tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CryptoPkg: Add EC APIs to DXE and protocol 

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3828

The implementation provides CryptEc library functions
for EFI Driveer and EFI BaseCrypt Protocol.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>

Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
This commit is contained in:
Yi Li 2022-09-25 17:26:19 +08:00 committed by mergify[bot]
parent 988e4d8f5e
commit 3b382f5b38
5 changed files with 1622 additions and 200 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CryptoPkg/CryptoPkg.dsc
View File

@ -172,6 +172,7 @@
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.ParallelHash.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.AeadAesGcm.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Bn.Family | PCD_CRYPTO_SERVICE_ENABLE_FAMILY
gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.Ec.Family | 0
!endif
!if $(CRYPTO_SERVICES) == MIN_PEI

496
CryptoPkg/Driver/Crypto.c
View File

@ -5519,6 +5519,481 @@ CryptoServiceBigNumAddMod (
return CALL_BASECRYPTLIB (Bn.Services.AddMod, BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE);
}
// =====================================================================================
// Basic Elliptic Curve Primitives
// =====================================================================================
/**
Initialize new opaque EcGroup object. This object represents an EC curve and
and is used for calculation within this group. This object should be freed
using EcGroupFree() function.
@param[in] CryptoNid Identifying number for the ECC curve (Defined in
BaseCryptLib.h).
@retval EcGroup object On success.
@retval NULL On failure.
**/
VOID *
EFIAPI
CryptoServiceEcGroupInit (
IN UINTN CryptoNid
)
{
return CALL_BASECRYPTLIB (Ec.Services.GroupInit, EcGroupInit, (CryptoNid), NULL);
}
/**
Get EC curve parameters. While elliptic curve equation is Y^2 mod P = (X^3 + AX + B) Mod P.
This function will set the provided Big Number objects to the corresponding
values. The caller needs to make sure all the "out" BigNumber parameters
are properly initialized.
@param[in] EcGroup EC group object.
@param[out] BnPrime Group prime number.
@param[out] BnA A coefficient.
@param[out] BnB B coefficient.
@param[in] BnCtx BN context.
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcGroupGetCurve (
IN CONST VOID *EcGroup,
OUT VOID *BnPrime,
OUT VOID *BnA,
OUT VOID *BnB,
IN VOID *BnCtx
)
{
return CALL_BASECRYPTLIB (Ec.Services.GroupGetCurve, EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, BnCtx), FALSE);
}
/**
Get EC group order.
This function will set the provided Big Number object to the corresponding
value. The caller needs to make sure that the "out" BigNumber parameter
is properly initialized.
@param[in] EcGroup EC group object.
@param[out] BnOrder Group prime number.
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcGroupGetOrder (
IN VOID *EcGroup,
OUT VOID *BnOrder
)
{
return CALL_BASECRYPTLIB (Ec.Services.GroupGetOrder, EcGroupGetOrder, (EcGroup, BnOrder), FALSE);
}
/**
Free previously allocated EC group object using EcGroupInit().
@param[in] EcGroup EC group object to free.
**/
VOID
EFIAPI
CryptoServiceEcGroupFree (
IN VOID *EcGroup
)
{
CALL_VOID_BASECRYPTLIB (Ec.Services.GroupFree, EcGroupFree, (EcGroup));
}
/**
Initialize new opaque EC Point object. This object represents an EC point
within the given EC group (curve).
@param[in] EC Group, properly initialized using EcGroupInit().
@retval EC Point object On success.
@retval NULL On failure.
**/
VOID *
EFIAPI
CryptoServiceEcPointInit (
IN CONST VOID *EcGroup
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointInit, EcPointInit, (EcGroup), NULL);
}
/**
Free previously allocated EC Point object using EcPointInit().
@param[in] EcPoint EC Point to free.
@param[in] Clear TRUE iff the memory should be cleared.
**/
VOID
EFIAPI
CryptoServiceEcPointDeInit (
IN VOID *EcPoint,
IN BOOLEAN Clear
)
{
CALL_VOID_BASECRYPTLIB (Ec.Services.PointDeInit, EcPointDeInit, (EcPoint, Clear));
}
/**
Get EC point affine (x,y) coordinates.
This function will set the provided Big Number objects to the corresponding
values. The caller needs to make sure all the "out" BigNumber parameters
are properly initialized.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC point object.
@param[out] BnX X coordinate.
@param[out] BnY Y coordinate.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcPointGetAffineCoordinates (
IN CONST VOID *EcGroup,
IN CONST VOID *EcPoint,
OUT VOID *BnX,
OUT VOID *BnY,
IN VOID *BnCtx
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointGetAffineCoordinates, EcPointGetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE);
}
/**
Set EC point affine (x,y) coordinates.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC point object.
@param[in] BnX X coordinate.
@param[in] BnY Y coordinate.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcPointSetAffineCoordinates (
IN CONST VOID *EcGroup,
IN VOID *EcPoint,
IN CONST VOID *BnX,
IN CONST VOID *BnY,
IN VOID *BnCtx
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointSetAffineCoordinates, EcPointSetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE);
}
/**
EC Point addition. EcPointResult = EcPointA + EcPointB.
@param[in] EcGroup EC group object.
@param[out] EcPointResult EC point to hold the result. The point should
be properly initialized.
@param[in] EcPointA EC Point.
@param[in] EcPointB EC Point.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcPointAdd (
IN CONST VOID *EcGroup,
OUT VOID *EcPointResult,
IN CONST VOID *EcPointA,
IN CONST VOID *EcPointB,
IN VOID *BnCtx
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointAdd, EcPointAdd, (EcGroup, EcPointResult, EcPointA, EcPointB, BnCtx), FALSE);
}
/**
Variable EC point multiplication. EcPointResult = EcPoint * BnPScalar.
@param[in] EcGroup EC group object.
@param[out] EcPointResult EC point to hold the result. The point should
be properly initialized.
@param[in] EcPoint EC Point.
@param[in] BnPScalar P Scalar.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcPointMul (
IN CONST VOID *EcGroup,
OUT VOID *EcPointResult,
IN CONST VOID *EcPoint,
IN CONST VOID *BnPScalar,
IN VOID *BnCtx
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointMul, EcPointMul, (EcGroup, EcPointResult, EcPoint, BnPScalar, BnCtx), FALSE);
}
/**
Calculate the inverse of the supplied EC point.
@param[in] EcGroup EC group object.
@param[in,out] EcPoint EC point to invert.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcPointInvert (
IN CONST VOID *EcGroup,
IN OUT VOID *EcPoint,
IN VOID *BnCtx
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointInvert, EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE);
}
/**
Check if the supplied point is on EC curve.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC point to check.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On curve.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcPointIsOnCurve (
IN CONST VOID *EcGroup,
IN CONST VOID *EcPoint,
IN VOID *BnCtx
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointIsOnCurve, EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), FALSE);
}
/**
Check if the supplied point is at infinity.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC point to check.
@retval TRUE At infinity.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcPointIsAtInfinity (
IN CONST VOID *EcGroup,
IN CONST VOID *EcPoint
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointIsAtInfinity, EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE);
}
/**
Check if EC points are equal.
@param[in] EcGroup EC group object.
@param[in] EcPointA EC point A.
@param[in] EcPointB EC point B.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE A == B.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcPointEqual (
IN CONST VOID *EcGroup,
IN CONST VOID *EcPointA,
IN CONST VOID *EcPointB,
IN VOID *BnCtx
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointEqual, EcPointEqual, (EcGroup, EcPointA, EcPointB, BnCtx), FALSE);
}
/**
Set EC point compressed coordinates. Points can be described in terms of
their compressed coordinates. For a point (x, y), for any given value for x
such that the point is on the curve there will only ever be two possible
values for y. Therefore, a point can be set using this function where BnX is
the x coordinate and YBit is a value 0 or 1 to identify which of the two
possible values for y should be used.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC Point.
@param[in] BnX X coordinate.
@param[in] YBit 0 or 1 to identify which Y value is used.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
CryptoServiceEcPointSetCompressedCoordinates (
IN CONST VOID *EcGroup,
IN VOID *EcPoint,
IN CONST VOID *BnX,
IN UINT8 YBit,
IN VOID *BnCtx
)
{
return CALL_BASECRYPTLIB (Ec.Services.PointSetCompressedCoordinates, EcPointSetCompressedCoordinates, (EcGroup, EcPoint, BnX, YBit, BnCtx), FALSE);
}
// =====================================================================================
// Elliptic Curve Diffie Hellman Primitives
// =====================================================================================
/**
Allocates and Initializes one Elliptic Curve Context for subsequent use
with the NID.
@param[in] Nid cipher NID
@return Pointer to the Elliptic Curve Context that has been initialized.
If the allocations fails, EcNewByNid() returns NULL.
**/
VOID *
EFIAPI
CryptoServiceEcNewByNid (
IN UINTN Nid
)
{
return CALL_BASECRYPTLIB (Ec.Services.NewByNid, EcNewByNid, (Nid), NULL);
}
/**
Release the specified EC context.
@param[in] EcContext Pointer to the EC context to be released.
**/
VOID
EFIAPI
CryptoServiceEcFree (
IN VOID *EcContext
)
{
CALL_VOID_BASECRYPTLIB (Ec.Services.Free, EcFree, (EcContext));
}
/**
Generates EC key and returns EC public key (X, Y), Please note, this function uses
pseudo random number generator. The caller must make sure RandomSeed()
function was properly called before.
The Ec context should be correctly initialized by EcNewByNid.
This function generates random secret, and computes the public key (X, Y), which is
returned via parameter Public, PublicSize.
X is the first half of Public with size being PublicSize / 2,
Y is the second half of Public with size being PublicSize / 2.
EC context is updated accordingly.
If the Public buffer is too small to hold the public X, Y, FALSE is returned and
PublicSize is set to the required buffer size to obtain the public X, Y.
For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y.
For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y.
For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is Y.
If EcContext is NULL, then return FALSE.
If PublicSize is NULL, then return FALSE.
If PublicSize is large enough but Public is NULL, then return FALSE.
@param[in, out] EcContext Pointer to the EC context.
@param[out] PublicKey Pointer to t buffer to receive generated public X,Y.
@param[in, out] PublicKeySize On input, the size of Public buffer in bytes.
On output, the size of data returned in Public buffer in bytes.
@retval TRUE EC public X,Y generation succeeded.
@retval FALSE EC public X,Y generation failed.
@retval FALSE PublicKeySize is not large enough.
**/
BOOLEAN
EFIAPI
CryptoServiceEcGenerateKey (
IN OUT VOID *EcContext,
OUT UINT8 *PublicKey,
IN OUT UINTN *PublicKeySize
)
{
return CALL_BASECRYPTLIB (Ec.Services.GenerateKey, EcGenerateKey, (EcContext, PublicKey, PublicKeySize), FALSE);
}
/**
Gets the public key component from the established EC context.
The Ec context should be correctly initialized by EcNewByNid, and successfully
generate key pair from EcGenerateKey().
For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y.
For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y.
For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is Y.
@param[in, out] EcContext Pointer to EC context being set.
@param[out] PublicKey Pointer to t buffer to receive generated public X,Y.
@param[in, out] PublicKeySize On input, the size of Public buffer in bytes.
On output, the size of data returned in Public buffer in bytes.
@retval TRUE EC key component was retrieved successfully.
@retval FALSE Invalid EC key component.
**/
BOOLEAN
EFIAPI
CryptoServiceEcGetPubKey (
IN OUT VOID *EcContext,
OUT UINT8 *PublicKey,
IN OUT UINTN *PublicKeySize
)
{
return CALL_BASECRYPTLIB (Ec.Services.GetPubKey, EcGetPubKey, (EcContext, PublicKey, PublicKeySize), FALSE);
}
/**
Computes exchanged common key.
Given peer's public key (X, Y), this function computes the exchanged common key,
based on its own context including value of curve parameter and random secret.
X is the first half of PeerPublic with size being PeerPublicSize / 2,
Y is the second half of PeerPublic with size being PeerPublicSize / 2.
If EcContext is NULL, then return FALSE.
If PeerPublic is NULL, then return FALSE.
If PeerPublicSize is 0, then return FALSE.
If Key is NULL, then return FALSE.
If KeySize is not large enough, then return FALSE.
For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-byte is Y.
For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-byte is Y.
For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-byte is Y.
@param[in, out] EcContext Pointer to the EC context.
@param[in] PeerPublic Pointer to the peer's public X,Y.
@param[in] PeerPublicSize Size of peer's public X,Y in bytes.
@param[in] CompressFlag Flag of PeerPublic is compressed or not.
@param[out] Key Pointer to the buffer to receive generated key.
@param[in, out] KeySize On input, the size of Key buffer in bytes.
On output, the size of data returned in Key buffer in bytes.
@retval TRUE EC exchanged key generation succeeded.
@retval FALSE EC exchanged key generation failed.
@retval FALSE KeySize is not large enough.
**/
BOOLEAN
EFIAPI
CryptoServiceEcDhComputeKey (
IN OUT VOID *EcContext,
IN CONST UINT8 *PeerPublic,
IN UINTN PeerPublicSize,
IN CONST INT32 *CompressFlag,
OUT UINT8 *Key,
IN OUT UINTN *KeySize
)
{
return CALL_BASECRYPTLIB (Ec.Services.DhComputeKey, EcDhComputeKey, (EcContext, PeerPublic, PeerPublicSize, CompressFlag, Key, KeySize), FALSE);
}
const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
/// Version
CryptoServiceGetCryptoVersion,
@ -5770,4 +6245,25 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto = {
CryptoServiceBigNumContextFree,
CryptoServiceBigNumSetUint,
CryptoServiceBigNumAddMod,
/// EC
CryptoServiceEcGroupInit,
CryptoServiceEcGroupGetCurve,
CryptoServiceEcGroupGetOrder,
CryptoServiceEcGroupFree,
CryptoServiceEcPointInit,
CryptoServiceEcPointDeInit,
CryptoServiceEcPointGetAffineCoordinates,
CryptoServiceEcPointSetAffineCoordinates,
CryptoServiceEcPointAdd,
CryptoServiceEcPointMul,
CryptoServiceEcPointInvert,
CryptoServiceEcPointIsOnCurve,
CryptoServiceEcPointIsAtInfinity,
CryptoServiceEcPointEqual,
CryptoServiceEcPointSetCompressedCoordinates,
CryptoServiceEcNewByNid,
CryptoServiceEcFree,
CryptoServiceEcGenerateKey,
CryptoServiceEcGetPubKey,
CryptoServiceEcDhComputeKey,
};

25
CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
View File

@ -356,6 +356,31 @@ typedef struct {
} Services;
UINT32 Family;
} Bn;
union {
struct {
UINT8 GroupInit : 1;
UINT8 GroupGetCurve : 1;
UINT8 GroupGetOrder : 1;
UINT8 GroupFree : 1;
UINT8 PointInit : 1;
UINT8 PointDeInit : 1;
UINT8 PointGetAffineCoordinates : 1;
UINT8 PointSetAffineCoordinates : 1;
UINT8 PointAdd : 1;
UINT8 PointMul : 1;
UINT8 PointInvert : 1;
UINT8 PointIsOnCurve : 1;
UINT8 PointIsAtInfinity : 1;
UINT8 PointEqual : 1;
UINT8 PointSetCompressedCoordinates : 1;
UINT8 NewByNid : 1;
UINT8 Free : 1;
UINT8 GenerateKey : 1;
UINT8 GetPubKey : 1;
UINT8 DhComputeKey : 1;
} Services;
UINT32 Family;
} Ec;
} PCD_CRYPTO_SERVICE_FAMILY_ENABLE;
#endif

469
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
View File

@ -4553,3 +4553,472 @@ BigNumAddMod (
{
CALL_CRYPTO_SERVICE (BigNumAddMod, (BnA, BnB, BnM, BnRes), FALSE);
}
/**
Initialize new opaque EcGroup object. This object represents an EC curve and
and is used for calculation within this group. This object should be freed
using EcGroupFree() function.
@param[in] CryptoNid Identifying number for the ECC curve (Defined in
BaseCryptLib.h).
@retval EcGroup object On success.
@retval NULL On failure.
**/
VOID *
EFIAPI
EcGroupInit (
IN UINTN CryptoNid
)
{
CALL_CRYPTO_SERVICE (EcGroupInit, (CryptoNid), NULL);
}
/**
Get EC curve parameters. While elliptic curve equation is Y^2 mod P = (X^3 + AX + B) Mod P.
This function will set the provided Big Number objects to the corresponding
values. The caller needs to make sure all the "out" BigNumber parameters
are properly initialized.
@param[in] EcGroup EC group object.
@param[out] BnPrime Group prime number.
@param[out] BnA A coefficient.
@param[out] BnB B coefficient.
@param[in] BnCtx BN context.
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcGroupGetCurve (
IN CONST VOID *EcGroup,
OUT VOID *BnPrime,
OUT VOID *BnA,
OUT VOID *BnB,
IN VOID *BnCtx
)
{
CALL_CRYPTO_SERVICE (EcGroupGetCurve, (EcGroup, BnPrime, BnA, BnB, BnCtx), FALSE);
}
/**
Get EC group order.
This function will set the provided Big Number object to the corresponding
value. The caller needs to make sure that the "out" BigNumber parameter
is properly initialized.
@param[in] EcGroup EC group object.
@param[out] BnOrder Group prime number.
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcGroupGetOrder (
IN VOID *EcGroup,
OUT VOID *BnOrder
)
{
CALL_CRYPTO_SERVICE (EcGroupGetOrder, (EcGroup, BnOrder), FALSE);
}
/**
Free previously allocated EC group object using EcGroupInit().
@param[in] EcGroup EC group object to free.
**/
VOID
EFIAPI
EcGroupFree (
IN VOID *EcGroup
)
{
CALL_VOID_CRYPTO_SERVICE (EcGroupFree, (EcGroup));
}
/**
Initialize new opaque EC Point object. This object represents an EC point
within the given EC group (curve).
@param[in] EC Group, properly initialized using EcGroupInit().
@retval EC Point object On success.
@retval NULL On failure.
**/
VOID *
EFIAPI
EcPointInit (
IN CONST VOID *EcGroup
)
{
CALL_CRYPTO_SERVICE (EcPointInit, (EcGroup), NULL);
}
/**
Free previously allocated EC Point object using EcPointInit().
@param[in] EcPoint EC Point to free.
@param[in] Clear TRUE iff the memory should be cleared.
**/
VOID
EFIAPI
EcPointDeInit (
IN VOID *EcPoint,
IN BOOLEAN Clear
)
{
CALL_VOID_CRYPTO_SERVICE (EcPointDeInit, (EcPoint, Clear));
}
/**
Get EC point affine (x,y) coordinates.
This function will set the provided Big Number objects to the corresponding
values. The caller needs to make sure all the "out" BigNumber parameters
are properly initialized.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC point object.
@param[out] BnX X coordinate.
@param[out] BnY Y coordinate.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcPointGetAffineCoordinates (
IN CONST VOID *EcGroup,
IN CONST VOID *EcPoint,
OUT VOID *BnX,
OUT VOID *BnY,
IN VOID *BnCtx
)
{
CALL_CRYPTO_SERVICE (EcPointGetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE);
}
/**
Set EC point affine (x,y) coordinates.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC point object.
@param[in] BnX X coordinate.
@param[in] BnY Y coordinate.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcPointSetAffineCoordinates (
IN CONST VOID *EcGroup,
IN VOID *EcPoint,
IN CONST VOID *BnX,
IN CONST VOID *BnY,
IN VOID *BnCtx
)
{
CALL_CRYPTO_SERVICE (EcPointSetAffineCoordinates, (EcGroup, EcPoint, BnX, BnY, BnCtx), FALSE);
}
/**
EC Point addition. EcPointResult = EcPointA + EcPointB.
@param[in] EcGroup EC group object.
@param[out] EcPointResult EC point to hold the result. The point should
be properly initialized.
@param[in] EcPointA EC Point.
@param[in] EcPointB EC Point.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcPointAdd (
IN CONST VOID *EcGroup,
OUT VOID *EcPointResult,
IN CONST VOID *EcPointA,
IN CONST VOID *EcPointB,
IN VOID *BnCtx
)
{
CALL_CRYPTO_SERVICE (EcPointAdd, (EcGroup, EcPointResult, EcPointA, EcPointB, BnCtx), FALSE);
}
/**
Variable EC point multiplication. EcPointResult = EcPoint * BnPScalar.
@param[in] EcGroup EC group object.
@param[out] EcPointResult EC point to hold the result. The point should
be properly initialized.
@param[in] EcPoint EC Point.
@param[in] BnPScalar P Scalar.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcPointMul (
IN CONST VOID *EcGroup,
OUT VOID *EcPointResult,
IN CONST VOID *EcPoint,
IN CONST VOID *BnPScalar,
IN VOID *BnCtx
)
{
CALL_CRYPTO_SERVICE (EcPointMul, (EcGroup, EcPointResult, EcPoint, BnPScalar, BnCtx), FALSE);
}
/**
Calculate the inverse of the supplied EC point.
@param[in] EcGroup EC group object.
@param[in,out] EcPoint EC point to invert.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcPointInvert (
IN CONST VOID *EcGroup,
IN OUT VOID *EcPoint,
IN VOID *BnCtx
)
{
CALL_CRYPTO_SERVICE (EcPointInvert, (EcGroup, EcPoint, BnCtx), FALSE);
}
/**
Check if the supplied point is on EC curve.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC point to check.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On curve.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcPointIsOnCurve (
IN CONST VOID *EcGroup,
IN CONST VOID *EcPoint,
IN VOID *BnCtx
)
{
CALL_CRYPTO_SERVICE (EcPointIsOnCurve, (EcGroup, EcPoint, BnCtx), FALSE);
}
/**
Check if the supplied point is at infinity.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC point to check.
@retval TRUE At infinity.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcPointIsAtInfinity (
IN CONST VOID *EcGroup,
IN CONST VOID *EcPoint
)
{
CALL_CRYPTO_SERVICE (EcPointIsAtInfinity, (EcGroup, EcPoint), FALSE);
}
/**
Check if EC points are equal.
@param[in] EcGroup EC group object.
@param[in] EcPointA EC point A.
@param[in] EcPointB EC point B.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE A == B.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcPointEqual (
IN CONST VOID *EcGroup,
IN CONST VOID *EcPointA,
IN CONST VOID *EcPointB,
IN VOID *BnCtx
)
{
CALL_CRYPTO_SERVICE (EcPointEqual, (EcGroup, EcPointA, EcPointB, BnCtx), FALSE);
}
/**
Set EC point compressed coordinates. Points can be described in terms of
their compressed coordinates. For a point (x, y), for any given value for x
such that the point is on the curve there will only ever be two possible
values for y. Therefore, a point can be set using this function where BnX is
the x coordinate and YBit is a value 0 or 1 to identify which of the two
possible values for y should be used.
@param[in] EcGroup EC group object.
@param[in] EcPoint EC Point.
@param[in] BnX X coordinate.
@param[in] YBit 0 or 1 to identify which Y value is used.
@param[in] BnCtx BN context, created with BigNumNewContext().
@retval TRUE On success.
@retval FALSE Otherwise.
**/
BOOLEAN
EFIAPI
EcPointSetCompressedCoordinates (
IN CONST VOID *EcGroup,
IN VOID *EcPoint,
IN CONST VOID *BnX,
IN UINT8 YBit,
IN VOID *BnCtx
)
{
CALL_CRYPTO_SERVICE (EcPointSetCompressedCoordinates, (EcGroup, EcPoint, BnX, YBit, BnCtx), FALSE);
}
/**
Allocates and Initializes one Elliptic Curve Context for subsequent use
with the NID.
@param[in] Nid cipher NID
@return Pointer to the Elliptic Curve Context that has been initialized.
If the allocations fails, EcNewByNid() returns NULL.
**/
VOID *
EFIAPI
EcNewByNid (
IN UINTN Nid
)
{
CALL_CRYPTO_SERVICE (EcNewByNid, (Nid), NULL);
}
/**
Release the specified EC context.
@param[in] EcContext Pointer to the EC context to be released.
**/
VOID
EFIAPI
EcFree (
IN VOID *EcContext
)
{
CALL_VOID_CRYPTO_SERVICE (EcFree, (EcContext));
}
/**
Generates EC key and returns EC public key (X, Y), Please note, this function uses
pseudo random number generator. The caller must make sure RandomSeed()
function was properly called before.
The Ec context should be correctly initialized by EcNewByNid.
This function generates random secret, and computes the public key (X, Y), which is
returned via parameter Public, PublicSize.
X is the first half of Public with size being PublicSize / 2,
Y is the second half of Public with size being PublicSize / 2.
EC context is updated accordingly.
If the Public buffer is too small to hold the public X, Y, FALSE is returned and
PublicSize is set to the required buffer size to obtain the public X, Y.
For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y.
For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y.
For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is Y.
If EcContext is NULL, then return FALSE.
If PublicSize is NULL, then return FALSE.
If PublicSize is large enough but Public is NULL, then return FALSE.
@param[in, out] EcContext Pointer to the EC context.
@param[out] PublicKey Pointer to the buffer to receive generated public X,Y.
@param[in, out] PublicKeySize On input, the size of Public buffer in bytes.
On output, the size of data returned in Public buffer in bytes.
@retval TRUE EC public X,Y generation succeeded.
@retval FALSE EC public X,Y generation failed.
@retval FALSE PublicKeySize is not large enough.
**/
BOOLEAN
EFIAPI
EcGenerateKey (
IN OUT VOID *EcContext,
OUT UINT8 *PublicKey,
IN OUT UINTN *PublicKeySize
)
{
CALL_CRYPTO_SERVICE (EcGenerateKey, (EcContext, PublicKey, PublicKeySize), FALSE);
}
/**
Gets the public key component from the established EC context.
The Ec context should be correctly initialized by EcNewByNid, and successfully
generate key pair from EcGenerateKey().
For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y.
For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y.
For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is Y.
@param[in, out] EcContext Pointer to EC context being set.
@param[out] PublicKey Pointer to t buffer to receive generated public X,Y.
@param[in, out] PublicKeySize On input, the size of Public buffer in bytes.
On output, the size of data returned in Public buffer in bytes.
@retval TRUE EC key component was retrieved successfully.
@retval FALSE Invalid EC key component.
**/
BOOLEAN
EFIAPI
EcGetPubKey (
IN OUT VOID *EcContext,
OUT UINT8 *PublicKey,
IN OUT UINTN *PublicKeySize
)
{
CALL_CRYPTO_SERVICE (EcGetPubKey, (EcContext, PublicKey, PublicKeySize), FALSE);
}
/**
Computes exchanged common key.
Given peer's public key (X, Y), this function computes the exchanged common key,
based on its own context including value of curve parameter and random secret.
X is the first half of PeerPublic with size being PeerPublicSize / 2,
Y is the second half of PeerPublic with size being PeerPublicSize / 2.
If EcContext is NULL, then return FALSE.
If PeerPublic is NULL, then return FALSE.
If PeerPublicSize is 0, then return FALSE.
If Key is NULL, then return FALSE.
If KeySize is not large enough, then return FALSE.
For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-byte is Y.
For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-byte is Y.
For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-byte is Y.
@param[in, out] EcContext Pointer to the EC context.
@param[in] PeerPublic Pointer to the peer's public X,Y.
@param[in] PeerPublicSize Size of peer's public X,Y in bytes.
@param[in] CompressFlag Flag of PeerPublic is compressed or not.
@param[out] Key Pointer to the buffer to receive generated key.
@param[in, out] KeySize On input, the size of Key buffer in bytes.
On output, the size of data returned in Key buffer in bytes.
@retval TRUE EC exchanged key generation succeeded.
@retval FALSE EC exchanged key generation failed.
@retval FALSE KeySize is not large enough.
**/
BOOLEAN
EFIAPI
EcDhComputeKey (
IN OUT VOID *EcContext,
IN CONST UINT8 *PeerPublic,
IN UINTN PeerPublicSize,
IN CONST INT32 *CompressFlag,
OUT UINT8 *Key,
IN OUT UINTN *KeySize
)
{
CALL_CRYPTO_SERVICE (EcDhComputeKey, (EcContext, PeerPublic, PeerPublicSize, CompressFlag, Key, KeySize), FALSE);
}

831
CryptoPkg/Private/Protocol/Crypto.h
View File

@ -21,7 +21,7 @@
/// the EDK II Crypto Protocol is extended, this version define must be
/// increased.
///
#define EDKII_CRYPTO_VERSION 12
#define EDKII_CRYPTO_VERSION 13
///
/// EDK II Crypto Protocol forward declaration
@ -4289,240 +4289,671 @@ BOOLEAN
OUT VOID *BnRes
);
/**
Initialize new opaque EcGroup object. This object represents an EC curve and
and is used for calculation within this group. This object should be freed
using EcGroupFree() function.
@param[in] CryptoNid Identifying number for the ECC curve (Defined in
BaseCryptLib.h).
@retval EcGroup object On success
@retval NULL On failure
**/
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_EC_GROUP_INIT)(
IN UINTN CryptoNid
);
/**
Get EC curve parameters. While elliptic curve equation is Y^2 mod P = (X^3 + AX + B) Mod P.
This function will set the provided Big Number objects to the corresponding
values. The caller needs to make sure all the "out" BigNumber parameters
are properly initialized.
@param[in] EcGroup EC group object.
@param[out] BnPrime Group prime number.
@param[out] BnA A coefficient.
@param[out] BnB B coefficient.
@param[in] BnCtx BN context.
@retval TRUE On success.
@retval FALSE Otherwise.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GROUP_GET_CURVE)(
IN CONST VOID *EcGroup,
OUT VOID *BnPrime,
OUT VOID *BnA,
OUT VOID *BnB,
IN VOID *BnCtx
);
/**
Get EC group order.
This function will set the provided Big Number object to the corresponding
value. The caller needs to make sure that the "out" BigNumber parameter
is properly initialized.
@param[in] EcGroup EC group object
@param[out] BnOrder Group prime number
@retval TRUE On success.
@retval FALSE Otherwise.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GROUP_GET_ORDER)(
IN VOID *EcGroup,
OUT VOID *BnOrder
);
/**
Free previously allocated EC group object using EcGroupInit()
@param[in] EcGroup EC group object to free
**/
typedef
VOID
(EFIAPI *EDKII_CRYPTO_EC_GROUP_FREE)(
IN VOID *EcGroup
);
/**
Initialize new opaque EC Point object. This object represents an EC point
within the given EC group (curve).
@param[in] EC Group, properly initialized using EcGroupInit()
@retval EC Point object On success
@retval NULL On failure
**/
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_EC_POINT_INIT)(
IN CONST VOID *EcGroup
);
/**
Free previously allocated EC Point object using EcPointInit()
@param[in] EcPoint EC Point to free
@param[in] Clear TRUE iff the memory should be cleared
**/
typedef
VOID
(EFIAPI *EDKII_CRYPTO_EC_POINT_DE_INIT)(
IN VOID *EcPoint,
IN BOOLEAN Clear
);
/**
Get EC point affine (x,y) coordinates.
This function will set the provided Big Number objects to the corresponding
values. The caller needs to make sure all the "out" BigNumber parameters
are properly initialized.
@param[in] EcGroup EC group object
@param[in] EcPoint EC point object
@param[out] BnX X coordinate
@param[out] BnY Y coordinate
@param[in] BnCtx BN context, created with BigNumNewContext()
@retval TRUE On success.
@retval FALSE Otherwise.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_GET_AFFINE_COORDINATES)(
IN CONST VOID *EcGroup,
IN CONST VOID *EcPoint,
OUT VOID *BnX,
OUT VOID *BnY,
IN VOID *BnCtx
);
/**
Set EC point affine (x,y) coordinates.
@param[in] EcGroup EC group object
@param[in] EcPoint EC point object
@param[in] BnX X coordinate
@param[in] BnY Y coordinate
@param[in] BnCtx BN context, created with BigNumNewContext()
@retval TRUE On success.
@retval FALSE Otherwise.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_SET_AFFINE_COORDINATES)(
IN CONST VOID *EcGroup,
IN VOID *EcPoint,
IN CONST VOID *BnX,
IN CONST VOID *BnY,
IN VOID *BnCtx
);
/**
EC Point addition. EcPointResult = EcPointA + EcPointB
@param[in] EcGroup EC group object
@param[out] EcPointResult EC point to hold the result. The point should
be properly initialized.
@param[in] EcPointA EC Point
@param[in] EcPointB EC Point
@param[in] BnCtx BN context, created with BigNumNewContext()
@retval TRUE On success.
@retval FALSE Otherwise.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_ADD)(
IN CONST VOID *EcGroup,
OUT VOID *EcPointResult,
IN CONST VOID *EcPointA,
IN CONST VOID *EcPointB,
IN VOID *BnCtx
);
/**
Variable EC point multiplication. EcPointResult = EcPoint * BnPScalar
@param[in] EcGroup EC group object
@param[out] EcPointResult EC point to hold the result. The point should
be properly initialized.
@param[in] EcPoint EC Point
@param[in] BnPScalar P Scalar
@param[in] BnCtx BN context, created with BigNumNewContext()
@retval TRUE On success.
@retval FALSE Otherwise.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_MUL)(
IN CONST VOID *EcGroup,
OUT VOID *EcPointResult,
IN CONST VOID *EcPoint,
IN CONST VOID *BnPScalar,
IN VOID *BnCtx
);
/**
Calculate the inverse of the supplied EC point.
@param[in] EcGroup EC group object
@param[in,out] EcPoint EC point to invert
@param[in] BnCtx BN context, created with BigNumNewContext()
@retval TRUE On success.
@retval FALSE Otherwise.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_INVERT)(
IN CONST VOID *EcGroup,
IN OUT VOID *EcPoint,
IN VOID *BnCtx
);
/**
Check if the supplied point is on EC curve
@param[in] EcGroup EC group object
@param[in] EcPoint EC point to check
@param[in] BnCtx BN context, created with BigNumNewContext()
@retval TRUE On curve
@retval FALSE Otherwise
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_IS_ON_CURVE)(
IN CONST VOID *EcGroup,
IN CONST VOID *EcPoint,
IN VOID *BnCtx
);
/**
Check if the supplied point is at infinity
@param[in] EcGroup EC group object
@param[in] EcPoint EC point to check
@param[in] BnCtx BN context, created with BigNumNewContext()
@retval TRUE At infinity
@retval FALSE Otherwise
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_IS_AT_INFINITY)(
IN CONST VOID *EcGroup,
IN CONST VOID *EcPoint
);
/**
Check if EC points are equal
@param[in] EcGroup EC group object
@param[in] EcPointA EC point A
@param[in] EcPointB EC point B
@param[in] BnCtx BN context, created with BigNumNewContext()
@retval TRUE A == B
@retval FALSE Otherwise
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_EQUAL)(
IN CONST VOID *EcGroup,
IN CONST VOID *EcPointA,
IN CONST VOID *EcPointB,
IN VOID *BnCtx
);
/**
Set EC point compressed coordinates. Points can be described in terms of
their compressed coordinates. For a point (x, y), for any given value for x
such that the point is on the curve there will only ever be two possible
values for y. Therefore, a point can be set using this function where BnX is
the x coordinate and YBit is a value 0 or 1 to identify which of the two
possible values for y should be used.
@param[in] EcGroup EC group object
@param[in] EcPoint EC Point
@param[in] BnX X coordinate
@param[in] YBit 0 or 1 to identify which Y value is used
@param[in] BnCtx BN context, created with BigNumNewContext()
@retval TRUE On success.
@retval FALSE Otherwise.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_POINT_SET_COMPRESSED_COORDINATES)(
IN CONST VOID *EcGroup,
IN VOID *EcPoint,
IN CONST VOID *BnX,
IN UINT8 YBit,
IN VOID *BnCtx
);
/**
Allocates and Initializes one Elliptic Curve Context for subsequent use
with the NID.
@param[in] Nid cipher NID
@return Pointer to the Elliptic Curve Context that has been initialized.
If the allocations fails, EcNewByNid() returns NULL.
**/
typedef
VOID *
(EFIAPI *EDKII_CRYPTO_EC_NEW_BY_NID)(
IN UINTN Nid
);
/**
Release the specified EC context.
@param[in] EcContext Pointer to the EC context to be released.
**/
typedef
VOID
(EFIAPI *EDKII_CRYPTO_EC_FREE)(
IN VOID *EcContext
);
/**
Generates EC key and returns EC public key (X, Y), Please note, this function uses
pseudo random number generator. The caller must make sure RandomSeed()
function was properly called before.
The Ec context should be correctly initialized by EcNewByNid.
This function generates random secret, and computes the public key (X, Y), which is
returned via parameter Public, PublicSize.
X is the first half of Public with size being PublicSize / 2,
Y is the second half of Public with size being PublicSize / 2.
EC context is updated accordingly.
If the Public buffer is too small to hold the public X, Y, FALSE is returned and
PublicSize is set to the required buffer size to obtain the public X, Y.
For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y.
For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y.
For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is Y.
If EcContext is NULL, then return FALSE.
If PublicSize is NULL, then return FALSE.
If PublicSize is large enough but Public is NULL, then return FALSE.
@param[in, out] EcContext Pointer to the EC context.
@param[out] PublicKey Pointer to t buffer to receive generated public X,Y.
@param[in, out] PublicKeySize On input, the size of Public buffer in bytes.
On output, the size of data returned in Public buffer in bytes.
@retval TRUE EC public X,Y generation succeeded.
@retval FALSE EC public X,Y generation failed.
@retval FALSE PublicKeySize is not large enough.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GENERATE_KEY)(
IN OUT VOID *EcContext,
OUT UINT8 *PublicKey,
IN OUT UINTN *PublicKeySize
);
/**
Gets the public key component from the established EC context.
The Ec context should be correctly initialized by EcNewByNid, and successfully
generate key pair from EcGenerateKey().
For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte is Y.
For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte is Y.
For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte is Y.
@param[in, out] EcContext Pointer to EC context being set.
@param[out] PublicKey Pointer to t buffer to receive generated public X,Y.
@param[in, out] PublicKeySize On input, the size of Public buffer in bytes.
On output, the size of data returned in Public buffer in bytes.
@retval TRUE EC key component was retrieved successfully.
@retval FALSE Invalid EC key component.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_GET_PUB_KEY)(
IN OUT VOID *EcContext,
OUT UINT8 *PublicKey,
IN OUT UINTN *PublicKeySize
);
/**
Computes exchanged common key.
Given peer's public key (X, Y), this function computes the exchanged common key,
based on its own context including value of curve parameter and random secret.
X is the first half of PeerPublic with size being PeerPublicSize / 2,
Y is the second half of PeerPublic with size being PeerPublicSize / 2.
If EcContext is NULL, then return FALSE.
If PeerPublic is NULL, then return FALSE.
If PeerPublicSize is 0, then return FALSE.
If Key is NULL, then return FALSE.
If KeySize is not large enough, then return FALSE.
For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-byte is Y.
For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-byte is Y.
For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-byte is Y.
@param[in, out] EcContext Pointer to the EC context.
@param[in] PeerPublic Pointer to the peer's public X,Y.
@param[in] PeerPublicSize Size of peer's public X,Y in bytes.
@param[in] CompressFlag Flag of PeerPublic is compressed or not.
@param[out] Key Pointer to the buffer to receive generated key.
@param[in, out] KeySize On input, the size of Key buffer in bytes.
On output, the size of data returned in Key buffer in bytes.
@retval TRUE EC exchanged key generation succeeded.
@retval FALSE EC exchanged key generation failed.
@retval FALSE KeySize is not large enough.
**/
typedef
BOOLEAN
(EFIAPI *EDKII_CRYPTO_EC_DH_COMPUTE_KEY)(
IN OUT VOID *EcContext,
IN CONST UINT8 *PeerPublic,
IN UINTN PeerPublicSize,
IN CONST INT32 *CompressFlag,
OUT UINT8 *Key,
IN OUT UINTN *KeySize
);
///
/// EDK II Crypto Protocol
///
struct _EDKII_CRYPTO_PROTOCOL {
/// Version
EDKII_CRYPTO_GET_VERSION GetVersion;
EDKII_CRYPTO_GET_VERSION GetVersion;
/// HMAC MD5 - deprecated and unsupported
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_NEW DeprecatedHmacMd5New;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FREE DeprecatedHmacMd5Free;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_SET_KEY DeprecatedHmacMd5SetKey;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_DUPLICATE DeprecatedHmacMd5Duplicate;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_UPDATE DeprecatedHmacMd5Update;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FINAL DeprecatedHmacMd5Final;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_NEW DeprecatedHmacMd5New;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FREE DeprecatedHmacMd5Free;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_SET_KEY DeprecatedHmacMd5SetKey;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_DUPLICATE DeprecatedHmacMd5Duplicate;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_UPDATE DeprecatedHmacMd5Update;
DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FINAL DeprecatedHmacMd5Final;
/// HMAC SHA1 - deprecated and unsupported
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_NEW DeprecatedHmacSha1New;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FREE DeprecatedHmacSha1Free;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_SET_KEY DeprecatedHmacSha1SetKey;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_DUPLICATE DeprecatedHmacSha1Duplicate;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_UPDATE DeprecatedHmacSha1Update;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FINAL DeprecatedHmacSha1Final;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_NEW DeprecatedHmacSha1New;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FREE DeprecatedHmacSha1Free;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_SET_KEY DeprecatedHmacSha1SetKey;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_DUPLICATE DeprecatedHmacSha1Duplicate;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_UPDATE DeprecatedHmacSha1Update;
DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FINAL DeprecatedHmacSha1Final;
/// HMAC SHA256
EDKII_CRYPTO_HMAC_SHA256_NEW HmacSha256New;
EDKII_CRYPTO_HMAC_SHA256_FREE HmacSha256Free;
EDKII_CRYPTO_HMAC_SHA256_SET_KEY HmacSha256SetKey;
EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate;
EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update;
EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final;
EDKII_CRYPTO_HMAC_SHA256_NEW HmacSha256New;
EDKII_CRYPTO_HMAC_SHA256_FREE HmacSha256Free;
EDKII_CRYPTO_HMAC_SHA256_SET_KEY HmacSha256SetKey;
EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate;
EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update;
EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final;
/// Md4 - deprecated and unsupported
DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE DeprecatedMd4GetContextSize;
DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init;
DEPRECATED_EDKII_CRYPTO_MD4_DUPLICATE DeprecatedMd4Duplicate;
DEPRECATED_EDKII_CRYPTO_MD4_UPDATE DeprecatedMd4Update;
DEPRECATED_EDKII_CRYPTO_MD4_FINAL DeprecatedMd4Final;
DEPRECATED_EDKII_CRYPTO_MD4_HASH_ALL DeprecatedMd4HashAll;
DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE DeprecatedMd4GetContextSize;
DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init;
DEPRECATED_EDKII_CRYPTO_MD4_DUPLICATE DeprecatedMd4Duplicate;
DEPRECATED_EDKII_CRYPTO_MD4_UPDATE DeprecatedMd4Update;
DEPRECATED_EDKII_CRYPTO_MD4_FINAL DeprecatedMd4Final;
DEPRECATED_EDKII_CRYPTO_MD4_HASH_ALL DeprecatedMd4HashAll;
/// Md5
EDKII_CRYPTO_MD5_GET_CONTEXT_SIZE Md5GetContextSize;
EDKII_CRYPTO_MD5_INIT Md5Init;
EDKII_CRYPTO_MD5_DUPLICATE Md5Duplicate;
EDKII_CRYPTO_MD5_UPDATE Md5Update;
EDKII_CRYPTO_MD5_FINAL Md5Final;
EDKII_CRYPTO_MD5_HASH_ALL Md5HashAll;
EDKII_CRYPTO_MD5_GET_CONTEXT_SIZE Md5GetContextSize;
EDKII_CRYPTO_MD5_INIT Md5Init;
EDKII_CRYPTO_MD5_DUPLICATE Md5Duplicate;
EDKII_CRYPTO_MD5_UPDATE Md5Update;
EDKII_CRYPTO_MD5_FINAL Md5Final;
EDKII_CRYPTO_MD5_HASH_ALL Md5HashAll;
/// Pkcs
EDKII_CRYPTO_PKCS1_ENCRYPT_V2 Pkcs1v2Encrypt;
EDKII_CRYPTO_PKCS5_PW_HASH Pkcs5HashPassword;
EDKII_CRYPTO_PKCS7_VERIFY Pkcs7Verify;
EDKII_CRYPTO_PKCS7_VERIFY_EKU VerifyEKUsInPkcs7Signature;
EDKII_CRYPTO_PKCS7_GET_SIGNERS Pkcs7GetSigners;
EDKII_CRYPTO_PKCS7_FREE_SIGNERS Pkcs7FreeSigners;
EDKII_CRYPTO_PKCS7_SIGN Pkcs7Sign;
EDKII_CRYPTO_PKCS7_GET_ATTACHED_CONTENT Pkcs7GetAttachedContent;
EDKII_CRYPTO_PKCS7_GET_CERTIFICATES_LIST Pkcs7GetCertificatesList;
EDKII_CRYPTO_AUTHENTICODE_VERIFY AuthenticodeVerify;
EDKII_CRYPTO_IMAGE_TIMESTAMP_VERIFY ImageTimestampVerify;
EDKII_CRYPTO_PKCS1_ENCRYPT_V2 Pkcs1v2Encrypt;
EDKII_CRYPTO_PKCS5_PW_HASH Pkcs5HashPassword;
EDKII_CRYPTO_PKCS7_VERIFY Pkcs7Verify;
EDKII_CRYPTO_PKCS7_VERIFY_EKU VerifyEKUsInPkcs7Signature;
EDKII_CRYPTO_PKCS7_GET_SIGNERS Pkcs7GetSigners;
EDKII_CRYPTO_PKCS7_FREE_SIGNERS Pkcs7FreeSigners;
EDKII_CRYPTO_PKCS7_SIGN Pkcs7Sign;
EDKII_CRYPTO_PKCS7_GET_ATTACHED_CONTENT Pkcs7GetAttachedContent;
EDKII_CRYPTO_PKCS7_GET_CERTIFICATES_LIST Pkcs7GetCertificatesList;
EDKII_CRYPTO_AUTHENTICODE_VERIFY AuthenticodeVerify;
EDKII_CRYPTO_IMAGE_TIMESTAMP_VERIFY ImageTimestampVerify;
/// DH
EDKII_CRYPTO_DH_NEW DhNew;
EDKII_CRYPTO_DH_FREE DhFree;
EDKII_CRYPTO_DH_GENERATE_PARAMETER DhGenerateParameter;
EDKII_CRYPTO_DH_SET_PARAMETER DhSetParameter;
EDKII_CRYPTO_DH_GENERATE_KEY DhGenerateKey;
EDKII_CRYPTO_DH_COMPUTE_KEY DhComputeKey;
EDKII_CRYPTO_DH_NEW DhNew;
EDKII_CRYPTO_DH_FREE DhFree;
EDKII_CRYPTO_DH_GENERATE_PARAMETER DhGenerateParameter;
EDKII_CRYPTO_DH_SET_PARAMETER DhSetParameter;
EDKII_CRYPTO_DH_GENERATE_KEY DhGenerateKey;
EDKII_CRYPTO_DH_COMPUTE_KEY DhComputeKey;
/// Random
EDKII_CRYPTO_RANDOM_SEED RandomSeed;
EDKII_CRYPTO_RANDOM_BYTES RandomBytes;
EDKII_CRYPTO_RANDOM_SEED RandomSeed;
EDKII_CRYPTO_RANDOM_BYTES RandomBytes;
/// RSA
EDKII_CRYPTO_RSA_VERIFY_PKCS1 RsaVerifyPkcs1;
EDKII_CRYPTO_RSA_NEW RsaNew;
EDKII_CRYPTO_RSA_FREE RsaFree;
EDKII_CRYPTO_RSA_SET_KEY RsaSetKey;
EDKII_CRYPTO_RSA_GET_KEY RsaGetKey;
EDKII_CRYPTO_RSA_GENERATE_KEY RsaGenerateKey;
EDKII_CRYPTO_RSA_CHECK_KEY RsaCheckKey;
EDKII_CRYPTO_RSA_PKCS1_SIGN RsaPkcs1Sign;
EDKII_CRYPTO_RSA_PKCS1_VERIFY RsaPkcs1Verify;
EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM RsaGetPrivateKeyFromPem;
EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509 RsaGetPublicKeyFromX509;
EDKII_CRYPTO_RSA_VERIFY_PKCS1 RsaVerifyPkcs1;
EDKII_CRYPTO_RSA_NEW RsaNew;
EDKII_CRYPTO_RSA_FREE RsaFree;
EDKII_CRYPTO_RSA_SET_KEY RsaSetKey;
EDKII_CRYPTO_RSA_GET_KEY RsaGetKey;
EDKII_CRYPTO_RSA_GENERATE_KEY RsaGenerateKey;
EDKII_CRYPTO_RSA_CHECK_KEY RsaCheckKey;
EDKII_CRYPTO_RSA_PKCS1_SIGN RsaPkcs1Sign;
EDKII_CRYPTO_RSA_PKCS1_VERIFY RsaPkcs1Verify;
EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM RsaGetPrivateKeyFromPem;
EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509 RsaGetPublicKeyFromX509;
/// Sha1
EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE Sha1GetContextSize;
EDKII_CRYPTO_SHA1_INIT Sha1Init;
EDKII_CRYPTO_SHA1_DUPLICATE Sha1Duplicate;
EDKII_CRYPTO_SHA1_UPDATE Sha1Update;
EDKII_CRYPTO_SHA1_FINAL Sha1Final;
EDKII_CRYPTO_SHA1_HASH_ALL Sha1HashAll;
EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE Sha1GetContextSize;
EDKII_CRYPTO_SHA1_INIT Sha1Init;
EDKII_CRYPTO_SHA1_DUPLICATE Sha1Duplicate;
EDKII_CRYPTO_SHA1_UPDATE Sha1Update;
EDKII_CRYPTO_SHA1_FINAL Sha1Final;
EDKII_CRYPTO_SHA1_HASH_ALL Sha1HashAll;
/// Sha256
EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE Sha256GetContextSize;
EDKII_CRYPTO_SHA256_INIT Sha256Init;
EDKII_CRYPTO_SHA256_DUPLICATE Sha256Duplicate;
EDKII_CRYPTO_SHA256_UPDATE Sha256Update;
EDKII_CRYPTO_SHA256_FINAL Sha256Final;
EDKII_CRYPTO_SHA256_HASH_ALL Sha256HashAll;
EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE Sha256GetContextSize;
EDKII_CRYPTO_SHA256_INIT Sha256Init;
EDKII_CRYPTO_SHA256_DUPLICATE Sha256Duplicate;
EDKII_CRYPTO_SHA256_UPDATE Sha256Update;
EDKII_CRYPTO_SHA256_FINAL Sha256Final;
EDKII_CRYPTO_SHA256_HASH_ALL Sha256HashAll;
/// Sha384
EDKII_CRYPTO_SHA384_GET_CONTEXT_SIZE Sha384GetContextSize;
EDKII_CRYPTO_SHA384_INIT Sha384Init;
EDKII_CRYPTO_SHA384_DUPLICATE Sha384Duplicate;
EDKII_CRYPTO_SHA384_UPDATE Sha384Update;
EDKII_CRYPTO_SHA384_FINAL Sha384Final;
EDKII_CRYPTO_SHA384_HASH_ALL Sha384HashAll;
EDKII_CRYPTO_SHA384_GET_CONTEXT_SIZE Sha384GetContextSize;
EDKII_CRYPTO_SHA384_INIT Sha384Init;
EDKII_CRYPTO_SHA384_DUPLICATE Sha384Duplicate;
EDKII_CRYPTO_SHA384_UPDATE Sha384Update;
EDKII_CRYPTO_SHA384_FINAL Sha384Final;
EDKII_CRYPTO_SHA384_HASH_ALL Sha384HashAll;
/// Sha512
EDKII_CRYPTO_SHA512_GET_CONTEXT_SIZE Sha512GetContextSize;
EDKII_CRYPTO_SHA512_INIT Sha512Init;
EDKII_CRYPTO_SHA512_DUPLICATE Sha512Duplicate;
EDKII_CRYPTO_SHA512_UPDATE Sha512Update;
EDKII_CRYPTO_SHA512_FINAL Sha512Final;
EDKII_CRYPTO_SHA512_HASH_ALL Sha512HashAll;
EDKII_CRYPTO_SHA512_GET_CONTEXT_SIZE Sha512GetContextSize;
EDKII_CRYPTO_SHA512_INIT Sha512Init;
EDKII_CRYPTO_SHA512_DUPLICATE Sha512Duplicate;
EDKII_CRYPTO_SHA512_UPDATE Sha512Update;
EDKII_CRYPTO_SHA512_FINAL Sha512Final;
EDKII_CRYPTO_SHA512_HASH_ALL Sha512HashAll;
/// X509
EDKII_CRYPTO_X509_GET_SUBJECT_NAME X509GetSubjectName;
EDKII_CRYPTO_X509_GET_COMMON_NAME X509GetCommonName;
EDKII_CRYPTO_X509_GET_ORGANIZATION_NAME X509GetOrganizationName;
EDKII_CRYPTO_X509_VERIFY_CERT X509VerifyCert;
EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE X509ConstructCertificate;
EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK X509ConstructCertificateStack;
EDKII_CRYPTO_X509_FREE X509Free;
EDKII_CRYPTO_X509_STACK_FREE X509StackFree;
EDKII_CRYPTO_X509_GET_TBS_CERT X509GetTBSCert;
EDKII_CRYPTO_X509_GET_SUBJECT_NAME X509GetSubjectName;
EDKII_CRYPTO_X509_GET_COMMON_NAME X509GetCommonName;
EDKII_CRYPTO_X509_GET_ORGANIZATION_NAME X509GetOrganizationName;
EDKII_CRYPTO_X509_VERIFY_CERT X509VerifyCert;
EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE X509ConstructCertificate;
EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK X509ConstructCertificateStack;
EDKII_CRYPTO_X509_FREE X509Free;
EDKII_CRYPTO_X509_STACK_FREE X509StackFree;
EDKII_CRYPTO_X509_GET_TBS_CERT X509GetTBSCert;
/// TDES - deprecated and unsupported
DEPRECATED_EDKII_CRYPTO_TDES_GET_CONTEXT_SIZE DeprecatedTdesGetContextSize;
DEPRECATED_EDKII_CRYPTO_TDES_INIT DeprecatedTdesInit;
DEPRECATED_EDKII_CRYPTO_TDES_ECB_ENCRYPT DeprecatedTdesEcbEncrypt;
DEPRECATED_EDKII_CRYPTO_TDES_ECB_DECRYPT DeprecatedTdesEcbDecrypt;
DEPRECATED_EDKII_CRYPTO_TDES_CBC_ENCRYPT DeprecatedTdesCbcEncrypt;
DEPRECATED_EDKII_CRYPTO_TDES_CBC_DECRYPT DeprecatedTdesCbcDecrypt;
DEPRECATED_EDKII_CRYPTO_TDES_GET_CONTEXT_SIZE DeprecatedTdesGetContextSize;
DEPRECATED_EDKII_CRYPTO_TDES_INIT DeprecatedTdesInit;
DEPRECATED_EDKII_CRYPTO_TDES_ECB_ENCRYPT DeprecatedTdesEcbEncrypt;
DEPRECATED_EDKII_CRYPTO_TDES_ECB_DECRYPT DeprecatedTdesEcbDecrypt;
DEPRECATED_EDKII_CRYPTO_TDES_CBC_ENCRYPT DeprecatedTdesCbcEncrypt;
DEPRECATED_EDKII_CRYPTO_TDES_CBC_DECRYPT DeprecatedTdesCbcDecrypt;
/// AES - ECB Mode is deprecated and unsupported
EDKII_CRYPTO_AES_GET_CONTEXT_SIZE AesGetContextSize;
EDKII_CRYPTO_AES_INIT AesInit;
DEPRECATED_EDKII_CRYPTO_AES_ECB_ENCRYPT DeprecatedAesEcbEncrypt;
DEPRECATED_EDKII_CRYPTO_AES_ECB_DECRYPT DeprecatedAesEcbDecrypt;
EDKII_CRYPTO_AES_CBC_ENCRYPT AesCbcEncrypt;
EDKII_CRYPTO_AES_CBC_DECRYPT AesCbcDecrypt;
EDKII_CRYPTO_AES_GET_CONTEXT_SIZE AesGetContextSize;
EDKII_CRYPTO_AES_INIT AesInit;
DEPRECATED_EDKII_CRYPTO_AES_ECB_ENCRYPT DeprecatedAesEcbEncrypt;
DEPRECATED_EDKII_CRYPTO_AES_ECB_DECRYPT DeprecatedAesEcbDecrypt;
EDKII_CRYPTO_AES_CBC_ENCRYPT AesCbcEncrypt;
EDKII_CRYPTO_AES_CBC_DECRYPT AesCbcDecrypt;
/// Arc4 - deprecated and unsupported
DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE DeprecatedArc4GetContextSize;
DEPRECATED_EDKII_CRYPTO_ARC4_INIT DeprecatedArc4Init;
DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT DeprecatedArc4Encrypt;
DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT DeprecatedArc4Decrypt;
DEPRECATED_EDKII_CRYPTO_ARC4_RESET DeprecatedArc4Reset;
DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE DeprecatedArc4GetContextSize;
DEPRECATED_EDKII_CRYPTO_ARC4_INIT DeprecatedArc4Init;
DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT DeprecatedArc4Encrypt;
DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT DeprecatedArc4Decrypt;
DEPRECATED_EDKII_CRYPTO_ARC4_RESET DeprecatedArc4Reset;
/// SM3
EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE Sm3GetContextSize;
EDKII_CRYPTO_SM3_INIT Sm3Init;
EDKII_CRYPTO_SM3_DUPLICATE Sm3Duplicate;
EDKII_CRYPTO_SM3_UPDATE Sm3Update;
EDKII_CRYPTO_SM3_FINAL Sm3Final;
EDKII_CRYPTO_SM3_HASH_ALL Sm3HashAll;
EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE Sm3GetContextSize;
EDKII_CRYPTO_SM3_INIT Sm3Init;
EDKII_CRYPTO_SM3_DUPLICATE Sm3Duplicate;
EDKII_CRYPTO_SM3_UPDATE Sm3Update;
EDKII_CRYPTO_SM3_FINAL Sm3Final;
EDKII_CRYPTO_SM3_HASH_ALL Sm3HashAll;
/// HKDF
EDKII_CRYPTO_HKDF_SHA_256_EXTRACT_AND_EXPAND HkdfSha256ExtractAndExpand;
EDKII_CRYPTO_HKDF_SHA_256_EXTRACT_AND_EXPAND HkdfSha256ExtractAndExpand;
/// X509 (Continued)
EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK_V X509ConstructCertificateStackV;
EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK_V X509ConstructCertificateStackV;
/// TLS
EDKII_CRYPTO_TLS_INITIALIZE TlsInitialize;
EDKII_CRYPTO_TLS_CTX_FREE TlsCtxFree;
EDKII_CRYPTO_TLS_CTX_NEW TlsCtxNew;
EDKII_CRYPTO_TLS_FREE TlsFree;
EDKII_CRYPTO_TLS_NEW TlsNew;
EDKII_CRYPTO_TLS_IN_HANDSHAKE TlsInHandshake;
EDKII_CRYPTO_TLS_DO_HANDSHAKE TlsDoHandshake;
EDKII_CRYPTO_TLS_HANDLE_ALERT TlsHandleAlert;
EDKII_CRYPTO_TLS_CLOSE_NOTIFY TlsCloseNotify;
EDKII_CRYPTO_TLS_CTRL_TRAFFIC_OUT TlsCtrlTrafficOut;
EDKII_CRYPTO_TLS_CTRL_TRAFFIC_IN TlsCtrlTrafficIn;
EDKII_CRYPTO_TLS_READ TlsRead;
EDKII_CRYPTO_TLS_WRITE TlsWrite;
EDKII_CRYPTO_TLS_INITIALIZE TlsInitialize;
EDKII_CRYPTO_TLS_CTX_FREE TlsCtxFree;
EDKII_CRYPTO_TLS_CTX_NEW TlsCtxNew;
EDKII_CRYPTO_TLS_FREE TlsFree;
EDKII_CRYPTO_TLS_NEW TlsNew;
EDKII_CRYPTO_TLS_IN_HANDSHAKE TlsInHandshake;
EDKII_CRYPTO_TLS_DO_HANDSHAKE TlsDoHandshake;
EDKII_CRYPTO_TLS_HANDLE_ALERT TlsHandleAlert;
EDKII_CRYPTO_TLS_CLOSE_NOTIFY TlsCloseNotify;
EDKII_CRYPTO_TLS_CTRL_TRAFFIC_OUT TlsCtrlTrafficOut;
EDKII_CRYPTO_TLS_CTRL_TRAFFIC_IN TlsCtrlTrafficIn;
EDKII_CRYPTO_TLS_READ TlsRead;
EDKII_CRYPTO_TLS_WRITE TlsWrite;
/// TLS Set
EDKII_CRYPTO_TLS_SET_VERSION TlsSetVersion;
EDKII_CRYPTO_TLS_SET_CONNECTION_END TlsSetConnectionEnd;
EDKII_CRYPTO_TLS_SET_CIPHER_LIST TlsSetCipherList;
EDKII_CRYPTO_TLS_SET_COMPRESSION_METHOD TlsSetCompressionMethod;
EDKII_CRYPTO_TLS_SET_VERIFY TlsSetVerify;
EDKII_CRYPTO_TLS_SET_VERIFY_HOST TlsSetVerifyHost;
EDKII_CRYPTO_TLS_SET_SESSIONID TlsSetSessionId;
EDKII_CRYPTO_TLS_SET_CA_CERTIFICATE TlsSetCaCertificate;
EDKII_CRYPTO_TLS_SET_HOST_PUBLIC_CERT TlsSetHostPublicCert;
EDKII_CRYPTO_TLS_SET_HOST_PRIVATE_KEY TlsSetHostPrivateKey;
EDKII_CRYPTO_TLS_SET_CERT_REVOCATION_LIST TlsSetCertRevocationList;
EDKII_CRYPTO_TLS_SET_VERSION TlsSetVersion;
EDKII_CRYPTO_TLS_SET_CONNECTION_END TlsSetConnectionEnd;
EDKII_CRYPTO_TLS_SET_CIPHER_LIST TlsSetCipherList;
EDKII_CRYPTO_TLS_SET_COMPRESSION_METHOD TlsSetCompressionMethod;
EDKII_CRYPTO_TLS_SET_VERIFY TlsSetVerify;
EDKII_CRYPTO_TLS_SET_VERIFY_HOST TlsSetVerifyHost;
EDKII_CRYPTO_TLS_SET_SESSIONID TlsSetSessionId;
EDKII_CRYPTO_TLS_SET_CA_CERTIFICATE TlsSetCaCertificate;
EDKII_CRYPTO_TLS_SET_HOST_PUBLIC_CERT TlsSetHostPublicCert;
EDKII_CRYPTO_TLS_SET_HOST_PRIVATE_KEY TlsSetHostPrivateKey;
EDKII_CRYPTO_TLS_SET_CERT_REVOCATION_LIST TlsSetCertRevocationList;
/// TLS Get
EDKII_CRYPTO_TLS_GET_VERSION TlsGetVersion;
EDKII_CRYPTO_TLS_GET_CONNECTION_END TlsGetConnectionEnd;
EDKII_CRYPTO_TLS_GET_CURRENT_CIPHER TlsGetCurrentCipher;
EDKII_CRYPTO_TLS_GET_CURRENT_COMPRESSION_ID TlsGetCurrentCompressionId;
EDKII_CRYPTO_TLS_GET_VERIFY TlsGetVerify;
EDKII_CRYPTO_TLS_GET_SESSION_ID TlsGetSessionId;
EDKII_CRYPTO_TLS_GET_CLIENT_RANDOM TlsGetClientRandom;
EDKII_CRYPTO_TLS_GET_SERVER_RANDOM TlsGetServerRandom;
EDKII_CRYPTO_TLS_GET_KEY_MATERIAL TlsGetKeyMaterial;
EDKII_CRYPTO_TLS_GET_CA_CERTIFICATE TlsGetCaCertificate;
EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocationList;
EDKII_CRYPTO_TLS_GET_VERSION TlsGetVersion;
EDKII_CRYPTO_TLS_GET_CONNECTION_END TlsGetConnectionEnd;
EDKII_CRYPTO_TLS_GET_CURRENT_CIPHER TlsGetCurrentCipher;
EDKII_CRYPTO_TLS_GET_CURRENT_COMPRESSION_ID TlsGetCurrentCompressionId;
EDKII_CRYPTO_TLS_GET_VERIFY TlsGetVerify;
EDKII_CRYPTO_TLS_GET_SESSION_ID TlsGetSessionId;
EDKII_CRYPTO_TLS_GET_CLIENT_RANDOM TlsGetClientRandom;
EDKII_CRYPTO_TLS_GET_SERVER_RANDOM TlsGetServerRandom;
EDKII_CRYPTO_TLS_GET_KEY_MATERIAL TlsGetKeyMaterial;
EDKII_CRYPTO_TLS_GET_CA_CERTIFICATE TlsGetCaCertificate;
EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;
EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;
EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocationList;
/// RSA PSS
EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;
EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;
/// Parallel hash
EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAll;
/// HMAC SHA256 (continued)
EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All;
EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All;
/// HMAC SHA384
EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New;
EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free;
EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey;
EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate;
EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update;
EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final;
EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All;
EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New;
EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free;
EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey;
EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate;
EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update;
EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final;
EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All;
/// HKDF (continued)
EDKII_CRYPTO_HKDF_SHA_256_EXTRACT HkdfSha256Extract;
EDKII_CRYPTO_HKDF_SHA_256_EXPAND HkdfSha256Expand;
EDKII_CRYPTO_HKDF_SHA_384_EXTRACT_AND_EXPAND HkdfSha384ExtractAndExpand;
EDKII_CRYPTO_HKDF_SHA_384_EXTRACT HkdfSha384Extract;
EDKII_CRYPTO_HKDF_SHA_384_EXPAND HkdfSha384Expand;
EDKII_CRYPTO_HKDF_SHA_256_EXTRACT HkdfSha256Extract;
EDKII_CRYPTO_HKDF_SHA_256_EXPAND HkdfSha256Expand;
EDKII_CRYPTO_HKDF_SHA_384_EXTRACT_AND_EXPAND HkdfSha384ExtractAndExpand;
EDKII_CRYPTO_HKDF_SHA_384_EXTRACT HkdfSha384Extract;
EDKII_CRYPTO_HKDF_SHA_384_EXPAND HkdfSha384Expand;
/// AEAD AES-GCM
EDKII_AEAD_AES_GCM_ENCRYPT AeadAesGcmEncrypt;
EDKII_AEAD_AES_GCM_DECRYPT AeadAesGcmDecrypt;
EDKII_AEAD_AES_GCM_ENCRYPT AeadAesGcmEncrypt;
EDKII_AEAD_AES_GCM_DECRYPT AeadAesGcmDecrypt;
/// BIGNUM
EDKII_CRYPTO_BIGNUM_INIT BigNumInit;
EDKII_CRYPTO_BIGNUM_FROM_BIN BigNumFromBin;
EDKII_CRYPTO_BIGNUM_TO_BIN BigNumToBin;
EDKII_CRYPTO_BIGNUM_FREE BigNumFree;
EDKII_CRYPTO_BIGNUM_ADD BigNumAdd;
EDKII_CRYPTO_BIGNUM_SUB BigNumSub;
EDKII_CRYPTO_BIGNUM_MOD BigNumMod;
EDKII_CRYPTO_BIGNUM_EXP_MOD BigNumExpMod;
EDKII_CRYPTO_BIGNUM_INVERSE_MOD BigNumInverseMod;
EDKII_CRYPTO_BIGNUM_DIV BigNumDiv;
EDKII_CRYPTO_BIGNUM_MUL_MOD BigNumMulMod;
EDKII_CRYPTO_BIGNUM_CMP BigNumCmp;
EDKII_CRYPTO_BIGNUM_BITS BigNumBits;
EDKII_CRYPTO_BIGNUM_BYTES BigNumBytes;
EDKII_CRYPTO_BIGNUM_IS_WORD BigNumIsWord;
EDKII_CRYPTO_BIGNUM_IS_ODD BigNumIsOdd;
EDKII_CRYPTO_BIGNUM_COPY BigNumCopy;
EDKII_CRYPTO_BIGNUM_VALUE_ONE BigNumValueOne;
EDKII_CRYPTO_BIGNUM_R_SHIFT BigNumRShift;
EDKII_CRYPTO_BIGNUM_CONST_TIME BigNumConstTime;
EDKII_CRYPTO_BIGNUM_SQR_MOD BigNumSqrMod;
EDKII_CRYPTO_BIGNUM_NEW_CONTEXT BigNumNewContext;
EDKII_CRYPTO_BIGNUM_CONTEXT_FREE BigNumContextFree;
EDKII_CRYPTO_BIGNUM_SET_UINT BigNumSetUint;
EDKII_CRYPTO_BIGNUM_ADD_MOD BigNumAddMod;
EDKII_CRYPTO_BIGNUM_INIT BigNumInit;
EDKII_CRYPTO_BIGNUM_FROM_BIN BigNumFromBin;
EDKII_CRYPTO_BIGNUM_TO_BIN BigNumToBin;
EDKII_CRYPTO_BIGNUM_FREE BigNumFree;
EDKII_CRYPTO_BIGNUM_ADD BigNumAdd;
EDKII_CRYPTO_BIGNUM_SUB BigNumSub;
EDKII_CRYPTO_BIGNUM_MOD BigNumMod;
EDKII_CRYPTO_BIGNUM_EXP_MOD BigNumExpMod;
EDKII_CRYPTO_BIGNUM_INVERSE_MOD BigNumInverseMod;
EDKII_CRYPTO_BIGNUM_DIV BigNumDiv;
EDKII_CRYPTO_BIGNUM_MUL_MOD BigNumMulMod;
EDKII_CRYPTO_BIGNUM_CMP BigNumCmp;
EDKII_CRYPTO_BIGNUM_BITS BigNumBits;
EDKII_CRYPTO_BIGNUM_BYTES BigNumBytes;
EDKII_CRYPTO_BIGNUM_IS_WORD BigNumIsWord;
EDKII_CRYPTO_BIGNUM_IS_ODD BigNumIsOdd;
EDKII_CRYPTO_BIGNUM_COPY BigNumCopy;
EDKII_CRYPTO_BIGNUM_VALUE_ONE BigNumValueOne;
EDKII_CRYPTO_BIGNUM_R_SHIFT BigNumRShift;
EDKII_CRYPTO_BIGNUM_CONST_TIME BigNumConstTime;
EDKII_CRYPTO_BIGNUM_SQR_MOD BigNumSqrMod;
EDKII_CRYPTO_BIGNUM_NEW_CONTEXT BigNumNewContext;
EDKII_CRYPTO_BIGNUM_CONTEXT_FREE BigNumContextFree;
EDKII_CRYPTO_BIGNUM_SET_UINT BigNumSetUint;
EDKII_CRYPTO_BIGNUM_ADD_MOD BigNumAddMod;
/// EC
EDKII_CRYPTO_EC_GROUP_INIT EcGroupInit;
EDKII_CRYPTO_EC_GROUP_GET_CURVE EcGroupGetCurve;
EDKII_CRYPTO_EC_GROUP_GET_ORDER EcGroupGetOrder;
EDKII_CRYPTO_EC_GROUP_FREE EcGroupFree;
EDKII_CRYPTO_EC_POINT_INIT EcPointInit;
EDKII_CRYPTO_EC_POINT_DE_INIT EcPointDeInit;
EDKII_CRYPTO_EC_POINT_GET_AFFINE_COORDINATES EcPointGetAffineCoordinates;
EDKII_CRYPTO_EC_POINT_SET_AFFINE_COORDINATES EcPointSetAffineCoordinates;
EDKII_CRYPTO_EC_POINT_ADD EcPointAdd;
EDKII_CRYPTO_EC_POINT_MUL EcPointMul;
EDKII_CRYPTO_EC_POINT_INVERT EcPointInvert;
EDKII_CRYPTO_EC_POINT_IS_ON_CURVE EcPointIsOnCurve;
EDKII_CRYPTO_EC_POINT_IS_AT_INFINITY EcPointIsAtInfinity;
EDKII_CRYPTO_EC_POINT_EQUAL EcPointEqual;
EDKII_CRYPTO_EC_POINT_SET_COMPRESSED_COORDINATES EcPointSetCompressedCoordinates;
EDKII_CRYPTO_EC_NEW_BY_NID EcNewByNid;
EDKII_CRYPTO_EC_FREE EcFree;
EDKII_CRYPTO_EC_GENERATE_KEY EcGenerateKey;
EDKII_CRYPTO_EC_GET_PUB_KEY EcGetPubKey;
EDKII_CRYPTO_EC_DH_COMPUTE_KEY EcDhComputeKey;
};
extern GUID gEdkiiCryptoProtocolGuid;