CRYPT_RESULT _cpri__ValidateSignatureRSA(
RSA_KEY *key, TPM_ALG_ID padding_alg, TPM_ALG_ID hash_alg,
uint32_t digest_len, uint8_t *digest, uint32_t sig_len,
uint8_t *sig, uint16_t salt_len)
{
struct RSA rsa;
enum padding_mode padding;
enum hashing_mode hashing;
if (!check_key(key))
return CRYPT_FAIL;
if (!check_sign_params(padding_alg, hash_alg, &padding, &hashing))
return CRYPT_FAIL;
rsa.e = key->exponent;
rsa.N.dmax = key->publicKey->size / sizeof(uint32_t);
rsa.N.d = (struct access_helper *) &key->publicKey->buffer;
rsa.d.dmax = 0;
rsa.d.d = NULL;
if (DCRYPTO_rsa_verify(&rsa, digest, digest_len, sig, sig_len,
padding, hashing))
return CRYPT_SUCCESS;
else
return CRYPT_FAIL;
}
CRYPT_RESULT _cpri__SignRSA(uint32_t *out_len, uint8_t *out,
RSA_KEY *key, TPM_ALG_ID padding_alg,
TPM_ALG_ID hash_alg, uint32_t in_len, uint8_t *in)
{
struct RSA rsa;
enum padding_mode padding;
enum hashing_mode hashing;
if (!check_key(key))
return CRYPT_FAIL;
if (!check_sign_params(padding_alg, hash_alg, &padding, &hashing))
return CRYPT_FAIL;
rsa.e = key->exponent;
rsa.N.dmax = key->publicKey->size / sizeof(uint32_t);
rsa.N.d = (struct access_helper *) &key->publicKey->buffer;
rsa.d.dmax = key->privateKey->size / sizeof(uint32_t);
rsa.d.d = (struct access_helper *) &key->privateKey->buffer;
if (DCRYPTO_rsa_sign(&rsa, out, out_len, in, in_len, padding, hashing))
return CRYPT_SUCCESS;
else
return CRYPT_FAIL;
}
CRYPT_RESULT _cpri__SignRSA(uint32_t *out_len, uint8_t *out,
RSA_KEY *key, TPM_ALG_ID padding_alg,
TPM_ALG_ID hash_alg, uint32_t in_len, uint8_t *in)
{
struct RSA rsa;
enum padding_mode padding;
enum hashing_mode hashing;
int result;
if (!check_key(key))
return CRYPT_FAIL;
if (!check_sign_params(padding_alg, hash_alg, &padding, &hashing))
return CRYPT_FAIL;
reverse_tpm2b(key->publicKey);
reverse_tpm2b(key->privateKey);
rsa.e = key->exponent;
rsa.N.dmax = key->publicKey->size / sizeof(uint32_t);
rsa.N.d = (struct access_helper *) &key->publicKey->buffer;
rsa.d.dmax = key->privateKey->size / sizeof(uint32_t);
rsa.d.d = (struct access_helper *) &key->privateKey->buffer;
/* TPM2 wrapper function fails to initialize out_len! */
*out_len = key->publicKey->size;
result = DCRYPTO_rsa_sign(&rsa, out, out_len, in, in_len,
padding, hashing);
reverse_tpm2b(key->publicKey);
reverse_tpm2b(key->privateKey);
if (result)
return CRYPT_SUCCESS;
else
return CRYPT_FAIL;
}
