the-tree/crypto/rsa_helper.c

0001 // SPDX-License-Identifier: GPL-2.0-or-later
0002 /*
0003  * RSA key extract helper
0004  *
0005  * Copyright (c) 2015, Intel Corporation
0006  * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
0007  */
0008 #include <linux/kernel.h>
0009 #include <linux/export.h>
0010 #include <linux/err.h>
0011 #include <linux/fips.h>
0012 #include <crypto/internal/rsa.h>
0013 #include "rsapubkey.asn1.h"
0014 #include "rsaprivkey.asn1.h"
0015
0016 int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
0017           const void *value, size_t vlen)
0018 {
0019     struct rsa_key *key = context;
0020     const u8 *ptr = value;
0021     size_t n_sz = vlen;
0022
0023     /* invalid key provided */
0024     if (!value || !vlen)
0025         return -EINVAL;
0026
0027     if (fips_enabled) {
0028         while (n_sz && !*ptr) {
0029             ptr++;
0030             n_sz--;
0031         }
0032
0033         /* In FIPS mode only allow key size 2K and higher */
0034         if (n_sz < 256) {
0035             pr_err("RSA: key size not allowed in FIPS mode\n");
0036             return -EINVAL;
0037         }
0038     }
0039
0040     key->n = value;
0041     key->n_sz = vlen;
0042
0043     return 0;
0044 }
0045
0046 int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
0047           const void *value, size_t vlen)
0048 {
0049     struct rsa_key *key = context;
0050
0051     /* invalid key provided */
0052     if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
0053         return -EINVAL;
0054
0055     key->e = value;
0056     key->e_sz = vlen;
0057
0058     return 0;
0059 }
0060
0061 int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
0062           const void *value, size_t vlen)
0063 {
0064     struct rsa_key *key = context;
0065
0066     /* invalid key provided */
0067     if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
0068         return -EINVAL;
0069
0070     key->d = value;
0071     key->d_sz = vlen;
0072
0073     return 0;
0074 }
0075
0076 int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
0077           const void *value, size_t vlen)
0078 {
0079     struct rsa_key *key = context;
0080
0081     /* invalid key provided */
0082     if (!value || !vlen || vlen > key->n_sz)
0083         return -EINVAL;
0084
0085     key->p = value;
0086     key->p_sz = vlen;
0087
0088     return 0;
0089 }
0090
0091 int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
0092           const void *value, size_t vlen)
0093 {
0094     struct rsa_key *key = context;
0095
0096     /* invalid key provided */
0097     if (!value || !vlen || vlen > key->n_sz)
0098         return -EINVAL;
0099
0100     key->q = value;
0101     key->q_sz = vlen;
0102
0103     return 0;
0104 }
0105
0106 int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
0107            const void *value, size_t vlen)
0108 {
0109     struct rsa_key *key = context;
0110
0111     /* invalid key provided */
0112     if (!value || !vlen || vlen > key->n_sz)
0113         return -EINVAL;
0114
0115     key->dp = value;
0116     key->dp_sz = vlen;
0117
0118     return 0;
0119 }
0120
0121 int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
0122            const void *value, size_t vlen)
0123 {
0124     struct rsa_key *key = context;
0125
0126     /* invalid key provided */
0127     if (!value || !vlen || vlen > key->n_sz)
0128         return -EINVAL;
0129
0130     key->dq = value;
0131     key->dq_sz = vlen;
0132
0133     return 0;
0134 }
0135
0136 int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
0137          const void *value, size_t vlen)
0138 {
0139     struct rsa_key *key = context;
0140
0141     /* invalid key provided */
0142     if (!value || !vlen || vlen > key->n_sz)
0143         return -EINVAL;
0144
0145     key->qinv = value;
0146     key->qinv_sz = vlen;
0147
0148     return 0;
0149 }
0150
0151 /**
0152  * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
0153  *                       provided struct rsa_key, pointers to the raw key as is,
0154  *                       so that the caller can copy it or MPI parse it, etc.
0155  *
0156  * @rsa_key:    struct rsa_key key representation
0157  * @key:    key in BER format
0158  * @key_len:    length of key
0159  *
0160  * Return:  0 on success or error code in case of error
0161  */
0162 int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
0163               unsigned int key_len)
0164 {
0165     return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
0166 }
0167 EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
0168
0169 /**
0170  * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
0171  *                        provided struct rsa_key, pointers to the raw key
0172  *                        as is, so that the caller can copy it or MPI parse it,
0173  *                        etc.
0174  *
0175  * @rsa_key:    struct rsa_key key representation
0176  * @key:    key in BER format
0177  * @key_len:    length of key
0178  *
0179  * Return:  0 on success or error code in case of error
0180  */
0181 int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
0182                unsigned int key_len)
0183 {
0184     return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
0185 }
0186 EXPORT_SYMBOL_GPL(rsa_parse_priv_key);