1 /* RSA asymmetric public-key algorithm [RFC3447]
3 * Copyright (c) 2015, Intel Corporation
4 * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public Licence
8 * as published by the Free Software Foundation; either version
9 * 2 of the Licence, or (at your option) any later version.
12 #include <linux/module.h>
13 #include <crypto/internal/rsa.h>
14 #include <crypto/internal/akcipher.h>
15 #include <crypto/akcipher.h>
16 #include <crypto/algapi.h>
19 * RSAEP function [RFC3447 sec 5.1.1]
22 static int _rsa_enc(const struct rsa_key
*key
, MPI c
, MPI m
)
24 /* (1) Validate 0 <= m < n */
25 if (mpi_cmp_ui(m
, 0) < 0 || mpi_cmp(m
, key
->n
) >= 0)
28 /* (2) c = m^e mod n */
29 return mpi_powm(c
, m
, key
->e
, key
->n
);
33 * RSADP function [RFC3447 sec 5.1.2]
36 static int _rsa_dec(const struct rsa_key
*key
, MPI m
, MPI c
)
38 /* (1) Validate 0 <= c < n */
39 if (mpi_cmp_ui(c
, 0) < 0 || mpi_cmp(c
, key
->n
) >= 0)
42 /* (2) m = c^d mod n */
43 return mpi_powm(m
, c
, key
->d
, key
->n
);
47 * RSASP1 function [RFC3447 sec 5.2.1]
50 static int _rsa_sign(const struct rsa_key
*key
, MPI s
, MPI m
)
52 /* (1) Validate 0 <= m < n */
53 if (mpi_cmp_ui(m
, 0) < 0 || mpi_cmp(m
, key
->n
) >= 0)
56 /* (2) s = m^d mod n */
57 return mpi_powm(s
, m
, key
->d
, key
->n
);
61 * RSAVP1 function [RFC3447 sec 5.2.2]
64 static int _rsa_verify(const struct rsa_key
*key
, MPI m
, MPI s
)
66 /* (1) Validate 0 <= s < n */
67 if (mpi_cmp_ui(s
, 0) < 0 || mpi_cmp(s
, key
->n
) >= 0)
70 /* (2) m = s^e mod n */
71 return mpi_powm(m
, s
, key
->e
, key
->n
);
74 static inline struct rsa_key
*rsa_get_key(struct crypto_akcipher
*tfm
)
76 return akcipher_tfm_ctx(tfm
);
79 static int rsa_enc(struct akcipher_request
*req
)
81 struct crypto_akcipher
*tfm
= crypto_akcipher_reqtfm(req
);
82 const struct rsa_key
*pkey
= rsa_get_key(tfm
);
83 MPI m
, c
= mpi_alloc(0);
90 if (unlikely(!pkey
->n
|| !pkey
->e
)) {
96 m
= mpi_read_raw_from_sgl(req
->src
, req
->src_len
);
100 ret
= _rsa_enc(pkey
, c
, m
);
104 ret
= mpi_write_to_sgl(c
, req
->dst
, &req
->dst_len
, &sign
);
118 static int rsa_dec(struct akcipher_request
*req
)
120 struct crypto_akcipher
*tfm
= crypto_akcipher_reqtfm(req
);
121 const struct rsa_key
*pkey
= rsa_get_key(tfm
);
122 MPI c
, m
= mpi_alloc(0);
129 if (unlikely(!pkey
->n
|| !pkey
->d
)) {
135 c
= mpi_read_raw_from_sgl(req
->src
, req
->src_len
);
139 ret
= _rsa_dec(pkey
, m
, c
);
143 ret
= mpi_write_to_sgl(m
, req
->dst
, &req
->dst_len
, &sign
);
156 static int rsa_sign(struct akcipher_request
*req
)
158 struct crypto_akcipher
*tfm
= crypto_akcipher_reqtfm(req
);
159 const struct rsa_key
*pkey
= rsa_get_key(tfm
);
160 MPI m
, s
= mpi_alloc(0);
167 if (unlikely(!pkey
->n
|| !pkey
->d
)) {
173 m
= mpi_read_raw_from_sgl(req
->src
, req
->src_len
);
177 ret
= _rsa_sign(pkey
, s
, m
);
181 ret
= mpi_write_to_sgl(s
, req
->dst
, &req
->dst_len
, &sign
);
195 static int rsa_verify(struct akcipher_request
*req
)
197 struct crypto_akcipher
*tfm
= crypto_akcipher_reqtfm(req
);
198 const struct rsa_key
*pkey
= rsa_get_key(tfm
);
199 MPI s
, m
= mpi_alloc(0);
206 if (unlikely(!pkey
->n
|| !pkey
->e
)) {
212 s
= mpi_read_raw_from_sgl(req
->src
, req
->src_len
);
218 ret
= _rsa_verify(pkey
, m
, s
);
222 ret
= mpi_write_to_sgl(m
, req
->dst
, &req
->dst_len
, &sign
);
236 static int rsa_check_key_length(unsigned int len
)
251 static int rsa_set_pub_key(struct crypto_akcipher
*tfm
, const void *key
,
254 struct rsa_key
*pkey
= akcipher_tfm_ctx(tfm
);
257 ret
= rsa_parse_pub_key(pkey
, key
, keylen
);
261 if (rsa_check_key_length(mpi_get_size(pkey
->n
) << 3)) {
268 static int rsa_set_priv_key(struct crypto_akcipher
*tfm
, const void *key
,
271 struct rsa_key
*pkey
= akcipher_tfm_ctx(tfm
);
274 ret
= rsa_parse_priv_key(pkey
, key
, keylen
);
278 if (rsa_check_key_length(mpi_get_size(pkey
->n
) << 3)) {
285 static int rsa_max_size(struct crypto_akcipher
*tfm
)
287 struct rsa_key
*pkey
= akcipher_tfm_ctx(tfm
);
289 return pkey
->n
? mpi_get_size(pkey
->n
) : -EINVAL
;
292 static void rsa_exit_tfm(struct crypto_akcipher
*tfm
)
294 struct rsa_key
*pkey
= akcipher_tfm_ctx(tfm
);
299 static struct akcipher_alg rsa
= {
303 .verify
= rsa_verify
,
304 .set_priv_key
= rsa_set_priv_key
,
305 .set_pub_key
= rsa_set_pub_key
,
306 .max_size
= rsa_max_size
,
307 .exit
= rsa_exit_tfm
,
310 .cra_driver_name
= "rsa-generic",
312 .cra_module
= THIS_MODULE
,
313 .cra_ctxsize
= sizeof(struct rsa_key
),
317 static int rsa_init(void)
321 err
= crypto_register_akcipher(&rsa
);
325 err
= crypto_register_template(&rsa_pkcs1pad_tmpl
);
327 crypto_unregister_akcipher(&rsa
);
334 static void rsa_exit(void)
336 crypto_unregister_template(&rsa_pkcs1pad_tmpl
);
337 crypto_unregister_akcipher(&rsa
);
340 module_init(rsa_init
);
341 module_exit(rsa_exit
);
342 MODULE_ALIAS_CRYPTO("rsa");
343 MODULE_LICENSE("GPL");
344 MODULE_DESCRIPTION("RSA generic algorithm");