/* SPDX-License-Identifier: GPL-2.0 */ /* * CAAM Protocol Data Block (PDB) definition header file * * Copyright 2008-2016 Freescale Semiconductor, Inc. * */ #ifndef CAAM_PDB_H #define CAAM_PDB_H #include "compat.h" /* * PDB- IPSec ESP Header Modification Options */ #define PDBHMO_ESP_DECAP_SHIFT … #define PDBHMO_ESP_ENCAP_SHIFT … /* * Encap and Decap - Decrement TTL (Hop Limit) - Based on the value of the * Options Byte IP version (IPvsn) field: * if IPv4, decrement the inner IP header TTL field (byte 8); * if IPv6 decrement the inner IP header Hop Limit field (byte 7). */ #define PDBHMO_ESP_DECAP_DEC_TTL … #define PDBHMO_ESP_ENCAP_DEC_TTL … /* * Decap - DiffServ Copy - Copy the IPv4 TOS or IPv6 Traffic Class byte * from the outer IP header to the inner IP header. */ #define PDBHMO_ESP_DIFFSERV … /* * Encap- Copy DF bit -if an IPv4 tunnel mode outer IP header is coming from * the PDB, copy the DF bit from the inner IP header to the outer IP header. */ #define PDBHMO_ESP_DFBIT … #define PDBNH_ESP_ENCAP_SHIFT … #define PDBNH_ESP_ENCAP_MASK … #define PDBHDRLEN_ESP_DECAP_SHIFT … #define PDBHDRLEN_MASK … #define PDB_NH_OFFSET_SHIFT … #define PDB_NH_OFFSET_MASK … /* * PDB - IPSec ESP Encap/Decap Options */ #define PDBOPTS_ESP_ARSNONE … #define PDBOPTS_ESP_ARS32 … #define PDBOPTS_ESP_ARS128 … #define PDBOPTS_ESP_ARS64 … #define PDBOPTS_ESP_ARS_MASK … #define PDBOPTS_ESP_IVSRC … #define PDBOPTS_ESP_ESN … #define PDBOPTS_ESP_OUTFMT … #define PDBOPTS_ESP_IPHDRSRC … #define PDBOPTS_ESP_INCIPHDR … #define PDBOPTS_ESP_IPVSN … #define PDBOPTS_ESP_AOFL … #define PDBOPTS_ESP_TUNNEL … #define PDBOPTS_ESP_IPV6 … #define PDBOPTS_ESP_DIFFSERV … #define PDBOPTS_ESP_UPDATE_CSUM … #define PDBOPTS_ESP_VERIFY_CSUM … /* * General IPSec encap/decap PDB definitions */ /** * ipsec_encap_cbc - PDB part for IPsec CBC encapsulation * @iv: 16-byte array initialization vector */ struct ipsec_encap_cbc { … }; /** * ipsec_encap_ctr - PDB part for IPsec CTR encapsulation * @ctr_nonce: 4-byte array nonce * @ctr_initial: initial count constant * @iv: initialization vector */ struct ipsec_encap_ctr { … }; /** * ipsec_encap_ccm - PDB part for IPsec CCM encapsulation * @salt: 3-byte array salt (lower 24 bits) * @ccm_opt: CCM algorithm options - MSB-LSB description: * b0_flags (8b) - CCM B0; use 0x5B for 8-byte ICV, 0x6B for 12-byte ICV, * 0x7B for 16-byte ICV (cf. RFC4309, RFC3610) * ctr_flags (8b) - counter flags; constant equal to 0x3 * ctr_initial (16b) - initial count constant * @iv: initialization vector */ struct ipsec_encap_ccm { … }; /** * ipsec_encap_gcm - PDB part for IPsec GCM encapsulation * @salt: 3-byte array salt (lower 24 bits) * @rsvd: reserved, do not use * @iv: initialization vector */ struct ipsec_encap_gcm { … }; /** * ipsec_encap_pdb - PDB for IPsec encapsulation * @options: MSB-LSB description * hmo (header manipulation options) - 4b * reserved - 4b * next header - 8b * next header offset - 8b * option flags (depend on selected algorithm) - 8b * @seq_num_ext_hi: (optional) IPsec Extended Sequence Number (ESN) * @seq_num: IPsec sequence number * @spi: IPsec SPI (Security Parameters Index) * @ip_hdr_len: optional IP Header length (in bytes) * reserved - 16b * Opt. IP Hdr Len - 16b * @ip_hdr: optional IP Header content */ struct ipsec_encap_pdb { … }; /** * ipsec_decap_cbc - PDB part for IPsec CBC decapsulation * @rsvd: reserved, do not use */ struct ipsec_decap_cbc { … }; /** * ipsec_decap_ctr - PDB part for IPsec CTR decapsulation * @ctr_nonce: 4-byte array nonce * @ctr_initial: initial count constant */ struct ipsec_decap_ctr { … }; /** * ipsec_decap_ccm - PDB part for IPsec CCM decapsulation * @salt: 3-byte salt (lower 24 bits) * @ccm_opt: CCM algorithm options - MSB-LSB description: * b0_flags (8b) - CCM B0; use 0x5B for 8-byte ICV, 0x6B for 12-byte ICV, * 0x7B for 16-byte ICV (cf. RFC4309, RFC3610) * ctr_flags (8b) - counter flags; constant equal to 0x3 * ctr_initial (16b) - initial count constant */ struct ipsec_decap_ccm { … }; /** * ipsec_decap_gcm - PDB part for IPsec GCN decapsulation * @salt: 4-byte salt * @rsvd: reserved, do not use */ struct ipsec_decap_gcm { … }; /** * ipsec_decap_pdb - PDB for IPsec decapsulation * @options: MSB-LSB description * hmo (header manipulation options) - 4b * IP header length - 12b * next header offset - 8b * option flags (depend on selected algorithm) - 8b * @seq_num_ext_hi: (optional) IPsec Extended Sequence Number (ESN) * @seq_num: IPsec sequence number * @anti_replay: Anti-replay window; size depends on ARS (option flags) */ struct ipsec_decap_pdb { … }; /* * IPSec ESP Datapath Protocol Override Register (DPOVRD) */ struct ipsec_deco_dpovrd { … }; /* * IEEE 802.11i WiFi Protocol Data Block */ #define WIFI_PDBOPTS_FCS … #define WIFI_PDBOPTS_AR … struct wifi_encap_pdb { … }; struct wifi_decap_pdb { … }; /* * IEEE 802.16 WiMAX Protocol Data Block */ #define WIMAX_PDBOPTS_FCS … #define WIMAX_PDBOPTS_AR … struct wimax_encap_pdb { … }; struct wimax_decap_pdb { … }; /* * IEEE 801.AE MacSEC Protocol Data Block */ #define MACSEC_PDBOPTS_FCS … #define MACSEC_PDBOPTS_AR … struct macsec_encap_pdb { … }; struct macsec_decap_pdb { … }; /* * SSL/TLS/DTLS Protocol Data Blocks */ #define TLS_PDBOPTS_ARS32 … #define TLS_PDBOPTS_ARS64 … #define TLS_PDBOPTS_OUTFMT … #define TLS_PDBOPTS_IV_WRTBK … #define TLS_PDBOPTS_EXP_RND_IV … struct tls_block_encap_pdb { … }; struct tls_stream_encap_pdb { … }; struct dtls_block_encap_pdb { … }; struct tls_block_decap_pdb { … }; struct tls_stream_decap_pdb { … }; struct dtls_block_decap_pdb { … }; /* * SRTP Protocol Data Blocks */ #define SRTP_PDBOPTS_MKI … #define SRTP_PDBOPTS_AR … struct srtp_encap_pdb { … }; struct srtp_decap_pdb { … }; /* * DSA/ECDSA Protocol Data Blocks * Two of these exist: DSA-SIGN, and DSA-VERIFY. They are similar * except for the treatment of "w" for verify, "s" for sign, * and the placement of "a,b". */ #define DSA_PDB_SGF_SHIFT … #define DSA_PDB_SGF_MASK … #define DSA_PDB_SGF_Q … #define DSA_PDB_SGF_R … #define DSA_PDB_SGF_G … #define DSA_PDB_SGF_W … #define DSA_PDB_SGF_S … #define DSA_PDB_SGF_F … #define DSA_PDB_SGF_C … #define DSA_PDB_SGF_D … #define DSA_PDB_SGF_AB_SIGN … #define DSA_PDB_SGF_AB_VERIFY … #define DSA_PDB_L_SHIFT … #define DSA_PDB_L_MASK … #define DSA_PDB_N_MASK … struct dsa_sign_pdb { … }; struct dsa_verify_pdb { … }; /* RSA Protocol Data Block */ #define RSA_PDB_SGF_SHIFT … #define RSA_PDB_E_SHIFT … #define RSA_PDB_E_MASK … #define RSA_PDB_D_SHIFT … #define RSA_PDB_D_MASK … #define RSA_PDB_Q_SHIFT … #define RSA_PDB_Q_MASK … #define RSA_PDB_SGF_F … #define RSA_PDB_SGF_G … #define RSA_PRIV_PDB_SGF_F … #define RSA_PRIV_PDB_SGF_G … #define RSA_PRIV_KEY_FRM_1 … #define RSA_PRIV_KEY_FRM_2 … #define RSA_PRIV_KEY_FRM_3 … /** * RSA Encrypt Protocol Data Block * @sgf: scatter-gather field * @f_dma: dma address of input data * @g_dma: dma address of encrypted output data * @n_dma: dma address of RSA modulus * @e_dma: dma address of RSA public exponent * @f_len: length in octets of the input data */ struct rsa_pub_pdb { … }; #define SIZEOF_RSA_PUB_PDB … /** * RSA Decrypt PDB - Private Key Form #1 * @sgf: scatter-gather field * @g_dma: dma address of encrypted input data * @f_dma: dma address of output data * @n_dma: dma address of RSA modulus * @d_dma: dma address of RSA private exponent */ struct rsa_priv_f1_pdb { … }; #define SIZEOF_RSA_PRIV_F1_PDB … /** * RSA Decrypt PDB - Private Key Form #2 * @sgf : scatter-gather field * @g_dma : dma address of encrypted input data * @f_dma : dma address of output data * @d_dma : dma address of RSA private exponent * @p_dma : dma address of RSA prime factor p of RSA modulus n * @q_dma : dma address of RSA prime factor q of RSA modulus n * @tmp1_dma: dma address of temporary buffer. CAAM uses this temporary buffer * as internal state buffer. It is assumed to be as long as p. * @tmp2_dma: dma address of temporary buffer. CAAM uses this temporary buffer * as internal state buffer. It is assumed to be as long as q. * @p_q_len : length in bytes of first two prime factors of the RSA modulus n */ struct rsa_priv_f2_pdb { … }; #define SIZEOF_RSA_PRIV_F2_PDB … /** * RSA Decrypt PDB - Private Key Form #3 * This is the RSA Chinese Reminder Theorem (CRT) form for two prime factors of * the RSA modulus. * @sgf : scatter-gather field * @g_dma : dma address of encrypted input data * @f_dma : dma address of output data * @c_dma : dma address of RSA CRT coefficient * @p_dma : dma address of RSA prime factor p of RSA modulus n * @q_dma : dma address of RSA prime factor q of RSA modulus n * @dp_dma : dma address of RSA CRT exponent of RSA prime factor p * @dp_dma : dma address of RSA CRT exponent of RSA prime factor q * @tmp1_dma: dma address of temporary buffer. CAAM uses this temporary buffer * as internal state buffer. It is assumed to be as long as p. * @tmp2_dma: dma address of temporary buffer. CAAM uses this temporary buffer * as internal state buffer. It is assumed to be as long as q. * @p_q_len : length in bytes of first two prime factors of the RSA modulus n */ struct rsa_priv_f3_pdb { … }; #define SIZEOF_RSA_PRIV_F3_PDB … #endif
Codebase Browser
linux