From nobody Tue Oct 22 22:20:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+108240+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108240+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1693664202; cv=none; d=zohomail.com; s=zohoarc; b=BGExOhQwYMq92fqk1UeZq4piSqpxxNCwlZ8ZAtPmbSvc5fhCQo9qBh2/xjywHkZWTOTcjFWfZf1sWjH9HsWD8rjb8p3ewrCEWur2nglk34mNH8TTyjBgVFdmckRZDdYs5GzFKxSd9fYZNHcUgaH3yIPUzTubmePypdRF2ilBv0Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1693664202; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=z4/G4hsMYYJiEMkKOBzVsazmVxDSGBhfIJ4qvt9dmcw=; b=chcKEHjnhDMAmnyK1SFigVHTDlibjQOlK9idDtrk/Pz3gzxKzO2ftk4EhT0emPTLNV4CJM3ns7WoV8dgVaJzOR0QHwmZ33C5sgrZ119d01jTm3mnRIb1VHMS9USCQre9ZHRswwPFRoo7UvcrOW3X8Ch5vlxVBv+ovwZlXNgouas= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+108240+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 16936642021062.846513910138924; Sat, 2 Sep 2023 07:16:42 -0700 (PDT) Return-Path: DKIM-Signature: a=rsa-sha256; bh=JKAQRGncWUfqjHaZ16o1wCotYaNH1xPxmmwWtIVRvLE=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1693664201; v=1; b=eVYpq6NLjfHLKH2AYQfYfjKP0XSkZZMppqOdp9wjs5Z9Opu31r/B6qoe8cE2u3yfcZ0g4nuC hJtCGMImFgVhjM6BOGByQ3qAfej1pggv6coqLLuTiTtczzbgIAI3aVMTwLCdSKv/LFkNBS1GStX B+6nT9KJ6TtfgF1V9GFD964E= X-Received: by 127.0.0.2 with SMTP id FFPnYY1788612xwVuHWixB59; Sat, 02 Sep 2023 07:16:41 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web11.8769.1693664196705429436 for ; Sat, 02 Sep 2023 07:16:41 -0700 X-IronPort-AV: E=McAfee;i="6600,9927,10821"; a="440346271" X-IronPort-AV: E=Sophos;i="6.02,222,1688454000"; d="scan'208";a="440346271" X-Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Sep 2023 07:16:40 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10821"; a="805769451" X-IronPort-AV: E=Sophos;i="6.02,222,1688454000"; d="scan'208";a="805769451" X-Received: from shwdejointd777.ccr.corp.intel.com ([10.239.58.116]) by fmsmga008.fm.intel.com with ESMTP; 02 Sep 2023 07:16:38 -0700 From: "Wenxing Hou" To: devel@edk2.groups.io Cc: Jiewen Yao , Yi Li , Xiaoyu Lu , Guomin Jiang Subject: [edk2-devel] [PATCH v2 05/10] CryptoPkg: Add RSA functions based on Mbedtls Date: Sat, 2 Sep 2023 22:16:22 +0800 Message-Id: <20230902141627.3178-6-wenxing.hou@intel.com> In-Reply-To: <20230902141627.3178-1-wenxing.hou@intel.com> References: <20230902141627.3178-1-wenxing.hou@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: e4aYir3bTWhIOE1O1bIVUWJRx1787277AA= Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1693664203279100021 Content-Type: text/plain; charset="utf-8" Add RSA APIs. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4177 Cc: Jiewen Yao Cc: Yi Li Cc: Xiaoyu Lu Cc: Guomin Jiang Signed-off-by: Wenxing Hou --- .../BaseCryptLibMbedTls/InternalCryptLib.h | 44 +++ .../BaseCryptLibMbedTls/Pk/CryptRsaBasic.c | 268 ++++++++++++++ .../Pk/CryptRsaBasicNull.c | 121 +++++++ .../BaseCryptLibMbedTls/Pk/CryptRsaExt.c | 333 ++++++++++++++++++ .../BaseCryptLibMbedTls/Pk/CryptRsaExtNull.c | 117 ++++++ .../BaseCryptLibMbedTls/Pk/CryptRsaPss.c | 164 +++++++++ .../BaseCryptLibMbedTls/Pk/CryptRsaPssNull.c | 46 +++ .../BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c | 231 ++++++++++++ .../Pk/CryptRsaPssSignNull.c | 60 ++++ .../UnitTest/Library/BaseCryptLib/RsaTests.c | 4 + 10 files changed, 1388 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasic.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasicN= ull.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExtNul= l.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssNul= l.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSig= n.c create mode 100644 CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSig= nNull.c diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h b/Cry= ptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h new file mode 100644 index 0000000000..3e56c9a75c --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/InternalCryptLib.h @@ -0,0 +1,44 @@ +/** @file + Internal include file for BaseCryptLib. + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef INTERNAL_CRYPT_LIB_H_ +#define INTERNAL_CRYPT_LIB_H_ + +#include +#include +#include +#include +#include +#include + +// +// We should alwasy add mbedtls/config.h here +// to ensure the config override takes effect. +// +#include + +/** + The MbedTLS function f_rng, which MbedRand implements, is not + documented well. + + @param[in] RngState RngState. + @param[in] Output Output. + @param[in] Len Len. + + @retval 0 success. + @retval non-zero failed. + +**/ +INT32 +MbedRand ( + VOID *RngState, + UINT8 *OutPut, + UINTN Len + ); + +#endif diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasic.c b/Cry= ptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasic.c new file mode 100644 index 0000000000..05c2cbd25a --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasic.c @@ -0,0 +1,268 @@ +/** @file + RSA Asymmetric Cipher Wrapper Implementation over MbedTLS. + + This file implements following APIs which provide basic capabilities for= RSA: + 1) RsaNew + 2) RsaFree + 3) RsaSetKey + 4) RsaPkcs1Verify + + RFC 8017 - PKCS #1: RSA Cryptography Specifications Version 2.2 + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +#include + +/** + Allocates and initializes one RSA context for subsequent use. + + @return Pointer to the RSA context that has been initialized. + If the allocations fails, RsaNew() returns NULL. + +**/ +VOID * +EFIAPI +RsaNew ( + VOID + ) +{ + VOID *RsaContext; + + RsaContext =3D AllocateZeroPool (sizeof (mbedtls_rsa_context)); + if (RsaContext =3D=3D NULL) { + return RsaContext; + } + + mbedtls_rsa_init (RsaContext); + if (mbedtls_rsa_set_padding (RsaContext, MBEDTLS_RSA_PKCS_V15, MBEDTLS_M= D_NONE) !=3D 0) { + return NULL; + } + + return RsaContext; +} + +/** + Release the specified RSA context. + + @param[in] RsaContext Pointer to the RSA context to be released. + +**/ +VOID +EFIAPI +RsaFree ( + IN VOID *RsaContext + ) +{ + mbedtls_rsa_free (RsaContext); + if (RsaContext !=3D NULL) { + FreePool (RsaContext); + } +} + +/** + Sets the tag-designated key component into the established RSA context. + + This function sets the tag-designated RSA key component into the establi= shed + RSA context from the user-specified non-negative integer (octet string f= ormat + represented in RSA PKCS#1). + If BigNumber is NULL, then the specified key component in RSA context is= cleared. + + If RsaContext is NULL, then return FALSE. + + @param[in, out] RsaContext Pointer to RSA context being set. + @param[in] KeyTag Tag of RSA key component being set. + @param[in] BigNumber Pointer to octet integer buffer. + If NULL, then the specified key component i= n RSA + context is cleared. + @param[in] BnSize Size of big number buffer in bytes. + If BigNumber is NULL, then it is ignored. + + @retval TRUE RSA key component was set successfully. + @retval FALSE Invalid RSA key component tag. + +**/ +BOOLEAN +EFIAPI +RsaSetKey ( + IN OUT VOID *RsaContext, + IN RSA_KEY_TAG KeyTag, + IN CONST UINT8 *BigNumber, + IN UINTN BnSize + ) +{ + mbedtls_rsa_context *RsaKey; + INT32 Ret; + mbedtls_mpi Value; + + // + // Check input parameters. + // + if ((RsaContext =3D=3D NULL) || (BnSize > INT_MAX)) { + return FALSE; + } + + mbedtls_mpi_init (&Value); + + RsaKey =3D (mbedtls_rsa_context *)RsaContext; + + // if BigNumber is Null clear + if (BigNumber !=3D NULL) { + Ret =3D mbedtls_mpi_read_binary (&Value, BigNumber, BnSize); + if (Ret !=3D 0) { + return FALSE; + } + } + + switch (KeyTag) { + case RsaKeyN: + Ret =3D mbedtls_rsa_import ( + RsaKey, + &Value, + NULL, + NULL, + NULL, + NULL + ); + break; + case RsaKeyE: + Ret =3D mbedtls_rsa_import ( + RsaKey, + NULL, + NULL, + NULL, + NULL, + &Value + ); + break; + case RsaKeyD: + Ret =3D mbedtls_rsa_import ( + RsaKey, + NULL, + NULL, + NULL, + &Value, + NULL + ); + break; + case RsaKeyQ: + Ret =3D mbedtls_rsa_import ( + RsaKey, + NULL, + NULL, + &Value, + NULL, + NULL + ); + break; + case RsaKeyP: + Ret =3D mbedtls_rsa_import ( + RsaKey, + NULL, + &Value, + NULL, + NULL, + NULL + ); + break; + case RsaKeyDp: + case RsaKeyDq: + case RsaKeyQInv: + default: + Ret =3D -1; + break; + } + + mbedtls_rsa_complete (RsaKey); + mbedtls_mpi_free (&Value); + return Ret =3D=3D 0; +} + +/** + Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defi= ned in + RSA PKCS#1. + + If RsaContext is NULL, then return FALSE. + If MessageHash is NULL, then return FALSE. + If Signature is NULL, then return FALSE. + If HashSize is not equal to the size of MD5, SHA-1, SHA-256, SHA-384 or = SHA-512 digest, then return FALSE. + + @param[in] RsaContext Pointer to RSA context for signature verificati= on. + @param[in] MessageHash Pointer to octet message hash to be checked. + @param[in] HashSize Size of the message hash in bytes. + @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verif= ied. + @param[in] SigSize Size of signature in bytes. + + @retval TRUE Valid signature encoded in PKCS1-v1_5. + @retval FALSE Invalid signature or invalid RSA context. + +**/ +BOOLEAN +EFIAPI +RsaPkcs1Verify ( + IN VOID *RsaContext, + IN CONST UINT8 *MessageHash, + IN UINTN HashSize, + IN CONST UINT8 *Signature, + IN UINTN SigSize + ) +{ + INT32 Ret; + mbedtls_md_type_t md_alg; + + if ((RsaContext =3D=3D NULL) || (MessageHash =3D=3D NULL) || (Signature = =3D=3D NULL)) { + return FALSE; + } + + if ((SigSize > INT_MAX) || (SigSize =3D=3D 0)) { + return FALSE; + } + + switch (HashSize) { + case MD5_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_MD5; + break; + + case SHA1_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA1; + break; + + case SHA256_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA256; + break; + + case SHA384_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA384; + break; + + case SHA512_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA512; + break; + + default: + return FALSE; + } + + if (mbedtls_rsa_get_len (RsaContext) !=3D SigSize) { + return FALSE; + } + + mbedtls_rsa_set_padding (RsaContext, MBEDTLS_RSA_PKCS_V15, md_alg); + + Ret =3D mbedtls_rsa_pkcs1_verify ( + RsaContext, + md_alg, + (UINT32)HashSize, + MessageHash, + Signature + ); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasicNull.c b= /CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasicNull.c new file mode 100644 index 0000000000..3e643509fd --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaBasicNull.c @@ -0,0 +1,121 @@ +/** @file + RSA Asymmetric Cipher Wrapper Null Implementation. + + This file implements following APIs which provide basic capabilities for= RSA: + 1) RsaNew + 2) RsaFree + 3) RsaSetKey + 4) RsaPkcs1Verify + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +/** + Allocates and initializes one RSA context for subsequent use. + + @return Pointer to the RSA context that has been initialized. + If the allocations fails, RsaNew() returns NULL. + +**/ +VOID * +EFIAPI +RsaNew ( + VOID + ) +{ + // + // Allocates & Initializes RSA Context + // + ASSERT (FALSE); + return NULL; +} + +/** + Release the specified RSA context. + + @param[in] RsaContext Pointer to the RSA context to be released. + +**/ +VOID +EFIAPI +RsaFree ( + IN VOID *RsaContext + ) +{ + // + // Free RSA Context + // + ASSERT (FALSE); +} + +/** + Sets the tag-designated key component into the established RSA context. + + This function sets the tag-designated RSA key component into the establi= shed + RSA context from the user-specified non-negative integer (octet string f= ormat + represented in RSA PKCS#1). + If BigNumber is NULL, then the specified key component in RSA context is= cleared. + + If RsaContext is NULL, then return FALSE. + + @param[in, out] RsaContext Pointer to RSA context being set. + @param[in] KeyTag Tag of RSA key component being set. + @param[in] BigNumber Pointer to octet integer buffer. + If NULL, then the specified key component i= n RSA + context is cleared. + @param[in] BnSize Size of big number buffer in bytes. + If BigNumber is NULL, then it is ignored. + + @retval TRUE RSA key component was set successfully. + @retval FALSE Invalid RSA key component tag. + +**/ +BOOLEAN +EFIAPI +RsaSetKey ( + IN OUT VOID *RsaContext, + IN RSA_KEY_TAG KeyTag, + IN CONST UINT8 *BigNumber, + IN UINTN BnSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defi= ned in + RSA PKCS#1. + + If RsaContext is NULL, then return FALSE. + If MessageHash is NULL, then return FALSE. + If Signature is NULL, then return FALSE. + If HashSize is not equal to the size of MD5, SHA-1 or SHA-256 digest, th= en return FALSE. + + @param[in] RsaContext Pointer to RSA context for signature verificati= on. + @param[in] MessageHash Pointer to octet message hash to be checked. + @param[in] HashSize Size of the message hash in bytes. + @param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verif= ied. + @param[in] SigSize Size of signature in bytes. + + @retval TRUE Valid signature encoded in PKCS1-v1_5. + @retval FALSE Invalid signature or invalid RSA context. + +**/ +BOOLEAN +EFIAPI +RsaPkcs1Verify ( + IN VOID *RsaContext, + IN CONST UINT8 *MessageHash, + IN UINTN HashSize, + IN CONST UINT8 *Signature, + IN UINTN SigSize + ) +{ + ASSERT (FALSE); + return FALSE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c new file mode 100644 index 0000000000..3cd0f8d8c9 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExt.c @@ -0,0 +1,333 @@ +/** @file + RSA Asymmetric Cipher Wrapper Implementation over MbedTLS. + + This file implements following APIs which provide more capabilities for = RSA: + 1) RsaGetKey + 2) RsaGenerateKey + 3) RsaCheckKey + 4) RsaPkcs1Sign + + RFC 8017 - PKCS #1: RSA Cryptography Specifications Version 2.2 + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include + +/** + Gets the tag-designated RSA key component from the established RSA conte= xt. + + This function retrieves the tag-designated RSA key component from the + established RSA context as a non-negative integer (octet string format + represented in RSA PKCS#1). + If specified key component has not been set or has been cleared, then re= turned + BnSize is set to 0. + If the BigNumber buffer is too small to hold the contents of the key, FA= LSE + is returned and BnSize is set to the required buffer size to obtain the = key. + + If RsaContext is NULL, then return FALSE. + If BnSize is NULL, then return FALSE. + If BnSize is large enough but BigNumber is NULL, then return FALSE. + + @param[in, out] RsaContext Pointer to RSA context being set. + @param[in] KeyTag Tag of RSA key component being set. + @param[out] BigNumber Pointer to octet integer buffer. + @param[in, out] BnSize On input, the size of big number buffer in = bytes. + On output, the size of data returned in big= number buffer in bytes. + + @retval TRUE RSA key component was retrieved successfully. + @retval FALSE Invalid RSA key component tag. + @retval FALSE BnSize is too small. + +**/ +BOOLEAN +EFIAPI +RsaGetKey ( + IN OUT VOID *RsaContext, + IN RSA_KEY_TAG KeyTag, + OUT UINT8 *BigNumber, + IN OUT UINTN *BnSize + ) +{ + mbedtls_rsa_context *RsaKey; + INT32 Ret; + mbedtls_mpi Value; + UINTN Size; + + // + // Check input parameters. + // + if ((RsaContext =3D=3D NULL) || (*BnSize > INT_MAX)) { + return FALSE; + } + + // + // Init mbedtls_mpi + // + mbedtls_mpi_init (&Value); + Size =3D *BnSize; + *BnSize =3D 0; + + RsaKey =3D (mbedtls_rsa_context *)RsaContext; + + switch (KeyTag) { + case RsaKeyN: + Ret =3D mbedtls_rsa_export (RsaKey, &Value, NULL, NULL, NULL, NULL); + break; + case RsaKeyE: + Ret =3D mbedtls_rsa_export (RsaKey, NULL, NULL, NULL, NULL, &Value); + break; + case RsaKeyD: + Ret =3D mbedtls_rsa_export (RsaKey, NULL, NULL, NULL, &Value, NULL); + break; + case RsaKeyQ: + Ret =3D mbedtls_rsa_export (RsaKey, NULL, NULL, &Value, NULL, NULL); + break; + case RsaKeyP: + Ret =3D mbedtls_rsa_export (RsaKey, NULL, &Value, NULL, NULL, NULL); + break; + case RsaKeyDp: + case RsaKeyDq: + case RsaKeyQInv: + default: + Ret =3D -1; + break; + } + + if (Ret !=3D 0) { + return FALSE; + } + + if (!mbedtls_mpi_size (&Value)) { + Ret =3D 0; + goto End; + } + + *BnSize =3D Size; + + if (Ret =3D=3D 0) { + Size =3D mbedtls_mpi_size (&Value); + } + + if (Size =3D=3D 0) { + Ret =3D 1; + goto End; + } + + if (*BnSize < Size) { + Ret =3D 1; + *BnSize =3D Size; + goto End; + } + + if (BigNumber =3D=3D NULL) { + Ret =3D 0; + *BnSize =3D Size; + goto End; + } + + if ((BigNumber !=3D NULL) && (Ret =3D=3D 0)) { + Ret =3D mbedtls_mpi_write_binary (&Value, BigNumber, Size); + *BnSize =3D Size; + } + +End: + mbedtls_mpi_free (&Value); + return Ret =3D=3D 0; +} + +/** + Generates RSA key components. + + This function generates RSA key components. It takes RSA public exponent= E and + length in bits of RSA modulus N as input, and generates all key componen= ts. + If PublicExponent is NULL, the default RSA public exponent (0x10001) wil= l be used. + + If RsaContext is NULL, then return FALSE. + + @param[in, out] RsaContext Pointer to RSA context being set. + @param[in] ModulusLength Length of RSA modulus N in bits. + @param[in] PublicExponent Pointer to RSA public exponent. + @param[in] PublicExponentSize Size of RSA public exponent buffer= in bytes. + + @retval TRUE RSA key component was generated successfully. + @retval FALSE Invalid RSA key component tag. + +**/ +BOOLEAN +EFIAPI +RsaGenerateKey ( + IN OUT VOID *RsaContext, + IN UINTN ModulusLength, + IN CONST UINT8 *PublicExponent, + IN UINTN PublicExponentSize + ) +{ + INT32 Ret; + mbedtls_rsa_context *Rsa; + INT32 PE; + INT32 *GetPE; + + // + // Check input parameters. + // + if ((RsaContext =3D=3D NULL) || (ModulusLength > INT_MAX) || (PublicExpo= nentSize > INT_MAX)) { + return FALSE; + } + + Ret =3D 0; + Rsa =3D (mbedtls_rsa_context *)RsaContext; + + if (PublicExponent =3D=3D NULL) { + PE =3D 0x10001; + } else { + if ((PublicExponentSize > (sizeof (INT32) / sizeof (UINT8))) || (Publi= cExponentSize =3D=3D 0)) { + return FALSE; + } + + GetPE =3D (INT32 *)PublicExponent; + PE =3D *GetPE; + } + + Ret =3D mbedtls_rsa_gen_key ( + Rsa, + myrand, + NULL, + (UINT32)ModulusLength, + PE + ); + + return Ret =3D=3D 0; +} + +/** + Validates key components of RSA context. + NOTE: This function performs integrity checks on all the RSA key materia= l, so + the RSA key structure must contain all the private key data. + + This function validates key components of RSA context in following aspec= ts: + - Whether p is a prime + - Whether q is a prime + - Whether n =3D p * q + - Whether d*e =3D 1 mod lcm(p-1,q-1) + + If RsaContext is NULL, then return FALSE. + + @param[in] RsaContext Pointer to RSA context to check. + + @retval TRUE RSA key components are valid. + @retval FALSE RSA key components are not valid. + +**/ +BOOLEAN +EFIAPI +RsaCheckKey ( + IN VOID *RsaContext + ) +{ + if (RsaContext =3D=3D NULL) { + return FALSE; + } + + UINT32 Ret; + + Ret =3D mbedtls_rsa_complete (RsaContext); + if (Ret =3D=3D 0) { + Ret =3D mbedtls_rsa_check_privkey (RsaContext); + } + + return Ret =3D=3D 0; +} + +/** + Carries out the RSA-SSA signature generation with EMSA-PKCS1-v1_5 encodi= ng scheme. + + This function carries out the RSA-SSA signature generation with EMSA-PKC= S1-v1_5 encoding scheme defined in + RSA PKCS#1. + If the Signature buffer is too small to hold the contents of signature, = FALSE + is returned and SigSize is set to the required buffer size to obtain the= signature. + + If RsaContext is NULL, then return FALSE. + If MessageHash is NULL, then return FALSE. + If HashSize is not equal to the size of MD5, SHA-1, SHA-256, SHA-384 or = SHA-512 digest, then return FALSE. + If SigSize is large enough but Signature is NULL, then return FALSE. + + @param[in] RsaContext Pointer to RSA context for signature gener= ation. + @param[in] MessageHash Pointer to octet message hash to be signed. + @param[in] HashSize Size of the message hash in bytes. + @param[out] Signature Pointer to buffer to receive RSA PKCS1-v1_= 5 signature. + @param[in, out] SigSize On input, the size of Signature buffer in = bytes. + On output, the size of data returned in Si= gnature buffer in bytes. + + @retval TRUE Signature successfully generated in PKCS1-v1_5. + @retval FALSE Signature generation failed. + @retval FALSE SigSize is too small. + +**/ +BOOLEAN +EFIAPI +RsaPkcs1Sign ( + IN VOID *RsaContext, + IN CONST UINT8 *MessageHash, + IN UINTN HashSize, + OUT UINT8 *Signature, + IN OUT UINTN *SigSize + ) +{ + INT32 Ret; + mbedtls_md_type_t md_alg; + + if ((RsaContext =3D=3D NULL) || (MessageHash =3D=3D NULL)) { + return FALSE; + } + + switch (HashSize) { + case MD5_DIGEST_SIZE: + break; + + case SHA1_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA1; + break; + + case SHA256_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA256; + break; + + case SHA384_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA384; + break; + + case SHA512_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA512; + break; + + default: + return FALSE; + } + + if (mbedtls_rsa_get_len (RsaContext) > *SigSize) { + *SigSize =3D mbedtls_rsa_get_len (RsaContext); + return FALSE; + } + + mbedtls_rsa_set_padding (RsaContext, MBEDTLS_RSA_PKCS_V15, md_alg); + + Ret =3D mbedtls_rsa_pkcs1_sign ( + RsaContext, + MbedRand, + NULL, + md_alg, + (UINT32)HashSize, + MessageHash, + Signature + ); + if (Ret !=3D 0) { + return FALSE; + } + + *SigSize =3D mbedtls_rsa_get_len (RsaContext); + return TRUE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExtNull.c b/C= ryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExtNull.c new file mode 100644 index 0000000000..be810fb8ca --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaExtNull.c @@ -0,0 +1,117 @@ +/** @file + RSA Asymmetric Cipher Wrapper Implementation over MbedTLS. + + This file does not provide real capabilities for following APIs in RSA h= andling: + 1) RsaGetKey + 2) RsaGenerateKey + 3) RsaCheckKey + 4) RsaPkcs1Sign + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +/** + Gets the tag-designated RSA key component from the established RSA conte= xt. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] RsaContext Pointer to RSA context being set. + @param[in] KeyTag Tag of RSA key component being set. + @param[out] BigNumber Pointer to octet integer buffer. + @param[in, out] BnSize On input, the size of big number buffer in = bytes. + On output, the size of data returned in big= number buffer in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +RsaGetKey ( + IN OUT VOID *RsaContext, + IN RSA_KEY_TAG KeyTag, + OUT UINT8 *BigNumber, + IN OUT UINTN *BnSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Generates RSA key components. + + Return FALSE to indicate this interface is not supported. + + @param[in, out] RsaContext Pointer to RSA context being set. + @param[in] ModulusLength Length of RSA modulus N in bits. + @param[in] PublicExponent Pointer to RSA public exponent. + @param[in] PublicExponentSize Size of RSA public exponent buffer= in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +RsaGenerateKey ( + IN OUT VOID *RsaContext, + IN UINTN ModulusLength, + IN CONST UINT8 *PublicExponent, + IN UINTN PublicExponentSize + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Validates key components of RSA context. + + Return FALSE to indicate this interface is not supported. + + @param[in] RsaContext Pointer to RSA context to check. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +RsaCheckKey ( + IN VOID *RsaContext + ) +{ + ASSERT (FALSE); + return FALSE; +} + +/** + Carries out the RSA-SSA signature generation with EMSA-PKCS1-v1_5 encodi= ng scheme. + + Return FALSE to indicate this interface is not supported. + + @param[in] RsaContext Pointer to RSA context for signature gener= ation. + @param[in] MessageHash Pointer to octet message hash to be signed. + @param[in] HashSize Size of the message hash in bytes. + @param[out] Signature Pointer to buffer to receive RSA PKCS1-v1_= 5 signature. + @param[in, out] SigSize On input, the size of Signature buffer in = bytes. + On output, the size of data returned in Si= gnature buffer in bytes. + + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +RsaPkcs1Sign ( + IN VOID *RsaContext, + IN CONST UINT8 *MessageHash, + IN UINTN HashSize, + OUT UINT8 *Signature, + IN OUT UINTN *SigSize + ) +{ + ASSERT (FALSE); + return FALSE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss.c b/Crypt= oPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss.c new file mode 100644 index 0000000000..370d0cf7e5 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPss.c @@ -0,0 +1,164 @@ +/** @file + RSA Asymmetric Cipher Wrapper Implementation over MbedTLS. + + This file implements following APIs which provide basic capabilities for= RSA: + 1) RsaPssVerify + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include + +/** + Verifies the RSA signature with RSASSA-PSS signature scheme defined in R= FC 8017. + Implementation determines salt length automatically from the signature e= ncoding. + Mask generation function is the same as the message digest algorithm. + Salt length should be equal to digest length. + + @param[in] RsaContext Pointer to RSA context for signature verific= ation. + @param[in] Message Pointer to octet message to be verified. + @param[in] MsgSize Size of the message in bytes. + @param[in] Signature Pointer to RSASSA-PSS signature to be verifi= ed. + @param[in] SigSize Size of signature in bytes. + @param[in] DigestLen Length of digest for RSA operation. + @param[in] SaltLen Salt length for PSS encoding. + + @retval TRUE Valid signature encoded in RSASSA-PSS. + @retval FALSE Invalid signature or invalid RSA context. + +**/ +BOOLEAN +EFIAPI +RsaPssVerify ( + IN VOID *RsaContext, + IN CONST UINT8 *Message, + IN UINTN MsgSize, + IN CONST UINT8 *Signature, + IN UINTN SigSize, + IN UINT16 DigestLen, + IN UINT16 SaltLen + ) +{ + INT32 Ret; + mbedtls_md_type_t md_alg; + UINT8 HashValue[SHA512_DIGEST_SIZE]; + BOOLEAN Status; + UINTN ShaCtxSize; + VOID *ShaCtx; + + if (RsaContext =3D=3D NULL) { + return FALSE; + } + + if ((Message =3D=3D NULL) || (MsgSize =3D=3D 0) || (MsgSize > INT_MAX)) { + return FALSE; + } + + if (SaltLen !=3D DigestLen) { + return FALSE; + } + + if ((Signature =3D=3D NULL) || (SigSize =3D=3D 0) || (SigSize > INT_MAX)= ) { + return FALSE; + } + + ZeroMem (HashValue, DigestLen); + + switch (DigestLen) { + case SHA256_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA256; + ShaCtxSize =3D Sha256GetContextSize (); + ShaCtx =3D AllocatePool (ShaCtxSize); + + Status =3D Sha256Init (ShaCtx); + if (!Status) { + return FALSE; + } + + Status =3D Sha256Update (ShaCtx, Message, MsgSize); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + Status =3D Sha256Final (ShaCtx, HashValue); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + FreePool (ShaCtx); + break; + + case SHA384_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA384; + ShaCtxSize =3D Sha384GetContextSize (); + ShaCtx =3D AllocatePool (ShaCtxSize); + + Status =3D Sha384Init (ShaCtx); + if (!Status) { + return FALSE; + } + + Status =3D Sha384Update (ShaCtx, Message, MsgSize); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + Status =3D Sha384Final (ShaCtx, HashValue); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + FreePool (ShaCtx); + break; + + case SHA512_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA512; + ShaCtxSize =3D Sha512GetContextSize (); + ShaCtx =3D AllocatePool (ShaCtxSize); + + Status =3D Sha512Init (ShaCtx); + if (!Status) { + return FALSE; + } + + Status =3D Sha512Update (ShaCtx, Message, MsgSize); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + Status =3D Sha512Final (ShaCtx, HashValue); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + FreePool (ShaCtx); + break; + + default: + return FALSE; + } + + mbedtls_rsa_set_padding (RsaContext, MBEDTLS_RSA_PKCS_V21, md_alg); + + Ret =3D mbedtls_rsa_rsassa_pss_verify ( + RsaContext, + md_alg, + (UINT32)DigestLen, + HashValue, + Signature + ); + if (Ret !=3D 0) { + return FALSE; + } + + return TRUE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssNull.c b/C= ryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssNull.c new file mode 100644 index 0000000000..75ad71a922 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssNull.c @@ -0,0 +1,46 @@ +/** @file + RSA-PSS Asymmetric Cipher Wrapper Implementation over MbedTLS. + + This file does not provide real capabilities for following APIs in RSA h= andling: + 1) RsaPssVerify + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +/** + Verifies the RSA signature with RSASSA-PSS signature scheme defined in R= FC 8017. + Implementation determines salt length automatically from the signature e= ncoding. + Mask generation function is the same as the message digest algorithm. + Salt length should be equal to digest length. + + @param[in] RsaContext Pointer to RSA context for signature verific= ation. + @param[in] Message Pointer to octet message to be verified. + @param[in] MsgSize Size of the message in bytes. + @param[in] Signature Pointer to RSASSA-PSS signature to be verifi= ed. + @param[in] SigSize Size of signature in bytes. + @param[in] DigestLen Length of digest for RSA operation. + @param[in] SaltLen Salt length for PSS encoding. + + @retval TRUE Valid signature encoded in RSASSA-PSS. + @retval FALSE Invalid signature or invalid RSA context. + +**/ +BOOLEAN +EFIAPI +RsaPssVerify ( + IN VOID *RsaContext, + IN CONST UINT8 *Message, + IN UINTN MsgSize, + IN CONST UINT8 *Signature, + IN UINTN SigSize, + IN UINT16 DigestLen, + IN UINT16 SaltLen + ) +{ + ASSERT (FALSE); + return FALSE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c b/C= ryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c new file mode 100644 index 0000000000..db7bac5676 --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSign.c @@ -0,0 +1,231 @@ +/** @file + RSA PSS Asymmetric Cipher Wrapper Implementation over MbedTLS. + + This file implements following APIs which provide basic capabilities for= RSA: + 1) RsaPssSign + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" +#include +#include + +/** + The MbedTLS function f_rng, which MbedRand implements, is not + documented well. + + @param[in] RngState RngState. + @param[in] Output Output. + @param[in] Len Len. + + @retval 0 success. + @retval non-zero failed. + +**/ +INT32 +MbedRand ( + VOID *RngState, + UINT8 *Output, + UINTN Len + ) +{ + BOOLEAN Ret; + UINT64 TempRand; + + Ret =3D FALSE; + + while (Len > 0) { + // Use RngLib to get random number + Ret =3D GetRandomNumber64 (&TempRand); + + if (!Ret) { + return Ret; + } + + if (Len >=3D sizeof (TempRand)) { + *((UINT64 *)Output) =3D TempRand; + Output +=3D sizeof (UINT64); + Len -=3D sizeof (TempRand); + } else { + CopyMem (Output, &TempRand, Len); + Len =3D 0; + } + } + + return 0; +} + +/** + Carries out the RSA-SSA signature generation with EMSA-PSS encoding sche= me. + + This function carries out the RSA-SSA signature generation with EMSA-PSS= encoding scheme defined in + RFC 8017. + Mask generation function is the same as the message digest algorithm. + If the Signature buffer is too small to hold the contents of signature, = FALSE + is returned and SigSize is set to the required buffer size to obtain the= signature. + + If RsaContext is NULL, then return FALSE. + If Message is NULL, then return FALSE. + If MsgSize is zero or > INT_MAX, then return FALSE. + If DigestLen is NOT 32, 48 or 64, return FALSE. + If SaltLen is not equal to DigestLen, then return FALSE. + If SigSize is large enough but Signature is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] RsaContext Pointer to RSA context for signature genera= tion. + @param[in] Message Pointer to octet message to be signed. + @param[in] MsgSize Size of the message in bytes. + @param[in] DigestLen Length of the digest in bytes to be used fo= r RSA signature operation. + @param[in] SaltLen Length of the salt in bytes to be used for = PSS encoding. + @param[out] Signature Pointer to buffer to receive RSA PSS signat= ure. + @param[in, out] SigSize On input, the size of Signature buffer in b= ytes. + On output, the size of data returned in Sig= nature buffer in bytes. + + @retval TRUE Signature successfully generated in RSASSA-PSS. + @retval FALSE Signature generation failed. + @retval FALSE SigSize is too small. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +RsaPssSign ( + IN VOID *RsaContext, + IN CONST UINT8 *Message, + IN UINTN MsgSize, + IN UINT16 DigestLen, + IN UINT16 SaltLen, + OUT UINT8 *Signature, + IN OUT UINTN *SigSize + ) +{ + INT32 Ret; + mbedtls_md_type_t md_alg; + UINT8 HashValue[SHA512_DIGEST_SIZE]; + BOOLEAN Status; + UINTN ShaCtxSize; + VOID *ShaCtx; + + if (RsaContext =3D=3D NULL) { + return FALSE; + } + + if ((Message =3D=3D NULL) || (MsgSize =3D=3D 0) || (MsgSize > INT_MAX)) { + return FALSE; + } + + if (SaltLen !=3D DigestLen) { + return FALSE; + } + + ZeroMem (HashValue, DigestLen); + + switch (DigestLen) { + case SHA256_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA256; + ShaCtxSize =3D Sha256GetContextSize (); + ShaCtx =3D AllocatePool (ShaCtxSize); + + Status =3D Sha256Init (ShaCtx); + if (!Status) { + return FALSE; + } + + Status =3D Sha256Update (ShaCtx, Message, MsgSize); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + Status =3D Sha256Final (ShaCtx, HashValue); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + FreePool (ShaCtx); + break; + + case SHA384_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA384; + ShaCtxSize =3D Sha384GetContextSize (); + ShaCtx =3D AllocatePool (ShaCtxSize); + + Status =3D Sha384Init (ShaCtx); + if (!Status) { + return FALSE; + } + + Status =3D Sha384Update (ShaCtx, Message, MsgSize); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + Status =3D Sha384Final (ShaCtx, HashValue); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + FreePool (ShaCtx); + break; + + case SHA512_DIGEST_SIZE: + md_alg =3D MBEDTLS_MD_SHA512; + ShaCtxSize =3D Sha512GetContextSize (); + ShaCtx =3D AllocatePool (ShaCtxSize); + + Status =3D Sha512Init (ShaCtx); + if (!Status) { + return FALSE; + } + + Status =3D Sha512Update (ShaCtx, Message, MsgSize); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + Status =3D Sha512Final (ShaCtx, HashValue); + if (!Status) { + FreePool (ShaCtx); + return FALSE; + } + + FreePool (ShaCtx); + break; + + default: + return FALSE; + } + + if (Signature =3D=3D NULL) { + // + // If Signature is NULL, return safe SignatureSize + // + *SigSize =3D MBEDTLS_MPI_MAX_SIZE; + return FALSE; + } + + mbedtls_rsa_set_padding (RsaContext, MBEDTLS_RSA_PKCS_V21, md_alg); + + Ret =3D mbedtls_rsa_rsassa_pss_sign ( + RsaContext, + MbedRand, + NULL, + md_alg, + (UINT32)DigestLen, + HashValue, + Signature + ); + if (Ret !=3D 0) { + return FALSE; + } + + *SigSize =3D ((mbedtls_rsa_context *)RsaContext)->len; + return TRUE; +} diff --git a/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSignNull.c= b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSignNull.c new file mode 100644 index 0000000000..10687bd38e --- /dev/null +++ b/CryptoPkg/Library/BaseCryptLibMbedTls/Pk/CryptRsaPssSignNull.c @@ -0,0 +1,60 @@ +/** @file + RSA-PSS Asymmetric Cipher Wrapper Implementation over MbedTLS. + + This file does not provide real capabilities for following APIs in RSA h= andling: + 1) RsaPssSign + +Copyright (c) 2023, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include "InternalCryptLib.h" + +/** + Carries out the RSA-SSA signature generation with EMSA-PSS encoding sche= me. + + This function carries out the RSA-SSA signature generation with EMSA-PSS= encoding scheme defined in + RFC 8017. + Mask generation function is the same as the message digest algorithm. + If the Signature buffer is too small to hold the contents of signature, = FALSE + is returned and SigSize is set to the required buffer size to obtain the= signature. + + If RsaContext is NULL, then return FALSE. + If Message is NULL, then return FALSE. + If MsgSize is zero or > INT_MAX, then return FALSE. + If DigestLen is NOT 32, 48 or 64, return FALSE. + If SaltLen is not equal to DigestLen, then return FALSE. + If SigSize is large enough but Signature is NULL, then return FALSE. + If this interface is not supported, then return FALSE. + + @param[in] RsaContext Pointer to RSA context for signature genera= tion. + @param[in] Message Pointer to octet message to be signed. + @param[in] MsgSize Size of the message in bytes. + @param[in] DigestLen Length of the digest in bytes to be used fo= r RSA signature operation. + @param[in] SaltLen Length of the salt in bytes to be used for = PSS encoding. + @param[out] Signature Pointer to buffer to receive RSA PSS signat= ure. + @param[in, out] SigSize On input, the size of Signature buffer in b= ytes. + On output, the size of data returned in Sig= nature buffer in bytes. + + @retval TRUE Signature successfully generated in RSASSA-PSS. + @retval FALSE Signature generation failed. + @retval FALSE SigSize is too small. + @retval FALSE This interface is not supported. + +**/ +BOOLEAN +EFIAPI +RsaPssSign ( + IN VOID *RsaContext, + IN CONST UINT8 *Message, + IN UINTN MsgSize, + IN UINT16 DigestLen, + IN UINT16 SaltLen, + OUT UINT8 *Signature, + IN OUT UINTN *SigSize + ) +{ + ASSERT (FALSE); + return FALSE; +} diff --git a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaTests.c b/Cryp= toPkg/Test/UnitTest/Library/BaseCryptLib/RsaTests.c index 3f06e89b3c..70fd4aa64b 100644 --- a/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaTests.c +++ b/CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaTests.c @@ -194,6 +194,7 @@ TestVerifyRsaGenerateKeyComponents ( BOOLEAN Status; UINTN KeySize; UINT8 *KeyBuffer; + UINT8 TestPublicExponent[] =3D { 0x01, 0x00, 0x01 }; =20 // // Generate RSA Key Components @@ -202,6 +203,9 @@ TestVerifyRsaGenerateKeyComponents ( Status =3D RsaGenerateKey (mRsa, RSA_MODULUS_LENGTH, NULL, 0); UT_ASSERT_TRUE (Status); =20 + Status =3D RsaGenerateKey (mRsa, RSA_MODULUS_LENGTH, TestPublicExponent,= sizeof (TestPublicExponent)); + UT_ASSERT_TRUE (Status); + KeySize =3D RSA_MODULUS_LENGTH / 8; KeyBuffer =3D AllocatePool (KeySize); Status =3D RsaGetKey (mRsa, RsaKeyE, KeyBuffer, &KeySize); --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108240): https://edk2.groups.io/g/devel/message/108240 Mute This Topic: https://groups.io/mt/101114029/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-