zcrypt_cca_key.h 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349
  1. /*
  2. * zcrypt 2.1.0
  3. *
  4. * Copyright IBM Corp. 2001, 2006
  5. * Author(s): Robert Burroughs
  6. * Eric Rossman (edrossma@us.ibm.com)
  7. *
  8. * Hotplug & misc device support: Jochen Roehrig (roehrig@de.ibm.com)
  9. * Major cleanup & driver split: Martin Schwidefsky <schwidefsky@de.ibm.com>
  10. *
  11. * This program is free software; you can redistribute it and/or modify
  12. * it under the terms of the GNU General Public License as published by
  13. * the Free Software Foundation; either version 2, or (at your option)
  14. * any later version.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU General Public License
  22. * along with this program; if not, write to the Free Software
  23. * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  24. */
  25. #ifndef _ZCRYPT_CCA_KEY_H_
  26. #define _ZCRYPT_CCA_KEY_H_
  27. struct T6_keyBlock_hdr {
  28. unsigned short blen;
  29. unsigned short ulen;
  30. unsigned short flags;
  31. };
  32. /**
  33. * mapping for the cca private ME key token.
  34. * Three parts of interest here: the header, the private section and
  35. * the public section.
  36. *
  37. * mapping for the cca key token header
  38. */
  39. struct cca_token_hdr {
  40. unsigned char token_identifier;
  41. unsigned char version;
  42. unsigned short token_length;
  43. unsigned char reserved[4];
  44. } __attribute__((packed));
  45. #define CCA_TKN_HDR_ID_EXT 0x1E
  46. /**
  47. * mapping for the cca private ME section
  48. */
  49. struct cca_private_ext_ME_sec {
  50. unsigned char section_identifier;
  51. unsigned char version;
  52. unsigned short section_length;
  53. unsigned char private_key_hash[20];
  54. unsigned char reserved1[4];
  55. unsigned char key_format;
  56. unsigned char reserved2;
  57. unsigned char key_name_hash[20];
  58. unsigned char key_use_flags[4];
  59. unsigned char reserved3[6];
  60. unsigned char reserved4[24];
  61. unsigned char confounder[24];
  62. unsigned char exponent[128];
  63. unsigned char modulus[128];
  64. } __attribute__((packed));
  65. #define CCA_PVT_USAGE_ALL 0x80
  66. /**
  67. * mapping for the cca public section
  68. * In a private key, the modulus doesn't appear in the public
  69. * section. So, an arbitrary public exponent of 0x010001 will be
  70. * used, for a section length of 0x0F always.
  71. */
  72. struct cca_public_sec {
  73. unsigned char section_identifier;
  74. unsigned char version;
  75. unsigned short section_length;
  76. unsigned char reserved[2];
  77. unsigned short exponent_len;
  78. unsigned short modulus_bit_len;
  79. unsigned short modulus_byte_len; /* In a private key, this is 0 */
  80. } __attribute__((packed));
  81. /**
  82. * mapping for the cca private CRT key 'token'
  83. * The first three parts (the only parts considered in this release)
  84. * are: the header, the private section and the public section.
  85. * The header and public section are the same as for the
  86. * struct cca_private_ext_ME
  87. *
  88. * Following the structure are the quantities p, q, dp, dq, u, pad,
  89. * and modulus, in that order, where pad_len is the modulo 8
  90. * complement of the residue modulo 8 of the sum of
  91. * (p_len + q_len + dp_len + dq_len + u_len).
  92. */
  93. struct cca_pvt_ext_CRT_sec {
  94. unsigned char section_identifier;
  95. unsigned char version;
  96. unsigned short section_length;
  97. unsigned char private_key_hash[20];
  98. unsigned char reserved1[4];
  99. unsigned char key_format;
  100. unsigned char reserved2;
  101. unsigned char key_name_hash[20];
  102. unsigned char key_use_flags[4];
  103. unsigned short p_len;
  104. unsigned short q_len;
  105. unsigned short dp_len;
  106. unsigned short dq_len;
  107. unsigned short u_len;
  108. unsigned short mod_len;
  109. unsigned char reserved3[4];
  110. unsigned short pad_len;
  111. unsigned char reserved4[52];
  112. unsigned char confounder[8];
  113. } __attribute__((packed));
  114. #define CCA_PVT_EXT_CRT_SEC_ID_PVT 0x08
  115. #define CCA_PVT_EXT_CRT_SEC_FMT_CL 0x40
  116. /**
  117. * Set up private key fields of a type6 MEX message.
  118. * Note that all numerics in the key token are big-endian,
  119. * while the entries in the key block header are little-endian.
  120. *
  121. * @mex: pointer to user input data
  122. * @p: pointer to memory area for the key
  123. *
  124. * Returns the size of the key area or -EFAULT
  125. */
  126. static inline int zcrypt_type6_mex_key_de(struct ica_rsa_modexpo *mex,
  127. void *p, int big_endian)
  128. {
  129. static struct cca_token_hdr static_pvt_me_hdr = {
  130. .token_identifier = 0x1E,
  131. .token_length = 0x0183,
  132. };
  133. static struct cca_private_ext_ME_sec static_pvt_me_sec = {
  134. .section_identifier = 0x02,
  135. .section_length = 0x016C,
  136. .key_use_flags = {0x80,0x00,0x00,0x00},
  137. };
  138. static struct cca_public_sec static_pub_me_sec = {
  139. .section_identifier = 0x04,
  140. .section_length = 0x000F,
  141. .exponent_len = 0x0003,
  142. };
  143. static char pk_exponent[3] = { 0x01, 0x00, 0x01 };
  144. struct {
  145. struct T6_keyBlock_hdr t6_hdr;
  146. struct cca_token_hdr pvtMeHdr;
  147. struct cca_private_ext_ME_sec pvtMeSec;
  148. struct cca_public_sec pubMeSec;
  149. char exponent[3];
  150. } __attribute__((packed)) *key = p;
  151. unsigned char *temp;
  152. memset(key, 0, sizeof(*key));
  153. if (big_endian) {
  154. key->t6_hdr.blen = cpu_to_be16(0x189);
  155. key->t6_hdr.ulen = cpu_to_be16(0x189 - 2);
  156. } else {
  157. key->t6_hdr.blen = cpu_to_le16(0x189);
  158. key->t6_hdr.ulen = cpu_to_le16(0x189 - 2);
  159. }
  160. key->pvtMeHdr = static_pvt_me_hdr;
  161. key->pvtMeSec = static_pvt_me_sec;
  162. key->pubMeSec = static_pub_me_sec;
  163. /*
  164. * In a private key, the modulus doesn't appear in the public
  165. * section. So, an arbitrary public exponent of 0x010001 will be
  166. * used.
  167. */
  168. memcpy(key->exponent, pk_exponent, 3);
  169. /* key parameter block */
  170. temp = key->pvtMeSec.exponent +
  171. sizeof(key->pvtMeSec.exponent) - mex->inputdatalength;
  172. if (copy_from_user(temp, mex->b_key, mex->inputdatalength))
  173. return -EFAULT;
  174. /* modulus */
  175. temp = key->pvtMeSec.modulus +
  176. sizeof(key->pvtMeSec.modulus) - mex->inputdatalength;
  177. if (copy_from_user(temp, mex->n_modulus, mex->inputdatalength))
  178. return -EFAULT;
  179. key->pubMeSec.modulus_bit_len = 8 * mex->inputdatalength;
  180. return sizeof(*key);
  181. }
  182. /**
  183. * Set up private key fields of a type6 MEX message. The _pad variant
  184. * strips leading zeroes from the b_key.
  185. * Note that all numerics in the key token are big-endian,
  186. * while the entries in the key block header are little-endian.
  187. *
  188. * @mex: pointer to user input data
  189. * @p: pointer to memory area for the key
  190. *
  191. * Returns the size of the key area or -EFAULT
  192. */
  193. static inline int zcrypt_type6_mex_key_en(struct ica_rsa_modexpo *mex,
  194. void *p, int big_endian)
  195. {
  196. static struct cca_token_hdr static_pub_hdr = {
  197. .token_identifier = 0x1E,
  198. };
  199. static struct cca_public_sec static_pub_sec = {
  200. .section_identifier = 0x04,
  201. };
  202. struct {
  203. struct T6_keyBlock_hdr t6_hdr;
  204. struct cca_token_hdr pubHdr;
  205. struct cca_public_sec pubSec;
  206. char exponent[0];
  207. } __attribute__((packed)) *key = p;
  208. unsigned char *temp;
  209. int i;
  210. memset(key, 0, sizeof(*key));
  211. key->pubHdr = static_pub_hdr;
  212. key->pubSec = static_pub_sec;
  213. /* key parameter block */
  214. temp = key->exponent;
  215. if (copy_from_user(temp, mex->b_key, mex->inputdatalength))
  216. return -EFAULT;
  217. /* Strip leading zeroes from b_key. */
  218. for (i = 0; i < mex->inputdatalength; i++)
  219. if (temp[i])
  220. break;
  221. if (i >= mex->inputdatalength)
  222. return -EINVAL;
  223. memmove(temp, temp + i, mex->inputdatalength - i);
  224. temp += mex->inputdatalength - i;
  225. /* modulus */
  226. if (copy_from_user(temp, mex->n_modulus, mex->inputdatalength))
  227. return -EFAULT;
  228. key->pubSec.modulus_bit_len = 8 * mex->inputdatalength;
  229. key->pubSec.modulus_byte_len = mex->inputdatalength;
  230. key->pubSec.exponent_len = mex->inputdatalength - i;
  231. key->pubSec.section_length = sizeof(key->pubSec) +
  232. 2*mex->inputdatalength - i;
  233. key->pubHdr.token_length =
  234. key->pubSec.section_length + sizeof(key->pubHdr);
  235. if (big_endian) {
  236. key->t6_hdr.ulen = cpu_to_be16(key->pubHdr.token_length + 4);
  237. key->t6_hdr.blen = cpu_to_be16(key->pubHdr.token_length + 6);
  238. } else {
  239. key->t6_hdr.ulen = cpu_to_le16(key->pubHdr.token_length + 4);
  240. key->t6_hdr.blen = cpu_to_le16(key->pubHdr.token_length + 6);
  241. }
  242. return sizeof(*key) + 2*mex->inputdatalength - i;
  243. }
  244. /**
  245. * Set up private key fields of a type6 CRT message.
  246. * Note that all numerics in the key token are big-endian,
  247. * while the entries in the key block header are little-endian.
  248. *
  249. * @mex: pointer to user input data
  250. * @p: pointer to memory area for the key
  251. *
  252. * Returns the size of the key area or -EFAULT
  253. */
  254. static inline int zcrypt_type6_crt_key(struct ica_rsa_modexpo_crt *crt,
  255. void *p, int big_endian)
  256. {
  257. static struct cca_public_sec static_cca_pub_sec = {
  258. .section_identifier = 4,
  259. .section_length = 0x000f,
  260. .exponent_len = 0x0003,
  261. };
  262. static char pk_exponent[3] = { 0x01, 0x00, 0x01 };
  263. struct {
  264. struct T6_keyBlock_hdr t6_hdr;
  265. struct cca_token_hdr token;
  266. struct cca_pvt_ext_CRT_sec pvt;
  267. char key_parts[0];
  268. } __attribute__((packed)) *key = p;
  269. struct cca_public_sec *pub;
  270. int short_len, long_len, pad_len, key_len, size;
  271. memset(key, 0, sizeof(*key));
  272. short_len = (crt->inputdatalength + 1) / 2;
  273. long_len = short_len + 8;
  274. pad_len = -(3*long_len + 2*short_len) & 7;
  275. key_len = 3*long_len + 2*short_len + pad_len + crt->inputdatalength;
  276. size = sizeof(*key) + key_len + sizeof(*pub) + 3;
  277. /* parameter block.key block */
  278. if (big_endian) {
  279. key->t6_hdr.blen = cpu_to_be16(size);
  280. key->t6_hdr.ulen = cpu_to_be16(size - 2);
  281. } else {
  282. key->t6_hdr.blen = cpu_to_le16(size);
  283. key->t6_hdr.ulen = cpu_to_le16(size - 2);
  284. }
  285. /* key token header */
  286. key->token.token_identifier = CCA_TKN_HDR_ID_EXT;
  287. key->token.token_length = size - 6;
  288. /* private section */
  289. key->pvt.section_identifier = CCA_PVT_EXT_CRT_SEC_ID_PVT;
  290. key->pvt.section_length = sizeof(key->pvt) + key_len;
  291. key->pvt.key_format = CCA_PVT_EXT_CRT_SEC_FMT_CL;
  292. key->pvt.key_use_flags[0] = CCA_PVT_USAGE_ALL;
  293. key->pvt.p_len = key->pvt.dp_len = key->pvt.u_len = long_len;
  294. key->pvt.q_len = key->pvt.dq_len = short_len;
  295. key->pvt.mod_len = crt->inputdatalength;
  296. key->pvt.pad_len = pad_len;
  297. /* key parts */
  298. if (copy_from_user(key->key_parts, crt->np_prime, long_len) ||
  299. copy_from_user(key->key_parts + long_len,
  300. crt->nq_prime, short_len) ||
  301. copy_from_user(key->key_parts + long_len + short_len,
  302. crt->bp_key, long_len) ||
  303. copy_from_user(key->key_parts + 2*long_len + short_len,
  304. crt->bq_key, short_len) ||
  305. copy_from_user(key->key_parts + 2*long_len + 2*short_len,
  306. crt->u_mult_inv, long_len))
  307. return -EFAULT;
  308. memset(key->key_parts + 3*long_len + 2*short_len + pad_len,
  309. 0xff, crt->inputdatalength);
  310. pub = (struct cca_public_sec *)(key->key_parts + key_len);
  311. *pub = static_cca_pub_sec;
  312. pub->modulus_bit_len = 8 * crt->inputdatalength;
  313. /*
  314. * In a private key, the modulus doesn't appear in the public
  315. * section. So, an arbitrary public exponent of 0x010001 will be
  316. * used.
  317. */
  318. memcpy((char *) (pub + 1), pk_exponent, 3);
  319. return size;
  320. }
  321. #endif /* _ZCRYPT_CCA_KEY_H_ */