1 /* $NetBSD: ubsecreg.h,v 1.5 2015/04/13 15:43:43 riastradh Exp $ */ 2 /* $OpenBSD: ubsecreg.h,v 1.29 2009/03/25 12:17:30 reyk Exp $ */ 3 4 /* 5 * Copyright (c) 2000 Theo de Raadt 6 * Copyright (c) 2001 Patrik Lindergren (patrik@ipunplugged.com) 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 * 29 * Effort sponsored in part by the Defense Advanced Research Projects 30 * Agency (DARPA) and Air Force Research Laboratory, Air Force 31 * Materiel Command, USAF, under agreement number F30602-01-2-0537. 32 * 33 */ 34 35 #ifndef _DEV_PCI_UBSECREG_H 36 #define _DEV_PCI_UBSECREG_H 37 38 /* 39 * Register definitions for 5601 BlueSteel Networks Ubiquitous Broadband 40 * Security "uBSec" chip. Definitions from revision 2.8 of the product 41 * datasheet. 42 */ 43 44 #define BS_BAR 0x10 /* DMA base address register */ 45 #define BS_TRDY_TIMEOUT 0x40 /* TRDY timeout */ 46 #define BS_RETRY_TIMEOUT 0x41 /* DMA retry timeout */ 47 48 #define UBS_PCI_RTY_SHIFT 8 49 #define UBS_PCI_RTY_MASK 0xff 50 #define UBS_PCI_RTY(misc) \ 51 (((misc) >> UBS_PCI_RTY_SHIFT) & UBS_PCI_RTY_MASK) 52 53 #define UBS_PCI_TOUT_SHIFT 0 54 #define UBS_PCI_TOUT_MASK 0xff 55 #define UBS_PCI_TOUT(misc) \ 56 (((misc) >> PCI_TOUT_SHIFT) & PCI_TOUT_MASK) 57 58 /* 59 * DMA Control & Status Registers (offset from BS_BAR) 60 */ 61 #define BS_MCR1 0x00 /* DMA Master Command Record 1 */ 62 #define BS_CTRL 0x04 /* DMA Control */ 63 #define BS_STAT 0x08 /* DMA Status */ 64 #define BS_ERR 0x0c /* DMA Error Address */ 65 #define BS_MCR2 0x10 /* DMA Master Command Record 2 */ 66 #define BS_MCR3 0x0014 /* 5827+, DMA Master Command Record 3 */ 67 #define BS_MCR4 0x001c /* 5827+, DMA Master Command Record 4 */ 68 #define BS_CFG 0x0700 /* 5827+, Configuration Register */ 69 #define BS_INT 0x0f00 /* 5827+, Interrupt Register */ 70 71 /* BS_CTRL - DMA Control */ 72 #define BS_CTRL_RESET 0x80000000 /* hardware reset, 5805/5820 */ 73 #define BS_CTRL_MCR2INT 0x40000000 /* enable intr MCR for MCR2 */ 74 #define BS_CTRL_MCR1INT 0x20000000 /* enable intr MCR for MCR1 */ 75 #define BS_CTRL_OFM 0x10000000 /* Output fragment mode */ 76 #define BS_CTRL_BE32 0x08000000 /* big-endian, 32bit bytes */ 77 #define BS_CTRL_BE64 0x04000000 /* big-endian, 64bit bytes */ 78 #define BS_CTRL_DMAERR 0x02000000 /* enable intr DMA error */ 79 #define BS_CTRL_RNG_M 0x01800000 /* RNG mode */ 80 #define BS_CTRL_RNG_1 0x00000000 /* 1bit rn/one slow clock */ 81 #define BS_CTRL_RNG_4 0x00800000 /* 1bit rn/four slow clocks */ 82 #define BS_CTRL_RNG_8 0x01000000 /* 1bit rn/eight slow clocks */ 83 #define BS_CTRL_RNG_16 0x01800000 /* 1bit rn/16 slow clocks */ 84 #define BS_CTRL_SWNORM 0x00400000 /* 582[01], sw normalization */ 85 #define BS_CTRL_MCR3INT 0x00400000 /* 5827+, intr for MCR3 */ 86 #define BS_CTRL_MCR4INT 0x00200000 /* 5827+, intr for MCR4 */ 87 #define BS_CTRL_BSIZE240 0x000f0000 /* 5827+, burst size 240 */ 88 #define BS_CTRL_FRAG_M 0x0000ffff /* output fragment size mask */ 89 #define BS_CTRL_LITTLE_ENDIAN (BS_CTRL_BE32 | BS_CTRL_BE64) 90 91 /* BS_STAT - DMA Status */ 92 #define BS_STAT_MCR1_BUSY 0x80000000 /* MCR1 is busy */ 93 #define BS_STAT_MCR1_FULL 0x40000000 /* MCR1 is full */ 94 #define BS_STAT_MCR1_DONE 0x20000000 /* MCR1 is done */ 95 #define BS_STAT_DMAERR 0x10000000 /* DMA error */ 96 #define BS_STAT_MCR2_FULL 0x08000000 /* MCR2 is full */ 97 #define BS_STAT_MCR2_DONE 0x04000000 /* MCR2 is done */ 98 #define BS_STAT_MCR1_ALLEMPTY 0x02000000 /* 5821, MCR1 is empty */ 99 #define BS_STAT_MCR2_ALLEMPTY 0x01000000 /* 5821, MCR2 is empty */ 100 #define BS_STAT_MCR3_ALLEMPTY 0x00800000 /* 5827+, MCR3 is empty */ 101 #define BS_STAT_MCR4_ALLEMPTY 0x00400000 /* 5827+, MCR4 is empty */ 102 #define BS_STAT_MCR3_FULL 0x00080000 /* 5827+, MCR3 is full */ 103 #define BS_STAT_MCR3_DONE 0x00040000 /* 5827+, MCR3 is done */ 104 #define BS_STAT_MCR4_FULL 0x00020000 /* 5827+, MCR4 is full */ 105 #define BS_STAT_MCR4_DONE 0x00010000 /* 5827+, MCR4 is done */ 106 107 /* BS_ERR - DMA Error Address */ 108 #define BS_ERR_ADDR 0xfffffffc /* error address mask */ 109 #define BS_ERR_READ 0x00000002 /* fault was on read */ 110 111 /* BS_CFG */ 112 #define BS_CFG_RNG 0x00000001 /* 5827+, enable RNG */ 113 114 /* BS_INT */ 115 #define BS_INT_DMAINT 0x80000000 /* 5827+, enable DMA intr */ 116 117 /* DES/3DES */ 118 struct ubsec_pktctx { 119 u_int32_t pc_deskey[6]; /* 3DES key */ 120 u_int32_t pc_hminner[5]; /* hmac inner state */ 121 u_int32_t pc_hmouter[5]; /* hmac outer state */ 122 u_int32_t pc_iv[2]; /* [3]DES iv */ 123 u_int16_t pc_flags; /* flags, below */ 124 u_int16_t pc_offset; /* crypto offset */ 125 }; 126 #define UBS_PKTCTX_ENC_3DES 0x8000 /* use 3des */ 127 #define UBS_PKTCTX_ENC_NONE 0x0000 /* no encryption */ 128 #define UBS_PKTCTX_INBOUND 0x4000 /* inbound packet */ 129 #define UBS_PKTCTX_AUTH 0x3000 /* authentication mask */ 130 #define UBS_PKTCTX_AUTH_NONE 0x0000 /* no authentication */ 131 #define UBS_PKTCTX_AUTH_MD5 0x1000 /* use hmac-md5 */ 132 #define UBS_PKTCTX_AUTH_SHA1 0x2000 /* use hmac-sha1 */ 133 134 /* "Long" cryptographic operations on newer chipsets */ 135 #define UBS_PKTCTX_TYPE_IPSEC_3DES 0x0000 136 #define UBS_PKTCTX_TYPE_IPSEC_AES 0x0040 137 138 struct ubsec_pktctx_hdr { 139 volatile u_int16_t ph_len; /* length of ctx struct */ 140 volatile u_int16_t ph_type; /* context type, 0 */ 141 volatile u_int16_t ph_flags; /* flags, same as above */ 142 volatile u_int16_t ph_offset; /* crypto/auth offset */ 143 }; 144 145 /* Long version of DES/3DES */ 146 struct ubsec_pktctx_3des { 147 struct ubsec_pktctx_hdr pc_hdr; /* Common header */ 148 volatile u_int32_t pc_deskey[6]; /* 3DES key */ 149 volatile u_int32_t pc_iv[2]; /* [3]DES iv */ 150 volatile u_int32_t pc_hminner[5]; /* hmac inner state */ 151 volatile u_int32_t pc_hmouter[5]; /* hmac outer state */ 152 }; 153 154 /* AES uses different structures for each supported key size */ 155 struct ubsec_pktctx_aes128 { 156 struct ubsec_pktctx_hdr pc_hdr; /* Common header */ 157 volatile u_int32_t pc_aeskey[4]; /* AES128 key */ 158 volatile u_int32_t pc_iv[4]; /* AES iv/ucv */ 159 volatile u_int32_t pc_hminner[5]; /* hmac inner state */ 160 volatile u_int32_t pc_hmouter[5]; /* hmac outer state */ 161 }; 162 163 struct ubsec_pktctx_aes192 { 164 struct ubsec_pktctx_hdr pc_hdr; /* Common header */ 165 volatile u_int32_t pc_aeskey[6]; /* AES192 key */ 166 volatile u_int32_t pc_iv[4]; /* AES iv/icv */ 167 volatile u_int32_t pc_hminner[5]; /* hmac inner state */ 168 volatile u_int32_t pc_hmouter[5]; /* hmac outer state */ 169 }; 170 171 struct ubsec_pktctx_aes256 { 172 struct ubsec_pktctx_hdr pc_hdr; /* Common header */ 173 volatile u_int32_t pc_aeskey[8]; /* AES256 key */ 174 volatile u_int32_t pc_iv[4]; /* AES iv/icv */ 175 volatile u_int32_t pc_hminner[5]; /* hmac inner state */ 176 volatile u_int32_t pc_hmouter[5]; /* hmac outer state */ 177 }; 178 #define UBS_PKTCTX_ENC_AES 0x8000 /* use aes */ 179 #define UBS_PKTCTX_MODE_CBC 0x0000 /* Cipher Block Chaining mode */ 180 #define UBS_PKTCTX_MODE_CTR 0x0400 /* Counter mode */ 181 #define UBS_PKTCTX_KEYSIZE_128 0x0000 /* AES128 */ 182 #define UBS_PKTCTX_KEYSIZE_192 0x0100 /* AES192 */ 183 #define UBS_PKTCTX_KEYSIZE_256 0x0200 /* AES256 */ 184 185 struct ubsec_pktbuf { 186 volatile u_int32_t pb_addr; /* address of buffer start */ 187 volatile u_int32_t pb_next; /* pointer to next pktbuf */ 188 volatile u_int32_t pb_len; /* packet length */ 189 }; 190 #define UBS_PKTBUF_LEN 0x0000ffff /* length mask */ 191 192 struct ubsec_mcr { 193 volatile u_int16_t mcr_pkts; /* #pkts in this mcr */ 194 volatile u_int16_t mcr_flags; /* mcr flags (below) */ 195 volatile u_int32_t mcr_cmdctxp; /* command ctx pointer */ 196 struct ubsec_pktbuf mcr_ipktbuf; /* input chain header */ 197 volatile u_int16_t mcr_reserved; 198 volatile u_int16_t mcr_pktlen; 199 struct ubsec_pktbuf mcr_opktbuf; /* output chain header */ 200 }; 201 202 struct ubsec_mcr_add { 203 volatile u_int32_t mcr_cmdctxp; /* command ctx pointer */ 204 struct ubsec_pktbuf mcr_ipktbuf; /* input chain header */ 205 volatile u_int16_t mcr_reserved; 206 volatile u_int16_t mcr_pktlen; 207 struct ubsec_pktbuf mcr_opktbuf; /* output chain header */ 208 }; 209 210 #define UBS_MCR_DONE 0x0001 /* mcr has been processed */ 211 #define UBS_MCR_ERROR 0x0002 /* error in processing */ 212 #define UBS_MCR_ERRORCODE 0xff00 /* error type */ 213 214 struct ubsec_ctx_keyop { 215 volatile u_int16_t ctx_len; /* command length */ 216 volatile u_int16_t ctx_op; /* operation code */ 217 volatile u_int8_t ctx_pad[60]; /* padding */ 218 }; 219 #define UBS_CTXOP_DHPKGEN 0x01 /* dh public key generation */ 220 #define UBS_CTXOP_DHSSGEN 0x02 /* dh shared secret gen. */ 221 #define UBS_CTXOP_RSAPUB 0x03 /* rsa public key op */ 222 #define UBS_CTXOP_RSAPRIV 0x04 /* rsa private key op */ 223 #define UBS_CTXOP_DSASIGN 0x05 /* dsa signing op */ 224 #define UBS_CTXOP_DSAVRFY 0x06 /* dsa verification */ 225 #define UBS_CTXOP_RNGBYPASS 0x41 /* rng direct test mode */ 226 #define UBS_CTXOP_RNGSHA1 0x42 /* rng sha1 test mode */ 227 #define UBS_CTXOP_MODADD 0x43 /* modular addition */ 228 #define UBS_CTXOP_MODSUB 0x44 /* modular subtraction */ 229 #define UBS_CTXOP_MODMUL 0x45 /* modular multiplication */ 230 #define UBS_CTXOP_MODRED 0x46 /* modular reduction */ 231 #define UBS_CTXOP_MODEXP 0x47 /* modular exponentiation */ 232 #define UBS_CTXOP_MODINV 0x48 /* modular inverse */ 233 234 struct ubsec_ctx_rngbypass { 235 volatile u_int16_t rbp_len; /* command length, 64 */ 236 volatile u_int16_t rbp_op; /* rng bypass, 0x41 */ 237 volatile u_int8_t rbp_pad[60]; /* padding */ 238 }; 239 240 /* modexp: C = (M ^ E) mod N */ 241 struct ubsec_ctx_modexp { 242 volatile u_int16_t me_len; /* command length */ 243 volatile u_int16_t me_op; /* modexp, 0x47 */ 244 volatile u_int16_t me_E_len; /* E (bits) */ 245 volatile u_int16_t me_N_len; /* N (bits) */ 246 u_int8_t me_N[2048/8]; /* N */ 247 }; 248 249 struct ubsec_ctx_rsapriv { 250 volatile u_int16_t rpr_len; /* command length */ 251 volatile u_int16_t rpr_op; /* rsaprivate, 0x04 */ 252 volatile u_int16_t rpr_q_len; /* q (bits) */ 253 volatile u_int16_t rpr_p_len; /* p (bits) */ 254 u_int8_t rpr_buf[5 * 1024 / 8]; /* parameters: */ 255 /* p, q, dp, dq, pinv */ 256 }; 257 258 #endif /* _DEV_PCI_UBSECREG_H */ 259