1 /* $FreeBSD: src/sys/opencrypto/cryptodev.h,v 1.25 2007/05/09 19:37:02 gnn Exp $ */
2 /* $OpenBSD: cryptodev.h,v 1.31 2002/06/11 11:14:29 beck Exp $ */
5 * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu)
6 * Copyright (c) 2002-2006 Sam Leffler, Errno Consulting
8 * This code was written by Angelos D. Keromytis in Athens, Greece, in
9 * February 2000. Network Security Technologies Inc. (NSTI) kindly
10 * supported the development of this code.
12 * Copyright (c) 2000 Angelos D. Keromytis
14 * Permission to use, copy, and modify this software with or without fee
15 * is hereby granted, provided that this entire notice is included in
16 * all source code copies of any software which is or includes a copy or
17 * modification of this software.
19 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
20 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
21 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
22 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
25 * Copyright (c) 2001 Theo de Raadt
27 * Redistribution and use in source and binary forms, with or without
28 * modification, are permitted provided that the following conditions
31 * 1. Redistributions of source code must retain the above copyright
32 * notice, this list of conditions and the following disclaimer.
33 * 2. Redistributions in binary form must reproduce the above copyright
34 * notice, this list of conditions and the following disclaimer in the
35 * documentation and/or other materials provided with the distribution.
36 * 3. The name of the author may not be used to endorse or promote products
37 * derived from this software without specific prior written permission.
39 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
40 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
41 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
42 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
43 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
45 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
46 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
47 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
48 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
50 * Effort sponsored in part by the Defense Advanced Research Projects
51 * Agency (DARPA) and Air Force Research Laboratory, Air Force
52 * Materiel Command, USAF, under agreement number F30602-01-2-0537.
56 #ifndef _CRYPTO_CRYPTO_H_
57 #define _CRYPTO_CRYPTO_H_
59 #include <sys/ioccom.h>
62 /* Some initial values */
63 #define CRYPTO_DRIVERS_INITIAL 4
64 #define CRYPTO_SW_SESSIONS 32
67 #define NULL_HASH_LEN 16
68 #define MD5_HASH_LEN 16
69 #define SHA1_HASH_LEN 20
70 #define RIPEMD160_HASH_LEN 20
71 #define SHA2_256_HASH_LEN 32
72 #define SHA2_384_HASH_LEN 48
73 #define SHA2_512_HASH_LEN 64
74 #define MD5_KPDK_HASH_LEN 16
75 #define SHA1_KPDK_HASH_LEN 20
76 /* Maximum hash algorithm result length */
77 #define HASH_MAX_LEN SHA2_512_HASH_LEN /* Keep this updated */
80 #define NULL_HMAC_BLOCK_LEN 64
81 #define MD5_HMAC_BLOCK_LEN 64
82 #define SHA1_HMAC_BLOCK_LEN 64
83 #define RIPEMD160_HMAC_BLOCK_LEN 64
84 #define SHA2_256_HMAC_BLOCK_LEN 64
85 #define SHA2_384_HMAC_BLOCK_LEN 128
86 #define SHA2_512_HMAC_BLOCK_LEN 128
87 /* Maximum HMAC block length */
88 #define HMAC_MAX_BLOCK_LEN SHA2_512_HMAC_BLOCK_LEN /* Keep this updated */
89 #define HMAC_IPAD_VAL 0x36
90 #define HMAC_OPAD_VAL 0x5C
92 /* Encryption algorithm block sizes */
93 #define NULL_BLOCK_LEN 4
94 #define DES_BLOCK_LEN 8
95 #define DES3_BLOCK_LEN 8
96 #define BLOWFISH_BLOCK_LEN 8
97 #define SKIPJACK_BLOCK_LEN 8
98 #define CAST128_BLOCK_LEN 8
99 #define RIJNDAEL128_BLOCK_LEN 16
100 #define AES_BLOCK_LEN RIJNDAEL128_BLOCK_LEN
101 #define AES_XTS_BLOCK_LEN 16
102 #define AES_XTS_IV_LEN 8
103 #define AESCTR_IV_LEN 8
104 #define AESCTR_BLOCK_LEN 16
105 #define AESGCM_IV_LEN 8
106 #define AESGCM_BLOCK_LEN 1
107 #define AESGMAC_IV_LEN 8
108 #define AESGMAC_BLOCK_LEN 1
109 #define CAMELLIA_BLOCK_LEN 16
110 #define TWOFISH_BLOCK_LEN 16
111 #define SERPENT_BLOCK_LEN 16
112 #define TWOFISH_XTS_BLOCK_LEN 16
113 #define TWOFISH_XTS_IV_LEN 8
114 #define SERPENT_XTS_BLOCK_LEN 16
115 #define SERPENT_XTS_IV_LEN 8
116 #define EALG_MAX_BLOCK_LEN AES_BLOCK_LEN /* Keep this updated */
118 #define CRYPTO_ALGORITHM_MIN 1
119 #define CRYPTO_DES_CBC 1
120 #define CRYPTO_3DES_CBC 2
121 #define CRYPTO_BLF_CBC 3
122 #define CRYPTO_CAST_CBC 4
123 #define CRYPTO_SKIPJACK_CBC 5
124 #define CRYPTO_MD5_HMAC 6
125 #define CRYPTO_SHA1_HMAC 7
126 #define CRYPTO_RIPEMD160_HMAC 8
127 #define CRYPTO_MD5_KPDK 9
128 #define CRYPTO_SHA1_KPDK 10
129 #define CRYPTO_RIJNDAEL128_CBC 11 /* 128 bit blocksize */
130 #define CRYPTO_AES_CBC 11 /* 128 bit blocksize -- the same as above */
131 #define CRYPTO_ARC4 12
132 #define CRYPTO_MD5 13
133 #define CRYPTO_SHA1 14
134 #define CRYPTO_NULL_HMAC 15
135 #define CRYPTO_NULL_CBC 16
136 #define CRYPTO_DEFLATE_COMP 17 /* Deflate compression algorithm */
137 #define CRYPTO_SHA2_256_HMAC 18
138 #define CRYPTO_SHA2_384_HMAC 19
139 #define CRYPTO_SHA2_512_HMAC 20
140 #define CRYPTO_CAMELLIA_CBC 21
141 #define CRYPTO_AES_XTS 22
142 #define CRYPTO_AES_CTR 23
143 #define CRYPTO_AES_GCM_16 24
144 #define CRYPTO_AES_128_GMAC 25
145 #define CRYPTO_AES_192_GMAC 26
146 #define CRYPTO_AES_256_GMAC 27
147 #define CRYPTO_AES_GMAC 28
148 #define CRYPTO_TWOFISH_CBC 29
149 #define CRYPTO_SERPENT_CBC 30
150 #define CRYPTO_TWOFISH_XTS 31
151 #define CRYPTO_SERPENT_XTS 32
152 #define CRYPTO_ALGORITHM_MAX 32 /* Keep updated - see below */
154 /* Algorithm flags */
155 #define CRYPTO_ALG_FLAG_SUPPORTED 0x01 /* Algorithm is supported */
156 #define CRYPTO_ALG_FLAG_RNG_ENABLE 0x02 /* Has HW RNG for DH/DSA */
157 #define CRYPTO_ALG_FLAG_DSA_SHA 0x04 /* Can do SHA on msg */
160 * Crypto driver/device flags. They can set in the crid
161 * parameter when creating a session or submitting a key
162 * op to affect the device/driver assigned. If neither
163 * of these are specified then the crid is assumed to hold
164 * the driver id of an existing (and suitable) device that
165 * must be used to satisfy the request.
167 #define CRYPTO_FLAG_HARDWARE 0x01000000 /* hardware accelerated */
168 #define CRYPTO_FLAG_SOFTWARE 0x02000000 /* software implementation */
172 u_int32_t cipher
; /* ie. CRYPTO_DES_CBC */
173 u_int32_t mac
; /* ie. CRYPTO_MD5_HMAC */
175 u_int32_t keylen
; /* cipher key */
177 int mackeylen
; /* mac key */
180 u_int32_t ses
; /* returns: session # */
184 u_int32_t cipher
; /* ie. CRYPTO_DES_CBC */
185 u_int32_t mac
; /* ie. CRYPTO_MD5_HMAC */
187 u_int32_t keylen
; /* cipher key */
189 int mackeylen
; /* mac key */
192 u_int32_t ses
; /* returns: session # */
193 int crid
; /* driver id + flags (rw) */
194 int pad
[4]; /* for future expansion */
199 u_int16_t op
; /* i.e. COP_ENCRYPT */
200 #define COP_ENCRYPT 1
201 #define COP_DECRYPT 2
203 #define COP_F_BATCH 0x0008 /* Batch op if possible */
205 caddr_t src
, dst
; /* become iov[] inside kernel */
206 caddr_t mac
; /* must be big enough for chosen MAC */
211 * Parameters for looking up a crypto driver/device by
212 * device name or by id. The latter are returned for
213 * created sessions (crid) and completed key operations.
215 struct crypt_find_op
{
216 int crid
; /* driver id + flags */
217 char name
[32]; /* device/driver name */
220 /* bignum parameter, in packed bytes, ... */
226 #define CRK_MAXPARAM 8
229 u_int crk_op
; /* ie. CRK_MOD_EXP or other */
230 u_int crk_status
; /* return status */
231 u_short crk_iparams
; /* # of input parameters */
232 u_short crk_oparams
; /* # of output parameters */
233 u_int crk_crid
; /* NB: only used by CIOCKEY2 (rw) */
234 struct crparam crk_param
[CRK_MAXPARAM
];
236 #define CRK_ALGORITM_MIN 0
237 #define CRK_MOD_EXP 0
238 #define CRK_MOD_EXP_CRT 1
239 #define CRK_DSA_SIGN 2
240 #define CRK_DSA_VERIFY 3
241 #define CRK_DH_COMPUTE_KEY 4
242 #define CRK_ALGORITHM_MAX 4 /* Keep updated - see below */
244 #define CRF_MOD_EXP (1 << CRK_MOD_EXP)
245 #define CRF_MOD_EXP_CRT (1 << CRK_MOD_EXP_CRT)
246 #define CRF_DSA_SIGN (1 << CRK_DSA_SIGN)
247 #define CRF_DSA_VERIFY (1 << CRK_DSA_VERIFY)
248 #define CRF_DH_COMPUTE_KEY (1 << CRK_DH_COMPUTE_KEY)
251 * done against open of /dev/crypto, to get a cloned descriptor.
252 * Please use F_SETFD against the cloned descriptor.
254 #define CRIOGET _IOWR('c', 100, u_int32_t)
255 #define CRIOASYMFEAT CIOCASYMFEAT
256 #define CRIOFINDDEV CIOCFINDDEV
258 /* the following are done against the cloned descriptor */
259 #define CIOCGSESSION _IOWR('c', 101, struct session_op)
260 #define CIOCFSESSION _IOW('c', 102, u_int32_t)
261 #define CIOCCRYPT _IOWR('c', 103, struct crypt_op)
262 #define CIOCKEY _IOWR('c', 104, struct crypt_kop)
263 #define CIOCASYMFEAT _IOR('c', 105, u_int32_t)
264 #define CIOCGSESSION2 _IOWR('c', 106, struct session2_op)
265 #define CIOCKEY2 _IOWR('c', 107, struct crypt_kop)
266 #define CIOCFINDDEV _IOWR('c', 108, struct crypt_find_op)
269 struct timespec acc
; /* total accumulated time */
270 struct timespec min
; /* min time */
271 struct timespec max
; /* max time */
272 u_int32_t count
; /* number of observations */
276 u_int32_t cs_ops
; /* symmetric crypto ops submitted */
277 u_int32_t cs_errs
; /* symmetric crypto ops that failed */
278 u_int32_t cs_kops
; /* asymetric/key ops submitted */
279 u_int32_t cs_kerrs
; /* asymetric/key ops that failed */
280 u_int32_t cs_intrs
; /* crypto swi thread activations */
281 u_int32_t cs_rets
; /* crypto return thread activations */
282 u_int32_t cs_blocks
; /* symmetric op driver block */
283 u_int32_t cs_kblocks
; /* symmetric op driver block */
285 * When CRYPTO_TIMING is defined at compile time and the
286 * sysctl debug.crypto is set to 1, the crypto system will
287 * accumulate statistics about how long it takes to process
288 * crypto requests at various points during processing.
290 struct cryptotstat cs_invoke
; /* crypto_dipsatch -> crypto_invoke */
291 struct cryptotstat cs_done
; /* crypto_invoke -> crypto_done */
292 struct cryptotstat cs_cb
; /* crypto_done -> callback */
293 struct cryptotstat cs_finis
; /* callback -> callback return */
297 /* Standard initialization structure beginning */
299 int cri_alg
; /* Algorithm to use */
300 int cri_klen
; /* Key length, in bits */
301 int cri_mlen
; /* Number of bytes we want from the
302 entire hash. 0 means all. */
303 caddr_t cri_key
; /* key to use */
304 u_int8_t cri_iv
[EALG_MAX_BLOCK_LEN
]; /* IV to use */
305 struct cryptoini
*cri_next
;
308 /* Describe boundaries of a single crypto operation */
310 int crd_skip
; /* How many bytes to ignore from start */
311 int crd_len
; /* How many bytes to process */
312 int crd_inject
; /* Where to inject results, if applicable */
315 #define CRD_F_ENCRYPT 0x01 /* Set when doing encryption */
316 #define CRD_F_IV_PRESENT 0x02 /* When encrypting, IV is already in
317 place, so don't copy. */
318 #define CRD_F_IV_EXPLICIT 0x04 /* IV explicitly provided */
319 #define CRD_F_DSA_SHA_NEEDED 0x08 /* Compute SHA-1 of buffer for DSA */
320 #define CRD_F_COMP 0x0f /* Set when doing compression */
321 #define CRD_F_KEY_EXPLICIT 0x10 /* Key explicitly provided */
323 struct cryptoini CRD_INI
; /* Initialization/context data */
324 #define crd_iv CRD_INI.cri_iv
325 #define crd_key CRD_INI.cri_key
326 #define crd_alg CRD_INI.cri_alg
327 #define crd_klen CRD_INI.cri_klen
329 struct cryptodesc
*crd_next
;
332 /* Structure describing complete operation */
334 TAILQ_ENTRY(cryptop
) crp_next
;
336 u_int64_t crp_sid
; /* Session ID */
337 int crp_ilen
; /* Input data total length */
338 int crp_olen
; /* Result total length */
341 * Error type (zero means no error).
342 * All error codes except EAGAIN
343 * indicate possible data corruption (as in,
344 * the data have been touched). On all
345 * errors, the crp_sid may have changed
346 * (reset to a new one), so the caller
347 * should always check and use the new
348 * value on future requests.
352 #define CRYPTO_F_IMBUF 0x0001 /* Input/output are mbuf chains */
353 #define CRYPTO_F_IOV 0x0002 /* Input/output are uio */
354 #define CRYPTO_F_REL 0x0004 /* Must return data in same place */
355 #define CRYPTO_F_BATCH 0x0008 /* Batch op if possible */
356 #define CRYPTO_F_CBIMM 0x0010 /* Do callback immediately */
357 #define CRYPTO_F_DONE 0x0020 /* Operation completed */
358 #define CRYPTO_F_CBIFSYNC 0x0040 /* Do CBIMM if op is synchronous */
360 caddr_t crp_buf
; /* Data to be processed */
361 caddr_t crp_opaque
; /* Opaque pointer, passed along */
362 struct cryptodesc
*crp_desc
; /* Linked list of processing descriptors */
364 int (*crp_callback
)(struct cryptop
*); /* Callback function */
366 struct timespec crp_tstamp
; /* performance time stamp */
371 #define CRYPTO_BUF_CONTIG 0x0
372 #define CRYPTO_BUF_IOV 0x1
373 #define CRYPTO_BUF_MBUF 0x2
375 #define CRYPTO_OP_DECRYPT 0x0
376 #define CRYPTO_OP_ENCRYPT 0x1
379 * Hints passed to process methods.
381 #define CRYPTO_HINT_MORE 0x1 /* more ops coming shortly */
384 TAILQ_ENTRY(cryptkop
) krp_next
;
386 u_int krp_op
; /* ie. CRK_MOD_EXP or other */
387 u_int krp_status
; /* return status */
388 u_short krp_iparams
; /* # of input parameters */
389 u_short krp_oparams
; /* # of output parameters */
390 u_int krp_crid
; /* desired device, etc. */
392 struct crparam krp_param
[CRK_MAXPARAM
]; /* kvm */
393 int (*krp_callback
)(struct cryptkop
*);
397 * Session ids are 64 bits. The lower 32 bits contain a "local id" which
398 * is a driver-private session identifier. The upper 32 bits contain a
399 * "hardware id" used by the core crypto code to identify the driver and
400 * a copy of the driver's capabilities that can be used by client code to
401 * optimize operation.
403 #define CRYPTO_SESID2HID(_sid) (((_sid) >> 32) & 0x00ffffff)
404 #define CRYPTO_SESID2CAPS(_sid) (((_sid) >> 32) & 0xff000000)
405 #define CRYPTO_SESID2LID(_sid) (((u_int32_t) (_sid)) & 0xffffffff)
407 MALLOC_DECLARE(M_CRYPTO_DATA
);
409 extern int crypto_newsession(u_int64_t
*sid
, struct cryptoini
*cri
, int hard
);
410 extern int crypto_freesession(u_int64_t sid
);
411 #define CRYPTOCAP_F_HARDWARE CRYPTO_FLAG_HARDWARE
412 #define CRYPTOCAP_F_SOFTWARE CRYPTO_FLAG_SOFTWARE
413 #define CRYPTOCAP_F_SYNC 0x04000000 /* operates synchronously */
414 #define CRYPTOCAP_F_SMP 0x08000000 /* SMP dispatch ok */
415 extern int32_t crypto_get_driverid(device_t dev
, int flags
);
416 extern int crypto_find_driver(const char *);
417 extern device_t
crypto_find_device_byhid(int hid
);
418 extern int crypto_getcaps(int hid
);
419 extern int crypto_register(u_int32_t driverid
, int alg
, u_int16_t maxoplen
,
421 extern int crypto_kregister(u_int32_t
, int, u_int32_t
);
422 extern int crypto_unregister(u_int32_t driverid
, int alg
);
423 extern int crypto_unregister_all(u_int32_t driverid
);
424 extern int crypto_dispatch(struct cryptop
*crp
);
425 extern int crypto_kdispatch(struct cryptkop
*);
426 #define CRYPTO_SYMQ 0x1
427 #define CRYPTO_ASYMQ 0x2
428 extern int crypto_unblock(u_int32_t
, int);
429 extern void crypto_done(struct cryptop
*crp
);
430 extern void crypto_kdone(struct cryptkop
*);
431 extern int crypto_getfeat(int *);
433 extern void crypto_freereq(struct cryptop
*crp
);
434 extern struct cryptop
*crypto_getreq(int num
);
436 extern int crypto_usercrypto
; /* userland may do crypto requests */
437 extern int crypto_userasymcrypto
; /* userland may do asym crypto reqs */
438 extern int crypto_devallowsoft
; /* only use hardware crypto */
441 * Crypto-related utility routines used mainly by drivers.
443 * XXX these don't really belong here; but for now they're
444 * kept apart from the rest of the system.
447 extern void cuio_copydata(struct uio
* uio
, int off
, int len
, caddr_t cp
);
448 extern void cuio_copyback(struct uio
* uio
, int off
, int len
, caddr_t cp
);
449 extern struct iovec
*cuio_getptr(struct uio
*uio
, int loc
, int *off
);
450 extern int cuio_apply(struct uio
*uio
, int off
, int len
,
451 int (*f
)(void *, void *, u_int
), void *arg
);
453 extern void crypto_copyback(int flags
, caddr_t buf
, int off
, int size
,
455 extern void crypto_copydata(int flags
, caddr_t buf
, int off
, int size
,
457 extern int crypto_apply(int flags
, caddr_t buf
, int off
, int len
,
458 int (*f
)(void *, void *, u_int
), void *arg
);
460 #endif /* _CRYPTO_CRYPTO_H_ */