AX88772C_eeprom and ax8872c build together

hc

2024-05-16 8d2a02b24d66aa359e83eebc1ed3c0f85367a1cb

 kernel/crypto/asymmetric_keys/public_key.c
..
..
@@ -1,14 +1,10 @@
1
+// SPDX-License-Identifier: GPL-2.0-or-later
1
2
 /* In-software asymmetric public-key crypto subtype
2
3
  *
3
- * See Documentation/crypto/asymmetric-keys.txt
4
+ * See Documentation/crypto/asymmetric-keys.rst
4
5
  *
5
6
  * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
6
7
  * Written by David Howells (dhowells@redhat.com)
7
- *
8
- * This program is free software; you can redistribute it and/or
9
- * modify it under the terms of the GNU General Public Licence
10
- * as published by the Free Software Foundation; either version
11
- * 2 of the Licence, or (at your option) any later version.
12
8
  */
13
9
 
14
10
 #define pr_fmt(fmt) "PKEY: "fmt
..
..
@@ -21,6 +17,8 @@
21
17
 #include <keys/asymmetric-subtype.h>
22
18
 #include <crypto/public_key.h>
23
19
 #include <crypto/akcipher.h>
20
+#include <crypto/sm2.h>
21
+#include <crypto/sm3_base.h>
24
22
 
25
23
 MODULE_DESCRIPTION("In-software asymmetric public-key subtype");
26
24
 MODULE_AUTHOR("Red Hat, Inc.");
..
..
@@ -45,6 +43,7 @@
45
43
 {
46
44
 	if (key) {
47
45
 		kfree(key->key);
46
+		kfree(key->params);
48
47
 		kfree(key);
49
48
 	}
50
49
 }
..
..
@@ -60,42 +59,129 @@
60
59
 }
61
60
 
62
61
 /*
63
- * Verify a signature using a public key.
62
+ * Determine the crypto algorithm name.
64
63
  */
65
-int public_key_verify_signature(const struct public_key *pkey,
66
-				const struct public_key_signature *sig)
64
+static
65
+int software_key_determine_akcipher(const char *encoding,
66
+				    const char *hash_algo,
67
+				    const struct public_key *pkey,
68
+				    char alg_name[CRYPTO_MAX_ALG_NAME])
67
69
 {
68
-	struct crypto_wait cwait;
69
-	struct crypto_akcipher *tfm;
70
-	struct akcipher_request *req;
71
-	struct scatterlist sig_sg, digest_sg;
72
-	const char *alg_name;
73
-	char alg_name_buf[CRYPTO_MAX_ALG_NAME];
74
-	void *output;
75
-	unsigned int outlen;
76
-	int ret;
70
+	int n;
77
71
 
78
-	pr_devel("==>%s()\n", __func__);
79
-
80
-	BUG_ON(!pkey);
81
-	BUG_ON(!sig);
82
-	BUG_ON(!sig->s);
83
-
84
-	if (!sig->digest)
85
-		return -ENOPKG;
86
-
87
-	alg_name = sig->pkey_algo;
88
-	if (strcmp(sig->pkey_algo, "rsa") == 0) {
72
+	if (strcmp(encoding, "pkcs1") == 0) {
89
73
 		/* The data wangled by the RSA algorithm is typically padded
90
74
 		 * and encoded in some manner, such as EMSA-PKCS1-1_5 [RFC3447
91
75
 		 * sec 8.2].
92
76
 		 */
93
-		if (snprintf(alg_name_buf, CRYPTO_MAX_ALG_NAME,
94
-			     "pkcs1pad(rsa,%s)", sig->hash_algo
95
-			     ) >= CRYPTO_MAX_ALG_NAME)
96
-			return -EINVAL;
97
-		alg_name = alg_name_buf;
77
+		if (!hash_algo)
78
+			n = snprintf(alg_name, CRYPTO_MAX_ALG_NAME,
79
+				     "pkcs1pad(%s)",
80
+				     pkey->pkey_algo);
81
+		else
82
+			n = snprintf(alg_name, CRYPTO_MAX_ALG_NAME,
83
+				     "pkcs1pad(%s,%s)",
84
+				     pkey->pkey_algo, hash_algo);
85
+		return n >= CRYPTO_MAX_ALG_NAME ? -EINVAL : 0;
98
86
 	}
87
+
88
+	if (strcmp(encoding, "raw") == 0) {
89
+		strcpy(alg_name, pkey->pkey_algo);
90
+		return 0;
91
+	}
92
+
93
+	return -ENOPKG;
94
+}
95
+
96
+static u8 *pkey_pack_u32(u8 *dst, u32 val)
97
+{
98
+	memcpy(dst, &val, sizeof(val));
99
+	return dst + sizeof(val);
100
+}
101
+
102
+/*
103
+ * Query information about a key.
104
+ */
105
+static int software_key_query(const struct kernel_pkey_params *params,
106
+			      struct kernel_pkey_query *info)
107
+{
108
+	struct crypto_akcipher *tfm;
109
+	struct public_key *pkey = params->key->payload.data[asym_crypto];
110
+	char alg_name[CRYPTO_MAX_ALG_NAME];
111
+	u8 *key, *ptr;
112
+	int ret, len;
113
+
114
+	ret = software_key_determine_akcipher(params->encoding,
115
+					      params->hash_algo,
116
+					      pkey, alg_name);
117
+	if (ret < 0)
118
+		return ret;
119
+
120
+	tfm = crypto_alloc_akcipher(alg_name, 0, 0);
121
+	if (IS_ERR(tfm))
122
+		return PTR_ERR(tfm);
123
+
124
+	ret = -ENOMEM;
125
+	key = kmalloc(pkey->keylen + sizeof(u32) * 2 + pkey->paramlen,
126
+		      GFP_KERNEL);
127
+	if (!key)
128
+		goto error_free_tfm;
129
+	memcpy(key, pkey->key, pkey->keylen);
130
+	ptr = key + pkey->keylen;
131
+	ptr = pkey_pack_u32(ptr, pkey->algo);
132
+	ptr = pkey_pack_u32(ptr, pkey->paramlen);
133
+	memcpy(ptr, pkey->params, pkey->paramlen);
134
+
135
+	if (pkey->key_is_private)
136
+		ret = crypto_akcipher_set_priv_key(tfm, key, pkey->keylen);
137
+	else
138
+		ret = crypto_akcipher_set_pub_key(tfm, key, pkey->keylen);
139
+	if (ret < 0)
140
+		goto error_free_key;
141
+
142
+	len = crypto_akcipher_maxsize(tfm);
143
+	info->key_size = len * 8;
144
+	info->max_data_size = len;
145
+	info->max_sig_size = len;
146
+	info->max_enc_size = len;
147
+	info->max_dec_size = len;
148
+	info->supported_ops = (KEYCTL_SUPPORTS_ENCRYPT |
149
+			       KEYCTL_SUPPORTS_VERIFY);
150
+	if (pkey->key_is_private)
151
+		info->supported_ops |= (KEYCTL_SUPPORTS_DECRYPT |
152
+					KEYCTL_SUPPORTS_SIGN);
153
+	ret = 0;
154
+
155
+error_free_key:
156
+	kfree(key);
157
+error_free_tfm:
158
+	crypto_free_akcipher(tfm);
159
+	pr_devel("<==%s() = %d\n", __func__, ret);
160
+	return ret;
161
+}
162
+
163
+/*
164
+ * Do encryption, decryption and signing ops.
165
+ */
166
+static int software_key_eds_op(struct kernel_pkey_params *params,
167
+			       const void *in, void *out)
168
+{
169
+	const struct public_key *pkey = params->key->payload.data[asym_crypto];
170
+	struct akcipher_request *req;
171
+	struct crypto_akcipher *tfm;
172
+	struct crypto_wait cwait;
173
+	struct scatterlist in_sg, out_sg;
174
+	char alg_name[CRYPTO_MAX_ALG_NAME];
175
+	char *key, *ptr;
176
+	int ret;
177
+
178
+	pr_devel("==>%s()\n", __func__);
179
+
180
+	ret = software_key_determine_akcipher(params->encoding,
181
+					      params->hash_algo,
182
+					      pkey, alg_name);
183
+	if (ret < 0)
184
+		return ret;
99
185
 
100
186
 	tfm = crypto_alloc_akcipher(alg_name, 0, 0);
101
187
 	if (IS_ERR(tfm))
..
..
@@ -106,40 +192,197 @@
106
192
 	if (!req)
107
193
 		goto error_free_tfm;
108
194
 
109
-	ret = crypto_akcipher_set_pub_key(tfm, pkey->key, pkey->keylen);
195
+	key = kmalloc(pkey->keylen + sizeof(u32) * 2 + pkey->paramlen,
196
+		      GFP_KERNEL);
197
+	if (!key)
198
+		goto error_free_req;
199
+
200
+	memcpy(key, pkey->key, pkey->keylen);
201
+	ptr = key + pkey->keylen;
202
+	ptr = pkey_pack_u32(ptr, pkey->algo);
203
+	ptr = pkey_pack_u32(ptr, pkey->paramlen);
204
+	memcpy(ptr, pkey->params, pkey->paramlen);
205
+
206
+	if (pkey->key_is_private)
207
+		ret = crypto_akcipher_set_priv_key(tfm, key, pkey->keylen);
208
+	else
209
+		ret = crypto_akcipher_set_pub_key(tfm, key, pkey->keylen);
110
210
 	if (ret)
111
-		goto error_free_req;
211
+		goto error_free_key;
112
212
 
113
-	ret = -ENOMEM;
114
-	outlen = crypto_akcipher_maxsize(tfm);
115
-	output = kmalloc(outlen, GFP_KERNEL);
116
-	if (!output)
117
-		goto error_free_req;
118
-
119
-	sg_init_one(&sig_sg, sig->s, sig->s_size);
120
-	sg_init_one(&digest_sg, output, outlen);
121
-	akcipher_request_set_crypt(req, &sig_sg, &digest_sg, sig->s_size,
122
-				   outlen);
213
+	sg_init_one(&in_sg, in, params->in_len);
214
+	sg_init_one(&out_sg, out, params->out_len);
215
+	akcipher_request_set_crypt(req, &in_sg, &out_sg, params->in_len,
216
+				   params->out_len);
123
217
 	crypto_init_wait(&cwait);
124
218
 	akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG |
125
219
 				      CRYPTO_TFM_REQ_MAY_SLEEP,
126
220
 				      crypto_req_done, &cwait);
127
221
 
128
-	/* Perform the verification calculation.  This doesn't actually do the
129
-	 * verification, but rather calculates the hash expected by the
130
-	 * signature and returns that to us.
131
-	 */
132
-	ret = crypto_wait_req(crypto_akcipher_verify(req), &cwait);
222
+	/* Perform the encryption calculation. */
223
+	switch (params->op) {
224
+	case kernel_pkey_encrypt:
225
+		ret = crypto_akcipher_encrypt(req);
226
+		break;
227
+	case kernel_pkey_decrypt:
228
+		ret = crypto_akcipher_decrypt(req);
229
+		break;
230
+	case kernel_pkey_sign:
231
+		ret = crypto_akcipher_sign(req);
232
+		break;
233
+	default:
234
+		BUG();
235
+	}
236
+
237
+	ret = crypto_wait_req(ret, &cwait);
238
+	if (ret == 0)
239
+		ret = req->dst_len;
240
+
241
+error_free_key:
242
+	kfree(key);
243
+error_free_req:
244
+	akcipher_request_free(req);
245
+error_free_tfm:
246
+	crypto_free_akcipher(tfm);
247
+	pr_devel("<==%s() = %d\n", __func__, ret);
248
+	return ret;
249
+}
250
+
251
+#if IS_REACHABLE(CONFIG_CRYPTO_SM2)
252
+static int cert_sig_digest_update(const struct public_key_signature *sig,
253
+				  struct crypto_akcipher *tfm_pkey)
254
+{
255
+	struct crypto_shash *tfm;
256
+	struct shash_desc *desc;
257
+	size_t desc_size;
258
+	unsigned char dgst[SM3_DIGEST_SIZE];
259
+	int ret;
260
+
261
+	BUG_ON(!sig->data);
262
+
263
+	/* SM2 signatures always use the SM3 hash algorithm */
264
+	if (!sig->hash_algo || strcmp(sig->hash_algo, "sm3") != 0)
265
+		return -EINVAL;
266
+
267
+	ret = sm2_compute_z_digest(tfm_pkey, SM2_DEFAULT_USERID,
268
+					SM2_DEFAULT_USERID_LEN, dgst);
133
269
 	if (ret)
134
-		goto out_free_output;
270
+		return ret;
135
271
 
136
-	/* Do the actual verification step. */
137
-	if (req->dst_len != sig->digest_size ||
138
-	    memcmp(sig->digest, output, sig->digest_size) != 0)
139
-		ret = -EKEYREJECTED;
272
+	tfm = crypto_alloc_shash(sig->hash_algo, 0, 0);
273
+	if (IS_ERR(tfm))
274
+		return PTR_ERR(tfm);
140
275
 
141
-out_free_output:
142
-	kfree(output);
276
+	desc_size = crypto_shash_descsize(tfm) + sizeof(*desc);
277
+	desc = kzalloc(desc_size, GFP_KERNEL);
278
+	if (!desc) {
279
+		ret = -ENOMEM;
280
+		goto error_free_tfm;
281
+	}
282
+
283
+	desc->tfm = tfm;
284
+
285
+	ret = crypto_shash_init(desc);
286
+	if (ret < 0)
287
+		goto error_free_desc;
288
+
289
+	ret = crypto_shash_update(desc, dgst, SM3_DIGEST_SIZE);
290
+	if (ret < 0)
291
+		goto error_free_desc;
292
+
293
+	ret = crypto_shash_finup(desc, sig->data, sig->data_size, sig->digest);
294
+
295
+error_free_desc:
296
+	kfree(desc);
297
+error_free_tfm:
298
+	crypto_free_shash(tfm);
299
+	return ret;
300
+}
301
+#else
302
+static inline int cert_sig_digest_update(
303
+	const struct public_key_signature *sig,
304
+	struct crypto_akcipher *tfm_pkey)
305
+{
306
+	return -ENOTSUPP;
307
+}
308
+#endif /* ! IS_REACHABLE(CONFIG_CRYPTO_SM2) */
309
+
310
+/*
311
+ * Verify a signature using a public key.
312
+ */
313
+int public_key_verify_signature(const struct public_key *pkey,
314
+				const struct public_key_signature *sig)
315
+{
316
+	struct crypto_wait cwait;
317
+	struct crypto_akcipher *tfm;
318
+	struct akcipher_request *req;
319
+	struct scatterlist src_sg;
320
+	char alg_name[CRYPTO_MAX_ALG_NAME];
321
+	char *buf, *ptr;
322
+	size_t buf_len;
323
+	int ret;
324
+
325
+	pr_devel("==>%s()\n", __func__);
326
+
327
+	BUG_ON(!pkey);
328
+	BUG_ON(!sig);
329
+	BUG_ON(!sig->s);
330
+
331
+	ret = software_key_determine_akcipher(sig->encoding,
332
+					      sig->hash_algo,
333
+					      pkey, alg_name);
334
+	if (ret < 0)
335
+		return ret;
336
+
337
+	tfm = crypto_alloc_akcipher(alg_name, 0, 0);
338
+	if (IS_ERR(tfm))
339
+		return PTR_ERR(tfm);
340
+
341
+	ret = -ENOMEM;
342
+	req = akcipher_request_alloc(tfm, GFP_KERNEL);
343
+	if (!req)
344
+		goto error_free_tfm;
345
+
346
+	buf_len = max_t(size_t, pkey->keylen + sizeof(u32) * 2 + pkey->paramlen,
347
+			sig->s_size + sig->digest_size);
348
+
349
+	buf = kmalloc(buf_len, GFP_KERNEL);
350
+	if (!buf)
351
+		goto error_free_req;
352
+
353
+	memcpy(buf, pkey->key, pkey->keylen);
354
+	ptr = buf + pkey->keylen;
355
+	ptr = pkey_pack_u32(ptr, pkey->algo);
356
+	ptr = pkey_pack_u32(ptr, pkey->paramlen);
357
+	memcpy(ptr, pkey->params, pkey->paramlen);
358
+
359
+	if (pkey->key_is_private)
360
+		ret = crypto_akcipher_set_priv_key(tfm, buf, pkey->keylen);
361
+	else
362
+		ret = crypto_akcipher_set_pub_key(tfm, buf, pkey->keylen);
363
+	if (ret)
364
+		goto error_free_buf;
365
+
366
+	if (strcmp(pkey->pkey_algo, "sm2") == 0 && sig->data_size) {
367
+		ret = cert_sig_digest_update(sig, tfm);
368
+		if (ret)
369
+			goto error_free_buf;
370
+	}
371
+
372
+	memcpy(buf, sig->s, sig->s_size);
373
+	memcpy(buf + sig->s_size, sig->digest, sig->digest_size);
374
+
375
+	sg_init_one(&src_sg, buf, sig->s_size + sig->digest_size);
376
+	akcipher_request_set_crypt(req, &src_sg, NULL, sig->s_size,
377
+				   sig->digest_size);
378
+	crypto_init_wait(&cwait);
379
+	akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG |
380
+				      CRYPTO_TFM_REQ_MAY_SLEEP,
381
+				      crypto_req_done, &cwait);
382
+	ret = crypto_wait_req(crypto_akcipher_verify(req), &cwait);
383
+
384
+error_free_buf:
385
+	kfree(buf);
143
386
 error_free_req:
144
387
 	akcipher_request_free(req);
145
388
 error_free_tfm:
..
..
@@ -167,6 +410,8 @@
167
410
 	.name_len		= sizeof("public_key") - 1,
168
411
 	.describe		= public_key_describe,
169
412
 	.destroy		= public_key_destroy,
413
+	.query			= software_key_query,
414
+	.eds_op			= software_key_eds_op,
170
415
 	.verify_signature	= public_key_verify_signature_2,
171
416
 };
172
417
 EXPORT_SYMBOL_GPL(public_key_subtype);