From patchwork Thu Nov 3 07:40:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: guanjun X-Patchwork-Id: 14715 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp376855wru; Thu, 3 Nov 2022 00:47:47 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4ac8oADU8uG4l3iwEDrmgm+YJyNGyb21seNB43c4lMZCItqoxiKQgIYsvpBkL0Tft6Z9Ok X-Received: by 2002:a05:6a00:a05:b0:563:5d36:ccd4 with SMTP id p5-20020a056a000a0500b005635d36ccd4mr28781051pfh.25.1667461667516; Thu, 03 Nov 2022 00:47:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667461667; cv=none; d=google.com; s=arc-20160816; b=qGbYxOAj31oXruXORb0OasZhW7fIjPtF77KYtNKHJ2RnPPBvQ+WNpt5VwZrLRb5pyL k+60mTfEx7RSZIHFsw8+xmLt3CUQnWPZsDpe6MosFNStjBVW2IE15z58fRJxeLB4TK2T KiJ0OgeSvfdQdCkxZrUdVnfmuymsLfyB8+DfbQtmR+7gEMunQuqBX5+RYxRVrmfyrD6w jb3/K4F/wXkUN2p9ENxgSXL/bKT6N0H4Y9Nnme0hcsriCYdnF3SDuCYI9qKn1rSn1TAo ro6noKdNOEGX0YLDv073zJn8jJ2bIHvoNQJdiI1TrsSTfHxlIv/54Vpx7lv5TraYeSUr m12Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:references:in-reply-to:message-id:date:subject :cc:to:from; bh=huAc/kvDcgaZBAxZsyR0verphExotOTHHfnbNDmp2cQ=; b=TFQOSYhySYjRx9CU6ndcgqrkcaLpRzU/vRjOmO1ca/+vP2GQp1Jnee8ou90Qnwg/q1 LC24fDZcy9oF0Vfql4OURqRmD/Be5IUeUlLLEZQ71QZKEAdc0i7WgTTQzAZk35KAHX+S jXqY4MlPfHWpt9wrB7WEH7J/0OnKELsugbOMc5E3td+Sku7PvAZ6LzJljnqfTrjWd96j /5U/tsdQfTlnMf0F0KMHtHxGvTtJtGJqAr6HqNablb1ET4W+i/CWc/+AxfZWMM7ghR3i rT6J5Ig1nkXhuX9BCUmfRuUTsDHQUOgsAzFWJPO+Cd0pkxHWwSEsMIA1upy4TcssN5Qc STXQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e24-20020a63d958000000b00429f2cb4a47si215670pgj.491.2022.11.03.00.47.33; Thu, 03 Nov 2022 00:47:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231337AbiKCHmW (ORCPT + 99 others); Thu, 3 Nov 2022 03:42:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38274 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231374AbiKCHl2 (ORCPT ); Thu, 3 Nov 2022 03:41:28 -0400 Received: from out30-133.freemail.mail.aliyun.com (out30-133.freemail.mail.aliyun.com [115.124.30.133]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E40D15F45; Thu, 3 Nov 2022 00:41:00 -0700 (PDT) X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R831e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018046060;MF=guanjun@linux.alibaba.com;NM=1;PH=DS;RN=8;SR=0;TI=SMTPD_---0VTrTeZv_1667461256; Received: from localhost(mailfrom:guanjun@linux.alibaba.com fp:SMTPD_---0VTrTeZv_1667461256) by smtp.aliyun-inc.com; Thu, 03 Nov 2022 15:40:57 +0800 From: 'Guanjun' To: herbert@gondor.apana.org.au, elliott@hpe.com Cc: zelin.deng@linux.alibaba.com, artie.ding@linux.alibaba.com, guanjun@linux.alibaba.com, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, xuchun.shang@linux.alibaba.com Subject: [PATCH v3 RESEND 8/9] crypto/ycc: Add sm2 algorithm support Date: Thu, 3 Nov 2022 15:40:42 +0800 Message-Id: <1667461243-48652-9-git-send-email-guanjun@linux.alibaba.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1667461243-48652-1-git-send-email-guanjun@linux.alibaba.com> References: <1667461243-48652-1-git-send-email-guanjun@linux.alibaba.com> X-Spam-Status: No, score=-9.9 required=5.0 tests=BAYES_00, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, UNPARSEABLE_RELAY,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748460285374533727?= X-GMAIL-MSGID: =?utf-8?q?1748460285374533727?= From: Xuchun Shang Only support verification through sm2 at present. Signed-off-by: Xuchun Shang --- drivers/crypto/ycc/Makefile | 4 + drivers/crypto/ycc/sm2signature_asn1.c | 38 +++++ drivers/crypto/ycc/sm2signature_asn1.h | 13 ++ drivers/crypto/ycc/ycc_algs.h | 2 + drivers/crypto/ycc/ycc_pke.c | 252 ++++++++++++++++++++++++++++++++- drivers/crypto/ycc/ycc_ring.h | 8 ++ 6 files changed, 316 insertions(+), 1 deletion(-) create mode 100644 drivers/crypto/ycc/sm2signature_asn1.c create mode 100644 drivers/crypto/ycc/sm2signature_asn1.h diff --git a/drivers/crypto/ycc/Makefile b/drivers/crypto/ycc/Makefile index d1f22a9..fb42eec 100644 --- a/drivers/crypto/ycc/Makefile +++ b/drivers/crypto/ycc/Makefile @@ -1,3 +1,7 @@ # SPDX-License-Identifier: GPL-2.0 obj-$(CONFIG_CRYPTO_DEV_YCC) += ycc.o ycc-objs := ycc_drv.o ycc_isr.o ycc_ring.o ycc_ske.o ycc_aead.o ycc_pke.o + +ifndef CONFIG_CRYPTO_SM2 +ycc-objs += sm2signature_asn1.o +endif diff --git a/drivers/crypto/ycc/sm2signature_asn1.c b/drivers/crypto/ycc/sm2signature_asn1.c new file mode 100644 index 00000000..1fd15c1 --- /dev/null +++ b/drivers/crypto/ycc/sm2signature_asn1.c @@ -0,0 +1,38 @@ +/* + * Automatically generated by asn1_compiler. Do not edit + * + * ASN.1 parser for sm2signature + */ +#include +#include "sm2signature_asn1.h" + +enum sm2signature_actions { + ACT_sm2_get_signature_r = 0, + ACT_sm2_get_signature_s = 1, + NR__sm2signature_actions = 2 +}; + +static const asn1_action_t sm2signature_action_table[NR__sm2signature_actions] = { + [0] = sm2_get_signature_r, + [1] = sm2_get_signature_s, +}; + +static const unsigned char sm2signature_machine[] = { + // Sm2Signature + [0] = ASN1_OP_MATCH, + [1] = _tag(UNIV, CONS, SEQ), + [2] = ASN1_OP_MATCH_ACT, // sig_r + [3] = _tag(UNIV, PRIM, INT), + [4] = _action(ACT_sm2_get_signature_r), + [5] = ASN1_OP_MATCH_ACT, // sig_s + [6] = _tag(UNIV, PRIM, INT), + [7] = _action(ACT_sm2_get_signature_s), + [8] = ASN1_OP_END_SEQ, + [9] = ASN1_OP_COMPLETE, +}; + +const struct asn1_decoder sm2signature_decoder = { + .machine = sm2signature_machine, + .machlen = sizeof(sm2signature_machine), + .actions = sm2signature_action_table, +}; diff --git a/drivers/crypto/ycc/sm2signature_asn1.h b/drivers/crypto/ycc/sm2signature_asn1.h new file mode 100644 index 00000000..192c9e1 --- /dev/null +++ b/drivers/crypto/ycc/sm2signature_asn1.h @@ -0,0 +1,13 @@ +/* + * Automatically generated by asn1_compiler. Do not edit + * + * ASN.1 parser for sm2signature + */ +#include + +extern const struct asn1_decoder sm2signature_decoder; + +extern int sm2_get_signature_r(void *context, size_t hdrlen, + unsigned char tag, const void *value, size_t vlen); +extern int sm2_get_signature_s(void *context, size_t hdrlen, + unsigned char tag, const void *value, size_t vlen); diff --git a/drivers/crypto/ycc/ycc_algs.h b/drivers/crypto/ycc/ycc_algs.h index 6a13230a..26323a8 100644 --- a/drivers/crypto/ycc/ycc_algs.h +++ b/drivers/crypto/ycc/ycc_algs.h @@ -77,6 +77,8 @@ enum ycc_cmd_id { YCC_CMD_CCM_ENC, YCC_CMD_CCM_DEC, /* 0x28 */ + YCC_CMD_SM2_VERIFY = 0x47, + YCC_CMD_RSA_ENC = 0x83, YCC_CMD_RSA_DEC, YCC_CMD_RSA_CRT_DEC, diff --git a/drivers/crypto/ycc/ycc_pke.c b/drivers/crypto/ycc/ycc_pke.c index 3debd80..ad72d12 100644 --- a/drivers/crypto/ycc/ycc_pke.c +++ b/drivers/crypto/ycc/ycc_pke.c @@ -8,6 +8,8 @@ #include #include #include + +#include "sm2signature_asn1.h" #include "ycc_algs.h" static int ycc_rsa_done_callback(void *ptr, u16 state) @@ -666,6 +668,224 @@ static void ycc_rsa_exit(struct crypto_akcipher *tfm) crypto_free_akcipher(ctx->soft_tfm); } +#define MPI_NBYTES(m) ((mpi_get_nbits(m) + 7) / 8) + +static int ycc_sm2_done_callback(void *ptr, u16 state) +{ + struct ycc_pke_req *sm2_req = (struct ycc_pke_req *)ptr; + struct ycc_pke_ctx *ctx = sm2_req->ctx; + struct akcipher_request *req = sm2_req->req; + struct device *dev = YCC_DEV(ctx); + + dma_free_coherent(dev, 128, sm2_req->src_vaddr, sm2_req->src_paddr); + + if (req->base.complete) + req->base.complete(&req->base, state == CMD_SUCCESS ? 0 : -EBADMSG); + return 0; +} + +struct sm2_signature_ctx { + MPI sig_r; + MPI sig_s; +}; + +#ifndef CONFIG_CRYPTO_SM2 +int sm2_get_signature_r(void *context, size_t hdrlen, unsigned char tag, + const void *value, size_t vlen) +{ + struct sm2_signature_ctx *sig = context; + + if (!value || !vlen) + return -EINVAL; + + sig->sig_r = mpi_read_raw_data(value, vlen); + if (!sig->sig_r) + return -ENOMEM; + + return 0; +} + +int sm2_get_signature_s(void *context, size_t hdrlen, unsigned char tag, + const void *value, size_t vlen) +{ + struct sm2_signature_ctx *sig = context; + + if (!value || !vlen) + return -EINVAL; + + sig->sig_s = mpi_read_raw_data(value, vlen); + if (!sig->sig_s) + return -ENOMEM; + + return 0; +} +#endif + +static int ycc_sm2_verify(struct akcipher_request *req) +{ + struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); + struct ycc_pke_req *sm2_req = akcipher_request_ctx(req); + struct ycc_pke_ctx *ctx = akcipher_tfm_ctx(tfm); + struct ycc_sm2_verify_cmd *sm2_verify_cmd; + struct ycc_dev *ydev = ctx->ring->ydev; + struct ycc_ring *ring = ctx->ring; + struct device *dev = YCC_DEV(ctx); + struct sm2_signature_ctx sig; + struct ycc_flags *aflags; + u8 buffer[80] = {0}; + int ret; + + /* Do software fallback */ + if (!test_bit(YDEV_STATUS_READY, &ydev->status) || ctx->key_len) { + akcipher_request_set_tfm(req, ctx->soft_tfm); + ret = crypto_akcipher_verify(req); + akcipher_request_set_tfm(req, tfm); + return ret; + } + + if (req->src_len > 72 || req->src_len < 70 || req->dst_len != 32) + return -EINVAL; + + sm2_req->ctx = ctx; + sm2_req->req = req; + + sg_copy_buffer(req->src, sg_nents(req->src), buffer, req->src_len, 0, 1); + sig.sig_r = NULL; + sig.sig_s = NULL; + ret = asn1_ber_decoder(&sm2signature_decoder, &sig, buffer, req->src_len); + if (ret) + return -EINVAL; + + ret = mpi_print(GCRYMPI_FMT_USG, buffer, MPI_NBYTES(sig.sig_r), + (size_t *)NULL, sig.sig_r); + if (ret) + return -EINVAL; + + ret = mpi_print(GCRYMPI_FMT_USG, buffer + MPI_NBYTES(sig.sig_r), + MPI_NBYTES(sig.sig_s), (size_t *)NULL, sig.sig_s); + if (ret) + return -EINVAL; + + ret = -ENOMEM; + /* Alloc dma for src, as verify has no output */ + sm2_req->src_vaddr = dma_alloc_coherent(dev, 128, &sm2_req->src_paddr, + GFP_ATOMIC); + if (!sm2_req->src_vaddr) + goto out; + + sg_copy_buffer(req->src, sg_nents(req->src), sm2_req->src_vaddr, + req->dst_len, req->src_len, 1); + memcpy(sm2_req->src_vaddr + 32, buffer, 64); + + sm2_req->dst_vaddr = NULL; + + aflags = kzalloc(sizeof(struct ycc_flags), GFP_ATOMIC); + if (!aflags) + goto free_src; + + aflags->ptr = (void *)sm2_req; + aflags->ycc_done_callback = ycc_sm2_done_callback; + + memset(&sm2_req->desc, 0, sizeof(sm2_req->desc)); + sm2_req->desc.private_ptr = (u64)(void *)aflags; + + sm2_verify_cmd = &sm2_req->desc.cmd.sm2_verify_cmd; + sm2_verify_cmd->cmd_id = YCC_CMD_SM2_VERIFY; + sm2_verify_cmd->sptr = sm2_req->src_paddr; + sm2_verify_cmd->keyptr = ctx->pub_key_paddr; + + ret = ycc_enqueue(ring, (u8 *)&sm2_req->desc); + if (!ret) + return -EINPROGRESS; + + kfree(aflags); +free_src: + dma_free_coherent(dev, 128, sm2_req->src_vaddr, sm2_req->src_paddr); +out: + return ret; +} + +static unsigned int ycc_sm2_max_size(struct crypto_akcipher *tfm) +{ + return PAGE_SIZE; +} + +static int ycc_sm2_setpubkey(struct crypto_akcipher *tfm, const void *key, + unsigned int keylen) +{ + struct ycc_pke_ctx *ctx = akcipher_tfm_ctx(tfm); + struct device *dev = YCC_DEV(ctx); + int ret; + + ret = crypto_akcipher_set_pub_key(ctx->soft_tfm, key, keylen); + if (ret) + return ret; + + /* Always alloc 64 bytes for pub key */ + ctx->pub_key_vaddr = dma_alloc_coherent(dev, 64, &ctx->pub_key_paddr, + GFP_KERNEL); + if (!ctx->pub_key_vaddr) + return -ENOMEM; + + /* + * Uncompressed key 65 bytes with 0x04 flag + * Compressed key 33 bytes with 0x02 or 0x03 flag + */ + switch (keylen) { + case 65: + if (*(u8 *)key != 0x04) + return -EINVAL; + memcpy(ctx->pub_key_vaddr, key + 1, 64); + break; + case 64: + memcpy(ctx->pub_key_vaddr, key, 64); + break; + case 33: + return 0; /* TODO: use sw temporary */ + default: + return -EINVAL; + } + + return 0; +} + +static int ycc_sm2_init(struct crypto_akcipher *tfm) +{ + struct ycc_pke_ctx *ctx = akcipher_tfm_ctx(tfm); + struct ycc_ring *ring; + + ctx->soft_tfm = crypto_alloc_akcipher("sm2-generic", 0, 0); + if (IS_ERR(ctx->soft_tfm)) + return PTR_ERR(ctx->soft_tfm); + + /* Reserve enough space if soft request reqires additional space */ + akcipher_set_reqsize(tfm, sizeof(struct ycc_pke_req) + + crypto_akcipher_alg(ctx->soft_tfm)->reqsize); + + ring = ycc_crypto_get_ring(); + if (!ring) { + crypto_free_akcipher(ctx->soft_tfm); + return -ENODEV; + } + + ctx->ring = ring; + return 0; +} + +static void ycc_sm2_exit(struct crypto_akcipher *tfm) +{ + struct ycc_pke_ctx *ctx = akcipher_tfm_ctx(tfm); + struct device *dev = YCC_DEV(ctx); + + if (ctx->ring) + ycc_crypto_free_ring(ctx->ring); + + if (ctx->pub_key_vaddr) + dma_free_coherent(dev, 64, ctx->pub_key_vaddr, ctx->pub_key_paddr); + + crypto_free_akcipher(ctx->soft_tfm); +} + static struct akcipher_alg ycc_rsa = { .base = { .cra_name = "rsa", @@ -685,12 +905,42 @@ static void ycc_rsa_exit(struct crypto_akcipher *tfm) .exit = ycc_rsa_exit, }; +static struct akcipher_alg ycc_sm2 = { + .base = { + .cra_name = "sm2", + .cra_driver_name = "sm2-ycc", + .cra_priority = 1000, + .cra_module = THIS_MODULE, + .cra_ctxsize = sizeof(struct ycc_pke_ctx), + }, + .verify = ycc_sm2_verify, + .set_pub_key = ycc_sm2_setpubkey, + .max_size = ycc_sm2_max_size, + .init = ycc_sm2_init, + .exit = ycc_sm2_exit, +}; + int ycc_pke_register(void) { - return crypto_register_akcipher(&ycc_rsa); + int ret; + + ret = crypto_register_akcipher(&ycc_rsa); + if (ret) { + pr_err("Failed to register rsa\n"); + return ret; + } + + ret = crypto_register_akcipher(&ycc_sm2); + if (ret) { + crypto_unregister_akcipher(&ycc_rsa); + pr_err("Failed to register sm2\n"); + } + + return ret; } void ycc_pke_unregister(void) { crypto_unregister_akcipher(&ycc_rsa); + crypto_unregister_akcipher(&ycc_sm2); } diff --git a/drivers/crypto/ycc/ycc_ring.h b/drivers/crypto/ycc/ycc_ring.h index 67c7f0b..3ad1a4d 100644 --- a/drivers/crypto/ycc/ycc_ring.h +++ b/drivers/crypto/ycc/ycc_ring.h @@ -121,11 +121,19 @@ struct ycc_rsa_dec_cmd { u64 dptr:48; } __packed; +struct ycc_sm2_verify_cmd { + u8 cmd_id; + u64 sptr:48; + u16 key_id; + u64 keyptr:48; +} __packed; + union ycc_real_cmd { struct ycc_skcipher_cmd ske_cmd; struct ycc_aead_cmd aead_cmd; struct ycc_rsa_enc_cmd rsa_enc_cmd; struct ycc_rsa_dec_cmd rsa_dec_cmd; + struct ycc_sm2_verify_cmd sm2_verify_cmd; u8 padding[32]; };