]>
Commit | Line | Data |
---|---|---|
5551e3a8 GA |
1 | #ifndef _LINUX_VIRTIO_CRYPTO_H |
2 | #define _LINUX_VIRTIO_CRYPTO_H | |
3 | /* This header is BSD licensed so anyone can use the definitions to implement | |
4 | * compatible drivers/servers. | |
5 | * | |
6 | * Redistribution and use in source and binary forms, with or without | |
7 | * modification, are permitted provided that the following conditions | |
8 | * are met: | |
9 | * 1. Redistributions of source code must retain the above copyright | |
10 | * notice, this list of conditions and the following disclaimer. | |
11 | * 2. Redistributions in binary form must reproduce the above copyright | |
12 | * notice, this list of conditions and the following disclaimer in the | |
13 | * documentation and/or other materials provided with the distribution. | |
14 | * 3. Neither the name of IBM nor the names of its contributors | |
15 | * may be used to endorse or promote products derived from this software | |
16 | * without specific prior written permission. | |
17 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' | |
18 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
19 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
20 | * ARE DISCLAIMED. IN NO EVENT SHALL IBM OR CONTRIBUTORS BE LIABLE | |
21 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
22 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
23 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
24 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
25 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
26 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
27 | * SUCH DAMAGE. */ | |
28 | ||
29 | #include "standard-headers/linux/types.h" | |
30 | #include "standard-headers/linux/virtio_config.h" | |
31 | #include "standard-headers/linux/virtio_types.h" | |
32 | ||
33 | ||
34 | #define VIRTIO_CRYPTO_SERVICE_CIPHER 0 | |
35 | #define VIRTIO_CRYPTO_SERVICE_HASH 1 | |
36 | #define VIRTIO_CRYPTO_SERVICE_MAC 2 | |
37 | #define VIRTIO_CRYPTO_SERVICE_AEAD 3 | |
38 | ||
39 | #define VIRTIO_CRYPTO_OPCODE(service, op) (((service) << 8) | (op)) | |
40 | ||
41 | struct virtio_crypto_ctrl_header { | |
42 | #define VIRTIO_CRYPTO_CIPHER_CREATE_SESSION \ | |
43 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x02) | |
44 | #define VIRTIO_CRYPTO_CIPHER_DESTROY_SESSION \ | |
45 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x03) | |
46 | #define VIRTIO_CRYPTO_HASH_CREATE_SESSION \ | |
47 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x02) | |
48 | #define VIRTIO_CRYPTO_HASH_DESTROY_SESSION \ | |
49 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x03) | |
50 | #define VIRTIO_CRYPTO_MAC_CREATE_SESSION \ | |
51 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x02) | |
52 | #define VIRTIO_CRYPTO_MAC_DESTROY_SESSION \ | |
53 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x03) | |
54 | #define VIRTIO_CRYPTO_AEAD_CREATE_SESSION \ | |
55 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x02) | |
56 | #define VIRTIO_CRYPTO_AEAD_DESTROY_SESSION \ | |
57 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x03) | |
58 | __virtio32 opcode; | |
59 | __virtio32 algo; | |
60 | __virtio32 flag; | |
61 | /* data virtqueue id */ | |
62 | __virtio32 queue_id; | |
63 | }; | |
64 | ||
65 | struct virtio_crypto_cipher_session_para { | |
66 | #define VIRTIO_CRYPTO_NO_CIPHER 0 | |
67 | #define VIRTIO_CRYPTO_CIPHER_ARC4 1 | |
68 | #define VIRTIO_CRYPTO_CIPHER_AES_ECB 2 | |
69 | #define VIRTIO_CRYPTO_CIPHER_AES_CBC 3 | |
70 | #define VIRTIO_CRYPTO_CIPHER_AES_CTR 4 | |
71 | #define VIRTIO_CRYPTO_CIPHER_DES_ECB 5 | |
72 | #define VIRTIO_CRYPTO_CIPHER_DES_CBC 6 | |
73 | #define VIRTIO_CRYPTO_CIPHER_3DES_ECB 7 | |
74 | #define VIRTIO_CRYPTO_CIPHER_3DES_CBC 8 | |
75 | #define VIRTIO_CRYPTO_CIPHER_3DES_CTR 9 | |
76 | #define VIRTIO_CRYPTO_CIPHER_KASUMI_F8 10 | |
77 | #define VIRTIO_CRYPTO_CIPHER_SNOW3G_UEA2 11 | |
78 | #define VIRTIO_CRYPTO_CIPHER_AES_F8 12 | |
79 | #define VIRTIO_CRYPTO_CIPHER_AES_XTS 13 | |
80 | #define VIRTIO_CRYPTO_CIPHER_ZUC_EEA3 14 | |
81 | __virtio32 algo; | |
82 | /* length of key */ | |
83 | __virtio32 keylen; | |
84 | ||
85 | #define VIRTIO_CRYPTO_OP_ENCRYPT 1 | |
86 | #define VIRTIO_CRYPTO_OP_DECRYPT 2 | |
87 | /* encrypt or decrypt */ | |
88 | __virtio32 op; | |
89 | __virtio32 padding; | |
90 | }; | |
91 | ||
92 | struct virtio_crypto_session_input { | |
93 | /* Device-writable part */ | |
94 | __virtio64 session_id; | |
95 | __virtio32 status; | |
96 | __virtio32 padding; | |
97 | }; | |
98 | ||
99 | struct virtio_crypto_cipher_session_req { | |
100 | struct virtio_crypto_cipher_session_para para; | |
101 | }; | |
102 | ||
103 | struct virtio_crypto_hash_session_para { | |
104 | #define VIRTIO_CRYPTO_NO_HASH 0 | |
105 | #define VIRTIO_CRYPTO_HASH_MD5 1 | |
106 | #define VIRTIO_CRYPTO_HASH_SHA1 2 | |
107 | #define VIRTIO_CRYPTO_HASH_SHA_224 3 | |
108 | #define VIRTIO_CRYPTO_HASH_SHA_256 4 | |
109 | #define VIRTIO_CRYPTO_HASH_SHA_384 5 | |
110 | #define VIRTIO_CRYPTO_HASH_SHA_512 6 | |
111 | #define VIRTIO_CRYPTO_HASH_SHA3_224 7 | |
112 | #define VIRTIO_CRYPTO_HASH_SHA3_256 8 | |
113 | #define VIRTIO_CRYPTO_HASH_SHA3_384 9 | |
114 | #define VIRTIO_CRYPTO_HASH_SHA3_512 10 | |
115 | #define VIRTIO_CRYPTO_HASH_SHA3_SHAKE128 11 | |
116 | #define VIRTIO_CRYPTO_HASH_SHA3_SHAKE256 12 | |
117 | __virtio32 algo; | |
118 | /* hash result length */ | |
119 | __virtio32 hash_result_len; | |
120 | }; | |
121 | ||
122 | struct virtio_crypto_hash_create_session_req { | |
123 | struct virtio_crypto_hash_session_para para; | |
124 | }; | |
125 | ||
126 | struct virtio_crypto_mac_session_para { | |
127 | #define VIRTIO_CRYPTO_NO_MAC 0 | |
128 | #define VIRTIO_CRYPTO_MAC_HMAC_MD5 1 | |
129 | #define VIRTIO_CRYPTO_MAC_HMAC_SHA1 2 | |
130 | #define VIRTIO_CRYPTO_MAC_HMAC_SHA_224 3 | |
131 | #define VIRTIO_CRYPTO_MAC_HMAC_SHA_256 4 | |
132 | #define VIRTIO_CRYPTO_MAC_HMAC_SHA_384 5 | |
133 | #define VIRTIO_CRYPTO_MAC_HMAC_SHA_512 6 | |
134 | #define VIRTIO_CRYPTO_MAC_CMAC_3DES 25 | |
135 | #define VIRTIO_CRYPTO_MAC_CMAC_AES 26 | |
136 | #define VIRTIO_CRYPTO_MAC_KASUMI_F9 27 | |
137 | #define VIRTIO_CRYPTO_MAC_SNOW3G_UIA2 28 | |
138 | #define VIRTIO_CRYPTO_MAC_GMAC_AES 41 | |
139 | #define VIRTIO_CRYPTO_MAC_GMAC_TWOFISH 42 | |
140 | #define VIRTIO_CRYPTO_MAC_CBCMAC_AES 49 | |
141 | #define VIRTIO_CRYPTO_MAC_CBCMAC_KASUMI_F9 50 | |
142 | #define VIRTIO_CRYPTO_MAC_XCBC_AES 53 | |
143 | __virtio32 algo; | |
144 | /* hash result length */ | |
145 | __virtio32 hash_result_len; | |
146 | /* length of authenticated key */ | |
147 | __virtio32 auth_key_len; | |
148 | __virtio32 padding; | |
149 | }; | |
150 | ||
151 | struct virtio_crypto_mac_create_session_req { | |
152 | struct virtio_crypto_mac_session_para para; | |
153 | }; | |
154 | ||
155 | struct virtio_crypto_aead_session_para { | |
156 | #define VIRTIO_CRYPTO_NO_AEAD 0 | |
157 | #define VIRTIO_CRYPTO_AEAD_GCM 1 | |
158 | #define VIRTIO_CRYPTO_AEAD_CCM 2 | |
159 | #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305 3 | |
160 | __virtio32 algo; | |
161 | /* length of key */ | |
162 | __virtio32 key_len; | |
163 | /* digest result length */ | |
164 | __virtio32 digest_result_len; | |
165 | /* length of the additional authenticated data (AAD) in bytes */ | |
166 | __virtio32 aad_len; | |
167 | /* encrypt or decrypt, See above VIRTIO_CRYPTO_OP_* */ | |
168 | __virtio32 op; | |
169 | __virtio32 padding; | |
170 | }; | |
171 | ||
172 | struct virtio_crypto_aead_create_session_req { | |
173 | struct virtio_crypto_aead_session_para para; | |
174 | }; | |
175 | ||
176 | struct virtio_crypto_alg_chain_session_para { | |
177 | #define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_HASH_THEN_CIPHER 1 | |
178 | #define VIRTIO_CRYPTO_SYM_ALG_CHAIN_ORDER_CIPHER_THEN_HASH 2 | |
179 | __virtio32 alg_chain_order; | |
180 | /* Plain hash */ | |
181 | #define VIRTIO_CRYPTO_SYM_HASH_MODE_PLAIN 1 | |
182 | /* Authenticated hash (mac) */ | |
183 | #define VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH 2 | |
184 | /* Nested hash */ | |
185 | #define VIRTIO_CRYPTO_SYM_HASH_MODE_NESTED 3 | |
186 | __virtio32 hash_mode; | |
187 | struct virtio_crypto_cipher_session_para cipher_param; | |
188 | union { | |
189 | struct virtio_crypto_hash_session_para hash_param; | |
190 | struct virtio_crypto_mac_session_para mac_param; | |
191 | } u; | |
192 | /* length of the additional authenticated data (AAD) in bytes */ | |
193 | __virtio32 aad_len; | |
194 | __virtio32 padding; | |
195 | }; | |
196 | ||
197 | struct virtio_crypto_alg_chain_session_req { | |
198 | struct virtio_crypto_alg_chain_session_para para; | |
199 | }; | |
200 | ||
201 | struct virtio_crypto_sym_create_session_req { | |
202 | union { | |
203 | struct virtio_crypto_cipher_session_req cipher; | |
204 | struct virtio_crypto_alg_chain_session_req chain; | |
205 | } u; | |
206 | ||
207 | /* Device-readable part */ | |
208 | ||
209 | /* No operation */ | |
210 | #define VIRTIO_CRYPTO_SYM_OP_NONE 0 | |
211 | /* Cipher only operation on the data */ | |
212 | #define VIRTIO_CRYPTO_SYM_OP_CIPHER 1 | |
213 | /* Chain any cipher with any hash or mac operation. The order | |
214 | depends on the value of alg_chain_order param */ | |
215 | #define VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING 2 | |
216 | __virtio32 op_type; | |
217 | __virtio32 padding; | |
218 | }; | |
219 | ||
220 | struct virtio_crypto_destroy_session_req { | |
221 | /* Device-readable part */ | |
222 | __virtio64 session_id; | |
223 | }; | |
224 | ||
225 | /* The request of the control viritqueue's packet */ | |
226 | struct virtio_crypto_op_ctrl_req { | |
227 | struct virtio_crypto_ctrl_header header; | |
228 | ||
229 | union { | |
230 | struct virtio_crypto_sym_create_session_req sym_create_session; | |
231 | struct virtio_crypto_hash_create_session_req hash_create_session; | |
232 | struct virtio_crypto_mac_create_session_req mac_create_session; | |
233 | struct virtio_crypto_aead_create_session_req aead_create_session; | |
234 | struct virtio_crypto_destroy_session_req destroy_session; | |
235 | } u; | |
236 | }; | |
237 | ||
238 | struct virtio_crypto_op_header { | |
239 | #define VIRTIO_CRYPTO_CIPHER_ENCRYPT \ | |
240 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x00) | |
241 | #define VIRTIO_CRYPTO_CIPHER_DECRYPT \ | |
242 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_CIPHER, 0x01) | |
243 | #define VIRTIO_CRYPTO_HASH \ | |
244 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_HASH, 0x00) | |
245 | #define VIRTIO_CRYPTO_MAC \ | |
246 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_MAC, 0x00) | |
247 | #define VIRTIO_CRYPTO_AEAD_ENCRYPT \ | |
248 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00) | |
249 | #define VIRTIO_CRYPTO_AEAD_DECRYPT \ | |
250 | VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01) | |
251 | __virtio32 opcode; | |
252 | /* algo should be service-specific algorithms */ | |
253 | __virtio32 algo; | |
254 | /* session_id should be service-specific algorithms */ | |
255 | __virtio64 session_id; | |
256 | /* control flag to control the request */ | |
257 | __virtio32 flag; | |
258 | __virtio32 padding; | |
259 | }; | |
260 | ||
261 | struct virtio_crypto_cipher_para { | |
262 | /* | |
263 | * Byte Length of valid IV/Counter | |
264 | * | |
265 | * - For block ciphers in CBC or F8 mode, or for Kasumi in F8 mode, or for | |
266 | * SNOW3G in UEA2 mode, this is the length of the IV (which | |
267 | * must be the same as the block length of the cipher). | |
268 | * - For block ciphers in CTR mode, this is the length of the counter | |
269 | * (which must be the same as the block length of the cipher). | |
270 | * - For AES-XTS, this is the 128bit tweak, i, from IEEE Std 1619-2007. | |
271 | * | |
272 | * The IV/Counter will be updated after every partial cryptographic | |
273 | * operation. | |
274 | */ | |
275 | __virtio32 iv_len; | |
276 | /* length of source data */ | |
277 | __virtio32 src_data_len; | |
278 | /* length of dst data */ | |
279 | __virtio32 dst_data_len; | |
280 | __virtio32 padding; | |
281 | }; | |
282 | ||
283 | struct virtio_crypto_hash_para { | |
284 | /* length of source data */ | |
285 | __virtio32 src_data_len; | |
286 | /* hash result length */ | |
287 | __virtio32 hash_result_len; | |
288 | }; | |
289 | ||
290 | struct virtio_crypto_mac_para { | |
291 | struct virtio_crypto_hash_para hash; | |
292 | }; | |
293 | ||
294 | struct virtio_crypto_aead_para { | |
295 | /* | |
296 | * Byte Length of valid IV data pointed to by the below iv_addr | |
297 | * parameter. | |
298 | * | |
299 | * - For GCM mode, this is either 12 (for 96-bit IVs) or 16, in which | |
300 | * case iv_addr points to J0. | |
301 | * - For CCM mode, this is the length of the nonce, which can be in the | |
302 | * range 7 to 13 inclusive. | |
303 | */ | |
304 | __virtio32 iv_len; | |
305 | /* length of additional auth data */ | |
306 | __virtio32 aad_len; | |
307 | /* length of source data */ | |
308 | __virtio32 src_data_len; | |
309 | /* length of dst data */ | |
310 | __virtio32 dst_data_len; | |
311 | }; | |
312 | ||
313 | struct virtio_crypto_cipher_data_req { | |
314 | /* Device-readable part */ | |
315 | struct virtio_crypto_cipher_para para; | |
316 | }; | |
317 | ||
318 | struct virtio_crypto_hash_data_req { | |
319 | /* Device-readable part */ | |
320 | struct virtio_crypto_hash_para para; | |
321 | }; | |
322 | ||
323 | struct virtio_crypto_mac_data_req { | |
324 | /* Device-readable part */ | |
325 | struct virtio_crypto_mac_para para; | |
326 | }; | |
327 | ||
328 | struct virtio_crypto_alg_chain_data_para { | |
329 | __virtio32 iv_len; | |
330 | /* Length of source data */ | |
331 | __virtio32 src_data_len; | |
332 | /* Length of destination data */ | |
333 | __virtio32 dst_data_len; | |
334 | /* Starting point for cipher processing in source data */ | |
335 | __virtio32 cipher_start_src_offset; | |
336 | /* Length of the source data that the cipher will be computed on */ | |
337 | __virtio32 len_to_cipher; | |
338 | /* Starting point for hash processing in source data */ | |
339 | __virtio32 hash_start_src_offset; | |
340 | /* Length of the source data that the hash will be computed on */ | |
341 | __virtio32 len_to_hash; | |
342 | /* Length of the additional auth data */ | |
343 | __virtio32 aad_len; | |
344 | /* Length of the hash result */ | |
345 | __virtio32 hash_result_len; | |
346 | __virtio32 reserved; | |
347 | }; | |
348 | ||
349 | struct virtio_crypto_alg_chain_data_req { | |
350 | /* Device-readable part */ | |
351 | struct virtio_crypto_alg_chain_data_para para; | |
352 | }; | |
353 | ||
354 | struct virtio_crypto_sym_data_req { | |
355 | union { | |
356 | struct virtio_crypto_cipher_data_req cipher; | |
357 | struct virtio_crypto_alg_chain_data_req chain; | |
358 | } u; | |
359 | ||
360 | /* See above VIRTIO_CRYPTO_SYM_OP_* */ | |
361 | __virtio32 op_type; | |
362 | __virtio32 padding; | |
363 | }; | |
364 | ||
365 | struct virtio_crypto_aead_data_req { | |
366 | /* Device-readable part */ | |
367 | struct virtio_crypto_aead_para para; | |
368 | }; | |
369 | ||
370 | /* The request of the data viritqueue's packet */ | |
371 | struct virtio_crypto_op_data_req { | |
372 | struct virtio_crypto_op_header header; | |
373 | ||
374 | union { | |
375 | struct virtio_crypto_sym_data_req sym_req; | |
376 | struct virtio_crypto_hash_data_req hash_req; | |
377 | struct virtio_crypto_mac_data_req mac_req; | |
378 | struct virtio_crypto_aead_data_req aead_req; | |
379 | } u; | |
380 | }; | |
381 | ||
382 | #define VIRTIO_CRYPTO_OK 0 | |
383 | #define VIRTIO_CRYPTO_ERR 1 | |
384 | #define VIRTIO_CRYPTO_BADMSG 2 | |
385 | #define VIRTIO_CRYPTO_NOTSUPP 3 | |
386 | #define VIRTIO_CRYPTO_INVSESS 4 /* Invaild session id */ | |
387 | ||
388 | /* The accelerator hardware is ready */ | |
389 | #define VIRTIO_CRYPTO_S_HW_READY (1 << 0) | |
390 | #define VIRTIO_CRYPTO_S_STARTED (1 << 1) | |
391 | ||
392 | struct virtio_crypto_config { | |
393 | /* See VIRTIO_CRYPTO_* above */ | |
394 | __virtio32 status; | |
395 | ||
396 | /* | |
397 | * Maximum number of data queue legal values are between 1 and 0x8000 | |
398 | */ | |
399 | __virtio32 max_dataqueues; | |
400 | ||
401 | /* Specifies the services mask which the devcie support, | |
402 | see VIRTIO_CRYPTO_SERVICE_* above */ | |
403 | __virtio32 crypto_services; | |
404 | ||
405 | /* Detailed algorithms mask */ | |
406 | __virtio32 cipher_algo_l; | |
407 | __virtio32 cipher_algo_h; | |
408 | __virtio32 hash_algo; | |
409 | __virtio32 mac_algo_l; | |
410 | __virtio32 mac_algo_h; | |
411 | __virtio32 aead_algo; | |
412 | ||
413 | /* Maximum length of cipher key */ | |
414 | uint32_t max_cipher_key_len; | |
415 | /* Maximum length of authenticated key */ | |
416 | uint32_t max_auth_key_len; | |
417 | ||
418 | __virtio32 reserve; | |
419 | ||
420 | /* The maximum size of per request's content */ | |
421 | __virtio64 max_size; | |
422 | }; | |
423 | ||
424 | struct virtio_crypto_inhdr { | |
425 | /* See VIRTIO_CRYPTO_* above */ | |
426 | uint8_t status; | |
427 | }; | |
428 | ||
429 | #endif /* _LINUX_VIRTIO_CRYPTO_H */ |