178ee8d1cSJulian Grajkowski /*************************************************************************** 278ee8d1cSJulian Grajkowski * 378ee8d1cSJulian Grajkowski * BSD LICENSE 478ee8d1cSJulian Grajkowski * 5266b0663SKrzysztof Zdziarski * Copyright(c) 2007-2023 Intel Corporation. All rights reserved. 678ee8d1cSJulian Grajkowski * All rights reserved. 778ee8d1cSJulian Grajkowski * 878ee8d1cSJulian Grajkowski * Redistribution and use in source and binary forms, with or without 978ee8d1cSJulian Grajkowski * modification, are permitted provided that the following conditions 1078ee8d1cSJulian Grajkowski * are met: 1178ee8d1cSJulian Grajkowski * 1278ee8d1cSJulian Grajkowski * * Redistributions of source code must retain the above copyright 1378ee8d1cSJulian Grajkowski * notice, this list of conditions and the following disclaimer. 1478ee8d1cSJulian Grajkowski * * Redistributions in binary form must reproduce the above copyright 1578ee8d1cSJulian Grajkowski * notice, this list of conditions and the following disclaimer in 1678ee8d1cSJulian Grajkowski * the documentation and/or other materials provided with the 1778ee8d1cSJulian Grajkowski * distribution. 1878ee8d1cSJulian Grajkowski * * Neither the name of Intel Corporation nor the names of its 1978ee8d1cSJulian Grajkowski * contributors may be used to endorse or promote products derived 2078ee8d1cSJulian Grajkowski * from this software without specific prior written permission. 2178ee8d1cSJulian Grajkowski * 2278ee8d1cSJulian Grajkowski * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 2378ee8d1cSJulian Grajkowski * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 2478ee8d1cSJulian Grajkowski * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 2578ee8d1cSJulian Grajkowski * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 2678ee8d1cSJulian Grajkowski * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 2778ee8d1cSJulian Grajkowski * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 2878ee8d1cSJulian Grajkowski * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 2978ee8d1cSJulian Grajkowski * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 3078ee8d1cSJulian Grajkowski * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 3178ee8d1cSJulian Grajkowski * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 3278ee8d1cSJulian Grajkowski * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 3378ee8d1cSJulian Grajkowski * 3478ee8d1cSJulian Grajkowski * 3578ee8d1cSJulian Grajkowski ***************************************************************************/ 3678ee8d1cSJulian Grajkowski 3778ee8d1cSJulian Grajkowski /* 3878ee8d1cSJulian Grajkowski ***************************************************************************** 3978ee8d1cSJulian Grajkowski * Doxygen group definitions 4078ee8d1cSJulian Grajkowski ****************************************************************************/ 4178ee8d1cSJulian Grajkowski 4278ee8d1cSJulian Grajkowski /** 4378ee8d1cSJulian Grajkowski ***************************************************************************** 4478ee8d1cSJulian Grajkowski * @file cpa_cy_key.h 4578ee8d1cSJulian Grajkowski * 4678ee8d1cSJulian Grajkowski * @defgroup cpaCyKeyGen Cryptographic Key and Mask Generation API 4778ee8d1cSJulian Grajkowski * 4878ee8d1cSJulian Grajkowski * @ingroup cpaCy 4978ee8d1cSJulian Grajkowski * 5078ee8d1cSJulian Grajkowski * @description 5178ee8d1cSJulian Grajkowski * These functions specify the API for key and mask generation 5278ee8d1cSJulian Grajkowski * operations. 5378ee8d1cSJulian Grajkowski * 5478ee8d1cSJulian Grajkowski *****************************************************************************/ 5578ee8d1cSJulian Grajkowski 5678ee8d1cSJulian Grajkowski #ifndef CPA_CY_KEY_H 5778ee8d1cSJulian Grajkowski #define CPA_CY_KEY_H 5878ee8d1cSJulian Grajkowski 5978ee8d1cSJulian Grajkowski #ifdef __cplusplus 6078ee8d1cSJulian Grajkowski extern "C" { 6178ee8d1cSJulian Grajkowski #endif 6278ee8d1cSJulian Grajkowski 6378ee8d1cSJulian Grajkowski #include "cpa_cy_common.h" 6478ee8d1cSJulian Grajkowski #include "cpa_cy_sym.h" /* needed for hash algorithm, for MGF */ 6578ee8d1cSJulian Grajkowski 6678ee8d1cSJulian Grajkowski /** 6778ee8d1cSJulian Grajkowski ***************************************************************************** 6878ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 6978ee8d1cSJulian Grajkowski * SSL or TLS key generation random number length. 7078ee8d1cSJulian Grajkowski * 7178ee8d1cSJulian Grajkowski * @description 7278ee8d1cSJulian Grajkowski * Defines the permitted SSL or TLS random number length in bytes that 7378ee8d1cSJulian Grajkowski * may be used with the functions @ref cpaCyKeyGenSsl and @ref 7478ee8d1cSJulian Grajkowski * cpaCyKeyGenTls. This is the length of the client or server random 7578ee8d1cSJulian Grajkowski * number values. 7678ee8d1cSJulian Grajkowski *****************************************************************************/ 7778ee8d1cSJulian Grajkowski #define CPA_CY_KEY_GEN_SSL_TLS_RANDOM_LEN_IN_BYTES (32) 7878ee8d1cSJulian Grajkowski 7978ee8d1cSJulian Grajkowski /** 8078ee8d1cSJulian Grajkowski ***************************************************************************** 8178ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 8278ee8d1cSJulian Grajkowski * SSL Operation Types 8378ee8d1cSJulian Grajkowski * @description 8478ee8d1cSJulian Grajkowski * Enumeration of the different SSL operations that can be specified in 8578ee8d1cSJulian Grajkowski * the struct @ref CpaCyKeyGenSslOpData. It identifies the label. 8678ee8d1cSJulian Grajkowski *****************************************************************************/ 8778ee8d1cSJulian Grajkowski typedef enum _CpaCyKeySslOp 8878ee8d1cSJulian Grajkowski { 8978ee8d1cSJulian Grajkowski CPA_CY_KEY_SSL_OP_MASTER_SECRET_DERIVE = 1, 9078ee8d1cSJulian Grajkowski /**< Derive the master secret */ 9178ee8d1cSJulian Grajkowski CPA_CY_KEY_SSL_OP_KEY_MATERIAL_DERIVE, 9278ee8d1cSJulian Grajkowski /**< Derive the key material */ 9378ee8d1cSJulian Grajkowski CPA_CY_KEY_SSL_OP_USER_DEFINED 9478ee8d1cSJulian Grajkowski /**< User Defined Operation for custom labels*/ 9578ee8d1cSJulian Grajkowski } CpaCyKeySslOp; 9678ee8d1cSJulian Grajkowski 9778ee8d1cSJulian Grajkowski 9878ee8d1cSJulian Grajkowski /** 9978ee8d1cSJulian Grajkowski ***************************************************************************** 10078ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 10178ee8d1cSJulian Grajkowski * SSL data for key generation functions 10278ee8d1cSJulian Grajkowski * @description 10378ee8d1cSJulian Grajkowski * This structure contains data for use in key generation operations for 10478ee8d1cSJulian Grajkowski * SSL. For specific SSL key generation operations, the structure fields 10578ee8d1cSJulian Grajkowski * MUST be set as follows: 10678ee8d1cSJulian Grajkowski * 10778ee8d1cSJulian Grajkowski * @par SSL Master-Secret Derivation: 10878ee8d1cSJulian Grajkowski * <br> sslOp = CPA_CY_KEY_SSL_OP_MASTER_SECRET_DERIVE 10978ee8d1cSJulian Grajkowski * <br> secret = pre-master secret key 11078ee8d1cSJulian Grajkowski * <br> seed = client_random + server_random 11178ee8d1cSJulian Grajkowski * <br> userLabel = NULL 11278ee8d1cSJulian Grajkowski * 11378ee8d1cSJulian Grajkowski * @par SSL Key-Material Derivation: 11478ee8d1cSJulian Grajkowski * <br> sslOp = CPA_CY_KEY_SSL_OP_KEY_MATERIAL_DERIVE 11578ee8d1cSJulian Grajkowski * <br> secret = master secret key 11678ee8d1cSJulian Grajkowski * <br> seed = server_random + client_random 11778ee8d1cSJulian Grajkowski * <br> userLabel = NULL 11878ee8d1cSJulian Grajkowski * 11978ee8d1cSJulian Grajkowski * <br> Note that the client/server random order is reversed from that 12078ee8d1cSJulian Grajkowski * used for master-secret derivation. 12178ee8d1cSJulian Grajkowski * 12278ee8d1cSJulian Grajkowski * @note Each of the client and server random numbers need to be of 12378ee8d1cSJulian Grajkowski * length CPA_CY_KEY_GEN_SSL_TLS_RANDOM_LEN_IN_BYTES. 12478ee8d1cSJulian Grajkowski * 12578ee8d1cSJulian Grajkowski * @note In each of the above descriptions, + indicates concatenation. 12678ee8d1cSJulian Grajkowski * 12778ee8d1cSJulian Grajkowski * @note The label used is predetermined by the SSL operation in line 12878ee8d1cSJulian Grajkowski * with the SSL 3.0 specification, and can be overridden by using 12978ee8d1cSJulian Grajkowski * a user defined operation CPA_CY_KEY_SSL_OP_USER_DEFINED and 13078ee8d1cSJulian Grajkowski * associated userLabel. 13178ee8d1cSJulian Grajkowski * 13278ee8d1cSJulian Grajkowski ****************************************************************************/ 13378ee8d1cSJulian Grajkowski typedef struct _CpaCyKeyGenSslOpData { 13478ee8d1cSJulian Grajkowski CpaCyKeySslOp sslOp; 13578ee8d1cSJulian Grajkowski /**< Indicate the SSL operation to be performed */ 13678ee8d1cSJulian Grajkowski CpaFlatBuffer secret; 13778ee8d1cSJulian Grajkowski /**< Flat buffer containing a pointer to either the master or pre-master 13878ee8d1cSJulian Grajkowski * secret key. The length field indicates the length of the secret key in 13978ee8d1cSJulian Grajkowski * bytes. Implementation-specific limits may apply to this length. */ 14078ee8d1cSJulian Grajkowski CpaFlatBuffer seed; 14178ee8d1cSJulian Grajkowski /**< Flat buffer containing a pointer to the seed data. 14278ee8d1cSJulian Grajkowski * Implementation-specific limits may apply to this length. */ 14378ee8d1cSJulian Grajkowski CpaFlatBuffer info; 14478ee8d1cSJulian Grajkowski /**< Flat buffer containing a pointer to the info data. 14578ee8d1cSJulian Grajkowski * Implementation-specific limits may apply to this length. */ 14678ee8d1cSJulian Grajkowski Cpa32U generatedKeyLenInBytes; 14778ee8d1cSJulian Grajkowski /**< The requested length of the generated key in bytes. 14878ee8d1cSJulian Grajkowski * Implementation-specific limits may apply to this length. */ 14978ee8d1cSJulian Grajkowski CpaFlatBuffer userLabel; 15078ee8d1cSJulian Grajkowski /**< Optional flat buffer containing a pointer to a user defined label. 15178ee8d1cSJulian Grajkowski * The length field indicates the length of the label in bytes. To use this 15278ee8d1cSJulian Grajkowski * field, the sslOp must be CPA_CY_KEY_SSL_OP_USER_DEFINED, 15378ee8d1cSJulian Grajkowski * or otherwise it is ignored and can be set to NULL. 154266b0663SKrzysztof Zdziarski * Implementation-specific limits may apply to this length. */ 15578ee8d1cSJulian Grajkowski } CpaCyKeyGenSslOpData; 15678ee8d1cSJulian Grajkowski 15778ee8d1cSJulian Grajkowski /** 15878ee8d1cSJulian Grajkowski ***************************************************************************** 15978ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 16078ee8d1cSJulian Grajkowski * TLS Operation Types 16178ee8d1cSJulian Grajkowski * @description 16278ee8d1cSJulian Grajkowski * Enumeration of the different TLS operations that can be specified in 16378ee8d1cSJulian Grajkowski * the CpaCyKeyGenTlsOpData. It identifies the label. 16478ee8d1cSJulian Grajkowski * 16578ee8d1cSJulian Grajkowski * The functions @ref cpaCyKeyGenTls and @ref cpaCyKeyGenTls2 16678ee8d1cSJulian Grajkowski * accelerate the TLS PRF, which is defined as part of RFC2246 (TLS 16778ee8d1cSJulian Grajkowski * v1.0), RFC4346 (TLS v1.1), and RFC5246 (TLS v1.2). 16878ee8d1cSJulian Grajkowski * One of the inputs to each of these functions is a label. 16978ee8d1cSJulian Grajkowski * This enumerated type defines values that correspond to some of 17078ee8d1cSJulian Grajkowski * the required labels. 17178ee8d1cSJulian Grajkowski * However, for some of the operations/labels required by these RFCs, 17278ee8d1cSJulian Grajkowski * no values are specified. 17378ee8d1cSJulian Grajkowski * 17478ee8d1cSJulian Grajkowski * In such cases, a user-defined value must be provided. The client 17578ee8d1cSJulian Grajkowski * should use the enum value @ref CPA_CY_KEY_TLS_OP_USER_DEFINED, and 17678ee8d1cSJulian Grajkowski * pass the label using the userLabel field of the @ref 17778ee8d1cSJulian Grajkowski * CpaCyKeyGenTlsOpData data structure. 17878ee8d1cSJulian Grajkowski * 17978ee8d1cSJulian Grajkowski *****************************************************************************/ 18078ee8d1cSJulian Grajkowski typedef enum _CpaCyKeyTlsOp 18178ee8d1cSJulian Grajkowski { 18278ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE = 1, 18378ee8d1cSJulian Grajkowski /**< Derive the master secret using the TLS PRF. 18478ee8d1cSJulian Grajkowski * Corresponds to RFC2246/5246 section 8.1, operation "Computing the 18578ee8d1cSJulian Grajkowski * master secret", label "master secret". */ 18678ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_KEY_MATERIAL_DERIVE, 18778ee8d1cSJulian Grajkowski /**< Derive the key material using the TLS PRF. 18878ee8d1cSJulian Grajkowski * Corresponds to RFC2246/5246 section 6.3, operation "Derive the key 18978ee8d1cSJulian Grajkowski * material", label "key expansion". */ 19078ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_CLIENT_FINISHED_DERIVE, 19178ee8d1cSJulian Grajkowski /**< Derive the client finished tag using the TLS PRF. 19278ee8d1cSJulian Grajkowski * Corresponds to RFC2246/5246 section 7.4.9, operation "Client finished", 19378ee8d1cSJulian Grajkowski * label "client finished". */ 19478ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_SERVER_FINISHED_DERIVE, 19578ee8d1cSJulian Grajkowski /**< Derive the server finished tag using the TLS PRF. 19678ee8d1cSJulian Grajkowski * Corresponds to RFC2246/5246 section 7.4.9, operation "Server finished", 19778ee8d1cSJulian Grajkowski * label "server finished". */ 19878ee8d1cSJulian Grajkowski CPA_CY_KEY_TLS_OP_USER_DEFINED 19978ee8d1cSJulian Grajkowski /**< User Defined Operation for custom labels. */ 20078ee8d1cSJulian Grajkowski 20178ee8d1cSJulian Grajkowski } CpaCyKeyTlsOp; 20278ee8d1cSJulian Grajkowski 20378ee8d1cSJulian Grajkowski 20478ee8d1cSJulian Grajkowski /** 20578ee8d1cSJulian Grajkowski ***************************************************************************** 20678ee8d1cSJulian Grajkowski * @file cpa_cy_key.h 20778ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 20878ee8d1cSJulian Grajkowski * TLS Operation Types 20978ee8d1cSJulian Grajkowski * @description 21078ee8d1cSJulian Grajkowski * Enumeration of the different TLS operations that can be specified in 21178ee8d1cSJulian Grajkowski * the CpaCyKeyGenHKDFOpData. 21278ee8d1cSJulian Grajkowski * 21378ee8d1cSJulian Grajkowski * The function @ref cpaCyKeyGenTls3 21478ee8d1cSJulian Grajkowski * accelerates the TLS HKDF, which is defined as part of RFC5869 (HKDF) 21578ee8d1cSJulian Grajkowski * and RFC8446 (TLS v1.3). 21678ee8d1cSJulian Grajkowski * 21778ee8d1cSJulian Grajkowski * This enumerated type defines the support HKDF operations for 21878ee8d1cSJulian Grajkowski * extraction and expansion of keying material. 21978ee8d1cSJulian Grajkowski * 22078ee8d1cSJulian Grajkowski *****************************************************************************/ 22178ee8d1cSJulian Grajkowski typedef enum _CpaCyKeyHKDFOp 22278ee8d1cSJulian Grajkowski { 22378ee8d1cSJulian Grajkowski CPA_CY_HKDF_KEY_EXTRACT = 12, 22478ee8d1cSJulian Grajkowski /**< HKDF Extract operation 22578ee8d1cSJulian Grajkowski * Corresponds to RFC5869 section 2.2, step 1 "Extract" */ 22678ee8d1cSJulian Grajkowski CPA_CY_HKDF_KEY_EXPAND, 22778ee8d1cSJulian Grajkowski /**< HKDF Expand operation 22878ee8d1cSJulian Grajkowski * Corresponds to RFC5869 section 2.3, step 2 "Expand" */ 22978ee8d1cSJulian Grajkowski CPA_CY_HKDF_KEY_EXTRACT_EXPAND, 23078ee8d1cSJulian Grajkowski /**< HKDF operation 23178ee8d1cSJulian Grajkowski * This performs HKDF_EXTRACT and HKDF_EXPAND in a single 23278ee8d1cSJulian Grajkowski * API invocation. */ 23378ee8d1cSJulian Grajkowski CPA_CY_HKDF_KEY_EXPAND_LABEL , 23478ee8d1cSJulian Grajkowski /**< HKDF Expand label operation for TLS 1.3 23578ee8d1cSJulian Grajkowski * Corresponds to RFC8446 section 7.1 Key Schedule definition for 23678ee8d1cSJulian Grajkowski * HKDF-Expand-Label, which refers to HKDF-Expand defined in RFC5869. */ 23778ee8d1cSJulian Grajkowski CPA_CY_HKDF_KEY_EXTRACT_EXPAND_LABEL 23878ee8d1cSJulian Grajkowski /**< HKDF Extract plus Expand label operation for TLS 1.3 23978ee8d1cSJulian Grajkowski * Corresponds to RFC5869 section 2.2, step 1 "Extract" followed by 24078ee8d1cSJulian Grajkowski * RFC8446 section 7.1 Key Schedule definition for 24178ee8d1cSJulian Grajkowski * HKDF-Expand-Label, which refers to HKDF-Expand defined in RFC5869. */ 24278ee8d1cSJulian Grajkowski } CpaCyKeyHKDFOp; 24378ee8d1cSJulian Grajkowski 24478ee8d1cSJulian Grajkowski 24578ee8d1cSJulian Grajkowski /** 24678ee8d1cSJulian Grajkowski ***************************************************************************** 24778ee8d1cSJulian Grajkowski * @file cpa_cy_key.h 24878ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 24978ee8d1cSJulian Grajkowski * TLS Operation Types 25078ee8d1cSJulian Grajkowski * @description 25178ee8d1cSJulian Grajkowski * Enumeration of the different cipher suites that may be used in a TLS 25278ee8d1cSJulian Grajkowski * v1.3 operation. This value is used to infer the sizes of the key 25378ee8d1cSJulian Grajkowski * and iv sublabel. 25478ee8d1cSJulian Grajkowski * 25578ee8d1cSJulian Grajkowski * The function @ref cpaCyKeyGenTls3 25678ee8d1cSJulian Grajkowski * accelerates the TLS HKDF, which is defined as part of RFC5869 (HKDF) 25778ee8d1cSJulian Grajkowski * and RFC8446 (TLS v1.3). 25878ee8d1cSJulian Grajkowski * 25978ee8d1cSJulian Grajkowski * This enumerated type defines the supported cipher suites in the 26078ee8d1cSJulian Grajkowski * TLS operation that require HKDF key operations. 26178ee8d1cSJulian Grajkowski * 26278ee8d1cSJulian Grajkowski *****************************************************************************/ 26378ee8d1cSJulian Grajkowski typedef enum _CpaCyKeyHKDFCipherSuite 26478ee8d1cSJulian Grajkowski { 26578ee8d1cSJulian Grajkowski CPA_CY_HKDF_TLS_AES_128_GCM_SHA256 = 1, 26678ee8d1cSJulian Grajkowski CPA_CY_HKDF_TLS_AES_256_GCM_SHA384, 26778ee8d1cSJulian Grajkowski CPA_CY_HKDF_TLS_CHACHA20_POLY1305_SHA256 , 26878ee8d1cSJulian Grajkowski CPA_CY_HKDF_TLS_AES_128_CCM_SHA256, 26978ee8d1cSJulian Grajkowski CPA_CY_HKDF_TLS_AES_128_CCM_8_SHA256 27078ee8d1cSJulian Grajkowski } CpaCyKeyHKDFCipherSuite; 27178ee8d1cSJulian Grajkowski 27278ee8d1cSJulian Grajkowski 27378ee8d1cSJulian Grajkowski /** 27478ee8d1cSJulian Grajkowski ***************************************************************************** 27578ee8d1cSJulian Grajkowski * @file cpa_cy_key.h 27678ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 27778ee8d1cSJulian Grajkowski * TLS Operation Types 27878ee8d1cSJulian Grajkowski * @description 27978ee8d1cSJulian Grajkowski * Bitwise constants for HKDF sublabels 28078ee8d1cSJulian Grajkowski * 28178ee8d1cSJulian Grajkowski * These definitions provide bit settings for sublabels for 28278ee8d1cSJulian Grajkowski * HKDF-ExpandLabel operations. 28378ee8d1cSJulian Grajkowski * 28478ee8d1cSJulian Grajkowski * <br> key sublabel to generate "key" keying material 28578ee8d1cSJulian Grajkowski * <br> iv sublabel to generate "iv" keying material 28678ee8d1cSJulian Grajkowski * <br> resumption sublabel to generate "resumption" keying material 28778ee8d1cSJulian Grajkowski * <br> finished sublabel to generate "finished" keying material 28878ee8d1cSJulian Grajkowski * 28978ee8d1cSJulian Grajkowski *****************************************************************************/ 29078ee8d1cSJulian Grajkowski 29178ee8d1cSJulian Grajkowski #define CPA_CY_HKDF_SUBLABEL_KEY ((Cpa16U)0x0001) 29278ee8d1cSJulian Grajkowski /**< Bit for creation of key material for 'key' sublabel */ 29378ee8d1cSJulian Grajkowski #define CPA_CY_HKDF_SUBLABEL_IV ((Cpa16U)0x0002) 29478ee8d1cSJulian Grajkowski /**< Bit for creation of key material for 'iv' sublabel */ 29578ee8d1cSJulian Grajkowski #define CPA_CY_HKDF_SUBLABEL_RESUMPTION ((Cpa16U)0x0004) 29678ee8d1cSJulian Grajkowski /**< Bit for creation of key material for 'resumption' sublabel */ 29778ee8d1cSJulian Grajkowski #define CPA_CY_HKDF_SUBLABEL_FINISHED ((Cpa16U)0x0008) 29878ee8d1cSJulian Grajkowski /**< Bit for creation of key material for 'finished' sublabel */ 29978ee8d1cSJulian Grajkowski 300266b0663SKrzysztof Zdziarski #define CPA_CY_HKDF_KEY_MAX_SECRET_SZ ((Cpa8U)80) 30178ee8d1cSJulian Grajkowski /** space in bytes PSK or (EC)DH */ 30278ee8d1cSJulian Grajkowski #define CPA_CY_HKDF_KEY_MAX_HMAC_SZ ((Cpa8U)48) 30378ee8d1cSJulian Grajkowski /** space in bytes of CPA_CY_SYM_HASH_SHA384 result */ 30478ee8d1cSJulian Grajkowski #define CPA_CY_HKDF_KEY_MAX_INFO_SZ ((Cpa8U)80) 30578ee8d1cSJulian Grajkowski /** space in bytes of largest info needed for TLS 1.3, 30678ee8d1cSJulian Grajkowski * rounded up to multiple of 8 */ 30778ee8d1cSJulian Grajkowski #define CPA_CY_HKDF_KEY_MAX_LABEL_SZ ((Cpa8U)78) 30878ee8d1cSJulian Grajkowski /** space in bytes of largest label for TLS 1.3 */ 30978ee8d1cSJulian Grajkowski #define CPA_CY_HKDF_KEY_MAX_LABEL_COUNT ((Cpa8U)4) 31078ee8d1cSJulian Grajkowski /** Maximum number of labels in op structure */ 31178ee8d1cSJulian Grajkowski 31278ee8d1cSJulian Grajkowski /** 31378ee8d1cSJulian Grajkowski ***************************************************************************** 31478ee8d1cSJulian Grajkowski * @file cpa_cy_key.h 31578ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 31678ee8d1cSJulian Grajkowski * TLS data for key generation functions 31778ee8d1cSJulian Grajkowski * @description 31878ee8d1cSJulian Grajkowski * This structure contains data for describing label for the 31978ee8d1cSJulian Grajkowski * HKDF Extract Label function 32078ee8d1cSJulian Grajkowski * 32178ee8d1cSJulian Grajkowski * @par Extract Label Function 32278ee8d1cSJulian Grajkowski * <br> labelLen = length of the label field 32378ee8d1cSJulian Grajkowski * <br> contextLen = length of the context field 32478ee8d1cSJulian Grajkowski * <br> sublabelFlag = Mask of sub labels required for this label. 32578ee8d1cSJulian Grajkowski * <br> label = label as defined in RFC8446 32678ee8d1cSJulian Grajkowski * <br> context = context as defined in RFC8446 32778ee8d1cSJulian Grajkowski * 32878ee8d1cSJulian Grajkowski ****************************************************************************/ 32978ee8d1cSJulian Grajkowski typedef struct _CpaCyKeyGenHKDFExpandLabel 33078ee8d1cSJulian Grajkowski { 33178ee8d1cSJulian Grajkowski Cpa8U label[CPA_CY_HKDF_KEY_MAX_LABEL_SZ]; 33278ee8d1cSJulian Grajkowski /**< HKDFLabel field as defined in RFC8446 sec 7.1. 33378ee8d1cSJulian Grajkowski */ 33478ee8d1cSJulian Grajkowski Cpa8U labelLen; 33578ee8d1cSJulian Grajkowski /**< The length, in bytes of the label */ 33678ee8d1cSJulian Grajkowski Cpa8U sublabelFlag; 33778ee8d1cSJulian Grajkowski /**< mask of sublabels to be generated. 33878ee8d1cSJulian Grajkowski * This flag is composed of zero or more of: 33978ee8d1cSJulian Grajkowski * CPA_CY_HKDF_SUBLABEL_KEY 34078ee8d1cSJulian Grajkowski * CPA_CY_HKDF_SUBLABEL_IV 34178ee8d1cSJulian Grajkowski * CPA_CY_HKDF_SUBLABEL_RESUMPTION 34278ee8d1cSJulian Grajkowski * CPA_CY_HKDF_SUBLABEL_FINISHED 34378ee8d1cSJulian Grajkowski */ 34478ee8d1cSJulian Grajkowski } CpaCyKeyGenHKDFExpandLabel; 34578ee8d1cSJulian Grajkowski 34678ee8d1cSJulian Grajkowski /** 34778ee8d1cSJulian Grajkowski ***************************************************************************** 34878ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 34978ee8d1cSJulian Grajkowski * TLS data for key generation functions 35078ee8d1cSJulian Grajkowski * @description 35178ee8d1cSJulian Grajkowski * This structure contains data for all HKDF operations: 35278ee8d1cSJulian Grajkowski * <br> HKDF Extract 35378ee8d1cSJulian Grajkowski * <br> HKDF Expand 35478ee8d1cSJulian Grajkowski * <br> HKDF Expand Label 35578ee8d1cSJulian Grajkowski * <br> HKDF Extract and Expand 35678ee8d1cSJulian Grajkowski * <br> HKDF Extract and Expand Label 35778ee8d1cSJulian Grajkowski * 35878ee8d1cSJulian Grajkowski * @par HKDF Map Structure Elements 35978ee8d1cSJulian Grajkowski * <br> secret - IKM value for extract operations or PRK for expand 36078ee8d1cSJulian Grajkowski * or expand operations. 36178ee8d1cSJulian Grajkowski * <br> seed - contains the salt for extract 36278ee8d1cSJulian Grajkowski * operations 36378ee8d1cSJulian Grajkowski * <br> info - contains the info data for extract operations 36478ee8d1cSJulian Grajkowski * <br> labels - See notes above 36578ee8d1cSJulian Grajkowski * 36678ee8d1cSJulian Grajkowski ****************************************************************************/ 36778ee8d1cSJulian Grajkowski typedef struct _CpaCyKeyGenHKDFOpData 36878ee8d1cSJulian Grajkowski { 36978ee8d1cSJulian Grajkowski CpaCyKeyHKDFOp hkdfKeyOp; 37078ee8d1cSJulian Grajkowski /**< Keying operation to be performed. */ 37178ee8d1cSJulian Grajkowski Cpa8U secretLen; 37278ee8d1cSJulian Grajkowski /**< Length of secret field */ 37378ee8d1cSJulian Grajkowski Cpa16U seedLen; 37478ee8d1cSJulian Grajkowski /**< Length of seed field */ 37578ee8d1cSJulian Grajkowski Cpa16U infoLen; 37678ee8d1cSJulian Grajkowski /**< Length of info field */ 37778ee8d1cSJulian Grajkowski Cpa16U numLabels; 37878ee8d1cSJulian Grajkowski /**< Number of filled CpaCyKeyGenHKDFExpandLabel elements */ 37978ee8d1cSJulian Grajkowski Cpa8U secret[CPA_CY_HKDF_KEY_MAX_SECRET_SZ]; 38078ee8d1cSJulian Grajkowski /**< Input Key Material or PRK */ 38178ee8d1cSJulian Grajkowski Cpa8U seed[CPA_CY_HKDF_KEY_MAX_HMAC_SZ]; 38278ee8d1cSJulian Grajkowski /**< Input salt */ 38378ee8d1cSJulian Grajkowski Cpa8U info[CPA_CY_HKDF_KEY_MAX_INFO_SZ]; 38478ee8d1cSJulian Grajkowski /**< info field */ 38578ee8d1cSJulian Grajkowski CpaCyKeyGenHKDFExpandLabel label[CPA_CY_HKDF_KEY_MAX_LABEL_COUNT]; 38678ee8d1cSJulian Grajkowski /**< array of Expand Label structures */ 38778ee8d1cSJulian Grajkowski } CpaCyKeyGenHKDFOpData; 38878ee8d1cSJulian Grajkowski 38978ee8d1cSJulian Grajkowski /** 39078ee8d1cSJulian Grajkowski ***************************************************************************** 39178ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 39278ee8d1cSJulian Grajkowski * TLS data for key generation functions 39378ee8d1cSJulian Grajkowski * @description 39478ee8d1cSJulian Grajkowski * This structure contains data for use in key generation operations for 39578ee8d1cSJulian Grajkowski * TLS. For specific TLS key generation operations, the structure fields 39678ee8d1cSJulian Grajkowski * MUST be set as follows: 39778ee8d1cSJulian Grajkowski * 39878ee8d1cSJulian Grajkowski * @par TLS Master-Secret Derivation: 39978ee8d1cSJulian Grajkowski * <br> tlsOp = CPA_CY_KEY_TLS_OP_MASTER_SECRET_DERIVE 40078ee8d1cSJulian Grajkowski * <br> secret = pre-master secret key 40178ee8d1cSJulian Grajkowski * <br> seed = client_random + server_random 40278ee8d1cSJulian Grajkowski * <br> userLabel = NULL 40378ee8d1cSJulian Grajkowski * 40478ee8d1cSJulian Grajkowski * @par TLS Key-Material Derivation: 40578ee8d1cSJulian Grajkowski * <br> tlsOp = CPA_CY_KEY_TLS_OP_KEY_MATERIAL_DERIVE 40678ee8d1cSJulian Grajkowski * <br> secret = master secret key 40778ee8d1cSJulian Grajkowski * <br> seed = server_random + client_random 40878ee8d1cSJulian Grajkowski * <br> userLabel = NULL 40978ee8d1cSJulian Grajkowski * 41078ee8d1cSJulian Grajkowski * <br> Note that the client/server random order is reversed from 41178ee8d1cSJulian Grajkowski * that used for Master-Secret Derivation. 41278ee8d1cSJulian Grajkowski * 41378ee8d1cSJulian Grajkowski * @par TLS Client finished/Server finished tag Derivation: 41478ee8d1cSJulian Grajkowski * <br> tlsOp = CPA_CY_KEY_TLS_OP_CLIENT_FINISHED_DERIVE (client) 41578ee8d1cSJulian Grajkowski * <br> or CPA_CY_KEY_TLS_OP_SERVER_FINISHED_DERIVE (server) 41678ee8d1cSJulian Grajkowski * <br> secret = master secret key 41778ee8d1cSJulian Grajkowski * <br> seed = MD5(handshake_messages) + SHA-1(handshake_messages) 41878ee8d1cSJulian Grajkowski * <br> userLabel = NULL 41978ee8d1cSJulian Grajkowski * 42078ee8d1cSJulian Grajkowski * @note Each of the client and server random seeds need to be of 42178ee8d1cSJulian Grajkowski * length CPA_CY_KEY_GEN_SSL_TLS_RANDOM_LEN_IN_BYTES. 42278ee8d1cSJulian Grajkowski * @note In each of the above descriptions, + indicates concatenation. 42378ee8d1cSJulian Grajkowski * @note The label used is predetermined by the TLS operation in line 42478ee8d1cSJulian Grajkowski * with the TLS specifications, and can be overridden by using 42578ee8d1cSJulian Grajkowski * a user defined operation CPA_CY_KEY_TLS_OP_USER_DEFINED 42678ee8d1cSJulian Grajkowski * and associated userLabel. 42778ee8d1cSJulian Grajkowski * 42878ee8d1cSJulian Grajkowski ****************************************************************************/ 42978ee8d1cSJulian Grajkowski typedef struct _CpaCyKeyGenTlsOpData { 43078ee8d1cSJulian Grajkowski CpaCyKeyTlsOp tlsOp; 43178ee8d1cSJulian Grajkowski /**< TLS operation to be performed */ 43278ee8d1cSJulian Grajkowski CpaFlatBuffer secret; 43378ee8d1cSJulian Grajkowski /**< Flat buffer containing a pointer to either the master or pre-master 43478ee8d1cSJulian Grajkowski * secret key. The length field indicates the length of the secret in 43578ee8d1cSJulian Grajkowski * bytes. */ 43678ee8d1cSJulian Grajkowski CpaFlatBuffer seed; 43778ee8d1cSJulian Grajkowski /**< Flat buffer containing a pointer to the seed data. 43878ee8d1cSJulian Grajkowski * Implementation-specific limits may apply to this length. */ 43978ee8d1cSJulian Grajkowski Cpa32U generatedKeyLenInBytes; 44078ee8d1cSJulian Grajkowski /**< The requested length of the generated key in bytes. 44178ee8d1cSJulian Grajkowski * Implementation-specific limits may apply to this length. */ 44278ee8d1cSJulian Grajkowski CpaFlatBuffer userLabel; 44378ee8d1cSJulian Grajkowski /**< Optional flat buffer containing a pointer to a user defined label. 44478ee8d1cSJulian Grajkowski * The length field indicates the length of the label in bytes. To use this 44578ee8d1cSJulian Grajkowski * field, the tlsOp must be CPA_CY_KEY_TLS_OP_USER_DEFINED. 44678ee8d1cSJulian Grajkowski * Implementation-specific limits may apply to this length. */ 44778ee8d1cSJulian Grajkowski } CpaCyKeyGenTlsOpData; 44878ee8d1cSJulian Grajkowski 44978ee8d1cSJulian Grajkowski /** 45078ee8d1cSJulian Grajkowski ***************************************************************************** 45178ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 45278ee8d1cSJulian Grajkowski * Key Generation Mask Generation Function (MGF) Data 45378ee8d1cSJulian Grajkowski * @description 45478ee8d1cSJulian Grajkowski * This structure contains data relating to Mask Generation Function 45578ee8d1cSJulian Grajkowski * key generation operations. 45678ee8d1cSJulian Grajkowski * 45778ee8d1cSJulian Grajkowski * @note The default hash algorithm used by the MGF is SHA-1. If a 45878ee8d1cSJulian Grajkowski * different hash algorithm is preferred, then see the extended 45978ee8d1cSJulian Grajkowski * version of this structure, @ref CpaCyKeyGenMgfOpDataExt. 46078ee8d1cSJulian Grajkowski * @see 46178ee8d1cSJulian Grajkowski * cpaCyKeyGenMgf 46278ee8d1cSJulian Grajkowski ****************************************************************************/ 46378ee8d1cSJulian Grajkowski typedef struct _CpaCyKeyGenMgfOpData { 46478ee8d1cSJulian Grajkowski CpaFlatBuffer seedBuffer; 46578ee8d1cSJulian Grajkowski /**< Caller MUST allocate a buffer and populate with the input seed 46678ee8d1cSJulian Grajkowski * data. For optimal performance the start of the seed SHOULD be allocated 46778ee8d1cSJulian Grajkowski * on an 8-byte boundary. The length field represents the seed length in 46878ee8d1cSJulian Grajkowski * bytes. Implementation-specific limits may apply to this length. */ 46978ee8d1cSJulian Grajkowski Cpa32U maskLenInBytes; 47078ee8d1cSJulian Grajkowski /**< The requested length of the generated mask in bytes. 47178ee8d1cSJulian Grajkowski * Implementation-specific limits may apply to this length. */ 47278ee8d1cSJulian Grajkowski } CpaCyKeyGenMgfOpData; 47378ee8d1cSJulian Grajkowski 47478ee8d1cSJulian Grajkowski /** 47578ee8d1cSJulian Grajkowski ***************************************************************************** 47678ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 47778ee8d1cSJulian Grajkowski * Extension to the original Key Generation Mask Generation Function 47878ee8d1cSJulian Grajkowski * (MGF) Data 47978ee8d1cSJulian Grajkowski * @description 48078ee8d1cSJulian Grajkowski * This structure is an extension to the original MGF data structure. 48178ee8d1cSJulian Grajkowski * The extension allows the hash function to be specified. 48278ee8d1cSJulian Grajkowski * @note 48378ee8d1cSJulian Grajkowski * This structure is separate from the base @ref CpaCyKeyGenMgfOpData 48478ee8d1cSJulian Grajkowski * structure in order to retain backwards compatibility with the 48578ee8d1cSJulian Grajkowski * original version of the API. 48678ee8d1cSJulian Grajkowski * @see 48778ee8d1cSJulian Grajkowski * cpaCyKeyGenMgfExt 48878ee8d1cSJulian Grajkowski ****************************************************************************/ 48978ee8d1cSJulian Grajkowski typedef struct _CpaCyKeyGenMgfOpDataExt { 49078ee8d1cSJulian Grajkowski CpaCyKeyGenMgfOpData baseOpData; 49178ee8d1cSJulian Grajkowski /**< "Base" operational data for MGF generation */ 49278ee8d1cSJulian Grajkowski CpaCySymHashAlgorithm hashAlgorithm; 49378ee8d1cSJulian Grajkowski /**< Specifies the hash algorithm to be used by the Mask Generation 49478ee8d1cSJulian Grajkowski * Function */ 49578ee8d1cSJulian Grajkowski } CpaCyKeyGenMgfOpDataExt; 49678ee8d1cSJulian Grajkowski 49778ee8d1cSJulian Grajkowski /** 49878ee8d1cSJulian Grajkowski ***************************************************************************** 49978ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 50078ee8d1cSJulian Grajkowski * Key Generation Statistics. 50178ee8d1cSJulian Grajkowski * @deprecated 50278ee8d1cSJulian Grajkowski * As of v1.3 of the Crypto API, this structure has been deprecated, 50378ee8d1cSJulian Grajkowski * replaced by @ref CpaCyKeyGenStats64. 50478ee8d1cSJulian Grajkowski * @description 50578ee8d1cSJulian Grajkowski * This structure contains statistics on the key and mask generation 50678ee8d1cSJulian Grajkowski * operations. Statistics are set to zero when the component is 50778ee8d1cSJulian Grajkowski * initialized, and are collected per instance. 50878ee8d1cSJulian Grajkowski * 50978ee8d1cSJulian Grajkowski ****************************************************************************/ 51078ee8d1cSJulian Grajkowski typedef struct _CpaCyKeyGenStats { 51178ee8d1cSJulian Grajkowski Cpa32U numSslKeyGenRequests; 51278ee8d1cSJulian Grajkowski /**< Total number of successful SSL key generation requests. */ 51378ee8d1cSJulian Grajkowski Cpa32U numSslKeyGenRequestErrors; 51478ee8d1cSJulian Grajkowski /**< Total number of SSL key generation requests that had an error and 51578ee8d1cSJulian Grajkowski * could not be processed. */ 51678ee8d1cSJulian Grajkowski Cpa32U numSslKeyGenCompleted; 51778ee8d1cSJulian Grajkowski /**< Total number of SSL key generation operations that completed 51878ee8d1cSJulian Grajkowski * successfully. */ 51978ee8d1cSJulian Grajkowski Cpa32U numSslKeyGenCompletedErrors; 52078ee8d1cSJulian Grajkowski /**< Total number of SSL key generation operations that could not be 52178ee8d1cSJulian Grajkowski * completed successfully due to errors. */ 52278ee8d1cSJulian Grajkowski Cpa32U numTlsKeyGenRequests; 52378ee8d1cSJulian Grajkowski /**< Total number of successful TLS key generation requests. */ 52478ee8d1cSJulian Grajkowski Cpa32U numTlsKeyGenRequestErrors; 52578ee8d1cSJulian Grajkowski /**< Total number of TLS key generation requests that had an error and 52678ee8d1cSJulian Grajkowski * could not be processed. */ 52778ee8d1cSJulian Grajkowski Cpa32U numTlsKeyGenCompleted; 52878ee8d1cSJulian Grajkowski /**< Total number of TLS key generation operations that completed 52978ee8d1cSJulian Grajkowski * successfully. */ 53078ee8d1cSJulian Grajkowski Cpa32U numTlsKeyGenCompletedErrors; 53178ee8d1cSJulian Grajkowski /**< Total number of TLS key generation operations that could not be 53278ee8d1cSJulian Grajkowski * completed successfully due to errors. */ 53378ee8d1cSJulian Grajkowski Cpa32U numMgfKeyGenRequests; 53478ee8d1cSJulian Grajkowski /**< Total number of successful MGF key generation requests (including 53578ee8d1cSJulian Grajkowski * "extended" MGF requests). */ 53678ee8d1cSJulian Grajkowski Cpa32U numMgfKeyGenRequestErrors; 53778ee8d1cSJulian Grajkowski /**< Total number of MGF key generation requests that had an error and 53878ee8d1cSJulian Grajkowski * could not be processed. */ 53978ee8d1cSJulian Grajkowski Cpa32U numMgfKeyGenCompleted; 54078ee8d1cSJulian Grajkowski /**< Total number of MGF key generation operations that completed 54178ee8d1cSJulian Grajkowski * successfully. */ 54278ee8d1cSJulian Grajkowski Cpa32U numMgfKeyGenCompletedErrors; 54378ee8d1cSJulian Grajkowski /**< Total number of MGF key generation operations that could not be 54478ee8d1cSJulian Grajkowski * completed successfully due to errors. */ 54578ee8d1cSJulian Grajkowski } CpaCyKeyGenStats CPA_DEPRECATED; 54678ee8d1cSJulian Grajkowski 54778ee8d1cSJulian Grajkowski /** 54878ee8d1cSJulian Grajkowski ***************************************************************************** 54978ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 55078ee8d1cSJulian Grajkowski * Key Generation Statistics (64-bit version). 55178ee8d1cSJulian Grajkowski * @description 55278ee8d1cSJulian Grajkowski * This structure contains the 64-bit version of the statistics 55378ee8d1cSJulian Grajkowski * on the key and mask generation operations. 55478ee8d1cSJulian Grajkowski * Statistics are set to zero when the component is 55578ee8d1cSJulian Grajkowski * initialized, and are collected per instance. 55678ee8d1cSJulian Grajkowski * 55778ee8d1cSJulian Grajkowski ****************************************************************************/ 55878ee8d1cSJulian Grajkowski typedef struct _CpaCyKeyGenStats64 { 55978ee8d1cSJulian Grajkowski Cpa64U numSslKeyGenRequests; 56078ee8d1cSJulian Grajkowski /**< Total number of successful SSL key generation requests. */ 56178ee8d1cSJulian Grajkowski Cpa64U numSslKeyGenRequestErrors; 56278ee8d1cSJulian Grajkowski /**< Total number of SSL key generation requests that had an error and 56378ee8d1cSJulian Grajkowski * could not be processed. */ 56478ee8d1cSJulian Grajkowski Cpa64U numSslKeyGenCompleted; 56578ee8d1cSJulian Grajkowski /**< Total number of SSL key generation operations that completed 56678ee8d1cSJulian Grajkowski * successfully. */ 56778ee8d1cSJulian Grajkowski Cpa64U numSslKeyGenCompletedErrors; 56878ee8d1cSJulian Grajkowski /**< Total number of SSL key generation operations that could not be 56978ee8d1cSJulian Grajkowski * completed successfully due to errors. */ 57078ee8d1cSJulian Grajkowski Cpa64U numTlsKeyGenRequests; 57178ee8d1cSJulian Grajkowski /**< Total number of successful TLS key generation requests. */ 57278ee8d1cSJulian Grajkowski Cpa64U numTlsKeyGenRequestErrors; 57378ee8d1cSJulian Grajkowski /**< Total number of TLS key generation requests that had an error and 57478ee8d1cSJulian Grajkowski * could not be processed. */ 57578ee8d1cSJulian Grajkowski Cpa64U numTlsKeyGenCompleted; 57678ee8d1cSJulian Grajkowski /**< Total number of TLS key generation operations that completed 57778ee8d1cSJulian Grajkowski * successfully. */ 57878ee8d1cSJulian Grajkowski Cpa64U numTlsKeyGenCompletedErrors; 57978ee8d1cSJulian Grajkowski /**< Total number of TLS key generation operations that could not be 58078ee8d1cSJulian Grajkowski * completed successfully due to errors. */ 58178ee8d1cSJulian Grajkowski Cpa64U numMgfKeyGenRequests; 58278ee8d1cSJulian Grajkowski /**< Total number of successful MGF key generation requests (including 58378ee8d1cSJulian Grajkowski * "extended" MGF requests). */ 58478ee8d1cSJulian Grajkowski Cpa64U numMgfKeyGenRequestErrors; 58578ee8d1cSJulian Grajkowski /**< Total number of MGF key generation requests that had an error and 58678ee8d1cSJulian Grajkowski * could not be processed. */ 58778ee8d1cSJulian Grajkowski Cpa64U numMgfKeyGenCompleted; 58878ee8d1cSJulian Grajkowski /**< Total number of MGF key generation operations that completed 58978ee8d1cSJulian Grajkowski * successfully. */ 59078ee8d1cSJulian Grajkowski Cpa64U numMgfKeyGenCompletedErrors; 59178ee8d1cSJulian Grajkowski /**< Total number of MGF key generation operations that could not be 59278ee8d1cSJulian Grajkowski * completed successfully due to errors. */ 59378ee8d1cSJulian Grajkowski } CpaCyKeyGenStats64; 59478ee8d1cSJulian Grajkowski 59578ee8d1cSJulian Grajkowski /** 59678ee8d1cSJulian Grajkowski ***************************************************************************** 59778ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 59878ee8d1cSJulian Grajkowski * SSL Key Generation Function. 59978ee8d1cSJulian Grajkowski * @description 60078ee8d1cSJulian Grajkowski * This function is used for SSL key generation. It implements the key 60178ee8d1cSJulian Grajkowski * generation function defined in section 6.2.2 of the SSL 3.0 60278ee8d1cSJulian Grajkowski * specification as described in 60378ee8d1cSJulian Grajkowski * http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt. 60478ee8d1cSJulian Grajkowski * 60578ee8d1cSJulian Grajkowski * The input seed is taken as a flat buffer and the generated key is 60678ee8d1cSJulian Grajkowski * returned to caller in a flat destination data buffer. 60778ee8d1cSJulian Grajkowski * @context 60878ee8d1cSJulian Grajkowski * When called as an asynchronous function it cannot sleep. It can be 60978ee8d1cSJulian Grajkowski * executed in a context that does not permit sleeping. 61078ee8d1cSJulian Grajkowski * When called as a synchronous function it may sleep. It MUST NOT be 61178ee8d1cSJulian Grajkowski * executed in a context that DOES NOT permit sleeping. 61278ee8d1cSJulian Grajkowski * @assumptions 61378ee8d1cSJulian Grajkowski * None 61478ee8d1cSJulian Grajkowski * @sideEffects 61578ee8d1cSJulian Grajkowski * None 61678ee8d1cSJulian Grajkowski * @blocking 61778ee8d1cSJulian Grajkowski * Yes when configured to operate in synchronous mode. 61878ee8d1cSJulian Grajkowski * @reentrant 61978ee8d1cSJulian Grajkowski * No 62078ee8d1cSJulian Grajkowski * @threadSafe 62178ee8d1cSJulian Grajkowski * Yes 62278ee8d1cSJulian Grajkowski * 62378ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle. 62478ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be 62578ee8d1cSJulian Grajkowski * invoked when the operation is complete. 62678ee8d1cSJulian Grajkowski * If this is set to a NULL value the 62778ee8d1cSJulian Grajkowski * function will operate synchronously. 62878ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific 62978ee8d1cSJulian Grajkowski * call. Will be returned unchanged in the 63078ee8d1cSJulian Grajkowski * callback. 63178ee8d1cSJulian Grajkowski * @param[in] pKeyGenSslOpData Structure containing all the data 63278ee8d1cSJulian Grajkowski * needed to perform the SSL key 63378ee8d1cSJulian Grajkowski * generation operation. The client code 63478ee8d1cSJulian Grajkowski * allocates the memory for this 63578ee8d1cSJulian Grajkowski * structure. This component takes 63678ee8d1cSJulian Grajkowski * ownership of the memory until it is 63778ee8d1cSJulian Grajkowski * returned in the callback. 63878ee8d1cSJulian Grajkowski * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 63978ee8d1cSJulian Grajkowski * buffer to hold the key generation 64078ee8d1cSJulian Grajkowski * output. The data pointer SHOULD be 64178ee8d1cSJulian Grajkowski * aligned on an 8-byte boundary. The 64278ee8d1cSJulian Grajkowski * length field passed in represents the 64378ee8d1cSJulian Grajkowski * size of the buffer in bytes. The value 64478ee8d1cSJulian Grajkowski * that is returned is the size of the 64578ee8d1cSJulian Grajkowski * result key in bytes. 64678ee8d1cSJulian Grajkowski * On invocation the callback function 64778ee8d1cSJulian Grajkowski * will contain this parameter in the 64878ee8d1cSJulian Grajkowski * pOut parameter. 64978ee8d1cSJulian Grajkowski * 65078ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully. 65178ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed. 65278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request. 65378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 65478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources. 65578ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESTARTING API implementation is restarting. 65678ee8d1cSJulian Grajkowski * Resubmit the request. 65778ee8d1cSJulian Grajkowski * 65878ee8d1cSJulian Grajkowski * @pre 65978ee8d1cSJulian Grajkowski * The component has been initialized via cpaCyStartInstance function. 66078ee8d1cSJulian Grajkowski * @post 66178ee8d1cSJulian Grajkowski * None 66278ee8d1cSJulian Grajkowski * @see 66378ee8d1cSJulian Grajkowski * CpaCyKeyGenSslOpData, 66478ee8d1cSJulian Grajkowski * CpaCyGenFlatBufCbFunc 66578ee8d1cSJulian Grajkowski * 66678ee8d1cSJulian Grajkowski *****************************************************************************/ 66778ee8d1cSJulian Grajkowski CpaStatus 66878ee8d1cSJulian Grajkowski cpaCyKeyGenSsl(const CpaInstanceHandle instanceHandle, 66978ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb, 67078ee8d1cSJulian Grajkowski void *pCallbackTag, 67178ee8d1cSJulian Grajkowski const CpaCyKeyGenSslOpData *pKeyGenSslOpData, 67278ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer); 67378ee8d1cSJulian Grajkowski 67478ee8d1cSJulian Grajkowski /** 67578ee8d1cSJulian Grajkowski ***************************************************************************** 67678ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 67778ee8d1cSJulian Grajkowski * TLS Key Generation Function. 67878ee8d1cSJulian Grajkowski * @description 67978ee8d1cSJulian Grajkowski * This function is used for TLS key generation. It implements the 68078ee8d1cSJulian Grajkowski * TLS PRF (Pseudo Random Function) as defined by RFC2246 (TLS v1.0) 68178ee8d1cSJulian Grajkowski * and RFC4346 (TLS v1.1). 68278ee8d1cSJulian Grajkowski * 68378ee8d1cSJulian Grajkowski * The input seed is taken as a flat buffer and the generated key is 68478ee8d1cSJulian Grajkowski * returned to caller in a flat destination data buffer. 68578ee8d1cSJulian Grajkowski * 68678ee8d1cSJulian Grajkowski * @context 68778ee8d1cSJulian Grajkowski * When called as an asynchronous function it cannot sleep. It can be 68878ee8d1cSJulian Grajkowski * executed in a context that does not permit sleeping. 68978ee8d1cSJulian Grajkowski * When called as a synchronous function it may sleep. It MUST NOT be 69078ee8d1cSJulian Grajkowski * executed in a context that DOES NOT permit sleeping. 69178ee8d1cSJulian Grajkowski * @assumptions 69278ee8d1cSJulian Grajkowski * None 69378ee8d1cSJulian Grajkowski * @sideEffects 69478ee8d1cSJulian Grajkowski * None 69578ee8d1cSJulian Grajkowski * @blocking 69678ee8d1cSJulian Grajkowski * Yes when configured to operate in synchronous mode. 69778ee8d1cSJulian Grajkowski * @reentrant 69878ee8d1cSJulian Grajkowski * No 69978ee8d1cSJulian Grajkowski * @threadSafe 70078ee8d1cSJulian Grajkowski * Yes 70178ee8d1cSJulian Grajkowski * 70278ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle. 70378ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be 70478ee8d1cSJulian Grajkowski * invoked when the operation is complete. 70578ee8d1cSJulian Grajkowski * If this is set to a NULL value the 70678ee8d1cSJulian Grajkowski * function will operate synchronously. 70778ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific 70878ee8d1cSJulian Grajkowski * call. Will be returned unchanged in the 70978ee8d1cSJulian Grajkowski * callback. 71078ee8d1cSJulian Grajkowski * @param[in] pKeyGenTlsOpData Structure containing all the data 71178ee8d1cSJulian Grajkowski * needed to perform the TLS key 71278ee8d1cSJulian Grajkowski * generation operation. The client code 71378ee8d1cSJulian Grajkowski * allocates the memory for this 71478ee8d1cSJulian Grajkowski * structure. This component takes 71578ee8d1cSJulian Grajkowski * ownership of the memory until it is 71678ee8d1cSJulian Grajkowski * returned in the callback. 71778ee8d1cSJulian Grajkowski * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 71878ee8d1cSJulian Grajkowski * buffer to hold the key generation 71978ee8d1cSJulian Grajkowski * output. The data pointer SHOULD be 72078ee8d1cSJulian Grajkowski * aligned on an 8-byte boundary. The 72178ee8d1cSJulian Grajkowski * length field passed in represents the 72278ee8d1cSJulian Grajkowski * size of the buffer in bytes. The value 72378ee8d1cSJulian Grajkowski * that is returned is the size of the 72478ee8d1cSJulian Grajkowski * result key in bytes. 72578ee8d1cSJulian Grajkowski * On invocation the callback function 72678ee8d1cSJulian Grajkowski * will contain this parameter in the 72778ee8d1cSJulian Grajkowski * pOut parameter. 72878ee8d1cSJulian Grajkowski * 72978ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully. 73078ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed. 73178ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request. 73278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 73378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources. 73478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESTARTING API implementation is restarting. 73578ee8d1cSJulian Grajkowski * Resubmit the request. 73678ee8d1cSJulian Grajkowski * 73778ee8d1cSJulian Grajkowski * @pre 73878ee8d1cSJulian Grajkowski * The component has been initialized via cpaCyStartInstance function. 73978ee8d1cSJulian Grajkowski * @post 74078ee8d1cSJulian Grajkowski * None 74178ee8d1cSJulian Grajkowski * @see 74278ee8d1cSJulian Grajkowski * CpaCyKeyGenTlsOpData, 74378ee8d1cSJulian Grajkowski * CpaCyGenFlatBufCbFunc 74478ee8d1cSJulian Grajkowski * 74578ee8d1cSJulian Grajkowski *****************************************************************************/ 74678ee8d1cSJulian Grajkowski CpaStatus 74778ee8d1cSJulian Grajkowski cpaCyKeyGenTls(const CpaInstanceHandle instanceHandle, 74878ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb, 74978ee8d1cSJulian Grajkowski void *pCallbackTag, 75078ee8d1cSJulian Grajkowski const CpaCyKeyGenTlsOpData *pKeyGenTlsOpData, 75178ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer); 75278ee8d1cSJulian Grajkowski 75378ee8d1cSJulian Grajkowski /** 75478ee8d1cSJulian Grajkowski ***************************************************************************** 75578ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 75678ee8d1cSJulian Grajkowski * TLS Key Generation Function version 2. 75778ee8d1cSJulian Grajkowski * @description 75878ee8d1cSJulian Grajkowski * This function is used for TLS key generation. It implements the 75978ee8d1cSJulian Grajkowski * TLS PRF (Pseudo Random Function) as defined by RFC5246 (TLS v1.2). 76078ee8d1cSJulian Grajkowski * 76178ee8d1cSJulian Grajkowski * The input seed is taken as a flat buffer and the generated key is 76278ee8d1cSJulian Grajkowski * returned to caller in a flat destination data buffer. 76378ee8d1cSJulian Grajkowski * 76478ee8d1cSJulian Grajkowski * @context 76578ee8d1cSJulian Grajkowski * When called as an asynchronous function it cannot sleep. It can be 76678ee8d1cSJulian Grajkowski * executed in a context that does not permit sleeping. 76778ee8d1cSJulian Grajkowski * When called as a synchronous function it may sleep. It MUST NOT be 76878ee8d1cSJulian Grajkowski * executed in a context that DOES NOT permit sleeping. 76978ee8d1cSJulian Grajkowski * @assumptions 77078ee8d1cSJulian Grajkowski * None 77178ee8d1cSJulian Grajkowski * @sideEffects 77278ee8d1cSJulian Grajkowski * None 77378ee8d1cSJulian Grajkowski * @blocking 77478ee8d1cSJulian Grajkowski * Yes when configured to operate in synchronous mode. 77578ee8d1cSJulian Grajkowski * @reentrant 77678ee8d1cSJulian Grajkowski * No 77778ee8d1cSJulian Grajkowski * @threadSafe 77878ee8d1cSJulian Grajkowski * Yes 77978ee8d1cSJulian Grajkowski * 78078ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle. 78178ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be 78278ee8d1cSJulian Grajkowski * invoked when the operation is complete. 78378ee8d1cSJulian Grajkowski * If this is set to a NULL value the 78478ee8d1cSJulian Grajkowski * function will operate synchronously. 78578ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific 78678ee8d1cSJulian Grajkowski * call. Will be returned unchanged in the 78778ee8d1cSJulian Grajkowski * callback. 78878ee8d1cSJulian Grajkowski * @param[in] pKeyGenTlsOpData Structure containing all the data 78978ee8d1cSJulian Grajkowski * needed to perform the TLS key 79078ee8d1cSJulian Grajkowski * generation operation. The client code 79178ee8d1cSJulian Grajkowski * allocates the memory for this 79278ee8d1cSJulian Grajkowski * structure. This component takes 79378ee8d1cSJulian Grajkowski * ownership of the memory until it is 79478ee8d1cSJulian Grajkowski * returned in the callback. 79578ee8d1cSJulian Grajkowski * @param[in] hashAlgorithm Specifies the hash algorithm to use. 79678ee8d1cSJulian Grajkowski * According to RFC5246, this should be 79778ee8d1cSJulian Grajkowski * "SHA-256 or a stronger standard hash 79878ee8d1cSJulian Grajkowski * function." 79978ee8d1cSJulian Grajkowski * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 80078ee8d1cSJulian Grajkowski * buffer to hold the key generation 80178ee8d1cSJulian Grajkowski * output. The data pointer SHOULD be 80278ee8d1cSJulian Grajkowski * aligned on an 8-byte boundary. The 80378ee8d1cSJulian Grajkowski * length field passed in represents the 80478ee8d1cSJulian Grajkowski * size of the buffer in bytes. The value 80578ee8d1cSJulian Grajkowski * that is returned is the size of the 80678ee8d1cSJulian Grajkowski * result key in bytes. 80778ee8d1cSJulian Grajkowski * On invocation the callback function 80878ee8d1cSJulian Grajkowski * will contain this parameter in the 80978ee8d1cSJulian Grajkowski * pOut parameter. 81078ee8d1cSJulian Grajkowski * 81178ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully. 81278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed. 81378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request. 81478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 81578ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources. 81678ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESTARTING API implementation is restarting. 81778ee8d1cSJulian Grajkowski * Resubmit the request. 81878ee8d1cSJulian Grajkowski * 81978ee8d1cSJulian Grajkowski * @pre 82078ee8d1cSJulian Grajkowski * The component has been initialized via cpaCyStartInstance function. 82178ee8d1cSJulian Grajkowski * @post 82278ee8d1cSJulian Grajkowski * None 82378ee8d1cSJulian Grajkowski * @see 82478ee8d1cSJulian Grajkowski * CpaCyKeyGenTlsOpData, 82578ee8d1cSJulian Grajkowski * CpaCyGenFlatBufCbFunc 82678ee8d1cSJulian Grajkowski * 82778ee8d1cSJulian Grajkowski *****************************************************************************/ 82878ee8d1cSJulian Grajkowski CpaStatus 82978ee8d1cSJulian Grajkowski cpaCyKeyGenTls2(const CpaInstanceHandle instanceHandle, 83078ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb, 83178ee8d1cSJulian Grajkowski void *pCallbackTag, 83278ee8d1cSJulian Grajkowski const CpaCyKeyGenTlsOpData *pKeyGenTlsOpData, 83378ee8d1cSJulian Grajkowski CpaCySymHashAlgorithm hashAlgorithm, 83478ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer); 83578ee8d1cSJulian Grajkowski 83678ee8d1cSJulian Grajkowski 83778ee8d1cSJulian Grajkowski /** 83878ee8d1cSJulian Grajkowski ***************************************************************************** 83978ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 84078ee8d1cSJulian Grajkowski * TLS Key Generation Function version 3. 84178ee8d1cSJulian Grajkowski * @description 84278ee8d1cSJulian Grajkowski * This function is used for TLS key generation. It implements the 84378ee8d1cSJulian Grajkowski * TLS HKDF (HMAC Key Derivation Function) as defined by 84478ee8d1cSJulian Grajkowski * RFC5689 (HKDF) and RFC8446 (TLS 1.3). 84578ee8d1cSJulian Grajkowski * 84678ee8d1cSJulian Grajkowski * The input seed is taken as a flat buffer and the generated key is 84778ee8d1cSJulian Grajkowski * returned to caller in a flat destination data buffer. 84878ee8d1cSJulian Grajkowski * 84978ee8d1cSJulian Grajkowski * @context 85078ee8d1cSJulian Grajkowski * When called as an asynchronous function it cannot sleep. It can be 85178ee8d1cSJulian Grajkowski * executed in a context that does not permit sleeping. 85278ee8d1cSJulian Grajkowski * When called as a synchronous function it may sleep. It MUST NOT be 85378ee8d1cSJulian Grajkowski * executed in a context that DOES NOT permit sleeping. 85478ee8d1cSJulian Grajkowski * @assumptions 85578ee8d1cSJulian Grajkowski * None 85678ee8d1cSJulian Grajkowski * @sideEffects 85778ee8d1cSJulian Grajkowski * None 85878ee8d1cSJulian Grajkowski * @blocking 85978ee8d1cSJulian Grajkowski * Yes when configured to operate in synchronous mode. 86078ee8d1cSJulian Grajkowski * @reentrant 86178ee8d1cSJulian Grajkowski * No 86278ee8d1cSJulian Grajkowski * @threadSafe 86378ee8d1cSJulian Grajkowski * Yes 86478ee8d1cSJulian Grajkowski * 86578ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle. 86678ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be 86778ee8d1cSJulian Grajkowski * invoked when the operation is complete. 86878ee8d1cSJulian Grajkowski * If this is set to a NULL value the 86978ee8d1cSJulian Grajkowski * function will operate synchronously. 87078ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific 87178ee8d1cSJulian Grajkowski * call. Will be returned unchanged in the 87278ee8d1cSJulian Grajkowski * callback. 87378ee8d1cSJulian Grajkowski * @param[in] pKeyGenTlsOpData Structure containing all the data 87478ee8d1cSJulian Grajkowski * needed to perform the TLS key 87578ee8d1cSJulian Grajkowski * generation operation. The client code 87678ee8d1cSJulian Grajkowski * allocates the memory for this 87778ee8d1cSJulian Grajkowski * structure. This component takes 87878ee8d1cSJulian Grajkowski * ownership of the memory until it is 87978ee8d1cSJulian Grajkowski * returned in the callback. The memory 88078ee8d1cSJulian Grajkowski * must be pinned and contiguous, suitable 88178ee8d1cSJulian Grajkowski * for DMA operations. 88278ee8d1cSJulian Grajkowski * @param[in] hashAlgorithm Specifies the hash algorithm to use. 88378ee8d1cSJulian Grajkowski * According to RFC5246, this should be 88478ee8d1cSJulian Grajkowski * "SHA-256 or a stronger standard hash 88578ee8d1cSJulian Grajkowski * function." 88678ee8d1cSJulian Grajkowski * @param[out] pGeneratedKeyBuffer Caller MUST allocate a sufficient 88778ee8d1cSJulian Grajkowski * buffer to hold the key generation 88878ee8d1cSJulian Grajkowski * output. The data pointer SHOULD be 88978ee8d1cSJulian Grajkowski * aligned on an 8-byte boundary. The 89078ee8d1cSJulian Grajkowski * length field passed in represents the 89178ee8d1cSJulian Grajkowski * size of the buffer in bytes. The value 89278ee8d1cSJulian Grajkowski * that is returned is the size of the 89378ee8d1cSJulian Grajkowski * result key in bytes. 89478ee8d1cSJulian Grajkowski * On invocation the callback function 89578ee8d1cSJulian Grajkowski * will contain this parameter in the 89678ee8d1cSJulian Grajkowski * pOut parameter. 89778ee8d1cSJulian Grajkowski * 89878ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully. 89978ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed. 90078ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request. 90178ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 90278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources. 90378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESTARTING API implementation is restarting. 90478ee8d1cSJulian Grajkowski * Resubmit the request. 90578ee8d1cSJulian Grajkowski * 90678ee8d1cSJulian Grajkowski * @pre 90778ee8d1cSJulian Grajkowski * The component has been initialized via cpaCyStartInstance function. 90878ee8d1cSJulian Grajkowski * @post 90978ee8d1cSJulian Grajkowski * None 91078ee8d1cSJulian Grajkowski * @see 91178ee8d1cSJulian Grajkowski * CpaCyGenFlatBufCbFunc 91278ee8d1cSJulian Grajkowski * CpaCyKeyGenHKDFOpData 91378ee8d1cSJulian Grajkowski * 91478ee8d1cSJulian Grajkowski *****************************************************************************/ 91578ee8d1cSJulian Grajkowski CpaStatus 91678ee8d1cSJulian Grajkowski cpaCyKeyGenTls3(const CpaInstanceHandle instanceHandle, 91778ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb, 91878ee8d1cSJulian Grajkowski void *pCallbackTag, 91978ee8d1cSJulian Grajkowski const CpaCyKeyGenHKDFOpData *pKeyGenTlsOpData, 92078ee8d1cSJulian Grajkowski CpaCyKeyHKDFCipherSuite cipherSuite, 92178ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedKeyBuffer); 92278ee8d1cSJulian Grajkowski 92378ee8d1cSJulian Grajkowski 92478ee8d1cSJulian Grajkowski /** 92578ee8d1cSJulian Grajkowski ***************************************************************************** 92678ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 92778ee8d1cSJulian Grajkowski * Mask Generation Function. 92878ee8d1cSJulian Grajkowski * @description 92978ee8d1cSJulian Grajkowski * This function implements the mask generation function MGF1 as 93078ee8d1cSJulian Grajkowski * defined by PKCS#1 v2.1, and RFC3447. The input seed is taken 93178ee8d1cSJulian Grajkowski * as a flat buffer and the generated mask is returned to caller in a 93278ee8d1cSJulian Grajkowski * flat destination data buffer. 93378ee8d1cSJulian Grajkowski * 93478ee8d1cSJulian Grajkowski * @note The default hash algorithm used by the MGF is SHA-1. If a 93578ee8d1cSJulian Grajkowski * different hash algorithm is preferred, then see the "extended" 93678ee8d1cSJulian Grajkowski * version of this function, @ref cpaCyKeyGenMgfExt. 93778ee8d1cSJulian Grajkowski * 93878ee8d1cSJulian Grajkowski * @context 93978ee8d1cSJulian Grajkowski * When called as an asynchronous function it cannot sleep. It can be 94078ee8d1cSJulian Grajkowski * executed in a context that does not permit sleeping. 94178ee8d1cSJulian Grajkowski * When called as a synchronous function it may sleep. It MUST NOT be 94278ee8d1cSJulian Grajkowski * executed in a context that DOES NOT permit sleeping. 94378ee8d1cSJulian Grajkowski * @assumptions 94478ee8d1cSJulian Grajkowski * None 94578ee8d1cSJulian Grajkowski * @sideEffects 94678ee8d1cSJulian Grajkowski * None 94778ee8d1cSJulian Grajkowski * @blocking 94878ee8d1cSJulian Grajkowski * Yes when configured to operate in synchronous mode. 94978ee8d1cSJulian Grajkowski * @reentrant 95078ee8d1cSJulian Grajkowski * No 95178ee8d1cSJulian Grajkowski * @threadSafe 95278ee8d1cSJulian Grajkowski * Yes 95378ee8d1cSJulian Grajkowski * 95478ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle. 95578ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be 95678ee8d1cSJulian Grajkowski * invoked when the operation is complete. 95778ee8d1cSJulian Grajkowski * If this is set to a NULL value the 95878ee8d1cSJulian Grajkowski * function will operate synchronously. 95978ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific call. 96078ee8d1cSJulian Grajkowski * Will be returned unchanged in the 96178ee8d1cSJulian Grajkowski * callback. 96278ee8d1cSJulian Grajkowski * @param[in] pKeyGenMgfOpData Structure containing all the data needed 96378ee8d1cSJulian Grajkowski * to perform the MGF key generation 96478ee8d1cSJulian Grajkowski * operation. The client code allocates the 96578ee8d1cSJulian Grajkowski * memory for this structure. This 96678ee8d1cSJulian Grajkowski * component takes ownership of the memory 96778ee8d1cSJulian Grajkowski * until it is returned in the callback. 96878ee8d1cSJulian Grajkowski * @param[out] pGeneratedMaskBuffer Caller MUST allocate a sufficient buffer 96978ee8d1cSJulian Grajkowski * to hold the generated mask. The data 97078ee8d1cSJulian Grajkowski * pointer SHOULD be aligned on an 8-byte 97178ee8d1cSJulian Grajkowski * boundary. The length field passed in 97278ee8d1cSJulian Grajkowski * represents the size of the buffer in 97378ee8d1cSJulian Grajkowski * bytes. The value that is returned is the 97478ee8d1cSJulian Grajkowski * size of the generated mask in bytes. 97578ee8d1cSJulian Grajkowski * On invocation the callback function 97678ee8d1cSJulian Grajkowski * will contain this parameter in the 97778ee8d1cSJulian Grajkowski * pOut parameter. 97878ee8d1cSJulian Grajkowski * 97978ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully. 98078ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed. 98178ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request. 98278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 98378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources. 98478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESTARTING API implementation is restarting. 98578ee8d1cSJulian Grajkowski * Resubmit the request. 98678ee8d1cSJulian Grajkowski * 98778ee8d1cSJulian Grajkowski * @pre 98878ee8d1cSJulian Grajkowski * The component has been initialized via cpaCyStartInstance function. 98978ee8d1cSJulian Grajkowski * @post 99078ee8d1cSJulian Grajkowski * None 99178ee8d1cSJulian Grajkowski * @see 99278ee8d1cSJulian Grajkowski * CpaCyKeyGenMgfOpData, 99378ee8d1cSJulian Grajkowski * CpaCyGenFlatBufCbFunc 99478ee8d1cSJulian Grajkowski * 99578ee8d1cSJulian Grajkowski *****************************************************************************/ 99678ee8d1cSJulian Grajkowski CpaStatus 99778ee8d1cSJulian Grajkowski cpaCyKeyGenMgf(const CpaInstanceHandle instanceHandle, 99878ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb, 99978ee8d1cSJulian Grajkowski void *pCallbackTag, 100078ee8d1cSJulian Grajkowski const CpaCyKeyGenMgfOpData *pKeyGenMgfOpData, 100178ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedMaskBuffer); 100278ee8d1cSJulian Grajkowski 100378ee8d1cSJulian Grajkowski /** 100478ee8d1cSJulian Grajkowski ***************************************************************************** 100578ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 100678ee8d1cSJulian Grajkowski * Extended Mask Generation Function. 100778ee8d1cSJulian Grajkowski * @description 100878ee8d1cSJulian Grajkowski * This function is used for mask generation. It differs from the "base" 100978ee8d1cSJulian Grajkowski * version of the function (@ref cpaCyKeyGenMgf) in that it allows 101078ee8d1cSJulian Grajkowski * the hash function used by the Mask Generation Function to be 101178ee8d1cSJulian Grajkowski * specified. 101278ee8d1cSJulian Grajkowski * 101378ee8d1cSJulian Grajkowski * @context 101478ee8d1cSJulian Grajkowski * When called as an asynchronous function it cannot sleep. It can be 101578ee8d1cSJulian Grajkowski * executed in a context that does not permit sleeping. 101678ee8d1cSJulian Grajkowski * When called as a synchronous function it may sleep. It MUST NOT be 101778ee8d1cSJulian Grajkowski * executed in a context that DOES NOT permit sleeping. 101878ee8d1cSJulian Grajkowski * @assumptions 101978ee8d1cSJulian Grajkowski * None 102078ee8d1cSJulian Grajkowski * @sideEffects 102178ee8d1cSJulian Grajkowski * None 102278ee8d1cSJulian Grajkowski * @blocking 102378ee8d1cSJulian Grajkowski * Yes when configured to operate in synchronous mode. 102478ee8d1cSJulian Grajkowski * @reentrant 102578ee8d1cSJulian Grajkowski * No 102678ee8d1cSJulian Grajkowski * @threadSafe 102778ee8d1cSJulian Grajkowski * Yes 102878ee8d1cSJulian Grajkowski * 102978ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle. 103078ee8d1cSJulian Grajkowski * @param[in] pKeyGenCb Pointer to callback function to be 103178ee8d1cSJulian Grajkowski * invoked when the operation is complete. 103278ee8d1cSJulian Grajkowski * If this is set to a NULL value the 103378ee8d1cSJulian Grajkowski * function will operate synchronously. 103478ee8d1cSJulian Grajkowski * @param[in] pCallbackTag Opaque User Data for this specific call. 103578ee8d1cSJulian Grajkowski * Will be returned unchanged in the 103678ee8d1cSJulian Grajkowski * callback. 103778ee8d1cSJulian Grajkowski * @param[in] pKeyGenMgfOpDataExt Structure containing all the data needed 103878ee8d1cSJulian Grajkowski * to perform the extended MGF key generation 103978ee8d1cSJulian Grajkowski * operation. The client code allocates the 104078ee8d1cSJulian Grajkowski * memory for this structure. This 104178ee8d1cSJulian Grajkowski * component takes ownership of the memory 104278ee8d1cSJulian Grajkowski * until it is returned in the callback. 104378ee8d1cSJulian Grajkowski * @param[out] pGeneratedMaskBuffer Caller MUST allocate a sufficient buffer 104478ee8d1cSJulian Grajkowski * to hold the generated mask. The data 104578ee8d1cSJulian Grajkowski * pointer SHOULD be aligned on an 8-byte 104678ee8d1cSJulian Grajkowski * boundary. The length field passed in 104778ee8d1cSJulian Grajkowski * represents the size of the buffer in 104878ee8d1cSJulian Grajkowski * bytes. The value that is returned is the 104978ee8d1cSJulian Grajkowski * size of the generated mask in bytes. 105078ee8d1cSJulian Grajkowski * On invocation the callback function 105178ee8d1cSJulian Grajkowski * will contain this parameter in the 105278ee8d1cSJulian Grajkowski * pOut parameter. 105378ee8d1cSJulian Grajkowski * 105478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully. 105578ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed. 105678ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RETRY Resubmit the request. 105778ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 105878ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources. 105978ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESTARTING API implementation is restarting. 106078ee8d1cSJulian Grajkowski * Resubmit the request. 106178ee8d1cSJulian Grajkowski * 106278ee8d1cSJulian Grajkowski * @pre 106378ee8d1cSJulian Grajkowski * The component has been initialized via cpaCyStartInstance function. 106478ee8d1cSJulian Grajkowski * @post 106578ee8d1cSJulian Grajkowski * None 106678ee8d1cSJulian Grajkowski * @note 106778ee8d1cSJulian Grajkowski * This function is only used to generate a mask keys from seed 106878ee8d1cSJulian Grajkowski * material. 106978ee8d1cSJulian Grajkowski * @see 107078ee8d1cSJulian Grajkowski * CpaCyKeyGenMgfOpData, 107178ee8d1cSJulian Grajkowski * CpaCyGenFlatBufCbFunc 107278ee8d1cSJulian Grajkowski * 107378ee8d1cSJulian Grajkowski *****************************************************************************/ 107478ee8d1cSJulian Grajkowski CpaStatus 107578ee8d1cSJulian Grajkowski cpaCyKeyGenMgfExt(const CpaInstanceHandle instanceHandle, 107678ee8d1cSJulian Grajkowski const CpaCyGenFlatBufCbFunc pKeyGenCb, 107778ee8d1cSJulian Grajkowski void *pCallbackTag, 107878ee8d1cSJulian Grajkowski const CpaCyKeyGenMgfOpDataExt *pKeyGenMgfOpDataExt, 107978ee8d1cSJulian Grajkowski CpaFlatBuffer *pGeneratedMaskBuffer); 108078ee8d1cSJulian Grajkowski 108178ee8d1cSJulian Grajkowski /** 108278ee8d1cSJulian Grajkowski ***************************************************************************** 108378ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 108478ee8d1cSJulian Grajkowski * Queries the Key and Mask generation statistics specific to 108578ee8d1cSJulian Grajkowski * an instance. 108678ee8d1cSJulian Grajkowski * 108778ee8d1cSJulian Grajkowski * @deprecated 108878ee8d1cSJulian Grajkowski * As of v1.3 of the Crypto API, this function has been deprecated, 108978ee8d1cSJulian Grajkowski * replaced by @ref cpaCyKeyGenQueryStats64(). 109078ee8d1cSJulian Grajkowski * 109178ee8d1cSJulian Grajkowski * @description 109278ee8d1cSJulian Grajkowski * This function will query a specific instance for key and mask 109378ee8d1cSJulian Grajkowski * generation statistics. The user MUST allocate the CpaCyKeyGenStats 109478ee8d1cSJulian Grajkowski * structure and pass the reference to that into this function call. This 109578ee8d1cSJulian Grajkowski * function will write the statistic results into the passed in 109678ee8d1cSJulian Grajkowski * CpaCyKeyGenStats structure. 109778ee8d1cSJulian Grajkowski * 109878ee8d1cSJulian Grajkowski * Note: statistics returned by this function do not interrupt current data 109978ee8d1cSJulian Grajkowski * processing and as such can be slightly out of sync with operations that 110078ee8d1cSJulian Grajkowski * are in progress during the statistics retrieval process. 110178ee8d1cSJulian Grajkowski * 110278ee8d1cSJulian Grajkowski * @context 110378ee8d1cSJulian Grajkowski * This is a synchronous function and it can sleep. It MUST NOT be 110478ee8d1cSJulian Grajkowski * executed in a context that DOES NOT permit sleeping. 110578ee8d1cSJulian Grajkowski * @assumptions 110678ee8d1cSJulian Grajkowski * None 110778ee8d1cSJulian Grajkowski * @sideEffects 110878ee8d1cSJulian Grajkowski * None 110978ee8d1cSJulian Grajkowski * @blocking 111078ee8d1cSJulian Grajkowski * This function is synchronous and blocking. 111178ee8d1cSJulian Grajkowski * @reentrant 111278ee8d1cSJulian Grajkowski * No 111378ee8d1cSJulian Grajkowski * @threadSafe 111478ee8d1cSJulian Grajkowski * Yes 111578ee8d1cSJulian Grajkowski * 111678ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle. 111778ee8d1cSJulian Grajkowski * @param[out] pKeyGenStats Pointer to memory into which the statistics 111878ee8d1cSJulian Grajkowski * will be written. 111978ee8d1cSJulian Grajkowski * 112078ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully. 112178ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed. 112278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 112378ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources. 112478ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESTARTING API implementation is restarting. 112578ee8d1cSJulian Grajkowski * Resubmit the request. 112678ee8d1cSJulian Grajkowski * 112778ee8d1cSJulian Grajkowski * @pre 112878ee8d1cSJulian Grajkowski * Component has been initialized. 112978ee8d1cSJulian Grajkowski * @post 113078ee8d1cSJulian Grajkowski * None 113178ee8d1cSJulian Grajkowski * @note 113278ee8d1cSJulian Grajkowski * This function operates in a synchronous manner and no asynchronous 113378ee8d1cSJulian Grajkowski * callback will be generated. 113478ee8d1cSJulian Grajkowski * 113578ee8d1cSJulian Grajkowski * @see 113678ee8d1cSJulian Grajkowski * CpaCyKeyGenStats 113778ee8d1cSJulian Grajkowski * 113878ee8d1cSJulian Grajkowski *****************************************************************************/ 113978ee8d1cSJulian Grajkowski CpaStatus CPA_DEPRECATED 114078ee8d1cSJulian Grajkowski cpaCyKeyGenQueryStats(const CpaInstanceHandle instanceHandle, 114178ee8d1cSJulian Grajkowski struct _CpaCyKeyGenStats *pKeyGenStats); 114278ee8d1cSJulian Grajkowski 114378ee8d1cSJulian Grajkowski /** 114478ee8d1cSJulian Grajkowski ***************************************************************************** 114578ee8d1cSJulian Grajkowski * @ingroup cpaCyKeyGen 114678ee8d1cSJulian Grajkowski * Queries the Key and Mask generation statistics (64-bit version) 114778ee8d1cSJulian Grajkowski * specific to an instance. 114878ee8d1cSJulian Grajkowski * 114978ee8d1cSJulian Grajkowski * @description 115078ee8d1cSJulian Grajkowski * This function will query a specific instance for key and mask 115178ee8d1cSJulian Grajkowski * generation statistics. The user MUST allocate the CpaCyKeyGenStats64 115278ee8d1cSJulian Grajkowski * structure and pass the reference to that into this function call. This 115378ee8d1cSJulian Grajkowski * function will write the statistic results into the passed in 115478ee8d1cSJulian Grajkowski * CpaCyKeyGenStats64 structure. 115578ee8d1cSJulian Grajkowski * 115678ee8d1cSJulian Grajkowski * Note: statistics returned by this function do not interrupt current data 115778ee8d1cSJulian Grajkowski * processing and as such can be slightly out of sync with operations that 115878ee8d1cSJulian Grajkowski * are in progress during the statistics retrieval process. 115978ee8d1cSJulian Grajkowski * 116078ee8d1cSJulian Grajkowski * @context 116178ee8d1cSJulian Grajkowski * This is a synchronous function and it can sleep. It MUST NOT be 116278ee8d1cSJulian Grajkowski * executed in a context that DOES NOT permit sleeping. 116378ee8d1cSJulian Grajkowski * @assumptions 116478ee8d1cSJulian Grajkowski * None 116578ee8d1cSJulian Grajkowski * @sideEffects 116678ee8d1cSJulian Grajkowski * None 116778ee8d1cSJulian Grajkowski * @blocking 116878ee8d1cSJulian Grajkowski * This function is synchronous and blocking. 116978ee8d1cSJulian Grajkowski * @reentrant 117078ee8d1cSJulian Grajkowski * No 117178ee8d1cSJulian Grajkowski * @threadSafe 117278ee8d1cSJulian Grajkowski * Yes 117378ee8d1cSJulian Grajkowski * 117478ee8d1cSJulian Grajkowski * @param[in] instanceHandle Instance handle. 117578ee8d1cSJulian Grajkowski * @param[out] pKeyGenStats Pointer to memory into which the statistics 117678ee8d1cSJulian Grajkowski * will be written. 117778ee8d1cSJulian Grajkowski * 117878ee8d1cSJulian Grajkowski * @retval CPA_STATUS_SUCCESS Function executed successfully. 117978ee8d1cSJulian Grajkowski * @retval CPA_STATUS_FAIL Function failed. 118078ee8d1cSJulian Grajkowski * @retval CPA_STATUS_INVALID_PARAM Invalid parameter passed in. 118178ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESOURCE Error related to system resources. 118278ee8d1cSJulian Grajkowski * @retval CPA_STATUS_RESTARTING API implementation is restarting. 118378ee8d1cSJulian Grajkowski * Resubmit the request. 118478ee8d1cSJulian Grajkowski * 118578ee8d1cSJulian Grajkowski * @pre 118678ee8d1cSJulian Grajkowski * Component has been initialized. 118778ee8d1cSJulian Grajkowski * @post 118878ee8d1cSJulian Grajkowski * None 118978ee8d1cSJulian Grajkowski * @note 119078ee8d1cSJulian Grajkowski * This function operates in a synchronous manner and no asynchronous 119178ee8d1cSJulian Grajkowski * callback will be generated. 119278ee8d1cSJulian Grajkowski * 119378ee8d1cSJulian Grajkowski * @see 119478ee8d1cSJulian Grajkowski * CpaCyKeyGenStats64 119578ee8d1cSJulian Grajkowski *****************************************************************************/ 119678ee8d1cSJulian Grajkowski CpaStatus 119778ee8d1cSJulian Grajkowski cpaCyKeyGenQueryStats64(const CpaInstanceHandle instanceHandle, 119878ee8d1cSJulian Grajkowski CpaCyKeyGenStats64 *pKeyGenStats); 119978ee8d1cSJulian Grajkowski 120078ee8d1cSJulian Grajkowski #ifdef __cplusplus 120178ee8d1cSJulian Grajkowski } /* close the extern "C" { */ 120278ee8d1cSJulian Grajkowski #endif 120378ee8d1cSJulian Grajkowski 120478ee8d1cSJulian Grajkowski #endif /* CPA_CY_KEY_H */ 1205