s390/pkey: Define protected key blob format

Define a new protected key blob format. Protected key blobs use a type of 0x00, to be distinguished from other CCA key blobs. CCA defines type 0x00 as NULL key blob, but pkey will never use NULL keys anyway, so it is save to reuse this type. Using another so far undefined type value would introduce the risk that sometimes in the future CCA defines this so far unassigned type for a future key blob. Also add defines for the key token types and versions, and use them instead of hard coded hex values. Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Harald Freudenberger <freude@linux.ibm.com> Reviewed-by: Hendrik Brueckner <brueckner@linux.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>

s390/pkey: Define protected key blob format
Define a new protected key blob format. Protected key blobs use a type of 0x00, to be distinguished from other CCA key blobs. CCA defines type 0x00 as NULL key blob, but pkey will never use NULL keys anyway, so it is save to reuse this type. Using another so far undefined type value would introduce the risk that sometimes in the future CCA defines this so far unassigned type for a future key blob. Also add defines for the key token types and versions, and use them instead of hard coded hex values. Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Harald Freudenberger <freude@linux.ibm.com> Reviewed-by: Hendrik Brueckner <brueckner@linux.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
0534bde7 · Ingo Franzki · Martin Schwidefsky · a45a5c7d · 0534bde7
Commit 0534bde7 authored Aug 23, 2018 by Ingo Franzki Committed by Martin Schwidefsky Oct 09, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 27 additions and 6 deletions

drivers/s390/crypto/pkey_api.c drivers/s390/crypto/pkey_api.c +27 -6

No files found.
--- a/drivers/s390/crypto/pkey_api.c
+++ b/drivers/s390/crypto/pkey_api.c
@@ -56,6 +56,16 @@ static void __exit pkey_debug_exit(void)
 	debug_unregister(debug_info);
 }

+/* Key token types */
+#define TOKTYPE_NON_CCA		0x00 /* Non-CCA key token */
+#define TOKTYPE_CCA_INTERNAL	0x01 /* CCA internal key token */
+
+/* For TOKTYPE_NON_CCA: */
+#define TOKVER_PROTECTED_KEY	0x01 /* Protected key token */
+
+/* For TOKTYPE_CCA_INTERNAL: */
+#define TOKVER_CCA_AES		0x04 /* CCA AES key token */
+
 /* inside view of a secure key token (only type 0x01 version 0x04) */
 struct secaeskeytoken {
 	u8  type;     /* 0x01 for internal key token */
@@ -72,6 +82,17 @@ struct secaeskeytoken {
 	u8  tvv[4];   /* token validation value */
 } __packed;

+/* inside view of a protected key token (only type 0x00 version 0x01) */
+struct protaeskeytoken {
+	u8  type;     /* 0x00 for PAES specific key tokens */
+	u8  res0[3];
+	u8  version;  /* should be 0x01 for protected AES key token */
+	u8  res1[3];
+	u32 keytype;  /* key type, one of the PKEY_KEYTYPE values */
+	u32 len;      /* bytes actually stored in protkey[] */
+	u8  protkey[MAXPROTKEYSIZE]; /* the protected key blob */
+} __packed;
+
 /*
 * Simple check if the token is a valid CCA secure AES key
 * token. If keybitsize is given, the bitsize of the key is
@@ -81,16 +102,16 @@ static int check_secaeskeytoken(const u8 *token, int keybitsize)
 {
 	struct secaeskeytoken *t = (struct secaeskeytoken *) token;

-	if (t->type != 0x01) {
+	if (t->type != TOKTYPE_CCA_INTERNAL) {
 		DEBUG_ERR(
-			"%s secure token check failed, type mismatch 0x%02x != 0x01\n",
-			__func__, (int) t->type);
+			"%s secure token check failed, type mismatch 0x%02x != 0x%02x\n",
+			__func__, (int) t->type, TOKTYPE_CCA_INTERNAL);
 		return -EINVAL;
 	}
-	if (t->version != 0x04) {
+	if (t->version != TOKVER_CCA_AES) {
 		DEBUG_ERR(
-			"%s secure token check failed, version mismatch 0x%02x != 0x04\n",
-			__func__, (int) t->version);
+			"%s secure token check failed, version mismatch 0x%02x != 0x%02x\n",
+			__func__, (int) t->version, TOKVER_CCA_AES);
 		return -EINVAL;
 	}
 	if (keybitsize > 0 && t->bitsize != keybitsize) {