[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20210420114124.9684-16-varad.gautam@suse.com>
Date: Tue, 20 Apr 2021 13:41:20 +0200
From: Varad Gautam <varad.gautam@...e.com>
To: linux-crypto@...r.kernel.org
CC: varad.gautam@...e.com, dhowells@...hat.com,
herbert@...dor.apana.org.au, davem@...emloft.net, vt@...linux.org,
tianjia.zhang@...ux.alibaba.com, keyrings@...r.kernel.org,
linux-kernel@...r.kernel.org, jarkko@...nel.org
Subject: [PATCH v3 15/18] crypto: rsa-psspad: Provide PSS signature verify operation
Trigger RSA transform on the signature being verified from
psspad_verify, to produce intermediary data which will be handled
in the psspad_verify_complete callback.
Reference: https://tools.ietf.org/html/rfc8017#section-8.1.2
Signed-off-by: Varad Gautam <varad.gautam@...e.com>
---
crypto/rsa-psspad.c | 53 ++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 48 insertions(+), 5 deletions(-)
diff --git a/crypto/rsa-psspad.c b/crypto/rsa-psspad.c
index 990c2cda552a7..4e8525d89172d 100644
--- a/crypto/rsa-psspad.c
+++ b/crypto/rsa-psspad.c
@@ -124,7 +124,50 @@ static int pkcs1_mgf1(u8 *seed, unsigned int seed_len,
return ret;
}
-static int psspad_s_v_e_d(struct akcipher_request *req)
+static int psspad_verify_complete(struct akcipher_request *req, int err)
+{
+ return -EOPNOTSUPP;
+}
+
+static void psspad_verify_complete_cb(struct crypto_async_request *child_async_req,
+ int err)
+{
+ rsapad_akcipher_req_complete(child_async_req, err,
+ psspad_verify_complete);
+}
+
+static int psspad_verify(struct akcipher_request *req)
+{
+ struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
+ struct rsapad_tfm_ctx *ctx = akcipher_tfm_ctx(tfm);
+ struct rsapad_akciper_req_ctx *req_ctx = akcipher_request_ctx(req);
+ int err;
+
+ if (WARN_ON(req->dst) ||
+ WARN_ON(!req->dst_len) ||
+ !ctx->key_size || req->src_len < ctx->key_size)
+ return -EINVAL;
+
+ req_ctx->out_buf = kmalloc(ctx->key_size + req->dst_len, GFP_KERNEL);
+ if (!req_ctx->out_buf)
+ return -ENOMEM;
+
+ rsapad_akcipher_sg_set_buf(req_ctx->out_sg, req_ctx->out_buf,
+ ctx->key_size, NULL);
+
+ /* Reuse input buffer, output to a new buffer */
+ rsapad_akcipher_setup_child(req, req->src, req_ctx->out_sg,
+ req->src_len, ctx->key_size,
+ psspad_verify_complete_cb);
+
+ err = crypto_akcipher_encrypt(&req_ctx->child_req);
+ if (err != -EINPROGRESS && err != -EBUSY)
+ return psspad_verify_complete(req, err);
+
+ return err;
+}
+
+static int psspad_s_e_d(struct akcipher_request *req)
{
return -EOPNOTSUPP;
}
@@ -133,10 +176,10 @@ static struct akcipher_alg psspad_alg = {
.init = rsapad_akcipher_init_tfm,
.exit = rsapad_akcipher_exit_tfm,
- .encrypt = psspad_s_v_e_d,
- .decrypt = psspad_s_v_e_d,
- .sign = psspad_s_v_e_d,
- .verify = psspad_s_v_e_d,
+ .encrypt = psspad_s_e_d,
+ .decrypt = psspad_s_e_d,
+ .sign = psspad_s_e_d,
+ .verify = psspad_verify,
.set_pub_key = rsapad_set_pub_key,
.set_priv_key = rsapad_set_priv_key,
.max_size = rsapad_get_max_size,
--
2.30.2
Powered by blists - more mailing lists