[linux-block.git] / include / uapi / linux / tls.h

/* SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR Linux-OpenIB) */
/*
 * Copyright (c) 2016-2017, Mellanox Technologies. All rights reserved.
 *
 * This software is available to you under a choice of one of two
 * licenses.  You may choose to be licensed under the terms of the GNU
 * General Public License (GPL) Version 2, available from the file
 * COPYING in the main directory of this source tree, or the
 * OpenIB.org BSD license below:
 *
 *     Redistribution and use in source and binary forms, with or
 *     without modification, are permitted provided that the following
 *     conditions are met:
 *
 *      - Redistributions of source code must retain the above
 *        copyright notice, this list of conditions and the following
 *        disclaimer.
 *
 *      - Redistributions in binary form must reproduce the above
 *        copyright notice, this list of conditions and the following
 *        disclaimer in the documentation and/or other materials
 *        provided with the distribution.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 */

#ifndef _UAPI_LINUX_TLS_H
#define _UAPI_LINUX_TLS_H

#include <linux/types.h>

/* TLS socket options */
#define TLS_TX			1	/* Set transmit parameters */
#define TLS_RX			2	/* Set receive parameters */
#define TLS_TX_ZEROCOPY_RO	3	/* TX zerocopy (only sendfile now) */
#define TLS_RX_EXPECT_NO_PAD	4	/* Attempt opportunistic zero-copy */

/* Supported versions */
#define TLS_VERSION_MINOR(ver)	((ver) & 0xFF)
#define TLS_VERSION_MAJOR(ver)	(((ver) >> 8) & 0xFF)

#define TLS_VERSION_NUMBER(id)	((((id##_VERSION_MAJOR) & 0xFF) << 8) |	\
				 ((id##_VERSION_MINOR) & 0xFF))

#define TLS_1_2_VERSION_MAJOR	0x3
#define TLS_1_2_VERSION_MINOR	0x3
#define TLS_1_2_VERSION		TLS_VERSION_NUMBER(TLS_1_2)

#define TLS_1_3_VERSION_MAJOR	0x3
#define TLS_1_3_VERSION_MINOR	0x4
#define TLS_1_3_VERSION		TLS_VERSION_NUMBER(TLS_1_3)

/* Supported ciphers */
#define TLS_CIPHER_AES_GCM_128				51
#define TLS_CIPHER_AES_GCM_128_IV_SIZE			8
#define TLS_CIPHER_AES_GCM_128_KEY_SIZE		16
#define TLS_CIPHER_AES_GCM_128_SALT_SIZE		4
#define TLS_CIPHER_AES_GCM_128_TAG_SIZE		16
#define TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE		8

#define TLS_CIPHER_AES_GCM_256				52
#define TLS_CIPHER_AES_GCM_256_IV_SIZE			8
#define TLS_CIPHER_AES_GCM_256_KEY_SIZE		32
#define TLS_CIPHER_AES_GCM_256_SALT_SIZE		4
#define TLS_CIPHER_AES_GCM_256_TAG_SIZE		16
#define TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE		8

#define TLS_CIPHER_AES_CCM_128				53
#define TLS_CIPHER_AES_CCM_128_IV_SIZE			8
#define TLS_CIPHER_AES_CCM_128_KEY_SIZE		16
#define TLS_CIPHER_AES_CCM_128_SALT_SIZE		4
#define TLS_CIPHER_AES_CCM_128_TAG_SIZE		16
#define TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE		8

#define TLS_CIPHER_CHACHA20_POLY1305			54
#define TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE		12
#define TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE	32
#define TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE		0
#define TLS_CIPHER_CHACHA20_POLY1305_TAG_SIZE	16
#define TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE	8

#define TLS_CIPHER_SM4_GCM				55
#define TLS_CIPHER_SM4_GCM_IV_SIZE			8
#define TLS_CIPHER_SM4_GCM_KEY_SIZE		16
#define TLS_CIPHER_SM4_GCM_SALT_SIZE		4
#define TLS_CIPHER_SM4_GCM_TAG_SIZE		16
#define TLS_CIPHER_SM4_GCM_REC_SEQ_SIZE		8

#define TLS_CIPHER_SM4_CCM				56
#define TLS_CIPHER_SM4_CCM_IV_SIZE			8
#define TLS_CIPHER_SM4_CCM_KEY_SIZE		16
#define TLS_CIPHER_SM4_CCM_SALT_SIZE		4
#define TLS_CIPHER_SM4_CCM_TAG_SIZE		16
#define TLS_CIPHER_SM4_CCM_REC_SEQ_SIZE		8

#define TLS_SET_RECORD_TYPE	1
#define TLS_GET_RECORD_TYPE	2

struct tls_crypto_info {
	__u16 version;
	__u16 cipher_type;
};

struct tls12_crypto_info_aes_gcm_128 {
	struct tls_crypto_info info;
	unsigned char iv[TLS_CIPHER_AES_GCM_128_IV_SIZE];
	unsigned char key[TLS_CIPHER_AES_GCM_128_KEY_SIZE];
	unsigned char salt[TLS_CIPHER_AES_GCM_128_SALT_SIZE];
	unsigned char rec_seq[TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE];
};

struct tls12_crypto_info_aes_gcm_256 {
	struct tls_crypto_info info;
	unsigned char iv[TLS_CIPHER_AES_GCM_256_IV_SIZE];
	unsigned char key[TLS_CIPHER_AES_GCM_256_KEY_SIZE];
	unsigned char salt[TLS_CIPHER_AES_GCM_256_SALT_SIZE];
	unsigned char rec_seq[TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE];
};

struct tls12_crypto_info_aes_ccm_128 {
	struct tls_crypto_info info;
	unsigned char iv[TLS_CIPHER_AES_CCM_128_IV_SIZE];
	unsigned char key[TLS_CIPHER_AES_CCM_128_KEY_SIZE];
	unsigned char salt[TLS_CIPHER_AES_CCM_128_SALT_SIZE];
	unsigned char rec_seq[TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE];
};

struct tls12_crypto_info_chacha20_poly1305 {
	struct tls_crypto_info info;
	unsigned char iv[TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE];
	unsigned char key[TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE];
	unsigned char salt[TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE];
	unsigned char rec_seq[TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE];
};

struct tls12_crypto_info_sm4_gcm {
	struct tls_crypto_info info;
	unsigned char iv[TLS_CIPHER_SM4_GCM_IV_SIZE];
	unsigned char key[TLS_CIPHER_SM4_GCM_KEY_SIZE];
	unsigned char salt[TLS_CIPHER_SM4_GCM_SALT_SIZE];
	unsigned char rec_seq[TLS_CIPHER_SM4_GCM_REC_SEQ_SIZE];
};

struct tls12_crypto_info_sm4_ccm {
	struct tls_crypto_info info;
	unsigned char iv[TLS_CIPHER_SM4_CCM_IV_SIZE];
	unsigned char key[TLS_CIPHER_SM4_CCM_KEY_SIZE];
	unsigned char salt[TLS_CIPHER_SM4_CCM_SALT_SIZE];
	unsigned char rec_seq[TLS_CIPHER_SM4_CCM_REC_SEQ_SIZE];
};

enum {
	TLS_INFO_UNSPEC,
	TLS_INFO_VERSION,
	TLS_INFO_CIPHER,
	TLS_INFO_TXCONF,
	TLS_INFO_RXCONF,
	TLS_INFO_ZC_RO_TX,
	TLS_INFO_RX_NO_PAD,
	__TLS_INFO_MAX,
};
#define TLS_INFO_MAX (__TLS_INFO_MAX - 1)

#define TLS_CONF_BASE 1
#define TLS_CONF_SW 2
#define TLS_CONF_HW 3
#define TLS_CONF_HW_RECORD 4

#endif /* _UAPI_LINUX_TLS_H */
Commit	Line	Data
d50e14ab	1	/* SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR Linux-OpenIB) */
3c4d7559 DW	2	/*
	3	* Copyright (c) 2016-2017, Mellanox Technologies. All rights reserved.
	4	*
	5	* This software is available to you under a choice of one of two
	6	* licenses. You may choose to be licensed under the terms of the GNU
	7	* General Public License (GPL) Version 2, available from the file
	8	* COPYING in the main directory of this source tree, or the
	9	* OpenIB.org BSD license below:
	10	*
	11	* Redistribution and use in source and binary forms, with or
	12	* without modification, are permitted provided that the following
	13	* conditions are met:
	14	*
	15	* - Redistributions of source code must retain the above
	16	* copyright notice, this list of conditions and the following
	17	* disclaimer.
	18	*
	19	* - Redistributions in binary form must reproduce the above
	20	* copyright notice, this list of conditions and the following
	21	* disclaimer in the documentation and/or other materials
	22	* provided with the distribution.
	23	*
	24	* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
	25	* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
	26	* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
	27	* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
	28	* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
	29	* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
	30	* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
	31	* SOFTWARE.
	32	*/
	33
	34	#ifndef _UAPI_LINUX_TLS_H
	35	#define _UAPI_LINUX_TLS_H
	36
	37	#include <linux/types.h>
3c4d7559 DW	38
	39	/* TLS socket options */
	40	#define TLS_TX 1 /* Set transmit parameters */
c46234eb	41	#define TLS_RX 2 /* Set receive parameters */
b489a6e5	42	#define TLS_TX_ZEROCOPY_RO 3 /* TX zerocopy (only sendfile now) */
88527790	43	#define TLS_RX_EXPECT_NO_PAD 4 /* Attempt opportunistic zero-copy */
3c4d7559 DW	44
	45	/* Supported versions */
	46	#define TLS_VERSION_MINOR(ver) ((ver) & 0xFF)
	47	#define TLS_VERSION_MAJOR(ver) (((ver) >> 8) & 0xFF)
	48
	49	#define TLS_VERSION_NUMBER(id) ((((id##_VERSION_MAJOR) & 0xFF) << 8) \| \
	50	((id##_VERSION_MINOR) & 0xFF))
	51
	52	#define TLS_1_2_VERSION_MAJOR 0x3
	53	#define TLS_1_2_VERSION_MINOR 0x3
	54	#define TLS_1_2_VERSION TLS_VERSION_NUMBER(TLS_1_2)
	55
130b392c DW	56	#define TLS_1_3_VERSION_MAJOR 0x3
	57	#define TLS_1_3_VERSION_MINOR 0x4
	58	#define TLS_1_3_VERSION TLS_VERSION_NUMBER(TLS_1_3)
	59
3c4d7559 DW	60	/* Supported ciphers */
	61	#define TLS_CIPHER_AES_GCM_128 51
	62	#define TLS_CIPHER_AES_GCM_128_IV_SIZE 8
	63	#define TLS_CIPHER_AES_GCM_128_KEY_SIZE 16
	64	#define TLS_CIPHER_AES_GCM_128_SALT_SIZE 4
	65	#define TLS_CIPHER_AES_GCM_128_TAG_SIZE 16
	66	#define TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE 8
	67
fb99bce7 DW	68	#define TLS_CIPHER_AES_GCM_256 52
	69	#define TLS_CIPHER_AES_GCM_256_IV_SIZE 8
	70	#define TLS_CIPHER_AES_GCM_256_KEY_SIZE 32
	71	#define TLS_CIPHER_AES_GCM_256_SALT_SIZE 4
	72	#define TLS_CIPHER_AES_GCM_256_TAG_SIZE 16
	73	#define TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE 8
	74
f295b3ae VG	75	#define TLS_CIPHER_AES_CCM_128 53
	76	#define TLS_CIPHER_AES_CCM_128_IV_SIZE 8
	77	#define TLS_CIPHER_AES_CCM_128_KEY_SIZE 16
	78	#define TLS_CIPHER_AES_CCM_128_SALT_SIZE 4
	79	#define TLS_CIPHER_AES_CCM_128_TAG_SIZE 16
	80	#define TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE 8
	81
923c40c4 VF	82	#define TLS_CIPHER_CHACHA20_POLY1305 54
	83	#define TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE 12
	84	#define TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE 32
	85	#define TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE 0
	86	#define TLS_CIPHER_CHACHA20_POLY1305_TAG_SIZE 16
	87	#define TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE 8
	88
227b9644 TZ	89	#define TLS_CIPHER_SM4_GCM 55
	90	#define TLS_CIPHER_SM4_GCM_IV_SIZE 8
	91	#define TLS_CIPHER_SM4_GCM_KEY_SIZE 16
	92	#define TLS_CIPHER_SM4_GCM_SALT_SIZE 4
	93	#define TLS_CIPHER_SM4_GCM_TAG_SIZE 16
	94	#define TLS_CIPHER_SM4_GCM_REC_SEQ_SIZE 8
	95
	96	#define TLS_CIPHER_SM4_CCM 56
	97	#define TLS_CIPHER_SM4_CCM_IV_SIZE 8
	98	#define TLS_CIPHER_SM4_CCM_KEY_SIZE 16
	99	#define TLS_CIPHER_SM4_CCM_SALT_SIZE 4
	100	#define TLS_CIPHER_SM4_CCM_TAG_SIZE 16
	101	#define TLS_CIPHER_SM4_CCM_REC_SEQ_SIZE 8
	102
3c4d7559	103	#define TLS_SET_RECORD_TYPE 1
c46234eb	104	#define TLS_GET_RECORD_TYPE 2
3c4d7559 DW	105
	106	struct tls_crypto_info {
	107	__u16 version;
	108	__u16 cipher_type;
	109	};
	110
	111	struct tls12_crypto_info_aes_gcm_128 {
	112	struct tls_crypto_info info;
	113	unsigned char iv[TLS_CIPHER_AES_GCM_128_IV_SIZE];
	114	unsigned char key[TLS_CIPHER_AES_GCM_128_KEY_SIZE];
	115	unsigned char salt[TLS_CIPHER_AES_GCM_128_SALT_SIZE];
	116	unsigned char rec_seq[TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE];
	117	};
	118
fb99bce7 DW	119	struct tls12_crypto_info_aes_gcm_256 {
	120	struct tls_crypto_info info;
	121	unsigned char iv[TLS_CIPHER_AES_GCM_256_IV_SIZE];
	122	unsigned char key[TLS_CIPHER_AES_GCM_256_KEY_SIZE];
	123	unsigned char salt[TLS_CIPHER_AES_GCM_256_SALT_SIZE];
	124	unsigned char rec_seq[TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE];
	125	};
	126
f295b3ae VG	127	struct tls12_crypto_info_aes_ccm_128 {
	128	struct tls_crypto_info info;
	129	unsigned char iv[TLS_CIPHER_AES_CCM_128_IV_SIZE];
	130	unsigned char key[TLS_CIPHER_AES_CCM_128_KEY_SIZE];
	131	unsigned char salt[TLS_CIPHER_AES_CCM_128_SALT_SIZE];
	132	unsigned char rec_seq[TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE];
	133	};
	134
923c40c4 VF	135	struct tls12_crypto_info_chacha20_poly1305 {
	136	struct tls_crypto_info info;
	137	unsigned char iv[TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE];
	138	unsigned char key[TLS_CIPHER_CHACHA20_POLY1305_KEY_SIZE];
	139	unsigned char salt[TLS_CIPHER_CHACHA20_POLY1305_SALT_SIZE];
	140	unsigned char rec_seq[TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE];
	141	};
	142
227b9644 TZ	143	struct tls12_crypto_info_sm4_gcm {
	144	struct tls_crypto_info info;
	145	unsigned char iv[TLS_CIPHER_SM4_GCM_IV_SIZE];
	146	unsigned char key[TLS_CIPHER_SM4_GCM_KEY_SIZE];
	147	unsigned char salt[TLS_CIPHER_SM4_GCM_SALT_SIZE];
	148	unsigned char rec_seq[TLS_CIPHER_SM4_GCM_REC_SEQ_SIZE];
	149	};
	150
	151	struct tls12_crypto_info_sm4_ccm {
	152	struct tls_crypto_info info;
	153	unsigned char iv[TLS_CIPHER_SM4_CCM_IV_SIZE];
	154	unsigned char key[TLS_CIPHER_SM4_CCM_KEY_SIZE];
	155	unsigned char salt[TLS_CIPHER_SM4_CCM_SALT_SIZE];
	156	unsigned char rec_seq[TLS_CIPHER_SM4_CCM_REC_SEQ_SIZE];
	157	};
	158
26811cc9 DC	159	enum {
	160	TLS_INFO_UNSPEC,
	161	TLS_INFO_VERSION,
	162	TLS_INFO_CIPHER,
	163	TLS_INFO_TXCONF,
	164	TLS_INFO_RXCONF,
b489a6e5	165	TLS_INFO_ZC_RO_TX,
88527790	166	TLS_INFO_RX_NO_PAD,
26811cc9 DC	167	__TLS_INFO_MAX,
	168	};
	169	#define TLS_INFO_MAX (__TLS_INFO_MAX - 1)
	170
	171	#define TLS_CONF_BASE 1
	172	#define TLS_CONF_SW 2
	173	#define TLS_CONF_HW 3
	174	#define TLS_CONF_HW_RECORD 4
	175
3c4d7559	176	#endif /* _UAPI_LINUX_TLS_H */