TianoCore EDK2 master
Loading...
Searching...
No Matches
CryptRsaPssSign.c
Go to the documentation of this file.
1
12#include "InternalCryptLib.h"
13#include <mbedtls/rsa.h>
14#include <mbedtls/sha256.h>
15#include <mbedtls/sha512.h>
16
49BOOLEAN
50EFIAPI
51RsaPssSign (
52 IN VOID *RsaContext,
53 IN CONST UINT8 *Message,
54 IN UINTN MsgSize,
55 IN UINT16 DigestLen,
56 IN UINT16 SaltLen,
57 OUT UINT8 *Signature,
58 IN OUT UINTN *SigSize
59 )
60{
61 INT32 Ret;
62 mbedtls_md_type_t MdAlg;
63 UINT8 HashValue[SHA512_DIGEST_SIZE];
64
65 if (RsaContext == NULL) {
66 return FALSE;
67 }
68
69 if (mbedtls_rsa_complete ((mbedtls_rsa_context *)RsaContext) != 0) {
70 return FALSE;
71 }
72
73 if ((Message == NULL) || (MsgSize == 0) || (MsgSize > INT_MAX)) {
74 return FALSE;
75 }
76
77 if (SaltLen != DigestLen) {
78 return FALSE;
79 }
80
81 ZeroMem (HashValue, DigestLen);
82
83 switch (DigestLen) {
84 case SHA256_DIGEST_SIZE:
85 MdAlg = MBEDTLS_MD_SHA256;
86 if (mbedtls_sha256 (Message, MsgSize, HashValue, FALSE) != 0) {
87 return FALSE;
88 }
89
90 break;
91
92 case SHA384_DIGEST_SIZE:
93 MdAlg = MBEDTLS_MD_SHA384;
94 if (mbedtls_sha512 (Message, MsgSize, HashValue, TRUE) != 0) {
95 return FALSE;
96 }
97
98 break;
99
100 case SHA512_DIGEST_SIZE:
101 MdAlg = MBEDTLS_MD_SHA512;
102 if (mbedtls_sha512 (Message, MsgSize, HashValue, FALSE) != 0) {
103 return FALSE;
104 }
105
106 break;
107
108 default:
109 return FALSE;
110 }
111
112 if (Signature == NULL) {
113 //
114 // If Signature is NULL, return safe SignatureSize
115 //
116 *SigSize = MBEDTLS_MPI_MAX_SIZE;
117 return FALSE;
118 }
119
120 Ret = mbedtls_rsa_set_padding (RsaContext, MBEDTLS_RSA_PKCS_V21, MdAlg);
121 if (Ret != 0) {
122 return FALSE;
123 }
124
125 Ret = mbedtls_rsa_rsassa_pss_sign (
126 RsaContext,
127 MbedtlsRand,
128 NULL,
129 MdAlg,
130 (UINT32)DigestLen,
131 HashValue,
132 Signature
133 );
134 if (Ret != 0) {
135 return FALSE;
136 }
137
138 *SigSize = ((mbedtls_rsa_context *)RsaContext)->len;
139 return TRUE;
140}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
SHA512_DIGEST_SIZE
#define SHA512_DIGEST_SIZE
Definition: BaseCryptLib.h:54
SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: BaseCryptLib.h:44
SHA384_DIGEST_SIZE
#define SHA384_DIGEST_SIZE
Definition: BaseCryptLib.h:49
MbedtlsRand
INT32 MbedtlsRand(VOID *RngState, UINT8 *Output, UINTN Len)
Definition: CryptRand.c:103
ZeroMem
VOID *EFIAPI ZeroMem(OUT VOID *Buffer, IN UINTN Length)
Definition: ZeroMemWrapper.c:38
NULL
#define NULL
Definition: Base.h:319
CONST
#define CONST
Definition: Base.h:259
TRUE
#define TRUE
Definition: Base.h:301
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
OUT
#define OUT
Definition: Base.h:284
RsaPssSign
BOOLEAN EFIAPI RsaPssSign(IN VOID *RsaContext, IN CONST UINT8 *Message, IN UINTN MsgSize, IN UINT16 DigestLen, IN UINT16 SaltLen, OUT UINT8 *Signature, IN OUT UINTN *SigSize)
Definition: CryptRsaPssSign.c:81