include/sys/crypto/common.h

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or https://opensource.org/licenses/CDDL-1.0.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
  23  */
  24 /*
  25  * Copyright 2013 Saso Kiselkov.  All rights reserved.
  26  */
  27
  28 #ifndef _SYS_CRYPTO_COMMON_H
  29 #define _SYS_CRYPTO_COMMON_H
  30
  31 /*
  32  * Header file for the common data structures of the cryptographic framework
  33  */
  34
  35 #ifdef __cplusplus
  36 extern "C" {
  37 #endif
  38
  39 #include <sys/zfs_context.h>
  40
  41 /* Cryptographic Mechanisms */
  42
  43 #define CRYPTO_MAX_MECH_NAME 32
  44 typedef char crypto_mech_name_t[CRYPTO_MAX_MECH_NAME];
  45
  46 typedef uint64_t crypto_mech_type_t;
  47
  48 typedef struct crypto_mechanism {
  49         crypto_mech_type_t      cm_type;        /* mechanism type */
  50         caddr_t                 cm_param;       /* mech. parameter */
  51         size_t                  cm_param_len;   /* mech. parameter len */
  52 } crypto_mechanism_t;
  53
  54 /* CK_AES_CTR_PARAMS provides parameters to the CKM_AES_CTR mechanism */
  55 typedef struct CK_AES_CTR_PARAMS {
  56         ulong_t ulCounterBits;
  57         uint8_t cb[16];
  58 } CK_AES_CTR_PARAMS;
  59
  60 /* CK_AES_CCM_PARAMS provides parameters to the CKM_AES_CCM mechanism */
  61 typedef struct CK_AES_CCM_PARAMS {
  62         ulong_t ulMACSize;
  63         ulong_t ulNonceSize;
  64         ulong_t ulAuthDataSize;
  65         ulong_t ulDataSize; /* used for plaintext or ciphertext */
  66         uchar_t *nonce;
  67         uchar_t *authData;
  68 } CK_AES_CCM_PARAMS;
  69
  70 /* CK_AES_GCM_PARAMS provides parameters to the CKM_AES_GCM mechanism */
  71 typedef struct CK_AES_GCM_PARAMS {
  72         uchar_t *pIv;
  73         ulong_t ulIvLen;
  74         ulong_t ulIvBits;
  75         uchar_t *pAAD;
  76         ulong_t ulAADLen;
  77         ulong_t ulTagBits;
  78 } CK_AES_GCM_PARAMS;
  79
  80 /* CK_AES_GMAC_PARAMS provides parameters to the CKM_AES_GMAC mechanism */
  81 typedef struct CK_AES_GMAC_PARAMS {
  82         uchar_t *pIv;
  83         uchar_t *pAAD;
  84         ulong_t ulAADLen;
  85 } CK_AES_GMAC_PARAMS;
  86
  87 /*
  88  * The measurement unit bit flag for a mechanism's minimum or maximum key size.
  89  * The unit are mechanism dependent.  It can be in bits or in bytes.
  90  */
  91 typedef uint32_t crypto_keysize_unit_t;
  92
  93
  94 /* Mechanisms supported out-of-the-box */
  95 #define SUN_CKM_SHA256                  "CKM_SHA256"
  96 #define SUN_CKM_SHA256_HMAC             "CKM_SHA256_HMAC"
  97 #define SUN_CKM_SHA256_HMAC_GENERAL     "CKM_SHA256_HMAC_GENERAL"
  98 #define SUN_CKM_SHA384                  "CKM_SHA384"
  99 #define SUN_CKM_SHA384_HMAC             "CKM_SHA384_HMAC"
 100 #define SUN_CKM_SHA384_HMAC_GENERAL     "CKM_SHA384_HMAC_GENERAL"
 101 #define SUN_CKM_SHA512                  "CKM_SHA512"
 102 #define SUN_CKM_SHA512_HMAC             "CKM_SHA512_HMAC"
 103 #define SUN_CKM_SHA512_HMAC_GENERAL     "CKM_SHA512_HMAC_GENERAL"
 104 #define SUN_CKM_SHA512_224              "CKM_SHA512_224"
 105 #define SUN_CKM_SHA512_256              "CKM_SHA512_256"
 106 #define SUN_CKM_AES_CBC                 "CKM_AES_CBC"
 107 #define SUN_CKM_AES_ECB                 "CKM_AES_ECB"
 108 #define SUN_CKM_AES_CTR                 "CKM_AES_CTR"
 109 #define SUN_CKM_AES_CCM                 "CKM_AES_CCM"
 110 #define SUN_CKM_AES_GCM                 "CKM_AES_GCM"
 111 #define SUN_CKM_AES_GMAC                "CKM_AES_GMAC"
 112
 113 /* Data arguments of cryptographic operations */
 114
 115 typedef enum crypto_data_format {
 116         CRYPTO_DATA_RAW = 1,
 117         CRYPTO_DATA_UIO,
 118 } crypto_data_format_t;
 119
 120 typedef struct crypto_data {
 121         crypto_data_format_t    cd_format;      /* Format identifier    */
 122         off_t                   cd_offset;      /* Offset from the beginning */
 123         size_t                  cd_length;      /* # of bytes in use */
 124         union {
 125                 /* Raw format */
 126                 iovec_t cd_raw;         /* Pointer and length       */
 127
 128                 /* uio scatter-gather format */
 129                 zfs_uio_t       *cd_uio;
 130         };      /* Crypto Data Union */
 131 } crypto_data_t;
 132
 133 /* The keys, and their contents */
 134
 135 typedef struct {
 136         uint_t  ck_length;      /* # of bits in ck_data   */
 137         void    *ck_data;       /* ptr to key value */
 138 } crypto_key_t;
 139
 140 /*
 141  * Raw key lengths are expressed in number of bits.
 142  * The following macro returns the minimum number of
 143  * bytes that can contain the specified number of bits.
 144  * Round up without overflowing the integer type.
 145  */
 146 #define CRYPTO_BITS2BYTES(n) ((n) == 0 ? 0 : (((n) - 1) >> 3) + 1)
 147 #define CRYPTO_BYTES2BITS(n) ((n) << 3)
 148
 149 /* Providers */
 150
 151 typedef uint32_t        crypto_provider_id_t;
 152 #define KCF_PROVID_INVALID      ((uint32_t)-1)
 153
 154 /* session data structure opaque to the consumer */
 155 typedef void *crypto_session_t;
 156
 157 #define PROVIDER_OWNS_KEY_SCHEDULE      0x00000001
 158
 159 /*
 160  * Common cryptographic status and error codes.
 161  */
 162 #define CRYPTO_SUCCESS                          0x00000000
 163 #define CRYPTO_HOST_MEMORY                      0x00000002
 164 #define CRYPTO_FAILED                           0x00000004
 165 #define CRYPTO_ARGUMENTS_BAD                    0x00000005
 166 #define CRYPTO_DATA_LEN_RANGE                   0x0000000C
 167 #define CRYPTO_ENCRYPTED_DATA_LEN_RANGE         0x00000011
 168 #define CRYPTO_KEY_SIZE_RANGE                   0x00000013
 169 #define CRYPTO_KEY_TYPE_INCONSISTENT            0x00000014
 170 #define CRYPTO_MECHANISM_INVALID                0x0000001C
 171 #define CRYPTO_MECHANISM_PARAM_INVALID          0x0000001D
 172 #define CRYPTO_SIGNATURE_INVALID                0x0000002D
 173 #define CRYPTO_BUFFER_TOO_SMALL                 0x00000042
 174 #define CRYPTO_NOT_SUPPORTED                    0x00000044
 175
 176 #define CRYPTO_INVALID_CONTEXT                  0x00000047
 177 #define CRYPTO_INVALID_MAC                      0x00000048
 178 #define CRYPTO_MECH_NOT_SUPPORTED               0x00000049
 179 #define CRYPTO_INVALID_PROVIDER_ID              0x0000004C
 180 #define CRYPTO_BUSY                             0x0000004E
 181 #define CRYPTO_UNKNOWN_PROVIDER                 0x0000004F
 182
 183 #ifdef __cplusplus
 184 }
 185 #endif
 186
 187 #endif /* _SYS_CRYPTO_COMMON_H */