s390/zcrypt: enable odd RSA modulus sizes in CRT format

In the past only even modulus sizes were allowed for RSA keys in
CRT format. This restriction was based on limited RSA key generation
on older crypto adapters that provides only even modulus sizes. This
restriction is not valid any more.

Revoke restrictions that crypto requests can be serviced with odd
RSA modulus length in CRT format.

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>

diff --git a/drivers/s390/crypto/zcrypt_api.c b/drivers/s390/crypto/zcrypt_api.c
index 4eb4554..a9603eb 100644 (file)
--- a/drivers/s390/crypto/zcrypt_api.c
+++ b/drivers/s390/crypto/zcrypt_api.c
@@ -472,8 +472,7 @@ static long zcrypt_rsa_crt(struct ica_rsa_modexpo_crt *crt)
        unsigned long long z1, z2, z3;
        int rc, copied;
 
-       if (crt->outputdatalength < crt->inputdatalength ||
-           (crt->inputdatalength & 1))
+       if (crt->outputdatalength < crt->inputdatalength)
                return -EINVAL;
        /*
         * As long as outputdatalength is big enough, we can set the

diff --git a/drivers/s390/crypto/zcrypt_cca_key.h b/drivers/s390/crypto/zcrypt_cca_key.h
index 1f42f10..ca0cdbe 100644 (file)
--- a/drivers/s390/crypto/zcrypt_cca_key.h
+++ b/drivers/s390/crypto/zcrypt_cca_key.h
@@ -291,7 +291,7 @@ static inline int zcrypt_type6_crt_key(struct ica_rsa_modexpo_crt *crt,
 
        memset(key, 0, sizeof(*key));
 
-       short_len = crt->inputdatalength / 2;
+       short_len = (crt->inputdatalength + 1) / 2;
        long_len = short_len + 8;
        pad_len = -(3*long_len + 2*short_len) & 7;
        key_len = 3*long_len + 2*short_len + pad_len + crt->inputdatalength;

diff --git a/drivers/s390/crypto/zcrypt_msgtype50.c b/drivers/s390/crypto/zcrypt_msgtype50.c
index 334e282..6c9af13 100644 (file)
--- a/drivers/s390/crypto/zcrypt_msgtype50.c
+++ b/drivers/s390/crypto/zcrypt_msgtype50.c
@@ -248,7 +248,7 @@ static int ICACRT_msg_to_type50CRT_msg(struct zcrypt_device *zdev,
        unsigned char *p, *q, *dp, *dq, *u, *inp;
 
        mod_len = crt->inputdatalength;
-       short_len = mod_len / 2;
+       short_len = (mod_len + 1) / 2;
 
        /*
         * CEX2A and CEX3A w/o FW update can handle requests up to

diff --git a/drivers/s390/crypto/zcrypt_pcica.c b/drivers/s390/crypto/zcrypt_pcica.c
index 7a743f4..2f22020 100644 (file)
--- a/drivers/s390/crypto/zcrypt_pcica.c
+++ b/drivers/s390/crypto/zcrypt_pcica.c
@@ -138,7 +138,7 @@ static int ICACRT_msg_to_type4CRT_msg(struct zcrypt_device *zdev,
        int mod_len, short_len, long_len;
 
        mod_len = crt->inputdatalength;
-       short_len = mod_len / 2;
+       short_len = (mod_len + 1) / 2;
        long_len = mod_len / 2 + 8;
 
        if (mod_len <= 128) {