1 /* RSA asymmetric public-key algorithm [RFC3447]
3 * Copyright (c) 2015, Intel Corporation
4 * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public Licence
8 * as published by the Free Software Foundation; either version
9 * 2 of the Licence, or (at your option) any later version.
12 #include <linux/module.h>
13 #include <crypto/internal/rsa.h>
14 #include <crypto/internal/akcipher.h>
15 #include <crypto/akcipher.h>
18 * RSAEP function [RFC3447 sec 5.1.1]
21 static int _rsa_enc(const struct rsa_key *key, MPI c, MPI m)
23 /* (1) Validate 0 <= m < n */
24 if (mpi_cmp_ui(m, 0) < 0 || mpi_cmp(m, key->n) >= 0)
27 /* (2) c = m^e mod n */
28 return mpi_powm(c, m, key->e, key->n);
32 * RSADP function [RFC3447 sec 5.1.2]
35 static int _rsa_dec(const struct rsa_key *key, MPI m, MPI c)
37 /* (1) Validate 0 <= c < n */
38 if (mpi_cmp_ui(c, 0) < 0 || mpi_cmp(c, key->n) >= 0)
41 /* (2) m = c^d mod n */
42 return mpi_powm(m, c, key->d, key->n);
46 * RSASP1 function [RFC3447 sec 5.2.1]
49 static int _rsa_sign(const struct rsa_key *key, MPI s, MPI m)
51 /* (1) Validate 0 <= m < n */
52 if (mpi_cmp_ui(m, 0) < 0 || mpi_cmp(m, key->n) >= 0)
55 /* (2) s = m^d mod n */
56 return mpi_powm(s, m, key->d, key->n);
60 * RSAVP1 function [RFC3447 sec 5.2.2]
63 static int _rsa_verify(const struct rsa_key *key, MPI m, MPI s)
65 /* (1) Validate 0 <= s < n */
66 if (mpi_cmp_ui(s, 0) < 0 || mpi_cmp(s, key->n) >= 0)
69 /* (2) m = s^e mod n */
70 return mpi_powm(m, s, key->e, key->n);
73 static inline struct rsa_key *rsa_get_key(struct crypto_akcipher *tfm)
75 return akcipher_tfm_ctx(tfm);
78 static int rsa_enc(struct akcipher_request *req)
80 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
81 const struct rsa_key *pkey = rsa_get_key(tfm);
82 MPI m, c = mpi_alloc(0);
89 if (unlikely(!pkey->n || !pkey->e)) {
94 if (req->dst_len < mpi_get_size(pkey->n)) {
95 req->dst_len = mpi_get_size(pkey->n);
101 m = mpi_read_raw_from_sgl(req->src, req->src_len);
105 ret = _rsa_enc(pkey, c, m);
109 ret = mpi_write_to_sgl(c, req->dst, &req->dst_len, &sign);
123 static int rsa_dec(struct akcipher_request *req)
125 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
126 const struct rsa_key *pkey = rsa_get_key(tfm);
127 MPI c, m = mpi_alloc(0);
134 if (unlikely(!pkey->n || !pkey->d)) {
139 if (req->dst_len < mpi_get_size(pkey->n)) {
140 req->dst_len = mpi_get_size(pkey->n);
146 c = mpi_read_raw_from_sgl(req->src, req->src_len);
150 ret = _rsa_dec(pkey, m, c);
154 ret = mpi_write_to_sgl(m, req->dst, &req->dst_len, &sign);
167 static int rsa_sign(struct akcipher_request *req)
169 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
170 const struct rsa_key *pkey = rsa_get_key(tfm);
171 MPI m, s = mpi_alloc(0);
178 if (unlikely(!pkey->n || !pkey->d)) {
183 if (req->dst_len < mpi_get_size(pkey->n)) {
184 req->dst_len = mpi_get_size(pkey->n);
190 m = mpi_read_raw_from_sgl(req->src, req->src_len);
194 ret = _rsa_sign(pkey, s, m);
198 ret = mpi_write_to_sgl(s, req->dst, &req->dst_len, &sign);
212 static int rsa_verify(struct akcipher_request *req)
214 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
215 const struct rsa_key *pkey = rsa_get_key(tfm);
216 MPI s, m = mpi_alloc(0);
223 if (unlikely(!pkey->n || !pkey->e)) {
228 if (req->dst_len < mpi_get_size(pkey->n)) {
229 req->dst_len = mpi_get_size(pkey->n);
235 s = mpi_read_raw_from_sgl(req->src, req->src_len);
241 ret = _rsa_verify(pkey, m, s);
245 ret = mpi_write_to_sgl(m, req->dst, &req->dst_len, &sign);
259 static int rsa_check_key_length(unsigned int len)
274 static int rsa_set_pub_key(struct crypto_akcipher *tfm, const void *key,
277 struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
280 ret = rsa_parse_pub_key(pkey, key, keylen);
284 if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) {
291 static int rsa_set_priv_key(struct crypto_akcipher *tfm, const void *key,
294 struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
297 ret = rsa_parse_priv_key(pkey, key, keylen);
301 if (rsa_check_key_length(mpi_get_size(pkey->n) << 3)) {
308 static int rsa_max_size(struct crypto_akcipher *tfm)
310 struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
312 return pkey->n ? mpi_get_size(pkey->n) : -EINVAL;
315 static void rsa_exit_tfm(struct crypto_akcipher *tfm)
317 struct rsa_key *pkey = akcipher_tfm_ctx(tfm);
322 static struct akcipher_alg rsa = {
326 .verify = rsa_verify,
327 .set_priv_key = rsa_set_priv_key,
328 .set_pub_key = rsa_set_pub_key,
329 .max_size = rsa_max_size,
330 .exit = rsa_exit_tfm,
333 .cra_driver_name = "rsa-generic",
335 .cra_module = THIS_MODULE,
336 .cra_ctxsize = sizeof(struct rsa_key),
340 static int rsa_init(void)
342 return crypto_register_akcipher(&rsa);
345 static void rsa_exit(void)
347 crypto_unregister_akcipher(&rsa);
350 module_init(rsa_init);
351 module_exit(rsa_exit);
352 MODULE_ALIAS_CRYPTO("rsa");
353 MODULE_LICENSE("GPL");
354 MODULE_DESCRIPTION("RSA generic algorithm");