1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright IBM Corp. 2019
4 * Author(s): Harald Freudenberger <freude@linux.ibm.com>
5 *
6 * Collection of EP11 misc functions used by zcrypt and pkey
7 */
8
9 #define pr_fmt(fmt) "zcrypt: " fmt
10
11 #include <linux/export.h>
12 #include <linux/init.h>
13 #include <linux/mempool.h>
14 #include <linux/module.h>
15 #include <linux/random.h>
16 #include <linux/slab.h>
17 #include <asm/zcrypt.h>
18 #include <asm/pkey.h>
19 #include <crypto/aes.h>
20
21 #include "ap_bus.h"
22 #include "zcrypt_api.h"
23 #include "zcrypt_debug.h"
24 #include "zcrypt_msgtype6.h"
25 #include "zcrypt_ep11misc.h"
26 #include "zcrypt_ccamisc.h"
27
28 #define EP11_PINBLOB_V1_BYTES 56
29
30 /* default iv used here */
31 static const u8 def_iv[16] = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
32 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff };
33
34 /*
35 * Cprb memory pool held for urgent cases where no memory
36 * can be allocated via kmalloc. This pool is only used when
37 * alloc_cprbmem() is called with the xflag ZCRYPT_XFLAG_NOMEMALLOC.
38 */
39 #define CPRB_MEMPOOL_ITEM_SIZE (8 * 1024)
40 static mempool_t *cprb_mempool;
41
42 /*
43 * This is a pre-allocated memory for the device status array
44 * used within the ep11_findcard2() function. It is currently
45 * 128 * 128 * 4 bytes = 64 KB big. Usage of this memory is
46 * controlled via dev_status_mem_mutex. Needs adaption if more
47 * than 128 cards or domains to be are supported.
48 */
49 #define ZCRYPT_DEV_STATUS_CARD_MAX 128
50 #define ZCRYPT_DEV_STATUS_QUEUE_MAX 128
51 #define ZCRYPT_DEV_STATUS_ENTRIES (ZCRYPT_DEV_STATUS_CARD_MAX * \
52 ZCRYPT_DEV_STATUS_QUEUE_MAX)
53 #define ZCRYPT_DEV_STATUS_EXT_SIZE (ZCRYPT_DEV_STATUS_ENTRIES * \
54 sizeof(struct zcrypt_device_status_ext))
55 static void *dev_status_mem;
56 static DEFINE_MUTEX(dev_status_mem_mutex);
57
ep11_kb_split(const u8 * kb,size_t kblen,u32 kbver,struct ep11kblob_header ** kbhdr,size_t * kbhdrsize,u8 ** kbpl,size_t * kbplsize)58 static int ep11_kb_split(const u8 *kb, size_t kblen, u32 kbver,
59 struct ep11kblob_header **kbhdr, size_t *kbhdrsize,
60 u8 **kbpl, size_t *kbplsize)
61 {
62 struct ep11kblob_header *hdr = NULL;
63 size_t hdrsize, plsize = 0;
64 int rc = -EINVAL;
65 u8 *pl = NULL;
66
67 if (kblen < sizeof(struct ep11kblob_header))
68 goto out;
69 hdr = (struct ep11kblob_header *)kb;
70
71 switch (kbver) {
72 case TOKVER_EP11_AES:
73 /* header overlays the payload */
74 hdrsize = 0;
75 break;
76 case TOKVER_EP11_ECC_WITH_HEADER:
77 case TOKVER_EP11_AES_WITH_HEADER:
78 /* payload starts after the header */
79 hdrsize = sizeof(struct ep11kblob_header);
80 break;
81 default:
82 goto out;
83 }
84
85 plsize = kblen - hdrsize;
86 pl = (u8 *)kb + hdrsize;
87
88 if (kbhdr)
89 *kbhdr = hdr;
90 if (kbhdrsize)
91 *kbhdrsize = hdrsize;
92 if (kbpl)
93 *kbpl = pl;
94 if (kbplsize)
95 *kbplsize = plsize;
96
97 rc = 0;
98 out:
99 return rc;
100 }
101
ep11_kb_decode(const u8 * kb,size_t kblen,struct ep11kblob_header ** kbhdr,size_t * kbhdrsize,struct ep11keyblob ** kbpl,size_t * kbplsize)102 static int ep11_kb_decode(const u8 *kb, size_t kblen,
103 struct ep11kblob_header **kbhdr, size_t *kbhdrsize,
104 struct ep11keyblob **kbpl, size_t *kbplsize)
105 {
106 struct ep11kblob_header *tmph, *hdr = NULL;
107 size_t hdrsize = 0, plsize = 0;
108 struct ep11keyblob *pl = NULL;
109 int rc = -EINVAL;
110 u8 *tmpp;
111
112 if (kblen < sizeof(struct ep11kblob_header))
113 goto out;
114 tmph = (struct ep11kblob_header *)kb;
115
116 if (tmph->type != TOKTYPE_NON_CCA &&
117 tmph->len > kblen)
118 goto out;
119
120 if (ep11_kb_split(kb, kblen, tmph->version,
121 &hdr, &hdrsize, &tmpp, &plsize))
122 goto out;
123
124 if (plsize < sizeof(struct ep11keyblob))
125 goto out;
126
127 if (!is_ep11_keyblob(tmpp))
128 goto out;
129
130 pl = (struct ep11keyblob *)tmpp;
131 plsize = hdr->len - hdrsize;
132
133 if (kbhdr)
134 *kbhdr = hdr;
135 if (kbhdrsize)
136 *kbhdrsize = hdrsize;
137 if (kbpl)
138 *kbpl = pl;
139 if (kbplsize)
140 *kbplsize = plsize;
141
142 rc = 0;
143 out:
144 return rc;
145 }
146
147 /*
148 * For valid ep11 keyblobs, returns a reference to the wrappingkey verification
149 * pattern. Otherwise NULL.
150 */
ep11_kb_wkvp(const u8 * keyblob,u32 keybloblen)151 const u8 *ep11_kb_wkvp(const u8 *keyblob, u32 keybloblen)
152 {
153 struct ep11keyblob *kb;
154
155 if (ep11_kb_decode(keyblob, keybloblen, NULL, NULL, &kb, NULL))
156 return NULL;
157 return kb->wkvp;
158 }
159 EXPORT_SYMBOL(ep11_kb_wkvp);
160
161 /*
162 * Simple check if the key blob is a valid EP11 AES key blob with header.
163 */
ep11_check_aes_key_with_hdr(debug_info_t * dbg,int dbflvl,const u8 * key,u32 keylen,int checkcpacfexp)164 int ep11_check_aes_key_with_hdr(debug_info_t *dbg, int dbflvl,
165 const u8 *key, u32 keylen, int checkcpacfexp)
166 {
167 struct ep11kblob_header *hdr = (struct ep11kblob_header *)key;
168 struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr));
169
170 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
171
172 if (keylen < sizeof(*hdr) + sizeof(*kb)) {
173 DBF("%s key check failed, keylen %u < %zu\n",
174 __func__, keylen, sizeof(*hdr) + sizeof(*kb));
175 return -EINVAL;
176 }
177
178 if (hdr->type != TOKTYPE_NON_CCA) {
179 if (dbg)
180 DBF("%s key check failed, type 0x%02x != 0x%02x\n",
181 __func__, (int)hdr->type, TOKTYPE_NON_CCA);
182 return -EINVAL;
183 }
184 if (hdr->hver != 0x00) {
185 if (dbg)
186 DBF("%s key check failed, header version 0x%02x != 0x00\n",
187 __func__, (int)hdr->hver);
188 return -EINVAL;
189 }
190 if (hdr->version != TOKVER_EP11_AES_WITH_HEADER) {
191 if (dbg)
192 DBF("%s key check failed, version 0x%02x != 0x%02x\n",
193 __func__, (int)hdr->version, TOKVER_EP11_AES_WITH_HEADER);
194 return -EINVAL;
195 }
196 if (hdr->len > keylen) {
197 if (dbg)
198 DBF("%s key check failed, header len %d keylen %u mismatch\n",
199 __func__, (int)hdr->len, keylen);
200 return -EINVAL;
201 }
202 if (hdr->len < sizeof(*hdr) + sizeof(*kb)) {
203 if (dbg)
204 DBF("%s key check failed, header len %d < %zu\n",
205 __func__, (int)hdr->len, sizeof(*hdr) + sizeof(*kb));
206 return -EINVAL;
207 }
208
209 if (kb->version != EP11_STRUCT_MAGIC) {
210 if (dbg)
211 DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
212 __func__, (int)kb->version, EP11_STRUCT_MAGIC);
213 return -EINVAL;
214 }
215 if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
216 if (dbg)
217 DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
218 __func__);
219 return -EINVAL;
220 }
221
222 #undef DBF
223
224 return 0;
225 }
226 EXPORT_SYMBOL(ep11_check_aes_key_with_hdr);
227
228 /*
229 * Simple check if the key blob is a valid EP11 ECC key blob with header.
230 */
ep11_check_ecc_key_with_hdr(debug_info_t * dbg,int dbflvl,const u8 * key,u32 keylen,int checkcpacfexp)231 int ep11_check_ecc_key_with_hdr(debug_info_t *dbg, int dbflvl,
232 const u8 *key, u32 keylen, int checkcpacfexp)
233 {
234 struct ep11kblob_header *hdr = (struct ep11kblob_header *)key;
235 struct ep11keyblob *kb = (struct ep11keyblob *)(key + sizeof(*hdr));
236
237 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
238
239 if (keylen < sizeof(*hdr) + sizeof(*kb)) {
240 DBF("%s key check failed, keylen %u < %zu\n",
241 __func__, keylen, sizeof(*hdr) + sizeof(*kb));
242 return -EINVAL;
243 }
244
245 if (hdr->type != TOKTYPE_NON_CCA) {
246 if (dbg)
247 DBF("%s key check failed, type 0x%02x != 0x%02x\n",
248 __func__, (int)hdr->type, TOKTYPE_NON_CCA);
249 return -EINVAL;
250 }
251 if (hdr->hver != 0x00) {
252 if (dbg)
253 DBF("%s key check failed, header version 0x%02x != 0x00\n",
254 __func__, (int)hdr->hver);
255 return -EINVAL;
256 }
257 if (hdr->version != TOKVER_EP11_ECC_WITH_HEADER) {
258 if (dbg)
259 DBF("%s key check failed, version 0x%02x != 0x%02x\n",
260 __func__, (int)hdr->version, TOKVER_EP11_ECC_WITH_HEADER);
261 return -EINVAL;
262 }
263 if (hdr->len > keylen) {
264 if (dbg)
265 DBF("%s key check failed, header len %d keylen %u mismatch\n",
266 __func__, (int)hdr->len, keylen);
267 return -EINVAL;
268 }
269 if (hdr->len < sizeof(*hdr) + sizeof(*kb)) {
270 if (dbg)
271 DBF("%s key check failed, header len %d < %zu\n",
272 __func__, (int)hdr->len, sizeof(*hdr) + sizeof(*kb));
273 return -EINVAL;
274 }
275
276 if (kb->version != EP11_STRUCT_MAGIC) {
277 if (dbg)
278 DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
279 __func__, (int)kb->version, EP11_STRUCT_MAGIC);
280 return -EINVAL;
281 }
282 if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
283 if (dbg)
284 DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
285 __func__);
286 return -EINVAL;
287 }
288
289 #undef DBF
290
291 return 0;
292 }
293 EXPORT_SYMBOL(ep11_check_ecc_key_with_hdr);
294
295 /*
296 * Simple check if the key blob is a valid EP11 AES key blob with
297 * the header in the session field (old style EP11 AES key).
298 */
ep11_check_aes_key(debug_info_t * dbg,int dbflvl,const u8 * key,u32 keylen,int checkcpacfexp)299 int ep11_check_aes_key(debug_info_t *dbg, int dbflvl,
300 const u8 *key, u32 keylen, int checkcpacfexp)
301 {
302 struct ep11keyblob *kb = (struct ep11keyblob *)key;
303
304 #define DBF(...) debug_sprintf_event(dbg, dbflvl, ##__VA_ARGS__)
305
306 if (keylen < sizeof(*kb)) {
307 DBF("%s key check failed, keylen %u < %zu\n",
308 __func__, keylen, sizeof(*kb));
309 return -EINVAL;
310 }
311
312 if (kb->head.type != TOKTYPE_NON_CCA) {
313 if (dbg)
314 DBF("%s key check failed, type 0x%02x != 0x%02x\n",
315 __func__, (int)kb->head.type, TOKTYPE_NON_CCA);
316 return -EINVAL;
317 }
318 if (kb->head.version != TOKVER_EP11_AES) {
319 if (dbg)
320 DBF("%s key check failed, version 0x%02x != 0x%02x\n",
321 __func__, (int)kb->head.version, TOKVER_EP11_AES);
322 return -EINVAL;
323 }
324 if (kb->head.len > keylen) {
325 if (dbg)
326 DBF("%s key check failed, header len %d keylen %u mismatch\n",
327 __func__, (int)kb->head.len, keylen);
328 return -EINVAL;
329 }
330 if (kb->head.len < sizeof(*kb)) {
331 if (dbg)
332 DBF("%s key check failed, header len %d < %zu\n",
333 __func__, (int)kb->head.len, sizeof(*kb));
334 return -EINVAL;
335 }
336
337 if (kb->version != EP11_STRUCT_MAGIC) {
338 if (dbg)
339 DBF("%s key check failed, blob magic 0x%04x != 0x%04x\n",
340 __func__, (int)kb->version, EP11_STRUCT_MAGIC);
341 return -EINVAL;
342 }
343 if (checkcpacfexp && !(kb->attr & EP11_BLOB_PKEY_EXTRACTABLE)) {
344 if (dbg)
345 DBF("%s key check failed, PKEY_EXTRACTABLE is off\n",
346 __func__);
347 return -EINVAL;
348 }
349
350 #undef DBF
351
352 return 0;
353 }
354 EXPORT_SYMBOL(ep11_check_aes_key);
355
356 /*
357 * Allocate and prepare ep11 cprb plus additional payload.
358 */
alloc_cprbmem(size_t payload_len,u32 xflags)359 static void *alloc_cprbmem(size_t payload_len, u32 xflags)
360 {
361 size_t len = sizeof(struct ep11_cprb) + payload_len;
362 struct ep11_cprb *cprb = NULL;
363
364 if (xflags & ZCRYPT_XFLAG_NOMEMALLOC) {
365 if (len <= CPRB_MEMPOOL_ITEM_SIZE)
366 cprb = mempool_alloc_preallocated(cprb_mempool);
367 } else {
368 cprb = kmalloc(len, GFP_KERNEL);
369 }
370 if (!cprb)
371 return NULL;
372 memset(cprb, 0, len);
373
374 cprb->cprb_len = sizeof(struct ep11_cprb);
375 cprb->cprb_ver_id = 0x04;
376 memcpy(cprb->func_id, "T4", 2);
377 cprb->ret_code = 0xFFFFFFFF;
378 cprb->payload_len = payload_len;
379
380 return cprb;
381 }
382
383 /*
384 * Free ep11 cprb buffer space.
385 */
free_cprbmem(void * mem,size_t payload_len,bool scrub,u32 xflags)386 static void free_cprbmem(void *mem, size_t payload_len, bool scrub, u32 xflags)
387 {
388 if (mem && scrub)
389 memzero_explicit(mem, sizeof(struct ep11_cprb) + payload_len);
390
391 if (xflags & ZCRYPT_XFLAG_NOMEMALLOC)
392 mempool_free(mem, cprb_mempool);
393 else
394 kfree(mem);
395 }
396
397 /*
398 * Some helper functions related to ASN1 encoding.
399 * Limited to length info <= 2 byte.
400 */
401
402 #define ASN1TAGLEN(x) (2 + (x) + ((x) > 127 ? 1 : 0) + ((x) > 255 ? 1 : 0))
403
asn1tag_write(u8 * ptr,u8 tag,const u8 * pvalue,u16 valuelen)404 static int asn1tag_write(u8 *ptr, u8 tag, const u8 *pvalue, u16 valuelen)
405 {
406 ptr[0] = tag;
407 if (valuelen > 255) {
408 ptr[1] = 0x82;
409 *((u16 *)(ptr + 2)) = valuelen;
410 memcpy(ptr + 4, pvalue, valuelen);
411 return 4 + valuelen;
412 }
413 if (valuelen > 127) {
414 ptr[1] = 0x81;
415 ptr[2] = (u8)valuelen;
416 memcpy(ptr + 3, pvalue, valuelen);
417 return 3 + valuelen;
418 }
419 ptr[1] = (u8)valuelen;
420 memcpy(ptr + 2, pvalue, valuelen);
421 return 2 + valuelen;
422 }
423
424 /* EP11 payload > 127 bytes starts with this struct */
425 struct pl_head {
426 u8 tag;
427 u8 lenfmt;
428 u16 len;
429 u8 func_tag;
430 u8 func_len;
431 u32 func;
432 u8 dom_tag;
433 u8 dom_len;
434 u32 dom;
435 } __packed;
436
437 /* prep ep11 payload head helper function */
prep_head(struct pl_head * h,size_t pl_size,int api,int func)438 static inline void prep_head(struct pl_head *h,
439 size_t pl_size, int api, int func)
440 {
441 h->tag = 0x30;
442 h->lenfmt = 0x82;
443 h->len = pl_size - 4;
444 h->func_tag = 0x04;
445 h->func_len = sizeof(u32);
446 h->func = (api << 16) + func;
447 h->dom_tag = 0x04;
448 h->dom_len = sizeof(u32);
449 }
450
451 /* prep urb helper function */
prep_urb(struct ep11_urb * u,struct ep11_target_dev * t,int nt,struct ep11_cprb * req,size_t req_len,struct ep11_cprb * rep,size_t rep_len)452 static inline void prep_urb(struct ep11_urb *u,
453 struct ep11_target_dev *t, int nt,
454 struct ep11_cprb *req, size_t req_len,
455 struct ep11_cprb *rep, size_t rep_len)
456 {
457 memset(u, 0, sizeof(*u));
458 u->targets = (u8 __user *)t;
459 u->targets_num = nt;
460 u->req = (u8 __user *)req;
461 u->req_len = req_len;
462 u->resp = (u8 __user *)rep;
463 u->resp_len = rep_len;
464 }
465
466 /* Check ep11 reply payload, return 0 or suggested errno value. */
check_reply_pl(const u8 * pl,const char * func)467 static int check_reply_pl(const u8 *pl, const char *func)
468 {
469 int len;
470 u32 ret;
471
472 /* start tag */
473 if (*pl++ != 0x30) {
474 ZCRYPT_DBF_ERR("%s reply start tag mismatch\n", func);
475 return -EIO;
476 }
477
478 /* payload length format */
479 if (*pl < 127) {
480 len = *pl;
481 pl++;
482 } else if (*pl == 0x81) {
483 pl++;
484 len = *pl;
485 pl++;
486 } else if (*pl == 0x82) {
487 pl++;
488 len = *((u16 *)pl);
489 pl += 2;
490 } else {
491 ZCRYPT_DBF_ERR("%s reply start tag lenfmt mismatch 0x%02hhx\n",
492 func, *pl);
493 return -EIO;
494 }
495
496 /* len should cover at least 3 fields with 32 bit value each */
497 if (len < 3 * 6) {
498 ZCRYPT_DBF_ERR("%s reply length %d too small\n", func, len);
499 return -EIO;
500 }
501
502 /* function tag, length and value */
503 if (pl[0] != 0x04 || pl[1] != 0x04) {
504 ZCRYPT_DBF_ERR("%s function tag or length mismatch\n", func);
505 return -EIO;
506 }
507 pl += 6;
508
509 /* dom tag, length and value */
510 if (pl[0] != 0x04 || pl[1] != 0x04) {
511 ZCRYPT_DBF_ERR("%s dom tag or length mismatch\n", func);
512 return -EIO;
513 }
514 pl += 6;
515
516 /* return value tag, length and value */
517 if (pl[0] != 0x04 || pl[1] != 0x04) {
518 ZCRYPT_DBF_ERR("%s return value tag or length mismatch\n",
519 func);
520 return -EIO;
521 }
522 pl += 2;
523 ret = *((u32 *)pl);
524 if (ret != 0) {
525 ZCRYPT_DBF_ERR("%s return value 0x%08x != 0\n", func, ret);
526 return -EIO;
527 }
528
529 return 0;
530 }
531
532 /* Check ep11 reply cprb, return 0 or suggested errno value. */
check_reply_cprb(const struct ep11_cprb * rep,const char * func)533 static int check_reply_cprb(const struct ep11_cprb *rep, const char *func)
534 {
535 /* check ep11 reply return code field */
536 if (rep->ret_code) {
537 ZCRYPT_DBF_ERR("%s ep11 reply ret_code=0x%08x\n", __func__,
538 rep->ret_code);
539 if (rep->ret_code == 0x000c0003)
540 return -EBUSY;
541 else
542 return -EIO;
543 }
544
545 return 0;
546 }
547
548 /*
549 * Helper function which does an ep11 query with given query type.
550 */
ep11_query_info(u16 cardnr,u16 domain,u32 query_type,size_t buflen,u8 * buf,u32 xflags)551 static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type,
552 size_t buflen, u8 *buf, u32 xflags)
553 {
554 struct ep11_info_req_pl {
555 struct pl_head head;
556 u8 query_type_tag;
557 u8 query_type_len;
558 u32 query_type;
559 u8 query_subtype_tag;
560 u8 query_subtype_len;
561 u32 query_subtype;
562 } __packed * req_pl;
563 struct ep11_info_rep_pl {
564 struct pl_head head;
565 u8 rc_tag;
566 u8 rc_len;
567 u32 rc;
568 u8 data_tag;
569 u8 data_lenfmt;
570 u16 data_len;
571 } __packed * rep_pl;
572 struct ep11_cprb *req = NULL, *rep = NULL;
573 struct ep11_target_dev target;
574 struct ep11_urb urb;
575 int api = EP11_API_V1, rc = -ENOMEM;
576
577 /* request cprb and payload */
578 req = alloc_cprbmem(sizeof(struct ep11_info_req_pl), xflags);
579 if (!req)
580 goto out;
581 req_pl = (struct ep11_info_req_pl *)(((u8 *)req) + sizeof(*req));
582 prep_head(&req_pl->head, sizeof(*req_pl), api, 38); /* get xcp info */
583 req_pl->query_type_tag = 0x04;
584 req_pl->query_type_len = sizeof(u32);
585 req_pl->query_type = query_type;
586 req_pl->query_subtype_tag = 0x04;
587 req_pl->query_subtype_len = sizeof(u32);
588
589 /* reply cprb and payload */
590 rep = alloc_cprbmem(sizeof(struct ep11_info_rep_pl) + buflen, xflags);
591 if (!rep)
592 goto out;
593 rep_pl = (struct ep11_info_rep_pl *)(((u8 *)rep) + sizeof(*rep));
594
595 /* urb and target */
596 target.ap_id = cardnr;
597 target.dom_id = domain;
598 prep_urb(&urb, &target, 1,
599 req, sizeof(*req) + sizeof(*req_pl),
600 rep, sizeof(*rep) + sizeof(*rep_pl) + buflen);
601
602 rc = zcrypt_send_ep11_cprb(&urb, xflags);
603 if (rc) {
604 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
605 __func__, (int)cardnr, (int)domain, rc);
606 goto out;
607 }
608
609 /* check ep11 reply cprb */
610 rc = check_reply_cprb(rep, __func__);
611 if (rc)
612 goto out;
613
614 /* check payload */
615 rc = check_reply_pl((u8 *)rep_pl, __func__);
616 if (rc)
617 goto out;
618 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
619 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
620 rc = -EIO;
621 goto out;
622 }
623 if (rep_pl->data_len > buflen) {
624 ZCRYPT_DBF_ERR("%s mismatch between reply data len and buffer len\n",
625 __func__);
626 rc = -ENOSPC;
627 goto out;
628 }
629
630 memcpy(buf, ((u8 *)rep_pl) + sizeof(*rep_pl), rep_pl->data_len);
631
632 out:
633 free_cprbmem(req, 0, false, xflags);
634 free_cprbmem(rep, 0, false, xflags);
635 return rc;
636 }
637
638 /*
639 * Provide information about an EP11 card.
640 */
ep11_get_card_info(u16 card,struct ep11_card_info * info,u32 xflags)641 int ep11_get_card_info(u16 card, struct ep11_card_info *info, u32 xflags)
642 {
643 int rc;
644 struct ep11_module_query_info {
645 u32 API_ord_nr;
646 u32 firmware_id;
647 u8 FW_major_vers;
648 u8 FW_minor_vers;
649 u8 CSP_major_vers;
650 u8 CSP_minor_vers;
651 u8 fwid[32];
652 u8 xcp_config_hash[32];
653 u8 CSP_config_hash[32];
654 u8 serial[16];
655 u8 module_date_time[16];
656 u64 op_mode;
657 u32 PKCS11_flags;
658 u32 ext_flags;
659 u32 domains;
660 u32 sym_state_bytes;
661 u32 digest_state_bytes;
662 u32 pin_blob_bytes;
663 u32 SPKI_bytes;
664 u32 priv_key_blob_bytes;
665 u32 sym_blob_bytes;
666 u32 max_payload_bytes;
667 u32 CP_profile_bytes;
668 u32 max_CP_index;
669 } __packed * pmqi = NULL;
670
671 /* use the cprb mempool to satisfy this short term mem alloc */
672 pmqi = (xflags & ZCRYPT_XFLAG_NOMEMALLOC) ?
673 mempool_alloc_preallocated(cprb_mempool) :
674 mempool_alloc(cprb_mempool, GFP_KERNEL);
675 if (!pmqi)
676 return -ENOMEM;
677 rc = ep11_query_info(card, AUTOSEL_DOM,
678 0x01 /* module info query */,
679 sizeof(*pmqi), (u8 *)pmqi, xflags);
680 if (rc)
681 goto out;
682
683 memset(info, 0, sizeof(*info));
684 info->API_ord_nr = pmqi->API_ord_nr;
685 info->FW_version = (pmqi->FW_major_vers << 8) + pmqi->FW_minor_vers;
686 memcpy(info->serial, pmqi->serial, sizeof(info->serial));
687 info->op_mode = pmqi->op_mode;
688
689 out:
690 mempool_free(pmqi, cprb_mempool);
691 return rc;
692 }
693 EXPORT_SYMBOL(ep11_get_card_info);
694
695 /*
696 * Provide information about a domain within an EP11 card.
697 */
ep11_get_domain_info(u16 card,u16 domain,struct ep11_domain_info * info,u32 xflags)698 int ep11_get_domain_info(u16 card, u16 domain,
699 struct ep11_domain_info *info, u32 xflags)
700 {
701 int rc;
702 struct ep11_domain_query_info {
703 u32 dom_index;
704 u8 cur_WK_VP[32];
705 u8 new_WK_VP[32];
706 u32 dom_flags;
707 u64 op_mode;
708 } __packed dom_query_info;
709
710 rc = ep11_query_info(card, domain, 0x03 /* domain info query */,
711 sizeof(dom_query_info), (u8 *)&dom_query_info,
712 xflags);
713 if (rc)
714 goto out;
715
716 memset(info, 0, sizeof(*info));
717 info->cur_wk_state = '0';
718 info->new_wk_state = '0';
719 if (dom_query_info.dom_flags & 0x10 /* left imprint mode */) {
720 if (dom_query_info.dom_flags & 0x02 /* cur wk valid */) {
721 info->cur_wk_state = '1';
722 memcpy(info->cur_wkvp, dom_query_info.cur_WK_VP, 32);
723 }
724 if (dom_query_info.dom_flags & 0x04 || /* new wk present */
725 dom_query_info.dom_flags & 0x08 /* new wk committed */) {
726 info->new_wk_state =
727 dom_query_info.dom_flags & 0x08 ? '2' : '1';
728 memcpy(info->new_wkvp, dom_query_info.new_WK_VP, 32);
729 }
730 }
731 info->op_mode = dom_query_info.op_mode;
732
733 out:
734 return rc;
735 }
736 EXPORT_SYMBOL(ep11_get_domain_info);
737
738 /*
739 * Default EP11 AES key generate attributes, used when no keygenflags given:
740 * XCP_BLOB_ENCRYPT | XCP_BLOB_DECRYPT | XCP_BLOB_PROTKEY_EXTRACTABLE
741 */
742 #define KEY_ATTR_DEFAULTS 0x00200c00
743
_ep11_genaeskey(u16 card,u16 domain,u32 keybitsize,u32 keygenflags,u8 * keybuf,size_t * keybufsize,u32 xflags)744 static int _ep11_genaeskey(u16 card, u16 domain,
745 u32 keybitsize, u32 keygenflags,
746 u8 *keybuf, size_t *keybufsize, u32 xflags)
747 {
748 struct keygen_req_pl {
749 struct pl_head head;
750 u8 var_tag;
751 u8 var_len;
752 u32 var;
753 u8 keybytes_tag;
754 u8 keybytes_len;
755 u32 keybytes;
756 u8 mech_tag;
757 u8 mech_len;
758 u32 mech;
759 u8 attr_tag;
760 u8 attr_len;
761 u32 attr_header;
762 u32 attr_bool_mask;
763 u32 attr_bool_bits;
764 u32 attr_val_len_type;
765 u32 attr_val_len_value;
766 /* followed by empty pin tag or empty pinblob tag */
767 } __packed * req_pl;
768 struct keygen_rep_pl {
769 struct pl_head head;
770 u8 rc_tag;
771 u8 rc_len;
772 u32 rc;
773 u8 data_tag;
774 u8 data_lenfmt;
775 u16 data_len;
776 u8 data[512];
777 } __packed * rep_pl;
778 struct ep11_cprb *req = NULL, *rep = NULL;
779 size_t req_pl_size, pinblob_size = 0;
780 struct ep11_target_dev target;
781 struct ep11_urb urb;
782 int api, rc = -ENOMEM;
783 u8 *p;
784
785 switch (keybitsize) {
786 case 128:
787 case 192:
788 case 256:
789 break;
790 default:
791 ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
792 __func__, keybitsize);
793 rc = -EINVAL;
794 goto out;
795 }
796
797 /* request cprb and payload */
798 api = (!keygenflags || keygenflags & 0x00200000) ?
799 EP11_API_V4 : EP11_API_V1;
800 if (ap_is_se_guest()) {
801 /*
802 * genkey within SE environment requires API ordinal 6
803 * with empty pinblob
804 */
805 api = EP11_API_V6;
806 pinblob_size = EP11_PINBLOB_V1_BYTES;
807 }
808 req_pl_size = sizeof(struct keygen_req_pl) + ASN1TAGLEN(pinblob_size);
809 req = alloc_cprbmem(req_pl_size, xflags);
810 if (!req)
811 goto out;
812 req_pl = (struct keygen_req_pl *)(((u8 *)req) + sizeof(*req));
813 prep_head(&req_pl->head, req_pl_size, api, 21); /* GenerateKey */
814 req_pl->var_tag = 0x04;
815 req_pl->var_len = sizeof(u32);
816 req_pl->keybytes_tag = 0x04;
817 req_pl->keybytes_len = sizeof(u32);
818 req_pl->keybytes = keybitsize / 8;
819 req_pl->mech_tag = 0x04;
820 req_pl->mech_len = sizeof(u32);
821 req_pl->mech = 0x00001080; /* CKM_AES_KEY_GEN */
822 req_pl->attr_tag = 0x04;
823 req_pl->attr_len = 5 * sizeof(u32);
824 req_pl->attr_header = 0x10010000;
825 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
826 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
827 req_pl->attr_val_len_type = 0x00000161; /* CKA_VALUE_LEN */
828 req_pl->attr_val_len_value = keybitsize / 8;
829 p = ((u8 *)req_pl) + sizeof(*req_pl);
830 /* pin tag */
831 *p++ = 0x04;
832 *p++ = pinblob_size;
833
834 /* reply cprb and payload */
835 rep = alloc_cprbmem(sizeof(struct keygen_rep_pl), xflags);
836 if (!rep)
837 goto out;
838 rep_pl = (struct keygen_rep_pl *)(((u8 *)rep) + sizeof(*rep));
839
840 /* urb and target */
841 target.ap_id = card;
842 target.dom_id = domain;
843 prep_urb(&urb, &target, 1,
844 req, sizeof(*req) + req_pl_size,
845 rep, sizeof(*rep) + sizeof(*rep_pl));
846
847 rc = zcrypt_send_ep11_cprb(&urb, xflags);
848 if (rc) {
849 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
850 __func__, (int)card, (int)domain, rc);
851 goto out;
852 }
853
854 /* check ep11 reply cprb */
855 rc = check_reply_cprb(rep, __func__);
856 if (rc)
857 goto out;
858
859 /* check payload */
860 rc = check_reply_pl((u8 *)rep_pl, __func__);
861 if (rc)
862 goto out;
863 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
864 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
865 rc = -EIO;
866 goto out;
867 }
868 if (rep_pl->data_len > *keybufsize) {
869 ZCRYPT_DBF_ERR("%s mismatch reply data len / key buffer len\n",
870 __func__);
871 rc = -ENOSPC;
872 goto out;
873 }
874
875 /* copy key blob */
876 memcpy(keybuf, rep_pl->data, rep_pl->data_len);
877 *keybufsize = rep_pl->data_len;
878
879 out:
880 free_cprbmem(req, 0, false, xflags);
881 free_cprbmem(rep, sizeof(struct keygen_rep_pl), true, xflags);
882 return rc;
883 }
884
ep11_genaeskey(u16 card,u16 domain,u32 keybitsize,u32 keygenflags,u8 * keybuf,u32 * keybufsize,u32 keybufver,u32 xflags)885 int ep11_genaeskey(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
886 u8 *keybuf, u32 *keybufsize, u32 keybufver, u32 xflags)
887 {
888 struct ep11kblob_header *hdr;
889 size_t hdr_size, pl_size;
890 u8 *pl;
891 int rc;
892
893 switch (keybufver) {
894 case TOKVER_EP11_AES:
895 case TOKVER_EP11_AES_WITH_HEADER:
896 break;
897 default:
898 return -EINVAL;
899 }
900
901 rc = ep11_kb_split(keybuf, *keybufsize, keybufver,
902 &hdr, &hdr_size, &pl, &pl_size);
903 if (rc)
904 return rc;
905
906 rc = _ep11_genaeskey(card, domain, keybitsize, keygenflags,
907 pl, &pl_size, xflags);
908 if (rc)
909 return rc;
910
911 *keybufsize = hdr_size + pl_size;
912
913 /* update header information */
914 hdr->type = TOKTYPE_NON_CCA;
915 hdr->len = *keybufsize;
916 hdr->version = keybufver;
917 hdr->bitlen = keybitsize;
918
919 return 0;
920 }
921 EXPORT_SYMBOL(ep11_genaeskey);
922
ep11_cryptsingle(u16 card,u16 domain,u16 mode,u32 mech,const u8 * iv,const u8 * key,size_t keysize,const u8 * inbuf,size_t inbufsize,u8 * outbuf,size_t * outbufsize,u32 xflags)923 static int ep11_cryptsingle(u16 card, u16 domain,
924 u16 mode, u32 mech, const u8 *iv,
925 const u8 *key, size_t keysize,
926 const u8 *inbuf, size_t inbufsize,
927 u8 *outbuf, size_t *outbufsize,
928 u32 xflags)
929 {
930 struct crypt_req_pl {
931 struct pl_head head;
932 u8 var_tag;
933 u8 var_len;
934 u32 var;
935 u8 mech_tag;
936 u8 mech_len;
937 u32 mech;
938 /*
939 * maybe followed by iv data
940 * followed by key tag + key blob
941 * followed by plaintext tag + plaintext
942 */
943 } __packed * req_pl;
944 struct crypt_rep_pl {
945 struct pl_head head;
946 u8 rc_tag;
947 u8 rc_len;
948 u32 rc;
949 u8 data_tag;
950 u8 data_lenfmt;
951 /* data follows */
952 } __packed * rep_pl;
953 struct ep11_cprb *req = NULL, *rep = NULL;
954 struct ep11_target_dev target;
955 struct ep11_urb urb;
956 size_t req_pl_size, rep_pl_size = 0;
957 int n, api = EP11_API_V1, rc = -ENOMEM;
958 u8 *p;
959
960 /* the simple asn1 coding used has length limits */
961 if (keysize > 0xFFFF || inbufsize > 0xFFFF)
962 return -EINVAL;
963
964 /* request cprb and payload */
965 req_pl_size = sizeof(struct crypt_req_pl) + (iv ? 16 : 0)
966 + ASN1TAGLEN(keysize) + ASN1TAGLEN(inbufsize);
967 req = alloc_cprbmem(req_pl_size, xflags);
968 if (!req)
969 goto out;
970 req_pl = (struct crypt_req_pl *)(((u8 *)req) + sizeof(*req));
971 prep_head(&req_pl->head, req_pl_size, api, (mode ? 20 : 19));
972 req_pl->var_tag = 0x04;
973 req_pl->var_len = sizeof(u32);
974 /* mech is mech + mech params (iv here) */
975 req_pl->mech_tag = 0x04;
976 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
977 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */
978 p = ((u8 *)req_pl) + sizeof(*req_pl);
979 if (iv) {
980 memcpy(p, iv, 16);
981 p += 16;
982 }
983 /* key and input data */
984 p += asn1tag_write(p, 0x04, key, keysize);
985 p += asn1tag_write(p, 0x04, inbuf, inbufsize);
986
987 /* reply cprb and payload, assume out data size <= in data size + 32 */
988 rep_pl_size = sizeof(struct crypt_rep_pl) + ASN1TAGLEN(inbufsize + 32);
989 rep = alloc_cprbmem(rep_pl_size, xflags);
990 if (!rep)
991 goto out;
992 rep_pl = (struct crypt_rep_pl *)(((u8 *)rep) + sizeof(*rep));
993
994 /* urb and target */
995 target.ap_id = card;
996 target.dom_id = domain;
997 prep_urb(&urb, &target, 1,
998 req, sizeof(*req) + req_pl_size,
999 rep, sizeof(*rep) + rep_pl_size);
1000
1001 rc = zcrypt_send_ep11_cprb(&urb, xflags);
1002 if (rc) {
1003 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1004 __func__, (int)card, (int)domain, rc);
1005 goto out;
1006 }
1007
1008 /* check ep11 reply cprb */
1009 rc = check_reply_cprb(rep, __func__);
1010 if (rc)
1011 goto out;
1012
1013 /* check payload */
1014 rc = check_reply_pl((u8 *)rep_pl, __func__);
1015 if (rc)
1016 goto out;
1017 if (rep_pl->data_tag != 0x04) {
1018 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
1019 rc = -EIO;
1020 goto out;
1021 }
1022 p = ((u8 *)rep_pl) + sizeof(*rep_pl);
1023 if (rep_pl->data_lenfmt <= 127) {
1024 n = rep_pl->data_lenfmt;
1025 } else if (rep_pl->data_lenfmt == 0x81) {
1026 n = *p++;
1027 } else if (rep_pl->data_lenfmt == 0x82) {
1028 n = *((u16 *)p);
1029 p += 2;
1030 } else {
1031 ZCRYPT_DBF_ERR("%s unknown reply data length format 0x%02hhx\n",
1032 __func__, rep_pl->data_lenfmt);
1033 rc = -EIO;
1034 goto out;
1035 }
1036 if (n > *outbufsize) {
1037 ZCRYPT_DBF_ERR("%s mismatch reply data len %d / output buffer %zu\n",
1038 __func__, n, *outbufsize);
1039 rc = -ENOSPC;
1040 goto out;
1041 }
1042
1043 memcpy(outbuf, p, n);
1044 *outbufsize = n;
1045
1046 out:
1047 free_cprbmem(req, req_pl_size, true, xflags);
1048 free_cprbmem(rep, rep_pl_size, true, xflags);
1049 return rc;
1050 }
1051
_ep11_unwrapkey(u16 card,u16 domain,const u8 * kek,size_t keksize,const u8 * enckey,size_t enckeysize,u32 mech,const u8 * iv,u32 keybitsize,u32 keygenflags,u8 * keybuf,size_t * keybufsize,u32 xflags)1052 static int _ep11_unwrapkey(u16 card, u16 domain,
1053 const u8 *kek, size_t keksize,
1054 const u8 *enckey, size_t enckeysize,
1055 u32 mech, const u8 *iv,
1056 u32 keybitsize, u32 keygenflags,
1057 u8 *keybuf, size_t *keybufsize, u32 xflags)
1058 {
1059 struct uw_req_pl {
1060 struct pl_head head;
1061 u8 attr_tag;
1062 u8 attr_len;
1063 u32 attr_header;
1064 u32 attr_bool_mask;
1065 u32 attr_bool_bits;
1066 u32 attr_key_type;
1067 u32 attr_key_type_value;
1068 u32 attr_val_len;
1069 u32 attr_val_len_value;
1070 u8 mech_tag;
1071 u8 mech_len;
1072 u32 mech;
1073 /*
1074 * maybe followed by iv data
1075 * followed by kek tag + kek blob
1076 * followed by empty mac tag
1077 * followed by empty pin tag or empty pinblob tag
1078 * followed by encryted key tag + bytes
1079 */
1080 } __packed * req_pl;
1081 struct uw_rep_pl {
1082 struct pl_head head;
1083 u8 rc_tag;
1084 u8 rc_len;
1085 u32 rc;
1086 u8 data_tag;
1087 u8 data_lenfmt;
1088 u16 data_len;
1089 u8 data[512];
1090 } __packed * rep_pl;
1091 struct ep11_cprb *req = NULL, *rep = NULL;
1092 size_t req_pl_size, pinblob_size = 0;
1093 struct ep11_target_dev target;
1094 struct ep11_urb urb;
1095 int api, rc = -ENOMEM;
1096 u8 *p;
1097
1098 /* request cprb and payload */
1099 api = (!keygenflags || keygenflags & 0x00200000) ?
1100 EP11_API_V4 : EP11_API_V1;
1101 if (ap_is_se_guest()) {
1102 /*
1103 * unwrap within SE environment requires API ordinal 6
1104 * with empty pinblob
1105 */
1106 api = EP11_API_V6;
1107 pinblob_size = EP11_PINBLOB_V1_BYTES;
1108 }
1109 req_pl_size = sizeof(struct uw_req_pl) + (iv ? 16 : 0)
1110 + ASN1TAGLEN(keksize) + ASN1TAGLEN(0)
1111 + ASN1TAGLEN(pinblob_size) + ASN1TAGLEN(enckeysize);
1112 req = alloc_cprbmem(req_pl_size, xflags);
1113 if (!req)
1114 goto out;
1115 req_pl = (struct uw_req_pl *)(((u8 *)req) + sizeof(*req));
1116 prep_head(&req_pl->head, req_pl_size, api, 34); /* UnwrapKey */
1117 req_pl->attr_tag = 0x04;
1118 req_pl->attr_len = 7 * sizeof(u32);
1119 req_pl->attr_header = 0x10020000;
1120 req_pl->attr_bool_mask = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
1121 req_pl->attr_bool_bits = keygenflags ? keygenflags : KEY_ATTR_DEFAULTS;
1122 req_pl->attr_key_type = 0x00000100; /* CKA_KEY_TYPE */
1123 req_pl->attr_key_type_value = 0x0000001f; /* CKK_AES */
1124 req_pl->attr_val_len = 0x00000161; /* CKA_VALUE_LEN */
1125 req_pl->attr_val_len_value = keybitsize / 8;
1126 /* mech is mech + mech params (iv here) */
1127 req_pl->mech_tag = 0x04;
1128 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1129 req_pl->mech = (mech ? mech : 0x00001085); /* CKM_AES_CBC_PAD */
1130 p = ((u8 *)req_pl) + sizeof(*req_pl);
1131 if (iv) {
1132 memcpy(p, iv, 16);
1133 p += 16;
1134 }
1135 /* kek */
1136 p += asn1tag_write(p, 0x04, kek, keksize);
1137 /* empty mac key tag */
1138 *p++ = 0x04;
1139 *p++ = 0;
1140 /* pin tag */
1141 *p++ = 0x04;
1142 *p++ = pinblob_size;
1143 p += pinblob_size;
1144 /* encrypted key value tag and bytes */
1145 p += asn1tag_write(p, 0x04, enckey, enckeysize);
1146
1147 /* reply cprb and payload */
1148 rep = alloc_cprbmem(sizeof(struct uw_rep_pl), xflags);
1149 if (!rep)
1150 goto out;
1151 rep_pl = (struct uw_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1152
1153 /* urb and target */
1154 target.ap_id = card;
1155 target.dom_id = domain;
1156 prep_urb(&urb, &target, 1,
1157 req, sizeof(*req) + req_pl_size,
1158 rep, sizeof(*rep) + sizeof(*rep_pl));
1159
1160 rc = zcrypt_send_ep11_cprb(&urb, xflags);
1161 if (rc) {
1162 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1163 __func__, (int)card, (int)domain, rc);
1164 goto out;
1165 }
1166
1167 /* check ep11 reply cprb */
1168 rc = check_reply_cprb(rep, __func__);
1169 if (rc)
1170 goto out;
1171
1172 /* check payload */
1173 rc = check_reply_pl((u8 *)rep_pl, __func__);
1174 if (rc)
1175 goto out;
1176 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
1177 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
1178 rc = -EIO;
1179 goto out;
1180 }
1181 if (rep_pl->data_len > *keybufsize) {
1182 ZCRYPT_DBF_ERR("%s mismatch reply data len / key buffer len\n",
1183 __func__);
1184 rc = -ENOSPC;
1185 goto out;
1186 }
1187
1188 /* copy key blob */
1189 memcpy(keybuf, rep_pl->data, rep_pl->data_len);
1190 *keybufsize = rep_pl->data_len;
1191
1192 out:
1193 free_cprbmem(req, req_pl_size, true, xflags);
1194 free_cprbmem(rep, sizeof(struct uw_rep_pl), true, xflags);
1195 return rc;
1196 }
1197
ep11_unwrapkey(u16 card,u16 domain,const u8 * kek,size_t keksize,const u8 * enckey,size_t enckeysize,u32 mech,const u8 * iv,u32 keybitsize,u32 keygenflags,u8 * keybuf,u32 * keybufsize,u8 keybufver,u32 xflags)1198 static int ep11_unwrapkey(u16 card, u16 domain,
1199 const u8 *kek, size_t keksize,
1200 const u8 *enckey, size_t enckeysize,
1201 u32 mech, const u8 *iv,
1202 u32 keybitsize, u32 keygenflags,
1203 u8 *keybuf, u32 *keybufsize,
1204 u8 keybufver, u32 xflags)
1205 {
1206 struct ep11kblob_header *hdr;
1207 size_t hdr_size, pl_size;
1208 u8 *pl;
1209 int rc;
1210
1211 rc = ep11_kb_split(keybuf, *keybufsize, keybufver,
1212 &hdr, &hdr_size, &pl, &pl_size);
1213 if (rc)
1214 return rc;
1215
1216 rc = _ep11_unwrapkey(card, domain, kek, keksize, enckey, enckeysize,
1217 mech, iv, keybitsize, keygenflags,
1218 pl, &pl_size, xflags);
1219 if (rc)
1220 return rc;
1221
1222 *keybufsize = hdr_size + pl_size;
1223
1224 /* update header information */
1225 hdr = (struct ep11kblob_header *)keybuf;
1226 hdr->type = TOKTYPE_NON_CCA;
1227 hdr->len = *keybufsize;
1228 hdr->version = keybufver;
1229 hdr->bitlen = keybitsize;
1230
1231 return 0;
1232 }
1233
_ep11_wrapkey(u16 card,u16 domain,const u8 * key,size_t keysize,u32 mech,const u8 * iv,u8 * databuf,size_t * datasize,u32 xflags)1234 static int _ep11_wrapkey(u16 card, u16 domain,
1235 const u8 *key, size_t keysize,
1236 u32 mech, const u8 *iv,
1237 u8 *databuf, size_t *datasize, u32 xflags)
1238 {
1239 struct wk_req_pl {
1240 struct pl_head head;
1241 u8 var_tag;
1242 u8 var_len;
1243 u32 var;
1244 u8 mech_tag;
1245 u8 mech_len;
1246 u32 mech;
1247 /*
1248 * followed by iv data
1249 * followed by key tag + key blob
1250 * followed by dummy kek param
1251 * followed by dummy mac param
1252 */
1253 } __packed * req_pl;
1254 struct wk_rep_pl {
1255 struct pl_head head;
1256 u8 rc_tag;
1257 u8 rc_len;
1258 u32 rc;
1259 u8 data_tag;
1260 u8 data_lenfmt;
1261 u16 data_len;
1262 u8 data[1024];
1263 } __packed * rep_pl;
1264 struct ep11_cprb *req = NULL, *rep = NULL;
1265 struct ep11_target_dev target;
1266 struct ep11_urb urb;
1267 size_t req_pl_size;
1268 int api, rc = -ENOMEM;
1269 u8 *p;
1270
1271 /* request cprb and payload */
1272 req_pl_size = sizeof(struct wk_req_pl) + (iv ? 16 : 0)
1273 + ASN1TAGLEN(keysize) + 4;
1274 req = alloc_cprbmem(req_pl_size, xflags);
1275 if (!req)
1276 goto out;
1277 if (!mech || mech == 0x80060001)
1278 req->flags |= 0x20; /* CPACF_WRAP needs special bit */
1279 req_pl = (struct wk_req_pl *)(((u8 *)req) + sizeof(*req));
1280 api = (!mech || mech == 0x80060001) ? /* CKM_IBM_CPACF_WRAP */
1281 EP11_API_V4 : EP11_API_V1;
1282 prep_head(&req_pl->head, req_pl_size, api, 33); /* WrapKey */
1283 req_pl->var_tag = 0x04;
1284 req_pl->var_len = sizeof(u32);
1285 /* mech is mech + mech params (iv here) */
1286 req_pl->mech_tag = 0x04;
1287 req_pl->mech_len = sizeof(u32) + (iv ? 16 : 0);
1288 req_pl->mech = (mech ? mech : 0x80060001); /* CKM_IBM_CPACF_WRAP */
1289 p = ((u8 *)req_pl) + sizeof(*req_pl);
1290 if (iv) {
1291 memcpy(p, iv, 16);
1292 p += 16;
1293 }
1294 /* key blob */
1295 p += asn1tag_write(p, 0x04, key, keysize);
1296 /* empty kek tag */
1297 *p++ = 0x04;
1298 *p++ = 0;
1299 /* empty mac tag */
1300 *p++ = 0x04;
1301 *p++ = 0;
1302
1303 /* reply cprb and payload */
1304 rep = alloc_cprbmem(sizeof(struct wk_rep_pl), xflags);
1305 if (!rep)
1306 goto out;
1307 rep_pl = (struct wk_rep_pl *)(((u8 *)rep) + sizeof(*rep));
1308
1309 /* urb and target */
1310 target.ap_id = card;
1311 target.dom_id = domain;
1312 prep_urb(&urb, &target, 1,
1313 req, sizeof(*req) + req_pl_size,
1314 rep, sizeof(*rep) + sizeof(*rep_pl));
1315
1316 rc = zcrypt_send_ep11_cprb(&urb, xflags);
1317 if (rc) {
1318 ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
1319 __func__, (int)card, (int)domain, rc);
1320 goto out;
1321 }
1322
1323 /* check ep11 reply cprb */
1324 rc = check_reply_cprb(rep, __func__);
1325 if (rc)
1326 goto out;
1327
1328 /* check payload */
1329 rc = check_reply_pl((u8 *)rep_pl, __func__);
1330 if (rc)
1331 goto out;
1332 if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
1333 ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
1334 rc = -EIO;
1335 goto out;
1336 }
1337 if (rep_pl->data_len > *datasize) {
1338 ZCRYPT_DBF_ERR("%s mismatch reply data len / data buffer len\n",
1339 __func__);
1340 rc = -ENOSPC;
1341 goto out;
1342 }
1343
1344 /* copy the data from the cprb to the data buffer */
1345 memcpy(databuf, rep_pl->data, rep_pl->data_len);
1346 *datasize = rep_pl->data_len;
1347
1348 out:
1349 free_cprbmem(req, req_pl_size, true, xflags);
1350 free_cprbmem(rep, sizeof(struct wk_rep_pl), true, xflags);
1351 return rc;
1352 }
1353
ep11_clr2keyblob(u16 card,u16 domain,u32 keybitsize,u32 keygenflags,const u8 * clrkey,u8 * keybuf,u32 * keybufsize,u32 keytype,u32 xflags)1354 int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
1355 const u8 *clrkey, u8 *keybuf, u32 *keybufsize,
1356 u32 keytype, u32 xflags)
1357 {
1358 int rc;
1359 void *mem;
1360 u8 encbuf[64], *kek;
1361 size_t clrkeylen, keklen, encbuflen = sizeof(encbuf);
1362
1363 if (keybitsize == 128 || keybitsize == 192 || keybitsize == 256) {
1364 clrkeylen = keybitsize / 8;
1365 } else {
1366 ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
1367 __func__, keybitsize);
1368 return -EINVAL;
1369 }
1370
1371 /*
1372 * Allocate space for the temp kek.
1373 * Also we only need up to MAXEP11AESKEYBLOBSIZE bytes for this
1374 * we use the already existing cprb mempool to solve this
1375 * short term memory requirement.
1376 */
1377 mem = (xflags & ZCRYPT_XFLAG_NOMEMALLOC) ?
1378 mempool_alloc_preallocated(cprb_mempool) :
1379 mempool_alloc(cprb_mempool, GFP_KERNEL);
1380 if (!mem)
1381 return -ENOMEM;
1382 kek = (u8 *)mem;
1383 keklen = MAXEP11AESKEYBLOBSIZE;
1384
1385 /* Step 1: generate AES 256 bit random kek key */
1386 rc = _ep11_genaeskey(card, domain, 256,
1387 0x00006c00, /* EN/DECRYPT, WRAP/UNWRAP */
1388 kek, &keklen, xflags);
1389 if (rc) {
1390 ZCRYPT_DBF_ERR("%s generate kek key failed, rc=%d\n",
1391 __func__, rc);
1392 goto out;
1393 }
1394
1395 /* Step 2: encrypt clear key value with the kek key */
1396 rc = ep11_cryptsingle(card, domain, 0, 0, def_iv, kek, keklen,
1397 clrkey, clrkeylen, encbuf, &encbuflen, xflags);
1398 if (rc) {
1399 ZCRYPT_DBF_ERR("%s encrypting key value with kek key failed, rc=%d\n",
1400 __func__, rc);
1401 goto out;
1402 }
1403
1404 /* Step 3: import the encrypted key value as a new key */
1405 rc = ep11_unwrapkey(card, domain, kek, keklen,
1406 encbuf, encbuflen, 0, def_iv,
1407 keybitsize, keygenflags,
1408 keybuf, keybufsize,
1409 keytype, xflags);
1410 if (rc) {
1411 ZCRYPT_DBF_ERR("%s importing key value as new key failed, rc=%d\n",
1412 __func__, rc);
1413 goto out;
1414 }
1415
1416 out:
1417 mempool_free(mem, cprb_mempool);
1418 return rc;
1419 }
1420 EXPORT_SYMBOL(ep11_clr2keyblob);
1421
ep11_kblob2protkey(u16 card,u16 dom,const u8 * keyblob,u32 keybloblen,u8 * protkey,u32 * protkeylen,u32 * protkeytype,u32 xflags)1422 int ep11_kblob2protkey(u16 card, u16 dom,
1423 const u8 *keyblob, u32 keybloblen,
1424 u8 *protkey, u32 *protkeylen, u32 *protkeytype,
1425 u32 xflags)
1426 {
1427 struct ep11kblob_header *hdr;
1428 struct ep11keyblob *key;
1429 size_t wkbuflen, keylen;
1430 struct wk_info {
1431 u16 version;
1432 u8 res1[16];
1433 u32 pkeytype;
1434 u32 pkeybitsize;
1435 u64 pkeysize;
1436 u8 res2[8];
1437 u8 pkey[];
1438 } __packed * wki;
1439 u8 *wkbuf = NULL;
1440 int rc = -EIO;
1441
1442 if (ep11_kb_decode((u8 *)keyblob, keybloblen, &hdr, NULL, &key, &keylen))
1443 return -EINVAL;
1444
1445 if (hdr->version == TOKVER_EP11_AES) {
1446 /* wipe overlayed header */
1447 memset(hdr, 0, sizeof(*hdr));
1448 }
1449 /* !!! hdr is no longer a valid header !!! */
1450
1451 /* need a temp working buffer */
1452 wkbuflen = (keylen + AES_BLOCK_SIZE) & (~(AES_BLOCK_SIZE - 1));
1453 if (wkbuflen > CPRB_MEMPOOL_ITEM_SIZE) {
1454 /* this should never happen */
1455 rc = -ENOMEM;
1456 ZCRYPT_DBF_WARN("%s wkbuflen %d > cprb mempool item size %d, rc=%d\n",
1457 __func__, (int)wkbuflen, CPRB_MEMPOOL_ITEM_SIZE, rc);
1458 return rc;
1459 }
1460 /* use the cprb mempool to satisfy this short term mem allocation */
1461 wkbuf = (xflags & ZCRYPT_XFLAG_NOMEMALLOC) ?
1462 mempool_alloc_preallocated(cprb_mempool) :
1463 mempool_alloc(cprb_mempool, GFP_ATOMIC);
1464 if (!wkbuf) {
1465 rc = -ENOMEM;
1466 ZCRYPT_DBF_WARN("%s allocating tmp buffer via cprb mempool failed, rc=%d\n",
1467 __func__, rc);
1468 return rc;
1469 }
1470
1471 /* ep11 secure key -> protected key + info */
1472 rc = _ep11_wrapkey(card, dom, (u8 *)key, keylen,
1473 0, def_iv, wkbuf, &wkbuflen, xflags);
1474 if (rc) {
1475 ZCRYPT_DBF_ERR("%s rewrapping ep11 key to pkey failed, rc=%d\n",
1476 __func__, rc);
1477 goto out;
1478 }
1479 wki = (struct wk_info *)wkbuf;
1480
1481 /* check struct version and pkey type */
1482 if (wki->version != 1 || wki->pkeytype < 1 || wki->pkeytype > 5) {
1483 ZCRYPT_DBF_ERR("%s wk info version %d or pkeytype %d mismatch.\n",
1484 __func__, (int)wki->version, (int)wki->pkeytype);
1485 rc = -EIO;
1486 goto out;
1487 }
1488
1489 /* check protected key type field */
1490 switch (wki->pkeytype) {
1491 case 1: /* AES */
1492 switch (wki->pkeysize) {
1493 case 16 + 32:
1494 /* AES 128 protected key */
1495 if (protkeytype)
1496 *protkeytype = PKEY_KEYTYPE_AES_128;
1497 break;
1498 case 24 + 32:
1499 /* AES 192 protected key */
1500 if (protkeytype)
1501 *protkeytype = PKEY_KEYTYPE_AES_192;
1502 break;
1503 case 32 + 32:
1504 /* AES 256 protected key */
1505 if (protkeytype)
1506 *protkeytype = PKEY_KEYTYPE_AES_256;
1507 break;
1508 default:
1509 ZCRYPT_DBF_ERR("%s unknown/unsupported AES pkeysize %d\n",
1510 __func__, (int)wki->pkeysize);
1511 rc = -EIO;
1512 goto out;
1513 }
1514 break;
1515 case 3: /* EC-P */
1516 case 4: /* EC-ED */
1517 case 5: /* EC-BP */
1518 if (protkeytype)
1519 *protkeytype = PKEY_KEYTYPE_ECC;
1520 break;
1521 case 2: /* TDES */
1522 default:
1523 ZCRYPT_DBF_ERR("%s unknown/unsupported key type %d\n",
1524 __func__, (int)wki->pkeytype);
1525 rc = -EIO;
1526 goto out;
1527 }
1528
1529 /* copy the translated protected key */
1530 if (wki->pkeysize > *protkeylen) {
1531 ZCRYPT_DBF_ERR("%s wk info pkeysize %llu > protkeysize %u\n",
1532 __func__, wki->pkeysize, *protkeylen);
1533 rc = -EINVAL;
1534 goto out;
1535 }
1536 memcpy(protkey, wki->pkey, wki->pkeysize);
1537 *protkeylen = wki->pkeysize;
1538
1539 out:
1540 mempool_free(wkbuf, cprb_mempool);
1541 return rc;
1542 }
1543 EXPORT_SYMBOL(ep11_kblob2protkey);
1544
ep11_findcard2(u32 * apqns,u32 * nr_apqns,u16 cardnr,u16 domain,int minhwtype,int minapi,const u8 * wkvp,u32 xflags)1545 int ep11_findcard2(u32 *apqns, u32 *nr_apqns, u16 cardnr, u16 domain,
1546 int minhwtype, int minapi, const u8 *wkvp, u32 xflags)
1547 {
1548 struct zcrypt_device_status_ext *device_status;
1549 struct ep11_domain_info edi;
1550 struct ep11_card_info eci;
1551 u32 _nr_apqns = 0;
1552 int i, card, dom;
1553
1554 /* occupy the device status memory */
1555 mutex_lock(&dev_status_mem_mutex);
1556 memset(dev_status_mem, 0, ZCRYPT_DEV_STATUS_EXT_SIZE);
1557 device_status = (struct zcrypt_device_status_ext *)dev_status_mem;
1558
1559 /* fetch crypto device status into this struct */
1560 zcrypt_device_status_mask_ext(device_status,
1561 ZCRYPT_DEV_STATUS_CARD_MAX,
1562 ZCRYPT_DEV_STATUS_QUEUE_MAX);
1563
1564 /* walk through all the crypto apqnss */
1565 for (i = 0; i < ZCRYPT_DEV_STATUS_ENTRIES; i++) {
1566 card = AP_QID_CARD(device_status[i].qid);
1567 dom = AP_QID_QUEUE(device_status[i].qid);
1568 /* check online state */
1569 if (!device_status[i].online)
1570 continue;
1571 /* check for ep11 functions */
1572 if (!(device_status[i].functions & 0x01))
1573 continue;
1574 /* check cardnr */
1575 if (cardnr != 0xFFFF && card != cardnr)
1576 continue;
1577 /* check domain */
1578 if (domain != 0xFFFF && dom != domain)
1579 continue;
1580 /* check min hardware type */
1581 if (minhwtype && device_status[i].hwtype < minhwtype)
1582 continue;
1583 /* check min api version if given */
1584 if (minapi > 0) {
1585 if (ep11_get_card_info(card, &eci, xflags))
1586 continue;
1587 if (minapi > eci.API_ord_nr)
1588 continue;
1589 }
1590 /* check wkvp if given */
1591 if (wkvp) {
1592 if (ep11_get_domain_info(card, dom, &edi, xflags))
1593 continue;
1594 if (edi.cur_wk_state != '1')
1595 continue;
1596 if (memcmp(wkvp, edi.cur_wkvp, 16))
1597 continue;
1598 }
1599 /* apqn passed all filtering criterons, add to the array */
1600 if (_nr_apqns < *nr_apqns)
1601 apqns[_nr_apqns++] = (((u16)card) << 16) | ((u16)dom);
1602 }
1603
1604 *nr_apqns = _nr_apqns;
1605
1606 mutex_unlock(&dev_status_mem_mutex);
1607
1608 return _nr_apqns ? 0 : -ENODEV;
1609 }
1610 EXPORT_SYMBOL(ep11_findcard2);
1611
zcrypt_ep11misc_init(void)1612 int __init zcrypt_ep11misc_init(void)
1613 {
1614 /* Pre-allocate a small memory pool for ep11 cprbs. */
1615 cprb_mempool = mempool_create_kmalloc_pool(2 * zcrypt_mempool_threshold,
1616 CPRB_MEMPOOL_ITEM_SIZE);
1617 if (!cprb_mempool)
1618 return -ENOMEM;
1619
1620 /* Pre-allocate one crypto status card struct used in ep11_findcard2() */
1621 dev_status_mem = kvmalloc(ZCRYPT_DEV_STATUS_EXT_SIZE, GFP_KERNEL);
1622 if (!dev_status_mem) {
1623 mempool_destroy(cprb_mempool);
1624 return -ENOMEM;
1625 }
1626
1627 return 0;
1628 }
1629
zcrypt_ep11misc_exit(void)1630 void zcrypt_ep11misc_exit(void)
1631 {
1632 mutex_lock(&dev_status_mem_mutex);
1633 kvfree(dev_status_mem);
1634 mutex_unlock(&dev_status_mem_mutex);
1635 mempool_destroy(cprb_mempool);
1636 }
1637