skcipher.h 33 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940
  1. /* SPDX-License-Identifier: GPL-2.0-or-later */
  2. /*
  3. * Symmetric key ciphers.
  4. *
  5. * Copyright (c) 2007-2015 Herbert Xu <herbert@gondor.apana.org.au>
  6. */
  7. #ifndef _CRYPTO_SKCIPHER_H
  8. #define _CRYPTO_SKCIPHER_H
  9. #include <linux/atomic.h>
  10. #include <linux/container_of.h>
  11. #include <linux/crypto.h>
  12. #include <linux/slab.h>
  13. #include <linux/string.h>
  14. #include <linux/types.h>
  15. /* Set this bit if the lskcipher operation is a continuation. */
  16. #define CRYPTO_LSKCIPHER_FLAG_CONT 0x00000001
  17. /* Set this bit if the lskcipher operation is final. */
  18. #define CRYPTO_LSKCIPHER_FLAG_FINAL 0x00000002
  19. /* The bit CRYPTO_TFM_REQ_MAY_SLEEP can also be set if needed. */
  20. /* Set this bit if the skcipher operation is a continuation. */
  21. #define CRYPTO_SKCIPHER_REQ_CONT 0x00000001
  22. /* Set this bit if the skcipher operation is not final. */
  23. #define CRYPTO_SKCIPHER_REQ_NOTFINAL 0x00000002
  24. struct scatterlist;
  25. /**
  26. * struct skcipher_request - Symmetric key cipher request
  27. * @cryptlen: Number of bytes to encrypt or decrypt
  28. * @iv: Initialisation Vector
  29. * @src: Source SG list
  30. * @dst: Destination SG list
  31. * @base: Underlying async request
  32. * @__ctx: Start of private context data
  33. */
  34. struct skcipher_request {
  35. unsigned int cryptlen;
  36. u8 *iv;
  37. struct scatterlist *src;
  38. struct scatterlist *dst;
  39. struct crypto_async_request base;
  40. void *__ctx[] CRYPTO_MINALIGN_ATTR;
  41. };
  42. struct crypto_skcipher {
  43. unsigned int reqsize;
  44. struct crypto_tfm base;
  45. };
  46. struct crypto_sync_skcipher {
  47. struct crypto_skcipher base;
  48. };
  49. struct crypto_lskcipher {
  50. struct crypto_tfm base;
  51. };
  52. /*
  53. * struct skcipher_alg_common - common properties of skcipher_alg
  54. * @min_keysize: Minimum key size supported by the transformation. This is the
  55. * smallest key length supported by this transformation algorithm.
  56. * This must be set to one of the pre-defined values as this is
  57. * not hardware specific. Possible values for this field can be
  58. * found via git grep "_MIN_KEY_SIZE" include/crypto/
  59. * @max_keysize: Maximum key size supported by the transformation. This is the
  60. * largest key length supported by this transformation algorithm.
  61. * This must be set to one of the pre-defined values as this is
  62. * not hardware specific. Possible values for this field can be
  63. * found via git grep "_MAX_KEY_SIZE" include/crypto/
  64. * @ivsize: IV size applicable for transformation. The consumer must provide an
  65. * IV of exactly that size to perform the encrypt or decrypt operation.
  66. * @chunksize: Equal to the block size except for stream ciphers such as
  67. * CTR where it is set to the underlying block size.
  68. * @statesize: Size of the internal state for the algorithm.
  69. * @base: Definition of a generic crypto algorithm.
  70. */
  71. #define SKCIPHER_ALG_COMMON { \
  72. unsigned int min_keysize; \
  73. unsigned int max_keysize; \
  74. unsigned int ivsize; \
  75. unsigned int chunksize; \
  76. unsigned int statesize; \
  77. \
  78. struct crypto_alg base; \
  79. }
  80. struct skcipher_alg_common SKCIPHER_ALG_COMMON;
  81. /**
  82. * struct skcipher_alg - symmetric key cipher definition
  83. * @setkey: Set key for the transformation. This function is used to either
  84. * program a supplied key into the hardware or store the key in the
  85. * transformation context for programming it later. Note that this
  86. * function does modify the transformation context. This function can
  87. * be called multiple times during the existence of the transformation
  88. * object, so one must make sure the key is properly reprogrammed into
  89. * the hardware. This function is also responsible for checking the key
  90. * length for validity. In case a software fallback was put in place in
  91. * the @cra_init call, this function might need to use the fallback if
  92. * the algorithm doesn't support all of the key sizes.
  93. * @encrypt: Encrypt a scatterlist of blocks. This function is used to encrypt
  94. * the supplied scatterlist containing the blocks of data. The crypto
  95. * API consumer is responsible for aligning the entries of the
  96. * scatterlist properly and making sure the chunks are correctly
  97. * sized. In case a software fallback was put in place in the
  98. * @cra_init call, this function might need to use the fallback if
  99. * the algorithm doesn't support all of the key sizes. In case the
  100. * key was stored in transformation context, the key might need to be
  101. * re-programmed into the hardware in this function. This function
  102. * shall not modify the transformation context, as this function may
  103. * be called in parallel with the same transformation object.
  104. * @decrypt: Decrypt a single block. This is a reverse counterpart to @encrypt
  105. * and the conditions are exactly the same.
  106. * @export: Export partial state of the transformation. This function dumps the
  107. * entire state of the ongoing transformation into a provided block of
  108. * data so it can be @import 'ed back later on. This is useful in case
  109. * you want to save partial result of the transformation after
  110. * processing certain amount of data and reload this partial result
  111. * multiple times later on for multiple re-use. No data processing
  112. * happens at this point.
  113. * @import: Import partial state of the transformation. This function loads the
  114. * entire state of the ongoing transformation from a provided block of
  115. * data so the transformation can continue from this point onward. No
  116. * data processing happens at this point.
  117. * @init: Initialize the cryptographic transformation object. This function
  118. * is used to initialize the cryptographic transformation object.
  119. * This function is called only once at the instantiation time, right
  120. * after the transformation context was allocated. In case the
  121. * cryptographic hardware has some special requirements which need to
  122. * be handled by software, this function shall check for the precise
  123. * requirement of the transformation and put any software fallbacks
  124. * in place.
  125. * @exit: Deinitialize the cryptographic transformation object. This is a
  126. * counterpart to @init, used to remove various changes set in
  127. * @init.
  128. * @walksize: Equal to the chunk size except in cases where the algorithm is
  129. * considerably more efficient if it can operate on multiple chunks
  130. * in parallel. Should be a multiple of chunksize.
  131. * @co: see struct skcipher_alg_common
  132. *
  133. * All fields except @ivsize are mandatory and must be filled.
  134. */
  135. struct skcipher_alg {
  136. int (*setkey)(struct crypto_skcipher *tfm, const u8 *key,
  137. unsigned int keylen);
  138. int (*encrypt)(struct skcipher_request *req);
  139. int (*decrypt)(struct skcipher_request *req);
  140. int (*export)(struct skcipher_request *req, void *out);
  141. int (*import)(struct skcipher_request *req, const void *in);
  142. int (*init)(struct crypto_skcipher *tfm);
  143. void (*exit)(struct crypto_skcipher *tfm);
  144. unsigned int walksize;
  145. union {
  146. struct SKCIPHER_ALG_COMMON;
  147. struct skcipher_alg_common co;
  148. };
  149. };
  150. /**
  151. * struct lskcipher_alg - linear symmetric key cipher definition
  152. * @setkey: Set key for the transformation. This function is used to either
  153. * program a supplied key into the hardware or store the key in the
  154. * transformation context for programming it later. Note that this
  155. * function does modify the transformation context. This function can
  156. * be called multiple times during the existence of the transformation
  157. * object, so one must make sure the key is properly reprogrammed into
  158. * the hardware. This function is also responsible for checking the key
  159. * length for validity. In case a software fallback was put in place in
  160. * the @cra_init call, this function might need to use the fallback if
  161. * the algorithm doesn't support all of the key sizes.
  162. * @encrypt: Encrypt a number of bytes. This function is used to encrypt
  163. * the supplied data. This function shall not modify
  164. * the transformation context, as this function may be called
  165. * in parallel with the same transformation object. Data
  166. * may be left over if length is not a multiple of blocks
  167. * and there is more to come (final == false). The number of
  168. * left-over bytes should be returned in case of success.
  169. * The siv field shall be as long as ivsize + statesize with
  170. * the IV placed at the front. The state will be used by the
  171. * algorithm internally.
  172. * @decrypt: Decrypt a number of bytes. This is a reverse counterpart to
  173. * @encrypt and the conditions are exactly the same.
  174. * @init: Initialize the cryptographic transformation object. This function
  175. * is used to initialize the cryptographic transformation object.
  176. * This function is called only once at the instantiation time, right
  177. * after the transformation context was allocated.
  178. * @exit: Deinitialize the cryptographic transformation object. This is a
  179. * counterpart to @init, used to remove various changes set in
  180. * @init.
  181. * @co: see struct skcipher_alg_common
  182. */
  183. struct lskcipher_alg {
  184. int (*setkey)(struct crypto_lskcipher *tfm, const u8 *key,
  185. unsigned int keylen);
  186. int (*encrypt)(struct crypto_lskcipher *tfm, const u8 *src,
  187. u8 *dst, unsigned len, u8 *siv, u32 flags);
  188. int (*decrypt)(struct crypto_lskcipher *tfm, const u8 *src,
  189. u8 *dst, unsigned len, u8 *siv, u32 flags);
  190. int (*init)(struct crypto_lskcipher *tfm);
  191. void (*exit)(struct crypto_lskcipher *tfm);
  192. struct skcipher_alg_common co;
  193. };
  194. #define MAX_SYNC_SKCIPHER_REQSIZE 384
  195. /*
  196. * This performs a type-check against the "_tfm" argument to make sure
  197. * all users have the correct skcipher tfm for doing on-stack requests.
  198. */
  199. #define SYNC_SKCIPHER_REQUEST_ON_STACK(name, _tfm) \
  200. char __##name##_desc[sizeof(struct skcipher_request) + \
  201. MAX_SYNC_SKCIPHER_REQSIZE \
  202. ] CRYPTO_MINALIGN_ATTR; \
  203. struct skcipher_request *name = \
  204. (((struct skcipher_request *)__##name##_desc)->base.tfm = \
  205. crypto_sync_skcipher_tfm((_tfm)), \
  206. (void *)__##name##_desc)
  207. /**
  208. * DOC: Symmetric Key Cipher API
  209. *
  210. * Symmetric key cipher API is used with the ciphers of type
  211. * CRYPTO_ALG_TYPE_SKCIPHER (listed as type "skcipher" in /proc/crypto).
  212. *
  213. * Asynchronous cipher operations imply that the function invocation for a
  214. * cipher request returns immediately before the completion of the operation.
  215. * The cipher request is scheduled as a separate kernel thread and therefore
  216. * load-balanced on the different CPUs via the process scheduler. To allow
  217. * the kernel crypto API to inform the caller about the completion of a cipher
  218. * request, the caller must provide a callback function. That function is
  219. * invoked with the cipher handle when the request completes.
  220. *
  221. * To support the asynchronous operation, additional information than just the
  222. * cipher handle must be supplied to the kernel crypto API. That additional
  223. * information is given by filling in the skcipher_request data structure.
  224. *
  225. * For the symmetric key cipher API, the state is maintained with the tfm
  226. * cipher handle. A single tfm can be used across multiple calls and in
  227. * parallel. For asynchronous block cipher calls, context data supplied and
  228. * only used by the caller can be referenced the request data structure in
  229. * addition to the IV used for the cipher request. The maintenance of such
  230. * state information would be important for a crypto driver implementer to
  231. * have, because when calling the callback function upon completion of the
  232. * cipher operation, that callback function may need some information about
  233. * which operation just finished if it invoked multiple in parallel. This
  234. * state information is unused by the kernel crypto API.
  235. */
  236. static inline struct crypto_skcipher *__crypto_skcipher_cast(
  237. struct crypto_tfm *tfm)
  238. {
  239. return container_of(tfm, struct crypto_skcipher, base);
  240. }
  241. /**
  242. * crypto_alloc_skcipher() - allocate symmetric key cipher handle
  243. * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
  244. * skcipher cipher
  245. * @type: specifies the type of the cipher
  246. * @mask: specifies the mask for the cipher
  247. *
  248. * Allocate a cipher handle for an skcipher. The returned struct
  249. * crypto_skcipher is the cipher handle that is required for any subsequent
  250. * API invocation for that skcipher.
  251. *
  252. * Return: allocated cipher handle in case of success; IS_ERR() is true in case
  253. * of an error, PTR_ERR() returns the error code.
  254. */
  255. struct crypto_skcipher *crypto_alloc_skcipher(const char *alg_name,
  256. u32 type, u32 mask);
  257. struct crypto_sync_skcipher *crypto_alloc_sync_skcipher(const char *alg_name,
  258. u32 type, u32 mask);
  259. /**
  260. * crypto_alloc_lskcipher() - allocate linear symmetric key cipher handle
  261. * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
  262. * lskcipher
  263. * @type: specifies the type of the cipher
  264. * @mask: specifies the mask for the cipher
  265. *
  266. * Allocate a cipher handle for an lskcipher. The returned struct
  267. * crypto_lskcipher is the cipher handle that is required for any subsequent
  268. * API invocation for that lskcipher.
  269. *
  270. * Return: allocated cipher handle in case of success; IS_ERR() is true in case
  271. * of an error, PTR_ERR() returns the error code.
  272. */
  273. struct crypto_lskcipher *crypto_alloc_lskcipher(const char *alg_name,
  274. u32 type, u32 mask);
  275. static inline struct crypto_tfm *crypto_skcipher_tfm(
  276. struct crypto_skcipher *tfm)
  277. {
  278. return &tfm->base;
  279. }
  280. static inline struct crypto_tfm *crypto_lskcipher_tfm(
  281. struct crypto_lskcipher *tfm)
  282. {
  283. return &tfm->base;
  284. }
  285. static inline struct crypto_tfm *crypto_sync_skcipher_tfm(
  286. struct crypto_sync_skcipher *tfm)
  287. {
  288. return crypto_skcipher_tfm(&tfm->base);
  289. }
  290. /**
  291. * crypto_free_skcipher() - zeroize and free cipher handle
  292. * @tfm: cipher handle to be freed
  293. *
  294. * If @tfm is a NULL or error pointer, this function does nothing.
  295. */
  296. static inline void crypto_free_skcipher(struct crypto_skcipher *tfm)
  297. {
  298. crypto_destroy_tfm(tfm, crypto_skcipher_tfm(tfm));
  299. }
  300. static inline void crypto_free_sync_skcipher(struct crypto_sync_skcipher *tfm)
  301. {
  302. crypto_free_skcipher(&tfm->base);
  303. }
  304. /**
  305. * crypto_free_lskcipher() - zeroize and free cipher handle
  306. * @tfm: cipher handle to be freed
  307. *
  308. * If @tfm is a NULL or error pointer, this function does nothing.
  309. */
  310. static inline void crypto_free_lskcipher(struct crypto_lskcipher *tfm)
  311. {
  312. crypto_destroy_tfm(tfm, crypto_lskcipher_tfm(tfm));
  313. }
  314. /**
  315. * crypto_has_skcipher() - Search for the availability of an skcipher.
  316. * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
  317. * skcipher
  318. * @type: specifies the type of the skcipher
  319. * @mask: specifies the mask for the skcipher
  320. *
  321. * Return: true when the skcipher is known to the kernel crypto API; false
  322. * otherwise
  323. */
  324. int crypto_has_skcipher(const char *alg_name, u32 type, u32 mask);
  325. static inline const char *crypto_skcipher_driver_name(
  326. struct crypto_skcipher *tfm)
  327. {
  328. return crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
  329. }
  330. static inline const char *crypto_lskcipher_driver_name(
  331. struct crypto_lskcipher *tfm)
  332. {
  333. return crypto_tfm_alg_driver_name(crypto_lskcipher_tfm(tfm));
  334. }
  335. static inline struct skcipher_alg_common *crypto_skcipher_alg_common(
  336. struct crypto_skcipher *tfm)
  337. {
  338. return container_of(crypto_skcipher_tfm(tfm)->__crt_alg,
  339. struct skcipher_alg_common, base);
  340. }
  341. static inline struct skcipher_alg *crypto_skcipher_alg(
  342. struct crypto_skcipher *tfm)
  343. {
  344. return container_of(crypto_skcipher_tfm(tfm)->__crt_alg,
  345. struct skcipher_alg, base);
  346. }
  347. static inline struct lskcipher_alg *crypto_lskcipher_alg(
  348. struct crypto_lskcipher *tfm)
  349. {
  350. return container_of(crypto_lskcipher_tfm(tfm)->__crt_alg,
  351. struct lskcipher_alg, co.base);
  352. }
  353. /**
  354. * crypto_skcipher_ivsize() - obtain IV size
  355. * @tfm: cipher handle
  356. *
  357. * The size of the IV for the skcipher referenced by the cipher handle is
  358. * returned. This IV size may be zero if the cipher does not need an IV.
  359. *
  360. * Return: IV size in bytes
  361. */
  362. static inline unsigned int crypto_skcipher_ivsize(struct crypto_skcipher *tfm)
  363. {
  364. return crypto_skcipher_alg_common(tfm)->ivsize;
  365. }
  366. static inline unsigned int crypto_sync_skcipher_ivsize(
  367. struct crypto_sync_skcipher *tfm)
  368. {
  369. return crypto_skcipher_ivsize(&tfm->base);
  370. }
  371. /**
  372. * crypto_lskcipher_ivsize() - obtain IV size
  373. * @tfm: cipher handle
  374. *
  375. * The size of the IV for the lskcipher referenced by the cipher handle is
  376. * returned. This IV size may be zero if the cipher does not need an IV.
  377. *
  378. * Return: IV size in bytes
  379. */
  380. static inline unsigned int crypto_lskcipher_ivsize(
  381. struct crypto_lskcipher *tfm)
  382. {
  383. return crypto_lskcipher_alg(tfm)->co.ivsize;
  384. }
  385. /**
  386. * crypto_skcipher_blocksize() - obtain block size of cipher
  387. * @tfm: cipher handle
  388. *
  389. * The block size for the skcipher referenced with the cipher handle is
  390. * returned. The caller may use that information to allocate appropriate
  391. * memory for the data returned by the encryption or decryption operation
  392. *
  393. * Return: block size of cipher
  394. */
  395. static inline unsigned int crypto_skcipher_blocksize(
  396. struct crypto_skcipher *tfm)
  397. {
  398. return crypto_tfm_alg_blocksize(crypto_skcipher_tfm(tfm));
  399. }
  400. /**
  401. * crypto_lskcipher_blocksize() - obtain block size of cipher
  402. * @tfm: cipher handle
  403. *
  404. * The block size for the lskcipher referenced with the cipher handle is
  405. * returned. The caller may use that information to allocate appropriate
  406. * memory for the data returned by the encryption or decryption operation
  407. *
  408. * Return: block size of cipher
  409. */
  410. static inline unsigned int crypto_lskcipher_blocksize(
  411. struct crypto_lskcipher *tfm)
  412. {
  413. return crypto_tfm_alg_blocksize(crypto_lskcipher_tfm(tfm));
  414. }
  415. /**
  416. * crypto_skcipher_chunksize() - obtain chunk size
  417. * @tfm: cipher handle
  418. *
  419. * The block size is set to one for ciphers such as CTR. However,
  420. * you still need to provide incremental updates in multiples of
  421. * the underlying block size as the IV does not have sub-block
  422. * granularity. This is known in this API as the chunk size.
  423. *
  424. * Return: chunk size in bytes
  425. */
  426. static inline unsigned int crypto_skcipher_chunksize(
  427. struct crypto_skcipher *tfm)
  428. {
  429. return crypto_skcipher_alg_common(tfm)->chunksize;
  430. }
  431. /**
  432. * crypto_lskcipher_chunksize() - obtain chunk size
  433. * @tfm: cipher handle
  434. *
  435. * The block size is set to one for ciphers such as CTR. However,
  436. * you still need to provide incremental updates in multiples of
  437. * the underlying block size as the IV does not have sub-block
  438. * granularity. This is known in this API as the chunk size.
  439. *
  440. * Return: chunk size in bytes
  441. */
  442. static inline unsigned int crypto_lskcipher_chunksize(
  443. struct crypto_lskcipher *tfm)
  444. {
  445. return crypto_lskcipher_alg(tfm)->co.chunksize;
  446. }
  447. /**
  448. * crypto_skcipher_statesize() - obtain state size
  449. * @tfm: cipher handle
  450. *
  451. * Some algorithms cannot be chained with the IV alone. They carry
  452. * internal state which must be replicated if data is to be processed
  453. * incrementally. The size of that state can be obtained with this
  454. * function.
  455. *
  456. * Return: state size in bytes
  457. */
  458. static inline unsigned int crypto_skcipher_statesize(
  459. struct crypto_skcipher *tfm)
  460. {
  461. return crypto_skcipher_alg_common(tfm)->statesize;
  462. }
  463. /**
  464. * crypto_lskcipher_statesize() - obtain state size
  465. * @tfm: cipher handle
  466. *
  467. * Some algorithms cannot be chained with the IV alone. They carry
  468. * internal state which must be replicated if data is to be processed
  469. * incrementally. The size of that state can be obtained with this
  470. * function.
  471. *
  472. * Return: state size in bytes
  473. */
  474. static inline unsigned int crypto_lskcipher_statesize(
  475. struct crypto_lskcipher *tfm)
  476. {
  477. return crypto_lskcipher_alg(tfm)->co.statesize;
  478. }
  479. static inline unsigned int crypto_sync_skcipher_blocksize(
  480. struct crypto_sync_skcipher *tfm)
  481. {
  482. return crypto_skcipher_blocksize(&tfm->base);
  483. }
  484. static inline unsigned int crypto_skcipher_alignmask(
  485. struct crypto_skcipher *tfm)
  486. {
  487. return crypto_tfm_alg_alignmask(crypto_skcipher_tfm(tfm));
  488. }
  489. static inline unsigned int crypto_lskcipher_alignmask(
  490. struct crypto_lskcipher *tfm)
  491. {
  492. return crypto_tfm_alg_alignmask(crypto_lskcipher_tfm(tfm));
  493. }
  494. static inline u32 crypto_skcipher_get_flags(struct crypto_skcipher *tfm)
  495. {
  496. return crypto_tfm_get_flags(crypto_skcipher_tfm(tfm));
  497. }
  498. static inline void crypto_skcipher_set_flags(struct crypto_skcipher *tfm,
  499. u32 flags)
  500. {
  501. crypto_tfm_set_flags(crypto_skcipher_tfm(tfm), flags);
  502. }
  503. static inline void crypto_skcipher_clear_flags(struct crypto_skcipher *tfm,
  504. u32 flags)
  505. {
  506. crypto_tfm_clear_flags(crypto_skcipher_tfm(tfm), flags);
  507. }
  508. static inline u32 crypto_sync_skcipher_get_flags(
  509. struct crypto_sync_skcipher *tfm)
  510. {
  511. return crypto_skcipher_get_flags(&tfm->base);
  512. }
  513. static inline void crypto_sync_skcipher_set_flags(
  514. struct crypto_sync_skcipher *tfm, u32 flags)
  515. {
  516. crypto_skcipher_set_flags(&tfm->base, flags);
  517. }
  518. static inline void crypto_sync_skcipher_clear_flags(
  519. struct crypto_sync_skcipher *tfm, u32 flags)
  520. {
  521. crypto_skcipher_clear_flags(&tfm->base, flags);
  522. }
  523. static inline u32 crypto_lskcipher_get_flags(struct crypto_lskcipher *tfm)
  524. {
  525. return crypto_tfm_get_flags(crypto_lskcipher_tfm(tfm));
  526. }
  527. static inline void crypto_lskcipher_set_flags(struct crypto_lskcipher *tfm,
  528. u32 flags)
  529. {
  530. crypto_tfm_set_flags(crypto_lskcipher_tfm(tfm), flags);
  531. }
  532. static inline void crypto_lskcipher_clear_flags(struct crypto_lskcipher *tfm,
  533. u32 flags)
  534. {
  535. crypto_tfm_clear_flags(crypto_lskcipher_tfm(tfm), flags);
  536. }
  537. /**
  538. * crypto_skcipher_setkey() - set key for cipher
  539. * @tfm: cipher handle
  540. * @key: buffer holding the key
  541. * @keylen: length of the key in bytes
  542. *
  543. * The caller provided key is set for the skcipher referenced by the cipher
  544. * handle.
  545. *
  546. * Note, the key length determines the cipher type. Many block ciphers implement
  547. * different cipher modes depending on the key size, such as AES-128 vs AES-192
  548. * vs. AES-256. When providing a 16 byte key for an AES cipher handle, AES-128
  549. * is performed.
  550. *
  551. * Return: 0 if the setting of the key was successful; < 0 if an error occurred
  552. */
  553. int crypto_skcipher_setkey(struct crypto_skcipher *tfm,
  554. const u8 *key, unsigned int keylen);
  555. static inline int crypto_sync_skcipher_setkey(struct crypto_sync_skcipher *tfm,
  556. const u8 *key, unsigned int keylen)
  557. {
  558. return crypto_skcipher_setkey(&tfm->base, key, keylen);
  559. }
  560. /**
  561. * crypto_lskcipher_setkey() - set key for cipher
  562. * @tfm: cipher handle
  563. * @key: buffer holding the key
  564. * @keylen: length of the key in bytes
  565. *
  566. * The caller provided key is set for the lskcipher referenced by the cipher
  567. * handle.
  568. *
  569. * Note, the key length determines the cipher type. Many block ciphers implement
  570. * different cipher modes depending on the key size, such as AES-128 vs AES-192
  571. * vs. AES-256. When providing a 16 byte key for an AES cipher handle, AES-128
  572. * is performed.
  573. *
  574. * Return: 0 if the setting of the key was successful; < 0 if an error occurred
  575. */
  576. int crypto_lskcipher_setkey(struct crypto_lskcipher *tfm,
  577. const u8 *key, unsigned int keylen);
  578. static inline unsigned int crypto_skcipher_min_keysize(
  579. struct crypto_skcipher *tfm)
  580. {
  581. return crypto_skcipher_alg_common(tfm)->min_keysize;
  582. }
  583. static inline unsigned int crypto_skcipher_max_keysize(
  584. struct crypto_skcipher *tfm)
  585. {
  586. return crypto_skcipher_alg_common(tfm)->max_keysize;
  587. }
  588. static inline unsigned int crypto_lskcipher_min_keysize(
  589. struct crypto_lskcipher *tfm)
  590. {
  591. return crypto_lskcipher_alg(tfm)->co.min_keysize;
  592. }
  593. static inline unsigned int crypto_lskcipher_max_keysize(
  594. struct crypto_lskcipher *tfm)
  595. {
  596. return crypto_lskcipher_alg(tfm)->co.max_keysize;
  597. }
  598. /**
  599. * crypto_skcipher_reqtfm() - obtain cipher handle from request
  600. * @req: skcipher_request out of which the cipher handle is to be obtained
  601. *
  602. * Return the crypto_skcipher handle when furnishing an skcipher_request
  603. * data structure.
  604. *
  605. * Return: crypto_skcipher handle
  606. */
  607. static inline struct crypto_skcipher *crypto_skcipher_reqtfm(
  608. struct skcipher_request *req)
  609. {
  610. return __crypto_skcipher_cast(req->base.tfm);
  611. }
  612. static inline struct crypto_sync_skcipher *crypto_sync_skcipher_reqtfm(
  613. struct skcipher_request *req)
  614. {
  615. struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
  616. return container_of(tfm, struct crypto_sync_skcipher, base);
  617. }
  618. /**
  619. * crypto_skcipher_encrypt() - encrypt plaintext
  620. * @req: reference to the skcipher_request handle that holds all information
  621. * needed to perform the cipher operation
  622. *
  623. * Encrypt plaintext data using the skcipher_request handle. That data
  624. * structure and how it is filled with data is discussed with the
  625. * skcipher_request_* functions.
  626. *
  627. * Return: 0 if the cipher operation was successful; < 0 if an error occurred
  628. */
  629. int crypto_skcipher_encrypt(struct skcipher_request *req);
  630. /**
  631. * crypto_skcipher_decrypt() - decrypt ciphertext
  632. * @req: reference to the skcipher_request handle that holds all information
  633. * needed to perform the cipher operation
  634. *
  635. * Decrypt ciphertext data using the skcipher_request handle. That data
  636. * structure and how it is filled with data is discussed with the
  637. * skcipher_request_* functions.
  638. *
  639. * Return: 0 if the cipher operation was successful; < 0 if an error occurred
  640. */
  641. int crypto_skcipher_decrypt(struct skcipher_request *req);
  642. /**
  643. * crypto_skcipher_export() - export partial state
  644. * @req: reference to the skcipher_request handle that holds all information
  645. * needed to perform the operation
  646. * @out: output buffer of sufficient size that can hold the state
  647. *
  648. * Export partial state of the transformation. This function dumps the
  649. * entire state of the ongoing transformation into a provided block of
  650. * data so it can be @import 'ed back later on. This is useful in case
  651. * you want to save partial result of the transformation after
  652. * processing certain amount of data and reload this partial result
  653. * multiple times later on for multiple re-use. No data processing
  654. * happens at this point.
  655. *
  656. * Return: 0 if the cipher operation was successful; < 0 if an error occurred
  657. */
  658. int crypto_skcipher_export(struct skcipher_request *req, void *out);
  659. /**
  660. * crypto_skcipher_import() - import partial state
  661. * @req: reference to the skcipher_request handle that holds all information
  662. * needed to perform the operation
  663. * @in: buffer holding the state
  664. *
  665. * Import partial state of the transformation. This function loads the
  666. * entire state of the ongoing transformation from a provided block of
  667. * data so the transformation can continue from this point onward. No
  668. * data processing happens at this point.
  669. *
  670. * Return: 0 if the cipher operation was successful; < 0 if an error occurred
  671. */
  672. int crypto_skcipher_import(struct skcipher_request *req, const void *in);
  673. /**
  674. * crypto_lskcipher_encrypt() - encrypt plaintext
  675. * @tfm: lskcipher handle
  676. * @src: source buffer
  677. * @dst: destination buffer
  678. * @len: number of bytes to process
  679. * @siv: IV + state for the cipher operation. The length of the IV must
  680. * comply with the IV size defined by crypto_lskcipher_ivsize. The
  681. * IV is then followed with a buffer with the length as specified by
  682. * crypto_lskcipher_statesize.
  683. * Encrypt plaintext data using the lskcipher handle.
  684. *
  685. * Return: >=0 if the cipher operation was successful, if positive
  686. * then this many bytes have been left unprocessed;
  687. * < 0 if an error occurred
  688. */
  689. int crypto_lskcipher_encrypt(struct crypto_lskcipher *tfm, const u8 *src,
  690. u8 *dst, unsigned len, u8 *siv);
  691. /**
  692. * crypto_lskcipher_decrypt() - decrypt ciphertext
  693. * @tfm: lskcipher handle
  694. * @src: source buffer
  695. * @dst: destination buffer
  696. * @len: number of bytes to process
  697. * @siv: IV + state for the cipher operation. The length of the IV must
  698. * comply with the IV size defined by crypto_lskcipher_ivsize. The
  699. * IV is then followed with a buffer with the length as specified by
  700. * crypto_lskcipher_statesize.
  701. *
  702. * Decrypt ciphertext data using the lskcipher handle.
  703. *
  704. * Return: >=0 if the cipher operation was successful, if positive
  705. * then this many bytes have been left unprocessed;
  706. * < 0 if an error occurred
  707. */
  708. int crypto_lskcipher_decrypt(struct crypto_lskcipher *tfm, const u8 *src,
  709. u8 *dst, unsigned len, u8 *siv);
  710. /**
  711. * DOC: Symmetric Key Cipher Request Handle
  712. *
  713. * The skcipher_request data structure contains all pointers to data
  714. * required for the symmetric key cipher operation. This includes the cipher
  715. * handle (which can be used by multiple skcipher_request instances), pointer
  716. * to plaintext and ciphertext, asynchronous callback function, etc. It acts
  717. * as a handle to the skcipher_request_* API calls in a similar way as
  718. * skcipher handle to the crypto_skcipher_* API calls.
  719. */
  720. /**
  721. * crypto_skcipher_reqsize() - obtain size of the request data structure
  722. * @tfm: cipher handle
  723. *
  724. * Return: number of bytes
  725. */
  726. static inline unsigned int crypto_skcipher_reqsize(struct crypto_skcipher *tfm)
  727. {
  728. return tfm->reqsize;
  729. }
  730. /**
  731. * skcipher_request_set_tfm() - update cipher handle reference in request
  732. * @req: request handle to be modified
  733. * @tfm: cipher handle that shall be added to the request handle
  734. *
  735. * Allow the caller to replace the existing skcipher handle in the request
  736. * data structure with a different one.
  737. */
  738. static inline void skcipher_request_set_tfm(struct skcipher_request *req,
  739. struct crypto_skcipher *tfm)
  740. {
  741. req->base.tfm = crypto_skcipher_tfm(tfm);
  742. }
  743. static inline void skcipher_request_set_sync_tfm(struct skcipher_request *req,
  744. struct crypto_sync_skcipher *tfm)
  745. {
  746. skcipher_request_set_tfm(req, &tfm->base);
  747. }
  748. static inline struct skcipher_request *skcipher_request_cast(
  749. struct crypto_async_request *req)
  750. {
  751. return container_of(req, struct skcipher_request, base);
  752. }
  753. /**
  754. * skcipher_request_alloc() - allocate request data structure
  755. * @tfm: cipher handle to be registered with the request
  756. * @gfp: memory allocation flag that is handed to kmalloc by the API call.
  757. *
  758. * Allocate the request data structure that must be used with the skcipher
  759. * encrypt and decrypt API calls. During the allocation, the provided skcipher
  760. * handle is registered in the request data structure.
  761. *
  762. * Return: allocated request handle in case of success, or NULL if out of memory
  763. */
  764. static inline struct skcipher_request *skcipher_request_alloc_noprof(
  765. struct crypto_skcipher *tfm, gfp_t gfp)
  766. {
  767. struct skcipher_request *req;
  768. req = kmalloc_noprof(sizeof(struct skcipher_request) +
  769. crypto_skcipher_reqsize(tfm), gfp);
  770. if (likely(req))
  771. skcipher_request_set_tfm(req, tfm);
  772. return req;
  773. }
  774. #define skcipher_request_alloc(...) alloc_hooks(skcipher_request_alloc_noprof(__VA_ARGS__))
  775. /**
  776. * skcipher_request_free() - zeroize and free request data structure
  777. * @req: request data structure cipher handle to be freed
  778. */
  779. static inline void skcipher_request_free(struct skcipher_request *req)
  780. {
  781. kfree_sensitive(req);
  782. }
  783. static inline void skcipher_request_zero(struct skcipher_request *req)
  784. {
  785. struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req);
  786. memzero_explicit(req, sizeof(*req) + crypto_skcipher_reqsize(tfm));
  787. }
  788. /**
  789. * skcipher_request_set_callback() - set asynchronous callback function
  790. * @req: request handle
  791. * @flags: specify zero or an ORing of the flags
  792. * CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and
  793. * increase the wait queue beyond the initial maximum size;
  794. * CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep
  795. * @compl: callback function pointer to be registered with the request handle
  796. * @data: The data pointer refers to memory that is not used by the kernel
  797. * crypto API, but provided to the callback function for it to use. Here,
  798. * the caller can provide a reference to memory the callback function can
  799. * operate on. As the callback function is invoked asynchronously to the
  800. * related functionality, it may need to access data structures of the
  801. * related functionality which can be referenced using this pointer. The
  802. * callback function can access the memory via the "data" field in the
  803. * crypto_async_request data structure provided to the callback function.
  804. *
  805. * This function allows setting the callback function that is triggered once the
  806. * cipher operation completes.
  807. *
  808. * The callback function is registered with the skcipher_request handle and
  809. * must comply with the following template::
  810. *
  811. * void callback_function(struct crypto_async_request *req, int error)
  812. */
  813. static inline void skcipher_request_set_callback(struct skcipher_request *req,
  814. u32 flags,
  815. crypto_completion_t compl,
  816. void *data)
  817. {
  818. req->base.complete = compl;
  819. req->base.data = data;
  820. req->base.flags = flags;
  821. }
  822. /**
  823. * skcipher_request_set_crypt() - set data buffers
  824. * @req: request handle
  825. * @src: source scatter / gather list
  826. * @dst: destination scatter / gather list
  827. * @cryptlen: number of bytes to process from @src
  828. * @iv: IV for the cipher operation which must comply with the IV size defined
  829. * by crypto_skcipher_ivsize
  830. *
  831. * This function allows setting of the source data and destination data
  832. * scatter / gather lists.
  833. *
  834. * For encryption, the source is treated as the plaintext and the
  835. * destination is the ciphertext. For a decryption operation, the use is
  836. * reversed - the source is the ciphertext and the destination is the plaintext.
  837. */
  838. static inline void skcipher_request_set_crypt(
  839. struct skcipher_request *req,
  840. struct scatterlist *src, struct scatterlist *dst,
  841. unsigned int cryptlen, void *iv)
  842. {
  843. req->src = src;
  844. req->dst = dst;
  845. req->cryptlen = cryptlen;
  846. req->iv = iv;
  847. }
  848. #endif /* _CRYPTO_SKCIPHER_H */