Commit 88e4c0da authored by Harald Freudenberger's avatar Harald Freudenberger Committed by Heiko Carstens

s390/zcrypt: harmonize debug feature calls and defines

This patch harmonizes the calls and defines around the
s390 debug feature as it is used in the AP bus and
zcrypt device driver code.

More or less cleanup and renaming, no functional changes.
Signed-off-by: default avatarHarald Freudenberger <freude@linux.ibm.com>
Reviewed-by: default avatarHolger Dengler <dengler@linux.ibm.com>
Signed-off-by: default avatarHeiko Carstens <hca@linux.ibm.com>
parent e8054eae
...@@ -2190,7 +2190,7 @@ static void ap_config_timeout(struct timer_list *unused) ...@@ -2190,7 +2190,7 @@ static void ap_config_timeout(struct timer_list *unused)
static int __init ap_debug_init(void) static int __init ap_debug_init(void)
{ {
ap_dbf_info = debug_register("ap", 2, 1, ap_dbf_info = debug_register("ap", 2, 1,
DBF_MAX_SPRINTF_ARGS * sizeof(long)); AP_DBF_MAX_SPRINTF_ARGS * sizeof(long));
debug_register_view(ap_dbf_info, &debug_sprintf_view); debug_register_view(ap_dbf_info, &debug_sprintf_view);
debug_set_level(ap_dbf_info, DBF_ERR); debug_set_level(ap_dbf_info, DBF_ERR);
......
...@@ -16,7 +16,7 @@ ...@@ -16,7 +16,7 @@
#define RC2ERR(rc) ((rc) ? DBF_ERR : DBF_INFO) #define RC2ERR(rc) ((rc) ? DBF_ERR : DBF_INFO)
#define RC2WARN(rc) ((rc) ? DBF_WARN : DBF_INFO) #define RC2WARN(rc) ((rc) ? DBF_WARN : DBF_INFO)
#define DBF_MAX_SPRINTF_ARGS 6 #define AP_DBF_MAX_SPRINTF_ARGS 6
#define AP_DBF(...) \ #define AP_DBF(...) \
debug_sprintf_event(ap_dbf_info, ##__VA_ARGS__) debug_sprintf_event(ap_dbf_info, ##__VA_ARGS__)
......
...@@ -2038,7 +2038,7 @@ EXPORT_SYMBOL(zcrypt_wait_api_operational); ...@@ -2038,7 +2038,7 @@ EXPORT_SYMBOL(zcrypt_wait_api_operational);
int __init zcrypt_debug_init(void) int __init zcrypt_debug_init(void)
{ {
zcrypt_dbf_info = debug_register("zcrypt", 2, 1, zcrypt_dbf_info = debug_register("zcrypt", 2, 1,
DBF_MAX_SPRINTF_ARGS * sizeof(long)); ZCRYPT_DBF_MAX_SPRINTF_ARGS * sizeof(long));
debug_register_view(zcrypt_dbf_info, &debug_sprintf_view); debug_register_view(zcrypt_dbf_info, &debug_sprintf_view);
debug_set_level(zcrypt_dbf_info, DBF_ERR); debug_set_level(zcrypt_dbf_info, DBF_ERR);
......
...@@ -23,11 +23,6 @@ ...@@ -23,11 +23,6 @@
#include "zcrypt_msgtype6.h" #include "zcrypt_msgtype6.h"
#include "zcrypt_ccamisc.h" #include "zcrypt_ccamisc.h"
#define DEBUG_DBG(...) ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__)
#define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__)
#define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__)
#define DEBUG_ERR(...) ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__)
/* Size of parameter block used for all cca requests/replies */ /* Size of parameter block used for all cca requests/replies */
#define PARMBSIZE 512 #define PARMBSIZE 512
...@@ -367,7 +362,7 @@ int cca_genseckey(u16 cardnr, u16 domain, ...@@ -367,7 +362,7 @@ int cca_genseckey(u16 cardnr, u16 domain,
memcpy(preqparm->lv1.key_length, "KEYLN32 ", 8); memcpy(preqparm->lv1.key_length, "KEYLN32 ", 8);
break; break;
default: default:
DEBUG_ERR("%s unknown/unsupported keybitsize %d\n", ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
__func__, keybitsize); __func__, keybitsize);
rc = -EINVAL; rc = -EINVAL;
goto out; goto out;
...@@ -386,14 +381,14 @@ int cca_genseckey(u16 cardnr, u16 domain, ...@@ -386,14 +381,14 @@ int cca_genseckey(u16 cardnr, u16 domain,
/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
rc = zcrypt_send_cprb(&xcrb); rc = zcrypt_send_cprb(&xcrb);
if (rc) { if (rc) {
DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, errno %d\n", ZCRYPT_DBF_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, errno %d\n",
__func__, (int)cardnr, (int)domain, rc); __func__, (int)cardnr, (int)domain, rc);
goto out; goto out;
} }
/* check response returncode and reasoncode */ /* check response returncode and reasoncode */
if (prepcblk->ccp_rtcode != 0) { if (prepcblk->ccp_rtcode != 0) {
DEBUG_ERR("%s secure key generate failure, card response %d/%d\n", ZCRYPT_DBF_ERR("%s secure key generate failure, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -411,7 +406,7 @@ int cca_genseckey(u16 cardnr, u16 domain, ...@@ -411,7 +406,7 @@ int cca_genseckey(u16 cardnr, u16 domain,
- sizeof(prepparm->lv3.keyblock.toklen) - sizeof(prepparm->lv3.keyblock.toklen)
- sizeof(prepparm->lv3.keyblock.tokattr); - sizeof(prepparm->lv3.keyblock.tokattr);
if (seckeysize != SECKEYBLOBSIZE) { if (seckeysize != SECKEYBLOBSIZE) {
DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n", ZCRYPT_DBF_ERR("%s secure token size mismatch %d != %d bytes\n",
__func__, seckeysize, SECKEYBLOBSIZE); __func__, seckeysize, SECKEYBLOBSIZE);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -505,7 +500,7 @@ int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize, ...@@ -505,7 +500,7 @@ int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize,
keysize = 32; keysize = 32;
break; break;
default: default:
DEBUG_ERR("%s unknown/unsupported keybitsize %d\n", ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
__func__, keybitsize); __func__, keybitsize);
rc = -EINVAL; rc = -EINVAL;
goto out; goto out;
...@@ -524,14 +519,14 @@ int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize, ...@@ -524,14 +519,14 @@ int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize,
/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
rc = zcrypt_send_cprb(&xcrb); rc = zcrypt_send_cprb(&xcrb);
if (rc) { if (rc) {
DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", ZCRYPT_DBF_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
__func__, (int)cardnr, (int)domain, rc); __func__, (int)cardnr, (int)domain, rc);
goto out; goto out;
} }
/* check response returncode and reasoncode */ /* check response returncode and reasoncode */
if (prepcblk->ccp_rtcode != 0) { if (prepcblk->ccp_rtcode != 0) {
DEBUG_ERR("%s clear key import failure, card response %d/%d\n", ZCRYPT_DBF_ERR("%s clear key import failure, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -549,7 +544,7 @@ int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize, ...@@ -549,7 +544,7 @@ int cca_clr2seckey(u16 cardnr, u16 domain, u32 keybitsize,
- sizeof(prepparm->lv3.keyblock.toklen) - sizeof(prepparm->lv3.keyblock.toklen)
- sizeof(prepparm->lv3.keyblock.tokattr); - sizeof(prepparm->lv3.keyblock.tokattr);
if (seckeysize != SECKEYBLOBSIZE) { if (seckeysize != SECKEYBLOBSIZE) {
DEBUG_ERR("%s secure token size mismatch %d != %d bytes\n", ZCRYPT_DBF_ERR("%s secure token size mismatch %d != %d bytes\n",
__func__, seckeysize, SECKEYBLOBSIZE); __func__, seckeysize, SECKEYBLOBSIZE);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -651,14 +646,14 @@ int cca_sec2protkey(u16 cardnr, u16 domain, ...@@ -651,14 +646,14 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
rc = zcrypt_send_cprb(&xcrb); rc = zcrypt_send_cprb(&xcrb);
if (rc) { if (rc) {
DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", ZCRYPT_DBF_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
__func__, (int)cardnr, (int)domain, rc); __func__, (int)cardnr, (int)domain, rc);
goto out; goto out;
} }
/* check response returncode and reasoncode */ /* check response returncode and reasoncode */
if (prepcblk->ccp_rtcode != 0) { if (prepcblk->ccp_rtcode != 0) {
DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n", ZCRYPT_DBF_ERR("%s unwrap secure key failure, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -669,7 +664,7 @@ int cca_sec2protkey(u16 cardnr, u16 domain, ...@@ -669,7 +664,7 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
goto out; goto out;
} }
if (prepcblk->ccp_rscode != 0) { if (prepcblk->ccp_rscode != 0) {
DEBUG_WARN("%s unwrap secure key warning, card response %d/%d\n", ZCRYPT_DBF_WARN("%s unwrap secure key warning, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -683,7 +678,7 @@ int cca_sec2protkey(u16 cardnr, u16 domain, ...@@ -683,7 +678,7 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
/* check the returned keyblock */ /* check the returned keyblock */
if (prepparm->lv3.ckb.version != 0x01 && if (prepparm->lv3.ckb.version != 0x01 &&
prepparm->lv3.ckb.version != 0x02) { prepparm->lv3.ckb.version != 0x02) {
DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n", ZCRYPT_DBF_ERR("%s reply param keyblock version mismatch 0x%02x\n",
__func__, (int)prepparm->lv3.ckb.version); __func__, (int)prepparm->lv3.ckb.version);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -707,7 +702,7 @@ int cca_sec2protkey(u16 cardnr, u16 domain, ...@@ -707,7 +702,7 @@ int cca_sec2protkey(u16 cardnr, u16 domain,
*protkeytype = PKEY_KEYTYPE_AES_256; *protkeytype = PKEY_KEYTYPE_AES_256;
break; break;
default: default:
DEBUG_ERR("%s unknown/unsupported keylen %d\n", ZCRYPT_DBF_ERR("%s unknown/unsupported keylen %d\n",
__func__, prepparm->lv3.ckb.len); __func__, prepparm->lv3.ckb.len);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -840,8 +835,7 @@ int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, ...@@ -840,8 +835,7 @@ int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags,
case 256: case 256:
break; break;
default: default:
DEBUG_ERR( ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
"%s unknown/unsupported keybitsize %d\n",
__func__, keybitsize); __func__, keybitsize);
rc = -EINVAL; rc = -EINVAL;
goto out; goto out;
...@@ -880,16 +874,14 @@ int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, ...@@ -880,16 +874,14 @@ int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags,
/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
rc = zcrypt_send_cprb(&xcrb); rc = zcrypt_send_cprb(&xcrb);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
"%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
__func__, (int)cardnr, (int)domain, rc); __func__, (int)cardnr, (int)domain, rc);
goto out; goto out;
} }
/* check response returncode and reasoncode */ /* check response returncode and reasoncode */
if (prepcblk->ccp_rtcode != 0) { if (prepcblk->ccp_rtcode != 0) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s cipher key generate failure, card response %d/%d\n",
"%s cipher key generate failure, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -905,7 +897,7 @@ int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags, ...@@ -905,7 +897,7 @@ int cca_gencipherkey(u16 cardnr, u16 domain, u32 keybitsize, u32 keygenflags,
/* do some plausibility checks on the key block */ /* do some plausibility checks on the key block */
if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) || if (prepparm->kb.len < 120 + 5 * sizeof(uint16_t) ||
prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) { prepparm->kb.len > 136 + 5 * sizeof(uint16_t)) {
DEBUG_ERR("%s reply with invalid or unknown key block\n", ZCRYPT_DBF_ERR("%s reply with invalid or unknown key block\n",
__func__); __func__);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -1048,16 +1040,14 @@ static int _ip_cprb_helper(u16 cardnr, u16 domain, ...@@ -1048,16 +1040,14 @@ static int _ip_cprb_helper(u16 cardnr, u16 domain,
/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
rc = zcrypt_send_cprb(&xcrb); rc = zcrypt_send_cprb(&xcrb);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
"%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
__func__, (int)cardnr, (int)domain, rc); __func__, (int)cardnr, (int)domain, rc);
goto out; goto out;
} }
/* check response returncode and reasoncode */ /* check response returncode and reasoncode */
if (prepcblk->ccp_rtcode != 0) { if (prepcblk->ccp_rtcode != 0) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s CSNBKPI2 failure, card response %d/%d\n",
"%s CSNBKPI2 failure, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -1073,7 +1063,7 @@ static int _ip_cprb_helper(u16 cardnr, u16 domain, ...@@ -1073,7 +1063,7 @@ static int _ip_cprb_helper(u16 cardnr, u16 domain,
/* do some plausibility checks on the key block */ /* do some plausibility checks on the key block */
if (prepparm->kb.len < 120 + 3 * sizeof(uint16_t) || if (prepparm->kb.len < 120 + 3 * sizeof(uint16_t) ||
prepparm->kb.len > 136 + 3 * sizeof(uint16_t)) { prepparm->kb.len > 136 + 3 * sizeof(uint16_t)) {
DEBUG_ERR("%s reply with invalid or unknown key block\n", ZCRYPT_DBF_ERR("%s reply with invalid or unknown key block\n",
__func__); __func__);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -1132,32 +1122,28 @@ int cca_clr2cipherkey(u16 card, u16 dom, u32 keybitsize, u32 keygenflags, ...@@ -1132,32 +1122,28 @@ int cca_clr2cipherkey(u16 card, u16 dom, u32 keybitsize, u32 keygenflags,
rc = _ip_cprb_helper(card, dom, "AES ", "FIRST ", "MIN3PART", rc = _ip_cprb_helper(card, dom, "AES ", "FIRST ", "MIN3PART",
exorbuf, keybitsize, token, &tokensize); exorbuf, keybitsize, token, &tokensize);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s clear key import 1/4 with CSNBKPI2 failed, rc=%d\n",
"%s clear key import 1/4 with CSNBKPI2 failed, rc=%d\n",
__func__, rc); __func__, rc);
goto out; goto out;
} }
rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL, rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL,
clrkey, keybitsize, token, &tokensize); clrkey, keybitsize, token, &tokensize);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s clear key import 2/4 with CSNBKPI2 failed, rc=%d\n",
"%s clear key import 2/4 with CSNBKPI2 failed, rc=%d\n",
__func__, rc); __func__, rc);
goto out; goto out;
} }
rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL, rc = _ip_cprb_helper(card, dom, "AES ", "ADD-PART", NULL,
exorbuf, keybitsize, token, &tokensize); exorbuf, keybitsize, token, &tokensize);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s clear key import 3/4 with CSNBKPI2 failed, rc=%d\n",
"%s clear key import 3/4 with CSNBKPI2 failed, rc=%d\n",
__func__, rc); __func__, rc);
goto out; goto out;
} }
rc = _ip_cprb_helper(card, dom, "AES ", "COMPLETE", NULL, rc = _ip_cprb_helper(card, dom, "AES ", "COMPLETE", NULL,
NULL, keybitsize, token, &tokensize); NULL, keybitsize, token, &tokensize);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s clear key import 4/4 with CSNBKPI2 failed, rc=%d\n",
"%s clear key import 4/4 with CSNBKPI2 failed, rc=%d\n",
__func__, rc); __func__, rc);
goto out; goto out;
} }
...@@ -1265,16 +1251,14 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey, ...@@ -1265,16 +1251,14 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
rc = zcrypt_send_cprb(&xcrb); rc = zcrypt_send_cprb(&xcrb);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
"%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
__func__, (int)cardnr, (int)domain, rc); __func__, (int)cardnr, (int)domain, rc);
goto out; goto out;
} }
/* check response returncode and reasoncode */ /* check response returncode and reasoncode */
if (prepcblk->ccp_rtcode != 0) { if (prepcblk->ccp_rtcode != 0) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s unwrap secure key failure, card response %d/%d\n",
"%s unwrap secure key failure, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -1285,8 +1269,7 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey, ...@@ -1285,8 +1269,7 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
goto out; goto out;
} }
if (prepcblk->ccp_rscode != 0) { if (prepcblk->ccp_rscode != 0) {
DEBUG_WARN( ZCRYPT_DBF_WARN("%s unwrap secure key warning, card response %d/%d\n",
"%s unwrap secure key warning, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -1300,14 +1283,13 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey, ...@@ -1300,14 +1283,13 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
/* check the returned keyblock */ /* check the returned keyblock */
if (prepparm->vud.ckb.version != 0x01 && if (prepparm->vud.ckb.version != 0x01 &&
prepparm->vud.ckb.version != 0x02) { prepparm->vud.ckb.version != 0x02) {
DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x\n", ZCRYPT_DBF_ERR("%s reply param keyblock version mismatch 0x%02x\n",
__func__, (int)prepparm->vud.ckb.version); __func__, (int)prepparm->vud.ckb.version);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
if (prepparm->vud.ckb.algo != 0x02) { if (prepparm->vud.ckb.algo != 0x02) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s reply param keyblock algo mismatch 0x%02x != 0x02\n",
"%s reply param keyblock algo mismatch 0x%02x != 0x02\n",
__func__, (int)prepparm->vud.ckb.algo); __func__, (int)prepparm->vud.ckb.algo);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -1331,7 +1313,7 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey, ...@@ -1331,7 +1313,7 @@ int cca_cipher2protkey(u16 cardnr, u16 domain, const u8 *ckey,
*protkeytype = PKEY_KEYTYPE_AES_256; *protkeytype = PKEY_KEYTYPE_AES_256;
break; break;
default: default:
DEBUG_ERR("%s unknown/unsupported keylen %d\n", ZCRYPT_DBF_ERR("%s unknown/unsupported keylen %d\n",
__func__, prepparm->vud.ckb.keylen); __func__, prepparm->vud.ckb.keylen);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -1432,16 +1414,14 @@ int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key, ...@@ -1432,16 +1414,14 @@ int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key,
/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
rc = zcrypt_send_cprb(&xcrb); rc = zcrypt_send_cprb(&xcrb);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
"%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
__func__, (int)cardnr, (int)domain, rc); __func__, (int)cardnr, (int)domain, rc);
goto out; goto out;
} }
/* check response returncode and reasoncode */ /* check response returncode and reasoncode */
if (prepcblk->ccp_rtcode != 0) { if (prepcblk->ccp_rtcode != 0) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s unwrap secure key failure, card response %d/%d\n",
"%s unwrap secure key failure, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -1452,8 +1432,7 @@ int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key, ...@@ -1452,8 +1432,7 @@ int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key,
goto out; goto out;
} }
if (prepcblk->ccp_rscode != 0) { if (prepcblk->ccp_rscode != 0) {
DEBUG_WARN( ZCRYPT_DBF_WARN("%s unwrap secure key warning, card response %d/%d\n",
"%s unwrap secure key warning, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
...@@ -1466,14 +1445,13 @@ int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key, ...@@ -1466,14 +1445,13 @@ int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key,
/* check the returned keyblock */ /* check the returned keyblock */
if (prepparm->vud.ckb.version != 0x02) { if (prepparm->vud.ckb.version != 0x02) {
DEBUG_ERR("%s reply param keyblock version mismatch 0x%02x != 0x02\n", ZCRYPT_DBF_ERR("%s reply param keyblock version mismatch 0x%02x != 0x02\n",
__func__, (int)prepparm->vud.ckb.version); __func__, (int)prepparm->vud.ckb.version);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
if (prepparm->vud.ckb.algo != 0x81) { if (prepparm->vud.ckb.algo != 0x81) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s reply param keyblock algo mismatch 0x%02x != 0x81\n",
"%s reply param keyblock algo mismatch 0x%02x != 0x81\n",
__func__, (int)prepparm->vud.ckb.algo); __func__, (int)prepparm->vud.ckb.algo);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -1481,7 +1459,7 @@ int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key, ...@@ -1481,7 +1459,7 @@ int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key,
/* copy the translated protected key */ /* copy the translated protected key */
if (prepparm->vud.ckb.keylen > *protkeylen) { if (prepparm->vud.ckb.keylen > *protkeylen) {
DEBUG_ERR("%s prot keylen mismatch %d > buffersize %u\n", ZCRYPT_DBF_ERR("%s prot keylen mismatch %d > buffersize %u\n",
__func__, prepparm->vud.ckb.keylen, *protkeylen); __func__, prepparm->vud.ckb.keylen, *protkeylen);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -1550,14 +1528,14 @@ int cca_query_crypto_facility(u16 cardnr, u16 domain, ...@@ -1550,14 +1528,14 @@ int cca_query_crypto_facility(u16 cardnr, u16 domain,
/* forward xcrb with request CPRB and reply CPRB to zcrypt dd */ /* forward xcrb with request CPRB and reply CPRB to zcrypt dd */
rc = zcrypt_send_cprb(&xcrb); rc = zcrypt_send_cprb(&xcrb);
if (rc) { if (rc) {
DEBUG_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n", ZCRYPT_DBF_ERR("%s zcrypt_send_cprb (cardnr=%d domain=%d) failed, rc=%d\n",
__func__, (int)cardnr, (int)domain, rc); __func__, (int)cardnr, (int)domain, rc);
goto out; goto out;
} }
/* check response returncode and reasoncode */ /* check response returncode and reasoncode */
if (prepcblk->ccp_rtcode != 0) { if (prepcblk->ccp_rtcode != 0) {
DEBUG_ERR("%s unwrap secure key failure, card response %d/%d\n", ZCRYPT_DBF_ERR("%s unwrap secure key failure, card response %d/%d\n",
__func__, __func__,
(int)prepcblk->ccp_rtcode, (int)prepcblk->ccp_rtcode,
(int)prepcblk->ccp_rscode); (int)prepcblk->ccp_rscode);
......
...@@ -17,7 +17,7 @@ ...@@ -17,7 +17,7 @@
#define RC2ERR(rc) ((rc) ? DBF_ERR : DBF_INFO) #define RC2ERR(rc) ((rc) ? DBF_ERR : DBF_INFO)
#define RC2WARN(rc) ((rc) ? DBF_WARN : DBF_INFO) #define RC2WARN(rc) ((rc) ? DBF_WARN : DBF_INFO)
#define DBF_MAX_SPRINTF_ARGS 6 #define ZCRYPT_DBF_MAX_SPRINTF_ARGS 6
#define ZCRYPT_DBF(...) \ #define ZCRYPT_DBF(...) \
debug_sprintf_event(zcrypt_dbf_info, ##__VA_ARGS__) debug_sprintf_event(zcrypt_dbf_info, ##__VA_ARGS__)
......
...@@ -24,11 +24,6 @@ ...@@ -24,11 +24,6 @@
#include "zcrypt_ep11misc.h" #include "zcrypt_ep11misc.h"
#include "zcrypt_ccamisc.h" #include "zcrypt_ccamisc.h"
#define DEBUG_DBG(...) ZCRYPT_DBF(DBF_DEBUG, ##__VA_ARGS__)
#define DEBUG_INFO(...) ZCRYPT_DBF(DBF_INFO, ##__VA_ARGS__)
#define DEBUG_WARN(...) ZCRYPT_DBF(DBF_WARN, ##__VA_ARGS__)
#define DEBUG_ERR(...) ZCRYPT_DBF(DBF_ERR, ##__VA_ARGS__)
#define EP11_PINBLOB_V1_BYTES 56 #define EP11_PINBLOB_V1_BYTES 56
/* default iv used here */ /* default iv used here */
...@@ -510,7 +505,7 @@ static int check_reply_pl(const u8 *pl, const char *func) ...@@ -510,7 +505,7 @@ static int check_reply_pl(const u8 *pl, const char *func)
/* start tag */ /* start tag */
if (*pl++ != 0x30) { if (*pl++ != 0x30) {
DEBUG_ERR("%s reply start tag mismatch\n", func); ZCRYPT_DBF_ERR("%s reply start tag mismatch\n", func);
return -EIO; return -EIO;
} }
...@@ -527,40 +522,41 @@ static int check_reply_pl(const u8 *pl, const char *func) ...@@ -527,40 +522,41 @@ static int check_reply_pl(const u8 *pl, const char *func)
len = *((u16 *)pl); len = *((u16 *)pl);
pl += 2; pl += 2;
} else { } else {
DEBUG_ERR("%s reply start tag lenfmt mismatch 0x%02hhx\n", ZCRYPT_DBF_ERR("%s reply start tag lenfmt mismatch 0x%02hhx\n",
func, *pl); func, *pl);
return -EIO; return -EIO;
} }
/* len should cover at least 3 fields with 32 bit value each */ /* len should cover at least 3 fields with 32 bit value each */
if (len < 3 * 6) { if (len < 3 * 6) {
DEBUG_ERR("%s reply length %d too small\n", func, len); ZCRYPT_DBF_ERR("%s reply length %d too small\n", func, len);
return -EIO; return -EIO;
} }
/* function tag, length and value */ /* function tag, length and value */
if (pl[0] != 0x04 || pl[1] != 0x04) { if (pl[0] != 0x04 || pl[1] != 0x04) {
DEBUG_ERR("%s function tag or length mismatch\n", func); ZCRYPT_DBF_ERR("%s function tag or length mismatch\n", func);
return -EIO; return -EIO;
} }
pl += 6; pl += 6;
/* dom tag, length and value */ /* dom tag, length and value */
if (pl[0] != 0x04 || pl[1] != 0x04) { if (pl[0] != 0x04 || pl[1] != 0x04) {
DEBUG_ERR("%s dom tag or length mismatch\n", func); ZCRYPT_DBF_ERR("%s dom tag or length mismatch\n", func);
return -EIO; return -EIO;
} }
pl += 6; pl += 6;
/* return value tag, length and value */ /* return value tag, length and value */
if (pl[0] != 0x04 || pl[1] != 0x04) { if (pl[0] != 0x04 || pl[1] != 0x04) {
DEBUG_ERR("%s return value tag or length mismatch\n", func); ZCRYPT_DBF_ERR("%s return value tag or length mismatch\n",
func);
return -EIO; return -EIO;
} }
pl += 2; pl += 2;
ret = *((u32 *)pl); ret = *((u32 *)pl);
if (ret != 0) { if (ret != 0) {
DEBUG_ERR("%s return value 0x%04x != 0\n", func, ret); ZCRYPT_DBF_ERR("%s return value 0x%04x != 0\n", func, ret);
return -EIO; return -EIO;
} }
...@@ -626,8 +622,7 @@ static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type, ...@@ -626,8 +622,7 @@ static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type,
rc = zcrypt_send_ep11_cprb(urb); rc = zcrypt_send_ep11_cprb(urb);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
"%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
__func__, (int)cardnr, (int)domain, rc); __func__, (int)cardnr, (int)domain, rc);
goto out; goto out;
} }
...@@ -636,12 +631,12 @@ static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type, ...@@ -636,12 +631,12 @@ static int ep11_query_info(u16 cardnr, u16 domain, u32 query_type,
if (rc) if (rc)
goto out; goto out;
if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
DEBUG_ERR("%s unknown reply data format\n", __func__); ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
if (rep_pl->data_len > buflen) { if (rep_pl->data_len > buflen) {
DEBUG_ERR("%s mismatch between reply data len and buffer len\n", ZCRYPT_DBF_ERR("%s mismatch between reply data len and buffer len\n",
__func__); __func__);
rc = -ENOSPC; rc = -ENOSPC;
goto out; goto out;
...@@ -816,8 +811,7 @@ static int _ep11_genaeskey(u16 card, u16 domain, ...@@ -816,8 +811,7 @@ static int _ep11_genaeskey(u16 card, u16 domain,
case 256: case 256:
break; break;
default: default:
DEBUG_ERR( ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
"%s unknown/unsupported keybitsize %d\n",
__func__, keybitsize); __func__, keybitsize);
rc = -EINVAL; rc = -EINVAL;
goto out; goto out;
...@@ -878,8 +872,7 @@ static int _ep11_genaeskey(u16 card, u16 domain, ...@@ -878,8 +872,7 @@ static int _ep11_genaeskey(u16 card, u16 domain,
rc = zcrypt_send_ep11_cprb(urb); rc = zcrypt_send_ep11_cprb(urb);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
"%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
__func__, (int)card, (int)domain, rc); __func__, (int)card, (int)domain, rc);
goto out; goto out;
} }
...@@ -888,12 +881,12 @@ static int _ep11_genaeskey(u16 card, u16 domain, ...@@ -888,12 +881,12 @@ static int _ep11_genaeskey(u16 card, u16 domain,
if (rc) if (rc)
goto out; goto out;
if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
DEBUG_ERR("%s unknown reply data format\n", __func__); ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
if (rep_pl->data_len > *keybufsize) { if (rep_pl->data_len > *keybufsize) {
DEBUG_ERR("%s mismatch reply data len / key buffer len\n", ZCRYPT_DBF_ERR("%s mismatch reply data len / key buffer len\n",
__func__); __func__);
rc = -ENOSPC; rc = -ENOSPC;
goto out; goto out;
...@@ -1030,8 +1023,7 @@ static int ep11_cryptsingle(u16 card, u16 domain, ...@@ -1030,8 +1023,7 @@ static int ep11_cryptsingle(u16 card, u16 domain,
rc = zcrypt_send_ep11_cprb(urb); rc = zcrypt_send_ep11_cprb(urb);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
"%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
__func__, (int)card, (int)domain, rc); __func__, (int)card, (int)domain, rc);
goto out; goto out;
} }
...@@ -1040,7 +1032,7 @@ static int ep11_cryptsingle(u16 card, u16 domain, ...@@ -1040,7 +1032,7 @@ static int ep11_cryptsingle(u16 card, u16 domain,
if (rc) if (rc)
goto out; goto out;
if (rep_pl->data_tag != 0x04) { if (rep_pl->data_tag != 0x04) {
DEBUG_ERR("%s unknown reply data format\n", __func__); ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
...@@ -1053,13 +1045,13 @@ static int ep11_cryptsingle(u16 card, u16 domain, ...@@ -1053,13 +1045,13 @@ static int ep11_cryptsingle(u16 card, u16 domain,
n = *((u16 *)p); n = *((u16 *)p);
p += 2; p += 2;
} else { } else {
DEBUG_ERR("%s unknown reply data length format 0x%02hhx\n", ZCRYPT_DBF_ERR("%s unknown reply data length format 0x%02hhx\n",
__func__, rep_pl->data_lenfmt); __func__, rep_pl->data_lenfmt);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
if (n > *outbufsize) { if (n > *outbufsize) {
DEBUG_ERR("%s mismatch reply data len %d / output buffer %zu\n", ZCRYPT_DBF_ERR("%s mismatch reply data len %d / output buffer %zu\n",
__func__, n, *outbufsize); __func__, n, *outbufsize);
rc = -ENOSPC; rc = -ENOSPC;
goto out; goto out;
...@@ -1188,8 +1180,7 @@ static int _ep11_unwrapkey(u16 card, u16 domain, ...@@ -1188,8 +1180,7 @@ static int _ep11_unwrapkey(u16 card, u16 domain,
rc = zcrypt_send_ep11_cprb(urb); rc = zcrypt_send_ep11_cprb(urb);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
"%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
__func__, (int)card, (int)domain, rc); __func__, (int)card, (int)domain, rc);
goto out; goto out;
} }
...@@ -1198,12 +1189,12 @@ static int _ep11_unwrapkey(u16 card, u16 domain, ...@@ -1198,12 +1189,12 @@ static int _ep11_unwrapkey(u16 card, u16 domain,
if (rc) if (rc)
goto out; goto out;
if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
DEBUG_ERR("%s unknown reply data format\n", __func__); ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
if (rep_pl->data_len > *keybufsize) { if (rep_pl->data_len > *keybufsize) {
DEBUG_ERR("%s mismatch reply data len / key buffer len\n", ZCRYPT_DBF_ERR("%s mismatch reply data len / key buffer len\n",
__func__); __func__);
rc = -ENOSPC; rc = -ENOSPC;
goto out; goto out;
...@@ -1343,8 +1334,7 @@ static int _ep11_wrapkey(u16 card, u16 domain, ...@@ -1343,8 +1334,7 @@ static int _ep11_wrapkey(u16 card, u16 domain,
rc = zcrypt_send_ep11_cprb(urb); rc = zcrypt_send_ep11_cprb(urb);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
"%s zcrypt_send_ep11_cprb(card=%d dom=%d) failed, rc=%d\n",
__func__, (int)card, (int)domain, rc); __func__, (int)card, (int)domain, rc);
goto out; goto out;
} }
...@@ -1353,12 +1343,12 @@ static int _ep11_wrapkey(u16 card, u16 domain, ...@@ -1353,12 +1343,12 @@ static int _ep11_wrapkey(u16 card, u16 domain,
if (rc) if (rc)
goto out; goto out;
if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) { if (rep_pl->data_tag != 0x04 || rep_pl->data_lenfmt != 0x82) {
DEBUG_ERR("%s unknown reply data format\n", __func__); ZCRYPT_DBF_ERR("%s unknown reply data format\n", __func__);
rc = -EIO; rc = -EIO;
goto out; goto out;
} }
if (rep_pl->data_len > *datasize) { if (rep_pl->data_len > *datasize) {
DEBUG_ERR("%s mismatch reply data len / data buffer len\n", ZCRYPT_DBF_ERR("%s mismatch reply data len / data buffer len\n",
__func__); __func__);
rc = -ENOSPC; rc = -ENOSPC;
goto out; goto out;
...@@ -1386,8 +1376,7 @@ int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, ...@@ -1386,8 +1376,7 @@ int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
if (keybitsize == 128 || keybitsize == 192 || keybitsize == 256) { if (keybitsize == 128 || keybitsize == 192 || keybitsize == 256) {
clrkeylen = keybitsize / 8; clrkeylen = keybitsize / 8;
} else { } else {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s unknown/unsupported keybitsize %d\n",
"%s unknown/unsupported keybitsize %d\n",
__func__, keybitsize); __func__, keybitsize);
return -EINVAL; return -EINVAL;
} }
...@@ -1405,8 +1394,7 @@ int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, ...@@ -1405,8 +1394,7 @@ int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
0x00006c00, /* EN/DECRYPT, WRAP/UNWRAP */ 0x00006c00, /* EN/DECRYPT, WRAP/UNWRAP */
kek, &keklen); kek, &keklen);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s generate kek key failed, rc=%d\n",
"%s generate kek key failed, rc=%d\n",
__func__, rc); __func__, rc);
goto out; goto out;
} }
...@@ -1415,8 +1403,7 @@ int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, ...@@ -1415,8 +1403,7 @@ int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
rc = ep11_cryptsingle(card, domain, 0, 0, def_iv, kek, keklen, rc = ep11_cryptsingle(card, domain, 0, 0, def_iv, kek, keklen,
clrkey, clrkeylen, encbuf, &encbuflen); clrkey, clrkeylen, encbuf, &encbuflen);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s encrypting key value with kek key failed, rc=%d\n",
"%s encrypting key value with kek key failed, rc=%d\n",
__func__, rc); __func__, rc);
goto out; goto out;
} }
...@@ -1426,8 +1413,7 @@ int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags, ...@@ -1426,8 +1413,7 @@ int ep11_clr2keyblob(u16 card, u16 domain, u32 keybitsize, u32 keygenflags,
encbuf, encbuflen, 0, def_iv, encbuf, encbuflen, 0, def_iv,
keybitsize, 0, keybuf, keybufsize, keytype); keybitsize, 0, keybuf, keybufsize, keytype);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s importing key value as new key failed,, rc=%d\n",
"%s importing key value as new key failed,, rc=%d\n",
__func__, rc); __func__, rc);
goto out; goto out;
} }
...@@ -1476,8 +1462,7 @@ int ep11_kblob2protkey(u16 card, u16 dom, ...@@ -1476,8 +1462,7 @@ int ep11_kblob2protkey(u16 card, u16 dom,
rc = _ep11_wrapkey(card, dom, (u8 *)key, keylen, rc = _ep11_wrapkey(card, dom, (u8 *)key, keylen,
0, def_iv, wkbuf, &wkbuflen); 0, def_iv, wkbuf, &wkbuflen);
if (rc) { if (rc) {
DEBUG_ERR( ZCRYPT_DBF_ERR("%s rewrapping ep11 key to pkey failed, rc=%d\n",
"%s rewrapping ep11 key to pkey failed, rc=%d\n",
__func__, rc); __func__, rc);
goto out; goto out;
} }
...@@ -1485,7 +1470,7 @@ int ep11_kblob2protkey(u16 card, u16 dom, ...@@ -1485,7 +1470,7 @@ int ep11_kblob2protkey(u16 card, u16 dom,
/* check struct version and pkey type */ /* check struct version and pkey type */
if (wki->version != 1 || wki->pkeytype < 1 || wki->pkeytype > 5) { if (wki->version != 1 || wki->pkeytype < 1 || wki->pkeytype > 5) {
DEBUG_ERR("%s wk info version %d or pkeytype %d mismatch.\n", ZCRYPT_DBF_ERR("%s wk info version %d or pkeytype %d mismatch.\n",
__func__, (int)wki->version, (int)wki->pkeytype); __func__, (int)wki->version, (int)wki->pkeytype);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -1511,7 +1496,7 @@ int ep11_kblob2protkey(u16 card, u16 dom, ...@@ -1511,7 +1496,7 @@ int ep11_kblob2protkey(u16 card, u16 dom,
*protkeytype = PKEY_KEYTYPE_AES_256; *protkeytype = PKEY_KEYTYPE_AES_256;
break; break;
default: default:
DEBUG_ERR("%s unknown/unsupported AES pkeysize %d\n", ZCRYPT_DBF_ERR("%s unknown/unsupported AES pkeysize %d\n",
__func__, (int)wki->pkeysize); __func__, (int)wki->pkeysize);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -1525,7 +1510,7 @@ int ep11_kblob2protkey(u16 card, u16 dom, ...@@ -1525,7 +1510,7 @@ int ep11_kblob2protkey(u16 card, u16 dom,
break; break;
case 2: /* TDES */ case 2: /* TDES */
default: default:
DEBUG_ERR("%s unknown/unsupported key type %d\n", ZCRYPT_DBF_ERR("%s unknown/unsupported key type %d\n",
__func__, (int)wki->pkeytype); __func__, (int)wki->pkeytype);
rc = -EIO; rc = -EIO;
goto out; goto out;
...@@ -1533,7 +1518,7 @@ int ep11_kblob2protkey(u16 card, u16 dom, ...@@ -1533,7 +1518,7 @@ int ep11_kblob2protkey(u16 card, u16 dom,
/* copy the translated protected key */ /* copy the translated protected key */
if (wki->pkeysize > *protkeylen) { if (wki->pkeysize > *protkeylen) {
DEBUG_ERR("%s wk info pkeysize %llu > protkeysize %u\n", ZCRYPT_DBF_ERR("%s wk info pkeysize %llu > protkeysize %u\n",
__func__, wki->pkeysize, *protkeylen); __func__, wki->pkeysize, *protkeylen);
rc = -EINVAL; rc = -EINVAL;
goto out; goto out;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment