CryptoPkg: add AeadAesGcm to Crypto Service.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4036 Signed-off-by: Qi Zhang <qi1.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com> Cc: Guomin Jiang <guomin.jiang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
author: Qi Zhang <qi1.zhang@intel.com> 2022-09-23 14:32:00 +0800
committer: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> 2022-09-23 08:24:42 +0000
commit: 022787f806250187b0a2b4e25901a5d5b31ec1ed (patch)
tree: 9b54e16175e6fd08ab3f846e474cd839e347ee0a /CryptoPkg/Private
parent: a23f76e184e6f250e0464ce9c11851fc5c7ee67c (diff)
download: edk2-022787f806250187b0a2b4e25901a5d5b31ec1ed.tar.gz
edk2-022787f806250187b0a2b4e25901a5d5b31ec1ed.tar.bz2
edk2-022787f806250187b0a2b4e25901a5d5b31ec1ed.zip
1 files changed, 87 insertions, 1 deletions
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protocol/Crypto.h
index da726e8381..a66be2c388 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -21,7 +21,7 @@
 /// the EDK II Crypto Protocol is extended, this version define must be
 /// increased.
 ///
-#define EDKII_CRYPTO_VERSION  10
+#define EDKII_CRYPTO_VERSION  11
 
 ///
 /// EDK II Crypto Protocol forward declaration
@@ -3805,6 +3805,89 @@ BOOLEAN
   IN       UINTN  CustomByteLen
   );
 
+/**
+  Performs AEAD AES-GCM authenticated encryption on a data buffer and additional authenticated data (AAD).
+
+  IvSize must be 12, otherwise FALSE is returned.
+  KeySize must be 16, 24 or 32, otherwise FALSE is returned.
+  TagSize must be 12, 13, 14, 15, 16, otherwise FALSE is returned.
+
+  @param[in]   Key         Pointer to the encryption key.
+  @param[in]   KeySize     Size of the encryption key in bytes.
+  @param[in]   Iv          Pointer to the IV value.
+  @param[in]   IvSize      Size of the IV value in bytes.
+  @param[in]   AData       Pointer to the additional authenticated data (AAD).
+  @param[in]   ADataSize   Size of the additional authenticated data (AAD) in bytes.
+  @param[in]   DataIn      Pointer to the input data buffer to be encrypted.
+  @param[in]   DataInSize  Size of the input data buffer in bytes.
+  @param[out]  TagOut      Pointer to a buffer that receives the authentication tag output.
+  @param[in]   TagSize     Size of the authentication tag in bytes.
+  @param[out]  DataOut     Pointer to a buffer that receives the encryption output.
+  @param[out]  DataOutSize Size of the output data buffer in bytes.
+
+  @retval TRUE   AEAD AES-GCM authenticated encryption succeeded.
+  @retval FALSE  AEAD AES-GCM authenticated encryption failed.
+
+**/
+typedef
+BOOLEAN
+(EFIAPI *EDKII_AEAD_AES_GCM_ENCRYPT)(
+  IN   CONST UINT8  *Key,
+  IN   UINTN        KeySize,
+  IN   CONST UINT8  *Iv,
+  IN   UINTN        IvSize,
+  IN   CONST UINT8  *AData,
+  IN   UINTN        ADataSize,
+  IN   CONST UINT8  *DataIn,
+  IN   UINTN        DataInSize,
+  OUT  UINT8        *TagOut,
+  IN   UINTN        TagSize,
+  OUT  UINT8        *DataOut,
+  OUT  UINTN        *DataOutSize
+  );
+
+/**
+  Performs AEAD AES-GCM authenticated decryption on a data buffer and additional authenticated data (AAD).
+
+  IvSize must be 12, otherwise FALSE is returned.
+  KeySize must be 16, 24 or 32, otherwise FALSE is returned.
+  TagSize must be 12, 13, 14, 15, 16, otherwise FALSE is returned.
+  If additional authenticated data verification fails, FALSE is returned.
+
+  @param[in]   Key         Pointer to the encryption key.
+  @param[in]   KeySize     Size of the encryption key in bytes.
+  @param[in]   Iv          Pointer to the IV value.
+  @param[in]   IvSize      Size of the IV value in bytes.
+  @param[in]   AData       Pointer to the additional authenticated data (AAD).
+  @param[in]   ADataSize   Size of the additional authenticated data (AAD) in bytes.
+  @param[in]   DataIn      Pointer to the input data buffer to be decrypted.
+  @param[in]   DataInSize  Size of the input data buffer in bytes.
+  @param[in]   Tag         Pointer to a buffer that contains the authentication tag.
+  @param[in]   TagSize     Size of the authentication tag in bytes.
+  @param[out]  DataOut     Pointer to a buffer that receives the decryption output.
+  @param[out]  DataOutSize Size of the output data buffer in bytes.
+
+  @retval TRUE   AEAD AES-GCM authenticated decryption succeeded.
+  @retval FALSE  AEAD AES-GCM authenticated decryption failed.
+
+**/
+typedef
+BOOLEAN
+(EFIAPI *EDKII_AEAD_AES_GCM_DECRYPT)(
+  IN   CONST UINT8  *Key,
+  IN   UINTN        KeySize,
+  IN   CONST UINT8  *Iv,
+  IN   UINTN        IvSize,
+  IN   CONST UINT8  *AData,
+  IN   UINTN        ADataSize,
+  IN   CONST UINT8  *DataIn,
+  IN   UINTN        DataInSize,
+  IN   CONST UINT8  *Tag,
+  IN   UINTN        TagSize,
+  OUT  UINT8        *DataOut,
+  OUT  UINTN        *DataOutSize
+  );
+
 ///
 /// EDK II Crypto Protocol
 ///
@@ -4010,6 +4093,9 @@ struct _EDKII_CRYPTO_PROTOCOL {
   EDKII_CRYPTO_HKDF_SHA_384_EXTRACT_AND_EXPAND       HkdfSha384ExtractAndExpand;
   EDKII_CRYPTO_HKDF_SHA_384_EXTRACT                  HkdfSha384Extract;
   EDKII_CRYPTO_HKDF_SHA_384_EXPAND                   HkdfSha384Expand;
+  /// AEAD AES-GCM
+  EDKII_AEAD_AES_GCM_ENCRYPT                         AeadAesGcmEncrypt;
+  EDKII_AEAD_AES_GCM_DECRYPT                         AeadAesGcmDecrypt;
 };
 
 extern GUID  gEdkiiCryptoProtocolGuid;
author	Qi Zhang <qi1.zhang@intel.com>	2022-09-23 14:32:00 +0800
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2022-09-23 08:24:42 +0000
commit	022787f806250187b0a2b4e25901a5d5b31ec1ed (patch)
tree	9b54e16175e6fd08ab3f846e474cd839e347ee0a /CryptoPkg/Private
parent	a23f76e184e6f250e0464ce9c11851fc5c7ee67c (diff)
download	edk2-022787f806250187b0a2b4e25901a5d5b31ec1ed.tar.gz edk2-022787f806250187b0a2b4e25901a5d5b31ec1ed.tar.bz2 edk2-022787f806250187b0a2b4e25901a5d5b31ec1ed.zip