1 /* SPDX-License-Identifier: GPL-2.0+ */
2 /*
3 * Copyright (c) 2011 The Chromium OS Authors.
4 * (C) Copyright 2010 - 2011 NVIDIA Corporation <www.nvidia.com>
5 */
6
7 #ifndef _AES_REF_H_
8 #define _AES_REF_H_
9
10 #include <errno.h>
11
12 #ifdef USE_HOSTCC
13 /* Define compat stuff for use in fw_* tools. */
14 typedef unsigned char u8;
15 typedef unsigned int u32;
16 #define debug(...) do {} while (0)
17 #endif
18
19 /*
20 * AES encryption library, with small code size, supporting only 128-bit AES
21 *
22 * AES is a stream cipher which works a block at a time, with each block
23 * in this case being AES_BLOCK_LENGTH bytes.
24 */
25
26 enum {
27 AES_STATECOLS = 4, /* columns in the state & expanded key */
28 AES128_KEYCOLS = 4, /* columns in a key for aes128 */
29 AES192_KEYCOLS = 6, /* columns in a key for aes128 */
30 AES256_KEYCOLS = 8, /* columns in a key for aes128 */
31 AES128_ROUNDS = 10, /* rounds in encryption for aes128 */
32 AES192_ROUNDS = 12, /* rounds in encryption for aes192 */
33 AES256_ROUNDS = 14, /* rounds in encryption for aes256 */
34 AES128_KEY_LENGTH = 128 / 8,
35 AES192_KEY_LENGTH = 192 / 8,
36 AES256_KEY_LENGTH = 256 / 8,
37 AES128_EXPAND_KEY_LENGTH = 4 * AES_STATECOLS * (AES128_ROUNDS + 1),
38 AES192_EXPAND_KEY_LENGTH = 4 * AES_STATECOLS * (AES192_ROUNDS + 1),
39 AES256_EXPAND_KEY_LENGTH = 4 * AES_STATECOLS * (AES256_ROUNDS + 1),
40 AES_BLOCK_LENGTH = 128 / 8,
41 };
42
43 /**
44 * aes_expand_key() - Expand the AES key
45 *
46 * Expand a key into a key schedule, which is then used for the other
47 * operations.
48 *
49 * @key Key
50 * @key_size Size of the key (in bits)
51 * @expkey Buffer to place expanded key, AES_EXPAND_KEY_LENGTH
52 */
53 void aes_expand_key(u8 *key, u32 key_size, u8 *expkey);
54
55 /**
56 * aes_encrypt() - Encrypt single block of data with AES 128
57 *
58 * @key_size Size of the aes key (in bits)
59 * @in Input data
60 * @expkey Expanded key to use for encryption (from aes_expand_key())
61 * @out Output data
62 */
63 void aes_encrypt(u32 key_size, u8 *in, u8 *expkey, u8 *out);
64
65 /**
66 * aes_decrypt() - Decrypt single block of data with AES 128
67 *
68 * @key_size Size of the aes key (in bits)
69 * @in Input data
70 * @expkey Expanded key to use for decryption (from aes_expand_key())
71 * @out Output data
72 */
73 void aes_decrypt(u32 key_size, u8 *in, u8 *expkey, u8 *out);
74
75 /**
76 * Apply chain data to the destination using EOR
77 *
78 * Each array is of length AES_BLOCK_LENGTH.
79 *
80 * @cbc_chain_data Chain data
81 * @src Source data
82 * @dst Destination data, which is modified here
83 */
84 void aes_apply_cbc_chain_data(u8 *cbc_chain_data, u8 *src, u8 *dst);
85
86 /**
87 * aes_cbc_encrypt_blocks() - Encrypt multiple blocks of data with AES CBC.
88 *
89 * @key_size Size of the aes key (in bits)
90 * @key_exp Expanded key to use
91 * @iv Initialization vector
92 * @src Source data to encrypt
93 * @dst Destination buffer
94 * @num_aes_blocks Number of AES blocks to encrypt
95 */
96 void aes_cbc_encrypt_blocks(u32 key_size, u8 *key_exp, u8 *iv, u8 *src, u8 *dst,
97 u32 num_aes_blocks);
98
99 /**
100 * Decrypt multiple blocks of data with AES CBC.
101 *
102 * @key_size Size of the aes key (in bits)
103 * @key_exp Expanded key to use
104 * @iv Initialization vector
105 * @src Source data to decrypt
106 * @dst Destination buffer
107 * @num_aes_blocks Number of AES blocks to decrypt
108 */
109 void aes_cbc_decrypt_blocks(u32 key_size, u8 *key_exp, u8 *iv, u8 *src, u8 *dst,
110 u32 num_aes_blocks);
111
112 /* An AES block filled with zeros */
113 static const u8 AES_ZERO_BLOCK[AES_BLOCK_LENGTH] = { 0 };
114 struct udevice;
115
116 /**
117 * struct struct aes_ops - Driver model for AES related operations
118 *
119 * The uclass interface is implemented by AES crypto devices which use driver model.
120 *
121 * Some AES crypto devices use key slots to store the key for the encrypt/decrypt
122 * operations, while others may simply pass the key on each operation.
123 *
124 * In case the device does not implement hardware slots, driver can emulate or simply
125 * store one active key slot at 0 in the driver state and pass it on each underlying
126 * hw calls for AES operations.
127 *
128 * Note that some devices like Tegra AES engine may contain preloaded keys by bootrom,
129 * thus in those cases the set_key_for_key_slot() may be skipped.
130 *
131 * Sequence for a series of AES CBC encryption, one decryption and a CMAC hash example
132 * with 128bits key at slot 0 would be as follow:
133 *
134 * set_key_for_key_slot(DEV, 128, KEY, 0);
135 * select_key_slot(DEV, 128, 0);
136 * aes_cbc_encrypt(DEV, IV1, SRC1, DST1, LEN1);
137 * aes_cbc_encrypt(DEV, IV2, SRC2, DST2, LEN2);
138 * aes_cbc_decrypt(DEV, IV3, SRC3, DST3, LEN3);
139 */
140 struct aes_ops {
141 /**
142 * available_key_slots() - How many key slots this AES device has
143 *
144 * @dev The AES udevice
145 * @return Available slots to use, 0 for none
146 */
147 int (*available_key_slots)(struct udevice *dev);
148
149 /**
150 * select_key_slot() - Selects the AES key slot to use for following operations
151 *
152 * @dev The AES udevice
153 * @key_size Size of the aes key (in bits)
154 * @slot The key slot to set as selected
155 * @return 0 on success, negative value on failure
156 */
157 int (*select_key_slot)(struct udevice *dev, u32 key_size, u8 slot);
158
159 /**
160 * set_key_for_key_slot() - Sets the AES key to use for specified key slot
161 *
162 * @dev The AES udevice
163 * @key_size Size of the aes key (in bits)
164 * @key An AES key to set
165 * @slot The slot to load the key at
166 * @return 0 on success, negative value on failure
167 */
168 int (*set_key_for_key_slot)(struct udevice *dev, u32 key_size, u8 *key,
169 u8 slot);
170
171 /**
172 * aes_ecb_encrypt() - Encrypt multiple blocks of data with AES ECB.
173 *
174 * @dev The AES udevice
175 * @src Source data of length 'num_aes_blocks' blocks
176 * @dst Destination data of length 'num_aes_blocks' blocks
177 * @num_aes_blocks Number of AES blocks to encrypt/decrypt
178 * @return 0 on success, negative value on failure
179 */
180 int (*aes_ecb_encrypt)(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
181
182 /**
183 * aes_ecb_decrypt() - Decrypt multiple blocks of data with AES ECB.
184 *
185 * @dev The AES udevice
186 * @src Source data of length 'num_aes_blocks' blocks
187 * @dst Destination data of length 'num_aes_blocks' blocks
188 * @num_aes_blocks Number of AES blocks to encrypt/decrypt
189 * @return 0 on success, negative value on failure
190 */
191 int (*aes_ecb_decrypt)(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
192
193 /**
194 * aes_cbc_encrypt() - Encrypt multiple blocks of data with AES CBC.
195 *
196 * @dev The AES udevice
197 * @iv Initialization vector
198 * @src Source data of length 'num_aes_blocks' blocks
199 * @dst Destination data of length 'num_aes_blocks' blocks
200 * @num_aes_blocks Number of AES blocks to encrypt/decrypt
201 * @return 0 on success, negative value on failure
202 */
203 int (*aes_cbc_encrypt)(struct udevice *dev, u8 *iv,
204 u8 *src, u8 *dst, u32 num_aes_blocks);
205
206 /**
207 * aes_cbc_decrypt() - Decrypt multiple blocks of data with AES CBC.
208 *
209 * @dev The AES udevice
210 * @iv Initialization vector
211 * @src Source data of length 'num_aes_blocks' blocks
212 * @dst Destination data of length 'num_aes_blocks' blocks
213 * @num_aes_blocks Number of AES blocks to encrypt/decrypt
214 * @return 0 on success, negative value on failure
215 */
216 int (*aes_cbc_decrypt)(struct udevice *dev, u8 *iv,
217 u8 *src, u8 *dst, u32 num_aes_blocks);
218 };
219
220 #define aes_get_ops(dev) ((struct aes_ops *)(dev)->driver->ops)
221
222 #if CONFIG_IS_ENABLED(DM_AES)
223
224 /**
225 * dm_aes_get_available_key_slots - How many key slots this AES device has
226 *
227 * @dev The AES udevice
228 * Return: Available slots to use, 0 for none, -ve on failure
229 */
230 int dm_aes_get_available_key_slots(struct udevice *dev);
231
232 /**
233 * dm_aes_select_key_slot - Selects the AES key slot to use for following operations
234 *
235 * @dev The AES udevice
236 * @key_size Size of the aes key (in bits)
237 * @slot The key slot to set as selected
238 * Return: 0 on success, -ve on failure
239 */
240 int dm_aes_select_key_slot(struct udevice *dev, u32 key_size, u8 slot);
241
242 /**
243 * dm_aes_set_key_for_key_slot - Sets the AES key to use for specified key slot
244 *
245 * @dev The AES udevice
246 * @key_size Size of the aes key (in bits)
247 * @key An AES key to set
248 * @slot The slot to load the key at
249 * Return: 0 on success, negative value on failure
250 */
251 int dm_aes_set_key_for_key_slot(struct udevice *dev, u32 key_size, u8 *key, u8 slot);
252
253 /**
254 * dm_aes_ecb_encrypt - Encrypt multiple blocks of data with AES ECB.
255 *
256 * @dev The AES udevice
257 * @src Source data of length 'num_aes_blocks' blocks
258 * @dst Destination data of length 'num_aes_blocks' blocks
259 * @num_aes_blocks Number of AES blocks to encrypt/decrypt
260 * Return: 0 on success, negative value on failure
261 */
262 int dm_aes_ecb_encrypt(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
263
264 /**
265 * dm_aes_ecb_decrypt - Decrypt multiple blocks of data with AES ECB.
266 *
267 * @dev The AES udevice
268 * @src Source data of length 'num_aes_blocks' blocks
269 * @dst Destination data of length 'num_aes_blocks' blocks
270 * @num_aes_blocks Number of AES blocks to encrypt/decrypt
271 * Return: 0 on success, negative value on failure
272 */
273 int dm_aes_ecb_decrypt(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
274
275 /**
276 * dm_aes_cbc_encrypt - Encrypt multiple blocks of data with AES CBC.
277 *
278 * @dev The AES udevice
279 * @iv Initialization vector
280 * @src Source data of length 'num_aes_blocks' blocks
281 * @dst Destination data of length 'num_aes_blocks' blocks
282 * @num_aes_blocks Number of AES blocks to encrypt/decrypt
283 * Return: 0 on success, negative value on failure
284 */
285 int dm_aes_cbc_encrypt(struct udevice *dev, u8 *iv, u8 *src, u8 *dst, u32 num_aes_blocks);
286
287 /**
288 * dm_aes_cbc_decrypt - Decrypt multiple blocks of data with AES CBC.
289 *
290 * @dev The AES udevice
291 * @iv Initialization vector
292 * @src Source data of length 'num_aes_blocks' blocks
293 * @dst Destination data of length 'num_aes_blocks' blocks
294 * @num_aes_blocks Number of AES blocks to encrypt/decrypt
295 * Return: 0 on success, negative value on failure
296 */
297 int dm_aes_cbc_decrypt(struct udevice *dev, u8 *iv, u8 *src, u8 *dst, u32 num_aes_blocks);
298
299 /**
300 * dm_aes_cmac - Hashes the input data with AES-CMAC, putting the result into dst.
301 * The key slot must be selected already.
302 *
303 * @dev The AES udevice
304 * @key_size Size of the aes key (in bits)
305 * @src Source data of length 'num_aes_blocks' blocks
306 * @dst Destination for hash result
307 * @num_aes_blocks Number of AES blocks to encrypt
308 * Return: 0 on success, negative value on failure.
309 */
310 int dm_aes_cmac(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks);
311
312 #else
313
dm_aes_get_available_key_slots(struct udevice * dev)314 static inline int dm_aes_get_available_key_slots(struct udevice *dev)
315 {
316 return -ENOSYS;
317 }
318
dm_aes_select_key_slot(struct udevice * dev,u32 key_size,u8 slot)319 static inline int dm_aes_select_key_slot(struct udevice *dev, u32 key_size, u8 slot)
320 {
321 return -ENOSYS;
322 }
323
dm_aes_set_key_for_key_slot(struct udevice * dev,u32 key_size,u8 * key,u8 slot)324 static inline int dm_aes_set_key_for_key_slot(struct udevice *dev, u32 key_size, u8 *key,
325 u8 slot)
326 {
327 return -ENOSYS;
328 }
329
dm_aes_ecb_encrypt(struct udevice * dev,u8 * src,u8 * dst,u32 num_aes_blocks)330 static inline int dm_aes_ecb_encrypt(struct udevice *dev, u8 *src, u8 *dst,
331 u32 num_aes_blocks)
332 {
333 return -ENOSYS;
334 }
335
dm_aes_ecb_decrypt(struct udevice * dev,u8 * src,u8 * dst,u32 num_aes_blocks)336 static inline int dm_aes_ecb_decrypt(struct udevice *dev, u8 *src, u8 *dst,
337 u32 num_aes_blocks)
338 {
339 return -ENOSYS;
340 }
341
dm_aes_cbc_encrypt(struct udevice * dev,u8 * iv,u8 * src,u8 * dst,u32 num_aes_blocks)342 static inline int dm_aes_cbc_encrypt(struct udevice *dev, u8 *iv, u8 *src,
343 u8 *dst, u32 num_aes_blocks)
344 {
345 return -ENOSYS;
346 }
347
dm_aes_cbc_decrypt(struct udevice * dev,u8 * iv,u8 * src,u8 * dst,u32 num_aes_blocks)348 static inline int dm_aes_cbc_decrypt(struct udevice *dev, u8 *iv, u8 *src,
349 u8 *dst, u32 num_aes_blocks)
350 {
351 return -ENOSYS;
352 }
353
dm_aes_cmac(struct udevice * dev,u8 * src,u8 * dst,u32 num_aes_blocks)354 static inline int dm_aes_cmac(struct udevice *dev, u8 *src, u8 *dst, u32 num_aes_blocks)
355 {
356 return -ENOSYS;
357 }
358
359 #endif /* CONFIG_DM_AES */
360
361 #endif /* _AES_REF_H_ */
362