xref: /rk3399_ARM-atf/include/drivers/auth/crypto_mod.h (revision 30a60389204f9ec44c890854e62ec1e0506cb9b9) 
1 /*
2  * Copyright (c) 2015-2025, Arm Limited and Contributors. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  */
6 
7 #ifndef CRYPTO_MOD_H
8 #define CRYPTO_MOD_H
9 
10 #define	CRYPTO_AUTH_VERIFY_ONLY			1
11 #define	CRYPTO_HASH_CALC_ONLY			2
12 #define	CRYPTO_AUTH_VERIFY_AND_HASH_CALC	3
13 
14 #include <stddef.h>
15 #include <stdint.h>
16 
17 /* Return values */
18 enum crypto_ret_value {
19 	CRYPTO_SUCCESS = 0,
20 	CRYPTO_ERR_INIT,
21 	CRYPTO_ERR_HASH,
22 	CRYPTO_ERR_SIGNATURE,
23 	CRYPTO_ERR_DECRYPTION,
24 	CRYPTO_ERR_UNKNOWN
25 };
26 
27 #define CRYPTO_MAX_IV_SIZE		16U
28 #define CRYPTO_MAX_TAG_SIZE		16U
29 
30 /* Decryption algorithm */
31 enum crypto_dec_algo {
32 	CRYPTO_GCM_DECRYPT = 0
33 };
34 
35 /* Message digest algorithm */
36 enum crypto_md_algo {
37 	CRYPTO_MD_SHA256,
38 	CRYPTO_MD_SHA384,
39 	CRYPTO_MD_SHA512,
40 };
41 
42 /* Maximum size as per the known stronger hash algorithm i.e.SHA512 */
43 #define CRYPTO_MD_MAX_SIZE		64U
44 
45 /*
46  * Cryptographic library descriptor
47  */
48 typedef struct crypto_lib_desc_s {
49 	const char *name;
50 
51 	/* Initialize library. This function is not expected to fail. All errors
52 	 * must be handled inside the function, asserting or panicking in case of
53 	 * a non-recoverable error */
54 	void (*init)(void);
55 
56 	/* Verify a digital signature. Return one of the
57 	 * 'enum crypto_ret_value' options */
58 	int (*verify_signature)(void *data_ptr, unsigned int data_len,
59 				void *sig_ptr, unsigned int sig_len,
60 				void *sig_alg, unsigned int sig_alg_len,
61 				void *pk_ptr, unsigned int pk_len);
62 
63 	/* Verify a hash. Return one of the 'enum crypto_ret_value' options */
64 	int (*verify_hash)(void *data_ptr, unsigned int data_len,
65 			   void *digest_info_ptr, unsigned int digest_info_len);
66 
67 	/* Calculate a hash. Return hash value */
68 	int (*calc_hash)(enum crypto_md_algo md_alg, void *data_ptr,
69 			 unsigned int data_len,
70 			 unsigned char output[CRYPTO_MD_MAX_SIZE]);
71 
72 	/* Convert Public key (optional) */
73 	int (*convert_pk)(void *full_pk_ptr, unsigned int full_pk_len,
74 			  void **hashed_pk_ptr, unsigned int *hashed_pk_len);
75 
76 	/*
77 	 * Authenticated decryption. Return one of the
78 	 * 'enum crypto_ret_value' options.
79 	 */
80 	int (*auth_decrypt)(enum crypto_dec_algo dec_algo, void *data_ptr,
81 			    size_t len, const void *key, unsigned int key_len,
82 			    unsigned int key_flags, const void *iv,
83 			    unsigned int iv_len, const void *tag,
84 			    unsigned int tag_len);
85 
86 	/*
87 	 * Finish using the crypto library,
88 	 * anything to be done to wrap up crypto usage done here.
89 	 */
90 	void (*finish)(void);
91 } crypto_lib_desc_t;
92 
93 /* Public functions */
94 #if CRYPTO_SUPPORT
95 void crypto_mod_init(void);
96 #else
97 static inline void crypto_mod_init(void)
98 {
99 }
100 #endif /* CRYPTO_SUPPORT */
101 
102 #if (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY) || \
103     (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC)
104 int crypto_mod_verify_signature(void *data_ptr, unsigned int data_len,
105 				void *sig_ptr, unsigned int sig_len,
106 				void *sig_alg_ptr, unsigned int sig_alg_len,
107 				void *pk_ptr, unsigned int pk_len);
108 int crypto_mod_verify_hash(void *data_ptr, unsigned int data_len,
109 			   void *digest_info_ptr, unsigned int digest_info_len);
110 #endif /* (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY) || \
111 	  (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC) */
112 
113 int crypto_mod_auth_decrypt(enum crypto_dec_algo dec_algo, void *data_ptr,
114 			    size_t len, const void *key, unsigned int key_len,
115 			    unsigned int key_flags, const void *iv,
116 			    unsigned int iv_len, const void *tag,
117 			    unsigned int tag_len);
118 
119 #if (CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY) || \
120     (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC)
121 int crypto_mod_calc_hash(enum crypto_md_algo alg, void *data_ptr,
122 			 unsigned int data_len,
123 			 unsigned char output[CRYPTO_MD_MAX_SIZE]);
124 int crypto_mod_tcg_hash(uint32_t alg_id, void *data_ptr, unsigned int data_len,
125 			uint8_t *digest);
126 #endif /* (CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY) || \
127 	  (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC) */
128 
129 int crypto_mod_convert_pk(void *full_pk_ptr, unsigned int full_pk_len,
130 			  void **hashed_pk_ptr, unsigned int *hashed_pk_len);
131 
132 #if CRYPTO_SUPPORT
133 void crypto_mod_finish(void);
134 #else
135 static inline void crypto_mod_finish(void)
136 {
137 }
138 #endif /* CRYPTO_SUPPORT */
139 
140 /* Macro to register a cryptographic library */
141 #define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash, \
142 			    _calc_hash, _auth_decrypt, _convert_pk, _finish) \
143 	const crypto_lib_desc_t crypto_lib_desc = { \
144 		.name = _name, \
145 		.init = _init, \
146 		.verify_signature = _verify_signature, \
147 		.verify_hash = _verify_hash, \
148 		.calc_hash = _calc_hash, \
149 		.auth_decrypt = _auth_decrypt, \
150 		.convert_pk = _convert_pk, \
151 		.finish = _finish \
152 	}
153 
154 extern const crypto_lib_desc_t crypto_lib_desc;
155 
156 #endif /* CRYPTO_MOD_H */
157