1 /* 2 * Copyright (c) 2001-2019, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 8 #ifndef _CC_CRYPTO_CTX_H_ 9 #define _CC_CRYPTO_CTX_H_ 10 11 #ifdef __KERNEL__ 12 #include <linux/types.h> 13 #define INT32_MAX 0x7FFFFFFFL 14 #else 15 #include <stdint.h> 16 #endif 17 18 19 #ifndef max 20 #define max(a, b) ((a) > (b) ? (a) : (b)) 21 #define min(a, b) ((a) < (b) ? (a) : (b)) 22 #endif 23 24 /* context size */ 25 #ifndef CC_CTX_SIZE_LOG2 26 #if (CC_SUPPORT_SHA > 256) 27 #define CC_CTX_SIZE_LOG2 8 28 #else 29 #define CC_CTX_SIZE_LOG2 7 30 #endif 31 #endif 32 #define CC_CTX_SIZE (1<<CC_CTX_SIZE_LOG2) 33 #define CC_DRV_CTX_SIZE_WORDS (CC_CTX_SIZE >> 2) 34 35 #define CC_DRV_DES_IV_SIZE 8 36 #define CC_DRV_DES_BLOCK_SIZE 8 37 38 #define CC_DRV_DES_ONE_KEY_SIZE 8 39 #define CC_DRV_DES_DOUBLE_KEY_SIZE 16 40 #define CC_DRV_DES_TRIPLE_KEY_SIZE 24 41 #define CC_DRV_DES_KEY_SIZE_MAX CC_DRV_DES_TRIPLE_KEY_SIZE 42 43 #define CC_AES_IV_SIZE 16 44 #define CC_AES_IV_SIZE_WORDS (CC_AES_IV_SIZE >> 2) 45 46 #define CC_AES_BLOCK_SIZE 16 47 #define CC_AES_BLOCK_SIZE_WORDS 4 48 49 #define CC_AES_128_BIT_KEY_SIZE 16 50 #define CC_AES_128_BIT_KEY_SIZE_WORDS (CC_AES_128_BIT_KEY_SIZE >> 2) 51 #define CC_AES_192_BIT_KEY_SIZE 24 52 #define CC_AES_192_BIT_KEY_SIZE_WORDS (CC_AES_192_BIT_KEY_SIZE >> 2) 53 #define CC_AES_256_BIT_KEY_SIZE 32 54 #define CC_AES_256_BIT_KEY_SIZE_WORDS (CC_AES_256_BIT_KEY_SIZE >> 2) 55 #define CC_AES_KEY_SIZE_MAX CC_AES_256_BIT_KEY_SIZE 56 #define CC_AES_KEY_SIZE_WORDS_MAX (CC_AES_KEY_SIZE_MAX >> 2) 57 58 #define CC_MD5_DIGEST_SIZE 16 59 #define CC_SHA1_DIGEST_SIZE 20 60 #define CC_SHA224_DIGEST_SIZE 28 61 #define CC_SHA256_DIGEST_SIZE 32 62 #define CC_SHA256_DIGEST_SIZE_IN_WORDS 8 63 #define CC_SHA384_DIGEST_SIZE 48 64 #define CC_SHA512_DIGEST_SIZE 64 65 66 #define CC_SHA1_BLOCK_SIZE 64 67 #define CC_SHA1_BLOCK_SIZE_IN_WORDS 16 68 #define CC_MD5_BLOCK_SIZE 64 69 #define CC_MD5_BLOCK_SIZE_IN_WORDS 16 70 #define CC_SHA224_BLOCK_SIZE 64 71 #define CC_SHA256_BLOCK_SIZE 64 72 #define CC_SHA256_BLOCK_SIZE_IN_WORDS 16 73 #define CC_SHA1_224_256_BLOCK_SIZE 64 74 #define CC_SHA384_BLOCK_SIZE 128 75 #define CC_SHA512_BLOCK_SIZE 128 76 77 #if (CC_SUPPORT_SHA > 256) 78 #define CC_DIGEST_SIZE_MAX CC_SHA512_DIGEST_SIZE 79 #define CC_HASH_BLOCK_SIZE_MAX CC_SHA512_BLOCK_SIZE /*1024b*/ 80 #define DRV_HASH_LENGTH_WORDS 4 81 #else /* Only up to SHA256 */ 82 #define CC_DIGEST_SIZE_MAX CC_SHA256_DIGEST_SIZE 83 #define CC_HASH_BLOCK_SIZE_MAX CC_SHA256_BLOCK_SIZE /*512b*/ 84 #define DRV_HASH_LENGTH_WORDS 2 85 #endif 86 87 #define CC_HMAC_BLOCK_SIZE_MAX CC_HASH_BLOCK_SIZE_MAX 88 89 #define CC_MULTI2_SYSTEM_KEY_SIZE 32 90 #define CC_MULTI2_DATA_KEY_SIZE 8 91 #define CC_MULTI2_SYSTEM_N_DATA_KEY_SIZE (CC_MULTI2_SYSTEM_KEY_SIZE + CC_MULTI2_DATA_KEY_SIZE) 92 #define CC_MULTI2_BLOCK_SIZE 8 93 #define CC_MULTI2_IV_SIZE 8 94 #define CC_MULTI2_MIN_NUM_ROUNDS 8 95 #define CC_MULTI2_MAX_NUM_ROUNDS 128 96 97 #define CC_DRV_ALG_MAX_BLOCK_SIZE CC_HASH_BLOCK_SIZE_MAX 98 99 enum drv_engine_type { 100 DRV_ENGINE_NULL = 0, 101 DRV_ENGINE_AES = 1, 102 DRV_ENGINE_DES = 2, 103 DRV_ENGINE_HASH = 3, 104 DRV_ENGINE_RC4 = 4, 105 DRV_ENGINE_DOUT = 5, 106 DRV_ENGINE_RESERVE32B = INT32_MAX, 107 }; 108 109 enum drv_crypto_alg { 110 DRV_CRYPTO_ALG_NULL = -1, 111 DRV_CRYPTO_ALG_AES = 0, 112 DRV_CRYPTO_ALG_DES = 1, 113 DRV_CRYPTO_ALG_HASH = 2, 114 DRV_CRYPTO_ALG_C2 = 3, 115 DRV_CRYPTO_ALG_HMAC = 4, 116 DRV_CRYPTO_ALG_AEAD = 5, 117 DRV_CRYPTO_ALG_BYPASS = 6, 118 DRV_CRYPTO_ALG_NUM = 7, 119 DRV_CRYPTO_ALG_RESERVE32B = INT32_MAX 120 }; 121 122 enum drv_crypto_direction { 123 DRV_CRYPTO_DIRECTION_NULL = -1, 124 DRV_CRYPTO_DIRECTION_ENCRYPT = 0, 125 DRV_CRYPTO_DIRECTION_DECRYPT = 1, 126 DRV_CRYPTO_DIRECTION_DECRYPT_ENCRYPT = 3, 127 DRV_CRYPTO_DIRECTION_RESERVE32B = INT32_MAX 128 }; 129 130 enum drv_cipher_mode { 131 DRV_CIPHER_NULL_MODE = -1, 132 DRV_CIPHER_ECB = 0, 133 DRV_CIPHER_CBC = 1, 134 DRV_CIPHER_CTR = 2, 135 DRV_CIPHER_CBC_MAC = 3, 136 DRV_CIPHER_XTS = 4, 137 DRV_CIPHER_XCBC_MAC = 5, 138 DRV_CIPHER_OFB = 6, 139 DRV_CIPHER_CMAC = 7, 140 DRV_CIPHER_CCM = 8, 141 DRV_CIPHER_CBC_CTS = 11, 142 DRV_CIPHER_GCTR = 12, 143 DRV_CIPHER_ESSIV = 13, 144 DRV_CIPHER_BITLOCKER = 14, 145 DRV_CIPHER_RESERVE32B = INT32_MAX 146 }; 147 148 enum drv_hash_mode { 149 DRV_HASH_NULL = -1, 150 DRV_HASH_SHA1 = 0, 151 DRV_HASH_SHA256 = 1, 152 DRV_HASH_SHA224 = 2, 153 DRV_HASH_SHA512 = 3, 154 DRV_HASH_SHA384 = 4, 155 DRV_HASH_MD5 = 5, 156 DRV_HASH_CBC_MAC = 6, 157 DRV_HASH_XCBC_MAC = 7, 158 DRV_HASH_CMAC = 8, 159 DRV_HASH_MODE_NUM = 9, 160 DRV_HASH_RESERVE32B = INT32_MAX 161 }; 162 163 enum drv_hash_hw_mode { 164 DRV_HASH_HW_MD5 = 0, 165 DRV_HASH_HW_SHA1 = 1, 166 DRV_HASH_HW_SHA256 = 2, 167 DRV_HASH_HW_SHA224 = 10, 168 DRV_HASH_HW_SHA512 = 4, 169 DRV_HASH_HW_SHA384 = 12, 170 DRV_HASH_HW_GHASH = 6, 171 DRV_HASH_HW_RESERVE32B = INT32_MAX 172 }; 173 174 enum drv_multi2_mode { 175 DRV_MULTI2_NULL = -1, 176 DRV_MULTI2_ECB = 0, 177 DRV_MULTI2_CBC = 1, 178 DRV_MULTI2_OFB = 2, 179 DRV_MULTI2_RESERVE32B = INT32_MAX 180 }; 181 182 183 /* drv_crypto_key_type[1:0] is mapped to cipher_do[1:0] */ 184 /* drv_crypto_key_type[2] is mapped to cipher_config2 */ 185 enum drv_crypto_key_type { 186 DRV_NULL_KEY = -1, 187 DRV_USER_KEY = 0, /* 0x000 */ 188 DRV_ROOT_KEY = 1, /* 0x001 */ 189 DRV_PROVISIONING_KEY = 2, /* 0x010 */ 190 DRV_SESSION_KEY = 3, /* 0x011 */ 191 DRV_APPLET_KEY = 4, /* NA */ 192 DRV_PLATFORM_KEY = 5, /* 0x101 */ 193 DRV_CUSTOMER_KEY = 6, /* 0x110 */ 194 DRV_END_OF_KEYS = INT32_MAX, 195 }; 196 197 enum drv_crypto_padding_type { 198 DRV_PADDING_NONE = 0, 199 DRV_PADDING_PKCS7 = 1, 200 DRV_PADDING_RESERVE32B = INT32_MAX 201 }; 202 203 204 typedef enum DrvAeadCcmFlow { 205 DRV_AEAD_FLOW_NULL = 0, 206 DRV_AEAD_FLOW_ADATA_INIT, 207 DRV_AEAD_FLOW_ADATA_PROCESS, 208 DRV_AEAD_FLOW_TEXT_DATA_INIT, 209 DRV_AEAD_FLOW_TEXT_DATA_PROCESS, 210 DRV_AEAD_FLOW_RESERVE32B = INT32_MAX, 211 } DrvAeadCcmFlow_e; 212 213 typedef enum DataBlockType { 214 FIRST_BLOCK, 215 MIDDLE_BLOCK, 216 LAST_BLOCK, 217 RESERVE32B_BLOCK = INT32_MAX 218 }DataBlockType_t; 219 220 typedef enum DrvAesCoreEngine { 221 DRV_AES_ENGINE1, 222 DRV_AES_ENGINE2, 223 DRV_AES_ENGINES_RESERVE32B = INT32_MAX 224 }DrvAesCoreEngine_t; 225 226 typedef enum TunnelOp { 227 TUNNEL_OP_INVALID = -1, 228 TUNNEL_OFF = 0, 229 TUNNEL_ON = 1, 230 TunnelOp_OPTIONS, 231 TunnelOp_END = INT32_MAX, 232 } TunnelOp_t; 233 234 /*******************************************************************/ 235 /***************** DESCRIPTOR BASED CONTEXTS ***********************/ 236 /*******************************************************************/ 237 238 struct drv_ctx_hash { 239 uint8_t digest[CC_DIGEST_SIZE_MAX]; 240 uint32_t CurrentDigestedLength[DRV_HASH_LENGTH_WORDS]; 241 uint32_t k0[CC_HMAC_BLOCK_SIZE_MAX/sizeof(uint32_t)]; /* not used in hash operation */ 242 uint32_t k0_size; 243 enum drv_crypto_alg alg; /* ssi_drv_crypto_alg_HASH */ 244 enum drv_hash_mode mode; 245 uint32_t dataCompleted; 246 uint32_t hmacFinalization; 247 /* reserve to end of allocated context size */ 248 uint32_t reserved[CC_DRV_CTX_SIZE_WORDS - 5 - 249 DRV_HASH_LENGTH_WORDS - CC_DIGEST_SIZE_MAX/sizeof(uint32_t) - CC_HMAC_BLOCK_SIZE_MAX/sizeof(uint32_t)]; 250 }; 251 252 struct drv_ctx_cipher { 253 /* block_state is the AES engine block state. 254 * It is used by the host to pass IV or counter at initialization. 255 * It is used by SeP for intermediate block chaining state and for 256 * returning MAC algorithms results. */ 257 uint8_t block_state[CC_AES_BLOCK_SIZE]; 258 uint8_t key[CC_AES_KEY_SIZE_MAX]; 259 uint8_t xex_key[CC_AES_KEY_SIZE_MAX]; 260 enum drv_crypto_alg alg; /* DRV_CRYPTO_ALG_AES */ 261 enum drv_cipher_mode mode; 262 enum drv_crypto_direction direction; 263 enum drv_crypto_key_type crypto_key_type; 264 enum drv_crypto_padding_type padding_type; 265 uint32_t key_size; /* numeric value in bytes */ 266 uint32_t data_unit_size; /* required for XTS */ 267 /* this flag indicates whether the user processed at least 268 one data block: 269 "0" no data blocks processed 270 "1" at least one data block processed */ 271 DataBlockType_t dataBlockType; 272 TunnelOp_t isTunnelOp; 273 DrvAesCoreEngine_t engineCore; 274 uint32_t tunnetDir; 275 /* reserve to end of allocated context size */ 276 uint32_t reserved[CC_DRV_CTX_SIZE_WORDS - 11 - 277 CC_AES_BLOCK_SIZE/sizeof(uint32_t) - 2 * 278 (CC_AES_KEY_SIZE_MAX/sizeof(uint32_t))]; 279 }; 280 281 /* authentication and encryption with associated data class */ 282 struct drv_ctx_aead { 283 /* block_state1/2 is the AES engine block state */ 284 uint8_t block_state[CC_AES_BLOCK_SIZE]; 285 uint8_t key[CC_AES_KEY_SIZE_MAX]; 286 uint8_t mac_state[CC_AES_BLOCK_SIZE]; /* MAC result */ 287 uint8_t nonce[CC_AES_BLOCK_SIZE]; /* nonce buffer */ 288 enum drv_crypto_alg alg; /* ssi_drv_crypto_alg_AES */ 289 enum drv_cipher_mode mode; 290 enum drv_crypto_direction direction; 291 uint32_t key_size; /* numeric value in bytes */ 292 uint32_t nonce_size; /* nonce size (octets) */ 293 uint32_t header_size; /* finit additional data size (octets) */ 294 uint32_t text_size; /* finit text data size (octets) */ 295 uint32_t tag_size; /* mac size, element of {4, 6, 8, 10, 12, 14, 16} */ 296 uint32_t internalMode; /* auth/encrypt/decrypt modes */ 297 uint32_t q; /* an element of {2, 3, 4, 5, 6, 7, 8}; */ 298 uint32_t headerRemainingBytes; /* associated data remaining bytes */ 299 DrvAeadCcmFlow_e nextProcessingState; /* points to the next machine state */ 300 /* reserve to end of allocated context size */ 301 uint32_t reserved[CC_DRV_CTX_SIZE_WORDS - 12 - 302 3 * (CC_AES_BLOCK_SIZE/sizeof(uint32_t)) - 303 CC_AES_KEY_SIZE_MAX/sizeof(uint32_t)]; 304 }; 305 306 /*******************************************************************/ 307 /***************** MESSAGE BASED CONTEXTS **************************/ 308 /*******************************************************************/ 309 310 311 /* Get the address of a @member within a given @ctx address 312 @ctx: The context address 313 @type: Type of context structure 314 @member: Associated context field */ 315 #define GET_CTX_FIELD_ADDR(ctx, type, member) (ctx + offsetof(type, member)) 316 317 #endif /* _CC_CRYPTO_CTX_H_ */ 318 319
