1 /*
2  * Copyright (c) 2023-2024, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #ifndef RSE_CRYPTO_DEFS_H
9 #define RSE_CRYPTO_DEFS_H
10 
11 /* Declares types that encode errors, algorithms, key types, policies, etc. */
12 #include "psa/crypto_types.h"
13 
14 /*
15  * Value identifying export public key function API, used to dispatch the request
16  * to the corresponding API implementation in the Crypto service backend.
17  *
18  */
19 #define RSE_CRYPTO_EXPORT_PUBLIC_KEY_SID	(uint16_t)(0x701)
20 
21 /*
22  * The persistent key identifiers for RSE builtin keys.
23  */
24 enum rse_key_id_builtin_t {
25 	RSE_BUILTIN_KEY_ID_HOST_S_ROTPK = 0x7FFF816Cu,
26 	RSE_BUILTIN_KEY_ID_HOST_NS_ROTPK,
27 	RSE_BUILTIN_KEY_ID_HOST_CCA_ROTPK,
28 };
29 
30 /*
31  * This type is used to overcome a limitation within RSE firmware in the number of maximum
32  * IOVECs it can use especially in psa_aead_encrypt and psa_aead_decrypt.
33  */
34 #define RSE_CRYPTO_MAX_NONCE_LENGTH (16u)
35 struct rse_crypto_aead_pack_input {
36 	uint8_t nonce[RSE_CRYPTO_MAX_NONCE_LENGTH];
37 	uint32_t nonce_length;
38 };
39 
40 /*
41  * Structure used to pack non-pointer types in a call to PSA Crypto APIs
42  */
43 struct rse_crypto_pack_iovec {
44 	psa_key_id_t key_id;		/* !< Key id */
45 	psa_algorithm_t alg;		/* !< Algorithm */
46 	uint32_t op_handle;		/*
47 					 * !< Frontend context handle
48 					 * associated to a multipart operation
49 					 */
50 	uint32_t ad_length;		/*
51 					 * !< Additional Data length for
52 					 *    multipart AEAD
53 					 */
54 	uint32_t plaintext_length;	/*
55 					 * !< Plaintext length for multipart
56 					 *    AEAD
57 					 */
58 
59 	struct rse_crypto_aead_pack_input aead_in; /*
60 						    * !< Packs AEAD-related
61 						    *    inputs
62 						    */
63 
64 	uint16_t function_id;	/*
65 				 * !< Used to identify the function in the
66 				 *    API dispatcher to the service backend
67 				 *    See rse_crypto_func_sid for detail
68 				 */
69 	uint16_t step;		/* !< Key derivation step */
70 	union {
71 		size_t capacity;	/* !< Key derivation capacity */
72 		uint64_t value;		/*
73 					 * !< Key derivation integer for
74 					 *    update
75 					 */
76 	};
77 };
78 
79 #endif /* RSE_CRYPTO_DEFS_H */
80