Blame - lib/crypto/rsa_helper.c - platform/external/u-boot

blob: c941d40fd7a8272f35560b149f99db676d7beea3 [file] [log] [blame]

AKASHI Takahiro	9b933bf	2019-11-13 09:44:59 +0900	[diff] [blame]	1	// SPDX-License-Identifier: GPL-2.0-or-later
				2	/*
				3	* RSA key extract helper
				4	*
				5	* Copyright (c) 2015, Intel Corporation
				6	* Authors: Tadeusz Struk <tadeusz.struk@intel.com>
				7	*/
				8	#ifndef __UBOOT__
Simon Glass	336d461	2020-02-03 07:36:16 -0700	[diff] [blame]	9	#include <linux/compat.h>
AKASHI Takahiro	9b933bf	2019-11-13 09:44:59 +0900	[diff] [blame]	10	#include <linux/kernel.h>
				11	#include <linux/export.h>
				12	#endif
				13	#include <linux/err.h>
				14	#ifndef __UBOOT__
				15	#include <linux/fips.h>
				16	#endif
				17	#include <crypto/internal/rsa.h>
Simon Glass	1e94b46	2023-09-14 18:21:46 -0600	[diff] [blame]	18	#include <linux/printk.h>
AKASHI Takahiro	9b933bf	2019-11-13 09:44:59 +0900	[diff] [blame]	19	#include "rsapubkey.asn1.h"
				20	#ifndef __UBOOT__
				21	#include "rsaprivkey.asn1.h"
				22	#endif
				23
				24	int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
				25	const void *value, size_t vlen)
				26	{
				27	struct rsa_key *key = context;
				28	#ifndef __UBOOT__
				29	const u8 *ptr = value;
				30	size_t n_sz = vlen;
				31	#endif
				32
				33	/* invalid key provided */
				34	if (!value \|\| !vlen)
				35	return -EINVAL;
				36
				37	#ifndef __UBOOT__
				38	if (fips_enabled) {
				39	while (n_sz && !*ptr) {
				40	ptr++;
				41	n_sz--;
				42	}
				43
				44	/* In FIPS mode only allow key size 2K and higher */
				45	if (n_sz < 256) {
				46	pr_err("RSA: key size not allowed in FIPS mode\n");
				47	return -EINVAL;
				48	}
				49	}
				50	#endif
				51
				52	key->n = value;
				53	key->n_sz = vlen;
				54
				55	return 0;
				56	}
				57
				58	int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
				59	const void *value, size_t vlen)
				60	{
				61	struct rsa_key *key = context;
				62
				63	/* invalid key provided */
				64	if (!value \|\| !key->n_sz \|\| !vlen \|\| vlen > key->n_sz)
				65	return -EINVAL;
				66
				67	key->e = value;
				68	key->e_sz = vlen;
				69
				70	return 0;
				71	}
				72
				73	int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
				74	const void *value, size_t vlen)
				75	{
				76	struct rsa_key *key = context;
				77
				78	/* invalid key provided */
				79	if (!value \|\| !key->n_sz \|\| !vlen \|\| vlen > key->n_sz)
				80	return -EINVAL;
				81
				82	key->d = value;
				83	key->d_sz = vlen;
				84
				85	return 0;
				86	}
				87
				88	int rsa_get_p(void *context, size_t hdrlen, unsigned char tag,
				89	const void *value, size_t vlen)
				90	{
				91	struct rsa_key *key = context;
				92
				93	/* invalid key provided */
				94	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				95	return -EINVAL;
				96
				97	key->p = value;
				98	key->p_sz = vlen;
				99
				100	return 0;
				101	}
				102
				103	int rsa_get_q(void *context, size_t hdrlen, unsigned char tag,
				104	const void *value, size_t vlen)
				105	{
				106	struct rsa_key *key = context;
				107
				108	/* invalid key provided */
				109	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				110	return -EINVAL;
				111
				112	key->q = value;
				113	key->q_sz = vlen;
				114
				115	return 0;
				116	}
				117
				118	int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag,
				119	const void *value, size_t vlen)
				120	{
				121	struct rsa_key *key = context;
				122
				123	/* invalid key provided */
				124	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				125	return -EINVAL;
				126
				127	key->dp = value;
				128	key->dp_sz = vlen;
				129
				130	return 0;
				131	}
				132
				133	int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag,
				134	const void *value, size_t vlen)
				135	{
				136	struct rsa_key *key = context;
				137
				138	/* invalid key provided */
				139	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				140	return -EINVAL;
				141
				142	key->dq = value;
				143	key->dq_sz = vlen;
				144
				145	return 0;
				146	}
				147
				148	int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag,
				149	const void *value, size_t vlen)
				150	{
				151	struct rsa_key *key = context;
				152
				153	/* invalid key provided */
				154	if (!value \|\| !vlen \|\| vlen > key->n_sz)
				155	return -EINVAL;
				156
				157	key->qinv = value;
				158	key->qinv_sz = vlen;
				159
				160	return 0;
				161	}
				162
				163	/**
				164	* rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
				165	* provided struct rsa_key, pointers to the raw key as is,
				166	* so that the caller can copy it or MPI parse it, etc.
				167	*
				168	* @rsa_key: struct rsa_key key representation
				169	* @key: key in BER format
				170	* @key_len: length of key
				171	*
				172	* Return: 0 on success or error code in case of error
				173	*/
				174	int rsa_parse_pub_key(struct rsa_key rsa_key, const void key,
				175	unsigned int key_len)
				176	{
				177	return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
				178	}
				179	EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
				180
				181	#ifndef __UBOOT__
				182	/**
				183	* rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
				184	* provided struct rsa_key, pointers to the raw key
				185	* as is, so that the caller can copy it or MPI parse it,
				186	* etc.
				187	*
				188	* @rsa_key: struct rsa_key key representation
				189	* @key: key in BER format
				190	* @key_len: length of key
				191	*
				192	* Return: 0 on success or error code in case of error
				193	*/
				194	int rsa_parse_priv_key(struct rsa_key rsa_key, const void key,
				195	unsigned int key_len)
				196	{
				197	return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
				198	}
				199	EXPORT_SYMBOL_GPL(rsa_parse_priv_key);
				200	#endif