1 | /* $NetBSD: ubsecreg.h,v 1.5 2015/04/13 15:43:43 riastradh Exp $ */ |
2 | /* $OpenBSD: ubsecreg.h,v 1.29 2009/03/25 12:17:30 reyk Exp $ */ |
3 | |
4 | /* |
5 | * Copyright (c) 2000 Theo de Raadt |
6 | * Copyright (c) 2001 Patrik Lindergren (patrik@ipunplugged.com) |
7 | * |
8 | * Redistribution and use in source and binary forms, with or without |
9 | * modification, are permitted provided that the following conditions |
10 | * are met: |
11 | * |
12 | * 1. Redistributions of source code must retain the above copyright |
13 | * notice, this list of conditions and the following disclaimer. |
14 | * 2. Redistributions in binary form must reproduce the above copyright |
15 | * notice, this list of conditions and the following disclaimer in the |
16 | * documentation and/or other materials provided with the distribution. |
17 | * |
18 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
19 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
20 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
21 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
22 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
23 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
24 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
25 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
26 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
27 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
28 | * |
29 | * Effort sponsored in part by the Defense Advanced Research Projects |
30 | * Agency (DARPA) and Air Force Research Laboratory, Air Force |
31 | * Materiel Command, USAF, under agreement number F30602-01-2-0537. |
32 | * |
33 | */ |
34 | |
35 | #ifndef _DEV_PCI_UBSECREG_H |
36 | #define _DEV_PCI_UBSECREG_H |
37 | |
38 | /* |
39 | * Register definitions for 5601 BlueSteel Networks Ubiquitous Broadband |
40 | * Security "uBSec" chip. Definitions from revision 2.8 of the product |
41 | * datasheet. |
42 | */ |
43 | |
44 | #define BS_BAR 0x10 /* DMA base address register */ |
45 | #define BS_TRDY_TIMEOUT 0x40 /* TRDY timeout */ |
46 | #define BS_RETRY_TIMEOUT 0x41 /* DMA retry timeout */ |
47 | |
48 | #define UBS_PCI_RTY_SHIFT 8 |
49 | #define UBS_PCI_RTY_MASK 0xff |
50 | #define UBS_PCI_RTY(misc) \ |
51 | (((misc) >> UBS_PCI_RTY_SHIFT) & UBS_PCI_RTY_MASK) |
52 | |
53 | #define UBS_PCI_TOUT_SHIFT 0 |
54 | #define UBS_PCI_TOUT_MASK 0xff |
55 | #define UBS_PCI_TOUT(misc) \ |
56 | (((misc) >> PCI_TOUT_SHIFT) & PCI_TOUT_MASK) |
57 | |
58 | /* |
59 | * DMA Control & Status Registers (offset from BS_BAR) |
60 | */ |
61 | #define BS_MCR1 0x00 /* DMA Master Command Record 1 */ |
62 | #define BS_CTRL 0x04 /* DMA Control */ |
63 | #define BS_STAT 0x08 /* DMA Status */ |
64 | #define BS_ERR 0x0c /* DMA Error Address */ |
65 | #define BS_MCR2 0x10 /* DMA Master Command Record 2 */ |
66 | #define BS_MCR3 0x0014 /* 5827+, DMA Master Command Record 3 */ |
67 | #define BS_MCR4 0x001c /* 5827+, DMA Master Command Record 4 */ |
68 | #define BS_CFG 0x0700 /* 5827+, Configuration Register */ |
69 | #define BS_INT 0x0f00 /* 5827+, Interrupt Register */ |
70 | |
71 | /* BS_CTRL - DMA Control */ |
72 | #define BS_CTRL_RESET 0x80000000 /* hardware reset, 5805/5820 */ |
73 | #define BS_CTRL_MCR2INT 0x40000000 /* enable intr MCR for MCR2 */ |
74 | #define BS_CTRL_MCR1INT 0x20000000 /* enable intr MCR for MCR1 */ |
75 | #define BS_CTRL_OFM 0x10000000 /* Output fragment mode */ |
76 | #define BS_CTRL_BE32 0x08000000 /* big-endian, 32bit bytes */ |
77 | #define BS_CTRL_BE64 0x04000000 /* big-endian, 64bit bytes */ |
78 | #define BS_CTRL_DMAERR 0x02000000 /* enable intr DMA error */ |
79 | #define BS_CTRL_RNG_M 0x01800000 /* RNG mode */ |
80 | #define BS_CTRL_RNG_1 0x00000000 /* 1bit rn/one slow clock */ |
81 | #define BS_CTRL_RNG_4 0x00800000 /* 1bit rn/four slow clocks */ |
82 | #define BS_CTRL_RNG_8 0x01000000 /* 1bit rn/eight slow clocks */ |
83 | #define BS_CTRL_RNG_16 0x01800000 /* 1bit rn/16 slow clocks */ |
84 | #define BS_CTRL_SWNORM 0x00400000 /* 582[01], sw normalization */ |
85 | #define BS_CTRL_MCR3INT 0x00400000 /* 5827+, intr for MCR3 */ |
86 | #define BS_CTRL_MCR4INT 0x00200000 /* 5827+, intr for MCR4 */ |
87 | #define BS_CTRL_BSIZE240 0x000f0000 /* 5827+, burst size 240 */ |
88 | #define BS_CTRL_FRAG_M 0x0000ffff /* output fragment size mask */ |
89 | #define BS_CTRL_LITTLE_ENDIAN (BS_CTRL_BE32 | BS_CTRL_BE64) |
90 | |
91 | /* BS_STAT - DMA Status */ |
92 | #define BS_STAT_MCR1_BUSY 0x80000000 /* MCR1 is busy */ |
93 | #define BS_STAT_MCR1_FULL 0x40000000 /* MCR1 is full */ |
94 | #define BS_STAT_MCR1_DONE 0x20000000 /* MCR1 is done */ |
95 | #define BS_STAT_DMAERR 0x10000000 /* DMA error */ |
96 | #define BS_STAT_MCR2_FULL 0x08000000 /* MCR2 is full */ |
97 | #define BS_STAT_MCR2_DONE 0x04000000 /* MCR2 is done */ |
98 | #define BS_STAT_MCR1_ALLEMPTY 0x02000000 /* 5821, MCR1 is empty */ |
99 | #define BS_STAT_MCR2_ALLEMPTY 0x01000000 /* 5821, MCR2 is empty */ |
100 | #define BS_STAT_MCR3_ALLEMPTY 0x00800000 /* 5827+, MCR3 is empty */ |
101 | #define BS_STAT_MCR4_ALLEMPTY 0x00400000 /* 5827+, MCR4 is empty */ |
102 | #define BS_STAT_MCR3_FULL 0x00080000 /* 5827+, MCR3 is full */ |
103 | #define BS_STAT_MCR3_DONE 0x00040000 /* 5827+, MCR3 is done */ |
104 | #define BS_STAT_MCR4_FULL 0x00020000 /* 5827+, MCR4 is full */ |
105 | #define BS_STAT_MCR4_DONE 0x00010000 /* 5827+, MCR4 is done */ |
106 | |
107 | /* BS_ERR - DMA Error Address */ |
108 | #define BS_ERR_ADDR 0xfffffffc /* error address mask */ |
109 | #define BS_ERR_READ 0x00000002 /* fault was on read */ |
110 | |
111 | /* BS_CFG */ |
112 | #define BS_CFG_RNG 0x00000001 /* 5827+, enable RNG */ |
113 | |
114 | /* BS_INT */ |
115 | #define BS_INT_DMAINT 0x80000000 /* 5827+, enable DMA intr */ |
116 | |
117 | /* DES/3DES */ |
118 | struct ubsec_pktctx { |
119 | u_int32_t pc_deskey[6]; /* 3DES key */ |
120 | u_int32_t pc_hminner[5]; /* hmac inner state */ |
121 | u_int32_t pc_hmouter[5]; /* hmac outer state */ |
122 | u_int32_t pc_iv[2]; /* [3]DES iv */ |
123 | u_int16_t pc_flags; /* flags, below */ |
124 | u_int16_t pc_offset; /* crypto offset */ |
125 | }; |
126 | #define UBS_PKTCTX_ENC_3DES 0x8000 /* use 3des */ |
127 | #define UBS_PKTCTX_ENC_NONE 0x0000 /* no encryption */ |
128 | #define UBS_PKTCTX_INBOUND 0x4000 /* inbound packet */ |
129 | #define UBS_PKTCTX_AUTH 0x3000 /* authentication mask */ |
130 | #define UBS_PKTCTX_AUTH_NONE 0x0000 /* no authentication */ |
131 | #define UBS_PKTCTX_AUTH_MD5 0x1000 /* use hmac-md5 */ |
132 | #define UBS_PKTCTX_AUTH_SHA1 0x2000 /* use hmac-sha1 */ |
133 | |
134 | /* "Long" cryptographic operations on newer chipsets */ |
135 | #define UBS_PKTCTX_TYPE_IPSEC_3DES 0x0000 |
136 | #define UBS_PKTCTX_TYPE_IPSEC_AES 0x0040 |
137 | |
138 | struct ubsec_pktctx_hdr { |
139 | volatile u_int16_t ph_len; /* length of ctx struct */ |
140 | volatile u_int16_t ph_type; /* context type, 0 */ |
141 | volatile u_int16_t ph_flags; /* flags, same as above */ |
142 | volatile u_int16_t ph_offset; /* crypto/auth offset */ |
143 | }; |
144 | |
145 | /* Long version of DES/3DES */ |
146 | struct ubsec_pktctx_3des { |
147 | struct ubsec_pktctx_hdr pc_hdr; /* Common header */ |
148 | volatile u_int32_t pc_deskey[6]; /* 3DES key */ |
149 | volatile u_int32_t pc_iv[2]; /* [3]DES iv */ |
150 | volatile u_int32_t pc_hminner[5]; /* hmac inner state */ |
151 | volatile u_int32_t pc_hmouter[5]; /* hmac outer state */ |
152 | }; |
153 | |
154 | /* AES uses different structures for each supported key size */ |
155 | struct ubsec_pktctx_aes128 { |
156 | struct ubsec_pktctx_hdr pc_hdr; /* Common header */ |
157 | volatile u_int32_t pc_aeskey[4]; /* AES128 key */ |
158 | volatile u_int32_t pc_iv[4]; /* AES iv/ucv */ |
159 | volatile u_int32_t pc_hminner[5]; /* hmac inner state */ |
160 | volatile u_int32_t pc_hmouter[5]; /* hmac outer state */ |
161 | }; |
162 | |
163 | struct ubsec_pktctx_aes192 { |
164 | struct ubsec_pktctx_hdr pc_hdr; /* Common header */ |
165 | volatile u_int32_t pc_aeskey[6]; /* AES192 key */ |
166 | volatile u_int32_t pc_iv[4]; /* AES iv/icv */ |
167 | volatile u_int32_t pc_hminner[5]; /* hmac inner state */ |
168 | volatile u_int32_t pc_hmouter[5]; /* hmac outer state */ |
169 | }; |
170 | |
171 | struct ubsec_pktctx_aes256 { |
172 | struct ubsec_pktctx_hdr pc_hdr; /* Common header */ |
173 | volatile u_int32_t pc_aeskey[8]; /* AES256 key */ |
174 | volatile u_int32_t pc_iv[4]; /* AES iv/icv */ |
175 | volatile u_int32_t pc_hminner[5]; /* hmac inner state */ |
176 | volatile u_int32_t pc_hmouter[5]; /* hmac outer state */ |
177 | }; |
178 | #define UBS_PKTCTX_ENC_AES 0x8000 /* use aes */ |
179 | #define UBS_PKTCTX_MODE_CBC 0x0000 /* Cipher Block Chaining mode */ |
180 | #define UBS_PKTCTX_MODE_CTR 0x0400 /* Counter mode */ |
181 | #define UBS_PKTCTX_KEYSIZE_128 0x0000 /* AES128 */ |
182 | #define UBS_PKTCTX_KEYSIZE_192 0x0100 /* AES192 */ |
183 | #define UBS_PKTCTX_KEYSIZE_256 0x0200 /* AES256 */ |
184 | |
185 | struct ubsec_pktbuf { |
186 | volatile u_int32_t pb_addr; /* address of buffer start */ |
187 | volatile u_int32_t pb_next; /* pointer to next pktbuf */ |
188 | volatile u_int32_t pb_len; /* packet length */ |
189 | }; |
190 | #define UBS_PKTBUF_LEN 0x0000ffff /* length mask */ |
191 | |
192 | struct ubsec_mcr { |
193 | volatile u_int16_t mcr_pkts; /* #pkts in this mcr */ |
194 | volatile u_int16_t mcr_flags; /* mcr flags (below) */ |
195 | volatile u_int32_t mcr_cmdctxp; /* command ctx pointer */ |
196 | struct ubsec_pktbuf mcr_ipktbuf; /* input chain header */ |
197 | volatile u_int16_t mcr_reserved; |
198 | volatile u_int16_t mcr_pktlen; |
199 | struct ubsec_pktbuf mcr_opktbuf; /* output chain header */ |
200 | }; |
201 | |
202 | struct ubsec_mcr_add { |
203 | volatile u_int32_t mcr_cmdctxp; /* command ctx pointer */ |
204 | struct ubsec_pktbuf mcr_ipktbuf; /* input chain header */ |
205 | volatile u_int16_t mcr_reserved; |
206 | volatile u_int16_t mcr_pktlen; |
207 | struct ubsec_pktbuf mcr_opktbuf; /* output chain header */ |
208 | }; |
209 | |
210 | #define UBS_MCR_DONE 0x0001 /* mcr has been processed */ |
211 | #define UBS_MCR_ERROR 0x0002 /* error in processing */ |
212 | #define UBS_MCR_ERRORCODE 0xff00 /* error type */ |
213 | |
214 | struct ubsec_ctx_keyop { |
215 | volatile u_int16_t ctx_len; /* command length */ |
216 | volatile u_int16_t ctx_op; /* operation code */ |
217 | volatile u_int8_t ctx_pad[60]; /* padding */ |
218 | }; |
219 | #define UBS_CTXOP_DHPKGEN 0x01 /* dh public key generation */ |
220 | #define UBS_CTXOP_DHSSGEN 0x02 /* dh shared secret gen. */ |
221 | #define UBS_CTXOP_RSAPUB 0x03 /* rsa public key op */ |
222 | #define UBS_CTXOP_RSAPRIV 0x04 /* rsa private key op */ |
223 | #define UBS_CTXOP_DSASIGN 0x05 /* dsa signing op */ |
224 | #define UBS_CTXOP_DSAVRFY 0x06 /* dsa verification */ |
225 | #define UBS_CTXOP_RNGBYPASS 0x41 /* rng direct test mode */ |
226 | #define UBS_CTXOP_RNGSHA1 0x42 /* rng sha1 test mode */ |
227 | #define UBS_CTXOP_MODADD 0x43 /* modular addition */ |
228 | #define UBS_CTXOP_MODSUB 0x44 /* modular subtraction */ |
229 | #define UBS_CTXOP_MODMUL 0x45 /* modular multiplication */ |
230 | #define UBS_CTXOP_MODRED 0x46 /* modular reduction */ |
231 | #define UBS_CTXOP_MODEXP 0x47 /* modular exponentiation */ |
232 | #define UBS_CTXOP_MODINV 0x48 /* modular inverse */ |
233 | |
234 | struct ubsec_ctx_rngbypass { |
235 | volatile u_int16_t rbp_len; /* command length, 64 */ |
236 | volatile u_int16_t rbp_op; /* rng bypass, 0x41 */ |
237 | volatile u_int8_t rbp_pad[60]; /* padding */ |
238 | }; |
239 | |
240 | /* modexp: C = (M ^ E) mod N */ |
241 | struct ubsec_ctx_modexp { |
242 | volatile u_int16_t me_len; /* command length */ |
243 | volatile u_int16_t me_op; /* modexp, 0x47 */ |
244 | volatile u_int16_t me_E_len; /* E (bits) */ |
245 | volatile u_int16_t me_N_len; /* N (bits) */ |
246 | u_int8_t me_N[2048/8]; /* N */ |
247 | }; |
248 | |
249 | struct ubsec_ctx_rsapriv { |
250 | volatile u_int16_t rpr_len; /* command length */ |
251 | volatile u_int16_t rpr_op; /* rsaprivate, 0x04 */ |
252 | volatile u_int16_t rpr_q_len; /* q (bits) */ |
253 | volatile u_int16_t rpr_p_len; /* p (bits) */ |
254 | u_int8_t rpr_buf[5 * 1024 / 8]; /* parameters: */ |
255 | /* p, q, dp, dq, pinv */ |
256 | }; |
257 | |
258 | #endif /* _DEV_PCI_UBSECREG_H */ |
259 | |