1 /** @file 2 Application for RSA Primitives Validation. 3 4 Copyright (c) 2010, Intel Corporation. All rights reserved.<BR> 5 This program and the accompanying materials 6 are licensed and made available under the terms and conditions of the BSD License 7 which accompanies this distribution. The full text of the license may be found at 8 http://opensource.org/licenses/bsd-license.php 9 10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 12 13 **/ 14 15 #include "Cryptest.h" 16 17 #define RSA_MODULUS_LENGTH 512 18 19 // 20 // RSA PKCS#1 Validation Data from OpenSSL "Fips_rsa_selftest.c" 21 // 22 23 // 24 // Public Modulus of RSA Key 25 // 26 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaN[] = { 27 0xBB, 0xF8, 0x2F, 0x09, 0x06, 0x82, 0xCE, 0x9C, 0x23, 0x38, 0xAC, 0x2B, 0x9D, 0xA8, 0x71, 0xF7, 28 0x36, 0x8D, 0x07, 0xEE, 0xD4, 0x10, 0x43, 0xA4, 0x40, 0xD6, 0xB6, 0xF0, 0x74, 0x54, 0xF5, 0x1F, 29 0xB8, 0xDF, 0xBA, 0xAF, 0x03, 0x5C, 0x02, 0xAB, 0x61, 0xEA, 0x48, 0xCE, 0xEB, 0x6F, 0xCD, 0x48, 30 0x76, 0xED, 0x52, 0x0D, 0x60, 0xE1, 0xEC, 0x46, 0x19, 0x71, 0x9D, 0x8A, 0x5B, 0x8B, 0x80, 0x7F, 31 0xAF, 0xB8, 0xE0, 0xA3, 0xDF, 0xC7, 0x37, 0x72, 0x3E, 0xE6, 0xB4, 0xB7, 0xD9, 0x3A, 0x25, 0x84, 32 0xEE, 0x6A, 0x64, 0x9D, 0x06, 0x09, 0x53, 0x74, 0x88, 0x34, 0xB2, 0x45, 0x45, 0x98, 0x39, 0x4E, 33 0xE0, 0xAA, 0xB1, 0x2D, 0x7B, 0x61, 0xA5, 0x1F, 0x52, 0x7A, 0x9A, 0x41, 0xF6, 0xC1, 0x68, 0x7F, 34 0xE2, 0x53, 0x72, 0x98, 0xCA, 0x2A, 0x8F, 0x59, 0x46, 0xF8, 0xE5, 0xFD, 0x09, 0x1D, 0xBD, 0xCB 35 }; 36 37 // 38 // Public Exponent of RSA Key 39 // 40 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaE[] = { 0x11 }; 41 42 // 43 // Private Exponent of RSA Key 44 // 45 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaD[] = { 46 0xA5, 0xDA, 0xFC, 0x53, 0x41, 0xFA, 0xF2, 0x89, 0xC4, 0xB9, 0x88, 0xDB, 0x30, 0xC1, 0xCD, 0xF8, 47 0x3F, 0x31, 0x25, 0x1E, 0x06, 0x68, 0xB4, 0x27, 0x84, 0x81, 0x38, 0x01, 0x57, 0x96, 0x41, 0xB2, 48 0x94, 0x10, 0xB3, 0xC7, 0x99, 0x8D, 0x6B, 0xC4, 0x65, 0x74, 0x5E, 0x5C, 0x39, 0x26, 0x69, 0xD6, 49 0x87, 0x0D, 0xA2, 0xC0, 0x82, 0xA9, 0x39, 0xE3, 0x7F, 0xDC, 0xB8, 0x2E, 0xC9, 0x3E, 0xDA, 0xC9, 50 0x7F, 0xF3, 0xAD, 0x59, 0x50, 0xAC, 0xCF, 0xBC, 0x11, 0x1C, 0x76, 0xF1, 0xA9, 0x52, 0x94, 0x44, 51 0xE5, 0x6A, 0xAF, 0x68, 0xC5, 0x6C, 0x09, 0x2C, 0xD3, 0x8D, 0xC3, 0xBE, 0xF5, 0xD2, 0x0A, 0x93, 52 0x99, 0x26, 0xED, 0x4F, 0x74, 0xA1, 0x3E, 0xDD, 0xFB, 0xE1, 0xA1, 0xCE, 0xCC, 0x48, 0x94, 0xAF, 53 0x94, 0x28, 0xC2, 0xB7, 0xB8, 0x88, 0x3F, 0xE4, 0x46, 0x3A, 0x4B, 0xC8, 0x5B, 0x1C, 0xB3, 0xC1 54 }; 55 56 // 57 // Known Answer Test (KAT) Data for RSA PKCS#1 Signing 58 // 59 GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 RsaSignData[] = "OpenSSL FIPS 140-2 Public Key RSA KAT"; 60 61 // 62 // Known Signature for the above message, under SHA-1 Digest 63 // 64 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 RsaPkcs1Signature[] = { 65 0x71, 0xEE, 0x1A, 0xC0, 0xFE, 0x01, 0x93, 0x54, 0x79, 0x5C, 0xF2, 0x4C, 0x4A, 0xFD, 0x1A, 0x05, 66 0x8F, 0x64, 0xB1, 0x6D, 0x61, 0x33, 0x8D, 0x9B, 0xE7, 0xFD, 0x60, 0xA3, 0x83, 0xB5, 0xA3, 0x51, 67 0x55, 0x77, 0x90, 0xCF, 0xDC, 0x22, 0x37, 0x8E, 0xD0, 0xE1, 0xAE, 0x09, 0xE3, 0x3D, 0x1E, 0xF8, 68 0x80, 0xD1, 0x8B, 0xC2, 0xEC, 0x0A, 0xD7, 0x6B, 0x88, 0x8B, 0x8B, 0xA1, 0x20, 0x22, 0xBE, 0x59, 69 0x5B, 0xE0, 0x23, 0x24, 0xA1, 0x49, 0x30, 0xBA, 0xA9, 0x9E, 0xE8, 0xB1, 0x8A, 0x62, 0x16, 0xBF, 70 0x4E, 0xCA, 0x2E, 0x4E, 0xBC, 0x29, 0xA8, 0x67, 0x13, 0xB7, 0x9F, 0x1D, 0x04, 0x44, 0xE5, 0x5F, 71 0x35, 0x07, 0x11, 0xBC, 0xED, 0x19, 0x37, 0x21, 0xCF, 0x23, 0x48, 0x1F, 0x72, 0x05, 0xDE, 0xE6, 72 0xE8, 0x7F, 0x33, 0x8A, 0x76, 0x4B, 0x2F, 0x95, 0xDF, 0xF1, 0x5F, 0x84, 0x80, 0xD9, 0x46, 0xB4 73 }; 74 75 // 76 // Default public key 0x10001 = 65537 77 // 78 GLOBAL_REMOVE_IF_UNREFERENCED CONST UINT8 DefaultPublicKey[] = { 79 0x01, 0x00, 0x01 80 }; 81 82 /** 83 Validate UEFI-OpenSSL RSA Interfaces. 84 85 @retval EFI_SUCCESS Validation succeeded. 86 @retval EFI_ABORTED Validation failed. 87 88 **/ 89 EFI_STATUS 90 ValidateCryptRsa ( 91 VOID 92 ) 93 { 94 VOID *Rsa; 95 UINT8 HashValue[SHA1_DIGEST_SIZE]; 96 UINTN HashSize; 97 UINTN CtxSize; 98 VOID *Sha1Ctx; 99 UINT8 *Signature; 100 UINTN SigSize; 101 BOOLEAN Status; 102 UINTN KeySize; 103 UINT8 *KeyBuffer; 104 105 Print (L"\nUEFI-OpenSSL RSA Engine Testing: "); 106 107 // 108 // Generate & Initialize RSA Context 109 // 110 Rsa = RsaNew (); 111 Print (L"\n- Generate RSA Context ... "); 112 if (Rsa == NULL) { 113 Print (L"[Fail]"); 114 return EFI_ABORTED; 115 } 116 117 // 118 // Set/Get RSA Key Components 119 // 120 Print (L"Set/Get RSA Key Components ... "); 121 122 // 123 // Set/Get RSA Key N 124 // 125 Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN)); 126 if (!Status) { 127 Print (L"[Fail]"); 128 return EFI_ABORTED; 129 } 130 131 KeySize = 0; 132 Status = RsaGetKey (Rsa, RsaKeyN, NULL, &KeySize); 133 if (Status || KeySize != sizeof (RsaN)) { 134 Print (L"[Fail]"); 135 return EFI_ABORTED; 136 } 137 138 KeyBuffer = AllocatePool (KeySize); 139 Status = RsaGetKey (Rsa, RsaKeyN, KeyBuffer, &KeySize); 140 if (!Status || KeySize != sizeof (RsaN)) { 141 Print (L"[Fail]"); 142 return EFI_ABORTED; 143 } 144 145 if (CompareMem (KeyBuffer, RsaN, KeySize) != 0) { 146 Print (L"[Fail]"); 147 return EFI_ABORTED; 148 } 149 150 FreePool (KeyBuffer); 151 152 // 153 // Set/Get RSA Key E 154 // 155 Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE)); 156 if (!Status) { 157 Print (L"[Fail]"); 158 return EFI_ABORTED; 159 } 160 161 KeySize = 0; 162 Status = RsaGetKey (Rsa, RsaKeyE, NULL, &KeySize); 163 if (Status || KeySize != sizeof (RsaE)) { 164 Print (L"[Fail]"); 165 return EFI_ABORTED; 166 } 167 168 KeyBuffer = AllocatePool (KeySize); 169 Status = RsaGetKey (Rsa, RsaKeyE, KeyBuffer, &KeySize); 170 if (!Status || KeySize != sizeof (RsaE)) { 171 Print (L"[Fail]"); 172 return EFI_ABORTED; 173 } 174 175 if (CompareMem (KeyBuffer, RsaE, KeySize) != 0) { 176 Print (L"[Fail]"); 177 return EFI_ABORTED; 178 } 179 180 FreePool (KeyBuffer); 181 182 // 183 // Clear/Get RSA Key Components 184 // 185 Print (L"Clear/Get RSA Key Components ... "); 186 187 // 188 // Clear/Get RSA Key N 189 // 190 Status = RsaSetKey (Rsa, RsaKeyN, NULL, 0); 191 if (!Status) { 192 Print (L"[Fail]"); 193 return EFI_ABORTED; 194 } 195 196 KeySize = 1; 197 Status = RsaGetKey (Rsa, RsaKeyN, NULL, &KeySize); 198 if (!Status || KeySize != 0) { 199 Print (L"[Fail]"); 200 return EFI_ABORTED; 201 } 202 203 // 204 // Clear/Get RSA Key E 205 // 206 Status = RsaSetKey (Rsa, RsaKeyE, NULL, 0); 207 if (!Status) { 208 Print (L"[Fail]"); 209 return EFI_ABORTED; 210 } 211 212 KeySize = 1; 213 Status = RsaGetKey (Rsa, RsaKeyE, NULL, &KeySize); 214 if (!Status || KeySize != 0) { 215 Print (L"[Fail]"); 216 return EFI_ABORTED; 217 } 218 219 // 220 // Generate RSA Key Components 221 // 222 Print (L"Generate RSA Key Components ... "); 223 224 Status = RsaGenerateKey (Rsa, RSA_MODULUS_LENGTH, NULL, 0); 225 if (!Status) { 226 Print (L"[Fail]"); 227 return EFI_ABORTED; 228 } 229 230 KeySize = RSA_MODULUS_LENGTH / 8; 231 KeyBuffer = AllocatePool (KeySize); 232 Status = RsaGetKey (Rsa, RsaKeyE, KeyBuffer, &KeySize); 233 if (!Status) { 234 Print (L"[Fail]"); 235 return EFI_ABORTED; 236 } 237 238 if (KeySize != 3 || 239 CompareMem (KeyBuffer, DefaultPublicKey, 3) != 0) { 240 Print (L"[Fail]"); 241 return EFI_ABORTED; 242 } 243 244 KeySize = RSA_MODULUS_LENGTH / 8; 245 Status = RsaGetKey (Rsa, RsaKeyN, KeyBuffer, &KeySize); 246 if (!Status) { 247 Print (L"[Fail]"); 248 return EFI_ABORTED; 249 } 250 251 if (KeySize != RSA_MODULUS_LENGTH / 8) { 252 Print (L"[Fail]"); 253 return EFI_ABORTED; 254 } 255 256 if (!RsaCheckKey (Rsa)) { 257 Print (L"[Fail]"); 258 return EFI_ABORTED; 259 } 260 261 // 262 // Check invalid RSA key components 263 // 264 Print (L"Check Invalid RSA Key Components ... "); 265 266 Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN)); 267 if (!Status) { 268 Print (L"[Fail]"); 269 return EFI_ABORTED; 270 } 271 272 if (RsaCheckKey (Rsa)) { 273 Print (L"[Fail]"); 274 return EFI_ABORTED; 275 } 276 277 Status = RsaSetKey (Rsa, RsaKeyN, KeyBuffer, KeySize); 278 if (!Status) { 279 Print (L"[Fail]"); 280 return EFI_ABORTED; 281 } 282 283 if (!RsaCheckKey (Rsa)) { 284 Print (L"[Fail]"); 285 return EFI_ABORTED; 286 } 287 288 Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE)); 289 if (!Status) { 290 Print (L"[Fail]"); 291 return EFI_ABORTED; 292 } 293 294 if (RsaCheckKey (Rsa)) { 295 Print (L"[Fail]"); 296 return EFI_ABORTED; 297 } 298 299 FreePool (KeyBuffer); 300 301 // 302 // SHA-1 Digest Message for PKCS#1 Signature 303 // 304 Print (L"Hash Original Message ... "); 305 HashSize = SHA1_DIGEST_SIZE; 306 ZeroMem (HashValue, HashSize); 307 CtxSize = Sha1GetContextSize (); 308 Sha1Ctx = AllocatePool (CtxSize); 309 310 Status = Sha1Init (Sha1Ctx); 311 if (!Status) { 312 Print (L"[Fail]"); 313 return EFI_ABORTED; 314 } 315 316 Status = Sha1Update (Sha1Ctx, RsaSignData, AsciiStrLen (RsaSignData)); 317 if (!Status) { 318 Print (L"[Fail]"); 319 return EFI_ABORTED; 320 } 321 322 Status = Sha1Final (Sha1Ctx, HashValue); 323 if (!Status) { 324 Print (L"[Fail]"); 325 return EFI_ABORTED; 326 } 327 328 FreePool (Sha1Ctx); 329 330 // 331 // Sign RSA PKCS#1-encoded Signature 332 // 333 Print (L"PKCS#1 Signature ... "); 334 335 RsaFree (Rsa); 336 337 Rsa = RsaNew (); 338 if (Rsa == NULL) { 339 Print (L"[Fail]"); 340 return EFI_ABORTED; 341 } 342 343 Status = RsaSetKey (Rsa, RsaKeyN, RsaN, sizeof (RsaN)); 344 if (!Status) { 345 Print (L"[Fail]"); 346 return EFI_ABORTED; 347 } 348 349 Status = RsaSetKey (Rsa, RsaKeyE, RsaE, sizeof (RsaE)); 350 if (!Status) { 351 Print (L"[Fail]"); 352 return EFI_ABORTED; 353 } 354 355 Status = RsaSetKey (Rsa, RsaKeyD, RsaD, sizeof (RsaD)); 356 if (!Status) { 357 Print (L"[Fail]"); 358 return EFI_ABORTED; 359 } 360 361 SigSize = 0; 362 Status = RsaPkcs1Sign (Rsa, HashValue, HashSize, NULL, &SigSize); 363 if (Status || SigSize == 0) { 364 Print (L"[Fail]"); 365 return EFI_ABORTED; 366 } 367 368 Signature = AllocatePool (SigSize); 369 Status = RsaPkcs1Sign (Rsa, HashValue, HashSize, Signature, &SigSize); 370 if (!Status) { 371 Print (L"[Fail]"); 372 return EFI_ABORTED; 373 } 374 375 if (SigSize != sizeof (RsaPkcs1Signature)) { 376 Print (L"[Fail]"); 377 return EFI_ABORTED; 378 } 379 380 if (CompareMem (Signature, RsaPkcs1Signature, SigSize) != 0) { 381 Print (L"[Fail]"); 382 return EFI_ABORTED; 383 } 384 385 // 386 // Verify RSA PKCS#1-encoded Signature 387 // 388 389 Print (L"PKCS#1 Signature Verification ... "); 390 391 Status = RsaPkcs1Verify (Rsa, HashValue, HashSize, Signature, SigSize); 392 if (!Status) { 393 Print (L"[Fail]"); 394 return EFI_ABORTED; 395 } 396 397 // 398 // Release Resources 399 // 400 RsaFree (Rsa); 401 Print (L"Release RSA Context ... [Pass]"); 402 403 Print (L"\n"); 404 405 return EFI_SUCCESS; 406 } 407