Move rsa_check_key and rsa_get_key to os_stub

Fix the issue: #2348 Signed-off-by: Wenxing Hou <[email protected]>
DMTF · Sep 12, 2023 · 5bedbc9 · 5bedbc9
1 parent 941f0ae
commit 5bedbc9
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 51 deletions.
diff --git a/include/hal/library/cryptlib/cryptlib_rsa.h b/include/hal/library/cryptlib/cryptlib_rsa.h
@@ -89,57 +89,6 @@ extern void libspdm_rsa_free(void *rsa_context);
 extern bool libspdm_rsa_set_key(void *rsa_context, const libspdm_rsa_key_tag_t key_tag,
                                 const uint8_t *big_number, size_t bn_size);
 
-/**
- * Gets the tag-designated RSA key component from the established RSA context.
- *
- * This function retrieves the tag-designated RSA key component from the
- * established RSA context as a non-negative integer (octet string format
- * represented in RSA PKCS#1).
- * If specified key component has not been set or has been cleared, then returned
- * bn_size is set to 0.
- * If the big_number buffer is too small to hold the contents of the key, false
- * is returned and bn_size is set to the required buffer size to obtain the key.
- *
- * If rsa_context is NULL, then return false.
- * If bn_size is NULL, then return false.
- * If bn_size is large enough but big_number is NULL, then return false.
- * If this interface is not supported, then return false.
- *
- * @param[in, out]  rsa_context  Pointer to RSA context being set.
- * @param[in]       key_tag      Tag of RSA key component being set.
- * @param[out]      big_number   Pointer to octet integer buffer.
- * @param[in, out]  bn_size      On input, the size of big number buffer in bytes.
- *                               On output, the size of data returned in big number buffer in bytes.
- *
- * @retval  true   RSA key component was retrieved successfully.
- * @retval  false  Invalid RSA key component tag.
- * @retval  false  bn_size is too small.
- * @retval  false  This interface is not supported.
- **/
-extern bool libspdm_rsa_get_key(void *rsa_context, const libspdm_rsa_key_tag_t key_tag,
-                                uint8_t *big_number, size_t *bn_size);
-
-/**
- * Validates key components of RSA context.
- * NOTE: This function performs integrity checks on all the RSA key material, so
- *      the RSA key structure must contain all the private key data.
- *
- * This function validates key components of RSA context in following aspects:
- * - Whether p is a prime
- * - Whether q is a prime
- * - Whether n = p * q
- * - Whether d*e = 1  mod lcm(p-1,q-1)
- *
- * If rsa_context is NULL, then return false.
- * If this interface is not supported, then return false.
- *
- * @param[in]  rsa_context  Pointer to RSA context to check.
- *
- * @retval  true   RSA key components are valid.
- * @retval  false  RSA key components are not valid.
- * @retval  false  This interface is not supported.
- **/
-extern bool libspdm_rsa_check_key(void *rsa_context);
 #endif /* (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT) */
 
 #if LIBSPDM_RSA_SSA_SUPPORT

diff --git a/os_stub/spdm_crypt_ext_lib/cryptlib_ext.h b/os_stub/spdm_crypt_ext_lib/cryptlib_ext.h
@@ -8,6 +8,7 @@
 #define CRYPTLIB_EXT_H
 
 #include "hal/base.h"
+#include "hal/library/cryptlib.h"
 
 /**
  * Retrieve the common name (CN) string from one X.509 certificate.
@@ -205,6 +206,58 @@ extern bool libspdm_rsa_get_private_key_from_pem(const uint8_t *pem_data,
                                                  const char *password,
                                                  void **rsa_context);
 
+/**
+ * Gets the tag-designated RSA key component from the established RSA context.
+ *
+ * This function retrieves the tag-designated RSA key component from the
+ * established RSA context as a non-negative integer (octet string format
+ * represented in RSA PKCS#1).
+ * If specified key component has not been set or has been cleared, then returned
+ * bn_size is set to 0.
+ * If the big_number buffer is too small to hold the contents of the key, false
+ * is returned and bn_size is set to the required buffer size to obtain the key.
+ *
+ * If rsa_context is NULL, then return false.
+ * If bn_size is NULL, then return false.
+ * If bn_size is large enough but big_number is NULL, then return false.
+ * If this interface is not supported, then return false.
+ *
+ * @param[in, out]  rsa_context  Pointer to RSA context being set.
+ * @param[in]       key_tag      Tag of RSA key component being set.
+ * @param[out]      big_number   Pointer to octet integer buffer.
+ * @param[in, out]  bn_size      On input, the size of big number buffer in bytes.
+ *                               On output, the size of data returned in big number buffer in bytes.
+ *
+ * @retval  true   RSA key component was retrieved successfully.
+ * @retval  false  Invalid RSA key component tag.
+ * @retval  false  bn_size is too small.
+ * @retval  false  This interface is not supported.
+ **/
+extern bool libspdm_rsa_get_key(void *rsa_context, const libspdm_rsa_key_tag_t key_tag,
+                                uint8_t *big_number, size_t *bn_size);
+
+/**
+ * Validates key components of RSA context.
+ * NOTE: This function performs integrity checks on all the RSA key material, so
+ *      the RSA key structure must contain all the private key data.
+ *
+ * This function validates key components of RSA context in following aspects:
+ * - Whether p is a prime
+ * - Whether q is a prime
+ * - Whether n = p * q
+ * - Whether d*e = 1  mod lcm(p-1,q-1)
+ *
+ * If rsa_context is NULL, then return false.
+ * If this interface is not supported, then return false.
+ *
+ * @param[in]  rsa_context  Pointer to RSA context to check.
+ *
+ * @retval  true   RSA key components are valid.
+ * @retval  false  RSA key components are not valid.
+ * @retval  false  This interface is not supported.
+ **/
+extern bool libspdm_rsa_check_key(void *rsa_context);
+
 /**
  * Generates RSA key components.
  *