Changeset 99404 in vbox for trunk/src/VBox/Devices/EFI/FirmwareNew/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c

Timestamp:

Apr 14, 2023 3:17:44 PM (21 months ago)

Author:

vboxsync

Message:

Devices/EFI/FirmwareNew: Update to edk2-stable202302 and make it build, bugref:4643

Location:

trunk/src/VBox/Devices/EFI/FirmwareNew

Files:

• . (modified) (1 prop)
• CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c (modified) (6 diffs)

trunk/src/VBox/Devices/EFI/FirmwareNew/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c

@@ -31 +31 @@
   INTN  KeyLength;
 
-  ZeroMem ((VOID *) Buf, (UINTN) Size);
+  ZeroMem ((VOID *)Buf, (UINTN)Size);
   if (Key != NULL) {
     //
     // Duplicate key phrase directly.
     //
-    KeyLength = (INTN) AsciiStrLen ((CHAR8 *)Key);
-    KeyLength = (KeyLength > Size ) ? Size : KeyLength;
-    CopyMem (Buf, Key, (UINTN) KeyLength);
+    KeyLength = (INTN)AsciiStrLen ((CHAR8 *)Key);
+    KeyLength = (KeyLength > Size) ? Size : KeyLength;
+    CopyMem (Buf, Key, (UINTN)KeyLength);
     return KeyLength;
   } else {
@@ -77 +77 @@
   // Check input parameters.
   //
-  if (PemData == NULL || RsaContext == NULL || PemSize > INT_MAX) {
+  if ((PemData == NULL) || (RsaContext == NULL) || (PemSize > INT_MAX)) {
     return FALSE;
   }
@@ -88 +88 @@
     return FALSE;
   }
+
   if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) {
     return FALSE;
   }
+
   if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) {
     return FALSE;
@@ -105 +107 @@
   }
 
-  if (BIO_write (PemBio, PemData, (int) PemSize) <= 0) {
+  if (BIO_write (PemBio, PemData, (int)PemSize) <= 0) {
     goto _Exit;
   }
@@ -112 +114 @@
   // Retrieve RSA Private Key from encrypted PEM data.
   //
-  *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *) &PasswordCallback, (void *) Password);
+  *RsaContext = PEM_read_bio_RSAPrivateKey (PemBio, NULL, (pem_password_cb *)&PasswordCallback, (void *)Password);
   if (*RsaContext != NULL) {
     Status = TRUE;
@@ -125 +127 @@
   return Status;
 }
+
+/**
+  Retrieve the EC Private Key from the password-protected PEM key data.
+
+  @param[in]  PemData      Pointer to the PEM-encoded key data to be retrieved.
+  @param[in]  PemSize      Size of the PEM key data in bytes.
+  @param[in]  Password     NULL-terminated passphrase used for encrypted PEM key data.
+  @param[out] EcContext    Pointer to new-generated EC DSA context which contain the retrieved
+                           EC private key component. Use EcFree() function to free the
+                           resource.
+
+  If PemData is NULL, then return FALSE.
+  If EcContext is NULL, then return FALSE.
+
+  @retval  TRUE   EC Private Key was retrieved successfully.
+  @retval  FALSE  Invalid PEM key data or incorrect password.
+
+**/
+BOOLEAN
+EFIAPI
+EcGetPrivateKeyFromPem (
+  IN   CONST UINT8  *PemData,
+  IN   UINTN        PemSize,
+  IN   CONST CHAR8  *Password,
+  OUT  VOID         **EcContext
+  )
+{
+  BOOLEAN  Status;
+  BIO      *PemBio;
+
+  //
+  // Check input parameters.
+  //
+  if ((PemData == NULL) || (EcContext == NULL) || (PemSize > INT_MAX)) {
+    return FALSE;
+  }
+
+  //
+  // Add possible block-cipher descriptor for PEM data decryption.
+  // NOTE: Only support most popular ciphers AES for the encrypted PEM.
+  //
+  if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) {
+    return FALSE;
+  }
+
+  if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) {
+    return FALSE;
+  }
+
+  if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) {
+    return FALSE;
+  }
+
+  Status = FALSE;
+
+  //
+  // Read encrypted PEM Data.
+  //
+  PemBio = BIO_new (BIO_s_mem ());
+  if (PemBio == NULL) {
+    goto _Exit;
+  }
+
+  if (BIO_write (PemBio, PemData, (int)PemSize) <= 0) {
+    goto _Exit;
+  }
+
+  //
+  // Retrieve EC Private Key from encrypted PEM data.
+  //
+  *EcContext = PEM_read_bio_ECPrivateKey (PemBio, NULL, (pem_password_cb *)&PasswordCallback, (void *)Password);
+  if (*EcContext != NULL) {
+    Status = TRUE;
+  }
+
+_Exit:
+  //
+  // Release Resources.
+  //
+  BIO_free (PemBio);
+
+  return Status;
+}