CryptoPkg: Add EC key retrieving and signature interface.

[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLibNull / Pk / CryptEcNull.c

diff --git a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c
index d9f1004f6ce7100681b5bb54ca5252ce144b0d63..1129fa76968a821a66d3d264308c3537112c4538 100644 (file)
--- a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c
+++ b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c
@@ -494,3 +494,85 @@ EcDhComputeKey (
   ASSERT (FALSE);\r
   return FALSE;\r
 }\r
+\r
+/**\r
+  Carries out the EC-DSA signature.\r
+\r
+  This function carries out the EC-DSA signature.\r
+  If the Signature buffer is too small to hold the contents of signature, FALSE\r
+  is returned and SigSize is set to the required buffer size to obtain the signature.\r
+\r
+  If EcContext is NULL, then return FALSE.\r
+  If MessageHash is NULL, then return FALSE.\r
+  If HashSize need match the HashNid. HashNid could be SHA256, SHA384, SHA512, SHA3_256, SHA3_384, SHA3_512.\r
+  If SigSize is large enough but Signature is NULL, then return FALSE.\r
+\r
+  For P-256, the SigSize is 64. First 32-byte is R, Second 32-byte is S.\r
+  For P-384, the SigSize is 96. First 48-byte is R, Second 48-byte is S.\r
+  For P-521, the SigSize is 132. First 66-byte is R, Second 66-byte is S.\r
+\r
+  @param[in]       EcContext    Pointer to EC context for signature generation.\r
+  @param[in]       HashNid      hash NID\r
+  @param[in]       MessageHash  Pointer to octet message hash to be signed.\r
+  @param[in]       HashSize     Size of the message hash in bytes.\r
+  @param[out]      Signature    Pointer to buffer to receive EC-DSA signature.\r
+  @param[in, out]  SigSize      On input, the size of Signature buffer in bytes.\r
+                                On output, the size of data returned in Signature buffer in bytes.\r
+\r
+  @retval  TRUE   Signature successfully generated in EC-DSA.\r
+  @retval  FALSE  Signature generation failed.\r
+  @retval  FALSE  SigSize is too small.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+EcDsaSign (\r
+  IN      VOID         *EcContext,\r
+  IN      UINTN        HashNid,\r
+  IN      CONST UINT8  *MessageHash,\r
+  IN      UINTN        HashSize,\r
+  OUT     UINT8        *Signature,\r
+  IN OUT  UINTN        *SigSize\r
+  )\r
+{\r
+  ASSERT (FALSE);\r
+  return FALSE;\r
+}\r
+\r
+/**\r
+  Verifies the EC-DSA signature.\r
+\r
+  If EcContext is NULL, then return FALSE.\r
+  If MessageHash is NULL, then return FALSE.\r
+  If Signature is NULL, then return FALSE.\r
+  If HashSize need match the HashNid. HashNid could be SHA256, SHA384, SHA512, SHA3_256, SHA3_384, SHA3_512.\r
+\r
+  For P-256, the SigSize is 64. First 32-byte is R, Second 32-byte is S.\r
+  For P-384, the SigSize is 96. First 48-byte is R, Second 48-byte is S.\r
+  For P-521, the SigSize is 132. First 66-byte is R, Second 66-byte is S.\r
+\r
+  @param[in]  EcContext    Pointer to EC context for signature verification.\r
+  @param[in]  HashNid      hash NID\r
+  @param[in]  MessageHash  Pointer to octet message hash to be checked.\r
+  @param[in]  HashSize     Size of the message hash in bytes.\r
+  @param[in]  Signature    Pointer to EC-DSA signature to be verified.\r
+  @param[in]  SigSize      Size of signature in bytes.\r
+\r
+  @retval  TRUE   Valid signature encoded in EC-DSA.\r
+  @retval  FALSE  Invalid signature or invalid EC context.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+EcDsaVerify (\r
+  IN  VOID         *EcContext,\r
+  IN  UINTN        HashNid,\r
+  IN  CONST UINT8  *MessageHash,\r
+  IN  UINTN        HashSize,\r
+  IN  CONST UINT8  *Signature,\r
+  IN  UINTN        SigSize\r
+  )\r
+{\r
+  ASSERT (FALSE);\r
+  return FALSE;\r
+}\r