#include "InternalCryptLib.h"

Functions
BOOLEAN EFIAPI	Pkcs1v2Encrypt (IN CONST UINT8 PublicKey, IN UINTN PublicKeySize, IN UINT8 InData, IN UINTN InDataSize, IN CONST UINT8 PrngSeed OPTIONAL, IN UINTN PrngSeedSize OPTIONAL, OUT UINT8 EncryptedData, OUT UINTN EncryptedDataSize)

BOOLEAN EFIAPI	RsaOaepEncrypt (IN VOID RsaContext, IN UINT8 InData, IN UINTN InDataSize, IN CONST UINT8 PrngSeed OPTIONAL, IN UINTN PrngSeedSize OPTIONAL, IN UINT16 DigestLen OPTIONAL, OUT UINT8 EncryptedData, OUT UINTN EncryptedDataSize)

BOOLEAN EFIAPI	Pkcs1v2Decrypt (IN CONST UINT8 PrivateKey, IN UINTN PrivateKeySize, IN UINT8 EncryptedData, IN UINTN EncryptedDataSize, OUT UINT8 *OutData, OUT UINTN OutDataSize)

BOOLEAN EFIAPI	RsaOaepDecrypt (IN VOID RsaContext, IN UINT8 EncryptedData, IN UINTN EncryptedDataSize, IN UINT16 DigestLen OPTIONAL, OUT UINT8 *OutData, OUT UINTN OutDataSize)

Detailed Description

This file contains UEFI wrapper functions for RSA PKCS1v2 OAEP encryption routines.

SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file CryptPkcs1OaepNull.c.

Function Documentation

◆ Pkcs1v2Decrypt()

BOOLEAN EFIAPI Pkcs1v2Decrypt	(	IN CONST UINT8 *	PrivateKey,
		IN UINTN	PrivateKeySize,
		IN UINT8 *	EncryptedData,
		IN UINTN	EncryptedDataSize,
		OUT UINT8 **	OutData,
		OUT UINTN *	OutDataSize
	)

Decrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the decrypted message in a newly allocated buffer.

Things that can cause a failure include:

Fail to parse private key.
Fail to allocate an intermediate buffer.
Null pointer provided for a non-optional parameter.

Parameters

[in]	PrivateKey	A pointer to the DER-encoded private key.
[in]	PrivateKeySize	Size of the private key buffer.
[in]	EncryptedData	Data to be decrypted.
[in]	EncryptedDataSize	Size of the encrypted buffer.
[out]	OutData	Pointer to an allocated buffer containing the encrypted message.
[out]	OutDataSize	Size of the encrypted message buffer.

Return values

TRUE	Encryption was successful.
FALSE	Encryption failed.

Definition at line 125 of file CryptPkcs1OaepNull.c.

◆ Pkcs1v2Encrypt()

BOOLEAN EFIAPI Pkcs1v2Encrypt	(	IN CONST UINT8 *	PublicKey,
		IN UINTN	PublicKeySize,
		IN UINT8 *	InData,
		IN UINTN	InDataSize,
		IN CONST UINT8 *PrngSeed	OPTIONAL,
		IN UINTN PrngSeedSize	OPTIONAL,
		OUT UINT8 **	EncryptedData,
		OUT UINTN *	EncryptedDataSize
	)

Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the encrypted message in a newly allocated buffer.

Return FALSE to indicate this interface is not supported.

Parameters

[in]	PublicKey	A pointer to the DER-encoded X509 certificate that will be used to encrypt the data.
[in]	PublicKeySize	Size of the X509 cert buffer.
[in]	InData	Data to be encrypted.
[in]	InDataSize	Size of the data buffer.
[in]	PrngSeed	[Optional] If provided, a pointer to a random seed buffer to be used when initializing the PRNG. NULL otherwise.
[in]	PrngSeedSize	[Optional] If provided, size of the random seed buffer. 0 otherwise.
[out]	EncryptedData	Pointer to an allocated buffer containing the encrypted message.
[out]	EncryptedDataSize	Size of the encrypted message buffer.

Return values

FALSE This interface is not supported.

Definition at line 37 of file CryptPkcs1OaepNull.c.

◆ RsaOaepDecrypt()

BOOLEAN EFIAPI RsaOaepDecrypt	(	IN VOID *	RsaContext,
		IN UINT8 *	EncryptedData,
		IN UINTN	EncryptedDataSize,
		IN UINT16 DigestLen	OPTIONAL,
		OUT UINT8 **	OutData,
		OUT UINTN *	OutDataSize
	)

Decrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the decrypted message in a newly allocated buffer.

Things that can cause a failure include:

Fail to parse private key.
Fail to allocate an intermediate buffer.
Null pointer provided for a non-optional parameter.

Parameters

[in]	RsaContext	A pointer to an RSA context created by RsaNew() and provisioned with a private key using RsaSetKey().
[in]	EncryptedData	Data to be decrypted.
[in]	EncryptedDataSize	Size of the encrypted buffer.
[in]	DigestLen	[Optional] If provided, size of the hash used: SHA1_DIGEST_SIZE SHA256_DIGEST_SIZE SHA384_DIGEST_SIZE SHA512_DIGEST_SIZE 0 to use default (SHA1)
[out]	OutData	Pointer to an allocated buffer containing the encrypted message.
[out]	OutDataSize	Size of the encrypted message buffer.

Return values

TRUE	Encryption was successful.
FALSE	Encryption failed.

Definition at line 167 of file CryptPkcs1OaepNull.c.

◆ RsaOaepEncrypt()

BOOLEAN EFIAPI RsaOaepEncrypt	(	IN VOID *	RsaContext,
		IN UINT8 *	InData,
		IN UINTN	InDataSize,
		IN CONST UINT8 *PrngSeed	OPTIONAL,
		IN UINTN PrngSeedSize	OPTIONAL,
		IN UINT16 DigestLen	OPTIONAL,
		OUT UINT8 **	EncryptedData,
		OUT UINTN *	EncryptedDataSize
	)

Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the encrypted message in a newly allocated buffer.

Things that can cause a failure include:

X509 key size does not match any known key size.
Fail to allocate an intermediate buffer.
Null pointer provided for a non-optional parameter.
Data size is too large for the provided key size (max size is a function of key size and hash digest size).

Parameters

[in]	RsaContext	A pointer to an RSA context created by RsaNew() and provisioned with a public key using RsaSetKey().
[in]	InData	Data to be encrypted.
[in]	InDataSize	Size of the data buffer.
[in]	PrngSeed	[Optional] If provided, a pointer to a random seed buffer to be used when initializing the PRNG. NULL otherwise.
[in]	PrngSeedSize	[Optional] If provided, size of the random seed buffer. 0 otherwise.
[in]	DigestLen	[Optional] If provided, size of the hash used: SHA1_DIGEST_SIZE SHA256_DIGEST_SIZE SHA384_DIGEST_SIZE SHA512_DIGEST_SIZE 0 to use default (SHA1)
[out]	EncryptedData	Pointer to an allocated buffer containing the encrypted message.
[out]	EncryptedDataSize	Size of the encrypted message buffer.

Return values

TRUE	Encryption was successful.
FALSE	Encryption failed.

Definition at line 87 of file CryptPkcs1OaepNull.c.

Functions

Detailed Description

Function Documentation

◆ Pkcs1v2Decrypt()

◆ Pkcs1v2Encrypt()

◆ RsaOaepDecrypt()

◆ RsaOaepEncrypt()