1. Add new API supports for PEM & X509 key retrieving & verification;

2. Add new MD4 hash supports; 3. Add corresponding test case in Cryptest utility; 4. Fix MACRO definition issue in OpensslLib.inf and parameter checking issues in some wrapper implementations. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11214 6f19259b-4bc3-4df7-8a09-765794883524
author: qlong <qlong@6f19259b-4bc3-4df7-8a09-765794883524> 2010-12-31 07:22:48 +0000
committer: qlong <qlong@6f19259b-4bc3-4df7-8a09-765794883524> 2010-12-31 07:22:48 +0000
commit: 4a567c9690db97ecbf982e9428727f073bada504 (patch)
tree: 92682c435813f60c29afd83ad98d04ebc24903ac /CryptoPkg/Library/BaseCryptLib/Pem
parent: 2a6433fef2413df583db6399008c7e6716a8e243 (diff)
download: edk2-4a567c9690db97ecbf982e9428727f073bada504.tar.gz
edk2-4a567c9690db97ecbf982e9428727f073bada504.tar.bz2
edk2-4a567c9690db97ecbf982e9428727f073bada504.zip
1 files changed, 124 insertions, 0 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c
new file mode 100644
index 0000000000..e9de39a105
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c
@@ -0,0 +1,124 @@
+/** @file
+  PEM (Privacy Enhanced Mail) Format Handler Wrapper Implementation over OpenSSL.
+
+Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution.  The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "InternalCryptLib.h"
+#include <openssl/pem.h>
+
+/**
+  Callback function for password phrase conversion used for retrieving the encrypted PEM.
+
+  @param[out]  Buf      Pointer to the buffer to write the passphrase to.
+  @param[in]   Size     Maximum length of the passphrase (i.e. the size of Buf).
+  @param[in]   Flag     A flag which is set to 0 when reading and 1 when writing.
+  @param[in]   Key      Key data to be passed to the callback routine.
+
+  @retval  The number of characters in the passphrase or 0 if an error occurred.
+
+**/
+INTN
+PasswordCallback (
+  OUT  CHAR8  *Buf, 
+  IN   INTN   Size, 
+  IN   INTN   Flag, 
+  IN   VOID   *Key
+  )
+{
+  INTN  KeyLength;
+
+  ZeroMem ((VOID *)Buf, (UINTN)Size);
+  if (Key != NULL) {
+    //
+    // Duplicate key phrase directly.
+    //
+    KeyLength = AsciiStrLen ((CHAR8 *)Key);
+    KeyLength = (KeyLength > Size ) ? Size : KeyLength;
+    CopyMem (Buf, Key, KeyLength);
+    return KeyLength;
+  } else {
+    return 0;
+  }
+}
+
+/**
+  Retrieve the RSA Private Key from the password-protected PEM key data.
+
+  @param[in]  PemData      Pointer to the PEM-encoded key data to be retrieved.
+  @param[in]  PemSize      Size of the PEM key data in bytes.
+  @param[in]  Password     NULL-terminated passphrase used for encrypted PEM key data.
+  @param[out] RsaContext   Pointer to new-generated RSA context which contain the retrieved
+                           RSA private key component. Use RsaFree() function to free the
+                           resource.
+
+  If PemData is NULL, then ASSERT().
+  If RsaContext is NULL, then ASSERT().
+
+  @retval  TRUE   RSA Private Key was retrieved successfully.
+  @retval  FALSE  Invalid PEM key data or incorrect password.
+
+**/
+BOOLEAN
+EFIAPI
+RsaGetPrivateKeyFromPem (
+  IN   CONST UINT8  *PemData,
+  IN   UINTN        PemSize,
+  IN   CONST CHAR8  *Password,
+  OUT  VOID         **RsaContext
+  )
+{
+  BOOLEAN  Status;
+  BIO      *PemBio;
+
+  //
+  // ASSERT if PemData is NULL or RsaContext is NULL.
+  //
+  ASSERT (PemData    != NULL);
+  ASSERT (RsaContext != NULL);
+
+  Status = FALSE;
+  PemBio = NULL;
+
+  //
+  // Add possible block-cipher descriptor for PEM data decryption.
+  // NOTE: Only support most popular ciphers (3DES, AES) for the encrypted PEM.
+  //
+  EVP_add_cipher (EVP_des_ede3_cbc());
+  EVP_add_cipher (EVP_aes_128_cbc());
+  EVP_add_cipher (EVP_aes_192_cbc());
+  EVP_add_cipher (EVP_aes_256_cbc());
+
+  //
+  // Read encrypted PEM Data.
+  //
+  PemBio = BIO_new (BIO_s_mem ());
+  BIO_write (PemBio, PemData, (int)PemSize);
+  if (PemBio == NULL) {
+    goto _Exit;
+  }
+
+  //
+  // Retrieve RSA Private Key from encrypted PEM data.
+  //
+  *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *)&PasswordCallback, (void *)Password);
+  if (*RsaContext != NULL) {
+    Status = TRUE;
+  }
+
+_Exit:
+  //
+  // Release Resources.
+  //
+  BIO_free (PemBio);
+
+  return Status;
+}
author	qlong <qlong@6f19259b-4bc3-4df7-8a09-765794883524>	2010-12-31 07:22:48 +0000
committer	qlong <qlong@6f19259b-4bc3-4df7-8a09-765794883524>	2010-12-31 07:22:48 +0000
commit	4a567c9690db97ecbf982e9428727f073bada504 (patch)
tree	92682c435813f60c29afd83ad98d04ebc24903ac /CryptoPkg/Library/BaseCryptLib/Pem
parent	2a6433fef2413df583db6399008c7e6716a8e243 (diff)
download	edk2-4a567c9690db97ecbf982e9428727f073bada504.tar.gz edk2-4a567c9690db97ecbf982e9428727f073bada504.tar.bz2 edk2-4a567c9690db97ecbf982e9428727f073bada504.zip