3) RsaCheckKey\r
4) RsaPkcs1Sign\r
\r
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
\r
#include "InternalCryptLib.h"\r
\r
+#include <openssl/bn.h>\r
#include <openssl/rsa.h>\r
#include <openssl/err.h>\r
-\r
-//\r
-// ASN.1 value for Hash Algorithm ID with the Distringuished Encoding Rules (DER)\r
-// Refer to Section 9.2 of PKCS#1 v2.1\r
-// \r
-CONST UINT8 Asn1IdMd5[] = {\r
- 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08, 0x2a, 0x86,\r
- 0xf7, 0x0d, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10\r
- };\r
-\r
-CONST UINT8 Asn1IdSha1[] = {\r
- 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e,\r
- 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14\r
- };\r
-\r
-CONST UINT8 Asn1IdSha256[] = {\r
- 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,\r
- 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05,\r
- 0x00, 0x04, 0x20\r
- };\r
+#include <openssl/objects.h>\r
\r
/**\r
Gets the tag-designated RSA key component from the established RSA context.\r
RsaKey = (RSA *) RsaContext;\r
Size = *BnSize;\r
*BnSize = 0;\r
+ BnKey = NULL;\r
\r
switch (KeyTag) {\r
\r
// RSA Public Modulus (N)\r
//\r
case RsaKeyN:\r
- if (RsaKey->n == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->n;\r
+ RSA_get0_key (RsaKey, (const BIGNUM **)&BnKey, NULL, NULL);\r
break;\r
\r
//\r
// RSA Public Exponent (e)\r
//\r
case RsaKeyE:\r
- if (RsaKey->e == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->e;\r
+ RSA_get0_key (RsaKey, NULL, (const BIGNUM **)&BnKey, NULL);\r
break;\r
\r
//\r
// RSA Private Exponent (d)\r
//\r
case RsaKeyD:\r
- if (RsaKey->d == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->d;\r
+ RSA_get0_key (RsaKey, NULL, NULL, (const BIGNUM **)&BnKey);\r
break;\r
\r
//\r
// RSA Secret Prime Factor of Modulus (p)\r
//\r
case RsaKeyP:\r
- if (RsaKey->p == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->p;\r
+ RSA_get0_factors (RsaKey, (const BIGNUM **)&BnKey, NULL);\r
break;\r
\r
//\r
// RSA Secret Prime Factor of Modules (q)\r
//\r
case RsaKeyQ:\r
- if (RsaKey->q == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->q;\r
+ RSA_get0_factors (RsaKey, NULL, (const BIGNUM **)&BnKey);\r
break;\r
\r
//\r
// p's CRT Exponent (== d mod (p - 1))\r
//\r
case RsaKeyDp:\r
- if (RsaKey->dmp1 == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->dmp1;\r
+ RSA_get0_crt_params (RsaKey, (const BIGNUM **)&BnKey, NULL, NULL);\r
break;\r
\r
//\r
// q's CRT Exponent (== d mod (q - 1))\r
//\r
case RsaKeyDq:\r
- if (RsaKey->dmq1 == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->dmq1;\r
+ RSA_get0_crt_params (RsaKey, NULL, (const BIGNUM **)&BnKey, NULL);\r
break;\r
\r
//\r
// The CRT Coefficient (== 1/q mod p)\r
//\r
case RsaKeyQInv:\r
- if (RsaKey->iqmp == NULL) {\r
- return TRUE;\r
- }\r
- BnKey = RsaKey->iqmp;\r
+ RSA_get0_crt_params (RsaKey, NULL, NULL, (const BIGNUM **)&BnKey);\r
break;\r
\r
default:\r
return FALSE;\r
}\r
\r
+ if (BnKey == NULL) {\r
+ return FALSE;\r
+ }\r
+\r
*BnSize = Size;\r
Size = BN_num_bytes (BnKey);\r
\r
}\r
\r
if (BigNumber == NULL) {\r
- return FALSE;\r
+ *BnSize = Size;\r
+ return TRUE;\r
}\r
*BnSize = BN_bn2bin (BnKey, BigNumber) ;\r
- \r
+\r
return TRUE;\r
}\r
\r
@param[in, out] RsaContext Pointer to RSA context being set.\r
@param[in] ModulusLength Length of RSA modulus N in bits.\r
@param[in] PublicExponent Pointer to RSA public exponent.\r
- @param[in] PublicExponentSize Size of RSA public exponent buffer in bytes. \r
+ @param[in] PublicExponentSize Size of RSA public exponent buffer in bytes.\r
\r
@retval TRUE RSA key component was generated successfully.\r
@retval FALSE Invalid RSA key component tag.\r
//\r
// Check input parameters.\r
//\r
- if (RsaContext == NULL) {\r
+ if (RsaContext == NULL || ModulusLength > INT_MAX || PublicExponentSize > INT_MAX) {\r
return FALSE;\r
}\r
- \r
+\r
KeyE = BN_new ();\r
+ if (KeyE == NULL) {\r
+ return FALSE;\r
+ }\r
+\r
+ RetVal = FALSE;\r
+\r
if (PublicExponent == NULL) {\r
- BN_set_word (KeyE, 0x10001);\r
+ if (BN_set_word (KeyE, 0x10001) == 0) {\r
+ goto _Exit;\r
+ }\r
} else {\r
- BN_bin2bn (PublicExponent, (UINT32) PublicExponentSize, KeyE);\r
+ if (BN_bin2bn (PublicExponent, (UINT32) PublicExponentSize, KeyE) == NULL) {\r
+ goto _Exit;\r
+ }\r
}\r
\r
- RetVal = FALSE;\r
if (RSA_generate_key_ex ((RSA *) RsaContext, (UINT32) ModulusLength, KeyE, NULL) == 1) {\r
RetVal = TRUE;\r
}\r
\r
+_Exit:\r
BN_free (KeyE);\r
return RetVal;\r
}\r
\r
/**\r
Validates key components of RSA context.\r
+ NOTE: This function performs integrity checks on all the RSA key material, so\r
+ the RSA key structure must contain all the private key data.\r
\r
- This function validates key compoents of RSA context in following aspects:\r
+ This function validates key components of RSA context in following aspects:\r
- Whether p is a prime\r
- Whether q is a prime\r
- Whether n = p * q\r
if (RsaContext == NULL) {\r
return FALSE;\r
}\r
- \r
+\r
if (RSA_check_key ((RSA *) RsaContext) != 1) {\r
Reason = ERR_GET_REASON (ERR_peek_last_error ());\r
if (Reason == RSA_R_P_NOT_PRIME ||\r
return TRUE;\r
}\r
\r
-/**\r
- Performs the PKCS1-v1_5 encoding methods defined in RSA PKCS #1.\r
-\r
- @param Message Message buffer to be encoded.\r
- @param MessageSize Size of message buffer in bytes.\r
- @param DigestInfo Pointer to buffer of digest info for output.\r
-\r
- @return Size of DigestInfo in bytes.\r
-\r
-**/ \r
-UINTN\r
-DigestInfoEncoding (\r
- IN CONST UINT8 *Message,\r
- IN UINTN MessageSize,\r
- OUT UINT8 *DigestInfo\r
- )\r
-{\r
- CONST UINT8 *HashDer;\r
- UINTN DerSize;\r
-\r
- //\r
- // Check input parameters.\r
- //\r
- if (Message == NULL || DigestInfo == NULL) {\r
- return FALSE;\r
- }\r
-\r
- //\r
- // The original message length is used to determine the hash algorithm since\r
- // message is digest value hashed by the specified algorithm.\r
- //\r
- switch (MessageSize) {\r
- case MD5_DIGEST_SIZE:\r
- HashDer = Asn1IdMd5;\r
- DerSize = sizeof (Asn1IdMd5);\r
- break;\r
- \r
- case SHA1_DIGEST_SIZE:\r
- HashDer = Asn1IdSha1;\r
- DerSize = sizeof (Asn1IdSha1);\r
- break;\r
- \r
- case SHA256_DIGEST_SIZE:\r
- HashDer = Asn1IdSha256;\r
- DerSize = sizeof (Asn1IdSha256);\r
- break;\r
- \r
- default:\r
- return FALSE;\r
- }\r
-\r
- CopyMem (DigestInfo, HashDer, DerSize);\r
- CopyMem (DigestInfo + DerSize, Message, MessageSize);\r
-\r
- return (DerSize + MessageSize);\r
-}\r
-\r
/**\r
Carries out the RSA-SSA signature generation with EMSA-PKCS1-v1_5 encoding scheme.\r
\r
{\r
RSA *Rsa;\r
UINTN Size;\r
- INTN ReturnVal;\r
+ INT32 DigestType;\r
\r
//\r
// Check input parameters.\r
//\r
- if (RsaContext == NULL || MessageHash == NULL ||\r
- (HashSize != MD5_DIGEST_SIZE && HashSize != SHA1_DIGEST_SIZE && HashSize != SHA256_DIGEST_SIZE)) {\r
+ if (RsaContext == NULL || MessageHash == NULL) {\r
return FALSE;\r
}\r
\r
Rsa = (RSA *) RsaContext;\r
- Size = BN_num_bytes (Rsa->n);\r
+ Size = RSA_size (Rsa);\r
\r
if (*SigSize < Size) {\r
*SigSize = Size;\r
return FALSE;\r
}\r
\r
- Size = DigestInfoEncoding (MessageHash, HashSize, Signature);\r
+ //\r
+ // Determine the message digest algorithm according to digest size.\r
+ // Only MD5, SHA-1 or SHA-256 algorithm is supported.\r
+ //\r
+ switch (HashSize) {\r
+ case MD5_DIGEST_SIZE:\r
+ DigestType = NID_md5;\r
+ break;\r
+\r
+ case SHA1_DIGEST_SIZE:\r
+ DigestType = NID_sha1;\r
+ break;\r
\r
- ReturnVal = RSA_private_encrypt (\r
- (UINT32) Size,\r
- Signature,\r
- Signature,\r
- Rsa,\r
- RSA_PKCS1_PADDING\r
- );\r
+ case SHA256_DIGEST_SIZE:\r
+ DigestType = NID_sha256;\r
+ break;\r
\r
- if (ReturnVal < (INTN) Size) {\r
+ default:\r
return FALSE;\r
}\r
\r
- *SigSize = (UINTN)ReturnVal;\r
- return TRUE;\r
+ return (BOOLEAN) RSA_sign (\r
+ DigestType,\r
+ MessageHash,\r
+ (UINT32) HashSize,\r
+ Signature,\r
+ (UINT32 *) SigSize,\r
+ (RSA *) RsaContext\r
+ );\r
}\r
-\r