[mirror_edk2.git] / CryptoPkg / Library / BaseCryptLib / Pk / CryptRsaExt.c

/** @file\r
  RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.\r
\r
  This file implements following APIs which provide more capabilities for RSA:\r
  1) RsaGetKey\r
  2) RsaGenerateKey\r
  3) RsaCheckKey\r
  4) RsaPkcs1Sign\r
\r
Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution.  The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#include "InternalCryptLib.h"\r
\r
#include <openssl/bn.h>\r
#include <openssl/rsa.h>\r
#include <openssl/err.h>\r
#include <openssl/objects.h>\r
\r
/**\r
  Gets the tag-designated RSA key component from the established RSA context.\r
\r
  This function retrieves the tag-designated RSA key component from the\r
  established RSA context as a non-negative integer (octet string format\r
  represented in RSA PKCS#1).\r
  If specified key component has not been set or has been cleared, then returned\r
  BnSize is set to 0.\r
  If the BigNumber buffer is too small to hold the contents of the key, FALSE\r
  is returned and BnSize is set to the required buffer size to obtain the key.\r
\r
  If RsaContext is NULL, then return FALSE.\r
  If BnSize is NULL, then return FALSE.\r
  If BnSize is large enough but BigNumber is NULL, then return FALSE.\r
\r
  @param[in, out]  RsaContext  Pointer to RSA context being set.\r
  @param[in]       KeyTag      Tag of RSA key component being set.\r
  @param[out]      BigNumber   Pointer to octet integer buffer.\r
  @param[in, out]  BnSize      On input, the size of big number buffer in bytes.\r
                               On output, the size of data returned in big number buffer in bytes.\r
\r
  @retval  TRUE   RSA key component was retrieved successfully.\r
  @retval  FALSE  Invalid RSA key component tag.\r
  @retval  FALSE  BnSize is too small.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
RsaGetKey (\r
  IN OUT  VOID         *RsaContext,\r
  IN      RSA_KEY_TAG  KeyTag,\r
  OUT     UINT8        *BigNumber,\r
  IN OUT  UINTN        *BnSize\r
  )\r
{\r
  RSA    *RsaKey;\r
  BIGNUM *BnKey;\r
  UINTN  Size;\r
\r
  //\r
  // Check input parameters.\r
  //\r
  if (RsaContext == NULL || BnSize == NULL) {\r
    return FALSE;\r
  }\r
\r
  RsaKey  = (RSA *) RsaContext;\r
  Size    = *BnSize;\r
  *BnSize = 0;\r
  BnKey   = NULL;\r
\r
  switch (KeyTag) {\r
\r
  //\r
  // RSA Public Modulus (N)\r
  //\r
  case RsaKeyN:\r
    RSA_get0_key (RsaKey, (const BIGNUM **)&BnKey, NULL, NULL);\r
    break;\r
\r
  //\r
  // RSA Public Exponent (e)\r
  //\r
  case RsaKeyE:\r
    RSA_get0_key (RsaKey, NULL, (const BIGNUM **)&BnKey, NULL);\r
    break;\r
\r
  //\r
  // RSA Private Exponent (d)\r
  //\r
  case RsaKeyD:\r
    RSA_get0_key (RsaKey, NULL, NULL, (const BIGNUM **)&BnKey);\r
    break;\r
\r
  //\r
  // RSA Secret Prime Factor of Modulus (p)\r
  //\r
  case RsaKeyP:\r
    RSA_get0_factors (RsaKey, (const BIGNUM **)&BnKey, NULL);\r
    break;\r
\r
  //\r
  // RSA Secret Prime Factor of Modules (q)\r
  //\r
  case RsaKeyQ:\r
    RSA_get0_factors (RsaKey, NULL, (const BIGNUM **)&BnKey);\r
    break;\r
\r
  //\r
  // p's CRT Exponent (== d mod (p - 1))\r
  //\r
  case RsaKeyDp:\r
    RSA_get0_crt_params (RsaKey, (const BIGNUM **)&BnKey, NULL, NULL);\r
    break;\r
\r
  //\r
  // q's CRT Exponent (== d mod (q - 1))\r
  //\r
  case RsaKeyDq:\r
    RSA_get0_crt_params (RsaKey, NULL, (const BIGNUM **)&BnKey, NULL);\r
    break;\r
\r
  //\r
  // The CRT Coefficient (== 1/q mod p)\r
  //\r
  case RsaKeyQInv:\r
    RSA_get0_crt_params (RsaKey, NULL, NULL, (const BIGNUM **)&BnKey);\r
    break;\r
\r
  default:\r
    return FALSE;\r
  }\r
\r
  if (BnKey == NULL) {\r
    return FALSE;\r
  }\r
\r
  *BnSize = Size;\r
  Size    = BN_num_bytes (BnKey);\r
\r
  if (*BnSize < Size) {\r
    *BnSize = Size;\r
    return FALSE;\r
  }\r
\r
  if (BigNumber == NULL) {\r
    *BnSize = Size;\r
    return TRUE;\r
  }\r
  *BnSize = BN_bn2bin (BnKey, BigNumber) ;\r
\r
  return TRUE;\r
}\r
\r
/**\r
  Generates RSA key components.\r
\r
  This function generates RSA key components. It takes RSA public exponent E and\r
  length in bits of RSA modulus N as input, and generates all key components.\r
  If PublicExponent is NULL, the default RSA public exponent (0x10001) will be used.\r
\r
  Before this function can be invoked, pseudorandom number generator must be correctly\r
  initialized by RandomSeed().\r
\r
  If RsaContext is NULL, then return FALSE.\r
\r
  @param[in, out]  RsaContext           Pointer to RSA context being set.\r
  @param[in]       ModulusLength        Length of RSA modulus N in bits.\r
  @param[in]       PublicExponent       Pointer to RSA public exponent.\r
  @param[in]       PublicExponentSize   Size of RSA public exponent buffer in bytes. \r
\r
  @retval  TRUE   RSA key component was generated successfully.\r
  @retval  FALSE  Invalid RSA key component tag.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
RsaGenerateKey (\r
  IN OUT  VOID         *RsaContext,\r
  IN      UINTN        ModulusLength,\r
  IN      CONST UINT8  *PublicExponent,\r
  IN      UINTN        PublicExponentSize\r
  )\r
{\r
  BIGNUM   *KeyE;\r
  BOOLEAN  RetVal;\r
\r
  //\r
  // Check input parameters.\r
  //\r
  if (RsaContext == NULL || ModulusLength > INT_MAX || PublicExponentSize > INT_MAX) {\r
    return FALSE;\r
  }\r
\r
  KeyE = BN_new ();\r
  if (KeyE == NULL) {\r
    return FALSE;\r
  }\r
\r
  RetVal = FALSE;\r
\r
  if (PublicExponent == NULL) {\r
    if (BN_set_word (KeyE, 0x10001) == 0) {\r
      goto _Exit;\r
    }\r
  } else {\r
    if (BN_bin2bn (PublicExponent, (UINT32) PublicExponentSize, KeyE) == NULL) {\r
      goto _Exit;\r
    }\r
  }\r
\r
  if (RSA_generate_key_ex ((RSA *) RsaContext, (UINT32) ModulusLength, KeyE, NULL) == 1) {\r
   RetVal = TRUE;\r
  }\r
\r
_Exit:\r
  BN_free (KeyE);\r
  return RetVal;\r
}\r
\r
/**\r
  Validates key components of RSA context. \r
  NOTE: This function performs integrity checks on all the RSA key material, so\r
        the RSA key structure must contain all the private key data.\r
\r
  This function validates key components of RSA context in following aspects:\r
  - Whether p is a prime\r
  - Whether q is a prime\r
  - Whether n = p * q\r
  - Whether d*e = 1  mod lcm(p-1,q-1)\r
\r
  If RsaContext is NULL, then return FALSE.\r
\r
  @param[in]  RsaContext  Pointer to RSA context to check.\r
\r
  @retval  TRUE   RSA key components are valid.\r
  @retval  FALSE  RSA key components are not valid.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
RsaCheckKey (\r
  IN  VOID  *RsaContext\r
  )\r
{\r
  UINTN  Reason;\r
\r
  //\r
  // Check input parameters.\r
  //\r
  if (RsaContext == NULL) {\r
    return FALSE;\r
  }\r
\r
  if  (RSA_check_key ((RSA *) RsaContext) != 1) {\r
    Reason = ERR_GET_REASON (ERR_peek_last_error ());\r
    if (Reason == RSA_R_P_NOT_PRIME ||\r
        Reason == RSA_R_Q_NOT_PRIME ||\r
        Reason == RSA_R_N_DOES_NOT_EQUAL_P_Q ||\r
        Reason == RSA_R_D_E_NOT_CONGRUENT_TO_1) {\r
      return FALSE;\r
    }\r
  }\r
\r
  return TRUE;\r
}\r
\r
/**\r
  Carries out the RSA-SSA signature generation with EMSA-PKCS1-v1_5 encoding scheme.\r
\r
  This function carries out the RSA-SSA signature generation with EMSA-PKCS1-v1_5 encoding scheme defined in\r
  RSA PKCS#1.\r
  If the Signature buffer is too small to hold the contents of signature, FALSE\r
  is returned and SigSize is set to the required buffer size to obtain the signature.\r
\r
  If RsaContext is NULL, then return FALSE.\r
  If MessageHash is NULL, then return FALSE.\r
  If HashSize is not equal to the size of MD5, SHA-1 or SHA-256 digest, then return FALSE.\r
  If SigSize is large enough but Signature is NULL, then return FALSE.\r
\r
  @param[in]       RsaContext   Pointer to RSA context for signature generation.\r
  @param[in]       MessageHash  Pointer to octet message hash to be signed.\r
  @param[in]       HashSize     Size of the message hash in bytes.\r
  @param[out]      Signature    Pointer to buffer to receive RSA PKCS1-v1_5 signature.\r
  @param[in, out]  SigSize      On input, the size of Signature buffer in bytes.\r
                                On output, the size of data returned in Signature buffer in bytes.\r
\r
  @retval  TRUE   Signature successfully generated in PKCS1-v1_5.\r
  @retval  FALSE  Signature generation failed.\r
  @retval  FALSE  SigSize is too small.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
RsaPkcs1Sign (\r
  IN      VOID         *RsaContext,\r
  IN      CONST UINT8  *MessageHash,\r
  IN      UINTN        HashSize,\r
  OUT     UINT8        *Signature,\r
  IN OUT  UINTN        *SigSize\r
  )\r
{\r
  RSA      *Rsa;\r
  UINTN    Size;\r
  INT32    DigestType;\r
\r
  //\r
  // Check input parameters.\r
  //\r
  if (RsaContext == NULL || MessageHash == NULL) {\r
    return FALSE;\r
  }\r
\r
  Rsa = (RSA *) RsaContext;\r
  Size = RSA_size (Rsa);\r
\r
  if (*SigSize < Size) {\r
    *SigSize = Size;\r
    return FALSE;\r
  }\r
\r
  if (Signature == NULL) {\r
    return FALSE;\r
  }\r
\r
  //\r
  // Determine the message digest algorithm according to digest size.\r
  //   Only MD5, SHA-1 or SHA-256 algorithm is supported. \r
  //\r
  switch (HashSize) {\r
  case MD5_DIGEST_SIZE:\r
    DigestType = NID_md5;\r
    break;\r
\r
  case SHA1_DIGEST_SIZE:\r
    DigestType = NID_sha1;\r
    break;\r
\r
  case SHA256_DIGEST_SIZE:\r
    DigestType = NID_sha256;\r
    break;\r
\r
  default:\r
    return FALSE;\r
  }\r
\r
  return (BOOLEAN) RSA_sign (\r
                     DigestType,\r
                     MessageHash,\r
                     (UINT32) HashSize,\r
                     Signature,\r
                     (UINT32 *) SigSize,\r
                     (RSA *) RsaContext\r
                     );\r
}\r
Commit	Line	Data
532616bb	1	/** @file\r
	2	RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.\r
	3	\r
	4	This file implements following APIs which provide more capabilities for RSA:\r
	5	1) RsaGetKey\r
	6	2) RsaGenerateKey\r
	7	3) RsaCheckKey\r
	8	4) RsaPkcs1Sign\r
	9	\r
f56b11d2	10	Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>\r
532616bb	11	This program and the accompanying materials\r
	12	are licensed and made available under the terms and conditions of the BSD License\r
	13	which accompanies this distribution. The full text of the license may be found at\r
	14	http://opensource.org/licenses/bsd-license.php\r
	15	\r
	16	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	17	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	18	\r
	19	**/\r
	20	\r
	21	#include "InternalCryptLib.h"\r
	22	\r
1cae0c83	23	#include <openssl/bn.h>\r
532616bb	24	#include <openssl/rsa.h>\r
532616bb	25	#include <openssl/err.h>\r
86b5c3ee	26	#include <openssl/objects.h>\r
532616bb	27	\r
	28	/**\r
	29	Gets the tag-designated RSA key component from the established RSA context.\r
	30	\r
	31	This function retrieves the tag-designated RSA key component from the\r
	32	established RSA context as a non-negative integer (octet string format\r
	33	represented in RSA PKCS#1).\r
	34	If specified key component has not been set or has been cleared, then returned\r
	35	BnSize is set to 0.\r
	36	If the BigNumber buffer is too small to hold the contents of the key, FALSE\r
	37	is returned and BnSize is set to the required buffer size to obtain the key.\r
	38	\r
	39	If RsaContext is NULL, then return FALSE.\r
	40	If BnSize is NULL, then return FALSE.\r
	41	If BnSize is large enough but BigNumber is NULL, then return FALSE.\r
	42	\r
	43	@param[in, out] RsaContext Pointer to RSA context being set.\r
	44	@param[in] KeyTag Tag of RSA key component being set.\r
	45	@param[out] BigNumber Pointer to octet integer buffer.\r
	46	@param[in, out] BnSize On input, the size of big number buffer in bytes.\r
	47	On output, the size of data returned in big number buffer in bytes.\r
	48	\r
	49	@retval TRUE RSA key component was retrieved successfully.\r
	50	@retval FALSE Invalid RSA key component tag.\r
	51	@retval FALSE BnSize is too small.\r
	52	\r
	53	**/\r
	54	BOOLEAN\r
	55	EFIAPI\r
	56	RsaGetKey (\r
	57	IN OUT VOID *RsaContext,\r
	58	IN RSA_KEY_TAG KeyTag,\r
	59	OUT UINT8 *BigNumber,\r
	60	IN OUT UINTN *BnSize\r
	61	)\r
	62	{\r
	63	RSA *RsaKey;\r
	64	BIGNUM *BnKey;\r
	65	UINTN Size;\r
	66	\r
	67	//\r
	68	// Check input parameters.\r
	69	//\r
	70	if (RsaContext == NULL \|\| BnSize == NULL) {\r
	71	return FALSE;\r
	72	}\r
	73	\r
	74	RsaKey = (RSA *) RsaContext;\r
	75	Size = *BnSize;\r
	76	*BnSize = 0;\r
f56b11d2	77	BnKey = NULL;\r
532616bb	78	\r
	79	switch (KeyTag) {\r
	80	\r
	81	//\r
	82	// RSA Public Modulus (N)\r
	83	//\r
	84	case RsaKeyN:\r
f56b11d2	85	RSA_get0_key (RsaKey, (const BIGNUM **)&BnKey, NULL, NULL);\r
532616bb	86	break;\r
	87	\r
	88	//\r
	89	// RSA Public Exponent (e)\r
	90	//\r
	91	case RsaKeyE:\r
f56b11d2	92	RSA_get0_key (RsaKey, NULL, (const BIGNUM **)&BnKey, NULL);\r
532616bb	93	break;\r
	94	\r
	95	//\r
	96	// RSA Private Exponent (d)\r
	97	//\r
	98	case RsaKeyD:\r
f56b11d2	99	RSA_get0_key (RsaKey, NULL, NULL, (const BIGNUM **)&BnKey);\r
532616bb	100	break;\r
	101	\r
	102	//\r
	103	// RSA Secret Prime Factor of Modulus (p)\r
	104	//\r
	105	case RsaKeyP:\r
f56b11d2	106	RSA_get0_factors (RsaKey, (const BIGNUM **)&BnKey, NULL);\r
532616bb	107	break;\r
	108	\r
	109	//\r
	110	// RSA Secret Prime Factor of Modules (q)\r
	111	//\r
	112	case RsaKeyQ:\r
f56b11d2	113	RSA_get0_factors (RsaKey, NULL, (const BIGNUM **)&BnKey);\r
532616bb	114	break;\r
	115	\r
	116	//\r
	117	// p's CRT Exponent (== d mod (p - 1))\r
	118	//\r
	119	case RsaKeyDp:\r
f56b11d2	120	RSA_get0_crt_params (RsaKey, (const BIGNUM **)&BnKey, NULL, NULL);\r
532616bb	121	break;\r
	122	\r
	123	//\r
	124	// q's CRT Exponent (== d mod (q - 1))\r
	125	//\r
	126	case RsaKeyDq:\r
f56b11d2	127	RSA_get0_crt_params (RsaKey, NULL, (const BIGNUM **)&BnKey, NULL);\r
532616bb	128	break;\r
	129	\r
	130	//\r
	131	// The CRT Coefficient (== 1/q mod p)\r
	132	//\r
	133	case RsaKeyQInv:\r
f56b11d2	134	RSA_get0_crt_params (RsaKey, NULL, NULL, (const BIGNUM **)&BnKey);\r
532616bb	135	break;\r
	136	\r
	137	default:\r
	138	return FALSE;\r
	139	}\r
	140	\r
f56b11d2 QL	141	if (BnKey == NULL) {\r
	142	return FALSE;\r
	143	}\r
	144	\r
532616bb	145	*BnSize = Size;\r
	146	Size = BN_num_bytes (BnKey);\r
	147	\r
	148	if (*BnSize < Size) {\r
	149	*BnSize = Size;\r
	150	return FALSE;\r
	151	}\r
	152	\r
	153	if (BigNumber == NULL) {\r
f56b11d2 QL	154	*BnSize = Size;\r
f56b11d2 QL	155	return TRUE;\r
532616bb	156	}\r
532616bb	157	*BnSize = BN_bn2bin (BnKey, BigNumber) ;\r
f56b11d2	158	\r
532616bb	159	return TRUE;\r
	160	}\r
	161	\r
	162	/**\r
	163	Generates RSA key components.\r
	164	\r
	165	This function generates RSA key components. It takes RSA public exponent E and\r
	166	length in bits of RSA modulus N as input, and generates all key components.\r
	167	If PublicExponent is NULL, the default RSA public exponent (0x10001) will be used.\r
	168	\r
	169	Before this function can be invoked, pseudorandom number generator must be correctly\r
	170	initialized by RandomSeed().\r
	171	\r
	172	If RsaContext is NULL, then return FALSE.\r
	173	\r
	174	@param[in, out] RsaContext Pointer to RSA context being set.\r
	175	@param[in] ModulusLength Length of RSA modulus N in bits.\r
	176	@param[in] PublicExponent Pointer to RSA public exponent.\r
	177	@param[in] PublicExponentSize Size of RSA public exponent buffer in bytes. \r
	178	\r
	179	@retval TRUE RSA key component was generated successfully.\r
	180	@retval FALSE Invalid RSA key component tag.\r
	181	\r
	182	**/\r
	183	BOOLEAN\r
	184	EFIAPI\r
	185	RsaGenerateKey (\r
	186	IN OUT VOID *RsaContext,\r
	187	IN UINTN ModulusLength,\r
	188	IN CONST UINT8 *PublicExponent,\r
	189	IN UINTN PublicExponentSize\r
	190	)\r
	191	{\r
	192	BIGNUM *KeyE;\r
	193	BOOLEAN RetVal;\r
	194	\r
	195	//\r
	196	// Check input parameters.\r
	197	//\r
dda39f3a	198	if (RsaContext == NULL \|\| ModulusLength > INT_MAX \|\| PublicExponentSize > INT_MAX) {\r
532616bb	199	return FALSE;\r
532616bb	200	}\r
f56b11d2	201	\r
532616bb	202	KeyE = BN_new ();\r
dda39f3a	203	if (KeyE == NULL) {\r
	204	return FALSE;\r
	205	}\r
	206	\r
	207	RetVal = FALSE;\r
f56b11d2	208	\r
532616bb	209	if (PublicExponent == NULL) {\r
dda39f3a	210	if (BN_set_word (KeyE, 0x10001) == 0) {\r
	211	goto _Exit;\r
	212	}\r
532616bb	213	} else {\r
dda39f3a	214	if (BN_bin2bn (PublicExponent, (UINT32) PublicExponentSize, KeyE) == NULL) {\r
	215	goto _Exit;\r
	216	}\r
532616bb	217	}\r
532616bb	218	\r
532616bb	219	if (RSA_generate_key_ex ((RSA *) RsaContext, (UINT32) ModulusLength, KeyE, NULL) == 1) {\r
	220	RetVal = TRUE;\r
	221	}\r
	222	\r
dda39f3a	223	_Exit:\r
532616bb	224	BN_free (KeyE);\r
	225	return RetVal;\r
	226	}\r
	227	\r
	228	/**\r
952bd229 QL	229	Validates key components of RSA context. \r
	230	NOTE: This function performs integrity checks on all the RSA key material, so\r
	231	the RSA key structure must contain all the private key data.\r
532616bb	232	\r
2998af86	233	This function validates key components of RSA context in following aspects:\r
532616bb	234	- Whether p is a prime\r
	235	- Whether q is a prime\r
	236	- Whether n = p * q\r
	237	- Whether d*e = 1 mod lcm(p-1,q-1)\r
	238	\r
	239	If RsaContext is NULL, then return FALSE.\r
	240	\r
	241	@param[in] RsaContext Pointer to RSA context to check.\r
	242	\r
	243	@retval TRUE RSA key components are valid.\r
	244	@retval FALSE RSA key components are not valid.\r
	245	\r
	246	**/\r
	247	BOOLEAN\r
	248	EFIAPI\r
	249	RsaCheckKey (\r
	250	IN VOID *RsaContext\r
	251	)\r
	252	{\r
	253	UINTN Reason;\r
	254	\r
	255	//\r
	256	// Check input parameters.\r
	257	//\r
	258	if (RsaContext == NULL) {\r
	259	return FALSE;\r
	260	}\r
f56b11d2	261	\r
532616bb	262	if (RSA_check_key ((RSA *) RsaContext) != 1) {\r
	263	Reason = ERR_GET_REASON (ERR_peek_last_error ());\r
	264	if (Reason == RSA_R_P_NOT_PRIME \|\|\r
	265	Reason == RSA_R_Q_NOT_PRIME \|\|\r
	266	Reason == RSA_R_N_DOES_NOT_EQUAL_P_Q \|\|\r
	267	Reason == RSA_R_D_E_NOT_CONGRUENT_TO_1) {\r
	268	return FALSE;\r
	269	}\r
	270	}\r
	271	\r
	272	return TRUE;\r
	273	}\r
	274	\r
532616bb	275	/**\r
	276	Carries out the RSA-SSA signature generation with EMSA-PKCS1-v1_5 encoding scheme.\r
	277	\r
	278	This function carries out the RSA-SSA signature generation with EMSA-PKCS1-v1_5 encoding scheme defined in\r
	279	RSA PKCS#1.\r
	280	If the Signature buffer is too small to hold the contents of signature, FALSE\r
	281	is returned and SigSize is set to the required buffer size to obtain the signature.\r
	282	\r
	283	If RsaContext is NULL, then return FALSE.\r
	284	If MessageHash is NULL, then return FALSE.\r
	285	If HashSize is not equal to the size of MD5, SHA-1 or SHA-256 digest, then return FALSE.\r
	286	If SigSize is large enough but Signature is NULL, then return FALSE.\r
	287	\r
	288	@param[in] RsaContext Pointer to RSA context for signature generation.\r
	289	@param[in] MessageHash Pointer to octet message hash to be signed.\r
	290	@param[in] HashSize Size of the message hash in bytes.\r
	291	@param[out] Signature Pointer to buffer to receive RSA PKCS1-v1_5 signature.\r
	292	@param[in, out] SigSize On input, the size of Signature buffer in bytes.\r
	293	On output, the size of data returned in Signature buffer in bytes.\r
	294	\r
	295	@retval TRUE Signature successfully generated in PKCS1-v1_5.\r
	296	@retval FALSE Signature generation failed.\r
	297	@retval FALSE SigSize is too small.\r
	298	\r
	299	**/\r
	300	BOOLEAN\r
	301	EFIAPI\r
	302	RsaPkcs1Sign (\r
	303	IN VOID *RsaContext,\r
	304	IN CONST UINT8 *MessageHash,\r
	305	IN UINTN HashSize,\r
	306	OUT UINT8 *Signature,\r
	307	IN OUT UINTN *SigSize\r
	308	)\r
	309	{\r
	310	RSA *Rsa;\r
	311	UINTN Size;\r
86b5c3ee	312	INT32 DigestType;\r
532616bb	313	\r
	314	//\r
	315	// Check input parameters.\r
	316	//\r
86b5c3ee	317	if (RsaContext == NULL \|\| MessageHash == NULL) {\r
532616bb	318	return FALSE;\r
	319	}\r
	320	\r
	321	Rsa = (RSA *) RsaContext;\r
f56b11d2	322	Size = RSA_size (Rsa);\r
532616bb	323	\r
	324	if (*SigSize < Size) {\r
	325	*SigSize = Size;\r
	326	return FALSE;\r
	327	}\r
f56b11d2	328	\r
532616bb	329	if (Signature == NULL) {\r
	330	return FALSE;\r
	331	}\r
f56b11d2	332	\r
86b5c3ee	333	//\r
	334	// Determine the message digest algorithm according to digest size.\r
	335	// Only MD5, SHA-1 or SHA-256 algorithm is supported. \r
	336	//\r
	337	switch (HashSize) {\r
	338	case MD5_DIGEST_SIZE:\r
	339	DigestType = NID_md5;\r
	340	break;\r
f56b11d2	341	\r
86b5c3ee	342	case SHA1_DIGEST_SIZE:\r
	343	DigestType = NID_sha1;\r
	344	break;\r
f56b11d2	345	\r
86b5c3ee	346	case SHA256_DIGEST_SIZE:\r
	347	DigestType = NID_sha256;\r
	348	break;\r
532616bb	349	\r
86b5c3ee	350	default:\r
532616bb	351	return FALSE;\r
f56b11d2	352	}\r
86b5c3ee	353	\r
	354	return (BOOLEAN) RSA_sign (\r
	355	DigestType,\r
	356	MessageHash,\r
	357	(UINT32) HashSize,\r
	358	Signature,\r
	359	(UINT32 *) SigSize,\r
	360	(RSA *) RsaContext\r
	361	);\r
532616bb	362	}\r