1 /* 2 * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 8 #ifndef _COMMON_SB_OPS_H 9 #define _COMMON_SB_OPS_H 10 11 #include <stdio.h> 12 #include <stdlib.h> 13 #include <string.h> 14 #include <stdint.h> 15 #include <stdbool.h> 16 17 #include <openssl/objects.h> 18 #include <openssl/pem.h> 19 #include <openssl/evp.h> 20 #include <openssl/rand.h> 21 #include <openssl/bn.h> 22 #include <openssl/aes.h> 23 #include <openssl/err.h> 24 #include "common_rsa_keypair.h" 25 #include "common_crypto_asym.h" 26 #include "common_util_log.h" 27 #include "cc_crypto_defs.h" 28 #include "cc_pka_hw_plat_defs.h" 29 30 /* Global defines */ 31 #define Nullptr (void *)0 32 #define SIZE_OF_DATA_FOR_DERIVATION 22 33 34 /** 35 * @brief The SIGN_RELEASE releases the allocated memory from the sign operation. 36 */ 37 38 #define SIGN_RELEASE(fname) \ 39 {\ 40 if (status < 0) \ 41 printf("\n%s failed.\n", fname); \ 42 if (pRsaPubKey) \ 43 RSA_free (pRsaPubKey); \ 44 if (bio) \ 45 BIO_free (bio); \ 46 if (md_ctx) \ 47 EVP_MD_CTX_destroy(md_ctx); \ 48 return (status); \ 49 } 50 51 #define SIGN21_RELEASE(fname) \ 52 {\ 53 if (status < 0) \ 54 printf("\n%s failed.\n", fname); \ 55 if (pRsaPrivKey) \ 56 RSA_free (pRsaPrivKey); \ 57 return (status); \ 58 } 59 /** 60 * @brief The RSA_LOADKEY_RELEASE releases the allocated memory from the loading key operation. 61 */ 62 #define RSA_LOADKEY_RELEASE(msg) \ 63 {\ 64 if(status < 0) \ 65 printf("\n%s\n", msg); \ 66 if (rsa_pkey) \ 67 RSA_free (rsa_pkey); \ 68 if (out) \ 69 BIO_free (out); \ 70 return status; \ 71 } 72 73 /** 74 * @brief The CALCULATE_NP_RELEASE releases the allocated memory from the Np calculation operation. 75 */ 76 #define CALCULATE_NP_RELEASE(msg) \ 77 {\ 78 if(status < 0) \ 79 printf("\n%s\n", msg); \ 80 if (N_Temp) \ 81 free(N_Temp); \ 82 if(NP_res) \ 83 free(NP_res); \ 84 BN_free (bn_r); \ 85 BN_free (bn_a); \ 86 BN_free (bn_p); \ 87 BN_free (bn_n); \ 88 BN_free (bn_quo); \ 89 BN_free (bn_rem); \ 90 return (status); \ 91 } 92 93 /** 94 * @brief The CALCULATE_H_RELEASE releases the allocated memory from the H calculation operation. 95 */ 96 #define CALCULATE_H_RELEASE(msg) \ 97 {\ 98 if(status < 0) \ 99 printf("\n%s\n", msg); \ 100 if (N_Temp) \ 101 free(N_Temp); \ 102 if(H_res) \ 103 free(H_res); \ 104 if (H_resTemp) \ 105 OPENSSL_free(H_resTemp); \ 106 BN_free (bn_two); \ 107 BN_free (bn_twos); \ 108 BN_free (bn_n); \ 109 BN_free (bn_h); \ 110 return (status); \ 111 } 112 113 #define MAX_IMAGE_CHUNK (1024) // 1K byte 114 115 #ifdef USE_CONST_N 116 char N_Const[] = 117 { 118 0x64, 0x39, 0x34, 0x38, 0x36, 0x66, 0x65, 0x34, 0x38, 0x64, 0x62, 0x34, 0x32, 0x34, 0x32, 0x36, 119 0x62, 0x38, 0x64, 0x37, 0x37, 0x65, 0x62, 0x30, 0x30, 0x34, 0x33, 0x61, 0x35, 0x30, 0x37, 0x38, 120 0x35, 0x61, 0x38, 0x65, 0x64, 0x31, 0x39, 0x36, 0x31, 0x36, 0x66, 0x38, 0x33, 0x33, 0x62, 0x63, 121 0x36, 0x37, 0x65, 0x32, 0x62, 0x36, 0x37, 0x35, 0x33, 0x66, 0x64, 0x35, 0x32, 0x33, 0x62, 0x38, 122 0x32, 0x62, 0x32, 0x64, 0x31, 0x37, 0x32, 0x65, 0x66, 0x64, 0x32, 0x34, 0x30, 0x34, 0x62, 0x33, 123 0x65, 0x39, 0x30, 0x63, 0x31, 0x33, 0x39, 0x37, 0x65, 0x66, 0x66, 0x32, 0x64, 0x63, 0x61, 0x34, 124 0x33, 0x61, 0x66, 0x64, 0x66, 0x35, 0x35, 0x61, 0x38, 0x36, 0x63, 0x32, 0x33, 0x63, 0x65, 0x37, 125 0x64, 0x37, 0x32, 0x30, 0x36, 0x38, 0x38, 0x34, 0x66, 0x35, 0x33, 0x63, 0x38, 0x30, 0x62, 0x37, 126 0x39, 0x30, 0x37, 0x38, 0x38, 0x63, 0x33, 0x63, 0x38, 0x61, 0x36, 0x38, 0x32, 0x34, 0x38, 0x64, 127 0x39, 0x39, 0x37, 0x38, 0x30, 0x37, 0x63, 0x31, 0x61, 0x64, 0x39, 0x39, 0x31, 0x37, 0x31, 0x32, 128 0x37, 0x38, 0x33, 0x64, 0x37, 0x38, 0x35, 0x65, 0x61, 0x37, 0x39, 0x64, 0x66, 0x36, 0x35, 0x31, 129 0x32, 0x61, 0x64, 0x32, 0x37, 0x35, 0x31, 0x34, 0x38, 0x35, 0x31, 0x36, 0x62, 0x34, 0x36, 0x36, 130 0x30, 0x35, 0x31, 0x31, 0x38, 0x64, 0x33, 0x33, 0x36, 0x35, 0x38, 0x61, 0x62, 0x38, 0x37, 0x38, 131 0x66, 0x30, 0x34, 0x35, 0x32, 0x36, 0x66, 0x66, 0x62, 0x64, 0x65, 0x61, 0x32, 0x31, 0x39, 0x65, 132 0x34, 0x33, 0x35, 0x66, 0x36, 0x61, 0x37, 0x32, 0x65, 0x65, 0x62, 0x31, 0x64, 0x32, 0x36, 0x64, 133 0x64, 0x63, 0x31, 0x62, 0x33, 0x30, 0x35, 0x30, 0x61, 0x34, 0x38, 0x66, 0x36, 0x36, 0x65, 0x64, 134 0x33, 0x33, 0x65, 0x31, 0x35, 0x62, 0x34, 0x34, 0x33, 0x64, 0x32, 0x63, 0x38, 0x61, 0x63, 0x65, 135 0x35, 0x35, 0x62, 0x33, 0x63, 0x33, 0x63, 0x64, 0x62, 0x64, 0x62, 0x31, 0x63, 0x62, 0x63, 0x66, 136 0x32, 0x63, 0x64, 0x32, 0x61, 0x63, 0x32, 0x61, 0x35, 0x32, 0x63, 0x64, 0x38, 0x34, 0x65, 0x34, 137 0x62, 0x34, 0x31, 0x35, 0x36, 0x38, 0x61, 0x35, 0x63, 0x66, 0x66, 0x62, 0x63, 0x30, 0x63, 0x37, 138 0x30, 0x36, 0x36, 0x38, 0x32, 0x31, 0x33, 0x61, 0x65, 0x34, 0x33, 0x64, 0x38, 0x34, 0x62, 0x38, 139 0x61, 0x38, 0x33, 0x39, 0x35, 0x36, 0x66, 0x36, 0x37, 0x62, 0x64, 0x31, 0x62, 0x32, 0x62, 0x62, 140 0x34, 0x38, 0x38, 0x38, 0x34, 0x65, 0x34, 0x65, 0x36, 0x38, 0x36, 0x30, 0x39, 0x33, 0x30, 0x66, 141 0x63, 0x66, 0x66, 0x36, 0x33, 0x34, 0x61, 0x64, 0x39, 0x34, 0x64, 0x37, 0x30, 0x32, 0x36, 0x63, 142 0x34, 0x66, 0x34, 0x64, 0x35, 0x63, 0x36, 0x32, 0x65, 0x31, 0x66, 0x37, 0x66, 0x31, 0x33, 0x32, 143 0x61, 0x65, 0x61, 0x33, 0x65, 0x64, 0x61, 0x62, 0x37, 0x63, 0x39, 0x63, 0x62, 0x62, 0x64, 0x63, 144 0x31, 0x31, 0x39, 0x66, 0x64, 0x66, 0x61, 0x39, 0x65, 0x39, 0x64, 0x38, 0x37, 0x63, 0x65, 0x37, 145 0x36, 0x31, 0x34, 0x32, 0x65, 0x37, 0x65, 0x33, 0x38, 0x66, 0x35, 0x31, 0x32, 0x62, 0x63, 0x31, 146 0x35, 0x62, 0x62, 0x34, 0x35, 0x33, 0x37, 0x62, 0x39, 0x62, 0x65, 0x37, 0x64, 0x32, 0x61, 0x32, 147 0x36, 0x32, 0x30, 0x65, 0x36, 0x39, 0x35, 0x36, 0x65, 0x37, 0x35, 0x39, 0x66, 0x66, 0x38, 0x66, 148 0x65, 0x34, 0x64, 0x37, 0x31, 0x65, 0x65, 0x66, 0x36, 0x31, 0x32, 0x39, 0x64, 0x64, 0x39, 0x36, 149 0x38, 0x61, 0x62, 0x30, 0x30, 0x64, 0x31, 0x65, 0x64, 0x39, 0x63, 0x31, 0x39, 0x37, 0x30, 0x35 150 }; 151 #endif 152 153 /** 154 * @brief The Sign_v15 generates RSA signature using PKCS#1 v1.5 algorithm. 155 * 156 * The function 157 * 1. Create RSA signature 158 * 2. Verify the signature correctness 159 * @param[in] pRsaPrivKey - the private key 160 * @param[in] DataIn_ptr - the data to sign on 161 * @param[in] DataInSize - the data size 162 * @param[in] Key_ptr - passphrase string 163 * @param[out] Signature_ptr - the RSA signature 164 * 165 */ 166 /*********************************************************/ 167 int Sign_v15(RSA *pRsaPrivKey, char *DataIn_ptr, // IG - merge with common implementation 168 int DataInSize, char *Signature_ptr, 169 char *Key_ptr); 170 171 /** 172 * @brief The Sign_v21 generates RSA signature using PKCS#1 v2.1 algorithm. 173 * 174 * The function 175 * 1. Create RSA signature 176 * 2. Verify the signature correctness 177 * @param[in] pRsaPrivKey - the private key 178 * @param[in] DataIn_ptr - the data to sign on 179 * @param[in] DataInSize - the data size 180 * @param[out] Signature_ptr - the RSA signature 181 * 182 */ 183 /*********************************************************/ 184 int Sign_v21(RSA *pRsaPrivKey, char *DataIn_ptr, 185 int DataInSize, char *Signature_ptr); 186 187 /** 188 * @brief The function SBU_GetNFromKeyPairAndCalcH Reads RSA key from the file using passphrase, 189 * and returns its decrypted value and its calculated Hash 190 * 191 * @param[in] PemEncryptedFileName_ptr - file name 192 * @param[in] pwdFileName - file name of the password 193 * @param[out] PemDecryted - N buffer 194 * @param[out] H_ptr - The H result. H size is N_SIZE_IN_BYTES*2 + 1 195 * 196 */ 197 /*********************************************************/ 198 SBUEXPORT_C int SBU_GetNFromKeyPairAndCalcH(char* PemEncryptedFileName_ptr, char *pwdFileName, char *N_ptr, char *H_ptr); 199 200 /** 201 * @brief The SBU_RAND_Bytes reads RSA key from the file using passphrase 202 * and returns its decrypted value. 203 * 204 * @param[in] PemEncryptedFileName_ptr - file name 205 * @param[in] Key_ptr - passphrase 206 */ 207 /*********************************************************/ 208 SBUEXPORT_C int SBU_RAND_Bytes(int numBytes, char *buf); 209 210 /** 211 * @brief Reads RSA key from the file using passphrase, and returns its decrypted value and its Np 212 * 213 * @param[in] PemEncryptedFileName_ptr - file name 214 * @param[in] pwdFileName - file name of the password 215 * @param[out] PemDecryted - N and Np buffer 216 */ 217 /*********************************************************/ 218 SBUEXPORT_C int SBU_GetNAndNpFromKeyPair(char* PemEncryptedFileName_ptr, char *pwdFileName, char *PemDecryted); 219 220 /** 221 * @brief Reads RSA key from the file using passphrase, and returns its decrypted value and its Np 222 * 223 * @param[in] PemEncryptedFileName_ptr - public key file name 224 * @param[out] PemDecryted - N and Np buffer 225 */ 226 /*********************************************************/ 227 SBUEXPORT_C int SBU_GetNAndNpFromPubKey(char* PemEncryptedFileName_ptr, char *PemDecryted); 228 229 /** 230 * @brief Reads RSA public key from the file and returns its raw value and its Np 231 * 232 * @param[in] pPemFileName_ptr - file name 233 * @param[out] pNAndNp - N and Np buffer 234 */ 235 /*********************************************************/ 236 SBUEXPORT_C int SBU_GetHashOfNAndNpFromPubKey(char* pPemFileName_ptr, char *pHash, int hashSize); 237 238 239 240 241 #endif 242
