From patchwork Wed Mar 23 15:04:17 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tudor Ambarus X-Patchwork-Id: 8650741 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: X-Original-To: patchwork-linux-crypto@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 27C829FB32 for ; Wed, 23 Mar 2016 15:04:38 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 069642025B for ; Wed, 23 Mar 2016 15:04:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id C670E20259 for ; Wed, 23 Mar 2016 15:04:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754284AbcCWPEe (ORCPT ); Wed, 23 Mar 2016 11:04:34 -0400 Received: from mail-by2on0056.outbound.protection.outlook.com ([207.46.100.56]:3344 "EHLO na01-by2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753072AbcCWPEd (ORCPT ); Wed, 23 Mar 2016 11:04:33 -0400 Received: from CH1PR03CA006.namprd03.prod.outlook.com (10.255.156.151) by BLUPR0301MB1588.namprd03.prod.outlook.com (10.162.214.22) with Microsoft SMTP Server (TLS) id 15.1.447.10; Wed, 23 Mar 2016 15:04:31 +0000 Received: from BL2FFO11FD020.protection.gbl (10.255.156.132) by CH1PR03CA006.outlook.office365.com (10.255.156.151) with Microsoft SMTP Server (TLS) id 15.1.434.16 via Frontend Transport; Wed, 23 Mar 2016 15:04:30 +0000 Authentication-Results: spf=fail (sender IP is 192.88.168.50) smtp.mailfrom=nxp.com; nxp.com; dkim=none (message not signed) header.d=none;nxp.com; dmarc=none action=none header.from=nxp.com; Received-SPF: Fail (protection.outlook.com: domain of nxp.com does not designate 192.88.168.50 as permitted sender) receiver=protection.outlook.com; client-ip=192.88.168.50; helo=tx30smr01.am.freescale.net; Received: from tx30smr01.am.freescale.net (192.88.168.50) by BL2FFO11FD020.mail.protection.outlook.com (10.173.161.38) with Microsoft SMTP Server (TLS) id 15.1.443.6 via Frontend Transport; Wed, 23 Mar 2016 15:04:30 +0000 Received: from enigma.ea.freescale.net (enigma.ea.freescale.net [10.171.77.120]) by tx30smr01.am.freescale.net (8.14.3/8.14.0) with ESMTP id u2NF4M5r030045; Wed, 23 Mar 2016 08:04:28 -0700 From: Tudor Ambarus To: , CC: , , , Tudor Ambarus Subject: [PATCH v2 2/4] crypto: rsa_helper - add raw integer parser actions Date: Wed, 23 Mar 2016 17:04:17 +0200 Message-ID: <1458745459-1096-3-git-send-email-tudor-dan.ambarus@nxp.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1458745459-1096-1-git-send-email-tudor-dan.ambarus@nxp.com> References: <1458745459-1096-1-git-send-email-tudor-dan.ambarus@nxp.com> X-EOPAttributedMessage: 0 X-Matching-Connectors: 131032190707486912; (91ab9b29-cfa4-454e-5278-08d120cd25b8); () X-Forefront-Antispam-Report: CIP:192.88.168.50; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(2980300002)(1110001)(1109001)(339900001)(189002)(199003)(19580405001)(50466002)(19580395003)(47776003)(586003)(229853001)(36756003)(104016004)(48376002)(11100500001)(92566002)(76176999)(5008740100001)(106466001)(33646002)(5001770100001)(50986999)(87936001)(4326007)(2906002)(105606002)(50226001)(189998001)(77096005)(5003940100001)(2950100001)(1096002)(81166005)(6806005)(1220700001)(86362001)(85426001)(7059030)(4720700001); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR0301MB1588; H:tx30smr01.am.freescale.net; FPR:; SPF:Fail; MLV:sfv; MX:1; A:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; BL2FFO11FD020; 1:CKWDSTFthYUIuZ0arv8LzLujraIK+HoJhrHvJ3aN4WoVdGT2wdlBS8T4a3W1faqpQh0U5o3pLTKzzPcTbw7DdmQEAXyW1ZdbvzKGBZU05h6pS/SzsgFJ9xM75GHu+h6NVRb4/hzbVWc2SEj/foxXJPs3I2mZp5KYzG23LmQCNsuC/Ifr4fxNy2U7KBk4PpwqkhtGuZXXrAGfY+e4WERq4h7vPLd0ImK5mtE4UC2dEvuyNiLbjJGBO0UxgQ7Fdy3pokP/iDQEiW9Qh8SXIK5rUWOwJfig+sU9vxyiCybC2WtG7h7JLoLq/ZDMNIjJRU9DZa7WxdXZgFwM+Pzieeyz8ak6fI1JzeQwVm0UTrml6phIZawrWnhCGRaIHNktQCk49QFKLhSOppjAYW/TYVhVpb5QqOI1jiFJJv0RJ3mIVdY/SgOAaKpcriYHJAZisUMN6SQDQfzucs7gqjm4v2mBoXAJkqIlMSrL6fiGkAotTFNjdH04wL3Aub0hlYtZxQC35LbO9foqXo09zwKR+zQrC8TWZcnBT7Uhh/mJ6+wjIFFTOQHf3vtQjx1oGhUiJAtDWGS7xOIXqPjISohTNjmz2Xj4AXpLRIKV7IQRscSRJPMPYwIokmAAt74DZsipxJd6AfOos4vMLgnirSOdLkBRX6ESpzb8P6x8eWZGsNJuvNw= MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: ef1b5209-73ac-454c-d0c0-08d3532c6fb9 X-Microsoft-Exchange-Diagnostics: 1; BLUPR0301MB1588; 2:8bbJKoJq9cXuk4E8ZQGlDWdijrq53DgCSYNNJ9KbYca/i+Yswvv5woZvvrbQR9fgw4Zo6csgDPWeRXy1fV8lmT2Q8mMbhsAA71apqNHMjek/qMZoq5i/1X+AsPz4xkY0xSwUuLJHT0QSYt2ilE4K+FK+a4VGdoHEgxxT3PGxH0FoMwG6BFSemJtaHpGxUxiX; 3:RLhelTkjvDVZ/7tzChkOcJ+pVeMqB6Wzcw8SS1sUsSwdhrRn4fg63WMaXm+1sF7vERVpyhI0jc0yw0qvvy1EySid4uhQmoHrGjOzhGp7B9f+Jb9JVO3nDOe26GGnTGeT8XjIlmn45JZ/4lS+QmUvpVKyLrNSyFOtej5+5lTKk50SWCsLvjIO/3dOoSFh9zLUlN0rHqdbPt6v4Ra5idposDiTkQnd1SCGYcSnBWOgAws= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR0301MB1588; X-Microsoft-Exchange-Diagnostics: 1; BLUPR0301MB1588; 25:q/FurRoXDkCf48kn3PBqmuDqLuZDYSUyp/9HLSYnFWkgZGTp4x37P3UNW2EoGXA0fY8l4YnkGUPHxgSUMW+WA4Q6RftoVUqJeV+1UGwiKPIZMYXYo15jI75dJ5YopBRMXsPVrKwp/TJbZrs8SZQxjW55gyMj48QztaUcYyTPNQXKv6C1C6JgeDrBy/aC6SmRU8XBEmrv/08bGOObWbaVRRQOfLYW8W/NMxJ9LI4OtjRqc67ZhdBmIwjYJZdNfHALY1tZuRRlFwz+6LFzSG1hvRQQDIBaniRjCiF2d9a1lR57NdcPIDsRzJa85bFRmW8LOH9gDUTr+Ty5kaYGEX3ktAYTweOVbk2zHbuZtPgH/C3aDf/om7mX0wvNYpqDdx71G2RD6XTXE+oLwv3gsFmcpTKSru4kqxJFMPHQpLWMI2n/kQPWc0ottQGPzcxqk+O/5ulwcE2zs7Vm+L8GyjvZth6Lk7bFsP6O/jemWepp2s+dwiMWEZZtSW2oehJvMuY4TmGWG/OUChbnx7pXbxJcNynDRv6UgHr1tiw8HgNJ9F0= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(13023025)(13017025)(5005006)(13018025)(13015025)(8121501046)(13024025)(3002001)(10201501046); SRVR:BLUPR0301MB1588; BCL:0; PCL:0; RULEID:(400006); SRVR:BLUPR0301MB1588; X-Microsoft-Exchange-Diagnostics: 1; BLUPR0301MB1588; 4:5A3hUxcM0egvJOitu5euxrEMwlXn/6rHkpZID/X4Br4ZGV76x7wO0WlymdhwUWKpRSm7NTrWhkO07cX3ixTLAcNJzAt0MDb0wUw0MtfIHCoyDNxP4R8o7QsUOFOCPbmtE4sO50ol693K+S7noaOmr3ppVBDc55c4CmN1grH+Ldg4I4fFYSz5Jav1RGG7DKbTqZdqOQAc8j2Mvieu8hpsNBO9ySfKBXhq6EY3hlBQQrVj4fplUCBdokY7ZniYwVELcnK5SghmZg+s6WTWviaEBGwDQ6dvwlg8r5RvVE99OrLXhPLZCFNYNcZRUCkNy3LeUMhryULpmbExoNNkK8vk8qPehtfADriqJRZE9wSIyFddoQx77kJKn7JWYgrOIaH+VddiNRDGryf1+hgVJ8jkNfP+gDxC8IdTWYtMCslutvJHuuX1Lfp2HrULQR7INudoaRUL0Y93hHcL/7uhj7MNWQ== X-Forefront-PRVS: 08902E536D X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BLUPR0301MB1588; 23:6wkXMMqBG3fCH5XantsisH/6MTZFuADme5KGmxK?= =?us-ascii?Q?m5E9O1VujnjjEePazo5WAQ6fLDeR++lmA8FAfdmsxKi4+Zb6cV03ry2tzSxA?= =?us-ascii?Q?nnFiLEvNPPXY6BXqRzndTY/dZHtxI1Uy3t1/PX/w9tExu2BTNu+HA5M7Ndj2?= =?us-ascii?Q?fTuV12avw5q260YiHjatF8wZA8+pd80GjWvm2wCOrnzckkKoSXWs7qoqfrO+?= =?us-ascii?Q?vZMC0ugo/j4m7ajMNo37CYMe5P9qxOo9hm1rReoqLqXoe+ZU2fUtihAScjfm?= =?us-ascii?Q?f5jLxo7pv0QoAViUcN1ma1csPsixjFn5DpjUhZxU3GB8zRiSdQDy0BojoyMs?= =?us-ascii?Q?r8i8/08JeHZ7jer8eldK3S0wvpfKTx4V6CjZwb8Djw8RkFnYrJIrJKz8orxf?= =?us-ascii?Q?EvZsrbus9NTq0fiaFYANn7OS+t7LD4FaV7VG2jw6EIOavYRUnqboSju96256?= =?us-ascii?Q?DrUFAZVFI+ma9ZQPQ7Q05aHiZAQxp8IuOCDMf0ci4wU0QDsRya5kfKML2j1D?= =?us-ascii?Q?xuFqtw4bdQjEHQSf1aL611PQCfUsjegloIYzS4GLH34l/d8VTSXZ1G2qVr6e?= =?us-ascii?Q?vtgx6a67/PW+jaWiu7lyfpj38AZbPg7QDHyq1YOzh7ZBYIcKajyC/Q3xio8t?= =?us-ascii?Q?AJS/AgHxdswoAuMIExB3eU6vC5C/WcZOs0ThiPOpfsS1Q7gsR5d/At+DzIfK?= =?us-ascii?Q?AUGU6S2Z9NIT+Hxqu4bGefP1LGU9aXTsJiNh/f9ng1ZOYtTuVKZFd3FzDmsY?= =?us-ascii?Q?mKDQgAX1SD91IENywcc/XNugzqlMOMF9XcyiQQoIW4+NCtUWGGM8cyJkfQhG?= =?us-ascii?Q?K5sSe6R/XjsaCC9YzROCaDP3H6Zt+Pd9QVu0CxTZSphwRSI8uI6rwaLIFst3?= =?us-ascii?Q?BO9I+PYY//c5Am4GZSPoLz8hplmYCPPP67KoaJDi12dGXxcwUdd9UPkMpVrs?= =?us-ascii?Q?V7dS65ryPsmxzGivzYrW6IRModzWmytLZNB4wlemgIe2kDXCRNgfrV+pkpEN?= =?us-ascii?Q?Ko8lE9HFyTKLLmt18BNVcvbbuPftxuzb8qCbaYWZSf4GHpdZkOhLmqX/er8o?= =?us-ascii?Q?r/C1KeD0hDkpgOj0F9x/alVCLQHX4?= X-Microsoft-Exchange-Diagnostics: 1; BLUPR0301MB1588; 5:+6yliDX06kRG1s3oxMEYvAQokBW/q5ze52qg0FK6e6gRjDKRltJ4YefxGPJTewjFqfInmIiq7dTUE7/GTyJVI4h2hwMhtIUN0QLjCpA2kC4ppR1uzTFfn7Bq+K4g9O/sGX24TcEwIFgpZmUoWdcoR++iD+p7PZdrsY8u/zvBFrk=; 24:dh7Z0h2QwZoFFqoF/P+r+sy/JVRWQXg2cVMbOSqP9gZFeDQh9DrVet9045xnOcPBrvEtyviiXFZK0KwUFQtd+XBJLpjAWHnnG6o3TAwHtT8= SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Mar 2016 15:04:30.5770 (UTC) X-MS-Exchange-CrossTenant-Id: 5afe0b00-7697-4969-b663-5eab37d5f47e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e; Ip=[192.88.168.50]; Helo=[tx30smr01.am.freescale.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR0301MB1588 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Dedicated to RSA (hardware) implementations that want to use raw integers instead of MPI keys. Signed-off-by: Tudor Ambarus Acked-by: Cristian Stoica --- crypto/rsa.c | 15 ---- crypto/rsa_helper.c | 182 ++++++++++++++++++++++++++++++++++++++++++ include/crypto/internal/rsa.h | 28 +++++++ 3 files changed, 210 insertions(+), 15 deletions(-) diff --git a/crypto/rsa.c b/crypto/rsa.c index 7cb0153..37ac189 100644 --- a/crypto/rsa.c +++ b/crypto/rsa.c @@ -235,21 +235,6 @@ err_free_m: return ret; } -static int rsa_check_key_length(unsigned int len) -{ - switch (len) { - case 512: - case 1024: - case 1536: - case 2048: - case 3072: - case 4096: - return 0; - } - - return -EINVAL; -} - static int rsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen) { diff --git a/crypto/rsa_helper.c b/crypto/rsa_helper.c index 0149ed3..df1f480 100644 --- a/crypto/rsa_helper.c +++ b/crypto/rsa_helper.c @@ -14,6 +14,9 @@ #include #include #include +#include +#include +#include #include #include "rsapubkey-asn1.h" #include "rsaprivkey-asn1.h" @@ -239,3 +242,182 @@ error: return ret; } EXPORT_SYMBOL_GPL(rsa_parse_mpi_priv_key); + +int rsa_check_key_length(unsigned int len) +{ + switch (len) { + case 512: + case 1024: + case 1536: + case 2048: + case 3072: + case 4096: + return 0; + } + + return -EINVAL; +} +EXPORT_SYMBOL_GPL(rsa_check_key_length); + +void raw_rsa_free_key(struct rsa_raw_key *key) +{ + kzfree(key->d); + key->d = NULL; + + kfree(key->e); + key->e = NULL; + + kfree(key->n); + key->n = NULL; + + key->n_sz = 0; + key->e_sz = 0; +} +EXPORT_SYMBOL_GPL(raw_rsa_free_key); + +void raw_rsa_free_coherent_key(struct device *dev, struct rsa_raw_key *key) +{ + if (key->d) { + memset(key->d, '\0', key->n_sz); + dma_free_coherent(dev, key->n_sz, key->d, key->dma_d); + key->d = NULL; + } + + if (key->e) { + dma_free_coherent(dev, key->n_sz, key->e, key->dma_e); + key->e = NULL; + } + + if (key->n) { + dma_free_coherent(dev, key->n_sz, key->n, key->dma_n); + key->n = NULL; + } + + key->n_sz = 0; + key->e_sz = 0; +} +EXPORT_SYMBOL_GPL(raw_rsa_free_coherent_key); + +int raw_rsa_get_n(void *context, const void *value, size_t vlen) +{ + struct rsa_raw_ctx *ctx = context; + struct rsa_raw_key *key = &ctx->key; + const char *ptr = value; + int ret = -EINVAL; + + while (!*ptr && vlen) { + ptr++; + vlen--; + } + + key->n_sz = vlen; + /* In FIPS mode only allow key size 2K & 3K */ + if (fips_enabled && (key->n_sz != 256 && key->n_sz != 384)) { + dev_err(ctx->dev, "RSA: key size not allowed in FIPS mode\n"); + goto err; + } + /* invalid key size provided */ + ret = rsa_check_key_length(key->n_sz << 3); + if (ret) + goto err; + + if (key->is_coherent) + key->n = kzalloc(key->n_sz, key->flags); + else + key->n = dma_zalloc_coherent(ctx->dev, key->n_sz, &key->dma_n, + key->flags); + + if (!key->n) { + ret = -ENOMEM; + goto err; + } + + memcpy(key->n, ptr, key->n_sz); + + return 0; +err: + key->n_sz = 0; + key->n = NULL; + return ret; +} +EXPORT_SYMBOL_GPL(raw_rsa_get_n); + +int raw_rsa_get_e(void *context, const void *value, size_t vlen) +{ + struct rsa_raw_ctx *ctx = context; + struct rsa_raw_key *key = &ctx->key; + const char *ptr = value; + size_t offset = 0; + + while (!*ptr && vlen) { + ptr++; + vlen--; + } + + key->e_sz = vlen; + + if (!key->n_sz || !vlen || vlen > key->n_sz) { + key->e = NULL; + return -EINVAL; + } + + if (key->is_coherent) { + key->e = kzalloc(key->e_sz, key->flags); + } else { + key->e = dma_zalloc_coherent(ctx->dev, key->n_sz, &key->dma_e, + key->flags); + offset = key->n_sz - vlen; + } + + if (!key->e) + return -ENOMEM; + + memcpy(key->e + offset, ptr, vlen); + + return 0; +} +EXPORT_SYMBOL_GPL(raw_rsa_get_e); + +int raw_rsa_get_d(void *context, const void *value, size_t vlen) +{ + struct rsa_raw_ctx *ctx = context; + struct rsa_raw_key *key = &ctx->key; + const char *ptr = value; + size_t offset = 0; + int ret = -EINVAL; + + while (!*ptr && vlen) { + ptr++; + vlen--; + } + + if (!key->n_sz || !vlen || vlen > key->n_sz) + goto err; + + /* In FIPS mode only allow key size 2K & 3K */ + if (fips_enabled && (vlen != 256 && vlen != 384)) { + dev_err(ctx->dev, "RSA: key size not allowed in FIPS mode\n"); + goto err; + } + + if (key->is_coherent) { + key->d = kzalloc(key->n_sz, key->flags); + } else { + key->d = dma_zalloc_coherent(ctx->dev, key->n_sz, &key->dma_d, + key->flags); + offset = key->n_sz - vlen; + } + + if (!key->d) { + ret = -ENOMEM; + goto err; + } + + memcpy(key->d + offset, ptr, vlen); + + return 0; +err: + key->d = NULL; + return ret; +} +EXPORT_SYMBOL_GPL(raw_rsa_get_d); diff --git a/include/crypto/internal/rsa.h b/include/crypto/internal/rsa.h index f8ef7b1..854b9b7 100644 --- a/include/crypto/internal/rsa.h +++ b/include/crypto/internal/rsa.h @@ -31,11 +31,30 @@ struct rsa_mpi_key { MPI d; }; +struct rsa_raw_key { + u8 *n; + u8 *e; + u8 *d; + dma_addr_t dma_n; + dma_addr_t dma_e; + dma_addr_t dma_d; + size_t n_sz; + size_t e_sz; + bool is_coherent; + gfp_t flags; +}; + struct rsa_ctx { const struct rsa_asn1_action *action; struct rsa_mpi_key key; }; +struct rsa_raw_ctx { + const struct rsa_asn1_action *action; + struct rsa_raw_key key; + struct device *dev; +}; + int rsa_get_mpi_n(void *context, const void *value, size_t vlen); int rsa_get_mpi_e(void *context, const void *value, size_t vlen); int rsa_get_mpi_d(void *context, const void *value, size_t vlen); @@ -47,5 +66,14 @@ int rsa_parse_mpi_pub_key(struct rsa_ctx *ctx, const void *key, int rsa_parse_mpi_priv_key(struct rsa_ctx *ctx, const void *key, unsigned int key_len); +int rsa_check_key_length(unsigned int len); + +void raw_rsa_free_key(struct rsa_raw_key *key); +void raw_rsa_free_coherent_key(struct device *dev, struct rsa_raw_key *key); + +int raw_rsa_get_n(void *context, const void *value, size_t vlen); +int raw_rsa_get_e(void *context, const void *value, size_t vlen); +int raw_rsa_get_d(void *context, const void *value, size_t vlen); + extern struct crypto_template rsa_pkcs1pad_tmpl; #endif