]> git.proxmox.com Git - mirror_ubuntu-focal-kernel.git/blame - crypto/asymmetric_keys/asym_tpm.c
projects / mirror_ubuntu-focal-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
KEYS: asym_tpm: Implement signature verification [ver #2]
[mirror_ubuntu-focal-kernel.git] / crypto / asymmetric_keys / asym_tpm.c
CommitLineData
903be6bb
DK		 1// SPDX-License-Identifier: GPL-2.0
2#define pr_fmt(fmt) "ASYM-TPM: "fmt
3#include <linux/slab.h>
4#include <linux/module.h>
5#include <linux/export.h>
6#include <linux/kernel.h>
7#include <linux/seq_file.h>
8#include <linux/scatterlist.h>
9#include <linux/tpm.h>
0c36264a 10#include <linux/tpm_command.h>
dff5a61a 11#include <crypto/akcipher.h>
0c36264a
DK		 12#include <crypto/hash.h>
13#include <crypto/sha.h>
f8c54e1a 14#include <asm/unaligned.h>
903be6bb 15#include <keys/asymmetric-subtype.h>
0c36264a 16#include <keys/trusted.h>
903be6bb 17#include <crypto/asym_tpm_subtype.h>
e08e6891 18#include <crypto/public_key.h>
903be6bb 19
0c36264a
DK		 20#define TPM_ORD_FLUSHSPECIFIC 186
21#define TPM_ORD_LOADKEY2 65
f884fe5a 22#define TPM_ORD_UNBIND 30
0c36264a
DK		 23#define TPM_LOADKEY2_SIZE 59
24#define TPM_FLUSHSPECIFIC_SIZE 18
f884fe5a 25#define TPM_UNBIND_SIZE 63
0c36264a
DK		 26
27#define TPM_RT_KEY 0x00000001
28
29/*
30 * Load a TPM key from the blob provided by userspace
31 */
32static int tpm_loadkey2(struct tpm_buf *tb,
33 uint32_t keyhandle, unsigned char *keyauth,
34 const unsigned char *keyblob, int keybloblen,
35 uint32_t *newhandle)
36{
37 unsigned char nonceodd[TPM_NONCE_SIZE];
38 unsigned char enonce[TPM_NONCE_SIZE];
39 unsigned char authdata[SHA1_DIGEST_SIZE];
40 uint32_t authhandle = 0;
41 unsigned char cont = 0;
42 uint32_t ordinal;
43 int ret;
44
45 ordinal = htonl(TPM_ORD_LOADKEY2);
46
47 /* session for loading the key */
48 ret = oiap(tb, &authhandle, enonce);
49 if (ret < 0) {
50 pr_info("oiap failed (%d)\n", ret);
51 return ret;
52 }
53
54 /* generate odd nonce */
55 ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
56 if (ret < 0) {
57 pr_info("tpm_get_random failed (%d)\n", ret);
58 return ret;
59 }
60
61 /* calculate authorization HMAC value */
62 ret = TSS_authhmac(authdata, keyauth, SHA1_DIGEST_SIZE, enonce,
63 nonceodd, cont, sizeof(uint32_t), &ordinal,
64 keybloblen, keyblob, 0, 0);
65 if (ret < 0)
66 return ret;
67
68 /* build the request buffer */
69 INIT_BUF(tb);
70 store16(tb, TPM_TAG_RQU_AUTH1_COMMAND);
71 store32(tb, TPM_LOADKEY2_SIZE + keybloblen);
72 store32(tb, TPM_ORD_LOADKEY2);
73 store32(tb, keyhandle);
74 storebytes(tb, keyblob, keybloblen);
75 store32(tb, authhandle);
76 storebytes(tb, nonceodd, TPM_NONCE_SIZE);
77 store8(tb, cont);
78 storebytes(tb, authdata, SHA1_DIGEST_SIZE);
79
80 ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE);
81 if (ret < 0) {
82 pr_info("authhmac failed (%d)\n", ret);
83 return ret;
84 }
85
86 ret = TSS_checkhmac1(tb->data, ordinal, nonceodd, keyauth,
87 SHA1_DIGEST_SIZE, 0, 0);
88 if (ret < 0) {
89 pr_info("TSS_checkhmac1 failed (%d)\n", ret);
90 return ret;
91 }
92
93 *newhandle = LOAD32(tb->data, TPM_DATA_OFFSET);
94 return 0;
95}
96
97/*
98 * Execute the FlushSpecific TPM command
99 */
100static int tpm_flushspecific(struct tpm_buf *tb, uint32_t handle)
101{
102 INIT_BUF(tb);
103 store16(tb, TPM_TAG_RQU_COMMAND);
104 store32(tb, TPM_FLUSHSPECIFIC_SIZE);
105 store32(tb, TPM_ORD_FLUSHSPECIFIC);
106 store32(tb, handle);
107 store32(tb, TPM_RT_KEY);
108
109 return trusted_tpm_send(tb->data, MAX_BUF_SIZE);
110}
111
f884fe5a
DK		 112/*
113 * Decrypt a blob provided by userspace using a specific key handle.
114 * The handle is a well known handle or previously loaded by e.g. LoadKey2
115 */
116static int tpm_unbind(struct tpm_buf *tb,
117 uint32_t keyhandle, unsigned char *keyauth,
118 const unsigned char *blob, uint32_t bloblen,
119 void *out, uint32_t outlen)
120{
121 unsigned char nonceodd[TPM_NONCE_SIZE];
122 unsigned char enonce[TPM_NONCE_SIZE];
123 unsigned char authdata[SHA1_DIGEST_SIZE];
124 uint32_t authhandle = 0;
125 unsigned char cont = 0;
126 uint32_t ordinal;
127 uint32_t datalen;
128 int ret;
129
130 ordinal = htonl(TPM_ORD_UNBIND);
131 datalen = htonl(bloblen);
132
133 /* session for loading the key */
134 ret = oiap(tb, &authhandle, enonce);
135 if (ret < 0) {
136 pr_info("oiap failed (%d)\n", ret);
137 return ret;
138 }
139
140 /* generate odd nonce */
141 ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
142 if (ret < 0) {
143 pr_info("tpm_get_random failed (%d)\n", ret);
144 return ret;
145 }
146
147 /* calculate authorization HMAC value */
148 ret = TSS_authhmac(authdata, keyauth, SHA1_DIGEST_SIZE, enonce,
149 nonceodd, cont, sizeof(uint32_t), &ordinal,
150 sizeof(uint32_t), &datalen,
151 bloblen, blob, 0, 0);
152 if (ret < 0)
153 return ret;
154
155 /* build the request buffer */
156 INIT_BUF(tb);
157 store16(tb, TPM_TAG_RQU_AUTH1_COMMAND);
158 store32(tb, TPM_UNBIND_SIZE + bloblen);
159 store32(tb, TPM_ORD_UNBIND);
160 store32(tb, keyhandle);
161 store32(tb, bloblen);
162 storebytes(tb, blob, bloblen);
163 store32(tb, authhandle);
164 storebytes(tb, nonceodd, TPM_NONCE_SIZE);
165 store8(tb, cont);
166 storebytes(tb, authdata, SHA1_DIGEST_SIZE);
167
168 ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE);
169 if (ret < 0) {
170 pr_info("authhmac failed (%d)\n", ret);
171 return ret;
172 }
173
174 datalen = LOAD32(tb->data, TPM_DATA_OFFSET);
175
176 ret = TSS_checkhmac1(tb->data, ordinal, nonceodd,
177 keyauth, SHA1_DIGEST_SIZE,
178 sizeof(uint32_t), TPM_DATA_OFFSET,
179 datalen, TPM_DATA_OFFSET + sizeof(uint32_t),
180 0, 0);
181 if (ret < 0) {
182 pr_info("TSS_checkhmac1 failed (%d)\n", ret);
183 return ret;
184 }
185
186 memcpy(out, tb->data + TPM_DATA_OFFSET + sizeof(uint32_t),
187 min(outlen, datalen));
188
189 return datalen;
190}
191
dff5a61a
DK		 192/*
193 * Maximum buffer size for the BER/DER encoded public key. The public key
194 * is of the form SEQUENCE { INTEGER n, INTEGER e } where n is a maximum 2048
195 * bit key and e is usually 65537
196 * The encoding overhead is:
197 * - max 4 bytes for SEQUENCE
198 * - max 4 bytes for INTEGER n type/length
199 * - 257 bytes of n
200 * - max 2 bytes for INTEGER e type/length
201 * - 3 bytes of e
202 */
203#define PUB_KEY_BUF_SIZE (4 + 4 + 257 + 2 + 3)
204
903be6bb
DK		 205/*
206 * Provide a part of a description of the key for /proc/keys.
207 */
208static void asym_tpm_describe(const struct key *asymmetric_key,
209 struct seq_file *m)
210{
211 struct tpm_key *tk = asymmetric_key->payload.data[asym_crypto];
212
213 if (!tk)
214 return;
215
216 seq_printf(m, "TPM1.2/Blob");
217}
218
219static void asym_tpm_destroy(void *payload0, void *payload3)
220{
221 struct tpm_key *tk = payload0;
222
223 if (!tk)
224 return;
225
226 kfree(tk->blob);
227 tk->blob_len = 0;
228
229 kfree(tk);
230}
231
dff5a61a
DK		 232/* How many bytes will it take to encode the length */
233static inline uint32_t definite_length(uint32_t len)
234{
235 if (len <= 127)
236 return 1;
237 if (len <= 255)
238 return 2;
239 return 3;
240}
241
242static inline uint8_t *encode_tag_length(uint8_t *buf, uint8_t tag,
243 uint32_t len)
244{
245 *buf++ = tag;
246
247 if (len <= 127) {
248 buf[0] = len;
249 return buf + 1;
250 }
251
252 if (len <= 255) {
253 buf[0] = 0x81;
254 buf[1] = len;
255 return buf + 2;
256 }
257
258 buf[0] = 0x82;
259 put_unaligned_be16(len, buf + 1);
260 return buf + 3;
261}
262
263static uint32_t derive_pub_key(const void *pub_key, uint32_t len, uint8_t *buf)
264{
265 uint8_t *cur = buf;
266 uint32_t n_len = definite_length(len) + 1 + len + 1;
267 uint32_t e_len = definite_length(3) + 1 + 3;
268 uint8_t e[3] = { 0x01, 0x00, 0x01 };
269
270 /* SEQUENCE */
271 cur = encode_tag_length(cur, 0x30, n_len + e_len);
272 /* INTEGER n */
273 cur = encode_tag_length(cur, 0x02, len + 1);
274 cur[0] = 0x00;
275 memcpy(cur + 1, pub_key, len);
276 cur += len + 1;
277 cur = encode_tag_length(cur, 0x02, sizeof(e));
278 memcpy(cur, e, sizeof(e));
279 cur += sizeof(e);
280
281 return cur - buf;
282}
283
284/*
285 * Determine the crypto algorithm name.
286 */
287static int determine_akcipher(const char *encoding, const char *hash_algo,
288 char alg_name[CRYPTO_MAX_ALG_NAME])
289{
dff5a61a 290 if (strcmp(encoding, "pkcs1") == 0) {
e08e6891
DK		 291 if (!hash_algo) {
292 strcpy(alg_name, "pkcs1pad(rsa)");
293 return 0;
294 }
295
296 if (snprintf(alg_name, CRYPTO_MAX_ALG_NAME, "pkcs1pad(rsa,%s)",
297 hash_algo) >= CRYPTO_MAX_ALG_NAME)
298 return -EINVAL;
299
dff5a61a
DK		 300 return 0;
301 }
302
303 if (strcmp(encoding, "raw") == 0) {
304 strcpy(alg_name, "rsa");
305 return 0;
306 }
307
308 return -ENOPKG;
309}
310
311/*
312 * Query information about a key.
313 */
314static int tpm_key_query(const struct kernel_pkey_params *params,
315 struct kernel_pkey_query *info)
316{
317 struct tpm_key *tk = params->key->payload.data[asym_crypto];
318 int ret;
319 char alg_name[CRYPTO_MAX_ALG_NAME];
320 struct crypto_akcipher *tfm;
321 uint8_t der_pub_key[PUB_KEY_BUF_SIZE];
322 uint32_t der_pub_key_len;
323 int len;
324
325 /* TPM only works on private keys, public keys still done in software */
326 ret = determine_akcipher(params->encoding, params->hash_algo, alg_name);
327 if (ret < 0)
328 return ret;
329
330 tfm = crypto_alloc_akcipher(alg_name, 0, 0);
331 if (IS_ERR(tfm))
332 return PTR_ERR(tfm);
333
334 der_pub_key_len = derive_pub_key(tk->pub_key, tk->pub_key_len,
335 der_pub_key);
336
337 ret = crypto_akcipher_set_pub_key(tfm, der_pub_key, der_pub_key_len);
338 if (ret < 0)
339 goto error_free_tfm;
340
341 len = crypto_akcipher_maxsize(tfm);
342
343 info->key_size = tk->key_len;
344 info->max_data_size = tk->key_len / 8;
345 info->max_sig_size = len;
346 info->max_enc_size = len;
347 info->max_dec_size = tk->key_len / 8;
348
a335974a 349 info->supported_ops = KEYCTL_SUPPORTS_ENCRYPT |
e08e6891
DK		 350 KEYCTL_SUPPORTS_DECRYPT |
351 KEYCTL_SUPPORTS_VERIFY;
ad4b1eb5 352
dff5a61a
DK		 353 ret = 0;
354error_free_tfm:
355 crypto_free_akcipher(tfm);
356 pr_devel("<==%s() = %d\n", __func__, ret);
357 return ret;
358}
359
ad4b1eb5
DK		 360/*
361 * Encryption operation is performed with the public key. Hence it is done
362 * in software
363 */
364static int tpm_key_encrypt(struct tpm_key *tk,
365 struct kernel_pkey_params *params,
366 const void *in, void *out)
367{
368 char alg_name[CRYPTO_MAX_ALG_NAME];
369 struct crypto_akcipher *tfm;
370 struct akcipher_request *req;
371 struct crypto_wait cwait;
372 struct scatterlist in_sg, out_sg;
373 uint8_t der_pub_key[PUB_KEY_BUF_SIZE];
374 uint32_t der_pub_key_len;
375 int ret;
376
377 pr_devel("==>%s()\n", __func__);
378
379 ret = determine_akcipher(params->encoding, params->hash_algo, alg_name);
380 if (ret < 0)
381 return ret;
382
383 tfm = crypto_alloc_akcipher(alg_name, 0, 0);
384 if (IS_ERR(tfm))
385 return PTR_ERR(tfm);
386
387 der_pub_key_len = derive_pub_key(tk->pub_key, tk->pub_key_len,
388 der_pub_key);
389
390 ret = crypto_akcipher_set_pub_key(tfm, der_pub_key, der_pub_key_len);
391 if (ret < 0)
392 goto error_free_tfm;
393
394 req = akcipher_request_alloc(tfm, GFP_KERNEL);
395 if (!req)
396 goto error_free_tfm;
397
398 sg_init_one(&in_sg, in, params->in_len);
399 sg_init_one(&out_sg, out, params->out_len);
400 akcipher_request_set_crypt(req, &in_sg, &out_sg, params->in_len,
401 params->out_len);
402 crypto_init_wait(&cwait);
403 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG |
404 CRYPTO_TFM_REQ_MAY_SLEEP,
405 crypto_req_done, &cwait);
406
407 ret = crypto_akcipher_encrypt(req);
408 ret = crypto_wait_req(ret, &cwait);
409
410 if (ret == 0)
411 ret = req->dst_len;
412
413 akcipher_request_free(req);
414error_free_tfm:
415 crypto_free_akcipher(tfm);
416 pr_devel("<==%s() = %d\n", __func__, ret);
417 return ret;
418}
419
a335974a
DK		 420/*
421 * Decryption operation is performed with the private key in the TPM.
422 */
423static int tpm_key_decrypt(struct tpm_key *tk,
424 struct kernel_pkey_params *params,
425 const void *in, void *out)
426{
427 struct tpm_buf *tb;
428 uint32_t keyhandle;
429 uint8_t srkauth[SHA1_DIGEST_SIZE];
430 uint8_t keyauth[SHA1_DIGEST_SIZE];
431 int r;
432
433 pr_devel("==>%s()\n", __func__);
434
435 if (params->hash_algo)
436 return -ENOPKG;
437
438 if (strcmp(params->encoding, "pkcs1"))
439 return -ENOPKG;
440
441 tb = kzalloc(sizeof(*tb), GFP_KERNEL);
442 if (!tb)
443 return -ENOMEM;
444
445 /* TODO: Handle a non-all zero SRK authorization */
446 memset(srkauth, 0, sizeof(srkauth));
447
448 r = tpm_loadkey2(tb, SRKHANDLE, srkauth,
449 tk->blob, tk->blob_len, &keyhandle);
450 if (r < 0) {
451 pr_devel("loadkey2 failed (%d)\n", r);
452 goto error;
453 }
454
455 /* TODO: Handle a non-all zero key authorization */
456 memset(keyauth, 0, sizeof(keyauth));
457
458 r = tpm_unbind(tb, keyhandle, keyauth,
459 in, params->in_len, out, params->out_len);
460 if (r < 0)
461 pr_devel("tpm_unbind failed (%d)\n", r);
462
463 if (tpm_flushspecific(tb, keyhandle) < 0)
464 pr_devel("flushspecific failed (%d)\n", r);
465
466error:
467 kzfree(tb);
468 pr_devel("<==%s() = %d\n", __func__, r);
469 return r;
470}
471
ad4b1eb5
DK		 472/*
473 * Do encryption, decryption and signing ops.
474 */
475static int tpm_key_eds_op(struct kernel_pkey_params *params,
476 const void *in, void *out)
477{
478 struct tpm_key *tk = params->key->payload.data[asym_crypto];
479 int ret = -EOPNOTSUPP;
480
481 /* Perform the encryption calculation. */
482 switch (params->op) {
483 case kernel_pkey_encrypt:
484 ret = tpm_key_encrypt(tk, params, in, out);
485 break;
a335974a
DK		 486 case kernel_pkey_decrypt:
487 ret = tpm_key_decrypt(tk, params, in, out);
488 break;
ad4b1eb5
DK		 489 default:
490 BUG();
491 }
492
493 return ret;
494}
495
e08e6891
DK		 496/*
497 * Verify a signature using a public key.
498 */
499static int tpm_key_verify_signature(const struct key *key,
500 const struct public_key_signature *sig)
501{
502 const struct tpm_key *tk = key->payload.data[asym_crypto];
503 struct crypto_wait cwait;
504 struct crypto_akcipher *tfm;
505 struct akcipher_request *req;
506 struct scatterlist sig_sg, digest_sg;
507 char alg_name[CRYPTO_MAX_ALG_NAME];
508 uint8_t der_pub_key[PUB_KEY_BUF_SIZE];
509 uint32_t der_pub_key_len;
510 void *output;
511 unsigned int outlen;
512 int ret;
513
514 pr_devel("==>%s()\n", __func__);
515
516 BUG_ON(!tk);
517 BUG_ON(!sig);
518 BUG_ON(!sig->s);
519
520 if (!sig->digest)
521 return -ENOPKG;
522
523 ret = determine_akcipher(sig->encoding, sig->hash_algo, alg_name);
524 if (ret < 0)
525 return ret;
526
527 tfm = crypto_alloc_akcipher(alg_name, 0, 0);
528 if (IS_ERR(tfm))
529 return PTR_ERR(tfm);
530
531 der_pub_key_len = derive_pub_key(tk->pub_key, tk->pub_key_len,
532 der_pub_key);
533
534 ret = crypto_akcipher_set_pub_key(tfm, der_pub_key, der_pub_key_len);
535 if (ret < 0)
536 goto error_free_tfm;
537
538 ret = -ENOMEM;
539 req = akcipher_request_alloc(tfm, GFP_KERNEL);
540 if (!req)
541 goto error_free_tfm;
542
543 ret = -ENOMEM;
544 outlen = crypto_akcipher_maxsize(tfm);
545 output = kmalloc(outlen, GFP_KERNEL);
546 if (!output)
547 goto error_free_req;
548
549 sg_init_one(&sig_sg, sig->s, sig->s_size);
550 sg_init_one(&digest_sg, output, outlen);
551 akcipher_request_set_crypt(req, &sig_sg, &digest_sg, sig->s_size,
552 outlen);
553 crypto_init_wait(&cwait);
554 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG |
555 CRYPTO_TFM_REQ_MAY_SLEEP,
556 crypto_req_done, &cwait);
557
558 /* Perform the verification calculation. This doesn't actually do the
559 * verification, but rather calculates the hash expected by the
560 * signature and returns that to us.
561 */
562 ret = crypto_wait_req(crypto_akcipher_verify(req), &cwait);
563 if (ret)
564 goto out_free_output;
565
566 /* Do the actual verification step. */
567 if (req->dst_len != sig->digest_size ||
568 memcmp(sig->digest, output, sig->digest_size) != 0)
569 ret = -EKEYREJECTED;
570
571out_free_output:
572 kfree(output);
573error_free_req:
574 akcipher_request_free(req);
575error_free_tfm:
576 crypto_free_akcipher(tfm);
577 pr_devel("<==%s() = %d\n", __func__, ret);
578 if (WARN_ON_ONCE(ret > 0))
579 ret = -EINVAL;
580 return ret;
581}
582
f8c54e1a
DK		 583/*
584 * Parse enough information out of TPM_KEY structure:
585 * TPM_STRUCT_VER -> 4 bytes
586 * TPM_KEY_USAGE -> 2 bytes
587 * TPM_KEY_FLAGS -> 4 bytes
588 * TPM_AUTH_DATA_USAGE -> 1 byte
589 * TPM_KEY_PARMS -> variable
590 * UINT32 PCRInfoSize -> 4 bytes
591 * BYTE* -> PCRInfoSize bytes
592 * TPM_STORE_PUBKEY
593 * UINT32 encDataSize;
594 * BYTE* -> encDataSize;
595 *
596 * TPM_KEY_PARMS:
597 * TPM_ALGORITHM_ID -> 4 bytes
598 * TPM_ENC_SCHEME -> 2 bytes
599 * TPM_SIG_SCHEME -> 2 bytes
600 * UINT32 parmSize -> 4 bytes
601 * BYTE* -> variable
602 */
603static int extract_key_parameters(struct tpm_key *tk)
604{
605 const void *cur = tk->blob;
606 uint32_t len = tk->blob_len;
607 const void *pub_key;
608 uint32_t sz;
609 uint32_t key_len;
610
611 if (len < 11)
612 return -EBADMSG;
613
614 /* Ensure this is a legacy key */
615 if (get_unaligned_be16(cur + 4) != 0x0015)
616 return -EBADMSG;
617
618 /* Skip to TPM_KEY_PARMS */
619 cur += 11;
620 len -= 11;
621
622 if (len < 12)
623 return -EBADMSG;
624
625 /* Make sure this is an RSA key */
626 if (get_unaligned_be32(cur) != 0x00000001)
627 return -EBADMSG;
628
629 /* Make sure this is TPM_ES_RSAESPKCSv15 encoding scheme */
630 if (get_unaligned_be16(cur + 4) != 0x0002)
631 return -EBADMSG;
632
633 /* Make sure this is TPM_SS_RSASSAPKCS1v15_DER signature scheme */
634 if (get_unaligned_be16(cur + 6) != 0x0003)
635 return -EBADMSG;
636
637 sz = get_unaligned_be32(cur + 8);
638 if (len < sz + 12)
639 return -EBADMSG;
640
641 /* Move to TPM_RSA_KEY_PARMS */
642 len -= 12;
643 cur += 12;
644
645 /* Grab the RSA key length */
646 key_len = get_unaligned_be32(cur);
647
648 switch (key_len) {
649 case 512:
650 case 1024:
651 case 1536:
652 case 2048:
653 break;
654 default:
655 return -EINVAL;
656 }
657
658 /* Move just past TPM_KEY_PARMS */
659 cur += sz;
660 len -= sz;
661
662 if (len < 4)
663 return -EBADMSG;
664
665 sz = get_unaligned_be32(cur);
666 if (len < 4 + sz)
667 return -EBADMSG;
668
669 /* Move to TPM_STORE_PUBKEY */
670 cur += 4 + sz;
671 len -= 4 + sz;
672
673 /* Grab the size of the public key, it should jive with the key size */
674 sz = get_unaligned_be32(cur);
675 if (sz > 256)
676 return -EINVAL;
677
678 pub_key = cur + 4;
679
680 tk->key_len = key_len;
681 tk->pub_key = pub_key;
682 tk->pub_key_len = sz;
683
684 return 0;
685}
686
903be6bb
DK		 687/* Given the blob, parse it and load it into the TPM */
688struct tpm_key *tpm_key_create(const void *blob, uint32_t blob_len)
689{
690 int r;
691 struct tpm_key *tk;
692
693 r = tpm_is_tpm2(NULL);
694 if (r < 0)
695 goto error;
696
697 /* We don't support TPM2 yet */
698 if (r > 0) {
699 r = -ENODEV;
700 goto error;
701 }
702
703 r = -ENOMEM;
704 tk = kzalloc(sizeof(struct tpm_key), GFP_KERNEL);
705 if (!tk)
706 goto error;
707
708 tk->blob = kmemdup(blob, blob_len, GFP_KERNEL);
709 if (!tk->blob)
710 goto error_memdup;
711
712 tk->blob_len = blob_len;
713
f8c54e1a
DK		 714 r = extract_key_parameters(tk);
715 if (r < 0)
716 goto error_extract;
717
903be6bb
DK		 718 return tk;
719
f8c54e1a
DK		 720error_extract:
721 kfree(tk->blob);
722 tk->blob_len = 0;
903be6bb
DK		 723error_memdup:
724 kfree(tk);
725error:
726 return ERR_PTR(r);
727}
728EXPORT_SYMBOL_GPL(tpm_key_create);
729
730/*
731 * TPM-based asymmetric key subtype
732 */
733struct asymmetric_key_subtype asym_tpm_subtype = {
734 .owner = THIS_MODULE,
735 .name = "asym_tpm",
736 .name_len = sizeof("asym_tpm") - 1,
737 .describe = asym_tpm_describe,
738 .destroy = asym_tpm_destroy,
dff5a61a 739 .query = tpm_key_query,
ad4b1eb5 740 .eds_op = tpm_key_eds_op,
e08e6891 741 .verify_signature = tpm_key_verify_signature,
903be6bb
DK		 742};
743EXPORT_SYMBOL_GPL(asym_tpm_subtype);
744
745MODULE_DESCRIPTION("TPM based asymmetric key subtype");
746MODULE_AUTHOR("Intel Corporation");
747MODULE_LICENSE("GPL v2");
Ubuntu Focal Linux kernel mirror