Loading...
1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Copyright IBM Corp. 2019
4 * Author(s): Harald Freudenberger <freude@linux.ibm.com>
5 * Ingo Franzki <ifranzki@linux.ibm.com>
6 *
7 * Collection of CCA misc functions used by zcrypt and pkey
8 */
9
10#define KMSG_COMPONENT "zcrypt"
11#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
12
13#include <linux/init.h>
14#include <linux/module.h>
15#include <linux/slab.h>
16#include <linux/random.h>
17#include <asm/zcrypt.h>
18#include <asm/pkey.h>
19
20#include "ap_bus.h"
21#include "zcrypt_api.h"
22#include "zcrypt_debug.h"
23#include "zcrypt_msgtype6.h"
24#include "zcrypt_ccamisc.h"
25
26#define DEBUG_DBG(...) ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__)
27#define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__)
28#define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__)
29#define DEBUG_ERR(...) ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__)
30
31/* Size of parameter block used for all cca requests/replies */
32#define PARMBSIZE 512
33
34/* Size of vardata block used for some of the cca requests/replies */
35#define VARDATASIZE 4096
36
37struct cca_info_list_entry {
38 struct list_head list;
39 u16 cardnr;
40 u16 domain;
41 struct cca_info info;
42};
43
44/* a list with cca_info_list_entry entries */
45static LIST_HEAD(cca_info_list);
46static DEFINE_SPINLOCK(cca_info_list_lock);
47
48/*
49 * Simple check if the token is a valid CCA secure AES data key
50 * token. If keybitsize is given, the bitsize of the key is
51 * also checked. Returns 0 on success or errno value on failure.
52 */
53int cca_check_secaeskeytoken(debug_info_t *dbg, int dbflvl,
54 const u8 *token, int keybitsize)
55{
56 struct secaeskeytoken *t = (struct secaeskeytoken *)token;
57
58#define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
59
60 if (t->type != TOKTYPE_CCA_INTERNAL) {
61 if (dbg)
62 DBF("%s token check failed, type 0x%02x != 0x%02x\n",
63 __func__, (int)t->type, TOKTYPE_CCA_INTERNAL);
64 return -EINVAL;
65 }
66 if (t->version != TOKVER_CCA_AES) {
67 if (dbg)
68 DBF("%s token check failed, version 0x%02x != 0x%02x\n",
69 __func__, (int)t->version, TOKVER_CCA_AES);
70 return -EINVAL;
71 }
72 if (keybitsize > 0 && t->bitsize != keybitsize) {
73 if (dbg)
74 DBF("%s token check failed, bitsize %d != %d\n",
75 __func__, (int)t->bitsize, keybitsize);
76 return -EINVAL;
77 }
78
79#undef DBF
80
81 return 0;
82}
83EXPORT_SYMBOL(cca_check_secaeskeytoken);
84
85/*
86 * Simple check if the token is a valid CCA secure AES cipher key
87 * token. If keybitsize is given, the bitsize of the key is
88 * also checked. If checkcpacfexport is enabled, the key is also
89 * checked for the export flag to allow CPACF export.
90 * Returns 0 on success or errno value on failure.
91 */
92int cca_check_secaescipherkey(debug_info_t *dbg, int dbflvl,
93 const u8 *token, int keybitsize,
94 int checkcpacfexport)
95{
96 struct cipherkeytoken *t = (struct cipherkeytoken *)token;
97 bool keybitsizeok = true;
98
99#define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
100
101 if (t->type != TOKTYPE_CCA_INTERNAL) {
102 if (dbg)
103 DBF("%s token check failed, type 0x%02x != 0x%02x\n",
104 __func__, (int)t->type, TOKTYPE_CCA_INTERNAL);
105 return -EINVAL;
106 }
107 if (t->version != TOKVER_CCA_VLSC) {
108 if (dbg)
109 DBF("%s token check failed, version 0x%02x != 0x%02x\n",
110 __func__, (int)t->version, TOKVER_CCA_VLSC);
111 return -EINVAL;
112 }
113 if (t->algtype != 0x02) {
114 if (dbg)
115 DBF("%s token check failed, algtype 0x%02x != 0x02\n",
116 __func__, (int)t->algtype);
117 return -EINVAL;
118 }
119 if (t->keytype != 0x0001) {
120 if (dbg)
121 DBF("%s token check failed, keytype 0x%04x != 0x0001\n",
122 __func__, (int)t->keytype);
123 return -EINVAL;
124 }
125 if (t->plfver != 0x00 && t->plfver != 0x01) {
126 if (dbg)
127 DBF("%s token check failed, unknown plfver 0x%02x\n",
128 __func__, (int)t->plfver);
129 return -EINVAL;
130 }
131 if (t->wpllen != 512 && t->wpllen != 576 && t->wpllen != 640) {
132 if (dbg)
133 DBF("%s token check failed, unknown wpllen %d\n",
134 __func__, (int)t->wpllen);
135 return -EINVAL;
136 }
137 if (keybitsize > 0) {
138 switch (keybitsize) {
139 case 128:
140 if (t->wpllen != (t->plfver ? 640 : 512))
141 keybitsizeok = false;
142 break;
143 case 192:
144 if (t->wpllen != (t->plfver ? 640 : 576))
145 keybitsizeok = false;
146 break;
147 case 256:
148 if (t->wpllen != 640)
149 keybitsizeok = false;
150 break;
151 default:
152 keybitsizeok = false;
153 break;
154 }
155 if (!keybitsizeok) {
156 if (dbg)
157 DBF("%s token check failed, bitsize %d\n",
158 __func__, keybitsize);
159 return -EINVAL;
160 }
161 }
162 if (checkcpacfexport && !(t->kmf1 & KMF1_XPRT_CPAC)) {
163 if (dbg)
164 DBF("%s token check failed, XPRT_CPAC bit is 0\n",
165 __func__);
166 return -EINVAL;
167 }
168
169#undef DBF
170
171 return 0;
172}
173EXPORT_SYMBOL(cca_check_secaescipherkey);
174
175/*
176 * Simple check if the token is a valid CCA secure ECC private
177 * key token. Returns 0 on success or errno value on failure.
178 */
179int cca_check_sececckeytoken(debug_info_t *dbg, int dbflvl,
180 const u8 *token, size_t keysize,
181 int checkcpacfexport)
182{
183 struct eccprivkeytoken *t = (struct eccprivkeytoken *)token;
184
185#define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
186
187 if (t->type != TOKTYPE_CCA_INTERNAL_PKA) {
188 if (dbg)
189 DBF("%s token check failed, type 0x%02x != 0x%02x\n",
190 __func__, (int)t->type, TOKTYPE_CCA_INTERNAL_PKA);
191 return -EINVAL;
192 }
193 if (t->len > keysize) {
194 if (dbg)
195 DBF("%s token check failed, len %d > keysize %zu\n",
196 __func__, (int)t->len, keysize);
197 return -EINVAL;
198 }
199 if (t->secid != 0x20) {
200 if (dbg)
201 DBF("%s token check failed, secid 0x%02x != 0x20\n",
202 __func__, (int)t->secid);
203 return -EINVAL;
204 }
205 if (checkcpacfexport && !(t->kutc & 0x01)) {
206 if (dbg)
207 DBF("%s token check failed, XPRTCPAC bit is 0\n",
208 __func__);
209 return -EINVAL;
210 }
211
212#undef DBF
213
214 return 0;
215}
216EXPORT_SYMBOL(cca_check_sececckeytoken);
217
218/*
219 * Allocate consecutive memory for request CPRB, request param
220 * block, reply CPRB and reply param block and fill in values
221 * for the common fields. Returns 0 on success or errno value
222 * on failure.
223 */
224static int alloc_and_prep_cprbmem(size_t paramblen,
225 u8 **p_cprb_mem,
226 struct CPRBX **p_req_cprb,
227 struct CPRBX **p_rep_cprb)
228{
229 u8 *cprbmem;
230 size_t cprbplusparamblen = sizeof(struct CPRBX) + paramblen;
231 struct CPRBX *preqcblk, *prepcblk;
232
233 /*
234 * allocate consecutive memory for request CPRB, request param
235 * block, reply CPRB and reply param block
236 */
237 cprbmem = kcalloc(2, cprbplusparamblen, GFP_KERNEL);
238 if (!cprbmem)
239 return -ENOMEM;
240
241 preqcblk = (struct CPRBX *)cprbmem;
242 prepcblk = (struct CPRBX *)(cprbmem + cprbplusparamblen);
243
244 /* fill request cprb struct */
245 preqcblk->cprb_len = sizeof(struct CPRBX);
246 preqcblk->cprb_ver_id = 0x02;
247 memcpy(preqcblk->func_id, "T2", 2);
248 preqcblk->rpl_msgbl = cprbplusparamblen;
249 if (paramblen) {
250 preqcblk->req_parmb =
251 ((u8 __user *)preqcblk) + sizeof(struct CPRBX);
252 preqcblk->rpl_parmb =
253 ((u8 __user *)prepcblk) + sizeof(struct CPRBX);
254 }
255
256 *p_cprb_mem = cprbmem;
257 *p_req_cprb = preqcblk;
258 *p_rep_cprb = prepcblk;
259
260 return 0;
261}
262
263/*
264 * Free the cprb memory allocated with the function above.
265 * If the scrub value is not zero, the memory is filled
266 * with zeros before freeing (useful if there was some
267 * clear key material in there).
268 */
269static void free_cprbmem(void *mem, size_t paramblen, int scrub)
270{
271 if (scrub)
272 memzero_explicit(mem, 2 * (sizeof(struct CPRBX) + paramblen));
273 kfree(mem);
274}
275
276/*
277 * Helper function to prepare the xcrb struct
278 */
279static inline void prep_xcrb(struct ica_xcRB *pxcrb,
280 u16 cardnr,
281 struct CPRBX *preqcblk,
282 struct CPRBX *prepcblk)
283{
284 memset(pxcrb, 0, sizeof(*pxcrb));
285 pxcrb->agent_ID = 0x4341; /* 'CA' */
286 pxcrb->user_defined = (cardnr == 0xFFFF ? AUTOSELECT : cardnr);
287 pxcrb->request_control_blk_length =
288 preqcblk->cprb_len + preqcblk->req_parml;
289 pxcrb->request_control_blk_addr = (void __user *)preqcblk;
290 pxcrb->reply_control_blk_length = preqcblk->rpl_msgbl;
291 pxcrb->reply_control_blk_addr = (void __user *)prepcblk;
292}
293
294/*
295 * Generate (random) CCA AES DATA secure key.
296 */
297int cca_genseckey(u16 cardnr, u16 domain,
298 u32 keybitsize, u8 *seckey)
299{
300 int i, rc, keysize;
301 int seckeysize;
302 u8 *mem, *ptr;
303 struct CPRBX *preqcblk, *prepcblk;
304 struct ica_xcRB xcrb;
305 struct kgreqparm {
306 u8 subfunc_code[2];
307 u16 rule_array_len;
308 struct lv1 {
309 u16 len;
310 char key_form[8];
311 char key_length[8];
312 char key_type1[8];
313 char key_type2[8];
314 } lv1;
315 struct lv2 {
316 u16 len;
317 struct keyid {
318 u16 len;
319 u16 attr;
320 u8 data[SECKEYBLOBSIZE];
321 } keyid[6];
322 } lv2;
323 } __packed * preqparm;
324 struct kgrepparm {
325 u8 subfunc_code[2];
326 u16 rule_array_len;
327 struct lv3 {
328 u16 len;
329 u16 keyblocklen;
330 struct {
331 u16 toklen;
332 u16 tokattr;
333 u8 tok[];
334 /* ... some more data ... */
335 } keyblock;
336 } lv3;
337 } __packed * prepparm;
338
339 /* get already prepared memory for 2 cprbs with param block each */
340 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
341 if (rc)
342 return rc;
343
344 /* fill request cprb struct */
345 preqcblk->domain = domain;
346
347 /* fill request cprb param block with KG request */
348 preqparm = (struct kgreqparm __force *)preqcblk->req_parmb;
349 memcpy(preqparm->subfunc_code, "KG", 2);
350 preqparm->rule_array_len = sizeof(preqparm->rule_array_len);
351 preqparm->lv1.len = sizeof(struct lv1);
352 memcpy(preqparm->lv1.key_form, "OP ", 8);
353 switch (keybitsize) {
354 case PKEY_SIZE_AES_128:
355 case PKEY_KEYTYPE_AES_128: /* older ioctls used this */
356 keysize = 16;
357 memcpy(preqparm->lv1.key_length, "KEYLN16 ", 8);
358 break;
359 case PKEY_SIZE_AES_192:
360 case PKEY_KEYTYPE_AES_192: /* older ioctls used this */
361 keysize = 24;
362 memcpy(preqparm->lv1.key_length, "KEYLN24 ", 8);
363 break;
364 case PKEY_SIZE_AES_256:
365 case PKEY_KEYTYPE_AES_256: /* older ioctls used this */
366 keysize = 32;
367 memcpy(preqparm->lv1.key_length, "KEYLN32 ", 8);
368 break;
369 default:
370 DEBUG_ERR("%s unknown/unsupported keybitsize %d\n",
371 __func__, keybitsize);
372 rc = -EINVAL;
373 goto out;
374 }
375 memcpy(preqparm->lv1.key_type1, "AESDATA ", 8);
376 preqparm->lv2.len = sizeof(struct lv2);
377 for (i = 0; i < 6; i++) {
378 preqparm->lv2.keyid[i].len = sizeof(struct keyid);
379 preqparm->lv2.keyid[i].attr = (i == 2 ? 0x30 : 0x10);
380 }
381 preqcblk->req_parml = sizeof(struct kgreqparm);
382
383 /* fill xcrb struct */
384 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
385
386 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
387 rc = zcrypt_send_cprb(&xcrb);
388 if (rc) {
389 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, errno %d\n",
390 __func__, (int)cardnr, (int)domain, rc);
391 goto out;
392 }
393
394 /* check response returncode and reasoncode */
395 if (prepcblk->ccp_rtcode != 0) {
396 DEBUG_ERR("%s secure key generate failure, card response %d/%d\n",
397 __func__,
398 (int)prepcblk->ccp_rtcode,
399 (int)prepcblk->ccp_rscode);
400 rc = -EIO;
401 goto out;
402 }
403
404 /* process response cprb param block */
405 ptr = ((u8 *)prepcblk) + sizeof(struct CPRBX);
406 prepcblk->rpl_parmb = (u8 __user *)ptr;
407 prepparm = (struct kgrepparm *)ptr;
408
409 /* check length of the returned secure key token */
410 seckeysize = prepparm->lv3.keyblock.toklen
411 - sizeof(prepparm->lv3.keyblock.toklen)
412 - sizeof(prepparm->lv3.keyblock.tokattr);
413 if (seckeysize != SECKEYBLOBSIZE) {
414 DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n",
415 __func__, seckeysize, SECKEYBLOBSIZE);
416 rc = -EIO;
417 goto out;
418 }
419
420 /* check secure key token */
421 rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR,
422 prepparm->lv3.keyblock.tok, 8 * keysize);
423 if (rc) {
424 rc = -EIO;
425 goto out;
426 }
427
428 /* copy the generated secure key token */
429 memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE);
430
431out:
432 free_cprbmem(mem, PARMBSIZE, 0);
433 return rc;
434}
435EXPORT_SYMBOL(cca_genseckey);
436
437/*
438 * Generate an CCA AES DATA secure key with given key value.
439 */
440int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize,
441 const u8 *clrkey, u8 *seckey)
442{
443 int rc, keysize, seckeysize;
444 u8 *mem, *ptr;
445 struct CPRBX *preqcblk, *prepcblk;
446 struct ica_xcRB xcrb;
447 struct cmreqparm {
448 u8 subfunc_code[2];
449 u16 rule_array_len;
450 char rule_array[8];
451 struct lv1 {
452 u16 len;
453 u8 clrkey[];
454 } lv1;
455 /* followed by struct lv2 */
456 } __packed * preqparm;
457 struct lv2 {
458 u16 len;
459 struct keyid {
460 u16 len;
461 u16 attr;
462 u8 data[SECKEYBLOBSIZE];
463 } keyid;
464 } __packed * plv2;
465 struct cmrepparm {
466 u8 subfunc_code[2];
467 u16 rule_array_len;
468 struct lv3 {
469 u16 len;
470 u16 keyblocklen;
471 struct {
472 u16 toklen;
473 u16 tokattr;
474 u8 tok[];
475 /* ... some more data ... */
476 } keyblock;
477 } lv3;
478 } __packed * prepparm;
479
480 /* get already prepared memory for 2 cprbs with param block each */
481 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
482 if (rc)
483 return rc;
484
485 /* fill request cprb struct */
486 preqcblk->domain = domain;
487
488 /* fill request cprb param block with CM request */
489 preqparm = (struct cmreqparm __force *)preqcblk->req_parmb;
490 memcpy(preqparm->subfunc_code, "CM", 2);
491 memcpy(preqparm->rule_array, "AES ", 8);
492 preqparm->rule_array_len =
493 sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array);
494 switch (keybitsize) {
495 case PKEY_SIZE_AES_128:
496 case PKEY_KEYTYPE_AES_128: /* older ioctls used this */
497 keysize = 16;
498 break;
499 case PKEY_SIZE_AES_192:
500 case PKEY_KEYTYPE_AES_192: /* older ioctls used this */
501 keysize = 24;
502 break;
503 case PKEY_SIZE_AES_256:
504 case PKEY_KEYTYPE_AES_256: /* older ioctls used this */
505 keysize = 32;
506 break;
507 default:
508 DEBUG_ERR("%s unknown/unsupported keybitsize %d\n",
509 __func__, keybitsize);
510 rc = -EINVAL;
511 goto out;
512 }
513 preqparm->lv1.len = sizeof(struct lv1) + keysize;
514 memcpy(preqparm->lv1.clrkey, clrkey, keysize);
515 plv2 = (struct lv2 *)(((u8 *)preqparm) + sizeof(*preqparm) + keysize);
516 plv2->len = sizeof(struct lv2);
517 plv2->keyid.len = sizeof(struct keyid);
518 plv2->keyid.attr = 0x30;
519 preqcblk->req_parml = sizeof(*preqparm) + keysize + sizeof(*plv2);
520
521 /* fill xcrb struct */
522 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
523
524 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
525 rc = zcrypt_send_cprb(&xcrb);
526 if (rc) {
527 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
528 __func__, (int)cardnr, (int)domain, rc);
529 goto out;
530 }
531
532 /* check response returncode and reasoncode */
533 if (prepcblk->ccp_rtcode != 0) {
534 DEBUG_ERR("%s clear key import failure, card response %d/%d\n",
535 __func__,
536 (int)prepcblk->ccp_rtcode,
537 (int)prepcblk->ccp_rscode);
538 rc = -EIO;
539 goto out;
540 }
541
542 /* process response cprb param block */
543 ptr = ((u8 *)prepcblk) + sizeof(struct CPRBX);
544 prepcblk->rpl_parmb = (u8 __user *)ptr;
545 prepparm = (struct cmrepparm *)ptr;
546
547 /* check length of the returned secure key token */
548 seckeysize = prepparm->lv3.keyblock.toklen
549 - sizeof(prepparm->lv3.keyblock.toklen)
550 - sizeof(prepparm->lv3.keyblock.tokattr);
551 if (seckeysize != SECKEYBLOBSIZE) {
552 DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n",
553 __func__, seckeysize, SECKEYBLOBSIZE);
554 rc = -EIO;
555 goto out;
556 }
557
558 /* check secure key token */
559 rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR,
560 prepparm->lv3.keyblock.tok, 8 * keysize);
561 if (rc) {
562 rc = -EIO;
563 goto out;
564 }
565
566 /* copy the generated secure key token */
567 if (seckey)
568 memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE);
569
570out:
571 free_cprbmem(mem, PARMBSIZE, 1);
572 return rc;
573}
574EXPORT_SYMBOL(cca_clr2seckey);
575
576/*
577 * Derive proteced key from an CCA AES DATA secure key.
578 */
579int cca_sec2protkey(u16 cardnr, u16 domain,
580 const u8 *seckey, u8 *protkey, u32 *protkeylen,
581 u32 *protkeytype)
582{
583 int rc;
584 u8 *mem, *ptr;
585 struct CPRBX *preqcblk, *prepcblk;
586 struct ica_xcRB xcrb;
587 struct uskreqparm {
588 u8 subfunc_code[2];
589 u16 rule_array_len;
590 struct lv1 {
591 u16 len;
592 u16 attr_len;
593 u16 attr_flags;
594 } lv1;
595 struct lv2 {
596 u16 len;
597 u16 attr_len;
598 u16 attr_flags;
599 u8 token[]; /* cca secure key token */
600 } lv2;
601 } __packed * preqparm;
602 struct uskrepparm {
603 u8 subfunc_code[2];
604 u16 rule_array_len;
605 struct lv3 {
606 u16 len;
607 u16 attr_len;
608 u16 attr_flags;
609 struct cpacfkeyblock {
610 u8 version; /* version of this struct */
611 u8 flags[2];
612 u8 algo;
613 u8 form;
614 u8 pad1[3];
615 u16 len;
616 u8 key[64]; /* the key (len bytes) */
617 u16 keyattrlen;
618 u8 keyattr[32];
619 u8 pad2[1];
620 u8 vptype;
621 u8 vp[32]; /* verification pattern */
622 } ckb;
623 } lv3;
624 } __packed * prepparm;
625
626 /* get already prepared memory for 2 cprbs with param block each */
627 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
628 if (rc)
629 return rc;
630
631 /* fill request cprb struct */
632 preqcblk->domain = domain;
633
634 /* fill request cprb param block with USK request */
635 preqparm = (struct uskreqparm __force *)preqcblk->req_parmb;
636 memcpy(preqparm->subfunc_code, "US", 2);
637 preqparm->rule_array_len = sizeof(preqparm->rule_array_len);
638 preqparm->lv1.len = sizeof(struct lv1);
639 preqparm->lv1.attr_len = sizeof(struct lv1) - sizeof(preqparm->lv1.len);
640 preqparm->lv1.attr_flags = 0x0001;
641 preqparm->lv2.len = sizeof(struct lv2) + SECKEYBLOBSIZE;
642 preqparm->lv2.attr_len = sizeof(struct lv2)
643 - sizeof(preqparm->lv2.len) + SECKEYBLOBSIZE;
644 preqparm->lv2.attr_flags = 0x0000;
645 memcpy(preqparm->lv2.token, seckey, SECKEYBLOBSIZE);
646 preqcblk->req_parml = sizeof(struct uskreqparm) + SECKEYBLOBSIZE;
647
648 /* fill xcrb struct */
649 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
650
651 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
652 rc = zcrypt_send_cprb(&xcrb);
653 if (rc) {
654 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
655 __func__, (int)cardnr, (int)domain, rc);
656 goto out;
657 }
658
659 /* check response returncode and reasoncode */
660 if (prepcblk->ccp_rtcode != 0) {
661 DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n",
662 __func__,
663 (int)prepcblk->ccp_rtcode,
664 (int)prepcblk->ccp_rscode);
665 if (prepcblk->ccp_rtcode == 8 && prepcblk->ccp_rscode == 2290)
666 rc = -EAGAIN;
667 else
668 rc = -EIO;
669 goto out;
670 }
671 if (prepcblk->ccp_rscode != 0) {
672 DEBUG_WARN("%s unwrap secure key warning, card response %d/%d\n",
673 __func__,
674 (int)prepcblk->ccp_rtcode,
675 (int)prepcblk->ccp_rscode);
676 }
677
678 /* process response cprb param block */
679 ptr = ((u8 *)prepcblk) + sizeof(struct CPRBX);
680 prepcblk->rpl_parmb = (u8 __user *)ptr;
681 prepparm = (struct uskrepparm *)ptr;
682
683 /* check the returned keyblock */
684 if (prepparm->lv3.ckb.version != 0x01 &&
685 prepparm->lv3.ckb.version != 0x02) {
686 DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n",
687 __func__, (int)prepparm->lv3.ckb.version);
688 rc = -EIO;
689 goto out;
690 }
691
692 /* copy the translated protected key */
693 switch (prepparm->lv3.ckb.len) {
694 case 16 + 32:
695 /* AES 128 protected key */
696 if (protkeytype)
697 *protkeytype = PKEY_KEYTYPE_AES_128;
698 break;
699 case 24 + 32:
700 /* AES 192 protected key */
701 if (protkeytype)
702 *protkeytype = PKEY_KEYTYPE_AES_192;
703 break;
704 case 32 + 32:
705 /* AES 256 protected key */
706 if (protkeytype)
707 *protkeytype = PKEY_KEYTYPE_AES_256;
708 break;
709 default:
710 DEBUG_ERR("%s unknown/unsupported keylen %d\n",
711 __func__, prepparm->lv3.ckb.len);
712 rc = -EIO;
713 goto out;
714 }
715 memcpy(protkey, prepparm->lv3.ckb.key, prepparm->lv3.ckb.len);
716 if (protkeylen)
717 *protkeylen = prepparm->lv3.ckb.len;
718
719out:
720 free_cprbmem(mem, PARMBSIZE, 0);
721 return rc;
722}
723EXPORT_SYMBOL(cca_sec2protkey);
724
725/*
726 * AES cipher key skeleton created with CSNBKTB2 with these flags:
727 * INTERNAL, NO-KEY, AES, CIPHER, ANY-MODE, NOEX-SYM, NOEXAASY,
728 * NOEXUASY, XPRTCPAC, NOEX-RAW, NOEX-DES, NOEX-AES, NOEX-RSA
729 * used by cca_gencipherkey() and cca_clr2cipherkey().
730 */
731static const u8 aes_cipher_key_skeleton[] = {
732 0x01, 0x00, 0x00, 0x38, 0x05, 0x00, 0x00, 0x00,
733 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
734 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
735 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
736 0x00, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
737 0x00, 0x02, 0x00, 0x01, 0x02, 0xc0, 0x00, 0xff,
738 0x00, 0x03, 0x08, 0xc8, 0x00, 0x00, 0x00, 0x00 };
739#define SIZEOF_SKELETON (sizeof(aes_cipher_key_skeleton))
740
741/*
742 * Generate (random) CCA AES CIPHER secure key.
743 */
744int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags,
745 u8 *keybuf, size_t *keybufsize)
746{
747 int rc;
748 u8 *mem, *ptr;
749 struct CPRBX *preqcblk, *prepcblk;
750 struct ica_xcRB xcrb;
751 struct gkreqparm {
752 u8 subfunc_code[2];
753 u16 rule_array_len;
754 char rule_array[2 * 8];
755 struct {
756 u16 len;
757 u8 key_type_1[8];
758 u8 key_type_2[8];
759 u16 clear_key_bit_len;
760 u16 key_name_1_len;
761 u16 key_name_2_len;
762 u16 user_data_1_len;
763 u16 user_data_2_len;
764 /* u8 key_name_1[]; */
765 /* u8 key_name_2[]; */
766 /* u8 user_data_1[]; */
767 /* u8 user_data_2[]; */
768 } vud;
769 struct {
770 u16 len;
771 struct {
772 u16 len;
773 u16 flag;
774 /* u8 kek_id_1[]; */
775 } tlv1;
776 struct {
777 u16 len;
778 u16 flag;
779 /* u8 kek_id_2[]; */
780 } tlv2;
781 struct {
782 u16 len;
783 u16 flag;
784 u8 gen_key_id_1[SIZEOF_SKELETON];
785 } tlv3;
786 struct {
787 u16 len;
788 u16 flag;
789 /* u8 gen_key_id_1_label[]; */
790 } tlv4;
791 struct {
792 u16 len;
793 u16 flag;
794 /* u8 gen_key_id_2[]; */
795 } tlv5;
796 struct {
797 u16 len;
798 u16 flag;
799 /* u8 gen_key_id_2_label[]; */
800 } tlv6;
801 } kb;
802 } __packed * preqparm;
803 struct gkrepparm {
804 u8 subfunc_code[2];
805 u16 rule_array_len;
806 struct {
807 u16 len;
808 } vud;
809 struct {
810 u16 len;
811 struct {
812 u16 len;
813 u16 flag;
814 u8 gen_key[]; /* 120-136 bytes */
815 } tlv1;
816 } kb;
817 } __packed * prepparm;
818 struct cipherkeytoken *t;
819
820 /* get already prepared memory for 2 cprbs with param block each */
821 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
822 if (rc)
823 return rc;
824
825 /* fill request cprb struct */
826 preqcblk->domain = domain;
827 preqcblk->req_parml = sizeof(struct gkreqparm);
828
829 /* prepare request param block with GK request */
830 preqparm = (struct gkreqparm __force *)preqcblk->req_parmb;
831 memcpy(preqparm->subfunc_code, "GK", 2);
832 preqparm->rule_array_len = sizeof(uint16_t) + 2 * 8;
833 memcpy(preqparm->rule_array, "AES OP ", 2 * 8);
834
835 /* prepare vud block */
836 preqparm->vud.len = sizeof(preqparm->vud);
837 switch (keybitsize) {
838 case 128:
839 case 192:
840 case 256:
841 break;
842 default:
843 DEBUG_ERR(
844 "%s unknown/unsupported keybitsize %d\n",
845 __func__, keybitsize);
846 rc = -EINVAL;
847 goto out;
848 }
849 preqparm->vud.clear_key_bit_len = keybitsize;
850 memcpy(preqparm->vud.key_type_1, "TOKEN ", 8);
851 memset(preqparm->vud.key_type_2, ' ', sizeof(preqparm->vud.key_type_2));
852
853 /* prepare kb block */
854 preqparm->kb.len = sizeof(preqparm->kb);
855 preqparm->kb.tlv1.len = sizeof(preqparm->kb.tlv1);
856 preqparm->kb.tlv1.flag = 0x0030;
857 preqparm->kb.tlv2.len = sizeof(preqparm->kb.tlv2);
858 preqparm->kb.tlv2.flag = 0x0030;
859 preqparm->kb.tlv3.len = sizeof(preqparm->kb.tlv3);
860 preqparm->kb.tlv3.flag = 0x0030;
861 memcpy(preqparm->kb.tlv3.gen_key_id_1,
862 aes_cipher_key_skeleton, SIZEOF_SKELETON);
863 preqparm->kb.tlv4.len = sizeof(preqparm->kb.tlv4);
864 preqparm->kb.tlv4.flag = 0x0030;
865 preqparm->kb.tlv5.len = sizeof(preqparm->kb.tlv5);
866 preqparm->kb.tlv5.flag = 0x0030;
867 preqparm->kb.tlv6.len = sizeof(preqparm->kb.tlv6);
868 preqparm->kb.tlv6.flag = 0x0030;
869
870 /* patch the skeleton key token export flags inside the kb block */
871 if (keygenflags) {
872 t = (struct cipherkeytoken *)preqparm->kb.tlv3.gen_key_id_1;
873 t->kmf1 |= (u16)(keygenflags & 0x0000FF00);
874 t->kmf1 &= (u16)~(keygenflags & 0x000000FF);
875 }
876
877 /* prepare xcrb struct */
878 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
879
880 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
881 rc = zcrypt_send_cprb(&xcrb);
882 if (rc) {
883 DEBUG_ERR(
884 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
885 __func__, (int)cardnr, (int)domain, rc);
886 goto out;
887 }
888
889 /* check response returncode and reasoncode */
890 if (prepcblk->ccp_rtcode != 0) {
891 DEBUG_ERR(
892 "%s cipher key generate failure, card response %d/%d\n",
893 __func__,
894 (int)prepcblk->ccp_rtcode,
895 (int)prepcblk->ccp_rscode);
896 rc = -EIO;
897 goto out;
898 }
899
900 /* process response cprb param block */
901 ptr = ((u8 *)prepcblk) + sizeof(struct CPRBX);
902 prepcblk->rpl_parmb = (u8 __user *)ptr;
903 prepparm = (struct gkrepparm *)ptr;
904
905 /* do some plausibility checks on the key block */
906 if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) ||
907 prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) {
908 DEBUG_ERR("%s reply with invalid or unknown key block\n",
909 __func__);
910 rc = -EIO;
911 goto out;
912 }
913
914 /* and some checks on the generated key */
915 rc = cca_check_secaescipherkey(zcrypt_dbf_info, DBF_ERR,
916 prepparm->kb.tlv1.gen_key,
917 keybitsize, 1);
918 if (rc) {
919 rc = -EIO;
920 goto out;
921 }
922
923 /* copy the generated vlsc key token */
924 t = (struct cipherkeytoken *)prepparm->kb.tlv1.gen_key;
925 if (keybuf) {
926 if (*keybufsize >= t->len)
927 memcpy(keybuf, t, t->len);
928 else
929 rc = -EINVAL;
930 }
931 *keybufsize = t->len;
932
933out:
934 free_cprbmem(mem, PARMBSIZE, 0);
935 return rc;
936}
937EXPORT_SYMBOL(cca_gencipherkey);
938
939/*
940 * Helper function, does a the CSNBKPI2 CPRB.
941 */
942static int _ip_cprb_helper(u16 cardnr, u16 domain,
943 const char *rule_array_1,
944 const char *rule_array_2,
945 const char *rule_array_3,
946 const u8 *clr_key_value,
947 int clr_key_bit_size,
948 u8 *key_token,
949 int *key_token_size)
950{
951 int rc, n;
952 u8 *mem, *ptr;
953 struct CPRBX *preqcblk, *prepcblk;
954 struct ica_xcRB xcrb;
955 struct rule_array_block {
956 u8 subfunc_code[2];
957 u16 rule_array_len;
958 char rule_array[];
959 } __packed * preq_ra_block;
960 struct vud_block {
961 u16 len;
962 struct {
963 u16 len;
964 u16 flag; /* 0x0064 */
965 u16 clr_key_bit_len;
966 } tlv1;
967 struct {
968 u16 len;
969 u16 flag; /* 0x0063 */
970 u8 clr_key[]; /* clear key value bytes */
971 } tlv2;
972 } __packed * preq_vud_block;
973 struct key_block {
974 u16 len;
975 struct {
976 u16 len;
977 u16 flag; /* 0x0030 */
978 u8 key_token[]; /* key skeleton */
979 } tlv1;
980 } __packed * preq_key_block;
981 struct iprepparm {
982 u8 subfunc_code[2];
983 u16 rule_array_len;
984 struct {
985 u16 len;
986 } vud;
987 struct {
988 u16 len;
989 struct {
990 u16 len;
991 u16 flag; /* 0x0030 */
992 u8 key_token[]; /* key token */
993 } tlv1;
994 } kb;
995 } __packed * prepparm;
996 struct cipherkeytoken *t;
997 int complete = strncmp(rule_array_2, "COMPLETE", 8) ? 0 : 1;
998
999 /* get already prepared memory for 2 cprbs with param block each */
1000 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
1001 if (rc)
1002 return rc;
1003
1004 /* fill request cprb struct */
1005 preqcblk->domain = domain;
1006 preqcblk->req_parml = 0;
1007
1008 /* prepare request param block with IP request */
1009 preq_ra_block = (struct rule_array_block __force *)preqcblk->req_parmb;
1010 memcpy(preq_ra_block->subfunc_code, "IP", 2);
1011 preq_ra_block->rule_array_len = sizeof(uint16_t) + 2 * 8;
1012 memcpy(preq_ra_block->rule_array, rule_array_1, 8);
1013 memcpy(preq_ra_block->rule_array + 8, rule_array_2, 8);
1014 preqcblk->req_parml = sizeof(struct rule_array_block) + 2 * 8;
1015 if (rule_array_3) {
1016 preq_ra_block->rule_array_len += 8;
1017 memcpy(preq_ra_block->rule_array + 16, rule_array_3, 8);
1018 preqcblk->req_parml += 8;
1019 }
1020
1021 /* prepare vud block */
1022 preq_vud_block = (struct vud_block __force *)
1023 (preqcblk->req_parmb + preqcblk->req_parml);
1024 n = complete ? 0 : (clr_key_bit_size + 7) / 8;
1025 preq_vud_block->len = sizeof(struct vud_block) + n;
1026 preq_vud_block->tlv1.len = sizeof(preq_vud_block->tlv1);
1027 preq_vud_block->tlv1.flag = 0x0064;
1028 preq_vud_block->tlv1.clr_key_bit_len = complete ? 0 : clr_key_bit_size;
1029 preq_vud_block->tlv2.len = sizeof(preq_vud_block->tlv2) + n;
1030 preq_vud_block->tlv2.flag = 0x0063;
1031 if (!complete)
1032 memcpy(preq_vud_block->tlv2.clr_key, clr_key_value, n);
1033 preqcblk->req_parml += preq_vud_block->len;
1034
1035 /* prepare key block */
1036 preq_key_block = (struct key_block __force *)
1037 (preqcblk->req_parmb + preqcblk->req_parml);
1038 n = *key_token_size;
1039 preq_key_block->len = sizeof(struct key_block) + n;
1040 preq_key_block->tlv1.len = sizeof(preq_key_block->tlv1) + n;
1041 preq_key_block->tlv1.flag = 0x0030;
1042 memcpy(preq_key_block->tlv1.key_token, key_token, *key_token_size);
1043 preqcblk->req_parml += preq_key_block->len;
1044
1045 /* prepare xcrb struct */
1046 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1047
1048 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1049 rc = zcrypt_send_cprb(&xcrb);
1050 if (rc) {
1051 DEBUG_ERR(
1052 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1053 __func__, (int)cardnr, (int)domain, rc);
1054 goto out;
1055 }
1056
1057 /* check response returncode and reasoncode */
1058 if (prepcblk->ccp_rtcode != 0) {
1059 DEBUG_ERR(
1060 "%s CSNBKPI2 failure, card response %d/%d\n",
1061 __func__,
1062 (int)prepcblk->ccp_rtcode,
1063 (int)prepcblk->ccp_rscode);
1064 rc = -EIO;
1065 goto out;
1066 }
1067
1068 /* process response cprb param block */
1069 ptr = ((u8 *)prepcblk) + sizeof(struct CPRBX);
1070 prepcblk->rpl_parmb = (u8 __user *)ptr;
1071 prepparm = (struct iprepparm *)ptr;
1072
1073 /* do some plausibility checks on the key block */
1074 if (prepparm->kb.len < 120 + 3 * sizeof(uint16_t) ||
1075 prepparm->kb.len > 136 + 3 * sizeof(uint16_t)) {
1076 DEBUG_ERR("%s reply with invalid or unknown key block\n",
1077 __func__);
1078 rc = -EIO;
1079 goto out;
1080 }
1081
1082 /* do not check the key here, it may be incomplete */
1083
1084 /* copy the vlsc key token back */
1085 t = (struct cipherkeytoken *)prepparm->kb.tlv1.key_token;
1086 memcpy(key_token, t, t->len);
1087 *key_token_size = t->len;
1088
1089out:
1090 free_cprbmem(mem, PARMBSIZE, 0);
1091 return rc;
1092}
1093
1094/*
1095 * Build CCA AES CIPHER secure key with a given clear key value.
1096 */
1097int cca_clr2cipherkey(u16 card, u16 dom, u32 keybitsize, u32 keygenflags,
1098 const u8 *clrkey, u8 *keybuf, size_t *keybufsize)
1099{
1100 int rc;
1101 u8 *token;
1102 int tokensize;
1103 u8 exorbuf[32];
1104 struct cipherkeytoken *t;
1105
1106 /* fill exorbuf with random data */
1107 get_random_bytes(exorbuf, sizeof(exorbuf));
1108
1109 /* allocate space for the key token to build */
1110 token = kmalloc(MAXCCAVLSCTOKENSIZE, GFP_KERNEL);
1111 if (!token)
1112 return -ENOMEM;
1113
1114 /* prepare the token with the key skeleton */
1115 tokensize = SIZEOF_SKELETON;
1116 memcpy(token, aes_cipher_key_skeleton, tokensize);
1117
1118 /* patch the skeleton key token export flags */
1119 if (keygenflags) {
1120 t = (struct cipherkeytoken *)token;
1121 t->kmf1 |= (u16)(keygenflags & 0x0000FF00);
1122 t->kmf1 &= (u16)~(keygenflags & 0x000000FF);
1123 }
1124
1125 /*
1126 * Do the key import with the clear key value in 4 steps:
1127 * 1/4 FIRST import with only random data
1128 * 2/4 EXOR the clear key
1129 * 3/4 EXOR the very same random data again
1130 * 4/4 COMPLETE the secure cipher key import
1131 */
1132 rc = _ip_cprb_helper(card, dom, "AES ", "FIRST ", "MIN3PART",
1133 exorbuf, keybitsize, token, &tokensize);
1134 if (rc) {
1135 DEBUG_ERR(
1136 "%s clear key import 1/4 with CSNBKPI2 failed, rc=%d\n",
1137 __func__, rc);
1138 goto out;
1139 }
1140 rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL,
1141 clrkey, keybitsize, token, &tokensize);
1142 if (rc) {
1143 DEBUG_ERR(
1144 "%s clear key import 2/4 with CSNBKPI2 failed, rc=%d\n",
1145 __func__, rc);
1146 goto out;
1147 }
1148 rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL,
1149 exorbuf, keybitsize, token, &tokensize);
1150 if (rc) {
1151 DEBUG_ERR(
1152 "%s clear key import 3/4 with CSNBKPI2 failed, rc=%d\n",
1153 __func__, rc);
1154 goto out;
1155 }
1156 rc = _ip_cprb_helper(card, dom, "AES ", "COMPLETE", NULL,
1157 NULL, keybitsize, token, &tokensize);
1158 if (rc) {
1159 DEBUG_ERR(
1160 "%s clear key import 4/4 with CSNBKPI2 failed, rc=%d\n",
1161 __func__, rc);
1162 goto out;
1163 }
1164
1165 /* copy the generated key token */
1166 if (keybuf) {
1167 if (tokensize > *keybufsize)
1168 rc = -EINVAL;
1169 else
1170 memcpy(keybuf, token, tokensize);
1171 }
1172 *keybufsize = tokensize;
1173
1174out:
1175 kfree(token);
1176 return rc;
1177}
1178EXPORT_SYMBOL(cca_clr2cipherkey);
1179
1180/*
1181 * Derive proteced key from CCA AES cipher secure key.
1182 */
1183int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
1184 u8 *protkey, u32 *protkeylen, u32 *protkeytype)
1185{
1186 int rc;
1187 u8 *mem, *ptr;
1188 struct CPRBX *preqcblk, *prepcblk;
1189 struct ica_xcRB xcrb;
1190 struct aureqparm {
1191 u8 subfunc_code[2];
1192 u16 rule_array_len;
1193 u8 rule_array[8];
1194 struct {
1195 u16 len;
1196 u16 tk_blob_len;
1197 u16 tk_blob_tag;
1198 u8 tk_blob[66];
1199 } vud;
1200 struct {
1201 u16 len;
1202 u16 cca_key_token_len;
1203 u16 cca_key_token_flags;
1204 u8 cca_key_token[]; /* 64 or more */
1205 } kb;
1206 } __packed * preqparm;
1207 struct aurepparm {
1208 u8 subfunc_code[2];
1209 u16 rule_array_len;
1210 struct {
1211 u16 len;
1212 u16 sublen;
1213 u16 tag;
1214 struct cpacfkeyblock {
1215 u8 version; /* version of this struct */
1216 u8 flags[2];
1217 u8 algo;
1218 u8 form;
1219 u8 pad1[3];
1220 u16 keylen;
1221 u8 key[64]; /* the key (keylen bytes) */
1222 u16 keyattrlen;
1223 u8 keyattr[32];
1224 u8 pad2[1];
1225 u8 vptype;
1226 u8 vp[32]; /* verification pattern */
1227 } ckb;
1228 } vud;
1229 struct {
1230 u16 len;
1231 } kb;
1232 } __packed * prepparm;
1233 int keytoklen = ((struct cipherkeytoken *)ckey)->len;
1234
1235 /* get already prepared memory for 2 cprbs with param block each */
1236 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
1237 if (rc)
1238 return rc;
1239
1240 /* fill request cprb struct */
1241 preqcblk->domain = domain;
1242
1243 /* fill request cprb param block with AU request */
1244 preqparm = (struct aureqparm __force *)preqcblk->req_parmb;
1245 memcpy(preqparm->subfunc_code, "AU", 2);
1246 preqparm->rule_array_len =
1247 sizeof(preqparm->rule_array_len)
1248 + sizeof(preqparm->rule_array);
1249 memcpy(preqparm->rule_array, "EXPT-SK ", 8);
1250 /* vud, tk blob */
1251 preqparm->vud.len = sizeof(preqparm->vud);
1252 preqparm->vud.tk_blob_len = sizeof(preqparm->vud.tk_blob)
1253 + 2 * sizeof(uint16_t);
1254 preqparm->vud.tk_blob_tag = 0x00C2;
1255 /* kb, cca token */
1256 preqparm->kb.len = keytoklen + 3 * sizeof(uint16_t);
1257 preqparm->kb.cca_key_token_len = keytoklen + 2 * sizeof(uint16_t);
1258 memcpy(preqparm->kb.cca_key_token, ckey, keytoklen);
1259 /* now fill length of param block into cprb */
1260 preqcblk->req_parml = sizeof(struct aureqparm) + keytoklen;
1261
1262 /* fill xcrb struct */
1263 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1264
1265 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1266 rc = zcrypt_send_cprb(&xcrb);
1267 if (rc) {
1268 DEBUG_ERR(
1269 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1270 __func__, (int)cardnr, (int)domain, rc);
1271 goto out;
1272 }
1273
1274 /* check response returncode and reasoncode */
1275 if (prepcblk->ccp_rtcode != 0) {
1276 DEBUG_ERR(
1277 "%s unwrap secure key failure, card response %d/%d\n",
1278 __func__,
1279 (int)prepcblk->ccp_rtcode,
1280 (int)prepcblk->ccp_rscode);
1281 if (prepcblk->ccp_rtcode == 8 && prepcblk->ccp_rscode == 2290)
1282 rc = -EAGAIN;
1283 else
1284 rc = -EIO;
1285 goto out;
1286 }
1287 if (prepcblk->ccp_rscode != 0) {
1288 DEBUG_WARN(
1289 "%s unwrap secure key warning, card response %d/%d\n",
1290 __func__,
1291 (int)prepcblk->ccp_rtcode,
1292 (int)prepcblk->ccp_rscode);
1293 }
1294
1295 /* process response cprb param block */
1296 ptr = ((u8 *)prepcblk) + sizeof(struct CPRBX);
1297 prepcblk->rpl_parmb = (u8 __user *)ptr;
1298 prepparm = (struct aurepparm *)ptr;
1299
1300 /* check the returned keyblock */
1301 if (prepparm->vud.ckb.version != 0x01 &&
1302 prepparm->vud.ckb.version != 0x02) {
1303 DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n",
1304 __func__, (int)prepparm->vud.ckb.version);
1305 rc = -EIO;
1306 goto out;
1307 }
1308 if (prepparm->vud.ckb.algo != 0x02) {
1309 DEBUG_ERR(
1310 "%s reply param keyblock algo mismatch 0x%02x != 0x02\n",
1311 __func__, (int)prepparm->vud.ckb.algo);
1312 rc = -EIO;
1313 goto out;
1314 }
1315
1316 /* copy the translated protected key */
1317 switch (prepparm->vud.ckb.keylen) {
1318 case 16 + 32:
1319 /* AES 128 protected key */
1320 if (protkeytype)
1321 *protkeytype = PKEY_KEYTYPE_AES_128;
1322 break;
1323 case 24 + 32:
1324 /* AES 192 protected key */
1325 if (protkeytype)
1326 *protkeytype = PKEY_KEYTYPE_AES_192;
1327 break;
1328 case 32 + 32:
1329 /* AES 256 protected key */
1330 if (protkeytype)
1331 *protkeytype = PKEY_KEYTYPE_AES_256;
1332 break;
1333 default:
1334 DEBUG_ERR("%s unknown/unsupported keylen %d\n",
1335 __func__, prepparm->vud.ckb.keylen);
1336 rc = -EIO;
1337 goto out;
1338 }
1339 memcpy(protkey, prepparm->vud.ckb.key, prepparm->vud.ckb.keylen);
1340 if (protkeylen)
1341 *protkeylen = prepparm->vud.ckb.keylen;
1342
1343out:
1344 free_cprbmem(mem, PARMBSIZE, 0);
1345 return rc;
1346}
1347EXPORT_SYMBOL(cca_cipher2protkey);
1348
1349/*
1350 * Derive protected key from CCA ECC secure private key.
1351 */
1352int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key,
1353 u8 *protkey, u32 *protkeylen, u32 *protkeytype)
1354{
1355 int rc;
1356 u8 *mem, *ptr;
1357 struct CPRBX *preqcblk, *prepcblk;
1358 struct ica_xcRB xcrb;
1359 struct aureqparm {
1360 u8 subfunc_code[2];
1361 u16 rule_array_len;
1362 u8 rule_array[8];
1363 struct {
1364 u16 len;
1365 u16 tk_blob_len;
1366 u16 tk_blob_tag;
1367 u8 tk_blob[66];
1368 } vud;
1369 struct {
1370 u16 len;
1371 u16 cca_key_token_len;
1372 u16 cca_key_token_flags;
1373 u8 cca_key_token[];
1374 } kb;
1375 } __packed * preqparm;
1376 struct aurepparm {
1377 u8 subfunc_code[2];
1378 u16 rule_array_len;
1379 struct {
1380 u16 len;
1381 u16 sublen;
1382 u16 tag;
1383 struct cpacfkeyblock {
1384 u8 version; /* version of this struct */
1385 u8 flags[2];
1386 u8 algo;
1387 u8 form;
1388 u8 pad1[3];
1389 u16 keylen;
1390 u8 key[]; /* the key (keylen bytes) */
1391 /* u16 keyattrlen; */
1392 /* u8 keyattr[32]; */
1393 /* u8 pad2[1]; */
1394 /* u8 vptype; */
1395 /* u8 vp[32]; verification pattern */
1396 } ckb;
1397 } vud;
1398 /* followed by a key block */
1399 } __packed * prepparm;
1400 int keylen = ((struct eccprivkeytoken *)key)->len;
1401
1402 /* get already prepared memory for 2 cprbs with param block each */
1403 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
1404 if (rc)
1405 return rc;
1406
1407 /* fill request cprb struct */
1408 preqcblk->domain = domain;
1409
1410 /* fill request cprb param block with AU request */
1411 preqparm = (struct aureqparm __force *)preqcblk->req_parmb;
1412 memcpy(preqparm->subfunc_code, "AU", 2);
1413 preqparm->rule_array_len =
1414 sizeof(preqparm->rule_array_len)
1415 + sizeof(preqparm->rule_array);
1416 memcpy(preqparm->rule_array, "EXPT-SK ", 8);
1417 /* vud, tk blob */
1418 preqparm->vud.len = sizeof(preqparm->vud);
1419 preqparm->vud.tk_blob_len = sizeof(preqparm->vud.tk_blob)
1420 + 2 * sizeof(uint16_t);
1421 preqparm->vud.tk_blob_tag = 0x00C2;
1422 /* kb, cca token */
1423 preqparm->kb.len = keylen + 3 * sizeof(uint16_t);
1424 preqparm->kb.cca_key_token_len = keylen + 2 * sizeof(uint16_t);
1425 memcpy(preqparm->kb.cca_key_token, key, keylen);
1426 /* now fill length of param block into cprb */
1427 preqcblk->req_parml = sizeof(struct aureqparm) + keylen;
1428
1429 /* fill xcrb struct */
1430 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1431
1432 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1433 rc = zcrypt_send_cprb(&xcrb);
1434 if (rc) {
1435 DEBUG_ERR(
1436 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1437 __func__, (int)cardnr, (int)domain, rc);
1438 goto out;
1439 }
1440
1441 /* check response returncode and reasoncode */
1442 if (prepcblk->ccp_rtcode != 0) {
1443 DEBUG_ERR(
1444 "%s unwrap secure key failure, card response %d/%d\n",
1445 __func__,
1446 (int)prepcblk->ccp_rtcode,
1447 (int)prepcblk->ccp_rscode);
1448 if (prepcblk->ccp_rtcode == 8 && prepcblk->ccp_rscode == 2290)
1449 rc = -EAGAIN;
1450 else
1451 rc = -EIO;
1452 goto out;
1453 }
1454 if (prepcblk->ccp_rscode != 0) {
1455 DEBUG_WARN(
1456 "%s unwrap secure key warning, card response %d/%d\n",
1457 __func__,
1458 (int)prepcblk->ccp_rtcode,
1459 (int)prepcblk->ccp_rscode);
1460 }
1461
1462 /* process response cprb param block */
1463 ptr = ((u8 *)prepcblk) + sizeof(struct CPRBX);
1464 prepcblk->rpl_parmb = (u8 __user *)ptr;
1465 prepparm = (struct aurepparm *)ptr;
1466
1467 /* check the returned keyblock */
1468 if (prepparm->vud.ckb.version != 0x02) {
1469 DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x != 0x02\n",
1470 __func__, (int)prepparm->vud.ckb.version);
1471 rc = -EIO;
1472 goto out;
1473 }
1474 if (prepparm->vud.ckb.algo != 0x81) {
1475 DEBUG_ERR(
1476 "%s reply param keyblock algo mismatch 0x%02x != 0x81\n",
1477 __func__, (int)prepparm->vud.ckb.algo);
1478 rc = -EIO;
1479 goto out;
1480 }
1481
1482 /* copy the translated protected key */
1483 if (prepparm->vud.ckb.keylen > *protkeylen) {
1484 DEBUG_ERR("%s prot keylen mismatch %d > buffersize %u\n",
1485 __func__, prepparm->vud.ckb.keylen, *protkeylen);
1486 rc = -EIO;
1487 goto out;
1488 }
1489 memcpy(protkey, prepparm->vud.ckb.key, prepparm->vud.ckb.keylen);
1490 *protkeylen = prepparm->vud.ckb.keylen;
1491 if (protkeytype)
1492 *protkeytype = PKEY_KEYTYPE_ECC;
1493
1494out:
1495 free_cprbmem(mem, PARMBSIZE, 0);
1496 return rc;
1497}
1498EXPORT_SYMBOL(cca_ecc2protkey);
1499
1500/*
1501 * query cryptographic facility from CCA adapter
1502 */
1503int cca_query_crypto_facility(u16 cardnr, u16 domain,
1504 const char *keyword,
1505 u8 *rarray, size_t *rarraylen,
1506 u8 *varray, size_t *varraylen)
1507{
1508 int rc;
1509 u16 len;
1510 u8 *mem, *ptr;
1511 struct CPRBX *preqcblk, *prepcblk;
1512 struct ica_xcRB xcrb;
1513 struct fqreqparm {
1514 u8 subfunc_code[2];
1515 u16 rule_array_len;
1516 char rule_array[8];
1517 struct lv1 {
1518 u16 len;
1519 u8 data[VARDATASIZE];
1520 } lv1;
1521 u16 dummylen;
1522 } __packed * preqparm;
1523 size_t parmbsize = sizeof(struct fqreqparm);
1524 struct fqrepparm {
1525 u8 subfunc_code[2];
1526 u8 lvdata[];
1527 } __packed * prepparm;
1528
1529 /* get already prepared memory for 2 cprbs with param block each */
1530 rc = alloc_and_prep_cprbmem(parmbsize, &mem, &preqcblk, &prepcblk);
1531 if (rc)
1532 return rc;
1533
1534 /* fill request cprb struct */
1535 preqcblk->domain = domain;
1536
1537 /* fill request cprb param block with FQ request */
1538 preqparm = (struct fqreqparm __force *)preqcblk->req_parmb;
1539 memcpy(preqparm->subfunc_code, "FQ", 2);
1540 memcpy(preqparm->rule_array, keyword, sizeof(preqparm->rule_array));
1541 preqparm->rule_array_len =
1542 sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array);
1543 preqparm->lv1.len = sizeof(preqparm->lv1);
1544 preqparm->dummylen = sizeof(preqparm->dummylen);
1545 preqcblk->req_parml = parmbsize;
1546
1547 /* fill xcrb struct */
1548 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1549
1550 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1551 rc = zcrypt_send_cprb(&xcrb);
1552 if (rc) {
1553 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1554 __func__, (int)cardnr, (int)domain, rc);
1555 goto out;
1556 }
1557
1558 /* check response returncode and reasoncode */
1559 if (prepcblk->ccp_rtcode != 0) {
1560 DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n",
1561 __func__,
1562 (int)prepcblk->ccp_rtcode,
1563 (int)prepcblk->ccp_rscode);
1564 rc = -EIO;
1565 goto out;
1566 }
1567
1568 /* process response cprb param block */
1569 ptr = ((u8 *)prepcblk) + sizeof(struct CPRBX);
1570 prepcblk->rpl_parmb = (u8 __user *)ptr;
1571 prepparm = (struct fqrepparm *)ptr;
1572 ptr = prepparm->lvdata;
1573
1574 /* check and possibly copy reply rule array */
1575 len = *((u16 *)ptr);
1576 if (len > sizeof(u16)) {
1577 ptr += sizeof(u16);
1578 len -= sizeof(u16);
1579 if (rarray && rarraylen && *rarraylen > 0) {
1580 *rarraylen = (len > *rarraylen ? *rarraylen : len);
1581 memcpy(rarray, ptr, *rarraylen);
1582 }
1583 ptr += len;
1584 }
1585 /* check and possible copy reply var array */
1586 len = *((u16 *)ptr);
1587 if (len > sizeof(u16)) {
1588 ptr += sizeof(u16);
1589 len -= sizeof(u16);
1590 if (varray && varraylen && *varraylen > 0) {
1591 *varraylen = (len > *varraylen ? *varraylen : len);
1592 memcpy(varray, ptr, *varraylen);
1593 }
1594 ptr += len;
1595 }
1596
1597out:
1598 free_cprbmem(mem, parmbsize, 0);
1599 return rc;
1600}
1601EXPORT_SYMBOL(cca_query_crypto_facility);
1602
1603static int cca_info_cache_fetch(u16 cardnr, u16 domain, struct cca_info *ci)
1604{
1605 int rc = -ENOENT;
1606 struct cca_info_list_entry *ptr;
1607
1608 spin_lock_bh(&cca_info_list_lock);
1609 list_for_each_entry(ptr, &cca_info_list, list) {
1610 if (ptr->cardnr == cardnr && ptr->domain == domain) {
1611 memcpy(ci, &ptr->info, sizeof(*ci));
1612 rc = 0;
1613 break;
1614 }
1615 }
1616 spin_unlock_bh(&cca_info_list_lock);
1617
1618 return rc;
1619}
1620
1621static void cca_info_cache_update(u16 cardnr, u16 domain,
1622 const struct cca_info *ci)
1623{
1624 int found = 0;
1625 struct cca_info_list_entry *ptr;
1626
1627 spin_lock_bh(&cca_info_list_lock);
1628 list_for_each_entry(ptr, &cca_info_list, list) {
1629 if (ptr->cardnr == cardnr &&
1630 ptr->domain == domain) {
1631 memcpy(&ptr->info, ci, sizeof(*ci));
1632 found = 1;
1633 break;
1634 }
1635 }
1636 if (!found) {
1637 ptr = kmalloc(sizeof(*ptr), GFP_ATOMIC);
1638 if (!ptr) {
1639 spin_unlock_bh(&cca_info_list_lock);
1640 return;
1641 }
1642 ptr->cardnr = cardnr;
1643 ptr->domain = domain;
1644 memcpy(&ptr->info, ci, sizeof(*ci));
1645 list_add(&ptr->list, &cca_info_list);
1646 }
1647 spin_unlock_bh(&cca_info_list_lock);
1648}
1649
1650static void cca_info_cache_scrub(u16 cardnr, u16 domain)
1651{
1652 struct cca_info_list_entry *ptr;
1653
1654 spin_lock_bh(&cca_info_list_lock);
1655 list_for_each_entry(ptr, &cca_info_list, list) {
1656 if (ptr->cardnr == cardnr &&
1657 ptr->domain == domain) {
1658 list_del(&ptr->list);
1659 kfree(ptr);
1660 break;
1661 }
1662 }
1663 spin_unlock_bh(&cca_info_list_lock);
1664}
1665
1666static void __exit mkvp_cache_free(void)
1667{
1668 struct cca_info_list_entry *ptr, *pnext;
1669
1670 spin_lock_bh(&cca_info_list_lock);
1671 list_for_each_entry_safe(ptr, pnext, &cca_info_list, list) {
1672 list_del(&ptr->list);
1673 kfree(ptr);
1674 }
1675 spin_unlock_bh(&cca_info_list_lock);
1676}
1677
1678/*
1679 * Fetch cca_info values via query_crypto_facility from adapter.
1680 */
1681static int fetch_cca_info(u16 cardnr, u16 domain, struct cca_info *ci)
1682{
1683 int rc, found = 0;
1684 size_t rlen, vlen;
1685 u8 *rarray, *varray, *pg;
1686 struct zcrypt_device_status_ext devstat;
1687
1688 memset(ci, 0, sizeof(*ci));
1689
1690 /* get first info from zcrypt device driver about this apqn */
1691 rc = zcrypt_device_status_ext(cardnr, domain, &devstat);
1692 if (rc)
1693 return rc;
1694 ci->hwtype = devstat.hwtype;
1695
1696 /* prep page for rule array and var array use */
1697 pg = (u8 *)__get_free_page(GFP_KERNEL);
1698 if (!pg)
1699 return -ENOMEM;
1700 rarray = pg;
1701 varray = pg + PAGE_SIZE / 2;
1702 rlen = vlen = PAGE_SIZE / 2;
1703
1704 /* QF for this card/domain */
1705 rc = cca_query_crypto_facility(cardnr, domain, "STATICSA",
1706 rarray, &rlen, varray, &vlen);
1707 if (rc == 0 && rlen >= 10 * 8 && vlen >= 204) {
1708 memcpy(ci->serial, rarray, 8);
1709 ci->new_asym_mk_state = (char)rarray[4 * 8];
1710 ci->cur_asym_mk_state = (char)rarray[5 * 8];
1711 ci->old_asym_mk_state = (char)rarray[6 * 8];
1712 if (ci->old_asym_mk_state == '2')
1713 memcpy(ci->old_asym_mkvp, varray + 64, 16);
1714 if (ci->cur_asym_mk_state == '2')
1715 memcpy(ci->cur_asym_mkvp, varray + 84, 16);
1716 if (ci->new_asym_mk_state == '3')
1717 memcpy(ci->new_asym_mkvp, varray + 104, 16);
1718 ci->new_aes_mk_state = (char)rarray[7 * 8];
1719 ci->cur_aes_mk_state = (char)rarray[8 * 8];
1720 ci->old_aes_mk_state = (char)rarray[9 * 8];
1721 if (ci->old_aes_mk_state == '2')
1722 memcpy(&ci->old_aes_mkvp, varray + 172, 8);
1723 if (ci->cur_aes_mk_state == '2')
1724 memcpy(&ci->cur_aes_mkvp, varray + 184, 8);
1725 if (ci->new_aes_mk_state == '3')
1726 memcpy(&ci->new_aes_mkvp, varray + 196, 8);
1727 found++;
1728 }
1729 if (!found)
1730 goto out;
1731 rlen = vlen = PAGE_SIZE / 2;
1732 rc = cca_query_crypto_facility(cardnr, domain, "STATICSB",
1733 rarray, &rlen, varray, &vlen);
1734 if (rc == 0 && rlen >= 13 * 8 && vlen >= 240) {
1735 ci->new_apka_mk_state = (char)rarray[10 * 8];
1736 ci->cur_apka_mk_state = (char)rarray[11 * 8];
1737 ci->old_apka_mk_state = (char)rarray[12 * 8];
1738 if (ci->old_apka_mk_state == '2')
1739 memcpy(&ci->old_apka_mkvp, varray + 208, 8);
1740 if (ci->cur_apka_mk_state == '2')
1741 memcpy(&ci->cur_apka_mkvp, varray + 220, 8);
1742 if (ci->new_apka_mk_state == '3')
1743 memcpy(&ci->new_apka_mkvp, varray + 232, 8);
1744 found++;
1745 }
1746
1747out:
1748 free_page((unsigned long)pg);
1749 return found == 2 ? 0 : -ENOENT;
1750}
1751
1752/*
1753 * Fetch cca information about a CCA queue.
1754 */
1755int cca_get_info(u16 card, u16 dom, struct cca_info *ci, int verify)
1756{
1757 int rc;
1758
1759 rc = cca_info_cache_fetch(card, dom, ci);
1760 if (rc || verify) {
1761 rc = fetch_cca_info(card, dom, ci);
1762 if (rc == 0)
1763 cca_info_cache_update(card, dom, ci);
1764 }
1765
1766 return rc;
1767}
1768EXPORT_SYMBOL(cca_get_info);
1769
1770/*
1771 * Search for a matching crypto card based on the
1772 * Master Key Verification Pattern given.
1773 */
1774static int findcard(u64 mkvp, u16 *pcardnr, u16 *pdomain,
1775 int verify, int minhwtype)
1776{
1777 struct zcrypt_device_status_ext *device_status;
1778 u16 card, dom;
1779 struct cca_info ci;
1780 int i, rc, oi = -1;
1781
1782 /* mkvp must not be zero, minhwtype needs to be >= 0 */
1783 if (mkvp == 0 || minhwtype < 0)
1784 return -EINVAL;
1785
1786 /* fetch status of all crypto cards */
1787 device_status = kvmalloc_array(MAX_ZDEV_ENTRIES_EXT,
1788 sizeof(struct zcrypt_device_status_ext),
1789 GFP_KERNEL);
1790 if (!device_status)
1791 return -ENOMEM;
1792 zcrypt_device_status_mask_ext(device_status);
1793
1794 /* walk through all crypto cards */
1795 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1796 card = AP_QID_CARD(device_status[i].qid);
1797 dom = AP_QID_QUEUE(device_status[i].qid);
1798 if (device_status[i].online &&
1799 device_status[i].functions & 0x04) {
1800 /* enabled CCA card, check current mkvp from cache */
1801 if (cca_info_cache_fetch(card, dom, &ci) == 0 &&
1802 ci.hwtype >= minhwtype &&
1803 ci.cur_aes_mk_state == '2' &&
1804 ci.cur_aes_mkvp == mkvp) {
1805 if (!verify)
1806 break;
1807 /* verify: refresh card info */
1808 if (fetch_cca_info(card, dom, &ci) == 0) {
1809 cca_info_cache_update(card, dom, &ci);
1810 if (ci.hwtype >= minhwtype &&
1811 ci.cur_aes_mk_state == '2' &&
1812 ci.cur_aes_mkvp == mkvp)
1813 break;
1814 }
1815 }
1816 } else {
1817 /* Card is offline and/or not a CCA card. */
1818 /* del mkvp entry from cache if it exists */
1819 cca_info_cache_scrub(card, dom);
1820 }
1821 }
1822 if (i >= MAX_ZDEV_ENTRIES_EXT) {
1823 /* nothing found, so this time without cache */
1824 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1825 if (!(device_status[i].online &&
1826 device_status[i].functions & 0x04))
1827 continue;
1828 card = AP_QID_CARD(device_status[i].qid);
1829 dom = AP_QID_QUEUE(device_status[i].qid);
1830 /* fresh fetch mkvp from adapter */
1831 if (fetch_cca_info(card, dom, &ci) == 0) {
1832 cca_info_cache_update(card, dom, &ci);
1833 if (ci.hwtype >= minhwtype &&
1834 ci.cur_aes_mk_state == '2' &&
1835 ci.cur_aes_mkvp == mkvp)
1836 break;
1837 if (ci.hwtype >= minhwtype &&
1838 ci.old_aes_mk_state == '2' &&
1839 ci.old_aes_mkvp == mkvp &&
1840 oi < 0)
1841 oi = i;
1842 }
1843 }
1844 if (i >= MAX_ZDEV_ENTRIES_EXT && oi >= 0) {
1845 /* old mkvp matched, use this card then */
1846 card = AP_QID_CARD(device_status[oi].qid);
1847 dom = AP_QID_QUEUE(device_status[oi].qid);
1848 }
1849 }
1850 if (i < MAX_ZDEV_ENTRIES_EXT || oi >= 0) {
1851 if (pcardnr)
1852 *pcardnr = card;
1853 if (pdomain)
1854 *pdomain = dom;
1855 rc = (i < MAX_ZDEV_ENTRIES_EXT ? 0 : 1);
1856 } else {
1857 rc = -ENODEV;
1858 }
1859
1860 kvfree(device_status);
1861 return rc;
1862}
1863
1864/*
1865 * Search for a matching crypto card based on the Master Key
1866 * Verification Pattern provided inside a secure key token.
1867 */
1868int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify)
1869{
1870 u64 mkvp;
1871 int minhwtype = 0;
1872 const struct keytoken_header *hdr = (struct keytoken_header *)key;
1873
1874 if (hdr->type != TOKTYPE_CCA_INTERNAL)
1875 return -EINVAL;
1876
1877 switch (hdr->version) {
1878 case TOKVER_CCA_AES:
1879 mkvp = ((struct secaeskeytoken *)key)->mkvp;
1880 break;
1881 case TOKVER_CCA_VLSC:
1882 mkvp = ((struct cipherkeytoken *)key)->mkvp0;
1883 minhwtype = AP_DEVICE_TYPE_CEX6;
1884 break;
1885 default:
1886 return -EINVAL;
1887 }
1888
1889 return findcard(mkvp, pcardnr, pdomain, verify, minhwtype);
1890}
1891EXPORT_SYMBOL(cca_findcard);
1892
1893int cca_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain,
1894 int minhwtype, int mktype, u64 cur_mkvp, u64 old_mkvp,
1895 int verify)
1896{
1897 struct zcrypt_device_status_ext *device_status;
1898 u32 *_apqns = NULL, _nr_apqns = 0;
1899 int i, card, dom, curmatch, oldmatch, rc = 0;
1900 struct cca_info ci;
1901
1902 /* fetch status of all crypto cards */
1903 device_status = kvmalloc_array(MAX_ZDEV_ENTRIES_EXT,
1904 sizeof(struct zcrypt_device_status_ext),
1905 GFP_KERNEL);
1906 if (!device_status)
1907 return -ENOMEM;
1908 zcrypt_device_status_mask_ext(device_status);
1909
1910 /* allocate 1k space for up to 256 apqns */
1911 _apqns = kmalloc_array(256, sizeof(u32), GFP_KERNEL);
1912 if (!_apqns) {
1913 kvfree(device_status);
1914 return -ENOMEM;
1915 }
1916
1917 /* walk through all the crypto apqnss */
1918 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1919 card = AP_QID_CARD(device_status[i].qid);
1920 dom = AP_QID_QUEUE(device_status[i].qid);
1921 /* check online state */
1922 if (!device_status[i].online)
1923 continue;
1924 /* check for cca functions */
1925 if (!(device_status[i].functions & 0x04))
1926 continue;
1927 /* check cardnr */
1928 if (cardnr != 0xFFFF && card != cardnr)
1929 continue;
1930 /* check domain */
1931 if (domain != 0xFFFF && dom != domain)
1932 continue;
1933 /* get cca info on this apqn */
1934 if (cca_get_info(card, dom, &ci, verify))
1935 continue;
1936 /* current master key needs to be valid */
1937 if (mktype == AES_MK_SET && ci.cur_aes_mk_state != '2')
1938 continue;
1939 if (mktype == APKA_MK_SET && ci.cur_apka_mk_state != '2')
1940 continue;
1941 /* check min hardware type */
1942 if (minhwtype > 0 && minhwtype > ci.hwtype)
1943 continue;
1944 if (cur_mkvp || old_mkvp) {
1945 /* check mkvps */
1946 curmatch = oldmatch = 0;
1947 if (mktype == AES_MK_SET) {
1948 if (cur_mkvp && cur_mkvp == ci.cur_aes_mkvp)
1949 curmatch = 1;
1950 if (old_mkvp && ci.old_aes_mk_state == '2' &&
1951 old_mkvp == ci.old_aes_mkvp)
1952 oldmatch = 1;
1953 } else {
1954 if (cur_mkvp && cur_mkvp == ci.cur_apka_mkvp)
1955 curmatch = 1;
1956 if (old_mkvp && ci.old_apka_mk_state == '2' &&
1957 old_mkvp == ci.old_apka_mkvp)
1958 oldmatch = 1;
1959 }
1960 if (curmatch + oldmatch < 1)
1961 continue;
1962 }
1963 /* apqn passed all filtering criterons, add to the array */
1964 if (_nr_apqns < 256)
1965 _apqns[_nr_apqns++] = (((u16)card) << 16) | ((u16)dom);
1966 }
1967
1968 /* nothing found ? */
1969 if (!_nr_apqns) {
1970 kfree(_apqns);
1971 rc = -ENODEV;
1972 } else {
1973 /* no re-allocation, simple return the _apqns array */
1974 *apqns = _apqns;
1975 *nr_apqns = _nr_apqns;
1976 rc = 0;
1977 }
1978
1979 kvfree(device_status);
1980 return rc;
1981}
1982EXPORT_SYMBOL(cca_findcard2);
1983
1984void __exit zcrypt_ccamisc_exit(void)
1985{
1986 mkvp_cache_free();
1987}
1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Copyright IBM Corp. 2019
4 * Author(s): Harald Freudenberger <freude@linux.ibm.com>
5 * Ingo Franzki <ifranzki@linux.ibm.com>
6 *
7 * Collection of CCA misc functions used by zcrypt and pkey
8 */
9
10#define KMSG_COMPONENT "zcrypt"
11#define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
12
13#include <linux/init.h>
14#include <linux/module.h>
15#include <linux/slab.h>
16#include <linux/random.h>
17#include <asm/zcrypt.h>
18#include <asm/pkey.h>
19
20#include "ap_bus.h"
21#include "zcrypt_api.h"
22#include "zcrypt_debug.h"
23#include "zcrypt_msgtype6.h"
24#include "zcrypt_ccamisc.h"
25
26#define DEBUG_DBG(...) ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__)
27#define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__)
28#define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__)
29#define DEBUG_ERR(...) ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__)
30
31/* Size of parameter block used for all cca requests/replies */
32#define PARMBSIZE 512
33
34/* Size of vardata block used for some of the cca requests/replies */
35#define VARDATASIZE 4096
36
37struct cca_info_list_entry {
38 struct list_head list;
39 u16 cardnr;
40 u16 domain;
41 struct cca_info info;
42};
43
44/* a list with cca_info_list_entry entries */
45static LIST_HEAD(cca_info_list);
46static DEFINE_SPINLOCK(cca_info_list_lock);
47
48/*
49 * Simple check if the token is a valid CCA secure AES data key
50 * token. If keybitsize is given, the bitsize of the key is
51 * also checked. Returns 0 on success or errno value on failure.
52 */
53int cca_check_secaeskeytoken(debug_info_t *dbg, int dbflvl,
54 const u8 *token, int keybitsize)
55{
56 struct secaeskeytoken *t = (struct secaeskeytoken *) token;
57
58#define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
59
60 if (t->type != TOKTYPE_CCA_INTERNAL) {
61 if (dbg)
62 DBF("%s token check failed, type 0x%02x != 0x%02x\n",
63 __func__, (int) t->type, TOKTYPE_CCA_INTERNAL);
64 return -EINVAL;
65 }
66 if (t->version != TOKVER_CCA_AES) {
67 if (dbg)
68 DBF("%s token check failed, version 0x%02x != 0x%02x\n",
69 __func__, (int) t->version, TOKVER_CCA_AES);
70 return -EINVAL;
71 }
72 if (keybitsize > 0 && t->bitsize != keybitsize) {
73 if (dbg)
74 DBF("%s token check failed, bitsize %d != %d\n",
75 __func__, (int) t->bitsize, keybitsize);
76 return -EINVAL;
77 }
78
79#undef DBF
80
81 return 0;
82}
83EXPORT_SYMBOL(cca_check_secaeskeytoken);
84
85/*
86 * Simple check if the token is a valid CCA secure AES cipher key
87 * token. If keybitsize is given, the bitsize of the key is
88 * also checked. If checkcpacfexport is enabled, the key is also
89 * checked for the export flag to allow CPACF export.
90 * Returns 0 on success or errno value on failure.
91 */
92int cca_check_secaescipherkey(debug_info_t *dbg, int dbflvl,
93 const u8 *token, int keybitsize,
94 int checkcpacfexport)
95{
96 struct cipherkeytoken *t = (struct cipherkeytoken *) token;
97 bool keybitsizeok = true;
98
99#define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
100
101 if (t->type != TOKTYPE_CCA_INTERNAL) {
102 if (dbg)
103 DBF("%s token check failed, type 0x%02x != 0x%02x\n",
104 __func__, (int) t->type, TOKTYPE_CCA_INTERNAL);
105 return -EINVAL;
106 }
107 if (t->version != TOKVER_CCA_VLSC) {
108 if (dbg)
109 DBF("%s token check failed, version 0x%02x != 0x%02x\n",
110 __func__, (int) t->version, TOKVER_CCA_VLSC);
111 return -EINVAL;
112 }
113 if (t->algtype != 0x02) {
114 if (dbg)
115 DBF("%s token check failed, algtype 0x%02x != 0x02\n",
116 __func__, (int) t->algtype);
117 return -EINVAL;
118 }
119 if (t->keytype != 0x0001) {
120 if (dbg)
121 DBF("%s token check failed, keytype 0x%04x != 0x0001\n",
122 __func__, (int) t->keytype);
123 return -EINVAL;
124 }
125 if (t->plfver != 0x00 && t->plfver != 0x01) {
126 if (dbg)
127 DBF("%s token check failed, unknown plfver 0x%02x\n",
128 __func__, (int) t->plfver);
129 return -EINVAL;
130 }
131 if (t->wpllen != 512 && t->wpllen != 576 && t->wpllen != 640) {
132 if (dbg)
133 DBF("%s token check failed, unknown wpllen %d\n",
134 __func__, (int) t->wpllen);
135 return -EINVAL;
136 }
137 if (keybitsize > 0) {
138 switch (keybitsize) {
139 case 128:
140 if (t->wpllen != (t->plfver ? 640 : 512))
141 keybitsizeok = false;
142 break;
143 case 192:
144 if (t->wpllen != (t->plfver ? 640 : 576))
145 keybitsizeok = false;
146 break;
147 case 256:
148 if (t->wpllen != 640)
149 keybitsizeok = false;
150 break;
151 default:
152 keybitsizeok = false;
153 break;
154 }
155 if (!keybitsizeok) {
156 if (dbg)
157 DBF("%s token check failed, bitsize %d\n",
158 __func__, keybitsize);
159 return -EINVAL;
160 }
161 }
162 if (checkcpacfexport && !(t->kmf1 & KMF1_XPRT_CPAC)) {
163 if (dbg)
164 DBF("%s token check failed, XPRT_CPAC bit is 0\n",
165 __func__);
166 return -EINVAL;
167 }
168
169#undef DBF
170
171 return 0;
172}
173EXPORT_SYMBOL(cca_check_secaescipherkey);
174
175/*
176 * Allocate consecutive memory for request CPRB, request param
177 * block, reply CPRB and reply param block and fill in values
178 * for the common fields. Returns 0 on success or errno value
179 * on failure.
180 */
181static int alloc_and_prep_cprbmem(size_t paramblen,
182 u8 **pcprbmem,
183 struct CPRBX **preqCPRB,
184 struct CPRBX **prepCPRB)
185{
186 u8 *cprbmem;
187 size_t cprbplusparamblen = sizeof(struct CPRBX) + paramblen;
188 struct CPRBX *preqcblk, *prepcblk;
189
190 /*
191 * allocate consecutive memory for request CPRB, request param
192 * block, reply CPRB and reply param block
193 */
194 cprbmem = kcalloc(2, cprbplusparamblen, GFP_KERNEL);
195 if (!cprbmem)
196 return -ENOMEM;
197
198 preqcblk = (struct CPRBX *) cprbmem;
199 prepcblk = (struct CPRBX *) (cprbmem + cprbplusparamblen);
200
201 /* fill request cprb struct */
202 preqcblk->cprb_len = sizeof(struct CPRBX);
203 preqcblk->cprb_ver_id = 0x02;
204 memcpy(preqcblk->func_id, "T2", 2);
205 preqcblk->rpl_msgbl = cprbplusparamblen;
206 if (paramblen) {
207 preqcblk->req_parmb =
208 ((u8 *) preqcblk) + sizeof(struct CPRBX);
209 preqcblk->rpl_parmb =
210 ((u8 *) prepcblk) + sizeof(struct CPRBX);
211 }
212
213 *pcprbmem = cprbmem;
214 *preqCPRB = preqcblk;
215 *prepCPRB = prepcblk;
216
217 return 0;
218}
219
220/*
221 * Free the cprb memory allocated with the function above.
222 * If the scrub value is not zero, the memory is filled
223 * with zeros before freeing (useful if there was some
224 * clear key material in there).
225 */
226static void free_cprbmem(void *mem, size_t paramblen, int scrub)
227{
228 if (scrub)
229 memzero_explicit(mem, 2 * (sizeof(struct CPRBX) + paramblen));
230 kfree(mem);
231}
232
233/*
234 * Helper function to prepare the xcrb struct
235 */
236static inline void prep_xcrb(struct ica_xcRB *pxcrb,
237 u16 cardnr,
238 struct CPRBX *preqcblk,
239 struct CPRBX *prepcblk)
240{
241 memset(pxcrb, 0, sizeof(*pxcrb));
242 pxcrb->agent_ID = 0x4341; /* 'CA' */
243 pxcrb->user_defined = (cardnr == 0xFFFF ? AUTOSELECT : cardnr);
244 pxcrb->request_control_blk_length =
245 preqcblk->cprb_len + preqcblk->req_parml;
246 pxcrb->request_control_blk_addr = (void __user *) preqcblk;
247 pxcrb->reply_control_blk_length = preqcblk->rpl_msgbl;
248 pxcrb->reply_control_blk_addr = (void __user *) prepcblk;
249}
250
251/*
252 * Helper function which calls zcrypt_send_cprb with
253 * memory management segment adjusted to kernel space
254 * so that the copy_from_user called within this
255 * function do in fact copy from kernel space.
256 */
257static inline int _zcrypt_send_cprb(struct ica_xcRB *xcrb)
258{
259 int rc;
260 mm_segment_t old_fs = get_fs();
261
262 set_fs(KERNEL_DS);
263 rc = zcrypt_send_cprb(xcrb);
264 set_fs(old_fs);
265
266 return rc;
267}
268
269/*
270 * Generate (random) CCA AES DATA secure key.
271 */
272int cca_genseckey(u16 cardnr, u16 domain,
273 u32 keybitsize, u8 seckey[SECKEYBLOBSIZE])
274{
275 int i, rc, keysize;
276 int seckeysize;
277 u8 *mem;
278 struct CPRBX *preqcblk, *prepcblk;
279 struct ica_xcRB xcrb;
280 struct kgreqparm {
281 u8 subfunc_code[2];
282 u16 rule_array_len;
283 struct lv1 {
284 u16 len;
285 char key_form[8];
286 char key_length[8];
287 char key_type1[8];
288 char key_type2[8];
289 } lv1;
290 struct lv2 {
291 u16 len;
292 struct keyid {
293 u16 len;
294 u16 attr;
295 u8 data[SECKEYBLOBSIZE];
296 } keyid[6];
297 } lv2;
298 } __packed * preqparm;
299 struct kgrepparm {
300 u8 subfunc_code[2];
301 u16 rule_array_len;
302 struct lv3 {
303 u16 len;
304 u16 keyblocklen;
305 struct {
306 u16 toklen;
307 u16 tokattr;
308 u8 tok[0];
309 /* ... some more data ... */
310 } keyblock;
311 } lv3;
312 } __packed * prepparm;
313
314 /* get already prepared memory for 2 cprbs with param block each */
315 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
316 if (rc)
317 return rc;
318
319 /* fill request cprb struct */
320 preqcblk->domain = domain;
321
322 /* fill request cprb param block with KG request */
323 preqparm = (struct kgreqparm *) preqcblk->req_parmb;
324 memcpy(preqparm->subfunc_code, "KG", 2);
325 preqparm->rule_array_len = sizeof(preqparm->rule_array_len);
326 preqparm->lv1.len = sizeof(struct lv1);
327 memcpy(preqparm->lv1.key_form, "OP ", 8);
328 switch (keybitsize) {
329 case PKEY_SIZE_AES_128:
330 case PKEY_KEYTYPE_AES_128: /* older ioctls used this */
331 keysize = 16;
332 memcpy(preqparm->lv1.key_length, "KEYLN16 ", 8);
333 break;
334 case PKEY_SIZE_AES_192:
335 case PKEY_KEYTYPE_AES_192: /* older ioctls used this */
336 keysize = 24;
337 memcpy(preqparm->lv1.key_length, "KEYLN24 ", 8);
338 break;
339 case PKEY_SIZE_AES_256:
340 case PKEY_KEYTYPE_AES_256: /* older ioctls used this */
341 keysize = 32;
342 memcpy(preqparm->lv1.key_length, "KEYLN32 ", 8);
343 break;
344 default:
345 DEBUG_ERR("%s unknown/unsupported keybitsize %d\n",
346 __func__, keybitsize);
347 rc = -EINVAL;
348 goto out;
349 }
350 memcpy(preqparm->lv1.key_type1, "AESDATA ", 8);
351 preqparm->lv2.len = sizeof(struct lv2);
352 for (i = 0; i < 6; i++) {
353 preqparm->lv2.keyid[i].len = sizeof(struct keyid);
354 preqparm->lv2.keyid[i].attr = (i == 2 ? 0x30 : 0x10);
355 }
356 preqcblk->req_parml = sizeof(struct kgreqparm);
357
358 /* fill xcrb struct */
359 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
360
361 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
362 rc = _zcrypt_send_cprb(&xcrb);
363 if (rc) {
364 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, errno %d\n",
365 __func__, (int) cardnr, (int) domain, rc);
366 goto out;
367 }
368
369 /* check response returncode and reasoncode */
370 if (prepcblk->ccp_rtcode != 0) {
371 DEBUG_ERR("%s secure key generate failure, card response %d/%d\n",
372 __func__,
373 (int) prepcblk->ccp_rtcode,
374 (int) prepcblk->ccp_rscode);
375 rc = -EIO;
376 goto out;
377 }
378
379 /* process response cprb param block */
380 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
381 prepparm = (struct kgrepparm *) prepcblk->rpl_parmb;
382
383 /* check length of the returned secure key token */
384 seckeysize = prepparm->lv3.keyblock.toklen
385 - sizeof(prepparm->lv3.keyblock.toklen)
386 - sizeof(prepparm->lv3.keyblock.tokattr);
387 if (seckeysize != SECKEYBLOBSIZE) {
388 DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n",
389 __func__, seckeysize, SECKEYBLOBSIZE);
390 rc = -EIO;
391 goto out;
392 }
393
394 /* check secure key token */
395 rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR,
396 prepparm->lv3.keyblock.tok, 8*keysize);
397 if (rc) {
398 rc = -EIO;
399 goto out;
400 }
401
402 /* copy the generated secure key token */
403 memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE);
404
405out:
406 free_cprbmem(mem, PARMBSIZE, 0);
407 return rc;
408}
409EXPORT_SYMBOL(cca_genseckey);
410
411/*
412 * Generate an CCA AES DATA secure key with given key value.
413 */
414int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize,
415 const u8 *clrkey, u8 seckey[SECKEYBLOBSIZE])
416{
417 int rc, keysize, seckeysize;
418 u8 *mem;
419 struct CPRBX *preqcblk, *prepcblk;
420 struct ica_xcRB xcrb;
421 struct cmreqparm {
422 u8 subfunc_code[2];
423 u16 rule_array_len;
424 char rule_array[8];
425 struct lv1 {
426 u16 len;
427 u8 clrkey[0];
428 } lv1;
429 struct lv2 {
430 u16 len;
431 struct keyid {
432 u16 len;
433 u16 attr;
434 u8 data[SECKEYBLOBSIZE];
435 } keyid;
436 } lv2;
437 } __packed * preqparm;
438 struct lv2 *plv2;
439 struct cmrepparm {
440 u8 subfunc_code[2];
441 u16 rule_array_len;
442 struct lv3 {
443 u16 len;
444 u16 keyblocklen;
445 struct {
446 u16 toklen;
447 u16 tokattr;
448 u8 tok[0];
449 /* ... some more data ... */
450 } keyblock;
451 } lv3;
452 } __packed * prepparm;
453
454 /* get already prepared memory for 2 cprbs with param block each */
455 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
456 if (rc)
457 return rc;
458
459 /* fill request cprb struct */
460 preqcblk->domain = domain;
461
462 /* fill request cprb param block with CM request */
463 preqparm = (struct cmreqparm *) preqcblk->req_parmb;
464 memcpy(preqparm->subfunc_code, "CM", 2);
465 memcpy(preqparm->rule_array, "AES ", 8);
466 preqparm->rule_array_len =
467 sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array);
468 switch (keybitsize) {
469 case PKEY_SIZE_AES_128:
470 case PKEY_KEYTYPE_AES_128: /* older ioctls used this */
471 keysize = 16;
472 break;
473 case PKEY_SIZE_AES_192:
474 case PKEY_KEYTYPE_AES_192: /* older ioctls used this */
475 keysize = 24;
476 break;
477 case PKEY_SIZE_AES_256:
478 case PKEY_KEYTYPE_AES_256: /* older ioctls used this */
479 keysize = 32;
480 break;
481 default:
482 DEBUG_ERR("%s unknown/unsupported keybitsize %d\n",
483 __func__, keybitsize);
484 rc = -EINVAL;
485 goto out;
486 }
487 preqparm->lv1.len = sizeof(struct lv1) + keysize;
488 memcpy(preqparm->lv1.clrkey, clrkey, keysize);
489 plv2 = (struct lv2 *) (((u8 *) &preqparm->lv2) + keysize);
490 plv2->len = sizeof(struct lv2);
491 plv2->keyid.len = sizeof(struct keyid);
492 plv2->keyid.attr = 0x30;
493 preqcblk->req_parml = sizeof(struct cmreqparm) + keysize;
494
495 /* fill xcrb struct */
496 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
497
498 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
499 rc = _zcrypt_send_cprb(&xcrb);
500 if (rc) {
501 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
502 __func__, (int) cardnr, (int) domain, rc);
503 goto out;
504 }
505
506 /* check response returncode and reasoncode */
507 if (prepcblk->ccp_rtcode != 0) {
508 DEBUG_ERR("%s clear key import failure, card response %d/%d\n",
509 __func__,
510 (int) prepcblk->ccp_rtcode,
511 (int) prepcblk->ccp_rscode);
512 rc = -EIO;
513 goto out;
514 }
515
516 /* process response cprb param block */
517 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
518 prepparm = (struct cmrepparm *) prepcblk->rpl_parmb;
519
520 /* check length of the returned secure key token */
521 seckeysize = prepparm->lv3.keyblock.toklen
522 - sizeof(prepparm->lv3.keyblock.toklen)
523 - sizeof(prepparm->lv3.keyblock.tokattr);
524 if (seckeysize != SECKEYBLOBSIZE) {
525 DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n",
526 __func__, seckeysize, SECKEYBLOBSIZE);
527 rc = -EIO;
528 goto out;
529 }
530
531 /* check secure key token */
532 rc = cca_check_secaeskeytoken(zcrypt_dbf_info, DBF_ERR,
533 prepparm->lv3.keyblock.tok, 8*keysize);
534 if (rc) {
535 rc = -EIO;
536 goto out;
537 }
538
539 /* copy the generated secure key token */
540 if (seckey)
541 memcpy(seckey, prepparm->lv3.keyblock.tok, SECKEYBLOBSIZE);
542
543out:
544 free_cprbmem(mem, PARMBSIZE, 1);
545 return rc;
546}
547EXPORT_SYMBOL(cca_clr2seckey);
548
549/*
550 * Derive proteced key from an CCA AES DATA secure key.
551 */
552int cca_sec2protkey(u16 cardnr, u16 domain,
553 const u8 seckey[SECKEYBLOBSIZE],
554 u8 *protkey, u32 *protkeylen, u32 *protkeytype)
555{
556 int rc;
557 u8 *mem;
558 struct CPRBX *preqcblk, *prepcblk;
559 struct ica_xcRB xcrb;
560 struct uskreqparm {
561 u8 subfunc_code[2];
562 u16 rule_array_len;
563 struct lv1 {
564 u16 len;
565 u16 attr_len;
566 u16 attr_flags;
567 } lv1;
568 struct lv2 {
569 u16 len;
570 u16 attr_len;
571 u16 attr_flags;
572 u8 token[0]; /* cca secure key token */
573 } lv2;
574 } __packed * preqparm;
575 struct uskrepparm {
576 u8 subfunc_code[2];
577 u16 rule_array_len;
578 struct lv3 {
579 u16 len;
580 u16 attr_len;
581 u16 attr_flags;
582 struct cpacfkeyblock {
583 u8 version; /* version of this struct */
584 u8 flags[2];
585 u8 algo;
586 u8 form;
587 u8 pad1[3];
588 u16 len;
589 u8 key[64]; /* the key (len bytes) */
590 u16 keyattrlen;
591 u8 keyattr[32];
592 u8 pad2[1];
593 u8 vptype;
594 u8 vp[32]; /* verification pattern */
595 } keyblock;
596 } lv3;
597 } __packed * prepparm;
598
599 /* get already prepared memory for 2 cprbs with param block each */
600 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
601 if (rc)
602 return rc;
603
604 /* fill request cprb struct */
605 preqcblk->domain = domain;
606
607 /* fill request cprb param block with USK request */
608 preqparm = (struct uskreqparm *) preqcblk->req_parmb;
609 memcpy(preqparm->subfunc_code, "US", 2);
610 preqparm->rule_array_len = sizeof(preqparm->rule_array_len);
611 preqparm->lv1.len = sizeof(struct lv1);
612 preqparm->lv1.attr_len = sizeof(struct lv1) - sizeof(preqparm->lv1.len);
613 preqparm->lv1.attr_flags = 0x0001;
614 preqparm->lv2.len = sizeof(struct lv2) + SECKEYBLOBSIZE;
615 preqparm->lv2.attr_len = sizeof(struct lv2)
616 - sizeof(preqparm->lv2.len) + SECKEYBLOBSIZE;
617 preqparm->lv2.attr_flags = 0x0000;
618 memcpy(preqparm->lv2.token, seckey, SECKEYBLOBSIZE);
619 preqcblk->req_parml = sizeof(struct uskreqparm) + SECKEYBLOBSIZE;
620
621 /* fill xcrb struct */
622 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
623
624 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
625 rc = _zcrypt_send_cprb(&xcrb);
626 if (rc) {
627 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
628 __func__, (int) cardnr, (int) domain, rc);
629 goto out;
630 }
631
632 /* check response returncode and reasoncode */
633 if (prepcblk->ccp_rtcode != 0) {
634 DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n",
635 __func__,
636 (int) prepcblk->ccp_rtcode,
637 (int) prepcblk->ccp_rscode);
638 rc = -EIO;
639 goto out;
640 }
641 if (prepcblk->ccp_rscode != 0) {
642 DEBUG_WARN("%s unwrap secure key warning, card response %d/%d\n",
643 __func__,
644 (int) prepcblk->ccp_rtcode,
645 (int) prepcblk->ccp_rscode);
646 }
647
648 /* process response cprb param block */
649 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
650 prepparm = (struct uskrepparm *) prepcblk->rpl_parmb;
651
652 /* check the returned keyblock */
653 if (prepparm->lv3.keyblock.version != 0x01) {
654 DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x != 0x01\n",
655 __func__, (int) prepparm->lv3.keyblock.version);
656 rc = -EIO;
657 goto out;
658 }
659
660 /* copy the tanslated protected key */
661 switch (prepparm->lv3.keyblock.len) {
662 case 16+32:
663 /* AES 128 protected key */
664 if (protkeytype)
665 *protkeytype = PKEY_KEYTYPE_AES_128;
666 break;
667 case 24+32:
668 /* AES 192 protected key */
669 if (protkeytype)
670 *protkeytype = PKEY_KEYTYPE_AES_192;
671 break;
672 case 32+32:
673 /* AES 256 protected key */
674 if (protkeytype)
675 *protkeytype = PKEY_KEYTYPE_AES_256;
676 break;
677 default:
678 DEBUG_ERR("%s unknown/unsupported keylen %d\n",
679 __func__, prepparm->lv3.keyblock.len);
680 rc = -EIO;
681 goto out;
682 }
683 memcpy(protkey, prepparm->lv3.keyblock.key, prepparm->lv3.keyblock.len);
684 if (protkeylen)
685 *protkeylen = prepparm->lv3.keyblock.len;
686
687out:
688 free_cprbmem(mem, PARMBSIZE, 0);
689 return rc;
690}
691EXPORT_SYMBOL(cca_sec2protkey);
692
693/*
694 * AES cipher key skeleton created with CSNBKTB2 with these flags:
695 * INTERNAL, NO-KEY, AES, CIPHER, ANY-MODE, NOEX-SYM, NOEXAASY,
696 * NOEXUASY, XPRTCPAC, NOEX-RAW, NOEX-DES, NOEX-AES, NOEX-RSA
697 * used by cca_gencipherkey() and cca_clr2cipherkey().
698 */
699static const u8 aes_cipher_key_skeleton[] = {
700 0x01, 0x00, 0x00, 0x38, 0x05, 0x00, 0x00, 0x00,
701 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
702 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
703 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
704 0x00, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
705 0x00, 0x02, 0x00, 0x01, 0x02, 0xc0, 0x00, 0xff,
706 0x00, 0x03, 0x08, 0xc8, 0x00, 0x00, 0x00, 0x00 };
707#define SIZEOF_SKELETON (sizeof(aes_cipher_key_skeleton))
708
709/*
710 * Generate (random) CCA AES CIPHER secure key.
711 */
712int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags,
713 u8 *keybuf, size_t *keybufsize)
714{
715 int rc;
716 u8 *mem;
717 struct CPRBX *preqcblk, *prepcblk;
718 struct ica_xcRB xcrb;
719 struct gkreqparm {
720 u8 subfunc_code[2];
721 u16 rule_array_len;
722 char rule_array[2*8];
723 struct {
724 u16 len;
725 u8 key_type_1[8];
726 u8 key_type_2[8];
727 u16 clear_key_bit_len;
728 u16 key_name_1_len;
729 u16 key_name_2_len;
730 u16 user_data_1_len;
731 u16 user_data_2_len;
732 u8 key_name_1[0];
733 u8 key_name_2[0];
734 u8 user_data_1[0];
735 u8 user_data_2[0];
736 } vud;
737 struct {
738 u16 len;
739 struct {
740 u16 len;
741 u16 flag;
742 u8 kek_id_1[0];
743 } tlv1;
744 struct {
745 u16 len;
746 u16 flag;
747 u8 kek_id_2[0];
748 } tlv2;
749 struct {
750 u16 len;
751 u16 flag;
752 u8 gen_key_id_1[SIZEOF_SKELETON];
753 } tlv3;
754 struct {
755 u16 len;
756 u16 flag;
757 u8 gen_key_id_1_label[0];
758 } tlv4;
759 struct {
760 u16 len;
761 u16 flag;
762 u8 gen_key_id_2[0];
763 } tlv5;
764 struct {
765 u16 len;
766 u16 flag;
767 u8 gen_key_id_2_label[0];
768 } tlv6;
769 } kb;
770 } __packed * preqparm;
771 struct gkrepparm {
772 u8 subfunc_code[2];
773 u16 rule_array_len;
774 struct {
775 u16 len;
776 } vud;
777 struct {
778 u16 len;
779 struct {
780 u16 len;
781 u16 flag;
782 u8 gen_key[0]; /* 120-136 bytes */
783 } tlv1;
784 } kb;
785 } __packed * prepparm;
786 struct cipherkeytoken *t;
787
788 /* get already prepared memory for 2 cprbs with param block each */
789 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
790 if (rc)
791 return rc;
792
793 /* fill request cprb struct */
794 preqcblk->domain = domain;
795 preqcblk->req_parml = sizeof(struct gkreqparm);
796
797 /* prepare request param block with GK request */
798 preqparm = (struct gkreqparm *) preqcblk->req_parmb;
799 memcpy(preqparm->subfunc_code, "GK", 2);
800 preqparm->rule_array_len = sizeof(uint16_t) + 2 * 8;
801 memcpy(preqparm->rule_array, "AES OP ", 2*8);
802
803 /* prepare vud block */
804 preqparm->vud.len = sizeof(preqparm->vud);
805 switch (keybitsize) {
806 case 128:
807 case 192:
808 case 256:
809 break;
810 default:
811 DEBUG_ERR(
812 "%s unknown/unsupported keybitsize %d\n",
813 __func__, keybitsize);
814 rc = -EINVAL;
815 goto out;
816 }
817 preqparm->vud.clear_key_bit_len = keybitsize;
818 memcpy(preqparm->vud.key_type_1, "TOKEN ", 8);
819 memset(preqparm->vud.key_type_2, ' ', sizeof(preqparm->vud.key_type_2));
820
821 /* prepare kb block */
822 preqparm->kb.len = sizeof(preqparm->kb);
823 preqparm->kb.tlv1.len = sizeof(preqparm->kb.tlv1);
824 preqparm->kb.tlv1.flag = 0x0030;
825 preqparm->kb.tlv2.len = sizeof(preqparm->kb.tlv2);
826 preqparm->kb.tlv2.flag = 0x0030;
827 preqparm->kb.tlv3.len = sizeof(preqparm->kb.tlv3);
828 preqparm->kb.tlv3.flag = 0x0030;
829 memcpy(preqparm->kb.tlv3.gen_key_id_1,
830 aes_cipher_key_skeleton, SIZEOF_SKELETON);
831 preqparm->kb.tlv4.len = sizeof(preqparm->kb.tlv4);
832 preqparm->kb.tlv4.flag = 0x0030;
833 preqparm->kb.tlv5.len = sizeof(preqparm->kb.tlv5);
834 preqparm->kb.tlv5.flag = 0x0030;
835 preqparm->kb.tlv6.len = sizeof(preqparm->kb.tlv6);
836 preqparm->kb.tlv6.flag = 0x0030;
837
838 /* patch the skeleton key token export flags inside the kb block */
839 if (keygenflags) {
840 t = (struct cipherkeytoken *) preqparm->kb.tlv3.gen_key_id_1;
841 t->kmf1 |= (u16) (keygenflags & 0x0000FF00);
842 t->kmf1 &= (u16) ~(keygenflags & 0x000000FF);
843 }
844
845 /* prepare xcrb struct */
846 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
847
848 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
849 rc = _zcrypt_send_cprb(&xcrb);
850 if (rc) {
851 DEBUG_ERR(
852 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
853 __func__, (int) cardnr, (int) domain, rc);
854 goto out;
855 }
856
857 /* check response returncode and reasoncode */
858 if (prepcblk->ccp_rtcode != 0) {
859 DEBUG_ERR(
860 "%s cipher key generate failure, card response %d/%d\n",
861 __func__,
862 (int) prepcblk->ccp_rtcode,
863 (int) prepcblk->ccp_rscode);
864 rc = -EIO;
865 goto out;
866 }
867
868 /* process response cprb param block */
869 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
870 prepparm = (struct gkrepparm *) prepcblk->rpl_parmb;
871
872 /* do some plausibility checks on the key block */
873 if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) ||
874 prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) {
875 DEBUG_ERR("%s reply with invalid or unknown key block\n",
876 __func__);
877 rc = -EIO;
878 goto out;
879 }
880
881 /* and some checks on the generated key */
882 rc = cca_check_secaescipherkey(zcrypt_dbf_info, DBF_ERR,
883 prepparm->kb.tlv1.gen_key,
884 keybitsize, 1);
885 if (rc) {
886 rc = -EIO;
887 goto out;
888 }
889
890 /* copy the generated vlsc key token */
891 t = (struct cipherkeytoken *) prepparm->kb.tlv1.gen_key;
892 if (keybuf) {
893 if (*keybufsize >= t->len)
894 memcpy(keybuf, t, t->len);
895 else
896 rc = -EINVAL;
897 }
898 *keybufsize = t->len;
899
900out:
901 free_cprbmem(mem, PARMBSIZE, 0);
902 return rc;
903}
904EXPORT_SYMBOL(cca_gencipherkey);
905
906/*
907 * Helper function, does a the CSNBKPI2 CPRB.
908 */
909static int _ip_cprb_helper(u16 cardnr, u16 domain,
910 const char *rule_array_1,
911 const char *rule_array_2,
912 const char *rule_array_3,
913 const u8 *clr_key_value,
914 int clr_key_bit_size,
915 u8 *key_token,
916 int *key_token_size)
917{
918 int rc, n;
919 u8 *mem;
920 struct CPRBX *preqcblk, *prepcblk;
921 struct ica_xcRB xcrb;
922 struct rule_array_block {
923 u8 subfunc_code[2];
924 u16 rule_array_len;
925 char rule_array[0];
926 } __packed * preq_ra_block;
927 struct vud_block {
928 u16 len;
929 struct {
930 u16 len;
931 u16 flag; /* 0x0064 */
932 u16 clr_key_bit_len;
933 } tlv1;
934 struct {
935 u16 len;
936 u16 flag; /* 0x0063 */
937 u8 clr_key[0]; /* clear key value bytes */
938 } tlv2;
939 } __packed * preq_vud_block;
940 struct key_block {
941 u16 len;
942 struct {
943 u16 len;
944 u16 flag; /* 0x0030 */
945 u8 key_token[0]; /* key skeleton */
946 } tlv1;
947 } __packed * preq_key_block;
948 struct iprepparm {
949 u8 subfunc_code[2];
950 u16 rule_array_len;
951 struct {
952 u16 len;
953 } vud;
954 struct {
955 u16 len;
956 struct {
957 u16 len;
958 u16 flag; /* 0x0030 */
959 u8 key_token[0]; /* key token */
960 } tlv1;
961 } kb;
962 } __packed * prepparm;
963 struct cipherkeytoken *t;
964 int complete = strncmp(rule_array_2, "COMPLETE", 8) ? 0 : 1;
965
966 /* get already prepared memory for 2 cprbs with param block each */
967 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
968 if (rc)
969 return rc;
970
971 /* fill request cprb struct */
972 preqcblk->domain = domain;
973 preqcblk->req_parml = 0;
974
975 /* prepare request param block with IP request */
976 preq_ra_block = (struct rule_array_block *) preqcblk->req_parmb;
977 memcpy(preq_ra_block->subfunc_code, "IP", 2);
978 preq_ra_block->rule_array_len = sizeof(uint16_t) + 2 * 8;
979 memcpy(preq_ra_block->rule_array, rule_array_1, 8);
980 memcpy(preq_ra_block->rule_array + 8, rule_array_2, 8);
981 preqcblk->req_parml = sizeof(struct rule_array_block) + 2 * 8;
982 if (rule_array_3) {
983 preq_ra_block->rule_array_len += 8;
984 memcpy(preq_ra_block->rule_array + 16, rule_array_3, 8);
985 preqcblk->req_parml += 8;
986 }
987
988 /* prepare vud block */
989 preq_vud_block = (struct vud_block *)
990 (preqcblk->req_parmb + preqcblk->req_parml);
991 n = complete ? 0 : (clr_key_bit_size + 7) / 8;
992 preq_vud_block->len = sizeof(struct vud_block) + n;
993 preq_vud_block->tlv1.len = sizeof(preq_vud_block->tlv1);
994 preq_vud_block->tlv1.flag = 0x0064;
995 preq_vud_block->tlv1.clr_key_bit_len = complete ? 0 : clr_key_bit_size;
996 preq_vud_block->tlv2.len = sizeof(preq_vud_block->tlv2) + n;
997 preq_vud_block->tlv2.flag = 0x0063;
998 if (!complete)
999 memcpy(preq_vud_block->tlv2.clr_key, clr_key_value, n);
1000 preqcblk->req_parml += preq_vud_block->len;
1001
1002 /* prepare key block */
1003 preq_key_block = (struct key_block *)
1004 (preqcblk->req_parmb + preqcblk->req_parml);
1005 n = *key_token_size;
1006 preq_key_block->len = sizeof(struct key_block) + n;
1007 preq_key_block->tlv1.len = sizeof(preq_key_block->tlv1) + n;
1008 preq_key_block->tlv1.flag = 0x0030;
1009 memcpy(preq_key_block->tlv1.key_token, key_token, *key_token_size);
1010 preqcblk->req_parml += preq_key_block->len;
1011
1012 /* prepare xcrb struct */
1013 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1014
1015 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1016 rc = _zcrypt_send_cprb(&xcrb);
1017 if (rc) {
1018 DEBUG_ERR(
1019 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1020 __func__, (int) cardnr, (int) domain, rc);
1021 goto out;
1022 }
1023
1024 /* check response returncode and reasoncode */
1025 if (prepcblk->ccp_rtcode != 0) {
1026 DEBUG_ERR(
1027 "%s CSNBKPI2 failure, card response %d/%d\n",
1028 __func__,
1029 (int) prepcblk->ccp_rtcode,
1030 (int) prepcblk->ccp_rscode);
1031 rc = -EIO;
1032 goto out;
1033 }
1034
1035 /* process response cprb param block */
1036 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
1037 prepparm = (struct iprepparm *) prepcblk->rpl_parmb;
1038
1039 /* do some plausibility checks on the key block */
1040 if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) ||
1041 prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) {
1042 DEBUG_ERR("%s reply with invalid or unknown key block\n",
1043 __func__);
1044 rc = -EIO;
1045 goto out;
1046 }
1047
1048 /* do not check the key here, it may be incomplete */
1049
1050 /* copy the vlsc key token back */
1051 t = (struct cipherkeytoken *) prepparm->kb.tlv1.key_token;
1052 memcpy(key_token, t, t->len);
1053 *key_token_size = t->len;
1054
1055out:
1056 free_cprbmem(mem, PARMBSIZE, 0);
1057 return rc;
1058}
1059
1060/*
1061 * Build CCA AES CIPHER secure key with a given clear key value.
1062 */
1063int cca_clr2cipherkey(u16 card, u16 dom, u32 keybitsize, u32 keygenflags,
1064 const u8 *clrkey, u8 *keybuf, size_t *keybufsize)
1065{
1066 int rc;
1067 u8 *token;
1068 int tokensize;
1069 u8 exorbuf[32];
1070 struct cipherkeytoken *t;
1071
1072 /* fill exorbuf with random data */
1073 get_random_bytes(exorbuf, sizeof(exorbuf));
1074
1075 /* allocate space for the key token to build */
1076 token = kmalloc(MAXCCAVLSCTOKENSIZE, GFP_KERNEL);
1077 if (!token)
1078 return -ENOMEM;
1079
1080 /* prepare the token with the key skeleton */
1081 tokensize = SIZEOF_SKELETON;
1082 memcpy(token, aes_cipher_key_skeleton, tokensize);
1083
1084 /* patch the skeleton key token export flags */
1085 if (keygenflags) {
1086 t = (struct cipherkeytoken *) token;
1087 t->kmf1 |= (u16) (keygenflags & 0x0000FF00);
1088 t->kmf1 &= (u16) ~(keygenflags & 0x000000FF);
1089 }
1090
1091 /*
1092 * Do the key import with the clear key value in 4 steps:
1093 * 1/4 FIRST import with only random data
1094 * 2/4 EXOR the clear key
1095 * 3/4 EXOR the very same random data again
1096 * 4/4 COMPLETE the secure cipher key import
1097 */
1098 rc = _ip_cprb_helper(card, dom, "AES ", "FIRST ", "MIN3PART",
1099 exorbuf, keybitsize, token, &tokensize);
1100 if (rc) {
1101 DEBUG_ERR(
1102 "%s clear key import 1/4 with CSNBKPI2 failed, rc=%d\n",
1103 __func__, rc);
1104 goto out;
1105 }
1106 rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL,
1107 clrkey, keybitsize, token, &tokensize);
1108 if (rc) {
1109 DEBUG_ERR(
1110 "%s clear key import 2/4 with CSNBKPI2 failed, rc=%d\n",
1111 __func__, rc);
1112 goto out;
1113 }
1114 rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL,
1115 exorbuf, keybitsize, token, &tokensize);
1116 if (rc) {
1117 DEBUG_ERR(
1118 "%s clear key import 3/4 with CSNBKPI2 failed, rc=%d\n",
1119 __func__, rc);
1120 goto out;
1121 }
1122 rc = _ip_cprb_helper(card, dom, "AES ", "COMPLETE", NULL,
1123 NULL, keybitsize, token, &tokensize);
1124 if (rc) {
1125 DEBUG_ERR(
1126 "%s clear key import 4/4 with CSNBKPI2 failed, rc=%d\n",
1127 __func__, rc);
1128 goto out;
1129 }
1130
1131 /* copy the generated key token */
1132 if (keybuf) {
1133 if (tokensize > *keybufsize)
1134 rc = -EINVAL;
1135 else
1136 memcpy(keybuf, token, tokensize);
1137 }
1138 *keybufsize = tokensize;
1139
1140out:
1141 kfree(token);
1142 return rc;
1143}
1144EXPORT_SYMBOL(cca_clr2cipherkey);
1145
1146/*
1147 * Derive proteced key from CCA AES cipher secure key.
1148 */
1149int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
1150 u8 *protkey, u32 *protkeylen, u32 *protkeytype)
1151{
1152 int rc;
1153 u8 *mem;
1154 struct CPRBX *preqcblk, *prepcblk;
1155 struct ica_xcRB xcrb;
1156 struct aureqparm {
1157 u8 subfunc_code[2];
1158 u16 rule_array_len;
1159 u8 rule_array[8];
1160 struct {
1161 u16 len;
1162 u16 tk_blob_len;
1163 u16 tk_blob_tag;
1164 u8 tk_blob[66];
1165 } vud;
1166 struct {
1167 u16 len;
1168 u16 cca_key_token_len;
1169 u16 cca_key_token_flags;
1170 u8 cca_key_token[0]; // 64 or more
1171 } kb;
1172 } __packed * preqparm;
1173 struct aurepparm {
1174 u8 subfunc_code[2];
1175 u16 rule_array_len;
1176 struct {
1177 u16 len;
1178 u16 sublen;
1179 u16 tag;
1180 struct cpacfkeyblock {
1181 u8 version; /* version of this struct */
1182 u8 flags[2];
1183 u8 algo;
1184 u8 form;
1185 u8 pad1[3];
1186 u16 keylen;
1187 u8 key[64]; /* the key (keylen bytes) */
1188 u16 keyattrlen;
1189 u8 keyattr[32];
1190 u8 pad2[1];
1191 u8 vptype;
1192 u8 vp[32]; /* verification pattern */
1193 } ckb;
1194 } vud;
1195 struct {
1196 u16 len;
1197 } kb;
1198 } __packed * prepparm;
1199 int keytoklen = ((struct cipherkeytoken *)ckey)->len;
1200
1201 /* get already prepared memory for 2 cprbs with param block each */
1202 rc = alloc_and_prep_cprbmem(PARMBSIZE, &mem, &preqcblk, &prepcblk);
1203 if (rc)
1204 return rc;
1205
1206 /* fill request cprb struct */
1207 preqcblk->domain = domain;
1208
1209 /* fill request cprb param block with AU request */
1210 preqparm = (struct aureqparm *) preqcblk->req_parmb;
1211 memcpy(preqparm->subfunc_code, "AU", 2);
1212 preqparm->rule_array_len =
1213 sizeof(preqparm->rule_array_len)
1214 + sizeof(preqparm->rule_array);
1215 memcpy(preqparm->rule_array, "EXPT-SK ", 8);
1216 /* vud, tk blob */
1217 preqparm->vud.len = sizeof(preqparm->vud);
1218 preqparm->vud.tk_blob_len = sizeof(preqparm->vud.tk_blob)
1219 + 2 * sizeof(uint16_t);
1220 preqparm->vud.tk_blob_tag = 0x00C2;
1221 /* kb, cca token */
1222 preqparm->kb.len = keytoklen + 3 * sizeof(uint16_t);
1223 preqparm->kb.cca_key_token_len = keytoklen + 2 * sizeof(uint16_t);
1224 memcpy(preqparm->kb.cca_key_token, ckey, keytoklen);
1225 /* now fill length of param block into cprb */
1226 preqcblk->req_parml = sizeof(struct aureqparm) + keytoklen;
1227
1228 /* fill xcrb struct */
1229 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1230
1231 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1232 rc = _zcrypt_send_cprb(&xcrb);
1233 if (rc) {
1234 DEBUG_ERR(
1235 "%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1236 __func__, (int) cardnr, (int) domain, rc);
1237 goto out;
1238 }
1239
1240 /* check response returncode and reasoncode */
1241 if (prepcblk->ccp_rtcode != 0) {
1242 DEBUG_ERR(
1243 "%s unwrap secure key failure, card response %d/%d\n",
1244 __func__,
1245 (int) prepcblk->ccp_rtcode,
1246 (int) prepcblk->ccp_rscode);
1247 rc = -EIO;
1248 goto out;
1249 }
1250 if (prepcblk->ccp_rscode != 0) {
1251 DEBUG_WARN(
1252 "%s unwrap secure key warning, card response %d/%d\n",
1253 __func__,
1254 (int) prepcblk->ccp_rtcode,
1255 (int) prepcblk->ccp_rscode);
1256 }
1257
1258 /* process response cprb param block */
1259 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
1260 prepparm = (struct aurepparm *) prepcblk->rpl_parmb;
1261
1262 /* check the returned keyblock */
1263 if (prepparm->vud.ckb.version != 0x01) {
1264 DEBUG_ERR(
1265 "%s reply param keyblock version mismatch 0x%02x != 0x01\n",
1266 __func__, (int) prepparm->vud.ckb.version);
1267 rc = -EIO;
1268 goto out;
1269 }
1270 if (prepparm->vud.ckb.algo != 0x02) {
1271 DEBUG_ERR(
1272 "%s reply param keyblock algo mismatch 0x%02x != 0x02\n",
1273 __func__, (int) prepparm->vud.ckb.algo);
1274 rc = -EIO;
1275 goto out;
1276 }
1277
1278 /* copy the translated protected key */
1279 switch (prepparm->vud.ckb.keylen) {
1280 case 16+32:
1281 /* AES 128 protected key */
1282 if (protkeytype)
1283 *protkeytype = PKEY_KEYTYPE_AES_128;
1284 break;
1285 case 24+32:
1286 /* AES 192 protected key */
1287 if (protkeytype)
1288 *protkeytype = PKEY_KEYTYPE_AES_192;
1289 break;
1290 case 32+32:
1291 /* AES 256 protected key */
1292 if (protkeytype)
1293 *protkeytype = PKEY_KEYTYPE_AES_256;
1294 break;
1295 default:
1296 DEBUG_ERR("%s unknown/unsupported keylen %d\n",
1297 __func__, prepparm->vud.ckb.keylen);
1298 rc = -EIO;
1299 goto out;
1300 }
1301 memcpy(protkey, prepparm->vud.ckb.key, prepparm->vud.ckb.keylen);
1302 if (protkeylen)
1303 *protkeylen = prepparm->vud.ckb.keylen;
1304
1305out:
1306 free_cprbmem(mem, PARMBSIZE, 0);
1307 return rc;
1308}
1309EXPORT_SYMBOL(cca_cipher2protkey);
1310
1311/*
1312 * query cryptographic facility from CCA adapter
1313 */
1314int cca_query_crypto_facility(u16 cardnr, u16 domain,
1315 const char *keyword,
1316 u8 *rarray, size_t *rarraylen,
1317 u8 *varray, size_t *varraylen)
1318{
1319 int rc;
1320 u16 len;
1321 u8 *mem, *ptr;
1322 struct CPRBX *preqcblk, *prepcblk;
1323 struct ica_xcRB xcrb;
1324 struct fqreqparm {
1325 u8 subfunc_code[2];
1326 u16 rule_array_len;
1327 char rule_array[8];
1328 struct lv1 {
1329 u16 len;
1330 u8 data[VARDATASIZE];
1331 } lv1;
1332 u16 dummylen;
1333 } __packed * preqparm;
1334 size_t parmbsize = sizeof(struct fqreqparm);
1335 struct fqrepparm {
1336 u8 subfunc_code[2];
1337 u8 lvdata[0];
1338 } __packed * prepparm;
1339
1340 /* get already prepared memory for 2 cprbs with param block each */
1341 rc = alloc_and_prep_cprbmem(parmbsize, &mem, &preqcblk, &prepcblk);
1342 if (rc)
1343 return rc;
1344
1345 /* fill request cprb struct */
1346 preqcblk->domain = domain;
1347
1348 /* fill request cprb param block with FQ request */
1349 preqparm = (struct fqreqparm *) preqcblk->req_parmb;
1350 memcpy(preqparm->subfunc_code, "FQ", 2);
1351 memcpy(preqparm->rule_array, keyword, sizeof(preqparm->rule_array));
1352 preqparm->rule_array_len =
1353 sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array);
1354 preqparm->lv1.len = sizeof(preqparm->lv1);
1355 preqparm->dummylen = sizeof(preqparm->dummylen);
1356 preqcblk->req_parml = parmbsize;
1357
1358 /* fill xcrb struct */
1359 prep_xcrb(&xcrb, cardnr, preqcblk, prepcblk);
1360
1361 /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
1362 rc = _zcrypt_send_cprb(&xcrb);
1363 if (rc) {
1364 DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
1365 __func__, (int) cardnr, (int) domain, rc);
1366 goto out;
1367 }
1368
1369 /* check response returncode and reasoncode */
1370 if (prepcblk->ccp_rtcode != 0) {
1371 DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n",
1372 __func__,
1373 (int) prepcblk->ccp_rtcode,
1374 (int) prepcblk->ccp_rscode);
1375 rc = -EIO;
1376 goto out;
1377 }
1378
1379 /* process response cprb param block */
1380 prepcblk->rpl_parmb = ((u8 *) prepcblk) + sizeof(struct CPRBX);
1381 prepparm = (struct fqrepparm *) prepcblk->rpl_parmb;
1382 ptr = prepparm->lvdata;
1383
1384 /* check and possibly copy reply rule array */
1385 len = *((u16 *) ptr);
1386 if (len > sizeof(u16)) {
1387 ptr += sizeof(u16);
1388 len -= sizeof(u16);
1389 if (rarray && rarraylen && *rarraylen > 0) {
1390 *rarraylen = (len > *rarraylen ? *rarraylen : len);
1391 memcpy(rarray, ptr, *rarraylen);
1392 }
1393 ptr += len;
1394 }
1395 /* check and possible copy reply var array */
1396 len = *((u16 *) ptr);
1397 if (len > sizeof(u16)) {
1398 ptr += sizeof(u16);
1399 len -= sizeof(u16);
1400 if (varray && varraylen && *varraylen > 0) {
1401 *varraylen = (len > *varraylen ? *varraylen : len);
1402 memcpy(varray, ptr, *varraylen);
1403 }
1404 ptr += len;
1405 }
1406
1407out:
1408 free_cprbmem(mem, parmbsize, 0);
1409 return rc;
1410}
1411EXPORT_SYMBOL(cca_query_crypto_facility);
1412
1413static int cca_info_cache_fetch(u16 cardnr, u16 domain, struct cca_info *ci)
1414{
1415 int rc = -ENOENT;
1416 struct cca_info_list_entry *ptr;
1417
1418 spin_lock_bh(&cca_info_list_lock);
1419 list_for_each_entry(ptr, &cca_info_list, list) {
1420 if (ptr->cardnr == cardnr && ptr->domain == domain) {
1421 memcpy(ci, &ptr->info, sizeof(*ci));
1422 rc = 0;
1423 break;
1424 }
1425 }
1426 spin_unlock_bh(&cca_info_list_lock);
1427
1428 return rc;
1429}
1430
1431static void cca_info_cache_update(u16 cardnr, u16 domain,
1432 const struct cca_info *ci)
1433{
1434 int found = 0;
1435 struct cca_info_list_entry *ptr;
1436
1437 spin_lock_bh(&cca_info_list_lock);
1438 list_for_each_entry(ptr, &cca_info_list, list) {
1439 if (ptr->cardnr == cardnr &&
1440 ptr->domain == domain) {
1441 memcpy(&ptr->info, ci, sizeof(*ci));
1442 found = 1;
1443 break;
1444 }
1445 }
1446 if (!found) {
1447 ptr = kmalloc(sizeof(*ptr), GFP_ATOMIC);
1448 if (!ptr) {
1449 spin_unlock_bh(&cca_info_list_lock);
1450 return;
1451 }
1452 ptr->cardnr = cardnr;
1453 ptr->domain = domain;
1454 memcpy(&ptr->info, ci, sizeof(*ci));
1455 list_add(&ptr->list, &cca_info_list);
1456 }
1457 spin_unlock_bh(&cca_info_list_lock);
1458}
1459
1460static void cca_info_cache_scrub(u16 cardnr, u16 domain)
1461{
1462 struct cca_info_list_entry *ptr;
1463
1464 spin_lock_bh(&cca_info_list_lock);
1465 list_for_each_entry(ptr, &cca_info_list, list) {
1466 if (ptr->cardnr == cardnr &&
1467 ptr->domain == domain) {
1468 list_del(&ptr->list);
1469 kfree(ptr);
1470 break;
1471 }
1472 }
1473 spin_unlock_bh(&cca_info_list_lock);
1474}
1475
1476static void __exit mkvp_cache_free(void)
1477{
1478 struct cca_info_list_entry *ptr, *pnext;
1479
1480 spin_lock_bh(&cca_info_list_lock);
1481 list_for_each_entry_safe(ptr, pnext, &cca_info_list, list) {
1482 list_del(&ptr->list);
1483 kfree(ptr);
1484 }
1485 spin_unlock_bh(&cca_info_list_lock);
1486}
1487
1488/*
1489 * Fetch cca_info values via query_crypto_facility from adapter.
1490 */
1491static int fetch_cca_info(u16 cardnr, u16 domain, struct cca_info *ci)
1492{
1493 int rc, found = 0;
1494 size_t rlen, vlen;
1495 u8 *rarray, *varray, *pg;
1496 struct zcrypt_device_status_ext devstat;
1497
1498 memset(ci, 0, sizeof(*ci));
1499
1500 /* get first info from zcrypt device driver about this apqn */
1501 rc = zcrypt_device_status_ext(cardnr, domain, &devstat);
1502 if (rc)
1503 return rc;
1504 ci->hwtype = devstat.hwtype;
1505
1506 /* prep page for rule array and var array use */
1507 pg = (u8 *) __get_free_page(GFP_KERNEL);
1508 if (!pg)
1509 return -ENOMEM;
1510 rarray = pg;
1511 varray = pg + PAGE_SIZE/2;
1512 rlen = vlen = PAGE_SIZE/2;
1513
1514 /* QF for this card/domain */
1515 rc = cca_query_crypto_facility(cardnr, domain, "STATICSA",
1516 rarray, &rlen, varray, &vlen);
1517 if (rc == 0 && rlen >= 10*8 && vlen >= 204) {
1518 memcpy(ci->serial, rarray, 8);
1519 ci->new_mk_state = (char) rarray[7*8];
1520 ci->cur_mk_state = (char) rarray[8*8];
1521 ci->old_mk_state = (char) rarray[9*8];
1522 if (ci->old_mk_state == '2')
1523 memcpy(&ci->old_mkvp, varray + 172, 8);
1524 if (ci->cur_mk_state == '2')
1525 memcpy(&ci->cur_mkvp, varray + 184, 8);
1526 if (ci->new_mk_state == '3')
1527 memcpy(&ci->new_mkvp, varray + 196, 8);
1528 found = 1;
1529 }
1530
1531 free_page((unsigned long) pg);
1532
1533 return found ? 0 : -ENOENT;
1534}
1535
1536/*
1537 * Fetch cca information about a CCA queue.
1538 */
1539int cca_get_info(u16 card, u16 dom, struct cca_info *ci, int verify)
1540{
1541 int rc;
1542
1543 rc = cca_info_cache_fetch(card, dom, ci);
1544 if (rc || verify) {
1545 rc = fetch_cca_info(card, dom, ci);
1546 if (rc == 0)
1547 cca_info_cache_update(card, dom, ci);
1548 }
1549
1550 return rc;
1551}
1552EXPORT_SYMBOL(cca_get_info);
1553
1554/*
1555 * Search for a matching crypto card based on the
1556 * Master Key Verification Pattern given.
1557 */
1558static int findcard(u64 mkvp, u16 *pcardnr, u16 *pdomain,
1559 int verify, int minhwtype)
1560{
1561 struct zcrypt_device_status_ext *device_status;
1562 u16 card, dom;
1563 struct cca_info ci;
1564 int i, rc, oi = -1;
1565
1566 /* mkvp must not be zero, minhwtype needs to be >= 0 */
1567 if (mkvp == 0 || minhwtype < 0)
1568 return -EINVAL;
1569
1570 /* fetch status of all crypto cards */
1571 device_status = kmalloc_array(MAX_ZDEV_ENTRIES_EXT,
1572 sizeof(struct zcrypt_device_status_ext),
1573 GFP_KERNEL);
1574 if (!device_status)
1575 return -ENOMEM;
1576 zcrypt_device_status_mask_ext(device_status);
1577
1578 /* walk through all crypto cards */
1579 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1580 card = AP_QID_CARD(device_status[i].qid);
1581 dom = AP_QID_QUEUE(device_status[i].qid);
1582 if (device_status[i].online &&
1583 device_status[i].functions & 0x04) {
1584 /* enabled CCA card, check current mkvp from cache */
1585 if (cca_info_cache_fetch(card, dom, &ci) == 0 &&
1586 ci.hwtype >= minhwtype &&
1587 ci.cur_mk_state == '2' &&
1588 ci.cur_mkvp == mkvp) {
1589 if (!verify)
1590 break;
1591 /* verify: refresh card info */
1592 if (fetch_cca_info(card, dom, &ci) == 0) {
1593 cca_info_cache_update(card, dom, &ci);
1594 if (ci.hwtype >= minhwtype &&
1595 ci.cur_mk_state == '2' &&
1596 ci.cur_mkvp == mkvp)
1597 break;
1598 }
1599 }
1600 } else {
1601 /* Card is offline and/or not a CCA card. */
1602 /* del mkvp entry from cache if it exists */
1603 cca_info_cache_scrub(card, dom);
1604 }
1605 }
1606 if (i >= MAX_ZDEV_ENTRIES_EXT) {
1607 /* nothing found, so this time without cache */
1608 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1609 if (!(device_status[i].online &&
1610 device_status[i].functions & 0x04))
1611 continue;
1612 card = AP_QID_CARD(device_status[i].qid);
1613 dom = AP_QID_QUEUE(device_status[i].qid);
1614 /* fresh fetch mkvp from adapter */
1615 if (fetch_cca_info(card, dom, &ci) == 0) {
1616 cca_info_cache_update(card, dom, &ci);
1617 if (ci.hwtype >= minhwtype &&
1618 ci.cur_mk_state == '2' &&
1619 ci.cur_mkvp == mkvp)
1620 break;
1621 if (ci.hwtype >= minhwtype &&
1622 ci.old_mk_state == '2' &&
1623 ci.old_mkvp == mkvp &&
1624 oi < 0)
1625 oi = i;
1626 }
1627 }
1628 if (i >= MAX_ZDEV_ENTRIES_EXT && oi >= 0) {
1629 /* old mkvp matched, use this card then */
1630 card = AP_QID_CARD(device_status[oi].qid);
1631 dom = AP_QID_QUEUE(device_status[oi].qid);
1632 }
1633 }
1634 if (i < MAX_ZDEV_ENTRIES_EXT || oi >= 0) {
1635 if (pcardnr)
1636 *pcardnr = card;
1637 if (pdomain)
1638 *pdomain = dom;
1639 rc = (i < MAX_ZDEV_ENTRIES_EXT ? 0 : 1);
1640 } else
1641 rc = -ENODEV;
1642
1643 kfree(device_status);
1644 return rc;
1645}
1646
1647/*
1648 * Search for a matching crypto card based on the Master Key
1649 * Verification Pattern provided inside a secure key token.
1650 */
1651int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify)
1652{
1653 u64 mkvp;
1654 int minhwtype = 0;
1655 const struct keytoken_header *hdr = (struct keytoken_header *) key;
1656
1657 if (hdr->type != TOKTYPE_CCA_INTERNAL)
1658 return -EINVAL;
1659
1660 switch (hdr->version) {
1661 case TOKVER_CCA_AES:
1662 mkvp = ((struct secaeskeytoken *)key)->mkvp;
1663 break;
1664 case TOKVER_CCA_VLSC:
1665 mkvp = ((struct cipherkeytoken *)key)->mkvp0;
1666 minhwtype = AP_DEVICE_TYPE_CEX6;
1667 break;
1668 default:
1669 return -EINVAL;
1670 }
1671
1672 return findcard(mkvp, pcardnr, pdomain, verify, minhwtype);
1673}
1674EXPORT_SYMBOL(cca_findcard);
1675
1676int cca_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain,
1677 int minhwtype, u64 cur_mkvp, u64 old_mkvp, int verify)
1678{
1679 struct zcrypt_device_status_ext *device_status;
1680 int i, n, card, dom, curmatch, oldmatch, rc = 0;
1681 struct cca_info ci;
1682
1683 *apqns = NULL;
1684 *nr_apqns = 0;
1685
1686 /* fetch status of all crypto cards */
1687 device_status = kmalloc_array(MAX_ZDEV_ENTRIES_EXT,
1688 sizeof(struct zcrypt_device_status_ext),
1689 GFP_KERNEL);
1690 if (!device_status)
1691 return -ENOMEM;
1692 zcrypt_device_status_mask_ext(device_status);
1693
1694 /* loop two times: first gather eligible apqns, then store them */
1695 while (1) {
1696 n = 0;
1697 /* walk through all the crypto cards */
1698 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1699 card = AP_QID_CARD(device_status[i].qid);
1700 dom = AP_QID_QUEUE(device_status[i].qid);
1701 /* check online state */
1702 if (!device_status[i].online)
1703 continue;
1704 /* check for cca functions */
1705 if (!(device_status[i].functions & 0x04))
1706 continue;
1707 /* check cardnr */
1708 if (cardnr != 0xFFFF && card != cardnr)
1709 continue;
1710 /* check domain */
1711 if (domain != 0xFFFF && dom != domain)
1712 continue;
1713 /* get cca info on this apqn */
1714 if (cca_get_info(card, dom, &ci, verify))
1715 continue;
1716 /* current master key needs to be valid */
1717 if (ci.cur_mk_state != '2')
1718 continue;
1719 /* check min hardware type */
1720 if (minhwtype > 0 && minhwtype > ci.hwtype)
1721 continue;
1722 if (cur_mkvp || old_mkvp) {
1723 /* check mkvps */
1724 curmatch = oldmatch = 0;
1725 if (cur_mkvp && cur_mkvp == ci.cur_mkvp)
1726 curmatch = 1;
1727 if (old_mkvp && ci.old_mk_state == '2' &&
1728 old_mkvp == ci.old_mkvp)
1729 oldmatch = 1;
1730 if ((cur_mkvp || old_mkvp) &&
1731 (curmatch + oldmatch < 1))
1732 continue;
1733 }
1734 /* apqn passed all filtering criterons */
1735 if (*apqns && n < *nr_apqns)
1736 (*apqns)[n] = (((u16)card) << 16) | ((u16) dom);
1737 n++;
1738 }
1739 /* loop 2nd time: array has been filled */
1740 if (*apqns)
1741 break;
1742 /* loop 1st time: have # of eligible apqns in n */
1743 if (!n) {
1744 rc = -ENODEV; /* no eligible apqns found */
1745 break;
1746 }
1747 *nr_apqns = n;
1748 /* allocate array to store n apqns into */
1749 *apqns = kmalloc_array(n, sizeof(u32), GFP_KERNEL);
1750 if (!*apqns) {
1751 rc = -ENOMEM;
1752 break;
1753 }
1754 verify = 0;
1755 }
1756
1757 kfree(device_status);
1758 return rc;
1759}
1760EXPORT_SYMBOL(cca_findcard2);
1761
1762void __exit zcrypt_ccamisc_exit(void)
1763{
1764 mkvp_cache_free();
1765}