From nobody Tue Mar 19 08:24:27 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+74287+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+74287+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1618884114; cv=none; d=zohomail.com; s=zohoarc; b=P6FB9S7n6K4VutUX8lNEVqk/UX8vIt1Di3jqbqBQUiHsa9wIet2fwhdiljr8MHNPxcEKejPG/JszFseHzNz+L16GJeJWxpZvzOMzzSd0PAkOfQONU2Z7nrTmdDmfyv6LfXdIBRuCfRTZ51G1PJJIJ0hwQGrTzlb3scfsfATzB5k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1618884114; h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:Message-ID:Reply-To:References:Sender:Subject:To; bh=+e3xjUHU5Hu9Wa4ixttyLzUBBrkkRWAXka4VjbHwP8g=; b=irQCrM/ayixfY7vjTUhaEJfJpJjtJrRN9oPOOPetz7u+3yOjThB8Eh+5akVr/nlZNUJ/g5IQER5zmd8E966Clgq7MxwSy8AjvGTrM/S3n5alu4AZTjRAO1SoGtfQt4N4aUJ6RXzhPh7jiCEE3ir/vb1bVG+47vbaqr9VlLRkJA4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+74287+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 161888411467088.32131561903077; Mon, 19 Apr 2021 19:01:54 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 1px3YY1788612xCZZ7igIcB6; Mon, 19 Apr 2021 19:01:54 -0700 X-Received: from mga11.intel.com (mga11.intel.com []) by mx.groups.io with SMTP id smtpd.web09.4724.1618884113163528677 for ; Mon, 19 Apr 2021 19:01:53 -0700 IronPort-SDR: sTx4Xxgg+9QjOfrqLdymWBcEt9qBzVikp7v1N+sp7NIGHMQGSZWh+N1vx3Ue7EDyF7mUJ7HORw mwClc57dPHzQ== X-IronPort-AV: E=McAfee;i="6200,9189,9959"; a="192241826" X-IronPort-AV: E=Sophos;i="5.82,235,1613462400"; d="scan'208";a="192241826" X-Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 19 Apr 2021 19:01:51 -0700 IronPort-SDR: /DgigqG1R+TstKFm7RFe+qZQvnX5W8/WW/N8QMknxTfVtNMjqeJCvVy4oWtS+5m/Si4C1FDJX2 R14gaDarUxLQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.82,235,1613462400"; d="scan'208";a="602316795" X-Received: from sagraw2-desk1.amr.corp.intel.com ([10.72.4.190]) by orsmga005.jf.intel.com with ESMTP; 19 Apr 2021 19:01:51 -0700 From: "Agrawal, Sachin" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Xiaoyu Lu , Guomin Jiang , Sachin Agrawal Subject: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support Date: Mon, 19 Apr 2021 19:01:50 -0700 Message-Id: <20210420020150.29212-2-sachin.agrawal@intel.com> In-Reply-To: <20210420020150.29212-1-sachin.agrawal@intel.com> References: <20210420020150.29212-1-sachin.agrawal@intel.com> Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,sachin.agrawal@intel.com X-Gm-Message-State: Gl9kk3RsDjbRVe6onOItDRb1x1787277AA= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1618884114; bh=T7Ku3KEX4K+yMu7+OtBUSlsz1RCUA3eg6CZXshvjDpg=; h=Cc:Date:From:Reply-To:Subject:To; b=n3OXRfxYqEzNu+boGnUFahxrQgSWbNXlfxlbJ7WsxuyOLcDrS3OQUsFiTF3vh0g7bXe +P4MMfoQdV8A9GRZ6+Hn8m21aSWY3TUytgs1/32/CFUHq/kK750AopDDGBMMw6sH7vMuY B/1uPUuDZ3hzeFdeH20xZaize7dVVweHeCI= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3314 This patch uses Openssl's EVP API's to perform RSASSA-PSS verification of a binary blob. Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Sachin Agrawal --- CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 139 ++++++++++++++++= ++++ CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c | 43 ++++++ CryptoPkg/Include/Library/BaseCryptLib.h | 27 ++++ CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 + CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 1 + CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 1 + CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 1 + 7 files changed, 213 insertions(+) diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c b/CryptoPkg/Li= brary/BaseCryptLib/Pk/CryptRsaPss.c new file mode 100644 index 000000000000..acf5eb689cd8 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c @@ -0,0 +1,139 @@ +/** @file + RSA Asymmetric Cipher Wrapper Implementation over OpenSSL. + + This file implements following APIs which provide basic capabilities for= RSA: + 1) RsaPssVerify + +Copyright (c) 2021, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +#include +#include +#include +#include + + +/** + Retrieve a pointer to EVP message digest object. + + @param[in] DigestLen Length of the message digest. + +**/ +static +EVP_MD* +GetEvpMD ( + IN UINT16 DigestLen + ) +{ + switch (DigestLen){ + case SHA256_DIGEST_SIZE: + return EVP_sha256(); + break; + case SHA384_DIGEST_SIZE: + return EVP_sha384(); + break; + case SHA512_DIGEST_SIZE: + return EVP_sha512(); + break; + default: + return NULL; + } +} + + +/** + Verifies the RSA signature with RSASSA-PSS signature scheme defined in R= FC 8017. + Implementation determines salt length automatically from the signature e= ncoding. + Mask generation function is the same as the message digest algorithm. + + @param[in] RsaContext Pointer to RSA context for signature verific= ation. + @param[in] Message Pointer to octet message to be verified. + @param[in] MsgSize Size of the message in bytes. + @param[in] Signature Pointer to RSASSA-PSS signature to be verifi= ed. + @param[in] SigSize Size of signature in bytes. + @param[in] DigestLen Length of digest for RSA operation. + + @retval TRUE Valid signature encoded in RSASSA-PSS. + @retval FALSE Invalid signature or invalid RSA context. + +**/ +BOOLEAN +EFIAPI +RsaPssVerify ( + IN VOID *RsaContext, + IN CONST UINT8 *Message, + IN UINTN MsgSize, + IN CONST UINT8 *Signature, + IN UINTN SigSize, + IN UINT16 DigestLen + ) +{ + BOOLEAN Result; + EVP_PKEY *pEvpRsaKey =3D NULL; + EVP_MD_CTX *pEvpVerifyCtx =3D NULL; + EVP_PKEY_CTX *pKeyCtx =3D NULL; + CONST EVP_MD *HashAlg =3D NULL; + + if (RsaContext =3D=3D NULL) { + return FALSE; + } + if (Message =3D=3D NULL || MsgSize =3D=3D 0 || MsgSize > INT_MAX) { + return FALSE; + } + if (Signature =3D=3D NULL || SigSize =3D=3D 0 || SigSize > INT_MAX) { + return FALSE; + } + + HashAlg =3D GetEvpMD(DigestLen); + + if (HashAlg =3D=3D NULL) { + return FALSE; + } + + pEvpRsaKey =3D EVP_PKEY_new(); + if (pEvpRsaKey =3D=3D NULL) { + goto _Exit; + } + + EVP_PKEY_set1_RSA(pEvpRsaKey, RsaContext); + + pEvpVerifyCtx =3D EVP_MD_CTX_create(); + if (pEvpVerifyCtx =3D=3D NULL) { + goto _Exit; + } + + Result =3D EVP_DigestVerifyInit(pEvpVerifyCtx, &pKeyCtx, HashAlg, NULL, = pEvpRsaKey) > 0; + if (pKeyCtx =3D=3D NULL) { + goto _Exit; + } + + if (Result) { + Result =3D EVP_PKEY_CTX_set_rsa_padding(pKeyCtx, RSA_PKCS1_PSS_PADDING= ) > 0; + } + if (Result) { + Result =3D EVP_PKEY_CTX_set_rsa_pss_saltlen(pKeyCtx, RSA_PSS_SALTLEN_A= UTO) > 0; + } + if (Result) { + Result =3D EVP_PKEY_CTX_set_rsa_mgf1_md(pKeyCtx, HashAlg) > 0; + } + if (Result) { + Result =3D EVP_DigestVerifyUpdate(pEvpVerifyCtx, Message, (UINT32)MsgS= ize) > 0; + } + if (Result) { + Result =3D EVP_DigestVerifyFinal(pEvpVerifyCtx, Signature, (UINT32)Sig= Size) > 0; + } + +_Exit : + if (pEvpRsaKey) { + EVP_PKEY_free(pEvpRsaKey); + } + if (pEvpVerifyCtx) { + EVP_MD_CTX_destroy(pEvpVerifyCtx); + } + + return Result; +} diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c b/CryptoPk= g/Library/BaseCryptLib/Pk/CryptRsaPssNull.c new file mode 100644 index 000000000000..8d84b4c1426c --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c @@ -0,0 +1,43 @@ +/** @file + RSA-PSS Asymmetric Cipher Wrapper Implementation over OpenSSL. + + This file does not provide real capabilities for following APIs in RSA h= andling: + 1) RsaPssVerify + +Copyright (c) 2021, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +/** + Verifies the RSA signature with RSASSA-PSS signature scheme defined in R= FC 8017. + Implementation determines salt length automatically from the signature e= ncoding. + Mask generation function is the same as the message digest algorithm. + + @param[in] RsaContext Pointer to RSA context for signature verific= ation. + @param[in] Message Pointer to octet message to be verified. + @param[in] MsgSize Size of the message in bytes. + @param[in] Signature Pointer to RSASSA-PSS signature to be verifi= ed. + @param[in] SigSize Size of signature in bytes. + @param[in] DigestLen Length of digest for RSA operation. + + @retval TRUE Valid signature encoded in RSASSA-PSS. + @retval FALSE Invalid signature or invalid RSA context. + +**/ +BOOLEAN +EFIAPI +RsaPssVerify ( + IN VOID *RsaContext, + IN CONST UINT8 *Message, + IN UINTN MsgSize, + IN CONST UINT8 *Signature, + IN UINTN SigSize, + IN UINT16 DigestLen + ) +{ + ASSERT (FALSE); + return FALSE; +} diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/L= ibrary/BaseCryptLib.h index 496121e6a4ed..36d560b8d691 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -1363,6 +1363,33 @@ RsaPkcs1Verify ( IN UINTN SigSize ); =20 +/** + Verifies the RSA signature with RSASSA-PSS signature scheme defined in R= FC 8017. + Implementation determines salt length automatically from the signature e= ncoding. + Mask generation function is the same as the message digest algorithm. + + @param[in] RsaContext Pointer to RSA context for signature verific= ation. + @param[in] Message Pointer to octet message to be verified. + @param[in] MsgSize Size of the message in bytes. + @param[in] Signature Pointer to RSASSA-PSS signature to be verifi= ed. + @param[in] SigSize Size of signature in bytes. + @param[in] DigestLen Length of digest for RSA operation. + + @retval TRUE Valid signature encoded in RSASSA-PSS. + @retval FALSE Invalid signature or invalid RSA context. + +**/ +BOOLEAN +EFIAPI +RsaPssVerify ( + IN VOID *RsaContext, + IN CONST UINT8 *Message, + IN UINTN MsgSize, + IN CONST UINT8 *Signature, + IN UINTN SigSize, + IN UINT16 DigestLen + ); + /** Retrieve the RSA Private Key from the password-protected PEM key data. =20 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#74287): https://edk2.groups.io/g/devel/message/74287 Mute This Topic: https://groups.io/mt/82225508/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-