1 /* SPDX-License-Identifier: GPL-2.0+ */ 2 /* 3 * (C) Copyright 2019 Rockchip Electronics Co., Ltd 4 */ 5 6 #ifndef _CORE_CRYPTO_H_ 7 #define _CORE_CRYPTO_H_ 8 9 #include <common.h> 10 #include <dm.h> 11 #include <image.h> 12 #include <u-boot/sha1.h> 13 14 /* Algorithms/capability of crypto, works together with crypto_algo_nbits() */ 15 #define CRYPTO_MD5 BIT(0) 16 #define CRYPTO_SHA1 BIT(1) 17 #define CRYPTO_SHA256 BIT(2) 18 #define CRYPTO_SHA512 BIT(3) 19 20 #define CRYPTO_RSA512 BIT(10) 21 #define CRYPTO_RSA1024 BIT(11) 22 #define CRYPTO_RSA2048 BIT(12) 23 #define CRYPTO_RSA3072 BIT(13) 24 #define CRYPTO_RSA4096 BIT(14) 25 26 #define BYTE2WORD(bytes) ((bytes) / 4) 27 #define BITS2BYTE(nbits) ((nbits) / 8) 28 #define BITS2WORD(nbits) ((nbits) / 32) 29 30 typedef struct { 31 u32 algo; /* Algorithm: CRYPTO_MD5/CRYPTO_SHA1/CRYPTO_RSA2048... */ 32 u32 length; /* Data total length */ 33 34 } sha_context; 35 36 typedef struct { 37 u32 algo; /* Algorithm: CRYPTO_MD5/CRYPTO_SHA1/CRYPTO_RSA2048... */ 38 u32 *n; /* Public key factor N */ 39 u32 *e; /* Public key factor E */ 40 u32 *c; /* Optional, a accelerate factor for some crypto */ 41 } rsa_key; 42 43 struct dm_crypto_ops { 44 /* Hardware algorithm capability */ 45 u32 (*capability)(struct udevice *dev); 46 47 /* SHA init/update/final */ 48 int (*sha_init)(struct udevice *dev, sha_context *ctx); 49 int (*sha_update)(struct udevice *dev, u32 *input, u32 len); 50 int (*sha_final)(struct udevice *dev, sha_context *ctx, u8 *output); 51 52 /* RSA verify */ 53 int (*rsa_verify)(struct udevice *dev, rsa_key *ctx, 54 u8 *sign, u8 *output); 55 }; 56 57 /** 58 * crypto_algo_nbits() - Get algorithm bits accroding to algorithm 59 * @capability: expected algorithm capability, eg. CRYPTO_MD5/RSA2048... 60 * 61 * @return algorithm bits 62 */ 63 u32 crypto_algo_nbits(u32 algo); 64 65 /** 66 * crypto_get_device() - Get crypto device by capability 67 * @capability: expected algorithm capability, eg. CRYPTO_MD5/RSA2048... 68 * 69 * @return dev on success, otherwise NULL 70 */ 71 struct udevice *crypto_get_device(u32 capability); 72 73 /** 74 * crypto_sha_init() - Crypto sha init 75 * 76 * @dev: crypto device 77 * @ctx: sha context 78 * 79 * @return 0 on success, otherwise failed 80 */ 81 int crypto_sha_init(struct udevice *dev, sha_context *ctx); 82 83 /** 84 * crypto_sha_update() - Crypto sha update 85 * 86 * @dev: crypto device 87 * @input: input data buffer 88 * @len: input data length 89 * 90 * @return 0 on success, otherwise failed 91 */ 92 int crypto_sha_update(struct udevice *dev, u32 *input, u32 len); 93 94 /** 95 * crypto_sha_final() - Crypto sha finish and get result 96 * 97 * @dev: crypto device 98 * @ctx: sha context 99 * @output: output hash data 100 * 101 * @return 0 on success, otherwise failed 102 */ 103 int crypto_sha_final(struct udevice *dev, sha_context *ctx, u8 *output); 104 105 /** 106 * crypto_sha_csum() - Crypto sha hash for one data block only 107 * 108 * @dev: crypto device 109 * @ctx: sha context 110 * @input: input data buffer 111 * @input_len: input data length 112 * @output: output hash data 113 * 114 * @return 0 on success, otherwise failed 115 */ 116 int crypto_sha_csum(struct udevice *dev, sha_context *ctx, 117 char *input, u32 input_len, u8 *output); 118 119 /** 120 * crypto_sha_regions_csum() - Crypto sha hash for multi data blocks 121 * 122 * @dev: crypto device 123 * @ctx: sha context 124 * @region: regions buffer 125 * @region_count: regions count 126 * @output: output hash data 127 * 128 * @return 0 on success, otherwise failed 129 */ 130 int crypto_sha_regions_csum(struct udevice *dev, sha_context *ctx, 131 const struct image_region region[], 132 int region_count, u8 *output); 133 134 /** 135 * crypto_rsa_verify() - Crypto rsa verify 136 * 137 * @dev: crypto device 138 * @ctx: rsa key context 139 * @sign: signature 140 * @output: output hash data buffer 141 * 142 * @return 0 on success, otherwise failed 143 */ 144 int crypto_rsa_verify(struct udevice *dev, rsa_key *ctx, u8 *sign, u8 *output); 145 146 #endif 147