1 /* SPDX-License-Identifier: GPL-2.0+ */
2 /*
3 * Copyright IBM Corp. 2019
4 * Author(s): Harald Freudenberger <freude@linux.ibm.com>
5 * Ingo Franzki <ifranzki@linux.ibm.com>
6 *
7 * Collection of CCA misc functions used by zcrypt and pkey
8 */
9
10 #ifndef _ZCRYPT_CCAMISC_H_
11 #define _ZCRYPT_CCAMISC_H_
12
13 #include <asm/zcrypt.h>
14 #include <asm/pkey.h>
15
16 /* Key token types */
17 #define TOKTYPE_NON_CCA 0x00 /* Non-CCA key token */
18 #define TOKTYPE_CCA_INTERNAL 0x01 /* CCA internal key token */
19
20 /* For TOKTYPE_NON_CCA: */
21 #define TOKVER_PROTECTED_KEY 0x01 /* Protected key token */
22
23 /* For TOKTYPE_CCA_INTERNAL: */
24 #define TOKVER_CCA_AES 0x04 /* CCA AES key token */
25 #define TOKVER_CCA_VLSC 0x05 /* var length sym cipher key token */
26
27 /* Max size of a cca variable length cipher key token */
28 #define MAXCCAVLSCTOKENSIZE 725
29
30 /* header part of a CCA key token */
31 struct keytoken_header {
32 u8 type; /* one of the TOKTYPE values */
33 u8 res0[1];
34 u16 len; /* vlsc token: total length in bytes */
35 u8 version; /* one of the TOKVER values */
36 u8 res1[3];
37 } __packed;
38
39 /* inside view of a CCA secure key token (only type 0x01 version 0x04) */
40 struct secaeskeytoken {
41 u8 type; /* 0x01 for internal key token */
42 u8 res0[3];
43 u8 version; /* should be 0x04 */
44 u8 res1[1];
45 u8 flag; /* key flags */
46 u8 res2[1];
47 u64 mkvp; /* master key verification pattern */
48 u8 key[32]; /* key value (encrypted) */
49 u8 cv[8]; /* control vector */
50 u16 bitsize; /* key bit size */
51 u16 keysize; /* key byte size */
52 u8 tvv[4]; /* token validation value */
53 } __packed;
54
55 /* inside view of a variable length symmetric cipher AES key token */
56 struct cipherkeytoken {
57 u8 type; /* 0x01 for internal key token */
58 u8 res0[1];
59 u16 len; /* total key token length in bytes */
60 u8 version; /* should be 0x05 */
61 u8 res1[3];
62 u8 kms; /* key material state, 0x03 means wrapped with MK */
63 u8 kvpt; /* key verification pattern type, should be 0x01 */
64 u64 mkvp0; /* master key verification pattern, lo part */
65 u64 mkvp1; /* master key verification pattern, hi part (unused) */
66 u8 eskwm; /* encrypted section key wrapping method */
67 u8 hashalg; /* hash algorithmus used for wrapping key */
68 u8 plfver; /* pay load format version */
69 u8 res2[1];
70 u8 adsver; /* associated data section version */
71 u8 res3[1];
72 u16 adslen; /* associated data section length */
73 u8 kllen; /* optional key label length */
74 u8 ieaslen; /* optional extended associated data length */
75 u8 uadlen; /* optional user definable associated data length */
76 u8 res4[1];
77 u16 wpllen; /* wrapped payload length in bits: */
78 /* plfver 0x00 0x01 */
79 /* AES-128 512 640 */
80 /* AES-192 576 640 */
81 /* AES-256 640 640 */
82 u8 res5[1];
83 u8 algtype; /* 0x02 for AES cipher */
84 u16 keytype; /* 0x0001 for 'cipher' */
85 u8 kufc; /* key usage field count */
86 u16 kuf1; /* key usage field 1 */
87 u16 kuf2; /* key usage field 2 */
88 u8 kmfc; /* key management field count */
89 u16 kmf1; /* key management field 1 */
90 u16 kmf2; /* key management field 2 */
91 u16 kmf3; /* key management field 3 */
92 u8 vdata[0]; /* variable part data follows */
93 } __packed;
94
95 /* Some defines for the CCA AES cipherkeytoken kmf1 field */
96 #define KMF1_XPRT_SYM 0x8000
97 #define KMF1_XPRT_UASY 0x4000
98 #define KMF1_XPRT_AASY 0x2000
99 #define KMF1_XPRT_RAW 0x1000
100 #define KMF1_XPRT_CPAC 0x0800
101 #define KMF1_XPRT_DES 0x0080
102 #define KMF1_XPRT_AES 0x0040
103 #define KMF1_XPRT_RSA 0x0008
104
105 /*
106 * Simple check if the token is a valid CCA secure AES data key
107 * token. If keybitsize is given, the bitsize of the key is
108 * also checked. Returns 0 on success or errno value on failure.
109 */
110 int cca_check_secaeskeytoken(debug_info_t *dbg, int dbflvl,
111 const u8 *token, int keybitsize);
112
113 /*
114 * Simple check if the token is a valid CCA secure AES cipher key
115 * token. If keybitsize is given, the bitsize of the key is
116 * also checked. If checkcpacfexport is enabled, the key is also
117 * checked for the export flag to allow CPACF export.
118 * Returns 0 on success or errno value on failure.
119 */
120 int cca_check_secaescipherkey(debug_info_t *dbg, int dbflvl,
121 const u8 *token, int keybitsize,
122 int checkcpacfexport);
123
124 /*
125 * Generate (random) CCA AES DATA secure key.
126 */
127 int cca_genseckey(u16 cardnr, u16 domain, u32 keybitsize, u8 *seckey);
128
129 /*
130 * Generate CCA AES DATA secure key with given clear key value.
131 */
132 int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize,
133 const u8 *clrkey, u8 *seckey);
134
135 /*
136 * Derive proteced key from an CCA AES DATA secure key.
137 */
138 int cca_sec2protkey(u16 cardnr, u16 domain,
139 const u8 seckey[SECKEYBLOBSIZE],
140 u8 *protkey, u32 *protkeylen, u32 *protkeytype);
141
142 /*
143 * Generate (random) CCA AES CIPHER secure key.
144 */
145 int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags,
146 u8 *keybuf, size_t *keybufsize);
147
148 /*
149 * Derive proteced key from CCA AES cipher secure key.
150 */
151 int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
152 u8 *protkey, u32 *protkeylen, u32 *protkeytype);
153
154 /*
155 * Build CCA AES CIPHER secure key with a given clear key value.
156 */
157 int cca_clr2cipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags,
158 const u8 *clrkey, u8 *keybuf, size_t *keybufsize);
159
160 /*
161 * Query cryptographic facility from CCA adapter
162 */
163 int cca_query_crypto_facility(u16 cardnr, u16 domain,
164 const char *keyword,
165 u8 *rarray, size_t *rarraylen,
166 u8 *varray, size_t *varraylen);
167
168 /*
169 * Search for a matching crypto card based on the Master Key
170 * Verification Pattern provided inside a secure key.
171 * Works with CCA AES data and cipher keys.
172 * Returns < 0 on failure, 0 if CURRENT MKVP matches and
173 * 1 if OLD MKVP matches.
174 */
175 int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify);
176
177 /*
178 * Build a list of cca apqns meeting the following constrains:
179 * - apqn is online and is in fact a CCA apqn
180 * - if cardnr is not FFFF only apqns with this cardnr
181 * - if domain is not FFFF only apqns with this domainnr
182 * - if minhwtype > 0 only apqns with hwtype >= minhwtype
183 * - if cur_mkvp != 0 only apqns where cur_mkvp == mkvp
184 * - if old_mkvp != 0 only apqns where old_mkvp == mkvp
185 * - if verify is enabled and a cur_mkvp and/or old_mkvp
186 * value is given, then refetch the cca_info and make sure the current
187 * cur_mkvp or old_mkvp values of the apqn are used.
188 * The array of apqn entries is allocated with kmalloc and returned in *apqns;
189 * the number of apqns stored into the list is returned in *nr_apqns. One apqn
190 * entry is simple a 32 bit value with 16 bit cardnr and 16 bit domain nr and
191 * may be casted to struct pkey_apqn. The return value is either 0 for success
192 * or a negative errno value. If no apqn meeting the criterias is found,
193 * -ENODEV is returned.
194 */
195 int cca_findcard2(u32 **apqns, u32 *nr_apqns, u16 cardnr, u16 domain,
196 int minhwtype, u64 cur_mkvp, u64 old_mkvp, int verify);
197
198 /* struct to hold info for each CCA queue */
199 struct cca_info {
200 int hwtype; /* one of the defined AP_DEVICE_TYPE_* */
201 char new_mk_state; /* '1' empty, '2' partially full, '3' full */
202 char cur_mk_state; /* '1' invalid, '2' valid */
203 char old_mk_state; /* '1' invalid, '2' valid */
204 u64 new_mkvp; /* truncated sha256 hash of new master key */
205 u64 cur_mkvp; /* truncated sha256 hash of current master key */
206 u64 old_mkvp; /* truncated sha256 hash of old master key */
207 char serial[9]; /* serial number string (8 ascii numbers + 0x00) */
208 };
209
210 /*
211 * Fetch cca information about an CCA queue.
212 */
213 int cca_get_info(u16 card, u16 dom, struct cca_info *ci, int verify);
214
215 void zcrypt_ccamisc_exit(void);
216
217 #endif /* _ZCRYPT_CCAMISC_H_ */