1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* Copyright (c) 2019 HiSilicon Limited. */ 3 4 #ifndef __HISI_SEC_V2_CRYPTO_H 5 #define __HISI_SEC_V2_CRYPTO_H 6 7 #define SEC_AIV_SIZE 12 8 #define SEC_IV_SIZE 24 9 #define SEC_MAX_KEY_SIZE 64 10 #define SEC_MAX_AKEY_SIZE 128 11 #define SEC_COMM_SCENE 0 12 #define SEC_MIN_BLOCK_SZ 1 13 14 enum sec_calg { 15 SEC_CALG_3DES = 0x1, 16 SEC_CALG_AES = 0x2, 17 SEC_CALG_SM4 = 0x3, 18 }; 19 20 enum sec_hash_alg { 21 SEC_A_HMAC_SHA1 = 0x10, 22 SEC_A_HMAC_SHA256 = 0x11, 23 SEC_A_HMAC_SHA512 = 0x15, 24 }; 25 26 enum sec_mac_len { 27 SEC_HMAC_CCM_MAC = 16, 28 SEC_HMAC_GCM_MAC = 16, 29 SEC_SM3_MAC = 32, 30 SEC_HMAC_SM3_MAC = 32, 31 SEC_HMAC_MD5_MAC = 16, 32 SEC_HMAC_SHA1_MAC = 20, 33 SEC_HMAC_SHA256_MAC = 32, 34 SEC_HMAC_SHA512_MAC = 64, 35 }; 36 37 enum sec_cmode { 38 SEC_CMODE_ECB = 0x0, 39 SEC_CMODE_CBC = 0x1, 40 SEC_CMODE_CTR = 0x4, 41 SEC_CMODE_CCM = 0x5, 42 SEC_CMODE_GCM = 0x6, 43 SEC_CMODE_XTS = 0x7, 44 }; 45 46 enum sec_ckey_type { 47 SEC_CKEY_128BIT = 0x0, 48 SEC_CKEY_192BIT = 0x1, 49 SEC_CKEY_256BIT = 0x2, 50 SEC_CKEY_3DES_3KEY = 0x1, 51 SEC_CKEY_3DES_2KEY = 0x3, 52 }; 53 54 enum sec_bd_type { 55 SEC_BD_TYPE1 = 0x1, 56 SEC_BD_TYPE2 = 0x2, 57 SEC_BD_TYPE3 = 0x3, 58 }; 59 60 enum sec_auth { 61 SEC_NO_AUTH = 0x0, 62 SEC_AUTH_TYPE1 = 0x1, 63 SEC_AUTH_TYPE2 = 0x2, 64 }; 65 66 enum sec_cipher_dir { 67 SEC_CIPHER_ENC = 0x1, 68 SEC_CIPHER_DEC = 0x2, 69 }; 70 71 enum sec_addr_type { 72 SEC_PBUF = 0x0, 73 SEC_SGL = 0x1, 74 SEC_PRP = 0x2, 75 }; 76 77 struct bd_status { 78 u64 tag; 79 u8 done; 80 u8 err_type; 81 u16 flag; 82 u16 icv; 83 }; 84 85 enum { 86 AUTHPAD_PAD, 87 AUTHPAD_NOPAD, 88 }; 89 90 enum { 91 AIGEN_GEN, 92 AIGEN_NOGEN, 93 }; 94 95 struct sec_sqe_type2 { 96 /* 97 * mac_len: 0~4 bits 98 * a_key_len: 5~10 bits 99 * a_alg: 11~16 bits 100 */ 101 __le32 mac_key_alg; 102 103 /* 104 * c_icv_len: 0~5 bits 105 * c_width: 6~8 bits 106 * c_key_len: 9~11 bits 107 * c_mode: 12~15 bits 108 */ 109 __le16 icvw_kmode; 110 111 /* c_alg: 0~3 bits */ 112 __u8 c_alg; 113 __u8 rsvd4; 114 115 /* 116 * a_len: 0~23 bits 117 * iv_offset_l: 24~31 bits 118 */ 119 __le32 alen_ivllen; 120 121 /* 122 * c_len: 0~23 bits 123 * iv_offset_h: 24~31 bits 124 */ 125 __le32 clen_ivhlen; 126 127 __le16 auth_src_offset; 128 __le16 cipher_src_offset; 129 __le16 cs_ip_header_offset; 130 __le16 cs_udp_header_offset; 131 __le16 pass_word_len; 132 __le16 dk_len; 133 __u8 salt3; 134 __u8 salt2; 135 __u8 salt1; 136 __u8 salt0; 137 138 __le16 tag; 139 __le16 rsvd5; 140 141 /* 142 * c_pad_type: 0~3 bits 143 * c_pad_len: 4~11 bits 144 * c_pad_data_type: 12~15 bits 145 */ 146 __le16 cph_pad; 147 148 /* c_pad_len_field: 0~1 bits */ 149 __le16 c_pad_len_field; 150 151 __le64 long_a_data_len; 152 __le64 a_ivin_addr; 153 __le64 a_key_addr; 154 __le64 mac_addr; 155 __le64 c_ivin_addr; 156 __le64 c_key_addr; 157 158 __le64 data_src_addr; 159 __le64 data_dst_addr; 160 161 /* 162 * done: 0 bit 163 * icv: 1~3 bits 164 * csc: 4~6 bits 165 * flag: 7-10 bits 166 * dif_check: 11~13 bits 167 */ 168 __le16 done_flag; 169 170 __u8 error_type; 171 __u8 warning_type; 172 __u8 mac_i3; 173 __u8 mac_i2; 174 __u8 mac_i1; 175 __u8 mac_i0; 176 __le16 check_sum_i; 177 __u8 tls_pad_len_i; 178 __u8 rsvd12; 179 __le32 counter; 180 }; 181 182 struct sec_sqe { 183 /* 184 * type: 0~3 bits 185 * cipher: 4~5 bits 186 * auth: 6~7 bit s 187 */ 188 __u8 type_cipher_auth; 189 190 /* 191 * seq: 0 bit 192 * de: 1~2 bits 193 * scene: 3~6 bits 194 * src_addr_type: ~7 bit, with sdm_addr_type 0-1 bits 195 */ 196 __u8 sds_sa_type; 197 198 /* 199 * src_addr_type: 0~1 bits, not used now, 200 * if support PRP, set this field, or set zero. 201 * dst_addr_type: 2~4 bits 202 * mac_addr_type: 5~7 bits 203 */ 204 __u8 sdm_addr_type; 205 __u8 rsvd0; 206 207 /* 208 * nonce_len(type2): 0~3 bits 209 * huk(type2): 4 bit 210 * key_s(type2): 5 bit 211 * ci_gen: 6~7 bits 212 */ 213 __u8 huk_key_ci; 214 215 /* 216 * ai_gen: 0~1 bits 217 * a_pad(type2): 2~3 bits 218 * c_s(type2): 4~5 bits 219 */ 220 __u8 ai_apd_cs; 221 222 /* 223 * rhf(type2): 0 bit 224 * c_key_type: 1~2 bits 225 * a_key_type: 3~4 bits 226 * write_frame_len(type2): 5~7 bits 227 */ 228 __u8 rca_key_frm; 229 230 /* 231 * cal_iv_addr_en(type2): 0 bit 232 * tls_up(type2): 1 bit 233 * inveld: 7 bit 234 */ 235 __u8 iv_tls_ld; 236 237 /* Just using type2 BD now */ 238 struct sec_sqe_type2 type2; 239 }; 240 241 struct bd3_auth_ivin { 242 __le64 a_ivin_addr; 243 __le32 rsvd0; 244 __le32 rsvd1; 245 } __packed __aligned(4); 246 247 struct bd3_skip_data { 248 __le32 rsvd0; 249 250 /* 251 * gran_num: 0~15 bits 252 * reserved: 16~31 bits 253 */ 254 __le32 gran_num; 255 256 /* 257 * src_skip_data_len: 0~24 bits 258 * reserved: 25~31 bits 259 */ 260 __le32 src_skip_data_len; 261 262 /* 263 * dst_skip_data_len: 0~24 bits 264 * reserved: 25~31 bits 265 */ 266 __le32 dst_skip_data_len; 267 }; 268 269 struct bd3_stream_scene { 270 __le64 c_ivin_addr; 271 __le64 long_a_data_len; 272 273 /* 274 * auth_pad: 0~1 bits 275 * stream_protocol: 2~4 bits 276 * reserved: 5~7 bits 277 */ 278 __u8 stream_auth_pad; 279 __u8 plaintext_type; 280 __le16 pad_len_1p3; 281 } __packed __aligned(4); 282 283 struct bd3_no_scene { 284 __le64 c_ivin_addr; 285 __le32 rsvd0; 286 __le32 rsvd1; 287 __le32 rsvd2; 288 } __packed __aligned(4); 289 290 struct bd3_check_sum { 291 __u8 rsvd0; 292 __u8 hac_sva_status; 293 __le16 check_sum_i; 294 }; 295 296 struct bd3_tls_type_back { 297 __u8 tls_1p3_type_back; 298 __u8 hac_sva_status; 299 __le16 pad_len_1p3_back; 300 }; 301 302 struct sec_sqe3 { 303 /* 304 * type: 0~3 bit 305 * bd_invalid: 4 bit 306 * scene: 5~8 bit 307 * de: 9~10 bit 308 * src_addr_type: 11~13 bit 309 * dst_addr_type: 14~16 bit 310 * mac_addr_type: 17~19 bit 311 * reserved: 20~31 bits 312 */ 313 __le32 bd_param; 314 315 /* 316 * cipher: 0~1 bits 317 * ci_gen: 2~3 bit 318 * c_icv_len: 4~9 bit 319 * c_width: 10~12 bits 320 * c_key_len: 13~15 bits 321 */ 322 __le16 c_icv_key; 323 324 /* 325 * c_mode : 0~3 bits 326 * c_alg : 4~7 bits 327 */ 328 __u8 c_mode_alg; 329 330 /* 331 * nonce_len : 0~3 bits 332 * huk : 4 bits 333 * cal_iv_addr_en : 5 bits 334 * seq : 6 bits 335 * reserved : 7 bits 336 */ 337 __u8 huk_iv_seq; 338 339 __le64 tag; 340 __le64 data_src_addr; 341 __le64 a_key_addr; 342 union { 343 struct bd3_auth_ivin auth_ivin; 344 struct bd3_skip_data skip_data; 345 }; 346 347 __le64 c_key_addr; 348 349 /* 350 * auth: 0~1 bits 351 * ai_gen: 2~3 bits 352 * mac_len: 4~8 bits 353 * akey_len: 9~14 bits 354 * a_alg: 15~20 bits 355 * key_sel: 21~24 bits 356 * ctr_count_mode/sm4_xts: 25~26 bits 357 * sva_prefetch: 27 bits 358 * key_wrap_num: 28~30 bits 359 * update_key: 31 bits 360 */ 361 __le32 auth_mac_key; 362 __le32 salt; 363 __le16 auth_src_offset; 364 __le16 cipher_src_offset; 365 366 /* 367 * auth_len: 0~23 bit 368 * auth_key_offset: 24~31 bits 369 */ 370 __le32 a_len_key; 371 372 /* 373 * cipher_len: 0~23 bit 374 * auth_ivin_offset: 24~31 bits 375 */ 376 __le32 c_len_ivin; 377 __le64 data_dst_addr; 378 __le64 mac_addr; 379 union { 380 struct bd3_stream_scene stream_scene; 381 struct bd3_no_scene no_scene; 382 }; 383 384 /* 385 * done: 0 bit 386 * icv: 1~3 bit 387 * csc: 4~6 bit 388 * flag: 7~10 bit 389 * reserved: 11~15 bit 390 */ 391 __le16 done_flag; 392 __u8 error_type; 393 __u8 warning_type; 394 union { 395 __le32 mac_i; 396 __le32 kek_key_addr_l; 397 }; 398 union { 399 __le32 kek_key_addr_h; 400 struct bd3_check_sum check_sum; 401 struct bd3_tls_type_back tls_type_back; 402 }; 403 __le32 counter; 404 } __packed __aligned(4); 405 406 int sec_register_to_crypto(struct hisi_qm *qm); 407 void sec_unregister_from_crypto(struct hisi_qm *qm); 408 #endif 409