crypto/rsa_helper.c

   1 // SPDX-License-Identifier: GPL-2.0-or-later
   2 /*
   3  * RSA key extract helper
   4  *
   5  * Copyright (c) 2015, Intel Corporation
   6  * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
   7  */
   8 #include <linux/kernel.h>
   9 #include <linux/export.h>
  10 #include <linux/err.h>
  11 #include <linux/fips.h>
  12 #include <crypto/internal/rsa.h>
  13 #include "rsapubkey.asn1.h"
  14 #include "rsaprivkey.asn1.h"
  15
  16 int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
  17               const void *value, size_t vlen)
  18 {
  19         struct rsa_key *key = context;
  20         const u8 *ptr = value;
  21         size_t n_sz = vlen;
  22
  23         /* invalid key provided */
  24         if (!value || !vlen)
  25                 return -EINVAL;
  26
  27         if (fips_enabled) {
  28                 while (n_sz && !*ptr) {
  29                         ptr++;
  30                         n_sz--;
  31                 }
  32
  33                 /* In FIPS mode only allow key size 2K and higher */
  34                 if (n_sz < 256) {
  35                         pr_err("RSA: key size not allowed in FIPS mode\n");
  36                         return -EINVAL;
  37                 }
  38         }
  39
  40         key->n = value;
  41         key->n_sz = vlen;
  42
  43         return 0;
  44 }
  45
  46 int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
  47               const void *value, size_t vlen)
  48 {
  49         struct rsa_key *key = context;
  50
  51         /* invalid key provided */
  52         if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
  53                 return -EINVAL;
  54
  55         key->e = value;
  56         key->e_sz = vlen;
  57
  58         return 0;
  59 }
  60
  61 int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
  62               const void *value, size_t vlen)
  63 {
  64         struct rsa_key *key = context;
  65
  66         /* invalid key provided */
  67         if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
  68                 return -EINVAL;
  69
  70         key->d = value;
  71         key->d_sz = vlen;
  72
  73         return 0;
  74 }
  75
  76 int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
  77               const void *value, size_t vlen)
  78 {
  79         struct rsa_key *key = context;
  80
  81         /* invalid key provided */
  82         if (!value || !vlen || vlen > key->n_sz)
  83                 return -EINVAL;
  84
  85         key->p = value;
  86         key->p_sz = vlen;
  87
  88         return 0;
  89 }
  90
  91 int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
  92               const void *value, size_t vlen)
  93 {
  94         struct rsa_key *key = context;
  95
  96         /* invalid key provided */
  97         if (!value || !vlen || vlen > key->n_sz)
  98                 return -EINVAL;
  99
 100         key->q = value;
 101         key->q_sz = vlen;
 102
 103         return 0;
 104 }
 105
 106 int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
 107                const void *value, size_t vlen)
 108 {
 109         struct rsa_key *key = context;
 110
 111         /* invalid key provided */
 112         if (!value || !vlen || vlen > key->n_sz)
 113                 return -EINVAL;
 114
 115         key->dp = value;
 116         key->dp_sz = vlen;
 117
 118         return 0;
 119 }
 120
 121 int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
 122                const void *value, size_t vlen)
 123 {
 124         struct rsa_key *key = context;
 125
 126         /* invalid key provided */
 127         if (!value || !vlen || vlen > key->n_sz)
 128                 return -EINVAL;
 129
 130         key->dq = value;
 131         key->dq_sz = vlen;
 132
 133         return 0;
 134 }
 135
 136 int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
 137                  const void *value, size_t vlen)
 138 {
 139         struct rsa_key *key = context;
 140
 141         /* invalid key provided */
 142         if (!value || !vlen || vlen > key->n_sz)
 143                 return -EINVAL;
 144
 145         key->qinv = value;
 146         key->qinv_sz = vlen;
 147
 148         return 0;
 149 }
 150
 151 /**
 152  * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
 153  *                       provided struct rsa_key, pointers to the raw key as is,
 154  *                       so that the caller can copy it or MPI parse it, etc.
 155  *
 156  * @rsa_key:    struct rsa_key key representation
 157  * @key:        key in BER format
 158  * @key_len:    length of key
 159  *
 160  * Return:      0 on success or error code in case of error
 161  */
 162 int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
 163                       unsigned int key_len)
 164 {
 165         return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
 166 }
 167 EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
 168
 169 /**
 170  * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
 171  *                        provided struct rsa_key, pointers to the raw key
 172  *                        as is, so that the caller can copy it or MPI parse it,
 173  *                        etc.
 174  *
 175  * @rsa_key:    struct rsa_key key representation
 176  * @key:        key in BER format
 177  * @key_len:    length of key
 178  *
 179  * Return:      0 on success or error code in case of error
 180  */
 181 int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
 182                        unsigned int key_len)
 183 {
 184         return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
 185 }
 186 EXPORT_SYMBOL_GPL(rsa_parse_priv_key);