OcCryptoLib: Remove Workbuf32 parameter from RsaVerify()

2025-12-08 19:25:01 +00:00 · 2019-04-09 09:19:38 +02:00 · 2019-04-09 09:19:38 +02:00 · 17bd6edfe6
commit 17bd6edfe6
parent cd7b75af4a
5 changed files with 10 additions and 19 deletions
--- a/Include/Library/OcCryptoLib.h
+++ b/Include/Library/OcCryptoLib.h
@ -108,8 +108,7 @@ BOOLEAN
 RsaVerify (
  RSA_PUBLIC_KEY  *Key,
  UINT8           *Signature,
-  UINT8           *Sha256,
-  UINT32          *Workbuf32
+  UINT8           *Sha256
  );

 VOID
--- a/Library/OcAppleChunklistLib/OcAppleChunklistLib.c
+++ b/Library/OcAppleChunklistLib/OcAppleChunklistLib.c
@ -98,16 +98,13 @@ OcAppleChunklistVerifySignature (
 {
  BOOLEAN Result;

-  UINT32  WorkBuf32[RSANUMWORDS * 3];
-
  ASSERT (Context != NULL);
  ASSERT (Context->Signature != NULL);

  Result = RsaVerify (
             PublicKey,
             Context->Signature->Signature,
-             Context->Hash,
-             WorkBuf32
+             Context->Hash
             );
  DEBUG_CODE (
    if (Result) {
--- a/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
+++ b/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
@ -615,7 +615,6 @@ VerifyApplePeImageSignature (
  IN OUT APPLE_PE_COFF_LOADER_IMAGE_CONTEXT  *Context OPTIONAL
  )
 {
-  UINT32                   WorkBuf32[RSANUMWORDS * 3];
  UINTN                    Index                       = 0;
  APPLE_SIGNATURE_CONTEXT  *SignatureContext           = NULL;
  RSA_PUBLIC_KEY           *Pk                         = NULL;
@ -695,7 +694,7 @@ VerifyApplePeImageSignature (
  //
  // Verify signature
  //
-  if (RsaVerify (Pk, SignatureContext->Signature, Context->PeImageHash, WorkBuf32) == 1 ) {
+  if (RsaVerify (Pk, SignatureContext->Signature, Context->PeImageHash) == 1 ) {
    DEBUG ((DEBUG_INFO, "Signature verified!\n"));
    FreePool (SignatureContext);
    FreePool (Context);
--- a/Library/OcCryptoLib/Rsa2048Sha256.c
+++ b/Library/OcCryptoLib/Rsa2048Sha256.c
@ -183,15 +183,12 @@ MontMul (

  @param Key        Key to use in signing
  @param InOut      Input and output big-endian byte array
-  @param Workbuf32  Work buffer; caller must verify this is
-                    3 x RSANUMWORDS elements long.
 **/
 STATIC
 VOID
 ModPow (
  RSA_PUBLIC_KEY  *Key,
-  UINT8           *InOut,
-  UINT32          *Workbuf32
+  UINT8           *InOut
  )
 {
  UINT32 *A     = NULL;
@ -201,6 +198,8 @@ ModPow (
  INT32  Index  = 0;
  UINT32 Tmp    = 0;

+  UINT32 Workbuf32[RSANUMWORDS * 3];
+
  A = Workbuf32;
  Ar = A + RSANUMWORDS;
  Aar = Ar + RSANUMWORDS;
@ -290,16 +289,14 @@ CheckPadding (
  @param Key         RSA public key
  @param Signature   RSA signature
  @param Sha256      SHA-256 digest of the content to verify
-  @param Workbuf32   Work buffer; caller must verify this is
-                     3 x RSANUMWORDS elements long.
+
  @return FALSE on failure, TRUE on success.
 **/
 BOOLEAN
 RsaVerify (
  RSA_PUBLIC_KEY  *Key,
  UINT8           *Signature,
-  UINT8           *Sha256,
-  UINT32          *Workbuf32
+  UINT8           *Sha256
  )
 {
  UINT8 Buf[RSANUMBYTES];
@ -312,7 +309,7 @@ RsaVerify (
  //
  // In-place exponentiation
  //
-  ModPow (Key, Buf, Workbuf32);
+  ModPow (Key, Buf);

  //
  // Check the PKCS#1 padding
--- a/Tools/AppleEfiSignTool/AppleEfiBinary.c
+++ b/Tools/AppleEfiSignTool/AppleEfiBinary.c
@ -428,7 +428,6 @@ VerifyApplePeImageSignature (
  uint8_t                            SigBe[256];
  uint8_t                            CalcucatedHash[32];
  uint8_t                            PkHash[32];
-  uint32_t                           WorkBuf32[RSANUMWORDS*3];
  RSA_PUBLIC_KEY                     *Pk                      = NULL;
  APPLE_PE_COFF_LOADER_IMAGE_CONTEXT *Context                 = NULL;

@ -492,7 +491,7 @@ VerifyApplePeImageSignature (
  //
  // Verify signature
  //
-  if (RsaVerify (Pk, SigBe, CalcucatedHash, WorkBuf32) == 1 ) {
+  if (RsaVerify (Pk, SigBe, CalcucatedHash) == 1 ) {
    puts ("Signature verified!\n");
    return 0;
  }