xref: /arm-trusted-firmware/include/drivers/auth/crypto_mod.h (revision 91f16700b400a8c0651d24a598fc48ee2997a0d7) 
1*91f16700Schasinglulu /*
2*91f16700Schasinglulu  * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved.
3*91f16700Schasinglulu  *
4*91f16700Schasinglulu  * SPDX-License-Identifier: BSD-3-Clause
5*91f16700Schasinglulu  */
6*91f16700Schasinglulu 
7*91f16700Schasinglulu #ifndef CRYPTO_MOD_H
8*91f16700Schasinglulu #define CRYPTO_MOD_H
9*91f16700Schasinglulu 
10*91f16700Schasinglulu #define	CRYPTO_AUTH_VERIFY_ONLY			1
11*91f16700Schasinglulu #define	CRYPTO_HASH_CALC_ONLY			2
12*91f16700Schasinglulu #define	CRYPTO_AUTH_VERIFY_AND_HASH_CALC	3
13*91f16700Schasinglulu 
14*91f16700Schasinglulu /* Return values */
15*91f16700Schasinglulu enum crypto_ret_value {
16*91f16700Schasinglulu 	CRYPTO_SUCCESS = 0,
17*91f16700Schasinglulu 	CRYPTO_ERR_INIT,
18*91f16700Schasinglulu 	CRYPTO_ERR_HASH,
19*91f16700Schasinglulu 	CRYPTO_ERR_SIGNATURE,
20*91f16700Schasinglulu 	CRYPTO_ERR_DECRYPTION,
21*91f16700Schasinglulu 	CRYPTO_ERR_UNKNOWN
22*91f16700Schasinglulu };
23*91f16700Schasinglulu 
24*91f16700Schasinglulu #define CRYPTO_MAX_IV_SIZE		16U
25*91f16700Schasinglulu #define CRYPTO_MAX_TAG_SIZE		16U
26*91f16700Schasinglulu 
27*91f16700Schasinglulu /* Decryption algorithm */
28*91f16700Schasinglulu enum crypto_dec_algo {
29*91f16700Schasinglulu 	CRYPTO_GCM_DECRYPT = 0
30*91f16700Schasinglulu };
31*91f16700Schasinglulu 
32*91f16700Schasinglulu /* Message digest algorithm */
33*91f16700Schasinglulu enum crypto_md_algo {
34*91f16700Schasinglulu 	CRYPTO_MD_SHA256,
35*91f16700Schasinglulu 	CRYPTO_MD_SHA384,
36*91f16700Schasinglulu 	CRYPTO_MD_SHA512,
37*91f16700Schasinglulu };
38*91f16700Schasinglulu 
39*91f16700Schasinglulu /* Maximum size as per the known stronger hash algorithm i.e.SHA512 */
40*91f16700Schasinglulu #define CRYPTO_MD_MAX_SIZE		64U
41*91f16700Schasinglulu 
42*91f16700Schasinglulu /*
43*91f16700Schasinglulu  * Cryptographic library descriptor
44*91f16700Schasinglulu  */
45*91f16700Schasinglulu typedef struct crypto_lib_desc_s {
46*91f16700Schasinglulu 	const char *name;
47*91f16700Schasinglulu 
48*91f16700Schasinglulu 	/* Initialize library. This function is not expected to fail. All errors
49*91f16700Schasinglulu 	 * must be handled inside the function, asserting or panicking in case of
50*91f16700Schasinglulu 	 * a non-recoverable error */
51*91f16700Schasinglulu 	void (*init)(void);
52*91f16700Schasinglulu 
53*91f16700Schasinglulu 	/* Verify a digital signature. Return one of the
54*91f16700Schasinglulu 	 * 'enum crypto_ret_value' options */
55*91f16700Schasinglulu 	int (*verify_signature)(void *data_ptr, unsigned int data_len,
56*91f16700Schasinglulu 				void *sig_ptr, unsigned int sig_len,
57*91f16700Schasinglulu 				void *sig_alg, unsigned int sig_alg_len,
58*91f16700Schasinglulu 				void *pk_ptr, unsigned int pk_len);
59*91f16700Schasinglulu 
60*91f16700Schasinglulu 	/* Verify a hash. Return one of the 'enum crypto_ret_value' options */
61*91f16700Schasinglulu 	int (*verify_hash)(void *data_ptr, unsigned int data_len,
62*91f16700Schasinglulu 			   void *digest_info_ptr, unsigned int digest_info_len);
63*91f16700Schasinglulu 
64*91f16700Schasinglulu 	/* Calculate a hash. Return hash value */
65*91f16700Schasinglulu 	int (*calc_hash)(enum crypto_md_algo md_alg, void *data_ptr,
66*91f16700Schasinglulu 			 unsigned int data_len,
67*91f16700Schasinglulu 			 unsigned char output[CRYPTO_MD_MAX_SIZE]);
68*91f16700Schasinglulu 
69*91f16700Schasinglulu 	/* Convert Public key (optional) */
70*91f16700Schasinglulu 	int (*convert_pk)(void *full_pk_ptr, unsigned int full_pk_len,
71*91f16700Schasinglulu 			  void **hashed_pk_ptr, unsigned int *hashed_pk_len);
72*91f16700Schasinglulu 
73*91f16700Schasinglulu 	/*
74*91f16700Schasinglulu 	 * Authenticated decryption. Return one of the
75*91f16700Schasinglulu 	 * 'enum crypto_ret_value' options.
76*91f16700Schasinglulu 	 */
77*91f16700Schasinglulu 	int (*auth_decrypt)(enum crypto_dec_algo dec_algo, void *data_ptr,
78*91f16700Schasinglulu 			    size_t len, const void *key, unsigned int key_len,
79*91f16700Schasinglulu 			    unsigned int key_flags, const void *iv,
80*91f16700Schasinglulu 			    unsigned int iv_len, const void *tag,
81*91f16700Schasinglulu 			    unsigned int tag_len);
82*91f16700Schasinglulu } crypto_lib_desc_t;
83*91f16700Schasinglulu 
84*91f16700Schasinglulu /* Public functions */
85*91f16700Schasinglulu #if CRYPTO_SUPPORT
86*91f16700Schasinglulu void crypto_mod_init(void);
87*91f16700Schasinglulu #else
88*91f16700Schasinglulu static inline void crypto_mod_init(void)
89*91f16700Schasinglulu {
90*91f16700Schasinglulu }
91*91f16700Schasinglulu #endif /* CRYPTO_SUPPORT */
92*91f16700Schasinglulu 
93*91f16700Schasinglulu #if (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY) || \
94*91f16700Schasinglulu     (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC)
95*91f16700Schasinglulu int crypto_mod_verify_signature(void *data_ptr, unsigned int data_len,
96*91f16700Schasinglulu 				void *sig_ptr, unsigned int sig_len,
97*91f16700Schasinglulu 				void *sig_alg_ptr, unsigned int sig_alg_len,
98*91f16700Schasinglulu 				void *pk_ptr, unsigned int pk_len);
99*91f16700Schasinglulu int crypto_mod_verify_hash(void *data_ptr, unsigned int data_len,
100*91f16700Schasinglulu 			   void *digest_info_ptr, unsigned int digest_info_len);
101*91f16700Schasinglulu #endif /* (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_ONLY) || \
102*91f16700Schasinglulu 	  (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC) */
103*91f16700Schasinglulu 
104*91f16700Schasinglulu int crypto_mod_auth_decrypt(enum crypto_dec_algo dec_algo, void *data_ptr,
105*91f16700Schasinglulu 			    size_t len, const void *key, unsigned int key_len,
106*91f16700Schasinglulu 			    unsigned int key_flags, const void *iv,
107*91f16700Schasinglulu 			    unsigned int iv_len, const void *tag,
108*91f16700Schasinglulu 			    unsigned int tag_len);
109*91f16700Schasinglulu 
110*91f16700Schasinglulu #if (CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY) || \
111*91f16700Schasinglulu     (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC)
112*91f16700Schasinglulu int crypto_mod_calc_hash(enum crypto_md_algo alg, void *data_ptr,
113*91f16700Schasinglulu 			 unsigned int data_len,
114*91f16700Schasinglulu 			 unsigned char output[CRYPTO_MD_MAX_SIZE]);
115*91f16700Schasinglulu #endif /* (CRYPTO_SUPPORT == CRYPTO_HASH_CALC_ONLY) || \
116*91f16700Schasinglulu 	  (CRYPTO_SUPPORT == CRYPTO_AUTH_VERIFY_AND_HASH_CALC) */
117*91f16700Schasinglulu 
118*91f16700Schasinglulu int crypto_mod_convert_pk(void *full_pk_ptr, unsigned int full_pk_len,
119*91f16700Schasinglulu 			  void **hashed_pk_ptr, unsigned int *hashed_pk_len);
120*91f16700Schasinglulu 
121*91f16700Schasinglulu /* Macro to register a cryptographic library */
122*91f16700Schasinglulu #define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash, \
123*91f16700Schasinglulu 			    _calc_hash, _auth_decrypt, _convert_pk) \
124*91f16700Schasinglulu 	const crypto_lib_desc_t crypto_lib_desc = { \
125*91f16700Schasinglulu 		.name = _name, \
126*91f16700Schasinglulu 		.init = _init, \
127*91f16700Schasinglulu 		.verify_signature = _verify_signature, \
128*91f16700Schasinglulu 		.verify_hash = _verify_hash, \
129*91f16700Schasinglulu 		.calc_hash = _calc_hash, \
130*91f16700Schasinglulu 		.auth_decrypt = _auth_decrypt, \
131*91f16700Schasinglulu 		.convert_pk = _convert_pk \
132*91f16700Schasinglulu 	}
133*91f16700Schasinglulu 
134*91f16700Schasinglulu extern const crypto_lib_desc_t crypto_lib_desc;
135*91f16700Schasinglulu 
136*91f16700Schasinglulu #endif /* CRYPTO_MOD_H */
137