From af1a266670d040d2f4083ff309d732d648afba2a Mon Sep 17 00:00:00 2001 From: Angelos Mouzakitis Date: Tue, 10 Oct 2023 14:33:42 +0000 Subject: Add submodule dependency files Change-Id: Iaf8d18082d3991dec7c0ebbea540f092188eb4ec --- .../Library/BaseCryptLib/Pk/CryptRsaBasic.c | 327 +++++++++++++++++++++ 1 file changed, 327 insertions(+) create mode 100644 roms/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c (limited to 'roms/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c') diff --git a/roms/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c b/roms/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c new file mode 100644 index 000000000..d24e1fdf6 --- /dev/null +++ b/roms/edk2/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c @@ -0,0 +1,327 @@ +/** @file + RSA Asymmetric Cipher Wrapper Implementation over OpenSSL. + + This file implements following APIs which provide basic capabilities for RSA: + 1) RsaNew + 2) RsaFree + 3) RsaSetKey + 4) RsaPkcs1Verify + +Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +#include +#include +#include + +/** + Allocates and initializes one RSA context for subsequent use. + + @return Pointer to the RSA context that has been initialized. + If the allocations fails, RsaNew() returns NULL. + +**/ +VOID * +EFIAPI +RsaNew ( + VOID + ) +{ + // + // Allocates & Initializes RSA Context by OpenSSL RSA_new() + // + return (VOID *) RSA_new (); +} + +/** + Release the specified RSA context. + + @param[in] RsaContext Pointer to the RSA context to be released. + +**/ +VOID +EFIAPI +RsaFree ( + IN VOID *RsaContext + ) +{ + // + // Free OpenSSL RSA Context + // + RSA_free ((RSA *) RsaContext); +} + +/** + Sets the tag-designated key component into the established RSA context. + + This function sets the tag-designated RSA key component into the established + RSA context from the user-specified non-negative integer (octet string format + represented in RSA PKCS#1). + If BigNumber is NULL, then the specified key component in RSA context is cleared. + + If RsaContext is NULL, then return FALSE. + + @param[in, out] RsaContext Pointer to RSA context being set. + @param[in] KeyTag Tag of RSA key component being set. + @param[in] BigNumber Pointer to octet integer buffer. + If NULL, then the specified key component in RSA + context is cleared. + @param[in] BnSize Size of big number buffer in bytes. + If BigNumber is NULL, then it is ignored. + + @retval TRUE RSA key component was set successfully. + @retval FALSE Invalid RSA key component tag. + +**/ +BOOLEAN +EFIAPI +RsaSetKey ( + IN OUT VOID *RsaContext, + IN RSA_KEY_TAG KeyTag, + IN CONST UINT8 *BigNumber, + IN UINTN BnSize + ) +{ + RSA *RsaKey; + BIGNUM *BnN; + BIGNUM *BnE; + BIGNUM *BnD; + BIGNUM *BnP; + BIGNUM *BnQ; + BIGNUM *BnDp; + BIGNUM *BnDq; + BIGNUM *BnQInv; + + // + // Check input parameters. + // + if (RsaContext == NULL || BnSize > INT_MAX) { + return FALSE; + } + + BnN = NULL; + BnE = NULL; + BnD = NULL; + BnP = NULL; + BnQ = NULL; + BnDp = NULL; + BnDq = NULL; + BnQInv = NULL; + + // + // Retrieve the components from RSA object. + // + RsaKey = (RSA *) RsaContext; + RSA_get0_key (RsaKey, (const BIGNUM **)&BnN, (const BIGNUM **)&BnE, (const BIGNUM **)&BnD); + RSA_get0_factors (RsaKey, (const BIGNUM **)&BnP, (const BIGNUM **)&BnQ); + RSA_get0_crt_params (RsaKey, (const BIGNUM **)&BnDp, (const BIGNUM **)&BnDq, (const BIGNUM **)&BnQInv); + + // + // Set RSA Key Components by converting octet string to OpenSSL BN representation. + // NOTE: For RSA public key (used in signature verification), only public components + // (N, e) are needed. + // + switch (KeyTag) { + + // + // RSA Public Modulus (N), Public Exponent (e) and Private Exponent (d) + // + case RsaKeyN: + case RsaKeyE: + case RsaKeyD: + if (BnN == NULL) { + BnN = BN_new (); + } + if (BnE == NULL) { + BnE = BN_new (); + } + if (BnD == NULL) { + BnD = BN_new (); + } + + if ((BnN == NULL) || (BnE == NULL) || (BnD == NULL)) { + return FALSE; + } + + switch (KeyTag) { + case RsaKeyN: + BnN = BN_bin2bn (BigNumber, (UINT32)BnSize, BnN); + break; + case RsaKeyE: + BnE = BN_bin2bn (BigNumber, (UINT32)BnSize, BnE); + break; + case RsaKeyD: + BnD = BN_bin2bn (BigNumber, (UINT32)BnSize, BnD); + break; + default: + return FALSE; + } + if (RSA_set0_key (RsaKey, BN_dup(BnN), BN_dup(BnE), BN_dup(BnD)) == 0) { + return FALSE; + } + + break; + + // + // RSA Secret Prime Factor of Modulus (p and q) + // + case RsaKeyP: + case RsaKeyQ: + if (BnP == NULL) { + BnP = BN_new (); + } + if (BnQ == NULL) { + BnQ = BN_new (); + } + if ((BnP == NULL) || (BnQ == NULL)) { + return FALSE; + } + + switch (KeyTag) { + case RsaKeyP: + BnP = BN_bin2bn (BigNumber, (UINT32)BnSize, BnP); + break; + case RsaKeyQ: + BnQ = BN_bin2bn (BigNumber, (UINT32)BnSize, BnQ); + break; + default: + return FALSE; + } + if (RSA_set0_factors (RsaKey, BN_dup(BnP), BN_dup(BnQ)) == 0) { + return FALSE; + } + + break; + + // + // p's CRT Exponent (== d mod (p - 1)), q's CRT Exponent (== d mod (q - 1)), + // and CRT Coefficient (== 1/q mod p) + // + case RsaKeyDp: + case RsaKeyDq: + case RsaKeyQInv: + if (BnDp == NULL) { + BnDp = BN_new (); + } + if (BnDq == NULL) { + BnDq = BN_new (); + } + if (BnQInv == NULL) { + BnQInv = BN_new (); + } + if ((BnDp == NULL) || (BnDq == NULL) || (BnQInv == NULL)) { + return FALSE; + } + + switch (KeyTag) { + case RsaKeyDp: + BnDp = BN_bin2bn (BigNumber, (UINT32)BnSize, BnDp); + break; + case RsaKeyDq: + BnDq = BN_bin2bn (BigNumber, (UINT32)BnSize, BnDq); + break; + case RsaKeyQInv: + BnQInv = BN_bin2bn (BigNumber, (UINT32)BnSize, BnQInv); + break; + default: + return FALSE; + } + if (RSA_set0_crt_params (RsaKey, BN_dup(BnDp), BN_dup(BnDq), BN_dup(BnQInv)) == 0) { + return FALSE; + } + + break; + + default: + return FALSE; + } + + return TRUE; +} + +/** + Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in + RSA PKCS#1. + + If RsaContext is NULL, then return FALSE. + If MessageHash is NULL, then return FALSE. + If Signature is NULL, then return FALSE. + If HashSize is not equal to the size of MD5, SHA-1, SHA-256, SHA-384 or SHA-512 digest, then return FALSE. + + @param[in] RsaContext Pointer to RSA context for signature verification. + @param[in] MessageHash Pointer to octet message hash to be checked. + @param[in] HashSize Size of the message hash in bytes. + @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified. + @param[in] SigSize Size of signature in bytes. + + @retval TRUE Valid signature encoded in PKCS1-v1_5. + @retval FALSE Invalid signature or invalid RSA context. + +**/ +BOOLEAN +EFIAPI +RsaPkcs1Verify ( + IN VOID *RsaContext, + IN CONST UINT8 *MessageHash, + IN UINTN HashSize, + IN CONST UINT8 *Signature, + IN UINTN SigSize + ) +{ + INT32 DigestType; + UINT8 *SigBuf; + + // + // Check input parameters. + // + if (RsaContext == NULL || MessageHash == NULL || Signature == NULL) { + return FALSE; + } + + if (SigSize > INT_MAX || SigSize == 0) { + return FALSE; + } + + // + // Determine the message digest algorithm according to digest size. + // Only MD5, SHA-1, SHA-256, SHA-384 or SHA-512 algorithm is supported. + // + switch (HashSize) { + case MD5_DIGEST_SIZE: + DigestType = NID_md5; + break; + + case SHA1_DIGEST_SIZE: + DigestType = NID_sha1; + break; + + case SHA256_DIGEST_SIZE: + DigestType = NID_sha256; + break; + + case SHA384_DIGEST_SIZE: + DigestType = NID_sha384; + break; + + case SHA512_DIGEST_SIZE: + DigestType = NID_sha512; + break; + + default: + return FALSE; + } + + SigBuf = (UINT8 *) Signature; + return (BOOLEAN) RSA_verify ( + DigestType, + MessageHash, + (UINT32) HashSize, + SigBuf, + (UINT32) SigSize, + (RSA *) RsaContext + ); +} -- cgit