1 /* 2 * Copyright (C) 2022 Huawei Technologies Co., Ltd. 3 * Licensed under the Mulan PSL v2. 4 * You can use this software according to the terms and conditions of the Mulan PSL v2. 5 * You may obtain a copy of Mulan PSL v2 at: 6 * http://license.coscl.org.cn/MulanPSL2 7 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR 8 * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR 9 * PURPOSE. 10 * See the Mulan PSL v2 for more details. 11 */ 12 #ifndef CRYPTO_DRIVER_ADAPTOR_H 13 #define CRYPTO_DRIVER_ADAPTOR_H 14 15 #include <stdio.h> 16 #include <stdint.h> 17 #include <stdbool.h> 18 19 #define ENC_MODE 0x00 20 #define DEC_MODE 0x01 21 #define SIGN_MODE 0x02 22 #define VERIFY_MODE 0x03 23 #define DH_PKCS3_MODE 0x1 24 #define RSA_EXPONENT_LEN 4 25 #define RSA_MAX_KEY_SIZE 512 26 #define RSA_MAX_KEY_SIZE_CRT (RSA_MAX_KEY_SIZE / 2) 27 #define ECC_KEY_LEN 68 28 #define DRIVER_PADDING 0x00000001 29 #define DRIVER_CACHE 0x00000002 30 #define AES_MAC_LEN 16 31 #define CIPHER_CACHE_LEN 16 32 33 enum crypto_engine { 34 DX_CRYPTO_FLAG, 35 EPS_CRYPTO_FLAG, 36 SOFT_CRYPTO_FLAG, 37 SEC_CRYPTO_FLAG, 38 CRYPTO_ENGINE_MAX_FLAG, 39 }; 40 41 enum crypto_err { 42 CRYPTO_NOT_SUPPORTED = -1, 43 CRYPTO_CIPHERTEXT_INVALID = -2, 44 CRYPTO_BAD_FORMAT = -3, 45 CRYPTO_BAD_PARAMETERS = -4, 46 CRYPTO_BAD_STATE = -5, 47 CRYPTO_SHORT_BUFFER = -6, 48 CRYPTO_OVERFLOW = -7, 49 CRYPTO_MAC_INVALID = -8, 50 CRYPTO_SIGNATURE_INVALID = -9, 51 CRYPTO_ERROR_SECURITY = -10, 52 CRYPTO_ERROR_OUT_OF_MEMORY = -11, 53 CRYPTO_SUCCESS = 0, 54 }; 55 56 enum crypto_alg_type { 57 CRYPTO_TYPE_AES_ECB_NOPAD = 0x10000010, 58 CRYPTO_TYPE_AES_CBC_NOPAD = 0x10000110, 59 CRYPTO_TYPE_AES_ECB_PKCS5 = 0x10000020, 60 CRYPTO_TYPE_AES_CBC_PKCS5 = 0x10000220, 61 CRYPTO_TYPE_AES_CTR = 0x10000210, 62 CRYPTO_TYPE_AES_CTS = 0x10000310, 63 CRYPTO_TYPE_AES_XTS = 0x10000410, 64 CRYPTO_TYPE_AES_OFB = 0x10000510, 65 CRYPTO_TYPE_SM4_ECB = 0x10000014, 66 CRYPTO_TYPE_SM4_CBC = 0x10000114, 67 CRYPTO_TYPE_SM4_CBC_PKCS7 = 0xF0000003, 68 CRYPTO_TYPE_SM4_CTR = 0x10000214, 69 CRYPTO_TYPE_SM4_CFB128 = 0xF0000000, 70 CRYPTO_TYPE_SM4_GCM = 0xF0000005, 71 CRYPTO_TYPE_SM4_XTS = 0x10000414, 72 CRYPTO_TYPE_SM4_OFB = 0x10000514, 73 CRYPTO_TYPE_DES_ECB_NOPAD = 0x10000011, 74 CRYPTO_TYPE_DES_CBC_NOPAD = 0x10000111, 75 CRYPTO_TYPE_DES3_ECB_NOPAD = 0x10000013, 76 CRYPTO_TYPE_DES3_CBC_NOPAD = 0x10000113, 77 CRYPTO_TYPE_HMAC_MD5 = 0x30000001, 78 CRYPTO_TYPE_HMAC_SHA1 = 0x30000002, 79 CRYPTO_TYPE_HMAC_SHA224 = 0x30000003, 80 CRYPTO_TYPE_HMAC_SHA256 = 0x30000004, 81 CRYPTO_TYPE_HMAC_SHA384 = 0x30000005, 82 CRYPTO_TYPE_HMAC_SHA512 = 0x30000006, 83 CRYPTO_TYPE_HMAC_SM3 = 0x30000007, 84 CRYPTO_TYPE_AES_CMAC = 0x30000610, 85 CRYPTO_TYPE_AES_CBC_MAC_NOPAD = 0x30000110, 86 CRYPTO_TYPE_AES_CBC_MAC_PKCS5 = 0x30000510, 87 CRYPTO_TYPE_AES_GMAC = 0x30000810, 88 CRYPTO_TYPE_DES_CBC_MAC_NOPAD = 0x30000111, 89 CRYPTO_TYPE_DES3_CBC_MAC_NOPAD = 0x30000113, 90 CRYPTO_TYPE_AES_CCM = 0x40000710, 91 CRYPTO_TYPE_AES_GCM = 0x40000810, 92 CRYPTO_TYPE_DIGEST_MD5 = 0x50000001, 93 CRYPTO_TYPE_DIGEST_SHA1 = 0x50000002, 94 CRYPTO_TYPE_DIGEST_SHA224 = 0x50000003, 95 CRYPTO_TYPE_DIGEST_SHA256 = 0x50000004, 96 CRYPTO_TYPE_DIGEST_SHA384 = 0x50000005, 97 CRYPTO_TYPE_DIGEST_SHA512 = 0x50000006, 98 CRYPTO_TYPE_DIGEST_SM3 = 0x50000007, 99 CRYPTO_TYPE_RSAES_PKCS1_V1_5 = 0x60000130, 100 CRYPTO_TYPE_RSAES_PKCS1_OAEP_MGF1_SHA1 = 0x60210230, 101 CRYPTO_TYPE_RSAES_PKCS1_OAEP_MGF1_SHA224 = 0x60211230, 102 CRYPTO_TYPE_RSAES_PKCS1_OAEP_MGF1_SHA256 = 0x60212230, 103 CRYPTO_TYPE_RSAES_PKCS1_OAEP_MGF1_SHA384 = 0x60213230, 104 CRYPTO_TYPE_RSAES_PKCS1_OAEP_MGF1_SHA512 = 0x60214230, 105 CRYPTO_TYPE_RSA_NO_PAD = 0x60000030, 106 CRYPTO_TYPE_SM2_KEP = 0x60000045, 107 CRYPTO_TYPE_SM2_DSA_SM3 = 0x70006045, 108 CRYPTO_TYPE_RSASSA_PKCS1_V1_5_MD5 = 0x70001830, 109 CRYPTO_TYPE_RSASSA_PKCS1_V1_5_SHA1 = 0x70002830, 110 CRYPTO_TYPE_RSASSA_PKCS1_V1_5_SHA224 = 0x70003830, 111 CRYPTO_TYPE_RSASSA_PKCS1_V1_5_SHA256 = 0x70004830, 112 CRYPTO_TYPE_RSASSA_PKCS1_V1_5_SHA384 = 0x70005830, 113 CRYPTO_TYPE_RSASSA_PKCS1_V1_5_SHA512 = 0x70006830, 114 CRYPTO_TYPE_RSASSA_PKCS1_PSS_MGF1_MD5 = 0x70111930, 115 CRYPTO_TYPE_RSASSA_PKCS1_PSS_MGF1_SHA1 = 0x70212930, 116 CRYPTO_TYPE_RSASSA_PKCS1_PSS_MGF1_SHA224 = 0x70313930, 117 CRYPTO_TYPE_RSASSA_PKCS1_PSS_MGF1_SHA256 = 0x70414930, 118 CRYPTO_TYPE_RSASSA_PKCS1_PSS_MGF1_SHA384 = 0x70515930, 119 CRYPTO_TYPE_RSASSA_PKCS1_PSS_MGF1_SHA512 = 0x70616930, 120 CRYPTO_TYPE_ECDSA_SHA1 = 0x70001042, 121 CRYPTO_TYPE_ECDSA_SHA224 = 0x70002042, 122 CRYPTO_TYPE_ECDSA_SHA256 = 0x70003042, 123 CRYPTO_TYPE_ECDSA_SHA384 = 0x70004042, 124 CRYPTO_TYPE_ECDSA_SHA521 = 0x70005042, 125 CRYPTO_TYPE_ED25519 = 0x70005043, 126 CRYPTO_TYPE_DH_DERIVE_SECRET = 0x80000032, 127 CRYPTO_TYPE_ECDH_DERIVE_SECRET = 0x80000042, 128 CRYPTO_TYPE_X25519 = 0x80000044, 129 CRYPTO_TYPE_SM2_PKE = 0x80000045, 130 CRYPTO_TYPE_GENERATE_RANDOM = 0xf0000001, 131 #ifndef MBEDTLS_ENABLE 132 CRYPTO_TYPE_SIP_HASH = 0xF0000002, 133 #endif 134 }; 135 136 enum crypto_curve_type { 137 ECC_CURVE_NIST_P192 = 0x1, 138 ECC_CURVE_NIST_P224 = 0x2, 139 ECC_CURVE_NIST_P256 = 0x3, 140 ECC_CURVE_NIST_P384 = 0x4, 141 ECC_CURVE_NIST_P521 = 0x5, 142 ECC_CURVE_X25519 = 0x6, 143 ECC_CURVE_ED25519 = 0x7, 144 ECC_CURVE_SM2 = 0x8, 145 }; 146 147 enum crypto_attribute_id { 148 CRYPTO_ATTR_RSA_OAEP_LABEL = 0xD0000930, 149 CRYPTO_ATTR_RSA_MGF1_HASH = 0xF0000830, 150 CRYPTO_ATTR_RSA_PSS_SALT_LENGTH = 0xF0000A30, 151 CRYPTO_ATTR_ED25519_PH = 0xF0000543, 152 CRYPTO_ATTR_ED25519_CTX = 0xD0000643, 153 CRYPTO_ATTR_DH_PUBLIC_VALUE = 0xD0000132, 154 CRYPTO_ATTR_ECC_PUBLIC_VALUE_X = 0xD0000141, 155 CRYPTO_ATTR_ECC_PUBLIC_VALUE_Y = 0xD0000241, 156 CRYPTO_ATTR_X25519_PUBLIC_VALUE = 0xD0000944, 157 CRYPTO_ATTR_SM2_KEP_USER = 0x30010005, 158 CRYPTO_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X = 0x30000006, 159 CRYPTO_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y = 0x30000007, 160 CRYPTO_ATTR_SM2_ID_INITIATOR = 0x30000008, 161 CRYPTO_ATTR_SM2_ID_RESPONDER = 0x30000009, 162 CRYPTO_ATTR_SM2_KEP_CONFIRMATION_IN = 0x3000000a, 163 CRYPTO_ATTR_SM2_KEP_CONFIRMATION_OUT = 0x3000000b, 164 }; 165 166 enum key_type_t { 167 CRYPTO_KEYTYPE_DEFAULT = 0x0, 168 CRYPTO_KEYTYPE_USER = 0x1, 169 CRYPTO_KEYTYPE_HUK = 0x2, 170 CRYPTO_KEYTYPE_GID = 0x3, 171 CRYPTO_KEYTYPE_RPMB = 0x4, 172 }; 173 174 enum crypto_key_type_id { 175 CRYPTO_KEY_TYPE_RSA_KEYPAIR = 0xA1000030, 176 CRYPTO_KEY_TYPE_DH_KEYPAIR = 0xA1000032, 177 CRYPTO_KEY_TYPE_ECDSA_KEYPAIR = 0xA1000041, 178 CRYPTO_KEY_TYPE_ECDH_KEYPAIR = 0xA1000042, 179 CRYPTO_KEY_TYPE_ED25519_KEYPAIR = 0xA1000043, 180 CRYPTO_KEY_TYPE_X25519_KEYPAIR = 0xA1000044, 181 CRYPTO_KEY_TYPE_SM2_DSA_KEYPAIR = 0xA1000045, 182 CRYPTO_KEY_TYPE_SM2_PKE_KEYPAIR = 0xA1000047, 183 }; 184 185 struct ctx_handle_t { 186 uint64_t ctx_buffer; 187 uint32_t ctx_size; 188 uint32_t engine; 189 uint32_t alg_type; 190 uint32_t direction; 191 bool is_support_ae_update; 192 uint64_t cache_buffer; 193 uint8_t cbc_mac_buffer[AES_MAC_LEN]; 194 uint32_t tag_len; 195 uint8_t cipher_cache_data[CIPHER_CACHE_LEN]; 196 uint32_t cipher_cache_len; 197 void (*free_context)(uint64_t *); 198 uint64_t aad_cache; 199 uint32_t aad_size; 200 uint32_t driver_ability; 201 uint64_t fd; 202 }; 203 204 struct drv_memref_t { 205 uint64_t buffer; 206 uint32_t size; 207 bool need_copy; 208 }; 209 210 struct memref_t { 211 uint64_t buffer; 212 uint32_t size; 213 }; 214 215 struct symmerit_key_t { 216 uint32_t key_type; 217 uint64_t key_buffer; 218 uint32_t key_size; 219 }; 220 221 struct ae_init_data { 222 uint64_t nonce; 223 uint32_t nonce_len; 224 uint32_t tag_len; 225 uint32_t aad_len; 226 uint32_t payload_len; 227 }; 228 229 struct rsa_pub_key_t { 230 uint8_t e[RSA_EXPONENT_LEN]; 231 uint32_t e_len; 232 uint8_t n[RSA_MAX_KEY_SIZE]; 233 uint32_t n_len; 234 }; 235 236 struct rsa_priv_key_t { 237 bool crt_mode; 238 uint8_t e[RSA_EXPONENT_LEN]; 239 uint32_t e_len; 240 uint8_t n[RSA_MAX_KEY_SIZE]; 241 uint32_t n_len; 242 uint8_t d[RSA_MAX_KEY_SIZE]; 243 uint32_t d_len; 244 uint8_t p[RSA_MAX_KEY_SIZE_CRT]; 245 uint32_t p_len; 246 uint8_t q[RSA_MAX_KEY_SIZE_CRT]; 247 uint32_t q_len; 248 uint8_t dp[RSA_MAX_KEY_SIZE_CRT]; 249 uint32_t dp_len; 250 uint8_t dq[RSA_MAX_KEY_SIZE_CRT]; 251 uint32_t dq_len; 252 uint8_t qinv[RSA_MAX_KEY_SIZE_CRT]; 253 uint32_t qinv_len; 254 }; 255 256 struct crypto_attribute_t { 257 uint32_t attribute_id; 258 union { 259 struct { 260 uint64_t buffer; 261 uint32_t length; 262 } ref; 263 struct { 264 uint32_t a; 265 uint32_t b; 266 } value; 267 } content; 268 }; 269 270 struct asymmetric_params_t { 271 uint32_t param_count; 272 uint64_t attribute; 273 }; 274 275 struct ecc_pub_key_t { 276 uint32_t domain_id; 277 uint8_t x[ECC_KEY_LEN]; 278 uint32_t x_len; 279 uint8_t y[ECC_KEY_LEN]; 280 uint32_t y_len; 281 }; 282 283 struct ecc_priv_key_t { 284 uint32_t domain_id; 285 uint8_t r[ECC_KEY_LEN]; 286 uint32_t r_len; 287 }; 288 289 struct dh_key_t { 290 uint64_t prime; 291 uint32_t prime_size; 292 uint64_t generator; 293 uint32_t generator_size; 294 union { 295 struct { 296 uint64_t q; 297 uint32_t q_size; 298 uint32_t l; 299 uint32_t dh_mode; 300 } generate_key_t; 301 struct { 302 uint64_t pub_key; 303 uint32_t pub_key_size; 304 uint64_t priv_key; 305 uint32_t priv_key_size; 306 } derive_key_t; 307 } dh_param; 308 }; 309 310 struct crypto_ops_t { 311 int32_t (*power_on)(void); 312 int32_t (*power_off)(void); 313 int32_t (*get_ctx_size)(uint32_t alg_type); 314 int32_t (*ctx_copy)(uint32_t alg_type, const void *src_ctx, uint32_t src_size, void *dest_ctx, uint32_t dest_size); 315 int32_t (*get_driver_ability)(void); 316 int32_t (*hash_init)(void *ctx, uint32_t alg_type); 317 int32_t (*hash_update)(void *ctx, const struct memref_t *data_in); 318 int32_t (*hash_dofinal)(void *ctx, const struct memref_t *data_in, struct memref_t *data_out); 319 int32_t (*hash)(uint32_t alg_type, const struct memref_t *data_in, struct memref_t *data_out); 320 int32_t (*hmac_init)(uint32_t alg_type, void *ctx, const struct symmerit_key_t *key); 321 int32_t (*hmac_update)(void *ctx, const struct memref_t *data_in); 322 int32_t (*hmac_dofinal)(void *ctx, const struct memref_t *data_in, struct memref_t *data_out); 323 int32_t (*hmac)(uint32_t alg_type, const struct symmerit_key_t *key, 324 const struct memref_t *data_in, struct memref_t *data_out); 325 int32_t (*cipher_init)(uint32_t alg_type, void *ctx, uint32_t direction, 326 const struct symmerit_key_t *key, const struct memref_t *iv); 327 int32_t (*cipher_update)(void *ctx, const struct memref_t *data_in, struct memref_t *data_out); 328 int32_t (*cipher_dofinal)(void *ctx, const struct memref_t *data_in, struct memref_t *data_out); 329 int32_t (*cipher)(uint32_t alg_type, uint32_t direction, const struct symmerit_key_t *key, 330 const struct memref_t *iv, const struct memref_t *data_in, struct memref_t *data_out); 331 int32_t (*ae_init)(uint32_t alg_type, void *ctx, uint32_t direction, 332 const struct symmerit_key_t *key, const struct ae_init_data *ae_init_param); 333 int32_t (*ae_update_aad)(void *ctx, const struct memref_t *aad_data); 334 int32_t (*ae_update)(void *ctx, const struct memref_t *data_in, struct memref_t *data_out); 335 int32_t (*ae_enc_final)(void *ctx, const struct memref_t *data_in, 336 struct memref_t *data_out, struct memref_t *tag_out); 337 int32_t (*ae_dec_final)(void *ctx, const struct memref_t *data_in, const struct memref_t *tag_in, 338 struct memref_t *data_out); 339 int32_t (*rsa_generate_keypair)(uint32_t key_size, const struct memref_t *e_value, bool crt_mode, 340 struct rsa_priv_key_t *key_pair); 341 int32_t (*rsa_encrypt)(uint32_t alg_type, const struct rsa_pub_key_t *public_key, 342 const struct asymmetric_params_t *rsa_params, 343 const struct memref_t *data_in, struct memref_t *data_out); 344 int32_t (*rsa_decrypt)(uint32_t alg_type, const struct rsa_priv_key_t *private_key, 345 const struct asymmetric_params_t *rsa_params, 346 const struct memref_t *data_in, struct memref_t *data_out); 347 int32_t (*rsa_sign_digest)(uint32_t alg_type, const struct rsa_priv_key_t *private_key, 348 const struct asymmetric_params_t *rsa_params, 349 const struct memref_t *digest, struct memref_t *signature); 350 int32_t (*rsa_verify_digest)(uint32_t alg_type, const struct rsa_pub_key_t *public_key, 351 const struct asymmetric_params_t *rsa_params, 352 const struct memref_t *digest, const struct memref_t *signature); 353 int32_t (*ecc_generate_keypair)(uint32_t keysize, uint32_t curve, 354 struct ecc_pub_key_t *public_key, struct ecc_priv_key_t *private_key); 355 int32_t (*ecc_encrypt)(uint32_t alg_type, const struct ecc_pub_key_t *public_key, 356 const struct asymmetric_params_t *ec_params, 357 const struct memref_t *data_in, struct memref_t *data_out); 358 int32_t (*ecc_decrypt)(uint32_t alg_type, const struct ecc_priv_key_t *private_key, 359 const struct asymmetric_params_t *ec_params, 360 const struct memref_t *data_in, struct memref_t *data_out); 361 int32_t (*ecc_sign_digest)(uint32_t alg_type, const struct ecc_priv_key_t *private_key, 362 const struct asymmetric_params_t *ec_params, 363 const struct memref_t *digest, struct memref_t *signature); 364 int32_t (*ecc_verify_digest)(uint32_t alg_type, const struct ecc_pub_key_t *public_key, 365 const struct asymmetric_params_t *ec_params, 366 const struct memref_t *digest, const struct memref_t *signature); 367 int32_t (*ecdh_derive_key)(uint32_t alg_type, 368 const struct ecc_pub_key_t *client_key, const struct ecc_priv_key_t *server_key, 369 const struct asymmetric_params_t *ec_params, struct memref_t *secret); 370 int32_t (*dh_generate_key)(const struct dh_key_t *dh_generate_key_data, 371 struct memref_t *pub_key, struct memref_t *priv_key); 372 int32_t (*dh_derive_key)(const struct dh_key_t *dh_derive_key_data, struct memref_t *secret); 373 int32_t (*generate_random)(void *buffer, size_t size); 374 int32_t (*get_entropy)(void *buffer, size_t size); 375 int32_t (*derive_root_key)(uint32_t derive_type, const struct memref_t *data_in, 376 struct memref_t *data_out); 377 int32_t (*pbkdf2)(const struct memref_t *password, const struct memref_t *salt, uint32_t iterations, 378 uint32_t digest_type, struct memref_t *data_out); 379 }; 380 381 #endif 382