1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 /* 3 * Copyright (C) 2020 Pengutronix, Ahmad Fatoum <kernel@pengutronix.de> 4 * Copyright 2024-2025 NXP 5 */ 6 7 #ifndef __CAAM_BLOB_GEN 8 #define __CAAM_BLOB_GEN 9 10 #include <linux/types.h> 11 #include <linux/errno.h> 12 13 #define CAAM_BLOB_KEYMOD_LENGTH 16 14 #define CAAM_BLOB_OVERHEAD (32 + 16) 15 #define CAAM_BLOB_MAX_LEN 4096 16 #define CAAM_ENC_ALGO_CCM 0x1 17 #define CAAM_ENC_ALGO_ECB 0x2 18 #define CAAM_NONCE_SIZE 6 19 #define CAAM_ICV_SIZE 6 20 #define CAAM_CCM_OVERHEAD (CAAM_NONCE_SIZE + CAAM_ICV_SIZE) 21 22 struct caam_blob_priv; 23 24 /** 25 * struct caam_pkey_info - information for CAAM protected key 26 * @is_pkey: flag to identify, if the key is protected. 27 * @key_enc_algo: identifies the algorithm, ccm or ecb 28 * @plain_key_sz: size of plain key. 29 * @key_buf: contains key data 30 */ 31 struct caam_pkey_info { 32 u8 is_pkey; 33 u8 key_enc_algo; 34 u16 plain_key_sz; 35 u8 key_buf[]; 36 } __packed; 37 38 /* sizeof struct caam_pkey_info */ 39 #define CAAM_PKEY_HEADER 4 40 41 /** 42 * struct caam_blob_info - information for CAAM blobbing 43 * @pkey_info: pointer to keep protected key information 44 * @input: pointer to input buffer (must be DMAable) 45 * @input_len: length of @input buffer in bytes. 46 * @output: pointer to output buffer (must be DMAable) 47 * @output_len: length of @output buffer in bytes. 48 * @key_mod: key modifier 49 * @key_mod_len: length of @key_mod in bytes. 50 * May not exceed %CAAM_BLOB_KEYMOD_LENGTH 51 */ 52 struct caam_blob_info { 53 struct caam_pkey_info pkey_info; 54 55 void *input; 56 size_t input_len; 57 58 void *output; 59 size_t output_len; 60 61 const void *key_mod; 62 size_t key_mod_len; 63 }; 64 65 /** 66 * caam_blob_gen_init - initialize blob generation 67 * Return: pointer to new &struct caam_blob_priv instance on success 68 * and ``ERR_PTR(-ENODEV)`` if CAAM has no hardware blobbing support 69 * or no job ring could be allocated. 70 */ 71 struct caam_blob_priv *caam_blob_gen_init(void); 72 73 /** 74 * caam_blob_gen_exit - free blob generation resources 75 * @priv: instance returned by caam_blob_gen_init() 76 */ 77 void caam_blob_gen_exit(struct caam_blob_priv *priv); 78 79 /** 80 * caam_process_blob - encapsulate or decapsulate blob 81 * @priv: instance returned by caam_blob_gen_init() 82 * @info: pointer to blobbing info describing key, blob and 83 * key modifier buffers. 84 * @encap: true for encapsulation, false for decapsulation 85 * 86 * Return: %0 and sets ``info->output_len`` on success and a negative 87 * error code otherwise. 88 */ 89 int caam_process_blob(struct caam_blob_priv *priv, 90 struct caam_blob_info *info, bool encap); 91 92 /** 93 * caam_encap_blob - encapsulate blob 94 * @priv: instance returned by caam_blob_gen_init() 95 * @info: pointer to blobbing info describing input key, 96 * output blob and key modifier buffers. 97 * 98 * Return: %0 and sets ``info->output_len`` on success and 99 * a negative error code otherwise. 100 */ 101 static inline int caam_encap_blob(struct caam_blob_priv *priv, 102 struct caam_blob_info *info) 103 { 104 if (info->output_len < info->input_len + CAAM_BLOB_OVERHEAD) 105 return -EINVAL; 106 107 return caam_process_blob(priv, info, true); 108 } 109 110 /** 111 * caam_decap_blob - decapsulate blob 112 * @priv: instance returned by caam_blob_gen_init() 113 * @info: pointer to blobbing info describing output key, 114 * input blob and key modifier buffers. 115 * 116 * Return: %0 and sets ``info->output_len`` on success and 117 * a negative error code otherwise. 118 */ 119 static inline int caam_decap_blob(struct caam_blob_priv *priv, 120 struct caam_blob_info *info) 121 { 122 if (info->input_len < CAAM_BLOB_OVERHEAD || 123 info->output_len < info->input_len - CAAM_BLOB_OVERHEAD) 124 return -EINVAL; 125 126 return caam_process_blob(priv, info, false); 127 } 128 129 #endif 130