xref: /freebsd/sys/contrib/openzfs/include/sys/crypto/common.h (revision 8ac904ce090b1c2e355da8aa122ca2252183f4e1) 
1 // SPDX-License-Identifier: CDDL-1.0
2 /*
3  * CDDL HEADER START
4  *
5  * The contents of this file are subject to the terms of the
6  * Common Development and Distribution License (the "License").
7  * You may not use this file except in compliance with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or https://opensource.org/licenses/CDDL-1.0.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
24  */
25 /*
26  * Copyright 2013 Saso Kiselkov.  All rights reserved.
27  */
28 
29 #ifndef _SYS_CRYPTO_COMMON_H
30 #define	_SYS_CRYPTO_COMMON_H
31 
32 /*
33  * Header file for the common data structures of the cryptographic framework
34  */
35 
36 #ifdef __cplusplus
37 extern "C" {
38 #endif
39 
40 #include <sys/zfs_context.h>
41 #include <sys/types.h>
42 #include <sys/uio.h>
43 
44 /* Cryptographic Mechanisms */
45 
46 #define	CRYPTO_MAX_MECH_NAME 32
47 typedef char crypto_mech_name_t[CRYPTO_MAX_MECH_NAME];
48 
49 typedef uint64_t crypto_mech_type_t;
50 
51 typedef struct crypto_mechanism {
52 	crypto_mech_type_t	cm_type;	/* mechanism type */
53 	caddr_t			cm_param;	/* mech. parameter */
54 	size_t			cm_param_len;	/* mech. parameter len */
55 } crypto_mechanism_t;
56 
57 /* CK_AES_CCM_PARAMS provides parameters to the CKM_AES_CCM mechanism */
58 typedef struct CK_AES_CCM_PARAMS {
59 	ulong_t ulMACSize;
60 	ulong_t ulNonceSize;
61 	ulong_t ulAuthDataSize;
62 	ulong_t ulDataSize; /* used for plaintext or ciphertext */
63 	uchar_t *nonce;
64 	uchar_t *authData;
65 } CK_AES_CCM_PARAMS;
66 
67 /* CK_AES_GCM_PARAMS provides parameters to the CKM_AES_GCM mechanism */
68 typedef struct CK_AES_GCM_PARAMS {
69 	uchar_t *pIv;
70 	ulong_t ulIvLen;
71 	ulong_t ulIvBits;
72 	uchar_t *pAAD;
73 	ulong_t ulAADLen;
74 	ulong_t ulTagBits;
75 } CK_AES_GCM_PARAMS;
76 
77 /*
78  * The measurement unit bit flag for a mechanism's minimum or maximum key size.
79  * The unit are mechanism dependent.  It can be in bits or in bytes.
80  */
81 typedef uint32_t crypto_keysize_unit_t;
82 
83 
84 /* Mechanisms supported out-of-the-box */
85 #define	SUN_CKM_SHA512_HMAC		"CKM_SHA512_HMAC"
86 #define	SUN_CKM_AES_CCM			"CKM_AES_CCM"
87 #define	SUN_CKM_AES_GCM			"CKM_AES_GCM"
88 
89 /* Data arguments of cryptographic operations */
90 
91 typedef enum crypto_data_format {
92 	CRYPTO_DATA_RAW = 1,
93 	CRYPTO_DATA_UIO,
94 } crypto_data_format_t;
95 
96 typedef struct crypto_data {
97 	crypto_data_format_t	cd_format;	/* Format identifier	*/
98 	off_t			cd_offset;	/* Offset from the beginning */
99 	size_t			cd_length;	/* # of bytes in use */
100 	union {
101 		/* Raw format */
102 		iovec_t cd_raw;		/* Pointer and length	    */
103 
104 		/* uio scatter-gather format */
105 		zfs_uio_t	*cd_uio;
106 	};	/* Crypto Data Union */
107 } crypto_data_t;
108 
109 /* The keys, and their contents */
110 
111 typedef struct {
112 	uint_t	ck_length;	/* # of bits in ck_data   */
113 	void	*ck_data;	/* ptr to key value */
114 } crypto_key_t;
115 
116 /*
117  * Raw key lengths are expressed in number of bits.
118  * The following macro returns the minimum number of
119  * bytes that can contain the specified number of bits.
120  * Round up without overflowing the integer type.
121  */
122 #define	CRYPTO_BITS2BYTES(n) ((n) == 0 ? 0 : (((n) - 1) >> 3) + 1)
123 #define	CRYPTO_BYTES2BITS(n) ((n) << 3)
124 
125 /* Providers */
126 
127 typedef uint32_t 	crypto_provider_id_t;
128 #define	KCF_PROVID_INVALID	((uint32_t)-1)
129 
130 /* session data structure opaque to the consumer */
131 typedef void *crypto_session_t;
132 
133 #define	PROVIDER_OWNS_KEY_SCHEDULE	0x00000001
134 
135 /*
136  * Common cryptographic status and error codes.
137  */
138 #define	CRYPTO_SUCCESS				0x00000000
139 #define	CRYPTO_HOST_MEMORY			0x00000002
140 #define	CRYPTO_FAILED				0x00000004
141 #define	CRYPTO_ARGUMENTS_BAD			0x00000005
142 #define	CRYPTO_DATA_LEN_RANGE			0x0000000C
143 #define	CRYPTO_ENCRYPTED_DATA_LEN_RANGE		0x00000011
144 #define	CRYPTO_KEY_SIZE_RANGE			0x00000013
145 #define	CRYPTO_KEY_TYPE_INCONSISTENT		0x00000014
146 #define	CRYPTO_MECHANISM_INVALID		0x0000001C
147 #define	CRYPTO_MECHANISM_PARAM_INVALID		0x0000001D
148 #define	CRYPTO_SIGNATURE_INVALID		0x0000002D
149 #define	CRYPTO_BUFFER_TOO_SMALL			0x00000042
150 #define	CRYPTO_NOT_SUPPORTED			0x00000044
151 
152 #define	CRYPTO_INVALID_CONTEXT			0x00000047
153 #define	CRYPTO_INVALID_MAC			0x00000048
154 #define	CRYPTO_MECH_NOT_SUPPORTED		0x00000049
155 #define	CRYPTO_INVALID_PROVIDER_ID		0x0000004C
156 #define	CRYPTO_BUSY				0x0000004E
157 #define	CRYPTO_UNKNOWN_PROVIDER			0x0000004F
158 
159 #ifdef __cplusplus
160 }
161 #endif
162 
163 #endif /* _SYS_CRYPTO_COMMON_H */
164