3) RsaCheckKey\r
4) RsaPkcs1Sign\r
\r
-Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution. The full text of the license may be found at\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
IN OUT UINTN *BnSize\r
)\r
{\r
- RSA *RsaKey;\r
- BIGNUM *BnKey;\r
- UINTN Size;\r
+ RSA *RsaKey;\r
+ BIGNUM *BnKey;\r
+ UINTN Size;\r
\r
//\r
// Check input parameters.\r
//\r
- if (RsaContext == NULL || BnSize == NULL) {\r
+ if ((RsaContext == NULL) || (BnSize == NULL)) {\r
return FALSE;\r
}\r
\r
- RsaKey = (RSA *) RsaContext;\r
+ RsaKey = (RSA *)RsaContext;\r
Size = *BnSize;\r
*BnSize = 0;\r
+ BnKey = NULL;\r
\r
switch (KeyTag) {\r
+ //\r
+ // RSA Public Modulus (N)\r
+ //\r
+ case RsaKeyN:\r
+ RSA_get0_key (RsaKey, (const BIGNUM **)&BnKey, NULL, NULL);\r
+ break;\r
+\r
+ //\r
+ // RSA Public Exponent (e)\r
+ //\r
+ case RsaKeyE:\r
+ RSA_get0_key (RsaKey, NULL, (const BIGNUM **)&BnKey, NULL);\r
+ break;\r
+\r
+ //\r
+ // RSA Private Exponent (d)\r
+ //\r
+ case RsaKeyD:\r
+ RSA_get0_key (RsaKey, NULL, NULL, (const BIGNUM **)&BnKey);\r
+ break;\r
+\r
+ //\r
+ // RSA Secret Prime Factor of Modulus (p)\r
+ //\r
+ case RsaKeyP:\r
+ RSA_get0_factors (RsaKey, (const BIGNUM **)&BnKey, NULL);\r
+ break;\r
+\r
+ //\r
+ // RSA Secret Prime Factor of Modules (q)\r
+ //\r
+ case RsaKeyQ:\r
+ RSA_get0_factors (RsaKey, NULL, (const BIGNUM **)&BnKey);\r
+ break;\r
+\r
+ //\r
+ // p's CRT Exponent (== d mod (p - 1))\r
+ //\r
+ case RsaKeyDp:\r
+ RSA_get0_crt_params (RsaKey, (const BIGNUM **)&BnKey, NULL, NULL);\r
+ break;\r
+\r
+ //\r
+ // q's CRT Exponent (== d mod (q - 1))\r
+ //\r
+ case RsaKeyDq:\r
+ RSA_get0_crt_params (RsaKey, NULL, (const BIGNUM **)&BnKey, NULL);\r
+ break;\r
+\r
+ //\r
+ // The CRT Coefficient (== 1/q mod p)\r
+ //\r
+ case RsaKeyQInv:\r
+ RSA_get0_crt_params (RsaKey, NULL, NULL, (const BIGNUM **)&BnKey);\r
+ break;\r
+\r
+ default:\r
+ return FALSE;\r
+ }\r
\r
- //\r
- // RSA Public Modulus (N)\r
- //\r
- case RsaKeyN:\r
- if (RsaKey->n == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->n;\r
- break;\r
-\r
- //\r
- // RSA Public Exponent (e)\r
- //\r
- case RsaKeyE:\r
- if (RsaKey->e == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->e;\r
- break;\r
-\r
- //\r
- // RSA Private Exponent (d)\r
- //\r
- case RsaKeyD:\r
- if (RsaKey->d == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->d;\r
- break;\r
-\r
- //\r
- // RSA Secret Prime Factor of Modulus (p)\r
- //\r
- case RsaKeyP:\r
- if (RsaKey->p == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->p;\r
- break;\r
-\r
- //\r
- // RSA Secret Prime Factor of Modules (q)\r
- //\r
- case RsaKeyQ:\r
- if (RsaKey->q == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->q;\r
- break;\r
-\r
- //\r
- // p's CRT Exponent (== d mod (p - 1))\r
- //\r
- case RsaKeyDp:\r
- if (RsaKey->dmp1 == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->dmp1;\r
- break;\r
-\r
- //\r
- // q's CRT Exponent (== d mod (q - 1))\r
- //\r
- case RsaKeyDq:\r
- if (RsaKey->dmq1 == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->dmq1;\r
- break;\r
-\r
- //\r
- // The CRT Coefficient (== 1/q mod p)\r
- //\r
- case RsaKeyQInv:\r
- if (RsaKey->iqmp == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->iqmp;\r
- break;\r
-\r
- default:\r
+ if (BnKey == NULL) {\r
return FALSE;\r
}\r
\r
}\r
\r
if (BigNumber == NULL) {\r
- return FALSE;\r
+ *BnSize = Size;\r
+ return TRUE;\r
}\r
- *BnSize = BN_bn2bin (BnKey, BigNumber) ;\r
- \r
+\r
+ *BnSize = BN_bn2bin (BnKey, BigNumber);\r
+\r
return TRUE;\r
}\r
\r
@param[in, out] RsaContext Pointer to RSA context being set.\r
@param[in] ModulusLength Length of RSA modulus N in bits.\r
@param[in] PublicExponent Pointer to RSA public exponent.\r
- @param[in] PublicExponentSize Size of RSA public exponent buffer in bytes. \r
+ @param[in] PublicExponentSize Size of RSA public exponent buffer in bytes.\r
\r
@retval TRUE RSA key component was generated successfully.\r
@retval FALSE Invalid RSA key component tag.\r
//\r
// Check input parameters.\r
//\r
- if (RsaContext == NULL || ModulusLength > INT_MAX || PublicExponentSize > INT_MAX) {\r
+ if ((RsaContext == NULL) || (ModulusLength > INT_MAX) || (PublicExponentSize > INT_MAX)) {\r
return FALSE;\r
}\r
- \r
+\r
KeyE = BN_new ();\r
if (KeyE == NULL) {\r
return FALSE;\r
}\r
\r
RetVal = FALSE;\r
- \r
+\r
if (PublicExponent == NULL) {\r
if (BN_set_word (KeyE, 0x10001) == 0) {\r
goto _Exit;\r
}\r
} else {\r
- if (BN_bin2bn (PublicExponent, (UINT32) PublicExponentSize, KeyE) == NULL) {\r
+ if (BN_bin2bn (PublicExponent, (UINT32)PublicExponentSize, KeyE) == NULL) {\r
goto _Exit;\r
}\r
}\r
\r
- if (RSA_generate_key_ex ((RSA *) RsaContext, (UINT32) ModulusLength, KeyE, NULL) == 1) {\r
- RetVal = TRUE;\r
+ if (RSA_generate_key_ex ((RSA *)RsaContext, (UINT32)ModulusLength, KeyE, NULL) == 1) {\r
+ RetVal = TRUE;\r
}\r
\r
_Exit:\r
}\r
\r
/**\r
- Validates key components of RSA context. \r
+ Validates key components of RSA context.\r
NOTE: This function performs integrity checks on all the RSA key material, so\r
the RSA key structure must contain all the private key data.\r
\r
if (RsaContext == NULL) {\r
return FALSE;\r
}\r
- \r
- if (RSA_check_key ((RSA *) RsaContext) != 1) {\r
+\r
+ if (RSA_check_key ((RSA *)RsaContext) != 1) {\r
Reason = ERR_GET_REASON (ERR_peek_last_error ());\r
- if (Reason == RSA_R_P_NOT_PRIME ||\r
- Reason == RSA_R_Q_NOT_PRIME ||\r
- Reason == RSA_R_N_DOES_NOT_EQUAL_P_Q ||\r
- Reason == RSA_R_D_E_NOT_CONGRUENT_TO_1) {\r
+ if ((Reason == RSA_R_P_NOT_PRIME) ||\r
+ (Reason == RSA_R_Q_NOT_PRIME) ||\r
+ (Reason == RSA_R_N_DOES_NOT_EQUAL_P_Q) ||\r
+ (Reason == RSA_R_D_E_NOT_CONGRUENT_TO_1))\r
+ {\r
return FALSE;\r
}\r
}\r
\r
If RsaContext is NULL, then return FALSE.\r
If MessageHash is NULL, then return FALSE.\r
- If HashSize is not equal to the size of MD5, SHA-1 or SHA-256 digest, then return FALSE.\r
+ If HashSize is not equal to the size of MD5, SHA-1, SHA-256, SHA-384 or SHA-512 digest, then return FALSE.\r
If SigSize is large enough but Signature is NULL, then return FALSE.\r
\r
@param[in] RsaContext Pointer to RSA context for signature generation.\r
IN OUT UINTN *SigSize\r
)\r
{\r
- RSA *Rsa;\r
- UINTN Size;\r
- INT32 DigestType;\r
+ RSA *Rsa;\r
+ UINTN Size;\r
+ INT32 DigestType;\r
\r
//\r
// Check input parameters.\r
//\r
- if (RsaContext == NULL || MessageHash == NULL) {\r
+ if ((RsaContext == NULL) || (MessageHash == NULL)) {\r
return FALSE;\r
}\r
\r
- Rsa = (RSA *) RsaContext;\r
- Size = BN_num_bytes (Rsa->n);\r
+ Rsa = (RSA *)RsaContext;\r
+ Size = RSA_size (Rsa);\r
\r
if (*SigSize < Size) {\r
*SigSize = Size;\r
return FALSE;\r
}\r
- \r
+\r
if (Signature == NULL) {\r
return FALSE;\r
}\r
- \r
+\r
//\r
// Determine the message digest algorithm according to digest size.\r
- // Only MD5, SHA-1 or SHA-256 algorithm is supported. \r
+ // Only MD5, SHA-1, SHA-256, SHA-384 or SHA-512 algorithm is supported.\r
//\r
switch (HashSize) {\r
- case MD5_DIGEST_SIZE:\r
- DigestType = NID_md5;\r
- break;\r
- \r
- case SHA1_DIGEST_SIZE:\r
- DigestType = NID_sha1;\r
- break;\r
- \r
- case SHA256_DIGEST_SIZE:\r
- DigestType = NID_sha256;\r
- break;\r
-\r
- default:\r
- return FALSE;\r
- } \r
-\r
- return (BOOLEAN) RSA_sign (\r
- DigestType,\r
- MessageHash,\r
- (UINT32) HashSize,\r
- Signature,\r
- (UINT32 *) SigSize,\r
- (RSA *) RsaContext\r
- );\r
+ case MD5_DIGEST_SIZE:\r
+ DigestType = NID_md5;\r
+ break;\r
+\r
+ case SHA1_DIGEST_SIZE:\r
+ DigestType = NID_sha1;\r
+ break;\r
+\r
+ case SHA256_DIGEST_SIZE:\r
+ DigestType = NID_sha256;\r
+ break;\r
+\r
+ case SHA384_DIGEST_SIZE:\r
+ DigestType = NID_sha384;\r
+ break;\r
+\r
+ case SHA512_DIGEST_SIZE:\r
+ DigestType = NID_sha512;\r
+ break;\r
+\r
+ default:\r
+ return FALSE;\r
+ }\r
+\r
+ return (BOOLEAN)RSA_sign (\r
+ DigestType,\r
+ MessageHash,\r
+ (UINT32)HashSize,\r
+ Signature,\r
+ (UINT32 *)SigSize,\r
+ (RSA *)RsaContext\r
+ );\r
}\r