\r
return Status;\r
}\r
+\r
+/**\r
+ Retrieve the EC Private Key from the password-protected PEM key data.\r
+\r
+ @param[in] PemData Pointer to the PEM-encoded key data to be retrieved.\r
+ @param[in] PemSize Size of the PEM key data in bytes.\r
+ @param[in] Password NULL-terminated passphrase used for encrypted PEM key data.\r
+ @param[out] EcContext Pointer to new-generated EC DSA context which contain the retrieved\r
+ EC private key component. Use EcFree() function to free the\r
+ resource.\r
+\r
+ If PemData is NULL, then return FALSE.\r
+ If EcContext is NULL, then return FALSE.\r
+\r
+ @retval TRUE EC Private Key was retrieved successfully.\r
+ @retval FALSE Invalid PEM key data or incorrect password.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+EcGetPrivateKeyFromPem (\r
+ IN CONST UINT8 *PemData,\r
+ IN UINTN PemSize,\r
+ IN CONST CHAR8 *Password,\r
+ OUT VOID **EcContext\r
+ )\r
+{\r
+ #if FixedPcdGetBool (PcdOpensslEcEnabled)\r
+ BOOLEAN Status;\r
+ BIO *PemBio;\r
+\r
+ //\r
+ // Check input parameters.\r
+ //\r
+ if ((PemData == NULL) || (EcContext == NULL) || (PemSize > INT_MAX)) {\r
+ return FALSE;\r
+ }\r
+\r
+ //\r
+ // Add possible block-cipher descriptor for PEM data decryption.\r
+ // NOTE: Only support most popular ciphers AES for the encrypted PEM.\r
+ //\r
+ if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) {\r
+ return FALSE;\r
+ }\r
+\r
+ if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) {\r
+ return FALSE;\r
+ }\r
+\r
+ if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) {\r
+ return FALSE;\r
+ }\r
+\r
+ Status = FALSE;\r
+\r
+ //\r
+ // Read encrypted PEM Data.\r
+ //\r
+ PemBio = BIO_new (BIO_s_mem ());\r
+ if (PemBio == NULL) {\r
+ goto _Exit;\r
+ }\r
+\r
+ if (BIO_write (PemBio, PemData, (int)PemSize) <= 0) {\r
+ goto _Exit;\r
+ }\r
+\r
+ //\r
+ // Retrieve EC Private Key from encrypted PEM data.\r
+ //\r
+ *EcContext = PEM_read_bio_ECPrivateKey (PemBio, NULL, (pem_password_cb *)&PasswordCallback, (void *)Password);\r
+ if (*EcContext != NULL) {\r
+ Status = TRUE;\r
+ }\r
+\r
+_Exit:\r
+ //\r
+ // Release Resources.\r
+ //\r
+ BIO_free (PemBio);\r
+\r
+ return Status;\r
+ #else\r
+ return FALSE;\r
+ #endif\r
+}\r