package/ubsec_ssb/src/ubsecreg.h

   1
   2 /*
   3  * Copyright (c) 2008 Daniel Mueller (daniel@danm.de)
   4  * Copyright (c) 2000 Theo de Raadt
   5  * Copyright (c) 2001 Patrik Lindergren (patrik@ipunplugged.com)
   6  *
   7  * Redistribution and use in source and binary forms, with or without
   8  * modification, are permitted provided that the following conditions
   9  * are met:
  10  *
  11  * 1. Redistributions of source code must retain the above copyright
  12  *    notice, this list of conditions and the following disclaimer.
  13  * 2. Redistributions in binary form must reproduce the above copyright
  14  *    notice, this list of conditions and the following disclaimer in the
  15  *    documentation and/or other materials provided with the distribution.
  16  *
  17  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  18  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  19  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  20  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  21  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  22  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  23  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  24  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  25  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  26  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  27  *
  28  * Effort sponsored in part by the Defense Advanced Research Projects
  29  * Agency (DARPA) and Air Force Research Laboratory, Air Force
  30  * Materiel Command, USAF, under agreement number F30602-01-2-0537.
  31  *
  32  */
  33
  34 /*
  35  * Register definitions for 5601 BlueSteel Networks Ubiquitous Broadband
  36  * Security "uBSec" chip.  Definitions from revision 2.8 of the product
  37  * datasheet.
  38  */
  39
  40 #define BS_BAR          0x10    /* DMA base address register */
  41 #define BS_TRDY_TIMEOUT     0x40    /* TRDY timeout */
  42 #define BS_RETRY_TIMEOUT    0x41    /* DMA retry timeout */
  43
  44 #define UBS_PCI_RTY_SHIFT           8
  45 #define UBS_PCI_RTY_MASK            0xff
  46 #define UBS_PCI_RTY(misc) \
  47     (((misc) >> UBS_PCI_RTY_SHIFT) & UBS_PCI_RTY_MASK)
  48
  49 #define UBS_PCI_TOUT_SHIFT          0
  50 #define UBS_PCI_TOUT_MASK           0xff
  51 #define UBS_PCI_TOUT(misc) \
  52     (((misc) >> PCI_TOUT_SHIFT) & PCI_TOUT_MASK)
  53
  54 /*
  55  * DMA Control & Status Registers (offset from BS_BAR)
  56  */
  57 #define BS_MCR1     0x20    /* DMA Master Command Record 1 */
  58 #define BS_CTRL     0x24    /* DMA Control */
  59 #define BS_STAT     0x28    /* DMA Status */
  60 #define BS_ERR      0x2c    /* DMA Error Address */
  61 #define BS_DEV_ID   0x34    /* IPSec Device ID */
  62
  63 /* BS_CTRL - DMA Control */
  64 #define BS_CTRL_RESET       0x80000000  /* hardware reset, 5805/5820 */
  65 #define BS_CTRL_MCR2INT     0x40000000  /* enable intr MCR for MCR2 */
  66 #define BS_CTRL_MCR1INT     0x20000000  /* enable intr MCR for MCR1 */
  67 #define BS_CTRL_OFM     0x10000000  /* Output fragment mode */
  68 #define BS_CTRL_BE32        0x08000000  /* big-endian, 32bit bytes */
  69 #define BS_CTRL_BE64        0x04000000  /* big-endian, 64bit bytes */
  70 #define BS_CTRL_DMAERR      0x02000000  /* enable intr DMA error */
  71 #define BS_CTRL_RNG_M       0x01800000  /* RNG mode */
  72 #define BS_CTRL_RNG_1       0x00000000  /* 1bit rn/one slow clock */
  73 #define BS_CTRL_RNG_4       0x00800000  /* 1bit rn/four slow clocks */
  74 #define BS_CTRL_RNG_8       0x01000000  /* 1bit rn/eight slow clocks */
  75 #define BS_CTRL_RNG_16      0x01800000  /* 1bit rn/16 slow clocks */
  76 #define BS_CTRL_SWNORM      0x00400000  /* 582[01], sw normalization */
  77 #define BS_CTRL_FRAG_M      0x0000ffff  /* output fragment size mask */
  78 #define BS_CTRL_LITTLE_ENDIAN   (BS_CTRL_BE32 | BS_CTRL_BE64)
  79
  80 /* BS_STAT - DMA Status */
  81 #define BS_STAT_MCR1_BUSY   0x80000000  /* MCR1 is busy */
  82 #define BS_STAT_MCR1_FULL   0x40000000  /* MCR1 is full */
  83 #define BS_STAT_MCR1_DONE   0x20000000  /* MCR1 is done */
  84 #define BS_STAT_DMAERR      0x10000000  /* DMA error */
  85 #define BS_STAT_MCR2_FULL   0x08000000  /* MCR2 is full */
  86 #define BS_STAT_MCR2_DONE   0x04000000  /* MCR2 is done */
  87 #define BS_STAT_MCR1_ALLEMPTY   0x02000000  /* 5821, MCR1 is empty */
  88 #define BS_STAT_MCR2_ALLEMPTY   0x01000000  /* 5821, MCR2 is empty */
  89
  90 /* BS_ERR - DMA Error Address */
  91 #define BS_ERR_ADDR     0xfffffffc  /* error address mask */
  92 #define BS_ERR_READ     0x00000002  /* fault was on read */
  93
  94 struct ubsec_pktctx {
  95     u_int32_t   pc_deskey[6];       /* 3DES key */
  96     u_int32_t   pc_hminner[5];      /* hmac inner state */
  97     u_int32_t   pc_hmouter[5];      /* hmac outer state */
  98     u_int32_t   pc_iv[2];       /* [3]DES iv */
  99     u_int16_t   pc_flags;       /* flags, below */
 100     u_int16_t   pc_offset;      /* crypto offset */
 101 } __attribute__ ((packed));
 102
 103 #define UBS_PKTCTX_ENC_3DES 0x8000      /* use 3des */
 104 #define UBS_PKTCTX_ENC_AES  0x8000      /* use aes */
 105 #define UBS_PKTCTX_ENC_NONE 0x0000      /* no encryption */
 106 #define UBS_PKTCTX_INBOUND  0x4000      /* inbound packet */
 107 #define UBS_PKTCTX_AUTH     0x3000      /* authentication mask */
 108 #define UBS_PKTCTX_AUTH_NONE    0x0000      /* no authentication */
 109 #define UBS_PKTCTX_AUTH_MD5 0x1000      /* use hmac-md5 */
 110 #define UBS_PKTCTX_AUTH_SHA1    0x2000      /* use hmac-sha1 */
 111 #define UBS_PKTCTX_AES128   0x0         /* AES 128bit keys */
 112 #define UBS_PKTCTX_AES192   0x100       /* AES 192bit keys */
 113 #define UBS_PKTCTX_AES256   0x200       /* AES 256bit keys */
 114
 115 struct ubsec_pktctx_des {
 116     volatile u_int16_t  pc_len;     /* length of ctx struct */
 117     volatile u_int16_t  pc_type;    /* context type */
 118     volatile u_int16_t  pc_flags;   /* flags, same as above */
 119     volatile u_int16_t  pc_offset;  /* crypto/auth offset */
 120     volatile u_int32_t  pc_deskey[6];   /* 3DES key */
 121     volatile u_int32_t  pc_iv[2];   /* [3]DES iv */
 122     volatile u_int32_t  pc_hminner[5];  /* hmac inner state */
 123     volatile u_int32_t  pc_hmouter[5];  /* hmac outer state */
 124 } __attribute__ ((packed));
 125
 126 struct ubsec_pktctx_aes128 {
 127     volatile u_int16_t  pc_len;         /* length of ctx struct */
 128     volatile u_int16_t  pc_type;        /* context type */
 129     volatile u_int16_t  pc_flags;       /* flags, same as above */
 130     volatile u_int16_t  pc_offset;      /* crypto/auth offset */
 131     volatile u_int32_t  pc_aeskey[4];   /* AES 128bit key */
 132     volatile u_int32_t  pc_iv[4];       /* AES iv */
 133     volatile u_int32_t  pc_hminner[5];  /* hmac inner state */
 134     volatile u_int32_t  pc_hmouter[5];  /* hmac outer state */
 135 } __attribute__ ((packed));
 136
 137 struct ubsec_pktctx_aes192 {
 138     volatile u_int16_t  pc_len;         /* length of ctx struct */
 139     volatile u_int16_t  pc_type;        /* context type */
 140     volatile u_int16_t  pc_flags;       /* flags, same as above */
 141     volatile u_int16_t  pc_offset;      /* crypto/auth offset */
 142     volatile u_int32_t  pc_aeskey[6];   /* AES 192bit key */
 143     volatile u_int32_t  pc_iv[4];       /* AES iv */
 144     volatile u_int32_t  pc_hminner[5];  /* hmac inner state */
 145     volatile u_int32_t  pc_hmouter[5];  /* hmac outer state */
 146 } __attribute__ ((packed));
 147
 148 struct ubsec_pktctx_aes256 {
 149     volatile u_int16_t  pc_len;         /* length of ctx struct */
 150     volatile u_int16_t  pc_type;        /* context type */
 151     volatile u_int16_t  pc_flags;       /* flags, same as above */
 152     volatile u_int16_t  pc_offset;      /* crypto/auth offset */
 153     volatile u_int32_t  pc_aeskey[8];   /* AES 256bit key */
 154     volatile u_int32_t  pc_iv[4];       /* AES iv */
 155     volatile u_int32_t  pc_hminner[5];  /* hmac inner state */
 156     volatile u_int32_t  pc_hmouter[5];  /* hmac outer state */
 157 } __attribute__ ((packed));
 158
 159 #define UBS_PKTCTX_TYPE_IPSEC_DES   0x0000
 160 #define UBS_PKTCTX_TYPE_IPSEC_AES   0x0040
 161
 162 struct ubsec_pktbuf {
 163     volatile u_int32_t  pb_addr;    /* address of buffer start */
 164     volatile u_int32_t  pb_next;    /* pointer to next pktbuf */
 165     volatile u_int32_t  pb_len;     /* packet length */
 166 } __attribute__ ((packed));
 167 #define UBS_PKTBUF_LEN      0x0000ffff  /* length mask */
 168
 169 struct ubsec_mcr {
 170     volatile u_int16_t  mcr_pkts;   /* #pkts in this mcr */
 171     volatile u_int16_t  mcr_flags;  /* mcr flags (below) */
 172     volatile u_int32_t  mcr_cmdctxp;    /* command ctx pointer */
 173     struct ubsec_pktbuf mcr_ipktbuf;    /* input chain header */
 174     volatile u_int16_t  mcr_reserved;
 175     volatile u_int16_t  mcr_pktlen;
 176     struct ubsec_pktbuf mcr_opktbuf;    /* output chain header */
 177 } __attribute__ ((packed));
 178
 179 struct ubsec_mcr_add {
 180     volatile u_int32_t  mcr_cmdctxp;    /* command ctx pointer */
 181     struct ubsec_pktbuf mcr_ipktbuf;    /* input chain header */
 182     volatile u_int16_t  mcr_reserved;
 183     volatile u_int16_t  mcr_pktlen;
 184     struct ubsec_pktbuf mcr_opktbuf;    /* output chain header */
 185 } __attribute__ ((packed));
 186
 187 #define UBS_MCR_DONE        0x0001      /* mcr has been processed */
 188 #define UBS_MCR_ERROR       0x0002      /* error in processing */
 189 #define UBS_MCR_ERRORCODE   0xff00      /* error type */
 190
 191 struct ubsec_ctx_keyop {
 192     volatile u_int16_t  ctx_len;    /* command length */
 193     volatile u_int16_t  ctx_op;     /* operation code */
 194     volatile u_int8_t   ctx_pad[60];    /* padding */
 195 } __attribute__ ((packed));
 196 #define UBS_CTXOP_DHPKGEN   0x01        /* dh public key generation */
 197 #define UBS_CTXOP_DHSSGEN   0x02        /* dh shared secret gen. */
 198 #define UBS_CTXOP_RSAPUB    0x03        /* rsa public key op */
 199 #define UBS_CTXOP_RSAPRIV   0x04        /* rsa private key op */
 200 #define UBS_CTXOP_DSASIGN   0x05        /* dsa signing op */
 201 #define UBS_CTXOP_DSAVRFY   0x06        /* dsa verification */
 202 #define UBS_CTXOP_RNGBYPASS 0x41        /* rng direct test mode */
 203 #define UBS_CTXOP_RNGSHA1   0x42        /* rng sha1 test mode */
 204 #define UBS_CTXOP_MODADD    0x43        /* modular addition */
 205 #define UBS_CTXOP_MODSUB    0x44        /* modular subtraction */
 206 #define UBS_CTXOP_MODMUL    0x45        /* modular multiplication */
 207 #define UBS_CTXOP_MODRED    0x46        /* modular reduction */
 208 #define UBS_CTXOP_MODEXP    0x47        /* modular exponentiation */
 209 #define UBS_CTXOP_MODINV    0x48        /* modular inverse */
 210
 211 struct ubsec_ctx_rngbypass {
 212     volatile u_int16_t  rbp_len;    /* command length, 64 */
 213     volatile u_int16_t  rbp_op;     /* rng bypass, 0x41 */
 214     volatile u_int8_t   rbp_pad[60];    /* padding */
 215 } __attribute__ ((packed));
 216
 217 /* modexp: C = (M ^ E) mod N */
 218 struct ubsec_ctx_modexp {
 219     volatile u_int16_t  me_len;     /* command length */
 220     volatile u_int16_t  me_op;      /* modexp, 0x47 */
 221     volatile u_int16_t  me_E_len;   /* E (bits) */
 222     volatile u_int16_t  me_N_len;   /* N (bits) */
 223     u_int8_t        me_N[2048/8];   /* N */
 224 } __attribute__ ((packed));
 225
 226 struct ubsec_ctx_rsapriv {
 227     volatile u_int16_t  rpr_len;    /* command length */
 228     volatile u_int16_t  rpr_op;     /* rsaprivate, 0x04 */
 229     volatile u_int16_t  rpr_q_len;  /* q (bits) */
 230     volatile u_int16_t  rpr_p_len;  /* p (bits) */
 231     u_int8_t        rpr_buf[5 * 1024 / 8];  /* parameters: */
 232                         /* p, q, dp, dq, pinv */
 233 } __attribute__ ((packed));