CryptoPkg: Support for SHA384 & SHA512 RSA signing schemes

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2389

Currently RSA signing scheme support is available for MD5, SHA-1 or
SHA-256 algorithms.The fix is to extend this support for SHA384 and
SHA512.

Cc: Liming Gao <liming.gao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Bob Feng <bob.c.feng@intel.com>

Signed-off-by: Pavana.K <pavana.k@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
This commit is contained in:
Pavana.K
2020-01-02 20:30:27 +00:00
committed by mergify[bot]
parent 396e791059
commit c9d7262843
2 changed files with 22 additions and 6 deletions

View File

@@ -7,7 +7,7 @@
3) RsaCheckKey
4) RsaPkcs1Sign
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -276,7 +276,7 @@ RsaCheckKey (
If RsaContext is NULL, then return FALSE.
If MessageHash is NULL, then return FALSE.
If HashSize is not equal to the size of MD5, SHA-1 or SHA-256 digest, then return FALSE.
If HashSize is not equal to the size of MD5, SHA-1, SHA-256, SHA-384 or SHA-512 digest, then return FALSE.
If SigSize is large enough but Signature is NULL, then return FALSE.
@param[in] RsaContext Pointer to RSA context for signature generation.
@@ -326,7 +326,7 @@ RsaPkcs1Sign (
//
// Determine the message digest algorithm according to digest size.
// Only MD5, SHA-1 or SHA-256 algorithm is supported.
// Only MD5, SHA-1, SHA-256, SHA-384 or SHA-512 algorithm is supported.
//
switch (HashSize) {
case MD5_DIGEST_SIZE:
@@ -341,6 +341,14 @@ RsaPkcs1Sign (
DigestType = NID_sha256;
break;
case SHA384_DIGEST_SIZE:
DigestType = NID_sha384;
break;
case SHA512_DIGEST_SIZE:
DigestType = NID_sha512;
break;
default:
return FALSE;
}