1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 */ 2*4882a593Smuzhiyun /* 3*4882a593Smuzhiyun * caam - Freescale FSL CAAM support for Public Key Cryptography descriptors 4*4882a593Smuzhiyun * 5*4882a593Smuzhiyun * Copyright 2016 Freescale Semiconductor, Inc. 6*4882a593Smuzhiyun * 7*4882a593Smuzhiyun * There is no Shared Descriptor for PKC so that the Job Descriptor must carry 8*4882a593Smuzhiyun * all the desired key parameters, input and output pointers. 9*4882a593Smuzhiyun */ 10*4882a593Smuzhiyun 11*4882a593Smuzhiyun #ifndef _PKC_DESC_H_ 12*4882a593Smuzhiyun #define _PKC_DESC_H_ 13*4882a593Smuzhiyun #include "compat.h" 14*4882a593Smuzhiyun #include "pdb.h" 15*4882a593Smuzhiyun #include <crypto/engine.h> 16*4882a593Smuzhiyun 17*4882a593Smuzhiyun /** 18*4882a593Smuzhiyun * caam_priv_key_form - CAAM RSA private key representation 19*4882a593Smuzhiyun * CAAM RSA private key may have either of three forms. 20*4882a593Smuzhiyun * 21*4882a593Smuzhiyun * 1. The first representation consists of the pair (n, d), where the 22*4882a593Smuzhiyun * components have the following meanings: 23*4882a593Smuzhiyun * n the RSA modulus 24*4882a593Smuzhiyun * d the RSA private exponent 25*4882a593Smuzhiyun * 26*4882a593Smuzhiyun * 2. The second representation consists of the triplet (p, q, d), where the 27*4882a593Smuzhiyun * components have the following meanings: 28*4882a593Smuzhiyun * p the first prime factor of the RSA modulus n 29*4882a593Smuzhiyun * q the second prime factor of the RSA modulus n 30*4882a593Smuzhiyun * d the RSA private exponent 31*4882a593Smuzhiyun * 32*4882a593Smuzhiyun * 3. The third representation consists of the quintuple (p, q, dP, dQ, qInv), 33*4882a593Smuzhiyun * where the components have the following meanings: 34*4882a593Smuzhiyun * p the first prime factor of the RSA modulus n 35*4882a593Smuzhiyun * q the second prime factor of the RSA modulus n 36*4882a593Smuzhiyun * dP the first factors's CRT exponent 37*4882a593Smuzhiyun * dQ the second factors's CRT exponent 38*4882a593Smuzhiyun * qInv the (first) CRT coefficient 39*4882a593Smuzhiyun * 40*4882a593Smuzhiyun * The benefit of using the third or the second key form is lower computational 41*4882a593Smuzhiyun * cost for the decryption and signature operations. 42*4882a593Smuzhiyun */ 43*4882a593Smuzhiyun enum caam_priv_key_form { 44*4882a593Smuzhiyun FORM1, 45*4882a593Smuzhiyun FORM2, 46*4882a593Smuzhiyun FORM3 47*4882a593Smuzhiyun }; 48*4882a593Smuzhiyun 49*4882a593Smuzhiyun /** 50*4882a593Smuzhiyun * caam_rsa_key - CAAM RSA key structure. Keys are allocated in DMA zone. 51*4882a593Smuzhiyun * @n : RSA modulus raw byte stream 52*4882a593Smuzhiyun * @e : RSA public exponent raw byte stream 53*4882a593Smuzhiyun * @d : RSA private exponent raw byte stream 54*4882a593Smuzhiyun * @p : RSA prime factor p of RSA modulus n 55*4882a593Smuzhiyun * @q : RSA prime factor q of RSA modulus n 56*4882a593Smuzhiyun * @dp : RSA CRT exponent of p 57*4882a593Smuzhiyun * @dp : RSA CRT exponent of q 58*4882a593Smuzhiyun * @qinv : RSA CRT coefficient 59*4882a593Smuzhiyun * @tmp1 : CAAM uses this temporary buffer as internal state buffer. 60*4882a593Smuzhiyun * It is assumed to be as long as p. 61*4882a593Smuzhiyun * @tmp2 : CAAM uses this temporary buffer as internal state buffer. 62*4882a593Smuzhiyun * It is assumed to be as long as q. 63*4882a593Smuzhiyun * @n_sz : length in bytes of RSA modulus n 64*4882a593Smuzhiyun * @e_sz : length in bytes of RSA public exponent 65*4882a593Smuzhiyun * @d_sz : length in bytes of RSA private exponent 66*4882a593Smuzhiyun * @p_sz : length in bytes of RSA prime factor p of RSA modulus n 67*4882a593Smuzhiyun * @q_sz : length in bytes of RSA prime factor q of RSA modulus n 68*4882a593Smuzhiyun * @priv_form : CAAM RSA private key representation 69*4882a593Smuzhiyun */ 70*4882a593Smuzhiyun struct caam_rsa_key { 71*4882a593Smuzhiyun u8 *n; 72*4882a593Smuzhiyun u8 *e; 73*4882a593Smuzhiyun u8 *d; 74*4882a593Smuzhiyun u8 *p; 75*4882a593Smuzhiyun u8 *q; 76*4882a593Smuzhiyun u8 *dp; 77*4882a593Smuzhiyun u8 *dq; 78*4882a593Smuzhiyun u8 *qinv; 79*4882a593Smuzhiyun u8 *tmp1; 80*4882a593Smuzhiyun u8 *tmp2; 81*4882a593Smuzhiyun size_t n_sz; 82*4882a593Smuzhiyun size_t e_sz; 83*4882a593Smuzhiyun size_t d_sz; 84*4882a593Smuzhiyun size_t p_sz; 85*4882a593Smuzhiyun size_t q_sz; 86*4882a593Smuzhiyun enum caam_priv_key_form priv_form; 87*4882a593Smuzhiyun }; 88*4882a593Smuzhiyun 89*4882a593Smuzhiyun /** 90*4882a593Smuzhiyun * caam_rsa_ctx - per session context. 91*4882a593Smuzhiyun * @enginectx : crypto engine context 92*4882a593Smuzhiyun * @key : RSA key in DMA zone 93*4882a593Smuzhiyun * @dev : device structure 94*4882a593Smuzhiyun * @padding_dma : dma address of padding, for adding it to the input 95*4882a593Smuzhiyun */ 96*4882a593Smuzhiyun struct caam_rsa_ctx { 97*4882a593Smuzhiyun struct crypto_engine_ctx enginectx; 98*4882a593Smuzhiyun struct caam_rsa_key key; 99*4882a593Smuzhiyun struct device *dev; 100*4882a593Smuzhiyun dma_addr_t padding_dma; 101*4882a593Smuzhiyun 102*4882a593Smuzhiyun }; 103*4882a593Smuzhiyun 104*4882a593Smuzhiyun /** 105*4882a593Smuzhiyun * caam_rsa_req_ctx - per request context. 106*4882a593Smuzhiyun * @src : input scatterlist (stripped of leading zeros) 107*4882a593Smuzhiyun * @fixup_src : input scatterlist (that might be stripped of leading zeros) 108*4882a593Smuzhiyun * @fixup_src_len : length of the fixup_src input scatterlist 109*4882a593Smuzhiyun * @edesc : s/w-extended rsa descriptor 110*4882a593Smuzhiyun * @akcipher_op_done : callback used when operation is done 111*4882a593Smuzhiyun */ 112*4882a593Smuzhiyun struct caam_rsa_req_ctx { 113*4882a593Smuzhiyun struct scatterlist src[2]; 114*4882a593Smuzhiyun struct scatterlist *fixup_src; 115*4882a593Smuzhiyun unsigned int fixup_src_len; 116*4882a593Smuzhiyun struct rsa_edesc *edesc; 117*4882a593Smuzhiyun void (*akcipher_op_done)(struct device *jrdev, u32 *desc, u32 err, 118*4882a593Smuzhiyun void *context); 119*4882a593Smuzhiyun }; 120*4882a593Smuzhiyun 121*4882a593Smuzhiyun /** 122*4882a593Smuzhiyun * rsa_edesc - s/w-extended rsa descriptor 123*4882a593Smuzhiyun * @src_nents : number of segments in input s/w scatterlist 124*4882a593Smuzhiyun * @dst_nents : number of segments in output s/w scatterlist 125*4882a593Smuzhiyun * @mapped_src_nents: number of segments in input h/w link table 126*4882a593Smuzhiyun * @mapped_dst_nents: number of segments in output h/w link table 127*4882a593Smuzhiyun * @sec4_sg_bytes : length of h/w link table 128*4882a593Smuzhiyun * @bklog : stored to determine if the request needs backlog 129*4882a593Smuzhiyun * @sec4_sg_dma : dma address of h/w link table 130*4882a593Smuzhiyun * @sec4_sg : pointer to h/w link table 131*4882a593Smuzhiyun * @pdb : specific RSA Protocol Data Block (PDB) 132*4882a593Smuzhiyun * @hw_desc : descriptor followed by link tables if any 133*4882a593Smuzhiyun */ 134*4882a593Smuzhiyun struct rsa_edesc { 135*4882a593Smuzhiyun int src_nents; 136*4882a593Smuzhiyun int dst_nents; 137*4882a593Smuzhiyun int mapped_src_nents; 138*4882a593Smuzhiyun int mapped_dst_nents; 139*4882a593Smuzhiyun int sec4_sg_bytes; 140*4882a593Smuzhiyun bool bklog; 141*4882a593Smuzhiyun dma_addr_t sec4_sg_dma; 142*4882a593Smuzhiyun struct sec4_sg_entry *sec4_sg; 143*4882a593Smuzhiyun union { 144*4882a593Smuzhiyun struct rsa_pub_pdb pub; 145*4882a593Smuzhiyun struct rsa_priv_f1_pdb priv_f1; 146*4882a593Smuzhiyun struct rsa_priv_f2_pdb priv_f2; 147*4882a593Smuzhiyun struct rsa_priv_f3_pdb priv_f3; 148*4882a593Smuzhiyun } pdb; 149*4882a593Smuzhiyun u32 hw_desc[]; 150*4882a593Smuzhiyun }; 151*4882a593Smuzhiyun 152*4882a593Smuzhiyun /* Descriptor construction primitives. */ 153*4882a593Smuzhiyun void init_rsa_pub_desc(u32 *desc, struct rsa_pub_pdb *pdb); 154*4882a593Smuzhiyun void init_rsa_priv_f1_desc(u32 *desc, struct rsa_priv_f1_pdb *pdb); 155*4882a593Smuzhiyun void init_rsa_priv_f2_desc(u32 *desc, struct rsa_priv_f2_pdb *pdb); 156*4882a593Smuzhiyun void init_rsa_priv_f3_desc(u32 *desc, struct rsa_priv_f3_pdb *pdb); 157*4882a593Smuzhiyun 158*4882a593Smuzhiyun #endif 159