TianoCore EDK2 master
Loading...
Searching...
No Matches
CryptPem.c
Go to the documentation of this file.
1
9#include "InternalCryptLib.h"
10#include <openssl/pem.h>
11
23INTN
24PasswordCallback (
25 OUT CHAR8 *Buf,
26 IN INTN Size,
27 IN INTN Flag,
28 IN VOID *Key
29 )
30{
31 INTN KeyLength;
32
33 ZeroMem ((VOID *)Buf, (UINTN)Size);
34 if (Key != NULL) {
35 //
36 // Duplicate key phrase directly.
37 //
38 KeyLength = (INTN)AsciiStrLen ((CHAR8 *)Key);
39 KeyLength = (KeyLength > Size) ? Size : KeyLength;
40 CopyMem (Buf, Key, (UINTN)KeyLength);
41 return KeyLength;
42 } else {
43 return 0;
44 }
45}
46
64BOOLEAN
65EFIAPI
66RsaGetPrivateKeyFromPem (
67 IN CONST UINT8 *PemData,
68 IN UINTN PemSize,
69 IN CONST CHAR8 *Password,
70 OUT VOID **RsaContext
71 )
72{
73 BOOLEAN Status;
74 BIO *PemBio;
75
76 //
77 // Check input parameters.
78 //
79 if ((PemData == NULL) || (RsaContext == NULL) || (PemSize > INT_MAX)) {
80 return FALSE;
81 }
82
83 //
84 // Add possible block-cipher descriptor for PEM data decryption.
85 // NOTE: Only support most popular ciphers AES for the encrypted PEM.
86 //
87 if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) {
88 return FALSE;
89 }
90
91 if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) {
92 return FALSE;
93 }
94
95 if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) {
96 return FALSE;
97 }
98
99 Status = FALSE;
100
101 //
102 // Read encrypted PEM Data.
103 //
104 PemBio = BIO_new (BIO_s_mem ());
105 if (PemBio == NULL) {
106 goto _Exit;
107 }
108
109 if (BIO_write (PemBio, PemData, (int)PemSize) <= 0) {
110 goto _Exit;
111 }
112
113 //
114 // Retrieve RSA Private Key from encrypted PEM data.
115 //
116 *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *)&PasswordCallback, (void *)Password);
117 if (*RsaContext != NULL) {
118 Status = TRUE;
119 }
120
121_Exit:
122 //
123 // Release Resources.
124 //
125 BIO_free (PemBio);
126
127 return Status;
128}
129
147BOOLEAN
148EFIAPI
149EcGetPrivateKeyFromPem (
150 IN CONST UINT8 *PemData,
151 IN UINTN PemSize,
152 IN CONST CHAR8 *Password,
153 OUT VOID **EcContext
154 )
155{
156 BOOLEAN Status;
157 BIO *PemBio;
158
159 //
160 // Check input parameters.
161 //
162 if ((PemData == NULL) || (EcContext == NULL) || (PemSize > INT_MAX)) {
163 return FALSE;
164 }
165
166 //
167 // Add possible block-cipher descriptor for PEM data decryption.
168 // NOTE: Only support most popular ciphers AES for the encrypted PEM.
169 //
170 if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) {
171 return FALSE;
172 }
173
174 if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) {
175 return FALSE;
176 }
177
178 if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) {
179 return FALSE;
180 }
181
182 Status = FALSE;
183
184 //
185 // Read encrypted PEM Data.
186 //
187 PemBio = BIO_new (BIO_s_mem ());
188 if (PemBio == NULL) {
189 goto _Exit;
190 }
191
192 if (BIO_write (PemBio, PemData, (int)PemSize) <= 0) {
193 goto _Exit;
194 }
195
196 //
197 // Retrieve EC Private Key from encrypted PEM data.
198 //
199 *EcContext = PEM_read_bio_ECPrivateKey (PemBio, NULL, (pem_password_cb *)&PasswordCallback, (void *)Password);
200 if (*EcContext != NULL) {
201 Status = TRUE;
202 }
203
204_Exit:
205 //
206 // Release Resources.
207 //
208 BIO_free (PemBio);
209
210 return Status;
211}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
INTN
INT64 INTN
Definition: ProcessorBind.h:118
AsciiStrLen
UINTN EFIAPI AsciiStrLen(IN CONST CHAR8 *String)
Definition: String.c:641
CopyMem
VOID *EFIAPI CopyMem(OUT VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition: CopyMemWrapper.c:41
ZeroMem
VOID *EFIAPI ZeroMem(OUT VOID *Buffer, IN UINTN Length)
Definition: ZeroMemWrapper.c:38
NULL
#define NULL
Definition: Base.h:319
CONST
#define CONST
Definition: Base.h:259
TRUE
#define TRUE
Definition: Base.h:301
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
OUT
#define OUT
Definition: Base.h:284
PasswordCallback
INTN PasswordCallback(OUT CHAR8 *Buf, IN INTN Size, IN INTN Flag, IN VOID *Key)
Definition: CryptPem.c:24
RsaGetPrivateKeyFromPem
BOOLEAN EFIAPI RsaGetPrivateKeyFromPem(IN CONST UINT8 *PemData, IN UINTN PemSize, IN CONST CHAR8 *Password, OUT VOID **RsaContext)
Definition: CryptPem.c:66
EcGetPrivateKeyFromPem
BOOLEAN EFIAPI EcGetPrivateKeyFromPem(IN CONST UINT8 *PemData, IN UINTN PemSize, IN CONST CHAR8 *Password, OUT VOID **EcContext)
Definition: CryptPem.c:149