Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * RSA key extract helper
4 *
5 * Copyright (c) 2015, Intel Corporation
6 * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
7 */
8#include <linux/kernel.h>
9#include <linux/export.h>
10#include <linux/err.h>
11#include <linux/fips.h>
12#include <crypto/internal/rsa.h>
13#include "rsapubkey.asn1.h"
14#include "rsaprivkey.asn1.h"
15
16int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
17 const void *value, size_t vlen)
18{
19 struct rsa_key *key = context;
20 const u8 *ptr = value;
21 size_t n_sz = vlen;
22
23 /* invalid key provided */
24 if (!value || !vlen)
25 return -EINVAL;
26
27 if (fips_enabled) {
28 while (n_sz && !*ptr) {
29 ptr++;
30 n_sz--;
31 }
32
33 /* In FIPS mode only allow key size 2K and higher */
34 if (n_sz < 256) {
35 pr_err("RSA: key size not allowed in FIPS mode\n");
36 return -EINVAL;
37 }
38 }
39
40 key->n = value;
41 key->n_sz = vlen;
42
43 return 0;
44}
45
46int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
47 const void *value, size_t vlen)
48{
49 struct rsa_key *key = context;
50
51 /* invalid key provided */
52 if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
53 return -EINVAL;
54
55 key->e = value;
56 key->e_sz = vlen;
57
58 return 0;
59}
60
61int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
62 const void *value, size_t vlen)
63{
64 struct rsa_key *key = context;
65
66 /* invalid key provided */
67 if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
68 return -EINVAL;
69
70 key->d = value;
71 key->d_sz = vlen;
72
73 return 0;
74}
75
76int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
77 const void *value, size_t vlen)
78{
79 struct rsa_key *key = context;
80
81 /* invalid key provided */
82 if (!value || !vlen || vlen > key->n_sz)
83 return -EINVAL;
84
85 key->p = value;
86 key->p_sz = vlen;
87
88 return 0;
89}
90
91int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
92 const void *value, size_t vlen)
93{
94 struct rsa_key *key = context;
95
96 /* invalid key provided */
97 if (!value || !vlen || vlen > key->n_sz)
98 return -EINVAL;
99
100 key->q = value;
101 key->q_sz = vlen;
102
103 return 0;
104}
105
106int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
107 const void *value, size_t vlen)
108{
109 struct rsa_key *key = context;
110
111 /* invalid key provided */
112 if (!value || !vlen || vlen > key->n_sz)
113 return -EINVAL;
114
115 key->dp = value;
116 key->dp_sz = vlen;
117
118 return 0;
119}
120
121int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
122 const void *value, size_t vlen)
123{
124 struct rsa_key *key = context;
125
126 /* invalid key provided */
127 if (!value || !vlen || vlen > key->n_sz)
128 return -EINVAL;
129
130 key->dq = value;
131 key->dq_sz = vlen;
132
133 return 0;
134}
135
136int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
137 const void *value, size_t vlen)
138{
139 struct rsa_key *key = context;
140
141 /* invalid key provided */
142 if (!value || !vlen || vlen > key->n_sz)
143 return -EINVAL;
144
145 key->qinv = value;
146 key->qinv_sz = vlen;
147
148 return 0;
149}
150
151/**
152 * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
153 * provided struct rsa_key, pointers to the raw key as is,
154 * so that the caller can copy it or MPI parse it, etc.
155 *
156 * @rsa_key: struct rsa_key key representation
157 * @key: key in BER format
158 * @key_len: length of key
159 *
160 * Return: 0 on success or error code in case of error
161 */
162int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
163 unsigned int key_len)
164{
165 return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
166}
167EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
168
169/**
170 * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
171 * provided struct rsa_key, pointers to the raw key
172 * as is, so that the caller can copy it or MPI parse it,
173 * etc.
174 *
175 * @rsa_key: struct rsa_key key representation
176 * @key: key in BER format
177 * @key_len: length of key
178 *
179 * Return: 0 on success or error code in case of error
180 */
181int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
182 unsigned int key_len)
183{
184 return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
185}
186EXPORT_SYMBOL_GPL(rsa_parse_priv_key);
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * RSA key extract helper
4 *
5 * Copyright (c) 2015, Intel Corporation
6 * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
7 */
8#include <linux/kernel.h>
9#include <linux/export.h>
10#include <linux/err.h>
11#include <linux/fips.h>
12#include <crypto/internal/rsa.h>
13#include "rsapubkey.asn1.h"
14#include "rsaprivkey.asn1.h"
15
16int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
17 const void *value, size_t vlen)
18{
19 struct rsa_key *key = context;
20 const u8 *ptr = value;
21 size_t n_sz = vlen;
22
23 /* invalid key provided */
24 if (!value || !vlen)
25 return -EINVAL;
26
27 if (fips_enabled) {
28 while (n_sz && !*ptr) {
29 ptr++;
30 n_sz--;
31 }
32
33 /* In FIPS mode only allow key size 2K and higher */
34 if (n_sz < 256) {
35 pr_err("RSA: key size not allowed in FIPS mode\n");
36 return -EINVAL;
37 }
38 }
39
40 key->n = value;
41 key->n_sz = vlen;
42
43 return 0;
44}
45
46int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
47 const void *value, size_t vlen)
48{
49 struct rsa_key *key = context;
50
51 /* invalid key provided */
52 if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
53 return -EINVAL;
54
55 key->e = value;
56 key->e_sz = vlen;
57
58 return 0;
59}
60
61int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
62 const void *value, size_t vlen)
63{
64 struct rsa_key *key = context;
65
66 /* invalid key provided */
67 if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
68 return -EINVAL;
69
70 key->d = value;
71 key->d_sz = vlen;
72
73 return 0;
74}
75
76int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
77 const void *value, size_t vlen)
78{
79 struct rsa_key *key = context;
80
81 /* invalid key provided */
82 if (!value || !vlen || vlen > key->n_sz)
83 return -EINVAL;
84
85 key->p = value;
86 key->p_sz = vlen;
87
88 return 0;
89}
90
91int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
92 const void *value, size_t vlen)
93{
94 struct rsa_key *key = context;
95
96 /* invalid key provided */
97 if (!value || !vlen || vlen > key->n_sz)
98 return -EINVAL;
99
100 key->q = value;
101 key->q_sz = vlen;
102
103 return 0;
104}
105
106int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
107 const void *value, size_t vlen)
108{
109 struct rsa_key *key = context;
110
111 /* invalid key provided */
112 if (!value || !vlen || vlen > key->n_sz)
113 return -EINVAL;
114
115 key->dp = value;
116 key->dp_sz = vlen;
117
118 return 0;
119}
120
121int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
122 const void *value, size_t vlen)
123{
124 struct rsa_key *key = context;
125
126 /* invalid key provided */
127 if (!value || !vlen || vlen > key->n_sz)
128 return -EINVAL;
129
130 key->dq = value;
131 key->dq_sz = vlen;
132
133 return 0;
134}
135
136int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
137 const void *value, size_t vlen)
138{
139 struct rsa_key *key = context;
140
141 /* invalid key provided */
142 if (!value || !vlen || vlen > key->n_sz)
143 return -EINVAL;
144
145 key->qinv = value;
146 key->qinv_sz = vlen;
147
148 return 0;
149}
150
151/**
152 * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
153 * provided struct rsa_key, pointers to the raw key as is,
154 * so that the caller can copy it or MPI parse it, etc.
155 *
156 * @rsa_key: struct rsa_key key representation
157 * @key: key in BER format
158 * @key_len: length of key
159 *
160 * Return: 0 on success or error code in case of error
161 */
162int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
163 unsigned int key_len)
164{
165 return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
166}
167EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
168
169/**
170 * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
171 * provided struct rsa_key, pointers to the raw key
172 * as is, so that the caller can copy it or MPI parse it,
173 * etc.
174 *
175 * @rsa_key: struct rsa_key key representation
176 * @key: key in BER format
177 * @key_len: length of key
178 *
179 * Return: 0 on success or error code in case of error
180 */
181int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
182 unsigned int key_len)
183{
184 return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
185}
186EXPORT_SYMBOL_GPL(rsa_parse_priv_key);