1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright IBM Corp. 2019
4 * Author(s): Harald Freudenberger <freude@linux.ibm.com>
5 *
6 * Collection of EP11 misc functions used by zcrypt and pkey
7 */
8
9 #define KMSG_COMPONENT "zcrypt"
10 #define pr_fmt(fmt) KMSG_COMPONENT ": " fmt
11
12 #include <linux/export.h>
13 #include <linux/init.h>
14 #include <linux/mempool.h>
15 #include <linux/module.h>
16 #include <linux/random.h>
17 #include <linux/slab.h>
18 #include <asm/zcrypt.h>
19 #include <asm/pkey.h>
20 #include <crypto/aes.h>
21
22 #include "ap_bus.h"
23 #include "zcrypt_api.h"
24 #include "zcrypt_debug.h"
25 #include "zcrypt_msgtype6.h"
26 #include "zcrypt_ep11misc.h"
27 #include "zcrypt_ccamisc.h"
28
29 #define EP11_PINBLOB_V1_BYTES 56
30
31 /* default iv used here */
32 static const u8 def_iv[16] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
33 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff };
34
35 /*
36 * Cprb memory pool held for urgent cases where no memory
37 * can be allocated via kmalloc. This pool is only used when
38 * alloc_cprbmem() is called with the xflag ZCRYPT_XFLAG_NOMEMALLOC.
39 */
40 #define CPRB_MEMPOOL_ITEM_SIZE (8 * 1024)
41 static mempool_t *cprb_mempool;
42
43 /*
44 * This is a pre-allocated memory for the device status array
45 * used within the ep11_findcard2() function. It is currently
46 * 128 * 128 * 4 bytes = 64 KB big. Usage of this memory is
47 * controlled via dev_status_mem_mutex. Needs adaption if more
48 * than 128 cards or domains to be are supported.
49 */
50 #define ZCRYPT_DEV_STATUS_CARD_MAX 128
51 #define ZCRYPT_DEV_STATUS_QUEUE_MAX 128
52 #define ZCRYPT_DEV_STATUS_ENTRIES (ZCRYPT_DEV_STATUS_CARD_MAX * \
53 ZCRYPT_DEV_STATUS_QUEUE_MAX)
54 #define ZCRYPT_DEV_STATUS_EXT_SIZE (ZCRYPT_DEV_STATUS_ENTRIES * \
55 sizeof(struct zcrypt_device_status_ext))
56 static void *dev_status_mem;
57 static DEFINE_MUTEX(dev_status_mem_mutex);
58
ep11_kb_split(const u8 * kb,size_t kblen,u32 kbver,struct ep11kblob_header ** kbhdr,size_t * kbhdrsize,u8 ** kbpl,size_t * kbplsize)59 static int ep11_kb_split(const u8 *kb, size_t kblen, u32 kbver,
60 struct ep11kblob_header **kbhdr, size_t *kbhdrsize,
61 u8 **kbpl, size_t *kbplsize)
62 {
63 struct ep11kblob_header *hdr = NULL;
64 size_t hdrsize, plsize = 0;
65 int rc = -EINVAL;
66 u8 *pl = NULL;
67
68 if (kblen < sizeof(struct ep11kblob_header))
69 goto out;
70 hdr = (struct ep11kblob_header *)kb;
71
72 switch (kbver) {
73 case TOKVER_EP11_AES:
74 /* header overlays the payload */
75 hdrsize = 0;
76 break;
77 case TOKVER_EP11_ECC_WITH_HEADER:
78 case TOKVER_EP11_AES_WITH_HEADER:
79 /* payload starts after the header */
80 hdrsize = sizeof(struct ep11kblob_header);
81 break;
82 default:
83 goto out;
84 }
85
86 plsize = kblen - hdrsize;
87 pl = (u8 *)kb + hdrsize;
88
89 if (kbhdr)
90 *kbhdr = hdr;
91 if (kbhdrsize)
92 *kbhdrsize = hdrsize;
93 if (kbpl)
94 *kbpl = pl;
95 if (kbplsize)
96 *kbplsize = plsize;
97
98 rc = 0;
99 out:
100 return rc;
101 }
102
ep11_kb_decode(const u8 * kb,size_t kblen,struct ep11kblob_header ** kbhdr,size_t * kbhdrsize,struct ep11keyblob ** kbpl,size_t * kbplsize)103 static int ep11_kb_decode(const u8 *kb, size_t kblen,
104 struct ep11kblob_header **kbhdr, size_t *kbhdrsize,
105 struct ep11keyblob **kbpl, size_t *kbplsize)
106 {
107 struct ep11kblob_header *tmph, *hdr = NULL;
108 size_t hdrsize = 0, plsize = 0;
109 struct ep11keyblob *pl = NULL;
110 int rc = -EINVAL;
111 u8 *tmpp;
112
113 if (kblen < sizeof(struct ep11kblob_header))
114 goto out;
115 tmph = (struct ep11kblob_header *)kb;
116
117 if (tmph->type != TOKTYPE_NON_CCA &&
118 tmph->len > kblen)
119 goto out;
120
121 if (ep11_kb_split(kb, kblen, tmph->version,
122 &hdr, &hdrsize, &tmpp, &plsize))
123 goto out;
124
125 if (plsize < sizeof(struct ep11keyblob))
126 goto out;
127
128 if (!is_ep11_keyblob(tmpp))
129 goto out;
130
131 pl = (struct ep11keyblob *)tmpp;
132 plsize = hdr->len - hdrsize;
133
134 if (kbhdr)
135 *kbhdr = hdr;
136 if (kbhdrsize)
137 *kbhdrsize = hdrsize;
138 if (kbpl)
139 *kbpl = pl;
140 if (kbplsize)
141 *kbplsize = plsize;
142
143 rc = 0;
144 out:
145 return rc;
146 }
147
148 /*
149 * For valid ep11 keyblobs, returns a reference to the wrappingkey verification
150 * pattern. Otherwise NULL.
151 */
ep11_kb_wkvp(const u8 * keyblob,u32 keybloblen)152 const u8 *ep11_kb_wkvp(const u8 *keyblob, u32 keybloblen)
153 {
154 struct ep11keyblob *kb;
155
156 if (ep11_kb_decode(keyblob, keybloblen, NULL, NULL, &kb, NULL))
157 return NULL;
158 return kb->wkvp;
159 }
160 EXPORT_SYMBOL(ep11_kb_wkvp);
161
162 /*
163 * Simple check if the key blob is a valid EP11 AES key blob with header.
164 */
ep11_check_aes_key_with_hdr(debug_info_t * dbg,int dbflvl,const u8 * key,u32 keylen,int checkcpacfexp)165 int ep11_check_aes_key_with_hdr(debug_info_t *dbg, int dbflvl,
166 const u8 *key, u32 keylen, int checkcpacfexp)
167 {
168 struct ep11kblob_header *hdr = (struct ep11kblob_header *)key;
169 struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr));
170
171 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
172
173 if (keylen < sizeof(*hdr) + sizeof(*kb)) {
174 DBF("%s key check failed, keylen %u < %zu\n",
175 __func__, keylen, sizeof(*hdr) + sizeof(*kb));
176 return -EINVAL;
177 }
178
179 if (hdr->type != TOKTYPE_NON_CCA) {
180 if (dbg)
181 DBF("%s key check failed, type 0x%02x != 0x%02x\n",
182 __func__, (int)hdr->type, TOKTYPE_NON_CCA);
183 return -EINVAL;
184 }
185 if (hdr->hver != 0x00) {
186 if (dbg)
187 DBF("%s key check failed, header version 0x%02x != 0x00\n",
188 __func__, (int)hdr->hver);
189 return -EINVAL;
190 }
191 if (hdr->version != TOKVER_EP11_AES_WITH_HEADER) {
192 if (dbg)
193 DBF("%s key check failed, version 0x%02x != 0x%02x\n",
194 __func__, (int)hdr->version, TOKVER_EP11_AES_WITH_HEADER);
195 return -EINVAL;
196 }
197 if (hdr->len > keylen) {
198 if (dbg)
199 DBF("%s key check failed, header len %d keylen %u mismatch\n",
200 __func__, (int)hdr->len, keylen);
201 return -EINVAL;
202 }
203 if (hdr->len < sizeof(*hdr) + sizeof(*kb)) {
204 if (dbg)
205 DBF("%s key check failed, header len %d < %zu\n",
206 __func__, (int)hdr->len, sizeof(*hdr) + sizeof(*kb));
207 return -EINVAL;
208 }
209
210 if (kb->version != EP11_STRUCT_MAGIC) {
211 if (dbg)
212 DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
213 __func__, (int)kb->version, EP11_STRUCT_MAGIC);
214 return -EINVAL;
215 }
216 if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
217 if (dbg)
218 DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
219 __func__);
220 return -EINVAL;
221 }
222
223 #undef DBF
224
225 return 0;
226 }
227 EXPORT_SYMBOL(ep11_check_aes_key_with_hdr);
228
229 /*
230 * Simple check if the key blob is a valid EP11 ECC key blob with header.
231 */
ep11_check_ecc_key_with_hdr(debug_info_t * dbg,int dbflvl,const u8 * key,u32 keylen,int checkcpacfexp)232 int ep11_check_ecc_key_with_hdr(debug_info_t *dbg, int dbflvl,
233 const u8 *key, u32 keylen, int checkcpacfexp)
234 {
235 struct ep11kblob_header *hdr = (struct ep11kblob_header *)key;
236 struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr));
237
238 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
239
240 if (keylen < sizeof(*hdr) + sizeof(*kb)) {
241 DBF("%s key check failed, keylen %u < %zu\n",
242 __func__, keylen, sizeof(*hdr) + sizeof(*kb));
243 return -EINVAL;
244 }
245
246 if (hdr->type != TOKTYPE_NON_CCA) {
247 if (dbg)
248 DBF("%s key check failed, type 0x%02x != 0x%02x\n",
249 __func__, (int)hdr->type, TOKTYPE_NON_CCA);
250 return -EINVAL;
251 }
252 if (hdr->hver != 0x00) {
253 if (dbg)
254 DBF("%s key check failed, header version 0x%02x != 0x00\n",
255 __func__, (int)hdr->hver);
256 return -EINVAL;
257 }
258 if (hdr->version != TOKVER_EP11_ECC_WITH_HEADER) {
259 if (dbg)
260 DBF("%s key check failed, version 0x%02x != 0x%02x\n",
261 __func__, (int)hdr->version, TOKVER_EP11_ECC_WITH_HEADER);
262 return -EINVAL;
263 }
264 if (hdr->len > keylen) {
265 if (dbg)
266 DBF("%s key check failed, header len %d keylen %u mismatch\n",
267 __func__, (int)hdr->len, keylen);
268 return -EINVAL;
269 }
270 if (hdr->len < sizeof(*hdr) + sizeof(*kb)) {
271 if (dbg)
272 DBF("%s key check failed, header len %d < %zu\n",
273 __func__, (int)hdr->len, sizeof(*hdr) + sizeof(*kb));
274 return -EINVAL;
275 }
276
277 if (kb->version != EP11_STRUCT_MAGIC) {
278 if (dbg)
279 DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
280 __func__, (int)kb->version, EP11_STRUCT_MAGIC);
281 return -EINVAL;
282 }
283 if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
284 if (dbg)
285 DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
286 __func__);
287 return -EINVAL;
288 }
289
290 #undef DBF
291
292 return 0;
293 }
294 EXPORT_SYMBOL(ep11_check_ecc_key_with_hdr);
295
296 /*
297 * Simple check if the key blob is a valid EP11 AES key blob with
298 * the header in the session field (old style EP11 AES key).
299 */
ep11_check_aes_key(debug_info_t * dbg,int dbflvl,const u8 * key,u32 keylen,int checkcpacfexp)300 int ep11_check_aes_key(debug_info_t *dbg, int dbflvl,
301 const u8 *key, u32 keylen, int checkcpacfexp)
302 {
303 struct ep11keyblob *kb = (struct ep11keyblob *)key;
304
305 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
306
307 if (keylen < sizeof(*kb)) {
308 DBF("%s key check failed, keylen %u < %zu\n",
309 __func__, keylen, sizeof(*kb));
310 return -EINVAL;
311 }
312
313 if (kb->head.type != TOKTYPE_NON_CCA) {
314 if (dbg)
315 DBF("%s key check failed, type 0x%02x != 0x%02x\n",
316 __func__, (int)kb->head.type, TOKTYPE_NON_CCA);
317 return -EINVAL;
318 }
319 if (kb->head.version != TOKVER_EP11_AES) {
320 if (dbg)
321 DBF("%s key check failed, version 0x%02x != 0x%02x\n",
322 __func__, (int)kb->head.version, TOKVER_EP11_AES);
323 return -EINVAL;
324 }
325 if (kb->head.len > keylen) {
326 if (dbg)
327 DBF("%s key check failed, header len %d keylen %u mismatch\n",
328 __func__, (int)kb->head.len, keylen);
329 return -EINVAL;
330 }
331 if (kb->head.len < sizeof(*kb)) {
332 if (dbg)
333 DBF("%s key check failed, header len %d < %zu\n",
334 __func__, (int)kb->head.len, sizeof(*kb));
335 return -EINVAL;
336 }
337
338 if (kb->version != EP11_STRUCT_MAGIC) {
339 if (dbg)
340 DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
341 __func__, (int)kb->version, EP11_STRUCT_MAGIC);
342 return -EINVAL;
343 }
344 if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
345 if (dbg)
346 DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
347 __func__);
348 return -EINVAL;
349 }
350
351 #undef DBF
352
353 return 0;
354 }
355 EXPORT_SYMBOL(ep11_check_aes_key);
356
357 /*
358 * Allocate and prepare ep11 cprb plus additional payload.
359 */
alloc_cprbmem(size_t payload_len,u32 xflags)360 static void *alloc_cprbmem(size_t payload_len, u32 xflags)
361 {
362 size_t len = sizeof(struct ep11_cprb) + payload_len;
363 struct ep11_cprb *cprb = NULL;
364
365 if (xflags & ZCRYPT_XFLAG_NOMEMALLOC) {
366 if (len <= CPRB_MEMPOOL_ITEM_SIZE)
367 cprb = mempool_alloc_preallocated(cprb_mempool);
368 } else {
369 cprb = kmalloc(len, GFP_KERNEL);
370 }
371 if (!cprb)
372 return NULL;
373 memset(cprb, 0, len);
374
375 cprb->cprb_len = sizeof(struct ep11_cprb);
376 cprb->cprb_ver_id = 0x04;
377 memcpy(cprb->func_id, "T4", 2);
378 cprb->ret_code = 0xFFFFFFFF;
379 cprb->payload_len = payload_len;
380
381 return cprb;
382 }
383
384 /*
385 * Free ep11 cprb buffer space.
386 */
free_cprbmem(void * mem,size_t payload_len,bool scrub,u32 xflags)387 static void free_cprbmem(void *mem, size_t payload_len, bool scrub, u32 xflags)
388 {
389 if (mem && scrub)
390 memzero_explicit(mem, sizeof(struct ep11_cprb) + payload_len);
391
392 if (xflags & ZCRYPT_XFLAG_NOMEMALLOC)
393 mempool_free(mem, cprb_mempool);
394 else
395 kfree(mem);
396 }
397
398 /*
399 * Some helper functions related to ASN1 encoding.
400 * Limited to length info <= 2 byte.
401 */
402
403 #define ASN1TAGLEN(x) (2 + (x) + ((x) > 127 ? 1 : 0) + ((x) > 255 ? 1 : 0))
404
asn1tag_write(u8 * ptr,u8 tag,const u8 * pvalue,u16 valuelen)405 static int asn1tag_write(u8 *ptr, u8 tag, const u8 *pvalue, u16 valuelen)
406 {
407 ptr[0] = tag;
408 if (valuelen > 255) {
409 ptr[1] = 0x82;
410 *((u16 *)(ptr + 2)) = valuelen;
411 memcpy(ptr + 4, pvalue, valuelen);
412 return 4 + valuelen;
413 }
414 if (valuelen > 127) {
415 ptr[1] = 0x81;
416 ptr[2] = (u8)valuelen;
417 memcpy(ptr + 3, pvalue, valuelen);
418 return 3 + valuelen;
419 }
420 ptr[1] = (u8)valuelen;
421 memcpy(ptr + 2, pvalue, valuelen);
422 return 2 + valuelen;
423 }
424
425 /* EP11 payload > 127 bytes starts with this struct */
426 struct pl_head {
427 u8 tag;
428 u8 lenfmt;
429 u16 len;
430 u8 func_tag;
431 u8 func_len;
432 u32 func;
433 u8 dom_tag;
434 u8 dom_len;
435 u32 dom;
436 } __packed;
437
438 /* prep ep11 payload head helper function */
prep_head(struct pl_head * h,size_t pl_size,int api,int func)439 static inline void prep_head(struct pl_head *h,
440 size_t pl_size, int api, int func)
441 {
442 h->tag = 0x30;
443 h->lenfmt = 0x82;
444 h->len = pl_size - 4;
445 h->func_tag = 0x04;
446 h->func_len = sizeof(u32);
447 h->func = (api << 16) + func;
448 h->dom_tag = 0x04;
449 h->dom_len = sizeof(u32);
450 }
451
452 /* prep urb helper function */
prep_urb(struct ep11_urb * u,struct ep11_target_dev * t,int nt,struct ep11_cprb * req,size_t req_len,struct ep11_cprb * rep,size_t rep_len)453 static inline void prep_urb(struct ep11_urb *u,
454 struct ep11_target_dev *t, int nt,
455 struct ep11_cprb *req, size_t req_len,
456 struct ep11_cprb *rep, size_t rep_len)
457 {
458 memset(u, 0, sizeof(*u));
459 u->targets = (u8 __user *)t;
460 u->targets_num = nt;
461 u->req = (u8 __user *)req;
462 u->req_len = req_len;
463 u->resp = (u8 __user *)rep;
464 u->resp_len = rep_len;
465 }
466
467 /* Check ep11 reply payload, return 0 or suggested errno value. */
check_reply_pl(const u8 * pl,const char * func)468 static int check_reply_pl(const u8 *pl, const char *func)
469 {
470 int len;
471 u32 ret;
472
473 /* start tag */
474 if (*pl++ != 0x30) {
475 ZCRYPT_DBF_ERR("%s reply start tag mismatch\n", func);
476 return -EIO;
477 }
478
479 /* payload length format */
480 if (*pl < 127) {
481 len = *pl;
482 pl++;
483 } else if (*pl == 0x81) {
484 pl++;
485 len = *pl;
486 pl++;
487 } else if (*pl == 0x82) {
488 pl++;
489 len = *((u16 *)pl);
490 pl += 2;
491 } else {
492 ZCRYPT_DBF_ERR("%s reply start tag lenfmt mismatch 0x%02hhx\n",
493 func, *pl);
494 return -EIO;
495 }
496
497 /* len should cover at least 3 fields with 32 bit value each */
498 if (len < 3 * 6) {
499 ZCRYPT_DBF_ERR("%s reply length %d too small\n", func, len);
500 return -EIO;
501 }
502
503 /* function tag, length and value */
504 if (pl[0] != 0x04 || pl[1] != 0x04) {
505 ZCRYPT_DBF_ERR("%s function tag or length mismatch\n", func);
506 return -EIO;
507 }
508 pl += 6;
509
510 /* dom tag, length and value */
511 if (pl[0] != 0x04 || pl[1] != 0x04) {
512 ZCRYPT_DBF_ERR("%s dom tag or length mismatch\n", func);
513 return -EIO;
514 }
515 pl += 6;
516
517 /* return value tag, length and value */
518 if (pl[0] != 0x04 || pl[1] != 0x04) {
519 ZCRYPT_DBF_ERR("%s return value tag or length mismatch\n",
520 func);
521 return -EIO;
522 }
523 pl += 2;
524 ret = *((u32 *)pl);
525 if (ret != 0) {
526 ZCRYPT_DBF_ERR("%s return value 0x%08x != 0\n", func, ret);
527 return -EIO;
528 }
529
530 return 0;
531 }
532
533 /* Check ep11 reply cprb, return 0 or suggested errno value. */
check_reply_cprb(const struct ep11_cprb * rep,const char * func)534 static int check_reply_cprb(const struct ep11_cprb *rep, const char *func)
535 {
536 /* check ep11 reply return code field */
537 if (rep->ret_code) {
538 ZCRYPT_DBF_ERR("%s ep11 reply ret_code=0x%08x\n", __func__,
539 rep->ret_code);
540 if (rep->ret_code == 0x000c0003)
541 return -EBUSY;
542 else
543 return -EIO;
544 }
545
546 return 0;
547 }
548
549 /*
550 * Helper function which does an ep11 query with given query type.
551 */
ep11_query_info(u16 cardnr,u16 domain,u32 query_type,size_t buflen,u8 * buf,u32 xflags)552 static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type,
553 size_t buflen, u8 *buf, u32 xflags)
554 {
555 struct ep11_info_req_pl {
556 struct pl_head head;
557 u8 query_type_tag;
558 u8 query_type_len;
559 u32 query_type;
560 u8 query_subtype_tag;
561 u8 query_subtype_len;
562 u32 query_subtype;
563 } __packed * req_pl;
564 struct ep11_info_rep_pl {
565 struct pl_head head;
566 u8 rc_tag;
567 u8 rc_len;
568 u32 rc;
569 u8 data_tag;
570 u8 data_lenfmt;
571 u16 data_len;
572 } __packed * rep_pl;
573 struct ep11_cprb *req = NULL, *rep = NULL;
574 struct ep11_target_dev target;
575 struct ep11_urb urb;
576 int api = EP11_API_V1, rc = -ENOMEM;
577
578 /* request cprb and payload */
579 req = alloc_cprbmem(sizeof(struct ep11_info_req_pl), xflags);
580 if (!req)
581 goto out;
582 req_pl = (struct ep11_info_req_pl *)(((u8 *)req) + sizeof(*req));
583 prep_head(&req_pl->head, sizeof(*req_pl), api, 38); /* get xcp info */
584 req_pl->query_type_tag = 0x04;
585 req_pl->query_type_len = sizeof(u32);
586 req_pl->query_type = query_type;
587 req_pl->query_subtype_tag = 0x04;
588 req_pl->query_subtype_len = sizeof(u32);
589
590 /* reply cprb and payload */
591 rep = alloc_cprbmem(sizeof(struct ep11_info_rep_pl) + buflen, xflags);
592 if (!rep)
593 goto out;
594 rep_pl = (struct ep11_info_rep_pl *)(((u8 *)rep) + sizeof(*rep));
595
596 /* urb and target */
597 target.ap_id = cardnr;
598 target.dom_id = domain;
599 prep_urb(&urb, &target, 1,
600 req, sizeof(*req) + sizeof(*req_pl),
601 rep, sizeof(*rep) + sizeof(*rep_pl) + buflen);
602
603 rc = zcrypt_send_ep11_cprb(&urb, xflags);
604 if (rc) {
605 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
606 __func__, (int)cardnr, (int)domain, rc);
607 goto out;
608 }
609
610 /* check ep11 reply cprb */
611 rc = check_reply_cprb(rep, __func__);
612 if (rc)
613 goto out;
614
615 /* check payload */
616 rc = check_reply_pl((u8 *)rep_pl, __func__);
617 if (rc)
618 goto out;
619 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
620 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
621 rc = -EIO;
622 goto out;
623 }
624 if (rep_pl->data_len > buflen) {
625 ZCRYPT_DBF_ERR("%s mismatch between reply data len and buffer len\n",
626 __func__);
627 rc = -ENOSPC;
628 goto out;
629 }
630
631 memcpy(buf, ((u8 *)rep_pl) + sizeof(*rep_pl), rep_pl->data_len);
632
633 out:
634 free_cprbmem(req, 0, false, xflags);
635 free_cprbmem(rep, 0, false, xflags);
636 return rc;
637 }
638
639 /*
640 * Provide information about an EP11 card.
641 */
ep11_get_card_info(u16 card,struct ep11_card_info * info,u32 xflags)642 int ep11_get_card_info(u16 card, struct ep11_card_info *info, u32 xflags)
643 {
644 int rc;
645 struct ep11_module_query_info {
646 u32 API_ord_nr;
647 u32 firmware_id;
648 u8 FW_major_vers;
649 u8 FW_minor_vers;
650 u8 CSP_major_vers;
651 u8 CSP_minor_vers;
652 u8 fwid[32];
653 u8 xcp_config_hash[32];
654 u8 CSP_config_hash[32];
655 u8 serial[16];
656 u8 module_date_time[16];
657 u64 op_mode;
658 u32 PKCS11_flags;
659 u32 ext_flags;
660 u32 domains;
661 u32 sym_state_bytes;
662 u32 digest_state_bytes;
663 u32 pin_blob_bytes;
664 u32 SPKI_bytes;
665 u32 priv_key_blob_bytes;
666 u32 sym_blob_bytes;
667 u32 max_payload_bytes;
668 u32 CP_profile_bytes;
669 u32 max_CP_index;
670 } __packed * pmqi = NULL;
671
672 /* use the cprb mempool to satisfy this short term mem alloc */
673 pmqi = (xflags & ZCRYPT_XFLAG_NOMEMALLOC) ?
674 mempool_alloc_preallocated(cprb_mempool) :
675 mempool_alloc(cprb_mempool, GFP_KERNEL);
676 if (!pmqi)
677 return -ENOMEM;
678 rc = ep11_query_info(card, AUTOSEL_DOM,
679 0x01 /* module info query */,
680 sizeof(*pmqi), (u8 *)pmqi, xflags);
681 if (rc)
682 goto out;
683
684 memset(info, 0, sizeof(*info));
685 info->API_ord_nr = pmqi->API_ord_nr;
686 info->FW_version = (pmqi->FW_major_vers << 8) + pmqi->FW_minor_vers;
687 memcpy(info->serial, pmqi->serial, sizeof(info->serial));
688 info->op_mode = pmqi->op_mode;
689
690 out:
691 mempool_free(pmqi, cprb_mempool);
692 return rc;
693 }
694 EXPORT_SYMBOL(ep11_get_card_info);
695
696 /*
697 * Provide information about a domain within an EP11 card.
698 */
ep11_get_domain_info(u16 card,u16 domain,struct ep11_domain_info * info,u32 xflags)699 int ep11_get_domain_info(u16 card, u16 domain,
700 struct ep11_domain_info *info, u32 xflags)
701 {
702 int rc;
703 struct ep11_domain_query_info {
704 u32 dom_index;
705 u8 cur_WK_VP[32];
706 u8 new_WK_VP[32];
707 u32 dom_flags;
708 u64 op_mode;
709 } __packed dom_query_info;
710
711 rc = ep11_query_info(card, domain, 0x03 /* domain info query */,
712 sizeof(dom_query_info), (u8 *)&dom_query_info,
713 xflags);
714 if (rc)
715 goto out;
716
717 memset(info, 0, sizeof(*info));
718 info->cur_wk_state = '0';
719 info->new_wk_state = '0';
720 if (dom_query_info.dom_flags & 0x10 /* left imprint mode */) {
721 if (dom_query_info.dom_flags & 0x02 /* cur wk valid */) {
722 info->cur_wk_state = '1';
723 memcpy(info->cur_wkvp, dom_query_info.cur_WK_VP, 32);
724 }
725 if (dom_query_info.dom_flags & 0x04 || /* new wk present */
726 dom_query_info.dom_flags & 0x08 /* new wk committed */) {
727 info->new_wk_state =
728 dom_query_info.dom_flags & 0x08 ? '2' : '1';
729 memcpy(info->new_wkvp, dom_query_info.new_WK_VP, 32);
730 }
731 }
732 info->op_mode = dom_query_info.op_mode;
733
734 out:
735 return rc;
736 }
737 EXPORT_SYMBOL(ep11_get_domain_info);
738
739 /*
740 * Default EP11 AES key generate attributes, used when no keygenflags given:
741 * XCP_BLOB_ENCRYPT | XCP_BLOB_DECRYPT | XCP_BLOB_PROTKEY_EXTRACTABLE
742 */
743 #define KEY_ATTR_DEFAULTS 0x00200c00
744
_ep11_genaeskey(u16 card,u16 domain,u32 keybitsize,u32 keygenflags,u8 * keybuf,size_t * keybufsize,u32 xflags)745 static int _ep11_genaeskey(u16 card, u16 domain,
746 u32 keybitsize, u32 keygenflags,
747 u8 *keybuf, size_t *keybufsize, u32 xflags)
748 {
749 struct keygen_req_pl {
750 struct pl_head head;
751 u8 var_tag;
752 u8 var_len;
753 u32 var;
754 u8 keybytes_tag;
755 u8 keybytes_len;
756 u32 keybytes;
757 u8 mech_tag;
758 u8 mech_len;
759 u32 mech;
760 u8 attr_tag;
761 u8 attr_len;
762 u32 attr_header;
763 u32 attr_bool_mask;
764 u32 attr_bool_bits;
765 u32 attr_val_len_type;
766 u32 attr_val_len_value;
767 /* followed by empty pin tag or empty pinblob tag */
768 } __packed * req_pl;
769 struct keygen_rep_pl {
770 struct pl_head head;
771 u8 rc_tag;
772 u8 rc_len;
773 u32 rc;
774 u8 data_tag;
775 u8 data_lenfmt;
776 u16 data_len;
777 u8 data[512];
778 } __packed * rep_pl;
779 struct ep11_cprb *req = NULL, *rep = NULL;
780 size_t req_pl_size, pinblob_size = 0;
781 struct ep11_target_dev target;
782 struct ep11_urb urb;
783 int api, rc = -ENOMEM;
784 u8 *p;
785
786 switch (keybitsize) {
787 case 128:
788 case 192:
789 case 256:
790 break;
791 default:
792 ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
793 __func__, keybitsize);
794 rc = -EINVAL;
795 goto out;
796 }
797
798 /* request cprb and payload */
799 api = (!keygenflags || keygenflags & 0x00200000) ?
800 EP11_API_V4 : EP11_API_V1;
801 if (ap_is_se_guest()) {
802 /*
803 * genkey within SE environment requires API ordinal 6
804 * with empty pinblob
805 */
806 api = EP11_API_V6;
807 pinblob_size = EP11_PINBLOB_V1_BYTES;
808 }
809 req_pl_size = sizeof(struct keygen_req_pl) + ASN1TAGLEN(pinblob_size);
810 req = alloc_cprbmem(req_pl_size, xflags);
811 if (!req)
812 goto out;
813 req_pl = (struct keygen_req_pl *)(((u8 *)req) + sizeof(*req));
814 prep_head(&req_pl->head, req_pl_size, api, 21); /* GenerateKey */
815 req_pl->var_tag = 0x04;
816 req_pl->var_len = sizeof(u32);
817 req_pl->keybytes_tag = 0x04;
818 req_pl->keybytes_len = sizeof(u32);
819 req_pl->keybytes = keybitsize / 8;
820 req_pl->mech_tag = 0x04;
821 req_pl->mech_len = sizeof(u32);
822 req_pl->mech = 0x00001080; /* CKM_AES_KEY_GEN */
823 req_pl->attr_tag = 0x04;
824 req_pl->attr_len = 5 * sizeof(u32);
825 req_pl->attr_header = 0x10010000;
826 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
827 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
828 req_pl->attr_val_len_type = 0x00000161; /* CKA_VALUE_LEN */
829 req_pl->attr_val_len_value = keybitsize / 8;
830 p = ((u8 *)req_pl) + sizeof(*req_pl);
831 /* pin tag */
832 *p++ = 0x04;
833 *p++ = pinblob_size;
834
835 /* reply cprb and payload */
836 rep = alloc_cprbmem(sizeof(struct keygen_rep_pl), xflags);
837 if (!rep)
838 goto out;
839 rep_pl = (struct keygen_rep_pl *)(((u8 *)rep) + sizeof(*rep));
840
841 /* urb and target */
842 target.ap_id = card;
843 target.dom_id = domain;
844 prep_urb(&urb, &target, 1,
845 req, sizeof(*req) + req_pl_size,
846 rep, sizeof(*rep) + sizeof(*rep_pl));
847
848 rc = zcrypt_send_ep11_cprb(&urb, xflags);
849 if (rc) {
850 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
851 __func__, (int)card, (int)domain, rc);
852 goto out;
853 }
854
855 /* check ep11 reply cprb */
856 rc = check_reply_cprb(rep, __func__);
857 if (rc)
858 goto out;
859
860 /* check payload */
861 rc = check_reply_pl((u8 *)rep_pl, __func__);
862 if (rc)
863 goto out;
864 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
865 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
866 rc = -EIO;
867 goto out;
868 }
869 if (rep_pl->data_len > *keybufsize) {
870 ZCRYPT_DBF_ERR("%s mismatch reply data len / key buffer len\n",
871 __func__);
872 rc = -ENOSPC;
873 goto out;
874 }
875
876 /* copy key blob */
877 memcpy(keybuf, rep_pl->data, rep_pl->data_len);
878 *keybufsize = rep_pl->data_len;
879
880 out:
881 free_cprbmem(req, 0, false, xflags);
882 free_cprbmem(rep, sizeof(struct keygen_rep_pl), true, xflags);
883 return rc;
884 }
885
ep11_genaeskey(u16 card,u16 domain,u32 keybitsize,u32 keygenflags,u8 * keybuf,u32 * keybufsize,u32 keybufver,u32 xflags)886 int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
887 u8 *keybuf, u32 *keybufsize, u32 keybufver, u32 xflags)
888 {
889 struct ep11kblob_header *hdr;
890 size_t hdr_size, pl_size;
891 u8 *pl;
892 int rc;
893
894 switch (keybufver) {
895 case TOKVER_EP11_AES:
896 case TOKVER_EP11_AES_WITH_HEADER:
897 break;
898 default:
899 return -EINVAL;
900 }
901
902 rc = ep11_kb_split(keybuf, *keybufsize, keybufver,
903 &hdr, &hdr_size, &pl, &pl_size);
904 if (rc)
905 return rc;
906
907 rc = _ep11_genaeskey(card, domain, keybitsize, keygenflags,
908 pl, &pl_size, xflags);
909 if (rc)
910 return rc;
911
912 *keybufsize = hdr_size + pl_size;
913
914 /* update header information */
915 hdr->type = TOKTYPE_NON_CCA;
916 hdr->len = *keybufsize;
917 hdr->version = keybufver;
918 hdr->bitlen = keybitsize;
919
920 return 0;
921 }
922 EXPORT_SYMBOL(ep11_genaeskey);
923
ep11_cryptsingle(u16 card,u16 domain,u16 mode,u32 mech,const u8 * iv,const u8 * key,size_t keysize,const u8 * inbuf,size_t inbufsize,u8 * outbuf,size_t * outbufsize,u32 xflags)924 static int ep11_cryptsingle(u16 card, u16 domain,
925 u16 mode, u32 mech, const u8 *iv,
926 const u8 *key, size_t keysize,
927 const u8 *inbuf, size_t inbufsize,
928 u8 *outbuf, size_t *outbufsize,
929 u32 xflags)
930 {
931 struct crypt_req_pl {
932 struct pl_head head;
933 u8 var_tag;
934 u8 var_len;
935 u32 var;
936 u8 mech_tag;
937 u8 mech_len;
938 u32 mech;
939 /*
940 * maybe followed by iv data
941 * followed by key tag + key blob
942 * followed by plaintext tag + plaintext
943 */
944 } __packed * req_pl;
945 struct crypt_rep_pl {
946 struct pl_head head;
947 u8 rc_tag;
948 u8 rc_len;
949 u32 rc;
950 u8 data_tag;
951 u8 data_lenfmt;
952 /* data follows */
953 } __packed * rep_pl;
954 struct ep11_cprb *req = NULL, *rep = NULL;
955 struct ep11_target_dev target;
956 struct ep11_urb urb;
957 size_t req_pl_size, rep_pl_size = 0;
958 int n, api = EP11_API_V1, rc = -ENOMEM;
959 u8 *p;
960
961 /* the simple asn1 coding used has length limits */
962 if (keysize > 0xFFFF || inbufsize > 0xFFFF)
963 return -EINVAL;
964
965 /* request cprb and payload */
966 req_pl_size = sizeof(struct crypt_req_pl) + (iv ? 16 : 0)
967 + ASN1TAGLEN(keysize) + ASN1TAGLEN(inbufsize);
968 req = alloc_cprbmem(req_pl_size, xflags);
969 if (!req)
970 goto out;
971 req_pl = (struct crypt_req_pl *)(((u8 *)req) + sizeof(*req));
972 prep_head(&req_pl->head, req_pl_size, api, (mode ? 20 : 19));
973 req_pl->var_tag = 0x04;
974 req_pl->var_len = sizeof(u32);
975 /* mech is mech + mech params (iv here) */
976 req_pl->mech_tag = 0x04;
977 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
978 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */
979 p = ((u8 *)req_pl) + sizeof(*req_pl);
980 if (iv) {
981 memcpy(p, iv, 16);
982 p += 16;
983 }
984 /* key and input data */
985 p += asn1tag_write(p, 0x04, key, keysize);
986 p += asn1tag_write(p, 0x04, inbuf, inbufsize);
987
988 /* reply cprb and payload, assume out data size <= in data size + 32 */
989 rep_pl_size = sizeof(struct crypt_rep_pl) + ASN1TAGLEN(inbufsize + 32);
990 rep = alloc_cprbmem(rep_pl_size, xflags);
991 if (!rep)
992 goto out;
993 rep_pl = (struct crypt_rep_pl *)(((u8 *)rep) + sizeof(*rep));
994
995 /* urb and target */
996 target.ap_id = card;
997 target.dom_id = domain;
998 prep_urb(&urb, &target, 1,
999 req, sizeof(*req) + req_pl_size,
1000 rep, sizeof(*rep) + rep_pl_size);
1001
1002 rc = zcrypt_send_ep11_cprb(&urb, xflags);
1003 if (rc) {
1004 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1005 __func__, (int)card, (int)domain, rc);
1006 goto out;
1007 }
1008
1009 /* check ep11 reply cprb */
1010 rc = check_reply_cprb(rep, __func__);
1011 if (rc)
1012 goto out;
1013
1014 /* check payload */
1015 rc = check_reply_pl((u8 *)rep_pl, __func__);
1016 if (rc)
1017 goto out;
1018 if (rep_pl->data_tag != 0x04) {
1019 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
1020 rc = -EIO;
1021 goto out;
1022 }
1023 p = ((u8 *)rep_pl) + sizeof(*rep_pl);
1024 if (rep_pl->data_lenfmt <= 127) {
1025 n = rep_pl->data_lenfmt;
1026 } else if (rep_pl->data_lenfmt == 0x81) {
1027 n = *p++;
1028 } else if (rep_pl->data_lenfmt == 0x82) {
1029 n = *((u16 *)p);
1030 p += 2;
1031 } else {
1032 ZCRYPT_DBF_ERR("%s unknown reply data length format 0x%02hhx\n",
1033 __func__, rep_pl->data_lenfmt);
1034 rc = -EIO;
1035 goto out;
1036 }
1037 if (n > *outbufsize) {
1038 ZCRYPT_DBF_ERR("%s mismatch reply data len %d / output buffer %zu\n",
1039 __func__, n, *outbufsize);
1040 rc = -ENOSPC;
1041 goto out;
1042 }
1043
1044 memcpy(outbuf, p, n);
1045 *outbufsize = n;
1046
1047 out:
1048 free_cprbmem(req, req_pl_size, true, xflags);
1049 free_cprbmem(rep, rep_pl_size, true, xflags);
1050 return rc;
1051 }
1052
_ep11_unwrapkey(u16 card,u16 domain,const u8 * kek,size_t keksize,const u8 * enckey,size_t enckeysize,u32 mech,const u8 * iv,u32 keybitsize,u32 keygenflags,u8 * keybuf,size_t * keybufsize,u32 xflags)1053 static int _ep11_unwrapkey(u16 card, u16 domain,
1054 const u8 *kek, size_t keksize,
1055 const u8 *enckey, size_t enckeysize,
1056 u32 mech, const u8 *iv,
1057 u32 keybitsize, u32 keygenflags,
1058 u8 *keybuf, size_t *keybufsize, u32 xflags)
1059 {
1060 struct uw_req_pl {
1061 struct pl_head head;
1062 u8 attr_tag;
1063 u8 attr_len;
1064 u32 attr_header;
1065 u32 attr_bool_mask;
1066 u32 attr_bool_bits;
1067 u32 attr_key_type;
1068 u32 attr_key_type_value;
1069 u32 attr_val_len;
1070 u32 attr_val_len_value;
1071 u8 mech_tag;
1072 u8 mech_len;
1073 u32 mech;
1074 /*
1075 * maybe followed by iv data
1076 * followed by kek tag + kek blob
1077 * followed by empty mac tag
1078 * followed by empty pin tag or empty pinblob tag
1079 * followed by encryted key tag + bytes
1080 */
1081 } __packed * req_pl;
1082 struct uw_rep_pl {
1083 struct pl_head head;
1084 u8 rc_tag;
1085 u8 rc_len;
1086 u32 rc;
1087 u8 data_tag;
1088 u8 data_lenfmt;
1089 u16 data_len;
1090 u8 data[512];
1091 } __packed * rep_pl;
1092 struct ep11_cprb *req = NULL, *rep = NULL;
1093 size_t req_pl_size, pinblob_size = 0;
1094 struct ep11_target_dev target;
1095 struct ep11_urb urb;
1096 int api, rc = -ENOMEM;
1097 u8 *p;
1098
1099 /* request cprb and payload */
1100 api = (!keygenflags || keygenflags & 0x00200000) ?
1101 EP11_API_V4 : EP11_API_V1;
1102 if (ap_is_se_guest()) {
1103 /*
1104 * unwrap within SE environment requires API ordinal 6
1105 * with empty pinblob
1106 */
1107 api = EP11_API_V6;
1108 pinblob_size = EP11_PINBLOB_V1_BYTES;
1109 }
1110 req_pl_size = sizeof(struct uw_req_pl) + (iv ? 16 : 0)
1111 + ASN1TAGLEN(keksize) + ASN1TAGLEN(0)
1112 + ASN1TAGLEN(pinblob_size) + ASN1TAGLEN(enckeysize);
1113 req = alloc_cprbmem(req_pl_size, xflags);
1114 if (!req)
1115 goto out;
1116 req_pl = (struct uw_req_pl *)(((u8 *)req) + sizeof(*req));
1117 prep_head(&req_pl->head, req_pl_size, api, 34); /* UnwrapKey */
1118 req_pl->attr_tag = 0x04;
1119 req_pl->attr_len = 7 * sizeof(u32);
1120 req_pl->attr_header = 0x10020000;
1121 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
1122 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
1123 req_pl->attr_key_type = 0x00000100; /* CKA_KEY_TYPE */
1124 req_pl->attr_key_type_value = 0x0000001f; /* CKK_AES */
1125 req_pl->attr_val_len = 0x00000161; /* CKA_VALUE_LEN */
1126 req_pl->attr_val_len_value = keybitsize / 8;
1127 /* mech is mech + mech params (iv here) */
1128 req_pl->mech_tag = 0x04;
1129 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1130 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */
1131 p = ((u8 *)req_pl) + sizeof(*req_pl);
1132 if (iv) {
1133 memcpy(p, iv, 16);
1134 p += 16;
1135 }
1136 /* kek */
1137 p += asn1tag_write(p, 0x04, kek, keksize);
1138 /* empty mac key tag */
1139 *p++ = 0x04;
1140 *p++ = 0;
1141 /* pin tag */
1142 *p++ = 0x04;
1143 *p++ = pinblob_size;
1144 p += pinblob_size;
1145 /* encrypted key value tag and bytes */
1146 p += asn1tag_write(p, 0x04, enckey, enckeysize);
1147
1148 /* reply cprb and payload */
1149 rep = alloc_cprbmem(sizeof(struct uw_rep_pl), xflags);
1150 if (!rep)
1151 goto out;
1152 rep_pl = (struct uw_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1153
1154 /* urb and target */
1155 target.ap_id = card;
1156 target.dom_id = domain;
1157 prep_urb(&urb, &target, 1,
1158 req, sizeof(*req) + req_pl_size,
1159 rep, sizeof(*rep) + sizeof(*rep_pl));
1160
1161 rc = zcrypt_send_ep11_cprb(&urb, xflags);
1162 if (rc) {
1163 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1164 __func__, (int)card, (int)domain, rc);
1165 goto out;
1166 }
1167
1168 /* check ep11 reply cprb */
1169 rc = check_reply_cprb(rep, __func__);
1170 if (rc)
1171 goto out;
1172
1173 /* check payload */
1174 rc = check_reply_pl((u8 *)rep_pl, __func__);
1175 if (rc)
1176 goto out;
1177 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
1178 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
1179 rc = -EIO;
1180 goto out;
1181 }
1182 if (rep_pl->data_len > *keybufsize) {
1183 ZCRYPT_DBF_ERR("%s mismatch reply data len / key buffer len\n",
1184 __func__);
1185 rc = -ENOSPC;
1186 goto out;
1187 }
1188
1189 /* copy key blob */
1190 memcpy(keybuf, rep_pl->data, rep_pl->data_len);
1191 *keybufsize = rep_pl->data_len;
1192
1193 out:
1194 free_cprbmem(req, req_pl_size, true, xflags);
1195 free_cprbmem(rep, sizeof(struct uw_rep_pl), true, xflags);
1196 return rc;
1197 }
1198
ep11_unwrapkey(u16 card,u16 domain,const u8 * kek,size_t keksize,const u8 * enckey,size_t enckeysize,u32 mech,const u8 * iv,u32 keybitsize,u32 keygenflags,u8 * keybuf,u32 * keybufsize,u8 keybufver,u32 xflags)1199 static int ep11_unwrapkey(u16 card, u16 domain,
1200 const u8 *kek, size_t keksize,
1201 const u8 *enckey, size_t enckeysize,
1202 u32 mech, const u8 *iv,
1203 u32 keybitsize, u32 keygenflags,
1204 u8 *keybuf, u32 *keybufsize,
1205 u8 keybufver, u32 xflags)
1206 {
1207 struct ep11kblob_header *hdr;
1208 size_t hdr_size, pl_size;
1209 u8 *pl;
1210 int rc;
1211
1212 rc = ep11_kb_split(keybuf, *keybufsize, keybufver,
1213 &hdr, &hdr_size, &pl, &pl_size);
1214 if (rc)
1215 return rc;
1216
1217 rc = _ep11_unwrapkey(card, domain, kek, keksize, enckey, enckeysize,
1218 mech, iv, keybitsize, keygenflags,
1219 pl, &pl_size, xflags);
1220 if (rc)
1221 return rc;
1222
1223 *keybufsize = hdr_size + pl_size;
1224
1225 /* update header information */
1226 hdr = (struct ep11kblob_header *)keybuf;
1227 hdr->type = TOKTYPE_NON_CCA;
1228 hdr->len = *keybufsize;
1229 hdr->version = keybufver;
1230 hdr->bitlen = keybitsize;
1231
1232 return 0;
1233 }
1234
_ep11_wrapkey(u16 card,u16 domain,const u8 * key,size_t keysize,u32 mech,const u8 * iv,u8 * databuf,size_t * datasize,u32 xflags)1235 static int _ep11_wrapkey(u16 card, u16 domain,
1236 const u8 *key, size_t keysize,
1237 u32 mech, const u8 *iv,
1238 u8 *databuf, size_t *datasize, u32 xflags)
1239 {
1240 struct wk_req_pl {
1241 struct pl_head head;
1242 u8 var_tag;
1243 u8 var_len;
1244 u32 var;
1245 u8 mech_tag;
1246 u8 mech_len;
1247 u32 mech;
1248 /*
1249 * followed by iv data
1250 * followed by key tag + key blob
1251 * followed by dummy kek param
1252 * followed by dummy mac param
1253 */
1254 } __packed * req_pl;
1255 struct wk_rep_pl {
1256 struct pl_head head;
1257 u8 rc_tag;
1258 u8 rc_len;
1259 u32 rc;
1260 u8 data_tag;
1261 u8 data_lenfmt;
1262 u16 data_len;
1263 u8 data[1024];
1264 } __packed * rep_pl;
1265 struct ep11_cprb *req = NULL, *rep = NULL;
1266 struct ep11_target_dev target;
1267 struct ep11_urb urb;
1268 size_t req_pl_size;
1269 int api, rc = -ENOMEM;
1270 u8 *p;
1271
1272 /* request cprb and payload */
1273 req_pl_size = sizeof(struct wk_req_pl) + (iv ? 16 : 0)
1274 + ASN1TAGLEN(keysize) + 4;
1275 req = alloc_cprbmem(req_pl_size, xflags);
1276 if (!req)
1277 goto out;
1278 if (!mech || mech == 0x80060001)
1279 req->flags |= 0x20; /* CPACF_WRAP needs special bit */
1280 req_pl = (struct wk_req_pl *)(((u8 *)req) + sizeof(*req));
1281 api = (!mech || mech == 0x80060001) ? /* CKM_IBM_CPACF_WRAP */
1282 EP11_API_V4 : EP11_API_V1;
1283 prep_head(&req_pl->head, req_pl_size, api, 33); /* WrapKey */
1284 req_pl->var_tag = 0x04;
1285 req_pl->var_len = sizeof(u32);
1286 /* mech is mech + mech params (iv here) */
1287 req_pl->mech_tag = 0x04;
1288 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1289 req_pl->mech = (mech ? mech : 0x80060001); /* CKM_IBM_CPACF_WRAP */
1290 p = ((u8 *)req_pl) + sizeof(*req_pl);
1291 if (iv) {
1292 memcpy(p, iv, 16);
1293 p += 16;
1294 }
1295 /* key blob */
1296 p += asn1tag_write(p, 0x04, key, keysize);
1297 /* empty kek tag */
1298 *p++ = 0x04;
1299 *p++ = 0;
1300 /* empty mac tag */
1301 *p++ = 0x04;
1302 *p++ = 0;
1303
1304 /* reply cprb and payload */
1305 rep = alloc_cprbmem(sizeof(struct wk_rep_pl), xflags);
1306 if (!rep)
1307 goto out;
1308 rep_pl = (struct wk_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1309
1310 /* urb and target */
1311 target.ap_id = card;
1312 target.dom_id = domain;
1313 prep_urb(&urb, &target, 1,
1314 req, sizeof(*req) + req_pl_size,
1315 rep, sizeof(*rep) + sizeof(*rep_pl));
1316
1317 rc = zcrypt_send_ep11_cprb(&urb, xflags);
1318 if (rc) {
1319 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1320 __func__, (int)card, (int)domain, rc);
1321 goto out;
1322 }
1323
1324 /* check ep11 reply cprb */
1325 rc = check_reply_cprb(rep, __func__);
1326 if (rc)
1327 goto out;
1328
1329 /* check payload */
1330 rc = check_reply_pl((u8 *)rep_pl, __func__);
1331 if (rc)
1332 goto out;
1333 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
1334 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
1335 rc = -EIO;
1336 goto out;
1337 }
1338 if (rep_pl->data_len > *datasize) {
1339 ZCRYPT_DBF_ERR("%s mismatch reply data len / data buffer len\n",
1340 __func__);
1341 rc = -ENOSPC;
1342 goto out;
1343 }
1344
1345 /* copy the data from the cprb to the data buffer */
1346 memcpy(databuf, rep_pl->data, rep_pl->data_len);
1347 *datasize = rep_pl->data_len;
1348
1349 out:
1350 free_cprbmem(req, req_pl_size, true, xflags);
1351 free_cprbmem(rep, sizeof(struct wk_rep_pl), true, xflags);
1352 return rc;
1353 }
1354
ep11_clr2keyblob(u16 card,u16 domain,u32 keybitsize,u32 keygenflags,const u8 * clrkey,u8 * keybuf,u32 * keybufsize,u32 keytype,u32 xflags)1355 int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
1356 const u8 *clrkey, u8 *keybuf, u32 *keybufsize,
1357 u32 keytype, u32 xflags)
1358 {
1359 int rc;
1360 void *mem;
1361 u8 encbuf[64], *kek;
1362 size_t clrkeylen, keklen, encbuflen = sizeof(encbuf);
1363
1364 if (keybitsize == 128 || keybitsize == 192 || keybitsize == 256) {
1365 clrkeylen = keybitsize / 8;
1366 } else {
1367 ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
1368 __func__, keybitsize);
1369 return -EINVAL;
1370 }
1371
1372 /*
1373 * Allocate space for the temp kek.
1374 * Also we only need up to MAXEP11AESKEYBLOBSIZE bytes for this
1375 * we use the already existing cprb mempool to solve this
1376 * short term memory requirement.
1377 */
1378 mem = (xflags & ZCRYPT_XFLAG_NOMEMALLOC) ?
1379 mempool_alloc_preallocated(cprb_mempool) :
1380 mempool_alloc(cprb_mempool, GFP_KERNEL);
1381 if (!mem)
1382 return -ENOMEM;
1383 kek = (u8 *)mem;
1384 keklen = MAXEP11AESKEYBLOBSIZE;
1385
1386 /* Step 1: generate AES 256 bit random kek key */
1387 rc = _ep11_genaeskey(card, domain, 256,
1388 0x00006c00, /* EN/DECRYPT, WRAP/UNWRAP */
1389 kek, &keklen, xflags);
1390 if (rc) {
1391 ZCRYPT_DBF_ERR("%s generate kek key failed, rc=%d\n",
1392 __func__, rc);
1393 goto out;
1394 }
1395
1396 /* Step 2: encrypt clear key value with the kek key */
1397 rc = ep11_cryptsingle(card, domain, 0, 0, def_iv, kek, keklen,
1398 clrkey, clrkeylen, encbuf, &encbuflen, xflags);
1399 if (rc) {
1400 ZCRYPT_DBF_ERR("%s encrypting key value with kek key failed, rc=%d\n",
1401 __func__, rc);
1402 goto out;
1403 }
1404
1405 /* Step 3: import the encrypted key value as a new key */
1406 rc = ep11_unwrapkey(card, domain, kek, keklen,
1407 encbuf, encbuflen, 0, def_iv,
1408 keybitsize, 0, keybuf, keybufsize, keytype, xflags);
1409 if (rc) {
1410 ZCRYPT_DBF_ERR("%s importing key value as new key failed, rc=%d\n",
1411 __func__, rc);
1412 goto out;
1413 }
1414
1415 out:
1416 mempool_free(mem, cprb_mempool);
1417 return rc;
1418 }
1419 EXPORT_SYMBOL(ep11_clr2keyblob);
1420
ep11_kblob2protkey(u16 card,u16 dom,const u8 * keyblob,u32 keybloblen,u8 * protkey,u32 * protkeylen,u32 * protkeytype,u32 xflags)1421 int ep11_kblob2protkey(u16 card, u16 dom,
1422 const u8 *keyblob, u32 keybloblen,
1423 u8 *protkey, u32 *protkeylen, u32 *protkeytype,
1424 u32 xflags)
1425 {
1426 struct ep11kblob_header *hdr;
1427 struct ep11keyblob *key;
1428 size_t wkbuflen, keylen;
1429 struct wk_info {
1430 u16 version;
1431 u8 res1[16];
1432 u32 pkeytype;
1433 u32 pkeybitsize;
1434 u64 pkeysize;
1435 u8 res2[8];
1436 u8 pkey[];
1437 } __packed * wki;
1438 u8 *wkbuf = NULL;
1439 int rc = -EIO;
1440
1441 if (ep11_kb_decode((u8 *)keyblob, keybloblen, &hdr, NULL, &key, &keylen))
1442 return -EINVAL;
1443
1444 if (hdr->version == TOKVER_EP11_AES) {
1445 /* wipe overlayed header */
1446 memset(hdr, 0, sizeof(*hdr));
1447 }
1448 /* !!! hdr is no longer a valid header !!! */
1449
1450 /* need a temp working buffer */
1451 wkbuflen = (keylen + AES_BLOCK_SIZE) & (~(AES_BLOCK_SIZE - 1));
1452 if (wkbuflen > CPRB_MEMPOOL_ITEM_SIZE) {
1453 /* this should never happen */
1454 rc = -ENOMEM;
1455 ZCRYPT_DBF_WARN("%s wkbuflen %d > cprb mempool item size %d, rc=%d\n",
1456 __func__, (int)wkbuflen, CPRB_MEMPOOL_ITEM_SIZE, rc);
1457 return rc;
1458 }
1459 /* use the cprb mempool to satisfy this short term mem allocation */
1460 wkbuf = (xflags & ZCRYPT_XFLAG_NOMEMALLOC) ?
1461 mempool_alloc_preallocated(cprb_mempool) :
1462 mempool_alloc(cprb_mempool, GFP_ATOMIC);
1463 if (!wkbuf) {
1464 rc = -ENOMEM;
1465 ZCRYPT_DBF_WARN("%s allocating tmp buffer via cprb mempool failed, rc=%d\n",
1466 __func__, rc);
1467 return rc;
1468 }
1469
1470 /* ep11 secure key -> protected key + info */
1471 rc = _ep11_wrapkey(card, dom, (u8 *)key, keylen,
1472 0, def_iv, wkbuf, &wkbuflen, xflags);
1473 if (rc) {
1474 ZCRYPT_DBF_ERR("%s rewrapping ep11 key to pkey failed, rc=%d\n",
1475 __func__, rc);
1476 goto out;
1477 }
1478 wki = (struct wk_info *)wkbuf;
1479
1480 /* check struct version and pkey type */
1481 if (wki->version != 1 || wki->pkeytype < 1 || wki->pkeytype > 5) {
1482 ZCRYPT_DBF_ERR("%s wk info version %d or pkeytype %d mismatch.\n",
1483 __func__, (int)wki->version, (int)wki->pkeytype);
1484 rc = -EIO;
1485 goto out;
1486 }
1487
1488 /* check protected key type field */
1489 switch (wki->pkeytype) {
1490 case 1: /* AES */
1491 switch (wki->pkeysize) {
1492 case 16 + 32:
1493 /* AES 128 protected key */
1494 if (protkeytype)
1495 *protkeytype = PKEY_KEYTYPE_AES_128;
1496 break;
1497 case 24 + 32:
1498 /* AES 192 protected key */
1499 if (protkeytype)
1500 *protkeytype = PKEY_KEYTYPE_AES_192;
1501 break;
1502 case 32 + 32:
1503 /* AES 256 protected key */
1504 if (protkeytype)
1505 *protkeytype = PKEY_KEYTYPE_AES_256;
1506 break;
1507 default:
1508 ZCRYPT_DBF_ERR("%s unknown/unsupported AES pkeysize %d\n",
1509 __func__, (int)wki->pkeysize);
1510 rc = -EIO;
1511 goto out;
1512 }
1513 break;
1514 case 3: /* EC-P */
1515 case 4: /* EC-ED */
1516 case 5: /* EC-BP */
1517 if (protkeytype)
1518 *protkeytype = PKEY_KEYTYPE_ECC;
1519 break;
1520 case 2: /* TDES */
1521 default:
1522 ZCRYPT_DBF_ERR("%s unknown/unsupported key type %d\n",
1523 __func__, (int)wki->pkeytype);
1524 rc = -EIO;
1525 goto out;
1526 }
1527
1528 /* copy the translated protected key */
1529 if (wki->pkeysize > *protkeylen) {
1530 ZCRYPT_DBF_ERR("%s wk info pkeysize %llu > protkeysize %u\n",
1531 __func__, wki->pkeysize, *protkeylen);
1532 rc = -EINVAL;
1533 goto out;
1534 }
1535 memcpy(protkey, wki->pkey, wki->pkeysize);
1536 *protkeylen = wki->pkeysize;
1537
1538 out:
1539 mempool_free(wkbuf, cprb_mempool);
1540 return rc;
1541 }
1542 EXPORT_SYMBOL(ep11_kblob2protkey);
1543
ep11_findcard2(u32 * apqns,u32 * nr_apqns,u16 cardnr,u16 domain,int minhwtype,int minapi,const u8 * wkvp,u32 xflags)1544 int ep11_findcard2(u32 *apqns, u32 *nr_apqns, u16 cardnr, u16 domain,
1545 int minhwtype, int minapi, const u8 *wkvp, u32 xflags)
1546 {
1547 struct zcrypt_device_status_ext *device_status;
1548 struct ep11_domain_info edi;
1549 struct ep11_card_info eci;
1550 u32 _nr_apqns = 0;
1551 int i, card, dom;
1552
1553 /* occupy the device status memory */
1554 mutex_lock(&dev_status_mem_mutex);
1555 memset(dev_status_mem, 0, ZCRYPT_DEV_STATUS_EXT_SIZE);
1556 device_status = (struct zcrypt_device_status_ext *)dev_status_mem;
1557
1558 /* fetch crypto device status into this struct */
1559 zcrypt_device_status_mask_ext(device_status,
1560 ZCRYPT_DEV_STATUS_CARD_MAX,
1561 ZCRYPT_DEV_STATUS_QUEUE_MAX);
1562
1563 /* walk through all the crypto apqnss */
1564 for (i = 0; i < ZCRYPT_DEV_STATUS_ENTRIES; i++) {
1565 card = AP_QID_CARD(device_status[i].qid);
1566 dom = AP_QID_QUEUE(device_status[i].qid);
1567 /* check online state */
1568 if (!device_status[i].online)
1569 continue;
1570 /* check for ep11 functions */
1571 if (!(device_status[i].functions & 0x01))
1572 continue;
1573 /* check cardnr */
1574 if (cardnr != 0xFFFF && card != cardnr)
1575 continue;
1576 /* check domain */
1577 if (domain != 0xFFFF && dom != domain)
1578 continue;
1579 /* check min hardware type */
1580 if (minhwtype && device_status[i].hwtype < minhwtype)
1581 continue;
1582 /* check min api version if given */
1583 if (minapi > 0) {
1584 if (ep11_get_card_info(card, &eci, xflags))
1585 continue;
1586 if (minapi > eci.API_ord_nr)
1587 continue;
1588 }
1589 /* check wkvp if given */
1590 if (wkvp) {
1591 if (ep11_get_domain_info(card, dom, &edi, xflags))
1592 continue;
1593 if (edi.cur_wk_state != '1')
1594 continue;
1595 if (memcmp(wkvp, edi.cur_wkvp, 16))
1596 continue;
1597 }
1598 /* apqn passed all filtering criterons, add to the array */
1599 if (_nr_apqns < *nr_apqns)
1600 apqns[_nr_apqns++] = (((u16)card) << 16) | ((u16)dom);
1601 }
1602
1603 *nr_apqns = _nr_apqns;
1604
1605 mutex_unlock(&dev_status_mem_mutex);
1606
1607 return _nr_apqns ? 0 : -ENODEV;
1608 }
1609 EXPORT_SYMBOL(ep11_findcard2);
1610
zcrypt_ep11misc_init(void)1611 int __init zcrypt_ep11misc_init(void)
1612 {
1613 /* Pre-allocate a small memory pool for ep11 cprbs. */
1614 cprb_mempool = mempool_create_kmalloc_pool(2 * zcrypt_mempool_threshold,
1615 CPRB_MEMPOOL_ITEM_SIZE);
1616 if (!cprb_mempool)
1617 return -ENOMEM;
1618
1619 /* Pre-allocate one crypto status card struct used in ep11_findcard2() */
1620 dev_status_mem = kvmalloc(ZCRYPT_DEV_STATUS_EXT_SIZE, GFP_KERNEL);
1621 if (!dev_status_mem) {
1622 mempool_destroy(cprb_mempool);
1623 return -ENOMEM;
1624 }
1625
1626 return 0;
1627 }
1628
zcrypt_ep11misc_exit(void)1629 void zcrypt_ep11misc_exit(void)
1630 {
1631 mutex_lock(&dev_status_mem_mutex);
1632 kvfree(dev_status_mem);
1633 mutex_unlock(&dev_status_mem_mutex);
1634 mempool_destroy(cprb_mempool);
1635 }
1636