1// SPDX-License-Identifier: GPL-2.0-or-later
  2/*
  3 * RSA key extract helper
  4 *
  5 * Copyright (c) 2015, Intel Corporation
  6 * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
 
 
 
 
 
 
  7 */
  8#include <linux/kernel.h>
  9#include <linux/export.h>
 10#include <linux/err.h>
 11#include <linux/fips.h>
 12#include <crypto/internal/rsa.h>
 13#include "rsapubkey.asn1.h"
 14#include "rsaprivkey.asn1.h"
 15
 16int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
 17	      const void *value, size_t vlen)
 18{
 19	struct rsa_key *key = context;
 20	const u8 *ptr = value;
 21	size_t n_sz = vlen;
 22
 23	/* invalid key provided */
 24	if (!value || !vlen)
 25		return -EINVAL;
 26
 27	if (fips_enabled) {
 28		while (n_sz && !*ptr) {
 29			ptr++;
 30			n_sz--;
 31		}
 32
 33		/* In FIPS mode only allow key size 2K and higher */
 34		if (n_sz < 256) {
 35			pr_err("RSA: key size not allowed in FIPS mode\n");
 36			return -EINVAL;
 37		}
 38	}
 39
 40	key->n = value;
 41	key->n_sz = vlen;
 42
 43	return 0;
 44}
 45
 46int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
 47	      const void *value, size_t vlen)
 48{
 49	struct rsa_key *key = context;
 50
 51	/* invalid key provided */
 52	if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
 53		return -EINVAL;
 54
 55	key->e = value;
 56	key->e_sz = vlen;
 57
 58	return 0;
 59}
 60
 61int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
 62	      const void *value, size_t vlen)
 63{
 64	struct rsa_key *key = context;
 65
 66	/* invalid key provided */
 67	if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
 68		return -EINVAL;
 69
 70	key->d = value;
 71	key->d_sz = vlen;
 72
 73	return 0;
 74}
 75
 76int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
 77	      const void *value, size_t vlen)
 78{
 79	struct rsa_key *key = context;
 80
 81	/* invalid key provided */
 82	if (!value || !vlen || vlen > key->n_sz)
 83		return -EINVAL;
 84
 85	key->p = value;
 86	key->p_sz = vlen;
 87
 88	return 0;
 89}
 90
 91int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
 92	      const void *value, size_t vlen)
 93{
 94	struct rsa_key *key = context;
 95
 96	/* invalid key provided */
 97	if (!value || !vlen || vlen > key->n_sz)
 98		return -EINVAL;
 99
100	key->q = value;
101	key->q_sz = vlen;
102
103	return 0;
104}
105
106int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
107	       const void *value, size_t vlen)
108{
109	struct rsa_key *key = context;
110
111	/* invalid key provided */
112	if (!value || !vlen || vlen > key->n_sz)
113		return -EINVAL;
114
115	key->dp = value;
116	key->dp_sz = vlen;
117
118	return 0;
119}
120
121int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
122	       const void *value, size_t vlen)
123{
124	struct rsa_key *key = context;
125
126	/* invalid key provided */
127	if (!value || !vlen || vlen > key->n_sz)
128		return -EINVAL;
129
130	key->dq = value;
131	key->dq_sz = vlen;
132
133	return 0;
134}
135
136int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
137		 const void *value, size_t vlen)
138{
139	struct rsa_key *key = context;
140
141	/* invalid key provided */
142	if (!value || !vlen || vlen > key->n_sz)
143		return -EINVAL;
144
145	key->qinv = value;
146	key->qinv_sz = vlen;
147
148	return 0;
149}
150
151/**
152 * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
153 *                       provided struct rsa_key, pointers to the raw key as is,
154 *                       so that the caller can copy it or MPI parse it, etc.
155 *
156 * @rsa_key:	struct rsa_key key representation
157 * @key:	key in BER format
158 * @key_len:	length of key
159 *
160 * Return:	0 on success or error code in case of error
161 */
162int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
163		      unsigned int key_len)
164{
165	return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
166}
167EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
168
169/**
170 * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
171 *                        provided struct rsa_key, pointers to the raw key
172 *                        as is, so that the caller can copy it or MPI parse it,
173 *                        etc.
174 *
175 * @rsa_key:	struct rsa_key key representation
176 * @key:	key in BER format
177 * @key_len:	length of key
178 *
179 * Return:	0 on success or error code in case of error
180 */
181int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
182		       unsigned int key_len)
183{
184	return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
185}
186EXPORT_SYMBOL_GPL(rsa_parse_priv_key);

 
  1/*
  2 * RSA key extract helper
  3 *
  4 * Copyright (c) 2015, Intel Corporation
  5 * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
  6 *
  7 * This program is free software; you can redistribute it and/or modify it
  8 * under the terms of the GNU General Public License as published by the Free
  9 * Software Foundation; either version 2 of the License, or (at your option)
 10 * any later version.
 11 *
 12 */
 13#include <linux/kernel.h>
 14#include <linux/export.h>
 15#include <linux/err.h>
 16#include <linux/fips.h>
 17#include <crypto/internal/rsa.h>
 18#include "rsapubkey.asn1.h"
 19#include "rsaprivkey.asn1.h"
 20
 21int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
 22	      const void *value, size_t vlen)
 23{
 24	struct rsa_key *key = context;
 25	const u8 *ptr = value;
 26	size_t n_sz = vlen;
 27
 28	/* invalid key provided */
 29	if (!value || !vlen)
 30		return -EINVAL;
 31
 32	if (fips_enabled) {
 33		while (n_sz && !*ptr) {
 34			ptr++;
 35			n_sz--;
 36		}
 37
 38		/* In FIPS mode only allow key size 2K and higher */
 39		if (n_sz < 256) {
 40			pr_err("RSA: key size not allowed in FIPS mode\n");
 41			return -EINVAL;
 42		}
 43	}
 44
 45	key->n = value;
 46	key->n_sz = vlen;
 47
 48	return 0;
 49}
 50
 51int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
 52	      const void *value, size_t vlen)
 53{
 54	struct rsa_key *key = context;
 55
 56	/* invalid key provided */
 57	if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
 58		return -EINVAL;
 59
 60	key->e = value;
 61	key->e_sz = vlen;
 62
 63	return 0;
 64}
 65
 66int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
 67	      const void *value, size_t vlen)
 68{
 69	struct rsa_key *key = context;
 70
 71	/* invalid key provided */
 72	if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
 73		return -EINVAL;
 74
 75	key->d = value;
 76	key->d_sz = vlen;
 77
 78	return 0;
 79}
 80
 81int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
 82	      const void *value, size_t vlen)
 83{
 84	struct rsa_key *key = context;
 85
 86	/* invalid key provided */
 87	if (!value || !vlen || vlen > key->n_sz)
 88		return -EINVAL;
 89
 90	key->p = value;
 91	key->p_sz = vlen;
 92
 93	return 0;
 94}
 95
 96int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
 97	      const void *value, size_t vlen)
 98{
 99	struct rsa_key *key = context;
100
101	/* invalid key provided */
102	if (!value || !vlen || vlen > key->n_sz)
103		return -EINVAL;
104
105	key->q = value;
106	key->q_sz = vlen;
107
108	return 0;
109}
110
111int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
112	       const void *value, size_t vlen)
113{
114	struct rsa_key *key = context;
115
116	/* invalid key provided */
117	if (!value || !vlen || vlen > key->n_sz)
118		return -EINVAL;
119
120	key->dp = value;
121	key->dp_sz = vlen;
122
123	return 0;
124}
125
126int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
127	       const void *value, size_t vlen)
128{
129	struct rsa_key *key = context;
130
131	/* invalid key provided */
132	if (!value || !vlen || vlen > key->n_sz)
133		return -EINVAL;
134
135	key->dq = value;
136	key->dq_sz = vlen;
137
138	return 0;
139}
140
141int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
142		 const void *value, size_t vlen)
143{
144	struct rsa_key *key = context;
145
146	/* invalid key provided */
147	if (!value || !vlen || vlen > key->n_sz)
148		return -EINVAL;
149
150	key->qinv = value;
151	key->qinv_sz = vlen;
152
153	return 0;
154}
155
156/**
157 * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
158 *                       provided struct rsa_key, pointers to the raw key as is,
159 *                       so that the caller can copy it or MPI parse it, etc.
160 *
161 * @rsa_key:	struct rsa_key key representation
162 * @key:	key in BER format
163 * @key_len:	length of key
164 *
165 * Return:	0 on success or error code in case of error
166 */
167int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
168		      unsigned int key_len)
169{
170	return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
171}
172EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
173
174/**
175 * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
176 *                        provided struct rsa_key, pointers to the raw key
177 *                        as is, so that the caller can copy it or MPI parse it,
178 *                        etc.
179 *
180 * @rsa_key:	struct rsa_key key representation
181 * @key:	key in BER format
182 * @key_len:	length of key
183 *
184 * Return:	0 on success or error code in case of error
185 */
186int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
187		       unsigned int key_len)
188{
189	return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
190}
191EXPORT_SYMBOL_GPL(rsa_parse_priv_key);