IN UINTN SigSize\r
);\r
\r
+/**\r
+ Carries out the RSA-SSA signature generation with EMSA-PSS encoding scheme.\r
+\r
+ This function carries out the RSA-SSA signature generation with EMSA-PSS encoding scheme defined in\r
+ RFC 8017.\r
+ Mask generation function is the same as the message digest algorithm.\r
+ If the Signature buffer is too small to hold the contents of signature, FALSE\r
+ is returned and SigSize is set to the required buffer size to obtain the signature.\r
+\r
+ If RsaContext is NULL, then return FALSE.\r
+ If Message is NULL, then return FALSE.\r
+ If MsgSize is zero or > INT_MAX, then return FALSE.\r
+ If DigestLen is NOT 32, 48 or 64, return FALSE.\r
+ If SaltLen is < DigestLen, then return FALSE.\r
+ If SigSize is large enough but Signature is NULL, then return FALSE.\r
+ If this interface is not supported, then return FALSE.\r
+\r
+ @param[in] RsaContext Pointer to RSA context for signature generation.\r
+ @param[in] Message Pointer to octet message to be signed.\r
+ @param[in] MsgSize Size of the message in bytes.\r
+ @param[in] DigestLen Length of the digest in bytes to be used for RSA signature operation.\r
+ @param[in] SaltLen Length of the salt in bytes to be used for PSS encoding.\r
+ @param[out] Signature Pointer to buffer to receive RSA PSS signature.\r
+ @param[in, out] SigSize On input, the size of Signature buffer in bytes.\r
+ On output, the size of data returned in Signature buffer in bytes.\r
+\r
+ @retval TRUE Signature successfully generated in RSASSA-PSS.\r
+ @retval FALSE Signature generation failed.\r
+ @retval FALSE SigSize is too small.\r
+ @retval FALSE This interface is not supported.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+RsaPssSign (\r
+ IN VOID *RsaContext,\r
+ IN CONST UINT8 *Message,\r
+ IN UINTN MsgSize,\r
+ IN UINT16 DigestLen,\r
+ IN UINT16 SaltLen,\r
+ OUT UINT8 *Signature,\r
+ IN OUT UINTN *SigSize\r
+ );\r
+\r
+/**\r
+ Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC 8017.\r
+ Implementation determines salt length automatically from the signature encoding.\r
+ Mask generation function is the same as the message digest algorithm.\r
+ Salt length should atleast be equal to digest length.\r
+\r
+ @param[in] RsaContext Pointer to RSA context for signature verification.\r
+ @param[in] Message Pointer to octet message to be verified.\r
+ @param[in] MsgSize Size of the message in bytes.\r
+ @param[in] Signature Pointer to RSASSA-PSS signature to be verified.\r
+ @param[in] SigSize Size of signature in bytes.\r
+ @param[in] DigestLen Length of digest for RSA operation.\r
+ @param[in] SaltLen Salt length for PSS encoding.\r
+\r
+ @retval TRUE Valid signature encoded in RSASSA-PSS.\r
+ @retval FALSE Invalid signature or invalid RSA context.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+RsaPssVerify (\r
+ IN VOID *RsaContext,\r
+ IN CONST UINT8 *Message,\r
+ IN UINTN MsgSize,\r
+ IN CONST UINT8 *Signature,\r
+ IN UINTN SigSize,\r
+ IN UINT16 DigestLen,\r
+ IN UINT16 SaltLen\r
+ );\r
+\r
/**\r
Retrieve the RSA Private Key from the password-protected PEM key data.\r
\r