xref: /rk3399_ARM-atf/include/drivers/auth/crypto_mod.h (revision 06f3c7058c42a9f1a9f7df75ea2de71a000855e8) 
1 /*
2  * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #ifndef CRYPTO_MOD_H
8 #define CRYPTO_MOD_H
9 
10 #define	CRYPTO_AUTH_VERIFY_ONLY			1
11 #define	CRYPTO_HASH_CALC_ONLY			2
12 #define	CRYPTO_AUTH_VERIFY_AND_HASH_CALC	3
13 
14 /* Return values */
15 enum crypto_ret_value {
16 	CRYPTO_SUCCESS = 0,
17 	CRYPTO_ERR_INIT,
18 	CRYPTO_ERR_HASH,
19 	CRYPTO_ERR_SIGNATURE,
20 	CRYPTO_ERR_DECRYPTION,
21 	CRYPTO_ERR_UNKNOWN
22 };
23 
24 #define CRYPTO_MAX_IV_SIZE		16U
25 #define CRYPTO_MAX_TAG_SIZE		16U
26 
27 /* Decryption algorithm */
28 enum crypto_dec_algo {
29 	CRYPTO_GCM_DECRYPT = 0
30 };
31 
32 /* Message digest algorithm */
33 enum crypto_md_algo {
34 	CRYPTO_MD_SHA256,
35 	CRYPTO_MD_SHA384,
36 	CRYPTO_MD_SHA512,
37 };
38 
39 /* Maximum size as per the known stronger hash algorithm i.e.SHA512 */
40 #define CRYPTO_MD_MAX_SIZE		64U
41 
42 /*
43  * Cryptographic library descriptor
44  */
45 typedef struct crypto_lib_desc_s {
46 	const char *name;
47 
48 	/* Initialize library. This function is not expected to fail. All errors
49 	 * must be handled inside the function, asserting or panicking in case of
50 	 * a non-recoverable error */
51 	void (*init)(void);
52 
53 	/* Verify a digital signature. Return one of the
54 	 * 'enum crypto_ret_value' options */
55 	int (*verify_signature)(void *data_ptr, unsigned int data_len,
56 				void *sig_ptr, unsigned int sig_len,
57 				void *sig_alg, unsigned int sig_alg_len,
58 				void *pk_ptr, unsigned int pk_len);
59 
60 	/* Verify a hash. Return one of the 'enum crypto_ret_value' options */
61 	int (*verify_hash)(void *data_ptr, unsigned int data_len,
62 			   void *digest_info_ptr, unsigned int digest_info_len);
63 
64 	/* Calculate a hash. Return hash value */
65 	int (*calc_hash)(enum crypto_md_algo md_alg, void *data_ptr,
66 			 unsigned int data_len,
67 			 unsigned char output[CRYPTO_MD_MAX_SIZE]);
68 
69 	/* Convert Public key (optional) */
70 	int (*convert_pk)(void *full_pk_ptr, unsigned int full_pk_len,
71 			  void **hashed_pk_ptr, unsigned int *hashed_pk_len);
72 
73 	/*
74 	 * Authenticated decryption. Return one of the
75 	 * 'enum crypto_ret_value' options.
76 	 */
77 	int (*auth_decrypt)(enum crypto_dec_algo dec_algo, void *data_ptr,
78 			    size_t len, const void *key, unsigned int key_len,
79 			    unsigned int key_flags, const void *iv,
80 			    unsigned int iv_len, const void *tag,
81 			    unsigned int tag_len);
82 
83 	/*
84 	 * Finish using the crypto library,
85 	 * anything to be done to wrap up crypto usage done here.
86 	 */
87 	void (*finish)(void);
88 } crypto_lib_desc_t;
89 
90 /* Public functions */
91 #if CRYPTO_SUPPORT
92 void crypto_mod_init(void);
93 #else
94 static inline void crypto_mod_init(void)
95 {
96 }
97 #endif /* CRYPTO_SUPPORT */
98 
99 #if (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY) || \
100     (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC)
101 int crypto_mod_verify_signature(void *data_ptr, unsigned int data_len,
102 				void *sig_ptr, unsigned int sig_len,
103 				void *sig_alg_ptr, unsigned int sig_alg_len,
104 				void *pk_ptr, unsigned int pk_len);
105 int crypto_mod_verify_hash(void *data_ptr, unsigned int data_len,
106 			   void *digest_info_ptr, unsigned int digest_info_len);
107 #endif /* (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY) || \
108 	  (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC) */
109 
110 int crypto_mod_auth_decrypt(enum crypto_dec_algo dec_algo, void *data_ptr,
111 			    size_t len, const void *key, unsigned int key_len,
112 			    unsigned int key_flags, const void *iv,
113 			    unsigned int iv_len, const void *tag,
114 			    unsigned int tag_len);
115 
116 #if (CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY) || \
117     (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC)
118 int crypto_mod_calc_hash(enum crypto_md_algo alg, void *data_ptr,
119 			 unsigned int data_len,
120 			 unsigned char output[CRYPTO_MD_MAX_SIZE]);
121 #endif /* (CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY) || \
122 	  (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC) */
123 
124 int crypto_mod_convert_pk(void *full_pk_ptr, unsigned int full_pk_len,
125 			  void **hashed_pk_ptr, unsigned int *hashed_pk_len);
126 
127 #if CRYPTO_SUPPORT
128 void crypto_mod_finish(void);
129 #else
130 static inline void crypto_mod_finish(void)
131 {
132 }
133 #endif /* CRYPTO_SUPPORT */
134 
135 /* Macro to register a cryptographic library */
136 #define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash, \
137 			    _calc_hash, _auth_decrypt, _convert_pk, _finish) \
138 	const crypto_lib_desc_t crypto_lib_desc = { \
139 		.name = _name, \
140 		.init = _init, \
141 		.verify_signature = _verify_signature, \
142 		.verify_hash = _verify_hash, \
143 		.calc_hash = _calc_hash, \
144 		.auth_decrypt = _auth_decrypt, \
145 		.convert_pk = _convert_pk, \
146 		.finish = _finish \
147 	}
148 
149 extern const crypto_lib_desc_t crypto_lib_desc;
150 
151 #endif /* CRYPTO_MOD_H */
152