1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright IBM Corp. 2019
6 * Collection of EP11 misc functions used by zcrypt and pkey
9 #define KMSG_COMPONENT "zcrypt"
10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
12 #include <linux/init.h>
13 #include <linux/module.h>
14 #include <linux/slab.h>
15 #include <linux/random.h>
16 #include <asm/zcrypt.h>
18 #include <crypto/aes.h>
21 #include "zcrypt_api.h"
22 #include "zcrypt_debug.h"
23 #include "zcrypt_msgtype6.h"
24 #include "zcrypt_ep11misc.h"
25 #include "zcrypt_ccamisc.h"
27 #define DEBUG_DBG(...) ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__)
28 #define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__)
29 #define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__)
30 #define DEBUG_ERR(...) ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__)
32 #define EP11_PINBLOB_V1_BYTES 56
34 /* default iv used here */
35 static const u8 def_iv[16] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
36 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff };
38 /* ep11 card info cache */
39 struct card_list_entry {
40 struct list_head list;
42 struct ep11_card_info info;
44 static LIST_HEAD(card_list);
45 static DEFINE_SPINLOCK(card_list_lock);
47 static int card_cache_fetch(u16 cardnr, struct ep11_card_info *ci)
50 struct card_list_entry *ptr;
52 spin_lock_bh(&card_list_lock);
53 list_for_each_entry(ptr, &card_list, list) {
54 if (ptr->cardnr == cardnr) {
55 memcpy(ci, &ptr->info, sizeof(*ci));
60 spin_unlock_bh(&card_list_lock);
65 static void card_cache_update(u16 cardnr, const struct ep11_card_info *ci)
68 struct card_list_entry *ptr;
70 spin_lock_bh(&card_list_lock);
71 list_for_each_entry(ptr, &card_list, list) {
72 if (ptr->cardnr == cardnr) {
73 memcpy(&ptr->info, ci, sizeof(*ci));
79 ptr = kmalloc(sizeof(*ptr), GFP_ATOMIC);
81 spin_unlock_bh(&card_list_lock);
85 memcpy(&ptr->info, ci, sizeof(*ci));
86 list_add(&ptr->list, &card_list);
88 spin_unlock_bh(&card_list_lock);
91 static void card_cache_scrub(u16 cardnr)
93 struct card_list_entry *ptr;
95 spin_lock_bh(&card_list_lock);
96 list_for_each_entry(ptr, &card_list, list) {
97 if (ptr->cardnr == cardnr) {
103 spin_unlock_bh(&card_list_lock);
106 static void __exit card_cache_free(void)
108 struct card_list_entry *ptr, *pnext;
110 spin_lock_bh(&card_list_lock);
111 list_for_each_entry_safe(ptr, pnext, &card_list, list) {
112 list_del(&ptr->list);
115 spin_unlock_bh(&card_list_lock);
118 static int ep11_kb_split(const u8 *kb, size_t kblen, u32 kbver,
119 struct ep11kblob_header **kbhdr, size_t *kbhdrsize,
120 u8 **kbpl, size_t *kbplsize)
122 struct ep11kblob_header *hdr = NULL;
123 size_t hdrsize, plsize = 0;
127 if (kblen < sizeof(struct ep11kblob_header))
129 hdr = (struct ep11kblob_header *)kb;
132 case TOKVER_EP11_AES:
133 /* header overlays the payload */
136 case TOKVER_EP11_ECC_WITH_HEADER:
137 case TOKVER_EP11_AES_WITH_HEADER:
138 /* payload starts after the header */
139 hdrsize = sizeof(struct ep11kblob_header);
145 plsize = kblen - hdrsize;
146 pl = (u8 *)kb + hdrsize;
151 *kbhdrsize = hdrsize;
162 static int ep11_kb_decode(const u8 *kb, size_t kblen,
163 struct ep11kblob_header **kbhdr, size_t *kbhdrsize,
164 struct ep11keyblob **kbpl, size_t *kbplsize)
166 struct ep11kblob_header *tmph, *hdr = NULL;
167 size_t hdrsize = 0, plsize = 0;
168 struct ep11keyblob *pl = NULL;
172 if (kblen < sizeof(struct ep11kblob_header))
174 tmph = (struct ep11kblob_header *)kb;
176 if (tmph->type != TOKTYPE_NON_CCA &&
180 if (ep11_kb_split(kb, kblen, tmph->version,
181 &hdr, &hdrsize, &tmpp, &plsize))
184 if (plsize < sizeof(struct ep11keyblob))
187 if (!is_ep11_keyblob(tmpp))
190 pl = (struct ep11keyblob *)tmpp;
191 plsize = hdr->len - hdrsize;
196 *kbhdrsize = hdrsize;
208 * For valid ep11 keyblobs, returns a reference to the wrappingkey verification
209 * pattern. Otherwise NULL.
211 const u8 *ep11_kb_wkvp(const u8 *keyblob, size_t keybloblen)
213 struct ep11keyblob *kb;
215 if (ep11_kb_decode(keyblob, keybloblen, NULL, NULL, &kb, NULL))
219 EXPORT_SYMBOL(ep11_kb_wkvp);
222 * Simple check if the key blob is a valid EP11 AES key blob with header.
224 int ep11_check_aes_key_with_hdr(debug_info_t *dbg, int dbflvl,
225 const u8 *key, size_t keylen, int checkcpacfexp)
227 struct ep11kblob_header *hdr = (struct ep11kblob_header *)key;
228 struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr));
230 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
232 if (keylen < sizeof(*hdr) + sizeof(*kb)) {
233 DBF("%s key check failed, keylen %zu < %zu\n",
234 __func__, keylen, sizeof(*hdr) + sizeof(*kb));
238 if (hdr->type != TOKTYPE_NON_CCA) {
240 DBF("%s key check failed, type 0x%02x != 0x%02x\n",
241 __func__, (int)hdr->type, TOKTYPE_NON_CCA);
244 if (hdr->hver != 0x00) {
246 DBF("%s key check failed, header version 0x%02x != 0x00\n",
247 __func__, (int)hdr->hver);
250 if (hdr->version != TOKVER_EP11_AES_WITH_HEADER) {
252 DBF("%s key check failed, version 0x%02x != 0x%02x\n",
253 __func__, (int)hdr->version, TOKVER_EP11_AES_WITH_HEADER);
256 if (hdr->len > keylen) {
258 DBF("%s key check failed, header len %d keylen %zu mismatch\n",
259 __func__, (int)hdr->len, keylen);
262 if (hdr->len < sizeof(*hdr) + sizeof(*kb)) {
264 DBF("%s key check failed, header len %d < %zu\n",
265 __func__, (int)hdr->len, sizeof(*hdr) + sizeof(*kb));
269 if (kb->version != EP11_STRUCT_MAGIC) {
271 DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
272 __func__, (int)kb->version, EP11_STRUCT_MAGIC);
275 if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
277 DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
286 EXPORT_SYMBOL(ep11_check_aes_key_with_hdr);
289 * Simple check if the key blob is a valid EP11 ECC key blob with header.
291 int ep11_check_ecc_key_with_hdr(debug_info_t *dbg, int dbflvl,
292 const u8 *key, size_t keylen, int checkcpacfexp)
294 struct ep11kblob_header *hdr = (struct ep11kblob_header *)key;
295 struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr));
297 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
299 if (keylen < sizeof(*hdr) + sizeof(*kb)) {
300 DBF("%s key check failed, keylen %zu < %zu\n",
301 __func__, keylen, sizeof(*hdr) + sizeof(*kb));
305 if (hdr->type != TOKTYPE_NON_CCA) {
307 DBF("%s key check failed, type 0x%02x != 0x%02x\n",
308 __func__, (int)hdr->type, TOKTYPE_NON_CCA);
311 if (hdr->hver != 0x00) {
313 DBF("%s key check failed, header version 0x%02x != 0x00\n",
314 __func__, (int)hdr->hver);
317 if (hdr->version != TOKVER_EP11_ECC_WITH_HEADER) {
319 DBF("%s key check failed, version 0x%02x != 0x%02x\n",
320 __func__, (int)hdr->version, TOKVER_EP11_ECC_WITH_HEADER);
323 if (hdr->len > keylen) {
325 DBF("%s key check failed, header len %d keylen %zu mismatch\n",
326 __func__, (int)hdr->len, keylen);
329 if (hdr->len < sizeof(*hdr) + sizeof(*kb)) {
331 DBF("%s key check failed, header len %d < %zu\n",
332 __func__, (int)hdr->len, sizeof(*hdr) + sizeof(*kb));
336 if (kb->version != EP11_STRUCT_MAGIC) {
338 DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
339 __func__, (int)kb->version, EP11_STRUCT_MAGIC);
342 if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
344 DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
353 EXPORT_SYMBOL(ep11_check_ecc_key_with_hdr);
356 * Simple check if the key blob is a valid EP11 AES key blob with
357 * the header in the session field (old style EP11 AES key).
359 int ep11_check_aes_key(debug_info_t *dbg, int dbflvl,
360 const u8 *key, size_t keylen, int checkcpacfexp)
362 struct ep11keyblob *kb = (struct ep11keyblob *)key;
364 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
366 if (keylen < sizeof(*kb)) {
367 DBF("%s key check failed, keylen %zu < %zu\n",
368 __func__, keylen, sizeof(*kb));
372 if (kb->head.type != TOKTYPE_NON_CCA) {
374 DBF("%s key check failed, type 0x%02x != 0x%02x\n",
375 __func__, (int)kb->head.type, TOKTYPE_NON_CCA);
378 if (kb->head.version != TOKVER_EP11_AES) {
380 DBF("%s key check failed, version 0x%02x != 0x%02x\n",
381 __func__, (int)kb->head.version, TOKVER_EP11_AES);
384 if (kb->head.len > keylen) {
386 DBF("%s key check failed, header len %d keylen %zu mismatch\n",
387 __func__, (int)kb->head.len, keylen);
390 if (kb->head.len < sizeof(*kb)) {
392 DBF("%s key check failed, header len %d < %zu\n",
393 __func__, (int)kb->head.len, sizeof(*kb));
397 if (kb->version != EP11_STRUCT_MAGIC) {
399 DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
400 __func__, (int)kb->version, EP11_STRUCT_MAGIC);
403 if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
405 DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
414 EXPORT_SYMBOL(ep11_check_aes_key);
417 * Allocate and prepare ep11 cprb plus additional payload.
419 static inline struct ep11_cprb *alloc_cprb(size_t payload_len)
421 size_t len = sizeof(struct ep11_cprb) + payload_len;
422 struct ep11_cprb *cprb;
424 cprb = kzalloc(len, GFP_KERNEL);
428 cprb->cprb_len = sizeof(struct ep11_cprb);
429 cprb->cprb_ver_id = 0x04;
430 memcpy(cprb->func_id, "T4", 2);
431 cprb->ret_code = 0xFFFFFFFF;
432 cprb->payload_len = payload_len;
438 * Some helper functions related to ASN1 encoding.
439 * Limited to length info <= 2 byte.
442 #define ASN1TAGLEN(x) (2 + (x) + ((x) > 127 ? 1 : 0) + ((x) > 255 ? 1 : 0))
444 static int asn1tag_write(u8 *ptr, u8 tag, const u8 *pvalue, u16 valuelen)
447 if (valuelen > 255) {
449 *((u16 *)(ptr + 2)) = valuelen;
450 memcpy(ptr + 4, pvalue, valuelen);
453 if (valuelen > 127) {
455 ptr[2] = (u8)valuelen;
456 memcpy(ptr + 3, pvalue, valuelen);
459 ptr[1] = (u8)valuelen;
460 memcpy(ptr + 2, pvalue, valuelen);
464 /* EP11 payload > 127 bytes starts with this struct */
477 /* prep ep11 payload head helper function */
478 static inline void prep_head(struct pl_head *h,
479 size_t pl_size, int api, int func)
483 h->len = pl_size - 4;
485 h->func_len = sizeof(u32);
486 h->func = (api << 16) + func;
488 h->dom_len = sizeof(u32);
491 /* prep urb helper function */
492 static inline void prep_urb(struct ep11_urb *u,
493 struct ep11_target_dev *t, int nt,
494 struct ep11_cprb *req, size_t req_len,
495 struct ep11_cprb *rep, size_t rep_len)
497 u->targets = (u8 __user *)t;
499 u->req = (u8 __user *)req;
500 u->req_len = req_len;
501 u->resp = (u8 __user *)rep;
502 u->resp_len = rep_len;
505 /* Check ep11 reply payload, return 0 or suggested errno value. */
506 static int check_reply_pl(const u8 *pl, const char *func)
513 DEBUG_ERR("%s reply start tag mismatch\n", func);
517 /* payload length format */
521 } else if (*pl == 0x81) {
525 } else if (*pl == 0x82) {
530 DEBUG_ERR("%s reply start tag lenfmt mismatch 0x%02hhx\n",
535 /* len should cover at least 3 fields with 32 bit value each */
537 DEBUG_ERR("%s reply length %d too small\n", func, len);
541 /* function tag, length and value */
542 if (pl[0] != 0x04 || pl[1] != 0x04) {
543 DEBUG_ERR("%s function tag or length mismatch\n", func);
548 /* dom tag, length and value */
549 if (pl[0] != 0x04 || pl[1] != 0x04) {
550 DEBUG_ERR("%s dom tag or length mismatch\n", func);
555 /* return value tag, length and value */
556 if (pl[0] != 0x04 || pl[1] != 0x04) {
557 DEBUG_ERR("%s return value tag or length mismatch\n", func);
563 DEBUG_ERR("%s return value 0x%04x != 0\n", func, ret);
571 * Helper function which does an ep11 query with given query type.
573 static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type,
574 size_t buflen, u8 *buf)
576 struct ep11_info_req_pl {
581 u8 query_subtype_tag;
582 u8 query_subtype_len;
585 struct ep11_info_rep_pl {
594 struct ep11_cprb *req = NULL, *rep = NULL;
595 struct ep11_target_dev target;
596 struct ep11_urb *urb = NULL;
597 int api = EP11_API_V1, rc = -ENOMEM;
599 /* request cprb and payload */
600 req = alloc_cprb(sizeof(struct ep11_info_req_pl));
603 req_pl = (struct ep11_info_req_pl *)(((u8 *)req) + sizeof(*req));
604 prep_head(&req_pl->head, sizeof(*req_pl), api, 38); /* get xcp info */
605 req_pl->query_type_tag = 0x04;
606 req_pl->query_type_len = sizeof(u32);
607 req_pl->query_type = query_type;
608 req_pl->query_subtype_tag = 0x04;
609 req_pl->query_subtype_len = sizeof(u32);
611 /* reply cprb and payload */
612 rep = alloc_cprb(sizeof(struct ep11_info_rep_pl) + buflen);
615 rep_pl = (struct ep11_info_rep_pl *)(((u8 *)rep) + sizeof(*rep));
618 urb = kmalloc(sizeof(*urb), GFP_KERNEL);
621 target.ap_id = cardnr;
622 target.dom_id = domain;
623 prep_urb(urb, &target, 1,
624 req, sizeof(*req) + sizeof(*req_pl),
625 rep, sizeof(*rep) + sizeof(*rep_pl) + buflen);
627 rc = zcrypt_send_ep11_cprb(urb);
630 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
631 __func__, (int)cardnr, (int)domain, rc);
635 rc = check_reply_pl((u8 *)rep_pl, __func__);
638 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
639 DEBUG_ERR("%s unknown reply data format\n", __func__);
643 if (rep_pl->data_len > buflen) {
644 DEBUG_ERR("%s mismatch between reply data len and buffer len\n",
650 memcpy(buf, ((u8 *)rep_pl) + sizeof(*rep_pl), rep_pl->data_len);
660 * Provide information about an EP11 card.
662 int ep11_get_card_info(u16 card, struct ep11_card_info *info, int verify)
665 struct ep11_module_query_info {
673 u8 xcp_config_hash[32];
674 u8 CSP_config_hash[32];
676 u8 module_date_time[16];
682 u32 digest_state_bytes;
685 u32 priv_key_blob_bytes;
687 u32 max_payload_bytes;
688 u32 CP_profile_bytes;
690 } __packed * pmqi = NULL;
692 rc = card_cache_fetch(card, info);
694 pmqi = kmalloc(sizeof(*pmqi), GFP_KERNEL);
697 rc = ep11_query_info(card, AUTOSEL_DOM,
698 0x01 /* module info query */,
699 sizeof(*pmqi), (u8 *)pmqi);
702 card_cache_scrub(card);
705 memset(info, 0, sizeof(*info));
706 info->API_ord_nr = pmqi->API_ord_nr;
708 (pmqi->FW_major_vers << 8) + pmqi->FW_minor_vers;
709 memcpy(info->serial, pmqi->serial, sizeof(info->serial));
710 info->op_mode = pmqi->op_mode;
711 card_cache_update(card, info);
718 EXPORT_SYMBOL(ep11_get_card_info);
721 * Provide information about a domain within an EP11 card.
723 int ep11_get_domain_info(u16 card, u16 domain, struct ep11_domain_info *info)
726 struct ep11_domain_query_info {
732 } __packed * p_dom_info;
734 p_dom_info = kmalloc(sizeof(*p_dom_info), GFP_KERNEL);
738 rc = ep11_query_info(card, domain, 0x03 /* domain info query */,
739 sizeof(*p_dom_info), (u8 *)p_dom_info);
743 memset(info, 0, sizeof(*info));
744 info->cur_wk_state = '0';
745 info->new_wk_state = '0';
746 if (p_dom_info->dom_flags & 0x10 /* left imprint mode */) {
747 if (p_dom_info->dom_flags & 0x02 /* cur wk valid */) {
748 info->cur_wk_state = '1';
749 memcpy(info->cur_wkvp, p_dom_info->cur_WK_VP, 32);
751 if (p_dom_info->dom_flags & 0x04 || /* new wk present */
752 p_dom_info->dom_flags & 0x08 /* new wk committed */) {
754 p_dom_info->dom_flags & 0x08 ? '2' : '1';
755 memcpy(info->new_wkvp, p_dom_info->new_WK_VP, 32);
758 info->op_mode = p_dom_info->op_mode;
764 EXPORT_SYMBOL(ep11_get_domain_info);
767 * Default EP11 AES key generate attributes, used when no keygenflags given:
768 * XCP_BLOB_ENCRYPT | XCP_BLOB_DECRYPT | XCP_BLOB_PROTKEY_EXTRACTABLE
770 #define KEY_ATTR_DEFAULTS 0x00200c00
772 static int _ep11_genaeskey(u16 card, u16 domain,
773 u32 keybitsize, u32 keygenflags,
774 u8 *keybuf, size_t *keybufsize)
776 struct keygen_req_pl {
792 u32 attr_val_len_type;
793 u32 attr_val_len_value;
794 /* followed by empty pin tag or empty pinblob tag */
796 struct keygen_rep_pl {
806 struct ep11_cprb *req = NULL, *rep = NULL;
807 size_t req_pl_size, pinblob_size = 0;
808 struct ep11_target_dev target;
809 struct ep11_urb *urb = NULL;
810 int api, rc = -ENOMEM;
813 switch (keybitsize) {
820 "%s unknown/unsupported keybitsize %d\n",
821 __func__, keybitsize);
826 /* request cprb and payload */
827 api = (!keygenflags || keygenflags & 0x00200000) ?
828 EP11_API_V4 : EP11_API_V1;
829 if (ap_is_se_guest()) {
831 * genkey within SE environment requires API ordinal 6
835 pinblob_size = EP11_PINBLOB_V1_BYTES;
837 req_pl_size = sizeof(struct keygen_req_pl) + ASN1TAGLEN(pinblob_size);
838 req = alloc_cprb(req_pl_size);
841 req_pl = (struct keygen_req_pl *)(((u8 *)req) + sizeof(*req));
842 prep_head(&req_pl->head, req_pl_size, api, 21); /* GenerateKey */
843 req_pl->var_tag = 0x04;
844 req_pl->var_len = sizeof(u32);
845 req_pl->keybytes_tag = 0x04;
846 req_pl->keybytes_len = sizeof(u32);
847 req_pl->keybytes = keybitsize / 8;
848 req_pl->mech_tag = 0x04;
849 req_pl->mech_len = sizeof(u32);
850 req_pl->mech = 0x00001080; /* CKM_AES_KEY_GEN */
851 req_pl->attr_tag = 0x04;
852 req_pl->attr_len = 5 * sizeof(u32);
853 req_pl->attr_header = 0x10010000;
854 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
855 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
856 req_pl->attr_val_len_type = 0x00000161; /* CKA_VALUE_LEN */
857 req_pl->attr_val_len_value = keybitsize / 8;
858 p = ((u8 *)req_pl) + sizeof(*req_pl);
863 /* reply cprb and payload */
864 rep = alloc_cprb(sizeof(struct keygen_rep_pl));
867 rep_pl = (struct keygen_rep_pl *)(((u8 *)rep) + sizeof(*rep));
870 urb = kmalloc(sizeof(*urb), GFP_KERNEL);
874 target.dom_id = domain;
875 prep_urb(urb, &target, 1,
876 req, sizeof(*req) + req_pl_size,
877 rep, sizeof(*rep) + sizeof(*rep_pl));
879 rc = zcrypt_send_ep11_cprb(urb);
882 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
883 __func__, (int)card, (int)domain, rc);
887 rc = check_reply_pl((u8 *)rep_pl, __func__);
890 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
891 DEBUG_ERR("%s unknown reply data format\n", __func__);
895 if (rep_pl->data_len > *keybufsize) {
896 DEBUG_ERR("%s mismatch reply data len / key buffer len\n",
903 memcpy(keybuf, rep_pl->data, rep_pl->data_len);
904 *keybufsize = rep_pl->data_len;
913 int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
914 u8 *keybuf, size_t *keybufsize, u32 keybufver)
916 struct ep11kblob_header *hdr;
917 size_t hdr_size, pl_size;
922 case TOKVER_EP11_AES:
923 case TOKVER_EP11_AES_WITH_HEADER:
929 rc = ep11_kb_split(keybuf, *keybufsize, keybufver,
930 &hdr, &hdr_size, &pl, &pl_size);
934 rc = _ep11_genaeskey(card, domain, keybitsize, keygenflags,
939 *keybufsize = hdr_size + pl_size;
941 /* update header information */
942 hdr->type = TOKTYPE_NON_CCA;
943 hdr->len = *keybufsize;
944 hdr->version = keybufver;
945 hdr->bitlen = keybitsize;
949 EXPORT_SYMBOL(ep11_genaeskey);
951 static int ep11_cryptsingle(u16 card, u16 domain,
952 u16 mode, u32 mech, const u8 *iv,
953 const u8 *key, size_t keysize,
954 const u8 *inbuf, size_t inbufsize,
955 u8 *outbuf, size_t *outbufsize)
957 struct crypt_req_pl {
966 * maybe followed by iv data
967 * followed by key tag + key blob
968 * followed by plaintext tag + plaintext
971 struct crypt_rep_pl {
980 struct ep11_cprb *req = NULL, *rep = NULL;
981 struct ep11_target_dev target;
982 struct ep11_urb *urb = NULL;
983 size_t req_pl_size, rep_pl_size;
984 int n, api = EP11_API_V1, rc = -ENOMEM;
987 /* the simple asn1 coding used has length limits */
988 if (keysize > 0xFFFF || inbufsize > 0xFFFF)
991 /* request cprb and payload */
992 req_pl_size = sizeof(struct crypt_req_pl) + (iv ? 16 : 0)
993 + ASN1TAGLEN(keysize) + ASN1TAGLEN(inbufsize);
994 req = alloc_cprb(req_pl_size);
997 req_pl = (struct crypt_req_pl *)(((u8 *)req) + sizeof(*req));
998 prep_head(&req_pl->head, req_pl_size, api, (mode ? 20 : 19));
999 req_pl->var_tag = 0x04;
1000 req_pl->var_len = sizeof(u32);
1001 /* mech is mech + mech params (iv here) */
1002 req_pl->mech_tag = 0x04;
1003 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1004 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */
1005 p = ((u8 *)req_pl) + sizeof(*req_pl);
1010 /* key and input data */
1011 p += asn1tag_write(p, 0x04, key, keysize);
1012 p += asn1tag_write(p, 0x04, inbuf, inbufsize);
1014 /* reply cprb and payload, assume out data size <= in data size + 32 */
1015 rep_pl_size = sizeof(struct crypt_rep_pl) + ASN1TAGLEN(inbufsize + 32);
1016 rep = alloc_cprb(rep_pl_size);
1019 rep_pl = (struct crypt_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1021 /* urb and target */
1022 urb = kmalloc(sizeof(*urb), GFP_KERNEL);
1025 target.ap_id = card;
1026 target.dom_id = domain;
1027 prep_urb(urb, &target, 1,
1028 req, sizeof(*req) + req_pl_size,
1029 rep, sizeof(*rep) + rep_pl_size);
1031 rc = zcrypt_send_ep11_cprb(urb);
1034 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1035 __func__, (int)card, (int)domain, rc);
1039 rc = check_reply_pl((u8 *)rep_pl, __func__);
1042 if (rep_pl->data_tag != 0x04) {
1043 DEBUG_ERR("%s unknown reply data format\n", __func__);
1047 p = ((u8 *)rep_pl) + sizeof(*rep_pl);
1048 if (rep_pl->data_lenfmt <= 127) {
1049 n = rep_pl->data_lenfmt;
1050 } else if (rep_pl->data_lenfmt == 0x81) {
1052 } else if (rep_pl->data_lenfmt == 0x82) {
1056 DEBUG_ERR("%s unknown reply data length format 0x%02hhx\n",
1057 __func__, rep_pl->data_lenfmt);
1061 if (n > *outbufsize) {
1062 DEBUG_ERR("%s mismatch reply data len %d / output buffer %zu\n",
1063 __func__, n, *outbufsize);
1068 memcpy(outbuf, p, n);
1078 static int _ep11_unwrapkey(u16 card, u16 domain,
1079 const u8 *kek, size_t keksize,
1080 const u8 *enckey, size_t enckeysize,
1081 u32 mech, const u8 *iv,
1082 u32 keybitsize, u32 keygenflags,
1083 u8 *keybuf, size_t *keybufsize)
1086 struct pl_head head;
1093 u32 attr_key_type_value;
1095 u32 attr_val_len_value;
1100 * maybe followed by iv data
1101 * followed by kek tag + kek blob
1102 * followed by empty mac tag
1103 * followed by empty pin tag or empty pinblob tag
1104 * followed by encryted key tag + bytes
1106 } __packed * req_pl;
1108 struct pl_head head;
1116 } __packed * rep_pl;
1117 struct ep11_cprb *req = NULL, *rep = NULL;
1118 size_t req_pl_size, pinblob_size = 0;
1119 struct ep11_target_dev target;
1120 struct ep11_urb *urb = NULL;
1121 int api, rc = -ENOMEM;
1124 /* request cprb and payload */
1125 api = (!keygenflags || keygenflags & 0x00200000) ?
1126 EP11_API_V4 : EP11_API_V1;
1127 if (ap_is_se_guest()) {
1129 * unwrap within SE environment requires API ordinal 6
1130 * with empty pinblob
1133 pinblob_size = EP11_PINBLOB_V1_BYTES;
1135 req_pl_size = sizeof(struct uw_req_pl) + (iv ? 16 : 0)
1136 + ASN1TAGLEN(keksize) + ASN1TAGLEN(0)
1137 + ASN1TAGLEN(pinblob_size) + ASN1TAGLEN(enckeysize);
1138 req = alloc_cprb(req_pl_size);
1141 req_pl = (struct uw_req_pl *)(((u8 *)req) + sizeof(*req));
1142 prep_head(&req_pl->head, req_pl_size, api, 34); /* UnwrapKey */
1143 req_pl->attr_tag = 0x04;
1144 req_pl->attr_len = 7 * sizeof(u32);
1145 req_pl->attr_header = 0x10020000;
1146 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
1147 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
1148 req_pl->attr_key_type = 0x00000100; /* CKA_KEY_TYPE */
1149 req_pl->attr_key_type_value = 0x0000001f; /* CKK_AES */
1150 req_pl->attr_val_len = 0x00000161; /* CKA_VALUE_LEN */
1151 req_pl->attr_val_len_value = keybitsize / 8;
1152 /* mech is mech + mech params (iv here) */
1153 req_pl->mech_tag = 0x04;
1154 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1155 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */
1156 p = ((u8 *)req_pl) + sizeof(*req_pl);
1162 p += asn1tag_write(p, 0x04, kek, keksize);
1163 /* empty mac key tag */
1168 *p++ = pinblob_size;
1170 /* encrypted key value tag and bytes */
1171 p += asn1tag_write(p, 0x04, enckey, enckeysize);
1173 /* reply cprb and payload */
1174 rep = alloc_cprb(sizeof(struct uw_rep_pl));
1177 rep_pl = (struct uw_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1179 /* urb and target */
1180 urb = kmalloc(sizeof(*urb), GFP_KERNEL);
1183 target.ap_id = card;
1184 target.dom_id = domain;
1185 prep_urb(urb, &target, 1,
1186 req, sizeof(*req) + req_pl_size,
1187 rep, sizeof(*rep) + sizeof(*rep_pl));
1189 rc = zcrypt_send_ep11_cprb(urb);
1192 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1193 __func__, (int)card, (int)domain, rc);
1197 rc = check_reply_pl((u8 *)rep_pl, __func__);
1200 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
1201 DEBUG_ERR("%s unknown reply data format\n", __func__);
1205 if (rep_pl->data_len > *keybufsize) {
1206 DEBUG_ERR("%s mismatch reply data len / key buffer len\n",
1213 memcpy(keybuf, rep_pl->data, rep_pl->data_len);
1214 *keybufsize = rep_pl->data_len;
1223 static int ep11_unwrapkey(u16 card, u16 domain,
1224 const u8 *kek, size_t keksize,
1225 const u8 *enckey, size_t enckeysize,
1226 u32 mech, const u8 *iv,
1227 u32 keybitsize, u32 keygenflags,
1228 u8 *keybuf, size_t *keybufsize,
1231 struct ep11kblob_header *hdr;
1232 size_t hdr_size, pl_size;
1236 rc = ep11_kb_split(keybuf, *keybufsize, keybufver,
1237 &hdr, &hdr_size, &pl, &pl_size);
1241 rc = _ep11_unwrapkey(card, domain, kek, keksize, enckey, enckeysize,
1242 mech, iv, keybitsize, keygenflags,
1247 *keybufsize = hdr_size + pl_size;
1249 /* update header information */
1250 hdr = (struct ep11kblob_header *)keybuf;
1251 hdr->type = TOKTYPE_NON_CCA;
1252 hdr->len = *keybufsize;
1253 hdr->version = keybufver;
1254 hdr->bitlen = keybitsize;
1259 static int _ep11_wrapkey(u16 card, u16 domain,
1260 const u8 *key, size_t keysize,
1261 u32 mech, const u8 *iv,
1262 u8 *databuf, size_t *datasize)
1265 struct pl_head head;
1273 * followed by iv data
1274 * followed by key tag + key blob
1275 * followed by dummy kek param
1276 * followed by dummy mac param
1278 } __packed * req_pl;
1280 struct pl_head head;
1288 } __packed * rep_pl;
1289 struct ep11_cprb *req = NULL, *rep = NULL;
1290 struct ep11_target_dev target;
1291 struct ep11_urb *urb = NULL;
1293 int api, rc = -ENOMEM;
1296 /* request cprb and payload */
1297 req_pl_size = sizeof(struct wk_req_pl) + (iv ? 16 : 0)
1298 + ASN1TAGLEN(keysize) + 4;
1299 req = alloc_cprb(req_pl_size);
1302 if (!mech || mech == 0x80060001)
1303 req->flags |= 0x20; /* CPACF_WRAP needs special bit */
1304 req_pl = (struct wk_req_pl *)(((u8 *)req) + sizeof(*req));
1305 api = (!mech || mech == 0x80060001) ? /* CKM_IBM_CPACF_WRAP */
1306 EP11_API_V4 : EP11_API_V1;
1307 prep_head(&req_pl->head, req_pl_size, api, 33); /* WrapKey */
1308 req_pl->var_tag = 0x04;
1309 req_pl->var_len = sizeof(u32);
1310 /* mech is mech + mech params (iv here) */
1311 req_pl->mech_tag = 0x04;
1312 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1313 req_pl->mech = (mech ? mech : 0x80060001); /* CKM_IBM_CPACF_WRAP */
1314 p = ((u8 *)req_pl) + sizeof(*req_pl);
1320 p += asn1tag_write(p, 0x04, key, keysize);
1328 /* reply cprb and payload */
1329 rep = alloc_cprb(sizeof(struct wk_rep_pl));
1332 rep_pl = (struct wk_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1334 /* urb and target */
1335 urb = kmalloc(sizeof(*urb), GFP_KERNEL);
1338 target.ap_id = card;
1339 target.dom_id = domain;
1340 prep_urb(urb, &target, 1,
1341 req, sizeof(*req) + req_pl_size,
1342 rep, sizeof(*rep) + sizeof(*rep_pl));
1344 rc = zcrypt_send_ep11_cprb(urb);
1347 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1348 __func__, (int)card, (int)domain, rc);
1352 rc = check_reply_pl((u8 *)rep_pl, __func__);
1355 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
1356 DEBUG_ERR("%s unknown reply data format\n", __func__);
1360 if (rep_pl->data_len > *datasize) {
1361 DEBUG_ERR("%s mismatch reply data len / data buffer len\n",
1367 /* copy the data from the cprb to the data buffer */
1368 memcpy(databuf, rep_pl->data, rep_pl->data_len);
1369 *datasize = rep_pl->data_len;
1378 int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
1379 const u8 *clrkey, u8 *keybuf, size_t *keybufsize,
1383 u8 encbuf[64], *kek = NULL;
1384 size_t clrkeylen, keklen, encbuflen = sizeof(encbuf);
1386 if (keybitsize == 128 || keybitsize == 192 || keybitsize == 256) {
1387 clrkeylen = keybitsize / 8;
1390 "%s unknown/unsupported keybitsize %d\n",
1391 __func__, keybitsize);
1395 /* allocate memory for the temp kek */
1396 keklen = MAXEP11AESKEYBLOBSIZE;
1397 kek = kmalloc(keklen, GFP_ATOMIC);
1403 /* Step 1: generate AES 256 bit random kek key */
1404 rc = _ep11_genaeskey(card, domain, 256,
1405 0x00006c00, /* EN/DECRYPT, WRAP/UNWRAP */
1409 "%s generate kek key failed, rc=%d\n",
1414 /* Step 2: encrypt clear key value with the kek key */
1415 rc = ep11_cryptsingle(card, domain, 0, 0, def_iv, kek, keklen,
1416 clrkey, clrkeylen, encbuf, &encbuflen);
1419 "%s encrypting key value with kek key failed, rc=%d\n",
1424 /* Step 3: import the encrypted key value as a new key */
1425 rc = ep11_unwrapkey(card, domain, kek, keklen,
1426 encbuf, encbuflen, 0, def_iv,
1427 keybitsize, 0, keybuf, keybufsize, keytype);
1430 "%s importing key value as new key failed,, rc=%d\n",
1439 EXPORT_SYMBOL(ep11_clr2keyblob);
1441 int ep11_kblob2protkey(u16 card, u16 dom,
1442 const u8 *keyblob, size_t keybloblen,
1443 u8 *protkey, u32 *protkeylen, u32 *protkeytype)
1445 struct ep11kblob_header *hdr;
1446 struct ep11keyblob *key;
1447 size_t wkbuflen, keylen;
1460 if (ep11_kb_decode((u8 *)keyblob, keybloblen, &hdr, NULL, &key, &keylen))
1463 if (hdr->version == TOKVER_EP11_AES) {
1464 /* wipe overlayed header */
1465 memset(hdr, 0, sizeof(*hdr));
1467 /* !!! hdr is no longer a valid header !!! */
1469 /* alloc temp working buffer */
1470 wkbuflen = (keylen + AES_BLOCK_SIZE) & (~(AES_BLOCK_SIZE - 1));
1471 wkbuf = kmalloc(wkbuflen, GFP_ATOMIC);
1475 /* ep11 secure key -> protected key + info */
1476 rc = _ep11_wrapkey(card, dom, (u8 *)key, keylen,
1477 0, def_iv, wkbuf, &wkbuflen);
1480 "%s rewrapping ep11 key to pkey failed, rc=%d\n",
1484 wki = (struct wk_info *)wkbuf;
1486 /* check struct version and pkey type */
1487 if (wki->version != 1 || wki->pkeytype < 1 || wki->pkeytype > 5) {
1488 DEBUG_ERR("%s wk info version %d or pkeytype %d mismatch.\n",
1489 __func__, (int)wki->version, (int)wki->pkeytype);
1494 /* check protected key type field */
1495 switch (wki->pkeytype) {
1497 switch (wki->pkeysize) {
1499 /* AES 128 protected key */
1501 *protkeytype = PKEY_KEYTYPE_AES_128;
1504 /* AES 192 protected key */
1506 *protkeytype = PKEY_KEYTYPE_AES_192;
1509 /* AES 256 protected key */
1511 *protkeytype = PKEY_KEYTYPE_AES_256;
1514 DEBUG_ERR("%s unknown/unsupported AES pkeysize %d\n",
1515 __func__, (int)wki->pkeysize);
1524 *protkeytype = PKEY_KEYTYPE_ECC;
1528 DEBUG_ERR("%s unknown/unsupported key type %d\n",
1529 __func__, (int)wki->pkeytype);
1534 /* copy the translated protected key */
1535 if (wki->pkeysize > *protkeylen) {
1536 DEBUG_ERR("%s wk info pkeysize %llu > protkeysize %u\n",
1537 __func__, wki->pkeysize, *protkeylen);
1541 memcpy(protkey, wki->pkey, wki->pkeysize);
1542 *protkeylen = wki->pkeysize;
1548 EXPORT_SYMBOL(ep11_kblob2protkey);
1550 int ep11_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain,
1551 int minhwtype, int minapi, const u8 *wkvp)
1553 struct zcrypt_device_status_ext *device_status;
1554 u32 *_apqns = NULL, _nr_apqns = 0;
1555 int i, card, dom, rc = -ENOMEM;
1556 struct ep11_domain_info edi;
1557 struct ep11_card_info eci;
1559 /* fetch status of all crypto cards */
1560 device_status = kvmalloc_array(MAX_ZDEV_ENTRIES_EXT,
1561 sizeof(struct zcrypt_device_status_ext),
1565 zcrypt_device_status_mask_ext(device_status);
1567 /* allocate 1k space for up to 256 apqns */
1568 _apqns = kmalloc_array(256, sizeof(u32), GFP_KERNEL);
1570 kvfree(device_status);
1574 /* walk through all the crypto apqnss */
1575 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) {
1576 card = AP_QID_CARD(device_status[i].qid);
1577 dom = AP_QID_QUEUE(device_status[i].qid);
1578 /* check online state */
1579 if (!device_status[i].online)
1581 /* check for ep11 functions */
1582 if (!(device_status[i].functions & 0x01))
1585 if (cardnr != 0xFFFF && card != cardnr)
1588 if (domain != 0xFFFF && dom != domain)
1590 /* check min hardware type */
1591 if (minhwtype && device_status[i].hwtype < minhwtype)
1593 /* check min api version if given */
1595 if (ep11_get_card_info(card, &eci, 0))
1597 if (minapi > eci.API_ord_nr)
1600 /* check wkvp if given */
1602 if (ep11_get_domain_info(card, dom, &edi))
1604 if (edi.cur_wk_state != '1')
1606 if (memcmp(wkvp, edi.cur_wkvp, 16))
1609 /* apqn passed all filtering criterons, add to the array */
1610 if (_nr_apqns < 256)
1611 _apqns[_nr_apqns++] = (((u16)card) << 16) | ((u16)dom);
1614 /* nothing found ? */
1619 /* no re-allocation, simple return the _apqns array */
1621 *nr_apqns = _nr_apqns;
1625 kvfree(device_status);
1628 EXPORT_SYMBOL(ep11_findcard2);
1630 void __exit zcrypt_ep11misc_exit(void)
projects / linux.git / blob