1 // SPDX-License-Identifier: GPL-2.0
2 #define pr_fmt(fmt) "ASYM-TPM: "fmt
3 #include <linux/slab.h>
4 #include <linux/module.h>
5 #include <linux/export.h>
6 #include <linux/kernel.h>
7 #include <linux/seq_file.h>
8 #include <linux/scatterlist.h>
10 #include <linux/tpm_command.h>
11 #include <crypto/akcipher.h>
12 #include <crypto/hash.h>
13 #include <crypto/sha.h>
14 #include <asm/unaligned.h>
15 #include <keys/asymmetric-subtype.h>
16 #include <keys/trusted.h>
17 #include <crypto/asym_tpm_subtype.h>
18 #include <crypto/public_key.h>
20 #define TPM_ORD_FLUSHSPECIFIC 186
21 #define TPM_ORD_LOADKEY2 65
22 #define TPM_ORD_UNBIND 30
23 #define TPM_ORD_SIGN 60
24 #define TPM_LOADKEY2_SIZE 59
25 #define TPM_FLUSHSPECIFIC_SIZE 18
26 #define TPM_UNBIND_SIZE 63
27 #define TPM_SIGN_SIZE 63
29 #define TPM_RT_KEY 0x00000001
32 * Load a TPM key from the blob provided by userspace
34 static int tpm_loadkey2(struct tpm_buf *tb,
35 uint32_t keyhandle, unsigned char *keyauth,
36 const unsigned char *keyblob, int keybloblen,
39 unsigned char nonceodd[TPM_NONCE_SIZE];
40 unsigned char enonce[TPM_NONCE_SIZE];
41 unsigned char authdata[SHA1_DIGEST_SIZE];
42 uint32_t authhandle = 0;
43 unsigned char cont = 0;
47 ordinal = htonl(TPM_ORD_LOADKEY2);
49 /* session for loading the key */
50 ret = oiap(tb, &authhandle, enonce);
52 pr_info("oiap failed (%d)\n", ret);
56 /* generate odd nonce */
57 ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
59 pr_info("tpm_get_random failed (%d)\n", ret);
63 /* calculate authorization HMAC value */
64 ret = TSS_authhmac(authdata, keyauth, SHA1_DIGEST_SIZE, enonce,
65 nonceodd, cont, sizeof(uint32_t), &ordinal,
66 keybloblen, keyblob, 0, 0);
70 /* build the request buffer */
72 store16(tb, TPM_TAG_RQU_AUTH1_COMMAND);
73 store32(tb, TPM_LOADKEY2_SIZE + keybloblen);
74 store32(tb, TPM_ORD_LOADKEY2);
75 store32(tb, keyhandle);
76 storebytes(tb, keyblob, keybloblen);
77 store32(tb, authhandle);
78 storebytes(tb, nonceodd, TPM_NONCE_SIZE);
80 storebytes(tb, authdata, SHA1_DIGEST_SIZE);
82 ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE);
84 pr_info("authhmac failed (%d)\n", ret);
88 ret = TSS_checkhmac1(tb->data, ordinal, nonceodd, keyauth,
89 SHA1_DIGEST_SIZE, 0, 0);
91 pr_info("TSS_checkhmac1 failed (%d)\n", ret);
95 *newhandle = LOAD32(tb->data, TPM_DATA_OFFSET);
100 * Execute the FlushSpecific TPM command
102 static int tpm_flushspecific(struct tpm_buf *tb, uint32_t handle)
105 store16(tb, TPM_TAG_RQU_COMMAND);
106 store32(tb, TPM_FLUSHSPECIFIC_SIZE);
107 store32(tb, TPM_ORD_FLUSHSPECIFIC);
109 store32(tb, TPM_RT_KEY);
111 return trusted_tpm_send(tb->data, MAX_BUF_SIZE);
115 * Decrypt a blob provided by userspace using a specific key handle.
116 * The handle is a well known handle or previously loaded by e.g. LoadKey2
118 static int tpm_unbind(struct tpm_buf *tb,
119 uint32_t keyhandle, unsigned char *keyauth,
120 const unsigned char *blob, uint32_t bloblen,
121 void *out, uint32_t outlen)
123 unsigned char nonceodd[TPM_NONCE_SIZE];
124 unsigned char enonce[TPM_NONCE_SIZE];
125 unsigned char authdata[SHA1_DIGEST_SIZE];
126 uint32_t authhandle = 0;
127 unsigned char cont = 0;
132 ordinal = htonl(TPM_ORD_UNBIND);
133 datalen = htonl(bloblen);
135 /* session for loading the key */
136 ret = oiap(tb, &authhandle, enonce);
138 pr_info("oiap failed (%d)\n", ret);
142 /* generate odd nonce */
143 ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
145 pr_info("tpm_get_random failed (%d)\n", ret);
149 /* calculate authorization HMAC value */
150 ret = TSS_authhmac(authdata, keyauth, SHA1_DIGEST_SIZE, enonce,
151 nonceodd, cont, sizeof(uint32_t), &ordinal,
152 sizeof(uint32_t), &datalen,
153 bloblen, blob, 0, 0);
157 /* build the request buffer */
159 store16(tb, TPM_TAG_RQU_AUTH1_COMMAND);
160 store32(tb, TPM_UNBIND_SIZE + bloblen);
161 store32(tb, TPM_ORD_UNBIND);
162 store32(tb, keyhandle);
163 store32(tb, bloblen);
164 storebytes(tb, blob, bloblen);
165 store32(tb, authhandle);
166 storebytes(tb, nonceodd, TPM_NONCE_SIZE);
168 storebytes(tb, authdata, SHA1_DIGEST_SIZE);
170 ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE);
172 pr_info("authhmac failed (%d)\n", ret);
176 datalen = LOAD32(tb->data, TPM_DATA_OFFSET);
178 ret = TSS_checkhmac1(tb->data, ordinal, nonceodd,
179 keyauth, SHA1_DIGEST_SIZE,
180 sizeof(uint32_t), TPM_DATA_OFFSET,
181 datalen, TPM_DATA_OFFSET + sizeof(uint32_t),
184 pr_info("TSS_checkhmac1 failed (%d)\n", ret);
188 memcpy(out, tb->data + TPM_DATA_OFFSET + sizeof(uint32_t),
189 min(outlen, datalen));
195 * Sign a blob provided by userspace (that has had the hash function applied)
196 * using a specific key handle. The handle is assumed to have been previously
197 * loaded by e.g. LoadKey2.
199 * Note that the key signature scheme of the used key should be set to
200 * TPM_SS_RSASSAPKCS1v15_DER. This allows the hashed input to be of any size
201 * up to key_length_in_bytes - 11 and not be limited to size 20 like the
202 * TPM_SS_RSASSAPKCS1v15_SHA1 signature scheme.
204 static int tpm_sign(struct tpm_buf *tb,
205 uint32_t keyhandle, unsigned char *keyauth,
206 const unsigned char *blob, uint32_t bloblen,
207 void *out, uint32_t outlen)
209 unsigned char nonceodd[TPM_NONCE_SIZE];
210 unsigned char enonce[TPM_NONCE_SIZE];
211 unsigned char authdata[SHA1_DIGEST_SIZE];
212 uint32_t authhandle = 0;
213 unsigned char cont = 0;
218 ordinal = htonl(TPM_ORD_SIGN);
219 datalen = htonl(bloblen);
221 /* session for loading the key */
222 ret = oiap(tb, &authhandle, enonce);
224 pr_info("oiap failed (%d)\n", ret);
228 /* generate odd nonce */
229 ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
231 pr_info("tpm_get_random failed (%d)\n", ret);
235 /* calculate authorization HMAC value */
236 ret = TSS_authhmac(authdata, keyauth, SHA1_DIGEST_SIZE, enonce,
237 nonceodd, cont, sizeof(uint32_t), &ordinal,
238 sizeof(uint32_t), &datalen,
239 bloblen, blob, 0, 0);
243 /* build the request buffer */
245 store16(tb, TPM_TAG_RQU_AUTH1_COMMAND);
246 store32(tb, TPM_SIGN_SIZE + bloblen);
247 store32(tb, TPM_ORD_SIGN);
248 store32(tb, keyhandle);
249 store32(tb, bloblen);
250 storebytes(tb, blob, bloblen);
251 store32(tb, authhandle);
252 storebytes(tb, nonceodd, TPM_NONCE_SIZE);
254 storebytes(tb, authdata, SHA1_DIGEST_SIZE);
256 ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE);
258 pr_info("authhmac failed (%d)\n", ret);
262 datalen = LOAD32(tb->data, TPM_DATA_OFFSET);
264 ret = TSS_checkhmac1(tb->data, ordinal, nonceodd,
265 keyauth, SHA1_DIGEST_SIZE,
266 sizeof(uint32_t), TPM_DATA_OFFSET,
267 datalen, TPM_DATA_OFFSET + sizeof(uint32_t),
270 pr_info("TSS_checkhmac1 failed (%d)\n", ret);
274 memcpy(out, tb->data + TPM_DATA_OFFSET + sizeof(uint32_t),
275 min(datalen, outlen));
280 /* Room to fit two u32 zeros for algo id and parameters length. */
281 #define SETKEY_PARAMS_SIZE (sizeof(u32) * 2)
284 * Maximum buffer size for the BER/DER encoded public key. The public key
285 * is of the form SEQUENCE { INTEGER n, INTEGER e } where n is a maximum 2048
286 * bit key and e is usually 65537
287 * The encoding overhead is:
288 * - max 4 bytes for SEQUENCE
289 * - max 4 bytes for INTEGER n type/length
291 * - max 2 bytes for INTEGER e type/length
293 * - 4+4 of zeros for set_pub_key parameters (SETKEY_PARAMS_SIZE)
295 #define PUB_KEY_BUF_SIZE (4 + 4 + 257 + 2 + 3 + SETKEY_PARAMS_SIZE)
298 * Provide a part of a description of the key for /proc/keys.
300 static void asym_tpm_describe(const struct key *asymmetric_key,
303 struct tpm_key *tk = asymmetric_key->payload.data[asym_crypto];
308 seq_printf(m, "TPM1.2/Blob");
311 static void asym_tpm_destroy(void *payload0, void *payload3)
313 struct tpm_key *tk = payload0;
324 /* How many bytes will it take to encode the length */
325 static inline uint32_t definite_length(uint32_t len)
334 static inline uint8_t *encode_tag_length(uint8_t *buf, uint8_t tag,
351 put_unaligned_be16(len, buf + 1);
355 static uint32_t derive_pub_key(const void *pub_key, uint32_t len, uint8_t *buf)
358 uint32_t n_len = definite_length(len) + 1 + len + 1;
359 uint32_t e_len = definite_length(3) + 1 + 3;
360 uint8_t e[3] = { 0x01, 0x00, 0x01 };
363 cur = encode_tag_length(cur, 0x30, n_len + e_len);
365 cur = encode_tag_length(cur, 0x02, len + 1);
367 memcpy(cur + 1, pub_key, len);
369 cur = encode_tag_length(cur, 0x02, sizeof(e));
370 memcpy(cur, e, sizeof(e));
372 /* Zero parameters to satisfy set_pub_key ABI. */
373 memset(cur, 0, SETKEY_PARAMS_SIZE);
379 * Determine the crypto algorithm name.
381 static int determine_akcipher(const char *encoding, const char *hash_algo,
382 char alg_name[CRYPTO_MAX_ALG_NAME])
384 if (strcmp(encoding, "pkcs1") == 0) {
386 strcpy(alg_name, "pkcs1pad(rsa)");
390 if (snprintf(alg_name, CRYPTO_MAX_ALG_NAME, "pkcs1pad(rsa,%s)",
391 hash_algo) >= CRYPTO_MAX_ALG_NAME)
397 if (strcmp(encoding, "raw") == 0) {
398 strcpy(alg_name, "rsa");
406 * Query information about a key.
408 static int tpm_key_query(const struct kernel_pkey_params *params,
409 struct kernel_pkey_query *info)
411 struct tpm_key *tk = params->key->payload.data[asym_crypto];
413 char alg_name[CRYPTO_MAX_ALG_NAME];
414 struct crypto_akcipher *tfm;
415 uint8_t der_pub_key[PUB_KEY_BUF_SIZE];
416 uint32_t der_pub_key_len;
419 /* TPM only works on private keys, public keys still done in software */
420 ret = determine_akcipher(params->encoding, params->hash_algo, alg_name);
424 tfm = crypto_alloc_akcipher(alg_name, 0, 0);
428 der_pub_key_len = derive_pub_key(tk->pub_key, tk->pub_key_len,
431 ret = crypto_akcipher_set_pub_key(tfm, der_pub_key, der_pub_key_len);
435 len = crypto_akcipher_maxsize(tfm);
437 info->key_size = tk->key_len;
438 info->max_data_size = tk->key_len / 8;
439 info->max_sig_size = len;
440 info->max_enc_size = len;
441 info->max_dec_size = tk->key_len / 8;
443 info->supported_ops = KEYCTL_SUPPORTS_ENCRYPT |
444 KEYCTL_SUPPORTS_DECRYPT |
445 KEYCTL_SUPPORTS_VERIFY |
446 KEYCTL_SUPPORTS_SIGN;
450 crypto_free_akcipher(tfm);
451 pr_devel("<==%s() = %d\n", __func__, ret);
456 * Encryption operation is performed with the public key. Hence it is done
459 static int tpm_key_encrypt(struct tpm_key *tk,
460 struct kernel_pkey_params *params,
461 const void *in, void *out)
463 char alg_name[CRYPTO_MAX_ALG_NAME];
464 struct crypto_akcipher *tfm;
465 struct akcipher_request *req;
466 struct crypto_wait cwait;
467 struct scatterlist in_sg, out_sg;
468 uint8_t der_pub_key[PUB_KEY_BUF_SIZE];
469 uint32_t der_pub_key_len;
472 pr_devel("==>%s()\n", __func__);
474 ret = determine_akcipher(params->encoding, params->hash_algo, alg_name);
478 tfm = crypto_alloc_akcipher(alg_name, 0, 0);
482 der_pub_key_len = derive_pub_key(tk->pub_key, tk->pub_key_len,
485 ret = crypto_akcipher_set_pub_key(tfm, der_pub_key, der_pub_key_len);
489 req = akcipher_request_alloc(tfm, GFP_KERNEL);
493 sg_init_one(&in_sg, in, params->in_len);
494 sg_init_one(&out_sg, out, params->out_len);
495 akcipher_request_set_crypt(req, &in_sg, &out_sg, params->in_len,
497 crypto_init_wait(&cwait);
498 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG |
499 CRYPTO_TFM_REQ_MAY_SLEEP,
500 crypto_req_done, &cwait);
502 ret = crypto_akcipher_encrypt(req);
503 ret = crypto_wait_req(ret, &cwait);
508 akcipher_request_free(req);
510 crypto_free_akcipher(tfm);
511 pr_devel("<==%s() = %d\n", __func__, ret);
516 * Decryption operation is performed with the private key in the TPM.
518 static int tpm_key_decrypt(struct tpm_key *tk,
519 struct kernel_pkey_params *params,
520 const void *in, void *out)
524 uint8_t srkauth[SHA1_DIGEST_SIZE];
525 uint8_t keyauth[SHA1_DIGEST_SIZE];
528 pr_devel("==>%s()\n", __func__);
530 if (params->hash_algo)
533 if (strcmp(params->encoding, "pkcs1"))
536 tb = kzalloc(sizeof(*tb), GFP_KERNEL);
540 /* TODO: Handle a non-all zero SRK authorization */
541 memset(srkauth, 0, sizeof(srkauth));
543 r = tpm_loadkey2(tb, SRKHANDLE, srkauth,
544 tk->blob, tk->blob_len, &keyhandle);
546 pr_devel("loadkey2 failed (%d)\n", r);
550 /* TODO: Handle a non-all zero key authorization */
551 memset(keyauth, 0, sizeof(keyauth));
553 r = tpm_unbind(tb, keyhandle, keyauth,
554 in, params->in_len, out, params->out_len);
556 pr_devel("tpm_unbind failed (%d)\n", r);
558 if (tpm_flushspecific(tb, keyhandle) < 0)
559 pr_devel("flushspecific failed (%d)\n", r);
563 pr_devel("<==%s() = %d\n", __func__, r);
568 * Hash algorithm OIDs plus ASN.1 DER wrappings [RFC4880 sec 5.2.2].
570 static const u8 digest_info_md5[] = {
571 0x30, 0x20, 0x30, 0x0c, 0x06, 0x08,
572 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x05, /* OID */
573 0x05, 0x00, 0x04, 0x10
576 static const u8 digest_info_sha1[] = {
577 0x30, 0x21, 0x30, 0x09, 0x06, 0x05,
578 0x2b, 0x0e, 0x03, 0x02, 0x1a,
579 0x05, 0x00, 0x04, 0x14
582 static const u8 digest_info_rmd160[] = {
583 0x30, 0x21, 0x30, 0x09, 0x06, 0x05,
584 0x2b, 0x24, 0x03, 0x02, 0x01,
585 0x05, 0x00, 0x04, 0x14
588 static const u8 digest_info_sha224[] = {
589 0x30, 0x2d, 0x30, 0x0d, 0x06, 0x09,
590 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04,
591 0x05, 0x00, 0x04, 0x1c
594 static const u8 digest_info_sha256[] = {
595 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09,
596 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
597 0x05, 0x00, 0x04, 0x20
600 static const u8 digest_info_sha384[] = {
601 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09,
602 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02,
603 0x05, 0x00, 0x04, 0x30
606 static const u8 digest_info_sha512[] = {
607 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09,
608 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
609 0x05, 0x00, 0x04, 0x40
612 static const struct asn1_template {
616 } asn1_templates[] = {
617 #define _(X) { #X, digest_info_##X, sizeof(digest_info_##X) }
629 static const struct asn1_template *lookup_asn1(const char *name)
631 const struct asn1_template *p;
633 for (p = asn1_templates; p->name; p++)
634 if (strcmp(name, p->name) == 0)
640 * Sign operation is performed with the private key in the TPM.
642 static int tpm_key_sign(struct tpm_key *tk,
643 struct kernel_pkey_params *params,
644 const void *in, void *out)
648 uint8_t srkauth[SHA1_DIGEST_SIZE];
649 uint8_t keyauth[SHA1_DIGEST_SIZE];
650 void *asn1_wrapped = NULL;
651 uint32_t in_len = params->in_len;
654 pr_devel("==>%s()\n", __func__);
656 if (strcmp(params->encoding, "pkcs1"))
659 if (params->hash_algo) {
660 const struct asn1_template *asn1 =
661 lookup_asn1(params->hash_algo);
666 /* request enough space for the ASN.1 template + input hash */
667 asn1_wrapped = kzalloc(in_len + asn1->size, GFP_KERNEL);
671 /* Copy ASN.1 template, then the input */
672 memcpy(asn1_wrapped, asn1->data, asn1->size);
673 memcpy(asn1_wrapped + asn1->size, in, in_len);
676 in_len += asn1->size;
679 if (in_len > tk->key_len / 8 - 11) {
681 goto error_free_asn1_wrapped;
685 tb = kzalloc(sizeof(*tb), GFP_KERNEL);
687 goto error_free_asn1_wrapped;
689 /* TODO: Handle a non-all zero SRK authorization */
690 memset(srkauth, 0, sizeof(srkauth));
692 r = tpm_loadkey2(tb, SRKHANDLE, srkauth,
693 tk->blob, tk->blob_len, &keyhandle);
695 pr_devel("loadkey2 failed (%d)\n", r);
699 /* TODO: Handle a non-all zero key authorization */
700 memset(keyauth, 0, sizeof(keyauth));
702 r = tpm_sign(tb, keyhandle, keyauth, in, in_len, out, params->out_len);
704 pr_devel("tpm_sign failed (%d)\n", r);
706 if (tpm_flushspecific(tb, keyhandle) < 0)
707 pr_devel("flushspecific failed (%d)\n", r);
711 error_free_asn1_wrapped:
713 pr_devel("<==%s() = %d\n", __func__, r);
718 * Do encryption, decryption and signing ops.
720 static int tpm_key_eds_op(struct kernel_pkey_params *params,
721 const void *in, void *out)
723 struct tpm_key *tk = params->key->payload.data[asym_crypto];
724 int ret = -EOPNOTSUPP;
726 /* Perform the encryption calculation. */
727 switch (params->op) {
728 case kernel_pkey_encrypt:
729 ret = tpm_key_encrypt(tk, params, in, out);
731 case kernel_pkey_decrypt:
732 ret = tpm_key_decrypt(tk, params, in, out);
734 case kernel_pkey_sign:
735 ret = tpm_key_sign(tk, params, in, out);
745 * Verify a signature using a public key.
747 static int tpm_key_verify_signature(const struct key *key,
748 const struct public_key_signature *sig)
750 const struct tpm_key *tk = key->payload.data[asym_crypto];
751 struct crypto_wait cwait;
752 struct crypto_akcipher *tfm;
753 struct akcipher_request *req;
754 struct scatterlist src_sg[2];
755 char alg_name[CRYPTO_MAX_ALG_NAME];
756 uint8_t der_pub_key[PUB_KEY_BUF_SIZE];
757 uint32_t der_pub_key_len;
760 pr_devel("==>%s()\n", __func__);
769 ret = determine_akcipher(sig->encoding, sig->hash_algo, alg_name);
773 tfm = crypto_alloc_akcipher(alg_name, 0, 0);
777 der_pub_key_len = derive_pub_key(tk->pub_key, tk->pub_key_len,
780 ret = crypto_akcipher_set_pub_key(tfm, der_pub_key, der_pub_key_len);
785 req = akcipher_request_alloc(tfm, GFP_KERNEL);
789 sg_init_table(src_sg, 2);
790 sg_set_buf(&src_sg[0], sig->s, sig->s_size);
791 sg_set_buf(&src_sg[1], sig->digest, sig->digest_size);
792 akcipher_request_set_crypt(req, src_sg, NULL, sig->s_size,
794 crypto_init_wait(&cwait);
795 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG |
796 CRYPTO_TFM_REQ_MAY_SLEEP,
797 crypto_req_done, &cwait);
798 ret = crypto_wait_req(crypto_akcipher_verify(req), &cwait);
800 akcipher_request_free(req);
802 crypto_free_akcipher(tfm);
803 pr_devel("<==%s() = %d\n", __func__, ret);
804 if (WARN_ON_ONCE(ret > 0))
810 * Parse enough information out of TPM_KEY structure:
811 * TPM_STRUCT_VER -> 4 bytes
812 * TPM_KEY_USAGE -> 2 bytes
813 * TPM_KEY_FLAGS -> 4 bytes
814 * TPM_AUTH_DATA_USAGE -> 1 byte
815 * TPM_KEY_PARMS -> variable
816 * UINT32 PCRInfoSize -> 4 bytes
817 * BYTE* -> PCRInfoSize bytes
819 * UINT32 encDataSize;
820 * BYTE* -> encDataSize;
823 * TPM_ALGORITHM_ID -> 4 bytes
824 * TPM_ENC_SCHEME -> 2 bytes
825 * TPM_SIG_SCHEME -> 2 bytes
826 * UINT32 parmSize -> 4 bytes
829 static int extract_key_parameters(struct tpm_key *tk)
831 const void *cur = tk->blob;
832 uint32_t len = tk->blob_len;
840 /* Ensure this is a legacy key */
841 if (get_unaligned_be16(cur + 4) != 0x0015)
844 /* Skip to TPM_KEY_PARMS */
851 /* Make sure this is an RSA key */
852 if (get_unaligned_be32(cur) != 0x00000001)
855 /* Make sure this is TPM_ES_RSAESPKCSv15 encoding scheme */
856 if (get_unaligned_be16(cur + 4) != 0x0002)
859 /* Make sure this is TPM_SS_RSASSAPKCS1v15_DER signature scheme */
860 if (get_unaligned_be16(cur + 6) != 0x0003)
863 sz = get_unaligned_be32(cur + 8);
867 /* Move to TPM_RSA_KEY_PARMS */
871 /* Grab the RSA key length */
872 key_len = get_unaligned_be32(cur);
884 /* Move just past TPM_KEY_PARMS */
891 sz = get_unaligned_be32(cur);
895 /* Move to TPM_STORE_PUBKEY */
899 /* Grab the size of the public key, it should jive with the key size */
900 sz = get_unaligned_be32(cur);
906 tk->key_len = key_len;
907 tk->pub_key = pub_key;
908 tk->pub_key_len = sz;
913 /* Given the blob, parse it and load it into the TPM */
914 struct tpm_key *tpm_key_create(const void *blob, uint32_t blob_len)
919 r = tpm_is_tpm2(NULL);
923 /* We don't support TPM2 yet */
930 tk = kzalloc(sizeof(struct tpm_key), GFP_KERNEL);
934 tk->blob = kmemdup(blob, blob_len, GFP_KERNEL);
938 tk->blob_len = blob_len;
940 r = extract_key_parameters(tk);
954 EXPORT_SYMBOL_GPL(tpm_key_create);
957 * TPM-based asymmetric key subtype
959 struct asymmetric_key_subtype asym_tpm_subtype = {
960 .owner = THIS_MODULE,
962 .name_len = sizeof("asym_tpm") - 1,
963 .describe = asym_tpm_describe,
964 .destroy = asym_tpm_destroy,
965 .query = tpm_key_query,
966 .eds_op = tpm_key_eds_op,
967 .verify_signature = tpm_key_verify_signature,
969 EXPORT_SYMBOL_GPL(asym_tpm_subtype);
971 MODULE_DESCRIPTION("TPM based asymmetric key subtype");
972 MODULE_AUTHOR("Intel Corporation");
973 MODULE_LICENSE("GPL v2");