xref: /netbsd/sys/opencrypto/ocryptodev.h (revision 6550d01e) 
1 /*	$NetBSD: ocryptodev.h,v 1.1 2009/03/25 01:26:13 darran Exp $ */
2 /*	$FreeBSD: src/sys/opencrypto/cryptodev.h,v 1.2.2.6 2003/07/02 17:04:50 sam Exp $	*/
3 /*	$OpenBSD: cryptodev.h,v 1.33 2002/07/17 23:52:39 art Exp $	*/
4 
5 /*-
6  * Copyright (c) 2008 The NetBSD Foundation, Inc.
7  * All rights reserved.
8  *
9  * This code is derived from software contributed to The NetBSD Foundation
10  * by Coyote Point Systems, Inc.
11  *
12  * Redistribution and use in source and binary forms, with or without
13  * modification, are permitted provided that the following conditions
14  * are met:
15  * 1. Redistributions of source code must retain the above copyright
16  *    notice, this list of conditions and the following disclaimer.
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
22  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
23  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
24  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
25  * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
26  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
27  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
28  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
29  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31  * POSSIBILITY OF SUCH DAMAGE.
32  */
33 
34 /*
35  * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
36  *
37  * This code was written by Angelos D. Keromytis in Athens, Greece, in
38  * February 2000. Network Security Technologies Inc. (NSTI) kindly
39  * supported the development of this code.
40  *
41  * Copyright (c) 2000 Angelos D. Keromytis
42  *
43  * Permission to use, copy, and modify this software with or without fee
44  * is hereby granted, provided that this entire notice is included in
45  * all source code copies of any software which is or includes a copy or
46  * modification of this software.
47  *
48  * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
49  * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
50  * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
51  * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
52  * PURPOSE.
53  *
54  * Copyright (c) 2001 Theo de Raadt
55  *
56  * Redistribution and use in source and binary forms, with or without
57  * modification, are permitted provided that the following conditions
58  * are met:
59  *
60  * 1. Redistributions of source code must retain the above copyright
61  *   notice, this list of conditions and the following disclaimer.
62  * 2. Redistributions in binary form must reproduce the above copyright
63  *   notice, this list of conditions and the following disclaimer in the
64  *   documentation and/or other materials provided with the distribution.
65  * 3. The name of the author may not be used to endorse or promote products
66  *   derived from this software without specific prior written permission.
67  *
68  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
69  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
70  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
71  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
72  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
73  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
74  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
75  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
76  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
77  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
78  *
79  * Effort sponsored in part by the Defense Advanced Research Projects
80  * Agency (DARPA) and Air Force Research Laboratory, Air Force
81  * Materiel Command, USAF, under agreement number F30602-01-2-0537.
82  *
83  */
84 
85 #ifndef _CRYPTO_OCRYPTODEV_H_
86 #define _CRYPTO_OCRYPTODEV_H_
87 
88 struct osession_op {	/* backwards compatible */
89 	u_int32_t	cipher;		/* ie. CRYPTO_DES_CBC */
90 	u_int32_t	mac;		/* ie. CRYPTO_MD5_HMAC */
91 	u_int32_t	keylen;		/* cipher key */
92 	void *		key;
93 	int		mackeylen;	/* mac key */
94 	void *		mackey;
95 
96   	u_int32_t	ses;		/* returns: session # */
97 };
98 
99 struct osession_n_op {
100 	u_int32_t	cipher;		/* ie. CRYPTO_DES_CBC */
101 	u_int32_t	mac;		/* ie. CRYPTO_MD5_HMAC */
102 
103 	u_int32_t	keylen;		/* cipher key */
104 	void *		key;
105 	int		mackeylen;	/* mac key */
106 	void *		mackey;
107 
108 	u_int32_t	ses;		/* returns: session # */
109 	int		status;
110 };
111 
112 struct ocrypt_op {
113 	u_int32_t	ses;
114 	u_int16_t	op;		/* i.e. COP_ENCRYPT */
115 	u_int16_t	flags;
116 	u_int		len;
117 	void *		src, *dst;	/* become iov[] inside kernel */
118 	void *		mac;		/* must be big enough for chosen MAC */
119 	void *		iv;
120 };
121 
122 /* to support multiple session creation */
123 /*
124  *
125  * The reqid field is filled when the operation has
126  * been accepted and started, and can be used to later retrieve
127  * the operation results via CIOCNCRYPTRET or identify the
128  * request in the completion list returned by CIOCNCRYPTRETM.
129  *
130  * The opaque pointer can be set arbitrarily by the user
131  * and it is passed back in the crypt_result structure
132  * when the request completes.  This field can be used for example
133  * to track context for the request and avoid lookups in the
134  * user application.
135  */
136 
137 struct ocrypt_n_op {
138 	u_int32_t	ses;
139 	u_int16_t	op;		/* i.e. COP_ENCRYPT */
140 	u_int16_t	flags;
141 	u_int		len;		/* src & dst len */
142 
143 	u_int32_t	reqid;		/* request id */
144 	int		status;		/* status of request -accepted or not */
145 	void		*opaque;	/* opaque pointer returned to user */
146 	u_int32_t	keylen;		/* cipher key - optional */
147 	void *		key;
148 	u_int32_t	mackeylen;	/* also optional */
149 	void *		mackey;
150 
151 	void *		src, *dst;	/* become iov[] inside kernel */
152 	void *		mac;		/* must be big enough for chosen MAC */
153 	void *		iv;
154 };
155 
156 struct ocrypt_sgop {
157 	size_t		count;
158 	struct osession_n_op * sessions;
159 };
160 
161 struct ocrypt_mop {
162 	size_t 		count;		/* how many */
163 	struct ocrypt_n_op *	reqs;	/* where to get them */
164 };
165 
166 struct csession;
167 struct fcrypt;
168 
169 #define	OCIOCGSESSION	_IOWR('c', 101, struct osession_op)
170 #define	OCIOCNGSESSION	_IOWR('c', 106, struct ocrypt_sgop)
171 #define OCIOCCRYPT	_IOWR('c', 103, struct ocrypt_op)
172 #define OCIOCNCRYPTM	_IOWR('c', 107, struct ocrypt_mop)
173 
174 int cryptodev_op(struct csession *, struct crypt_op *, struct lwp *);
175 int cryptodev_mop(struct fcrypt *, struct crypt_n_op *, int, struct lwp *);
176 int cryptodev_session(struct fcrypt *, struct session_op *);
177 int cryptodev_msession(struct fcrypt *, struct session_n_op *, int);
178 struct csession *cryptodev_csefind(struct fcrypt *fcr, u_int ses);
179 
180 int ocryptof_ioctl(struct file *, u_long, void *);
181 
182 #endif /* _CRYPTO_OCRYPTODEV_H_ */
183