Loading...
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 | /* * RSA key extract helper * * Copyright (c) 2015, Intel Corporation * Authors: Tadeusz Struk <tadeusz.struk@intel.com> * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the Free * Software Foundation; either version 2 of the License, or (at your option) * any later version. * */ #include <linux/kernel.h> #include <linux/export.h> #include <linux/err.h> #include <linux/fips.h> #include <crypto/internal/rsa.h> #include "rsapubkey-asn1.h" #include "rsaprivkey-asn1.h" int rsa_get_n(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { struct rsa_key *key = context; key->n = mpi_read_raw_data(value, vlen); if (!key->n) return -ENOMEM; /* In FIPS mode only allow key size 2K & 3K */ if (fips_enabled && (mpi_get_size(key->n) != 256 && mpi_get_size(key->n) != 384)) { pr_err("RSA: key size not allowed in FIPS mode\n"); mpi_free(key->n); key->n = NULL; return -EINVAL; } return 0; } int rsa_get_e(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { struct rsa_key *key = context; key->e = mpi_read_raw_data(value, vlen); if (!key->e) return -ENOMEM; return 0; } int rsa_get_d(void *context, size_t hdrlen, unsigned char tag, const void *value, size_t vlen) { struct rsa_key *key = context; key->d = mpi_read_raw_data(value, vlen); if (!key->d) return -ENOMEM; /* In FIPS mode only allow key size 2K & 3K */ if (fips_enabled && (mpi_get_size(key->d) != 256 && mpi_get_size(key->d) != 384)) { pr_err("RSA: key size not allowed in FIPS mode\n"); mpi_free(key->d); key->d = NULL; return -EINVAL; } return 0; } static void free_mpis(struct rsa_key *key) { mpi_free(key->n); mpi_free(key->e); mpi_free(key->d); key->n = NULL; key->e = NULL; key->d = NULL; } /** * rsa_free_key() - frees rsa key allocated by rsa_parse_key() * * @rsa_key: struct rsa_key key representation */ void rsa_free_key(struct rsa_key *key) { free_mpis(key); } EXPORT_SYMBOL_GPL(rsa_free_key); /** * rsa_parse_pub_key() - extracts an rsa public key from BER encoded buffer * and stores it in the provided struct rsa_key * * @rsa_key: struct rsa_key key representation * @key: key in BER format * @key_len: length of key * * Return: 0 on success or error code in case of error */ int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key, unsigned int key_len) { int ret; free_mpis(rsa_key); ret = asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len); if (ret < 0) goto error; return 0; error: free_mpis(rsa_key); return ret; } EXPORT_SYMBOL_GPL(rsa_parse_pub_key); /** * rsa_parse_pub_key() - extracts an rsa private key from BER encoded buffer * and stores it in the provided struct rsa_key * * @rsa_key: struct rsa_key key representation * @key: key in BER format * @key_len: length of key * * Return: 0 on success or error code in case of error */ int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key, unsigned int key_len) { int ret; free_mpis(rsa_key); ret = asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len); if (ret < 0) goto error; return 0; error: free_mpis(rsa_key); return ret; } EXPORT_SYMBOL_GPL(rsa_parse_priv_key); |