cryptodev.h revision 158699
1104476Ssam/* $FreeBSD: head/sys/opencrypto/cryptodev.h 158699 2006-05-17 17:58:05Z pjd $ */ 2104476Ssam/* $OpenBSD: cryptodev.h,v 1.31 2002/06/11 11:14:29 beck Exp $ */ 3104476Ssam 4139825Simp/*- 5104476Ssam * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) 6104476Ssam * 7104476Ssam * This code was written by Angelos D. Keromytis in Athens, Greece, in 8104476Ssam * February 2000. Network Security Technologies Inc. (NSTI) kindly 9104476Ssam * supported the development of this code. 10104476Ssam * 11104476Ssam * Copyright (c) 2000 Angelos D. Keromytis 12104476Ssam * 13104476Ssam * Permission to use, copy, and modify this software with or without fee 14104476Ssam * is hereby granted, provided that this entire notice is included in 15104476Ssam * all source code copies of any software which is or includes a copy or 16104476Ssam * modification of this software. 17104476Ssam * 18104476Ssam * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR 19104476Ssam * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY 20104476Ssam * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE 21104476Ssam * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR 22104476Ssam * PURPOSE. 23104476Ssam * 24104476Ssam * Copyright (c) 2001 Theo de Raadt 25104476Ssam * 26104476Ssam * Redistribution and use in source and binary forms, with or without 27104476Ssam * modification, are permitted provided that the following conditions 28104476Ssam * are met: 29104476Ssam * 30104476Ssam * 1. Redistributions of source code must retain the above copyright 31104476Ssam * notice, this list of conditions and the following disclaimer. 32104476Ssam * 2. Redistributions in binary form must reproduce the above copyright 33104476Ssam * notice, this list of conditions and the following disclaimer in the 34104476Ssam * documentation and/or other materials provided with the distribution. 35104476Ssam * 3. The name of the author may not be used to endorse or promote products 36104476Ssam * derived from this software without specific prior written permission. 37104476Ssam * 38104476Ssam * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 39104476Ssam * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 40104476Ssam * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 41104476Ssam * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 42104476Ssam * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 43104476Ssam * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 44104476Ssam * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 45104476Ssam * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 46104476Ssam * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 47104476Ssam * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 48104476Ssam * 49104476Ssam * Effort sponsored in part by the Defense Advanced Research Projects 50104476Ssam * Agency (DARPA) and Air Force Research Laboratory, Air Force 51104476Ssam * Materiel Command, USAF, under agreement number F30602-01-2-0537. 52104476Ssam * 53104476Ssam */ 54104476Ssam 55104476Ssam#ifndef _CRYPTO_CRYPTO_H_ 56104476Ssam#define _CRYPTO_CRYPTO_H_ 57104476Ssam 58104476Ssam#include <sys/ioccom.h> 59104476Ssam 60104476Ssam/* Some initial values */ 61104476Ssam#define CRYPTO_DRIVERS_INITIAL 4 62104476Ssam#define CRYPTO_SW_SESSIONS 32 63104476Ssam 64104476Ssam/* HMAC values */ 65104476Ssam#define HMAC_BLOCK_LEN 64 66104476Ssam#define HMAC_IPAD_VAL 0x36 67104476Ssam#define HMAC_OPAD_VAL 0x5C 68104476Ssam 69104476Ssam/* Encryption algorithm block sizes */ 70104476Ssam#define DES_BLOCK_LEN 8 71104476Ssam#define DES3_BLOCK_LEN 8 72104476Ssam#define BLOWFISH_BLOCK_LEN 8 73104476Ssam#define SKIPJACK_BLOCK_LEN 8 74104476Ssam#define CAST128_BLOCK_LEN 8 75104476Ssam#define RIJNDAEL128_BLOCK_LEN 16 76104476Ssam#define EALG_MAX_BLOCK_LEN 16 /* Keep this updated */ 77104476Ssam 78104476Ssam/* Maximum hash algorithm result length */ 79104476Ssam#define AALG_MAX_RESULT_LEN 64 /* Keep this updated */ 80104476Ssam 81104476Ssam#define CRYPTO_ALGORITHM_MIN 1 82104476Ssam#define CRYPTO_DES_CBC 1 83104476Ssam#define CRYPTO_3DES_CBC 2 84104476Ssam#define CRYPTO_BLF_CBC 3 85104476Ssam#define CRYPTO_CAST_CBC 4 86104476Ssam#define CRYPTO_SKIPJACK_CBC 5 87104476Ssam#define CRYPTO_MD5_HMAC 6 88104476Ssam#define CRYPTO_SHA1_HMAC 7 89104476Ssam#define CRYPTO_RIPEMD160_HMAC 8 90104476Ssam#define CRYPTO_MD5_KPDK 9 91104476Ssam#define CRYPTO_SHA1_KPDK 10 92104476Ssam#define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */ 93104476Ssam#define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */ 94104476Ssam#define CRYPTO_ARC4 12 95104476Ssam#define CRYPTO_MD5 13 96104476Ssam#define CRYPTO_SHA1 14 97104476Ssam#define CRYPTO_SHA2_HMAC 15 98104476Ssam#define CRYPTO_NULL_HMAC 16 99104476Ssam#define CRYPTO_NULL_CBC 17 100104476Ssam#define CRYPTO_DEFLATE_COMP 18 /* Deflate compression algorithm */ 101104476Ssam#define CRYPTO_ALGORITHM_MAX 18 /* Keep updated - see below */ 102104476Ssam 103104476Ssam/* Algorithm flags */ 104104476Ssam#define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */ 105104476Ssam#define CRYPTO_ALG_FLAG_RNG_ENABLE 0x02 /* Has HW RNG for DH/DSA */ 106104476Ssam#define CRYPTO_ALG_FLAG_DSA_SHA 0x04 /* Can do SHA on msg */ 107104476Ssam 108104476Ssamstruct session_op { 109104476Ssam u_int32_t cipher; /* ie. CRYPTO_DES_CBC */ 110104476Ssam u_int32_t mac; /* ie. CRYPTO_MD5_HMAC */ 111104476Ssam 112104476Ssam u_int32_t keylen; /* cipher key */ 113104476Ssam caddr_t key; 114104476Ssam int mackeylen; /* mac key */ 115104476Ssam caddr_t mackey; 116104476Ssam 117104476Ssam u_int32_t ses; /* returns: session # */ 118104476Ssam}; 119104476Ssam 120104476Ssamstruct crypt_op { 121104476Ssam u_int32_t ses; 122104476Ssam u_int16_t op; /* i.e. COP_ENCRYPT */ 123104476Ssam#define COP_ENCRYPT 1 124104476Ssam#define COP_DECRYPT 2 125111297Ssam u_int16_t flags; 126111297Ssam#define COP_F_BATCH 0x0008 /* Batch op if possible */ 127104476Ssam u_int len; 128104476Ssam caddr_t src, dst; /* become iov[] inside kernel */ 129104476Ssam caddr_t mac; /* must be big enough for chosen MAC */ 130104476Ssam caddr_t iv; 131104476Ssam}; 132104476Ssam 133104476Ssam#define CRYPTO_MAX_MAC_LEN 20 134104476Ssam 135104476Ssam/* bignum parameter, in packed bytes, ... */ 136104476Ssamstruct crparam { 137104476Ssam caddr_t crp_p; 138104476Ssam u_int crp_nbits; 139104476Ssam}; 140104476Ssam 141104476Ssam#define CRK_MAXPARAM 8 142104476Ssam 143104476Ssamstruct crypt_kop { 144104476Ssam u_int crk_op; /* ie. CRK_MOD_EXP or other */ 145104476Ssam u_int crk_status; /* return status */ 146104476Ssam u_short crk_iparams; /* # of input parameters */ 147104476Ssam u_short crk_oparams; /* # of output parameters */ 148104476Ssam u_int crk_pad1; 149104476Ssam struct crparam crk_param[CRK_MAXPARAM]; 150104476Ssam}; 151104476Ssam#define CRK_ALGORITM_MIN 0 152104476Ssam#define CRK_MOD_EXP 0 153104476Ssam#define CRK_MOD_EXP_CRT 1 154104476Ssam#define CRK_DSA_SIGN 2 155104476Ssam#define CRK_DSA_VERIFY 3 156104476Ssam#define CRK_DH_COMPUTE_KEY 4 157104476Ssam#define CRK_ALGORITHM_MAX 4 /* Keep updated - see below */ 158104476Ssam 159104476Ssam#define CRF_MOD_EXP (1 << CRK_MOD_EXP) 160104476Ssam#define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT) 161104476Ssam#define CRF_DSA_SIGN (1 << CRK_DSA_SIGN) 162104476Ssam#define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY) 163104476Ssam#define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY) 164104476Ssam 165104476Ssam/* 166104476Ssam * done against open of /dev/crypto, to get a cloned descriptor. 167104476Ssam * Please use F_SETFD against the cloned descriptor. 168104476Ssam */ 169104476Ssam#define CRIOGET _IOWR('c', 100, u_int32_t) 170104476Ssam 171104476Ssam/* the following are done against the cloned descriptor */ 172104476Ssam#define CIOCGSESSION _IOWR('c', 101, struct session_op) 173104476Ssam#define CIOCFSESSION _IOW('c', 102, u_int32_t) 174104476Ssam#define CIOCCRYPT _IOWR('c', 103, struct crypt_op) 175104476Ssam#define CIOCKEY _IOWR('c', 104, struct crypt_kop) 176104476Ssam 177104476Ssam#define CIOCASYMFEAT _IOR('c', 105, u_int32_t) 178104476Ssam 179108587Ssamstruct cryptotstat { 180108587Ssam struct timespec acc; /* total accumulated time */ 181108587Ssam struct timespec min; /* min time */ 182108587Ssam struct timespec max; /* max time */ 183108587Ssam u_int32_t count; /* number of observations */ 184108587Ssam}; 185108587Ssam 186108587Ssamstruct cryptostats { 187108587Ssam u_int32_t cs_ops; /* symmetric crypto ops submitted */ 188108587Ssam u_int32_t cs_errs; /* symmetric crypto ops that failed */ 189108587Ssam u_int32_t cs_kops; /* asymetric/key ops submitted */ 190108587Ssam u_int32_t cs_kerrs; /* asymetric/key ops that failed */ 191108587Ssam u_int32_t cs_intrs; /* crypto swi thread activations */ 192108587Ssam u_int32_t cs_rets; /* crypto return thread activations */ 193108587Ssam u_int32_t cs_blocks; /* symmetric op driver block */ 194108587Ssam u_int32_t cs_kblocks; /* symmetric op driver block */ 195108587Ssam /* 196108587Ssam * When CRYPTO_TIMING is defined at compile time and the 197108587Ssam * sysctl debug.crypto is set to 1, the crypto system will 198108587Ssam * accumulate statistics about how long it takes to process 199108587Ssam * crypto requests at various points during processing. 200108587Ssam */ 201108587Ssam struct cryptotstat cs_invoke; /* crypto_dipsatch -> crypto_invoke */ 202108587Ssam struct cryptotstat cs_done; /* crypto_invoke -> crypto_done */ 203108587Ssam struct cryptotstat cs_cb; /* crypto_done -> callback */ 204108587Ssam struct cryptotstat cs_finis; /* callback -> callback return */ 205108587Ssam}; 206108587Ssam 207104476Ssam#ifdef _KERNEL 208104476Ssam/* Standard initialization structure beginning */ 209104476Ssamstruct cryptoini { 210104476Ssam int cri_alg; /* Algorithm to use */ 211104476Ssam int cri_klen; /* Key length, in bits */ 212104476Ssam int cri_rnd; /* Algorithm rounds, where relevant */ 213104476Ssam caddr_t cri_key; /* key to use */ 214104476Ssam u_int8_t cri_iv[EALG_MAX_BLOCK_LEN]; /* IV to use */ 215104476Ssam struct cryptoini *cri_next; 216104476Ssam}; 217104476Ssam 218104476Ssam/* Describe boundaries of a single crypto operation */ 219104476Ssamstruct cryptodesc { 220104476Ssam int crd_skip; /* How many bytes to ignore from start */ 221104476Ssam int crd_len; /* How many bytes to process */ 222104476Ssam int crd_inject; /* Where to inject results, if applicable */ 223104476Ssam int crd_flags; 224104476Ssam 225104476Ssam#define CRD_F_ENCRYPT 0x01 /* Set when doing encryption */ 226104476Ssam#define CRD_F_IV_PRESENT 0x02 /* When encrypting, IV is already in 227104476Ssam place, so don't copy. */ 228104476Ssam#define CRD_F_IV_EXPLICIT 0x04 /* IV explicitly provided */ 229104476Ssam#define CRD_F_DSA_SHA_NEEDED 0x08 /* Compute SHA-1 of buffer for DSA */ 230125330Sphk#define CRD_F_KEY_EXPLICIT 0x10 /* Key explicitly provided */ 231104476Ssam#define CRD_F_COMP 0x0f /* Set when doing compression */ 232104476Ssam 233104476Ssam struct cryptoini CRD_INI; /* Initialization/context data */ 234104476Ssam#define crd_iv CRD_INI.cri_iv 235104476Ssam#define crd_key CRD_INI.cri_key 236104476Ssam#define crd_rnd CRD_INI.cri_rnd 237104476Ssam#define crd_alg CRD_INI.cri_alg 238104476Ssam#define crd_klen CRD_INI.cri_klen 239104476Ssam 240104476Ssam struct cryptodesc *crd_next; 241104476Ssam}; 242104476Ssam 243104476Ssam/* Structure describing complete operation */ 244104476Ssamstruct cryptop { 245104476Ssam TAILQ_ENTRY(cryptop) crp_next; 246104476Ssam 247104476Ssam u_int64_t crp_sid; /* Session ID */ 248104476Ssam int crp_ilen; /* Input data total length */ 249104476Ssam int crp_olen; /* Result total length */ 250104476Ssam 251104476Ssam int crp_etype; /* 252104476Ssam * Error type (zero means no error). 253104476Ssam * All error codes except EAGAIN 254104476Ssam * indicate possible data corruption (as in, 255104476Ssam * the data have been touched). On all 256104476Ssam * errors, the crp_sid may have changed 257104476Ssam * (reset to a new one), so the caller 258104476Ssam * should always check and use the new 259104476Ssam * value on future requests. 260104476Ssam */ 261104476Ssam int crp_flags; 262104476Ssam 263117058Ssam#define CRYPTO_F_IMBUF 0x0001 /* Input/output are mbuf chains */ 264117058Ssam#define CRYPTO_F_IOV 0x0002 /* Input/output are uio */ 265117058Ssam#define CRYPTO_F_REL 0x0004 /* Must return data in same place */ 266117058Ssam#define CRYPTO_F_BATCH 0x0008 /* Batch op if possible */ 267117058Ssam#define CRYPTO_F_CBIMM 0x0010 /* Do callback immediately */ 268117058Ssam#define CRYPTO_F_DONE 0x0020 /* Operation completed */ 269117058Ssam#define CRYPTO_F_CBIFSYNC 0x0040 /* Do CBIMM if op is synchronous */ 270104476Ssam 271104476Ssam caddr_t crp_buf; /* Data to be processed */ 272104476Ssam caddr_t crp_opaque; /* Opaque pointer, passed along */ 273104476Ssam struct cryptodesc *crp_desc; /* Linked list of processing descriptors */ 274104476Ssam 275104476Ssam int (*crp_callback)(struct cryptop *); /* Callback function */ 276104476Ssam 277104476Ssam caddr_t crp_mac; 278108587Ssam struct bintime crp_tstamp; /* performance time stamp */ 279104476Ssam}; 280104476Ssam 281104476Ssam#define CRYPTO_BUF_CONTIG 0x0 282104476Ssam#define CRYPTO_BUF_IOV 0x1 283104476Ssam#define CRYPTO_BUF_MBUF 0x2 284104476Ssam 285104476Ssam#define CRYPTO_OP_DECRYPT 0x0 286104476Ssam#define CRYPTO_OP_ENCRYPT 0x1 287104476Ssam 288104476Ssam/* 289104476Ssam * Hints passed to process methods. 290104476Ssam */ 291104476Ssam#define CRYPTO_HINT_MORE 0x1 /* more ops coming shortly */ 292104476Ssam 293104476Ssamstruct cryptkop { 294104476Ssam TAILQ_ENTRY(cryptkop) krp_next; 295104476Ssam 296104476Ssam u_int krp_op; /* ie. CRK_MOD_EXP or other */ 297104476Ssam u_int krp_status; /* return status */ 298104476Ssam u_short krp_iparams; /* # of input parameters */ 299104476Ssam u_short krp_oparams; /* # of output parameters */ 300104476Ssam u_int32_t krp_hid; 301104476Ssam struct crparam krp_param[CRK_MAXPARAM]; /* kvm */ 302104476Ssam int (*krp_callback)(struct cryptkop *); 303104476Ssam}; 304104476Ssam 305104476Ssam/* Crypto capabilities structure */ 306104476Ssamstruct cryptocap { 307104476Ssam u_int32_t cc_sessions; 308104476Ssam 309104476Ssam /* 310104476Ssam * Largest possible operator length (in bits) for each type of 311104476Ssam * encryption algorithm. 312104476Ssam */ 313104476Ssam u_int16_t cc_max_op_len[CRYPTO_ALGORITHM_MAX + 1]; 314104476Ssam 315104476Ssam u_int8_t cc_alg[CRYPTO_ALGORITHM_MAX + 1]; 316104476Ssam 317104476Ssam u_int8_t cc_kalg[CRK_ALGORITHM_MAX + 1]; 318104476Ssam 319104476Ssam u_int8_t cc_flags; 320104476Ssam u_int8_t cc_qblocked; /* symmetric q blocked */ 321104476Ssam u_int8_t cc_kqblocked; /* asymmetric q blocked */ 322116924Ssam#define CRYPTOCAP_F_CLEANUP 0x01 /* needs resource cleanup */ 323116924Ssam#define CRYPTOCAP_F_SOFTWARE 0x02 /* software implementation */ 324116924Ssam#define CRYPTOCAP_F_SYNC 0x04 /* operates synchronously */ 325104476Ssam 326104476Ssam void *cc_arg; /* callback argument */ 327104476Ssam int (*cc_newsession)(void*, u_int32_t*, struct cryptoini*); 328104476Ssam int (*cc_process)(void*, struct cryptop *, int); 329104476Ssam int (*cc_freesession)(void*, u_int64_t); 330104476Ssam void *cc_karg; /* callback argument */ 331104476Ssam int (*cc_kprocess) (void*, struct cryptkop *, int); 332104476Ssam}; 333104476Ssam 334116924Ssam/* 335116924Ssam * Session ids are 64 bits. The lower 32 bits contain a "local id" which 336116924Ssam * is a driver-private session identifier. The upper 32 bits contain a 337116924Ssam * "hardware id" used by the core crypto code to identify the driver and 338116924Ssam * a copy of the driver's capabilities that can be used by client code to 339116924Ssam * optimize operation. 340116924Ssam */ 341116924Ssam#define CRYPTO_SESID2HID(_sid) (((_sid) >> 32) & 0xffffff) 342116924Ssam#define CRYPTO_SESID2CAPS(_sid) (((_sid) >> 56) & 0xff) 343116924Ssam#define CRYPTO_SESID2LID(_sid) (((u_int32_t) (_sid)) & 0xffffffff) 344116924Ssam 345104476SsamMALLOC_DECLARE(M_CRYPTO_DATA); 346104476Ssam 347104476Ssamextern int crypto_newsession(u_int64_t *sid, struct cryptoini *cri, int hard); 348104476Ssamextern int crypto_freesession(u_int64_t sid); 349104476Ssamextern int32_t crypto_get_driverid(u_int32_t flags); 350104476Ssamextern int crypto_register(u_int32_t driverid, int alg, u_int16_t maxoplen, 351104476Ssam u_int32_t flags, 352104476Ssam int (*newses)(void*, u_int32_t*, struct cryptoini*), 353104476Ssam int (*freeses)(void*, u_int64_t), 354104476Ssam int (*process)(void*, struct cryptop *, int), 355104476Ssam void *arg); 356104476Ssamextern int crypto_kregister(u_int32_t, int, u_int32_t, 357104476Ssam int (*)(void*, struct cryptkop *, int), 358104476Ssam void *arg); 359104476Ssamextern int crypto_unregister(u_int32_t driverid, int alg); 360104476Ssamextern int crypto_unregister_all(u_int32_t driverid); 361104476Ssamextern int crypto_dispatch(struct cryptop *crp); 362104476Ssamextern int crypto_kdispatch(struct cryptkop *); 363104476Ssam#define CRYPTO_SYMQ 0x1 364104476Ssam#define CRYPTO_ASYMQ 0x2 365104476Ssamextern int crypto_unblock(u_int32_t, int); 366104476Ssamextern void crypto_done(struct cryptop *crp); 367104476Ssamextern void crypto_kdone(struct cryptkop *); 368104476Ssamextern int crypto_getfeat(int *); 369104476Ssam 370104476Ssamextern void crypto_freereq(struct cryptop *crp); 371104476Ssamextern struct cryptop *crypto_getreq(int num); 372104476Ssam 373104476Ssamextern int crypto_usercrypto; /* userland may do crypto requests */ 374104476Ssamextern int crypto_userasymcrypto; /* userland may do asym crypto reqs */ 375104476Ssamextern int crypto_devallowsoft; /* only use hardware crypto */ 376104476Ssam 377104476Ssam/* 378104476Ssam * Crypto-related utility routines used mainly by drivers. 379104476Ssam * 380104476Ssam * XXX these don't really belong here; but for now they're 381104476Ssam * kept apart from the rest of the system. 382104476Ssam */ 383104476Ssamstruct uio; 384104476Ssamextern void cuio_copydata(struct uio* uio, int off, int len, caddr_t cp); 385104476Ssamextern void cuio_copyback(struct uio* uio, int off, int len, caddr_t cp); 386104476Ssamextern struct iovec *cuio_getptr(struct uio *uio, int loc, int *off); 387158699Spjdextern int cuio_apply(struct uio *uio, int off, int len, 388158699Spjd int (*f)(void *, void *, u_int), void *arg); 389104476Ssam#endif /* _KERNEL */ 390104476Ssam#endif /* _CRYPTO_CRYPTO_H_ */ 391