crypto: qat - Switch to new rsa_helper functions

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Drop all asn1 related code and use the new rsa_helper
functions rsa_parse_[pub|priv]_key for parsing the key

Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Salvatore Benedetto and committed by

Herbert Xu 9 years ago 6889621f 6dd7a82c

+21 -55

5 changed files

expand all

drivers

crypto

qat

Kconfig

qat_common

Makefile

qat_asym_algs.c

qat_rsaprivkey.asn1

qat_rsapubkey.asn1

+1 -1

drivers/crypto/qat/Kconfig

··· 5 5 select CRYPTO_BLKCIPHER 6 6 select CRYPTO_AKCIPHER 7 7 select CRYPTO_HMAC 8 + select CRYPTO_RSA 8 9 select CRYPTO_SHA1 9 10 select CRYPTO_SHA256 10 11 select CRYPTO_SHA512 11 12 select FW_LOADER 12 - select ASN1 13 13 14 14 config CRYPTO_DEV_QAT_DH895xCC 15 15 tristate "Support for Intel(R) DH895xCC"

-10

drivers/crypto/qat/qat_common/Makefile

··· 1 - $(obj)/qat_rsapubkey-asn1.o: $(obj)/qat_rsapubkey-asn1.c \ 2 - $(obj)/qat_rsapubkey-asn1.h 3 - $(obj)/qat_rsaprivkey-asn1.o: $(obj)/qat_rsaprivkey-asn1.c \ 4 - $(obj)/qat_rsaprivkey-asn1.h 5 - 6 - clean-files += qat_rsapubkey-asn1.c qat_rsapubkey-asn1.h 7 - clean-files += qat_rsaprivkey-asn1.c qat_rsaprivkey-asn1.h 8 - 9 1 obj-$(CONFIG_CRYPTO_DEV_QAT) += intel_qat.o 10 2 intel_qat-objs := adf_cfg.o \ 11 3 adf_isr.o \ ··· 11 19 adf_hw_arbiter.o \ 12 20 qat_crypto.o \ 13 21 qat_algs.o \ 14 - qat_rsapubkey-asn1.o \ 15 - qat_rsaprivkey-asn1.o \ 16 22 qat_asym_algs.o \ 17 23 qat_uclo.o \ 18 24 qat_hal.o

+20 -29

drivers/crypto/qat/qat_common/qat_asym_algs.c

··· 52 52 #include <linux/dma-mapping.h> 53 53 #include <linux/fips.h> 54 54 #include <crypto/scatterwalk.h> 55 - #include "qat_rsapubkey-asn1.h" 56 - #include "qat_rsaprivkey-asn1.h" 57 55 #include "icp_qat_fw_pke.h" 58 56 #include "adf_accel_devices.h" 59 57 #include "adf_transport.h" ··· 500 502 return ret; 501 503 } 502 504 503 - int qat_rsa_get_n(void *context, size_t hdrlen, unsigned char tag, 504 - const void *value, size_t vlen) 505 + int qat_rsa_set_n(struct qat_rsa_ctx *ctx, const char *value, size_t vlen) 505 506 { 506 - struct qat_rsa_ctx *ctx = context; 507 507 struct qat_crypto_instance *inst = ctx->inst; 508 508 struct device *dev = &GET_DEV(inst->accel_dev); 509 509 const char *ptr = value; ··· 514 518 515 519 ctx->key_sz = vlen; 516 520 ret = -EINVAL; 517 - /* In FIPS mode only allow key size 2K & 3K */ 518 - if (fips_enabled && (ctx->key_sz != 256 && ctx->key_sz != 384)) { 519 - pr_err("QAT: RSA: key size not allowed in FIPS mode\n"); 520 - goto err; 521 - } 522 521 /* invalid key size provided */ 523 522 if (!qat_rsa_enc_fn_id(ctx->key_sz)) 524 523 goto err; ··· 531 540 return ret; 532 541 } 533 542 534 - int qat_rsa_get_e(void *context, size_t hdrlen, unsigned char tag, 535 - const void *value, size_t vlen) 543 + int qat_rsa_set_e(struct qat_rsa_ctx *ctx, const char *value, size_t vlen) 536 544 { 537 - struct qat_rsa_ctx *ctx = context; 538 545 struct qat_crypto_instance *inst = ctx->inst; 539 546 struct device *dev = &GET_DEV(inst->accel_dev); 540 547 const char *ptr = value; ··· 548 559 } 549 560 550 561 ctx->e = dma_zalloc_coherent(dev, ctx->key_sz, &ctx->dma_e, GFP_KERNEL); 551 - if (!ctx->e) { 552 - ctx->e = NULL; 562 + if (!ctx->e) 553 563 return -ENOMEM; 554 - } 564 + 555 565 memcpy(ctx->e + (ctx->key_sz - vlen), ptr, vlen); 556 566 return 0; 557 567 } 558 568 559 - int qat_rsa_get_d(void *context, size_t hdrlen, unsigned char tag, 560 - const void *value, size_t vlen) 569 + int qat_rsa_set_d(struct qat_rsa_ctx *ctx, const char *value, size_t vlen) 561 570 { 562 - struct qat_rsa_ctx *ctx = context; 563 571 struct qat_crypto_instance *inst = ctx->inst; 564 572 struct device *dev = &GET_DEV(inst->accel_dev); 565 573 const char *ptr = value; ··· 570 584 ret = -EINVAL; 571 585 if (!ctx->key_sz || !vlen || vlen > ctx->key_sz) 572 586 goto err; 573 - 574 - /* In FIPS mode only allow key size 2K & 3K */ 575 - if (fips_enabled && (vlen != 256 && vlen != 384)) { 576 - pr_err("QAT: RSA: key size not allowed in FIPS mode\n"); 577 - goto err; 578 - } 579 587 580 588 ret = -ENOMEM; 581 589 ctx->d = dma_zalloc_coherent(dev, ctx->key_sz, &ctx->dma_d, GFP_KERNEL); ··· 588 608 { 589 609 struct qat_rsa_ctx *ctx = akcipher_tfm_ctx(tfm); 590 610 struct device *dev = &GET_DEV(ctx->inst->accel_dev); 611 + struct rsa_key rsa_key; 591 612 int ret; 592 613 593 614 /* Free the old key if any */ ··· 606 625 ctx->d = NULL; 607 626 608 627 if (private) 609 - ret = asn1_ber_decoder(&qat_rsaprivkey_decoder, ctx, key, 610 - keylen); 628 + ret = rsa_parse_priv_key(&rsa_key, key, keylen); 611 629 else 612 - ret = asn1_ber_decoder(&qat_rsapubkey_decoder, ctx, key, 613 - keylen); 630 + ret = rsa_parse_pub_key(&rsa_key, key, keylen); 614 631 if (ret < 0) 615 632 goto free; 633 + 634 + ret = qat_rsa_set_n(ctx, rsa_key.n, rsa_key.n_sz); 635 + if (ret < 0) 636 + goto free; 637 + ret = qat_rsa_set_e(ctx, rsa_key.e, rsa_key.e_sz); 638 + if (ret < 0) 639 + goto free; 640 + if (private) { 641 + ret = qat_rsa_set_d(ctx, rsa_key.d, rsa_key.d_sz); 642 + if (ret < 0) 643 + goto free; 644 + } 616 645 617 646 if (!ctx->n || !ctx->e) { 618 647 /* invalid key provided */

-11

drivers/crypto/qat/qat_common/qat_rsaprivkey.asn1

··· 1 - RsaPrivKey ::= SEQUENCE { 2 - version INTEGER, 3 - n INTEGER ({ qat_rsa_get_n }), 4 - e INTEGER ({ qat_rsa_get_e }), 5 - d INTEGER ({ qat_rsa_get_d }), 6 - prime1 INTEGER, 7 - prime2 INTEGER, 8 - exponent1 INTEGER, 9 - exponent2 INTEGER, 10 - coefficient INTEGER 11 - }

-4

drivers/crypto/qat/qat_common/qat_rsapubkey.asn1

··· 1 - RsaPubKey ::= SEQUENCE { 2 - n INTEGER ({ qat_rsa_get_n }), 3 - e INTEGER ({ qat_rsa_get_e }) 4 - }