1 /* SPDX-License-Identifier: BSD-3-Clause */ 2 /* Copyright(c) 2007-2022 Intel Corporation */ 3 /** 4 ***************************************************************************** 5 * @file icp_qat_fw_la.h 6 * @defgroup icp_qat_fw_la ICP QAT FW Lookaside Service Interface Definitions 7 * @ingroup icp_qat_fw 8 * @description 9 * This file documents structs used to provided the interface to the 10 * LookAside (LA) QAT FW service 11 * 12 *****************************************************************************/ 13 14 #ifndef _ICP_QAT_FW_LA_H_ 15 #define _ICP_QAT_FW_LA_H_ 16 17 /* 18 ****************************************************************************** 19 * Include local header files 20 ****************************************************************************** 21 */ 22 #include "icp_qat_fw.h" 23 24 /* ========================================================================= */ 25 /* QAT FW REQUEST STRUCTURES */ 26 /* ========================================================================= */ 27 28 /** 29 ***************************************************************************** 30 * @ingroup icp_qat_fw_la 31 * Definition of the LookAside (LA) command types 32 * @description 33 * Enumeration which is used to indicate the ids of functions 34 * that are exposed by the LA QAT FW service 35 * 36 *****************************************************************************/ 37 38 typedef enum { 39 ICP_QAT_FW_LA_CMD_CIPHER = 0, 40 /*!< Cipher Request */ 41 42 ICP_QAT_FW_LA_CMD_AUTH = 1, 43 /*!< Auth Request */ 44 45 ICP_QAT_FW_LA_CMD_CIPHER_HASH = 2, 46 /*!< Cipher-Hash Request */ 47 48 ICP_QAT_FW_LA_CMD_HASH_CIPHER = 3, 49 /*!< Hash-Cipher Request */ 50 51 ICP_QAT_FW_LA_CMD_TRNG_GET_RANDOM = 4, 52 /*!< TRNG Get Random Request */ 53 54 ICP_QAT_FW_LA_CMD_TRNG_TEST = 5, 55 /*!< TRNG Test Request */ 56 57 ICP_QAT_FW_LA_CMD_SSL3_KEY_DERIVE = 6, 58 /*!< SSL3 Key Derivation Request */ 59 60 ICP_QAT_FW_LA_CMD_TLS_V1_1_KEY_DERIVE = 7, 61 /*!< TLS Key Derivation Request */ 62 63 ICP_QAT_FW_LA_CMD_TLS_V1_2_KEY_DERIVE = 8, 64 /*!< TLS Key Derivation Request */ 65 66 ICP_QAT_FW_LA_CMD_MGF1 = 9, 67 /*!< MGF1 Request */ 68 69 ICP_QAT_FW_LA_CMD_AUTH_PRE_COMP = 10, 70 /*!< Auth Pre-Compute Request */ 71 72 ICP_QAT_FW_LA_CMD_CIPHER_PRE_COMP = 11, 73 /*!< Auth Pre-Compute Request */ 74 75 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT = 12, 76 /*!< HKDF Extract Request */ 77 78 ICP_QAT_FW_LA_CMD_HKDF_EXPAND = 13, 79 /*!< HKDF Expand Request */ 80 81 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND = 14, 82 /*!< HKDF Extract and Expand Request */ 83 84 ICP_QAT_FW_LA_CMD_HKDF_EXPAND_LABEL = 15, 85 /*!< HKDF Expand Label Request */ 86 87 ICP_QAT_FW_LA_CMD_HKDF_EXTRACT_AND_EXPAND_LABEL = 16, 88 /*!< HKDF Extract and Expand Label Request */ 89 90 ICP_QAT_FW_LA_CMD_DELIMITER = 17 91 /**< Delimiter type */ 92 } icp_qat_fw_la_cmd_id_t; 93 94 typedef struct icp_qat_fw_la_cipher_20_req_params_s { 95 /**< LW 14 */ 96 uint32_t cipher_offset; 97 /**< Cipher offset long word. */ 98 99 /**< LW 15 */ 100 uint32_t cipher_length; 101 /**< Cipher length long word. */ 102 103 /**< LWs 16-19 */ 104 union { 105 uint32_t cipher_IV_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 106 /**< Cipher IV array */ 107 108 struct { 109 uint64_t cipher_IV_ptr; 110 /**< Cipher IV pointer or Partial State Pointer */ 111 112 uint64_t resrvd1; 113 /**< reserved */ 114 115 } s; 116 117 } u; 118 /**< LW 20 */ 119 uint32_t spc_aad_offset; 120 /**< LW 21 */ 121 uint32_t spc_aad_sz; 122 /**< LW 22 - 23 */ 123 uint64_t spc_aad_addr; 124 /**< LW 24 - 25 */ 125 uint64_t spc_auth_res_addr; 126 /**< LW 26 */ 127 uint8_t reserved[3]; 128 uint8_t spc_auth_res_sz; 129 130 } icp_qat_fw_la_cipher_20_req_params_t; 131 132 /* For the definitions of the bits in the status field of the common 133 * response, refer to icp_qat_fw.h. 134 * The return values specific to Lookaside service are given below. 135 */ 136 #define ICP_QAT_FW_LA_ICV_VER_STATUS_PASS ICP_QAT_FW_COMN_STATUS_FLAG_OK 137 /**< @ingroup icp_qat_fw_la 138 * Status flag indicating that the ICV verification passed */ 139 140 #define ICP_QAT_FW_LA_ICV_VER_STATUS_FAIL ICP_QAT_FW_COMN_STATUS_FLAG_ERROR 141 /**< @ingroup icp_qat_fw_la 142 * Status flag indicating that the ICV verification failed */ 143 144 #define ICP_QAT_FW_LA_TRNG_STATUS_PASS ICP_QAT_FW_COMN_STATUS_FLAG_OK 145 /**< @ingroup icp_qat_fw_la 146 * Status flag indicating that the TRNG returned valid entropy data */ 147 148 #define ICP_QAT_FW_LA_TRNG_STATUS_FAIL ICP_QAT_FW_COMN_STATUS_FLAG_ERROR 149 /**< @ingroup icp_qat_fw_la 150 * Status flag indicating that the TRNG Command Failed. */ 151 152 /** 153 ***************************************************************************** 154 * @ingroup icp_qat_fw_la 155 * Definition of the common LA QAT FW bulk request 156 * @description 157 * Definition of the full bulk processing request structure. 158 * Used for hash, cipher, hash-cipher and authentication-encryption 159 * requests etc. 160 * 161 *****************************************************************************/ 162 typedef struct icp_qat_fw_la_bulk_req_s { 163 /**< LWs 0-1 */ 164 icp_qat_fw_comn_req_hdr_t comn_hdr; 165 /**< Common request header - for Service Command Id, 166 * use service-specific Crypto Command Id. 167 * Service Specific Flags - use Symmetric Crypto Command Flags 168 * (all of cipher, auth, SSL3, TLS and MGF, 169 * excluding TRNG - field unused) */ 170 171 /**< LWs 2-5 */ 172 icp_qat_fw_comn_req_hdr_cd_pars_t cd_pars; 173 /**< Common Request content descriptor field which points either to a 174 * content descriptor 175 * parameter block or contains the service-specific data itself. */ 176 177 /**< LWs 6-13 */ 178 icp_qat_fw_comn_req_mid_t comn_mid; 179 /**< Common request middle section */ 180 181 /**< LWs 14-26 */ 182 icp_qat_fw_comn_req_rqpars_t serv_specif_rqpars; 183 /**< Common request service-specific parameter field */ 184 185 /**< LWs 27-31 */ 186 icp_qat_fw_comn_req_cd_ctrl_t cd_ctrl; 187 /**< Common request content descriptor control block - 188 * this field is service-specific */ 189 190 } icp_qat_fw_la_bulk_req_t; 191 192 /* 193 * LA BULK (SYMMETRIC CRYPTO) COMMAND FLAGS 194 * 195 * + ===== + ---------- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + 196 * | Bit | [15:13] | 12 | 11 | 10 | 7-9 | 6 | 5 | 4 | 3 | 2 | 1-0 | 197 * + ===== + ---------- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ------+ ----- + 198 * | Flags | Resvd Bits | ZUC | GcmIV |Digest | Prot | Cmp | Rtn | Upd | Ciph/ | CiphIV| Part- | 199 * | | =0 | Prot | Len | In Buf| flgs | Auth | Auth | State | Auth | Field | ial | 200 * + ===== + ---------- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ----- + ------+ ----- + 201 */ 202 203 /* Private defines */ 204 205 /* bits 15:14 */ 206 #define ICP_QAT_FW_LA_USE_WIRELESS_SLICE_TYPE 2 207 /**< @ingroup icp_qat_fw_la 208 * FW Selects Wireless Cipher Slice 209 * Cipher Algorithms: AES-{F8}, Snow3G, ZUC 210 * Auth Algorithms : Snow3G, ZUC */ 211 212 #define ICP_QAT_FW_LA_USE_UCS_SLICE_TYPE 1 213 /**< @ingroup icp_qat_fw_la 214 * FW Selects UCS Cipher Slice 215 * Cipher Algorithms: AES-{CTR/XTS}, Single Pass AES-GCM 216 * Auth Algorithms : SHA1/ SHA{2/3}-{224/256/384/512} */ 217 218 #define ICP_QAT_FW_LA_USE_LEGACY_SLICE_TYPE 0 219 /**< @ingroup icp_qat_fw_la 220 * FW Selects Legacy Cipher/Auth Slice 221 * Cipher Algorithms: AES-{CBC/ECB}, SM4, Single Pass AES-CCM 222 * Auth Algorithms : SHA1/ SHA{2/3}-{224/256/384/512} */ 223 224 #define QAT_LA_SLICE_TYPE_BITPOS 14 225 /**< @ingroup icp_qat_fw_la 226 * Starting bit position for the slice type selection. 227 * Refer to HAS for Slice type assignment details on QAT2.0 */ 228 229 #define QAT_LA_SLICE_TYPE_MASK 0x3 230 /**< @ingroup icp_qat_fw_la 231 * Two bit mask used to determine the Slice type */ 232 233 /* bit 11 */ 234 #define ICP_QAT_FW_LA_GCM_IV_LEN_12_OCTETS 1 235 /**< @ingroup icp_qat_fw_la 236 * Indicates the IV Length for GCM protocol is 96 Bits (12 Octets) 237 * If set FW does the padding to compute CTR0 */ 238 239 #define ICP_QAT_FW_LA_GCM_IV_LEN_NOT_12_OCTETS 0 240 /**< @ingroup icp_qat_fw_la 241 * Indicates the IV Length for GCM protocol is not 96 Bits (12 Octets) 242 * If IA computes CTR0 */ 243 244 #define QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS 12 245 /**< @ingroup icp_cpm_fw_la 246 * Bit position defining ZUC processing for a encrypt command */ 247 248 #define ICP_QAT_FW_LA_ZUC_3G_PROTO 1 249 /**< @ingroup icp_cpm_fw_la 250 * Value indicating ZUC processing for a encrypt command */ 251 252 #define QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK 0x1 253 /**< @ingroup icp_qat_fw_la 254 * One bit mask used to determine the ZUC 3G protocol bit. 255 * Must be set for Cipher-only, Cipher + Auth and Auth-only */ 256 257 #define QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_BITPOS 13 258 /**< @ingroup icp_cpm_fw_la 259 * Bit position defining SINGLE PASS processing for a encrypt command */ 260 261 #define ICP_QAT_FW_LA_SINGLE_PASS_PROTO 1 262 /**< @ingroup icp_cpm_fw_la 263 * Value indicating SINGLE PASS processing for a encrypt command */ 264 265 #define QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_MASK 0x1 266 /**< @ingroup icp_qat_fw_la 267 * One bit mask used to determine the SINGLE PASS protocol bit. 268 * Must be set for Cipher-only */ 269 270 #define QAT_LA_GCM_IV_LEN_FLAG_BITPOS 11 271 /**< @ingroup icp_qat_fw_la 272 * Starting bit position for GCM IV Length indication. If set 273 * the IV Length is 96 Bits, clear for other IV lengths */ 274 275 #define QAT_LA_GCM_IV_LEN_FLAG_MASK 0x1 276 /**< @ingroup icp_qat_fw_la 277 * One bit mask used to determine the GCM IV Length indication bit. 278 * If set the IV Length is 96 Bits, clear for other IV lengths */ 279 280 /* bit 10 */ 281 #define ICP_QAT_FW_LA_DIGEST_IN_BUFFER 1 282 /**< @ingroup icp_qat_fw_la 283 * Flag representing that authentication digest is stored or is extracted 284 * from the source buffer. Auth Result Pointer will be ignored in this case. */ 285 286 #define ICP_QAT_FW_LA_NO_DIGEST_IN_BUFFER 0 287 /**< @ingroup icp_qat_fw_la 288 * Flag representing that authentication digest is NOT stored or is NOT 289 * extracted from the source buffer. Auth result will get stored or extracted 290 * from the Auth Result Pointer. Please not that in this case digest CANNOT be 291 * encrypted. */ 292 293 #define QAT_LA_DIGEST_IN_BUFFER_BITPOS 10 294 /**< @ingroup icp_qat_fw_la 295 * Starting bit position for Digest in Buffer flag */ 296 297 #define QAT_LA_DIGEST_IN_BUFFER_MASK 0x1 298 /**< @ingroup icp_qat_fw_la 299 * One bit mask used to determine the Digest in Buffer flag */ 300 301 /* bits 7-9 */ 302 #define ICP_QAT_FW_LA_SNOW_3G_PROTO 4 303 /**< @ingroup icp_cpm_fw_la 304 * Indicates SNOW_3G processing for a encrypt command */ 305 306 #define ICP_QAT_FW_LA_GCM_PROTO 2 307 /**< @ingroup icp_qat_fw_la 308 * Indicates GCM processing for a auth_encrypt command */ 309 310 #define ICP_QAT_FW_LA_CCM_PROTO 1 311 /**< @ingroup icp_qat_fw_la 312 * Indicates CCM processing for a auth_encrypt command */ 313 314 #define ICP_QAT_FW_LA_NO_PROTO 0 315 /**< @ingroup icp_qat_fw_la 316 * Indicates no specific protocol processing for the command */ 317 318 #define QAT_LA_PROTO_BITPOS 7 319 /**< @ingroup icp_qat_fw_la 320 * Starting bit position for the Lookaside Protocols */ 321 322 #define QAT_LA_PROTO_MASK 0x7 323 /**< @ingroup icp_qat_fw_la 324 * Three bit mask used to determine the Lookaside Protocol */ 325 326 /* bit 6 */ 327 #define ICP_QAT_FW_LA_CMP_AUTH_RES 1 328 /**< @ingroup icp_qat_fw_la 329 * Flag representing the need to compare the auth result data to the expected 330 * value in DRAM at the auth_address. */ 331 332 #define ICP_QAT_FW_LA_NO_CMP_AUTH_RES 0 333 /**< @ingroup icp_qat_fw_la 334 * Flag representing that there is no need to do a compare of the auth data 335 * to the expected value */ 336 337 #define QAT_LA_CMP_AUTH_RES_BITPOS 6 338 /**< @ingroup icp_qat_fw_la 339 * Starting bit position for Auth compare digest result */ 340 341 #define QAT_LA_CMP_AUTH_RES_MASK 0x1 342 /**< @ingroup icp_qat_fw_la 343 * One bit mask used to determine the Auth compare digest result */ 344 345 /* bit 5 */ 346 #define ICP_QAT_FW_LA_RET_AUTH_RES 1 347 /**< @ingroup icp_qat_fw_la 348 * Flag representing the need to return the auth result data to dram after the 349 * request processing is complete */ 350 351 #define ICP_QAT_FW_LA_NO_RET_AUTH_RES 0 352 /**< @ingroup icp_qat_fw_la 353 * Flag representing that there is no need to return the auth result data */ 354 355 #define QAT_LA_RET_AUTH_RES_BITPOS 5 356 /**< @ingroup icp_qat_fw_la 357 * Starting bit position for Auth return digest result */ 358 359 #define QAT_LA_RET_AUTH_RES_MASK 0x1 360 /**< @ingroup icp_qat_fw_la 361 * One bit mask used to determine the Auth return digest result */ 362 363 /* bit 4 */ 364 #define ICP_QAT_FW_LA_UPDATE_STATE 1 365 /**< @ingroup icp_qat_fw_la 366 * Flag representing the need to update the state data in dram after the 367 * request processing is complete */ 368 369 #define ICP_QAT_FW_LA_NO_UPDATE_STATE 0 370 /**< @ingroup icp_qat_fw_la 371 * Flag representing that there is no need to update the state data */ 372 373 #define QAT_LA_UPDATE_STATE_BITPOS 4 374 /**< @ingroup icp_qat_fw_la 375 * Starting bit position for Update State. */ 376 377 #define QAT_LA_UPDATE_STATE_MASK 0x1 378 /**< @ingroup icp_qat_fw_la 379 * One bit mask used to determine the Update State */ 380 381 /* bit 3 */ 382 #define ICP_QAT_FW_CIPH_AUTH_CFG_OFFSET_IN_CD_SETUP 0 383 /**< @ingroup icp_qat_fw_la 384 * Flag representing Cipher/Auth Config Offset Type, where the offset 385 * is contained in CD Setup. When the SHRAM constants page 386 * is not used for cipher/auth configuration, then the Content Descriptor 387 * pointer field must be a pointer (as opposed to a 16-byte key), since 388 * the block pointed to must contain both the slice config and the key */ 389 390 #define ICP_QAT_FW_CIPH_AUTH_CFG_OFFSET_IN_SHRAM_CP 1 391 /**< @ingroup icp_qat_fw_la 392 * Flag representing Cipher/Auth Config Offset Type, where the offset 393 * is contained in SHRAM constants page. */ 394 395 #define QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS 3 396 /**< @ingroup icp_qat_fw_la 397 * Starting bit position indicating Cipher/Auth Config 398 * offset type */ 399 400 #define QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK 0x1 401 /**< @ingroup icp_qat_fw_la 402 * One bit mask used to determine Cipher/Auth Config 403 * offset type */ 404 405 /* bit 2 */ 406 #define ICP_QAT_FW_CIPH_IV_64BIT_PTR 0 407 /**< @ingroup icp_qat_fw_la 408 * Flag representing Cipher IV field contents via 64-bit pointer */ 409 410 #define ICP_QAT_FW_CIPH_IV_16BYTE_DATA 1 411 /**< @ingroup icp_qat_fw_la 412 * Flag representing Cipher IV field contents as 16-byte data array */ 413 414 #define QAT_LA_CIPH_IV_FLD_BITPOS 2 415 /**< @ingroup icp_qat_fw_la 416 * Starting bit position indicating Cipher IV field 417 * contents */ 418 419 #define QAT_LA_CIPH_IV_FLD_MASK 0x1 420 /**< @ingroup icp_qat_fw_la 421 * One bit mask used to determine the Cipher IV field 422 * contents */ 423 424 /* bits 0-1 */ 425 #define ICP_QAT_FW_LA_PARTIAL_NONE 0 426 /**< @ingroup icp_qat_fw_la 427 * Flag representing no need for partial processing condition i.e. 428 * entire packet processed in the current command */ 429 430 #define ICP_QAT_FW_LA_PARTIAL_START 1 431 /**< @ingroup icp_qat_fw_la 432 * Flag representing the first chunk of the partial packet */ 433 434 #define ICP_QAT_FW_LA_PARTIAL_MID 3 435 /**< @ingroup icp_qat_fw_la 436 * Flag representing a middle chunk of the partial packet */ 437 438 #define ICP_QAT_FW_LA_PARTIAL_END 2 439 /**< @ingroup icp_qat_fw_la 440 * Flag representing the final/end chunk of the partial packet */ 441 442 #define QAT_LA_PARTIAL_BITPOS 0 443 /**< @ingroup icp_qat_fw_la 444 * Starting bit position indicating partial state */ 445 446 #define QAT_LA_PARTIAL_MASK 0x3 447 /**< @ingroup icp_qat_fw_la 448 * Two bit mask used to determine the partial state */ 449 450 /* The table below defines the meaning of the prefix_addr & hash_state_sz in 451 * the case of partial processing. See the HLD for further details 452 * 453 * + ====== + ------------------------- + ----------------------- + 454 * | Parial | Prefix Addr | Hash State Sz | 455 * | State | | | 456 * + ====== + ------------------------- + ----------------------- + 457 * | FULL | Points to the prefix data | Prefix size as below. | 458 * | | | No update of state | 459 * + ====== + ------------------------- + ----------------------- + 460 * | SOP | Points to the prefix | = inner prefix rounded | 461 * | | data. State is updated | to qwrds + outer prefix | 462 * | | at prefix_addr - state_sz | rounded to qwrds. The | 463 * | | - 8 (counter size) | writeback state sz | 464 * | | | comes from the CD | 465 * + ====== + ------------------------- + ----------------------- + 466 * | MOP | Points to the state data | State size rounded to | 467 * | | Updated state written to | num qwrds + 8 (for the | 468 * | | same location | counter) + inner prefix | 469 * | | | rounded to qwrds + | 470 * | | | outer prefix rounded to | 471 * | | | qwrds. | 472 * + ====== + ------------------------- + ----------------------- + 473 * | EOP | Points to the state data | State size rounded to | 474 * | | | num qwrds + 8 (for the | 475 * | | | counter) + inner prefix | 476 * | | | rounded to qwrds + | 477 * | | | outer prefix rounded to | 478 * | | | qwrds. | 479 * + ====== + ------------------------- + ----------------------- + 480 * 481 * Notes: 482 * 483 * - If the EOP is set it is assumed that no state update is to be performed. 484 * However it is the clients responsibility to set the update_state flag 485 * correctly i.e. not set for EOP or Full packet cases. Only set for SOP and 486 * MOP with no EOP flag 487 * - The SOP take precedence over the MOP and EOP i.e. in the calculation of 488 * the address to writeback the state. 489 * - The prefix address must be on at least the 8 byte boundary 490 */ 491 492 /** 493 ****************************************************************************** 494 * @ingroup icp_qat_fw_la 495 * 496 * @description 497 * Macro used for the generation of the Lookaside flags for a request. This 498 * should always be used for the generation of the flags field. No direct sets 499 * or masks should be performed on the flags data 500 * 501 * @param gcm_iv_len GCM IV Length indication bit 502 * @param auth_rslt Authentication result - Digest is stored/extracted 503 * in/from the source buffer 504 * straight after the authenticated region 505 * @param proto Protocol handled by a command 506 * @param cmp_auth Compare auth result with the expected value 507 * @param ret_auth Return auth result to the client via DRAM 508 * @param update_state Indicate update of the crypto state information 509 * is required 510 * @param ciphIV Cipher IV field contents 511 * @param ciphcfg Cipher/Auth Config offset type 512 * @param partial Inidicate if the packet is a partial part 513 * 514 *****************************************************************************/ 515 #define ICP_QAT_FW_LA_FLAGS_BUILD(zuc_proto, \ 516 gcm_iv_len, \ 517 auth_rslt, \ 518 proto, \ 519 cmp_auth, \ 520 ret_auth, \ 521 update_state, \ 522 ciphIV, \ 523 ciphcfg, \ 524 partial) \ 525 (((zuc_proto & QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK) \ 526 << QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS) | \ 527 ((gcm_iv_len & QAT_LA_GCM_IV_LEN_FLAG_MASK) \ 528 << QAT_LA_GCM_IV_LEN_FLAG_BITPOS) | \ 529 ((auth_rslt & QAT_LA_DIGEST_IN_BUFFER_MASK) \ 530 << QAT_LA_DIGEST_IN_BUFFER_BITPOS) | \ 531 ((proto & QAT_LA_PROTO_MASK) << QAT_LA_PROTO_BITPOS) | \ 532 ((cmp_auth & QAT_LA_CMP_AUTH_RES_MASK) \ 533 << QAT_LA_CMP_AUTH_RES_BITPOS) | \ 534 ((ret_auth & QAT_LA_RET_AUTH_RES_MASK) \ 535 << QAT_LA_RET_AUTH_RES_BITPOS) | \ 536 ((update_state & QAT_LA_UPDATE_STATE_MASK) \ 537 << QAT_LA_UPDATE_STATE_BITPOS) | \ 538 ((ciphIV & QAT_LA_CIPH_IV_FLD_MASK) << QAT_LA_CIPH_IV_FLD_BITPOS) | \ 539 ((ciphcfg & QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK) \ 540 << QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS) | \ 541 ((partial & QAT_LA_PARTIAL_MASK) << QAT_LA_PARTIAL_BITPOS)) 542 543 /* Macros for extracting field bits */ 544 /** 545 ****************************************************************************** 546 * @ingroup icp_qat_fw_la 547 * 548 * @description 549 * Macro for extraction of the Cipher IV field contents (bit 2) 550 * 551 * @param flags Flags to extract the Cipher IV field contents 552 * 553 *****************************************************************************/ 554 #define ICP_QAT_FW_LA_CIPH_IV_FLD_FLAG_GET(flags) \ 555 QAT_FIELD_GET(flags, QAT_LA_CIPH_IV_FLD_BITPOS, QAT_LA_CIPH_IV_FLD_MASK) 556 557 /** 558 ****************************************************************************** 559 * @ingroup icp_qat_fw_la 560 * 561 * @description 562 * Macro for extraction of the Cipher/Auth Config 563 * offset type (bit 3) 564 * 565 * @param flags Flags to extract the Cipher/Auth Config 566 * offset type 567 * 568 *****************************************************************************/ 569 #define ICP_QAT_FW_LA_CIPH_AUTH_CFG_OFFSET_FLAG_GET(flags) \ 570 QAT_FIELD_GET(flags, \ 571 QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS, \ 572 QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK) 573 574 /** 575 ****************************************************************************** 576 * @ingroup icp_qat_fw_la 577 * 578 * @description 579 * Macro for extraction of the ZUC protocol bit 580 * information (bit 11) 581 * 582 * @param flags Flags to extract the ZUC protocol bit 583 * 584 *****************************************************************************/ 585 #define ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_GET(flags) \ 586 QAT_FIELD_GET(flags, \ 587 QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS, \ 588 QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK) 589 590 /** 591 ****************************************************************************** 592 * @ingroup icp_qat_fw_la 593 * 594 * @description 595 * Macro for extraction of the GCM IV Len is 12 Octets / 96 Bits 596 * information (bit 11) 597 * 598 * @param flags Flags to extract the GCM IV length 599 * 600 *****************************************************************************/ 601 #define ICP_QAT_FW_LA_GCM_IV_LEN_FLAG_GET(flags) \ 602 QAT_FIELD_GET(flags, \ 603 QAT_LA_GCM_IV_LEN_FLAG_BITPOS, \ 604 QAT_LA_GCM_IV_LEN_FLAG_MASK) 605 606 /** 607 ****************************************************************************** 608 * @ingroup icp_qat_fw_la 609 * 610 * @description 611 * Macro for extraction of the LA protocol state (bits 9-7) 612 * 613 * @param flags Flags to extract the protocol state 614 * 615 *****************************************************************************/ 616 #define ICP_QAT_FW_LA_PROTO_GET(flags) \ 617 QAT_FIELD_GET(flags, QAT_LA_PROTO_BITPOS, QAT_LA_PROTO_MASK) 618 619 /** 620 ****************************************************************************** 621 * @ingroup icp_qat_fw_la 622 * 623 * @description 624 * Macro for extraction of the "compare auth" state (bit 6) 625 * 626 * @param flags Flags to extract the compare auth result state 627 * 628 *****************************************************************************/ 629 #define ICP_QAT_FW_LA_CMP_AUTH_GET(flags) \ 630 QAT_FIELD_GET(flags, \ 631 QAT_LA_CMP_AUTH_RES_BITPOS, \ 632 QAT_LA_CMP_AUTH_RES_MASK) 633 634 /** 635 ****************************************************************************** 636 * @ingroup icp_qat_fw_la 637 * 638 * @description 639 * Macro for extraction of the "return auth" state (bit 5) 640 * 641 * @param flags Flags to extract the return auth result state 642 * 643 *****************************************************************************/ 644 #define ICP_QAT_FW_LA_RET_AUTH_GET(flags) \ 645 QAT_FIELD_GET(flags, \ 646 QAT_LA_RET_AUTH_RES_BITPOS, \ 647 QAT_LA_RET_AUTH_RES_MASK) 648 649 /** 650 ****************************************************************************** 651 * @ingroup icp_qat_fw_la 652 * 653 * @description 654 * Macro for extraction of the "digest in buffer" state (bit 10) 655 * 656 * @param flags Flags to extract the digest in buffer state 657 * 658 *****************************************************************************/ 659 #define ICP_QAT_FW_LA_DIGEST_IN_BUFFER_GET(flags) \ 660 QAT_FIELD_GET(flags, \ 661 QAT_LA_DIGEST_IN_BUFFER_BITPOS, \ 662 QAT_LA_DIGEST_IN_BUFFER_MASK) 663 664 /** 665 ****************************************************************************** 666 * @ingroup icp_qat_fw_la 667 * 668 * @description 669 * Macro for extraction of the update content state value. (bit 4) 670 * 671 * @param flags Flags to extract the update content state bit 672 * 673 *****************************************************************************/ 674 #define ICP_QAT_FW_LA_UPDATE_STATE_GET(flags) \ 675 QAT_FIELD_GET(flags, \ 676 QAT_LA_UPDATE_STATE_BITPOS, \ 677 QAT_LA_UPDATE_STATE_MASK) 678 679 /** 680 ****************************************************************************** 681 * @ingroup icp_qat_fw_la 682 * 683 * @description 684 * Macro for extraction of the "partial" packet state (bits 1-0) 685 * 686 * @param flags Flags to extract the partial state 687 * 688 *****************************************************************************/ 689 #define ICP_QAT_FW_LA_PARTIAL_GET(flags) \ 690 QAT_FIELD_GET(flags, QAT_LA_PARTIAL_BITPOS, QAT_LA_PARTIAL_MASK) 691 692 /** 693 ****************************************************************************** 694 * @ingroup icp_qat_fw_la 695 * 696 * @description 697 * Macro for extraction of the "Use Extended Protocol Flags" flag value 698 * 699 * @param flags Extended Command Flags 700 * @param val Value of the flag 701 * 702 *****************************************************************************/ 703 #define ICP_QAT_FW_USE_EXTENDED_PROTOCOL_FLAGS_GET(flags) \ 704 QAT_FIELD_GET(flags, \ 705 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_BITPOS, \ 706 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_MASK) 707 708 /** 709 ****************************************************************************** 710 * @ingroup icp_qat_fw_la 711 * 712 * @description 713 * Macro for extraction of the slice type information from the flags. 714 * 715 * @param flags Flags to extract the protocol state 716 * 717 *****************************************************************************/ 718 #define ICP_QAT_FW_LA_SLICE_TYPE_GET(flags) \ 719 QAT_FIELD_GET(flags, QAT_LA_SLICE_TYPE_BITPOS, QAT_LA_SLICE_TYPE_MASK) 720 721 /* Macros for setting field bits */ 722 /** 723 ****************************************************************************** 724 * @ingroup icp_qat_fw_la 725 * 726 * @description 727 * Macro for setting the Cipher IV field contents 728 * 729 * @param flags Flags to set with the Cipher IV field contents 730 * @param val Field contents indicator value 731 * 732 *****************************************************************************/ 733 #define ICP_QAT_FW_LA_CIPH_IV_FLD_FLAG_SET(flags, val) \ 734 QAT_FIELD_SET(flags, \ 735 val, \ 736 QAT_LA_CIPH_IV_FLD_BITPOS, \ 737 QAT_LA_CIPH_IV_FLD_MASK) 738 739 /** 740 ****************************************************************************** 741 * @ingroup icp_qat_fw_la 742 * 743 * @description 744 * Macro for setting the Cipher/Auth Config 745 * offset type 746 * 747 * @param flags Flags to set the Cipher/Auth Config offset type 748 * @param val Offset type value 749 * 750 *****************************************************************************/ 751 #define ICP_QAT_FW_LA_CIPH_AUTH_CFG_OFFSET_FLAG_SET(flags, val) \ 752 QAT_FIELD_SET(flags, \ 753 val, \ 754 QAT_LA_CIPH_AUTH_CFG_OFFSET_BITPOS, \ 755 QAT_LA_CIPH_AUTH_CFG_OFFSET_MASK) 756 757 /** 758 ****************************************************************************** 759 * @ingroup icp_qat_fw_la 760 * 761 * @description 762 * Macro for setting the ZUC protocol flag 763 * 764 * @param flags Flags to set the ZUC protocol flag 765 * @param val Protocol value 766 * 767 *****************************************************************************/ 768 #define ICP_QAT_FW_LA_ZUC_3G_PROTO_FLAG_SET(flags, val) \ 769 QAT_FIELD_SET(flags, \ 770 val, \ 771 QAT_FW_LA_ZUC_3G_PROTO_FLAG_BITPOS, \ 772 QAT_FW_LA_ZUC_3G_PROTO_FLAG_MASK) 773 774 /** 775 ****************************************************************************** 776 * @ingroup icp_qat_fw_la 777 * 778 * @description 779 * Macro for setting the SINGLE PASSprotocol flag 780 * 781 * @param flags Flags to set the SINGLE PASS protocol flag 782 * @param val Protocol value 783 * 784 *****************************************************************************/ 785 #define ICP_QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_SET(flags, val) \ 786 QAT_FIELD_SET(flags, \ 787 val, \ 788 QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_BITPOS, \ 789 QAT_FW_LA_SINGLE_PASS_PROTO_FLAG_MASK) 790 791 /** 792 ****************************************************************************** 793 * @ingroup icp_qat_fw_la 794 * 795 * @description 796 * Macro for setting the GCM IV length flag state 797 * 798 * @param flags Flags to set the GCM IV length flag state 799 * @param val Protocol value 800 * 801 *****************************************************************************/ 802 #define ICP_QAT_FW_LA_GCM_IV_LEN_FLAG_SET(flags, val) \ 803 QAT_FIELD_SET(flags, \ 804 val, \ 805 QAT_LA_GCM_IV_LEN_FLAG_BITPOS, \ 806 QAT_LA_GCM_IV_LEN_FLAG_MASK) 807 808 /** 809 ****************************************************************************** 810 * @ingroup icp_qat_fw_la 811 * 812 * @description 813 * Macro for setting the LA protocol flag state 814 * 815 * @param flags Flags to set the protocol state 816 * @param val Protocol value 817 * 818 *****************************************************************************/ 819 #define ICP_QAT_FW_LA_PROTO_SET(flags, val) \ 820 QAT_FIELD_SET(flags, val, QAT_LA_PROTO_BITPOS, QAT_LA_PROTO_MASK) 821 822 /** 823 ****************************************************************************** 824 * @ingroup icp_qat_fw_la 825 * 826 * @description 827 * Macro for setting the "compare auth" flag state 828 * 829 * @param flags Flags to set the compare auth result state 830 * @param val Compare Auth value 831 * 832 *****************************************************************************/ 833 #define ICP_QAT_FW_LA_CMP_AUTH_SET(flags, val) \ 834 QAT_FIELD_SET(flags, \ 835 val, \ 836 QAT_LA_CMP_AUTH_RES_BITPOS, \ 837 QAT_LA_CMP_AUTH_RES_MASK) 838 839 /** 840 ****************************************************************************** 841 * @ingroup icp_qat_fw_la 842 * 843 * @description 844 * Macro for setting the "return auth" flag state 845 * 846 * @param flags Flags to set the return auth result state 847 * @param val Return Auth value 848 * 849 *****************************************************************************/ 850 #define ICP_QAT_FW_LA_RET_AUTH_SET(flags, val) \ 851 QAT_FIELD_SET(flags, \ 852 val, \ 853 QAT_LA_RET_AUTH_RES_BITPOS, \ 854 QAT_LA_RET_AUTH_RES_MASK) 855 856 /** 857 ****************************************************************************** 858 * @ingroup icp_qat_fw_la 859 * 860 * @description 861 * Macro for setting the "digest in buffer" flag state 862 * 863 * @param flags Flags to set the digest in buffer state 864 * @param val Digest in buffer value 865 * 866 *****************************************************************************/ 867 #define ICP_QAT_FW_LA_DIGEST_IN_BUFFER_SET(flags, val) \ 868 QAT_FIELD_SET(flags, \ 869 val, \ 870 QAT_LA_DIGEST_IN_BUFFER_BITPOS, \ 871 QAT_LA_DIGEST_IN_BUFFER_MASK) 872 873 /** 874 ****************************************************************************** 875 * @ingroup icp_qat_fw_la 876 * 877 * @description 878 * Macro for setting the "update state" flag value 879 * 880 * @param flags Flags to set the update content state 881 * @param val Update Content State flag value 882 * 883 *****************************************************************************/ 884 #define ICP_QAT_FW_LA_UPDATE_STATE_SET(flags, val) \ 885 QAT_FIELD_SET(flags, \ 886 val, \ 887 QAT_LA_UPDATE_STATE_BITPOS, \ 888 QAT_LA_UPDATE_STATE_MASK) 889 890 /** 891 ****************************************************************************** 892 * @ingroup icp_qat_fw_la 893 * 894 * @description 895 * Macro for setting the "partial" packet flag state 896 * 897 * @param flags Flags to set the partial state 898 * @param val Partial state value 899 * 900 *****************************************************************************/ 901 #define ICP_QAT_FW_LA_PARTIAL_SET(flags, val) \ 902 QAT_FIELD_SET(flags, val, QAT_LA_PARTIAL_BITPOS, QAT_LA_PARTIAL_MASK) 903 904 /** 905 ****************************************************************************** 906 * @ingroup icp_qat_fw_la 907 * 908 * @description 909 * Macro for setting the "Use Extended Protocol Flags" flag value 910 * 911 * @param flags Extended Command Flags 912 * @param val Value of the flag 913 * 914 *****************************************************************************/ 915 #define ICP_QAT_FW_USE_EXTENDED_PROTOCOL_FLAGS_SET(flags, val) \ 916 QAT_FIELD_SET(flags, \ 917 val, \ 918 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_BITPOS, \ 919 QAT_LA_USE_EXTENDED_PROTOCOL_FLAGS_MASK) 920 921 /** 922 ****************************************************************************** 923 * @ingroup icp_qat_fw_la 924 * 925 * @description 926 * Macro for setting the "slice type" field in la flags 927 * 928 * @param flags Flags to set the slice type 929 * @param val Value of the slice type to be set. 930 * 931 *****************************************************************************/ 932 #define ICP_QAT_FW_LA_SLICE_TYPE_SET(flags, val) \ 933 QAT_FIELD_SET(flags, \ 934 val, \ 935 QAT_LA_SLICE_TYPE_BITPOS, \ 936 QAT_LA_SLICE_TYPE_MASK) 937 938 /** 939 ***************************************************************************** 940 * @ingroup icp_qat_fw_la 941 * Definition of the Cipher header Content Descriptor pars block 942 * @description 943 * Definition of the cipher processing header cd pars block. 944 * The structure is a service-specific implementation of the common 945 * 'icp_qat_fw_comn_req_hdr_cd_pars_s' structure. 946 *****************************************************************************/ 947 typedef union icp_qat_fw_cipher_req_hdr_cd_pars_s { 948 /**< LWs 2-5 */ 949 struct { 950 uint64_t content_desc_addr; 951 /**< Address of the content descriptor */ 952 953 uint16_t content_desc_resrvd1; 954 /**< Content descriptor reserved field */ 955 956 uint8_t content_desc_params_sz; 957 /**< Size of the content descriptor parameters in quad words. 958 * These parameters describe the session setup configuration 959 * info for the slices that this request relies upon i.e. the 960 * configuration word and cipher key needed by the cipher slice 961 * if there is a request for cipher processing. */ 962 963 uint8_t content_desc_hdr_resrvd2; 964 /**< Content descriptor reserved field */ 965 966 uint32_t content_desc_resrvd3; 967 /**< Content descriptor reserved field */ 968 } s; 969 970 struct { 971 uint32_t cipher_key_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 972 /* Cipher Key Array */ 973 974 } s1; 975 976 } icp_qat_fw_cipher_req_hdr_cd_pars_t; 977 978 /** 979 ***************************************************************************** 980 * @ingroup icp_qat_fw_la 981 * Definition of the Authentication header Content Descriptor pars block 982 * @description 983 * Definition of the authentication processing header cd pars block. 984 *****************************************************************************/ 985 /* Note: Authentication uses the common 'icp_qat_fw_comn_req_hdr_cd_pars_s' 986 * structure - similarly, it is also used by SSL3, TLS and MGF. Only cipher 987 * and cipher + authentication require service-specific implementations of 988 * the structure */ 989 990 /** 991 ***************************************************************************** 992 * @ingroup icp_qat_fw_la 993 * Definition of the Cipher + Auth header Content Descriptor pars block 994 * @description 995 * Definition of the cipher + auth processing header cd pars block. 996 * The structure is a service-specific implementation of the common 997 * 'icp_qat_fw_comn_req_hdr_cd_pars_s' structure. 998 *****************************************************************************/ 999 typedef union icp_qat_fw_cipher_auth_req_hdr_cd_pars_s { 1000 /**< LWs 2-5 */ 1001 struct { 1002 uint64_t content_desc_addr; 1003 /**< Address of the content descriptor */ 1004 1005 uint16_t content_desc_resrvd1; 1006 /**< Content descriptor reserved field */ 1007 1008 uint8_t content_desc_params_sz; 1009 /**< Size of the content descriptor parameters in quad words. 1010 * These parameters describe the session setup configuration 1011 * info for the slices that this request relies upon i.e. the 1012 * configuration word and cipher key needed by the cipher slice 1013 * if there is a request for cipher processing. */ 1014 1015 uint8_t content_desc_hdr_resrvd2; 1016 /**< Content descriptor reserved field */ 1017 1018 uint32_t content_desc_resrvd3; 1019 /**< Content descriptor reserved field */ 1020 } s; 1021 1022 struct { 1023 uint32_t cipher_key_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 1024 /* Cipher Key Array */ 1025 1026 } sl; 1027 1028 } icp_qat_fw_cipher_auth_req_hdr_cd_pars_t; 1029 1030 /** 1031 ***************************************************************************** 1032 * @ingroup icp_qat_fw_la 1033 * Cipher content descriptor control block (header) 1034 * @description 1035 * Definition of the service-specific cipher control block header 1036 * structure. This header forms part of the content descriptor 1037 * block incorporating LWs 27-31, as defined by the common base 1038 * parameters structure. 1039 * 1040 *****************************************************************************/ 1041 typedef struct icp_qat_fw_cipher_cd_ctrl_hdr_s { 1042 /**< LW 27 */ 1043 uint8_t cipher_state_sz; 1044 /**< State size in quad words of the cipher algorithm used in this 1045 * session. Set to zero if the algorithm doesnt provide any state */ 1046 1047 uint8_t cipher_key_sz; 1048 /**< Key size in quad words of the cipher algorithm used in this session 1049 */ 1050 1051 uint8_t cipher_cfg_offset; 1052 /**< Quad word offset from the content descriptor parameters address 1053 * i.e. (content_address + (cd_hdr_sz << 3)) to the parameters for the 1054 * cipher processing */ 1055 1056 uint8_t next_curr_id; 1057 /**< This field combines the next and current id (each four bits) - 1058 * the next id is the most significant nibble. 1059 * Next Id: Set to the next slice to pass the ciphered data through. 1060 * Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go through 1061 * any more slices after cipher. 1062 * Current Id: Initialised with the cipher slice type */ 1063 1064 /**< LW 28 */ 1065 uint8_t cipher_padding_sz; 1066 /**< State padding size in quad words. Set to 0 if no padding is 1067 * required. 1068 */ 1069 1070 uint8_t resrvd1; 1071 uint16_t resrvd2; 1072 /**< Reserved bytes to bring the struct to the word boundary, used by 1073 * authentication. MUST be set to 0 */ 1074 1075 /**< LWs 29-31 */ 1076 uint32_t resrvd3[ICP_QAT_FW_NUM_LONGWORDS_3]; 1077 /**< Reserved bytes used by authentication. MUST be set to 0 */ 1078 1079 } icp_qat_fw_cipher_cd_ctrl_hdr_t; 1080 1081 /** 1082 ***************************************************************************** 1083 * @ingroup icp_qat_fw_la 1084 * Authentication content descriptor control block (header) 1085 * @description 1086 * Definition of the service-specific authentication control block 1087 * header structure. This header forms part of the content descriptor 1088 * block incorporating LWs 27-31, as defined by the common base 1089 * parameters structure, the first portion of which is reserved for 1090 * cipher. 1091 * 1092 *****************************************************************************/ 1093 typedef struct icp_qat_fw_auth_cd_ctrl_hdr_s { 1094 /**< LW 27 */ 1095 uint32_t resrvd1; 1096 /**< Reserved bytes, used by cipher only. MUST be set to 0 */ 1097 1098 /**< LW 28 */ 1099 uint8_t resrvd2; 1100 /**< Reserved byte, used by cipher only. MUST be set to 0 */ 1101 1102 uint8_t hash_flags; 1103 /**< General flags defining the processing to perform. 0 is normal 1104 * processing 1105 * and 1 means there is a nested hash processing loop to go through */ 1106 1107 uint8_t hash_cfg_offset; 1108 /**< Quad word offset from the content descriptor parameters address to 1109 * the parameters for the auth processing */ 1110 1111 uint8_t next_curr_id; 1112 /**< This field combines the next and current id (each four bits) - 1113 * the next id is the most significant nibble. 1114 * Next Id: Set to the next slice to pass the authentication data 1115 * through. Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go 1116 * through any more slices after authentication. 1117 * Current Id: Initialised with the authentication slice type */ 1118 1119 /**< LW 29 */ 1120 uint8_t resrvd3; 1121 /**< Now a reserved field. MUST be set to 0 */ 1122 1123 uint8_t outer_prefix_sz; 1124 /**< Size in bytes of outer prefix data */ 1125 1126 uint8_t final_sz; 1127 /**< Size in bytes of digest to be returned to the client if requested 1128 */ 1129 1130 uint8_t inner_res_sz; 1131 /**< Size in bytes of the digest from the inner hash algorithm */ 1132 1133 /**< LW 30 */ 1134 uint8_t resrvd4; 1135 /**< Now a reserved field. MUST be set to zero. */ 1136 1137 uint8_t inner_state1_sz; 1138 /**< Size in bytes of inner hash state1 data. Must be a qword multiple 1139 */ 1140 1141 uint8_t inner_state2_offset; 1142 /**< Quad word offset from the content descriptor parameters pointer to 1143 * the inner state2 value */ 1144 1145 uint8_t inner_state2_sz; 1146 /**< Size in bytes of inner hash state2 data. Must be a qword multiple 1147 */ 1148 1149 /**< LW 31 */ 1150 uint8_t outer_config_offset; 1151 /**< Quad word offset from the content descriptor parameters pointer to 1152 * the outer configuration information */ 1153 1154 uint8_t outer_state1_sz; 1155 /**< Size in bytes of the outer state1 value */ 1156 1157 uint8_t outer_res_sz; 1158 /**< Size in bytes of digest from the outer auth algorithm */ 1159 1160 uint8_t outer_prefix_offset; 1161 /**< Quad word offset from the start of the inner prefix data to the 1162 * outer prefix information. Should equal the rounded inner prefix size, 1163 * converted to qwords */ 1164 1165 } icp_qat_fw_auth_cd_ctrl_hdr_t; 1166 1167 /** 1168 ***************************************************************************** 1169 * @ingroup icp_qat_fw_la 1170 * Cipher + Authentication content descriptor control block header 1171 * @description 1172 * Definition of both service-specific cipher + authentication control 1173 * block header structures. This header forms part of the content 1174 * descriptor block incorporating LWs 27-31, as defined by the common 1175 * base parameters structure. 1176 * 1177 *****************************************************************************/ 1178 typedef struct icp_qat_fw_cipher_auth_cd_ctrl_hdr_s { 1179 /**< LW 27 */ 1180 uint8_t cipher_state_sz; 1181 /**< State size in quad words of the cipher algorithm used in this 1182 * session. Set to zero if the algorithm doesnt provide any state */ 1183 1184 uint8_t cipher_key_sz; 1185 /**< Key size in quad words of the cipher algorithm used in this session 1186 */ 1187 1188 uint8_t cipher_cfg_offset; 1189 /**< Quad word offset from the content descriptor parameters address 1190 * i.e. (content_address + (cd_hdr_sz << 3)) to the parameters for the 1191 * cipher processing */ 1192 1193 uint8_t next_curr_id_cipher; 1194 /**< This field combines the next and current id (each four bits) - 1195 * the next id is the most significant nibble. 1196 * Next Id: Set to the next slice to pass the ciphered data through. 1197 * Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go through 1198 * any more slices after cipher. 1199 * Current Id: Initialised with the cipher slice type */ 1200 1201 /**< LW 28 */ 1202 uint8_t cipher_padding_sz; 1203 /**< State padding size in quad words. Set to 0 if no padding is 1204 * required. 1205 */ 1206 1207 uint8_t hash_flags; 1208 /**< General flags defining the processing to perform. 0 is normal 1209 * processing 1210 * and 1 means there is a nested hash processing loop to go through */ 1211 1212 uint8_t hash_cfg_offset; 1213 /**< Quad word offset from the content descriptor parameters address to 1214 * the parameters for the auth processing */ 1215 1216 uint8_t next_curr_id_auth; 1217 /**< This field combines the next and current id (each four bits) - 1218 * the next id is the most significant nibble. 1219 * Next Id: Set to the next slice to pass the authentication data 1220 * through. Set to ICP_QAT_FW_SLICE_DRAM_WR if the data is not to go 1221 * through any more slices after authentication. 1222 * Current Id: Initialised with the authentication slice type */ 1223 1224 /**< LW 29 */ 1225 uint8_t resrvd1; 1226 /**< Reserved field. MUST be set to 0 */ 1227 1228 uint8_t outer_prefix_sz; 1229 /**< Size in bytes of outer prefix data */ 1230 1231 uint8_t final_sz; 1232 /**< Size in bytes of digest to be returned to the client if requested 1233 */ 1234 1235 uint8_t inner_res_sz; 1236 /**< Size in bytes of the digest from the inner hash algorithm */ 1237 1238 /**< LW 30 */ 1239 uint8_t resrvd2; 1240 /**< Now a reserved field. MUST be set to zero. */ 1241 1242 uint8_t inner_state1_sz; 1243 /**< Size in bytes of inner hash state1 data. Must be a qword multiple 1244 */ 1245 1246 uint8_t inner_state2_offset; 1247 /**< Quad word offset from the content descriptor parameters pointer to 1248 * the inner state2 value */ 1249 1250 uint8_t inner_state2_sz; 1251 /**< Size in bytes of inner hash state2 data. Must be a qword multiple 1252 */ 1253 1254 /**< LW 31 */ 1255 uint8_t outer_config_offset; 1256 /**< Quad word offset from the content descriptor parameters pointer to 1257 * the outer configuration information */ 1258 1259 uint8_t outer_state1_sz; 1260 /**< Size in bytes of the outer state1 value */ 1261 1262 uint8_t outer_res_sz; 1263 /**< Size in bytes of digest from the outer auth algorithm */ 1264 1265 uint8_t outer_prefix_offset; 1266 /**< Quad word offset from the start of the inner prefix data to the 1267 * outer prefix information. Should equal the rounded inner prefix size, 1268 * converted to qwords */ 1269 1270 } icp_qat_fw_cipher_auth_cd_ctrl_hdr_t; 1271 1272 /* 1273 * HASH FLAGS 1274 * 1275 * + ===== + --- + --- + --- + --- + --- + --- + --- + ---- + 1276 * | Bit | 7 | 6 | 5 | 4 | 3 | 2 | 1 | 0 | 1277 * + ===== + --- + --- + --- + --- + --- + --- + --- + ---- + 1278 * | Flags | Rsv | Rsv | Rsv | ZUC |SNOW |SKIP |SKIP |NESTED| 1279 * | | | | |EIA3 | 3G |LOAD |LOAD | | 1280 * | | | | | |UIA2 |OUTER|INNER| | 1281 * + ===== + --- + --- + --- + --- + --- + --- + --- + ---- + 1282 */ 1283 1284 /* Bit 0 */ 1285 1286 #define QAT_FW_LA_AUTH_HDR_NESTED_BITPOS 0 1287 /**< @ingroup icp_qat_fw_comn 1288 * Bit position of the hash_flags bit to indicate the request 1289 * requires nested hashing 1290 */ 1291 #define ICP_QAT_FW_AUTH_HDR_FLAG_DO_NESTED 1 1292 /**< @ingroup icp_qat_fw_comn 1293 * Definition of the hash_flags bit to indicate the request 1294 * requires nested hashing */ 1295 1296 #define ICP_QAT_FW_AUTH_HDR_FLAG_NO_NESTED 0 1297 /**< @ingroup icp_qat_fw_comn 1298 * Definition of the hash_flags bit for no nested hashing 1299 * required */ 1300 1301 #define QAT_FW_LA_AUTH_HDR_NESTED_MASK 0x1 1302 /**< @ingroup icp_qat_fw_comn 1303 * Bit mask of the hash_flags bit to indicate the request 1304 * requires nested hashing 1305 */ 1306 1307 /* Bit 1 */ 1308 1309 #define QAT_FW_LA_SKIP_INNER_STATE1_LOAD_BITPOS 1 1310 /**< @ingroup icp_qat_fw_comn 1311 * Bit position of the Skipping Inner State1 Load bit */ 1312 1313 #define QAT_FW_LA_SKIP_INNER_STATE1_LOAD 1 1314 /**< @ingroup icp_qat_fw_comn 1315 * Value indicating the skipping of inner hash state load */ 1316 1317 #define QAT_FW_LA_NO_SKIP_INNER_STATE1_LOAD 0 1318 /**< @ingroup icp_qat_fw_comn 1319 * Value indicating the no skipping of inner hash state load */ 1320 1321 #define QAT_FW_LA_SKIP_INNER_STATE1_LOAD_MASK 0x1 1322 /**< @ingroup icp_qat_fw_comn 1323 * Bit mask of Skipping Inner State1 Load bit */ 1324 1325 /* Bit 2 */ 1326 1327 #define QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_BITPOS 2 1328 /**< @ingroup icp_qat_fw_comn 1329 * Bit position of the Skipping Outer State1 Load bit */ 1330 1331 #define QAT_FW_LA_SKIP_OUTER_STATE1_LOAD 1 1332 /**< @ingroup icp_qat_fw_comn 1333 * Value indicating the skipping of outer hash state load */ 1334 1335 #define QAT_FW_LA_NO_SKIP_OUTER_STATE1_LOAD 0 1336 /**< @ingroup icp_qat_fw_comn 1337 * Value indicating the no skipping of outer hash state load */ 1338 1339 #define QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_MASK 0x1 1340 /**< @ingroup icp_qat_fw_comn 1341 * Bit mask of Skipping Outer State1 Load bit */ 1342 1343 /* Bit 3 */ 1344 1345 #define QAT_FW_LA_SNOW3G_UIA2_BITPOS 3 1346 /**< @ingroup icp_cpm_fw_la 1347 * Bit position defining hash algorithm Snow3g-UIA2 */ 1348 1349 #define QAT_FW_LA_SNOW3G_UIA2 1 1350 /**< @ingroup icp_cpm_fw_la 1351 * Value indicating the use of hash algorithm Snow3g-UIA2 */ 1352 1353 #define QAT_FW_LA_SNOW3G_UIA2_MASK 0x1 1354 /**< @ingroup icp_qat_fw_la 1355 * One bit mask used to determine the use of hash algorithm Snow3g-UIA2 */ 1356 1357 /* Bit 4 */ 1358 1359 #define QAT_FW_LA_ZUC_EIA3_BITPOS 4 1360 /**< @ingroup icp_cpm_fw_la 1361 * Bit position defining hash algorithm ZUC-EIA3 */ 1362 1363 #define QAT_FW_LA_ZUC_EIA3 1 1364 /**< @ingroup icp_cpm_fw_la 1365 * Value indicating the use of hash algorithm ZUC-EIA3 */ 1366 1367 #define QAT_FW_LA_ZUC_EIA3_MASK 0x1 1368 /**< @ingroup icp_qat_fw_la 1369 * One bit mask used to determine the use of hash algorithm ZUC-EIA3 */ 1370 1371 /* Bit 5 */ 1372 1373 #define QAT_FW_LA_MODE2_BITPOS 5 1374 /**< @ingroup icp_qat_fw_comn 1375 * Bit position of the Mode 2 bit */ 1376 1377 #define QAT_FW_LA_MODE2 1 1378 /**< @ingroup icp_qat_fw_comn 1379 * Value indicating the Mode 2*/ 1380 1381 #define QAT_FW_LA_NO_MODE2 0 1382 /**< @ingroup icp_qat_fw_comn 1383 * Value indicating the no Mode 2*/ 1384 1385 #define QAT_FW_LA_MODE2_MASK 0x1 1386 /**< @ingroup icp_qat_fw_comn 1387 * Bit mask of Mode 2 */ 1388 1389 /* Macros for extracting hash flags */ 1390 1391 /** 1392 ****************************************************************************** 1393 * @ingroup icp_qat_fw_la 1394 * 1395 * @description 1396 * Macro for extraction of the "Nested" hash flag 1397 * 1398 * @param flags Hash Flags 1399 * @param val Value of the flag 1400 * 1401 *****************************************************************************/ 1402 #define ICP_QAT_FW_HASH_FLAG_AUTH_HDR_NESTED_GET(flags) \ 1403 QAT_FIELD_GET(flags, \ 1404 QAT_FW_LA_AUTH_HDR_NESTED_BITPOS, \ 1405 QAT_FW_LA_AUTH_HDR_NESTED_MASK) 1406 1407 /** 1408 ****************************************************************************** 1409 * @ingroup icp_qat_fw_la 1410 * 1411 * @description 1412 * Macro for extraction of the "Skipping Inner State1 Load state" hash flag 1413 * 1414 * @param flags Hash Flags 1415 * 1416 *****************************************************************************/ 1417 #define ICP_QAT_FW_HASH_FLAG_SKIP_INNER_STATE1_LOAD_GET(flags) \ 1418 QAT_FIELD_GET(flags, \ 1419 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_BITPOS, \ 1420 QAT_FW_LA_INNER_STATE1_LOAD_MASK) 1421 1422 /** 1423 ****************************************************************************** 1424 * Macro for setting the "Skipping Inner State1 Load" hash flag 1425 * 1426 * @param flags Hash Flags 1427 * @param val Value of the flag 1428 * 1429 *****************************************************************************/ 1430 #define ICP_QAT_FW_HASH_FLAG_SKIP_INNER_STATE1_LOAD_SET(flags, val) \ 1431 QAT_FIELD_SET(flags, \ 1432 val, \ 1433 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_BITPOS, \ 1434 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_MASK) 1435 1436 /** 1437 ****************************************************************************** 1438 * @ingroup icp_qat_fw_la 1439 * 1440 * @description 1441 * Macro for extraction of the "Skipping Outer State1 Load state" hash flag 1442 * 1443 * @param flags Hash Flags 1444 * 1445 *****************************************************************************/ 1446 #define ICP_QAT_FW_HASH_FLAG_SKIP_OUTER_STATE1_LOAD_GET(flags) \ 1447 QAT_FIELD_GET(flags, \ 1448 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_BITPOS, \ 1449 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_MASK) 1450 1451 /** 1452 ****************************************************************************** 1453 * @ingroup icp_qat_fw_la 1454 * 1455 * @description 1456 * Macro for setting the "Skipping Outer State1 Load" hash flag 1457 * 1458 * @param flags Hash Flags 1459 * @param val Value of the flag 1460 * 1461 *****************************************************************************/ 1462 #define ICP_QAT_FW_HASH_FLAG_SKIP_OUTER_STATE1_LOAD_SET(flags, val) \ 1463 QAT_FIELD_SET(flags, \ 1464 val, \ 1465 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_BITPOS, \ 1466 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_MASK) 1467 1468 /** 1469 ****************************************************************************** 1470 * @ingroup icp_qat_fw_la 1471 * 1472 * @description 1473 * Macro for extraction of the "Snow3g-UIA2" hash flag 1474 * 1475 * @param flags Hash Flags 1476 * @param val Value of the flag 1477 * 1478 *****************************************************************************/ 1479 #define ICP_QAT_FW_HASH_FLAG_SNOW3G_UIA2_GET(flags) \ 1480 QAT_FIELD_GET(flags, \ 1481 QAT_FW_LA_SNOW3G_UIA2_BITPOS, \ 1482 QAT_FW_LA_SNOW3G_UIA2_MASK) 1483 1484 /** 1485 ****************************************************************************** 1486 * @ingroup icp_qat_fw_la 1487 * 1488 * @description 1489 * Macro for extraction of the "ZUC-EIA3" hash flag 1490 * 1491 * @param flags Hash Flags 1492 * @param val Value of the flag 1493 * 1494 *****************************************************************************/ 1495 #define ICP_QAT_FW_HASH_FLAG_ZUC_EIA3_GET(flags) \ 1496 QAT_FIELD_GET(flags, QAT_FW_LA_ZUC_EIA3_BITPOS, QAT_FW_LA_ZUC_EIA3_MASK) 1497 1498 /* Macros for setting hash flags */ 1499 1500 /** 1501 ****************************************************************************** 1502 * @ingroup icp_qat_fw_la 1503 * 1504 * @description 1505 * Macro for setting the "Nested" hash flag 1506 * 1507 * @param flags Hash Flags 1508 * @param val Value of the flag 1509 * 1510 *****************************************************************************/ 1511 #define ICP_QAT_FW_HASH_FLAG_AUTH_HDR_NESTED_SET(flags, val) \ 1512 QAT_FIELD_SET(flags, \ 1513 val, \ 1514 QAT_FW_LA_AUTH_HDR_NESTED_BITPOS, \ 1515 QAT_FW_LA_AUTH_HDR_NESTED_MASK) 1516 1517 /** 1518 ****************************************************************************** 1519 * @ingroup icp_qat_fw_la 1520 * 1521 * @description 1522 * Macro for setting the "Skipping Inner State1 Load" hash flag 1523 * 1524 * @param flags Hash Flags 1525 * @param val Value of the flag 1526 * 1527 *****************************************************************************/ 1528 #define ICP_QAT_FW_HASH_FLAG_SKIP_INNER_STATE1_LOAD_SET(flags, val) \ 1529 QAT_FIELD_SET(flags, \ 1530 val, \ 1531 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_BITPOS, \ 1532 QAT_FW_LA_SKIP_INNER_STATE1_LOAD_MASK) 1533 1534 /** 1535 ****************************************************************************** 1536 * @ingroup icp_qat_fw_la 1537 * 1538 * @description 1539 * Macro for setting the "Skipping Outer State1 Load" hash flag 1540 * 1541 * @param flags Hash Flags 1542 * @param val Value of the flag 1543 * 1544 *****************************************************************************/ 1545 #define ICP_QAT_FW_HASH_FLAG_SKIP_OUTER_STATE1_LOAD_SET(flags, val) \ 1546 QAT_FIELD_SET(flags, \ 1547 val, \ 1548 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_BITPOS, \ 1549 QAT_FW_LA_SKIP_OUTER_STATE1_LOAD_MASK) 1550 1551 /** 1552 ****************************************************************************** 1553 * @ingroup icp_qat_fw_la 1554 * 1555 * @description 1556 * Macro for setting the "Snow3g-UIA2" hash flag 1557 * 1558 * @param flags Hash Flags 1559 * @param val Value of the flag 1560 * 1561 *****************************************************************************/ 1562 #define ICP_QAT_FW_HASH_FLAG_SNOW3G_UIA2_SET(flags, val) \ 1563 QAT_FIELD_SET(flags, \ 1564 val, \ 1565 QAT_FW_LA_SNOW3G_UIA2_BITPOS, \ 1566 QAT_FW_LA_SNOW3G_UIA2_MASK) 1567 1568 /** 1569 ****************************************************************************** 1570 * @ingroup icp_qat_fw_la 1571 * 1572 * @description 1573 * Macro for setting the "ZUC-EIA3" hash flag 1574 * 1575 * @param flags Hash Flags 1576 * @param val Value of the flag 1577 * 1578 *****************************************************************************/ 1579 #define ICP_QAT_FW_HASH_FLAG_ZUC_EIA3_SET(flags, val) \ 1580 QAT_FIELD_SET(flags, \ 1581 val, \ 1582 QAT_FW_LA_ZUC_EIA3_BITPOS, \ 1583 QAT_FW_LA_ZUC_EIA3_MASK) 1584 1585 /** 1586 ****************************************************************************** 1587 * @ingroup icp_qat_fw_la 1588 * 1589 * @description 1590 * Macro for setting the "Mode 2" hash flag 1591 * 1592 * @param flags Hash Flags 1593 * @param val Value of the flag 1594 * 1595 *****************************************************************************/ 1596 #define ICP_QAT_FW_HASH_FLAG_MODE2_SET(flags, val) \ 1597 QAT_FIELD_SET(flags, val, QAT_FW_LA_MODE2_BITPOS, QAT_FW_LA_MODE2_MASK) 1598 1599 #define ICP_QAT_FW_CCM_GCM_AAD_SZ_MAX 240 1600 #define ICP_QAT_FW_SPC_AAD_SZ_MAX 0x3FFF 1601 1602 /**< @ingroup icp_qat_fw_comn 1603 * Maximum size of AAD data allowed for CCM or GCM processing. AAD data size90 - 1604 * is stored in 8-bit field and must be multiple of hash block size. 240 is 1605 * largest value which satisfy both requirements.AAD_SZ_MAX is in byte units */ 1606 1607 /* 1608 * request parameter #defines 1609 */ 1610 #define ICP_QAT_FW_HASH_REQUEST_PARAMETERS_OFFSET (24) 1611 1612 /**< @ingroup icp_qat_fw_comn 1613 * Offset in bytes from the start of the request parameters block to the hash 1614 * (auth) request parameters */ 1615 1616 #define ICP_QAT_FW_CIPHER_REQUEST_PARAMETERS_OFFSET (0) 1617 /**< @ingroup icp_qat_fw_comn 1618 * Offset in bytes from the start of the request parameters block to the cipher 1619 * request parameters */ 1620 1621 /** 1622 ***************************************************************************** 1623 * @ingroup icp_qat_fw_la 1624 * Definition of the cipher request parameters block 1625 * 1626 * @description 1627 * Definition of the cipher processing request parameters block 1628 * structure, which forms part of the block incorporating LWs 14-26, 1629 * as defined by the common base parameters structure. 1630 * Unused fields must be set to 0. 1631 * 1632 *****************************************************************************/ 1633 /**< Pack compiler directive added to prevent the 1634 * compiler from padding this structure to a 64-bit boundary */ 1635 #pragma pack(push, 1) 1636 typedef struct icp_qat_fw_la_cipher_req_params_s { 1637 /**< LW 14 */ 1638 uint32_t cipher_offset; 1639 /**< Cipher offset long word. */ 1640 1641 /**< LW 15 */ 1642 uint32_t cipher_length; 1643 /**< Cipher length long word. */ 1644 1645 /**< LWs 16-19 */ 1646 union { 1647 uint32_t cipher_IV_array[ICP_QAT_FW_NUM_LONGWORDS_4]; 1648 /**< Cipher IV array */ 1649 1650 struct { 1651 uint64_t cipher_IV_ptr; 1652 /**< Cipher IV pointer or Partial State Pointer */ 1653 1654 uint64_t resrvd1; 1655 /**< reserved */ 1656 1657 } s; 1658 1659 } u; 1660 1661 /* LW 20 - 21 */ 1662 uint64_t spc_aad_addr; 1663 /**< Address of the AAD info in DRAM */ 1664 1665 /* LW 22 - 23 */ 1666 uint64_t spc_auth_res_addr; 1667 /**< Address of the authentication result information to validate or 1668 * the location to which the digest information can be written back to 1669 */ 1670 1671 /* LW 24 */ 1672 uint16_t spc_aad_sz; 1673 /**< Size in bytes of AAD data to prefix to the packet 1674 * for ChaChaPoly or GCM processing */ 1675 uint8_t reserved; 1676 /**< reserved */ 1677 uint8_t spc_auth_res_sz; 1678 /**< Size in bytes of the authentication result */ 1679 } icp_qat_fw_la_cipher_req_params_t; 1680 #pragma pack(pop) 1681 /** 1682 ***************************************************************************** 1683 * @ingroup icp_qat_fw_la 1684 * Definition of the auth request parameters block 1685 * @description 1686 * Definition of the authentication processing request parameters block 1687 * structure, which forms part of the block incorporating LWs 14-26, 1688 * as defined by the common base parameters structure. Note: 1689 * This structure is used by TLS only. 1690 * 1691 *****************************************************************************/ 1692 /**< Pack compiler directive added to prevent the 1693 * compiler from padding this structure to a 64-bit boundary */ 1694 #pragma pack(push, 1) 1695 1696 typedef struct icp_qat_fw_la_auth_req_params_s { 1697 1698 /**< LW 20 */ 1699 uint32_t auth_off; 1700 /**< Byte offset from the start of packet to the auth data region */ 1701 1702 /**< LW 21 */ 1703 uint32_t auth_len; 1704 /**< Byte length of the auth data region */ 1705 1706 /**< LWs 22-23 */ 1707 union { 1708 uint64_t auth_partial_st_prefix; 1709 /**< Address of the authentication partial state prefix 1710 * information */ 1711 1712 uint64_t aad_adr; 1713 /**< Address of the AAD info in DRAM. Used for the CCM and GCM 1714 * protocols */ 1715 1716 } u1; 1717 1718 /**< LWs 24-25 */ 1719 uint64_t auth_res_addr; 1720 /**< Address of the authentication result information to validate or 1721 * the location to which the digest information can be written back to 1722 */ 1723 1724 /**< LW 26 */ 1725 union { 1726 uint8_t inner_prefix_sz; 1727 /**< Size in bytes of the inner prefix data */ 1728 1729 uint8_t aad_sz; 1730 /**< Size in bytes of padded AAD data to prefix to the packet 1731 * for CCM or GCM processing */ 1732 } u2; 1733 1734 uint8_t resrvd1; 1735 /**< reserved */ 1736 1737 uint8_t hash_state_sz; 1738 /**< Number of quad words of inner and outer hash prefix data to process 1739 * Maximum size is 240 */ 1740 1741 uint8_t auth_res_sz; 1742 /**< Size in bytes of the authentication result */ 1743 1744 } icp_qat_fw_la_auth_req_params_t; 1745 1746 #pragma pack(pop) 1747 1748 /** 1749 ***************************************************************************** 1750 * @ingroup icp_qat_fw_la 1751 * Definition of the auth request parameters block 1752 * @description 1753 * Definition of the authentication processing request parameters block 1754 * structure, which forms part of the block incorporating LWs 14-26, 1755 * as defined by the common base parameters structure. Note: 1756 * This structure is used by SSL3 and MGF1 only. All fields other than 1757 * inner prefix/ AAD size are unused and therefore reserved. 1758 * 1759 *****************************************************************************/ 1760 typedef struct icp_qat_fw_la_auth_req_params_resrvd_flds_s { 1761 /**< LWs 20-25 */ 1762 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_6]; 1763 1764 /**< LW 26 */ 1765 union { 1766 uint8_t inner_prefix_sz; 1767 /**< Size in bytes of the inner prefix data */ 1768 1769 uint8_t aad_sz; 1770 /**< Size in bytes of padded AAD data to prefix to the packet 1771 * for CCM or GCM processing */ 1772 } u2; 1773 1774 uint8_t resrvd1; 1775 /**< reserved */ 1776 1777 uint16_t resrvd2; 1778 /**< reserved */ 1779 1780 } icp_qat_fw_la_auth_req_params_resrvd_flds_t; 1781 1782 /** 1783 ***************************************************************************** 1784 * @ingroup icp_qat_fw_la 1785 * Definition of the shared fields within the parameter block 1786 * containing SSL, TLS or MGF information. 1787 * @description 1788 * This structure defines the shared fields for SSL, TLS or MGF 1789 * within the parameter block incorporating LWs 14-26, as defined 1790 * by the common base parameters structure. 1791 * Unused fields must be set to 0. 1792 * 1793 *****************************************************************************/ 1794 typedef struct icp_qat_fw_la_key_gen_common_s { 1795 /**< LW 14 */ 1796 union { 1797 /**< SSL3 */ 1798 uint16_t secret_lgth_ssl; 1799 /**< Length of Secret information for SSL. In the case of TLS 1800 * the secret is supplied in the content descriptor */ 1801 1802 /**< MGF */ 1803 uint16_t mask_length; 1804 /**< Size in bytes of the desired output mask for MGF1*/ 1805 1806 /**< TLS */ 1807 uint16_t secret_lgth_tls; 1808 /**< TLS Secret length */ 1809 1810 } u; 1811 1812 union { 1813 /**< SSL3 */ 1814 struct { 1815 uint8_t output_lgth_ssl; 1816 /**< Output length */ 1817 1818 uint8_t label_lgth_ssl; 1819 /**< Label length */ 1820 1821 } s1; 1822 1823 /**< MGF */ 1824 struct { 1825 uint8_t hash_length; 1826 /**< Hash length */ 1827 1828 uint8_t seed_length; 1829 /**< Seed length */ 1830 1831 } s2; 1832 1833 /**< TLS */ 1834 struct { 1835 uint8_t output_lgth_tls; 1836 /**< Output length */ 1837 1838 uint8_t label_lgth_tls; 1839 /**< Label length */ 1840 1841 } s3; 1842 1843 /**< HKDF */ 1844 struct { 1845 uint8_t rsrvd1; 1846 /**< Unused */ 1847 1848 uint8_t info_length; 1849 /**< Info length. This is plain data, not wrapped in an 1850 * icp_qat_fw_hkdf_label structure. 1851 */ 1852 1853 } hkdf; 1854 1855 /**< HKDF Expand Label */ 1856 struct { 1857 uint8_t rsrvd1; 1858 /**< Unused */ 1859 1860 uint8_t num_labels; 1861 /**< Number of labels */ 1862 } hkdf_label; 1863 1864 } u1; 1865 1866 /**< LW 15 */ 1867 union { 1868 /**< SSL3 */ 1869 uint8_t iter_count; 1870 /**< Iteration count used by the SSL key gen request */ 1871 1872 /**< TLS */ 1873 uint8_t tls_seed_length; 1874 /**< TLS Seed length */ 1875 1876 /**< HKDF */ 1877 uint8_t hkdf_ikm_length; 1878 /**< Input keying material (IKM) length */ 1879 1880 uint8_t resrvd1; 1881 /**< Reserved field set to 0 for MGF1 */ 1882 1883 } u2; 1884 1885 union { 1886 /**< HKDF */ 1887 uint8_t hkdf_num_sublabels; 1888 /**< Number of subLabels in subLabel buffer, 0-4 */ 1889 1890 uint8_t resrvd2; 1891 /**< Reserved space - unused */ 1892 } u3; 1893 1894 uint16_t resrvd3; 1895 /**< Reserved space - unused */ 1896 1897 } icp_qat_fw_la_key_gen_common_t; 1898 1899 /** 1900 ***************************************************************************** 1901 * @ingroup icp_qat_fw_la 1902 * Definition of the SSL3 request parameters block 1903 * @description 1904 * This structure contains the SSL3 processing request parameters 1905 * incorporating LWs 14-26, as defined by the common base 1906 * parameters structure. Unused fields must be set to 0. 1907 * 1908 *****************************************************************************/ 1909 typedef struct icp_qat_fw_la_ssl3_req_params_s { 1910 /**< LWs 14-15 */ 1911 icp_qat_fw_la_key_gen_common_t keygen_comn; 1912 /**< For other key gen processing these field holds ssl, tls or mgf 1913 * parameters */ 1914 1915 /**< LW 16-25 */ 1916 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_10]; 1917 /**< Reserved */ 1918 1919 /**< LW 26 */ 1920 union { 1921 uint8_t inner_prefix_sz; 1922 /**< Size in bytes of the inner prefix data */ 1923 1924 uint8_t aad_sz; 1925 /**< Size in bytes of padded AAD data to prefix to the packet 1926 * for CCM or GCM processing */ 1927 } u2; 1928 1929 uint8_t resrvd1; 1930 /**< reserved */ 1931 1932 uint16_t resrvd2; 1933 /**< reserved */ 1934 1935 } icp_qat_fw_la_ssl3_req_params_t; 1936 1937 /** 1938 ***************************************************************************** 1939 * @ingroup icp_qat_fw_la 1940 * Definition of the MGF request parameters block 1941 * @description 1942 * This structure contains the MGF processing request parameters 1943 * incorporating LWs 14-26, as defined by the common base parameters 1944 * structure. Unused fields must be set to 0. 1945 * 1946 *****************************************************************************/ 1947 typedef struct icp_qat_fw_la_mgf_req_params_s { 1948 /**< LWs 14-15 */ 1949 icp_qat_fw_la_key_gen_common_t keygen_comn; 1950 /**< For other key gen processing these field holds ssl or mgf 1951 * parameters */ 1952 1953 /**< LW 16-25 */ 1954 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_10]; 1955 /**< Reserved */ 1956 1957 /**< LW 26 */ 1958 union { 1959 uint8_t inner_prefix_sz; 1960 /**< Size in bytes of the inner prefix data */ 1961 1962 uint8_t aad_sz; 1963 /**< Size in bytes of padded AAD data to prefix to the packet 1964 * for CCM or GCM processing */ 1965 } u2; 1966 1967 uint8_t resrvd1; 1968 /**< reserved */ 1969 1970 uint16_t resrvd2; 1971 /**< reserved */ 1972 1973 } icp_qat_fw_la_mgf_req_params_t; 1974 1975 /** 1976 ***************************************************************************** 1977 * @ingroup icp_qat_fw_la 1978 * Definition of the TLS request parameters block 1979 * @description 1980 * This structure contains the TLS processing request parameters 1981 * incorporating LWs 14-26, as defined by the common base parameters 1982 * structure. Unused fields must be set to 0. 1983 * 1984 *****************************************************************************/ 1985 typedef struct icp_qat_fw_la_tls_req_params_s { 1986 /**< LWs 14-15 */ 1987 icp_qat_fw_la_key_gen_common_t keygen_comn; 1988 /**< For other key gen processing these field holds ssl, tls or mgf 1989 * parameters */ 1990 1991 /**< LW 16-19 */ 1992 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_4]; 1993 /**< Reserved */ 1994 1995 } icp_qat_fw_la_tls_req_params_t; 1996 1997 /** 1998 ***************************************************************************** 1999 * @ingroup icp_qat_fw_la 2000 * Definition of the common QAT FW request middle block for TRNG. 2001 * @description 2002 * Common section of the request used across all of the services exposed 2003 * by the QAT FW. Each of the services inherit these common fields. TRNG 2004 * requires a specific implementation. 2005 * 2006 *****************************************************************************/ 2007 typedef struct icp_qat_fw_la_trng_req_mid_s { 2008 /**< LWs 6-13 */ 2009 uint64_t opaque_data; 2010 /**< Opaque data passed unmodified from the request to response messages 2011 * by firmware (fw) */ 2012 2013 uint64_t resrvd1; 2014 /**< Reserved, unused for TRNG */ 2015 2016 uint64_t dest_data_addr; 2017 /**< Generic definition of the destination data supplied to the QAT AE. 2018 * The common flags are used to further describe the attributes of this 2019 * field */ 2020 2021 uint32_t resrvd2; 2022 /** < Reserved, unused for TRNG */ 2023 2024 uint32_t entropy_length; 2025 /**< Size of the data in bytes to process. Used by the get_random 2026 * command. Set to 0 for commands that dont need a length parameter */ 2027 2028 } icp_qat_fw_la_trng_req_mid_t; 2029 2030 /** 2031 ***************************************************************************** 2032 * @ingroup icp_qat_fw_la 2033 * Definition of the common LA QAT FW TRNG request 2034 * @description 2035 * Definition of the TRNG processing request type 2036 * 2037 *****************************************************************************/ 2038 typedef struct icp_qat_fw_la_trng_req_s { 2039 /**< LWs 0-1 */ 2040 icp_qat_fw_comn_req_hdr_t comn_hdr; 2041 /**< Common request header */ 2042 2043 /**< LWs 2-5 */ 2044 icp_qat_fw_comn_req_hdr_cd_pars_t cd_pars; 2045 /**< Common Request content descriptor field which points either to a 2046 * content descriptor 2047 * parameter block or contains the service-specific data itself. */ 2048 2049 /**< LWs 6-13 */ 2050 icp_qat_fw_la_trng_req_mid_t comn_mid; 2051 /**< TRNG request middle section - differs from the common mid-section 2052 */ 2053 2054 /**< LWs 14-26 */ 2055 uint32_t resrvd1[ICP_QAT_FW_NUM_LONGWORDS_13]; 2056 2057 /**< LWs 27-31 */ 2058 uint32_t resrvd2[ICP_QAT_FW_NUM_LONGWORDS_5]; 2059 2060 } icp_qat_fw_la_trng_req_t; 2061 2062 /** 2063 ***************************************************************************** 2064 * @ingroup icp_qat_fw_la 2065 * Definition of the Lookaside Eagle Tail Response 2066 * @description 2067 * This is the response delivered to the ET rings by the Lookaside 2068 * QAT FW service for all commands 2069 * 2070 *****************************************************************************/ 2071 typedef struct icp_qat_fw_la_resp_s { 2072 /**< LWs 0-1 */ 2073 icp_qat_fw_comn_resp_hdr_t comn_resp; 2074 /**< Common interface response format see icp_qat_fw.h */ 2075 2076 /**< LWs 2-3 */ 2077 uint64_t opaque_data; 2078 /**< Opaque data passed from the request to the response message */ 2079 2080 /**< LWs 4-7 */ 2081 uint32_t resrvd[ICP_QAT_FW_NUM_LONGWORDS_4]; 2082 /**< Reserved */ 2083 2084 } icp_qat_fw_la_resp_t; 2085 2086 /** 2087 ***************************************************************************** 2088 * @ingroup icp_qat_fw_la 2089 * Definition of the Lookaside TRNG Test Status Structure 2090 * @description 2091 * As an addition to ICP_QAT_FW_LA_TRNG_STATUS Pass or Fail information 2092 * in common response fields, as a response to TRNG_TEST request, Test 2093 * status, Counter for failed tests and 4 entropy counter values are 2094 * sent 2095 * Status of test status and the fail counts. 2096 * 2097 * 2098 *****************************************************************************/ 2099 typedef struct icp_qat_fw_la_trng_test_result_s { 2100 uint32_t test_status_info; 2101 /**< TRNG comparator health test status& Validity information 2102 see Test Status Bit Fields below. */ 2103 2104 uint32_t test_status_fail_count; 2105 /**< TRNG comparator health test status, 32bit fail counter */ 2106 2107 uint64_t r_ent_ones_cnt; 2108 /**< Raw Entropy ones counter */ 2109 2110 uint64_t r_ent_zeros_cnt; 2111 /**< Raw Entropy zeros counter */ 2112 2113 uint64_t c_ent_ones_cnt; 2114 /**< Conditioned Entropy ones counter */ 2115 2116 uint64_t c_ent_zeros_cnt; 2117 /**< Conditioned Entropy zeros counter */ 2118 2119 uint64_t resrvd; 2120 /**< Reserved field must be set to zero */ 2121 2122 } icp_qat_fw_la_trng_test_result_t; 2123 2124 /** 2125 ***************************************************************************** 2126 * @ingroup icp_qat_fw_la 2127 * Definition of the Lookaside SSL Key Material Input 2128 * @description 2129 * This struct defines the layout of input parameters for the 2130 * SSL3 key generation (source flat buffer format) 2131 * 2132 *****************************************************************************/ 2133 typedef struct icp_qat_fw_la_ssl_key_material_input_s { 2134 uint64_t seed_addr; 2135 /**< Pointer to seed */ 2136 2137 uint64_t label_addr; 2138 /**< Pointer to label(s) */ 2139 2140 uint64_t secret_addr; 2141 /**< Pointer to secret */ 2142 2143 } icp_qat_fw_la_ssl_key_material_input_t; 2144 2145 /** 2146 ***************************************************************************** 2147 * @ingroup icp_qat_fw_la 2148 * Definition of the Lookaside TLS Key Material Input 2149 * @description 2150 * This struct defines the layout of input parameters for the 2151 * TLS key generation (source flat buffer format) 2152 * @note 2153 * Secret state value (S split into S1 and S2 parts) is supplied via 2154 * Content Descriptor. S1 is placed in an outer prefix buffer, and S2 2155 * inside the inner prefix buffer. 2156 * 2157 *****************************************************************************/ 2158 typedef struct icp_qat_fw_la_tls_key_material_input_s { 2159 uint64_t seed_addr; 2160 /**< Pointer to seed */ 2161 2162 uint64_t label_addr; 2163 /**< Pointer to label(s) */ 2164 2165 } icp_qat_fw_la_tls_key_material_input_t; 2166 2167 /** 2168 ***************************************************************************** 2169 * @ingroup icp_qat_fw_la 2170 * Definition of the Lookaside HKDF (TLS 1.3) Key Material Input 2171 * @description 2172 * This structure defines the source buffer for HKDF operations, which 2173 * must be provided in flat buffer format. 2174 * 2175 * The result will be returned in the destination buffer (flat format). 2176 * All generated key materials will be returned in a packed layout. Where 2177 * sublabel flags are specified, the result of the child expands will 2178 * immediately follow their parent. 2179 * 2180 * @note 2181 * TLS 1.3 / HKDF operations require only one key (either the Extract Salt 2182 * or the Expand PSK) which is placed in the inner prefix buffer. 2183 * 2184 *****************************************************************************/ 2185 typedef struct icp_qat_fw_la_hkdf_key_material_input_s { 2186 uint64_t ikm_addr; 2187 /**< Pointer to IKM (input keying material) */ 2188 2189 uint64_t labels_addr; 2190 /**< Pointer to labels buffer. 2191 * For HKDF Expand (without Label) this buffer contains the Info. 2192 * 2193 * For TLS 1.3 / HKDF Expand-Label this buffer contains up to 4 2194 * icp_qat_fw_hkdf_label structures, which will result in a 2195 * corresponding number of first level Expand-Label operations. 2196 * 2197 * For each of these operations, the result may become an input to child 2198 * Expand-Label operations as specified by the sublabel flags, where bit 2199 * 0 indicates a child Expand using label 0 from the sublabels buffer, 2200 * bit 1 indicates sublabel 1, and so on. In this way, up to 20 2201 * Expand-Label operations may be performed in one request. 2202 */ 2203 2204 uint64_t sublabels_addr; 2205 /**< Pointer to 0-4 sublabels for TLS 1.3, following the format 2206 * described for label_addr above. The buffer will typically contain 2207 * all 4 of the supported sublabels. 2208 * The sublabel flags defined for this context are as follows: 2209 * - QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS 2210 * - QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS 2211 * - QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS 2212 */ 2213 } icp_qat_fw_la_hkdf_key_material_input_t; 2214 2215 /** 2216 ****************************************************************************** 2217 * @ingroup icp_qat_fw_la 2218 * 2219 * @description 2220 * Macros using the bit position and mask to set/extract the next 2221 * and current id nibbles within the next_curr_id field of the 2222 * content descriptor header block, ONLY FOR CIPHER + AUTH COMBINED. 2223 * Note that for cipher only or authentication only, the common macros 2224 * need to be used. These are defined in the 'icp_qat_fw.h' common header 2225 * file, as they are used by compression, cipher and authentication. 2226 * 2227 * @param cd_ctrl_hdr_t Content descriptor control block header. 2228 * @param val Value of the field being set. 2229 * 2230 *****************************************************************************/ 2231 /** Cipher fields within Cipher + Authentication structure */ 2232 #define ICP_QAT_FW_CIPHER_NEXT_ID_GET(cd_ctrl_hdr_t) \ 2233 ((((cd_ctrl_hdr_t)->next_curr_id_cipher) & \ 2234 ICP_QAT_FW_COMN_NEXT_ID_MASK) >> \ 2235 (ICP_QAT_FW_COMN_NEXT_ID_BITPOS)) 2236 2237 #define ICP_QAT_FW_CIPHER_NEXT_ID_SET(cd_ctrl_hdr_t, val) \ 2238 (cd_ctrl_hdr_t)->next_curr_id_cipher = \ 2239 ((((cd_ctrl_hdr_t)->next_curr_id_cipher) & \ 2240 ICP_QAT_FW_COMN_CURR_ID_MASK) | \ 2241 ((val << ICP_QAT_FW_COMN_NEXT_ID_BITPOS) & \ 2242 ICP_QAT_FW_COMN_NEXT_ID_MASK)) 2243 2244 #define ICP_QAT_FW_CIPHER_CURR_ID_GET(cd_ctrl_hdr_t) \ 2245 (((cd_ctrl_hdr_t)->next_curr_id_cipher) & ICP_QAT_FW_COMN_CURR_ID_MASK) 2246 2247 #define ICP_QAT_FW_CIPHER_CURR_ID_SET(cd_ctrl_hdr_t, val) \ 2248 (cd_ctrl_hdr_t)->next_curr_id_cipher = \ 2249 ((((cd_ctrl_hdr_t)->next_curr_id_cipher) & \ 2250 ICP_QAT_FW_COMN_NEXT_ID_MASK) | \ 2251 ((val)&ICP_QAT_FW_COMN_CURR_ID_MASK)) 2252 2253 /** Authentication fields within Cipher + Authentication structure */ 2254 #define ICP_QAT_FW_AUTH_NEXT_ID_GET(cd_ctrl_hdr_t) \ 2255 ((((cd_ctrl_hdr_t)->next_curr_id_auth) & \ 2256 ICP_QAT_FW_COMN_NEXT_ID_MASK) >> \ 2257 (ICP_QAT_FW_COMN_NEXT_ID_BITPOS)) 2258 2259 #define ICP_QAT_FW_AUTH_NEXT_ID_SET(cd_ctrl_hdr_t, val) \ 2260 (cd_ctrl_hdr_t)->next_curr_id_auth = \ 2261 ((((cd_ctrl_hdr_t)->next_curr_id_auth) & \ 2262 ICP_QAT_FW_COMN_CURR_ID_MASK) | \ 2263 ((val << ICP_QAT_FW_COMN_NEXT_ID_BITPOS) & \ 2264 ICP_QAT_FW_COMN_NEXT_ID_MASK)) 2265 2266 #define ICP_QAT_FW_AUTH_CURR_ID_GET(cd_ctrl_hdr_t) \ 2267 (((cd_ctrl_hdr_t)->next_curr_id_auth) & ICP_QAT_FW_COMN_CURR_ID_MASK) 2268 2269 #define ICP_QAT_FW_AUTH_CURR_ID_SET(cd_ctrl_hdr_t, val) \ 2270 (cd_ctrl_hdr_t)->next_curr_id_auth = \ 2271 ((((cd_ctrl_hdr_t)->next_curr_id_auth) & \ 2272 ICP_QAT_FW_COMN_NEXT_ID_MASK) | \ 2273 ((val)&ICP_QAT_FW_COMN_CURR_ID_MASK)) 2274 2275 /* Definitions of the bits in the test_status_info of the TRNG_TEST response. 2276 * The values returned by the Lookaside service are given below 2277 * The Test result and Test Fail Count values are only valid if the Test 2278 * Results Valid (Tv) is set. 2279 * 2280 * TRNG Test Status Info 2281 * + ===== + ------------------------------------------------ + --- + --- + 2282 * | Bit | 31 - 2 | 1 | 0 | 2283 * + ===== + ------------------------------------------------ + --- + --- + 2284 * | Flags | RESERVED = 0 | Tv | Ts | 2285 * + ===== + ------------------------------------------------------------ + 2286 */ 2287 /****************************************************************************** 2288 * @ingroup icp_qat_fw_la 2289 * Definition of the Lookaside TRNG Test Status Information received as 2290 * a part of icp_qat_fw_la_trng_test_result_t 2291 * 2292 *****************************************************************************/ 2293 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_BITPOS 0 2294 /**< @ingroup icp_qat_fw_la 2295 * TRNG Test Result t_status field bit pos definition.*/ 2296 2297 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_MASK 0x1 2298 /**< @ingroup icp_qat_fw_la 2299 * TRNG Test Result t_status field mask definition.*/ 2300 2301 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_BITPOS 1 2302 /**< @ingroup icp_qat_fw_la 2303 * TRNG Test Result test results valid field bit pos definition.*/ 2304 2305 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_MASK 0x1 2306 /**< @ingroup icp_qat_fw_la 2307 * TRNG Test Result test results valid field mask definition.*/ 2308 2309 /****************************************************************************** 2310 * @ingroup icp_qat_fw_la 2311 * Definition of the Lookaside TRNG test_status values. 2312 * 2313 * 2314 *****************************************************************************/ 2315 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_VALID 1 2316 /**< @ingroup icp_qat_fw_la 2317 * TRNG TEST Response Test Results Valid Value.*/ 2318 2319 #define QAT_FW_LA_TRNG_TEST_STATUS_TV_NOT_VALID 0 2320 /**< @ingroup icp_qat_fw_la 2321 * TRNG TEST Response Test Results are NOT Valid Value.*/ 2322 2323 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_NO_FAILS 1 2324 /**< @ingroup icp_qat_fw_la 2325 * Value for TRNG Test status tests have NO FAILs Value.*/ 2326 2327 #define QAT_FW_LA_TRNG_TEST_STATUS_TS_HAS_FAILS 0 2328 /**< @ingroup icp_qat_fw_la 2329 * Value for TRNG Test status tests have one or more FAILS Value.*/ 2330 2331 /** 2332 ****************************************************************************** 2333 * @ingroup icp_qat_fw_la 2334 * 2335 * @description 2336 * Macro for extraction of the Test Status Field returned in the response 2337 * to TRNG TEST command. 2338 * 2339 * @param test_status 8 bit test_status value to extract the status bit 2340 * 2341 *****************************************************************************/ 2342 #define ICP_QAT_FW_LA_TRNG_TEST_STATUS_TS_FLD_GET(test_status) \ 2343 QAT_FIELD_GET(test_status, \ 2344 QAT_FW_LA_TRNG_TEST_STATUS_TS_BITPOS, \ 2345 QAT_FW_LA_TRNG_TEST_STATUS_TS_MASK) 2346 /** 2347 ****************************************************************************** 2348 * @ingroup icp_qat_fw_la 2349 * 2350 * @description 2351 * Macro for extraction of the Test Results Valid Field returned in the 2352 * response to TRNG TEST command. 2353 * 2354 * @param test_status 8 bit test_status value to extract the Tests 2355 * Results valid bit 2356 * 2357 *****************************************************************************/ 2358 #define ICP_QAT_FW_LA_TRNG_TEST_STATUS_TV_FLD_GET(test_status) \ 2359 QAT_FIELD_GET(test_status, \ 2360 QAT_FW_LA_TRNG_TEST_STATUS_TV_BITPOS, \ 2361 QAT_FW_LA_TRNG_TEST_STATUS_TV_MASK) 2362 2363 /* 2364 ****************************************************************************** 2365 * MGF Max supported input parameters 2366 ****************************************************************************** 2367 */ 2368 #define ICP_QAT_FW_LA_MGF_SEED_LEN_MAX 255 2369 /**< @ingroup icp_qat_fw_la 2370 * Maximum seed length for MGF1 request in bytes 2371 * Typical values may be 48, 64, 128 bytes (or any).*/ 2372 2373 #define ICP_QAT_FW_LA_MGF_MASK_LEN_MAX 65528 2374 /**< @ingroup icp_qat_fw_la 2375 * Maximum mask length for MGF1 request in bytes 2376 * Typical values may be 8 (64-bit), 16 (128-bit). MUST be quad word multiple */ 2377 2378 /* 2379 ****************************************************************************** 2380 * SSL Max supported input parameters 2381 ****************************************************************************** 2382 */ 2383 #define ICP_QAT_FW_LA_SSL_SECRET_LEN_MAX 512 2384 /**< @ingroup icp_qat_fw_la 2385 * Maximum secret length for SSL3 Key Gen request (bytes) */ 2386 2387 #define ICP_QAT_FW_LA_SSL_ITERATES_LEN_MAX 16 2388 /**< @ingroup icp_qat_fw_la 2389 * Maximum iterations for SSL3 Key Gen request (integer) */ 2390 2391 #define ICP_QAT_FW_LA_SSL_LABEL_LEN_MAX 136 2392 /**< @ingroup icp_qat_fw_la 2393 * Maximum label length for SSL3 Key Gen request (bytes) */ 2394 2395 #define ICP_QAT_FW_LA_SSL_SEED_LEN_MAX 64 2396 /**< @ingroup icp_qat_fw_la 2397 * Maximum seed length for SSL3 Key Gen request (bytes) */ 2398 2399 #define ICP_QAT_FW_LA_SSL_OUTPUT_LEN_MAX 248 2400 /**< @ingroup icp_qat_fw_la 2401 * Maximum output length for SSL3 Key Gen request (bytes) */ 2402 2403 /* 2404 ****************************************************************************** 2405 * TLS Max supported input parameters 2406 ****************************************************************************** 2407 */ 2408 #define ICP_QAT_FW_LA_TLS_SECRET_LEN_MAX 128 2409 /**< @ingroup icp_qat_fw_la 2410 * Maximum secret length for TLS Key Gen request (bytes) */ 2411 2412 #define ICP_QAT_FW_LA_TLS_V1_1_SECRET_LEN_MAX 128 2413 /**< @ingroup icp_qat_fw_la 2414 * Maximum secret length for TLS Key Gen request (bytes) */ 2415 2416 #define ICP_QAT_FW_LA_TLS_V1_2_SECRET_LEN_MAX 64 2417 /**< @ingroup icp_qat_fw_la 2418 * Maximum secret length for TLS Key Gen request (bytes) */ 2419 2420 #define ICP_QAT_FW_LA_TLS_LABEL_LEN_MAX 255 2421 /**< @ingroup icp_qat_fw_la 2422 * Maximum label length for TLS Key Gen request (bytes) */ 2423 2424 #define ICP_QAT_FW_LA_TLS_SEED_LEN_MAX 64 2425 /**< @ingroup icp_qat_fw_la 2426 * Maximum seed length for TLS Key Gen request (bytes) */ 2427 2428 #define ICP_QAT_FW_LA_TLS_OUTPUT_LEN_MAX 248 2429 /**< @ingroup icp_qat_fw_la 2430 * Maximum output length for TLS Key Gen request (bytes) */ 2431 2432 /* 2433 ****************************************************************************** 2434 * HKDF input parameters 2435 ****************************************************************************** 2436 */ 2437 2438 #define QAT_FW_HKDF_LABEL_BUFFER_SZ 78 2439 #define QAT_FW_HKDF_LABEL_LEN_SZ 1 2440 #define QAT_FW_HKDF_LABEL_FLAGS_SZ 1 2441 2442 #define QAT_FW_HKDF_LABEL_STRUCT_SZ \ 2443 (QAT_FW_HKDF_LABEL_BUFFER_SZ + QAT_FW_HKDF_LABEL_LEN_SZ + \ 2444 QAT_FW_HKDF_LABEL_FLAGS_SZ) 2445 2446 /** 2447 ***************************************************************************** 2448 * @ingroup icp_qat_fw_la 2449 * 2450 * @description 2451 * Wraps an RFC 8446 HkdfLabel with metadata for use in HKDF Expand-Label 2452 * operations. 2453 * 2454 *****************************************************************************/ 2455 struct icp_qat_fw_hkdf_label { 2456 uint8_t label[QAT_FW_HKDF_LABEL_BUFFER_SZ]; 2457 /**< Buffer containing an HkdfLabel as specified in RFC 8446 */ 2458 2459 uint8_t label_length; 2460 /**< The size of the HkdfLabel */ 2461 2462 union { 2463 uint8_t label_flags; 2464 /**< For first-level labels: each bit in [0..3] will trigger a 2465 * child Expand-Label operation on the corresponding sublabel. 2466 * Bits [4..7] are reserved. 2467 */ 2468 2469 uint8_t sublabel_flags; 2470 /**< For sublabels the following flags are defined: 2471 * - QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS 2472 * - QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS 2473 * - QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS 2474 */ 2475 } u; 2476 }; 2477 2478 #define ICP_QAT_FW_LA_HKDF_SECRET_LEN_MAX 64 2479 /**< Maximum secret length for HKDF request (bytes) */ 2480 2481 #define ICP_QAT_FW_LA_HKDF_IKM_LEN_MAX 64 2482 /**< Maximum IKM length for HKDF request (bytes) */ 2483 2484 #define QAT_FW_HKDF_MAX_LABELS 4 2485 /**< Maximum number of label structures allowed in the labels buffer */ 2486 2487 #define QAT_FW_HKDF_MAX_SUBLABELS 4 2488 /**< Maximum number of label structures allowed in the sublabels buffer */ 2489 2490 /* 2491 ****************************************************************************** 2492 * HKDF inner sublabel flags 2493 ****************************************************************************** 2494 */ 2495 2496 #define QAT_FW_HKDF_INNER_SUBLABEL_12_BYTE_OKM_BITPOS 0 2497 /**< Limit sublabel expand output to 12 bytes -- used with the "iv" sublabel */ 2498 2499 #define QAT_FW_HKDF_INNER_SUBLABEL_16_BYTE_OKM_BITPOS 1 2500 /**< Limit sublabel expand output to 16 bytes -- used with SHA-256 "key" */ 2501 2502 #define QAT_FW_HKDF_INNER_SUBLABEL_32_BYTE_OKM_BITPOS 2 2503 /**< Limit sublabel expand output to 32 bytes -- used with SHA-384 "key" */ 2504 2505 #endif /* _ICP_QAT_FW_LA_H_ */ 2506