Home | History | Annotate | Download | only in Cryptest 
      1 /** @file
      2   Application for RSA Primitives Validation.
      3 
      4 Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
      5 This program and the accompanying materials
      6 are licensed and made available under the terms and conditions of the BSD License
      7 which accompanies this distribution.  The full text of the license may be found at
      8 http://opensource.org/licenses/bsd-license.php
      9 
     10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
     11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
     12 
     13 **/
     14 
     15 #include "Cryptest.h"
     16 
     17 #define  RSA_MODULUS_LENGTH  512
     18 
     19 //
     20 // RSA PKCS#1 Validation Data from OpenSSL "Fips_rsa_selftest.c"
     21 //
     22 
     23 //
     24 // Public Modulus of RSA Key
     25 //
     26 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaN[] = {
     27   0xBB, 0xF8, 0x2F, 0x09, 0x06, 0x82, 0xCE, 0x9C, 0x23, 0x38, 0xAC, 0x2B, 0x9D, 0xA8, 0x71, 0xF7,
     28   0x36, 0x8D, 0x07, 0xEE, 0xD4, 0x10, 0x43, 0xA4, 0x40, 0xD6, 0xB6, 0xF0, 0x74, 0x54, 0xF5, 0x1F,
     29   0xB8, 0xDF, 0xBA, 0xAF, 0x03, 0x5C, 0x02, 0xAB, 0x61, 0xEA, 0x48, 0xCE, 0xEB, 0x6F, 0xCD, 0x48,
     30   0x76, 0xED, 0x52, 0x0D, 0x60, 0xE1, 0xEC, 0x46, 0x19, 0x71, 0x9D, 0x8A, 0x5B, 0x8B, 0x80, 0x7F,
     31   0xAF, 0xB8, 0xE0, 0xA3, 0xDF, 0xC7, 0x37, 0x72, 0x3E, 0xE6, 0xB4, 0xB7, 0xD9, 0x3A, 0x25, 0x84,
     32   0xEE, 0x6A, 0x64, 0x9D, 0x06, 0x09, 0x53, 0x74, 0x88, 0x34, 0xB2, 0x45, 0x45, 0x98, 0x39, 0x4E,
     33   0xE0, 0xAA, 0xB1, 0x2D, 0x7B, 0x61, 0xA5, 0x1F, 0x52, 0x7A, 0x9A, 0x41, 0xF6, 0xC1, 0x68, 0x7F,
     34   0xE2, 0x53, 0x72, 0x98, 0xCA, 0x2A, 0x8F, 0x59, 0x46, 0xF8, 0xE5, 0xFD, 0x09, 0x1D, 0xBD, 0xCB
     35   };
     36 
     37 //
     38 // Public Exponent of RSA Key
     39 //
     40 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaE[] = { 0x11 };
     41 
     42 //
     43 // Private Exponent of RSA Key
     44 //
     45 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaD[] = {
     46   0xA5, 0xDA, 0xFC, 0x53, 0x41, 0xFA, 0xF2, 0x89, 0xC4, 0xB9, 0x88, 0xDB, 0x30, 0xC1, 0xCD, 0xF8,
     47   0x3F, 0x31, 0x25, 0x1E, 0x06, 0x68, 0xB4, 0x27, 0x84, 0x81, 0x38, 0x01, 0x57, 0x96, 0x41, 0xB2,
     48   0x94, 0x10, 0xB3, 0xC7, 0x99, 0x8D, 0x6B, 0xC4, 0x65, 0x74, 0x5E, 0x5C, 0x39, 0x26, 0x69, 0xD6,
     49   0x87, 0x0D, 0xA2, 0xC0, 0x82, 0xA9, 0x39, 0xE3, 0x7F, 0xDC, 0xB8, 0x2E, 0xC9, 0x3E, 0xDA, 0xC9,
     50   0x7F, 0xF3, 0xAD, 0x59, 0x50, 0xAC, 0xCF, 0xBC, 0x11, 0x1C, 0x76, 0xF1, 0xA9, 0x52, 0x94, 0x44,
     51   0xE5, 0x6A, 0xAF, 0x68, 0xC5, 0x6C, 0x09, 0x2C, 0xD3, 0x8D, 0xC3, 0xBE, 0xF5, 0xD2, 0x0A, 0x93,
     52   0x99, 0x26, 0xED, 0x4F, 0x74, 0xA1, 0x3E, 0xDD, 0xFB, 0xE1, 0xA1, 0xCE, 0xCC, 0x48, 0x94, 0xAF,
     53   0x94, 0x28, 0xC2, 0xB7, 0xB8, 0x88, 0x3F, 0xE4, 0x46, 0x3A, 0x4B, 0xC8, 0x5B, 0x1C, 0xB3, 0xC1
     54   };
     55 
     56 //
     57 // Known Answer Test (KAT) Data for RSA PKCS#1 Signing
     58 //
     59 GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 RsaSignData[] = "OpenSSL FIPS 140-2 Public Key RSA KAT";
     60 
     61 //
     62 // Known Signature for the above message, under SHA-1 Digest
     63 //
     64 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaPkcs1Signature[] = {
     65   0x71, 0xEE, 0x1A, 0xC0, 0xFE, 0x01, 0x93, 0x54, 0x79, 0x5C, 0xF2, 0x4C, 0x4A, 0xFD, 0x1A, 0x05,
     66   0x8F, 0x64, 0xB1, 0x6D, 0x61, 0x33, 0x8D, 0x9B, 0xE7, 0xFD, 0x60, 0xA3, 0x83, 0xB5, 0xA3, 0x51,
     67   0x55, 0x77, 0x90, 0xCF, 0xDC, 0x22, 0x37, 0x8E, 0xD0, 0xE1, 0xAE, 0x09, 0xE3, 0x3D, 0x1E, 0xF8,
     68   0x80, 0xD1, 0x8B, 0xC2, 0xEC, 0x0A, 0xD7, 0x6B, 0x88, 0x8B, 0x8B, 0xA1, 0x20, 0x22, 0xBE, 0x59,
     69   0x5B, 0xE0, 0x23, 0x24, 0xA1, 0x49, 0x30, 0xBA, 0xA9, 0x9E, 0xE8, 0xB1, 0x8A, 0x62, 0x16, 0xBF,
     70   0x4E, 0xCA, 0x2E, 0x4E, 0xBC, 0x29, 0xA8, 0x67, 0x13, 0xB7, 0x9F, 0x1D, 0x04, 0x44, 0xE5, 0x5F,
     71   0x35, 0x07, 0x11, 0xBC, 0xED, 0x19, 0x37, 0x21, 0xCF, 0x23, 0x48, 0x1F, 0x72, 0x05, 0xDE, 0xE6,
     72   0xE8, 0x7F, 0x33, 0x8A, 0x76, 0x4B, 0x2F, 0x95, 0xDF, 0xF1, 0x5F, 0x84, 0x80, 0xD9, 0x46, 0xB4
     73   };
     74 
     75 //
     76 // Default public key 0x10001 = 65537
     77 //
     78 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 DefaultPublicKey[] = {
     79   0x01, 0x00, 0x01
     80 };
     81 
     82 /**
     83   Validate UEFI-OpenSSL RSA Interfaces.
     84 
     85   @retval  EFI_SUCCESS  Validation succeeded.
     86   @retval  EFI_ABORTED  Validation failed.
     87 
     88 **/
     89 EFI_STATUS
     90 ValidateCryptRsa (
     91   VOID
     92   )
     93 {
     94   VOID     *Rsa;
     95   UINT8    HashValue[SHA1_DIGEST_SIZE];
     96   UINTN    HashSize;
     97   UINTN    CtxSize;
     98   VOID     *Sha1Ctx;
     99   UINT8    *Signature;
    100   UINTN    SigSize;
    101   BOOLEAN  Status;
    102   UINTN    KeySize;
    103   UINT8    *KeyBuffer;
    104 
    105   Print (L"\nUEFI-OpenSSL RSA Engine Testing: ");
    106 
    107   //
    108   // Generate & Initialize RSA Context
    109   //
    110   Rsa = RsaNew ();
    111   Print (L"\n- Generate RSA Context ... ");
    112   if (Rsa == NULL) {
    113     Print (L"[Fail]");
    114     return EFI_ABORTED;
    115   }
    116 
    117   //
    118   // Set/Get RSA Key Components
    119   //
    120   Print (L"Set/Get RSA Key Components ... ");
    121 
    122   //
    123   // Set/Get RSA Key N
    124   //
    125   Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
    126   if (!Status) {
    127     Print (L"[Fail]");
    128     return EFI_ABORTED;
    129   }
    130 
    131   KeySize = 0;
    132   Status = RsaGetKey (Rsa, RsaKeyN, NULL, &KeySize);
    133   if (Status || KeySize != sizeof (RsaN)) {
    134     Print (L"[Fail]");
    135     return EFI_ABORTED;
    136   }
    137 
    138   KeyBuffer = AllocatePool (KeySize);
    139   Status = RsaGetKey (Rsa, RsaKeyN, KeyBuffer, &KeySize);
    140   if (!Status || KeySize != sizeof (RsaN)) {
    141     Print (L"[Fail]");
    142     return EFI_ABORTED;
    143   }
    144 
    145   if (CompareMem (KeyBuffer, RsaN, KeySize) != 0) {
    146     Print (L"[Fail]");
    147     return EFI_ABORTED;
    148   }
    149 
    150   FreePool (KeyBuffer);
    151 
    152   //
    153   // Set/Get RSA Key E
    154   //
    155   Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
    156   if (!Status) {
    157     Print (L"[Fail]");
    158     return EFI_ABORTED;
    159   }
    160 
    161   KeySize = 0;
    162   Status = RsaGetKey (Rsa, RsaKeyE, NULL, &KeySize);
    163   if (Status || KeySize != sizeof (RsaE)) {
    164     Print (L"[Fail]");
    165     return EFI_ABORTED;
    166   }
    167 
    168   KeyBuffer = AllocatePool (KeySize);
    169   Status = RsaGetKey (Rsa, RsaKeyE, KeyBuffer, &KeySize);
    170   if (!Status || KeySize != sizeof (RsaE)) {
    171     Print (L"[Fail]");
    172     return EFI_ABORTED;
    173   }
    174 
    175   if (CompareMem (KeyBuffer, RsaE, KeySize) != 0) {
    176     Print (L"[Fail]");
    177     return EFI_ABORTED;
    178   }
    179 
    180   FreePool (KeyBuffer);
    181 
    182   //
    183   // Clear/Get RSA Key Components
    184   //
    185   Print (L"Clear/Get RSA Key Components ... ");
    186 
    187   //
    188   // Clear/Get RSA Key N
    189   //
    190   Status = RsaSetKey (Rsa, RsaKeyN, NULL, 0);
    191   if (!Status) {
    192     Print (L"[Fail]");
    193     return EFI_ABORTED;
    194   }
    195 
    196   KeySize = 1;
    197   Status = RsaGetKey (Rsa, RsaKeyN, NULL, &KeySize);
    198   if (!Status || KeySize != 0) {
    199     Print (L"[Fail]");
    200     return EFI_ABORTED;
    201   }
    202 
    203   //
    204   // Clear/Get RSA Key E
    205   //
    206   Status = RsaSetKey (Rsa, RsaKeyE, NULL, 0);
    207   if (!Status) {
    208     Print (L"[Fail]");
    209     return EFI_ABORTED;
    210   }
    211 
    212   KeySize = 1;
    213   Status = RsaGetKey (Rsa, RsaKeyE, NULL, &KeySize);
    214   if (!Status || KeySize != 0) {
    215     Print (L"[Fail]");
    216     return EFI_ABORTED;
    217   }
    218 
    219   //
    220   // Generate RSA Key Components
    221   //
    222   Print (L"Generate RSA Key Components ... ");
    223 
    224   Status = RsaGenerateKey (Rsa, RSA_MODULUS_LENGTH, NULL, 0);
    225   if (!Status) {
    226     Print (L"[Fail]");
    227     return EFI_ABORTED;
    228   }
    229 
    230   KeySize = RSA_MODULUS_LENGTH / 8;
    231   KeyBuffer = AllocatePool (KeySize);
    232   Status = RsaGetKey (Rsa, RsaKeyE, KeyBuffer, &KeySize);
    233   if (!Status) {
    234     Print (L"[Fail]");
    235     return EFI_ABORTED;
    236   }
    237 
    238   if (KeySize != 3 ||
    239       CompareMem (KeyBuffer, DefaultPublicKey, 3) != 0) {
    240     Print (L"[Fail]");
    241     return EFI_ABORTED;
    242   }
    243 
    244   KeySize = RSA_MODULUS_LENGTH / 8;
    245   Status = RsaGetKey (Rsa, RsaKeyN, KeyBuffer, &KeySize);
    246   if (!Status) {
    247     Print (L"[Fail]");
    248     return EFI_ABORTED;
    249   }
    250 
    251   if (KeySize != RSA_MODULUS_LENGTH / 8) {
    252     Print (L"[Fail]");
    253     return EFI_ABORTED;
    254   }
    255 
    256   if (!RsaCheckKey (Rsa)) {
    257     Print (L"[Fail]");
    258     return EFI_ABORTED;
    259   }
    260 
    261   //
    262   // Check invalid RSA key components
    263   //
    264   Print (L"Check Invalid RSA Key Components ... ");
    265 
    266   Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
    267   if (!Status) {
    268     Print (L"[Fail]");
    269     return EFI_ABORTED;
    270   }
    271 
    272   if (RsaCheckKey (Rsa)) {
    273     Print (L"[Fail]");
    274     return EFI_ABORTED;
    275   }
    276 
    277   Status = RsaSetKey (Rsa, RsaKeyN, KeyBuffer, KeySize);
    278   if (!Status) {
    279     Print (L"[Fail]");
    280     return EFI_ABORTED;
    281   }
    282 
    283   if (!RsaCheckKey (Rsa)) {
    284     Print (L"[Fail]");
    285     return EFI_ABORTED;
    286   }
    287 
    288   Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
    289   if (!Status) {
    290     Print (L"[Fail]");
    291     return EFI_ABORTED;
    292   }
    293 
    294   if (RsaCheckKey (Rsa)) {
    295     Print (L"[Fail]");
    296     return EFI_ABORTED;
    297   }
    298 
    299   FreePool (KeyBuffer);
    300 
    301   //
    302   // SHA-1 Digest Message for PKCS#1 Signature
    303   //
    304   Print (L"Hash Original Message ... ");
    305   HashSize = SHA1_DIGEST_SIZE;
    306   ZeroMem (HashValue, HashSize);
    307   CtxSize = Sha1GetContextSize ();
    308   Sha1Ctx = AllocatePool (CtxSize);
    309 
    310   Status  = Sha1Init (Sha1Ctx);
    311   if (!Status) {
    312     Print (L"[Fail]");
    313     return EFI_ABORTED;
    314   }
    315 
    316   Status  = Sha1Update (Sha1Ctx, RsaSignData, AsciiStrLen (RsaSignData));
    317   if (!Status) {
    318     Print (L"[Fail]");
    319     return EFI_ABORTED;
    320   }
    321 
    322   Status  = Sha1Final (Sha1Ctx, HashValue);
    323   if (!Status) {
    324     Print (L"[Fail]");
    325     return EFI_ABORTED;
    326   }
    327 
    328   FreePool (Sha1Ctx);
    329 
    330   //
    331   // Sign RSA PKCS#1-encoded Signature
    332   //
    333   Print (L"PKCS#1 Signature ... ");
    334 
    335   RsaFree (Rsa);
    336 
    337   Rsa = RsaNew ();
    338   if (Rsa == NULL) {
    339     Print (L"[Fail]");
    340     return EFI_ABORTED;
    341   }
    342 
    343   Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN));
    344   if (!Status) {
    345     Print (L"[Fail]");
    346     return EFI_ABORTED;
    347   }
    348 
    349   Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE));
    350   if (!Status) {
    351     Print (L"[Fail]");
    352     return EFI_ABORTED;
    353   }
    354 
    355   Status = RsaSetKey (Rsa, RsaKeyD, RsaD, sizeof (RsaD));
    356   if (!Status) {
    357     Print (L"[Fail]");
    358     return EFI_ABORTED;
    359   }
    360 
    361   SigSize = 0;
    362   Status  = RsaPkcs1Sign (Rsa, HashValue, HashSize, NULL, &SigSize);
    363   if (Status || SigSize == 0) {
    364     Print (L"[Fail]");
    365     return EFI_ABORTED;
    366   }
    367 
    368   Signature = AllocatePool (SigSize);
    369   Status  = RsaPkcs1Sign (Rsa, HashValue, HashSize, Signature, &SigSize);
    370   if (!Status) {
    371     Print (L"[Fail]");
    372     return EFI_ABORTED;
    373   }
    374 
    375   if (SigSize != sizeof (RsaPkcs1Signature)) {
    376     Print (L"[Fail]");
    377     return EFI_ABORTED;
    378   }
    379 
    380   if (CompareMem (Signature, RsaPkcs1Signature, SigSize) != 0) {
    381     Print (L"[Fail]");
    382     return EFI_ABORTED;
    383   }
    384 
    385   //
    386   // Verify RSA PKCS#1-encoded Signature
    387   //
    388 
    389   Print (L"PKCS#1 Signature Verification ... ");
    390 
    391   Status = RsaPkcs1Verify (Rsa, HashValue, HashSize, Signature, SigSize);
    392   if (!Status) {
    393     Print (L"[Fail]");
    394     return EFI_ABORTED;
    395   }
    396 
    397   //
    398   // Release Resources
    399   //
    400   RsaFree (Rsa);
    401   Print (L"Release RSA Context ... [Pass]");
    402 
    403   Print (L"\n");
    404 
    405   return EFI_SUCCESS;
    406 }
    407