1 /* SPDX-License-Identifier: GPL-2.0-or-later */ 2 /* 3 * AMCC SoC PPC4xx Crypto Driver 4 * 5 * Copyright (c) 2008 Applied Micro Circuits Corporation. 6 * All rights reserved. James Hsiao <jhsiao@amcc.com> 7 * 8 * This file defines the security context 9 * associate format. 10 */ 11 12 #ifndef __CRYPTO4XX_SA_H__ 13 #define __CRYPTO4XX_SA_H__ 14 15 #define AES_IV_SIZE 16 16 17 /* 18 * Contents of Dynamic Security Association (SA) with all possible fields 19 */ 20 union dynamic_sa_contents { 21 struct { 22 u32 arc4_state_ptr:1; 23 u32 arc4_ij_ptr:1; 24 u32 state_ptr:1; 25 u32 iv3:1; 26 u32 iv2:1; 27 u32 iv1:1; 28 u32 iv0:1; 29 u32 seq_num_mask3:1; 30 u32 seq_num_mask2:1; 31 u32 seq_num_mask1:1; 32 u32 seq_num_mask0:1; 33 u32 seq_num1:1; 34 u32 seq_num0:1; 35 u32 spi:1; 36 u32 outer_size:5; 37 u32 inner_size:5; 38 u32 key_size:4; 39 u32 cmd_size:4; 40 } bf; 41 u32 w; 42 } __attribute__((packed)); 43 44 #define DIR_OUTBOUND 0 45 #define DIR_INBOUND 1 46 #define SA_OP_GROUP_BASIC 0 47 #define SA_OPCODE_ENCRYPT 0 48 #define SA_OPCODE_DECRYPT 0 49 #define SA_OPCODE_ENCRYPT_HASH 1 50 #define SA_OPCODE_HASH_DECRYPT 1 51 #define SA_OPCODE_HASH 3 52 #define SA_CIPHER_ALG_DES 0 53 #define SA_CIPHER_ALG_3DES 1 54 #define SA_CIPHER_ALG_ARC4 2 55 #define SA_CIPHER_ALG_AES 3 56 #define SA_CIPHER_ALG_KASUMI 4 57 #define SA_CIPHER_ALG_NULL 15 58 59 #define SA_HASH_ALG_MD5 0 60 #define SA_HASH_ALG_SHA1 1 61 #define SA_HASH_ALG_GHASH 12 62 #define SA_HASH_ALG_CBC_MAC 14 63 #define SA_HASH_ALG_NULL 15 64 #define SA_HASH_ALG_SHA1_DIGEST_SIZE 20 65 66 #define SA_LOAD_HASH_FROM_SA 0 67 #define SA_LOAD_HASH_FROM_STATE 2 68 #define SA_NOT_LOAD_HASH 3 69 #define SA_LOAD_IV_FROM_SA 0 70 #define SA_LOAD_IV_FROM_INPUT 1 71 #define SA_LOAD_IV_FROM_STATE 2 72 #define SA_LOAD_IV_GEN_IV 3 73 74 #define SA_PAD_TYPE_CONSTANT 2 75 #define SA_PAD_TYPE_ZERO 3 76 #define SA_PAD_TYPE_TLS 5 77 #define SA_PAD_TYPE_DTLS 5 78 #define SA_NOT_SAVE_HASH 0 79 #define SA_SAVE_HASH 1 80 #define SA_NOT_SAVE_IV 0 81 #define SA_SAVE_IV 1 82 #define SA_HEADER_PROC 1 83 #define SA_NO_HEADER_PROC 0 84 85 union sa_command_0 { 86 struct { 87 u32 scatter:1; 88 u32 gather:1; 89 u32 save_hash_state:1; 90 u32 save_iv:1; 91 u32 load_hash_state:2; 92 u32 load_iv:2; 93 u32 digest_len:4; 94 u32 hdr_proc:1; 95 u32 extend_pad:1; 96 u32 stream_cipher_pad:1; 97 u32 rsv:1; 98 u32 hash_alg:4; 99 u32 cipher_alg:4; 100 u32 pad_type:2; 101 u32 op_group:2; 102 u32 dir:1; 103 u32 opcode:3; 104 } bf; 105 u32 w; 106 } __attribute__((packed)); 107 108 #define CRYPTO_MODE_ECB 0 109 #define CRYPTO_MODE_CBC 1 110 #define CRYPTO_MODE_OFB 2 111 #define CRYPTO_MODE_CFB 3 112 #define CRYPTO_MODE_CTR 4 113 114 #define CRYPTO_FEEDBACK_MODE_NO_FB 0 115 #define CRYPTO_FEEDBACK_MODE_64BIT_OFB 0 116 #define CRYPTO_FEEDBACK_MODE_8BIT_CFB 1 117 #define CRYPTO_FEEDBACK_MODE_1BIT_CFB 2 118 #define CRYPTO_FEEDBACK_MODE_128BIT_CFB 3 119 120 #define SA_AES_KEY_LEN_128 2 121 #define SA_AES_KEY_LEN_192 3 122 #define SA_AES_KEY_LEN_256 4 123 124 #define SA_REV2 1 125 /* 126 * The follow defines bits sa_command_1 127 * In Basic hash mode this bit define simple hash or hmac. 128 * In IPsec mode, this bit define muting control. 129 */ 130 #define SA_HASH_MODE_HASH 0 131 #define SA_HASH_MODE_HMAC 1 132 #define SA_MC_ENABLE 0 133 #define SA_MC_DISABLE 1 134 #define SA_NOT_COPY_HDR 0 135 #define SA_COPY_HDR 1 136 #define SA_NOT_COPY_PAD 0 137 #define SA_COPY_PAD 1 138 #define SA_NOT_COPY_PAYLOAD 0 139 #define SA_COPY_PAYLOAD 1 140 #define SA_EXTENDED_SN_OFF 0 141 #define SA_EXTENDED_SN_ON 1 142 #define SA_SEQ_MASK_OFF 0 143 #define SA_SEQ_MASK_ON 1 144 145 union sa_command_1 { 146 struct { 147 u32 crypto_mode31:1; 148 u32 save_arc4_state:1; 149 u32 arc4_stateful:1; 150 u32 key_len:5; 151 u32 hash_crypto_offset:8; 152 u32 sa_rev:2; 153 u32 byte_offset:1; 154 u32 hmac_muting:1; 155 u32 feedback_mode:2; 156 u32 crypto_mode9_8:2; 157 u32 extended_seq_num:1; 158 u32 seq_num_mask:1; 159 u32 mutable_bit_proc:1; 160 u32 ip_version:1; 161 u32 copy_pad:1; 162 u32 copy_payload:1; 163 u32 copy_hdr:1; 164 u32 rsv1:1; 165 } bf; 166 u32 w; 167 } __attribute__((packed)); 168 169 struct dynamic_sa_ctl { 170 union dynamic_sa_contents sa_contents; 171 union sa_command_0 sa_command_0; 172 union sa_command_1 sa_command_1; 173 } __attribute__((packed)); 174 175 /* 176 * State Record for Security Association (SA) 177 */ 178 struct sa_state_record { 179 __le32 save_iv[4]; 180 __le32 save_hash_byte_cnt[2]; 181 union { 182 u32 save_digest[16]; /* for MD5/SHA */ 183 __le32 save_digest_le32[16]; /* GHASH / CBC */ 184 }; 185 } __attribute__((packed)); 186 187 /* 188 * Security Association (SA) for AES128 189 * 190 */ 191 struct dynamic_sa_aes128 { 192 struct dynamic_sa_ctl ctrl; 193 __le32 key[4]; 194 __le32 iv[4]; /* for CBC, OFC, and CFB mode */ 195 u32 state_ptr; 196 u32 reserved; 197 } __attribute__((packed)); 198 199 #define SA_AES128_LEN (sizeof(struct dynamic_sa_aes128)/4) 200 #define SA_AES128_CONTENTS 0x3e000042 201 202 /* 203 * Security Association (SA) for AES192 204 */ 205 struct dynamic_sa_aes192 { 206 struct dynamic_sa_ctl ctrl; 207 __le32 key[6]; 208 __le32 iv[4]; /* for CBC, OFC, and CFB mode */ 209 u32 state_ptr; 210 u32 reserved; 211 } __attribute__((packed)); 212 213 #define SA_AES192_LEN (sizeof(struct dynamic_sa_aes192)/4) 214 #define SA_AES192_CONTENTS 0x3e000062 215 216 /* 217 * Security Association (SA) for AES256 218 */ 219 struct dynamic_sa_aes256 { 220 struct dynamic_sa_ctl ctrl; 221 __le32 key[8]; 222 __le32 iv[4]; /* for CBC, OFC, and CFB mode */ 223 u32 state_ptr; 224 u32 reserved; 225 } __attribute__((packed)); 226 227 #define SA_AES256_LEN (sizeof(struct dynamic_sa_aes256)/4) 228 #define SA_AES256_CONTENTS 0x3e000082 229 #define SA_AES_CONTENTS 0x3e000002 230 231 /* 232 * Security Association (SA) for AES128 CCM 233 */ 234 struct dynamic_sa_aes128_ccm { 235 struct dynamic_sa_ctl ctrl; 236 __le32 key[4]; 237 __le32 iv[4]; 238 u32 state_ptr; 239 u32 reserved; 240 } __packed; 241 #define SA_AES128_CCM_LEN (sizeof(struct dynamic_sa_aes128_ccm)/4) 242 #define SA_AES128_CCM_CONTENTS 0x3e000042 243 #define SA_AES_CCM_CONTENTS 0x3e000002 244 245 /* 246 * Security Association (SA) for AES128_GCM 247 */ 248 struct dynamic_sa_aes128_gcm { 249 struct dynamic_sa_ctl ctrl; 250 __le32 key[4]; 251 __le32 inner_digest[4]; 252 __le32 iv[4]; 253 u32 state_ptr; 254 u32 reserved; 255 } __packed; 256 257 #define SA_AES128_GCM_LEN (sizeof(struct dynamic_sa_aes128_gcm)/4) 258 #define SA_AES128_GCM_CONTENTS 0x3e000442 259 #define SA_AES_GCM_CONTENTS 0x3e000402 260 261 /* 262 * Security Association (SA) for HASH160: HMAC-SHA1 263 */ 264 struct dynamic_sa_hash160 { 265 struct dynamic_sa_ctl ctrl; 266 __le32 inner_digest[5]; 267 __le32 outer_digest[5]; 268 u32 state_ptr; 269 u32 reserved; 270 } __attribute__((packed)); 271 #define SA_HASH160_LEN (sizeof(struct dynamic_sa_hash160)/4) 272 #define SA_HASH160_CONTENTS 0x2000a502 273 274 static inline u32 get_dynamic_sa_offset_state_ptr_field(struct dynamic_sa_ctl * cts)275get_dynamic_sa_offset_state_ptr_field(struct dynamic_sa_ctl *cts) 276 { 277 u32 offset; 278 279 offset = cts->sa_contents.bf.key_size 280 + cts->sa_contents.bf.inner_size 281 + cts->sa_contents.bf.outer_size 282 + cts->sa_contents.bf.spi 283 + cts->sa_contents.bf.seq_num0 284 + cts->sa_contents.bf.seq_num1 285 + cts->sa_contents.bf.seq_num_mask0 286 + cts->sa_contents.bf.seq_num_mask1 287 + cts->sa_contents.bf.seq_num_mask2 288 + cts->sa_contents.bf.seq_num_mask3 289 + cts->sa_contents.bf.iv0 290 + cts->sa_contents.bf.iv1 291 + cts->sa_contents.bf.iv2 292 + cts->sa_contents.bf.iv3; 293 294 return sizeof(struct dynamic_sa_ctl) + offset * 4; 295 } 296 get_dynamic_sa_key_field(struct dynamic_sa_ctl * cts)297static inline __le32 *get_dynamic_sa_key_field(struct dynamic_sa_ctl *cts) 298 { 299 return (__le32 *) ((unsigned long)cts + sizeof(struct dynamic_sa_ctl)); 300 } 301 get_dynamic_sa_inner_digest(struct dynamic_sa_ctl * cts)302static inline __le32 *get_dynamic_sa_inner_digest(struct dynamic_sa_ctl *cts) 303 { 304 return (__le32 *) ((unsigned long)cts + 305 sizeof(struct dynamic_sa_ctl) + 306 cts->sa_contents.bf.key_size * 4); 307 } 308 309 #endif 310