libckteec: Add PKCS #1 v1.5 RSA signing support

vesajaaskelainen · jforissier · commit bc8c1f0e3057 · 2021-08-03T11:14:59.000+02:00
Add support for performing RSA signing & verification operations for: - PKCS #1 v1.5 RSA with supplied hash value - Multi stage MD5 - Multi stage SHA-1 - Multi stage SHA-224 - Multi stage SHA-256 - Multi stage SHA-384 - Multi stage SHA-512 Specified in: PKCS OP-TEE#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40 Plus Errata 01 2.1.6 PKCS #1 v1.5 RSA Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
diff --git a/libckteec/include/pkcs11.h b/libckteec/include/pkcs11.h
@@ -262,6 +262,8 @@ typedef CK_MECHANISM_TYPE *CK_MECHANISM_TYPE_PTR;
 #define CKM_RSA_PKCS			0x00001
 #define CKM_RSA_9796			0x00002
 #define CKM_RSA_X_509			0x00003
+#define CKM_MD5_RSA_PKCS		0x00005
+#define CKM_SHA1_RSA_PKCS		0x00006
 #define CKM_RSA_PKCS_OAEP		0x00009
 #define CKM_SHA256_RSA_PKCS		0x00040
 #define CKM_SHA384_RSA_PKCS		0x00041
diff --git a/libckteec/include/pkcs11_ta.h b/libckteec/include/pkcs11_ta.h
@@ -1190,6 +1190,8 @@ enum pkcs11_mechanism_id {
 	PKCS11_CKM_RSA_PKCS			= 0x00001,
 	PKCS11_CKM_RSA_9796			= 0x00002,
 	PKCS11_CKM_RSA_X_509			= 0x00003,
+	PKCS11_CKM_MD5_RSA_PKCS			= 0x00005,
+	PKCS11_CKM_SHA1_RSA_PKCS		= 0x00006,
 	PKCS11_CKM_RSA_PKCS_OAEP		= 0x00009,
 	PKCS11_CKM_SHA256_RSA_PKCS		= 0x00040,
 	PKCS11_CKM_SHA384_RSA_PKCS		= 0x00041,
diff --git a/libckteec/src/ck_debug.c b/libckteec/src/ck_debug.c
@@ -125,6 +125,8 @@ const char *ckm2str(CK_MECHANISM_TYPE id)
 	CK2STR_ENTRY(CKM_RSA_PKCS);
 	CK2STR_ENTRY(CKM_RSA_9796);
 	CK2STR_ENTRY(CKM_RSA_X_509);
+	CK2STR_ENTRY(CKM_MD5_RSA_PKCS);
+	CK2STR_ENTRY(CKM_SHA1_RSA_PKCS);
 	CK2STR_ENTRY(CKM_RSA_PKCS_OAEP);
 	CK2STR_ENTRY(CKM_SHA256_RSA_PKCS);
 	CK2STR_ENTRY(CKM_SHA384_RSA_PKCS);
diff --git a/libckteec/src/serialize_ck.c b/libckteec/src/serialize_ck.c
@@ -523,6 +523,13 @@ CK_RV serialize_ck_mecha_params(struct serializer *obj,
 	case CKM_ECDSA_SHA384:
 	case CKM_ECDSA_SHA512:
 	case CKM_RSA_PKCS_KEY_PAIR_GEN:
+	case CKM_RSA_PKCS:
+	case CKM_MD5_RSA_PKCS:
+	case CKM_SHA1_RSA_PKCS:
+	case CKM_SHA224_RSA_PKCS:
+	case CKM_SHA256_RSA_PKCS:
+	case CKM_SHA384_RSA_PKCS:
+	case CKM_SHA512_RSA_PKCS:
 		/* No parameter expected, size shall be 0 */
 		if (mechanism->ulParameterLen)
 			return CKR_MECHANISM_PARAM_INVALID;
