blob: 62950d22ac13d65862b197b3e1959f3ba55ff05c [file] [log] [blame]
Hemant Agrawala23d80e2012-06-22 19:42:39 -05001/*
2 * CAAM Protocol Data Block (PDB) definition header file
3 *
4 * Copyright 2008-2012 Freescale Semiconductor, Inc.
5 *
6 */
7
8#ifndef CAAM_PDB_H
9#define CAAM_PDB_H
10
11/*
12 * PDB- IPSec ESP Header Modification Options
13 */
14#define PDBHMO_ESP_DECAP_SHIFT 12
15#define PDBHMO_ESP_ENCAP_SHIFT 4
16/*
17 * Encap and Decap - Decrement TTL (Hop Limit) - Based on the value of the
18 * Options Byte IP version (IPvsn) field:
19 * if IPv4, decrement the inner IP header TTL field (byte 8);
20 * if IPv6 decrement the inner IP header Hop Limit field (byte 7).
21*/
22#define PDBHMO_ESP_DECAP_DEC_TTL (0x02 << PDBHMO_ESP_DECAP_SHIFT)
23#define PDBHMO_ESP_ENCAP_DEC_TTL (0x02 << PDBHMO_ESP_ENCAP_SHIFT)
24/*
25 * Decap - DiffServ Copy - Copy the IPv4 TOS or IPv6 Traffic Class byte
26 * from the outer IP header to the inner IP header.
27 */
28#define PDBHMO_ESP_DIFFSERV (0x01 << PDBHMO_ESP_DECAP_SHIFT)
29/*
30 * Encap- Copy DF bit -if an IPv4 tunnel mode outer IP header is coming from
31 * the PDB, copy the DF bit from the inner IP header to the outer IP header.
32 */
33#define PDBHMO_ESP_DFBIT (0x04 << PDBHMO_ESP_ENCAP_SHIFT)
34
35/*
36 * PDB - IPSec ESP Encap/Decap Options
37 */
38#define PDBOPTS_ESP_ARSNONE 0x00 /* no antireplay window */
39#define PDBOPTS_ESP_ARS32 0x40 /* 32-entry antireplay window */
40#define PDBOPTS_ESP_ARS64 0xc0 /* 64-entry antireplay window */
41#define PDBOPTS_ESP_IVSRC 0x20 /* IV comes from internal random gen */
42#define PDBOPTS_ESP_ESN 0x10 /* extended sequence included */
43#define PDBOPTS_ESP_OUTFMT 0x08 /* output only decapsulation (decap) */
44#define PDBOPTS_ESP_IPHDRSRC 0x08 /* IP header comes from PDB (encap) */
45#define PDBOPTS_ESP_INCIPHDR 0x04 /* Prepend IP header to output frame */
46#define PDBOPTS_ESP_IPVSN 0x02 /* process IPv6 header */
47#define PDBOPTS_ESP_TUNNEL 0x01 /* tunnel mode next-header byte */
48#define PDBOPTS_ESP_IPV6 0x02 /* ip header version is V6 */
49#define PDBOPTS_ESP_DIFFSERV 0x40 /* copy TOS/TC from inner iphdr */
50#define PDBOPTS_ESP_UPDATE_CSUM 0x80 /* encap-update ip header checksum */
51#define PDBOPTS_ESP_VERIFY_CSUM 0x20 /* decap-validate ip header checksum */
52
53/*
54 * General IPSec encap/decap PDB definitions
55 */
56struct ipsec_encap_cbc {
57 u32 iv[4];
58};
59
60struct ipsec_encap_ctr {
61 u32 ctr_nonce;
62 u32 ctr_initial;
63 u32 iv[2];
64};
65
66struct ipsec_encap_ccm {
67 u32 salt; /* lower 24 bits */
68 u8 b0_flags;
69 u8 ctr_flags;
70 u16 ctr_initial;
71 u32 iv[2];
72};
73
74struct ipsec_encap_gcm {
75 u32 salt; /* lower 24 bits */
76 u32 rsvd1;
77 u32 iv[2];
78};
79
80struct ipsec_encap_pdb {
81 u8 hmo_rsvd;
82 u8 ip_nh;
83 u8 ip_nh_offset;
84 u8 options;
85 u32 seq_num_ext_hi;
86 u32 seq_num;
87 union {
88 struct ipsec_encap_cbc cbc;
89 struct ipsec_encap_ctr ctr;
90 struct ipsec_encap_ccm ccm;
91 struct ipsec_encap_gcm gcm;
92 };
93 u32 spi;
94 u16 rsvd1;
95 u16 ip_hdr_len;
96 u32 ip_hdr[0]; /* optional IP Header content */
97};
98
99struct ipsec_decap_cbc {
100 u32 rsvd[2];
101};
102
103struct ipsec_decap_ctr {
104 u32 salt;
105 u32 ctr_initial;
106};
107
108struct ipsec_decap_ccm {
109 u32 salt;
110 u8 iv_flags;
111 u8 ctr_flags;
112 u16 ctr_initial;
113};
114
115struct ipsec_decap_gcm {
116 u32 salt;
117 u32 resvd;
118};
119
120struct ipsec_decap_pdb {
121 u16 hmo_ip_hdr_len;
122 u8 ip_nh_offset;
123 u8 options;
124 union {
125 struct ipsec_decap_cbc cbc;
126 struct ipsec_decap_ctr ctr;
127 struct ipsec_decap_ccm ccm;
128 struct ipsec_decap_gcm gcm;
129 };
130 u32 seq_num_ext_hi;
131 u32 seq_num;
132 u32 anti_replay[2];
133 u32 end_index[0];
134};
135
136/*
137 * IPSec ESP Datapath Protocol Override Register (DPOVRD)
138 */
139struct ipsec_deco_dpovrd {
140#define IPSEC_ENCAP_DECO_DPOVRD_USE 0x80
141 u8 ovrd_ecn;
142 u8 ip_hdr_len;
143 u8 nh_offset;
144 u8 next_header; /* reserved if decap */
145};
146
147/*
148 * IEEE 802.11i WiFi Protocol Data Block
149 */
150#define WIFI_PDBOPTS_FCS 0x01
151#define WIFI_PDBOPTS_AR 0x40
152
153struct wifi_encap_pdb {
154 u16 mac_hdr_len;
155 u8 rsvd;
156 u8 options;
157 u8 iv_flags;
158 u8 pri;
159 u16 pn1;
160 u32 pn2;
161 u16 frm_ctrl_mask;
162 u16 seq_ctrl_mask;
163 u8 rsvd1[2];
164 u8 cnst;
165 u8 key_id;
166 u8 ctr_flags;
167 u8 rsvd2;
168 u16 ctr_init;
169};
170
171struct wifi_decap_pdb {
172 u16 mac_hdr_len;
173 u8 rsvd;
174 u8 options;
175 u8 iv_flags;
176 u8 pri;
177 u16 pn1;
178 u32 pn2;
179 u16 frm_ctrl_mask;
180 u16 seq_ctrl_mask;
181 u8 rsvd1[4];
182 u8 ctr_flags;
183 u8 rsvd2;
184 u16 ctr_init;
185};
186
187/*
188 * IEEE 802.16 WiMAX Protocol Data Block
189 */
190#define WIMAX_PDBOPTS_FCS 0x01
191#define WIMAX_PDBOPTS_AR 0x40 /* decap only */
192
193struct wimax_encap_pdb {
194 u8 rsvd[3];
195 u8 options;
196 u32 nonce;
197 u8 b0_flags;
198 u8 ctr_flags;
199 u16 ctr_init;
200 /* begin DECO writeback region */
201 u32 pn;
202 /* end DECO writeback region */
203};
204
205struct wimax_decap_pdb {
206 u8 rsvd[3];
207 u8 options;
208 u32 nonce;
209 u8 iv_flags;
210 u8 ctr_flags;
211 u16 ctr_init;
212 /* begin DECO writeback region */
213 u32 pn;
214 u8 rsvd1[2];
215 u16 antireplay_len;
216 u64 antireplay_scorecard;
217 /* end DECO writeback region */
218};
219
220/*
221 * IEEE 801.AE MacSEC Protocol Data Block
222 */
223#define MACSEC_PDBOPTS_FCS 0x01
224#define MACSEC_PDBOPTS_AR 0x40 /* used in decap only */
225
226struct macsec_encap_pdb {
227 u16 aad_len;
228 u8 rsvd;
229 u8 options;
230 u64 sci;
231 u16 ethertype;
232 u8 tci_an;
233 u8 rsvd1;
234 /* begin DECO writeback region */
235 u32 pn;
236 /* end DECO writeback region */
237};
238
239struct macsec_decap_pdb {
240 u16 aad_len;
241 u8 rsvd;
242 u8 options;
243 u64 sci;
244 u8 rsvd1[3];
245 /* begin DECO writeback region */
246 u8 antireplay_len;
247 u32 pn;
248 u64 antireplay_scorecard;
249 /* end DECO writeback region */
250};
251
252/*
253 * SSL/TLS/DTLS Protocol Data Blocks
254 */
255
256#define TLS_PDBOPTS_ARS32 0x40
257#define TLS_PDBOPTS_ARS64 0xc0
258#define TLS_PDBOPTS_OUTFMT 0x08
259#define TLS_PDBOPTS_IV_WRTBK 0x02 /* 1.1/1.2/DTLS only */
260#define TLS_PDBOPTS_EXP_RND_IV 0x01 /* 1.1/1.2/DTLS only */
261
262struct tls_block_encap_pdb {
263 u8 type;
264 u8 version[2];
265 u8 options;
266 u64 seq_num;
267 u32 iv[4];
268};
269
270struct tls_stream_encap_pdb {
271 u8 type;
272 u8 version[2];
273 u8 options;
274 u64 seq_num;
275 u8 i;
276 u8 j;
277 u8 rsvd1[2];
278};
279
280struct dtls_block_encap_pdb {
281 u8 type;
282 u8 version[2];
283 u8 options;
284 u16 epoch;
285 u16 seq_num[3];
286 u32 iv[4];
287};
288
289struct tls_block_decap_pdb {
290 u8 rsvd[3];
291 u8 options;
292 u64 seq_num;
293 u32 iv[4];
294};
295
296struct tls_stream_decap_pdb {
297 u8 rsvd[3];
298 u8 options;
299 u64 seq_num;
300 u8 i;
301 u8 j;
302 u8 rsvd1[2];
303};
304
305struct dtls_block_decap_pdb {
306 u8 rsvd[3];
307 u8 options;
308 u16 epoch;
309 u16 seq_num[3];
310 u32 iv[4];
311 u64 antireplay_scorecard;
312};
313
314/*
315 * SRTP Protocol Data Blocks
316 */
317#define SRTP_PDBOPTS_MKI 0x08
318#define SRTP_PDBOPTS_AR 0x40
319
320struct srtp_encap_pdb {
321 u8 x_len;
322 u8 mki_len;
323 u8 n_tag;
324 u8 options;
325 u32 cnst0;
326 u8 rsvd[2];
327 u16 cnst1;
328 u16 salt[7];
329 u16 cnst2;
330 u32 rsvd1;
331 u32 roc;
332 u32 opt_mki;
333};
334
335struct srtp_decap_pdb {
336 u8 x_len;
337 u8 mki_len;
338 u8 n_tag;
339 u8 options;
340 u32 cnst0;
341 u8 rsvd[2];
342 u16 cnst1;
343 u16 salt[7];
344 u16 cnst2;
345 u16 rsvd1;
346 u16 seq_num;
347 u32 roc;
348 u64 antireplay_scorecard;
349};
350
351/*
352 * DSA/ECDSA Protocol Data Blocks
353 * Two of these exist: DSA-SIGN, and DSA-VERIFY. They are similar
354 * except for the treatment of "w" for verify, "s" for sign,
355 * and the placement of "a,b".
356 */
357#define DSA_PDB_SGF_SHIFT 24
358#define DSA_PDB_SGF_MASK (0xff << DSA_PDB_SGF_SHIFT)
359#define DSA_PDB_SGF_Q (0x80 << DSA_PDB_SGF_SHIFT)
360#define DSA_PDB_SGF_R (0x40 << DSA_PDB_SGF_SHIFT)
361#define DSA_PDB_SGF_G (0x20 << DSA_PDB_SGF_SHIFT)
362#define DSA_PDB_SGF_W (0x10 << DSA_PDB_SGF_SHIFT)
363#define DSA_PDB_SGF_S (0x10 << DSA_PDB_SGF_SHIFT)
364#define DSA_PDB_SGF_F (0x08 << DSA_PDB_SGF_SHIFT)
365#define DSA_PDB_SGF_C (0x04 << DSA_PDB_SGF_SHIFT)
366#define DSA_PDB_SGF_D (0x02 << DSA_PDB_SGF_SHIFT)
367#define DSA_PDB_SGF_AB_SIGN (0x02 << DSA_PDB_SGF_SHIFT)
368#define DSA_PDB_SGF_AB_VERIFY (0x01 << DSA_PDB_SGF_SHIFT)
369
370#define DSA_PDB_L_SHIFT 7
371#define DSA_PDB_L_MASK (0x3ff << DSA_PDB_L_SHIFT)
372
373#define DSA_PDB_N_MASK 0x7f
374
375struct dsa_sign_pdb {
376 u32 sgf_ln; /* Use DSA_PDB_ defintions per above */
377 u8 *q;
378 u8 *r;
379 u8 *g; /* or Gx,y */
380 u8 *s;
381 u8 *f;
382 u8 *c;
383 u8 *d;
384 u8 *ab; /* ECC only */
385 u8 *u;
386};
387
388struct dsa_verify_pdb {
389 u32 sgf_ln;
390 u8 *q;
391 u8 *r;
392 u8 *g; /* or Gx,y */
393 u8 *w; /* or Wx,y */
394 u8 *f;
395 u8 *c;
396 u8 *d;
397 u8 *tmp; /* temporary data block */
398 u8 *ab; /* only used if ECC processing */
399};
400
401#endif