Zephyr API Documentation  2.7.0-rc2
A Scalable Open Source RTOS
cipher.h
Go to the documentation of this file.
1/*
2 * Copyright (c) 2016 Intel Corporation.
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
32#ifndef ZEPHYR_INCLUDE_CRYPTO_CIPHER_H_
33#define ZEPHYR_INCLUDE_CRYPTO_CIPHER_H_
34
35#include <device.h>
36#include <errno.h>
37#include <sys/util.h>
38#include <sys/__assert.h>
39#include "cipher_structs.h"
40
41/* The API a crypto driver should implement */
42__subsystem struct crypto_driver_api {
43 int (*query_hw_caps)(const struct device *dev);
44
45 /* Setup a crypto session */
46 int (*begin_session)(const struct device *dev, struct cipher_ctx *ctx,
47 enum cipher_algo algo, enum cipher_mode mode,
48 enum cipher_op op_type);
49
50 /* Tear down an established session */
51 int (*free_session)(const struct device *dev, struct cipher_ctx *ctx);
52
53 /* Register async crypto op completion callback with the driver */
54 int (*crypto_async_callback_set)(const struct device *dev,
55 crypto_completion_cb cb);
56};
57
58/* Following are the public API a user app may call.
59 * The first two relate to crypto "session" setup / teardown. Further we
60 * have four cipher mode specific (CTR, CCM, CBC ...) calls to perform the
61 * actual crypto operation in the context of a session. Also we have an
62 * API to provide the callback for async operations.
63 */
64
76static inline int cipher_query_hwcaps(const struct device *dev)
77{
78 struct crypto_driver_api *api;
79 int tmp;
80
81 api = (struct crypto_driver_api *) dev->api;
82
83 tmp = api->query_hw_caps(dev);
84
85 __ASSERT((tmp & (CAP_OPAQUE_KEY_HNDL | CAP_RAW_KEY)) != 0,
86 "Driver should support at least one key type: RAW/Opaque");
87
88 __ASSERT((tmp & (CAP_INPLACE_OPS | CAP_SEPARATE_IO_BUFS)) != 0,
89 "Driver should support at least one IO buf type: Inplace/separate");
90
91 __ASSERT((tmp & (CAP_SYNC_OPS | CAP_ASYNC_OPS)) != 0,
92 "Driver should support at least one op-type: sync/async");
93 return tmp;
94
95}
96
116static inline int cipher_begin_session(const struct device *dev,
117 struct cipher_ctx *ctx,
118 enum cipher_algo algo,
119 enum cipher_mode mode,
120 enum cipher_op optype)
121{
122 struct crypto_driver_api *api;
123 uint32_t flags;
124
125 api = (struct crypto_driver_api *) dev->api;
126 ctx->device = dev;
127 ctx->ops.cipher_mode = mode;
128
129 flags = (ctx->flags & (CAP_OPAQUE_KEY_HNDL | CAP_RAW_KEY));
130 __ASSERT(flags != 0U, "Keytype missing: RAW Key or OPAQUE handle");
131 __ASSERT(flags != (CAP_OPAQUE_KEY_HNDL | CAP_RAW_KEY),
132 "conflicting options for keytype");
133
134 flags = (ctx->flags & (CAP_INPLACE_OPS | CAP_SEPARATE_IO_BUFS));
135 __ASSERT(flags != 0U, "IO buffer type missing");
136 __ASSERT(flags != (CAP_INPLACE_OPS | CAP_SEPARATE_IO_BUFS),
137 "conflicting options for IO buffer type");
138
139 flags = (ctx->flags & (CAP_SYNC_OPS | CAP_ASYNC_OPS));
140 __ASSERT(flags != 0U, "sync/async type missing");
141 __ASSERT(flags != (CAP_SYNC_OPS | CAP_ASYNC_OPS),
142 "conflicting options for sync/async");
143
144 return api->begin_session(dev, ctx, algo, mode, optype);
145}
146
158static inline int cipher_free_session(const struct device *dev,
159 struct cipher_ctx *ctx)
160{
161 struct crypto_driver_api *api;
162
163 api = (struct crypto_driver_api *) dev->api;
164
165 return api->free_session(dev, ctx);
166}
167
182static inline int cipher_callback_set(const struct device *dev,
183 crypto_completion_cb cb)
184{
185 struct crypto_driver_api *api;
186
187 api = (struct crypto_driver_api *) dev->api;
188
189 if (api->crypto_async_callback_set) {
190 return api->crypto_async_callback_set(dev, cb);
191 }
192
193 return -ENOTSUP;
194
195}
196
206static inline int cipher_block_op(struct cipher_ctx *ctx,
207 struct cipher_pkt *pkt)
208{
209 __ASSERT(ctx->ops.cipher_mode == CRYPTO_CIPHER_MODE_ECB, "ECB mode "
210 "session invoking a different mode handler");
211
212 pkt->ctx = ctx;
213 return ctx->ops.block_crypt_hndlr(ctx, pkt);
214}
215
227static inline int cipher_cbc_op(struct cipher_ctx *ctx,
228 struct cipher_pkt *pkt, uint8_t *iv)
229{
230 __ASSERT(ctx->ops.cipher_mode == CRYPTO_CIPHER_MODE_CBC, "CBC mode "
231 "session invoking a different mode handler");
232
233 pkt->ctx = ctx;
234 return ctx->ops.cbc_crypt_hndlr(ctx, pkt, iv);
235}
236
254static inline int cipher_ctr_op(struct cipher_ctx *ctx,
255 struct cipher_pkt *pkt, uint8_t *iv)
256{
257 __ASSERT(ctx->ops.cipher_mode == CRYPTO_CIPHER_MODE_CTR, "CTR mode "
258 "session invoking a different mode handler");
259
260 pkt->ctx = ctx;
261 return ctx->ops.ctr_crypt_hndlr(ctx, pkt, iv);
262}
263
276static inline int cipher_ccm_op(struct cipher_ctx *ctx,
277 struct cipher_aead_pkt *pkt, uint8_t *nonce)
278{
279 __ASSERT(ctx->ops.cipher_mode == CRYPTO_CIPHER_MODE_CCM, "CCM mode "
280 "session invoking a different mode handler");
281
282 pkt->pkt->ctx = ctx;
283 return ctx->ops.ccm_crypt_hndlr(ctx, pkt, nonce);
284}
285
298static inline int cipher_gcm_op(struct cipher_ctx *ctx,
299 struct cipher_aead_pkt *pkt, uint8_t *nonce)
300{
301 __ASSERT(ctx->ops.cipher_mode == CRYPTO_CIPHER_MODE_GCM, "GCM mode "
302 "session invoking a different mode handler");
303
304 pkt->pkt->ctx = ctx;
305 return ctx->ops.gcm_crypt_hndlr(ctx, pkt, nonce);
306}
307
312#endif /* ZEPHYR_INCLUDE_CRYPTO_CIPHER_H_ */
__assert.h
cipher_structs.h
Crypto Cipher structure definitions.
errno.h
System error numbers.
cipher_block_op
static int cipher_block_op(struct cipher_ctx *ctx, struct cipher_pkt *pkt)
Perform single-block crypto operation (ECB cipher mode). This should not be overloaded to operate on ...
Definition: cipher.h:206
cipher_begin_session
static int cipher_begin_session(const struct device *dev, struct cipher_ctx *ctx, enum cipher_algo algo, enum cipher_mode mode, enum cipher_op optype)
Setup a crypto session.
Definition: cipher.h:116
cipher_op
cipher_op
Definition: cipher_structs.h:34
cipher_callback_set
static int cipher_callback_set(const struct device *dev, crypto_completion_cb cb)
Registers an async crypto op completion callback with the driver.
Definition: cipher.h:182
cipher_cbc_op
static int cipher_cbc_op(struct cipher_ctx *ctx, struct cipher_pkt *pkt, uint8_t *iv)
Perform Cipher Block Chaining (CBC) crypto operation.
Definition: cipher.h:227
cipher_gcm_op
static int cipher_gcm_op(struct cipher_ctx *ctx, struct cipher_aead_pkt *pkt, uint8_t *nonce)
Perform Galois/Counter Mode (GCM) crypto operation.
Definition: cipher.h:298
CAP_SYNC_OPS
#define CAP_SYNC_OPS
Definition: cipher_structs.h:191
cipher_ccm_op
static int cipher_ccm_op(struct cipher_ctx *ctx, struct cipher_aead_pkt *pkt, uint8_t *nonce)
Perform Counter with CBC-MAC (CCM) mode crypto operation.
Definition: cipher.h:276
CAP_INPLACE_OPS
#define CAP_INPLACE_OPS
Definition: cipher_structs.h:184
crypto_completion_cb
void(* crypto_completion_cb)(struct cipher_pkt *completed, int status)
Definition: cipher_structs.h:273
CAP_ASYNC_OPS
#define CAP_ASYNC_OPS
Definition: cipher_structs.h:192
cipher_query_hwcaps
static int cipher_query_hwcaps(const struct device *dev)
Query the crypto hardware capabilities.
Definition: cipher.h:76
CAP_OPAQUE_KEY_HNDL
#define CAP_OPAQUE_KEY_HNDL
Definition: cipher_structs.h:177
CAP_SEPARATE_IO_BUFS
#define CAP_SEPARATE_IO_BUFS
Definition: cipher_structs.h:185
CAP_RAW_KEY
#define CAP_RAW_KEY
Definition: cipher_structs.h:178
cipher_algo
cipher_algo
Definition: cipher_structs.h:29
cipher_free_session
static int cipher_free_session(const struct device *dev, struct cipher_ctx *ctx)
Cleanup a crypto session.
Definition: cipher.h:158
cipher_mode
cipher_mode
Definition: cipher_structs.h:44
cipher_ctr_op
static int cipher_ctr_op(struct cipher_ctx *ctx, struct cipher_pkt *pkt, uint8_t *iv)
Perform Counter (CTR) mode crypto operation.
Definition: cipher.h:254
CRYPTO_CIPHER_MODE_GCM
@ CRYPTO_CIPHER_MODE_GCM
Definition: cipher_structs.h:49
CRYPTO_CIPHER_MODE_ECB
@ CRYPTO_CIPHER_MODE_ECB
Definition: cipher_structs.h:45
CRYPTO_CIPHER_MODE_CCM
@ CRYPTO_CIPHER_MODE_CCM
Definition: cipher_structs.h:48
CRYPTO_CIPHER_MODE_CTR
@ CRYPTO_CIPHER_MODE_CTR
Definition: cipher_structs.h:47
CRYPTO_CIPHER_MODE_CBC
@ CRYPTO_CIPHER_MODE_CBC
Definition: cipher_structs.h:46
ENOTSUP
#define ENOTSUP
Definition: errno.h:115
flags
flags
Definition: http_parser.h:131
uint32_t
__UINT32_TYPE__ uint32_t
Definition: stdint.h:60
uint8_t
__UINT8_TYPE__ uint8_t
Definition: stdint.h:58
cipher_aead_pkt
Definition: cipher_structs.h:248
cipher_aead_pkt::pkt
struct cipher_pkt * pkt
Definition: cipher_structs.h:250
cipher_ctx
Definition: cipher_structs.h:110
cipher_ctx::device
const struct device * device
Definition: cipher_structs.h:131
cipher_ctx::flags
uint16_t flags
Definition: cipher_structs.h:169
cipher_ctx::ops
struct cipher_ops ops
Definition: cipher_structs.h:116
cipher_ops::block_crypt_hndlr
block_op_t block_crypt_hndlr
Definition: cipher_structs.h:79
cipher_ops::gcm_crypt_hndlr
gcm_op_t gcm_crypt_hndlr
Definition: cipher_structs.h:83
cipher_ops::cipher_mode
enum cipher_mode cipher_mode
Definition: cipher_structs.h:76
cipher_ops::cbc_crypt_hndlr
cbc_op_t cbc_crypt_hndlr
Definition: cipher_structs.h:80
cipher_ops::ctr_crypt_hndlr
ctr_op_t ctr_crypt_hndlr
Definition: cipher_structs.h:81
cipher_ops::ccm_crypt_hndlr
ccm_op_t ccm_crypt_hndlr
Definition: cipher_structs.h:82
cipher_pkt
Definition: cipher_structs.h:211
cipher_pkt::ctx
struct cipher_ctx * ctx
Definition: cipher_structs.h:239
crypto_driver_api
Definition: cipher.h:42
crypto_driver_api::free_session
int(* free_session)(const struct device *dev, struct cipher_ctx *ctx)
Definition: cipher.h:51
crypto_driver_api::query_hw_caps
int(* query_hw_caps)(const struct device *dev)
Definition: cipher.h:43
crypto_driver_api::begin_session
int(* begin_session)(const struct device *dev, struct cipher_ctx *ctx, enum cipher_algo algo, enum cipher_mode mode, enum cipher_op op_type)
Definition: cipher.h:46
crypto_driver_api::crypto_async_callback_set
int(* crypto_async_callback_set)(const struct device *dev, crypto_completion_cb cb)
Definition: cipher.h:54
device
Runtime device structure (in ROM) per driver instance.
Definition: device.h:367
device::api
const void * api
Definition: device.h:373
util.h
Misc utilities.