1 /**
2  * AMCC SoC PPC4xx Crypto Driver
3  *
4  * Copyright (c) 2008 Applied Micro Circuits Corporation.
5  * All rights reserved. James Hsiao <jhsiao@amcc.com>
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License as published by
9  * the Free Software Foundation; either version 2 of the License, or
10  * (at your option) any later version.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15  * GNU General Public License for more details.
16  *
17  * This file defines the security context
18  * associate format.
19  */
20 
21 #ifndef __CRYPTO4XX_SA_H__
22 #define __CRYPTO4XX_SA_H__
23 
24 #define AES_IV_SIZE				16
25 
26 /**
27  * Contents of Dynamic Security Association (SA) with all possible fields
28  */
29 union dynamic_sa_contents {
30 	struct {
31 		u32 arc4_state_ptr:1;
32 		u32 arc4_ij_ptr:1;
33 		u32 state_ptr:1;
34 		u32 iv3:1;
35 		u32 iv2:1;
36 		u32 iv1:1;
37 		u32 iv0:1;
38 		u32 seq_num_mask3:1;
39 		u32 seq_num_mask2:1;
40 		u32 seq_num_mask1:1;
41 		u32 seq_num_mask0:1;
42 		u32 seq_num1:1;
43 		u32 seq_num0:1;
44 		u32 spi:1;
45 		u32 outer_size:5;
46 		u32 inner_size:5;
47 		u32 key_size:4;
48 		u32 cmd_size:4;
49 	} bf;
50 	u32 w;
51 } __attribute__((packed));
52 
53 #define DIR_OUTBOUND				0
54 #define DIR_INBOUND				1
55 #define SA_OP_GROUP_BASIC			0
56 #define SA_OPCODE_ENCRYPT			0
57 #define SA_OPCODE_DECRYPT			0
58 #define SA_OPCODE_ENCRYPT_HASH			1
59 #define SA_OPCODE_HASH_DECRYPT			1
60 #define SA_OPCODE_HASH				3
61 #define SA_CIPHER_ALG_DES			0
62 #define SA_CIPHER_ALG_3DES			1
63 #define SA_CIPHER_ALG_ARC4			2
64 #define SA_CIPHER_ALG_AES			3
65 #define SA_CIPHER_ALG_KASUMI			4
66 #define SA_CIPHER_ALG_NULL			15
67 
68 #define SA_HASH_ALG_MD5				0
69 #define SA_HASH_ALG_SHA1			1
70 #define SA_HASH_ALG_GHASH			12
71 #define SA_HASH_ALG_CBC_MAC			14
72 #define SA_HASH_ALG_NULL			15
73 #define SA_HASH_ALG_SHA1_DIGEST_SIZE		20
74 
75 #define SA_LOAD_HASH_FROM_SA			0
76 #define SA_LOAD_HASH_FROM_STATE			2
77 #define SA_NOT_LOAD_HASH			3
78 #define SA_LOAD_IV_FROM_SA			0
79 #define SA_LOAD_IV_FROM_INPUT			1
80 #define SA_LOAD_IV_FROM_STATE			2
81 #define SA_LOAD_IV_GEN_IV			3
82 
83 #define SA_PAD_TYPE_CONSTANT			2
84 #define SA_PAD_TYPE_ZERO			3
85 #define SA_PAD_TYPE_TLS				5
86 #define SA_PAD_TYPE_DTLS			5
87 #define SA_NOT_SAVE_HASH			0
88 #define SA_SAVE_HASH				1
89 #define SA_NOT_SAVE_IV				0
90 #define SA_SAVE_IV				1
91 #define SA_HEADER_PROC				1
92 #define SA_NO_HEADER_PROC			0
93 
94 union sa_command_0 {
95 	struct {
96 		u32 scatter:1;
97 		u32 gather:1;
98 		u32 save_hash_state:1;
99 		u32 save_iv:1;
100 		u32 load_hash_state:2;
101 		u32 load_iv:2;
102 		u32 digest_len:4;
103 		u32 hdr_proc:1;
104 		u32 extend_pad:1;
105 		u32 stream_cipher_pad:1;
106 		u32 rsv:1;
107 		u32 hash_alg:4;
108 		u32 cipher_alg:4;
109 		u32 pad_type:2;
110 		u32 op_group:2;
111 		u32 dir:1;
112 		u32 opcode:3;
113 	} bf;
114 	u32 w;
115 } __attribute__((packed));
116 
117 #define CRYPTO_MODE_ECB				0
118 #define CRYPTO_MODE_CBC				1
119 #define CRYPTO_MODE_OFB				2
120 #define CRYPTO_MODE_CFB				3
121 #define CRYPTO_MODE_CTR				4
122 
123 #define CRYPTO_FEEDBACK_MODE_NO_FB		0
124 #define CRYPTO_FEEDBACK_MODE_64BIT_OFB		0
125 #define CRYPTO_FEEDBACK_MODE_8BIT_CFB		1
126 #define CRYPTO_FEEDBACK_MODE_1BIT_CFB		2
127 #define CRYPTO_FEEDBACK_MODE_128BIT_CFB		3
128 
129 #define SA_AES_KEY_LEN_128			2
130 #define SA_AES_KEY_LEN_192			3
131 #define SA_AES_KEY_LEN_256			4
132 
133 #define SA_REV2					1
134 /**
135  * The follow defines bits sa_command_1
136  * In Basic hash mode  this bit define simple hash or hmac.
137  * In IPsec mode, this bit define muting control.
138  */
139 #define SA_HASH_MODE_HASH			0
140 #define SA_HASH_MODE_HMAC			1
141 #define SA_MC_ENABLE				0
142 #define SA_MC_DISABLE				1
143 #define SA_NOT_COPY_HDR				0
144 #define SA_COPY_HDR				1
145 #define SA_NOT_COPY_PAD				0
146 #define SA_COPY_PAD				1
147 #define SA_NOT_COPY_PAYLOAD			0
148 #define SA_COPY_PAYLOAD				1
149 #define SA_EXTENDED_SN_OFF			0
150 #define SA_EXTENDED_SN_ON			1
151 #define SA_SEQ_MASK_OFF				0
152 #define SA_SEQ_MASK_ON				1
153 
154 union sa_command_1 {
155 	struct {
156 		u32 crypto_mode31:1;
157 		u32 save_arc4_state:1;
158 		u32 arc4_stateful:1;
159 		u32 key_len:5;
160 		u32 hash_crypto_offset:8;
161 		u32 sa_rev:2;
162 		u32 byte_offset:1;
163 		u32 hmac_muting:1;
164 		u32 feedback_mode:2;
165 		u32 crypto_mode9_8:2;
166 		u32 extended_seq_num:1;
167 		u32 seq_num_mask:1;
168 		u32 mutable_bit_proc:1;
169 		u32 ip_version:1;
170 		u32 copy_pad:1;
171 		u32 copy_payload:1;
172 		u32 copy_hdr:1;
173 		u32 rsv1:1;
174 	} bf;
175 	u32 w;
176 } __attribute__((packed));
177 
178 struct dynamic_sa_ctl {
179 	union dynamic_sa_contents sa_contents;
180 	union sa_command_0 sa_command_0;
181 	union sa_command_1 sa_command_1;
182 } __attribute__((packed));
183 
184 /**
185  * State Record for Security Association (SA)
186  */
187 struct  sa_state_record {
188 	__le32 save_iv[4];
189 	__le32 save_hash_byte_cnt[2];
190 	union {
191 		u32 save_digest[16]; /* for MD5/SHA */
192 		__le32 save_digest_le32[16]; /* GHASH / CBC */
193 	};
194 } __attribute__((packed));
195 
196 /**
197  * Security Association (SA) for AES128
198  *
199  */
200 struct dynamic_sa_aes128 {
201 	struct dynamic_sa_ctl	ctrl;
202 	__le32 key[4];
203 	__le32 iv[4]; /* for CBC, OFC, and CFB mode */
204 	u32 state_ptr;
205 	u32 reserved;
206 } __attribute__((packed));
207 
208 #define SA_AES128_LEN		(sizeof(struct dynamic_sa_aes128)/4)
209 #define SA_AES128_CONTENTS	0x3e000042
210 
211 /*
212  * Security Association (SA) for AES192
213  */
214 struct dynamic_sa_aes192 {
215 	struct dynamic_sa_ctl ctrl;
216 	__le32 key[6];
217 	__le32 iv[4]; /* for CBC, OFC, and CFB mode */
218 	u32 state_ptr;
219 	u32 reserved;
220 } __attribute__((packed));
221 
222 #define SA_AES192_LEN		(sizeof(struct dynamic_sa_aes192)/4)
223 #define SA_AES192_CONTENTS	0x3e000062
224 
225 /**
226  * Security Association (SA) for AES256
227  */
228 struct dynamic_sa_aes256 {
229 	struct dynamic_sa_ctl ctrl;
230 	__le32 key[8];
231 	__le32 iv[4]; /* for CBC, OFC, and CFB mode */
232 	u32 state_ptr;
233 	u32 reserved;
234 } __attribute__((packed));
235 
236 #define SA_AES256_LEN		(sizeof(struct dynamic_sa_aes256)/4)
237 #define SA_AES256_CONTENTS	0x3e000082
238 #define SA_AES_CONTENTS		0x3e000002
239 
240 /**
241  * Security Association (SA) for AES128 CCM
242  */
243 struct dynamic_sa_aes128_ccm {
244 	struct dynamic_sa_ctl ctrl;
245 	__le32 key[4];
246 	__le32 iv[4];
247 	u32 state_ptr;
248 	u32 reserved;
249 } __packed;
250 #define SA_AES128_CCM_LEN	(sizeof(struct dynamic_sa_aes128_ccm)/4)
251 #define SA_AES128_CCM_CONTENTS	0x3e000042
252 #define SA_AES_CCM_CONTENTS	0x3e000002
253 
254 /**
255  * Security Association (SA) for AES128_GCM
256  */
257 struct dynamic_sa_aes128_gcm {
258 	struct dynamic_sa_ctl ctrl;
259 	__le32 key[4];
260 	__le32 inner_digest[4];
261 	__le32 iv[4];
262 	u32 state_ptr;
263 	u32 reserved;
264 } __packed;
265 
266 #define SA_AES128_GCM_LEN	(sizeof(struct dynamic_sa_aes128_gcm)/4)
267 #define SA_AES128_GCM_CONTENTS	0x3e000442
268 #define SA_AES_GCM_CONTENTS	0x3e000402
269 
270 /**
271  * Security Association (SA) for HASH160: HMAC-SHA1
272  */
273 struct dynamic_sa_hash160 {
274 	struct dynamic_sa_ctl ctrl;
275 	__le32 inner_digest[5];
276 	__le32 outer_digest[5];
277 	u32 state_ptr;
278 	u32 reserved;
279 } __attribute__((packed));
280 #define SA_HASH160_LEN		(sizeof(struct dynamic_sa_hash160)/4)
281 #define SA_HASH160_CONTENTS     0x2000a502
282 
283 static inline u32
get_dynamic_sa_offset_state_ptr_field(struct dynamic_sa_ctl * cts)284 get_dynamic_sa_offset_state_ptr_field(struct dynamic_sa_ctl *cts)
285 {
286 	u32 offset;
287 
288 	offset = cts->sa_contents.bf.key_size
289 		+ cts->sa_contents.bf.inner_size
290 		+ cts->sa_contents.bf.outer_size
291 		+ cts->sa_contents.bf.spi
292 		+ cts->sa_contents.bf.seq_num0
293 		+ cts->sa_contents.bf.seq_num1
294 		+ cts->sa_contents.bf.seq_num_mask0
295 		+ cts->sa_contents.bf.seq_num_mask1
296 		+ cts->sa_contents.bf.seq_num_mask2
297 		+ cts->sa_contents.bf.seq_num_mask3
298 		+ cts->sa_contents.bf.iv0
299 		+ cts->sa_contents.bf.iv1
300 		+ cts->sa_contents.bf.iv2
301 		+ cts->sa_contents.bf.iv3;
302 
303 	return sizeof(struct dynamic_sa_ctl) + offset * 4;
304 }
305 
get_dynamic_sa_key_field(struct dynamic_sa_ctl * cts)306 static inline __le32 *get_dynamic_sa_key_field(struct dynamic_sa_ctl *cts)
307 {
308 	return (__le32 *) ((unsigned long)cts + sizeof(struct dynamic_sa_ctl));
309 }
310 
get_dynamic_sa_inner_digest(struct dynamic_sa_ctl * cts)311 static inline __le32 *get_dynamic_sa_inner_digest(struct dynamic_sa_ctl *cts)
312 {
313 	return (__le32 *) ((unsigned long)cts +
314 		sizeof(struct dynamic_sa_ctl) +
315 		cts->sa_contents.bf.key_size * 4);
316 }
317 
318 #endif
319