1b2441318SGreg Kroah-Hartman /* SPDX-License-Identifier: GPL-2.0 */ 2a23d80e0SHemant Agrawal /* 3a23d80e0SHemant Agrawal * CAAM Protocol Data Block (PDB) definition header file 4a23d80e0SHemant Agrawal * 58c419778STudor Ambarus * Copyright 2008-2016 Freescale Semiconductor, Inc. 6a23d80e0SHemant Agrawal * 7a23d80e0SHemant Agrawal */ 8a23d80e0SHemant Agrawal 9a23d80e0SHemant Agrawal #ifndef CAAM_PDB_H 10a23d80e0SHemant Agrawal #define CAAM_PDB_H 118c419778STudor Ambarus #include "compat.h" 12a23d80e0SHemant Agrawal 13a23d80e0SHemant Agrawal /* 14a23d80e0SHemant Agrawal * PDB- IPSec ESP Header Modification Options 15a23d80e0SHemant Agrawal */ 16261ea058SHoria Geantă #define PDBHMO_ESP_DECAP_SHIFT 28 17261ea058SHoria Geantă #define PDBHMO_ESP_ENCAP_SHIFT 28 18a23d80e0SHemant Agrawal /* 19a23d80e0SHemant Agrawal * Encap and Decap - Decrement TTL (Hop Limit) - Based on the value of the 20a23d80e0SHemant Agrawal * Options Byte IP version (IPvsn) field: 21a23d80e0SHemant Agrawal * if IPv4, decrement the inner IP header TTL field (byte 8); 22a23d80e0SHemant Agrawal * if IPv6 decrement the inner IP header Hop Limit field (byte 7). 23a23d80e0SHemant Agrawal */ 24a23d80e0SHemant Agrawal #define PDBHMO_ESP_DECAP_DEC_TTL (0x02 << PDBHMO_ESP_DECAP_SHIFT) 25a23d80e0SHemant Agrawal #define PDBHMO_ESP_ENCAP_DEC_TTL (0x02 << PDBHMO_ESP_ENCAP_SHIFT) 26a23d80e0SHemant Agrawal /* 27a23d80e0SHemant Agrawal * Decap - DiffServ Copy - Copy the IPv4 TOS or IPv6 Traffic Class byte 28a23d80e0SHemant Agrawal * from the outer IP header to the inner IP header. 29a23d80e0SHemant Agrawal */ 30a23d80e0SHemant Agrawal #define PDBHMO_ESP_DIFFSERV (0x01 << PDBHMO_ESP_DECAP_SHIFT) 31a23d80e0SHemant Agrawal /* 32a23d80e0SHemant Agrawal * Encap- Copy DF bit -if an IPv4 tunnel mode outer IP header is coming from 33a23d80e0SHemant Agrawal * the PDB, copy the DF bit from the inner IP header to the outer IP header. 34a23d80e0SHemant Agrawal */ 35a23d80e0SHemant Agrawal #define PDBHMO_ESP_DFBIT (0x04 << PDBHMO_ESP_ENCAP_SHIFT) 36a23d80e0SHemant Agrawal 37261ea058SHoria Geantă #define PDBNH_ESP_ENCAP_SHIFT 16 38261ea058SHoria Geantă #define PDBNH_ESP_ENCAP_MASK (0xff << PDBNH_ESP_ENCAP_SHIFT) 39261ea058SHoria Geantă 40261ea058SHoria Geantă #define PDBHDRLEN_ESP_DECAP_SHIFT 16 41261ea058SHoria Geantă #define PDBHDRLEN_MASK (0x0fff << PDBHDRLEN_ESP_DECAP_SHIFT) 42261ea058SHoria Geantă 43261ea058SHoria Geantă #define PDB_NH_OFFSET_SHIFT 8 44261ea058SHoria Geantă #define PDB_NH_OFFSET_MASK (0xff << PDB_NH_OFFSET_SHIFT) 45261ea058SHoria Geantă 46a23d80e0SHemant Agrawal /* 47a23d80e0SHemant Agrawal * PDB - IPSec ESP Encap/Decap Options 48a23d80e0SHemant Agrawal */ 49a23d80e0SHemant Agrawal #define PDBOPTS_ESP_ARSNONE 0x00 /* no antireplay window */ 50a23d80e0SHemant Agrawal #define PDBOPTS_ESP_ARS32 0x40 /* 32-entry antireplay window */ 51261ea058SHoria Geantă #define PDBOPTS_ESP_ARS128 0x80 /* 128-entry antireplay window */ 52a23d80e0SHemant Agrawal #define PDBOPTS_ESP_ARS64 0xc0 /* 64-entry antireplay window */ 53261ea058SHoria Geantă #define PDBOPTS_ESP_ARS_MASK 0xc0 /* antireplay window mask */ 54a23d80e0SHemant Agrawal #define PDBOPTS_ESP_IVSRC 0x20 /* IV comes from internal random gen */ 55a23d80e0SHemant Agrawal #define PDBOPTS_ESP_ESN 0x10 /* extended sequence included */ 56a23d80e0SHemant Agrawal #define PDBOPTS_ESP_OUTFMT 0x08 /* output only decapsulation (decap) */ 57a23d80e0SHemant Agrawal #define PDBOPTS_ESP_IPHDRSRC 0x08 /* IP header comes from PDB (encap) */ 58a23d80e0SHemant Agrawal #define PDBOPTS_ESP_INCIPHDR 0x04 /* Prepend IP header to output frame */ 59a23d80e0SHemant Agrawal #define PDBOPTS_ESP_IPVSN 0x02 /* process IPv6 header */ 60da64e358SAndrei Varvara #define PDBOPTS_ESP_AOFL 0x04 /* adjust out frame len (decap, SEC>=5.3)*/ 61a23d80e0SHemant Agrawal #define PDBOPTS_ESP_TUNNEL 0x01 /* tunnel mode next-header byte */ 62a23d80e0SHemant Agrawal #define PDBOPTS_ESP_IPV6 0x02 /* ip header version is V6 */ 63a23d80e0SHemant Agrawal #define PDBOPTS_ESP_DIFFSERV 0x40 /* copy TOS/TC from inner iphdr */ 64a23d80e0SHemant Agrawal #define PDBOPTS_ESP_UPDATE_CSUM 0x80 /* encap-update ip header checksum */ 65a23d80e0SHemant Agrawal #define PDBOPTS_ESP_VERIFY_CSUM 0x20 /* decap-validate ip header checksum */ 66a23d80e0SHemant Agrawal 67a23d80e0SHemant Agrawal /* 68a23d80e0SHemant Agrawal * General IPSec encap/decap PDB definitions 69a23d80e0SHemant Agrawal */ 70261ea058SHoria Geantă 71261ea058SHoria Geantă /** 72261ea058SHoria Geantă * ipsec_encap_cbc - PDB part for IPsec CBC encapsulation 73261ea058SHoria Geantă * @iv: 16-byte array initialization vector 74261ea058SHoria Geantă */ 75a23d80e0SHemant Agrawal struct ipsec_encap_cbc { 76261ea058SHoria Geantă u8 iv[16]; 77a23d80e0SHemant Agrawal }; 78a23d80e0SHemant Agrawal 79261ea058SHoria Geantă /** 80261ea058SHoria Geantă * ipsec_encap_ctr - PDB part for IPsec CTR encapsulation 81261ea058SHoria Geantă * @ctr_nonce: 4-byte array nonce 82261ea058SHoria Geantă * @ctr_initial: initial count constant 83261ea058SHoria Geantă * @iv: initialization vector 84261ea058SHoria Geantă */ 85a23d80e0SHemant Agrawal struct ipsec_encap_ctr { 86261ea058SHoria Geantă u8 ctr_nonce[4]; 87a23d80e0SHemant Agrawal u32 ctr_initial; 88261ea058SHoria Geantă u64 iv; 89a23d80e0SHemant Agrawal }; 90a23d80e0SHemant Agrawal 91261ea058SHoria Geantă /** 92261ea058SHoria Geantă * ipsec_encap_ccm - PDB part for IPsec CCM encapsulation 93261ea058SHoria Geantă * @salt: 3-byte array salt (lower 24 bits) 94261ea058SHoria Geantă * @ccm_opt: CCM algorithm options - MSB-LSB description: 95261ea058SHoria Geantă * b0_flags (8b) - CCM B0; use 0x5B for 8-byte ICV, 0x6B for 12-byte ICV, 96261ea058SHoria Geantă * 0x7B for 16-byte ICV (cf. RFC4309, RFC3610) 97261ea058SHoria Geantă * ctr_flags (8b) - counter flags; constant equal to 0x3 98261ea058SHoria Geantă * ctr_initial (16b) - initial count constant 99261ea058SHoria Geantă * @iv: initialization vector 100261ea058SHoria Geantă */ 101a23d80e0SHemant Agrawal struct ipsec_encap_ccm { 102261ea058SHoria Geantă u8 salt[4]; 103261ea058SHoria Geantă u32 ccm_opt; 104261ea058SHoria Geantă u64 iv; 105a23d80e0SHemant Agrawal }; 106a23d80e0SHemant Agrawal 107261ea058SHoria Geantă /** 108261ea058SHoria Geantă * ipsec_encap_gcm - PDB part for IPsec GCM encapsulation 109261ea058SHoria Geantă * @salt: 3-byte array salt (lower 24 bits) 110261ea058SHoria Geantă * @rsvd: reserved, do not use 111261ea058SHoria Geantă * @iv: initialization vector 112261ea058SHoria Geantă */ 113a23d80e0SHemant Agrawal struct ipsec_encap_gcm { 114261ea058SHoria Geantă u8 salt[4]; 115a23d80e0SHemant Agrawal u32 rsvd1; 116261ea058SHoria Geantă u64 iv; 117a23d80e0SHemant Agrawal }; 118a23d80e0SHemant Agrawal 119261ea058SHoria Geantă /** 120261ea058SHoria Geantă * ipsec_encap_pdb - PDB for IPsec encapsulation 121261ea058SHoria Geantă * @options: MSB-LSB description 122261ea058SHoria Geantă * hmo (header manipulation options) - 4b 123261ea058SHoria Geantă * reserved - 4b 124261ea058SHoria Geantă * next header - 8b 125261ea058SHoria Geantă * next header offset - 8b 126261ea058SHoria Geantă * option flags (depend on selected algorithm) - 8b 127261ea058SHoria Geantă * @seq_num_ext_hi: (optional) IPsec Extended Sequence Number (ESN) 128261ea058SHoria Geantă * @seq_num: IPsec sequence number 129261ea058SHoria Geantă * @spi: IPsec SPI (Security Parameters Index) 130261ea058SHoria Geantă * @ip_hdr_len: optional IP Header length (in bytes) 131261ea058SHoria Geantă * reserved - 16b 132261ea058SHoria Geantă * Opt. IP Hdr Len - 16b 133261ea058SHoria Geantă * @ip_hdr: optional IP Header content 134261ea058SHoria Geantă */ 135a23d80e0SHemant Agrawal struct ipsec_encap_pdb { 136261ea058SHoria Geantă u32 options; 137a23d80e0SHemant Agrawal u32 seq_num_ext_hi; 138a23d80e0SHemant Agrawal u32 seq_num; 139a23d80e0SHemant Agrawal union { 140a23d80e0SHemant Agrawal struct ipsec_encap_cbc cbc; 141a23d80e0SHemant Agrawal struct ipsec_encap_ctr ctr; 142a23d80e0SHemant Agrawal struct ipsec_encap_ccm ccm; 143a23d80e0SHemant Agrawal struct ipsec_encap_gcm gcm; 144a23d80e0SHemant Agrawal }; 145a23d80e0SHemant Agrawal u32 spi; 146261ea058SHoria Geantă u32 ip_hdr_len; 147*5224f790SGustavo A. R. Silva u32 ip_hdr[]; 148a23d80e0SHemant Agrawal }; 149a23d80e0SHemant Agrawal 150261ea058SHoria Geantă /** 151261ea058SHoria Geantă * ipsec_decap_cbc - PDB part for IPsec CBC decapsulation 152261ea058SHoria Geantă * @rsvd: reserved, do not use 153261ea058SHoria Geantă */ 154a23d80e0SHemant Agrawal struct ipsec_decap_cbc { 155a23d80e0SHemant Agrawal u32 rsvd[2]; 156a23d80e0SHemant Agrawal }; 157a23d80e0SHemant Agrawal 158261ea058SHoria Geantă /** 159261ea058SHoria Geantă * ipsec_decap_ctr - PDB part for IPsec CTR decapsulation 160261ea058SHoria Geantă * @ctr_nonce: 4-byte array nonce 161261ea058SHoria Geantă * @ctr_initial: initial count constant 162261ea058SHoria Geantă */ 163a23d80e0SHemant Agrawal struct ipsec_decap_ctr { 164261ea058SHoria Geantă u8 ctr_nonce[4]; 165a23d80e0SHemant Agrawal u32 ctr_initial; 166a23d80e0SHemant Agrawal }; 167a23d80e0SHemant Agrawal 168261ea058SHoria Geantă /** 169261ea058SHoria Geantă * ipsec_decap_ccm - PDB part for IPsec CCM decapsulation 170261ea058SHoria Geantă * @salt: 3-byte salt (lower 24 bits) 171261ea058SHoria Geantă * @ccm_opt: CCM algorithm options - MSB-LSB description: 172261ea058SHoria Geantă * b0_flags (8b) - CCM B0; use 0x5B for 8-byte ICV, 0x6B for 12-byte ICV, 173261ea058SHoria Geantă * 0x7B for 16-byte ICV (cf. RFC4309, RFC3610) 174261ea058SHoria Geantă * ctr_flags (8b) - counter flags; constant equal to 0x3 175261ea058SHoria Geantă * ctr_initial (16b) - initial count constant 176261ea058SHoria Geantă */ 177a23d80e0SHemant Agrawal struct ipsec_decap_ccm { 178261ea058SHoria Geantă u8 salt[4]; 179261ea058SHoria Geantă u32 ccm_opt; 180a23d80e0SHemant Agrawal }; 181a23d80e0SHemant Agrawal 182261ea058SHoria Geantă /** 183261ea058SHoria Geantă * ipsec_decap_gcm - PDB part for IPsec GCN decapsulation 184261ea058SHoria Geantă * @salt: 4-byte salt 185261ea058SHoria Geantă * @rsvd: reserved, do not use 186261ea058SHoria Geantă */ 187a23d80e0SHemant Agrawal struct ipsec_decap_gcm { 188261ea058SHoria Geantă u8 salt[4]; 189a23d80e0SHemant Agrawal u32 resvd; 190a23d80e0SHemant Agrawal }; 191a23d80e0SHemant Agrawal 192261ea058SHoria Geantă /** 193261ea058SHoria Geantă * ipsec_decap_pdb - PDB for IPsec decapsulation 194261ea058SHoria Geantă * @options: MSB-LSB description 195261ea058SHoria Geantă * hmo (header manipulation options) - 4b 196261ea058SHoria Geantă * IP header length - 12b 197261ea058SHoria Geantă * next header offset - 8b 198261ea058SHoria Geantă * option flags (depend on selected algorithm) - 8b 199261ea058SHoria Geantă * @seq_num_ext_hi: (optional) IPsec Extended Sequence Number (ESN) 200261ea058SHoria Geantă * @seq_num: IPsec sequence number 201261ea058SHoria Geantă * @anti_replay: Anti-replay window; size depends on ARS (option flags) 202261ea058SHoria Geantă */ 203a23d80e0SHemant Agrawal struct ipsec_decap_pdb { 204261ea058SHoria Geantă u32 options; 205a23d80e0SHemant Agrawal union { 206a23d80e0SHemant Agrawal struct ipsec_decap_cbc cbc; 207a23d80e0SHemant Agrawal struct ipsec_decap_ctr ctr; 208a23d80e0SHemant Agrawal struct ipsec_decap_ccm ccm; 209a23d80e0SHemant Agrawal struct ipsec_decap_gcm gcm; 210a23d80e0SHemant Agrawal }; 211a23d80e0SHemant Agrawal u32 seq_num_ext_hi; 212a23d80e0SHemant Agrawal u32 seq_num; 213261ea058SHoria Geantă __be32 anti_replay[4]; 214a23d80e0SHemant Agrawal }; 215a23d80e0SHemant Agrawal 216a23d80e0SHemant Agrawal /* 217a23d80e0SHemant Agrawal * IPSec ESP Datapath Protocol Override Register (DPOVRD) 218a23d80e0SHemant Agrawal */ 219a23d80e0SHemant Agrawal struct ipsec_deco_dpovrd { 220a23d80e0SHemant Agrawal #define IPSEC_ENCAP_DECO_DPOVRD_USE 0x80 221a23d80e0SHemant Agrawal u8 ovrd_ecn; 222a23d80e0SHemant Agrawal u8 ip_hdr_len; 223a23d80e0SHemant Agrawal u8 nh_offset; 224a23d80e0SHemant Agrawal u8 next_header; /* reserved if decap */ 225a23d80e0SHemant Agrawal }; 226a23d80e0SHemant Agrawal 227a23d80e0SHemant Agrawal /* 228a23d80e0SHemant Agrawal * IEEE 802.11i WiFi Protocol Data Block 229a23d80e0SHemant Agrawal */ 230a23d80e0SHemant Agrawal #define WIFI_PDBOPTS_FCS 0x01 231a23d80e0SHemant Agrawal #define WIFI_PDBOPTS_AR 0x40 232a23d80e0SHemant Agrawal 233a23d80e0SHemant Agrawal struct wifi_encap_pdb { 234a23d80e0SHemant Agrawal u16 mac_hdr_len; 235a23d80e0SHemant Agrawal u8 rsvd; 236a23d80e0SHemant Agrawal u8 options; 237a23d80e0SHemant Agrawal u8 iv_flags; 238a23d80e0SHemant Agrawal u8 pri; 239a23d80e0SHemant Agrawal u16 pn1; 240a23d80e0SHemant Agrawal u32 pn2; 241a23d80e0SHemant Agrawal u16 frm_ctrl_mask; 242a23d80e0SHemant Agrawal u16 seq_ctrl_mask; 243a23d80e0SHemant Agrawal u8 rsvd1[2]; 244a23d80e0SHemant Agrawal u8 cnst; 245a23d80e0SHemant Agrawal u8 key_id; 246a23d80e0SHemant Agrawal u8 ctr_flags; 247a23d80e0SHemant Agrawal u8 rsvd2; 248a23d80e0SHemant Agrawal u16 ctr_init; 249a23d80e0SHemant Agrawal }; 250a23d80e0SHemant Agrawal 251a23d80e0SHemant Agrawal struct wifi_decap_pdb { 252a23d80e0SHemant Agrawal u16 mac_hdr_len; 253a23d80e0SHemant Agrawal u8 rsvd; 254a23d80e0SHemant Agrawal u8 options; 255a23d80e0SHemant Agrawal u8 iv_flags; 256a23d80e0SHemant Agrawal u8 pri; 257a23d80e0SHemant Agrawal u16 pn1; 258a23d80e0SHemant Agrawal u32 pn2; 259a23d80e0SHemant Agrawal u16 frm_ctrl_mask; 260a23d80e0SHemant Agrawal u16 seq_ctrl_mask; 261a23d80e0SHemant Agrawal u8 rsvd1[4]; 262a23d80e0SHemant Agrawal u8 ctr_flags; 263a23d80e0SHemant Agrawal u8 rsvd2; 264a23d80e0SHemant Agrawal u16 ctr_init; 265a23d80e0SHemant Agrawal }; 266a23d80e0SHemant Agrawal 267a23d80e0SHemant Agrawal /* 268a23d80e0SHemant Agrawal * IEEE 802.16 WiMAX Protocol Data Block 269a23d80e0SHemant Agrawal */ 270a23d80e0SHemant Agrawal #define WIMAX_PDBOPTS_FCS 0x01 271a23d80e0SHemant Agrawal #define WIMAX_PDBOPTS_AR 0x40 /* decap only */ 272a23d80e0SHemant Agrawal 273a23d80e0SHemant Agrawal struct wimax_encap_pdb { 274a23d80e0SHemant Agrawal u8 rsvd[3]; 275a23d80e0SHemant Agrawal u8 options; 276a23d80e0SHemant Agrawal u32 nonce; 277a23d80e0SHemant Agrawal u8 b0_flags; 278a23d80e0SHemant Agrawal u8 ctr_flags; 279a23d80e0SHemant Agrawal u16 ctr_init; 280a23d80e0SHemant Agrawal /* begin DECO writeback region */ 281a23d80e0SHemant Agrawal u32 pn; 282a23d80e0SHemant Agrawal /* end DECO writeback region */ 283a23d80e0SHemant Agrawal }; 284a23d80e0SHemant Agrawal 285a23d80e0SHemant Agrawal struct wimax_decap_pdb { 286a23d80e0SHemant Agrawal u8 rsvd[3]; 287a23d80e0SHemant Agrawal u8 options; 288a23d80e0SHemant Agrawal u32 nonce; 289a23d80e0SHemant Agrawal u8 iv_flags; 290a23d80e0SHemant Agrawal u8 ctr_flags; 291a23d80e0SHemant Agrawal u16 ctr_init; 292a23d80e0SHemant Agrawal /* begin DECO writeback region */ 293a23d80e0SHemant Agrawal u32 pn; 294a23d80e0SHemant Agrawal u8 rsvd1[2]; 295a23d80e0SHemant Agrawal u16 antireplay_len; 296a23d80e0SHemant Agrawal u64 antireplay_scorecard; 297a23d80e0SHemant Agrawal /* end DECO writeback region */ 298a23d80e0SHemant Agrawal }; 299a23d80e0SHemant Agrawal 300a23d80e0SHemant Agrawal /* 301a23d80e0SHemant Agrawal * IEEE 801.AE MacSEC Protocol Data Block 302a23d80e0SHemant Agrawal */ 303a23d80e0SHemant Agrawal #define MACSEC_PDBOPTS_FCS 0x01 304a23d80e0SHemant Agrawal #define MACSEC_PDBOPTS_AR 0x40 /* used in decap only */ 305a23d80e0SHemant Agrawal 306a23d80e0SHemant Agrawal struct macsec_encap_pdb { 307a23d80e0SHemant Agrawal u16 aad_len; 308a23d80e0SHemant Agrawal u8 rsvd; 309a23d80e0SHemant Agrawal u8 options; 310a23d80e0SHemant Agrawal u64 sci; 311a23d80e0SHemant Agrawal u16 ethertype; 312a23d80e0SHemant Agrawal u8 tci_an; 313a23d80e0SHemant Agrawal u8 rsvd1; 314a23d80e0SHemant Agrawal /* begin DECO writeback region */ 315a23d80e0SHemant Agrawal u32 pn; 316a23d80e0SHemant Agrawal /* end DECO writeback region */ 317a23d80e0SHemant Agrawal }; 318a23d80e0SHemant Agrawal 319a23d80e0SHemant Agrawal struct macsec_decap_pdb { 320a23d80e0SHemant Agrawal u16 aad_len; 321a23d80e0SHemant Agrawal u8 rsvd; 322a23d80e0SHemant Agrawal u8 options; 323a23d80e0SHemant Agrawal u64 sci; 324a23d80e0SHemant Agrawal u8 rsvd1[3]; 325a23d80e0SHemant Agrawal /* begin DECO writeback region */ 326a23d80e0SHemant Agrawal u8 antireplay_len; 327a23d80e0SHemant Agrawal u32 pn; 328a23d80e0SHemant Agrawal u64 antireplay_scorecard; 329a23d80e0SHemant Agrawal /* end DECO writeback region */ 330a23d80e0SHemant Agrawal }; 331a23d80e0SHemant Agrawal 332a23d80e0SHemant Agrawal /* 333a23d80e0SHemant Agrawal * SSL/TLS/DTLS Protocol Data Blocks 334a23d80e0SHemant Agrawal */ 335a23d80e0SHemant Agrawal 336a23d80e0SHemant Agrawal #define TLS_PDBOPTS_ARS32 0x40 337a23d80e0SHemant Agrawal #define TLS_PDBOPTS_ARS64 0xc0 338a23d80e0SHemant Agrawal #define TLS_PDBOPTS_OUTFMT 0x08 339a23d80e0SHemant Agrawal #define TLS_PDBOPTS_IV_WRTBK 0x02 /* 1.1/1.2/DTLS only */ 340a23d80e0SHemant Agrawal #define TLS_PDBOPTS_EXP_RND_IV 0x01 /* 1.1/1.2/DTLS only */ 341a23d80e0SHemant Agrawal 342a23d80e0SHemant Agrawal struct tls_block_encap_pdb { 343a23d80e0SHemant Agrawal u8 type; 344a23d80e0SHemant Agrawal u8 version[2]; 345a23d80e0SHemant Agrawal u8 options; 346a23d80e0SHemant Agrawal u64 seq_num; 347a23d80e0SHemant Agrawal u32 iv[4]; 348a23d80e0SHemant Agrawal }; 349a23d80e0SHemant Agrawal 350a23d80e0SHemant Agrawal struct tls_stream_encap_pdb { 351a23d80e0SHemant Agrawal u8 type; 352a23d80e0SHemant Agrawal u8 version[2]; 353a23d80e0SHemant Agrawal u8 options; 354a23d80e0SHemant Agrawal u64 seq_num; 355a23d80e0SHemant Agrawal u8 i; 356a23d80e0SHemant Agrawal u8 j; 357a23d80e0SHemant Agrawal u8 rsvd1[2]; 358a23d80e0SHemant Agrawal }; 359a23d80e0SHemant Agrawal 360a23d80e0SHemant Agrawal struct dtls_block_encap_pdb { 361a23d80e0SHemant Agrawal u8 type; 362a23d80e0SHemant Agrawal u8 version[2]; 363a23d80e0SHemant Agrawal u8 options; 364a23d80e0SHemant Agrawal u16 epoch; 365a23d80e0SHemant Agrawal u16 seq_num[3]; 366a23d80e0SHemant Agrawal u32 iv[4]; 367a23d80e0SHemant Agrawal }; 368a23d80e0SHemant Agrawal 369a23d80e0SHemant Agrawal struct tls_block_decap_pdb { 370a23d80e0SHemant Agrawal u8 rsvd[3]; 371a23d80e0SHemant Agrawal u8 options; 372a23d80e0SHemant Agrawal u64 seq_num; 373a23d80e0SHemant Agrawal u32 iv[4]; 374a23d80e0SHemant Agrawal }; 375a23d80e0SHemant Agrawal 376a23d80e0SHemant Agrawal struct tls_stream_decap_pdb { 377a23d80e0SHemant Agrawal u8 rsvd[3]; 378a23d80e0SHemant Agrawal u8 options; 379a23d80e0SHemant Agrawal u64 seq_num; 380a23d80e0SHemant Agrawal u8 i; 381a23d80e0SHemant Agrawal u8 j; 382a23d80e0SHemant Agrawal u8 rsvd1[2]; 383a23d80e0SHemant Agrawal }; 384a23d80e0SHemant Agrawal 385a23d80e0SHemant Agrawal struct dtls_block_decap_pdb { 386a23d80e0SHemant Agrawal u8 rsvd[3]; 387a23d80e0SHemant Agrawal u8 options; 388a23d80e0SHemant Agrawal u16 epoch; 389a23d80e0SHemant Agrawal u16 seq_num[3]; 390a23d80e0SHemant Agrawal u32 iv[4]; 391a23d80e0SHemant Agrawal u64 antireplay_scorecard; 392a23d80e0SHemant Agrawal }; 393a23d80e0SHemant Agrawal 394a23d80e0SHemant Agrawal /* 395a23d80e0SHemant Agrawal * SRTP Protocol Data Blocks 396a23d80e0SHemant Agrawal */ 397a23d80e0SHemant Agrawal #define SRTP_PDBOPTS_MKI 0x08 398a23d80e0SHemant Agrawal #define SRTP_PDBOPTS_AR 0x40 399a23d80e0SHemant Agrawal 400a23d80e0SHemant Agrawal struct srtp_encap_pdb { 401a23d80e0SHemant Agrawal u8 x_len; 402a23d80e0SHemant Agrawal u8 mki_len; 403a23d80e0SHemant Agrawal u8 n_tag; 404a23d80e0SHemant Agrawal u8 options; 405a23d80e0SHemant Agrawal u32 cnst0; 406a23d80e0SHemant Agrawal u8 rsvd[2]; 407a23d80e0SHemant Agrawal u16 cnst1; 408a23d80e0SHemant Agrawal u16 salt[7]; 409a23d80e0SHemant Agrawal u16 cnst2; 410a23d80e0SHemant Agrawal u32 rsvd1; 411a23d80e0SHemant Agrawal u32 roc; 412a23d80e0SHemant Agrawal u32 opt_mki; 413a23d80e0SHemant Agrawal }; 414a23d80e0SHemant Agrawal 415a23d80e0SHemant Agrawal struct srtp_decap_pdb { 416a23d80e0SHemant Agrawal u8 x_len; 417a23d80e0SHemant Agrawal u8 mki_len; 418a23d80e0SHemant Agrawal u8 n_tag; 419a23d80e0SHemant Agrawal u8 options; 420a23d80e0SHemant Agrawal u32 cnst0; 421a23d80e0SHemant Agrawal u8 rsvd[2]; 422a23d80e0SHemant Agrawal u16 cnst1; 423a23d80e0SHemant Agrawal u16 salt[7]; 424a23d80e0SHemant Agrawal u16 cnst2; 425a23d80e0SHemant Agrawal u16 rsvd1; 426a23d80e0SHemant Agrawal u16 seq_num; 427a23d80e0SHemant Agrawal u32 roc; 428a23d80e0SHemant Agrawal u64 antireplay_scorecard; 429a23d80e0SHemant Agrawal }; 430a23d80e0SHemant Agrawal 431a23d80e0SHemant Agrawal /* 432a23d80e0SHemant Agrawal * DSA/ECDSA Protocol Data Blocks 433a23d80e0SHemant Agrawal * Two of these exist: DSA-SIGN, and DSA-VERIFY. They are similar 434a23d80e0SHemant Agrawal * except for the treatment of "w" for verify, "s" for sign, 435a23d80e0SHemant Agrawal * and the placement of "a,b". 436a23d80e0SHemant Agrawal */ 437a23d80e0SHemant Agrawal #define DSA_PDB_SGF_SHIFT 24 438a23d80e0SHemant Agrawal #define DSA_PDB_SGF_MASK (0xff << DSA_PDB_SGF_SHIFT) 439a23d80e0SHemant Agrawal #define DSA_PDB_SGF_Q (0x80 << DSA_PDB_SGF_SHIFT) 440a23d80e0SHemant Agrawal #define DSA_PDB_SGF_R (0x40 << DSA_PDB_SGF_SHIFT) 441a23d80e0SHemant Agrawal #define DSA_PDB_SGF_G (0x20 << DSA_PDB_SGF_SHIFT) 442a23d80e0SHemant Agrawal #define DSA_PDB_SGF_W (0x10 << DSA_PDB_SGF_SHIFT) 443a23d80e0SHemant Agrawal #define DSA_PDB_SGF_S (0x10 << DSA_PDB_SGF_SHIFT) 444a23d80e0SHemant Agrawal #define DSA_PDB_SGF_F (0x08 << DSA_PDB_SGF_SHIFT) 445a23d80e0SHemant Agrawal #define DSA_PDB_SGF_C (0x04 << DSA_PDB_SGF_SHIFT) 446a23d80e0SHemant Agrawal #define DSA_PDB_SGF_D (0x02 << DSA_PDB_SGF_SHIFT) 447a23d80e0SHemant Agrawal #define DSA_PDB_SGF_AB_SIGN (0x02 << DSA_PDB_SGF_SHIFT) 448a23d80e0SHemant Agrawal #define DSA_PDB_SGF_AB_VERIFY (0x01 << DSA_PDB_SGF_SHIFT) 449a23d80e0SHemant Agrawal 450a23d80e0SHemant Agrawal #define DSA_PDB_L_SHIFT 7 451a23d80e0SHemant Agrawal #define DSA_PDB_L_MASK (0x3ff << DSA_PDB_L_SHIFT) 452a23d80e0SHemant Agrawal 453a23d80e0SHemant Agrawal #define DSA_PDB_N_MASK 0x7f 454a23d80e0SHemant Agrawal 455a23d80e0SHemant Agrawal struct dsa_sign_pdb { 45624c7bf08SHeinrich Schuchardt u32 sgf_ln; /* Use DSA_PDB_ definitions per above */ 457a23d80e0SHemant Agrawal u8 *q; 458a23d80e0SHemant Agrawal u8 *r; 459a23d80e0SHemant Agrawal u8 *g; /* or Gx,y */ 460a23d80e0SHemant Agrawal u8 *s; 461a23d80e0SHemant Agrawal u8 *f; 462a23d80e0SHemant Agrawal u8 *c; 463a23d80e0SHemant Agrawal u8 *d; 464a23d80e0SHemant Agrawal u8 *ab; /* ECC only */ 465a23d80e0SHemant Agrawal u8 *u; 466a23d80e0SHemant Agrawal }; 467a23d80e0SHemant Agrawal 468a23d80e0SHemant Agrawal struct dsa_verify_pdb { 469a23d80e0SHemant Agrawal u32 sgf_ln; 470a23d80e0SHemant Agrawal u8 *q; 471a23d80e0SHemant Agrawal u8 *r; 472a23d80e0SHemant Agrawal u8 *g; /* or Gx,y */ 473a23d80e0SHemant Agrawal u8 *w; /* or Wx,y */ 474a23d80e0SHemant Agrawal u8 *f; 475a23d80e0SHemant Agrawal u8 *c; 476a23d80e0SHemant Agrawal u8 *d; 477a23d80e0SHemant Agrawal u8 *tmp; /* temporary data block */ 478a23d80e0SHemant Agrawal u8 *ab; /* only used if ECC processing */ 479a23d80e0SHemant Agrawal }; 480a23d80e0SHemant Agrawal 4818c419778STudor Ambarus /* RSA Protocol Data Block */ 4828c419778STudor Ambarus #define RSA_PDB_SGF_SHIFT 28 4838c419778STudor Ambarus #define RSA_PDB_E_SHIFT 12 4848c419778STudor Ambarus #define RSA_PDB_E_MASK (0xFFF << RSA_PDB_E_SHIFT) 4858c419778STudor Ambarus #define RSA_PDB_D_SHIFT 12 4868c419778STudor Ambarus #define RSA_PDB_D_MASK (0xFFF << RSA_PDB_D_SHIFT) 48752e26d77SRadu Alexe #define RSA_PDB_Q_SHIFT 12 48852e26d77SRadu Alexe #define RSA_PDB_Q_MASK (0xFFF << RSA_PDB_Q_SHIFT) 4898c419778STudor Ambarus 4908c419778STudor Ambarus #define RSA_PDB_SGF_F (0x8 << RSA_PDB_SGF_SHIFT) 4918c419778STudor Ambarus #define RSA_PDB_SGF_G (0x4 << RSA_PDB_SGF_SHIFT) 4928c419778STudor Ambarus #define RSA_PRIV_PDB_SGF_F (0x4 << RSA_PDB_SGF_SHIFT) 4938c419778STudor Ambarus #define RSA_PRIV_PDB_SGF_G (0x8 << RSA_PDB_SGF_SHIFT) 4948c419778STudor Ambarus 4958c419778STudor Ambarus #define RSA_PRIV_KEY_FRM_1 0 49652e26d77SRadu Alexe #define RSA_PRIV_KEY_FRM_2 1 4974a651b12SRadu Alexe #define RSA_PRIV_KEY_FRM_3 2 4988c419778STudor Ambarus 4998c419778STudor Ambarus /** 5008c419778STudor Ambarus * RSA Encrypt Protocol Data Block 5018c419778STudor Ambarus * @sgf: scatter-gather field 5028c419778STudor Ambarus * @f_dma: dma address of input data 5038c419778STudor Ambarus * @g_dma: dma address of encrypted output data 5048c419778STudor Ambarus * @n_dma: dma address of RSA modulus 5058c419778STudor Ambarus * @e_dma: dma address of RSA public exponent 5068c419778STudor Ambarus * @f_len: length in octets of the input data 5078c419778STudor Ambarus */ 5088c419778STudor Ambarus struct rsa_pub_pdb { 5098c419778STudor Ambarus u32 sgf; 5108c419778STudor Ambarus dma_addr_t f_dma; 5118c419778STudor Ambarus dma_addr_t g_dma; 5128c419778STudor Ambarus dma_addr_t n_dma; 5138c419778STudor Ambarus dma_addr_t e_dma; 5148c419778STudor Ambarus u32 f_len; 515a1cf573eSAndrey Smirnov }; 516a1cf573eSAndrey Smirnov 517a1cf573eSAndrey Smirnov #define SIZEOF_RSA_PUB_PDB (2 * sizeof(u32) + 4 * caam_ptr_sz) 5188c419778STudor Ambarus 5198c419778STudor Ambarus /** 5208c419778STudor Ambarus * RSA Decrypt PDB - Private Key Form #1 5218c419778STudor Ambarus * @sgf: scatter-gather field 5228c419778STudor Ambarus * @g_dma: dma address of encrypted input data 5238c419778STudor Ambarus * @f_dma: dma address of output data 5248c419778STudor Ambarus * @n_dma: dma address of RSA modulus 5258c419778STudor Ambarus * @d_dma: dma address of RSA private exponent 5268c419778STudor Ambarus */ 5278c419778STudor Ambarus struct rsa_priv_f1_pdb { 5288c419778STudor Ambarus u32 sgf; 5298c419778STudor Ambarus dma_addr_t g_dma; 5308c419778STudor Ambarus dma_addr_t f_dma; 5318c419778STudor Ambarus dma_addr_t n_dma; 5328c419778STudor Ambarus dma_addr_t d_dma; 533a1cf573eSAndrey Smirnov }; 534a1cf573eSAndrey Smirnov 535a1cf573eSAndrey Smirnov #define SIZEOF_RSA_PRIV_F1_PDB (sizeof(u32) + 4 * caam_ptr_sz) 5368c419778STudor Ambarus 53752e26d77SRadu Alexe /** 53852e26d77SRadu Alexe * RSA Decrypt PDB - Private Key Form #2 53952e26d77SRadu Alexe * @sgf : scatter-gather field 54052e26d77SRadu Alexe * @g_dma : dma address of encrypted input data 54152e26d77SRadu Alexe * @f_dma : dma address of output data 54252e26d77SRadu Alexe * @d_dma : dma address of RSA private exponent 54352e26d77SRadu Alexe * @p_dma : dma address of RSA prime factor p of RSA modulus n 54452e26d77SRadu Alexe * @q_dma : dma address of RSA prime factor q of RSA modulus n 54552e26d77SRadu Alexe * @tmp1_dma: dma address of temporary buffer. CAAM uses this temporary buffer 54652e26d77SRadu Alexe * as internal state buffer. It is assumed to be as long as p. 54752e26d77SRadu Alexe * @tmp2_dma: dma address of temporary buffer. CAAM uses this temporary buffer 54852e26d77SRadu Alexe * as internal state buffer. It is assumed to be as long as q. 54952e26d77SRadu Alexe * @p_q_len : length in bytes of first two prime factors of the RSA modulus n 55052e26d77SRadu Alexe */ 55152e26d77SRadu Alexe struct rsa_priv_f2_pdb { 55252e26d77SRadu Alexe u32 sgf; 55352e26d77SRadu Alexe dma_addr_t g_dma; 55452e26d77SRadu Alexe dma_addr_t f_dma; 55552e26d77SRadu Alexe dma_addr_t d_dma; 55652e26d77SRadu Alexe dma_addr_t p_dma; 55752e26d77SRadu Alexe dma_addr_t q_dma; 55852e26d77SRadu Alexe dma_addr_t tmp1_dma; 55952e26d77SRadu Alexe dma_addr_t tmp2_dma; 56052e26d77SRadu Alexe u32 p_q_len; 561a1cf573eSAndrey Smirnov }; 562a1cf573eSAndrey Smirnov 563a1cf573eSAndrey Smirnov #define SIZEOF_RSA_PRIV_F2_PDB (2 * sizeof(u32) + 7 * caam_ptr_sz) 56452e26d77SRadu Alexe 5654a651b12SRadu Alexe /** 5664a651b12SRadu Alexe * RSA Decrypt PDB - Private Key Form #3 5674a651b12SRadu Alexe * This is the RSA Chinese Reminder Theorem (CRT) form for two prime factors of 5684a651b12SRadu Alexe * the RSA modulus. 5694a651b12SRadu Alexe * @sgf : scatter-gather field 5704a651b12SRadu Alexe * @g_dma : dma address of encrypted input data 5714a651b12SRadu Alexe * @f_dma : dma address of output data 5724a651b12SRadu Alexe * @c_dma : dma address of RSA CRT coefficient 5734a651b12SRadu Alexe * @p_dma : dma address of RSA prime factor p of RSA modulus n 5744a651b12SRadu Alexe * @q_dma : dma address of RSA prime factor q of RSA modulus n 5754a651b12SRadu Alexe * @dp_dma : dma address of RSA CRT exponent of RSA prime factor p 5764a651b12SRadu Alexe * @dp_dma : dma address of RSA CRT exponent of RSA prime factor q 5774a651b12SRadu Alexe * @tmp1_dma: dma address of temporary buffer. CAAM uses this temporary buffer 5784a651b12SRadu Alexe * as internal state buffer. It is assumed to be as long as p. 5794a651b12SRadu Alexe * @tmp2_dma: dma address of temporary buffer. CAAM uses this temporary buffer 5804a651b12SRadu Alexe * as internal state buffer. It is assumed to be as long as q. 5814a651b12SRadu Alexe * @p_q_len : length in bytes of first two prime factors of the RSA modulus n 5824a651b12SRadu Alexe */ 5834a651b12SRadu Alexe struct rsa_priv_f3_pdb { 5844a651b12SRadu Alexe u32 sgf; 5854a651b12SRadu Alexe dma_addr_t g_dma; 5864a651b12SRadu Alexe dma_addr_t f_dma; 5874a651b12SRadu Alexe dma_addr_t c_dma; 5884a651b12SRadu Alexe dma_addr_t p_dma; 5894a651b12SRadu Alexe dma_addr_t q_dma; 5904a651b12SRadu Alexe dma_addr_t dp_dma; 5914a651b12SRadu Alexe dma_addr_t dq_dma; 5924a651b12SRadu Alexe dma_addr_t tmp1_dma; 5934a651b12SRadu Alexe dma_addr_t tmp2_dma; 5944a651b12SRadu Alexe u32 p_q_len; 595a1cf573eSAndrey Smirnov }; 596a1cf573eSAndrey Smirnov 597a1cf573eSAndrey Smirnov #define SIZEOF_RSA_PRIV_F3_PDB (2 * sizeof(u32) + 9 * caam_ptr_sz) 5984a651b12SRadu Alexe 599a23d80e0SHemant Agrawal #endif 600