OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 */ | 4 */ |
5 | 5 |
6 #ifndef VBOOT_REFERENCE_RSA_H_ | 6 #ifndef VBOOT_REFERENCE_RSA_H_ |
7 #define VBOOT_REFERENCE_RSA_H_ | 7 #define VBOOT_REFERENCE_RSA_H_ |
8 | 8 |
9 #include <inttypes.h> | 9 #ifndef VBOOT_REFERENCE_CRYPTOLIB_H_ |
| 10 #error "Do not include this file directly. Use cryptolib.h instead." |
| 11 #endif |
| 12 |
| 13 #include <stdint.h> |
10 | 14 |
11 #define RSA1024NUMBYTES 128 /* 1024 bit key length */ | 15 #define RSA1024NUMBYTES 128 /* 1024 bit key length */ |
12 #define RSA2048NUMBYTES 256 /* 2048 bit key length */ | 16 #define RSA2048NUMBYTES 256 /* 2048 bit key length */ |
13 #define RSA4096NUMBYTES 512 /* 4096 bit key length */ | 17 #define RSA4096NUMBYTES 512 /* 4096 bit key length */ |
14 #define RSA8192NUMBYTES 1024 /* 8192 bit key length */ | 18 #define RSA8192NUMBYTES 1024 /* 8192 bit key length */ |
15 | 19 |
16 #define RSA1024NUMWORDS (RSA1024NUMBYTES / sizeof(uint32_t)) | 20 #define RSA1024NUMWORDS (RSA1024NUMBYTES / sizeof(uint32_t)) |
17 #define RSA2048NUMWORDS (RSA2048NUMBYTES / sizeof(uint32_t)) | 21 #define RSA2048NUMWORDS (RSA2048NUMBYTES / sizeof(uint32_t)) |
18 #define RSA4096NUMWORDS (RSA4096NUMBYTES / sizeof(uint32_t)) | 22 #define RSA4096NUMWORDS (RSA4096NUMBYTES / sizeof(uint32_t)) |
19 #define RSA8192NUMWORDS (RSA8192NUMBYTES / sizeof(uint32_t)) | 23 #define RSA8192NUMWORDS (RSA8192NUMBYTES / sizeof(uint32_t)) |
20 | 24 |
21 typedef struct RSAPublicKey { | 25 typedef struct RSAPublicKey { |
22 int len; /* Length of n[] in number of uint32_t */ | 26 int len; /* Length of n[] in number of uint32_t */ |
23 uint32_t n0inv; /* -1 / n[0] mod 2^32 */ | 27 uint32_t n0inv; /* -1 / n[0] mod 2^32 */ |
24 uint32_t* n; /* modulus as little endian array */ | 28 uint32_t* n; /* modulus as little endian array */ |
25 uint32_t* rr; /* R^2 as little endian array */ | 29 uint32_t* rr; /* R^2 as little endian array */ |
26 } RSAPublicKey; | 30 } RSAPublicKey; |
27 | 31 |
28 /* Verify a RSA PKCS1.5 signature [sig] of [sig_type] and length [sig_len] | 32 /* Verify a RSA PKCS1.5 signature [sig] of [sig_type] and length [sig_len] |
29 * against an expected [hash] using [key]. Returns 0 on failure, 1 on success. | 33 * against an expected [hash] using [key]. Returns 0 on failure, 1 on success. |
30 */ | 34 */ |
31 int RSAVerify(const RSAPublicKey *key, | 35 int RSAVerify(const RSAPublicKey *key, |
32 const uint8_t* sig, | 36 const uint8_t* sig, |
33 const int sig_len, | 37 const int sig_len, |
34 const uint8_t sig_type, | 38 const uint8_t sig_type, |
35 const uint8_t* hash); | 39 const uint8_t* hash); |
| 40 |
| 41 /* Perform RSA signature verification on [buf] of length [len] against expected |
| 42 * signature [sig] using signature algorithm [algorithm]. The public key used |
| 43 * for verification can either be in the form of a pre-process key blob |
| 44 * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must |
| 45 * be non-NULL, and the other NULL or the function will fail. |
| 46 * |
| 47 * Returns 1 on verification success, 0 on verification failure or invalid |
| 48 * arguments. |
| 49 * |
| 50 * Note: This function is for use in the firmware and assumes all pointers point |
| 51 * to areas in the memory of the right size. |
| 52 * |
| 53 */ |
| 54 int RSAVerifyBinary_f(const uint8_t* key_blob, |
| 55 const RSAPublicKey* key, |
| 56 const uint8_t* buf, |
| 57 uint64_t len, |
| 58 const uint8_t* sig, |
| 59 int algorithm); |
| 60 |
| 61 /* Version of RSAVerifyBinary_f() where instead of the raw binary blob |
| 62 * of data, its digest is passed as the argument. */ |
| 63 int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob, |
| 64 const RSAPublicKey* key, |
| 65 const uint8_t* digest, |
| 66 const uint8_t* sig, |
| 67 int algorithm); |
| 68 |
| 69 |
| 70 /* ----Some additional utility functions for RSA.---- */ |
| 71 |
| 72 /* Returns the size of a pre-processed RSA public key in bytes with algorithm |
| 73 * [algorithm]. */ |
| 74 int RSAProcessedKeySize(int algorithm); |
| 75 |
| 76 /* Allocate a new RSAPublicKey structure and initialize its pointer fields to |
| 77 * NULL */ |
| 78 RSAPublicKey* RSAPublicKeyNew(void); |
| 79 |
| 80 /* Deep free the contents of [key]. */ |
| 81 void RSAPublicKeyFree(RSAPublicKey* key); |
| 82 |
| 83 /* Create a RSAPublic key structure from binary blob [buf] of length |
| 84 * [len]. |
| 85 * |
| 86 * Caller owns the returned key and must free it. |
| 87 */ |
| 88 RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len); |
| 89 |
36 | 90 |
37 #endif /* VBOOT_REFERENCE_RSA_H_ */ | 91 #endif /* VBOOT_REFERENCE_RSA_H_ */ |
OLD | NEW |