18c2ecf20Sopenharmony_ci/* SPDX-License-Identifier: GPL-2.0 */
28c2ecf20Sopenharmony_ci/*
38c2ecf20Sopenharmony_ci * caam - Freescale FSL CAAM support for Public Key Cryptography descriptors
48c2ecf20Sopenharmony_ci *
58c2ecf20Sopenharmony_ci * Copyright 2016 Freescale Semiconductor, Inc.
68c2ecf20Sopenharmony_ci *
78c2ecf20Sopenharmony_ci * There is no Shared Descriptor for PKC so that the Job Descriptor must carry
88c2ecf20Sopenharmony_ci * all the desired key parameters, input and output pointers.
98c2ecf20Sopenharmony_ci */
108c2ecf20Sopenharmony_ci
118c2ecf20Sopenharmony_ci#ifndef _PKC_DESC_H_
128c2ecf20Sopenharmony_ci#define _PKC_DESC_H_
138c2ecf20Sopenharmony_ci#include "compat.h"
148c2ecf20Sopenharmony_ci#include "pdb.h"
158c2ecf20Sopenharmony_ci#include <crypto/engine.h>
168c2ecf20Sopenharmony_ci
178c2ecf20Sopenharmony_ci/**
188c2ecf20Sopenharmony_ci * caam_priv_key_form - CAAM RSA private key representation
198c2ecf20Sopenharmony_ci * CAAM RSA private key may have either of three forms.
208c2ecf20Sopenharmony_ci *
218c2ecf20Sopenharmony_ci * 1. The first representation consists of the pair (n, d), where the
228c2ecf20Sopenharmony_ci *    components have the following meanings:
238c2ecf20Sopenharmony_ci *        n      the RSA modulus
248c2ecf20Sopenharmony_ci *        d      the RSA private exponent
258c2ecf20Sopenharmony_ci *
268c2ecf20Sopenharmony_ci * 2. The second representation consists of the triplet (p, q, d), where the
278c2ecf20Sopenharmony_ci *    components have the following meanings:
288c2ecf20Sopenharmony_ci *        p      the first prime factor of the RSA modulus n
298c2ecf20Sopenharmony_ci *        q      the second prime factor of the RSA modulus n
308c2ecf20Sopenharmony_ci *        d      the RSA private exponent
318c2ecf20Sopenharmony_ci *
328c2ecf20Sopenharmony_ci * 3. The third representation consists of the quintuple (p, q, dP, dQ, qInv),
338c2ecf20Sopenharmony_ci *    where the components have the following meanings:
348c2ecf20Sopenharmony_ci *        p      the first prime factor of the RSA modulus n
358c2ecf20Sopenharmony_ci *        q      the second prime factor of the RSA modulus n
368c2ecf20Sopenharmony_ci *        dP     the first factors's CRT exponent
378c2ecf20Sopenharmony_ci *        dQ     the second factors's CRT exponent
388c2ecf20Sopenharmony_ci *        qInv   the (first) CRT coefficient
398c2ecf20Sopenharmony_ci *
408c2ecf20Sopenharmony_ci * The benefit of using the third or the second key form is lower computational
418c2ecf20Sopenharmony_ci * cost for the decryption and signature operations.
428c2ecf20Sopenharmony_ci */
438c2ecf20Sopenharmony_cienum caam_priv_key_form {
448c2ecf20Sopenharmony_ci	FORM1,
458c2ecf20Sopenharmony_ci	FORM2,
468c2ecf20Sopenharmony_ci	FORM3
478c2ecf20Sopenharmony_ci};
488c2ecf20Sopenharmony_ci
498c2ecf20Sopenharmony_ci/**
508c2ecf20Sopenharmony_ci * caam_rsa_key - CAAM RSA key structure. Keys are allocated in DMA zone.
518c2ecf20Sopenharmony_ci * @n           : RSA modulus raw byte stream
528c2ecf20Sopenharmony_ci * @e           : RSA public exponent raw byte stream
538c2ecf20Sopenharmony_ci * @d           : RSA private exponent raw byte stream
548c2ecf20Sopenharmony_ci * @p           : RSA prime factor p of RSA modulus n
558c2ecf20Sopenharmony_ci * @q           : RSA prime factor q of RSA modulus n
568c2ecf20Sopenharmony_ci * @dp          : RSA CRT exponent of p
578c2ecf20Sopenharmony_ci * @dp          : RSA CRT exponent of q
588c2ecf20Sopenharmony_ci * @qinv        : RSA CRT coefficient
598c2ecf20Sopenharmony_ci * @tmp1        : CAAM uses this temporary buffer as internal state buffer.
608c2ecf20Sopenharmony_ci *                It is assumed to be as long as p.
618c2ecf20Sopenharmony_ci * @tmp2        : CAAM uses this temporary buffer as internal state buffer.
628c2ecf20Sopenharmony_ci *                It is assumed to be as long as q.
638c2ecf20Sopenharmony_ci * @n_sz        : length in bytes of RSA modulus n
648c2ecf20Sopenharmony_ci * @e_sz        : length in bytes of RSA public exponent
658c2ecf20Sopenharmony_ci * @d_sz        : length in bytes of RSA private exponent
668c2ecf20Sopenharmony_ci * @p_sz        : length in bytes of RSA prime factor p of RSA modulus n
678c2ecf20Sopenharmony_ci * @q_sz        : length in bytes of RSA prime factor q of RSA modulus n
688c2ecf20Sopenharmony_ci * @priv_form   : CAAM RSA private key representation
698c2ecf20Sopenharmony_ci */
708c2ecf20Sopenharmony_cistruct caam_rsa_key {
718c2ecf20Sopenharmony_ci	u8 *n;
728c2ecf20Sopenharmony_ci	u8 *e;
738c2ecf20Sopenharmony_ci	u8 *d;
748c2ecf20Sopenharmony_ci	u8 *p;
758c2ecf20Sopenharmony_ci	u8 *q;
768c2ecf20Sopenharmony_ci	u8 *dp;
778c2ecf20Sopenharmony_ci	u8 *dq;
788c2ecf20Sopenharmony_ci	u8 *qinv;
798c2ecf20Sopenharmony_ci	u8 *tmp1;
808c2ecf20Sopenharmony_ci	u8 *tmp2;
818c2ecf20Sopenharmony_ci	size_t n_sz;
828c2ecf20Sopenharmony_ci	size_t e_sz;
838c2ecf20Sopenharmony_ci	size_t d_sz;
848c2ecf20Sopenharmony_ci	size_t p_sz;
858c2ecf20Sopenharmony_ci	size_t q_sz;
868c2ecf20Sopenharmony_ci	enum caam_priv_key_form priv_form;
878c2ecf20Sopenharmony_ci};
888c2ecf20Sopenharmony_ci
898c2ecf20Sopenharmony_ci/**
908c2ecf20Sopenharmony_ci * caam_rsa_ctx - per session context.
918c2ecf20Sopenharmony_ci * @enginectx   : crypto engine context
928c2ecf20Sopenharmony_ci * @key         : RSA key in DMA zone
938c2ecf20Sopenharmony_ci * @dev         : device structure
948c2ecf20Sopenharmony_ci * @padding_dma : dma address of padding, for adding it to the input
958c2ecf20Sopenharmony_ci */
968c2ecf20Sopenharmony_cistruct caam_rsa_ctx {
978c2ecf20Sopenharmony_ci	struct crypto_engine_ctx enginectx;
988c2ecf20Sopenharmony_ci	struct caam_rsa_key key;
998c2ecf20Sopenharmony_ci	struct device *dev;
1008c2ecf20Sopenharmony_ci	dma_addr_t padding_dma;
1018c2ecf20Sopenharmony_ci
1028c2ecf20Sopenharmony_ci};
1038c2ecf20Sopenharmony_ci
1048c2ecf20Sopenharmony_ci/**
1058c2ecf20Sopenharmony_ci * caam_rsa_req_ctx - per request context.
1068c2ecf20Sopenharmony_ci * @src           : input scatterlist (stripped of leading zeros)
1078c2ecf20Sopenharmony_ci * @fixup_src     : input scatterlist (that might be stripped of leading zeros)
1088c2ecf20Sopenharmony_ci * @fixup_src_len : length of the fixup_src input scatterlist
1098c2ecf20Sopenharmony_ci * @edesc         : s/w-extended rsa descriptor
1108c2ecf20Sopenharmony_ci * @akcipher_op_done : callback used when operation is done
1118c2ecf20Sopenharmony_ci */
1128c2ecf20Sopenharmony_cistruct caam_rsa_req_ctx {
1138c2ecf20Sopenharmony_ci	struct scatterlist src[2];
1148c2ecf20Sopenharmony_ci	struct scatterlist *fixup_src;
1158c2ecf20Sopenharmony_ci	unsigned int fixup_src_len;
1168c2ecf20Sopenharmony_ci	struct rsa_edesc *edesc;
1178c2ecf20Sopenharmony_ci	void (*akcipher_op_done)(struct device *jrdev, u32 *desc, u32 err,
1188c2ecf20Sopenharmony_ci				 void *context);
1198c2ecf20Sopenharmony_ci};
1208c2ecf20Sopenharmony_ci
1218c2ecf20Sopenharmony_ci/**
1228c2ecf20Sopenharmony_ci * rsa_edesc - s/w-extended rsa descriptor
1238c2ecf20Sopenharmony_ci * @src_nents     : number of segments in input s/w scatterlist
1248c2ecf20Sopenharmony_ci * @dst_nents     : number of segments in output s/w scatterlist
1258c2ecf20Sopenharmony_ci * @mapped_src_nents: number of segments in input h/w link table
1268c2ecf20Sopenharmony_ci * @mapped_dst_nents: number of segments in output h/w link table
1278c2ecf20Sopenharmony_ci * @sec4_sg_bytes : length of h/w link table
1288c2ecf20Sopenharmony_ci * @bklog         : stored to determine if the request needs backlog
1298c2ecf20Sopenharmony_ci * @sec4_sg_dma   : dma address of h/w link table
1308c2ecf20Sopenharmony_ci * @sec4_sg       : pointer to h/w link table
1318c2ecf20Sopenharmony_ci * @pdb           : specific RSA Protocol Data Block (PDB)
1328c2ecf20Sopenharmony_ci * @hw_desc       : descriptor followed by link tables if any
1338c2ecf20Sopenharmony_ci */
1348c2ecf20Sopenharmony_cistruct rsa_edesc {
1358c2ecf20Sopenharmony_ci	int src_nents;
1368c2ecf20Sopenharmony_ci	int dst_nents;
1378c2ecf20Sopenharmony_ci	int mapped_src_nents;
1388c2ecf20Sopenharmony_ci	int mapped_dst_nents;
1398c2ecf20Sopenharmony_ci	int sec4_sg_bytes;
1408c2ecf20Sopenharmony_ci	bool bklog;
1418c2ecf20Sopenharmony_ci	dma_addr_t sec4_sg_dma;
1428c2ecf20Sopenharmony_ci	struct sec4_sg_entry *sec4_sg;
1438c2ecf20Sopenharmony_ci	union {
1448c2ecf20Sopenharmony_ci		struct rsa_pub_pdb pub;
1458c2ecf20Sopenharmony_ci		struct rsa_priv_f1_pdb priv_f1;
1468c2ecf20Sopenharmony_ci		struct rsa_priv_f2_pdb priv_f2;
1478c2ecf20Sopenharmony_ci		struct rsa_priv_f3_pdb priv_f3;
1488c2ecf20Sopenharmony_ci	} pdb;
1498c2ecf20Sopenharmony_ci	u32 hw_desc[];
1508c2ecf20Sopenharmony_ci};
1518c2ecf20Sopenharmony_ci
1528c2ecf20Sopenharmony_ci/* Descriptor construction primitives. */
1538c2ecf20Sopenharmony_civoid init_rsa_pub_desc(u32 *desc, struct rsa_pub_pdb *pdb);
1548c2ecf20Sopenharmony_civoid init_rsa_priv_f1_desc(u32 *desc, struct rsa_priv_f1_pdb *pdb);
1558c2ecf20Sopenharmony_civoid init_rsa_priv_f2_desc(u32 *desc, struct rsa_priv_f2_pdb *pdb);
1568c2ecf20Sopenharmony_civoid init_rsa_priv_f3_desc(u32 *desc, struct rsa_priv_f3_pdb *pdb);
1578c2ecf20Sopenharmony_ci
1588c2ecf20Sopenharmony_ci#endif
159