aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/s390/crypto/zcrypt_ccamisc.c
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/s390/crypto/zcrypt_ccamisc.c')
-rw-r--r--drivers/s390/crypto/zcrypt_ccamisc.c58
1 files changed, 34 insertions, 24 deletions
diff --git a/drivers/s390/crypto/zcrypt_ccamisc.c b/drivers/s390/crypto/zcrypt_ccamisc.c
index 88c5f4a56be7..3b2d3705d2db 100644
--- a/drivers/s390/crypto/zcrypt_ccamisc.c
+++ b/drivers/s390/crypto/zcrypt_ccamisc.c
@@ -270,7 +270,7 @@ static inline int _zcrypt_send_cprb(struct ica_xcRB *xcrb)
* Generate (random) CCA AES DATA secure key.
*/
int cca_genseckey(u16 cardnr, u16 domain,
- u32 keytype, u8 seckey[SECKEYBLOBSIZE])
+ u32 keybitsize, u8 seckey[SECKEYBLOBSIZE])
{
int i, rc, keysize;
int seckeysize;
@@ -325,22 +325,25 @@ int cca_genseckey(u16 cardnr, u16 domain,
preqparm->rule_array_len = sizeof(preqparm->rule_array_len);
preqparm->lv1.len = sizeof(struct lv1);
memcpy(preqparm->lv1.key_form, "OP ", 8);
- switch (keytype) {
- case PKEY_KEYTYPE_AES_128:
+ switch (keybitsize) {
+ case PKEY_SIZE_AES_128:
+ case PKEY_KEYTYPE_AES_128: /* older ioctls used this */
keysize = 16;
memcpy(preqparm->lv1.key_length, "KEYLN16 ", 8);
break;
- case PKEY_KEYTYPE_AES_192:
+ case PKEY_SIZE_AES_192:
+ case PKEY_KEYTYPE_AES_192: /* older ioctls used this */
keysize = 24;
memcpy(preqparm->lv1.key_length, "KEYLN24 ", 8);
break;
- case PKEY_KEYTYPE_AES_256:
+ case PKEY_SIZE_AES_256:
+ case PKEY_KEYTYPE_AES_256: /* older ioctls used this */
keysize = 32;
memcpy(preqparm->lv1.key_length, "KEYLN32 ", 8);
break;
default:
- DEBUG_ERR("%s unknown/unsupported keytype %d\n",
- __func__, keytype);
+ DEBUG_ERR("%s unknown/unsupported keybitsize %d\n",
+ __func__, keybitsize);
rc = -EINVAL;
goto out;
}
@@ -408,7 +411,7 @@ EXPORT_SYMBOL(cca_genseckey);
/*
* Generate an CCA AES DATA secure key with given key value.
*/
-int cca_clr2seckey(u16 cardnr, u16 domain, u32 keytype,
+int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize,
const u8 *clrkey, u8 seckey[SECKEYBLOBSIZE])
{
int rc, keysize, seckeysize;
@@ -462,19 +465,22 @@ int cca_clr2seckey(u16 cardnr, u16 domain, u32 keytype,
memcpy(preqparm->rule_array, "AES ", 8);
preqparm->rule_array_len =
sizeof(preqparm->rule_array_len) + sizeof(preqparm->rule_array);
- switch (keytype) {
- case PKEY_KEYTYPE_AES_128:
+ switch (keybitsize) {
+ case PKEY_SIZE_AES_128:
+ case PKEY_KEYTYPE_AES_128: /* older ioctls used this */
keysize = 16;
break;
- case PKEY_KEYTYPE_AES_192:
+ case PKEY_SIZE_AES_192:
+ case PKEY_KEYTYPE_AES_192: /* older ioctls used this */
keysize = 24;
break;
- case PKEY_KEYTYPE_AES_256:
+ case PKEY_SIZE_AES_256:
+ case PKEY_KEYTYPE_AES_256: /* older ioctls used this */
keysize = 32;
break;
default:
- DEBUG_ERR("%s unknown/unsupported keytype %d\n",
- __func__, keytype);
+ DEBUG_ERR("%s unknown/unsupported keybitsize %d\n",
+ __func__, keybitsize);
rc = -EINVAL;
goto out;
}
@@ -545,8 +551,7 @@ EXPORT_SYMBOL(cca_clr2seckey);
*/
int cca_sec2protkey(u16 cardnr, u16 domain,
const u8 seckey[SECKEYBLOBSIZE],
- u8 *protkey, u32 *protkeylen,
- u32 *keytype)
+ u8 *protkey, u32 *protkeylen, u32 *protkeytype)
{
int rc;
u8 *mem;
@@ -656,21 +661,21 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
switch (prepparm->lv3.keyblock.len) {
case 16+32:
/* AES 128 protected key */
- if (keytype)
- *keytype = PKEY_KEYTYPE_AES_128;
+ if (protkeytype)
+ *protkeytype = PKEY_KEYTYPE_AES_128;
break;
case 24+32:
/* AES 192 protected key */
- if (keytype)
- *keytype = PKEY_KEYTYPE_AES_192;
+ if (protkeytype)
+ *protkeytype = PKEY_KEYTYPE_AES_192;
break;
case 32+32:
/* AES 256 protected key */
- if (keytype)
- *keytype = PKEY_KEYTYPE_AES_256;
+ if (protkeytype)
+ *protkeytype = PKEY_KEYTYPE_AES_256;
break;
default:
- DEBUG_ERR("%s unknown/unsupported keytype %d\n",
+ DEBUG_ERR("%s unknown/unsupported keylen %d\n",
__func__, prepparm->lv3.keyblock.len);
rc = -EIO;
goto out;
@@ -1645,6 +1650,7 @@ static int findcard(u64 mkvp, u16 *pcardnr, u16 *pdomain,
int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify)
{
u64 mkvp;
+ int minhwtype = 0;
const struct keytoken_header *hdr = (struct keytoken_header *) key;
if (hdr->type != TOKTYPE_CCA_INTERNAL)
@@ -1654,11 +1660,15 @@ int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify)
case TOKVER_CCA_AES:
mkvp = ((struct secaeskeytoken *)key)->mkvp;
break;
+ case TOKVER_CCA_VLSC:
+ mkvp = ((struct cipherkeytoken *)key)->mkvp0;
+ minhwtype = AP_DEVICE_TYPE_CEX6;
+ break;
default:
return -EINVAL;
}
- return findcard(mkvp, pcardnr, pdomain, verify, 0);
+ return findcard(mkvp, pcardnr, pdomain, verify, minhwtype);
}
EXPORT_SYMBOL(cca_findcard);
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.