86 lines
3.1 KiB
Diff
86 lines
3.1 KiB
Diff
|
Subject: zkey: Cross check APQNs when importing secure keys
|
||
|
|
From: Ingo Franzki <ifranzki@linux.ibm.com>
|
||
|
|
|
||
|
|
Summary: zkey: check master key consistency
|
||
|
|
Description: Enhances the zkey tool to perform a cross check whether the
|
||
|
|
APQNs associated with a secure key have the same master key.
|
||
|
|
Display the master key verification pattern of a secure key
|
||
|
|
during the zkey validate command. This helps to better identify
|
||
|
|
which master key is the correct one, in case of master key
|
||
|
|
inconsistencies.
|
||
|
|
Select an appropriate APQN when re-enciphering a secure key.
|
||
|
|
Re-enciphering is done using the CCA host library. Special
|
||
|
|
handling is required to select an appropriate APQN for use with
|
||
|
|
the CCA host library.
|
||
|
|
Upstream-ID: d854aed4b8154e7420def8749db2106a049dd80a
|
||
|
|
Problem-ID: SEC1916
|
||
|
|
|
||
|
|
Upstream-Description:
|
||
|
|
|
||
|
|
zkey: Cross check APQNs when importing secure keys
|
||
|
|
|
||
|
|
Perform a cross check of the APQNs when an existing secure AES key is
|
||
|
|
imported into the key repository. When a set of APQNs are associated to
|
||
|
|
the imported secure key, these APQNs are cross checked. If no APQNs are
|
||
|
|
associated to imported secure key, then all currently available
|
||
|
|
APQNs are cross checked. If a master key mismatch is detected, then
|
||
|
|
the key import is rejected.
|
||
|
|
|
||
|
|
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
|
||
|
|
Reviewed-by: Harald Freudenberger <freude@linux.ibm.com>
|
||
|
|
Signed-off-by: Jan Hoeppner <hoeppner@linux.ibm.com>
|
||
|
|
|
||
|
|
|
||
|
|
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
|
||
|
|
---
|
||
|
|
zkey/keystore.c | 21 +++++++++++++++++++++
|
||
|
|
1 file changed, 21 insertions(+)
|
||
|
|
|
||
|
|
--- a/zkey/keystore.c
|
||
|
|
+++ b/zkey/keystore.c
|
||
|
|
@@ -1770,6 +1770,7 @@ int keystore_import_key(struct keystore
|
||
|
|
struct properties *key_props = NULL;
|
||
|
|
size_t secure_key_size;
|
||
|
|
u8 *secure_key;
|
||
|
|
+ u64 mkvp;
|
||
|
|
int rc;
|
||
|
|
|
||
|
|
util_assert(keystore != NULL, "Internal error: keystore is NULL");
|
||
|
|
@@ -1791,9 +1792,26 @@ int keystore_import_key(struct keystore
|
||
|
|
goto out_free_key_filenames;
|
||
|
|
}
|
||
|
|
|
||
|
|
+ rc = get_master_key_verification_pattern(secure_key, secure_key_size,
|
||
|
|
+ &mkvp, keystore->verbose);
|
||
|
|
+ if (rc != 0) {
|
||
|
|
+ warnx("Failed to get the master key verification pattern: %s",
|
||
|
|
+ strerror(-rc));
|
||
|
|
+ goto out_free_key;
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
+ rc = cross_check_apqns(apqns, mkvp, true, keystore->verbose);
|
||
|
|
+ if (rc == -EINVAL)
|
||
|
|
+ goto out_free_key;
|
||
|
|
+ if (rc != 0 && rc != -ENOTSUP && noapqncheck == 0) {
|
||
|
|
+ warnx("Your master key setup is improper");
|
||
|
|
+ goto out_free_key;
|
||
|
|
+ }
|
||
|
|
+
|
||
|
|
rc = write_secure_key(file_names.skey_filename, secure_key,
|
||
|
|
secure_key_size, keystore->verbose);
|
||
|
|
free(secure_key);
|
||
|
|
+ secure_key = NULL;
|
||
|
|
if (rc != 0)
|
||
|
|
goto out_free_props;
|
||
|
|
|
||
|
|
@@ -1811,6 +1829,9 @@ int keystore_import_key(struct keystore
|
||
|
|
"Successfully imported a secure key in '%s' and key info in '%s'",
|
||
|
|
file_names.skey_filename, file_names.info_filename);
|
||
|
|
|
||
|
|
+out_free_key:
|
||
|
|
+ if (secure_key != NULL)
|
||
|
|
+ free(secure_key);
|
||
|
|
out_free_props:
|
||
|
|
if (key_props != NULL)
|
||
|
|
properties_free(key_props);
|