OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Implementation of RSA utility functions. | 5 * Implementation of RSA utility functions. |
6 */ | 6 */ |
7 | 7 |
8 #include "cryptolib.h" | 8 #include "cryptolib.h" |
9 #include "stateful_util.h" | 9 #include "stateful_util.h" |
10 #include "utility.h" | 10 #include "utility.h" |
11 | 11 |
12 int RSAProcessedKeySize(int algorithm) { | 12 int RSAProcessedKeySize(unsigned int algorithm, int* out_size) { |
13 int key_len = siglen_map[algorithm]; /* Key length in | 13 int key_len; /* Key length in bytes. */ |
14 * bytes. */ | 14 if (algorithm < kNumAlgorithms) { |
15 /* Total size needed by a RSAPublicKey structure is = | 15 key_len = siglen_map[algorithm]; |
16 * 2 * key_len bytes for the n and rr arrays | 16 /* Total size needed by a RSAPublicKey structure is = |
17 * + sizeof len + sizeof n0inv. | 17 * 2 * key_len bytes for the n and rr arrays |
18 */ | 18 * + sizeof len + sizeof n0inv. |
19 return (2 * key_len + sizeof(uint32_t) + sizeof(uint32_t)); | 19 */ |
| 20 *out_size = (2 * key_len + sizeof(uint32_t) + sizeof(uint32_t)); |
| 21 return 1; |
| 22 } |
| 23 return 0; |
20 } | 24 } |
21 | 25 |
22 RSAPublicKey* RSAPublicKeyNew(void) { | 26 RSAPublicKey* RSAPublicKeyNew(void) { |
23 RSAPublicKey* key = (RSAPublicKey*) Malloc(sizeof(RSAPublicKey)); | 27 RSAPublicKey* key = (RSAPublicKey*) Malloc(sizeof(RSAPublicKey)); |
24 key->n = NULL; | 28 key->n = NULL; |
25 key->rr = NULL; | 29 key->rr = NULL; |
26 return key; | 30 return key; |
27 } | 31 } |
28 | 32 |
29 void RSAPublicKeyFree(RSAPublicKey* key) { | 33 void RSAPublicKeyFree(RSAPublicKey* key) { |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
67 } | 71 } |
68 | 72 |
69 return key; | 73 return key; |
70 } | 74 } |
71 | 75 |
72 int RSAVerifyBinary_f(const uint8_t* key_blob, | 76 int RSAVerifyBinary_f(const uint8_t* key_blob, |
73 const RSAPublicKey* key, | 77 const RSAPublicKey* key, |
74 const uint8_t* buf, | 78 const uint8_t* buf, |
75 uint64_t len, | 79 uint64_t len, |
76 const uint8_t* sig, | 80 const uint8_t* sig, |
77 int algorithm) { | 81 unsigned int algorithm) { |
78 RSAPublicKey* verification_key = NULL; | 82 RSAPublicKey* verification_key = NULL; |
79 uint8_t* digest = NULL; | 83 uint8_t* digest = NULL; |
80 int key_size; | 84 int key_size; |
81 int sig_size; | 85 int sig_size; |
82 int success; | 86 int success; |
83 | 87 |
84 if (algorithm >= kNumAlgorithms) | 88 if (algorithm >= kNumAlgorithms) |
85 return 0; /* Invalid algorithm. */ | 89 return 0; /* Invalid algorithm. */ |
86 key_size = RSAProcessedKeySize(algorithm); | 90 if (!RSAProcessedKeySize(algorithm, &key_size)) |
| 91 return 0; |
87 sig_size = siglen_map[algorithm]; | 92 sig_size = siglen_map[algorithm]; |
88 | 93 |
89 if (key_blob && !key) | 94 if (key_blob && !key) |
90 verification_key = RSAPublicKeyFromBuf(key_blob, key_size); | 95 verification_key = RSAPublicKeyFromBuf(key_blob, key_size); |
91 else if (!key_blob && key) | 96 else if (!key_blob && key) |
92 verification_key = (RSAPublicKey*) key; /* Supress const warning. */ | 97 verification_key = (RSAPublicKey*) key; /* Supress const warning. */ |
93 else | 98 else |
94 return 0; /* Both can't be NULL or non-NULL. */ | 99 return 0; /* Both can't be NULL or non-NULL. */ |
95 | 100 |
| 101 /* Ensure we have a valid key. */ |
| 102 if (!verification_key) |
| 103 return 0; |
| 104 |
96 digest = DigestBuf(buf, len, algorithm); | 105 digest = DigestBuf(buf, len, algorithm); |
97 success = RSAVerify(verification_key, sig, (uint32_t)sig_size, | 106 success = RSAVerify(verification_key, sig, (uint32_t)sig_size, |
98 (uint8_t)algorithm, digest); | 107 (uint8_t)algorithm, digest); |
99 | 108 |
100 Free(digest); | 109 Free(digest); |
101 if (!key) | 110 if (!key) |
102 RSAPublicKeyFree(verification_key); /* Only free if we allocated it. */ | 111 RSAPublicKeyFree(verification_key); /* Only free if we allocated it. */ |
103 return success; | 112 return success; |
104 } | 113 } |
105 | 114 |
106 /* Version of RSAVerifyBinary_f() where instead of the raw binary blob | 115 /* Version of RSAVerifyBinary_f() where instead of the raw binary blob |
107 * of data, its digest is passed as the argument. */ | 116 * of data, its digest is passed as the argument. */ |
108 int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob, | 117 int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob, |
109 const RSAPublicKey* key, | 118 const RSAPublicKey* key, |
110 const uint8_t* digest, | 119 const uint8_t* digest, |
111 const uint8_t* sig, | 120 const uint8_t* sig, |
112 int algorithm) { | 121 unsigned int algorithm) { |
113 RSAPublicKey* verification_key = NULL; | 122 RSAPublicKey* verification_key = NULL; |
114 int key_size; | 123 int key_size; |
115 int sig_size; | 124 int sig_size; |
116 int success; | 125 int success; |
117 | 126 |
118 if (algorithm >= kNumAlgorithms) | 127 if (algorithm >= kNumAlgorithms) |
119 return 0; /* Invalid algorithm. */ | 128 return 0; /* Invalid algorithm. */ |
120 key_size = RSAProcessedKeySize(algorithm); | 129 if (!RSAProcessedKeySize(algorithm, &key_size)) |
| 130 return 0; |
121 sig_size = siglen_map[algorithm]; | 131 sig_size = siglen_map[algorithm]; |
122 | 132 |
123 if (key_blob && !key) | 133 if (key_blob && !key) |
124 verification_key = RSAPublicKeyFromBuf(key_blob, key_size); | 134 verification_key = RSAPublicKeyFromBuf(key_blob, key_size); |
125 else if (!key_blob && key) | 135 else if (!key_blob && key) |
126 verification_key = (RSAPublicKey*) key; /* Supress const warning. */ | 136 verification_key = (RSAPublicKey*) key; /* Supress const warning. */ |
127 else | 137 else |
128 return 0; /* Both can't be NULL or non-NULL. */ | 138 return 0; /* Both can't be NULL or non-NULL. */ |
129 | 139 |
| 140 /* Ensure we have a valid key. */ |
| 141 if (!verification_key) |
| 142 return 0; |
| 143 |
130 success = RSAVerify(verification_key, sig, (uint32_t)sig_size, | 144 success = RSAVerify(verification_key, sig, (uint32_t)sig_size, |
131 (uint8_t)algorithm, digest); | 145 (uint8_t)algorithm, digest); |
132 | 146 |
133 if (!key) | 147 if (!key) |
134 RSAPublicKeyFree(verification_key); /* Only free if we allocated it. */ | 148 RSAPublicKeyFree(verification_key); /* Only free if we allocated it. */ |
135 return success; | 149 return success; |
136 } | 150 } |
OLD | NEW |