1 /*
2 * SPDX-FileCopyrightText: Copyright (c) 2024 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
3 * SPDX-License-Identifier: MIT
4 *
5 * Permission is hereby granted, free of charge, to any person obtaining a
6 * copy of this software and associated documentation files (the "Software"),
7 * to deal in the Software without restriction, including without limitation
8 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
9 * and/or sell copies of the Software, and to permit persons to whom the
10 * Software is furnished to do so, subject to the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be included in
13 * all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
21 * DEALINGS IN THE SOFTWARE.
22 *
23 * Comments, prototypes and checks taken from DMTF: Copyright 2021-2022 DMTF. All rights reserved.
24 * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
25 */
26
27 /** @file
28 * RSA Asymmetric Cipher Wrapper Implementation.
29 *
30 * This file implements following APIs which provide more capabilities for RSA:
31 * 1) rsa_pss_sign
32 *
33 * RFC 8017 - PKCS #1: RSA Cryptography Specifications version 2.2
34 **/
35
36 #include "internal_crypt_lib.h"
37 #include "library/cryptlib.h"
38
39 /**
40 * Carries out the RSA-PSS signature generation with EMSA-PSS encoding scheme.
41 *
42 * This function carries out the RSA-PSS signature generation with EMSA-PSS encoding scheme defined in
43 * RSA PKCS#1 v2.2.
44 *
45 * The salt length is same as digest length.
46 *
47 * If the signature buffer is too small to hold the contents of signature, false
48 * is returned and sig_size is set to the required buffer size to obtain the signature.
49 *
50 * If rsa_context is NULL, then return false.
51 * If message_hash is NULL, then return false.
52 * If hash_size need match the hash_nid. nid could be SHA256, SHA384, SHA512, SHA3_256, SHA3_384, SHA3_512.
53 * If sig_size is large enough but signature is NULL, then return false.
54 *
55 * @param[in] rsa_context Pointer to RSA context for signature generation.
56 * @param[in] hash_nid hash NID
57 * @param[in] message_hash Pointer to octet message hash to be signed.
58 * @param[in] hash_size size of the message hash in bytes.
59 * @param[out] signature Pointer to buffer to receive RSA-SSA PSS signature.
60 * @param[in, out] sig_size On input, the size of signature buffer in bytes.
61 * On output, the size of data returned in signature buffer in bytes.
62 *
63 * @retval true signature successfully generated in RSA-SSA PSS.
64 * @retval false signature generation failed.
65 * @retval false sig_size is too small.
66 *
67 **/
libspdm_rsa_pss_sign(void * rsa_context,size_t hash_nid,const uint8_t * message_hash,size_t hash_size,uint8_t * signature,size_t * sig_size)68 bool libspdm_rsa_pss_sign(void *rsa_context, size_t hash_nid,
69 const uint8_t *message_hash, size_t hash_size,
70 uint8_t *signature, size_t *sig_size)
71 {
72 return lkca_rsa_pss_sign(rsa_context, hash_nid, message_hash, hash_size,
73 signature, sig_size);
74 }
75 //
76 // In RM, we just need sign process; so we stub verification function.
77 // Verification function is needed in GSP code only,
78 //
libspdm_rsa_pss_verify(void * rsa_context,size_t hash_nid,const uint8_t * message_hash,size_t hash_size,const uint8_t * signature,size_t sig_size)79 bool libspdm_rsa_pss_verify(void *rsa_context, size_t hash_nid,
80 const uint8_t *message_hash, size_t hash_size,
81 const uint8_t *signature, size_t sig_size)
82 {
83 return false;
84 }
85
86