[edk2-devel] [PATCH v1 0/1] CryptoPkg: Update Salt length requirement for RSA-PSS scheme.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3455 This patch enforces salt length to be equal to digest length for RSA PSS encoding scheme. https://github.com/sagraw2/edk2/tree/pss_salt_len Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Sachin Agrawal (1): CryptoPkg: BaseCryptLib: Update Salt length requirement for RSA-PSS scheme. CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 4 ++-- CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c | 2 +- CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c | 4 ++-- CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c | 2 +- CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c | 2 +- CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssSignNull.c | 2 +- CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 10 +- CryptoPkg/Include/Library/BaseCryptLib.h| 4 ++-- CryptoPkg/Private/Protocol/Crypto.h | 4 ++-- 9 files changed, 21 insertions(+), 13 deletions(-) -- 2.14.3.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#76472): https://edk2.groups.io/g/devel/message/76472 Mute This Topic: https://groups.io/mt/83533035/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Update Salt length requirement for RSA-PSS scheme.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3455
Enforce salt length to be equal to digest length for RSA-PSS
encoding scheme.
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Sachin Agrawal
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 4 ++--
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c | 2 +-
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c | 4 ++--
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c | 2 +-
CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c | 2 +-
CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssSignNull.c | 2 +-
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 10 +-
CryptoPkg/Include/Library/BaseCryptLib.h| 4 ++--
CryptoPkg/Private/Protocol/Crypto.h | 4 ++--
9 files changed, 21 insertions(+), 13 deletions(-)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
index 0b2960f06c4c..37075ea65a0d 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
@@ -50,7 +50,7 @@ GetEvpMD (
Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC
8017.
Implementation determines salt length automatically from the signature
encoding.
Mask generation function is the same as the message digest algorithm.
- Salt length should atleast be equal to digest length.
+ Salt length should be equal to digest length.
@param[in] RsaContext Pointer to RSA context for signature
verification.
@param[in] Message Pointer to octet message to be verified.
@@ -97,7 +97,7 @@ RsaPssVerify (
if (Signature == NULL || SigSize == 0 || SigSize > INT_MAX) {
return FALSE;
}
- if (SaltLen < DigestLen) {
+ if (SaltLen != DigestLen) {
return FALSE;
}
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
index 69c6889fbc4b..cc325c92911c 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
@@ -15,7 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC
8017.
Implementation determines salt length automatically from the signature
encoding.
Mask generation function is the same as the message digest algorithm.
- Salt length should atleast be equal to digest length.
+ Salt length should be equal to digest length.
@param[in] RsaContext Pointer to RSA context for signature
verification.
@param[in] Message Pointer to octet message to be verified.
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c
index ece765f9ae0a..06187ff4baa7 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c
@@ -59,7 +59,7 @@ GetEvpMD (
If Message is NULL, then return FALSE.
If MsgSize is zero or > INT_MAX, then return FALSE.
If DigestLen is NOT 32, 48 or 64, return FALSE.
- If SaltLen is < DigestLen, then return FALSE.
+ If SaltLen is not equal to DigestLen, then return FALSE.
If SigSize is large enough but Signature is NULL, then return FALSE.
If this interface is not supported, then return FALSE.
@@ -120,7 +120,7 @@ RsaPssSign (
return FALSE;
}
- if (SaltLen < DigestLen) {
+ if (SaltLen != DigestLen) {
return FALSE;
}
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c
index 4ed2dfce992a..911b97252182 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c
@@ -24,7 +24,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
If Message is NULL, then return FALSE.
If MsgSize is zero or > INT_MAX, then return FALSE.
If DigestLen is NOT 32, 48 or 64, return FALSE.
- If SaltLen is < DigestLen, then return FALSE.
+ If SaltLen is not equal to DigestLen, then return FALSE.
If SigSize is large enough but Signature is NULL, then return FALSE.
If this interface is not supported, then return FALSE.
diff --git a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c
b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c
index 69c6889fbc4b..cc325c92911c 100644
--- a/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c
+++ b/CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c
@@ -15,7 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC
8017.
Implementation determines salt length automatically from the signature
encoding.
Mask generation function is the same as the message digest algorithm.
- Salt length should atleast be equal
[edk2-devel] [PATCH v3 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314
This patch uses Openssl's EVP API's to perform RSASSA-PSS verification
of a binary blob.
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Sachin Agrawal
---
Notes:
v3:
- Fixed gcc compilation error [CI System]
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c| 146
+++
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c| 46
+
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c| 169
+
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c| 60
++
CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c| 46
+
CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssSignNull.c| 60
++
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 66
+++
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BaseCryptLibUnitTests.c | 1 +
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPssTests.c | 191
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaTests.c| 2 +
CryptoPkg/Include/Library/BaseCryptLib.h | 74
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf| 2 +
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 2 +
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +
CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf| 2 +
CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf| 2 +
CryptoPkg/Private/Protocol/Crypto.h| 78
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h| 3 +
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf | 1 +
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf | 1 +
21 files changed, 956 insertions(+)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
new file mode 100644
index ..af7cdafa4c47
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
@@ -0,0 +1,146 @@
+/** @file
+ RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
+
+ This file implements following APIs which provide basic capabilities for RSA:
+ 1) RsaPssVerify
+
+Copyright (c) 2021, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+
+#include
+#include
+#include
+#include
+
+
+/**
+ Retrieve a pointer to EVP message digest object.
+
+ @param[in] DigestLen Length of the message digest.
+
+**/
+STATIC
+const
+EVP_MD*
+GetEvpMD (
+ IN UINT16 DigestLen
+ )
+{
+ switch (DigestLen){
+case SHA256_DIGEST_SIZE:
+ return EVP_sha256();
+ break;
+case SHA384_DIGEST_SIZE:
+ return EVP_sha384();
+ break;
+case SHA512_DIGEST_SIZE:
+ return EVP_sha512();
+ break;
+default:
+ return NULL;
+ }
+}
+
+
+/**
+ Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC
8017.
+ Implementation determines salt length automatically from the signature
encoding.
+ Mask generation function is the same as the message digest algorithm.
+ Salt length should atleast be equal to digest length.
+
+ @param[in] RsaContext Pointer to RSA context for signature
verification.
+ @param[in] Message Pointer to octet message to be verified.
+ @param[in] MsgSize Size of the message in bytes.
+ @param[in] Signature Pointer to RSASSA-PSS signature to be verified.
+ @param[in] SigSize Size of signature in bytes.
+ @param[in] DigestLen Length of digest for RSA operation.
+ @param[in] SaltLen Salt length for PSS encoding.
+
+ @retval TRUE Valid signature encoded in RSASSA-PSS.
+ @retval FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RsaPssVerify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *Message,
+ IN UINTNMsgSize,
+ IN CONST UINT8 *Signature,
+ IN UINTNSigSize,
+ IN UINT16 DigestLen,
+ IN UINT16 SaltLen
+ )
+{
+ BOOLEAN Result;
+ EVP_PKEY *pEvpRsaKey = NULL;
+ EVP_MD_CTX *pEvpVerifyCtx = NULL;
+ EVP_PKEY_CTX *pKeyCtx = NULL;
+ CONST EVP_MD *HashAlg = NULL;
+
+ if (RsaContext == NULL) {
+return FALSE;
+ }
+ if (Message == NULL || MsgSize == 0 || MsgSize > INT_MAX) {
+return FALSE;
+ }
+ if (Signature == NULL || SigSize == 0 || SigSize > INT_MAX) {
+return FALSE;
+ }
+ if (SaltLen < DigestLen) {
+return FALSE;
+ }
+
+ HashAlg = GetEvpMD(DigestLen);
+
+ if (HashAlg == NULL) {
+return FALSE;
+ }
+
+ pEvpRsaKey = EVP_PKEY_new();
+ if (pEvpRsaKey == NULL) {
+
[edk2-devel] [PATCH v3 0/1] CryptoPkg: Add RSA PSS verify support
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314 This patch uses Openssl's EVP API's to perform RSASSA-PSS verification of a binary blob. Patch v1 Cover Letter : https://edk2.groups.io/g/devel/message/74286?p=,,,20,0,0,0::Created,,sachin,20,2,0,82225507 Patch v2 Cover Letter : https://edk2.groups.io/g/devel/message/74565?p=,,,20,0,0,0::Created,,sachin,20,2,0,82434091 https://github.com/sagraw2/edk2/tree/pss_1 https://github.com/sagraw2/edk2/tree/pss_2 https://github.com/sagraw2/edk2/tree/pss_3 Updates from v2: - Fixed gcc compilation error [CI System] Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Sachin Agrawal (1): CryptoPkg: BaseCryptLib: Add RSA PSS verify support CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c| 146 +++ CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c| 46 + CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c| 169 + CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c| 60 ++ CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c| 46 + CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssSignNull.c| 60 ++ CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 66 +++ CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BaseCryptLibUnitTests.c | 1 + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPssTests.c | 191 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaTests.c| 2 + CryptoPkg/Include/Library/BaseCryptLib.h | 74 CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf| 2 + CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 + CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 2 + CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 + CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf| 2 + CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf| 2 + CryptoPkg/Private/Protocol/Crypto.h| 78 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h| 3 + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf | 1 + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf | 1 + 21 files changed, 956 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssSignNull.c create mode 100644 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPssTests.c -- 2.14.3.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#74740): https://edk2.groups.io/g/devel/message/74740 Mute This Topic: https://groups.io/mt/82584085/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314
This patch uses Openssl's EVP API's to perform RSASSA-PSS verification
of a binary blob.
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Sachin Agrawal
---
Notes:
v2:
- Added SaltLen as argument (Jiewen)
- Added RsaPssSign support (Jiewen)
- Added Unit test (Jiewen)
- Added RSA PSS API in EDK2 Crypto Protocol (Missed in v1)
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c| 145
+++
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c| 46
+
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c| 168
+
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c| 60
++
CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c| 46
+
CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssSignNull.c| 60
++
CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 66
+++
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BaseCryptLibUnitTests.c | 1 +
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPssTests.c | 191
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaTests.c| 2 +
CryptoPkg/Include/Library/BaseCryptLib.h | 74
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf| 2 +
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 +
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 2 +
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 +
CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf| 2 +
CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf| 2 +
CryptoPkg/Private/Protocol/Crypto.h| 78
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h| 3 +
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf | 1 +
CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf | 1 +
21 files changed, 954 insertions(+)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
new file mode 100644
index ..023f64ba214b
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
@@ -0,0 +1,145 @@
+/** @file
+ RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
+
+ This file implements following APIs which provide basic capabilities for RSA:
+ 1) RsaPssVerify
+
+Copyright (c) 2021, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+
+#include
+#include
+#include
+#include
+
+
+/**
+ Retrieve a pointer to EVP message digest object.
+
+ @param[in] DigestLen Length of the message digest.
+
+**/
+static
+EVP_MD*
+GetEvpMD (
+ IN UINT16 DigestLen
+ )
+{
+ switch (DigestLen){
+case SHA256_DIGEST_SIZE:
+ return EVP_sha256();
+ break;
+case SHA384_DIGEST_SIZE:
+ return EVP_sha384();
+ break;
+case SHA512_DIGEST_SIZE:
+ return EVP_sha512();
+ break;
+default:
+ return NULL;
+ }
+}
+
+
+/**
+ Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC
8017.
+ Implementation determines salt length automatically from the signature
encoding.
+ Mask generation function is the same as the message digest algorithm.
+ Salt length should atleast be equal to digest length.
+
+ @param[in] RsaContext Pointer to RSA context for signature
verification.
+ @param[in] Message Pointer to octet message to be verified.
+ @param[in] MsgSize Size of the message in bytes.
+ @param[in] Signature Pointer to RSASSA-PSS signature to be verified.
+ @param[in] SigSize Size of signature in bytes.
+ @param[in] DigestLen Length of digest for RSA operation.
+ @param[in] SaltLen Salt length for PSS encoding.
+
+ @retval TRUE Valid signature encoded in RSASSA-PSS.
+ @retval FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RsaPssVerify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *Message,
+ IN UINTNMsgSize,
+ IN CONST UINT8 *Signature,
+ IN UINTNSigSize,
+ IN UINT16 DigestLen,
+ IN UINT16 SaltLen
+ )
+{
+ BOOLEAN Result;
+ EVP_PKEY *pEvpRsaKey = NULL;
+ EVP_MD_CTX *pEvpVerifyCtx = NULL;
+ EVP_PKEY_CTX *pKeyCtx = NULL;
+ CONST EVP_MD *HashAlg = NULL;
+
+ if (RsaContext == NULL) {
+return FALSE;
+ }
+ if (Message == NULL || MsgSize == 0 || MsgSize > INT_MAX) {
+return FALSE;
+ }
+ if (Signature == NULL || SigSize == 0 || SigSize > INT_MAX) {
+return FALSE;
+ }
+ if (SaltLen < DigestLen) {
+return FALSE;
+ }
+
+ HashAlg = GetEvpMD(DigestLen);
+
[edk2-devel] [PATCH v2 0/1] CryptoPkg: Add RSA PSS verify support
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314 This patch uses Openssl's EVP API's to perform RSASSA-PSS verification of a binary blob. Patch v1 Cover Letter : https://edk2.groups.io/g/devel/message/74286?p=,,,20,0,0,0::Created,,sachin,20,2,0,82225507 https://github.com/sagraw2/edk2/tree/pss_1 https://github.com/sagraw2/edk2/tree/pss_2 Updates from v1: - Added SaltLen as argument (Jiewen) - Added RsaPssSign support (Jiewen) - Added Unit test (Jiewen) - Added RSA PSS API in EDK2 Crypto Protocol (Missed in v1) Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Sachin Agrawal (1): CryptoPkg: BaseCryptLib: Add RSA PSS verify support CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c| 145 +++ CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c| 46 + CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c| 168 + CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c| 60 ++ CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c| 46 + CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssSignNull.c| 60 ++ CryptoPkg/Library/BaseCryptLibOnProtocolPpi/CryptLib.c | 66 +++ CryptoPkg/Test/UnitTest/Library/BaseCryptLib/BaseCryptLibUnitTests.c | 1 + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPssTests.c | 191 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaTests.c| 2 + CryptoPkg/Include/Library/BaseCryptLib.h | 74 CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf| 2 + CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 2 + CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 2 + CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 2 + CryptoPkg/Library/BaseCryptLib/UnitTestHostBaseCryptLib.inf| 2 + CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf| 2 + CryptoPkg/Private/Protocol/Crypto.h| 78 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLib.h| 3 + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibHost.inf | 1 + CryptoPkg/Test/UnitTest/Library/BaseCryptLib/TestBaseCryptLibShell.inf | 1 + 21 files changed, 954 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSign.c create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssSignNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssNull.c create mode 100644 CryptoPkg/Library/BaseCryptLibNull/Pk/CryptRsaPssSignNull.c create mode 100644 CryptoPkg/Test/UnitTest/Library/BaseCryptLib/RsaPssTests.c -- 2.14.3.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#74565): https://edk2.groups.io/g/devel/message/74565 Mute This Topic: https://groups.io/mt/82434091/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
Hi Jiewen, Thanks for sharing these references. We are currently using Salt Length of digest length. I will add the test for new API in the unit test framework in the next version of the patch. In reference to adding support for RsaPssSign() API : This maybe due to my ignorance, but I am unaware of usages where BIOS is involved in doing asymmetric signing during run time. I do see that CryptoPkg also contains TLS interface and that would involve asymmetric signing, but that will directly use the OpenSSL's TLS interface for signing. And, therefore I was skeptical about adding RsaPssSign interface. Thanks Sachin -Original Message- From: Yao, Jiewen Sent: Tuesday, April 20, 2021 6:29 PM To: Agrawal, Sachin ; devel@edk2.groups.io Cc: Wang, Jian J ; Lu, XiaoyuX ; Jiang, Guomin Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support HI Sachin Sorry, I forget to add link for the reference. 1) TPM2 Library Specification, part 2 structure (https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p64_Part2_Structures_15may2021.pdf) describes the PSS salt length. For the TPM_ALG_RSAPSS signing scheme, ... The salt size is always the largest salt value that will fit into the available space. 2) NIST FIPS 186-5 draft (https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5-draft.pdf) and NIST FIPS 186-4 (https://doi.org/10.6028/NIST.FIPS.186-4) says: For RSASSA-PSS, the length (in bytes) of the salt (sLen) shall satisfy 0 ≤ sLen ≤ hLen 3) TCG FIPS 140-2 Guidance for TPM2 (https://trustedcomputinggroup.org/resource/tcg-fips-140-2-guidance-for-tpm-2-0/) mentions: Language in [1] Part 1 Appendix B.7 RSASSA_PSS indicates: "For both restricted and unrestricted signing keys, the random salt length will be the largest size allowed by the key size and message digest size. NOTE If the TPM implementation is required to be compliant with FIPS 186-4, then the random salt length will be the largest size allowed by that specification." 4) TLS1.3 - RFC8446 (https://datatracker.ietf.org/doc/rfc8446/) has below. RSASSA-PSS PSS algorithms: The length of the Salt MUST be equal to the length of the digest algorithm. My view is that, TLS 1.3 and TPM FIPS mode require salt length == hash length, explicitly. May I know that in your production, which salt length you choose in signing? If you also choose salt length == hash length, then I would recommend make the default behavior to be HASH_LEN instead of AUTO. Also, may I recommend we add RsaPssSign API as well? Please also add the new API to the crypto test unit test. I notice that crypto implementation (such as openssl, mbedtls) has API to let caller indicate what is the expected salt length. The caller may want AUTO or MAX in their special environment. I am OK to add another API later (such as RsaPssVerifyEx) to satisfy that need, if there is real use case. > -Original Message- > From: Agrawal, Sachin > Sent: Tuesday, April 20, 2021 11:20 PM > To: Yao, Jiewen ; devel@edk2.groups.io > Cc: Wang, Jian J ; Lu, XiaoyuX > ; Jiang, Guomin > Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS > verify support > > Hi Jiewen, > > I reviewed RFC 8017 and I could not find any specific > 'recommendations' on salt length to be used during signing with PSS encoding > scheme. > However, in Section D.5.2.2.1(Notes 2) of IEEE 1363a-2004, it is > recommended to use salt length atleast equal to the hash digest length. > > We can modify the current API to take a additional parameter as salt > length and ONLY pursue verification operation if Salt length is > atleast equal to digest length. > This will act as a hardening mechanism for Edk2 as it will accept > signatures only with 'appropriate' salt lengths. > > Let me know if this is fine and I will push a corresponding patch. > > Thx > Sachin > > > -----Original Message- > From: Yao, Jiewen > Sent: Tuesday, April 20, 2021 2:12 AM > To: Agrawal, Sachin ; devel@edk2.groups.io > Cc: Wang, Jian J ; Lu, XiaoyuX > ; Jiang, Guomin > Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS > verify support > > Right. That has PROs and CONs. > > On one hand, that allows maximum compatibility, salt could be > HASH_SIZE or MAX, or even 0 ? > > On the other hand, what if the consumer only wants to accept a > specific length? E.g. TPM in FIPS mode and TLS requires > SaltLength==HashLength. > > Thank you > Yao Jiewen > > > > -Original Message- > > From: Agrawal, Sachin > > Sent: Tuesday, April 20, 2021 3:19 PM > > To: Yao, Jiewen ; devel@edk2.groups.io > > Cc: Wang, Jian J ; Lu, XiaoyuX > > ; Jiang, Guomin > > Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS > &
Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
Hi Jiewen,
I reviewed RFC 8017 and I could not find any specific 'recommendations' on salt
length to be used during signing with PSS encoding scheme.
However, in Section D.5.2.2.1(Notes 2) of IEEE 1363a-2004, it is recommended to
use salt length atleast equal to the hash digest length.
We can modify the current API to take a additional parameter as salt length and
ONLY pursue verification operation if Salt length is atleast equal to digest
length.
This will act as a hardening mechanism for Edk2 as it will accept signatures
only with 'appropriate' salt lengths.
Let me know if this is fine and I will push a corresponding patch.
Thx
Sachin
-Original Message-
From: Yao, Jiewen
Sent: Tuesday, April 20, 2021 2:12 AM
To: Agrawal, Sachin ; devel@edk2.groups.io
Cc: Wang, Jian J ; Lu, XiaoyuX ;
Jiang, Guomin
Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
Right. That has PROs and CONs.
On one hand, that allows maximum compatibility, salt could be HASH_SIZE or MAX,
or even 0 ?
On the other hand, what if the consumer only wants to accept a specific length?
E.g. TPM in FIPS mode and TLS requires SaltLength==HashLength.
Thank you
Yao Jiewen
> -Original Message-
> From: Agrawal, Sachin
> Sent: Tuesday, April 20, 2021 3:19 PM
> To: Yao, Jiewen ; devel@edk2.groups.io
> Cc: Wang, Jian J ; Lu, XiaoyuX
> ; Jiang, Guomin
> Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS
> verify support
>
> Hi Jiewen,
>
> From Section 9.1 in RFC 8017:
> " Note that the verification operation follows reverse steps to recover
>salt and then forward steps to recompute and compare H."
>
> Therefore, salt length can be inferred from the PSS block structure
> during verification operation.
>
> I opted for 'RSA_PSS_SALTLEN_AUTO' as it will allow Edk2 to verify PSS
> signatures of any salt lengths.
>
> Thanks
> Sachin
>
> -Original Message-----
> From: Yao, Jiewen
> Sent: Monday, April 19, 2021 7:30 PM
> To: Agrawal, Sachin ; devel@edk2.groups.io
> Cc: Wang, Jian J ; Lu, XiaoyuX
> ; Jiang, Guomin
> Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS
> verify support
>
> Hi Sachin
> May I know why you hardcode PSS salt length to be RSA_PSS_SALTLEN_AUTO ?
>
> Thank you
> Yao Jiewen
>
>
> > -Original Message-
> > From: Agrawal, Sachin
> > Sent: Tuesday, April 20, 2021 10:02 AM
> > To: devel@edk2.groups.io
> > Cc: Yao, Jiewen ; Wang, Jian J
> > ; Lu, XiaoyuX ; Jiang,
> > Guomin ; Agrawal, Sachin
> >
> > Subject: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify
> > support
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314
> >
> > This patch uses Openssl's EVP API's to perform RSASSA-PSS
> > verification of a binary blob.
> >
> > Cc: Jiewen Yao
> > Cc: Jian J Wang
> > Cc: Xiaoyu Lu
> > Cc: Guomin Jiang
> >
> > Signed-off-by: Sachin Agrawal
> > ---
> > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 139
> >
> > CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c | 43 ++
> > CryptoPkg/Include/Library/BaseCryptLib.h| 27
> > CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 +
> > CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 1 +
> > CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 1 +
> > CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 1 +
> > 7 files changed, 213 insertions(+)
> >
> > diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
> > b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
> > new file mode 100644
> > index ..acf5eb689cd8
> > --- /dev/null
> > +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
> > @@ -0,0 +1,139 @@
> > +/** @file
> > + RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
> > +
> > + This file implements following APIs which provide basic capabilities for
> > RSA:
> > + 1) RsaPssVerify
> > +
> > +Copyright (c) 2021, Intel Corporation. All rights reserved.
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#include "InternalCryptLib.h"
> > +
> > +#include
> > +#include
> > +#include
> > +#include
> > +
> > +
> > +/**
> > + Retrieve a pointer to EVP message digest object.
> > +
> > + @param[in] DigestLen Length of the message digest.
> > +
> > +**/
> > +static
> > +EVP_MD*
> > +GetEvpMD (
> > + IN UINT16 DigestLen
> > + )
> > +{
>
Re: [edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
Hi Jiewen,
>From Section 9.1 in RFC 8017:
" Note that the verification operation follows reverse steps to recover
salt and then forward steps to recompute and compare H."
Therefore, salt length can be inferred from the PSS block structure during
verification operation.
I opted for 'RSA_PSS_SALTLEN_AUTO' as it will allow Edk2 to verify PSS
signatures of any salt lengths.
Thanks
Sachin
-Original Message-
From: Yao, Jiewen
Sent: Monday, April 19, 2021 7:30 PM
To: Agrawal, Sachin ; devel@edk2.groups.io
Cc: Wang, Jian J ; Lu, XiaoyuX ;
Jiang, Guomin
Subject: RE: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
Hi Sachin
May I know why you hardcode PSS salt length to be RSA_PSS_SALTLEN_AUTO ?
Thank you
Yao Jiewen
> -Original Message-
> From: Agrawal, Sachin
> Sent: Tuesday, April 20, 2021 10:02 AM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen ; Wang, Jian J
> ; Lu, XiaoyuX ; Jiang,
> Guomin ; Agrawal, Sachin
>
> Subject: [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify
> support
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314
>
> This patch uses Openssl's EVP API's to perform RSASSA-PSS verification
> of a binary blob.
>
> Cc: Jiewen Yao
> Cc: Jian J Wang
> Cc: Xiaoyu Lu
> Cc: Guomin Jiang
>
> Signed-off-by: Sachin Agrawal
> ---
> CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 139
>
> CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c | 43 ++
> CryptoPkg/Include/Library/BaseCryptLib.h| 27
> CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 +
> CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 1 +
> CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 1 +
> CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 1 +
> 7 files changed, 213 insertions(+)
>
> diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
> b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
> new file mode 100644
> index ..acf5eb689cd8
> --- /dev/null
> +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
> @@ -0,0 +1,139 @@
> +/** @file
> + RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
> +
> + This file implements following APIs which provide basic capabilities for
> RSA:
> + 1) RsaPssVerify
> +
> +Copyright (c) 2021, Intel Corporation. All rights reserved.
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include "InternalCryptLib.h"
> +
> +#include
> +#include
> +#include
> +#include
> +
> +
> +/**
> + Retrieve a pointer to EVP message digest object.
> +
> + @param[in] DigestLen Length of the message digest.
> +
> +**/
> +static
> +EVP_MD*
> +GetEvpMD (
> + IN UINT16 DigestLen
> + )
> +{
> + switch (DigestLen){
> +case SHA256_DIGEST_SIZE:
> + return EVP_sha256();
> + break;
> +case SHA384_DIGEST_SIZE:
> + return EVP_sha384();
> + break;
> +case SHA512_DIGEST_SIZE:
> + return EVP_sha512();
> + break;
> +default:
> + return NULL;
> + }
> +}
> +
> +
> +/**
> + Verifies the RSA signature with RSASSA-PSS signature scheme defined
> +in RFC
> 8017.
> + Implementation determines salt length automatically from the
> + signature
> encoding.
> + Mask generation function is the same as the message digest algorithm.
> +
> + @param[in] RsaContext Pointer to RSA context for signature
> verification.
> + @param[in] Message Pointer to octet message to be verified.
> + @param[in] MsgSize Size of the message in bytes.
> + @param[in] Signature Pointer to RSASSA-PSS signature to be verified.
> + @param[in] SigSize Size of signature in bytes.
> + @param[in] DigestLen Length of digest for RSA operation.
> +
> + @retval TRUE Valid signature encoded in RSASSA-PSS.
> + @retval FALSE Invalid signature or invalid RSA context.
> +
> +**/
> +BOOLEAN
> +EFIAPI
> +RsaPssVerify (
> + IN VOID *RsaContext,
> + IN CONST UINT8 *Message,
> + IN UINTNMsgSize,
> + IN CONST UINT8 *Signature,
> + IN UINTNSigSize,
> + IN UINT16 DigestLen
> + )
> +{
> + BOOLEAN Result;
> + EVP_PKEY *pEvpRsaKey = NULL;
> + EVP_MD_CTX *pEvpVerifyCtx = NULL;
> + EVP_PKEY_CTX *pKeyCtx = NULL;
> + CONST EVP_MD *HashAlg = NULL;
> +
> + if (RsaContext == NULL) {
> +return FALSE;
> + }
> + if (Message == NULL || MsgSize == 0 || MsgSize > INT_MAX) {
> +return FALSE;
> + }
> + if (Signature == NULL || SigSize == 0 || SigSize > INT_MAX) {
> +return FALSE;
> + }
> +
&
[edk2-devel] [PATCH v1 1/1] CryptoPkg: BaseCryptLib: Add RSA PSS verify support
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314
This patch uses Openssl's EVP API's to perform RSASSA-PSS verification
of a binary blob.
Cc: Jiewen Yao
Cc: Jian J Wang
Cc: Xiaoyu Lu
Cc: Guomin Jiang
Signed-off-by: Sachin Agrawal
---
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 139
CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c | 43 ++
CryptoPkg/Include/Library/BaseCryptLib.h| 27
CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 1 +
CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 1 +
7 files changed, 213 insertions(+)
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
new file mode 100644
index ..acf5eb689cd8
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c
@@ -0,0 +1,139 @@
+/** @file
+ RSA Asymmetric Cipher Wrapper Implementation over OpenSSL.
+
+ This file implements following APIs which provide basic capabilities for RSA:
+ 1) RsaPssVerify
+
+Copyright (c) 2021, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+
+#include
+#include
+#include
+#include
+
+
+/**
+ Retrieve a pointer to EVP message digest object.
+
+ @param[in] DigestLen Length of the message digest.
+
+**/
+static
+EVP_MD*
+GetEvpMD (
+ IN UINT16 DigestLen
+ )
+{
+ switch (DigestLen){
+case SHA256_DIGEST_SIZE:
+ return EVP_sha256();
+ break;
+case SHA384_DIGEST_SIZE:
+ return EVP_sha384();
+ break;
+case SHA512_DIGEST_SIZE:
+ return EVP_sha512();
+ break;
+default:
+ return NULL;
+ }
+}
+
+
+/**
+ Verifies the RSA signature with RSASSA-PSS signature scheme defined in RFC
8017.
+ Implementation determines salt length automatically from the signature
encoding.
+ Mask generation function is the same as the message digest algorithm.
+
+ @param[in] RsaContext Pointer to RSA context for signature
verification.
+ @param[in] Message Pointer to octet message to be verified.
+ @param[in] MsgSize Size of the message in bytes.
+ @param[in] Signature Pointer to RSASSA-PSS signature to be verified.
+ @param[in] SigSize Size of signature in bytes.
+ @param[in] DigestLen Length of digest for RSA operation.
+
+ @retval TRUE Valid signature encoded in RSASSA-PSS.
+ @retval FALSE Invalid signature or invalid RSA context.
+
+**/
+BOOLEAN
+EFIAPI
+RsaPssVerify (
+ IN VOID *RsaContext,
+ IN CONST UINT8 *Message,
+ IN UINTNMsgSize,
+ IN CONST UINT8 *Signature,
+ IN UINTNSigSize,
+ IN UINT16 DigestLen
+ )
+{
+ BOOLEAN Result;
+ EVP_PKEY *pEvpRsaKey = NULL;
+ EVP_MD_CTX *pEvpVerifyCtx = NULL;
+ EVP_PKEY_CTX *pKeyCtx = NULL;
+ CONST EVP_MD *HashAlg = NULL;
+
+ if (RsaContext == NULL) {
+return FALSE;
+ }
+ if (Message == NULL || MsgSize == 0 || MsgSize > INT_MAX) {
+return FALSE;
+ }
+ if (Signature == NULL || SigSize == 0 || SigSize > INT_MAX) {
+return FALSE;
+ }
+
+ HashAlg = GetEvpMD(DigestLen);
+
+ if (HashAlg == NULL) {
+return FALSE;
+ }
+
+ pEvpRsaKey = EVP_PKEY_new();
+ if (pEvpRsaKey == NULL) {
+goto _Exit;
+ }
+
+ EVP_PKEY_set1_RSA(pEvpRsaKey, RsaContext);
+
+ pEvpVerifyCtx = EVP_MD_CTX_create();
+ if (pEvpVerifyCtx == NULL) {
+goto _Exit;
+ }
+
+ Result = EVP_DigestVerifyInit(pEvpVerifyCtx, , HashAlg, NULL,
pEvpRsaKey) > 0;
+ if (pKeyCtx == NULL) {
+goto _Exit;
+ }
+
+ if (Result) {
+Result = EVP_PKEY_CTX_set_rsa_padding(pKeyCtx, RSA_PKCS1_PSS_PADDING) > 0;
+ }
+ if (Result) {
+Result = EVP_PKEY_CTX_set_rsa_pss_saltlen(pKeyCtx, RSA_PSS_SALTLEN_AUTO) >
0;
+ }
+ if (Result) {
+Result = EVP_PKEY_CTX_set_rsa_mgf1_md(pKeyCtx, HashAlg) > 0;
+ }
+ if (Result) {
+Result = EVP_DigestVerifyUpdate(pEvpVerifyCtx, Message, (UINT32)MsgSize) >
0;
+ }
+ if (Result) {
+Result = EVP_DigestVerifyFinal(pEvpVerifyCtx, Signature, (UINT32)SigSize)
> 0;
+ }
+
+_Exit :
+ if (pEvpRsaKey) {
+EVP_PKEY_free(pEvpRsaKey);
+ }
+ if (pEvpVerifyCtx) {
+EVP_MD_CTX_destroy(pEvpVerifyCtx);
+ }
+
+ return Result;
+}
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
new file mode 100644
index ..8d84b4c1426c
--- /dev/null
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c
@@ -0,0 +1,43 @@
+/** @file
+ RSA-PSS Asymmetric Cipher Wrapper Implementation over OpenSSL.
+
+ This file does not provide real capabilities for following APIs in RSA
handling:
+ 1) RsaPssVerify
+
+Copyright (c) 2021, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "InternalCryptLib.h"
+
+/**
+ Verifies the RSA signature
[edk2-devel] [PATCH v1 0/1] CryptoPkg: Add RSA PSS verify support
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3314 This patch uses Openssl's EVP API's to perform RSASSA-PSS verification of a binary blob. https://github.com/sagraw2/edk2/tree/pss_1 Cc: Jiewen Yao Cc: Jian J Wang Cc: Xiaoyu Lu Cc: Guomin Jiang Sachin Agrawal (1): CryptoPkg: BaseCryptLib: Add RSA PSS verify support CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c | 139 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c | 43 ++ CryptoPkg/Include/Library/BaseCryptLib.h| 27 CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf | 1 + CryptoPkg/Library/BaseCryptLib/PeiCryptLib.inf | 1 + CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf | 1 + CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf | 1 + 7 files changed, 213 insertions(+) create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPss.c create mode 100644 CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaPssNull.c -- 2.14.3.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#74286): https://edk2.groups.io/g/devel/message/74286 Mute This Topic: https://groups.io/mt/82225507/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH v2] Add support for Diagnostics ACM in FitGen tool
From: "Agrawal, Sachin"
REF https://bugzilla.tianocore.org/show_bug.cgi?id=2200
FitGen Tool is responsible for creating FIT table in UEFI BIOS.
A new FIT entry type (FIT Type 0x3) has been allocated for Diagnsotics ACM.
FitGen tool is updated to add support for this Diagnostics ACM.
Cc: Bob Feng
Cc: Liming Gao
Signed-off-by: Sachin Agrawal
---
Notes:
v2:
-Remove CheckOverlap call for Diagnostics ACM
-Updated Minor version to 59
Silicon/Intel/Tools/FitGen/FitGen.c | 67
Silicon/Intel/Tools/FitGen/FitGen.h | 2 +-
2 files changed, 68 insertions(+), 1 deletion(-)
diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c
b/Silicon/Intel/Tools/FitGen/FitGen.c
index 5f5638dc8b..8122c10ebb 100644
--- a/Silicon/Intel/Tools/FitGen/FitGen.c
+++ b/Silicon/Intel/Tools/FitGen/FitGen.c
@@ -217,6 +217,7 @@ typedef struct {
#define FIT_TABLE_TYPE_HEADER 0
#define FIT_TABLE_TYPE_MICROCODE 1
#define FIT_TABLE_TYPE_STARTUP_ACM2
+#define FIT_TABLE_TYPE_DIAGNST_ACM3
#define FIT_TABLE_TYPE_BIOS_MODULE7
#define FIT_TABLE_TYPE_TPM_POLICY 8
#define FIT_TABLE_TYPE_BIOS_POLICY9
@@ -254,6 +255,8 @@ typedef struct {
UINT32 FitHeaderVersion;
FIT_TABLE_CONTEXT_ENTRYStartupAcm;
UINT32 StartupAcmVersion;
+ FIT_TABLE_CONTEXT_ENTRYDiagnstAcm;
+ UINT32 DiagnstAcmVersion;
FIT_TABLE_CONTEXT_ENTRYBiosModule[MAX_BIOS_MODULE_ENTRY];
UINT32 BiosModuleVersion;
FIT_TABLE_CONTEXT_ENTRYMicrocode[MAX_MICROCODE_ENTRY];
@@ -326,6 +329,7 @@ Returns:
"\t[-L ]\n"
"\t[-I ]\n"
"\t[-S |] [-V
]\n"
+ "\t[-U |]\n"
"\t[-B ] [-B ...] [-V
]\n"
"\t[-M ] [-M ...]|[-U ||] [-V
]\n"
"\t[-O RecordType ||| [-V ]] [-O ...
[-V ...]]\n"
@@ -340,6 +344,8 @@ Returns:
printf ("\tStartupAcmAddress - Address of StartupAcm.\n");
printf ("\tStartupAcmSize - Size of StartupAcm.\n");
printf ("\tStartupAcmGuid - Guid of StartupAcm Module, if StartupAcm
is in a BiosModule, it will be excluded form that.\n");
+ printf ("\tDiagnstAcmAddress - Address of DiagnstAcm.\n");
+ printf ("\tDiagnstAcmGuid - Guid of DiagnstAcm Module, if DiagnstAcm
is in a BiosModule, it will be excluded from that.\n");
printf ("\tBiosModuleAddress - Address of BiosModule. User should
ensure there is no overlap.\n");
printf ("\tBiosModuleSize - Size of BiosModule.\n");
printf ("\tMicrocodeAddress - Address of Microcode.\n");
@@ -1029,6 +1035,17 @@ Returns:
gFitTableContext.StartupAcmVersion =
BiosInfoStruct[BiosInfoIndex].Version;
gFitTableContext.FitEntryNumber ++;
break;
+case FIT_TABLE_TYPE_DIAGNST_ACM:
+ if (gFitTableContext.DiagnstAcm.Type != 0) {
+Error (NULL, 0, 0, "-U Parameter incorrect, Duplicated
DiagnosticsAcm!", NULL);
+return 0;
+ }
+ gFitTableContext.DiagnstAcm.Type= FIT_TABLE_TYPE_DIAGNST_ACM;
+ gFitTableContext.DiagnstAcm.Address =
(UINT32)BiosInfoStruct[BiosInfoIndex].Address;
+ gFitTableContext.DiagnstAcm.Size= 0;
+ gFitTableContext.DiagnstAcmVersion = DEFAULT_FIT_ENTRY_VERSION;
+ gFitTableContext.FitEntryNumber ++;
+ break;
case FIT_TABLE_TYPE_BIOS_MODULE:
if ((BiosInfoStruct[BiosInfoIndex].Attributes &
BIOS_INFO_STRUCT_ATTRIBUTE_BIOS_POST_IBB) != 0) {
continue;
@@ -1261,6 +1278,40 @@ Returns:
} while (FALSE);
//
+ // 1.5. DiagnosticsAcm
+ //
+ do {
+if ((Index + 1 >= argc) ||
+((strcmp (argv[Index], "-U") != 0) &&
+ (strcmp (argv[Index], "-u") != 0)) ) {
+ if (BiosInfoExist && (gFitTableContext.DiagnstAcm.Type ==
FIT_TABLE_TYPE_DIAGNST_ACM)) {
+break;
+ }
+ break;
+}
+if (IsGuidData (argv[Index + 1], )) {
+ FileBuffer = FindFileFromFvByGuid (FdBuffer, FdSize, , );
+ if (FileBuffer == NULL) {
+Error (NULL, 0, 0, "-U Parameter incorrect, GUID not found!", "%s",
argv[Index + 1]);
+return 0;
+ }
+ FileBuffer = (UINT8 *)MEMORY_TO_FLASH (FileBuffer, FdBuffer, FdSize);
+ Index += 2;
+} else {
+ FileBuffer = (UINT8 *) (UINTN) xtoi (argv[Index + 1]);
+ Index += 2;
+}
+if (gFitTableContext.DiagnstAcm.Type != 0) {
+ Error (NULL, 0, 0, "-U Parameter incorrect, Duplicated DiagnosticsAcm!",
NULL);
+ return 0;
+}
+gFitTableContext.DiagnstAcm.Type = FIT_TABLE_TYPE_DIAGNST_ACM;
+gFitTableContext.DiagnstAcm.Address = (UINT32) (UINTN) FileBuf
[edk2-devel] [PATCH] Add support for FuSA ACM in FitGen tool
REF https://bugzilla.tianocore.org/show_bug.cgi?id=2200
FitGen Tool is responsible for creating FIT table in UEFI BIOS.
A new FIT entry type (FIT Type 0x3) has been allocated for FuSa ACM.
FitGen tool is updated to add support for this FuSa ACM.
Cc: Bob Feng
Cc: Liming Gao
Signed-off-by: Sachin Agrawal
---
Silicon/Intel/Tools/FitGen/FitGen.c | 82 +
1 file changed, 82 insertions(+)
diff --git a/Silicon/Intel/Tools/FitGen/FitGen.c
b/Silicon/Intel/Tools/FitGen/FitGen.c
index faf9880060..1ebce40505 100644
--- a/Silicon/Intel/Tools/FitGen/FitGen.c
+++ b/Silicon/Intel/Tools/FitGen/FitGen.c
@@ -217,6 +217,7 @@ typedef struct {
#define FIT_TABLE_TYPE_HEADER 0
#define FIT_TABLE_TYPE_MICROCODE 1
#define FIT_TABLE_TYPE_STARTUP_ACM2
+#define FIT_TABLE_TYPE_FUSA_ACM 3
#define FIT_TABLE_TYPE_BIOS_MODULE7
#define FIT_TABLE_TYPE_TPM_POLICY 8
#define FIT_TABLE_TYPE_BIOS_POLICY9
@@ -246,6 +247,8 @@ typedef struct {
UINT32 FitHeaderVersion;
FIT_TABLE_CONTEXT_ENTRYStartupAcm;
UINT32 StartupAcmVersion;
+ FIT_TABLE_CONTEXT_ENTRYFusaAcm;
+ UINT32 FusaAcmVersion;
FIT_TABLE_CONTEXT_ENTRYBiosModule[MAX_BIOS_MODULE_ENTRY];
UINT32 BiosModuleVersion;
FIT_TABLE_CONTEXT_ENTRYMicrocode[MAX_MICROCODE_ENTRY];
@@ -317,6 +320,7 @@ Returns:
"\t[-CLEAR]\n"
"\t[-I ]\n"
"\t[-S |] [-V
]\n"
+ "\t[-F |] [-V
]\n"
"\t[-B ] [-B ...] [-V
]\n"
"\t[-M ] [-M ...]|[-U ||] [-V
]\n"
"\t[-O RecordType ||| [-V ]] [-O ...
[-V ...]]\n"
@@ -331,6 +335,9 @@ Returns:
printf ("\tStartupAcmAddress - Address of StartupAcm.\n");
printf ("\tStartupAcmSize - Size of StartupAcm.\n");
printf ("\tStartupAcmGuid - Guid of StartupAcm Module, if StartupAcm
is in a BiosModule, it will be excluded form that.\n");
+ printf ("\tFusaAcmAddress - Address of FusaAcm.\n");
+ printf ("\tFusaAcmSize- Size of FusaAcm.\n");
+ printf ("\tFusaAcmGuid- Guid of FusaAcm Module, if FusaAcm is in
a BiosModule, it will be excluded from that.\n");
printf ("\tBiosModuleAddress - Address of BiosModule. User should
ensure there is no overlap.\n");
printf ("\tBiosModuleSize - Size of BiosModule.\n");
printf ("\tMicrocodeAddress - Address of Microcode.\n");
@@ -349,6 +356,7 @@ Returns:
printf ("\tFitEntryDefaultVersion - The default version for all FIT table
entries. 0x%04x is used if this is not specified.\n",
DEFAULT_FIT_ENTRY_VERSION);
printf ("\tFitHeaderVersion - The version for FIT header. (Override
default version)\n");
printf ("\tStartupAcmVersion - The version for StartupAcm. (Override
default version)\n");
+ printf ("\tFusaAcmVersion - The version for FusaAcm. (Override
default version)\n");
printf ("\tBiosModuleVersion - The version for BiosModule. (Override
default version)\n");
printf ("\tMicrocodeVersion - The version for Microcode. (Override
default version)\n");
printf ("\tRecordVersion - The version for Record. (Override
default version)\n");
@@ -953,6 +961,17 @@ Returns:
gFitTableContext.StartupAcmVersion =
BiosInfoStruct[BiosInfoIndex].Version;
gFitTableContext.FitEntryNumber ++;
break;
+case FIT_TABLE_TYPE_FUSA_ACM:
+ if (gFitTableContext.FusaAcm.Type != 0) {
+Error (NULL, 0, 0, "-I Parameter incorrect, Duplicated FusaAcm!",
NULL);
+return 0;
+ }
+ gFitTableContext.FusaAcm.Type= FIT_TABLE_TYPE_FUSA_ACM;
+ gFitTableContext.FusaAcm.Address =
(UINT32)BiosInfoStruct[BiosInfoIndex].Address;
+ gFitTableContext.FusaAcm.Size=
(UINT32)BiosInfoStruct[BiosInfoIndex].Size;
+ gFitTableContext.FusaAcmVersion =
BiosInfoStruct[BiosInfoIndex].Version;
+ gFitTableContext.FitEntryNumber ++;
+ break;
case FIT_TABLE_TYPE_BIOS_MODULE:
if ((BiosInfoStruct[BiosInfoIndex].Attributes &
BIOS_INFO_STRUCT_ATTRIBUTE_BIOS_POST_IBB) != 0) {
continue;
@@ -1148,6 +1167,52 @@ Returns:
} while (FALSE);
//
+ // 1.5. FusaAcm
+ //
+ do {
+if ((Index + 1 >= argc) ||
+((strcmp (argv[Index], "-F") != 0) &&
+ (strcmp (argv[Index], "-f") != 0)) ) {
+ if (BiosInfoExist && (gFitTableContext.FusaAcm.Type ==
FIT_TABLE_TYPE_FUSA_ACM)) {
+break;
+ }
+ break;
+}
+if (IsGuidData (argv[Index + 1], )) {
+ FileBuffer = FindFileFromFvByGuid (FdBuffer, FdSize, , );
+ if (FileBuffer == NULL) {
+Error (NULL, 0, 0, "-F Parameter incorrect, GUID not found!", "%s",
argv[Index + 1]);
+return 0;
+ }
+ FileBuffer = (UINT8 *)MEMORY_TO_FLASH (FileBuffer, FdBuffer, FdSize);
+
[edk2-devel] [PATCH] MdeModulePkg/UfsPassThru : Fix UFS flag read from Query Resp UPIU
As per UFS spec, flag value is stored in the 'last byte' of value
field. Existing code is attempting to read first byte.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2208
Test: Verified the Fix by sending command to set fPowerOnWPEn flag
and then reading it to verify the set value.
Cc: Hao A Wu
Cc: Ray Ni
Signed-off-by: Sachin Agrawal
---
MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsHci.c | 5 -
MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThruHci.c | 5 -
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsHci.c
b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsHci.c
index e8ef0c2a7a..e450f6f49d 100644
--- a/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsHci.c
+++ b/MdeModulePkg/Bus/Ufs/UfsBlockIoPei/UfsHci.c
@@ -977,7 +977,10 @@ UfsRwFlags (
}
if (Trd->Ocs == 0) {
-*Value = (UINT8)QueryResp->Tsf.Value;
+//
+// The 'FLAG VALUE' field is at byte offset 3 of QueryResp->Tsf.Value
+//
+*Value = *((UINT8*)&(QueryResp->Tsf.Value) + 3);
} else {
Status = EFI_DEVICE_ERROR;
}
diff --git a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThruHci.c
b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThruHci.c
index 0b95e7..93ac958f65 100644
--- a/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThruHci.c
+++ b/MdeModulePkg/Bus/Ufs/UfsPassThruDxe/UfsPassThruHci.c
@@ -863,7 +863,10 @@ UfsGetReturnDataFromQueryResponse (
case UtpQueryFuncOpcodeSetFlag:
case UtpQueryFuncOpcodeClrFlag:
case UtpQueryFuncOpcodeTogFlag:
- CopyMem (Packet->DataBuffer, >Tsf.Value, sizeof (UINT8));
+ //
+ // The 'FLAG VALUE' field is at byte offset 3 of QueryResp->Tsf.Value
+ //
+ *((UINT8*)(Packet->DataBuffer)) = *((UINT8*)&(QueryResp->Tsf.Value) + 3);
break;
case UtpQueryFuncOpcodeRdAttr:
case UtpQueryFuncOpcodeWrAttr:
--
2.14.3.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#47849): https://edk2.groups.io/g/devel/message/47849
Mute This Topic: https://groups.io/mt/34263041/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
