1*2874c5fdSThomas Gleixner // SPDX-License-Identifier: GPL-2.0-or-later
2cfc2bb32STadeusz Struk /*
3cfc2bb32STadeusz Struk * RSA key extract helper
4cfc2bb32STadeusz Struk *
5cfc2bb32STadeusz Struk * Copyright (c) 2015, Intel Corporation
6cfc2bb32STadeusz Struk * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
7cfc2bb32STadeusz Struk */
8cfc2bb32STadeusz Struk #include <linux/kernel.h>
9cfc2bb32STadeusz Struk #include <linux/export.h>
10cfc2bb32STadeusz Struk #include <linux/err.h>
11cfc2bb32STadeusz Struk #include <linux/fips.h>
12cfc2bb32STadeusz Struk #include <crypto/internal/rsa.h>
134fa8bc94SMasahiro Yamada #include "rsapubkey.asn1.h"
144fa8bc94SMasahiro Yamada #include "rsaprivkey.asn1.h"
15cfc2bb32STadeusz Struk
rsa_get_n(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)16cfc2bb32STadeusz Struk int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
17cfc2bb32STadeusz Struk const void *value, size_t vlen)
18cfc2bb32STadeusz Struk {
19cfc2bb32STadeusz Struk struct rsa_key *key = context;
205a7de973STudor Ambarus const u8 *ptr = value;
215a7de973STudor Ambarus size_t n_sz = vlen;
22cfc2bb32STadeusz Struk
235a7de973STudor Ambarus /* invalid key provided */
245a7de973STudor Ambarus if (!value || !vlen)
255a7de973STudor Ambarus return -EINVAL;
26cfc2bb32STadeusz Struk
275a7de973STudor Ambarus if (fips_enabled) {
28d2890c37SEric Biggers while (n_sz && !*ptr) {
295a7de973STudor Ambarus ptr++;
305a7de973STudor Ambarus n_sz--;
315a7de973STudor Ambarus }
32cfc2bb32STadeusz Struk
33e09287dfSStephan Mueller /* In FIPS mode only allow key size 2K and higher */
34e09287dfSStephan Mueller if (n_sz < 256) {
35cfc2bb32STadeusz Struk pr_err("RSA: key size not allowed in FIPS mode\n");
36cfc2bb32STadeusz Struk return -EINVAL;
37cfc2bb32STadeusz Struk }
385a7de973STudor Ambarus }
395a7de973STudor Ambarus
405a7de973STudor Ambarus key->n = value;
415a7de973STudor Ambarus key->n_sz = vlen;
425a7de973STudor Ambarus
43cfc2bb32STadeusz Struk return 0;
44cfc2bb32STadeusz Struk }
45cfc2bb32STadeusz Struk
rsa_get_e(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)46cfc2bb32STadeusz Struk int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
47cfc2bb32STadeusz Struk const void *value, size_t vlen)
48cfc2bb32STadeusz Struk {
49cfc2bb32STadeusz Struk struct rsa_key *key = context;
50cfc2bb32STadeusz Struk
515a7de973STudor Ambarus /* invalid key provided */
525a7de973STudor Ambarus if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
535a7de973STudor Ambarus return -EINVAL;
54cfc2bb32STadeusz Struk
555a7de973STudor Ambarus key->e = value;
565a7de973STudor Ambarus key->e_sz = vlen;
57cfc2bb32STadeusz Struk
58cfc2bb32STadeusz Struk return 0;
59cfc2bb32STadeusz Struk }
60cfc2bb32STadeusz Struk
rsa_get_d(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)61cfc2bb32STadeusz Struk int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
62cfc2bb32STadeusz Struk const void *value, size_t vlen)
63cfc2bb32STadeusz Struk {
64cfc2bb32STadeusz Struk struct rsa_key *key = context;
65cfc2bb32STadeusz Struk
665a7de973STudor Ambarus /* invalid key provided */
675a7de973STudor Ambarus if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
68cfc2bb32STadeusz Struk return -EINVAL;
695a7de973STudor Ambarus
705a7de973STudor Ambarus key->d = value;
715a7de973STudor Ambarus key->d_sz = vlen;
725a7de973STudor Ambarus
73cfc2bb32STadeusz Struk return 0;
74cfc2bb32STadeusz Struk }
75cfc2bb32STadeusz Struk
rsa_get_p(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)768be0b84eSSalvatore Benedetto int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
778be0b84eSSalvatore Benedetto const void *value, size_t vlen)
788be0b84eSSalvatore Benedetto {
798be0b84eSSalvatore Benedetto struct rsa_key *key = context;
808be0b84eSSalvatore Benedetto
818be0b84eSSalvatore Benedetto /* invalid key provided */
828be0b84eSSalvatore Benedetto if (!value || !vlen || vlen > key->n_sz)
838be0b84eSSalvatore Benedetto return -EINVAL;
848be0b84eSSalvatore Benedetto
858be0b84eSSalvatore Benedetto key->p = value;
868be0b84eSSalvatore Benedetto key->p_sz = vlen;
878be0b84eSSalvatore Benedetto
888be0b84eSSalvatore Benedetto return 0;
898be0b84eSSalvatore Benedetto }
908be0b84eSSalvatore Benedetto
rsa_get_q(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)918be0b84eSSalvatore Benedetto int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
928be0b84eSSalvatore Benedetto const void *value, size_t vlen)
938be0b84eSSalvatore Benedetto {
948be0b84eSSalvatore Benedetto struct rsa_key *key = context;
958be0b84eSSalvatore Benedetto
968be0b84eSSalvatore Benedetto /* invalid key provided */
978be0b84eSSalvatore Benedetto if (!value || !vlen || vlen > key->n_sz)
988be0b84eSSalvatore Benedetto return -EINVAL;
998be0b84eSSalvatore Benedetto
1008be0b84eSSalvatore Benedetto key->q = value;
1018be0b84eSSalvatore Benedetto key->q_sz = vlen;
1028be0b84eSSalvatore Benedetto
1038be0b84eSSalvatore Benedetto return 0;
1048be0b84eSSalvatore Benedetto }
1058be0b84eSSalvatore Benedetto
rsa_get_dp(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)1068be0b84eSSalvatore Benedetto int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
1078be0b84eSSalvatore Benedetto const void *value, size_t vlen)
1088be0b84eSSalvatore Benedetto {
1098be0b84eSSalvatore Benedetto struct rsa_key *key = context;
1108be0b84eSSalvatore Benedetto
1118be0b84eSSalvatore Benedetto /* invalid key provided */
1128be0b84eSSalvatore Benedetto if (!value || !vlen || vlen > key->n_sz)
1138be0b84eSSalvatore Benedetto return -EINVAL;
1148be0b84eSSalvatore Benedetto
1158be0b84eSSalvatore Benedetto key->dp = value;
1168be0b84eSSalvatore Benedetto key->dp_sz = vlen;
1178be0b84eSSalvatore Benedetto
1188be0b84eSSalvatore Benedetto return 0;
1198be0b84eSSalvatore Benedetto }
1208be0b84eSSalvatore Benedetto
rsa_get_dq(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)1218be0b84eSSalvatore Benedetto int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
1228be0b84eSSalvatore Benedetto const void *value, size_t vlen)
1238be0b84eSSalvatore Benedetto {
1248be0b84eSSalvatore Benedetto struct rsa_key *key = context;
1258be0b84eSSalvatore Benedetto
1268be0b84eSSalvatore Benedetto /* invalid key provided */
1278be0b84eSSalvatore Benedetto if (!value || !vlen || vlen > key->n_sz)
1288be0b84eSSalvatore Benedetto return -EINVAL;
1298be0b84eSSalvatore Benedetto
1308be0b84eSSalvatore Benedetto key->dq = value;
1318be0b84eSSalvatore Benedetto key->dq_sz = vlen;
1328be0b84eSSalvatore Benedetto
1338be0b84eSSalvatore Benedetto return 0;
1348be0b84eSSalvatore Benedetto }
1358be0b84eSSalvatore Benedetto
rsa_get_qinv(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)1368be0b84eSSalvatore Benedetto int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
1378be0b84eSSalvatore Benedetto const void *value, size_t vlen)
1388be0b84eSSalvatore Benedetto {
1398be0b84eSSalvatore Benedetto struct rsa_key *key = context;
1408be0b84eSSalvatore Benedetto
1418be0b84eSSalvatore Benedetto /* invalid key provided */
1428be0b84eSSalvatore Benedetto if (!value || !vlen || vlen > key->n_sz)
1438be0b84eSSalvatore Benedetto return -EINVAL;
1448be0b84eSSalvatore Benedetto
1458be0b84eSSalvatore Benedetto key->qinv = value;
1468be0b84eSSalvatore Benedetto key->qinv_sz = vlen;
1478be0b84eSSalvatore Benedetto
1488be0b84eSSalvatore Benedetto return 0;
1498be0b84eSSalvatore Benedetto }
1508be0b84eSSalvatore Benedetto
151cfc2bb32STadeusz Struk /**
1525a7de973STudor Ambarus * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
1535a7de973STudor Ambarus * provided struct rsa_key, pointers to the raw key as is,
1545a7de973STudor Ambarus * so that the caller can copy it or MPI parse it, etc.
155cfc2bb32STadeusz Struk *
156cfc2bb32STadeusz Struk * @rsa_key: struct rsa_key key representation
157cfc2bb32STadeusz Struk * @key: key in BER format
158cfc2bb32STadeusz Struk * @key_len: length of key
159cfc2bb32STadeusz Struk *
160cfc2bb32STadeusz Struk * Return: 0 on success or error code in case of error
161cfc2bb32STadeusz Struk */
rsa_parse_pub_key(struct rsa_key * rsa_key,const void * key,unsigned int key_len)16222287b0bSTadeusz Struk int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
163cfc2bb32STadeusz Struk unsigned int key_len)
164cfc2bb32STadeusz Struk {
1655a7de973STudor Ambarus return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
166cfc2bb32STadeusz Struk }
16722287b0bSTadeusz Struk EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
16822287b0bSTadeusz Struk
16922287b0bSTadeusz Struk /**
1705a7de973STudor Ambarus * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
1715a7de973STudor Ambarus * provided struct rsa_key, pointers to the raw key
1725a7de973STudor Ambarus * as is, so that the caller can copy it or MPI parse it,
1735a7de973STudor Ambarus * etc.
17422287b0bSTadeusz Struk *
17522287b0bSTadeusz Struk * @rsa_key: struct rsa_key key representation
17622287b0bSTadeusz Struk * @key: key in BER format
17722287b0bSTadeusz Struk * @key_len: length of key
17822287b0bSTadeusz Struk *
17922287b0bSTadeusz Struk * Return: 0 on success or error code in case of error
18022287b0bSTadeusz Struk */
rsa_parse_priv_key(struct rsa_key * rsa_key,const void * key,unsigned int key_len)18122287b0bSTadeusz Struk int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
18222287b0bSTadeusz Struk unsigned int key_len)
18322287b0bSTadeusz Struk {
1845a7de973STudor Ambarus return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
18522287b0bSTadeusz Struk }
18622287b0bSTadeusz Struk EXPORT_SYMBOL_GPL(rsa_parse_priv_key);
187