TianoCore EDK2 master
Loading...
Searching...
No Matches
CryptPkcs1Oaep.c File Reference
#include "InternalCryptLib.h"
#include <mbedtls/rsa.h>
#include <mbedtls/x509_crt.h>
#include <Library/MemoryAllocationLib.h>

Go to the source code of this file.

Functions

BOOLEAN EFIAPI Pkcs1v2Encrypt (IN CONST UINT8 *PublicKey, IN UINTN PublicKeySize, IN UINT8 *InData, IN UINTN InDataSize, IN CONST UINT8 *PrngSeed OPTIONAL, IN UINTN PrngSeedSize OPTIONAL, OUT UINT8 **EncryptedData, OUT UINTN *EncryptedDataSize)
 
BOOLEAN EFIAPI RsaOaepEncrypt (IN VOID *RsaContext, IN UINT8 *InData, IN UINTN InDataSize, IN CONST UINT8 *PrngSeed OPTIONAL, IN UINTN PrngSeedSize OPTIONAL, IN UINT16 DigestLen OPTIONAL, OUT UINT8 **EncryptedData, OUT UINTN *EncryptedDataSize)
 
BOOLEAN EFIAPI Pkcs1v2Decrypt (IN CONST UINT8 *PrivateKey, IN UINTN PrivateKeySize, IN UINT8 *EncryptedData, IN UINTN EncryptedDataSize, OUT UINT8 **OutData, OUT UINTN *OutDataSize)
 
BOOLEAN EFIAPI RsaOaepDecrypt (IN VOID *RsaContext, IN UINT8 *EncryptedData, IN UINTN EncryptedDataSize, IN UINT16 DigestLen OPTIONAL, OUT UINT8 **OutData, OUT UINTN *OutDataSize)
 

Detailed Description

This file contains UEFI wrapper functions for RSA PKCS1v2 OAEP encryption routines.

SPDX-License-Identifier: BSD-2-Clause-Patent

Copyright (c) 2024, Intel Corporation. All rights reserved.

Definition in file CryptPkcs1Oaep.c.

Function Documentation

◆ Pkcs1v2Decrypt()

BOOLEAN EFIAPI Pkcs1v2Decrypt ( IN CONST UINT8 *  PrivateKey,
IN UINTN  PrivateKeySize,
IN UINT8 *  EncryptedData,
IN UINTN  EncryptedDataSize,
OUT UINT8 **  OutData,
OUT UINTN OutDataSize 
)

Decrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the decrypted message in a newly allocated buffer.

Things that can cause a failure include:

  • Fail to parse private key.
  • Fail to allocate an intermediate buffer.
  • Null pointer provided for a non-optional parameter.
Parameters
[in]PrivateKeyA pointer to the DER-encoded private key.
[in]PrivateKeySizeSize of the private key buffer.
[in]EncryptedDataData to be decrypted.
[in]EncryptedDataSizeSize of the encrypted buffer.
[out]OutDataPointer to an allocated buffer containing the encrypted message.
[out]OutDataSizeSize of the encrypted message buffer.
Return values
TRUEEncryption was successful.
FALSEEncryption failed.

Definition at line 225 of file CryptPkcs1Oaep.c.

◆ Pkcs1v2Encrypt()

BOOLEAN EFIAPI Pkcs1v2Encrypt ( IN CONST UINT8 *  PublicKey,
IN UINTN  PublicKeySize,
IN UINT8 *  InData,
IN UINTN  InDataSize,
IN CONST UINT8 *PrngSeed  OPTIONAL,
IN UINTN PrngSeedSize  OPTIONAL,
OUT UINT8 **  EncryptedData,
OUT UINTN EncryptedDataSize 
)

Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the encrypted message in a newly allocated buffer.

Things that can cause a failure include:

  • X509 key size does not match any known key size.
  • Fail to parse X509 certificate.
  • Fail to allocate an intermediate buffer.
  • Null pointer provided for a non-optional parameter.
  • Data size is too large for the provided key size (max size is a function of key size and hash digest size).
Parameters
[in]PublicKeyA pointer to the DER-encoded X509 certificate that will be used to encrypt the data.
[in]PublicKeySizeSize of the X509 cert buffer.
[in]InDataData to be encrypted.
[in]InDataSizeSize of the data buffer.
[in]PrngSeed[Optional] If provided, a pointer to a random seed buffer to be used when initializing the PRNG. NULL otherwise.
[in]PrngSeedSize[Optional] If provided, size of the random seed buffer. 0 otherwise.
[out]EncryptedDataPointer to an allocated buffer containing the encrypted message.
[out]EncryptedDataSizeSize of the encrypted message buffer.
Return values
TRUEEncryption was successful.
FALSEEncryption failed.

Definition at line 46 of file CryptPkcs1Oaep.c.

◆ RsaOaepDecrypt()

BOOLEAN EFIAPI RsaOaepDecrypt ( IN VOID *  RsaContext,
IN UINT8 *  EncryptedData,
IN UINTN  EncryptedDataSize,
IN UINT16 DigestLen  OPTIONAL,
OUT UINT8 **  OutData,
OUT UINTN OutDataSize 
)

Decrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the decrypted message in a newly allocated buffer.

Things that can cause a failure include:

  • Fail to parse private key.
  • Fail to allocate an intermediate buffer.
  • Null pointer provided for a non-optional parameter.
Parameters
[in]RsaContextA pointer to an RSA context created by RsaNew() and provisioned with a private key using RsaSetKey().
[in]EncryptedDataData to be decrypted.
[in]EncryptedDataSizeSize of the encrypted buffer.
[in]DigestLen[Optional] If provided, size of the hash used: SHA1_DIGEST_SIZE SHA256_DIGEST_SIZE SHA384_DIGEST_SIZE SHA512_DIGEST_SIZE 0 to use default (SHA1)
[out]OutDataPointer to an allocated buffer containing the encrypted message.
[out]OutDataSizeSize of the encrypted message buffer.
Return values
TRUEEncryption was successful.
FALSEEncryption failed.

Definition at line 267 of file CryptPkcs1Oaep.c.

◆ RsaOaepEncrypt()

BOOLEAN EFIAPI RsaOaepEncrypt ( IN VOID *  RsaContext,
IN UINT8 *  InData,
IN UINTN  InDataSize,
IN CONST UINT8 *PrngSeed  OPTIONAL,
IN UINTN PrngSeedSize  OPTIONAL,
IN UINT16 DigestLen  OPTIONAL,
OUT UINT8 **  EncryptedData,
OUT UINTN EncryptedDataSize 
)

Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the encrypted message in a newly allocated buffer.

Things that can cause a failure include:

  • X509 key size does not match any known key size.
  • Fail to allocate an intermediate buffer.
  • Null pointer provided for a non-optional parameter.
  • Data size is too large for the provided key size (max size is a function of key size and hash digest size).
Parameters
[in]RsaContextA pointer to an RSA context created by RsaNew() and provisioned with a public key using RsaSetKey().
[in]InDataData to be encrypted.
[in]InDataSizeSize of the data buffer.
[in]PrngSeed[Optional] If provided, a pointer to a random seed buffer to be used when initializing the PRNG. NULL otherwise.
[in]PrngSeedSize[Optional] If provided, size of the random seed buffer. 0 otherwise.
[in]DigestLen[Optional] If provided, size of the hash used: SHA1_DIGEST_SIZE SHA256_DIGEST_SIZE SHA384_DIGEST_SIZE SHA512_DIGEST_SIZE 0 to use default (SHA1)
[out]EncryptedDataPointer to an allocated buffer containing the encrypted message.
[out]EncryptedDataSizeSize of the encrypted message buffer.
Return values
TRUEEncryption was successful.
FALSEEncryption failed.

Definition at line 187 of file CryptPkcs1Oaep.c.