 *Signature,\r |
97f98500 HT |
185 | IN UINTN SigLength\r |
186 | );\r | |
187 | \r | |
188 | ///\r | |
189 | /// Runtime Cryptographic Protocol Structure.\r | |
190 | ///\r | |
191 | typedef struct {\r | |
192 | EFI_RUNTIME_CRYPT_SHA256_GET_CONTEXT_SIZE Sha256GetContextSize;\r | |
193 | EFI_RUNTIME_CRYPT_SHA256_INIT Sha256Init;\r | |
194 | EFI_RUNTIME_CRYPT_SHA256_UPDATE Sha256Update;\r | |
195 | EFI_RUNTIME_CRYPT_SHA256_FINAL Sha256Final;\r | |
196 | EFI_RUNTIME_CRYPT_RSA_NEW RsaNew;\r | |
197 | EFI_RUNTIME_CRYPT_RSA_FREE RsaFree;\r | |
198 | EFI_RUNTIME_CRYPT_RSA_SET_KEY RsaSetKey;\r | |
199 | EFI_RUNTIME_CRYPT_RSA_PKCS1_VERIFY RsaPkcs1Verify;\r | |
200 | } EFI_RUNTIME_CRYPT_PROTOCOL;\r | |
201 | \r | |
202 | extern EFI_GUID gEfiRuntimeCryptProtocolGuid;\r | |
203 | \r | |
204 | #endif\r |