aboutsummaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2012-09-21 18:24:55 -0400
committerRusty Russell <rusty@rustcorp.com.au>2012-10-07 23:20:14 -0400
commita9681bf3dd7ccd2b32eba27d327ab76607429f7a (patch)
tree667676a21ec5f72e15d37c9db7fb3a77c10bc0cd /crypto
parent46c6f1776e2f53eebb1fc361946877bab7533227 (diff)
KEYS: Asymmetric public-key algorithm crypto key subtype
Add a subtype for supporting asymmetric public-key encryption algorithms such as DSA (FIPS-186) and RSA (PKCS#1 / RFC1337). Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/asymmetric_keys/Kconfig8
-rw-r--r--crypto/asymmetric_keys/Makefile2
-rw-r--r--crypto/asymmetric_keys/public_key.c108
-rw-r--r--crypto/asymmetric_keys/public_key.h28
4 files changed, 146 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/Kconfig b/crypto/asymmetric_keys/Kconfig
index cad29b3efa0e..bbfccaa35293 100644
--- a/crypto/asymmetric_keys/Kconfig
+++ b/crypto/asymmetric_keys/Kconfig
@@ -9,5 +9,13 @@ menuconfig ASYMMETRIC_KEY_TYPE
9 9
10if ASYMMETRIC_KEY_TYPE 10if ASYMMETRIC_KEY_TYPE
11 11
12config ASYMMETRIC_PUBLIC_KEY_SUBTYPE
13 tristate "Asymmetric public-key crypto algorithm subtype"
14 select MPILIB
15 help
16 This option provides support for asymmetric public key type handling.
17 If signature generation and/or verification are to be used,
18 appropriate hash algorithms (such as SHA-1) must be available.
19 ENOPKG will be reported if the requisite algorithm is unavailable.
12 20
13endif # ASYMMETRIC_KEY_TYPE 21endif # ASYMMETRIC_KEY_TYPE
diff --git a/crypto/asymmetric_keys/Makefile b/crypto/asymmetric_keys/Makefile
index b725bcce4cfd..5ed46eecb299 100644
--- a/crypto/asymmetric_keys/Makefile
+++ b/crypto/asymmetric_keys/Makefile
@@ -5,3 +5,5 @@
5obj-$(CONFIG_ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o 5obj-$(CONFIG_ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o
6 6
7asymmetric_keys-y := asymmetric_type.o 7asymmetric_keys-y := asymmetric_type.o
8
9obj-$(CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o
diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
new file mode 100644
index 000000000000..cb2e29180a87
--- /dev/null
+++ b/crypto/asymmetric_keys/public_key.c
@@ -0,0 +1,108 @@
1/* In-software asymmetric public-key crypto subtype
2 *
3 * See Documentation/crypto/asymmetric-keys.txt
4 *
5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
6 * Written by David Howells (dhowells@redhat.com)
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public Licence
10 * as published by the Free Software Foundation; either version
11 * 2 of the Licence, or (at your option) any later version.
12 */
13
14#define pr_fmt(fmt) "PKEY: "fmt
15#include <linux/module.h>
16#include <linux/export.h>
17#include <linux/kernel.h>
18#include <linux/slab.h>
19#include <linux/seq_file.h>
20#include <keys/asymmetric-subtype.h>
21#include "public_key.h"
22
23MODULE_LICENSE("GPL");
24
25const char *const pkey_algo[PKEY_ALGO__LAST] = {
26 [PKEY_ALGO_DSA] = "DSA",
27 [PKEY_ALGO_RSA] = "RSA",
28};
29EXPORT_SYMBOL_GPL(pkey_algo);
30
31const char *const pkey_hash_algo[PKEY_HASH__LAST] = {
32 [PKEY_HASH_MD4] = "md4",
33 [PKEY_HASH_MD5] = "md5",
34 [PKEY_HASH_SHA1] = "sha1",
35 [PKEY_HASH_RIPE_MD_160] = "rmd160",
36 [PKEY_HASH_SHA256] = "sha256",
37 [PKEY_HASH_SHA384] = "sha384",
38 [PKEY_HASH_SHA512] = "sha512",
39 [PKEY_HASH_SHA224] = "sha224",
40};
41EXPORT_SYMBOL_GPL(pkey_hash_algo);
42
43const char *const pkey_id_type[PKEY_ID_TYPE__LAST] = {
44 [PKEY_ID_PGP] = "PGP",
45 [PKEY_ID_X509] = "X509",
46};
47EXPORT_SYMBOL_GPL(pkey_id_type);
48
49/*
50 * Provide a part of a description of the key for /proc/keys.
51 */
52static void public_key_describe(const struct key *asymmetric_key,
53 struct seq_file *m)
54{
55 struct public_key *key = asymmetric_key->payload.data;
56
57 if (key)
58 seq_printf(m, "%s.%s",
59 pkey_id_type[key->id_type], key->algo->name);
60}
61
62/*
63 * Destroy a public key algorithm key.
64 */
65void public_key_destroy(void *payload)
66{
67 struct public_key *key = payload;
68 int i;
69
70 if (key) {
71 for (i = 0; i < ARRAY_SIZE(key->mpi); i++)
72 mpi_free(key->mpi[i]);
73 kfree(key);
74 }
75}
76EXPORT_SYMBOL_GPL(public_key_destroy);
77
78/*
79 * Verify a signature using a public key.
80 */
81static int public_key_verify_signature(const struct key *key,
82 const struct public_key_signature *sig)
83{
84 const struct public_key *pk = key->payload.data;
85
86 if (!pk->algo->verify_signature)
87 return -ENOTSUPP;
88
89 if (sig->nr_mpi != pk->algo->n_sig_mpi) {
90 pr_debug("Signature has %u MPI not %u\n",
91 sig->nr_mpi, pk->algo->n_sig_mpi);
92 return -EINVAL;
93 }
94
95 return pk->algo->verify_signature(pk, sig);
96}
97
98/*
99 * Public key algorithm asymmetric key subtype
100 */
101struct asymmetric_key_subtype public_key_subtype = {
102 .owner = THIS_MODULE,
103 .name = "public_key",
104 .describe = public_key_describe,
105 .destroy = public_key_destroy,
106 .verify_signature = public_key_verify_signature,
107};
108EXPORT_SYMBOL_GPL(public_key_subtype);
diff --git a/crypto/asymmetric_keys/public_key.h b/crypto/asymmetric_keys/public_key.h
new file mode 100644
index 000000000000..1f86aad31003
--- /dev/null
+++ b/crypto/asymmetric_keys/public_key.h
@@ -0,0 +1,28 @@
1/* Public key algorithm internals
2 *
3 * See Documentation/crypto/asymmetric-keys.txt
4 *
5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
6 * Written by David Howells (dhowells@redhat.com)
7 *
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public Licence
10 * as published by the Free Software Foundation; either version
11 * 2 of the Licence, or (at your option) any later version.
12 */
13
14#include <crypto/public_key.h>
15
16extern struct asymmetric_key_subtype public_key_subtype;
17
18/*
19 * Public key algorithm definition.
20 */
21struct public_key_algorithm {
22 const char *name;
23 u8 n_pub_mpi; /* Number of MPIs in public key */
24 u8 n_sec_mpi; /* Number of MPIs in secret key */
25 u8 n_sig_mpi; /* Number of MPIs in a signature */
26 int (*verify_signature)(const struct public_key *key,
27 const struct public_key_signature *sig);
28};