From patchwork Wed Apr 6 13:37:05 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tudor Ambarus X-Patchwork-Id: 8762351 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: X-Original-To: patchwork-linux-crypto@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 2C2EB9F39A for ; Wed, 6 Apr 2016 13:37:56 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id E09F3200E8 for ; Wed, 6 Apr 2016 13:37:54 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id ABFFD20142 for ; Wed, 6 Apr 2016 13:37:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752080AbcDFNhf (ORCPT ); Wed, 6 Apr 2016 09:37:35 -0400 Received: from mail-bn1bon0071.outbound.protection.outlook.com ([157.56.111.71]:58270 "EHLO na01-bn1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751230AbcDFNhc (ORCPT ); Wed, 6 Apr 2016 09:37:32 -0400 Received: from BY2PR03CA068.namprd03.prod.outlook.com (10.141.249.41) by CY1PR0301MB0715.namprd03.prod.outlook.com (10.160.159.145) with Microsoft SMTP Server (TLS) id 15.1.443.12; Wed, 6 Apr 2016 13:37:17 +0000 Received: from BL2FFO11FD042.protection.gbl (2a01:111:f400:7c09::197) by BY2PR03CA068.outlook.office365.com (2a01:111:e400:2c5d::41) with Microsoft SMTP Server (TLS) id 15.1.447.15 via Frontend Transport; Wed, 6 Apr 2016 13:37:17 +0000 Authentication-Results: spf=fail (sender IP is 192.88.158.2) smtp.mailfrom=nxp.com; nxp.com; dkim=none (message not signed) header.d=none;nxp.com; dmarc=none action=none header.from=nxp.com; Received-SPF: Fail (protection.outlook.com: domain of nxp.com does not designate 192.88.158.2 as permitted sender) receiver=protection.outlook.com; client-ip=192.88.158.2; helo=az84smr01.freescale.net; Received: from az84smr01.freescale.net (192.88.158.2) by BL2FFO11FD042.mail.protection.outlook.com (10.173.161.138) with Microsoft SMTP Server (TLS) id 15.1.453.6 via Frontend Transport; Wed, 6 Apr 2016 13:37:16 +0000 Received: from enigma.ea.freescale.net (enigma.ea.freescale.net [10.171.77.120]) by az84smr01.freescale.net (8.14.3/8.14.0) with ESMTP id u36Db9Ra016261; Wed, 6 Apr 2016 06:37:14 -0700 From: Tudor Ambarus To: CC: , , , , , Tudor Ambarus Subject: [PATCH v3 2/3] crypto: rsa_helper - add raw integer parser actions Date: Wed, 6 Apr 2016 16:37:05 +0300 Message-ID: <1459949826-11840-3-git-send-email-tudor-dan.ambarus@nxp.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1459949826-11840-1-git-send-email-tudor-dan.ambarus@nxp.com> References: <1459949826-11840-1-git-send-email-tudor-dan.ambarus@nxp.com> X-EOPAttributedMessage: 0 X-Matching-Connectors: 131044234371500324; (91ab9b29-cfa4-454e-5278-08d120cd25b8); () X-Forefront-Antispam-Report: CIP:192.88.158.2; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(2980300002)(1109001)(1110001)(339900001)(189002)(199003)(81166005)(33646002)(19580405001)(5003940100001)(5008740100001)(19580395003)(86362001)(48376002)(104016004)(76176999)(4326007)(105606002)(36756003)(47776003)(6806005)(85426001)(50986999)(2906002)(11100500001)(229853001)(92566002)(106466001)(77096005)(2950100001)(87936001)(1096002)(50226001)(110136002)(1220700001)(189998001)(586003)(2351001)(50466002)(7059030)(4720700001); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR0301MB0715; H:az84smr01.freescale.net; FPR:; SPF:Fail; MLV:sfv; MX:1; A:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; BL2FFO11FD042; 1:jBmABrM6leErvsJpGHHiBSElEHAYLUit2JVVERmR9s37M1RGMeSu+/47AI06Pr1prGSQt3JsgcH2XYk6cSwD4g/DgFzqqb0v3H3yg0vfTuFYj/KPV/yQ2AGnPbiuvTVJPbc4uoXGiSVw+4V6UiTIO/nIOC2A2gUTLr3mG59wr9Zwt/J0s3zcVb6J90Q5NJhq5szG6yW0QoSW3y1wdqE34REKUE6jCXDU6ajZtAk4pFcVhwwQJi41lIvD6E/7m88/JdQ+R01Rm5dSU0qwwxfLjchE+RIVP3XxRSTgMi8L+uFLMG92EohxiRBcCOh9GcACWijM1mxxqlgsiifqnVfpMVoQFLlOhEGill4H4yNQFaCT2yplzYYpfM+FCpD811H9mPhOZ4hRerFQ6GVVUta6K6+M3pJtr/PZrWcpFkcdRLL3qnw9VlC6tgSkJDrnJ4B2suMDY6tPXwrgT5ZLhrNlEVRrTDWbCYTsOxE3blBPzYRkV9cldBAs9qdpdX/BuI+qzbKMSshrs+E4Q2JhGxgIh/rPXNigJ+/rVqyGIujF8ClUsQjYpBrM865Pswgmcr3JVl0ezLR9UqF51YA6SvV/tzTe/V+WFtWMp+lNbpxxGLSi6ZJELTajccdL+Jty9o8Exq5v8Qw/s5Ua8DF1JRSAb9cQaBHoWm2/l5GrFDE27DBkI2PcqVQh5WW5SLNNX+VMcVt44aCVeVRds7KV7PM6xF/pYNL1F1zlV87AXiZ2xiE= MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: 9a6172ff-e802-48ef-1cbb-08d35e2091f5 X-Microsoft-Exchange-Diagnostics: 1; CY1PR0301MB0715; 2:yiGlb2a7QF08kx7zpR5yGjb+MWYZM0vv63Hyu6Db10MdlpbticPJp++bFSUX4+XTjeH8J27A2t/iD+lDbN2ymP9IEuzzPMV8JE7+20uxc7w6H+JSyX0NYYiFbtKZW49aHTuCd/Q55mvBC+C9ZwMxj0s0wnzKkmUX1hefRtSHIVCvhOAmDN1CgU/EHY0AJ2ox; 3:1gpIIjejeVsl30RSYMh0Yim9xsV7OHFlxFvbSweLinnvLX/Hgwwp7GvBDidcMsexKSJxUF0oqv2rR8cyYCftY4hsbb0GsFUsbETYRIAyrqYjzj83tB6HxeeWtDLbD7Ee+2MB1ULh3TJ9o+0RwMdW6enu/nAbYhtWE0cS5xIH07bH9iUzRdkmBLHaVO6YFOMrax2xMzx5VXgDgoaGh1FpSjZuRcPfRCmM6yrb4y74hgM= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR0301MB0715; X-Microsoft-Exchange-Diagnostics: 1; CY1PR0301MB0715; 25:3j3KG2skPbaPKY3Me6c4tYrEWEiGUiY1mQrrUCW1Rt8RpYNO9OlwYPQZMW6tSJsS1AmTmVoKfaWA0Po9ff9E4VAmFK+VtEidEA36+y4z5mkPBfuLLGFZtCkW1/WSP91gnpsqS0+bAAeFoBaGq0saKFzXylwk45ObTd8MSDI0yszq/yzG0l993lgGmceUFrS/edwmcn1juokEvFp1EgvaRw4e87qiz19gH/CmdJtO4vlGXiQdmTvkyUFW8iMY9ZqykjGBOZqF2EvG0FRCFcpzWpgi2/VZ8RT2T+f77naXDCQrIpiZOPHgQayNzXh8ezvLyw0zeM/BzuOHBKs6Ae76CjH/vouu4s5ALGQcUYnrM1nsbgMY4O8fZXIjjNypttwAXzoYLQpPfdtDHJW+g+Ce/nFVKFoZwsb9ZZFOaa/8+Zw7PuSLpnKk7gxcGResyFbs2q+JHFnsfGMj1s9fXrXHc4uU93hR88L3qqsZSj5306yAy4vShAPaAkRnr/3DN/4koku0yhGpGKW6mvVd477/hp3OfVa6rEWmEF1L4kZfLNdy5K9x+j6RF0a9c2n1FldVoW9PGqq8d+zqB8gshDocNOuVnGKjcvuK2e/11b70bzQ= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(13023025)(13018025)(13024025)(5005006)(13017025)(8121501046)(13015025)(10201501046)(3002001)(6055026); SRVR:CY1PR0301MB0715; BCL:0; PCL:0; RULEID:(400006); SRVR:CY1PR0301MB0715; X-Microsoft-Exchange-Diagnostics: 1; CY1PR0301MB0715; 4:tDHaZNWF5oICSabzJkErqmwgSI2+OUVz+IeKfBXvHOliCFn7A+d16aArjs1toCfcwK+Cn3iDKgZhH+9bLT+hwMfLtNQKP1bRHUv+TXzWs1wQgRYJsGBTu693U9xNA8qxeJQUr3SqLCv5MRn6WUeh9fosVj3EyQVCX3WgKCk3wugLRFmyrv8CR0JagCtbvWmu70Ih65jcwI3gcH4QsrZA7QNDVTadS/NbFRyXFzJ/BnayD3kuKOEk5WrvyDb49z8IwLk4BuPEiDqCh/ZRQkwEmK9LUtds1DqR/Gg+5fS964Erk/WczBGceUj9iMceTrKBowq7RKgcFfEPQMB76NeAQ+6bTUCOZ27jcIJnuA4y42DFrUXDt/FmPgLQ8kUDaCMW82tEKNxk1OABzyz8iHRizPseYMIgoLfEtbXZG4jccQaJpKngPAWBfoMPO+8OVak6FGgFMx7LhGQwgB+XG0eLCPfwBOnNnJYIp7hjNX06Zpc= X-Forefront-PRVS: 0904004ECB X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; CY1PR0301MB0715; 23:ZSGxx+a4dEo1IePyXiTMXWqUIVPsY9hips7YxHk?= =?us-ascii?Q?e2byQ+f/d+6R2Gic9+GwfC9Qwz/MLawhALS10EEJra4SdM8KBOuQ+rIK9FNz?= =?us-ascii?Q?FS7wfNUHTLHcLFJc38UzcsZBwU3WoAj48pw2BeWNOBoBa9kqu24ZhZagfqWB?= =?us-ascii?Q?YUn+zbGgR+0P7HPGnlQs6n2YztvQE7mdvy3YRyywl4BkVcCg2/8ChuOxTGKB?= =?us-ascii?Q?pzc1GxpPnuOEM/sNil5yR3NddR84DtPYhCIFzNItjwi96HpLS/tea/8wrQ3+?= =?us-ascii?Q?Xr/SaNWEhz72+X3Q9ShPwPfh+4/ix2zLVZnnABazZN+r1BNAAVChe5u5TpcT?= =?us-ascii?Q?KSxRyTY/zejjD5brEEHuvXyS+XUDw1YrA2SpzYR5ORWjI0TpnE699g2eAcFh?= =?us-ascii?Q?0hf5RWj3VrsN0zTdylyOnn/C2fwgbEPPNTr2t48fNL2mDTth9OoJQQRcdpbE?= =?us-ascii?Q?S/B6EK/pjDS+ACIFRrocZpQYkaqyJFelSqGMc+J4DRFnXjp88li9bMHP8f1+?= =?us-ascii?Q?/mtnlA/oWmaifaLTOpGBm4noUYVMH5YAbAYmeuIwAd+RR4Eqm7Rhu/ZDg0TG?= =?us-ascii?Q?f7z85tm+wjs9KQvQAcoNvMsI8NrXGoXIBorp1LXAgfgFrFNxnvaXDLH7gw6t?= =?us-ascii?Q?7PlyxTGgQo5gkSzPXV3G8SE+cMwJroTAz30xBLhexmdO4Lpju2VH1tdwCjOa?= =?us-ascii?Q?EEPKl5cMEc8lXMxxIbOEiaDiwyXqzFzIu7uFRlAZhMonaxGvOwxQV9uSFSfj?= =?us-ascii?Q?fl6vA4tqepFAVEVyjtp7K0bWsDjMlhV85z9sSqp0aozRkubY5UcTZV2t4kNv?= =?us-ascii?Q?aQkqzZm9VFA9ZCe2iqnAcpJRhVhkbaeU6o0Cl12iHqtQYJJX4ORpUuUD2nbF?= =?us-ascii?Q?shh0K5FVfUh/M0VUJx8pDMI0XqnGiOgGsReEoJbgThCWaoiY64QbDQohXYCq?= =?us-ascii?Q?++BcHmrwTN7SvW4m4fOHBBD/8Izq5Y/pdszqAJOrj7Efmi4G1jBiH0ev0o8M?= =?us-ascii?Q?kcwy0459NIHEsRR0w3Ea7agG9zkAAFl/6JoSgvFAHXteEAnJLiCuXUmK4c2O?= =?us-ascii?Q?usrR7yccFdgOYwdpQXaW/HPknWFujuf1VMDeE8AaGpSqq4nztog=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1; CY1PR0301MB0715; 5:0/Z+v5g+WiosNW36kvGTpkAEqUaWfpO8WPJpTPVRLsuuMoincgM4V3bWnSoIXVt86mIB3UnZv/ZZdEgT2dz1PZYoc41uEtSCQDiuOsl0sK/592KACBHf/ltoKtL4gzZmV1rybM7TCz1kSy/jbVra/vvYuTECRUzrJP6NDcBScuc=; 24:4PNcR4y8F5jK4qSMJIqpwqn/MVoTFZwzm+I1pcYf7/UVUthnsFSpPcG9FHRV+JmCNHCe/TO6TRyc8fx2Y3pV/uqLEkRJMAVdLMcscb35mYc= SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Apr 2016 13:37:16.8068 (UTC) X-MS-Exchange-CrossTenant-Id: 5afe0b00-7697-4969-b663-5eab37d5f47e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e; Ip=[192.88.158.2]; Helo=[az84smr01.freescale.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0301MB0715 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Spam-Status: No, score=-7.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Dedicated to RSA (hardware) implementations that want to use raw integers instead of MPI keys. Signed-off-by: Tudor Ambarus --- crypto/rsa.c | 15 ---- crypto/rsa_helper.c | 182 ++++++++++++++++++++++++++++++++++++++++++ include/crypto/internal/rsa.h | 28 +++++++ 3 files changed, 210 insertions(+), 15 deletions(-) diff --git a/crypto/rsa.c b/crypto/rsa.c index 7cb0153..37ac189 100644 --- a/crypto/rsa.c +++ b/crypto/rsa.c @@ -235,21 +235,6 @@ err_free_m: return ret; } -static int rsa_check_key_length(unsigned int len) -{ - switch (len) { - case 512: - case 1024: - case 1536: - case 2048: - case 3072: - case 4096: - return 0; - } - - return -EINVAL; -} - static int rsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen) { diff --git a/crypto/rsa_helper.c b/crypto/rsa_helper.c index 0149ed3..df1f480 100644 --- a/crypto/rsa_helper.c +++ b/crypto/rsa_helper.c @@ -14,6 +14,9 @@ #include #include #include +#include +#include +#include #include #include "rsapubkey-asn1.h" #include "rsaprivkey-asn1.h" @@ -239,3 +242,182 @@ error: return ret; } EXPORT_SYMBOL_GPL(rsa_parse_mpi_priv_key); + +int rsa_check_key_length(unsigned int len) +{ + switch (len) { + case 512: + case 1024: + case 1536: + case 2048: + case 3072: + case 4096: + return 0; + } + + return -EINVAL; +} +EXPORT_SYMBOL_GPL(rsa_check_key_length); + +void raw_rsa_free_key(struct rsa_raw_key *key) +{ + kzfree(key->d); + key->d = NULL; + + kfree(key->e); + key->e = NULL; + + kfree(key->n); + key->n = NULL; + + key->n_sz = 0; + key->e_sz = 0; +} +EXPORT_SYMBOL_GPL(raw_rsa_free_key); + +void raw_rsa_free_coherent_key(struct device *dev, struct rsa_raw_key *key) +{ + if (key->d) { + memset(key->d, '\0', key->n_sz); + dma_free_coherent(dev, key->n_sz, key->d, key->dma_d); + key->d = NULL; + } + + if (key->e) { + dma_free_coherent(dev, key->n_sz, key->e, key->dma_e); + key->e = NULL; + } + + if (key->n) { + dma_free_coherent(dev, key->n_sz, key->n, key->dma_n); + key->n = NULL; + } + + key->n_sz = 0; + key->e_sz = 0; +} +EXPORT_SYMBOL_GPL(raw_rsa_free_coherent_key); + +int raw_rsa_get_n(void *context, const void *value, size_t vlen) +{ + struct rsa_raw_ctx *ctx = context; + struct rsa_raw_key *key = &ctx->key; + const char *ptr = value; + int ret = -EINVAL; + + while (!*ptr && vlen) { + ptr++; + vlen--; + } + + key->n_sz = vlen; + /* In FIPS mode only allow key size 2K & 3K */ + if (fips_enabled && (key->n_sz != 256 && key->n_sz != 384)) { + dev_err(ctx->dev, "RSA: key size not allowed in FIPS mode\n"); + goto err; + } + /* invalid key size provided */ + ret = rsa_check_key_length(key->n_sz << 3); + if (ret) + goto err; + + if (key->is_coherent) + key->n = kzalloc(key->n_sz, key->flags); + else + key->n = dma_zalloc_coherent(ctx->dev, key->n_sz, &key->dma_n, + key->flags); + + if (!key->n) { + ret = -ENOMEM; + goto err; + } + + memcpy(key->n, ptr, key->n_sz); + + return 0; +err: + key->n_sz = 0; + key->n = NULL; + return ret; +} +EXPORT_SYMBOL_GPL(raw_rsa_get_n); + +int raw_rsa_get_e(void *context, const void *value, size_t vlen) +{ + struct rsa_raw_ctx *ctx = context; + struct rsa_raw_key *key = &ctx->key; + const char *ptr = value; + size_t offset = 0; + + while (!*ptr && vlen) { + ptr++; + vlen--; + } + + key->e_sz = vlen; + + if (!key->n_sz || !vlen || vlen > key->n_sz) { + key->e = NULL; + return -EINVAL; + } + + if (key->is_coherent) { + key->e = kzalloc(key->e_sz, key->flags); + } else { + key->e = dma_zalloc_coherent(ctx->dev, key->n_sz, &key->dma_e, + key->flags); + offset = key->n_sz - vlen; + } + + if (!key->e) + return -ENOMEM; + + memcpy(key->e + offset, ptr, vlen); + + return 0; +} +EXPORT_SYMBOL_GPL(raw_rsa_get_e); + +int raw_rsa_get_d(void *context, const void *value, size_t vlen) +{ + struct rsa_raw_ctx *ctx = context; + struct rsa_raw_key *key = &ctx->key; + const char *ptr = value; + size_t offset = 0; + int ret = -EINVAL; + + while (!*ptr && vlen) { + ptr++; + vlen--; + } + + if (!key->n_sz || !vlen || vlen > key->n_sz) + goto err; + + /* In FIPS mode only allow key size 2K & 3K */ + if (fips_enabled && (vlen != 256 && vlen != 384)) { + dev_err(ctx->dev, "RSA: key size not allowed in FIPS mode\n"); + goto err; + } + + if (key->is_coherent) { + key->d = kzalloc(key->n_sz, key->flags); + } else { + key->d = dma_zalloc_coherent(ctx->dev, key->n_sz, &key->dma_d, + key->flags); + offset = key->n_sz - vlen; + } + + if (!key->d) { + ret = -ENOMEM; + goto err; + } + + memcpy(key->d + offset, ptr, vlen); + + return 0; +err: + key->d = NULL; + return ret; +} +EXPORT_SYMBOL_GPL(raw_rsa_get_d); diff --git a/include/crypto/internal/rsa.h b/include/crypto/internal/rsa.h index f8ef7b1..854b9b7 100644 --- a/include/crypto/internal/rsa.h +++ b/include/crypto/internal/rsa.h @@ -31,11 +31,30 @@ struct rsa_mpi_key { MPI d; }; +struct rsa_raw_key { + u8 *n; + u8 *e; + u8 *d; + dma_addr_t dma_n; + dma_addr_t dma_e; + dma_addr_t dma_d; + size_t n_sz; + size_t e_sz; + bool is_coherent; + gfp_t flags; +}; + struct rsa_ctx { const struct rsa_asn1_action *action; struct rsa_mpi_key key; }; +struct rsa_raw_ctx { + const struct rsa_asn1_action *action; + struct rsa_raw_key key; + struct device *dev; +}; + int rsa_get_mpi_n(void *context, const void *value, size_t vlen); int rsa_get_mpi_e(void *context, const void *value, size_t vlen); int rsa_get_mpi_d(void *context, const void *value, size_t vlen); @@ -47,5 +66,14 @@ int rsa_parse_mpi_pub_key(struct rsa_ctx *ctx, const void *key, int rsa_parse_mpi_priv_key(struct rsa_ctx *ctx, const void *key, unsigned int key_len); +int rsa_check_key_length(unsigned int len); + +void raw_rsa_free_key(struct rsa_raw_key *key); +void raw_rsa_free_coherent_key(struct device *dev, struct rsa_raw_key *key); + +int raw_rsa_get_n(void *context, const void *value, size_t vlen); +int raw_rsa_get_e(void *context, const void *value, size_t vlen); +int raw_rsa_get_d(void *context, const void *value, size_t vlen); + extern struct crypto_template rsa_pkcs1pad_tmpl; #endif