summaryrefslogtreecommitdiffstats
path: root/CryptoPkg/CryptRuntimeDxe
diff options
context:
space:
mode:
authorhhtian <hhtian@6f19259b-4bc3-4df7-8a09-765794883524>2010-11-01 06:30:58 +0000
committerhhtian <hhtian@6f19259b-4bc3-4df7-8a09-765794883524>2010-11-01 06:30:58 +0000
commit97f98500c1d40eba76210961e90ea5d354bcbc18 (patch)
tree88513b4a041208d992929db5703a4312a0497a3b /CryptoPkg/CryptRuntimeDxe
parenta3bcde70e6dc69000f85cc5deee98101d2ae200a (diff)
downloadedk2-97f98500c1d40eba76210961e90ea5d354bcbc18.tar.gz
edk2-97f98500c1d40eba76210961e90ea5d354bcbc18.tar.bz2
edk2-97f98500c1d40eba76210961e90ea5d354bcbc18.zip
Add CryptoPkg (from UDK2010.UP3)
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10987 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'CryptoPkg/CryptRuntimeDxe')
-rw-r--r--CryptoPkg/CryptRuntimeDxe/CryptRuntime.c248
-rw-r--r--CryptoPkg/CryptRuntimeDxe/CryptRuntime.h186
-rw-r--r--CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf49
3 files changed, 483 insertions, 0 deletions
diff --git a/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c
new file mode 100644
index 0000000000..ff20da49e9
--- /dev/null
+++ b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.c
@@ -0,0 +1,248 @@
+/** @file
+ Runtime Cryptographic Driver Implementation, which produce one crypto
+ protocol.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "CryptRuntime.h"
+
+//
+// The handle onto which the Runtime Crypt Protocol instance is installed
+//
+EFI_HANDLE mRuntimeCryptHandle = NULL;
+
+//
+// The Runtime Crypt Protocol instance produced by this driver
+//
+EFI_RUNTIME_CRYPT_PROTOCOL mRuntimeCryptProtocol = {
+ RuntimeCryptSha256GetContextSize,
+ RuntimeCryptSha256Init,
+ RuntimeCryptSha256Update,
+ RuntimeCryptSha256Final,
+ RuntimeCryptRsaNew,
+ RuntimeCryptRsaFree,
+ RuntimeCryptRsaSetKey,
+ RuntimeCryptRsaPkcs1Verify
+};
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-256 operations.
+
+**/
+UINTN
+EFIAPI
+RuntimeCryptSha256GetContextSize (
+ VOID
+ )
+{
+ return Sha256GetContextSize ();
+}
+
+/**
+ Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
+ subsequent use.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
+
+ @retval TRUE SHA-256 context initialization succeeded.
+ @retval FALSE SHA-256 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Init (
+ IN OUT VOID *Sha256Context
+ )
+{
+ return Sha256Init (Sha256Context);
+}
+
+/**
+ Performs SHA-256 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to the SHA-256 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-256 data digest succeeded.
+ @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
+ SHA-256 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Update (
+ IN OUT VOID *Sha256Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ )
+{
+ return Sha256Update (Sha256Context, Data, DataLength);
+}
+
+/**
+ Completes SHA-256 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-256 context cannot be used again.
+
+ If Sha256Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
+ value (32 bytes).
+
+ @retval TRUE SHA-256 digest computation succeeded.
+ @retval FALSE SHA-256 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Final (
+ IN OUT VOID *Sha256Context,
+ OUT UINT8 *HashValue
+ )
+{
+ return Sha256Final (Sha256Context, HashValue);
+}
+
+/**
+ Allocates and Initializes one RSA Context for subsequent use.
+
+ @return Pointer to the RSA Context that has been initialized.
+ If the allocations fails, RsaNew() returns NULL.
+
+**/
+VOID *
+EFIAPI
+RuntimeCryptRsaNew (
+ VOID
+ )
+{
+ return RsaNew ();
+}
+
+/**
+ Release the specified RSA Context.
+
+ @param[in] RsaContext Pointer to the RSA context to be released.
+
+**/
+VOID
+EFIAPI
+RuntimeCryptRsaFree (
+ IN VOID *RsaContext
+ )
+{
+ RsaFree (RsaContext);
+}
+
+/**
+ Sets the tag-designated RSA key component into the established RSA context from
+ the user-specified nonnegative integer (octet string format represented in RSA
+ PKCS#1).
+
+ If RsaContext is NULL, then ASSERT().
+
+ @param[in, out] RsaContext Pointer to RSA context being set.
+ @param[in] KeyTag Tag of RSA key component being set.
+ @param[in] BigNumber Pointer to octet integer buffer.
+ @param[in] BnLength Length of big number buffer in bytes.
+
+ @return TRUE RSA key component was set successfully.
+ @return FALSE Invalid RSA key component tag.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptRsaSetKey (
+ IN OUT VOID *RsaContext,
+ IN RSA_KEY_TAG KeyTag,
+ IN CONST UINT8 *BigNumber,
+ IN UINTN BnLength
+ )
+{
+ return RsaSetKey (RsaContext, KeyTag, BigNumber, BnLength);
+}
+
+/**
+ Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
+ RSA PKCS#1.
+
+ If RsaContext is NULL, then ASSERT().
+ If MessageHash is NULL, then ASSERT().
+ If Signature is NULL, then ASSERT().
+ If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
+
+ @param[in] RsaContext Pointer to RSA context for signature verification.
+ @param[in] MessageHash Pointer to octet message hash to be checked.
+ @param[in] HashLength Length of the message hash in bytes.
+ @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
+ @param[in] SigLength Length of signature in bytes.
+
+ @return TRUE Valid signature encoded in PKCS1-v1_5.
+ @return FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptRsaPkcs1Verify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *MessageHash,
+ IN UINTN HashLength,
+ IN UINT8 *Signature,
+ IN UINTN SigLength
+ )
+{
+ return RsaPkcs1Verify (RsaContext, MessageHash, HashLength, Signature, SigLength);
+}
+
+/**
+ Entry Point for Runtime Cryptographic Driver.
+
+ This function installs Runtime Crypt Protocol.
+
+ @param ImageHandle Image handle of this driver.
+ @param SystemTable a Pointer to the EFI System Table.
+
+ @retval EFI_SUCEESS Runtime Crypt Protocol is successfully installed
+ @return Others Some error occurs when installing Runtime Crypt Protocol.
+
+**/
+EFI_STATUS
+EFIAPI
+CryptRuntimeDriverInitialize (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Install the Runtime Crypt Protocol onto a new handle
+ //
+ Status = gBS->InstallMultipleProtocolInterfaces (
+ &mRuntimeCryptHandle,
+ &gEfiRuntimeCryptProtocolGuid,
+ &mRuntimeCryptProtocol,
+ NULL
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ return Status;
+}
diff --git a/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h
new file mode 100644
index 0000000000..312d7b49e1
--- /dev/null
+++ b/CryptoPkg/CryptRuntimeDxe/CryptRuntime.h
@@ -0,0 +1,186 @@
+/** @file
+ Header file of Runtime Cryptographic Driver.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _CRYPT_RUNTIME_H_
+#define _CRYPT_RUNTIME_H_
+
+#include <Uefi.h>
+
+#include <Protocol/RuntimeCrypt.h>
+
+#include <Library/DebugLib.h>
+#include <Library/UefiDriverEntryPoint.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/BaseCryptLib.h>
+
+/**
+ Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
+
+ @return The size, in bytes, of the context buffer required for SHA-256 operations.
+
+**/
+UINTN
+EFIAPI
+RuntimeCryptSha256GetContextSize (
+ VOID
+ );
+
+
+/**
+ Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
+ subsequent use.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 Context being initialized.
+
+ @retval TRUE SHA-256 context initialization succeeded.
+ @retval FALSE SHA-256 context initialization failed.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Init (
+ IN OUT VOID *Sha256Context
+ );
+
+
+/**
+ Performs SHA-256 digest on a data buffer of the specified length. This function can
+ be called multiple times to compute the digest of long or discontinuous data streams.
+
+ If Sha256Context is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to the SHA-256 context.
+ @param[in] Data Pointer to the buffer containing the data to be hashed.
+ @param[in] DataLength Length of Data buffer in bytes.
+
+ @retval TRUE SHA-256 data digest succeeded.
+ @retval FALSE Invalid SHA-256 context. After Sha256Final function has been called, the
+ SHA-256 context cannot be reused.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Update (
+ IN OUT VOID *Sha256Context,
+ IN CONST VOID *Data,
+ IN UINTN DataLength
+ );
+
+
+/**
+ Completes SHA-256 hash computation and retrieves the digest value into the specified
+ memory. After this function has been called, the SHA-256 context cannot be used again.
+
+ If Sha256Context is NULL, then ASSERT().
+ If HashValue is NULL, then ASSERT().
+
+ @param[in, out] Sha256Context Pointer to SHA-256 context
+ @param[out] HashValue Pointer to a buffer that receives the SHA-256 digest
+ value (32 bytes).
+
+ @retval TRUE SHA-256 digest computation succeeded.
+ @retval FALSE SHA-256 digest computation failed.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptSha256Final (
+ IN OUT VOID *Sha256Context,
+ OUT UINT8 *HashValue
+ );
+
+/**
+ Allocates and Initializes one RSA Context for subsequent use.
+
+ @return Pointer to the RSA Context that has been initialized.
+ If the allocations fails, RsaNew() returns NULL.
+
+**/
+VOID *
+EFIAPI
+RuntimeCryptRsaNew (
+ VOID
+ );
+
+
+/**
+ Release the specified RSA Context.
+
+ @param[in] RsaContext Pointer to the RSA context to be released.
+
+**/
+VOID
+EFIAPI
+RuntimeCryptRsaFree (
+ IN VOID *RsaContext
+ );
+
+/**
+ Sets the tag-designated RSA key component into the established RSA context from
+ the user-specified nonnegative integer (octet string format represented in RSA
+ PKCS#1).
+
+ If RsaContext is NULL, then ASSERT().
+
+ @param[in, out] RsaContext Pointer to RSA context being set.
+ @param[in] KeyTag Tag of RSA key component being set.
+ @param[in] BigNumber Pointer to octet integer buffer.
+ @param[in] BnLength Length of big number buffer in bytes.
+
+ @return TRUE RSA key component was set successfully.
+ @return FALSE Invalid RSA key component tag.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptRsaSetKey (
+ IN OUT VOID *RsaContext,
+ IN RSA_KEY_TAG KeyTag,
+ IN CONST UINT8 *BigNumber,
+ IN UINTN BnLength
+ );
+
+
+/**
+ Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
+ RSA PKCS#1.
+
+ If RsaContext is NULL, then ASSERT().
+ If MessageHash is NULL, then ASSERT().
+ If Signature is NULL, then ASSERT().
+ If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
+
+ @param[in] RsaContext Pointer to RSA context for signature verification.
+ @param[in] MessageHash Pointer to octet message hash to be checked.
+ @param[in] HashLength Length of the message hash in bytes.
+ @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
+ @param[in] SigLength Length of signature in bytes.
+
+ @return TRUE Valid signature encoded in PKCS1-v1_5.
+ @return FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RuntimeCryptRsaPkcs1Verify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *MessageHash,
+ IN UINTN HashLength,
+ IN UINT8 *Signature,
+ IN UINTN SigLength
+ );
+
+#endif
diff --git a/CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf b/CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf
new file mode 100644
index 0000000000..7625c40050
--- /dev/null
+++ b/CryptoPkg/CryptRuntimeDxe/CryptRuntimeDxe.inf
@@ -0,0 +1,49 @@
+## @file
+# Component description file for Cryptographic Runtime Driver.
+#
+# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = CryptRuntimeDxe
+ FILE_GUID = 858031F3-96A2-406E-ABCC-ED264A3A31D6
+ MODULE_TYPE = DXE_RUNTIME_DRIVER
+ VERSION_STRING = 1.0
+
+ ENTRY_POINT = CryptRuntimeDriverInitialize
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF
+#
+
+[Sources]
+ CryptRuntime.h
+ CryptRuntime.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ UefiDriverEntryPoint
+ UefiBootServicesTableLib
+ DebugLib
+ UefiRuntimeLib
+ BaseCryptLib
+
+[Protocols]
+ gEfiRuntimeCryptProtocolGuid ## PRODUCES
+
+[Depex]
+ TRUE