1*3857898fSTamas Ban /* 2*3857898fSTamas Ban * Copyright (c) 2023-2024, Arm Limited. All rights reserved. 3*3857898fSTamas Ban * 4*3857898fSTamas Ban * SPDX-License-Identifier: BSD-3-Clause 5*3857898fSTamas Ban * 6*3857898fSTamas Ban */ 7*3857898fSTamas Ban 8*3857898fSTamas Ban #ifndef RSS_CRYPTO_DEFS_H 9*3857898fSTamas Ban #define RSS_CRYPTO_DEFS_H 10*3857898fSTamas Ban 11*3857898fSTamas Ban /* Declares types that encode errors, algorithms, key types, policies, etc. */ 12*3857898fSTamas Ban #include "psa/crypto_types.h" 13*3857898fSTamas Ban 14*3857898fSTamas Ban /* 15*3857898fSTamas Ban * Value identifying export public key function API, used to dispatch the request 16*3857898fSTamas Ban * to the corresponding API implementation in the Crypto service backend. 17*3857898fSTamas Ban * 18*3857898fSTamas Ban */ 19*3857898fSTamas Ban #define RSS_CRYPTO_EXPORT_PUBLIC_KEY_SID (uint16_t)(0x701) 20*3857898fSTamas Ban 21*3857898fSTamas Ban /* 22*3857898fSTamas Ban * The persistent key identifiers for RSS builtin keys. 23*3857898fSTamas Ban */ 24*3857898fSTamas Ban enum rss_key_id_builtin_t { 25*3857898fSTamas Ban RSS_BUILTIN_KEY_ID_HOST_S_ROTPK = 0x7FFF816Cu, 26*3857898fSTamas Ban RSS_BUILTIN_KEY_ID_HOST_NS_ROTPK, 27*3857898fSTamas Ban RSS_BUILTIN_KEY_ID_HOST_CCA_ROTPK, 28*3857898fSTamas Ban }; 29*3857898fSTamas Ban 30*3857898fSTamas Ban /* 31*3857898fSTamas Ban * This type is used to overcome a limitation within RSS firmware in the number of maximum 32*3857898fSTamas Ban * IOVECs it can use especially in psa_aead_encrypt and psa_aead_decrypt. 33*3857898fSTamas Ban */ 34*3857898fSTamas Ban #define RSS_CRYPTO_MAX_NONCE_LENGTH (16u) 35*3857898fSTamas Ban struct rss_crypto_aead_pack_input { 36*3857898fSTamas Ban uint8_t nonce[RSS_CRYPTO_MAX_NONCE_LENGTH]; 37*3857898fSTamas Ban uint32_t nonce_length; 38*3857898fSTamas Ban }; 39*3857898fSTamas Ban 40*3857898fSTamas Ban /* 41*3857898fSTamas Ban * Structure used to pack non-pointer types in a call to PSA Crypto APIs 42*3857898fSTamas Ban */ 43*3857898fSTamas Ban struct rss_crypto_pack_iovec { 44*3857898fSTamas Ban psa_key_id_t key_id; /* !< Key id */ 45*3857898fSTamas Ban psa_algorithm_t alg; /* !< Algorithm */ 46*3857898fSTamas Ban uint32_t op_handle; /* 47*3857898fSTamas Ban * !< Frontend context handle 48*3857898fSTamas Ban * associated to a multipart operation 49*3857898fSTamas Ban */ 50*3857898fSTamas Ban uint32_t ad_length; /* 51*3857898fSTamas Ban * !< Additional Data length for 52*3857898fSTamas Ban * multipart AEAD 53*3857898fSTamas Ban */ 54*3857898fSTamas Ban uint32_t plaintext_length; /* 55*3857898fSTamas Ban * !< Plaintext length for multipart 56*3857898fSTamas Ban * AEAD 57*3857898fSTamas Ban */ 58*3857898fSTamas Ban 59*3857898fSTamas Ban struct rss_crypto_aead_pack_input aead_in; /* 60*3857898fSTamas Ban * !< Packs AEAD-related 61*3857898fSTamas Ban * inputs 62*3857898fSTamas Ban */ 63*3857898fSTamas Ban 64*3857898fSTamas Ban uint16_t function_id; /* 65*3857898fSTamas Ban * !< Used to identify the function in the 66*3857898fSTamas Ban * API dispatcher to the service backend 67*3857898fSTamas Ban * See rss_crypto_func_sid for detail 68*3857898fSTamas Ban */ 69*3857898fSTamas Ban uint16_t step; /* !< Key derivation step */ 70*3857898fSTamas Ban union { 71*3857898fSTamas Ban size_t capacity; /* !< Key derivation capacity */ 72*3857898fSTamas Ban uint64_t value; /* 73*3857898fSTamas Ban * !< Key derivation integer for 74*3857898fSTamas Ban * update 75*3857898fSTamas Ban */ 76*3857898fSTamas Ban }; 77*3857898fSTamas Ban }; 78*3857898fSTamas Ban 79*3857898fSTamas Ban #endif /* RSS_CRYPTO_DEFS_H */ 80