Home | History | Annotate | Download | only in CryptRuntimeDxe 
      1 /** @file
      2   Runtime Cryptographic Driver Implementation, which produce one crypto
      3   protocol.
      4 
      5 Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
      6 This program and the accompanying materials
      7 are licensed and made available under the terms and conditions of the BSD License
      8 which accompanies this distribution.  The full text of the license may be found at
      9 http://opensource.org/licenses/bsd-license.php
     10 
     11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
     12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
     13 
     14 **/
     15 
     16 #include "CryptRuntime.h"
     17 
     18 //
     19 // The handle onto which the Runtime Crypt Protocol instance is installed
     20 //
     21 EFI_HANDLE  mRuntimeCryptHandle = NULL;
     22 
     23 //
     24 // The Runtime Crypt Protocol instance produced by this driver
     25 //
     26 EFI_RUNTIME_CRYPT_PROTOCOL  mRuntimeCryptProtocol = {
     27   RuntimeCryptSha256GetContextSize,
     28   RuntimeCryptSha256Init,
     29   RuntimeCryptSha256Update,
     30   RuntimeCryptSha256Final,
     31   RuntimeCryptRsaNew,
     32   RuntimeCryptRsaFree,
     33   RuntimeCryptRsaSetKey,
     34   RuntimeCryptRsaPkcs1Verify
     35 };
     36 
     37 /**
     38   Retrieves the size, in bytes, of the context buffer required for SHA-256 operations.
     39 
     40   @return  The size, in bytes, of the context buffer required for SHA-256 operations.
     41 
     42 **/
     43 UINTN
     44 EFIAPI
     45 RuntimeCryptSha256GetContextSize (
     46   VOID
     47   )
     48 {
     49   return Sha256GetContextSize ();
     50 }
     51 
     52 /**
     53   Initializes user-supplied memory pointed by Sha256Context as SHA-256 hash context for
     54   subsequent use.
     55 
     56   If Sha256Context is NULL, then return FALSE.
     57 
     58   @param[in, out]  Sha256Context  Pointer to SHA-256 Context being initialized.
     59 
     60   @retval TRUE   SHA-256 context initialization succeeded.
     61   @retval FALSE  SHA-256 context initialization failed.
     62 
     63 **/
     64 BOOLEAN
     65 EFIAPI
     66 RuntimeCryptSha256Init (
     67   IN OUT  VOID  *Sha256Context
     68   )
     69 {
     70   return Sha256Init (Sha256Context);
     71 }
     72 
     73 /**
     74   Performs SHA-256 digest on a data buffer of the specified length. This function can
     75   be called multiple times to compute the digest of long or discontinuous data streams.
     76 
     77   If Sha256Context is NULL, then return FALSE.
     78 
     79   @param[in, out]  Sha256Context  Pointer to the SHA-256 context.
     80   @param[in]       Data           Pointer to the buffer containing the data to be hashed.
     81   @param[in]       DataLength     Length of Data buffer in bytes.
     82 
     83   @retval TRUE   SHA-256 data digest succeeded.
     84   @retval FALSE  Invalid SHA-256 context. After Sha256Final function has been called, the
     85                  SHA-256 context cannot be reused.
     86 
     87 **/
     88 BOOLEAN
     89 EFIAPI
     90 RuntimeCryptSha256Update (
     91   IN OUT  VOID        *Sha256Context,
     92   IN      CONST VOID  *Data,
     93   IN      UINTN       DataLength
     94   )
     95 {
     96   return Sha256Update (Sha256Context, Data, DataLength);
     97 }
     98 
     99 /**
    100   Completes SHA-256 hash computation and retrieves the digest value into the specified
    101   memory. After this function has been called, the SHA-256 context cannot be used again.
    102 
    103   If Sha256Context is NULL, then return FALSE.
    104   If HashValue is NULL, then return FALSE.
    105 
    106   @param[in, out]  Sha256Context  Pointer to SHA-256 context
    107   @param[out]      HashValue      Pointer to a buffer that receives the SHA-256 digest
    108                                   value (32 bytes).
    109 
    110   @retval TRUE   SHA-256 digest computation succeeded.
    111   @retval FALSE  SHA-256 digest computation failed.
    112 
    113 **/
    114 BOOLEAN
    115 EFIAPI
    116 RuntimeCryptSha256Final (
    117   IN OUT  VOID   *Sha256Context,
    118   OUT     UINT8  *HashValue
    119   )
    120 {
    121   return Sha256Final (Sha256Context, HashValue);
    122 }
    123 
    124 /**
    125   Allocates and Initializes one RSA Context for subsequent use.
    126 
    127   @return  Pointer to the RSA Context that has been initialized.
    128            If the allocations fails, RsaNew() returns NULL.
    129 
    130 **/
    131 VOID *
    132 EFIAPI
    133 RuntimeCryptRsaNew (
    134   VOID
    135   )
    136 {
    137   return RsaNew ();
    138 }
    139 
    140 /**
    141   Release the specified RSA Context.
    142 
    143   @param[in]  RsaContext  Pointer to the RSA context to be released.
    144 
    145 **/
    146 VOID
    147 EFIAPI
    148 RuntimeCryptRsaFree (
    149   IN  VOID  *RsaContext
    150   )
    151 {
    152   RsaFree (RsaContext);
    153 }
    154 
    155 /**
    156   Sets the tag-designated RSA key component into the established RSA context from
    157   the user-specified nonnegative integer (octet string format represented in RSA
    158   PKCS#1).
    159 
    160   If RsaContext is NULL, then return FALSE.
    161 
    162   @param[in, out]  RsaContext  Pointer to RSA context being set.
    163   @param[in]       KeyTag      Tag of RSA key component being set.
    164   @param[in]       BigNumber   Pointer to octet integer buffer.
    165   @param[in]       BnLength    Length of big number buffer in bytes.
    166 
    167   @return  TRUE   RSA key component was set successfully.
    168   @return  FALSE  Invalid RSA key component tag.
    169 
    170 **/
    171 BOOLEAN
    172 EFIAPI
    173 RuntimeCryptRsaSetKey (
    174   IN OUT VOID         *RsaContext,
    175   IN     RSA_KEY_TAG  KeyTag,
    176   IN     CONST UINT8  *BigNumber,
    177   IN     UINTN        BnLength
    178   )
    179 {
    180   return RsaSetKey (RsaContext, KeyTag, BigNumber, BnLength);
    181 }
    182 
    183 /**
    184   Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
    185   RSA PKCS#1.
    186 
    187   If RsaContext is NULL, then return FALSE.
    188   If MessageHash is NULL, then return FALSE.
    189   If Signature is NULL, then return FALSE.
    190   If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, return FALSE.
    191 
    192   @param[in]  RsaContext   Pointer to RSA context for signature verification.
    193   @param[in]  MessageHash  Pointer to octet message hash to be checked.
    194   @param[in]  HashLength   Length of the message hash in bytes.
    195   @param[in]  Signature    Pointer to RSA PKCS1-v1_5 signature to be verified.
    196   @param[in]  SigLength    Length of signature in bytes.
    197 
    198   @return  TRUE   Valid signature encoded in PKCS1-v1_5.
    199   @return  FALSE  Invalid signature or invalid RSA context.
    200 
    201 **/
    202 BOOLEAN
    203 EFIAPI
    204 RuntimeCryptRsaPkcs1Verify (
    205   IN  VOID         *RsaContext,
    206   IN  CONST UINT8  *MessageHash,
    207   IN  UINTN        HashLength,
    208   IN  CONST UINT8  *Signature,
    209   IN  UINTN        SigLength
    210   )
    211 {
    212   return RsaPkcs1Verify (RsaContext, MessageHash, HashLength, Signature, SigLength);
    213 }
    214 
    215 /**
    216   Entry Point for Runtime Cryptographic Driver.
    217 
    218   This function installs Runtime Crypt Protocol.
    219 
    220   @param ImageHandle     Image handle of this driver.
    221   @param SystemTable     a Pointer to the EFI System Table.
    222 
    223   @retval  EFI_SUCEESS  Runtime Crypt Protocol is successfully installed
    224   @return  Others       Some error occurs when installing Runtime Crypt Protocol.
    225 
    226 **/
    227 EFI_STATUS
    228 EFIAPI
    229 CryptRuntimeDriverInitialize (
    230   IN EFI_HANDLE                            ImageHandle,
    231   IN EFI_SYSTEM_TABLE                      *SystemTable
    232   )
    233 {
    234   EFI_STATUS  Status;
    235 
    236   //
    237   // Install the Runtime Crypt Protocol onto a new handle
    238   //
    239   Status = gBS->InstallMultipleProtocolInterfaces (
    240                   &mRuntimeCryptHandle,
    241                   &gEfiRuntimeCryptProtocolGuid,
    242                   &mRuntimeCryptProtocol,
    243                   NULL
    244                   );
    245   ASSERT_EFI_ERROR (Status);
    246 
    247   return Status;
    248 }
    249