1 /* SPDX-License-Identifier: ((GPL-2.0+ WITH Linux-syscall-note) OR MIT) */ 2 3 /* This is a source compatible implementation with the original API of 4 * cryptodev by Angelos D. Keromytis, found at openbsd cryptodev.h. 5 * Placed under public domain */ 6 7 #ifndef _UAPI_CRYPTODEV_H 8 #define _UAPI_CRYPTODEV_H 9 10 #include <linux/types.h> 11 #include <linux/version.h> 12 #ifndef __KERNEL__ 13 #define __user 14 #endif 15 16 /* API extensions for linux */ 17 #define CRYPTO_HMAC_MAX_KEY_LEN 512 18 #define CRYPTO_CIPHER_MAX_KEY_LEN 64 19 20 /* All the supported algorithms 21 */ 22 enum cryptodev_crypto_op_t { 23 CRYPTO_DES_CBC = 1, 24 CRYPTO_3DES_CBC = 2, 25 CRYPTO_BLF_CBC = 3, 26 CRYPTO_CAST_CBC = 4, 27 CRYPTO_SKIPJACK_CBC = 5, 28 CRYPTO_MD5_HMAC = 6, 29 CRYPTO_SHA1_HMAC = 7, 30 CRYPTO_RIPEMD160_HMAC = 8, 31 CRYPTO_MD5_KPDK = 9, 32 CRYPTO_SHA1_KPDK = 10, 33 CRYPTO_RIJNDAEL128_CBC = 11, 34 CRYPTO_AES_CBC = CRYPTO_RIJNDAEL128_CBC, 35 CRYPTO_ARC4 = 12, 36 CRYPTO_MD5 = 13, 37 CRYPTO_SHA1 = 14, 38 CRYPTO_DEFLATE_COMP = 15, 39 CRYPTO_NULL = 16, 40 CRYPTO_LZS_COMP = 17, 41 CRYPTO_SHA2_256_HMAC = 18, 42 CRYPTO_SHA2_384_HMAC = 19, 43 CRYPTO_SHA2_512_HMAC = 20, 44 CRYPTO_AES_CTR = 21, 45 CRYPTO_AES_XTS = 22, 46 CRYPTO_AES_ECB = 23, 47 CRYPTO_AES_GCM = 50, 48 49 CRYPTO_CAMELLIA_CBC = 101, 50 CRYPTO_RIPEMD160, 51 CRYPTO_SHA2_224, 52 CRYPTO_SHA2_256, 53 CRYPTO_SHA2_384, 54 CRYPTO_SHA2_512, 55 CRYPTO_SHA2_224_HMAC, 56 CRYPTO_TLS11_AES_CBC_HMAC_SHA1, 57 CRYPTO_TLS12_AES_CBC_HMAC_SHA256, 58 59 CRYPTO_RK_DES_ECB = 150, 60 CRYPTO_RK_DES_CBC, 61 CRYPTO_RK_DES_CFB, 62 CRYPTO_RK_DES_OFB, 63 CRYPTO_RK_3DES_ECB, 64 CRYPTO_RK_3DES_CBC, 65 CRYPTO_RK_3DES_CFB, 66 CRYPTO_RK_3DES_OFB, 67 CRYPTO_RK_SM4_ECB, 68 CRYPTO_RK_SM4_CBC, 69 CRYPTO_RK_SM4_CFB, 70 CRYPTO_RK_SM4_OFB, 71 CRYPTO_RK_SM4_CTS, 72 CRYPTO_RK_SM4_CTR, 73 CRYPTO_RK_SM4_XTS, 74 CRYPTO_RK_SM4_CCM, 75 CRYPTO_RK_SM4_GCM, 76 CRYPTO_RK_SM4_CMAC, 77 CRYPTO_RK_SM4_CBC_MAC, 78 CRYPTO_RK_AES_ECB, 79 CRYPTO_RK_AES_CBC, 80 CRYPTO_RK_AES_CFB, 81 CRYPTO_RK_AES_OFB, 82 CRYPTO_RK_AES_CTS, 83 CRYPTO_RK_AES_CTR, 84 CRYPTO_RK_AES_XTS, 85 CRYPTO_RK_AES_CCM, 86 CRYPTO_RK_AES_GCM, 87 CRYPTO_RK_AES_CMAC, 88 CRYPTO_RK_AES_CBC_MAC, 89 CRYPTO_RK_MD5, 90 CRYPTO_RK_SHA1, 91 CRYPTO_RK_SHA224, 92 CRYPTO_RK_SHA256, 93 CRYPTO_RK_SHA384, 94 CRYPTO_RK_SHA512, 95 CRYPTO_RK_SHA512_224, 96 CRYPTO_RK_SHA512_256, 97 CRYPTO_RK_MD5_HMAC, 98 CRYPTO_RK_SHA1_HMAC, 99 CRYPTO_RK_SHA256_HMAC, 100 CRYPTO_RK_SHA512_HMAC, 101 CRYPTO_RK_SM3, 102 CRYPTO_RK_SM3_HMAC, 103 104 CRYPTO_ALGORITHM_ALL, /* Keep updated - see below */ 105 }; 106 107 #define CRYPTO_ALGORITHM_MAX (CRYPTO_ALGORITHM_ALL - 1) 108 109 /* Values for ciphers */ 110 #define DES_BLOCK_LEN 8 111 #define DES3_BLOCK_LEN 8 112 #define RIJNDAEL128_BLOCK_LEN 16 113 #define AES_BLOCK_LEN RIJNDAEL128_BLOCK_LEN 114 #define CAMELLIA_BLOCK_LEN 16 115 #define BLOWFISH_BLOCK_LEN 8 116 #define SKIPJACK_BLOCK_LEN 8 117 #define CAST128_BLOCK_LEN 8 118 119 /* the maximum of the above */ 120 #define EALG_MAX_BLOCK_LEN 16 121 122 /* Values for hashes/MAC */ 123 #define AALG_MAX_RESULT_LEN 64 124 125 /* maximum length of verbose alg names (depends on CRYPTO_MAX_ALG_NAME) */ 126 #define CRYPTODEV_MAX_ALG_NAME 64 127 128 #define HASH_MAX_LEN 64 129 130 /* input of CIOCGSESSION */ 131 struct session_op { 132 /* Specify either cipher or mac 133 */ 134 __u32 cipher; /* cryptodev_crypto_op_t */ 135 __u32 mac; /* cryptodev_crypto_op_t */ 136 137 __u32 keylen; 138 __u8 __user *key; 139 __u32 mackeylen; 140 __u8 __user *mackey; 141 142 __u32 ses; /* session identifier */ 143 }; 144 145 struct session_info_op { 146 __u32 ses; /* session identifier */ 147 148 /* verbose names for the requested ciphers */ 149 struct alg_info { 150 char cra_name[CRYPTODEV_MAX_ALG_NAME]; 151 char cra_driver_name[CRYPTODEV_MAX_ALG_NAME]; 152 } cipher_info, hash_info; 153 154 __u16 alignmask; /* alignment constraints */ 155 __u32 flags; /* SIOP_FLAGS_* */ 156 }; 157 158 /* If this flag is set then this algorithm uses 159 * a driver only available in kernel (software drivers, 160 * or drivers based on instruction sets do not set this flag). 161 * 162 * If multiple algorithms are involved (as in AEAD case), then 163 * if one of them is kernel-driver-only this flag will be set. 164 */ 165 #define SIOP_FLAG_KERNEL_DRIVER_ONLY 1 166 167 #define COP_ENCRYPT 0 168 #define COP_DECRYPT 1 169 170 /* input of CIOCCRYPT */ 171 struct crypt_op { 172 __u32 ses; /* session identifier */ 173 __u16 op; /* COP_ENCRYPT or COP_DECRYPT */ 174 __u16 flags; /* see COP_FLAG_* */ 175 __u32 len; /* length of source data */ 176 __u8 __user *src; /* source data */ 177 __u8 __user *dst; /* pointer to output data */ 178 /* pointer to output data for hash/MAC operations */ 179 __u8 __user *mac; 180 /* initialization vector for encryption operations */ 181 __u8 __user *iv; 182 }; 183 184 /* input of CIOCAUTHCRYPT */ 185 struct crypt_auth_op { 186 __u32 ses; /* session identifier */ 187 __u16 op; /* COP_ENCRYPT or COP_DECRYPT */ 188 __u16 flags; /* see COP_FLAG_AEAD_* */ 189 __u32 len; /* length of source data */ 190 __u32 auth_len; /* length of auth data */ 191 __u8 __user *auth_src; /* authenticated-only data */ 192 193 /* The current implementation is more efficient if data are 194 * encrypted in-place (src==dst). */ 195 __u8 __user *src; /* data to be encrypted and authenticated */ 196 __u8 __user *dst; /* pointer to output data. Must have 197 * space for tag. For TLS this should be at least 198 * len + tag_size + block_size for padding 199 */ 200 201 __u8 __user *tag; /* where the tag will be copied to. TLS mode 202 * doesn't use that as tag is copied to dst. 203 * SRTP mode copies tag there. */ 204 __u32 tag_len; /* the length of the tag. Use zero for digest size or max tag. */ 205 206 /* initialization vector for encryption operations */ 207 __u8 __user *iv; 208 __u32 iv_len; 209 }; 210 211 /* In plain AEAD mode the following are required: 212 * flags : 0 213 * iv : the initialization vector (12 bytes) 214 * auth_len: the length of the data to be authenticated 215 * auth_src: the data to be authenticated 216 * len : length of data to be encrypted 217 * src : the data to be encrypted 218 * dst : space to hold encrypted data. It must have 219 * at least a size of len + tag_size. 220 * tag_size: the size of the desired authentication tag or zero to use 221 * the maximum tag output. 222 * 223 * Note tag isn't being used because the Linux AEAD interface 224 * copies the tag just after data. 225 */ 226 227 /* In TLS mode (used for CBC ciphers that required padding) 228 * the following are required: 229 * flags : COP_FLAG_AEAD_TLS_TYPE 230 * iv : the initialization vector 231 * auth_len: the length of the data to be authenticated only 232 * len : length of data to be encrypted 233 * auth_src: the data to be authenticated 234 * src : the data to be encrypted 235 * dst : space to hold encrypted data (preferably in-place). It must have 236 * at least a size of len + tag_size + blocksize. 237 * tag_size: the size of the desired authentication tag or zero to use 238 * the default mac output. 239 * 240 * Note that the padding used is the minimum padding. 241 */ 242 243 /* In SRTP mode the following are required: 244 * flags : COP_FLAG_AEAD_SRTP_TYPE 245 * iv : the initialization vector 246 * auth_len: the length of the data to be authenticated. This must 247 * include the SRTP header + SRTP payload (data to be encrypted) + rest 248 * 249 * len : length of data to be encrypted 250 * auth_src: pointer the data to be authenticated. Should point at the same buffer as src. 251 * src : pointer to the data to be encrypted. 252 * dst : This is mandatory to be the same as src (in-place only). 253 * tag_size: the size of the desired authentication tag or zero to use 254 * the default mac output. 255 * tag : Pointer to an address where the authentication tag will be copied. 256 */ 257 258 259 /* struct crypt_op flags */ 260 261 #define COP_FLAG_NONE (0 << 0) /* totally no flag */ 262 #define COP_FLAG_UPDATE (1 << 0) /* multi-update hash mode */ 263 #define COP_FLAG_FINAL (1 << 1) /* multi-update final hash mode */ 264 #define COP_FLAG_WRITE_IV (1 << 2) /* update the IV during operation */ 265 #define COP_FLAG_NO_ZC (1 << 3) /* do not zero-copy */ 266 #define COP_FLAG_AEAD_TLS_TYPE (1 << 4) /* authenticate and encrypt using the 267 * TLS protocol rules */ 268 #define COP_FLAG_AEAD_SRTP_TYPE (1 << 5) /* authenticate and encrypt using the 269 * SRTP protocol rules */ 270 #define COP_FLAG_RESET (1 << 6) /* multi-update reset the state. 271 * should be used in combination 272 * with COP_FLAG_UPDATE */ 273 #define COP_FLAG_AEAD_RK_TYPE (1 << 11) /* authenticate and encrypt using the 274 * rock-chips define rules 275 */ 276 277 278 /* Stuff for bignum arithmetic and public key 279 * cryptography - not supported yet by linux 280 * cryptodev. 281 */ 282 283 #define CRYPTO_ALG_FLAG_SUPPORTED 1 284 #define CRYPTO_ALG_FLAG_RNG_ENABLE 2 285 #define CRYPTO_ALG_FLAG_DSA_SHA 4 286 287 struct crparam { 288 __u8 *crp_p; 289 __u32 crp_nbits; 290 }; 291 292 #define CRK_MAXPARAM 8 293 294 /* input of CIOCKEY */ 295 struct crypt_kop { 296 __u32 crk_op; /* cryptodev_crk_op_t */ 297 __u32 crk_status; 298 __u16 crk_iparams; 299 __u16 crk_oparams; 300 __u32 crk_pad1; 301 struct crparam crk_param[CRK_MAXPARAM]; 302 }; 303 304 enum cryptodev_crk_op_t { 305 CRK_MOD_EXP = 0, 306 CRK_MOD_EXP_CRT = 1, 307 CRK_DSA_SIGN = 2, 308 CRK_DSA_VERIFY = 3, 309 CRK_DH_COMPUTE_KEY = 4, 310 CRK_ALGORITHM_ALL 311 }; 312 313 /* input of CIOCCPHASH 314 * dst_ses : destination session identifier 315 * src_ses : source session identifier 316 * dst_ses must have been created with CIOGSESSION first 317 */ 318 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 29)) 319 struct cphash_op { 320 __u32 dst_ses; 321 __u32 src_ses; 322 }; 323 #endif 324 325 #define CRK_ALGORITHM_MAX (CRK_ALGORITHM_ALL-1) 326 327 /* features to be queried with CIOCASYMFEAT ioctl 328 */ 329 #define CRF_MOD_EXP (1 << CRK_MOD_EXP) 330 #define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT) 331 #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) 332 #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) 333 #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) 334 335 336 /* ioctl's. Compatible with old linux cryptodev.h 337 */ 338 #define CRIOGET _IOWR('c', 101, __u32) 339 #define CIOCGSESSION _IOWR('c', 102, struct session_op) 340 #define CIOCFSESSION _IOW('c', 103, __u32) 341 #define CIOCCRYPT _IOWR('c', 104, struct crypt_op) 342 #define CIOCKEY _IOWR('c', 105, struct crypt_kop) 343 #define CIOCASYMFEAT _IOR('c', 106, __u32) 344 #define CIOCGSESSINFO _IOWR('c', 107, struct session_info_op) 345 346 /* to indicate that CRIOGET is not required in linux 347 */ 348 #define CRIOGET_NOT_NEEDED 1 349 350 /* additional ioctls for AEAD */ 351 #define CIOCAUTHCRYPT _IOWR('c', 109, struct crypt_auth_op) 352 353 /* additional ioctls for asynchronous operation. 354 * These are conditionally enabled since version 1.6. 355 */ 356 #define CIOCASYNCCRYPT _IOW('c', 110, struct crypt_op) 357 #define CIOCASYNCFETCH _IOR('c', 111, struct crypt_op) 358 359 /* additional ioctl for copying of hash/mac session state data 360 * between sessions. 361 * The cphash_op parameter should contain the session id of 362 * the source and destination sessions. Both sessions 363 * must have been created with CIOGSESSION. 364 */ 365 #if (LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 29)) 366 #define CIOCCPHASH _IOW('c', 112, struct cphash_op) 367 #endif 368 369 #endif /* L_CRYPTODEV_H */ 370