[PATCH 3/4] CryptoPkg: add new X509 function to Crypto Service.


Qi Zhang
 

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4082

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Xiaoyu Lu <xiaoyu1.lu@...>
Cc: Guomin Jiang <guomin.jiang@...>
Signed-off-by: Qi Zhang <qi1.zhang@...>
---
CryptoPkg/Driver/Crypto.c | 430 ++++++++++
.../Pcd/PcdCryptoServiceFamilyEnable.h | 34 +-
.../BaseCryptLibOnProtocolPpi/CryptLib.c | 415 +++++++++
CryptoPkg/Private/Protocol/Crypto.h | 790 +++++++++++++-----
4 files changed, 1459 insertions(+), 210 deletions(-)

diff --git a/CryptoPkg/Driver/Crypto.c b/CryptoPkg/Driver/Crypto.c
index 9872b5bf70..343d73b9db 100644
--- a/CryptoPkg/Driver/Crypto.c
+++ b/CryptoPkg/Driver/Crypto.c
@@ -3086,6 +3086,421 @@ CryptoServiceX509GetTBSCert (
return CALL_BASECRYPTLIB (X509.Services.GetTBSCert, X509GetTBSCert, (Cer=
t, CertSize, TBSCert, TBSCertSize), FALSE);=0D
}=0D
=0D
+/**=0D
+ Retrieve the version from one X.509 certificate.=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertSize is 0, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] Version Pointer to the retrieved version integer.=0D
+=0D
+ @retval TRUE The certificate version retrieved successfully.=0D
+ @retval FALSE If Cert is NULL or CertSize is Zero.=0D
+ @retval FALSE The operation is not supported.=0D
+=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetVersion (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINTN *Version=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetVersion, X509GetVersion, (Cer=
t, CertSize, Version), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the serialNumber from one X.509 certificate.=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertSize is 0, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] SerialNumber Pointer to the retrieved certificate Seria=
lNumber bytes.=0D
+ @param[in, out] SerialNumberSize The size in bytes of the SerialNumber =
buffer on input,=0D
+ and the size of buffer returned SerialNumbe=
r on output.=0D
+=0D
+ @retval TRUE The certificate serialNumber retrieved =
successfully.=0D
+ @retval FALSE If Cert is NULL or CertSize is Zero.=0D
+ If SerialNumberSize is NULL.=0D
+ If Certificate is invalid.=0D
+ @retval FALSE If no SerialNumber exists.=0D
+ @retval FALSE If the SerialNumber is NULL. The requir=
ed buffer size=0D
+ (including the final null) is returned =
in the=0D
+ SerialNumberSize parameter.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetSerialNumber (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *SerialNumber, OPTIONAL=0D
+ IN OUT UINTN *SerialNumberSize=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetSerialNumber, X509GetSerialNu=
mber, (Cert, CertSize, SerialNumber, SerialNumberSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the issuer bytes from one X.509 certificate.=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertIssuerSize is NULL, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] CertIssuer Pointer to the retrieved certificate subject=
bytes.=0D
+ @param[in, out] CertIssuerSize The size in bytes of the CertIssuer buff=
er on input,=0D
+ and the size of buffer returned CertSubject=
on output.=0D
+=0D
+ @retval TRUE The certificate issuer retrieved successfully.=0D
+ @retval FALSE Invalid certificate, or the CertIssuerSize is too small =
for the result.=0D
+ The CertIssuerSize will be updated with the required siz=
e.=0D
+ @retval FALSE This interface is not supported.=0D
+=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetIssuerName (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *CertIssuer,=0D
+ IN OUT UINTN *CertIssuerSize=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetIssuerName, X509GetIssuerName=
, (Cert, CertSize, CertIssuer, CertIssuerSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the Signature Algorithm from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[out] Oid Signature Algorithm Object identifier b=
uffer.=0D
+ @param[in,out] OidSize Signature Algorithm Object identifier b=
uffer size=0D
+=0D
+ @retval TRUE The certificate Extension data retrieve=
d successfully.=0D
+ @retval FALSE If Cert is NULL.=0D
+ If OidSize is NULL.=0D
+ If Oid is not NULL and *OidSize is 0.=0D
+ If Certificate is invalid.=0D
+ @retval FALSE If no SignatureType.=0D
+ @retval FALSE If the Oid is NULL. The required buffer=
size=0D
+ is returned in the OidSize.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetSignatureAlgorithm (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *Oid, OPTIONAL=0D
+ IN OUT UINTN *OidSize=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetSignatureAlgorithm, X509GetSi=
gnatureAlgorithm, (Cert, CertSize, Oid, OidSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve Extension data from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[in] Oid Object identifier buffer=0D
+ @param[in] OidSize Object identifier buffer size=0D
+ @param[out] ExtensionData Extension bytes.=0D
+ @param[in, out] ExtensionDataSize Extension bytes size.=0D
+=0D
+ @retval TRUE The certificate Extension data retrieve=
d successfully.=0D
+ @retval FALSE If Cert is NULL.=0D
+ If ExtensionDataSize is NULL.=0D
+ If ExtensionData is not NULL and *Exten=
sionDataSize is 0.=0D
+ If Certificate is invalid.=0D
+ @retval FALSE If no Extension entry match Oid.=0D
+ @retval FALSE If the ExtensionData is NULL. The requi=
red buffer size=0D
+ is returned in the ExtensionDataSize pa=
rameter.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetExtensionData (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ IN CONST UINT8 *Oid,=0D
+ IN UINTN OidSize,=0D
+ OUT UINT8 *ExtensionData,=0D
+ IN OUT UINTN *ExtensionDataSize=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetExtensionData, X509GetExtensi=
onData, (Cert, CertSize, Oid, OidSize, ExtensionData, ExtensionDataSize), F=
ALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the Extended Key Usage from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[out] Usage Key Usage bytes.=0D
+ @param[in, out] UsageSize Key Usage buffer sizs in bytes.=0D
+=0D
+ @retval TRUE The Usage bytes retrieve successfully.=
=0D
+ @retval FALSE If Cert is NULL.=0D
+ If CertSize is NULL.=0D
+ If Usage is not NULL and *UsageSize is =
0.=0D
+ If Cert is invalid.=0D
+ @retval FALSE If the Usage is NULL. The required buff=
er size=0D
+ is returned in the UsageSize parameter.=
=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetExtendedKeyUsage (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *Usage,=0D
+ IN OUT UINTN *UsageSize=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetExtendedKeyUsage, X509GetExte=
ndedKeyUsage, (Cert, CertSize, Usage, UsageSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the Validity from one X.509 certificate=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertIssuerSize is NULL, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[in] From notBefore Pointer to DateTime object.=0D
+ @param[in,out] FromSize notBefore DateTime object size.=0D
+ @param[in] To notAfter Pointer to DateTime object.=0D
+ @param[in,out] ToSize notAfter DateTime object size.=0D
+=0D
+ Note: X509CompareDateTime to compare DateTime oject=0D
+ x509SetDateTime to get a DateTime object from a DateTimeStr=0D
+=0D
+ @retval TRUE The certificate Validity retrieved successfully.=0D
+ @retval FALSE Invalid certificate, or Validity retrieve failed.=0D
+ @retval FALSE This interface is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetValidity (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ IN UINT8 *From,=0D
+ IN OUT UINTN *FromSize,=0D
+ IN UINT8 *To,=0D
+ IN OUT UINTN *ToSize=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetValidity, X509GetValidity, (C=
ert, CertSize, From, FromSize, To, ToSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Format a DateTime object into DataTime Buffer=0D
+=0D
+ If DateTimeStr is NULL, then return FALSE.=0D
+ If DateTimeSize is NULL, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] DateTimeStr DateTime string like YYYYMMDDhhmmssZ=0D
+ Ref: https://www.w3.org/TR/NOTE-datetim=
e=0D
+ Z stand for UTC time=0D
+ @param[out] DateTime Pointer to a DateTime object.=0D
+ @param[in,out] DateTimeSize DateTime object buffer size.=0D
+=0D
+ @retval TRUE The DateTime object create successfully=
.=0D
+ @retval FALSE If DateTimeStr is NULL.=0D
+ If DateTimeSize is NULL.=0D
+ If DateTime is not NULL and *DateTimeSi=
ze is 0.=0D
+ If Year Month Day Hour Minute Second co=
mbination is invalid datetime.=0D
+ @retval FALSE If the DateTime is NULL. The required b=
uffer size=0D
+ (including the final null) is returned =
in the=0D
+ DateTimeSize parameter.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509SetDateTime (=0D
+ IN CHAR8 *DateTimeStr,=0D
+ OUT VOID *DateTime,=0D
+ IN OUT UINTN *DateTimeSize=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.SetDateTime, X509SetDateTime, (D=
ateTimeStr, DateTime, DateTimeSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Compare DateTime1 object and DateTime2 object.=0D
+=0D
+ If DateTime1 is NULL, then return -2.=0D
+ If DateTime2 is NULL, then return -2.=0D
+ If DateTime1 =3D=3D DateTime2, then return 0=0D
+ If DateTime1 > DateTime2, then return 1=0D
+ If DateTime1 < DateTime2, then return -1=0D
+=0D
+ @param[in] DateTime1 Pointer to a DateTime Ojbect=0D
+ @param[in] DateTime2 Pointer to a DateTime Object=0D
+=0D
+ @retval 0 If DateTime1 =3D=3D DateTime2=0D
+ @retval 1 If DateTime1 > DateTime2=0D
+ @retval -1 If DateTime1 < DateTime2=0D
+**/=0D
+INT32=0D
+EFIAPI=0D
+CryptoServiceX509CompareDateTime (=0D
+ IN CONST VOID *DateTime1,=0D
+ IN CONST VOID *DateTime2=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.CompareDateTime, X509CompareDate=
Time, (DateTime1, DateTime2), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the Key Usage from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[out] Usage Key Usage (CRYPTO_X509_KU_*)=0D
+=0D
+ @retval TRUE The certificate Key Usage retrieved successfully.=0D
+ @retval FALSE Invalid certificate, or Usage is NULL=0D
+ @retval FALSE This interface is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetKeyUsage (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINTN *Usage=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetKeyUsage, X509GetKeyUsage, (C=
ert, CertSize, Usage), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Verify one X509 certificate was issued by the trusted CA.=0D
+ @param[in] RootCert Trusted Root Certificate buffer=0D
+=0D
+ @param[in] RootCertLength Trusted Root Certificate buffer length=
=0D
+ @param[in] CertChain One or more ASN.1 DER-encoded X.509 ce=
rtificates=0D
+ where the first certificate is signed =
by the Root=0D
+ Certificate or is the Root Cerificate =
itself. and=0D
+ subsequent cerificate is signed by the=
preceding=0D
+ cerificate.=0D
+ @param[in] CertChainLength Total length of the certificate chain,=
in bytes.=0D
+=0D
+ @retval TRUE All cerificates was issued by the first certificate in X=
509Certchain.=0D
+ @retval FALSE Invalid certificate or the certificate was not issued by=
the given=0D
+ trusted CA.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509VerifyCertChain (=0D
+ IN CONST UINT8 *RootCert,=0D
+ IN UINTN RootCertLength,=0D
+ IN CONST UINT8 *CertChain,=0D
+ IN UINTN CertChainLength=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.VerifyCertChain, X509VerifyCertC=
hain, (RootCert, RootCertLength, CertChain, CertChainLength), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Get one X509 certificate from CertChain.=0D
+=0D
+ @param[in] CertChain One or more ASN.1 DER-encoded X.509 ce=
rtificates=0D
+ where the first certificate is signed =
by the Root=0D
+ Certificate or is the Root Cerificate =
itself. and=0D
+ subsequent cerificate is signed by the=
preceding=0D
+ cerificate.=0D
+ @param[in] CertChainLength Total length of the certificate chain,=
in bytes.=0D
+=0D
+ @param[in] CertIndex Index of certificate.=0D
+=0D
+ @param[out] Cert The certificate at the index of CertCh=
ain.=0D
+ @param[out] CertLength The length certificate at the index of=
CertChain.=0D
+=0D
+ @retval TRUE Success.=0D
+ @retval FALSE Failed to get certificate from certificate chain.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetCertFromCertChain (=0D
+ IN CONST UINT8 *CertChain,=0D
+ IN UINTN CertChainLength,=0D
+ IN CONST INT32 CertIndex,=0D
+ OUT CONST UINT8 **Cert,=0D
+ OUT UINTN *CertLength=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetCertFromCertChain, X509GetCer=
tFromCertChain, (CertChain, CertChainLength, CertIndex, Cert, CertLength), =
FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the tag and length of the tag.=0D
+=0D
+ @param Ptr The position in the ASN.1 data=0D
+ @param End End of data=0D
+ @param Length The variable that will receive the length=0D
+ @param Tag The expected tag=0D
+=0D
+ @retval TRUE Get tag successful=0D
+ @retval FALSe Failed to get tag or tag not match=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceAsn1GetTag (=0D
+ IN OUT UINT8 **Ptr,=0D
+ IN UINT8 *End,=0D
+ OUT UINTN *Length,=0D
+ IN UINT32 Tag=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.Asn1GetTag, Asn1GetTag, (Ptr, En=
d, Length, Tag), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the basic constraints from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509=
certificate.=0D
+ @param[in] CertSize size of the X509 certificate in=
bytes.=0D
+ @param[out] BasicConstraints basic constraints bytes.=0D
+ @param[in, out] BasicConstraintsSize basic constraints buffer sizs i=
n bytes.=0D
+=0D
+ @retval TRUE The basic constraints retrieve successf=
ully.=0D
+ @retval FALSE If cert is NULL.=0D
+ If cert_size is NULL.=0D
+ If basic_constraints is not NULL and *b=
asic_constraints_size is 0.=0D
+ If cert is invalid.=0D
+ @retval FALSE The required buffer size is small.=0D
+ The return buffer size is basic_constra=
ints_size parameter.=0D
+ @retval FALSE If no Extension entry match oid.=0D
+ @retval FALSE The operation is not supported.=0D
+ **/=0D
+BOOLEAN=0D
+EFIAPI=0D
+CryptoServiceX509GetExtendedBasicConstraints (=0D
+ CONST UINT8 *Cert,=0D
+ UINTN CertSize,=0D
+ UINT8 *BasicConstraints,=0D
+ UINTN *BasicConstraintsSize=0D
+ )=0D
+{=0D
+ return CALL_BASECRYPTLIB (X509.Services.GetExtendedBasicConstraints, X50=
9GetExtendedBasicConstraints, (Cert, CertSize, BasicConstraints, BasicConst=
raintsSize), FALSE);=0D
+}=0D
+=0D
/**=0D
Derives a key from a password using a salt and iteration count, based on=
PKCS#5 v2.0=0D
password based encryption key derivation function PBKDF2, as specified i=
n RFC 2898.=0D
@@ -5770,4 +6185,19 @@ const EDKII_CRYPTO_PROTOCOL mEdkiiCrypto =3D {
CryptoServiceBigNumContextFree,=0D
CryptoServiceBigNumSetUint,=0D
CryptoServiceBigNumAddMod,=0D
+ /// X509 (Continued)=0D
+ CryptoServiceX509GetVersion,=0D
+ CryptoServiceX509GetSerialNumber,=0D
+ CryptoServiceX509GetIssuerName,=0D
+ CryptoServiceX509GetSignatureAlgorithm,=0D
+ CryptoServiceX509GetExtensionData,=0D
+ CryptoServiceX509GetExtendedKeyUsage,=0D
+ CryptoServiceX509GetValidity,=0D
+ CryptoServiceX509SetDateTime,=0D
+ CryptoServiceX509CompareDateTime,=0D
+ CryptoServiceX509GetKeyUsage,=0D
+ CryptoServiceX509VerifyCertChain,=0D
+ CryptoServiceX509GetCertFromCertChain,=0D
+ CryptoServiceAsn1GetTag,=0D
+ CryptoServiceX509GetExtendedBasicConstraints=0D
};=0D
diff --git a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h b/CryptoP=
kg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
index 52b44ca4f8..6338ac8f55 100644
--- a/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
+++ b/CryptoPkg/Include/Pcd/PcdCryptoServiceFamilyEnable.h
@@ -187,16 +187,30 @@ typedef struct {
} Sha512;=0D
union {=0D
struct {=0D
- UINT8 GetSubjectName : 1;=0D
- UINT8 GetCommonName : 1;=0D
- UINT8 GetOrganizationName : 1;=0D
- UINT8 VerifyCert : 1;=0D
- UINT8 ConstructCertificate : 1;=0D
- UINT8 ConstructCertificateStack : 1;=0D
- UINT8 ConstructCertificateStackV : 1;=0D
- UINT8 Free : 1;=0D
- UINT8 StackFree : 1;=0D
- UINT8 GetTBSCert : 1;=0D
+ UINT8 GetSubjectName : 1;=0D
+ UINT8 GetCommonName : 1;=0D
+ UINT8 GetOrganizationName : 1;=0D
+ UINT8 VerifyCert : 1;=0D
+ UINT8 ConstructCertificate : 1;=0D
+ UINT8 ConstructCertificateStack : 1;=0D
+ UINT8 ConstructCertificateStackV : 1;=0D
+ UINT8 Free : 1;=0D
+ UINT8 StackFree : 1;=0D
+ UINT8 GetTBSCert : 1;=0D
+ UINT8 GetVersion : 1;=0D
+ UINT8 GetSerialNumber : 1;=0D
+ UINT8 GetIssuerName : 1;=0D
+ UINT8 GetSignatureAlgorithm : 1;=0D
+ UINT8 GetExtensionData : 1;=0D
+ UINT8 GetExtendedKeyUsage : 1;=0D
+ UINT8 GetValidity : 1;=0D
+ UINT8 SetDateTime : 1;=0D
+ UINT8 CompareDateTime : 1;=0D
+ UINT8 GetKeyUsage : 1;=0D
+ UINT8 VerifyCertChain : 1;=0D
+ UINT8 GetCertFromCertChain : 1;=0D
+ UINT8 Asn1GetTag : 1;=0D
+ UINT8 GetExtendedBasicConstraints : 1;=0D
} Services;=0D
UINT32 Family;=0D
} X509;=0D
diff --git a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c b/Crypt=
oPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
index ce6981f091..5c7b536c75 100644
--- a/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
+++ b/CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c
@@ -2322,6 +2322,421 @@ X509GetTBSCert (
CALL_CRYPTO_SERVICE (X509GetTBSCert, (Cert, CertSize, TBSCert, TBSCertSi=
ze), FALSE);=0D
}=0D
=0D
+/**=0D
+ Retrieve the version from one X.509 certificate.=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertSize is 0, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] Version Pointer to the retrieved version integer.=0D
+=0D
+ @retval TRUE The certificate version retrieved successfully.=0D
+ @retval FALSE If Cert is NULL or CertSize is Zero.=0D
+ @retval FALSE The operation is not supported.=0D
+=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetVersion (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINTN *Version=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetVersion, (Cert, CertSize, Version), FALSE);=
=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the serialNumber from one X.509 certificate.=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertSize is 0, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] SerialNumber Pointer to the retrieved certificate Seria=
lNumber bytes.=0D
+ @param[in, out] SerialNumberSize The size in bytes of the SerialNumber =
buffer on input,=0D
+ and the size of buffer returned SerialNumbe=
r on output.=0D
+=0D
+ @retval TRUE The certificate serialNumber retrieved =
successfully.=0D
+ @retval FALSE If Cert is NULL or CertSize is Zero.=0D
+ If SerialNumberSize is NULL.=0D
+ If Certificate is invalid.=0D
+ @retval FALSE If no SerialNumber exists.=0D
+ @retval FALSE If the SerialNumber is NULL. The requir=
ed buffer size=0D
+ (including the final null) is returned =
in the=0D
+ SerialNumberSize parameter.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetSerialNumber (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *SerialNumber, OPTIONAL=0D
+ IN OUT UINTN *SerialNumberSize=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetSerialNumber, (Cert, CertSize, SerialNumber,=
SerialNumberSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the issuer bytes from one X.509 certificate.=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertIssuerSize is NULL, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] CertIssuer Pointer to the retrieved certificate subject=
bytes.=0D
+ @param[in, out] CertIssuerSize The size in bytes of the CertIssuer buff=
er on input,=0D
+ and the size of buffer returned CertSubject=
on output.=0D
+=0D
+ @retval TRUE The certificate issuer retrieved successfully.=0D
+ @retval FALSE Invalid certificate, or the CertIssuerSize is too small =
for the result.=0D
+ The CertIssuerSize will be updated with the required siz=
e.=0D
+ @retval FALSE This interface is not supported.=0D
+=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetIssuerName (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *CertIssuer,=0D
+ IN OUT UINTN *CertIssuerSize=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetIssuerName, (Cert, CertSize, CertIssuer, Cer=
tIssuerSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the Signature Algorithm from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[out] Oid Signature Algorithm Object identifier b=
uffer.=0D
+ @param[in,out] OidSize Signature Algorithm Object identifier b=
uffer size=0D
+=0D
+ @retval TRUE The certificate Extension data retrieved successf=
ully.=0D
+ @retval FALSE If Cert is NULL.=0D
+ If OidSize is NULL.=0D
+ If Oid is not NULL and *OidSize is 0.=0D
+ If Certificate is invalid.=0D
+ @retval FALSE If no SignatureType.=0D
+ @retval FALSE If the Oid is NULL. The required buffer=
size=0D
+ is returned in the OidSize.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetSignatureAlgorithm (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *Oid, OPTIONAL=0D
+ IN OUT UINTN *OidSize=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetSignatureAlgorithm, (Cert, CertSize, Oid, Oi=
dSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve Extension data from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[in] Oid Object identifier buffer=0D
+ @param[in] OidSize Object identifier buffer size=0D
+ @param[out] ExtensionData Extension bytes.=0D
+ @param[in, out] ExtensionDataSize Extension bytes size.=0D
+=0D
+ @retval TRUE The certificate Extension data retrieve=
d successfully.=0D
+ @retval FALSE If Cert is NULL.=0D
+ If ExtensionDataSize is NULL.=0D
+ If ExtensionData is not NULL and *Exten=
sionDataSize is 0.=0D
+ If Certificate is invalid.=0D
+ @retval FALSE If no Extension entry match Oid.=0D
+ @retval FALSE If the ExtensionData is NULL. The requi=
red buffer size=0D
+ is returned in the ExtensionDataSize pa=
rameter.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetExtensionData (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ IN CONST UINT8 *Oid,=0D
+ IN UINTN OidSize,=0D
+ OUT UINT8 *ExtensionData,=0D
+ IN OUT UINTN *ExtensionDataSize=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetExtensionData, (Cert, CertSize, Oid, OidSize=
, ExtensionData, ExtensionDataSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the Extended Key Usage from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[out] Usage Key Usage bytes.=0D
+ @param[in, out] UsageSize Key Usage buffer sizs in bytes.=0D
+=0D
+ @retval TRUE The Usage bytes retrieve successfully.=
=0D
+ @retval FALSE If Cert is NULL.=0D
+ If CertSize is NULL.=0D
+ If Usage is not NULL and *UsageSize is =
0.=0D
+ If Cert is invalid.=0D
+ @retval FALSE If the Usage is NULL. The required buff=
er size=0D
+ is returned in the UsageSize parameter.=
=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetExtendedKeyUsage (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *Usage,=0D
+ IN OUT UINTN *UsageSize=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetExtendedKeyUsage, (Cert, CertSize, Usage, Us=
ageSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the Validity from one X.509 certificate=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertIssuerSize is NULL, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[in] From notBefore Pointer to DateTime object.=0D
+ @param[in,out] FromSize notBefore DateTime object size.=0D
+ @param[in] To notAfter Pointer to DateTime object.=0D
+ @param[in,out] ToSize notAfter DateTime object size.=0D
+=0D
+ Note: X509CompareDateTime to compare DateTime oject=0D
+ x509SetDateTime to get a DateTime object from a DateTimeStr=0D
+=0D
+ @retval TRUE The certificate Validity retrieved successfully.=0D
+ @retval FALSE Invalid certificate, or Validity retrieve failed.=0D
+ @retval FALSE This interface is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetValidity (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ IN UINT8 *From,=0D
+ IN OUT UINTN *FromSize,=0D
+ IN UINT8 *To,=0D
+ IN OUT UINTN *ToSize=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetValidity, (Cert, CertSize, From, FromSize, T=
o, ToSize), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Format a DateTime object into DataTime Buffer=0D
+=0D
+ If DateTimeStr is NULL, then return FALSE.=0D
+ If DateTimeSize is NULL, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] DateTimeStr DateTime string like YYYYMMDDhhmmssZ=0D
+ Ref: https://www.w3.org/TR/NOTE-datetim=
e=0D
+ Z stand for UTC time=0D
+ @param[out] DateTime Pointer to a DateTime object.=0D
+ @param[in,out] DateTimeSize DateTime object buffer size.=0D
+=0D
+ @retval TRUE The DateTime object create successfully=
.=0D
+ @retval FALSE If DateTimeStr is NULL.=0D
+ If DateTimeSize is NULL.=0D
+ If DateTime is not NULL and *DateTimeSi=
ze is 0.=0D
+ If Year Month Day Hour Minute Second co=
mbination is invalid datetime.=0D
+ @retval FALSE If the DateTime is NULL. The required b=
uffer size=0D
+ (including the final null) is returned =
in the=0D
+ DateTimeSize parameter.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509SetDateTime (=0D
+ IN CHAR8 *DateTimeStr,=0D
+ OUT VOID *DateTime,=0D
+ IN OUT UINTN *DateTimeSize=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509SetDateTime, (DateTimeStr, DateTime, DateTimeSi=
ze), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Compare DateTime1 object and DateTime2 object.=0D
+=0D
+ If DateTime1 is NULL, then return -2.=0D
+ If DateTime2 is NULL, then return -2.=0D
+ If DateTime1 =3D=3D DateTime2, then return 0=0D
+ If DateTime1 > DateTime2, then return 1=0D
+ If DateTime1 < DateTime2, then return -1=0D
+=0D
+ @param[in] DateTime1 Pointer to a DateTime Ojbect=0D
+ @param[in] DateTime2 Pointer to a DateTime Object=0D
+=0D
+ @retval 0 If DateTime1 =3D=3D DateTime2=0D
+ @retval 1 If DateTime1 > DateTime2=0D
+ @retval -1 If DateTime1 < DateTime2=0D
+**/=0D
+INT32=0D
+EFIAPI=0D
+X509CompareDateTime (=0D
+ IN CONST VOID *DateTime1,=0D
+ IN CONST VOID *DateTime2=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509CompareDateTime, (DateTime1, DateTime2), FALSE)=
;=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the Key Usage from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[out] Usage Key Usage (CRYPTO_X509_KU_*)=0D
+=0D
+ @retval TRUE The certificate Key Usage retrieved successfully.=0D
+ @retval FALSE Invalid certificate, or Usage is NULL=0D
+ @retval FALSE This interface is not supported.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetKeyUsage (=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINTN *Usage=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetKeyUsage, (Cert, CertSize, Usage), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Verify one X509 certificate was issued by the trusted CA.=0D
+ @param[in] RootCert Trusted Root Certificate buffer=0D
+=0D
+ @param[in] RootCertLength Trusted Root Certificate buffer length=
=0D
+ @param[in] CertChain One or more ASN.1 DER-encoded X.509 ce=
rtificates=0D
+ where the first certificate is signed =
by the Root=0D
+ Certificate or is the Root Cerificate =
itself. and=0D
+ subsequent cerificate is signed by the=
preceding=0D
+ cerificate.=0D
+ @param[in] CertChainLength Total length of the certificate chain,=
in bytes.=0D
+=0D
+ @retval TRUE All cerificates was issued by the first certificate in X=
509Certchain.=0D
+ @retval FALSE Invalid certificate or the certificate was not issued by=
the given=0D
+ trusted CA.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509VerifyCertChain (=0D
+ IN CONST UINT8 *RootCert,=0D
+ IN UINTN RootCertLength,=0D
+ IN CONST UINT8 *CertChain,=0D
+ IN UINTN CertChainLength=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509VerifyCertChain, (RootCert, RootCertLength, Cer=
tChain, CertChainLength), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Get one X509 certificate from CertChain.=0D
+=0D
+ @param[in] CertChain One or more ASN.1 DER-encoded X.509 ce=
rtificates=0D
+ where the first certificate is signed =
by the Root=0D
+ Certificate or is the Root Cerificate =
itself. and=0D
+ subsequent cerificate is signed by the=
preceding=0D
+ cerificate.=0D
+ @param[in] CertChainLength Total length of the certificate chain,=
in bytes.=0D
+=0D
+ @param[in] CertIndex Index of certificate.=0D
+=0D
+ @param[out] Cert The certificate at the index of CertCh=
ain.=0D
+ @param[out] CertLength The length certificate at the index of=
CertChain.=0D
+=0D
+ @retval TRUE Success.=0D
+ @retval FALSE Failed to get certificate from certificate chain.=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetCertFromCertChain (=0D
+ IN CONST UINT8 *CertChain,=0D
+ IN UINTN CertChainLength,=0D
+ IN CONST INT32 CertIndex,=0D
+ OUT CONST UINT8 **Cert,=0D
+ OUT UINTN *CertLength=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetCertFromCertChain, (CertChain, CertChainLeng=
th, CertIndex, Cert, CertLength), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the tag and length of the tag.=0D
+=0D
+ @param Ptr The position in the ASN.1 data=0D
+ @param End End of data=0D
+ @param Length The variable that will receive the length=0D
+ @param Tag The expected tag=0D
+=0D
+ @retval TRUE Get tag successful=0D
+ @retval FALSe Failed to get tag or tag not match=0D
+**/=0D
+BOOLEAN=0D
+EFIAPI=0D
+Asn1GetTag (=0D
+ IN OUT UINT8 **Ptr,=0D
+ IN UINT8 *End,=0D
+ OUT UINTN *Length,=0D
+ IN UINT32 Tag=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (Asn1GetTag, (Ptr, End, Length, Tag), FALSE);=0D
+}=0D
+=0D
+/**=0D
+ Retrieve the basic constraints from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509=
certificate.=0D
+ @param[in] CertSize size of the X509 certificate in=
bytes.=0D
+ @param[out] BasicConstraints basic constraints bytes.=0D
+ @param[in, out] BasicConstraintsSize basic constraints buffer sizs i=
n bytes.=0D
+=0D
+ @retval TRUE The basic constraints retrieve successf=
ully.=0D
+ @retval FALSE If cert is NULL.=0D
+ If cert_size is NULL.=0D
+ If basic_constraints is not NULL and *b=
asic_constraints_size is 0.=0D
+ If cert is invalid.=0D
+ @retval FALSE The required buffer size is small.=0D
+ The return buffer size is basic_constra=
ints_size parameter.=0D
+ @retval FALSE If no Extension entry match oid.=0D
+ @retval FALSE The operation is not supported.=0D
+ **/=0D
+BOOLEAN=0D
+EFIAPI=0D
+X509GetExtendedBasicConstraints (=0D
+ CONST UINT8 *Cert,=0D
+ UINTN CertSize,=0D
+ UINT8 *BasicConstraints,=0D
+ UINTN *BasicConstraintsSize=0D
+ )=0D
+{=0D
+ CALL_CRYPTO_SERVICE (X509GetExtendedBasicConstraints, (Cert, CertSize, B=
asicConstraints, BasicConstraintsSize), FALSE);=0D
+}=0D
+=0D
/**=0D
Derives a key from a password using a salt and iteration count, based on=
PKCS#5 v2.0=0D
password based encryption key derivation function PBKDF2, as specified i=
n RFC 2898.=0D
diff --git a/CryptoPkg/Private/Protocol/Crypto.h b/CryptoPkg/Private/Protoc=
ol/Crypto.h
index 3bf37575e9..ec9c074c7b 100644
--- a/CryptoPkg/Private/Protocol/Crypto.h
+++ b/CryptoPkg/Private/Protocol/Crypto.h
@@ -21,7 +21,7 @@
/// the EDK II Crypto Protocol is extended, this version define must be=0D
/// increased.=0D
///=0D
-#define EDKII_CRYPTO_VERSION 12=0D
+#define EDKII_CRYPTO_VERSION 13=0D
=0D
///=0D
/// EDK II Crypto Protocol forward declaration=0D
@@ -2351,6 +2351,381 @@ BOOLEAN
OUT UINTN *TBSCertSize=0D
);=0D
=0D
+/**=0D
+ Retrieve the version from one X.509 certificate.=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertSize is 0, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] Version Pointer to the retrieved version integer.=0D
+=0D
+ @retval TRUE The certificate version retrieved successfully.=0D
+ @retval FALSE If Cert is NULL or CertSize is Zero.=0D
+ @retval FALSE The operation is not supported.=0D
+=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_VERSION)(=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINTN *Version=0D
+ );=0D
+=0D
+/**=0D
+ Retrieve the serialNumber from one X.509 certificate.=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertSize is 0, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] SerialNumber Pointer to the retrieved certificate Seria=
lNumber bytes.=0D
+ @param[in, out] SerialNumberSize The size in bytes of the SerialNumber =
buffer on input,=0D
+ and the size of buffer returned SerialNumbe=
r on output.=0D
+=0D
+ @retval TRUE The certificate serialNumber retrieved =
successfully.=0D
+ @retval FALSE If Cert is NULL or CertSize is Zero.=0D
+ If SerialNumberSize is NULL.=0D
+ If Certificate is invalid.=0D
+ @retval FALSE If no SerialNumber exists.=0D
+ @retval FALSE If the SerialNumber is NULL. The requir=
ed buffer size=0D
+ (including the final null) is returned =
in the=0D
+ SerialNumberSize parameter.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_SERIAL_NUMBER)(=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *SerialNumber, OPTIONAL=0D
+ IN OUT UINTN *SerialNumberSize=0D
+ );=0D
+=0D
+/**=0D
+ Retrieve the issuer bytes from one X.509 certificate.=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertIssuerSize is NULL, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] CertIssuer Pointer to the retrieved certificate subject=
bytes.=0D
+ @param[in, out] CertIssuerSize The size in bytes of the CertIssuer buff=
er on input,=0D
+ and the size of buffer returned CertSubject=
on output.=0D
+=0D
+ @retval TRUE The certificate issuer retrieved successfully.=0D
+ @retval FALSE Invalid certificate, or the CertIssuerSize is too small =
for the result.=0D
+ The CertIssuerSize will be updated with the required siz=
e.=0D
+ @retval FALSE This interface is not supported.=0D
+=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_ISSUER_NAME)(=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *CertIssuer,=0D
+ IN OUT UINTN *CertIssuerSize=0D
+ );=0D
+=0D
+/**=0D
+ Retrieve the Signature Algorithm from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[out] Oid Signature Algorithm Object identifier b=
uffer.=0D
+ @param[in,out] OidSize Signature Algorithm Object identifier b=
uffer size=0D
+=0D
+ @retval TRUE The certificate Extension data retrieved successf=
ully.=0D
+ @retval FALSE If Cert is NULL.=0D
+ If OidSize is NULL.=0D
+ If Oid is not NULL and *OidSize is 0.=0D
+ If Certificate is invalid.=0D
+ @retval FALSE If no SignatureType.=0D
+ @retval FALSE If the Oid is NULL. The required buffer=
size=0D
+ is returned in the OidSize.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_SIGNATURE_ALGORITHM)(=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *Oid, OPTIONAL=0D
+ IN OUT UINTN *OidSize=0D
+ );=0D
+=0D
+/**=0D
+ Retrieve Extension data from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[in] Oid Object identifier buffer=0D
+ @param[in] OidSize Object identifier buffer size=0D
+ @param[out] ExtensionData Extension bytes.=0D
+ @param[in, out] ExtensionDataSize Extension bytes size.=0D
+=0D
+ @retval TRUE The certificate Extension data retrieve=
d successfully.=0D
+ @retval FALSE If Cert is NULL.=0D
+ If ExtensionDataSize is NULL.=0D
+ If ExtensionData is not NULL and *Exten=
sionDataSize is 0.=0D
+ If Certificate is invalid.=0D
+ @retval FALSE If no Extension entry match Oid.=0D
+ @retval FALSE If the ExtensionData is NULL. The requi=
red buffer size=0D
+ is returned in the ExtensionDataSize pa=
rameter.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_EXTENSION_DATA)(=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ IN CONST UINT8 *Oid,=0D
+ IN UINTN OidSize,=0D
+ OUT UINT8 *ExtensionData,=0D
+ IN OUT UINTN *ExtensionDataSize=0D
+ );=0D
+=0D
+/**=0D
+ Retrieve the Extended Key Usage from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[out] Usage Key Usage bytes.=0D
+ @param[in, out] UsageSize Key Usage buffer sizs in bytes.=0D
+=0D
+ @retval TRUE The Usage bytes retrieve successfully.=
=0D
+ @retval FALSE If Cert is NULL.=0D
+ If CertSize is NULL.=0D
+ If Usage is not NULL and *UsageSize is =
0.=0D
+ If Cert is invalid.=0D
+ @retval FALSE If the Usage is NULL. The required buff=
er size=0D
+ is returned in the UsageSize parameter.=
=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_EXTENDED_KEY_USAGE)(=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINT8 *Usage,=0D
+ IN OUT UINTN *UsageSize=0D
+ );=0D
+=0D
+/**=0D
+ Retrieve the Validity from one X.509 certificate=0D
+=0D
+ If Cert is NULL, then return FALSE.=0D
+ If CertIssuerSize is NULL, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certificate=
.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=0D
+ @param[out] From notBefore Pointer to DateTime object.=0D
+ @param[in,out] FromSize notBefore DateTime object size.=0D
+ @param[out] To notAfter Pointer to DateTime object.=0D
+ @param[in,out] ToSize notAfter DateTime object size.=0D
+=0D
+ Note: X509CompareDateTime to compare DateTime oject=0D
+ x509SetDateTime to get a DateTime object from a DateTimeStr=0D
+=0D
+ @retval TRUE The certificate Validity retrieved successfully.=0D
+ @retval FALSE Invalid certificate, or Validity retrieve failed.=0D
+ @retval FALSE This interface is not supported.=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_VALIDITY)(=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ IN UINT8 *From,=0D
+ IN OUT UINTN *FromSize,=0D
+ IN UINT8 *To,=0D
+ IN OUT UINTN *ToSize=0D
+ );=0D
+=0D
+/**=0D
+ Format a DateTime object into DataTime Buffer=0D
+=0D
+ If DateTimeStr is NULL, then return FALSE.=0D
+ If DateTimeSize is NULL, then return FALSE.=0D
+ If this interface is not supported, then return FALSE.=0D
+=0D
+ @param[in] DateTimeStr DateTime string like YYYYMMDDhhmmssZ=0D
+ Ref: https://www.w3.org/TR/NOTE-datetim=
e=0D
+ Z stand for UTC time=0D
+ @param[in,out] DateTime Pointer to a DateTime object.=0D
+ @param[in,out] DateTimeSize DateTime object buffer size.=0D
+=0D
+ @retval TRUE The DateTime object create successfully=
.=0D
+ @retval FALSE If DateTimeStr is NULL.=0D
+ If DateTimeSize is NULL.=0D
+ If DateTime is not NULL and *DateTimeSi=
ze is 0.=0D
+ If Year Month Day Hour Minute Second co=
mbination is invalid datetime.=0D
+ @retval FALSE If the DateTime is NULL. The required b=
uffer size=0D
+ (including the final null) is returned =
in the=0D
+ DateTimeSize parameter.=0D
+ @retval FALSE The operation is not supported.=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_SET_DATE_TIME)(=0D
+ IN CHAR8 *DateTimeStr,=0D
+ OUT VOID *DateTime,=0D
+ IN OUT UINTN *DateTimeSize=0D
+ );=0D
+=0D
+/**=0D
+ Compare DateTime1 object and DateTime2 object.=0D
+=0D
+ If DateTime1 is NULL, then return -2.=0D
+ If DateTime2 is NULL, then return -2.=0D
+ If DateTime1 =3D=3D DateTime2, then return 0=0D
+ If DateTime1 > DateTime2, then return 1=0D
+ If DateTime1 < DateTime2, then return -1=0D
+=0D
+ @param[in] DateTime1 Pointer to a DateTime Ojbect=0D
+ @param[in] DateTime2 Pointer to a DateTime Object=0D
+=0D
+ @retval 0 If DateTime1 =3D=3D DateTime2=0D
+ @retval 1 If DateTime1 > DateTime2=0D
+ @retval -1 If DateTime1 < DateTime2=0D
+**/=0D
+typedef=0D
+INT32=0D
+(EFIAPI *EDKII_CRYPTO_X509_COMPARE_DATE_TIME)(=0D
+ IN CONST VOID *DateTime1,=0D
+ IN CONST VOID *DateTime2=0D
+ );=0D
+=0D
+/**=0D
+ Retrieve the Key Usage from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509 certifi=
cate.=0D
+ @param[in] CertSize Size of the X509 certificate in bytes.=
=0D
+ @param[out] Usage Key Usage (CRYPTO_X509_KU_*)=0D
+=0D
+ @retval TRUE The certificate Key Usage retrieved successfully.=0D
+ @retval FALSE Invalid certificate, or Usage is NULL=0D
+ @retval FALSE This interface is not supported.=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_KEY_USAGE)(=0D
+ IN CONST UINT8 *Cert,=0D
+ IN UINTN CertSize,=0D
+ OUT UINTN *Usage=0D
+ );=0D
+=0D
+/**=0D
+ Verify one X509 certificate was issued by the trusted CA.=0D
+=0D
+ @param[in] CertChain One or more ASN.1 DER-encoded X.509 ce=
rtificates=0D
+ where the first certificate is signed =
by the Root=0D
+ Certificate or is the Root Cerificate =
itself. and=0D
+ subsequent cerificate is signed by the=
preceding=0D
+ cerificate.=0D
+ @param[in] CertChainLength Total length of the certificate chain,=
in bytes.=0D
+=0D
+ @param[in] RootCert Trusted Root Certificate buffer=0D
+=0D
+ @param[in] RootCertLength Trusted Root Certificate buffer length=
=0D
+=0D
+ @retval TRUE All cerificates was issued by the first certificate in X=
509Certchain.=0D
+ @retval FALSE Invalid certificate or the certificate was not issued by=
the given=0D
+ trusted CA.=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_VERIFY_CERT_CHAIN)(=0D
+ IN CONST UINT8 *RootCert,=0D
+ IN UINTN RootCertLength,=0D
+ IN CONST UINT8 *CertChain,=0D
+ IN UINTN CertChainLength=0D
+ );=0D
+=0D
+/**=0D
+ Get one X509 certificate from CertChain.=0D
+=0D
+ @param[in] CertChain One or more ASN.1 DER-encoded X.509 ce=
rtificates=0D
+ where the first certificate is signed =
by the Root=0D
+ Certificate or is the Root Cerificate =
itself. and=0D
+ subsequent cerificate is signed by the=
preceding=0D
+ cerificate.=0D
+ @param[in] CertChainLength Total length of the certificate chain,=
in bytes.=0D
+=0D
+ @param[in] CertIndex Index of certificate.=0D
+=0D
+ @param[out] Cert The certificate at the index of CertCh=
ain.=0D
+ @param[out] CertLength The length certificate at the index of=
CertChain.=0D
+=0D
+ @retval TRUE Success.=0D
+ @retval FALSE Failed to get certificate from certificate chain.=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_CERT_FROM_CERT_CHAIN)(=0D
+ IN CONST UINT8 *CertChain,=0D
+ IN UINTN CertChainLength,=0D
+ IN CONST INT32 CertIndex,=0D
+ OUT CONST UINT8 **Cert,=0D
+ OUT UINTN *CertLength=0D
+ );=0D
+=0D
+/**=0D
+ Retrieve the tag and length of the tag.=0D
+=0D
+ @param Ptr The position in the ASN.1 data=0D
+ @param End End of data=0D
+ @param Length The variable that will receive the length=0D
+ @param Tag The expected tag=0D
+=0D
+ @retval TRUE Get tag successful=0D
+ @retval FALSe Failed to get tag or tag not match=0D
+**/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_ASN1_GET_TAG)(=0D
+ IN OUT UINT8 **Ptr,=0D
+ IN UINT8 *End,=0D
+ OUT UINTN *Length,=0D
+ IN UINT32 Tag=0D
+ );=0D
+=0D
+/**=0D
+ Retrieve the basic constraints from one X.509 certificate.=0D
+=0D
+ @param[in] Cert Pointer to the DER-encoded X509=
certificate.=0D
+ @param[in] CertSize size of the X509 certificate in=
bytes.=0D
+ @param[out] BasicConstraints basic constraints bytes.=0D
+ @param[in, out] BasicConstraintsSize basic constraints buffer sizs i=
n bytes.=0D
+=0D
+ @retval TRUE The basic constraints retrieve successf=
ully.=0D
+ @retval FALSE If cert is NULL.=0D
+ If cert_size is NULL.=0D
+ If basic_constraints is not NULL and *b=
asic_constraints_size is 0.=0D
+ If cert is invalid.=0D
+ @retval FALSE The required buffer size is small.=0D
+ The return buffer size is basic_constra=
ints_size parameter.=0D
+ @retval FALSE If no Extension entry match oid.=0D
+ @retval FALSE The operation is not supported.=0D
+ **/=0D
+typedef=0D
+BOOLEAN=0D
+(EFIAPI *EDKII_CRYPTO_X509_GET_EXTENDED_BASIC_CONSTRAINTS)(=0D
+ CONST UINT8 *Cert,=0D
+ UINTN CertSize,=0D
+ UINT8 *BasicConstraints,=0D
+ UINTN *BasicConstraintsSize=0D
+ );=0D
+=0D
// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0D
// Symmetric Cryptography Primitive=0D
// =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0D
@@ -4294,235 +4669,250 @@ BOOLEAN
///=0D
struct _EDKII_CRYPTO_PROTOCOL {=0D
/// Version=0D
- EDKII_CRYPTO_GET_VERSION GetVersion;=0D
+ EDKII_CRYPTO_GET_VERSION GetVersion;=0D
/// HMAC MD5 - deprecated and unsupported=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_MD5_NEW DeprecatedHmacMd5New;=
=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FREE DeprecatedHmacMd5Free=
;=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_MD5_SET_KEY DeprecatedHmacMd5SetK=
ey;=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_MD5_DUPLICATE DeprecatedHmacMd5Dupl=
icate;=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_MD5_UPDATE DeprecatedHmacMd5Upda=
te;=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FINAL DeprecatedHmacMd5Fina=
l;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_MD5_NEW DeprecatedHmacMd5New=
;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FREE DeprecatedHmacMd5Fre=
e;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_MD5_SET_KEY DeprecatedHmacMd5Set=
Key;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_MD5_DUPLICATE DeprecatedHmacMd5Dup=
licate;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_MD5_UPDATE DeprecatedHmacMd5Upd=
ate;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_MD5_FINAL DeprecatedHmacMd5Fin=
al;=0D
/// HMAC SHA1 - deprecated and unsupported=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_NEW DeprecatedHmacSha1New=
;=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FREE DeprecatedHmacSha1Fre=
e;=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_SET_KEY DeprecatedHmacSha1Set=
Key;=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_DUPLICATE DeprecatedHmacSha1Dup=
licate;=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_UPDATE DeprecatedHmacSha1Upd=
ate;=0D
- DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FINAL DeprecatedHmacSha1Fin=
al;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_NEW DeprecatedHmacSha1Ne=
w;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FREE DeprecatedHmacSha1Fr=
ee;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_SET_KEY DeprecatedHmacSha1Se=
tKey;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_DUPLICATE DeprecatedHmacSha1Du=
plicate;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_UPDATE DeprecatedHmacSha1Up=
date;=0D
+ DEPRECATED_EDKII_CRYPTO_HMAC_SHA1_FINAL DeprecatedHmacSha1Fi=
nal;=0D
/// HMAC SHA256=0D
- EDKII_CRYPTO_HMAC_SHA256_NEW HmacSha256New;=0D
- EDKII_CRYPTO_HMAC_SHA256_FREE HmacSha256Free;=0D
- EDKII_CRYPTO_HMAC_SHA256_SET_KEY HmacSha256SetKey;=0D
- EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate;=
=0D
- EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update;=0D
- EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final;=0D
+ EDKII_CRYPTO_HMAC_SHA256_NEW HmacSha256New;=0D
+ EDKII_CRYPTO_HMAC_SHA256_FREE HmacSha256Free;=0D
+ EDKII_CRYPTO_HMAC_SHA256_SET_KEY HmacSha256SetKey;=0D
+ EDKII_CRYPTO_HMAC_SHA256_DUPLICATE HmacSha256Duplicate;=
=0D
+ EDKII_CRYPTO_HMAC_SHA256_UPDATE HmacSha256Update;=0D
+ EDKII_CRYPTO_HMAC_SHA256_FINAL HmacSha256Final;=0D
/// Md4 - deprecated and unsupported=0D
- DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE DeprecatedMd4GetConte=
xtSize;=0D
- DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init;=0D
- DEPRECATED_EDKII_CRYPTO_MD4_DUPLICATE DeprecatedMd4Duplicat=
e;=0D
- DEPRECATED_EDKII_CRYPTO_MD4_UPDATE DeprecatedMd4Update;=
=0D
- DEPRECATED_EDKII_CRYPTO_MD4_FINAL DeprecatedMd4Final;=0D
- DEPRECATED_EDKII_CRYPTO_MD4_HASH_ALL DeprecatedMd4HashAll;=
=0D
+ DEPRECATED_EDKII_CRYPTO_MD4_GET_CONTEXT_SIZE DeprecatedMd4GetCont=
extSize;=0D
+ DEPRECATED_EDKII_CRYPTO_MD4_INIT DeprecatedMd4Init;=0D
+ DEPRECATED_EDKII_CRYPTO_MD4_DUPLICATE DeprecatedMd4Duplica=
te;=0D
+ DEPRECATED_EDKII_CRYPTO_MD4_UPDATE DeprecatedMd4Update;=
=0D
+ DEPRECATED_EDKII_CRYPTO_MD4_FINAL DeprecatedMd4Final;=
=0D
+ DEPRECATED_EDKII_CRYPTO_MD4_HASH_ALL DeprecatedMd4HashAll=
;=0D
/// Md5=0D
- EDKII_CRYPTO_MD5_GET_CONTEXT_SIZE Md5GetContextSize;=0D
- EDKII_CRYPTO_MD5_INIT Md5Init;=0D
- EDKII_CRYPTO_MD5_DUPLICATE Md5Duplicate;=0D
- EDKII_CRYPTO_MD5_UPDATE Md5Update;=0D
- EDKII_CRYPTO_MD5_FINAL Md5Final;=0D
- EDKII_CRYPTO_MD5_HASH_ALL Md5HashAll;=0D
+ EDKII_CRYPTO_MD5_GET_CONTEXT_SIZE Md5GetContextSize;=0D
+ EDKII_CRYPTO_MD5_INIT Md5Init;=0D
+ EDKII_CRYPTO_MD5_DUPLICATE Md5Duplicate;=0D
+ EDKII_CRYPTO_MD5_UPDATE Md5Update;=0D
+ EDKII_CRYPTO_MD5_FINAL Md5Final;=0D
+ EDKII_CRYPTO_MD5_HASH_ALL Md5HashAll;=0D
/// Pkcs=0D
- EDKII_CRYPTO_PKCS1_ENCRYPT_V2 Pkcs1v2Encrypt;=0D
- EDKII_CRYPTO_PKCS5_PW_HASH Pkcs5HashPassword;=0D
- EDKII_CRYPTO_PKCS7_VERIFY Pkcs7Verify;=0D
- EDKII_CRYPTO_PKCS7_VERIFY_EKU VerifyEKUsInPkcs7Sign=
ature;=0D
- EDKII_CRYPTO_PKCS7_GET_SIGNERS Pkcs7GetSigners;=0D
- EDKII_CRYPTO_PKCS7_FREE_SIGNERS Pkcs7FreeSigners;=0D
- EDKII_CRYPTO_PKCS7_SIGN Pkcs7Sign;=0D
- EDKII_CRYPTO_PKCS7_GET_ATTACHED_CONTENT Pkcs7GetAttachedConte=
nt;=0D
- EDKII_CRYPTO_PKCS7_GET_CERTIFICATES_LIST Pkcs7GetCertificatesL=
ist;=0D
- EDKII_CRYPTO_AUTHENTICODE_VERIFY AuthenticodeVerify;=0D
- EDKII_CRYPTO_IMAGE_TIMESTAMP_VERIFY ImageTimestampVerify;=
=0D
+ EDKII_CRYPTO_PKCS1_ENCRYPT_V2 Pkcs1v2Encrypt;=0D
+ EDKII_CRYPTO_PKCS5_PW_HASH Pkcs5HashPassword;=0D
+ EDKII_CRYPTO_PKCS7_VERIFY Pkcs7Verify;=0D
+ EDKII_CRYPTO_PKCS7_VERIFY_EKU VerifyEKUsInPkcs7Sig=
nature;=0D
+ EDKII_CRYPTO_PKCS7_GET_SIGNERS Pkcs7GetSigners;=0D
+ EDKII_CRYPTO_PKCS7_FREE_SIGNERS Pkcs7FreeSigners;=0D
+ EDKII_CRYPTO_PKCS7_SIGN Pkcs7Sign;=0D
+ EDKII_CRYPTO_PKCS7_GET_ATTACHED_CONTENT Pkcs7GetAttachedCont=
ent;=0D
+ EDKII_CRYPTO_PKCS7_GET_CERTIFICATES_LIST Pkcs7GetCertificates=
List;=0D
+ EDKII_CRYPTO_AUTHENTICODE_VERIFY AuthenticodeVerify;=
=0D
+ EDKII_CRYPTO_IMAGE_TIMESTAMP_VERIFY ImageTimestampVerify=
;=0D
/// DH=0D
- EDKII_CRYPTO_DH_NEW DhNew;=0D
- EDKII_CRYPTO_DH_FREE DhFree;=0D
- EDKII_CRYPTO_DH_GENERATE_PARAMETER DhGenerateParameter;=
=0D
- EDKII_CRYPTO_DH_SET_PARAMETER DhSetParameter;=0D
- EDKII_CRYPTO_DH_GENERATE_KEY DhGenerateKey;=0D
- EDKII_CRYPTO_DH_COMPUTE_KEY DhComputeKey;=0D
+ EDKII_CRYPTO_DH_NEW DhNew;=0D
+ EDKII_CRYPTO_DH_FREE DhFree;=0D
+ EDKII_CRYPTO_DH_GENERATE_PARAMETER DhGenerateParameter;=
=0D
+ EDKII_CRYPTO_DH_SET_PARAMETER DhSetParameter;=0D
+ EDKII_CRYPTO_DH_GENERATE_KEY DhGenerateKey;=0D
+ EDKII_CRYPTO_DH_COMPUTE_KEY DhComputeKey;=0D
/// Random=0D
- EDKII_CRYPTO_RANDOM_SEED RandomSeed;=0D
- EDKII_CRYPTO_RANDOM_BYTES RandomBytes;=0D
+ EDKII_CRYPTO_RANDOM_SEED RandomSeed;=0D
+ EDKII_CRYPTO_RANDOM_BYTES RandomBytes;=0D
/// RSA=0D
- EDKII_CRYPTO_RSA_VERIFY_PKCS1 RsaVerifyPkcs1;=0D
- EDKII_CRYPTO_RSA_NEW RsaNew;=0D
- EDKII_CRYPTO_RSA_FREE RsaFree;=0D
- EDKII_CRYPTO_RSA_SET_KEY RsaSetKey;=0D
- EDKII_CRYPTO_RSA_GET_KEY RsaGetKey;=0D
- EDKII_CRYPTO_RSA_GENERATE_KEY RsaGenerateKey;=0D
- EDKII_CRYPTO_RSA_CHECK_KEY RsaCheckKey;=0D
- EDKII_CRYPTO_RSA_PKCS1_SIGN RsaPkcs1Sign;=0D
- EDKII_CRYPTO_RSA_PKCS1_VERIFY RsaPkcs1Verify;=0D
- EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM RsaGetPrivateKeyFromP=
em;=0D
- EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509 RsaGetPublicKeyFromX5=
09;=0D
+ EDKII_CRYPTO_RSA_VERIFY_PKCS1 RsaVerifyPkcs1;=0D
+ EDKII_CRYPTO_RSA_NEW RsaNew;=0D
+ EDKII_CRYPTO_RSA_FREE RsaFree;=0D
+ EDKII_CRYPTO_RSA_SET_KEY RsaSetKey;=0D
+ EDKII_CRYPTO_RSA_GET_KEY RsaGetKey;=0D
+ EDKII_CRYPTO_RSA_GENERATE_KEY RsaGenerateKey;=0D
+ EDKII_CRYPTO_RSA_CHECK_KEY RsaCheckKey;=0D
+ EDKII_CRYPTO_RSA_PKCS1_SIGN RsaPkcs1Sign;=0D
+ EDKII_CRYPTO_RSA_PKCS1_VERIFY RsaPkcs1Verify;=0D
+ EDKII_CRYPTO_RSA_GET_PRIVATE_KEY_FROM_PEM RsaGetPrivateKeyFrom=
Pem;=0D
+ EDKII_CRYPTO_RSA_GET_PUBLIC_KEY_FROM_X509 RsaGetPublicKeyFromX=
509;=0D
/// Sha1=0D
- EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE Sha1GetContextSize;=0D
- EDKII_CRYPTO_SHA1_INIT Sha1Init;=0D
- EDKII_CRYPTO_SHA1_DUPLICATE Sha1Duplicate;=0D
- EDKII_CRYPTO_SHA1_UPDATE Sha1Update;=0D
- EDKII_CRYPTO_SHA1_FINAL Sha1Final;=0D
- EDKII_CRYPTO_SHA1_HASH_ALL Sha1HashAll;=0D
+ EDKII_CRYPTO_SHA1_GET_CONTEXT_SIZE Sha1GetContextSize;=
=0D
+ EDKII_CRYPTO_SHA1_INIT Sha1Init;=0D
+ EDKII_CRYPTO_SHA1_DUPLICATE Sha1Duplicate;=0D
+ EDKII_CRYPTO_SHA1_UPDATE Sha1Update;=0D
+ EDKII_CRYPTO_SHA1_FINAL Sha1Final;=0D
+ EDKII_CRYPTO_SHA1_HASH_ALL Sha1HashAll;=0D
/// Sha256=0D
- EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE Sha256GetContextSize;=
=0D
- EDKII_CRYPTO_SHA256_INIT Sha256Init;=0D
- EDKII_CRYPTO_SHA256_DUPLICATE Sha256Duplicate;=0D
- EDKII_CRYPTO_SHA256_UPDATE Sha256Update;=0D
- EDKII_CRYPTO_SHA256_FINAL Sha256Final;=0D
- EDKII_CRYPTO_SHA256_HASH_ALL Sha256HashAll;=0D
+ EDKII_CRYPTO_SHA256_GET_CONTEXT_SIZE Sha256GetContextSize=
;=0D
+ EDKII_CRYPTO_SHA256_INIT Sha256Init;=0D
+ EDKII_CRYPTO_SHA256_DUPLICATE Sha256Duplicate;=0D
+ EDKII_CRYPTO_SHA256_UPDATE Sha256Update;=0D
+ EDKII_CRYPTO_SHA256_FINAL Sha256Final;=0D
+ EDKII_CRYPTO_SHA256_HASH_ALL Sha256HashAll;=0D
/// Sha384=0D
- EDKII_CRYPTO_SHA384_GET_CONTEXT_SIZE Sha384GetContextSize;=
=0D
- EDKII_CRYPTO_SHA384_INIT Sha384Init;=0D
- EDKII_CRYPTO_SHA384_DUPLICATE Sha384Duplicate;=0D
- EDKII_CRYPTO_SHA384_UPDATE Sha384Update;=0D
- EDKII_CRYPTO_SHA384_FINAL Sha384Final;=0D
- EDKII_CRYPTO_SHA384_HASH_ALL Sha384HashAll;=0D
+ EDKII_CRYPTO_SHA384_GET_CONTEXT_SIZE Sha384GetContextSize=
;=0D
+ EDKII_CRYPTO_SHA384_INIT Sha384Init;=0D
+ EDKII_CRYPTO_SHA384_DUPLICATE Sha384Duplicate;=0D
+ EDKII_CRYPTO_SHA384_UPDATE Sha384Update;=0D
+ EDKII_CRYPTO_SHA384_FINAL Sha384Final;=0D
+ EDKII_CRYPTO_SHA384_HASH_ALL Sha384HashAll;=0D
/// Sha512=0D
- EDKII_CRYPTO_SHA512_GET_CONTEXT_SIZE Sha512GetContextSize;=
=0D
- EDKII_CRYPTO_SHA512_INIT Sha512Init;=0D
- EDKII_CRYPTO_SHA512_DUPLICATE Sha512Duplicate;=0D
- EDKII_CRYPTO_SHA512_UPDATE Sha512Update;=0D
- EDKII_CRYPTO_SHA512_FINAL Sha512Final;=0D
- EDKII_CRYPTO_SHA512_HASH_ALL Sha512HashAll;=0D
+ EDKII_CRYPTO_SHA512_GET_CONTEXT_SIZE Sha512GetContextSize=
;=0D
+ EDKII_CRYPTO_SHA512_INIT Sha512Init;=0D
+ EDKII_CRYPTO_SHA512_DUPLICATE Sha512Duplicate;=0D
+ EDKII_CRYPTO_SHA512_UPDATE Sha512Update;=0D
+ EDKII_CRYPTO_SHA512_FINAL Sha512Final;=0D
+ EDKII_CRYPTO_SHA512_HASH_ALL Sha512HashAll;=0D
/// X509=0D
- EDKII_CRYPTO_X509_GET_SUBJECT_NAME X509GetSubjectName;=0D
- EDKII_CRYPTO_X509_GET_COMMON_NAME X509GetCommonName;=0D
- EDKII_CRYPTO_X509_GET_ORGANIZATION_NAME X509GetOrganizationNa=
me;=0D
- EDKII_CRYPTO_X509_VERIFY_CERT X509VerifyCert;=0D
- EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE X509ConstructCertific=
ate;=0D
- EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK X509ConstructCertific=
ateStack;=0D
- EDKII_CRYPTO_X509_FREE X509Free;=0D
- EDKII_CRYPTO_X509_STACK_FREE X509StackFree;=0D
- EDKII_CRYPTO_X509_GET_TBS_CERT X509GetTBSCert;=0D
+ EDKII_CRYPTO_X509_GET_SUBJECT_NAME X509GetSubjectName;=
=0D
+ EDKII_CRYPTO_X509_GET_COMMON_NAME X509GetCommonName;=0D
+ EDKII_CRYPTO_X509_GET_ORGANIZATION_NAME X509GetOrganizationN=
ame;=0D
+ EDKII_CRYPTO_X509_VERIFY_CERT X509VerifyCert;=0D
+ EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE X509ConstructCertifi=
cate;=0D
+ EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK X509ConstructCertifi=
cateStack;=0D
+ EDKII_CRYPTO_X509_FREE X509Free;=0D
+ EDKII_CRYPTO_X509_STACK_FREE X509StackFree;=0D
+ EDKII_CRYPTO_X509_GET_TBS_CERT X509GetTBSCert;=0D
/// TDES - deprecated and unsupported=0D
- DEPRECATED_EDKII_CRYPTO_TDES_GET_CONTEXT_SIZE DeprecatedTdesGetCont=
extSize;=0D
- DEPRECATED_EDKII_CRYPTO_TDES_INIT DeprecatedTdesInit;=0D
- DEPRECATED_EDKII_CRYPTO_TDES_ECB_ENCRYPT DeprecatedTdesEcbEncr=
ypt;=0D
- DEPRECATED_EDKII_CRYPTO_TDES_ECB_DECRYPT DeprecatedTdesEcbDecr=
ypt;=0D
- DEPRECATED_EDKII_CRYPTO_TDES_CBC_ENCRYPT DeprecatedTdesCbcEncr=
ypt;=0D
- DEPRECATED_EDKII_CRYPTO_TDES_CBC_DECRYPT DeprecatedTdesCbcDecr=
ypt;=0D
+ DEPRECATED_EDKII_CRYPTO_TDES_GET_CONTEXT_SIZE DeprecatedTdesGetCon=
textSize;=0D
+ DEPRECATED_EDKII_CRYPTO_TDES_INIT DeprecatedTdesInit;=
=0D
+ DEPRECATED_EDKII_CRYPTO_TDES_ECB_ENCRYPT DeprecatedTdesEcbEnc=
rypt;=0D
+ DEPRECATED_EDKII_CRYPTO_TDES_ECB_DECRYPT DeprecatedTdesEcbDec=
rypt;=0D
+ DEPRECATED_EDKII_CRYPTO_TDES_CBC_ENCRYPT DeprecatedTdesCbcEnc=
rypt;=0D
+ DEPRECATED_EDKII_CRYPTO_TDES_CBC_DECRYPT DeprecatedTdesCbcDec=
rypt;=0D
/// AES - ECB Mode is deprecated and unsupported=0D
- EDKII_CRYPTO_AES_GET_CONTEXT_SIZE AesGetContextSize;=0D
- EDKII_CRYPTO_AES_INIT AesInit;=0D
- DEPRECATED_EDKII_CRYPTO_AES_ECB_ENCRYPT DeprecatedAesEcbEncry=
pt;=0D
- DEPRECATED_EDKII_CRYPTO_AES_ECB_DECRYPT DeprecatedAesEcbDecry=
pt;=0D
- EDKII_CRYPTO_AES_CBC_ENCRYPT AesCbcEncrypt;=0D
- EDKII_CRYPTO_AES_CBC_DECRYPT AesCbcDecrypt;=0D
+ EDKII_CRYPTO_AES_GET_CONTEXT_SIZE AesGetContextSize;=0D
+ EDKII_CRYPTO_AES_INIT AesInit;=0D
+ DEPRECATED_EDKII_CRYPTO_AES_ECB_ENCRYPT DeprecatedAesEcbEncr=
ypt;=0D
+ DEPRECATED_EDKII_CRYPTO_AES_ECB_DECRYPT DeprecatedAesEcbDecr=
ypt;=0D
+ EDKII_CRYPTO_AES_CBC_ENCRYPT AesCbcEncrypt;=0D
+ EDKII_CRYPTO_AES_CBC_DECRYPT AesCbcDecrypt;=0D
/// Arc4 - deprecated and unsupported=0D
- DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE DeprecatedArc4GetCont=
extSize;=0D
- DEPRECATED_EDKII_CRYPTO_ARC4_INIT DeprecatedArc4Init;=0D
- DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT DeprecatedArc4Encrypt=
;=0D
- DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT DeprecatedArc4Decrypt=
;=0D
- DEPRECATED_EDKII_CRYPTO_ARC4_RESET DeprecatedArc4Reset;=
=0D
+ DEPRECATED_EDKII_CRYPTO_ARC4_GET_CONTEXT_SIZE DeprecatedArc4GetCon=
textSize;=0D
+ DEPRECATED_EDKII_CRYPTO_ARC4_INIT DeprecatedArc4Init;=
=0D
+ DEPRECATED_EDKII_CRYPTO_ARC4_ENCRYPT DeprecatedArc4Encryp=
t;=0D
+ DEPRECATED_EDKII_CRYPTO_ARC4_DECRYPT DeprecatedArc4Decryp=
t;=0D
+ DEPRECATED_EDKII_CRYPTO_ARC4_RESET DeprecatedArc4Reset;=
=0D
/// SM3=0D
- EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE Sm3GetContextSize;=0D
- EDKII_CRYPTO_SM3_INIT Sm3Init;=0D
- EDKII_CRYPTO_SM3_DUPLICATE Sm3Duplicate;=0D
- EDKII_CRYPTO_SM3_UPDATE Sm3Update;=0D
- EDKII_CRYPTO_SM3_FINAL Sm3Final;=0D
- EDKII_CRYPTO_SM3_HASH_ALL Sm3HashAll;=0D
+ EDKII_CRYPTO_SM3_GET_CONTEXT_SIZE Sm3GetContextSize;=0D
+ EDKII_CRYPTO_SM3_INIT Sm3Init;=0D
+ EDKII_CRYPTO_SM3_DUPLICATE Sm3Duplicate;=0D
+ EDKII_CRYPTO_SM3_UPDATE Sm3Update;=0D
+ EDKII_CRYPTO_SM3_FINAL Sm3Final;=0D
+ EDKII_CRYPTO_SM3_HASH_ALL Sm3HashAll;=0D
/// HKDF=0D
- EDKII_CRYPTO_HKDF_SHA_256_EXTRACT_AND_EXPAND HkdfSha256ExtractAndE=
xpand;=0D
+ EDKII_CRYPTO_HKDF_SHA_256_EXTRACT_AND_EXPAND HkdfSha256ExtractAnd=
Expand;=0D
/// X509 (Continued)=0D
- EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK_V X509ConstructCertific=
ateStackV;=0D
+ EDKII_CRYPTO_X509_CONSTRUCT_CERTIFICATE_STACK_V X509ConstructCertifi=
cateStackV;=0D
/// TLS=0D
- EDKII_CRYPTO_TLS_INITIALIZE TlsInitialize;=0D
- EDKII_CRYPTO_TLS_CTX_FREE TlsCtxFree;=0D
- EDKII_CRYPTO_TLS_CTX_NEW TlsCtxNew;=0D
- EDKII_CRYPTO_TLS_FREE TlsFree;=0D
- EDKII_CRYPTO_TLS_NEW TlsNew;=0D
- EDKII_CRYPTO_TLS_IN_HANDSHAKE TlsInHandshake;=0D
- EDKII_CRYPTO_TLS_DO_HANDSHAKE TlsDoHandshake;=0D
- EDKII_CRYPTO_TLS_HANDLE_ALERT TlsHandleAlert;=0D
- EDKII_CRYPTO_TLS_CLOSE_NOTIFY TlsCloseNotify;=0D
- EDKII_CRYPTO_TLS_CTRL_TRAFFIC_OUT TlsCtrlTrafficOut;=0D
- EDKII_CRYPTO_TLS_CTRL_TRAFFIC_IN TlsCtrlTrafficIn;=0D
- EDKII_CRYPTO_TLS_READ TlsRead;=0D
- EDKII_CRYPTO_TLS_WRITE TlsWrite;=0D
+ EDKII_CRYPTO_TLS_INITIALIZE TlsInitialize;=0D
+ EDKII_CRYPTO_TLS_CTX_FREE TlsCtxFree;=0D
+ EDKII_CRYPTO_TLS_CTX_NEW TlsCtxNew;=0D
+ EDKII_CRYPTO_TLS_FREE TlsFree;=0D
+ EDKII_CRYPTO_TLS_NEW TlsNew;=0D
+ EDKII_CRYPTO_TLS_IN_HANDSHAKE TlsInHandshake;=0D
+ EDKII_CRYPTO_TLS_DO_HANDSHAKE TlsDoHandshake;=0D
+ EDKII_CRYPTO_TLS_HANDLE_ALERT TlsHandleAlert;=0D
+ EDKII_CRYPTO_TLS_CLOSE_NOTIFY TlsCloseNotify;=0D
+ EDKII_CRYPTO_TLS_CTRL_TRAFFIC_OUT TlsCtrlTrafficOut;=0D
+ EDKII_CRYPTO_TLS_CTRL_TRAFFIC_IN TlsCtrlTrafficIn;=0D
+ EDKII_CRYPTO_TLS_READ TlsRead;=0D
+ EDKII_CRYPTO_TLS_WRITE TlsWrite;=0D
/// TLS Set=0D
- EDKII_CRYPTO_TLS_SET_VERSION TlsSetVersion;=0D
- EDKII_CRYPTO_TLS_SET_CONNECTION_END TlsSetConnectionEnd;=
=0D
- EDKII_CRYPTO_TLS_SET_CIPHER_LIST TlsSetCipherList;=0D
- EDKII_CRYPTO_TLS_SET_COMPRESSION_METHOD TlsSetCompressionMeth=
od;=0D
- EDKII_CRYPTO_TLS_SET_VERIFY TlsSetVerify;=0D
- EDKII_CRYPTO_TLS_SET_VERIFY_HOST TlsSetVerifyHost;=0D
- EDKII_CRYPTO_TLS_SET_SESSIONID TlsSetSessionId;=0D
- EDKII_CRYPTO_TLS_SET_CA_CERTIFICATE TlsSetCaCertificate;=
=0D
- EDKII_CRYPTO_TLS_SET_HOST_PUBLIC_CERT TlsSetHostPublicCert;=
=0D
- EDKII_CRYPTO_TLS_SET_HOST_PRIVATE_KEY TlsSetHostPrivateKey;=
=0D
- EDKII_CRYPTO_TLS_SET_CERT_REVOCATION_LIST TlsSetCertRevocationL=
ist;=0D
+ EDKII_CRYPTO_TLS_SET_VERSION TlsSetVersion;=0D
+ EDKII_CRYPTO_TLS_SET_CONNECTION_END TlsSetConnectionEnd;=
=0D
+ EDKII_CRYPTO_TLS_SET_CIPHER_LIST TlsSetCipherList;=0D
+ EDKII_CRYPTO_TLS_SET_COMPRESSION_METHOD TlsSetCompressionMet=
hod;=0D
+ EDKII_CRYPTO_TLS_SET_VERIFY TlsSetVerify;=0D
+ EDKII_CRYPTO_TLS_SET_VERIFY_HOST TlsSetVerifyHost;=0D
+ EDKII_CRYPTO_TLS_SET_SESSIONID TlsSetSessionId;=0D
+ EDKII_CRYPTO_TLS_SET_CA_CERTIFICATE TlsSetCaCertificate;=
=0D
+ EDKII_CRYPTO_TLS_SET_HOST_PUBLIC_CERT TlsSetHostPublicCert=
;=0D
+ EDKII_CRYPTO_TLS_SET_HOST_PRIVATE_KEY TlsSetHostPrivateKey=
;=0D
+ EDKII_CRYPTO_TLS_SET_CERT_REVOCATION_LIST TlsSetCertRevocation=
List;=0D
/// TLS Get=0D
- EDKII_CRYPTO_TLS_GET_VERSION TlsGetVersion;=0D
- EDKII_CRYPTO_TLS_GET_CONNECTION_END TlsGetConnectionEnd;=
=0D
- EDKII_CRYPTO_TLS_GET_CURRENT_CIPHER TlsGetCurrentCipher;=
=0D
- EDKII_CRYPTO_TLS_GET_CURRENT_COMPRESSION_ID TlsGetCurrentCompress=
ionId;=0D
- EDKII_CRYPTO_TLS_GET_VERIFY TlsGetVerify;=0D
- EDKII_CRYPTO_TLS_GET_SESSION_ID TlsGetSessionId;=0D
- EDKII_CRYPTO_TLS_GET_CLIENT_RANDOM TlsGetClientRandom;=0D
- EDKII_CRYPTO_TLS_GET_SERVER_RANDOM TlsGetServerRandom;=0D
- EDKII_CRYPTO_TLS_GET_KEY_MATERIAL TlsGetKeyMaterial;=0D
- EDKII_CRYPTO_TLS_GET_CA_CERTIFICATE TlsGetCaCertificate;=
=0D
- EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert;=
=0D
- EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey;=
=0D
- EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocationL=
ist;=0D
+ EDKII_CRYPTO_TLS_GET_VERSION TlsGetVersion;=0D
+ EDKII_CRYPTO_TLS_GET_CONNECTION_END TlsGetConnectionEnd;=
=0D
+ EDKII_CRYPTO_TLS_GET_CURRENT_CIPHER TlsGetCurrentCipher;=
=0D
+ EDKII_CRYPTO_TLS_GET_CURRENT_COMPRESSION_ID TlsGetCurrentCompres=
sionId;=0D
+ EDKII_CRYPTO_TLS_GET_VERIFY TlsGetVerify;=0D
+ EDKII_CRYPTO_TLS_GET_SESSION_ID TlsGetSessionId;=0D
+ EDKII_CRYPTO_TLS_GET_CLIENT_RANDOM TlsGetClientRandom;=
=0D
+ EDKII_CRYPTO_TLS_GET_SERVER_RANDOM TlsGetServerRandom;=
=0D
+ EDKII_CRYPTO_TLS_GET_KEY_MATERIAL TlsGetKeyMaterial;=0D
+ EDKII_CRYPTO_TLS_GET_CA_CERTIFICATE TlsGetCaCertificate;=
=0D
+ EDKII_CRYPTO_TLS_GET_HOST_PUBLIC_CERT TlsGetHostPublicCert=
;=0D
+ EDKII_CRYPTO_TLS_GET_HOST_PRIVATE_KEY TlsGetHostPrivateKey=
;=0D
+ EDKII_CRYPTO_TLS_GET_CERT_REVOCATION_LIST TlsGetCertRevocation=
List;=0D
/// RSA PSS=0D
- EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;=0D
- EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;=0D
+ EDKII_CRYPTO_RSA_PSS_SIGN RsaPssSign;=0D
+ EDKII_CRYPTO_RSA_PSS_VERIFY RsaPssVerify;=0D
/// Parallel hash=0D
- EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashAl=
l;=0D
+ EDKII_CRYPTO_PARALLEL_HASH_ALL ParallelHash256HashA=
ll;=0D
/// HMAC SHA256 (continued)=0D
- EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All;=0D
+ EDKII_CRYPTO_HMAC_SHA256_ALL HmacSha256All;=0D
/// HMAC SHA384=0D
- EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New;=0D
- EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free;=0D
- EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey;=0D
- EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate;=
=0D
- EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update;=0D
- EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final;=0D
- EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All;=0D
+ EDKII_CRYPTO_HMAC_SHA384_NEW HmacSha384New;=0D
+ EDKII_CRYPTO_HMAC_SHA384_FREE HmacSha384Free;=0D
+ EDKII_CRYPTO_HMAC_SHA384_SET_KEY HmacSha384SetKey;=0D
+ EDKII_CRYPTO_HMAC_SHA384_DUPLICATE HmacSha384Duplicate;=
=0D
+ EDKII_CRYPTO_HMAC_SHA384_UPDATE HmacSha384Update;=0D
+ EDKII_CRYPTO_HMAC_SHA384_FINAL HmacSha384Final;=0D
+ EDKII_CRYPTO_HMAC_SHA384_ALL HmacSha384All;=0D
/// HKDF (continued)=0D
- EDKII_CRYPTO_HKDF_SHA_256_EXTRACT HkdfSha256Extract;=0D
- EDKII_CRYPTO_HKDF_SHA_256_EXPAND HkdfSha256Expand;=0D
- EDKII_CRYPTO_HKDF_SHA_384_EXTRACT_AND_EXPAND HkdfSha384ExtractAndE=
xpand;=0D
- EDKII_CRYPTO_HKDF_SHA_384_EXTRACT HkdfSha384Extract;=0D
- EDKII_CRYPTO_HKDF_SHA_384_EXPAND HkdfSha384Expand;=0D
+ EDKII_CRYPTO_HKDF_SHA_256_EXTRACT HkdfSha256Extract;=0D
+ EDKII_CRYPTO_HKDF_SHA_256_EXPAND HkdfSha256Expand;=0D
+ EDKII_CRYPTO_HKDF_SHA_384_EXTRACT_AND_EXPAND HkdfSha384ExtractAnd=
Expand;=0D
+ EDKII_CRYPTO_HKDF_SHA_384_EXTRACT HkdfSha384Extract;=0D
+ EDKII_CRYPTO_HKDF_SHA_384_EXPAND HkdfSha384Expand;=0D
/// AEAD AES-GCM=0D
- EDKII_AEAD_AES_GCM_ENCRYPT AeadAesGcmEncrypt;=0D
- EDKII_AEAD_AES_GCM_DECRYPT AeadAesGcmDecrypt;=0D
+ EDKII_AEAD_AES_GCM_ENCRYPT AeadAesGcmEncrypt;=0D
+ EDKII_AEAD_AES_GCM_DECRYPT AeadAesGcmDecrypt;=0D
/// BIGNUM=0D
- EDKII_CRYPTO_BIGNUM_INIT BigNumInit;=0D
- EDKII_CRYPTO_BIGNUM_FROM_BIN BigNumFromBin;=0D
- EDKII_CRYPTO_BIGNUM_TO_BIN BigNumToBin;=0D
- EDKII_CRYPTO_BIGNUM_FREE BigNumFree;=0D
- EDKII_CRYPTO_BIGNUM_ADD BigNumAdd;=0D
- EDKII_CRYPTO_BIGNUM_SUB BigNumSub;=0D
- EDKII_CRYPTO_BIGNUM_MOD BigNumMod;=0D
- EDKII_CRYPTO_BIGNUM_EXP_MOD BigNumExpMod;=0D
- EDKII_CRYPTO_BIGNUM_INVERSE_MOD BigNumInverseMod;=0D
- EDKII_CRYPTO_BIGNUM_DIV BigNumDiv;=0D
- EDKII_CRYPTO_BIGNUM_MUL_MOD BigNumMulMod;=0D
- EDKII_CRYPTO_BIGNUM_CMP BigNumCmp;=0D
- EDKII_CRYPTO_BIGNUM_BITS BigNumBits;=0D
- EDKII_CRYPTO_BIGNUM_BYTES BigNumBytes;=0D
- EDKII_CRYPTO_BIGNUM_IS_WORD BigNumIsWord;=0D
- EDKII_CRYPTO_BIGNUM_IS_ODD BigNumIsOdd;=0D
- EDKII_CRYPTO_BIGNUM_COPY BigNumCopy;=0D
- EDKII_CRYPTO_BIGNUM_VALUE_ONE BigNumValueOne;=0D
- EDKII_CRYPTO_BIGNUM_R_SHIFT BigNumRShift;=0D
- EDKII_CRYPTO_BIGNUM_CONST_TIME BigNumConstTime;=0D
- EDKII_CRYPTO_BIGNUM_SQR_MOD BigNumSqrMod;=0D
- EDKII_CRYPTO_BIGNUM_NEW_CONTEXT BigNumNewContext;=0D
- EDKII_CRYPTO_BIGNUM_CONTEXT_FREE BigNumContextFree;=0D
- EDKII_CRYPTO_BIGNUM_SET_UINT BigNumSetUint;=0D
- EDKII_CRYPTO_BIGNUM_ADD_MOD BigNumAddMod;=0D
+ EDKII_CRYPTO_BIGNUM_INIT BigNumInit;=0D
+ EDKII_CRYPTO_BIGNUM_FROM_BIN BigNumFromBin;=0D
+ EDKII_CRYPTO_BIGNUM_TO_BIN BigNumToBin;=0D
+ EDKII_CRYPTO_BIGNUM_FREE BigNumFree;=0D
+ EDKII_CRYPTO_BIGNUM_ADD BigNumAdd;=0D
+ EDKII_CRYPTO_BIGNUM_SUB BigNumSub;=0D
+ EDKII_CRYPTO_BIGNUM_MOD BigNumMod;=0D
+ EDKII_CRYPTO_BIGNUM_EXP_MOD BigNumExpMod;=0D
+ EDKII_CRYPTO_BIGNUM_INVERSE_MOD BigNumInverseMod;=0D
+ EDKII_CRYPTO_BIGNUM_DIV BigNumDiv;=0D
+ EDKII_CRYPTO_BIGNUM_MUL_MOD BigNumMulMod;=0D
+ EDKII_CRYPTO_BIGNUM_CMP BigNumCmp;=0D
+ EDKII_CRYPTO_BIGNUM_BITS BigNumBits;=0D
+ EDKII_CRYPTO_BIGNUM_BYTES BigNumBytes;=0D
+ EDKII_CRYPTO_BIGNUM_IS_WORD BigNumIsWord;=0D
+ EDKII_CRYPTO_BIGNUM_IS_ODD BigNumIsOdd;=0D
+ EDKII_CRYPTO_BIGNUM_COPY BigNumCopy;=0D
+ EDKII_CRYPTO_BIGNUM_VALUE_ONE BigNumValueOne;=0D
+ EDKII_CRYPTO_BIGNUM_R_SHIFT BigNumRShift;=0D
+ EDKII_CRYPTO_BIGNUM_CONST_TIME BigNumConstTime;=0D
+ EDKII_CRYPTO_BIGNUM_SQR_MOD BigNumSqrMod;=0D
+ EDKII_CRYPTO_BIGNUM_NEW_CONTEXT BigNumNewContext;=0D
+ EDKII_CRYPTO_BIGNUM_CONTEXT_FREE BigNumContextFree;=0D
+ EDKII_CRYPTO_BIGNUM_SET_UINT BigNumSetUint;=0D
+ EDKII_CRYPTO_BIGNUM_ADD_MOD BigNumAddMod;=0D
+ /// X509 (Continued)=0D
+ EDKII_CRYPTO_X509_GET_VERSION X509GetVersion;=0D
+ EDKII_CRYPTO_X509_GET_SERIAL_NUMBER X509GetSerialNumber;=
=0D
+ EDKII_CRYPTO_X509_GET_ISSUER_NAME X509GetIssuerName;=0D
+ EDKII_CRYPTO_X509_GET_SIGNATURE_ALGORITHM X509GetSignatureAlgo=
rithm;=0D
+ EDKII_CRYPTO_X509_GET_EXTENSION_DATA X509GetExtensionData=
;=0D
+ EDKII_CRYPTO_X509_GET_EXTENDED_KEY_USAGE X509GetExtendedKeyUs=
age;=0D
+ EDKII_CRYPTO_X509_GET_VALIDITY X509GetValidity;=0D
+ EDKII_CRYPTO_X509_SET_DATE_TIME X509SetDateTime;=0D
+ EDKII_CRYPTO_X509_COMPARE_DATE_TIME X509CompareDateTime;=
=0D
+ EDKII_CRYPTO_X509_GET_KEY_USAGE X509GetKeyUsage;=0D
+ EDKII_CRYPTO_X509_VERIFY_CERT_CHAIN X509VerifyCertChain;=
=0D
+ EDKII_CRYPTO_X509_GET_CERT_FROM_CERT_CHAIN X509GetCertFromCertC=
hain;=0D
+ EDKII_CRYPTO_ASN1_GET_TAG Asn1GetTag;=0D
+ EDKII_CRYPTO_X509_GET_EXTENDED_BASIC_CONSTRAINTS X509GetExtendedBasic=
Constraints;=0D
};=0D
=0D
extern GUID gEdkiiCryptoProtocolGuid;=0D
--=20
2.26.2.windows.1

Join devel@edk2.groups.io to automatically receive all group messages.