From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by mx.groups.io with SMTP id smtpd.web09.12445.1618931975842421541 for ; Tue, 20 Apr 2021 08:19:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=hX8tMrh8; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: sachin.agrawal@intel.com) IronPort-SDR: PTIiLexVbpLDZbrThKZvc2BCjngCGH930xPqwH25cQhqQElwLqyeK1ISdMDFhF40R2LN4bgxdl uu7ugpqs0UFw== X-IronPort-AV: E=McAfee;i="6200,9189,9960"; a="195552081" X-IronPort-AV: E=Sophos;i="5.82,237,1613462400"; d="scan'208";a="195552081" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Apr 2021 08:19:34 -0700 IronPort-SDR: 6GAgNxV7bQRV+Mesdi8uljCo6o3uekGyOAwh7XY5SMY1RqJO8z5bX/PUQ9KWHotUFA/vHLHSYY i3tweb/V94kw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.82,237,1613462400"; d="scan'208";a="427005503" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orsmga008.jf.intel.com with ESMTP; 20 Apr 2021 08:19:34 -0700 Received: from fmsmsx607.amr.corp.intel.com (10.18.126.87) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2; Tue, 20 Apr 2021 08:19:34 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx607.amr.corp.intel.com (10.18.126.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2106.2 via Frontend Transport; Tue, 20 Apr 2021 08:19:34 -0700 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.40) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2106.2; Tue, 20 Apr 2021 08:19:33 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TT+XBQsMWhHT0wHoC93pFnCG6FeNExHrNoQnr3QNnO41EJoRDo+Bi4Ltnrc3N7l2gxr7LWr0yIPqmlJlSUy7JaZayfNyGfOl47VvgksSOz3IONWWckiEVsbIm7Yi4ZLQ9/Jf3tCouRVutFZ+iB0sf4qo1hVTSneqwiiIq8KYKE2Vlf9v4kVofmNHEQNKr3VcRgpXuSfJEB+vP4kD/UFends09ngN6MylZkG3PVWQgLAu2E0kj/Kb4clDPYqlJxFjgWQUlIXXygI6yh37n/B+KYYDh9bQd+bcmxX68M/ZokKfsSTC8cah8ogdS3OpxujMsA8QVtH7kHeO7uCCe5bu8w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kwGXMyDpqLlU1AhMavu/JCA12jL0+S6wgNh8HJ4bV58=; b=GTXidgGwzpRmhvcXwhsfacd0ljE9D+AWXNFd1DSh587t+5TENCJKcw0ANWc1OViBvnUTB7zRA9DplI2ZjXby7c5/qiTvFye0WgtQhmK6T6EYAgCUCZI81HinHMkT60MkBm60jhaydIhjKYER+MVTRIY0ApSf/lr8nIWFI/sdI3cijKG1DnACY+m3eDcK39jxi+Nmvvouo3G8MFQMelVnKozGSuV7Jyz66xBjOYXNda4/9Hky2ZwTkX5FPF4fArVNhyEnYYHpcsolI13S+6cBv3HS5061XbO+4w3pRnp6iDd746s2P+hWcrmXiD+IJy2OIXPqDKw1W+0ZdmD30DZwXg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kwGXMyDpqLlU1AhMavu/JCA12jL0+S6wgNh8HJ4bV58=; b=hX8tMrh8rcUVGwsfh8bndtGDYUN4W2PsVahppbciWOu5npQuX12IxqzSlF5TECjMkGjgrxTFzW8bdp/VlFrvsL9ke3VN5pjoGnqswYFfoMmsCBbszNdmGi5tEVtB5ix8qsCjNxn5Oj0IUhGnjdSKDU6wjV6/iYTlXYzx94ZTEj4= Received: from MW3PR11MB4617.namprd11.prod.outlook.com (2603:10b6:303:59::24) by CO1PR11MB5121.namprd11.prod.outlook.com (2603:10b6:303:94::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4065.20; Tue, 20 Apr 2021 15:19:33 +0000 Received: from MW3PR11MB4617.namprd11.prod.outlook.com ([fe80::6482:bc29:8a4e:2b26]) by MW3PR11MB4617.namprd11.prod.outlook.com ([fe80::6482:bc29:8a4e:2b26%5]) with mapi id 15.20.4065.020; Tue, 20 Apr 2021 15:19:33 +0000 From: "Agrawal, Sachin" To: "Yao, Jiewen" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Lu, XiaoyuX" , "Jiang, Guomin" Subject: Re: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support Thread-Topic: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support Thread-Index: AQHXNYkmert4u91dZEiqg6QHTrh+y6q8rvcAgAA12YCAADqwgIAAVsXw Date: Tue, 20 Apr 2021 15:19:33 +0000 Message-ID: References: <20210420020150.29212-1-sachin.agrawal@intel.com> <20210420020150.29212-2-sachin.agrawal@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.5.1.3 authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [73.240.103.37] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: aab66479-8214-4f1e-6e85-08d9040fb37a x-ms-traffictypediagnostic: CO1PR11MB5121: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: m0yOOyiUB9x372dATvKCWxe+12uyt5SmFny0ay25KlIjSyPOrDXx5qtxpMqYs1N9PpwxkO6z7YaS+LCl19lH2aZFW1NLR0zJ2wI69CFfFTIdtWPhYX0yt5YmPm8PLngIkHpbwLSsOQp/eMBYsWilWvRySpJ0HA3mWxMC+wt4akPlroqL85QowlS5KyheGZLHtbUoOWHresP+32+B59/hGhEgBIwuufeKnLqmalaLMCLTy6M+swsqemCGcI0oYNmA67kmMbTpr/AM6DYk+hYTqx2X53zIFL5tl4lGjH3q5CQX7hbj2+12LSIa0LKjDIjJYC7xK0KbMWTe6iyNuX3gRTRmFBBECaZckXRnSIyM10sBY/zvHn7REXWZio1rBFa+3iKtVhri8LD9BnO3YJmmC8G4DjM1wYJST4horCca0xgCsQK/6LVovhdeVIcIUNClDc4cTqMB80M6W+ct95/ysy95wdpIponvZV1etQ5comi9E5GqVZDZ0j4sZnRjjDfVj56JWmpWYwkyg2vC2gjldrNXNMxyz2UOQFjpZoUSmdS0o20ixDekSgKdREXqRHxGGeOIOX1gBekgfjyb9muF7s5QDhvxn0CiG87OucwINHVVK/rpIPwvYAcEWAmg7I/M/PHU+V8PEJd48ar6elpb/W4mxS1Ut0nT2DdmPNfkHAcxCB+NVsVUnFmbvWxRSCKO x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW3PR11MB4617.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(39860400002)(376002)(366004)(346002)(396003)(136003)(15650500001)(26005)(2906002)(316002)(110136005)(186003)(54906003)(55016002)(30864003)(8936002)(7696005)(5660300002)(6506007)(53546011)(107886003)(38100700002)(66946007)(66556008)(66476007)(66446008)(64756008)(122000001)(9686003)(4326008)(76116006)(8676002)(52536014)(966005)(33656002)(71200400001)(86362001)(83380400001)(478600001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?AGiJp3AKzEcTVNZ9aADHBnC9TE7D41pRom72O/+7vwyXrAOi6OvyegLUdqMK?= =?us-ascii?Q?BncDnjknKO3l0QCsLyQOGNhjLbKe/faKirPlNobsDqpQXQIuZAvyV0FbIuaz?= =?us-ascii?Q?tRVw99uXzGO46Vx5gajNcpoVrBASG/UO6tT0mm6UcLsDUk9T0/OFG+BrcDK3?= =?us-ascii?Q?syuhZ56CGC1MDXbzMujI0zmvX3gRt7dTrFXm8DP4UTKXjb11/1wBsNoijiS3?= =?us-ascii?Q?B66M7XQwz9NHmL07T0re/jDHECLrg73IPWXVw7lxqJdl54s5Wwl5e97W5hEz?= =?us-ascii?Q?BQAvE5bYlWQpkhIXl8Cc+4dImf8Kg20giE8z096VrYhdWTHiEVnnELabe3xY?= =?us-ascii?Q?UoforiISI27VrRGikWOt6z1y/BbJJhZKU0V7hZAXvBH7Wq54pGiJ9bh1H21n?= =?us-ascii?Q?i1e7PhBDLzENgMHZY1iJKcF3ZOCIk/tidXWVwGEylAefVn6o0QPXA+e5HZqv?= =?us-ascii?Q?KJGC+nxB0dcEm0pJrxuBscfLgZQ31lng7M1m5VwuMuatJtouO8B5FYFRZfO8?= =?us-ascii?Q?envnJ2QJXbgY47L8S+6LFrFOuYoRL+eqN+w4uCPAsKwjxN9oRdRKMrCo9tDX?= =?us-ascii?Q?yY2YZvNMqiikRExXvimZjz/C3IXTs3IjeVxoabLn4X8KZ36f8fUrjFoFX43L?= =?us-ascii?Q?P34XOfvNN1WXGra9Keud/DOAbudwPaiChc+2lMYLraGoIh/4bPpvaVw19Bn8?= =?us-ascii?Q?U/1BFtQHVfnDMn74Hpy+tD77X0Zy7jRaTC5iQaRT1ZlIlX4eCeb8d5U1Sa/m?= =?us-ascii?Q?w5riwOf0Z+/fVeUl4fWvY4M0hs5b+ehtiVF67pHhobYELj0XQAAjKmLXA3Tt?= =?us-ascii?Q?yHcpXluLHaFATySteZJq+7Big301TlBSn7Ltx6keYUiWpruxsAzT2S3wtN0j?= =?us-ascii?Q?y/54CkyVzOhPSJ3p0MGutpM0pKBQ40LJqTsVhq6MOlwAiaI2zIhg4EURKYny?= =?us-ascii?Q?FxKiTkG8tUSuDjekfV+rnRnItk+N299/e2ypbpA/16NaQ/KuKAftA+4e93um?= =?us-ascii?Q?H1e1HV7L/q+q+h3WuEotCwx8EHqAGoOO3X0ZG+XRJtXc/uFeNfjs7fs1TpYP?= =?us-ascii?Q?OKXMlMnm5SHNdq9o6+lwsXHkvx+5xLu9HxAQrPXsRGCxm6ua446KwhRe0VJr?= =?us-ascii?Q?2sAa6ct6MH9iuFH6OOUZLxKP14IaGcmFS+O5NZQhoihnefeRHqe3TeNJMnjO?= =?us-ascii?Q?dYHecvT4iwt4LP2bfL39HAmrAmW1Jfm9mCZobWMV0JxBZynG06VMi/Mc3ND7?= =?us-ascii?Q?LuR+gCJGYuy1EbRNQvXT8/jrxOWUjUQY9QzE+knXfdYtFSHCy0qCWzar3ZRe?= =?us-ascii?Q?T4rzbzB5MubQ4esqOygxuNGh?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW3PR11MB4617.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: aab66479-8214-4f1e-6e85-08d9040fb37a X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Apr 2021 15:19:33.1373 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: /1KRxLiqcflDAaVCexpQPZAb7pUpzhB6NxSWhROByZfs1Q+bBCulmJm+gt3dTj71WSMMnB8zZ+PwwjRWuvDPmpvHoLitvq/tXLlEAwA6VQQ= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR11MB5121 Return-Path: sachin.agrawal@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Jiewen, I reviewed RFC 8017 and I could not find any specific 'recommendations' on = salt length to be used during signing with PSS encoding scheme.=20 However, in Section D.5.2.2.1(Notes 2) of IEEE 1363a-2004, it is recommende= d to use salt length atleast equal to the hash digest length. We can modify the current API to take a additional parameter as salt length= and ONLY pursue verification operation if Salt length is atleast equal to = digest length. This will act as a hardening mechanism for Edk2 as it will accept signature= s only with 'appropriate' salt lengths. Let me know if this is fine and I will push a corresponding patch. Thx Sachin -----Original Message----- From: Yao, Jiewen =20 Sent: Tuesday, April 20, 2021 2:12 AM To: Agrawal, Sachin ; devel@edk2.groups.io Cc: Wang, Jian J ; Lu, XiaoyuX ; Jiang, Guomin Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify sup= port Right. That has PROs and CONs. On one hand, that allows maximum compatibility, salt could be HASH_SIZE or = MAX, or even 0 ? On the other hand, what if the consumer only wants to accept a specific len= gth? E.g. TPM in FIPS mode and TLS requires SaltLength=3D=3DHashLength. Thank you Yao Jiewen > -----Original Message----- > From: Agrawal, Sachin > Sent: Tuesday, April 20, 2021 3:19 PM > To: Yao, Jiewen ; devel@edk2.groups.io > Cc: Wang, Jian J ; Lu, XiaoyuX=20 > ; Jiang, Guomin > Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS=20 > verify support >=20 > Hi Jiewen, >=20 > From Section 9.1 in RFC 8017: > " Note that the verification operation follows reverse steps to recover > salt and then forward steps to recompute and compare H." >=20 > Therefore, salt length can be inferred from the PSS block structure=20 > during verification operation. >=20 > I opted for 'RSA_PSS_SALTLEN_AUTO' as it will allow Edk2 to verify PSS=20 > signatures of any salt lengths. >=20 > Thanks > Sachin >=20 > -----Original Message----- > From: Yao, Jiewen > Sent: Monday, April 19, 2021 7:30 PM > To: Agrawal, Sachin ; devel@edk2.groups.io > Cc: Wang, Jian J ; Lu, XiaoyuX=20 > ; Jiang, Guomin > Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS=20 > verify support >=20 > Hi Sachin > May I know why you hardcode PSS salt length to be RSA_PSS_SALTLEN_AUTO ? >=20 > Thank you > Yao Jiewen >=20 >=20 > > -----Original Message----- > > From: Agrawal, Sachin > > Sent: Tuesday, April 20, 2021 10:02 AM > > To: devel@edk2.groups.io > > Cc: Yao, Jiewen ; Wang, Jian J=20 > > ; Lu, XiaoyuX ; Jiang,=20 > > Guomin ; Agrawal, Sachin=20 > > > > Subject: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify=20 > > support > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3314 > > > > This patch uses Openssl's EVP API's to perform RSASSA-PSS=20 > > verification of a binary blob. > > > > Cc: Jiewen Yao > > Cc: Jian J Wang > > Cc: Xiaoyu Lu > > Cc: Guomin Jiang > > > > Signed-off-by: Sachin Agrawal > > --- > > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 139 > > ++++++++++++++++++++ > > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c | 43 ++++++ > > CryptoPkg/Include/Library/BaseCryptLib.h | 27 ++++ > > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 + > > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 1 + > > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 1 + > > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 1 + > > 7 files changed, 213 insertions(+) > > > > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c > > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c > > new file mode 100644 > > index 000000000000..acf5eb689cd8 > > --- /dev/null > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c > > @@ -0,0 +1,139 @@ > > +/** @file > > + RSA Asymmetric Cipher Wrapper Implementation over OpenSSL. > > + > > + This file implements following APIs which provide basic capabilities= for RSA: > > + 1) RsaPssVerify > > + > > +Copyright (c) 2021, Intel Corporation. All rights reserved.
> > +SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > + > > +#include "InternalCryptLib.h" > > + > > +#include > > +#include > > +#include > > +#include > > + > > + > > +/** > > + Retrieve a pointer to EVP message digest object. > > + > > + @param[in] DigestLen Length of the message digest. > > + > > +**/ > > +static > > +EVP_MD* > > +GetEvpMD ( > > + IN UINT16 DigestLen > > + ) > > +{ > > + switch (DigestLen){ > > + case SHA256_DIGEST_SIZE: > > + return EVP_sha256(); > > + break; > > + case SHA384_DIGEST_SIZE: > > + return EVP_sha384(); > > + break; > > + case SHA512_DIGEST_SIZE: > > + return EVP_sha512(); > > + break; > > + default: > > + return NULL; > > + } > > +} > > + > > + > > +/** > > + Verifies the RSA signature with RSASSA-PSS signature scheme=20 > > +defined in RFC > > 8017. > > + Implementation determines salt length automatically from the=20 > > + signature > > encoding. > > + Mask generation function is the same as the message digest algorithm= . > > + > > + @param[in] RsaContext Pointer to RSA context for signature ver= ification. > > + @param[in] Message Pointer to octet message to be verified. > > + @param[in] MsgSize Size of the message in bytes. > > + @param[in] Signature Pointer to RSASSA-PSS signature to be ve= rified. > > + @param[in] SigSize Size of signature in bytes. > > + @param[in] DigestLen Length of digest for RSA operation. > > + > > + @retval TRUE Valid signature encoded in RSASSA-PSS. > > + @retval FALSE Invalid signature or invalid RSA context. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +RsaPssVerify ( > > + IN VOID *RsaContext, > > + IN CONST UINT8 *Message, > > + IN UINTN MsgSize, > > + IN CONST UINT8 *Signature, > > + IN UINTN SigSize, > > + IN UINT16 DigestLen > > + ) > > +{ > > + BOOLEAN Result; > > + EVP_PKEY *pEvpRsaKey =3D NULL; > > + EVP_MD_CTX *pEvpVerifyCtx =3D NULL; > > + EVP_PKEY_CTX *pKeyCtx =3D NULL; > > + CONST EVP_MD *HashAlg =3D NULL; > > + > > + if (RsaContext =3D=3D NULL) { > > + return FALSE; > > + } > > + if (Message =3D=3D NULL || MsgSize =3D=3D 0 || MsgSize > INT_MAX) { > > + return FALSE; > > + } > > + if (Signature =3D=3D NULL || SigSize =3D=3D 0 || SigSize > INT_MAX) = { > > + return FALSE; > > + } > > + > > + HashAlg =3D GetEvpMD(DigestLen); > > + > > + if (HashAlg =3D=3D NULL) { > > + return FALSE; > > + } > > + > > + pEvpRsaKey =3D EVP_PKEY_new(); > > + if (pEvpRsaKey =3D=3D NULL) { > > + goto _Exit; > > + } > > + > > + EVP_PKEY_set1_RSA(pEvpRsaKey, RsaContext); > > + > > + pEvpVerifyCtx =3D EVP_MD_CTX_create(); if (pEvpVerifyCtx =3D=3D NUL= L) { > > + goto _Exit; > > + } > > + > > + Result =3D EVP_DigestVerifyInit(pEvpVerifyCtx, &pKeyCtx, HashAlg,=20 > > + NULL, > > pEvpRsaKey) > 0; > > + if (pKeyCtx =3D=3D NULL) { > > + goto _Exit; > > + } > > + > > + if (Result) { > > + Result =3D EVP_PKEY_CTX_set_rsa_padding(pKeyCtx, > > RSA_PKCS1_PSS_PADDING) > 0; > > + } > > + if (Result) { > > + Result =3D EVP_PKEY_CTX_set_rsa_pss_saltlen(pKeyCtx, > > RSA_PSS_SALTLEN_AUTO) > 0; > > + } > > + if (Result) { > > + Result =3D EVP_PKEY_CTX_set_rsa_mgf1_md(pKeyCtx, HashAlg) > 0; }= =20 > > + if (Result) { > > + Result =3D EVP_DigestVerifyUpdate(pEvpVerifyCtx, Message, > > (UINT32)MsgSize) > 0; > > + } > > + if (Result) { > > + Result =3D EVP_DigestVerifyFinal(pEvpVerifyCtx, Signature, > > + (UINT32)SigSize) > 0; } > > + > > +_Exit : > > + if (pEvpRsaKey) { > > + EVP_PKEY_free(pEvpRsaKey); > > + } > > + if (pEvpVerifyCtx) { > > + EVP_MD_CTX_destroy(pEvpVerifyCtx); > > + } > > + > > + return Result; > > +} > > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c > > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c > > new file mode 100644 > > index 000000000000..8d84b4c1426c > > --- /dev/null > > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c > > @@ -0,0 +1,43 @@ > > +/** @file > > + RSA-PSS Asymmetric Cipher Wrapper Implementation over OpenSSL. > > + > > + This file does not provide real capabilities for following APIs in R= SA handling: > > + 1) RsaPssVerify > > + > > +Copyright (c) 2021, Intel Corporation. All rights reserved.
> > +SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > + > > +#include "InternalCryptLib.h" > > + > > +/** > > + Verifies the RSA signature with RSASSA-PSS signature scheme=20 > > +defined in RFC > > 8017. > > + Implementation determines salt length automatically from the=20 > > + signature > > encoding. > > + Mask generation function is the same as the message digest algorithm= . > > + > > + @param[in] RsaContext Pointer to RSA context for signature ver= ification. > > + @param[in] Message Pointer to octet message to be verified. > > + @param[in] MsgSize Size of the message in bytes. > > + @param[in] Signature Pointer to RSASSA-PSS signature to be ve= rified. > > + @param[in] SigSize Size of signature in bytes. > > + @param[in] DigestLen Length of digest for RSA operation. > > + > > + @retval TRUE Valid signature encoded in RSASSA-PSS. > > + @retval FALSE Invalid signature or invalid RSA context. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +RsaPssVerify ( > > + IN VOID *RsaContext, > > + IN CONST UINT8 *Message, > > + IN UINTN MsgSize, > > + IN CONST UINT8 *Signature, > > + IN UINTN SigSize, > > + IN UINT16 DigestLen > > + ) > > +{ > > + ASSERT (FALSE); > > + return FALSE; > > +} > > diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h > > b/CryptoPkg/Include/Library/BaseCryptLib.h > > index 496121e6a4ed..36d560b8d691 100644 > > --- a/CryptoPkg/Include/Library/BaseCryptLib.h > > +++ b/CryptoPkg/Include/Library/BaseCryptLib.h > > @@ -1363,6 +1363,33 @@ RsaPkcs1Verify ( > > IN UINTN SigSize > > ); > > > > +/** > > + Verifies the RSA signature with RSASSA-PSS signature scheme=20 > > +defined in RFC > > 8017. > > + Implementation determines salt length automatically from the=20 > > + signature > > encoding. > > + Mask generation function is the same as the message digest algorithm= . > > + > > + @param[in] RsaContext Pointer to RSA context for signature ver= ification. > > + @param[in] Message Pointer to octet message to be verified. > > + @param[in] MsgSize Size of the message in bytes. > > + @param[in] Signature Pointer to RSASSA-PSS signature to be ve= rified. > > + @param[in] SigSize Size of signature in bytes. > > + @param[in] DigestLen Length of digest for RSA operation. > > + > > + @retval TRUE Valid signature encoded in RSASSA-PSS. > > + @retval FALSE Invalid signature or invalid RSA context. > > + > > +**/ > > +BOOLEAN > > +EFIAPI > > +RsaPssVerify ( > > + IN VOID *RsaContext, > > + IN CONST UINT8 *Message, > > + IN UINTN MsgSize, > > + IN CONST UINT8 *Signature, > > + IN UINTN SigSize, > > + IN UINT16 DigestLen > > + ); > > + > > /** > > Retrieve the RSA Private Key from the password-protected PEM key dat= a. > >