1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* Copyright (c) 2019 HiSilicon Limited. */ 3 4 #ifndef __HISI_SEC_V2_CRYPTO_H 5 #define __HISI_SEC_V2_CRYPTO_H 6 7 #define SEC_AIV_SIZE 12 8 #define SEC_IV_SIZE 24 9 #define SEC_MAX_KEY_SIZE 64 10 #define SEC_MAX_AKEY_SIZE 128 11 #define SEC_COMM_SCENE 0 12 #define SEC_MIN_BLOCK_SZ 1 13 14 enum sec_calg { 15 SEC_CALG_3DES = 0x1, 16 SEC_CALG_AES = 0x2, 17 SEC_CALG_SM4 = 0x3, 18 }; 19 20 enum sec_hash_alg { 21 SEC_A_HMAC_SHA1 = 0x10, 22 SEC_A_HMAC_SHA256 = 0x11, 23 SEC_A_HMAC_SHA512 = 0x15, 24 }; 25 26 enum sec_mac_len { 27 SEC_HMAC_CCM_MAC = 16, 28 SEC_HMAC_GCM_MAC = 16, 29 SEC_SM3_MAC = 32, 30 SEC_HMAC_SM3_MAC = 32, 31 SEC_HMAC_MD5_MAC = 16, 32 SEC_HMAC_SHA1_MAC = 20, 33 SEC_HMAC_SHA256_MAC = 32, 34 SEC_HMAC_SHA512_MAC = 64, 35 }; 36 37 enum sec_cmode { 38 SEC_CMODE_ECB = 0x0, 39 SEC_CMODE_CBC = 0x1, 40 SEC_CMODE_CFB = 0x2, 41 SEC_CMODE_OFB = 0x3, 42 SEC_CMODE_CTR = 0x4, 43 SEC_CMODE_CCM = 0x5, 44 SEC_CMODE_GCM = 0x6, 45 SEC_CMODE_XTS = 0x7, 46 }; 47 48 enum sec_ckey_type { 49 SEC_CKEY_128BIT = 0x0, 50 SEC_CKEY_192BIT = 0x1, 51 SEC_CKEY_256BIT = 0x2, 52 SEC_CKEY_3DES_3KEY = 0x1, 53 SEC_CKEY_3DES_2KEY = 0x3, 54 }; 55 56 enum sec_bd_type { 57 SEC_BD_TYPE1 = 0x1, 58 SEC_BD_TYPE2 = 0x2, 59 SEC_BD_TYPE3 = 0x3, 60 }; 61 62 enum sec_auth { 63 SEC_NO_AUTH = 0x0, 64 SEC_AUTH_TYPE1 = 0x1, 65 SEC_AUTH_TYPE2 = 0x2, 66 }; 67 68 enum sec_cipher_dir { 69 SEC_CIPHER_ENC = 0x1, 70 SEC_CIPHER_DEC = 0x2, 71 }; 72 73 enum sec_addr_type { 74 SEC_PBUF = 0x0, 75 SEC_SGL = 0x1, 76 SEC_PRP = 0x2, 77 }; 78 79 struct bd_status { 80 u64 tag; 81 u8 done; 82 u8 err_type; 83 u16 flag; 84 u16 icv; 85 }; 86 87 enum { 88 AUTHPAD_PAD, 89 AUTHPAD_NOPAD, 90 }; 91 92 enum { 93 AIGEN_GEN, 94 AIGEN_NOGEN, 95 }; 96 97 struct sec_sqe_type2 { 98 /* 99 * mac_len: 0~4 bits 100 * a_key_len: 5~10 bits 101 * a_alg: 11~16 bits 102 */ 103 __le32 mac_key_alg; 104 105 /* 106 * c_icv_len: 0~5 bits 107 * c_width: 6~8 bits 108 * c_key_len: 9~11 bits 109 * c_mode: 12~15 bits 110 */ 111 __le16 icvw_kmode; 112 113 /* c_alg: 0~3 bits */ 114 __u8 c_alg; 115 __u8 rsvd4; 116 117 /* 118 * a_len: 0~23 bits 119 * iv_offset_l: 24~31 bits 120 */ 121 __le32 alen_ivllen; 122 123 /* 124 * c_len: 0~23 bits 125 * iv_offset_h: 24~31 bits 126 */ 127 __le32 clen_ivhlen; 128 129 __le16 auth_src_offset; 130 __le16 cipher_src_offset; 131 __le16 cs_ip_header_offset; 132 __le16 cs_udp_header_offset; 133 __le16 pass_word_len; 134 __le16 dk_len; 135 __u8 salt3; 136 __u8 salt2; 137 __u8 salt1; 138 __u8 salt0; 139 140 __le16 tag; 141 __le16 rsvd5; 142 143 /* 144 * c_pad_type: 0~3 bits 145 * c_pad_len: 4~11 bits 146 * c_pad_data_type: 12~15 bits 147 */ 148 __le16 cph_pad; 149 150 /* c_pad_len_field: 0~1 bits */ 151 __le16 c_pad_len_field; 152 153 __le64 long_a_data_len; 154 __le64 a_ivin_addr; 155 __le64 a_key_addr; 156 __le64 mac_addr; 157 __le64 c_ivin_addr; 158 __le64 c_key_addr; 159 160 __le64 data_src_addr; 161 __le64 data_dst_addr; 162 163 /* 164 * done: 0 bit 165 * icv: 1~3 bits 166 * csc: 4~6 bits 167 * flag: 7-10 bits 168 * dif_check: 11~13 bits 169 */ 170 __le16 done_flag; 171 172 __u8 error_type; 173 __u8 warning_type; 174 __u8 mac_i3; 175 __u8 mac_i2; 176 __u8 mac_i1; 177 __u8 mac_i0; 178 __le16 check_sum_i; 179 __u8 tls_pad_len_i; 180 __u8 rsvd12; 181 __le32 counter; 182 }; 183 184 struct sec_sqe { 185 /* 186 * type: 0~3 bits 187 * cipher: 4~5 bits 188 * auth: 6~7 bit s 189 */ 190 __u8 type_cipher_auth; 191 192 /* 193 * seq: 0 bit 194 * de: 1~2 bits 195 * scene: 3~6 bits 196 * src_addr_type: ~7 bit, with sdm_addr_type 0-1 bits 197 */ 198 __u8 sds_sa_type; 199 200 /* 201 * src_addr_type: 0~1 bits, not used now, 202 * if support PRP, set this field, or set zero. 203 * dst_addr_type: 2~4 bits 204 * mac_addr_type: 5~7 bits 205 */ 206 __u8 sdm_addr_type; 207 __u8 rsvd0; 208 209 /* 210 * nonce_len(type2): 0~3 bits 211 * huk(type2): 4 bit 212 * key_s(type2): 5 bit 213 * ci_gen: 6~7 bits 214 */ 215 __u8 huk_key_ci; 216 217 /* 218 * ai_gen: 0~1 bits 219 * a_pad(type2): 2~3 bits 220 * c_s(type2): 4~5 bits 221 */ 222 __u8 ai_apd_cs; 223 224 /* 225 * rhf(type2): 0 bit 226 * c_key_type: 1~2 bits 227 * a_key_type: 3~4 bits 228 * write_frame_len(type2): 5~7 bits 229 */ 230 __u8 rca_key_frm; 231 232 /* 233 * cal_iv_addr_en(type2): 0 bit 234 * tls_up(type2): 1 bit 235 * inveld: 7 bit 236 */ 237 __u8 iv_tls_ld; 238 239 /* Just using type2 BD now */ 240 struct sec_sqe_type2 type2; 241 }; 242 243 struct bd3_auth_ivin { 244 __le64 a_ivin_addr; 245 __le32 rsvd0; 246 __le32 rsvd1; 247 } __packed __aligned(4); 248 249 struct bd3_skip_data { 250 __le32 rsvd0; 251 252 /* 253 * gran_num: 0~15 bits 254 * reserved: 16~31 bits 255 */ 256 __le32 gran_num; 257 258 /* 259 * src_skip_data_len: 0~24 bits 260 * reserved: 25~31 bits 261 */ 262 __le32 src_skip_data_len; 263 264 /* 265 * dst_skip_data_len: 0~24 bits 266 * reserved: 25~31 bits 267 */ 268 __le32 dst_skip_data_len; 269 }; 270 271 struct bd3_stream_scene { 272 __le64 c_ivin_addr; 273 __le64 long_a_data_len; 274 275 /* 276 * auth_pad: 0~1 bits 277 * stream_protocol: 2~4 bits 278 * reserved: 5~7 bits 279 */ 280 __u8 stream_auth_pad; 281 __u8 plaintext_type; 282 __le16 pad_len_1p3; 283 } __packed __aligned(4); 284 285 struct bd3_no_scene { 286 __le64 c_ivin_addr; 287 __le32 rsvd0; 288 __le32 rsvd1; 289 __le32 rsvd2; 290 } __packed __aligned(4); 291 292 struct bd3_check_sum { 293 __u8 rsvd0; 294 __u8 hac_sva_status; 295 __le16 check_sum_i; 296 }; 297 298 struct bd3_tls_type_back { 299 __u8 tls_1p3_type_back; 300 __u8 hac_sva_status; 301 __le16 pad_len_1p3_back; 302 }; 303 304 struct sec_sqe3 { 305 /* 306 * type: 0~3 bit 307 * bd_invalid: 4 bit 308 * scene: 5~8 bit 309 * de: 9~10 bit 310 * src_addr_type: 11~13 bit 311 * dst_addr_type: 14~16 bit 312 * mac_addr_type: 17~19 bit 313 * reserved: 20~31 bits 314 */ 315 __le32 bd_param; 316 317 /* 318 * cipher: 0~1 bits 319 * ci_gen: 2~3 bit 320 * c_icv_len: 4~9 bit 321 * c_width: 10~12 bits 322 * c_key_len: 13~15 bits 323 */ 324 __le16 c_icv_key; 325 326 /* 327 * c_mode : 0~3 bits 328 * c_alg : 4~7 bits 329 */ 330 __u8 c_mode_alg; 331 332 /* 333 * nonce_len : 0~3 bits 334 * huk : 4 bits 335 * cal_iv_addr_en : 5 bits 336 * seq : 6 bits 337 * reserved : 7 bits 338 */ 339 __u8 huk_iv_seq; 340 341 __le64 tag; 342 __le64 data_src_addr; 343 __le64 a_key_addr; 344 union { 345 struct bd3_auth_ivin auth_ivin; 346 struct bd3_skip_data skip_data; 347 }; 348 349 __le64 c_key_addr; 350 351 /* 352 * auth: 0~1 bits 353 * ai_gen: 2~3 bits 354 * mac_len: 4~8 bits 355 * akey_len: 9~14 bits 356 * a_alg: 15~20 bits 357 * key_sel: 21~24 bits 358 * updata_key: 25 bits 359 * reserved: 26~31 bits 360 */ 361 __le32 auth_mac_key; 362 __le32 salt; 363 __le16 auth_src_offset; 364 __le16 cipher_src_offset; 365 366 /* 367 * auth_len: 0~23 bit 368 * auth_key_offset: 24~31 bits 369 */ 370 __le32 a_len_key; 371 372 /* 373 * cipher_len: 0~23 bit 374 * auth_ivin_offset: 24~31 bits 375 */ 376 __le32 c_len_ivin; 377 __le64 data_dst_addr; 378 __le64 mac_addr; 379 union { 380 struct bd3_stream_scene stream_scene; 381 struct bd3_no_scene no_scene; 382 }; 383 384 /* 385 * done: 0 bit 386 * icv: 1~3 bit 387 * csc: 4~6 bit 388 * flag: 7~10 bit 389 * reserved: 11~15 bit 390 */ 391 __le16 done_flag; 392 __u8 error_type; 393 __u8 warning_type; 394 union { 395 __le32 mac_i; 396 __le32 kek_key_addr_l; 397 }; 398 union { 399 __le32 kek_key_addr_h; 400 struct bd3_check_sum check_sum; 401 struct bd3_tls_type_back tls_type_back; 402 }; 403 __le32 counter; 404 } __packed __aligned(4); 405 406 int sec_register_to_crypto(struct hisi_qm *qm); 407 void sec_unregister_from_crypto(struct hisi_qm *qm); 408 #endif 409