1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or https://opensource.org/licenses/CDDL-1.0. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved. 23 */ 24 /* 25 * Copyright 2013 Saso Kiselkov. All rights reserved. 26 */ 27 28 #ifndef _SYS_CRYPTO_COMMON_H 29 #define _SYS_CRYPTO_COMMON_H 30 31 /* 32 * Header file for the common data structures of the cryptographic framework 33 */ 34 35 #ifdef __cplusplus 36 extern "C" { 37 #endif 38 39 #include <sys/zfs_context.h> 40 41 /* Cryptographic Mechanisms */ 42 43 #define CRYPTO_MAX_MECH_NAME 32 44 typedef char crypto_mech_name_t[CRYPTO_MAX_MECH_NAME]; 45 46 typedef uint64_t crypto_mech_type_t; 47 48 typedef struct crypto_mechanism { 49 crypto_mech_type_t cm_type; /* mechanism type */ 50 caddr_t cm_param; /* mech. parameter */ 51 size_t cm_param_len; /* mech. parameter len */ 52 } crypto_mechanism_t; 53 54 /* CK_AES_CTR_PARAMS provides parameters to the CKM_AES_CTR mechanism */ 55 typedef struct CK_AES_CTR_PARAMS { 56 ulong_t ulCounterBits; 57 uint8_t cb[16]; 58 } CK_AES_CTR_PARAMS; 59 60 /* CK_AES_CCM_PARAMS provides parameters to the CKM_AES_CCM mechanism */ 61 typedef struct CK_AES_CCM_PARAMS { 62 ulong_t ulMACSize; 63 ulong_t ulNonceSize; 64 ulong_t ulAuthDataSize; 65 ulong_t ulDataSize; /* used for plaintext or ciphertext */ 66 uchar_t *nonce; 67 uchar_t *authData; 68 } CK_AES_CCM_PARAMS; 69 70 /* CK_AES_GCM_PARAMS provides parameters to the CKM_AES_GCM mechanism */ 71 typedef struct CK_AES_GCM_PARAMS { 72 uchar_t *pIv; 73 ulong_t ulIvLen; 74 ulong_t ulIvBits; 75 uchar_t *pAAD; 76 ulong_t ulAADLen; 77 ulong_t ulTagBits; 78 } CK_AES_GCM_PARAMS; 79 80 /* CK_AES_GMAC_PARAMS provides parameters to the CKM_AES_GMAC mechanism */ 81 typedef struct CK_AES_GMAC_PARAMS { 82 uchar_t *pIv; 83 uchar_t *pAAD; 84 ulong_t ulAADLen; 85 } CK_AES_GMAC_PARAMS; 86 87 /* 88 * The measurement unit bit flag for a mechanism's minimum or maximum key size. 89 * The unit are mechanism dependent. It can be in bits or in bytes. 90 */ 91 typedef uint32_t crypto_keysize_unit_t; 92 93 94 /* Mechanisms supported out-of-the-box */ 95 #define SUN_CKM_SHA256 "CKM_SHA256" 96 #define SUN_CKM_SHA256_HMAC "CKM_SHA256_HMAC" 97 #define SUN_CKM_SHA256_HMAC_GENERAL "CKM_SHA256_HMAC_GENERAL" 98 #define SUN_CKM_SHA384 "CKM_SHA384" 99 #define SUN_CKM_SHA384_HMAC "CKM_SHA384_HMAC" 100 #define SUN_CKM_SHA384_HMAC_GENERAL "CKM_SHA384_HMAC_GENERAL" 101 #define SUN_CKM_SHA512 "CKM_SHA512" 102 #define SUN_CKM_SHA512_HMAC "CKM_SHA512_HMAC" 103 #define SUN_CKM_SHA512_HMAC_GENERAL "CKM_SHA512_HMAC_GENERAL" 104 #define SUN_CKM_SHA512_224 "CKM_SHA512_224" 105 #define SUN_CKM_SHA512_256 "CKM_SHA512_256" 106 #define SUN_CKM_AES_CBC "CKM_AES_CBC" 107 #define SUN_CKM_AES_ECB "CKM_AES_ECB" 108 #define SUN_CKM_AES_CTR "CKM_AES_CTR" 109 #define SUN_CKM_AES_CCM "CKM_AES_CCM" 110 #define SUN_CKM_AES_GCM "CKM_AES_GCM" 111 #define SUN_CKM_AES_GMAC "CKM_AES_GMAC" 112 113 /* Data arguments of cryptographic operations */ 114 115 typedef enum crypto_data_format { 116 CRYPTO_DATA_RAW = 1, 117 CRYPTO_DATA_UIO, 118 } crypto_data_format_t; 119 120 typedef struct crypto_data { 121 crypto_data_format_t cd_format; /* Format identifier */ 122 off_t cd_offset; /* Offset from the beginning */ 123 size_t cd_length; /* # of bytes in use */ 124 union { 125 /* Raw format */ 126 iovec_t cd_raw; /* Pointer and length */ 127 128 /* uio scatter-gather format */ 129 zfs_uio_t *cd_uio; 130 }; /* Crypto Data Union */ 131 } crypto_data_t; 132 133 /* The keys, and their contents */ 134 135 typedef struct { 136 uint_t ck_length; /* # of bits in ck_data */ 137 void *ck_data; /* ptr to key value */ 138 } crypto_key_t; 139 140 /* 141 * Raw key lengths are expressed in number of bits. 142 * The following macro returns the minimum number of 143 * bytes that can contain the specified number of bits. 144 * Round up without overflowing the integer type. 145 */ 146 #define CRYPTO_BITS2BYTES(n) ((n) == 0 ? 0 : (((n) - 1) >> 3) + 1) 147 #define CRYPTO_BYTES2BITS(n) ((n) << 3) 148 149 /* Providers */ 150 151 typedef uint32_t crypto_provider_id_t; 152 #define KCF_PROVID_INVALID ((uint32_t)-1) 153 154 /* session data structure opaque to the consumer */ 155 typedef void *crypto_session_t; 156 157 #define PROVIDER_OWNS_KEY_SCHEDULE 0x00000001 158 159 /* 160 * Common cryptographic status and error codes. 161 */ 162 #define CRYPTO_SUCCESS 0x00000000 163 #define CRYPTO_HOST_MEMORY 0x00000002 164 #define CRYPTO_FAILED 0x00000004 165 #define CRYPTO_ARGUMENTS_BAD 0x00000005 166 #define CRYPTO_DATA_LEN_RANGE 0x0000000C 167 #define CRYPTO_ENCRYPTED_DATA_LEN_RANGE 0x00000011 168 #define CRYPTO_KEY_SIZE_RANGE 0x00000013 169 #define CRYPTO_KEY_TYPE_INCONSISTENT 0x00000014 170 #define CRYPTO_MECHANISM_INVALID 0x0000001C 171 #define CRYPTO_MECHANISM_PARAM_INVALID 0x0000001D 172 #define CRYPTO_SIGNATURE_INVALID 0x0000002D 173 #define CRYPTO_BUFFER_TOO_SMALL 0x00000042 174 #define CRYPTO_NOT_SUPPORTED 0x00000044 175 176 #define CRYPTO_INVALID_CONTEXT 0x00000047 177 #define CRYPTO_INVALID_MAC 0x00000048 178 #define CRYPTO_MECH_NOT_SUPPORTED 0x00000049 179 #define CRYPTO_INVALID_PROVIDER_ID 0x0000004C 180 #define CRYPTO_BUSY 0x0000004E 181 #define CRYPTO_UNKNOWN_PROVIDER 0x0000004F 182 183 #ifdef __cplusplus 184 } 185 #endif 186 187 #endif /* _SYS_CRYPTO_COMMON_H */ 188