TianoCore EDK2 master
Loading...
Searching...
No Matches
CryptRsaPss.c
Go to the documentation of this file.
1
12#include "InternalCryptLib.h"
13
14#include <openssl/bn.h>
15#include <openssl/rsa.h>
16#include <openssl/objects.h>
17#include <openssl/evp.h>
18
25STATIC
26const
27EVP_MD *
28GetEvpMD (
29 IN UINT16 DigestLen
30 )
31{
32 switch (DigestLen) {
33 case SHA256_DIGEST_SIZE:
34 return EVP_sha256 ();
35 break;
36 case SHA384_DIGEST_SIZE:
37 return EVP_sha384 ();
38 break;
39 case SHA512_DIGEST_SIZE:
40 return EVP_sha512 ();
41 break;
42 default:
43 return NULL;
44 }
45}
46
65BOOLEAN
66EFIAPI
67RsaPssVerify (
68 IN VOID *RsaContext,
69 IN CONST UINT8 *Message,
70 IN UINTN MsgSize,
71 IN CONST UINT8 *Signature,
72 IN UINTN SigSize,
73 IN UINT16 DigestLen,
74 IN UINT16 SaltLen
75 )
76{
77 BOOLEAN Result;
78 EVP_PKEY *EvpRsaKey;
79 EVP_MD_CTX *EvpVerifyCtx;
80 EVP_PKEY_CTX *KeyCtx;
81 CONST EVP_MD *HashAlg;
82
83 Result = FALSE;
84 EvpRsaKey = NULL;
85 EvpVerifyCtx = NULL;
86 KeyCtx = NULL;
87 HashAlg = NULL;
88
89 if (RsaContext == NULL) {
90 return FALSE;
91 }
92
93 if ((Message == NULL) || (MsgSize == 0) || (MsgSize > INT_MAX)) {
94 return FALSE;
95 }
96
97 if ((Signature == NULL) || (SigSize == 0) || (SigSize > INT_MAX)) {
98 return FALSE;
99 }
100
101 if (SaltLen != DigestLen) {
102 return FALSE;
103 }
104
105 HashAlg = GetEvpMD (DigestLen);
106
107 if (HashAlg == NULL) {
108 return FALSE;
109 }
110
111 EvpRsaKey = EVP_PKEY_new ();
112 if (EvpRsaKey == NULL) {
113 goto _Exit;
114 }
115
116 EVP_PKEY_set1_RSA (EvpRsaKey, RsaContext);
117
118 EvpVerifyCtx = EVP_MD_CTX_create ();
119 if (EvpVerifyCtx == NULL) {
120 goto _Exit;
121 }
122
123 Result = EVP_DigestVerifyInit (EvpVerifyCtx, &KeyCtx, HashAlg, NULL, EvpRsaKey) > 0;
124 if (KeyCtx == NULL) {
125 goto _Exit;
126 }
127
128 if (Result) {
129 Result = EVP_PKEY_CTX_set_rsa_padding (KeyCtx, RSA_PKCS1_PSS_PADDING) > 0;
130 }
131
132 if (Result) {
133 Result = EVP_PKEY_CTX_set_rsa_pss_saltlen (KeyCtx, SaltLen) > 0;
134 }
135
136 if (Result) {
137 Result = EVP_PKEY_CTX_set_rsa_mgf1_md (KeyCtx, HashAlg) > 0;
138 }
139
140 if (Result) {
141 Result = EVP_DigestVerifyUpdate (EvpVerifyCtx, Message, (UINT32)MsgSize) > 0;
142 }
143
144 if (Result) {
145 Result = EVP_DigestVerifyFinal (EvpVerifyCtx, Signature, (UINT32)SigSize) > 0;
146 }
147
148_Exit:
149 if (EvpRsaKey != NULL) {
150 EVP_PKEY_free (EvpRsaKey);
151 }
152
153 if (EvpVerifyCtx != NULL) {
154 EVP_MD_CTX_destroy (EvpVerifyCtx);
155 }
156
157 return Result;
158}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
SHA512_DIGEST_SIZE
#define SHA512_DIGEST_SIZE
Definition: BaseCryptLib.h:54
SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: BaseCryptLib.h:44
SHA384_DIGEST_SIZE
#define SHA384_DIGEST_SIZE
Definition: BaseCryptLib.h:49
NULL
#define NULL
Definition: Base.h:319
CONST
#define CONST
Definition: Base.h:259
STATIC
#define STATIC
Definition: Base.h:264
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
RsaPssVerify
BOOLEAN EFIAPI RsaPssVerify(IN VOID *RsaContext, IN CONST UINT8 *Message, IN UINTN MsgSize, IN CONST UINT8 *Signature, IN UINTN SigSize, IN UINT16 DigestLen, IN UINT16 SaltLen)
Definition: CryptRsaPss.c:67
GetEvpMD
STATIC const EVP_MD * GetEvpMD(IN UINT16 DigestLen)
Definition: CryptRsaPss.c:28