1 /* SPDX-License-Identifier: ((GPL-2.0+ WITH Linux-syscall-note) OR MIT) */ 2 3 /* This is a source compatible implementation with the original API of 4 * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h. 5 * Placed under public domain */ 6 7 #ifndef _UAPI_CRYPTODEV_H 8 #define _UAPI_CRYPTODEV_H 9 10 #include <linux/types.h> 11 #include <linux/version.h> 12 #ifndef __KERNEL__ 13 #define __user 14 #endif 15 16 /* API extensions for linux */ 17 #define CRYPTO_HMAC_MAX_KEY_LEN 512 18 #define CRYPTO_CIPHER_MAX_KEY_LEN 64 19 20 /* All the supported algorithms 21 */ 22 enum cryptodev_crypto_op_t { 23 CRYPTO_DES_CBC = 1, 24 CRYPTO_3DES_CBC = 2, 25 CRYPTO_BLF_CBC = 3, 26 CRYPTO_CAST_CBC = 4, 27 CRYPTO_SKIPJACK_CBC = 5, 28 CRYPTO_MD5_HMAC = 6, 29 CRYPTO_SHA1_HMAC = 7, 30 CRYPTO_RIPEMD160_HMAC = 8, 31 CRYPTO_MD5_KPDK = 9, 32 CRYPTO_SHA1_KPDK = 10, 33 CRYPTO_RIJNDAEL128_CBC = 11, 34 CRYPTO_AES_CBC = CRYPTO_RIJNDAEL128_CBC, 35 CRYPTO_ARC4 = 12, 36 CRYPTO_MD5 = 13, 37 CRYPTO_SHA1 = 14, 38 CRYPTO_DEFLATE_COMP = 15, 39 CRYPTO_NULL = 16, 40 CRYPTO_LZS_COMP = 17, 41 CRYPTO_SHA2_256_HMAC = 18, 42 CRYPTO_SHA2_384_HMAC = 19, 43 CRYPTO_SHA2_512_HMAC = 20, 44 CRYPTO_AES_CTR = 21, 45 CRYPTO_AES_XTS = 22, 46 CRYPTO_AES_ECB = 23, 47 CRYPTO_AES_GCM = 50, 48 49 CRYPTO_CAMELLIA_CBC = 101, 50 CRYPTO_RIPEMD160, 51 CRYPTO_SHA2_224, 52 CRYPTO_SHA2_256, 53 CRYPTO_SHA2_384, 54 CRYPTO_SHA2_512, 55 CRYPTO_SHA2_224_HMAC, 56 CRYPTO_TLS11_AES_CBC_HMAC_SHA1, 57 CRYPTO_TLS12_AES_CBC_HMAC_SHA256, 58 59 CRYPTO_RK_DES_ECB = 150, 60 CRYPTO_RK_DES_CBC, 61 CRYPTO_RK_DES_CFB, 62 CRYPTO_RK_DES_OFB, 63 CRYPTO_RK_3DES_ECB, 64 CRYPTO_RK_3DES_CBC, 65 CRYPTO_RK_3DES_CFB, 66 CRYPTO_RK_3DES_OFB, 67 CRYPTO_RK_SM4_ECB, 68 CRYPTO_RK_SM4_CBC, 69 CRYPTO_RK_SM4_CFB, 70 CRYPTO_RK_SM4_OFB, 71 CRYPTO_RK_SM4_CTS, 72 CRYPTO_RK_SM4_CTR, 73 CRYPTO_RK_SM4_XTS, 74 CRYPTO_RK_SM4_CCM, 75 CRYPTO_RK_SM4_GCM, 76 CRYPTO_RK_SM4_CMAC, 77 CRYPTO_RK_SM4_CBC_MAC, 78 CRYPTO_RK_AES_ECB, 79 CRYPTO_RK_AES_CBC, 80 CRYPTO_RK_AES_CFB, 81 CRYPTO_RK_AES_OFB, 82 CRYPTO_RK_AES_CTS, 83 CRYPTO_RK_AES_CTR, 84 CRYPTO_RK_AES_XTS, 85 CRYPTO_RK_AES_CCM, 86 CRYPTO_RK_AES_GCM, 87 CRYPTO_RK_AES_CMAC, 88 CRYPTO_RK_AES_CBC_MAC, 89 CRYPTO_RK_MD5, 90 CRYPTO_RK_SHA1, 91 CRYPTO_RK_SHA224, 92 CRYPTO_RK_SHA256, 93 CRYPTO_RK_SHA384, 94 CRYPTO_RK_SHA512, 95 CRYPTO_RK_SHA512_224, 96 CRYPTO_RK_SHA512_256, 97 CRYPTO_RK_MD5_HMAC, 98 CRYPTO_RK_SHA1_HMAC, 99 CRYPTO_RK_SHA256_HMAC, 100 CRYPTO_RK_SHA512_HMAC, 101 CRYPTO_RK_SM3, 102 CRYPTO_RK_SM3_HMAC, 103 104 CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ 105 }; 106 107 #define CRYPTO_ALGORITHM_MAX (CRYPTO_ALGORITHM_ALL - 1) 108 109 /* Values for ciphers */ 110 #define DES_BLOCK_LEN 8 111 #define DES3_BLOCK_LEN 8 112 #define RIJNDAEL128_BLOCK_LEN 16 113 #define AES_BLOCK_LEN RIJNDAEL128_BLOCK_LEN 114 #define CAMELLIA_BLOCK_LEN 16 115 #define BLOWFISH_BLOCK_LEN 8 116 #define SKIPJACK_BLOCK_LEN 8 117 #define CAST128_BLOCK_LEN 8 118 119 /* the maximum of the above */ 120 #define EALG_MAX_BLOCK_LEN 16 121 122 /* Values for hashes/MAC */ 123 #define AALG_MAX_RESULT_LEN 64 124 125 /* maximum length of verbose alg names (depends on CRYPTO_MAX_ALG_NAME) */ 126 #define CRYPTODEV_MAX_ALG_NAME 64 127 128 #define HASH_MAX_LEN 64 129 130 /* input of CIOCGSESSION */ 131 struct session_op { 132 /* Specify either cipher or mac 133 */ 134 __u32 cipher; /* cryptodev_crypto_op_t */ 135 __u32 mac; /* cryptodev_crypto_op_t */ 136 137 __u32 keylen; 138 __u8 __user *key; 139 __u32 mackeylen; 140 __u8 __user *mackey; 141 142 __u32 ses; /* session identifier */ 143 }; 144 145 struct session_info_op { 146 __u32 ses; /* session identifier */ 147 148 /* verbose names for the requested ciphers */ 149 struct alg_info { 150 char cra_name[CRYPTODEV_MAX_ALG_NAME]; 151 char cra_driver_name[CRYPTODEV_MAX_ALG_NAME]; 152 } cipher_info, hash_info; 153 154 __u16 alignmask; /* alignment constraints */ 155 __u32 flags; /* SIOP_FLAGS_* */ 156 }; 157 158 /* If this flag is set then this algorithm uses 159 * a driver only available in kernel (software drivers, 160 * or drivers based on instruction sets do not set this flag). 161 * 162 * If multiple algorithms are involved (as in AEAD case), then 163 * if one of them is kernel-driver-only this flag will be set. 164 */ 165 #define SIOP_FLAG_KERNEL_DRIVER_ONLY 1 166 167 #define COP_ENCRYPT 0 168 #define COP_DECRYPT 1 169 170 /* input of CIOCCRYPT */ 171 struct crypt_op { 172 __u32 ses; /* session identifier */ 173 __u16 op; /* COP_ENCRYPT or COP_DECRYPT */ 174 __u16 flags; /* see COP_FLAG_* */ 175 __u32 len; /* length of source data */ 176 __u8 __user *src; /* source data */ 177 __u8 __user *dst; /* pointer to output data */ 178 /* pointer to output data for hash/MAC operations */ 179 __u8 __user *mac; 180 /* initialization vector for encryption operations */ 181 __u8 __user *iv; 182 }; 183 184 /* input of CIOCAUTHCRYPT */ 185 struct crypt_auth_op { 186 __u32 ses; /* session identifier */ 187 __u16 op; /* COP_ENCRYPT or COP_DECRYPT */ 188 __u16 flags; /* see COP_FLAG_AEAD_* */ 189 __u32 len; /* length of source data */ 190 __u32 auth_len; /* length of auth data */ 191 __u8 __user *auth_src; /* authenticated-only data */ 192 193 /* The current implementation is more efficient if data are 194 * encrypted in-place (src==dst). */ 195 __u8 __user *src; /* data to be encrypted and authenticated */ 196 __u8 __user *dst; /* pointer to output data. Must have 197 * space for tag. For TLS this should be at least 198 * len + tag_size + block_size for padding */ 199 200 __u8 __user *tag; /* where the tag will be copied to. TLS mode 201 * doesn't use that as tag is copied to dst. 202 * SRTP mode copies tag there. */ 203 __u32 tag_len; /* the length of the tag. Use zero for digest size or max tag. */ 204 205 /* initialization vector for encryption operations */ 206 __u8 __user *iv; 207 __u32 iv_len; 208 }; 209 210 /* In plain AEAD mode the following are required: 211 * flags : 0 212 * iv : the initialization vector (12 bytes) 213 * auth_len: the length of the data to be authenticated 214 * auth_src: the data to be authenticated 215 * len : length of data to be encrypted 216 * src : the data to be encrypted 217 * dst : space to hold encrypted data. It must have 218 * at least a size of len + tag_size. 219 * tag_size: the size of the desired authentication tag or zero to use 220 * the maximum tag output. 221 * 222 * Note tag isn't being used because the Linux AEAD interface 223 * copies the tag just after data. 224 */ 225 226 /* In TLS mode (used for CBC ciphers that required padding) 227 * the following are required: 228 * flags : COP_FLAG_AEAD_TLS_TYPE 229 * iv : the initialization vector 230 * auth_len: the length of the data to be authenticated only 231 * len : length of data to be encrypted 232 * auth_src: the data to be authenticated 233 * src : the data to be encrypted 234 * dst : space to hold encrypted data (preferably in-place). It must have 235 * at least a size of len + tag_size + blocksize. 236 * tag_size: the size of the desired authentication tag or zero to use 237 * the default mac output. 238 * 239 * Note that the padding used is the minimum padding. 240 */ 241 242 /* In SRTP mode the following are required: 243 * flags : COP_FLAG_AEAD_SRTP_TYPE 244 * iv : the initialization vector 245 * auth_len: the length of the data to be authenticated. This must 246 * include the SRTP header + SRTP payload (data to be encrypted) + rest 247 * 248 * len : length of data to be encrypted 249 * auth_src: pointer the data to be authenticated. Should point at the same buffer as src. 250 * src : pointer to the data to be encrypted. 251 * dst : This is mandatory to be the same as src (in-place only). 252 * tag_size: the size of the desired authentication tag or zero to use 253 * the default mac output. 254 * tag : Pointer to an address where the authentication tag will be copied. 255 */ 256 257 258 /* struct crypt_op flags */ 259 260 #define COP_FLAG_NONE (0 << 0) /* totally no flag */ 261 #define COP_FLAG_UPDATE (1 << 0) /* multi-update hash mode */ 262 #define COP_FLAG_FINAL (1 << 1) /* multi-update final hash mode */ 263 #define COP_FLAG_WRITE_IV (1 << 2) /* update the IV during operation */ 264 #define COP_FLAG_NO_ZC (1 << 3) /* do not zero-copy */ 265 #define COP_FLAG_AEAD_TLS_TYPE (1 << 4) /* authenticate and encrypt using the 266 * TLS protocol rules */ 267 #define COP_FLAG_AEAD_SRTP_TYPE (1 << 5) /* authenticate and encrypt using the 268 * SRTP protocol rules */ 269 #define COP_FLAG_RESET (1 << 6) /* multi-update reset the state. 270 * should be used in combination 271 * with COP_FLAG_UPDATE */ 272 #define COP_FLAG_AEAD_RK_TYPE (1 << 11) /* authenticate and encrypt using the 273 * rock-chips define rules */ 274 275 276 /* Stuff for bignum arithmetic and public key 277 * cryptography - not supported yet by linux 278 * cryptodev. 279 */ 280 281 #define CRYPTO_ALG_FLAG_SUPPORTED 1 282 #define CRYPTO_ALG_FLAG_RNG_ENABLE 2 283 #define CRYPTO_ALG_FLAG_DSA_SHA 4 284 285 struct crparam { 286 __u8 *crp_p; 287 __u32 crp_nbits; 288 }; 289 290 #define CRK_MAXPARAM 8 291 292 /* input of CIOCKEY */ 293 struct crypt_kop { 294 __u32 crk_op; /* cryptodev_crk_op_t */ 295 __u32 crk_status; 296 __u16 crk_iparams; 297 __u16 crk_oparams; 298 __u32 crk_pad1; 299 struct crparam crk_param[CRK_MAXPARAM]; 300 }; 301 302 enum cryptodev_crk_op_t { 303 CRK_MOD_EXP = 0, 304 CRK_MOD_EXP_CRT = 1, 305 CRK_DSA_SIGN = 2, 306 CRK_DSA_VERIFY = 3, 307 CRK_DH_COMPUTE_KEY = 4, 308 CRK_ALGORITHM_ALL 309 }; 310 311 /* input of CIOCCPHASH 312 * dst_ses : destination session identifier 313 * src_ses : source session identifier 314 * dst_ses must have been created with CIOGSESSION first 315 */ 316 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 29)) 317 struct cphash_op { 318 __u32 dst_ses; 319 __u32 src_ses; 320 }; 321 #endif 322 323 #define CRK_ALGORITHM_MAX (CRK_ALGORITHM_ALL-1) 324 325 /* features to be queried with CIOCASYMFEAT ioctl 326 */ 327 #define CRF_MOD_EXP (1 << CRK_MOD_EXP) 328 #define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT) 329 #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) 330 #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) 331 #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) 332 333 334 /* ioctl's. Compatible with old linux cryptodev.h 335 */ 336 #define CRIOGET _IOWR('c', 101, __u32) 337 #define CIOCGSESSION _IOWR('c', 102, struct session_op) 338 #define CIOCFSESSION _IOW('c', 103, __u32) 339 #define CIOCCRYPT _IOWR('c', 104, struct crypt_op) 340 #define CIOCKEY _IOWR('c', 105, struct crypt_kop) 341 #define CIOCASYMFEAT _IOR('c', 106, __u32) 342 #define CIOCGSESSINFO _IOWR('c', 107, struct session_info_op) 343 344 /* to indicate that CRIOGET is not required in linux 345 */ 346 #define CRIOGET_NOT_NEEDED 1 347 348 /* additional ioctls for AEAD */ 349 #define CIOCAUTHCRYPT _IOWR('c', 109, struct crypt_auth_op) 350 351 /* additional ioctls for asynchronous operation. 352 * These are conditionally enabled since version 1.6. 353 */ 354 #define CIOCASYNCCRYPT _IOW('c', 110, struct crypt_op) 355 #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) 356 357 /* additional ioctl for copying of hash/mac session state data 358 * between sessions. 359 * The cphash_op parameter should contain the session id of 360 * the source and destination sessions. Both sessions 361 * must have been created with CIOGSESSION. 362 */ 363 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 29)) 364 #define CIOCCPHASH _IOW('c', 112, struct cphash_op) 365 #endif 366 367 #endif /* L_CRYPTODEV_H */ 368