akcipher.h 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378
  1. /* SPDX-License-Identifier: GPL-2.0-or-later */
  2. /*
  3. * Public Key Encryption
  4. *
  5. * Copyright (c) 2015, Intel Corporation
  6. * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
  7. */
  8. #ifndef _CRYPTO_AKCIPHER_H
  9. #define _CRYPTO_AKCIPHER_H
  10. #include <linux/atomic.h>
  11. #include <linux/crypto.h>
  12. /**
  13. * struct akcipher_request - public key cipher request
  14. *
  15. * @base: Common attributes for async crypto requests
  16. * @src: Source data
  17. * @dst: Destination data
  18. * @src_len: Size of the input buffer
  19. * @dst_len: Size of @dst buffer
  20. * It needs to be at least as big as the expected result
  21. * depending on the operation.
  22. * After operation it will be updated with the actual size of the
  23. * result.
  24. * In case of error where the dst sgl size was insufficient,
  25. * it will be updated to the size required for the operation.
  26. * @__ctx: Start of private context data
  27. */
  28. struct akcipher_request {
  29. struct crypto_async_request base;
  30. struct scatterlist *src;
  31. struct scatterlist *dst;
  32. unsigned int src_len;
  33. unsigned int dst_len;
  34. void *__ctx[] CRYPTO_MINALIGN_ATTR;
  35. };
  36. /**
  37. * struct crypto_akcipher - user-instantiated objects which encapsulate
  38. * algorithms and core processing logic
  39. *
  40. * @reqsize: Request context size required by algorithm implementation
  41. * @base: Common crypto API algorithm data structure
  42. */
  43. struct crypto_akcipher {
  44. unsigned int reqsize;
  45. struct crypto_tfm base;
  46. };
  47. /**
  48. * struct akcipher_alg - generic public key cipher algorithm
  49. *
  50. * @encrypt: Function performs an encrypt operation as defined by public key
  51. * algorithm. In case of error, where the dst_len was insufficient,
  52. * the req->dst_len will be updated to the size required for the
  53. * operation
  54. * @decrypt: Function performs a decrypt operation as defined by public key
  55. * algorithm. In case of error, where the dst_len was insufficient,
  56. * the req->dst_len will be updated to the size required for the
  57. * operation
  58. * @set_pub_key: Function invokes the algorithm specific set public key
  59. * function, which knows how to decode and interpret
  60. * the BER encoded public key and parameters
  61. * @set_priv_key: Function invokes the algorithm specific set private key
  62. * function, which knows how to decode and interpret
  63. * the BER encoded private key and parameters
  64. * @max_size: Function returns dest buffer size required for a given key.
  65. * @init: Initialize the cryptographic transformation object.
  66. * This function is used to initialize the cryptographic
  67. * transformation object. This function is called only once at
  68. * the instantiation time, right after the transformation context
  69. * was allocated. In case the cryptographic hardware has some
  70. * special requirements which need to be handled by software, this
  71. * function shall check for the precise requirement of the
  72. * transformation and put any software fallbacks in place.
  73. * @exit: Deinitialize the cryptographic transformation object. This is a
  74. * counterpart to @init, used to remove various changes set in
  75. * @init.
  76. *
  77. * @base: Common crypto API algorithm data structure
  78. */
  79. struct akcipher_alg {
  80. int (*encrypt)(struct akcipher_request *req);
  81. int (*decrypt)(struct akcipher_request *req);
  82. int (*set_pub_key)(struct crypto_akcipher *tfm, const void *key,
  83. unsigned int keylen);
  84. int (*set_priv_key)(struct crypto_akcipher *tfm, const void *key,
  85. unsigned int keylen);
  86. unsigned int (*max_size)(struct crypto_akcipher *tfm);
  87. int (*init)(struct crypto_akcipher *tfm);
  88. void (*exit)(struct crypto_akcipher *tfm);
  89. struct crypto_alg base;
  90. };
  91. /**
  92. * DOC: Generic Public Key Cipher API
  93. *
  94. * The Public Key Cipher API is used with the algorithms of type
  95. * CRYPTO_ALG_TYPE_AKCIPHER (listed as type "akcipher" in /proc/crypto)
  96. */
  97. /**
  98. * crypto_alloc_akcipher() - allocate AKCIPHER tfm handle
  99. * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
  100. * public key algorithm e.g. "rsa"
  101. * @type: specifies the type of the algorithm
  102. * @mask: specifies the mask for the algorithm
  103. *
  104. * Allocate a handle for public key algorithm. The returned struct
  105. * crypto_akcipher is the handle that is required for any subsequent
  106. * API invocation for the public key operations.
  107. *
  108. * Return: allocated handle in case of success; IS_ERR() is true in case
  109. * of an error, PTR_ERR() returns the error code.
  110. */
  111. struct crypto_akcipher *crypto_alloc_akcipher(const char *alg_name, u32 type,
  112. u32 mask);
  113. static inline struct crypto_tfm *crypto_akcipher_tfm(
  114. struct crypto_akcipher *tfm)
  115. {
  116. return &tfm->base;
  117. }
  118. static inline struct akcipher_alg *__crypto_akcipher_alg(struct crypto_alg *alg)
  119. {
  120. return container_of(alg, struct akcipher_alg, base);
  121. }
  122. static inline struct crypto_akcipher *__crypto_akcipher_tfm(
  123. struct crypto_tfm *tfm)
  124. {
  125. return container_of(tfm, struct crypto_akcipher, base);
  126. }
  127. static inline struct akcipher_alg *crypto_akcipher_alg(
  128. struct crypto_akcipher *tfm)
  129. {
  130. return __crypto_akcipher_alg(crypto_akcipher_tfm(tfm)->__crt_alg);
  131. }
  132. static inline unsigned int crypto_akcipher_reqsize(struct crypto_akcipher *tfm)
  133. {
  134. return tfm->reqsize;
  135. }
  136. static inline void akcipher_request_set_tfm(struct akcipher_request *req,
  137. struct crypto_akcipher *tfm)
  138. {
  139. req->base.tfm = crypto_akcipher_tfm(tfm);
  140. }
  141. static inline struct crypto_akcipher *crypto_akcipher_reqtfm(
  142. struct akcipher_request *req)
  143. {
  144. return __crypto_akcipher_tfm(req->base.tfm);
  145. }
  146. /**
  147. * crypto_free_akcipher() - free AKCIPHER tfm handle
  148. *
  149. * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
  150. *
  151. * If @tfm is a NULL or error pointer, this function does nothing.
  152. */
  153. static inline void crypto_free_akcipher(struct crypto_akcipher *tfm)
  154. {
  155. crypto_destroy_tfm(tfm, crypto_akcipher_tfm(tfm));
  156. }
  157. /**
  158. * akcipher_request_alloc() - allocates public key request
  159. *
  160. * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
  161. * @gfp: allocation flags
  162. *
  163. * Return: allocated handle in case of success or NULL in case of an error.
  164. */
  165. static inline struct akcipher_request *akcipher_request_alloc(
  166. struct crypto_akcipher *tfm, gfp_t gfp)
  167. {
  168. struct akcipher_request *req;
  169. req = kmalloc(sizeof(*req) + crypto_akcipher_reqsize(tfm), gfp);
  170. if (likely(req))
  171. akcipher_request_set_tfm(req, tfm);
  172. return req;
  173. }
  174. /**
  175. * akcipher_request_free() - zeroize and free public key request
  176. *
  177. * @req: request to free
  178. */
  179. static inline void akcipher_request_free(struct akcipher_request *req)
  180. {
  181. kfree_sensitive(req);
  182. }
  183. /**
  184. * akcipher_request_set_callback() - Sets an asynchronous callback.
  185. *
  186. * Callback will be called when an asynchronous operation on a given
  187. * request is finished.
  188. *
  189. * @req: request that the callback will be set for
  190. * @flgs: specify for instance if the operation may backlog
  191. * @cmpl: callback which will be called
  192. * @data: private data used by the caller
  193. */
  194. static inline void akcipher_request_set_callback(struct akcipher_request *req,
  195. u32 flgs,
  196. crypto_completion_t cmpl,
  197. void *data)
  198. {
  199. req->base.complete = cmpl;
  200. req->base.data = data;
  201. req->base.flags = flgs;
  202. }
  203. /**
  204. * akcipher_request_set_crypt() - Sets request parameters
  205. *
  206. * Sets parameters required by crypto operation
  207. *
  208. * @req: public key request
  209. * @src: ptr to input scatter list
  210. * @dst: ptr to output scatter list
  211. * @src_len: size of the src input scatter list to be processed
  212. * @dst_len: size of the dst output scatter list
  213. */
  214. static inline void akcipher_request_set_crypt(struct akcipher_request *req,
  215. struct scatterlist *src,
  216. struct scatterlist *dst,
  217. unsigned int src_len,
  218. unsigned int dst_len)
  219. {
  220. req->src = src;
  221. req->dst = dst;
  222. req->src_len = src_len;
  223. req->dst_len = dst_len;
  224. }
  225. /**
  226. * crypto_akcipher_maxsize() - Get len for output buffer
  227. *
  228. * Function returns the dest buffer size required for a given key.
  229. * Function assumes that the key is already set in the transformation. If this
  230. * function is called without a setkey or with a failed setkey, you will end up
  231. * in a NULL dereference.
  232. *
  233. * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
  234. */
  235. static inline unsigned int crypto_akcipher_maxsize(struct crypto_akcipher *tfm)
  236. {
  237. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  238. return alg->max_size(tfm);
  239. }
  240. /**
  241. * crypto_akcipher_encrypt() - Invoke public key encrypt operation
  242. *
  243. * Function invokes the specific public key encrypt operation for a given
  244. * public key algorithm
  245. *
  246. * @req: asymmetric key request
  247. *
  248. * Return: zero on success; error code in case of error
  249. */
  250. static inline int crypto_akcipher_encrypt(struct akcipher_request *req)
  251. {
  252. struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
  253. return crypto_akcipher_alg(tfm)->encrypt(req);
  254. }
  255. /**
  256. * crypto_akcipher_decrypt() - Invoke public key decrypt operation
  257. *
  258. * Function invokes the specific public key decrypt operation for a given
  259. * public key algorithm
  260. *
  261. * @req: asymmetric key request
  262. *
  263. * Return: zero on success; error code in case of error
  264. */
  265. static inline int crypto_akcipher_decrypt(struct akcipher_request *req)
  266. {
  267. struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
  268. return crypto_akcipher_alg(tfm)->decrypt(req);
  269. }
  270. /**
  271. * crypto_akcipher_sync_encrypt() - Invoke public key encrypt operation
  272. *
  273. * Function invokes the specific public key encrypt operation for a given
  274. * public key algorithm
  275. *
  276. * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
  277. * @src: source buffer
  278. * @slen: source length
  279. * @dst: destination obuffer
  280. * @dlen: destination length
  281. *
  282. * Return: zero on success; error code in case of error
  283. */
  284. int crypto_akcipher_sync_encrypt(struct crypto_akcipher *tfm,
  285. const void *src, unsigned int slen,
  286. void *dst, unsigned int dlen);
  287. /**
  288. * crypto_akcipher_sync_decrypt() - Invoke public key decrypt operation
  289. *
  290. * Function invokes the specific public key decrypt operation for a given
  291. * public key algorithm
  292. *
  293. * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
  294. * @src: source buffer
  295. * @slen: source length
  296. * @dst: destination obuffer
  297. * @dlen: destination length
  298. *
  299. * Return: Output length on success; error code in case of error
  300. */
  301. int crypto_akcipher_sync_decrypt(struct crypto_akcipher *tfm,
  302. const void *src, unsigned int slen,
  303. void *dst, unsigned int dlen);
  304. /**
  305. * crypto_akcipher_set_pub_key() - Invoke set public key operation
  306. *
  307. * Function invokes the algorithm specific set key function, which knows
  308. * how to decode and interpret the encoded key and parameters
  309. *
  310. * @tfm: tfm handle
  311. * @key: BER encoded public key, algo OID, paramlen, BER encoded
  312. * parameters
  313. * @keylen: length of the key (not including other data)
  314. *
  315. * Return: zero on success; error code in case of error
  316. */
  317. static inline int crypto_akcipher_set_pub_key(struct crypto_akcipher *tfm,
  318. const void *key,
  319. unsigned int keylen)
  320. {
  321. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  322. return alg->set_pub_key(tfm, key, keylen);
  323. }
  324. /**
  325. * crypto_akcipher_set_priv_key() - Invoke set private key operation
  326. *
  327. * Function invokes the algorithm specific set key function, which knows
  328. * how to decode and interpret the encoded key and parameters
  329. *
  330. * @tfm: tfm handle
  331. * @key: BER encoded private key, algo OID, paramlen, BER encoded
  332. * parameters
  333. * @keylen: length of the key (not including other data)
  334. *
  335. * Return: zero on success; error code in case of error
  336. */
  337. static inline int crypto_akcipher_set_priv_key(struct crypto_akcipher *tfm,
  338. const void *key,
  339. unsigned int keylen)
  340. {
  341. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  342. return alg->set_priv_key(tfm, key, keylen);
  343. }
  344. #endif