1 /* SPDX-License-Identifier: GPL-2.0+ */ 2 /* 3 * Copyright IBM Corp. 2019 4 * Author(s): Harald Freudenberger <freude@linux.ibm.com> 5 * Ingo Franzki <ifranzki@linux.ibm.com> 6 * 7 * Collection of CCA misc functions used by zcrypt and pkey 8 */ 9 10 #ifndef _ZCRYPT_CCAMISC_H_ 11 #define _ZCRYPT_CCAMISC_H_ 12 13 #include <asm/zcrypt.h> 14 #include <asm/pkey.h> 15 16 /* Key token types */ 17 #define TOKTYPE_NON_CCA 0x00 /* Non-CCA key token */ 18 #define TOKTYPE_CCA_INTERNAL 0x01 /* CCA internal key token */ 19 20 /* For TOKTYPE_NON_CCA: */ 21 #define TOKVER_PROTECTED_KEY 0x01 /* Protected key token */ 22 23 /* For TOKTYPE_CCA_INTERNAL: */ 24 #define TOKVER_CCA_AES 0x04 /* CCA AES key token */ 25 #define TOKVER_CCA_VLSC 0x05 /* var length sym cipher key token */ 26 27 /* Max size of a cca variable length cipher key token */ 28 #define MAXCCAVLSCTOKENSIZE 725 29 30 /* header part of a CCA key token */ 31 struct keytoken_header { 32 u8 type; /* one of the TOKTYPE values */ 33 u8 res0[1]; 34 u16 len; /* vlsc token: total length in bytes */ 35 u8 version; /* one of the TOKVER values */ 36 u8 res1[3]; 37 } __packed; 38 39 /* inside view of a CCA secure key token (only type 0x01 version 0x04) */ 40 struct secaeskeytoken { 41 u8 type; /* 0x01 for internal key token */ 42 u8 res0[3]; 43 u8 version; /* should be 0x04 */ 44 u8 res1[1]; 45 u8 flag; /* key flags */ 46 u8 res2[1]; 47 u64 mkvp; /* master key verification pattern */ 48 u8 key[32]; /* key value (encrypted) */ 49 u8 cv[8]; /* control vector */ 50 u16 bitsize; /* key bit size */ 51 u16 keysize; /* key byte size */ 52 u8 tvv[4]; /* token validation value */ 53 } __packed; 54 55 /* inside view of a variable length symmetric cipher AES key token */ 56 struct cipherkeytoken { 57 u8 type; /* 0x01 for internal key token */ 58 u8 res0[1]; 59 u16 len; /* total key token length in bytes */ 60 u8 version; /* should be 0x05 */ 61 u8 res1[3]; 62 u8 kms; /* key material state, 0x03 means wrapped with MK */ 63 u8 kvpt; /* key verification pattern type, should be 0x01 */ 64 u64 mkvp0; /* master key verification pattern, lo part */ 65 u64 mkvp1; /* master key verification pattern, hi part (unused) */ 66 u8 eskwm; /* encrypted section key wrapping method */ 67 u8 hashalg; /* hash algorithmus used for wrapping key */ 68 u8 plfver; /* pay load format version */ 69 u8 res2[1]; 70 u8 adsver; /* associated data section version */ 71 u8 res3[1]; 72 u16 adslen; /* associated data section length */ 73 u8 kllen; /* optional key label length */ 74 u8 ieaslen; /* optional extended associated data length */ 75 u8 uadlen; /* optional user definable associated data length */ 76 u8 res4[1]; 77 u16 wpllen; /* wrapped payload length in bits: */ 78 /* plfver 0x00 0x01 */ 79 /* AES-128 512 640 */ 80 /* AES-192 576 640 */ 81 /* AES-256 640 640 */ 82 u8 res5[1]; 83 u8 algtype; /* 0x02 for AES cipher */ 84 u16 keytype; /* 0x0001 for 'cipher' */ 85 u8 kufc; /* key usage field count */ 86 u16 kuf1; /* key usage field 1 */ 87 u16 kuf2; /* key usage field 2 */ 88 u8 kmfc; /* key management field count */ 89 u16 kmf1; /* key management field 1 */ 90 u16 kmf2; /* key management field 2 */ 91 u16 kmf3; /* key management field 3 */ 92 u8 vdata[0]; /* variable part data follows */ 93 } __packed; 94 95 /* Some defines for the CCA AES cipherkeytoken kmf1 field */ 96 #define KMF1_XPRT_SYM 0x8000 97 #define KMF1_XPRT_UASY 0x4000 98 #define KMF1_XPRT_AASY 0x2000 99 #define KMF1_XPRT_RAW 0x1000 100 #define KMF1_XPRT_CPAC 0x0800 101 #define KMF1_XPRT_DES 0x0080 102 #define KMF1_XPRT_AES 0x0040 103 #define KMF1_XPRT_RSA 0x0008 104 105 /* 106 * Simple check if the token is a valid CCA secure AES data key 107 * token. If keybitsize is given, the bitsize of the key is 108 * also checked. Returns 0 on success or errno value on failure. 109 */ 110 int cca_check_secaeskeytoken(debug_info_t *dbg, int dbflvl, 111 const u8 *token, int keybitsize); 112 113 /* 114 * Simple check if the token is a valid CCA secure AES cipher key 115 * token. If keybitsize is given, the bitsize of the key is 116 * also checked. If checkcpacfexport is enabled, the key is also 117 * checked for the export flag to allow CPACF export. 118 * Returns 0 on success or errno value on failure. 119 */ 120 int cca_check_secaescipherkey(debug_info_t *dbg, int dbflvl, 121 const u8 *token, int keybitsize, 122 int checkcpacfexport); 123 124 /* 125 * Generate (random) CCA AES DATA secure key. 126 */ 127 int cca_genseckey(u16 cardnr, u16 domain, u32 keybitsize, u8 *seckey); 128 129 /* 130 * Generate CCA AES DATA secure key with given clear key value. 131 */ 132 int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize, 133 const u8 *clrkey, u8 *seckey); 134 135 /* 136 * Derive proteced key from an CCA AES DATA secure key. 137 */ 138 int cca_sec2protkey(u16 cardnr, u16 domain, 139 const u8 seckey[SECKEYBLOBSIZE], 140 u8 *protkey, u32 *protkeylen, u32 *protkeytype); 141 142 /* 143 * Generate (random) CCA AES CIPHER secure key. 144 */ 145 int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, 146 u8 *keybuf, size_t *keybufsize); 147 148 /* 149 * Derive proteced key from CCA AES cipher secure key. 150 */ 151 int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey, 152 u8 *protkey, u32 *protkeylen, u32 *protkeytype); 153 154 /* 155 * Build CCA AES CIPHER secure key with a given clear key value. 156 */ 157 int cca_clr2cipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, 158 const u8 *clrkey, u8 *keybuf, size_t *keybufsize); 159 160 /* 161 * Query cryptographic facility from CCA adapter 162 */ 163 int cca_query_crypto_facility(u16 cardnr, u16 domain, 164 const char *keyword, 165 u8 *rarray, size_t *rarraylen, 166 u8 *varray, size_t *varraylen); 167 168 /* 169 * Search for a matching crypto card based on the Master Key 170 * Verification Pattern provided inside a secure key. 171 * Works with CCA AES data and cipher keys. 172 * Returns < 0 on failure, 0 if CURRENT MKVP matches and 173 * 1 if OLD MKVP matches. 174 */ 175 int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify); 176 177 /* 178 * Build a list of cca apqns meeting the following constrains: 179 * - apqn is online and is in fact a CCA apqn 180 * - if cardnr is not FFFF only apqns with this cardnr 181 * - if domain is not FFFF only apqns with this domainnr 182 * - if minhwtype > 0 only apqns with hwtype >= minhwtype 183 * - if cur_mkvp != 0 only apqns where cur_mkvp == mkvp 184 * - if old_mkvp != 0 only apqns where old_mkvp == mkvp 185 * - if verify is enabled and a cur_mkvp and/or old_mkvp 186 * value is given, then refetch the cca_info and make sure the current 187 * cur_mkvp or old_mkvp values of the apqn are used. 188 * The array of apqn entries is allocated with kmalloc and returned in *apqns; 189 * the number of apqns stored into the list is returned in *nr_apqns. One apqn 190 * entry is simple a 32 bit value with 16 bit cardnr and 16 bit domain nr and 191 * may be casted to struct pkey_apqn. The return value is either 0 for success 192 * or a negative errno value. If no apqn meeting the criterias is found, 193 * -ENODEV is returned. 194 */ 195 int cca_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain, 196 int minhwtype, u64 cur_mkvp, u64 old_mkvp, int verify); 197 198 /* struct to hold info for each CCA queue */ 199 struct cca_info { 200 int hwtype; /* one of the defined AP_DEVICE_TYPE_* */ 201 char new_mk_state; /* '1' empty, '2' partially full, '3' full */ 202 char cur_mk_state; /* '1' invalid, '2' valid */ 203 char old_mk_state; /* '1' invalid, '2' valid */ 204 u64 new_mkvp; /* truncated sha256 hash of new master key */ 205 u64 cur_mkvp; /* truncated sha256 hash of current master key */ 206 u64 old_mkvp; /* truncated sha256 hash of old master key */ 207 char serial[9]; /* serial number string (8 ascii numbers + 0x00) */ 208 }; 209 210 /* 211 * Fetch cca information about an CCA queue. 212 */ 213 int cca_get_info(u16 card, u16 dom, struct cca_info *ci, int verify); 214 215 void zcrypt_ccamisc_exit(void); 216 217 #endif /* _ZCRYPT_CCAMISC_H_ */ 218