tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

s390/pkey: Rework and split PKEY kernel module code

This is a huge rework of all the pkey kernel module code.
The goal is to split the code into individual parts with
a dedicated calling interface:
- move all the sysfs related code into pkey_sysfs.c
- all the CCA related code goes to pkey_cca.c
- the EP11 stuff has been moved to pkey_ep11.c
- the PCKMO related code is now in pkey_pckmo.c

The CCA, EP11 and PCKMO code may be seen as "handlers" with
a similar calling interface. The new header file pkey_base.h
declares this calling interface. The remaining code in
pkey_api.c handles the ioctl, the pkey module things and the
"handler" independent code on top of the calling interface
invoking the handlers.

This regrouping of the code will be the base for a real
pkey kernel module split into a pkey base module which acts
as a dispatcher and handler modules providing their service.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Reviewed-by: Holger Dengler <dengler@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>

authored by

Harald Freudenberger and committed by
Vasily Gorbik 86fbf5e2 7344eea1

+2337 -1776
+2 -2
arch/s390/crypto/paes_s390.c
··· 133 133 if (msleep_interruptible(1000)) 134 134 return -EINTR; 135 135 } 136 - ret = pkey_keyblob2pkey(kb->key, kb->keylen, 137 - pk->protkey, &pk->len, &pk->type); 136 + ret = pkey_key2protkey(kb->key, kb->keylen, 137 + pk->protkey, &pk->len, &pk->type); 138 138 } 139 139 140 140 return ret;
+2 -2
arch/s390/include/asm/pkey.h
··· 22 22 * @param protkey pointer to buffer receiving the protected key 23 23 * @return 0 on success, negative errno value on failure 24 24 */ 25 - int pkey_keyblob2pkey(const u8 *key, u32 keylen, 26 - u8 *protkey, u32 *protkeylen, u32 *protkeytype); 25 + int pkey_key2protkey(const u8 *key, u32 keylen, 26 + u8 *protkey, u32 *protkeylen, u32 *protkeytype); 27 27 28 28 #endif /* _KAPI_PKEY_H */
+1 -1
drivers/s390/crypto/Makefile
··· 14 14 obj-$(CONFIG_ZCRYPT) += zcrypt_cex4.o 15 15 16 16 # pkey kernel module 17 - pkey-objs := pkey_api.o 17 + pkey-objs := pkey_api.o pkey_cca.o pkey_ep11.o pkey_pckmo.o pkey_sysfs.o 18 18 obj-$(CONFIG_PKEY) += pkey.o 19 19 20 20 # adjunct processor matrix
+431 -1743
drivers/s390/crypto/pkey_api.c
··· 17 17 #include <linux/slab.h> 18 18 #include <linux/kallsyms.h> 19 19 #include <linux/debugfs.h> 20 - #include <linux/random.h> 21 20 #include <linux/cpufeature.h> 22 21 #include <asm/zcrypt.h> 23 22 #include <asm/cpacf.h> 24 23 #include <asm/pkey.h> 25 - #include <crypto/aes.h> 26 24 27 25 #include "zcrypt_api.h" 28 26 #include "zcrypt_ccamisc.h" 29 27 #include "zcrypt_ep11misc.h" 30 28 29 + #include "pkey_base.h" 30 + 31 31 MODULE_LICENSE("GPL"); 32 32 MODULE_AUTHOR("IBM Corporation"); 33 33 MODULE_DESCRIPTION("s390 protected key interface"); 34 34 35 - #define KEYBLOBBUFSIZE 8192 /* key buffer size used for internal processing */ 36 - #define MINKEYBLOBBUFSIZE (sizeof(struct keytoken_header)) 37 - #define PROTKEYBLOBBUFSIZE 256 /* protected key buffer size used internal */ 38 - #define MAXAPQNSINLIST 64 /* max 64 apqns within a apqn list */ 39 - #define AES_WK_VP_SIZE 32 /* Size of WK VP block appended to a prot key */ 40 - 41 35 /* 42 - * debug feature data and functions 36 + * Debug feature data and functions 43 37 */ 44 38 45 - static debug_info_t *pkey_dbf_info; 46 - 47 - #define PKEY_DBF_INFO(...) debug_sprintf_event(pkey_dbf_info, 5, ##__VA_ARGS__) 48 - #define PKEY_DBF_WARN(...) debug_sprintf_event(pkey_dbf_info, 4, ##__VA_ARGS__) 49 - #define PKEY_DBF_ERR(...) debug_sprintf_event(pkey_dbf_info, 3, ##__VA_ARGS__) 39 + debug_info_t *pkey_dbf_info; 50 40 51 41 static void __init pkey_debug_init(void) 52 42 { ··· 51 61 debug_unregister(pkey_dbf_info); 52 62 } 53 63 54 - /* inside view of a protected key token (only type 0x00 version 0x01) */ 55 - struct protaeskeytoken { 56 - u8 type; /* 0x00 for PAES specific key tokens */ 57 - u8 res0[3]; 58 - u8 version; /* should be 0x01 for protected AES key token */ 59 - u8 res1[3]; 60 - u32 keytype; /* key type, one of the PKEY_KEYTYPE values */ 61 - u32 len; /* bytes actually stored in protkey[] */ 62 - u8 protkey[MAXPROTKEYSIZE]; /* the protected key blob */ 63 - } __packed; 64 + /* 65 + * Helper functions 66 + */ 64 67 65 - /* inside view of a clear key token (type 0x00 version 0x02) */ 66 - struct clearkeytoken { 67 - u8 type; /* 0x00 for PAES specific key tokens */ 68 - u8 res0[3]; 69 - u8 version; /* 0x02 for clear key token */ 70 - u8 res1[3]; 71 - u32 keytype; /* key type, one of the PKEY_KEYTYPE_* values */ 72 - u32 len; /* bytes actually stored in clearkey[] */ 73 - u8 clearkey[]; /* clear key value */ 74 - } __packed; 75 - 76 - /* helper function which translates the PKEY_KEYTYPE_AES_* to their keysize */ 77 - static inline u32 pkey_keytype_aes_to_size(u32 keytype) 68 + static int apqns4key(const u8 *key, size_t keylen, u32 flags, 69 + struct pkey_apqn *apqns, size_t *nr_apqns) 78 70 { 79 - switch (keytype) { 80 - case PKEY_KEYTYPE_AES_128: 81 - return 16; 82 - case PKEY_KEYTYPE_AES_192: 83 - return 24; 84 - case PKEY_KEYTYPE_AES_256: 85 - return 32; 86 - default: 87 - return 0; 71 + if (pkey_is_cca_key(key, keylen)) { 72 + return pkey_cca_apqns4key(key, keylen, flags, 73 + apqns, nr_apqns); 74 + } else if (pkey_is_ep11_key(key, keylen)) { 75 + return pkey_ep11_apqns4key(key, keylen, flags, 76 + apqns, nr_apqns); 77 + } else { 78 + struct keytoken_header *hdr = (struct keytoken_header *)key; 79 + 80 + PKEY_DBF_ERR("%s unknown/unsupported key type %d version %d\n", 81 + __func__, hdr->type, hdr->version); 82 + return -EINVAL; 88 83 } 89 84 } 90 85 91 - /* 92 - * Create a protected key from a clear key value via PCKMO instruction. 93 - */ 94 - static int pkey_clr2protkey(u32 keytype, const u8 *clrkey, 95 - u8 *protkey, u32 *protkeylen, u32 *protkeytype) 86 + static int apqns4keytype(enum pkey_key_type ktype, 87 + u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags, 88 + struct pkey_apqn *apqns, size_t *nr_apqns) 96 89 { 97 - /* mask of available pckmo subfunctions */ 98 - static cpacf_mask_t pckmo_functions; 90 + if (pkey_is_cca_keytype(ktype)) { 91 + return pkey_cca_apqns4type(ktype, cur_mkvp, alt_mkvp, flags, 92 + apqns, nr_apqns); 93 + } else if (pkey_is_ep11_keytype(ktype)) { 94 + return pkey_ep11_apqns4type(ktype, cur_mkvp, alt_mkvp, flags, 95 + apqns, nr_apqns); 96 + } else { 97 + PKEY_DBF_ERR("%s unknown/unsupported key type %d\n", 98 + __func__, ktype); 99 + return -EINVAL; 100 + } 101 + } 99 102 100 - u8 paramblock[112]; 101 - u32 pkeytype; 102 - int keysize; 103 - long fc; 103 + static int genseck2(const struct pkey_apqn *apqns, size_t nr_apqns, 104 + enum pkey_key_type keytype, enum pkey_key_size keybitsize, 105 + u32 flags, u8 *keybuf, u32 *keybuflen) 106 + { 107 + int i, rc; 108 + u32 u; 104 109 105 - switch (keytype) { 106 - case PKEY_KEYTYPE_AES_128: 107 - /* 16 byte key, 32 byte aes wkvp, total 48 bytes */ 108 - keysize = 16; 109 - pkeytype = keytype; 110 - fc = CPACF_PCKMO_ENC_AES_128_KEY; 111 - break; 112 - case PKEY_KEYTYPE_AES_192: 113 - /* 24 byte key, 32 byte aes wkvp, total 56 bytes */ 114 - keysize = 24; 115 - pkeytype = keytype; 116 - fc = CPACF_PCKMO_ENC_AES_192_KEY; 117 - break; 118 - case PKEY_KEYTYPE_AES_256: 119 - /* 32 byte key, 32 byte aes wkvp, total 64 bytes */ 120 - keysize = 32; 121 - pkeytype = keytype; 122 - fc = CPACF_PCKMO_ENC_AES_256_KEY; 123 - break; 124 - case PKEY_KEYTYPE_ECC_P256: 125 - /* 32 byte key, 32 byte aes wkvp, total 64 bytes */ 126 - keysize = 32; 127 - pkeytype = PKEY_KEYTYPE_ECC; 128 - fc = CPACF_PCKMO_ENC_ECC_P256_KEY; 129 - break; 130 - case PKEY_KEYTYPE_ECC_P384: 131 - /* 48 byte key, 32 byte aes wkvp, total 80 bytes */ 132 - keysize = 48; 133 - pkeytype = PKEY_KEYTYPE_ECC; 134 - fc = CPACF_PCKMO_ENC_ECC_P384_KEY; 135 - break; 136 - case PKEY_KEYTYPE_ECC_P521: 137 - /* 80 byte key, 32 byte aes wkvp, total 112 bytes */ 138 - keysize = 80; 139 - pkeytype = PKEY_KEYTYPE_ECC; 140 - fc = CPACF_PCKMO_ENC_ECC_P521_KEY; 141 - break; 142 - case PKEY_KEYTYPE_ECC_ED25519: 143 - /* 32 byte key, 32 byte aes wkvp, total 64 bytes */ 144 - keysize = 32; 145 - pkeytype = PKEY_KEYTYPE_ECC; 146 - fc = CPACF_PCKMO_ENC_ECC_ED25519_KEY; 147 - break; 148 - case PKEY_KEYTYPE_ECC_ED448: 149 - /* 64 byte key, 32 byte aes wkvp, total 96 bytes */ 150 - keysize = 64; 151 - pkeytype = PKEY_KEYTYPE_ECC; 152 - fc = CPACF_PCKMO_ENC_ECC_ED448_KEY; 153 - break; 154 - default: 155 - PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n", 110 + if (pkey_is_cca_keytype(keytype)) { 111 + /* As of now only CCA AES key generation is supported */ 112 + u = pkey_aes_bitsize_to_keytype(keybitsize); 113 + if (!u) { 114 + PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n", 115 + __func__, keybitsize); 116 + return -EINVAL; 117 + } 118 + for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) { 119 + rc = pkey_cca_gen_key(apqns[i].card, 120 + apqns[i].domain, 121 + u, keytype, keybitsize, flags, 122 + keybuf, keybuflen); 123 + } 124 + } else if (pkey_is_ep11_keytype(keytype)) { 125 + /* As of now only EP11 AES key generation is supported */ 126 + u = pkey_aes_bitsize_to_keytype(keybitsize); 127 + if (!u) { 128 + PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n", 129 + __func__, keybitsize); 130 + return -EINVAL; 131 + } 132 + for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) { 133 + rc = pkey_ep11_gen_key(apqns[i].card, 134 + apqns[i].domain, 135 + u, keytype, keybitsize, flags, 136 + keybuf, keybuflen); 137 + } 138 + } else { 139 + PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", 156 140 __func__, keytype); 157 141 return -EINVAL; 158 142 } 159 143 160 - if (*protkeylen < keysize + AES_WK_VP_SIZE) { 161 - PKEY_DBF_ERR("%s prot key buffer size too small: %u < %d\n", 162 - __func__, *protkeylen, keysize + AES_WK_VP_SIZE); 163 - return -EINVAL; 164 - } 165 - 166 - /* Did we already check for PCKMO ? */ 167 - if (!pckmo_functions.bytes[0]) { 168 - /* no, so check now */ 169 - if (!cpacf_query(CPACF_PCKMO, &pckmo_functions)) 170 - return -ENODEV; 171 - } 172 - /* check for the pckmo subfunction we need now */ 173 - if (!cpacf_test_func(&pckmo_functions, fc)) { 174 - PKEY_DBF_ERR("%s pckmo functions not available\n", __func__); 175 - return -ENODEV; 176 - } 177 - 178 - /* prepare param block */ 179 - memset(paramblock, 0, sizeof(paramblock)); 180 - memcpy(paramblock, clrkey, keysize); 181 - 182 - /* call the pckmo instruction */ 183 - cpacf_pckmo(fc, paramblock); 184 - 185 - /* copy created protected key to key buffer including the wkvp block */ 186 - *protkeylen = keysize + AES_WK_VP_SIZE; 187 - memcpy(protkey, paramblock, *protkeylen); 188 - *protkeytype = pkeytype; 189 - 190 - return 0; 144 + return rc; 191 145 } 192 146 193 - /* 194 - * Find card and transform secure key into protected key. 195 - */ 196 - static int pkey_skey2pkey(const u8 *key, u8 *protkey, 197 - u32 *protkeylen, u32 *protkeytype) 147 + static int clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns, 148 + enum pkey_key_type keytype, enum pkey_key_size kbitsize, 149 + u32 flags, const u8 *clrkey, u8 *keybuf, u32 *keybuflen) 198 150 { 199 - struct keytoken_header *hdr = (struct keytoken_header *)key; 200 - u16 cardnr, domain; 201 - int rc, verify; 151 + int i, rc; 152 + u32 u; 202 153 203 - zcrypt_wait_api_operational(); 204 - 205 - /* 206 - * The cca_xxx2protkey call may fail when a card has been 207 - * addressed where the master key was changed after last fetch 208 - * of the mkvp into the cache. Try 3 times: First without verify 209 - * then with verify and last round with verify and old master 210 - * key verification pattern match not ignored. 211 - */ 212 - for (verify = 0; verify < 3; verify++) { 213 - rc = cca_findcard(key, &cardnr, &domain, verify); 214 - if (rc < 0) 215 - continue; 216 - if (rc > 0 && verify < 2) 217 - continue; 218 - switch (hdr->version) { 219 - case TOKVER_CCA_AES: 220 - rc = cca_sec2protkey(cardnr, domain, key, 221 - protkey, protkeylen, protkeytype); 222 - break; 223 - case TOKVER_CCA_VLSC: 224 - rc = cca_cipher2protkey(cardnr, domain, key, 225 - protkey, protkeylen, 226 - protkeytype); 227 - break; 228 - default: 154 + if (pkey_is_cca_keytype(keytype)) { 155 + /* As of now only CCA AES key generation is supported */ 156 + u = pkey_aes_bitsize_to_keytype(kbitsize); 157 + if (!u) { 158 + PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n", 159 + __func__, kbitsize); 229 160 return -EINVAL; 230 161 } 231 - if (rc == 0) 232 - break; 162 + for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) { 163 + rc = pkey_cca_clr2key(apqns[i].card, 164 + apqns[i].domain, 165 + u, keytype, kbitsize, flags, 166 + clrkey, kbitsize / 8, 167 + keybuf, keybuflen); 168 + } 169 + } else if (pkey_is_ep11_keytype(keytype)) { 170 + /* As of now only EP11 AES key generation is supported */ 171 + u = pkey_aes_bitsize_to_keytype(kbitsize); 172 + if (!u) { 173 + PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n", 174 + __func__, kbitsize); 175 + return -EINVAL; 176 + } 177 + for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) { 178 + rc = pkey_ep11_clr2key(apqns[i].card, 179 + apqns[i].domain, 180 + u, keytype, kbitsize, flags, 181 + clrkey, kbitsize / 8, 182 + keybuf, keybuflen); 183 + } 184 + } else { 185 + PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", 186 + __func__, keytype); 187 + return -EINVAL; 233 188 } 234 - 235 - if (rc) 236 - pr_debug("%s failed rc=%d\n", __func__, rc); 237 189 238 190 return rc; 239 191 } 240 192 241 - /* 242 - * Construct EP11 key with given clear key value. 243 - */ 244 - static int pkey_clr2ep11key(const u8 *clrkey, size_t clrkeylen, 245 - u8 *keybuf, size_t *keybuflen) 193 + static int ccakey2protkey(const struct pkey_apqn *apqns, size_t nr_apqns, 194 + const u8 *key, size_t keylen, 195 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 246 196 { 247 - u32 nr_apqns, *apqns = NULL; 248 - u16 card, dom; 249 - int i, rc; 197 + struct pkey_apqn *local_apqns = NULL; 198 + int i, j, rc; 250 199 251 - zcrypt_wait_api_operational(); 252 - 253 - /* build a list of apqns suitable for ep11 keys with cpacf support */ 254 - rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 255 - ZCRYPT_CEX7, 256 - ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4, 257 - NULL); 258 - if (rc) 259 - goto out; 260 - 261 - /* go through the list of apqns and try to bild an ep11 key */ 262 - for (rc = -ENODEV, i = 0; i < nr_apqns; i++) { 263 - card = apqns[i] >> 16; 264 - dom = apqns[i] & 0xFFFF; 265 - rc = ep11_clr2keyblob(card, dom, clrkeylen * 8, 266 - 0, clrkey, keybuf, keybuflen, 267 - PKEY_TYPE_EP11); 268 - if (rc == 0) 269 - break; 200 + /* alloc space for list of apqns if no list given */ 201 + if (!apqns || (nr_apqns == 1 && 202 + apqns[0].card == 0xFFFF && apqns[0].domain == 0xFFFF)) { 203 + nr_apqns = MAXAPQNSINLIST; 204 + local_apqns = kmalloc_array(nr_apqns, sizeof(struct pkey_apqn), 205 + GFP_KERNEL); 206 + if (!local_apqns) 207 + return -ENOMEM; 208 + apqns = local_apqns; 270 209 } 271 - 272 - out: 273 - kfree(apqns); 274 - if (rc) 275 - pr_debug("%s failed rc=%d\n", __func__, rc); 276 - return rc; 277 - } 278 - 279 - /* 280 - * Find card and transform EP11 secure key into protected key. 281 - */ 282 - static int pkey_ep11key2pkey(const u8 *key, size_t keylen, 283 - u8 *protkey, u32 *protkeylen, u32 *protkeytype) 284 - { 285 - u32 nr_apqns, *apqns = NULL; 286 - int i, j, rc = -ENODEV; 287 - u16 card, dom; 288 - 289 - zcrypt_wait_api_operational(); 290 210 291 211 /* try two times in case of failure */ 292 - for (i = 0; i < 2 && rc; i++) { 293 - 294 - /* build a list of apqns suitable for this key */ 295 - rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 296 - ZCRYPT_CEX7, 297 - ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4, 298 - ep11_kb_wkvp(key, keylen)); 299 - if (rc) 300 - continue; /* retry findcard on failure */ 301 - 302 - /* go through the list of apqns and try to derive an pkey */ 303 - for (rc = -ENODEV, j = 0; j < nr_apqns && rc; j++) { 304 - card = apqns[j] >> 16; 305 - dom = apqns[j] & 0xFFFF; 306 - rc = ep11_kblob2protkey(card, dom, key, keylen, 307 - protkey, protkeylen, protkeytype); 212 + for (i = 0, rc = -ENODEV; i < 2 && rc; i++) { 213 + if (local_apqns) { 214 + /* gather list of apqns able to deal with this key */ 215 + nr_apqns = MAXAPQNSINLIST; 216 + rc = pkey_cca_apqns4key(key, keylen, 0, 217 + local_apqns, &nr_apqns); 218 + if (rc) 219 + continue; 308 220 } 309 - 310 - kfree(apqns); 221 + /* go through the list of apqns until success or end */ 222 + for (j = 0, rc = -ENODEV; j < nr_apqns && rc; j++) { 223 + rc = pkey_cca_key2protkey(apqns[j].card, 224 + apqns[j].domain, 225 + key, keylen, 226 + protkey, protkeylen, 227 + protkeytype); 228 + } 311 229 } 312 230 313 - if (rc) 314 - pr_debug("%s failed rc=%d\n", __func__, rc); 231 + kfree(local_apqns); 315 232 316 233 return rc; 317 234 } 318 235 319 - /* 320 - * Verify key and give back some info about the key. 321 - */ 322 - static int pkey_verifykey(const struct pkey_seckey *seckey, 323 - u16 *pcardnr, u16 *pdomain, 324 - u16 *pkeysize, u32 *pattributes) 236 + static int ep11key2protkey(const struct pkey_apqn *apqns, size_t nr_apqns, 237 + const u8 *key, size_t keylen, 238 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 325 239 { 326 - struct secaeskeytoken *t = (struct secaeskeytoken *)seckey; 327 - u16 cardnr, domain; 328 - int rc; 240 + struct pkey_apqn *local_apqns = NULL; 241 + int i, j, rc; 329 242 330 - /* check the secure key for valid AES secure key */ 331 - rc = cca_check_secaeskeytoken(pkey_dbf_info, 3, (u8 *)seckey, 0); 332 - if (rc) 333 - goto out; 334 - if (pattributes) 335 - *pattributes = PKEY_VERIFY_ATTR_AES; 336 - if (pkeysize) 337 - *pkeysize = t->bitsize; 338 - 339 - /* try to find a card which can handle this key */ 340 - rc = cca_findcard(seckey->seckey, &cardnr, &domain, 1); 341 - if (rc < 0) 342 - goto out; 343 - 344 - if (rc > 0) { 345 - /* key mkvp matches to old master key mkvp */ 346 - pr_debug("%s secure key has old mkvp\n", __func__); 347 - if (pattributes) 348 - *pattributes |= PKEY_VERIFY_ATTR_OLD_MKVP; 349 - rc = 0; 243 + /* alloc space for list of apqns if no list given */ 244 + if (!apqns || (nr_apqns == 1 && 245 + apqns[0].card == 0xFFFF && apqns[0].domain == 0xFFFF)) { 246 + nr_apqns = MAXAPQNSINLIST; 247 + local_apqns = kmalloc_array(nr_apqns, sizeof(struct pkey_apqn), 248 + GFP_KERNEL); 249 + if (!local_apqns) 250 + return -ENOMEM; 251 + apqns = local_apqns; 350 252 } 351 253 352 - if (pcardnr) 353 - *pcardnr = cardnr; 354 - if (pdomain) 355 - *pdomain = domain; 254 + /* try two times in case of failure */ 255 + for (i = 0, rc = -ENODEV; i < 2 && rc; i++) { 256 + if (local_apqns) { 257 + /* gather list of apqns able to deal with this key */ 258 + nr_apqns = MAXAPQNSINLIST; 259 + rc = pkey_ep11_apqns4key(key, keylen, 0, 260 + local_apqns, &nr_apqns); 261 + if (rc) 262 + continue; 263 + } 264 + /* go through the list of apqns until success or end */ 265 + for (j = 0, rc = -ENODEV; j < nr_apqns && rc; j++) { 266 + rc = pkey_ep11_key2protkey(apqns[j].card, 267 + apqns[j].domain, 268 + key, keylen, 269 + protkey, protkeylen, 270 + protkeytype); 271 + } 272 + } 356 273 357 - out: 358 - pr_debug("%s rc=%d\n", __func__, rc); 274 + kfree(local_apqns); 275 + 359 276 return rc; 360 277 } 361 278 362 - /* 363 - * Generate a random protected key 364 - */ 365 - static int pkey_genprotkey(u32 keytype, u8 *protkey, 366 - u32 *protkeylen, u32 *protkeytype) 367 - { 368 - u8 clrkey[32]; 369 - int keysize; 370 - int rc; 371 - 372 - keysize = pkey_keytype_aes_to_size(keytype); 373 - if (!keysize) { 374 - PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", __func__, 375 - keytype); 376 - return -EINVAL; 377 - } 378 - 379 - /* generate a dummy random clear key */ 380 - get_random_bytes(clrkey, keysize); 381 - 382 - /* convert it to a dummy protected key */ 383 - rc = pkey_clr2protkey(keytype, clrkey, 384 - protkey, protkeylen, protkeytype); 385 - if (rc) 386 - return rc; 387 - 388 - /* replace the key part of the protected key with random bytes */ 389 - get_random_bytes(protkey, keysize); 390 - 391 - return 0; 392 - } 393 - 394 - /* 395 - * Verify if a protected key is still valid 396 - */ 397 - static int pkey_verifyprotkey(const u8 *protkey, u32 protkeylen, 398 - u32 protkeytype) 399 - { 400 - struct { 401 - u8 iv[AES_BLOCK_SIZE]; 402 - u8 key[MAXPROTKEYSIZE]; 403 - } param; 404 - u8 null_msg[AES_BLOCK_SIZE]; 405 - u8 dest_buf[AES_BLOCK_SIZE]; 406 - unsigned int k, pkeylen; 407 - unsigned long fc; 408 - 409 - switch (protkeytype) { 410 - case PKEY_KEYTYPE_AES_128: 411 - pkeylen = 16 + AES_WK_VP_SIZE; 412 - fc = CPACF_KMC_PAES_128; 413 - break; 414 - case PKEY_KEYTYPE_AES_192: 415 - pkeylen = 24 + AES_WK_VP_SIZE; 416 - fc = CPACF_KMC_PAES_192; 417 - break; 418 - case PKEY_KEYTYPE_AES_256: 419 - pkeylen = 32 + AES_WK_VP_SIZE; 420 - fc = CPACF_KMC_PAES_256; 421 - break; 422 - default: 423 - PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n", __func__, 424 - protkeytype); 425 - return -EINVAL; 426 - } 427 - if (protkeylen != pkeylen) { 428 - PKEY_DBF_ERR("%s invalid protected key size %u for keytype %u\n", 429 - __func__, protkeylen, protkeytype); 430 - return -EINVAL; 431 - } 432 - 433 - memset(null_msg, 0, sizeof(null_msg)); 434 - 435 - memset(param.iv, 0, sizeof(param.iv)); 436 - memcpy(param.key, protkey, protkeylen); 437 - 438 - k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf, 439 - sizeof(null_msg)); 440 - if (k != sizeof(null_msg)) { 441 - PKEY_DBF_ERR("%s protected key is not valid\n", __func__); 442 - return -EKEYREJECTED; 443 - } 444 - 445 - return 0; 446 - } 447 - 448 - /* Helper for pkey_nonccatok2pkey, handles aes clear key token */ 449 - static int nonccatokaes2pkey(const struct clearkeytoken *t, 450 - u8 *protkey, u32 *protkeylen, u32 *protkeytype) 279 + static int pckmokey2protkey_fallback(const struct clearkeytoken *t, 280 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 451 281 { 452 282 size_t tmpbuflen = max_t(size_t, SECKEYBLOBSIZE, MAXEP11AESKEYBLOBSIZE); 283 + struct pkey_apqn *apqns = NULL; 284 + u32 keysize, tmplen; 453 285 u8 *tmpbuf = NULL; 454 - u32 keysize; 455 - int rc; 286 + size_t nr_apqns; 287 + int i, j, rc; 288 + 289 + /* As of now only for AES keys a fallback is available */ 456 290 457 291 keysize = pkey_keytype_aes_to_size(t->keytype); 458 292 if (!keysize) { ··· 285 471 return -EINVAL; 286 472 } 287 473 if (t->len != keysize) { 288 - PKEY_DBF_ERR("%s non clear key aes token: invalid key len %u\n", 474 + PKEY_DBF_ERR("%s clear key AES token: invalid key len %u\n", 289 475 __func__, t->len); 290 476 return -EINVAL; 291 477 } 292 478 293 - /* try direct way with the PCKMO instruction */ 294 - rc = pkey_clr2protkey(t->keytype, t->clearkey, 295 - protkey, protkeylen, protkeytype); 296 - if (!rc) 297 - goto out; 298 - 299 - /* PCKMO failed, so try the CCA secure key way */ 479 + /* alloc tmp buffer and space for apqns */ 300 480 tmpbuf = kmalloc(tmpbuflen, GFP_ATOMIC); 301 481 if (!tmpbuf) 302 482 return -ENOMEM; 303 - zcrypt_wait_api_operational(); 304 - rc = cca_clr2seckey(0xFFFF, 0xFFFF, t->keytype, t->clearkey, tmpbuf); 305 - if (rc) 306 - goto try_via_ep11; 307 - rc = pkey_skey2pkey(tmpbuf, 308 - protkey, protkeylen, protkeytype); 309 - if (!rc) 310 - goto out; 483 + nr_apqns = MAXAPQNSINLIST; 484 + apqns = kmalloc_array(nr_apqns, sizeof(struct pkey_apqn), GFP_KERNEL); 485 + if (!apqns) { 486 + kfree(tmpbuf); 487 + return -ENOMEM; 488 + } 489 + 490 + /* try two times in case of failure */ 491 + for (i = 0, rc = -ENODEV; i < 2 && rc; i++) { 492 + 493 + /* CCA secure key way */ 494 + nr_apqns = MAXAPQNSINLIST; 495 + rc = pkey_cca_apqns4type(PKEY_TYPE_CCA_DATA, 496 + NULL, NULL, 0, apqns, &nr_apqns); 497 + if (rc) 498 + goto try_via_ep11; 499 + for (j = 0, rc = -ENODEV; j < nr_apqns && rc; j++) { 500 + tmplen = tmpbuflen; 501 + rc = pkey_cca_clr2key(apqns[j].card, apqns[j].domain, 502 + t->keytype, PKEY_TYPE_CCA_DATA, 503 + 8 * keysize, 0, 504 + t->clearkey, t->len, 505 + tmpbuf, &tmplen); 506 + } 507 + if (rc) 508 + goto try_via_ep11; 509 + for (j = 0, rc = -ENODEV; j < nr_apqns && rc; j++) { 510 + rc = pkey_cca_key2protkey(apqns[j].card, 511 + apqns[j].domain, 512 + tmpbuf, tmplen, 513 + protkey, protkeylen, 514 + protkeytype); 515 + } 516 + if (!rc) 517 + break; 311 518 312 519 try_via_ep11: 313 - /* if the CCA way also failed, let's try via EP11 */ 314 - rc = pkey_clr2ep11key(t->clearkey, t->len, 315 - tmpbuf, &tmpbuflen); 316 - if (rc) 317 - goto failure; 318 - rc = pkey_ep11key2pkey(tmpbuf, tmpbuflen, 319 - protkey, protkeylen, protkeytype); 320 - if (!rc) 321 - goto out; 322 - 323 - failure: 324 - PKEY_DBF_ERR("%s unable to build protected key from clear", __func__); 325 - 326 - out: 327 - kfree(tmpbuf); 328 - return rc; 329 - } 330 - 331 - /* Helper for pkey_nonccatok2pkey, handles ecc clear key token */ 332 - static int nonccatokecc2pkey(const struct clearkeytoken *t, 333 - u8 *protkey, u32 *protkeylen, u32 *protkeytype) 334 - { 335 - u32 keylen; 336 - int rc; 337 - 338 - switch (t->keytype) { 339 - case PKEY_KEYTYPE_ECC_P256: 340 - keylen = 32; 341 - break; 342 - case PKEY_KEYTYPE_ECC_P384: 343 - keylen = 48; 344 - break; 345 - case PKEY_KEYTYPE_ECC_P521: 346 - keylen = 80; 347 - break; 348 - case PKEY_KEYTYPE_ECC_ED25519: 349 - keylen = 32; 350 - break; 351 - case PKEY_KEYTYPE_ECC_ED448: 352 - keylen = 64; 353 - break; 354 - default: 355 - PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n", 356 - __func__, t->keytype); 357 - return -EINVAL; 358 - } 359 - 360 - if (t->len != keylen) { 361 - PKEY_DBF_ERR("%s non clear key ecc token: invalid key len %u\n", 362 - __func__, t->len); 363 - return -EINVAL; 364 - } 365 - 366 - /* only one path possible: via PCKMO instruction */ 367 - rc = pkey_clr2protkey(t->keytype, t->clearkey, 368 - protkey, protkeylen, protkeytype); 369 - if (rc) { 370 - PKEY_DBF_ERR("%s unable to build protected key from clear", 371 - __func__); 372 - } 373 - 374 - return rc; 375 - } 376 - 377 - /* 378 - * Transform a non-CCA key token into a protected key 379 - */ 380 - static int pkey_nonccatok2pkey(const u8 *key, u32 keylen, 381 - u8 *protkey, u32 *protkeylen, u32 *protkeytype) 382 - { 383 - struct keytoken_header *hdr = (struct keytoken_header *)key; 384 - int rc = -EINVAL; 385 - 386 - switch (hdr->version) { 387 - case TOKVER_PROTECTED_KEY: { 388 - struct protaeskeytoken *t; 389 - 390 - if (keylen != sizeof(struct protaeskeytoken)) 391 - goto out; 392 - t = (struct protaeskeytoken *)key; 393 - rc = pkey_verifyprotkey(t->protkey, t->len, t->keytype); 520 + /* the CCA way failed, try via EP11 */ 521 + nr_apqns = MAXAPQNSINLIST; 522 + rc = pkey_ep11_apqns4type(PKEY_TYPE_EP11_AES, 523 + NULL, NULL, 0, apqns, &nr_apqns); 394 524 if (rc) 395 - goto out; 396 - memcpy(protkey, t->protkey, t->len); 397 - *protkeylen = t->len; 398 - *protkeytype = t->keytype; 399 - break; 400 - } 401 - case TOKVER_CLEAR_KEY: { 402 - struct clearkeytoken *t = (struct clearkeytoken *)key; 403 - 404 - if (keylen < sizeof(struct clearkeytoken) || 405 - keylen != sizeof(*t) + t->len) 406 - goto out; 407 - switch (t->keytype) { 408 - case PKEY_KEYTYPE_AES_128: 409 - case PKEY_KEYTYPE_AES_192: 410 - case PKEY_KEYTYPE_AES_256: 411 - rc = nonccatokaes2pkey(t, protkey, 412 - protkeylen, protkeytype); 413 - break; 414 - case PKEY_KEYTYPE_ECC_P256: 415 - case PKEY_KEYTYPE_ECC_P384: 416 - case PKEY_KEYTYPE_ECC_P521: 417 - case PKEY_KEYTYPE_ECC_ED25519: 418 - case PKEY_KEYTYPE_ECC_ED448: 419 - rc = nonccatokecc2pkey(t, protkey, 420 - protkeylen, protkeytype); 421 - break; 422 - default: 423 - PKEY_DBF_ERR("%s unknown/unsupported non cca clear key type %u\n", 424 - __func__, t->keytype); 425 - return -EINVAL; 426 - } 427 - break; 428 - } 429 - case TOKVER_EP11_AES: { 430 - /* check ep11 key for exportable as protected key */ 431 - rc = ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1); 432 - if (rc) 433 - goto out; 434 - rc = pkey_ep11key2pkey(key, keylen, 435 - protkey, protkeylen, protkeytype); 436 - break; 437 - } 438 - case TOKVER_EP11_AES_WITH_HEADER: 439 - /* check ep11 key with header for exportable as protected key */ 440 - rc = ep11_check_aes_key_with_hdr(pkey_dbf_info, 441 - 3, key, keylen, 1); 442 - if (rc) 443 - goto out; 444 - rc = pkey_ep11key2pkey(key, keylen, 445 - protkey, protkeylen, protkeytype); 446 - break; 447 - default: 448 - PKEY_DBF_ERR("%s unknown/unsupported non-CCA token version %d\n", 449 - __func__, hdr->version); 450 - } 451 - 452 - out: 453 - return rc; 454 - } 455 - 456 - /* 457 - * Transform a CCA internal key token into a protected key 458 - */ 459 - static int pkey_ccainttok2pkey(const u8 *key, u32 keylen, 460 - u8 *protkey, u32 *protkeylen, u32 *protkeytype) 461 - { 462 - struct keytoken_header *hdr = (struct keytoken_header *)key; 463 - 464 - switch (hdr->version) { 465 - case TOKVER_CCA_AES: 466 - if (keylen != sizeof(struct secaeskeytoken)) 467 - return -EINVAL; 468 - break; 469 - case TOKVER_CCA_VLSC: 470 - if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 471 - return -EINVAL; 472 - break; 473 - default: 474 - PKEY_DBF_ERR("%s unknown/unsupported CCA internal token version %d\n", 475 - __func__, hdr->version); 476 - return -EINVAL; 477 - } 478 - 479 - return pkey_skey2pkey(key, protkey, protkeylen, protkeytype); 480 - } 481 - 482 - /* 483 - * Transform a key blob (of any type) into a protected key 484 - */ 485 - int pkey_keyblob2pkey(const u8 *key, u32 keylen, 486 - u8 *protkey, u32 *protkeylen, u32 *protkeytype) 487 - { 488 - struct keytoken_header *hdr = (struct keytoken_header *)key; 489 - int rc; 490 - 491 - if (keylen < sizeof(struct keytoken_header)) { 492 - PKEY_DBF_ERR("%s invalid keylen %d\n", __func__, keylen); 493 - return -EINVAL; 494 - } 495 - 496 - switch (hdr->type) { 497 - case TOKTYPE_NON_CCA: 498 - rc = pkey_nonccatok2pkey(key, keylen, 499 - protkey, protkeylen, protkeytype); 500 - break; 501 - case TOKTYPE_CCA_INTERNAL: 502 - rc = pkey_ccainttok2pkey(key, keylen, 503 - protkey, protkeylen, protkeytype); 504 - break; 505 - default: 506 - PKEY_DBF_ERR("%s unknown/unsupported blob type %d\n", 507 - __func__, hdr->type); 508 - return -EINVAL; 509 - } 510 - 511 - pr_debug("%s rc=%d\n", __func__, rc); 512 - return rc; 513 - } 514 - EXPORT_SYMBOL(pkey_keyblob2pkey); 515 - 516 - static int pkey_genseckey2(const struct pkey_apqn *apqns, size_t nr_apqns, 517 - enum pkey_key_type ktype, enum pkey_key_size ksize, 518 - u32 kflags, u8 *keybuf, size_t *keybufsize) 519 - { 520 - int i, card, dom, rc; 521 - 522 - /* check for at least one apqn given */ 523 - if (!apqns || !nr_apqns) 524 - return -EINVAL; 525 - 526 - /* check key type and size */ 527 - switch (ktype) { 528 - case PKEY_TYPE_CCA_DATA: 529 - case PKEY_TYPE_CCA_CIPHER: 530 - if (*keybufsize < SECKEYBLOBSIZE) 531 - return -EINVAL; 532 - break; 533 - case PKEY_TYPE_EP11: 534 - if (*keybufsize < MINEP11AESKEYBLOBSIZE) 535 - return -EINVAL; 536 - break; 537 - case PKEY_TYPE_EP11_AES: 538 - if (*keybufsize < (sizeof(struct ep11kblob_header) + 539 - MINEP11AESKEYBLOBSIZE)) 540 - return -EINVAL; 541 - break; 542 - default: 543 - return -EINVAL; 544 - } 545 - switch (ksize) { 546 - case PKEY_SIZE_AES_128: 547 - case PKEY_SIZE_AES_192: 548 - case PKEY_SIZE_AES_256: 549 - break; 550 - default: 551 - return -EINVAL; 552 - } 553 - 554 - /* simple try all apqns from the list */ 555 - for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 556 - card = apqns[i].card; 557 - dom = apqns[i].domain; 558 - if (ktype == PKEY_TYPE_EP11 || 559 - ktype == PKEY_TYPE_EP11_AES) { 560 - rc = ep11_genaeskey(card, dom, ksize, kflags, 561 - keybuf, keybufsize, ktype); 562 - } else if (ktype == PKEY_TYPE_CCA_DATA) { 563 - rc = cca_genseckey(card, dom, ksize, keybuf); 564 - *keybufsize = (rc ? 0 : SECKEYBLOBSIZE); 565 - } else { 566 - /* TOKVER_CCA_VLSC */ 567 - rc = cca_gencipherkey(card, dom, ksize, kflags, 568 - keybuf, keybufsize); 569 - } 570 - if (rc == 0) 571 - break; 572 - } 573 - 574 - return rc; 575 - } 576 - 577 - static int pkey_clr2seckey2(const struct pkey_apqn *apqns, size_t nr_apqns, 578 - enum pkey_key_type ktype, enum pkey_key_size ksize, 579 - u32 kflags, const u8 *clrkey, 580 - u8 *keybuf, size_t *keybufsize) 581 - { 582 - int i, card, dom, rc; 583 - 584 - /* check for at least one apqn given */ 585 - if (!apqns || !nr_apqns) 586 - return -EINVAL; 587 - 588 - /* check key type and size */ 589 - switch (ktype) { 590 - case PKEY_TYPE_CCA_DATA: 591 - case PKEY_TYPE_CCA_CIPHER: 592 - if (*keybufsize < SECKEYBLOBSIZE) 593 - return -EINVAL; 594 - break; 595 - case PKEY_TYPE_EP11: 596 - if (*keybufsize < MINEP11AESKEYBLOBSIZE) 597 - return -EINVAL; 598 - break; 599 - case PKEY_TYPE_EP11_AES: 600 - if (*keybufsize < (sizeof(struct ep11kblob_header) + 601 - MINEP11AESKEYBLOBSIZE)) 602 - return -EINVAL; 603 - break; 604 - default: 605 - return -EINVAL; 606 - } 607 - switch (ksize) { 608 - case PKEY_SIZE_AES_128: 609 - case PKEY_SIZE_AES_192: 610 - case PKEY_SIZE_AES_256: 611 - break; 612 - default: 613 - return -EINVAL; 614 - } 615 - 616 - zcrypt_wait_api_operational(); 617 - 618 - /* simple try all apqns from the list */ 619 - for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 620 - card = apqns[i].card; 621 - dom = apqns[i].domain; 622 - if (ktype == PKEY_TYPE_EP11 || 623 - ktype == PKEY_TYPE_EP11_AES) { 624 - rc = ep11_clr2keyblob(card, dom, ksize, kflags, 625 - clrkey, keybuf, keybufsize, 626 - ktype); 627 - } else if (ktype == PKEY_TYPE_CCA_DATA) { 628 - rc = cca_clr2seckey(card, dom, ksize, 629 - clrkey, keybuf); 630 - *keybufsize = (rc ? 0 : SECKEYBLOBSIZE); 631 - } else { 632 - /* TOKVER_CCA_VLSC */ 633 - rc = cca_clr2cipherkey(card, dom, ksize, kflags, 634 - clrkey, keybuf, keybufsize); 635 - } 636 - if (rc == 0) 637 - break; 638 - } 639 - 640 - return rc; 641 - } 642 - 643 - static int pkey_verifykey2(const u8 *key, size_t keylen, 644 - u16 *cardnr, u16 *domain, 645 - enum pkey_key_type *ktype, 646 - enum pkey_key_size *ksize, u32 *flags) 647 - { 648 - struct keytoken_header *hdr = (struct keytoken_header *)key; 649 - u32 _nr_apqns, *_apqns = NULL; 650 - int rc; 651 - 652 - if (keylen < sizeof(struct keytoken_header)) 653 - return -EINVAL; 654 - 655 - if (hdr->type == TOKTYPE_CCA_INTERNAL && 656 - hdr->version == TOKVER_CCA_AES) { 657 - struct secaeskeytoken *t = (struct secaeskeytoken *)key; 658 - 659 - rc = cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0); 660 - if (rc) 661 - goto out; 662 - if (ktype) 663 - *ktype = PKEY_TYPE_CCA_DATA; 664 - if (ksize) 665 - *ksize = (enum pkey_key_size)t->bitsize; 666 - 667 - rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 668 - ZCRYPT_CEX3C, AES_MK_SET, t->mkvp, 0, 1); 669 - if (rc == 0 && flags) 670 - *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 671 - if (rc == -ENODEV) { 672 - rc = cca_findcard2(&_apqns, &_nr_apqns, 673 - *cardnr, *domain, 674 - ZCRYPT_CEX3C, AES_MK_SET, 675 - 0, t->mkvp, 1); 676 - if (rc == 0 && flags) 677 - *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 525 + continue; 526 + for (j = 0, rc = -ENODEV; j < nr_apqns && rc; j++) { 527 + tmplen = tmpbuflen; 528 + rc = pkey_ep11_clr2key(apqns[j].card, apqns[j].domain, 529 + t->keytype, PKEY_TYPE_EP11_AES, 530 + 8 * keysize, 0, 531 + t->clearkey, t->len, 532 + tmpbuf, &tmplen); 678 533 } 679 534 if (rc) 680 - goto out; 681 - 682 - *cardnr = ((struct pkey_apqn *)_apqns)->card; 683 - *domain = ((struct pkey_apqn *)_apqns)->domain; 684 - 685 - } else if (hdr->type == TOKTYPE_CCA_INTERNAL && 686 - hdr->version == TOKVER_CCA_VLSC) { 687 - struct cipherkeytoken *t = (struct cipherkeytoken *)key; 688 - 689 - rc = cca_check_secaescipherkey(pkey_dbf_info, 3, key, 0, 1); 690 - if (rc) 691 - goto out; 692 - if (ktype) 693 - *ktype = PKEY_TYPE_CCA_CIPHER; 694 - if (ksize) { 695 - *ksize = PKEY_SIZE_UNKNOWN; 696 - if (!t->plfver && t->wpllen == 512) 697 - *ksize = PKEY_SIZE_AES_128; 698 - else if (!t->plfver && t->wpllen == 576) 699 - *ksize = PKEY_SIZE_AES_192; 700 - else if (!t->plfver && t->wpllen == 640) 701 - *ksize = PKEY_SIZE_AES_256; 702 - } 703 - 704 - rc = cca_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 705 - ZCRYPT_CEX6, AES_MK_SET, t->mkvp0, 0, 1); 706 - if (rc == 0 && flags) 707 - *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 708 - if (rc == -ENODEV) { 709 - rc = cca_findcard2(&_apqns, &_nr_apqns, 710 - *cardnr, *domain, 711 - ZCRYPT_CEX6, AES_MK_SET, 712 - 0, t->mkvp0, 1); 713 - if (rc == 0 && flags) 714 - *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 715 - } 716 - if (rc) 717 - goto out; 718 - 719 - *cardnr = ((struct pkey_apqn *)_apqns)->card; 720 - *domain = ((struct pkey_apqn *)_apqns)->domain; 721 - 722 - } else if (hdr->type == TOKTYPE_NON_CCA && 723 - hdr->version == TOKVER_EP11_AES) { 724 - struct ep11keyblob *kb = (struct ep11keyblob *)key; 725 - int api; 726 - 727 - rc = ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1); 728 - if (rc) 729 - goto out; 730 - if (ktype) 731 - *ktype = PKEY_TYPE_EP11; 732 - if (ksize) 733 - *ksize = kb->head.bitlen; 734 - 735 - api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 736 - rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 737 - ZCRYPT_CEX7, api, 738 - ep11_kb_wkvp(key, keylen)); 739 - if (rc) 740 - goto out; 741 - 742 - if (flags) 743 - *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 744 - 745 - *cardnr = ((struct pkey_apqn *)_apqns)->card; 746 - *domain = ((struct pkey_apqn *)_apqns)->domain; 747 - 748 - } else if (hdr->type == TOKTYPE_NON_CCA && 749 - hdr->version == TOKVER_EP11_AES_WITH_HEADER) { 750 - struct ep11kblob_header *kh = (struct ep11kblob_header *)key; 751 - int api; 752 - 753 - rc = ep11_check_aes_key_with_hdr(pkey_dbf_info, 754 - 3, key, keylen, 1); 755 - if (rc) 756 - goto out; 757 - if (ktype) 758 - *ktype = PKEY_TYPE_EP11_AES; 759 - if (ksize) 760 - *ksize = kh->bitlen; 761 - 762 - api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 763 - rc = ep11_findcard2(&_apqns, &_nr_apqns, *cardnr, *domain, 764 - ZCRYPT_CEX7, api, 765 - ep11_kb_wkvp(key, keylen)); 766 - if (rc) 767 - goto out; 768 - 769 - if (flags) 770 - *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 771 - 772 - *cardnr = ((struct pkey_apqn *)_apqns)->card; 773 - *domain = ((struct pkey_apqn *)_apqns)->domain; 774 - } else { 775 - rc = -EINVAL; 776 - } 777 - 778 - out: 779 - kfree(_apqns); 780 - return rc; 781 - } 782 - 783 - static int pkey_keyblob2pkey2(const struct pkey_apqn *apqns, size_t nr_apqns, 784 - const u8 *key, size_t keylen, 785 - u8 *protkey, u32 *protkeylen, u32 *protkeytype) 786 - { 787 - struct keytoken_header *hdr = (struct keytoken_header *)key; 788 - int i, card, dom, rc; 789 - 790 - /* check for at least one apqn given */ 791 - if (!apqns || !nr_apqns) 792 - return -EINVAL; 793 - 794 - if (keylen < sizeof(struct keytoken_header)) 795 - return -EINVAL; 796 - 797 - if (hdr->type == TOKTYPE_CCA_INTERNAL) { 798 - if (hdr->version == TOKVER_CCA_AES) { 799 - if (keylen != sizeof(struct secaeskeytoken)) 800 - return -EINVAL; 801 - if (cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0)) 802 - return -EINVAL; 803 - } else if (hdr->version == TOKVER_CCA_VLSC) { 804 - if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 805 - return -EINVAL; 806 - if (cca_check_secaescipherkey(pkey_dbf_info, 807 - 3, key, 0, 1)) 808 - return -EINVAL; 809 - } else { 810 - PKEY_DBF_ERR("%s unknown CCA internal token version %d\n", 811 - __func__, hdr->version); 812 - return -EINVAL; 813 - } 814 - } else if (hdr->type == TOKTYPE_NON_CCA) { 815 - if (hdr->version == TOKVER_EP11_AES) { 816 - if (ep11_check_aes_key(pkey_dbf_info, 817 - 3, key, keylen, 1)) 818 - return -EINVAL; 819 - } else if (hdr->version == TOKVER_EP11_AES_WITH_HEADER) { 820 - if (ep11_check_aes_key_with_hdr(pkey_dbf_info, 821 - 3, key, keylen, 1)) 822 - return -EINVAL; 823 - } else { 824 - return pkey_nonccatok2pkey(key, keylen, 535 + continue; 536 + for (j = 0, rc = -ENODEV; j < nr_apqns && rc; j++) { 537 + rc = pkey_ep11_key2protkey(apqns[j].card, 538 + apqns[j].domain, 539 + tmpbuf, tmplen, 825 540 protkey, protkeylen, 826 541 protkeytype); 827 542 } 828 - } else { 829 - PKEY_DBF_ERR("%s unknown/unsupported blob type %d\n", 830 - __func__, hdr->type); 831 - return -EINVAL; 832 543 } 833 544 834 - zcrypt_wait_api_operational(); 835 - 836 - /* simple try all apqns from the list */ 837 - for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 838 - card = apqns[i].card; 839 - dom = apqns[i].domain; 840 - if (hdr->type == TOKTYPE_CCA_INTERNAL && 841 - hdr->version == TOKVER_CCA_AES) { 842 - rc = cca_sec2protkey(card, dom, key, 843 - protkey, protkeylen, protkeytype); 844 - } else if (hdr->type == TOKTYPE_CCA_INTERNAL && 845 - hdr->version == TOKVER_CCA_VLSC) { 846 - rc = cca_cipher2protkey(card, dom, key, 847 - protkey, protkeylen, 848 - protkeytype); 849 - } else { 850 - rc = ep11_kblob2protkey(card, dom, key, keylen, 851 - protkey, protkeylen, 852 - protkeytype); 853 - } 854 - if (rc == 0) 855 - break; 856 - } 545 + kfree(tmpbuf); 546 + kfree(apqns); 857 547 858 548 return rc; 859 549 } 860 550 861 - static int pkey_apqns4key(const u8 *key, size_t keylen, u32 flags, 862 - struct pkey_apqn *apqns, size_t *nr_apqns) 551 + static int pckmokey2protkey(const u8 *key, size_t keylen, 552 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 863 553 { 864 - struct keytoken_header *hdr = (struct keytoken_header *)key; 865 - u32 _nr_apqns, *_apqns = NULL; 866 554 int rc; 867 555 868 - if (keylen < sizeof(struct keytoken_header) || flags == 0) 869 - return -EINVAL; 556 + rc = pkey_pckmo_key2protkey(key, keylen, 557 + protkey, protkeylen, 558 + protkeytype); 559 + if (rc == -ENODEV) { 560 + struct keytoken_header *hdr = (struct keytoken_header *)key; 561 + struct clearkeytoken *t = (struct clearkeytoken *)key; 870 562 871 - zcrypt_wait_api_operational(); 872 - 873 - if (hdr->type == TOKTYPE_NON_CCA && 874 - (hdr->version == TOKVER_EP11_AES_WITH_HEADER || 875 - hdr->version == TOKVER_EP11_ECC_WITH_HEADER) && 876 - is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 877 - struct ep11keyblob *kb = (struct ep11keyblob *) 878 - (key + sizeof(struct ep11kblob_header)); 879 - int minhwtype = 0, api = 0; 880 - 881 - if (flags != PKEY_FLAGS_MATCH_CUR_MKVP) 882 - return -EINVAL; 883 - if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) { 884 - minhwtype = ZCRYPT_CEX7; 885 - api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 886 - } 887 - rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 888 - minhwtype, api, kb->wkvp); 889 - if (rc) 890 - goto out; 891 - } else if (hdr->type == TOKTYPE_NON_CCA && 892 - hdr->version == TOKVER_EP11_AES && 893 - is_ep11_keyblob(key)) { 894 - struct ep11keyblob *kb = (struct ep11keyblob *)key; 895 - int minhwtype = 0, api = 0; 896 - 897 - if (flags != PKEY_FLAGS_MATCH_CUR_MKVP) 898 - return -EINVAL; 899 - if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) { 900 - minhwtype = ZCRYPT_CEX7; 901 - api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 902 - } 903 - rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 904 - minhwtype, api, kb->wkvp); 905 - if (rc) 906 - goto out; 907 - } else if (hdr->type == TOKTYPE_CCA_INTERNAL) { 908 - u64 cur_mkvp = 0, old_mkvp = 0; 909 - int minhwtype = ZCRYPT_CEX3C; 910 - 911 - if (hdr->version == TOKVER_CCA_AES) { 912 - struct secaeskeytoken *t = (struct secaeskeytoken *)key; 913 - 914 - if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 915 - cur_mkvp = t->mkvp; 916 - if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 917 - old_mkvp = t->mkvp; 918 - } else if (hdr->version == TOKVER_CCA_VLSC) { 919 - struct cipherkeytoken *t = (struct cipherkeytoken *)key; 920 - 921 - minhwtype = ZCRYPT_CEX6; 922 - if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 923 - cur_mkvp = t->mkvp0; 924 - if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 925 - old_mkvp = t->mkvp0; 926 - } else { 927 - /* unknown cca internal token type */ 928 - return -EINVAL; 929 - } 930 - rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 931 - minhwtype, AES_MK_SET, 932 - cur_mkvp, old_mkvp, 1); 933 - if (rc) 934 - goto out; 935 - } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) { 936 - struct eccprivkeytoken *t = (struct eccprivkeytoken *)key; 937 - u64 cur_mkvp = 0, old_mkvp = 0; 938 - 939 - if (t->secid == 0x20) { 940 - if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 941 - cur_mkvp = t->mkvp; 942 - if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 943 - old_mkvp = t->mkvp; 944 - } else { 945 - /* unknown cca internal 2 token type */ 946 - return -EINVAL; 947 - } 948 - rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 949 - ZCRYPT_CEX7, APKA_MK_SET, 950 - cur_mkvp, old_mkvp, 1); 951 - if (rc) 952 - goto out; 953 - } else { 954 - return -EINVAL; 955 - } 956 - 957 - if (apqns) { 958 - if (*nr_apqns < _nr_apqns) 959 - rc = -ENOSPC; 960 - else 961 - memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 962 - } 963 - *nr_apqns = _nr_apqns; 964 - 965 - out: 966 - kfree(_apqns); 967 - return rc; 968 - } 969 - 970 - static int pkey_apqns4keytype(enum pkey_key_type ktype, 971 - u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags, 972 - struct pkey_apqn *apqns, size_t *nr_apqns) 973 - { 974 - u32 _nr_apqns, *_apqns = NULL; 975 - int rc; 976 - 977 - zcrypt_wait_api_operational(); 978 - 979 - if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) { 980 - u64 cur_mkvp = 0, old_mkvp = 0; 981 - int minhwtype = ZCRYPT_CEX3C; 982 - 983 - if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 984 - cur_mkvp = *((u64 *)cur_mkvp); 985 - if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 986 - old_mkvp = *((u64 *)alt_mkvp); 987 - if (ktype == PKEY_TYPE_CCA_CIPHER) 988 - minhwtype = ZCRYPT_CEX6; 989 - rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 990 - minhwtype, AES_MK_SET, 991 - cur_mkvp, old_mkvp, 1); 992 - if (rc) 993 - goto out; 994 - } else if (ktype == PKEY_TYPE_CCA_ECC) { 995 - u64 cur_mkvp = 0, old_mkvp = 0; 996 - 997 - if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 998 - cur_mkvp = *((u64 *)cur_mkvp); 999 - if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 1000 - old_mkvp = *((u64 *)alt_mkvp); 1001 - rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 1002 - ZCRYPT_CEX7, APKA_MK_SET, 1003 - cur_mkvp, old_mkvp, 1); 1004 - if (rc) 1005 - goto out; 1006 - 1007 - } else if (ktype == PKEY_TYPE_EP11 || 1008 - ktype == PKEY_TYPE_EP11_AES || 1009 - ktype == PKEY_TYPE_EP11_ECC) { 1010 - u8 *wkvp = NULL; 1011 - int api; 1012 - 1013 - if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 1014 - wkvp = cur_mkvp; 1015 - api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 1016 - rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 1017 - ZCRYPT_CEX7, api, wkvp); 1018 - if (rc) 1019 - goto out; 1020 - 1021 - } else { 1022 - return -EINVAL; 1023 - } 1024 - 1025 - if (apqns) { 1026 - if (*nr_apqns < _nr_apqns) 1027 - rc = -ENOSPC; 1028 - else 1029 - memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 1030 - } 1031 - *nr_apqns = _nr_apqns; 1032 - 1033 - out: 1034 - kfree(_apqns); 1035 - return rc; 1036 - } 1037 - 1038 - static int pkey_keyblob2pkey3(const struct pkey_apqn *apqns, size_t nr_apqns, 1039 - const u8 *key, size_t keylen, 1040 - u8 *protkey, u32 *protkeylen, u32 *protkeytype) 1041 - { 1042 - struct keytoken_header *hdr = (struct keytoken_header *)key; 1043 - int i, card, dom, rc; 1044 - 1045 - /* check for at least one apqn given */ 1046 - if (!apqns || !nr_apqns) 1047 - return -EINVAL; 1048 - 1049 - if (keylen < sizeof(struct keytoken_header)) 1050 - return -EINVAL; 1051 - 1052 - if (hdr->type == TOKTYPE_NON_CCA && 1053 - hdr->version == TOKVER_EP11_AES_WITH_HEADER && 1054 - is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 1055 - /* EP11 AES key blob with header */ 1056 - if (ep11_check_aes_key_with_hdr(pkey_dbf_info, 1057 - 3, key, keylen, 1)) 1058 - return -EINVAL; 1059 - } else if (hdr->type == TOKTYPE_NON_CCA && 1060 - hdr->version == TOKVER_EP11_ECC_WITH_HEADER && 1061 - is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 1062 - /* EP11 ECC key blob with header */ 1063 - if (ep11_check_ecc_key_with_hdr(pkey_dbf_info, 1064 - 3, key, keylen, 1)) 1065 - return -EINVAL; 1066 - } else if (hdr->type == TOKTYPE_NON_CCA && 1067 - hdr->version == TOKVER_EP11_AES && 1068 - is_ep11_keyblob(key)) { 1069 - /* EP11 AES key blob with header in session field */ 1070 - if (ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1)) 1071 - return -EINVAL; 1072 - } else if (hdr->type == TOKTYPE_CCA_INTERNAL) { 1073 - if (hdr->version == TOKVER_CCA_AES) { 1074 - /* CCA AES data key */ 1075 - if (keylen != sizeof(struct secaeskeytoken)) 1076 - return -EINVAL; 1077 - if (cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0)) 1078 - return -EINVAL; 1079 - } else if (hdr->version == TOKVER_CCA_VLSC) { 1080 - /* CCA AES cipher key */ 1081 - if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 1082 - return -EINVAL; 1083 - if (cca_check_secaescipherkey(pkey_dbf_info, 1084 - 3, key, 0, 1)) 1085 - return -EINVAL; 1086 - } else { 1087 - PKEY_DBF_ERR("%s unknown CCA internal token version %d\n", 1088 - __func__, hdr->version); 1089 - return -EINVAL; 1090 - } 1091 - } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) { 1092 - /* CCA ECC (private) key */ 1093 - if (keylen < sizeof(struct eccprivkeytoken)) 1094 - return -EINVAL; 1095 - if (cca_check_sececckeytoken(pkey_dbf_info, 3, key, keylen, 1)) 1096 - return -EINVAL; 1097 - } else if (hdr->type == TOKTYPE_NON_CCA) { 1098 - return pkey_nonccatok2pkey(key, keylen, 1099 - protkey, protkeylen, protkeytype); 1100 - } else { 1101 - PKEY_DBF_ERR("%s unknown/unsupported blob type %d\n", 1102 - __func__, hdr->type); 1103 - return -EINVAL; 1104 - } 1105 - 1106 - /* simple try all apqns from the list */ 1107 - for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) { 1108 - card = apqns[i].card; 1109 - dom = apqns[i].domain; 563 + /* maybe a fallback is possible */ 1110 564 if (hdr->type == TOKTYPE_NON_CCA && 1111 - (hdr->version == TOKVER_EP11_AES_WITH_HEADER || 1112 - hdr->version == TOKVER_EP11_ECC_WITH_HEADER) && 1113 - is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) 1114 - rc = ep11_kblob2protkey(card, dom, key, hdr->len, 1115 - protkey, protkeylen, 1116 - protkeytype); 1117 - else if (hdr->type == TOKTYPE_NON_CCA && 1118 - hdr->version == TOKVER_EP11_AES && 1119 - is_ep11_keyblob(key)) 1120 - rc = ep11_kblob2protkey(card, dom, key, hdr->len, 1121 - protkey, protkeylen, 1122 - protkeytype); 1123 - else if (hdr->type == TOKTYPE_CCA_INTERNAL && 1124 - hdr->version == TOKVER_CCA_AES) 1125 - rc = cca_sec2protkey(card, dom, key, protkey, 1126 - protkeylen, protkeytype); 1127 - else if (hdr->type == TOKTYPE_CCA_INTERNAL && 1128 - hdr->version == TOKVER_CCA_VLSC) 1129 - rc = cca_cipher2protkey(card, dom, key, protkey, 1130 - protkeylen, protkeytype); 1131 - else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) 1132 - rc = cca_ecc2protkey(card, dom, key, protkey, 1133 - protkeylen, protkeytype); 1134 - else 1135 - return -EINVAL; 565 + hdr->version == TOKVER_CLEAR_KEY) { 566 + rc = pckmokey2protkey_fallback(t, protkey, 567 + protkeylen, 568 + protkeytype); 569 + if (rc) 570 + rc = -ENODEV; 571 + } 1136 572 } 1137 573 574 + if (rc) 575 + PKEY_DBF_ERR("%s unable to build protected key from clear, rc=%d", 576 + __func__, rc); 577 + 1138 578 return rc; 579 + } 580 + 581 + static int key2protkey(const struct pkey_apqn *apqns, size_t nr_apqns, 582 + const u8 *key, size_t keylen, 583 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 584 + { 585 + if (pkey_is_cca_key(key, keylen)) { 586 + return ccakey2protkey(apqns, nr_apqns, key, keylen, 587 + protkey, protkeylen, protkeytype); 588 + } else if (pkey_is_ep11_key(key, keylen)) { 589 + return ep11key2protkey(apqns, nr_apqns, key, keylen, 590 + protkey, protkeylen, protkeytype); 591 + } else if (pkey_is_pckmo_key(key, keylen)) { 592 + return pckmokey2protkey(key, keylen, 593 + protkey, protkeylen, protkeytype); 594 + } else { 595 + struct keytoken_header *hdr = (struct keytoken_header *)key; 596 + 597 + PKEY_DBF_ERR("%s unknown/unsupported key type %d version %d\n", 598 + __func__, hdr->type, hdr->version); 599 + return -EINVAL; 600 + } 1139 601 } 1140 602 1141 603 /* 1142 - * File io functions 604 + * In-Kernel function: Transform a key blob (of any type) into a protected key 605 + */ 606 + int pkey_key2protkey(const u8 *key, u32 keylen, 607 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 608 + { 609 + return key2protkey(NULL, 0, key, keylen, 610 + protkey, protkeylen, protkeytype); 611 + } 612 + EXPORT_SYMBOL(pkey_key2protkey); 613 + 614 + /* 615 + * Ioctl functions 1143 616 */ 1144 617 1145 618 static void *_copy_key_from_user(void __user *ukey, size_t keylen) ··· 448 1347 static int pkey_ioctl_genseck(struct pkey_genseck __user *ugs) 449 1348 { 450 1349 struct pkey_genseck kgs; 1350 + u32 keybuflen; 451 1351 int rc; 452 1352 453 1353 if (copy_from_user(&kgs, ugs, sizeof(kgs))) 454 1354 return -EFAULT; 455 - rc = cca_genseckey(kgs.cardnr, kgs.domain, 456 - kgs.keytype, kgs.seckey.seckey); 457 - pr_debug("%s cca_genseckey()=%d\n", __func__, rc); 1355 + keybuflen = sizeof(kgs.seckey.seckey); 1356 + rc = pkey_cca_gen_key(kgs.cardnr, kgs.domain, 1357 + kgs.keytype, PKEY_TYPE_CCA_DATA, 0, 0, 1358 + kgs.seckey.seckey, &keybuflen); 1359 + pr_debug("pkey_cca_gen_key()=%d\n", rc); 458 1360 if (!rc && copy_to_user(ugs, &kgs, sizeof(kgs))) 459 1361 rc = -EFAULT; 460 1362 memzero_explicit(&kgs, sizeof(kgs)); ··· 468 1364 static int pkey_ioctl_clr2seck(struct pkey_clr2seck __user *ucs) 469 1365 { 470 1366 struct pkey_clr2seck kcs; 1367 + u32 keybuflen; 471 1368 int rc; 472 1369 473 1370 if (copy_from_user(&kcs, ucs, sizeof(kcs))) 474 1371 return -EFAULT; 475 - rc = cca_clr2seckey(kcs.cardnr, kcs.domain, kcs.keytype, 476 - kcs.clrkey.clrkey, kcs.seckey.seckey); 477 - pr_debug("%s cca_clr2seckey()=%d\n", __func__, rc); 1372 + keybuflen = sizeof(kcs.seckey.seckey); 1373 + rc = pkey_cca_clr2key(kcs.cardnr, kcs.domain, 1374 + kcs.keytype, PKEY_TYPE_CCA_DATA, 0, 0, 1375 + kcs.clrkey.clrkey, 1376 + pkey_keytype_aes_to_size(kcs.keytype), 1377 + kcs.seckey.seckey, &keybuflen); 1378 + pr_debug("pkey_cca_clr2key()=%d\n", rc); 478 1379 if (!rc && copy_to_user(ucs, &kcs, sizeof(kcs))) 479 1380 rc = -EFAULT; 480 1381 memzero_explicit(&kcs, sizeof(kcs)); ··· 495 1386 if (copy_from_user(&ksp, usp, sizeof(ksp))) 496 1387 return -EFAULT; 497 1388 ksp.protkey.len = sizeof(ksp.protkey.protkey); 498 - rc = cca_sec2protkey(ksp.cardnr, ksp.domain, 499 - ksp.seckey.seckey, ksp.protkey.protkey, 500 - &ksp.protkey.len, &ksp.protkey.type); 501 - pr_debug("%s cca_sec2protkey()=%d\n", __func__, rc); 1389 + rc = pkey_cca_key2protkey(ksp.cardnr, ksp.domain, 1390 + ksp.seckey.seckey, sizeof(ksp.seckey.seckey), 1391 + ksp.protkey.protkey, 1392 + &ksp.protkey.len, &ksp.protkey.type); 1393 + pr_debug("pkey_cca_key2protkey()=%d\n", rc); 502 1394 if (!rc && copy_to_user(usp, &ksp, sizeof(ksp))) 503 1395 rc = -EFAULT; 504 1396 memzero_explicit(&ksp, sizeof(ksp)); ··· 515 1405 if (copy_from_user(&kcp, ucp, sizeof(kcp))) 516 1406 return -EFAULT; 517 1407 kcp.protkey.len = sizeof(kcp.protkey.protkey); 518 - rc = pkey_clr2protkey(kcp.keytype, kcp.clrkey.clrkey, 519 - kcp.protkey.protkey, 520 - &kcp.protkey.len, &kcp.protkey.type); 521 - pr_debug("%s pkey_clr2protkey()=%d\n", __func__, rc); 1408 + rc = pkey_pckmo_clr2protkey(kcp.keytype, kcp.clrkey.clrkey, 1409 + kcp.protkey.protkey, 1410 + &kcp.protkey.len, &kcp.protkey.type); 1411 + pr_debug("pkey_pckmo_clr2protkey()=%d\n", rc); 522 1412 if (!rc && copy_to_user(ucp, &kcp, sizeof(kcp))) 523 1413 rc = -EFAULT; 524 1414 memzero_explicit(&kcp, sizeof(kcp)); ··· 529 1419 static int pkey_ioctl_findcard(struct pkey_findcard __user *ufc) 530 1420 { 531 1421 struct pkey_findcard kfc; 1422 + struct pkey_apqn *apqns; 1423 + size_t nr_apqns; 532 1424 int rc; 533 1425 534 1426 if (copy_from_user(&kfc, ufc, sizeof(kfc))) 535 1427 return -EFAULT; 536 - rc = cca_findcard(kfc.seckey.seckey, 537 - &kfc.cardnr, &kfc.domain, 1); 538 - pr_debug("%s cca_findcard()=%d\n", __func__, rc); 539 - if (rc < 0) 1428 + 1429 + if (!pkey_is_cca_key(kfc.seckey.seckey, sizeof(kfc.seckey.seckey))) 1430 + return -EINVAL; 1431 + 1432 + nr_apqns = MAXAPQNSINLIST; 1433 + apqns = kmalloc_array(nr_apqns, sizeof(struct pkey_apqn), GFP_KERNEL); 1434 + if (!apqns) 1435 + return -ENOMEM; 1436 + rc = pkey_cca_apqns4key(kfc.seckey.seckey, 1437 + sizeof(kfc.seckey.seckey), 1438 + PKEY_FLAGS_MATCH_CUR_MKVP, 1439 + apqns, &nr_apqns); 1440 + if (rc == -ENODEV) 1441 + rc = pkey_cca_apqns4key(kfc.seckey.seckey, 1442 + sizeof(kfc.seckey.seckey), 1443 + PKEY_FLAGS_MATCH_ALT_MKVP, 1444 + apqns, &nr_apqns); 1445 + pr_debug("pkey_cca_apqns4key()=%d\n", rc); 1446 + if (rc) { 1447 + kfree(apqns); 540 1448 return rc; 1449 + } 1450 + kfc.cardnr = apqns[0].card; 1451 + kfc.domain = apqns[0].domain; 1452 + kfree(apqns); 541 1453 if (copy_to_user(ufc, &kfc, sizeof(kfc))) 542 1454 return -EFAULT; 543 1455 ··· 569 1437 static int pkey_ioctl_skey2pkey(struct pkey_skey2pkey __user *usp) 570 1438 { 571 1439 struct pkey_skey2pkey ksp; 572 - int rc; 1440 + struct pkey_apqn *apqns; 1441 + size_t nr_apqns; 1442 + int i, rc; 573 1443 574 1444 if (copy_from_user(&ksp, usp, sizeof(ksp))) 575 1445 return -EFAULT; 1446 + 1447 + if (!pkey_is_cca_key(ksp.seckey.seckey, sizeof(ksp.seckey.seckey))) 1448 + return -EINVAL; 1449 + 1450 + nr_apqns = MAXAPQNSINLIST; 1451 + apqns = kmalloc_array(nr_apqns, sizeof(struct pkey_apqn), GFP_KERNEL); 1452 + if (!apqns) 1453 + return -ENOMEM; 1454 + rc = pkey_cca_apqns4key(ksp.seckey.seckey, sizeof(ksp.seckey.seckey), 1455 + 0, apqns, &nr_apqns); 1456 + pr_debug("pkey_cca_apqns4key()=%d\n", rc); 1457 + if (rc) { 1458 + kfree(apqns); 1459 + return rc; 1460 + } 576 1461 ksp.protkey.len = sizeof(ksp.protkey.protkey); 577 - rc = pkey_skey2pkey(ksp.seckey.seckey, ksp.protkey.protkey, 578 - &ksp.protkey.len, &ksp.protkey.type); 579 - pr_debug("%s pkey_skey2pkey()=%d\n", __func__, rc); 1462 + for (rc = -ENODEV, i = 0; rc && i < nr_apqns; i++) { 1463 + rc = pkey_cca_key2protkey(apqns[i].card, apqns[i].domain, 1464 + ksp.seckey.seckey, 1465 + sizeof(ksp.seckey.seckey), 1466 + ksp.protkey.protkey, 1467 + &ksp.protkey.len, 1468 + &ksp.protkey.type); 1469 + pr_debug("pkey_cca_key2protkey()=%d\n", rc); 1470 + } 1471 + kfree(apqns); 580 1472 if (!rc && copy_to_user(usp, &ksp, sizeof(ksp))) 581 1473 rc = -EFAULT; 582 1474 memzero_explicit(&ksp, sizeof(ksp)); ··· 610 1454 611 1455 static int pkey_ioctl_verifykey(struct pkey_verifykey __user *uvk) 612 1456 { 1457 + u32 keytype, keybitsize, flags; 613 1458 struct pkey_verifykey kvk; 614 1459 int rc; 615 1460 616 1461 if (copy_from_user(&kvk, uvk, sizeof(kvk))) 617 1462 return -EFAULT; 618 - rc = pkey_verifykey(&kvk.seckey, &kvk.cardnr, &kvk.domain, 619 - &kvk.keysize, &kvk.attributes); 620 - pr_debug("%s pkey_verifykey()=%d\n", __func__, rc); 1463 + kvk.cardnr = 0xFFFF; 1464 + kvk.domain = 0xFFFF; 1465 + rc = pkey_cca_verifykey(kvk.seckey.seckey, sizeof(kvk.seckey.seckey), 1466 + &kvk.cardnr, &kvk.domain, 1467 + &keytype, &keybitsize, &flags); 1468 + pr_debug("pkey_cca_verifykey()=%d\n", rc); 1469 + if (!rc && keytype != PKEY_TYPE_CCA_DATA) 1470 + rc = -EINVAL; 1471 + kvk.attributes = PKEY_VERIFY_ATTR_AES; 1472 + kvk.keysize = (u16)keybitsize; 1473 + if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 1474 + kvk.attributes |= PKEY_VERIFY_ATTR_OLD_MKVP; 621 1475 if (!rc && copy_to_user(uvk, &kvk, sizeof(kvk))) 622 1476 rc = -EFAULT; 623 1477 memzero_explicit(&kvk, sizeof(kvk)); ··· 643 1477 if (copy_from_user(&kgp, ugp, sizeof(kgp))) 644 1478 return -EFAULT; 645 1479 kgp.protkey.len = sizeof(kgp.protkey.protkey); 646 - rc = pkey_genprotkey(kgp.keytype, kgp.protkey.protkey, 647 - &kgp.protkey.len, &kgp.protkey.type); 648 - pr_debug("%s pkey_genprotkey()=%d\n", __func__, rc); 1480 + rc = pkey_pckmo_gen_protkey(kgp.keytype, kgp.protkey.protkey, 1481 + &kgp.protkey.len, &kgp.protkey.type); 1482 + pr_debug("pkey_gen_protkey()=%d\n", rc); 649 1483 if (!rc && copy_to_user(ugp, &kgp, sizeof(kgp))) 650 1484 rc = -EFAULT; 651 1485 memzero_explicit(&kgp, sizeof(kgp)); ··· 660 1494 661 1495 if (copy_from_user(&kvp, uvp, sizeof(kvp))) 662 1496 return -EFAULT; 663 - rc = pkey_verifyprotkey(kvp.protkey.protkey, 664 - kvp.protkey.len, kvp.protkey.type); 665 - pr_debug("%s pkey_verifyprotkey()=%d\n", __func__, rc); 1497 + rc = pkey_pckmo_verify_protkey(kvp.protkey.protkey, 1498 + kvp.protkey.len, kvp.protkey.type); 1499 + pr_debug("pkey_verify_protkey()=%d\n", rc); 666 1500 memzero_explicit(&kvp, sizeof(kvp)); 667 1501 668 1502 return rc; ··· 680 1514 if (IS_ERR(kkey)) 681 1515 return PTR_ERR(kkey); 682 1516 ktp.protkey.len = sizeof(ktp.protkey.protkey); 683 - rc = pkey_keyblob2pkey(kkey, ktp.keylen, ktp.protkey.protkey, 684 - &ktp.protkey.len, &ktp.protkey.type); 685 - pr_debug("%s pkey_keyblob2pkey()=%d\n", __func__, rc); 1517 + rc = key2protkey(NULL, 0, kkey, ktp.keylen, 1518 + ktp.protkey.protkey, &ktp.protkey.len, 1519 + &ktp.protkey.type); 1520 + pr_debug("key2protkey()=%d\n", rc); 686 1521 kfree_sensitive(kkey); 687 1522 if (!rc && copy_to_user(utp, &ktp, sizeof(ktp))) 688 1523 rc = -EFAULT; ··· 694 1527 695 1528 static int pkey_ioctl_genseck2(struct pkey_genseck2 __user *ugs) 696 1529 { 697 - size_t klen = KEYBLOBBUFSIZE; 1530 + u32 klen = KEYBLOBBUFSIZE; 698 1531 struct pkey_genseck2 kgs; 699 1532 struct pkey_apqn *apqns; 700 1533 u8 *kkey; ··· 710 1543 kfree(apqns); 711 1544 return -ENOMEM; 712 1545 } 713 - rc = pkey_genseckey2(apqns, kgs.apqn_entries, 714 - kgs.type, kgs.size, kgs.keygenflags, 715 - kkey, &klen); 716 - pr_debug("%s pkey_genseckey2()=%d\n", __func__, rc); 1546 + rc = genseck2(apqns, kgs.apqn_entries, 1547 + kgs.type, kgs.size, kgs.keygenflags, 1548 + kkey, &klen); 1549 + pr_debug("genseckey2()=%d\n", rc); 717 1550 kfree(apqns); 718 1551 if (rc) { 719 1552 kfree_sensitive(kkey); ··· 739 1572 740 1573 static int pkey_ioctl_clr2seck2(struct pkey_clr2seck2 __user *ucs) 741 1574 { 742 - size_t klen = KEYBLOBBUFSIZE; 1575 + u32 klen = KEYBLOBBUFSIZE; 743 1576 struct pkey_clr2seck2 kcs; 744 1577 struct pkey_apqn *apqns; 745 1578 u8 *kkey; ··· 758 1591 memzero_explicit(&kcs, sizeof(kcs)); 759 1592 return -ENOMEM; 760 1593 } 761 - rc = pkey_clr2seckey2(apqns, kcs.apqn_entries, 762 - kcs.type, kcs.size, kcs.keygenflags, 763 - kcs.clrkey.clrkey, kkey, &klen); 764 - pr_debug("%s pkey_clr2seckey2()=%d\n", __func__, rc); 1594 + rc = clr2seckey2(apqns, kcs.apqn_entries, 1595 + kcs.type, kcs.size, kcs.keygenflags, 1596 + kcs.clrkey.clrkey, kkey, &klen); 1597 + pr_debug("clr2seckey2()=%d\n", rc); 765 1598 kfree(apqns); 766 1599 if (rc) { 767 1600 kfree_sensitive(kkey); ··· 800 1633 kkey = _copy_key_from_user(kvk.key, kvk.keylen); 801 1634 if (IS_ERR(kkey)) 802 1635 return PTR_ERR(kkey); 803 - rc = pkey_verifykey2(kkey, kvk.keylen, 804 - &kvk.cardnr, &kvk.domain, 805 - &kvk.type, &kvk.size, &kvk.flags); 806 - pr_debug("%s pkey_verifykey2()=%d\n", __func__, rc); 1636 + if (pkey_is_cca_key(kkey, kvk.keylen)) { 1637 + rc = pkey_cca_verifykey(kkey, kvk.keylen, 1638 + &kvk.cardnr, &kvk.domain, 1639 + &kvk.type, &kvk.size, &kvk.flags); 1640 + pr_debug("pkey_cca_verifykey()=%d\n", rc); 1641 + } else if (pkey_is_ep11_key(kkey, kvk.keylen)) { 1642 + rc = pkey_ep11_verifykey(kkey, kvk.keylen, 1643 + &kvk.cardnr, &kvk.domain, 1644 + &kvk.type, &kvk.size, &kvk.flags); 1645 + pr_debug("pkey_ep11_verifykey()=%d\n", rc); 1646 + } else { 1647 + rc = -EINVAL; 1648 + } 807 1649 kfree_sensitive(kkey); 808 1650 if (rc) 809 1651 return rc; ··· 840 1664 return PTR_ERR(kkey); 841 1665 } 842 1666 ktp.protkey.len = sizeof(ktp.protkey.protkey); 843 - rc = pkey_keyblob2pkey2(apqns, ktp.apqn_entries, 844 - kkey, ktp.keylen, 845 - ktp.protkey.protkey, &ktp.protkey.len, 846 - &ktp.protkey.type); 847 - pr_debug("%s pkey_keyblob2pkey2()=%d\n", __func__, rc); 1667 + rc = key2protkey(apqns, ktp.apqn_entries, kkey, ktp.keylen, 1668 + ktp.protkey.protkey, &ktp.protkey.len, 1669 + &ktp.protkey.type); 1670 + pr_debug("key2protkey()=%d\n", rc); 848 1671 kfree(apqns); 849 1672 kfree_sensitive(kkey); 850 1673 if (!rc && copy_to_user(utp, &ktp, sizeof(ktp))) ··· 876 1701 kfree(apqns); 877 1702 return PTR_ERR(kkey); 878 1703 } 879 - rc = pkey_apqns4key(kkey, kak.keylen, kak.flags, 880 - apqns, &nr_apqns); 881 - pr_debug("%s pkey_apqns4key()=%d\n", __func__, rc); 1704 + rc = apqns4key(kkey, kak.keylen, kak.flags, 1705 + apqns, &nr_apqns); 1706 + pr_debug("apqns4key()=%d\n", rc); 882 1707 kfree_sensitive(kkey); 883 1708 if (rc && rc != -ENOSPC) { 884 1709 kfree(apqns); ··· 922 1747 if (!apqns) 923 1748 return -ENOMEM; 924 1749 } 925 - rc = pkey_apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp, 926 - kat.flags, apqns, &nr_apqns); 927 - pr_debug("%s pkey_apqns4keytype()=%d\n", __func__, rc); 1750 + rc = apqns4keytype(kat.type, kat.cur_mkvp, kat.alt_mkvp, 1751 + kat.flags, apqns, &nr_apqns); 1752 + pr_debug("apqns4keytype()=%d\n", rc); 928 1753 if (rc && rc != -ENOSPC) { 929 1754 kfree(apqns); 930 1755 return rc; ··· 974 1799 kfree_sensitive(kkey); 975 1800 return -ENOMEM; 976 1801 } 977 - rc = pkey_keyblob2pkey3(apqns, ktp.apqn_entries, 978 - kkey, ktp.keylen, 979 - protkey, &protkeylen, &ktp.pkeytype); 980 - pr_debug("%s pkey_keyblob2pkey3()=%d\n", __func__, rc); 1802 + rc = key2protkey(apqns, ktp.apqn_entries, kkey, ktp.keylen, 1803 + protkey, &protkeylen, &ktp.pkeytype); 1804 + pr_debug("key2protkey()=%d\n", rc); 981 1805 kfree(apqns); 982 1806 kfree_sensitive(kkey); 983 1807 if (rc) { ··· 1067 1893 } 1068 1894 1069 1895 /* 1070 - * Sysfs and file io operations 1896 + * File io operations 1071 1897 */ 1072 - 1073 - /* 1074 - * Sysfs attribute read function for all protected key binary attributes. 1075 - * The implementation can not deal with partial reads, because a new random 1076 - * protected key blob is generated with each read. In case of partial reads 1077 - * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1078 - */ 1079 - static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf, 1080 - loff_t off, size_t count) 1081 - { 1082 - struct protaeskeytoken protkeytoken; 1083 - struct pkey_protkey protkey; 1084 - int rc; 1085 - 1086 - if (off != 0 || count < sizeof(protkeytoken)) 1087 - return -EINVAL; 1088 - if (is_xts) 1089 - if (count < 2 * sizeof(protkeytoken)) 1090 - return -EINVAL; 1091 - 1092 - memset(&protkeytoken, 0, sizeof(protkeytoken)); 1093 - protkeytoken.type = TOKTYPE_NON_CCA; 1094 - protkeytoken.version = TOKVER_PROTECTED_KEY; 1095 - protkeytoken.keytype = keytype; 1096 - 1097 - protkey.len = sizeof(protkey.protkey); 1098 - rc = pkey_genprotkey(protkeytoken.keytype, 1099 - protkey.protkey, &protkey.len, &protkey.type); 1100 - if (rc) 1101 - return rc; 1102 - 1103 - protkeytoken.len = protkey.len; 1104 - memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 1105 - 1106 - memcpy(buf, &protkeytoken, sizeof(protkeytoken)); 1107 - 1108 - if (is_xts) { 1109 - /* xts needs a second protected key, reuse protkey struct */ 1110 - protkey.len = sizeof(protkey.protkey); 1111 - rc = pkey_genprotkey(protkeytoken.keytype, 1112 - protkey.protkey, &protkey.len, &protkey.type); 1113 - if (rc) 1114 - return rc; 1115 - 1116 - protkeytoken.len = protkey.len; 1117 - memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 1118 - 1119 - memcpy(buf + sizeof(protkeytoken), &protkeytoken, 1120 - sizeof(protkeytoken)); 1121 - 1122 - return 2 * sizeof(protkeytoken); 1123 - } 1124 - 1125 - return sizeof(protkeytoken); 1126 - } 1127 - 1128 - static ssize_t protkey_aes_128_read(struct file *filp, 1129 - struct kobject *kobj, 1130 - struct bin_attribute *attr, 1131 - char *buf, loff_t off, 1132 - size_t count) 1133 - { 1134 - return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 1135 - off, count); 1136 - } 1137 - 1138 - static ssize_t protkey_aes_192_read(struct file *filp, 1139 - struct kobject *kobj, 1140 - struct bin_attribute *attr, 1141 - char *buf, loff_t off, 1142 - size_t count) 1143 - { 1144 - return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 1145 - off, count); 1146 - } 1147 - 1148 - static ssize_t protkey_aes_256_read(struct file *filp, 1149 - struct kobject *kobj, 1150 - struct bin_attribute *attr, 1151 - char *buf, loff_t off, 1152 - size_t count) 1153 - { 1154 - return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 1155 - off, count); 1156 - } 1157 - 1158 - static ssize_t protkey_aes_128_xts_read(struct file *filp, 1159 - struct kobject *kobj, 1160 - struct bin_attribute *attr, 1161 - char *buf, loff_t off, 1162 - size_t count) 1163 - { 1164 - return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 1165 - off, count); 1166 - } 1167 - 1168 - static ssize_t protkey_aes_256_xts_read(struct file *filp, 1169 - struct kobject *kobj, 1170 - struct bin_attribute *attr, 1171 - char *buf, loff_t off, 1172 - size_t count) 1173 - { 1174 - return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 1175 - off, count); 1176 - } 1177 - 1178 - static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken)); 1179 - static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken)); 1180 - static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken)); 1181 - static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken)); 1182 - static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken)); 1183 - 1184 - static struct bin_attribute *protkey_attrs[] = { 1185 - &bin_attr_protkey_aes_128, 1186 - &bin_attr_protkey_aes_192, 1187 - &bin_attr_protkey_aes_256, 1188 - &bin_attr_protkey_aes_128_xts, 1189 - &bin_attr_protkey_aes_256_xts, 1190 - NULL 1191 - }; 1192 - 1193 - static struct attribute_group protkey_attr_group = { 1194 - .name = "protkey", 1195 - .bin_attrs = protkey_attrs, 1196 - }; 1197 - 1198 - /* 1199 - * Sysfs attribute read function for all secure key ccadata binary attributes. 1200 - * The implementation can not deal with partial reads, because a new random 1201 - * protected key blob is generated with each read. In case of partial reads 1202 - * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1203 - */ 1204 - static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf, 1205 - loff_t off, size_t count) 1206 - { 1207 - struct pkey_seckey *seckey = (struct pkey_seckey *)buf; 1208 - int rc; 1209 - 1210 - if (off != 0 || count < sizeof(struct secaeskeytoken)) 1211 - return -EINVAL; 1212 - if (is_xts) 1213 - if (count < 2 * sizeof(struct secaeskeytoken)) 1214 - return -EINVAL; 1215 - 1216 - rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 1217 - if (rc) 1218 - return rc; 1219 - 1220 - if (is_xts) { 1221 - seckey++; 1222 - rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 1223 - if (rc) 1224 - return rc; 1225 - 1226 - return 2 * sizeof(struct secaeskeytoken); 1227 - } 1228 - 1229 - return sizeof(struct secaeskeytoken); 1230 - } 1231 - 1232 - static ssize_t ccadata_aes_128_read(struct file *filp, 1233 - struct kobject *kobj, 1234 - struct bin_attribute *attr, 1235 - char *buf, loff_t off, 1236 - size_t count) 1237 - { 1238 - return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 1239 - off, count); 1240 - } 1241 - 1242 - static ssize_t ccadata_aes_192_read(struct file *filp, 1243 - struct kobject *kobj, 1244 - struct bin_attribute *attr, 1245 - char *buf, loff_t off, 1246 - size_t count) 1247 - { 1248 - return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 1249 - off, count); 1250 - } 1251 - 1252 - static ssize_t ccadata_aes_256_read(struct file *filp, 1253 - struct kobject *kobj, 1254 - struct bin_attribute *attr, 1255 - char *buf, loff_t off, 1256 - size_t count) 1257 - { 1258 - return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 1259 - off, count); 1260 - } 1261 - 1262 - static ssize_t ccadata_aes_128_xts_read(struct file *filp, 1263 - struct kobject *kobj, 1264 - struct bin_attribute *attr, 1265 - char *buf, loff_t off, 1266 - size_t count) 1267 - { 1268 - return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 1269 - off, count); 1270 - } 1271 - 1272 - static ssize_t ccadata_aes_256_xts_read(struct file *filp, 1273 - struct kobject *kobj, 1274 - struct bin_attribute *attr, 1275 - char *buf, loff_t off, 1276 - size_t count) 1277 - { 1278 - return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 1279 - off, count); 1280 - } 1281 - 1282 - static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken)); 1283 - static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken)); 1284 - static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken)); 1285 - static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken)); 1286 - static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken)); 1287 - 1288 - static struct bin_attribute *ccadata_attrs[] = { 1289 - &bin_attr_ccadata_aes_128, 1290 - &bin_attr_ccadata_aes_192, 1291 - &bin_attr_ccadata_aes_256, 1292 - &bin_attr_ccadata_aes_128_xts, 1293 - &bin_attr_ccadata_aes_256_xts, 1294 - NULL 1295 - }; 1296 - 1297 - static struct attribute_group ccadata_attr_group = { 1298 - .name = "ccadata", 1299 - .bin_attrs = ccadata_attrs, 1300 - }; 1301 - 1302 - #define CCACIPHERTOKENSIZE (sizeof(struct cipherkeytoken) + 80) 1303 - 1304 - /* 1305 - * Sysfs attribute read function for all secure key ccacipher binary attributes. 1306 - * The implementation can not deal with partial reads, because a new random 1307 - * secure key blob is generated with each read. In case of partial reads 1308 - * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1309 - */ 1310 - static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits, 1311 - bool is_xts, char *buf, loff_t off, 1312 - size_t count) 1313 - { 1314 - size_t keysize = CCACIPHERTOKENSIZE; 1315 - u32 nr_apqns, *apqns = NULL; 1316 - int i, rc, card, dom; 1317 - 1318 - if (off != 0 || count < CCACIPHERTOKENSIZE) 1319 - return -EINVAL; 1320 - if (is_xts) 1321 - if (count < 2 * CCACIPHERTOKENSIZE) 1322 - return -EINVAL; 1323 - 1324 - /* build a list of apqns able to generate an cipher key */ 1325 - rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 1326 - ZCRYPT_CEX6, 0, 0, 0, 0); 1327 - if (rc) 1328 - return rc; 1329 - 1330 - memset(buf, 0, is_xts ? 2 * keysize : keysize); 1331 - 1332 - /* simple try all apqns from the list */ 1333 - for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 1334 - card = apqns[i] >> 16; 1335 - dom = apqns[i] & 0xFFFF; 1336 - rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 1337 - if (rc == 0) 1338 - break; 1339 - } 1340 - if (rc) 1341 - return rc; 1342 - 1343 - if (is_xts) { 1344 - keysize = CCACIPHERTOKENSIZE; 1345 - buf += CCACIPHERTOKENSIZE; 1346 - rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 1347 - if (rc == 0) 1348 - return 2 * CCACIPHERTOKENSIZE; 1349 - } 1350 - 1351 - return CCACIPHERTOKENSIZE; 1352 - } 1353 - 1354 - static ssize_t ccacipher_aes_128_read(struct file *filp, 1355 - struct kobject *kobj, 1356 - struct bin_attribute *attr, 1357 - char *buf, loff_t off, 1358 - size_t count) 1359 - { 1360 - return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 1361 - off, count); 1362 - } 1363 - 1364 - static ssize_t ccacipher_aes_192_read(struct file *filp, 1365 - struct kobject *kobj, 1366 - struct bin_attribute *attr, 1367 - char *buf, loff_t off, 1368 - size_t count) 1369 - { 1370 - return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 1371 - off, count); 1372 - } 1373 - 1374 - static ssize_t ccacipher_aes_256_read(struct file *filp, 1375 - struct kobject *kobj, 1376 - struct bin_attribute *attr, 1377 - char *buf, loff_t off, 1378 - size_t count) 1379 - { 1380 - return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 1381 - off, count); 1382 - } 1383 - 1384 - static ssize_t ccacipher_aes_128_xts_read(struct file *filp, 1385 - struct kobject *kobj, 1386 - struct bin_attribute *attr, 1387 - char *buf, loff_t off, 1388 - size_t count) 1389 - { 1390 - return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 1391 - off, count); 1392 - } 1393 - 1394 - static ssize_t ccacipher_aes_256_xts_read(struct file *filp, 1395 - struct kobject *kobj, 1396 - struct bin_attribute *attr, 1397 - char *buf, loff_t off, 1398 - size_t count) 1399 - { 1400 - return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 1401 - off, count); 1402 - } 1403 - 1404 - static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE); 1405 - static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE); 1406 - static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE); 1407 - static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE); 1408 - static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE); 1409 - 1410 - static struct bin_attribute *ccacipher_attrs[] = { 1411 - &bin_attr_ccacipher_aes_128, 1412 - &bin_attr_ccacipher_aes_192, 1413 - &bin_attr_ccacipher_aes_256, 1414 - &bin_attr_ccacipher_aes_128_xts, 1415 - &bin_attr_ccacipher_aes_256_xts, 1416 - NULL 1417 - }; 1418 - 1419 - static struct attribute_group ccacipher_attr_group = { 1420 - .name = "ccacipher", 1421 - .bin_attrs = ccacipher_attrs, 1422 - }; 1423 - 1424 - /* 1425 - * Sysfs attribute read function for all ep11 aes key binary attributes. 1426 - * The implementation can not deal with partial reads, because a new random 1427 - * secure key blob is generated with each read. In case of partial reads 1428 - * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 1429 - * This function and the sysfs attributes using it provide EP11 key blobs 1430 - * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently 1431 - * 336 bytes. 1432 - */ 1433 - static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits, 1434 - bool is_xts, char *buf, loff_t off, 1435 - size_t count) 1436 - { 1437 - size_t keysize = MAXEP11AESKEYBLOBSIZE; 1438 - u32 nr_apqns, *apqns = NULL; 1439 - int i, rc, card, dom; 1440 - 1441 - if (off != 0 || count < MAXEP11AESKEYBLOBSIZE) 1442 - return -EINVAL; 1443 - if (is_xts) 1444 - if (count < 2 * MAXEP11AESKEYBLOBSIZE) 1445 - return -EINVAL; 1446 - 1447 - /* build a list of apqns able to generate an cipher key */ 1448 - rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 1449 - ZCRYPT_CEX7, 1450 - ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4, 1451 - NULL); 1452 - if (rc) 1453 - return rc; 1454 - 1455 - memset(buf, 0, is_xts ? 2 * keysize : keysize); 1456 - 1457 - /* simple try all apqns from the list */ 1458 - for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 1459 - card = apqns[i] >> 16; 1460 - dom = apqns[i] & 0xFFFF; 1461 - rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize, 1462 - PKEY_TYPE_EP11_AES); 1463 - if (rc == 0) 1464 - break; 1465 - } 1466 - if (rc) 1467 - return rc; 1468 - 1469 - if (is_xts) { 1470 - keysize = MAXEP11AESKEYBLOBSIZE; 1471 - buf += MAXEP11AESKEYBLOBSIZE; 1472 - rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize, 1473 - PKEY_TYPE_EP11_AES); 1474 - if (rc == 0) 1475 - return 2 * MAXEP11AESKEYBLOBSIZE; 1476 - } 1477 - 1478 - return MAXEP11AESKEYBLOBSIZE; 1479 - } 1480 - 1481 - static ssize_t ep11_aes_128_read(struct file *filp, 1482 - struct kobject *kobj, 1483 - struct bin_attribute *attr, 1484 - char *buf, loff_t off, 1485 - size_t count) 1486 - { 1487 - return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 1488 - off, count); 1489 - } 1490 - 1491 - static ssize_t ep11_aes_192_read(struct file *filp, 1492 - struct kobject *kobj, 1493 - struct bin_attribute *attr, 1494 - char *buf, loff_t off, 1495 - size_t count) 1496 - { 1497 - return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 1498 - off, count); 1499 - } 1500 - 1501 - static ssize_t ep11_aes_256_read(struct file *filp, 1502 - struct kobject *kobj, 1503 - struct bin_attribute *attr, 1504 - char *buf, loff_t off, 1505 - size_t count) 1506 - { 1507 - return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 1508 - off, count); 1509 - } 1510 - 1511 - static ssize_t ep11_aes_128_xts_read(struct file *filp, 1512 - struct kobject *kobj, 1513 - struct bin_attribute *attr, 1514 - char *buf, loff_t off, 1515 - size_t count) 1516 - { 1517 - return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 1518 - off, count); 1519 - } 1520 - 1521 - static ssize_t ep11_aes_256_xts_read(struct file *filp, 1522 - struct kobject *kobj, 1523 - struct bin_attribute *attr, 1524 - char *buf, loff_t off, 1525 - size_t count) 1526 - { 1527 - return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 1528 - off, count); 1529 - } 1530 - 1531 - static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE); 1532 - static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE); 1533 - static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE); 1534 - static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE); 1535 - static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE); 1536 - 1537 - static struct bin_attribute *ep11_attrs[] = { 1538 - &bin_attr_ep11_aes_128, 1539 - &bin_attr_ep11_aes_192, 1540 - &bin_attr_ep11_aes_256, 1541 - &bin_attr_ep11_aes_128_xts, 1542 - &bin_attr_ep11_aes_256_xts, 1543 - NULL 1544 - }; 1545 - 1546 - static struct attribute_group ep11_attr_group = { 1547 - .name = "ep11", 1548 - .bin_attrs = ep11_attrs, 1549 - }; 1550 - 1551 - static const struct attribute_group *pkey_attr_groups[] = { 1552 - &protkey_attr_group, 1553 - &ccadata_attr_group, 1554 - &ccacipher_attr_group, 1555 - &ep11_attr_group, 1556 - NULL, 1557 - }; 1558 1898 1559 1899 static const struct file_operations pkey_fops = { 1560 1900 .owner = THIS_MODULE,
+162
drivers/s390/crypto/pkey_base.h
··· 1 + /* SPDX-License-Identifier: GPL-2.0+ */ 2 + /* 3 + * Copyright IBM Corp. 2024 4 + * 5 + * Pkey base: debug feature, defines and structs 6 + * common to all pkey code. 7 + */ 8 + 9 + #ifndef _PKEY_BASE_H_ 10 + #define _PKEY_BASE_H_ 11 + 12 + #include <linux/types.h> 13 + #include <asm/debug.h> 14 + #include <asm/pkey.h> 15 + 16 + /* 17 + * pkey debug feature 18 + */ 19 + 20 + extern debug_info_t *pkey_dbf_info; 21 + 22 + #define PKEY_DBF_INFO(...) debug_sprintf_event(pkey_dbf_info, 5, ##__VA_ARGS__) 23 + #define PKEY_DBF_WARN(...) debug_sprintf_event(pkey_dbf_info, 4, ##__VA_ARGS__) 24 + #define PKEY_DBF_ERR(...) debug_sprintf_event(pkey_dbf_info, 3, ##__VA_ARGS__) 25 + 26 + /* 27 + * common defines and common structs 28 + */ 29 + 30 + #define KEYBLOBBUFSIZE 8192 /* key buffer size used for internal processing */ 31 + #define MINKEYBLOBBUFSIZE (sizeof(struct keytoken_header)) 32 + #define PROTKEYBLOBBUFSIZE 256 /* protected key buffer size used internal */ 33 + #define MAXAPQNSINLIST 64 /* max 64 apqns within a apqn list */ 34 + #define AES_WK_VP_SIZE 32 /* Size of WK VP block appended to a prot key */ 35 + 36 + /* inside view of a protected key token (only type 0x00 version 0x01) */ 37 + struct protaeskeytoken { 38 + u8 type; /* 0x00 for PAES specific key tokens */ 39 + u8 res0[3]; 40 + u8 version; /* should be 0x01 for protected AES key token */ 41 + u8 res1[3]; 42 + u32 keytype; /* key type, one of the PKEY_KEYTYPE values */ 43 + u32 len; /* bytes actually stored in protkey[] */ 44 + u8 protkey[MAXPROTKEYSIZE]; /* the protected key blob */ 45 + } __packed; 46 + 47 + /* inside view of a clear key token (type 0x00 version 0x02) */ 48 + struct clearkeytoken { 49 + u8 type; /* 0x00 for PAES specific key tokens */ 50 + u8 res0[3]; 51 + u8 version; /* 0x02 for clear key token */ 52 + u8 res1[3]; 53 + u32 keytype; /* key type, one of the PKEY_KEYTYPE_* values */ 54 + u32 len; /* bytes actually stored in clearkey[] */ 55 + u8 clearkey[]; /* clear key value */ 56 + } __packed; 57 + 58 + /* helper function which translates the PKEY_KEYTYPE_AES_* to their keysize */ 59 + static inline u32 pkey_keytype_aes_to_size(u32 keytype) 60 + { 61 + switch (keytype) { 62 + case PKEY_KEYTYPE_AES_128: 63 + return 16; 64 + case PKEY_KEYTYPE_AES_192: 65 + return 24; 66 + case PKEY_KEYTYPE_AES_256: 67 + return 32; 68 + default: 69 + return 0; 70 + } 71 + } 72 + 73 + /* helper function which translates AES key bit size into PKEY_KEYTYPE_AES_* */ 74 + static inline u32 pkey_aes_bitsize_to_keytype(u32 keybitsize) 75 + { 76 + switch (keybitsize) { 77 + case 128: 78 + return PKEY_KEYTYPE_AES_128; 79 + case 192: 80 + return PKEY_KEYTYPE_AES_192; 81 + case 256: 82 + return PKEY_KEYTYPE_AES_256; 83 + default: 84 + return 0; 85 + } 86 + } 87 + 88 + /* 89 + * pkey_cca.c: 90 + */ 91 + 92 + bool pkey_is_cca_key(const u8 *key, u32 keylen); 93 + bool pkey_is_cca_keytype(enum pkey_key_type); 94 + int pkey_cca_key2protkey(u16 card, u16 dom, 95 + const u8 *key, u32 keylen, 96 + u8 *protkey, u32 *protkeylen, u32 *protkeytype); 97 + int pkey_cca_gen_key(u16 card, u16 dom, 98 + u32 keytype, u32 keysubtype, 99 + u32 keybitsize, u32 flags, 100 + u8 *keybuf, u32 *keybuflen); 101 + int pkey_cca_clr2key(u16 card, u16 dom, 102 + u32 keytype, u32 keysubtype, 103 + u32 keybitsize, u32 flags, 104 + const u8 *clrkey, u32 clrkeylen, 105 + u8 *keybuf, u32 *keybuflen); 106 + int pkey_cca_verifykey(const u8 *key, u32 keylen, 107 + u16 *card, u16 *dom, 108 + u32 *keytype, u32 *keybitsize, u32 *flags); 109 + int pkey_cca_apqns4key(const u8 *key, u32 keylen, u32 flags, 110 + struct pkey_apqn *apqns, size_t *nr_apqns); 111 + int pkey_cca_apqns4type(enum pkey_key_type ktype, 112 + u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags, 113 + struct pkey_apqn *apqns, size_t *nr_apqns); 114 + 115 + /* 116 + * pkey_ep11.c: 117 + */ 118 + 119 + bool pkey_is_ep11_key(const u8 *key, u32 keylen); 120 + bool pkey_is_ep11_keytype(enum pkey_key_type); 121 + int pkey_ep11_key2protkey(u16 card, u16 dom, 122 + const u8 *key, u32 keylen, 123 + u8 *protkey, u32 *protkeylen, u32 *protkeytype); 124 + int pkey_ep11_gen_key(u16 card, u16 dom, 125 + u32 keytype, u32 keysubtype, 126 + u32 keybitsize, u32 flags, 127 + u8 *keybuf, u32 *keybuflen); 128 + int pkey_ep11_clr2key(u16 card, u16 dom, 129 + u32 keytype, u32 keysubtype, 130 + u32 keybitsize, u32 flags, 131 + const u8 *clrkey, u32 clrkeylen, 132 + u8 *keybuf, u32 *keybuflen); 133 + int pkey_ep11_verifykey(const u8 *key, u32 keylen, 134 + u16 *card, u16 *dom, 135 + u32 *keytype, u32 *keybitsize, u32 *flags); 136 + int pkey_ep11_apqns4key(const u8 *key, u32 keylen, u32 flags, 137 + struct pkey_apqn *apqns, size_t *nr_apqns); 138 + int pkey_ep11_apqns4type(enum pkey_key_type ktype, 139 + u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags, 140 + struct pkey_apqn *apqns, size_t *nr_apqns); 141 + 142 + /* 143 + * pkey_pckmo.c: 144 + */ 145 + 146 + bool pkey_is_pckmo_key(const u8 *key, u32 keylen); 147 + int pkey_pckmo_key2protkey(const u8 *key, u32 keylen, 148 + u8 *protkey, u32 *protkeylen, u32 *protkeytype); 149 + int pkey_pckmo_gen_protkey(u32 keytype, 150 + u8 *protkey, u32 *protkeylen, u32 *protkeytype); 151 + int pkey_pckmo_clr2protkey(u32 keytype, const u8 *clrkey, 152 + u8 *protkey, u32 *protkeylen, u32 *protkeytype); 153 + int pkey_pckmo_verify_protkey(const u8 *protkey, u32 protkeylen, 154 + u32 protkeytype); 155 + 156 + /* 157 + * pkey_sysfs.c: 158 + */ 159 + 160 + extern const struct attribute_group *pkey_attr_groups[]; 161 + 162 + #endif /* _PKEY_BASE_H_ */
+453
drivers/s390/crypto/pkey_cca.c
··· 1 + // SPDX-License-Identifier: GPL-2.0 2 + /* 3 + * pkey cca specific code 4 + * 5 + * Copyright IBM Corp. 2024 6 + */ 7 + 8 + #define KMSG_COMPONENT "pkey" 9 + #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 10 + 11 + #include "zcrypt_api.h" 12 + #include "zcrypt_ccamisc.h" 13 + 14 + #include "pkey_base.h" 15 + 16 + /* 17 + * Check key blob for known and supported CCA key. 18 + */ 19 + bool pkey_is_cca_key(const u8 *key, u32 keylen) 20 + { 21 + struct keytoken_header *hdr = (struct keytoken_header *)key; 22 + 23 + if (keylen < sizeof(*hdr)) 24 + return false; 25 + 26 + switch (hdr->type) { 27 + case TOKTYPE_CCA_INTERNAL: 28 + switch (hdr->version) { 29 + case TOKVER_CCA_AES: 30 + case TOKVER_CCA_VLSC: 31 + return true; 32 + default: 33 + return false; 34 + } 35 + case TOKTYPE_CCA_INTERNAL_PKA: 36 + return true; 37 + default: 38 + return false; 39 + } 40 + } 41 + 42 + bool pkey_is_cca_keytype(enum pkey_key_type key_type) 43 + { 44 + switch (key_type) { 45 + case PKEY_TYPE_CCA_DATA: 46 + case PKEY_TYPE_CCA_CIPHER: 47 + case PKEY_TYPE_CCA_ECC: 48 + return true; 49 + default: 50 + return false; 51 + } 52 + } 53 + 54 + int pkey_cca_key2protkey(u16 card, u16 dom, 55 + const u8 *key, u32 keylen, 56 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 57 + { 58 + struct keytoken_header *hdr = (struct keytoken_header *)key; 59 + int rc; 60 + 61 + if (keylen < sizeof(*hdr)) 62 + return -EINVAL; 63 + 64 + zcrypt_wait_api_operational(); 65 + 66 + if (hdr->type == TOKTYPE_CCA_INTERNAL && 67 + hdr->version == TOKVER_CCA_AES) { 68 + /* CCA AES data key */ 69 + if (keylen != sizeof(struct secaeskeytoken)) 70 + return -EINVAL; 71 + if (cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0)) 72 + return -EINVAL; 73 + rc = cca_sec2protkey(card, dom, key, protkey, 74 + protkeylen, protkeytype); 75 + } else if (hdr->type == TOKTYPE_CCA_INTERNAL && 76 + hdr->version == TOKVER_CCA_VLSC) { 77 + /* CCA AES cipher key */ 78 + if (keylen < hdr->len || keylen > MAXCCAVLSCTOKENSIZE) 79 + return -EINVAL; 80 + if (cca_check_secaescipherkey(pkey_dbf_info, 81 + 3, key, 0, 1)) 82 + return -EINVAL; 83 + rc = cca_cipher2protkey(card, dom, key, protkey, 84 + protkeylen, protkeytype); 85 + } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) { 86 + /* CCA ECC (private) key */ 87 + if (keylen < sizeof(struct eccprivkeytoken)) 88 + return -EINVAL; 89 + if (cca_check_sececckeytoken(pkey_dbf_info, 3, key, keylen, 1)) 90 + return -EINVAL; 91 + rc = cca_ecc2protkey(card, dom, key, protkey, 92 + protkeylen, protkeytype); 93 + } else { 94 + PKEY_DBF_ERR("%s unknown/unsupported blob type %d version %d\n", 95 + __func__, hdr->type, hdr->version); 96 + rc = -EINVAL; 97 + } 98 + 99 + pr_debug("card=%d dom=%d rc=%d\n", card, dom, rc); 100 + return rc; 101 + } 102 + 103 + /* 104 + * Generate CCA secure key. 105 + * As of now only CCA AES Data or Cipher secure keys are 106 + * supported. 107 + * keytype is one of the PKEY_KEYTYPE_* constants, 108 + * subtype may be 0 or PKEY_TYPE_CCA_DATA or PKEY_TYPE_CCA_CIPHER, 109 + * keybitsize is the bit size of the key (may be 0 for 110 + * keytype PKEY_KEYTYPE_AES_*). 111 + */ 112 + int pkey_cca_gen_key(u16 card, u16 dom, 113 + u32 keytype, u32 subtype, 114 + u32 keybitsize, u32 flags, 115 + u8 *keybuf, u32 *keybuflen) 116 + { 117 + int len, rc; 118 + 119 + /* check keytype, subtype, keybitsize */ 120 + switch (keytype) { 121 + case PKEY_KEYTYPE_AES_128: 122 + case PKEY_KEYTYPE_AES_192: 123 + case PKEY_KEYTYPE_AES_256: 124 + len = pkey_keytype_aes_to_size(keytype); 125 + if (keybitsize && keybitsize != 8 * len) { 126 + PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n", 127 + __func__, keybitsize); 128 + return -EINVAL; 129 + } 130 + keybitsize = 8 * len; 131 + switch (subtype) { 132 + case 0: 133 + case PKEY_TYPE_CCA_DATA: 134 + case PKEY_TYPE_CCA_CIPHER: 135 + break; 136 + default: 137 + PKEY_DBF_ERR("%s unknown/unsupported subtype %d\n", 138 + __func__, subtype); 139 + return -EINVAL; 140 + } 141 + break; 142 + default: 143 + PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", 144 + __func__, keytype); 145 + return -EINVAL; 146 + } 147 + 148 + zcrypt_wait_api_operational(); 149 + 150 + if (subtype == PKEY_TYPE_CCA_CIPHER) { 151 + rc = cca_gencipherkey(card, dom, keybitsize, flags, 152 + keybuf, keybuflen); 153 + } else { 154 + /* 0 or PKEY_TYPE_CCA_DATA */ 155 + rc = cca_genseckey(card, dom, keybitsize, keybuf); 156 + *keybuflen = (rc ? 0 : SECKEYBLOBSIZE); 157 + } 158 + 159 + pr_debug("card=%d dom=%d rc=%d\n", card, dom, rc); 160 + return rc; 161 + } 162 + 163 + /* 164 + * Generate CCA secure key with given clear key value. 165 + * As of now only CCA AES Data or Cipher secure keys are 166 + * supported. 167 + * keytype is one of the PKEY_KEYTYPE_* constants, 168 + * subtype may be 0 or PKEY_TYPE_CCA_DATA or PKEY_TYPE_CCA_CIPHER, 169 + * keybitsize is the bit size of the key (may be 0 for 170 + * keytype PKEY_KEYTYPE_AES_*). 171 + */ 172 + int pkey_cca_clr2key(u16 card, u16 dom, 173 + u32 keytype, u32 subtype, 174 + u32 keybitsize, u32 flags, 175 + const u8 *clrkey, u32 clrkeylen, 176 + u8 *keybuf, u32 *keybuflen) 177 + { 178 + int len, rc; 179 + 180 + /* check keytype, subtype, clrkeylen, keybitsize */ 181 + switch (keytype) { 182 + case PKEY_KEYTYPE_AES_128: 183 + case PKEY_KEYTYPE_AES_192: 184 + case PKEY_KEYTYPE_AES_256: 185 + len = pkey_keytype_aes_to_size(keytype); 186 + if (keybitsize && keybitsize != 8 * len) { 187 + PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n", 188 + __func__, keybitsize); 189 + return -EINVAL; 190 + } 191 + keybitsize = 8 * len; 192 + if (clrkeylen != len) { 193 + PKEY_DBF_ERR("%s invalid clear key len %d != %d\n", 194 + __func__, clrkeylen, len); 195 + return -EINVAL; 196 + } 197 + switch (subtype) { 198 + case 0: 199 + case PKEY_TYPE_CCA_DATA: 200 + case PKEY_TYPE_CCA_CIPHER: 201 + break; 202 + default: 203 + PKEY_DBF_ERR("%s unknown/unsupported subtype %d\n", 204 + __func__, subtype); 205 + return -EINVAL; 206 + } 207 + break; 208 + default: 209 + PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", 210 + __func__, keytype); 211 + return -EINVAL; 212 + } 213 + 214 + zcrypt_wait_api_operational(); 215 + 216 + if (subtype == PKEY_TYPE_CCA_CIPHER) { 217 + rc = cca_clr2cipherkey(card, dom, keybitsize, 218 + flags, clrkey, keybuf, keybuflen); 219 + } else { 220 + /* 0 or PKEY_TYPE_CCA_DATA */ 221 + rc = cca_clr2seckey(card, dom, keybitsize, 222 + clrkey, keybuf); 223 + *keybuflen = (rc ? 0 : SECKEYBLOBSIZE); 224 + } 225 + 226 + pr_debug("card=%d dom=%d rc=%d\n", card, dom, rc); 227 + return rc; 228 + } 229 + 230 + int pkey_cca_verifykey(const u8 *key, u32 keylen, 231 + u16 *card, u16 *dom, 232 + u32 *keytype, u32 *keybitsize, u32 *flags) 233 + { 234 + struct keytoken_header *hdr = (struct keytoken_header *)key; 235 + u32 nr_apqns, *apqns = NULL; 236 + int rc; 237 + 238 + if (keylen < sizeof(*hdr)) 239 + return -EINVAL; 240 + 241 + zcrypt_wait_api_operational(); 242 + 243 + if (hdr->type == TOKTYPE_CCA_INTERNAL && 244 + hdr->version == TOKVER_CCA_AES) { 245 + struct secaeskeytoken *t = (struct secaeskeytoken *)key; 246 + 247 + rc = cca_check_secaeskeytoken(pkey_dbf_info, 3, key, 0); 248 + if (rc) 249 + goto out; 250 + *keytype = PKEY_TYPE_CCA_DATA; 251 + *keybitsize = t->bitsize; 252 + rc = cca_findcard2(&apqns, &nr_apqns, *card, *dom, 253 + ZCRYPT_CEX3C, AES_MK_SET, 254 + t->mkvp, 0, 1); 255 + if (!rc) 256 + *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 257 + if (rc == -ENODEV) { 258 + rc = cca_findcard2(&apqns, &nr_apqns, *card, *dom, 259 + ZCRYPT_CEX3C, AES_MK_SET, 260 + 0, t->mkvp, 1); 261 + if (!rc) 262 + *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 263 + } 264 + if (rc) 265 + goto out; 266 + 267 + *card = ((struct pkey_apqn *)apqns)->card; 268 + *dom = ((struct pkey_apqn *)apqns)->domain; 269 + 270 + } else if (hdr->type == TOKTYPE_CCA_INTERNAL && 271 + hdr->version == TOKVER_CCA_VLSC) { 272 + struct cipherkeytoken *t = (struct cipherkeytoken *)key; 273 + 274 + rc = cca_check_secaescipherkey(pkey_dbf_info, 3, key, 0, 1); 275 + if (rc) 276 + goto out; 277 + *keytype = PKEY_TYPE_CCA_CIPHER; 278 + *keybitsize = PKEY_SIZE_UNKNOWN; 279 + if (!t->plfver && t->wpllen == 512) 280 + *keybitsize = PKEY_SIZE_AES_128; 281 + else if (!t->plfver && t->wpllen == 576) 282 + *keybitsize = PKEY_SIZE_AES_192; 283 + else if (!t->plfver && t->wpllen == 640) 284 + *keybitsize = PKEY_SIZE_AES_256; 285 + rc = cca_findcard2(&apqns, &nr_apqns, *card, *dom, 286 + ZCRYPT_CEX6, AES_MK_SET, 287 + t->mkvp0, 0, 1); 288 + if (!rc) 289 + *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 290 + if (rc == -ENODEV) { 291 + rc = cca_findcard2(&apqns, &nr_apqns, *card, *dom, 292 + ZCRYPT_CEX6, AES_MK_SET, 293 + 0, t->mkvp0, 1); 294 + if (!rc) 295 + *flags = PKEY_FLAGS_MATCH_ALT_MKVP; 296 + } 297 + if (rc) 298 + goto out; 299 + 300 + *card = ((struct pkey_apqn *)apqns)->card; 301 + *dom = ((struct pkey_apqn *)apqns)->domain; 302 + 303 + } else { 304 + /* unknown/unsupported key blob */ 305 + rc = -EINVAL; 306 + } 307 + 308 + out: 309 + kfree(apqns); 310 + pr_debug("rc=%d\n", rc); 311 + return rc; 312 + } 313 + 314 + int pkey_cca_apqns4key(const u8 *key, u32 keylen, u32 flags, 315 + struct pkey_apqn *apqns, size_t *nr_apqns) 316 + { 317 + struct keytoken_header *hdr = (struct keytoken_header *)key; 318 + u32 _nr_apqns, *_apqns = NULL; 319 + int rc; 320 + 321 + if (!flags) 322 + flags = PKEY_FLAGS_MATCH_CUR_MKVP | PKEY_FLAGS_MATCH_ALT_MKVP; 323 + 324 + if (keylen < sizeof(struct keytoken_header)) 325 + return -EINVAL; 326 + 327 + zcrypt_wait_api_operational(); 328 + 329 + if (hdr->type == TOKTYPE_CCA_INTERNAL) { 330 + u64 cur_mkvp = 0, old_mkvp = 0; 331 + int minhwtype = ZCRYPT_CEX3C; 332 + 333 + if (hdr->version == TOKVER_CCA_AES) { 334 + struct secaeskeytoken *t = (struct secaeskeytoken *)key; 335 + 336 + if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 337 + cur_mkvp = t->mkvp; 338 + if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 339 + old_mkvp = t->mkvp; 340 + } else if (hdr->version == TOKVER_CCA_VLSC) { 341 + struct cipherkeytoken *t = (struct cipherkeytoken *)key; 342 + 343 + minhwtype = ZCRYPT_CEX6; 344 + if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 345 + cur_mkvp = t->mkvp0; 346 + if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 347 + old_mkvp = t->mkvp0; 348 + } else { 349 + /* unknown CCA internal token type */ 350 + return -EINVAL; 351 + } 352 + rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 353 + minhwtype, AES_MK_SET, 354 + cur_mkvp, old_mkvp, 1); 355 + if (rc) 356 + goto out; 357 + 358 + } else if (hdr->type == TOKTYPE_CCA_INTERNAL_PKA) { 359 + struct eccprivkeytoken *t = (struct eccprivkeytoken *)key; 360 + u64 cur_mkvp = 0, old_mkvp = 0; 361 + 362 + if (t->secid == 0x20) { 363 + if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 364 + cur_mkvp = t->mkvp; 365 + if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 366 + old_mkvp = t->mkvp; 367 + } else { 368 + /* unknown CCA internal 2 token type */ 369 + return -EINVAL; 370 + } 371 + rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 372 + ZCRYPT_CEX7, APKA_MK_SET, 373 + cur_mkvp, old_mkvp, 1); 374 + if (rc) 375 + goto out; 376 + 377 + } else { 378 + PKEY_DBF_ERR("%s unknown/unsupported blob type %d version %d\n", 379 + __func__, hdr->type, hdr->version); 380 + return -EINVAL; 381 + } 382 + 383 + if (apqns) { 384 + if (*nr_apqns < _nr_apqns) 385 + rc = -ENOSPC; 386 + else 387 + memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 388 + } 389 + *nr_apqns = _nr_apqns; 390 + 391 + out: 392 + kfree(_apqns); 393 + pr_debug("rc=%d\n", rc); 394 + return rc; 395 + } 396 + 397 + int pkey_cca_apqns4type(enum pkey_key_type ktype, 398 + u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags, 399 + struct pkey_apqn *apqns, size_t *nr_apqns) 400 + { 401 + u32 _nr_apqns, *_apqns = NULL; 402 + int rc; 403 + 404 + zcrypt_wait_api_operational(); 405 + 406 + if (ktype == PKEY_TYPE_CCA_DATA || ktype == PKEY_TYPE_CCA_CIPHER) { 407 + u64 cur_mkvp = 0, old_mkvp = 0; 408 + int minhwtype = ZCRYPT_CEX3C; 409 + 410 + if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 411 + cur_mkvp = *((u64 *)cur_mkvp); 412 + if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 413 + old_mkvp = *((u64 *)alt_mkvp); 414 + if (ktype == PKEY_TYPE_CCA_CIPHER) 415 + minhwtype = ZCRYPT_CEX6; 416 + rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 417 + minhwtype, AES_MK_SET, 418 + cur_mkvp, old_mkvp, 1); 419 + if (rc) 420 + goto out; 421 + 422 + } else if (ktype == PKEY_TYPE_CCA_ECC) { 423 + u64 cur_mkvp = 0, old_mkvp = 0; 424 + 425 + if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 426 + cur_mkvp = *((u64 *)cur_mkvp); 427 + if (flags & PKEY_FLAGS_MATCH_ALT_MKVP) 428 + old_mkvp = *((u64 *)alt_mkvp); 429 + rc = cca_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 430 + ZCRYPT_CEX7, APKA_MK_SET, 431 + cur_mkvp, old_mkvp, 1); 432 + if (rc) 433 + goto out; 434 + 435 + } else { 436 + PKEY_DBF_ERR("%s unknown/unsupported key type %d", 437 + __func__, (int)ktype); 438 + return -EINVAL; 439 + } 440 + 441 + if (apqns) { 442 + if (*nr_apqns < _nr_apqns) 443 + rc = -ENOSPC; 444 + else 445 + memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 446 + } 447 + *nr_apqns = _nr_apqns; 448 + 449 + out: 450 + kfree(_apqns); 451 + pr_debug("rc=%d\n", rc); 452 + return rc; 453 + }
+406
drivers/s390/crypto/pkey_ep11.c
··· 1 + // SPDX-License-Identifier: GPL-2.0 2 + /* 3 + * pkey ep11 specific code 4 + * 5 + * Copyright IBM Corp. 2024 6 + */ 7 + 8 + #define KMSG_COMPONENT "pkey" 9 + #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 10 + 11 + #include "zcrypt_api.h" 12 + #include "zcrypt_ccamisc.h" 13 + #include "zcrypt_ep11misc.h" 14 + 15 + #include "pkey_base.h" 16 + 17 + /* 18 + * Check key blob for known and supported EP11 key. 19 + */ 20 + bool pkey_is_ep11_key(const u8 *key, u32 keylen) 21 + { 22 + struct keytoken_header *hdr = (struct keytoken_header *)key; 23 + 24 + if (keylen < sizeof(*hdr)) 25 + return false; 26 + 27 + switch (hdr->type) { 28 + case TOKTYPE_NON_CCA: 29 + switch (hdr->version) { 30 + case TOKVER_EP11_AES: 31 + case TOKVER_EP11_AES_WITH_HEADER: 32 + case TOKVER_EP11_ECC_WITH_HEADER: 33 + return true; 34 + default: 35 + return false; 36 + } 37 + default: 38 + return false; 39 + } 40 + } 41 + 42 + bool pkey_is_ep11_keytype(enum pkey_key_type key_type) 43 + { 44 + switch (key_type) { 45 + case PKEY_TYPE_EP11: 46 + case PKEY_TYPE_EP11_AES: 47 + case PKEY_TYPE_EP11_ECC: 48 + return true; 49 + default: 50 + return false; 51 + } 52 + } 53 + 54 + int pkey_ep11_key2protkey(u16 card, u16 dom, 55 + const u8 *key, u32 keylen, 56 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 57 + { 58 + struct keytoken_header *hdr = (struct keytoken_header *)key; 59 + int rc; 60 + 61 + if (keylen < sizeof(*hdr)) 62 + return -EINVAL; 63 + 64 + zcrypt_wait_api_operational(); 65 + 66 + if (hdr->type == TOKTYPE_NON_CCA && 67 + hdr->version == TOKVER_EP11_AES_WITH_HEADER && 68 + is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 69 + /* EP11 AES key blob with header */ 70 + if (ep11_check_aes_key_with_hdr(pkey_dbf_info, 71 + 3, key, keylen, 1)) 72 + return -EINVAL; 73 + rc = ep11_kblob2protkey(card, dom, key, hdr->len, 74 + protkey, protkeylen, 75 + protkeytype); 76 + } else if (hdr->type == TOKTYPE_NON_CCA && 77 + hdr->version == TOKVER_EP11_ECC_WITH_HEADER && 78 + is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 79 + /* EP11 ECC key blob with header */ 80 + if (ep11_check_ecc_key_with_hdr(pkey_dbf_info, 81 + 3, key, keylen, 1)) 82 + return -EINVAL; 83 + rc = ep11_kblob2protkey(card, dom, key, hdr->len, 84 + protkey, protkeylen, 85 + protkeytype); 86 + } else if (hdr->type == TOKTYPE_NON_CCA && 87 + hdr->version == TOKVER_EP11_AES && 88 + is_ep11_keyblob(key)) { 89 + /* EP11 AES key blob with header in session field */ 90 + if (ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1)) 91 + return -EINVAL; 92 + rc = ep11_kblob2protkey(card, dom, key, hdr->len, 93 + protkey, protkeylen, 94 + protkeytype); 95 + } else { 96 + PKEY_DBF_ERR("%s unknown/unsupported blob type %d version %d\n", 97 + __func__, hdr->type, hdr->version); 98 + return -EINVAL; 99 + } 100 + 101 + pr_debug("card=%d dom=%d rc=%d\n", card, dom, rc); 102 + return rc; 103 + } 104 + 105 + /* 106 + * Generate EP11 secure key. 107 + * As of now only EP11 AES secure keys are supported. 108 + * keytype is one of the PKEY_KEYTYPE_* constants, 109 + * subtype may be PKEY_TYPE_EP11 or PKEY_TYPE_EP11_AES 110 + * or 0 (results in subtype PKEY_TYPE_EP11_AES), 111 + * keybitsize is the bit size of the key (may be 0 for 112 + * keytype PKEY_KEYTYPE_AES_*). 113 + */ 114 + int pkey_ep11_gen_key(u16 card, u16 dom, 115 + u32 keytype, u32 subtype, 116 + u32 keybitsize, u32 flags, 117 + u8 *keybuf, u32 *keybuflen) 118 + { 119 + int len, rc; 120 + 121 + /* check keytype, subtype, keybitsize */ 122 + switch (keytype) { 123 + case PKEY_KEYTYPE_AES_128: 124 + case PKEY_KEYTYPE_AES_192: 125 + case PKEY_KEYTYPE_AES_256: 126 + len = pkey_keytype_aes_to_size(keytype); 127 + if (keybitsize && keybitsize != 8 * len) { 128 + PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n", 129 + __func__, keybitsize); 130 + return -EINVAL; 131 + } 132 + keybitsize = 8 * len; 133 + switch (subtype) { 134 + case 0: 135 + subtype = PKEY_TYPE_EP11_AES; 136 + break; 137 + case PKEY_TYPE_EP11: 138 + case PKEY_TYPE_EP11_AES: 139 + break; 140 + default: 141 + PKEY_DBF_ERR("%s unknown/unsupported subtype %d\n", 142 + __func__, subtype); 143 + return -EINVAL; 144 + } 145 + break; 146 + default: 147 + PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", 148 + __func__, keytype); 149 + return -EINVAL; 150 + } 151 + 152 + zcrypt_wait_api_operational(); 153 + 154 + rc = ep11_genaeskey(card, dom, keybitsize, flags, 155 + keybuf, keybuflen, subtype); 156 + 157 + pr_debug("card=%d dom=%d rc=%d\n", card, dom, rc); 158 + return rc; 159 + } 160 + 161 + /* 162 + * Generate EP11 secure key with given clear key value. 163 + * As of now only EP11 AES secure keys are supported. 164 + * keytype is one of the PKEY_KEYTYPE_* constants, 165 + * subtype may be PKEY_TYPE_EP11 or PKEY_TYPE_EP11_AES 166 + * or 0 (assumes PKEY_TYPE_EP11_AES then). 167 + * keybitsize is the bit size of the key (may be 0 for 168 + * keytype PKEY_KEYTYPE_AES_*). 169 + */ 170 + int pkey_ep11_clr2key(u16 card, u16 dom, 171 + u32 keytype, u32 subtype, 172 + u32 keybitsize, u32 flags, 173 + const u8 *clrkey, u32 clrkeylen, 174 + u8 *keybuf, u32 *keybuflen) 175 + { 176 + int len, rc; 177 + 178 + /* check keytype, subtype, clrkeylen, keybitsize */ 179 + switch (keytype) { 180 + case PKEY_KEYTYPE_AES_128: 181 + case PKEY_KEYTYPE_AES_192: 182 + case PKEY_KEYTYPE_AES_256: 183 + len = pkey_keytype_aes_to_size(keytype); 184 + if (keybitsize && keybitsize != 8 * len) { 185 + PKEY_DBF_ERR("%s unknown/unsupported keybitsize %d\n", 186 + __func__, keybitsize); 187 + return -EINVAL; 188 + } 189 + keybitsize = 8 * len; 190 + if (clrkeylen != len) { 191 + PKEY_DBF_ERR("%s invalid clear key len %d != %d\n", 192 + __func__, clrkeylen, len); 193 + return -EINVAL; 194 + } 195 + switch (subtype) { 196 + case 0: 197 + subtype = PKEY_TYPE_EP11_AES; 198 + break; 199 + case PKEY_TYPE_EP11: 200 + case PKEY_TYPE_EP11_AES: 201 + break; 202 + default: 203 + PKEY_DBF_ERR("%s unknown/unsupported subtype %d\n", 204 + __func__, subtype); 205 + return -EINVAL; 206 + } 207 + break; 208 + default: 209 + PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", 210 + __func__, keytype); 211 + return -EINVAL; 212 + } 213 + 214 + zcrypt_wait_api_operational(); 215 + 216 + rc = ep11_clr2keyblob(card, dom, keybitsize, flags, 217 + clrkey, keybuf, keybuflen, subtype); 218 + 219 + pr_debug("card=%d dom=%d rc=%d\n", card, dom, rc); 220 + return rc; 221 + } 222 + 223 + int pkey_ep11_verifykey(const u8 *key, u32 keylen, 224 + u16 *card, u16 *dom, 225 + u32 *keytype, u32 *keybitsize, u32 *flags) 226 + { 227 + struct keytoken_header *hdr = (struct keytoken_header *)key; 228 + u32 nr_apqns, *apqns = NULL; 229 + int rc; 230 + 231 + if (keylen < sizeof(*hdr)) 232 + return -EINVAL; 233 + 234 + zcrypt_wait_api_operational(); 235 + 236 + if (hdr->type == TOKTYPE_NON_CCA && 237 + hdr->version == TOKVER_EP11_AES) { 238 + struct ep11keyblob *kb = (struct ep11keyblob *)key; 239 + int api; 240 + 241 + rc = ep11_check_aes_key(pkey_dbf_info, 3, key, keylen, 1); 242 + if (rc) 243 + goto out; 244 + *keytype = PKEY_TYPE_EP11; 245 + *keybitsize = kb->head.bitlen; 246 + 247 + api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 248 + rc = ep11_findcard2(&apqns, &nr_apqns, *card, *dom, 249 + ZCRYPT_CEX7, api, 250 + ep11_kb_wkvp(key, keylen)); 251 + if (rc) 252 + goto out; 253 + 254 + *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 255 + 256 + *card = ((struct pkey_apqn *)apqns)->card; 257 + *dom = ((struct pkey_apqn *)apqns)->domain; 258 + 259 + } else if (hdr->type == TOKTYPE_NON_CCA && 260 + hdr->version == TOKVER_EP11_AES_WITH_HEADER) { 261 + struct ep11kblob_header *kh = (struct ep11kblob_header *)key; 262 + int api; 263 + 264 + rc = ep11_check_aes_key_with_hdr(pkey_dbf_info, 265 + 3, key, keylen, 1); 266 + if (rc) 267 + goto out; 268 + *keytype = PKEY_TYPE_EP11_AES; 269 + *keybitsize = kh->bitlen; 270 + 271 + api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 272 + rc = ep11_findcard2(&apqns, &nr_apqns, *card, *dom, 273 + ZCRYPT_CEX7, api, 274 + ep11_kb_wkvp(key, keylen)); 275 + if (rc) 276 + goto out; 277 + 278 + *flags = PKEY_FLAGS_MATCH_CUR_MKVP; 279 + 280 + *card = ((struct pkey_apqn *)apqns)->card; 281 + *dom = ((struct pkey_apqn *)apqns)->domain; 282 + 283 + } else { 284 + /* unknown/unsupported key blob */ 285 + rc = -EINVAL; 286 + } 287 + 288 + out: 289 + kfree(apqns); 290 + pr_debug("rc=%d\n", rc); 291 + return rc; 292 + } 293 + 294 + int pkey_ep11_apqns4key(const u8 *key, u32 keylen, u32 flags, 295 + struct pkey_apqn *apqns, size_t *nr_apqns) 296 + { 297 + struct keytoken_header *hdr = (struct keytoken_header *)key; 298 + u32 _nr_apqns, *_apqns = NULL; 299 + int rc; 300 + 301 + if (!flags) 302 + flags = PKEY_FLAGS_MATCH_CUR_MKVP; 303 + 304 + if (keylen < sizeof(struct keytoken_header) || flags == 0) 305 + return -EINVAL; 306 + 307 + zcrypt_wait_api_operational(); 308 + 309 + if (hdr->type == TOKTYPE_NON_CCA && 310 + (hdr->version == TOKVER_EP11_AES_WITH_HEADER || 311 + hdr->version == TOKVER_EP11_ECC_WITH_HEADER) && 312 + is_ep11_keyblob(key + sizeof(struct ep11kblob_header))) { 313 + struct ep11keyblob *kb = (struct ep11keyblob *) 314 + (key + sizeof(struct ep11kblob_header)); 315 + int minhwtype = 0, api = 0; 316 + 317 + if (flags != PKEY_FLAGS_MATCH_CUR_MKVP) 318 + return -EINVAL; 319 + if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) { 320 + minhwtype = ZCRYPT_CEX7; 321 + api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 322 + } 323 + rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 324 + minhwtype, api, kb->wkvp); 325 + if (rc) 326 + goto out; 327 + 328 + } else if (hdr->type == TOKTYPE_NON_CCA && 329 + hdr->version == TOKVER_EP11_AES && 330 + is_ep11_keyblob(key)) { 331 + struct ep11keyblob *kb = (struct ep11keyblob *)key; 332 + int minhwtype = 0, api = 0; 333 + 334 + if (flags != PKEY_FLAGS_MATCH_CUR_MKVP) 335 + return -EINVAL; 336 + if (kb->attr & EP11_BLOB_PKEY_EXTRACTABLE) { 337 + minhwtype = ZCRYPT_CEX7; 338 + api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 339 + } 340 + rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 341 + minhwtype, api, kb->wkvp); 342 + if (rc) 343 + goto out; 344 + 345 + } else { 346 + PKEY_DBF_ERR("%s unknown/unsupported blob type %d version %d\n", 347 + __func__, hdr->type, hdr->version); 348 + return -EINVAL; 349 + } 350 + 351 + if (apqns) { 352 + if (*nr_apqns < _nr_apqns) 353 + rc = -ENOSPC; 354 + else 355 + memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 356 + } 357 + *nr_apqns = _nr_apqns; 358 + 359 + out: 360 + kfree(_apqns); 361 + pr_debug("rc=%d\n", rc); 362 + return rc; 363 + } 364 + 365 + int pkey_ep11_apqns4type(enum pkey_key_type ktype, 366 + u8 cur_mkvp[32], u8 alt_mkvp[32], u32 flags, 367 + struct pkey_apqn *apqns, size_t *nr_apqns) 368 + { 369 + u32 _nr_apqns, *_apqns = NULL; 370 + int rc; 371 + 372 + zcrypt_wait_api_operational(); 373 + 374 + if (ktype == PKEY_TYPE_EP11 || 375 + ktype == PKEY_TYPE_EP11_AES || 376 + ktype == PKEY_TYPE_EP11_ECC) { 377 + u8 *wkvp = NULL; 378 + int api; 379 + 380 + if (flags & PKEY_FLAGS_MATCH_CUR_MKVP) 381 + wkvp = cur_mkvp; 382 + api = ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4; 383 + rc = ep11_findcard2(&_apqns, &_nr_apqns, 0xFFFF, 0xFFFF, 384 + ZCRYPT_CEX7, api, wkvp); 385 + if (rc) 386 + goto out; 387 + 388 + } else { 389 + PKEY_DBF_ERR("%s unknown/unsupported key type %d\n", 390 + __func__, (int)ktype); 391 + return -EINVAL; 392 + } 393 + 394 + if (apqns) { 395 + if (*nr_apqns < _nr_apqns) 396 + rc = -ENOSPC; 397 + else 398 + memcpy(apqns, _apqns, _nr_apqns * sizeof(u32)); 399 + } 400 + *nr_apqns = _nr_apqns; 401 + 402 + out: 403 + kfree(_apqns); 404 + pr_debug("rc=%d\n", rc); 405 + return rc; 406 + }
+346
drivers/s390/crypto/pkey_pckmo.c
··· 1 + // SPDX-License-Identifier: GPL-2.0 2 + /* 3 + * pkey pckmo specific code 4 + * 5 + * Copyright IBM Corp. 2024 6 + */ 7 + 8 + #define KMSG_COMPONENT "pkey" 9 + #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 10 + 11 + #include <asm/cpacf.h> 12 + #include <crypto/aes.h> 13 + #include <linux/random.h> 14 + 15 + #include "zcrypt_api.h" 16 + #include "zcrypt_ccamisc.h" 17 + 18 + #include "pkey_base.h" 19 + 20 + /* 21 + * Check key blob for known and supported here. 22 + */ 23 + bool pkey_is_pckmo_key(const u8 *key, u32 keylen) 24 + { 25 + struct keytoken_header *hdr = (struct keytoken_header *)key; 26 + struct clearkeytoken *t = (struct clearkeytoken *)key; 27 + 28 + if (keylen < sizeof(*hdr)) 29 + return false; 30 + 31 + switch (hdr->type) { 32 + case TOKTYPE_NON_CCA: 33 + switch (hdr->version) { 34 + case TOKVER_CLEAR_KEY: 35 + switch (t->keytype) { 36 + case PKEY_KEYTYPE_AES_128: 37 + case PKEY_KEYTYPE_AES_192: 38 + case PKEY_KEYTYPE_AES_256: 39 + case PKEY_KEYTYPE_ECC_P256: 40 + case PKEY_KEYTYPE_ECC_P384: 41 + case PKEY_KEYTYPE_ECC_P521: 42 + case PKEY_KEYTYPE_ECC_ED25519: 43 + case PKEY_KEYTYPE_ECC_ED448: 44 + return true; 45 + default: 46 + return false; 47 + } 48 + case TOKVER_PROTECTED_KEY: 49 + return true; 50 + default: 51 + return false; 52 + } 53 + default: 54 + return false; 55 + } 56 + } 57 + 58 + int pkey_pckmo_key2protkey(const u8 *key, u32 keylen, 59 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 60 + { 61 + struct keytoken_header *hdr = (struct keytoken_header *)key; 62 + int rc = -EINVAL; 63 + 64 + if (keylen < sizeof(*hdr)) 65 + return -EINVAL; 66 + if (hdr->type != TOKTYPE_NON_CCA) 67 + return -EINVAL; 68 + 69 + switch (hdr->version) { 70 + case TOKVER_PROTECTED_KEY: { 71 + struct protaeskeytoken *t; 72 + 73 + if (keylen != sizeof(struct protaeskeytoken)) 74 + goto out; 75 + t = (struct protaeskeytoken *)key; 76 + rc = pkey_pckmo_verify_protkey(t->protkey, t->len, 77 + t->keytype); 78 + if (rc) 79 + goto out; 80 + memcpy(protkey, t->protkey, t->len); 81 + *protkeylen = t->len; 82 + *protkeytype = t->keytype; 83 + break; 84 + } 85 + case TOKVER_CLEAR_KEY: { 86 + struct clearkeytoken *t = (struct clearkeytoken *)key; 87 + u32 keysize = 0; 88 + 89 + if (keylen < sizeof(struct clearkeytoken) || 90 + keylen != sizeof(*t) + t->len) 91 + goto out; 92 + switch (t->keytype) { 93 + case PKEY_KEYTYPE_AES_128: 94 + case PKEY_KEYTYPE_AES_192: 95 + case PKEY_KEYTYPE_AES_256: 96 + keysize = pkey_keytype_aes_to_size(t->keytype); 97 + break; 98 + case PKEY_KEYTYPE_ECC_P256: 99 + keysize = 32; 100 + break; 101 + case PKEY_KEYTYPE_ECC_P384: 102 + keysize = 48; 103 + break; 104 + case PKEY_KEYTYPE_ECC_P521: 105 + keysize = 80; 106 + break; 107 + case PKEY_KEYTYPE_ECC_ED25519: 108 + keysize = 32; 109 + break; 110 + case PKEY_KEYTYPE_ECC_ED448: 111 + keysize = 64; 112 + break; 113 + default: 114 + break; 115 + } 116 + if (!keysize) { 117 + PKEY_DBF_ERR("%s clear key token: unknown keytype %u\n", 118 + __func__, t->keytype); 119 + goto out; 120 + } 121 + if (t->len != keysize) { 122 + PKEY_DBF_ERR("%s clear key token: invalid key len %u\n", 123 + __func__, t->len); 124 + goto out; 125 + } 126 + rc = pkey_pckmo_clr2protkey(t->keytype, t->clearkey, 127 + protkey, protkeylen, protkeytype); 128 + break; 129 + } 130 + default: 131 + PKEY_DBF_ERR("%s unknown non-CCA token version %d\n", 132 + __func__, hdr->version); 133 + break; 134 + } 135 + 136 + out: 137 + pr_debug("rc=%d\n", rc); 138 + return rc; 139 + } 140 + 141 + /* 142 + * Generate a random protected key. 143 + * Currently only the generation of AES protected keys 144 + * is supported. 145 + */ 146 + int pkey_pckmo_gen_protkey(u32 keytype, u8 *protkey, 147 + u32 *protkeylen, u32 *protkeytype) 148 + { 149 + u8 clrkey[32]; 150 + int keysize; 151 + int rc; 152 + 153 + keysize = pkey_keytype_aes_to_size(keytype); 154 + if (!keysize) { 155 + PKEY_DBF_ERR("%s unknown/unsupported keytype %d\n", __func__, 156 + keytype); 157 + return -EINVAL; 158 + } 159 + 160 + /* generate a dummy random clear key */ 161 + get_random_bytes(clrkey, keysize); 162 + 163 + /* convert it to a dummy protected key */ 164 + rc = pkey_pckmo_clr2protkey(keytype, clrkey, 165 + protkey, protkeylen, protkeytype); 166 + if (rc) 167 + goto out; 168 + 169 + /* replace the key part of the protected key with random bytes */ 170 + get_random_bytes(protkey, keysize); 171 + 172 + out: 173 + pr_debug("rc=%d\n", rc); 174 + return rc; 175 + } 176 + 177 + /* 178 + * Create a protected key from a clear key value via PCKMO instruction. 179 + */ 180 + int pkey_pckmo_clr2protkey(u32 keytype, const u8 *clrkey, 181 + u8 *protkey, u32 *protkeylen, u32 *protkeytype) 182 + { 183 + /* mask of available pckmo subfunctions */ 184 + static cpacf_mask_t pckmo_functions; 185 + 186 + int keysize, rc = -EINVAL; 187 + u8 paramblock[112]; 188 + u32 pkeytype; 189 + long fc; 190 + 191 + switch (keytype) { 192 + case PKEY_KEYTYPE_AES_128: 193 + /* 16 byte key, 32 byte aes wkvp, total 48 bytes */ 194 + keysize = 16; 195 + pkeytype = keytype; 196 + fc = CPACF_PCKMO_ENC_AES_128_KEY; 197 + break; 198 + case PKEY_KEYTYPE_AES_192: 199 + /* 24 byte key, 32 byte aes wkvp, total 56 bytes */ 200 + keysize = 24; 201 + pkeytype = keytype; 202 + fc = CPACF_PCKMO_ENC_AES_192_KEY; 203 + break; 204 + case PKEY_KEYTYPE_AES_256: 205 + /* 32 byte key, 32 byte aes wkvp, total 64 bytes */ 206 + keysize = 32; 207 + pkeytype = keytype; 208 + fc = CPACF_PCKMO_ENC_AES_256_KEY; 209 + break; 210 + case PKEY_KEYTYPE_ECC_P256: 211 + /* 32 byte key, 32 byte aes wkvp, total 64 bytes */ 212 + keysize = 32; 213 + pkeytype = PKEY_KEYTYPE_ECC; 214 + fc = CPACF_PCKMO_ENC_ECC_P256_KEY; 215 + break; 216 + case PKEY_KEYTYPE_ECC_P384: 217 + /* 48 byte key, 32 byte aes wkvp, total 80 bytes */ 218 + keysize = 48; 219 + pkeytype = PKEY_KEYTYPE_ECC; 220 + fc = CPACF_PCKMO_ENC_ECC_P384_KEY; 221 + break; 222 + case PKEY_KEYTYPE_ECC_P521: 223 + /* 80 byte key, 32 byte aes wkvp, total 112 bytes */ 224 + keysize = 80; 225 + pkeytype = PKEY_KEYTYPE_ECC; 226 + fc = CPACF_PCKMO_ENC_ECC_P521_KEY; 227 + break; 228 + case PKEY_KEYTYPE_ECC_ED25519: 229 + /* 32 byte key, 32 byte aes wkvp, total 64 bytes */ 230 + keysize = 32; 231 + pkeytype = PKEY_KEYTYPE_ECC; 232 + fc = CPACF_PCKMO_ENC_ECC_ED25519_KEY; 233 + break; 234 + case PKEY_KEYTYPE_ECC_ED448: 235 + /* 64 byte key, 32 byte aes wkvp, total 96 bytes */ 236 + keysize = 64; 237 + pkeytype = PKEY_KEYTYPE_ECC; 238 + fc = CPACF_PCKMO_ENC_ECC_ED448_KEY; 239 + break; 240 + default: 241 + PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n", 242 + __func__, keytype); 243 + goto out; 244 + } 245 + 246 + if (*protkeylen < keysize + AES_WK_VP_SIZE) { 247 + PKEY_DBF_ERR("%s prot key buffer size too small: %u < %d\n", 248 + __func__, *protkeylen, keysize + AES_WK_VP_SIZE); 249 + goto out; 250 + } 251 + 252 + /* Did we already check for PCKMO ? */ 253 + if (!pckmo_functions.bytes[0]) { 254 + /* no, so check now */ 255 + if (!cpacf_query(CPACF_PCKMO, &pckmo_functions)) { 256 + PKEY_DBF_ERR("%s cpacf_query() failed\n", __func__); 257 + rc = -ENODEV; 258 + goto out; 259 + } 260 + } 261 + /* check for the pckmo subfunction we need now */ 262 + if (!cpacf_test_func(&pckmo_functions, fc)) { 263 + PKEY_DBF_ERR("%s pckmo functions not available\n", __func__); 264 + rc = -ENODEV; 265 + goto out; 266 + } 267 + 268 + /* prepare param block */ 269 + memset(paramblock, 0, sizeof(paramblock)); 270 + memcpy(paramblock, clrkey, keysize); 271 + 272 + /* call the pckmo instruction */ 273 + cpacf_pckmo(fc, paramblock); 274 + 275 + /* copy created protected key to key buffer including the wkvp block */ 276 + *protkeylen = keysize + AES_WK_VP_SIZE; 277 + memcpy(protkey, paramblock, *protkeylen); 278 + *protkeytype = pkeytype; 279 + 280 + rc = 0; 281 + 282 + out: 283 + pr_debug("rc=%d\n", rc); 284 + return rc; 285 + } 286 + 287 + /* 288 + * Verify a protected key blob. 289 + * Currently only AES protected keys are supported. 290 + */ 291 + int pkey_pckmo_verify_protkey(const u8 *protkey, u32 protkeylen, 292 + u32 protkeytype) 293 + { 294 + struct { 295 + u8 iv[AES_BLOCK_SIZE]; 296 + u8 key[MAXPROTKEYSIZE]; 297 + } param; 298 + u8 null_msg[AES_BLOCK_SIZE]; 299 + u8 dest_buf[AES_BLOCK_SIZE]; 300 + unsigned int k, pkeylen; 301 + unsigned long fc; 302 + int rc = -EINVAL; 303 + 304 + switch (protkeytype) { 305 + case PKEY_KEYTYPE_AES_128: 306 + pkeylen = 16 + AES_WK_VP_SIZE; 307 + fc = CPACF_KMC_PAES_128; 308 + break; 309 + case PKEY_KEYTYPE_AES_192: 310 + pkeylen = 24 + AES_WK_VP_SIZE; 311 + fc = CPACF_KMC_PAES_192; 312 + break; 313 + case PKEY_KEYTYPE_AES_256: 314 + pkeylen = 32 + AES_WK_VP_SIZE; 315 + fc = CPACF_KMC_PAES_256; 316 + break; 317 + default: 318 + PKEY_DBF_ERR("%s unknown/unsupported keytype %u\n", __func__, 319 + protkeytype); 320 + goto out; 321 + } 322 + if (protkeylen != pkeylen) { 323 + PKEY_DBF_ERR("%s invalid protected key size %u for keytype %u\n", 324 + __func__, protkeylen, protkeytype); 325 + goto out; 326 + } 327 + 328 + memset(null_msg, 0, sizeof(null_msg)); 329 + 330 + memset(param.iv, 0, sizeof(param.iv)); 331 + memcpy(param.key, protkey, protkeylen); 332 + 333 + k = cpacf_kmc(fc | CPACF_ENCRYPT, &param, null_msg, dest_buf, 334 + sizeof(null_msg)); 335 + if (k != sizeof(null_msg)) { 336 + PKEY_DBF_ERR("%s protected key is not valid\n", __func__); 337 + rc = -EKEYREJECTED; 338 + goto out; 339 + } 340 + 341 + rc = 0; 342 + 343 + out: 344 + pr_debug("rc=%d\n", rc); 345 + return rc; 346 + }
+506
drivers/s390/crypto/pkey_sysfs.c
··· 1 + // SPDX-License-Identifier: GPL-2.0 2 + /* 3 + * pkey module sysfs related functions 4 + * 5 + * Copyright IBM Corp. 2024 6 + */ 7 + 8 + #define KMSG_COMPONENT "pkey" 9 + #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 10 + 11 + #include <asm/pkey.h> 12 + #include <linux/sysfs.h> 13 + 14 + #include "zcrypt_api.h" 15 + #include "zcrypt_ccamisc.h" 16 + #include "zcrypt_ep11misc.h" 17 + 18 + #include "pkey_base.h" 19 + 20 + /* 21 + * Sysfs attribute read function for all protected key binary attributes. 22 + * The implementation can not deal with partial reads, because a new random 23 + * protected key blob is generated with each read. In case of partial reads 24 + * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 25 + */ 26 + static ssize_t pkey_protkey_aes_attr_read(u32 keytype, bool is_xts, char *buf, 27 + loff_t off, size_t count) 28 + { 29 + struct protaeskeytoken protkeytoken; 30 + struct pkey_protkey protkey; 31 + int rc; 32 + 33 + if (off != 0 || count < sizeof(protkeytoken)) 34 + return -EINVAL; 35 + if (is_xts) 36 + if (count < 2 * sizeof(protkeytoken)) 37 + return -EINVAL; 38 + 39 + memset(&protkeytoken, 0, sizeof(protkeytoken)); 40 + protkeytoken.type = TOKTYPE_NON_CCA; 41 + protkeytoken.version = TOKVER_PROTECTED_KEY; 42 + protkeytoken.keytype = keytype; 43 + 44 + protkey.len = sizeof(protkey.protkey); 45 + rc = pkey_pckmo_gen_protkey(protkeytoken.keytype, 46 + protkey.protkey, &protkey.len, 47 + &protkey.type); 48 + if (rc) 49 + return rc; 50 + 51 + protkeytoken.len = protkey.len; 52 + memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 53 + 54 + memcpy(buf, &protkeytoken, sizeof(protkeytoken)); 55 + 56 + if (is_xts) { 57 + /* xts needs a second protected key, reuse protkey struct */ 58 + protkey.len = sizeof(protkey.protkey); 59 + rc = pkey_pckmo_gen_protkey(protkeytoken.keytype, 60 + protkey.protkey, &protkey.len, 61 + &protkey.type); 62 + if (rc) 63 + return rc; 64 + 65 + protkeytoken.len = protkey.len; 66 + memcpy(&protkeytoken.protkey, &protkey.protkey, protkey.len); 67 + 68 + memcpy(buf + sizeof(protkeytoken), &protkeytoken, 69 + sizeof(protkeytoken)); 70 + 71 + return 2 * sizeof(protkeytoken); 72 + } 73 + 74 + return sizeof(protkeytoken); 75 + } 76 + 77 + static ssize_t protkey_aes_128_read(struct file *filp, 78 + struct kobject *kobj, 79 + struct bin_attribute *attr, 80 + char *buf, loff_t off, 81 + size_t count) 82 + { 83 + return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 84 + off, count); 85 + } 86 + 87 + static ssize_t protkey_aes_192_read(struct file *filp, 88 + struct kobject *kobj, 89 + struct bin_attribute *attr, 90 + char *buf, loff_t off, 91 + size_t count) 92 + { 93 + return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 94 + off, count); 95 + } 96 + 97 + static ssize_t protkey_aes_256_read(struct file *filp, 98 + struct kobject *kobj, 99 + struct bin_attribute *attr, 100 + char *buf, loff_t off, 101 + size_t count) 102 + { 103 + return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 104 + off, count); 105 + } 106 + 107 + static ssize_t protkey_aes_128_xts_read(struct file *filp, 108 + struct kobject *kobj, 109 + struct bin_attribute *attr, 110 + char *buf, loff_t off, 111 + size_t count) 112 + { 113 + return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 114 + off, count); 115 + } 116 + 117 + static ssize_t protkey_aes_256_xts_read(struct file *filp, 118 + struct kobject *kobj, 119 + struct bin_attribute *attr, 120 + char *buf, loff_t off, 121 + size_t count) 122 + { 123 + return pkey_protkey_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 124 + off, count); 125 + } 126 + 127 + static BIN_ATTR_RO(protkey_aes_128, sizeof(struct protaeskeytoken)); 128 + static BIN_ATTR_RO(protkey_aes_192, sizeof(struct protaeskeytoken)); 129 + static BIN_ATTR_RO(protkey_aes_256, sizeof(struct protaeskeytoken)); 130 + static BIN_ATTR_RO(protkey_aes_128_xts, 2 * sizeof(struct protaeskeytoken)); 131 + static BIN_ATTR_RO(protkey_aes_256_xts, 2 * sizeof(struct protaeskeytoken)); 132 + 133 + static struct bin_attribute *protkey_attrs[] = { 134 + &bin_attr_protkey_aes_128, 135 + &bin_attr_protkey_aes_192, 136 + &bin_attr_protkey_aes_256, 137 + &bin_attr_protkey_aes_128_xts, 138 + &bin_attr_protkey_aes_256_xts, 139 + NULL 140 + }; 141 + 142 + static struct attribute_group protkey_attr_group = { 143 + .name = "protkey", 144 + .bin_attrs = protkey_attrs, 145 + }; 146 + 147 + /* 148 + * Sysfs attribute read function for all secure key ccadata binary attributes. 149 + * The implementation can not deal with partial reads, because a new random 150 + * protected key blob is generated with each read. In case of partial reads 151 + * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 152 + */ 153 + static ssize_t pkey_ccadata_aes_attr_read(u32 keytype, bool is_xts, char *buf, 154 + loff_t off, size_t count) 155 + { 156 + struct pkey_seckey *seckey = (struct pkey_seckey *)buf; 157 + int rc; 158 + 159 + if (off != 0 || count < sizeof(struct secaeskeytoken)) 160 + return -EINVAL; 161 + if (is_xts) 162 + if (count < 2 * sizeof(struct secaeskeytoken)) 163 + return -EINVAL; 164 + 165 + rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 166 + if (rc) 167 + return rc; 168 + 169 + if (is_xts) { 170 + seckey++; 171 + rc = cca_genseckey(-1, -1, keytype, seckey->seckey); 172 + if (rc) 173 + return rc; 174 + 175 + return 2 * sizeof(struct secaeskeytoken); 176 + } 177 + 178 + return sizeof(struct secaeskeytoken); 179 + } 180 + 181 + static ssize_t ccadata_aes_128_read(struct file *filp, 182 + struct kobject *kobj, 183 + struct bin_attribute *attr, 184 + char *buf, loff_t off, 185 + size_t count) 186 + { 187 + return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, false, buf, 188 + off, count); 189 + } 190 + 191 + static ssize_t ccadata_aes_192_read(struct file *filp, 192 + struct kobject *kobj, 193 + struct bin_attribute *attr, 194 + char *buf, loff_t off, 195 + size_t count) 196 + { 197 + return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_192, false, buf, 198 + off, count); 199 + } 200 + 201 + static ssize_t ccadata_aes_256_read(struct file *filp, 202 + struct kobject *kobj, 203 + struct bin_attribute *attr, 204 + char *buf, loff_t off, 205 + size_t count) 206 + { 207 + return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, false, buf, 208 + off, count); 209 + } 210 + 211 + static ssize_t ccadata_aes_128_xts_read(struct file *filp, 212 + struct kobject *kobj, 213 + struct bin_attribute *attr, 214 + char *buf, loff_t off, 215 + size_t count) 216 + { 217 + return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_128, true, buf, 218 + off, count); 219 + } 220 + 221 + static ssize_t ccadata_aes_256_xts_read(struct file *filp, 222 + struct kobject *kobj, 223 + struct bin_attribute *attr, 224 + char *buf, loff_t off, 225 + size_t count) 226 + { 227 + return pkey_ccadata_aes_attr_read(PKEY_KEYTYPE_AES_256, true, buf, 228 + off, count); 229 + } 230 + 231 + static BIN_ATTR_RO(ccadata_aes_128, sizeof(struct secaeskeytoken)); 232 + static BIN_ATTR_RO(ccadata_aes_192, sizeof(struct secaeskeytoken)); 233 + static BIN_ATTR_RO(ccadata_aes_256, sizeof(struct secaeskeytoken)); 234 + static BIN_ATTR_RO(ccadata_aes_128_xts, 2 * sizeof(struct secaeskeytoken)); 235 + static BIN_ATTR_RO(ccadata_aes_256_xts, 2 * sizeof(struct secaeskeytoken)); 236 + 237 + static struct bin_attribute *ccadata_attrs[] = { 238 + &bin_attr_ccadata_aes_128, 239 + &bin_attr_ccadata_aes_192, 240 + &bin_attr_ccadata_aes_256, 241 + &bin_attr_ccadata_aes_128_xts, 242 + &bin_attr_ccadata_aes_256_xts, 243 + NULL 244 + }; 245 + 246 + static struct attribute_group ccadata_attr_group = { 247 + .name = "ccadata", 248 + .bin_attrs = ccadata_attrs, 249 + }; 250 + 251 + #define CCACIPHERTOKENSIZE (sizeof(struct cipherkeytoken) + 80) 252 + 253 + /* 254 + * Sysfs attribute read function for all secure key ccacipher binary attributes. 255 + * The implementation can not deal with partial reads, because a new random 256 + * secure key blob is generated with each read. In case of partial reads 257 + * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 258 + */ 259 + static ssize_t pkey_ccacipher_aes_attr_read(enum pkey_key_size keybits, 260 + bool is_xts, char *buf, loff_t off, 261 + size_t count) 262 + { 263 + u32 keysize = CCACIPHERTOKENSIZE; 264 + u32 nr_apqns, *apqns = NULL; 265 + int i, rc, card, dom; 266 + 267 + if (off != 0 || count < CCACIPHERTOKENSIZE) 268 + return -EINVAL; 269 + if (is_xts) 270 + if (count < 2 * CCACIPHERTOKENSIZE) 271 + return -EINVAL; 272 + 273 + /* build a list of apqns able to generate an cipher key */ 274 + rc = cca_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 275 + ZCRYPT_CEX6, 0, 0, 0, 0); 276 + if (rc) 277 + return rc; 278 + 279 + memset(buf, 0, is_xts ? 2 * keysize : keysize); 280 + 281 + /* simple try all apqns from the list */ 282 + for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 283 + card = apqns[i] >> 16; 284 + dom = apqns[i] & 0xFFFF; 285 + rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 286 + if (rc == 0) 287 + break; 288 + } 289 + if (rc) 290 + return rc; 291 + 292 + if (is_xts) { 293 + keysize = CCACIPHERTOKENSIZE; 294 + buf += CCACIPHERTOKENSIZE; 295 + rc = cca_gencipherkey(card, dom, keybits, 0, buf, &keysize); 296 + if (rc == 0) 297 + return 2 * CCACIPHERTOKENSIZE; 298 + } 299 + 300 + return CCACIPHERTOKENSIZE; 301 + } 302 + 303 + static ssize_t ccacipher_aes_128_read(struct file *filp, 304 + struct kobject *kobj, 305 + struct bin_attribute *attr, 306 + char *buf, loff_t off, 307 + size_t count) 308 + { 309 + return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 310 + off, count); 311 + } 312 + 313 + static ssize_t ccacipher_aes_192_read(struct file *filp, 314 + struct kobject *kobj, 315 + struct bin_attribute *attr, 316 + char *buf, loff_t off, 317 + size_t count) 318 + { 319 + return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 320 + off, count); 321 + } 322 + 323 + static ssize_t ccacipher_aes_256_read(struct file *filp, 324 + struct kobject *kobj, 325 + struct bin_attribute *attr, 326 + char *buf, loff_t off, 327 + size_t count) 328 + { 329 + return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 330 + off, count); 331 + } 332 + 333 + static ssize_t ccacipher_aes_128_xts_read(struct file *filp, 334 + struct kobject *kobj, 335 + struct bin_attribute *attr, 336 + char *buf, loff_t off, 337 + size_t count) 338 + { 339 + return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 340 + off, count); 341 + } 342 + 343 + static ssize_t ccacipher_aes_256_xts_read(struct file *filp, 344 + struct kobject *kobj, 345 + struct bin_attribute *attr, 346 + char *buf, loff_t off, 347 + size_t count) 348 + { 349 + return pkey_ccacipher_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 350 + off, count); 351 + } 352 + 353 + static BIN_ATTR_RO(ccacipher_aes_128, CCACIPHERTOKENSIZE); 354 + static BIN_ATTR_RO(ccacipher_aes_192, CCACIPHERTOKENSIZE); 355 + static BIN_ATTR_RO(ccacipher_aes_256, CCACIPHERTOKENSIZE); 356 + static BIN_ATTR_RO(ccacipher_aes_128_xts, 2 * CCACIPHERTOKENSIZE); 357 + static BIN_ATTR_RO(ccacipher_aes_256_xts, 2 * CCACIPHERTOKENSIZE); 358 + 359 + static struct bin_attribute *ccacipher_attrs[] = { 360 + &bin_attr_ccacipher_aes_128, 361 + &bin_attr_ccacipher_aes_192, 362 + &bin_attr_ccacipher_aes_256, 363 + &bin_attr_ccacipher_aes_128_xts, 364 + &bin_attr_ccacipher_aes_256_xts, 365 + NULL 366 + }; 367 + 368 + static struct attribute_group ccacipher_attr_group = { 369 + .name = "ccacipher", 370 + .bin_attrs = ccacipher_attrs, 371 + }; 372 + 373 + /* 374 + * Sysfs attribute read function for all ep11 aes key binary attributes. 375 + * The implementation can not deal with partial reads, because a new random 376 + * secure key blob is generated with each read. In case of partial reads 377 + * (i.e. off != 0 or count < key blob size) -EINVAL is returned. 378 + * This function and the sysfs attributes using it provide EP11 key blobs 379 + * padded to the upper limit of MAXEP11AESKEYBLOBSIZE which is currently 380 + * 336 bytes. 381 + */ 382 + static ssize_t pkey_ep11_aes_attr_read(enum pkey_key_size keybits, 383 + bool is_xts, char *buf, loff_t off, 384 + size_t count) 385 + { 386 + u32 keysize = MAXEP11AESKEYBLOBSIZE; 387 + u32 nr_apqns, *apqns = NULL; 388 + int i, rc, card, dom; 389 + 390 + if (off != 0 || count < MAXEP11AESKEYBLOBSIZE) 391 + return -EINVAL; 392 + if (is_xts) 393 + if (count < 2 * MAXEP11AESKEYBLOBSIZE) 394 + return -EINVAL; 395 + 396 + /* build a list of apqns able to generate an cipher key */ 397 + rc = ep11_findcard2(&apqns, &nr_apqns, 0xFFFF, 0xFFFF, 398 + ZCRYPT_CEX7, 399 + ap_is_se_guest() ? EP11_API_V6 : EP11_API_V4, 400 + NULL); 401 + if (rc) 402 + return rc; 403 + 404 + memset(buf, 0, is_xts ? 2 * keysize : keysize); 405 + 406 + /* simple try all apqns from the list */ 407 + for (i = 0, rc = -ENODEV; i < nr_apqns; i++) { 408 + card = apqns[i] >> 16; 409 + dom = apqns[i] & 0xFFFF; 410 + rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize, 411 + PKEY_TYPE_EP11_AES); 412 + if (rc == 0) 413 + break; 414 + } 415 + if (rc) 416 + return rc; 417 + 418 + if (is_xts) { 419 + keysize = MAXEP11AESKEYBLOBSIZE; 420 + buf += MAXEP11AESKEYBLOBSIZE; 421 + rc = ep11_genaeskey(card, dom, keybits, 0, buf, &keysize, 422 + PKEY_TYPE_EP11_AES); 423 + if (rc == 0) 424 + return 2 * MAXEP11AESKEYBLOBSIZE; 425 + } 426 + 427 + return MAXEP11AESKEYBLOBSIZE; 428 + } 429 + 430 + static ssize_t ep11_aes_128_read(struct file *filp, 431 + struct kobject *kobj, 432 + struct bin_attribute *attr, 433 + char *buf, loff_t off, 434 + size_t count) 435 + { 436 + return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, false, buf, 437 + off, count); 438 + } 439 + 440 + static ssize_t ep11_aes_192_read(struct file *filp, 441 + struct kobject *kobj, 442 + struct bin_attribute *attr, 443 + char *buf, loff_t off, 444 + size_t count) 445 + { 446 + return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_192, false, buf, 447 + off, count); 448 + } 449 + 450 + static ssize_t ep11_aes_256_read(struct file *filp, 451 + struct kobject *kobj, 452 + struct bin_attribute *attr, 453 + char *buf, loff_t off, 454 + size_t count) 455 + { 456 + return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, false, buf, 457 + off, count); 458 + } 459 + 460 + static ssize_t ep11_aes_128_xts_read(struct file *filp, 461 + struct kobject *kobj, 462 + struct bin_attribute *attr, 463 + char *buf, loff_t off, 464 + size_t count) 465 + { 466 + return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_128, true, buf, 467 + off, count); 468 + } 469 + 470 + static ssize_t ep11_aes_256_xts_read(struct file *filp, 471 + struct kobject *kobj, 472 + struct bin_attribute *attr, 473 + char *buf, loff_t off, 474 + size_t count) 475 + { 476 + return pkey_ep11_aes_attr_read(PKEY_SIZE_AES_256, true, buf, 477 + off, count); 478 + } 479 + 480 + static BIN_ATTR_RO(ep11_aes_128, MAXEP11AESKEYBLOBSIZE); 481 + static BIN_ATTR_RO(ep11_aes_192, MAXEP11AESKEYBLOBSIZE); 482 + static BIN_ATTR_RO(ep11_aes_256, MAXEP11AESKEYBLOBSIZE); 483 + static BIN_ATTR_RO(ep11_aes_128_xts, 2 * MAXEP11AESKEYBLOBSIZE); 484 + static BIN_ATTR_RO(ep11_aes_256_xts, 2 * MAXEP11AESKEYBLOBSIZE); 485 + 486 + static struct bin_attribute *ep11_attrs[] = { 487 + &bin_attr_ep11_aes_128, 488 + &bin_attr_ep11_aes_192, 489 + &bin_attr_ep11_aes_256, 490 + &bin_attr_ep11_aes_128_xts, 491 + &bin_attr_ep11_aes_256_xts, 492 + NULL 493 + }; 494 + 495 + static struct attribute_group ep11_attr_group = { 496 + .name = "ep11", 497 + .bin_attrs = ep11_attrs, 498 + }; 499 + 500 + const struct attribute_group *pkey_attr_groups[] = { 501 + &protkey_attr_group, 502 + &ccadata_attr_group, 503 + &ccacipher_attr_group, 504 + &ep11_attr_group, 505 + NULL, 506 + };
+4 -4
drivers/s390/crypto/zcrypt_ccamisc.c
··· 172 172 * key token. Returns 0 on success or errno value on failure. 173 173 */ 174 174 int cca_check_sececckeytoken(debug_info_t *dbg, int dbflvl, 175 - const u8 *token, size_t keysize, 175 + const u8 *token, u32 keysize, 176 176 int checkcpacfexport) 177 177 { 178 178 struct eccprivkeytoken *t = (struct eccprivkeytoken *)token; ··· 187 187 } 188 188 if (t->len > keysize) { 189 189 if (dbg) 190 - DBF("%s token check failed, len %d > keysize %zu\n", 190 + DBF("%s token check failed, len %d > keysize %u\n", 191 191 __func__, (int)t->len, keysize); 192 192 return -EINVAL; 193 193 } ··· 737 737 * Generate (random) CCA AES CIPHER secure key. 738 738 */ 739 739 int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, 740 - u8 *keybuf, size_t *keybufsize) 740 + u8 *keybuf, u32 *keybufsize) 741 741 { 742 742 int rc; 743 743 u8 *mem, *ptr; ··· 1085 1085 * Build CCA AES CIPHER secure key with a given clear key value. 1086 1086 */ 1087 1087 int cca_clr2cipherkey(u16 card, u16 dom, u32 keybitsize, u32 keygenflags, 1088 - const u8 *clrkey, u8 *keybuf, size_t *keybufsize) 1088 + const u8 *clrkey, u8 *keybuf, u32 *keybufsize) 1089 1089 { 1090 1090 int rc; 1091 1091 u8 *token;
+3 -3
drivers/s390/crypto/zcrypt_ccamisc.h
··· 153 153 * key token. Returns 0 on success or errno value on failure. 154 154 */ 155 155 int cca_check_sececckeytoken(debug_info_t *dbg, int dbflvl, 156 - const u8 *token, size_t keysize, 156 + const u8 *token, u32 keysize, 157 157 int checkcpacfexport); 158 158 159 159 /* ··· 178 178 * Generate (random) CCA AES CIPHER secure key. 179 179 */ 180 180 int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, 181 - u8 *keybuf, size_t *keybufsize); 181 + u8 *keybuf, u32 *keybufsize); 182 182 183 183 /* 184 184 * Derive proteced key from CCA AES cipher secure key. ··· 190 190 * Build CCA AES CIPHER secure key with a given clear key value. 191 191 */ 192 192 int cca_clr2cipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, 193 - const u8 *clrkey, u8 *keybuf, size_t *keybufsize); 193 + const u8 *clrkey, u8 *keybuf, u32 *keybufsize); 194 194 195 195 /* 196 196 * Derive proteced key from CCA ECC secure private key.
+14 -14
drivers/s390/crypto/zcrypt_ep11misc.c
··· 203 203 * For valid ep11 keyblobs, returns a reference to the wrappingkey verification 204 204 * pattern. Otherwise NULL. 205 205 */ 206 - const u8 *ep11_kb_wkvp(const u8 *keyblob, size_t keybloblen) 206 + const u8 *ep11_kb_wkvp(const u8 *keyblob, u32 keybloblen) 207 207 { 208 208 struct ep11keyblob *kb; 209 209 ··· 217 217 * Simple check if the key blob is a valid EP11 AES key blob with header. 218 218 */ 219 219 int ep11_check_aes_key_with_hdr(debug_info_t *dbg, int dbflvl, 220 - const u8 *key, size_t keylen, int checkcpacfexp) 220 + const u8 *key, u32 keylen, int checkcpacfexp) 221 221 { 222 222 struct ep11kblob_header *hdr = (struct ep11kblob_header *)key; 223 223 struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr)); ··· 225 225 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__) 226 226 227 227 if (keylen < sizeof(*hdr) + sizeof(*kb)) { 228 - DBF("%s key check failed, keylen %zu < %zu\n", 228 + DBF("%s key check failed, keylen %u < %zu\n", 229 229 __func__, keylen, sizeof(*hdr) + sizeof(*kb)); 230 230 return -EINVAL; 231 231 } ··· 250 250 } 251 251 if (hdr->len > keylen) { 252 252 if (dbg) 253 - DBF("%s key check failed, header len %d keylen %zu mismatch\n", 253 + DBF("%s key check failed, header len %d keylen %u mismatch\n", 254 254 __func__, (int)hdr->len, keylen); 255 255 return -EINVAL; 256 256 } ··· 284 284 * Simple check if the key blob is a valid EP11 ECC key blob with header. 285 285 */ 286 286 int ep11_check_ecc_key_with_hdr(debug_info_t *dbg, int dbflvl, 287 - const u8 *key, size_t keylen, int checkcpacfexp) 287 + const u8 *key, u32 keylen, int checkcpacfexp) 288 288 { 289 289 struct ep11kblob_header *hdr = (struct ep11kblob_header *)key; 290 290 struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr)); ··· 292 292 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__) 293 293 294 294 if (keylen < sizeof(*hdr) + sizeof(*kb)) { 295 - DBF("%s key check failed, keylen %zu < %zu\n", 295 + DBF("%s key check failed, keylen %u < %zu\n", 296 296 __func__, keylen, sizeof(*hdr) + sizeof(*kb)); 297 297 return -EINVAL; 298 298 } ··· 317 317 } 318 318 if (hdr->len > keylen) { 319 319 if (dbg) 320 - DBF("%s key check failed, header len %d keylen %zu mismatch\n", 320 + DBF("%s key check failed, header len %d keylen %u mismatch\n", 321 321 __func__, (int)hdr->len, keylen); 322 322 return -EINVAL; 323 323 } ··· 352 352 * the header in the session field (old style EP11 AES key). 353 353 */ 354 354 int ep11_check_aes_key(debug_info_t *dbg, int dbflvl, 355 - const u8 *key, size_t keylen, int checkcpacfexp) 355 + const u8 *key, u32 keylen, int checkcpacfexp) 356 356 { 357 357 struct ep11keyblob *kb = (struct ep11keyblob *)key; 358 358 359 359 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__) 360 360 361 361 if (keylen < sizeof(*kb)) { 362 - DBF("%s key check failed, keylen %zu < %zu\n", 362 + DBF("%s key check failed, keylen %u < %zu\n", 363 363 __func__, keylen, sizeof(*kb)); 364 364 return -EINVAL; 365 365 } ··· 378 378 } 379 379 if (kb->head.len > keylen) { 380 380 if (dbg) 381 - DBF("%s key check failed, header len %d keylen %zu mismatch\n", 381 + DBF("%s key check failed, header len %d keylen %u mismatch\n", 382 382 __func__, (int)kb->head.len, keylen); 383 383 return -EINVAL; 384 384 } ··· 932 932 } 933 933 934 934 int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, 935 - u8 *keybuf, size_t *keybufsize, u32 keybufver) 935 + u8 *keybuf, u32 *keybufsize, u32 keybufver) 936 936 { 937 937 struct ep11kblob_header *hdr; 938 938 size_t hdr_size, pl_size; ··· 1256 1256 const u8 *enckey, size_t enckeysize, 1257 1257 u32 mech, const u8 *iv, 1258 1258 u32 keybitsize, u32 keygenflags, 1259 - u8 *keybuf, size_t *keybufsize, 1259 + u8 *keybuf, u32 *keybufsize, 1260 1260 u8 keybufver) 1261 1261 { 1262 1262 struct ep11kblob_header *hdr; ··· 1412 1412 } 1413 1413 1414 1414 int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, 1415 - const u8 *clrkey, u8 *keybuf, size_t *keybufsize, 1415 + const u8 *clrkey, u8 *keybuf, u32 *keybufsize, 1416 1416 u32 keytype) 1417 1417 { 1418 1418 int rc; ··· 1471 1471 EXPORT_SYMBOL(ep11_clr2keyblob); 1472 1472 1473 1473 int ep11_kblob2protkey(u16 card, u16 dom, 1474 - const u8 *keyblob, size_t keybloblen, 1474 + const u8 *keyblob, u32 keybloblen, 1475 1475 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 1476 1476 { 1477 1477 struct ep11kblob_header *hdr;
+7 -7
drivers/s390/crypto/zcrypt_ep11misc.h
··· 54 54 * For valid ep11 keyblobs, returns a reference to the wrappingkey verification 55 55 * pattern. Otherwise NULL. 56 56 */ 57 - const u8 *ep11_kb_wkvp(const u8 *kblob, size_t kbloblen); 57 + const u8 *ep11_kb_wkvp(const u8 *kblob, u32 kbloblen); 58 58 59 59 /* 60 60 * Simple check if the key blob is a valid EP11 AES key blob with header. ··· 63 63 * Returns 0 on success or errno value on failure. 64 64 */ 65 65 int ep11_check_aes_key_with_hdr(debug_info_t *dbg, int dbflvl, 66 - const u8 *key, size_t keylen, int checkcpacfexp); 66 + const u8 *key, u32 keylen, int checkcpacfexp); 67 67 68 68 /* 69 69 * Simple check if the key blob is a valid EP11 ECC key blob with header. ··· 72 72 * Returns 0 on success or errno value on failure. 73 73 */ 74 74 int ep11_check_ecc_key_with_hdr(debug_info_t *dbg, int dbflvl, 75 - const u8 *key, size_t keylen, int checkcpacfexp); 75 + const u8 *key, u32 keylen, int checkcpacfexp); 76 76 77 77 /* 78 78 * Simple check if the key blob is a valid EP11 AES key blob with ··· 82 82 * Returns 0 on success or errno value on failure. 83 83 */ 84 84 int ep11_check_aes_key(debug_info_t *dbg, int dbflvl, 85 - const u8 *key, size_t keylen, int checkcpacfexp); 85 + const u8 *key, u32 keylen, int checkcpacfexp); 86 86 87 87 /* EP11 card info struct */ 88 88 struct ep11_card_info { ··· 115 115 * Generate (random) EP11 AES secure key. 116 116 */ 117 117 int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, 118 - u8 *keybuf, size_t *keybufsize, u32 keybufver); 118 + u8 *keybuf, u32 *keybufsize, u32 keybufver); 119 119 120 120 /* 121 121 * Generate EP11 AES secure key with given clear key value. 122 122 */ 123 123 int ep11_clr2keyblob(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, 124 - const u8 *clrkey, u8 *keybuf, size_t *keybufsize, 124 + const u8 *clrkey, u8 *keybuf, u32 *keybufsize, 125 125 u32 keytype); 126 126 127 127 /* ··· 149 149 /* 150 150 * Derive proteced key from EP11 key blob (AES and ECC keys). 151 151 */ 152 - int ep11_kblob2protkey(u16 card, u16 dom, const u8 *key, size_t keylen, 152 + int ep11_kblob2protkey(u16 card, u16 dom, const u8 *key, u32 keylen, 153 153 u8 *protkey, u32 *protkeylen, u32 *protkeytype); 154 154 155 155 void zcrypt_ep11misc_exit(void);