From nobody Sun Feb 8 14:22:27 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+94278+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94278+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1664077152; cv=none; d=zohomail.com; s=zohoarc; b=W7ZXNOAs89eYMl3GNRKRabQGCmQAgHr1JEJDHbRVR/13aAs0YceXuOb9IdjHhs+RCv5n7mRHK7dYPxg3X2m3210TDp0RFgJGrHZ3BTgSzB4mwXEj1OGByjBhOled69mD/cdrU9Hcwh69wwFpEZZKut164+v7a+7TO0VLcahKqQs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1664077152; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=clYoEv6COq63IhMaCJXDmOcTu+LOdV3meLg7zKpaeIU=; b=HWCkV5cOf2OT2+cBDad/gDu1Pbh/PAxbpzD6OWkFtYRH3VNGMWvsT5TwpBskgcUzVV0t7VowYCx+cPFxw3O4oV4ghaue/XwGApR92JS8yhPtYckj+z7vkjimUOJTX2nAyHg09fo+z/aHIhNjJfEga4zdfNWNe0OLhuA0zSAtZk8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+94278+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1664077152496703.4389651211177; Sat, 24 Sep 2022 20:39:12 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id wncvYY1788612xHIltQ6ffJ9; Sat, 24 Sep 2022 20:39:11 -0700 X-Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by mx.groups.io with SMTP id smtpd.web09.14167.1664077144999759383 for ; Sat, 24 Sep 2022 20:39:10 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10480"; a="364859444" X-IronPort-AV: E=Sophos;i="5.93,343,1654585200"; d="scan'208";a="364859444" X-Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2022 20:39:09 -0700 X-IronPort-AV: E=Sophos;i="5.93,343,1654585200"; d="scan'208";a="689158110" X-Received: from liyi4-desktop.ccr.corp.intel.com ([10.239.153.82]) by fmsmga004-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Sep 2022 20:39:08 -0700 From: "yi1 li" To: devel@edk2.groups.io Cc: Yi Li , Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH V4 2/4] CryptoPkg: Add EC APIs to DXE and protocol Date: Sun, 25 Sep 2022 11:38:47 +0800 Message-Id: <9a6b184ca408badcfc2ad619c21ab2f88b32af43.1664075912.git.yi1.li@intel.com> In-Reply-To: References: MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,yi1.li@intel.com X-Gm-Message-State: dTkUGdwOuTKM4vc5WeO7mDlXx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1664077151; bh=5btUJ4ahh5c6mB9XP0bouj8dweFzBdC3Bz+fEIQci7U=; h=Cc:Date:From:Reply-To:Subject:To; b=BSWrQR3V32HZMuuG+LIx3R3lQuOHDjT7PxXj9lKx2yfSaczfyjg8wzXlauh/F/Z79pz E3+s3OihyfBRn7GanrMzTxn7uFA3o3jDU/QMygR0jtVZj2fwb0tWoPcms3V6tRrxM2dEj v2Yijn0nXiOCdimCqJQoJkNIpxUv/0/bIKc= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1664077154662100003 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3828 The implementation provides CryptEc library functions for EFI Driveer and EFI BaseCrypt Protocol. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Yi Li --- CryptoPkg/CryptoPkg.dsc | 1 + CryptoPkg/Driver/Crypto.c | 496 +++++++++++ .../Pcd/PcdCryptoServiceFamilyEnable.h | 25 + .../BaseCryptLibOnProtocolPpi/CryptLib.c | 469 ++++++++++ CryptoPkg/Private/Protocol/Crypto.h | 831 +++++++++++++----- 5 files changed, 1622 insertions(+), 200 deletions(-) diff --git a/CryptoPkg/CryptoPkg.dsc b/CryptoPkg/CryptoPkg.dsc index 7034e8a412..e4e7bc0dbf 100644 --- a/CryptoPkg/CryptoPkg.dsc +++ b/CryptoPkg/CryptoPkg.dsc @@ -172,6 +172,7 @@ gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Fa= mily | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Fami= ly | PCD_CRYPTO_SERVICE_ENABLE_FAMILY gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family = | PCD_CRYPTO_SERVICE_ENABLE_FAMILY + gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family = | 0 !endif =20 !if $(CRYPTO_SERVICES) =3D=3D MIN_PEI diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c index 9872b5bf70..7a8266aaba 100644 --- a/CryptoPkg/Driver/Crypto.c +++ b/CryptoPkg/Driver/Crypto.c @@ -5519,6 +5519,481 @@ CryptoServiceBigNumAddMod ( return CALL_BASECRYPTLIB (Bn.Services.AddMod, BigNumAddMod, (BnA, BnB, B= nM, BnRes), FALSE); } =20 +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +// Basic Elliptic Curve Primitives +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + Initialize new opaque EcGroup object. This object represents an EC curve= and + and is used for calculation within this group. This object should be fre= ed + using EcGroupFree() function. + + @param[in] CryptoNid Identifying number for the ECC curve (Defined in + BaseCryptLib.h). + + @retval EcGroup object On success. + @retval NULL On failure. +**/ +VOID * +EFIAPI +CryptoServiceEcGroupInit ( + IN UINTN CryptoNid + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.GroupInit, EcGroupInit, (CryptoNid= ), NULL); +} + +/** + Get EC curve parameters. While elliptic curve equation is Y^2 mod P =3D = (X^3 + AX + B) Mod P. + This function will set the provided Big Number objects to the correspon= ding + values. The caller needs to make sure all the "out" BigNumber parameters + are properly initialized. + @param[in] EcGroup EC group object. + @param[out] BnPrime Group prime number. + @param[out] BnA A coefficient. + @param[out] BnB B coefficient. + @param[in] BnCtx BN context. + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcGroupGetCurve ( + IN CONST VOID *EcGroup, + OUT VOID *BnPrime, + OUT VOID *BnA, + OUT VOID *BnB, + IN VOID *BnCtx + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.GroupGetCurve, EcGroupGetCurve, (E= cGroup, BnPrime, BnA, BnB, BnCtx), FALSE); +} + +/** + Get EC group order. + This function will set the provided Big Number object to the correspondi= ng + value. The caller needs to make sure that the "out" BigNumber parameter + is properly initialized. + + @param[in] EcGroup EC group object. + @param[out] BnOrder Group prime number. + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcGroupGetOrder ( + IN VOID *EcGroup, + OUT VOID *BnOrder + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.GroupGetOrder, EcGroupGetOrder, (E= cGroup, BnOrder), FALSE); +} + +/** + Free previously allocated EC group object using EcGroupInit(). + + @param[in] EcGroup EC group object to free. +**/ +VOID +EFIAPI +CryptoServiceEcGroupFree ( + IN VOID *EcGroup + ) +{ + CALL_VOID_BASECRYPTLIB (Ec.Services.GroupFree, EcGroupFree, (EcGroup)); +} + +/** + Initialize new opaque EC Point object. This object represents an EC point + within the given EC group (curve). + + @param[in] EC Group, properly initialized using EcGroupInit(). + + @retval EC Point object On success. + @retval NULL On failure. +**/ +VOID * +EFIAPI +CryptoServiceEcPointInit ( + IN CONST VOID *EcGroup + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointInit, EcPointInit, (EcGroup),= NULL); +} + +/** + Free previously allocated EC Point object using EcPointInit(). + + @param[in] EcPoint EC Point to free. + @param[in] Clear TRUE iff the memory should be cleared. +**/ +VOID +EFIAPI +CryptoServiceEcPointDeInit ( + IN VOID *EcPoint, + IN BOOLEAN Clear + ) +{ + CALL_VOID_BASECRYPTLIB (Ec.Services.PointDeInit, EcPointDeInit, (EcPoint= , Clear)); +} + +/** + Get EC point affine (x,y) coordinates. + This function will set the provided Big Number objects to the correspond= ing + values. The caller needs to make sure all the "out" BigNumber parameters + are properly initialized. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC point object. + @param[out] BnX X coordinate. + @param[out] BnY Y coordinate. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcPointGetAffineCoordinates ( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPoint, + OUT VOID *BnX, + OUT VOID *BnY, + IN VOID *BnCtx + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointGetAffineCoordinates, EcPoint= GetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE); +} + +/** + Set EC point affine (x,y) coordinates. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC point object. + @param[in] BnX X coordinate. + @param[in] BnY Y coordinate. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcPointSetAffineCoordinates ( + IN CONST VOID *EcGroup, + IN VOID *EcPoint, + IN CONST VOID *BnX, + IN CONST VOID *BnY, + IN VOID *BnCtx + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointSetAffineCoordinates, EcPoint= SetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE); +} + +/** + EC Point addition. EcPointResult =3D EcPointA + EcPointB. + @param[in] EcGroup EC group object. + @param[out] EcPointResult EC point to hold the result. The point shou= ld + be properly initialized. + @param[in] EcPointA EC Point. + @param[in] EcPointB EC Point. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcPointAdd ( + IN CONST VOID *EcGroup, + OUT VOID *EcPointResult, + IN CONST VOID *EcPointA, + IN CONST VOID *EcPointB, + IN VOID *BnCtx + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointAdd, EcPointAdd, (EcGroup, Ec= PointResult, EcPointA, EcPointB, BnCtx), FALSE); +} + +/** + Variable EC point multiplication. EcPointResult =3D EcPoint * BnPScalar. + + @param[in] EcGroup EC group object. + @param[out] EcPointResult EC point to hold the result. The point shou= ld + be properly initialized. + @param[in] EcPoint EC Point. + @param[in] BnPScalar P Scalar. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcPointMul ( + IN CONST VOID *EcGroup, + OUT VOID *EcPointResult, + IN CONST VOID *EcPoint, + IN CONST VOID *BnPScalar, + IN VOID *BnCtx + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointMul, EcPointMul, (EcGroup, Ec= PointResult, EcPoint, BnPScalar, BnCtx), FALSE); +} + +/** + Calculate the inverse of the supplied EC point. + + @param[in] EcGroup EC group object. + @param[in,out] EcPoint EC point to invert. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcPointInvert ( + IN CONST VOID *EcGroup, + IN OUT VOID *EcPoint, + IN VOID *BnCtx + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointInvert, EcPointInvert, (EcGro= up, EcPoint, BnCtx), FALSE); +} + +/** + Check if the supplied point is on EC curve. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC point to check. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On curve. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcPointIsOnCurve ( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPoint, + IN VOID *BnCtx + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointIsOnCurve, EcPointIsOnCurve, = (EcGroup, EcPoint, BnCtx), FALSE); +} + +/** + Check if the supplied point is at infinity. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC point to check. + + @retval TRUE At infinity. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcPointIsAtInfinity ( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPoint + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointIsAtInfinity, EcPointIsAtInfi= nity, (EcGroup, EcPoint), FALSE); +} + +/** + Check if EC points are equal. + + @param[in] EcGroup EC group object. + @param[in] EcPointA EC point A. + @param[in] EcPointB EC point B. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE A =3D=3D B. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcPointEqual ( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPointA, + IN CONST VOID *EcPointB, + IN VOID *BnCtx + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointEqual, EcPointEqual, (EcGroup= , EcPointA, EcPointB, BnCtx), FALSE); +} + +/** + Set EC point compressed coordinates. Points can be described in terms of + their compressed coordinates. For a point (x, y), for any given value fo= r x + such that the point is on the curve there will only ever be two possible + values for y. Therefore, a point can be set using this function where Bn= X is + the x coordinate and YBit is a value 0 or 1 to identify which of the two + possible values for y should be used. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC Point. + @param[in] BnX X coordinate. + @param[in] YBit 0 or 1 to identify which Y value is used. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcPointSetCompressedCoordinates ( + IN CONST VOID *EcGroup, + IN VOID *EcPoint, + IN CONST VOID *BnX, + IN UINT8 YBit, + IN VOID *BnCtx + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.PointSetCompressedCoordinates, EcP= ointSetCompressedCoordinates, (EcGroup, EcPoint, BnX, YBit, BnCtx), FALSE); +} + +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D +// Elliptic Curve Diffie Hellman Primitives +// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D + +/** + Allocates and Initializes one Elliptic Curve Context for subsequent use + with the NID. + + @param[in] Nid cipher NID + @return Pointer to the Elliptic Curve Context that has been initiali= zed. + If the allocations fails, EcNewByNid() returns NULL. +**/ +VOID * +EFIAPI +CryptoServiceEcNewByNid ( + IN UINTN Nid + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.NewByNid, EcNewByNid, (Nid), NULL); +} + +/** + Release the specified EC context. + + @param[in] EcContext Pointer to the EC context to be released. +**/ +VOID +EFIAPI +CryptoServiceEcFree ( + IN VOID *EcContext + ) +{ + CALL_VOID_BASECRYPTLIB (Ec.Services.Free, EcFree, (EcContext)); +} + +/** + Generates EC key and returns EC public key (X, Y), Please note, this fun= ction uses + pseudo random number generator. The caller must make sure RandomSeed() + function was properly called before. + The Ec context should be correctly initialized by EcNewByNid. + This function generates random secret, and computes the public key (X, Y= ), which is + returned via parameter Public, PublicSize. + X is the first half of Public with size being PublicSize / 2, + Y is the second half of Public with size being PublicSize / 2. + EC context is updated accordingly. + If the Public buffer is too small to hold the public X, Y, FALSE is retu= rned and + PublicSize is set to the required buffer size to obtain the public X, Y. + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y. + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y. + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is = Y. + If EcContext is NULL, then return FALSE. + If PublicSize is NULL, then return FALSE. + If PublicSize is large enough but Public is NULL, then return FALSE. + @param[in, out] EcContext Pointer to the EC context. + @param[out] PublicKey Pointer to t buffer to receive generated= public X,Y. + @param[in, out] PublicKeySize On input, the size of Public buffer in b= ytes. + On output, the size of data returned in = Public buffer in bytes. + @retval TRUE EC public X,Y generation succeeded. + @retval FALSE EC public X,Y generation failed. + @retval FALSE PublicKeySize is not large enough. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcGenerateKey ( + IN OUT VOID *EcContext, + OUT UINT8 *PublicKey, + IN OUT UINTN *PublicKeySize + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.GenerateKey, EcGenerateKey, (EcCon= text, PublicKey, PublicKeySize), FALSE); +} + +/** + Gets the public key component from the established EC context. + The Ec context should be correctly initialized by EcNewByNid, and succes= sfully + generate key pair from EcGenerateKey(). + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y. + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y. + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is = Y. + @param[in, out] EcContext Pointer to EC context being set. + @param[out] PublicKey Pointer to t buffer to receive generated= public X,Y. + @param[in, out] PublicKeySize On input, the size of Public buffer in b= ytes. + On output, the size of data returned in = Public buffer in bytes. + @retval TRUE EC key component was retrieved successfully. + @retval FALSE Invalid EC key component. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcGetPubKey ( + IN OUT VOID *EcContext, + OUT UINT8 *PublicKey, + IN OUT UINTN *PublicKeySize + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.GetPubKey, EcGetPubKey, (EcContext= , PublicKey, PublicKeySize), FALSE); +} + +/** + Computes exchanged common key. + Given peer's public key (X, Y), this function computes the exchanged com= mon key, + based on its own context including value of curve parameter and random s= ecret. + X is the first half of PeerPublic with size being PeerPublicSize / 2, + Y is the second half of PeerPublic with size being PeerPublicSize / 2. + If EcContext is NULL, then return FALSE. + If PeerPublic is NULL, then return FALSE. + If PeerPublicSize is 0, then return FALSE. + If Key is NULL, then return FALSE. + If KeySize is not large enough, then return FALSE. + For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-byte = is Y. + For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-byte = is Y. + For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-byte= is Y. + @param[in, out] EcContext Pointer to the EC context. + @param[in] PeerPublic Pointer to the peer's public X,Y. + @param[in] PeerPublicSize Size of peer's public X,Y in bytes. + @param[in] CompressFlag Flag of PeerPublic is compressed or = not. + @param[out] Key Pointer to the buffer to receive gen= erated key. + @param[in, out] KeySize On input, the size of Key buffer in = bytes. + On output, the size of data returned= in Key buffer in bytes. + @retval TRUE EC exchanged key generation succeeded. + @retval FALSE EC exchanged key generation failed. + @retval FALSE KeySize is not large enough. +**/ +BOOLEAN +EFIAPI +CryptoServiceEcDhComputeKey ( + IN OUT VOID *EcContext, + IN CONST UINT8 *PeerPublic, + IN UINTN PeerPublicSize, + IN CONST INT32 *CompressFlag, + OUT UINT8 *Key, + IN OUT UINTN *KeySize + ) +{ + return CALL_BASECRYPTLIB (Ec.Services.DhComputeKey, EcDhComputeKey, (EcC= ontext, PeerPublic, PeerPublicSize, CompressFlag, Key, KeySize), FALSE); +} + const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =3D { /// Version CryptoServiceGetCryptoVersion, @@ -5770,4 +6245,25 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =3D { CryptoServiceBigNumContextFree, CryptoServiceBigNumSetUint, CryptoServiceBigNumAddMod, + /// EC + CryptoServiceEcGroupInit, + CryptoServiceEcGroupGetCurve, + CryptoServiceEcGroupGetOrder, + CryptoServiceEcGroupFree, + CryptoServiceEcPointInit, + CryptoServiceEcPointDeInit, + CryptoServiceEcPointGetAffineCoordinates, + CryptoServiceEcPointSetAffineCoordinates, + CryptoServiceEcPointAdd, + CryptoServiceEcPointMul, + CryptoServiceEcPointInvert, + CryptoServiceEcPointIsOnCurve, + CryptoServiceEcPointIsAtInfinity, + CryptoServiceEcPointEqual, + CryptoServiceEcPointSetCompressedCoordinates, + CryptoServiceEcNewByNid, + CryptoServiceEcFree, + CryptoServiceEcGenerateKey, + CryptoServiceEcGetPubKey, + CryptoServiceEcDhComputeKey, }; diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h b/CryptoP= kg/Include/Pcd/PcdCryptoServiceFamilyEnable.h index 52b44ca4f8..45bafc2161 100644 --- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h +++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h @@ -356,6 +356,31 @@ typedef struct { } Services; UINT32 Family; } Bn; + union { + struct { + UINT8 GroupInit : 1; + UINT8 GroupGetCurve : 1; + UINT8 GroupGetOrder : 1; + UINT8 GroupFree : 1; + UINT8 PointInit : 1; + UINT8 PointDeInit : 1; + UINT8 PointGetAffineCoordinates : 1; + UINT8 PointSetAffineCoordinates : 1; + UINT8 PointAdd : 1; + UINT8 PointMul : 1; + UINT8 PointInvert : 1; + UINT8 PointIsOnCurve : 1; + UINT8 PointIsAtInfinity : 1; + UINT8 PointEqual : 1; + UINT8 PointSetCompressedCoordinates : 1; + UINT8 NewByNid : 1; + UINT8 Free : 1; + UINT8 GenerateKey : 1; + UINT8 GetPubKey : 1; + UINT8 DhComputeKey : 1; + } Services; + UINT32 Family; + } Ec; } PCD_CRYPTO_SERVICE_FAMILY_ENABLE; =20 #endif diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/Crypt= oPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c index ce6981f091..791e2ef599 100644 --- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c +++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c @@ -4553,3 +4553,472 @@ BigNumAddMod ( { CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE); } + +/** + Initialize new opaque EcGroup object. This object represents an EC curve= and + and is used for calculation within this group. This object should be fre= ed + using EcGroupFree() function. + + @param[in] CryptoNid Identifying number for the ECC curve (Defined in + BaseCryptLib.h). + + @retval EcGroup object On success. + @retval NULL On failure. +**/ +VOID * +EFIAPI +EcGroupInit ( + IN UINTN CryptoNid + ) +{ + CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL); +} + +/** + Get EC curve parameters. While elliptic curve equation is Y^2 mod P =3D = (X^3 + AX + B) Mod P. + This function will set the provided Big Number objects to the correspon= ding + values. The caller needs to make sure all the "out" BigNumber parameters + are properly initialized. + + @param[in] EcGroup EC group object. + @param[out] BnPrime Group prime number. + @param[out] BnA A coefficient. + @param[out] BnB B coefficient. + @param[in] BnCtx BN context. + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcGroupGetCurve ( + IN CONST VOID *EcGroup, + OUT VOID *BnPrime, + OUT VOID *BnA, + OUT VOID *BnB, + IN VOID *BnCtx + ) +{ + CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, BnCtx= ), FALSE); +} + +/** + Get EC group order. + This function will set the provided Big Number object to the correspondi= ng + value. The caller needs to make sure that the "out" BigNumber parameter + is properly initialized. + + @param[in] EcGroup EC group object. + @param[out] BnOrder Group prime number. + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcGroupGetOrder ( + IN VOID *EcGroup, + OUT VOID *BnOrder + ) +{ + CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE); +} + +/** + Free previously allocated EC group object using EcGroupInit(). + + @param[in] EcGroup EC group object to free. +**/ +VOID +EFIAPI +EcGroupFree ( + IN VOID *EcGroup + ) +{ + CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup)); +} + +/** + Initialize new opaque EC Point object. This object represents an EC point + within the given EC group (curve). + + @param[in] EC Group, properly initialized using EcGroupInit(). + + @retval EC Point object On success. + @retval NULL On failure. +**/ +VOID * +EFIAPI +EcPointInit ( + IN CONST VOID *EcGroup + ) +{ + CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL); +} + +/** + Free previously allocated EC Point object using EcPointInit(). + + @param[in] EcPoint EC Point to free. + @param[in] Clear TRUE iff the memory should be cleared. +**/ +VOID +EFIAPI +EcPointDeInit ( + IN VOID *EcPoint, + IN BOOLEAN Clear + ) +{ + CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear)); +} + +/** + Get EC point affine (x,y) coordinates. + This function will set the provided Big Number objects to the correspond= ing + values. The caller needs to make sure all the "out" BigNumber parameters + are properly initialized. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC point object. + @param[out] BnX X coordinate. + @param[out] BnY Y coordinate. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcPointGetAffineCoordinates ( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPoint, + OUT VOID *BnX, + OUT VOID *BnY, + IN VOID *BnCtx + ) +{ + CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, BnX= , BnY, BnCtx), FALSE); +} + +/** + Set EC point affine (x,y) coordinates. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC point object. + @param[in] BnX X coordinate. + @param[in] BnY Y coordinate. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcPointSetAffineCoordinates ( + IN CONST VOID *EcGroup, + IN VOID *EcPoint, + IN CONST VOID *BnX, + IN CONST VOID *BnY, + IN VOID *BnCtx + ) +{ + CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, BnX= , BnY, BnCtx), FALSE); +} + +/** + EC Point addition. EcPointResult =3D EcPointA + EcPointB. + + @param[in] EcGroup EC group object. + @param[out] EcPointResult EC point to hold the result. The point shou= ld + be properly initialized. + @param[in] EcPointA EC Point. + @param[in] EcPointB EC Point. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcPointAdd ( + IN CONST VOID *EcGroup, + OUT VOID *EcPointResult, + IN CONST VOID *EcPointA, + IN CONST VOID *EcPointB, + IN VOID *BnCtx + ) +{ + CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, EcPo= intB, BnCtx), FALSE); +} + +/** + Variable EC point multiplication. EcPointResult =3D EcPoint * BnPScalar. + + @param[in] EcGroup EC group object. + @param[out] EcPointResult EC point to hold the result. The point shou= ld + be properly initialized. + @param[in] EcPoint EC Point. + @param[in] BnPScalar P Scalar. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcPointMul ( + IN CONST VOID *EcGroup, + OUT VOID *EcPointResult, + IN CONST VOID *EcPoint, + IN CONST VOID *BnPScalar, + IN VOID *BnCtx + ) +{ + CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, BnPSc= alar, BnCtx), FALSE); +} + +/** + Calculate the inverse of the supplied EC point. + + @param[in] EcGroup EC group object. + @param[in,out] EcPoint EC point to invert. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcPointInvert ( + IN CONST VOID *EcGroup, + IN OUT VOID *EcPoint, + IN VOID *BnCtx + ) +{ + CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE); +} + +/** + Check if the supplied point is on EC curve. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC point to check. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On curve. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcPointIsOnCurve ( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPoint, + IN VOID *BnCtx + ) +{ + CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), FALSE); +} + +/** + Check if the supplied point is at infinity. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC point to check. + + @retval TRUE At infinity. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcPointIsAtInfinity ( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPoint + ) +{ + CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE); +} + +/** + Check if EC points are equal. + + @param[in] EcGroup EC group object. + @param[in] EcPointA EC point A. + @param[in] EcPointB EC point B. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE A =3D=3D B. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcPointEqual ( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPointA, + IN CONST VOID *EcPointB, + IN VOID *BnCtx + ) +{ + CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, BnCtx),= FALSE); +} + +/** + Set EC point compressed coordinates. Points can be described in terms of + their compressed coordinates. For a point (x, y), for any given value fo= r x + such that the point is on the curve there will only ever be two possible + values for y. Therefore, a point can be set using this function where Bn= X is + the x coordinate and YBit is a value 0 or 1 to identify which of the two + possible values for y should be used. + + @param[in] EcGroup EC group object. + @param[in] EcPoint EC Point. + @param[in] BnX X coordinate. + @param[in] YBit 0 or 1 to identify which Y value is used. + @param[in] BnCtx BN context, created with BigNumNewContext(). + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +BOOLEAN +EFIAPI +EcPointSetCompressedCoordinates ( + IN CONST VOID *EcGroup, + IN VOID *EcPoint, + IN CONST VOID *BnX, + IN UINT8 YBit, + IN VOID *BnCtx + ) +{ + CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, EcPoint,= BnX, YBit, BnCtx), FALSE); +} + +/** + Allocates and Initializes one Elliptic Curve Context for subsequent use + with the NID. + + @param[in] Nid cipher NID + @return Pointer to the Elliptic Curve Context that has been initiali= zed. + If the allocations fails, EcNewByNid() returns NULL. +**/ +VOID * +EFIAPI +EcNewByNid ( + IN UINTN Nid + ) +{ + CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL); +} + +/** + Release the specified EC context. + + @param[in] EcContext Pointer to the EC context to be released. +**/ +VOID +EFIAPI +EcFree ( + IN VOID *EcContext + ) +{ + CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext)); +} + +/** + Generates EC key and returns EC public key (X, Y), Please note, this fun= ction uses + pseudo random number generator. The caller must make sure RandomSeed() + function was properly called before. + The Ec context should be correctly initialized by EcNewByNid. + This function generates random secret, and computes the public key (X, Y= ), which is + returned via parameter Public, PublicSize. + X is the first half of Public with size being PublicSize / 2, + Y is the second half of Public with size being PublicSize / 2. + EC context is updated accordingly. + If the Public buffer is too small to hold the public X, Y, FALSE is retu= rned and + PublicSize is set to the required buffer size to obtain the public X, Y. + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y. + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y. + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is = Y. + If EcContext is NULL, then return FALSE. + If PublicSize is NULL, then return FALSE. + If PublicSize is large enough but Public is NULL, then return FALSE. + @param[in, out] EcContext Pointer to the EC context. + @param[out] PublicKey Pointer to the buffer to receive generat= ed public X,Y. + @param[in, out] PublicKeySize On input, the size of Public buffer in b= ytes. + On output, the size of data returned in = Public buffer in bytes. + @retval TRUE EC public X,Y generation succeeded. + @retval FALSE EC public X,Y generation failed. + @retval FALSE PublicKeySize is not large enough. +**/ +BOOLEAN +EFIAPI +EcGenerateKey ( + IN OUT VOID *EcContext, + OUT UINT8 *PublicKey, + IN OUT UINTN *PublicKeySize + ) +{ + CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, PublicKeySize= ), FALSE); +} + +/** + Gets the public key component from the established EC context. + The Ec context should be correctly initialized by EcNewByNid, and succes= sfully + generate key pair from EcGenerateKey(). + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y. + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y. + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is = Y. + @param[in, out] EcContext Pointer to EC context being set. + @param[out] PublicKey Pointer to t buffer to receive generated= public X,Y. + @param[in, out] PublicKeySize On input, the size of Public buffer in b= ytes. + On output, the size of data returned in = Public buffer in bytes. + @retval TRUE EC key component was retrieved successfully. + @retval FALSE Invalid EC key component. +**/ +BOOLEAN +EFIAPI +EcGetPubKey ( + IN OUT VOID *EcContext, + OUT UINT8 *PublicKey, + IN OUT UINTN *PublicKeySize + ) +{ + CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, PublicKeySize),= FALSE); +} + +/** + Computes exchanged common key. + Given peer's public key (X, Y), this function computes the exchanged com= mon key, + based on its own context including value of curve parameter and random s= ecret. + X is the first half of PeerPublic with size being PeerPublicSize / 2, + Y is the second half of PeerPublic with size being PeerPublicSize / 2. + If EcContext is NULL, then return FALSE. + If PeerPublic is NULL, then return FALSE. + If PeerPublicSize is 0, then return FALSE. + If Key is NULL, then return FALSE. + If KeySize is not large enough, then return FALSE. + For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-byte = is Y. + For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-byte = is Y. + For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-byte= is Y. + @param[in, out] EcContext Pointer to the EC context. + @param[in] PeerPublic Pointer to the peer's public X,Y. + @param[in] PeerPublicSize Size of peer's public X,Y in bytes. + @param[in] CompressFlag Flag of PeerPublic is compressed or = not. + @param[out] Key Pointer to the buffer to receive gen= erated key. + @param[in, out] KeySize On input, the size of Key buffer in = bytes. + On output, the size of data returned= in Key buffer in bytes. + @retval TRUE EC exchanged key generation succeeded. + @retval FALSE EC exchanged key generation failed. + @retval FALSE KeySize is not large enough. +**/ +BOOLEAN +EFIAPI +EcDhComputeKey ( + IN OUT VOID *EcContext, + IN CONST UINT8 *PeerPublic, + IN UINTN PeerPublicSize, + IN CONST INT32 *CompressFlag, + OUT UINT8 *Key, + IN OUT UINTN *KeySize + ) +{ + CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, PeerPublicS= ize, CompressFlag, Key, KeySize), FALSE); +} diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protoc= ol/Crypto.h index 3bf37575e9..2f267c7f55 100644 --- a/CryptoPkg/Private/Protocol/Crypto.h +++ b/CryptoPkg/Private/Protocol/Crypto.h @@ -21,7 +21,7 @@ /// the EDK II Crypto Protocol is extended, this version define must be /// increased. /// -#define EDKII_CRYPTO_VERSION 12 +#define EDKII_CRYPTO_VERSION 13 =20 /// /// EDK II Crypto Protocol forward declaration @@ -4289,240 +4289,671 @@ BOOLEAN OUT VOID *BnRes ); =20 +/** + Initialize new opaque EcGroup object. This object represents an EC curve= and + and is used for calculation within this group. This object should be fre= ed + using EcGroupFree() function. + + @param[in] CryptoNid Identifying number for the ECC curve (Defined in + BaseCryptLib.h). + + @retval EcGroup object On success + @retval NULL On failure +**/ +typedef +VOID * +(EFIAPI *EDKII_CRYPTO_EC_GROUP_INIT)( + IN UINTN CryptoNid + ); + +/** + Get EC curve parameters. While elliptic curve equation is Y^2 mod P =3D = (X^3 + AX + B) Mod P. + This function will set the provided Big Number objects to the correspon= ding + values. The caller needs to make sure all the "out" BigNumber parameters + are properly initialized. + + @param[in] EcGroup EC group object. + @param[out] BnPrime Group prime number. + @param[out] BnA A coefficient. + @param[out] BnB B coefficient. + @param[in] BnCtx BN context. + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_GROUP_GET_CURVE)( + IN CONST VOID *EcGroup, + OUT VOID *BnPrime, + OUT VOID *BnA, + OUT VOID *BnB, + IN VOID *BnCtx + ); + +/** + Get EC group order. + This function will set the provided Big Number object to the correspondi= ng + value. The caller needs to make sure that the "out" BigNumber parameter + is properly initialized. + + @param[in] EcGroup EC group object + @param[out] BnOrder Group prime number + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_GROUP_GET_ORDER)( + IN VOID *EcGroup, + OUT VOID *BnOrder + ); + +/** + Free previously allocated EC group object using EcGroupInit() + + @param[in] EcGroup EC group object to free +**/ +typedef +VOID +(EFIAPI *EDKII_CRYPTO_EC_GROUP_FREE)( + IN VOID *EcGroup + ); + +/** + Initialize new opaque EC Point object. This object represents an EC point + within the given EC group (curve). + + @param[in] EC Group, properly initialized using EcGroupInit() + + @retval EC Point object On success + @retval NULL On failure +**/ +typedef +VOID * +(EFIAPI *EDKII_CRYPTO_EC_POINT_INIT)( + IN CONST VOID *EcGroup + ); + +/** + Free previously allocated EC Point object using EcPointInit() + + @param[in] EcPoint EC Point to free + @param[in] Clear TRUE iff the memory should be cleared +**/ +typedef +VOID +(EFIAPI *EDKII_CRYPTO_EC_POINT_DE_INIT)( + IN VOID *EcPoint, + IN BOOLEAN Clear + ); + +/** + Get EC point affine (x,y) coordinates. + This function will set the provided Big Number objects to the correspond= ing + values. The caller needs to make sure all the "out" BigNumber parameters + are properly initialized. + + @param[in] EcGroup EC group object + @param[in] EcPoint EC point object + @param[out] BnX X coordinate + @param[out] BnY Y coordinate + @param[in] BnCtx BN context, created with BigNumNewContext() + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_POINT_GET_AFFINE_COORDINATES)( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPoint, + OUT VOID *BnX, + OUT VOID *BnY, + IN VOID *BnCtx + ); + +/** + Set EC point affine (x,y) coordinates. + + @param[in] EcGroup EC group object + @param[in] EcPoint EC point object + @param[in] BnX X coordinate + @param[in] BnY Y coordinate + @param[in] BnCtx BN context, created with BigNumNewContext() + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_POINT_SET_AFFINE_COORDINATES)( + IN CONST VOID *EcGroup, + IN VOID *EcPoint, + IN CONST VOID *BnX, + IN CONST VOID *BnY, + IN VOID *BnCtx + ); + +/** + EC Point addition. EcPointResult =3D EcPointA + EcPointB + + @param[in] EcGroup EC group object + @param[out] EcPointResult EC point to hold the result. The point shou= ld + be properly initialized. + @param[in] EcPointA EC Point + @param[in] EcPointB EC Point + @param[in] BnCtx BN context, created with BigNumNewContext() + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_POINT_ADD)( + IN CONST VOID *EcGroup, + OUT VOID *EcPointResult, + IN CONST VOID *EcPointA, + IN CONST VOID *EcPointB, + IN VOID *BnCtx + ); + +/** + Variable EC point multiplication. EcPointResult =3D EcPoint * BnPScalar + + @param[in] EcGroup EC group object + @param[out] EcPointResult EC point to hold the result. The point shou= ld + be properly initialized. + @param[in] EcPoint EC Point + @param[in] BnPScalar P Scalar + @param[in] BnCtx BN context, created with BigNumNewContext() + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_POINT_MUL)( + IN CONST VOID *EcGroup, + OUT VOID *EcPointResult, + IN CONST VOID *EcPoint, + IN CONST VOID *BnPScalar, + IN VOID *BnCtx + ); + +/** + Calculate the inverse of the supplied EC point. + + @param[in] EcGroup EC group object + @param[in,out] EcPoint EC point to invert + @param[in] BnCtx BN context, created with BigNumNewContext() + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_POINT_INVERT)( + IN CONST VOID *EcGroup, + IN OUT VOID *EcPoint, + IN VOID *BnCtx + ); + +/** + Check if the supplied point is on EC curve + + @param[in] EcGroup EC group object + @param[in] EcPoint EC point to check + @param[in] BnCtx BN context, created with BigNumNewContext() + + @retval TRUE On curve + @retval FALSE Otherwise +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_POINT_IS_ON_CURVE)( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPoint, + IN VOID *BnCtx + ); + +/** + Check if the supplied point is at infinity + + @param[in] EcGroup EC group object + @param[in] EcPoint EC point to check + @param[in] BnCtx BN context, created with BigNumNewContext() + + @retval TRUE At infinity + @retval FALSE Otherwise +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_POINT_IS_AT_INFINITY)( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPoint + ); + +/** + Check if EC points are equal + + @param[in] EcGroup EC group object + @param[in] EcPointA EC point A + @param[in] EcPointB EC point B + @param[in] BnCtx BN context, created with BigNumNewContext() + + @retval TRUE A =3D=3D B + @retval FALSE Otherwise +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_POINT_EQUAL)( + IN CONST VOID *EcGroup, + IN CONST VOID *EcPointA, + IN CONST VOID *EcPointB, + IN VOID *BnCtx + ); + +/** + Set EC point compressed coordinates. Points can be described in terms of + their compressed coordinates. For a point (x, y), for any given value fo= r x + such that the point is on the curve there will only ever be two possible + values for y. Therefore, a point can be set using this function where Bn= X is + the x coordinate and YBit is a value 0 or 1 to identify which of the two + possible values for y should be used. + + @param[in] EcGroup EC group object + @param[in] EcPoint EC Point + @param[in] BnX X coordinate + @param[in] YBit 0 or 1 to identify which Y value is used + @param[in] BnCtx BN context, created with BigNumNewContext() + + @retval TRUE On success. + @retval FALSE Otherwise. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_POINT_SET_COMPRESSED_COORDINATES)( + IN CONST VOID *EcGroup, + IN VOID *EcPoint, + IN CONST VOID *BnX, + IN UINT8 YBit, + IN VOID *BnCtx + ); + +/** + Allocates and Initializes one Elliptic Curve Context for subsequent use + with the NID. + + @param[in] Nid cipher NID + @return Pointer to the Elliptic Curve Context that has been initiali= zed. + If the allocations fails, EcNewByNid() returns NULL. +**/ +typedef +VOID * +(EFIAPI *EDKII_CRYPTO_EC_NEW_BY_NID)( + IN UINTN Nid + ); + +/** + Release the specified EC context. + + @param[in] EcContext Pointer to the EC context to be released. +**/ +typedef +VOID +(EFIAPI *EDKII_CRYPTO_EC_FREE)( + IN VOID *EcContext + ); + +/** + Generates EC key and returns EC public key (X, Y), Please note, this fun= ction uses + pseudo random number generator. The caller must make sure RandomSeed() + function was properly called before. + The Ec context should be correctly initialized by EcNewByNid. + This function generates random secret, and computes the public key (X, Y= ), which is + returned via parameter Public, PublicSize. + X is the first half of Public with size being PublicSize / 2, + Y is the second half of Public with size being PublicSize / 2. + EC context is updated accordingly. + If the Public buffer is too small to hold the public X, Y, FALSE is retu= rned and + PublicSize is set to the required buffer size to obtain the public X, Y. + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y. + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y. + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is = Y. + If EcContext is NULL, then return FALSE. + If PublicSize is NULL, then return FALSE. + If PublicSize is large enough but Public is NULL, then return FALSE. + @param[in, out] EcContext Pointer to the EC context. + @param[out] PublicKey Pointer to t buffer to receive generated= public X,Y. + @param[in, out] PublicKeySize On input, the size of Public buffer in b= ytes. + On output, the size of data returned in = Public buffer in bytes. + @retval TRUE EC public X,Y generation succeeded. + @retval FALSE EC public X,Y generation failed. + @retval FALSE PublicKeySize is not large enough. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_GENERATE_KEY)( + IN OUT VOID *EcContext, + OUT UINT8 *PublicKey, + IN OUT UINTN *PublicKeySize + ); + +/** + Gets the public key component from the established EC context. + The Ec context should be correctly initialized by EcNewByNid, and succes= sfully + generate key pair from EcGenerateKey(). + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y. + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y. + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is = Y. + @param[in, out] EcContext Pointer to EC context being set. + @param[out] PublicKey Pointer to t buffer to receive generated= public X,Y. + @param[in, out] PublicKeySize On input, the size of Public buffer in b= ytes. + On output, the size of data returned in = Public buffer in bytes. + @retval TRUE EC key component was retrieved successfully. + @retval FALSE Invalid EC key component. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_GET_PUB_KEY)( + IN OUT VOID *EcContext, + OUT UINT8 *PublicKey, + IN OUT UINTN *PublicKeySize + ); + +/** + Computes exchanged common key. + Given peer's public key (X, Y), this function computes the exchanged com= mon key, + based on its own context including value of curve parameter and random s= ecret. + X is the first half of PeerPublic with size being PeerPublicSize / 2, + Y is the second half of PeerPublic with size being PeerPublicSize / 2. + If EcContext is NULL, then return FALSE. + If PeerPublic is NULL, then return FALSE. + If PeerPublicSize is 0, then return FALSE. + If Key is NULL, then return FALSE. + If KeySize is not large enough, then return FALSE. + For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-byte = is Y. + For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-byte = is Y. + For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-byte= is Y. + @param[in, out] EcContext Pointer to the EC context. + @param[in] PeerPublic Pointer to the peer's public X,Y. + @param[in] PeerPublicSize Size of peer's public X,Y in bytes. + @param[in] CompressFlag Flag of PeerPublic is compressed or = not. + @param[out] Key Pointer to the buffer to receive gen= erated key. + @param[in, out] KeySize On input, the size of Key buffer in = bytes. + On output, the size of data returned= in Key buffer in bytes. + @retval TRUE EC exchanged key generation succeeded. + @retval FALSE EC exchanged key generation failed. + @retval FALSE KeySize is not large enough. +**/ +typedef +BOOLEAN +(EFIAPI *EDKII_CRYPTO_EC_DH_COMPUTE_KEY)( + IN OUT VOID *EcContext, + IN CONST UINT8 *PeerPublic, + IN UINTN PeerPublicSize, + IN CONST INT32 *CompressFlag, + OUT UINT8 *Key, + IN OUT UINTN *KeySize + ); + /// /// EDK II Crypto Protocol /// struct _EDKII_CRYPTO_PROTOCOL { /// Version - EDKII_CRYPTO_GET_VERSION GetVersion; + EDKII_CRYPTO_GET_VERSION GetVersion; /// HMAC MD5 - deprecated and unsupported - DEPRECATED_EDKII_CRYPTO_HMAC_MD5_NEW DeprecatedHmacMd5New; - DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FREE DeprecatedHmacMd5Free; - DEPRECATED_EDKII_CRYPTO_HMAC_MD5_SET_KEY DeprecatedHmacMd5SetK= ey; - DEPRECATED_EDKII_CRYPTO_HMAC_MD5_DUPLICATE DeprecatedHmacMd5Dupl= icate; - DEPRECATED_EDKII_CRYPTO_HMAC_MD5_UPDATE DeprecatedHmacMd5Upda= te; - DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FINAL DeprecatedHmacMd5Fina= l; + DEPRECATED_EDKII_CRYPTO_HMAC_MD5_NEW DeprecatedHmacMd5New; + DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FREE DeprecatedHmacMd5Fre= e; + DEPRECATED_EDKII_CRYPTO_HMAC_MD5_SET_KEY DeprecatedHmacMd5Set= Key; + DEPRECATED_EDKII_CRYPTO_HMAC_MD5_DUPLICATE DeprecatedHmacMd5Dup= licate; + DEPRECATED_EDKII_CRYPTO_HMAC_MD5_UPDATE DeprecatedHmacMd5Upd= ate; + DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FINAL DeprecatedHmacMd5Fin= al; /// HMAC SHA1 - deprecated and unsupported - DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_NEW DeprecatedHmacSha1New; - DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FREE DeprecatedHmacSha1Fre= e; - DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_SET_KEY DeprecatedHmacSha1Set= Key; - DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_DUPLICATE DeprecatedHmacSha1Dup= licate; - DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_UPDATE DeprecatedHmacSha1Upd= ate; - DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FINAL DeprecatedHmacSha1Fin= al; + DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_NEW DeprecatedHmacSha1Ne= w; + DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FREE DeprecatedHmacSha1Fr= ee; + DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_SET_KEY DeprecatedHmacSha1Se= tKey; + DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_DUPLICATE DeprecatedHmacSha1Du= plicate; + DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_UPDATE DeprecatedHmacSha1Up= date; + DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FINAL DeprecatedHmacSha1Fi= nal; /// HMAC SHA256 - EDKII_CRYPTO_HMAC_SHA256_NEW HmacSha256New; - EDKII_CRYPTO_HMAC_SHA256_FREE HmacSha256Free; - EDKII_CRYPTO_HMAC_SHA256_SET_KEY HmacSha256SetKey; - EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate; - EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update; - EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final; + EDKII_CRYPTO_HMAC_SHA256_NEW HmacSha256New; + EDKII_CRYPTO_HMAC_SHA256_FREE HmacSha256Free; + EDKII_CRYPTO_HMAC_SHA256_SET_KEY HmacSha256SetKey; + EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate; + EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update; + EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final; /// Md4 - deprecated and unsupported - DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE DeprecatedMd4GetConte= xtSize; - DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init; - DEPRECATED_EDKII_CRYPTO_MD4_DUPLICATE DeprecatedMd4Duplicat= e; - DEPRECATED_EDKII_CRYPTO_MD4_UPDATE DeprecatedMd4Update; - DEPRECATED_EDKII_CRYPTO_MD4_FINAL DeprecatedMd4Final; - DEPRECATED_EDKII_CRYPTO_MD4_HASH_ALL DeprecatedMd4HashAll; + DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE DeprecatedMd4GetCont= extSize; + DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init; + DEPRECATED_EDKII_CRYPTO_MD4_DUPLICATE DeprecatedMd4Duplica= te; + DEPRECATED_EDKII_CRYPTO_MD4_UPDATE DeprecatedMd4Update; + DEPRECATED_EDKII_CRYPTO_MD4_FINAL DeprecatedMd4Final; + DEPRECATED_EDKII_CRYPTO_MD4_HASH_ALL DeprecatedMd4HashAll; /// Md5 - EDKII_CRYPTO_MD5_GET_CONTEXT_SIZE Md5GetContextSize; - EDKII_CRYPTO_MD5_INIT Md5Init; - EDKII_CRYPTO_MD5_DUPLICATE Md5Duplicate; - EDKII_CRYPTO_MD5_UPDATE Md5Update; - EDKII_CRYPTO_MD5_FINAL Md5Final; - EDKII_CRYPTO_MD5_HASH_ALL Md5HashAll; + EDKII_CRYPTO_MD5_GET_CONTEXT_SIZE Md5GetContextSize; + EDKII_CRYPTO_MD5_INIT Md5Init; + EDKII_CRYPTO_MD5_DUPLICATE Md5Duplicate; + EDKII_CRYPTO_MD5_UPDATE Md5Update; + EDKII_CRYPTO_MD5_FINAL Md5Final; + EDKII_CRYPTO_MD5_HASH_ALL Md5HashAll; /// Pkcs - EDKII_CRYPTO_PKCS1_ENCRYPT_V2 Pkcs1v2Encrypt; - EDKII_CRYPTO_PKCS5_PW_HASH Pkcs5HashPassword; - EDKII_CRYPTO_PKCS7_VERIFY Pkcs7Verify; - EDKII_CRYPTO_PKCS7_VERIFY_EKU VerifyEKUsInPkcs7Sign= ature; - EDKII_CRYPTO_PKCS7_GET_SIGNERS Pkcs7GetSigners; - EDKII_CRYPTO_PKCS7_FREE_SIGNERS Pkcs7FreeSigners; - EDKII_CRYPTO_PKCS7_SIGN Pkcs7Sign; - EDKII_CRYPTO_PKCS7_GET_ATTACHED_CONTENT Pkcs7GetAttachedConte= nt; - EDKII_CRYPTO_PKCS7_GET_CERTIFICATES_LIST Pkcs7GetCertificatesL= ist; - EDKII_CRYPTO_AUTHENTICODE_VERIFY AuthenticodeVerify; - EDKII_CRYPTO_IMAGE_TIMESTAMP_VERIFY ImageTimestampVerify; + EDKII_CRYPTO_PKCS1_ENCRYPT_V2 Pkcs1v2Encrypt; + EDKII_CRYPTO_PKCS5_PW_HASH Pkcs5HashPassword; + EDKII_CRYPTO_PKCS7_VERIFY Pkcs7Verify; + EDKII_CRYPTO_PKCS7_VERIFY_EKU VerifyEKUsInPkcs7Sig= nature; + EDKII_CRYPTO_PKCS7_GET_SIGNERS Pkcs7GetSigners; + EDKII_CRYPTO_PKCS7_FREE_SIGNERS Pkcs7FreeSigners; + EDKII_CRYPTO_PKCS7_SIGN Pkcs7Sign; + EDKII_CRYPTO_PKCS7_GET_ATTACHED_CONTENT Pkcs7GetAttachedCont= ent; + EDKII_CRYPTO_PKCS7_GET_CERTIFICATES_LIST Pkcs7GetCertificates= List; + EDKII_CRYPTO_AUTHENTICODE_VERIFY AuthenticodeVerify; + EDKII_CRYPTO_IMAGE_TIMESTAMP_VERIFY ImageTimestampVerify; /// DH - EDKII_CRYPTO_DH_NEW DhNew; - EDKII_CRYPTO_DH_FREE DhFree; - EDKII_CRYPTO_DH_GENERATE_PARAMETER DhGenerateParameter; - EDKII_CRYPTO_DH_SET_PARAMETER DhSetParameter; - EDKII_CRYPTO_DH_GENERATE_KEY DhGenerateKey; - EDKII_CRYPTO_DH_COMPUTE_KEY DhComputeKey; + EDKII_CRYPTO_DH_NEW DhNew; + EDKII_CRYPTO_DH_FREE DhFree; + EDKII_CRYPTO_DH_GENERATE_PARAMETER DhGenerateParameter; + EDKII_CRYPTO_DH_SET_PARAMETER DhSetParameter; + EDKII_CRYPTO_DH_GENERATE_KEY DhGenerateKey; + EDKII_CRYPTO_DH_COMPUTE_KEY DhComputeKey; /// Random - EDKII_CRYPTO_RANDOM_SEED RandomSeed; - EDKII_CRYPTO_RANDOM_BYTES RandomBytes; + EDKII_CRYPTO_RANDOM_SEED RandomSeed; + EDKII_CRYPTO_RANDOM_BYTES RandomBytes; /// RSA - EDKII_CRYPTO_RSA_VERIFY_PKCS1 RsaVerifyPkcs1; - EDKII_CRYPTO_RSA_NEW RsaNew; - EDKII_CRYPTO_RSA_FREE RsaFree; - EDKII_CRYPTO_RSA_SET_KEY RsaSetKey; - EDKII_CRYPTO_RSA_GET_KEY RsaGetKey; - EDKII_CRYPTO_RSA_GENERATE_KEY RsaGenerateKey; - EDKII_CRYPTO_RSA_CHECK_KEY RsaCheckKey; - EDKII_CRYPTO_RSA_PKCS1_SIGN RsaPkcs1Sign; - EDKII_CRYPTO_RSA_PKCS1_VERIFY RsaPkcs1Verify; - EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM RsaGetPrivateKeyFromP= em; - EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509 RsaGetPublicKeyFromX5= 09; + EDKII_CRYPTO_RSA_VERIFY_PKCS1 RsaVerifyPkcs1; + EDKII_CRYPTO_RSA_NEW RsaNew; + EDKII_CRYPTO_RSA_FREE RsaFree; + EDKII_CRYPTO_RSA_SET_KEY RsaSetKey; + EDKII_CRYPTO_RSA_GET_KEY RsaGetKey; + EDKII_CRYPTO_RSA_GENERATE_KEY RsaGenerateKey; + EDKII_CRYPTO_RSA_CHECK_KEY RsaCheckKey; + EDKII_CRYPTO_RSA_PKCS1_SIGN RsaPkcs1Sign; + EDKII_CRYPTO_RSA_PKCS1_VERIFY RsaPkcs1Verify; + EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM RsaGetPrivateKeyFrom= Pem; + EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509 RsaGetPublicKeyFromX= 509; /// Sha1 - EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE Sha1GetContextSize; - EDKII_CRYPTO_SHA1_INIT Sha1Init; - EDKII_CRYPTO_SHA1_DUPLICATE Sha1Duplicate; - EDKII_CRYPTO_SHA1_UPDATE Sha1Update; - EDKII_CRYPTO_SHA1_FINAL Sha1Final; - EDKII_CRYPTO_SHA1_HASH_ALL Sha1HashAll; + EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE Sha1GetContextSize; + EDKII_CRYPTO_SHA1_INIT Sha1Init; + EDKII_CRYPTO_SHA1_DUPLICATE Sha1Duplicate; + EDKII_CRYPTO_SHA1_UPDATE Sha1Update; + EDKII_CRYPTO_SHA1_FINAL Sha1Final; + EDKII_CRYPTO_SHA1_HASH_ALL Sha1HashAll; /// Sha256 - EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE Sha256GetContextSize; - EDKII_CRYPTO_SHA256_INIT Sha256Init; - EDKII_CRYPTO_SHA256_DUPLICATE Sha256Duplicate; - EDKII_CRYPTO_SHA256_UPDATE Sha256Update; - EDKII_CRYPTO_SHA256_FINAL Sha256Final; - EDKII_CRYPTO_SHA256_HASH_ALL Sha256HashAll; + EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE Sha256GetContextSize; + EDKII_CRYPTO_SHA256_INIT Sha256Init; + EDKII_CRYPTO_SHA256_DUPLICATE Sha256Duplicate; + EDKII_CRYPTO_SHA256_UPDATE Sha256Update; + EDKII_CRYPTO_SHA256_FINAL Sha256Final; + EDKII_CRYPTO_SHA256_HASH_ALL Sha256HashAll; /// Sha384 - EDKII_CRYPTO_SHA384_GET_CONTEXT_SIZE Sha384GetContextSize; - EDKII_CRYPTO_SHA384_INIT Sha384Init; - EDKII_CRYPTO_SHA384_DUPLICATE Sha384Duplicate; - EDKII_CRYPTO_SHA384_UPDATE Sha384Update; - EDKII_CRYPTO_SHA384_FINAL Sha384Final; - EDKII_CRYPTO_SHA384_HASH_ALL Sha384HashAll; + EDKII_CRYPTO_SHA384_GET_CONTEXT_SIZE Sha384GetContextSize; + EDKII_CRYPTO_SHA384_INIT Sha384Init; + EDKII_CRYPTO_SHA384_DUPLICATE Sha384Duplicate; + EDKII_CRYPTO_SHA384_UPDATE Sha384Update; + EDKII_CRYPTO_SHA384_FINAL Sha384Final; + EDKII_CRYPTO_SHA384_HASH_ALL Sha384HashAll; /// Sha512 - EDKII_CRYPTO_SHA512_GET_CONTEXT_SIZE Sha512GetContextSize; - EDKII_CRYPTO_SHA512_INIT Sha512Init; - EDKII_CRYPTO_SHA512_DUPLICATE Sha512Duplicate; - EDKII_CRYPTO_SHA512_UPDATE Sha512Update; - EDKII_CRYPTO_SHA512_FINAL Sha512Final; - EDKII_CRYPTO_SHA512_HASH_ALL Sha512HashAll; + EDKII_CRYPTO_SHA512_GET_CONTEXT_SIZE Sha512GetContextSize; + EDKII_CRYPTO_SHA512_INIT Sha512Init; + EDKII_CRYPTO_SHA512_DUPLICATE Sha512Duplicate; + EDKII_CRYPTO_SHA512_UPDATE Sha512Update; + EDKII_CRYPTO_SHA512_FINAL Sha512Final; + EDKII_CRYPTO_SHA512_HASH_ALL Sha512HashAll; /// X509 - EDKII_CRYPTO_X509_GET_SUBJECT_NAME X509GetSubjectName; - EDKII_CRYPTO_X509_GET_COMMON_NAME X509GetCommonName; - EDKII_CRYPTO_X509_GET_ORGANIZATION_NAME X509GetOrganizationNa= me; - EDKII_CRYPTO_X509_VERIFY_CERT X509VerifyCert; - EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE X509ConstructCertific= ate; - EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK X509ConstructCertific= ateStack; - EDKII_CRYPTO_X509_FREE X509Free; - EDKII_CRYPTO_X509_STACK_FREE X509StackFree; - EDKII_CRYPTO_X509_GET_TBS_CERT X509GetTBSCert; + EDKII_CRYPTO_X509_GET_SUBJECT_NAME X509GetSubjectName; + EDKII_CRYPTO_X509_GET_COMMON_NAME X509GetCommonName; + EDKII_CRYPTO_X509_GET_ORGANIZATION_NAME X509GetOrganizationN= ame; + EDKII_CRYPTO_X509_VERIFY_CERT X509VerifyCert; + EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE X509ConstructCertifi= cate; + EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK X509ConstructCertifi= cateStack; + EDKII_CRYPTO_X509_FREE X509Free; + EDKII_CRYPTO_X509_STACK_FREE X509StackFree; + EDKII_CRYPTO_X509_GET_TBS_CERT X509GetTBSCert; /// TDES - deprecated and unsupported - DEPRECATED_EDKII_CRYPTO_TDES_GET_CONTEXT_SIZE DeprecatedTdesGetCont= extSize; - DEPRECATED_EDKII_CRYPTO_TDES_INIT DeprecatedTdesInit; - DEPRECATED_EDKII_CRYPTO_TDES_ECB_ENCRYPT DeprecatedTdesEcbEncr= ypt; - DEPRECATED_EDKII_CRYPTO_TDES_ECB_DECRYPT DeprecatedTdesEcbDecr= ypt; - DEPRECATED_EDKII_CRYPTO_TDES_CBC_ENCRYPT DeprecatedTdesCbcEncr= ypt; - DEPRECATED_EDKII_CRYPTO_TDES_CBC_DECRYPT DeprecatedTdesCbcDecr= ypt; + DEPRECATED_EDKII_CRYPTO_TDES_GET_CONTEXT_SIZE DeprecatedTdesGetCon= textSize; + DEPRECATED_EDKII_CRYPTO_TDES_INIT DeprecatedTdesInit; + DEPRECATED_EDKII_CRYPTO_TDES_ECB_ENCRYPT DeprecatedTdesEcbEnc= rypt; + DEPRECATED_EDKII_CRYPTO_TDES_ECB_DECRYPT DeprecatedTdesEcbDec= rypt; + DEPRECATED_EDKII_CRYPTO_TDES_CBC_ENCRYPT DeprecatedTdesCbcEnc= rypt; + DEPRECATED_EDKII_CRYPTO_TDES_CBC_DECRYPT DeprecatedTdesCbcDec= rypt; /// AES - ECB Mode is deprecated and unsupported - EDKII_CRYPTO_AES_GET_CONTEXT_SIZE AesGetContextSize; - EDKII_CRYPTO_AES_INIT AesInit; - DEPRECATED_EDKII_CRYPTO_AES_ECB_ENCRYPT DeprecatedAesEcbEncry= pt; - DEPRECATED_EDKII_CRYPTO_AES_ECB_DECRYPT DeprecatedAesEcbDecry= pt; - EDKII_CRYPTO_AES_CBC_ENCRYPT AesCbcEncrypt; - EDKII_CRYPTO_AES_CBC_DECRYPT AesCbcDecrypt; + EDKII_CRYPTO_AES_GET_CONTEXT_SIZE AesGetContextSize; + EDKII_CRYPTO_AES_INIT AesInit; + DEPRECATED_EDKII_CRYPTO_AES_ECB_ENCRYPT DeprecatedAesEcbEncr= ypt; + DEPRECATED_EDKII_CRYPTO_AES_ECB_DECRYPT DeprecatedAesEcbDecr= ypt; + EDKII_CRYPTO_AES_CBC_ENCRYPT AesCbcEncrypt; + EDKII_CRYPTO_AES_CBC_DECRYPT AesCbcDecrypt; /// Arc4 - deprecated and unsupported - DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE DeprecatedArc4GetCont= extSize; - DEPRECATED_EDKII_CRYPTO_ARC4_INIT DeprecatedArc4Init; - DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT DeprecatedArc4Encrypt; - DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT DeprecatedArc4Decrypt; - DEPRECATED_EDKII_CRYPTO_ARC4_RESET DeprecatedArc4Reset; + DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE DeprecatedArc4GetCon= textSize; + DEPRECATED_EDKII_CRYPTO_ARC4_INIT DeprecatedArc4Init; + DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT DeprecatedArc4Encryp= t; + DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT DeprecatedArc4Decryp= t; + DEPRECATED_EDKII_CRYPTO_ARC4_RESET DeprecatedArc4Reset; /// SM3 - EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE Sm3GetContextSize; - EDKII_CRYPTO_SM3_INIT Sm3Init; - EDKII_CRYPTO_SM3_DUPLICATE Sm3Duplicate; - EDKII_CRYPTO_SM3_UPDATE Sm3Update; - EDKII_CRYPTO_SM3_FINAL Sm3Final; - EDKII_CRYPTO_SM3_HASH_ALL Sm3HashAll; + EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE Sm3GetContextSize; + EDKII_CRYPTO_SM3_INIT Sm3Init; + EDKII_CRYPTO_SM3_DUPLICATE Sm3Duplicate; + EDKII_CRYPTO_SM3_UPDATE Sm3Update; + EDKII_CRYPTO_SM3_FINAL Sm3Final; + EDKII_CRYPTO_SM3_HASH_ALL Sm3HashAll; /// HKDF - EDKII_CRYPTO_HKDF_SHA_256_EXTRACT_AND_EXPAND HkdfSha256ExtractAndE= xpand; + EDKII_CRYPTO_HKDF_SHA_256_EXTRACT_AND_EXPAND HkdfSha256ExtractAnd= Expand; /// X509 (Continued) - EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK_V X509ConstructCertific= ateStackV; + EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK_V X509ConstructCertifi= cateStackV; /// TLS - EDKII_CRYPTO_TLS_INITIALIZE TlsInitialize; - EDKII_CRYPTO_TLS_CTX_FREE TlsCtxFree; - EDKII_CRYPTO_TLS_CTX_NEW TlsCtxNew; - EDKII_CRYPTO_TLS_FREE TlsFree; - EDKII_CRYPTO_TLS_NEW TlsNew; - EDKII_CRYPTO_TLS_IN_HANDSHAKE TlsInHandshake; - EDKII_CRYPTO_TLS_DO_HANDSHAKE TlsDoHandshake; - EDKII_CRYPTO_TLS_HANDLE_ALERT TlsHandleAlert; - EDKII_CRYPTO_TLS_CLOSE_NOTIFY TlsCloseNotify; - EDKII_CRYPTO_TLS_CTRL_TRAFFIC_OUT TlsCtrlTrafficOut; - EDKII_CRYPTO_TLS_CTRL_TRAFFIC_IN TlsCtrlTrafficIn; - EDKII_CRYPTO_TLS_READ TlsRead; - EDKII_CRYPTO_TLS_WRITE TlsWrite; + EDKII_CRYPTO_TLS_INITIALIZE TlsInitialize; + EDKII_CRYPTO_TLS_CTX_FREE TlsCtxFree; + EDKII_CRYPTO_TLS_CTX_NEW TlsCtxNew; + EDKII_CRYPTO_TLS_FREE TlsFree; + EDKII_CRYPTO_TLS_NEW TlsNew; + EDKII_CRYPTO_TLS_IN_HANDSHAKE TlsInHandshake; + EDKII_CRYPTO_TLS_DO_HANDSHAKE TlsDoHandshake; + EDKII_CRYPTO_TLS_HANDLE_ALERT TlsHandleAlert; + EDKII_CRYPTO_TLS_CLOSE_NOTIFY TlsCloseNotify; + EDKII_CRYPTO_TLS_CTRL_TRAFFIC_OUT TlsCtrlTrafficOut; + EDKII_CRYPTO_TLS_CTRL_TRAFFIC_IN TlsCtrlTrafficIn; + EDKII_CRYPTO_TLS_READ TlsRead; + EDKII_CRYPTO_TLS_WRITE TlsWrite; /// TLS Set - EDKII_CRYPTO_TLS_SET_VERSION TlsSetVersion; - EDKII_CRYPTO_TLS_SET_CONNECTION_END TlsSetConnectionEnd; - EDKII_CRYPTO_TLS_SET_CIPHER_LIST TlsSetCipherList; - EDKII_CRYPTO_TLS_SET_COMPRESSION_METHOD TlsSetCompressionMeth= od; - EDKII_CRYPTO_TLS_SET_VERIFY TlsSetVerify; - EDKII_CRYPTO_TLS_SET_VERIFY_HOST TlsSetVerifyHost; - EDKII_CRYPTO_TLS_SET_SESSIONID TlsSetSessionId; - EDKII_CRYPTO_TLS_SET_CA_CERTIFICATE TlsSetCaCertificate; - EDKII_CRYPTO_TLS_SET_HOST_PUBLIC_CERT TlsSetHostPublicCert; - EDKII_CRYPTO_TLS_SET_HOST_PRIVATE_KEY TlsSetHostPrivateKey; - EDKII_CRYPTO_TLS_SET_CERT_REVOCATION_LIST TlsSetCertRevocationL= ist; + EDKII_CRYPTO_TLS_SET_VERSION TlsSetVersion; + EDKII_CRYPTO_TLS_SET_CONNECTION_END TlsSetConnectionEnd; + EDKII_CRYPTO_TLS_SET_CIPHER_LIST TlsSetCipherList; + EDKII_CRYPTO_TLS_SET_COMPRESSION_METHOD TlsSetCompressionMet= hod; + EDKII_CRYPTO_TLS_SET_VERIFY TlsSetVerify; + EDKII_CRYPTO_TLS_SET_VERIFY_HOST TlsSetVerifyHost; + EDKII_CRYPTO_TLS_SET_SESSIONID TlsSetSessionId; + EDKII_CRYPTO_TLS_SET_CA_CERTIFICATE TlsSetCaCertificate; + EDKII_CRYPTO_TLS_SET_HOST_PUBLIC_CERT TlsSetHostPublicCert; + EDKII_CRYPTO_TLS_SET_HOST_PRIVATE_KEY TlsSetHostPrivateKey; + EDKII_CRYPTO_TLS_SET_CERT_REVOCATION_LIST TlsSetCertRevocation= List; /// TLS Get - EDKII_CRYPTO_TLS_GET_VERSION TlsGetVersion; - EDKII_CRYPTO_TLS_GET_CONNECTION_END TlsGetConnectionEnd; - EDKII_CRYPTO_TLS_GET_CURRENT_CIPHER TlsGetCurrentCipher; - EDKII_CRYPTO_TLS_GET_CURRENT_COMPRESSION_ID TlsGetCurrentCompress= ionId; - EDKII_CRYPTO_TLS_GET_VERIFY TlsGetVerify; - EDKII_CRYPTO_TLS_GET_SESSION_ID TlsGetSessionId; - EDKII_CRYPTO_TLS_GET_CLIENT_RANDOM TlsGetClientRandom; - EDKII_CRYPTO_TLS_GET_SERVER_RANDOM TlsGetServerRandom; - EDKII_CRYPTO_TLS_GET_KEY_MATERIAL TlsGetKeyMaterial; - EDKII_CRYPTO_TLS_GET_CA_CERTIFICATE TlsGetCaCertificate; - EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert; - EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey; - EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocationL= ist; + EDKII_CRYPTO_TLS_GET_VERSION TlsGetVersion; + EDKII_CRYPTO_TLS_GET_CONNECTION_END TlsGetConnectionEnd; + EDKII_CRYPTO_TLS_GET_CURRENT_CIPHER TlsGetCurrentCipher; + EDKII_CRYPTO_TLS_GET_CURRENT_COMPRESSION_ID TlsGetCurrentCompres= sionId; + EDKII_CRYPTO_TLS_GET_VERIFY TlsGetVerify; + EDKII_CRYPTO_TLS_GET_SESSION_ID TlsGetSessionId; + EDKII_CRYPTO_TLS_GET_CLIENT_RANDOM TlsGetClientRandom; + EDKII_CRYPTO_TLS_GET_SERVER_RANDOM TlsGetServerRandom; + EDKII_CRYPTO_TLS_GET_KEY_MATERIAL TlsGetKeyMaterial; + EDKII_CRYPTO_TLS_GET_CA_CERTIFICATE TlsGetCaCertificate; + EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert; + EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey; + EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocation= List; /// RSA PSS - EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign; - EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify; + EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign; + EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify; /// Parallel hash - EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAl= l; + EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashA= ll; /// HMAC SHA256 (continued) - EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All; + EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All; /// HMAC SHA384 - EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New; - EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free; - EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey; - EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate; - EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update; - EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final; - EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All; + EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New; + EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free; + EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey; + EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate; + EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update; + EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final; + EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All; /// HKDF (continued) - EDKII_CRYPTO_HKDF_SHA_256_EXTRACT HkdfSha256Extract; - EDKII_CRYPTO_HKDF_SHA_256_EXPAND HkdfSha256Expand; - EDKII_CRYPTO_HKDF_SHA_384_EXTRACT_AND_EXPAND HkdfSha384ExtractAndE= xpand; - EDKII_CRYPTO_HKDF_SHA_384_EXTRACT HkdfSha384Extract; - EDKII_CRYPTO_HKDF_SHA_384_EXPAND HkdfSha384Expand; + EDKII_CRYPTO_HKDF_SHA_256_EXTRACT HkdfSha256Extract; + EDKII_CRYPTO_HKDF_SHA_256_EXPAND HkdfSha256Expand; + EDKII_CRYPTO_HKDF_SHA_384_EXTRACT_AND_EXPAND HkdfSha384ExtractAnd= Expand; + EDKII_CRYPTO_HKDF_SHA_384_EXTRACT HkdfSha384Extract; + EDKII_CRYPTO_HKDF_SHA_384_EXPAND HkdfSha384Expand; /// AEAD AES-GCM - EDKII_AEAD_AES_GCM_ENCRYPT AeadAesGcmEncrypt; - EDKII_AEAD_AES_GCM_DECRYPT AeadAesGcmDecrypt; + EDKII_AEAD_AES_GCM_ENCRYPT AeadAesGcmEncrypt; + EDKII_AEAD_AES_GCM_DECRYPT AeadAesGcmDecrypt; /// BIGNUM - EDKII_CRYPTO_BIGNUM_INIT BigNumInit; - EDKII_CRYPTO_BIGNUM_FROM_BIN BigNumFromBin; - EDKII_CRYPTO_BIGNUM_TO_BIN BigNumToBin; - EDKII_CRYPTO_BIGNUM_FREE BigNumFree; - EDKII_CRYPTO_BIGNUM_ADD BigNumAdd; - EDKII_CRYPTO_BIGNUM_SUB BigNumSub; - EDKII_CRYPTO_BIGNUM_MOD BigNumMod; - EDKII_CRYPTO_BIGNUM_EXP_MOD BigNumExpMod; - EDKII_CRYPTO_BIGNUM_INVERSE_MOD BigNumInverseMod; - EDKII_CRYPTO_BIGNUM_DIV BigNumDiv; - EDKII_CRYPTO_BIGNUM_MUL_MOD BigNumMulMod; - EDKII_CRYPTO_BIGNUM_CMP BigNumCmp; - EDKII_CRYPTO_BIGNUM_BITS BigNumBits; - EDKII_CRYPTO_BIGNUM_BYTES BigNumBytes; - EDKII_CRYPTO_BIGNUM_IS_WORD BigNumIsWord; - EDKII_CRYPTO_BIGNUM_IS_ODD BigNumIsOdd; - EDKII_CRYPTO_BIGNUM_COPY BigNumCopy; - EDKII_CRYPTO_BIGNUM_VALUE_ONE BigNumValueOne; - EDKII_CRYPTO_BIGNUM_R_SHIFT BigNumRShift; - EDKII_CRYPTO_BIGNUM_CONST_TIME BigNumConstTime; - EDKII_CRYPTO_BIGNUM_SQR_MOD BigNumSqrMod; - EDKII_CRYPTO_BIGNUM_NEW_CONTEXT BigNumNewContext; - EDKII_CRYPTO_BIGNUM_CONTEXT_FREE BigNumContextFree; - EDKII_CRYPTO_BIGNUM_SET_UINT BigNumSetUint; - EDKII_CRYPTO_BIGNUM_ADD_MOD BigNumAddMod; + EDKII_CRYPTO_BIGNUM_INIT BigNumInit; + EDKII_CRYPTO_BIGNUM_FROM_BIN BigNumFromBin; + EDKII_CRYPTO_BIGNUM_TO_BIN BigNumToBin; + EDKII_CRYPTO_BIGNUM_FREE BigNumFree; + EDKII_CRYPTO_BIGNUM_ADD BigNumAdd; + EDKII_CRYPTO_BIGNUM_SUB BigNumSub; + EDKII_CRYPTO_BIGNUM_MOD BigNumMod; + EDKII_CRYPTO_BIGNUM_EXP_MOD BigNumExpMod; + EDKII_CRYPTO_BIGNUM_INVERSE_MOD BigNumInverseMod; + EDKII_CRYPTO_BIGNUM_DIV BigNumDiv; + EDKII_CRYPTO_BIGNUM_MUL_MOD BigNumMulMod; + EDKII_CRYPTO_BIGNUM_CMP BigNumCmp; + EDKII_CRYPTO_BIGNUM_BITS BigNumBits; + EDKII_CRYPTO_BIGNUM_BYTES BigNumBytes; + EDKII_CRYPTO_BIGNUM_IS_WORD BigNumIsWord; + EDKII_CRYPTO_BIGNUM_IS_ODD BigNumIsOdd; + EDKII_CRYPTO_BIGNUM_COPY BigNumCopy; + EDKII_CRYPTO_BIGNUM_VALUE_ONE BigNumValueOne; + EDKII_CRYPTO_BIGNUM_R_SHIFT BigNumRShift; + EDKII_CRYPTO_BIGNUM_CONST_TIME BigNumConstTime; + EDKII_CRYPTO_BIGNUM_SQR_MOD BigNumSqrMod; + EDKII_CRYPTO_BIGNUM_NEW_CONTEXT BigNumNewContext; + EDKII_CRYPTO_BIGNUM_CONTEXT_FREE BigNumContextFree; + EDKII_CRYPTO_BIGNUM_SET_UINT BigNumSetUint; + EDKII_CRYPTO_BIGNUM_ADD_MOD BigNumAddMod; + /// EC + EDKII_CRYPTO_EC_GROUP_INIT EcGroupInit; + EDKII_CRYPTO_EC_GROUP_GET_CURVE EcGroupGetCurve; + EDKII_CRYPTO_EC_GROUP_GET_ORDER EcGroupGetOrder; + EDKII_CRYPTO_EC_GROUP_FREE EcGroupFree; + EDKII_CRYPTO_EC_POINT_INIT EcPointInit; + EDKII_CRYPTO_EC_POINT_DE_INIT EcPointDeInit; + EDKII_CRYPTO_EC_POINT_GET_AFFINE_COORDINATES EcPointGetAffineCoor= dinates; + EDKII_CRYPTO_EC_POINT_SET_AFFINE_COORDINATES EcPointSetAffineCoor= dinates; + EDKII_CRYPTO_EC_POINT_ADD EcPointAdd; + EDKII_CRYPTO_EC_POINT_MUL EcPointMul; + EDKII_CRYPTO_EC_POINT_INVERT EcPointInvert; + EDKII_CRYPTO_EC_POINT_IS_ON_CURVE EcPointIsOnCurve; + EDKII_CRYPTO_EC_POINT_IS_AT_INFINITY EcPointIsAtInfinity; + EDKII_CRYPTO_EC_POINT_EQUAL EcPointEqual; + EDKII_CRYPTO_EC_POINT_SET_COMPRESSED_COORDINATES EcPointSetCompressed= Coordinates; + EDKII_CRYPTO_EC_NEW_BY_NID EcNewByNid; + EDKII_CRYPTO_EC_FREE EcFree; + EDKII_CRYPTO_EC_GENERATE_KEY EcGenerateKey; + EDKII_CRYPTO_EC_GET_PUB_KEY EcGetPubKey; + EDKII_CRYPTO_EC_DH_COMPUTE_KEY EcDhComputeKey; }; =20 extern GUID gEdkiiCryptoProtocolGuid; --=20 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#94278): https://edk2.groups.io/g/devel/message/94278 Mute This Topic: https://groups.io/mt/93901845/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-