xemu/crypto/rsakey-nettle.c.inc
Lei He 4c5e512ee0 crypto: Implement RSA algorithm by hogweed
Implement RSA algorithm by hogweed from nettle. Thus QEMU supports
a 'real' RSA backend to handle request from guest side. It's
important to test RSA offload case without OS & hardware requirement.

Signed-off-by: lei he <helei.sig11@bytedance.com>
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2022-05-26 11:41:51 +01:00

159 lines
4.6 KiB
C++

/*
* QEMU Crypto akcipher algorithms
*
* Copyright (c) 2022 Bytedance
* Author: lei he <helei.sig11@bytedance.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*
*/
#include <nettle/asn1.h>
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "rsakey.h"
static bool DumpMPI(struct asn1_der_iterator *i, QCryptoAkCipherMPI *mpi)
{
mpi->data = g_memdup2(i->data, i->length);
mpi->len = i->length;
return true;
}
static bool GetMPI(struct asn1_der_iterator *i, QCryptoAkCipherMPI *mpi)
{
if (asn1_der_iterator_next(i) != ASN1_ITERATOR_PRIMITIVE ||
i->type != ASN1_INTEGER) {
return false;
}
return DumpMPI(i, mpi);
}
/**
* RsaPrivKey ::= SEQUENCE {
* version INTEGER
* n INTEGER
* e INTEGER
* d INTEGER
* p INTEGER
* q INTEGER
* dp INTEGER
* dq INTEGER
* u INTEGER
* otherPrimeInfos OtherPrimeInfos OPTIONAL
* }
*/
static QCryptoAkCipherRSAKey *qcrypto_nettle_rsa_private_key_parse(
const uint8_t *key, size_t keylen, Error **errp)
{
QCryptoAkCipherRSAKey *rsa = g_new0(QCryptoAkCipherRSAKey, 1);
struct asn1_der_iterator i;
uint32_t version;
int tag;
/* Parse entire struct */
if (asn1_der_iterator_first(&i, keylen, key) != ASN1_ITERATOR_CONSTRUCTED ||
i.type != ASN1_SEQUENCE ||
asn1_der_decode_constructed_last(&i) != ASN1_ITERATOR_PRIMITIVE ||
i.type != ASN1_INTEGER ||
!asn1_der_get_uint32(&i, &version) ||
version > 1 ||
!GetMPI(&i, &rsa->n) ||
!GetMPI(&i, &rsa->e) ||
!GetMPI(&i, &rsa->d) ||
!GetMPI(&i, &rsa->p) ||
!GetMPI(&i, &rsa->q) ||
!GetMPI(&i, &rsa->dp) ||
!GetMPI(&i, &rsa->dq) ||
!GetMPI(&i, &rsa->u)) {
goto error;
}
if (version == 1) {
tag = asn1_der_iterator_next(&i);
/**
* According to the standard otherPrimeInfos must be present for
* version 1. There is no strict verification here, this is to be
* compatible with the unit test of the kernel. TODO: remove this
* until linux-kernel's unit-test is fixed;
*/
if (tag == ASN1_ITERATOR_END) {
return rsa;
}
if (tag != ASN1_ITERATOR_CONSTRUCTED ||
i.type != ASN1_SEQUENCE) {
goto error;
}
}
if (asn1_der_iterator_next(&i) != ASN1_ITERATOR_END) {
goto error;
}
return rsa;
error:
error_setg(errp, "Failed to parse RSA private key");
qcrypto_akcipher_rsakey_free(rsa);
return NULL;
}
/**
* RsaPubKey ::= SEQUENCE {
* n INTEGER
* e INTEGER
* }
*/
static QCryptoAkCipherRSAKey *qcrypto_nettle_rsa_public_key_parse(
const uint8_t *key, size_t keylen, Error **errp)
{
QCryptoAkCipherRSAKey *rsa = g_new0(QCryptoAkCipherRSAKey, 1);
struct asn1_der_iterator i;
if (asn1_der_iterator_first(&i, keylen, key) != ASN1_ITERATOR_CONSTRUCTED ||
i.type != ASN1_SEQUENCE ||
asn1_der_decode_constructed_last(&i) != ASN1_ITERATOR_PRIMITIVE ||
!DumpMPI(&i, &rsa->n) ||
!GetMPI(&i, &rsa->e) ||
asn1_der_iterator_next(&i) != ASN1_ITERATOR_END) {
goto error;
}
return rsa;
error:
error_setg(errp, "Failed to parse RSA public key");
qcrypto_akcipher_rsakey_free(rsa);
return NULL;
}
QCryptoAkCipherRSAKey *qcrypto_akcipher_rsakey_parse(
QCryptoAkCipherKeyType type, const uint8_t *key,
size_t keylen, Error **errp)
{
switch (type) {
case QCRYPTO_AKCIPHER_KEY_TYPE_PRIVATE:
return qcrypto_nettle_rsa_private_key_parse(key, keylen, errp);
case QCRYPTO_AKCIPHER_KEY_TYPE_PUBLIC:
return qcrypto_nettle_rsa_public_key_parse(key, keylen, errp);
default:
error_setg(errp, "Unknown key type: %d", type);
return NULL;
}
}