1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3 * Copyright 2018-2021 NXP
4 *
5 * Brief Asymmetric Cipher interface calling the HW crypto driver.
6 */
7 #ifndef __DRVCRYPT_ACIPHER_H__
8 #define __DRVCRYPT_ACIPHER_H__
9
10 #include <crypto/crypto.h>
11 #include <tee_api_types.h>
12
13 /*
14 * Assymetric Cipher RSA Algorithm enumerate
15 */
16 enum drvcrypt_rsa_id {
17 DRVCRYPT_RSA_NOPAD = 0, /* RSA Algo mode NO PAD */
18 DRVCRYPT_RSA_OAEP, /* RSA Algo mode OAEP */
19 DRVCRYPT_RSA_PKCS_V1_5, /* RSA Algo mode PKCSv1.5 */
20 DRVCRYPT_RSASSA_PKCS_V1_5, /* RSA Signature Algo mode PKCSv1.5 */
21 DRVCRYPT_RSASSA_PSS, /* RSA Signature Algo mode PSS */
22 };
23
24 /*
25 * RSA Key object
26 */
27 struct drvcrypt_rsakey {
28 void *key; /* Public or Private key */
29 size_t n_size; /* Size in bytes of the Modulus N */
30 bool isprivate; /* True if private key */
31 };
32
33 /*
34 * RSA Mask Generation data
35 */
36 struct drvcrypt_rsa_mgf {
37 uint32_t hash_algo; /* HASH Algorithm */
38 size_t digest_size; /* Hash Digest Size */
39 struct drvcrypt_buf seed; /* Seed to generate mask */
40 struct drvcrypt_buf mask; /* Mask generated */
41 };
42
43 /*
44 * RSA Encoded Signature data
45 */
46 struct drvcrypt_rsa_ssa {
47 uint32_t algo; /* Operation algorithm */
48 uint32_t hash_algo; /* HASH Algorithm */
49 size_t digest_size; /* Hash Digest Size */
50 struct drvcrypt_rsakey key; /* Public or Private Key */
51 struct drvcrypt_buf message; /* Message to sign or signed */
52 struct drvcrypt_buf signature; /* Signature of the message */
53 size_t salt_len; /* Signature Salt length */
54
55 /* RSA Mask Generation function */
56 TEE_Result (*mgf)(struct drvcrypt_rsa_mgf *mgf_data);
57 };
58
59 /*
60 * RSA Encrypt/Decrypt data
61 */
62 struct drvcrypt_rsa_ed {
63 uint32_t algo; /* Operation algorithm */
64 enum drvcrypt_rsa_id rsa_id; /* RSA Algorithm Id */
65 uint32_t hash_algo; /* HASH Algorithm */
66 size_t digest_size; /* Hash Digest Size */
67 struct drvcrypt_rsakey key; /* Public or Private key */
68 struct drvcrypt_buf message; /* Message to encrypt or decrypted */
69 struct drvcrypt_buf cipher; /* Cipher encrypted or to decrypt */
70 struct drvcrypt_buf label; /* Additional Label (RSAES) */
71
72 /* RSA Mask Generation function */
73 TEE_Result (*mgf)(struct drvcrypt_rsa_mgf *mgf_data);
74 };
75
76 /*
77 * Crypto Library RSA driver operations
78 */
79 struct drvcrypt_rsa {
80 /* Allocates the RSA keypair */
81 TEE_Result (*alloc_keypair)(struct rsa_keypair *key, size_t size_bits);
82 /* Allocates the RSA public key */
83 TEE_Result (*alloc_publickey)(struct rsa_public_key *key,
84 size_t size_bits);
85 /* Free RSA public key */
86 void (*free_publickey)(struct rsa_public_key *key);
87 /* Free RSA keypair */
88 void (*free_keypair)(struct rsa_keypair *key);
89 /* Generates the RSA keypair */
90 TEE_Result (*gen_keypair)(struct rsa_keypair *key, size_t size_bits);
91
92 /* RSA Encryption */
93 TEE_Result (*encrypt)(struct drvcrypt_rsa_ed *rsa_data);
94 /* RSA Decryption */
95 TEE_Result (*decrypt)(struct drvcrypt_rsa_ed *rsa_data);
96
97 struct {
98 /* RSA Sign a message and encode the signature */
99 TEE_Result (*ssa_sign)(struct drvcrypt_rsa_ssa *ssa_data);
100 /* RSA Encoded Signature Verification */
101 TEE_Result (*ssa_verify)(struct drvcrypt_rsa_ssa *ssa_data);
102 } optional;
103 };
104
105 /*
106 * Register a RSA processing driver in the crypto API
107 *
108 * @ops - Driver operations in the HW layer
109 */
drvcrypt_register_rsa(const struct drvcrypt_rsa * ops)110 static inline TEE_Result drvcrypt_register_rsa(const struct drvcrypt_rsa *ops)
111 {
112 return drvcrypt_register(CRYPTO_RSA, (void *)ops);
113 }
114
115 /*
116 * Signature data
117 */
118 struct drvcrypt_sign_data {
119 uint32_t algo; /* Operation algorithm */
120 void *key; /* Public or Private Key */
121 size_t size_sec; /* Security size in bytes */
122 struct drvcrypt_buf message; /* Message to sign or signed */
123 struct drvcrypt_buf signature; /* Signature of the message */
124 };
125
126 /*
127 * Shared Secret data
128 */
129 struct drvcrypt_secret_data {
130 void *key_priv; /* Private Key */
131 void *key_pub; /* Public Key */
132 size_t size_sec; /* Security size in bytes */
133 struct drvcrypt_buf secret; /* Shared secret */
134 };
135
136 /*
137 * Crypto ECC driver operations
138 */
139 struct drvcrypt_ecc {
140 /* Allocates the ECC keypair */
141 TEE_Result (*alloc_keypair)(struct ecc_keypair *key, size_t size_bits);
142 /* Allocates the ECC public key */
143 TEE_Result (*alloc_publickey)(struct ecc_public_key *key,
144 size_t size_bits);
145 /* Free ECC public key */
146 void (*free_publickey)(struct ecc_public_key *key);
147 /* Generates the ECC keypair */
148 TEE_Result (*gen_keypair)(struct ecc_keypair *key, size_t size_bytes);
149 /* ECC Sign a message and returns the signature */
150 TEE_Result (*sign)(struct drvcrypt_sign_data *sdata);
151 /* ECC Verify a message's signature */
152 TEE_Result (*verify)(struct drvcrypt_sign_data *sdata);
153 /* ECC Shared Secret */
154 TEE_Result (*shared_secret)(struct drvcrypt_secret_data *sdata);
155 };
156
157 /*
158 * Register an ECC processing driver in the crypto API
159 *
160 * @ops - Driver operations in the HW layer
161 */
drvcrypt_register_ecc(struct drvcrypt_ecc * ops)162 static inline TEE_Result drvcrypt_register_ecc(struct drvcrypt_ecc *ops)
163 {
164 return drvcrypt_register(CRYPTO_ECC, (void *)ops);
165 }
166
167 /*
168 * Crypto Library DH driver operations
169 */
170 struct drvcrypt_dh {
171 /* Allocates the DH keypair */
172 TEE_Result (*alloc_keypair)(struct dh_keypair *key, size_t size_bits);
173 /* Generates the DH keypair */
174 TEE_Result (*gen_keypair)(struct dh_keypair *key, struct bignum *q,
175 size_t size_bits);
176 /* DH Shared Secret */
177 TEE_Result (*shared_secret)(struct drvcrypt_secret_data *sdata);
178 };
179
180 /*
181 * Register a DH processing driver in the crypto API
182 *
183 * @ops - Driver operations in the HW layer
184 */
drvcrypt_register_dh(struct drvcrypt_dh * ops)185 static inline TEE_Result drvcrypt_register_dh(struct drvcrypt_dh *ops)
186 {
187 return drvcrypt_register(CRYPTO_DH, (void *)ops);
188 }
189
190 /*
191 * Crypto Library DSA driver operations
192 */
193 struct drvcrypt_dsa {
194 /* Allocates the DSA keypair */
195 TEE_Result (*alloc_keypair)(struct dsa_keypair *key, size_t l_bits,
196 size_t n_bits);
197 /* Allocates the DSA public key */
198 TEE_Result (*alloc_publickey)(struct dsa_public_key *key, size_t l_bits,
199 size_t n_bits);
200 /* Generates the DSA keypair */
201 TEE_Result (*gen_keypair)(struct dsa_keypair *key, size_t l_bits,
202 size_t n_bits);
203 /* DSA Sign a message and returns the signature */
204 TEE_Result (*sign)(struct drvcrypt_sign_data *sdata, size_t l_bytes,
205 size_t n_bytes);
206 /* DSA Verify a message's signature */
207 TEE_Result (*verify)(struct drvcrypt_sign_data *sdata, size_t l_bytes,
208 size_t n_bytes);
209 };
210
211 /*
212 * Register a DSA processing driver in the crypto API
213 *
214 * @ops - Driver operations in the HW layer
215 */
drvcrypt_register_dsa(struct drvcrypt_dsa * ops)216 static inline TEE_Result drvcrypt_register_dsa(struct drvcrypt_dsa *ops)
217 {
218 return drvcrypt_register(CRYPTO_DSA, (void *)ops);
219 }
220
221 #endif /* __DRVCRYPT_ACIPHER_H__ */
222