1/* 2 * Symmetric key ciphers. 3 * 4 * Copyright (c) 2007-2015 Herbert Xu <herbert@gondor.apana.org.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 * 11 */ 12 13#ifndef _CRYPTO_SKCIPHER_H 14#define _CRYPTO_SKCIPHER_H 15 16#include <linux/crypto.h> 17#include <linux/kernel.h> 18#include <linux/slab.h> 19 20/** 21 * struct skcipher_request - Symmetric key cipher request 22 * @cryptlen: Number of bytes to encrypt or decrypt 23 * @iv: Initialisation Vector 24 * @src: Source SG list 25 * @dst: Destination SG list 26 * @base: Underlying async request request 27 * @__ctx: Start of private context data 28 */ 29struct skcipher_request { 30 unsigned int cryptlen; 31 32 u8 *iv; 33 34 struct scatterlist *src; 35 struct scatterlist *dst; 36 37 struct crypto_async_request base; 38 39 void *__ctx[] CRYPTO_MINALIGN_ATTR; 40}; 41 42/** 43 * struct skcipher_givcrypt_request - Crypto request with IV generation 44 * @seq: Sequence number for IV generation 45 * @giv: Space for generated IV 46 * @creq: The crypto request itself 47 */ 48struct skcipher_givcrypt_request { 49 u64 seq; 50 u8 *giv; 51 52 struct ablkcipher_request creq; 53}; 54 55struct crypto_skcipher { 56 int (*setkey)(struct crypto_skcipher *tfm, const u8 *key, 57 unsigned int keylen); 58 int (*encrypt)(struct skcipher_request *req); 59 int (*decrypt)(struct skcipher_request *req); 60 61 unsigned int ivsize; 62 unsigned int reqsize; 63 unsigned int keysize; 64 65 struct crypto_tfm base; 66}; 67 68#define SKCIPHER_REQUEST_ON_STACK(name, tfm) \ 69 char __##name##_desc[sizeof(struct skcipher_request) + \ 70 crypto_skcipher_reqsize(tfm)] CRYPTO_MINALIGN_ATTR; \ 71 struct skcipher_request *name = (void *)__##name##_desc 72 73static inline struct crypto_ablkcipher *skcipher_givcrypt_reqtfm( 74 struct skcipher_givcrypt_request *req) 75{ 76 return crypto_ablkcipher_reqtfm(&req->creq); 77} 78 79static inline int crypto_skcipher_givencrypt( 80 struct skcipher_givcrypt_request *req) 81{ 82 struct ablkcipher_tfm *crt = 83 crypto_ablkcipher_crt(skcipher_givcrypt_reqtfm(req)); 84 return crt->givencrypt(req); 85}; 86 87static inline int crypto_skcipher_givdecrypt( 88 struct skcipher_givcrypt_request *req) 89{ 90 struct ablkcipher_tfm *crt = 91 crypto_ablkcipher_crt(skcipher_givcrypt_reqtfm(req)); 92 return crt->givdecrypt(req); 93}; 94 95static inline void skcipher_givcrypt_set_tfm( 96 struct skcipher_givcrypt_request *req, struct crypto_ablkcipher *tfm) 97{ 98 req->creq.base.tfm = crypto_ablkcipher_tfm(tfm); 99} 100 101static inline struct skcipher_givcrypt_request *skcipher_givcrypt_cast( 102 struct crypto_async_request *req) 103{ 104 return container_of(ablkcipher_request_cast(req), 105 struct skcipher_givcrypt_request, creq); 106} 107 108static inline struct skcipher_givcrypt_request *skcipher_givcrypt_alloc( 109 struct crypto_ablkcipher *tfm, gfp_t gfp) 110{ 111 struct skcipher_givcrypt_request *req; 112 113 req = kmalloc(sizeof(struct skcipher_givcrypt_request) + 114 crypto_ablkcipher_reqsize(tfm), gfp); 115 116 if (likely(req)) 117 skcipher_givcrypt_set_tfm(req, tfm); 118 119 return req; 120} 121 122static inline void skcipher_givcrypt_free(struct skcipher_givcrypt_request *req) 123{ 124 kfree(req); 125} 126 127static inline void skcipher_givcrypt_set_callback( 128 struct skcipher_givcrypt_request *req, u32 flags, 129 crypto_completion_t compl, void *data) 130{ 131 ablkcipher_request_set_callback(&req->creq, flags, compl, data); 132} 133 134static inline void skcipher_givcrypt_set_crypt( 135 struct skcipher_givcrypt_request *req, 136 struct scatterlist *src, struct scatterlist *dst, 137 unsigned int nbytes, void *iv) 138{ 139 ablkcipher_request_set_crypt(&req->creq, src, dst, nbytes, iv); 140} 141 142static inline void skcipher_givcrypt_set_giv( 143 struct skcipher_givcrypt_request *req, u8 *giv, u64 seq) 144{ 145 req->giv = giv; 146 req->seq = seq; 147} 148 149/** 150 * DOC: Symmetric Key Cipher API 151 * 152 * Symmetric key cipher API is used with the ciphers of type 153 * CRYPTO_ALG_TYPE_SKCIPHER (listed as type "skcipher" in /proc/crypto). 154 * 155 * Asynchronous cipher operations imply that the function invocation for a 156 * cipher request returns immediately before the completion of the operation. 157 * The cipher request is scheduled as a separate kernel thread and therefore 158 * load-balanced on the different CPUs via the process scheduler. To allow 159 * the kernel crypto API to inform the caller about the completion of a cipher 160 * request, the caller must provide a callback function. That function is 161 * invoked with the cipher handle when the request completes. 162 * 163 * To support the asynchronous operation, additional information than just the 164 * cipher handle must be supplied to the kernel crypto API. That additional 165 * information is given by filling in the skcipher_request data structure. 166 * 167 * For the symmetric key cipher API, the state is maintained with the tfm 168 * cipher handle. A single tfm can be used across multiple calls and in 169 * parallel. For asynchronous block cipher calls, context data supplied and 170 * only used by the caller can be referenced the request data structure in 171 * addition to the IV used for the cipher request. The maintenance of such 172 * state information would be important for a crypto driver implementer to 173 * have, because when calling the callback function upon completion of the 174 * cipher operation, that callback function may need some information about 175 * which operation just finished if it invoked multiple in parallel. This 176 * state information is unused by the kernel crypto API. 177 */ 178 179static inline struct crypto_skcipher *__crypto_skcipher_cast( 180 struct crypto_tfm *tfm) 181{ 182 return container_of(tfm, struct crypto_skcipher, base); 183} 184 185/** 186 * crypto_alloc_skcipher() - allocate symmetric key cipher handle 187 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the 188 * skcipher cipher 189 * @type: specifies the type of the cipher 190 * @mask: specifies the mask for the cipher 191 * 192 * Allocate a cipher handle for an skcipher. The returned struct 193 * crypto_skcipher is the cipher handle that is required for any subsequent 194 * API invocation for that skcipher. 195 * 196 * Return: allocated cipher handle in case of success; IS_ERR() is true in case 197 * of an error, PTR_ERR() returns the error code. 198 */ 199struct crypto_skcipher *crypto_alloc_skcipher(const char *alg_name, 200 u32 type, u32 mask); 201 202static inline struct crypto_tfm *crypto_skcipher_tfm( 203 struct crypto_skcipher *tfm) 204{ 205 return &tfm->base; 206} 207 208/** 209 * crypto_free_skcipher() - zeroize and free cipher handle 210 * @tfm: cipher handle to be freed 211 */ 212static inline void crypto_free_skcipher(struct crypto_skcipher *tfm) 213{ 214 crypto_destroy_tfm(tfm, crypto_skcipher_tfm(tfm)); 215} 216 217/** 218 * crypto_has_skcipher() - Search for the availability of an skcipher. 219 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the 220 * skcipher 221 * @type: specifies the type of the cipher 222 * @mask: specifies the mask for the cipher 223 * 224 * Return: true when the skcipher is known to the kernel crypto API; false 225 * otherwise 226 */ 227static inline int crypto_has_skcipher(const char *alg_name, u32 type, 228 u32 mask) 229{ 230 return crypto_has_alg(alg_name, crypto_skcipher_type(type), 231 crypto_skcipher_mask(mask)); 232} 233 234static inline const char *crypto_skcipher_driver_name( 235 struct crypto_skcipher *tfm) 236{ 237 return crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)); 238} 239 240/** 241 * crypto_skcipher_ivsize() - obtain IV size 242 * @tfm: cipher handle 243 * 244 * The size of the IV for the skcipher referenced by the cipher handle is 245 * returned. This IV size may be zero if the cipher does not need an IV. 246 * 247 * Return: IV size in bytes 248 */ 249static inline unsigned int crypto_skcipher_ivsize(struct crypto_skcipher *tfm) 250{ 251 return tfm->ivsize; 252} 253 254/** 255 * crypto_skcipher_blocksize() - obtain block size of cipher 256 * @tfm: cipher handle 257 * 258 * The block size for the skcipher referenced with the cipher handle is 259 * returned. The caller may use that information to allocate appropriate 260 * memory for the data returned by the encryption or decryption operation 261 * 262 * Return: block size of cipher 263 */ 264static inline unsigned int crypto_skcipher_blocksize( 265 struct crypto_skcipher *tfm) 266{ 267 return crypto_tfm_alg_blocksize(crypto_skcipher_tfm(tfm)); 268} 269 270static inline unsigned int crypto_skcipher_alignmask( 271 struct crypto_skcipher *tfm) 272{ 273 return crypto_tfm_alg_alignmask(crypto_skcipher_tfm(tfm)); 274} 275 276static inline u32 crypto_skcipher_get_flags(struct crypto_skcipher *tfm) 277{ 278 return crypto_tfm_get_flags(crypto_skcipher_tfm(tfm)); 279} 280 281static inline void crypto_skcipher_set_flags(struct crypto_skcipher *tfm, 282 u32 flags) 283{ 284 crypto_tfm_set_flags(crypto_skcipher_tfm(tfm), flags); 285} 286 287static inline void crypto_skcipher_clear_flags(struct crypto_skcipher *tfm, 288 u32 flags) 289{ 290 crypto_tfm_clear_flags(crypto_skcipher_tfm(tfm), flags); 291} 292 293/** 294 * crypto_skcipher_setkey() - set key for cipher 295 * @tfm: cipher handle 296 * @key: buffer holding the key 297 * @keylen: length of the key in bytes 298 * 299 * The caller provided key is set for the skcipher referenced by the cipher 300 * handle. 301 * 302 * Note, the key length determines the cipher type. Many block ciphers implement 303 * different cipher modes depending on the key size, such as AES-128 vs AES-192 304 * vs. AES-256. When providing a 16 byte key for an AES cipher handle, AES-128 305 * is performed. 306 * 307 * Return: 0 if the setting of the key was successful; < 0 if an error occurred 308 */ 309static inline int crypto_skcipher_setkey(struct crypto_skcipher *tfm, 310 const u8 *key, unsigned int keylen) 311{ 312 return tfm->setkey(tfm, key, keylen); 313} 314 315static inline bool crypto_skcipher_has_setkey(struct crypto_skcipher *tfm) 316{ 317 return tfm->keysize; 318} 319 320static inline unsigned int crypto_skcipher_default_keysize( 321 struct crypto_skcipher *tfm) 322{ 323 return tfm->keysize; 324} 325 326/** 327 * crypto_skcipher_reqtfm() - obtain cipher handle from request 328 * @req: skcipher_request out of which the cipher handle is to be obtained 329 * 330 * Return the crypto_skcipher handle when furnishing an skcipher_request 331 * data structure. 332 * 333 * Return: crypto_skcipher handle 334 */ 335static inline struct crypto_skcipher *crypto_skcipher_reqtfm( 336 struct skcipher_request *req) 337{ 338 return __crypto_skcipher_cast(req->base.tfm); 339} 340 341/** 342 * crypto_skcipher_encrypt() - encrypt plaintext 343 * @req: reference to the skcipher_request handle that holds all information 344 * needed to perform the cipher operation 345 * 346 * Encrypt plaintext data using the skcipher_request handle. That data 347 * structure and how it is filled with data is discussed with the 348 * skcipher_request_* functions. 349 * 350 * Return: 0 if the cipher operation was successful; < 0 if an error occurred 351 */ 352static inline int crypto_skcipher_encrypt(struct skcipher_request *req) 353{ 354 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); 355 356 return tfm->encrypt(req); 357} 358 359/** 360 * crypto_skcipher_decrypt() - decrypt ciphertext 361 * @req: reference to the skcipher_request handle that holds all information 362 * needed to perform the cipher operation 363 * 364 * Decrypt ciphertext data using the skcipher_request handle. That data 365 * structure and how it is filled with data is discussed with the 366 * skcipher_request_* functions. 367 * 368 * Return: 0 if the cipher operation was successful; < 0 if an error occurred 369 */ 370static inline int crypto_skcipher_decrypt(struct skcipher_request *req) 371{ 372 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); 373 374 return tfm->decrypt(req); 375} 376 377/** 378 * DOC: Symmetric Key Cipher Request Handle 379 * 380 * The skcipher_request data structure contains all pointers to data 381 * required for the symmetric key cipher operation. This includes the cipher 382 * handle (which can be used by multiple skcipher_request instances), pointer 383 * to plaintext and ciphertext, asynchronous callback function, etc. It acts 384 * as a handle to the skcipher_request_* API calls in a similar way as 385 * skcipher handle to the crypto_skcipher_* API calls. 386 */ 387 388/** 389 * crypto_skcipher_reqsize() - obtain size of the request data structure 390 * @tfm: cipher handle 391 * 392 * Return: number of bytes 393 */ 394static inline unsigned int crypto_skcipher_reqsize(struct crypto_skcipher *tfm) 395{ 396 return tfm->reqsize; 397} 398 399/** 400 * skcipher_request_set_tfm() - update cipher handle reference in request 401 * @req: request handle to be modified 402 * @tfm: cipher handle that shall be added to the request handle 403 * 404 * Allow the caller to replace the existing skcipher handle in the request 405 * data structure with a different one. 406 */ 407static inline void skcipher_request_set_tfm(struct skcipher_request *req, 408 struct crypto_skcipher *tfm) 409{ 410 req->base.tfm = crypto_skcipher_tfm(tfm); 411} 412 413static inline struct skcipher_request *skcipher_request_cast( 414 struct crypto_async_request *req) 415{ 416 return container_of(req, struct skcipher_request, base); 417} 418 419/** 420 * skcipher_request_alloc() - allocate request data structure 421 * @tfm: cipher handle to be registered with the request 422 * @gfp: memory allocation flag that is handed to kmalloc by the API call. 423 * 424 * Allocate the request data structure that must be used with the skcipher 425 * encrypt and decrypt API calls. During the allocation, the provided skcipher 426 * handle is registered in the request data structure. 427 * 428 * Return: allocated request handle in case of success; IS_ERR() is true in case 429 * of an error, PTR_ERR() returns the error code. 430 */ 431static inline struct skcipher_request *skcipher_request_alloc( 432 struct crypto_skcipher *tfm, gfp_t gfp) 433{ 434 struct skcipher_request *req; 435 436 req = kmalloc(sizeof(struct skcipher_request) + 437 crypto_skcipher_reqsize(tfm), gfp); 438 439 if (likely(req)) 440 skcipher_request_set_tfm(req, tfm); 441 442 return req; 443} 444 445/** 446 * skcipher_request_free() - zeroize and free request data structure 447 * @req: request data structure cipher handle to be freed 448 */ 449static inline void skcipher_request_free(struct skcipher_request *req) 450{ 451 kzfree(req); 452} 453 454static inline void skcipher_request_zero(struct skcipher_request *req) 455{ 456 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); 457 458 memzero_explicit(req, sizeof(*req) + crypto_skcipher_reqsize(tfm)); 459} 460 461/** 462 * skcipher_request_set_callback() - set asynchronous callback function 463 * @req: request handle 464 * @flags: specify zero or an ORing of the flags 465 * CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and 466 * increase the wait queue beyond the initial maximum size; 467 * CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep 468 * @compl: callback function pointer to be registered with the request handle 469 * @data: The data pointer refers to memory that is not used by the kernel 470 * crypto API, but provided to the callback function for it to use. Here, 471 * the caller can provide a reference to memory the callback function can 472 * operate on. As the callback function is invoked asynchronously to the 473 * related functionality, it may need to access data structures of the 474 * related functionality which can be referenced using this pointer. The 475 * callback function can access the memory via the "data" field in the 476 * crypto_async_request data structure provided to the callback function. 477 * 478 * This function allows setting the callback function that is triggered once the 479 * cipher operation completes. 480 * 481 * The callback function is registered with the skcipher_request handle and 482 * must comply with the following template 483 * 484 * void callback_function(struct crypto_async_request *req, int error) 485 */ 486static inline void skcipher_request_set_callback(struct skcipher_request *req, 487 u32 flags, 488 crypto_completion_t compl, 489 void *data) 490{ 491 req->base.complete = compl; 492 req->base.data = data; 493 req->base.flags = flags; 494} 495 496/** 497 * skcipher_request_set_crypt() - set data buffers 498 * @req: request handle 499 * @src: source scatter / gather list 500 * @dst: destination scatter / gather list 501 * @cryptlen: number of bytes to process from @src 502 * @iv: IV for the cipher operation which must comply with the IV size defined 503 * by crypto_skcipher_ivsize 504 * 505 * This function allows setting of the source data and destination data 506 * scatter / gather lists. 507 * 508 * For encryption, the source is treated as the plaintext and the 509 * destination is the ciphertext. For a decryption operation, the use is 510 * reversed - the source is the ciphertext and the destination is the plaintext. 511 */ 512static inline void skcipher_request_set_crypt( 513 struct skcipher_request *req, 514 struct scatterlist *src, struct scatterlist *dst, 515 unsigned int cryptlen, void *iv) 516{ 517 req->src = src; 518 req->dst = dst; 519 req->cryptlen = cryptlen; 520 req->iv = iv; 521} 522 523#endif /* _CRYPTO_SKCIPHER_H */ 524 525