forked from Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
405 lines
13 KiB
405 lines
13 KiB
/* |
|
* This file is part of the Chelsio T6 Crypto driver for Linux. |
|
* |
|
* Copyright (c) 2003-2016 Chelsio Communications, Inc. All rights reserved. |
|
* |
|
* This software is available to you under a choice of one of two |
|
* licenses. You may choose to be licensed under the terms of the GNU |
|
* General Public License (GPL) Version 2, available from the file |
|
* COPYING in the main directory of this source tree, or the |
|
* OpenIB.org BSD license below: |
|
* |
|
* Redistribution and use in source and binary forms, with or |
|
* without modification, are permitted provided that the following |
|
* conditions are met: |
|
* |
|
* - Redistributions of source code must retain the above |
|
* copyright notice, this list of conditions and the following |
|
* disclaimer. |
|
* |
|
* - Redistributions in binary form must reproduce the above |
|
* copyright notice, this list of conditions and the following |
|
* disclaimer in the documentation and/or other materials |
|
* provided with the distribution. |
|
* |
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, |
|
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
|
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND |
|
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS |
|
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
|
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN |
|
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
* SOFTWARE. |
|
* |
|
*/ |
|
|
|
#ifndef __CHCR_ALGO_H__ |
|
#define __CHCR_ALGO_H__ |
|
|
|
/* Crypto key context */ |
|
#define KEY_CONTEXT_CTX_LEN_S 24 |
|
#define KEY_CONTEXT_CTX_LEN_M 0xff |
|
#define KEY_CONTEXT_CTX_LEN_V(x) ((x) << KEY_CONTEXT_CTX_LEN_S) |
|
#define KEY_CONTEXT_CTX_LEN_G(x) \ |
|
(((x) >> KEY_CONTEXT_CTX_LEN_S) & KEY_CONTEXT_CTX_LEN_M) |
|
|
|
#define KEY_CONTEXT_DUAL_CK_S 12 |
|
#define KEY_CONTEXT_DUAL_CK_M 0x1 |
|
#define KEY_CONTEXT_DUAL_CK_V(x) ((x) << KEY_CONTEXT_DUAL_CK_S) |
|
#define KEY_CONTEXT_DUAL_CK_G(x) \ |
|
(((x) >> KEY_CONTEXT_DUAL_CK_S) & KEY_CONTEXT_DUAL_CK_M) |
|
#define KEY_CONTEXT_DUAL_CK_F KEY_CONTEXT_DUAL_CK_V(1U) |
|
|
|
#define KEY_CONTEXT_SALT_PRESENT_S 10 |
|
#define KEY_CONTEXT_SALT_PRESENT_M 0x1 |
|
#define KEY_CONTEXT_SALT_PRESENT_V(x) ((x) << KEY_CONTEXT_SALT_PRESENT_S) |
|
#define KEY_CONTEXT_SALT_PRESENT_G(x) \ |
|
(((x) >> KEY_CONTEXT_SALT_PRESENT_S) & \ |
|
KEY_CONTEXT_SALT_PRESENT_M) |
|
#define KEY_CONTEXT_SALT_PRESENT_F KEY_CONTEXT_SALT_PRESENT_V(1U) |
|
|
|
#define KEY_CONTEXT_VALID_S 0 |
|
#define KEY_CONTEXT_VALID_M 0x1 |
|
#define KEY_CONTEXT_VALID_V(x) ((x) << KEY_CONTEXT_VALID_S) |
|
#define KEY_CONTEXT_VALID_G(x) \ |
|
(((x) >> KEY_CONTEXT_VALID_S) & \ |
|
KEY_CONTEXT_VALID_M) |
|
#define KEY_CONTEXT_VALID_F KEY_CONTEXT_VALID_V(1U) |
|
|
|
#define KEY_CONTEXT_CK_SIZE_S 6 |
|
#define KEY_CONTEXT_CK_SIZE_M 0xf |
|
#define KEY_CONTEXT_CK_SIZE_V(x) ((x) << KEY_CONTEXT_CK_SIZE_S) |
|
#define KEY_CONTEXT_CK_SIZE_G(x) \ |
|
(((x) >> KEY_CONTEXT_CK_SIZE_S) & KEY_CONTEXT_CK_SIZE_M) |
|
|
|
#define KEY_CONTEXT_MK_SIZE_S 2 |
|
#define KEY_CONTEXT_MK_SIZE_M 0xf |
|
#define KEY_CONTEXT_MK_SIZE_V(x) ((x) << KEY_CONTEXT_MK_SIZE_S) |
|
#define KEY_CONTEXT_MK_SIZE_G(x) \ |
|
(((x) >> KEY_CONTEXT_MK_SIZE_S) & KEY_CONTEXT_MK_SIZE_M) |
|
|
|
#define KEY_CONTEXT_OPAD_PRESENT_S 11 |
|
#define KEY_CONTEXT_OPAD_PRESENT_M 0x1 |
|
#define KEY_CONTEXT_OPAD_PRESENT_V(x) ((x) << KEY_CONTEXT_OPAD_PRESENT_S) |
|
#define KEY_CONTEXT_OPAD_PRESENT_G(x) \ |
|
(((x) >> KEY_CONTEXT_OPAD_PRESENT_S) & \ |
|
KEY_CONTEXT_OPAD_PRESENT_M) |
|
#define KEY_CONTEXT_OPAD_PRESENT_F KEY_CONTEXT_OPAD_PRESENT_V(1U) |
|
|
|
#define CHCR_HASH_MAX_DIGEST_SIZE 64 |
|
#define CHCR_MAX_SHA_DIGEST_SIZE 64 |
|
|
|
#define IPSEC_TRUNCATED_ICV_SIZE 12 |
|
#define TLS_TRUNCATED_HMAC_SIZE 10 |
|
#define CBCMAC_DIGEST_SIZE 16 |
|
#define MAX_HASH_NAME 20 |
|
|
|
#define SHA1_INIT_STATE_5X4B 5 |
|
#define SHA256_INIT_STATE_8X4B 8 |
|
#define SHA512_INIT_STATE_8X8B 8 |
|
#define SHA1_INIT_STATE SHA1_INIT_STATE_5X4B |
|
#define SHA224_INIT_STATE SHA256_INIT_STATE_8X4B |
|
#define SHA256_INIT_STATE SHA256_INIT_STATE_8X4B |
|
#define SHA384_INIT_STATE SHA512_INIT_STATE_8X8B |
|
#define SHA512_INIT_STATE SHA512_INIT_STATE_8X8B |
|
|
|
#define DUMMY_BYTES 16 |
|
|
|
#define IPAD_DATA 0x36363636 |
|
#define OPAD_DATA 0x5c5c5c5c |
|
|
|
#define TRANSHDR_SIZE(kctx_len)\ |
|
(sizeof(struct chcr_wr) +\ |
|
kctx_len) |
|
#define CIPHER_TRANSHDR_SIZE(kctx_len, sge_pairs) \ |
|
(TRANSHDR_SIZE((kctx_len)) + (sge_pairs) +\ |
|
sizeof(struct cpl_rx_phys_dsgl) + AES_BLOCK_SIZE) |
|
#define HASH_TRANSHDR_SIZE(kctx_len)\ |
|
(TRANSHDR_SIZE(kctx_len) + DUMMY_BYTES) |
|
|
|
|
|
#define FILL_SEC_CPL_OP_IVINSR(id, len, ofst) \ |
|
htonl( \ |
|
CPL_TX_SEC_PDU_OPCODE_V(CPL_TX_SEC_PDU) | \ |
|
CPL_TX_SEC_PDU_RXCHID_V((id)) | \ |
|
CPL_TX_SEC_PDU_ACKFOLLOWS_V(0) | \ |
|
CPL_TX_SEC_PDU_ULPTXLPBK_V(1) | \ |
|
CPL_TX_SEC_PDU_CPLLEN_V((len)) | \ |
|
CPL_TX_SEC_PDU_PLACEHOLDER_V(0) | \ |
|
CPL_TX_SEC_PDU_IVINSRTOFST_V((ofst))) |
|
|
|
#define FILL_SEC_CPL_CIPHERSTOP_HI(a_start, a_stop, c_start, c_stop_hi) \ |
|
htonl( \ |
|
CPL_TX_SEC_PDU_AADSTART_V((a_start)) | \ |
|
CPL_TX_SEC_PDU_AADSTOP_V((a_stop)) | \ |
|
CPL_TX_SEC_PDU_CIPHERSTART_V((c_start)) | \ |
|
CPL_TX_SEC_PDU_CIPHERSTOP_HI_V((c_stop_hi))) |
|
|
|
#define FILL_SEC_CPL_AUTHINSERT(c_stop_lo, a_start, a_stop, a_inst) \ |
|
htonl( \ |
|
CPL_TX_SEC_PDU_CIPHERSTOP_LO_V((c_stop_lo)) | \ |
|
CPL_TX_SEC_PDU_AUTHSTART_V((a_start)) | \ |
|
CPL_TX_SEC_PDU_AUTHSTOP_V((a_stop)) | \ |
|
CPL_TX_SEC_PDU_AUTHINSERT_V((a_inst))) |
|
|
|
#define FILL_SEC_CPL_SCMD0_SEQNO(ctrl, seq, cmode, amode, opad, size) \ |
|
htonl( \ |
|
SCMD_SEQ_NO_CTRL_V(0) | \ |
|
SCMD_STATUS_PRESENT_V(0) | \ |
|
SCMD_PROTO_VERSION_V(CHCR_SCMD_PROTO_VERSION_GENERIC) | \ |
|
SCMD_ENC_DEC_CTRL_V((ctrl)) | \ |
|
SCMD_CIPH_AUTH_SEQ_CTRL_V((seq)) | \ |
|
SCMD_CIPH_MODE_V((cmode)) | \ |
|
SCMD_AUTH_MODE_V((amode)) | \ |
|
SCMD_HMAC_CTRL_V((opad)) | \ |
|
SCMD_IV_SIZE_V((size)) | \ |
|
SCMD_NUM_IVS_V(0)) |
|
|
|
#define FILL_SEC_CPL_IVGEN_HDRLEN(last, more, ctx_in, mac, ivdrop, len) htonl( \ |
|
SCMD_ENB_DBGID_V(0) | \ |
|
SCMD_IV_GEN_CTRL_V(0) | \ |
|
SCMD_LAST_FRAG_V((last)) | \ |
|
SCMD_MORE_FRAGS_V((more)) | \ |
|
SCMD_TLS_COMPPDU_V(0) | \ |
|
SCMD_KEY_CTX_INLINE_V((ctx_in)) | \ |
|
SCMD_TLS_FRAG_ENABLE_V(0) | \ |
|
SCMD_MAC_ONLY_V((mac)) | \ |
|
SCMD_AADIVDROP_V((ivdrop)) | \ |
|
SCMD_HDR_LEN_V((len))) |
|
|
|
#define FILL_KEY_CTX_HDR(ck_size, mk_size, d_ck, opad, ctx_len) \ |
|
htonl(KEY_CONTEXT_VALID_V(1) | \ |
|
KEY_CONTEXT_CK_SIZE_V((ck_size)) | \ |
|
KEY_CONTEXT_MK_SIZE_V(mk_size) | \ |
|
KEY_CONTEXT_DUAL_CK_V((d_ck)) | \ |
|
KEY_CONTEXT_OPAD_PRESENT_V((opad)) | \ |
|
KEY_CONTEXT_SALT_PRESENT_V(1) | \ |
|
KEY_CONTEXT_CTX_LEN_V((ctx_len))) |
|
|
|
#define FILL_KEY_CRX_HDR(ck_size, mk_size, d_ck, opad, ctx_len) \ |
|
htonl(TLS_KEYCTX_RXMK_SIZE_V(mk_size) | \ |
|
TLS_KEYCTX_RXCK_SIZE_V(ck_size) | \ |
|
TLS_KEYCTX_RX_VALID_V(1) | \ |
|
TLS_KEYCTX_RX_SEQCTR_V(3) | \ |
|
TLS_KEYCTX_RXAUTH_MODE_V(4) | \ |
|
TLS_KEYCTX_RXCIPH_MODE_V(2) | \ |
|
TLS_KEYCTX_RXFLIT_CNT_V((ctx_len))) |
|
|
|
#define FILL_WR_OP_CCTX_SIZE \ |
|
htonl( \ |
|
FW_CRYPTO_LOOKASIDE_WR_OPCODE_V( \ |
|
FW_CRYPTO_LOOKASIDE_WR) | \ |
|
FW_CRYPTO_LOOKASIDE_WR_COMPL_V(0) | \ |
|
FW_CRYPTO_LOOKASIDE_WR_IMM_LEN_V((0)) | \ |
|
FW_CRYPTO_LOOKASIDE_WR_CCTX_LOC_V(0) | \ |
|
FW_CRYPTO_LOOKASIDE_WR_CCTX_SIZE_V(0)) |
|
|
|
#define FILL_WR_RX_Q_ID(cid, qid, lcb, fid) \ |
|
htonl( \ |
|
FW_CRYPTO_LOOKASIDE_WR_RX_CHID_V((cid)) | \ |
|
FW_CRYPTO_LOOKASIDE_WR_RX_Q_ID_V((qid)) | \ |
|
FW_CRYPTO_LOOKASIDE_WR_LCB_V((lcb)) | \ |
|
FW_CRYPTO_LOOKASIDE_WR_IV_V((IV_NOP)) | \ |
|
FW_CRYPTO_LOOKASIDE_WR_FQIDX_V(fid)) |
|
|
|
#define FILL_ULPTX_CMD_DEST(cid, qid) \ |
|
htonl(ULPTX_CMD_V(ULP_TX_PKT) | \ |
|
ULP_TXPKT_DEST_V(0) | \ |
|
ULP_TXPKT_DATAMODIFY_V(0) | \ |
|
ULP_TXPKT_CHANNELID_V((cid)) | \ |
|
ULP_TXPKT_RO_V(1) | \ |
|
ULP_TXPKT_FID_V(qid)) |
|
|
|
#define KEYCTX_ALIGN_PAD(bs) ({unsigned int _bs = (bs);\ |
|
_bs == SHA1_DIGEST_SIZE ? 12 : 0; }) |
|
|
|
#define FILL_PLD_SIZE_HASH_SIZE(payload_sgl_len, sgl_lengths, total_frags) \ |
|
htonl(FW_CRYPTO_LOOKASIDE_WR_PLD_SIZE_V(payload_sgl_len ? \ |
|
sgl_lengths[total_frags] : 0) |\ |
|
FW_CRYPTO_LOOKASIDE_WR_HASH_SIZE_V(0)) |
|
|
|
#define FILL_LEN_PKD(calc_tx_flits_ofld, skb) \ |
|
htonl(FW_CRYPTO_LOOKASIDE_WR_LEN16_V(DIV_ROUND_UP((\ |
|
calc_tx_flits_ofld(skb) * 8), 16))) |
|
|
|
#define FILL_CMD_MORE(immdatalen) htonl(ULPTX_CMD_V(ULP_TX_SC_IMM) |\ |
|
ULP_TX_SC_MORE_V((immdatalen))) |
|
#define MAX_NK 8 |
|
#define MAX_DSGL_ENT 32 |
|
#define MIN_AUTH_SG 1 /* IV */ |
|
#define MIN_GCM_SG 1 /* IV */ |
|
#define MIN_DIGEST_SG 1 /*Partial Buffer*/ |
|
#define MIN_CCM_SG 1 /*IV+B0*/ |
|
#define CIP_SPACE_LEFT(len) \ |
|
((SGE_MAX_WR_LEN - CIP_WR_MIN_LEN - (len))) |
|
#define HASH_SPACE_LEFT(len) \ |
|
((SGE_MAX_WR_LEN - HASH_WR_MIN_LEN - (len))) |
|
|
|
struct algo_param { |
|
unsigned int auth_mode; |
|
unsigned int mk_size; |
|
unsigned int result_size; |
|
}; |
|
|
|
struct hash_wr_param { |
|
struct algo_param alg_prm; |
|
unsigned int opad_needed; |
|
unsigned int more; |
|
unsigned int last; |
|
unsigned int kctx_len; |
|
unsigned int sg_len; |
|
unsigned int bfr_len; |
|
unsigned int hash_size; |
|
u64 scmd1; |
|
}; |
|
|
|
struct cipher_wr_param { |
|
struct skcipher_request *req; |
|
char *iv; |
|
int bytes; |
|
unsigned short qid; |
|
}; |
|
enum { |
|
AES_KEYLENGTH_128BIT = 128, |
|
AES_KEYLENGTH_192BIT = 192, |
|
AES_KEYLENGTH_256BIT = 256 |
|
}; |
|
|
|
enum { |
|
KEYLENGTH_3BYTES = 3, |
|
KEYLENGTH_4BYTES = 4, |
|
KEYLENGTH_6BYTES = 6, |
|
KEYLENGTH_8BYTES = 8 |
|
}; |
|
|
|
enum { |
|
NUMBER_OF_ROUNDS_10 = 10, |
|
NUMBER_OF_ROUNDS_12 = 12, |
|
NUMBER_OF_ROUNDS_14 = 14, |
|
}; |
|
|
|
/* |
|
* CCM defines values of 4, 6, 8, 10, 12, 14, and 16 octets, |
|
* where they indicate the size of the integrity check value (ICV) |
|
*/ |
|
enum { |
|
ICV_4 = 4, |
|
ICV_6 = 6, |
|
ICV_8 = 8, |
|
ICV_10 = 10, |
|
ICV_12 = 12, |
|
ICV_13 = 13, |
|
ICV_14 = 14, |
|
ICV_15 = 15, |
|
ICV_16 = 16 |
|
}; |
|
|
|
struct phys_sge_pairs { |
|
__be16 len[8]; |
|
__be64 addr[8]; |
|
}; |
|
|
|
|
|
static const u32 chcr_sha1_init[SHA1_DIGEST_SIZE / 4] = { |
|
SHA1_H0, SHA1_H1, SHA1_H2, SHA1_H3, SHA1_H4, |
|
}; |
|
|
|
static const u32 chcr_sha224_init[SHA256_DIGEST_SIZE / 4] = { |
|
SHA224_H0, SHA224_H1, SHA224_H2, SHA224_H3, |
|
SHA224_H4, SHA224_H5, SHA224_H6, SHA224_H7, |
|
}; |
|
|
|
static const u32 chcr_sha256_init[SHA256_DIGEST_SIZE / 4] = { |
|
SHA256_H0, SHA256_H1, SHA256_H2, SHA256_H3, |
|
SHA256_H4, SHA256_H5, SHA256_H6, SHA256_H7, |
|
}; |
|
|
|
static const u64 chcr_sha384_init[SHA512_DIGEST_SIZE / 8] = { |
|
SHA384_H0, SHA384_H1, SHA384_H2, SHA384_H3, |
|
SHA384_H4, SHA384_H5, SHA384_H6, SHA384_H7, |
|
}; |
|
|
|
static const u64 chcr_sha512_init[SHA512_DIGEST_SIZE / 8] = { |
|
SHA512_H0, SHA512_H1, SHA512_H2, SHA512_H3, |
|
SHA512_H4, SHA512_H5, SHA512_H6, SHA512_H7, |
|
}; |
|
|
|
static inline void copy_hash_init_values(char *key, int digestsize) |
|
{ |
|
u8 i; |
|
__be32 *dkey = (__be32 *)key; |
|
u64 *ldkey = (u64 *)key; |
|
__be64 *sha384 = (__be64 *)chcr_sha384_init; |
|
__be64 *sha512 = (__be64 *)chcr_sha512_init; |
|
|
|
switch (digestsize) { |
|
case SHA1_DIGEST_SIZE: |
|
for (i = 0; i < SHA1_INIT_STATE; i++) |
|
dkey[i] = cpu_to_be32(chcr_sha1_init[i]); |
|
break; |
|
case SHA224_DIGEST_SIZE: |
|
for (i = 0; i < SHA224_INIT_STATE; i++) |
|
dkey[i] = cpu_to_be32(chcr_sha224_init[i]); |
|
break; |
|
case SHA256_DIGEST_SIZE: |
|
for (i = 0; i < SHA256_INIT_STATE; i++) |
|
dkey[i] = cpu_to_be32(chcr_sha256_init[i]); |
|
break; |
|
case SHA384_DIGEST_SIZE: |
|
for (i = 0; i < SHA384_INIT_STATE; i++) |
|
ldkey[i] = be64_to_cpu(sha384[i]); |
|
break; |
|
case SHA512_DIGEST_SIZE: |
|
for (i = 0; i < SHA512_INIT_STATE; i++) |
|
ldkey[i] = be64_to_cpu(sha512[i]); |
|
break; |
|
} |
|
} |
|
|
|
/* Number of len fields(8) * size of one addr field */ |
|
#define PHYSDSGL_MAX_LEN_SIZE 16 |
|
|
|
static inline u16 get_space_for_phys_dsgl(unsigned int sgl_entr) |
|
{ |
|
/* len field size + addr field size */ |
|
return ((sgl_entr >> 3) + ((sgl_entr % 8) ? |
|
1 : 0)) * PHYSDSGL_MAX_LEN_SIZE + |
|
(sgl_entr << 3) + ((sgl_entr % 2 ? 1 : 0) << 3); |
|
} |
|
|
|
/* The AES s-transform matrix (s-box). */ |
|
static const u8 aes_sbox[256] = { |
|
99, 124, 119, 123, 242, 107, 111, 197, 48, 1, 103, 43, 254, 215, |
|
171, 118, 202, 130, 201, 125, 250, 89, 71, 240, 173, 212, 162, 175, |
|
156, 164, 114, 192, 183, 253, 147, 38, 54, 63, 247, 204, 52, 165, |
|
229, 241, 113, 216, 49, 21, 4, 199, 35, 195, 24, 150, 5, 154, 7, |
|
18, 128, 226, 235, 39, 178, 117, 9, 131, 44, 26, 27, 110, 90, |
|
160, 82, 59, 214, 179, 41, 227, 47, 132, 83, 209, 0, 237, 32, |
|
252, 177, 91, 106, 203, 190, 57, 74, 76, 88, 207, 208, 239, 170, |
|
251, 67, 77, 51, 133, 69, 249, 2, 127, 80, 60, 159, 168, 81, |
|
163, 64, 143, 146, 157, 56, 245, 188, 182, 218, 33, 16, 255, 243, |
|
210, 205, 12, 19, 236, 95, 151, 68, 23, 196, 167, 126, 61, 100, |
|
93, 25, 115, 96, 129, 79, 220, 34, 42, 144, 136, 70, 238, 184, |
|
20, 222, 94, 11, 219, 224, 50, 58, 10, 73, 6, 36, 92, 194, |
|
211, 172, 98, 145, 149, 228, 121, 231, 200, 55, 109, 141, 213, 78, |
|
169, 108, 86, 244, 234, 101, 122, 174, 8, 186, 120, 37, 46, 28, 166, |
|
180, 198, 232, 221, 116, 31, 75, 189, 139, 138, 112, 62, 181, 102, |
|
72, 3, 246, 14, 97, 53, 87, 185, 134, 193, 29, 158, 225, 248, |
|
152, 17, 105, 217, 142, 148, 155, 30, 135, 233, 206, 85, 40, 223, |
|
140, 161, 137, 13, 191, 230, 66, 104, 65, 153, 45, 15, 176, 84, |
|
187, 22 |
|
}; |
|
|
|
static inline u32 aes_ks_subword(const u32 w) |
|
{ |
|
u8 bytes[4]; |
|
|
|
*(u32 *)(&bytes[0]) = w; |
|
bytes[0] = aes_sbox[bytes[0]]; |
|
bytes[1] = aes_sbox[bytes[1]]; |
|
bytes[2] = aes_sbox[bytes[2]]; |
|
bytes[3] = aes_sbox[bytes[3]]; |
|
return *(u32 *)(&bytes[0]); |
|
} |
|
|
|
#endif /* __CHCR_ALGO_H__ */
|
|
|