/* Implementation of cryptographic primitives for RSA */
/* Written by Ken Goldman */
/* IBM Thomas J. Watson Research Center */
-/* $Id: CryptRsa.c 1594 2020-03-26 22:15:48Z kgoldman $ */
+/* $Id: CryptRsa.c 1658 2021-01-22 23:14:01Z kgoldman $ */
/* */
/* Licenses and Notices */
/* */
/* arising in any way out of use or reliance upon this specification or any */
/* information herein. */
/* */
-/* (c) Copyright IBM Corp. and others, 2016 - 2020 */
+/* (c) Copyright IBM Corp. and others, 2016 - 2021 */
/* */
/********************************************************************************/
// Make sure that pSize has not gone over the end and that there are at least 8
// bytes of pad data.
fail = (pSize > coded->size) | fail;
- fail = ((pSize - 2) < 8) | fail;
+ fail = ((pSize - 2) <= 8) | fail;
if((message->size < (UINT16)(coded->size - pSize)) || fail)
return TPM_RC_VALUE;
message->size = coded->size - pSize;
TPM_RC retVal = TPM_RC_SUCCESS;
if(!rsaKey->attributes.privateExp)
{
- TEST(ALG_NULL_VALUE);
+ TEST(TPM_ALG_NULL);
// Make sure that the bigNum used for the exponent is properly initialized
RsaInitializeExponent(&rsaKey->privateExponent);
// Find the second prime by division
TEST(scheme->scheme);
switch(scheme->scheme)
{
- case ALG_NULL_VALUE: // 'raw' encryption
+ case TPM_ALG_NULL: // 'raw' encryption
{
INT32 i;
INT32 dSize = dIn->size;
// the modulus. If it is, then RSAEP() will catch it.
}
break;
- case ALG_RSAES_VALUE:
+ case TPM_ALG_RSAES:
retVal = RSAES_PKCS1v1_5Encode(&cOut->b, dIn, rand);
break;
- case ALG_OAEP_VALUE:
+ case TPM_ALG_OAEP:
retVal = OaepEncode(&cOut->b, scheme->details.oaep.hashAlg, label, dIn,
rand);
break;
// Remove padding
switch(scheme->scheme)
{
- case ALG_NULL_VALUE:
+ case TPM_ALG_NULL:
if(dOut->size < cIn->size)
return TPM_RC_VALUE;
MemoryCopy2B(dOut, cIn, dOut->size);
break;
- case ALG_RSAES_VALUE:
+ case TPM_ALG_RSAES:
retVal = RSAES_Decode(dOut, cIn);
break;
- case ALG_OAEP_VALUE:
+ case TPM_ALG_OAEP:
retVal = OaepDecode(dOut, scheme->details.oaep.hashAlg, label, cIn);
break;
default:
TEST(sigOut->sigAlg);
switch(sigOut->sigAlg)
{
- case ALG_NULL_VALUE:
+ case TPM_ALG_NULL:
sigOut->signature.rsapss.sig.t.size = 0;
return TPM_RC_SUCCESS;
- case ALG_RSAPSS_VALUE:
+ case TPM_ALG_RSAPSS:
retVal = PssEncode(&sigOut->signature.rsapss.sig.b,
sigOut->signature.rsapss.hash, &hIn->b, rand);
break;
- case ALG_RSASSA_VALUE:
+ case TPM_ALG_RSASSA:
retVal = RSASSA_Encode(&sigOut->signature.rsassa.sig.b,
sigOut->signature.rsassa.hash, &hIn->b);
break;
pAssert(key != NULL && sig != NULL && digest != NULL);
switch(sig->sigAlg)
{
- case ALG_RSAPSS_VALUE:
- case ALG_RSASSA_VALUE:
+ case TPM_ALG_RSAPSS:
+ case TPM_ALG_RSASSA:
break;
default:
return TPM_RC_SCHEME;
{
switch(sig->sigAlg)
{
- case ALG_RSAPSS_VALUE:
+ case TPM_ALG_RSAPSS:
retVal = PssDecode(sig->signature.any.hashAlg, &digest->b,
&sig->signature.rsassa.sig.b);
break;
- case ALG_RSASSA_VALUE:
+ case TPM_ALG_RSASSA:
retVal = RSASSA_Decode(sig->signature.any.hashAlg, &digest->b,
&sig->signature.rsassa.sig.b);
break;
return TPM_RC_SUCCESS;
#endif
// Make sure that key generation has been tested
- TEST(ALG_NULL_VALUE);
+ TEST(TPM_ALG_NULL);
#if USE_OPENSSL_FUNCTIONS_RSA // libtpms added begin
if (rand == NULL)
return OpenSSLCryptRsaGenerateKey(rsaKey, e, keySizeInBits);
switch(scheme->scheme)
{
- case ALG_NULL_VALUE: // 'raw' encryption
+ case TPM_ALG_NULL: // 'raw' encryption
{
INT32 i;
INT32 dSize = dIn->size;
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING) <= 0)
ERROR_RETURN(TPM_RC_FAILURE);
break;
- case ALG_RSAES_VALUE:
+ case TPM_ALG_RSAES:
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
ERROR_RETURN(TPM_RC_FAILURE);
break;
- case ALG_OAEP_VALUE:
+ case TPM_ALG_OAEP:
digestname = GetDigestNameByHashAlg(scheme->details.oaep.hashAlg);
if (digestname == NULL)
ERROR_RETURN(TPM_RC_VALUE);
switch(scheme->scheme)
{
- case ALG_NULL_VALUE: // 'raw' encryption
+ case TPM_ALG_NULL: // 'raw' encryption
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING) <= 0)
ERROR_RETURN(TPM_RC_FAILURE);
break;
- case ALG_RSAES_VALUE:
+ case TPM_ALG_RSAES:
if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
ERROR_RETURN(TPM_RC_FAILURE);
break;
- case ALG_OAEP_VALUE:
+ case TPM_ALG_OAEP:
digestname = GetDigestNameByHashAlg(scheme->details.oaep.hashAlg);
if (digestname == NULL)
ERROR_RETURN(TPM_RC_VALUE);
if (tmp == NULL)
ERROR_RETURN(TPM_RC_FAILURE);
memcpy(tmp, label->buffer, label->size);
- }
- if (EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, tmp, label->size) <= 0)
- ERROR_RETURN(TPM_RC_FAILURE);
- tmp = NULL;
+ if (EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, tmp, label->size) <= 0)
+ ERROR_RETURN(TPM_RC_FAILURE);
+ tmp = NULL;
+ }
break;
default:
ERROR_RETURN(TPM_RC_SCHEME);
switch(sigOut->sigAlg)
{
- case ALG_NULL_VALUE:
+ case TPM_ALG_NULL:
sigOut->signature.rsapss.sig.t.size = 0;
return TPM_RC_SUCCESS;
- case ALG_RSAPSS_VALUE:
+ case TPM_ALG_RSAPSS:
padding = RSA_PKCS1_PSS_PADDING;
hashAlg = sigOut->signature.rsapss.hash;
break;
- case ALG_RSASSA_VALUE:
+ case TPM_ALG_RSASSA:
padding = RSA_PKCS1_PADDING;
hashAlg = sigOut->signature.rsassa.hash;
break;
pAssert(key != NULL && sig != NULL && digest != NULL);
switch(sig->sigAlg)
{
- case ALG_RSAPSS_VALUE:
+ case TPM_ALG_RSAPSS:
padding = RSA_PKCS1_PSS_PADDING;
break;
- case ALG_RSASSA_VALUE:
+ case TPM_ALG_RSASSA:
padding = RSA_PKCS1_PADDING;
break;
default: