1 /* SPDX-License-Identifier: GPL-2.0 */ 2 /* Copyright (c) 2019 HiSilicon Limited. */ 3 4 #ifndef __HISI_SEC_V2_CRYPTO_H 5 #define __HISI_SEC_V2_CRYPTO_H 6 7 #define SEC_AIV_SIZE 12 8 #define SEC_IV_SIZE 24 9 #define SEC_MAX_KEY_SIZE 64 10 #define SEC_COMM_SCENE 0 11 #define SEC_MIN_BLOCK_SZ 1 12 13 enum sec_calg { 14 SEC_CALG_3DES = 0x1, 15 SEC_CALG_AES = 0x2, 16 SEC_CALG_SM4 = 0x3, 17 }; 18 19 enum sec_hash_alg { 20 SEC_A_HMAC_SHA1 = 0x10, 21 SEC_A_HMAC_SHA256 = 0x11, 22 SEC_A_HMAC_SHA512 = 0x15, 23 }; 24 25 enum sec_mac_len { 26 SEC_HMAC_CCM_MAC = 16, 27 SEC_HMAC_GCM_MAC = 16, 28 SEC_SM3_MAC = 32, 29 SEC_HMAC_SM3_MAC = 32, 30 SEC_HMAC_MD5_MAC = 16, 31 SEC_HMAC_SHA1_MAC = 20, 32 SEC_HMAC_SHA256_MAC = 32, 33 SEC_HMAC_SHA512_MAC = 64, 34 }; 35 36 enum sec_cmode { 37 SEC_CMODE_ECB = 0x0, 38 SEC_CMODE_CBC = 0x1, 39 SEC_CMODE_CFB = 0x2, 40 SEC_CMODE_OFB = 0x3, 41 SEC_CMODE_CTR = 0x4, 42 SEC_CMODE_CCM = 0x5, 43 SEC_CMODE_GCM = 0x6, 44 SEC_CMODE_XTS = 0x7, 45 }; 46 47 enum sec_ckey_type { 48 SEC_CKEY_128BIT = 0x0, 49 SEC_CKEY_192BIT = 0x1, 50 SEC_CKEY_256BIT = 0x2, 51 SEC_CKEY_3DES_3KEY = 0x1, 52 SEC_CKEY_3DES_2KEY = 0x3, 53 }; 54 55 enum sec_bd_type { 56 SEC_BD_TYPE1 = 0x1, 57 SEC_BD_TYPE2 = 0x2, 58 SEC_BD_TYPE3 = 0x3, 59 }; 60 61 enum sec_auth { 62 SEC_NO_AUTH = 0x0, 63 SEC_AUTH_TYPE1 = 0x1, 64 SEC_AUTH_TYPE2 = 0x2, 65 }; 66 67 enum sec_cipher_dir { 68 SEC_CIPHER_ENC = 0x1, 69 SEC_CIPHER_DEC = 0x2, 70 }; 71 72 enum sec_addr_type { 73 SEC_PBUF = 0x0, 74 SEC_SGL = 0x1, 75 SEC_PRP = 0x2, 76 }; 77 78 struct bd_status { 79 u64 tag; 80 u8 done; 81 u8 err_type; 82 u16 flag; 83 u16 icv; 84 }; 85 86 enum { 87 AUTHPAD_PAD, 88 AUTHPAD_NOPAD, 89 }; 90 91 enum { 92 AIGEN_GEN, 93 AIGEN_NOGEN, 94 }; 95 96 struct sec_sqe_type2 { 97 /* 98 * mac_len: 0~4 bits 99 * a_key_len: 5~10 bits 100 * a_alg: 11~16 bits 101 */ 102 __le32 mac_key_alg; 103 104 /* 105 * c_icv_len: 0~5 bits 106 * c_width: 6~8 bits 107 * c_key_len: 9~11 bits 108 * c_mode: 12~15 bits 109 */ 110 __le16 icvw_kmode; 111 112 /* c_alg: 0~3 bits */ 113 __u8 c_alg; 114 __u8 rsvd4; 115 116 /* 117 * a_len: 0~23 bits 118 * iv_offset_l: 24~31 bits 119 */ 120 __le32 alen_ivllen; 121 122 /* 123 * c_len: 0~23 bits 124 * iv_offset_h: 24~31 bits 125 */ 126 __le32 clen_ivhlen; 127 128 __le16 auth_src_offset; 129 __le16 cipher_src_offset; 130 __le16 cs_ip_header_offset; 131 __le16 cs_udp_header_offset; 132 __le16 pass_word_len; 133 __le16 dk_len; 134 __u8 salt3; 135 __u8 salt2; 136 __u8 salt1; 137 __u8 salt0; 138 139 __le16 tag; 140 __le16 rsvd5; 141 142 /* 143 * c_pad_type: 0~3 bits 144 * c_pad_len: 4~11 bits 145 * c_pad_data_type: 12~15 bits 146 */ 147 __le16 cph_pad; 148 149 /* c_pad_len_field: 0~1 bits */ 150 __le16 c_pad_len_field; 151 152 __le64 long_a_data_len; 153 __le64 a_ivin_addr; 154 __le64 a_key_addr; 155 __le64 mac_addr; 156 __le64 c_ivin_addr; 157 __le64 c_key_addr; 158 159 __le64 data_src_addr; 160 __le64 data_dst_addr; 161 162 /* 163 * done: 0 bit 164 * icv: 1~3 bits 165 * csc: 4~6 bits 166 * flag: 7-10 bits 167 * dif_check: 11~13 bits 168 */ 169 __le16 done_flag; 170 171 __u8 error_type; 172 __u8 warning_type; 173 __u8 mac_i3; 174 __u8 mac_i2; 175 __u8 mac_i1; 176 __u8 mac_i0; 177 __le16 check_sum_i; 178 __u8 tls_pad_len_i; 179 __u8 rsvd12; 180 __le32 counter; 181 }; 182 183 struct sec_sqe { 184 /* 185 * type: 0~3 bits 186 * cipher: 4~5 bits 187 * auth: 6~7 bit s 188 */ 189 __u8 type_cipher_auth; 190 191 /* 192 * seq: 0 bit 193 * de: 1~2 bits 194 * scene: 3~6 bits 195 * src_addr_type: ~7 bit, with sdm_addr_type 0-1 bits 196 */ 197 __u8 sds_sa_type; 198 199 /* 200 * src_addr_type: 0~1 bits, not used now, 201 * if support PRP, set this field, or set zero. 202 * dst_addr_type: 2~4 bits 203 * mac_addr_type: 5~7 bits 204 */ 205 __u8 sdm_addr_type; 206 __u8 rsvd0; 207 208 /* 209 * nonce_len(type2): 0~3 bits 210 * huk(type2): 4 bit 211 * key_s(type2): 5 bit 212 * ci_gen: 6~7 bits 213 */ 214 __u8 huk_key_ci; 215 216 /* 217 * ai_gen: 0~1 bits 218 * a_pad(type2): 2~3 bits 219 * c_s(type2): 4~5 bits 220 */ 221 __u8 ai_apd_cs; 222 223 /* 224 * rhf(type2): 0 bit 225 * c_key_type: 1~2 bits 226 * a_key_type: 3~4 bits 227 * write_frame_len(type2): 5~7 bits 228 */ 229 __u8 rca_key_frm; 230 231 /* 232 * cal_iv_addr_en(type2): 0 bit 233 * tls_up(type2): 1 bit 234 * inveld: 7 bit 235 */ 236 __u8 iv_tls_ld; 237 238 /* Just using type2 BD now */ 239 struct sec_sqe_type2 type2; 240 }; 241 242 struct bd3_auth_ivin { 243 __le64 a_ivin_addr; 244 __le32 rsvd0; 245 __le32 rsvd1; 246 } __packed __aligned(4); 247 248 struct bd3_skip_data { 249 __le32 rsvd0; 250 251 /* 252 * gran_num: 0~15 bits 253 * reserved: 16~31 bits 254 */ 255 __le32 gran_num; 256 257 /* 258 * src_skip_data_len: 0~24 bits 259 * reserved: 25~31 bits 260 */ 261 __le32 src_skip_data_len; 262 263 /* 264 * dst_skip_data_len: 0~24 bits 265 * reserved: 25~31 bits 266 */ 267 __le32 dst_skip_data_len; 268 }; 269 270 struct bd3_stream_scene { 271 __le64 c_ivin_addr; 272 __le64 long_a_data_len; 273 274 /* 275 * auth_pad: 0~1 bits 276 * stream_protocol: 2~4 bits 277 * reserved: 5~7 bits 278 */ 279 __u8 stream_auth_pad; 280 __u8 plaintext_type; 281 __le16 pad_len_1p3; 282 } __packed __aligned(4); 283 284 struct bd3_no_scene { 285 __le64 c_ivin_addr; 286 __le32 rsvd0; 287 __le32 rsvd1; 288 __le32 rsvd2; 289 } __packed __aligned(4); 290 291 struct bd3_check_sum { 292 __u8 rsvd0; 293 __u8 hac_sva_status; 294 __le16 check_sum_i; 295 }; 296 297 struct bd3_tls_type_back { 298 __u8 tls_1p3_type_back; 299 __u8 hac_sva_status; 300 __le16 pad_len_1p3_back; 301 }; 302 303 struct sec_sqe3 { 304 /* 305 * type: 0~3 bit 306 * bd_invalid: 4 bit 307 * scene: 5~8 bit 308 * de: 9~10 bit 309 * src_addr_type: 11~13 bit 310 * dst_addr_type: 14~16 bit 311 * mac_addr_type: 17~19 bit 312 * reserved: 20~31 bits 313 */ 314 __le32 bd_param; 315 316 /* 317 * cipher: 0~1 bits 318 * ci_gen: 2~3 bit 319 * c_icv_len: 4~9 bit 320 * c_width: 10~12 bits 321 * c_key_len: 13~15 bits 322 */ 323 __le16 c_icv_key; 324 325 /* 326 * c_mode : 0~3 bits 327 * c_alg : 4~7 bits 328 */ 329 __u8 c_mode_alg; 330 331 /* 332 * nonce_len : 0~3 bits 333 * huk : 4 bits 334 * cal_iv_addr_en : 5 bits 335 * seq : 6 bits 336 * reserved : 7 bits 337 */ 338 __u8 huk_iv_seq; 339 340 __le64 tag; 341 __le64 data_src_addr; 342 __le64 a_key_addr; 343 union { 344 struct bd3_auth_ivin auth_ivin; 345 struct bd3_skip_data skip_data; 346 }; 347 348 __le64 c_key_addr; 349 350 /* 351 * auth: 0~1 bits 352 * ai_gen: 2~3 bits 353 * mac_len: 4~8 bits 354 * akey_len: 9~14 bits 355 * a_alg: 15~20 bits 356 * key_sel: 21~24 bits 357 * updata_key: 25 bits 358 * reserved: 26~31 bits 359 */ 360 __le32 auth_mac_key; 361 __le32 salt; 362 __le16 auth_src_offset; 363 __le16 cipher_src_offset; 364 365 /* 366 * auth_len: 0~23 bit 367 * auth_key_offset: 24~31 bits 368 */ 369 __le32 a_len_key; 370 371 /* 372 * cipher_len: 0~23 bit 373 * auth_ivin_offset: 24~31 bits 374 */ 375 __le32 c_len_ivin; 376 __le64 data_dst_addr; 377 __le64 mac_addr; 378 union { 379 struct bd3_stream_scene stream_scene; 380 struct bd3_no_scene no_scene; 381 }; 382 383 /* 384 * done: 0 bit 385 * icv: 1~3 bit 386 * csc: 4~6 bit 387 * flag: 7~10 bit 388 * reserved: 11~15 bit 389 */ 390 __le16 done_flag; 391 __u8 error_type; 392 __u8 warning_type; 393 union { 394 __le32 mac_i; 395 __le32 kek_key_addr_l; 396 }; 397 union { 398 __le32 kek_key_addr_h; 399 struct bd3_check_sum check_sum; 400 struct bd3_tls_type_back tls_type_back; 401 }; 402 __le32 counter; 403 } __packed __aligned(4); 404 405 int sec_register_to_crypto(struct hisi_qm *qm); 406 void sec_unregister_from_crypto(struct hisi_qm *qm); 407 #endif 408