1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * Copyright IBM Corp. 2019 4 * Author(s): Harald Freudenberger <freude@linux.ibm.com> 5 * 6 * Collection of EP11 misc functions used by zcrypt and pkey 7 */ 8 9 #define KMSG_COMPONENT "zcrypt" 10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 11 12 #include <linux/init.h> 13 #include <linux/module.h> 14 #include <linux/slab.h> 15 #include <linux/random.h> 16 #include <asm/zcrypt.h> 17 #include <asm/pkey.h> 18 19 #include "ap_bus.h" 20 #include "zcrypt_api.h" 21 #include "zcrypt_debug.h" 22 #include "zcrypt_msgtype6.h" 23 #include "zcrypt_ep11misc.h" 24 #include "zcrypt_ccamisc.h" 25 26 #define DEBUG_DBG(...) ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__) 27 #define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__) 28 #define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__) 29 #define DEBUG_ERR(...) ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__) 30 31 /* default iv used here */ 32 static const u8 def_iv[16] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 33 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }; 34 35 /* ep11 card info cache */ 36 struct card_list_entry { 37 struct list_head list; 38 u16 cardnr; 39 struct ep11_card_info info; 40 }; 41 static LIST_HEAD(card_list); 42 static DEFINE_SPINLOCK(card_list_lock); 43 44 static int card_cache_fetch(u16 cardnr, struct ep11_card_info *ci) 45 { 46 int rc = -ENOENT; 47 struct card_list_entry *ptr; 48 49 spin_lock_bh(&card_list_lock); 50 list_for_each_entry(ptr, &card_list, list) { 51 if (ptr->cardnr == cardnr) { 52 memcpy(ci, &ptr->info, sizeof(*ci)); 53 rc = 0; 54 break; 55 } 56 } 57 spin_unlock_bh(&card_list_lock); 58 59 return rc; 60 } 61 62 static void card_cache_update(u16 cardnr, const struct ep11_card_info *ci) 63 { 64 int found = 0; 65 struct card_list_entry *ptr; 66 67 spin_lock_bh(&card_list_lock); 68 list_for_each_entry(ptr, &card_list, list) { 69 if (ptr->cardnr == cardnr) { 70 memcpy(&ptr->info, ci, sizeof(*ci)); 71 found = 1; 72 break; 73 } 74 } 75 if (!found) { 76 ptr = kmalloc(sizeof(*ptr), GFP_ATOMIC); 77 if (!ptr) { 78 spin_unlock_bh(&card_list_lock); 79 return; 80 } 81 ptr->cardnr = cardnr; 82 memcpy(&ptr->info, ci, sizeof(*ci)); 83 list_add(&ptr->list, &card_list); 84 } 85 spin_unlock_bh(&card_list_lock); 86 } 87 88 static void card_cache_scrub(u16 cardnr) 89 { 90 struct card_list_entry *ptr; 91 92 spin_lock_bh(&card_list_lock); 93 list_for_each_entry(ptr, &card_list, list) { 94 if (ptr->cardnr == cardnr) { 95 list_del(&ptr->list); 96 kfree(ptr); 97 break; 98 } 99 } 100 spin_unlock_bh(&card_list_lock); 101 } 102 103 static void __exit card_cache_free(void) 104 { 105 struct card_list_entry *ptr, *pnext; 106 107 spin_lock_bh(&card_list_lock); 108 list_for_each_entry_safe(ptr, pnext, &card_list, list) { 109 list_del(&ptr->list); 110 kfree(ptr); 111 } 112 spin_unlock_bh(&card_list_lock); 113 } 114 115 /* 116 * Simple check if the key blob is a valid EP11 secure AES key. 117 */ 118 int ep11_check_aeskeyblob(debug_info_t *dbg, int dbflvl, 119 const u8 *key, int keybitsize, 120 int checkcpacfexport) 121 { 122 struct ep11keyblob *kb = (struct ep11keyblob *) key; 123 124 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__) 125 126 if (kb->head.type != TOKTYPE_NON_CCA) { 127 if (dbg) 128 DBF("%s key check failed, type 0x%02x != 0x%02x\n", 129 __func__, (int) kb->head.type, TOKTYPE_NON_CCA); 130 return -EINVAL; 131 } 132 if (kb->head.version != TOKVER_EP11_AES) { 133 if (dbg) 134 DBF("%s key check failed, version 0x%02x != 0x%02x\n", 135 __func__, (int) kb->head.version, TOKVER_EP11_AES); 136 return -EINVAL; 137 } 138 if (kb->version != EP11_STRUCT_MAGIC) { 139 if (dbg) 140 DBF("%s key check failed, magic 0x%04x != 0x%04x\n", 141 __func__, (int) kb->version, EP11_STRUCT_MAGIC); 142 return -EINVAL; 143 } 144 switch (kb->head.keybitlen) { 145 case 128: 146 case 192: 147 case 256: 148 break; 149 default: 150 if (dbg) 151 DBF("%s key check failed, keybitlen %d invalid\n", 152 __func__, (int) kb->head.keybitlen); 153 return -EINVAL; 154 } 155 if (keybitsize > 0 && keybitsize != (int) kb->head.keybitlen) { 156 DBF("%s key check failed, keybitsize %d\n", 157 __func__, keybitsize); 158 return -EINVAL; 159 } 160 if (checkcpacfexport && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) { 161 if (dbg) 162 DBF("%s key check failed, PKEY_EXTRACTABLE is 0\n", 163 __func__); 164 return -EINVAL; 165 } 166 #undef DBF 167 168 return 0; 169 } 170 EXPORT_SYMBOL(ep11_check_aeskeyblob); 171 172 /* 173 * Helper function which calls zcrypt_send_ep11_cprb with 174 * memory management segment adjusted to kernel space 175 * so that the copy_from_user called within this 176 * function do in fact copy from kernel space. 177 */ 178 static inline int _zcrypt_send_ep11_cprb(struct ep11_urb *urb) 179 { 180 int rc; 181 mm_segment_t old_fs = get_fs(); 182 183 set_fs(KERNEL_DS); 184 rc = zcrypt_send_ep11_cprb(urb); 185 set_fs(old_fs); 186 187 return rc; 188 } 189 190 /* 191 * Allocate and prepare ep11 cprb plus additional payload. 192 */ 193 static inline struct ep11_cprb *alloc_cprb(size_t payload_len) 194 { 195 size_t len = sizeof(struct ep11_cprb) + payload_len; 196 struct ep11_cprb *cprb; 197 198 cprb = kmalloc(len, GFP_KERNEL); 199 if (!cprb) 200 return NULL; 201 202 memset(cprb, 0, len); 203 cprb->cprb_len = sizeof(struct ep11_cprb); 204 cprb->cprb_ver_id = 0x04; 205 memcpy(cprb->func_id, "T4", 2); 206 cprb->ret_code = 0xFFFFFFFF; 207 cprb->payload_len = payload_len; 208 209 return cprb; 210 } 211 212 /* 213 * Some helper functions related to ASN1 encoding. 214 * Limited to length info <= 2 byte. 215 */ 216 217 #define ASN1TAGLEN(x) (2 + (x) + ((x) > 127 ? 1 : 0) + ((x) > 255 ? 1 : 0)) 218 219 static int asn1tag_write(u8 *ptr, u8 tag, const u8 *pvalue, u16 valuelen) 220 { 221 ptr[0] = tag; 222 if (valuelen > 255) { 223 ptr[1] = 0x82; 224 *((u16 *)(ptr + 2)) = valuelen; 225 memcpy(ptr + 4, pvalue, valuelen); 226 return 4 + valuelen; 227 } 228 if (valuelen > 127) { 229 ptr[1] = 0x81; 230 ptr[2] = (u8) valuelen; 231 memcpy(ptr + 3, pvalue, valuelen); 232 return 3 + valuelen; 233 } 234 ptr[1] = (u8) valuelen; 235 memcpy(ptr + 2, pvalue, valuelen); 236 return 2 + valuelen; 237 } 238 239 /* EP11 payload > 127 bytes starts with this struct */ 240 struct pl_head { 241 u8 tag; 242 u8 lenfmt; 243 u16 len; 244 u8 func_tag; 245 u8 func_len; 246 u32 func; 247 u8 dom_tag; 248 u8 dom_len; 249 u32 dom; 250 } __packed; 251 252 /* prep ep11 payload head helper function */ 253 static inline void prep_head(struct pl_head *h, 254 size_t pl_size, int api, int func) 255 { 256 h->tag = 0x30; 257 h->lenfmt = 0x82; 258 h->len = pl_size - 4; 259 h->func_tag = 0x04; 260 h->func_len = sizeof(u32); 261 h->func = (api << 16) + func; 262 h->dom_tag = 0x04; 263 h->dom_len = sizeof(u32); 264 } 265 266 /* prep urb helper function */ 267 static inline void prep_urb(struct ep11_urb *u, 268 struct ep11_target_dev *t, int nt, 269 struct ep11_cprb *req, size_t req_len, 270 struct ep11_cprb *rep, size_t rep_len) 271 { 272 u->targets = (u8 __user *) t; 273 u->targets_num = nt; 274 u->req = (u8 __user *) req; 275 u->req_len = req_len; 276 u->resp = (u8 __user *) rep; 277 u->resp_len = rep_len; 278 } 279 280 /* Check ep11 reply payload, return 0 or suggested errno value. */ 281 static int check_reply_pl(const u8 *pl, const char *func) 282 { 283 int len; 284 u32 ret; 285 286 /* start tag */ 287 if (*pl++ != 0x30) { 288 DEBUG_ERR("%s reply start tag mismatch\n", func); 289 return -EIO; 290 } 291 292 /* payload length format */ 293 if (*pl < 127) { 294 len = *pl; 295 pl++; 296 } else if (*pl == 0x81) { 297 pl++; 298 len = *pl; 299 pl++; 300 } else if (*pl == 0x82) { 301 pl++; 302 len = *((u16 *)pl); 303 pl += 2; 304 } else { 305 DEBUG_ERR("%s reply start tag lenfmt mismatch 0x%02hhx\n", 306 func, *pl); 307 return -EIO; 308 } 309 310 /* len should cover at least 3 fields with 32 bit value each */ 311 if (len < 3 * 6) { 312 DEBUG_ERR("%s reply length %d too small\n", func, len); 313 return -EIO; 314 } 315 316 /* function tag, length and value */ 317 if (pl[0] != 0x04 || pl[1] != 0x04) { 318 DEBUG_ERR("%s function tag or length mismatch\n", func); 319 return -EIO; 320 } 321 pl += 6; 322 323 /* dom tag, length and value */ 324 if (pl[0] != 0x04 || pl[1] != 0x04) { 325 DEBUG_ERR("%s dom tag or length mismatch\n", func); 326 return -EIO; 327 } 328 pl += 6; 329 330 /* return value tag, length and value */ 331 if (pl[0] != 0x04 || pl[1] != 0x04) { 332 DEBUG_ERR("%s return value tag or length mismatch\n", func); 333 return -EIO; 334 } 335 pl += 2; 336 ret = *((u32 *)pl); 337 if (ret != 0) { 338 DEBUG_ERR("%s return value 0x%04x != 0\n", func, ret); 339 return -EIO; 340 } 341 342 return 0; 343 } 344 345 346 /* 347 * Helper function which does an ep11 query with given query type. 348 */ 349 static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type, 350 size_t buflen, u8 *buf) 351 { 352 struct ep11_info_req_pl { 353 struct pl_head head; 354 u8 query_type_tag; 355 u8 query_type_len; 356 u32 query_type; 357 u8 query_subtype_tag; 358 u8 query_subtype_len; 359 u32 query_subtype; 360 } __packed * req_pl; 361 struct ep11_info_rep_pl { 362 struct pl_head head; 363 u8 rc_tag; 364 u8 rc_len; 365 u32 rc; 366 u8 data_tag; 367 u8 data_lenfmt; 368 u16 data_len; 369 } __packed * rep_pl; 370 struct ep11_cprb *req = NULL, *rep = NULL; 371 struct ep11_target_dev target; 372 struct ep11_urb *urb = NULL; 373 int api = 1, rc = -ENOMEM; 374 375 /* request cprb and payload */ 376 req = alloc_cprb(sizeof(struct ep11_info_req_pl)); 377 if (!req) 378 goto out; 379 req_pl = (struct ep11_info_req_pl *) (((u8 *) req) + sizeof(*req)); 380 prep_head(&req_pl->head, sizeof(*req_pl), api, 38); /* get xcp info */ 381 req_pl->query_type_tag = 0x04; 382 req_pl->query_type_len = sizeof(u32); 383 req_pl->query_type = query_type; 384 req_pl->query_subtype_tag = 0x04; 385 req_pl->query_subtype_len = sizeof(u32); 386 387 /* reply cprb and payload */ 388 rep = alloc_cprb(sizeof(struct ep11_info_rep_pl) + buflen); 389 if (!rep) 390 goto out; 391 rep_pl = (struct ep11_info_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 392 393 /* urb and target */ 394 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 395 if (!urb) 396 goto out; 397 target.ap_id = cardnr; 398 target.dom_id = domain; 399 prep_urb(urb, &target, 1, 400 req, sizeof(*req) + sizeof(*req_pl), 401 rep, sizeof(*rep) + sizeof(*rep_pl) + buflen); 402 403 rc = _zcrypt_send_ep11_cprb(urb); 404 if (rc) { 405 DEBUG_ERR( 406 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 407 __func__, (int) cardnr, (int) domain, rc); 408 goto out; 409 } 410 411 rc = check_reply_pl((u8 *)rep_pl, __func__); 412 if (rc) 413 goto out; 414 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { 415 DEBUG_ERR("%s unknown reply data format\n", __func__); 416 rc = -EIO; 417 goto out; 418 } 419 if (rep_pl->data_len > buflen) { 420 DEBUG_ERR("%s mismatch between reply data len and buffer len\n", 421 __func__); 422 rc = -ENOSPC; 423 goto out; 424 } 425 426 memcpy(buf, ((u8 *) rep_pl) + sizeof(*rep_pl), rep_pl->data_len); 427 428 out: 429 kfree(req); 430 kfree(rep); 431 kfree(urb); 432 return rc; 433 } 434 435 /* 436 * Provide information about an EP11 card. 437 */ 438 int ep11_get_card_info(u16 card, struct ep11_card_info *info, int verify) 439 { 440 int rc; 441 struct ep11_module_query_info { 442 u32 API_ord_nr; 443 u32 firmware_id; 444 u8 FW_major_vers; 445 u8 FW_minor_vers; 446 u8 CSP_major_vers; 447 u8 CSP_minor_vers; 448 u8 fwid[32]; 449 u8 xcp_config_hash[32]; 450 u8 CSP_config_hash[32]; 451 u8 serial[16]; 452 u8 module_date_time[16]; 453 u64 op_mode; 454 u32 PKCS11_flags; 455 u32 ext_flags; 456 u32 domains; 457 u32 sym_state_bytes; 458 u32 digest_state_bytes; 459 u32 pin_blob_bytes; 460 u32 SPKI_bytes; 461 u32 priv_key_blob_bytes; 462 u32 sym_blob_bytes; 463 u32 max_payload_bytes; 464 u32 CP_profile_bytes; 465 u32 max_CP_index; 466 } __packed * pmqi = NULL; 467 468 rc = card_cache_fetch(card, info); 469 if (rc || verify) { 470 pmqi = kmalloc(sizeof(*pmqi), GFP_KERNEL); 471 if (!pmqi) 472 return -ENOMEM; 473 rc = ep11_query_info(card, AUTOSEL_DOM, 474 0x01 /* module info query */, 475 sizeof(*pmqi), (u8 *) pmqi); 476 if (rc) { 477 if (rc == -ENODEV) 478 card_cache_scrub(card); 479 goto out; 480 } 481 memset(info, 0, sizeof(*info)); 482 info->API_ord_nr = pmqi->API_ord_nr; 483 info->FW_version = 484 (pmqi->FW_major_vers << 8) + pmqi->FW_minor_vers; 485 memcpy(info->serial, pmqi->serial, sizeof(info->serial)); 486 info->op_mode = pmqi->op_mode; 487 card_cache_update(card, info); 488 } 489 490 out: 491 kfree(pmqi); 492 return rc; 493 } 494 EXPORT_SYMBOL(ep11_get_card_info); 495 496 /* 497 * Provide information about a domain within an EP11 card. 498 */ 499 int ep11_get_domain_info(u16 card, u16 domain, struct ep11_domain_info *info) 500 { 501 int rc; 502 struct ep11_domain_query_info { 503 u32 dom_index; 504 u8 cur_WK_VP[32]; 505 u8 new_WK_VP[32]; 506 u32 dom_flags; 507 u64 op_mode; 508 } __packed * p_dom_info; 509 510 p_dom_info = kmalloc(sizeof(*p_dom_info), GFP_KERNEL); 511 if (!p_dom_info) 512 return -ENOMEM; 513 514 rc = ep11_query_info(card, domain, 0x03 /* domain info query */, 515 sizeof(*p_dom_info), (u8 *) p_dom_info); 516 if (rc) 517 goto out; 518 519 memset(info, 0, sizeof(*info)); 520 info->cur_wk_state = '0'; 521 info->new_wk_state = '0'; 522 if (p_dom_info->dom_flags & 0x10 /* left imprint mode */) { 523 if (p_dom_info->dom_flags & 0x02 /* cur wk valid */) { 524 info->cur_wk_state = '1'; 525 memcpy(info->cur_wkvp, p_dom_info->cur_WK_VP, 32); 526 } 527 if (p_dom_info->dom_flags & 0x04 /* new wk present */ 528 || p_dom_info->dom_flags & 0x08 /* new wk committed */) { 529 info->new_wk_state = 530 p_dom_info->dom_flags & 0x08 ? '2' : '1'; 531 memcpy(info->new_wkvp, p_dom_info->new_WK_VP, 32); 532 } 533 } 534 info->op_mode = p_dom_info->op_mode; 535 536 out: 537 kfree(p_dom_info); 538 return rc; 539 } 540 EXPORT_SYMBOL(ep11_get_domain_info); 541 542 /* 543 * Default EP11 AES key generate attributes, used when no keygenflags given: 544 * XCP_BLOB_ENCRYPT | XCP_BLOB_DECRYPT | XCP_BLOB_PROTKEY_EXTRACTABLE 545 */ 546 #define KEY_ATTR_DEFAULTS 0x00200c00 547 548 int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, 549 u8 *keybuf, size_t *keybufsize) 550 { 551 struct keygen_req_pl { 552 struct pl_head head; 553 u8 var_tag; 554 u8 var_len; 555 u32 var; 556 u8 keybytes_tag; 557 u8 keybytes_len; 558 u32 keybytes; 559 u8 mech_tag; 560 u8 mech_len; 561 u32 mech; 562 u8 attr_tag; 563 u8 attr_len; 564 u32 attr_header; 565 u32 attr_bool_mask; 566 u32 attr_bool_bits; 567 u32 attr_val_len_type; 568 u32 attr_val_len_value; 569 u8 pin_tag; 570 u8 pin_len; 571 } __packed * req_pl; 572 struct keygen_rep_pl { 573 struct pl_head head; 574 u8 rc_tag; 575 u8 rc_len; 576 u32 rc; 577 u8 data_tag; 578 u8 data_lenfmt; 579 u16 data_len; 580 u8 data[512]; 581 } __packed * rep_pl; 582 struct ep11_cprb *req = NULL, *rep = NULL; 583 struct ep11_target_dev target; 584 struct ep11_urb *urb = NULL; 585 struct ep11keyblob *kb; 586 int api, rc = -ENOMEM; 587 588 switch (keybitsize) { 589 case 128: 590 case 192: 591 case 256: 592 break; 593 default: 594 DEBUG_ERR( 595 "%s unknown/unsupported keybitsize %d\n", 596 __func__, keybitsize); 597 rc = -EINVAL; 598 goto out; 599 } 600 601 /* request cprb and payload */ 602 req = alloc_cprb(sizeof(struct keygen_req_pl)); 603 if (!req) 604 goto out; 605 req_pl = (struct keygen_req_pl *) (((u8 *) req) + sizeof(*req)); 606 api = (!keygenflags || keygenflags & 0x00200000) ? 4 : 1; 607 prep_head(&req_pl->head, sizeof(*req_pl), api, 21); /* GenerateKey */ 608 req_pl->var_tag = 0x04; 609 req_pl->var_len = sizeof(u32); 610 req_pl->keybytes_tag = 0x04; 611 req_pl->keybytes_len = sizeof(u32); 612 req_pl->keybytes = keybitsize / 8; 613 req_pl->mech_tag = 0x04; 614 req_pl->mech_len = sizeof(u32); 615 req_pl->mech = 0x00001080; /* CKM_AES_KEY_GEN */ 616 req_pl->attr_tag = 0x04; 617 req_pl->attr_len = 5 * sizeof(u32); 618 req_pl->attr_header = 0x10010000; 619 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS; 620 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS; 621 req_pl->attr_val_len_type = 0x00000161; /* CKA_VALUE_LEN */ 622 req_pl->attr_val_len_value = keybitsize / 8; 623 req_pl->pin_tag = 0x04; 624 625 /* reply cprb and payload */ 626 rep = alloc_cprb(sizeof(struct keygen_rep_pl)); 627 if (!rep) 628 goto out; 629 rep_pl = (struct keygen_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 630 631 /* urb and target */ 632 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 633 if (!urb) 634 goto out; 635 target.ap_id = card; 636 target.dom_id = domain; 637 prep_urb(urb, &target, 1, 638 req, sizeof(*req) + sizeof(*req_pl), 639 rep, sizeof(*rep) + sizeof(*rep_pl)); 640 641 rc = _zcrypt_send_ep11_cprb(urb); 642 if (rc) { 643 DEBUG_ERR( 644 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 645 __func__, (int) card, (int) domain, rc); 646 goto out; 647 } 648 649 rc = check_reply_pl((u8 *)rep_pl, __func__); 650 if (rc) 651 goto out; 652 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { 653 DEBUG_ERR("%s unknown reply data format\n", __func__); 654 rc = -EIO; 655 goto out; 656 } 657 if (rep_pl->data_len > *keybufsize) { 658 DEBUG_ERR("%s mismatch reply data len / key buffer len\n", 659 __func__); 660 rc = -ENOSPC; 661 goto out; 662 } 663 664 /* copy key blob and set header values */ 665 memcpy(keybuf, rep_pl->data, rep_pl->data_len); 666 *keybufsize = rep_pl->data_len; 667 kb = (struct ep11keyblob *) keybuf; 668 kb->head.type = TOKTYPE_NON_CCA; 669 kb->head.len = rep_pl->data_len; 670 kb->head.version = TOKVER_EP11_AES; 671 kb->head.keybitlen = keybitsize; 672 673 out: 674 kfree(req); 675 kfree(rep); 676 kfree(urb); 677 return rc; 678 } 679 EXPORT_SYMBOL(ep11_genaeskey); 680 681 static int ep11_cryptsingle(u16 card, u16 domain, 682 u16 mode, u32 mech, const u8 *iv, 683 const u8 *key, size_t keysize, 684 const u8 *inbuf, size_t inbufsize, 685 u8 *outbuf, size_t *outbufsize) 686 { 687 struct crypt_req_pl { 688 struct pl_head head; 689 u8 var_tag; 690 u8 var_len; 691 u32 var; 692 u8 mech_tag; 693 u8 mech_len; 694 u32 mech; 695 /* 696 * maybe followed by iv data 697 * followed by key tag + key blob 698 * followed by plaintext tag + plaintext 699 */ 700 } __packed * req_pl; 701 struct crypt_rep_pl { 702 struct pl_head head; 703 u8 rc_tag; 704 u8 rc_len; 705 u32 rc; 706 u8 data_tag; 707 u8 data_lenfmt; 708 /* data follows */ 709 } __packed * rep_pl; 710 struct ep11_cprb *req = NULL, *rep = NULL; 711 struct ep11_target_dev target; 712 struct ep11_urb *urb = NULL; 713 size_t req_pl_size, rep_pl_size; 714 int n, api = 1, rc = -ENOMEM; 715 u8 *p; 716 717 /* the simple asn1 coding used has length limits */ 718 if (keysize > 0xFFFF || inbufsize > 0xFFFF) 719 return -EINVAL; 720 721 /* request cprb and payload */ 722 req_pl_size = sizeof(struct crypt_req_pl) + (iv ? 16 : 0) 723 + ASN1TAGLEN(keysize) + ASN1TAGLEN(inbufsize); 724 req = alloc_cprb(req_pl_size); 725 if (!req) 726 goto out; 727 req_pl = (struct crypt_req_pl *) (((u8 *) req) + sizeof(*req)); 728 prep_head(&req_pl->head, req_pl_size, api, (mode ? 20 : 19)); 729 req_pl->var_tag = 0x04; 730 req_pl->var_len = sizeof(u32); 731 /* mech is mech + mech params (iv here) */ 732 req_pl->mech_tag = 0x04; 733 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0); 734 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */ 735 p = ((u8 *) req_pl) + sizeof(*req_pl); 736 if (iv) { 737 memcpy(p, iv, 16); 738 p += 16; 739 } 740 /* key and input data */ 741 p += asn1tag_write(p, 0x04, key, keysize); 742 p += asn1tag_write(p, 0x04, inbuf, inbufsize); 743 744 /* reply cprb and payload, assume out data size <= in data size + 32 */ 745 rep_pl_size = sizeof(struct crypt_rep_pl) + ASN1TAGLEN(inbufsize + 32); 746 rep = alloc_cprb(rep_pl_size); 747 if (!rep) 748 goto out; 749 rep_pl = (struct crypt_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 750 751 /* urb and target */ 752 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 753 if (!urb) 754 goto out; 755 target.ap_id = card; 756 target.dom_id = domain; 757 prep_urb(urb, &target, 1, 758 req, sizeof(*req) + req_pl_size, 759 rep, sizeof(*rep) + rep_pl_size); 760 761 rc = _zcrypt_send_ep11_cprb(urb); 762 if (rc) { 763 DEBUG_ERR( 764 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 765 __func__, (int) card, (int) domain, rc); 766 goto out; 767 } 768 769 rc = check_reply_pl((u8 *)rep_pl, __func__); 770 if (rc) 771 goto out; 772 if (rep_pl->data_tag != 0x04) { 773 DEBUG_ERR("%s unknown reply data format\n", __func__); 774 rc = -EIO; 775 goto out; 776 } 777 p = ((u8 *) rep_pl) + sizeof(*rep_pl); 778 if (rep_pl->data_lenfmt <= 127) 779 n = rep_pl->data_lenfmt; 780 else if (rep_pl->data_lenfmt == 0x81) 781 n = *p++; 782 else if (rep_pl->data_lenfmt == 0x82) { 783 n = *((u16 *) p); 784 p += 2; 785 } else { 786 DEBUG_ERR("%s unknown reply data length format 0x%02hhx\n", 787 __func__, rep_pl->data_lenfmt); 788 rc = -EIO; 789 goto out; 790 } 791 if (n > *outbufsize) { 792 DEBUG_ERR("%s mismatch reply data len %d / output buffer %zu\n", 793 __func__, n, *outbufsize); 794 rc = -ENOSPC; 795 goto out; 796 } 797 798 memcpy(outbuf, p, n); 799 *outbufsize = n; 800 801 out: 802 kfree(req); 803 kfree(rep); 804 kfree(urb); 805 return rc; 806 } 807 808 static int ep11_unwrapkey(u16 card, u16 domain, 809 const u8 *kek, size_t keksize, 810 const u8 *enckey, size_t enckeysize, 811 u32 mech, const u8 *iv, 812 u32 keybitsize, u32 keygenflags, 813 u8 *keybuf, size_t *keybufsize) 814 { 815 struct uw_req_pl { 816 struct pl_head head; 817 u8 attr_tag; 818 u8 attr_len; 819 u32 attr_header; 820 u32 attr_bool_mask; 821 u32 attr_bool_bits; 822 u32 attr_key_type; 823 u32 attr_key_type_value; 824 u32 attr_val_len; 825 u32 attr_val_len_value; 826 u8 mech_tag; 827 u8 mech_len; 828 u32 mech; 829 /* 830 * maybe followed by iv data 831 * followed by kek tag + kek blob 832 * followed by empty mac tag 833 * followed by empty pin tag 834 * followed by encryted key tag + bytes 835 */ 836 } __packed * req_pl; 837 struct uw_rep_pl { 838 struct pl_head head; 839 u8 rc_tag; 840 u8 rc_len; 841 u32 rc; 842 u8 data_tag; 843 u8 data_lenfmt; 844 u16 data_len; 845 u8 data[512]; 846 } __packed * rep_pl; 847 struct ep11_cprb *req = NULL, *rep = NULL; 848 struct ep11_target_dev target; 849 struct ep11_urb *urb = NULL; 850 struct ep11keyblob *kb; 851 size_t req_pl_size; 852 int api, rc = -ENOMEM; 853 u8 *p; 854 855 /* request cprb and payload */ 856 req_pl_size = sizeof(struct uw_req_pl) + (iv ? 16 : 0) 857 + ASN1TAGLEN(keksize) + 4 + ASN1TAGLEN(enckeysize); 858 req = alloc_cprb(req_pl_size); 859 if (!req) 860 goto out; 861 req_pl = (struct uw_req_pl *) (((u8 *) req) + sizeof(*req)); 862 api = (!keygenflags || keygenflags & 0x00200000) ? 4 : 1; 863 prep_head(&req_pl->head, req_pl_size, api, 34); /* UnwrapKey */ 864 req_pl->attr_tag = 0x04; 865 req_pl->attr_len = 7 * sizeof(u32); 866 req_pl->attr_header = 0x10020000; 867 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS; 868 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS; 869 req_pl->attr_key_type = 0x00000100; /* CKA_KEY_TYPE */ 870 req_pl->attr_key_type_value = 0x0000001f; /* CKK_AES */ 871 req_pl->attr_val_len = 0x00000161; /* CKA_VALUE_LEN */ 872 req_pl->attr_val_len_value = keybitsize / 8; 873 /* mech is mech + mech params (iv here) */ 874 req_pl->mech_tag = 0x04; 875 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0); 876 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */ 877 p = ((u8 *) req_pl) + sizeof(*req_pl); 878 if (iv) { 879 memcpy(p, iv, 16); 880 p += 16; 881 } 882 /* kek */ 883 p += asn1tag_write(p, 0x04, kek, keksize); 884 /* empty mac key tag */ 885 *p++ = 0x04; 886 *p++ = 0; 887 /* empty pin tag */ 888 *p++ = 0x04; 889 *p++ = 0; 890 /* encrypted key value tag and bytes */ 891 p += asn1tag_write(p, 0x04, enckey, enckeysize); 892 893 /* reply cprb and payload */ 894 rep = alloc_cprb(sizeof(struct uw_rep_pl)); 895 if (!rep) 896 goto out; 897 rep_pl = (struct uw_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 898 899 /* urb and target */ 900 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 901 if (!urb) 902 goto out; 903 target.ap_id = card; 904 target.dom_id = domain; 905 prep_urb(urb, &target, 1, 906 req, sizeof(*req) + req_pl_size, 907 rep, sizeof(*rep) + sizeof(*rep_pl)); 908 909 rc = _zcrypt_send_ep11_cprb(urb); 910 if (rc) { 911 DEBUG_ERR( 912 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 913 __func__, (int) card, (int) domain, rc); 914 goto out; 915 } 916 917 rc = check_reply_pl((u8 *)rep_pl, __func__); 918 if (rc) 919 goto out; 920 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { 921 DEBUG_ERR("%s unknown reply data format\n", __func__); 922 rc = -EIO; 923 goto out; 924 } 925 if (rep_pl->data_len > *keybufsize) { 926 DEBUG_ERR("%s mismatch reply data len / key buffer len\n", 927 __func__); 928 rc = -ENOSPC; 929 goto out; 930 } 931 932 /* copy key blob and set header values */ 933 memcpy(keybuf, rep_pl->data, rep_pl->data_len); 934 *keybufsize = rep_pl->data_len; 935 kb = (struct ep11keyblob *) keybuf; 936 kb->head.type = TOKTYPE_NON_CCA; 937 kb->head.len = rep_pl->data_len; 938 kb->head.version = TOKVER_EP11_AES; 939 kb->head.keybitlen = keybitsize; 940 941 out: 942 kfree(req); 943 kfree(rep); 944 kfree(urb); 945 return rc; 946 } 947 948 static int ep11_wrapkey(u16 card, u16 domain, 949 const u8 *key, size_t keysize, 950 u32 mech, const u8 *iv, 951 u8 *databuf, size_t *datasize) 952 { 953 struct wk_req_pl { 954 struct pl_head head; 955 u8 var_tag; 956 u8 var_len; 957 u32 var; 958 u8 mech_tag; 959 u8 mech_len; 960 u32 mech; 961 /* 962 * followed by iv data 963 * followed by key tag + key blob 964 * followed by dummy kek param 965 * followed by dummy mac param 966 */ 967 } __packed * req_pl; 968 struct wk_rep_pl { 969 struct pl_head head; 970 u8 rc_tag; 971 u8 rc_len; 972 u32 rc; 973 u8 data_tag; 974 u8 data_lenfmt; 975 u16 data_len; 976 u8 data[512]; 977 } __packed * rep_pl; 978 struct ep11_cprb *req = NULL, *rep = NULL; 979 struct ep11_target_dev target; 980 struct ep11_urb *urb = NULL; 981 struct ep11keyblob *kb; 982 size_t req_pl_size; 983 int api, rc = -ENOMEM; 984 u8 *p; 985 986 /* request cprb and payload */ 987 req_pl_size = sizeof(struct wk_req_pl) + (iv ? 16 : 0) 988 + ASN1TAGLEN(keysize) + 4; 989 req = alloc_cprb(req_pl_size); 990 if (!req) 991 goto out; 992 if (!mech || mech == 0x80060001) 993 req->flags |= 0x20; /* CPACF_WRAP needs special bit */ 994 req_pl = (struct wk_req_pl *) (((u8 *) req) + sizeof(*req)); 995 api = (!mech || mech == 0x80060001) ? 4 : 1; /* CKM_IBM_CPACF_WRAP */ 996 prep_head(&req_pl->head, req_pl_size, api, 33); /* WrapKey */ 997 req_pl->var_tag = 0x04; 998 req_pl->var_len = sizeof(u32); 999 /* mech is mech + mech params (iv here) */ 1000 req_pl->mech_tag = 0x04; 1001 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0); 1002 req_pl->mech = (mech ? mech : 0x80060001); /* CKM_IBM_CPACF_WRAP */ 1003 p = ((u8 *) req_pl) + sizeof(*req_pl); 1004 if (iv) { 1005 memcpy(p, iv, 16); 1006 p += 16; 1007 } 1008 /* key blob */ 1009 p += asn1tag_write(p, 0x04, key, keysize); 1010 /* maybe the key argument needs the head data cleaned out */ 1011 kb = (struct ep11keyblob *)(p - keysize); 1012 if (kb->head.version == TOKVER_EP11_AES) 1013 memset(&kb->head, 0, sizeof(kb->head)); 1014 /* empty kek tag */ 1015 *p++ = 0x04; 1016 *p++ = 0; 1017 /* empty mac tag */ 1018 *p++ = 0x04; 1019 *p++ = 0; 1020 1021 /* reply cprb and payload */ 1022 rep = alloc_cprb(sizeof(struct wk_rep_pl)); 1023 if (!rep) 1024 goto out; 1025 rep_pl = (struct wk_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 1026 1027 /* urb and target */ 1028 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 1029 if (!urb) 1030 goto out; 1031 target.ap_id = card; 1032 target.dom_id = domain; 1033 prep_urb(urb, &target, 1, 1034 req, sizeof(*req) + req_pl_size, 1035 rep, sizeof(*rep) + sizeof(*rep_pl)); 1036 1037 rc = _zcrypt_send_ep11_cprb(urb); 1038 if (rc) { 1039 DEBUG_ERR( 1040 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 1041 __func__, (int) card, (int) domain, rc); 1042 goto out; 1043 } 1044 1045 rc = check_reply_pl((u8 *)rep_pl, __func__); 1046 if (rc) 1047 goto out; 1048 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { 1049 DEBUG_ERR("%s unknown reply data format\n", __func__); 1050 rc = -EIO; 1051 goto out; 1052 } 1053 if (rep_pl->data_len > *datasize) { 1054 DEBUG_ERR("%s mismatch reply data len / data buffer len\n", 1055 __func__); 1056 rc = -ENOSPC; 1057 goto out; 1058 } 1059 1060 /* copy the data from the cprb to the data buffer */ 1061 memcpy(databuf, rep_pl->data, rep_pl->data_len); 1062 *datasize = rep_pl->data_len; 1063 1064 out: 1065 kfree(req); 1066 kfree(rep); 1067 kfree(urb); 1068 return rc; 1069 } 1070 1071 int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, 1072 const u8 *clrkey, u8 *keybuf, size_t *keybufsize) 1073 { 1074 int rc; 1075 struct ep11keyblob *kb; 1076 u8 encbuf[64], *kek = NULL; 1077 size_t clrkeylen, keklen, encbuflen = sizeof(encbuf); 1078 1079 if (keybitsize == 128 || keybitsize == 192 || keybitsize == 256) 1080 clrkeylen = keybitsize / 8; 1081 else { 1082 DEBUG_ERR( 1083 "%s unknown/unsupported keybitsize %d\n", 1084 __func__, keybitsize); 1085 return -EINVAL; 1086 } 1087 1088 /* allocate memory for the temp kek */ 1089 keklen = MAXEP11AESKEYBLOBSIZE; 1090 kek = kmalloc(keklen, GFP_ATOMIC); 1091 if (!kek) { 1092 rc = -ENOMEM; 1093 goto out; 1094 } 1095 1096 /* Step 1: generate AES 256 bit random kek key */ 1097 rc = ep11_genaeskey(card, domain, 256, 1098 0x00006c00, /* EN/DECRYPT, WRAP/UNWRAP */ 1099 kek, &keklen); 1100 if (rc) { 1101 DEBUG_ERR( 1102 "%s generate kek key failed, rc=%d\n", 1103 __func__, rc); 1104 goto out; 1105 } 1106 kb = (struct ep11keyblob *) kek; 1107 memset(&kb->head, 0, sizeof(kb->head)); 1108 1109 /* Step 2: encrypt clear key value with the kek key */ 1110 rc = ep11_cryptsingle(card, domain, 0, 0, def_iv, kek, keklen, 1111 clrkey, clrkeylen, encbuf, &encbuflen); 1112 if (rc) { 1113 DEBUG_ERR( 1114 "%s encrypting key value with kek key failed, rc=%d\n", 1115 __func__, rc); 1116 goto out; 1117 } 1118 1119 /* Step 3: import the encrypted key value as a new key */ 1120 rc = ep11_unwrapkey(card, domain, kek, keklen, 1121 encbuf, encbuflen, 0, def_iv, 1122 keybitsize, 0, keybuf, keybufsize); 1123 if (rc) { 1124 DEBUG_ERR( 1125 "%s importing key value as new key failed,, rc=%d\n", 1126 __func__, rc); 1127 goto out; 1128 } 1129 1130 out: 1131 kfree(kek); 1132 return rc; 1133 } 1134 EXPORT_SYMBOL(ep11_clr2keyblob); 1135 1136 int ep11_key2protkey(u16 card, u16 dom, const u8 *key, size_t keylen, 1137 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 1138 { 1139 int rc = -EIO; 1140 u8 *wkbuf = NULL; 1141 size_t wkbuflen = 256; 1142 struct wk_info { 1143 u16 version; 1144 u8 res1[16]; 1145 u32 pkeytype; 1146 u32 pkeybitsize; 1147 u64 pkeysize; 1148 u8 res2[8]; 1149 u8 pkey[0]; 1150 } __packed * wki; 1151 1152 /* alloc temp working buffer */ 1153 wkbuf = kmalloc(wkbuflen, GFP_ATOMIC); 1154 if (!wkbuf) 1155 return -ENOMEM; 1156 1157 /* ep11 secure key -> protected key + info */ 1158 rc = ep11_wrapkey(card, dom, key, keylen, 1159 0, def_iv, wkbuf, &wkbuflen); 1160 if (rc) { 1161 DEBUG_ERR( 1162 "%s rewrapping ep11 key to pkey failed, rc=%d\n", 1163 __func__, rc); 1164 goto out; 1165 } 1166 wki = (struct wk_info *) wkbuf; 1167 1168 /* check struct version and pkey type */ 1169 if (wki->version != 1 || wki->pkeytype != 1) { 1170 DEBUG_ERR("%s wk info version %d or pkeytype %d mismatch.\n", 1171 __func__, (int) wki->version, (int) wki->pkeytype); 1172 rc = -EIO; 1173 goto out; 1174 } 1175 1176 /* copy the tanslated protected key */ 1177 switch (wki->pkeysize) { 1178 case 16+32: 1179 /* AES 128 protected key */ 1180 if (protkeytype) 1181 *protkeytype = PKEY_KEYTYPE_AES_128; 1182 break; 1183 case 24+32: 1184 /* AES 192 protected key */ 1185 if (protkeytype) 1186 *protkeytype = PKEY_KEYTYPE_AES_192; 1187 break; 1188 case 32+32: 1189 /* AES 256 protected key */ 1190 if (protkeytype) 1191 *protkeytype = PKEY_KEYTYPE_AES_256; 1192 break; 1193 default: 1194 DEBUG_ERR("%s unknown/unsupported pkeysize %d\n", 1195 __func__, (int) wki->pkeysize); 1196 rc = -EIO; 1197 goto out; 1198 } 1199 memcpy(protkey, wki->pkey, wki->pkeysize); 1200 if (protkeylen) 1201 *protkeylen = (u32) wki->pkeysize; 1202 rc = 0; 1203 1204 out: 1205 kfree(wkbuf); 1206 return rc; 1207 } 1208 EXPORT_SYMBOL(ep11_key2protkey); 1209 1210 int ep11_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain, 1211 int minhwtype, int minapi, const u8 *wkvp) 1212 { 1213 struct zcrypt_device_status_ext *device_status; 1214 u32 *_apqns = NULL, _nr_apqns = 0; 1215 int i, card, dom, rc = -ENOMEM; 1216 struct ep11_domain_info edi; 1217 struct ep11_card_info eci; 1218 1219 /* fetch status of all crypto cards */ 1220 device_status = kvmalloc_array(MAX_ZDEV_ENTRIES_EXT, 1221 sizeof(struct zcrypt_device_status_ext), 1222 GFP_KERNEL); 1223 if (!device_status) 1224 return -ENOMEM; 1225 zcrypt_device_status_mask_ext(device_status); 1226 1227 /* allocate 1k space for up to 256 apqns */ 1228 _apqns = kmalloc_array(256, sizeof(u32), GFP_KERNEL); 1229 if (!_apqns) { 1230 kvfree(device_status); 1231 return -ENOMEM; 1232 } 1233 1234 /* walk through all the crypto apqnss */ 1235 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) { 1236 card = AP_QID_CARD(device_status[i].qid); 1237 dom = AP_QID_QUEUE(device_status[i].qid); 1238 /* check online state */ 1239 if (!device_status[i].online) 1240 continue; 1241 /* check for ep11 functions */ 1242 if (!(device_status[i].functions & 0x01)) 1243 continue; 1244 /* check cardnr */ 1245 if (cardnr != 0xFFFF && card != cardnr) 1246 continue; 1247 /* check domain */ 1248 if (domain != 0xFFFF && dom != domain) 1249 continue; 1250 /* check min hardware type */ 1251 if (minhwtype && device_status[i].hwtype < minhwtype) 1252 continue; 1253 /* check min api version if given */ 1254 if (minapi > 0) { 1255 if (ep11_get_card_info(card, &eci, 0)) 1256 continue; 1257 if (minapi > eci.API_ord_nr) 1258 continue; 1259 } 1260 /* check wkvp if given */ 1261 if (wkvp) { 1262 if (ep11_get_domain_info(card, dom, &edi)) 1263 continue; 1264 if (edi.cur_wk_state != '1') 1265 continue; 1266 if (memcmp(wkvp, edi.cur_wkvp, 16)) 1267 continue; 1268 } 1269 /* apqn passed all filtering criterons, add to the array */ 1270 if (_nr_apqns < 256) 1271 _apqns[_nr_apqns++] = (((u16)card) << 16) | ((u16) dom); 1272 } 1273 1274 /* nothing found ? */ 1275 if (!_nr_apqns) { 1276 kfree(_apqns); 1277 rc = -ENODEV; 1278 } else { 1279 /* no re-allocation, simple return the _apqns array */ 1280 *apqns = _apqns; 1281 *nr_apqns = _nr_apqns; 1282 rc = 0; 1283 } 1284 1285 kvfree(device_status); 1286 return rc; 1287 } 1288 EXPORT_SYMBOL(ep11_findcard2); 1289 1290 void __exit zcrypt_ep11misc_exit(void) 1291 { 1292 card_cache_free(); 1293 } 1294