VirtualBox

source: vbox/trunk/src/VBox/Devices/EFI/Firmware/CryptoPkg/Application/Cryptest/RsaVerify.c@ 64506

最後變更 在這個檔案從64506是 58466,由 vboxsync 提交於 9 年 前

EFI/Firmware: Merged in the svn:eol-style, svn:mime-type and trailing whitespace cleanup that was done after the initial UDK2014.SP1 import: svn merge /vendor/edk2/UDK2014.SP1 /vendor/edk2/current .
  • 屬性 svn:eol-style 設為 native
檔案大小: 10.0 KB
 
1/** @file
2 Application for RSA Primitives Validation.
3
4Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
5This program and the accompanying materials
6are licensed and made available under the terms and conditions of the BSD License
7which accompanies this distribution. The full text of the license may be found at
8http://opensource.org/licenses/bsd-license.php
9
10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13**/
14
15#include "Cryptest.h"
16
17#define RSA_MODULUS_LENGTH 512
18
19//
20// RSA PKCS#1 Validation Data from OpenSSL "Fips_rsa_selftest.c"
21//
22
23//
24// Public Modulus of RSA Key
25//
26GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaN[] = {
27 0xBB, 0xF8, 0x2F, 0x09, 0x06, 0x82, 0xCE, 0x9C, 0x23, 0x38, 0xAC, 0x2B, 0x9D, 0xA8, 0x71, 0xF7,
28 0x36, 0x8D, 0x07, 0xEE, 0xD4, 0x10, 0x43, 0xA4, 0x40, 0xD6, 0xB6, 0xF0, 0x74, 0x54, 0xF5, 0x1F,
29 0xB8, 0xDF, 0xBA, 0xAF, 0x03, 0x5C, 0x02, 0xAB, 0x61, 0xEA, 0x48, 0xCE, 0xEB, 0x6F, 0xCD, 0x48,
30 0x76, 0xED, 0x52, 0x0D, 0x60, 0xE1, 0xEC, 0x46, 0x19, 0x71, 0x9D, 0x8A, 0x5B, 0x8B, 0x80, 0x7F,
31 0xAF, 0xB8, 0xE0, 0xA3, 0xDF, 0xC7, 0x37, 0x72, 0x3E, 0xE6, 0xB4, 0xB7, 0xD9, 0x3A, 0x25, 0x84,
32 0xEE, 0x6A, 0x64, 0x9D, 0x06, 0x09, 0x53, 0x74, 0x88, 0x34, 0xB2, 0x45, 0x45, 0x98, 0x39, 0x4E,
33 0xE0, 0xAA, 0xB1, 0x2D, 0x7B, 0x61, 0xA5, 0x1F, 0x52, 0x7A, 0x9A, 0x41, 0xF6, 0xC1, 0x68, 0x7F,
34 0xE2, 0x53, 0x72, 0x98, 0xCA, 0x2A, 0x8F, 0x59, 0x46, 0xF8, 0xE5, 0xFD, 0x09, 0x1D, 0xBD, 0xCB
35 };
36
37//
38// Public Exponent of RSA Key
39//
40GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaE[] = { 0x11 };
41
42//
43// Private Exponent of RSA Key
44//
45GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaD[] = {
46 0xA5, 0xDA, 0xFC, 0x53, 0x41, 0xFA, 0xF2, 0x89, 0xC4, 0xB9, 0x88, 0xDB, 0x30, 0xC1, 0xCD, 0xF8,
47 0x3F, 0x31, 0x25, 0x1E, 0x06, 0x68, 0xB4, 0x27, 0x84, 0x81, 0x38, 0x01, 0x57, 0x96, 0x41, 0xB2,
48 0x94, 0x10, 0xB3, 0xC7, 0x99, 0x8D, 0x6B, 0xC4, 0x65, 0x74, 0x5E, 0x5C, 0x39, 0x26, 0x69, 0xD6,
49 0x87, 0x0D, 0xA2, 0xC0, 0x82, 0xA9, 0x39, 0xE3, 0x7F, 0xDC, 0xB8, 0x2E, 0xC9, 0x3E, 0xDA, 0xC9,
50 0x7F, 0xF3, 0xAD, 0x59, 0x50, 0xAC, 0xCF, 0xBC, 0x11, 0x1C, 0x76, 0xF1, 0xA9, 0x52, 0x94, 0x44,
51 0xE5, 0x6A, 0xAF, 0x68, 0xC5, 0x6C, 0x09, 0x2C, 0xD3, 0x8D, 0xC3, 0xBE, 0xF5, 0xD2, 0x0A, 0x93,
52 0x99, 0x26, 0xED, 0x4F, 0x74, 0xA1, 0x3E, 0xDD, 0xFB, 0xE1, 0xA1, 0xCE, 0xCC, 0x48, 0x94, 0xAF,
53 0x94, 0x28, 0xC2, 0xB7, 0xB8, 0x88, 0x3F, 0xE4, 0x46, 0x3A, 0x4B, 0xC8, 0x5B, 0x1C, 0xB3, 0xC1
54 };
55
56//
57// Known Answer Test (KAT) Data for RSA PKCS#1 Signing
58//
59GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 RsaSignData[] = "OpenSSL FIPS 140-2 Public Key RSA KAT";
60
61//
62// Known Signature for the above message, under SHA-1 Digest
63//
64GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaPkcs1Signature[] = {
65 0x71, 0xEE, 0x1A, 0xC0, 0xFE, 0x01, 0x93, 0x54, 0x79, 0x5C, 0xF2, 0x4C, 0x4A, 0xFD, 0x1A, 0x05,
66 0x8F, 0x64, 0xB1, 0x6D, 0x61, 0x33, 0x8D, 0x9B, 0xE7, 0xFD, 0x60, 0xA3, 0x83, 0xB5, 0xA3, 0x51,
67 0x55, 0x77, 0x90, 0xCF, 0xDC, 0x22, 0x37, 0x8E, 0xD0, 0xE1, 0xAE, 0x09, 0xE3, 0x3D, 0x1E, 0xF8,
68 0x80, 0xD1, 0x8B, 0xC2, 0xEC, 0x0A, 0xD7, 0x6B, 0x88, 0x8B, 0x8B, 0xA1, 0x20, 0x22, 0xBE, 0x59,
69 0x5B, 0xE0, 0x23, 0x24, 0xA1, 0x49, 0x30, 0xBA, 0xA9, 0x9E, 0xE8, 0xB1, 0x8A, 0x62, 0x16, 0xBF,
70 0x4E, 0xCA, 0x2E, 0x4E, 0xBC, 0x29, 0xA8, 0x67, 0x13, 0xB7, 0x9F, 0x1D, 0x04, 0x44, 0xE5, 0x5F,
71 0x35, 0x07, 0x11, 0xBC, 0xED, 0x19, 0x37, 0x21, 0xCF, 0x23, 0x48, 0x1F, 0x72, 0x05, 0xDE, 0xE6,
72 0xE8, 0x7F, 0x33, 0x8A, 0x76, 0x4B, 0x2F, 0x95, 0xDF, 0xF1, 0x5F, 0x84, 0x80, 0xD9, 0x46, 0xB4
73 };
74
75//
76// Default public key 0x10001 = 65537
77//
78GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 DefaultPublicKey[] = {
79 0x01, 0x00, 0x01
80};
81
82/**
83 Validate UEFI-OpenSSL RSA Interfaces.
84
85 @retval EFI_SUCCESS Validation succeeded.
86 @retval EFI_ABORTED Validation failed.
87
88**/
89EFI_STATUS
90ValidateCryptRsa (
91 VOID
92 )
93{
94 VOID *Rsa;
95 UINT8 HashValue[SHA1_DIGEST_SIZE];
96 UINTN HashSize;
97 UINTN CtxSize;
98 VOID *Sha1Ctx;
99 UINT8 *Signature;
100 UINTN SigSize;
101 BOOLEAN Status;
102 UINTN KeySize;
103 UINT8 *KeyBuffer;
104
105 Print (L"\nUEFI-OpenSSL RSA Engine Testing: ");
106
107 //
108 // Generate & Initialize RSA Context
109 //
110 Rsa = RsaNew ();
111 Print (L"\n- Generate RSA Context ... ");
112 if (Rsa == NULL) {
113 Print (L"[Fail]");
114 return EFI_ABORTED;
115 }
116
117 //
118 // Set/Get RSA Key Components
119 //
120 Print (L"Set/Get RSA Key Components ... ");
121
122 //
123 // Set/Get RSA Key N
124 //
125 Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
126 if (!Status) {
127 Print (L"[Fail]");
128 return EFI_ABORTED;
129 }
130
131 KeySize = 0;
132 Status = RsaGetKey (Rsa, RsaKeyN, NULL, &KeySize);
133 if (Status || KeySize != sizeof (RsaN)) {
134 Print (L"[Fail]");
135 return EFI_ABORTED;
136 }
137
138 KeyBuffer = AllocatePool (KeySize);
139 Status = RsaGetKey (Rsa, RsaKeyN, KeyBuffer, &KeySize);
140 if (!Status || KeySize != sizeof (RsaN)) {
141 Print (L"[Fail]");
142 return EFI_ABORTED;
143 }
144
145 if (CompareMem (KeyBuffer, RsaN, KeySize) != 0) {
146 Print (L"[Fail]");
147 return EFI_ABORTED;
148 }
149
150 FreePool (KeyBuffer);
151
152 //
153 // Set/Get RSA Key E
154 //
155 Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
156 if (!Status) {
157 Print (L"[Fail]");
158 return EFI_ABORTED;
159 }
160
161 KeySize = 0;
162 Status = RsaGetKey (Rsa, RsaKeyE, NULL, &KeySize);
163 if (Status || KeySize != sizeof (RsaE)) {
164 Print (L"[Fail]");
165 return EFI_ABORTED;
166 }
167
168 KeyBuffer = AllocatePool (KeySize);
169 Status = RsaGetKey (Rsa, RsaKeyE, KeyBuffer, &KeySize);
170 if (!Status || KeySize != sizeof (RsaE)) {
171 Print (L"[Fail]");
172 return EFI_ABORTED;
173 }
174
175 if (CompareMem (KeyBuffer, RsaE, KeySize) != 0) {
176 Print (L"[Fail]");
177 return EFI_ABORTED;
178 }
179
180 FreePool (KeyBuffer);
181
182 //
183 // Clear/Get RSA Key Components
184 //
185 Print (L"Clear/Get RSA Key Components ... ");
186
187 //
188 // Clear/Get RSA Key N
189 //
190 Status = RsaSetKey (Rsa, RsaKeyN, NULL, 0);
191 if (!Status) {
192 Print (L"[Fail]");
193 return EFI_ABORTED;
194 }
195
196 KeySize = 1;
197 Status = RsaGetKey (Rsa, RsaKeyN, NULL, &KeySize);
198 if (!Status || KeySize != 0) {
199 Print (L"[Fail]");
200 return EFI_ABORTED;
201 }
202
203 //
204 // Clear/Get RSA Key E
205 //
206 Status = RsaSetKey (Rsa, RsaKeyE, NULL, 0);
207 if (!Status) {
208 Print (L"[Fail]");
209 return EFI_ABORTED;
210 }
211
212 KeySize = 1;
213 Status = RsaGetKey (Rsa, RsaKeyE, NULL, &KeySize);
214 if (!Status || KeySize != 0) {
215 Print (L"[Fail]");
216 return EFI_ABORTED;
217 }
218
219 //
220 // Generate RSA Key Components
221 //
222 Print (L"Generate RSA Key Components ... ");
223
224 Status = RsaGenerateKey (Rsa, RSA_MODULUS_LENGTH, NULL, 0);
225 if (!Status) {
226 Print (L"[Fail]");
227 return EFI_ABORTED;
228 }
229
230 KeySize = RSA_MODULUS_LENGTH / 8;
231 KeyBuffer = AllocatePool (KeySize);
232 Status = RsaGetKey (Rsa, RsaKeyE, KeyBuffer, &KeySize);
233 if (!Status) {
234 Print (L"[Fail]");
235 return EFI_ABORTED;
236 }
237
238 if (KeySize != 3 ||
239 CompareMem (KeyBuffer, DefaultPublicKey, 3) != 0) {
240 Print (L"[Fail]");
241 return EFI_ABORTED;
242 }
243
244 KeySize = RSA_MODULUS_LENGTH / 8;
245 Status = RsaGetKey (Rsa, RsaKeyN, KeyBuffer, &KeySize);
246 if (!Status) {
247 Print (L"[Fail]");
248 return EFI_ABORTED;
249 }
250
251 if (KeySize != RSA_MODULUS_LENGTH / 8) {
252 Print (L"[Fail]");
253 return EFI_ABORTED;
254 }
255
256 if (!RsaCheckKey (Rsa)) {
257 Print (L"[Fail]");
258 return EFI_ABORTED;
259 }
260
261 //
262 // Check invalid RSA key components
263 //
264 Print (L"Check Invalid RSA Key Components ... ");
265
266 Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
267 if (!Status) {
268 Print (L"[Fail]");
269 return EFI_ABORTED;
270 }
271
272 if (RsaCheckKey (Rsa)) {
273 Print (L"[Fail]");
274 return EFI_ABORTED;
275 }
276
277 Status = RsaSetKey (Rsa, RsaKeyN, KeyBuffer, KeySize);
278 if (!Status) {
279 Print (L"[Fail]");
280 return EFI_ABORTED;
281 }
282
283 if (!RsaCheckKey (Rsa)) {
284 Print (L"[Fail]");
285 return EFI_ABORTED;
286 }
287
288 Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
289 if (!Status) {
290 Print (L"[Fail]");
291 return EFI_ABORTED;
292 }
293
294 if (RsaCheckKey (Rsa)) {
295 Print (L"[Fail]");
296 return EFI_ABORTED;
297 }
298
299 FreePool (KeyBuffer);
300
301 //
302 // SHA-1 Digest Message for PKCS#1 Signature
303 //
304 Print (L"Hash Original Message ... ");
305 HashSize = SHA1_DIGEST_SIZE;
306 ZeroMem (HashValue, HashSize);
307 CtxSize = Sha1GetContextSize ();
308 Sha1Ctx = AllocatePool (CtxSize);
309
310 Status = Sha1Init (Sha1Ctx);
311 if (!Status) {
312 Print (L"[Fail]");
313 return EFI_ABORTED;
314 }
315
316 Status = Sha1Update (Sha1Ctx, RsaSignData, AsciiStrLen (RsaSignData));
317 if (!Status) {
318 Print (L"[Fail]");
319 return EFI_ABORTED;
320 }
321
322 Status = Sha1Final (Sha1Ctx, HashValue);
323 if (!Status) {
324 Print (L"[Fail]");
325 return EFI_ABORTED;
326 }
327
328 FreePool (Sha1Ctx);
329
330 //
331 // Sign RSA PKCS#1-encoded Signature
332 //
333 Print (L"PKCS#1 Signature ... ");
334
335 RsaFree (Rsa);
336
337 Rsa = RsaNew ();
338 if (Rsa == NULL) {
339 Print (L"[Fail]");
340 return EFI_ABORTED;
341 }
342
343 Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
344 if (!Status) {
345 Print (L"[Fail]");
346 return EFI_ABORTED;
347 }
348
349 Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
350 if (!Status) {
351 Print (L"[Fail]");
352 return EFI_ABORTED;
353 }
354
355 Status = RsaSetKey (Rsa, RsaKeyD, RsaD, sizeof (RsaD));
356 if (!Status) {
357 Print (L"[Fail]");
358 return EFI_ABORTED;
359 }
360
361 SigSize = 0;
362 Status = RsaPkcs1Sign (Rsa, HashValue, HashSize, NULL, &SigSize);
363 if (Status || SigSize == 0) {
364 Print (L"[Fail]");
365 return EFI_ABORTED;
366 }
367
368 Signature = AllocatePool (SigSize);
369 Status = RsaPkcs1Sign (Rsa, HashValue, HashSize, Signature, &SigSize);
370 if (!Status) {
371 Print (L"[Fail]");
372 return EFI_ABORTED;
373 }
374
375 if (SigSize != sizeof (RsaPkcs1Signature)) {
376 Print (L"[Fail]");
377 return EFI_ABORTED;
378 }
379
380 if (CompareMem (Signature, RsaPkcs1Signature, SigSize) != 0) {
381 Print (L"[Fail]");
382 return EFI_ABORTED;
383 }
384
385 //
386 // Verify RSA PKCS#1-encoded Signature
387 //
388
389 Print (L"PKCS#1 Signature Verification ... ");
390
391 Status = RsaPkcs1Verify (Rsa, HashValue, HashSize, Signature, SigSize);
392 if (!Status) {
393 Print (L"[Fail]");
394 return EFI_ABORTED;
395 }
396
397 //
398 // Release Resources
399 //
400 RsaFree (Rsa);
401 Print (L"Release RSA Context ... [Pass]");
402
403 Print (L"\n");
404
405 return EFI_SUCCESS;
406}
注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette