search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
base: Export platform_msi_domain_[alloc,free]_irqs
[linux/fpc-iii.git] / crypto / rsa.c
blob1093e041db03b98549a0e7abcd6557683068ba11
1 /* RSA asymmetric public-key algorithm [RFC3447]
2 *
3 * Copyright (c) 2015, Intel Corporation
4 * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public Licence
8 * as published by the Free Software Foundation; either version
9 * 2 of the Licence, or (at your option) any later version.
10 */
11
12 #include <linux/module.h>
13 #include <crypto/internal/rsa.h>
14 #include <crypto/internal/akcipher.h>
15 #include <crypto/akcipher.h>
16
17 /*
18 * RSAEP function [RFC3447 sec 5.1.1]
19 * c = m^e mod n;
20 */
21 static int _rsa_enc(const struct rsa_key *key, MPI c, MPI m)
22 {
23 /* (1) Validate 0 <= m < n */
24 if (mpi_cmp_ui(m, 0) < 0 || mpi_cmp(m, key->n) >= 0)
25 return -EINVAL;
26
27 /* (2) c = m^e mod n */
28 return mpi_powm(c, m, key->e, key->n);
29 }
30
31 /*
32 * RSADP function [RFC3447 sec 5.1.2]
33 * m = c^d mod n;
34 */
35 static int _rsa_dec(const struct rsa_key *key, MPI m, MPI c)
36 {
37 /* (1) Validate 0 <= c < n */
38 if (mpi_cmp_ui(c, 0) < 0 || mpi_cmp(c, key->n) >= 0)
39 return -EINVAL;
40
41 /* (2) m = c^d mod n */
42 return mpi_powm(m, c, key->d, key->n);
43 }
44
45 /*
46 * RSASP1 function [RFC3447 sec 5.2.1]
47 * s = m^d mod n
48 */
49 static int _rsa_sign(const struct rsa_key *key, MPI s, MPI m)
50 {
51 /* (1) Validate 0 <= m < n */
52 if (mpi_cmp_ui(m, 0) < 0 || mpi_cmp(m, key->n) >= 0)
53 return -EINVAL;
54
55 /* (2) s = m^d mod n */
56 return mpi_powm(s, m, key->d, key->n);
57 }
58
59 /*
60 * RSAVP1 function [RFC3447 sec 5.2.2]
61 * m = s^e mod n;
62 */
63 static int _rsa_verify(const struct rsa_key *key, MPI m, MPI s)
64 {
65 /* (1) Validate 0 <= s < n */
66 if (mpi_cmp_ui(s, 0) < 0 || mpi_cmp(s, key->n) >= 0)
67 return -EINVAL;
68
69 /* (2) m = s^e mod n */
70 return mpi_powm(m, s, key->e, key->n);
71 }
72
73 static inline struct rsa_key *rsa_get_key(struct crypto_akcipher *tfm)
74 {
75 return akcipher_tfm_ctx(tfm);
76 }
77
78 static int rsa_enc(struct akcipher_request *req)
79 {
80 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
81 const struct rsa_key *pkey = rsa_get_key(tfm);
82 MPI m, c = mpi_alloc(0);
83 int ret = 0;
84 int sign;
85
86 if (!c)
87 return -ENOMEM;
88
89 if (unlikely(!pkey->n || !pkey->e)) {
90 ret = -EINVAL;
91 goto err_free_c;
92 }
93
94 if (req->dst_len < mpi_get_size(pkey->n)) {
95 req->dst_len = mpi_get_size(pkey->n);
96 ret = -EOVERFLOW;
97 goto err_free_c;
98 }
99
100 ret = -ENOMEM;
101 m = mpi_read_raw_from_sgl(req->src, req->src_len);
102 if (!m)
103 goto err_free_c;
104
105 ret = _rsa_enc(pkey, c, m);
106 if (ret)
107 goto err_free_m;
108
109 ret = mpi_write_to_sgl(c, req->dst, &req->dst_len, &sign);
110 if (ret)
111 goto err_free_m;
112
113 if (sign < 0)
114 ret = -EBADMSG;
115
116 err_free_m:
117 mpi_free(m);
118 err_free_c:
119 mpi_free(c);
120 return ret;
121 }
122
123 static int rsa_dec(struct akcipher_request *req)
124 {
125 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
126 const struct rsa_key *pkey = rsa_get_key(tfm);
127 MPI c, m = mpi_alloc(0);
128 int ret = 0;
129 int sign;
130
131 if (!m)
132 return -ENOMEM;
133
134 if (unlikely(!pkey->n || !pkey->d)) {
135 ret = -EINVAL;
136 goto err_free_m;
137 }
138
139 if (req->dst_len < mpi_get_size(pkey->n)) {
140 req->dst_len = mpi_get_size(pkey->n);
141 ret = -EOVERFLOW;
142 goto err_free_m;
143 }
144
145 ret = -ENOMEM;
146 c = mpi_read_raw_from_sgl(req->src, req->src_len);
147 if (!c)
148 goto err_free_m;
149
150 ret = _rsa_dec(pkey, m, c);
151 if (ret)
152 goto err_free_c;
153
154 ret = mpi_write_to_sgl(m, req->dst, &req->dst_len, &sign);
155 if (ret)
156 goto err_free_c;
157
158 if (sign < 0)
159 ret = -EBADMSG;
160 err_free_c:
161 mpi_free(c);
162 err_free_m:
163 mpi_free(m);
164 return ret;
165 }
166
167 static int rsa_sign(struct akcipher_request *req)
168 {
169 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
170 const struct rsa_key *pkey = rsa_get_key(tfm);
171 MPI m, s = mpi_alloc(0);
172 int ret = 0;
173 int sign;
174
175 if (!s)
176 return -ENOMEM;
177
178 if (unlikely(!pkey->n || !pkey->d)) {
179 ret = -EINVAL;
180 goto err_free_s;
181 }
182
183 if (req->dst_len < mpi_get_size(pkey->n)) {
184 req->dst_len = mpi_get_size(pkey->n);
185 ret = -EOVERFLOW;
186 goto err_free_s;
187 }
188
189 ret = -ENOMEM;
190 m = mpi_read_raw_from_sgl(req->src, req->src_len);
191 if (!m)
192 goto err_free_s;
193
194 ret = _rsa_sign(pkey, s, m);
195 if (ret)
196 goto err_free_m;
197
198 ret = mpi_write_to_sgl(s, req->dst, &req->dst_len, &sign);
199 if (ret)
200 goto err_free_m;
201
202 if (sign < 0)
203 ret = -EBADMSG;
204
205 err_free_m:
206 mpi_free(m);
207 err_free_s:
208 mpi_free(s);
209 return ret;
210 }
211
212 static int rsa_verify(struct akcipher_request *req)
213 {
214 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
215 const struct rsa_key *pkey = rsa_get_key(tfm);
216 MPI s, m = mpi_alloc(0);
217 int ret = 0;
218 int sign;
219
220 if (!m)
221 return -ENOMEM;
222
223 if (unlikely(!pkey->n || !pkey->e)) {
224 ret = -EINVAL;
225 goto err_free_m;
226 }
227
228 if (req->dst_len < mpi_get_size(pkey->n)) {
229 req->dst_len = mpi_get_size(pkey->n);
230 ret = -EOVERFLOW;
231 goto err_free_m;
232 }
233
234 ret = -ENOMEM;
235 s = mpi_read_raw_from_sgl(req->src, req->src_len);
236 if (!s) {
237 ret = -ENOMEM;
238 goto err_free_m;
239 }
240
241 ret = _rsa_verify(pkey, m, s);
242 if (ret)
243 goto err_free_s;
244
245 ret = mpi_write_to_sgl(m, req->dst, &req->dst_len, &sign);
246 if (ret)
247 goto err_free_s;
248
249 if (sign < 0)
250 ret = -EBADMSG;
251
252 err_free_s:
253 mpi_free(s);
254 err_free_m:
255 mpi_free(m);
256 return ret;
257 }
258
259 static int rsa_check_key_length(unsigned int len)
260 {
261 switch (len) {
262 case 512:
263 case 1024:
264 case 1536:
265 case 2048:
266 case 3072:
267 case 4096:
268 return 0;
269 }
270
271 return -EINVAL;
272 }
273
274 static int rsa_set_pub_key(struct crypto_akcipher *tfm, const void *key,
275 unsigned int keylen)
276 {
277 struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
278 int ret;
279
280 ret = rsa_parse_pub_key(pkey, key, keylen);
281 if (ret)
282 return ret;
283
284 if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) {
285 rsa_free_key(pkey);
286 ret = -EINVAL;
287 }
288 return ret;
289 }
290
291 static int rsa_set_priv_key(struct crypto_akcipher *tfm, const void *key,
292 unsigned int keylen)
293 {
294 struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
295 int ret;
296
297 ret = rsa_parse_priv_key(pkey, key, keylen);
298 if (ret)
299 return ret;
300
301 if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) {
302 rsa_free_key(pkey);
303 ret = -EINVAL;
304 }
305 return ret;
306 }
307
308 static int rsa_max_size(struct crypto_akcipher *tfm)
309 {
310 struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
311
312 return pkey->n ? mpi_get_size(pkey->n) : -EINVAL;
313 }
314
315 static void rsa_exit_tfm(struct crypto_akcipher *tfm)
316 {
317 struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
318
319 rsa_free_key(pkey);
320 }
321
322 static struct akcipher_alg rsa = {
323 .encrypt = rsa_enc,
324 .decrypt = rsa_dec,
325 .sign = rsa_sign,
326 .verify = rsa_verify,
327 .set_priv_key = rsa_set_priv_key,
328 .set_pub_key = rsa_set_pub_key,
329 .max_size = rsa_max_size,
330 .exit = rsa_exit_tfm,
331 .base = {
332 .cra_name = "rsa",
333 .cra_driver_name = "rsa-generic",
334 .cra_priority = 100,
335 .cra_module = THIS_MODULE,
336 .cra_ctxsize = sizeof(struct rsa_key),
337 },
338 };
339
340 static int rsa_init(void)
341 {
342 return crypto_register_akcipher(&rsa);
343 }
344
345 static void rsa_exit(void)
346 {
347 crypto_unregister_akcipher(&rsa);
348 }
349
350 module_init(rsa_init);
351 module_exit(rsa_exit);
352 MODULE_ALIAS_CRYPTO("rsa");
353 MODULE_LICENSE("GPL");
354 MODULE_DESCRIPTION("RSA generic algorithm");
Linux with added FPC-III support