From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: "Agrawal, Sachin" <sachin.agrawal@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Wang, Jian J" <jian.j.wang@intel.com>,
"Lu, XiaoyuX" <xiaoyux.lu@intel.com>,
"Jiang, Guomin" <guomin.jiang@intel.com>
Subject: Re: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
Date: Tue, 20 Apr 2021 02:29:42 +0000 [thread overview]
Message-ID: <BY5PR11MB41668D908E90E662DC28EE758C489@BY5PR11MB4166.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20210420020150.29212-2-sachin.agrawal@intel.com>
Hi Sachin
May I know why you hardcode PSS salt length to be RSA_PSS_SALTLEN_AUTO ?
Thank you
Yao Jiewen
> -----Original Message-----
> From: Agrawal, Sachin <sachin.agrawal@intel.com>
> Sent: Tuesday, April 20, 2021 10:02 AM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>;
> Lu, XiaoyuX <xiaoyux.lu@intel.com>; Jiang, Guomin <guomin.jiang@intel.com>;
> Agrawal, Sachin <sachin.agrawal@intel.com>
> Subject: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314
>
> This patch uses Openssl's EVP API's to perform RSASSA-PSS verification
> of a binary blob.
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Xiaoyu Lu <xiaoyux.lu@intel.com>
> Cc: Guomin Jiang <guomin.jiang@intel.com>
>
> Signed-off-by: Sachin Agrawal <sachin.agrawal@intel.com>
> ---
> CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 139
> ++++++++++++++++++++
> CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c | 43 ++++++
> CryptoPkg/Include/Library/BaseCryptLib.h | 27 ++++
> CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 +
> CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 1 +
> CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 1 +
> CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 1 +
> 7 files changed, 213 insertions(+)
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
> new file mode 100644
> index 000000000000..acf5eb689cd8
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
> @@ -0,0 +1,139 @@
> +/** @file
> + RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
> +
> + This file implements following APIs which provide basic capabilities for RSA:
> + 1) RsaPssVerify
> +
> +Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include "InternalCryptLib.h"
> +
> +#include <openssl/bn.h>
> +#include <openssl/rsa.h>
> +#include <openssl/objects.h>
> +#include <openssl/evp.h>
> +
> +
> +/**
> + Retrieve a pointer to EVP message digest object.
> +
> + @param[in] DigestLen Length of the message digest.
> +
> +**/
> +static
> +EVP_MD*
> +GetEvpMD (
> + IN UINT16 DigestLen
> + )
> +{
> + switch (DigestLen){
> + case SHA256_DIGEST_SIZE:
> + return EVP_sha256();
> + break;
> + case SHA384_DIGEST_SIZE:
> + return EVP_sha384();
> + break;
> + case SHA512_DIGEST_SIZE:
> + return EVP_sha512();
> + break;
> + default:
> + return NULL;
> + }
> +}
> +
> +
> +/**
> + Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC
> 8017.
> + Implementation determines salt length automatically from the signature
> encoding.
> + Mask generation function is the same as the message digest algorithm.
> +
> + @param[in] RsaContext Pointer to RSA context for signature verification.
> + @param[in] Message Pointer to octet message to be verified.
> + @param[in] MsgSize Size of the message in bytes.
> + @param[in] Signature Pointer to RSASSA-PSS signature to be verified.
> + @param[in] SigSize Size of signature in bytes.
> + @param[in] DigestLen Length of digest for RSA operation.
> +
> + @retval TRUE Valid signature encoded in RSASSA-PSS.
> + @retval FALSE Invalid signature or invalid RSA context.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +RsaPssVerify (
> + IN VOID *RsaContext,
> + IN CONST UINT8 *Message,
> + IN UINTN MsgSize,
> + IN CONST UINT8 *Signature,
> + IN UINTN SigSize,
> + IN UINT16 DigestLen
> + )
> +{
> + BOOLEAN Result;
> + EVP_PKEY *pEvpRsaKey = NULL;
> + EVP_MD_CTX *pEvpVerifyCtx = NULL;
> + EVP_PKEY_CTX *pKeyCtx = NULL;
> + CONST EVP_MD *HashAlg = NULL;
> +
> + if (RsaContext == NULL) {
> + return FALSE;
> + }
> + if (Message == NULL || MsgSize == 0 || MsgSize > INT_MAX) {
> + return FALSE;
> + }
> + if (Signature == NULL || SigSize == 0 || SigSize > INT_MAX) {
> + return FALSE;
> + }
> +
> + HashAlg = GetEvpMD(DigestLen);
> +
> + if (HashAlg == NULL) {
> + return FALSE;
> + }
> +
> + pEvpRsaKey = EVP_PKEY_new();
> + if (pEvpRsaKey == NULL) {
> + goto _Exit;
> + }
> +
> + EVP_PKEY_set1_RSA(pEvpRsaKey, RsaContext);
> +
> + pEvpVerifyCtx = EVP_MD_CTX_create();
> + if (pEvpVerifyCtx == NULL) {
> + goto _Exit;
> + }
> +
> + Result = EVP_DigestVerifyInit(pEvpVerifyCtx, &pKeyCtx, HashAlg, NULL,
> pEvpRsaKey) > 0;
> + if (pKeyCtx == NULL) {
> + goto _Exit;
> + }
> +
> + if (Result) {
> + Result = EVP_PKEY_CTX_set_rsa_padding(pKeyCtx,
> RSA_PKCS1_PSS_PADDING) > 0;
> + }
> + if (Result) {
> + Result = EVP_PKEY_CTX_set_rsa_pss_saltlen(pKeyCtx,
> RSA_PSS_SALTLEN_AUTO) > 0;
> + }
> + if (Result) {
> + Result = EVP_PKEY_CTX_set_rsa_mgf1_md(pKeyCtx, HashAlg) > 0;
> + }
> + if (Result) {
> + Result = EVP_DigestVerifyUpdate(pEvpVerifyCtx, Message,
> (UINT32)MsgSize) > 0;
> + }
> + if (Result) {
> + Result = EVP_DigestVerifyFinal(pEvpVerifyCtx, Signature, (UINT32)SigSize) > 0;
> + }
> +
> +_Exit :
> + if (pEvpRsaKey) {
> + EVP_PKEY_free(pEvpRsaKey);
> + }
> + if (pEvpVerifyCtx) {
> + EVP_MD_CTX_destroy(pEvpVerifyCtx);
> + }
> +
> + return Result;
> +}
> diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
> new file mode 100644
> index 000000000000..8d84b4c1426c
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
> @@ -0,0 +1,43 @@
> +/** @file
> + RSA-PSS Asymmetric Cipher Wrapper Implementation over OpenSSL.
> +
> + This file does not provide real capabilities for following APIs in RSA handling:
> + 1) RsaPssVerify
> +
> +Copyright (c) 2021, Intel Corporation. All rights reserved.<BR>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include "InternalCryptLib.h"
> +
> +/**
> + Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC
> 8017.
> + Implementation determines salt length automatically from the signature
> encoding.
> + Mask generation function is the same as the message digest algorithm.
> +
> + @param[in] RsaContext Pointer to RSA context for signature verification.
> + @param[in] Message Pointer to octet message to be verified.
> + @param[in] MsgSize Size of the message in bytes.
> + @param[in] Signature Pointer to RSASSA-PSS signature to be verified.
> + @param[in] SigSize Size of signature in bytes.
> + @param[in] DigestLen Length of digest for RSA operation.
> +
> + @retval TRUE Valid signature encoded in RSASSA-PSS.
> + @retval FALSE Invalid signature or invalid RSA context.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +RsaPssVerify (
> + IN VOID *RsaContext,
> + IN CONST UINT8 *Message,
> + IN UINTN MsgSize,
> + IN CONST UINT8 *Signature,
> + IN UINTN SigSize,
> + IN UINT16 DigestLen
> + )
> +{
> + ASSERT (FALSE);
> + return FALSE;
> +}
> diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h
> b/CryptoPkg/Include/Library/BaseCryptLib.h
> index 496121e6a4ed..36d560b8d691 100644
> --- a/CryptoPkg/Include/Library/BaseCryptLib.h
> +++ b/CryptoPkg/Include/Library/BaseCryptLib.h
> @@ -1363,6 +1363,33 @@ RsaPkcs1Verify (
> IN UINTN SigSize
> );
>
> +/**
> + Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC
> 8017.
> + Implementation determines salt length automatically from the signature
> encoding.
> + Mask generation function is the same as the message digest algorithm.
> +
> + @param[in] RsaContext Pointer to RSA context for signature verification.
> + @param[in] Message Pointer to octet message to be verified.
> + @param[in] MsgSize Size of the message in bytes.
> + @param[in] Signature Pointer to RSASSA-PSS signature to be verified.
> + @param[in] SigSize Size of signature in bytes.
> + @param[in] DigestLen Length of digest for RSA operation.
> +
> + @retval TRUE Valid signature encoded in RSASSA-PSS.
> + @retval FALSE Invalid signature or invalid RSA context.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +RsaPssVerify (
> + IN VOID *RsaContext,
> + IN CONST UINT8 *Message,
> + IN UINTN MsgSize,
> + IN CONST UINT8 *Signature,
> + IN UINTN SigSize,
> + IN UINT16 DigestLen
> + );
> +
> /**
> Retrieve the RSA Private Key from the password-protected PEM key data.
>
next prev parent reply other threads:[~2021-04-20 2:29 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-20 2:01 [PATCH v1 0/1] CryptoPkg: Add RSA PSS verify support Agrawal, Sachin
2021-04-20 2:01 ` [PATCH v1 1/1] CryptoPkg: BaseCryptLib: " Agrawal, Sachin
2021-04-20 2:29 ` Yao, Jiewen [this message]
2021-04-20 7:18 ` Agrawal, Sachin
2021-04-20 9:12 ` Yao, Jiewen
2021-04-20 15:19 ` Agrawal, Sachin
2021-04-21 1:28 ` Yao, Jiewen
2021-04-22 14:16 ` Agrawal, Sachin
2021-04-22 15:18 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BY5PR11MB41668D908E90E662DC28EE758C489@BY5PR11MB4166.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox