xref: /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h (revision 86ee543b2786068e4d192111ab5e582d065c2a8d) 
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3  * Copyright 2018-2021 NXP
4  *
5  * Brief   Asymmetric Cipher interface calling the HW crypto driver.
6  */
7 #ifndef __DRVCRYPT_ACIPHER_H__
8 #define __DRVCRYPT_ACIPHER_H__
9 
10 #include <crypto/crypto.h>
11 #include <tee_api_types.h>
12 
13 /*
14  * Assymetric Cipher RSA Algorithm enumerate
15  */
16 enum drvcrypt_rsa_id {
17 	DRVCRYPT_RSA_NOPAD = 0,	   /* RSA Algo mode NO PAD */
18 	DRVCRYPT_RSA_OAEP,	   /* RSA Algo mode OAEP */
19 	DRVCRYPT_RSA_PKCS_V1_5,	   /* RSA Algo mode PKCSv1.5 */
20 	DRVCRYPT_RSASSA_PKCS_V1_5, /* RSA Signature Algo mode PKCSv1.5 */
21 	DRVCRYPT_RSASSA_PSS,	   /* RSA Signature Algo mode PSS */
22 };
23 
24 /*
25  * RSA Key object
26  */
27 struct drvcrypt_rsakey {
28 	void *key;	/* Public or Private key */
29 	size_t n_size;	/* Size in bytes of the Modulus N */
30 	bool isprivate; /* True if private key */
31 };
32 
33 /*
34  * RSA Mask Generation data
35  */
36 struct drvcrypt_rsa_mgf {
37 	uint32_t hash_algo;	  /* HASH Algorithm */
38 	size_t digest_size;	  /* Hash Digest Size */
39 	struct drvcrypt_buf seed; /* Seed to generate mask */
40 	struct drvcrypt_buf mask; /* Mask generated */
41 };
42 
43 /*
44  * RSA Encoded Signature data
45  */
46 struct drvcrypt_rsa_ssa {
47 	uint32_t algo;		       /* Operation algorithm */
48 	uint32_t hash_algo;	       /* HASH Algorithm */
49 	size_t digest_size;	       /* Hash Digest Size */
50 	struct drvcrypt_rsakey key;    /* Public or Private Key */
51 	struct drvcrypt_buf message;   /* Message to sign or signed */
52 	struct drvcrypt_buf signature; /* Signature of the message */
53 	size_t salt_len;	       /* Signature Salt length */
54 
55 	/* RSA Mask Generation function */
56 	TEE_Result (*mgf)(struct drvcrypt_rsa_mgf *mgf_data);
57 };
58 
59 /*
60  * RSA Encrypt/Decrypt data
61  */
62 struct drvcrypt_rsa_ed {
63 	uint32_t algo;		     /* Operation algorithm */
64 	enum drvcrypt_rsa_id rsa_id; /* RSA Algorithm Id */
65 	uint32_t hash_algo;	     /* HASH Algorithm */
66 	size_t digest_size;	     /* Hash Digest Size */
67 	struct drvcrypt_rsakey key;  /* Public or Private key */
68 	struct drvcrypt_buf message; /* Message to encrypt or decrypted */
69 	struct drvcrypt_buf cipher;  /* Cipher encrypted or to decrypt */
70 	struct drvcrypt_buf label;   /* Additional Label (RSAES) */
71 	uint32_t mgf_algo;           /* MGF1 hash algorithm (RSAES) */
72 	size_t mgf_size;             /* MGF1 hash digest size (RSAES) */
73 
74 	/* RSA Mask Generation function */
75 	TEE_Result (*mgf)(struct drvcrypt_rsa_mgf *mgf_data);
76 };
77 
78 /*
79  * Crypto Library RSA driver operations
80  */
81 struct drvcrypt_rsa {
82 	/* Allocates the RSA keypair */
83 	TEE_Result (*alloc_keypair)(struct rsa_keypair *key, size_t size_bits);
84 	/* Allocates the RSA public key */
85 	TEE_Result (*alloc_publickey)(struct rsa_public_key *key,
86 				      size_t size_bits);
87 	/* Free RSA public key */
88 	void (*free_publickey)(struct rsa_public_key *key);
89 	/* Free RSA keypair */
90 	void (*free_keypair)(struct rsa_keypair *key);
91 	/* Generates the RSA keypair */
92 	TEE_Result (*gen_keypair)(struct rsa_keypair *key, size_t size_bits);
93 
94 	/* RSA Encryption */
95 	TEE_Result (*encrypt)(struct drvcrypt_rsa_ed *rsa_data);
96 	/* RSA Decryption */
97 	TEE_Result (*decrypt)(struct drvcrypt_rsa_ed *rsa_data);
98 
99 	struct {
100 		/* RSA Sign a message and encode the signature */
101 		TEE_Result (*ssa_sign)(struct drvcrypt_rsa_ssa *ssa_data);
102 		/* RSA Encoded Signature Verification */
103 		TEE_Result (*ssa_verify)(struct drvcrypt_rsa_ssa *ssa_data);
104 	} optional;
105 };
106 
107 /*
108  * Register a RSA processing driver in the crypto API
109  *
110  * @ops - Driver operations in the HW layer
111  */
drvcrypt_register_rsa(const struct drvcrypt_rsa * ops)112 static inline TEE_Result drvcrypt_register_rsa(const struct drvcrypt_rsa *ops)
113 {
114 	return drvcrypt_register(CRYPTO_RSA, (void *)ops);
115 }
116 
117 /*
118  * Signature data
119  */
120 struct drvcrypt_sign_data {
121 	uint32_t algo;               /* Operation algorithm */
122 	void *key;                   /* Public or Private Key */
123 	size_t size_sec;             /* Security size in bytes */
124 	struct drvcrypt_buf message;    /* Message to sign or signed */
125 	struct drvcrypt_buf signature;  /* Signature of the message */
126 };
127 
128 /*
129  * Shared Secret data
130  */
131 struct drvcrypt_secret_data {
132 	void *key_priv;		    /* Private Key */
133 	void *key_pub;		    /* Public Key */
134 	size_t size_sec;	    /* Security size in bytes */
135 	struct drvcrypt_buf secret; /* Shared secret */
136 };
137 
138 /*
139  * Encrypt/Decrypt data
140  */
141 struct drvcrypt_ecc_ed {
142 	uint32_t algo;                  /* Operation algorithm */
143 	void *key;                      /* Public or Private Key */
144 	size_t size_sec;                /* Security size in bytes */
145 	struct drvcrypt_buf plaintext;  /* Clear text message */
146 	struct drvcrypt_buf ciphertext; /* Encrypted message */
147 };
148 
149 /*
150  * Crypto ECC driver operations
151  */
152 struct drvcrypt_ecc {
153 	/* Allocates the ECC keypair */
154 	TEE_Result (*alloc_keypair)(struct ecc_keypair *key, uint32_t type,
155 				    size_t size_bits);
156 	/* Allocates the ECC public key */
157 	TEE_Result (*alloc_publickey)(struct ecc_public_key *key, uint32_t type,
158 				      size_t size_bits);
159 	/* Free ECC public key */
160 	void (*free_publickey)(struct ecc_public_key *key);
161 	/* Generates the ECC keypair */
162 	TEE_Result (*gen_keypair)(struct ecc_keypair *key, size_t size_bits);
163 	/* ECC Sign a message and returns the signature */
164 	TEE_Result (*sign)(struct drvcrypt_sign_data *sdata);
165 	/* ECC Verify a message's signature */
166 	TEE_Result (*verify)(struct drvcrypt_sign_data *sdata);
167 	/* ECC Shared Secret */
168 	TEE_Result (*shared_secret)(struct drvcrypt_secret_data *sdata);
169 	/* ECC Encrypt */
170 	TEE_Result (*encrypt)(struct drvcrypt_ecc_ed *cdata);
171 	/* ECC Decrypt */
172 	TEE_Result (*decrypt)(struct drvcrypt_ecc_ed *cdata);
173 };
174 
175 /*
176  * Register an ECC processing driver in the crypto API
177  *
178  * @ops - Driver operations in the HW layer
179  */
drvcrypt_register_ecc(struct drvcrypt_ecc * ops)180 static inline TEE_Result drvcrypt_register_ecc(struct drvcrypt_ecc *ops)
181 {
182 	return drvcrypt_register(CRYPTO_ECC, (void *)ops);
183 }
184 
185 /*
186  * Crypto Library DH driver operations
187  */
188 struct drvcrypt_dh {
189 	/* Allocates the DH keypair */
190 	TEE_Result (*alloc_keypair)(struct dh_keypair *key, size_t size_bits);
191 	/* Generates the DH keypair */
192 	TEE_Result (*gen_keypair)(struct dh_keypair *key, struct bignum *q,
193 				  size_t size_bits);
194 	/* DH Shared Secret */
195 	TEE_Result (*shared_secret)(struct drvcrypt_secret_data *sdata);
196 };
197 
198 /*
199  * Register a DH processing driver in the crypto API
200  *
201  * @ops - Driver operations in the HW layer
202  */
drvcrypt_register_dh(struct drvcrypt_dh * ops)203 static inline TEE_Result drvcrypt_register_dh(struct drvcrypt_dh *ops)
204 {
205 	return drvcrypt_register(CRYPTO_DH, (void *)ops);
206 }
207 
208 /*
209  * Crypto Library DSA driver operations
210  */
211 struct drvcrypt_dsa {
212 	/* Allocates the DSA keypair */
213 	TEE_Result (*alloc_keypair)(struct dsa_keypair *key, size_t l_bits,
214 				    size_t n_bits);
215 	/* Allocates the DSA public key */
216 	TEE_Result (*alloc_publickey)(struct dsa_public_key *key, size_t l_bits,
217 				      size_t n_bits);
218 	/* Generates the DSA keypair */
219 	TEE_Result (*gen_keypair)(struct dsa_keypair *key, size_t l_bits,
220 				  size_t n_bits);
221 	/* DSA Sign a message and returns the signature */
222 	TEE_Result (*sign)(struct drvcrypt_sign_data *sdata, size_t l_bytes,
223 			   size_t n_bytes);
224 	/* DSA Verify a message's signature */
225 	TEE_Result (*verify)(struct drvcrypt_sign_data *sdata, size_t l_bytes,
226 			     size_t n_bytes);
227 };
228 
229 /*
230  * Register a DSA processing driver in the crypto API
231  *
232  * @ops - Driver operations in the HW layer
233  */
drvcrypt_register_dsa(struct drvcrypt_dsa * ops)234 static inline TEE_Result drvcrypt_register_dsa(struct drvcrypt_dsa *ops)
235 {
236 	return drvcrypt_register(CRYPTO_DSA, (void *)ops);
237 }
238 
239 /*
240  * Crypto Library Montgomery driver operations
241  */
242 
243 struct drvcrypt_montgomery {
244 	/* Allocates the Montgomery key pair */
245 	TEE_Result (*alloc_keypair)(struct montgomery_keypair *key,
246 				    size_t size_bits);
247 	/* Generates the Montgomery key pair */
248 	TEE_Result (*gen_keypair)(struct montgomery_keypair *key,
249 				  size_t key_size);
250 	/* Montgomery Shared Secret */
251 	TEE_Result (*shared_secret)(struct drvcrypt_secret_data *sdata);
252 };
253 
254 /*
255  * Register a X25519 processing driver in the crypto API
256  *
257  * @ops - Driver operations in the HW layer
258  */
drvcrypt_register_x25519(struct drvcrypt_montgomery * ops)259 static inline TEE_Result drvcrypt_register_x25519(struct drvcrypt_montgomery
260 						  *ops)
261 {
262 	return drvcrypt_register(CRYPTO_X25519, (void *)ops);
263 }
264 
265 /*
266  * Register a X448 processing driver in the crypto API
267  *
268  * @ops - Driver operations in the HW layer
269  */
drvcrypt_register_x448(struct drvcrypt_montgomery * ops)270 static inline TEE_Result drvcrypt_register_x448(struct drvcrypt_montgomery *ops)
271 {
272 	return drvcrypt_register(CRYPTO_X448, (void *)ops);
273 }
274 
275 #endif /* __DRVCRYPT_ACIPHER_H__ */
276