1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * RSA key extract helper 4 * 5 * Copyright (c) 2015, Intel Corporation 6 * Authors: Tadeusz Struk <tadeusz.struk@intel.com> 7 */ 8#include <linux/kernel.h> 9#include <linux/export.h> 10#include <linux/err.h> 11#include <linux/fips.h> 12#include <crypto/internal/rsa.h> 13#include "rsapubkey.asn1.h" 14#include "rsaprivkey.asn1.h" 15 16int rsa_get_n(void *context, size_t hdrlen, unsigned char tag, 17 const void *value, size_t vlen) 18{ 19 struct rsa_key *key = context; 20 const u8 *ptr = value; 21 size_t n_sz = vlen; 22 23 /* invalid key provided */ 24 if (!value || !vlen) 25 return -EINVAL; 26 27 if (fips_enabled) { 28 while (n_sz && !*ptr) { 29 ptr++; 30 n_sz--; 31 } 32 33 /* In FIPS mode only allow key size 2K and higher */ 34 if (n_sz < 256) { 35 pr_err("RSA: key size not allowed in FIPS mode\n"); 36 return -EINVAL; 37 } 38 } 39 40 key->n = value; 41 key->n_sz = vlen; 42 43 return 0; 44} 45 46int rsa_get_e(void *context, size_t hdrlen, unsigned char tag, 47 const void *value, size_t vlen) 48{ 49 struct rsa_key *key = context; 50 51 /* invalid key provided */ 52 if (!value || !key->n_sz || !vlen || vlen > key->n_sz) 53 return -EINVAL; 54 55 key->e = value; 56 key->e_sz = vlen; 57 58 return 0; 59} 60 61int rsa_get_d(void *context, size_t hdrlen, unsigned char tag, 62 const void *value, size_t vlen) 63{ 64 struct rsa_key *key = context; 65 66 /* invalid key provided */ 67 if (!value || !key->n_sz || !vlen || vlen > key->n_sz) 68 return -EINVAL; 69 70 key->d = value; 71 key->d_sz = vlen; 72 73 return 0; 74} 75 76int rsa_get_p(void *context, size_t hdrlen, unsigned char tag, 77 const void *value, size_t vlen) 78{ 79 struct rsa_key *key = context; 80 81 /* invalid key provided */ 82 if (!value || !vlen || vlen > key->n_sz) 83 return -EINVAL; 84 85 key->p = value; 86 key->p_sz = vlen; 87 88 return 0; 89} 90 91int rsa_get_q(void *context, size_t hdrlen, unsigned char tag, 92 const void *value, size_t vlen) 93{ 94 struct rsa_key *key = context; 95 96 /* invalid key provided */ 97 if (!value || !vlen || vlen > key->n_sz) 98 return -EINVAL; 99 100 key->q = value; 101 key->q_sz = vlen; 102 103 return 0; 104} 105 106int rsa_get_dp(void *context, size_t hdrlen, unsigned char tag, 107 const void *value, size_t vlen) 108{ 109 struct rsa_key *key = context; 110 111 /* invalid key provided */ 112 if (!value || !vlen || vlen > key->n_sz) 113 return -EINVAL; 114 115 key->dp = value; 116 key->dp_sz = vlen; 117 118 return 0; 119} 120 121int rsa_get_dq(void *context, size_t hdrlen, unsigned char tag, 122 const void *value, size_t vlen) 123{ 124 struct rsa_key *key = context; 125 126 /* invalid key provided */ 127 if (!value || !vlen || vlen > key->n_sz) 128 return -EINVAL; 129 130 key->dq = value; 131 key->dq_sz = vlen; 132 133 return 0; 134} 135 136int rsa_get_qinv(void *context, size_t hdrlen, unsigned char tag, 137 const void *value, size_t vlen) 138{ 139 struct rsa_key *key = context; 140 141 /* invalid key provided */ 142 if (!value || !vlen || vlen > key->n_sz) 143 return -EINVAL; 144 145 key->qinv = value; 146 key->qinv_sz = vlen; 147 148 return 0; 149} 150 151/** 152 * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the 153 * provided struct rsa_key, pointers to the raw key as is, 154 * so that the caller can copy it or MPI parse it, etc. 155 * 156 * @rsa_key: struct rsa_key key representation 157 * @key: key in BER format 158 * @key_len: length of key 159 * 160 * Return: 0 on success or error code in case of error 161 */ 162int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key, 163 unsigned int key_len) 164{ 165 return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len); 166} 167EXPORT_SYMBOL_GPL(rsa_parse_pub_key); 168 169/** 170 * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the 171 * provided struct rsa_key, pointers to the raw key 172 * as is, so that the caller can copy it or MPI parse it, 173 * etc. 174 * 175 * @rsa_key: struct rsa_key key representation 176 * @key: key in BER format 177 * @key_len: length of key 178 * 179 * Return: 0 on success or error code in case of error 180 */ 181int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key, 182 unsigned int key_len) 183{ 184 return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len); 185} 186EXPORT_SYMBOL_GPL(rsa_parse_priv_key); 187