1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * Copyright IBM Corp. 2019 4 * Author(s): Harald Freudenberger <freude@linux.ibm.com> 5 * 6 * Collection of EP11 misc functions used by zcrypt and pkey 7 */ 8 9 #define KMSG_COMPONENT "zcrypt" 10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt 11 12 #include <linux/init.h> 13 #include <linux/module.h> 14 #include <linux/slab.h> 15 #include <linux/random.h> 16 #include <asm/zcrypt.h> 17 #include <asm/pkey.h> 18 19 #include "ap_bus.h" 20 #include "zcrypt_api.h" 21 #include "zcrypt_debug.h" 22 #include "zcrypt_msgtype6.h" 23 #include "zcrypt_ep11misc.h" 24 #include "zcrypt_ccamisc.h" 25 26 #define DEBUG_DBG(...) ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__) 27 #define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__) 28 #define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__) 29 #define DEBUG_ERR(...) ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__) 30 31 /* default iv used here */ 32 static const u8 def_iv[16] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 33 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }; 34 35 /* ep11 card info cache */ 36 struct card_list_entry { 37 struct list_head list; 38 u16 cardnr; 39 struct ep11_card_info info; 40 }; 41 static LIST_HEAD(card_list); 42 static DEFINE_SPINLOCK(card_list_lock); 43 44 static int card_cache_fetch(u16 cardnr, struct ep11_card_info *ci) 45 { 46 int rc = -ENOENT; 47 struct card_list_entry *ptr; 48 49 spin_lock_bh(&card_list_lock); 50 list_for_each_entry(ptr, &card_list, list) { 51 if (ptr->cardnr == cardnr) { 52 memcpy(ci, &ptr->info, sizeof(*ci)); 53 rc = 0; 54 break; 55 } 56 } 57 spin_unlock_bh(&card_list_lock); 58 59 return rc; 60 } 61 62 static void card_cache_update(u16 cardnr, const struct ep11_card_info *ci) 63 { 64 int found = 0; 65 struct card_list_entry *ptr; 66 67 spin_lock_bh(&card_list_lock); 68 list_for_each_entry(ptr, &card_list, list) { 69 if (ptr->cardnr == cardnr) { 70 memcpy(&ptr->info, ci, sizeof(*ci)); 71 found = 1; 72 break; 73 } 74 } 75 if (!found) { 76 ptr = kmalloc(sizeof(*ptr), GFP_ATOMIC); 77 if (!ptr) { 78 spin_unlock_bh(&card_list_lock); 79 return; 80 } 81 ptr->cardnr = cardnr; 82 memcpy(&ptr->info, ci, sizeof(*ci)); 83 list_add(&ptr->list, &card_list); 84 } 85 spin_unlock_bh(&card_list_lock); 86 } 87 88 static void card_cache_scrub(u16 cardnr) 89 { 90 struct card_list_entry *ptr; 91 92 spin_lock_bh(&card_list_lock); 93 list_for_each_entry(ptr, &card_list, list) { 94 if (ptr->cardnr == cardnr) { 95 list_del(&ptr->list); 96 kfree(ptr); 97 break; 98 } 99 } 100 spin_unlock_bh(&card_list_lock); 101 } 102 103 static void __exit card_cache_free(void) 104 { 105 struct card_list_entry *ptr, *pnext; 106 107 spin_lock_bh(&card_list_lock); 108 list_for_each_entry_safe(ptr, pnext, &card_list, list) { 109 list_del(&ptr->list); 110 kfree(ptr); 111 } 112 spin_unlock_bh(&card_list_lock); 113 } 114 115 /* 116 * Simple check if the key blob is a valid EP11 secure AES key. 117 */ 118 int ep11_check_aeskeyblob(debug_info_t *dbg, int dbflvl, 119 const u8 *key, int keybitsize, 120 int checkcpacfexport) 121 { 122 struct ep11keyblob *kb = (struct ep11keyblob *) key; 123 124 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__) 125 126 if (kb->head.type != TOKTYPE_NON_CCA) { 127 if (dbg) 128 DBF("%s key check failed, type 0x%02x != 0x%02x\n", 129 __func__, (int) kb->head.type, TOKTYPE_NON_CCA); 130 return -EINVAL; 131 } 132 if (kb->head.version != TOKVER_EP11_AES) { 133 if (dbg) 134 DBF("%s key check failed, version 0x%02x != 0x%02x\n", 135 __func__, (int) kb->head.version, TOKVER_EP11_AES); 136 return -EINVAL; 137 } 138 if (kb->version != EP11_STRUCT_MAGIC) { 139 if (dbg) 140 DBF("%s key check failed, magic 0x%04x != 0x%04x\n", 141 __func__, (int) kb->version, EP11_STRUCT_MAGIC); 142 return -EINVAL; 143 } 144 switch (kb->head.keybitlen) { 145 case 128: 146 case 192: 147 case 256: 148 break; 149 default: 150 if (dbg) 151 DBF("%s key check failed, keybitlen %d invalid\n", 152 __func__, (int) kb->head.keybitlen); 153 return -EINVAL; 154 } 155 if (keybitsize > 0 && keybitsize != (int) kb->head.keybitlen) { 156 DBF("%s key check failed, keybitsize %d\n", 157 __func__, keybitsize); 158 return -EINVAL; 159 } 160 if (checkcpacfexport && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) { 161 if (dbg) 162 DBF("%s key check failed, PKEY_EXTRACTABLE is 0\n", 163 __func__); 164 return -EINVAL; 165 } 166 #undef DBF 167 168 return 0; 169 } 170 EXPORT_SYMBOL(ep11_check_aeskeyblob); 171 172 /* 173 * Helper function which calls zcrypt_send_ep11_cprb with 174 * memory management segment adjusted to kernel space 175 * so that the copy_from_user called within this 176 * function do in fact copy from kernel space. 177 */ 178 static inline int _zcrypt_send_ep11_cprb(struct ep11_urb *urb) 179 { 180 int rc; 181 mm_segment_t old_fs = get_fs(); 182 183 set_fs(KERNEL_DS); 184 rc = zcrypt_send_ep11_cprb(urb); 185 set_fs(old_fs); 186 187 return rc; 188 } 189 190 /* 191 * Allocate and prepare ep11 cprb plus additional payload. 192 */ 193 static inline struct ep11_cprb *alloc_cprb(size_t payload_len) 194 { 195 size_t len = sizeof(struct ep11_cprb) + payload_len; 196 struct ep11_cprb *cprb; 197 198 cprb = kzalloc(len, GFP_KERNEL); 199 if (!cprb) 200 return NULL; 201 202 cprb->cprb_len = sizeof(struct ep11_cprb); 203 cprb->cprb_ver_id = 0x04; 204 memcpy(cprb->func_id, "T4", 2); 205 cprb->ret_code = 0xFFFFFFFF; 206 cprb->payload_len = payload_len; 207 208 return cprb; 209 } 210 211 /* 212 * Some helper functions related to ASN1 encoding. 213 * Limited to length info <= 2 byte. 214 */ 215 216 #define ASN1TAGLEN(x) (2 + (x) + ((x) > 127 ? 1 : 0) + ((x) > 255 ? 1 : 0)) 217 218 static int asn1tag_write(u8 *ptr, u8 tag, const u8 *pvalue, u16 valuelen) 219 { 220 ptr[0] = tag; 221 if (valuelen > 255) { 222 ptr[1] = 0x82; 223 *((u16 *)(ptr + 2)) = valuelen; 224 memcpy(ptr + 4, pvalue, valuelen); 225 return 4 + valuelen; 226 } 227 if (valuelen > 127) { 228 ptr[1] = 0x81; 229 ptr[2] = (u8) valuelen; 230 memcpy(ptr + 3, pvalue, valuelen); 231 return 3 + valuelen; 232 } 233 ptr[1] = (u8) valuelen; 234 memcpy(ptr + 2, pvalue, valuelen); 235 return 2 + valuelen; 236 } 237 238 /* EP11 payload > 127 bytes starts with this struct */ 239 struct pl_head { 240 u8 tag; 241 u8 lenfmt; 242 u16 len; 243 u8 func_tag; 244 u8 func_len; 245 u32 func; 246 u8 dom_tag; 247 u8 dom_len; 248 u32 dom; 249 } __packed; 250 251 /* prep ep11 payload head helper function */ 252 static inline void prep_head(struct pl_head *h, 253 size_t pl_size, int api, int func) 254 { 255 h->tag = 0x30; 256 h->lenfmt = 0x82; 257 h->len = pl_size - 4; 258 h->func_tag = 0x04; 259 h->func_len = sizeof(u32); 260 h->func = (api << 16) + func; 261 h->dom_tag = 0x04; 262 h->dom_len = sizeof(u32); 263 } 264 265 /* prep urb helper function */ 266 static inline void prep_urb(struct ep11_urb *u, 267 struct ep11_target_dev *t, int nt, 268 struct ep11_cprb *req, size_t req_len, 269 struct ep11_cprb *rep, size_t rep_len) 270 { 271 u->targets = (u8 __user *) t; 272 u->targets_num = nt; 273 u->req = (u8 __user *) req; 274 u->req_len = req_len; 275 u->resp = (u8 __user *) rep; 276 u->resp_len = rep_len; 277 } 278 279 /* Check ep11 reply payload, return 0 or suggested errno value. */ 280 static int check_reply_pl(const u8 *pl, const char *func) 281 { 282 int len; 283 u32 ret; 284 285 /* start tag */ 286 if (*pl++ != 0x30) { 287 DEBUG_ERR("%s reply start tag mismatch\n", func); 288 return -EIO; 289 } 290 291 /* payload length format */ 292 if (*pl < 127) { 293 len = *pl; 294 pl++; 295 } else if (*pl == 0x81) { 296 pl++; 297 len = *pl; 298 pl++; 299 } else if (*pl == 0x82) { 300 pl++; 301 len = *((u16 *)pl); 302 pl += 2; 303 } else { 304 DEBUG_ERR("%s reply start tag lenfmt mismatch 0x%02hhx\n", 305 func, *pl); 306 return -EIO; 307 } 308 309 /* len should cover at least 3 fields with 32 bit value each */ 310 if (len < 3 * 6) { 311 DEBUG_ERR("%s reply length %d too small\n", func, len); 312 return -EIO; 313 } 314 315 /* function tag, length and value */ 316 if (pl[0] != 0x04 || pl[1] != 0x04) { 317 DEBUG_ERR("%s function tag or length mismatch\n", func); 318 return -EIO; 319 } 320 pl += 6; 321 322 /* dom tag, length and value */ 323 if (pl[0] != 0x04 || pl[1] != 0x04) { 324 DEBUG_ERR("%s dom tag or length mismatch\n", func); 325 return -EIO; 326 } 327 pl += 6; 328 329 /* return value tag, length and value */ 330 if (pl[0] != 0x04 || pl[1] != 0x04) { 331 DEBUG_ERR("%s return value tag or length mismatch\n", func); 332 return -EIO; 333 } 334 pl += 2; 335 ret = *((u32 *)pl); 336 if (ret != 0) { 337 DEBUG_ERR("%s return value 0x%04x != 0\n", func, ret); 338 return -EIO; 339 } 340 341 return 0; 342 } 343 344 345 /* 346 * Helper function which does an ep11 query with given query type. 347 */ 348 static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type, 349 size_t buflen, u8 *buf) 350 { 351 struct ep11_info_req_pl { 352 struct pl_head head; 353 u8 query_type_tag; 354 u8 query_type_len; 355 u32 query_type; 356 u8 query_subtype_tag; 357 u8 query_subtype_len; 358 u32 query_subtype; 359 } __packed * req_pl; 360 struct ep11_info_rep_pl { 361 struct pl_head head; 362 u8 rc_tag; 363 u8 rc_len; 364 u32 rc; 365 u8 data_tag; 366 u8 data_lenfmt; 367 u16 data_len; 368 } __packed * rep_pl; 369 struct ep11_cprb *req = NULL, *rep = NULL; 370 struct ep11_target_dev target; 371 struct ep11_urb *urb = NULL; 372 int api = 1, rc = -ENOMEM; 373 374 /* request cprb and payload */ 375 req = alloc_cprb(sizeof(struct ep11_info_req_pl)); 376 if (!req) 377 goto out; 378 req_pl = (struct ep11_info_req_pl *) (((u8 *) req) + sizeof(*req)); 379 prep_head(&req_pl->head, sizeof(*req_pl), api, 38); /* get xcp info */ 380 req_pl->query_type_tag = 0x04; 381 req_pl->query_type_len = sizeof(u32); 382 req_pl->query_type = query_type; 383 req_pl->query_subtype_tag = 0x04; 384 req_pl->query_subtype_len = sizeof(u32); 385 386 /* reply cprb and payload */ 387 rep = alloc_cprb(sizeof(struct ep11_info_rep_pl) + buflen); 388 if (!rep) 389 goto out; 390 rep_pl = (struct ep11_info_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 391 392 /* urb and target */ 393 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 394 if (!urb) 395 goto out; 396 target.ap_id = cardnr; 397 target.dom_id = domain; 398 prep_urb(urb, &target, 1, 399 req, sizeof(*req) + sizeof(*req_pl), 400 rep, sizeof(*rep) + sizeof(*rep_pl) + buflen); 401 402 rc = _zcrypt_send_ep11_cprb(urb); 403 if (rc) { 404 DEBUG_ERR( 405 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 406 __func__, (int) cardnr, (int) domain, rc); 407 goto out; 408 } 409 410 rc = check_reply_pl((u8 *)rep_pl, __func__); 411 if (rc) 412 goto out; 413 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { 414 DEBUG_ERR("%s unknown reply data format\n", __func__); 415 rc = -EIO; 416 goto out; 417 } 418 if (rep_pl->data_len > buflen) { 419 DEBUG_ERR("%s mismatch between reply data len and buffer len\n", 420 __func__); 421 rc = -ENOSPC; 422 goto out; 423 } 424 425 memcpy(buf, ((u8 *) rep_pl) + sizeof(*rep_pl), rep_pl->data_len); 426 427 out: 428 kfree(req); 429 kfree(rep); 430 kfree(urb); 431 return rc; 432 } 433 434 /* 435 * Provide information about an EP11 card. 436 */ 437 int ep11_get_card_info(u16 card, struct ep11_card_info *info, int verify) 438 { 439 int rc; 440 struct ep11_module_query_info { 441 u32 API_ord_nr; 442 u32 firmware_id; 443 u8 FW_major_vers; 444 u8 FW_minor_vers; 445 u8 CSP_major_vers; 446 u8 CSP_minor_vers; 447 u8 fwid[32]; 448 u8 xcp_config_hash[32]; 449 u8 CSP_config_hash[32]; 450 u8 serial[16]; 451 u8 module_date_time[16]; 452 u64 op_mode; 453 u32 PKCS11_flags; 454 u32 ext_flags; 455 u32 domains; 456 u32 sym_state_bytes; 457 u32 digest_state_bytes; 458 u32 pin_blob_bytes; 459 u32 SPKI_bytes; 460 u32 priv_key_blob_bytes; 461 u32 sym_blob_bytes; 462 u32 max_payload_bytes; 463 u32 CP_profile_bytes; 464 u32 max_CP_index; 465 } __packed * pmqi = NULL; 466 467 rc = card_cache_fetch(card, info); 468 if (rc || verify) { 469 pmqi = kmalloc(sizeof(*pmqi), GFP_KERNEL); 470 if (!pmqi) 471 return -ENOMEM; 472 rc = ep11_query_info(card, AUTOSEL_DOM, 473 0x01 /* module info query */, 474 sizeof(*pmqi), (u8 *) pmqi); 475 if (rc) { 476 if (rc == -ENODEV) 477 card_cache_scrub(card); 478 goto out; 479 } 480 memset(info, 0, sizeof(*info)); 481 info->API_ord_nr = pmqi->API_ord_nr; 482 info->FW_version = 483 (pmqi->FW_major_vers << 8) + pmqi->FW_minor_vers; 484 memcpy(info->serial, pmqi->serial, sizeof(info->serial)); 485 info->op_mode = pmqi->op_mode; 486 card_cache_update(card, info); 487 } 488 489 out: 490 kfree(pmqi); 491 return rc; 492 } 493 EXPORT_SYMBOL(ep11_get_card_info); 494 495 /* 496 * Provide information about a domain within an EP11 card. 497 */ 498 int ep11_get_domain_info(u16 card, u16 domain, struct ep11_domain_info *info) 499 { 500 int rc; 501 struct ep11_domain_query_info { 502 u32 dom_index; 503 u8 cur_WK_VP[32]; 504 u8 new_WK_VP[32]; 505 u32 dom_flags; 506 u64 op_mode; 507 } __packed * p_dom_info; 508 509 p_dom_info = kmalloc(sizeof(*p_dom_info), GFP_KERNEL); 510 if (!p_dom_info) 511 return -ENOMEM; 512 513 rc = ep11_query_info(card, domain, 0x03 /* domain info query */, 514 sizeof(*p_dom_info), (u8 *) p_dom_info); 515 if (rc) 516 goto out; 517 518 memset(info, 0, sizeof(*info)); 519 info->cur_wk_state = '0'; 520 info->new_wk_state = '0'; 521 if (p_dom_info->dom_flags & 0x10 /* left imprint mode */) { 522 if (p_dom_info->dom_flags & 0x02 /* cur wk valid */) { 523 info->cur_wk_state = '1'; 524 memcpy(info->cur_wkvp, p_dom_info->cur_WK_VP, 32); 525 } 526 if (p_dom_info->dom_flags & 0x04 /* new wk present */ 527 || p_dom_info->dom_flags & 0x08 /* new wk committed */) { 528 info->new_wk_state = 529 p_dom_info->dom_flags & 0x08 ? '2' : '1'; 530 memcpy(info->new_wkvp, p_dom_info->new_WK_VP, 32); 531 } 532 } 533 info->op_mode = p_dom_info->op_mode; 534 535 out: 536 kfree(p_dom_info); 537 return rc; 538 } 539 EXPORT_SYMBOL(ep11_get_domain_info); 540 541 /* 542 * Default EP11 AES key generate attributes, used when no keygenflags given: 543 * XCP_BLOB_ENCRYPT | XCP_BLOB_DECRYPT | XCP_BLOB_PROTKEY_EXTRACTABLE 544 */ 545 #define KEY_ATTR_DEFAULTS 0x00200c00 546 547 int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, 548 u8 *keybuf, size_t *keybufsize) 549 { 550 struct keygen_req_pl { 551 struct pl_head head; 552 u8 var_tag; 553 u8 var_len; 554 u32 var; 555 u8 keybytes_tag; 556 u8 keybytes_len; 557 u32 keybytes; 558 u8 mech_tag; 559 u8 mech_len; 560 u32 mech; 561 u8 attr_tag; 562 u8 attr_len; 563 u32 attr_header; 564 u32 attr_bool_mask; 565 u32 attr_bool_bits; 566 u32 attr_val_len_type; 567 u32 attr_val_len_value; 568 u8 pin_tag; 569 u8 pin_len; 570 } __packed * req_pl; 571 struct keygen_rep_pl { 572 struct pl_head head; 573 u8 rc_tag; 574 u8 rc_len; 575 u32 rc; 576 u8 data_tag; 577 u8 data_lenfmt; 578 u16 data_len; 579 u8 data[512]; 580 } __packed * rep_pl; 581 struct ep11_cprb *req = NULL, *rep = NULL; 582 struct ep11_target_dev target; 583 struct ep11_urb *urb = NULL; 584 struct ep11keyblob *kb; 585 int api, rc = -ENOMEM; 586 587 switch (keybitsize) { 588 case 128: 589 case 192: 590 case 256: 591 break; 592 default: 593 DEBUG_ERR( 594 "%s unknown/unsupported keybitsize %d\n", 595 __func__, keybitsize); 596 rc = -EINVAL; 597 goto out; 598 } 599 600 /* request cprb and payload */ 601 req = alloc_cprb(sizeof(struct keygen_req_pl)); 602 if (!req) 603 goto out; 604 req_pl = (struct keygen_req_pl *) (((u8 *) req) + sizeof(*req)); 605 api = (!keygenflags || keygenflags & 0x00200000) ? 4 : 1; 606 prep_head(&req_pl->head, sizeof(*req_pl), api, 21); /* GenerateKey */ 607 req_pl->var_tag = 0x04; 608 req_pl->var_len = sizeof(u32); 609 req_pl->keybytes_tag = 0x04; 610 req_pl->keybytes_len = sizeof(u32); 611 req_pl->keybytes = keybitsize / 8; 612 req_pl->mech_tag = 0x04; 613 req_pl->mech_len = sizeof(u32); 614 req_pl->mech = 0x00001080; /* CKM_AES_KEY_GEN */ 615 req_pl->attr_tag = 0x04; 616 req_pl->attr_len = 5 * sizeof(u32); 617 req_pl->attr_header = 0x10010000; 618 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS; 619 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS; 620 req_pl->attr_val_len_type = 0x00000161; /* CKA_VALUE_LEN */ 621 req_pl->attr_val_len_value = keybitsize / 8; 622 req_pl->pin_tag = 0x04; 623 624 /* reply cprb and payload */ 625 rep = alloc_cprb(sizeof(struct keygen_rep_pl)); 626 if (!rep) 627 goto out; 628 rep_pl = (struct keygen_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 629 630 /* urb and target */ 631 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 632 if (!urb) 633 goto out; 634 target.ap_id = card; 635 target.dom_id = domain; 636 prep_urb(urb, &target, 1, 637 req, sizeof(*req) + sizeof(*req_pl), 638 rep, sizeof(*rep) + sizeof(*rep_pl)); 639 640 rc = _zcrypt_send_ep11_cprb(urb); 641 if (rc) { 642 DEBUG_ERR( 643 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 644 __func__, (int) card, (int) domain, rc); 645 goto out; 646 } 647 648 rc = check_reply_pl((u8 *)rep_pl, __func__); 649 if (rc) 650 goto out; 651 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { 652 DEBUG_ERR("%s unknown reply data format\n", __func__); 653 rc = -EIO; 654 goto out; 655 } 656 if (rep_pl->data_len > *keybufsize) { 657 DEBUG_ERR("%s mismatch reply data len / key buffer len\n", 658 __func__); 659 rc = -ENOSPC; 660 goto out; 661 } 662 663 /* copy key blob and set header values */ 664 memcpy(keybuf, rep_pl->data, rep_pl->data_len); 665 *keybufsize = rep_pl->data_len; 666 kb = (struct ep11keyblob *) keybuf; 667 kb->head.type = TOKTYPE_NON_CCA; 668 kb->head.len = rep_pl->data_len; 669 kb->head.version = TOKVER_EP11_AES; 670 kb->head.keybitlen = keybitsize; 671 672 out: 673 kfree(req); 674 kfree(rep); 675 kfree(urb); 676 return rc; 677 } 678 EXPORT_SYMBOL(ep11_genaeskey); 679 680 static int ep11_cryptsingle(u16 card, u16 domain, 681 u16 mode, u32 mech, const u8 *iv, 682 const u8 *key, size_t keysize, 683 const u8 *inbuf, size_t inbufsize, 684 u8 *outbuf, size_t *outbufsize) 685 { 686 struct crypt_req_pl { 687 struct pl_head head; 688 u8 var_tag; 689 u8 var_len; 690 u32 var; 691 u8 mech_tag; 692 u8 mech_len; 693 u32 mech; 694 /* 695 * maybe followed by iv data 696 * followed by key tag + key blob 697 * followed by plaintext tag + plaintext 698 */ 699 } __packed * req_pl; 700 struct crypt_rep_pl { 701 struct pl_head head; 702 u8 rc_tag; 703 u8 rc_len; 704 u32 rc; 705 u8 data_tag; 706 u8 data_lenfmt; 707 /* data follows */ 708 } __packed * rep_pl; 709 struct ep11_cprb *req = NULL, *rep = NULL; 710 struct ep11_target_dev target; 711 struct ep11_urb *urb = NULL; 712 size_t req_pl_size, rep_pl_size; 713 int n, api = 1, rc = -ENOMEM; 714 u8 *p; 715 716 /* the simple asn1 coding used has length limits */ 717 if (keysize > 0xFFFF || inbufsize > 0xFFFF) 718 return -EINVAL; 719 720 /* request cprb and payload */ 721 req_pl_size = sizeof(struct crypt_req_pl) + (iv ? 16 : 0) 722 + ASN1TAGLEN(keysize) + ASN1TAGLEN(inbufsize); 723 req = alloc_cprb(req_pl_size); 724 if (!req) 725 goto out; 726 req_pl = (struct crypt_req_pl *) (((u8 *) req) + sizeof(*req)); 727 prep_head(&req_pl->head, req_pl_size, api, (mode ? 20 : 19)); 728 req_pl->var_tag = 0x04; 729 req_pl->var_len = sizeof(u32); 730 /* mech is mech + mech params (iv here) */ 731 req_pl->mech_tag = 0x04; 732 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0); 733 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */ 734 p = ((u8 *) req_pl) + sizeof(*req_pl); 735 if (iv) { 736 memcpy(p, iv, 16); 737 p += 16; 738 } 739 /* key and input data */ 740 p += asn1tag_write(p, 0x04, key, keysize); 741 p += asn1tag_write(p, 0x04, inbuf, inbufsize); 742 743 /* reply cprb and payload, assume out data size <= in data size + 32 */ 744 rep_pl_size = sizeof(struct crypt_rep_pl) + ASN1TAGLEN(inbufsize + 32); 745 rep = alloc_cprb(rep_pl_size); 746 if (!rep) 747 goto out; 748 rep_pl = (struct crypt_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 749 750 /* urb and target */ 751 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 752 if (!urb) 753 goto out; 754 target.ap_id = card; 755 target.dom_id = domain; 756 prep_urb(urb, &target, 1, 757 req, sizeof(*req) + req_pl_size, 758 rep, sizeof(*rep) + rep_pl_size); 759 760 rc = _zcrypt_send_ep11_cprb(urb); 761 if (rc) { 762 DEBUG_ERR( 763 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 764 __func__, (int) card, (int) domain, rc); 765 goto out; 766 } 767 768 rc = check_reply_pl((u8 *)rep_pl, __func__); 769 if (rc) 770 goto out; 771 if (rep_pl->data_tag != 0x04) { 772 DEBUG_ERR("%s unknown reply data format\n", __func__); 773 rc = -EIO; 774 goto out; 775 } 776 p = ((u8 *) rep_pl) + sizeof(*rep_pl); 777 if (rep_pl->data_lenfmt <= 127) 778 n = rep_pl->data_lenfmt; 779 else if (rep_pl->data_lenfmt == 0x81) 780 n = *p++; 781 else if (rep_pl->data_lenfmt == 0x82) { 782 n = *((u16 *) p); 783 p += 2; 784 } else { 785 DEBUG_ERR("%s unknown reply data length format 0x%02hhx\n", 786 __func__, rep_pl->data_lenfmt); 787 rc = -EIO; 788 goto out; 789 } 790 if (n > *outbufsize) { 791 DEBUG_ERR("%s mismatch reply data len %d / output buffer %zu\n", 792 __func__, n, *outbufsize); 793 rc = -ENOSPC; 794 goto out; 795 } 796 797 memcpy(outbuf, p, n); 798 *outbufsize = n; 799 800 out: 801 kfree(req); 802 kfree(rep); 803 kfree(urb); 804 return rc; 805 } 806 807 static int ep11_unwrapkey(u16 card, u16 domain, 808 const u8 *kek, size_t keksize, 809 const u8 *enckey, size_t enckeysize, 810 u32 mech, const u8 *iv, 811 u32 keybitsize, u32 keygenflags, 812 u8 *keybuf, size_t *keybufsize) 813 { 814 struct uw_req_pl { 815 struct pl_head head; 816 u8 attr_tag; 817 u8 attr_len; 818 u32 attr_header; 819 u32 attr_bool_mask; 820 u32 attr_bool_bits; 821 u32 attr_key_type; 822 u32 attr_key_type_value; 823 u32 attr_val_len; 824 u32 attr_val_len_value; 825 u8 mech_tag; 826 u8 mech_len; 827 u32 mech; 828 /* 829 * maybe followed by iv data 830 * followed by kek tag + kek blob 831 * followed by empty mac tag 832 * followed by empty pin tag 833 * followed by encryted key tag + bytes 834 */ 835 } __packed * req_pl; 836 struct uw_rep_pl { 837 struct pl_head head; 838 u8 rc_tag; 839 u8 rc_len; 840 u32 rc; 841 u8 data_tag; 842 u8 data_lenfmt; 843 u16 data_len; 844 u8 data[512]; 845 } __packed * rep_pl; 846 struct ep11_cprb *req = NULL, *rep = NULL; 847 struct ep11_target_dev target; 848 struct ep11_urb *urb = NULL; 849 struct ep11keyblob *kb; 850 size_t req_pl_size; 851 int api, rc = -ENOMEM; 852 u8 *p; 853 854 /* request cprb and payload */ 855 req_pl_size = sizeof(struct uw_req_pl) + (iv ? 16 : 0) 856 + ASN1TAGLEN(keksize) + 4 + ASN1TAGLEN(enckeysize); 857 req = alloc_cprb(req_pl_size); 858 if (!req) 859 goto out; 860 req_pl = (struct uw_req_pl *) (((u8 *) req) + sizeof(*req)); 861 api = (!keygenflags || keygenflags & 0x00200000) ? 4 : 1; 862 prep_head(&req_pl->head, req_pl_size, api, 34); /* UnwrapKey */ 863 req_pl->attr_tag = 0x04; 864 req_pl->attr_len = 7 * sizeof(u32); 865 req_pl->attr_header = 0x10020000; 866 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS; 867 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS; 868 req_pl->attr_key_type = 0x00000100; /* CKA_KEY_TYPE */ 869 req_pl->attr_key_type_value = 0x0000001f; /* CKK_AES */ 870 req_pl->attr_val_len = 0x00000161; /* CKA_VALUE_LEN */ 871 req_pl->attr_val_len_value = keybitsize / 8; 872 /* mech is mech + mech params (iv here) */ 873 req_pl->mech_tag = 0x04; 874 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0); 875 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */ 876 p = ((u8 *) req_pl) + sizeof(*req_pl); 877 if (iv) { 878 memcpy(p, iv, 16); 879 p += 16; 880 } 881 /* kek */ 882 p += asn1tag_write(p, 0x04, kek, keksize); 883 /* empty mac key tag */ 884 *p++ = 0x04; 885 *p++ = 0; 886 /* empty pin tag */ 887 *p++ = 0x04; 888 *p++ = 0; 889 /* encrypted key value tag and bytes */ 890 p += asn1tag_write(p, 0x04, enckey, enckeysize); 891 892 /* reply cprb and payload */ 893 rep = alloc_cprb(sizeof(struct uw_rep_pl)); 894 if (!rep) 895 goto out; 896 rep_pl = (struct uw_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 897 898 /* urb and target */ 899 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 900 if (!urb) 901 goto out; 902 target.ap_id = card; 903 target.dom_id = domain; 904 prep_urb(urb, &target, 1, 905 req, sizeof(*req) + req_pl_size, 906 rep, sizeof(*rep) + sizeof(*rep_pl)); 907 908 rc = _zcrypt_send_ep11_cprb(urb); 909 if (rc) { 910 DEBUG_ERR( 911 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 912 __func__, (int) card, (int) domain, rc); 913 goto out; 914 } 915 916 rc = check_reply_pl((u8 *)rep_pl, __func__); 917 if (rc) 918 goto out; 919 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { 920 DEBUG_ERR("%s unknown reply data format\n", __func__); 921 rc = -EIO; 922 goto out; 923 } 924 if (rep_pl->data_len > *keybufsize) { 925 DEBUG_ERR("%s mismatch reply data len / key buffer len\n", 926 __func__); 927 rc = -ENOSPC; 928 goto out; 929 } 930 931 /* copy key blob and set header values */ 932 memcpy(keybuf, rep_pl->data, rep_pl->data_len); 933 *keybufsize = rep_pl->data_len; 934 kb = (struct ep11keyblob *) keybuf; 935 kb->head.type = TOKTYPE_NON_CCA; 936 kb->head.len = rep_pl->data_len; 937 kb->head.version = TOKVER_EP11_AES; 938 kb->head.keybitlen = keybitsize; 939 940 out: 941 kfree(req); 942 kfree(rep); 943 kfree(urb); 944 return rc; 945 } 946 947 static int ep11_wrapkey(u16 card, u16 domain, 948 const u8 *key, size_t keysize, 949 u32 mech, const u8 *iv, 950 u8 *databuf, size_t *datasize) 951 { 952 struct wk_req_pl { 953 struct pl_head head; 954 u8 var_tag; 955 u8 var_len; 956 u32 var; 957 u8 mech_tag; 958 u8 mech_len; 959 u32 mech; 960 /* 961 * followed by iv data 962 * followed by key tag + key blob 963 * followed by dummy kek param 964 * followed by dummy mac param 965 */ 966 } __packed * req_pl; 967 struct wk_rep_pl { 968 struct pl_head head; 969 u8 rc_tag; 970 u8 rc_len; 971 u32 rc; 972 u8 data_tag; 973 u8 data_lenfmt; 974 u16 data_len; 975 u8 data[512]; 976 } __packed * rep_pl; 977 struct ep11_cprb *req = NULL, *rep = NULL; 978 struct ep11_target_dev target; 979 struct ep11_urb *urb = NULL; 980 struct ep11keyblob *kb; 981 size_t req_pl_size; 982 int api, rc = -ENOMEM; 983 u8 *p; 984 985 /* request cprb and payload */ 986 req_pl_size = sizeof(struct wk_req_pl) + (iv ? 16 : 0) 987 + ASN1TAGLEN(keysize) + 4; 988 req = alloc_cprb(req_pl_size); 989 if (!req) 990 goto out; 991 if (!mech || mech == 0x80060001) 992 req->flags |= 0x20; /* CPACF_WRAP needs special bit */ 993 req_pl = (struct wk_req_pl *) (((u8 *) req) + sizeof(*req)); 994 api = (!mech || mech == 0x80060001) ? 4 : 1; /* CKM_IBM_CPACF_WRAP */ 995 prep_head(&req_pl->head, req_pl_size, api, 33); /* WrapKey */ 996 req_pl->var_tag = 0x04; 997 req_pl->var_len = sizeof(u32); 998 /* mech is mech + mech params (iv here) */ 999 req_pl->mech_tag = 0x04; 1000 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0); 1001 req_pl->mech = (mech ? mech : 0x80060001); /* CKM_IBM_CPACF_WRAP */ 1002 p = ((u8 *) req_pl) + sizeof(*req_pl); 1003 if (iv) { 1004 memcpy(p, iv, 16); 1005 p += 16; 1006 } 1007 /* key blob */ 1008 p += asn1tag_write(p, 0x04, key, keysize); 1009 /* maybe the key argument needs the head data cleaned out */ 1010 kb = (struct ep11keyblob *)(p - keysize); 1011 if (kb->head.version == TOKVER_EP11_AES) 1012 memset(&kb->head, 0, sizeof(kb->head)); 1013 /* empty kek tag */ 1014 *p++ = 0x04; 1015 *p++ = 0; 1016 /* empty mac tag */ 1017 *p++ = 0x04; 1018 *p++ = 0; 1019 1020 /* reply cprb and payload */ 1021 rep = alloc_cprb(sizeof(struct wk_rep_pl)); 1022 if (!rep) 1023 goto out; 1024 rep_pl = (struct wk_rep_pl *) (((u8 *) rep) + sizeof(*rep)); 1025 1026 /* urb and target */ 1027 urb = kmalloc(sizeof(struct ep11_urb), GFP_KERNEL); 1028 if (!urb) 1029 goto out; 1030 target.ap_id = card; 1031 target.dom_id = domain; 1032 prep_urb(urb, &target, 1, 1033 req, sizeof(*req) + req_pl_size, 1034 rep, sizeof(*rep) + sizeof(*rep_pl)); 1035 1036 rc = _zcrypt_send_ep11_cprb(urb); 1037 if (rc) { 1038 DEBUG_ERR( 1039 "%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n", 1040 __func__, (int) card, (int) domain, rc); 1041 goto out; 1042 } 1043 1044 rc = check_reply_pl((u8 *)rep_pl, __func__); 1045 if (rc) 1046 goto out; 1047 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { 1048 DEBUG_ERR("%s unknown reply data format\n", __func__); 1049 rc = -EIO; 1050 goto out; 1051 } 1052 if (rep_pl->data_len > *datasize) { 1053 DEBUG_ERR("%s mismatch reply data len / data buffer len\n", 1054 __func__); 1055 rc = -ENOSPC; 1056 goto out; 1057 } 1058 1059 /* copy the data from the cprb to the data buffer */ 1060 memcpy(databuf, rep_pl->data, rep_pl->data_len); 1061 *datasize = rep_pl->data_len; 1062 1063 out: 1064 kfree(req); 1065 kfree(rep); 1066 kfree(urb); 1067 return rc; 1068 } 1069 1070 int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, 1071 const u8 *clrkey, u8 *keybuf, size_t *keybufsize) 1072 { 1073 int rc; 1074 struct ep11keyblob *kb; 1075 u8 encbuf[64], *kek = NULL; 1076 size_t clrkeylen, keklen, encbuflen = sizeof(encbuf); 1077 1078 if (keybitsize == 128 || keybitsize == 192 || keybitsize == 256) 1079 clrkeylen = keybitsize / 8; 1080 else { 1081 DEBUG_ERR( 1082 "%s unknown/unsupported keybitsize %d\n", 1083 __func__, keybitsize); 1084 return -EINVAL; 1085 } 1086 1087 /* allocate memory for the temp kek */ 1088 keklen = MAXEP11AESKEYBLOBSIZE; 1089 kek = kmalloc(keklen, GFP_ATOMIC); 1090 if (!kek) { 1091 rc = -ENOMEM; 1092 goto out; 1093 } 1094 1095 /* Step 1: generate AES 256 bit random kek key */ 1096 rc = ep11_genaeskey(card, domain, 256, 1097 0x00006c00, /* EN/DECRYPT, WRAP/UNWRAP */ 1098 kek, &keklen); 1099 if (rc) { 1100 DEBUG_ERR( 1101 "%s generate kek key failed, rc=%d\n", 1102 __func__, rc); 1103 goto out; 1104 } 1105 kb = (struct ep11keyblob *) kek; 1106 memset(&kb->head, 0, sizeof(kb->head)); 1107 1108 /* Step 2: encrypt clear key value with the kek key */ 1109 rc = ep11_cryptsingle(card, domain, 0, 0, def_iv, kek, keklen, 1110 clrkey, clrkeylen, encbuf, &encbuflen); 1111 if (rc) { 1112 DEBUG_ERR( 1113 "%s encrypting key value with kek key failed, rc=%d\n", 1114 __func__, rc); 1115 goto out; 1116 } 1117 1118 /* Step 3: import the encrypted key value as a new key */ 1119 rc = ep11_unwrapkey(card, domain, kek, keklen, 1120 encbuf, encbuflen, 0, def_iv, 1121 keybitsize, 0, keybuf, keybufsize); 1122 if (rc) { 1123 DEBUG_ERR( 1124 "%s importing key value as new key failed,, rc=%d\n", 1125 __func__, rc); 1126 goto out; 1127 } 1128 1129 out: 1130 kfree(kek); 1131 return rc; 1132 } 1133 EXPORT_SYMBOL(ep11_clr2keyblob); 1134 1135 int ep11_key2protkey(u16 card, u16 dom, const u8 *key, size_t keylen, 1136 u8 *protkey, u32 *protkeylen, u32 *protkeytype) 1137 { 1138 int rc = -EIO; 1139 u8 *wkbuf = NULL; 1140 size_t wkbuflen = 256; 1141 struct wk_info { 1142 u16 version; 1143 u8 res1[16]; 1144 u32 pkeytype; 1145 u32 pkeybitsize; 1146 u64 pkeysize; 1147 u8 res2[8]; 1148 u8 pkey[0]; 1149 } __packed * wki; 1150 1151 /* alloc temp working buffer */ 1152 wkbuf = kmalloc(wkbuflen, GFP_ATOMIC); 1153 if (!wkbuf) 1154 return -ENOMEM; 1155 1156 /* ep11 secure key -> protected key + info */ 1157 rc = ep11_wrapkey(card, dom, key, keylen, 1158 0, def_iv, wkbuf, &wkbuflen); 1159 if (rc) { 1160 DEBUG_ERR( 1161 "%s rewrapping ep11 key to pkey failed, rc=%d\n", 1162 __func__, rc); 1163 goto out; 1164 } 1165 wki = (struct wk_info *) wkbuf; 1166 1167 /* check struct version and pkey type */ 1168 if (wki->version != 1 || wki->pkeytype != 1) { 1169 DEBUG_ERR("%s wk info version %d or pkeytype %d mismatch.\n", 1170 __func__, (int) wki->version, (int) wki->pkeytype); 1171 rc = -EIO; 1172 goto out; 1173 } 1174 1175 /* copy the tanslated protected key */ 1176 switch (wki->pkeysize) { 1177 case 16+32: 1178 /* AES 128 protected key */ 1179 if (protkeytype) 1180 *protkeytype = PKEY_KEYTYPE_AES_128; 1181 break; 1182 case 24+32: 1183 /* AES 192 protected key */ 1184 if (protkeytype) 1185 *protkeytype = PKEY_KEYTYPE_AES_192; 1186 break; 1187 case 32+32: 1188 /* AES 256 protected key */ 1189 if (protkeytype) 1190 *protkeytype = PKEY_KEYTYPE_AES_256; 1191 break; 1192 default: 1193 DEBUG_ERR("%s unknown/unsupported pkeysize %d\n", 1194 __func__, (int) wki->pkeysize); 1195 rc = -EIO; 1196 goto out; 1197 } 1198 memcpy(protkey, wki->pkey, wki->pkeysize); 1199 if (protkeylen) 1200 *protkeylen = (u32) wki->pkeysize; 1201 rc = 0; 1202 1203 out: 1204 kfree(wkbuf); 1205 return rc; 1206 } 1207 EXPORT_SYMBOL(ep11_key2protkey); 1208 1209 int ep11_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain, 1210 int minhwtype, int minapi, const u8 *wkvp) 1211 { 1212 struct zcrypt_device_status_ext *device_status; 1213 u32 *_apqns = NULL, _nr_apqns = 0; 1214 int i, card, dom, rc = -ENOMEM; 1215 struct ep11_domain_info edi; 1216 struct ep11_card_info eci; 1217 1218 /* fetch status of all crypto cards */ 1219 device_status = kvmalloc_array(MAX_ZDEV_ENTRIES_EXT, 1220 sizeof(struct zcrypt_device_status_ext), 1221 GFP_KERNEL); 1222 if (!device_status) 1223 return -ENOMEM; 1224 zcrypt_device_status_mask_ext(device_status); 1225 1226 /* allocate 1k space for up to 256 apqns */ 1227 _apqns = kmalloc_array(256, sizeof(u32), GFP_KERNEL); 1228 if (!_apqns) { 1229 kvfree(device_status); 1230 return -ENOMEM; 1231 } 1232 1233 /* walk through all the crypto apqnss */ 1234 for (i = 0; i < MAX_ZDEV_ENTRIES_EXT; i++) { 1235 card = AP_QID_CARD(device_status[i].qid); 1236 dom = AP_QID_QUEUE(device_status[i].qid); 1237 /* check online state */ 1238 if (!device_status[i].online) 1239 continue; 1240 /* check for ep11 functions */ 1241 if (!(device_status[i].functions & 0x01)) 1242 continue; 1243 /* check cardnr */ 1244 if (cardnr != 0xFFFF && card != cardnr) 1245 continue; 1246 /* check domain */ 1247 if (domain != 0xFFFF && dom != domain) 1248 continue; 1249 /* check min hardware type */ 1250 if (minhwtype && device_status[i].hwtype < minhwtype) 1251 continue; 1252 /* check min api version if given */ 1253 if (minapi > 0) { 1254 if (ep11_get_card_info(card, &eci, 0)) 1255 continue; 1256 if (minapi > eci.API_ord_nr) 1257 continue; 1258 } 1259 /* check wkvp if given */ 1260 if (wkvp) { 1261 if (ep11_get_domain_info(card, dom, &edi)) 1262 continue; 1263 if (edi.cur_wk_state != '1') 1264 continue; 1265 if (memcmp(wkvp, edi.cur_wkvp, 16)) 1266 continue; 1267 } 1268 /* apqn passed all filtering criterons, add to the array */ 1269 if (_nr_apqns < 256) 1270 _apqns[_nr_apqns++] = (((u16)card) << 16) | ((u16) dom); 1271 } 1272 1273 /* nothing found ? */ 1274 if (!_nr_apqns) { 1275 kfree(_apqns); 1276 rc = -ENODEV; 1277 } else { 1278 /* no re-allocation, simple return the _apqns array */ 1279 *apqns = _apqns; 1280 *nr_apqns = _nr_apqns; 1281 rc = 0; 1282 } 1283 1284 kvfree(device_status); 1285 return rc; 1286 } 1287 EXPORT_SYMBOL(ep11_findcard2); 1288 1289 void __exit zcrypt_ep11misc_exit(void) 1290 { 1291 card_cache_free(); 1292 } 1293