1 /* SPDX-License-Identifier: BSD-3-Clause */ 2 /* Copyright(c) 2007-2022 Intel Corporation */ 3 /* $FreeBSD$ */ 4 /** 5 ***************************************************************************** 6 * @file icp_qat_fw_la.h 7 * @defgroup icp_qat_fw_la ICP QAT FW Lookaside Service Interface Definitions 8 * @ingroup icp_qat_fw 9 * @description 10 * This file documents structs used to provided the interface to the 11 * LookAside (LA) QAT FW service 12 * 13 *****************************************************************************/ 14 15 #ifndef _ICP_QAT_FW_LA_H_ 16 #define _ICP_QAT_FW_LA_H_ 17 18 /* 19 ****************************************************************************** 20 * Include local header files 21 ****************************************************************************** 22 */ 23 #include "icp_qat_fw.h" 24 25 /* ========================================================================= */ 26 /* QAT FW REQUEST STRUCTURES */ 27 /* ========================================================================= */ 28 29 /** 30 ***************************************************************************** 31 * @ingroup icp_qat_fw_la 32 * Definition of the LookAside (LA) command types 33 * @description 34 * Enumeration which is used to indicate the ids of functions 35 * that are exposed by the LA QAT FW service 36 * 37 *****************************************************************************/ 38 39 typedef enum { 40 ICP_QAT_FW_LA_CMD_CIPHER = 0, 41 /*!< Cipher Request */ 42 43 ICP_QAT_FW_LA_CMD_AUTH = 1, 44 /*!< Auth Request */ 45 46 ICP_QAT_FW_LA_CMD_CIPHER_HASH = 2, 47 /*!< Cipher-Hash Request */ 48 49 ICP_QAT_FW_LA_CMD_HASH_CIPHER = 3, 50 /*!< Hash-Cipher Request */ 51 52 ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM = 4, 53 /*!< TRNG Get Random Request */ 54 55 ICP_QAT_FW_LA_CMD_TRNG_TEST = 5, 56 /*!< TRNG Test Request */ 57 58 ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE = 6, 59 /*!< SSL3 Key Derivation Request */ 60 61 ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE = 7, 62 /*!< TLS Key Derivation Request */ 63 64 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE = 8, 65 /*!< TLS Key Derivation Request */ 66 67 ICP_QAT_FW_LA_CMD_MGF1 = 9, 68 /*!< MGF1 Request */ 69 70 ICP_QAT_FW_LA_CMD_AUTH_PRE_COMP = 10, 71 /*!< Auth Pre-Compute Request */ 72 73 ICP_QAT_FW_LA_CMD_CIPHER_PRE_COMP = 11, 74 /*!< Auth Pre-Compute Request */ 75 76 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT = 12, 77 /*!< HKDF Extract Request */ 78 79 ICP_QAT_FW_LA_CMD_HKDF_EXPAND = 13, 80 /*!< HKDF Expand Request */ 81 82 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND = 14, 83 /*!< HKDF Extract and Expand Request */ 84 85 ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL = 15, 86 /*!< HKDF Expand Label Request */ 87 88 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL = 16, 89 /*!< HKDF Extract and Expand Label Request */ 90 91 ICP_QAT_FW_LA_CMD_DELIMITER = 17 92 /**< Delimiter type */ 93 } icp_qat_fw_la_cmd_id_t; 94 95 typedef struct icp_qat_fw_la_cipher_20_req_params_s { 96 /**< LW 14 */ 97 uint32_t cipher_offset; 98 /**< Cipher offset long word. */ 99 100 /**< LW 15 */ 101 uint32_t cipher_length; 102 /**< Cipher length long word. */ 103 104 /**< LWs 16-19 */ 105 union { 106 uint32_t cipher_IV_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 107 /**< Cipher IV array */ 108 109 struct { 110 uint64_t cipher_IV_ptr; 111 /**< Cipher IV pointer or Partial State Pointer */ 112 113 uint64_t resrvd1; 114 /**< reserved */ 115 116 } s; 117 118 } u; 119 /**< LW 20 */ 120 uint32_t spc_aad_offset; 121 /**< LW 21 */ 122 uint32_t spc_aad_sz; 123 /**< LW 22 - 23 */ 124 uint64_t spc_aad_addr; 125 /**< LW 24 - 25 */ 126 uint64_t spc_auth_res_addr; 127 /**< LW 26 */ 128 uint8_t reserved[3]; 129 uint8_t spc_auth_res_sz; 130 131 } icp_qat_fw_la_cipher_20_req_params_t; 132 133 /* For the definitions of the bits in the status field of the common 134 * response, refer to icp_qat_fw.h. 135 * The return values specific to Lookaside service are given below. 136 */ 137 #define ICP_QAT_FW_LA_ICV_VER_STATUS_PASS ICP_QAT_FW_COMN_STATUS_FLAG_OK 138 /**< @ingroup icp_qat_fw_la 139 * Status flag indicating that the ICV verification passed */ 140 141 #define ICP_QAT_FW_LA_ICV_VER_STATUS_FAIL ICP_QAT_FW_COMN_STATUS_FLAG_ERROR 142 /**< @ingroup icp_qat_fw_la 143 * Status flag indicating that the ICV verification failed */ 144 145 #define ICP_QAT_FW_LA_TRNG_STATUS_PASS ICP_QAT_FW_COMN_STATUS_FLAG_OK 146 /**< @ingroup icp_qat_fw_la 147 * Status flag indicating that the TRNG returned valid entropy data */ 148 149 #define ICP_QAT_FW_LA_TRNG_STATUS_FAIL ICP_QAT_FW_COMN_STATUS_FLAG_ERROR 150 /**< @ingroup icp_qat_fw_la 151 * Status flag indicating that the TRNG Command Failed. */ 152 153 /** 154 ***************************************************************************** 155 * @ingroup icp_qat_fw_la 156 * Definition of the common LA QAT FW bulk request 157 * @description 158 * Definition of the full bulk processing request structure. 159 * Used for hash, cipher, hash-cipher and authentication-encryption 160 * requests etc. 161 * 162 *****************************************************************************/ 163 typedef struct icp_qat_fw_la_bulk_req_s { 164 /**< LWs 0-1 */ 165 icp_qat_fw_comn_req_hdr_t comn_hdr; 166 /**< Common request header - for Service Command Id, 167 * use service-specific Crypto Command Id. 168 * Service Specific Flags - use Symmetric Crypto Command Flags 169 * (all of cipher, auth, SSL3, TLS and MGF, 170 * excluding TRNG - field unused) */ 171 172 /**< LWs 2-5 */ 173 icp_qat_fw_comn_req_hdr_cd_pars_t cd_pars; 174 /**< Common Request content descriptor field which points either to a 175 * content descriptor 176 * parameter block or contains the service-specific data itself. */ 177 178 /**< LWs 6-13 */ 179 icp_qat_fw_comn_req_mid_t comn_mid; 180 /**< Common request middle section */ 181 182 /**< LWs 14-26 */ 183 icp_qat_fw_comn_req_rqpars_t serv_specif_rqpars; 184 /**< Common request service-specific parameter field */ 185 186 /**< LWs 27-31 */ 187 icp_qat_fw_comn_req_cd_ctrl_t cd_ctrl; 188 /**< Common request content descriptor control block - 189 * this field is service-specific */ 190 191 } icp_qat_fw_la_bulk_req_t; 192 193 /* 194 * LA BULK (SYMMETRIC CRYPTO) COMMAND FLAGS 195 * 196 * + ===== + ---------- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + 197 * | Bit | [15:13] | 12 | 11 | 10 | 7-9 | 6 | 5 | 4 | 3 | 2 | 1-0 | 198 * + ===== + ---------- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ------+ ----- + 199 * | Flags | Resvd Bits | ZUC | GcmIV |Digest | Prot | Cmp | Rtn | Upd | Ciph/ | CiphIV| Part- | 200 * | | =0 | Prot | Len | In Buf| flgs | Auth | Auth | State | Auth | Field | ial | 201 * + ===== + ---------- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ------+ ----- + 202 */ 203 204 /* Private defines */ 205 206 /* bits 15:14 */ 207 #define ICP_QAT_FW_LA_USE_WIRELESS_SLICE_TYPE 2 208 /**< @ingroup icp_qat_fw_la 209 * FW Selects Wireless Cipher Slice 210 * Cipher Algorithms: AES-{F8}, Snow3G, ZUC 211 * Auth Algorithms : Snow3G, ZUC */ 212 213 #define ICP_QAT_FW_LA_USE_UCS_SLICE_TYPE 1 214 /**< @ingroup icp_qat_fw_la 215 * FW Selects UCS Cipher Slice 216 * Cipher Algorithms: AES-{CTR/XTS}, Single Pass AES-GCM 217 * Auth Algorithms : SHA1/ SHA{2/3}-{224/256/384/512} */ 218 219 #define ICP_QAT_FW_LA_USE_LEGACY_SLICE_TYPE 0 220 /**< @ingroup icp_qat_fw_la 221 * FW Selects Legacy Cipher/Auth Slice 222 * Cipher Algorithms: AES-{CBC/ECB}, SM4, Single Pass AES-CCM 223 * Auth Algorithms : SHA1/ SHA{2/3}-{224/256/384/512} */ 224 225 #define QAT_LA_SLICE_TYPE_BITPOS 14 226 /**< @ingroup icp_qat_fw_la 227 * Starting bit position for the slice type selection. 228 * Refer to HAS for Slice type assignment details on QAT2.0 */ 229 230 #define QAT_LA_SLICE_TYPE_MASK 0x3 231 /**< @ingroup icp_qat_fw_la 232 * Two bit mask used to determine the Slice type */ 233 234 /* bit 11 */ 235 #define ICP_QAT_FW_LA_GCM_IV_LEN_12_OCTETS 1 236 /**< @ingroup icp_qat_fw_la 237 * Indicates the IV Length for GCM protocol is 96 Bits (12 Octets) 238 * If set FW does the padding to compute CTR0 */ 239 240 #define ICP_QAT_FW_LA_GCM_IV_LEN_NOT_12_OCTETS 0 241 /**< @ingroup icp_qat_fw_la 242 * Indicates the IV Length for GCM protocol is not 96 Bits (12 Octets) 243 * If IA computes CTR0 */ 244 245 #define QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS 12 246 /**< @ingroup icp_cpm_fw_la 247 * Bit position defining ZUC processing for a encrypt command */ 248 249 #define ICP_QAT_FW_LA_ZUC_3G_PROTO 1 250 /**< @ingroup icp_cpm_fw_la 251 * Value indicating ZUC processing for a encrypt command */ 252 253 #define QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK 0x1 254 /**< @ingroup icp_qat_fw_la 255 * One bit mask used to determine the ZUC 3G protocol bit. 256 * Must be set for Cipher-only, Cipher + Auth and Auth-only */ 257 258 #define QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_BITPOS 13 259 /**< @ingroup icp_cpm_fw_la 260 * Bit position defining SINGLE PASS processing for a encrypt command */ 261 262 #define ICP_QAT_FW_LA_SINGLE_PASS_PROTO 1 263 /**< @ingroup icp_cpm_fw_la 264 * Value indicating SINGLE PASS processing for a encrypt command */ 265 266 #define QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_MASK 0x1 267 /**< @ingroup icp_qat_fw_la 268 * One bit mask used to determine the SINGLE PASS protocol bit. 269 * Must be set for Cipher-only */ 270 271 #define QAT_LA_GCM_IV_LEN_FLAG_BITPOS 11 272 /**< @ingroup icp_qat_fw_la 273 * Starting bit position for GCM IV Length indication. If set 274 * the IV Length is 96 Bits, clear for other IV lengths */ 275 276 #define QAT_LA_GCM_IV_LEN_FLAG_MASK 0x1 277 /**< @ingroup icp_qat_fw_la 278 * One bit mask used to determine the GCM IV Length indication bit. 279 * If set the IV Length is 96 Bits, clear for other IV lengths */ 280 281 /* bit 10 */ 282 #define ICP_QAT_FW_LA_DIGEST_IN_BUFFER 1 283 /**< @ingroup icp_qat_fw_la 284 * Flag representing that authentication digest is stored or is extracted 285 * from the source buffer. Auth Result Pointer will be ignored in this case. */ 286 287 #define ICP_QAT_FW_LA_NO_DIGEST_IN_BUFFER 0 288 /**< @ingroup icp_qat_fw_la 289 * Flag representing that authentication digest is NOT stored or is NOT 290 * extracted from the source buffer. Auth result will get stored or extracted 291 * from the Auth Result Pointer. Please not that in this case digest CANNOT be 292 * encrypted. */ 293 294 #define QAT_LA_DIGEST_IN_BUFFER_BITPOS 10 295 /**< @ingroup icp_qat_fw_la 296 * Starting bit position for Digest in Buffer flag */ 297 298 #define QAT_LA_DIGEST_IN_BUFFER_MASK 0x1 299 /**< @ingroup icp_qat_fw_la 300 * One bit mask used to determine the Digest in Buffer flag */ 301 302 /* bits 7-9 */ 303 #define ICP_QAT_FW_LA_SNOW_3G_PROTO 4 304 /**< @ingroup icp_cpm_fw_la 305 * Indicates SNOW_3G processing for a encrypt command */ 306 307 #define ICP_QAT_FW_LA_GCM_PROTO 2 308 /**< @ingroup icp_qat_fw_la 309 * Indicates GCM processing for a auth_encrypt command */ 310 311 #define ICP_QAT_FW_LA_CCM_PROTO 1 312 /**< @ingroup icp_qat_fw_la 313 * Indicates CCM processing for a auth_encrypt command */ 314 315 #define ICP_QAT_FW_LA_NO_PROTO 0 316 /**< @ingroup icp_qat_fw_la 317 * Indicates no specific protocol processing for the command */ 318 319 #define QAT_LA_PROTO_BITPOS 7 320 /**< @ingroup icp_qat_fw_la 321 * Starting bit position for the Lookaside Protocols */ 322 323 #define QAT_LA_PROTO_MASK 0x7 324 /**< @ingroup icp_qat_fw_la 325 * Three bit mask used to determine the Lookaside Protocol */ 326 327 /* bit 6 */ 328 #define ICP_QAT_FW_LA_CMP_AUTH_RES 1 329 /**< @ingroup icp_qat_fw_la 330 * Flag representing the need to compare the auth result data to the expected 331 * value in DRAM at the auth_address. */ 332 333 #define ICP_QAT_FW_LA_NO_CMP_AUTH_RES 0 334 /**< @ingroup icp_qat_fw_la 335 * Flag representing that there is no need to do a compare of the auth data 336 * to the expected value */ 337 338 #define QAT_LA_CMP_AUTH_RES_BITPOS 6 339 /**< @ingroup icp_qat_fw_la 340 * Starting bit position for Auth compare digest result */ 341 342 #define QAT_LA_CMP_AUTH_RES_MASK 0x1 343 /**< @ingroup icp_qat_fw_la 344 * One bit mask used to determine the Auth compare digest result */ 345 346 /* bit 5 */ 347 #define ICP_QAT_FW_LA_RET_AUTH_RES 1 348 /**< @ingroup icp_qat_fw_la 349 * Flag representing the need to return the auth result data to dram after the 350 * request processing is complete */ 351 352 #define ICP_QAT_FW_LA_NO_RET_AUTH_RES 0 353 /**< @ingroup icp_qat_fw_la 354 * Flag representing that there is no need to return the auth result data */ 355 356 #define QAT_LA_RET_AUTH_RES_BITPOS 5 357 /**< @ingroup icp_qat_fw_la 358 * Starting bit position for Auth return digest result */ 359 360 #define QAT_LA_RET_AUTH_RES_MASK 0x1 361 /**< @ingroup icp_qat_fw_la 362 * One bit mask used to determine the Auth return digest result */ 363 364 /* bit 4 */ 365 #define ICP_QAT_FW_LA_UPDATE_STATE 1 366 /**< @ingroup icp_qat_fw_la 367 * Flag representing the need to update the state data in dram after the 368 * request processing is complete */ 369 370 #define ICP_QAT_FW_LA_NO_UPDATE_STATE 0 371 /**< @ingroup icp_qat_fw_la 372 * Flag representing that there is no need to update the state data */ 373 374 #define QAT_LA_UPDATE_STATE_BITPOS 4 375 /**< @ingroup icp_qat_fw_la 376 * Starting bit position for Update State. */ 377 378 #define QAT_LA_UPDATE_STATE_MASK 0x1 379 /**< @ingroup icp_qat_fw_la 380 * One bit mask used to determine the Update State */ 381 382 /* bit 3 */ 383 #define ICP_QAT_FW_CIPH_AUTH_CFG_OFFSET_IN_CD_SETUP 0 384 /**< @ingroup icp_qat_fw_la 385 * Flag representing Cipher/Auth Config Offset Type, where the offset 386 * is contained in CD Setup. When the SHRAM constants page 387 * is not used for cipher/auth configuration, then the Content Descriptor 388 * pointer field must be a pointer (as opposed to a 16-byte key), since 389 * the block pointed to must contain both the slice config and the key */ 390 391 #define ICP_QAT_FW_CIPH_AUTH_CFG_OFFSET_IN_SHRAM_CP 1 392 /**< @ingroup icp_qat_fw_la 393 * Flag representing Cipher/Auth Config Offset Type, where the offset 394 * is contained in SHRAM constants page. */ 395 396 #define QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS 3 397 /**< @ingroup icp_qat_fw_la 398 * Starting bit position indicating Cipher/Auth Config 399 * offset type */ 400 401 #define QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK 0x1 402 /**< @ingroup icp_qat_fw_la 403 * One bit mask used to determine Cipher/Auth Config 404 * offset type */ 405 406 /* bit 2 */ 407 #define ICP_QAT_FW_CIPH_IV_64BIT_PTR 0 408 /**< @ingroup icp_qat_fw_la 409 * Flag representing Cipher IV field contents via 64-bit pointer */ 410 411 #define ICP_QAT_FW_CIPH_IV_16BYTE_DATA 1 412 /**< @ingroup icp_qat_fw_la 413 * Flag representing Cipher IV field contents as 16-byte data array */ 414 415 #define QAT_LA_CIPH_IV_FLD_BITPOS 2 416 /**< @ingroup icp_qat_fw_la 417 * Starting bit position indicating Cipher IV field 418 * contents */ 419 420 #define QAT_LA_CIPH_IV_FLD_MASK 0x1 421 /**< @ingroup icp_qat_fw_la 422 * One bit mask used to determine the Cipher IV field 423 * contents */ 424 425 /* bits 0-1 */ 426 #define ICP_QAT_FW_LA_PARTIAL_NONE 0 427 /**< @ingroup icp_qat_fw_la 428 * Flag representing no need for partial processing condition i.e. 429 * entire packet processed in the current command */ 430 431 #define ICP_QAT_FW_LA_PARTIAL_START 1 432 /**< @ingroup icp_qat_fw_la 433 * Flag representing the first chunk of the partial packet */ 434 435 #define ICP_QAT_FW_LA_PARTIAL_MID 3 436 /**< @ingroup icp_qat_fw_la 437 * Flag representing a middle chunk of the partial packet */ 438 439 #define ICP_QAT_FW_LA_PARTIAL_END 2 440 /**< @ingroup icp_qat_fw_la 441 * Flag representing the final/end chunk of the partial packet */ 442 443 #define QAT_LA_PARTIAL_BITPOS 0 444 /**< @ingroup icp_qat_fw_la 445 * Starting bit position indicating partial state */ 446 447 #define QAT_LA_PARTIAL_MASK 0x3 448 /**< @ingroup icp_qat_fw_la 449 * Two bit mask used to determine the partial state */ 450 451 /* The table below defines the meaning of the prefix_addr & hash_state_sz in 452 * the case of partial processing. See the HLD for further details 453 * 454 * + ====== + ------------------------- + ----------------------- + 455 * | Parial | Prefix Addr | Hash State Sz | 456 * | State | | | 457 * + ====== + ------------------------- + ----------------------- + 458 * | FULL | Points to the prefix data | Prefix size as below. | 459 * | | | No update of state | 460 * + ====== + ------------------------- + ----------------------- + 461 * | SOP | Points to the prefix | = inner prefix rounded | 462 * | | data. State is updated | to qwrds + outer prefix | 463 * | | at prefix_addr - state_sz | rounded to qwrds. The | 464 * | | - 8 (counter size) | writeback state sz | 465 * | | | comes from the CD | 466 * + ====== + ------------------------- + ----------------------- + 467 * | MOP | Points to the state data | State size rounded to | 468 * | | Updated state written to | num qwrds + 8 (for the | 469 * | | same location | counter) + inner prefix | 470 * | | | rounded to qwrds + | 471 * | | | outer prefix rounded to | 472 * | | | qwrds. | 473 * + ====== + ------------------------- + ----------------------- + 474 * | EOP | Points to the state data | State size rounded to | 475 * | | | num qwrds + 8 (for the | 476 * | | | counter) + inner prefix | 477 * | | | rounded to qwrds + | 478 * | | | outer prefix rounded to | 479 * | | | qwrds. | 480 * + ====== + ------------------------- + ----------------------- + 481 * 482 * Notes: 483 * 484 * - If the EOP is set it is assumed that no state update is to be performed. 485 * However it is the clients responsibility to set the update_state flag 486 * correctly i.e. not set for EOP or Full packet cases. Only set for SOP and 487 * MOP with no EOP flag 488 * - The SOP take precedence over the MOP and EOP i.e. in the calculation of 489 * the address to writeback the state. 490 * - The prefix address must be on at least the 8 byte boundary 491 */ 492 493 /** 494 ****************************************************************************** 495 * @ingroup icp_qat_fw_la 496 * 497 * @description 498 * Macro used for the generation of the Lookaside flags for a request. This 499 * should always be used for the generation of the flags field. No direct sets 500 * or masks should be performed on the flags data 501 * 502 * @param gcm_iv_len GCM IV Length indication bit 503 * @param auth_rslt Authentication result - Digest is stored/extracted 504 * in/from the source buffer 505 * straight after the authenticated region 506 * @param proto Protocol handled by a command 507 * @param cmp_auth Compare auth result with the expected value 508 * @param ret_auth Return auth result to the client via DRAM 509 * @param update_state Indicate update of the crypto state information 510 * is required 511 * @param ciphIV Cipher IV field contents 512 * @param ciphcfg Cipher/Auth Config offset type 513 * @param partial Inidicate if the packet is a partial part 514 * 515 *****************************************************************************/ 516 #define ICP_QAT_FW_LA_FLAGS_BUILD(zuc_proto, \ 517 gcm_iv_len, \ 518 auth_rslt, \ 519 proto, \ 520 cmp_auth, \ 521 ret_auth, \ 522 update_state, \ 523 ciphIV, \ 524 ciphcfg, \ 525 partial) \ 526 (((zuc_proto & QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK) \ 527 << QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS) | \ 528 ((gcm_iv_len & QAT_LA_GCM_IV_LEN_FLAG_MASK) \ 529 << QAT_LA_GCM_IV_LEN_FLAG_BITPOS) | \ 530 ((auth_rslt & QAT_LA_DIGEST_IN_BUFFER_MASK) \ 531 << QAT_LA_DIGEST_IN_BUFFER_BITPOS) | \ 532 ((proto & QAT_LA_PROTO_MASK) << QAT_LA_PROTO_BITPOS) | \ 533 ((cmp_auth & QAT_LA_CMP_AUTH_RES_MASK) \ 534 << QAT_LA_CMP_AUTH_RES_BITPOS) | \ 535 ((ret_auth & QAT_LA_RET_AUTH_RES_MASK) \ 536 << QAT_LA_RET_AUTH_RES_BITPOS) | \ 537 ((update_state & QAT_LA_UPDATE_STATE_MASK) \ 538 << QAT_LA_UPDATE_STATE_BITPOS) | \ 539 ((ciphIV & QAT_LA_CIPH_IV_FLD_MASK) << QAT_LA_CIPH_IV_FLD_BITPOS) | \ 540 ((ciphcfg & QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK) \ 541 << QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS) | \ 542 ((partial & QAT_LA_PARTIAL_MASK) << QAT_LA_PARTIAL_BITPOS)) 543 544 /* Macros for extracting field bits */ 545 /** 546 ****************************************************************************** 547 * @ingroup icp_qat_fw_la 548 * 549 * @description 550 * Macro for extraction of the Cipher IV field contents (bit 2) 551 * 552 * @param flags Flags to extract the Cipher IV field contents 553 * 554 *****************************************************************************/ 555 #define ICP_QAT_FW_LA_CIPH_IV_FLD_FLAG_GET(flags) \ 556 QAT_FIELD_GET(flags, QAT_LA_CIPH_IV_FLD_BITPOS, QAT_LA_CIPH_IV_FLD_MASK) 557 558 /** 559 ****************************************************************************** 560 * @ingroup icp_qat_fw_la 561 * 562 * @description 563 * Macro for extraction of the Cipher/Auth Config 564 * offset type (bit 3) 565 * 566 * @param flags Flags to extract the Cipher/Auth Config 567 * offset type 568 * 569 *****************************************************************************/ 570 #define ICP_QAT_FW_LA_CIPH_AUTH_CFG_OFFSET_FLAG_GET(flags) \ 571 QAT_FIELD_GET(flags, \ 572 QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS, \ 573 QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK) 574 575 /** 576 ****************************************************************************** 577 * @ingroup icp_qat_fw_la 578 * 579 * @description 580 * Macro for extraction of the ZUC protocol bit 581 * information (bit 11) 582 * 583 * @param flags Flags to extract the ZUC protocol bit 584 * 585 *****************************************************************************/ 586 #define ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_GET(flags) \ 587 QAT_FIELD_GET(flags, \ 588 QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS, \ 589 QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK) 590 591 /** 592 ****************************************************************************** 593 * @ingroup icp_qat_fw_la 594 * 595 * @description 596 * Macro for extraction of the GCM IV Len is 12 Octets / 96 Bits 597 * information (bit 11) 598 * 599 * @param flags Flags to extract the GCM IV length 600 * 601 *****************************************************************************/ 602 #define ICP_QAT_FW_LA_GCM_IV_LEN_FLAG_GET(flags) \ 603 QAT_FIELD_GET(flags, \ 604 QAT_LA_GCM_IV_LEN_FLAG_BITPOS, \ 605 QAT_LA_GCM_IV_LEN_FLAG_MASK) 606 607 /** 608 ****************************************************************************** 609 * @ingroup icp_qat_fw_la 610 * 611 * @description 612 * Macro for extraction of the LA protocol state (bits 9-7) 613 * 614 * @param flags Flags to extract the protocol state 615 * 616 *****************************************************************************/ 617 #define ICP_QAT_FW_LA_PROTO_GET(flags) \ 618 QAT_FIELD_GET(flags, QAT_LA_PROTO_BITPOS, QAT_LA_PROTO_MASK) 619 620 /** 621 ****************************************************************************** 622 * @ingroup icp_qat_fw_la 623 * 624 * @description 625 * Macro for extraction of the "compare auth" state (bit 6) 626 * 627 * @param flags Flags to extract the compare auth result state 628 * 629 *****************************************************************************/ 630 #define ICP_QAT_FW_LA_CMP_AUTH_GET(flags) \ 631 QAT_FIELD_GET(flags, \ 632 QAT_LA_CMP_AUTH_RES_BITPOS, \ 633 QAT_LA_CMP_AUTH_RES_MASK) 634 635 /** 636 ****************************************************************************** 637 * @ingroup icp_qat_fw_la 638 * 639 * @description 640 * Macro for extraction of the "return auth" state (bit 5) 641 * 642 * @param flags Flags to extract the return auth result state 643 * 644 *****************************************************************************/ 645 #define ICP_QAT_FW_LA_RET_AUTH_GET(flags) \ 646 QAT_FIELD_GET(flags, \ 647 QAT_LA_RET_AUTH_RES_BITPOS, \ 648 QAT_LA_RET_AUTH_RES_MASK) 649 650 /** 651 ****************************************************************************** 652 * @ingroup icp_qat_fw_la 653 * 654 * @description 655 * Macro for extraction of the "digest in buffer" state (bit 10) 656 * 657 * @param flags Flags to extract the digest in buffer state 658 * 659 *****************************************************************************/ 660 #define ICP_QAT_FW_LA_DIGEST_IN_BUFFER_GET(flags) \ 661 QAT_FIELD_GET(flags, \ 662 QAT_LA_DIGEST_IN_BUFFER_BITPOS, \ 663 QAT_LA_DIGEST_IN_BUFFER_MASK) 664 665 /** 666 ****************************************************************************** 667 * @ingroup icp_qat_fw_la 668 * 669 * @description 670 * Macro for extraction of the update content state value. (bit 4) 671 * 672 * @param flags Flags to extract the update content state bit 673 * 674 *****************************************************************************/ 675 #define ICP_QAT_FW_LA_UPDATE_STATE_GET(flags) \ 676 QAT_FIELD_GET(flags, \ 677 QAT_LA_UPDATE_STATE_BITPOS, \ 678 QAT_LA_UPDATE_STATE_MASK) 679 680 /** 681 ****************************************************************************** 682 * @ingroup icp_qat_fw_la 683 * 684 * @description 685 * Macro for extraction of the "partial" packet state (bits 1-0) 686 * 687 * @param flags Flags to extract the partial state 688 * 689 *****************************************************************************/ 690 #define ICP_QAT_FW_LA_PARTIAL_GET(flags) \ 691 QAT_FIELD_GET(flags, QAT_LA_PARTIAL_BITPOS, QAT_LA_PARTIAL_MASK) 692 693 /** 694 ****************************************************************************** 695 * @ingroup icp_qat_fw_la 696 * 697 * @description 698 * Macro for extraction of the "Use Extended Protocol Flags" flag value 699 * 700 * @param flags Extended Command Flags 701 * @param val Value of the flag 702 * 703 *****************************************************************************/ 704 #define ICP_QAT_FW_USE_EXTENDED_PROTOCOL_FLAGS_GET(flags) \ 705 QAT_FIELD_GET(flags, \ 706 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_BITPOS, \ 707 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_MASK) 708 709 /** 710 ****************************************************************************** 711 * @ingroup icp_qat_fw_la 712 * 713 * @description 714 * Macro for extraction of the slice type information from the flags. 715 * 716 * @param flags Flags to extract the protocol state 717 * 718 *****************************************************************************/ 719 #define ICP_QAT_FW_LA_SLICE_TYPE_GET(flags) \ 720 QAT_FIELD_GET(flags, QAT_LA_SLICE_TYPE_BITPOS, QAT_LA_SLICE_TYPE_MASK) 721 722 /* Macros for setting field bits */ 723 /** 724 ****************************************************************************** 725 * @ingroup icp_qat_fw_la 726 * 727 * @description 728 * Macro for setting the Cipher IV field contents 729 * 730 * @param flags Flags to set with the Cipher IV field contents 731 * @param val Field contents indicator value 732 * 733 *****************************************************************************/ 734 #define ICP_QAT_FW_LA_CIPH_IV_FLD_FLAG_SET(flags, val) \ 735 QAT_FIELD_SET(flags, \ 736 val, \ 737 QAT_LA_CIPH_IV_FLD_BITPOS, \ 738 QAT_LA_CIPH_IV_FLD_MASK) 739 740 /** 741 ****************************************************************************** 742 * @ingroup icp_qat_fw_la 743 * 744 * @description 745 * Macro for setting the Cipher/Auth Config 746 * offset type 747 * 748 * @param flags Flags to set the Cipher/Auth Config offset type 749 * @param val Offset type value 750 * 751 *****************************************************************************/ 752 #define ICP_QAT_FW_LA_CIPH_AUTH_CFG_OFFSET_FLAG_SET(flags, val) \ 753 QAT_FIELD_SET(flags, \ 754 val, \ 755 QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS, \ 756 QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK) 757 758 /** 759 ****************************************************************************** 760 * @ingroup icp_qat_fw_la 761 * 762 * @description 763 * Macro for setting the ZUC protocol flag 764 * 765 * @param flags Flags to set the ZUC protocol flag 766 * @param val Protocol value 767 * 768 *****************************************************************************/ 769 #define ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_SET(flags, val) \ 770 QAT_FIELD_SET(flags, \ 771 val, \ 772 QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS, \ 773 QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK) 774 775 /** 776 ****************************************************************************** 777 * @ingroup icp_qat_fw_la 778 * 779 * @description 780 * Macro for setting the SINGLE PASSprotocol flag 781 * 782 * @param flags Flags to set the SINGLE PASS protocol flag 783 * @param val Protocol value 784 * 785 *****************************************************************************/ 786 #define ICP_QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_SET(flags, val) \ 787 QAT_FIELD_SET(flags, \ 788 val, \ 789 QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_BITPOS, \ 790 QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_MASK) 791 792 /** 793 ****************************************************************************** 794 * @ingroup icp_qat_fw_la 795 * 796 * @description 797 * Macro for setting the GCM IV length flag state 798 * 799 * @param flags Flags to set the GCM IV length flag state 800 * @param val Protocol value 801 * 802 *****************************************************************************/ 803 #define ICP_QAT_FW_LA_GCM_IV_LEN_FLAG_SET(flags, val) \ 804 QAT_FIELD_SET(flags, \ 805 val, \ 806 QAT_LA_GCM_IV_LEN_FLAG_BITPOS, \ 807 QAT_LA_GCM_IV_LEN_FLAG_MASK) 808 809 /** 810 ****************************************************************************** 811 * @ingroup icp_qat_fw_la 812 * 813 * @description 814 * Macro for setting the LA protocol flag state 815 * 816 * @param flags Flags to set the protocol state 817 * @param val Protocol value 818 * 819 *****************************************************************************/ 820 #define ICP_QAT_FW_LA_PROTO_SET(flags, val) \ 821 QAT_FIELD_SET(flags, val, QAT_LA_PROTO_BITPOS, QAT_LA_PROTO_MASK) 822 823 /** 824 ****************************************************************************** 825 * @ingroup icp_qat_fw_la 826 * 827 * @description 828 * Macro for setting the "compare auth" flag state 829 * 830 * @param flags Flags to set the compare auth result state 831 * @param val Compare Auth value 832 * 833 *****************************************************************************/ 834 #define ICP_QAT_FW_LA_CMP_AUTH_SET(flags, val) \ 835 QAT_FIELD_SET(flags, \ 836 val, \ 837 QAT_LA_CMP_AUTH_RES_BITPOS, \ 838 QAT_LA_CMP_AUTH_RES_MASK) 839 840 /** 841 ****************************************************************************** 842 * @ingroup icp_qat_fw_la 843 * 844 * @description 845 * Macro for setting the "return auth" flag state 846 * 847 * @param flags Flags to set the return auth result state 848 * @param val Return Auth value 849 * 850 *****************************************************************************/ 851 #define ICP_QAT_FW_LA_RET_AUTH_SET(flags, val) \ 852 QAT_FIELD_SET(flags, \ 853 val, \ 854 QAT_LA_RET_AUTH_RES_BITPOS, \ 855 QAT_LA_RET_AUTH_RES_MASK) 856 857 /** 858 ****************************************************************************** 859 * @ingroup icp_qat_fw_la 860 * 861 * @description 862 * Macro for setting the "digest in buffer" flag state 863 * 864 * @param flags Flags to set the digest in buffer state 865 * @param val Digest in buffer value 866 * 867 *****************************************************************************/ 868 #define ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET(flags, val) \ 869 QAT_FIELD_SET(flags, \ 870 val, \ 871 QAT_LA_DIGEST_IN_BUFFER_BITPOS, \ 872 QAT_LA_DIGEST_IN_BUFFER_MASK) 873 874 /** 875 ****************************************************************************** 876 * @ingroup icp_qat_fw_la 877 * 878 * @description 879 * Macro for setting the "update state" flag value 880 * 881 * @param flags Flags to set the update content state 882 * @param val Update Content State flag value 883 * 884 *****************************************************************************/ 885 #define ICP_QAT_FW_LA_UPDATE_STATE_SET(flags, val) \ 886 QAT_FIELD_SET(flags, \ 887 val, \ 888 QAT_LA_UPDATE_STATE_BITPOS, \ 889 QAT_LA_UPDATE_STATE_MASK) 890 891 /** 892 ****************************************************************************** 893 * @ingroup icp_qat_fw_la 894 * 895 * @description 896 * Macro for setting the "partial" packet flag state 897 * 898 * @param flags Flags to set the partial state 899 * @param val Partial state value 900 * 901 *****************************************************************************/ 902 #define ICP_QAT_FW_LA_PARTIAL_SET(flags, val) \ 903 QAT_FIELD_SET(flags, val, QAT_LA_PARTIAL_BITPOS, QAT_LA_PARTIAL_MASK) 904 905 /** 906 ****************************************************************************** 907 * @ingroup icp_qat_fw_la 908 * 909 * @description 910 * Macro for setting the "Use Extended Protocol Flags" flag value 911 * 912 * @param flags Extended Command Flags 913 * @param val Value of the flag 914 * 915 *****************************************************************************/ 916 #define ICP_QAT_FW_USE_EXTENDED_PROTOCOL_FLAGS_SET(flags, val) \ 917 QAT_FIELD_SET(flags, \ 918 val, \ 919 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_BITPOS, \ 920 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_MASK) 921 922 /** 923 ****************************************************************************** 924 * @ingroup icp_qat_fw_la 925 * 926 * @description 927 * Macro for setting the "slice type" field in la flags 928 * 929 * @param flags Flags to set the slice type 930 * @param val Value of the slice type to be set. 931 * 932 *****************************************************************************/ 933 #define ICP_QAT_FW_LA_SLICE_TYPE_SET(flags, val) \ 934 QAT_FIELD_SET(flags, \ 935 val, \ 936 QAT_LA_SLICE_TYPE_BITPOS, \ 937 QAT_LA_SLICE_TYPE_MASK) 938 939 /** 940 ***************************************************************************** 941 * @ingroup icp_qat_fw_la 942 * Definition of the Cipher header Content Descriptor pars block 943 * @description 944 * Definition of the cipher processing header cd pars block. 945 * The structure is a service-specific implementation of the common 946 * 'icp_qat_fw_comn_req_hdr_cd_pars_s' structure. 947 *****************************************************************************/ 948 typedef union icp_qat_fw_cipher_req_hdr_cd_pars_s { 949 /**< LWs 2-5 */ 950 struct { 951 uint64_t content_desc_addr; 952 /**< Address of the content descriptor */ 953 954 uint16_t content_desc_resrvd1; 955 /**< Content descriptor reserved field */ 956 957 uint8_t content_desc_params_sz; 958 /**< Size of the content descriptor parameters in quad words. 959 * These parameters describe the session setup configuration 960 * info for the slices that this request relies upon i.e. the 961 * configuration word and cipher key needed by the cipher slice 962 * if there is a request for cipher processing. */ 963 964 uint8_t content_desc_hdr_resrvd2; 965 /**< Content descriptor reserved field */ 966 967 uint32_t content_desc_resrvd3; 968 /**< Content descriptor reserved field */ 969 } s; 970 971 struct { 972 uint32_t cipher_key_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 973 /* Cipher Key Array */ 974 975 } s1; 976 977 } icp_qat_fw_cipher_req_hdr_cd_pars_t; 978 979 /** 980 ***************************************************************************** 981 * @ingroup icp_qat_fw_la 982 * Definition of the Authentication header Content Descriptor pars block 983 * @description 984 * Definition of the authentication processing header cd pars block. 985 *****************************************************************************/ 986 /* Note: Authentication uses the common 'icp_qat_fw_comn_req_hdr_cd_pars_s' 987 * structure - similarly, it is also used by SSL3, TLS and MGF. Only cipher 988 * and cipher + authentication require service-specific implementations of 989 * the structure */ 990 991 /** 992 ***************************************************************************** 993 * @ingroup icp_qat_fw_la 994 * Definition of the Cipher + Auth header Content Descriptor pars block 995 * @description 996 * Definition of the cipher + auth processing header cd pars block. 997 * The structure is a service-specific implementation of the common 998 * 'icp_qat_fw_comn_req_hdr_cd_pars_s' structure. 999 *****************************************************************************/ 1000 typedef union icp_qat_fw_cipher_auth_req_hdr_cd_pars_s { 1001 /**< LWs 2-5 */ 1002 struct { 1003 uint64_t content_desc_addr; 1004 /**< Address of the content descriptor */ 1005 1006 uint16_t content_desc_resrvd1; 1007 /**< Content descriptor reserved field */ 1008 1009 uint8_t content_desc_params_sz; 1010 /**< Size of the content descriptor parameters in quad words. 1011 * These parameters describe the session setup configuration 1012 * info for the slices that this request relies upon i.e. the 1013 * configuration word and cipher key needed by the cipher slice 1014 * if there is a request for cipher processing. */ 1015 1016 uint8_t content_desc_hdr_resrvd2; 1017 /**< Content descriptor reserved field */ 1018 1019 uint32_t content_desc_resrvd3; 1020 /**< Content descriptor reserved field */ 1021 } s; 1022 1023 struct { 1024 uint32_t cipher_key_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 1025 /* Cipher Key Array */ 1026 1027 } sl; 1028 1029 } icp_qat_fw_cipher_auth_req_hdr_cd_pars_t; 1030 1031 /** 1032 ***************************************************************************** 1033 * @ingroup icp_qat_fw_la 1034 * Cipher content descriptor control block (header) 1035 * @description 1036 * Definition of the service-specific cipher control block header 1037 * structure. This header forms part of the content descriptor 1038 * block incorporating LWs 27-31, as defined by the common base 1039 * parameters structure. 1040 * 1041 *****************************************************************************/ 1042 typedef struct icp_qat_fw_cipher_cd_ctrl_hdr_s { 1043 /**< LW 27 */ 1044 uint8_t cipher_state_sz; 1045 /**< State size in quad words of the cipher algorithm used in this 1046 * session. Set to zero if the algorithm doesnt provide any state */ 1047 1048 uint8_t cipher_key_sz; 1049 /**< Key size in quad words of the cipher algorithm used in this session 1050 */ 1051 1052 uint8_t cipher_cfg_offset; 1053 /**< Quad word offset from the content descriptor parameters address 1054 * i.e. (content_address + (cd_hdr_sz << 3)) to the parameters for the 1055 * cipher processing */ 1056 1057 uint8_t next_curr_id; 1058 /**< This field combines the next and current id (each four bits) - 1059 * the next id is the most significant nibble. 1060 * Next Id: Set to the next slice to pass the ciphered data through. 1061 * Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go through 1062 * any more slices after cipher. 1063 * Current Id: Initialised with the cipher slice type */ 1064 1065 /**< LW 28 */ 1066 uint8_t cipher_padding_sz; 1067 /**< State padding size in quad words. Set to 0 if no padding is 1068 * required. 1069 */ 1070 1071 uint8_t resrvd1; 1072 uint16_t resrvd2; 1073 /**< Reserved bytes to bring the struct to the word boundary, used by 1074 * authentication. MUST be set to 0 */ 1075 1076 /**< LWs 29-31 */ 1077 uint32_t resrvd3[ICP_QAT_FW_NUM_LONGWORDS_3]; 1078 /**< Reserved bytes used by authentication. MUST be set to 0 */ 1079 1080 } icp_qat_fw_cipher_cd_ctrl_hdr_t; 1081 1082 /** 1083 ***************************************************************************** 1084 * @ingroup icp_qat_fw_la 1085 * Authentication content descriptor control block (header) 1086 * @description 1087 * Definition of the service-specific authentication control block 1088 * header structure. This header forms part of the content descriptor 1089 * block incorporating LWs 27-31, as defined by the common base 1090 * parameters structure, the first portion of which is reserved for 1091 * cipher. 1092 * 1093 *****************************************************************************/ 1094 typedef struct icp_qat_fw_auth_cd_ctrl_hdr_s { 1095 /**< LW 27 */ 1096 uint32_t resrvd1; 1097 /**< Reserved bytes, used by cipher only. MUST be set to 0 */ 1098 1099 /**< LW 28 */ 1100 uint8_t resrvd2; 1101 /**< Reserved byte, used by cipher only. MUST be set to 0 */ 1102 1103 uint8_t hash_flags; 1104 /**< General flags defining the processing to perform. 0 is normal 1105 * processing 1106 * and 1 means there is a nested hash processing loop to go through */ 1107 1108 uint8_t hash_cfg_offset; 1109 /**< Quad word offset from the content descriptor parameters address to 1110 * the parameters for the auth processing */ 1111 1112 uint8_t next_curr_id; 1113 /**< This field combines the next and current id (each four bits) - 1114 * the next id is the most significant nibble. 1115 * Next Id: Set to the next slice to pass the authentication data 1116 * through. Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go 1117 * through any more slices after authentication. 1118 * Current Id: Initialised with the authentication slice type */ 1119 1120 /**< LW 29 */ 1121 uint8_t resrvd3; 1122 /**< Now a reserved field. MUST be set to 0 */ 1123 1124 uint8_t outer_prefix_sz; 1125 /**< Size in bytes of outer prefix data */ 1126 1127 uint8_t final_sz; 1128 /**< Size in bytes of digest to be returned to the client if requested 1129 */ 1130 1131 uint8_t inner_res_sz; 1132 /**< Size in bytes of the digest from the inner hash algorithm */ 1133 1134 /**< LW 30 */ 1135 uint8_t resrvd4; 1136 /**< Now a reserved field. MUST be set to zero. */ 1137 1138 uint8_t inner_state1_sz; 1139 /**< Size in bytes of inner hash state1 data. Must be a qword multiple 1140 */ 1141 1142 uint8_t inner_state2_offset; 1143 /**< Quad word offset from the content descriptor parameters pointer to 1144 * the inner state2 value */ 1145 1146 uint8_t inner_state2_sz; 1147 /**< Size in bytes of inner hash state2 data. Must be a qword multiple 1148 */ 1149 1150 /**< LW 31 */ 1151 uint8_t outer_config_offset; 1152 /**< Quad word offset from the content descriptor parameters pointer to 1153 * the outer configuration information */ 1154 1155 uint8_t outer_state1_sz; 1156 /**< Size in bytes of the outer state1 value */ 1157 1158 uint8_t outer_res_sz; 1159 /**< Size in bytes of digest from the outer auth algorithm */ 1160 1161 uint8_t outer_prefix_offset; 1162 /**< Quad word offset from the start of the inner prefix data to the 1163 * outer prefix information. Should equal the rounded inner prefix size, 1164 * converted to qwords */ 1165 1166 } icp_qat_fw_auth_cd_ctrl_hdr_t; 1167 1168 /** 1169 ***************************************************************************** 1170 * @ingroup icp_qat_fw_la 1171 * Cipher + Authentication content descriptor control block header 1172 * @description 1173 * Definition of both service-specific cipher + authentication control 1174 * block header structures. This header forms part of the content 1175 * descriptor block incorporating LWs 27-31, as defined by the common 1176 * base parameters structure. 1177 * 1178 *****************************************************************************/ 1179 typedef struct icp_qat_fw_cipher_auth_cd_ctrl_hdr_s { 1180 /**< LW 27 */ 1181 uint8_t cipher_state_sz; 1182 /**< State size in quad words of the cipher algorithm used in this 1183 * session. Set to zero if the algorithm doesnt provide any state */ 1184 1185 uint8_t cipher_key_sz; 1186 /**< Key size in quad words of the cipher algorithm used in this session 1187 */ 1188 1189 uint8_t cipher_cfg_offset; 1190 /**< Quad word offset from the content descriptor parameters address 1191 * i.e. (content_address + (cd_hdr_sz << 3)) to the parameters for the 1192 * cipher processing */ 1193 1194 uint8_t next_curr_id_cipher; 1195 /**< This field combines the next and current id (each four bits) - 1196 * the next id is the most significant nibble. 1197 * Next Id: Set to the next slice to pass the ciphered data through. 1198 * Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go through 1199 * any more slices after cipher. 1200 * Current Id: Initialised with the cipher slice type */ 1201 1202 /**< LW 28 */ 1203 uint8_t cipher_padding_sz; 1204 /**< State padding size in quad words. Set to 0 if no padding is 1205 * required. 1206 */ 1207 1208 uint8_t hash_flags; 1209 /**< General flags defining the processing to perform. 0 is normal 1210 * processing 1211 * and 1 means there is a nested hash processing loop to go through */ 1212 1213 uint8_t hash_cfg_offset; 1214 /**< Quad word offset from the content descriptor parameters address to 1215 * the parameters for the auth processing */ 1216 1217 uint8_t next_curr_id_auth; 1218 /**< This field combines the next and current id (each four bits) - 1219 * the next id is the most significant nibble. 1220 * Next Id: Set to the next slice to pass the authentication data 1221 * through. Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go 1222 * through any more slices after authentication. 1223 * Current Id: Initialised with the authentication slice type */ 1224 1225 /**< LW 29 */ 1226 uint8_t resrvd1; 1227 /**< Reserved field. MUST be set to 0 */ 1228 1229 uint8_t outer_prefix_sz; 1230 /**< Size in bytes of outer prefix data */ 1231 1232 uint8_t final_sz; 1233 /**< Size in bytes of digest to be returned to the client if requested 1234 */ 1235 1236 uint8_t inner_res_sz; 1237 /**< Size in bytes of the digest from the inner hash algorithm */ 1238 1239 /**< LW 30 */ 1240 uint8_t resrvd2; 1241 /**< Now a reserved field. MUST be set to zero. */ 1242 1243 uint8_t inner_state1_sz; 1244 /**< Size in bytes of inner hash state1 data. Must be a qword multiple 1245 */ 1246 1247 uint8_t inner_state2_offset; 1248 /**< Quad word offset from the content descriptor parameters pointer to 1249 * the inner state2 value */ 1250 1251 uint8_t inner_state2_sz; 1252 /**< Size in bytes of inner hash state2 data. Must be a qword multiple 1253 */ 1254 1255 /**< LW 31 */ 1256 uint8_t outer_config_offset; 1257 /**< Quad word offset from the content descriptor parameters pointer to 1258 * the outer configuration information */ 1259 1260 uint8_t outer_state1_sz; 1261 /**< Size in bytes of the outer state1 value */ 1262 1263 uint8_t outer_res_sz; 1264 /**< Size in bytes of digest from the outer auth algorithm */ 1265 1266 uint8_t outer_prefix_offset; 1267 /**< Quad word offset from the start of the inner prefix data to the 1268 * outer prefix information. Should equal the rounded inner prefix size, 1269 * converted to qwords */ 1270 1271 } icp_qat_fw_cipher_auth_cd_ctrl_hdr_t; 1272 1273 /* 1274 * HASH FLAGS 1275 * 1276 * + ===== + --- + --- + --- + --- + --- + --- + --- + ---- + 1277 * | Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | 1278 * + ===== + --- + --- + --- + --- + --- + --- + --- + ---- + 1279 * | Flags | Rsv | Rsv | Rsv | ZUC |SNOW |SKIP |SKIP |NESTED| 1280 * | | | | |EIA3 | 3G |LOAD |LOAD | | 1281 * | | | | | |UIA2 |OUTER|INNER| | 1282 * + ===== + --- + --- + --- + --- + --- + --- + --- + ---- + 1283 */ 1284 1285 /* Bit 0 */ 1286 1287 #define QAT_FW_LA_AUTH_HDR_NESTED_BITPOS 0 1288 /**< @ingroup icp_qat_fw_comn 1289 * Bit position of the hash_flags bit to indicate the request 1290 * requires nested hashing 1291 */ 1292 #define ICP_QAT_FW_AUTH_HDR_FLAG_DO_NESTED 1 1293 /**< @ingroup icp_qat_fw_comn 1294 * Definition of the hash_flags bit to indicate the request 1295 * requires nested hashing */ 1296 1297 #define ICP_QAT_FW_AUTH_HDR_FLAG_NO_NESTED 0 1298 /**< @ingroup icp_qat_fw_comn 1299 * Definition of the hash_flags bit for no nested hashing 1300 * required */ 1301 1302 #define QAT_FW_LA_AUTH_HDR_NESTED_MASK 0x1 1303 /**< @ingroup icp_qat_fw_comn 1304 * Bit mask of the hash_flags bit to indicate the request 1305 * requires nested hashing 1306 */ 1307 1308 /* Bit 1 */ 1309 1310 #define QAT_FW_LA_SKIP_INNER_STATE1_LOAD_BITPOS 1 1311 /**< @ingroup icp_qat_fw_comn 1312 * Bit position of the Skipping Inner State1 Load bit */ 1313 1314 #define QAT_FW_LA_SKIP_INNER_STATE1_LOAD 1 1315 /**< @ingroup icp_qat_fw_comn 1316 * Value indicating the skipping of inner hash state load */ 1317 1318 #define QAT_FW_LA_NO_SKIP_INNER_STATE1_LOAD 0 1319 /**< @ingroup icp_qat_fw_comn 1320 * Value indicating the no skipping of inner hash state load */ 1321 1322 #define QAT_FW_LA_SKIP_INNER_STATE1_LOAD_MASK 0x1 1323 /**< @ingroup icp_qat_fw_comn 1324 * Bit mask of Skipping Inner State1 Load bit */ 1325 1326 /* Bit 2 */ 1327 1328 #define QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_BITPOS 2 1329 /**< @ingroup icp_qat_fw_comn 1330 * Bit position of the Skipping Outer State1 Load bit */ 1331 1332 #define QAT_FW_LA_SKIP_OUTER_STATE1_LOAD 1 1333 /**< @ingroup icp_qat_fw_comn 1334 * Value indicating the skipping of outer hash state load */ 1335 1336 #define QAT_FW_LA_NO_SKIP_OUTER_STATE1_LOAD 0 1337 /**< @ingroup icp_qat_fw_comn 1338 * Value indicating the no skipping of outer hash state load */ 1339 1340 #define QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_MASK 0x1 1341 /**< @ingroup icp_qat_fw_comn 1342 * Bit mask of Skipping Outer State1 Load bit */ 1343 1344 /* Bit 3 */ 1345 1346 #define QAT_FW_LA_SNOW3G_UIA2_BITPOS 3 1347 /**< @ingroup icp_cpm_fw_la 1348 * Bit position defining hash algorithm Snow3g-UIA2 */ 1349 1350 #define QAT_FW_LA_SNOW3G_UIA2 1 1351 /**< @ingroup icp_cpm_fw_la 1352 * Value indicating the use of hash algorithm Snow3g-UIA2 */ 1353 1354 #define QAT_FW_LA_SNOW3G_UIA2_MASK 0x1 1355 /**< @ingroup icp_qat_fw_la 1356 * One bit mask used to determine the use of hash algorithm Snow3g-UIA2 */ 1357 1358 /* Bit 4 */ 1359 1360 #define QAT_FW_LA_ZUC_EIA3_BITPOS 4 1361 /**< @ingroup icp_cpm_fw_la 1362 * Bit position defining hash algorithm ZUC-EIA3 */ 1363 1364 #define QAT_FW_LA_ZUC_EIA3 1 1365 /**< @ingroup icp_cpm_fw_la 1366 * Value indicating the use of hash algorithm ZUC-EIA3 */ 1367 1368 #define QAT_FW_LA_ZUC_EIA3_MASK 0x1 1369 /**< @ingroup icp_qat_fw_la 1370 * One bit mask used to determine the use of hash algorithm ZUC-EIA3 */ 1371 1372 /* Bit 5 */ 1373 1374 #define QAT_FW_LA_MODE2_BITPOS 5 1375 /**< @ingroup icp_qat_fw_comn 1376 * Bit position of the Mode 2 bit */ 1377 1378 #define QAT_FW_LA_MODE2 1 1379 /**< @ingroup icp_qat_fw_comn 1380 * Value indicating the Mode 2*/ 1381 1382 #define QAT_FW_LA_NO_MODE2 0 1383 /**< @ingroup icp_qat_fw_comn 1384 * Value indicating the no Mode 2*/ 1385 1386 #define QAT_FW_LA_MODE2_MASK 0x1 1387 /**< @ingroup icp_qat_fw_comn 1388 * Bit mask of Mode 2 */ 1389 1390 /* Macros for extracting hash flags */ 1391 1392 /** 1393 ****************************************************************************** 1394 * @ingroup icp_qat_fw_la 1395 * 1396 * @description 1397 * Macro for extraction of the "Nested" hash flag 1398 * 1399 * @param flags Hash Flags 1400 * @param val Value of the flag 1401 * 1402 *****************************************************************************/ 1403 #define ICP_QAT_FW_HASH_FLAG_AUTH_HDR_NESTED_GET(flags) \ 1404 QAT_FIELD_GET(flags, \ 1405 QAT_FW_LA_AUTH_HDR_NESTED_BITPOS, \ 1406 QAT_FW_LA_AUTH_HDR_NESTED_MASK) 1407 1408 /** 1409 ****************************************************************************** 1410 * @ingroup icp_qat_fw_la 1411 * 1412 * @description 1413 * Macro for extraction of the "Skipping Inner State1 Load state" hash flag 1414 * 1415 * @param flags Hash Flags 1416 * 1417 *****************************************************************************/ 1418 #define ICP_QAT_FW_HASH_FLAG_SKIP_INNER_STATE1_LOAD_GET(flags) \ 1419 QAT_FIELD_GET(flags, \ 1420 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_BITPOS, \ 1421 QAT_FW_LA_INNER_STATE1_LOAD_MASK) 1422 1423 /** 1424 ****************************************************************************** 1425 * Macro for setting the "Skipping Inner State1 Load" hash flag 1426 * 1427 * @param flags Hash Flags 1428 * @param val Value of the flag 1429 * 1430 *****************************************************************************/ 1431 #define ICP_QAT_FW_HASH_FLAG_SKIP_INNER_STATE1_LOAD_SET(flags, val) \ 1432 QAT_FIELD_SET(flags, \ 1433 val, \ 1434 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_BITPOS, \ 1435 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_MASK) 1436 1437 /** 1438 ****************************************************************************** 1439 * @ingroup icp_qat_fw_la 1440 * 1441 * @description 1442 * Macro for extraction of the "Skipping Outer State1 Load state" hash flag 1443 * 1444 * @param flags Hash Flags 1445 * 1446 *****************************************************************************/ 1447 #define ICP_QAT_FW_HASH_FLAG_SKIP_OUTER_STATE1_LOAD_GET(flags) \ 1448 QAT_FIELD_GET(flags, \ 1449 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_BITPOS, \ 1450 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_MASK) 1451 1452 /** 1453 ****************************************************************************** 1454 * @ingroup icp_qat_fw_la 1455 * 1456 * @description 1457 * Macro for setting the "Skipping Outer State1 Load" hash flag 1458 * 1459 * @param flags Hash Flags 1460 * @param val Value of the flag 1461 * 1462 *****************************************************************************/ 1463 #define ICP_QAT_FW_HASH_FLAG_SKIP_OUTER_STATE1_LOAD_SET(flags, val) \ 1464 QAT_FIELD_SET(flags, \ 1465 val, \ 1466 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_BITPOS, \ 1467 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_MASK) 1468 1469 /** 1470 ****************************************************************************** 1471 * @ingroup icp_qat_fw_la 1472 * 1473 * @description 1474 * Macro for extraction of the "Snow3g-UIA2" hash flag 1475 * 1476 * @param flags Hash Flags 1477 * @param val Value of the flag 1478 * 1479 *****************************************************************************/ 1480 #define ICP_QAT_FW_HASH_FLAG_SNOW3G_UIA2_GET(flags) \ 1481 QAT_FIELD_GET(flags, \ 1482 QAT_FW_LA_SNOW3G_UIA2_BITPOS, \ 1483 QAT_FW_LA_SNOW3G_UIA2_MASK) 1484 1485 /** 1486 ****************************************************************************** 1487 * @ingroup icp_qat_fw_la 1488 * 1489 * @description 1490 * Macro for extraction of the "ZUC-EIA3" hash flag 1491 * 1492 * @param flags Hash Flags 1493 * @param val Value of the flag 1494 * 1495 *****************************************************************************/ 1496 #define ICP_QAT_FW_HASH_FLAG_ZUC_EIA3_GET(flags) \ 1497 QAT_FIELD_GET(flags, QAT_FW_LA_ZUC_EIA3_BITPOS, QAT_FW_LA_ZUC_EIA3_MASK) 1498 1499 /* Macros for setting hash flags */ 1500 1501 /** 1502 ****************************************************************************** 1503 * @ingroup icp_qat_fw_la 1504 * 1505 * @description 1506 * Macro for setting the "Nested" hash flag 1507 * 1508 * @param flags Hash Flags 1509 * @param val Value of the flag 1510 * 1511 *****************************************************************************/ 1512 #define ICP_QAT_FW_HASH_FLAG_AUTH_HDR_NESTED_SET(flags, val) \ 1513 QAT_FIELD_SET(flags, \ 1514 val, \ 1515 QAT_FW_LA_AUTH_HDR_NESTED_BITPOS, \ 1516 QAT_FW_LA_AUTH_HDR_NESTED_MASK) 1517 1518 /** 1519 ****************************************************************************** 1520 * @ingroup icp_qat_fw_la 1521 * 1522 * @description 1523 * Macro for setting the "Skipping Inner State1 Load" hash flag 1524 * 1525 * @param flags Hash Flags 1526 * @param val Value of the flag 1527 * 1528 *****************************************************************************/ 1529 #define ICP_QAT_FW_HASH_FLAG_SKIP_INNER_STATE1_LOAD_SET(flags, val) \ 1530 QAT_FIELD_SET(flags, \ 1531 val, \ 1532 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_BITPOS, \ 1533 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_MASK) 1534 1535 /** 1536 ****************************************************************************** 1537 * @ingroup icp_qat_fw_la 1538 * 1539 * @description 1540 * Macro for setting the "Skipping Outer State1 Load" hash flag 1541 * 1542 * @param flags Hash Flags 1543 * @param val Value of the flag 1544 * 1545 *****************************************************************************/ 1546 #define ICP_QAT_FW_HASH_FLAG_SKIP_OUTER_STATE1_LOAD_SET(flags, val) \ 1547 QAT_FIELD_SET(flags, \ 1548 val, \ 1549 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_BITPOS, \ 1550 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_MASK) 1551 1552 /** 1553 ****************************************************************************** 1554 * @ingroup icp_qat_fw_la 1555 * 1556 * @description 1557 * Macro for setting the "Snow3g-UIA2" hash flag 1558 * 1559 * @param flags Hash Flags 1560 * @param val Value of the flag 1561 * 1562 *****************************************************************************/ 1563 #define ICP_QAT_FW_HASH_FLAG_SNOW3G_UIA2_SET(flags, val) \ 1564 QAT_FIELD_SET(flags, \ 1565 val, \ 1566 QAT_FW_LA_SNOW3G_UIA2_BITPOS, \ 1567 QAT_FW_LA_SNOW3G_UIA2_MASK) 1568 1569 /** 1570 ****************************************************************************** 1571 * @ingroup icp_qat_fw_la 1572 * 1573 * @description 1574 * Macro for setting the "ZUC-EIA3" hash flag 1575 * 1576 * @param flags Hash Flags 1577 * @param val Value of the flag 1578 * 1579 *****************************************************************************/ 1580 #define ICP_QAT_FW_HASH_FLAG_ZUC_EIA3_SET(flags, val) \ 1581 QAT_FIELD_SET(flags, \ 1582 val, \ 1583 QAT_FW_LA_ZUC_EIA3_BITPOS, \ 1584 QAT_FW_LA_ZUC_EIA3_MASK) 1585 1586 /** 1587 ****************************************************************************** 1588 * @ingroup icp_qat_fw_la 1589 * 1590 * @description 1591 * Macro for setting the "Mode 2" hash flag 1592 * 1593 * @param flags Hash Flags 1594 * @param val Value of the flag 1595 * 1596 *****************************************************************************/ 1597 #define ICP_QAT_FW_HASH_FLAG_MODE2_SET(flags, val) \ 1598 QAT_FIELD_SET(flags, val, QAT_FW_LA_MODE2_BITPOS, QAT_FW_LA_MODE2_MASK) 1599 1600 #define ICP_QAT_FW_CCM_GCM_AAD_SZ_MAX 240 1601 #define ICP_QAT_FW_SPC_AAD_SZ_MAX 0x3FFF 1602 1603 /**< @ingroup icp_qat_fw_comn 1604 * Maximum size of AAD data allowed for CCM or GCM processing. AAD data size90 - 1605 * is stored in 8-bit field and must be multiple of hash block size. 240 is 1606 * largest value which satisfy both requirements.AAD_SZ_MAX is in byte units */ 1607 1608 /* 1609 * request parameter #defines 1610 */ 1611 #define ICP_QAT_FW_HASH_REQUEST_PARAMETERS_OFFSET (24) 1612 1613 /**< @ingroup icp_qat_fw_comn 1614 * Offset in bytes from the start of the request parameters block to the hash 1615 * (auth) request parameters */ 1616 1617 #define ICP_QAT_FW_CIPHER_REQUEST_PARAMETERS_OFFSET (0) 1618 /**< @ingroup icp_qat_fw_comn 1619 * Offset in bytes from the start of the request parameters block to the cipher 1620 * request parameters */ 1621 1622 /** 1623 ***************************************************************************** 1624 * @ingroup icp_qat_fw_la 1625 * Definition of the cipher request parameters block 1626 * 1627 * @description 1628 * Definition of the cipher processing request parameters block 1629 * structure, which forms part of the block incorporating LWs 14-26, 1630 * as defined by the common base parameters structure. 1631 * Unused fields must be set to 0. 1632 * 1633 *****************************************************************************/ 1634 /**< Pack compiler directive added to prevent the 1635 * compiler from padding this structure to a 64-bit boundary */ 1636 #pragma pack(push, 1) 1637 typedef struct icp_qat_fw_la_cipher_req_params_s { 1638 /**< LW 14 */ 1639 uint32_t cipher_offset; 1640 /**< Cipher offset long word. */ 1641 1642 /**< LW 15 */ 1643 uint32_t cipher_length; 1644 /**< Cipher length long word. */ 1645 1646 /**< LWs 16-19 */ 1647 union { 1648 uint32_t cipher_IV_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 1649 /**< Cipher IV array */ 1650 1651 struct { 1652 uint64_t cipher_IV_ptr; 1653 /**< Cipher IV pointer or Partial State Pointer */ 1654 1655 uint64_t resrvd1; 1656 /**< reserved */ 1657 1658 } s; 1659 1660 } u; 1661 1662 /* LW 20 - 21 */ 1663 uint64_t spc_aad_addr; 1664 /**< Address of the AAD info in DRAM */ 1665 1666 /* LW 22 - 23 */ 1667 uint64_t spc_auth_res_addr; 1668 /**< Address of the authentication result information to validate or 1669 * the location to which the digest information can be written back to 1670 */ 1671 1672 /* LW 24 */ 1673 uint16_t spc_aad_sz; 1674 /**< Size in bytes of AAD data to prefix to the packet 1675 * for ChaChaPoly or GCM processing */ 1676 uint8_t reserved; 1677 /**< reserved */ 1678 uint8_t spc_auth_res_sz; 1679 /**< Size in bytes of the authentication result */ 1680 } icp_qat_fw_la_cipher_req_params_t; 1681 #pragma pack(pop) 1682 /** 1683 ***************************************************************************** 1684 * @ingroup icp_qat_fw_la 1685 * Definition of the auth request parameters block 1686 * @description 1687 * Definition of the authentication processing request parameters block 1688 * structure, which forms part of the block incorporating LWs 14-26, 1689 * as defined by the common base parameters structure. Note: 1690 * This structure is used by TLS only. 1691 * 1692 *****************************************************************************/ 1693 /**< Pack compiler directive added to prevent the 1694 * compiler from padding this structure to a 64-bit boundary */ 1695 #pragma pack(push, 1) 1696 1697 typedef struct icp_qat_fw_la_auth_req_params_s { 1698 1699 /**< LW 20 */ 1700 uint32_t auth_off; 1701 /**< Byte offset from the start of packet to the auth data region */ 1702 1703 /**< LW 21 */ 1704 uint32_t auth_len; 1705 /**< Byte length of the auth data region */ 1706 1707 /**< LWs 22-23 */ 1708 union { 1709 uint64_t auth_partial_st_prefix; 1710 /**< Address of the authentication partial state prefix 1711 * information */ 1712 1713 uint64_t aad_adr; 1714 /**< Address of the AAD info in DRAM. Used for the CCM and GCM 1715 * protocols */ 1716 1717 } u1; 1718 1719 /**< LWs 24-25 */ 1720 uint64_t auth_res_addr; 1721 /**< Address of the authentication result information to validate or 1722 * the location to which the digest information can be written back to 1723 */ 1724 1725 /**< LW 26 */ 1726 union { 1727 uint8_t inner_prefix_sz; 1728 /**< Size in bytes of the inner prefix data */ 1729 1730 uint8_t aad_sz; 1731 /**< Size in bytes of padded AAD data to prefix to the packet 1732 * for CCM or GCM processing */ 1733 } u2; 1734 1735 uint8_t resrvd1; 1736 /**< reserved */ 1737 1738 uint8_t hash_state_sz; 1739 /**< Number of quad words of inner and outer hash prefix data to process 1740 * Maximum size is 240 */ 1741 1742 uint8_t auth_res_sz; 1743 /**< Size in bytes of the authentication result */ 1744 1745 } icp_qat_fw_la_auth_req_params_t; 1746 1747 #pragma pack(pop) 1748 1749 /** 1750 ***************************************************************************** 1751 * @ingroup icp_qat_fw_la 1752 * Definition of the auth request parameters block 1753 * @description 1754 * Definition of the authentication processing request parameters block 1755 * structure, which forms part of the block incorporating LWs 14-26, 1756 * as defined by the common base parameters structure. Note: 1757 * This structure is used by SSL3 and MGF1 only. All fields other than 1758 * inner prefix/ AAD size are unused and therefore reserved. 1759 * 1760 *****************************************************************************/ 1761 typedef struct icp_qat_fw_la_auth_req_params_resrvd_flds_s { 1762 /**< LWs 20-25 */ 1763 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_6]; 1764 1765 /**< LW 26 */ 1766 union { 1767 uint8_t inner_prefix_sz; 1768 /**< Size in bytes of the inner prefix data */ 1769 1770 uint8_t aad_sz; 1771 /**< Size in bytes of padded AAD data to prefix to the packet 1772 * for CCM or GCM processing */ 1773 } u2; 1774 1775 uint8_t resrvd1; 1776 /**< reserved */ 1777 1778 uint16_t resrvd2; 1779 /**< reserved */ 1780 1781 } icp_qat_fw_la_auth_req_params_resrvd_flds_t; 1782 1783 /** 1784 ***************************************************************************** 1785 * @ingroup icp_qat_fw_la 1786 * Definition of the shared fields within the parameter block 1787 * containing SSL, TLS or MGF information. 1788 * @description 1789 * This structure defines the shared fields for SSL, TLS or MGF 1790 * within the parameter block incorporating LWs 14-26, as defined 1791 * by the common base parameters structure. 1792 * Unused fields must be set to 0. 1793 * 1794 *****************************************************************************/ 1795 typedef struct icp_qat_fw_la_key_gen_common_s { 1796 /**< LW 14 */ 1797 union { 1798 /**< SSL3 */ 1799 uint16_t secret_lgth_ssl; 1800 /**< Length of Secret information for SSL. In the case of TLS 1801 * the secret is supplied in the content descriptor */ 1802 1803 /**< MGF */ 1804 uint16_t mask_length; 1805 /**< Size in bytes of the desired output mask for MGF1*/ 1806 1807 /**< TLS */ 1808 uint16_t secret_lgth_tls; 1809 /**< TLS Secret length */ 1810 1811 } u; 1812 1813 union { 1814 /**< SSL3 */ 1815 struct { 1816 uint8_t output_lgth_ssl; 1817 /**< Output length */ 1818 1819 uint8_t label_lgth_ssl; 1820 /**< Label length */ 1821 1822 } s1; 1823 1824 /**< MGF */ 1825 struct { 1826 uint8_t hash_length; 1827 /**< Hash length */ 1828 1829 uint8_t seed_length; 1830 /**< Seed length */ 1831 1832 } s2; 1833 1834 /**< TLS */ 1835 struct { 1836 uint8_t output_lgth_tls; 1837 /**< Output length */ 1838 1839 uint8_t label_lgth_tls; 1840 /**< Label length */ 1841 1842 } s3; 1843 1844 /**< HKDF */ 1845 struct { 1846 uint8_t rsrvd1; 1847 /**< Unused */ 1848 1849 uint8_t info_length; 1850 /**< Info length. This is plain data, not wrapped in an 1851 * icp_qat_fw_hkdf_label structure. 1852 */ 1853 1854 } hkdf; 1855 1856 /**< HKDF Expand Label */ 1857 struct { 1858 uint8_t rsrvd1; 1859 /**< Unused */ 1860 1861 uint8_t num_labels; 1862 /**< Number of labels */ 1863 } hkdf_label; 1864 1865 } u1; 1866 1867 /**< LW 15 */ 1868 union { 1869 /**< SSL3 */ 1870 uint8_t iter_count; 1871 /**< Iteration count used by the SSL key gen request */ 1872 1873 /**< TLS */ 1874 uint8_t tls_seed_length; 1875 /**< TLS Seed length */ 1876 1877 /**< HKDF */ 1878 uint8_t hkdf_ikm_length; 1879 /**< Input keying material (IKM) length */ 1880 1881 uint8_t resrvd1; 1882 /**< Reserved field set to 0 for MGF1 */ 1883 1884 } u2; 1885 1886 union { 1887 /**< HKDF */ 1888 uint8_t hkdf_num_sublabels; 1889 /**< Number of subLabels in subLabel buffer, 0-4 */ 1890 1891 uint8_t resrvd2; 1892 /**< Reserved space - unused */ 1893 } u3; 1894 1895 uint16_t resrvd3; 1896 /**< Reserved space - unused */ 1897 1898 } icp_qat_fw_la_key_gen_common_t; 1899 1900 /** 1901 ***************************************************************************** 1902 * @ingroup icp_qat_fw_la 1903 * Definition of the SSL3 request parameters block 1904 * @description 1905 * This structure contains the SSL3 processing request parameters 1906 * incorporating LWs 14-26, as defined by the common base 1907 * parameters structure. Unused fields must be set to 0. 1908 * 1909 *****************************************************************************/ 1910 typedef struct icp_qat_fw_la_ssl3_req_params_s { 1911 /**< LWs 14-15 */ 1912 icp_qat_fw_la_key_gen_common_t keygen_comn; 1913 /**< For other key gen processing these field holds ssl, tls or mgf 1914 * parameters */ 1915 1916 /**< LW 16-25 */ 1917 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_10]; 1918 /**< Reserved */ 1919 1920 /**< LW 26 */ 1921 union { 1922 uint8_t inner_prefix_sz; 1923 /**< Size in bytes of the inner prefix data */ 1924 1925 uint8_t aad_sz; 1926 /**< Size in bytes of padded AAD data to prefix to the packet 1927 * for CCM or GCM processing */ 1928 } u2; 1929 1930 uint8_t resrvd1; 1931 /**< reserved */ 1932 1933 uint16_t resrvd2; 1934 /**< reserved */ 1935 1936 } icp_qat_fw_la_ssl3_req_params_t; 1937 1938 /** 1939 ***************************************************************************** 1940 * @ingroup icp_qat_fw_la 1941 * Definition of the MGF request parameters block 1942 * @description 1943 * This structure contains the MGF processing request parameters 1944 * incorporating LWs 14-26, as defined by the common base parameters 1945 * structure. Unused fields must be set to 0. 1946 * 1947 *****************************************************************************/ 1948 typedef struct icp_qat_fw_la_mgf_req_params_s { 1949 /**< LWs 14-15 */ 1950 icp_qat_fw_la_key_gen_common_t keygen_comn; 1951 /**< For other key gen processing these field holds ssl or mgf 1952 * parameters */ 1953 1954 /**< LW 16-25 */ 1955 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_10]; 1956 /**< Reserved */ 1957 1958 /**< LW 26 */ 1959 union { 1960 uint8_t inner_prefix_sz; 1961 /**< Size in bytes of the inner prefix data */ 1962 1963 uint8_t aad_sz; 1964 /**< Size in bytes of padded AAD data to prefix to the packet 1965 * for CCM or GCM processing */ 1966 } u2; 1967 1968 uint8_t resrvd1; 1969 /**< reserved */ 1970 1971 uint16_t resrvd2; 1972 /**< reserved */ 1973 1974 } icp_qat_fw_la_mgf_req_params_t; 1975 1976 /** 1977 ***************************************************************************** 1978 * @ingroup icp_qat_fw_la 1979 * Definition of the TLS request parameters block 1980 * @description 1981 * This structure contains the TLS processing request parameters 1982 * incorporating LWs 14-26, as defined by the common base parameters 1983 * structure. Unused fields must be set to 0. 1984 * 1985 *****************************************************************************/ 1986 typedef struct icp_qat_fw_la_tls_req_params_s { 1987 /**< LWs 14-15 */ 1988 icp_qat_fw_la_key_gen_common_t keygen_comn; 1989 /**< For other key gen processing these field holds ssl, tls or mgf 1990 * parameters */ 1991 1992 /**< LW 16-19 */ 1993 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_4]; 1994 /**< Reserved */ 1995 1996 } icp_qat_fw_la_tls_req_params_t; 1997 1998 /** 1999 ***************************************************************************** 2000 * @ingroup icp_qat_fw_la 2001 * Definition of the common QAT FW request middle block for TRNG. 2002 * @description 2003 * Common section of the request used across all of the services exposed 2004 * by the QAT FW. Each of the services inherit these common fields. TRNG 2005 * requires a specific implementation. 2006 * 2007 *****************************************************************************/ 2008 typedef struct icp_qat_fw_la_trng_req_mid_s { 2009 /**< LWs 6-13 */ 2010 uint64_t opaque_data; 2011 /**< Opaque data passed unmodified from the request to response messages 2012 * by firmware (fw) */ 2013 2014 uint64_t resrvd1; 2015 /**< Reserved, unused for TRNG */ 2016 2017 uint64_t dest_data_addr; 2018 /**< Generic definition of the destination data supplied to the QAT AE. 2019 * The common flags are used to further describe the attributes of this 2020 * field */ 2021 2022 uint32_t resrvd2; 2023 /** < Reserved, unused for TRNG */ 2024 2025 uint32_t entropy_length; 2026 /**< Size of the data in bytes to process. Used by the get_random 2027 * command. Set to 0 for commands that dont need a length parameter */ 2028 2029 } icp_qat_fw_la_trng_req_mid_t; 2030 2031 /** 2032 ***************************************************************************** 2033 * @ingroup icp_qat_fw_la 2034 * Definition of the common LA QAT FW TRNG request 2035 * @description 2036 * Definition of the TRNG processing request type 2037 * 2038 *****************************************************************************/ 2039 typedef struct icp_qat_fw_la_trng_req_s { 2040 /**< LWs 0-1 */ 2041 icp_qat_fw_comn_req_hdr_t comn_hdr; 2042 /**< Common request header */ 2043 2044 /**< LWs 2-5 */ 2045 icp_qat_fw_comn_req_hdr_cd_pars_t cd_pars; 2046 /**< Common Request content descriptor field which points either to a 2047 * content descriptor 2048 * parameter block or contains the service-specific data itself. */ 2049 2050 /**< LWs 6-13 */ 2051 icp_qat_fw_la_trng_req_mid_t comn_mid; 2052 /**< TRNG request middle section - differs from the common mid-section 2053 */ 2054 2055 /**< LWs 14-26 */ 2056 uint32_t resrvd1[ICP_QAT_FW_NUM_LONGWORDS_13]; 2057 2058 /**< LWs 27-31 */ 2059 uint32_t resrvd2[ICP_QAT_FW_NUM_LONGWORDS_5]; 2060 2061 } icp_qat_fw_la_trng_req_t; 2062 2063 /** 2064 ***************************************************************************** 2065 * @ingroup icp_qat_fw_la 2066 * Definition of the Lookaside Eagle Tail Response 2067 * @description 2068 * This is the response delivered to the ET rings by the Lookaside 2069 * QAT FW service for all commands 2070 * 2071 *****************************************************************************/ 2072 typedef struct icp_qat_fw_la_resp_s { 2073 /**< LWs 0-1 */ 2074 icp_qat_fw_comn_resp_hdr_t comn_resp; 2075 /**< Common interface response format see icp_qat_fw.h */ 2076 2077 /**< LWs 2-3 */ 2078 uint64_t opaque_data; 2079 /**< Opaque data passed from the request to the response message */ 2080 2081 /**< LWs 4-7 */ 2082 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_4]; 2083 /**< Reserved */ 2084 2085 } icp_qat_fw_la_resp_t; 2086 2087 /** 2088 ***************************************************************************** 2089 * @ingroup icp_qat_fw_la 2090 * Definition of the Lookaside TRNG Test Status Structure 2091 * @description 2092 * As an addition to ICP_QAT_FW_LA_TRNG_STATUS Pass or Fail information 2093 * in common response fields, as a response to TRNG_TEST request, Test 2094 * status, Counter for failed tests and 4 entropy counter values are 2095 * sent 2096 * Status of test status and the fail counts. 2097 * 2098 * 2099 *****************************************************************************/ 2100 typedef struct icp_qat_fw_la_trng_test_result_s { 2101 uint32_t test_status_info; 2102 /**< TRNG comparator health test status& Validity information 2103 see Test Status Bit Fields below. */ 2104 2105 uint32_t test_status_fail_count; 2106 /**< TRNG comparator health test status, 32bit fail counter */ 2107 2108 uint64_t r_ent_ones_cnt; 2109 /**< Raw Entropy ones counter */ 2110 2111 uint64_t r_ent_zeros_cnt; 2112 /**< Raw Entropy zeros counter */ 2113 2114 uint64_t c_ent_ones_cnt; 2115 /**< Conditioned Entropy ones counter */ 2116 2117 uint64_t c_ent_zeros_cnt; 2118 /**< Conditioned Entropy zeros counter */ 2119 2120 uint64_t resrvd; 2121 /**< Reserved field must be set to zero */ 2122 2123 } icp_qat_fw_la_trng_test_result_t; 2124 2125 /** 2126 ***************************************************************************** 2127 * @ingroup icp_qat_fw_la 2128 * Definition of the Lookaside SSL Key Material Input 2129 * @description 2130 * This struct defines the layout of input parameters for the 2131 * SSL3 key generation (source flat buffer format) 2132 * 2133 *****************************************************************************/ 2134 typedef struct icp_qat_fw_la_ssl_key_material_input_s { 2135 uint64_t seed_addr; 2136 /**< Pointer to seed */ 2137 2138 uint64_t label_addr; 2139 /**< Pointer to label(s) */ 2140 2141 uint64_t secret_addr; 2142 /**< Pointer to secret */ 2143 2144 } icp_qat_fw_la_ssl_key_material_input_t; 2145 2146 /** 2147 ***************************************************************************** 2148 * @ingroup icp_qat_fw_la 2149 * Definition of the Lookaside TLS Key Material Input 2150 * @description 2151 * This struct defines the layout of input parameters for the 2152 * TLS key generation (source flat buffer format) 2153 * @note 2154 * Secret state value (S split into S1 and S2 parts) is supplied via 2155 * Content Descriptor. S1 is placed in an outer prefix buffer, and S2 2156 * inside the inner prefix buffer. 2157 * 2158 *****************************************************************************/ 2159 typedef struct icp_qat_fw_la_tls_key_material_input_s { 2160 uint64_t seed_addr; 2161 /**< Pointer to seed */ 2162 2163 uint64_t label_addr; 2164 /**< Pointer to label(s) */ 2165 2166 } icp_qat_fw_la_tls_key_material_input_t; 2167 2168 /** 2169 ***************************************************************************** 2170 * @ingroup icp_qat_fw_la 2171 * Definition of the Lookaside HKDF (TLS 1.3) Key Material Input 2172 * @description 2173 * This structure defines the source buffer for HKDF operations, which 2174 * must be provided in flat buffer format. 2175 * 2176 * The result will be returned in the destination buffer (flat format). 2177 * All generated key materials will be returned in a packed layout. Where 2178 * sublabel flags are specified, the result of the child expands will 2179 * immediately follow their parent. 2180 * 2181 * @note 2182 * TLS 1.3 / HKDF operations require only one key (either the Extract Salt 2183 * or the Expand PSK) which is placed in the inner prefix buffer. 2184 * 2185 *****************************************************************************/ 2186 typedef struct icp_qat_fw_la_hkdf_key_material_input_s { 2187 uint64_t ikm_addr; 2188 /**< Pointer to IKM (input keying material) */ 2189 2190 uint64_t labels_addr; 2191 /**< Pointer to labels buffer. 2192 * For HKDF Expand (without Label) this buffer contains the Info. 2193 * 2194 * For TLS 1.3 / HKDF Expand-Label this buffer contains up to 4 2195 * icp_qat_fw_hkdf_label structures, which will result in a 2196 * corresponding number of first level Expand-Label operations. 2197 * 2198 * For each of these operations, the result may become an input to child 2199 * Expand-Label operations as specified by the sublabel flags, where bit 2200 * 0 indicates a child Expand using label 0 from the sublabels buffer, 2201 * bit 1 indicates sublabel 1, and so on. In this way, up to 20 2202 * Expand-Label operations may be performed in one request. 2203 */ 2204 2205 uint64_t sublabels_addr; 2206 /**< Pointer to 0-4 sublabels for TLS 1.3, following the format 2207 * described for label_addr above. The buffer will typically contain 2208 * all 4 of the supported sublabels. 2209 * The sublabel flags defined for this context are as follows: 2210 * - QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS 2211 * - QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS 2212 * - QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS 2213 */ 2214 } icp_qat_fw_la_hkdf_key_material_input_t; 2215 2216 /** 2217 ****************************************************************************** 2218 * @ingroup icp_qat_fw_la 2219 * 2220 * @description 2221 * Macros using the bit position and mask to set/extract the next 2222 * and current id nibbles within the next_curr_id field of the 2223 * content descriptor header block, ONLY FOR CIPHER + AUTH COMBINED. 2224 * Note that for cipher only or authentication only, the common macros 2225 * need to be used. These are defined in the 'icp_qat_fw.h' common header 2226 * file, as they are used by compression, cipher and authentication. 2227 * 2228 * @param cd_ctrl_hdr_t Content descriptor control block header. 2229 * @param val Value of the field being set. 2230 * 2231 *****************************************************************************/ 2232 /** Cipher fields within Cipher + Authentication structure */ 2233 #define ICP_QAT_FW_CIPHER_NEXT_ID_GET(cd_ctrl_hdr_t) \ 2234 ((((cd_ctrl_hdr_t)->next_curr_id_cipher) & \ 2235 ICP_QAT_FW_COMN_NEXT_ID_MASK) >> \ 2236 (ICP_QAT_FW_COMN_NEXT_ID_BITPOS)) 2237 2238 #define ICP_QAT_FW_CIPHER_NEXT_ID_SET(cd_ctrl_hdr_t, val) \ 2239 (cd_ctrl_hdr_t)->next_curr_id_cipher = \ 2240 ((((cd_ctrl_hdr_t)->next_curr_id_cipher) & \ 2241 ICP_QAT_FW_COMN_CURR_ID_MASK) | \ 2242 ((val << ICP_QAT_FW_COMN_NEXT_ID_BITPOS) & \ 2243 ICP_QAT_FW_COMN_NEXT_ID_MASK)) 2244 2245 #define ICP_QAT_FW_CIPHER_CURR_ID_GET(cd_ctrl_hdr_t) \ 2246 (((cd_ctrl_hdr_t)->next_curr_id_cipher) & ICP_QAT_FW_COMN_CURR_ID_MASK) 2247 2248 #define ICP_QAT_FW_CIPHER_CURR_ID_SET(cd_ctrl_hdr_t, val) \ 2249 (cd_ctrl_hdr_t)->next_curr_id_cipher = \ 2250 ((((cd_ctrl_hdr_t)->next_curr_id_cipher) & \ 2251 ICP_QAT_FW_COMN_NEXT_ID_MASK) | \ 2252 ((val)&ICP_QAT_FW_COMN_CURR_ID_MASK)) 2253 2254 /** Authentication fields within Cipher + Authentication structure */ 2255 #define ICP_QAT_FW_AUTH_NEXT_ID_GET(cd_ctrl_hdr_t) \ 2256 ((((cd_ctrl_hdr_t)->next_curr_id_auth) & \ 2257 ICP_QAT_FW_COMN_NEXT_ID_MASK) >> \ 2258 (ICP_QAT_FW_COMN_NEXT_ID_BITPOS)) 2259 2260 #define ICP_QAT_FW_AUTH_NEXT_ID_SET(cd_ctrl_hdr_t, val) \ 2261 (cd_ctrl_hdr_t)->next_curr_id_auth = \ 2262 ((((cd_ctrl_hdr_t)->next_curr_id_auth) & \ 2263 ICP_QAT_FW_COMN_CURR_ID_MASK) | \ 2264 ((val << ICP_QAT_FW_COMN_NEXT_ID_BITPOS) & \ 2265 ICP_QAT_FW_COMN_NEXT_ID_MASK)) 2266 2267 #define ICP_QAT_FW_AUTH_CURR_ID_GET(cd_ctrl_hdr_t) \ 2268 (((cd_ctrl_hdr_t)->next_curr_id_auth) & ICP_QAT_FW_COMN_CURR_ID_MASK) 2269 2270 #define ICP_QAT_FW_AUTH_CURR_ID_SET(cd_ctrl_hdr_t, val) \ 2271 (cd_ctrl_hdr_t)->next_curr_id_auth = \ 2272 ((((cd_ctrl_hdr_t)->next_curr_id_auth) & \ 2273 ICP_QAT_FW_COMN_NEXT_ID_MASK) | \ 2274 ((val)&ICP_QAT_FW_COMN_CURR_ID_MASK)) 2275 2276 /* Definitions of the bits in the test_status_info of the TRNG_TEST response. 2277 * The values returned by the Lookaside service are given below 2278 * The Test result and Test Fail Count values are only valid if the Test 2279 * Results Valid (Tv) is set. 2280 * 2281 * TRNG Test Status Info 2282 * + ===== + ------------------------------------------------ + --- + --- + 2283 * | Bit | 31 - 2 | 1 | 0 | 2284 * + ===== + ------------------------------------------------ + --- + --- + 2285 * | Flags | RESERVED = 0 | Tv | Ts | 2286 * + ===== + ------------------------------------------------------------ + 2287 */ 2288 /****************************************************************************** 2289 * @ingroup icp_qat_fw_la 2290 * Definition of the Lookaside TRNG Test Status Information received as 2291 * a part of icp_qat_fw_la_trng_test_result_t 2292 * 2293 *****************************************************************************/ 2294 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_BITPOS 0 2295 /**< @ingroup icp_qat_fw_la 2296 * TRNG Test Result t_status field bit pos definition.*/ 2297 2298 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_MASK 0x1 2299 /**< @ingroup icp_qat_fw_la 2300 * TRNG Test Result t_status field mask definition.*/ 2301 2302 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_BITPOS 1 2303 /**< @ingroup icp_qat_fw_la 2304 * TRNG Test Result test results valid field bit pos definition.*/ 2305 2306 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_MASK 0x1 2307 /**< @ingroup icp_qat_fw_la 2308 * TRNG Test Result test results valid field mask definition.*/ 2309 2310 /****************************************************************************** 2311 * @ingroup icp_qat_fw_la 2312 * Definition of the Lookaside TRNG test_status values. 2313 * 2314 * 2315 *****************************************************************************/ 2316 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_VALID 1 2317 /**< @ingroup icp_qat_fw_la 2318 * TRNG TEST Response Test Results Valid Value.*/ 2319 2320 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_NOT_VALID 0 2321 /**< @ingroup icp_qat_fw_la 2322 * TRNG TEST Response Test Results are NOT Valid Value.*/ 2323 2324 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_NO_FAILS 1 2325 /**< @ingroup icp_qat_fw_la 2326 * Value for TRNG Test status tests have NO FAILs Value.*/ 2327 2328 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_HAS_FAILS 0 2329 /**< @ingroup icp_qat_fw_la 2330 * Value for TRNG Test status tests have one or more FAILS Value.*/ 2331 2332 /** 2333 ****************************************************************************** 2334 * @ingroup icp_qat_fw_la 2335 * 2336 * @description 2337 * Macro for extraction of the Test Status Field returned in the response 2338 * to TRNG TEST command. 2339 * 2340 * @param test_status 8 bit test_status value to extract the status bit 2341 * 2342 *****************************************************************************/ 2343 #define ICP_QAT_FW_LA_TRNG_TEST_STATUS_TS_FLD_GET(test_status) \ 2344 QAT_FIELD_GET(test_status, \ 2345 QAT_FW_LA_TRNG_TEST_STATUS_TS_BITPOS, \ 2346 QAT_FW_LA_TRNG_TEST_STATUS_TS_MASK) 2347 /** 2348 ****************************************************************************** 2349 * @ingroup icp_qat_fw_la 2350 * 2351 * @description 2352 * Macro for extraction of the Test Results Valid Field returned in the 2353 * response to TRNG TEST command. 2354 * 2355 * @param test_status 8 bit test_status value to extract the Tests 2356 * Results valid bit 2357 * 2358 *****************************************************************************/ 2359 #define ICP_QAT_FW_LA_TRNG_TEST_STATUS_TV_FLD_GET(test_status) \ 2360 QAT_FIELD_GET(test_status, \ 2361 QAT_FW_LA_TRNG_TEST_STATUS_TV_BITPOS, \ 2362 QAT_FW_LA_TRNG_TEST_STATUS_TV_MASK) 2363 2364 /* 2365 ****************************************************************************** 2366 * MGF Max supported input parameters 2367 ****************************************************************************** 2368 */ 2369 #define ICP_QAT_FW_LA_MGF_SEED_LEN_MAX 255 2370 /**< @ingroup icp_qat_fw_la 2371 * Maximum seed length for MGF1 request in bytes 2372 * Typical values may be 48, 64, 128 bytes (or any).*/ 2373 2374 #define ICP_QAT_FW_LA_MGF_MASK_LEN_MAX 65528 2375 /**< @ingroup icp_qat_fw_la 2376 * Maximum mask length for MGF1 request in bytes 2377 * Typical values may be 8 (64-bit), 16 (128-bit). MUST be quad word multiple */ 2378 2379 /* 2380 ****************************************************************************** 2381 * SSL Max supported input parameters 2382 ****************************************************************************** 2383 */ 2384 #define ICP_QAT_FW_LA_SSL_SECRET_LEN_MAX 512 2385 /**< @ingroup icp_qat_fw_la 2386 * Maximum secret length for SSL3 Key Gen request (bytes) */ 2387 2388 #define ICP_QAT_FW_LA_SSL_ITERATES_LEN_MAX 16 2389 /**< @ingroup icp_qat_fw_la 2390 * Maximum iterations for SSL3 Key Gen request (integer) */ 2391 2392 #define ICP_QAT_FW_LA_SSL_LABEL_LEN_MAX 136 2393 /**< @ingroup icp_qat_fw_la 2394 * Maximum label length for SSL3 Key Gen request (bytes) */ 2395 2396 #define ICP_QAT_FW_LA_SSL_SEED_LEN_MAX 64 2397 /**< @ingroup icp_qat_fw_la 2398 * Maximum seed length for SSL3 Key Gen request (bytes) */ 2399 2400 #define ICP_QAT_FW_LA_SSL_OUTPUT_LEN_MAX 248 2401 /**< @ingroup icp_qat_fw_la 2402 * Maximum output length for SSL3 Key Gen request (bytes) */ 2403 2404 /* 2405 ****************************************************************************** 2406 * TLS Max supported input parameters 2407 ****************************************************************************** 2408 */ 2409 #define ICP_QAT_FW_LA_TLS_SECRET_LEN_MAX 128 2410 /**< @ingroup icp_qat_fw_la 2411 * Maximum secret length for TLS Key Gen request (bytes) */ 2412 2413 #define ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX 128 2414 /**< @ingroup icp_qat_fw_la 2415 * Maximum secret length for TLS Key Gen request (bytes) */ 2416 2417 #define ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX 64 2418 /**< @ingroup icp_qat_fw_la 2419 * Maximum secret length for TLS Key Gen request (bytes) */ 2420 2421 #define ICP_QAT_FW_LA_TLS_LABEL_LEN_MAX 255 2422 /**< @ingroup icp_qat_fw_la 2423 * Maximum label length for TLS Key Gen request (bytes) */ 2424 2425 #define ICP_QAT_FW_LA_TLS_SEED_LEN_MAX 64 2426 /**< @ingroup icp_qat_fw_la 2427 * Maximum seed length for TLS Key Gen request (bytes) */ 2428 2429 #define ICP_QAT_FW_LA_TLS_OUTPUT_LEN_MAX 248 2430 /**< @ingroup icp_qat_fw_la 2431 * Maximum output length for TLS Key Gen request (bytes) */ 2432 2433 /* 2434 ****************************************************************************** 2435 * HKDF input parameters 2436 ****************************************************************************** 2437 */ 2438 2439 #define QAT_FW_HKDF_LABEL_BUFFER_SZ 78 2440 #define QAT_FW_HKDF_LABEL_LEN_SZ 1 2441 #define QAT_FW_HKDF_LABEL_FLAGS_SZ 1 2442 2443 #define QAT_FW_HKDF_LABEL_STRUCT_SZ \ 2444 (QAT_FW_HKDF_LABEL_BUFFER_SZ + QAT_FW_HKDF_LABEL_LEN_SZ + \ 2445 QAT_FW_HKDF_LABEL_FLAGS_SZ) 2446 2447 /** 2448 ***************************************************************************** 2449 * @ingroup icp_qat_fw_la 2450 * 2451 * @description 2452 * Wraps an RFC 8446 HkdfLabel with metadata for use in HKDF Expand-Label 2453 * operations. 2454 * 2455 *****************************************************************************/ 2456 struct icp_qat_fw_hkdf_label { 2457 uint8_t label[QAT_FW_HKDF_LABEL_BUFFER_SZ]; 2458 /**< Buffer containing an HkdfLabel as specified in RFC 8446 */ 2459 2460 uint8_t label_length; 2461 /**< The size of the HkdfLabel */ 2462 2463 union { 2464 uint8_t label_flags; 2465 /**< For first-level labels: each bit in [0..3] will trigger a 2466 * child Expand-Label operation on the corresponding sublabel. 2467 * Bits [4..7] are reserved. 2468 */ 2469 2470 uint8_t sublabel_flags; 2471 /**< For sublabels the following flags are defined: 2472 * - QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS 2473 * - QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS 2474 * - QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS 2475 */ 2476 } u; 2477 }; 2478 2479 #define ICP_QAT_FW_LA_HKDF_SECRET_LEN_MAX 64 2480 /**< Maximum secret length for HKDF request (bytes) */ 2481 2482 #define ICP_QAT_FW_LA_HKDF_IKM_LEN_MAX 64 2483 /**< Maximum IKM length for HKDF request (bytes) */ 2484 2485 #define QAT_FW_HKDF_MAX_LABELS 4 2486 /**< Maximum number of label structures allowed in the labels buffer */ 2487 2488 #define QAT_FW_HKDF_MAX_SUBLABELS 4 2489 /**< Maximum number of label structures allowed in the sublabels buffer */ 2490 2491 /* 2492 ****************************************************************************** 2493 * HKDF inner sublabel flags 2494 ****************************************************************************** 2495 */ 2496 2497 #define QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS 0 2498 /**< Limit sublabel expand output to 12 bytes -- used with the "iv" sublabel */ 2499 2500 #define QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS 1 2501 /**< Limit sublabel expand output to 16 bytes -- used with SHA-256 "key" */ 2502 2503 #define QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS 2 2504 /**< Limit sublabel expand output to 32 bytes -- used with SHA-384 "key" */ 2505 2506 #endif /* _ICP_QAT_FW_LA_H_ */ 2507