Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2024 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : #include <stdarg.h>
8 : #include <stddef.h>
9 : #include <setjmp.h>
10 : #include <stdint.h>
11 : #include <stdlib.h>
12 : #include <stdio.h>
13 : #include <assert.h>
14 : #include <string.h>
15 :
16 : #include <base.h>
17 : #include "library/memlib.h"
18 : #include "spdm_device_secret_lib_internal.h"
19 : #include "internal/libspdm_common_lib.h"
20 :
21 : #if LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP
22 35 : bool libspdm_requester_data_sign(
23 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
24 : void *spdm_context,
25 : #endif
26 : spdm_version_number_t spdm_version, uint8_t op_code,
27 : uint16_t req_base_asym_alg, uint32_t req_pqc_asym_alg,
28 : uint32_t base_hash_algo, bool is_data_hash,
29 : const uint8_t *message, size_t message_size,
30 : uint8_t *signature, size_t *sig_size)
31 : {
32 : void *context;
33 : bool result;
34 :
35 : #if !LIBSPDM_PRIVATE_KEY_MODE_RAW_KEY_ONLY
36 35 : if (g_private_key_mode) {
37 : void *private_pem;
38 : size_t private_pem_size;
39 :
40 35 : if (req_pqc_asym_alg != 0) {
41 0 : result = libspdm_read_requester_pqc_private_key(
42 : req_pqc_asym_alg, &private_pem, &private_pem_size);
43 : } else {
44 35 : result = libspdm_read_requester_private_key(
45 : req_base_asym_alg, &private_pem, &private_pem_size);
46 : }
47 35 : if (!result) {
48 0 : return false;
49 : }
50 :
51 35 : if (req_pqc_asym_alg != 0) {
52 0 : result = libspdm_req_pqc_asym_get_private_key_from_pem(req_pqc_asym_alg,
53 : private_pem,
54 : private_pem_size, NULL,
55 : &context);
56 : } else {
57 35 : result = libspdm_req_asym_get_private_key_from_pem(req_base_asym_alg,
58 : private_pem,
59 : private_pem_size, NULL,
60 : &context);
61 : }
62 35 : if (!result) {
63 0 : libspdm_zero_mem(private_pem, private_pem_size);
64 0 : free(private_pem);
65 0 : return false;
66 : }
67 :
68 35 : if (req_pqc_asym_alg != 0) {
69 0 : if (is_data_hash) {
70 0 : result = libspdm_req_pqc_asym_sign_hash(spdm_version, op_code, req_pqc_asym_alg,
71 : base_hash_algo, context,
72 : message, message_size, signature, sig_size);
73 : } else {
74 0 : result = libspdm_req_pqc_asym_sign(spdm_version, op_code, req_pqc_asym_alg,
75 : base_hash_algo, context,
76 : message, message_size,
77 : signature, sig_size);
78 : }
79 0 : libspdm_req_pqc_asym_free(req_pqc_asym_alg, context);
80 : } else {
81 35 : if (is_data_hash) {
82 13 : result = libspdm_req_asym_sign_hash(spdm_version, op_code, req_base_asym_alg,
83 : base_hash_algo, context,
84 : message, message_size, signature, sig_size);
85 : } else {
86 22 : result = libspdm_req_asym_sign(spdm_version, op_code, req_base_asym_alg,
87 : base_hash_algo, context,
88 : message, message_size,
89 : signature, sig_size);
90 : }
91 35 : libspdm_req_asym_free(req_base_asym_alg, context);
92 : }
93 35 : libspdm_zero_mem(private_pem, private_pem_size);
94 35 : free(private_pem);
95 : } else {
96 : #endif
97 0 : if (req_pqc_asym_alg != 0) {
98 0 : result = libspdm_get_requester_pqc_private_key_from_raw_data(req_pqc_asym_alg, &context);
99 : } else {
100 0 : result = libspdm_get_requester_private_key_from_raw_data(req_base_asym_alg, &context);
101 : }
102 0 : if (!result) {
103 0 : return false;
104 : }
105 :
106 0 : if (req_pqc_asym_alg != 0) {
107 0 : if (is_data_hash) {
108 0 : result = libspdm_req_pqc_asym_sign_hash(spdm_version, op_code, req_pqc_asym_alg,
109 : base_hash_algo, context,
110 : message, message_size, signature, sig_size);
111 : } else {
112 0 : result = libspdm_req_pqc_asym_sign(spdm_version, op_code, req_pqc_asym_alg,
113 : base_hash_algo, context,
114 : message, message_size,
115 : signature, sig_size);
116 : }
117 0 : libspdm_req_pqc_asym_free(req_pqc_asym_alg, context);
118 : } else {
119 0 : if (is_data_hash) {
120 0 : result = libspdm_req_asym_sign_hash(spdm_version, op_code, req_base_asym_alg,
121 : base_hash_algo, context,
122 : message, message_size, signature, sig_size);
123 : } else {
124 0 : result = libspdm_req_asym_sign(spdm_version, op_code, req_base_asym_alg,
125 : base_hash_algo, context,
126 : message, message_size,
127 : signature, sig_size);
128 : }
129 0 : libspdm_req_asym_free(req_base_asym_alg, context);
130 : }
131 : #if !LIBSPDM_PRIVATE_KEY_MODE_RAW_KEY_ONLY
132 : }
133 : #endif
134 :
135 : #if LIBSPDM_SECRET_LIB_SIGN_LITTLE_ENDIAN
136 : if ((req_pqc_asym_alg == 0) &&
137 : ((spdm_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) <= SPDM_MESSAGE_VERSION_11)) {
138 : if (result) {
139 : libspdm_copy_signature_swap_endian(
140 : req_base_asym_alg, signature, *sig_size, signature, *sig_size);
141 : }
142 : }
143 : #endif
144 :
145 35 : return result;
146 : }
147 : #endif /* LIBSPDM_ENABLE_CAPABILITY_MUT_AUTH_CAP */
148 :
149 138 : bool libspdm_responder_data_sign(
150 : #if LIBSPDM_HAL_PASS_SPDM_CONTEXT
151 : void *spdm_context,
152 : #endif
153 : spdm_version_number_t spdm_version, uint8_t op_code,
154 : uint32_t base_asym_algo, uint32_t pqc_asym_algo,
155 : uint32_t base_hash_algo, bool is_data_hash,
156 : const uint8_t *message, size_t message_size,
157 : uint8_t *signature, size_t *sig_size)
158 : {
159 : void *context;
160 : bool result;
161 : #if !LIBSPDM_PRIVATE_KEY_MODE_RAW_KEY_ONLY
162 138 : if (g_private_key_mode) {
163 : void *private_pem;
164 : size_t private_pem_size;
165 :
166 138 : if (pqc_asym_algo != 0) {
167 0 : result = libspdm_read_responder_pqc_private_key(
168 : pqc_asym_algo, &private_pem, &private_pem_size);
169 : } else {
170 138 : result = libspdm_read_responder_private_key(
171 : base_asym_algo, &private_pem, &private_pem_size);
172 : }
173 138 : if (!result) {
174 0 : return false;
175 : }
176 :
177 138 : if (pqc_asym_algo != 0) {
178 0 : result = libspdm_pqc_asym_get_private_key_from_pem(
179 : pqc_asym_algo, private_pem, private_pem_size, NULL, &context);
180 : } else {
181 138 : result = libspdm_asym_get_private_key_from_pem(
182 : base_asym_algo, private_pem, private_pem_size, NULL, &context);
183 : }
184 138 : if (!result) {
185 0 : libspdm_zero_mem(private_pem, private_pem_size);
186 0 : free(private_pem);
187 0 : return false;
188 : }
189 :
190 138 : if (pqc_asym_algo != 0) {
191 0 : if (is_data_hash) {
192 0 : result = libspdm_pqc_asym_sign_hash(spdm_version, op_code, pqc_asym_algo, base_hash_algo,
193 : context,
194 : message, message_size, signature, sig_size);
195 : } else {
196 0 : result = libspdm_pqc_asym_sign(spdm_version, op_code, pqc_asym_algo,
197 : base_hash_algo, context,
198 : message, message_size,
199 : signature, sig_size);
200 : }
201 0 : libspdm_pqc_asym_free(pqc_asym_algo, context);
202 : } else {
203 138 : if (is_data_hash) {
204 40 : result = libspdm_asym_sign_hash(spdm_version, op_code, base_asym_algo, base_hash_algo,
205 : context,
206 : message, message_size, signature, sig_size);
207 : } else {
208 98 : result = libspdm_asym_sign(spdm_version, op_code, base_asym_algo,
209 : base_hash_algo, context,
210 : message, message_size,
211 : signature, sig_size);
212 : }
213 138 : libspdm_asym_free(base_asym_algo, context);
214 : }
215 138 : libspdm_zero_mem(private_pem, private_pem_size);
216 138 : free(private_pem);
217 : } else {
218 : #endif
219 0 : if (pqc_asym_algo != 0) {
220 0 : result = libspdm_get_responder_pqc_private_key_from_raw_data(pqc_asym_algo, &context);
221 : } else {
222 0 : result = libspdm_get_responder_private_key_from_raw_data(base_asym_algo, &context);
223 : }
224 0 : if (!result) {
225 0 : return false;
226 : }
227 :
228 0 : if (pqc_asym_algo != 0) {
229 0 : if (is_data_hash) {
230 0 : result = libspdm_pqc_asym_sign_hash(spdm_version, op_code, pqc_asym_algo, base_hash_algo,
231 : context,
232 : message, message_size, signature, sig_size);
233 : } else {
234 0 : result = libspdm_pqc_asym_sign(spdm_version, op_code, pqc_asym_algo,
235 : base_hash_algo, context,
236 : message, message_size,
237 : signature, sig_size);
238 : }
239 0 : libspdm_pqc_asym_free(pqc_asym_algo, context);
240 : } else {
241 0 : if (is_data_hash) {
242 0 : result = libspdm_asym_sign_hash(spdm_version, op_code, base_asym_algo, base_hash_algo,
243 : context,
244 : message, message_size, signature, sig_size);
245 : } else {
246 0 : result = libspdm_asym_sign(spdm_version, op_code, base_asym_algo,
247 : base_hash_algo, context,
248 : message, message_size,
249 : signature, sig_size);
250 : }
251 0 : libspdm_asym_free(base_asym_algo, context);
252 : }
253 : #if !LIBSPDM_PRIVATE_KEY_MODE_RAW_KEY_ONLY
254 : }
255 : #endif
256 :
257 : #if LIBSPDM_SECRET_LIB_SIGN_LITTLE_ENDIAN
258 : if ((pqc_asym_algo == 0) &&
259 : ((spdm_version >> SPDM_VERSION_NUMBER_SHIFT_BIT) <= SPDM_MESSAGE_VERSION_11)) {
260 : if (result) {
261 : libspdm_copy_signature_swap_endian(
262 : base_asym_algo, signature, *sig_size, signature, *sig_size);
263 : }
264 : }
265 : #endif
266 :
267 138 : return result;
268 : }
|