1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3 * Copyright 2018-2021 NXP
4 *
5 * Brief Asymmetric Cipher interface calling the HW crypto driver.
6 */
7 #ifndef __DRVCRYPT_ACIPHER_H__
8 #define __DRVCRYPT_ACIPHER_H__
9
10 #include <crypto/crypto.h>
11 #include <tee_api_types.h>
12
13 /*
14 * Assymetric Cipher RSA Algorithm enumerate
15 */
16 enum drvcrypt_rsa_id {
17 DRVCRYPT_RSA_NOPAD = 0, /* RSA Algo mode NO PAD */
18 DRVCRYPT_RSA_OAEP, /* RSA Algo mode OAEP */
19 DRVCRYPT_RSA_PKCS_V1_5, /* RSA Algo mode PKCSv1.5 */
20 DRVCRYPT_RSASSA_PKCS_V1_5, /* RSA Signature Algo mode PKCSv1.5 */
21 DRVCRYPT_RSASSA_PSS, /* RSA Signature Algo mode PSS */
22 };
23
24 /*
25 * RSA Key object
26 */
27 struct drvcrypt_rsakey {
28 void *key; /* Public or Private key */
29 size_t n_size; /* Size in bytes of the Modulus N */
30 bool isprivate; /* True if private key */
31 };
32
33 /*
34 * RSA Mask Generation data
35 */
36 struct drvcrypt_rsa_mgf {
37 uint32_t hash_algo; /* HASH Algorithm */
38 size_t digest_size; /* Hash Digest Size */
39 struct drvcrypt_buf seed; /* Seed to generate mask */
40 struct drvcrypt_buf mask; /* Mask generated */
41 };
42
43 /*
44 * RSA Encoded Signature data
45 */
46 struct drvcrypt_rsa_ssa {
47 uint32_t algo; /* Operation algorithm */
48 uint32_t hash_algo; /* HASH Algorithm */
49 size_t digest_size; /* Hash Digest Size */
50 struct drvcrypt_rsakey key; /* Public or Private Key */
51 struct drvcrypt_buf message; /* Message to sign or signed */
52 struct drvcrypt_buf signature; /* Signature of the message */
53 size_t salt_len; /* Signature Salt length */
54
55 /* RSA Mask Generation function */
56 TEE_Result (*mgf)(struct drvcrypt_rsa_mgf *mgf_data);
57 };
58
59 /*
60 * RSA Encrypt/Decript data
61 */
62 struct drvcrypt_rsa_ed {
63 enum drvcrypt_rsa_id rsa_id; /* RSA Algorithm Id */
64 uint32_t hash_algo; /* HASH Algorithm */
65 size_t digest_size; /* Hash Digest Size */
66 struct drvcrypt_rsakey key; /* Public or Private key */
67 struct drvcrypt_buf message; /* Message to encrypt or decrypted */
68 struct drvcrypt_buf cipher; /* Cipher encrypted or to decrypt */
69 struct drvcrypt_buf label; /* Additional Label (RSAES) */
70
71 /* RSA Mask Generation function */
72 TEE_Result (*mgf)(struct drvcrypt_rsa_mgf *mgf_data);
73 };
74
75 /*
76 * Crypto Library RSA driver operations
77 */
78 struct drvcrypt_rsa {
79 /* Allocates the RSA keypair */
80 TEE_Result (*alloc_keypair)(struct rsa_keypair *key, size_t size_bits);
81 /* Allocates the RSA public key */
82 TEE_Result (*alloc_publickey)(struct rsa_public_key *key,
83 size_t size_bits);
84 /* Free RSA public key */
85 void (*free_publickey)(struct rsa_public_key *key);
86 /* Free RSA keypair */
87 void (*free_keypair)(struct rsa_keypair *key);
88 /* Generates the RSA keypair */
89 TEE_Result (*gen_keypair)(struct rsa_keypair *key, size_t size_bits);
90
91 /* RSA Encryption */
92 TEE_Result (*encrypt)(struct drvcrypt_rsa_ed *rsa_data);
93 /* RSA Decryption */
94 TEE_Result (*decrypt)(struct drvcrypt_rsa_ed *rsa_data);
95
96 struct {
97 /* RSA Sign a message and encode the signature */
98 TEE_Result (*ssa_sign)(struct drvcrypt_rsa_ssa *ssa_data);
99 /* RSA Encoded Signature Verification */
100 TEE_Result (*ssa_verify)(struct drvcrypt_rsa_ssa *ssa_data);
101 } optional;
102 };
103
104 /*
105 * Register a RSA processing driver in the crypto API
106 *
107 * @ops - Driver operations in the HW layer
108 */
drvcrypt_register_rsa(const struct drvcrypt_rsa * ops)109 static inline TEE_Result drvcrypt_register_rsa(const struct drvcrypt_rsa *ops)
110 {
111 return drvcrypt_register(CRYPTO_RSA, (void *)ops);
112 }
113
114 /*
115 * Signature data
116 */
117 struct drvcrypt_sign_data {
118 uint32_t algo; /* Operation algorithm */
119 void *key; /* Public or Private Key */
120 size_t size_sec; /* Security size in bytes */
121 struct drvcrypt_buf message; /* Message to sign or signed */
122 struct drvcrypt_buf signature; /* Signature of the message */
123 };
124
125 /*
126 * Shared Secret data
127 */
128 struct drvcrypt_secret_data {
129 void *key_priv; /* Private Key */
130 void *key_pub; /* Public Key */
131 size_t size_sec; /* Security size in bytes */
132 struct drvcrypt_buf secret; /* Shared secret */
133 };
134
135 /*
136 * Crypto ECC driver operations
137 */
138 struct drvcrypt_ecc {
139 /* Allocates the ECC keypair */
140 TEE_Result (*alloc_keypair)(struct ecc_keypair *key, size_t size_bits);
141 /* Allocates the ECC public key */
142 TEE_Result (*alloc_publickey)(struct ecc_public_key *key,
143 size_t size_bits);
144 /* Free ECC public key */
145 void (*free_publickey)(struct ecc_public_key *key);
146 /* Generates the ECC keypair */
147 TEE_Result (*gen_keypair)(struct ecc_keypair *key, size_t size_bytes);
148 /* ECC Sign a message and returns the signature */
149 TEE_Result (*sign)(struct drvcrypt_sign_data *sdata);
150 /* ECC Verify a message's signature */
151 TEE_Result (*verify)(struct drvcrypt_sign_data *sdata);
152 /* ECC Shared Secret */
153 TEE_Result (*shared_secret)(struct drvcrypt_secret_data *sdata);
154 };
155
156 /*
157 * Register an ECC processing driver in the crypto API
158 *
159 * @ops - Driver operations in the HW layer
160 */
drvcrypt_register_ecc(struct drvcrypt_ecc * ops)161 static inline TEE_Result drvcrypt_register_ecc(struct drvcrypt_ecc *ops)
162 {
163 return drvcrypt_register(CRYPTO_ECC, (void *)ops);
164 }
165
166 /*
167 * Crypto Library DH driver operations
168 */
169 struct drvcrypt_dh {
170 /* Allocates the DH keypair */
171 TEE_Result (*alloc_keypair)(struct dh_keypair *key, size_t size_bits);
172 /* Generates the DH keypair */
173 TEE_Result (*gen_keypair)(struct dh_keypair *key, struct bignum *q,
174 size_t size_bits);
175 /* DH Shared Secret */
176 TEE_Result (*shared_secret)(struct drvcrypt_secret_data *sdata);
177 };
178
179 /*
180 * Register a DH processing driver in the crypto API
181 *
182 * @ops - Driver operations in the HW layer
183 */
drvcrypt_register_dh(struct drvcrypt_dh * ops)184 static inline TEE_Result drvcrypt_register_dh(struct drvcrypt_dh *ops)
185 {
186 return drvcrypt_register(CRYPTO_DH, (void *)ops);
187 }
188
189 /*
190 * Crypto Library DSA driver operations
191 */
192 struct drvcrypt_dsa {
193 /* Allocates the DSA keypair */
194 TEE_Result (*alloc_keypair)(struct dsa_keypair *key, size_t l_bits,
195 size_t n_bits);
196 /* Allocates the DSA public key */
197 TEE_Result (*alloc_publickey)(struct dsa_public_key *key, size_t l_bits,
198 size_t n_bits);
199 /* Generates the DSA keypair */
200 TEE_Result (*gen_keypair)(struct dsa_keypair *key, size_t l_bits,
201 size_t n_bits);
202 /* DSA Sign a message and returns the signature */
203 TEE_Result (*sign)(struct drvcrypt_sign_data *sdata, size_t l_bytes,
204 size_t n_bytes);
205 /* DSA Verify a message's signature */
206 TEE_Result (*verify)(struct drvcrypt_sign_data *sdata, size_t l_bytes,
207 size_t n_bytes);
208 };
209
210 /*
211 * Register a DSA processing driver in the crypto API
212 *
213 * @ops - Driver operations in the HW layer
214 */
drvcrypt_register_dsa(struct drvcrypt_dsa * ops)215 static inline TEE_Result drvcrypt_register_dsa(struct drvcrypt_dsa *ops)
216 {
217 return drvcrypt_register(CRYPTO_DSA, (void *)ops);
218 }
219
220 #endif /* __DRVCRYPT_ACIPHER_H__ */
221