From patchwork Mon Jun 13 14:12:53 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tudor Ambarus X-Patchwork-Id: 9173209 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 41E8E6044F for ; Mon, 13 Jun 2016 14:27:45 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 339B3265B9 for ; Mon, 13 Jun 2016 14:27:45 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 2838127AC2; Mon, 13 Jun 2016 14:27:45 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CE896265B9 for ; Mon, 13 Jun 2016 14:27:43 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1423855AbcFMO1m (ORCPT ); Mon, 13 Jun 2016 10:27:42 -0400 Received: from mail-by2on0053.outbound.protection.outlook.com ([207.46.100.53]:35632 "EHLO na01-by2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1423735AbcFMO1k (ORCPT ); Mon, 13 Jun 2016 10:27:40 -0400 Received: from BY2PR03CA006.namprd03.prod.outlook.com (10.255.93.23) by SN1PR0301MB1631.namprd03.prod.outlook.com (10.162.130.29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.511.8; Mon, 13 Jun 2016 14:12:58 +0000 Received: from BY2FFO11FD050.protection.gbl (10.255.93.4) by BY2PR03CA006.outlook.office365.com (10.255.93.23) with Microsoft SMTP Server (TLS) id 15.1.492.11 via Frontend Transport; Mon, 13 Jun 2016 14:12:58 +0000 Authentication-Results: spf=fail (sender IP is 192.88.158.2) smtp.mailfrom=nxp.com; nxp.com; dkim=none (message not signed) header.d=none; nxp.com; dmarc=none action=none header.from=nxp.com; nxp.com; dkim=none (message not signed) header.d=none; Received-SPF: Fail (protection.outlook.com: domain of nxp.com does not designate 192.88.158.2 as permitted sender) receiver=protection.outlook.com; client-ip=192.88.158.2; helo=az84smr01.freescale.net; Received: from az84smr01.freescale.net (192.88.158.2) by BY2FFO11FD050.mail.protection.outlook.com (10.1.15.187) with Microsoft SMTP Server (TLS) id 15.1.511.7 via Frontend Transport; Mon, 13 Jun 2016 14:12:58 +0000 Received: from enigma.ea.freescale.net (enigma.ea.freescale.net [10.171.77.120]) by az84smr01.freescale.net (8.14.3/8.14.0) with ESMTP id u5DECtXv007121; Mon, 13 Jun 2016 07:12:56 -0700 From: Tudor Ambarus To: , CC: , Tudor Ambarus Subject: [PATCH v4] crypto: rsa - return raw integers for the ASN.1 parser Date: Mon, 13 Jun 2016 17:12:53 +0300 Message-ID: <1465827173-16916-1-git-send-email-tudor-dan.ambarus@nxp.com> X-Mailer: git-send-email 1.8.3.1 X-EOPAttributedMessage: 0 X-Matching-Connectors: 131103007784673313; (91ab9b29-cfa4-454e-5278-08d120cd25b8); () X-Forefront-Antispam-Report: CIP:192.88.158.2; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10009020)(6009001)(7916002)(2980300002)(1109001)(1110001)(339900001)(189002)(199003)(104016004)(33646002)(87936001)(5008740100001)(8936002)(6806005)(69596002)(77096005)(19580395003)(19580405001)(11100500001)(86362001)(229853001)(50226002)(85426001)(5003940100001)(105606002)(106466001)(47776003)(8676002)(8666004)(4326007)(48376002)(81156014)(81166006)(92566002)(36756003)(586003)(68736007)(2906002)(97736004)(356003)(189998001)(5001770100001)(50986999)(50466002)(7059030)(4720700001); DIR:OUT; SFP:1101; SCL:1; SRVR:SN1PR0301MB1631; H:az84smr01.freescale.net; FPR:; SPF:Fail; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; BY2FFO11FD050; 1:sq2XxPW5nyW2lw7EztB+KpuGl+dqZ+u/ZqKTazrts4195KdNjl4tnDBfyxGoHPWFpZEhm85QjbL/LRWlRJQIt+hyfTgAhlpKDR4O5JCroKxZpSLlv0jTaVV1USCeDSxMP2Jaa7M142+/DhUetW9CGzPssOkwVYfDVuaIW9cvn/Hr6zPtIRgQ99pH6H/dhDGtYQXvcLIt4lwF78gKKn3q+gZLTSzVt54PXaljYrNOlLtyWH+W4BCAk/vER6tEu7eh75B3g+jc2mgLdSlc7AegAL8dXwR/DKKE93Nz8S03XSRMbi5G2+HDM3Z+X5APF38yrA0JHm3xVwbrqpF9eR+EEZXQ3WV+SNuJ97MO47qi5VsIFaYYm5zsXNgvzjGlDDv9vhU6Dov+xkc91ZEzyH90+3twhwprPrJADrAHpEF61CRZjDXjawda3GJUt4oTOgPamPimzE2VCiJE76fi1YayothMvthFhqcTrZQK/DReHhBgRZYx+2Brq0Ex9zKFIPGfAseHhnekg4ImjHgu9bDsKy2nSyen4AswdUBM6mTQDylnGN63DccGZO/dq3tTlkKavjwzr+w5YhF26kxymrAzkmQuf5RbY0Cx97l4/5GZgQWVy12QTV0VX6NLAi1ar9rLmlbW/Koh7em797kGxm9TyOq/rf3tohmyMSpB+HEk+lf12sowX3Au4iQsyDr1O31Q MIME-Version: 1.0 X-MS-Office365-Filtering-Correlation-Id: 3e153139-1d95-404f-3ec2-08d39394d272 X-Microsoft-Exchange-Diagnostics: 1; SN1PR0301MB1631; 2:OTQxXhEJ9PHDgXW621AF1lVSi6sK8yvO17XwMSl7gl1DpRp+yk+QPv0Q+9vkczXReqnRi0QcdP6OG9dsHlDhTgFda6Eb5NTyOgrESGlHLWnlw3Z1dK6MJk4evqVFnCv+bhySBgsyR7VnnjJXeGbjzIMUY+i+idic5hsBkFCASgLzwzU418UstMNb5u3t8Gg4; 3:UBUqO3fksbjKnTi6I4sv+zlWTMBMIdqI6hstqHaMp1G25tUeSyYd+jc6AD6C7/mU2nqdq4XP9PzZ3LN7r/OQw+NqtTJqQBZxnmiEIDSF/VBG6O1YRSvC1BV3b0/DrIs8JVyli6wWhMXO41p19EzI6s0sEviSeVCwhToKRaSLLMzcawNQj3SNpDez0rS6ci3fjiGJGTsOCawknd5+G5iuHBp661b//S3Dv4kXkSdEIRE=; 25:j72mRPow+E/q5prCvycQhYZHWRgkkCjQYXta69ib3zx/CLeHsTSK7IXGknA3IuREkkZ5mUmqeB1JUM9/PViRb7SNwx1XctrB/l/OGKEjMIrZ2RQBjLW4iqWPhDIipyZjzYOJrayIUhAswx9lV5oX+0ZHeB3VbWehxf7zF+YGMfvdYqVO0xLqZFQZZaUQcwhMD8W9astLbe/Wu+5mFN7dayOpSwZRFptrzGvZFb6GYQXKrA74iH/UxhC+XIwDdLcMFTIMIj6/PL1AQU5kukPvRcCde8W0HKCE0t2qX/2I+2mV5QY4xcPpst6JOHGaVHkJD/yGh5yenQDgh5FcJKlZhkMpIXJzUE6+tahSyMH/0lJRUGdJYIaKAQb93fiRRclE2+WsxNPwaHhcjCEQ5fqCLQ3+wHcUfSsTsCQarRUIW3I= X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:SN1PR0301MB1631; X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(185117386973197); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(601004)(2401047)(13018025)(13023025)(13017025)(13015025)(13024025)(5005006)(8121501046)(10201501046)(3002001)(6055026); SRVR:SN1PR0301MB1631; BCL:0; PCL:0; RULEID:(400006); SRVR:SN1PR0301MB1631; X-Microsoft-Exchange-Diagnostics: 1; SN1PR0301MB1631; 4:NIrJFuKbiuHZT0Wfqft/SRlS0eMtQI4YMIsG5yw1QrFl+H9mVJxuUSfy9iHVoEl4eLZ8hApRGX6qAEl7+CRt/ppE8b2a/Q2L+2yGS6u1qgKIkl8ujucJsfGgNXf6SNmXA6qwUuhjl1elBl7+n71gfYHWyv7R//aDPQuQQji15l777l7COJDBqyjXFk15SnvF4vVcsFbDzw4/zCO9rWWPZ9L9+GnGygeel1LGZDmoN6kUc0QHaQ4bu8AMHGP8ZLhFEprSLNVJlrzDKKoC909U/WKFgBABAy/I7lvEhAjsnyWmFetPQ8x1Y7PIEPD4lfVUstht9cLAvNb9XekkdSXnhjAw0l6RWwKmUjmY7jC4D8NfAw88oxqLQsxjn8CwVSzI84pTelmShCHKtCZlHkWjJXU5+YG44B4S7o8QU5dHjLD+HDZFtsrso0hADZB+wgS5gIocQIqQWuMx/mXbms/S4Sfd+qC90vXn/zgftnXE3/wC2ItqhSE/h3nIgN2NX4n7k3JEUveulfchu57ElcSjPA== X-Forefront-PRVS: 0972DEC1D9 X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; SN1PR0301MB1631; 23:C/fqpe8LSMHRVrxD2oTaUqqAgZky50pSQzg8opg?= =?us-ascii?Q?RVoyS2i4hkmsv6mhLcPH+1hqdMCLNpfK1GtdV4PwScuhyTuxHwYjZn9KY6nr?= =?us-ascii?Q?xSh6bR3+dFoOjeCtxTkVdEX68L03WEfwr9z6BfWbE3jXNE+BvJPqi7h5uEiD?= =?us-ascii?Q?CMWQL876kAgUDYpuIg86DcrEzrzSmj4VTkzyf90hPxArOuisLPB+/PuZLSoL?= =?us-ascii?Q?IsnvZeZqN2nvtMHZAH3htFgUgpy9lugHvTp6Iu4jhHn6yB0bGNGs7o9iUaa+?= =?us-ascii?Q?3IrWRelOfvwzVY+SJ6FtmYgDflU7xCRKMZuC+DkIzML1RusKNaw5EmJG4JIz?= =?us-ascii?Q?fWloWQvFT6y/QCgpYbUTNuI3oPav0Kd9CliurbQ+07x5RIQHJuIFZX3dIVse?= =?us-ascii?Q?71xd5nMinp5jD5hhDPePCrhXfzmzhv0/B87pcOrMX1NPRp3dCkcnR1xJ8JHe?= =?us-ascii?Q?e9ei5vbO4Tms5C+SsBQBdRKwffuzQnuGI7OiwMicZAXQ2UFO4Lk7f6rfSpiQ?= =?us-ascii?Q?8KQTbR5za3KejPOOgAbTCdG7YafYEqPhUcPZxQv0Cu/mwnc2201rSrLnk+w6?= =?us-ascii?Q?NXSsVDV6ZZvGUBLKf84C1nsXhpWsCohrCvgcnJ/qW604bGmFbqR1+cEvpLH9?= =?us-ascii?Q?hpdCYToFNBZycr44lYHY6NAMd4ErFqIKZWQ67xCemsvh1RfVzQjPoLai2DBM?= =?us-ascii?Q?FzUTtr/29TDbnEIo1EyekFwUxbQ9nhVQwsMkNqmVTAMh8uxNm4CX3STgKADQ?= =?us-ascii?Q?HmOKZK4I6eWYG9oW5FFiuhvvAg3ACQQ+RgX7KuKqCGgg40GNwOnx0I2vQXb1?= =?us-ascii?Q?89CmiM/EEfZ1YdpsOR4ifGFLjsgWBw1MLWAxqL0YlYdfhv5SJfuKsXWf29ix?= =?us-ascii?Q?04mbIfgr+JSOWAwx7gTVH63mO0Nt/2yb+lKCdkJtB3B/qZPWQ9zye0op7Frb?= =?us-ascii?Q?WNnqvbCBRE/x8dY3EeZiUW+gPOv3BN7aMDJSm9/5Ilfds2whNflnumpNKOhz?= =?us-ascii?Q?DSnyq5f4ry12SVvkYjpUOLGr9eUEm6vCuth5Tezzup47HOmzI1G3Kxy6yiZ4?= =?us-ascii?Q?nDnfZpaX1NortiRJzq6WNtEoJiOC36eh4S9wvl9YtQIcfblUjSXL0f6h4Njt?= =?us-ascii?Q?Hp12FKGpFdVDcGmdoHz+M9scW1+rhFrpoFrdDOtY2ey3HlyyeBjgH9w=3D?= =?us-ascii?Q?=3D?= X-Microsoft-Exchange-Diagnostics: 1; SN1PR0301MB1631; 5:VztLN8oXek49QqZ20IXtsR9kk1IFy9RMeRigFCytrA918HhSzblb3X2cp7ha+UtltKGrUN2gVwIumkZWFBTthZ+P3gHlo+Yz9Sn7Kzj3jimF9D/4hFox6B9I6lkZiLRewJ4OAZjjZXZURR0NXihyqj3q8d5J1OzCs4WhmAdKlmg=; 24:hjhuIc3JLlJiconRtDCr4epbeAeb5ykYmx5ADj1dXazZLfhaK/NJs/08ljuHlkJYq8g6YBKUVCA9CXyUffeXphtdBY9yF7zt/EMAlNgvOio=; 7:isfbtvbW3SYgbj05JYLnKuN5rVejfU/OBmlYY7WeTcSzmW4hKJOQmK5yCaOUwnuzw3c+zwcEzDPZ1GlwJy03+tmJUC72N1jXykzy7lDwr2cWv7a+rQexGXG1H+gMEfW31r5z6AYh1A3e9CIFzIBGkJlBbvORS/H7wlD8aveZy8tP5zaSDyyE56gcJjvEllF+VClm4sCBEAl/o+yCAUIy2g== SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Jun 2016 14:12:58.3269 (UTC) X-MS-Exchange-CrossTenant-Id: 5afe0b00-7697-4969-b663-5eab37d5f47e X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=5afe0b00-7697-4969-b663-5eab37d5f47e; Ip=[192.88.158.2]; Helo=[az84smr01.freescale.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR0301MB1631 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Return the raw key with no other processing so that the caller can copy it or MPI parse it, etc. The scope is to have only one ANS.1 parser for all RSA implementations. Update the RSA software implementation so that it does the MPI conversion on top. Signed-off-by: Tudor Ambarus --- Changes in v4: 1. Remove the skipping of leading zeros from rsa_get_n/e/d helper functions. 2. Remove FIPS RSA key length checking for the RSA private exponent. FIPS check is done only for the RSA modulus. crypto/rsa.c | 120 ++++++++++++++++++++++++++++++++---------- crypto/rsa_helper.c | 111 ++++++++++++++------------------------ include/crypto/internal/rsa.h | 22 +++++--- 3 files changed, 148 insertions(+), 105 deletions(-) diff --git a/crypto/rsa.c b/crypto/rsa.c index 77d737f..bb31c5b 100644 --- a/crypto/rsa.c +++ b/crypto/rsa.c @@ -10,16 +10,28 @@ */ #include +#include #include #include #include #include +struct rsa_mpi_key { + MPI n; + MPI e; + MPI d; +}; + +struct rsa_ctx { + struct rsa_key key; + struct rsa_mpi_key mpi_key; +}; + /* * RSAEP function [RFC3447 sec 5.1.1] * c = m^e mod n; */ -static int _rsa_enc(const struct rsa_key *key, MPI c, MPI m) +static int _rsa_enc(const struct rsa_mpi_key *key, MPI c, MPI m) { /* (1) Validate 0 <= m < n */ if (mpi_cmp_ui(m, 0) < 0 || mpi_cmp(m, key->n) >= 0) @@ -33,7 +45,7 @@ static int _rsa_enc(const struct rsa_key *key, MPI c, MPI m) * RSADP function [RFC3447 sec 5.1.2] * m = c^d mod n; */ -static int _rsa_dec(const struct rsa_key *key, MPI m, MPI c) +static int _rsa_dec(const struct rsa_mpi_key *key, MPI m, MPI c) { /* (1) Validate 0 <= c < n */ if (mpi_cmp_ui(c, 0) < 0 || mpi_cmp(c, key->n) >= 0) @@ -47,7 +59,7 @@ static int _rsa_dec(const struct rsa_key *key, MPI m, MPI c) * RSASP1 function [RFC3447 sec 5.2.1] * s = m^d mod n */ -static int _rsa_sign(const struct rsa_key *key, MPI s, MPI m) +static int _rsa_sign(const struct rsa_mpi_key *key, MPI s, MPI m) { /* (1) Validate 0 <= m < n */ if (mpi_cmp_ui(m, 0) < 0 || mpi_cmp(m, key->n) >= 0) @@ -61,7 +73,7 @@ static int _rsa_sign(const struct rsa_key *key, MPI s, MPI m) * RSAVP1 function [RFC3447 sec 5.2.2] * m = s^e mod n; */ -static int _rsa_verify(const struct rsa_key *key, MPI m, MPI s) +static int _rsa_verify(const struct rsa_mpi_key *key, MPI m, MPI s) { /* (1) Validate 0 <= s < n */ if (mpi_cmp_ui(s, 0) < 0 || mpi_cmp(s, key->n) >= 0) @@ -71,15 +83,17 @@ static int _rsa_verify(const struct rsa_key *key, MPI m, MPI s) return mpi_powm(m, s, key->e, key->n); } -static inline struct rsa_key *rsa_get_key(struct crypto_akcipher *tfm) +static inline struct rsa_mpi_key *rsa_get_key(struct crypto_akcipher *tfm) { - return akcipher_tfm_ctx(tfm); + struct rsa_ctx *ctx = akcipher_tfm_ctx(tfm); + + return &ctx->mpi_key; } static int rsa_enc(struct akcipher_request *req) { struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); - const struct rsa_key *pkey = rsa_get_key(tfm); + const struct rsa_mpi_key *pkey = rsa_get_key(tfm); MPI m, c = mpi_alloc(0); int ret = 0; int sign; @@ -118,7 +132,7 @@ err_free_c: static int rsa_dec(struct akcipher_request *req) { struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); - const struct rsa_key *pkey = rsa_get_key(tfm); + const struct rsa_mpi_key *pkey = rsa_get_key(tfm); MPI c, m = mpi_alloc(0); int ret = 0; int sign; @@ -156,7 +170,7 @@ err_free_m: static int rsa_sign(struct akcipher_request *req) { struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); - const struct rsa_key *pkey = rsa_get_key(tfm); + const struct rsa_mpi_key *pkey = rsa_get_key(tfm); MPI m, s = mpi_alloc(0); int ret = 0; int sign; @@ -195,7 +209,7 @@ err_free_s: static int rsa_verify(struct akcipher_request *req) { struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); - const struct rsa_key *pkey = rsa_get_key(tfm); + const struct rsa_mpi_key *pkey = rsa_get_key(tfm); MPI s, m = mpi_alloc(0); int ret = 0; int sign; @@ -233,6 +247,16 @@ err_free_m: return ret; } +static void rsa_free_mpi_key(struct rsa_mpi_key *key) +{ + mpi_free(key->d); + mpi_free(key->e); + mpi_free(key->n); + key->d = NULL; + key->e = NULL; + key->n = NULL; +} + static int rsa_check_key_length(unsigned int len) { switch (len) { @@ -251,49 +275,91 @@ static int rsa_check_key_length(unsigned int len) static int rsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen) { - struct rsa_key *pkey = akcipher_tfm_ctx(tfm); + struct rsa_ctx *ctx = akcipher_tfm_ctx(tfm); + struct rsa_key *raw_key = &ctx->key; + struct rsa_mpi_key *mpi_key = &ctx->mpi_key; int ret; - ret = rsa_parse_pub_key(pkey, key, keylen); + /* Free the old MPI key if any */ + rsa_free_mpi_key(mpi_key); + + ret = rsa_parse_pub_key(raw_key, key, keylen); if (ret) return ret; - if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) { - rsa_free_key(pkey); - ret = -EINVAL; + mpi_key->e = mpi_read_raw_data(raw_key->e, raw_key->e_sz); + if (!mpi_key->e) + goto err; + + mpi_key->n = mpi_read_raw_data(raw_key->n, raw_key->n_sz); + if (!mpi_key->n) + goto err; + + if (rsa_check_key_length(mpi_get_size(mpi_key->n) << 3)) { + rsa_free_mpi_key(mpi_key); + return -EINVAL; } - return ret; + + return 0; + +err: + rsa_free_mpi_key(mpi_key); + return -ENOMEM; } static int rsa_set_priv_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen) { - struct rsa_key *pkey = akcipher_tfm_ctx(tfm); + struct rsa_ctx *ctx = akcipher_tfm_ctx(tfm); + struct rsa_key *raw_key = &ctx->key; + struct rsa_mpi_key *mpi_key = &ctx->mpi_key; int ret; - ret = rsa_parse_priv_key(pkey, key, keylen); + /* Free the old MPI key if any */ + rsa_free_mpi_key(mpi_key); + + ret = rsa_parse_priv_key(raw_key, key, keylen); if (ret) return ret; - if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) { - rsa_free_key(pkey); - ret = -EINVAL; + mpi_key->d = mpi_read_raw_data(raw_key->d, raw_key->d_sz); + if (!mpi_key->d) + goto err; + + mpi_key->e = mpi_read_raw_data(raw_key->e, raw_key->e_sz); + if (!mpi_key->e) + goto err; + + mpi_key->n = mpi_read_raw_data(raw_key->n, raw_key->n_sz); + if (!mpi_key->n) + goto err; + + if (rsa_check_key_length(mpi_get_size(mpi_key->n) << 3)) { + rsa_free_mpi_key(mpi_key); + return -EINVAL; } - return ret; + + return 0; + +err: + rsa_free_mpi_key(mpi_key); + return -ENOMEM; } static int rsa_max_size(struct crypto_akcipher *tfm) { - struct rsa_key *pkey = akcipher_tfm_ctx(tfm); + struct rsa_ctx *ctx = akcipher_tfm_ctx(tfm); + struct rsa_mpi_key *mpi_key = &ctx->mpi_key; - return pkey->n ? mpi_get_size(pkey->n) : -EINVAL; + return mpi_key->n ? mpi_get_size(mpi_key->n) : -EINVAL; } static void rsa_exit_tfm(struct crypto_akcipher *tfm) { - struct rsa_key *pkey = akcipher_tfm_ctx(tfm); + struct rsa_ctx *ctx = akcipher_tfm_ctx(tfm); + struct rsa_mpi_key *mpi_key = &ctx->mpi_key; - rsa_free_key(pkey); + rsa_free_mpi_key(mpi_key); } static struct akcipher_alg rsa = { @@ -310,7 +376,7 @@ static struct akcipher_alg rsa = { .cra_driver_name = "rsa-generic", .cra_priority = 100, .cra_module = THIS_MODULE, - .cra_ctxsize = sizeof(struct rsa_key), + .cra_ctxsize = sizeof(struct rsa_ctx), }, }; diff --git a/crypto/rsa_helper.c b/crypto/rsa_helper.c index d226f48..583656a 100644 --- a/crypto/rsa_helper.c +++ b/crypto/rsa_helper.c @@ -22,20 +22,29 @@ int rsa_get_n(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { struct rsa_key *key = context; + const u8 *ptr = value; + size_t n_sz = vlen; - key->n = mpi_read_raw_data(value, vlen); - - if (!key->n) - return -ENOMEM; - - /* In FIPS mode only allow key size 2K & 3K */ - if (fips_enabled && (mpi_get_size(key->n) != 256 && - mpi_get_size(key->n) != 384)) { - pr_err("RSA: key size not allowed in FIPS mode\n"); - mpi_free(key->n); - key->n = NULL; + /* invalid key provided */ + if (!value || !vlen) return -EINVAL; + + if (fips_enabled) { + while (!*ptr && n_sz) { + ptr++; + n_sz--; + } + + /* In FIPS mode only allow key size 2K & 3K */ + if (n_sz != 256 && n_sz != 384) { + pr_err("RSA: key size not allowed in FIPS mode\n"); + return -EINVAL; + } } + + key->n = value; + key->n_sz = vlen; + return 0; } @@ -44,10 +53,12 @@ int rsa_get_e(void *context, size_t hdrlen, unsigned char tag, { struct rsa_key *key = context; - key->e = mpi_read_raw_data(value, vlen); + /* invalid key provided */ + if (!value || !key->n_sz || !vlen || vlen > key->n_sz) + return -EINVAL; - if (!key->e) - return -ENOMEM; + key->e = value; + key->e_sz = vlen; return 0; } @@ -57,46 +68,20 @@ int rsa_get_d(void *context, size_t hdrlen, unsigned char tag, { struct rsa_key *key = context; - key->d = mpi_read_raw_data(value, vlen); - - if (!key->d) - return -ENOMEM; - - /* In FIPS mode only allow key size 2K & 3K */ - if (fips_enabled && (mpi_get_size(key->d) != 256 && - mpi_get_size(key->d) != 384)) { - pr_err("RSA: key size not allowed in FIPS mode\n"); - mpi_free(key->d); - key->d = NULL; + /* invalid key provided */ + if (!value || !key->n_sz || !vlen || vlen > key->n_sz) return -EINVAL; - } - return 0; -} -static void free_mpis(struct rsa_key *key) -{ - mpi_free(key->n); - mpi_free(key->e); - mpi_free(key->d); - key->n = NULL; - key->e = NULL; - key->d = NULL; -} + key->d = value; + key->d_sz = vlen; -/** - * rsa_free_key() - frees rsa key allocated by rsa_parse_key() - * - * @rsa_key: struct rsa_key key representation - */ -void rsa_free_key(struct rsa_key *key) -{ - free_mpis(key); + return 0; } -EXPORT_SYMBOL_GPL(rsa_free_key); /** - * rsa_parse_pub_key() - extracts an rsa public key from BER encoded buffer - * and stores it in the provided struct rsa_key + * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the + * provided struct rsa_key, pointers to the raw key as is, + * so that the caller can copy it or MPI parse it, etc. * * @rsa_key: struct rsa_key key representation * @key: key in BER format @@ -107,23 +92,15 @@ EXPORT_SYMBOL_GPL(rsa_free_key); int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key, unsigned int key_len) { - int ret; - - free_mpis(rsa_key); - ret = asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len); - if (ret < 0) - goto error; - - return 0; -error: - free_mpis(rsa_key); - return ret; + return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len); } EXPORT_SYMBOL_GPL(rsa_parse_pub_key); /** - * rsa_parse_pub_key() - extracts an rsa private key from BER encoded buffer - * and stores it in the provided struct rsa_key + * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the + * provided struct rsa_key, pointers to the raw key + * as is, so that the caller can copy it or MPI parse it, + * etc. * * @rsa_key: struct rsa_key key representation * @key: key in BER format @@ -134,16 +111,6 @@ EXPORT_SYMBOL_GPL(rsa_parse_pub_key); int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key, unsigned int key_len) { - int ret; - - free_mpis(rsa_key); - ret = asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len); - if (ret < 0) - goto error; - - return 0; -error: - free_mpis(rsa_key); - return ret; + return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len); } EXPORT_SYMBOL_GPL(rsa_parse_priv_key); diff --git a/include/crypto/internal/rsa.h b/include/crypto/internal/rsa.h index c7585bd..d6c042a 100644 --- a/include/crypto/internal/rsa.h +++ b/include/crypto/internal/rsa.h @@ -12,12 +12,24 @@ */ #ifndef _RSA_HELPER_ #define _RSA_HELPER_ -#include +#include +/** + * rsa_key - RSA key structure + * @n : RSA modulus raw byte stream + * @e : RSA public exponent raw byte stream + * @d : RSA private exponent raw byte stream + * @n_sz : length in bytes of RSA modulus n + * @e_sz : length in bytes of RSA public exponent + * @d_sz : length in bytes of RSA private exponent + */ struct rsa_key { - MPI n; - MPI e; - MPI d; + const u8 *n; + const u8 *e; + const u8 *d; + size_t n_sz; + size_t e_sz; + size_t d_sz; }; int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key, @@ -26,7 +38,5 @@ int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key, int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key, unsigned int key_len); -void rsa_free_key(struct rsa_key *rsa_key); - extern struct crypto_template rsa_pkcs1pad_tmpl; #endif