xref: /freebsd/sys/dev/cxgbe/crypto/t4_crypto.h (revision c1d255d3ffdbe447de3ab875bf4e7d7accc5bfc5)
1 /*-
2  * Copyright (c) 2017 Chelsio Communications, Inc.
3  * All rights reserved.
4  * Written by: John Baldwin <jhb@FreeBSD.org>
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  *
27  * $FreeBSD$
28  */
29 
30 #ifndef __T4_CRYPTO_H__
31 #define	__T4_CRYPTO_H__
32 
33 /* From chr_core.h */
34 #define PAD_ERROR_BIT		1
35 #define CHK_PAD_ERR_BIT(x)	(((x) >> PAD_ERROR_BIT) & 1)
36 
37 #define MAC_ERROR_BIT		0
38 #define CHK_MAC_ERR_BIT(x)	(((x) >> MAC_ERROR_BIT) & 1)
39 #define MAX_SALT                4
40 
41 struct _key_ctx {
42 	__be32 ctx_hdr;
43 	u8 salt[MAX_SALT];
44 	__be64 reserverd;
45 	unsigned char key[0];
46 };
47 
48 struct chcr_wr {
49 	struct fw_crypto_lookaside_wr wreq;
50 	struct ulp_txpkt ulptx;
51 	struct ulptx_idata sc_imm;
52 	struct cpl_tx_sec_pdu sec_cpl;
53 	struct _key_ctx key_ctx;
54 };
55 
56 /* From chr_algo.h */
57 
58 /* Crypto key context */
59 #define S_KEY_CONTEXT_CTX_LEN           24
60 #define M_KEY_CONTEXT_CTX_LEN           0xff
61 #define V_KEY_CONTEXT_CTX_LEN(x)        ((x) << S_KEY_CONTEXT_CTX_LEN)
62 #define G_KEY_CONTEXT_CTX_LEN(x) \
63 	(((x) >> S_KEY_CONTEXT_CTX_LEN) & M_KEY_CONTEXT_CTX_LEN)
64 
65 #define S_KEY_CONTEXT_DUAL_CK      12
66 #define M_KEY_CONTEXT_DUAL_CK      0x1
67 #define V_KEY_CONTEXT_DUAL_CK(x)   ((x) << S_KEY_CONTEXT_DUAL_CK)
68 #define G_KEY_CONTEXT_DUAL_CK(x)   \
69 (((x) >> S_KEY_CONTEXT_DUAL_CK) & M_KEY_CONTEXT_DUAL_CK)
70 #define F_KEY_CONTEXT_DUAL_CK      V_KEY_CONTEXT_DUAL_CK(1U)
71 
72 #define S_KEY_CONTEXT_OPAD_PRESENT      11
73 #define M_KEY_CONTEXT_OPAD_PRESENT      0x1
74 #define V_KEY_CONTEXT_OPAD_PRESENT(x)   ((x) << S_KEY_CONTEXT_OPAD_PRESENT)
75 #define G_KEY_CONTEXT_OPAD_PRESENT(x)   \
76 	(((x) >> S_KEY_CONTEXT_OPAD_PRESENT) & \
77 	 M_KEY_CONTEXT_OPAD_PRESENT)
78 #define F_KEY_CONTEXT_OPAD_PRESENT      V_KEY_CONTEXT_OPAD_PRESENT(1U)
79 
80 #define S_KEY_CONTEXT_SALT_PRESENT      10
81 #define M_KEY_CONTEXT_SALT_PRESENT      0x1
82 #define V_KEY_CONTEXT_SALT_PRESENT(x)   ((x) << S_KEY_CONTEXT_SALT_PRESENT)
83 #define G_KEY_CONTEXT_SALT_PRESENT(x)   \
84 	(((x) >> S_KEY_CONTEXT_SALT_PRESENT) & \
85 	 M_KEY_CONTEXT_SALT_PRESENT)
86 #define F_KEY_CONTEXT_SALT_PRESENT      V_KEY_CONTEXT_SALT_PRESENT(1U)
87 
88 #define S_KEY_CONTEXT_CK_SIZE           6
89 #define M_KEY_CONTEXT_CK_SIZE           0xf
90 #define V_KEY_CONTEXT_CK_SIZE(x)        ((x) << S_KEY_CONTEXT_CK_SIZE)
91 #define G_KEY_CONTEXT_CK_SIZE(x)        \
92 	(((x) >> S_KEY_CONTEXT_CK_SIZE) & M_KEY_CONTEXT_CK_SIZE)
93 
94 #define S_KEY_CONTEXT_MK_SIZE           2
95 #define M_KEY_CONTEXT_MK_SIZE           0xf
96 #define V_KEY_CONTEXT_MK_SIZE(x)        ((x) << S_KEY_CONTEXT_MK_SIZE)
97 #define G_KEY_CONTEXT_MK_SIZE(x)        \
98 	(((x) >> S_KEY_CONTEXT_MK_SIZE) & M_KEY_CONTEXT_MK_SIZE)
99 
100 #define S_KEY_CONTEXT_VALID     0
101 #define M_KEY_CONTEXT_VALID     0x1
102 #define V_KEY_CONTEXT_VALID(x)  ((x) << S_KEY_CONTEXT_VALID)
103 #define G_KEY_CONTEXT_VALID(x)  \
104 	(((x) >> S_KEY_CONTEXT_VALID) & \
105 	 M_KEY_CONTEXT_VALID)
106 #define F_KEY_CONTEXT_VALID     V_KEY_CONTEXT_VALID(1U)
107 
108 #define CHCR_HASH_MAX_DIGEST_SIZE 64
109 
110 #define DUMMY_BYTES 16
111 
112 #define TRANSHDR_SIZE(kctx_len)\
113 	(sizeof(struct chcr_wr) +\
114 	 kctx_len)
115 #define CIPHER_TRANSHDR_SIZE(kctx_len, sge_pairs) \
116 	(TRANSHDR_SIZE((kctx_len)) + (sge_pairs) +\
117 	 sizeof(struct cpl_rx_phys_dsgl))
118 #define HASH_TRANSHDR_SIZE(kctx_len)\
119 	(TRANSHDR_SIZE(kctx_len) + DUMMY_BYTES)
120 
121 #define CRYPTO_MAX_IMM_TX_PKT_LEN 256
122 
123 struct phys_sge_pairs {
124 	__be16 len[8];
125 	__be64 addr[8];
126 };
127 
128 /* From chr_crypto.h */
129 #define CCM_B0_SIZE             16
130 #define CCM_AAD_FIELD_SIZE      2
131 
132 #define CHCR_AES_MAX_KEY_LEN  (AES_XTS_MAX_KEY)
133 #define CHCR_MAX_CRYPTO_IV_LEN 16 /* AES IV len */
134 
135 #define CHCR_ENCRYPT_OP 0
136 #define CHCR_DECRYPT_OP 1
137 
138 #define SCMD_ENCDECCTRL_ENCRYPT 0
139 #define SCMD_ENCDECCTRL_DECRYPT 1
140 
141 #define SCMD_PROTO_VERSION_TLS_1_2 0
142 #define SCMD_PROTO_VERSION_TLS_1_1 1
143 #define SCMD_PROTO_VERSION_GENERIC 4
144 
145 #define SCMD_CIPH_MODE_NOP               0
146 #define SCMD_CIPH_MODE_AES_CBC           1
147 #define SCMD_CIPH_MODE_AES_GCM           2
148 #define SCMD_CIPH_MODE_AES_CTR           3
149 #define SCMD_CIPH_MODE_GENERIC_AES       4
150 #define SCMD_CIPH_MODE_AES_XTS           6
151 #define SCMD_CIPH_MODE_AES_CCM           7
152 
153 #define SCMD_AUTH_MODE_NOP             0
154 #define SCMD_AUTH_MODE_SHA1            1
155 #define SCMD_AUTH_MODE_SHA224          2
156 #define SCMD_AUTH_MODE_SHA256          3
157 #define SCMD_AUTH_MODE_GHASH           4
158 #define SCMD_AUTH_MODE_SHA512_224      5
159 #define SCMD_AUTH_MODE_SHA512_256      6
160 #define SCMD_AUTH_MODE_SHA512_384      7
161 #define SCMD_AUTH_MODE_SHA512_512      8
162 #define SCMD_AUTH_MODE_CBCMAC          9
163 #define SCMD_AUTH_MODE_CMAC            10
164 
165 #define SCMD_HMAC_CTRL_NOP             0
166 #define SCMD_HMAC_CTRL_NO_TRUNC        1
167 #define SCMD_HMAC_CTRL_TRUNC_RFC4366   2
168 #define SCMD_HMAC_CTRL_IPSEC_96BIT     3
169 #define SCMD_HMAC_CTRL_PL1             4
170 #define SCMD_HMAC_CTRL_PL2             5
171 #define SCMD_HMAC_CTRL_PL3             6
172 #define SCMD_HMAC_CTRL_DIV2            7
173 
174 /* This are not really mac key size. They are intermediate values
175  * of sha engine and its size
176  */
177 #define CHCR_KEYCTX_MAC_KEY_SIZE_128        0
178 #define CHCR_KEYCTX_MAC_KEY_SIZE_160        1
179 #define CHCR_KEYCTX_MAC_KEY_SIZE_192        2
180 #define CHCR_KEYCTX_MAC_KEY_SIZE_256        3
181 #define CHCR_KEYCTX_MAC_KEY_SIZE_512        4
182 #define CHCR_KEYCTX_CIPHER_KEY_SIZE_128     0
183 #define CHCR_KEYCTX_CIPHER_KEY_SIZE_192     1
184 #define CHCR_KEYCTX_CIPHER_KEY_SIZE_256     2
185 #define CHCR_KEYCTX_NO_KEY                  15
186 
187 #define IV_NOP                  0
188 #define IV_IMMEDIATE            1
189 #define IV_DSGL			2
190 
191 #define CHCR_HASH_MAX_BLOCK_SIZE_64  64
192 #define CHCR_HASH_MAX_BLOCK_SIZE_128 128
193 
194 /*
195  * TODO: Should coalesce ccr's key context with the TLS key context.
196  * Lookaside requests use the TX context header.
197  */
198 
199 struct tls_key_req {
200 	/* FW_ULPTX_WR */
201 	__be32 wr_hi;
202 	__be32 wr_mid;
203         __be32 ftid;
204         __u8   reneg_to_write_rx;
205         __u8   protocol;
206         __be16 mfs;
207 	/* master command */
208 	__be32 cmd;
209 	__be32 len16;             /* command length */
210 	__be32 dlen;              /* data length in 32-byte units */
211 	__be32 kaddr;
212 	/* sub-command */
213 	__be32 sc_more;
214 	__be32 sc_len;
215 }__packed;
216 
217 struct tls_keyctx {
218         union key_ctx {
219                 struct tx_keyctx_hdr {
220                         __u8   ctxlen;
221                         __u8   r2;
222                         __be16 dualck_to_txvalid;
223                         __u8   txsalt[4];
224                         __be64 r5;
225                 } txhdr;
226                 struct rx_keyctx_hdr {
227                         __u8   flitcnt_hmacctrl;
228                         __u8   protover_ciphmode;
229                         __u8   authmode_to_rxvalid;
230                         __u8   ivpresent_to_rxmk_size;
231                         __u8   rxsalt[4];
232                         __be64 ivinsert_to_authinsrt;
233                 } rxhdr;
234         } u;
235         struct keys {
236                 __u8   edkey[32];
237                 __u8   ipad[64];
238                 __u8   opad[64];
239         } keys;
240 };
241 
242 #define SALT_SIZE		4
243 
244 #define	TLS_KEY_CONTEXT_SZ	roundup2(sizeof(struct tls_keyctx), 32)
245 
246 #define	TLS_KEY_WR_SZ							\
247 	roundup2(sizeof(struct tls_key_req) + TLS_KEY_CONTEXT_SZ, 16)
248 
249 #endif /* !__T4_CRYPTO_H__ */
250