1cc6ac5d6SJoseph Chen /* SPDX-License-Identifier: GPL-2.0+ */ 2cc6ac5d6SJoseph Chen /* 3cc6ac5d6SJoseph Chen * (C) Copyright 2019 Rockchip Electronics Co., Ltd 4cc6ac5d6SJoseph Chen */ 5cc6ac5d6SJoseph Chen 6cc6ac5d6SJoseph Chen #ifndef _CORE_CRYPTO_H_ 7cc6ac5d6SJoseph Chen #define _CORE_CRYPTO_H_ 8cc6ac5d6SJoseph Chen 91d2a3f6cSJoseph Chen #include <common.h> 101d2a3f6cSJoseph Chen #include <dm.h> 11c14e46abSJoseph Chen #include <image.h> 121d2a3f6cSJoseph Chen #include <u-boot/sha1.h> 131d2a3f6cSJoseph Chen 14cc6ac5d6SJoseph Chen /* Algorithms/capability of crypto, works together with crypto_algo_nbits() */ 15cc6ac5d6SJoseph Chen #define CRYPTO_MD5 BIT(0) 16cc6ac5d6SJoseph Chen #define CRYPTO_SHA1 BIT(1) 17cc6ac5d6SJoseph Chen #define CRYPTO_SHA256 BIT(2) 18e7846385SLin Jinhan #define CRYPTO_SHA512 BIT(3) 1949a2135eSLin Jinhan #define CRYPTO_SM3 BIT(4) 20e7846385SLin Jinhan 21e7846385SLin Jinhan #define CRYPTO_RSA512 BIT(10) 22e7846385SLin Jinhan #define CRYPTO_RSA1024 BIT(11) 23e7846385SLin Jinhan #define CRYPTO_RSA2048 BIT(12) 24e7846385SLin Jinhan #define CRYPTO_RSA3072 BIT(13) 25e7846385SLin Jinhan #define CRYPTO_RSA4096 BIT(14) 26cc6ac5d6SJoseph Chen 2749a2135eSLin Jinhan #define CRYPTO_DES BIT(20) 2849a2135eSLin Jinhan #define CRYPTO_AES BIT(21) 2949a2135eSLin Jinhan #define CRYPTO_SM4 BIT(22) 3049a2135eSLin Jinhan 3149a2135eSLin Jinhan #define CRYPTO_HMAC_MD5 BIT(25) 3249a2135eSLin Jinhan #define CRYPTO_HMAC_SHA1 BIT(26) 3349a2135eSLin Jinhan #define CRYPTO_HMAC_SHA256 BIT(27) 3449a2135eSLin Jinhan #define CRYPTO_HMAC_SHA512 BIT(28) 3549a2135eSLin Jinhan #define CRYPTO_HMAC_SM3 BIT(29) 3649a2135eSLin Jinhan 37cc6ac5d6SJoseph Chen #define BYTE2WORD(bytes) ((bytes) / 4) 38cc6ac5d6SJoseph Chen #define BITS2BYTE(nbits) ((nbits) / 8) 39cc6ac5d6SJoseph Chen #define BITS2WORD(nbits) ((nbits) / 32) 40cc6ac5d6SJoseph Chen 4149a2135eSLin Jinhan enum RK_CRYPTO_MODE { 4249a2135eSLin Jinhan RK_MODE_ECB = 0, 4349a2135eSLin Jinhan RK_MODE_CBC, 4449a2135eSLin Jinhan RK_MODE_CTS, 4549a2135eSLin Jinhan RK_MODE_CTR, 4649a2135eSLin Jinhan RK_MODE_CFB, 4749a2135eSLin Jinhan RK_MODE_OFB, 4849a2135eSLin Jinhan RK_MODE_XTS, 49*c3ce9937SLin Jinhan RK_MODE_CCM, 50*c3ce9937SLin Jinhan RK_MODE_GCM, 51d9332f1cSLin Jinhan RK_MODE_CMAC, 52d9332f1cSLin Jinhan RK_MODE_CBC_MAC, 5349a2135eSLin Jinhan RK_MODE_MAX 5449a2135eSLin Jinhan }; 5549a2135eSLin Jinhan 56cc6ac5d6SJoseph Chen typedef struct { 57cc6ac5d6SJoseph Chen u32 algo; /* Algorithm: CRYPTO_MD5/CRYPTO_SHA1/CRYPTO_RSA2048... */ 58cc6ac5d6SJoseph Chen u32 length; /* Data total length */ 59cc6ac5d6SJoseph Chen 60cc6ac5d6SJoseph Chen } sha_context; 61cc6ac5d6SJoseph Chen 62cc6ac5d6SJoseph Chen typedef struct { 63cc6ac5d6SJoseph Chen u32 algo; /* Algorithm: CRYPTO_MD5/CRYPTO_SHA1/CRYPTO_RSA2048... */ 64cc6ac5d6SJoseph Chen u32 *n; /* Public key factor N */ 65cc6ac5d6SJoseph Chen u32 *e; /* Public key factor E */ 66cc6ac5d6SJoseph Chen u32 *c; /* Optional, a accelerate factor for some crypto */ 67cc6ac5d6SJoseph Chen } rsa_key; 68cc6ac5d6SJoseph Chen 6949a2135eSLin Jinhan typedef struct { 7049a2135eSLin Jinhan u32 algo; 7149a2135eSLin Jinhan u32 mode; 7249a2135eSLin Jinhan const u8 *key; 7349a2135eSLin Jinhan const u8 *twk_key; 7449a2135eSLin Jinhan u32 key_len; 7549a2135eSLin Jinhan const u8 *iv; 7649a2135eSLin Jinhan u32 iv_len; 7749a2135eSLin Jinhan } cipher_context; 7849a2135eSLin Jinhan 79cc6ac5d6SJoseph Chen struct dm_crypto_ops { 80cc6ac5d6SJoseph Chen /* Hardware algorithm capability */ 81cc6ac5d6SJoseph Chen u32 (*capability)(struct udevice *dev); 82cc6ac5d6SJoseph Chen 83cc6ac5d6SJoseph Chen /* SHA init/update/final */ 84cc6ac5d6SJoseph Chen int (*sha_init)(struct udevice *dev, sha_context *ctx); 85cc6ac5d6SJoseph Chen int (*sha_update)(struct udevice *dev, u32 *input, u32 len); 86cc6ac5d6SJoseph Chen int (*sha_final)(struct udevice *dev, sha_context *ctx, u8 *output); 87cc6ac5d6SJoseph Chen 88cc6ac5d6SJoseph Chen /* RSA verify */ 89cc6ac5d6SJoseph Chen int (*rsa_verify)(struct udevice *dev, rsa_key *ctx, 90cc6ac5d6SJoseph Chen u8 *sign, u8 *output); 9149a2135eSLin Jinhan /* HMAC init/update/final */ 9249a2135eSLin Jinhan int (*hmac_init)(struct udevice *dev, sha_context *ctx, 9349a2135eSLin Jinhan u8 *key, u32 key_len); 9449a2135eSLin Jinhan int (*hmac_update)(struct udevice *dev, u32 *input, u32 len); 9549a2135eSLin Jinhan int (*hmac_final)(struct udevice *dev, sha_context *ctx, u8 *output); 9649a2135eSLin Jinhan 9749a2135eSLin Jinhan /* cipher encryption and decryption */ 9849a2135eSLin Jinhan int (*cipher_crypt)(struct udevice *dev, cipher_context *ctx, 9949a2135eSLin Jinhan const u8 *in, u8 *out, u32 len, bool enc); 100d9332f1cSLin Jinhan 101d9332f1cSLin Jinhan /* cipher mac cmac&cbc_mac */ 102d9332f1cSLin Jinhan int (*cipher_mac)(struct udevice *dev, cipher_context *ctx, 103d9332f1cSLin Jinhan const u8 *in, u32 len, u8 *tag); 104*c3ce9937SLin Jinhan 105*c3ce9937SLin Jinhan /* cipher aes ccm&gcm */ 106*c3ce9937SLin Jinhan int (*cipher_ae)(struct udevice *dev, cipher_context *ctx, 107*c3ce9937SLin Jinhan const u8 *in, u32 len, const u8 *aad, u32 aad_len, 108*c3ce9937SLin Jinhan u8 *out, u8 *tag); 109*c3ce9937SLin Jinhan 110cc6ac5d6SJoseph Chen }; 111cc6ac5d6SJoseph Chen 112cc6ac5d6SJoseph Chen /** 113cc6ac5d6SJoseph Chen * crypto_algo_nbits() - Get algorithm bits accroding to algorithm 114cc6ac5d6SJoseph Chen * @capability: expected algorithm capability, eg. CRYPTO_MD5/RSA2048... 115cc6ac5d6SJoseph Chen * 116cc6ac5d6SJoseph Chen * @return algorithm bits 117cc6ac5d6SJoseph Chen */ 118cc6ac5d6SJoseph Chen u32 crypto_algo_nbits(u32 algo); 119cc6ac5d6SJoseph Chen 120cc6ac5d6SJoseph Chen /** 121cc6ac5d6SJoseph Chen * crypto_get_device() - Get crypto device by capability 122cc6ac5d6SJoseph Chen * @capability: expected algorithm capability, eg. CRYPTO_MD5/RSA2048... 123cc6ac5d6SJoseph Chen * 124cc6ac5d6SJoseph Chen * @return dev on success, otherwise NULL 125cc6ac5d6SJoseph Chen */ 126cc6ac5d6SJoseph Chen struct udevice *crypto_get_device(u32 capability); 127cc6ac5d6SJoseph Chen 128cc6ac5d6SJoseph Chen /** 129cc6ac5d6SJoseph Chen * crypto_sha_init() - Crypto sha init 130cc6ac5d6SJoseph Chen * 131cc6ac5d6SJoseph Chen * @dev: crypto device 132cc6ac5d6SJoseph Chen * @ctx: sha context 133cc6ac5d6SJoseph Chen * 134cc6ac5d6SJoseph Chen * @return 0 on success, otherwise failed 135cc6ac5d6SJoseph Chen */ 136cc6ac5d6SJoseph Chen int crypto_sha_init(struct udevice *dev, sha_context *ctx); 137cc6ac5d6SJoseph Chen 138cc6ac5d6SJoseph Chen /** 139cc6ac5d6SJoseph Chen * crypto_sha_update() - Crypto sha update 140cc6ac5d6SJoseph Chen * 141cc6ac5d6SJoseph Chen * @dev: crypto device 142cc6ac5d6SJoseph Chen * @input: input data buffer 143cc6ac5d6SJoseph Chen * @len: input data length 144cc6ac5d6SJoseph Chen * 145cc6ac5d6SJoseph Chen * @return 0 on success, otherwise failed 146cc6ac5d6SJoseph Chen */ 147cc6ac5d6SJoseph Chen int crypto_sha_update(struct udevice *dev, u32 *input, u32 len); 148cc6ac5d6SJoseph Chen 149cc6ac5d6SJoseph Chen /** 150cc6ac5d6SJoseph Chen * crypto_sha_final() - Crypto sha finish and get result 151cc6ac5d6SJoseph Chen * 152cc6ac5d6SJoseph Chen * @dev: crypto device 153cc6ac5d6SJoseph Chen * @ctx: sha context 154cc6ac5d6SJoseph Chen * @output: output hash data 155cc6ac5d6SJoseph Chen * 156cc6ac5d6SJoseph Chen * @return 0 on success, otherwise failed 157cc6ac5d6SJoseph Chen */ 158cc6ac5d6SJoseph Chen int crypto_sha_final(struct udevice *dev, sha_context *ctx, u8 *output); 159cc6ac5d6SJoseph Chen 160cc6ac5d6SJoseph Chen /** 161cc6ac5d6SJoseph Chen * crypto_sha_csum() - Crypto sha hash for one data block only 162cc6ac5d6SJoseph Chen * 163cc6ac5d6SJoseph Chen * @dev: crypto device 164cc6ac5d6SJoseph Chen * @ctx: sha context 165cc6ac5d6SJoseph Chen * @input: input data buffer 166cc6ac5d6SJoseph Chen * @input_len: input data length 167cc6ac5d6SJoseph Chen * @output: output hash data 168cc6ac5d6SJoseph Chen * 169cc6ac5d6SJoseph Chen * @return 0 on success, otherwise failed 170cc6ac5d6SJoseph Chen */ 171cc6ac5d6SJoseph Chen int crypto_sha_csum(struct udevice *dev, sha_context *ctx, 172cc6ac5d6SJoseph Chen char *input, u32 input_len, u8 *output); 173cc6ac5d6SJoseph Chen 174cc6ac5d6SJoseph Chen /** 175c14e46abSJoseph Chen * crypto_sha_regions_csum() - Crypto sha hash for multi data blocks 176c14e46abSJoseph Chen * 177c14e46abSJoseph Chen * @dev: crypto device 178c14e46abSJoseph Chen * @ctx: sha context 179c14e46abSJoseph Chen * @region: regions buffer 180c14e46abSJoseph Chen * @region_count: regions count 181c14e46abSJoseph Chen * @output: output hash data 182c14e46abSJoseph Chen * 183c14e46abSJoseph Chen * @return 0 on success, otherwise failed 184c14e46abSJoseph Chen */ 185c14e46abSJoseph Chen int crypto_sha_regions_csum(struct udevice *dev, sha_context *ctx, 186c14e46abSJoseph Chen const struct image_region region[], 187c14e46abSJoseph Chen int region_count, u8 *output); 188c14e46abSJoseph Chen 189c14e46abSJoseph Chen /** 190cc6ac5d6SJoseph Chen * crypto_rsa_verify() - Crypto rsa verify 191cc6ac5d6SJoseph Chen * 192cc6ac5d6SJoseph Chen * @dev: crypto device 193cc6ac5d6SJoseph Chen * @ctx: rsa key context 194cc6ac5d6SJoseph Chen * @sign: signature 195cc6ac5d6SJoseph Chen * @output: output hash data buffer 196cc6ac5d6SJoseph Chen * 197cc6ac5d6SJoseph Chen * @return 0 on success, otherwise failed 198cc6ac5d6SJoseph Chen */ 199cc6ac5d6SJoseph Chen int crypto_rsa_verify(struct udevice *dev, rsa_key *ctx, u8 *sign, u8 *output); 200cc6ac5d6SJoseph Chen 20149a2135eSLin Jinhan /** 20249a2135eSLin Jinhan * crypto_hmac_init() - Crypto hmac init 20349a2135eSLin Jinhan * 20449a2135eSLin Jinhan * @dev: crypto device 20549a2135eSLin Jinhan * @ctx: sha context 20649a2135eSLin Jinhan * 20749a2135eSLin Jinhan * @return 0 on success, otherwise failed 20849a2135eSLin Jinhan */ 20949a2135eSLin Jinhan int crypto_hmac_init(struct udevice *dev, sha_context *ctx, 21049a2135eSLin Jinhan u8 *key, u32 key_len); 21149a2135eSLin Jinhan 21249a2135eSLin Jinhan /** 21349a2135eSLin Jinhan * crypto_hmac_update() - Crypto hmac update 21449a2135eSLin Jinhan * 21549a2135eSLin Jinhan * @dev: crypto device 21649a2135eSLin Jinhan * @input: input data buffer 21749a2135eSLin Jinhan * @len: input data length 21849a2135eSLin Jinhan * 21949a2135eSLin Jinhan * @return 0 on success, otherwise failed 22049a2135eSLin Jinhan */ 22149a2135eSLin Jinhan int crypto_hmac_update(struct udevice *dev, u32 *input, u32 len); 22249a2135eSLin Jinhan 22349a2135eSLin Jinhan /** 22449a2135eSLin Jinhan * crypto_sha_final() - Crypto hmac finish and get result 22549a2135eSLin Jinhan * 22649a2135eSLin Jinhan * @dev: crypto device 22749a2135eSLin Jinhan * @ctx: sha context 22849a2135eSLin Jinhan * @output: output hash data 22949a2135eSLin Jinhan * 23049a2135eSLin Jinhan * @return 0 on success, otherwise failed 23149a2135eSLin Jinhan */ 23249a2135eSLin Jinhan int crypto_hmac_final(struct udevice *dev, sha_context *ctx, u8 *output); 23349a2135eSLin Jinhan 23449a2135eSLin Jinhan /** 23549a2135eSLin Jinhan * crypto_cipher() - Crypto cipher crypt 23649a2135eSLin Jinhan * 23749a2135eSLin Jinhan * @dev: crypto device 23849a2135eSLin Jinhan * @ctx: cipher context 23949a2135eSLin Jinhan * @in: input data buffer 24049a2135eSLin Jinhan * @out: output data buffer 24149a2135eSLin Jinhan * @len: input data length 24249a2135eSLin Jinhan * @enc: true for encrypt, false for decrypt 24349a2135eSLin Jinhan * @return 0 on success, otherwise failed 24449a2135eSLin Jinhan */ 24549a2135eSLin Jinhan int crypto_cipher(struct udevice *dev, cipher_context *ctx, 24649a2135eSLin Jinhan const u8 *in, u8 *out, u32 len, bool enc); 24749a2135eSLin Jinhan 248d9332f1cSLin Jinhan /** 249d9332f1cSLin Jinhan * crypto_mac() - Crypto cipher mac 250d9332f1cSLin Jinhan * 251d9332f1cSLin Jinhan * @dev: crypto device 252d9332f1cSLin Jinhan * @ctx: cipher context 253d9332f1cSLin Jinhan * @in: input data buffer 254d9332f1cSLin Jinhan * @len: input data length 255d9332f1cSLin Jinhan * @tag: output data buffer 256d9332f1cSLin Jinhan * @return 0 on success, otherwise failed 257d9332f1cSLin Jinhan */ 258d9332f1cSLin Jinhan int crypto_mac(struct udevice *dev, cipher_context *ctx, 259d9332f1cSLin Jinhan const u8 *in, u32 len, u8 *tag); 260d9332f1cSLin Jinhan 261*c3ce9937SLin Jinhan /** 262*c3ce9937SLin Jinhan * crypto_ae() - Crypto cipher authorization and encryption 263*c3ce9937SLin Jinhan * 264*c3ce9937SLin Jinhan * @dev: crypto device 265*c3ce9937SLin Jinhan * @ctx: cipher context 266*c3ce9937SLin Jinhan * @in: input data buffer 267*c3ce9937SLin Jinhan * @len: input data length 268*c3ce9937SLin Jinhan * @aad: associated data buffer 269*c3ce9937SLin Jinhan * @aad_len: associated data length 270*c3ce9937SLin Jinhan * @out: output data buffer 271*c3ce9937SLin Jinhan * @tag: tag buffer 272*c3ce9937SLin Jinhan * @return 0 on success, otherwise failed 273*c3ce9937SLin Jinhan */ 274*c3ce9937SLin Jinhan int crypto_ae(struct udevice *dev, cipher_context *ctx, 275*c3ce9937SLin Jinhan const u8 *in, u32 len, const u8 *aad, u32 aad_len, 276*c3ce9937SLin Jinhan u8 *out, u8 *tag); 277*c3ce9937SLin Jinhan 278cc6ac5d6SJoseph Chen #endif 279