Blame - lib/crypto/rsa_helper.c - platform/external/u-boot

blob: cc0c0d6637bd3c877985baac59debf3708a154f5 [file] [log] [blame]

AKASHI Takahiro	9b933bf	2019-11-13 09:44:59 +0900	[diff] [blame]	1	// SPDX-License-Identifier: GPL-2.0-or-later
				2	/*
				3	* RSA key extract helper
				4	*
				5	* Copyright (c) 2015, Intel Corporation
				6	* Authors: Tadeusz Struk <tadeusz.struk@intel.com>
				7	*/
				8	#ifndef __UBOOT__
Simon Glass	336d461	2020-02-03 07:36:16 -0700	[diff] [blame]	9	#include <linux/compat.h>
AKASHI Takahiro	9b933bf	2019-11-13 09:44:59 +0900	[diff] [blame]	10	#include <linux/kernel.h>
				11	#include <linux/export.h>
				12	#endif
				13	#include <linux/err.h>
				14	#ifndef __UBOOT__
				15	#include <linux/fips.h>
				16	#endif
				17	#include <crypto/internal/rsa.h>
				18	#include "rsapubkey.asn1.h"
				19	#ifndef __UBOOT__
				20	#include "rsaprivkey.asn1.h"
				21	#endif
				22
				23	int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
				24	const void *value, size_t vlen)
				25	{
				26	struct rsa_key *key = context;
				27	#ifndef __UBOOT__
				28	const u8 *ptr = value;
				29	size_t n_sz = vlen;
				30	#endif
				31
				32	/* invalid key provided */
				33	if (!value \|\| !vlen)
				34	return -EINVAL;
				35
				36	#ifndef __UBOOT__
				37	if (fips_enabled) {
				38	while (n_sz && !*ptr) {
				39	ptr++;
				40	n_sz--;
				41	}
				42
				43	/* In FIPS mode only allow key size 2K and higher */
				44	if (n_sz < 256) {
				45	pr_err("RSA: key size not allowed in FIPS mode\n");
				46	return -EINVAL;
				47	}
				48	}
				49	#endif
				50
				51	key->n = value;
				52	key->n_sz = vlen;
				53
				54	return 0;
				55	}
				56
				57	int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
				58	const void *value, size_t vlen)
				59	{
				60	struct rsa_key *key = context;
				61
				62	/* invalid key provided */
				63	if (!value \|\| !key->n_sz \|\| !vlen \|\| vlen > key->n_sz)
				64	return -EINVAL;
				65
				66	key->e = value;
				67	key->e_sz = vlen;
				68
				69	return 0;
				70	}
				71
				72	int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
				73	const void *value, size_t vlen)
				74	{
				75	struct rsa_key *key = context;
				76
				77	/* invalid key provided */
				78	if (!value \|\| !key->n_sz \|\| !vlen \|\| vlen > key->n_sz)
				79	return -EINVAL;
				80
				81	key->d = value;
				82	key->d_sz = vlen;
				83
				84	return 0;
				85	}
				86
				87	int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
				88	const void *value, size_t vlen)
				89	{
				90	struct rsa_key *key = context;
				91
				92	/* invalid key provided */
				93	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				94	return -EINVAL;
				95
				96	key->p = value;
				97	key->p_sz = vlen;
				98
				99	return 0;
				100	}
				101
				102	int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
				103	const void *value, size_t vlen)
				104	{
				105	struct rsa_key *key = context;
				106
				107	/* invalid key provided */
				108	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				109	return -EINVAL;
				110
				111	key->q = value;
				112	key->q_sz = vlen;
				113
				114	return 0;
				115	}
				116
				117	int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
				118	const void *value, size_t vlen)
				119	{
				120	struct rsa_key *key = context;
				121
				122	/* invalid key provided */
				123	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				124	return -EINVAL;
				125
				126	key->dp = value;
				127	key->dp_sz = vlen;
				128
				129	return 0;
				130	}
				131
				132	int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
				133	const void *value, size_t vlen)
				134	{
				135	struct rsa_key *key = context;
				136
				137	/* invalid key provided */
				138	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				139	return -EINVAL;
				140
				141	key->dq = value;
				142	key->dq_sz = vlen;
				143
				144	return 0;
				145	}
				146
				147	int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
				148	const void *value, size_t vlen)
				149	{
				150	struct rsa_key *key = context;
				151
				152	/* invalid key provided */
				153	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				154	return -EINVAL;
				155
				156	key->qinv = value;
				157	key->qinv_sz = vlen;
				158
				159	return 0;
				160	}
				161
				162	/**
				163	* rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
				164	* provided struct rsa_key, pointers to the raw key as is,
				165	* so that the caller can copy it or MPI parse it, etc.
				166	*
				167	* @rsa_key: struct rsa_key key representation
				168	* @key: key in BER format
				169	* @key_len: length of key
				170	*
				171	* Return: 0 on success or error code in case of error
				172	*/
				173	int rsa_parse_pub_key(struct rsa_key rsa_key, const void key,
				174	unsigned int key_len)
				175	{
				176	return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
				177	}
				178	EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
				179
				180	#ifndef __UBOOT__
				181	/**
				182	* rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
				183	* provided struct rsa_key, pointers to the raw key
				184	* as is, so that the caller can copy it or MPI parse it,
				185	* etc.
				186	*
				187	* @rsa_key: struct rsa_key key representation
				188	* @key: key in BER format
				189	* @key_len: length of key
				190	*
				191	* Return: 0 on success or error code in case of error
				192	*/
				193	int rsa_parse_priv_key(struct rsa_key rsa_key, const void key,
				194	unsigned int key_len)
				195	{
				196	return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
				197	}
				198	EXPORT_SYMBOL_GPL(rsa_parse_priv_key);
				199	#endif