Sync usage with man page.
[netbsd-mini2440.git] / sys / dev / pci / n8 / common / api / commands / n8_cb_ea.h
blob33fa1ac86ec43e49387c2a8465021d4e9a3bb3d7
1 /*-
2 * Copyright (C) 2001-2003 by NBMK Encryption Technologies.
3 * All rights reserved.
5 * NBMK Encryption Technologies provides no support of any kind for
6 * this software. Questions or concerns about it may be addressed to
7 * the members of the relevant open-source community at
8 * <tech-crypto@netbsd.org>.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions are
12 * met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above
18 * copyright notice, this list of conditions and the following
19 * disclaimer in the documentation and/or other materials provided
20 * with the distribution.
22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
24 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
25 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
26 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
28 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
29 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
32 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 /*****************************************************************************
36 * @(#) n8_cb_ea.h 1.65@(#)
37 *****************************************************************************/
39 /*****************************************************************************/
40 /** @file n8_cb_ea.h
41 * @brief Header file for E/A command block generation.
43 * Contains functions prototypes for n8_cb_ea.c
45 *****************************************************************************/
47 /*****************************************************************************
48 * Revision history:
49 * 08/18/03 brr Combine Encrypt/Decrypt command block generators for SSL,
50 * TLS, & IPsec.
51 * 05/20/03 brr Eliminate obsolete include files.
52 * 09/10/02 brr Set command complete bit on last command block.
53 * 03/26/02 brr Allocate the data buffer as part of the API request.
54 * 01/12/02 bac Changed signature for cb_ea_hashEnd to add n8_IVSrc_t.
55 * 10/30/01 bac Standardized cb load context function names.
56 * 10/16/01 spm IKE APIs: removed key physical addr parms
57 * 10/15/01 spm IKE APIs: removed virtual pointers to msg from IKE cb arg
58 * lists. Had to keep the virtual pointers to key, since
59 * there needs to be a copy of the key into the command block
60 * itself.
61 * 10/15/01 bac Changed some signatures to correctly use unsigned ints.
62 * 10/11/01 hml Added the protos for cb_ea_hashCompleteMessage and
63 * cb_ea_TLSHandshakeHash as well as some associated
64 * #defines.
65 * 09/21/01 bac Corrected signature on cb_ea_encrypt to take physical
66 * addresses.
67 * 09/20/01 bac The interface to the command block generators changed and now
68 * accept the command block buffer.
69 * 09/18/01 bac Massive changes to support model where the caller allocates
70 * the command buffer. Lots of reorganization and renaming to be
71 * more standard.
72 * 09/17/01 spm Truncated lines >80 chars.
73 * 09/07/01 spm Added support for IKE API Extensions.
74 * 07/26/01 mel Deleted open SSL dependency.
75 * 06/25/01 bac More on conversion to use physical memory.
76 * 06/19/01 bac Corrected signatures for use of physical addresses.
77 * 05/22/01 bac Changed SSL Encrypt and Decrypt commands to pass
78 * packets instead of buffers.
79 * 05/21/01 bac Converted to use N8_ContextHandle_t and N8_Packet_t
80 * with integrated cipher and hash packet.
81 * 05/09/01 bac Added prototype for cb_ea_SSLEncryptAuthenticate.
82 * 04/01/01 bac Original version.
83 ****************************************************************************/
84 #include "n8_ea_common.h"
85 #include "n8_hash.h"
86 #include "n8_enqueue_common.h" /* contains encryption/authentication queue
87 * declarations */
88 #include "n8_packet.h" /* contains packet declarations */
89 #include "n8_packet_IPSec.h" /* contains IPSec packet declarations */
90 #include "n8_ssltls.h"
91 #include "n8_pub_context.h"
92 #include "n8_pub_symmetric.h"
94 /* N8_RC4_t
95 * ARC4 key declaration. This structure is the same as
96 * RC4_KEY from rc4.h. OpenSSL configure should not use RC4_CHAR or
97 * RC4_LONG when using NetOctave hw.*/
98 typedef struct
100 unsigned int x,y;
101 unsigned int data[256];
102 } N8_RC4_t;
105 /* define for the number of hashes necessary to create a given output length.
106 * __OL is the desired output length. __HL is the length generated per hash
107 * operation. */
108 #define N8_HASHES_REQUIRED(__OL, __HL) (CEIL((__OL), (__HL)))
109 #define N8_SHA1_HASHES_REQUIRED(__OL) (N8_HASHES_REQUIRED((__OL), EA_SHA1_Hash_Length))
110 #define N8_MD5_HASHES_REQUIRED(__OL) (N8_HASHES_REQUIRED((__OL), EA_MD5_Hash_Length))
111 /* when generating material for TLS, the spec requires that the first result be
112 * discarded -- thus the extra hash required. */
113 #define N8_SHA1_HASHES_REQUIRED_TLS(__OL) (N8_SHA1_HASHES_REQUIRED((__OL)) + 1)
114 #define N8_MD5_HASHES_REQUIRED_TLS(__OL) (N8_MD5_HASHES_REQUIRED((__OL)) + 1)
116 /* defines indicating the number of command blocks for each computation */
117 #define N8_CB_EA_HASHCOMPLETEMESSAGE_NUMCMDS 1
118 #define N8_CB_EA_HASHPARTIAL_NUMCMDS 1
119 #define N8_CB_EA_HASHEND_NUMCMDS 1
120 #define N8_CB_EA_SSLKEYMATERIALHASH_NUMCMDS 1
121 #define N8_CB_EA_SSLENCRYPTAUTHENTICATE_NUMCMDS 1
122 #define N8_CB_EA_SSLDECRYPTVERIFY_NUMCMDS 1
123 #define N8_CB_EA_TLSENCRYPTAUTHENTICATE_NUMCMDS 1
124 #define N8_CB_EA_TLSDECRYPTVERIFY_NUMCMDS 1
125 #define N8_CB_EA_TLSKEYMATERIALHASH_NUMCMDS(__L) \
126 (2*(N8_SHA1_HASHES_REQUIRED_TLS(__L) + N8_MD5_HASHES_REQUIRED_TLS(__L)))
127 #define N8_CB_EA_IKEPRF_NUMCMDS 1
128 #define N8_CB_EA_IKESKEYIDEXPAND_NUMCMDS 1
129 #define N8_CB_EA_IKEKEYMATERIALEXPAND_NUMCMDS 1
130 #define N8_CB_EA_IKEENCRYPTKEYEXPAND_NUMCMDS 1
131 #define N8_CB_EA_CLEARCONTEXT_NUMCMDS 1
132 #define N8_CB_EA_WRITECONTEXT_NUMCMDS 1
133 #define N8_CB_EA_READCONTEXT_NUMCMDS 1
134 #define N8_CB_EA_CLEARCONTEXT_NUMCMDS 1
135 #define N8_CB_EA_ENCRYPT_NUMCMDS 1
136 #define N8_CB_EA_DECRYPT_NUMCMDS 1
137 #define N8_CB_EA_LOADARC4KEYTOCONTEXT_NUMCMDS 1
138 #define N8_CB_EA_LOADARC4KEYONLY_NUMCMDS 1
139 #define N8_CB_EA_LOADDESKEYTOCONTEXT_NUMCMDS 1
140 #define N8_CB_EA_LOADDESKEYONLY_NUMCMDS 1
141 #define N8_CB_EA_LOADIPSECKEYTOCONTEXT_NUMCMDS 1
142 #define N8_CB_EA_IPSECENCRYPTAUTHENTICATE_NUMCMDS 1
143 #define N8_CB_EA_IPSECDECRYPTVERIFY_NUMCMDS 1
144 #define N8_CB_EA_IPSECDECRYPTVERIFY_NUMCMDS 1
145 #define N8_CB_EA_PRECOMPUTE_MD5_NUMCMDS 2
146 #define N8_CB_EA_HASHHMACEND_NUMCMDS 1
147 #define N8_CB_EA_FINISHTLSHANDSHAKE_NUMCMDS 4
148 #define N8_CB_EA_CERTTLSHANDSHAKE_NUMCMDS 2
149 #define N8_CB_EA_SSLSHANDSHAKEHASH_NUMCMDS 4
151 /* The length of both "client finished" and
152 "server finished" */
153 #define N8_TLS_ROLE_STRING_LENGTH 15
156 /* function prototypes */
157 N8_Status_t cb_ea_writeContext(API_Request_t *req_p,
158 EA_CMD_BLOCK_t *cb_p,
159 const unsigned int contextIndex,
160 const N8_Buffer_t *bufferToWrite_p,
161 const unsigned int length);
163 N8_Status_t cb_ea_readContext(API_Request_t *req_p,
164 EA_CMD_BLOCK_t *cb_p,
165 const unsigned int contextIndex,
166 const uint32_t bufferToRead_a,
167 const unsigned int length);
169 N8_Status_t cb_ea_loadARC4KeyToContext(API_Request_t *req_p,
170 EA_CMD_BLOCK_t *cb_p,
171 const N8_Packet_t *packetObject_p,
172 const N8_CipherInfo_t *cipher_p,
173 const N8_HashAlgorithm_t hashAlgorithm,
174 EA_ARC4_CTX *ctx_p,
175 const uint32_t ctx_a,
176 EA_CMD_BLOCK_t **next_cb_pp);
178 N8_Status_t cb_ea_loadDESKeyToContext(API_Request_t *req_p,
179 EA_CMD_BLOCK_t *cb_p,
180 const N8_Packet_t *packetObject_p,
181 const N8_CipherInfo_t *cipherInfo_p,
182 const N8_HashAlgorithm_t hashAlgorithm,
183 EA_SSL30_CTX *ctx_p,
184 const uint32_t ctx_a,
185 EA_CMD_BLOCK_t **next_cb_pp);
187 N8_Status_t cb_ea_loadIPsecKeyToContext(API_Request_t *req_p,
188 EA_CMD_BLOCK_t *cb_p,
189 const unsigned int contextIndex,
190 const N8_CipherInfo_t *cipherInfo_p,
191 EA_IPSEC_CTX *IPSec_ctx_p,
192 const uint32_t IPSec_ctx_a,
193 EA_CMD_BLOCK_t **next_cb_pp);
195 N8_Status_t cb_ea_hashPartial(API_Request_t *req_p,
196 EA_CMD_BLOCK_t *cb_p,
197 const N8_HashObject_t *obj_p,
198 const n8_IVSrc_t ivSrc,
199 const uint32_t hashMsg_a,
200 const unsigned int msgLength,
201 const uint32_t result_a,
202 EA_CMD_BLOCK_t **next_cb_pp,
203 int lastCmdBlock);
205 N8_Status_t cb_ea_hashEnd(API_Request_t *req_p,
206 EA_CMD_BLOCK_t *cb_p,
207 const N8_HashObject_t *obj_p,
208 const n8_IVSrc_t ivSrc,
209 const uint32_t hashMsg_a,
210 const unsigned int msgLength,
211 const uint32_t result_a,
212 EA_CMD_BLOCK_t **next_cb_pp,
213 int lastCmdBlock);
215 N8_Status_t cb_ea_hashHMACEnd(API_Request_t *req_p,
216 EA_CMD_BLOCK_t *cb_p,
217 const N8_HashObject_t *obj_p,
218 const uint32_t hashMsg_a,
219 const unsigned int msgLength,
220 const uint32_t result_a,
221 EA_CMD_BLOCK_t **next_cb_pp);
223 N8_Status_t cb_ea_SSLKeyMaterialHash(API_Request_t *req_p,
224 EA_CMD_BLOCK_t *cb_p,
225 const uint32_t key_a,
226 const int keyLength,
227 const N8_Buffer_t *random_p,
228 const int outputLength,
229 const uint32_t result_a);
231 N8_Status_t cb_ea_SSL(EA_CMD_BLOCK_t *cb_p,
232 N8_Packet_t *packetObj_p,
233 const N8_SSLTLSPacket_t *packet_p,
234 const uint32_t input_a,
235 const uint32_t result_a,
236 const unsigned int opCode);
238 N8_Status_t cb_ea_TLSKeyMaterialHash(API_Request_t *req_p,
239 EA_CMD_BLOCK_t *cb_p,
240 const N8_Buffer_t *msg_p,
241 const uint32_t msg_a,
242 const int dataLength,
243 N8_Buffer_t *hmacKey_p,
244 const uint32_t hmacKey_a,
245 const int keyLength,
246 const int outputLength,
247 const uint32_t pseudorandomStream1_a,
248 const uint32_t pseudorandomStream2_a,
249 const int keyLen);
251 N8_Status_t cb_ea_IKEPrf(API_Request_t *req_p,
252 EA_CMD_BLOCK_t *cb_p,
253 const N8_HashAlgorithm_t alg,
254 const uint32_t kMsg_a,
255 const uint32_t msgLength,
256 const N8_Buffer_t *kKey_p,
257 const uint32_t keyLength,
258 const uint32_t kRes_a);
260 N8_Status_t cb_ea_IKESKEYIDExpand(API_Request_t *req_p,
261 EA_CMD_BLOCK_t *cb_p,
262 const N8_HashAlgorithm_t alg,
263 const uint32_t kMsg_a,
264 const uint32_t msgLength,
265 const N8_Buffer_t *kKey_p,
266 const uint32_t keyLength,
267 const uint32_t kSKEYIDd_a);
269 N8_Status_t cb_ea_IKEKeyMaterialExpand(API_Request_t *req_p,
270 EA_CMD_BLOCK_t *cb_p,
271 const N8_HashAlgorithm_t alg,
272 const uint32_t kMsg_a,
273 const uint32_t msgLength,
274 const N8_Buffer_t *kKey_p,
275 const uint32_t keyLength,
276 const uint32_t kRes_a,
277 const uint32_t i_count);
279 N8_Status_t cb_ea_IKEEncryptKeyExpand(API_Request_t *req_p,
280 EA_CMD_BLOCK_t *cb_p,
281 const N8_HashAlgorithm_t alg,
282 const uint32_t kMsg_a,
283 const uint32_t msgLength,
284 const N8_Buffer_t *kKey_p,
285 const uint32_t keyLength,
286 const uint32_t kRes_a,
287 const uint32_t i_count);
289 N8_Status_t cb_ea_TLS(EA_CMD_BLOCK_t *cb_p,
290 N8_Packet_t *packetObj_p,
291 const N8_SSLTLSPacket_t *packet_p,
292 const uint32_t input_a,
293 const uint32_t result_a,
294 const unsigned int opCode);
296 void cb_ea_IPsec (EA_CMD_BLOCK_t *cb_p,
297 const N8_Packet_t *packetObject_p,
298 const uint32_t encryptedPacket_a,
299 const uint32_t result_a,
300 const unsigned int encryptedPacketLength,
301 const int SPI,
302 const unsigned int opCode);
304 N8_Status_t cb_ea_loadARC4keyOnly(API_Request_t *req_p,
305 EA_CMD_BLOCK_t *cb_p,
306 const N8_ContextHandle_t *contextHandle_p,
307 const N8_EncryptCipher_t *cipher_p);
309 N8_Status_t cb_ea_loadDESkeyOnly(API_Request_t *req_p,
310 EA_CMD_BLOCK_t *cb_p,
311 const N8_ContextHandle_t *contextHandle_p,
312 const N8_EncryptCipher_t *cipherInfo_p);
314 N8_Status_t cb_ea_encrypt(const API_Request_t *req_p,
315 EA_CMD_BLOCK_t *cb_p,
316 N8_EncryptObject_t *encryptObject_p,
317 const uint32_t message_a,
318 const uint32_t encryptedMessage_a,
319 const int messageLength);
321 N8_Status_t cb_ea_decrypt(API_Request_t *req_p,
322 EA_CMD_BLOCK_t *cb_p,
323 N8_EncryptObject_t *encryptObject_p,
324 const uint32_t encryptedMessage_a,
325 const uint32_t message_a,
326 const unsigned int encryptedMessageLength);
328 N8_Status_t cb_ea_hashCompleteMessage(API_Request_t *req_p,
329 EA_CMD_BLOCK_t *cb_p,
330 const N8_HashObject_t *obj_p,
331 const uint32_t hashMsg_a,
332 const unsigned int msgLength,
333 const uint32_t result_a);
334 N8_Status_t
335 cb_ea_TLSHandshakeHash(API_Request_t *req_p,
336 N8_HashProtocol_t protocol,
337 uint32_t resMD5_a,
338 uint32_t hashMsgMD5_a,
339 N8_HashObject_t *hashMsgMD5_p,
340 int md5Length,
341 uint32_t resSHA1_a,
342 uint32_t hashMsgSHA1_a,
343 N8_HashObject_t *hashMsgSHA1_p,
344 int sha1Length,
345 uint32_t resMD5PRF_a,
346 uint32_t resSHA1PRF_a,
347 const N8_Buffer_t *key_p,
348 int keyLength,
349 uint32_t roleStr_a);
352 N8_Status_t cb_ea_SSLHandshakeHash(API_Request_t *req_p,
353 EA_CMD_BLOCK_t *cb_p,
354 N8_HashObject_t *hObjMD5_p,
355 uint32_t innerResult_md5_a,
356 uint32_t hashMsgMD5_a,
357 int hashingLength_md5,
358 N8_HashObject_t *hObjSHA_p,
359 uint32_t innerResult_sha_a,
360 uint32_t hashMsgSHA_a,
361 int hashingLength_sha,
362 uint32_t endresMD5_a,
363 uint32_t endresSHA1_a,
364 uint32_t outerMsgMD5_a,
365 unsigned int outer_md5Length,
366 uint32_t outerMsgSHA1_a,
367 unsigned int outer_shaLength);