crypto: sig - Introduce sig_alg backend

Asymmetric Signature Algorithm Definitions

------------------------------------------

.. kernel-doc:: include/crypto/sig.h

   :functions: sig_alg

Asymmetric Signature API

------------------------

.. kernel-doc:: include/crypto/sig.h

   :doc: Generic Public Key Signature API

.. kernel-doc:: include/crypto/sig.h

   :functions: crypto_alloc_sig crypto_free_sig crypto_sig_set_pubkey crypto_sig_set_privkey crypto_sig_maxsize crypto_sig_sign crypto_sig_verify

   api-digest

   api-rng

   api-akcipher

   api-sig

   api-kpp

-  CRYPTO_ALG_TYPE_AKCIPHER Asymmetric cipher

-  CRYPTO_ALG_TYPE_SIG Asymmetric signature

-  CRYPTO_ALG_TYPE_PCOMPRESS Enhanced version of

   CRYPTO_ALG_TYPE_COMPRESS allowing for segmented compression /

   decompression instead of performing the operation on one segment

static const struct crypto_type crypto_sig_type;

static void crypto_sig_exit_tfm(struct crypto_tfm *tfm)

{

	struct crypto_sig *sig = __crypto_sig_tfm(tfm);

	struct sig_alg *alg = crypto_sig_alg(sig);

	alg->exit(sig);

}

static int crypto_sig_init_tfm(struct crypto_tfm *tfm)

{

	if (tfm->__crt_alg->cra_type != &crypto_sig_type)

		return crypto_init_akcipher_ops_sig(tfm);

	struct crypto_sig *sig = __crypto_sig_tfm(tfm);

	struct sig_alg *alg = crypto_sig_alg(sig);

	if (alg->exit)

		sig->base.exit = crypto_sig_exit_tfm;

	if (alg->init)

		return alg->init(sig);

	return 0;

}

static void crypto_sig_free_instance(struct crypto_instance *inst)

{

	struct sig_instance *sig = sig_instance(inst);

	sig->free(sig);

}

static void __maybe_unused crypto_sig_show(struct seq_file *m,

					   struct crypto_alg *alg)

{

static int __maybe_unused crypto_sig_report(struct sk_buff *skb,

					    struct crypto_alg *alg)

{

	struct crypto_report_akcipher rsig = {};

	struct crypto_report_sig rsig = {};

	strscpy(rsig.type, "sig", sizeof(rsig.type));

	return nla_put(skb, CRYPTOCFGA_REPORT_AKCIPHER, sizeof(rsig), &rsig);

	return nla_put(skb, CRYPTOCFGA_REPORT_SIG, sizeof(rsig), &rsig);

}

static const struct crypto_type crypto_sig_type = {

	.extsize = crypto_alg_extsize,

	.init_tfm = crypto_sig_init_tfm,

	.free = crypto_sig_free_instance,

#ifdef CONFIG_PROC_FS

	.show = crypto_sig_show,

#endif

int crypto_sig_maxsize(struct crypto_sig *tfm)

{

	if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type)

		goto akcipher;

	struct sig_alg *alg = crypto_sig_alg(tfm);

	return alg->max_size(tfm);

akcipher:

	struct crypto_akcipher **ctx = crypto_sig_ctx(tfm);

	return crypto_akcipher_maxsize(*ctx);

		    const void *src, unsigned int slen,

		    void *dst, unsigned int dlen)

{

	if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type)

		goto akcipher;

	struct sig_alg *alg = crypto_sig_alg(tfm);

	return alg->sign(tfm, src, slen, dst, dlen);

akcipher:

	struct crypto_akcipher **ctx = crypto_sig_ctx(tfm);

	struct crypto_akcipher_sync_data data = {

		.tfm = *ctx,

		      const void *src, unsigned int slen,

		      const void *digest, unsigned int dlen)

{

	if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type)

		goto akcipher;

	struct sig_alg *alg = crypto_sig_alg(tfm);

	return alg->verify(tfm, src, slen, digest, dlen);

akcipher:

	struct crypto_akcipher **ctx = crypto_sig_ctx(tfm);

	struct crypto_akcipher_sync_data data = {

		.tfm = *ctx,

int crypto_sig_set_pubkey(struct crypto_sig *tfm,

			  const void *key, unsigned int keylen)

{

	if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type)

		goto akcipher;

	struct sig_alg *alg = crypto_sig_alg(tfm);

	return alg->set_pub_key(tfm, key, keylen);

akcipher:

	struct crypto_akcipher **ctx = crypto_sig_ctx(tfm);

	return crypto_akcipher_set_pub_key(*ctx, key, keylen);

int crypto_sig_set_privkey(struct crypto_sig *tfm,

			  const void *key, unsigned int keylen)

{

	if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type)

		goto akcipher;

	struct sig_alg *alg = crypto_sig_alg(tfm);

	return alg->set_priv_key(tfm, key, keylen);

akcipher:

	struct crypto_akcipher **ctx = crypto_sig_ctx(tfm);

	return crypto_akcipher_set_priv_key(*ctx, key, keylen);

}

EXPORT_SYMBOL_GPL(crypto_sig_set_privkey);

static void sig_prepare_alg(struct sig_alg *alg)

{

	struct crypto_alg *base = &alg->base;

	base->cra_type = &crypto_sig_type;

	base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK;

	base->cra_flags |= CRYPTO_ALG_TYPE_SIG;

}

static int sig_default_sign(struct crypto_sig *tfm,

			    const void *src, unsigned int slen,

			    void *dst, unsigned int dlen)

{

	return -ENOSYS;

}

static int sig_default_verify(struct crypto_sig *tfm,

			      const void *src, unsigned int slen,

			      const void *dst, unsigned int dlen)

{

	return -ENOSYS;

}

static int sig_default_set_key(struct crypto_sig *tfm,

			       const void *key, unsigned int keylen)

{

	return -ENOSYS;

}

int crypto_register_sig(struct sig_alg *alg)

{

	struct crypto_alg *base = &alg->base;

	if (!alg->sign)

		alg->sign = sig_default_sign;

	if (!alg->verify)

		alg->verify = sig_default_verify;

	if (!alg->set_priv_key)

		alg->set_priv_key = sig_default_set_key;

	if (!alg->set_pub_key)

		return -EINVAL;

	if (!alg->max_size)

		return -EINVAL;

	sig_prepare_alg(alg);

	return crypto_register_alg(base);

}

EXPORT_SYMBOL_GPL(crypto_register_sig);

void crypto_unregister_sig(struct sig_alg *alg)

{

	crypto_unregister_alg(&alg->base);

}

EXPORT_SYMBOL_GPL(crypto_unregister_sig);

int sig_register_instance(struct crypto_template *tmpl,

			  struct sig_instance *inst)

{

	if (WARN_ON(!inst->free))

		return -EINVAL;

	sig_prepare_alg(&inst->alg);

	return crypto_register_instance(tmpl, sig_crypto_instance(inst));

}

EXPORT_SYMBOL_GPL(sig_register_instance);

int crypto_grab_sig(struct crypto_sig_spawn *spawn,

		    struct crypto_instance *inst,

		    const char *name, u32 type, u32 mask)

{

	spawn->base.frontend = &crypto_sig_type;

	return crypto_grab_spawn(&spawn->base, inst, name, type, mask);

}

EXPORT_SYMBOL_GPL(crypto_grab_sig);

MODULE_LICENSE("GPL");

MODULE_DESCRIPTION("Public Key Signature Algorithms");

#include <crypto/akcipher.h>

#include <crypto/kpp.h>

#include <crypto/acompress.h>

#include <crypto/sig.h>

#include <crypto/internal/cipher.h>

#include <crypto/internal/simd.h>

	unsigned int count;

};

struct sig_test_suite {

	const struct sig_testvec *vecs;

	unsigned int count;

};

struct kpp_test_suite {

	const struct kpp_testvec *vecs;

	unsigned int count;

		struct cprng_test_suite cprng;

		struct drbg_test_suite drbg;

		struct akcipher_test_suite akcipher;

		struct sig_test_suite sig;

		struct kpp_test_suite kpp;

	} suite;

};

	return err;

}

static int test_sig_one(struct crypto_sig *tfm, const struct sig_testvec *vecs)

{

	u8 *ptr, *key __free(kfree);

	int err, sig_size;

	key = kmalloc(vecs->key_len + 2 * sizeof(u32) + vecs->param_len,

		      GFP_KERNEL);

	if (!key)

		return -ENOMEM;

	/* ecrdsa expects additional parameters appended to the key */

	memcpy(key, vecs->key, vecs->key_len);

	ptr = key + vecs->key_len;

	ptr = test_pack_u32(ptr, vecs->algo);

	ptr = test_pack_u32(ptr, vecs->param_len);

	memcpy(ptr, vecs->params, vecs->param_len);

	if (vecs->public_key_vec)

		err = crypto_sig_set_pubkey(tfm, key, vecs->key_len);

	else

		err = crypto_sig_set_privkey(tfm, key, vecs->key_len);

	if (err)

		return err;

	/*

	 * Run asymmetric signature verification first

	 * (which does not require a private key)

	 */

	err = crypto_sig_verify(tfm, vecs->c, vecs->c_size,

				vecs->m, vecs->m_size);

	if (err) {

		pr_err("alg: sig: verify test failed: err %d\n", err);

		return err;

	}

	/*

	 * Don't invoke sign test (which requires a private key)

	 * for vectors with only a public key.

	 */

	if (vecs->public_key_vec)

		return 0;

	sig_size = crypto_sig_maxsize(tfm);

	if (sig_size < vecs->c_size) {

		pr_err("alg: sig: invalid maxsize %u\n", sig_size);

		return -EINVAL;

	}

	u8 *sig __free(kfree) = kzalloc(sig_size, GFP_KERNEL);

	if (!sig)

		return -ENOMEM;

	/* Run asymmetric signature generation */

	err = crypto_sig_sign(tfm, vecs->m, vecs->m_size, sig, sig_size);

	if (err) {

		pr_err("alg: sig: sign test failed: err %d\n", err);

		return err;

	}

	/* Verify that generated signature equals cooked signature */

	if (memcmp(sig, vecs->c, vecs->c_size) ||

	    memchr_inv(sig + vecs->c_size, 0, sig_size - vecs->c_size)) {

		pr_err("alg: sig: sign test failed: invalid output\n");

		hexdump(sig, sig_size);

		return -EINVAL;

	}

	return 0;

}

static int test_sig(struct crypto_sig *tfm, const char *alg,

		    const struct sig_testvec *vecs, unsigned int tcount)

{

	const char *algo = crypto_tfm_alg_driver_name(crypto_sig_tfm(tfm));

	int ret, i;

	for (i = 0; i < tcount; i++) {

		ret = test_sig_one(tfm, vecs++);

		if (ret) {

			pr_err("alg: sig: test %d failed for %s: err %d\n",

			       i + 1, algo, ret);

			return ret;

		}

	}

	return 0;

}

__maybe_unused

static int alg_test_sig(const struct alg_test_desc *desc, const char *driver,

			u32 type, u32 mask)

{

	struct crypto_sig *tfm;

	int err = 0;

	tfm = crypto_alloc_sig(driver, type, mask);

	if (IS_ERR(tfm)) {

		pr_err("alg: sig: Failed to load tfm for %s: %ld\n",

		       driver, PTR_ERR(tfm));

		return PTR_ERR(tfm);

	}

	if (desc->suite.sig.vecs)

		err = test_sig(tfm, desc->alg, desc->suite.sig.vecs,

			       desc->suite.sig.count);

	crypto_free_sig(tfm);

	return err;

}

static int alg_test_null(const struct alg_test_desc *desc,

			     const char *driver, u32 type, u32 mask)

{