1 /* In-software asymmetric public-key crypto subtype
3 * See Documentation/crypto/asymmetric-keys.txt
5 * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
6 * Written by David Howells (dhowells@redhat.com)
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public Licence
10 * as published by the Free Software Foundation; either version
11 * 2 of the Licence, or (at your option) any later version.
14 #define pr_fmt(fmt) "PKEY: "fmt
15 #include <linux/module.h>
16 #include <linux/export.h>
17 #include <linux/kernel.h>
18 #include <linux/slab.h>
19 #include <linux/seq_file.h>
20 #include <linux/scatterlist.h>
21 #include <keys/asymmetric-subtype.h>
22 #include <crypto/public_key.h>
23 #include <crypto/akcipher.h>
25 MODULE_DESCRIPTION("In-software asymmetric public-key subtype");
26 MODULE_AUTHOR("Red Hat, Inc.");
27 MODULE_LICENSE("GPL");
30 * Provide a part of a description of the key for /proc/keys.
32 static void public_key_describe(const struct key
*asymmetric_key
,
35 struct public_key
*key
= asymmetric_key
->payload
.data
[asym_crypto
];
38 seq_printf(m
, "%s.%s", key
->id_type
, key
->pkey_algo
);
42 * Destroy a public key algorithm key.
44 void public_key_free(struct public_key
*key
)
51 EXPORT_SYMBOL_GPL(public_key_free
);
54 * Destroy a public key algorithm key.
56 static void public_key_destroy(void *payload0
, void *payload3
)
58 public_key_free(payload0
);
59 public_key_signature_free(payload3
);
63 * Verify a signature using a public key.
65 int public_key_verify_signature(const struct public_key
*pkey
,
66 const struct public_key_signature
*sig
)
68 struct crypto_wait cwait
;
69 struct crypto_akcipher
*tfm
;
70 struct akcipher_request
*req
;
71 struct scatterlist sig_sg
, digest_sg
;
73 char alg_name_buf
[CRYPTO_MAX_ALG_NAME
];
78 pr_devel("==>%s()\n", __func__
);
85 alg_name
= sig
->pkey_algo
;
86 if (strcmp(sig
->pkey_algo
, "rsa") == 0) {
87 /* The data wangled by the RSA algorithm is typically padded
88 * and encoded in some manner, such as EMSA-PKCS1-1_5 [RFC3447
91 if (snprintf(alg_name_buf
, CRYPTO_MAX_ALG_NAME
,
92 "pkcs1pad(rsa,%s)", sig
->hash_algo
93 ) >= CRYPTO_MAX_ALG_NAME
)
95 alg_name
= alg_name_buf
;
98 tfm
= crypto_alloc_akcipher(alg_name
, 0, 0);
103 req
= akcipher_request_alloc(tfm
, GFP_KERNEL
);
107 ret
= crypto_akcipher_set_pub_key(tfm
, pkey
->key
, pkey
->keylen
);
112 outlen
= crypto_akcipher_maxsize(tfm
);
113 output
= kmalloc(outlen
, GFP_KERNEL
);
117 sg_init_one(&sig_sg
, sig
->s
, sig
->s_size
);
118 sg_init_one(&digest_sg
, output
, outlen
);
119 akcipher_request_set_crypt(req
, &sig_sg
, &digest_sg
, sig
->s_size
,
121 crypto_init_wait(&cwait
);
122 akcipher_request_set_callback(req
, CRYPTO_TFM_REQ_MAY_BACKLOG
|
123 CRYPTO_TFM_REQ_MAY_SLEEP
,
124 crypto_req_done
, &cwait
);
126 /* Perform the verification calculation. This doesn't actually do the
127 * verification, but rather calculates the hash expected by the
128 * signature and returns that to us.
130 ret
= crypto_wait_req(crypto_akcipher_verify(req
), &cwait
);
132 goto out_free_output
;
134 /* Do the actual verification step. */
135 if (req
->dst_len
!= sig
->digest_size
||
136 memcmp(sig
->digest
, output
, sig
->digest_size
) != 0)
142 akcipher_request_free(req
);
144 crypto_free_akcipher(tfm
);
145 pr_devel("<==%s() = %d\n", __func__
, ret
);
146 if (WARN_ON_ONCE(ret
> 0))
150 EXPORT_SYMBOL_GPL(public_key_verify_signature
);
152 static int public_key_verify_signature_2(const struct key
*key
,
153 const struct public_key_signature
*sig
)
155 const struct public_key
*pk
= key
->payload
.data
[asym_crypto
];
156 return public_key_verify_signature(pk
, sig
);
160 * Public key algorithm asymmetric key subtype
162 struct asymmetric_key_subtype public_key_subtype
= {
163 .owner
= THIS_MODULE
,
164 .name
= "public_key",
165 .name_len
= sizeof("public_key") - 1,
166 .describe
= public_key_describe
,
167 .destroy
= public_key_destroy
,
168 .verify_signature
= public_key_verify_signature_2
,
170 EXPORT_SYMBOL_GPL(public_key_subtype
);