Commit | Line | Data |
---|---|---|
a9681bf3 DH |
1 | /* In-software asymmetric public-key crypto subtype |
2 | * | |
3 | * See Documentation/crypto/asymmetric-keys.txt | |
4 | * | |
5 | * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. | |
6 | * Written by David Howells (dhowells@redhat.com) | |
7 | * | |
8 | * This program is free software; you can redistribute it and/or | |
9 | * modify it under the terms of the GNU General Public Licence | |
10 | * as published by the Free Software Foundation; either version | |
11 | * 2 of the Licence, or (at your option) any later version. | |
12 | */ | |
13 | ||
14 | #define pr_fmt(fmt) "PKEY: "fmt | |
15 | #include <linux/module.h> | |
16 | #include <linux/export.h> | |
17 | #include <linux/kernel.h> | |
18 | #include <linux/slab.h> | |
19 | #include <linux/seq_file.h> | |
d43de6c7 | 20 | #include <linux/scatterlist.h> |
a9681bf3 | 21 | #include <keys/asymmetric-subtype.h> |
db6c43bd | 22 | #include <crypto/public_key.h> |
d43de6c7 | 23 | #include <crypto/akcipher.h> |
a9681bf3 DH |
24 | |
25 | MODULE_LICENSE("GPL"); | |
26 | ||
a9681bf3 DH |
27 | /* |
28 | * Provide a part of a description of the key for /proc/keys. | |
29 | */ | |
30 | static void public_key_describe(const struct key *asymmetric_key, | |
31 | struct seq_file *m) | |
32 | { | |
146aa8b1 | 33 | struct public_key *key = asymmetric_key->payload.data[asym_crypto]; |
a9681bf3 DH |
34 | |
35 | if (key) | |
4e8ae72a | 36 | seq_printf(m, "%s.%s", key->id_type, key->pkey_algo); |
a9681bf3 DH |
37 | } |
38 | ||
39 | /* | |
40 | * Destroy a public key algorithm key. | |
41 | */ | |
42 | void public_key_destroy(void *payload) | |
43 | { | |
44 | struct public_key *key = payload; | |
a9681bf3 | 45 | |
db6c43bd TS |
46 | if (key) |
47 | kfree(key->key); | |
48 | kfree(key); | |
a9681bf3 DH |
49 | } |
50 | EXPORT_SYMBOL_GPL(public_key_destroy); | |
51 | ||
d43de6c7 DH |
52 | struct public_key_completion { |
53 | struct completion completion; | |
54 | int err; | |
55 | }; | |
56 | ||
57 | static void public_key_verify_done(struct crypto_async_request *req, int err) | |
58 | { | |
59 | struct public_key_completion *compl = req->data; | |
60 | ||
61 | if (err == -EINPROGRESS) | |
62 | return; | |
63 | ||
64 | compl->err = err; | |
65 | complete(&compl->completion); | |
66 | } | |
67 | ||
a9681bf3 DH |
68 | /* |
69 | * Verify a signature using a public key. | |
70 | */ | |
db6c43bd | 71 | int public_key_verify_signature(const struct public_key *pkey, |
3d167d68 | 72 | const struct public_key_signature *sig) |
a9681bf3 | 73 | { |
d43de6c7 DH |
74 | struct public_key_completion compl; |
75 | struct crypto_akcipher *tfm; | |
76 | struct akcipher_request *req; | |
77 | struct scatterlist sig_sg, digest_sg; | |
78 | const char *alg_name; | |
79 | char alg_name_buf[CRYPTO_MAX_ALG_NAME]; | |
80 | void *output; | |
81 | unsigned int outlen; | |
82 | int ret = -ENOMEM; | |
83 | ||
84 | pr_devel("==>%s()\n", __func__); | |
85 | ||
db6c43bd | 86 | BUG_ON(!pkey); |
3d167d68 DH |
87 | BUG_ON(!sig); |
88 | BUG_ON(!sig->digest); | |
db6c43bd | 89 | BUG_ON(!sig->s); |
a9681bf3 | 90 | |
4e8ae72a DH |
91 | alg_name = sig->pkey_algo; |
92 | if (strcmp(sig->pkey_algo, "rsa") == 0) { | |
d43de6c7 DH |
93 | /* The data wangled by the RSA algorithm is typically padded |
94 | * and encoded in some manner, such as EMSA-PKCS1-1_5 [RFC3447 | |
95 | * sec 8.2]. | |
96 | */ | |
97 | if (snprintf(alg_name_buf, CRYPTO_MAX_ALG_NAME, | |
4e8ae72a | 98 | "pkcs1pad(rsa,%s)", sig->hash_algo |
d43de6c7 DH |
99 | ) >= CRYPTO_MAX_ALG_NAME) |
100 | return -EINVAL; | |
101 | alg_name = alg_name_buf; | |
102 | } | |
103 | ||
104 | tfm = crypto_alloc_akcipher(alg_name, 0, 0); | |
105 | if (IS_ERR(tfm)) | |
106 | return PTR_ERR(tfm); | |
107 | ||
108 | req = akcipher_request_alloc(tfm, GFP_KERNEL); | |
109 | if (!req) | |
110 | goto error_free_tfm; | |
111 | ||
112 | ret = crypto_akcipher_set_pub_key(tfm, pkey->key, pkey->keylen); | |
113 | if (ret) | |
114 | goto error_free_req; | |
115 | ||
116 | outlen = crypto_akcipher_maxsize(tfm); | |
117 | output = kmalloc(outlen, GFP_KERNEL); | |
118 | if (!output) | |
119 | goto error_free_req; | |
120 | ||
121 | sg_init_one(&sig_sg, sig->s, sig->s_size); | |
122 | sg_init_one(&digest_sg, output, outlen); | |
123 | akcipher_request_set_crypt(req, &sig_sg, &digest_sg, sig->s_size, | |
124 | outlen); | |
125 | init_completion(&compl.completion); | |
126 | akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | | |
127 | CRYPTO_TFM_REQ_MAY_SLEEP, | |
128 | public_key_verify_done, &compl); | |
129 | ||
130 | /* Perform the verification calculation. This doesn't actually do the | |
131 | * verification, but rather calculates the hash expected by the | |
132 | * signature and returns that to us. | |
133 | */ | |
134 | ret = crypto_akcipher_verify(req); | |
135 | if (ret == -EINPROGRESS) { | |
136 | wait_for_completion(&compl.completion); | |
137 | ret = compl.err; | |
138 | } | |
139 | if (ret < 0) | |
140 | goto out_free_output; | |
a9681bf3 | 141 | |
d43de6c7 DH |
142 | /* Do the actual verification step. */ |
143 | if (req->dst_len != sig->digest_size || | |
144 | memcmp(sig->digest, output, sig->digest_size) != 0) | |
145 | ret = -EKEYREJECTED; | |
a9681bf3 | 146 | |
d43de6c7 DH |
147 | out_free_output: |
148 | kfree(output); | |
149 | error_free_req: | |
150 | akcipher_request_free(req); | |
151 | error_free_tfm: | |
152 | crypto_free_akcipher(tfm); | |
153 | pr_devel("<==%s() = %d\n", __func__, ret); | |
154 | return ret; | |
3d167d68 DH |
155 | } |
156 | EXPORT_SYMBOL_GPL(public_key_verify_signature); | |
157 | ||
158 | static int public_key_verify_signature_2(const struct key *key, | |
159 | const struct public_key_signature *sig) | |
160 | { | |
146aa8b1 | 161 | const struct public_key *pk = key->payload.data[asym_crypto]; |
3d167d68 | 162 | return public_key_verify_signature(pk, sig); |
a9681bf3 DH |
163 | } |
164 | ||
165 | /* | |
166 | * Public key algorithm asymmetric key subtype | |
167 | */ | |
168 | struct asymmetric_key_subtype public_key_subtype = { | |
169 | .owner = THIS_MODULE, | |
170 | .name = "public_key", | |
876c6e3e | 171 | .name_len = sizeof("public_key") - 1, |
a9681bf3 DH |
172 | .describe = public_key_describe, |
173 | .destroy = public_key_destroy, | |
3d167d68 | 174 | .verify_signature = public_key_verify_signature_2, |
a9681bf3 DH |
175 | }; |
176 | EXPORT_SYMBOL_GPL(public_key_subtype); |