hisilicon/sec2/sec_crypto.h

0001 /* SPDX-License-Identifier: GPL-2.0 */
0002 /* Copyright (c) 2019 HiSilicon Limited. */
0003
0004 #ifndef __HISI_SEC_V2_CRYPTO_H
0005 #define __HISI_SEC_V2_CRYPTO_H
0006
0007 #define SEC_AIV_SIZE        12
0008 #define SEC_IV_SIZE     24
0009 #define SEC_MAX_KEY_SIZE    64
0010 #define SEC_MAX_AKEY_SIZE   128
0011 #define SEC_COMM_SCENE      0
0012 #define SEC_MIN_BLOCK_SZ    1
0013
0014 enum sec_calg {
0015     SEC_CALG_3DES = 0x1,
0016     SEC_CALG_AES  = 0x2,
0017     SEC_CALG_SM4  = 0x3,
0018 };
0019
0020 enum sec_hash_alg {
0021     SEC_A_HMAC_SHA1   = 0x10,
0022     SEC_A_HMAC_SHA256 = 0x11,
0023     SEC_A_HMAC_SHA512 = 0x15,
0024 };
0025
0026 enum sec_mac_len {
0027     SEC_HMAC_CCM_MAC   = 16,
0028     SEC_HMAC_GCM_MAC   = 16,
0029     SEC_SM3_MAC        = 32,
0030     SEC_HMAC_SM3_MAC   = 32,
0031     SEC_HMAC_MD5_MAC   = 16,
0032     SEC_HMAC_SHA1_MAC   = 20,
0033     SEC_HMAC_SHA256_MAC = 32,
0034     SEC_HMAC_SHA512_MAC = 64,
0035 };
0036
0037 enum sec_cmode {
0038     SEC_CMODE_ECB    = 0x0,
0039     SEC_CMODE_CBC    = 0x1,
0040     SEC_CMODE_CFB    = 0x2,
0041     SEC_CMODE_OFB    = 0x3,
0042     SEC_CMODE_CTR    = 0x4,
0043     SEC_CMODE_CCM    = 0x5,
0044     SEC_CMODE_GCM    = 0x6,
0045     SEC_CMODE_XTS    = 0x7,
0046 };
0047
0048 enum sec_ckey_type {
0049     SEC_CKEY_128BIT = 0x0,
0050     SEC_CKEY_192BIT = 0x1,
0051     SEC_CKEY_256BIT = 0x2,
0052     SEC_CKEY_3DES_3KEY = 0x1,
0053     SEC_CKEY_3DES_2KEY = 0x3,
0054 };
0055
0056 enum sec_bd_type {
0057     SEC_BD_TYPE1 = 0x1,
0058     SEC_BD_TYPE2 = 0x2,
0059     SEC_BD_TYPE3 = 0x3,
0060 };
0061
0062 enum sec_auth {
0063     SEC_NO_AUTH = 0x0,
0064     SEC_AUTH_TYPE1 = 0x1,
0065     SEC_AUTH_TYPE2 = 0x2,
0066 };
0067
0068 enum sec_cipher_dir {
0069     SEC_CIPHER_ENC = 0x1,
0070     SEC_CIPHER_DEC = 0x2,
0071 };
0072
0073 enum sec_addr_type {
0074     SEC_PBUF = 0x0,
0075     SEC_SGL  = 0x1,
0076     SEC_PRP  = 0x2,
0077 };
0078
0079 struct bd_status {
0080     u64 tag;
0081     u8 done;
0082     u8 err_type;
0083     u16 flag;
0084     u16 icv;
0085 };
0086
0087 enum {
0088     AUTHPAD_PAD,
0089     AUTHPAD_NOPAD,
0090 };
0091
0092 enum {
0093     AIGEN_GEN,
0094     AIGEN_NOGEN,
0095 };
0096
0097 struct sec_sqe_type2 {
0098     /*
0099      * mac_len: 0~4 bits
0100      * a_key_len: 5~10 bits
0101      * a_alg: 11~16 bits
0102      */
0103     __le32 mac_key_alg;
0104
0105     /*
0106      * c_icv_len: 0~5 bits
0107      * c_width: 6~8 bits
0108      * c_key_len: 9~11 bits
0109      * c_mode: 12~15 bits
0110      */
0111     __le16 icvw_kmode;
0112
0113     /* c_alg: 0~3 bits */
0114     __u8 c_alg;
0115     __u8 rsvd4;
0116
0117     /*
0118      * a_len: 0~23 bits
0119      * iv_offset_l: 24~31 bits
0120      */
0121     __le32 alen_ivllen;
0122
0123     /*
0124      * c_len: 0~23 bits
0125      * iv_offset_h: 24~31 bits
0126      */
0127     __le32 clen_ivhlen;
0128
0129     __le16 auth_src_offset;
0130     __le16 cipher_src_offset;
0131     __le16 cs_ip_header_offset;
0132     __le16 cs_udp_header_offset;
0133     __le16 pass_word_len;
0134     __le16 dk_len;
0135     __u8 salt3;
0136     __u8 salt2;
0137     __u8 salt1;
0138     __u8 salt0;
0139
0140     __le16 tag;
0141     __le16 rsvd5;
0142
0143     /*
0144      * c_pad_type: 0~3 bits
0145      * c_pad_len: 4~11 bits
0146      * c_pad_data_type: 12~15 bits
0147      */
0148     __le16 cph_pad;
0149
0150     /* c_pad_len_field: 0~1 bits */
0151     __le16 c_pad_len_field;
0152
0153     __le64 long_a_data_len;
0154     __le64 a_ivin_addr;
0155     __le64 a_key_addr;
0156     __le64 mac_addr;
0157     __le64 c_ivin_addr;
0158     __le64 c_key_addr;
0159
0160     __le64 data_src_addr;
0161     __le64 data_dst_addr;
0162
0163     /*
0164      * done: 0 bit
0165      * icv: 1~3 bits
0166      * csc: 4~6 bits
0167      * flag: 7-10 bits
0168      * dif_check: 11~13 bits
0169      */
0170     __le16 done_flag;
0171
0172     __u8 error_type;
0173     __u8 warning_type;
0174     __u8 mac_i3;
0175     __u8 mac_i2;
0176     __u8 mac_i1;
0177     __u8 mac_i0;
0178     __le16 check_sum_i;
0179     __u8 tls_pad_len_i;
0180     __u8 rsvd12;
0181     __le32 counter;
0182 };
0183
0184 struct sec_sqe {
0185     /*
0186      * type:    0~3 bits
0187      * cipher:  4~5 bits
0188      * auth:    6~7 bit s
0189      */
0190     __u8 type_cipher_auth;
0191
0192     /*
0193      * seq: 0 bit
0194      * de:  1~2 bits
0195      * scene:   3~6 bits
0196      * src_addr_type: ~7 bit, with sdm_addr_type 0-1 bits
0197      */
0198     __u8 sds_sa_type;
0199
0200     /*
0201      * src_addr_type: 0~1 bits, not used now,
0202      * if support PRP, set this field, or set zero.
0203      * dst_addr_type: 2~4 bits
0204      * mac_addr_type: 5~7 bits
0205      */
0206     __u8 sdm_addr_type;
0207     __u8 rsvd0;
0208
0209     /*
0210      * nonce_len(type2): 0~3 bits
0211      * huk(type2): 4 bit
0212      * key_s(type2): 5 bit
0213      * ci_gen: 6~7 bits
0214      */
0215     __u8 huk_key_ci;
0216
0217     /*
0218      * ai_gen: 0~1 bits
0219      * a_pad(type2): 2~3 bits
0220      * c_s(type2): 4~5 bits
0221      */
0222     __u8 ai_apd_cs;
0223
0224     /*
0225      * rhf(type2): 0 bit
0226      * c_key_type: 1~2 bits
0227      * a_key_type: 3~4 bits
0228      * write_frame_len(type2): 5~7 bits
0229      */
0230     __u8 rca_key_frm;
0231
0232     /*
0233      * cal_iv_addr_en(type2): 0 bit
0234      * tls_up(type2): 1 bit
0235      * inveld: 7 bit
0236      */
0237     __u8 iv_tls_ld;
0238
0239     /* Just using type2 BD now */
0240     struct sec_sqe_type2 type2;
0241 };
0242
0243 struct bd3_auth_ivin {
0244     __le64 a_ivin_addr;
0245     __le32 rsvd0;
0246     __le32 rsvd1;
0247 } __packed __aligned(4);
0248
0249 struct bd3_skip_data {
0250     __le32 rsvd0;
0251
0252     /*
0253      * gran_num: 0~15 bits
0254      * reserved: 16~31 bits
0255      */
0256     __le32 gran_num;
0257
0258     /*
0259      * src_skip_data_len: 0~24 bits
0260      * reserved: 25~31 bits
0261      */
0262     __le32 src_skip_data_len;
0263
0264     /*
0265      * dst_skip_data_len: 0~24 bits
0266      * reserved: 25~31 bits
0267      */
0268     __le32 dst_skip_data_len;
0269 };
0270
0271 struct bd3_stream_scene {
0272     __le64 c_ivin_addr;
0273     __le64 long_a_data_len;
0274
0275     /*
0276      * auth_pad: 0~1 bits
0277      * stream_protocol: 2~4 bits
0278      * reserved: 5~7 bits
0279      */
0280     __u8 stream_auth_pad;
0281     __u8 plaintext_type;
0282     __le16 pad_len_1p3;
0283 } __packed __aligned(4);
0284
0285 struct bd3_no_scene {
0286     __le64 c_ivin_addr;
0287     __le32 rsvd0;
0288     __le32 rsvd1;
0289     __le32 rsvd2;
0290 } __packed __aligned(4);
0291
0292 struct bd3_check_sum {
0293     __u8 rsvd0;
0294     __u8 hac_sva_status;
0295     __le16 check_sum_i;
0296 };
0297
0298 struct bd3_tls_type_back {
0299     __u8 tls_1p3_type_back;
0300     __u8 hac_sva_status;
0301     __le16 pad_len_1p3_back;
0302 };
0303
0304 struct sec_sqe3 {
0305     /*
0306      * type: 0~3 bit
0307      * bd_invalid: 4 bit
0308      * scene: 5~8 bit
0309      * de: 9~10 bit
0310      * src_addr_type: 11~13 bit
0311      * dst_addr_type: 14~16 bit
0312      * mac_addr_type: 17~19 bit
0313      * reserved: 20~31 bits
0314      */
0315     __le32 bd_param;
0316
0317     /*
0318      * cipher: 0~1 bits
0319      * ci_gen: 2~3 bit
0320      * c_icv_len: 4~9 bit
0321      * c_width: 10~12 bits
0322      * c_key_len: 13~15 bits
0323      */
0324     __le16 c_icv_key;
0325
0326     /*
0327      * c_mode : 0~3 bits
0328      * c_alg : 4~7 bits
0329      */
0330     __u8 c_mode_alg;
0331
0332     /*
0333      * nonce_len : 0~3 bits
0334      * huk : 4 bits
0335      * cal_iv_addr_en : 5 bits
0336      * seq : 6 bits
0337      * reserved : 7 bits
0338      */
0339     __u8 huk_iv_seq;
0340
0341     __le64 tag;
0342     __le64 data_src_addr;
0343     __le64 a_key_addr;
0344     union {
0345         struct bd3_auth_ivin auth_ivin;
0346         struct bd3_skip_data skip_data;
0347     };
0348
0349     __le64 c_key_addr;
0350
0351     /*
0352      * auth: 0~1 bits
0353      * ai_gen: 2~3 bits
0354      * mac_len: 4~8 bits
0355      * akey_len: 9~14 bits
0356      * a_alg: 15~20 bits
0357      * key_sel: 21~24 bits
0358      * ctr_count_mode/sm4_xts: 25~26 bits
0359      * sva_prefetch: 27 bits
0360      * key_wrap_num: 28~30 bits
0361      * update_key: 31 bits
0362      */
0363     __le32 auth_mac_key;
0364     __le32 salt;
0365     __le16 auth_src_offset;
0366     __le16 cipher_src_offset;
0367
0368     /*
0369      * auth_len: 0~23 bit
0370      * auth_key_offset: 24~31 bits
0371      */
0372     __le32 a_len_key;
0373
0374     /*
0375      * cipher_len: 0~23 bit
0376      * auth_ivin_offset: 24~31 bits
0377      */
0378     __le32 c_len_ivin;
0379     __le64 data_dst_addr;
0380     __le64 mac_addr;
0381     union {
0382         struct bd3_stream_scene stream_scene;
0383         struct bd3_no_scene no_scene;
0384     };
0385
0386     /*
0387      * done: 0 bit
0388      * icv: 1~3 bit
0389      * csc: 4~6 bit
0390      * flag: 7~10 bit
0391      * reserved: 11~15 bit
0392      */
0393     __le16 done_flag;
0394     __u8 error_type;
0395     __u8 warning_type;
0396     union {
0397         __le32 mac_i;
0398         __le32 kek_key_addr_l;
0399     };
0400     union {
0401         __le32 kek_key_addr_h;
0402         struct bd3_check_sum check_sum;
0403         struct bd3_tls_type_back tls_type_back;
0404     };
0405     __le32 counter;
0406 } __packed __aligned(4);
0407
0408 int sec_register_to_crypto(struct hisi_qm *qm);
0409 void sec_unregister_from_crypto(struct hisi_qm *qm);
0410 #endif