1 /* 2 * RSA key extract helper 3 * 4 * Copyright (c) 2015, Intel Corporation 5 * Authors: Tadeusz Struk <tadeusz.struk@intel.com> 6 * 7 * This program is free software; you can redistribute it and/or modify it 8 * under the terms of the GNU General Public License as published by the Free 9 * Software Foundation; either version 2 of the License, or (at your option) 10 * any later version. 11 * 12 */ 13 #include <linux/kernel.h> 14 #include <linux/export.h> 15 #include <linux/err.h> 16 #include <linux/fips.h> 17 #include <crypto/internal/rsa.h> 18 #include "rsapubkey.asn1.h" 19 #include "rsaprivkey.asn1.h" 20 21 int rsa_get_n(void *context, size_t hdrlen, unsigned char tag, 22 const void *value, size_t vlen) 23 { 24 struct rsa_key *key = context; 25 const u8 *ptr = value; 26 size_t n_sz = vlen; 27 28 /* invalid key provided */ 29 if (!value || !vlen) 30 return -EINVAL; 31 32 if (fips_enabled) { 33 while (n_sz && !*ptr) { 34 ptr++; 35 n_sz--; 36 } 37 38 /* In FIPS mode only allow key size 2K and higher */ 39 if (n_sz < 256) { 40 pr_err("RSA: key size not allowed in FIPS mode\n"); 41 return -EINVAL; 42 } 43 } 44 45 key->n = value; 46 key->n_sz = vlen; 47 48 return 0; 49 } 50 51 int rsa_get_e(void *context, size_t hdrlen, unsigned char tag, 52 const void *value, size_t vlen) 53 { 54 struct rsa_key *key = context; 55 56 /* invalid key provided */ 57 if (!value || !key->n_sz || !vlen || vlen > key->n_sz) 58 return -EINVAL; 59 60 key->e = value; 61 key->e_sz = vlen; 62 63 return 0; 64 } 65 66 int rsa_get_d(void *context, size_t hdrlen, unsigned char tag, 67 const void *value, size_t vlen) 68 { 69 struct rsa_key *key = context; 70 71 /* invalid key provided */ 72 if (!value || !key->n_sz || !vlen || vlen > key->n_sz) 73 return -EINVAL; 74 75 key->d = value; 76 key->d_sz = vlen; 77 78 return 0; 79 } 80 81 int rsa_get_p(void *context, size_t hdrlen, unsigned char tag, 82 const void *value, size_t vlen) 83 { 84 struct rsa_key *key = context; 85 86 /* invalid key provided */ 87 if (!value || !vlen || vlen > key->n_sz) 88 return -EINVAL; 89 90 key->p = value; 91 key->p_sz = vlen; 92 93 return 0; 94 } 95 96 int rsa_get_q(void *context, size_t hdrlen, unsigned char tag, 97 const void *value, size_t vlen) 98 { 99 struct rsa_key *key = context; 100 101 /* invalid key provided */ 102 if (!value || !vlen || vlen > key->n_sz) 103 return -EINVAL; 104 105 key->q = value; 106 key->q_sz = vlen; 107 108 return 0; 109 } 110 111 int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag, 112 const void *value, size_t vlen) 113 { 114 struct rsa_key *key = context; 115 116 /* invalid key provided */ 117 if (!value || !vlen || vlen > key->n_sz) 118 return -EINVAL; 119 120 key->dp = value; 121 key->dp_sz = vlen; 122 123 return 0; 124 } 125 126 int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag, 127 const void *value, size_t vlen) 128 { 129 struct rsa_key *key = context; 130 131 /* invalid key provided */ 132 if (!value || !vlen || vlen > key->n_sz) 133 return -EINVAL; 134 135 key->dq = value; 136 key->dq_sz = vlen; 137 138 return 0; 139 } 140 141 int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag, 142 const void *value, size_t vlen) 143 { 144 struct rsa_key *key = context; 145 146 /* invalid key provided */ 147 if (!value || !vlen || vlen > key->n_sz) 148 return -EINVAL; 149 150 key->qinv = value; 151 key->qinv_sz = vlen; 152 153 return 0; 154 } 155 156 /** 157 * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the 158 * provided struct rsa_key, pointers to the raw key as is, 159 * so that the caller can copy it or MPI parse it, etc. 160 * 161 * @rsa_key: struct rsa_key key representation 162 * @key: key in BER format 163 * @key_len: length of key 164 * 165 * Return: 0 on success or error code in case of error 166 */ 167 int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key, 168 unsigned int key_len) 169 { 170 return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len); 171 } 172 EXPORT_SYMBOL_GPL(rsa_parse_pub_key); 173 174 /** 175 * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the 176 * provided struct rsa_key, pointers to the raw key 177 * as is, so that the caller can copy it or MPI parse it, 178 * etc. 179 * 180 * @rsa_key: struct rsa_key key representation 181 * @key: key in BER format 182 * @key_len: length of key 183 * 184 * Return: 0 on success or error code in case of error 185 */ 186 int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key, 187 unsigned int key_len) 188 { 189 return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len); 190 } 191 EXPORT_SYMBOL_GPL(rsa_parse_priv_key); 192