blob: d2e33a90825b4d358783879935e0a64df0192541 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -07001/*
2 * Scatterlist Cryptographic API.
3 *
4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
5 * Copyright (c) 2002 David S. Miller (davem@redhat.com)
Herbert Xu5cb1454b2005-11-05 16:58:14 +11006 * Copyright (c) 2005 Herbert Xu <herbert@gondor.apana.org.au>
Linus Torvalds1da177e2005-04-16 15:20:36 -07007 *
8 * Portions derived from Cryptoapi, by Alexander Kjeldaas <astor@fast.no>
John Anthony Kazos Jr18735dd2007-10-19 23:07:36 +02009 * and Nettle, by Niels Möller.
Linus Torvalds1da177e2005-04-16 15:20:36 -070010 *
11 * This program is free software; you can redistribute it and/or modify it
12 * under the terms of the GNU General Public License as published by the Free
13 * Software Foundation; either version 2 of the License, or (at your option)
14 * any later version.
15 *
16 */
17#ifndef _LINUX_CRYPTO_H
18#define _LINUX_CRYPTO_H
19
Arun Sharma600634972011-07-26 16:09:06 -070020#include <linux/atomic.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070021#include <linux/kernel.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070022#include <linux/list.h>
Paul Gortmaker187f1882011-11-23 20:12:59 -050023#include <linux/bug.h>
Herbert Xu79911102006-08-21 21:03:52 +100024#include <linux/slab.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070025#include <linux/string.h>
Herbert Xu79911102006-08-21 21:03:52 +100026#include <linux/uaccess.h>
Gilad Ben-Yossefada69a12017-10-18 08:00:38 +010027#include <linux/completion.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -070028
29/*
Kees Cook5d26a102014-11-20 17:05:53 -080030 * Autoloaded crypto modules should only use a prefixed name to avoid allowing
31 * arbitrary modules to be loaded. Loading from userspace may still need the
32 * unprefixed names, so retains those aliases as well.
33 * This uses __MODULE_INFO directly instead of MODULE_ALIAS because pre-4.3
34 * gcc (e.g. avr32 toolchain) uses __LINE__ for uniqueness, and this macro
35 * expands twice on the same line. Instead, use a separate base name for the
36 * alias.
37 */
38#define MODULE_ALIAS_CRYPTO(name) \
39 __MODULE_INFO(alias, alias_userspace, name); \
40 __MODULE_INFO(alias, alias_crypto, "crypto-" name)
41
42/*
Linus Torvalds1da177e2005-04-16 15:20:36 -070043 * Algorithm masks and types.
44 */
Herbert Xu28259822006-08-06 21:23:26 +100045#define CRYPTO_ALG_TYPE_MASK 0x0000000f
Linus Torvalds1da177e2005-04-16 15:20:36 -070046#define CRYPTO_ALG_TYPE_CIPHER 0x00000001
Loc Ho004a4032008-05-14 20:41:47 +080047#define CRYPTO_ALG_TYPE_COMPRESS 0x00000002
48#define CRYPTO_ALG_TYPE_AEAD 0x00000003
Herbert Xu055bcee2006-08-19 22:24:23 +100049#define CRYPTO_ALG_TYPE_BLKCIPHER 0x00000004
Herbert Xu332f88402007-11-15 22:36:07 +080050#define CRYPTO_ALG_TYPE_ABLKCIPHER 0x00000005
Herbert Xu4e6c3df2016-07-12 13:17:31 +080051#define CRYPTO_ALG_TYPE_SKCIPHER 0x00000005
Herbert Xu61da88e2007-12-17 21:51:27 +080052#define CRYPTO_ALG_TYPE_GIVCIPHER 0x00000006
Salvatore Benedetto4e5f2c42016-06-22 17:49:13 +010053#define CRYPTO_ALG_TYPE_KPP 0x00000008
Giovanni Cabiddu2ebda742016-10-21 13:19:47 +010054#define CRYPTO_ALG_TYPE_ACOMPRESS 0x0000000a
Giovanni Cabiddu1ab53a72016-10-21 13:19:48 +010055#define CRYPTO_ALG_TYPE_SCOMPRESS 0x0000000b
Neil Horman17f0f4a2008-08-14 22:15:52 +100056#define CRYPTO_ALG_TYPE_RNG 0x0000000c
Tadeusz Struk3c339ab2015-06-16 10:30:55 -070057#define CRYPTO_ALG_TYPE_AKCIPHER 0x0000000d
Giovanni Cabiddu63044c42016-06-02 13:28:55 +010058#define CRYPTO_ALG_TYPE_DIGEST 0x0000000e
59#define CRYPTO_ALG_TYPE_HASH 0x0000000e
60#define CRYPTO_ALG_TYPE_SHASH 0x0000000e
61#define CRYPTO_ALG_TYPE_AHASH 0x0000000f
Herbert Xu055bcee2006-08-19 22:24:23 +100062
63#define CRYPTO_ALG_TYPE_HASH_MASK 0x0000000e
Giovanni Cabiddu63044c42016-06-02 13:28:55 +010064#define CRYPTO_ALG_TYPE_AHASH_MASK 0x0000000e
Herbert Xu332f88402007-11-15 22:36:07 +080065#define CRYPTO_ALG_TYPE_BLKCIPHER_MASK 0x0000000c
Giovanni Cabiddu1ab53a72016-10-21 13:19:48 +010066#define CRYPTO_ALG_TYPE_ACOMPRESS_MASK 0x0000000e
Linus Torvalds1da177e2005-04-16 15:20:36 -070067
Herbert Xu28259822006-08-06 21:23:26 +100068#define CRYPTO_ALG_LARVAL 0x00000010
Herbert Xu6bfd4802006-09-21 11:39:29 +100069#define CRYPTO_ALG_DEAD 0x00000020
70#define CRYPTO_ALG_DYING 0x00000040
Herbert Xuf3f632d2006-08-06 23:12:59 +100071#define CRYPTO_ALG_ASYNC 0x00000080
Herbert Xu28259822006-08-06 21:23:26 +100072
Linus Torvalds1da177e2005-04-16 15:20:36 -070073/*
Herbert Xu60104392006-08-26 18:34:10 +100074 * Set this bit if and only if the algorithm requires another algorithm of
75 * the same type to handle corner cases.
76 */
77#define CRYPTO_ALG_NEED_FALLBACK 0x00000100
78
79/*
Herbert Xuecfc4322007-12-05 21:08:36 +110080 * This bit is set for symmetric key ciphers that have already been wrapped
81 * with a generic IV generator to prevent them from being wrapped again.
82 */
83#define CRYPTO_ALG_GENIV 0x00000200
84
85/*
Herbert Xu73d38642008-08-03 21:15:23 +080086 * Set if the algorithm has passed automated run-time testing. Note that
87 * if there is no run-time testing for a given algorithm it is considered
88 * to have passed.
89 */
90
91#define CRYPTO_ALG_TESTED 0x00000400
92
93/*
Baruch Siach864e0982016-11-30 15:16:08 +020094 * Set if the algorithm is an instance that is built from templates.
Steffen Klassert64a947b2011-09-27 07:21:26 +020095 */
96#define CRYPTO_ALG_INSTANCE 0x00000800
97
Nikos Mavrogiannopoulosd912bb72011-11-01 13:39:56 +010098/* Set this bit if the algorithm provided is hardware accelerated but
99 * not available to userspace via instruction set or so.
100 */
101#define CRYPTO_ALG_KERN_DRIVER_ONLY 0x00001000
102
Steffen Klassert64a947b2011-09-27 07:21:26 +0200103/*
Stephan Mueller06ca7f62015-03-30 21:55:52 +0200104 * Mark a cipher as a service implementation only usable by another
105 * cipher and never by a normal user of the kernel crypto API
106 */
107#define CRYPTO_ALG_INTERNAL 0x00002000
108
109/*
Eric Biggersa208fa82018-01-03 11:16:26 -0800110 * Set if the algorithm has a ->setkey() method but can be used without
111 * calling it first, i.e. there is a default key.
112 */
113#define CRYPTO_ALG_OPTIONAL_KEY 0x00004000
114
115/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700116 * Transform masks and values (for crt_flags).
117 */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700118#define CRYPTO_TFM_REQ_MASK 0x000fff00
119#define CRYPTO_TFM_RES_MASK 0xfff00000
120
Linus Torvalds1da177e2005-04-16 15:20:36 -0700121#define CRYPTO_TFM_REQ_WEAK_KEY 0x00000100
Herbert Xu64baf3c2005-09-01 17:43:05 -0700122#define CRYPTO_TFM_REQ_MAY_SLEEP 0x00000200
Herbert Xu32e3983f2007-03-24 14:35:34 +1100123#define CRYPTO_TFM_REQ_MAY_BACKLOG 0x00000400
Linus Torvalds1da177e2005-04-16 15:20:36 -0700124#define CRYPTO_TFM_RES_WEAK_KEY 0x00100000
125#define CRYPTO_TFM_RES_BAD_KEY_LEN 0x00200000
126#define CRYPTO_TFM_RES_BAD_KEY_SCHED 0x00400000
127#define CRYPTO_TFM_RES_BAD_BLOCK_LEN 0x00800000
128#define CRYPTO_TFM_RES_BAD_FLAGS 0x01000000
129
130/*
131 * Miscellaneous stuff.
132 */
Herbert Xuf437a3f2017-04-06 16:16:11 +0800133#define CRYPTO_MAX_ALG_NAME 128
Linus Torvalds1da177e2005-04-16 15:20:36 -0700134
Herbert Xu79911102006-08-21 21:03:52 +1000135/*
136 * The macro CRYPTO_MINALIGN_ATTR (along with the void * type in the actual
137 * declaration) is used to ensure that the crypto_tfm context structure is
138 * aligned correctly for the given architecture so that there are no alignment
139 * faults for C data types. In particular, this is required on platforms such
140 * as arm where pointers are 32-bit aligned but there are data types such as
141 * u64 which require 64-bit alignment.
142 */
Herbert Xu79911102006-08-21 21:03:52 +1000143#define CRYPTO_MINALIGN ARCH_KMALLOC_MINALIGN
Herbert Xu79911102006-08-21 21:03:52 +1000144
Herbert Xu79911102006-08-21 21:03:52 +1000145#define CRYPTO_MINALIGN_ATTR __attribute__ ((__aligned__(CRYPTO_MINALIGN)))
Herbert Xu79911102006-08-21 21:03:52 +1000146
Linus Torvalds1da177e2005-04-16 15:20:36 -0700147struct scatterlist;
Herbert Xu32e3983f2007-03-24 14:35:34 +1100148struct crypto_ablkcipher;
149struct crypto_async_request;
Herbert Xu5cde0af2006-08-22 00:07:53 +1000150struct crypto_blkcipher;
Herbert Xu40725182005-07-06 13:51:52 -0700151struct crypto_tfm;
Herbert Xue853c3c2006-08-22 00:06:54 +1000152struct crypto_type;
Herbert Xu61da88e2007-12-17 21:51:27 +0800153struct skcipher_givcrypt_request;
Herbert Xu40725182005-07-06 13:51:52 -0700154
Herbert Xu32e3983f2007-03-24 14:35:34 +1100155typedef void (*crypto_completion_t)(struct crypto_async_request *req, int err);
156
Stephan Mueller0d7f4882014-11-12 05:27:49 +0100157/**
158 * DOC: Block Cipher Context Data Structures
159 *
160 * These data structures define the operating context for each block cipher
161 * type.
162 */
163
Herbert Xu32e3983f2007-03-24 14:35:34 +1100164struct crypto_async_request {
165 struct list_head list;
166 crypto_completion_t complete;
167 void *data;
168 struct crypto_tfm *tfm;
169
170 u32 flags;
171};
172
173struct ablkcipher_request {
174 struct crypto_async_request base;
175
176 unsigned int nbytes;
177
178 void *info;
179
180 struct scatterlist *src;
181 struct scatterlist *dst;
182
183 void *__ctx[] CRYPTO_MINALIGN_ATTR;
184};
185
Herbert Xu5cde0af2006-08-22 00:07:53 +1000186struct blkcipher_desc {
187 struct crypto_blkcipher *tfm;
188 void *info;
189 u32 flags;
190};
191
Herbert Xu40725182005-07-06 13:51:52 -0700192struct cipher_desc {
193 struct crypto_tfm *tfm;
Herbert Xu6c2bb982006-05-16 22:09:29 +1000194 void (*crfn)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
Herbert Xu40725182005-07-06 13:51:52 -0700195 unsigned int (*prfn)(const struct cipher_desc *desc, u8 *dst,
196 const u8 *src, unsigned int nbytes);
197 void *info;
198};
Linus Torvalds1da177e2005-04-16 15:20:36 -0700199
Stephan Mueller0d7f4882014-11-12 05:27:49 +0100200/**
201 * DOC: Block Cipher Algorithm Definitions
202 *
203 * These data structures define modular crypto algorithm implementations,
204 * managed via crypto_register_alg() and crypto_unregister_alg().
205 */
206
207/**
208 * struct ablkcipher_alg - asynchronous block cipher definition
209 * @min_keysize: Minimum key size supported by the transformation. This is the
210 * smallest key length supported by this transformation algorithm.
211 * This must be set to one of the pre-defined values as this is
212 * not hardware specific. Possible values for this field can be
213 * found via git grep "_MIN_KEY_SIZE" include/crypto/
214 * @max_keysize: Maximum key size supported by the transformation. This is the
215 * largest key length supported by this transformation algorithm.
216 * This must be set to one of the pre-defined values as this is
217 * not hardware specific. Possible values for this field can be
218 * found via git grep "_MAX_KEY_SIZE" include/crypto/
219 * @setkey: Set key for the transformation. This function is used to either
220 * program a supplied key into the hardware or store the key in the
221 * transformation context for programming it later. Note that this
222 * function does modify the transformation context. This function can
223 * be called multiple times during the existence of the transformation
224 * object, so one must make sure the key is properly reprogrammed into
225 * the hardware. This function is also responsible for checking the key
226 * length for validity. In case a software fallback was put in place in
227 * the @cra_init call, this function might need to use the fallback if
228 * the algorithm doesn't support all of the key sizes.
229 * @encrypt: Encrypt a scatterlist of blocks. This function is used to encrypt
230 * the supplied scatterlist containing the blocks of data. The crypto
231 * API consumer is responsible for aligning the entries of the
232 * scatterlist properly and making sure the chunks are correctly
233 * sized. In case a software fallback was put in place in the
234 * @cra_init call, this function might need to use the fallback if
235 * the algorithm doesn't support all of the key sizes. In case the
236 * key was stored in transformation context, the key might need to be
237 * re-programmed into the hardware in this function. This function
238 * shall not modify the transformation context, as this function may
239 * be called in parallel with the same transformation object.
240 * @decrypt: Decrypt a single block. This is a reverse counterpart to @encrypt
241 * and the conditions are exactly the same.
242 * @givencrypt: Update the IV for encryption. With this function, a cipher
243 * implementation may provide the function on how to update the IV
244 * for encryption.
245 * @givdecrypt: Update the IV for decryption. This is the reverse of
246 * @givencrypt .
247 * @geniv: The transformation implementation may use an "IV generator" provided
248 * by the kernel crypto API. Several use cases have a predefined
249 * approach how IVs are to be updated. For such use cases, the kernel
250 * crypto API provides ready-to-use implementations that can be
251 * referenced with this variable.
252 * @ivsize: IV size applicable for transformation. The consumer must provide an
253 * IV of exactly that size to perform the encrypt or decrypt operation.
254 *
255 * All fields except @givencrypt , @givdecrypt , @geniv and @ivsize are
256 * mandatory and must be filled.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700257 */
Herbert Xub5b7f082007-04-16 20:48:54 +1000258struct ablkcipher_alg {
259 int (*setkey)(struct crypto_ablkcipher *tfm, const u8 *key,
260 unsigned int keylen);
261 int (*encrypt)(struct ablkcipher_request *req);
262 int (*decrypt)(struct ablkcipher_request *req);
Herbert Xu61da88e2007-12-17 21:51:27 +0800263 int (*givencrypt)(struct skcipher_givcrypt_request *req);
264 int (*givdecrypt)(struct skcipher_givcrypt_request *req);
Herbert Xub5b7f082007-04-16 20:48:54 +1000265
Herbert Xu23508e12007-11-27 21:33:24 +0800266 const char *geniv;
267
Herbert Xub5b7f082007-04-16 20:48:54 +1000268 unsigned int min_keysize;
269 unsigned int max_keysize;
270 unsigned int ivsize;
271};
272
Stephan Mueller0d7f4882014-11-12 05:27:49 +0100273/**
Stephan Mueller0d7f4882014-11-12 05:27:49 +0100274 * struct blkcipher_alg - synchronous block cipher definition
275 * @min_keysize: see struct ablkcipher_alg
276 * @max_keysize: see struct ablkcipher_alg
277 * @setkey: see struct ablkcipher_alg
278 * @encrypt: see struct ablkcipher_alg
279 * @decrypt: see struct ablkcipher_alg
280 * @geniv: see struct ablkcipher_alg
281 * @ivsize: see struct ablkcipher_alg
282 *
283 * All fields except @geniv and @ivsize are mandatory and must be filled.
284 */
Herbert Xu5cde0af2006-08-22 00:07:53 +1000285struct blkcipher_alg {
286 int (*setkey)(struct crypto_tfm *tfm, const u8 *key,
287 unsigned int keylen);
288 int (*encrypt)(struct blkcipher_desc *desc,
289 struct scatterlist *dst, struct scatterlist *src,
290 unsigned int nbytes);
291 int (*decrypt)(struct blkcipher_desc *desc,
292 struct scatterlist *dst, struct scatterlist *src,
293 unsigned int nbytes);
294
Herbert Xu23508e12007-11-27 21:33:24 +0800295 const char *geniv;
296
Herbert Xu5cde0af2006-08-22 00:07:53 +1000297 unsigned int min_keysize;
298 unsigned int max_keysize;
299 unsigned int ivsize;
300};
301
Stephan Mueller0d7f4882014-11-12 05:27:49 +0100302/**
303 * struct cipher_alg - single-block symmetric ciphers definition
304 * @cia_min_keysize: Minimum key size supported by the transformation. This is
305 * the smallest key length supported by this transformation
306 * algorithm. This must be set to one of the pre-defined
307 * values as this is not hardware specific. Possible values
308 * for this field can be found via git grep "_MIN_KEY_SIZE"
309 * include/crypto/
310 * @cia_max_keysize: Maximum key size supported by the transformation. This is
311 * the largest key length supported by this transformation
312 * algorithm. This must be set to one of the pre-defined values
313 * as this is not hardware specific. Possible values for this
314 * field can be found via git grep "_MAX_KEY_SIZE"
315 * include/crypto/
316 * @cia_setkey: Set key for the transformation. This function is used to either
317 * program a supplied key into the hardware or store the key in the
318 * transformation context for programming it later. Note that this
319 * function does modify the transformation context. This function
320 * can be called multiple times during the existence of the
321 * transformation object, so one must make sure the key is properly
322 * reprogrammed into the hardware. This function is also
323 * responsible for checking the key length for validity.
324 * @cia_encrypt: Encrypt a single block. This function is used to encrypt a
325 * single block of data, which must be @cra_blocksize big. This
326 * always operates on a full @cra_blocksize and it is not possible
327 * to encrypt a block of smaller size. The supplied buffers must
328 * therefore also be at least of @cra_blocksize size. Both the
329 * input and output buffers are always aligned to @cra_alignmask.
330 * In case either of the input or output buffer supplied by user
331 * of the crypto API is not aligned to @cra_alignmask, the crypto
332 * API will re-align the buffers. The re-alignment means that a
333 * new buffer will be allocated, the data will be copied into the
334 * new buffer, then the processing will happen on the new buffer,
335 * then the data will be copied back into the original buffer and
336 * finally the new buffer will be freed. In case a software
337 * fallback was put in place in the @cra_init call, this function
338 * might need to use the fallback if the algorithm doesn't support
339 * all of the key sizes. In case the key was stored in
340 * transformation context, the key might need to be re-programmed
341 * into the hardware in this function. This function shall not
342 * modify the transformation context, as this function may be
343 * called in parallel with the same transformation object.
344 * @cia_decrypt: Decrypt a single block. This is a reverse counterpart to
345 * @cia_encrypt, and the conditions are exactly the same.
346 *
347 * All fields are mandatory and must be filled.
348 */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700349struct cipher_alg {
350 unsigned int cia_min_keysize;
351 unsigned int cia_max_keysize;
Herbert Xu6c2bb982006-05-16 22:09:29 +1000352 int (*cia_setkey)(struct crypto_tfm *tfm, const u8 *key,
Herbert Xu560c06a2006-08-13 14:16:39 +1000353 unsigned int keylen);
Herbert Xu6c2bb982006-05-16 22:09:29 +1000354 void (*cia_encrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
355 void (*cia_decrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700356};
357
Linus Torvalds1da177e2005-04-16 15:20:36 -0700358struct compress_alg {
Herbert Xu6c2bb982006-05-16 22:09:29 +1000359 int (*coa_compress)(struct crypto_tfm *tfm, const u8 *src,
360 unsigned int slen, u8 *dst, unsigned int *dlen);
361 int (*coa_decompress)(struct crypto_tfm *tfm, const u8 *src,
362 unsigned int slen, u8 *dst, unsigned int *dlen);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700363};
364
Neil Horman17f0f4a2008-08-14 22:15:52 +1000365
Herbert Xub5b7f082007-04-16 20:48:54 +1000366#define cra_ablkcipher cra_u.ablkcipher
Herbert Xu5cde0af2006-08-22 00:07:53 +1000367#define cra_blkcipher cra_u.blkcipher
Linus Torvalds1da177e2005-04-16 15:20:36 -0700368#define cra_cipher cra_u.cipher
Linus Torvalds1da177e2005-04-16 15:20:36 -0700369#define cra_compress cra_u.compress
370
Stephan Mueller0d7f4882014-11-12 05:27:49 +0100371/**
372 * struct crypto_alg - definition of a cryptograpic cipher algorithm
373 * @cra_flags: Flags describing this transformation. See include/linux/crypto.h
374 * CRYPTO_ALG_* flags for the flags which go in here. Those are
375 * used for fine-tuning the description of the transformation
376 * algorithm.
377 * @cra_blocksize: Minimum block size of this transformation. The size in bytes
378 * of the smallest possible unit which can be transformed with
379 * this algorithm. The users must respect this value.
380 * In case of HASH transformation, it is possible for a smaller
381 * block than @cra_blocksize to be passed to the crypto API for
382 * transformation, in case of any other transformation type, an
383 * error will be returned upon any attempt to transform smaller
384 * than @cra_blocksize chunks.
385 * @cra_ctxsize: Size of the operational context of the transformation. This
386 * value informs the kernel crypto API about the memory size
387 * needed to be allocated for the transformation context.
388 * @cra_alignmask: Alignment mask for the input and output data buffer. The data
389 * buffer containing the input data for the algorithm must be
390 * aligned to this alignment mask. The data buffer for the
391 * output data must be aligned to this alignment mask. Note that
392 * the Crypto API will do the re-alignment in software, but
393 * only under special conditions and there is a performance hit.
394 * The re-alignment happens at these occasions for different
395 * @cra_u types: cipher -- For both input data and output data
396 * buffer; ahash -- For output hash destination buf; shash --
397 * For output hash destination buf.
398 * This is needed on hardware which is flawed by design and
399 * cannot pick data from arbitrary addresses.
400 * @cra_priority: Priority of this transformation implementation. In case
401 * multiple transformations with same @cra_name are available to
402 * the Crypto API, the kernel will use the one with highest
403 * @cra_priority.
404 * @cra_name: Generic name (usable by multiple implementations) of the
405 * transformation algorithm. This is the name of the transformation
406 * itself. This field is used by the kernel when looking up the
407 * providers of particular transformation.
408 * @cra_driver_name: Unique name of the transformation provider. This is the
409 * name of the provider of the transformation. This can be any
410 * arbitrary value, but in the usual case, this contains the
411 * name of the chip or provider and the name of the
412 * transformation algorithm.
413 * @cra_type: Type of the cryptographic transformation. This is a pointer to
414 * struct crypto_type, which implements callbacks common for all
Masanari Iida12f7c142015-06-04 00:01:21 +0900415 * transformation types. There are multiple options:
Stephan Mueller0d7f4882014-11-12 05:27:49 +0100416 * &crypto_blkcipher_type, &crypto_ablkcipher_type,
Herbert Xub0d955b2015-08-14 15:30:41 +0800417 * &crypto_ahash_type, &crypto_rng_type.
Stephan Mueller0d7f4882014-11-12 05:27:49 +0100418 * This field might be empty. In that case, there are no common
419 * callbacks. This is the case for: cipher, compress, shash.
420 * @cra_u: Callbacks implementing the transformation. This is a union of
421 * multiple structures. Depending on the type of transformation selected
422 * by @cra_type and @cra_flags above, the associated structure must be
423 * filled with callbacks. This field might be empty. This is the case
424 * for ahash, shash.
425 * @cra_init: Initialize the cryptographic transformation object. This function
426 * is used to initialize the cryptographic transformation object.
427 * This function is called only once at the instantiation time, right
428 * after the transformation context was allocated. In case the
429 * cryptographic hardware has some special requirements which need to
430 * be handled by software, this function shall check for the precise
431 * requirement of the transformation and put any software fallbacks
432 * in place.
433 * @cra_exit: Deinitialize the cryptographic transformation object. This is a
434 * counterpart to @cra_init, used to remove various changes set in
435 * @cra_init.
436 * @cra_module: Owner of this transformation implementation. Set to THIS_MODULE
437 * @cra_list: internally used
438 * @cra_users: internally used
439 * @cra_refcnt: internally used
440 * @cra_destroy: internally used
441 *
442 * The struct crypto_alg describes a generic Crypto API algorithm and is common
443 * for all of the transformations. Any variable not documented here shall not
444 * be used by a cipher implementation as it is internal to the Crypto API.
445 */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700446struct crypto_alg {
447 struct list_head cra_list;
Herbert Xu6bfd4802006-09-21 11:39:29 +1000448 struct list_head cra_users;
449
Linus Torvalds1da177e2005-04-16 15:20:36 -0700450 u32 cra_flags;
451 unsigned int cra_blocksize;
452 unsigned int cra_ctxsize;
Herbert Xu95477372005-07-06 13:52:09 -0700453 unsigned int cra_alignmask;
Herbert Xu5cb1454b2005-11-05 16:58:14 +1100454
455 int cra_priority;
Eric Biggersce8614a2017-12-29 10:00:46 -0600456 refcount_t cra_refcnt;
Herbert Xu5cb1454b2005-11-05 16:58:14 +1100457
Herbert Xud913ea02006-05-21 08:45:26 +1000458 char cra_name[CRYPTO_MAX_ALG_NAME];
459 char cra_driver_name[CRYPTO_MAX_ALG_NAME];
Linus Torvalds1da177e2005-04-16 15:20:36 -0700460
Herbert Xue853c3c2006-08-22 00:06:54 +1000461 const struct crypto_type *cra_type;
462
Linus Torvalds1da177e2005-04-16 15:20:36 -0700463 union {
Herbert Xub5b7f082007-04-16 20:48:54 +1000464 struct ablkcipher_alg ablkcipher;
Herbert Xu5cde0af2006-08-22 00:07:53 +1000465 struct blkcipher_alg blkcipher;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700466 struct cipher_alg cipher;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700467 struct compress_alg compress;
468 } cra_u;
Herbert Xuc7fc0592006-05-24 13:02:26 +1000469
470 int (*cra_init)(struct crypto_tfm *tfm);
471 void (*cra_exit)(struct crypto_tfm *tfm);
Herbert Xu6521f302006-08-06 20:28:44 +1000472 void (*cra_destroy)(struct crypto_alg *alg);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700473
474 struct module *cra_module;
Herbert Xuedf18b92015-06-18 14:00:48 +0800475} CRYPTO_MINALIGN_ATTR;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700476
477/*
Gilad Ben-Yossefada69a12017-10-18 08:00:38 +0100478 * A helper struct for waiting for completion of async crypto ops
479 */
480struct crypto_wait {
481 struct completion completion;
482 int err;
483};
484
485/*
486 * Macro for declaring a crypto op async wait object on stack
487 */
488#define DECLARE_CRYPTO_WAIT(_wait) \
489 struct crypto_wait _wait = { \
490 COMPLETION_INITIALIZER_ONSTACK((_wait).completion), 0 }
491
492/*
493 * Async ops completion helper functioons
494 */
495void crypto_req_done(struct crypto_async_request *req, int err);
496
497static inline int crypto_wait_req(int err, struct crypto_wait *wait)
498{
499 switch (err) {
500 case -EINPROGRESS:
501 case -EBUSY:
502 wait_for_completion(&wait->completion);
503 reinit_completion(&wait->completion);
504 err = wait->err;
505 break;
506 };
507
508 return err;
509}
510
511static inline void crypto_init_wait(struct crypto_wait *wait)
512{
513 init_completion(&wait->completion);
514}
515
516/*
Linus Torvalds1da177e2005-04-16 15:20:36 -0700517 * Algorithm registration interface.
518 */
519int crypto_register_alg(struct crypto_alg *alg);
520int crypto_unregister_alg(struct crypto_alg *alg);
Mark Brown4b004342012-01-17 23:34:26 +0000521int crypto_register_algs(struct crypto_alg *algs, int count);
522int crypto_unregister_algs(struct crypto_alg *algs, int count);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700523
524/*
525 * Algorithm query interface.
526 */
Herbert Xufce32d72006-08-26 17:35:45 +1000527int crypto_has_alg(const char *name, u32 type, u32 mask);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700528
529/*
530 * Transforms: user-instantiated objects which encapsulate algorithms
Herbert Xu6d7d684d2006-07-30 11:53:01 +1000531 * and core processing logic. Managed via crypto_alloc_*() and
532 * crypto_free_*(), as well as the various helpers below.
Linus Torvalds1da177e2005-04-16 15:20:36 -0700533 */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700534
Herbert Xu32e3983f2007-03-24 14:35:34 +1100535struct ablkcipher_tfm {
536 int (*setkey)(struct crypto_ablkcipher *tfm, const u8 *key,
537 unsigned int keylen);
538 int (*encrypt)(struct ablkcipher_request *req);
539 int (*decrypt)(struct ablkcipher_request *req);
Herbert Xu61da88e2007-12-17 21:51:27 +0800540
Herbert Xuecfc4322007-12-05 21:08:36 +1100541 struct crypto_ablkcipher *base;
542
Herbert Xu32e3983f2007-03-24 14:35:34 +1100543 unsigned int ivsize;
544 unsigned int reqsize;
545};
546
Herbert Xu5cde0af2006-08-22 00:07:53 +1000547struct blkcipher_tfm {
548 void *iv;
549 int (*setkey)(struct crypto_tfm *tfm, const u8 *key,
550 unsigned int keylen);
551 int (*encrypt)(struct blkcipher_desc *desc, struct scatterlist *dst,
552 struct scatterlist *src, unsigned int nbytes);
553 int (*decrypt)(struct blkcipher_desc *desc, struct scatterlist *dst,
554 struct scatterlist *src, unsigned int nbytes);
555};
556
Linus Torvalds1da177e2005-04-16 15:20:36 -0700557struct cipher_tfm {
Linus Torvalds1da177e2005-04-16 15:20:36 -0700558 int (*cit_setkey)(struct crypto_tfm *tfm,
559 const u8 *key, unsigned int keylen);
Herbert Xuf28776a2006-08-13 20:58:18 +1000560 void (*cit_encrypt_one)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
561 void (*cit_decrypt_one)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700562};
563
Linus Torvalds1da177e2005-04-16 15:20:36 -0700564struct compress_tfm {
565 int (*cot_compress)(struct crypto_tfm *tfm,
566 const u8 *src, unsigned int slen,
567 u8 *dst, unsigned int *dlen);
568 int (*cot_decompress)(struct crypto_tfm *tfm,
569 const u8 *src, unsigned int slen,
570 u8 *dst, unsigned int *dlen);
571};
572
Herbert Xu32e3983f2007-03-24 14:35:34 +1100573#define crt_ablkcipher crt_u.ablkcipher
Herbert Xu5cde0af2006-08-22 00:07:53 +1000574#define crt_blkcipher crt_u.blkcipher
Linus Torvalds1da177e2005-04-16 15:20:36 -0700575#define crt_cipher crt_u.cipher
Linus Torvalds1da177e2005-04-16 15:20:36 -0700576#define crt_compress crt_u.compress
577
578struct crypto_tfm {
579
580 u32 crt_flags;
581
582 union {
Herbert Xu32e3983f2007-03-24 14:35:34 +1100583 struct ablkcipher_tfm ablkcipher;
Herbert Xu5cde0af2006-08-22 00:07:53 +1000584 struct blkcipher_tfm blkcipher;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700585 struct cipher_tfm cipher;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700586 struct compress_tfm compress;
587 } crt_u;
Herbert Xu4a779482008-09-13 18:19:03 -0700588
589 void (*exit)(struct crypto_tfm *tfm);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700590
591 struct crypto_alg *__crt_alg;
Herbert Xuf10b7892006-01-25 22:34:01 +1100592
Herbert Xu79911102006-08-21 21:03:52 +1000593 void *__crt_ctx[] CRYPTO_MINALIGN_ATTR;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700594};
595
Herbert Xu32e3983f2007-03-24 14:35:34 +1100596struct crypto_ablkcipher {
597 struct crypto_tfm base;
598};
599
Herbert Xu5cde0af2006-08-22 00:07:53 +1000600struct crypto_blkcipher {
601 struct crypto_tfm base;
602};
603
Herbert Xu78a1fe42006-12-24 10:02:00 +1100604struct crypto_cipher {
605 struct crypto_tfm base;
606};
607
608struct crypto_comp {
609 struct crypto_tfm base;
610};
611
Herbert Xu2b8c19d2006-09-21 11:31:44 +1000612enum {
613 CRYPTOA_UNSPEC,
614 CRYPTOA_ALG,
Herbert Xuebc610e2007-01-01 18:37:02 +1100615 CRYPTOA_TYPE,
Herbert Xu39e1ee012007-08-29 19:27:26 +0800616 CRYPTOA_U32,
Herbert Xuebc610e2007-01-01 18:37:02 +1100617 __CRYPTOA_MAX,
Herbert Xu2b8c19d2006-09-21 11:31:44 +1000618};
619
Herbert Xuebc610e2007-01-01 18:37:02 +1100620#define CRYPTOA_MAX (__CRYPTOA_MAX - 1)
621
Herbert Xu39e1ee012007-08-29 19:27:26 +0800622/* Maximum number of (rtattr) parameters for each template. */
623#define CRYPTO_MAX_ATTRS 32
624
Herbert Xu2b8c19d2006-09-21 11:31:44 +1000625struct crypto_attr_alg {
626 char name[CRYPTO_MAX_ALG_NAME];
627};
628
Herbert Xuebc610e2007-01-01 18:37:02 +1100629struct crypto_attr_type {
630 u32 type;
631 u32 mask;
632};
633
Herbert Xu39e1ee012007-08-29 19:27:26 +0800634struct crypto_attr_u32 {
635 u32 num;
636};
637
Linus Torvalds1da177e2005-04-16 15:20:36 -0700638/*
639 * Transform user interface.
640 */
641
Herbert Xu6d7d684d2006-07-30 11:53:01 +1000642struct crypto_tfm *crypto_alloc_base(const char *alg_name, u32 type, u32 mask);
Herbert Xu7b2cd922009-02-05 16:48:24 +1100643void crypto_destroy_tfm(void *mem, struct crypto_tfm *tfm);
644
645static inline void crypto_free_tfm(struct crypto_tfm *tfm)
646{
647 return crypto_destroy_tfm(tfm, tfm);
648}
Linus Torvalds1da177e2005-04-16 15:20:36 -0700649
Herbert Xuda7f0332008-07-31 17:08:25 +0800650int alg_test(const char *driver, const char *alg, u32 type, u32 mask);
651
Linus Torvalds1da177e2005-04-16 15:20:36 -0700652/*
653 * Transform helpers which query the underlying algorithm.
654 */
655static inline const char *crypto_tfm_alg_name(struct crypto_tfm *tfm)
656{
657 return tfm->__crt_alg->cra_name;
658}
659
Michal Ludvigb14cdd62006-07-09 09:02:24 +1000660static inline const char *crypto_tfm_alg_driver_name(struct crypto_tfm *tfm)
661{
662 return tfm->__crt_alg->cra_driver_name;
663}
664
665static inline int crypto_tfm_alg_priority(struct crypto_tfm *tfm)
666{
667 return tfm->__crt_alg->cra_priority;
668}
669
Linus Torvalds1da177e2005-04-16 15:20:36 -0700670static inline u32 crypto_tfm_alg_type(struct crypto_tfm *tfm)
671{
672 return tfm->__crt_alg->cra_flags & CRYPTO_ALG_TYPE_MASK;
673}
674
Linus Torvalds1da177e2005-04-16 15:20:36 -0700675static inline unsigned int crypto_tfm_alg_blocksize(struct crypto_tfm *tfm)
676{
677 return tfm->__crt_alg->cra_blocksize;
678}
679
Herbert Xufbdae9f2005-07-06 13:53:29 -0700680static inline unsigned int crypto_tfm_alg_alignmask(struct crypto_tfm *tfm)
681{
682 return tfm->__crt_alg->cra_alignmask;
683}
684
Herbert Xuf28776a2006-08-13 20:58:18 +1000685static inline u32 crypto_tfm_get_flags(struct crypto_tfm *tfm)
686{
687 return tfm->crt_flags;
688}
689
690static inline void crypto_tfm_set_flags(struct crypto_tfm *tfm, u32 flags)
691{
692 tfm->crt_flags |= flags;
693}
694
695static inline void crypto_tfm_clear_flags(struct crypto_tfm *tfm, u32 flags)
696{
697 tfm->crt_flags &= ~flags;
698}
699
Herbert Xu40725182005-07-06 13:51:52 -0700700static inline void *crypto_tfm_ctx(struct crypto_tfm *tfm)
701{
Herbert Xuf10b7892006-01-25 22:34:01 +1100702 return tfm->__crt_ctx;
703}
704
705static inline unsigned int crypto_tfm_ctx_alignment(void)
706{
707 struct crypto_tfm *tfm;
708 return __alignof__(tfm->__crt_ctx);
Herbert Xu40725182005-07-06 13:51:52 -0700709}
710
Linus Torvalds1da177e2005-04-16 15:20:36 -0700711/*
712 * API wrappers.
713 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100714static inline struct crypto_ablkcipher *__crypto_ablkcipher_cast(
715 struct crypto_tfm *tfm)
716{
717 return (struct crypto_ablkcipher *)tfm;
718}
719
Herbert Xu378f4f52007-12-17 20:07:31 +0800720static inline u32 crypto_skcipher_type(u32 type)
721{
Herbert Xuecfc4322007-12-05 21:08:36 +1100722 type &= ~(CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_GENIV);
Herbert Xu378f4f52007-12-17 20:07:31 +0800723 type |= CRYPTO_ALG_TYPE_BLKCIPHER;
724 return type;
725}
726
727static inline u32 crypto_skcipher_mask(u32 mask)
728{
Herbert Xuecfc4322007-12-05 21:08:36 +1100729 mask &= ~(CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_GENIV);
Herbert Xu378f4f52007-12-17 20:07:31 +0800730 mask |= CRYPTO_ALG_TYPE_BLKCIPHER_MASK;
731 return mask;
732}
733
Stephan Muellerf13ec332014-11-12 05:28:22 +0100734/**
735 * DOC: Asynchronous Block Cipher API
736 *
737 * Asynchronous block cipher API is used with the ciphers of type
738 * CRYPTO_ALG_TYPE_ABLKCIPHER (listed as type "ablkcipher" in /proc/crypto).
739 *
740 * Asynchronous cipher operations imply that the function invocation for a
741 * cipher request returns immediately before the completion of the operation.
742 * The cipher request is scheduled as a separate kernel thread and therefore
743 * load-balanced on the different CPUs via the process scheduler. To allow
744 * the kernel crypto API to inform the caller about the completion of a cipher
745 * request, the caller must provide a callback function. That function is
746 * invoked with the cipher handle when the request completes.
747 *
748 * To support the asynchronous operation, additional information than just the
749 * cipher handle must be supplied to the kernel crypto API. That additional
750 * information is given by filling in the ablkcipher_request data structure.
751 *
752 * For the asynchronous block cipher API, the state is maintained with the tfm
753 * cipher handle. A single tfm can be used across multiple calls and in
754 * parallel. For asynchronous block cipher calls, context data supplied and
755 * only used by the caller can be referenced the request data structure in
756 * addition to the IV used for the cipher request. The maintenance of such
757 * state information would be important for a crypto driver implementer to
758 * have, because when calling the callback function upon completion of the
759 * cipher operation, that callback function may need some information about
760 * which operation just finished if it invoked multiple in parallel. This
761 * state information is unused by the kernel crypto API.
762 */
763
Herbert Xu32e3983f2007-03-24 14:35:34 +1100764static inline struct crypto_tfm *crypto_ablkcipher_tfm(
765 struct crypto_ablkcipher *tfm)
766{
767 return &tfm->base;
768}
769
Stephan Muellerf13ec332014-11-12 05:28:22 +0100770/**
771 * crypto_free_ablkcipher() - zeroize and free cipher handle
772 * @tfm: cipher handle to be freed
773 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100774static inline void crypto_free_ablkcipher(struct crypto_ablkcipher *tfm)
775{
776 crypto_free_tfm(crypto_ablkcipher_tfm(tfm));
777}
778
Stephan Muellerf13ec332014-11-12 05:28:22 +0100779/**
780 * crypto_has_ablkcipher() - Search for the availability of an ablkcipher.
781 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
782 * ablkcipher
783 * @type: specifies the type of the cipher
784 * @mask: specifies the mask for the cipher
785 *
786 * Return: true when the ablkcipher is known to the kernel crypto API; false
787 * otherwise
788 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100789static inline int crypto_has_ablkcipher(const char *alg_name, u32 type,
790 u32 mask)
791{
Herbert Xu378f4f52007-12-17 20:07:31 +0800792 return crypto_has_alg(alg_name, crypto_skcipher_type(type),
793 crypto_skcipher_mask(mask));
Herbert Xu32e3983f2007-03-24 14:35:34 +1100794}
795
796static inline struct ablkcipher_tfm *crypto_ablkcipher_crt(
797 struct crypto_ablkcipher *tfm)
798{
799 return &crypto_ablkcipher_tfm(tfm)->crt_ablkcipher;
800}
801
Stephan Muellerf13ec332014-11-12 05:28:22 +0100802/**
803 * crypto_ablkcipher_ivsize() - obtain IV size
804 * @tfm: cipher handle
805 *
806 * The size of the IV for the ablkcipher referenced by the cipher handle is
807 * returned. This IV size may be zero if the cipher does not need an IV.
808 *
809 * Return: IV size in bytes
810 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100811static inline unsigned int crypto_ablkcipher_ivsize(
812 struct crypto_ablkcipher *tfm)
813{
814 return crypto_ablkcipher_crt(tfm)->ivsize;
815}
816
Stephan Muellerf13ec332014-11-12 05:28:22 +0100817/**
818 * crypto_ablkcipher_blocksize() - obtain block size of cipher
819 * @tfm: cipher handle
820 *
821 * The block size for the ablkcipher referenced with the cipher handle is
822 * returned. The caller may use that information to allocate appropriate
823 * memory for the data returned by the encryption or decryption operation
824 *
825 * Return: block size of cipher
826 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100827static inline unsigned int crypto_ablkcipher_blocksize(
828 struct crypto_ablkcipher *tfm)
829{
830 return crypto_tfm_alg_blocksize(crypto_ablkcipher_tfm(tfm));
831}
832
833static inline unsigned int crypto_ablkcipher_alignmask(
834 struct crypto_ablkcipher *tfm)
835{
836 return crypto_tfm_alg_alignmask(crypto_ablkcipher_tfm(tfm));
837}
838
839static inline u32 crypto_ablkcipher_get_flags(struct crypto_ablkcipher *tfm)
840{
841 return crypto_tfm_get_flags(crypto_ablkcipher_tfm(tfm));
842}
843
844static inline void crypto_ablkcipher_set_flags(struct crypto_ablkcipher *tfm,
845 u32 flags)
846{
847 crypto_tfm_set_flags(crypto_ablkcipher_tfm(tfm), flags);
848}
849
850static inline void crypto_ablkcipher_clear_flags(struct crypto_ablkcipher *tfm,
851 u32 flags)
852{
853 crypto_tfm_clear_flags(crypto_ablkcipher_tfm(tfm), flags);
854}
855
Stephan Muellerf13ec332014-11-12 05:28:22 +0100856/**
857 * crypto_ablkcipher_setkey() - set key for cipher
858 * @tfm: cipher handle
859 * @key: buffer holding the key
860 * @keylen: length of the key in bytes
861 *
862 * The caller provided key is set for the ablkcipher referenced by the cipher
863 * handle.
864 *
865 * Note, the key length determines the cipher type. Many block ciphers implement
866 * different cipher modes depending on the key size, such as AES-128 vs AES-192
867 * vs. AES-256. When providing a 16 byte key for an AES cipher handle, AES-128
868 * is performed.
869 *
870 * Return: 0 if the setting of the key was successful; < 0 if an error occurred
871 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100872static inline int crypto_ablkcipher_setkey(struct crypto_ablkcipher *tfm,
873 const u8 *key, unsigned int keylen)
874{
Herbert Xuecfc4322007-12-05 21:08:36 +1100875 struct ablkcipher_tfm *crt = crypto_ablkcipher_crt(tfm);
876
877 return crt->setkey(crt->base, key, keylen);
Herbert Xu32e3983f2007-03-24 14:35:34 +1100878}
879
Stephan Muellerf13ec332014-11-12 05:28:22 +0100880/**
881 * crypto_ablkcipher_reqtfm() - obtain cipher handle from request
882 * @req: ablkcipher_request out of which the cipher handle is to be obtained
883 *
884 * Return the crypto_ablkcipher handle when furnishing an ablkcipher_request
885 * data structure.
886 *
887 * Return: crypto_ablkcipher handle
888 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100889static inline struct crypto_ablkcipher *crypto_ablkcipher_reqtfm(
890 struct ablkcipher_request *req)
891{
892 return __crypto_ablkcipher_cast(req->base.tfm);
893}
894
Stephan Muellerf13ec332014-11-12 05:28:22 +0100895/**
896 * crypto_ablkcipher_encrypt() - encrypt plaintext
897 * @req: reference to the ablkcipher_request handle that holds all information
898 * needed to perform the cipher operation
899 *
900 * Encrypt plaintext data using the ablkcipher_request handle. That data
901 * structure and how it is filled with data is discussed with the
902 * ablkcipher_request_* functions.
903 *
904 * Return: 0 if the cipher operation was successful; < 0 if an error occurred
905 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100906static inline int crypto_ablkcipher_encrypt(struct ablkcipher_request *req)
907{
908 struct ablkcipher_tfm *crt =
909 crypto_ablkcipher_crt(crypto_ablkcipher_reqtfm(req));
910 return crt->encrypt(req);
911}
912
Stephan Muellerf13ec332014-11-12 05:28:22 +0100913/**
914 * crypto_ablkcipher_decrypt() - decrypt ciphertext
915 * @req: reference to the ablkcipher_request handle that holds all information
916 * needed to perform the cipher operation
917 *
918 * Decrypt ciphertext data using the ablkcipher_request handle. That data
919 * structure and how it is filled with data is discussed with the
920 * ablkcipher_request_* functions.
921 *
922 * Return: 0 if the cipher operation was successful; < 0 if an error occurred
923 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100924static inline int crypto_ablkcipher_decrypt(struct ablkcipher_request *req)
925{
926 struct ablkcipher_tfm *crt =
927 crypto_ablkcipher_crt(crypto_ablkcipher_reqtfm(req));
928 return crt->decrypt(req);
929}
930
Stephan Muellerf13ec332014-11-12 05:28:22 +0100931/**
932 * DOC: Asynchronous Cipher Request Handle
933 *
934 * The ablkcipher_request data structure contains all pointers to data
935 * required for the asynchronous cipher operation. This includes the cipher
936 * handle (which can be used by multiple ablkcipher_request instances), pointer
937 * to plaintext and ciphertext, asynchronous callback function, etc. It acts
938 * as a handle to the ablkcipher_request_* API calls in a similar way as
939 * ablkcipher handle to the crypto_ablkcipher_* API calls.
940 */
941
942/**
943 * crypto_ablkcipher_reqsize() - obtain size of the request data structure
944 * @tfm: cipher handle
945 *
946 * Return: number of bytes
947 */
Herbert Xub16c3a22007-08-29 19:02:04 +0800948static inline unsigned int crypto_ablkcipher_reqsize(
949 struct crypto_ablkcipher *tfm)
Herbert Xu32e3983f2007-03-24 14:35:34 +1100950{
951 return crypto_ablkcipher_crt(tfm)->reqsize;
952}
953
Stephan Muellerf13ec332014-11-12 05:28:22 +0100954/**
955 * ablkcipher_request_set_tfm() - update cipher handle reference in request
956 * @req: request handle to be modified
957 * @tfm: cipher handle that shall be added to the request handle
958 *
959 * Allow the caller to replace the existing ablkcipher handle in the request
960 * data structure with a different one.
961 */
Herbert Xue196d622007-04-14 16:09:14 +1000962static inline void ablkcipher_request_set_tfm(
963 struct ablkcipher_request *req, struct crypto_ablkcipher *tfm)
964{
Herbert Xuecfc4322007-12-05 21:08:36 +1100965 req->base.tfm = crypto_ablkcipher_tfm(crypto_ablkcipher_crt(tfm)->base);
Herbert Xue196d622007-04-14 16:09:14 +1000966}
967
Herbert Xub5b7f082007-04-16 20:48:54 +1000968static inline struct ablkcipher_request *ablkcipher_request_cast(
969 struct crypto_async_request *req)
970{
971 return container_of(req, struct ablkcipher_request, base);
972}
973
Stephan Muellerf13ec332014-11-12 05:28:22 +0100974/**
975 * ablkcipher_request_alloc() - allocate request data structure
976 * @tfm: cipher handle to be registered with the request
977 * @gfp: memory allocation flag that is handed to kmalloc by the API call.
978 *
979 * Allocate the request data structure that must be used with the ablkcipher
980 * encrypt and decrypt API calls. During the allocation, the provided ablkcipher
981 * handle is registered in the request data structure.
982 *
Eric Biggers6eae29e2016-04-02 10:54:56 -0500983 * Return: allocated request handle in case of success, or NULL if out of memory
Stephan Muellerf13ec332014-11-12 05:28:22 +0100984 */
Herbert Xu32e3983f2007-03-24 14:35:34 +1100985static inline struct ablkcipher_request *ablkcipher_request_alloc(
986 struct crypto_ablkcipher *tfm, gfp_t gfp)
987{
988 struct ablkcipher_request *req;
989
990 req = kmalloc(sizeof(struct ablkcipher_request) +
991 crypto_ablkcipher_reqsize(tfm), gfp);
992
993 if (likely(req))
Herbert Xue196d622007-04-14 16:09:14 +1000994 ablkcipher_request_set_tfm(req, tfm);
Herbert Xu32e3983f2007-03-24 14:35:34 +1100995
996 return req;
997}
998
Stephan Muellerf13ec332014-11-12 05:28:22 +0100999/**
1000 * ablkcipher_request_free() - zeroize and free request data structure
1001 * @req: request data structure cipher handle to be freed
1002 */
Herbert Xu32e3983f2007-03-24 14:35:34 +11001003static inline void ablkcipher_request_free(struct ablkcipher_request *req)
1004{
Herbert Xuaef73cf2009-07-11 22:22:14 +08001005 kzfree(req);
Herbert Xu32e3983f2007-03-24 14:35:34 +11001006}
1007
Stephan Muellerf13ec332014-11-12 05:28:22 +01001008/**
1009 * ablkcipher_request_set_callback() - set asynchronous callback function
1010 * @req: request handle
1011 * @flags: specify zero or an ORing of the flags
Stephan Mueller0184cfe2016-10-21 04:57:27 +02001012 * CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and
Stephan Muellerf13ec332014-11-12 05:28:22 +01001013 * increase the wait queue beyond the initial maximum size;
1014 * CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep
1015 * @compl: callback function pointer to be registered with the request handle
1016 * @data: The data pointer refers to memory that is not used by the kernel
1017 * crypto API, but provided to the callback function for it to use. Here,
1018 * the caller can provide a reference to memory the callback function can
1019 * operate on. As the callback function is invoked asynchronously to the
1020 * related functionality, it may need to access data structures of the
1021 * related functionality which can be referenced using this pointer. The
1022 * callback function can access the memory via the "data" field in the
1023 * crypto_async_request data structure provided to the callback function.
1024 *
1025 * This function allows setting the callback function that is triggered once the
1026 * cipher operation completes.
1027 *
1028 * The callback function is registered with the ablkcipher_request handle and
Stephan Mueller0184cfe2016-10-21 04:57:27 +02001029 * must comply with the following template::
Stephan Muellerf13ec332014-11-12 05:28:22 +01001030 *
1031 * void callback_function(struct crypto_async_request *req, int error)
1032 */
Herbert Xu32e3983f2007-03-24 14:35:34 +11001033static inline void ablkcipher_request_set_callback(
1034 struct ablkcipher_request *req,
Mark Rustad3e3dc252014-07-25 02:53:38 -07001035 u32 flags, crypto_completion_t compl, void *data)
Herbert Xu32e3983f2007-03-24 14:35:34 +11001036{
Mark Rustad3e3dc252014-07-25 02:53:38 -07001037 req->base.complete = compl;
Herbert Xu32e3983f2007-03-24 14:35:34 +11001038 req->base.data = data;
1039 req->base.flags = flags;
1040}
1041
Stephan Muellerf13ec332014-11-12 05:28:22 +01001042/**
1043 * ablkcipher_request_set_crypt() - set data buffers
1044 * @req: request handle
1045 * @src: source scatter / gather list
1046 * @dst: destination scatter / gather list
1047 * @nbytes: number of bytes to process from @src
1048 * @iv: IV for the cipher operation which must comply with the IV size defined
1049 * by crypto_ablkcipher_ivsize
1050 *
1051 * This function allows setting of the source data and destination data
1052 * scatter / gather lists.
1053 *
1054 * For encryption, the source is treated as the plaintext and the
1055 * destination is the ciphertext. For a decryption operation, the use is
Stephan Mueller379dcfb2015-01-19 00:13:39 +01001056 * reversed - the source is the ciphertext and the destination is the plaintext.
Stephan Muellerf13ec332014-11-12 05:28:22 +01001057 */
Herbert Xu32e3983f2007-03-24 14:35:34 +11001058static inline void ablkcipher_request_set_crypt(
1059 struct ablkcipher_request *req,
1060 struct scatterlist *src, struct scatterlist *dst,
1061 unsigned int nbytes, void *iv)
1062{
1063 req->src = src;
1064 req->dst = dst;
1065 req->nbytes = nbytes;
1066 req->info = iv;
1067}
1068
Stephan Muellerfced7b02014-11-12 05:29:00 +01001069/**
Stephan Mueller58284f02014-11-12 05:29:36 +01001070 * DOC: Synchronous Block Cipher API
1071 *
1072 * The synchronous block cipher API is used with the ciphers of type
1073 * CRYPTO_ALG_TYPE_BLKCIPHER (listed as type "blkcipher" in /proc/crypto)
1074 *
1075 * Synchronous calls, have a context in the tfm. But since a single tfm can be
1076 * used in multiple calls and in parallel, this info should not be changeable
1077 * (unless a lock is used). This applies, for example, to the symmetric key.
1078 * However, the IV is changeable, so there is an iv field in blkcipher_tfm
1079 * structure for synchronous blkcipher api. So, its the only state info that can
1080 * be kept for synchronous calls without using a big lock across a tfm.
1081 *
1082 * The block cipher API allows the use of a complete cipher, i.e. a cipher
1083 * consisting of a template (a block chaining mode) and a single block cipher
1084 * primitive (e.g. AES).
1085 *
1086 * The plaintext data buffer and the ciphertext data buffer are pointed to
1087 * by using scatter/gather lists. The cipher operation is performed
1088 * on all segments of the provided scatter/gather lists.
1089 *
1090 * The kernel crypto API supports a cipher operation "in-place" which means that
1091 * the caller may provide the same scatter/gather list for the plaintext and
1092 * cipher text. After the completion of the cipher operation, the plaintext
1093 * data is replaced with the ciphertext data in case of an encryption and vice
1094 * versa for a decryption. The caller must ensure that the scatter/gather lists
1095 * for the output data point to sufficiently large buffers, i.e. multiples of
1096 * the block size of the cipher.
1097 */
1098
Herbert Xu5cde0af2006-08-22 00:07:53 +10001099static inline struct crypto_blkcipher *__crypto_blkcipher_cast(
1100 struct crypto_tfm *tfm)
1101{
1102 return (struct crypto_blkcipher *)tfm;
1103}
1104
1105static inline struct crypto_blkcipher *crypto_blkcipher_cast(
1106 struct crypto_tfm *tfm)
1107{
1108 BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_BLKCIPHER);
1109 return __crypto_blkcipher_cast(tfm);
1110}
1111
Stephan Mueller58284f02014-11-12 05:29:36 +01001112/**
1113 * crypto_alloc_blkcipher() - allocate synchronous block cipher handle
1114 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
1115 * blkcipher cipher
1116 * @type: specifies the type of the cipher
1117 * @mask: specifies the mask for the cipher
1118 *
1119 * Allocate a cipher handle for a block cipher. The returned struct
1120 * crypto_blkcipher is the cipher handle that is required for any subsequent
1121 * API invocation for that block cipher.
1122 *
1123 * Return: allocated cipher handle in case of success; IS_ERR() is true in case
1124 * of an error, PTR_ERR() returns the error code.
1125 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001126static inline struct crypto_blkcipher *crypto_alloc_blkcipher(
1127 const char *alg_name, u32 type, u32 mask)
1128{
Herbert Xu332f88402007-11-15 22:36:07 +08001129 type &= ~CRYPTO_ALG_TYPE_MASK;
Herbert Xu5cde0af2006-08-22 00:07:53 +10001130 type |= CRYPTO_ALG_TYPE_BLKCIPHER;
Herbert Xu332f88402007-11-15 22:36:07 +08001131 mask |= CRYPTO_ALG_TYPE_MASK;
Herbert Xu5cde0af2006-08-22 00:07:53 +10001132
1133 return __crypto_blkcipher_cast(crypto_alloc_base(alg_name, type, mask));
1134}
1135
1136static inline struct crypto_tfm *crypto_blkcipher_tfm(
1137 struct crypto_blkcipher *tfm)
1138{
1139 return &tfm->base;
1140}
1141
Stephan Mueller58284f02014-11-12 05:29:36 +01001142/**
1143 * crypto_free_blkcipher() - zeroize and free the block cipher handle
1144 * @tfm: cipher handle to be freed
1145 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001146static inline void crypto_free_blkcipher(struct crypto_blkcipher *tfm)
1147{
1148 crypto_free_tfm(crypto_blkcipher_tfm(tfm));
1149}
1150
Stephan Mueller58284f02014-11-12 05:29:36 +01001151/**
1152 * crypto_has_blkcipher() - Search for the availability of a block cipher
1153 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
1154 * block cipher
1155 * @type: specifies the type of the cipher
1156 * @mask: specifies the mask for the cipher
1157 *
1158 * Return: true when the block cipher is known to the kernel crypto API; false
1159 * otherwise
1160 */
Herbert Xufce32d72006-08-26 17:35:45 +10001161static inline int crypto_has_blkcipher(const char *alg_name, u32 type, u32 mask)
1162{
Herbert Xu332f88402007-11-15 22:36:07 +08001163 type &= ~CRYPTO_ALG_TYPE_MASK;
Herbert Xufce32d72006-08-26 17:35:45 +10001164 type |= CRYPTO_ALG_TYPE_BLKCIPHER;
Herbert Xu332f88402007-11-15 22:36:07 +08001165 mask |= CRYPTO_ALG_TYPE_MASK;
Herbert Xufce32d72006-08-26 17:35:45 +10001166
1167 return crypto_has_alg(alg_name, type, mask);
1168}
1169
Stephan Mueller58284f02014-11-12 05:29:36 +01001170/**
1171 * crypto_blkcipher_name() - return the name / cra_name from the cipher handle
1172 * @tfm: cipher handle
1173 *
1174 * Return: The character string holding the name of the cipher
1175 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001176static inline const char *crypto_blkcipher_name(struct crypto_blkcipher *tfm)
1177{
1178 return crypto_tfm_alg_name(crypto_blkcipher_tfm(tfm));
1179}
1180
1181static inline struct blkcipher_tfm *crypto_blkcipher_crt(
1182 struct crypto_blkcipher *tfm)
1183{
1184 return &crypto_blkcipher_tfm(tfm)->crt_blkcipher;
1185}
1186
1187static inline struct blkcipher_alg *crypto_blkcipher_alg(
1188 struct crypto_blkcipher *tfm)
1189{
1190 return &crypto_blkcipher_tfm(tfm)->__crt_alg->cra_blkcipher;
1191}
1192
Stephan Mueller58284f02014-11-12 05:29:36 +01001193/**
1194 * crypto_blkcipher_ivsize() - obtain IV size
1195 * @tfm: cipher handle
1196 *
1197 * The size of the IV for the block cipher referenced by the cipher handle is
1198 * returned. This IV size may be zero if the cipher does not need an IV.
1199 *
1200 * Return: IV size in bytes
1201 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001202static inline unsigned int crypto_blkcipher_ivsize(struct crypto_blkcipher *tfm)
1203{
1204 return crypto_blkcipher_alg(tfm)->ivsize;
1205}
1206
Stephan Mueller58284f02014-11-12 05:29:36 +01001207/**
1208 * crypto_blkcipher_blocksize() - obtain block size of cipher
1209 * @tfm: cipher handle
1210 *
1211 * The block size for the block cipher referenced with the cipher handle is
1212 * returned. The caller may use that information to allocate appropriate
1213 * memory for the data returned by the encryption or decryption operation.
1214 *
1215 * Return: block size of cipher
1216 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001217static inline unsigned int crypto_blkcipher_blocksize(
1218 struct crypto_blkcipher *tfm)
1219{
1220 return crypto_tfm_alg_blocksize(crypto_blkcipher_tfm(tfm));
1221}
1222
1223static inline unsigned int crypto_blkcipher_alignmask(
1224 struct crypto_blkcipher *tfm)
1225{
1226 return crypto_tfm_alg_alignmask(crypto_blkcipher_tfm(tfm));
1227}
1228
1229static inline u32 crypto_blkcipher_get_flags(struct crypto_blkcipher *tfm)
1230{
1231 return crypto_tfm_get_flags(crypto_blkcipher_tfm(tfm));
1232}
1233
1234static inline void crypto_blkcipher_set_flags(struct crypto_blkcipher *tfm,
1235 u32 flags)
1236{
1237 crypto_tfm_set_flags(crypto_blkcipher_tfm(tfm), flags);
1238}
1239
1240static inline void crypto_blkcipher_clear_flags(struct crypto_blkcipher *tfm,
1241 u32 flags)
1242{
1243 crypto_tfm_clear_flags(crypto_blkcipher_tfm(tfm), flags);
1244}
1245
Stephan Mueller58284f02014-11-12 05:29:36 +01001246/**
1247 * crypto_blkcipher_setkey() - set key for cipher
1248 * @tfm: cipher handle
1249 * @key: buffer holding the key
1250 * @keylen: length of the key in bytes
1251 *
1252 * The caller provided key is set for the block cipher referenced by the cipher
1253 * handle.
1254 *
1255 * Note, the key length determines the cipher type. Many block ciphers implement
1256 * different cipher modes depending on the key size, such as AES-128 vs AES-192
1257 * vs. AES-256. When providing a 16 byte key for an AES cipher handle, AES-128
1258 * is performed.
1259 *
1260 * Return: 0 if the setting of the key was successful; < 0 if an error occurred
1261 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001262static inline int crypto_blkcipher_setkey(struct crypto_blkcipher *tfm,
1263 const u8 *key, unsigned int keylen)
1264{
1265 return crypto_blkcipher_crt(tfm)->setkey(crypto_blkcipher_tfm(tfm),
1266 key, keylen);
1267}
1268
Stephan Mueller58284f02014-11-12 05:29:36 +01001269/**
1270 * crypto_blkcipher_encrypt() - encrypt plaintext
1271 * @desc: reference to the block cipher handle with meta data
1272 * @dst: scatter/gather list that is filled by the cipher operation with the
1273 * ciphertext
1274 * @src: scatter/gather list that holds the plaintext
1275 * @nbytes: number of bytes of the plaintext to encrypt.
1276 *
1277 * Encrypt plaintext data using the IV set by the caller with a preceding
1278 * call of crypto_blkcipher_set_iv.
1279 *
1280 * The blkcipher_desc data structure must be filled by the caller and can
1281 * reside on the stack. The caller must fill desc as follows: desc.tfm is filled
1282 * with the block cipher handle; desc.flags is filled with either
1283 * CRYPTO_TFM_REQ_MAY_SLEEP or 0.
1284 *
1285 * Return: 0 if the cipher operation was successful; < 0 if an error occurred
1286 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001287static inline int crypto_blkcipher_encrypt(struct blkcipher_desc *desc,
1288 struct scatterlist *dst,
1289 struct scatterlist *src,
1290 unsigned int nbytes)
1291{
1292 desc->info = crypto_blkcipher_crt(desc->tfm)->iv;
1293 return crypto_blkcipher_crt(desc->tfm)->encrypt(desc, dst, src, nbytes);
1294}
1295
Stephan Mueller58284f02014-11-12 05:29:36 +01001296/**
1297 * crypto_blkcipher_encrypt_iv() - encrypt plaintext with dedicated IV
1298 * @desc: reference to the block cipher handle with meta data
1299 * @dst: scatter/gather list that is filled by the cipher operation with the
1300 * ciphertext
1301 * @src: scatter/gather list that holds the plaintext
1302 * @nbytes: number of bytes of the plaintext to encrypt.
1303 *
1304 * Encrypt plaintext data with the use of an IV that is solely used for this
1305 * cipher operation. Any previously set IV is not used.
1306 *
1307 * The blkcipher_desc data structure must be filled by the caller and can
1308 * reside on the stack. The caller must fill desc as follows: desc.tfm is filled
1309 * with the block cipher handle; desc.info is filled with the IV to be used for
1310 * the current operation; desc.flags is filled with either
1311 * CRYPTO_TFM_REQ_MAY_SLEEP or 0.
1312 *
1313 * Return: 0 if the cipher operation was successful; < 0 if an error occurred
1314 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001315static inline int crypto_blkcipher_encrypt_iv(struct blkcipher_desc *desc,
1316 struct scatterlist *dst,
1317 struct scatterlist *src,
1318 unsigned int nbytes)
1319{
1320 return crypto_blkcipher_crt(desc->tfm)->encrypt(desc, dst, src, nbytes);
1321}
1322
Stephan Mueller58284f02014-11-12 05:29:36 +01001323/**
1324 * crypto_blkcipher_decrypt() - decrypt ciphertext
1325 * @desc: reference to the block cipher handle with meta data
1326 * @dst: scatter/gather list that is filled by the cipher operation with the
1327 * plaintext
1328 * @src: scatter/gather list that holds the ciphertext
1329 * @nbytes: number of bytes of the ciphertext to decrypt.
1330 *
1331 * Decrypt ciphertext data using the IV set by the caller with a preceding
1332 * call of crypto_blkcipher_set_iv.
1333 *
1334 * The blkcipher_desc data structure must be filled by the caller as documented
1335 * for the crypto_blkcipher_encrypt call above.
1336 *
1337 * Return: 0 if the cipher operation was successful; < 0 if an error occurred
1338 *
1339 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001340static inline int crypto_blkcipher_decrypt(struct blkcipher_desc *desc,
1341 struct scatterlist *dst,
1342 struct scatterlist *src,
1343 unsigned int nbytes)
1344{
1345 desc->info = crypto_blkcipher_crt(desc->tfm)->iv;
1346 return crypto_blkcipher_crt(desc->tfm)->decrypt(desc, dst, src, nbytes);
1347}
1348
Stephan Mueller58284f02014-11-12 05:29:36 +01001349/**
1350 * crypto_blkcipher_decrypt_iv() - decrypt ciphertext with dedicated IV
1351 * @desc: reference to the block cipher handle with meta data
1352 * @dst: scatter/gather list that is filled by the cipher operation with the
1353 * plaintext
1354 * @src: scatter/gather list that holds the ciphertext
1355 * @nbytes: number of bytes of the ciphertext to decrypt.
1356 *
1357 * Decrypt ciphertext data with the use of an IV that is solely used for this
1358 * cipher operation. Any previously set IV is not used.
1359 *
1360 * The blkcipher_desc data structure must be filled by the caller as documented
1361 * for the crypto_blkcipher_encrypt_iv call above.
1362 *
1363 * Return: 0 if the cipher operation was successful; < 0 if an error occurred
1364 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001365static inline int crypto_blkcipher_decrypt_iv(struct blkcipher_desc *desc,
1366 struct scatterlist *dst,
1367 struct scatterlist *src,
1368 unsigned int nbytes)
1369{
1370 return crypto_blkcipher_crt(desc->tfm)->decrypt(desc, dst, src, nbytes);
1371}
1372
Stephan Mueller58284f02014-11-12 05:29:36 +01001373/**
1374 * crypto_blkcipher_set_iv() - set IV for cipher
1375 * @tfm: cipher handle
1376 * @src: buffer holding the IV
1377 * @len: length of the IV in bytes
1378 *
1379 * The caller provided IV is set for the block cipher referenced by the cipher
1380 * handle.
1381 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001382static inline void crypto_blkcipher_set_iv(struct crypto_blkcipher *tfm,
1383 const u8 *src, unsigned int len)
1384{
1385 memcpy(crypto_blkcipher_crt(tfm)->iv, src, len);
1386}
1387
Stephan Mueller58284f02014-11-12 05:29:36 +01001388/**
1389 * crypto_blkcipher_get_iv() - obtain IV from cipher
1390 * @tfm: cipher handle
1391 * @dst: buffer filled with the IV
1392 * @len: length of the buffer dst
1393 *
1394 * The caller can obtain the IV set for the block cipher referenced by the
1395 * cipher handle and store it into the user-provided buffer. If the buffer
1396 * has an insufficient space, the IV is truncated to fit the buffer.
1397 */
Herbert Xu5cde0af2006-08-22 00:07:53 +10001398static inline void crypto_blkcipher_get_iv(struct crypto_blkcipher *tfm,
1399 u8 *dst, unsigned int len)
1400{
1401 memcpy(dst, crypto_blkcipher_crt(tfm)->iv, len);
1402}
1403
Stephan Mueller16e61032014-11-12 05:30:06 +01001404/**
1405 * DOC: Single Block Cipher API
1406 *
1407 * The single block cipher API is used with the ciphers of type
1408 * CRYPTO_ALG_TYPE_CIPHER (listed as type "cipher" in /proc/crypto).
1409 *
1410 * Using the single block cipher API calls, operations with the basic cipher
1411 * primitive can be implemented. These cipher primitives exclude any block
1412 * chaining operations including IV handling.
1413 *
1414 * The purpose of this single block cipher API is to support the implementation
1415 * of templates or other concepts that only need to perform the cipher operation
1416 * on one block at a time. Templates invoke the underlying cipher primitive
1417 * block-wise and process either the input or the output data of these cipher
1418 * operations.
1419 */
1420
Herbert Xuf28776a2006-08-13 20:58:18 +10001421static inline struct crypto_cipher *__crypto_cipher_cast(struct crypto_tfm *tfm)
1422{
1423 return (struct crypto_cipher *)tfm;
1424}
1425
1426static inline struct crypto_cipher *crypto_cipher_cast(struct crypto_tfm *tfm)
1427{
1428 BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER);
1429 return __crypto_cipher_cast(tfm);
1430}
1431
Stephan Mueller16e61032014-11-12 05:30:06 +01001432/**
1433 * crypto_alloc_cipher() - allocate single block cipher handle
1434 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
1435 * single block cipher
1436 * @type: specifies the type of the cipher
1437 * @mask: specifies the mask for the cipher
1438 *
1439 * Allocate a cipher handle for a single block cipher. The returned struct
1440 * crypto_cipher is the cipher handle that is required for any subsequent API
1441 * invocation for that single block cipher.
1442 *
1443 * Return: allocated cipher handle in case of success; IS_ERR() is true in case
1444 * of an error, PTR_ERR() returns the error code.
1445 */
Herbert Xuf28776a2006-08-13 20:58:18 +10001446static inline struct crypto_cipher *crypto_alloc_cipher(const char *alg_name,
1447 u32 type, u32 mask)
1448{
1449 type &= ~CRYPTO_ALG_TYPE_MASK;
1450 type |= CRYPTO_ALG_TYPE_CIPHER;
1451 mask |= CRYPTO_ALG_TYPE_MASK;
1452
1453 return __crypto_cipher_cast(crypto_alloc_base(alg_name, type, mask));
1454}
1455
1456static inline struct crypto_tfm *crypto_cipher_tfm(struct crypto_cipher *tfm)
1457{
Herbert Xu78a1fe42006-12-24 10:02:00 +11001458 return &tfm->base;
Herbert Xuf28776a2006-08-13 20:58:18 +10001459}
1460
Stephan Mueller16e61032014-11-12 05:30:06 +01001461/**
1462 * crypto_free_cipher() - zeroize and free the single block cipher handle
1463 * @tfm: cipher handle to be freed
1464 */
Herbert Xuf28776a2006-08-13 20:58:18 +10001465static inline void crypto_free_cipher(struct crypto_cipher *tfm)
1466{
1467 crypto_free_tfm(crypto_cipher_tfm(tfm));
1468}
1469
Stephan Mueller16e61032014-11-12 05:30:06 +01001470/**
1471 * crypto_has_cipher() - Search for the availability of a single block cipher
1472 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
1473 * single block cipher
1474 * @type: specifies the type of the cipher
1475 * @mask: specifies the mask for the cipher
1476 *
1477 * Return: true when the single block cipher is known to the kernel crypto API;
1478 * false otherwise
1479 */
Herbert Xufce32d72006-08-26 17:35:45 +10001480static inline int crypto_has_cipher(const char *alg_name, u32 type, u32 mask)
1481{
1482 type &= ~CRYPTO_ALG_TYPE_MASK;
1483 type |= CRYPTO_ALG_TYPE_CIPHER;
1484 mask |= CRYPTO_ALG_TYPE_MASK;
1485
1486 return crypto_has_alg(alg_name, type, mask);
1487}
1488
Herbert Xuf28776a2006-08-13 20:58:18 +10001489static inline struct cipher_tfm *crypto_cipher_crt(struct crypto_cipher *tfm)
1490{
1491 return &crypto_cipher_tfm(tfm)->crt_cipher;
1492}
1493
Stephan Mueller16e61032014-11-12 05:30:06 +01001494/**
1495 * crypto_cipher_blocksize() - obtain block size for cipher
1496 * @tfm: cipher handle
1497 *
1498 * The block size for the single block cipher referenced with the cipher handle
1499 * tfm is returned. The caller may use that information to allocate appropriate
1500 * memory for the data returned by the encryption or decryption operation
1501 *
1502 * Return: block size of cipher
1503 */
Herbert Xuf28776a2006-08-13 20:58:18 +10001504static inline unsigned int crypto_cipher_blocksize(struct crypto_cipher *tfm)
1505{
1506 return crypto_tfm_alg_blocksize(crypto_cipher_tfm(tfm));
1507}
1508
1509static inline unsigned int crypto_cipher_alignmask(struct crypto_cipher *tfm)
1510{
1511 return crypto_tfm_alg_alignmask(crypto_cipher_tfm(tfm));
1512}
1513
1514static inline u32 crypto_cipher_get_flags(struct crypto_cipher *tfm)
1515{
1516 return crypto_tfm_get_flags(crypto_cipher_tfm(tfm));
1517}
1518
1519static inline void crypto_cipher_set_flags(struct crypto_cipher *tfm,
1520 u32 flags)
1521{
1522 crypto_tfm_set_flags(crypto_cipher_tfm(tfm), flags);
1523}
1524
1525static inline void crypto_cipher_clear_flags(struct crypto_cipher *tfm,
1526 u32 flags)
1527{
1528 crypto_tfm_clear_flags(crypto_cipher_tfm(tfm), flags);
1529}
1530
Stephan Mueller16e61032014-11-12 05:30:06 +01001531/**
1532 * crypto_cipher_setkey() - set key for cipher
1533 * @tfm: cipher handle
1534 * @key: buffer holding the key
1535 * @keylen: length of the key in bytes
1536 *
1537 * The caller provided key is set for the single block cipher referenced by the
1538 * cipher handle.
1539 *
1540 * Note, the key length determines the cipher type. Many block ciphers implement
1541 * different cipher modes depending on the key size, such as AES-128 vs AES-192
1542 * vs. AES-256. When providing a 16 byte key for an AES cipher handle, AES-128
1543 * is performed.
1544 *
1545 * Return: 0 if the setting of the key was successful; < 0 if an error occurred
1546 */
Herbert Xu7226bc872006-08-21 21:40:49 +10001547static inline int crypto_cipher_setkey(struct crypto_cipher *tfm,
1548 const u8 *key, unsigned int keylen)
1549{
1550 return crypto_cipher_crt(tfm)->cit_setkey(crypto_cipher_tfm(tfm),
1551 key, keylen);
1552}
1553
Stephan Mueller16e61032014-11-12 05:30:06 +01001554/**
1555 * crypto_cipher_encrypt_one() - encrypt one block of plaintext
1556 * @tfm: cipher handle
1557 * @dst: points to the buffer that will be filled with the ciphertext
1558 * @src: buffer holding the plaintext to be encrypted
1559 *
1560 * Invoke the encryption operation of one block. The caller must ensure that
1561 * the plaintext and ciphertext buffers are at least one block in size.
1562 */
Herbert Xuf28776a2006-08-13 20:58:18 +10001563static inline void crypto_cipher_encrypt_one(struct crypto_cipher *tfm,
1564 u8 *dst, const u8 *src)
1565{
1566 crypto_cipher_crt(tfm)->cit_encrypt_one(crypto_cipher_tfm(tfm),
1567 dst, src);
1568}
1569
Stephan Mueller16e61032014-11-12 05:30:06 +01001570/**
1571 * crypto_cipher_decrypt_one() - decrypt one block of ciphertext
1572 * @tfm: cipher handle
1573 * @dst: points to the buffer that will be filled with the plaintext
1574 * @src: buffer holding the ciphertext to be decrypted
1575 *
1576 * Invoke the decryption operation of one block. The caller must ensure that
1577 * the plaintext and ciphertext buffers are at least one block in size.
1578 */
Herbert Xuf28776a2006-08-13 20:58:18 +10001579static inline void crypto_cipher_decrypt_one(struct crypto_cipher *tfm,
1580 u8 *dst, const u8 *src)
1581{
1582 crypto_cipher_crt(tfm)->cit_decrypt_one(crypto_cipher_tfm(tfm),
1583 dst, src);
1584}
1585
Herbert Xufce32d72006-08-26 17:35:45 +10001586static inline struct crypto_comp *__crypto_comp_cast(struct crypto_tfm *tfm)
1587{
1588 return (struct crypto_comp *)tfm;
1589}
1590
1591static inline struct crypto_comp *crypto_comp_cast(struct crypto_tfm *tfm)
1592{
1593 BUG_ON((crypto_tfm_alg_type(tfm) ^ CRYPTO_ALG_TYPE_COMPRESS) &
1594 CRYPTO_ALG_TYPE_MASK);
1595 return __crypto_comp_cast(tfm);
1596}
1597
1598static inline struct crypto_comp *crypto_alloc_comp(const char *alg_name,
1599 u32 type, u32 mask)
1600{
1601 type &= ~CRYPTO_ALG_TYPE_MASK;
1602 type |= CRYPTO_ALG_TYPE_COMPRESS;
1603 mask |= CRYPTO_ALG_TYPE_MASK;
1604
1605 return __crypto_comp_cast(crypto_alloc_base(alg_name, type, mask));
1606}
1607
1608static inline struct crypto_tfm *crypto_comp_tfm(struct crypto_comp *tfm)
1609{
Herbert Xu78a1fe42006-12-24 10:02:00 +11001610 return &tfm->base;
Herbert Xufce32d72006-08-26 17:35:45 +10001611}
1612
1613static inline void crypto_free_comp(struct crypto_comp *tfm)
1614{
1615 crypto_free_tfm(crypto_comp_tfm(tfm));
1616}
1617
1618static inline int crypto_has_comp(const char *alg_name, u32 type, u32 mask)
1619{
1620 type &= ~CRYPTO_ALG_TYPE_MASK;
1621 type |= CRYPTO_ALG_TYPE_COMPRESS;
1622 mask |= CRYPTO_ALG_TYPE_MASK;
1623
1624 return crypto_has_alg(alg_name, type, mask);
1625}
1626
Herbert Xue4d5b792006-08-26 18:12:40 +10001627static inline const char *crypto_comp_name(struct crypto_comp *tfm)
1628{
1629 return crypto_tfm_alg_name(crypto_comp_tfm(tfm));
1630}
1631
Herbert Xufce32d72006-08-26 17:35:45 +10001632static inline struct compress_tfm *crypto_comp_crt(struct crypto_comp *tfm)
1633{
1634 return &crypto_comp_tfm(tfm)->crt_compress;
1635}
1636
1637static inline int crypto_comp_compress(struct crypto_comp *tfm,
Linus Torvalds1da177e2005-04-16 15:20:36 -07001638 const u8 *src, unsigned int slen,
1639 u8 *dst, unsigned int *dlen)
1640{
Herbert Xu78a1fe42006-12-24 10:02:00 +11001641 return crypto_comp_crt(tfm)->cot_compress(crypto_comp_tfm(tfm),
1642 src, slen, dst, dlen);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001643}
1644
Herbert Xufce32d72006-08-26 17:35:45 +10001645static inline int crypto_comp_decompress(struct crypto_comp *tfm,
Linus Torvalds1da177e2005-04-16 15:20:36 -07001646 const u8 *src, unsigned int slen,
1647 u8 *dst, unsigned int *dlen)
1648{
Herbert Xu78a1fe42006-12-24 10:02:00 +11001649 return crypto_comp_crt(tfm)->cot_decompress(crypto_comp_tfm(tfm),
1650 src, slen, dst, dlen);
Linus Torvalds1da177e2005-04-16 15:20:36 -07001651}
1652
Linus Torvalds1da177e2005-04-16 15:20:36 -07001653#endif /* _LINUX_CRYPTO_H */
1654