[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLib / Pk / CryptPkcs1Oaep.c

/** @file\r
  This file contains UEFI wrapper functions for RSA PKCS1v2 OAEP encryption routines.\r
\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
  Copyright (C) 2016 Microsoft Corporation. All Rights Reserved.\r
  Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>\r
\r
**/\r
\r
#include "InternalCryptLib.h"\r
#include <openssl/objects.h>\r
#include <openssl/rsa.h>\r
#include <openssl/x509.h>\r
#include <Library/MemoryAllocationLib.h>\r
\r
/**\r
  Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the\r
  encrypted message in a newly allocated buffer.\r
\r
  Things that can cause a failure include:\r
  - X509 key size does not match any known key size.\r
  - Fail to parse X509 certificate.\r
  - Fail to allocate an intermediate buffer.\r
  - Null pointer provided for a non-optional parameter.\r
  - Data size is too large for the provided key size (max size is a function of key size\r
    and hash digest size).\r
\r
  @param[in]  PublicKey           A pointer to the DER-encoded X509 certificate that\r
                                  will be used to encrypt the data.\r
  @param[in]  PublicKeySize       Size of the X509 cert buffer.\r
  @param[in]  InData              Data to be encrypted.\r
  @param[in]  InDataSize          Size of the data buffer.\r
  @param[in]  PrngSeed            [Optional] If provided, a pointer to a random seed buffer\r
                                  to be used when initializing the PRNG. NULL otherwise.\r
  @param[in]  PrngSeedSize        [Optional] If provided, size of the random seed buffer.\r
                                  0 otherwise.\r
  @param[out] EncryptedData       Pointer to an allocated buffer containing the encrypted\r
                                  message.\r
  @param[out] EncryptedDataSize   Size of the encrypted message buffer.\r
\r
  @retval     TRUE                Encryption was successful.\r
  @retval     FALSE               Encryption failed.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
Pkcs1v2Encrypt (\r
  IN   CONST UINT8  *PublicKey,\r
  IN   UINTN        PublicKeySize,\r
  IN   UINT8        *InData,\r
  IN   UINTN        InDataSize,\r
  IN   CONST UINT8  *PrngSeed   OPTIONAL,\r
  IN   UINTN        PrngSeedSize   OPTIONAL,\r
  OUT  UINT8        **EncryptedData,\r
  OUT  UINTN        *EncryptedDataSize\r
  )\r
{\r
  BOOLEAN       Result;\r
  CONST UINT8   *TempPointer;\r
  X509          *CertData;\r
  EVP_PKEY      *InternalPublicKey;\r
  EVP_PKEY_CTX  *PkeyCtx;\r
  UINT8         *OutData;\r
  UINTN         OutDataSize;\r
\r
  //\r
  // Check input parameters.\r
  //\r
  if ((PublicKey == NULL) || (InData == NULL) ||\r
      (EncryptedData == NULL) || (EncryptedDataSize == NULL))\r
  {\r
    return FALSE;\r
  }\r
\r
  //\r
  // Check public key size.\r
  //\r
  if (PublicKeySize > 0xFFFFFFFF) {\r
    //\r
    // Public key size is too large for implementation.\r
    //\r
    return FALSE;\r
  }\r
\r
  *EncryptedData     = NULL;\r
  *EncryptedDataSize = 0;\r
  Result             = FALSE;\r
  TempPointer        = NULL;\r
  CertData           = NULL;\r
  InternalPublicKey  = NULL;\r
  PkeyCtx            = NULL;\r
  OutData            = NULL;\r
  OutDataSize        = 0;\r
\r
  //\r
  // If it provides a seed then use it.\r
  // Ohterwise, we'll seed with fixed values and hope that the PRNG has already been\r
  // used enough to generate sufficient entropy.\r
  //\r
  if (PrngSeed != NULL) {\r
    RandomSeed (PrngSeed, PrngSeedSize);\r
  } else {\r
    RandomSeed (NULL, 0);\r
  }\r
\r
  //\r
  // Parse the X509 cert and extract the public key.\r
  //\r
  TempPointer = PublicKey;\r
  CertData    = d2i_X509 (&CertData, &TempPointer, (UINT32)PublicKeySize);\r
  if (CertData == NULL) {\r
    //\r
    // Fail to parse X509 cert.\r
    //\r
    goto _Exit;\r
  }\r
\r
  //\r
  // Extract the public key from the x509 cert in a format that\r
  // OpenSSL can use.\r
  //\r
  InternalPublicKey = X509_get_pubkey (CertData);\r
  if (InternalPublicKey == NULL) {\r
    //\r
    // Fail to extract public key.\r
    //\r
    goto _Exit;\r
  }\r
\r
  //\r
  // Create a context for the public key operation.\r
  //\r
  PkeyCtx = EVP_PKEY_CTX_new (InternalPublicKey, NULL);\r
  if (PkeyCtx == NULL) {\r
    //\r
    // Fail to create contex.\r
    //\r
    goto _Exit;\r
  }\r
\r
  //\r
  // Initialize the context and set the desired padding.\r
  //\r
  if ((EVP_PKEY_encrypt_init (PkeyCtx) <= 0) ||\r
      (EVP_PKEY_CTX_set_rsa_padding (PkeyCtx, RSA_PKCS1_OAEP_PADDING) <= 0))\r
  {\r
    //\r
    // Fail to initialize the context.\r
    //\r
    goto _Exit;\r
  }\r
\r
  //\r
  // Determine the required buffer length for malloc'ing.\r
  //\r
  if (EVP_PKEY_encrypt (PkeyCtx, NULL, &OutDataSize, InData, InDataSize) <= 0) {\r
    //\r
    // Fail to determine output buffer size.\r
    //\r
    goto _Exit;\r
  }\r
\r
  //\r
  // Allocate a buffer for the output data.\r
  //\r
  OutData = AllocatePool (OutDataSize);\r
  if (OutData == NULL) {\r
    //\r
    // Fail to allocate the output buffer.\r
    //\r
    goto _Exit;\r
  }\r
\r
  //\r
  // Encrypt Data.\r
  //\r
  if (EVP_PKEY_encrypt (PkeyCtx, OutData, &OutDataSize, InData, InDataSize) <= 0) {\r
    //\r
    // Fail to encrypt data, need to free the output buffer.\r
    //\r
    FreePool (OutData);\r
    OutData     = NULL;\r
    OutDataSize = 0;\r
    goto _Exit;\r
  }\r
\r
  //\r
  // Encrypt done.\r
  //\r
  *EncryptedData     = OutData;\r
  *EncryptedDataSize = OutDataSize;\r
  Result             = TRUE;\r
\r
_Exit:\r
  //\r
  // Release Resources\r
  //\r
  if (CertData != NULL) {\r
    X509_free (CertData);\r
  }\r
\r
  if (InternalPublicKey != NULL) {\r
    EVP_PKEY_free (InternalPublicKey);\r
  }\r
\r
  if (PkeyCtx != NULL) {\r
    EVP_PKEY_CTX_free (PkeyCtx);\r
  }\r
\r
  return Result;\r
}\r
Commit	Line	Data
933f1990 BB	1	/** @file\r
	2	This file contains UEFI wrapper functions for RSA PKCS1v2 OAEP encryption routines.\r
	3	\r
	4	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	5	\r
	6	Copyright (C) 2016 Microsoft Corporation. All Rights Reserved.\r
	7	Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>\r
	8	\r
	9	**/\r
	10	\r
	11	#include "InternalCryptLib.h"\r
	12	#include <openssl/objects.h>\r
	13	#include <openssl/rsa.h>\r
	14	#include <openssl/x509.h>\r
	15	#include <Library/MemoryAllocationLib.h>\r
	16	\r
	17	/**\r
	18	Encrypts a blob using PKCS1v2 (RSAES-OAEP) schema. On success, will return the\r
	19	encrypted message in a newly allocated buffer.\r
	20	\r
	21	Things that can cause a failure include:\r
	22	- X509 key size does not match any known key size.\r
	23	- Fail to parse X509 certificate.\r
	24	- Fail to allocate an intermediate buffer.\r
	25	- Null pointer provided for a non-optional parameter.\r
	26	- Data size is too large for the provided key size (max size is a function of key size\r
	27	and hash digest size).\r
	28	\r
	29	@param[in] PublicKey A pointer to the DER-encoded X509 certificate that\r
	30	will be used to encrypt the data.\r
	31	@param[in] PublicKeySize Size of the X509 cert buffer.\r
	32	@param[in] InData Data to be encrypted.\r
	33	@param[in] InDataSize Size of the data buffer.\r
	34	@param[in] PrngSeed [Optional] If provided, a pointer to a random seed buffer\r
	35	to be used when initializing the PRNG. NULL otherwise.\r
	36	@param[in] PrngSeedSize [Optional] If provided, size of the random seed buffer.\r
	37	0 otherwise.\r
	38	@param[out] EncryptedData Pointer to an allocated buffer containing the encrypted\r
	39	message.\r
	40	@param[out] EncryptedDataSize Size of the encrypted message buffer.\r
	41	\r
	42	@retval TRUE Encryption was successful.\r
	43	@retval FALSE Encryption failed.\r
	44	\r
	45	**/\r
	46	BOOLEAN\r
	47	EFIAPI\r
	48	Pkcs1v2Encrypt (\r
	49	IN CONST UINT8 *PublicKey,\r
	50	IN UINTN PublicKeySize,\r
	51	IN UINT8 *InData,\r
	52	IN UINTN InDataSize,\r
c8f46130 MK	53	IN CONST UINT8 *PrngSeed OPTIONAL,\r
c8f46130 MK	54	IN UINTN PrngSeedSize OPTIONAL,\r
933f1990 BB	55	OUT UINT8 **EncryptedData,\r
	56	OUT UINTN *EncryptedDataSize\r
	57	)\r
	58	{\r
	59	BOOLEAN Result;\r
	60	CONST UINT8 *TempPointer;\r
	61	X509 *CertData;\r
	62	EVP_PKEY *InternalPublicKey;\r
	63	EVP_PKEY_CTX *PkeyCtx;\r
	64	UINT8 *OutData;\r
	65	UINTN OutDataSize;\r
	66	\r
	67	//\r
	68	// Check input parameters.\r
	69	//\r
7c342378 MK	70	if ((PublicKey == NULL) \|\| (InData == NULL) \|\|\r
	71	(EncryptedData == NULL) \|\| (EncryptedDataSize == NULL))\r
	72	{\r
933f1990 BB	73	return FALSE;\r
	74	}\r
	75	\r
	76	//\r
	77	// Check public key size.\r
	78	//\r
	79	if (PublicKeySize > 0xFFFFFFFF) {\r
	80	//\r
	81	// Public key size is too large for implementation.\r
	82	//\r
	83	return FALSE;\r
	84	}\r
	85	\r
7c342378 MK	86	*EncryptedData = NULL;\r
	87	*EncryptedDataSize = 0;\r
	88	Result = FALSE;\r
	89	TempPointer = NULL;\r
	90	CertData = NULL;\r
	91	InternalPublicKey = NULL;\r
	92	PkeyCtx = NULL;\r
	93	OutData = NULL;\r
	94	OutDataSize = 0;\r
933f1990 BB	95	\r
	96	//\r
	97	// If it provides a seed then use it.\r
	98	// Ohterwise, we'll seed with fixed values and hope that the PRNG has already been\r
	99	// used enough to generate sufficient entropy.\r
	100	//\r
	101	if (PrngSeed != NULL) {\r
	102	RandomSeed (PrngSeed, PrngSeedSize);\r
	103	} else {\r
	104	RandomSeed (NULL, 0);\r
	105	}\r
	106	\r
	107	//\r
	108	// Parse the X509 cert and extract the public key.\r
	109	//\r
	110	TempPointer = PublicKey;\r
7c342378	111	CertData = d2i_X509 (&CertData, &TempPointer, (UINT32)PublicKeySize);\r
933f1990 BB	112	if (CertData == NULL) {\r
	113	//\r
	114	// Fail to parse X509 cert.\r
	115	//\r
	116	goto _Exit;\r
	117	}\r
	118	\r
	119	//\r
	120	// Extract the public key from the x509 cert in a format that\r
	121	// OpenSSL can use.\r
	122	//\r
	123	InternalPublicKey = X509_get_pubkey (CertData);\r
	124	if (InternalPublicKey == NULL) {\r
	125	//\r
	126	// Fail to extract public key.\r
	127	//\r
	128	goto _Exit;\r
	129	}\r
	130	\r
	131	//\r
	132	// Create a context for the public key operation.\r
	133	//\r
	134	PkeyCtx = EVP_PKEY_CTX_new (InternalPublicKey, NULL);\r
	135	if (PkeyCtx == NULL) {\r
	136	//\r
	137	// Fail to create contex.\r
	138	//\r
	139	goto _Exit;\r
	140	}\r
7c342378	141	\r
933f1990 BB	142	//\r
	143	// Initialize the context and set the desired padding.\r
	144	//\r
7c342378 MK	145	if ((EVP_PKEY_encrypt_init (PkeyCtx) <= 0) \|\|\r
	146	(EVP_PKEY_CTX_set_rsa_padding (PkeyCtx, RSA_PKCS1_OAEP_PADDING) <= 0))\r
	147	{\r
933f1990 BB	148	//\r
	149	// Fail to initialize the context.\r
	150	//\r
	151	goto _Exit;\r
	152	}\r
	153	\r
	154	//\r
	155	// Determine the required buffer length for malloc'ing.\r
	156	//\r
	157	if (EVP_PKEY_encrypt (PkeyCtx, NULL, &OutDataSize, InData, InDataSize) <= 0) {\r
	158	//\r
	159	// Fail to determine output buffer size.\r
	160	//\r
	161	goto _Exit;\r
	162	}\r
	163	\r
	164	//\r
	165	// Allocate a buffer for the output data.\r
	166	//\r
	167	OutData = AllocatePool (OutDataSize);\r
	168	if (OutData == NULL) {\r
	169	//\r
	170	// Fail to allocate the output buffer.\r
	171	//\r
	172	goto _Exit;\r
	173	}\r
	174	\r
	175	//\r
	176	// Encrypt Data.\r
	177	//\r
	178	if (EVP_PKEY_encrypt (PkeyCtx, OutData, &OutDataSize, InData, InDataSize) <= 0) {\r
	179	//\r
	180	// Fail to encrypt data, need to free the output buffer.\r
	181	//\r
	182	FreePool (OutData);\r
7c342378	183	OutData = NULL;\r
933f1990 BB	184	OutDataSize = 0;\r
	185	goto _Exit;\r
	186	}\r
	187	\r
	188	//\r
	189	// Encrypt done.\r
	190	//\r
7c342378	191	*EncryptedData = OutData;\r
933f1990	192	*EncryptedDataSize = OutDataSize;\r
7c342378	193	Result = TRUE;\r
933f1990 BB	194	\r
	195	_Exit:\r
	196	//\r
	197	// Release Resources\r
	198	//\r
	199	if (CertData != NULL) {\r
7c342378	200	X509_free (CertData);\r
933f1990	201	}\r
7c342378	202	\r
933f1990 BB	203	if (InternalPublicKey != NULL) {\r
	204	EVP_PKEY_free (InternalPublicKey);\r
	205	}\r
7c342378	206	\r
933f1990 BB	207	if (PkeyCtx != NULL) {\r
	208	EVP_PKEY_CTX_free (PkeyCtx);\r
	209	}\r
	210	\r
	211	return Result;\r
	212	}\r