CryptoPkg/CryptRuntimeDxe/CryptRuntime.c

   1 /** @file
   2   Runtime Cryptographic Driver Implementation, which produce one crypto
   3   protocol.
   4
   5 Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
   6 This program and the accompanying materials
   7 are licensed and made available under the terms and conditions of the BSD License
   8 which accompanies this distribution.  The full text of the license may be found at
   9 http://opensource.org/licenses/bsd-license.php
  10
  11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  13
  14 **/
  15
  16 #include "CryptRuntime.h"
  17
  18 //
  19 // The handle onto which the Runtime Crypt Protocol instance is installed
  20 //
  21 EFI_HANDLE  mRuntimeCryptHandle = NULL;
  22
  23 //
  24 // The Runtime Crypt Protocol instance produced by this driver
  25 //
  26 EFI_RUNTIME_CRYPT_PROTOCOL  mRuntimeCryptProtocol = {
  27   RuntimeCryptSha256GetContextSize,
  28   RuntimeCryptSha256Init,
  29   RuntimeCryptSha256Update,
  30   RuntimeCryptSha256Final,
  31   RuntimeCryptRsaNew,
  32   RuntimeCryptRsaFree,
  33   RuntimeCryptRsaSetKey,
  34   RuntimeCryptRsaPkcs1Verify
  35 };
  36
  37 /**
  38   Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
  39
  40   @return  The size, in bytes, of the context buffer required for SHA-256 operations.
  41
  42 **/
  43 UINTN
  44 EFIAPI
  45 RuntimeCryptSha256GetContextSize (
  46   VOID
  47   )
  48 {
  49   return Sha256GetContextSize ();
  50 }
  51
  52 /**
  53   Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
  54   subsequent use.
  55
  56   If Sha256Context is NULL, then ASSERT().
  57
  58   @param[in, out]  Sha256Context  Pointer to SHA-256 Context being initialized.
  59
  60   @retval TRUE   SHA-256 context initialization succeeded.
  61   @retval FALSE  SHA-256 context initialization failed.
  62
  63 **/
  64 BOOLEAN
  65 EFIAPI
  66 RuntimeCryptSha256Init (
  67   IN OUT  VOID  *Sha256Context
  68   )
  69 {
  70   return Sha256Init (Sha256Context);
  71 }
  72
  73 /**
  74   Performs SHA-256 digest on a data buffer of the specified length. This function can
  75   be called multiple times to compute the digest of long or discontinuous data streams.
  76
  77   If Sha256Context is NULL, then ASSERT().
  78
  79   @param[in, out]  Sha256Context  Pointer to the SHA-256 context.
  80   @param[in]       Data           Pointer to the buffer containing the data to be hashed.
  81   @param[in]       DataLength     Length of Data buffer in bytes.
  82
  83   @retval TRUE   SHA-256 data digest succeeded.
  84   @retval FALSE  Invalid SHA-256 context. After Sha256Final function has been called, the
  85                  SHA-256 context cannot be reused.
  86
  87 **/
  88 BOOLEAN
  89 EFIAPI
  90 RuntimeCryptSha256Update (
  91   IN OUT  VOID        *Sha256Context,
  92   IN      CONST VOID  *Data,
  93   IN      UINTN       DataLength
  94   )
  95 {
  96   return Sha256Update (Sha256Context, Data, DataLength);
  97 }
  98
  99 /**
 100   Completes SHA-256 hash computation and retrieves the digest value into the specified
 101   memory. After this function has been called, the SHA-256 context cannot be used again.
 102
 103   If Sha256Context is NULL, then ASSERT().
 104   If HashValue is NULL, then ASSERT().
 105
 106   @param[in, out]  Sha256Context  Pointer to SHA-256 context
 107   @param[out]      HashValue      Pointer to a buffer that receives the SHA-256 digest
 108                                   value (32 bytes).
 109
 110   @retval TRUE   SHA-256 digest computation succeeded.
 111   @retval FALSE  SHA-256 digest computation failed.
 112
 113 **/
 114 BOOLEAN
 115 EFIAPI
 116 RuntimeCryptSha256Final (
 117   IN OUT  VOID   *Sha256Context,
 118   OUT     UINT8  *HashValue
 119   )
 120 {
 121   return Sha256Final (Sha256Context, HashValue);
 122 }
 123
 124 /**
 125   Allocates and Initializes one RSA Context for subsequent use.
 126
 127   @return  Pointer to the RSA Context that has been initialized.
 128            If the allocations fails, RsaNew() returns NULL.
 129
 130 **/
 131 VOID *
 132 EFIAPI
 133 RuntimeCryptRsaNew (
 134   VOID
 135   )
 136 {
 137   return RsaNew ();
 138 }
 139
 140 /**
 141   Release the specified RSA Context.
 142
 143   @param[in]  RsaContext  Pointer to the RSA context to be released.
 144
 145 **/
 146 VOID
 147 EFIAPI
 148 RuntimeCryptRsaFree (
 149   IN  VOID  *RsaContext
 150   )
 151 {
 152   RsaFree (RsaContext);
 153 }
 154
 155 /**
 156   Sets the tag-designated RSA key component into the established RSA context from
 157   the user-specified nonnegative integer (octet string format represented in RSA
 158   PKCS#1).
 159
 160   If RsaContext is NULL, then ASSERT().
 161
 162   @param[in, out]  RsaContext  Pointer to RSA context being set.
 163   @param[in]       KeyTag      Tag of RSA key component being set.
 164   @param[in]       BigNumber   Pointer to octet integer buffer.
 165   @param[in]       BnLength    Length of big number buffer in bytes.
 166
 167   @return  TRUE   RSA key component was set successfully.
 168   @return  FALSE  Invalid RSA key component tag.
 169
 170 **/
 171 BOOLEAN
 172 EFIAPI
 173 RuntimeCryptRsaSetKey (
 174   IN OUT VOID         *RsaContext,
 175   IN     RSA_KEY_TAG  KeyTag,
 176   IN     CONST UINT8  *BigNumber,
 177   IN     UINTN        BnLength
 178   )
 179 {
 180   return RsaSetKey (RsaContext, KeyTag, BigNumber, BnLength);
 181 }
 182
 183 /**
 184   Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
 185   RSA PKCS#1.
 186
 187   If RsaContext is NULL, then ASSERT().
 188   If MessageHash is NULL, then ASSERT().
 189   If Signature is NULL, then ASSERT().
 190   If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
 191
 192   @param[in]  RsaContext   Pointer to RSA context for signature verification.
 193   @param[in]  MessageHash  Pointer to octet message hash to be checked.
 194   @param[in]  HashLength   Length of the message hash in bytes.
 195   @param[in]  Signature    Pointer to RSA PKCS1-v1_5 signature to be verified.
 196   @param[in]  SigLength    Length of signature in bytes.
 197
 198   @return  TRUE   Valid signature encoded in PKCS1-v1_5.
 199   @return  FALSE  Invalid signature or invalid RSA context.
 200
 201 **/
 202 BOOLEAN
 203 EFIAPI
 204 RuntimeCryptRsaPkcs1Verify (
 205   IN  VOID         *RsaContext,
 206   IN  CONST UINT8  *MessageHash,
 207   IN  UINTN        HashLength,
 208   IN  UINT8        *Signature,
 209   IN  UINTN        SigLength
 210   )
 211 {
 212   return RsaPkcs1Verify (RsaContext, MessageHash, HashLength, Signature, SigLength);
 213 }
 214
 215 /**
 216   Entry Point for Runtime Cryptographic Driver.
 217
 218   This function installs Runtime Crypt Protocol.
 219
 220   @param ImageHandle     Image handle of this driver.
 221   @param SystemTable     a Pointer to the EFI System Table.
 222
 223   @retval  EFI_SUCEESS  Runtime Crypt Protocol is successfully installed
 224   @return  Others       Some error occurs when installing Runtime Crypt Protocol.
 225
 226 **/
 227 EFI_STATUS
 228 EFIAPI
 229 CryptRuntimeDriverInitialize (
 230   IN EFI_HANDLE                            ImageHandle,
 231   IN EFI_SYSTEM_TABLE                      *SystemTable
 232   )
 233 {
 234   EFI_STATUS  Status;
 235
 236   //
 237   // Install the Runtime Crypt Protocol onto a new handle
 238   //
 239   Status = gBS->InstallMultipleProtocolInterfaces (
 240                   &mRuntimeCryptHandle,
 241                   &gEfiRuntimeCryptProtocolGuid,
 242                   &mRuntimeCryptProtocol,
 243                   NULL
 244                   );
 245   ASSERT_EFI_ERROR (Status);
 246
 247   return Status;
 248 }