]>
Commit | Line | Data |
---|---|---|
4c5e512e LH |
1 | /* |
2 | * QEMU Crypto akcipher algorithms | |
3 | * | |
4 | * Copyright (c) 2022 Bytedance | |
5 | * Author: lei he <helei.sig11@bytedance.com> | |
6 | * | |
7 | * This library is free software; you can redistribute it and/or | |
8 | * modify it under the terms of the GNU Lesser General Public | |
9 | * License as published by the Free Software Foundation; either | |
10 | * version 2.1 of the License, or (at your option) any later version. | |
11 | * | |
12 | * This library is distributed in the hope that it will be useful, | |
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
15 | * Lesser General Public License for more details. | |
16 | * | |
17 | * You should have received a copy of the GNU Lesser General Public | |
18 | * License along with this library; if not, see <http://www.gnu.org/licenses/>. | |
19 | * | |
20 | */ | |
21 | ||
22 | #include <nettle/asn1.h> | |
23 | ||
24 | #include "qemu/osdep.h" | |
25 | #include "qapi/error.h" | |
26 | #include "rsakey.h" | |
27 | ||
28 | static bool DumpMPI(struct asn1_der_iterator *i, QCryptoAkCipherMPI *mpi) | |
29 | { | |
30 | mpi->data = g_memdup2(i->data, i->length); | |
31 | mpi->len = i->length; | |
32 | return true; | |
33 | } | |
34 | ||
35 | static bool GetMPI(struct asn1_der_iterator *i, QCryptoAkCipherMPI *mpi) | |
36 | { | |
37 | if (asn1_der_iterator_next(i) != ASN1_ITERATOR_PRIMITIVE || | |
38 | i->type != ASN1_INTEGER) { | |
39 | return false; | |
40 | } | |
41 | return DumpMPI(i, mpi); | |
42 | } | |
43 | ||
44 | /** | |
45 | * RsaPrivKey ::= SEQUENCE { | |
46 | * version INTEGER | |
47 | * n INTEGER | |
48 | * e INTEGER | |
49 | * d INTEGER | |
50 | * p INTEGER | |
51 | * q INTEGER | |
52 | * dp INTEGER | |
53 | * dq INTEGER | |
54 | * u INTEGER | |
55 | * otherPrimeInfos OtherPrimeInfos OPTIONAL | |
56 | * } | |
57 | */ | |
58 | static QCryptoAkCipherRSAKey *qcrypto_nettle_rsa_private_key_parse( | |
59 | const uint8_t *key, size_t keylen, Error **errp) | |
60 | { | |
61 | QCryptoAkCipherRSAKey *rsa = g_new0(QCryptoAkCipherRSAKey, 1); | |
62 | struct asn1_der_iterator i; | |
63 | uint32_t version; | |
64 | int tag; | |
65 | ||
66 | /* Parse entire struct */ | |
67 | if (asn1_der_iterator_first(&i, keylen, key) != ASN1_ITERATOR_CONSTRUCTED || | |
68 | i.type != ASN1_SEQUENCE || | |
69 | asn1_der_decode_constructed_last(&i) != ASN1_ITERATOR_PRIMITIVE || | |
70 | i.type != ASN1_INTEGER || | |
71 | !asn1_der_get_uint32(&i, &version) || | |
72 | version > 1 || | |
73 | !GetMPI(&i, &rsa->n) || | |
74 | !GetMPI(&i, &rsa->e) || | |
75 | !GetMPI(&i, &rsa->d) || | |
76 | !GetMPI(&i, &rsa->p) || | |
77 | !GetMPI(&i, &rsa->q) || | |
78 | !GetMPI(&i, &rsa->dp) || | |
79 | !GetMPI(&i, &rsa->dq) || | |
80 | !GetMPI(&i, &rsa->u)) { | |
81 | goto error; | |
82 | } | |
83 | ||
84 | if (version == 1) { | |
85 | tag = asn1_der_iterator_next(&i); | |
86 | /** | |
87 | * According to the standard otherPrimeInfos must be present for | |
88 | * version 1. There is no strict verification here, this is to be | |
89 | * compatible with the unit test of the kernel. TODO: remove this | |
90 | * until linux-kernel's unit-test is fixed; | |
91 | */ | |
92 | if (tag == ASN1_ITERATOR_END) { | |
93 | return rsa; | |
94 | } | |
95 | if (tag != ASN1_ITERATOR_CONSTRUCTED || | |
96 | i.type != ASN1_SEQUENCE) { | |
97 | goto error; | |
98 | } | |
99 | } | |
100 | ||
101 | if (asn1_der_iterator_next(&i) != ASN1_ITERATOR_END) { | |
102 | goto error; | |
103 | } | |
104 | ||
105 | return rsa; | |
106 | ||
107 | error: | |
108 | error_setg(errp, "Failed to parse RSA private key"); | |
109 | qcrypto_akcipher_rsakey_free(rsa); | |
110 | return NULL; | |
111 | } | |
112 | ||
113 | /** | |
114 | * RsaPubKey ::= SEQUENCE { | |
115 | * n INTEGER | |
116 | * e INTEGER | |
117 | * } | |
118 | */ | |
119 | static QCryptoAkCipherRSAKey *qcrypto_nettle_rsa_public_key_parse( | |
120 | const uint8_t *key, size_t keylen, Error **errp) | |
121 | { | |
122 | ||
123 | QCryptoAkCipherRSAKey *rsa = g_new0(QCryptoAkCipherRSAKey, 1); | |
124 | struct asn1_der_iterator i; | |
125 | ||
126 | if (asn1_der_iterator_first(&i, keylen, key) != ASN1_ITERATOR_CONSTRUCTED || | |
127 | i.type != ASN1_SEQUENCE || | |
128 | asn1_der_decode_constructed_last(&i) != ASN1_ITERATOR_PRIMITIVE || | |
129 | !DumpMPI(&i, &rsa->n) || | |
130 | !GetMPI(&i, &rsa->e) || | |
131 | asn1_der_iterator_next(&i) != ASN1_ITERATOR_END) { | |
132 | goto error; | |
133 | } | |
134 | ||
135 | return rsa; | |
136 | ||
137 | error: | |
138 | error_setg(errp, "Failed to parse RSA public key"); | |
139 | qcrypto_akcipher_rsakey_free(rsa); | |
140 | return NULL; | |
141 | } | |
142 | ||
143 | QCryptoAkCipherRSAKey *qcrypto_akcipher_rsakey_parse( | |
144 | QCryptoAkCipherKeyType type, const uint8_t *key, | |
145 | size_t keylen, Error **errp) | |
146 | { | |
147 | switch (type) { | |
148 | case QCRYPTO_AKCIPHER_KEY_TYPE_PRIVATE: | |
149 | return qcrypto_nettle_rsa_private_key_parse(key, keylen, errp); | |
150 | ||
151 | case QCRYPTO_AKCIPHER_KEY_TYPE_PUBLIC: | |
152 | return qcrypto_nettle_rsa_public_key_parse(key, keylen, errp); | |
153 | ||
154 | default: | |
155 | error_setg(errp, "Unknown key type: %d", type); | |
156 | return NULL; | |
157 | } | |
158 | } |