From patchwork Fri Mar 18 18:31:59 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tudor Ambarus X-Patchwork-Id: 8623091 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: X-Original-To: patchwork-linux-crypto@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 874BE9F3D1 for ; Fri, 18 Mar 2016 18:32:23 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 6C2572026C for ; Fri, 18 Mar 2016 18:32:22 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 44735201FE for ; Fri, 18 Mar 2016 18:32:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752514AbcCRScU (ORCPT ); Fri, 18 Mar 2016 14:32:20 -0400 Received: from mail-bl2on0091.outbound.protection.outlook.com ([65.55.169.91]:2880 "EHLO na01-bl2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752183AbcCRScT (ORCPT ); Fri, 18 Mar 2016 14:32:19 -0400 Received: from BY2PR03CA005.namprd03.prod.outlook.com (10.255.93.22) by BLUPR0301MB1588.namprd03.prod.outlook.com (10.162.214.22) with Microsoft SMTP Server (TLS) id 15.1.447.10; Fri, 18 Mar 2016 18:32:16 +0000 Received: from BY2FFO11OLC003.protection.gbl (10.255.93.4) by BY2PR03CA005.outlook.office365.com (10.255.93.22) with Microsoft SMTP Server (TLS) id 15.1.434.16 via Frontend Transport; Fri, 18 Mar 2016 18:32:16 +0000 Authentication-Results: spf=fail (sender IP is 192.88.158.2) smtp.mailfrom=nxp.com; nxp.com; dkim=none (message not signed) header.d=none;nxp.com; dmarc=none action=none header.from=nxp.com; Received-SPF: Fail (protection.outlook.com: domain of nxp.com does not designate 192.88.158.2 as permitted sender) receiver=protection.outlook.com; client-ip=192.88.158.2; helo=az84smr01.freescale.net; Received: from az84smr01.freescale.net (192.88.158.2) by BY2FFO11OLC003.mail.protection.outlook.com (10.1.15.183) with Microsoft SMTP Server (TLS) id 15.1.443.6 via Frontend Transport; Fri, 18 Mar 2016 18:32:15 +0000 Received: from enigma.ea.freescale.net (enigma.ea.freescale.net [10.171.77.120]) by az84smr01.freescale.net (8.14.3/8.14.0) with ESMTP id u2IIWAmL015418; Fri, 18 Mar 2016 11:32:13 -0700 From: Tudor Ambarus To: , CC: , , , Tudor Ambarus Subject: [PATCH 02/10] crypto: rsa_helper - add raw integer parser actions Date: Fri, 18 Mar 2016 20:31:59 +0200 Message-ID: <1458325927-14737-2-git-send-email-tudor-dan.ambarus@nxp.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1458325927-14737-1-git-send-email-tudor-dan.ambarus@nxp.com> References: <1458325927-14737-1-git-send-email-tudor-dan.ambarus@nxp.com> X-EOPAttributedMessage: 0 X-Matching-Connectors: 131027995362704018; (91ab9b29-cfa4-454e-5278-08d120cd25b8); () X-Forefront-Antispam-Report: CIP:192.88.158.2; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(2980300002)(1109001)(1110001)(339900001)(189002)(199003)(19580405001)(19580395003)(47776003)(229853001)(586003)(104016004)(48376002)(36756003)(50466002)(92566002)(76176999)(33646002)(5001770100001)(11100500001)(50986999)(106466001)(5008740100001)(87936001)(77096005)(4326007)(85426001)(5003940100001)(105606002)(2906002)(189998001)(50226001)(81166005)(1220700001)(1096002)(2950100001)(6806005)(86362001)(575784001)(7059030)(4720700001); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR0301MB1588; H:az84smr01.freescale.net; FPR:; SPF:Fail; MLV:sfv; MX:1; A:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; BY2FFO11OLC003; 1:IWpDxM1MD1NbJGBYQ0SJ/qe2lDgvh+DqE+qzAQqPLNLPXAd99co2WdTb5ZgsumYA2AOzY/CQ9aPYkIKDflRmWoz9N3iIBbirzOY4Bg33umy/RL0oxw/3q+4NLAaXAweDLBWvKfKqpaCTSFCObuGBSnKlBno6+2hf/a34Kcdue7JQYHQMyNJDHm7QaTnjYyVvpHu4NX5Tamsl56PXUl18Fioj+lonWVQ8wyylGsvF8nqYU4c/V9nzSYO5XMjdawAeE524+FoF+U/LmaBoQdMAzf42jDW2upI6LhXjM7f8l1GhB7nr9YS+qKWPifOF1BcfbTTHxXHC7aJqfOT55FDSnjDN5pPuR0/XZgW+xq5cXNynwgwplH4+VByVmDkMjV7rA+LpNjZ11Djfuidsk7pN9VLltBzskgeIrfNb2g90wbUMn2y08L1pxi+MQJnJ3LSA2FTVkN4/b8kEGkmZ38Lh2EWuZOpjhM1U5P7bnwvX+6MFz1Lj5Rfv73yLNJzIk9av9sk4KmBRkFgQ9OYeJbt7c7AYYGviSBRX5hKxtqp1VADcK++oGx+liOzcNQIz94TWqMIN9RcfiFKV4VO9KA5xtWzTz/LpcQg02z7N6hD/O0GN89C6BVmKnFp+q+hy+o/9a0tupG8vxqHBNyj5btWV9yx+UisOKgdACeCd5vBykiQ= MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: 5d8e4fda-c657-423b-afc2-08d34f5ba19d X-Microsoft-Exchange-Diagnostics: 1; BLUPR0301MB1588; 2:DImt4DVRq5EbH0I1I/tT0qzjaMavxVVSCIrddnoTkF5d/iJBc3wGY+agjiKn0kUXgaUX+lPsPPEv+XRAdixHaoHnt8UQfSXp8Gzo9NSxrlyJA5FIKJ6eNCEZyzwEfaa8MzPPTAHX7Elb99y1MRTPp3hRzkeSLnmnMFtGBt90zHZ0HtGjfqr4BkWDsKW0Y35h; 3:fmywwMADUCf08KuvGbZyHD2eqF5zUOTQZuhduoIgjB3b7uPuNrAGDfWGH6BwV4NT5SZfef32rG2whJ6ms9q4RquzAPGJ0ulJP+O6nhw05uBXSm6AJcv7ppn27AVmSJnGI/B1zqp0BIxE0xmBhI9RWxSDCvS/Oqrrj+F1UIGy9+EuvRmRM7sHbnHnSRm0RKkHGRsmx+7M7/pDJl0GUjDAjY0esWHgk+A68zeAGdJ2Hj8= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR0301MB1588; X-Microsoft-Exchange-Diagnostics: 1; BLUPR0301MB1588; 25:2OURrW7TC+vb7n2e0Rhhu+x7tPXtAKRFwSuFisHb4LcVWRe0LUUmg3BZ8ulsQ4krGJQSbGADDSu6Vf17phwxtwEYlgRbxXMfr5Wp/eWLqw02e2NQdQdtFNcK5YR6vBUdkYkGiWeIIJGxZETscXHE/NQYCjGhpOx2j4qt02/F99+1lMcJp2Yh4GjZb5PpTQNXDU53Q2t00mh6LQedR6/t1tQC7pYvq8w/ljoModVGBJQQ2jH9tKyA7TtMdIjohZzuSHH8wQ8IdOs0SK+6gFXY+byjGqmd/gGOvfMEJCg42jkplol4QD+y1rlFws5krcxgwDGRuiGeh/MHsbPSQa2HyxyZSuuZ9b3CcYO9cRPdLHGvtklNbxWwFVtXctxukSi5bzLgDFzV6KbKKy4ip76+Wya46h09aoPQ037MvQT6I7lyUt1eCX/C2sSphunN/sg0GlUodn9RdoKNdZsCNRGxT5r+kLwmrnr+jEIBqlCv0REwgz066dotl6sHUO3GkDMkCArO0kn4IJajLwjlw8JfMMD9+Ccizp/7xmwNZXTDYBU= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(13018025)(13023025)(13017025)(13015025)(13024025)(8121501046)(3002001)(10201501046); SRVR:BLUPR0301MB1588; BCL:0; PCL:0; RULEID:(400006); SRVR:BLUPR0301MB1588; X-Microsoft-Exchange-Diagnostics: 1; BLUPR0301MB1588; 4:VP/IEF8h3sooNez4gOUBXjw8a+vd35JORkr3l85fVKMdCddR1wFYYbqyAR2atj0ZR/HvkWmgriIA9hPGzgnCEuLrMhE/X03QoGb1SU8yNYkiXuYVSfJMCuhmAY7nbZjdzuDNCkwUzAQWCbfwzCWyHEXy9ZiyHbAaIE8xwlJF6tx/pAe3qi0bjeEEUYrgP6IWU3iDBXmFWNSLgM6HkcwGcRk9Ll2CNx0tsT7bUYdoBXMhbp2sJYsQPYNjhL2WtT/wqFpfOS7g8laXd8gyg4tMMuiuIp6G1tU6uUm4jJVwfm2P+CylbYV49DjN8yQhTCZxCYvkGtiLDlot6GJ8adeX/bakbPRc89anbzvGF8QzdJBXuLj2L6P+YDS2P7169bNMuTf0LkQW4UUWUijwf69xlNzp78xfIYQY/tvQMaxnyghsju/2ubcrSTcneYEsO6bpmrdqKitwFMysG6PJlzH5Pg== X-Forefront-PRVS: 088552DE73 X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BLUPR0301MB1588; 23:pFX1L01pyasnLgG9jtghF43QNRksOHMLOA41Bva?= =?us-ascii?Q?cW5VzXfp+bg1sz2AX64nadnJW+TTsAKCaMpSmHzcI13WdRCWm0lxCA5z/Ulv?= =?us-ascii?Q?acOyEZOYgPmbw4uVGWbF8hwhHWcQKqiPHZh7Jw2qBpGCmtSq91r10uvdzuZ+?= =?us-ascii?Q?HoVKmQLanu1pyU1P/mKe//nHPMUfoxyOfkJdXSXErGwXkooF5L/jEuHlpYV1?= =?us-ascii?Q?Dbix7LCdoTL5/+94TqKq5BJWoJkiHwNl5m9dc7/dqB/xXTpzFx2lHfgYkRh0?= =?us-ascii?Q?Tyh4sbN4GeyuRBca2e/9RZZdnVEFzAwswwesPV8TO0Gpm2zHd9ySOwNnW7JI?= =?us-ascii?Q?HPrMjv+sfCqcsCp1LfwDif4P5CdRFsbXRoMDXie6XPahVJHRi6aTzIu4Yx0W?= =?us-ascii?Q?92OyEctBqv4chTy9IKl9/6WKniFXPn0ISyYHYXYVvjDkaVvt5YeN2JzNKs0N?= =?us-ascii?Q?ThXEPsKf7U+ABUxtzfpP9WsubOC5tdNkeXaQqDlYmuXeWNDZ8wTN0XuzpXec?= =?us-ascii?Q?rWe2uMvW1obpDBtnHgRJ7LR6z85k0bAbMoDl/sVOHLrDdpvBrx8FPGiI2lB3?= =?us-ascii?Q?3eoz+Hxt4UGHj7e7FLdaiDafqsM2AaS8ZclzOD21uGGqkTwvZQwzAmBcbhAZ?= =?us-ascii?Q?+a8xahvnenw3eD064TxrPFhvseNd2KU/CUvTSRDr7f4OHXHBhEHRZx0girNJ?= =?us-ascii?Q?kyEzJpg+sCHCnjFNb3xSvdhMkSfzjzcHW95ckyS9uFusIQ3eVnJlqlPzul2x?= =?us-ascii?Q?7lP1jt3NHuhyeGh3EkBmB/w1IB2+Wh11h60bIZNUc5OQ239+Vlws8HqNwsJN?= =?us-ascii?Q?EVs/Bm7Klp+uLpQvLgyZ/A4HeLnmDWkcOBj9TpWP4Lwj/2blptCFBd4jA3iM?= =?us-ascii?Q?I5eDZyrc3j7hVqa1GO5lYAUS09E3lChcks0rKD32SVe7IWmyHHVO2YsMq7xK?= =?us-ascii?Q?2yVRXlnwLrqREb2jM8l6z1P6OBFnvsie66EhudiNqqklDhV0YLtZCevu8zXF?= =?us-ascii?Q?tPe9Sm3sLe5hggTNRi1EdF//xD2bM+nTs4+BZWKBbb36I2VoEiWWbEAGw3IZ?= =?us-ascii?Q?UsbtcKhzfQik26gj0o298Ok/fegOylZ7mLovq13ICRi7Kze0H5g=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1; BLUPR0301MB1588; 5:agbUM5algeP6cLpQNvjGxNbgEFhIfKEx0s57a+Uhy9S3o6/Vj+9O/T2xe6JBWA3fAAF+Su4S+vpLJsn3sOoD+nNSIwmEFVs8AE4Mk7eM8x8aZNQUdFDmBGNyc83p0v9JN5oji8ndOT1jR619XWKfzm41zwqQc7kkhB0vzC/H75I=; 24:kQ4Y7R1YdXNfJRIS1CTlpTv6JV+qTVRa6NtTnmYmMVBQpPXU5bMBhlM8Ce+22l/2/oO/VlNr1QfWBLtbJlnsAHyqCWsu9MaPi9d+FW7z6qQ= SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Mar 2016 18:32:15.6620 (UTC) X-MS-Exchange-CrossTenant-Id: 5afe0b00-7697-4969-b663-5eab37d5f47e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e; Ip=[192.88.158.2]; Helo=[az84smr01.freescale.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR0301MB1588 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Dedicated to RSA (hardware) implementations that want to use raw integers instead of MPI keys. Signed-off-by: Tudor Ambarus --- crypto/rsa.c | 15 ---- crypto/rsa_helper.c | 158 ++++++++++++++++++++++++++++++++++++++++++ include/crypto/internal/rsa.h | 24 +++++++ 3 files changed, 182 insertions(+), 15 deletions(-) diff --git a/crypto/rsa.c b/crypto/rsa.c index 2d53ad8..44baccf 100644 --- a/crypto/rsa.c +++ b/crypto/rsa.c @@ -235,21 +235,6 @@ err_free_m: return ret; } -static int rsa_check_key_length(unsigned int len) -{ - switch (len) { - case 512: - case 1024: - case 1536: - case 2048: - case 3072: - case 4096: - return 0; - } - - return -EINVAL; -} - static int rsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen) { diff --git a/crypto/rsa_helper.c b/crypto/rsa_helper.c index 1ed32af..1708db8 100644 --- a/crypto/rsa_helper.c +++ b/crypto/rsa_helper.c @@ -14,6 +14,9 @@ #include #include #include +#include +#include +#include #include #include "rsapubkey-asn1.h" #include "rsaprivkey-asn1.h" @@ -190,3 +193,158 @@ void set_rsa_priv_action(struct rsa_asn1_action *action) action->get_n = rsa_get_mpi_n; } EXPORT_SYMBOL_GPL(set_rsa_priv_action); + +int rsa_check_key_length(unsigned int len) +{ + switch (len) { + case 512: + case 1024: + case 1536: + case 2048: + case 3072: + case 4096: + return 0; + } + + return -EINVAL; +} +EXPORT_SYMBOL_GPL(rsa_check_key_length); + +int raw_rsa_get_n(void *context, size_t hdrlen, unsigned char tag, + const void *value, size_t vlen) +{ + struct rsa_raw_ctx *ctx = context; + struct rsa_raw_key *key = &ctx->key; + const char *ptr = value; + int ret = -EINVAL; + + while (!*ptr && vlen) { + ptr++; + vlen--; + } + + key->n_sz = vlen; + /* In FIPS mode only allow key size 2K & 3K */ + if (fips_enabled && (key->n_sz != 256 && key->n_sz != 384)) { + dev_err(ctx->dev, "RSA: key size not allowed in FIPS mode\n"); + goto err; + } + /* invalid key size provided */ + ret = rsa_check_key_length(key->n_sz << 3); + if (ret) + goto err; + + if (key->is_coherent) + key->n = kzalloc(key->n_sz, key->flags); + else + key->n = dma_zalloc_coherent(ctx->dev, key->n_sz, &key->dma_n, + key->flags); + + if (!key->n) { + ret = -ENOMEM; + goto err; + } + + memcpy(key->n, ptr, key->n_sz); + + return 0; +err: + key->n_sz = 0; + key->n = NULL; + return ret; +} + +int raw_rsa_get_e(void *context, size_t hdrlen, unsigned char tag, + const void *value, size_t vlen) +{ + struct rsa_raw_ctx *ctx = context; + struct rsa_raw_key *key = &ctx->key; + const char *ptr = value; + + while (!*ptr && vlen) { + ptr++; + vlen--; + } + + key->e_sz = vlen; + + if (!key->n_sz || !vlen || vlen > key->n_sz) { + key->e = NULL; + return -EINVAL; + } + + if (key->is_coherent) + key->e = kzalloc(key->e_sz, key->flags); + else + key->e = dma_zalloc_coherent(ctx->dev, key->n_sz, &key->dma_e, + key->flags); + + if (!key->e) + return -ENOMEM; + + if (key->is_coherent) + memcpy(key->e, ptr, key->e_sz); + else + memcpy(key->e + (key->n_sz - vlen), ptr, vlen); + + return 0; +} + +int raw_rsa_get_d(void *context, size_t hdrlen, unsigned char tag, + const void *value, size_t vlen) +{ + struct rsa_raw_ctx *ctx = context; + struct rsa_raw_key *key = &ctx->key; + const char *ptr = value; + int ret = -EINVAL; + + while (!*ptr && vlen) { + ptr++; + vlen--; + } + + if (!key->n_sz || !vlen || vlen > key->n_sz) + goto err; + + /* In FIPS mode only allow key size 2K & 3K */ + if (fips_enabled && (vlen != 256 && vlen != 384)) { + dev_err(ctx->dev, "RSA: key size not allowed in FIPS mode\n"); + goto err; + } + + if (key->is_coherent) + key->d = kzalloc(key->n_sz, key->flags); + else + key->d = dma_zalloc_coherent(ctx->dev, key->n_sz, &key->dma_d, + key->flags); + + if (!key->n) { + ret = -ENOMEM; + goto err; + } + + if (key->is_coherent) + memcpy(key->d, ptr, vlen); + else + memcpy(key->d + (key->n_sz - vlen), ptr, vlen); + + return 0; +err: + key->d = NULL; + return ret; +} + +void set_raw_rsa_pub_action(struct rsa_asn1_action *action) +{ + action->get_e = raw_rsa_get_e; + action->get_n = raw_rsa_get_n; +} +EXPORT_SYMBOL_GPL(set_raw_rsa_pub_action); + +void set_raw_rsa_priv_action(struct rsa_asn1_action *action) +{ + action->get_d = raw_rsa_get_d; + action->get_e = raw_rsa_get_e; + action->get_n = raw_rsa_get_n; +} +EXPORT_SYMBOL_GPL(set_raw_rsa_priv_action); diff --git a/include/crypto/internal/rsa.h b/include/crypto/internal/rsa.h index bf0f49d..7820e83 100644 --- a/include/crypto/internal/rsa.h +++ b/include/crypto/internal/rsa.h @@ -20,6 +20,19 @@ struct rsa_mpi_key { MPI d; }; +struct rsa_raw_key { + u8 *n; + u8 *e; + u8 *d; + dma_addr_t dma_n; + dma_addr_t dma_e; + dma_addr_t dma_d; + size_t n_sz; + size_t e_sz; + bool is_coherent; + gfp_t flags; +}; + struct rsa_asn1_action { int (*get_n)(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen); @@ -34,6 +47,12 @@ struct rsa_ctx { struct rsa_mpi_key key; }; +struct rsa_raw_ctx { + struct rsa_asn1_action action; + struct rsa_raw_key key; + struct device *dev; +}; + void rsa_free_mpi_key(struct rsa_mpi_key *key); int rsa_parse_mpi_pub_key(struct rsa_ctx *ctx, const void *key, @@ -44,5 +63,10 @@ int rsa_parse_mpi_priv_key(struct rsa_ctx *ctx, const void *key, void set_rsa_pub_action(struct rsa_asn1_action *action); void set_rsa_priv_action(struct rsa_asn1_action *action); +int rsa_check_key_length(unsigned int len); + +void set_raw_rsa_pub_action(struct rsa_asn1_action *action); +void set_raw_rsa_priv_action(struct rsa_asn1_action *action); + extern struct crypto_template rsa_pkcs1pad_tmpl; #endif