Add CryptoPkg (from UDK2010.UP3)
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10987 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
160
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
Normal file
160
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c
Normal file
@@ -0,0 +1,160 @@
|
||||
/** @file
|
||||
PKCS#7 SignedData Verification Wrapper Implementation over OpenSSL.
|
||||
|
||||
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include <Library/BaseLib.h>
|
||||
#include <Library/BaseMemoryLib.h>
|
||||
#include <Library/DebugLib.h>
|
||||
|
||||
#include <Library/BaseCryptLib.h>
|
||||
#include <openssl/objects.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <openssl/pkcs7.h>
|
||||
|
||||
|
||||
/**
|
||||
Verifies the validility of a PKCS#7 signed data as described in "PKCS #7: Cryptographic
|
||||
Message Syntax Standard".
|
||||
|
||||
If P7Data is NULL, then ASSERT().
|
||||
|
||||
@param[in] P7Data Pointer to the PKCS#7 message to verify.
|
||||
@param[in] P7Length Length of the PKCS#7 message in bytes.
|
||||
@param[in] TrustedCert Pointer to a trusted/root certificate encoded in DER, which
|
||||
is used for certificate chain verification.
|
||||
@param[in] CertLength Length of the trusted certificate in bytes.
|
||||
@param[in] InData Pointer to the content to be verified.
|
||||
@param[in] DataLength Length of InData in bytes.
|
||||
|
||||
@return TRUE The specified PKCS#7 signed data is valid.
|
||||
@return FALSE Invalid PKCS#7 signed data.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
Pkcs7Verify (
|
||||
IN CONST UINT8 *P7Data,
|
||||
IN UINTN P7Length,
|
||||
IN CONST UINT8 *TrustedCert,
|
||||
IN UINTN CertLength,
|
||||
IN CONST UINT8 *InData,
|
||||
IN UINTN DataLength
|
||||
)
|
||||
{
|
||||
PKCS7 *Pkcs7;
|
||||
UINT8 *Content;
|
||||
BIO *CertBio;
|
||||
BIO *DataBio;
|
||||
BOOLEAN Status;
|
||||
X509 *Cert;
|
||||
X509_STORE *CertStore;
|
||||
|
||||
//
|
||||
// ASSERT if P7Data is NULL
|
||||
//
|
||||
ASSERT (P7Data != NULL);
|
||||
|
||||
Status = FALSE;
|
||||
Pkcs7 = NULL;
|
||||
CertBio = NULL;
|
||||
DataBio = NULL;
|
||||
Cert = NULL;
|
||||
CertStore = NULL;
|
||||
|
||||
//
|
||||
// Register & Initialize necessary digest algorithms for PKCS#7 Handling
|
||||
//
|
||||
EVP_add_digest (EVP_md5());
|
||||
EVP_add_digest (EVP_sha1());
|
||||
EVP_add_digest (EVP_sha256());
|
||||
|
||||
//
|
||||
// Retrieve PKCS#7 Data (DER encoding)
|
||||
//
|
||||
Pkcs7 = d2i_PKCS7 (NULL, &P7Data, (int)P7Length);
|
||||
if (Pkcs7 == NULL) {
|
||||
goto _Exit;
|
||||
}
|
||||
|
||||
//
|
||||
// Check if it's PKCS#7 Signed Data (for Authenticode Scenario)
|
||||
//
|
||||
if (!PKCS7_type_is_signed (Pkcs7)) {
|
||||
goto _Exit;
|
||||
}
|
||||
|
||||
//
|
||||
// Check PKCS#7 embedded signed content with InData.
|
||||
//
|
||||
if (InData != NULL) {
|
||||
//
|
||||
// NOTE: PKCS7_dataDecode() didn't work for Authenticode-format signed data due to
|
||||
// some authenticode-specific structure. Use opaque ASN.1 string to retrieve
|
||||
// PKCS#7 ContentInfo here.
|
||||
//
|
||||
Content = (UINT8 *)(Pkcs7->d.sign->contents->d.other->value.asn1_string->data);
|
||||
|
||||
// Ignore two bytes for DER encoding of ASN.1 "SEQUENCE"
|
||||
if (CompareMem (Content + 2, InData, DataLength) != 0) {
|
||||
goto _Exit;
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// Read DER-encoded root certificate and Construct X509 Certificate
|
||||
//
|
||||
CertBio = BIO_new (BIO_s_mem ());
|
||||
BIO_write (CertBio, TrustedCert, (int)CertLength);
|
||||
if (CertBio == NULL) {
|
||||
goto _Exit;
|
||||
}
|
||||
Cert = d2i_X509_bio (CertBio, NULL);
|
||||
if (Cert == NULL) {
|
||||
goto _Exit;
|
||||
}
|
||||
|
||||
//
|
||||
// Setup X509 Store for trusted certificate
|
||||
//
|
||||
CertStore = X509_STORE_new ();
|
||||
if (CertStore == NULL) {
|
||||
goto _Exit;
|
||||
}
|
||||
if (!(X509_STORE_add_cert (CertStore, Cert))) {
|
||||
goto _Exit;
|
||||
}
|
||||
|
||||
//
|
||||
// For generic PKCS#7 handling, InData may be NULL if the content is present
|
||||
// in PKCS#7 structure. So ignore NULL checking here.
|
||||
//
|
||||
DataBio = BIO_new (BIO_s_mem ());
|
||||
BIO_write (DataBio, InData, (int)DataLength);
|
||||
|
||||
//
|
||||
// Verifies the PKCS#7 signedData structure
|
||||
//
|
||||
Status = (BOOLEAN) PKCS7_verify (Pkcs7, NULL, CertStore, DataBio, NULL, 0);
|
||||
|
||||
_Exit:
|
||||
//
|
||||
// Release Resources
|
||||
//
|
||||
BIO_free (DataBio);
|
||||
BIO_free (CertBio);
|
||||
X509_free (Cert);
|
||||
X509_STORE_free (CertStore);
|
||||
PKCS7_free (Pkcs7);
|
||||
|
||||
return Status;
|
||||
}
|
277
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsa.c
Normal file
277
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsa.c
Normal file
@@ -0,0 +1,277 @@
|
||||
/** @file
|
||||
RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
|
||||
|
||||
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include <Library/BaseLib.h>
|
||||
#include <Library/DebugLib.h>
|
||||
#include <Library/BaseMemoryLib.h>
|
||||
|
||||
#include <Library/BaseCryptLib.h>
|
||||
#include <openssl/rsa.h>
|
||||
|
||||
|
||||
/**
|
||||
Allocates and Initializes one RSA Context for subsequent use.
|
||||
|
||||
@return Pointer to the RSA Context that has been initialized.
|
||||
If the allocations fails, RsaNew() returns NULL.
|
||||
|
||||
**/
|
||||
VOID *
|
||||
EFIAPI
|
||||
RsaNew (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
//
|
||||
// Allocates & Initializes RSA Context by OpenSSL RSA_new()
|
||||
//
|
||||
return (VOID *)RSA_new ();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Release the specified RSA Context.
|
||||
|
||||
@param[in] RsaContext Pointer to the RSA context to be released.
|
||||
|
||||
**/
|
||||
VOID
|
||||
EFIAPI
|
||||
RsaFree (
|
||||
IN VOID *RsaContext
|
||||
)
|
||||
{
|
||||
//
|
||||
// Free OpenSSL RSA Context
|
||||
//
|
||||
RSA_free ((RSA *)RsaContext);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Sets the tag-designated RSA key component into the established RSA context from
|
||||
the user-specified nonnegative integer (octet string format represented in RSA
|
||||
PKCS#1).
|
||||
|
||||
If RsaContext is NULL, then ASSERT().
|
||||
|
||||
@param[in, out] RsaContext Pointer to RSA context being set.
|
||||
@param[in] KeyTag Tag of RSA key component being set.
|
||||
@param[in] BigNumber Pointer to octet integer buffer.
|
||||
@param[in] BnLength Length of big number buffer in bytes.
|
||||
|
||||
@return TRUE RSA key component was set successfully.
|
||||
@return FALSE Invalid RSA key component tag.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
RsaSetKey (
|
||||
IN OUT VOID *RsaContext,
|
||||
IN RSA_KEY_TAG KeyTag,
|
||||
IN CONST UINT8 *BigNumber,
|
||||
IN UINTN BnLength
|
||||
)
|
||||
{
|
||||
RSA *RsaKey;
|
||||
|
||||
//
|
||||
// ASSERT if RsaContext is NULL
|
||||
//
|
||||
ASSERT (RsaContext != NULL);
|
||||
|
||||
|
||||
RsaKey = (RSA *)RsaContext;
|
||||
//
|
||||
// Set RSA Key Components by converting octet string to OpenSSL BN representation.
|
||||
// NOTE: For RSA public key (used in signature verification), only public components
|
||||
// (N, e) are needed.
|
||||
//
|
||||
switch (KeyTag) {
|
||||
|
||||
//
|
||||
// RSA Public Modulus (N)
|
||||
//
|
||||
case RsaKeyN:
|
||||
if (RsaKey->n != NULL) {
|
||||
BN_free (RsaKey->n);
|
||||
}
|
||||
RsaKey->n = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->n);
|
||||
break;
|
||||
|
||||
//
|
||||
// RSA Public Exponent (e)
|
||||
//
|
||||
case RsaKeyE:
|
||||
if (RsaKey->e != NULL) {
|
||||
BN_free (RsaKey->e);
|
||||
}
|
||||
RsaKey->e = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->e);
|
||||
break;
|
||||
|
||||
//
|
||||
// RSA Private Exponent (d)
|
||||
//
|
||||
case RsaKeyD:
|
||||
if (RsaKey->d != NULL) {
|
||||
BN_free (RsaKey->d);
|
||||
}
|
||||
RsaKey->d = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->d);
|
||||
break;
|
||||
|
||||
//
|
||||
// RSA Secret Prime Factor of Modulus (p)
|
||||
//
|
||||
case RsaKeyP:
|
||||
if (RsaKey->p != NULL) {
|
||||
BN_free (RsaKey->p);
|
||||
}
|
||||
RsaKey->p = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->p);
|
||||
break;
|
||||
|
||||
//
|
||||
// RSA Secret Prime Factor of Modules (q)
|
||||
//
|
||||
case RsaKeyQ:
|
||||
if (RsaKey->q != NULL) {
|
||||
BN_free (RsaKey->q);
|
||||
}
|
||||
RsaKey->q = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->q);
|
||||
break;
|
||||
|
||||
//
|
||||
// p's CRT Exponent (== d mod (p - 1))
|
||||
//
|
||||
case RsaKeyDp:
|
||||
if (RsaKey->dmp1 != NULL) {
|
||||
BN_free (RsaKey->dmp1);
|
||||
}
|
||||
RsaKey->dmp1 = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->dmp1);
|
||||
break;
|
||||
|
||||
//
|
||||
// q's CRT Exponent (== d mod (q - 1))
|
||||
//
|
||||
case RsaKeyDq:
|
||||
if (RsaKey->dmq1 != NULL) {
|
||||
BN_free (RsaKey->dmq1);
|
||||
}
|
||||
RsaKey->dmq1 = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->dmq1);
|
||||
break;
|
||||
|
||||
//
|
||||
// The CRT Coefficient (== 1/q mod p)
|
||||
//
|
||||
case RsaKeyQInv:
|
||||
if (RsaKey->iqmp != NULL) {
|
||||
BN_free (RsaKey->iqmp);
|
||||
}
|
||||
RsaKey->iqmp = BN_bin2bn (BigNumber, (int)BnLength, RsaKey->iqmp);
|
||||
break;
|
||||
|
||||
default:
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Verifies the RSA-SSA signature with EMSA-PKCS1-v1_5 encoding scheme defined in
|
||||
RSA PKCS#1.
|
||||
|
||||
If RsaContext is NULL, then ASSERT().
|
||||
If MessageHash is NULL, then ASSERT().
|
||||
If Signature is NULL, then ASSERT().
|
||||
If HashLength is not equal to the size of MD5, SHA-1 or SHA-256 digest, then ASSERT().
|
||||
|
||||
@param[in] RsaContext Pointer to RSA context for signature verification.
|
||||
@param[in] MessageHash Pointer to octet message hash to be checked.
|
||||
@param[in] HashLength Length of the message hash in bytes.
|
||||
@param[in] Signature Pointer to RSA PKCS1-v1_5 signature to be verified.
|
||||
@param[in] SigLength Length of signature in bytes.
|
||||
|
||||
@return TRUE Valid signature encoded in PKCS1-v1_5.
|
||||
@return FALSE Invalid signature or invalid RSA context.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
EFIAPI
|
||||
RsaPkcs1Verify (
|
||||
IN VOID *RsaContext,
|
||||
IN CONST UINT8 *MessageHash,
|
||||
IN UINTN HashLength,
|
||||
IN UINT8 *Signature,
|
||||
IN UINTN SigLength
|
||||
)
|
||||
{
|
||||
INTN Length;
|
||||
|
||||
//
|
||||
// ASSERT if RsaContext, MessageHash or Signature is NULL
|
||||
//
|
||||
ASSERT (RsaContext != NULL);
|
||||
ASSERT (MessageHash != NULL);
|
||||
ASSERT (Signature != NULL);
|
||||
|
||||
//
|
||||
// ASSERT if unsupported hash length:
|
||||
// Only MD5, SHA-1 or SHA-256 digest size is supported
|
||||
//
|
||||
ASSERT ((HashLength == MD5_DIGEST_SIZE) || (HashLength == SHA1_DIGEST_SIZE) ||
|
||||
(HashLength == SHA256_DIGEST_SIZE));
|
||||
|
||||
//
|
||||
// RSA PKCS#1 Signature Decoding using OpenSSL RSA Decryption with Public Key
|
||||
//
|
||||
Length = RSA_public_decrypt (
|
||||
(int)SigLength,
|
||||
Signature,
|
||||
Signature,
|
||||
RsaContext,
|
||||
RSA_PKCS1_PADDING
|
||||
);
|
||||
|
||||
//
|
||||
// Invalid RSA Key or PKCS#1 Padding Checking Failed (if Length < 0)
|
||||
// NOTE: Length should be the addition of HashLength and some DER value.
|
||||
// Ignore more strict length checking here.
|
||||
//
|
||||
if (Length < (INTN) HashLength) {
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
//
|
||||
// Validate the MessageHash and Decoded Signature
|
||||
// NOTE: The decoded Signature should be the DER encoding of the DigestInfo value
|
||||
// DigestInfo ::= SEQUENCE {
|
||||
// digestAlgorithm AlgorithmIdentifier
|
||||
// digest OCTET STRING
|
||||
// }
|
||||
// Then Memory Comparing should skip the DER value of the underlying SEQUENCE
|
||||
// type and AlgorithmIdentifier.
|
||||
//
|
||||
if (CompareMem (MessageHash, Signature + Length - HashLength, HashLength) == 0) {
|
||||
//
|
||||
// Valid RSA PKCS#1 Signature
|
||||
//
|
||||
return TRUE;
|
||||
} else {
|
||||
//
|
||||
// Failed to verification
|
||||
//
|
||||
return FALSE;
|
||||
}
|
||||
}
|
Reference in New Issue
Block a user