1 /* SPDX-License-Identifier: BSD-3-Clause */ 2 /* Copyright(c) 2007-2022 Intel Corporation */ 3 /* $FreeBSD$ */ 4 /** 5 ***************************************************************************** 6 * @file icp_qat_fw_la.h 7 * @defgroup icp_qat_fw_la ICP QAT FW Lookaside Service Interface Definitions 8 * @ingroup icp_qat_fw 9 * @description 10 * This file documents structs used to provided the interface to the 11 * LookAside (LA) QAT FW service 12 * 13 *****************************************************************************/ 14 15 #ifndef _ICP_QAT_FW_LA_H_ 16 #define _ICP_QAT_FW_LA_H_ 17 18 /* 19 ****************************************************************************** 20 * Include local header files 21 ****************************************************************************** 22 */ 23 #include "icp_qat_fw.h" 24 25 /* ========================================================================= */ 26 /* QAT FW REQUEST STRUCTURES */ 27 /* ========================================================================= */ 28 29 /** 30 ***************************************************************************** 31 * @ingroup icp_qat_fw_la 32 * Definition of the LookAside (LA) command types 33 * @description 34 * Enumeration which is used to indicate the ids of functions 35 * that are exposed by the LA QAT FW service 36 * 37 *****************************************************************************/ 38 39 typedef enum { 40 ICP_QAT_FW_LA_CMD_CIPHER = 0, 41 /*!< Cipher Request */ 42 43 ICP_QAT_FW_LA_CMD_AUTH = 1, 44 /*!< Auth Request */ 45 46 ICP_QAT_FW_LA_CMD_CIPHER_HASH = 2, 47 /*!< Cipher-Hash Request */ 48 49 ICP_QAT_FW_LA_CMD_HASH_CIPHER = 3, 50 /*!< Hash-Cipher Request */ 51 52 ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM = 4, 53 /*!< TRNG Get Random Request */ 54 55 ICP_QAT_FW_LA_CMD_TRNG_TEST = 5, 56 /*!< TRNG Test Request */ 57 58 ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE = 6, 59 /*!< SSL3 Key Derivation Request */ 60 61 ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE = 7, 62 /*!< TLS Key Derivation Request */ 63 64 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE = 8, 65 /*!< TLS Key Derivation Request */ 66 67 ICP_QAT_FW_LA_CMD_MGF1 = 9, 68 /*!< MGF1 Request */ 69 70 ICP_QAT_FW_LA_CMD_AUTH_PRE_COMP = 10, 71 /*!< Auth Pre-Compute Request */ 72 73 ICP_QAT_FW_LA_CMD_CIPHER_PRE_COMP = 11, 74 /*!< Auth Pre-Compute Request */ 75 76 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT = 12, 77 /*!< HKDF Extract Request */ 78 79 ICP_QAT_FW_LA_CMD_HKDF_EXPAND = 13, 80 /*!< HKDF Expand Request */ 81 82 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND = 14, 83 /*!< HKDF Extract and Expand Request */ 84 85 ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL = 15, 86 /*!< HKDF Expand Label Request */ 87 88 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL = 16, 89 /*!< HKDF Extract and Expand Label Request */ 90 91 ICP_QAT_FW_LA_CMD_DELIMITER = 17 92 /**< Delimiter type */ 93 } icp_qat_fw_la_cmd_id_t; 94 95 /* For the definitions of the bits in the status field of the common 96 * response, refer to icp_qat_fw.h. 97 * The return values specific to Lookaside service are given below. 98 */ 99 #define ICP_QAT_FW_LA_ICV_VER_STATUS_PASS ICP_QAT_FW_COMN_STATUS_FLAG_OK 100 /**< @ingroup icp_qat_fw_la 101 * Status flag indicating that the ICV verification passed */ 102 103 #define ICP_QAT_FW_LA_ICV_VER_STATUS_FAIL ICP_QAT_FW_COMN_STATUS_FLAG_ERROR 104 /**< @ingroup icp_qat_fw_la 105 * Status flag indicating that the ICV verification failed */ 106 107 #define ICP_QAT_FW_LA_TRNG_STATUS_PASS ICP_QAT_FW_COMN_STATUS_FLAG_OK 108 /**< @ingroup icp_qat_fw_la 109 * Status flag indicating that the TRNG returned valid entropy data */ 110 111 #define ICP_QAT_FW_LA_TRNG_STATUS_FAIL ICP_QAT_FW_COMN_STATUS_FLAG_ERROR 112 /**< @ingroup icp_qat_fw_la 113 * Status flag indicating that the TRNG Command Failed. */ 114 115 /** 116 ***************************************************************************** 117 * @ingroup icp_qat_fw_la 118 * Definition of the common LA QAT FW bulk request 119 * @description 120 * Definition of the full bulk processing request structure. 121 * Used for hash, cipher, hash-cipher and authentication-encryption 122 * requests etc. 123 * 124 *****************************************************************************/ 125 typedef struct icp_qat_fw_la_bulk_req_s { 126 /**< LWs 0-1 */ 127 icp_qat_fw_comn_req_hdr_t comn_hdr; 128 /**< Common request header - for Service Command Id, 129 * use service-specific Crypto Command Id. 130 * Service Specific Flags - use Symmetric Crypto Command Flags 131 * (all of cipher, auth, SSL3, TLS and MGF, 132 * excluding TRNG - field unused) */ 133 134 /**< LWs 2-5 */ 135 icp_qat_fw_comn_req_hdr_cd_pars_t cd_pars; 136 /**< Common Request content descriptor field which points either to a 137 * content descriptor 138 * parameter block or contains the service-specific data itself. */ 139 140 /**< LWs 6-13 */ 141 icp_qat_fw_comn_req_mid_t comn_mid; 142 /**< Common request middle section */ 143 144 /**< LWs 14-26 */ 145 icp_qat_fw_comn_req_rqpars_t serv_specif_rqpars; 146 /**< Common request service-specific parameter field */ 147 148 /**< LWs 27-31 */ 149 icp_qat_fw_comn_req_cd_ctrl_t cd_ctrl; 150 /**< Common request content descriptor control block - 151 * this field is service-specific */ 152 153 } icp_qat_fw_la_bulk_req_t; 154 155 /* 156 * LA BULK (SYMMETRIC CRYPTO) COMMAND FLAGS 157 * 158 * + ===== + ---------- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + 159 * | Bit | [15:13] | 12 | 11 | 10 | 7-9 | 6 | 5 | 4 | 3 | 2 | 1-0 | 160 * + ===== + ---------- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ------+ ----- + 161 * | Flags | Resvd Bits | ZUC | GcmIV |Digest | Prot | Cmp | Rtn | Upd | Ciph/ | CiphIV| Part- | 162 * | | =0 | Prot | Len | In Buf| flgs | Auth | Auth | State | Auth | Field | ial | 163 * + ===== + ---------- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ------+ ----- + 164 */ 165 166 /* Private defines */ 167 168 /* bit 11 */ 169 #define ICP_QAT_FW_LA_GCM_IV_LEN_12_OCTETS 1 170 /**< @ingroup icp_qat_fw_la 171 * Indicates the IV Length for GCM protocol is 96 Bits (12 Octets) 172 * If set FW does the padding to compute CTR0 */ 173 174 #define ICP_QAT_FW_LA_GCM_IV_LEN_NOT_12_OCTETS 0 175 /**< @ingroup icp_qat_fw_la 176 * Indicates the IV Length for GCM protocol is not 96 Bits (12 Octets) 177 * If IA computes CTR0 */ 178 179 #define QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS 12 180 /**< @ingroup icp_cpm_fw_la 181 * Bit position defining ZUC processing for a encrypt command */ 182 183 #define ICP_QAT_FW_LA_ZUC_3G_PROTO 1 184 /**< @ingroup icp_cpm_fw_la 185 * Value indicating ZUC processing for a encrypt command */ 186 187 #define QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK 0x1 188 /**< @ingroup icp_qat_fw_la 189 * One bit mask used to determine the ZUC 3G protocol bit. 190 * Must be set for Cipher-only, Cipher + Auth and Auth-only */ 191 192 #define QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_BITPOS 13 193 /**< @ingroup icp_cpm_fw_la 194 * Bit position defining SINGLE PASS processing for a encrypt command */ 195 196 #define ICP_QAT_FW_LA_SINGLE_PASS_PROTO 1 197 /**< @ingroup icp_cpm_fw_la 198 * Value indicating SINGLE PASS processing for a encrypt command */ 199 200 #define QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_MASK 0x1 201 /**< @ingroup icp_qat_fw_la 202 * One bit mask used to determine the SINGLE PASS protocol bit. 203 * Must be set for Cipher-only */ 204 205 #define QAT_LA_GCM_IV_LEN_FLAG_BITPOS 11 206 /**< @ingroup icp_qat_fw_la 207 * Starting bit position for GCM IV Length indication. If set 208 * the IV Length is 96 Bits, clear for other IV lengths */ 209 210 #define QAT_LA_GCM_IV_LEN_FLAG_MASK 0x1 211 /**< @ingroup icp_qat_fw_la 212 * One bit mask used to determine the GCM IV Length indication bit. 213 * If set the IV Length is 96 Bits, clear for other IV lengths */ 214 215 /* bit 10 */ 216 #define ICP_QAT_FW_LA_DIGEST_IN_BUFFER 1 217 /**< @ingroup icp_qat_fw_la 218 * Flag representing that authentication digest is stored or is extracted 219 * from the source buffer. Auth Result Pointer will be ignored in this case. */ 220 221 #define ICP_QAT_FW_LA_NO_DIGEST_IN_BUFFER 0 222 /**< @ingroup icp_qat_fw_la 223 * Flag representing that authentication digest is NOT stored or is NOT 224 * extracted from the source buffer. Auth result will get stored or extracted 225 * from the Auth Result Pointer. Please not that in this case digest CANNOT be 226 * encrypted. */ 227 228 #define QAT_LA_DIGEST_IN_BUFFER_BITPOS 10 229 /**< @ingroup icp_qat_fw_la 230 * Starting bit position for Digest in Buffer flag */ 231 232 #define QAT_LA_DIGEST_IN_BUFFER_MASK 0x1 233 /**< @ingroup icp_qat_fw_la 234 * One bit mask used to determine the Digest in Buffer flag */ 235 236 /* bits 7-9 */ 237 #define ICP_QAT_FW_LA_SNOW_3G_PROTO 4 238 /**< @ingroup icp_cpm_fw_la 239 * Indicates SNOW_3G processing for a encrypt command */ 240 241 #define ICP_QAT_FW_LA_GCM_PROTO 2 242 /**< @ingroup icp_qat_fw_la 243 * Indicates GCM processing for a auth_encrypt command */ 244 245 #define ICP_QAT_FW_LA_CCM_PROTO 1 246 /**< @ingroup icp_qat_fw_la 247 * Indicates CCM processing for a auth_encrypt command */ 248 249 #define ICP_QAT_FW_LA_NO_PROTO 0 250 /**< @ingroup icp_qat_fw_la 251 * Indicates no specific protocol processing for the command */ 252 253 #define QAT_LA_PROTO_BITPOS 7 254 /**< @ingroup icp_qat_fw_la 255 * Starting bit position for the Lookaside Protocols */ 256 257 #define QAT_LA_PROTO_MASK 0x7 258 /**< @ingroup icp_qat_fw_la 259 * Three bit mask used to determine the Lookaside Protocol */ 260 261 /* bit 6 */ 262 #define ICP_QAT_FW_LA_CMP_AUTH_RES 1 263 /**< @ingroup icp_qat_fw_la 264 * Flag representing the need to compare the auth result data to the expected 265 * value in DRAM at the auth_address. */ 266 267 #define ICP_QAT_FW_LA_NO_CMP_AUTH_RES 0 268 /**< @ingroup icp_qat_fw_la 269 * Flag representing that there is no need to do a compare of the auth data 270 * to the expected value */ 271 272 #define QAT_LA_CMP_AUTH_RES_BITPOS 6 273 /**< @ingroup icp_qat_fw_la 274 * Starting bit position for Auth compare digest result */ 275 276 #define QAT_LA_CMP_AUTH_RES_MASK 0x1 277 /**< @ingroup icp_qat_fw_la 278 * One bit mask used to determine the Auth compare digest result */ 279 280 /* bit 5 */ 281 #define ICP_QAT_FW_LA_RET_AUTH_RES 1 282 /**< @ingroup icp_qat_fw_la 283 * Flag representing the need to return the auth result data to dram after the 284 * request processing is complete */ 285 286 #define ICP_QAT_FW_LA_NO_RET_AUTH_RES 0 287 /**< @ingroup icp_qat_fw_la 288 * Flag representing that there is no need to return the auth result data */ 289 290 #define QAT_LA_RET_AUTH_RES_BITPOS 5 291 /**< @ingroup icp_qat_fw_la 292 * Starting bit position for Auth return digest result */ 293 294 #define QAT_LA_RET_AUTH_RES_MASK 0x1 295 /**< @ingroup icp_qat_fw_la 296 * One bit mask used to determine the Auth return digest result */ 297 298 /* bit 4 */ 299 #define ICP_QAT_FW_LA_UPDATE_STATE 1 300 /**< @ingroup icp_qat_fw_la 301 * Flag representing the need to update the state data in dram after the 302 * request processing is complete */ 303 304 #define ICP_QAT_FW_LA_NO_UPDATE_STATE 0 305 /**< @ingroup icp_qat_fw_la 306 * Flag representing that there is no need to update the state data */ 307 308 #define QAT_LA_UPDATE_STATE_BITPOS 4 309 /**< @ingroup icp_qat_fw_la 310 * Starting bit position for Update State. */ 311 312 #define QAT_LA_UPDATE_STATE_MASK 0x1 313 /**< @ingroup icp_qat_fw_la 314 * One bit mask used to determine the Update State */ 315 316 /* bit 3 */ 317 #define ICP_QAT_FW_CIPH_AUTH_CFG_OFFSET_IN_CD_SETUP 0 318 /**< @ingroup icp_qat_fw_la 319 * Flag representing Cipher/Auth Config Offset Type, where the offset 320 * is contained in CD Setup. When the SHRAM constants page 321 * is not used for cipher/auth configuration, then the Content Descriptor 322 * pointer field must be a pointer (as opposed to a 16-byte key), since 323 * the block pointed to must contain both the slice config and the key */ 324 325 #define ICP_QAT_FW_CIPH_AUTH_CFG_OFFSET_IN_SHRAM_CP 1 326 /**< @ingroup icp_qat_fw_la 327 * Flag representing Cipher/Auth Config Offset Type, where the offset 328 * is contained in SHRAM constants page. */ 329 330 #define QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS 3 331 /**< @ingroup icp_qat_fw_la 332 * Starting bit position indicating Cipher/Auth Config 333 * offset type */ 334 335 #define QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK 0x1 336 /**< @ingroup icp_qat_fw_la 337 * One bit mask used to determine Cipher/Auth Config 338 * offset type */ 339 340 /* bit 2 */ 341 #define ICP_QAT_FW_CIPH_IV_64BIT_PTR 0 342 /**< @ingroup icp_qat_fw_la 343 * Flag representing Cipher IV field contents via 64-bit pointer */ 344 345 #define ICP_QAT_FW_CIPH_IV_16BYTE_DATA 1 346 /**< @ingroup icp_qat_fw_la 347 * Flag representing Cipher IV field contents as 16-byte data array */ 348 349 #define QAT_LA_CIPH_IV_FLD_BITPOS 2 350 /**< @ingroup icp_qat_fw_la 351 * Starting bit position indicating Cipher IV field 352 * contents */ 353 354 #define QAT_LA_CIPH_IV_FLD_MASK 0x1 355 /**< @ingroup icp_qat_fw_la 356 * One bit mask used to determine the Cipher IV field 357 * contents */ 358 359 /* bits 0-1 */ 360 #define ICP_QAT_FW_LA_PARTIAL_NONE 0 361 /**< @ingroup icp_qat_fw_la 362 * Flag representing no need for partial processing condition i.e. 363 * entire packet processed in the current command */ 364 365 #define ICP_QAT_FW_LA_PARTIAL_START 1 366 /**< @ingroup icp_qat_fw_la 367 * Flag representing the first chunk of the partial packet */ 368 369 #define ICP_QAT_FW_LA_PARTIAL_MID 3 370 /**< @ingroup icp_qat_fw_la 371 * Flag representing a middle chunk of the partial packet */ 372 373 #define ICP_QAT_FW_LA_PARTIAL_END 2 374 /**< @ingroup icp_qat_fw_la 375 * Flag representing the final/end chunk of the partial packet */ 376 377 #define QAT_LA_PARTIAL_BITPOS 0 378 /**< @ingroup icp_qat_fw_la 379 * Starting bit position indicating partial state */ 380 381 #define QAT_LA_PARTIAL_MASK 0x3 382 /**< @ingroup icp_qat_fw_la 383 * Two bit mask used to determine the partial state */ 384 385 /* The table below defines the meaning of the prefix_addr & hash_state_sz in 386 * the case of partial processing. See the HLD for further details 387 * 388 * + ====== + ------------------------- + ----------------------- + 389 * | Parial | Prefix Addr | Hash State Sz | 390 * | State | | | 391 * + ====== + ------------------------- + ----------------------- + 392 * | FULL | Points to the prefix data | Prefix size as below. | 393 * | | | No update of state | 394 * + ====== + ------------------------- + ----------------------- + 395 * | SOP | Points to the prefix | = inner prefix rounded | 396 * | | data. State is updated | to qwrds + outer prefix | 397 * | | at prefix_addr - state_sz | rounded to qwrds. The | 398 * | | - 8 (counter size) | writeback state sz | 399 * | | | comes from the CD | 400 * + ====== + ------------------------- + ----------------------- + 401 * | MOP | Points to the state data | State size rounded to | 402 * | | Updated state written to | num qwrds + 8 (for the | 403 * | | same location | counter) + inner prefix | 404 * | | | rounded to qwrds + | 405 * | | | outer prefix rounded to | 406 * | | | qwrds. | 407 * + ====== + ------------------------- + ----------------------- + 408 * | EOP | Points to the state data | State size rounded to | 409 * | | | num qwrds + 8 (for the | 410 * | | | counter) + inner prefix | 411 * | | | rounded to qwrds + | 412 * | | | outer prefix rounded to | 413 * | | | qwrds. | 414 * + ====== + ------------------------- + ----------------------- + 415 * 416 * Notes: 417 * 418 * - If the EOP is set it is assumed that no state update is to be performed. 419 * However it is the clients responsibility to set the update_state flag 420 * correctly i.e. not set for EOP or Full packet cases. Only set for SOP and 421 * MOP with no EOP flag 422 * - The SOP take precedence over the MOP and EOP i.e. in the calculation of 423 * the address to writeback the state. 424 * - The prefix address must be on at least the 8 byte boundary 425 */ 426 427 /** 428 ****************************************************************************** 429 * @ingroup icp_qat_fw_la 430 * 431 * @description 432 * Macro used for the generation of the Lookaside flags for a request. This 433 * should always be used for the generation of the flags field. No direct sets 434 * or masks should be performed on the flags data 435 * 436 * @param gcm_iv_len GCM IV Length indication bit 437 * @param auth_rslt Authentication result - Digest is stored/extracted 438 * in/from the source buffer 439 * straight after the authenticated region 440 * @param proto Protocol handled by a command 441 * @param cmp_auth Compare auth result with the expected value 442 * @param ret_auth Return auth result to the client via DRAM 443 * @param update_state Indicate update of the crypto state information 444 * is required 445 * @param ciphIV Cipher IV field contents 446 * @param ciphcfg Cipher/Auth Config offset type 447 * @param partial Inidicate if the packet is a partial part 448 * 449 *****************************************************************************/ 450 #define ICP_QAT_FW_LA_FLAGS_BUILD(zuc_proto, \ 451 gcm_iv_len, \ 452 auth_rslt, \ 453 proto, \ 454 cmp_auth, \ 455 ret_auth, \ 456 update_state, \ 457 ciphIV, \ 458 ciphcfg, \ 459 partial) \ 460 (((zuc_proto & QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK) \ 461 << QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS) | \ 462 ((gcm_iv_len & QAT_LA_GCM_IV_LEN_FLAG_MASK) \ 463 << QAT_LA_GCM_IV_LEN_FLAG_BITPOS) | \ 464 ((auth_rslt & QAT_LA_DIGEST_IN_BUFFER_MASK) \ 465 << QAT_LA_DIGEST_IN_BUFFER_BITPOS) | \ 466 ((proto & QAT_LA_PROTO_MASK) << QAT_LA_PROTO_BITPOS) | \ 467 ((cmp_auth & QAT_LA_CMP_AUTH_RES_MASK) \ 468 << QAT_LA_CMP_AUTH_RES_BITPOS) | \ 469 ((ret_auth & QAT_LA_RET_AUTH_RES_MASK) \ 470 << QAT_LA_RET_AUTH_RES_BITPOS) | \ 471 ((update_state & QAT_LA_UPDATE_STATE_MASK) \ 472 << QAT_LA_UPDATE_STATE_BITPOS) | \ 473 ((ciphIV & QAT_LA_CIPH_IV_FLD_MASK) << QAT_LA_CIPH_IV_FLD_BITPOS) | \ 474 ((ciphcfg & QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK) \ 475 << QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS) | \ 476 ((partial & QAT_LA_PARTIAL_MASK) << QAT_LA_PARTIAL_BITPOS)) 477 478 /* Macros for extracting field bits */ 479 /** 480 ****************************************************************************** 481 * @ingroup icp_qat_fw_la 482 * 483 * @description 484 * Macro for extraction of the Cipher IV field contents (bit 2) 485 * 486 * @param flags Flags to extract the Cipher IV field contents 487 * 488 *****************************************************************************/ 489 #define ICP_QAT_FW_LA_CIPH_IV_FLD_FLAG_GET(flags) \ 490 QAT_FIELD_GET(flags, QAT_LA_CIPH_IV_FLD_BITPOS, QAT_LA_CIPH_IV_FLD_MASK) 491 492 /** 493 ****************************************************************************** 494 * @ingroup icp_qat_fw_la 495 * 496 * @description 497 * Macro for extraction of the Cipher/Auth Config 498 * offset type (bit 3) 499 * 500 * @param flags Flags to extract the Cipher/Auth Config 501 * offset type 502 * 503 *****************************************************************************/ 504 #define ICP_QAT_FW_LA_CIPH_AUTH_CFG_OFFSET_FLAG_GET(flags) \ 505 QAT_FIELD_GET(flags, \ 506 QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS, \ 507 QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK) 508 509 /** 510 ****************************************************************************** 511 * @ingroup icp_qat_fw_la 512 * 513 * @description 514 * Macro for extraction of the ZUC protocol bit 515 * information (bit 11) 516 * 517 * @param flags Flags to extract the ZUC protocol bit 518 * 519 *****************************************************************************/ 520 #define ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_GET(flags) \ 521 QAT_FIELD_GET(flags, \ 522 QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS, \ 523 QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK) 524 525 /** 526 ****************************************************************************** 527 * @ingroup icp_qat_fw_la 528 * 529 * @description 530 * Macro for extraction of the GCM IV Len is 12 Octets / 96 Bits 531 * information (bit 11) 532 * 533 * @param flags Flags to extract the GCM IV length 534 * 535 *****************************************************************************/ 536 #define ICP_QAT_FW_LA_GCM_IV_LEN_FLAG_GET(flags) \ 537 QAT_FIELD_GET(flags, \ 538 QAT_LA_GCM_IV_LEN_FLAG_BITPOS, \ 539 QAT_LA_GCM_IV_LEN_FLAG_MASK) 540 541 /** 542 ****************************************************************************** 543 * @ingroup icp_qat_fw_la 544 * 545 * @description 546 * Macro for extraction of the LA protocol state (bits 9-7) 547 * 548 * @param flags Flags to extract the protocol state 549 * 550 *****************************************************************************/ 551 #define ICP_QAT_FW_LA_PROTO_GET(flags) \ 552 QAT_FIELD_GET(flags, QAT_LA_PROTO_BITPOS, QAT_LA_PROTO_MASK) 553 554 /** 555 ****************************************************************************** 556 * @ingroup icp_qat_fw_la 557 * 558 * @description 559 * Macro for extraction of the "compare auth" state (bit 6) 560 * 561 * @param flags Flags to extract the compare auth result state 562 * 563 *****************************************************************************/ 564 #define ICP_QAT_FW_LA_CMP_AUTH_GET(flags) \ 565 QAT_FIELD_GET(flags, \ 566 QAT_LA_CMP_AUTH_RES_BITPOS, \ 567 QAT_LA_CMP_AUTH_RES_MASK) 568 569 /** 570 ****************************************************************************** 571 * @ingroup icp_qat_fw_la 572 * 573 * @description 574 * Macro for extraction of the "return auth" state (bit 5) 575 * 576 * @param flags Flags to extract the return auth result state 577 * 578 *****************************************************************************/ 579 #define ICP_QAT_FW_LA_RET_AUTH_GET(flags) \ 580 QAT_FIELD_GET(flags, \ 581 QAT_LA_RET_AUTH_RES_BITPOS, \ 582 QAT_LA_RET_AUTH_RES_MASK) 583 584 /** 585 ****************************************************************************** 586 * @ingroup icp_qat_fw_la 587 * 588 * @description 589 * Macro for extraction of the "digest in buffer" state (bit 10) 590 * 591 * @param flags Flags to extract the digest in buffer state 592 * 593 *****************************************************************************/ 594 #define ICP_QAT_FW_LA_DIGEST_IN_BUFFER_GET(flags) \ 595 QAT_FIELD_GET(flags, \ 596 QAT_LA_DIGEST_IN_BUFFER_BITPOS, \ 597 QAT_LA_DIGEST_IN_BUFFER_MASK) 598 599 /** 600 ****************************************************************************** 601 * @ingroup icp_qat_fw_la 602 * 603 * @description 604 * Macro for extraction of the update content state value. (bit 4) 605 * 606 * @param flags Flags to extract the update content state bit 607 * 608 *****************************************************************************/ 609 #define ICP_QAT_FW_LA_UPDATE_STATE_GET(flags) \ 610 QAT_FIELD_GET(flags, \ 611 QAT_LA_UPDATE_STATE_BITPOS, \ 612 QAT_LA_UPDATE_STATE_MASK) 613 614 /** 615 ****************************************************************************** 616 * @ingroup icp_qat_fw_la 617 * 618 * @description 619 * Macro for extraction of the "partial" packet state (bits 1-0) 620 * 621 * @param flags Flags to extract the partial state 622 * 623 *****************************************************************************/ 624 #define ICP_QAT_FW_LA_PARTIAL_GET(flags) \ 625 QAT_FIELD_GET(flags, QAT_LA_PARTIAL_BITPOS, QAT_LA_PARTIAL_MASK) 626 627 /** 628 ****************************************************************************** 629 * @ingroup icp_qat_fw_la 630 * 631 * @description 632 * Macro for extraction of the "Use Extended Protocol Flags" flag value 633 * 634 * @param flags Extended Command Flags 635 * @param val Value of the flag 636 * 637 *****************************************************************************/ 638 #define ICP_QAT_FW_USE_EXTENDED_PROTOCOL_FLAGS_GET(flags) \ 639 QAT_FIELD_GET(flags, \ 640 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_BITPOS, \ 641 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_MASK) 642 643 /* Macros for setting field bits */ 644 /** 645 ****************************************************************************** 646 * @ingroup icp_qat_fw_la 647 * 648 * @description 649 * Macro for setting the Cipher IV field contents 650 * 651 * @param flags Flags to set with the Cipher IV field contents 652 * @param val Field contents indicator value 653 * 654 *****************************************************************************/ 655 #define ICP_QAT_FW_LA_CIPH_IV_FLD_FLAG_SET(flags, val) \ 656 QAT_FIELD_SET(flags, \ 657 val, \ 658 QAT_LA_CIPH_IV_FLD_BITPOS, \ 659 QAT_LA_CIPH_IV_FLD_MASK) 660 661 /** 662 ****************************************************************************** 663 * @ingroup icp_qat_fw_la 664 * 665 * @description 666 * Macro for setting the Cipher/Auth Config 667 * offset type 668 * 669 * @param flags Flags to set the Cipher/Auth Config offset type 670 * @param val Offset type value 671 * 672 *****************************************************************************/ 673 #define ICP_QAT_FW_LA_CIPH_AUTH_CFG_OFFSET_FLAG_SET(flags, val) \ 674 QAT_FIELD_SET(flags, \ 675 val, \ 676 QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS, \ 677 QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK) 678 679 /** 680 ****************************************************************************** 681 * @ingroup icp_qat_fw_la 682 * 683 * @description 684 * Macro for setting the ZUC protocol flag 685 * 686 * @param flags Flags to set the ZUC protocol flag 687 * @param val Protocol value 688 * 689 *****************************************************************************/ 690 #define ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_SET(flags, val) \ 691 QAT_FIELD_SET(flags, \ 692 val, \ 693 QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS, \ 694 QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK) 695 696 /** 697 ****************************************************************************** 698 * @ingroup icp_qat_fw_la 699 * 700 * @description 701 * Macro for setting the SINGLE PASSprotocol flag 702 * 703 * @param flags Flags to set the SINGLE PASS protocol flag 704 * @param val Protocol value 705 * 706 *****************************************************************************/ 707 #define ICP_QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_SET(flags, val) \ 708 QAT_FIELD_SET(flags, \ 709 val, \ 710 QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_BITPOS, \ 711 QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_MASK) 712 713 /** 714 ****************************************************************************** 715 * @ingroup icp_qat_fw_la 716 * 717 * @description 718 * Macro for setting the GCM IV length flag state 719 * 720 * @param flags Flags to set the GCM IV length flag state 721 * @param val Protocol value 722 * 723 *****************************************************************************/ 724 #define ICP_QAT_FW_LA_GCM_IV_LEN_FLAG_SET(flags, val) \ 725 QAT_FIELD_SET(flags, \ 726 val, \ 727 QAT_LA_GCM_IV_LEN_FLAG_BITPOS, \ 728 QAT_LA_GCM_IV_LEN_FLAG_MASK) 729 730 /** 731 ****************************************************************************** 732 * @ingroup icp_qat_fw_la 733 * 734 * @description 735 * Macro for setting the LA protocol flag state 736 * 737 * @param flags Flags to set the protocol state 738 * @param val Protocol value 739 * 740 *****************************************************************************/ 741 #define ICP_QAT_FW_LA_PROTO_SET(flags, val) \ 742 QAT_FIELD_SET(flags, val, QAT_LA_PROTO_BITPOS, QAT_LA_PROTO_MASK) 743 744 /** 745 ****************************************************************************** 746 * @ingroup icp_qat_fw_la 747 * 748 * @description 749 * Macro for setting the "compare auth" flag state 750 * 751 * @param flags Flags to set the compare auth result state 752 * @param val Compare Auth value 753 * 754 *****************************************************************************/ 755 #define ICP_QAT_FW_LA_CMP_AUTH_SET(flags, val) \ 756 QAT_FIELD_SET(flags, \ 757 val, \ 758 QAT_LA_CMP_AUTH_RES_BITPOS, \ 759 QAT_LA_CMP_AUTH_RES_MASK) 760 761 /** 762 ****************************************************************************** 763 * @ingroup icp_qat_fw_la 764 * 765 * @description 766 * Macro for setting the "return auth" flag state 767 * 768 * @param flags Flags to set the return auth result state 769 * @param val Return Auth value 770 * 771 *****************************************************************************/ 772 #define ICP_QAT_FW_LA_RET_AUTH_SET(flags, val) \ 773 QAT_FIELD_SET(flags, \ 774 val, \ 775 QAT_LA_RET_AUTH_RES_BITPOS, \ 776 QAT_LA_RET_AUTH_RES_MASK) 777 778 /** 779 ****************************************************************************** 780 * @ingroup icp_qat_fw_la 781 * 782 * @description 783 * Macro for setting the "digest in buffer" flag state 784 * 785 * @param flags Flags to set the digest in buffer state 786 * @param val Digest in buffer value 787 * 788 *****************************************************************************/ 789 #define ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET(flags, val) \ 790 QAT_FIELD_SET(flags, \ 791 val, \ 792 QAT_LA_DIGEST_IN_BUFFER_BITPOS, \ 793 QAT_LA_DIGEST_IN_BUFFER_MASK) 794 795 /** 796 ****************************************************************************** 797 * @ingroup icp_qat_fw_la 798 * 799 * @description 800 * Macro for setting the "update state" flag value 801 * 802 * @param flags Flags to set the update content state 803 * @param val Update Content State flag value 804 * 805 *****************************************************************************/ 806 #define ICP_QAT_FW_LA_UPDATE_STATE_SET(flags, val) \ 807 QAT_FIELD_SET(flags, \ 808 val, \ 809 QAT_LA_UPDATE_STATE_BITPOS, \ 810 QAT_LA_UPDATE_STATE_MASK) 811 812 /** 813 ****************************************************************************** 814 * @ingroup icp_qat_fw_la 815 * 816 * @description 817 * Macro for setting the "partial" packet flag state 818 * 819 * @param flags Flags to set the partial state 820 * @param val Partial state value 821 * 822 *****************************************************************************/ 823 #define ICP_QAT_FW_LA_PARTIAL_SET(flags, val) \ 824 QAT_FIELD_SET(flags, val, QAT_LA_PARTIAL_BITPOS, QAT_LA_PARTIAL_MASK) 825 826 /** 827 ****************************************************************************** 828 * @ingroup icp_qat_fw_la 829 * 830 * @description 831 * Macro for setting the "Use Extended Protocol Flags" flag value 832 * 833 * @param flags Extended Command Flags 834 * @param val Value of the flag 835 * 836 *****************************************************************************/ 837 #define ICP_QAT_FW_USE_EXTENDED_PROTOCOL_FLAGS_SET(flags, val) \ 838 QAT_FIELD_SET(flags, \ 839 val, \ 840 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_BITPOS, \ 841 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_MASK) 842 843 /** 844 ***************************************************************************** 845 * @ingroup icp_qat_fw_la 846 * Definition of the Cipher header Content Descriptor pars block 847 * @description 848 * Definition of the cipher processing header cd pars block. 849 * The structure is a service-specific implementation of the common 850 * 'icp_qat_fw_comn_req_hdr_cd_pars_s' structure. 851 *****************************************************************************/ 852 typedef union icp_qat_fw_cipher_req_hdr_cd_pars_s { 853 /**< LWs 2-5 */ 854 struct { 855 uint64_t content_desc_addr; 856 /**< Address of the content descriptor */ 857 858 uint16_t content_desc_resrvd1; 859 /**< Content descriptor reserved field */ 860 861 uint8_t content_desc_params_sz; 862 /**< Size of the content descriptor parameters in quad words. 863 * These 864 * parameters describe the session setup configuration info for 865 * the 866 * slices that this request relies upon i.e. the configuration 867 * word and 868 * cipher key needed by the cipher slice if there is a request 869 * for 870 * cipher processing. */ 871 872 uint8_t content_desc_hdr_resrvd2; 873 /**< Content descriptor reserved field */ 874 875 uint32_t content_desc_resrvd3; 876 /**< Content descriptor reserved field */ 877 } s; 878 879 struct { 880 uint32_t cipher_key_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 881 /* Cipher Key Array */ 882 883 } s1; 884 885 } icp_qat_fw_cipher_req_hdr_cd_pars_t; 886 887 /** 888 ***************************************************************************** 889 * @ingroup icp_qat_fw_la 890 * Definition of the Authentication header Content Descriptor pars block 891 * @description 892 * Definition of the authentication processing header cd pars block. 893 *****************************************************************************/ 894 /* Note: Authentication uses the common 'icp_qat_fw_comn_req_hdr_cd_pars_s' 895 * structure - similarly, it is also used by SSL3, TLS and MGF. Only cipher 896 * and cipher + authentication require service-specific implementations of 897 * the structure */ 898 899 /** 900 ***************************************************************************** 901 * @ingroup icp_qat_fw_la 902 * Definition of the Cipher + Auth header Content Descriptor pars block 903 * @description 904 * Definition of the cipher + auth processing header cd pars block. 905 * The structure is a service-specific implementation of the common 906 * 'icp_qat_fw_comn_req_hdr_cd_pars_s' structure. 907 *****************************************************************************/ 908 typedef union icp_qat_fw_cipher_auth_req_hdr_cd_pars_s { 909 /**< LWs 2-5 */ 910 struct { 911 uint64_t content_desc_addr; 912 /**< Address of the content descriptor */ 913 914 uint16_t content_desc_resrvd1; 915 /**< Content descriptor reserved field */ 916 917 uint8_t content_desc_params_sz; 918 /**< Size of the content descriptor parameters in quad words. 919 * These 920 * parameters describe the session setup configuration info for 921 * the 922 * slices that this request relies upon i.e. the configuration 923 * word and 924 * cipher key needed by the cipher slice if there is a request 925 * for 926 * cipher processing. */ 927 928 uint8_t content_desc_hdr_resrvd2; 929 /**< Content descriptor reserved field */ 930 931 uint32_t content_desc_resrvd3; 932 /**< Content descriptor reserved field */ 933 } s; 934 935 struct { 936 uint32_t cipher_key_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 937 /* Cipher Key Array */ 938 939 } sl; 940 941 } icp_qat_fw_cipher_auth_req_hdr_cd_pars_t; 942 943 /** 944 ***************************************************************************** 945 * @ingroup icp_qat_fw_la 946 * Cipher content descriptor control block (header) 947 * @description 948 * Definition of the service-specific cipher control block header 949 * structure. This header forms part of the content descriptor 950 * block incorporating LWs 27-31, as defined by the common base 951 * parameters structure. 952 * 953 *****************************************************************************/ 954 typedef struct icp_qat_fw_cipher_cd_ctrl_hdr_s { 955 /**< LW 27 */ 956 uint8_t cipher_state_sz; 957 /**< State size in quad words of the cipher algorithm used in this 958 * session. 959 * Set to zero if the algorithm doesnt provide any state */ 960 961 uint8_t cipher_key_sz; 962 /**< Key size in quad words of the cipher algorithm used in this session 963 */ 964 965 uint8_t cipher_cfg_offset; 966 /**< Quad word offset from the content descriptor parameters address 967 * i.e. 968 * (content_address + (cd_hdr_sz << 3)) to the parameters for the cipher 969 * processing */ 970 971 uint8_t next_curr_id; 972 /**< This field combines the next and current id (each four bits) - 973 * the next id is the most significant nibble. 974 * Next Id: Set to the next slice to pass the ciphered data through. 975 * Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go through 976 * any more slices after cipher. 977 * Current Id: Initialised with the cipher slice type */ 978 979 /**< LW 28 */ 980 uint8_t cipher_padding_sz; 981 /**< State padding size in quad words. Set to 0 if no padding is 982 * required. 983 */ 984 985 uint8_t resrvd1; 986 uint16_t resrvd2; 987 /**< Reserved bytes to bring the struct to the word boundary, used by 988 * authentication. MUST be set to 0 */ 989 990 /**< LWs 29-31 */ 991 uint32_t resrvd3[ICP_QAT_FW_NUM_LONGWORDS_3]; 992 /**< Reserved bytes used by authentication. MUST be set to 0 */ 993 994 } icp_qat_fw_cipher_cd_ctrl_hdr_t; 995 996 /** 997 ***************************************************************************** 998 * @ingroup icp_qat_fw_la 999 * Authentication content descriptor control block (header) 1000 * @description 1001 * Definition of the service-specific authentication control block 1002 * header structure. This header forms part of the content descriptor 1003 * block incorporating LWs 27-31, as defined by the common base 1004 * parameters structure, the first portion of which is reserved for 1005 * cipher. 1006 * 1007 *****************************************************************************/ 1008 typedef struct icp_qat_fw_auth_cd_ctrl_hdr_s { 1009 /**< LW 27 */ 1010 uint32_t resrvd1; 1011 /**< Reserved bytes, used by cipher only. MUST be set to 0 */ 1012 1013 /**< LW 28 */ 1014 uint8_t resrvd2; 1015 /**< Reserved byte, used by cipher only. MUST be set to 0 */ 1016 1017 uint8_t hash_flags; 1018 /**< General flags defining the processing to perform. 0 is normal 1019 * processing 1020 * and 1 means there is a nested hash processing loop to go through */ 1021 1022 uint8_t hash_cfg_offset; 1023 /**< Quad word offset from the content descriptor parameters address to 1024 * the 1025 * parameters for the auth processing */ 1026 1027 uint8_t next_curr_id; 1028 /**< This field combines the next and current id (each four bits) - 1029 * the next id is the most significant nibble. 1030 * Next Id: Set to the next slice to pass the authentication data 1031 * through. 1032 * Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go through 1033 * any more slices after authentication. 1034 * Current Id: Initialised with the authentication slice type */ 1035 1036 /**< LW 29 */ 1037 uint8_t resrvd3; 1038 /**< Now a reserved field. MUST be set to 0 */ 1039 1040 uint8_t outer_prefix_sz; 1041 /**< Size in bytes of outer prefix data */ 1042 1043 uint8_t final_sz; 1044 /**< Size in bytes of digest to be returned to the client if requested 1045 */ 1046 1047 uint8_t inner_res_sz; 1048 /**< Size in bytes of the digest from the inner hash algorithm */ 1049 1050 /**< LW 30 */ 1051 uint8_t resrvd4; 1052 /**< Now a reserved field. MUST be set to zero. */ 1053 1054 uint8_t inner_state1_sz; 1055 /**< Size in bytes of inner hash state1 data. Must be a qword multiple 1056 */ 1057 1058 uint8_t inner_state2_offset; 1059 /**< Quad word offset from the content descriptor parameters pointer to 1060 * the 1061 * inner state2 value */ 1062 1063 uint8_t inner_state2_sz; 1064 /**< Size in bytes of inner hash state2 data. Must be a qword multiple 1065 */ 1066 1067 /**< LW 31 */ 1068 uint8_t outer_config_offset; 1069 /**< Quad word offset from the content descriptor parameters pointer to 1070 * the 1071 * outer configuration information */ 1072 1073 uint8_t outer_state1_sz; 1074 /**< Size in bytes of the outer state1 value */ 1075 1076 uint8_t outer_res_sz; 1077 /**< Size in bytes of digest from the outer auth algorithm */ 1078 1079 uint8_t outer_prefix_offset; 1080 /**< Quad word offset from the start of the inner prefix data to the 1081 * outer 1082 * prefix information. Should equal the rounded inner prefix size, 1083 * converted 1084 * to qwords */ 1085 1086 } icp_qat_fw_auth_cd_ctrl_hdr_t; 1087 1088 /** 1089 ***************************************************************************** 1090 * @ingroup icp_qat_fw_la 1091 * Cipher + Authentication content descriptor control block header 1092 * @description 1093 * Definition of both service-specific cipher + authentication control 1094 * block header structures. This header forms part of the content 1095 * descriptor block incorporating LWs 27-31, as defined by the common 1096 * base parameters structure. 1097 * 1098 *****************************************************************************/ 1099 typedef struct icp_qat_fw_cipher_auth_cd_ctrl_hdr_s { 1100 /**< LW 27 */ 1101 uint8_t cipher_state_sz; 1102 /**< State size in quad words of the cipher algorithm used in this 1103 * session. 1104 * Set to zero if the algorithm doesnt provide any state */ 1105 1106 uint8_t cipher_key_sz; 1107 /**< Key size in quad words of the cipher algorithm used in this session 1108 */ 1109 1110 uint8_t cipher_cfg_offset; 1111 /**< Quad word offset from the content descriptor parameters address 1112 * i.e. 1113 * (content_address + (cd_hdr_sz << 3)) to the parameters for the cipher 1114 * processing */ 1115 1116 uint8_t next_curr_id_cipher; 1117 /**< This field combines the next and current id (each four bits) - 1118 * the next id is the most significant nibble. 1119 * Next Id: Set to the next slice to pass the ciphered data through. 1120 * Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go through 1121 * any more slices after cipher. 1122 * Current Id: Initialised with the cipher slice type */ 1123 1124 /**< LW 28 */ 1125 uint8_t cipher_padding_sz; 1126 /**< State padding size in quad words. Set to 0 if no padding is 1127 * required. 1128 */ 1129 1130 uint8_t hash_flags; 1131 /**< General flags defining the processing to perform. 0 is normal 1132 * processing 1133 * and 1 means there is a nested hash processing loop to go through */ 1134 1135 uint8_t hash_cfg_offset; 1136 /**< Quad word offset from the content descriptor parameters address to 1137 * the 1138 * parameters for the auth processing */ 1139 1140 uint8_t next_curr_id_auth; 1141 /**< This field combines the next and current id (each four bits) - 1142 * the next id is the most significant nibble. 1143 * Next Id: Set to the next slice to pass the authentication data 1144 * through. 1145 * Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go through 1146 * any more slices after authentication. 1147 * Current Id: Initialised with the authentication slice type */ 1148 1149 /**< LW 29 */ 1150 uint8_t resrvd1; 1151 /**< Reserved field. MUST be set to 0 */ 1152 1153 uint8_t outer_prefix_sz; 1154 /**< Size in bytes of outer prefix data */ 1155 1156 uint8_t final_sz; 1157 /**< Size in bytes of digest to be returned to the client if requested 1158 */ 1159 1160 uint8_t inner_res_sz; 1161 /**< Size in bytes of the digest from the inner hash algorithm */ 1162 1163 /**< LW 30 */ 1164 uint8_t resrvd2; 1165 /**< Now a reserved field. MUST be set to zero. */ 1166 1167 uint8_t inner_state1_sz; 1168 /**< Size in bytes of inner hash state1 data. Must be a qword multiple 1169 */ 1170 1171 uint8_t inner_state2_offset; 1172 /**< Quad word offset from the content descriptor parameters pointer to 1173 * the 1174 * inner state2 value */ 1175 1176 uint8_t inner_state2_sz; 1177 /**< Size in bytes of inner hash state2 data. Must be a qword multiple 1178 */ 1179 1180 /**< LW 31 */ 1181 uint8_t outer_config_offset; 1182 /**< Quad word offset from the content descriptor parameters pointer to 1183 * the 1184 * outer configuration information */ 1185 1186 uint8_t outer_state1_sz; 1187 /**< Size in bytes of the outer state1 value */ 1188 1189 uint8_t outer_res_sz; 1190 /**< Size in bytes of digest from the outer auth algorithm */ 1191 1192 uint8_t outer_prefix_offset; 1193 /**< Quad word offset from the start of the inner prefix data to the 1194 * outer 1195 * prefix information. Should equal the rounded inner prefix size, 1196 * converted 1197 * to qwords */ 1198 1199 } icp_qat_fw_cipher_auth_cd_ctrl_hdr_t; 1200 1201 /* 1202 * HASH FLAGS 1203 * 1204 * + ===== + --- + --- + --- + --- + --- + --- + --- + ---- + 1205 * | Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | 1206 * + ===== + --- + --- + --- + --- + --- + --- + --- + ---- + 1207 * | Flags | Rsv | Rsv | Rsv | ZUC |SNOW | Rsv | Rsv |NESTED| 1208 * | | | | |EIA3 | 3G | | | | 1209 * | | | | | |UIA2 | | | | 1210 * + ===== + --- + --- + --- + --- + --- + --- + --- + ---- + 1211 */ 1212 1213 /* Bit 0 */ 1214 1215 #define QAT_FW_LA_AUTH_HDR_NESTED_BITPOS 0 1216 /**< @ingroup icp_qat_fw_comn 1217 * Bit position of the hash_flags bit to indicate the request 1218 * requires nested hashing 1219 */ 1220 #define ICP_QAT_FW_AUTH_HDR_FLAG_DO_NESTED 1 1221 /**< @ingroup icp_qat_fw_comn 1222 * Definition of the hash_flags bit to indicate the request 1223 * requires nested hashing */ 1224 1225 #define ICP_QAT_FW_AUTH_HDR_FLAG_NO_NESTED 0 1226 /**< @ingroup icp_qat_fw_comn 1227 * Definition of the hash_flags bit for no nested hashing 1228 * required */ 1229 1230 #define QAT_FW_LA_AUTH_HDR_NESTED_MASK 0x1 1231 /**< @ingroup icp_qat_fw_comn 1232 * Bit mask of the hash_flags bit to indicate the request 1233 * requires nested hashing 1234 */ 1235 1236 /* Bit 3 */ 1237 1238 #define QAT_FW_LA_SNOW3G_UIA2_BITPOS 3 1239 /**< @ingroup icp_cpm_fw_la 1240 * Bit position defining hash algorithm Snow3g-UIA2 */ 1241 1242 #define QAT_FW_LA_SNOW3G_UIA2 1 1243 /**< @ingroup icp_cpm_fw_la 1244 * Value indicating the use of hash algorithm Snow3g-UIA2 */ 1245 1246 #define QAT_FW_LA_SNOW3G_UIA2_MASK 0x1 1247 /**< @ingroup icp_qat_fw_la 1248 * One bit mask used to determine the use of hash algorithm Snow3g-UIA2 */ 1249 1250 /* Bit 4 */ 1251 1252 #define QAT_FW_LA_ZUC_EIA3_BITPOS 4 1253 /**< @ingroup icp_cpm_fw_la 1254 * Bit position defining hash algorithm ZUC-EIA3 */ 1255 1256 #define QAT_FW_LA_ZUC_EIA3 1 1257 /**< @ingroup icp_cpm_fw_la 1258 * Value indicating the use of hash algorithm ZUC-EIA3 */ 1259 1260 #define QAT_FW_LA_ZUC_EIA3_MASK 0x1 1261 /**< @ingroup icp_qat_fw_la 1262 * One bit mask used to determine the use of hash algorithm ZUC-EIA3 */ 1263 1264 /* Macros for extracting hash flags */ 1265 1266 /** 1267 ****************************************************************************** 1268 * @ingroup icp_qat_fw_la 1269 * 1270 * @description 1271 * Macro for extraction of the "Nested" hash flag 1272 * 1273 * @param flags Hash Flags 1274 * @param val Value of the flag 1275 * 1276 *****************************************************************************/ 1277 #define ICP_QAT_FW_HASH_FLAG_AUTH_HDR_NESTED_GET(flags) \ 1278 QAT_FIELD_GET(flags, \ 1279 QAT_FW_LA_AUTH_HDR_NESTED_BITPOS, \ 1280 QAT_FW_LA_AUTH_HDR_NESTED_MASK) 1281 1282 /** 1283 ****************************************************************************** 1284 * @ingroup icp_qat_fw_la 1285 * 1286 * @description 1287 * Macro for extraction of the "Snow3g-UIA2" hash flag 1288 * 1289 * @param flags Hash Flags 1290 * @param val Value of the flag 1291 * 1292 *****************************************************************************/ 1293 #define ICP_QAT_FW_HASH_FLAG_SNOW3G_UIA2_GET(flags) \ 1294 QAT_FIELD_GET(flags, \ 1295 QAT_FW_LA_SNOW3G_UIA2_BITPOS, \ 1296 QAT_FW_LA_SNOW3G_UIA2_MASK) 1297 1298 /** 1299 ****************************************************************************** 1300 * @ingroup icp_qat_fw_la 1301 * 1302 * @description 1303 * Macro for extraction of the "ZUC-EIA3" hash flag 1304 * 1305 * @param flags Hash Flags 1306 * @param val Value of the flag 1307 * 1308 *****************************************************************************/ 1309 #define ICP_QAT_FW_HASH_FLAG_ZUC_EIA3_GET(flags) \ 1310 QAT_FIELD_GET(flags, QAT_FW_LA_ZUC_EIA3_BITPOS, QAT_FW_LA_ZUC_EIA3_MASK) 1311 1312 /* Macros for setting hash flags */ 1313 1314 /** 1315 ****************************************************************************** 1316 * @ingroup icp_qat_fw_la 1317 * 1318 * @description 1319 * Macro for setting the "Nested" hash flag 1320 * 1321 * @param flags Hash Flags 1322 * @param val Value of the flag 1323 * 1324 *****************************************************************************/ 1325 #define ICP_QAT_FW_HASH_FLAG_AUTH_HDR_NESTED_SET(flags, val) \ 1326 QAT_FIELD_SET(flags, \ 1327 val, \ 1328 QAT_FW_LA_AUTH_HDR_NESTED_BITPOS, \ 1329 QAT_FW_LA_AUTH_HDR_NESTED_MASK) 1330 1331 /** 1332 ****************************************************************************** 1333 * @ingroup icp_qat_fw_la 1334 * 1335 * @description 1336 * Macro for setting the "Snow3g-UIA2" hash flag 1337 * 1338 * @param flags Hash Flags 1339 * @param val Value of the flag 1340 * 1341 *****************************************************************************/ 1342 #define ICP_QAT_FW_HASH_FLAG_SNOW3G_UIA2_SET(flags, val) \ 1343 QAT_FIELD_SET(flags, \ 1344 val, \ 1345 QAT_FW_LA_SNOW3G_UIA2_BITPOS, \ 1346 QAT_FW_LA_SNOW3G_UIA2_MASK) 1347 1348 /** 1349 ****************************************************************************** 1350 * @ingroup icp_qat_fw_la 1351 * 1352 * @description 1353 * Macro for setting the "ZUC-EIA3" hash flag 1354 * 1355 * @param flags Hash Flags 1356 * @param val Value of the flag 1357 * 1358 *****************************************************************************/ 1359 #define ICP_QAT_FW_HASH_FLAG_ZUC_EIA3_SET(flags, val) \ 1360 QAT_FIELD_SET(flags, \ 1361 val, \ 1362 QAT_FW_LA_ZUC_EIA3_BITPOS, \ 1363 QAT_FW_LA_ZUC_EIA3_MASK) 1364 1365 #define ICP_QAT_FW_CCM_GCM_AAD_SZ_MAX 240 1366 #define ICP_QAT_FW_SPC_AAD_SZ_MAX 0x3FFF 1367 1368 /**< @ingroup icp_qat_fw_comn 1369 * Maximum size of AAD data allowed for CCM or GCM processing. AAD data size90 - 1370 * is stored in 8-bit field and must be multiple of hash block size. 240 is 1371 * largest value which satisfy both requirements.AAD_SZ_MAX is in byte units */ 1372 1373 /* 1374 * request parameter #defines 1375 */ 1376 #define ICP_QAT_FW_HASH_REQUEST_PARAMETERS_OFFSET (24) 1377 1378 /**< @ingroup icp_qat_fw_comn 1379 * Offset in bytes from the start of the request parameters block to the hash 1380 * (auth) request parameters */ 1381 1382 #define ICP_QAT_FW_CIPHER_REQUEST_PARAMETERS_OFFSET (0) 1383 /**< @ingroup icp_qat_fw_comn 1384 * Offset in bytes from the start of the request parameters block to the cipher 1385 * request parameters */ 1386 1387 /** 1388 ***************************************************************************** 1389 * @ingroup icp_qat_fw_la 1390 * Definition of the cipher request parameters block 1391 * 1392 * @description 1393 * Definition of the cipher processing request parameters block 1394 * structure, which forms part of the block incorporating LWs 14-26, 1395 * as defined by the common base parameters structure. 1396 * Unused fields must be set to 0. 1397 * 1398 *****************************************************************************/ 1399 /**< Pack compiler directive added to prevent the 1400 * compiler from padding this structure to a 64-bit boundary */ 1401 #pragma pack(push, 1) 1402 typedef struct icp_qat_fw_la_cipher_req_params_s { 1403 /**< LW 14 */ 1404 uint32_t cipher_offset; 1405 /**< Cipher offset long word. */ 1406 1407 /**< LW 15 */ 1408 uint32_t cipher_length; 1409 /**< Cipher length long word. */ 1410 1411 /**< LWs 16-19 */ 1412 union { 1413 uint32_t cipher_IV_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 1414 /**< Cipher IV array */ 1415 1416 struct { 1417 uint64_t cipher_IV_ptr; 1418 /**< Cipher IV pointer or Partial State Pointer */ 1419 1420 uint64_t resrvd1; 1421 /**< reserved */ 1422 1423 } s; 1424 1425 } u; 1426 1427 /* LW 20 - 21 */ 1428 uint64_t spc_aad_addr; 1429 /**< Address of the AAD info in DRAM */ 1430 1431 /* LW 22 - 23 */ 1432 uint64_t spc_auth_res_addr; 1433 /**< Address of the authentication result information to validate or 1434 * the location to which the digest information can be written back to 1435 */ 1436 1437 /* LW 24 */ 1438 uint16_t spc_aad_sz; 1439 /**< Size in bytes of AAD data to prefix to the packet 1440 * for ChaChaPoly or GCM processing */ 1441 uint8_t reserved; 1442 /**< reserved */ 1443 uint8_t spc_auth_res_sz; 1444 /**< Size in bytes of the authentication result */ 1445 } icp_qat_fw_la_cipher_req_params_t; 1446 #pragma pack(pop) 1447 /** 1448 ***************************************************************************** 1449 * @ingroup icp_qat_fw_la 1450 * Definition of the auth request parameters block 1451 * @description 1452 * Definition of the authentication processing request parameters block 1453 * structure, which forms part of the block incorporating LWs 14-26, 1454 * as defined by the common base parameters structure. Note: 1455 * This structure is used by TLS only. 1456 * 1457 *****************************************************************************/ 1458 /**< Pack compiler directive added to prevent the 1459 * compiler from padding this structure to a 64-bit boundary */ 1460 #pragma pack(push, 1) 1461 1462 typedef struct icp_qat_fw_la_auth_req_params_s { 1463 1464 /**< LW 20 */ 1465 uint32_t auth_off; 1466 /**< Byte offset from the start of packet to the auth data region */ 1467 1468 /**< LW 21 */ 1469 uint32_t auth_len; 1470 /**< Byte length of the auth data region */ 1471 1472 /**< LWs 22-23 */ 1473 union { 1474 uint64_t auth_partial_st_prefix; 1475 /**< Address of the authentication partial state prefix 1476 * information */ 1477 1478 uint64_t aad_adr; 1479 /**< Address of the AAD info in DRAM. Used for the CCM and GCM 1480 * protocols */ 1481 1482 } u1; 1483 1484 /**< LWs 24-25 */ 1485 uint64_t auth_res_addr; 1486 /**< Address of the authentication result information to validate or 1487 * the location to which the digest information can be written back to 1488 */ 1489 1490 /**< LW 26 */ 1491 union { 1492 uint8_t inner_prefix_sz; 1493 /**< Size in bytes of the inner prefix data */ 1494 1495 uint8_t aad_sz; 1496 /**< Size in bytes of padded AAD data to prefix to the packet 1497 * for CCM 1498 * or GCM processing */ 1499 } u2; 1500 1501 uint8_t resrvd1; 1502 /**< reserved */ 1503 1504 uint8_t hash_state_sz; 1505 /**< Number of quad words of inner and outer hash prefix data to process 1506 * Maximum size is 240 */ 1507 1508 uint8_t auth_res_sz; 1509 /**< Size in bytes of the authentication result */ 1510 1511 } icp_qat_fw_la_auth_req_params_t; 1512 1513 #pragma pack(pop) 1514 1515 /** 1516 ***************************************************************************** 1517 * @ingroup icp_qat_fw_la 1518 * Definition of the auth request parameters block 1519 * @description 1520 * Definition of the authentication processing request parameters block 1521 * structure, which forms part of the block incorporating LWs 14-26, 1522 * as defined by the common base parameters structure. Note: 1523 * This structure is used by SSL3 and MGF1 only. All fields other than 1524 * inner prefix/ AAD size are unused and therefore reserved. 1525 * 1526 *****************************************************************************/ 1527 typedef struct icp_qat_fw_la_auth_req_params_resrvd_flds_s { 1528 /**< LWs 20-25 */ 1529 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_6]; 1530 1531 /**< LW 26 */ 1532 union { 1533 uint8_t inner_prefix_sz; 1534 /**< Size in bytes of the inner prefix data */ 1535 1536 uint8_t aad_sz; 1537 /**< Size in bytes of padded AAD data to prefix to the packet 1538 * for CCM 1539 * or GCM processing */ 1540 } u2; 1541 1542 uint8_t resrvd1; 1543 /**< reserved */ 1544 1545 uint16_t resrvd2; 1546 /**< reserved */ 1547 1548 } icp_qat_fw_la_auth_req_params_resrvd_flds_t; 1549 1550 /** 1551 ***************************************************************************** 1552 * @ingroup icp_qat_fw_la 1553 * Definition of the shared fields within the parameter block 1554 * containing SSL, TLS or MGF information. 1555 * @description 1556 * This structure defines the shared fields for SSL, TLS or MGF 1557 * within the parameter block incorporating LWs 14-26, as defined 1558 * by the common base parameters structure. 1559 * Unused fields must be set to 0. 1560 * 1561 *****************************************************************************/ 1562 typedef struct icp_qat_fw_la_key_gen_common_s { 1563 /**< LW 14 */ 1564 union { 1565 /**< SSL3 */ 1566 uint16_t secret_lgth_ssl; 1567 /**< Length of Secret information for SSL. In the case of TLS 1568 * the 1569 * secret is supplied in the content descriptor */ 1570 1571 /**< MGF */ 1572 uint16_t mask_length; 1573 /**< Size in bytes of the desired output mask for MGF1*/ 1574 1575 /**< TLS */ 1576 uint16_t secret_lgth_tls; 1577 /**< TLS Secret length */ 1578 1579 } u; 1580 1581 union { 1582 /**< SSL3 */ 1583 struct { 1584 uint8_t output_lgth_ssl; 1585 /**< Output length */ 1586 1587 uint8_t label_lgth_ssl; 1588 /**< Label length */ 1589 1590 } s1; 1591 1592 /**< MGF */ 1593 struct { 1594 uint8_t hash_length; 1595 /**< Hash length */ 1596 1597 uint8_t seed_length; 1598 /**< Seed length */ 1599 1600 } s2; 1601 1602 /**< TLS */ 1603 struct { 1604 uint8_t output_lgth_tls; 1605 /**< Output length */ 1606 1607 uint8_t label_lgth_tls; 1608 /**< Label length */ 1609 1610 } s3; 1611 1612 /**< HKDF */ 1613 struct { 1614 uint8_t rsrvd1; 1615 /**< Unused */ 1616 1617 uint8_t info_length; 1618 /**< Info length. This is plain data, not wrapped in an 1619 * icp_qat_fw_hkdf_label structure. 1620 */ 1621 1622 } hkdf; 1623 1624 /**< HKDF Expand Label */ 1625 struct { 1626 uint8_t rsrvd1; 1627 /**< Unused */ 1628 1629 uint8_t num_labels; 1630 /**< Number of labels */ 1631 } hkdf_label; 1632 1633 } u1; 1634 1635 /**< LW 15 */ 1636 union { 1637 /**< SSL3 */ 1638 uint8_t iter_count; 1639 /**< Iteration count used by the SSL key gen request */ 1640 1641 /**< TLS */ 1642 uint8_t tls_seed_length; 1643 /**< TLS Seed length */ 1644 1645 /**< HKDF */ 1646 uint8_t hkdf_ikm_length; 1647 /**< Input keying material (IKM) length */ 1648 1649 uint8_t resrvd1; 1650 /**< Reserved field set to 0 for MGF1 */ 1651 1652 } u2; 1653 1654 union { 1655 /**< HKDF */ 1656 uint8_t hkdf_num_sublabels; 1657 /**< Number of subLabels in subLabel buffer, 0-4 */ 1658 1659 uint8_t resrvd2; 1660 /**< Reserved space - unused */ 1661 } u3; 1662 1663 uint16_t resrvd3; 1664 /**< Reserved space - unused */ 1665 1666 } icp_qat_fw_la_key_gen_common_t; 1667 1668 /** 1669 ***************************************************************************** 1670 * @ingroup icp_qat_fw_la 1671 * Definition of the SSL3 request parameters block 1672 * @description 1673 * This structure contains the SSL3 processing request parameters 1674 * incorporating LWs 14-26, as defined by the common base 1675 * parameters structure. Unused fields must be set to 0. 1676 * 1677 *****************************************************************************/ 1678 typedef struct icp_qat_fw_la_ssl3_req_params_s { 1679 /**< LWs 14-15 */ 1680 icp_qat_fw_la_key_gen_common_t keygen_comn; 1681 /**< For other key gen processing these field holds ssl, tls or mgf 1682 * parameters */ 1683 1684 /**< LW 16-25 */ 1685 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_10]; 1686 /**< Reserved */ 1687 1688 /**< LW 26 */ 1689 union { 1690 uint8_t inner_prefix_sz; 1691 /**< Size in bytes of the inner prefix data */ 1692 1693 uint8_t aad_sz; 1694 /**< Size in bytes of padded AAD data to prefix to the packet 1695 * for CCM 1696 * or GCM processing */ 1697 } u2; 1698 1699 uint8_t resrvd1; 1700 /**< reserved */ 1701 1702 uint16_t resrvd2; 1703 /**< reserved */ 1704 1705 } icp_qat_fw_la_ssl3_req_params_t; 1706 1707 /** 1708 ***************************************************************************** 1709 * @ingroup icp_qat_fw_la 1710 * Definition of the MGF request parameters block 1711 * @description 1712 * This structure contains the MGF processing request parameters 1713 * incorporating LWs 14-26, as defined by the common base parameters 1714 * structure. Unused fields must be set to 0. 1715 * 1716 *****************************************************************************/ 1717 typedef struct icp_qat_fw_la_mgf_req_params_s { 1718 /**< LWs 14-15 */ 1719 icp_qat_fw_la_key_gen_common_t keygen_comn; 1720 /**< For other key gen processing these field holds ssl or mgf 1721 * parameters */ 1722 1723 /**< LW 16-25 */ 1724 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_10]; 1725 /**< Reserved */ 1726 1727 /**< LW 26 */ 1728 union { 1729 uint8_t inner_prefix_sz; 1730 /**< Size in bytes of the inner prefix data */ 1731 1732 uint8_t aad_sz; 1733 /**< Size in bytes of padded AAD data to prefix to the packet 1734 * for CCM 1735 * or GCM processing */ 1736 } u2; 1737 1738 uint8_t resrvd1; 1739 /**< reserved */ 1740 1741 uint16_t resrvd2; 1742 /**< reserved */ 1743 1744 } icp_qat_fw_la_mgf_req_params_t; 1745 1746 /** 1747 ***************************************************************************** 1748 * @ingroup icp_qat_fw_la 1749 * Definition of the TLS request parameters block 1750 * @description 1751 * This structure contains the TLS processing request parameters 1752 * incorporating LWs 14-26, as defined by the common base parameters 1753 * structure. Unused fields must be set to 0. 1754 * 1755 *****************************************************************************/ 1756 typedef struct icp_qat_fw_la_tls_req_params_s { 1757 /**< LWs 14-15 */ 1758 icp_qat_fw_la_key_gen_common_t keygen_comn; 1759 /**< For other key gen processing these field holds ssl, tls or mgf 1760 * parameters */ 1761 1762 /**< LW 16-19 */ 1763 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_4]; 1764 /**< Reserved */ 1765 1766 } icp_qat_fw_la_tls_req_params_t; 1767 1768 /** 1769 ***************************************************************************** 1770 * @ingroup icp_qat_fw_la 1771 * Definition of the common QAT FW request middle block for TRNG. 1772 * @description 1773 * Common section of the request used across all of the services exposed 1774 * by the QAT FW. Each of the services inherit these common fields. TRNG 1775 * requires a specific implementation. 1776 * 1777 *****************************************************************************/ 1778 typedef struct icp_qat_fw_la_trng_req_mid_s { 1779 /**< LWs 6-13 */ 1780 uint64_t opaque_data; 1781 /**< Opaque data passed unmodified from the request to response messages 1782 * by 1783 * firmware (fw) */ 1784 1785 uint64_t resrvd1; 1786 /**< Reserved, unused for TRNG */ 1787 1788 uint64_t dest_data_addr; 1789 /**< Generic definition of the destination data supplied to the QAT AE. 1790 * The 1791 * common flags are used to further describe the attributes of this 1792 * field */ 1793 1794 uint32_t resrvd2; 1795 /** < Reserved, unused for TRNG */ 1796 1797 uint32_t entropy_length; 1798 /**< Size of the data in bytes to process. Used by the get_random 1799 * command. Set to 0 for commands that dont need a length parameter */ 1800 1801 } icp_qat_fw_la_trng_req_mid_t; 1802 1803 /** 1804 ***************************************************************************** 1805 * @ingroup icp_qat_fw_la 1806 * Definition of the common LA QAT FW TRNG request 1807 * @description 1808 * Definition of the TRNG processing request type 1809 * 1810 *****************************************************************************/ 1811 typedef struct icp_qat_fw_la_trng_req_s { 1812 /**< LWs 0-1 */ 1813 icp_qat_fw_comn_req_hdr_t comn_hdr; 1814 /**< Common request header */ 1815 1816 /**< LWs 2-5 */ 1817 icp_qat_fw_comn_req_hdr_cd_pars_t cd_pars; 1818 /**< Common Request content descriptor field which points either to a 1819 * content descriptor 1820 * parameter block or contains the service-specific data itself. */ 1821 1822 /**< LWs 6-13 */ 1823 icp_qat_fw_la_trng_req_mid_t comn_mid; 1824 /**< TRNG request middle section - differs from the common mid-section 1825 */ 1826 1827 /**< LWs 14-26 */ 1828 uint32_t resrvd1[ICP_QAT_FW_NUM_LONGWORDS_13]; 1829 1830 /**< LWs 27-31 */ 1831 uint32_t resrvd2[ICP_QAT_FW_NUM_LONGWORDS_5]; 1832 1833 } icp_qat_fw_la_trng_req_t; 1834 1835 /** 1836 ***************************************************************************** 1837 * @ingroup icp_qat_fw_la 1838 * Definition of the Lookaside Eagle Tail Response 1839 * @description 1840 * This is the response delivered to the ET rings by the Lookaside 1841 * QAT FW service for all commands 1842 * 1843 *****************************************************************************/ 1844 typedef struct icp_qat_fw_la_resp_s { 1845 /**< LWs 0-1 */ 1846 icp_qat_fw_comn_resp_hdr_t comn_resp; 1847 /**< Common interface response format see icp_qat_fw.h */ 1848 1849 /**< LWs 2-3 */ 1850 uint64_t opaque_data; 1851 /**< Opaque data passed from the request to the response message */ 1852 1853 /**< LWs 4-7 */ 1854 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_4]; 1855 /**< Reserved */ 1856 1857 } icp_qat_fw_la_resp_t; 1858 1859 /** 1860 ***************************************************************************** 1861 * @ingroup icp_qat_fw_la 1862 * Definition of the Lookaside TRNG Test Status Structure 1863 * @description 1864 * As an addition to ICP_QAT_FW_LA_TRNG_STATUS Pass or Fail information 1865 * in common response fields, as a response to TRNG_TEST request, Test 1866 * status, Counter for failed tests and 4 entropy counter values are 1867 * sent 1868 * Status of test status and the fail counts. 1869 * 1870 * 1871 *****************************************************************************/ 1872 typedef struct icp_qat_fw_la_trng_test_result_s { 1873 uint32_t test_status_info; 1874 /**< TRNG comparator health test status& Validity information 1875 see Test Status Bit Fields below. */ 1876 1877 uint32_t test_status_fail_count; 1878 /**< TRNG comparator health test status, 32bit fail counter */ 1879 1880 uint64_t r_ent_ones_cnt; 1881 /**< Raw Entropy ones counter */ 1882 1883 uint64_t r_ent_zeros_cnt; 1884 /**< Raw Entropy zeros counter */ 1885 1886 uint64_t c_ent_ones_cnt; 1887 /**< Conditioned Entropy ones counter */ 1888 1889 uint64_t c_ent_zeros_cnt; 1890 /**< Conditioned Entropy zeros counter */ 1891 1892 uint64_t resrvd; 1893 /**< Reserved field must be set to zero */ 1894 1895 } icp_qat_fw_la_trng_test_result_t; 1896 1897 /** 1898 ***************************************************************************** 1899 * @ingroup icp_qat_fw_la 1900 * Definition of the Lookaside SSL Key Material Input 1901 * @description 1902 * This struct defines the layout of input parameters for the 1903 * SSL3 key generation (source flat buffer format) 1904 * 1905 *****************************************************************************/ 1906 typedef struct icp_qat_fw_la_ssl_key_material_input_s { 1907 uint64_t seed_addr; 1908 /**< Pointer to seed */ 1909 1910 uint64_t label_addr; 1911 /**< Pointer to label(s) */ 1912 1913 uint64_t secret_addr; 1914 /**< Pointer to secret */ 1915 1916 } icp_qat_fw_la_ssl_key_material_input_t; 1917 1918 /** 1919 ***************************************************************************** 1920 * @ingroup icp_qat_fw_la 1921 * Definition of the Lookaside TLS Key Material Input 1922 * @description 1923 * This struct defines the layout of input parameters for the 1924 * TLS key generation (source flat buffer format) 1925 * @note 1926 * Secret state value (S split into S1 and S2 parts) is supplied via 1927 * Content Descriptor. S1 is placed in an outer prefix buffer, and S2 1928 * inside the inner prefix buffer. 1929 * 1930 *****************************************************************************/ 1931 typedef struct icp_qat_fw_la_tls_key_material_input_s { 1932 uint64_t seed_addr; 1933 /**< Pointer to seed */ 1934 1935 uint64_t label_addr; 1936 /**< Pointer to label(s) */ 1937 1938 } icp_qat_fw_la_tls_key_material_input_t; 1939 1940 /** 1941 ***************************************************************************** 1942 * @ingroup icp_qat_fw_la 1943 * Definition of the Lookaside HKDF (TLS 1.3) Key Material Input 1944 * @description 1945 * This structure defines the source buffer for HKDF operations, which 1946 * must be provided in flat buffer format. 1947 * 1948 * The result will be returned in the destination buffer (flat format). 1949 * All generated key materials will be returned in a packed layout. Where 1950 * sublabel flags are specified, the result of the child expands will 1951 * immediately follow their parent. 1952 * 1953 * @note 1954 * TLS 1.3 / HKDF operations require only one key (either the Extract Salt 1955 * or the Expand PSK) which is placed in the inner prefix buffer. 1956 * 1957 *****************************************************************************/ 1958 typedef struct icp_qat_fw_la_hkdf_key_material_input_s { 1959 uint64_t ikm_addr; 1960 /**< Pointer to IKM (input keying material) */ 1961 1962 uint64_t labels_addr; 1963 /**< Pointer to labels buffer. 1964 * For HKDF Expand (without Label) this buffer contains the Info. 1965 * 1966 * For TLS 1.3 / HKDF Expand-Label this buffer contains up to 4 1967 * icp_qat_fw_hkdf_label structures, which will result in a 1968 * corresponding number of first level Expand-Label operations. 1969 * 1970 * For each of these operations, the result may become an input to child 1971 * Expand-Label operations as specified by the sublabel flags, where bit 1972 * 0 indicates a child Expand using label 0 from the sublabels buffer, 1973 * bit 1 indicates sublabel 1, and so on. In this way, up to 20 1974 * Expand-Label operations may be performed in one request. 1975 */ 1976 1977 uint64_t sublabels_addr; 1978 /**< Pointer to 0-4 sublabels for TLS 1.3, following the format 1979 * described for label_addr above. The buffer will typically contain 1980 * all 4 of the supported sublabels. 1981 * The sublabel flags defined for this context are as follows: 1982 * - QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS 1983 * - QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS 1984 * - QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS 1985 */ 1986 } icp_qat_fw_la_hkdf_key_material_input_t; 1987 1988 /** 1989 ****************************************************************************** 1990 * @ingroup icp_qat_fw_la 1991 * 1992 * @description 1993 * Macros using the bit position and mask to set/extract the next 1994 * and current id nibbles within the next_curr_id field of the 1995 * content descriptor header block, ONLY FOR CIPHER + AUTH COMBINED. 1996 * Note that for cipher only or authentication only, the common macros 1997 * need to be used. These are defined in the 'icp_qat_fw.h' common header 1998 * file, as they are used by compression, cipher and authentication. 1999 * 2000 * @param cd_ctrl_hdr_t Content descriptor control block header. 2001 * @param val Value of the field being set. 2002 * 2003 *****************************************************************************/ 2004 /** Cipher fields within Cipher + Authentication structure */ 2005 #define ICP_QAT_FW_CIPHER_NEXT_ID_GET(cd_ctrl_hdr_t) \ 2006 ((((cd_ctrl_hdr_t)->next_curr_id_cipher) & \ 2007 ICP_QAT_FW_COMN_NEXT_ID_MASK) >> \ 2008 (ICP_QAT_FW_COMN_NEXT_ID_BITPOS)) 2009 2010 #define ICP_QAT_FW_CIPHER_NEXT_ID_SET(cd_ctrl_hdr_t, val) \ 2011 (cd_ctrl_hdr_t)->next_curr_id_cipher = \ 2012 ((((cd_ctrl_hdr_t)->next_curr_id_cipher) & \ 2013 ICP_QAT_FW_COMN_CURR_ID_MASK) | \ 2014 ((val << ICP_QAT_FW_COMN_NEXT_ID_BITPOS) & \ 2015 ICP_QAT_FW_COMN_NEXT_ID_MASK)) 2016 2017 #define ICP_QAT_FW_CIPHER_CURR_ID_GET(cd_ctrl_hdr_t) \ 2018 (((cd_ctrl_hdr_t)->next_curr_id_cipher) & ICP_QAT_FW_COMN_CURR_ID_MASK) 2019 2020 #define ICP_QAT_FW_CIPHER_CURR_ID_SET(cd_ctrl_hdr_t, val) \ 2021 (cd_ctrl_hdr_t)->next_curr_id_cipher = \ 2022 ((((cd_ctrl_hdr_t)->next_curr_id_cipher) & \ 2023 ICP_QAT_FW_COMN_NEXT_ID_MASK) | \ 2024 ((val)&ICP_QAT_FW_COMN_CURR_ID_MASK)) 2025 2026 /** Authentication fields within Cipher + Authentication structure */ 2027 #define ICP_QAT_FW_AUTH_NEXT_ID_GET(cd_ctrl_hdr_t) \ 2028 ((((cd_ctrl_hdr_t)->next_curr_id_auth) & \ 2029 ICP_QAT_FW_COMN_NEXT_ID_MASK) >> \ 2030 (ICP_QAT_FW_COMN_NEXT_ID_BITPOS)) 2031 2032 #define ICP_QAT_FW_AUTH_NEXT_ID_SET(cd_ctrl_hdr_t, val) \ 2033 (cd_ctrl_hdr_t)->next_curr_id_auth = \ 2034 ((((cd_ctrl_hdr_t)->next_curr_id_auth) & \ 2035 ICP_QAT_FW_COMN_CURR_ID_MASK) | \ 2036 ((val << ICP_QAT_FW_COMN_NEXT_ID_BITPOS) & \ 2037 ICP_QAT_FW_COMN_NEXT_ID_MASK)) 2038 2039 #define ICP_QAT_FW_AUTH_CURR_ID_GET(cd_ctrl_hdr_t) \ 2040 (((cd_ctrl_hdr_t)->next_curr_id_auth) & ICP_QAT_FW_COMN_CURR_ID_MASK) 2041 2042 #define ICP_QAT_FW_AUTH_CURR_ID_SET(cd_ctrl_hdr_t, val) \ 2043 (cd_ctrl_hdr_t)->next_curr_id_auth = \ 2044 ((((cd_ctrl_hdr_t)->next_curr_id_auth) & \ 2045 ICP_QAT_FW_COMN_NEXT_ID_MASK) | \ 2046 ((val)&ICP_QAT_FW_COMN_CURR_ID_MASK)) 2047 2048 /* Definitions of the bits in the test_status_info of the TRNG_TEST response. 2049 * The values returned by the Lookaside service are given below 2050 * The Test result and Test Fail Count values are only valid if the Test 2051 * Results Valid (Tv) is set. 2052 * 2053 * TRNG Test Status Info 2054 * + ===== + ------------------------------------------------ + --- + --- + 2055 * | Bit | 31 - 2 | 1 | 0 | 2056 * + ===== + ------------------------------------------------ + --- + --- + 2057 * | Flags | RESERVED = 0 | Tv | Ts | 2058 * + ===== + ------------------------------------------------------------ + 2059 */ 2060 /****************************************************************************** 2061 * @ingroup icp_qat_fw_la 2062 * Definition of the Lookaside TRNG Test Status Information received as 2063 * a part of icp_qat_fw_la_trng_test_result_t 2064 * 2065 *****************************************************************************/ 2066 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_BITPOS 0 2067 /**< @ingroup icp_qat_fw_la 2068 * TRNG Test Result t_status field bit pos definition.*/ 2069 2070 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_MASK 0x1 2071 /**< @ingroup icp_qat_fw_la 2072 * TRNG Test Result t_status field mask definition.*/ 2073 2074 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_BITPOS 1 2075 /**< @ingroup icp_qat_fw_la 2076 * TRNG Test Result test results valid field bit pos definition.*/ 2077 2078 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_MASK 0x1 2079 /**< @ingroup icp_qat_fw_la 2080 * TRNG Test Result test results valid field mask definition.*/ 2081 2082 /****************************************************************************** 2083 * @ingroup icp_qat_fw_la 2084 * Definition of the Lookaside TRNG test_status values. 2085 * 2086 * 2087 *****************************************************************************/ 2088 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_VALID 1 2089 /**< @ingroup icp_qat_fw_la 2090 * TRNG TEST Response Test Results Valid Value.*/ 2091 2092 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_NOT_VALID 0 2093 /**< @ingroup icp_qat_fw_la 2094 * TRNG TEST Response Test Results are NOT Valid Value.*/ 2095 2096 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_NO_FAILS 1 2097 /**< @ingroup icp_qat_fw_la 2098 * Value for TRNG Test status tests have NO FAILs Value.*/ 2099 2100 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_HAS_FAILS 0 2101 /**< @ingroup icp_qat_fw_la 2102 * Value for TRNG Test status tests have one or more FAILS Value.*/ 2103 2104 /** 2105 ****************************************************************************** 2106 * @ingroup icp_qat_fw_la 2107 * 2108 * @description 2109 * Macro for extraction of the Test Status Field returned in the response 2110 * to TRNG TEST command. 2111 * 2112 * @param test_status 8 bit test_status value to extract the status bit 2113 * 2114 *****************************************************************************/ 2115 #define ICP_QAT_FW_LA_TRNG_TEST_STATUS_TS_FLD_GET(test_status) \ 2116 QAT_FIELD_GET(test_status, \ 2117 QAT_FW_LA_TRNG_TEST_STATUS_TS_BITPOS, \ 2118 QAT_FW_LA_TRNG_TEST_STATUS_TS_MASK) 2119 /** 2120 ****************************************************************************** 2121 * @ingroup icp_qat_fw_la 2122 * 2123 * @description 2124 * Macro for extraction of the Test Results Valid Field returned in the 2125 * response to TRNG TEST command. 2126 * 2127 * @param test_status 8 bit test_status value to extract the Tests 2128 * Results valid bit 2129 * 2130 *****************************************************************************/ 2131 #define ICP_QAT_FW_LA_TRNG_TEST_STATUS_TV_FLD_GET(test_status) \ 2132 QAT_FIELD_GET(test_status, \ 2133 QAT_FW_LA_TRNG_TEST_STATUS_TV_BITPOS, \ 2134 QAT_FW_LA_TRNG_TEST_STATUS_TV_MASK) 2135 2136 /* 2137 ****************************************************************************** 2138 * MGF Max supported input parameters 2139 ****************************************************************************** 2140 */ 2141 #define ICP_QAT_FW_LA_MGF_SEED_LEN_MAX 255 2142 /**< @ingroup icp_qat_fw_la 2143 * Maximum seed length for MGF1 request in bytes 2144 * Typical values may be 48, 64, 128 bytes (or any).*/ 2145 2146 #define ICP_QAT_FW_LA_MGF_MASK_LEN_MAX 65528 2147 /**< @ingroup icp_qat_fw_la 2148 * Maximum mask length for MGF1 request in bytes 2149 * Typical values may be 8 (64-bit), 16 (128-bit). MUST be quad word multiple */ 2150 2151 /* 2152 ****************************************************************************** 2153 * SSL Max supported input parameters 2154 ****************************************************************************** 2155 */ 2156 #define ICP_QAT_FW_LA_SSL_SECRET_LEN_MAX 512 2157 /**< @ingroup icp_qat_fw_la 2158 * Maximum secret length for SSL3 Key Gen request (bytes) */ 2159 2160 #define ICP_QAT_FW_LA_SSL_ITERATES_LEN_MAX 16 2161 /**< @ingroup icp_qat_fw_la 2162 * Maximum iterations for SSL3 Key Gen request (integer) */ 2163 2164 #define ICP_QAT_FW_LA_SSL_LABEL_LEN_MAX 136 2165 /**< @ingroup icp_qat_fw_la 2166 * Maximum label length for SSL3 Key Gen request (bytes) */ 2167 2168 #define ICP_QAT_FW_LA_SSL_SEED_LEN_MAX 64 2169 /**< @ingroup icp_qat_fw_la 2170 * Maximum seed length for SSL3 Key Gen request (bytes) */ 2171 2172 #define ICP_QAT_FW_LA_SSL_OUTPUT_LEN_MAX 248 2173 /**< @ingroup icp_qat_fw_la 2174 * Maximum output length for SSL3 Key Gen request (bytes) */ 2175 2176 /* 2177 ****************************************************************************** 2178 * TLS Max supported input parameters 2179 ****************************************************************************** 2180 */ 2181 #define ICP_QAT_FW_LA_TLS_SECRET_LEN_MAX 128 2182 /**< @ingroup icp_qat_fw_la 2183 * Maximum secret length for TLS Key Gen request (bytes) */ 2184 2185 #define ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX 128 2186 /**< @ingroup icp_qat_fw_la 2187 * Maximum secret length for TLS Key Gen request (bytes) */ 2188 2189 #define ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX 64 2190 /**< @ingroup icp_qat_fw_la 2191 * Maximum secret length for TLS Key Gen request (bytes) */ 2192 2193 #define ICP_QAT_FW_LA_TLS_LABEL_LEN_MAX 255 2194 /**< @ingroup icp_qat_fw_la 2195 * Maximum label length for TLS Key Gen request (bytes) */ 2196 2197 #define ICP_QAT_FW_LA_TLS_SEED_LEN_MAX 64 2198 /**< @ingroup icp_qat_fw_la 2199 * Maximum seed length for TLS Key Gen request (bytes) */ 2200 2201 #define ICP_QAT_FW_LA_TLS_OUTPUT_LEN_MAX 248 2202 /**< @ingroup icp_qat_fw_la 2203 * Maximum output length for TLS Key Gen request (bytes) */ 2204 2205 /* 2206 ****************************************************************************** 2207 * HKDF input parameters 2208 ****************************************************************************** 2209 */ 2210 2211 #define QAT_FW_HKDF_LABEL_BUFFER_SZ 78 2212 #define QAT_FW_HKDF_LABEL_LEN_SZ 1 2213 #define QAT_FW_HKDF_LABEL_FLAGS_SZ 1 2214 2215 #define QAT_FW_HKDF_LABEL_STRUCT_SZ \ 2216 (QAT_FW_HKDF_LABEL_BUFFER_SZ + QAT_FW_HKDF_LABEL_LEN_SZ + \ 2217 QAT_FW_HKDF_LABEL_FLAGS_SZ) 2218 2219 /** 2220 ***************************************************************************** 2221 * @ingroup icp_qat_fw_la 2222 * 2223 * @description 2224 * Wraps an RFC 8446 HkdfLabel with metadata for use in HKDF Expand-Label 2225 * operations. 2226 * 2227 *****************************************************************************/ 2228 struct icp_qat_fw_hkdf_label { 2229 uint8_t label[QAT_FW_HKDF_LABEL_BUFFER_SZ]; 2230 /**< Buffer containing an HkdfLabel as specified in RFC 8446 */ 2231 2232 uint8_t label_length; 2233 /**< The size of the HkdfLabel */ 2234 2235 union { 2236 uint8_t label_flags; 2237 /**< For first-level labels: each bit in [0..3] will trigger a 2238 * child 2239 * Expand-Label operation on the corresponding sublabel. Bits 2240 * [4..7] 2241 * are reserved. 2242 */ 2243 2244 uint8_t sublabel_flags; 2245 /**< For sublabels the following flags are defined: 2246 * - QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS 2247 * - QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS 2248 * - QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS 2249 */ 2250 } u; 2251 }; 2252 2253 #define ICP_QAT_FW_LA_HKDF_SECRET_LEN_MAX 64 2254 /**< Maximum secret length for HKDF request (bytes) */ 2255 2256 #define ICP_QAT_FW_LA_HKDF_IKM_LEN_MAX 64 2257 /**< Maximum IKM length for HKDF request (bytes) */ 2258 2259 #define QAT_FW_HKDF_MAX_LABELS 4 2260 /**< Maximum number of label structures allowed in the labels buffer */ 2261 2262 #define QAT_FW_HKDF_MAX_SUBLABELS 4 2263 /**< Maximum number of label structures allowed in the sublabels buffer */ 2264 2265 /* 2266 ****************************************************************************** 2267 * HKDF inner sublabel flags 2268 ****************************************************************************** 2269 */ 2270 2271 #define QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS 0 2272 /**< Limit sublabel expand output to 12 bytes -- used with the "iv" sublabel */ 2273 2274 #define QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS 1 2275 /**< Limit sublabel expand output to 16 bytes -- used with SHA-256 "key" */ 2276 2277 #define QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS 2 2278 /**< Limit sublabel expand output to 32 bytes -- used with SHA-384 "key" */ 2279 2280 #endif /* _ICP_QAT_FW_LA_H_ */ 2281