Lines Matching +full:key +full:- +full:code
1 // SPDX-License-Identifier: GPL-2.0
31 * Key blobs smaller/bigger than these defines are rejected
32 * by the common code even before the individual setkey function
33 * is called. As paes can handle different kinds of key blobs
48 * key point to the memory where the key is stored.
49 * The code distinguishes by checking keylen against
52 u8 *key; member
58 const u8 *key, in _key_to_kb() argument
74 /* clear key value, prepare pkey clear key token in keybuf */ in _key_to_kb()
75 memset(kb->keybuf, 0, sizeof(kb->keybuf)); in _key_to_kb()
76 h = (struct clearkey_header *) kb->keybuf; in _key_to_kb()
77 h->version = 0x02; /* TOKVER_CLEAR_KEY */ in _key_to_kb()
78 h->keytype = (keylen - 8) >> 3; in _key_to_kb()
79 h->len = keylen; in _key_to_kb()
80 memcpy(kb->keybuf + sizeof(*h), key, keylen); in _key_to_kb()
81 kb->keylen = sizeof(*h) + keylen; in _key_to_kb()
82 kb->key = kb->keybuf; in _key_to_kb()
85 /* other key material, let pkey handle this */ in _key_to_kb()
86 if (keylen <= sizeof(kb->keybuf)) in _key_to_kb()
87 kb->key = kb->keybuf; in _key_to_kb()
89 kb->key = kmalloc(keylen, GFP_KERNEL); in _key_to_kb()
90 if (!kb->key) in _key_to_kb()
91 return -ENOMEM; in _key_to_kb()
93 memcpy(kb->key, key, keylen); in _key_to_kb()
94 kb->keylen = keylen; in _key_to_kb()
103 if (kb->key && kb->key != kb->keybuf in _free_kb_keybuf()
104 && kb->keylen > sizeof(kb->keybuf)) { in _free_kb_keybuf()
105 kfree(kb->key); in _free_kb_keybuf()
106 kb->key = NULL; in _free_kb_keybuf()
131 ret = pkey_keyblob2pkey(kb->key, kb->keylen, pk); in __paes_keyblob2pkey()
143 if (__paes_keyblob2pkey(&ctx->kb, &pkey)) in __paes_convert_key()
144 return -EINVAL; in __paes_convert_key()
146 spin_lock_bh(&ctx->pk_lock); in __paes_convert_key()
147 memcpy(&ctx->pk, &pkey, sizeof(pkey)); in __paes_convert_key()
148 spin_unlock_bh(&ctx->pk_lock); in __paes_convert_key()
157 ctx->kb.key = NULL; in ecb_paes_init()
158 spin_lock_init(&ctx->pk_lock); in ecb_paes_init()
167 _free_kb_keybuf(&ctx->kb); in ecb_paes_exit()
175 return -EINVAL; in __ecb_paes_set_key()
177 /* Pick the correct function code based on the protected key type */ in __ecb_paes_set_key()
178 fc = (ctx->pk.type == PKEY_KEYTYPE_AES_128) ? CPACF_KM_PAES_128 : in __ecb_paes_set_key()
179 (ctx->pk.type == PKEY_KEYTYPE_AES_192) ? CPACF_KM_PAES_192 : in __ecb_paes_set_key()
180 (ctx->pk.type == PKEY_KEYTYPE_AES_256) ? CPACF_KM_PAES_256 : 0; in __ecb_paes_set_key()
182 /* Check if the function code is available */ in __ecb_paes_set_key()
183 ctx->fc = (fc && cpacf_test_func(&km_functions, fc)) ? fc : 0; in __ecb_paes_set_key()
185 return ctx->fc ? 0 : -EINVAL; in __ecb_paes_set_key()
194 _free_kb_keybuf(&ctx->kb); in ecb_paes_set_key()
195 rc = _key_to_kb(&ctx->kb, in_key, key_len); in ecb_paes_set_key()
210 u8 key[MAXPROTKEYSIZE]; in ecb_paes_crypt() member
217 spin_lock_bh(&ctx->pk_lock); in ecb_paes_crypt()
218 memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE); in ecb_paes_crypt()
219 spin_unlock_bh(&ctx->pk_lock); in ecb_paes_crypt()
223 n = nbytes & ~(AES_BLOCK_SIZE - 1); in ecb_paes_crypt()
224 k = cpacf_km(ctx->fc | modifier, ¶m, in ecb_paes_crypt()
227 ret = skcipher_walk_done(&walk, nbytes - k); in ecb_paes_crypt()
230 return skcipher_walk_done(&walk, -EIO); in ecb_paes_crypt()
231 spin_lock_bh(&ctx->pk_lock); in ecb_paes_crypt()
232 memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE); in ecb_paes_crypt()
233 spin_unlock_bh(&ctx->pk_lock); in ecb_paes_crypt()
251 .base.cra_driver_name = "ecb-paes-s390",
270 ctx->kb.key = NULL; in cbc_paes_init()
271 spin_lock_init(&ctx->pk_lock); in cbc_paes_init()
280 _free_kb_keybuf(&ctx->kb); in cbc_paes_exit()
288 return -EINVAL; in __cbc_paes_set_key()
290 /* Pick the correct function code based on the protected key type */ in __cbc_paes_set_key()
291 fc = (ctx->pk.type == PKEY_KEYTYPE_AES_128) ? CPACF_KMC_PAES_128 : in __cbc_paes_set_key()
292 (ctx->pk.type == PKEY_KEYTYPE_AES_192) ? CPACF_KMC_PAES_192 : in __cbc_paes_set_key()
293 (ctx->pk.type == PKEY_KEYTYPE_AES_256) ? CPACF_KMC_PAES_256 : 0; in __cbc_paes_set_key()
295 /* Check if the function code is available */ in __cbc_paes_set_key()
296 ctx->fc = (fc && cpacf_test_func(&kmc_functions, fc)) ? fc : 0; in __cbc_paes_set_key()
298 return ctx->fc ? 0 : -EINVAL; in __cbc_paes_set_key()
307 _free_kb_keybuf(&ctx->kb); in cbc_paes_set_key()
308 rc = _key_to_kb(&ctx->kb, in_key, key_len); in cbc_paes_set_key()
324 u8 key[MAXPROTKEYSIZE]; in cbc_paes_crypt() member
332 spin_lock_bh(&ctx->pk_lock); in cbc_paes_crypt()
333 memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE); in cbc_paes_crypt()
334 spin_unlock_bh(&ctx->pk_lock); in cbc_paes_crypt()
338 n = nbytes & ~(AES_BLOCK_SIZE - 1); in cbc_paes_crypt()
339 k = cpacf_kmc(ctx->fc | modifier, ¶m, in cbc_paes_crypt()
343 ret = skcipher_walk_done(&walk, nbytes - k); in cbc_paes_crypt()
347 return skcipher_walk_done(&walk, -EIO); in cbc_paes_crypt()
348 spin_lock_bh(&ctx->pk_lock); in cbc_paes_crypt()
349 memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE); in cbc_paes_crypt()
350 spin_unlock_bh(&ctx->pk_lock); in cbc_paes_crypt()
368 .base.cra_driver_name = "cbc-paes-s390",
369 .base.cra_priority = 402, /* ecb-paes-s390 + 1 */
388 ctx->kb[0].key = NULL; in xts_paes_init()
389 ctx->kb[1].key = NULL; in xts_paes_init()
390 spin_lock_init(&ctx->pk_lock); in xts_paes_init()
399 _free_kb_keybuf(&ctx->kb[0]); in xts_paes_exit()
400 _free_kb_keybuf(&ctx->kb[1]); in xts_paes_exit()
407 if (__paes_keyblob2pkey(&ctx->kb[0], &pkey0) || in __xts_paes_convert_key()
408 __paes_keyblob2pkey(&ctx->kb[1], &pkey1)) in __xts_paes_convert_key()
409 return -EINVAL; in __xts_paes_convert_key()
411 spin_lock_bh(&ctx->pk_lock); in __xts_paes_convert_key()
412 memcpy(&ctx->pk[0], &pkey0, sizeof(pkey0)); in __xts_paes_convert_key()
413 memcpy(&ctx->pk[1], &pkey1, sizeof(pkey1)); in __xts_paes_convert_key()
414 spin_unlock_bh(&ctx->pk_lock); in __xts_paes_convert_key()
424 return -EINVAL; in __xts_paes_set_key()
426 if (ctx->pk[0].type != ctx->pk[1].type) in __xts_paes_set_key()
427 return -EINVAL; in __xts_paes_set_key()
429 /* Pick the correct function code based on the protected key type */ in __xts_paes_set_key()
430 fc = (ctx->pk[0].type == PKEY_KEYTYPE_AES_128) ? CPACF_KM_PXTS_128 : in __xts_paes_set_key()
431 (ctx->pk[0].type == PKEY_KEYTYPE_AES_256) ? in __xts_paes_set_key()
434 /* Check if the function code is available */ in __xts_paes_set_key()
435 ctx->fc = (fc && cpacf_test_func(&km_functions, fc)) ? fc : 0; in __xts_paes_set_key()
437 return ctx->fc ? 0 : -EINVAL; in __xts_paes_set_key()
449 return -EINVAL; in xts_paes_set_key()
453 _free_kb_keybuf(&ctx->kb[0]); in xts_paes_set_key()
454 _free_kb_keybuf(&ctx->kb[1]); in xts_paes_set_key()
455 rc = _key_to_kb(&ctx->kb[0], in_key, key_len); in xts_paes_set_key()
458 rc = _key_to_kb(&ctx->kb[1], in_key + key_len, key_len); in xts_paes_set_key()
467 * xts_check_key verifies the key length is not odd and makes in xts_paes_set_key()
471 ckey_len = (ctx->pk[0].type == PKEY_KEYTYPE_AES_128) ? in xts_paes_set_key()
473 memcpy(ckey, ctx->pk[0].protkey, ckey_len); in xts_paes_set_key()
474 memcpy(ckey + ckey_len, ctx->pk[1].protkey, ckey_len); in xts_paes_set_key()
486 u8 key[MAXPROTKEYSIZE]; /* key + verification pattern */ in xts_paes_crypt() member
493 u8 key[MAXPROTKEYSIZE]; /* key + verification pattern */ in xts_paes_crypt() member
501 keylen = (ctx->pk[0].type == PKEY_KEYTYPE_AES_128) ? 48 : 64; in xts_paes_crypt()
502 offset = (ctx->pk[0].type == PKEY_KEYTYPE_AES_128) ? 16 : 0; in xts_paes_crypt()
506 spin_lock_bh(&ctx->pk_lock); in xts_paes_crypt()
507 memcpy(pcc_param.key + offset, ctx->pk[1].protkey, keylen); in xts_paes_crypt()
508 memcpy(xts_param.key + offset, ctx->pk[0].protkey, keylen); in xts_paes_crypt()
509 spin_unlock_bh(&ctx->pk_lock); in xts_paes_crypt()
510 cpacf_pcc(ctx->fc, pcc_param.key + offset); in xts_paes_crypt()
515 n = nbytes & ~(AES_BLOCK_SIZE - 1); in xts_paes_crypt()
516 k = cpacf_km(ctx->fc | modifier, xts_param.key + offset, in xts_paes_crypt()
519 ret = skcipher_walk_done(&walk, nbytes - k); in xts_paes_crypt()
522 return skcipher_walk_done(&walk, -EIO); in xts_paes_crypt()
523 spin_lock_bh(&ctx->pk_lock); in xts_paes_crypt()
524 memcpy(xts_param.key + offset, in xts_paes_crypt()
525 ctx->pk[0].protkey, keylen); in xts_paes_crypt()
526 spin_unlock_bh(&ctx->pk_lock); in xts_paes_crypt()
545 .base.cra_driver_name = "xts-paes-s390",
546 .base.cra_priority = 402, /* ecb-paes-s390 + 1 */
565 ctx->kb.key = NULL; in ctr_paes_init()
566 spin_lock_init(&ctx->pk_lock); in ctr_paes_init()
575 _free_kb_keybuf(&ctx->kb); in ctr_paes_exit()
583 return -EINVAL; in __ctr_paes_set_key()
585 /* Pick the correct function code based on the protected key type */ in __ctr_paes_set_key()
586 fc = (ctx->pk.type == PKEY_KEYTYPE_AES_128) ? CPACF_KMCTR_PAES_128 : in __ctr_paes_set_key()
587 (ctx->pk.type == PKEY_KEYTYPE_AES_192) ? CPACF_KMCTR_PAES_192 : in __ctr_paes_set_key()
588 (ctx->pk.type == PKEY_KEYTYPE_AES_256) ? in __ctr_paes_set_key()
591 /* Check if the function code is available */ in __ctr_paes_set_key()
592 ctx->fc = (fc && cpacf_test_func(&kmctr_functions, fc)) ? fc : 0; in __ctr_paes_set_key()
594 return ctx->fc ? 0 : -EINVAL; in __ctr_paes_set_key()
603 _free_kb_keybuf(&ctx->kb); in ctr_paes_set_key()
604 rc = _key_to_kb(&ctx->kb, in_key, key_len); in ctr_paes_set_key()
617 n = (nbytes > PAGE_SIZE) ? PAGE_SIZE : nbytes & ~(AES_BLOCK_SIZE - 1); in __ctrblk_init()
618 for (i = (n / AES_BLOCK_SIZE) - 1; i > 0; i--) { in __ctrblk_init()
635 u8 key[MAXPROTKEYSIZE]; in ctr_paes_crypt() member
642 spin_lock_bh(&ctx->pk_lock); in ctr_paes_crypt()
643 memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE); in ctr_paes_crypt()
644 spin_unlock_bh(&ctx->pk_lock); in ctr_paes_crypt()
653 k = cpacf_kmctr(ctx->fc, ¶m, walk.dst.virt.addr, in ctr_paes_crypt()
657 memcpy(walk.iv, ctrptr + k - AES_BLOCK_SIZE, in ctr_paes_crypt()
660 ret = skcipher_walk_done(&walk, nbytes - k); in ctr_paes_crypt()
666 return skcipher_walk_done(&walk, -EIO); in ctr_paes_crypt()
668 spin_lock_bh(&ctx->pk_lock); in ctr_paes_crypt()
669 memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE); in ctr_paes_crypt()
670 spin_unlock_bh(&ctx->pk_lock); in ctr_paes_crypt()
680 if (cpacf_kmctr(ctx->fc, ¶m, buf, in ctr_paes_crypt()
685 return skcipher_walk_done(&walk, -EIO); in ctr_paes_crypt()
686 spin_lock_bh(&ctx->pk_lock); in ctr_paes_crypt()
687 memcpy(param.key, ctx->pk.protkey, MAXPROTKEYSIZE); in ctr_paes_crypt()
688 spin_unlock_bh(&ctx->pk_lock); in ctr_paes_crypt()
700 .base.cra_driver_name = "ctr-paes-s390",
701 .base.cra_priority = 402, /* ecb-paes-s390 + 1 */
719 if (!list_empty(&alg->base.cra_list)) in __crypto_unregister_skcipher()
770 ret = -ENOMEM; in paes_s390_init()