1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /*
3 * Copyright (C) 2020 Pengutronix, Ahmad Fatoum <kernel@pengutronix.de>
4 * Copyright 2024-2025 NXP
5 */
6
7 #ifndef __CAAM_BLOB_GEN
8 #define __CAAM_BLOB_GEN
9
10 #include <linux/types.h>
11 #include <linux/errno.h>
12
13 #define CAAM_BLOB_KEYMOD_LENGTH 16
14 #define CAAM_BLOB_OVERHEAD (32 + 16)
15 #define CAAM_BLOB_MAX_LEN 4096
16 #define CAAM_ENC_ALGO_CCM 0x1
17 #define CAAM_ENC_ALGO_ECB 0x2
18 #define CAAM_NONCE_SIZE 6
19 #define CAAM_ICV_SIZE 6
20 #define CAAM_CCM_OVERHEAD (CAAM_NONCE_SIZE + CAAM_ICV_SIZE)
21
22 struct caam_blob_priv;
23
24 /**
25 * struct caam_pkey_info - information for CAAM protected key
26 * @is_pkey: flag to identify, if the key is protected.
27 * @key_enc_algo: identifies the algorithm, ccm or ecb
28 * @plain_key_sz: size of plain key.
29 * @key_buf: contains key data
30 */
31 struct caam_pkey_info {
32 u8 is_pkey;
33 u8 key_enc_algo;
34 u16 plain_key_sz;
35 u8 key_buf[];
36 } __packed;
37
38 /* sizeof struct caam_pkey_info */
39 #define CAAM_PKEY_HEADER 4
40
41 /**
42 * struct caam_blob_info - information for CAAM blobbing
43 * @pkey_info: pointer to keep protected key information
44 * @input: pointer to input buffer (must be DMAable)
45 * @input_len: length of @input buffer in bytes.
46 * @output: pointer to output buffer (must be DMAable)
47 * @output_len: length of @output buffer in bytes.
48 * @key_mod: key modifier
49 * @key_mod_len: length of @key_mod in bytes.
50 * May not exceed %CAAM_BLOB_KEYMOD_LENGTH
51 */
52 struct caam_blob_info {
53 struct caam_pkey_info pkey_info;
54
55 void *input;
56 size_t input_len;
57
58 void *output;
59 size_t output_len;
60
61 const void *key_mod;
62 size_t key_mod_len;
63 };
64
65 /**
66 * caam_blob_gen_init - initialize blob generation
67 * Return: pointer to new &struct caam_blob_priv instance on success
68 * and ``ERR_PTR(-ENODEV)`` if CAAM has no hardware blobbing support
69 * or no job ring could be allocated.
70 */
71 struct caam_blob_priv *caam_blob_gen_init(void);
72
73 /**
74 * caam_blob_gen_exit - free blob generation resources
75 * @priv: instance returned by caam_blob_gen_init()
76 */
77 void caam_blob_gen_exit(struct caam_blob_priv *priv);
78
79 /**
80 * caam_process_blob - encapsulate or decapsulate blob
81 * @priv: instance returned by caam_blob_gen_init()
82 * @info: pointer to blobbing info describing key, blob and
83 * key modifier buffers.
84 * @encap: true for encapsulation, false for decapsulation
85 *
86 * Return: %0 and sets ``info->output_len`` on success and a negative
87 * error code otherwise.
88 */
89 int caam_process_blob(struct caam_blob_priv *priv,
90 struct caam_blob_info *info, bool encap);
91
92 /**
93 * caam_encap_blob - encapsulate blob
94 * @priv: instance returned by caam_blob_gen_init()
95 * @info: pointer to blobbing info describing input key,
96 * output blob and key modifier buffers.
97 *
98 * Return: %0 and sets ``info->output_len`` on success and
99 * a negative error code otherwise.
100 */
caam_encap_blob(struct caam_blob_priv * priv,struct caam_blob_info * info)101 static inline int caam_encap_blob(struct caam_blob_priv *priv,
102 struct caam_blob_info *info)
103 {
104 if (info->output_len < info->input_len + CAAM_BLOB_OVERHEAD)
105 return -EINVAL;
106
107 return caam_process_blob(priv, info, true);
108 }
109
110 /**
111 * caam_decap_blob - decapsulate blob
112 * @priv: instance returned by caam_blob_gen_init()
113 * @info: pointer to blobbing info describing output key,
114 * input blob and key modifier buffers.
115 *
116 * Return: %0 and sets ``info->output_len`` on success and
117 * a negative error code otherwise.
118 */
caam_decap_blob(struct caam_blob_priv * priv,struct caam_blob_info * info)119 static inline int caam_decap_blob(struct caam_blob_priv *priv,
120 struct caam_blob_info *info)
121 {
122 if (info->input_len < CAAM_BLOB_OVERHEAD ||
123 info->output_len < info->input_len - CAAM_BLOB_OVERHEAD)
124 return -EINVAL;
125
126 return caam_process_blob(priv, info, false);
127 }
128
129 #endif
130