Lines Matching full:key
16 /* Key token types */
17 #define TOKTYPE_NON_CCA 0x00 /* Non-CCA key token */
18 #define TOKTYPE_CCA_INTERNAL 0x01 /* CCA internal sym key token */
19 #define TOKTYPE_CCA_INTERNAL_PKA 0x1f /* CCA internal asym key token */
22 #define TOKVER_PROTECTED_KEY 0x01 /* Protected key token */
23 #define TOKVER_CLEAR_KEY 0x02 /* Clear key token */
26 #define TOKVER_CCA_AES 0x04 /* CCA AES key token */
27 #define TOKVER_CCA_VLSC 0x05 /* var length sym cipher key token */
29 /* Max size of a cca variable length cipher key token */
32 /* header part of a CCA key token */
41 /* inside view of a CCA secure key token (only type 0x01 version 0x04) */
43 u8 type; /* 0x01 for internal key token */
47 u8 flag; /* key flags */
49 u64 mkvp; /* master key verification pattern */
50 u8 key[32]; /* key value (encrypted) */ member
52 u16 bitsize; /* key bit size */
53 u16 keysize; /* key byte size */
57 /* inside view of a variable length symmetric cipher AES key token */
59 u8 type; /* 0x01 for internal key token */
61 u16 len; /* total key token length in bytes */
64 u8 kms; /* key material state, 0x03 means wrapped with MK */
65 u8 kvpt; /* key verification pattern type, should be 0x01 */
66 u64 mkvp0; /* master key verification pattern, lo part */
67 u64 mkvp1; /* master key verification pattern, hi part (unused) */
68 u8 eskwm; /* encrypted section key wrapping method */
69 u8 hashalg; /* hash algorithmus used for wrapping key */
75 u8 kllen; /* optional key label length */
87 u8 kufc; /* key usage field count */
88 u16 kuf1; /* key usage field 1 */
89 u16 kuf2; /* key usage field 2 */
90 u8 kmfc; /* key management field count */
91 u16 kmf1; /* key management field 1 */
92 u16 kmf2; /* key management field 2 */
93 u16 kmf3; /* key management field 3 */
97 /* inside view of an CCA secure ECC private key */
99 u8 type; /* 0x1f for internal asym key token */
101 u16 len; /* total key token length in bytes */
103 u8 secid; /* 0x20 for ECC priv key section marker */
109 u8 kutc; /* key usage and translation control */
111 u8 kfs; /* key format and security */
112 u8 ksrc; /* key source */
115 u64 mkvp; /* master key verification pattern */
116 u8 opk[48]; /* encrypted object protection key data */
133 * Simple check if the token is a valid CCA secure AES data key
134 * token. If keybitsize is given, the bitsize of the key is
141 * Simple check if the token is a valid CCA secure AES cipher key
142 * token. If keybitsize is given, the bitsize of the key is
143 * also checked. If checkcpacfexport is enabled, the key is also
153 * key token. Returns 0 on success or errno value on failure.
160 * Generate (random) CCA AES DATA secure key.
165 * Generate CCA AES DATA secure key with given clear key value.
171 * Derive proteced key from an CCA AES DATA secure key.
178 * Generate (random) CCA AES CIPHER secure key.
184 * Derive proteced key from CCA AES cipher secure key.
190 * Build CCA AES CIPHER secure key with a given clear key value.
196 * Derive proteced key from CCA ECC secure private key.
198 int cca_ecc2protkey(u16 cardnr, u16 domain, const u8 *key,
210 * Search for a matching crypto card based on the Master Key
211 * Verification Pattern provided inside a secure key.
216 int cca_findcard(const u8 *key, u16 *pcardnr, u16 *pdomain, int verify);
257 u64 new_aes_mkvp; /* truncated sha256 of new aes master key */
258 u64 cur_aes_mkvp; /* truncated sha256 of current aes master key */
259 u64 old_aes_mkvp; /* truncated sha256 of old aes master key */
260 u64 new_apka_mkvp; /* truncated sha256 of new apka master key */
263 u8 new_asym_mkvp[16]; /* verify pattern of new asym master key */
264 u8 cur_asym_mkvp[16]; /* verify pattern of current asym master key */
265 u8 old_asym_mkvp[16]; /* verify pattern of old asym master key */