1/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 */
5
6#ifndef VBOOT_REFERENCE_RSA_H_
7#define VBOOT_REFERENCE_RSA_H_
8
9#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
10#error "Do not include this file directly. Use cryptolib.h instead."
11#endif
12
13#include "sysincludes.h"
14
15#define RSA1024NUMBYTES 128  /* 1024 bit key length */
16#define RSA2048NUMBYTES 256  /* 2048 bit key length */
17#define RSA4096NUMBYTES 512  /* 4096 bit key length */
18#define RSA8192NUMBYTES 1024  /* 8192 bit key length */
19
20#define RSA1024NUMWORDS (RSA1024NUMBYTES / sizeof(uint32_t))
21#define RSA2048NUMWORDS (RSA2048NUMBYTES / sizeof(uint32_t))
22#define RSA4096NUMWORDS (RSA4096NUMBYTES / sizeof(uint32_t))
23#define RSA8192NUMWORDS (RSA8192NUMBYTES / sizeof(uint32_t))
24
25typedef struct RSAPublicKey {
26  uint32_t len;  /* Length of n[] in number of uint32_t */
27  uint32_t n0inv;  /* -1 / n[0] mod 2^32 */
28  uint32_t* n;  /* modulus as little endian array */
29  uint32_t* rr; /* R^2 as little endian array */
30  unsigned int algorithm; /* Algorithm to use when verifying with the key */
31} RSAPublicKey;
32
33/* Verify a RSA PKCS1.5 signature [sig] of [sig_type] and length [sig_len]
34 * against an expected [hash] using [key]. Returns 0 on failure, 1 on success.
35 */
36int RSAVerify(const RSAPublicKey *key,
37              const uint8_t* sig,
38              const uint32_t sig_len,
39              const uint8_t sig_type,
40              const uint8_t* hash);
41
42/* Perform RSA signature verification on [buf] of length [len] against expected
43 * signature [sig] using signature algorithm [algorithm]. The public key used
44 * for verification can either be in the form of a pre-process key blob
45 * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
46 * be non-NULL, and the other NULL or the function will fail.
47 *
48 * Returns 1 on verification success, 0 on verification failure or invalid
49 * arguments.
50 *
51 * Note: This function is for use in the firmware and assumes all pointers point
52 * to areas in the memory of the right size.
53 *
54 */
55int RSAVerifyBinary_f(const uint8_t* key_blob,
56                      const RSAPublicKey* key,
57                      const uint8_t* buf,
58                      uint64_t len,
59                      const uint8_t* sig,
60                      unsigned int algorithm);
61
62/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
63 * of data, its digest is passed as the argument. */
64int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
65                                const RSAPublicKey* key,
66                                const uint8_t* digest,
67                                const uint8_t* sig,
68                                unsigned int algorithm);
69
70
71/* ----Some additional utility functions for RSA.---- */
72
73/* Returns the size of a pre-processed RSA public key in
74 * [out_size] with the algorithm [algorithm].
75 *
76 * Returns 1 on success, 0 on failure.
77 */
78uint64_t RSAProcessedKeySize(uint64_t algorithm, uint64_t* out_size);
79
80/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
81 * NULL */
82RSAPublicKey* RSAPublicKeyNew(void);
83
84/* Deep free the contents of [key]. */
85void RSAPublicKeyFree(RSAPublicKey* key);
86
87/* Create a RSAPublic key structure from binary blob [buf] of length
88 * [len].
89 *
90 * Caller owns the returned key and must free it.
91 */
92RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, uint64_t len);
93
94
95#endif  /* VBOOT_REFERENCE_RSA_H_ */
96