1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | /* |
3 | * caam - Freescale FSL CAAM support for Public Key Cryptography descriptors |
4 | * |
5 | * Copyright 2016 Freescale Semiconductor, Inc. |
6 | * |
7 | * There is no Shared Descriptor for PKC so that the Job Descriptor must carry |
8 | * all the desired key parameters, input and output pointers. |
9 | */ |
10 | |
11 | #ifndef _PKC_DESC_H_ |
12 | #define _PKC_DESC_H_ |
13 | #include "compat.h" |
14 | #include "pdb.h" |
15 | |
16 | /** |
17 | * caam_priv_key_form - CAAM RSA private key representation |
18 | * CAAM RSA private key may have either of three forms. |
19 | * |
20 | * 1. The first representation consists of the pair (n, d), where the |
21 | * components have the following meanings: |
22 | * n the RSA modulus |
23 | * d the RSA private exponent |
24 | * |
25 | * 2. The second representation consists of the triplet (p, q, d), where the |
26 | * components have the following meanings: |
27 | * p the first prime factor of the RSA modulus n |
28 | * q the second prime factor of the RSA modulus n |
29 | * d the RSA private exponent |
30 | * |
31 | * 3. The third representation consists of the quintuple (p, q, dP, dQ, qInv), |
32 | * where the components have the following meanings: |
33 | * p the first prime factor of the RSA modulus n |
34 | * q the second prime factor of the RSA modulus n |
35 | * dP the first factors's CRT exponent |
36 | * dQ the second factors's CRT exponent |
37 | * qInv the (first) CRT coefficient |
38 | * |
39 | * The benefit of using the third or the second key form is lower computational |
40 | * cost for the decryption and signature operations. |
41 | */ |
42 | enum caam_priv_key_form { |
43 | FORM1, |
44 | FORM2, |
45 | FORM3 |
46 | }; |
47 | |
48 | /** |
49 | * caam_rsa_key - CAAM RSA key structure. Keys are allocated in DMA zone. |
50 | * @n : RSA modulus raw byte stream |
51 | * @e : RSA public exponent raw byte stream |
52 | * @d : RSA private exponent raw byte stream |
53 | * @p : RSA prime factor p of RSA modulus n |
54 | * @q : RSA prime factor q of RSA modulus n |
55 | * @dp : RSA CRT exponent of p |
56 | * @dp : RSA CRT exponent of q |
57 | * @qinv : RSA CRT coefficient |
58 | * @tmp1 : CAAM uses this temporary buffer as internal state buffer. |
59 | * It is assumed to be as long as p. |
60 | * @tmp2 : CAAM uses this temporary buffer as internal state buffer. |
61 | * It is assumed to be as long as q. |
62 | * @n_sz : length in bytes of RSA modulus n |
63 | * @e_sz : length in bytes of RSA public exponent |
64 | * @d_sz : length in bytes of RSA private exponent |
65 | * @p_sz : length in bytes of RSA prime factor p of RSA modulus n |
66 | * @q_sz : length in bytes of RSA prime factor q of RSA modulus n |
67 | * @priv_form : CAAM RSA private key representation |
68 | */ |
69 | struct caam_rsa_key { |
70 | u8 *n; |
71 | u8 *e; |
72 | u8 *d; |
73 | u8 *p; |
74 | u8 *q; |
75 | u8 *dp; |
76 | u8 *dq; |
77 | u8 *qinv; |
78 | u8 *tmp1; |
79 | u8 *tmp2; |
80 | size_t n_sz; |
81 | size_t e_sz; |
82 | size_t d_sz; |
83 | size_t p_sz; |
84 | size_t q_sz; |
85 | enum caam_priv_key_form priv_form; |
86 | }; |
87 | |
88 | /** |
89 | * caam_rsa_ctx - per session context. |
90 | * @key : RSA key in DMA zone |
91 | * @dev : device structure |
92 | * @padding_dma : dma address of padding, for adding it to the input |
93 | */ |
94 | struct caam_rsa_ctx { |
95 | struct caam_rsa_key key; |
96 | struct device *dev; |
97 | dma_addr_t padding_dma; |
98 | |
99 | }; |
100 | |
101 | /** |
102 | * caam_rsa_req_ctx - per request context. |
103 | * @src : input scatterlist (stripped of leading zeros) |
104 | * @fixup_src : input scatterlist (that might be stripped of leading zeros) |
105 | * @fixup_src_len : length of the fixup_src input scatterlist |
106 | * @edesc : s/w-extended rsa descriptor |
107 | * @akcipher_op_done : callback used when operation is done |
108 | */ |
109 | struct caam_rsa_req_ctx { |
110 | struct scatterlist src[2]; |
111 | struct scatterlist *fixup_src; |
112 | unsigned int fixup_src_len; |
113 | struct rsa_edesc *edesc; |
114 | void (*akcipher_op_done)(struct device *jrdev, u32 *desc, u32 err, |
115 | void *context); |
116 | }; |
117 | |
118 | /** |
119 | * rsa_edesc - s/w-extended rsa descriptor |
120 | * @src_nents : number of segments in input s/w scatterlist |
121 | * @dst_nents : number of segments in output s/w scatterlist |
122 | * @mapped_src_nents: number of segments in input h/w link table |
123 | * @mapped_dst_nents: number of segments in output h/w link table |
124 | * @sec4_sg_bytes : length of h/w link table |
125 | * @bklog : stored to determine if the request needs backlog |
126 | * @sec4_sg_dma : dma address of h/w link table |
127 | * @sec4_sg : pointer to h/w link table |
128 | * @pdb : specific RSA Protocol Data Block (PDB) |
129 | * @hw_desc : descriptor followed by link tables if any |
130 | */ |
131 | struct rsa_edesc { |
132 | int src_nents; |
133 | int dst_nents; |
134 | int mapped_src_nents; |
135 | int mapped_dst_nents; |
136 | int sec4_sg_bytes; |
137 | bool bklog; |
138 | dma_addr_t sec4_sg_dma; |
139 | struct sec4_sg_entry *sec4_sg; |
140 | union { |
141 | struct rsa_pub_pdb pub; |
142 | struct rsa_priv_f1_pdb priv_f1; |
143 | struct rsa_priv_f2_pdb priv_f2; |
144 | struct rsa_priv_f3_pdb priv_f3; |
145 | } pdb; |
146 | u32 hw_desc[]; |
147 | }; |
148 | |
149 | /* Descriptor construction primitives. */ |
150 | void init_rsa_pub_desc(u32 *desc, struct rsa_pub_pdb *pdb); |
151 | void init_rsa_priv_f1_desc(u32 *desc, struct rsa_priv_f1_pdb *pdb); |
152 | void init_rsa_priv_f2_desc(u32 *desc, struct rsa_priv_f2_pdb *pdb); |
153 | void init_rsa_priv_f3_desc(u32 *desc, struct rsa_priv_f3_pdb *pdb); |
154 | |
155 | #endif |
156 | |