hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

s390/zcrypt: Support for CCA protected key block version 2 

There will come a new CCA keyblock version 2 for protected keys
delivered back to the OS. The difference is only the amount of
available buffer space to be up to 256 bytes for version 2.

Signed-off-by: Harald Freudenberger <freude@linux.ibm.com>
Signed-off-by: Vasily Gorbik <gor@linux.ibm.com>
This commit is contained in:
Harald Freudenberger 2020-02-07 09:05:56 +01:00 committed by Vasily Gorbik
parent 0d6f1693f2
commit c4f762ff6b
1 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
drivers/s390/crypto/zcrypt_ccamisc.c
View File

@ -592,7 +592,7 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
u8 pad2[1]; u8 pad2[1];
u8 vptype; u8 vptype;
u8 vp[32]; /* verification pattern */ u8 vp[32]; /* verification pattern */
} keyblock; } ckb;
} lv3; } lv3;
} __packed * prepparm; } __packed * prepparm;
@ -650,15 +650,16 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
prepparm = (struct uskrepparm *) prepcblk->rpl_parmb; prepparm = (struct uskrepparm *) prepcblk->rpl_parmb;
/* check the returned keyblock */ /* check the returned keyblock */
if (prepparm->lv3.keyblock.version != 0x01) { if (prepparm->lv3.ckb.version != 0x01 &&
DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x != 0x01\n", prepparm->lv3.ckb.version != 0x02) {
__func__, (int) prepparm->lv3.keyblock.version); DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n",
__func__, (int) prepparm->lv3.ckb.version);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
/* copy the tanslated protected key */ /* copy the tanslated protected key */
switch (prepparm->lv3.keyblock.len) { switch (prepparm->lv3.ckb.len) {
case 16+32: case 16+32:
/* AES 128 protected key */ /* AES 128 protected key */
if (protkeytype) if (protkeytype)
@ -676,13 +677,13 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
break; break;
default: default:
DEBUG_ERR("%s unknown/unsupported keylen %d\n", DEBUG_ERR("%s unknown/unsupported keylen %d\n",
__func__, prepparm->lv3.keyblock.len); __func__, prepparm->lv3.ckb.len);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
memcpy(protkey, prepparm->lv3.keyblock.key, prepparm->lv3.keyblock.len); memcpy(protkey, prepparm->lv3.ckb.key, prepparm->lv3.ckb.len);
if (protkeylen) if (protkeylen)
*protkeylen = prepparm->lv3.keyblock.len; *protkeylen = prepparm->lv3.ckb.len;
out: out:
free_cprbmem(mem, PARMBSIZE, 0); free_cprbmem(mem, PARMBSIZE, 0);
@ -1260,10 +1261,10 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
prepparm = (struct aurepparm *) prepcblk->rpl_parmb; prepparm = (struct aurepparm *) prepcblk->rpl_parmb;
/* check the returned keyblock */ /* check the returned keyblock */
if (prepparm->vud.ckb.version != 0x01) { if (prepparm->vud.ckb.version != 0x01 &&
DEBUG_ERR( prepparm->vud.ckb.version != 0x02) {
"%s reply param keyblock version mismatch 0x%02x != 0x01\n", DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n",
__func__, (int) prepparm->vud.ckb.version); __func__, (int) prepparm->vud.ckb.version);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }