3 files changed, 135 insertions, 103 deletions
diff --git a/crypto/rsa.c b/crypto/rsa.c
index 77d737f52147..dc692d43b666 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -10,16 +10,23 @@
 */
 #include <linux/module.h>
+#include <linux/mpi.h>
 #include <crypto/internal/rsa.h>
 #include <crypto/internal/akcipher.h>
 #include <crypto/akcipher.h>
 #include <crypto/algapi.h>
+struct rsa_mpi_key {
+        MPI n;
+        MPI e;
+        MPI d;
+};
 /*
 * RSAEP function [RFC3447 sec 5.1.1]
 * c = m^e mod n;
 */
-static int _rsa_enc(const struct rsa_key *key, MPI c, MPI m)
+static int _rsa_enc(const struct rsa_mpi_key *key, MPI c, MPI m)
 {
        /* (1) Validate 0 <= m < n */
        if (mpi_cmp_ui(m, 0) < 0 || mpi_cmp(m, key->n) >= 0)
@@ -33,7 +40,7 @@ static int _rsa_enc(const struct rsa_key *key, MPI c, MPI m)
 * RSADP function [RFC3447 sec 5.1.2]
 * m = c^d mod n;
 */
-static int _rsa_dec(const struct rsa_key *key, MPI m, MPI c)
+static int _rsa_dec(const struct rsa_mpi_key *key, MPI m, MPI c)
 {
        /* (1) Validate 0 <= c < n */
        if (mpi_cmp_ui(c, 0) < 0 || mpi_cmp(c, key->n) >= 0)
@@ -47,7 +54,7 @@ static int _rsa_dec(const struct rsa_key *key, MPI m, MPI c)
 * RSASP1 function [RFC3447 sec 5.2.1]
 * s = m^d mod n
 */
-static int _rsa_sign(const struct rsa_key *key, MPI s, MPI m)
+static int _rsa_sign(const struct rsa_mpi_key *key, MPI s, MPI m)
 {
        /* (1) Validate 0 <= m < n */
        if (mpi_cmp_ui(m, 0) < 0 || mpi_cmp(m, key->n) >= 0)
@@ -61,7 +68,7 @@ static int _rsa_sign(const struct rsa_key *key, MPI s, MPI m)
 * RSAVP1 function [RFC3447 sec 5.2.2]
 * m = s^e mod n;
 */
-static int _rsa_verify(const struct rsa_key *key, MPI m, MPI s)
+static int _rsa_verify(const struct rsa_mpi_key *key, MPI m, MPI s)
 {
        /* (1) Validate 0 <= s < n */
        if (mpi_cmp_ui(s, 0) < 0 || mpi_cmp(s, key->n) >= 0)
@@ -71,7 +78,7 @@ static int _rsa_verify(const struct rsa_key *key, MPI m, MPI s)
        return mpi_powm(m, s, key->e, key->n);
 }
-static inline struct rsa_key *rsa_get_key(struct crypto_akcipher *tfm)
+static inline struct rsa_mpi_key *rsa_get_key(struct crypto_akcipher *tfm)
 {
        return akcipher_tfm_ctx(tfm);
 }
@@ -79,7 +86,7 @@ static inline struct rsa_key *rsa_get_key(struct crypto_akcipher *tfm)
 static int rsa_enc(struct akcipher_request *req)
 {
        struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
-        const struct rsa_key *pkey = rsa_get_key(tfm);
+        const struct rsa_mpi_key *pkey = rsa_get_key(tfm);
        MPI m, c = mpi_alloc(0);
        int ret = 0;
        int sign;
@@ -118,7 +125,7 @@ err_free_c:
 static int rsa_dec(struct akcipher_request *req)
 {
        struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
-        const struct rsa_key *pkey = rsa_get_key(tfm);
+        const struct rsa_mpi_key *pkey = rsa_get_key(tfm);
        MPI c, m = mpi_alloc(0);
        int ret = 0;
        int sign;
@@ -156,7 +163,7 @@ err_free_m:
 static int rsa_sign(struct akcipher_request *req)
 {
        struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
-        const struct rsa_key *pkey = rsa_get_key(tfm);
+        const struct rsa_mpi_key *pkey = rsa_get_key(tfm);
        MPI m, s = mpi_alloc(0);
        int ret = 0;
        int sign;
@@ -195,7 +202,7 @@ err_free_s:
 static int rsa_verify(struct akcipher_request *req)
 {
        struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
-        const struct rsa_key *pkey = rsa_get_key(tfm);
+        const struct rsa_mpi_key *pkey = rsa_get_key(tfm);
        MPI s, m = mpi_alloc(0);
        int ret = 0;
        int sign;
@@ -233,6 +240,16 @@ err_free_m:
        return ret;
 }
+static void rsa_free_mpi_key(struct rsa_mpi_key *key)
+{
+        mpi_free(key->d);
+        mpi_free(key->e);
+        mpi_free(key->n);
+        key->d = NULL;
+        key->e = NULL;
+        key->n = NULL;
+}
 static int rsa_check_key_length(unsigned int len)
 {
        switch (len) {
@@ -251,49 +268,87 @@ static int rsa_check_key_length(unsigned int len)
 static int rsa_set_pub_key(struct crypto_akcipher *tfm, const void *key,
                           unsigned int keylen)
 {
-        struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
+        struct rsa_mpi_key *mpi_key = akcipher_tfm_ctx(tfm);
+        struct rsa_key raw_key = {0};
        int ret;
-        ret = rsa_parse_pub_key(pkey, key, keylen);
+        /* Free the old MPI key if any */
+        rsa_free_mpi_key(mpi_key);
+        ret = rsa_parse_pub_key(&raw_key, key, keylen);
        if (ret)
                return ret;
-        if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) {
+        mpi_key->e = mpi_read_raw_data(raw_key.e, raw_key.e_sz);
-                rsa_free_key(pkey);
+        if (!mpi_key->e)
-                ret = -EINVAL;
+                goto err;
+        mpi_key->n = mpi_read_raw_data(raw_key.n, raw_key.n_sz);
+        if (!mpi_key->n)
+                goto err;
+        if (rsa_check_key_length(mpi_get_size(mpi_key->n) << 3)) {
+                rsa_free_mpi_key(mpi_key);
+                return -EINVAL;
        }
-        return ret;
+        return 0;
+err:
+        rsa_free_mpi_key(mpi_key);
+        return -ENOMEM;
 }
 static int rsa_set_priv_key(struct crypto_akcipher *tfm, const void *key,
                            unsigned int keylen)
 {
-        struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
+        struct rsa_mpi_key *mpi_key = akcipher_tfm_ctx(tfm);
+        struct rsa_key raw_key = {0};
        int ret;
-        ret = rsa_parse_priv_key(pkey, key, keylen);
+        /* Free the old MPI key if any */
+        rsa_free_mpi_key(mpi_key);
+        ret = rsa_parse_priv_key(&raw_key, key, keylen);
        if (ret)
                return ret;
-        if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) {
+        mpi_key->d = mpi_read_raw_data(raw_key.d, raw_key.d_sz);
-                rsa_free_key(pkey);
+        if (!mpi_key->d)
-                ret = -EINVAL;
+                goto err;
+        mpi_key->e = mpi_read_raw_data(raw_key.e, raw_key.e_sz);
+        if (!mpi_key->e)
+                goto err;
+        mpi_key->n = mpi_read_raw_data(raw_key.n, raw_key.n_sz);
+        if (!mpi_key->n)
+                goto err;
+        if (rsa_check_key_length(mpi_get_size(mpi_key->n) << 3)) {
+                rsa_free_mpi_key(mpi_key);
+                return -EINVAL;
        }
-        return ret;
+        return 0;
+err:
+        rsa_free_mpi_key(mpi_key);
+        return -ENOMEM;
 }
 static int rsa_max_size(struct crypto_akcipher *tfm)
 {
-        struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
+        struct rsa_mpi_key *pkey = akcipher_tfm_ctx(tfm);
        return pkey->n ? mpi_get_size(pkey->n) : -EINVAL;
 }
 static void rsa_exit_tfm(struct crypto_akcipher *tfm)
 {
-        struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
+        struct rsa_mpi_key *pkey = akcipher_tfm_ctx(tfm);
-        rsa_free_key(pkey);
+        rsa_free_mpi_key(pkey);
 }
 static struct akcipher_alg rsa = {
@@ -310,7 +365,7 @@ static struct akcipher_alg rsa = {
                .cra_driver_name = "rsa-generic",
                .cra_priority = 100,
                .cra_module = THIS_MODULE,
-                .cra_ctxsize = sizeof(struct rsa_key),
+                .cra_ctxsize = sizeof(struct rsa_mpi_key),
        },
 };
diff --git a/crypto/rsa_helper.c b/crypto/rsa_helper.c
index d226f48d0907..583656af4fe2 100644
--- a/crypto/rsa_helper.c
+++ b/crypto/rsa_helper.c
@@ -22,20 +22,29 @@ int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
              const void *value, size_t vlen)
 {
        struct rsa_key *key = context;
+        const u8 *ptr = value;
+        size_t n_sz = vlen;
-        key->n = mpi_read_raw_data(value, vlen);
+        /* invalid key provided */
+        if (!value || !vlen)
-        if (!key->n)
-                return -ENOMEM;
-        /* In FIPS mode only allow key size 2K & 3K */
-        if (fips_enabled && (mpi_get_size(key->n) != 256 &&
-                             mpi_get_size(key->n) != 384)) {
-                pr_err("RSA: key size not allowed in FIPS mode\n");
-                mpi_free(key->n);
-                key->n = NULL;
                return -EINVAL;
+        if (fips_enabled) {
+                while (!*ptr && n_sz) {
+                        ptr++;
+                        n_sz--;
+                }
+                /* In FIPS mode only allow key size 2K & 3K */
+                if (n_sz != 256 && n_sz != 384) {
+                        pr_err("RSA: key size not allowed in FIPS mode\n");
+                        return -EINVAL;
+                }
        }
+        key->n = value;
+        key->n_sz = vlen;
        return 0;
 }
@@ -44,10 +53,12 @@ int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
 {
        struct rsa_key *key = context;
-        key->e = mpi_read_raw_data(value, vlen);
+        /* invalid key provided */
+        if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
+                return -EINVAL;
-        if (!key->e)
+        key->e = value;
-                return -ENOMEM;
+        key->e_sz = vlen;
        return 0;
 }
@@ -57,46 +68,20 @@ int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
 {
        struct rsa_key *key = context;
-        key->d = mpi_read_raw_data(value, vlen);
+        /* invalid key provided */
+        if (!value || !key->n_sz || !vlen || vlen > key->n_sz)
-        if (!key->d)
-                return -ENOMEM;
-        /* In FIPS mode only allow key size 2K & 3K */
-        if (fips_enabled && (mpi_get_size(key->d) != 256 &&
-                             mpi_get_size(key->d) != 384)) {
-                pr_err("RSA: key size not allowed in FIPS mode\n");
-                mpi_free(key->d);
-                key->d = NULL;
                return -EINVAL;
-        }
-        return 0;
-}
-static void free_mpis(struct rsa_key *key)
+        key->d = value;
-{
+        key->d_sz = vlen;
-        mpi_free(key->n);
-        mpi_free(key->e);
-        mpi_free(key->d);
-        key->n = NULL;
-        key->e = NULL;
-        key->d = NULL;
-}
-/**
+        return 0;
- * rsa_free_key() - frees rsa key allocated by rsa_parse_key()
- *
- * @rsa_key:    struct rsa_key key representation
- */
-void rsa_free_key(struct rsa_key *key)
-{
-        free_mpis(key);
 }
-EXPORT_SYMBOL_GPL(rsa_free_key);
 /**
- * rsa_parse_pub_key() - extracts an rsa public key from BER encoded buffer
+ * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
- *                       and stores it in the provided struct rsa_key
+ *                       provided struct rsa_key, pointers to the raw key as is,
+ *                       so that the caller can copy it or MPI parse it, etc.
 *
 * @rsa_key:    struct rsa_key key representation
 * @key:        key in BER format
@@ -107,23 +92,15 @@ EXPORT_SYMBOL_GPL(rsa_free_key);
 int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
                      unsigned int key_len)
 {
-        int ret;
+        return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
-        free_mpis(rsa_key);
-        ret = asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
-        if (ret < 0)
-                goto error;
-        return 0;
-error:
-        free_mpis(rsa_key);
-        return ret;
 }
 EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
 /**
- * rsa_parse_pub_key() - extracts an rsa private key from BER encoded buffer
+ * rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
- *                       and stores it in the provided struct rsa_key
+ *                        provided struct rsa_key, pointers to the raw key
+ *                        as is, so that the caller can copy it or MPI parse it,
+ *                        etc.
 *
 * @rsa_key:    struct rsa_key key representation
 * @key:        key in BER format
@@ -134,16 +111,6 @@ EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
 int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
                       unsigned int key_len)
 {
-        int ret;
+        return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
-        free_mpis(rsa_key);
-        ret = asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
-        if (ret < 0)
-                goto error;
-        return 0;
-error:
-        free_mpis(rsa_key);
-        return ret;
 }
 EXPORT_SYMBOL_GPL(rsa_parse_priv_key);
diff --git a/include/crypto/internal/rsa.h b/include/crypto/internal/rsa.h
index c7585bdecbc2..d6c042a2ee52 100644
--- a/include/crypto/internal/rsa.h
+++ b/include/crypto/internal/rsa.h
@@ -12,12 +12,24 @@
 */
 #ifndef _RSA_HELPER_
 #define _RSA_HELPER_
-#include <linux/mpi.h>
+#include <linux/types.h>
+/**
+ * rsa_key - RSA key structure
+ * @n           : RSA modulus raw byte stream
+ * @e           : RSA public exponent raw byte stream
+ * @d           : RSA private exponent raw byte stream
+ * @n_sz        : length in bytes of RSA modulus n
+ * @e_sz        : length in bytes of RSA public exponent
+ * @d_sz        : length in bytes of RSA private exponent
+ */
 struct rsa_key {
-        MPI n;
+        const u8 *n;
-        MPI e;
+        const u8 *e;
-        MPI d;
+        const u8 *d;
+        size_t n_sz;
+        size_t e_sz;
+        size_t d_sz;
 };
 int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
@@ -26,7 +38,5 @@ int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
 int rsa_parse_priv_key(struct rsa_key *rsa_key, const void *key,
                       unsigned int key_len);
-void rsa_free_key(struct rsa_key *rsa_key);
 extern struct crypto_template rsa_pkcs1pad_tmpl;
 #endif

diff --git a/crypto/rsa.c b/crypto/rsa.c index 77d737f52147..dc692d43b666 100644 --- a/crypto/rsa.c +++ b/crypto/rsa.c
@@ -10,16 +10,23 @@
10	*/	10	*/
11		11
12	#include <linux/module.h>	12	#include <linux/module.h>
		13	#include <linux/mpi.h>
13	#include <crypto/internal/rsa.h>	14	#include <crypto/internal/rsa.h>
14	#include <crypto/internal/akcipher.h>	15	#include <crypto/internal/akcipher.h>
15	#include <crypto/akcipher.h>	16	#include <crypto/akcipher.h>
16	#include <crypto/algapi.h>	17	#include <crypto/algapi.h>
17		18
		19	struct rsa_mpi_key {
		20	MPI n;
		21	MPI e;
		22	MPI d;
		23	};
		24
18	/*	25	/*
19	* RSAEP function [RFC3447 sec 5.1.1]	26	* RSAEP function [RFC3447 sec 5.1.1]
20	* c = m^e mod n;	27	* c = m^e mod n;
21	*/	28	*/
22	static int _rsa_enc(const struct rsa_key *key, MPI c, MPI m)	29	static int _rsa_enc(const struct rsa_mpi_key *key, MPI c, MPI m)
23	{	30	{
24	/* (1) Validate 0 <= m < n */	31	/* (1) Validate 0 <= m < n */
25	if (mpi_cmp_ui(m, 0) < 0 \|\| mpi_cmp(m, key->n) >= 0)	32	if (mpi_cmp_ui(m, 0) < 0 \|\| mpi_cmp(m, key->n) >= 0)
@@ -33,7 +40,7 @@ static int _rsa_enc(const struct rsa_key *key, MPI c, MPI m)
33	* RSADP function [RFC3447 sec 5.1.2]	40	* RSADP function [RFC3447 sec 5.1.2]
34	* m = c^d mod n;	41	* m = c^d mod n;
35	*/	42	*/
36	static int _rsa_dec(const struct rsa_key *key, MPI m, MPI c)	43	static int _rsa_dec(const struct rsa_mpi_key *key, MPI m, MPI c)
37	{	44	{
38	/* (1) Validate 0 <= c < n */	45	/* (1) Validate 0 <= c < n */
39	if (mpi_cmp_ui(c, 0) < 0 \|\| mpi_cmp(c, key->n) >= 0)	46	if (mpi_cmp_ui(c, 0) < 0 \|\| mpi_cmp(c, key->n) >= 0)
@@ -47,7 +54,7 @@ static int _rsa_dec(const struct rsa_key *key, MPI m, MPI c)
47	* RSASP1 function [RFC3447 sec 5.2.1]	54	* RSASP1 function [RFC3447 sec 5.2.1]
48	* s = m^d mod n	55	* s = m^d mod n
49	*/	56	*/
50	static int _rsa_sign(const struct rsa_key *key, MPI s, MPI m)	57	static int _rsa_sign(const struct rsa_mpi_key *key, MPI s, MPI m)
51	{	58	{
52	/* (1) Validate 0 <= m < n */	59	/* (1) Validate 0 <= m < n */
53	if (mpi_cmp_ui(m, 0) < 0 \|\| mpi_cmp(m, key->n) >= 0)	60	if (mpi_cmp_ui(m, 0) < 0 \|\| mpi_cmp(m, key->n) >= 0)
@@ -61,7 +68,7 @@ static int _rsa_sign(const struct rsa_key *key, MPI s, MPI m)
61	* RSAVP1 function [RFC3447 sec 5.2.2]	68	* RSAVP1 function [RFC3447 sec 5.2.2]
62	* m = s^e mod n;	69	* m = s^e mod n;
63	*/	70	*/
64	static int _rsa_verify(const struct rsa_key *key, MPI m, MPI s)	71	static int _rsa_verify(const struct rsa_mpi_key *key, MPI m, MPI s)
65	{	72	{
66	/* (1) Validate 0 <= s < n */	73	/* (1) Validate 0 <= s < n */
67	if (mpi_cmp_ui(s, 0) < 0 \|\| mpi_cmp(s, key->n) >= 0)	74	if (mpi_cmp_ui(s, 0) < 0 \|\| mpi_cmp(s, key->n) >= 0)
@@ -71,7 +78,7 @@ static int _rsa_verify(const struct rsa_key *key, MPI m, MPI s)
71	return mpi_powm(m, s, key->e, key->n);	78	return mpi_powm(m, s, key->e, key->n);
72	}	79	}
73		80
74	static inline struct rsa_key rsa_get_key(struct crypto_akcipher tfm)	81	static inline struct rsa_mpi_key rsa_get_key(struct crypto_akcipher tfm)
75	{	82	{
76	return akcipher_tfm_ctx(tfm);	83	return akcipher_tfm_ctx(tfm);
77	}	84	}
@@ -79,7 +86,7 @@ static inline struct rsa_key rsa_get_key(struct crypto_akcipher tfm)
79	static int rsa_enc(struct akcipher_request *req)	86	static int rsa_enc(struct akcipher_request *req)
80	{	87	{
81	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);	88	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
82	const struct rsa_key *pkey = rsa_get_key(tfm);	89	const struct rsa_mpi_key *pkey = rsa_get_key(tfm);
83	MPI m, c = mpi_alloc(0);	90	MPI m, c = mpi_alloc(0);
84	int ret = 0;	91	int ret = 0;
85	int sign;	92	int sign;
@@ -118,7 +125,7 @@ err_free_c:
118	static int rsa_dec(struct akcipher_request *req)	125	static int rsa_dec(struct akcipher_request *req)
119	{	126	{
120	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);	127	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
121	const struct rsa_key *pkey = rsa_get_key(tfm);	128	const struct rsa_mpi_key *pkey = rsa_get_key(tfm);
122	MPI c, m = mpi_alloc(0);	129	MPI c, m = mpi_alloc(0);
123	int ret = 0;	130	int ret = 0;
124	int sign;	131	int sign;
@@ -156,7 +163,7 @@ err_free_m:
156	static int rsa_sign(struct akcipher_request *req)	163	static int rsa_sign(struct akcipher_request *req)
157	{	164	{
158	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);	165	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
159	const struct rsa_key *pkey = rsa_get_key(tfm);	166	const struct rsa_mpi_key *pkey = rsa_get_key(tfm);
160	MPI m, s = mpi_alloc(0);	167	MPI m, s = mpi_alloc(0);
161	int ret = 0;	168	int ret = 0;
162	int sign;	169	int sign;
@@ -195,7 +202,7 @@ err_free_s:
195	static int rsa_verify(struct akcipher_request *req)	202	static int rsa_verify(struct akcipher_request *req)
196	{	203	{
197	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);	204	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
198	const struct rsa_key *pkey = rsa_get_key(tfm);	205	const struct rsa_mpi_key *pkey = rsa_get_key(tfm);
199	MPI s, m = mpi_alloc(0);	206	MPI s, m = mpi_alloc(0);
200	int ret = 0;	207	int ret = 0;
201	int sign;	208	int sign;
@@ -233,6 +240,16 @@ err_free_m:
233	return ret;	240	return ret;
234	}	241	}
235		242
		243	static void rsa_free_mpi_key(struct rsa_mpi_key *key)
		244	{
		245	mpi_free(key->d);
		246	mpi_free(key->e);
		247	mpi_free(key->n);
		248	key->d = NULL;
		249	key->e = NULL;
		250	key->n = NULL;
		251	}
		252
236	static int rsa_check_key_length(unsigned int len)	253	static int rsa_check_key_length(unsigned int len)
237	{	254	{
238	switch (len) {	255	switch (len) {
@@ -251,49 +268,87 @@ static int rsa_check_key_length(unsigned int len)
251	static int rsa_set_pub_key(struct crypto_akcipher tfm, const void key,	268	static int rsa_set_pub_key(struct crypto_akcipher tfm, const void key,
252	unsigned int keylen)	269	unsigned int keylen)
253	{	270	{
254	struct rsa_key *pkey = akcipher_tfm_ctx(tfm);	271	struct rsa_mpi_key *mpi_key = akcipher_tfm_ctx(tfm);
		272	struct rsa_key raw_key = {0};
255	int ret;	273	int ret;
256		274
257	ret = rsa_parse_pub_key(pkey, key, keylen);	275	/* Free the old MPI key if any */
		276	rsa_free_mpi_key(mpi_key);
		277
		278	ret = rsa_parse_pub_key(&raw_key, key, keylen);
258	if (ret)	279	if (ret)
259	return ret;	280	return ret;
260		281
261	if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) {	282	mpi_key->e = mpi_read_raw_data(raw_key.e, raw_key.e_sz);
262	rsa_free_key(pkey);	283	if (!mpi_key->e)
263	ret = -EINVAL;	284	goto err;
		285
		286	mpi_key->n = mpi_read_raw_data(raw_key.n, raw_key.n_sz);
		287	if (!mpi_key->n)
		288	goto err;
		289
		290	if (rsa_check_key_length(mpi_get_size(mpi_key->n) << 3)) {
		291	rsa_free_mpi_key(mpi_key);
		292	return -EINVAL;
264	}	293	}
265	return ret;	294
		295	return 0;
		296
		297	err:
		298	rsa_free_mpi_key(mpi_key);
		299	return -ENOMEM;
266	}	300	}
267		301
268	static int rsa_set_priv_key(struct crypto_akcipher tfm, const void key,	302	static int rsa_set_priv_key(struct crypto_akcipher tfm, const void key,
269	unsigned int keylen)	303	unsigned int keylen)
270	{	304	{
271	struct rsa_key *pkey = akcipher_tfm_ctx(tfm);	305	struct rsa_mpi_key *mpi_key = akcipher_tfm_ctx(tfm);
		306	struct rsa_key raw_key = {0};
272	int ret;	307	int ret;
273		308
274	ret = rsa_parse_priv_key(pkey, key, keylen);	309	/* Free the old MPI key if any */
		310	rsa_free_mpi_key(mpi_key);
		311
		312	ret = rsa_parse_priv_key(&raw_key, key, keylen);
275	if (ret)	313	if (ret)
276	return ret;	314	return ret;
277		315
278	if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) {	316	mpi_key->d = mpi_read_raw_data(raw_key.d, raw_key.d_sz);
279	rsa_free_key(pkey);	317	if (!mpi_key->d)
280	ret = -EINVAL;	318	goto err;
		319
		320	mpi_key->e = mpi_read_raw_data(raw_key.e, raw_key.e_sz);
		321	if (!mpi_key->e)
		322	goto err;
		323
		324	mpi_key->n = mpi_read_raw_data(raw_key.n, raw_key.n_sz);
		325	if (!mpi_key->n)
		326	goto err;
		327
		328	if (rsa_check_key_length(mpi_get_size(mpi_key->n) << 3)) {
		329	rsa_free_mpi_key(mpi_key);
		330	return -EINVAL;
281	}	331	}
282	return ret;	332
		333	return 0;
		334
		335	err:
		336	rsa_free_mpi_key(mpi_key);
		337	return -ENOMEM;
283	}	338	}
284		339
285	static int rsa_max_size(struct crypto_akcipher *tfm)	340	static int rsa_max_size(struct crypto_akcipher *tfm)
286	{	341	{
287	struct rsa_key *pkey = akcipher_tfm_ctx(tfm);	342	struct rsa_mpi_key *pkey = akcipher_tfm_ctx(tfm);
288		343
289	return pkey->n ? mpi_get_size(pkey->n) : -EINVAL;	344	return pkey->n ? mpi_get_size(pkey->n) : -EINVAL;
290	}	345	}
291		346
292	static void rsa_exit_tfm(struct crypto_akcipher *tfm)	347	static void rsa_exit_tfm(struct crypto_akcipher *tfm)
293	{	348	{
294	struct rsa_key *pkey = akcipher_tfm_ctx(tfm);	349	struct rsa_mpi_key *pkey = akcipher_tfm_ctx(tfm);
295		350
296	rsa_free_key(pkey);	351	rsa_free_mpi_key(pkey);
297	}	352	}
298		353
299	static struct akcipher_alg rsa = {	354	static struct akcipher_alg rsa = {
@@ -310,7 +365,7 @@ static struct akcipher_alg rsa = {
310	.cra_driver_name = "rsa-generic",	365	.cra_driver_name = "rsa-generic",
311	.cra_priority = 100,	366	.cra_priority = 100,
312	.cra_module = THIS_MODULE,	367	.cra_module = THIS_MODULE,
313	.cra_ctxsize = sizeof(struct rsa_key),	368	.cra_ctxsize = sizeof(struct rsa_mpi_key),
314	},	369	},
315	};	370	};
316		371


diff --git a/crypto/rsa_helper.c b/crypto/rsa_helper.c index d226f48d0907..583656af4fe2 100644 --- a/crypto/rsa_helper.c +++ b/crypto/rsa_helper.c
@@ -22,20 +22,29 @@ int rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
22	const void *value, size_t vlen)	22	const void *value, size_t vlen)
23	{	23	{
24	struct rsa_key *key = context;	24	struct rsa_key *key = context;
		25	const u8 *ptr = value;
		26	size_t n_sz = vlen;
25		27
26	key->n = mpi_read_raw_data(value, vlen);	28	/* invalid key provided */
27		29	if (!value \|\| !vlen)
28	if (!key->n)
29	return -ENOMEM;
30
31	/* In FIPS mode only allow key size 2K & 3K */
32	if (fips_enabled && (mpi_get_size(key->n) != 256 &&
33	mpi_get_size(key->n) != 384)) {
34	pr_err("RSA: key size not allowed in FIPS mode\n");
35	mpi_free(key->n);
36	key->n = NULL;
37	return -EINVAL;	30	return -EINVAL;
		31
		32	if (fips_enabled) {
		33	while (!*ptr && n_sz) {
		34	ptr++;
		35	n_sz--;
		36	}
		37
		38	/* In FIPS mode only allow key size 2K & 3K */
		39	if (n_sz != 256 && n_sz != 384) {
		40	pr_err("RSA: key size not allowed in FIPS mode\n");
		41	return -EINVAL;
		42	}
38	}	43	}
		44
		45	key->n = value;
		46	key->n_sz = vlen;
		47
39	return 0;	48	return 0;
40	}	49	}
41		50
@@ -44,10 +53,12 @@ int rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
44	{	53	{
45	struct rsa_key *key = context;	54	struct rsa_key *key = context;
46		55
47	key->e = mpi_read_raw_data(value, vlen);	56	/* invalid key provided */
		57	if (!value \|\| !key->n_sz \|\| !vlen \|\| vlen > key->n_sz)
		58	return -EINVAL;
48		59
49	if (!key->e)	60	key->e = value;
50	return -ENOMEM;	61	key->e_sz = vlen;
51		62
52	return 0;	63	return 0;
53	}	64	}
@@ -57,46 +68,20 @@ int rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
57	{	68	{
58	struct rsa_key *key = context;	69	struct rsa_key *key = context;
59		70
60	key->d = mpi_read_raw_data(value, vlen);	71	/* invalid key provided */
61		72	if (!value \|\| !key->n_sz \|\| !vlen \|\| vlen > key->n_sz)
62	if (!key->d)
63	return -ENOMEM;
64
65	/* In FIPS mode only allow key size 2K & 3K */
66	if (fips_enabled && (mpi_get_size(key->d) != 256 &&
67	mpi_get_size(key->d) != 384)) {
68	pr_err("RSA: key size not allowed in FIPS mode\n");
69	mpi_free(key->d);
70	key->d = NULL;
71	return -EINVAL;	73	return -EINVAL;
72	}
73	return 0;
74	}
75		74
76	static void free_mpis(struct rsa_key *key)	75	key->d = value;
77	{	76	key->d_sz = vlen;
78	mpi_free(key->n);
79	mpi_free(key->e);
80	mpi_free(key->d);
81	key->n = NULL;
82	key->e = NULL;
83	key->d = NULL;
84	}
85		77
86	/**	78	return 0;
87	* rsa_free_key() - frees rsa key allocated by rsa_parse_key()
88	*
89	* @rsa_key: struct rsa_key key representation
90	*/
91	void rsa_free_key(struct rsa_key *key)
92	{
93	free_mpis(key);
94	}	79	}
95	EXPORT_SYMBOL_GPL(rsa_free_key);
96		80
97	/**	81	/**
98	* rsa_parse_pub_key() - extracts an rsa public key from BER encoded buffer	82	* rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
99	* and stores it in the provided struct rsa_key	83	* provided struct rsa_key, pointers to the raw key as is,
		84	* so that the caller can copy it or MPI parse it, etc.
100	*	85	*
101	* @rsa_key: struct rsa_key key representation	86	* @rsa_key: struct rsa_key key representation
102	* @key: key in BER format	87	* @key: key in BER format
@@ -107,23 +92,15 @@ EXPORT_SYMBOL_GPL(rsa_free_key);
107	int rsa_parse_pub_key(struct rsa_key rsa_key, const void key,	92	int rsa_parse_pub_key(struct rsa_key rsa_key, const void key,
108	unsigned int key_len)	93	unsigned int key_len)
109	{	94	{
110	int ret;	95	return asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
111
112	free_mpis(rsa_key);
113	ret = asn1_ber_decoder(&rsapubkey_decoder, rsa_key, key, key_len);
114	if (ret < 0)
115	goto error;
116
117	return 0;
118	error:
119	free_mpis(rsa_key);
120	return ret;
121	}	96	}
122	EXPORT_SYMBOL_GPL(rsa_parse_pub_key);	97	EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
123		98
124	/**	99	/**
125	* rsa_parse_pub_key() - extracts an rsa private key from BER encoded buffer	100	* rsa_parse_priv_key() - decodes the BER encoded buffer and stores in the
126	* and stores it in the provided struct rsa_key	101	* provided struct rsa_key, pointers to the raw key
		102	* as is, so that the caller can copy it or MPI parse it,
		103	* etc.
127	*	104	*
128	* @rsa_key: struct rsa_key key representation	105	* @rsa_key: struct rsa_key key representation
129	* @key: key in BER format	106	* @key: key in BER format
@@ -134,16 +111,6 @@ EXPORT_SYMBOL_GPL(rsa_parse_pub_key);
134	int rsa_parse_priv_key(struct rsa_key rsa_key, const void key,	111	int rsa_parse_priv_key(struct rsa_key rsa_key, const void key,
135	unsigned int key_len)	112	unsigned int key_len)
136	{	113	{
137	int ret;	114	return asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
138
139	free_mpis(rsa_key);
140	ret = asn1_ber_decoder(&rsaprivkey_decoder, rsa_key, key, key_len);
141	if (ret < 0)
142	goto error;
143
144	return 0;
145	error:
146	free_mpis(rsa_key);
147	return ret;
148	}	115	}
149	EXPORT_SYMBOL_GPL(rsa_parse_priv_key);	116	EXPORT_SYMBOL_GPL(rsa_parse_priv_key);


diff --git a/include/crypto/internal/rsa.h b/include/crypto/internal/rsa.h index c7585bdecbc2..d6c042a2ee52 100644 --- a/include/crypto/internal/rsa.h +++ b/include/crypto/internal/rsa.h
@@ -12,12 +12,24 @@
12	*/	12	*/
13	#ifndef _RSA_HELPER_	13	#ifndef _RSA_HELPER_
14	#define _RSA_HELPER_	14	#define _RSA_HELPER_
15	#include <linux/mpi.h>	15	#include <linux/types.h>
16		16
		17	/**
		18	* rsa_key - RSA key structure
		19	* @n : RSA modulus raw byte stream
		20	* @e : RSA public exponent raw byte stream
		21	* @d : RSA private exponent raw byte stream
		22	* @n_sz : length in bytes of RSA modulus n
		23	* @e_sz : length in bytes of RSA public exponent
		24	* @d_sz : length in bytes of RSA private exponent
		25	*/
17	struct rsa_key {	26	struct rsa_key {
18	MPI n;	27	const u8 *n;
19	MPI e;	28	const u8 *e;
20	MPI d;	29	const u8 *d;
		30	size_t n_sz;
		31	size_t e_sz;
		32	size_t d_sz;
21	};	33	};
22		34
23	int rsa_parse_pub_key(struct rsa_key rsa_key, const void key,	35	int rsa_parse_pub_key(struct rsa_key rsa_key, const void key,
@@ -26,7 +38,5 @@ int rsa_parse_pub_key(struct rsa_key rsa_key, const void key,
26	int rsa_parse_priv_key(struct rsa_key rsa_key, const void key,	38	int rsa_parse_priv_key(struct rsa_key rsa_key, const void key,
27	unsigned int key_len);	39	unsigned int key_len);
28		40
29	void rsa_free_key(struct rsa_key *rsa_key);
30
31	extern struct crypto_template rsa_pkcs1pad_tmpl;	41	extern struct crypto_template rsa_pkcs1pad_tmpl;
32	#endif	42	#endif