Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2024 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include <stdarg.h>
8 : #include <stddef.h>
9 : #include <setjmp.h>
10 : #include <stdint.h>
11 : #include <stdlib.h>
12 : #include <stdio.h>
13 : #include <assert.h>
14 : #include <string.h>
15 :
16 : #include <base.h>
17 : #include "library/memlib.h"
18 : #include "spdm_device_secret_lib_internal.h"
19 : #include "internal/libspdm_common_lib.h"
20 :
21 : #if (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) || (LIBSPDM_ENABLE_CAPABILITY_ENDPOINT_INFO_CAP)
22 35 : bool libspdm_requester_data_sign(
23 : void *spdm_context,
24 : spdm_version_number_t spdm_version, uint8_t op_code,
25 : uint16_t req_base_asym_alg, uint32_t req_pqc_asym_alg,
26 : uint32_t base_hash_algo, bool is_data_hash,
27 : const uint8_t *message, size_t message_size,
28 : uint8_t *signature, size_t *sig_size)
29 : {
30 : void *context;
31 : bool result;
32 :
33 : #if !LIBSPDM_PRIVATE_KEY_MODE_RAW_KEY_ONLY
34 35 : if (g_private_key_mode) {
35 : void *private_pem;
36 : size_t private_pem_size;
37 :
38 35 : if (req_pqc_asym_alg != 0) {
39 0 : result = libspdm_read_requester_pqc_private_key(
40 : req_pqc_asym_alg, &private_pem, &private_pem_size);
41 : } else {
42 35 : result = libspdm_read_requester_private_key(
43 : req_base_asym_alg, &private_pem, &private_pem_size);
44 : }
45 35 : if (!result) {
46 0 : return false;
47 : }
48 :
49 35 : if (req_pqc_asym_alg != 0) {
50 0 : result = libspdm_req_pqc_asym_get_private_key_from_pem(req_pqc_asym_alg,
51 : private_pem,
52 : private_pem_size, NULL,
53 : &context);
54 : } else {
55 35 : result = libspdm_req_asym_get_private_key_from_pem(req_base_asym_alg,
56 : private_pem,
57 : private_pem_size, NULL,
58 : &context);
59 : }
60 35 : if (!result) {
61 0 : libspdm_zero_mem(private_pem, private_pem_size);
62 0 : free(private_pem);
63 0 : return false;
64 : }
65 :
66 35 : if (req_pqc_asym_alg != 0) {
67 0 : if (is_data_hash) {
68 0 : result = libspdm_req_pqc_asym_sign_hash(spdm_version, op_code, req_pqc_asym_alg,
69 : base_hash_algo, context,
70 : message, message_size, signature, sig_size);
71 : } else {
72 0 : result = libspdm_req_pqc_asym_sign(spdm_version, op_code, req_pqc_asym_alg,
73 : base_hash_algo, context,
74 : message, message_size,
75 : signature, sig_size);
76 : }
77 0 : libspdm_req_pqc_asym_free(req_pqc_asym_alg, context);
78 : } else {
79 35 : if (is_data_hash) {
80 13 : result = libspdm_req_asym_sign_hash(spdm_version, op_code, req_base_asym_alg,
81 : base_hash_algo, context,
82 : message, message_size, signature, sig_size);
83 : } else {
84 22 : result = libspdm_req_asym_sign(spdm_version, op_code, req_base_asym_alg,
85 : base_hash_algo, context,
86 : message, message_size,
87 : signature, sig_size);
88 : }
89 35 : libspdm_req_asym_free(req_base_asym_alg, context);
90 : }
91 35 : libspdm_zero_mem(private_pem, private_pem_size);
92 35 : free(private_pem);
93 : } else {
94 : #endif
95 0 : if (req_pqc_asym_alg != 0) {
96 0 : result = libspdm_get_requester_pqc_private_key_from_raw_data(req_pqc_asym_alg, &context);
97 : } else {
98 0 : result = libspdm_get_requester_private_key_from_raw_data(req_base_asym_alg, &context);
99 : }
100 0 : if (!result) {
101 0 : return false;
102 : }
103 :
104 0 : if (req_pqc_asym_alg != 0) {
105 0 : if (is_data_hash) {
106 0 : result = libspdm_req_pqc_asym_sign_hash(spdm_version, op_code, req_pqc_asym_alg,
107 : base_hash_algo, context,
108 : message, message_size, signature, sig_size);
109 : } else {
110 0 : result = libspdm_req_pqc_asym_sign(spdm_version, op_code, req_pqc_asym_alg,
111 : base_hash_algo, context,
112 : message, message_size,
113 : signature, sig_size);
114 : }
115 0 : libspdm_req_pqc_asym_free(req_pqc_asym_alg, context);
116 : } else {
117 0 : if (is_data_hash) {
118 0 : result = libspdm_req_asym_sign_hash(spdm_version, op_code, req_base_asym_alg,
119 : base_hash_algo, context,
120 : message, message_size, signature, sig_size);
121 : } else {
122 0 : result = libspdm_req_asym_sign(spdm_version, op_code, req_base_asym_alg,
123 : base_hash_algo, context,
124 : message, message_size,
125 : signature, sig_size);
126 : }
127 0 : libspdm_req_asym_free(req_base_asym_alg, context);
128 : }
129 : #if !LIBSPDM_PRIVATE_KEY_MODE_RAW_KEY_ONLY
130 : }
131 : #endif
132 :
133 : #if LIBSPDM_SECRET_LIB_SIGN_LITTLE_ENDIAN
134 : if ((req_pqc_asym_alg == 0) &&
135 : ((spdm_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) <= SPDM_MESSAGE_VERSION_11)) {
136 : if (result) {
137 : libspdm_copy_signature_swap_endian(
138 : req_base_asym_alg, signature, *sig_size, signature, *sig_size);
139 : }
140 : }
141 : #endif
142 :
143 35 : return result;
144 : }
145 : #endif /* (LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP) || (...) */
146 :
147 138 : bool libspdm_responder_data_sign(
148 : void *spdm_context,
149 : spdm_version_number_t spdm_version, uint8_t op_code,
150 : uint32_t base_asym_algo, uint32_t pqc_asym_algo,
151 : uint32_t base_hash_algo, bool is_data_hash,
152 : const uint8_t *message, size_t message_size,
153 : uint8_t *signature, size_t *sig_size)
154 : {
155 : void *context;
156 : bool result;
157 : #if !LIBSPDM_PRIVATE_KEY_MODE_RAW_KEY_ONLY
158 138 : if (g_private_key_mode) {
159 : void *private_pem;
160 : size_t private_pem_size;
161 :
162 138 : if (pqc_asym_algo != 0) {
163 0 : result = libspdm_read_responder_pqc_private_key(
164 : pqc_asym_algo, &private_pem, &private_pem_size);
165 : } else {
166 138 : result = libspdm_read_responder_private_key(
167 : base_asym_algo, &private_pem, &private_pem_size);
168 : }
169 138 : if (!result) {
170 0 : return false;
171 : }
172 :
173 138 : if (pqc_asym_algo != 0) {
174 0 : result = libspdm_pqc_asym_get_private_key_from_pem(
175 : pqc_asym_algo, private_pem, private_pem_size, NULL, &context);
176 : } else {
177 138 : result = libspdm_asym_get_private_key_from_pem(
178 : base_asym_algo, private_pem, private_pem_size, NULL, &context);
179 : }
180 138 : if (!result) {
181 0 : libspdm_zero_mem(private_pem, private_pem_size);
182 0 : free(private_pem);
183 0 : return false;
184 : }
185 :
186 138 : if (pqc_asym_algo != 0) {
187 0 : if (is_data_hash) {
188 0 : result = libspdm_pqc_asym_sign_hash(spdm_version, op_code, pqc_asym_algo, base_hash_algo,
189 : context,
190 : message, message_size, signature, sig_size);
191 : } else {
192 0 : result = libspdm_pqc_asym_sign(spdm_version, op_code, pqc_asym_algo,
193 : base_hash_algo, context,
194 : message, message_size,
195 : signature, sig_size);
196 : }
197 0 : libspdm_pqc_asym_free(pqc_asym_algo, context);
198 : } else {
199 138 : if (is_data_hash) {
200 40 : result = libspdm_asym_sign_hash(spdm_version, op_code, base_asym_algo, base_hash_algo,
201 : context,
202 : message, message_size, signature, sig_size);
203 : } else {
204 98 : result = libspdm_asym_sign(spdm_version, op_code, base_asym_algo,
205 : base_hash_algo, context,
206 : message, message_size,
207 : signature, sig_size);
208 : }
209 138 : libspdm_asym_free(base_asym_algo, context);
210 : }
211 138 : libspdm_zero_mem(private_pem, private_pem_size);
212 138 : free(private_pem);
213 : } else {
214 : #endif
215 0 : if (pqc_asym_algo != 0) {
216 0 : result = libspdm_get_responder_pqc_private_key_from_raw_data(pqc_asym_algo, &context);
217 : } else {
218 0 : result = libspdm_get_responder_private_key_from_raw_data(base_asym_algo, &context);
219 : }
220 0 : if (!result) {
221 0 : return false;
222 : }
223 :
224 0 : if (pqc_asym_algo != 0) {
225 0 : if (is_data_hash) {
226 0 : result = libspdm_pqc_asym_sign_hash(spdm_version, op_code, pqc_asym_algo, base_hash_algo,
227 : context,
228 : message, message_size, signature, sig_size);
229 : } else {
230 0 : result = libspdm_pqc_asym_sign(spdm_version, op_code, pqc_asym_algo,
231 : base_hash_algo, context,
232 : message, message_size,
233 : signature, sig_size);
234 : }
235 0 : libspdm_pqc_asym_free(pqc_asym_algo, context);
236 : } else {
237 0 : if (is_data_hash) {
238 0 : result = libspdm_asym_sign_hash(spdm_version, op_code, base_asym_algo, base_hash_algo,
239 : context,
240 : message, message_size, signature, sig_size);
241 : } else {
242 0 : result = libspdm_asym_sign(spdm_version, op_code, base_asym_algo,
243 : base_hash_algo, context,
244 : message, message_size,
245 : signature, sig_size);
246 : }
247 0 : libspdm_asym_free(base_asym_algo, context);
248 : }
249 : #if !LIBSPDM_PRIVATE_KEY_MODE_RAW_KEY_ONLY
250 : }
251 : #endif
252 :
253 : #if LIBSPDM_SECRET_LIB_SIGN_LITTLE_ENDIAN
254 : if ((pqc_asym_algo == 0) &&
255 : ((spdm_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) <= SPDM_MESSAGE_VERSION_11)) {
256 : if (result) {
257 : libspdm_copy_signature_swap_endian(
258 : base_asym_algo, signature, *sig_size, signature, *sig_size);
259 : }
260 : }
261 : #endif
262 :
263 138 : return result;
264 : }
|
