Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
torvalds
GitHub Repository: torvalds/linux
 Path: blob/master/drivers/crypto/chelsio/chcr_algo.h
26282 views
1
/*

2
 * This file is part of the Chelsio T6 Crypto driver for Linux.

3
 *

4
 * Copyright (c) 2003-2016 Chelsio Communications, Inc. All rights reserved.

5
 *

6
 * This software is available to you under a choice of one of two

7
 * licenses.  You may choose to be licensed under the terms of the GNU

8
 * General Public License (GPL) Version 2, available from the file

9
 * COPYING in the main directory of this source tree, or the

10
 * OpenIB.org BSD license below:

11
 *

12
 *     Redistribution and use in source and binary forms, with or

13
 *     without modification, are permitted provided that the following

14
 *     conditions are met:

15
 *

16
 *      - Redistributions of source code must retain the above

17
 *        copyright notice, this list of conditions and the following

18
 *        disclaimer.

19
 *

20
 *      - Redistributions in binary form must reproduce the above

21
 *        copyright notice, this list of conditions and the following

22
 *        disclaimer in the documentation and/or other materials

23
 *        provided with the distribution.

24
 *

25
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,

26
 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF

27
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND

28
 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS

29
 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN

30
 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN

31
 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

32
 * SOFTWARE.

33
 *

34
 */

35


36
#ifndef __CHCR_ALGO_H__

37
#define __CHCR_ALGO_H__

38


39
/* Crypto key context */

40
#define KEY_CONTEXT_CTX_LEN_S           24

41
#define KEY_CONTEXT_CTX_LEN_M           0xff

42
#define KEY_CONTEXT_CTX_LEN_V(x)        ((x) << KEY_CONTEXT_CTX_LEN_S)

43
#define KEY_CONTEXT_CTX_LEN_G(x) \

44
	(((x) >> KEY_CONTEXT_CTX_LEN_S) & KEY_CONTEXT_CTX_LEN_M)

45


46
#define KEY_CONTEXT_DUAL_CK_S      12

47
#define KEY_CONTEXT_DUAL_CK_M      0x1

48
#define KEY_CONTEXT_DUAL_CK_V(x)   ((x) << KEY_CONTEXT_DUAL_CK_S)

49
#define KEY_CONTEXT_DUAL_CK_G(x)   \

50
(((x) >> KEY_CONTEXT_DUAL_CK_S) & KEY_CONTEXT_DUAL_CK_M)

51
#define KEY_CONTEXT_DUAL_CK_F      KEY_CONTEXT_DUAL_CK_V(1U)

52


53
#define KEY_CONTEXT_SALT_PRESENT_S      10

54
#define KEY_CONTEXT_SALT_PRESENT_M      0x1

55
#define KEY_CONTEXT_SALT_PRESENT_V(x)   ((x) << KEY_CONTEXT_SALT_PRESENT_S)

56
#define KEY_CONTEXT_SALT_PRESENT_G(x)   \

57
	(((x) >> KEY_CONTEXT_SALT_PRESENT_S) & \

58
	 KEY_CONTEXT_SALT_PRESENT_M)

59
#define KEY_CONTEXT_SALT_PRESENT_F      KEY_CONTEXT_SALT_PRESENT_V(1U)

60


61
#define KEY_CONTEXT_VALID_S     0

62
#define KEY_CONTEXT_VALID_M     0x1

63
#define KEY_CONTEXT_VALID_V(x)  ((x) << KEY_CONTEXT_VALID_S)

64
#define KEY_CONTEXT_VALID_G(x)  \

65
	(((x) >> KEY_CONTEXT_VALID_S) & \

66
	 KEY_CONTEXT_VALID_M)

67
#define KEY_CONTEXT_VALID_F     KEY_CONTEXT_VALID_V(1U)

68


69
#define KEY_CONTEXT_CK_SIZE_S           6

70
#define KEY_CONTEXT_CK_SIZE_M           0xf

71
#define KEY_CONTEXT_CK_SIZE_V(x)        ((x) << KEY_CONTEXT_CK_SIZE_S)

72
#define KEY_CONTEXT_CK_SIZE_G(x)        \

73
	(((x) >> KEY_CONTEXT_CK_SIZE_S) & KEY_CONTEXT_CK_SIZE_M)

74


75
#define KEY_CONTEXT_MK_SIZE_S           2

76
#define KEY_CONTEXT_MK_SIZE_M           0xf

77
#define KEY_CONTEXT_MK_SIZE_V(x)        ((x) << KEY_CONTEXT_MK_SIZE_S)

78
#define KEY_CONTEXT_MK_SIZE_G(x)        \

79
	(((x) >> KEY_CONTEXT_MK_SIZE_S) & KEY_CONTEXT_MK_SIZE_M)

80


81
#define KEY_CONTEXT_OPAD_PRESENT_S      11

82
#define KEY_CONTEXT_OPAD_PRESENT_M      0x1

83
#define KEY_CONTEXT_OPAD_PRESENT_V(x)   ((x) << KEY_CONTEXT_OPAD_PRESENT_S)

84
#define KEY_CONTEXT_OPAD_PRESENT_G(x)   \

85
	(((x) >> KEY_CONTEXT_OPAD_PRESENT_S) & \

86
	 KEY_CONTEXT_OPAD_PRESENT_M)

87
#define KEY_CONTEXT_OPAD_PRESENT_F      KEY_CONTEXT_OPAD_PRESENT_V(1U)

88


89
#define CHCR_HASH_MAX_DIGEST_SIZE 64

90
#define CHCR_MAX_SHA_DIGEST_SIZE 64

91


92
#define IPSEC_TRUNCATED_ICV_SIZE 12

93
#define TLS_TRUNCATED_HMAC_SIZE 10

94
#define CBCMAC_DIGEST_SIZE 16

95
#define MAX_HASH_NAME 20

96


97
#define SHA1_INIT_STATE_5X4B    5

98
#define SHA256_INIT_STATE_8X4B  8

99
#define SHA512_INIT_STATE_8X8B  8

100
#define SHA1_INIT_STATE         SHA1_INIT_STATE_5X4B

101
#define SHA224_INIT_STATE       SHA256_INIT_STATE_8X4B

102
#define SHA256_INIT_STATE       SHA256_INIT_STATE_8X4B

103
#define SHA384_INIT_STATE       SHA512_INIT_STATE_8X8B

104
#define SHA512_INIT_STATE       SHA512_INIT_STATE_8X8B

105


106
#define DUMMY_BYTES 16

107


108
#define IPAD_DATA 0x36363636

109
#define OPAD_DATA 0x5c5c5c5c

110


111
#define TRANSHDR_SIZE(kctx_len)\

112
	(sizeof(struct chcr_wr) +\

113
	 kctx_len)

114
#define CIPHER_TRANSHDR_SIZE(kctx_len, sge_pairs) \

115
	(TRANSHDR_SIZE((kctx_len)) + (sge_pairs) +\

116
	 sizeof(struct cpl_rx_phys_dsgl) + AES_BLOCK_SIZE)

117
#define HASH_TRANSHDR_SIZE(kctx_len)\

118
	(TRANSHDR_SIZE(kctx_len) + DUMMY_BYTES)

119


120


121
#define FILL_SEC_CPL_OP_IVINSR(id, len, ofst)      \

122
	htonl( \

123
	       CPL_TX_SEC_PDU_OPCODE_V(CPL_TX_SEC_PDU) | \

124
	       CPL_TX_SEC_PDU_RXCHID_V((id)) | \

125
	       CPL_TX_SEC_PDU_ACKFOLLOWS_V(0) | \

126
	       CPL_TX_SEC_PDU_ULPTXLPBK_V(1) | \

127
	       CPL_TX_SEC_PDU_CPLLEN_V((len)) | \

128
	       CPL_TX_SEC_PDU_PLACEHOLDER_V(0) | \

129
	       CPL_TX_SEC_PDU_IVINSRTOFST_V((ofst)))

130


131
#define  FILL_SEC_CPL_CIPHERSTOP_HI(a_start, a_stop, c_start, c_stop_hi) \

132
	htonl( \

133
	       CPL_TX_SEC_PDU_AADSTART_V((a_start)) | \

134
	       CPL_TX_SEC_PDU_AADSTOP_V((a_stop)) | \

135
	       CPL_TX_SEC_PDU_CIPHERSTART_V((c_start)) | \

136
	       CPL_TX_SEC_PDU_CIPHERSTOP_HI_V((c_stop_hi)))

137


138
#define  FILL_SEC_CPL_AUTHINSERT(c_stop_lo, a_start, a_stop, a_inst) \

139
	htonl( \

140
	       CPL_TX_SEC_PDU_CIPHERSTOP_LO_V((c_stop_lo)) | \

141
		CPL_TX_SEC_PDU_AUTHSTART_V((a_start)) | \

142
		CPL_TX_SEC_PDU_AUTHSTOP_V((a_stop)) | \

143
		CPL_TX_SEC_PDU_AUTHINSERT_V((a_inst)))

144


145
#define  FILL_SEC_CPL_SCMD0_SEQNO(ctrl, seq, cmode, amode, opad, size)  \

146
		htonl( \

147
		SCMD_SEQ_NO_CTRL_V(0) | \

148
		SCMD_STATUS_PRESENT_V(0) | \

149
		SCMD_PROTO_VERSION_V(CHCR_SCMD_PROTO_VERSION_GENERIC) | \

150
		SCMD_ENC_DEC_CTRL_V((ctrl)) | \

151
		SCMD_CIPH_AUTH_SEQ_CTRL_V((seq)) | \

152
		SCMD_CIPH_MODE_V((cmode)) | \

153
		SCMD_AUTH_MODE_V((amode)) | \

154
		SCMD_HMAC_CTRL_V((opad)) | \

155
		SCMD_IV_SIZE_V((size)) | \

156
		SCMD_NUM_IVS_V(0))

157


158
#define FILL_SEC_CPL_IVGEN_HDRLEN(last, more, ctx_in, mac, ivdrop, len) htonl( \

159
		SCMD_ENB_DBGID_V(0) | \

160
		SCMD_IV_GEN_CTRL_V(0) | \

161
		SCMD_LAST_FRAG_V((last)) | \

162
		SCMD_MORE_FRAGS_V((more)) | \

163
		SCMD_TLS_COMPPDU_V(0) | \

164
		SCMD_KEY_CTX_INLINE_V((ctx_in)) | \

165
		SCMD_TLS_FRAG_ENABLE_V(0) | \

166
		SCMD_MAC_ONLY_V((mac)) |  \

167
		SCMD_AADIVDROP_V((ivdrop)) | \

168
		SCMD_HDR_LEN_V((len)))

169


170
#define  FILL_KEY_CTX_HDR(ck_size, mk_size, d_ck, opad, ctx_len) \

171
		htonl(KEY_CONTEXT_VALID_V(1) | \

172
		      KEY_CONTEXT_CK_SIZE_V((ck_size)) | \

173
		      KEY_CONTEXT_MK_SIZE_V(mk_size) | \

174
		      KEY_CONTEXT_DUAL_CK_V((d_ck)) | \

175
		      KEY_CONTEXT_OPAD_PRESENT_V((opad)) | \

176
		      KEY_CONTEXT_SALT_PRESENT_V(1) | \

177
		      KEY_CONTEXT_CTX_LEN_V((ctx_len)))

178


179
#define  FILL_KEY_CRX_HDR(ck_size, mk_size, d_ck, opad, ctx_len) \

180
		htonl(TLS_KEYCTX_RXMK_SIZE_V(mk_size) | \

181
		      TLS_KEYCTX_RXCK_SIZE_V(ck_size) | \

182
		      TLS_KEYCTX_RX_VALID_V(1) | \

183
		      TLS_KEYCTX_RX_SEQCTR_V(3) | \

184
		      TLS_KEYCTX_RXAUTH_MODE_V(4) | \

185
		      TLS_KEYCTX_RXCIPH_MODE_V(2) | \

186
		      TLS_KEYCTX_RXFLIT_CNT_V((ctx_len)))

187


188
#define FILL_WR_OP_CCTX_SIZE \

189
		htonl( \

190
			FW_CRYPTO_LOOKASIDE_WR_OPCODE_V( \

191
			FW_CRYPTO_LOOKASIDE_WR) | \

192
			FW_CRYPTO_LOOKASIDE_WR_COMPL_V(0) | \

193
			FW_CRYPTO_LOOKASIDE_WR_IMM_LEN_V((0)) | \

194
			FW_CRYPTO_LOOKASIDE_WR_CCTX_LOC_V(0) | \

195
			FW_CRYPTO_LOOKASIDE_WR_CCTX_SIZE_V(0))

196


197
#define FILL_WR_RX_Q_ID(cid, qid, lcb, fid) \

198
		htonl( \

199
			FW_CRYPTO_LOOKASIDE_WR_RX_CHID_V((cid)) | \

200
			FW_CRYPTO_LOOKASIDE_WR_RX_Q_ID_V((qid)) | \

201
			FW_CRYPTO_LOOKASIDE_WR_LCB_V((lcb)) | \

202
			FW_CRYPTO_LOOKASIDE_WR_IV_V((IV_NOP)) | \

203
			FW_CRYPTO_LOOKASIDE_WR_FQIDX_V(fid))

204


205
#define FILL_ULPTX_CMD_DEST(cid, qid) \

206
	htonl(ULPTX_CMD_V(ULP_TX_PKT) | \

207
	      ULP_TXPKT_DEST_V(0) | \

208
	      ULP_TXPKT_DATAMODIFY_V(0) | \

209
	      ULP_TXPKT_CHANNELID_V((cid)) | \

210
	      ULP_TXPKT_RO_V(1) | \

211
	      ULP_TXPKT_FID_V(qid))

212


213
#define KEYCTX_ALIGN_PAD(bs) ({unsigned int _bs = (bs);\

214
			      _bs == SHA1_DIGEST_SIZE ? 12 : 0; })

215


216
#define FILL_PLD_SIZE_HASH_SIZE(payload_sgl_len, sgl_lengths, total_frags) \

217
	htonl(FW_CRYPTO_LOOKASIDE_WR_PLD_SIZE_V(payload_sgl_len ? \

218
						sgl_lengths[total_frags] : 0) |\

219
	      FW_CRYPTO_LOOKASIDE_WR_HASH_SIZE_V(0))

220


221
#define FILL_LEN_PKD(calc_tx_flits_ofld, skb) \

222
	htonl(FW_CRYPTO_LOOKASIDE_WR_LEN16_V(DIV_ROUND_UP((\

223
					   calc_tx_flits_ofld(skb) * 8), 16)))

224


225
#define FILL_CMD_MORE(immdatalen) htonl(ULPTX_CMD_V(ULP_TX_SC_IMM) |\

226
					ULP_TX_SC_MORE_V((immdatalen)))

227
#define MAX_NK 8

228
#define MAX_DSGL_ENT			32

229
#define MIN_AUTH_SG			1 /* IV */

230
#define MIN_GCM_SG			1 /* IV */

231
#define MIN_DIGEST_SG			1 /*Partial Buffer*/

232
#define MIN_CCM_SG			1 /*IV+B0*/

233
#define CIP_SPACE_LEFT(len) \

234
	((SGE_MAX_WR_LEN - CIP_WR_MIN_LEN - (len)))

235
#define HASH_SPACE_LEFT(len) \

236
	((SGE_MAX_WR_LEN - HASH_WR_MIN_LEN - (len)))

237


238
struct algo_param {

239
	unsigned int auth_mode;

240
	unsigned int mk_size;

241
	unsigned int result_size;

242
};

243


244
struct hash_wr_param {

245
	struct algo_param alg_prm;

246
	unsigned int opad_needed;

247
	unsigned int more;

248
	unsigned int last;

249
	unsigned int kctx_len;

250
	unsigned int sg_len;

251
	unsigned int bfr_len;

252
	unsigned int hash_size;

253
	u64 scmd1;

254
};

255


256
struct cipher_wr_param {

257
	struct skcipher_request *req;

258
	char *iv;

259
	int bytes;

260
	unsigned short qid;

261
};

262
enum {

263
	AES_KEYLENGTH_128BIT = 128,

264
	AES_KEYLENGTH_192BIT = 192,

265
	AES_KEYLENGTH_256BIT = 256

266
};

267


268
enum {

269
	KEYLENGTH_3BYTES = 3,

270
	KEYLENGTH_4BYTES = 4,

271
	KEYLENGTH_6BYTES = 6,

272
	KEYLENGTH_8BYTES = 8

273
};

274


275
enum {

276
	NUMBER_OF_ROUNDS_10 = 10,

277
	NUMBER_OF_ROUNDS_12 = 12,

278
	NUMBER_OF_ROUNDS_14 = 14,

279
};

280


281
/*

282
 * CCM defines values of 4, 6, 8, 10, 12, 14, and 16 octets,

283
 * where they indicate the size of the integrity check value (ICV)

284
 */

285
enum {

286
	ICV_4  = 4,

287
	ICV_6  = 6,

288
	ICV_8  = 8,

289
	ICV_10 = 10,

290
	ICV_12 = 12,

291
	ICV_13 = 13,

292
	ICV_14 = 14,

293
	ICV_15 = 15,

294
	ICV_16 = 16

295
};

296


297
struct phys_sge_pairs {

298
	__be16 len[8];

299
	__be64 addr[8];

300
};

301


302


303
static const u32 chcr_sha1_init[SHA1_DIGEST_SIZE / 4] = {

304
		SHA1_H0, SHA1_H1, SHA1_H2, SHA1_H3, SHA1_H4,

305
};

306


307
static const u32 chcr_sha224_init[SHA256_DIGEST_SIZE / 4] = {

308
		SHA224_H0, SHA224_H1, SHA224_H2, SHA224_H3,

309
		SHA224_H4, SHA224_H5, SHA224_H6, SHA224_H7,

310
};

311


312
static const u32 chcr_sha256_init[SHA256_DIGEST_SIZE / 4] = {

313
		SHA256_H0, SHA256_H1, SHA256_H2, SHA256_H3,

314
		SHA256_H4, SHA256_H5, SHA256_H6, SHA256_H7,

315
};

316


317
static const u64 chcr_sha384_init[SHA512_DIGEST_SIZE / 8] = {

318
		SHA384_H0, SHA384_H1, SHA384_H2, SHA384_H3,

319
		SHA384_H4, SHA384_H5, SHA384_H6, SHA384_H7,

320
};

321


322
static const u64 chcr_sha512_init[SHA512_DIGEST_SIZE / 8] = {

323
		SHA512_H0, SHA512_H1, SHA512_H2, SHA512_H3,

324
		SHA512_H4, SHA512_H5, SHA512_H6, SHA512_H7,

325
};

326


327
static inline void copy_hash_init_values(char *key, int digestsize)

328
{

329
	u8 i;

330
	__be32 *dkey = (__be32 *)key;

331
	u64 *ldkey = (u64 *)key;

332
	__be64 *sha384 = (__be64 *)chcr_sha384_init;

333
	__be64 *sha512 = (__be64 *)chcr_sha512_init;

334


335
	switch (digestsize) {

336
	case SHA1_DIGEST_SIZE:

337
		for (i = 0; i < SHA1_INIT_STATE; i++)

338
			dkey[i] = cpu_to_be32(chcr_sha1_init[i]);

339
		break;

340
	case SHA224_DIGEST_SIZE:

341
		for (i = 0; i < SHA224_INIT_STATE; i++)

342
			dkey[i] = cpu_to_be32(chcr_sha224_init[i]);

343
		break;

344
	case SHA256_DIGEST_SIZE:

345
		for (i = 0; i < SHA256_INIT_STATE; i++)

346
			dkey[i] = cpu_to_be32(chcr_sha256_init[i]);

347
		break;

348
	case SHA384_DIGEST_SIZE:

349
		for (i = 0; i < SHA384_INIT_STATE; i++)

350
			ldkey[i] = be64_to_cpu(sha384[i]);

351
		break;

352
	case SHA512_DIGEST_SIZE:

353
		for (i = 0; i < SHA512_INIT_STATE; i++)

354
			ldkey[i] = be64_to_cpu(sha512[i]);

355
		break;

356
	}

357
}

358


359
/* Number of len fields(8) * size of one addr field */

360
#define PHYSDSGL_MAX_LEN_SIZE 16

361


362
static inline u16 get_space_for_phys_dsgl(unsigned int sgl_entr)

363
{

364
	/* len field size + addr field size */

365
	return ((sgl_entr >> 3) + ((sgl_entr % 8) ?

366
				   1 : 0)) * PHYSDSGL_MAX_LEN_SIZE +

367
		(sgl_entr << 3) + ((sgl_entr % 2 ? 1 : 0) << 3);

368
}

369


370
/* The AES s-transform matrix (s-box). */

371
static const u8 aes_sbox[256] = {

372
	99,  124, 119, 123, 242, 107, 111, 197, 48,  1,   103, 43,  254, 215,

373
	171, 118, 202, 130, 201, 125, 250, 89,  71,  240, 173, 212, 162, 175,

374
	156, 164, 114, 192, 183, 253, 147, 38,  54,  63,  247, 204, 52,  165,

375
	229, 241, 113, 216, 49,  21, 4,   199, 35,  195, 24,  150, 5, 154, 7,

376
	18,  128, 226, 235, 39,  178, 117, 9,   131, 44,  26,  27,  110, 90,

377
	160, 82,  59,  214, 179, 41,  227, 47,  132, 83,  209, 0,   237, 32,

378
	252, 177, 91,  106, 203, 190, 57,  74,  76,  88,  207, 208, 239, 170,

379
	251, 67,  77,  51,  133, 69,  249, 2,   127, 80,  60,  159, 168, 81,

380
	163, 64,  143, 146, 157, 56,  245, 188, 182, 218, 33,  16,  255, 243,

381
	210, 205, 12,  19,  236, 95,  151, 68,  23,  196, 167, 126, 61,  100,

382
	93,  25,  115, 96,  129, 79,  220, 34,  42,  144, 136, 70,  238, 184,

383
	20,  222, 94,  11,  219, 224, 50,  58,  10,  73,  6,   36,  92,  194,

384
	211, 172, 98,  145, 149, 228, 121, 231, 200, 55,  109, 141, 213, 78,

385
	169, 108, 86,  244, 234, 101, 122, 174, 8, 186, 120, 37,  46,  28, 166,

386
	180, 198, 232, 221, 116, 31,  75,  189, 139, 138, 112, 62,  181, 102,

387
	72,  3,   246, 14,  97,  53,  87,  185, 134, 193, 29,  158, 225, 248,

388
	152, 17,  105, 217, 142, 148, 155, 30,  135, 233, 206, 85,  40,  223,

389
	140, 161, 137, 13,  191, 230, 66,  104, 65,  153, 45,  15,  176, 84,

390
	187, 22

391
};

392


393
static inline u32 aes_ks_subword(const u32 w)

394
{

395
	u8 bytes[4];

396


397
	*(u32 *)(&bytes[0]) = w;

398
	bytes[0] = aes_sbox[bytes[0]];

399
	bytes[1] = aes_sbox[bytes[1]];

400
	bytes[2] = aes_sbox[bytes[2]];

401
	bytes[3] = aes_sbox[bytes[3]];

402
	return *(u32 *)(&bytes[0]);

403
}

404


405
#endif /* __CHCR_ALGO_H__ */

406


407