1 #ifndef _SALLDCTX_H
2 #define _SALLDCTX_H
3 /*******************************************************************************
4 * FILE PURPOSE: Provide Security Accelerator (SA) Packet Header Processor (PHP)
5 * Security Context related defintions (not applicable for sa2ul
6 * Please see new layout for sa2ul)
7 *
8 ********************************************************************************
9 * FILE NAME: salldctx.h
10 *
11 * DESCRIPTION: Provide the Security Context related data structures, constants
12 * and MACROs used by the Packet Header Processor (PHP) module in the
13 * Security Accelerator (SA) for all supported operation modes
14 *
15 * 0 1 2 3
16 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
17 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -----
18 * | Flags | F/E control | SCID |
19 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Hardware Control
20 * | SCPTR (Security Context Pointer |
21 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------
22 * |D| Pkt Type | Flow Index | Dest Queue ID | Software Control
23 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------
24 * | |
25 * | |
26 * | |
27 * | Protocol Specific Parameters |
28 * | (Variable Size up to 116 bytes |
29 * ... ...
30 * | |
31 * | |
32 * | |
33 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
34 *
35 * Figure: PHP Security Context Format
36 *
37 * New Layout for SA2UL:
38 *
39 * 0 1 2 3
40 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
41 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -----
42 * | Flags | F/E control | SCID |
43 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Hardware Control
44 * | Additional flags for SA2UL +
45 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+------
46 * | | Flow Id + High SCPTR (SecurityContextPtr| HW/Software
47 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------
48 * | Low SCPTR (Security Context Ptr) | Software Control
49 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------
50 * | |
51 * | |
52 * | |
53 * | Protocol Specific Parameters |
54 * | (Variable Size up to 116 bytes |
55 * | |
56 * | |
57 * | |
58 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
59 *
60 * Figure: SA2UL Security Context Format
61 *
62 *
63 *
64 * (C) Copyright 2008-2018 Texas Instruments, Inc.
65 *
66 * Redistribution and use in source and binary forms, with or without
67 * modification, are permitted provided that the following conditions
68 * are met:
69 *
70 * Redistributions of source code must retain the above copyright
71 * notice, this list of conditions and the following disclaimer.
72 *
73 * Redistributions in binary form must reproduce the above copyright
74 * notice, this list of conditions and the following disclaimer in the
75 * documentation and/or other materials provided with the
76 * distribution.
77 *
78 * Neither the name of Texas Instruments Incorporated nor the names of
79 * its contributors may be used to endorse or promote products derived
80 * from this software without specific prior written permission.
81 *
82 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
83 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
84 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
85 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
86 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
87 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
88 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
89 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
90 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
91 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
92 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
93 *
94 */
96 #include "src/salldport.h"
97 #include "src/salldcmdl.h"
99 /*
100 * Data structures used by multiple protocols
101 */
103 /******************************************************************************
104 * Type: SA_REPLAY_CTL_T
105 ******************************************************************************
106 * Description: This structure specifies the parameters of the IPSEC
107 * replay control blocks
108 *
109 * Note: Some parameters may be initialized by SW
110 *****************************************************************************/
111 /*
112 * SASS supports two ranges of replay window size
113 * Normal replay window: size <= 128, normal PHP context size (<= 128)
114 * Large replay window: size in (128, 1024], PHP context size = 256
115 *
116 */
117 #define SA_CTX_MAX_REPLAY_WINDOW_SIZE 128
118 #define SA_CTX_WIN_MASK_SIZE SALLD_DIV_ROUND_UP(SA_CTX_MAX_REPLAY_WINDOW_SIZE, 32) + 1
120 #define SA_CTX_MAX_REPLAY_WINDOW_SIZE2 1024
121 #define SA_CTX_WIN_MASK_SIZE2 SALLD_DIV_ROUND_UP(SA_CTX_MAX_REPLAY_WINDOW_SIZE2, 32) + 1
124 /* Additional flags for SA2UL */
125 #define SA_CTX_SA2UL_SECURE 0x0001
126 #define SA_CTX_SA2UL_ALLOW_PROMOTE 0x0002
127 #define SA_CTX_SA2UL_ALLOW_DEMOTE 0x0004
128 #define SA_CTX_SA2UL_ALLOW_NONSEC 0x0008
129 #define SA_CTX_SA2UL_SET_PRIVID 0x0010
130 #define SA_CTX_SA2UL_SET_PRIV 0x0020
131 #define SA_CTX_SA2UL_OVERWRITE_FLOWID 0x0040
133 typedef struct SA_REPLAY_CTL_tag
134 {
135 uint16_t winMaskIndexBitoff; /* Mask index of window base */
136 /* Bit offset from "index" to the window base */
137 uint16_t winSize; /* replay window size */
138 /* for memory alignment only */
139 uint32_t winMask[SA_CTX_WIN_MASK_SIZE]; /* Bitmask Array */
140 uint32_t winBaseHi; /* Upper 32-bit of the win_base when ESN is enabled */
141 uint32_t winBase; /* Packet ID of window base (lowest index) */
142 } saReplayCtl_t;
144 /* SRTP operation realted definitions */
146 /* SRTP operation related constant definitions */
147 #define SA_SRTP_MAX_MKI_SIZE 4
148 #define SA_SRTP_MAX_AUTH_TAG_SIZE 16
149 #define SA_SRTP_MAX_SALT_SIZE 14
150 #define SA_SRTP_MAX_REPLAY_WINDOW_SIZE 64
151 #define SA_SRTP_MAX_CMDL_SIZE 80
153 #define SA_SRTP_MAX_MKI_SIZE_IN_TUINT SALLD_BYTE_TO_TUINT(SA_SRTP_MAX_MKI_SIZE)
154 #define SA_SRTP_MAX_SALT_SIZE_IN_TUINT SALLD_BYTE_TO_TUINT(SA_SRTP_MAX_SALT_SIZE)
157 /******************************************************************************
158 * Type: SA_SRTP_ENCRYPT_MODE_T
159 ******************************************************************************
160 * Description: Define the SRTP Encryption modes
161 *****************************************************************************/
162 #define SA_SRTP_ENCRYPT_MODE_NULL 0 /* No encryption */
163 #define SA_SRTP_ENCRYPT_MODE_CTR 1 /* SRTP Counter Mode */
164 #define SA_SRTP_ENCRYPT_MODE_F8 2 /* SRTP F8 mode */
166 /******************************************************************************
167 * Type: SA_CTX_PROTO_SRTP_TX_T
168 ******************************************************************************
169 * Description: This structure specifies the SRTP Tx protocol specific Security
170 * context parameters which are initialized by SW and used by
171 * Firmware.
172 *
173 * Note: The parameters which may be updated by the firmware should be arranged
174 * within the first 52 bytes so that the size of the evicted PHP parameters
175 * is limited to 64 bytes
176 *
177 *****************************************************************************/
178 typedef struct
179 {
181 uint32_t numTxPktsLo;
182 uint16_t numTxPktsHi;
183 uint16_t reserved1;
185 uint16_t ctrlBitfield; /* various SRTP control information */
186 /*
187 * Bit 0-2: Encryption mode (CTR, F8, NULL)
188 * Bit 3: RTCP flag (not used)
189 * Bit 4: MKI flag
190 * Bit 5: Encryption flag (0: No Encryption)
191 * Bit 6-15: Reserved
192 */
193 #define SA_CTX_PROTO_SRTP_TX_SET_ENCRYPT_MODE(a,b) UTL_SET_BITFIELD((a), b, 0, 3)
194 #define SA_CTX_PROTO_SRTP_TX_GET_ENCRYPT_MODE(a) UTL_GET_BITFIELD((a), 0, 3)
195 #define SA_CTX_PROTO_SRTP_TX_TEST_RTCP(a) UTL_GET_BITFIELD((a), 3, 1)
196 #define SA_CTX_PROTO_SRTP_TX_SET_RTCP(a,b) UTL_SET_BITFIELD((a), b, 3, 1)
197 #define SA_CTX_PROTO_SRTP_TX_TEST_MKI(a) UTL_GET_BITFIELD((a), 4, 1)
198 #define SA_CTX_PROTO_SRTP_TX_SET_MKI(a,b) UTL_SET_BITFIELD((a), b, 4, 1)
199 #define SA_CTX_PROTO_SRTP_TX_TEST_ENC_FLAG(a) UTL_GET_BITFIELD((a), 5, 1)
200 #define SA_CTX_PROTO_SRTP_TX_SET_ENC_FLAG(a,b) UTL_SET_BITFIELD((a), b, 5, 1)
202 uint16_t lastSeqNum; /* sequence number of the last tx packet */
203 uint32_t roc; /* rollover counter */
205 uint16_t firstEngIdCmdlLen; /* Specify the engine id for the first command */
206 /* Specify the size of the multiple command label */
207 uint16_t icvMkiSize; /* size of the authentication tag 0: indicate no authentication */
208 /* size of MKI */
210 uint16_t mki[SA_SRTP_MAX_MKI_SIZE_IN_TUINT]; /* Record the MKI value to be inserted into the SRTP packet */
212 uint16_t saltKey[SA_SRTP_MAX_SALT_SIZE_IN_TUINT]; /* Record the session salt key */
213 uint16_t saltKeySize; /* size of the salt key in upper 8-bit */
215 } saCtxProtoSrtpTx_t; /* 40 bytes */
218 /******************************************************************************
219 * Type: SA_CTX_PROTO_SRTP_RX_T
220 ******************************************************************************
221 * Description: This structure specifies the SRTP Rx protocol specific Security
222 * context parameters which are initialized by SW and used by
223 * Firmware.
224 *
225 * Note: The parameters which may be updated by the firmware should be arranged
226 * within the first 52 bytes so that the size of the evicted PHP parameters
227 * is limited to 64 bytes
228 *
229 *****************************************************************************/
230 typedef struct
231 {
233 /* Replay Control (32-bytes) */
234 saReplayCtl_t replayCtl; /* Replay control block */
236 /* Statistics (14 bytes) */
237 uint32_t numDupPkts;
238 uint16_t numOldPkts;
239 uint16_t numHashFails;
240 uint32_t numRxPktsLo;
241 uint16_t numRxPktsHi;
243 /* Rekey Control (28-bytes including ctrl-bitfilelds) */
244 /* Key life time check */
245 uint16_t keyLifetimeHi; /* The upper 16-bit of the key lifetime */
246 uint32_t keyLifetimeLo; /* The lower 32-bit of the key lifetime */
248 /* From to range check */
249 uint32_t fromIndexHi; /* The upper 32-bit of the from index (ROC)*/
250 uint32_t toIndexHi; /* The upper 32-bit of the to index (ROC) */
251 uint16_t fromIndexLo; /* The lower 16-bit of the from index (seq_num)*/
252 uint16_t toIndexLo; /* The lower 16-bit of the to index (seq_num)*/
254 /* Key Derivation check */
255 uint32_t keyDerivRemLo; /* The lower 32-bit of the key derivation reminder */
256 uint16_t keyDerivRemHi; /* The upper 16-bit of the key derivation reminder */
257 uint16_t keyDerivRate; /* key derivation rate in upper 8-bit */
259 /* General Operation: 32-bytes */
260 uint16_t ctrlBitfield; /* various SRTP control information */
262 /*
263 * Bit 0-2: Encryption mode (CTR, F8, NULL)
264 * Bit 3: RTCP flag (not used)
265 * Bit 4: MKI flag (not used)
266 * Bit 5: Encryption flag (0: No Encryption)
267 * Bit 6: From-to flag
268 * Bit 7: REPLAY flag
269 * Bit 8: First packet indication 1:Wait for the first packet
270 * Bit 9-15: reserved
271 */
272 #define SA_CTX_PROTO_SRTP_RX_SET_ENCRYPT_MODE(a,b) UTL_SET_BITFIELD((a), b, 0, 3)
273 #define SA_CTX_PROTO_SRTP_RX_GET_ENCRYPT_MODE(a) UTL_GET_BITFIELD((a), 0, 3)
274 #define SA_CTX_PROTO_SRTP_RX_TEST_RTCP(a) UTL_GET_BITFIELD((a), 3, 1)
275 #define SA_CTX_PROTO_SRTP_RX_SET_RTCP(a,b) UTL_SET_BITFIELD((a), b, 3, 1)
276 #define SA_CTX_PROTO_SRTP_RX_TEST_MKI(a) UTL_GET_BITFIELD((a), 4, 1)
277 #define SA_CTX_PROTO_SRTP_RX_SET_MKI(a,b) UTL_SET_BITFIELD((a), b, 4, 1)
278 #define SA_CTX_PROTO_SRTP_RX_TEST_FROMTO(a) UTL_GET_BITFIELD((a), 6, 1)
279 #define SA_CTX_PROTO_SRTP_RX_SET_FROMTO(a,b) UTL_SET_BITFIELD((a), b, 6, 1)
280 #define SA_CTX_PROTO_SRTP_RX_TEST_ENC_FLAG(a) UTL_GET_BITFIELD((a), 5, 1)
281 #define SA_CTX_PROTO_SRTP_RX_SET_ENC_FLAG(a,b) UTL_SET_BITFIELD((a), b, 5, 1)
282 #define SA_CTX_PROTO_SRTP_RX_TEST_FIRST_PKT(a) UTL_GET_BITFIELD((a), 8, 1)
283 #define SA_CTX_PROTO_SRTP_RX_SET_FIRST_PKT(a,b) UTL_SET_BITFIELD((a), b, 8, 1)
284 #define SA_CTX_PROTO_SRTP_RX_REPLAY_ENABLED(a) UTL_GET_BITFIELD((a), 7, 1)
285 #define SA_CTX_PROTO_SRTP_RX_SET_REPLAY(a,b) UTL_SET_BITFIELD((a), b, 7, 1)
288 uint16_t lastSeqNum; /* s_l: sequence number of the last rx packet */
289 uint32_t roc; /* rollover counter */
291 /* All the parameters above (46 bytes) should be evicted */
292 uint16_t firstEngIdCmdlLen; /* Specify the engine id for the first command */
293 /* Specify the size of the multiple command label */
294 uint16_t icvMkiSize; /* size of the authentication tag 0: indicate no authentication */
295 /* size of MKI in bytes */
297 uint16_t mki[SA_SRTP_MAX_MKI_SIZE_IN_TUINT]; /* Record the MKI value to be inserted into the SRTP packet */
299 uint16_t salt[SA_SRTP_MAX_SALT_SIZE_IN_TUINT]; /* Record the session salt key */
300 uint16_t saltSize; /* size of the salt in upper 8-bit */
302 } saCtxProtoSrtpRx_t; /* 106 bytes */
305 /* IPSEC operation related definitions */
307 /* IPSEC operation related constant definitions */
308 #define SA_IPSEC_MAX_HASH_DATA_SIZE 16
309 #define SA_IPSEC_MAX_IV_SIZE 16
310 #define SA_IPSEC_MAX_AUX_DATA_SIZE 12
311 #define SA_IPSEC_MAX_IPHDR_OPT_SIZE 100
312 #define SA_IPSEC_MAX_SALT_SIZE 4
313 #define SA_IPSEC_MAX_AUX_SIZE 32 /* store 16-byte K1 and K2 for CMAC */
314 #define SA_IPSEC_MAX_SALT_SIZE_IN_TUINT SALLD_BYTE_TO_TUINT(SA_IPSEC_MAX_SALT_SIZE)
315 #define SA_IPSEC_MAX_AUX_SIZE_IN_TUINT SALLD_BYTE_TO_TUINT(SA_IPSEC_MAX_AUX_SIZE)
316 #define SA_IPSEC_MAX_IV_SIZE_IN_TUINT SALLD_BYTE_TO_TUINT(SA_IPSEC_MAX_IV_SIZE)
318 /******************************************************************************
319 * Type: SA_IPSEC_TRANSPORT_TYPE_T
320 ******************************************************************************
321 * Description: Define the IPSec Transport Types
322 *****************************************************************************/
323 #define SA_IPSEC_TRANSPORT_TYPE_TRANSPORT 0
324 #define SA_IPSEC_TRANSPORT_TYPE_TUNNEL 1
326 /******************************************************************************
327 * Type: SA_IPSEC_ESP_CMDL_MODE_T
328 ******************************************************************************
329 * Description: Define the IPSEC Command Label Processing modes for ESP operation
330 *
331 * Note: It can be used by the PHP as index to the command label processing
332 * dispatch table
333 *****************************************************************************/
334 #define SA_IPSEC_ESP_CMDL_MODE_GEN 0 /* No special processing is required */
335 #define SA_IPSEC_ESP_CMDL_MODE_GCM 1 /* Combined Mode */
336 #define SA_IPSEC_ESP_CMDL_MODE_GMAC 2 /* Combined Mode */
337 #define SA_IPSEC_ESP_CMDL_MODE_CCM 3 /* Combined Mode */
338 #define SA_IPSEC_ESP_CMDL_MODE_CMAC 4 /* Cipher-based authentication code */
340 /******************************************************************************
341 * Type: SA_IPSEC_AH_CMDL_MODE_T
342 ******************************************************************************
343 * Description: Define the IPSEC Command Label Processing modes for AH operation
344 *
345 * Note: It can be used by the PHP as index to the command label processing
346 * dispatch table
347 *****************************************************************************/
348 #define SA_IPSEC_AH_CMDL_MODE_GEN 0 /* No special processing is required */
349 #define SA_IPSEC_AH_CMDL_MODE_GMAC 1 /* Combined Mode */
350 #define SA_IPSEC_AH_CMDL_MODE_CMAC 2 /* Cipher-based authentication code */
352 /******************************************************************************
353 * Type: saIpsecEsn_t
354 ******************************************************************************
355 * Description: This structure contains the extended sequence number
356 *****************************************************************************/
357 typedef struct SA_IPSEC_ESN_tag
358 {
359 uint32_t lo;
360 uint32_t hi;
361 } saIpsecEsn_t;
363 #define SA_IPSEC_INC_ESN(esn) if(++(esn).lo == 0)(esn).hi++
365 /******************************************************************************
366 * Type: SA_CTX_PROTO_IPSEC_AH_TX_T
367 ******************************************************************************
368 * Description: This structure specifies the IPSEC AH Tx protocol specific Security
369 * context parameters which are initialized by SW and used by
370 * Firmware.
371 *
372 * Note: The parameters which may be updated by the firmware should be arranged
373 * within the first 52 bytes so that the size of the evicted PHP parameters
374 * is limited to 64 bytes
375 *
376 *
377 *****************************************************************************/
378 typedef struct SA_CTX_PROTO_IPSEC_AH_TX_tag
379 {
380 uint32_t numTxPkts;
381 uint32_t numTxPktsHi;
382 uint32_t byteCount;
383 uint32_t byteCountHi;
384 uint32_t rollOverCounter;
385 saIpsecEsn_t esn; /* extended sequence number of the last tx packet */
387 uint16_t ctrlBitfield; /* various IPSEC AH control information in upper 8-bit*/
389 /*
390 * Bit 0-7: Operation Mode
391 * Bit 8-9: Transport Type (Tunnel, Transport) (not used)
392 * Bit 10: ESN flag
393 * Bit 11: Use ENC (Use Encryption Engine for authentication)
394 * Bit 12: CMAC (CMAC mode, K1/k2 is required)
395 * Bit 13-15: Reserved
396 */
397 #define SA_CTX_PROTO_IPSEC_AH_TX_SET_TRANSPORT_TYPE(a,b) UTL_SET_BITFIELD((a), b, 8, 2)
398 #define SA_CTX_PROTO_IPSEC_AH_TX_GET_TRANSPORT_TYPE(a) UTL_GET_BITFIELD((a), 8, 2)
399 #define SA_CTX_PROTO_IPSEC_AH_TX_SET_ESN(a, b) UTL_SET_BITFIELD((a), b, 10, 1)
400 #define SA_CTX_PROTO_IPSEC_AH_TX_ESN_ENABLED(a) UTL_GET_BITFIELD((a), 10, 1)
401 #define SA_CTX_PROTO_IPSEC_AH_TX_SET_USEENC(a, b) UTL_SET_BITFIELD((a), b, 11, 1)
402 #define SA_CTX_PROTO_IPSEC_AH_TX_TEST_USEENC(a) UTL_GET_BITFIELD((a), 11, 1)
403 #define SA_CTX_PROTO_IPSEC_AH_TX_SET_CMAC(a, b) UTL_SET_BITFIELD((a), b, 12, 1)
404 #define SA_CTX_PROTO_IPSEC_AH_TX_TEST_CMAC(a) UTL_GET_BITFIELD((a), 12, 1)
406 uint16_t icvIvSize; /* size of the hash data 0: indicate no authentication */
407 /* size of the initialization vector 0: no IV required */
408 //uint16_t reserved1;
409 uint32_t spi; /* Security Parameters Index */
410 uint16_t salt1; /* Record the session salt key Lo*/
411 uint16_t salt2; /* Record the session salt key Hi*/
412 uint16_t firstEngIdCmdlLen; /* Specify the engine id for the first command */
413 /* Specify the size of the multiple command label */
414 uint16_t aux1[SA_IPSEC_MAX_AUX_SIZE_IN_TUINT]; /* Auxiliary storage space for certain
415 encryption/authentication algorithm */
416 } saCtxProtoIpsecAhTx_t; /* 42/74 bytes */
419 /******************************************************************************
420 * Type: SA_CTX_PROTO_IPSEC_AH_RX_T
421 ******************************************************************************
422 * Description: This structure specifies the IPSEC AH Rx protocol specific Security
423 * context parameters which are initialized by SW and used by
424 * Firmware.
425 *
426 * Note: The parameters which may be updated by the firmware should be arranged
427 * within the first 52 bytes so that the size of the evicted PHP parameters
428 * is limited to 64 bytes
429 *
430 *****************************************************************************/
431 typedef struct SA_CTX_PROTO_IPSEC_AH_RX_tag
432 {
433 saReplayCtl_t replayCtl; /* Replay control block */
435 uint32_t numRxPkts; /* statistics */
436 uint32_t numRxPktsHi;
437 uint32_t numDupPkts;
438 uint32_t numOldPkts;
439 uint32_t numHashFails;
440 uint32_t byteCount;
441 uint32_t byteCountHi;
442 uint16_t ctrlBitfield; /* various IPSEC AH control information in upper 8-bit*/
444 /*
445 * Bit 0-7: Operation mode
446 * Bit 8-9: Transport Type (Tunnel, Transport) (not used)
447 * Bit 10: ESN flag
448 * Bit 11: Use ENC (Use Encryption Engine for authentication)
449 * Bit 12: CMAC (CMAC mode, K1/k2 is required)
450 * Bit 13-14: Reserved
451 * Bit 15: Replay Flag 1: replay check enabled
452 */
453 #define SA_CTX_PROTO_IPSEC_AH_RX_SET_TRANSPORT_TYPE(a,b) UTL_SET_BITFIELD((a), b, 8, 2)
454 #define SA_CTX_PROTO_IPSEC_AH_RX_GET_TRANSPORT_TYPE(a) UTL_GET_BITFIELD((a), 8, 2)
455 #define SA_CTX_PROTO_IPSEC_AH_RX_SET_ESN(a,b) UTL_SET_BITFIELD((a), b, 10, 1)
456 #define SA_CTX_PROTO_IPSEC_AH_RX_ESN_ENABLED(a) UTL_GET_BITFIELD((a), 10, 1)
457 #define SA_CTX_PROTO_IPSEC_AH_RX_SET_USEENC(a, b) UTL_SET_BITFIELD((a), b, 11, 1)
458 #define SA_CTX_PROTO_IPSEC_AH_RX_TEST_USEENC(a) UTL_GET_BITFIELD((a), 11, 1)
459 #define SA_CTX_PROTO_IPSEC_AH_RX_SET_CMAC(a, b) UTL_SET_BITFIELD((a), b, 12, 1)
460 #define SA_CTX_PROTO_IPSEC_AH_RX_TEST_CMAC(a) UTL_GET_BITFIELD((a), 12, 1)
461 #define SA_CTX_PROTO_IPSEC_AH_RX_SET_REPLAY(a,b) UTL_SET_BITFIELD((a), b, 15, 1)
462 #define SA_CTX_PROTO_IPSEC_AH_RX_REPLAY_ENABLED(a) UTL_GET_BITFIELD((a), 15, 1)
464 uint16_t icvIvSize; /* size of the hash data 0: indicate no authentication */
465 /* size of the initialization vector 0: no IV required */
466 //uint16_t reserved1;
467 uint32_t spi; /* Security Parameters Index */
468 uint16_t salt1; /* Record the session salt key Lo*/
469 uint16_t salt2; /* Record the session salt key Hi*/
470 uint16_t firstEngIdCmdlLen; /* Specify the engine id for the first command */
471 /* Specify the size of the multiple command label */
472 uint16_t aux1[SA_IPSEC_MAX_AUX_SIZE_IN_TUINT]; /* Auxiliary storage space for certain
473 encryption/authentication algorithm */
474 } saCtxProtoIpsecAhRx_t; /* 74/106*/
476 /******************************************************************************
477 * Type: SA_CTX_PROTO_IPSEC_ESP_TX_T
478 ******************************************************************************
479 * Description: This structure specifies the IPSEC ESP Tx protocol specific
480 * Security context parameters which are initialized by SW and used
481 * by Firmware.
482 *
483 * Note: The parameters which may be updated by the firmware should be arranged
484 * within the first 52 bytes so that the size of the evicted PHP parameters
485 * is limited to 64 bytes
486 *
487 *****************************************************************************/
488 typedef struct SA_CTX_PROTO_IPSEC_ESP_TX_tag
489 {
490 uint32_t numTxPkts; /* statistics */
491 uint32_t numTxPktsHi;
492 uint32_t byteCount;
493 uint32_t byteCountHi;
494 uint32_t rollOverCounter;
495 saIpsecEsn_t esn; /* extended sequence number of the last tx packet */
497 uint16_t ctrlBitfield; /* various IPSEC AH control information in upper 8-bit*/
499 /*
500 * Bit 0-7: Operation Mode
501 * Bit 8: (not used)
502 * Bit 9: Use 2nd Pair Auth/Enc Engine
503 * Bit 10: ESN flag
504 * Bit 11: Use ENC (Use Encryption Engine for authentication)
505 * Bit 12: CMAC (CMAC mode, K1/k2 is required)
506 * Bit 13: AES-CTR (AES-CTR is used, need to construct the 16-byte IV)
507 * Bit 14: NULL_ENC (no encryption is required)
508 * Bit 15: Random IV (Random IV is required for the encryption operation)
509 */
510 #define SA_CTX_PROTO_IPSEC_ESP_TX_SET_2ND_PAIR_ENG(a,b) UTL_SET_BITFIELD((a), b, 9, 1)
511 #define SA_CTX_PROTO_IPSEC_ESP_TX_GET_2ND_PAIR_ENG(a) UTL_GET_BITFIELD((a), 9, 1)
512 #define SA_CTX_PROTO_IPSEC_ESP_TX_SET_ESN(a, b) UTL_SET_BITFIELD((a), b, 10, 1)
513 #define SA_CTX_PROTO_IPSEC_ESP_TX_ESN_ENABLED(a) UTL_GET_BITFIELD((a), 10, 1)
514 #define SA_CTX_PROTO_IPSEC_ESP_TX_SET_USEENC(a, b) UTL_SET_BITFIELD((a), b, 11, 1)
515 #define SA_CTX_PROTO_IPSEC_ESP_TX_TEST_USEENC(a) UTL_GET_BITFIELD((a), 11, 1)
516 #define SA_CTX_PROTO_IPSEC_ESP_TX_SET_CMAC(a, b) UTL_SET_BITFIELD((a), b, 12, 1)
517 #define SA_CTX_PROTO_IPSEC_ESP_TX_TEST_CMAC(a) UTL_GET_BITFIELD((a), 12, 1)
518 #define SA_CTX_PROTO_IPSEC_ESP_TX_SET_AESCTR(a, b) UTL_SET_BITFIELD((a), b, 13, 1)
519 #define SA_CTX_PROTO_IPSEC_ESP_TX_TEST_AESCTR(a) UTL_GET_BITFIELD((a), 13, 1)
520 #define SA_CTX_PROTO_IPSEC_ESP_TX_SET_NULLENC(a, b) UTL_SET_BITFIELD((a), b, 14, 1)
521 #define SA_CTX_PROTO_IPSEC_ESP_TX_TEST_NULLENC(a) UTL_GET_BITFIELD((a), 14, 1)
522 #define SA_CTX_PROTO_IPSEC_ESP_TX_SET_RANDOM_IV(a, b) UTL_SET_BITFIELD((a), b, 15, 1)
523 #define SA_CTX_PROTO_IPSEC_ESP_TX_TEST_RANDOM_IV(a) UTL_GET_BITFIELD((a), 15, 1)
525 uint16_t icvIvSize; /* size of the hash data 0: indicate no authentication */
526 /* size of the initialization vector 0: no IV required */
527 /* uint16_t reserved1; */
528 /* uint8_t encEngId; */
529 /** Possible Values for engine id:
530 ** 2 - Enc Pass1
531 ** 3 - Enc Pass2
532 ** 4 - Auth Pass1
533 ** 5 - Auth Pass2
534 ** 6 - Enc1 Pass1
535 ** 7 - Enc1 Pass2
536 ** 10 - Auth1 Pass1
537 ** 11 - Auth1 Pass2
538 ** */
539 //uint16_t engPairSel; /* selected engine id: first byte - encryption; second byte - authentication */
540 uint32_t spi; /* Security Parameters Index */
541 uint16_t salt1; /* Record the session salt key Lo*/
542 uint16_t salt2; /* Record the session salt key Hi*/
543 uint16_t firstEngIdCmdlLen; /* Specify the engine id for the first command */
544 /* Specify the size of the multiple command label */
545 uint16_t aux1[SA_IPSEC_MAX_AUX_SIZE_IN_TUINT]; /* Auxiliary storage space for certain
546 encryption/authentication algorithm */
548 } saCtxProtoIpsecEspTx_t; /* 42/74 bytes */
551 /******************************************************************************
552 * Type: SA_CTX_PROTO_IPSEC_ESP_RX_T
553 ******************************************************************************
554 * Description: This structure specifies the IPSEC ESP Rx protocol specific
555 * security context parameters which are initialized by SW and used
556 * by Firmware.
557 *
558 * Note: The parameters which may be updated by the firmware should be arranged
559 * within the first 52 bytes so that the size of the evicted PHP parameters
560 * is limited to 64 bytes
561 *
562 *
563 *****************************************************************************/
564 typedef struct SA_CTX_PROTO_IPSEC_ESP_RX_tag
565 {
566 saReplayCtl_t replayCtl; /* Replay control block */
568 uint32_t numRxPkts;
569 uint32_t numRxPktsHi;
570 uint32_t numDupPkts;
571 uint32_t numOldPkts;
572 uint32_t numHashFails;
573 uint32_t byteCount;
574 uint32_t byteCountHi;
575 uint16_t ctrlBitfield; /* various IPSEC AH control information in upper 8-bit*/
577 /*
578 * Bit 0-7: Operation Mode
579 * Bit 8: (not used)
580 * Bit 9: Use 2nd Pair Auth/Enc Engine
581 * Bit 10: ESN flag
582 * Bit 11: Use ENC (Use Encryption Engine for authentication)
583 * Bit 12: CMAC (CMAC mode, K1/k2 is required)
584 * Bit 13: AES-CTR (AES-CTR is used, need to construct the 16-byte IV)
585 * Bit 14: NULL_ENC (no encryption is required)
586 * Bit 15: Replay Flag 1: replay check enabled
587 */
588 #define SA_CTX_PROTO_IPSEC_ESP_RX_SET_2ND_PAIR_ENG(a,b) UTL_SET_BITFIELD((a), b, 9, 1)
589 #define SA_CTX_PROTO_IPSEC_ESP_RX_GET_2ND_PAIR_ENG(a) UTL_GET_BITFIELD((a), 9, 1)
590 #define SA_CTX_PROTO_IPSEC_ESP_RX_SET_ESN(a,b) UTL_SET_BITFIELD((a), b, 10, 1)
591 #define SA_CTX_PROTO_IPSEC_ESP_RX_ESN_ENABLED(a) UTL_GET_BITFIELD((a), 10, 1)
592 #define SA_CTX_PROTO_IPSEC_ESP_RX_SET_USEENC(a, b) UTL_SET_BITFIELD((a), b, 11, 1)
593 #define SA_CTX_PROTO_IPSEC_ESP_RX_TEST_USEENC(a) UTL_GET_BITFIELD((a), 11, 1)
594 #define SA_CTX_PROTO_IPSEC_ESP_RX_SET_CMAC(a, b) UTL_SET_BITFIELD((a), b, 12, 1)
595 #define SA_CTX_PROTO_IPSEC_ESP_RX_TEST_CMAC(a) UTL_GET_BITFIELD((a), 12, 1)
596 #define SA_CTX_PROTO_IPSEC_ESP_RX_SET_AESCTR(a, b) UTL_SET_BITFIELD((a), b, 13, 1)
597 #define SA_CTX_PROTO_IPSEC_ESP_RX_TEST_AESCTR(a) UTL_GET_BITFIELD((a), 13, 1)
598 #define SA_CTX_PROTO_IPSEC_ESP_RX_SET_NULLENC(a, b) UTL_SET_BITFIELD((a), b, 14, 1)
599 #define SA_CTX_PROTO_IPSEC_ESP_RX_TEST_NULLENC(a) UTL_GET_BITFIELD((a), 14, 1)
600 #define SA_CTX_PROTO_IPSEC_ESP_RX_SET_REPLAY(a,b) UTL_SET_BITFIELD((a), b, 15, 1)
601 #define SA_CTX_PROTO_IPSEC_ESP_RX_REPLAY_ENABLED(a) UTL_GET_BITFIELD((a), 15, 1)
603 uint16_t icvIvSize; /* size of the hash data 0: indicate no authentication */
604 /* size of the initialization vector 0: no IV required */
605 /* uint16_t reserved1; */
606 //uint16_t engPairSel; /* selected engine id: first byte - encryption; second byte - authentication */
607 /** Possible Values for engine id:
608 ** 2 - Enc Pass1
609 ** 3 - Enc Pass2
610 ** 4 - Auth Pass1
611 ** 5 - Auth Pass2
612 ** 6 - Enc1 Pass1
613 ** 7 - Enc1 Pass2
614 ** 10 - Auth1 Pass1
615 ** 11 - Auth1 Pass2
616 ** */
617 uint32_t spi; /* Security Parameters Index */
618 uint16_t salt1; /* Record the session salt key Lo*/
619 uint16_t salt2; /* Record the session salt key Hi*/
620 uint16_t firstEngIdCmdlLen; /* Specify the engine id for the first command */
621 /* Specify the size of the multiple command label */
622 uint16_t aux1[SA_IPSEC_MAX_AUX_SIZE_IN_TUINT]; /* Auxiliary storage space for certain
623 encryption/authentication algorithm */
625 } saCtxProtoIpsecEspRx_t; /* (74/106) 70 bytes + salt(GCM, CCM) or aux1(CMAC only) */
627 /* Air Cipher operation related definitions */
628 #define SA_AC_MAX_HDR_SIZE 2
630 /******************************************************************************
631 * Type: SA_AC_ENCRYPT_MODE_T
632 ******************************************************************************
633 * Description: Define the Air Cipher Encryption modes
634 *****************************************************************************/
635 #define SA_AC_ENCRYPT_MODE_NULL 0 /* No encryption */
636 #define SA_AC_ENCRYPT_MODE_F8 1 /* Air Cipher F8 mode */
638 /******************************************************************************
639 * Type: SA_AC_ALGORITHM_T
640 ******************************************************************************
641 * Description: Define the Air Cipher Core Alogritms
642 *****************************************************************************/
643 #define SA_AC_ALGORITHM_GSM_A53 0 /* GSM A5/3 encryption */
644 #define SA_AC_ALGORITHM_KASUMI 1 /* Kasumi algorithm */
645 #define SA_AC_ALGORITHM_SNOW3G 2 /* Snow 3G algorithm */
646 #define SA_AC_ALGORITHM_AES 3 /* AES CTR/CMAC algorithm */
647 #define SA_AC_ALGORITHM_ZUC 4 /* ZUC algorithm */
650 /******************************************************************************
651 * Type: SA_AC_SN_TYPE_T
652 ******************************************************************************
653 * Description: Define the Air Cipher Sequence Number Type
654 *****************************************************************************/
655 #define SA_AC_SN_TYPE_NONE 0 /* No sequence number */
656 #define SA_AC_SN_TYPE_RLC_UM 1 /* RLC UM */
657 #define SA_AC_SN_TYPE_RLC_AM 2 /* RLC AM */
658 #define SA_AC_SN_TYPE_RLC_TM 3 /* RLC TM */
660 /* AC operation related constant definitions */
661 #define SA_AC_MAX_AUX_SIZE 32 /* store 16-byte K1 and K2 for CMAC */
662 #define SA_AC_MAX_AUX_SIZE_IN_TUINT SALLD_BYTE_TO_TUINT(SA_AC_MAX_AUX_SIZE)
665 /******************************************************************************
666 * Type: SA_CTX_PROTO_AC_T
667 ******************************************************************************
668 * Description: This structure specifies the Air Cipher protocol specific
669 * security context parameters which are initialized by SW and used
670 * by Firmware.
671 *
672 * Note: The parameters which may be updated by the firmware should be arranged
673 * within the first 42 bytes so that the size of the evicted PHP parameters
674 * is limited to 64 bytes
675 *
676 *****************************************************************************/
677 typedef struct SA_CTX_PROTO_AC_tag
678 {
679 uint32_t numPkts;
680 uint32_t numPktsHi;
681 uint32_t numHashFails;
683 uint32_t countC; /* The high bits, HFN, for the frame counter
684 * RLC AM: the high 20 bits are used
685 * RLC UM: the high 25 bits are used
686 * RLC TM: the high 25 bits are used
687 */
688 uint32_t fresh; /* 32-bit random number required for some
689 * integrity check algorithm
690 */
691 uint16_t ctrlBitfield; /* various Air Cipher control information */
692 /*
693 * Bit 0-2: Cor Algorithm (0=GSM A5/3, 1=Kasumi 2=SNOW 3G, 3=AES CTR)
694 * Bit 3 : IV present in payload (For GSM PDUs)
695 * Bit 4 : Header present in payload (For WCDMA RLC UMD/AMD PDUs)
696 * Bit 5 : Count-C present in payload (For WDCMA MAC TMD PUD and LTE PDCP PDUs)
697 * Bit 6 : Insert Count-C into PDU (For WCDMA and LTE in to-air direction)
698 * Bit 7 : Direction (0:UE to RNC(uplink);1:RNC to UE(downlink))
699 * Bit 8 : Encryption flag (0: No Encryption)
700 * Bit 9 : Authentication flag (0: No Authentication)
701 * Bit 10: CMAC (CMAC mode, K1/k2 is required)
702 * Bit 11: KASUMI_F9 (KASUMI F9, Padding isertion may be required)
703 * Bit 12: Key in scratch
704 * Bit 13: Kasumi-F8 operation (modKey needs to be supplied by command label)
705 * Bit 14: Snow3G_ZUC
706 * Bit 15: F8F9 (single-PASS operation)
707 */
708 #define SA_CTX_PROTO_AC_SET_ALGORITHM(a,b) UTL_SET_BITFIELD((a), b, 0, 3)
709 #define SA_CTX_PROTO_AC_GET_ALGORITHM(a) UTL_GET_BITFIELD((a), 0, 3)
710 #define SA_CTX_PROTO_AC_SET_FLAG_IV(a,b) UTL_SET_BITFIELD((a), b, 3, 1)
711 #define SA_CTX_PROTO_AC_GET_FLAG_IV(a) UTL_GET_BITFIELD((a), 3, 1)
712 #define SA_CTX_PROTO_AC_SET_FLAG_HDR(a,b) UTL_SET_BITFIELD((a), b, 4, 1)
713 #define SA_CTX_PROTO_AC_GET_FLAG_HDR(a) UTL_GET_BITFIELD((a), 4, 1)
714 #define SA_CTX_PROTO_AC_SET_FLAG_COUNT_C(a,b) UTL_SET_BITFIELD((a), b, 5, 1)
715 #define SA_CTX_PROTO_AC_GET_FLAG_COUNT_C(a) UTL_GET_BITFIELD((a), 5, 1)
716 #define SA_CTX_PROTO_AC_SET_FLAG_INS_COUNT_C(a,b) UTL_SET_BITFIELD((a), b, 6, 1)
717 #define SA_CTX_PROTO_AC_GET_FLAG_INS_COUNT_C(a) UTL_GET_BITFIELD((a), 6, 1)
718 #define SA_CTX_PROTO_AC_SET_DIR(a,b) UTL_SET_BITFIELD((a), b, 7, 1)
719 #define SA_CTX_PROTO_AC_GET_DIR(a) UTL_GET_BITFIELD((a), 7, 1)
720 #define SA_CTX_PROTO_AC_SET_FLAG_ENC(a,b) UTL_SET_BITFIELD((a), b, 8, 1)
721 #define SA_CTX_PROTO_AC_GET_FLAG_ENC(a) UTL_GET_BITFIELD((a), 8, 1)
722 #define SA_CTX_PROTO_AC_SET_FLAG_AUTH(a,b) UTL_SET_BITFIELD((a), b, 9, 1)
723 #define SA_CTX_PROTO_AC_GET_FLAG_AUTH(a) UTL_GET_BITFIELD((a), 9, 1)
724 #define SA_CTX_PROTO_AC_SET_FLAG_CMAC(a,b) UTL_SET_BITFIELD((a), b, 10, 1)
725 #define SA_CTX_PROTO_AC_GET_FLAG_CMAC(a) UTL_GET_BITFIELD((a), 10, 1)
726 #define SA_CTX_PROTO_AC_SET_FLAG_KASUMI_F9(a,b) UTL_SET_BITFIELD((a), b, 11, 1)
727 #define SA_CTX_PROTO_AC_GET_FLAG_KASUMI_F9(a) UTL_GET_BITFIELD((a), 11, 1)
728 #define SA_CTX_PROTO_AC_SET_FLAG_KEY_IN_SCRATCH(a,b) UTL_SET_BITFIELD((a), b, 12, 1)
729 #define SA_CTX_PROTO_AC_GET_FLAG_KEY_IN_SCRATCH(a) UTL_GET_BITFIELD((a), 12, 1)
730 #define SA_CTX_PROTO_AC_SET_FLAG_KASUMI_F8(a,b) UTL_SET_BITFIELD((a), b, 13, 1)
731 #define SA_CTX_PROTO_AC_GET_FLAG_KASUMI_F8(a) UTL_GET_BITFIELD((a), 13, 1)
732 #define SA_CTX_PROTO_AC_SET_FLAG_SNOW3G_ZUC(a,b) UTL_SET_BITFIELD((a), b, 14, 1)
733 #define SA_CTX_PROTO_AC_GET_FLAG_SNOW3G_ZUC(a) UTL_GET_BITFIELD((a), 14, 1)
734 #define SA_CTX_PROTO_AC_SET_FLAG_F8F9(a,b) UTL_SET_BITFIELD((a), b, 15, 1)
735 #define SA_CTX_PROTO_AC_GET_FLAG_F8F9(a) UTL_GET_BITFIELD((a), 15, 1)
736 #define SA_CTX_PROTO_AC_FLAG_IV_PRESENT 0x0008
737 #define SA_CTX_PROTO_AC_FLAG_HDR_PRESENT 0x0010
738 #define SA_CTX_PROTO_AC_FLAG_COUNTC_PRESENT 0x0020
739 #define SA_CTX_PROTO_AC_FLAG_COUNTC_INSERT 0x0040
741 uint16_t ctrlBitfield2; /* various Air Cipher control information */
742 /*
743 * Bit 0 : Copy Count-C into timestamp filed at the descriptor
744 * Bit 1-15 : Reserved
745 */
746 #define SA_CTX_PROTO_AC_SET_FLAG_COPY_COUNT_C(a,b) UTL_SET_BITFIELD((a), b, 0, 1)
747 #define SA_CTX_PROTO_AC_GET_FLAG_COPY_COUNT_C(a) UTL_GET_BITFIELD((a), 0, 1)
748 #define SA_CTX_PROTO_AC_FLAG_COUNTC_COPY 0x0001
750 uint16_t firstEngIdCmdlLen; /* Specify the engine id for the first command */
751 /* Specify the size of the multiple command label */
753 /*
754 * The following parameters are used to extract the sequence number from the PDU header
755 * hdr_size: size ofPDU Header in bytes
756 * seq_num_size: size of the sequence number inside the header in bits
757 * seq_num_shift:
758 */
760 uint16_t hdrSizeAuthHdrSize;
761 /* additional PCDP header to be authenticated, but not encrypted */
762 uint16_t seqNumSizeShift;
763 /* uint8_t seq_num_shift; */
765 uint16_t bearerIvSize; /* 5-bit Bearer identity */
766 /* uint8_t iv_size; */
767 /*
768 * F8F9 option type
769 * 7:6 M: Number of option bytes in the beginning of payload
770 * 5:5 Tx bit: 0: F8 followed by F9
771 * 1: F9 followed by F8
772 * 6:0 Packet Type as specified above
773 */
774 #define SA_F8F9_OPT_M_SHIFT 6
775 #define SA_F8F9_OPT_M_MASK 0x03
776 #define SA_F8F9_OPT_TX 0x20
777 #define SA_F8F9_OPT_RX 0x00
779 uint16_t ivOptIcvSize; /* The IV command option (or F8F9 option) */
780 /* The size of authentication tag in bytes. */
783 /* Note: encKeyOffset and macKeyOffset must be set in conjunction
784 with SA_CTX_PROTO_AC_GET_FLAG_KEY_IN_SCRATCH */
785 uint16_t encKeyOffset; /* enc key byte offset in scratch memory */
786 uint32_t ivLow26; /* The low 26-bits for the initialization vector
787 * for 3GPP F8 these should be set to zero */
788 uint16_t macKeyOffset; /* mac key byte offset in scratch memory */
789 uint16_t aux1[SA_AC_MAX_AUX_SIZE_IN_TUINT]; /* Auxiliary storage space for certain
790 authentication algorithm */
792 } saCtxProtoAc_t; /* 42/74 bytes */
794 /******************************************************************************
795 * Type: SA_CTX_PROTO_DM_T
796 ******************************************************************************
797 * Description: This structure specifies the Data Mode specific
798 * security context parameters which are initialized by SW and used
799 * by Firmware.
800 *
801 * Note: The parameters which may be updated by the firmware should be arranged
802 * within the first 42 bytes so that the size of the evicted PHP parameters
803 * is limited to 64 bytes
804 *
805 *****************************************************************************/
806 typedef struct SA_CTX_PROTO_DM_tag
807 {
808 uint32_t numPkts;
809 uint32_t numPktsHi;
811 uint16_t firstEngIdTagSize; /* Specify the engine id for the first command and tag Size (round to 8 byte alignement) */
812 uint16_t rsvd;
814 } saCtxProtoDm_t; /* 12 bytes */
816 /******************************************************************************
817 * Type: SA_CTX_PROTO_PARAMS_T
818 ******************************************************************************
819 * Description: This is a simple union of the proto specific security
820 * context parameter
821 *
822 *****************************************************************************/
823 typedef union
824 {
825 saCtxProtoSrtpTx_t srtpTx;
826 saCtxProtoSrtpRx_t srtpRx;
827 saCtxProtoIpsecAhTx_t ipsecAhTx;
828 saCtxProtoIpsecAhRx_t ipsecAhRx;
829 saCtxProtoIpsecEspTx_t ipsecEspTx;
830 saCtxProtoIpsecEspRx_t ipsecEspRx;
831 saCtxProtoAc_t airCipher;
832 saCtxProtoDm_t dataMode;
833 uint16_t data[54];
835 } SA_CTX_PROTO_PARAMS_T;
838 /******************************************************************************
839 * Type: SA_CTX_PKT_TYPE_T
840 ******************************************************************************
841 * Description: This type represents the various packet types to be processed
842 * by the SA. It is used to identify the corresponding PHP
843 * processing function.
844 *****************************************************************************/
845 typedef uint8_t SA_CTX_PKT_TYPE_T;
846 #define SA_CTX_PKT_TYPE_3GPP_AIR 0 /* 3GPP Air Cipher */
847 #define SA_CTX_PKT_TYPE_SRTP 1 /* SRTP */
848 #define SA_CTX_PKT_TYPE_IPSEC_AH 2 /* IPSec Authentication Header */
849 #define SA_CTX_PKT_TYPE_IPSEC_ESP 3 /* IPSec Encapsulating Security Payload */
850 #define SA_CTX_PKT_TYPE_NONE 4 /* Indicates that it is in data mode,
851 It may not be used by PHP */
852 #define SA_CTX_PKT_TYPE_MAX SA_CTX_PKT_TYPE_NONE
855 /******************************************************************************
856 * Type: SA_CTX_COMMON_PARAMS_T
857 ******************************************************************************
858 * Description: This structure defines the SA Security Context parameters
859 * which are common to all protocols.
860 *
861 *****************************************************************************/
862 typedef struct SA_CTX_COMMON_PARAMS_tag
863 {
864 uint16_t ctrlFlagsDmaInfo;
866 #define SA_CTX_SCCTL_FLAG_OWNER 0x8000
867 /*
868 * The following bit will be set by the host to indicate that it is waiting
869 * for SA to write back the latest scurity context with this bit cleared.
870 *
871 * It is primarily used for statistics query
872 */
874 #define SA_CTX_SCCTL_FLAG_WAIT_UPDATE 0x4000
876 uint16_t ctxId; /* Security Context ID, filled by Hardware */
877 uint32_t ctxPtr; /* Security Context Pointer, filled by Hardware */
879 /*
880 * Packet information type
881 * 7:7 Packet Direction: 0: Tx (To Netwrk) (3GPP: From Air (uplink))
882 * 1: Rx (From Network) (3GPP: To Air (downlink)
883 * 6:6 Use Local DMA : 0: Use global DMA (default)
884 * 1: Use local DMA (thread Id |= 0x08 thread Id
885 * 5:0 Packet Type as specified above
886 */
887 #define SA_CTX_PKT_DIR_RX 0x80
888 #define SA_CTX_PKT_DIR_TX 0x00
889 #define SA_CTX_CTRL_USE_LOC_DMA 0x40
890 uint16_t pktInfoByteFlowIndex;
891 uint16_t destQueueId; /* Destination Queue ID */
892 uint32_t swInfo0; /* channel identifier: to be written to the swInfo0 in the packet descriptor */
893 uint32_t swInfo1; /* channel identifier: to be written to the swInfo0 in the packet descriptor */
894 uint16_t pktId; /* Packet ID: upper 8-bit during PHP Pass1 */
895 /* Lower 8-bit reserved for PDSP */
896 } SA_CTX_COMMON_PARAMS_T;
898 #define SA_CTX_SCCTL_SIZE 8
899 //#define SA_CTX_PHP_COMMON_SIZE (sizeof(SA_CTX_COMMON_PARAMS_T)*SALLD_SIZE_OF_WORD_IN_BYTE)
900 #define SA_CTX_PHP_COMMON_SIZE 22
901 /*
902 * These offsets indicate the offset in security context, from the end of common ctx to the
903 * aux1 field.
904 */
905 #define SA_CTX_ESP_AUX_OFFSET_TX 42
906 #define SA_CTX_ESP_AUX_OFFSET_RX 74
907 #define SA_CTX_AH_AUX_OFFSET_TX 42
908 #define SA_CTX_AH_AUX_OFFSET_RX 74
909 /*
910 * Bit 0-1: Fetch PHP Bytes
911 * Bit 2-3: Fetch Encryption/Air Ciphering Bytes
912 * Bit 4-5: Fetch Authentication Bytes for non sa2ul generations
913 * Bit 6-7: Evict PHP Bytes for non sa2ul generations
914 * Bit 4-6: Fetch Auth Bytes Applicable for sa2ul
915 * Bit 7 : Evict SCCTL word Applicable for sa2ul
916 *
917 * where 00 = 0 bytes where it also means 256 bytes for PHP
918 * 01 = 64 bytes
919 * 10 = 96 bytes
920 * 11 = 128 bytes
921 * 100 = 160 bytes (applicable for SA2UL only)
922 */
923 #define SA_CTX_DMA_SIZE_0 0
924 #define SA_CTX_DMA_SIZE_64 1
925 #define SA_CTX_DMA_SIZE_96 2
926 #define SA_CTX_DMA_SIZE_128 3
928 #if defined (SOC_AM65XX)
929 #define SA_CTX_DMA_SIZE_160 4
930 #define SA_CTX_SCCTL_MK_DMA_INFO(fetch, enc, auth, evict) ((fetch) | \
931 ((enc) << 2) | \
932 ((auth) << 4) | \
933 ((evict) << 7))
934 #else
935 #define SA_CTX_SCCTL_MK_DMA_INFO(php_f, enc, auth, php_e) ((php_f) | \
936 ((enc) << 2) | \
937 ((auth) << 4) | \
938 ((php_e) << 6))
939 #endif
940 /*
941 * Assumption: CTX size is mutilpe of 32
942 */
943 #define SA_CTX_SIZE_TO_DMA_SIZE(ctxSize) ((ctxSize)?((ctxSize)/32 - 1):0)
945 typedef struct
946 {
947 uint16_t phpFetchSize;
948 uint16_t engFetchSize[2];
949 uint16_t phpEvictSize;
951 } saDMAReqInfo_t;
953 #define SA_CTX_PHP_SRTP_TX_SIZE 64
954 #define SA_CTX_PHP_SRTP_RX_SIZE 128
955 #define SA_CTX_PHP_IPSEC_TX_TYPE1_SIZE 64
956 #define SA_CTX_PHP_IPSEC_TX_TYPE2_SIZE 96 /* Including CMAC K1/K2 */
957 #define SA_CTX_PHP_IPSEC_RX_TYPE1_SIZE 96
958 #define SA_CTX_PHP_IPSEC_RX_TYPE2_SIZE 128 /* Including CMAC K1/K2 */
960 #define SA_CTX_PHP_AC_SIZE 64
961 #define SA_CTX_PHP_AC_TYPE1_SIZE 64
962 #define SA_CTX_PHP_AC_TYPE2_SIZE 96 /* Including CMAC K1/K2 */
964 #define SA_CTX_PHP_DATA_MODE_SIZE 64
967 /******************************************************************************
968 * Type: SA_CTX_HPS_T
969 ******************************************************************************
970 * Description: This structure defines the SA Security Context parameters of
971 * the packet Header Processing Subsystem
972 *
973 * Note: This data structure is defined here for reference in concept.
974 * It is not used in the code.
975 * The Ctx command parameters and protocol-specific parameters are constructed
976 * independently as two big-endian byte arrays. There is no need to consider
977 * the alignment and padding between parameter common and proto.
978 *
979 *****************************************************************************/
980 typedef struct SA_CTX_HPS_tag
981 {
982 SA_CTX_COMMON_PARAMS_T common; /* Common Parameters */
983 SA_CTX_PROTO_PARAMS_T proto; /* Protocol Specific Parameters */
984 } SA_CTX_HPS_T;
987 #define SA_MODE_CTRL_WORD_SIZE_IN_BYTE 27
989 #define SA_ENC_KEY_SIZE_IN_UINT32 8
990 #define SA_ENC_AUX1_SIZE_IN_UINT32 8
991 #define SA_ENC_AUX2_SIZE_IN_UINT32 4
992 #define SA_ENC_AUX3_SIZE_IN_UINT32 4
993 #define SA_ENC_AUX4_SIZE_IN_UINT32 4
994 #define SA_ENC_RESERVED2_SIZE_IN_UINT32 4
996 #define SA_ENC_KEY_OFFSET 32
997 #define SA_ENC_AUX1_OFFSET 64
998 #define SA_ENC_AUX2_OFFSET 96
999 #define SA_ENC_AUX3_OFFSET 112
1000 #define SA_ENC_AUX4_OFFSET 128
1003 #define SA_ENC_KEY_OFFSET_IN_UINT64 4
1004 #define SA_ENC_AUX1_OFFSET_IN_UINT64 8
1005 #define SA_ENC_AUX2_OFFSET_IN_UINT64 12
1006 #define SA_ENC_AUX3_OFFSET_IN_UINT64 14
1007 #define SA_ENC_AUX4_OFFSET_IN_UINT64 16
1009 #define SA_CTX_ENC_TYPE1_SIZE 64 /* Including Key only */
1010 #define SA_CTX_ENC_TYPE2_SIZE 96 /* Including Key and Aux1 */
1013 /* GCM Operation related definitions */
1014 #define SA_GCM_CMDL_SIZE 48 /* GCM Command Label Including
1015 * - Basic Parameters (8 byte)
1016 * - Length C (8 byte)
1017 * - AAD (Additional Authentication Data) (16 byte)
1018 * - AES-CTR IV (16 byte)
1019 */
1020 #define SA_GCM_ENC_SC_SIZE SA_CTX_ENC_TYPE2_SIZE /* Including Key and Aux1 */
1021 #define SA_GCM_IV_SIZE 16 /* AES-CTR IV */
1022 #define SA_GCM_ENG_ID SALLD_CMDL_ENGINE_ID_ES1
1024 #define SA_GCM_ENC_AUX1_LENA_OFFSET 23 /* Aux1 location to store the GCM Length A */
1025 #define SA_GCM_ESP_AAD_LEN1 8 /* GCM IPSEC Length A with ESN Disabled */
1026 /* AAD: SPI + SN */
1027 #define SA_GCM_ESP_AAD_LEN2 12 /* GCM IPSEC Length A with ESN Enabled */
1028 /* AAD: SPI + ESN */
1029 #define SA_GCM_CMDL_OPT1 SALLD_CMDL_MK_OPTION_CTRL((SA_ENC_AUX1_OFFSET + 24), 8)
1030 #define SA_GCM_CMDL_OPT2 SALLD_CMDL_MK_OPTION_CTRL((SA_ENC_AUX2_OFFSET), 16)
1031 #define SA_GCM_CMDL_OPT3 SALLD_CMDL_MK_OPTION_CTRL((SA_ENC_AUX3_OFFSET), 16)
1033 /* CCM Operation related definitions */
1034 #define SA_CCM_CMDL_SIZE 56 /* CCM Command Label Including
1035 * - Basic Parameters (8 byte)
1036 * - CCM B0 (16 byte)
1037 * - CCM B1 (AAD and etc.) (16 byte)
1038 * - CCM Counter (16 byte)
1039 */
1040 #define SA_CCM_ENC_SC_SIZE SA_CTX_ENC_TYPE1_SIZE /* Including Key only */
1041 #define SA_CCM_IV_SIZE 16 /* AES-CTR IV */
1042 #define SA_CCM_ENG_ID SALLD_CMDL_ENGINE_ID_ES1
1044 #define SA_CCM_CMDL_OPT1 SALLD_CMDL_MK_OPTION_CTRL((SA_ENC_AUX2_OFFSET), 16)
1045 #define SA_CCM_CMDL_OPT2 SALLD_CMDL_MK_OPTION_CTRL((SA_ENC_AUX3_OFFSET), 16)
1046 #define SA_CCM_CMDL_OPT3 SALLD_CMDL_MK_OPTION_CTRL((SA_ENC_AUX4_OFFSET), 16)
1049 /* AES-CTR Operation related definitions */
1050 #define SA_AESCTR_CMDL_SIZE 24 /* AES-CTR Command Label Including
1051 * - Basic Parameters (8 byte)
1052 * - AEs-CTR IV (16 byte)
1053 */
1054 #define SA_AESCTR_ENC_SC_SIZE SA_CTX_ENC_TYPE1_SIZE /* Including Key only */
1055 #define SA_AESCTR_IV_SIZE 16 /* AES-CTR IV */
1056 #define SA_AESCTR_ENG_ID SALLD_CMDL_ENGINE_ID_ES1
1059 /* GMAC Operation related definitions */
1060 #define SA_GMAC_CMDL_SIZE 48 /* GMAC Command Label Including
1061 * - Basic Parameters (8 byte)
1062 * - Length A (8 byte)
1063 * - AAD (Additional Authentication Data) (16 byte)
1064 * - AES-CTR IV (16 byte)
1065 */
1066 #define SA_GMAC_CMDL_SIZE_NOAAD 32 /* GMAC Command Label Including
1067 * - Basic Parameters (8 byte)
1068 * - Length A (8 byte)
1069 * - AES-CTR IV (16 byte)
1070 */
1072 #define SA_GMAC_ENC_SC_SIZE SA_CTX_ENC_TYPE2_SIZE /* Including Key and Aux1 */
1073 #define SA_GMAC_IV_SIZE 16 /* AES-CTR IV */
1074 #define SA_GMAC_ENG_ID SALLD_CMDL_ENGINE_ID_ES1
1076 #define SA_GMAC_ESP_AAD_LEN1 8 /* GMAC IPSEC Length A with ESN Disabled */
1077 /* AAD: SPI + SN */
1078 #define SA_GMAC_ESP_AAD_LEN2 12 /* GMAC IPSEC Length A with ESN Enabled */
1079 /* AAD: SPI + ESN */
1081 #define SA_GMAC_CMDL_OPT1 SALLD_CMDL_MK_OPTION_CTRL((SA_ENC_AUX1_OFFSET + 16), 8)
1082 #define SA_GMAC_CMDL_OPT2 SALLD_CMDL_MK_OPTION_CTRL((SA_ENC_AUX2_OFFSET), 16)
1083 #define SA_GMAC_CMDL_OPT3 SALLD_CMDL_MK_OPTION_CTRL((SA_ENC_AUX3_OFFSET), 16)
1086 /* CMAC Operation related definitions */
1087 #define SA_CMAC_CMDL_SIZE 24 /* CMAC Command Label Including
1088 * - Basic Parameters (8 byte)
1089 * - K1/K2 (16 byte)
1090 */
1091 #define SA_CMAC_ENC_SC_SIZE SA_CTX_ENC_TYPE1_SIZE /* Including Key */
1092 #define SA_CMAC_IV_SIZE 0 /* IV is not used */
1093 #define SA_CMAC_ENG_ID SALLD_CMDL_ENGINE_ID_ES1
1095 /* SRTP Operation related definitions */
1096 #define SA_SRTP_IV_SIZE 16
1098 /******************************************************************************
1099 * Type: SA_CTX_ENC_T
1100 ******************************************************************************
1101 * Description: This structure defines the SA Security Context parameters
1102 * of the Encryption Engine.
1103 *
1104 *****************************************************************************/
1105 typedef struct SA_CTX_ENC_tag
1106 {
1107 uint16_t ctrlBitMap_1stCtrlWord;
1109 #define SA_ENC_MODE_SEL_MASK 0x80
1110 #define SA_ENC_MODE_SEL_ENC 0x00
1111 #define SA_ENC_MODE_SEC_NULL 0x80
1112 #define SA_ENC_DEFAULT_ENG_ID_MASK 0x1F
1114 /*
1115 * The reserved 2 bits will be used to contain the limited encryption modes
1116 * supported by the simulator
1117 */
1118 #define SA_SIM_ES_MODE_SEL_MASK 0x60
1119 #define SA_SIM_ES_MODE_SEL_SHIFT 5
1121 /* Encyrtion Modes supported by Encryption Engine Pass 1 & 2 (Encryption) */
1122 /* Note: Both encryption and authentication modes need to share the common index */
1123 #define SA_SIM_ES_ENC_MODE_NOT_SUPPORTED 0
1124 #define SA_SIM_ES_ENC_MODE_AESCTR 1
1125 #define SA_SIM_ES_ENC_MODE_GCM 2
1126 #define SA_SIM_ES_ENC_MODE_RESERVED1 3
1128 /* Authentications Modes supported by Encryption Engine Pass 1 & 2 (Authentication) */
1129 #define SA_SIM_ES_AUTH_MODE_NOT_SUPPORTED 0
1130 #define SA_SIM_ES_AUTH_MODE_RESERVED1 1
1131 #define SA_SIM_ES_AUTH_MODE_RESERVED2 2
1132 #define SA_SIM_ES_AUTH_MODE_CMAC 3
1134 #define SA_SIM_ES_GET_FUNC_INDEX(x) (((x)&SA_SIM_ES_MODE_SEL_MASK) >> SA_SIM_ES_MODE_SEL_SHIFT)
1135 #define SA_SIM_ES_SET_FUNC_INDEX(a,b) UTL_SET_BITFIELD((a), b, 5, 2)
1138 uint16_t ctrlWord[(SA_MODE_CTRL_WORD_SIZE_IN_BYTE - 1)/2];
1140 uint32_t reserved1;
1142 /*
1143 * Key used for cipher operation, this key can also be loaded in-band
1144 * via option bytes
1145 */
1146 uint16_t encKey[SA_ENC_KEY_SIZE_IN_UINT32*2];
1148 /*
1149 * This field is used to store auxiliary data. This field is required
1150 * to support certain encryption modes like CCM to store second key and
1151 * can be loaded in-band via option bytes. Mode control engine cannot
1152 * alter the value of this field
1153 */
1154 uint16_t aux1[SA_ENC_AUX1_SIZE_IN_UINT32*2];
1156 /*
1157 * This is second Aux data that can be used if the encryption mode require IV.
1158 * This value can be altered by Mode control engine and can also be loaded
1159 * in-band via option bytes.
1160 */
1161 uint16_t aux2[SA_ENC_AUX2_SIZE_IN_UINT32*2];
1163 /*
1164 * This is third Aux data that can be used if the encryption mode require nonce.
1165 * This value can be altered by Mode control engine and can also be loaded in-band
1166 * via option bytes.
1167 *
1168 */
1169 uint16_t aux3[SA_ENC_AUX3_SIZE_IN_UINT32*2];
1171 /*
1172 * Aux data 4 is used to store intermediate mode control data to be used for
1173 * next block. This space cannot be loaded from main host, but can be loaded
1174 * in-band via via option bytes
1175 */
1176 uint16_t aux4[SA_ENC_AUX4_SIZE_IN_UINT32*2];
1178 /*
1179 * Reserved Used by Engine only
1180 */
1181 uint16_t reserved2[SA_ENC_RESERVED2_SIZE_IN_UINT32*2];
1182 } saCtxEnc_t;
1184 #define SA_CTX_AUTH_SIZE_IN_BYTES 160
1185 #define SA_AUTH_KEY_SIZE_IN_UINT32 8
1186 #define SA_AUTH_AUX1_SIZE_IN_UINT32 8
1187 #define SA_AUTH_AUX2_SIZE_IN_UINT32 8
1188 #define SA_AUTH_RESERVED2_SIZE_IN_UINT32 8
1190 #define SA_AUTH_KEY_OFFSET 32
1191 #define SA_AUTH_AUX1_OFFSET 64
1192 #define SA_AUTH_AUX2_OFFSET 96
1194 #define SA_AUTH_KEY_OFFSET_IN_UINT64 4
1195 #define SA_AUTH_AUX1_OFFSET_IN_UINT64 8
1196 #define SA_AUTH_AUX2_OFFSET_IN_UINT64 12
1198 #define SA_CTX_AUTH_TYPE1_SIZE 64 /* Including Key only */
1199 #define SA_CTX_AUTH_TYPE2_SIZE 96 /* Including Key and Aux1 */
1200 #define SA_CTX_AUTH_TYPE3_SIZE 160 /* Including Key and Aux1
1201 for sha 384 and 512 */
1203 /******************************************************************************
1204 * Type: SA Enc Mode Control Instructions (MCI)
1205 ******************************************************************************
1206 * Description: The following structures provides the mode control instructions
1207 * of the SA encryption engine related definitions
1208 *****************************************************************************/
1210 /******************************************************************************
1211 * Type: SA_ENG_ALGO_E
1212 ******************************************************************************
1213 * Description: This structure defines the algorithms
1214 * of the Encryption Engine or the Air Ciphering Engine.
1215 *
1216 *****************************************************************************/
1217 typedef enum
1218 {
1219 SA_ENG_ALGO_ECB = 0,
1220 SA_ENG_ALGO_CBC,
1221 SA_ENG_ALGO_CFB,
1222 SA_ENG_ALGO_OFB,
1223 SA_ENG_ALGO_CTR,
1224 SA_ENG_ALGO_F8,
1225 SA_ENG_ALGO_F8F9,
1226 SA_ENG_ALGO_GCM,
1227 SA_ENG_ALGO_GMAC,
1228 SA_ENG_ALGO_CCM,
1229 SA_ENG_ALGO_CMAC,
1230 SA_ENG_ALGO_CBCMAC,
1231 SA_ENG_ALGO_CCM_NO_AAD,
1232 SA_NUM_ENG_ALGOS
1233 } saEngAlgo_e;
1235 /******************************************************************************
1236 * Type: SA_ENG_OP_CORE_E
1237 ******************************************************************************
1238 * Description: This structure defines the operation cores supported by the
1239 * SA Engines.
1240 *
1241 *****************************************************************************/
1242 typedef enum
1243 {
1244 SA_ENG_OP_CORE_AES = 0,
1245 SA_ENG_OP_CORE_3DES,
1246 SA_ENG_OP_CORE_KASUMI,
1247 SA_ENG_OP_CORE_SNOW3G,
1248 SA_ENG_OP_CORE_ZUC,
1249 SA_NUM_ENG_OP_CORES
1250 } saEngOpCore_e;
1252 /******************************************************************************
1253 * Type: SA_ENG_KEY_SIZE_E
1254 ******************************************************************************
1255 * Description: This structure defines supported key sizes
1256 * SA Engines.
1257 *
1258 *****************************************************************************/
1259 typedef enum
1260 {
1261 SA_ENG_KEY_SIZE_128 = 0,
1262 SA_ENG_KEY_SIZE_192,
1263 SA_ENG_KEY_SIZE_256,
1264 SA_ENG_NUM_KEY_SIZES
1265 } saEngKeySize_e;
1267 /* Convert the kwy size (16/24/32) to the ley size index (0/1/2) */
1268 #define SA_ENG_CONV_KEY_SIZE(size) (((size) >> 3) - 2)
1270 /*
1271 * 3DES only supports ECB, CBC, CFB and OFB.
1272 */
1273 #define SA_3DES_FIRST_ALGO SA_ENG_ALGO_ECB
1274 #define SA_3DES_LAST_ALGO SA_ENG_ALGO_OFB
1275 #define SA_3DES_NUM_ALGOS (SA_3DES_LAST_ALGO - SA_3DES_FIRST_ALGO + 1)
1277 /*
1278 * 3DES only supports CBC
1279 * Note: reserve room for other algorithm
1280 */
1281 #define SA_DES_FIRST_ALGO SA_ENG_ALGO_ECB
1282 #define SA_DES_LAST_ALGO SA_ENG_ALGO_OFB
1283 #define SA_DES_NUM_ALGOS (SA_DES_LAST_ALGO - SA_DES_FIRST_ALGO + 1)
1285 /* 3GPP Engine related definitions */
1287 #define SA_KASUMI_FIRST_ALGO SA_ENG_ALGO_F8
1288 #define SA_KASUMI_NUM_ALGOS 1
1290 #define SA_SNOW3G_FIRST_ALGO SA_ENG_ALGO_F8
1291 #define SA_SNOW3G_NUM_ALGOS_GEN1 1
1292 #define SA_SNOW3G_NUM_ALGOS 2
1293 #define SA_SNOW3G_AUTH_NUM_ALGOS 1
1295 #define SA_ZUC_FIRST_ALGO SA_ENG_ALGO_F8
1296 #define SA_ZUC_NUM_ALGOS 2
1297 #define SA_ZUC_AUTH_NUM_ALGOS 1
1300 #define SA_AUTH_ALGO_F9 (NUM_SA_ENG_ALGOS + 10)
1302 #define SA_KASUMI_AUTH_DIR0 0 /* uplink (From-Air) */
1303 #define SA_KASUMI_AUTH_DIR1 1 /* downlink (To-Air) */
1304 #define SA_KASUMI_AUTH_NUM_DIRS 2
1306 #define SA_ENG_MAX_MCI_SIZE 27
1308 /* Engine core specific MCI tables */
1309 extern const uint8_t sa_eng_aes_enc_mci_tbl[SA_NUM_ENG_ALGOS][SA_ENG_NUM_KEY_SIZES][SA_ENG_MAX_MCI_SIZE];
1310 extern const uint8_t sa_eng_aes_dec_mci_tbl[SA_NUM_ENG_ALGOS][SA_ENG_NUM_KEY_SIZES][SA_ENG_MAX_MCI_SIZE];
1311 extern const uint8_t sa_eng_des_enc_mci_tbl[SA_DES_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1312 extern const uint8_t sa_eng_des_dec_mci_tbl[SA_DES_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1313 extern const uint8_t sa_eng_3des_enc_mci_tbl[SA_3DES_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1314 extern const uint8_t sa_eng_3des_dec_mci_tbl[SA_3DES_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1315 extern const uint8_t sa_eng_ah_gmac_mci_tbl[SA_ENG_NUM_KEY_SIZES][SA_ENG_MAX_MCI_SIZE];
1316 extern uint8_t sa_eng_kasumi_enc_mci_tbl[SA_KASUMI_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1317 extern uint8_t sa_eng_snow3g_enc_mci_tbl[SA_SNOW3G_NUM_ALGOS_GEN1][SA_ENG_MAX_MCI_SIZE];
1318 extern uint8_t sa_eng_kasumi_auth_mci_tbl[SA_KASUMI_AUTH_NUM_DIRS][SA_ENG_MAX_MCI_SIZE];
1319 extern uint8_t sa_eng_kasumi_enc_mci_tbl2[SA_KASUMI_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1320 extern uint8_t sa_eng_snow3g_enc_mci_tbl2[SA_SNOW3G_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1321 extern uint8_t sa_eng_zuc_enc_mci_tbl2[SA_ZUC_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1322 extern uint8_t sa_eng_kasumi_auth_mci_tbl2[SA_KASUMI_AUTH_NUM_DIRS][SA_ENG_MAX_MCI_SIZE];
1323 extern uint8_t sa_eng_snow3g_auth_mci_tbl2[SA_SNOW3G_AUTH_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1324 extern uint8_t sa_eng_zuc_auth_mci_tbl2[SA_ZUC_AUTH_NUM_ALGOS][SA_ENG_MAX_MCI_SIZE];
1326 /******************************************************************************
1327 * Type: SA_CTX_AUTH_T
1328 ******************************************************************************
1329 * Description: This structure defines the SA Security Context parameters
1330 * of the Authentication Engine.
1331 *
1332 *****************************************************************************/
1333 typedef struct SA_CTX_AUTH_tag
1334 {
1335 uint16_t ctrlBitMap;
1337 #define SA_AUTH_MODE_SEL_MASK 0x8000
1338 #define SA_AUTH_MODE_SEL_AUTH 0x0000
1339 #define SA_AUTH_MODE_SEC_NULL 0x8000
1340 #define SA_AUTH_DEFAULT_ENG_ID_MASK 0x1F00
1341 #define SA_AUTH_DEFAULT_ENG_ID_SHIFT 8
1342 #define SA_AUTH_FLAG_UPLOAD_HASH 0x0040 /* Upload hash to TLR */
1343 #define SA_AUTH_FLAG_DIS_MSG_PADDING 0x0080 /* Reserved: Do not pad message */
1344 #define SA_AUTH_FLAG_USE_MASTER_KEY 0x0020 /* Reserved: Always hash */
1345 #define SA_AUTH_FLAG_DIS_HMAC 0x0010 /* Basic Hash */
1346 #define SA_AUTH_HASH_MODE_MASK 0x000f
1347 #define SA_AUTH_HASH_MODE_NULL 0
1348 #define SA_AUTH_HASH_MODE_MD5 1
1349 #define SA_AUTH_HASH_MODE_SHA1 2
1350 #define SA_AUTH_HASH_MODE_SHA2_224 3
1351 #define SA_AUTH_HASH_MODE_SHA2_256 4
1352 #define SA_AUTH_HASH_MODE_SHA2_384 5
1353 #define SA_AUTH_HASH_MODE_SHA2_512 6
1356 #define SA_SIM_AS_GET_FUNC_INDEX(x) ((x) & SA_AUTH_HASH_MODE_MASK)
1358 uint16_t reserved1[15];
1360 /*
1361 * For Non SA2UL:
1362 * Master Key or Pre computed inner digest for HMAC. The field expects either
1363 * Master key or Pre-computed inner digest.
1364 * Hash(key xor inner constant). The inner pad must be padded to 256 bits by adding
1365 * padding bits towards LSB.
1366 * For SA2UL:
1367 * Bit [255:0] of Master Key or Pre computed
1368 * inner digest for HMAC. The field expects
1369 * either Master key or Pre-computed inner
1370 * digest.
1371 * Hash(key xor inner constant). The inner pad
1372 * must be padded to 512 bits by adding padding
1373 * bits towards LSB.
1374 */
1375 uint16_t authKey[SA_AUTH_KEY_SIZE_IN_UINT32*2];
1377 /*
1378 * For Non SA2UL:
1379 * Pre computed outer opad for HMAC. This field expects the hash carries over opad.
1380 * i.e. Hash(key xor outer constant). The outer digest must be padded to 256 bits
1381 * by adding padding bits towards LSB.
1382 * For SA2UL:
1383 * Bit [255:0] of Pre computed outer opad for
1384 * HMAC. This field expects the hash carries
1385 * over opad. i.e.
1386 * Hash(key xor outer constant). The outer
1387 * digest must be padded to 512 bits by adding
1388 * padding bits towards LSB.
1389 */
1390 uint16_t aux1[SA_AUTH_AUX1_SIZE_IN_UINT32*2];
1392 /*
1393 * For Non SA2UL:
1394 * This field stores the partial hash if the current block does not contain the
1395 * complete packet. This value if restored into authentication core when next
1396 * block of same packet is active
1397 * For SA2UL:
1398 * Bit[511:256] of Master Key or Pre computed
1399 * inner digest for HMAC. The field expects
1400 * either Master key or Pre-computed inner
1401 * digest.
1402 * Hash(key xor inner constant). Must be
1403 * populated for SHA2-512. Leave this blank for
1404 * all other modes.
1405 */
1406 uint16_t aux2[SA_AUTH_AUX2_SIZE_IN_UINT32*2];
1408 /*
1409 * For Non SA2UL:
1410 * Reserved Used by Engine only
1411 * for sa2ul:
1412 * Bit [511:256] of Pre computed outer opad for
1413 * HMAC. This field expects the hash carries
1414 * over opad. i.e.
1415 * Hash(key xor outer constant). Must be
1416 * populated for SHA2-512. Leave this blank for
1417 * all other modes.
1418 */
1419 uint16_t aux3[SA_AUTH_RESERVED2_SIZE_IN_UINT32*2];
1420 } saCtxAuth_t;
1422 #define SA_AC_KEY_SIZE_IN_UINT32 8
1423 #define SA_AC_KEY1_SIZE_IN_UINT32 4
1424 #define SA_AC_KEY2_SIZE_IN_UINT32 4
1425 #define SA_AC_AUX1_SIZE_IN_UINT32 8
1426 #define SA_AC_AUX2_SIZE_IN_UINT32 4
1427 #define SA_AC_AUX3_SIZE_IN_UINT32 4
1428 #define SA_AC_AUX4_SIZE_IN_UINT32 4
1429 #define SA_AC_RESERVED2_SIZE_IN_UINT32 4
1431 #define SA_AC_AUX2_OFFSET 96
1434 #define SA_AC_KEY_OFFSET_IN_BYTES 32
1435 #define SA_AC_KEY_OFFSET_IN_UINT64 4
1436 #define SA_AC_KEY1_OFFSET_IN_UINT64 4
1437 #define SA_AC_KEY2_OFFSET_IN_UINT64 6
1438 #define SA_AC_AUX1_OFFSET_IN_UINT64 8
1439 #define SA_AC_AUX1_2_OFFSET_IN_UINT64 10
1440 #define SA_AC_AUX2_OFFSET_IN_UINT64 12
1441 #define SA_AC_AUX3_OFFSET_IN_UINT64 14
1442 #define SA_AC_AUX4_OFFSET_IN_UINT64 16
1444 #define SA_CTX_AC_TYPE1_SIZE 64 /* Including Key only */
1445 #define SA_CTX_AC_TYPE2_SIZE 96 /* Including Key and Aux1 */
1447 /******************************************************************************
1448 * Type: SA_CTX_AC_T
1449 ******************************************************************************
1450 * Description: This structure defines the SA Security Context parameters
1451 * of the Air Ciphering Engine.
1452 *
1453 *****************************************************************************/
1454 typedef struct SA_CTX_AC_tag
1455 {
1456 uint16_t ctrlBitMap_1stCtrlWord;
1458 /* Note: the bit definitions of control word may change */
1459 #define SA_AC_MODE_SEL_MASK 0x80
1460 #define SA_AC_MODE_SEL_ENC 0x00
1461 #define SA_AC_MODE_SEC_NULL 0x80
1462 #define SA_AC_DEFAULT_ENG_ID_MASK 0x1F
1464 /*
1465 * The reserved 2 bits will be used to contain the limited encryption modes
1466 * supported by the simulator
1467 */
1468 #define SA_SIM_AC_MODE_SEL_MASK 0x60
1469 #define SA_SIM_AC_MODE_SEL_SHIFT 5
1471 /* Encyrtion Modes supported by Air Ciphering Engine Pass 1 & 2(Encryption) */
1472 /* Note: Both encryption and authentication modes need to share the common index */
1473 #define SA_SIM_AC_ENC_MODE_NOT_SUPPORTED 0
1474 #define SA_SIM_AC_ENC_MODE_SNOW3G_F8 1
1475 #define SA_SIM_AC_ENC_MODE_KASUMI_F8 2
1476 #define SA_SIM_AC_ENC_MODE_RESERVED1 3
1478 /* Authentication Modes supported by Air Ciphering Engine Pass 1 & 2 (Authentication) */
1479 #define SA_SIM_AC_AUTH_MODE_NOT_SUPPORTED 0
1480 #define SA_SIM_AC_AUTH_MODE_KASUMI_F9 3
1482 #define SA_SIM_AC_GET_FUNC_INDEX(x) (((x) & SA_SIM_AC_MODE_SEL_MASK) >> SA_SIM_AC_MODE_SEL_SHIFT)
1483 #define SA_SIM_AC_SET_FUNC_INDEX(a,b) UTL_SET_BITFIELD((a), b, 5, 2)
1485 uint16_t ctrlWord[(SA_MODE_CTRL_WORD_SIZE_IN_BYTE - 1)/2];
1487 uint32_t reserved1;
1489 /*
1490 * Key used for cipher operation, this key can also be loaded in-band
1491 * via option bytes
1492 */
1493 uint16_t key[SA_AC_KEY_SIZE_IN_UINT32*2];
1495 /*
1496 * This field is used to store auxiliary data. This field is required
1497 * to support certain encryption modes like CCM to store second key and
1498 * can be loaded in-band via option bytes. Mode control engine cannot
1499 * alter the value of this field
1500 */
1501 uint16_t aux1[SA_AC_AUX1_SIZE_IN_UINT32*2];
1503 /*
1504 * This is second Aux data that can be used if the encryption mode require IV.
1505 * This value can be altered by Mode control engine and can also be loaded
1506 * in-band via option bytes.
1507 */
1508 uint16_t aux2[SA_AC_AUX2_SIZE_IN_UINT32*2];
1510 /*
1511 * This is third Aux data that can be used if the encryption mode require nonce.
1512 * This value can be altered by Mode control engine and can also be loaded in-band
1513 * via option bytes.
1514 *
1515 */
1516 uint16_t aux3[SA_AC_AUX3_SIZE_IN_UINT32*2];
1518 /*
1519 * Aux data 4 is used to store intermediate mode control data to be used for
1520 * next block. This space cannot be loaded from main host, but can be loaded
1521 * in-band via via option bytes
1522 */
1523 uint16_t aux4[SA_AC_AUX4_SIZE_IN_UINT32*2];
1525 /*
1526 * Reserved Used by Engine only
1527 */
1528 uint16_t reserved2[SA_AC_RESERVED2_SIZE_IN_UINT32*2];
1529 } saCtxAc_t;
1531 /* Software Data Word 0 */
1532 /* 31 Reserved
1533 * 30 Destination Info Present
1534 * 29:25 Engine ID: specify the destination processing engine
1535 * 24:20 Command Label Info Bit 4: Command Label present
1536 * Bits 3:0: Command label offset in 8-bytes
1537 * 19:16 DMA Control flags
1538 * 19 Reserved
1539 * 18 No Paylaod Flag
1540 * 17 Tear Flag
1541 * 16 Evict Flag
1542 * 15:00 SC ID: Security Context ID
1543 */
1544 #define SA_SW_GET_SC_ID(a) UTL_GET_BITFIELD((a), 0, 16)
1545 #define SA_SW_SET_SC_ID(a, b) UTL_SET_BITFIELD((a), (b), 0, 16)
1546 #define SA_SW_GET_CMDLB_OFFSET(a) UTL_GET_BITFIELD((a), 20, 4)
1547 #define SA_SW_SET_CMDLB_OFFSET(a, b) UTL_SET_BITFIELD((a), (b), 20, 4)
1548 #define SA_SW_IS_CMDLB_PRESENT(a) UTL_GET_BITFIELD((a), 24, 1)
1549 #define SA_SW_SET_CMDLB_PRESENT(a, b) UTL_SET_BITFIELD((a), (b), 24, 1)
1550 #define SA_SW_GET_ENG_ID(a) UTL_GET_BITFIELD((a), 25, 5)
1551 #define SA_SW_SET_ENG_ID(a, b) UTL_SET_BITFIELD((a), (b), 25, 5)
1552 #define SA_SW_IS_DEST_INFO_PRESENT(a) UTL_GET_BITFIELD((a), 30, 1)
1553 #define SA_SW_SET_DEST_INFO_PRESENT(a, b) UTL_SET_BITFIELD((a), (b), 30, 1)
1554 #define SA_SW_READ_FLAG_NOPAYLOAD(a) UTL_GET_BITFIELD((a), 18, 1)
1555 #define SA_SW_SET_FLAG_NOPAYLOAD(a, b) UTL_SET_BITFIELD((a), (b), 18, 1)
1556 #define SA_SW_READ_FLAG_TEAR(a) UTL_GET_BITFIELD((a), 17, 1)
1557 #define SA_SW_SET_FLAG_TEAR(a, b) UTL_SET_BITFIELD((a), (b), 17, 1)
1558 #define SA_SW_READ_FLAG_EVICT(a) UTL_GET_BITFIELD((a), 16, 1)
1559 #define SA_SW_SET_FLAG_EVICT(a, b) UTL_SET_BITFIELD((a), (b), 16, 1)
1561 #define SA_SC_FLAGS_EVICT 0x01 /* Evict the security context */
1562 #define SA_SC_FLAGS_TEAR 0x02 /* Tear down the security context */
1563 #define SA_SC_FLAGS_NOPAYLOAD 0x04 /* NO payload with the packet */
1566 /* Software Data Word 1 */
1567 /* 31:0 SC PTR: Security Context Pointer */
1568 #define SA_SW_GET_SC_PTR(a) (a)
1570 /* Software Data Word 2 */
1571 /* 31:24 hash size */
1572 /* 23:16 Flow Index */
1573 /* 15:00 DEstination Queue */
1574 #define SA_FORM_SW2(queueID, flowIndex, hashSize) ((uint32_t)(queueID)) | \
1575 ((uint32_t)((flowIndex) & 0xFF) << 16 ) | \
1576 ((uint32_t)((hashSize) & 0xFF) << 24)
1579 /* Software Data Word 2 for SA2_UL */
1580 /* 31:24 hash size */
1581 /* 15:00 security context pointer high 16-bits */
1582 #define SA2_UL_FORM_SW2(scptrh, hashSize) ((uint16_t)((scptrh) & 0xFFFF)) | \
1583 ((uint32_t)((hashSize) & 0xFF) << 24)
1585 /* Software Data Word 3 for SA2_UL, that should be put into first 32-bits of Protocol Specific word
1586 * 31:16 Egress CPPI Destination queue
1587 * 15:4 Reserved
1588 * 29:25 Engine ID: specify the destination processing engine
1589 * 24:20 Command Label Info Bit 4: Command Label present
1590 * Bits 3:0: Command label offset in 8-bytes
1591 * 19:16 DMA Control flags
1592 * 19 Reserved
1593 * 3 Non Secure Crypto
1594 * 2 Demote
1595 * 1 Promote
1596 * 0 Reserved
1597 */
1598 #define SA2_UL_SW_GET_PROMOTE(a) UTL_GET_BITFIELD((a), 1, 1)
1599 #define SA2_UL_SW_SET_PROMOTE(a, b) UTL_SET_BITFIELD((a), (b), 1, 1)
1600 #define SA2_UL_SW_GET_DEMOTE(a) UTL_GET_BITFIELD((a), 2, 1)
1601 #define SA2_UL_SW_SET_DEMOTE(a, b) UTL_SET_BITFIELD((a), (b), 2, 1)
1602 #define SA2_UL_SW_GET_NONSEC_CRYPO(a) UTL_GET_BITFIELD((a), 3, 1)
1603 #define SA2_UL_SW_SET_NONSEC_CRYPO(a, b) UTL_SET_BITFIELD((a), (b), 3, 1)
1604 #define SA2_UL_SW_GET_EGRESS_DEST_QUEUE(a) UTL_GET_BITFIELD((a), 16, 16)
1605 #define SA2_UL_SW_SET_EGRESS_DEST_QUEUE(a, b) UTL_SET_BITFIELD((a), (b), 16, 16)
1607 /* Define SW Info Control Flags */
1608 #define SA_SW_INFO_FLAG_CMLB_PRESENT 0x0100
1609 #define SA_SW_INFO_FLAG_NOPAYLOAD 0x0004
1610 #define SA_SW_INFO_FLAG_TEAR 0x0002
1611 #define SA_SW_INFO_FLAG_EVICT 0x0001
1612 #define SA_SW_INFO_FLAG_SHIFT 16
1613 #define SA_SW_INFO_FLAG_MASK ((SA_SW_INFO_FLAG_CMLB_PRESENT | \
1614 SA_SW_INFO_FLAG_NOPAYLOAD | \
1615 SA_SW_INFO_FLAG_TEAR | \
1616 SA_SW_INFO_FLAG_EVICT) << SA_SW_INFO_FLAG_SHIFT)
1618 #define SA_SW_INFO_SET_FLAGS(a, b) (a) = ((a) & ~SA_SW_INFO_FLAG_MASK) | ((b) << SA_SW_INFO_FLAG_SHIFT)
1621 #endif /* _SACTX_H */