TianoCore EDK2 master
Loading...
Searching...
No Matches
CryptRsaPssSign.c
Go to the documentation of this file.
1
12#include "InternalCryptLib.h"
13
14#include <openssl/bn.h>
15#include <openssl/rsa.h>
16#include <openssl/objects.h>
17#include <openssl/evp.h>
18
25STATIC
26const
27EVP_MD *
28GetEvpMD (
29 IN UINT16 DigestLen
30 )
31{
32 switch (DigestLen) {
33 case SHA256_DIGEST_SIZE:
34 return EVP_sha256 ();
35 break;
36 case SHA384_DIGEST_SIZE:
37 return EVP_sha384 ();
38 break;
39 case SHA512_DIGEST_SIZE:
40 return EVP_sha512 ();
41 break;
42 default:
43 return NULL;
44 }
45}
46
79BOOLEAN
80EFIAPI
81RsaPssSign (
82 IN VOID *RsaContext,
83 IN CONST UINT8 *Message,
84 IN UINTN MsgSize,
85 IN UINT16 DigestLen,
86 IN UINT16 SaltLen,
87 OUT UINT8 *Signature,
88 IN OUT UINTN *SigSize
89 )
90{
91 BOOLEAN Result;
92 UINTN RsaSigSize;
93 EVP_PKEY *EvpRsaKey;
94 EVP_MD_CTX *EvpVerifyCtx;
95 EVP_PKEY_CTX *KeyCtx;
96 CONST EVP_MD *HashAlg;
97
98 Result = FALSE;
99 EvpRsaKey = NULL;
100 EvpVerifyCtx = NULL;
101 KeyCtx = NULL;
102 HashAlg = NULL;
103
104 if (RsaContext == NULL) {
105 return FALSE;
106 }
107
108 if ((Message == NULL) || (MsgSize == 0) || (MsgSize > INT_MAX)) {
109 return FALSE;
110 }
111
112 RsaSigSize = RSA_size (RsaContext);
113 if (*SigSize < RsaSigSize) {
114 *SigSize = RsaSigSize;
115 return FALSE;
116 }
117
118 if (Signature == NULL) {
119 return FALSE;
120 }
121
122 if (SaltLen != DigestLen) {
123 return FALSE;
124 }
125
126 HashAlg = GetEvpMD (DigestLen);
127
128 if (HashAlg == NULL) {
129 return FALSE;
130 }
131
132 EvpRsaKey = EVP_PKEY_new ();
133 if (EvpRsaKey == NULL) {
134 goto _Exit;
135 }
136
137 EVP_PKEY_set1_RSA (EvpRsaKey, RsaContext);
138
139 EvpVerifyCtx = EVP_MD_CTX_create ();
140 if (EvpVerifyCtx == NULL) {
141 goto _Exit;
142 }
143
144 Result = EVP_DigestSignInit (EvpVerifyCtx, &KeyCtx, HashAlg, NULL, EvpRsaKey) > 0;
145 if (KeyCtx == NULL) {
146 goto _Exit;
147 }
148
149 if (Result) {
150 Result = EVP_PKEY_CTX_set_rsa_padding (KeyCtx, RSA_PKCS1_PSS_PADDING) > 0;
151 }
152
153 if (Result) {
154 Result = EVP_PKEY_CTX_set_rsa_pss_saltlen (KeyCtx, SaltLen) > 0;
155 }
156
157 if (Result) {
158 Result = EVP_PKEY_CTX_set_rsa_mgf1_md (KeyCtx, HashAlg) > 0;
159 }
160
161 if (Result) {
162 Result = EVP_DigestSignUpdate (EvpVerifyCtx, Message, (UINT32)MsgSize) > 0;
163 }
164
165 if (Result) {
166 Result = EVP_DigestSignFinal (EvpVerifyCtx, Signature, SigSize) > 0;
167 }
168
169_Exit:
170 if (EvpRsaKey != NULL) {
171 EVP_PKEY_free (EvpRsaKey);
172 }
173
174 if (EvpVerifyCtx != NULL) {
175 EVP_MD_CTX_destroy (EvpVerifyCtx);
176 }
177
178 return Result;
179}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
SHA512_DIGEST_SIZE
#define SHA512_DIGEST_SIZE
Definition: BaseCryptLib.h:54
SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: BaseCryptLib.h:44
SHA384_DIGEST_SIZE
#define SHA384_DIGEST_SIZE
Definition: BaseCryptLib.h:49
NULL
#define NULL
Definition: Base.h:319
CONST
#define CONST
Definition: Base.h:259
STATIC
#define STATIC
Definition: Base.h:264
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
OUT
#define OUT
Definition: Base.h:284
RsaPssSign
BOOLEAN EFIAPI RsaPssSign(IN VOID *RsaContext, IN CONST UINT8 *Message, IN UINTN MsgSize, IN UINT16 DigestLen, IN UINT16 SaltLen, OUT UINT8 *Signature, IN OUT UINTN *SigSize)
Definition: CryptRsaPssSign.c:81
GetEvpMD
STATIC const EVP_MD * GetEvpMD(IN UINT16 DigestLen)
Definition: CryptRsaPssSign.c:28