crypto/cryptodev.h

   1 /* This is a source compatible implementation with the original API of
   2  * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h.
   3  * Placed under public domain */
   4
   5 #ifndef L_CRYPTODEV_H
   6 #define L_CRYPTODEV_H
   7
   8 #include <linux/types.h>
   9 #ifndef __KERNEL__
  10 #define __user
  11 #endif
  12
  13 /* API extensions for linux */
  14 #define CRYPTO_HMAC_MAX_KEY_LEN         512
  15 #define CRYPTO_CIPHER_MAX_KEY_LEN       64
  16
  17 /* All the supported algorithms
  18  */
  19 enum cryptodev_crypto_op_t {
  20         CRYPTO_DES_CBC = 1,
  21         CRYPTO_3DES_CBC = 2,
  22         CRYPTO_BLF_CBC = 3,
  23         CRYPTO_CAST_CBC = 4,
  24         CRYPTO_SKIPJACK_CBC = 5,
  25         CRYPTO_MD5_HMAC = 6,
  26         CRYPTO_SHA1_HMAC = 7,
  27         CRYPTO_RIPEMD160_HMAC = 8,
  28         CRYPTO_MD5_KPDK = 9,
  29         CRYPTO_SHA1_KPDK = 10,
  30         CRYPTO_RIJNDAEL128_CBC = 11,
  31         CRYPTO_AES_CBC = CRYPTO_RIJNDAEL128_CBC,
  32         CRYPTO_ARC4 = 12,
  33         CRYPTO_MD5 = 13,
  34         CRYPTO_SHA1 = 14,
  35         CRYPTO_DEFLATE_COMP = 15,
  36         CRYPTO_NULL = 16,
  37         CRYPTO_LZS_COMP = 17,
  38         CRYPTO_SHA2_256_HMAC = 18,
  39         CRYPTO_SHA2_384_HMAC = 19,
  40         CRYPTO_SHA2_512_HMAC = 20,
  41         CRYPTO_AES_CTR = 21,
  42         CRYPTO_AES_XTS = 22,
  43         CRYPTO_AES_ECB = 23,
  44         CRYPTO_AES_GCM = 50,
  45
  46         CRYPTO_CAMELLIA_CBC = 101,
  47         CRYPTO_RIPEMD160,
  48         CRYPTO_SHA2_256,
  49         CRYPTO_SHA2_384,
  50         CRYPTO_SHA2_512,
  51         CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */
  52 };
  53
  54 #define CRYPTO_ALGORITHM_MAX    (CRYPTO_ALGORITHM_ALL - 1)
  55
  56 /* Values for ciphers */
  57 #define DES_BLOCK_LEN           8
  58 #define DES3_BLOCK_LEN          8
  59 #define RIJNDAEL128_BLOCK_LEN   16
  60 #define AES_BLOCK_LEN           RIJNDAEL128_BLOCK_LEN
  61 #define CAMELLIA_BLOCK_LEN      16
  62 #define BLOWFISH_BLOCK_LEN      8
  63 #define SKIPJACK_BLOCK_LEN      8
  64 #define CAST128_BLOCK_LEN       8
  65
  66 /* the maximum of the above */
  67 #define EALG_MAX_BLOCK_LEN      16
  68
  69 /* Values for hashes/MAC */
  70 #define AALG_MAX_RESULT_LEN             64
  71
  72 /* maximum length of verbose alg names (depends on CRYPTO_MAX_ALG_NAME) */
  73 #define CRYPTODEV_MAX_ALG_NAME          64
  74
  75 #define HASH_MAX_LEN 64
  76
  77 /* input of CIOCGSESSION */
  78 struct session_op {
  79         /* Specify either cipher or mac
  80          */
  81         __u32   cipher;         /* cryptodev_crypto_op_t */
  82         __u32   mac;            /* cryptodev_crypto_op_t */
  83
  84         __u32   keylen;
  85         __u8    __user *key;
  86         __u32   mackeylen;
  87         __u8    __user *mackey;
  88
  89         __u32   ses;            /* session identifier */
  90 };
  91
  92 struct session_info_op {
  93         __u32 ses;              /* session identifier */
  94
  95         /* verbose names for the requested ciphers */
  96         struct alg_info {
  97                 char cra_name[CRYPTODEV_MAX_ALG_NAME];
  98                 char cra_driver_name[CRYPTODEV_MAX_ALG_NAME];
  99         } cipher_info, hash_info;
 100
 101         __u16   alignmask;      /* alignment constraints */
 102         __u32   flags;          /* SIOP_FLAGS_* */
 103 };
 104
 105 /* If this flag is set then this algorithm uses
 106  * a driver only available in kernel (software drivers,
 107  * or drivers based on instruction sets do not set this flag).
 108  *
 109  * If multiple algorithms are involved (as in AEAD case), then
 110  * if one of them is kernel-driver-only this flag will be set.
 111  */
 112 #define SIOP_FLAG_KERNEL_DRIVER_ONLY 1
 113
 114 #define COP_ENCRYPT     0
 115 #define COP_DECRYPT     1
 116
 117 /* input of CIOCCRYPT */
 118 struct crypt_op {
 119         __u32   ses;            /* session identifier */
 120         __u16   op;             /* COP_ENCRYPT or COP_DECRYPT */
 121         __u16   flags;          /* see COP_FLAG_* */
 122         __u32   len;            /* length of source data */
 123         __u8    __user *src;    /* source data */
 124         __u8    __user *dst;    /* pointer to output data */
 125         /* pointer to output data for hash/MAC operations */
 126         __u8    __user *mac;
 127         /* initialization vector for encryption operations */
 128         __u8    __user *iv;
 129 };
 130
 131 /* input of CIOCAUTHCRYPT */
 132 struct crypt_auth_op {
 133         __u32   ses;            /* session identifier */
 134         __u16   op;             /* COP_ENCRYPT or COP_DECRYPT */
 135         __u16   flags;          /* see COP_FLAG_AEAD_* */
 136         __u32   len;            /* length of source data */
 137         __u32   auth_len;       /* length of auth data */
 138         __u8    __user *auth_src;       /* authenticated-only data */
 139
 140         /* The current implementation is more efficient if data are
 141          * encrypted in-place (src==dst). */
 142         __u8    __user *src;    /* data to be encrypted and authenticated */
 143         __u8    __user *dst;    /* pointer to output data. Must have
 144                                  * space for tag. For TLS this should be at least
 145                                  * len + tag_size + block_size for padding */
 146
 147         __u8    __user *tag;    /* where the tag will be copied to. TLS mode
 148                                  * doesn't use that as tag is copied to dst.
 149                                  * SRTP mode copies tag there. */
 150         __u32   tag_len;        /* the length of the tag. Use zero for digest size or max tag. */
 151
 152         /* initialization vector for encryption operations */
 153         __u8    __user *iv;
 154         __u32   iv_len;
 155 };
 156
 157 /* In plain AEAD mode the following are required:
 158  *  flags   : 0
 159  *  iv      : the initialization vector (12 bytes)
 160  *  auth_len: the length of the data to be authenticated
 161  *  auth_src: the data to be authenticated
 162  *  len     : length of data to be encrypted
 163  *  src     : the data to be encrypted
 164  *  dst     : space to hold encrypted data. It must have
 165  *            at least a size of len + tag_size.
 166  *  tag_size: the size of the desired authentication tag or zero to use
 167  *            the maximum tag output.
 168  *
 169  * Note tag isn't being used because the Linux AEAD interface
 170  * copies the tag just after data.
 171  */
 172
 173 /* In TLS mode (used for CBC ciphers that required padding)
 174  * the following are required:
 175  *  flags   : COP_FLAG_AEAD_TLS_TYPE
 176  *  iv      : the initialization vector
 177  *  auth_len: the length of the data to be authenticated only
 178  *  len     : length of data to be encrypted
 179  *  auth_src: the data to be authenticated
 180  *  src     : the data to be encrypted
 181  *  dst     : space to hold encrypted data (preferably in-place). It must have
 182  *            at least a size of len + tag_size + blocksize.
 183  *  tag_size: the size of the desired authentication tag or zero to use
 184  *            the default mac output.
 185  *
 186  * Note that the padding used is the minimum padding.
 187  */
 188
 189 /* In SRTP mode the following are required:
 190  *  flags   : COP_FLAG_AEAD_SRTP_TYPE
 191  *  iv      : the initialization vector
 192  *  auth_len: the length of the data to be authenticated. This must
 193  *            include the SRTP header + SRTP payload (data to be encrypted) + rest
 194  *
 195  *  len     : length of data to be encrypted
 196  *  auth_src: pointer the data to be authenticated. Should point at the same buffer as src.
 197  *  src     : pointer to the data to be encrypted.
 198  *  dst     : This is mandatory to be the same as src (in-place only).
 199  *  tag_size: the size of the desired authentication tag or zero to use
 200  *            the default mac output.
 201  *  tag     : Pointer to an address where the authentication tag will be copied.
 202  */
 203
 204
 205 /* struct crypt_op flags */
 206
 207 #define COP_FLAG_NONE           (0 << 0) /* totally no flag */
 208 #define COP_FLAG_UPDATE         (1 << 0) /* multi-update hash mode */
 209 #define COP_FLAG_FINAL          (1 << 1) /* multi-update final hash mode */
 210 #define COP_FLAG_WRITE_IV       (1 << 2) /* update the IV during operation */
 211 #define COP_FLAG_NO_ZC          (1 << 3) /* do not zero-copy */
 212 #define COP_FLAG_AEAD_TLS_TYPE  (1 << 4) /* authenticate and encrypt using the
 213                                           * TLS protocol rules */
 214 #define COP_FLAG_AEAD_SRTP_TYPE  (1 << 5) /* authenticate and encrypt using the
 215                                            * SRTP protocol rules */
 216 #define COP_FLAG_RESET          (1 << 6) /* multi-update reset the state.
 217                                           * should be used in combination
 218                                           * with COP_FLAG_UPDATE */
 219
 220
 221 /* Stuff for bignum arithmetic and public key
 222  * cryptography - not supported yet by linux
 223  * cryptodev.
 224  */
 225
 226 #define CRYPTO_ALG_FLAG_SUPPORTED       1
 227 #define CRYPTO_ALG_FLAG_RNG_ENABLE      2
 228 #define CRYPTO_ALG_FLAG_DSA_SHA         4
 229
 230 struct crparam {
 231         __u8    *crp_p;
 232         __u32   crp_nbits;
 233 };
 234
 235 #define CRK_MAXPARAM    8
 236
 237 /* input of CIOCKEY */
 238 struct crypt_kop {
 239         __u32   crk_op;         /* cryptodev_crk_ot_t */
 240         __u32   crk_status;
 241         __u16   crk_iparams;
 242         __u16   crk_oparams;
 243         __u32   crk_pad1;
 244         struct crparam  crk_param[CRK_MAXPARAM];
 245 };
 246
 247 enum cryptodev_crk_op_t {
 248         CRK_MOD_EXP = 0,
 249         CRK_MOD_EXP_CRT = 1,
 250         CRK_DSA_SIGN = 2,
 251         CRK_DSA_VERIFY = 3,
 252         CRK_DH_COMPUTE_KEY = 4,
 253         CRK_ALGORITHM_ALL
 254 };
 255
 256 #define CRK_ALGORITHM_MAX       (CRK_ALGORITHM_ALL-1)
 257
 258 /* features to be queried with CIOCASYMFEAT ioctl
 259  */
 260 #define CRF_MOD_EXP             (1 << CRK_MOD_EXP)
 261 #define CRF_MOD_EXP_CRT         (1 << CRK_MOD_EXP_CRT)
 262 #define CRF_DSA_SIGN            (1 << CRK_DSA_SIGN)
 263 #define CRF_DSA_VERIFY          (1 << CRK_DSA_VERIFY)
 264 #define CRF_DH_COMPUTE_KEY      (1 << CRK_DH_COMPUTE_KEY)
 265
 266
 267 /* ioctl's. Compatible with old linux cryptodev.h
 268  */
 269 #define CRIOGET         _IOWR('c', 101, __u32)
 270 #define CIOCGSESSION    _IOWR('c', 102, struct session_op)
 271 #define CIOCFSESSION    _IOW('c', 103, __u32)
 272 #define CIOCCRYPT       _IOWR('c', 104, struct crypt_op)
 273 #define CIOCKEY         _IOWR('c', 105, struct crypt_kop)
 274 #define CIOCASYMFEAT    _IOR('c', 106, __u32)
 275 #define CIOCGSESSINFO   _IOWR('c', 107, struct session_info_op)
 276
 277 /* to indicate that CRIOGET is not required in linux
 278  */
 279 #define CRIOGET_NOT_NEEDED 1
 280
 281 /* additional ioctls for asynchronous  operation */
 282 #define CIOCASYNCCRYPT    _IOW('c', 107, struct crypt_op)
 283 #define CIOCASYNCFETCH    _IOR('c', 108, struct crypt_op)
 284
 285 /* additional ioctls for AEAD */
 286 #define CIOCAUTHCRYPT   _IOWR('c', 109, struct crypt_auth_op)
 287
 288 #endif /* L_CRYPTODEV_H */