1/* SPDX-License-Identifier: GPL-2.0 */
2/*
3 * caam - Freescale FSL CAAM support for Public Key Cryptography descriptors
4 *
5 * Copyright 2016 Freescale Semiconductor, Inc.
6 *
7 * There is no Shared Descriptor for PKC so that the Job Descriptor must carry
8 * all the desired key parameters, input and output pointers.
9 */
10
11#ifndef _PKC_DESC_H_
12#define _PKC_DESC_H_
13#include "compat.h"
14#include "pdb.h"
15#include <crypto/engine.h>
16
17/**
18 * caam_priv_key_form - CAAM RSA private key representation
19 * CAAM RSA private key may have either of three forms.
20 *
21 * 1. The first representation consists of the pair (n, d), where the
22 *    components have the following meanings:
23 *        n      the RSA modulus
24 *        d      the RSA private exponent
25 *
26 * 2. The second representation consists of the triplet (p, q, d), where the
27 *    components have the following meanings:
28 *        p      the first prime factor of the RSA modulus n
29 *        q      the second prime factor of the RSA modulus n
30 *        d      the RSA private exponent
31 *
32 * 3. The third representation consists of the quintuple (p, q, dP, dQ, qInv),
33 *    where the components have the following meanings:
34 *        p      the first prime factor of the RSA modulus n
35 *        q      the second prime factor of the RSA modulus n
36 *        dP     the first factors's CRT exponent
37 *        dQ     the second factors's CRT exponent
38 *        qInv   the (first) CRT coefficient
39 *
40 * The benefit of using the third or the second key form is lower computational
41 * cost for the decryption and signature operations.
42 */
43enum caam_priv_key_form {
44	FORM1,
45	FORM2,
46	FORM3
47};
48
49/**
50 * caam_rsa_key - CAAM RSA key structure. Keys are allocated in DMA zone.
51 * @n           : RSA modulus raw byte stream
52 * @e           : RSA public exponent raw byte stream
53 * @d           : RSA private exponent raw byte stream
54 * @p           : RSA prime factor p of RSA modulus n
55 * @q           : RSA prime factor q of RSA modulus n
56 * @dp          : RSA CRT exponent of p
57 * @dp          : RSA CRT exponent of q
58 * @qinv        : RSA CRT coefficient
59 * @tmp1        : CAAM uses this temporary buffer as internal state buffer.
60 *                It is assumed to be as long as p.
61 * @tmp2        : CAAM uses this temporary buffer as internal state buffer.
62 *                It is assumed to be as long as q.
63 * @n_sz        : length in bytes of RSA modulus n
64 * @e_sz        : length in bytes of RSA public exponent
65 * @d_sz        : length in bytes of RSA private exponent
66 * @p_sz        : length in bytes of RSA prime factor p of RSA modulus n
67 * @q_sz        : length in bytes of RSA prime factor q of RSA modulus n
68 * @priv_form   : CAAM RSA private key representation
69 */
70struct caam_rsa_key {
71	u8 *n;
72	u8 *e;
73	u8 *d;
74	u8 *p;
75	u8 *q;
76	u8 *dp;
77	u8 *dq;
78	u8 *qinv;
79	u8 *tmp1;
80	u8 *tmp2;
81	size_t n_sz;
82	size_t e_sz;
83	size_t d_sz;
84	size_t p_sz;
85	size_t q_sz;
86	enum caam_priv_key_form priv_form;
87};
88
89/**
90 * caam_rsa_ctx - per session context.
91 * @enginectx   : crypto engine context
92 * @key         : RSA key in DMA zone
93 * @dev         : device structure
94 * @padding_dma : dma address of padding, for adding it to the input
95 */
96struct caam_rsa_ctx {
97	struct crypto_engine_ctx enginectx;
98	struct caam_rsa_key key;
99	struct device *dev;
100	dma_addr_t padding_dma;
101
102};
103
104/**
105 * caam_rsa_req_ctx - per request context.
106 * @src           : input scatterlist (stripped of leading zeros)
107 * @fixup_src     : input scatterlist (that might be stripped of leading zeros)
108 * @fixup_src_len : length of the fixup_src input scatterlist
109 * @edesc         : s/w-extended rsa descriptor
110 * @akcipher_op_done : callback used when operation is done
111 */
112struct caam_rsa_req_ctx {
113	struct scatterlist src[2];
114	struct scatterlist *fixup_src;
115	unsigned int fixup_src_len;
116	struct rsa_edesc *edesc;
117	void (*akcipher_op_done)(struct device *jrdev, u32 *desc, u32 err,
118				 void *context);
119};
120
121/**
122 * rsa_edesc - s/w-extended rsa descriptor
123 * @src_nents     : number of segments in input s/w scatterlist
124 * @dst_nents     : number of segments in output s/w scatterlist
125 * @mapped_src_nents: number of segments in input h/w link table
126 * @mapped_dst_nents: number of segments in output h/w link table
127 * @sec4_sg_bytes : length of h/w link table
128 * @bklog         : stored to determine if the request needs backlog
129 * @sec4_sg_dma   : dma address of h/w link table
130 * @sec4_sg       : pointer to h/w link table
131 * @pdb           : specific RSA Protocol Data Block (PDB)
132 * @hw_desc       : descriptor followed by link tables if any
133 */
134struct rsa_edesc {
135	int src_nents;
136	int dst_nents;
137	int mapped_src_nents;
138	int mapped_dst_nents;
139	int sec4_sg_bytes;
140	bool bklog;
141	dma_addr_t sec4_sg_dma;
142	struct sec4_sg_entry *sec4_sg;
143	union {
144		struct rsa_pub_pdb pub;
145		struct rsa_priv_f1_pdb priv_f1;
146		struct rsa_priv_f2_pdb priv_f2;
147		struct rsa_priv_f3_pdb priv_f3;
148	} pdb;
149	u32 hw_desc[];
150};
151
152/* Descriptor construction primitives. */
153void init_rsa_pub_desc(u32 *desc, struct rsa_pub_pdb *pdb);
154void init_rsa_priv_f1_desc(u32 *desc, struct rsa_priv_f1_pdb *pdb);
155void init_rsa_priv_f2_desc(u32 *desc, struct rsa_priv_f2_pdb *pdb);
156void init_rsa_priv_f3_desc(u32 *desc, struct rsa_priv_f3_pdb *pdb);
157
158#endif
159