<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:DengXian;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Segoe UI Emoji";
panose-1:2 11 5 2 4 2 4 2 2 3;}
@font-face
{font-family:"\@DengXian";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{mso-style-priority:99;
mso-style-link:"Plain Text Char";
margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.PlainTextChar
{mso-style-name:"Plain Text Char";
mso-style-priority:99;
mso-style-link:"Plain Text";
font-family:"Calibri",sans-serif;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle24
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1553495141;
mso-list-type:hybrid;
mso-list-template-ids:-1027940176 67698705 67698713 67698715 67698703 67698713 67698715 67698703 67698713 67698715;}
@list l0:level1
{mso-level-text:"%1\)";
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level2
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level4
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
@list l0:level7
{mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-number-format:alpha-lower;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Hi Mike<o:p></o:p></p>
<p class="MsoNormal">Good feedback and suggestion. I try to answer:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoListParagraph" style="margin-left:0in;mso-list:l0 level1 lfo1">We don’t have PCD to control SSL yet. Neither PcdOpensslEcEnabled nor PcdCryptoServiceFamilyEnable controls SSL.<o:p></o:p></li></ol>
<p class="MsoNormal">PcdOpensslEcEnabled controls the OPENSSL configuration.<o:p></o:p></p>
<p class="MsoNormal">PcdCryptoServiceFamilyEnable controls Crypto driver configuration.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">They are in different level.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<ol style="margin-top:0in" start="2" type="1">
<li class="MsoListParagraph" style="margin-left:0in;mso-list:l0 level1 lfo1">The PcdOpensslEcEnabled is to control if we need enable ECC MACRO for openssl.<o:p></o:p></li></ol>
<p class="MsoNormal">Please refer to <a href="https://github.com/tianocore/edk2/blob/master/CryptoPkg/Library/Include/openssl/opensslconf.h">
https://github.com/tianocore/edk2/blob/master/CryptoPkg/Library/Include/openssl/opensslconf.h</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<ol style="margin-top:0in" start="3" type="1">
<li class="MsoListParagraph" style="margin-left:0in;mso-list:l0 level1 lfo1">The base line of crypto set in openssl is controlled by
<a href="https://github.com/tianocore/edk2/blob/master/CryptoPkg/Library/Include/openssl/opensslconf_generated.h">
https://github.com/tianocore/edk2/blob/master/CryptoPkg/Library/Include/openssl/opensslconf_generated.h</a><o:p></o:p></li></ol>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Before we introduce ECC, we don’t have any PcdOpensslXXXEnabled.<o:p></o:p></p>
<p class="MsoNormal">However, when we need ECC capability for TLS, we faced the situation that the size of crypto library is increased dramatically. That impacts the existing platform.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">As such, the PcdOpensslEcEnabled is introduced to resolved the size issue, to control openssl MACRO such as OPENSSL_NO_EC.<o:p></o:p></p>
<p class="MsoNormal">We did tried reuse PcdCryptoServiceFamilyEnable. However, structure PCD solution does not work, which is confirmed with tool team.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<ol style="margin-top:0in" start="4" type="1">
<li class="MsoListParagraph" style="margin-left:0in;mso-list:l0 level1 lfo1">Yes, I agree with you that we should provide better documentation to describe the usage and interaction between PcdOpensslEcEnabled and PcdCryptoServiceFamilyEnable.EC.<o:p></o:p></li></ol>
<p class="MsoNormal">At least we should say: if PcdCryptoServiceFamilyEnable.EC is 1, then PcdOpensslEcEnabled must be TRUE.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hi Yi<o:p></o:p></p>
<p class="MsoNormal">Please follow Mike’s suggestion to add one more patch to address below feedback:<o:p></o:p></p>
<p class="MsoNormal">=================<o:p></o:p></p>
<p class="MsoNormal">Documenting these mappings in the CryptoPkg.dec file along with the PCD settings would<o:p></o:p></p>
<p class="MsoNormal">provide the information in one location for a platform developer to set the PCDs correctly<o:p></o:p></p>
<p class="MsoNormal">for their platform scoped FW features. Adding information about size impacts would<o:p></o:p></p>
<p class="MsoNormal">also be helpful for FW developers to select the right set of FW features for their platform<o:p></o:p></p>
<p class="MsoNormal">if they have FW size constraints.<o:p></o:p></p>
<p class="MsoNormal">=================<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thank you<o:p></o:p></p>
<p class="MsoNormal">Yao Jiewen<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Kinney, Michael D <michael.d.kinney@intel.com> <br>
<b>Sent:</b> Saturday, September 24, 2022 11:17 PM<br>
<b>To:</b> Yao, Jiewen <jiewen.yao@intel.com>; Li, Yi1 <yi1.li@intel.com>; devel@edk2.groups.io; Chen, Christine <yuwei.chen@intel.com>; Feng, Bob C <bob.c.feng@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com><br>
<b>Cc:</b> Wang, Jian J <jian.j.wang@intel.com>; Lu, Xiaoyu1 <xiaoyu1.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>; Luo, Heng <heng.luo@intel.com><br>
<b>Subject:</b> RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hi Jiewen,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Can you explain interaction with compiling SSL sources or not. There are 2 INFs a developer has to select from.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Also, just to clarify. I think you referring to the cyphers available through some of the openssl services.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">There is a baseline set of cyphers that were selected for FW use a long time ago. What is that baseline set?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Building the EC sources extends the set of cyphers available.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Some FW features depend on different sets of cyphers in the CryptLib<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Documenting these mappings in the CryptoPkg.dec file along with the PCD settings would<o:p></o:p></p>
<p class="MsoNormal">provide the information in one location for a platform developer to set the PCDs correctly<o:p></o:p></p>
<p class="MsoNormal">for their platform scoped FW features. Adding information about size impacts would<o:p></o:p></p>
<p class="MsoNormal">also be helpful for FW developers to select the right set of FW features for their platform<o:p></o:p></p>
<p class="MsoNormal">if they have FW size constraints.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I would like to see this documentation added and reviewed as part of the EC patch series.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Mike<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com">jiewen.yao@intel.com</a>>
<br>
<b>Sent:</b> Saturday, September 24, 2022 3:22 AM<br>
<b>To:</b> Li, Yi1 <<a href="mailto:yi1.li@intel.com">yi1.li@intel.com</a>>; Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com">michael.d.kinney@intel.com</a>>;
<a href="mailto:devel@edk2.groups.io">devel@edk2.groups.io</a>; Chen, Christine <<a href="mailto:yuwei.chen@intel.com">yuwei.chen@intel.com</a>>; Feng, Bob C <<a href="mailto:bob.c.feng@intel.com">bob.c.feng@intel.com</a>><br>
<b>Cc:</b> Wang, Jian J <<a href="mailto:jian.j.wang@intel.com">jian.j.wang@intel.com</a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com">xiaoyu1.lu@intel.com</a>>; Jiang, Guomin <<a href="mailto:guomin.jiang@intel.com">guomin.jiang@intel.com</a>>; Luo,
Heng <<a href="mailto:heng.luo@intel.com">heng.luo@intel.com</a>><br>
<b>Subject:</b> RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hi Mike<o:p></o:p></p>
<p class="MsoNormal">To clarify current situation: We support 3 different use cases:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">1) PcdOpensslEcEnabled = FALSE, PcdCryptoServiceFamilyEnable.Ec = FALSE<o:p></o:p></p>
<p class="MsoNormal">That means legacy platform. No ECC support at all.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">2) PcdOpensslEcEnabled = TRUE, PcdCryptoServiceFamilyEnable.Ec = FALSE<o:p></o:p></p>
<p class="MsoNormal">This means the platform need ECC in TLS. But no ECC is required in EDKII crypto service.<o:p></o:p></p>
<p class="MsoNormal">This is the first configuration to support ECC in surface use case.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">3) PcdOpensslEcEnabled = TRUE, PcdCryptoServiceFamilyEnable.Ec = TRUE<o:p></o:p></p>
<p class="MsoNormal">This means the platform need ECC in TLS. Also ECC is available in EDKII crypto service.<o:p></o:p></p>
<p class="MsoNormal">This is the first configuration to support ECC in BIOS to support WPA3, and SPDM in the future.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I think a platform developer should know its configuration and make right choice.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">For other crypto algorithm, we only have PcdCryptoServiceFamilyEnable.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">For PcdOpensslEcEnabled, it is newly added for size optimization, as we discussed before.<o:p></o:p></p>
<p class="MsoNormal">Base tool team was already involved in the design the solution, with the known limitation of structure PCD.<o:p></o:p></p>
<p class="MsoNormal">And that was tool team’s recommendation at that moment.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thank you<o:p></o:p></p>
<p class="MsoNormal">Yao, Jiewen<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Li, Yi1 <<a href="mailto:yi1.li@intel.com">yi1.li@intel.com</a>>
<br>
<b>Sent:</b> Saturday, September 24, 2022 11:44 AM<br>
<b>To:</b> Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com">michael.d.kinney@intel.com</a>>; Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com">jiewen.yao@intel.com</a>>;
<a href="mailto:devel@edk2.groups.io">devel@edk2.groups.io</a>; Chen, Christine <<a href="mailto:yuwei.chen@intel.com">yuwei.chen@intel.com</a>>; Feng, Bob C <<a href="mailto:bob.c.feng@intel.com">bob.c.feng@intel.com</a>><br>
<b>Cc:</b> Wang, Jian J <<a href="mailto:jian.j.wang@intel.com">jian.j.wang@intel.com</a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com">xiaoyu1.lu@intel.com</a>>; Jiang, Guomin <<a href="mailto:guomin.jiang@intel.com">guomin.jiang@intel.com</a>>; Luo,
Heng <<a href="mailto:heng.luo@intel.com">heng.luo@intel.com</a>><br>
<b>Subject:</b> RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoPlainText">Hi Mike,<o:p></o:p></p>
<p class="MsoPlainText">My bad missed this feedback <span style="font-family:"Segoe UI Emoji",sans-serif">
☹</span>, this important issue should be discussed as early as possible.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">The configuration of PcdCryptoServiceFamilyEnable seems obvious, and the developer may needs<o:p></o:p></p>
<p class="MsoPlainText">additional information about the source files config PCD to ensure that the service is enabled properly.
<o:p></o:p></p>
<p class="MsoPlainText">We can add the following table to the DSC file for reference.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">################################################################################<o:p></o:p></p>
<p class="MsoPlainText">#<o:p></o:p></p>
<p class="MsoPlainText"># Openssl Source Config Table <o:p></o:p></p>
<p class="MsoPlainText">#<o:p></o:p></p>
<p class="MsoPlainText">################################################################################<o:p></o:p></p>
<p class="MsoPlainText"># Note: To ensure crypto services are properly enabled, platform requires:<o:p></o:p></p>
<p class="MsoPlainText"># 1. Set gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.XX.Family<o:p></o:p></p>
<p class="MsoPlainText"># to PCD_CRYPTO_SERVICE_ENABLE_FAMILY,<o:p></o:p></p>
<p class="MsoPlainText"># OR set gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.XX.Services.X<o:p></o:p></p>
<p class="MsoPlainText"># to TRUE if only function X of Services XX needed.<o:p></o:p></p>
<p class="MsoPlainText"># 2. To optimize Crypto Driver binary size, source files of some crypto<o:p></o:p></p>
<p class="MsoPlainText"># services have been set to conditional. Additional PCD in below table should<o:p></o:p></p>
<p class="MsoPlainText"># be set to TRUE.<o:p></o:p></p>
<p class="MsoPlainText">#===============================================================================<o:p></o:p></p>
<p class="MsoPlainText">#| Crypto Service | Additional PCD |<o:p></o:p></p>
<p class="MsoPlainText">#===============================================================================<o:p></o:p></p>
<p class="MsoPlainText">#|TlsSet | gEfiCryptoPkgTokenSpaceGuid.PcdOpensslSslEnabled [TBD] |<o:p></o:p></p>
<p class="MsoPlainText">#|TlsGet | gEfiCryptoPkgTokenSpaceGuid.PcdOpensslSslEnabled [TBD] |<o:p></o:p></p>
<p class="MsoPlainText">#|Ec | gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled |<o:p></o:p></p>
<p class="MsoPlainText">#===============================================================================<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">Welcome basetools to provide better ways to optimize the use of PCD,<o:p></o:p></p>
<p class="MsoPlainText">but from the previous discussion it seems to take quite a long time,<o:p></o:p></p>
<p class="MsoPlainText">do you think we can merge the current patch first and then optimize it?<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">Thanks,<o:p></o:p></p>
<p class="MsoPlainText">Yi<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">-----Original Message-----<br>
From: Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com">michael.d.kinney@intel.com</a>>
<br>
Sent: Saturday, September 24, 2022 10:19 AM<br>
To: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com">jiewen.yao@intel.com</a>>; Li, Yi1 <<a href="mailto:yi1.li@intel.com">yi1.li@intel.com</a>>;
<a href="mailto:devel@edk2.groups.io">devel@edk2.groups.io</a>; Chen, Christine <<a href="mailto:yuwei.chen@intel.com">yuwei.chen@intel.com</a>>; Feng, Bob C <<a href="mailto:bob.c.feng@intel.com">bob.c.feng@intel.com</a>>; Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com">michael.d.kinney@intel.com</a>><br>
Cc: Wang, Jian J <<a href="mailto:jian.j.wang@intel.com">jian.j.wang@intel.com</a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com">xiaoyu1.lu@intel.com</a>>; Jiang, Guomin <<a href="mailto:guomin.jiang@intel.com">guomin.jiang@intel.com</a>>; Luo, Heng
<<a href="mailto:heng.luo@intel.com">heng.luo@intel.com</a>><br>
Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">Hi Jiewen,<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">My feedback on this topic back on 4/18/22 was never addressed and this PCD was added anyways.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText"> <a href="https://edk2.groups.io/g/devel/message/89019">
<span style="color:windowtext;text-decoration:none">https://edk2.groups.io/g/devel/message/89019</span></a><o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">My main concern at this point is how a platform developer knows how to configure these PCDs.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">When should PcdOpensslEcEnabled be set to TRUE? The name of the PCD implies that EC services<o:p></o:p></p>
<p class="MsoPlainText">are available, but that is not actually true. It only compiles the EC source files into<o:p></o:p></p>
<p class="MsoPlainText">the openssl lib.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">I think a developer has to enable other features in order to actually make use of the
<o:p></o:p></p>
<p class="MsoPlainText">content provided by those source files. Correct?<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">The other INF that adds the SSL files has the same issue. How does a developer know when<o:p></o:p></p>
<p class="MsoPlainText">to use the INF with the SSL files or not. And what features need to be enabled in order to use<o:p></o:p></p>
<p class="MsoPlainText">the content added by those SSL files. <o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">We have a number of services in the BaseCryptLib that can be enabled and disabled using<o:p></o:p></p>
<p class="MsoPlainText">the structured PCD gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">Can someone provide a table that shows each service from gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable<o:p></o:p></p>
<p class="MsoPlainText">and if the service is impacted by the inclusion of the ssl sources and/or the ec sources. If there is an impact,<o:p></o:p></p>
<p class="MsoPlainText">then describe the difference in the behavior for each of the 4 combinations of ssl and ec sources<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">Example:<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable SSL EC Description<o:p></o:p></p>
<p class="MsoPlainText">======================================================== ===== ===== ===========<o:p></o:p></p>
<p class="MsoPlainText">Sha256.Services.Init FALSE FALSE<o:p></o:p></p>
<p class="MsoPlainText">Sha256.Services.Init FALSE TRUE<o:p></o:p></p>
<p class="MsoPlainText">Sha256.Services.Init TRUE FALSE<o:p></o:p></p>
<p class="MsoPlainText">Sha256.Services.Init TRUE TRUE<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">If there is a shorter way to describe the impact at the family level or groups of families, then
<o:p></o:p></p>
<p class="MsoPlainText">that would be acceptable as well.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">I would prefer the ssl and ec sources from openssl be added/removed based on settings<o:p></o:p></p>
<p class="MsoPlainText">in the gEfiCryptoPkgTokenSpaceGuid.PcdCryptoServiceFamilyEnable. However, the feature<o:p></o:p></p>
<p class="MsoPlainText">flag expressions supported in INF files today do not support use of fields from<o:p></o:p></p>
<p class="MsoPlainText">structured PCDs. This needs to be discuss with the BaseTools owners to see if this<o:p></o:p></p>
<p class="MsoPlainText">would be difficult to support or not.<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">Thanks,<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">Mike<o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
<p class="MsoPlainText">> -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> From: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> Sent: Friday, September 23, 2022 3:40 PM<o:p></o:p></p>
<p class="MsoPlainText">> To: Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>>; Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>>;
<a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a>; Chen, Christine<o:p></o:p></p>
<p class="MsoPlainText">> <<a href="mailto:yuwei.chen@intel.com"><span style="color:windowtext;text-decoration:none">yuwei.chen@intel.com</span></a>>; Feng, Bob C <<a href="mailto:bob.c.feng@intel.com"><span style="color:windowtext;text-decoration:none">bob.c.feng@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> Cc: Wang, Jian J <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>;
Jiang, Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>>; Luo,<o:p></o:p></p>
<p class="MsoPlainText">> Heng <<a href="mailto:heng.luo@intel.com"><span style="color:windowtext;text-decoration:none">heng.luo@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> <o:p></o:p></p>
<p class="MsoPlainText">> Hi Mike<o:p></o:p></p>
<p class="MsoPlainText">> This has been investigated before, but we don’t have better solution than PcdOpensslEcEnabled.<o:p></o:p></p>
<p class="MsoPlainText">> <o:p></o:p></p>
<p class="MsoPlainText">> Given the fact that this PCD is introduced before (not in this patch set), do you think we can merge this first, then do<o:p></o:p></p>
<p class="MsoPlainText">> enhancement for PCD related stuff later?<o:p></o:p></p>
<p class="MsoPlainText">> <o:p></o:p></p>
<p class="MsoPlainText">> Or if you have any other idea, please let us know.<o:p></o:p></p>
<p class="MsoPlainText">> <o:p></o:p></p>
<p class="MsoPlainText">> Thank you<o:p></o:p></p>
<p class="MsoPlainText">> Yao Jiewen<o:p></o:p></p>
<p class="MsoPlainText">> <o:p></o:p></p>
<p class="MsoPlainText">> > -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> > From: Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > Sent: Friday, September 23, 2022 3:09 PM<o:p></o:p></p>
<p class="MsoPlainText">> > To: Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>>;<o:p></o:p></p>
<p class="MsoPlainText">> > <a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a>; Chen, Christine <<a href="mailto:yuwei.chen@intel.com"><span style="color:windowtext;text-decoration:none">yuwei.chen@intel.com</span></a>>;
Feng, Bob<o:p></o:p></p>
<p class="MsoPlainText">> > C <<a href="mailto:bob.c.feng@intel.com"><span style="color:windowtext;text-decoration:none">bob.c.feng@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > Cc: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>>; Wang, Jian J<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>;
Jiang,<o:p></o:p></p>
<p class="MsoPlainText">> > Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>>; Luo, Heng <<a href="mailto:heng.luo@intel.com"><span style="color:windowtext;text-decoration:none">heng.luo@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > Hi Mike,<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > I did make some attempts with it, but it doesn't work, two troubles here:<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > Bob and Yuwei, please point out if I'm wrong:<o:p></o:p></p>
<p class="MsoPlainText">> > 1. Using member of structure PCD in INF isn’t supported by Basetools<o:p></o:p></p>
<p class="MsoPlainText">> > currently,<o:p></o:p></p>
<p class="MsoPlainText">> > At least it cannot be used as FeatureFlag Expression.<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > 2. As far as I know, structure PCD actually is a const array in code,<o:p></o:p></p>
<p class="MsoPlainText">> > I afraid it will not work fine with precompile but we do have this need:<o:p></o:p></p>
<p class="MsoPlainText">> > #if !FixedPcdGetBool (PcdOpensslEcEnabled)<o:p></o:p></p>
<p class="MsoPlainText">> > # ifndef OPENSSL_NO_EC<o:p></o:p></p>
<p class="MsoPlainText">> > # define OPENSSL_NO_EC<o:p></o:p></p>
<p class="MsoPlainText">> > # endif<o:p></o:p></p>
<p class="MsoPlainText">> > #endif<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > This is really caused by the bad structure of openssl,<o:p></o:p></p>
<p class="MsoPlainText">> > maybe we use more detailed comments to remind developers to sync the<o:p></o:p></p>
<p class="MsoPlainText">> > two PCDs?<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > Thanks,<o:p></o:p></p>
<p class="MsoPlainText">> > Yi<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> > From: Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > Sent: Friday, September 23, 2022 1:25 PM<o:p></o:p></p>
<p class="MsoPlainText">> > To: Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>>;
<a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a>; Chen, Christine<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:yuwei.chen@intel.com"><span style="color:windowtext;text-decoration:none">yuwei.chen@intel.com</span></a>>; Feng, Bob C <<a href="mailto:bob.c.feng@intel.com"><span style="color:windowtext;text-decoration:none">bob.c.feng@intel.com</span></a>>;
Kinney,<o:p></o:p></p>
<p class="MsoPlainText">> > Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > Cc: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>>; Wang, Jian J<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>;
Jiang,<o:p></o:p></p>
<p class="MsoPlainText">> > Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > Hi Yi,<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > I agree there are some complex interactions in the opensll sources.<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > Since you are defining a family for EC, can we use the EC Family != 0 instead<o:p></o:p></p>
<p class="MsoPlainText">> > of<o:p></o:p></p>
<p class="MsoPlainText">> > PcdOpensslEcEnabled and remove PcdOpensslEcEnabled.<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > I want to make sure developers do not run into strange build failures if<o:p></o:p></p>
<p class="MsoPlainText">> > they do not keep the 2 different PCDs aligned. I prefer a single PCD<o:p></o:p></p>
<p class="MsoPlainText">> > setting to enable use of EC services.<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > I also noticed that the use of a PCD expression in an INF to select source<o:p></o:p></p>
<p class="MsoPlainText">> > files does not work if the PCD value is specified with the --pcd flag on<o:p></o:p></p>
<p class="MsoPlainText">> > the build command line. This looks like a significant bug with the PCD<o:p></o:p></p>
<p class="MsoPlainText">> > expression in an INF file. This also needs to be fixed.<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > Mike<o:p></o:p></p>
<p class="MsoPlainText">> ><o:p></o:p></p>
<p class="MsoPlainText">> > > -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> > > From: Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > Sent: Thursday, September 22, 2022 8:02 PM<o:p></o:p></p>
<p class="MsoPlainText">> > > To: Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>>;<o:p></o:p></p>
<p class="MsoPlainText">> > <a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a><o:p></o:p></p>
<p class="MsoPlainText">> > > Cc: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>>; Wang, Jian J<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>;
Jiang,<o:p></o:p></p>
<p class="MsoPlainText">> > > Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > Hi Mike,<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > 1. Yes, it matches.<o:p></o:p></p>
<p class="MsoPlainText">> > > By Intel side, 100+kb(20%+) FV size increase will be a big concern, please<o:p></o:p></p>
<p class="MsoPlainText">> > refer to another internal email.<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > 2. Additional size is coming from modules may consumed EC APIs, eg. TLS<o:p></o:p></p>
<p class="MsoPlainText">> > PEM X509 ...<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > If we added EC source to OpensslLib.inf and disabled macro<o:p></o:p></p>
<p class="MsoPlainText">> > OPENSSL_NO_EC, those modules will link EC APIs and increase binary<o:p></o:p></p>
<p class="MsoPlainText">> > > size,<o:p></o:p></p>
<p class="MsoPlainText">> > > This an example from x509/x_pubkey.c , other modules is similar:<o:p></o:p></p>
<p class="MsoPlainText">> > > #ifndef OPENSSL_NO_EC<o:p></o:p></p>
<p class="MsoPlainText">> > > EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long<o:p></o:p></p>
<p class="MsoPlainText">> > length)<o:p></o:p></p>
<p class="MsoPlainText">> > > {<o:p></o:p></p>
<p class="MsoPlainText">> > > EVP_PKEY *pkey;<o:p></o:p></p>
<p class="MsoPlainText">> > > EC_KEY *key = NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > //.... call EC functions<o:p></o:p></p>
<p class="MsoPlainText">> > > }<o:p></o:p></p>
<p class="MsoPlainText">> > > #endif<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > If we added EC source to OpensslLib.inf and enable macro<o:p></o:p></p>
<p class="MsoPlainText">> > OPENSSL_NO_EC, EC module will throw build error,<o:p></o:p></p>
<p class="MsoPlainText">> > > Since some EC internal APIs or structs have been disabled by<o:p></o:p></p>
<p class="MsoPlainText">> > OPENSSL_NO_EC but not another.<o:p></o:p></p>
<p class="MsoPlainText">> > > This an example from ec/ec_local.h , other error is similar:<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > #ifndef OPENSSL_NO_EC<o:p></o:p></p>
<p class="MsoPlainText">> > > typedef struct ec_group_st EC_GROUP;<o:p></o:p></p>
<p class="MsoPlainText">> > > typedef struct ec_point_st EC_POINT;<o:p></o:p></p>
<p class="MsoPlainText">> > > #endif<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > // but this function not been enclosed by OPENSSL_NO_EC, and will<o:p></o:p></p>
<p class="MsoPlainText">> > throw build error<o:p></o:p></p>
<p class="MsoPlainText">> > > int (*point_set_Jprojective_coordinates_GFp) (const EC_GROUP *,<o:p></o:p></p>
<p class="MsoPlainText">> > > EC_POINT *, const BIGNUM *x,<o:p></o:p></p>
<p class="MsoPlainText">> > > const BIGNUM *y,<o:p></o:p></p>
<p class="MsoPlainText">> > > const BIGNUM *z, BN_CTX *);<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > To avoid this annoying openssl error, we introduced conditional EC.<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > Thanks,<o:p></o:p></p>
<p class="MsoPlainText">> > > Yi<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> > > From: Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > Sent: Friday, September 23, 2022 6:47 AM<o:p></o:p></p>
<p class="MsoPlainText">> > > To: Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>>;
<a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a>; Kinney, Michael D<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > Cc: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>>; Wang, Jian J<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>;
Jiang,<o:p></o:p></p>
<p class="MsoPlainText">> > > Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > Hi Yi,<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > I agree EC is an important feature.<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > I did some analysis of the size impact to the CryptoPkg modules on<o:p></o:p></p>
<p class="MsoPlainText">> > current trunk<o:p></o:p></p>
<p class="MsoPlainText">> > > with EC on and off. Uncompressed size is important for PEI Phase. For<o:p></o:p></p>
<p class="MsoPlainText">> > DXE and<o:p></o:p></p>
<p class="MsoPlainText">> > > SMM phase, the Crypto services can always be compressed. From the<o:p></o:p></p>
<p class="MsoPlainText">> > table below,<o:p></o:p></p>
<p class="MsoPlainText">> > > building all the EC services in the OpensslLib has no size impact to the<o:p></o:p></p>
<p class="MsoPlainText">> > NONE<o:p></o:p></p>
<p class="MsoPlainText">> > > profile and the MIN_PEI profile. It has ~105 KB impact to compressed<o:p></o:p></p>
<p class="MsoPlainText">> > DXE/SMM<o:p></o:p></p>
<p class="MsoPlainText">> > > usages that may use the MIN_DXE_MIN_SMM or ALL profiles.<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > Uncompressed LZMA Compressed<o:p></o:p></p>
<p class="MsoPlainText">> > > CPU CRYPTO_SERVICES Module EC=FALSE EC=TRUE EC=FALSE<o:p></o:p></p>
<p class="MsoPlainText">> > EC=TRUE Increase<o:p></o:p></p>
<p class="MsoPlainText">> > > ==== =============== ======== ======== ======= ========<o:p></o:p></p>
<p class="MsoPlainText">> > ======= ========<o:p></o:p></p>
<p class="MsoPlainText">> > > IA32 NONE CryptoPei 21536 21568 0 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > IA32 NONE CryptoDxe 21632 21696 0 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > IA32 NONE CryptoSmm 22976 23072 0 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > IA32 MIN_PEI CryptoPei 248992 249120 0 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > IA32 MIN_DXE_MIN_SMM CryptoDxe 636672 829568 288520<o:p></o:p></p>
<p class="MsoPlainText">> > 401034 113 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > IA32 MIN_DXE_MIN_SMM CryptoSmm 426048 601472 191517<o:p></o:p></p>
<p class="MsoPlainText">> > 296022 105 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > IA32 ALL CryptoPei 423840 598976 189047 293759 104<o:p></o:p></p>
<p class="MsoPlainText">> > KB<o:p></o:p></p>
<p class="MsoPlainText">> > > IA32 ALL CryptoDxe 645280 838144 292955 405277 113<o:p></o:p></p>
<p class="MsoPlainText">> > KB<o:p></o:p></p>
<p class="MsoPlainText">> > > IA32 ALL CryptoSmm 441888 617184 198779 303628 105<o:p></o:p></p>
<p class="MsoPlainText">> > KB<o:p></o:p></p>
<p class="MsoPlainText">> > > X64 NONE CryptoPei 29632 29664 0 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > X64 NONE CryptoDxe 29792 29792 0 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > X64 NONE CryptoSmm 31296 31296 0 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > X64 MIN_PEI CryptoPei 310784 310848 0 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > X64 MIN_DXE_MIN_SMM CryptoDxe 804288 1016256 311436<o:p></o:p></p>
<p class="MsoPlainText">> > 426596 115 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > X64 MIN_DXE_MIN_SMM CryptoSmm 543776 733920 204483<o:p></o:p></p>
<p class="MsoPlainText">> > 310775 106 KB<o:p></o:p></p>
<p class="MsoPlainText">> > > X64 ALL CryptoPei 540384 730240 202494 308467 106<o:p></o:p></p>
<p class="MsoPlainText">> > KB<o:p></o:p></p>
<p class="MsoPlainText">> > > X64 ALL CryptoDxe 815392 1027296 316228 431321 115<o:p></o:p></p>
<p class="MsoPlainText">> > KB<o:p></o:p></p>
<p class="MsoPlainText">> > > X64 ALL CryptoSmm 563648 753696 213488 319644 106<o:p></o:p></p>
<p class="MsoPlainText">> > KB<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > NOTE: Even if multiple modules in an FV use static linking of Crypto libs, if<o:p></o:p></p>
<p class="MsoPlainText">> > the<o:p></o:p></p>
<p class="MsoPlainText">> > > entire FV is compressed, the total size impact is typically the size of a<o:p></o:p></p>
<p class="MsoPlainText">> > > single instance of a compressed CryptoLib. The sizes of the Crypto*<o:p></o:p></p>
<p class="MsoPlainText">> > modules<o:p></o:p></p>
<p class="MsoPlainText">> > > in the table above should be a close approximation of the size impact<o:p></o:p></p>
<p class="MsoPlainText">> > to a<o:p></o:p></p>
<p class="MsoPlainText">> > > single FV.<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > Does this match your previous size analysis?<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > The critical issue to evaluate here is why adding the EC sources to<o:p></o:p></p>
<p class="MsoPlainText">> > OpensllLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > causes the modules that do not use any EC services to grow by ~105KB.<o:p></o:p></p>
<p class="MsoPlainText">> > Has any<o:p></o:p></p>
<p class="MsoPlainText">> > > detailed analysis of the final linked images been performed to see where<o:p></o:p></p>
<p class="MsoPlainText">> > this<o:p></o:p></p>
<p class="MsoPlainText">> > > additional size is coming from?<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > Thanks,<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > Mike<o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> > > > From: Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > Sent: Thursday, September 22, 2022 5:54 AM<o:p></o:p></p>
<p class="MsoPlainText">> > > > To: Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>>;<o:p></o:p></p>
<p class="MsoPlainText">> > <a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a>; Kishore, Shelly <<a href="mailto:shelly.kishore@intel.com"><span style="color:windowtext;text-decoration:none">shelly.kishore@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > Cc: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>>; Wang, Jian J<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>;
Jiang,<o:p></o:p></p>
<p class="MsoPlainText">> > > > Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > Hi Mike,<o:p></o:p></p>
<p class="MsoPlainText">> > > > I have did some POC that seems existed structured PCD is hard to<o:p></o:p></p>
<p class="MsoPlainText">> > control binary size,<o:p></o:p></p>
<p class="MsoPlainText">> > > > Here is the previous discussion for reference.<o:p></o:p></p>
<p class="MsoPlainText">> > > > <a href="https://bugzilla.tianocore.org/show_bug.cgi?id=3679">
<span style="color:windowtext;text-decoration:none">https://bugzilla.tianocore.org/show_bug.cgi?id=3679</span></a><o:p></o:p></p>
<p class="MsoPlainText">> > > > <a href="https://edk2.groups.io/g/devel/topic/86257810#81814">
<span style="color:windowtext;text-decoration:none">https://edk2.groups.io/g/devel/topic/86257810#81814</span></a><o:p></o:p></p>
<p class="MsoPlainText">> > > > <a href="https://bugzilla.tianocore.org/show_bug.cgi?id=1446">
<span style="color:windowtext;text-decoration:none">https://bugzilla.tianocore.org/show_bug.cgi?id=1446</span></a><o:p></o:p></p>
<p class="MsoPlainText">> > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > Anyway EC is an important feature which consumed by vary modern<o:p></o:p></p>
<p class="MsoPlainText">> > security features such WPA3 , SPDM, TLS1.3 etc.<o:p></o:p></p>
<p class="MsoPlainText">> > > > Hope it can be added to edk2, and I am glad to take the code and test<o:p></o:p></p>
<p class="MsoPlainText">> > work if there are other ways to control the size.<o:p></o:p></p>
<p class="MsoPlainText">> > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > Thanks,<o:p></o:p></p>
<p class="MsoPlainText">> > > > Yi<o:p></o:p></p>
<p class="MsoPlainText">> > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> > > > From: Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > Sent: Thursday, September 22, 2022 11:56 AM<o:p></o:p></p>
<p class="MsoPlainText">> > > > To: Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>>;
<a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a>; Kishore, Shelly<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:shelly.kishore@intel.com"><span style="color:windowtext;text-decoration:none">shelly.kishore@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > Cc: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>>; Wang, Jian J<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>;
Jiang,<o:p></o:p></p>
<p class="MsoPlainText">> > > > Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > That change to OpensslLib.inf should not have been done either.<o:p></o:p></p>
<p class="MsoPlainText">> > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > Looks like this EC feature needs more evaluation to fit into the<o:p></o:p></p>
<p class="MsoPlainText">> > > > structured PCD control of the lib sizes.<o:p></o:p></p>
<p class="MsoPlainText">> > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > Mike<o:p></o:p></p>
<p class="MsoPlainText">> > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> > > > > From: Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Sent: Wednesday, September 21, 2022 7:16 PM<o:p></o:p></p>
<p class="MsoPlainText">> > > > > To: Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>>;<o:p></o:p></p>
<p class="MsoPlainText">> > <a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Cc: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>>; Wang, Jian J<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>;
Jiang,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Hi Mike,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > Thanks for review.<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Even PCD_CRYPTO_SERVICE_FAMILY_ENABLE is set to 0, CryptoEc.c<o:p></o:p></p>
<p class="MsoPlainText">> > will also be compiled and throw build error:<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > d:\workspace\tianocore\edk2\CryptoPkg\Library\BaseCryptLib\Pk\CryptEc.<o:p></o:p></p>
<p class="MsoPlainText">> > c(77): error C2220: the following warning is treated<o:p></o:p></p>
<p class="MsoPlainText">> > > > as<o:p></o:p></p>
<p class="MsoPlainText">> > > > > an error<o:p></o:p></p>
<p class="MsoPlainText">> > > > > 1 file(s) copied.<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > d:\workspace\tianocore\edk2\CryptoPkg\Library\BaseCryptLib\Pk\CryptEc.<o:p></o:p></p>
<p class="MsoPlainText">> > c(77): warning C4013: 'EC_GROUP_new_by_curve_name'<o:p></o:p></p>
<p class="MsoPlainText">> > > > > undefined; assuming extern returning int<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > d:\workspace\tianocore\edk2\CryptoPkg\Library\BaseCryptLib\Pk\CryptEc.<o:p></o:p></p>
<p class="MsoPlainText">> > c(77): warning C4047: 'return': 'void *' differs in<o:p></o:p></p>
<p class="MsoPlainText">> > > > > levels of indirection from 'int'<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > d:\workspace\tianocore\edk2\CryptoPkg\Library\BaseCryptLib\Pk\CryptEc.<o:p></o:p></p>
<p class="MsoPlainText">> > c(105): warning C4013: 'EC_GROUP_get_curve'<o:p></o:p></p>
<p class="MsoPlainText">> > > undefined;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > assuming extern returning int<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > I think the root cause is that we have enabled conditional ec in<o:p></o:p></p>
<p class="MsoPlainText">> > OpensslLib.inf before by PcdOpensslEcEnabled,<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > ><o:p></o:p></p>
<p class="MsoPlainText">> > ><o:p></o:p></p>
<p class="MsoPlainText">> > <a href="https://github.com/tianocore/edk2/blob/2c17d676e402d75a3a67449934">
<span style="color:windowtext;text-decoration:none">https://github.com/tianocore/edk2/blob/2c17d676e402d75a3a67449934</span></a><o:p></o:p></p>
<p class="MsoPlainText">> > 2f7ddaccf387bd/CryptoPkg/Library/OpensslLib/OpensslLib.inf#L2<o:p></o:p></p>
<p class="MsoPlainText">> > > > > 02-L238<o:p></o:p></p>
<p class="MsoPlainText">> > > > > if PcdOpensslEcEnabled not true, all ec files will not be compiled.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > This will save 200+kb memory on platforms which use dxe driver but<o:p></o:p></p>
<p class="MsoPlainText">> > do not need ec feature.<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > So I add this PCD to BaseCryptLib.inf also to avoid build error, Not<o:p></o:p></p>
<p class="MsoPlainText">> > sure if there is any other way, other better ideas<o:p></o:p></p>
<p class="MsoPlainText">> > > are<o:p></o:p></p>
<p class="MsoPlainText">> > > > > welcome.<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Thanks,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > Yi<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> > > > > From: Kinney, Michael D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Sent: Thursday, September 22, 2022 12:22 AM<o:p></o:p></p>
<p class="MsoPlainText">> > > > > To: <a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a>; Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>>;
Kinney, Michael<o:p></o:p></p>
<p class="MsoPlainText">> > D <<a href="mailto:michael.d.kinney@intel.com"><span style="color:windowtext;text-decoration:none">michael.d.kinney@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Cc: Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>>; Wang, Jian J<o:p></o:p></p>
<p class="MsoPlainText">> > <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1 <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>;
Jiang,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Subject: RE: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Comments embedded below.<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > Mike<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > -----Original Message-----<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > From: <a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a> <<a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a>>
On Behalf Of<o:p></o:p></p>
<p class="MsoPlainText">> > yi1 li<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Sent: Tuesday, September 20, 2022 9:55 PM<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > To: <a href="mailto:devel@edk2.groups.io"><span style="color:windowtext;text-decoration:none">devel@edk2.groups.io</span></a><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Cc: Li, Yi1 <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>>; Yao, Jiewen <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>>;<o:p></o:p></p>
<p class="MsoPlainText">> > Wang, Jian J <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>>; Lu, Xiaoyu1<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>>; Jiang, Guomin <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Subject: [edk2-devel] [PATCH V2 1/3] CryptoPkg: Add EC support<o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > REF: <a href="https://bugzilla.tianocore.org/show_bug.cgi?id=3828">
<span style="color:windowtext;text-decoration:none">https://bugzilla.tianocore.org/show_bug.cgi?id=3828</span></a><o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > This patch is used to add CryptEc library, which is wrapped<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > over OpenSSL.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Cc: Jiewen Yao <<a href="mailto:jiewen.yao@intel.com"><span style="color:windowtext;text-decoration:none">jiewen.yao@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Cc: Jian J Wang <<a href="mailto:jian.j.wang@intel.com"><span style="color:windowtext;text-decoration:none">jian.j.wang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Cc: Xiaoyu Lu <<a href="mailto:xiaoyu1.lu@intel.com"><span style="color:windowtext;text-decoration:none">xiaoyu1.lu@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Cc: Guomin Jiang <<a href="mailto:guomin.jiang@intel.com"><span style="color:windowtext;text-decoration:none">guomin.jiang@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Signed-off-by: Yi Li <<a href="mailto:yi1.li@intel.com"><span style="color:windowtext;text-decoration:none">yi1.li@intel.com</span></a>><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > ---<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > CryptoPkg/Include/Library/BaseCryptLib.h | 424 ++++++++++<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > .../Library/BaseCryptLib/BaseCryptLib.inf | 2 +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > .../Library/BaseCryptLib/PeiCryptLib.inf | 1 +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c | 765<o:p></o:p></p>
<p class="MsoPlainText">> > ++++++++++++++++++<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > .../Library/BaseCryptLib/Pk/CryptEcNull.c | 496 ++++++++++++<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > .../Library/BaseCryptLib/SmmCryptLib.inf | 1 +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > .../BaseCryptLibNull/BaseCryptLibNull.inf | 1 +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > .../Library/BaseCryptLibNull/Pk/CryptEcNull.c | 496 ++++++++++++<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > 8 files changed, 2186 insertions(+)<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > create mode 100644<o:p></o:p></p>
<p class="MsoPlainText">> > CryptoPkg/Library/BaseCryptLib/Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > create mode 100644<o:p></o:p></p>
<p class="MsoPlainText">> > CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h<o:p></o:p></p>
<p class="MsoPlainText">> > b/CryptoPkg/Include/Library/BaseCryptLib.h<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > index b253923dd8..d74fc21c1e 100644<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > --- a/CryptoPkg/Include/Library/BaseCryptLib.h<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > @@ -14,6 +14,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent<o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > #include <Uefi/UefiBaseType.h><o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#define CRYPTO_NID_NULL 0x0000<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +// Key Exchange<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#define CRYPTO_NID_SECP256R1 0x0204<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#define CRYPTO_NID_SECP384R1 0x0205<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#define CRYPTO_NID_SECP521R1 0x0206<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > ///<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > /// MD5 digest size in bytes<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > ///<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > @@ -2850,4 +2857,421 @@ BigNumAddMod (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > OUT VOID *BnRes<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +//<o:p></o:p></p>
<p class="MsoPlainText">> > ==========================================================<o:p></o:p></p>
<p class="MsoPlainText">> > ===========================<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +// Basic Elliptic Curve Primitives<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +//<o:p></o:p></p>
<p class="MsoPlainText">> > ==========================================================<o:p></o:p></p>
<p class="MsoPlainText">> > ===========================<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Initialize new opaque EcGroup object. This object represents an EC<o:p></o:p></p>
<p class="MsoPlainText">> > curve and<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + and is used for calculation within this group. This object should be<o:p></o:p></p>
<p class="MsoPlainText">> > freed<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + using EcGroupFree() function.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] CryptoNid Identifying number for the ECC curve<o:p></o:p></p>
<p class="MsoPlainText">> > (Defined in<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BaseCryptLib.h).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval EcGroup object On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval NULL On failure.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN CryptoNid<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC curve parameters. While elliptic curve equation is Y^2 mod<o:p></o:p></p>
<p class="MsoPlainText">> > P = (X^3 + AX + B) Mod P.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number objects to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values. The caller needs to make sure all the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameters<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + are properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnPrime Group prime number.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnA A coefficient.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnB B coefficient.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupGetCurve (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnPrime,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC group order.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number object to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + value. The caller needs to make sure that the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameter<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + is properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnOrder Group prime number.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupGetOrder (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnOrder<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Free previously allocated EC group object using EcGroupInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object to free.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupFree (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcGroup<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Initialize new opaque EC Point object. This object represents an EC<o:p></o:p></p>
<p class="MsoPlainText">> > point<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + within the given EC group (curve).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EC Group, properly initialized using EcGroupInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval EC Point object On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval NULL On failure.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Free previously allocated EC Point object using EcPointInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point to free.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] Clear TRUE iff the memory should be cleared.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointDeInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN BOOLEAN Clear<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC point affine (x,y) coordinates.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number objects to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values. The caller needs to make sure all the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameters<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + are properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnY Y coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointGetAffineCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Set EC point affine (x,y) coordinates.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnY Y coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointSetAffineCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC Point addition. EcPointResult = EcPointA + EcPointB.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] EcPointResult EC point to hold the result. The<o:p></o:p></p>
<p class="MsoPlainText">> > point should<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + be properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointA EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointB EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointAdd (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *EcPointResult,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Variable EC point multiplication. EcPointResult = EcPoint *<o:p></o:p></p>
<p class="MsoPlainText">> > BnPScalar.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] EcPointResult EC point to hold the result. The<o:p></o:p></p>
<p class="MsoPlainText">> > point should<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + be properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnPScalar P Scalar.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointMul (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *EcPointResult,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnPScalar,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Calculate the inverse of the supplied EC point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in,out] EcPoint EC point to invert.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointInvert (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if the supplied point is on EC curve.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point to check.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On curve.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointIsOnCurve (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if the supplied point is at infinity.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point to check.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE At infinity.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointIsAtInfinity (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if EC points are equal.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointA EC point A.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointB EC point B.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE A == B.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointEqual (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Set EC point compressed coordinates. Points can be described in<o:p></o:p></p>
<p class="MsoPlainText">> > terms of<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + their compressed coordinates. For a point (x, y), for any given<o:p></o:p></p>
<p class="MsoPlainText">> > value for x<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + such that the point is on the curve there will only ever be two<o:p></o:p></p>
<p class="MsoPlainText">> > possible<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values for y. Therefore, a point can be set using this function<o:p></o:p></p>
<p class="MsoPlainText">> > where BnX is<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + the x coordinate and YBit is a value 0 or 1 to identify which of the<o:p></o:p></p>
<p class="MsoPlainText">> > two<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + possible values for y should be used.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] YBit 0 or 1 to identify which Y value is used.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointSetCompressedCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINT8 YBit,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +//<o:p></o:p></p>
<p class="MsoPlainText">> > ==========================================================<o:p></o:p></p>
<p class="MsoPlainText">> > ===========================<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +// Elliptic Curve Diffie Hellman Primitives<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +//<o:p></o:p></p>
<p class="MsoPlainText">> > ==========================================================<o:p></o:p></p>
<p class="MsoPlainText">> > ===========================<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Allocates and Initializes one Elliptic Curve Context for subsequent<o:p></o:p></p>
<p class="MsoPlainText">> > use<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + with the NID.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] Nid cipher NID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @return Pointer to the Elliptic Curve Context that has been<o:p></o:p></p>
<p class="MsoPlainText">> > initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If the allocations fails, EcNewByNid() returns NULL.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcNewByNid (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN Nid<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Release the specified EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcContext Pointer to the EC context to be released.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcFree (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcContext<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Generates EC key and returns EC public key (X, Y), Please note,<o:p></o:p></p>
<p class="MsoPlainText">> > this function uses<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + pseudo random number generator. The caller must make sure<o:p></o:p></p>
<p class="MsoPlainText">> > RandomSeed()<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + function was properly called before.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + The Ec context should be correctly initialized by EcNewByNid.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function generates random secret, and computes the public<o:p></o:p></p>
<p class="MsoPlainText">> > key (X, Y), which is<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + returned via parameter Public, PublicSize.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + X is the first half of Public with size being PublicSize / 2,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Y is the second half of Public with size being PublicSize / 2.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC context is updated accordingly.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If the Public buffer is too small to hold the public X, Y, FALSE is<o:p></o:p></p>
<p class="MsoPlainText">> > returned and<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + PublicSize is set to the required buffer size to obtain the public X,<o:p></o:p></p>
<p class="MsoPlainText">> > Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If EcContext is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PublicSize is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PublicSize is large enough but Public is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to the EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] PublicKey Pointer to t buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] PublicKeySize On input, the size of Public buffer<o:p></o:p></p>
<p class="MsoPlainText">> > in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Public<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC public X,Y generation succeeded.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE EC public X,Y generation failed.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE PublicKeySize is not large enough.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGenerateKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *PublicKey,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *PublicKeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Gets the public key component from the established EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + The Ec context should be correctly initialized by EcNewByNid, and<o:p></o:p></p>
<p class="MsoPlainText">> > successfully<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + generate key pair from EcGenerateKey().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to EC context being set.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] PublicKey Pointer to t buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] PublicKeySize On input, the size of Public buffer<o:p></o:p></p>
<p class="MsoPlainText">> > in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Public<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC key component was retrieved successfully.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Invalid EC key component.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGetPubKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *PublicKey,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *PublicKeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Computes exchanged common key.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Given peer's public key (X, Y), this function computes the<o:p></o:p></p>
<p class="MsoPlainText">> > exchanged common key,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + based on its own context including value of curve parameter and<o:p></o:p></p>
<p class="MsoPlainText">> > random secret.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + X is the first half of PeerPublic with size being PeerPublicSize / 2,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Y is the second half of PeerPublic with size being PeerPublicSize /<o:p></o:p></p>
<p class="MsoPlainText">> > 2.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If EcContext is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PeerPublic is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PeerPublicSize is 0, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If Key is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If KeySize is not large enough, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to the EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] PeerPublic Pointer to the peer's public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] PeerPublicSize Size of peer's public X,Y in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] CompressFlag Flag of PeerPublic is<o:p></o:p></p>
<p class="MsoPlainText">> > compressed or not.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] Key Pointer to the buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated key.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] KeySize On input, the size of Key buffer in<o:p></o:p></p>
<p class="MsoPlainText">> > bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Key<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC exchanged key generation succeeded.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE EC exchanged key generation failed.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE KeySize is not large enough.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcDhComputeKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST UINT8 *PeerPublic,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN PeerPublicSize,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST INT32 *CompressFlag,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *Key,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *KeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + );<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > #endif // __BASE_CRYPT_LIB_H__<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > index 9e4be2fb0d..ade6ee3fdd 100644<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > @@ -52,6 +52,8 @@<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptTs.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptRsaPss.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptRsaPssSign.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > |*|*|*|!gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Pk/CryptEc.c<o:p></o:p></p>
<p class="MsoPlainText">> > |*|*|*|gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > The use of the PCD to select the file should not be needed here. The<o:p></o:p></p>
<p class="MsoPlainText">> > > > > Ec Family and individual service enable/disable fields in the<o:p></o:p></p>
<p class="MsoPlainText">> > > > > PCD_CRYPTO_SERVICE_FAMILY_ENABLE structured PCD are all that is<o:p></o:p></p>
<p class="MsoPlainText">> > needed to<o:p></o:p></p>
<p class="MsoPlainText">> > > > > disable the Ec services.<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > The PCD gEfiCryptoPkgTokenSpaceGuid.PcdOpensslEcEnabled should<o:p></o:p></p>
<p class="MsoPlainText">> > be removed<o:p></o:p></p>
<p class="MsoPlainText">> > > > > completely as part of this patch series.<o:p></o:p></p>
<p class="MsoPlainText">> > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pem/CryptPem.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Bn/CryptBn.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > index 65ad23fb81..383df2b23c 100644<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > --- a/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > @@ -58,6 +58,7 @@<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptTsNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptRsaPss.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptRsaPssSignNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pem/CryptPemNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Rand/CryptRandNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Bn/CryptBnNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c<o:p></o:p></p>
<p class="MsoPlainText">> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > new file mode 100644<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > index 0000000000..396c819834<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > --- /dev/null<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > @@ -0,0 +1,765 @@<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/** @file<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Elliptic Curve and ECDH API implementation based on OpenSSL<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + SPDX-License-Identifier: BSD-2-Clause-Patent<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#include "InternalCryptLib.h"<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#include <openssl/objects.h><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#include <openssl/bn.h><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#include <openssl/ec.h><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +//<o:p></o:p></p>
<p class="MsoPlainText">> > ==========================================================<o:p></o:p></p>
<p class="MsoPlainText">> > ===========================<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +// Basic Elliptic Curve Primitives<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +//<o:p></o:p></p>
<p class="MsoPlainText">> > ==========================================================<o:p></o:p></p>
<p class="MsoPlainText">> > ===========================<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Return the Nid of certain ECC curve.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] CryptoNid Identifying number for the ECC curve<o:p></o:p></p>
<p class="MsoPlainText">> > (Defined in<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BaseCryptLib.h).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval !=-1 On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval -1 ECC curve not supported.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +STATIC<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +INT32<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +CryptoNidToOpensslNid (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN CryptoNid<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + INT32 Nid;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + switch (CryptoNid) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + case CRYPTO_NID_SECP256R1:<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Nid = NID_X9_62_prime256v1;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + break;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + case CRYPTO_NID_SECP384R1:<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Nid = NID_secp384r1;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + break;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + case CRYPTO_NID_SECP521R1:<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Nid = NID_secp521r1;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + break;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + default:<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return -1;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return Nid;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Initialize new opaque EcGroup object. This object represents an EC<o:p></o:p></p>
<p class="MsoPlainText">> > curve and<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + and is used for calculation within this group. This object should be<o:p></o:p></p>
<p class="MsoPlainText">> > freed<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + using EcGroupFree() function.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] CryptoNid Identifying number for the ECC curve<o:p></o:p></p>
<p class="MsoPlainText">> > (Defined in<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BaseCryptLib.h).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval EcGroup object On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval NULL On failure.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN CryptoNid<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + INT32 Nid;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Nid = CryptoNidToOpensslNid (CryptoNid);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (Nid < 0) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return EC_GROUP_new_by_curve_name (Nid);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC curve parameters. While elliptic curve equation is Y^2 mod<o:p></o:p></p>
<p class="MsoPlainText">> > P = (X^3 + AX + B) Mod P.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number objects to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values. The caller needs to make sure all the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameters<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + are properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnPrime Group prime number.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnA A coefficient.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnB B coefficient..<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupGetCurve (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnPrime,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return (BOOLEAN)EC_GROUP_get_curve (EcGroup, BnPrime, BnA,<o:p></o:p></p>
<p class="MsoPlainText">> > BnB, BnCtx);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC group order.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number object to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + value. The caller needs to make sure that the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameter<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + is properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnOrder Group prime number.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupGetOrder (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnOrder<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return (BOOLEAN)EC_GROUP_get_order (EcGroup, BnOrder,<o:p></o:p></p>
<p class="MsoPlainText">> > NULL);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Free previously allocated EC group object using EcGroupInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object to free.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupFree (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcGroup<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_GROUP_free (EcGroup);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Initialize new opaque EC Point object. This object represents an EC<o:p></o:p></p>
<p class="MsoPlainText">> > point<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + within the given EC group (curve).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EC Group, properly initialized using EcGroupInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval EC Point object On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval NULL On failure.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return EC_POINT_new (EcGroup);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Free previously allocated EC Point object using EcPointInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point to free.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] Clear TRUE iff the memory should be cleared.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointDeInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN BOOLEAN Clear<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (Clear) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_POINT_clear_free (EcPoint);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + } else {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_POINT_free (EcPoint);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC point affine (x,y) coordinates.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number objects to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values. The caller needs to make sure all the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameters<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + are properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnY Y coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointGetAffineCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return (BOOLEAN)EC_POINT_get_affine_coordinates (EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > EcPoint, BnX, BnY, BnCtx);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Set EC point affine (x,y) coordinates.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnY Y coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointSetAffineCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return (BOOLEAN)EC_POINT_set_affine_coordinates (EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > EcPoint, BnX, BnY, BnCtx);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC Point addition. EcPointResult = EcPointA + EcPointB.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] EcPointResult EC point to hold the result. The<o:p></o:p></p>
<p class="MsoPlainText">> > point should<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + be properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointA EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointB EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointAdd (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *EcPointResult,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return (BOOLEAN)EC_POINT_add (EcGroup, EcPointResult,<o:p></o:p></p>
<p class="MsoPlainText">> > EcPointA, EcPointB, BnCtx);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Variable EC point multiplication. EcPointResult = EcPoint *<o:p></o:p></p>
<p class="MsoPlainText">> > BnPScalar.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] EcPointResult EC point to hold the result. The<o:p></o:p></p>
<p class="MsoPlainText">> > point should<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + be properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnPScalar P Scalar.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointMul (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *EcPointResult,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnPScalar,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return (BOOLEAN)EC_POINT_mul (EcGroup, EcPointResult, NULL,<o:p></o:p></p>
<p class="MsoPlainText">> > EcPoint, BnPScalar, BnCtx);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Calculate the inverse of the supplied EC point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in,out] EcPoint EC point to invert.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointInvert (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return (BOOLEAN)EC_POINT_invert (EcGroup, EcPoint, BnCtx);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if the supplied point is on EC curve.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point to check.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On curve.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointIsOnCurve (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return EC_POINT_is_on_curve (EcGroup, EcPoint, BnCtx) == 1;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if the supplied point is at infinity.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point to check.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE At infinity.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointIsAtInfinity (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return EC_POINT_is_at_infinity (EcGroup, EcPoint) == 1;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if EC points are equal.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointA EC point A.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointB EC point B.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE A == B.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointEqual (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return EC_POINT_cmp (EcGroup, EcPointA, EcPointB, BnCtx) == 0;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Set EC point compressed coordinates. Points can be described in<o:p></o:p></p>
<p class="MsoPlainText">> > terms of<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + their compressed coordinates. For a point (x, y), for any given<o:p></o:p></p>
<p class="MsoPlainText">> > value for x<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + such that the point is on the curve there will only ever be two<o:p></o:p></p>
<p class="MsoPlainText">> > possible<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values for y. Therefore, a point can be set using this function<o:p></o:p></p>
<p class="MsoPlainText">> > where BnX is<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + the x coordinate and YBit is a value 0 or 1 to identify which of the<o:p></o:p></p>
<p class="MsoPlainText">> > two<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + possible values for y should be used.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] YBit 0 or 1 to identify which Y value is used.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointSetCompressedCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINT8 YBit,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return (BOOLEAN)EC_POINT_set_compressed_coordinates<o:p></o:p></p>
<p class="MsoPlainText">> > (EcGroup, EcPoint, BnX, YBit, BnCtx);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +//<o:p></o:p></p>
<p class="MsoPlainText">> > ==========================================================<o:p></o:p></p>
<p class="MsoPlainText">> > ===========================<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +// Elliptic Curve Diffie Hellman Primitives<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +//<o:p></o:p></p>
<p class="MsoPlainText">> > ==========================================================<o:p></o:p></p>
<p class="MsoPlainText">> > ===========================<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Allocates and Initializes one Elliptic Curve Context for subsequent<o:p></o:p></p>
<p class="MsoPlainText">> > use<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + with the NID.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] Nid Identifying number for the ECC curve (Defined<o:p></o:p></p>
<p class="MsoPlainText">> > in<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BaseCryptLib.h).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @return Pointer to the Elliptic Curve Context that has been<o:p></o:p></p>
<p class="MsoPlainText">> > initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If the allocations fails, EcNewByNid() returns NULL.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcNewByNid (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN Nid<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + INT32 OpenSslNid;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OpenSslNid = CryptoNidToOpensslNid (Nid);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (OpenSslNid < 0) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return (VOID *)EC_KEY_new_by_curve_name (OpenSslNid);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Release the specified EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcContext Pointer to the EC context to be released.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcFree (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcContext<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_KEY_free ((EC_KEY *)EcContext);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Generates EC key and returns EC public key (X, Y), Please note,<o:p></o:p></p>
<p class="MsoPlainText">> > this function uses<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + pseudo random number generator. The caller must make sure<o:p></o:p></p>
<p class="MsoPlainText">> > RandomSeed()<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + function was properly called before.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + The Ec context should be correctly initialized by EcNewByNid.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function generates random secret, and computes the public<o:p></o:p></p>
<p class="MsoPlainText">> > key (X, Y), which is<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + returned via parameter Public, PublicSize.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + X is the first half of Public with size being PublicSize / 2,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Y is the second half of Public with size being PublicSize / 2.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC context is updated accordingly.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If the Public buffer is too small to hold the public X, Y, FALSE is<o:p></o:p></p>
<p class="MsoPlainText">> > returned and<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + PublicSize is set to the required buffer size to obtain the public X,<o:p></o:p></p>
<p class="MsoPlainText">> > Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If EcContext is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PublicSize is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PublicSize is large enough but Public is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to the EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] PublicKey Pointer to t buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] PublicKeySize On input, the size of Public buffer<o:p></o:p></p>
<p class="MsoPlainText">> > in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Public<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC public X,Y generation succeeded.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE EC public X,Y generation failed.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE PublicKeySize is not large enough.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGenerateKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *PublicKey,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *PublicKeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_KEY *EcKey;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + CONST EC_GROUP *Group;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + CONST EC_POINT *EcPoint;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BOOLEAN RetVal;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BIGNUM *BnX;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BIGNUM *BnY;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + UINTN HalfSize;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + INTN XSize;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + INTN YSize;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((EcContext == NULL) || (PublicKeySize == NULL)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((PublicKey == NULL) && (*PublicKeySize != 0)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EcKey = (EC_KEY *)EcContext;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Group = EC_KEY_get0_group (EcKey);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + HalfSize = (EC_GROUP_get_degree (Group) + 7) / 8;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + // Assume RAND_seed was called<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (EC_KEY_generate_key (EcKey) != 1) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (*PublicKeySize < HalfSize * 2) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + *PublicKeySize = HalfSize * 2;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + *PublicKeySize = HalfSize * 2;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EcPoint = EC_KEY_get0_public_key (EcKey);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (EcPoint == NULL) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + RetVal = FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BnX = BN_new ();<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BnY = BN_new ();<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((BnX == NULL) || (BnY == NULL)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (EC_POINT_get_affine_coordinates (Group, EcPoint, BnX, BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > NULL) != 1) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + XSize = BN_num_bytes (BnX);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + YSize = BN_num_bytes (BnY);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((XSize <= 0) || (YSize <= 0)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT ((UINTN)XSize <= HalfSize && (UINTN)YSize <= HalfSize);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ZeroMem (PublicKey, *PublicKeySize);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_bn2bin (BnX, &PublicKey[0 + HalfSize - XSize]);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_bn2bin (BnY, &PublicKey[HalfSize + HalfSize - YSize]);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + RetVal = TRUE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +fail:<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_free (BnX);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_free (BnY);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return RetVal;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Gets the public key component from the established EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + The Ec context should be correctly initialized by EcNewByNid, and<o:p></o:p></p>
<p class="MsoPlainText">> > successfully<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + generate key pair from EcGenerateKey().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to EC context being set.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] PublicKey Pointer to t buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] PublicKeySize On input, the size of Public buffer<o:p></o:p></p>
<p class="MsoPlainText">> > in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Public<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC key component was retrieved successfully.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Invalid EC key component.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGetPubKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *PublicKey,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *PublicKeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_KEY *EcKey;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + CONST EC_GROUP *Group;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + CONST EC_POINT *EcPoint;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BIGNUM *BnX;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BIGNUM *BnY;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + UINTN HalfSize;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + INTN XSize;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + INTN YSize;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BOOLEAN RetVal;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((EcContext == NULL) || (PublicKeySize == NULL)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((PublicKey == NULL) && (*PublicKeySize != 0)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EcKey = (EC_KEY *)EcContext;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Group = EC_KEY_get0_group (EcKey);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + HalfSize = (EC_GROUP_get_degree (Group) + 7) / 8;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (*PublicKeySize < HalfSize * 2) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + *PublicKeySize = HalfSize * 2;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + *PublicKeySize = HalfSize * 2;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EcPoint = EC_KEY_get0_public_key (EcKey);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (EcPoint == NULL) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + RetVal = FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BnX = BN_new ();<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BnY = BN_new ();<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((BnX == NULL) || (BnY == NULL)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (EC_POINT_get_affine_coordinates (Group, EcPoint, BnX, BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > NULL) != 1) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + XSize = BN_num_bytes (BnX);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + YSize = BN_num_bytes (BnY);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((XSize <= 0) || (YSize <= 0)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT ((UINTN)XSize <= HalfSize && (UINTN)YSize <= HalfSize);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (PublicKey != NULL) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ZeroMem (PublicKey, *PublicKeySize);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_bn2bin (BnX, &PublicKey[0 + HalfSize - XSize]);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_bn2bin (BnY, &PublicKey[HalfSize + HalfSize - YSize]);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + RetVal = TRUE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +fail:<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_free (BnX);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_free (BnY);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return RetVal;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Computes exchanged common key.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Given peer's public key (X, Y), this function computes the<o:p></o:p></p>
<p class="MsoPlainText">> > exchanged common key,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + based on its own context including value of curve parameter and<o:p></o:p></p>
<p class="MsoPlainText">> > random secret.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + X is the first half of PeerPublic with size being PeerPublicSize / 2,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Y is the second half of PeerPublic with size being PeerPublicSize /<o:p></o:p></p>
<p class="MsoPlainText">> > 2.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If public key is compressed, the PeerPublic will only contain half<o:p></o:p></p>
<p class="MsoPlainText">> > key (X).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If EcContext is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PeerPublic is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PeerPublicSize is 0, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If Key is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If KeySize is not large enough, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to the EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] PeerPublic Pointer to the peer's public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] PeerPublicSize Size of peer's public X,Y in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] CompressFlag Flag of PeerPublic is<o:p></o:p></p>
<p class="MsoPlainText">> > compressed or not.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] Key Pointer to the buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated key.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] KeySize On input, the size of Key buffer in<o:p></o:p></p>
<p class="MsoPlainText">> > bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Key<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC exchanged key generation succeeded.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE EC exchanged key generation failed.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE KeySize is not large enough.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcDhComputeKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST UINT8 *PeerPublic,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN PeerPublicSize,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST INT32 *CompressFlag,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *Key,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *KeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_KEY *EcKey;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_KEY *PeerEcKey;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + CONST EC_GROUP *Group;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BOOLEAN RetVal;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BIGNUM *BnX;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BIGNUM *BnY;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_POINT *Point;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + INT32 OpenSslNid;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + UINTN HalfSize;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((EcContext == NULL) || (PeerPublic == NULL) || (KeySize ==<o:p></o:p></p>
<p class="MsoPlainText">> > NULL)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((Key == NULL) && (*KeySize != 0)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (PeerPublicSize > INT_MAX) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EcKey = (EC_KEY *)EcContext;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Group = EC_KEY_get0_group (EcKey);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + HalfSize = (EC_GROUP_get_degree (Group) + 7) / 8;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((CompressFlag == NULL) && (PeerPublicSize != HalfSize * 2)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((CompressFlag != NULL) && (PeerPublicSize != HalfSize)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (*KeySize < HalfSize) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + *KeySize = HalfSize;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + *KeySize = HalfSize;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + RetVal = FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Point = NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BnX = BN_bin2bn (PeerPublic, (INT32)HalfSize, NULL);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BnY = NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Point = EC_POINT_new (Group);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + PeerEcKey = NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if ((BnX == NULL) || (Point == NULL)) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (CompressFlag == NULL) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BnY = BN_bin2bn (PeerPublic + HalfSize, (INT32)HalfSize, NULL);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (BnY == NULL) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (EC_POINT_set_affine_coordinates (Group, Point, BnX, BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > NULL) != 1) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + } else {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (EC_POINT_set_compressed_coordinates (Group, Point, BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > *CompressFlag, NULL) != 1) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + // Validate NIST ECDH public key<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OpenSslNid = EC_GROUP_get_curve_name (Group);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + PeerEcKey = EC_KEY_new_by_curve_name (OpenSslNid);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (PeerEcKey == NULL) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (EC_KEY_set_public_key (PeerEcKey, Point) != 1) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (EC_KEY_check_key (PeerEcKey) != 1) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + if (ECDH_compute_key (Key, *KeySize, Point, EcKey, NULL) <= 0) {<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + goto fail;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + }<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + RetVal = TRUE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +fail:<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_free (BnX);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BN_free (BnY);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_POINT_free (Point);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC_KEY_free (PeerEcKey);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return RetVal;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > new file mode 100644<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > index 0000000000..d9f1004f6c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > --- /dev/null<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > @@ -0,0 +1,496 @@<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/** @file<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Elliptic Curve and ECDH API implementation based on OpenSSL<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + SPDX-License-Identifier: BSD-2-Clause-Patent<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#include <Library/BaseCryptLib.h><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#include <Library/DebugLib.h><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Initialize new opaque EcGroup object. This object represents an EC<o:p></o:p></p>
<p class="MsoPlainText">> > curve and<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + and is used for calculation within this group. This object should be<o:p></o:p></p>
<p class="MsoPlainText">> > freed<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + using EcGroupFree() function.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] CryptoNid Identifying number for the ECC curve<o:p></o:p></p>
<p class="MsoPlainText">> > (Defined in<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BaseCryptLib.h).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval EcGroup object On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval NULL On failure.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN CryptoNid<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC curve parameters. While elliptic curve equation is Y^2 mod<o:p></o:p></p>
<p class="MsoPlainText">> > P = (X^3 + AX + B) Mod P.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number objects to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values. The caller needs to make sure all the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameters<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + are properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnPrime Group prime number.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnA A coefficient.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnB B coefficient..<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupGetCurve (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnPrime,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC group order.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number object to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + value. The caller needs to make sure that the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameter<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + is properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnOrder Group prime number.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupGetOrder (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnOrder<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Free previously allocated EC group object using EcGroupInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object to free.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupFree (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcGroup<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Initialize new opaque EC Point object. This object represents an EC<o:p></o:p></p>
<p class="MsoPlainText">> > point<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + within the given EC group (curve).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EC Group, properly initialized using EcGroupInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval EC Point object On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval NULL On failure.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Free previously allocated EC Point object using EcPointInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point to free.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] Clear TRUE iff the memory should be cleared.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointDeInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN BOOLEAN Clear<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC point affine (x,y) coordinates.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number objects to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values. The caller needs to make sure all the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameters<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + are properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnY Y coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointGetAffineCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Set EC point affine (x,y) coordinates.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnY Y coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointSetAffineCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC Point addition. EcPointResult = EcPointA + EcPointB.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] EcPointResult EC point to hold the result. The<o:p></o:p></p>
<p class="MsoPlainText">> > point should<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + be properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointA EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointB EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointAdd (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *EcPointResult,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Variable EC point multiplication. EcPointResult = EcPoint *<o:p></o:p></p>
<p class="MsoPlainText">> > BnPScalar.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] EcPointResult EC point to hold the result. The<o:p></o:p></p>
<p class="MsoPlainText">> > point should<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + be properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnPScalar P Scalar.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointMul (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *EcPointResult,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnPScalar,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Calculate the inverse of the supplied EC point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in,out] EcPoint EC point to invert.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointInvert (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if the supplied point is on EC curve.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point to check.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On curve.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointIsOnCurve (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if the supplied point is at infinity.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point to check.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE At infinity.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointIsAtInfinity (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if EC points are equal.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointA EC point A.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointB EC point B.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE A == B.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointEqual (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Set EC point compressed coordinates. Points can be described in<o:p></o:p></p>
<p class="MsoPlainText">> > terms of<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + their compressed coordinates. For a point (x, y), for any given<o:p></o:p></p>
<p class="MsoPlainText">> > value for x<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + such that the point is on the curve there will only ever be two<o:p></o:p></p>
<p class="MsoPlainText">> > possible<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values for y. Therefore, a point can be set using this function<o:p></o:p></p>
<p class="MsoPlainText">> > where BnX is<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + the x coordinate and YBit is a value 0 or 1 to identify which of the<o:p></o:p></p>
<p class="MsoPlainText">> > two<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + possible values for y should be used.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] YBit 0 or 1 to identify which Y value is used.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointSetCompressedCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINT8 YBit,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Allocates and Initializes one Elliptic Curve Context for subsequent<o:p></o:p></p>
<p class="MsoPlainText">> > use<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + with the NID.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] Nid cipher NID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @return Pointer to the Elliptic Curve Context that has been<o:p></o:p></p>
<p class="MsoPlainText">> > initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If the allocations fails, EcNewByNid() returns NULL.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcNewByNid (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN Nid<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Release the specified EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcContext Pointer to the EC context to be released.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcFree (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcContext<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Generates EC key and returns EC public key (X, Y), Please note,<o:p></o:p></p>
<p class="MsoPlainText">> > this function uses<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + pseudo random number generator. The caller must make sure<o:p></o:p></p>
<p class="MsoPlainText">> > RandomSeed()<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + function was properly called before.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + The Ec context should be correctly initialized by EcNewByNid.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function generates random secret, and computes the public<o:p></o:p></p>
<p class="MsoPlainText">> > key (X, Y), which is<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + returned via parameter Public, PublicSize.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + X is the first half of Public with size being PublicSize / 2,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Y is the second half of Public with size being PublicSize / 2.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC context is updated accordingly.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If the Public buffer is too small to hold the public X, Y, FALSE is<o:p></o:p></p>
<p class="MsoPlainText">> > returned and<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + PublicSize is set to the required buffer size to obtain the public X,<o:p></o:p></p>
<p class="MsoPlainText">> > Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If EcContext is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PublicSize is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PublicSize is large enough but Public is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to the EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] PublicKey Pointer to t buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] PublicKeySize On input, the size of Public buffer<o:p></o:p></p>
<p class="MsoPlainText">> > in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Public<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC public X,Y generation succeeded.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE EC public X,Y generation failed.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE PublicKeySize is not large enough.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGenerateKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *PublicKey,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *PublicKeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Gets the public key component from the established EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + The Ec context should be correctly initialized by EcNewByNid, and<o:p></o:p></p>
<p class="MsoPlainText">> > successfully<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + generate key pair from EcGenerateKey().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to EC context being set.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] PublicKey Pointer to t buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] PublicKeySize On input, the size of Public buffer<o:p></o:p></p>
<p class="MsoPlainText">> > in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Public<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC key component was retrieved successfully.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Invalid EC key component.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGetPubKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *PublicKey,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *PublicKeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Computes exchanged common key.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Given peer's public key (X, Y), this function computes the<o:p></o:p></p>
<p class="MsoPlainText">> > exchanged common key,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + based on its own context including value of curve parameter and<o:p></o:p></p>
<p class="MsoPlainText">> > random secret.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + X is the first half of PeerPublic with size being PeerPublicSize / 2,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Y is the second half of PeerPublic with size being PeerPublicSize /<o:p></o:p></p>
<p class="MsoPlainText">> > 2.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If EcContext is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PeerPublic is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PeerPublicSize is 0, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If Key is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If KeySize is not large enough, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to the EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] PeerPublic Pointer to the peer's public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] PeerPublicSize Size of peer's public X,Y in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] CompressFlag Flag of PeerPublic is<o:p></o:p></p>
<p class="MsoPlainText">> > compressed or not.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] Key Pointer to the buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated key.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] KeySize On input, the size of Key buffer in<o:p></o:p></p>
<p class="MsoPlainText">> > bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Key<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC exchanged key generation succeeded.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE EC exchanged key generation failed.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE KeySize is not large enough.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcDhComputeKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST UINT8 *PeerPublic,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN PeerPublicSize,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST INT32 *CompressFlag,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *Key,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *KeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > index ce6a789dfd..4bc3063485 100644<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > --- a/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +++ b/CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > @@ -59,6 +59,7 @@<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptTsNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptRsaPss.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptRsaPssSignNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pem/CryptPem.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Bn/CryptBnNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > index 354f3d80aa..e1a57ef09f 100644<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > --- a/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +++ b/CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > @@ -49,6 +49,7 @@<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptX509Null.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptAuthenticodeNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptTsNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pem/CryptPemNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Rand/CryptRandNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > Pk/CryptRsaPssNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > diff --git a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > new file mode 100644<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > index 0000000000..d9f1004f6c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > --- /dev/null<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +++ b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptEcNull.c<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > @@ -0,0 +1,496 @@<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/** @file<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Elliptic Curve and ECDH API implementation based on OpenSSL<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Copyright (c) 2022, Intel Corporation. All rights reserved.<BR><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + SPDX-License-Identifier: BSD-2-Clause-Patent<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#include <Library/BaseCryptLib.h><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +#include <Library/DebugLib.h><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Initialize new opaque EcGroup object. This object represents an EC<o:p></o:p></p>
<p class="MsoPlainText">> > curve and<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + and is used for calculation within this group. This object should be<o:p></o:p></p>
<p class="MsoPlainText">> > freed<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + using EcGroupFree() function.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] CryptoNid Identifying number for the ECC curve<o:p></o:p></p>
<p class="MsoPlainText">> > (Defined in<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + BaseCryptLib.h).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval EcGroup object On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval NULL On failure.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN CryptoNid<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC curve parameters. While elliptic curve equation is Y^2 mod<o:p></o:p></p>
<p class="MsoPlainText">> > P = (X^3 + AX + B) Mod P.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number objects to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values. The caller needs to make sure all the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameters<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + are properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnPrime Group prime number.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnA A coefficient.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnB B coefficient..<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupGetCurve (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnPrime,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC group order.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number object to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + value. The caller needs to make sure that the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameter<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + is properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnOrder Group prime number.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupGetOrder (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnOrder<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Free previously allocated EC group object using EcGroupInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object to free.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGroupFree (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcGroup<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Initialize new opaque EC Point object. This object represents an EC<o:p></o:p></p>
<p class="MsoPlainText">> > point<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + within the given EC group (curve).<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EC Group, properly initialized using EcGroupInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval EC Point object On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval NULL On failure.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Free previously allocated EC Point object using EcPointInit().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point to free.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] Clear TRUE iff the memory should be cleared.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointDeInit (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN BOOLEAN Clear<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Get EC point affine (x,y) coordinates.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function will set the provided Big Number objects to the<o:p></o:p></p>
<p class="MsoPlainText">> > corresponding<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values. The caller needs to make sure all the "out" BigNumber<o:p></o:p></p>
<p class="MsoPlainText">> > parameters<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + are properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] BnY Y coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointGetAffineCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Set EC point affine (x,y) coordinates.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnY Y coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointSetAffineCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnY,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC Point addition. EcPointResult = EcPointA + EcPointB.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] EcPointResult EC point to hold the result. The<o:p></o:p></p>
<p class="MsoPlainText">> > point should<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + be properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointA EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointB EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointAdd (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *EcPointResult,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Variable EC point multiplication. EcPointResult = EcPoint *<o:p></o:p></p>
<p class="MsoPlainText">> > BnPScalar.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] EcPointResult EC point to hold the result. The<o:p></o:p></p>
<p class="MsoPlainText">> > point should<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + be properly initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnPScalar P Scalar.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointMul (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT VOID *EcPointResult,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnPScalar,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Calculate the inverse of the supplied EC point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in,out] EcPoint EC point to invert.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointInvert (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if the supplied point is on EC curve.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point to check.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On curve.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointIsOnCurve (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if the supplied point is at infinity.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC point to check.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE At infinity.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointIsAtInfinity (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPoint<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Check if EC points are equal.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointA EC point A.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPointB EC point B.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE A == B.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointEqual (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointA,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcPointB,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Set EC point compressed coordinates. Points can be described in<o:p></o:p></p>
<p class="MsoPlainText">> > terms of<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + their compressed coordinates. For a point (x, y), for any given<o:p></o:p></p>
<p class="MsoPlainText">> > value for x<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + such that the point is on the curve there will only ever be two<o:p></o:p></p>
<p class="MsoPlainText">> > possible<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + values for y. Therefore, a point can be set using this function<o:p></o:p></p>
<p class="MsoPlainText">> > where BnX is<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + the x coordinate and YBit is a value 0 or 1 to identify which of the<o:p></o:p></p>
<p class="MsoPlainText">> > two<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + possible values for y should be used.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcGroup EC group object.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcPoint EC Point.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnX X coordinate.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] YBit 0 or 1 to identify which Y value is used.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] BnCtx BN context, created with<o:p></o:p></p>
<p class="MsoPlainText">> > BigNumNewContext().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE On success.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Otherwise.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcPointSetCompressedCoordinates (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *EcGroup,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcPoint,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST VOID *BnX,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINT8 YBit,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *BnCtx<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Allocates and Initializes one Elliptic Curve Context for subsequent<o:p></o:p></p>
<p class="MsoPlainText">> > use<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + with the NID.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] Nid cipher NID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @return Pointer to the Elliptic Curve Context that has been<o:p></o:p></p>
<p class="MsoPlainText">> > initialized.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If the allocations fails, EcNewByNid() returns NULL.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID *<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcNewByNid (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN Nid<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return NULL;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Release the specified EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] EcContext Pointer to the EC context to be released.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +VOID<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcFree (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN VOID *EcContext<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Generates EC key and returns EC public key (X, Y), Please note,<o:p></o:p></p>
<p class="MsoPlainText">> > this function uses<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + pseudo random number generator. The caller must make sure<o:p></o:p></p>
<p class="MsoPlainText">> > RandomSeed()<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + function was properly called before.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + The Ec context should be correctly initialized by EcNewByNid.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + This function generates random secret, and computes the public<o:p></o:p></p>
<p class="MsoPlainText">> > key (X, Y), which is<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + returned via parameter Public, PublicSize.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + X is the first half of Public with size being PublicSize / 2,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Y is the second half of Public with size being PublicSize / 2.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + EC context is updated accordingly.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If the Public buffer is too small to hold the public X, Y, FALSE is<o:p></o:p></p>
<p class="MsoPlainText">> > returned and<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + PublicSize is set to the required buffer size to obtain the public X,<o:p></o:p></p>
<p class="MsoPlainText">> > Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If EcContext is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PublicSize is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PublicSize is large enough but Public is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to the EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] PublicKey Pointer to t buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] PublicKeySize On input, the size of Public buffer<o:p></o:p></p>
<p class="MsoPlainText">> > in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Public<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC public X,Y generation succeeded.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE EC public X,Y generation failed.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE PublicKeySize is not large enough.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGenerateKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *PublicKey,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *PublicKeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Gets the public key component from the established EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + The Ec context should be correctly initialized by EcNewByNid, and<o:p></o:p></p>
<p class="MsoPlainText">> > successfully<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + generate key pair from EcGenerateKey().<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PublicSize is 64. First 32-byte is X, Second 32-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PublicSize is 96. First 48-byte is X, Second 48-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PublicSize is 132. First 66-byte is X, Second 66-byte<o:p></o:p></p>
<p class="MsoPlainText">> > is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to EC context being set.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] PublicKey Pointer to t buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] PublicKeySize On input, the size of Public buffer<o:p></o:p></p>
<p class="MsoPlainText">> > in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Public<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC key component was retrieved successfully.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE Invalid EC key component.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcGetPubKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *PublicKey,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *PublicKeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +/**<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Computes exchanged common key.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Given peer's public key (X, Y), this function computes the<o:p></o:p></p>
<p class="MsoPlainText">> > exchanged common key,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + based on its own context including value of curve parameter and<o:p></o:p></p>
<p class="MsoPlainText">> > random secret.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + X is the first half of PeerPublic with size being PeerPublicSize / 2,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + Y is the second half of PeerPublic with size being PeerPublicSize /<o:p></o:p></p>
<p class="MsoPlainText">> > 2.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If EcContext is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PeerPublic is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If PeerPublicSize is 0, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If Key is NULL, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + If KeySize is not large enough, then return FALSE.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-256, the PeerPublicSize is 64. First 32-byte is X, Second 32-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-384, the PeerPublicSize is 96. First 48-byte is X, Second 48-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + For P-521, the PeerPublicSize is 132. First 66-byte is X, Second 66-<o:p></o:p></p>
<p class="MsoPlainText">> > byte is Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] EcContext Pointer to the EC context.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] PeerPublic Pointer to the peer's public X,Y.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] PeerPublicSize Size of peer's public X,Y in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in] CompressFlag Flag of PeerPublic is<o:p></o:p></p>
<p class="MsoPlainText">> > compressed or not.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[out] Key Pointer to the buffer to receive<o:p></o:p></p>
<p class="MsoPlainText">> > generated key.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @param[in, out] KeySize On input, the size of Key buffer in<o:p></o:p></p>
<p class="MsoPlainText">> > bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + On output, the size of data returned in Key<o:p></o:p></p>
<p class="MsoPlainText">> > buffer in bytes.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval TRUE EC exchanged key generation succeeded.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE EC exchanged key generation failed.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + @retval FALSE KeySize is not large enough.<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +**/<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +BOOLEAN<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EFIAPI<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +EcDhComputeKey (<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT VOID *EcContext,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST UINT8 *PeerPublic,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN UINTN PeerPublicSize,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN CONST INT32 *CompressFlag,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + OUT UINT8 *Key,<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + IN OUT UINTN *KeySize<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + )<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +{<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + ASSERT (FALSE);<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > + return FALSE;<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > +}<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > --<o:p></o:p></p>
<p class="MsoPlainText">> > > > > > 2.31.1.windows.1<o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText">> > > > > > <o:p></o:p></p>
<p class="MsoPlainText">> > > > > ><o:p></o:p></p>
<p class="MsoPlainText"><o:p> </o:p></p>
</div>
</div>
</div>
</div>
</body>
</html>
<div width="1" style="color:white;clear:both">_._,_._,_</div> <hr> Groups.io Links:<p> You receive all messages sent to this group. <p> <a target="_blank" href="https://edk2.groups.io/g/devel/message/94274">View/Reply Online (#94274)</a> | | <a target="_blank" href="https://groups.io/mt/93820542/1813853">Mute This Topic</a> | <a href="https://edk2.groups.io/g/devel/post">New Topic</a><br> <a href="https://edk2.groups.io/g/devel/editsub/1813853">Your Subscription</a> | <a href="mailto:devel+owner@edk2.groups.io">Contact Group Owner</a> | <a href="https://edk2.groups.io/g/devel/unsub">Unsubscribe</a> [edk2-devel-archive@redhat.com]<br> <div width="1" style="color:white;clear:both">_._,_._,_</div>