crypto: qat - Switch to new rsa_helper functions

Drop all asn1 related code and use the new rsa_helper functions rsa_parse_[pub|priv]_key for parsing the key Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: Salvatore Benedetto <salvatore.benedetto@intel.com> 2016-07-04 05:49:28 -0400
committer: Herbert Xu <herbert@gondor.apana.org.au> 2016-07-05 11:05:21 -0400
commit: 6889621fd2317f52fd2c5ef1178128156f39fa94 (patch)
tree: 966cfcdc941ca48ae34bd742f6f0e98bcaab8248 /drivers/crypto
parent: 6dd7a82cc54ebd2936763befd3dcd4beb727a704 (diff)
5 files changed, 21 insertions, 55 deletions
diff --git a/drivers/crypto/qat/Kconfig b/drivers/crypto/qat/Kconfig
index 85b44e577684..571d04dda415 100644
--- a/drivers/crypto/qat/Kconfig
+++ b/drivers/crypto/qat/Kconfig
@@ -5,11 +5,11 @@ config CRYPTO_DEV_QAT
        select CRYPTO_BLKCIPHER
        select CRYPTO_AKCIPHER
        select CRYPTO_HMAC
+        select CRYPTO_RSA
        select CRYPTO_SHA1
        select CRYPTO_SHA256
        select CRYPTO_SHA512
        select FW_LOADER
-        select ASN1
 config CRYPTO_DEV_QAT_DH895xCC
        tristate "Support for Intel(R) DH895xCC"
diff --git a/drivers/crypto/qat/qat_common/Makefile b/drivers/crypto/qat/qat_common/Makefile
index 6d74b91f2152..92fb6ffdc062 100644
--- a/drivers/crypto/qat/qat_common/Makefile
+++ b/drivers/crypto/qat/qat_common/Makefile
@@ -1,11 +1,3 @@
-$(obj)/qat_rsapubkey-asn1.o: $(obj)/qat_rsapubkey-asn1.c \
-                             $(obj)/qat_rsapubkey-asn1.h
-$(obj)/qat_rsaprivkey-asn1.o: $(obj)/qat_rsaprivkey-asn1.c \
-                              $(obj)/qat_rsaprivkey-asn1.h
-clean-files += qat_rsapubkey-asn1.c qat_rsapubkey-asn1.h
-clean-files += qat_rsaprivkey-asn1.c qat_rsaprivkey-asn1.h
 obj-$(CONFIG_CRYPTO_DEV_QAT) += intel_qat.o
 intel_qat-objs := adf_cfg.o \
        adf_isr.o \
@@ -19,8 +11,6 @@ intel_qat-objs := adf_cfg.o \
        adf_hw_arbiter.o \
        qat_crypto.o \
        qat_algs.o \
-        qat_rsapubkey-asn1.o \
-        qat_rsaprivkey-asn1.o \
        qat_asym_algs.o \
        qat_uclo.o \
        qat_hal.o
diff --git a/drivers/crypto/qat/qat_common/qat_asym_algs.c b/drivers/crypto/qat/qat_common/qat_asym_algs.c
index 05f49d4f94b2..04b0ef8cfaa1 100644
--- a/drivers/crypto/qat/qat_common/qat_asym_algs.c
+++ b/drivers/crypto/qat/qat_common/qat_asym_algs.c
@@ -52,8 +52,6 @@
 #include <linux/dma-mapping.h>
 #include <linux/fips.h>
 #include <crypto/scatterwalk.h>
-#include "qat_rsapubkey-asn1.h"
-#include "qat_rsaprivkey-asn1.h"
 #include "icp_qat_fw_pke.h"
 #include "adf_accel_devices.h"
 #include "adf_transport.h"
@@ -502,10 +500,8 @@ unmap_src:
        return ret;
 }
-int qat_rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
+int qat_rsa_set_n(struct qat_rsa_ctx *ctx, const char *value, size_t vlen)
-                  const void *value, size_t vlen)
 {
-        struct qat_rsa_ctx *ctx = context;
        struct qat_crypto_instance *inst = ctx->inst;
        struct device *dev = &GET_DEV(inst->accel_dev);
        const char *ptr = value;
@@ -518,11 +514,6 @@ int qat_rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
        ctx->key_sz = vlen;
        ret = -EINVAL;
-        /* In FIPS mode only allow key size 2K & 3K */
-        if (fips_enabled && (ctx->key_sz != 256 && ctx->key_sz != 384)) {
-                pr_err("QAT: RSA: key size not allowed in FIPS mode\n");
-                goto err;
-        }
        /* invalid key size provided */
        if (!qat_rsa_enc_fn_id(ctx->key_sz))
                goto err;
@@ -540,10 +531,8 @@ err:
        return ret;
 }
-int qat_rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
+int qat_rsa_set_e(struct qat_rsa_ctx *ctx, const char *value, size_t vlen)
-                  const void *value, size_t vlen)
 {
-        struct qat_rsa_ctx *ctx = context;
        struct qat_crypto_instance *inst = ctx->inst;
        struct device *dev = &GET_DEV(inst->accel_dev);
        const char *ptr = value;
@@ -559,18 +548,15 @@ int qat_rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
        }
        ctx->e = dma_zalloc_coherent(dev, ctx->key_sz, &ctx->dma_e, GFP_KERNEL);
-        if (!ctx->e) {
+        if (!ctx->e)
-                ctx->e = NULL;
                return -ENOMEM;
-        }
        memcpy(ctx->e + (ctx->key_sz - vlen), ptr, vlen);
        return 0;
 }
-int qat_rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
+int qat_rsa_set_d(struct qat_rsa_ctx *ctx, const char *value, size_t vlen)
-                  const void *value, size_t vlen)
 {
-        struct qat_rsa_ctx *ctx = context;
        struct qat_crypto_instance *inst = ctx->inst;
        struct device *dev = &GET_DEV(inst->accel_dev);
        const char *ptr = value;
@@ -585,12 +571,6 @@ int qat_rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
        if (!ctx->key_sz || !vlen || vlen > ctx->key_sz)
                goto err;
-        /* In FIPS mode only allow key size 2K & 3K */
-        if (fips_enabled && (vlen != 256 && vlen != 384)) {
-                pr_err("QAT: RSA: key size not allowed in FIPS mode\n");
-                goto err;
-        }
        ret = -ENOMEM;
        ctx->d = dma_zalloc_coherent(dev, ctx->key_sz, &ctx->dma_d, GFP_KERNEL);
        if (!ctx->d)
@@ -608,6 +588,7 @@ static int qat_rsa_setkey(struct crypto_akcipher *tfm, const void *key,
 {
        struct qat_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
        struct device *dev = &GET_DEV(ctx->inst->accel_dev);
+        struct rsa_key rsa_key;
        int ret;
        /* Free the old key if any */
@@ -625,13 +606,23 @@ static int qat_rsa_setkey(struct crypto_akcipher *tfm, const void *key,
        ctx->d = NULL;
        if (private)
-                ret = asn1_ber_decoder(&qat_rsaprivkey_decoder, ctx, key,
+                ret = rsa_parse_priv_key(&rsa_key, key, keylen);
-                                       keylen);
        else
-                ret = asn1_ber_decoder(&qat_rsapubkey_decoder, ctx, key,
+                ret = rsa_parse_pub_key(&rsa_key, key, keylen);
-                                       keylen);
+        if (ret < 0)
+                goto free;
+        ret = qat_rsa_set_n(ctx, rsa_key.n, rsa_key.n_sz);
        if (ret < 0)
                goto free;
+        ret = qat_rsa_set_e(ctx, rsa_key.e, rsa_key.e_sz);
+        if (ret < 0)
+                goto free;
+        if (private) {
+                ret = qat_rsa_set_d(ctx, rsa_key.d, rsa_key.d_sz);
+                if (ret < 0)
+                        goto free;
+        }
        if (!ctx->n || !ctx->e) {
                /* invalid key provided */
diff --git a/drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1 b/drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1
deleted file mode 100644
index f0066adb79b8..000000000000
--- a/drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1
+++ /dev/null
@@ -1,11 +0,0 @@
-RsaPrivKey ::= SEQUENCE {
-        version         INTEGER,
-        n               INTEGER ({ qat_rsa_get_n }),
-        e               INTEGER ({ qat_rsa_get_e }),
-        d               INTEGER ({ qat_rsa_get_d }),
-        prime1          INTEGER,
-        prime2          INTEGER,
-        exponent1       INTEGER,
-        exponent2       INTEGER,
-        coefficient     INTEGER
-}
diff --git a/drivers/crypto/qat/qat_common/qat_rsapubkey.asn1 b/drivers/crypto/qat/qat_common/qat_rsapubkey.asn1
deleted file mode 100644
index bd667b31a21a..000000000000
--- a/drivers/crypto/qat/qat_common/qat_rsapubkey.asn1
+++ /dev/null
@@ -1,4 +0,0 @@
-RsaPubKey ::= SEQUENCE {
-        n INTEGER ({ qat_rsa_get_n }),
-        e INTEGER ({ qat_rsa_get_e })
-}
author	Salvatore Benedetto <salvatore.benedetto@intel.com>	2016-07-04 05:49:28 -0400
committer	Herbert Xu <herbert@gondor.apana.org.au>	2016-07-05 11:05:21 -0400
commit	6889621fd2317f52fd2c5ef1178128156f39fa94 (patch)
tree	966cfcdc941ca48ae34bd742f6f0e98bcaab8248 /drivers/crypto
parent	6dd7a82cc54ebd2936763befd3dcd4beb727a704 (diff)

diff --git a/drivers/crypto/qat/Kconfig b/drivers/crypto/qat/Kconfig index 85b44e577684..571d04dda415 100644 --- a/drivers/crypto/qat/Kconfig +++ b/drivers/crypto/qat/Kconfig
@@ -5,11 +5,11 @@ config CRYPTO_DEV_QAT
5	select CRYPTO_BLKCIPHER	5	select CRYPTO_BLKCIPHER
6	select CRYPTO_AKCIPHER	6	select CRYPTO_AKCIPHER
7	select CRYPTO_HMAC	7	select CRYPTO_HMAC
		8	select CRYPTO_RSA
8	select CRYPTO_SHA1	9	select CRYPTO_SHA1
9	select CRYPTO_SHA256	10	select CRYPTO_SHA256
10	select CRYPTO_SHA512	11	select CRYPTO_SHA512
11	select FW_LOADER	12	select FW_LOADER
12	select ASN1
13		13
14	config CRYPTO_DEV_QAT_DH895xCC	14	config CRYPTO_DEV_QAT_DH895xCC
15	tristate "Support for Intel(R) DH895xCC"	15	tristate "Support for Intel(R) DH895xCC"


diff --git a/drivers/crypto/qat/qat_common/Makefile b/drivers/crypto/qat/qat_common/Makefile index 6d74b91f2152..92fb6ffdc062 100644 --- a/drivers/crypto/qat/qat_common/Makefile +++ b/drivers/crypto/qat/qat_common/Makefile
@@ -1,11 +1,3 @@
1	$(obj)/qat_rsapubkey-asn1.o: $(obj)/qat_rsapubkey-asn1.c \
2	$(obj)/qat_rsapubkey-asn1.h
3	$(obj)/qat_rsaprivkey-asn1.o: $(obj)/qat_rsaprivkey-asn1.c \
4	$(obj)/qat_rsaprivkey-asn1.h
5
6	clean-files += qat_rsapubkey-asn1.c qat_rsapubkey-asn1.h
7	clean-files += qat_rsaprivkey-asn1.c qat_rsaprivkey-asn1.h
8
9	obj-$(CONFIG_CRYPTO_DEV_QAT) += intel_qat.o	1	obj-$(CONFIG_CRYPTO_DEV_QAT) += intel_qat.o
10	intel_qat-objs := adf_cfg.o \	2	intel_qat-objs := adf_cfg.o \
11	adf_isr.o \	3	adf_isr.o \
@@ -19,8 +11,6 @@ intel_qat-objs := adf_cfg.o \
19	adf_hw_arbiter.o \	11	adf_hw_arbiter.o \
20	qat_crypto.o \	12	qat_crypto.o \
21	qat_algs.o \	13	qat_algs.o \
22	qat_rsapubkey-asn1.o \
23	qat_rsaprivkey-asn1.o \
24	qat_asym_algs.o \	14	qat_asym_algs.o \
25	qat_uclo.o \	15	qat_uclo.o \
26	qat_hal.o	16	qat_hal.o


diff --git a/drivers/crypto/qat/qat_common/qat_asym_algs.c b/drivers/crypto/qat/qat_common/qat_asym_algs.c index 05f49d4f94b2..04b0ef8cfaa1 100644 --- a/drivers/crypto/qat/qat_common/qat_asym_algs.c +++ b/drivers/crypto/qat/qat_common/qat_asym_algs.c
@@ -52,8 +52,6 @@
52	#include <linux/dma-mapping.h>	52	#include <linux/dma-mapping.h>
53	#include <linux/fips.h>	53	#include <linux/fips.h>
54	#include <crypto/scatterwalk.h>	54	#include <crypto/scatterwalk.h>
55	#include "qat_rsapubkey-asn1.h"
56	#include "qat_rsaprivkey-asn1.h"
57	#include "icp_qat_fw_pke.h"	55	#include "icp_qat_fw_pke.h"
58	#include "adf_accel_devices.h"	56	#include "adf_accel_devices.h"
59	#include "adf_transport.h"	57	#include "adf_transport.h"
@@ -502,10 +500,8 @@ unmap_src:
502	return ret;	500	return ret;
503	}	501	}
504		502
505	int qat_rsa_get_n(void *context, size_t hdrlen, unsigned char tag,	503	int qat_rsa_set_n(struct qat_rsa_ctx ctx, const char value, size_t vlen)
506	const void *value, size_t vlen)
507	{	504	{
508	struct qat_rsa_ctx *ctx = context;
509	struct qat_crypto_instance *inst = ctx->inst;	505	struct qat_crypto_instance *inst = ctx->inst;
510	struct device *dev = &GET_DEV(inst->accel_dev);	506	struct device *dev = &GET_DEV(inst->accel_dev);
511	const char *ptr = value;	507	const char *ptr = value;
@@ -518,11 +514,6 @@ int qat_rsa_get_n(void *context, size_t hdrlen, unsigned char tag,
518		514
519	ctx->key_sz = vlen;	515	ctx->key_sz = vlen;
520	ret = -EINVAL;	516	ret = -EINVAL;
521	/* In FIPS mode only allow key size 2K & 3K */
522	if (fips_enabled && (ctx->key_sz != 256 && ctx->key_sz != 384)) {
523	pr_err("QAT: RSA: key size not allowed in FIPS mode\n");
524	goto err;
525	}
526	/* invalid key size provided */	517	/* invalid key size provided */
527	if (!qat_rsa_enc_fn_id(ctx->key_sz))	518	if (!qat_rsa_enc_fn_id(ctx->key_sz))
528	goto err;	519	goto err;
@@ -540,10 +531,8 @@ err:
540	return ret;	531	return ret;
541	}	532	}
542		533
543	int qat_rsa_get_e(void *context, size_t hdrlen, unsigned char tag,	534	int qat_rsa_set_e(struct qat_rsa_ctx ctx, const char value, size_t vlen)
544	const void *value, size_t vlen)
545	{	535	{
546	struct qat_rsa_ctx *ctx = context;
547	struct qat_crypto_instance *inst = ctx->inst;	536	struct qat_crypto_instance *inst = ctx->inst;
548	struct device *dev = &GET_DEV(inst->accel_dev);	537	struct device *dev = &GET_DEV(inst->accel_dev);
549	const char *ptr = value;	538	const char *ptr = value;
@@ -559,18 +548,15 @@ int qat_rsa_get_e(void *context, size_t hdrlen, unsigned char tag,
559	}	548	}
560		549
561	ctx->e = dma_zalloc_coherent(dev, ctx->key_sz, &ctx->dma_e, GFP_KERNEL);	550	ctx->e = dma_zalloc_coherent(dev, ctx->key_sz, &ctx->dma_e, GFP_KERNEL);
562	if (!ctx->e) {	551	if (!ctx->e)
563	ctx->e = NULL;
564	return -ENOMEM;	552	return -ENOMEM;
565	}	553
566	memcpy(ctx->e + (ctx->key_sz - vlen), ptr, vlen);	554	memcpy(ctx->e + (ctx->key_sz - vlen), ptr, vlen);
567	return 0;	555	return 0;
568	}	556	}
569		557
570	int qat_rsa_get_d(void *context, size_t hdrlen, unsigned char tag,	558	int qat_rsa_set_d(struct qat_rsa_ctx ctx, const char value, size_t vlen)
571	const void *value, size_t vlen)
572	{	559	{
573	struct qat_rsa_ctx *ctx = context;
574	struct qat_crypto_instance *inst = ctx->inst;	560	struct qat_crypto_instance *inst = ctx->inst;
575	struct device *dev = &GET_DEV(inst->accel_dev);	561	struct device *dev = &GET_DEV(inst->accel_dev);
576	const char *ptr = value;	562	const char *ptr = value;
@@ -585,12 +571,6 @@ int qat_rsa_get_d(void *context, size_t hdrlen, unsigned char tag,
585	if (!ctx->key_sz \|\| !vlen \|\| vlen > ctx->key_sz)	571	if (!ctx->key_sz \|\| !vlen \|\| vlen > ctx->key_sz)
586	goto err;	572	goto err;
587		573
588	/* In FIPS mode only allow key size 2K & 3K */
589	if (fips_enabled && (vlen != 256 && vlen != 384)) {
590	pr_err("QAT: RSA: key size not allowed in FIPS mode\n");
591	goto err;
592	}
593
594	ret = -ENOMEM;	574	ret = -ENOMEM;
595	ctx->d = dma_zalloc_coherent(dev, ctx->key_sz, &ctx->dma_d, GFP_KERNEL);	575	ctx->d = dma_zalloc_coherent(dev, ctx->key_sz, &ctx->dma_d, GFP_KERNEL);
596	if (!ctx->d)	576	if (!ctx->d)
@@ -608,6 +588,7 @@ static int qat_rsa_setkey(struct crypto_akcipher tfm, const void key,
608	{	588	{
609	struct qat_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);	589	struct qat_rsa_ctx *ctx = akcipher_tfm_ctx(tfm);
610	struct device *dev = &GET_DEV(ctx->inst->accel_dev);	590	struct device *dev = &GET_DEV(ctx->inst->accel_dev);
		591	struct rsa_key rsa_key;
611	int ret;	592	int ret;
612		593
613	/* Free the old key if any */	594	/* Free the old key if any */
@@ -625,13 +606,23 @@ static int qat_rsa_setkey(struct crypto_akcipher tfm, const void key,
625	ctx->d = NULL;	606	ctx->d = NULL;
626		607
627	if (private)	608	if (private)
628	ret = asn1_ber_decoder(&qat_rsaprivkey_decoder, ctx, key,	609	ret = rsa_parse_priv_key(&rsa_key, key, keylen);
629	keylen);
630	else	610	else
631	ret = asn1_ber_decoder(&qat_rsapubkey_decoder, ctx, key,	611	ret = rsa_parse_pub_key(&rsa_key, key, keylen);
632	keylen);	612	if (ret < 0)
		613	goto free;
		614
		615	ret = qat_rsa_set_n(ctx, rsa_key.n, rsa_key.n_sz);
633	if (ret < 0)	616	if (ret < 0)
634	goto free;	617	goto free;
		618	ret = qat_rsa_set_e(ctx, rsa_key.e, rsa_key.e_sz);
		619	if (ret < 0)
		620	goto free;
		621	if (private) {
		622	ret = qat_rsa_set_d(ctx, rsa_key.d, rsa_key.d_sz);
		623	if (ret < 0)
		624	goto free;
		625	}
635		626
636	if (!ctx->n \|\| !ctx->e) {	627	if (!ctx->n \|\| !ctx->e) {
637	/* invalid key provided */	628	/* invalid key provided */


diff --git a/drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1 b/drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1 deleted file mode 100644 index f0066adb79b8..000000000000 --- a/drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1 +++ /dev/null
@@ -1,11 +0,0 @@
1	RsaPrivKey ::= SEQUENCE {
2	version INTEGER,
3	n INTEGER ({ qat_rsa_get_n }),
4	e INTEGER ({ qat_rsa_get_e }),
5	d INTEGER ({ qat_rsa_get_d }),
6	prime1 INTEGER,
7	prime2 INTEGER,
8	exponent1 INTEGER,
9	exponent2 INTEGER,
10	coefficient INTEGER
11	}


diff --git a/drivers/crypto/qat/qat_common/qat_rsapubkey.asn1 b/drivers/crypto/qat/qat_common/qat_rsapubkey.asn1 deleted file mode 100644 index bd667b31a21a..000000000000 --- a/drivers/crypto/qat/qat_common/qat_rsapubkey.asn1 +++ /dev/null
@@ -1,4 +0,0 @@
1	RsaPubKey ::= SEQUENCE {
2	n INTEGER ({ qat_rsa_get_n }),
3	e INTEGER ({ qat_rsa_get_e })
4	}