Git Browser for ODROID
Code Review Sign In
git.odroid.com / yocto / uboot / refs/heads/odroidc5-v2023.01 / . / include / amlogic / aml_crypto.h
blob: 560aaeedd4b1e37a706fa27bcaf879949f4366ca [file] [log] [blame]
Bo Lv72d0e902023-01-02 14:27:34 +0000[diff] [blame]1/* SPDX-License-Identifier: (GPL-2.0+ OR MIT) */
2/*
3 * Copyright (c) 2019 Amlogic, Inc. All rights reserved.
4 */
5
6#ifndef _AML_CRYPTO_H
7#define _AML_CRYPTO_H
8
9#include <u-boot/sha256.h>
10
11#define CRYPTO_ERROR_NO_ERROR (0)
12#define CRYPTO_ERROR_BAD_PARAMETERS (-1)
13#define CRYPTO_ERROR_BAD_PROCESS (-2)
14
15#define AES_KEY_SIZE_128 16
16#define AES_KEY_SIZE_192 24
17#define AES_KEY_SIZE_256 32
18
19#define DES_KEY_SIZE 8
20#define TDES_2K_KEY_SIZE 16
21#define TDES_3K_KEY_SIZE 24
22
Matthew Shyudb02fe82023-11-29 23:35:33 -0800[diff] [blame]23#define SHA224_DIGEST_SIZE 28
24#define SHA256_DIGEST_SIZE 32
25#define SHA384_DIGEST_SIZE 38
26#define SHA512_DIGEST_SIZE 64
27#define SHA256_BLOCK_SIZE 64
28#define SHA224_BLOCK_SIZE 64
29
30#define SHA3_224_DIGEST_SIZE 28
31#define SHA3_256_DIGEST_SIZE 32
32#define SHA3_384_DIGEST_SIZE 48
33#define SHA3_512_DIGEST_SIZE 64
34
35#define SHA3_MAX_BLOCK_SIZE (168)
36#define SHA3_STATE_SIZE (201)
37
38#define SHA3_224_RATE (144)
39#define SHA3_256_RATE (136)
40#define SHA3_384_RATE (104)
41#define SHA3_512_RATE (72)
42#define SHAKE_128_RATE (168)
43#define SHAKE_256_RATE (136)
44
45enum SHA3_type {
46 SHA3_224 = 0,
47 SHA3_256 = 1,
48 SHA3_384 = 2,
49 SHA3_512 = 3,
50 SHA3_SHAKE_128 = 4,
51 SHA3_SHAKE_256 = 5,
52
53 SHA3_MAX
54};
55
56/* SHA2 context */
57typedef struct {
58 uint32_t tot_len;
59 uint32_t digest_len;
60 uint32_t buf_len;
61 uint8_t buf[SHA256_BLOCK_SIZE];
62 uint8_t state[SHA256_DIGEST_SIZE + 16];
63} sha2_ctx;
64
65/* SHA3 context */
66typedef struct {
67 uint32_t mode;
68 uint32_t tot_len;
69 uint32_t digest_len;
70 uint32_t block_size;
71 uint32_t buf_len;
72 uint8_t buf[SHA3_MAX_BLOCK_SIZE];
73 uint8_t state[SHA3_STATE_SIZE];
74 uint8_t rsv[7];
75} sha3_ctx;
76
Bo Lv72d0e902023-01-02 14:27:34 +0000[diff] [blame]77/*
78 * aes_ecb_enc_keytbl - AES ECB encrypt with keytable
79 *
80 * @input - input pointer
81 * @output - output pointer
82 * @nbytes - data length
83 * @key_slot - key table slot to be used
84 * @return - on successful, 0 and negative value, otherwise.
85 */
86int32_t aes_ecb_enc_keytbl(uint32_t keylen, const void *input, void *output,
87 uint8_t iv[16], size_t nbytes, uint32_t slot);
88/*
89 * aes_ecb_dec_keytbl - AES ECB decrypt with keytable
90 *
91 * @input - input pointer
92 * @output - output pointer
93 * @nbytes - data length
94 * @key_slot - key table slot to be used
95 * @return - on successful, 0 and negative value, otherwise.
96 */
97int32_t aes_ecb_dec_keytbl(uint32_t keylen, const void *input, void *output,
98 uint8_t iv[16], size_t nbytes, uint32_t slot);
99/*
100 * aes_cbc_enc_keytbl - AES CBC encrypt with keytable
101 *
102 * @input - input pointer
103 * @output - output pointer
104 * @iv - AES IV
105 * @nbytes - data length
106 * @key_slot - key table slot to be used
107 * @return - on successful, 0 and negative value, otherwise.
108 */
109int32_t aes_cbc_enc_keytbl(uint32_t keylen, const void *input, void *output,
110 uint8_t iv[16], size_t nbytes, uint32_t slot);
111/*
112 * aes256cbc_dec_keytbl - AES CBC decrypt with keytable
113 *
114 * @input - input pointer
115 * @output - output pointer
116 * @iv - AES IV
117 * @nbytes - data length
118 * @key_slot - key table slot to be used
119 * @return - on successful, 0 and negative value, otherwise.
120 */
121int32_t aes256cbc_dec_keytbl(const void *input, void *output, uint8_t iv[16],
122 size_t nbytes, uint32_t key_slot);
123
124/*
125 * aes_cbc_dec_keytbl - AES CBC decrypt with keytable
126 *
127 * @keylen - key length
128 * @input - input pointer
129 * @output - output pointer
130 * @iv - AES IV
131 * @nbytes - data length
132 * @slot - key table slot to be used
133 * @return - on successful, 0 and negative value, otherwise.
134 */
135int32_t aes_cbc_dec_keytbl(uint32_t keylen, const void *input, void *output, uint8_t iv[16],
136 size_t nbytes, uint32_t slot);
137/*
138 * aes_ctr_encrypt_keytbl - AES CTR encrypt with keytable
139 *
140 * @keylen - key length
141 * @input - input pointer
142 * @output - output pointer
143 * @iv - AES initial counter
144 * @nbytes - data length
145 * @slot - key table slot to be used
146 * @return - on successful, 0 and negative value, otherwise.
147 */
148int32_t aes_ctr_encrypt_keytbl(uint32_t keylen, const void *input, void *output,
149 uint8_t iv[16], size_t nbytes, uint32_t slot);
150/*
151 * aes_ctr_decrypt_keytbl - AES CTR decrypt with keytable
152 *
153 * @keylen - key length
154 * @input - input pointer
155 * @output - output pointer
156 * @iv - AES initial counter
157 * @nbytes - data length
158 * @slot - key table slot to be used
159 * @return - on successful, 0 and negative value, otherwise.
160 */
161int32_t aes_ctr_decrypt_keytbl(uint32_t keylen, const void *input, void *output,
162 uint8_t iv[16], size_t nbytes, uint32_t slot);
163/*
164 * aes256cbc_iv0_dec_keytbl - AES CBC decrypt with keytable and iv0
165 *
166 * @input - input pointer
167 * @output - output pointer
168 * @nbytes - data length
169 * @slot - key table slot to be used
170 * @return - on successful, 0 and negative value, otherwise.
171 */
172int32_t aes256cbc_iv0_dec_keytbl(const void *input, void *output, size_t nbytes,
173 uint32_t slot);
174
175/*
176 * des_tdes_ecb_enc_keytbl - DES/TDES ECB encrypt with keytable
177 *
178 * @keylen - key length
179 * @input - input pointer
180 * @output - output pointer
181 * @iv - TDES IV
182 * @nbytes - data length
183 * @slot - key table slot to be used
184 * @return - on successful, 0 and negative value, otherwise.
185 */
186int32_t des_tdes_ecb_enc_keytbl(uint32_t keylen, const void *input,
187 void *output, size_t nbytes, uint32_t slot);
188/*
189 * des_tdes_ecb_dec_keytbl - DES/TDES ECB decrypt with keytable
190 *
191 * @keylen - key length
192 * @input - input pointer
193 * @output - output pointer
194 * @iv - TDES IV
195 * @nbytes - data length
196 * @slot - key table slot to be used
197 * @return - on successful, 0 and negative value, otherwise.
198 */
199int32_t des_tdes_ecb_dec_keytbl(uint32_t keylen, const void *input,
200 void *output, uint8_t iv[16], size_t nbytes, uint32_t slot);
201/*
202 * des_tdes_cbc_enc_keytbl - DES/TDES CBC encrypt with keytable
203 *
204 * @keylen - key length
205 * @input - input pointer
206 * @output - output pointer
207 * @iv - TDES IV
208 * @nbytes - data length
209 * @slot - key table slot to be used
210 * @return - on successful, 0 and negative value, otherwise.
211 */
212int32_t des_tdes_cbc_enc_keytbl(uint32_t keylen, const void *input,
213 void *output, uint8_t iv[8], size_t nbytes, uint32_t slot);
214/*
215 * des_tdes_cbc_dec_keytbl - DES/TDES CBC decrypt with keytable
216 *
217 * @keylen - key length
218 * @input - input pointer
219 * @output - output pointer
220 * @iv - TDES IV
221 * @nbytes - data length
222 * @slot - key table slot to be used
223 * @return - on successful, 0 and negative value, otherwise.
224 */
225int32_t des_tdes_cbc_dec_keytbl(uint32_t keylen, const void *input,
226 void *output, uint8_t iv[8], size_t nbytes, uint32_t slot);
227
228/*
Matthew Shyudb02fe82023-11-29 23:35:33 -0800[diff] [blame]229 * aml_hw_sha2_init - HW SHA2 Init
Bo Lv72d0e902023-01-02 14:27:34 +0000[diff] [blame]230 *
Matthew Shyudb02fe82023-11-29 23:35:33 -0800[diff] [blame]231 * @ctx - SHA2 context
Bo Lv72d0e902023-01-02 14:27:34 +0000[diff] [blame]232 * @is224 - SHA224 or SHA256
233 * @return - on successful, 0 and negative value, otherwise.
234 */
Matthew Shyudb02fe82023-11-29 23:35:33 -0800[diff] [blame]235int32_t aml_hw_sha2_init(sha2_ctx *ctx, uint32_t is224);
Bo Lv72d0e902023-01-02 14:27:34 +0000[diff] [blame]236/*
Matthew Shyudb02fe82023-11-29 23:35:33 -0800[diff] [blame]237 * aml_hw_sha2_update - HW SHA Update
Bo Lv72d0e902023-01-02 14:27:34 +0000[diff] [blame]238 *
Matthew Shyudb02fe82023-11-29 23:35:33 -0800[diff] [blame]239 * @ctx - SHA context
240 * @input - input pointer
241 * @ilen - input size
242 * @return - on successful, 0 and negative value, otherwise.
243 */
244int32_t aml_hw_sha2_update(sha2_ctx *ctx, const uint8_t *input, uint32_t ilen);
245/*
246 * aml_hw_sha2_update - HW SHA Update
247 *
248 * @ctx - SHA context
Bo Lv72d0e902023-01-02 14:27:34 +0000[diff] [blame]249 * @input - input pointer
250 * @ilen - input size
251 * @hash - output hash
252 * @last_update - to finalize SHA context
253 * @return - on successful, 0 and negative value, otherwise.
254 */
Matthew Shyudb02fe82023-11-29 23:35:33 -0800[diff] [blame]255int32_t aml_hw_sha2_final(sha2_ctx *ctx, uint8_t *hash);
256
257/*
258 * aml_hw_sha3_init - HW SHA3 Init
259 *
260 * @ctx - SHA context
261 * @mode - SHA3-224/256/384/512/SHAKE-128/SHAKE-256
262 * @return - on successful, 0 and negative value, otherwise.
263 */
264int32_t aml_hw_sha3_init(sha3_ctx *ctx, uint32_t mode);
265
266/*
267 * aml_hw_sha3_update - HW SHA3 Update
268 *
269 * @ctx - SHA context
270 * @input - input pointer
271 * @ilen - input size
272 * @hash - output hash. There is no hash out when using SHAKE,
273 * use aml_hw_sha3_shake_squeeze instead.
274 * @last_update - to finalize SHA context
275 * @return - on successful, 0 and negative value, otherwise.
276 */
277int32_t aml_hw_sha3_update(sha3_ctx *ctx, const uint8_t *input, uint32_t ilen);
278
279/*
280 * aml_hw_sha3_final - HW SHA3 finalize
281 *
282 * @ctx - SHA context
283 * @hash - output hash
284 * @digest_len - length of hash to copy, for SHAKE, it is squeeze size
285 * @return - on successful, 0 and negative value, otherwise.
286 */
287int32_t aml_hw_sha3_final(sha3_ctx *ctx, uint8_t *hash, uint32_t digest_size);
Bo Lv72d0e902023-01-02 14:27:34 +0000[diff] [blame]288#endif