OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 */ | 4 */ |
5 | 5 |
6 #ifndef VBOOT_REFERENCE_RSA_H_ | 6 #ifndef VBOOT_REFERENCE_RSA_H_ |
7 #define VBOOT_REFERENCE_RSA_H_ | 7 #define VBOOT_REFERENCE_RSA_H_ |
8 | 8 |
9 #ifndef VBOOT_REFERENCE_CRYPTOLIB_H_ | 9 #include <inttypes.h> |
10 #error "Do not include this file directly. Use cryptolib.h instead." | |
11 #endif | |
12 | |
13 #include <stdint.h> | |
14 | 10 |
15 #define RSA1024NUMBYTES 128 /* 1024 bit key length */ | 11 #define RSA1024NUMBYTES 128 /* 1024 bit key length */ |
16 #define RSA2048NUMBYTES 256 /* 2048 bit key length */ | 12 #define RSA2048NUMBYTES 256 /* 2048 bit key length */ |
17 #define RSA4096NUMBYTES 512 /* 4096 bit key length */ | 13 #define RSA4096NUMBYTES 512 /* 4096 bit key length */ |
18 #define RSA8192NUMBYTES 1024 /* 8192 bit key length */ | 14 #define RSA8192NUMBYTES 1024 /* 8192 bit key length */ |
19 | 15 |
20 #define RSA1024NUMWORDS (RSA1024NUMBYTES / sizeof(uint32_t)) | 16 #define RSA1024NUMWORDS (RSA1024NUMBYTES / sizeof(uint32_t)) |
21 #define RSA2048NUMWORDS (RSA2048NUMBYTES / sizeof(uint32_t)) | 17 #define RSA2048NUMWORDS (RSA2048NUMBYTES / sizeof(uint32_t)) |
22 #define RSA4096NUMWORDS (RSA4096NUMBYTES / sizeof(uint32_t)) | 18 #define RSA4096NUMWORDS (RSA4096NUMBYTES / sizeof(uint32_t)) |
23 #define RSA8192NUMWORDS (RSA8192NUMBYTES / sizeof(uint32_t)) | 19 #define RSA8192NUMWORDS (RSA8192NUMBYTES / sizeof(uint32_t)) |
24 | 20 |
25 typedef struct RSAPublicKey { | 21 typedef struct RSAPublicKey { |
26 int len; /* Length of n[] in number of uint32_t */ | 22 int len; /* Length of n[] in number of uint32_t */ |
27 uint32_t n0inv; /* -1 / n[0] mod 2^32 */ | 23 uint32_t n0inv; /* -1 / n[0] mod 2^32 */ |
28 uint32_t* n; /* modulus as little endian array */ | 24 uint32_t* n; /* modulus as little endian array */ |
29 uint32_t* rr; /* R^2 as little endian array */ | 25 uint32_t* rr; /* R^2 as little endian array */ |
30 } RSAPublicKey; | 26 } RSAPublicKey; |
31 | 27 |
32 /* Verify a RSA PKCS1.5 signature [sig] of [sig_type] and length [sig_len] | 28 /* Verify a RSA PKCS1.5 signature [sig] of [sig_type] and length [sig_len] |
33 * against an expected [hash] using [key]. Returns 0 on failure, 1 on success. | 29 * against an expected [hash] using [key]. Returns 0 on failure, 1 on success. |
34 */ | 30 */ |
35 int RSAVerify(const RSAPublicKey *key, | 31 int RSAVerify(const RSAPublicKey *key, |
36 const uint8_t* sig, | 32 const uint8_t* sig, |
37 const int sig_len, | 33 const int sig_len, |
38 const uint8_t sig_type, | 34 const uint8_t sig_type, |
39 const uint8_t* hash); | 35 const uint8_t* hash); |
40 | |
41 /* Perform RSA signature verification on [buf] of length [len] against expected | |
42 * signature [sig] using signature algorithm [algorithm]. The public key used | |
43 * for verification can either be in the form of a pre-process key blob | |
44 * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must | |
45 * be non-NULL, and the other NULL or the function will fail. | |
46 * | |
47 * Returns 1 on verification success, 0 on verification failure or invalid | |
48 * arguments. | |
49 * | |
50 * Note: This function is for use in the firmware and assumes all pointers point | |
51 * to areas in the memory of the right size. | |
52 * | |
53 */ | |
54 int RSAVerifyBinary_f(const uint8_t* key_blob, | |
55 const RSAPublicKey* key, | |
56 const uint8_t* buf, | |
57 uint64_t len, | |
58 const uint8_t* sig, | |
59 int algorithm); | |
60 | |
61 /* Version of RSAVerifyBinary_f() where instead of the raw binary blob | |
62 * of data, its digest is passed as the argument. */ | |
63 int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob, | |
64 const RSAPublicKey* key, | |
65 const uint8_t* digest, | |
66 const uint8_t* sig, | |
67 int algorithm); | |
68 | |
69 | |
70 /* ----Some additional utility functions for RSA.---- */ | |
71 | |
72 /* Returns the size of a pre-processed RSA public key in bytes with algorithm | |
73 * [algorithm]. */ | |
74 int RSAProcessedKeySize(int algorithm); | |
75 | |
76 /* Allocate a new RSAPublicKey structure and initialize its pointer fields to | |
77 * NULL */ | |
78 RSAPublicKey* RSAPublicKeyNew(void); | |
79 | |
80 /* Deep free the contents of [key]. */ | |
81 void RSAPublicKeyFree(RSAPublicKey* key); | |
82 | |
83 /* Create a RSAPublic key structure from binary blob [buf] of length | |
84 * [len]. | |
85 * | |
86 * Caller owns the returned key and must free it. | |
87 */ | |
88 RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len); | |
89 | |
90 | 36 |
91 #endif /* VBOOT_REFERENCE_RSA_H_ */ | 37 #endif /* VBOOT_REFERENCE_RSA_H_ */ |
OLD | NEW |