TianoCore EDK2 master
Loading...
Searching...
No Matches
CryptRsaBasic.c
Go to the documentation of this file.
1
17#include "InternalCryptLib.h"
18
19#include <mbedtls/rsa.h>
20
28VOID *
29EFIAPI
30RsaNew (
31 VOID
32 )
33{
34 VOID *RsaContext;
35
36 RsaContext = AllocateZeroPool (sizeof (mbedtls_rsa_context));
37 if (RsaContext == NULL) {
38 return RsaContext;
39 }
40
41 mbedtls_rsa_init (RsaContext);
42 if (mbedtls_rsa_set_padding (RsaContext, MBEDTLS_RSA_PKCS_V15, MBEDTLS_MD_NONE) != 0) {
43 return NULL;
44 }
45
46 return RsaContext;
47}
48
55VOID
56EFIAPI
57RsaFree (
58 IN VOID *RsaContext
59 )
60{
61 mbedtls_rsa_free (RsaContext);
62 if (RsaContext != NULL) {
63 FreePool (RsaContext);
64 }
65}
66
89BOOLEAN
90EFIAPI
91RsaSetKey (
92 IN OUT VOID *RsaContext,
93 IN RSA_KEY_TAG KeyTag,
94 IN CONST UINT8 *BigNumber,
95 IN UINTN BnSize
96 )
97{
98 mbedtls_rsa_context *RsaKey;
99 INT32 Ret;
100 mbedtls_mpi Value;
101
102 //
103 // Check input parameters.
104 //
105 if ((RsaContext == NULL) || (BnSize > INT_MAX)) {
106 return FALSE;
107 }
108
109 mbedtls_mpi_init (&Value);
110
111 RsaKey = (mbedtls_rsa_context *)RsaContext;
112
113 // if BigNumber is Null clear
114 if (BigNumber != NULL) {
115 Ret = mbedtls_mpi_read_binary (&Value, BigNumber, BnSize);
116 if (Ret != 0) {
117 mbedtls_mpi_free (&Value);
118 return FALSE;
119 }
120 }
121
122 switch (KeyTag) {
123 case RsaKeyN:
124 Ret = mbedtls_rsa_import (
125 RsaKey,
126 &Value,
127 NULL,
128 NULL,
129 NULL,
130 NULL
131 );
132 break;
133 case RsaKeyE:
134 Ret = mbedtls_rsa_import (
135 RsaKey,
136 NULL,
137 NULL,
138 NULL,
139 NULL,
140 &Value
141 );
142 break;
143 case RsaKeyD:
144 Ret = mbedtls_rsa_import (
145 RsaKey,
146 NULL,
147 NULL,
148 NULL,
149 &Value,
150 NULL
151 );
152 break;
153 case RsaKeyQ:
154 Ret = mbedtls_rsa_import (
155 RsaKey,
156 NULL,
157 NULL,
158 &Value,
159 NULL,
160 NULL
161 );
162 break;
163 case RsaKeyP:
164 Ret = mbedtls_rsa_import (
165 RsaKey,
166 NULL,
167 &Value,
168 NULL,
169 NULL,
170 NULL
171 );
172 break;
173 case RsaKeyDp:
174 case RsaKeyDq:
175 case RsaKeyQInv:
176 default:
177 Ret = -1;
178 break;
179 }
180
181 mbedtls_mpi_free (&Value);
182 return Ret == 0;
183}
184
204BOOLEAN
205EFIAPI
206RsaPkcs1Verify (
207 IN VOID *RsaContext,
208 IN CONST UINT8 *MessageHash,
209 IN UINTN HashSize,
210 IN CONST UINT8 *Signature,
211 IN UINTN SigSize
212 )
213{
214 INT32 Ret;
215 mbedtls_md_type_t md_alg;
216 mbedtls_rsa_context *RsaKey;
217
218 if ((RsaContext == NULL) || (MessageHash == NULL) || (Signature == NULL)) {
219 return FALSE;
220 }
221
222 if ((SigSize > INT_MAX) || (SigSize == 0)) {
223 return FALSE;
224 }
225
226 RsaKey = (mbedtls_rsa_context *)RsaContext;
227 if (mbedtls_rsa_complete (RsaKey) != 0) {
228 return FALSE;
229 }
230
231 switch (HashSize) {
232 #ifdef ENABLE_MD5_DEPRECATED_INTERFACES
233 case MD5_DIGEST_SIZE:
234 md_alg = MBEDTLS_MD_MD5;
235 break;
236 #endif
237
238 #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
239 case SHA1_DIGEST_SIZE:
240 md_alg = MBEDTLS_MD_SHA1;
241 break;
242 #endif
243
244 case SHA256_DIGEST_SIZE:
245 md_alg = MBEDTLS_MD_SHA256;
246 break;
247
248 case SHA384_DIGEST_SIZE:
249 md_alg = MBEDTLS_MD_SHA384;
250 break;
251
252 case SHA512_DIGEST_SIZE:
253 md_alg = MBEDTLS_MD_SHA512;
254 break;
255
256 default:
257 return FALSE;
258 }
259
260 if (mbedtls_rsa_get_len (RsaContext) != SigSize) {
261 return FALSE;
262 }
263
264 mbedtls_rsa_set_padding (RsaContext, MBEDTLS_RSA_PKCS_V15, md_alg);
265
266 Ret = mbedtls_rsa_pkcs1_verify (
267 RsaContext,
268 md_alg,
269 (UINT32)HashSize,
270 MessageHash,
271 Signature
272 );
273 if (Ret != 0) {
274 return FALSE;
275 }
276
277 return TRUE;
278}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
RSA_KEY_TAG
RSA_KEY_TAG
Definition: BaseCryptLib.h:74
RsaKeyDq
@ RsaKeyDq
q's CRT exponent (== d mod (q - 1))
Definition: BaseCryptLib.h:81
RsaKeyD
@ RsaKeyD
RSA Private exponent (d)
Definition: BaseCryptLib.h:77
RsaKeyDp
@ RsaKeyDp
p's CRT exponent (== d mod (p - 1))
Definition: BaseCryptLib.h:80
RsaKeyP
@ RsaKeyP
RSA secret prime factor of Modulus (p)
Definition: BaseCryptLib.h:78
RsaKeyN
@ RsaKeyN
RSA public Modulus (N)
Definition: BaseCryptLib.h:75
RsaKeyQ
@ RsaKeyQ
RSA secret prime factor of Modules (q)
Definition: BaseCryptLib.h:79
RsaKeyQInv
@ RsaKeyQInv
The CRT coefficient (== 1/q mod p)
Definition: BaseCryptLib.h:82
RsaKeyE
@ RsaKeyE
RSA Public exponent (e)
Definition: BaseCryptLib.h:76
SHA1_DIGEST_SIZE
#define SHA1_DIGEST_SIZE
Definition: BaseCryptLib.h:39
SHA512_DIGEST_SIZE
#define SHA512_DIGEST_SIZE
Definition: BaseCryptLib.h:54
SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: BaseCryptLib.h:44
MD5_DIGEST_SIZE
#define MD5_DIGEST_SIZE
Definition: BaseCryptLib.h:34
SHA384_DIGEST_SIZE
#define SHA384_DIGEST_SIZE
Definition: BaseCryptLib.h:49
AllocateZeroPool
VOID *EFIAPI AllocateZeroPool(IN UINTN AllocationSize)
Definition: MemoryAllocationLib.c:234
FreePool
VOID EFIAPI FreePool(IN VOID *Buffer)
Definition: MemoryAllocationLib.c:266
NULL
#define NULL
Definition: Base.h:319
CONST
#define CONST
Definition: Base.h:259
TRUE
#define TRUE
Definition: Base.h:301
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
OUT
#define OUT
Definition: Base.h:284
RsaNew
VOID *EFIAPI RsaNew(VOID)
Definition: CryptRsaBasic.c:30
RsaSetKey
BOOLEAN EFIAPI RsaSetKey(IN OUT VOID *RsaContext, IN RSA_KEY_TAG KeyTag, IN CONST UINT8 *BigNumber, IN UINTN BnSize)
Definition: CryptRsaBasic.c:82
RsaFree
VOID EFIAPI RsaFree(IN VOID *RsaContext)
Definition: CryptRsaBasic.c:48
RsaPkcs1Verify
BOOLEAN EFIAPI RsaPkcs1Verify(IN VOID *RsaContext, IN CONST UINT8 *MessageHash, IN UINTN HashSize, IN CONST UINT8 *Signature, IN UINTN SigSize)
Definition: CryptRsaBasic.c:276