Skip to content

Commit

Permalink
s390/zcrypt: Support for CCA protected key block version 2
Browse files Browse the repository at this point in the history 
There will come a new CCA keyblock version 2 for protected keys
delivered back to the OS. The difference is only the amount of
available buffer space to be up to 256 bytes for version 2.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
  • Loading branch information
Harald Freudenberger authored and Vasily Gorbik committed Feb 17, 2020
1 parent 0d6f169 commit c4f762f
Showing 1 changed file with 13 additions and 12 deletions.
25 changes: 13 additions & 12 deletions drivers/s390/crypto/zcrypt_ccamisc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -592,7 +592,7 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
u8 pad2[1];
u8 vptype;
u8 vp[32]; /* verification pattern */
} keyblock;
} ckb;
} lv3;
} __packed * prepparm;

Expand Down Expand Up @@ -650,15 +650,16 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
prepparm = (struct uskrepparm *) prepcblk->rpl_parmb;

/* check the returned keyblock */
if (prepparm->lv3.keyblock.version != 0x01) {
DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x != 0x01\n",
__func__, (int) prepparm->lv3.keyblock.version);
if (prepparm->lv3.ckb.version != 0x01 &&
prepparm->lv3.ckb.version != 0x02) {
DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n",
__func__, (int) prepparm->lv3.ckb.version);
rc = -EIO;
goto out;
}

/* copy the tanslated protected key */
switch (prepparm->lv3.keyblock.len) {
switch (prepparm->lv3.ckb.len) {
case 16+32:
/* AES 128 protected key */
if (protkeytype)
Expand All @@ -676,13 +677,13 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
break;
default:
DEBUG_ERR("%s unknown/unsupported keylen %d\n",
__func__, prepparm->lv3.keyblock.len);
__func__, prepparm->lv3.ckb.len);
rc = -EIO;
goto out;
}
memcpy(protkey, prepparm->lv3.keyblock.key, prepparm->lv3.keyblock.len);
memcpy(protkey, prepparm->lv3.ckb.key, prepparm->lv3.ckb.len);
if (protkeylen)
*protkeylen = prepparm->lv3.keyblock.len;
*protkeylen = prepparm->lv3.ckb.len;

out:
free_cprbmem(mem, PARMBSIZE, 0);
Expand Down Expand Up @@ -1260,10 +1261,10 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
prepparm = (struct aurepparm *) prepcblk->rpl_parmb;

/* check the returned keyblock */
if (prepparm->vud.ckb.version != 0x01) {
DEBUG_ERR(
"%s reply param keyblock version mismatch 0x%02x != 0x01\n",
__func__, (int) prepparm->vud.ckb.version);
if (prepparm->vud.ckb.version != 0x01 &&
prepparm->vud.ckb.version != 0x02) {
DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n",
__func__, (int) prepparm->vud.ckb.version);
rc = -EIO;
goto out;
}
Expand Down

0 comments on commit c4f762f

Please sign in to comment.