[deliverable/linux.git] / crypto / rsa_helper.c

/*
 * RSA key extract helper
 *
 * Copyright (c) 2015, Intel Corporation
 * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the Free
 * Software Foundation; either version 2 of the License, or (at your option)
 * any later version.
 *
 */
#include <linux/kernel.h>
#include <linux/export.h>
#include <linux/err.h>
#include <linux/fips.h>
#include <crypto/internal/rsa.h>
#include "rsapubkey-asn1.h"
#include "rsaprivkey-asn1.h"

int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
	      const void *value, size_t vlen)
{
	struct rsa_key *key = context;
	const u8 *ptr = value;
	size_t n_sz = vlen;

	/* invalid key provided */
	if (!value || !vlen)
		return -EINVAL;

	if (fips_enabled) {
		while (!*ptr && n_sz) {
			ptr++;
			n_sz--;
		}

		/* In FIPS mode only allow key size 2K and higher */
		if (n_sz < 256) {
			pr_err("RSA: key size not allowed in FIPS mode\n");
			return -EINVAL;
		}
	}

	key->n = value;
	key->n_sz = vlen;

	return 0;
}

int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
	      const void *value, size_t vlen)
{
	struct rsa_key *key = context;

	/* invalid key provided */
	if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
		return -EINVAL;

	key->e = value;
	key->e_sz = vlen;

	return 0;
}

int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
	      const void *value, size_t vlen)
{
	struct rsa_key *key = context;

	/* invalid key provided */
	if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
		return -EINVAL;

	key->d = value;
	key->d_sz = vlen;

	return 0;
}

int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
	      const void *value, size_t vlen)
{
	struct rsa_key *key = context;

	/* invalid key provided */
	if (!value || !vlen || vlen > key->n_sz)
		return -EINVAL;

	key->p = value;
	key->p_sz = vlen;

	return 0;
}

int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
	      const void *value, size_t vlen)
{
	struct rsa_key *key = context;

	/* invalid key provided */
	if (!value || !vlen || vlen > key->n_sz)
		return -EINVAL;

	key->q = value;
	key->q_sz = vlen;

	return 0;
}

int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
	       const void *value, size_t vlen)
{
	struct rsa_key *key = context;

	/* invalid key provided */
	if (!value || !vlen || vlen > key->n_sz)
		return -EINVAL;

	key->dp = value;
	key->dp_sz = vlen;

	return 0;
}

int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
	       const void *value, size_t vlen)
{
	struct rsa_key *key = context;

	/* invalid key provided */
	if (!value || !vlen || vlen > key->n_sz)
		return -EINVAL;

	key->dq = value;
	key->dq_sz = vlen;

	return 0;
}

int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
		 const void *value, size_t vlen)
{
	struct rsa_key *key = context;

	/* invalid key provided */
	if (!value || !vlen || vlen > key->n_sz)
		return -EINVAL;

	key->qinv = value;
	key->qinv_sz = vlen;

	return 0;
}

/**
 * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
 *                       provided struct rsa_key, pointers to the raw key as is,
 *                       so that the caller can copy it or MPI parse it, etc.
 *
 * @rsa_key:	struct rsa_key key representation
 * @key:	key in BER format
 * @key_len:	length of key
 *
 * Return:	0 on success or error code in case of error
 */
int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
		      unsigned int key_len)
{
	return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
}
EXPORT_SYMBOL_GPL(rsa_parse_pub_key);

/**
 * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
 *                        provided struct rsa_key, pointers to the raw key
 *                        as is, so that the caller can copy it or MPI parse it,
 *                        etc.
 *
 * @rsa_key:	struct rsa_key key representation
 * @key:	key in BER format
 * @key_len:	length of key
 *
 * Return:	0 on success or error code in case of error
 */
int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
		       unsigned int key_len)
{
	return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
}
EXPORT_SYMBOL_GPL(rsa_parse_priv_key);
Commit	Line	Data
cfc2bb32 TS	1	/*
	2	* RSA key extract helper
	3	*
	4	* Copyright (c) 2015, Intel Corporation
	5	* Authors: Tadeusz Struk <tadeusz.struk@intel.com>
	6	*
	7	* This program is free software; you can redistribute it and/or modify it
	8	* under the terms of the GNU General Public License as published by the Free
	9	* Software Foundation; either version 2 of the License, or (at your option)
	10	* any later version.
	11	*
	12	*/
	13	#include <linux/kernel.h>
	14	#include <linux/export.h>
	15	#include <linux/err.h>
	16	#include <linux/fips.h>
	17	#include <crypto/internal/rsa.h>
22287b0b TS	18	#include "rsapubkey-asn1.h"
22287b0b TS	19	#include "rsaprivkey-asn1.h"
cfc2bb32 TS	20
	21	int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
	22	const void *value, size_t vlen)
	23	{
	24	struct rsa_key *key = context;
5a7de973 TA	25	const u8 *ptr = value;
5a7de973 TA	26	size_t n_sz = vlen;
cfc2bb32	27
5a7de973 TA	28	/* invalid key provided */
5a7de973 TA	29	if (!value \|\| !vlen)
cfc2bb32	30	return -EINVAL;
5a7de973 TA	31
	32	if (fips_enabled) {
	33	while (!*ptr && n_sz) {
	34	ptr++;
	35	n_sz--;
	36	}
	37
e09287df SM	38	/* In FIPS mode only allow key size 2K and higher */
e09287df SM	39	if (n_sz < 256) {
5a7de973 TA	40	pr_err("RSA: key size not allowed in FIPS mode\n");
	41	return -EINVAL;
	42	}
cfc2bb32	43	}
5a7de973 TA	44
	45	key->n = value;
	46	key->n_sz = vlen;
	47
cfc2bb32 TS	48	return 0;
	49	}
	50
	51	int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
	52	const void *value, size_t vlen)
	53	{
	54	struct rsa_key *key = context;
	55
5a7de973 TA	56	/* invalid key provided */
	57	if (!value \|\| !key->n_sz \|\| !vlen \|\| vlen > key->n_sz)
	58	return -EINVAL;
cfc2bb32	59
5a7de973 TA	60	key->e = value;
5a7de973 TA	61	key->e_sz = vlen;
cfc2bb32 TS	62
	63	return 0;
	64	}
	65
	66	int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
	67	const void *value, size_t vlen)
	68	{
	69	struct rsa_key *key = context;
	70
5a7de973 TA	71	/* invalid key provided */
5a7de973 TA	72	if (!value \|\| !key->n_sz \|\| !vlen \|\| vlen > key->n_sz)
cfc2bb32	73	return -EINVAL;
cfc2bb32	74
5a7de973 TA	75	key->d = value;
5a7de973 TA	76	key->d_sz = vlen;
cfc2bb32	77
5a7de973	78	return 0;
cfc2bb32	79	}
cfc2bb32	80
8be0b84e SB	81	int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
	82	const void *value, size_t vlen)
	83	{
	84	struct rsa_key *key = context;
	85
	86	/* invalid key provided */
	87	if (!value \|\| !vlen \|\| vlen > key->n_sz)
	88	return -EINVAL;
	89
	90	key->p = value;
	91	key->p_sz = vlen;
	92
	93	return 0;
	94	}
	95
	96	int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
	97	const void *value, size_t vlen)
	98	{
	99	struct rsa_key *key = context;
	100
	101	/* invalid key provided */
	102	if (!value \|\| !vlen \|\| vlen > key->n_sz)
	103	return -EINVAL;
	104
	105	key->q = value;
	106	key->q_sz = vlen;
	107
	108	return 0;
	109	}
	110
	111	int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
	112	const void *value, size_t vlen)
	113	{
	114	struct rsa_key *key = context;
	115
	116	/* invalid key provided */
	117	if (!value \|\| !vlen \|\| vlen > key->n_sz)
	118	return -EINVAL;
	119
	120	key->dp = value;
	121	key->dp_sz = vlen;
	122
	123	return 0;
	124	}
	125
	126	int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
	127	const void *value, size_t vlen)
	128	{
	129	struct rsa_key *key = context;
	130
	131	/* invalid key provided */
	132	if (!value \|\| !vlen \|\| vlen > key->n_sz)
	133	return -EINVAL;
	134
	135	key->dq = value;
	136	key->dq_sz = vlen;
	137
	138	return 0;
	139	}
	140
	141	int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
	142	const void *value, size_t vlen)
	143	{
	144	struct rsa_key *key = context;
145
146	/* invalid key provided */
147	if (!value \|\| !vlen \|\| vlen > key->n_sz)
148	return -EINVAL;
149
150	key->qinv = value;
151	key->qinv_sz = vlen;
152
153	return 0;
154	}
155
cfc2bb32	156	/**
5a7de973 TA	157	* rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
	158	* provided struct rsa_key, pointers to the raw key as is,
	159	* so that the caller can copy it or MPI parse it, etc.
cfc2bb32 TS	160	*
	161	* @rsa_key: struct rsa_key key representation
	162	* @key: key in BER format
	163	* @key_len: length of key
	164	*
	165	* Return: 0 on success or error code in case of error
	166	*/
22287b0b TS	167	int rsa_parse_pub_key(struct rsa_key rsa_key, const void key,
22287b0b TS	168	unsigned int key_len)
cfc2bb32	169	{
5a7de973	170	return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
cfc2bb32	171	}
22287b0b TS	172	EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
	173
	174	/**
5a7de973 TA	175	* rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
	176	* provided struct rsa_key, pointers to the raw key
	177	* as is, so that the caller can copy it or MPI parse it,
	178	* etc.
22287b0b TS	179	*
	180	* @rsa_key: struct rsa_key key representation
	181	* @key: key in BER format
	182	* @key_len: length of key
	183	*
	184	* Return: 0 on success or error code in case of error
	185	*/
	186	int rsa_parse_priv_key(struct rsa_key rsa_key, const void key,
	187	unsigned int key_len)
	188	{
5a7de973	189	return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
22287b0b TS	190	}
22287b0b TS	191	EXPORT_SYMBOL_GPL(rsa_parse_priv_key);