docs/master/_pk_2_crypt_rsa_basic_8c_source.html

#include "InternalCryptLib.h"


#include <openssl/bn.h>

#include <openssl/rsa.h>

#include <openssl/objects.h>


VOID *

EFIAPI

RsaNew (

  VOID

  )

{

  //

  // Allocates & Initializes RSA Context by OpenSSL RSA_new()

  //

  return (VOID *)RSA_new ();

}


VOID

EFIAPI

RsaFree (

  IN  VOID  *RsaContext

  )

{

  //

  // Free OpenSSL RSA Context

  //

  RSA_free ((RSA *)RsaContext);

}


BOOLEAN

EFIAPI

RsaSetKey (

  IN OUT  VOID         *RsaContext,

  IN      RSA_KEY_TAG  KeyTag,

  IN      CONST UINT8  *BigNumber,

  IN      UINTN        BnSize

  )

{

  RSA     *RsaKey;

  BIGNUM  *BnN;

  BIGNUM  *BnE;

  BIGNUM  *BnD;

  BIGNUM  *BnP;

  BIGNUM  *BnQ;

  BIGNUM  *BnDp;

  BIGNUM  *BnDq;

  BIGNUM  *BnQInv;


  //

  // Check input parameters.

  //

  if ((RsaContext == NULL) || (BnSize > INT_MAX)) {

    return FALSE;

  }


  BnN    = NULL;

  BnE    = NULL;

  BnD    = NULL;

  BnP    = NULL;

  BnQ    = NULL;

  BnDp   = NULL;

  BnDq   = NULL;

  BnQInv = NULL;


  //

  // Retrieve the components from RSA object.

  //

  RsaKey = (RSA *)RsaContext;

  RSA_get0_key (RsaKey, (const BIGNUM **)&BnN, (const BIGNUM **)&BnE, (const BIGNUM **)&BnD);

  RSA_get0_factors (RsaKey, (const BIGNUM **)&BnP, (const BIGNUM **)&BnQ);

  RSA_get0_crt_params (RsaKey, (const BIGNUM **)&BnDp, (const BIGNUM **)&BnDq, (const BIGNUM **)&BnQInv);


  //

  // Set RSA Key Components by converting octet string to OpenSSL BN representation.

  // NOTE: For RSA public key (used in signature verification), only public components

  //       (N, e) are needed.

  //

  switch (KeyTag) {

    //

    // RSA Public Modulus (N), Public Exponent (e) and Private Exponent (d)

    //

    case RsaKeyN:

    case RsaKeyE:

    case RsaKeyD:

      if (BnN == NULL) {

        BnN = BN_new ();

      }


      if (BnE == NULL) {

        BnE = BN_new ();

      }


      if (BnD == NULL) {

        BnD = BN_new ();

      }


      if ((BnN == NULL) || (BnE == NULL) || (BnD == NULL)) {

        return FALSE;

      }


      switch (KeyTag) {

        case RsaKeyN:

          BnN = BN_bin2bn (BigNumber, (UINT32)BnSize, BnN);

          break;

        case RsaKeyE:

          BnE = BN_bin2bn (BigNumber, (UINT32)BnSize, BnE);

          break;

        case RsaKeyD:

          BnD = BN_bin2bn (BigNumber, (UINT32)BnSize, BnD);

          break;

        default:

          return FALSE;

      }


      if (RSA_set0_key (RsaKey, BN_dup (BnN), BN_dup (BnE), BN_dup (BnD)) == 0) {

        return FALSE;

      }


      break;


    //

    // RSA Secret Prime Factor of Modulus (p and q)

    //

    case RsaKeyP:

    case RsaKeyQ:

      if (BnP == NULL) {

        BnP = BN_new ();

      }


      if (BnQ == NULL) {

        BnQ = BN_new ();

      }


      if ((BnP == NULL) || (BnQ == NULL)) {

        return FALSE;

      }


      switch (KeyTag) {

        case RsaKeyP:

          BnP = BN_bin2bn (BigNumber, (UINT32)BnSize, BnP);

          break;

        case RsaKeyQ:

          BnQ = BN_bin2bn (BigNumber, (UINT32)BnSize, BnQ);

          break;

        default:

          return FALSE;

      }


      if (RSA_set0_factors (RsaKey, BN_dup (BnP), BN_dup (BnQ)) == 0) {

        return FALSE;

      }


      break;


    //

    // p's CRT Exponent (== d mod (p - 1)),  q's CRT Exponent (== d mod (q - 1)),

    // and CRT Coefficient (== 1/q mod p)

    //

    case RsaKeyDp:

    case RsaKeyDq:

    case RsaKeyQInv:

      if (BnDp == NULL) {

        BnDp = BN_new ();

      }


      if (BnDq == NULL) {

        BnDq = BN_new ();

      }


      if (BnQInv == NULL) {

        BnQInv = BN_new ();

      }


      if ((BnDp == NULL) || (BnDq == NULL) || (BnQInv == NULL)) {

        return FALSE;

      }


      switch (KeyTag) {

        case RsaKeyDp:

          BnDp = BN_bin2bn (BigNumber, (UINT32)BnSize, BnDp);

          break;

        case RsaKeyDq:

          BnDq = BN_bin2bn (BigNumber, (UINT32)BnSize, BnDq);

          break;

        case RsaKeyQInv:

          BnQInv = BN_bin2bn (BigNumber, (UINT32)BnSize, BnQInv);

          break;

        default:

          return FALSE;

      }


      if (RSA_set0_crt_params (RsaKey, BN_dup (BnDp), BN_dup (BnDq), BN_dup (BnQInv)) == 0) {

        return FALSE;

      }


      break;


    default:

      return FALSE;

  }


  return TRUE;

}


BOOLEAN

EFIAPI

RsaPkcs1Verify (

  IN  VOID         *RsaContext,

  IN  CONST UINT8  *MessageHash,

  IN  UINTN        HashSize,

  IN  CONST UINT8  *Signature,

  IN  UINTN        SigSize

  )

{

  INT32  DigestType;

  UINT8  *SigBuf;


  //

  // Check input parameters.

  //

  if ((RsaContext == NULL) || (MessageHash == NULL) || (Signature == NULL)) {

    return FALSE;

  }


  if ((SigSize > INT_MAX) || (SigSize == 0)) {

    return FALSE;

  }


  //

  // Determine the message digest algorithm according to digest size.

  //   Only MD5, SHA-1, SHA-256, SHA-384 or SHA-512 algorithm is supported.

  //

  switch (HashSize) {

    case MD5_DIGEST_SIZE:

      DigestType = NID_md5;

      break;


    case SHA1_DIGEST_SIZE:

      DigestType = NID_sha1;

      break;


    case SHA256_DIGEST_SIZE:

      DigestType = NID_sha256;

      break;


    case SHA384_DIGEST_SIZE:

      DigestType = NID_sha384;

      break;


    case SHA512_DIGEST_SIZE:

      DigestType = NID_sha512;

      break;


    default:

      return FALSE;

  }


  SigBuf = (UINT8 *)Signature;

  return (BOOLEAN)RSA_verify (

                    DigestType,

                    MessageHash,

                    (UINT32)HashSize,

                    SigBuf,

                    (UINT32)SigSize,

                    (RSA *)RsaContext

                    );

}

UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112

RSA_KEY_TAG
RSA_KEY_TAG
Definition: BaseCryptLib.h:74

RsaKeyDq
@ RsaKeyDq
q's CRT exponent (== d mod (q - 1))
Definition: BaseCryptLib.h:81

RsaKeyD
@ RsaKeyD
RSA Private exponent (d)
Definition: BaseCryptLib.h:77

RsaKeyDp
@ RsaKeyDp
p's CRT exponent (== d mod (p - 1))
Definition: BaseCryptLib.h:80

RsaKeyP
@ RsaKeyP
RSA secret prime factor of Modulus (p)
Definition: BaseCryptLib.h:78

RsaKeyN
@ RsaKeyN
RSA public Modulus (N)
Definition: BaseCryptLib.h:75

RsaKeyQ
@ RsaKeyQ
RSA secret prime factor of Modules (q)
Definition: BaseCryptLib.h:79

RsaKeyQInv
@ RsaKeyQInv
The CRT coefficient (== 1/q mod p)
Definition: BaseCryptLib.h:82

RsaKeyE
@ RsaKeyE
RSA Public exponent (e)
Definition: BaseCryptLib.h:76

SHA1_DIGEST_SIZE
#define SHA1_DIGEST_SIZE
Definition: BaseCryptLib.h:39

SHA512_DIGEST_SIZE
#define SHA512_DIGEST_SIZE
Definition: BaseCryptLib.h:54

SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: BaseCryptLib.h:44

MD5_DIGEST_SIZE
#define MD5_DIGEST_SIZE
Definition: BaseCryptLib.h:34

SHA384_DIGEST_SIZE
#define SHA384_DIGEST_SIZE
Definition: BaseCryptLib.h:49

NULL
#define NULL
Definition: Base.h:319

CONST
#define CONST
Definition: Base.h:259

TRUE
#define TRUE
Definition: Base.h:301

FALSE
#define FALSE
Definition: Base.h:307

IN
#define IN
Definition: Base.h:279

OUT
#define OUT
Definition: Base.h:284

RsaNew
VOID *EFIAPI RsaNew(VOID)
Definition: CryptRsaBasic.c:30

RsaSetKey
BOOLEAN EFIAPI RsaSetKey(IN OUT VOID *RsaContext, IN RSA_KEY_TAG KeyTag, IN CONST UINT8 *BigNumber, IN UINTN BnSize)
Definition: CryptRsaBasic.c:82

RsaFree
VOID EFIAPI RsaFree(IN VOID *RsaContext)
Definition: CryptRsaBasic.c:48

RsaPkcs1Verify
BOOLEAN EFIAPI RsaPkcs1Verify(IN VOID *RsaContext, IN CONST UINT8 *MessageHash, IN UINTN HashSize, IN CONST UINT8 *Signature, IN UINTN SigSize)
Definition: CryptRsaBasic.c:276