crypto.h 28 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782
  1. /* SPDX-License-Identifier: GPL-2.0-or-later */
  2. /*
  3. * Scatterlist Cryptographic API.
  4. *
  5. * Copyright (c) 2002 James Morris <[email protected]>
  6. * Copyright (c) 2002 David S. Miller ([email protected])
  7. * Copyright (c) 2005 Herbert Xu <[email protected]>
  8. *
  9. * Portions derived from Cryptoapi, by Alexander Kjeldaas <[email protected]>
  10. * and Nettle, by Niels Möller.
  11. */
  12. #ifndef _LINUX_CRYPTO_H
  13. #define _LINUX_CRYPTO_H
  14. #include <linux/atomic.h>
  15. #include <linux/kernel.h>
  16. #include <linux/list.h>
  17. #include <linux/bug.h>
  18. #include <linux/refcount.h>
  19. #include <linux/slab.h>
  20. #include <linux/completion.h>
  21. /*
  22. * Autoloaded crypto modules should only use a prefixed name to avoid allowing
  23. * arbitrary modules to be loaded. Loading from userspace may still need the
  24. * unprefixed names, so retains those aliases as well.
  25. * This uses __MODULE_INFO directly instead of MODULE_ALIAS because pre-4.3
  26. * gcc (e.g. avr32 toolchain) uses __LINE__ for uniqueness, and this macro
  27. * expands twice on the same line. Instead, use a separate base name for the
  28. * alias.
  29. */
  30. #define MODULE_ALIAS_CRYPTO(name) \
  31. __MODULE_INFO(alias, alias_userspace, name); \
  32. __MODULE_INFO(alias, alias_crypto, "crypto-" name)
  33. /*
  34. * Algorithm masks and types.
  35. */
  36. #define CRYPTO_ALG_TYPE_MASK 0x0000000f
  37. #define CRYPTO_ALG_TYPE_CIPHER 0x00000001
  38. #define CRYPTO_ALG_TYPE_COMPRESS 0x00000002
  39. #define CRYPTO_ALG_TYPE_AEAD 0x00000003
  40. #define CRYPTO_ALG_TYPE_SKCIPHER 0x00000005
  41. #define CRYPTO_ALG_TYPE_KPP 0x00000008
  42. #define CRYPTO_ALG_TYPE_ACOMPRESS 0x0000000a
  43. #define CRYPTO_ALG_TYPE_SCOMPRESS 0x0000000b
  44. #define CRYPTO_ALG_TYPE_RNG 0x0000000c
  45. #define CRYPTO_ALG_TYPE_AKCIPHER 0x0000000d
  46. #define CRYPTO_ALG_TYPE_HASH 0x0000000e
  47. #define CRYPTO_ALG_TYPE_SHASH 0x0000000e
  48. #define CRYPTO_ALG_TYPE_AHASH 0x0000000f
  49. #define CRYPTO_ALG_TYPE_HASH_MASK 0x0000000e
  50. #define CRYPTO_ALG_TYPE_AHASH_MASK 0x0000000e
  51. #define CRYPTO_ALG_TYPE_ACOMPRESS_MASK 0x0000000e
  52. #define CRYPTO_ALG_LARVAL 0x00000010
  53. #define CRYPTO_ALG_DEAD 0x00000020
  54. #define CRYPTO_ALG_DYING 0x00000040
  55. #define CRYPTO_ALG_ASYNC 0x00000080
  56. /*
  57. * Set if the algorithm (or an algorithm which it uses) requires another
  58. * algorithm of the same type to handle corner cases.
  59. */
  60. #define CRYPTO_ALG_NEED_FALLBACK 0x00000100
  61. /*
  62. * Set if the algorithm has passed automated run-time testing. Note that
  63. * if there is no run-time testing for a given algorithm it is considered
  64. * to have passed.
  65. */
  66. #define CRYPTO_ALG_TESTED 0x00000400
  67. /*
  68. * Set if the algorithm is an instance that is built from templates.
  69. */
  70. #define CRYPTO_ALG_INSTANCE 0x00000800
  71. /* Set this bit if the algorithm provided is hardware accelerated but
  72. * not available to userspace via instruction set or so.
  73. */
  74. #define CRYPTO_ALG_KERN_DRIVER_ONLY 0x00001000
  75. /*
  76. * Mark a cipher as a service implementation only usable by another
  77. * cipher and never by a normal user of the kernel crypto API
  78. */
  79. #define CRYPTO_ALG_INTERNAL 0x00002000
  80. /*
  81. * Set if the algorithm has a ->setkey() method but can be used without
  82. * calling it first, i.e. there is a default key.
  83. */
  84. #define CRYPTO_ALG_OPTIONAL_KEY 0x00004000
  85. /*
  86. * Don't trigger module loading
  87. */
  88. #define CRYPTO_NOLOAD 0x00008000
  89. /*
  90. * The algorithm may allocate memory during request processing, i.e. during
  91. * encryption, decryption, or hashing. Users can request an algorithm with this
  92. * flag unset if they can't handle memory allocation failures.
  93. *
  94. * This flag is currently only implemented for algorithms of type "skcipher",
  95. * "aead", "ahash", "shash", and "cipher". Algorithms of other types might not
  96. * have this flag set even if they allocate memory.
  97. *
  98. * In some edge cases, algorithms can allocate memory regardless of this flag.
  99. * To avoid these cases, users must obey the following usage constraints:
  100. * skcipher:
  101. * - The IV buffer and all scatterlist elements must be aligned to the
  102. * algorithm's alignmask.
  103. * - If the data were to be divided into chunks of size
  104. * crypto_skcipher_walksize() (with any remainder going at the end), no
  105. * chunk can cross a page boundary or a scatterlist element boundary.
  106. * aead:
  107. * - The IV buffer and all scatterlist elements must be aligned to the
  108. * algorithm's alignmask.
  109. * - The first scatterlist element must contain all the associated data,
  110. * and its pages must be !PageHighMem.
  111. * - If the plaintext/ciphertext were to be divided into chunks of size
  112. * crypto_aead_walksize() (with the remainder going at the end), no chunk
  113. * can cross a page boundary or a scatterlist element boundary.
  114. * ahash:
  115. * - The result buffer must be aligned to the algorithm's alignmask.
  116. * - crypto_ahash_finup() must not be used unless the algorithm implements
  117. * ->finup() natively.
  118. */
  119. #define CRYPTO_ALG_ALLOCATES_MEMORY 0x00010000
  120. /*
  121. * Mark an algorithm as a service implementation only usable by a
  122. * template and never by a normal user of the kernel crypto API.
  123. * This is intended to be used by algorithms that are themselves
  124. * not FIPS-approved but may instead be used to implement parts of
  125. * a FIPS-approved algorithm (e.g., dh vs. ffdhe2048(dh)).
  126. */
  127. #define CRYPTO_ALG_FIPS_INTERNAL 0x00020000
  128. /*
  129. * Transform masks and values (for crt_flags).
  130. */
  131. #define CRYPTO_TFM_NEED_KEY 0x00000001
  132. #define CRYPTO_TFM_REQ_MASK 0x000fff00
  133. #define CRYPTO_TFM_REQ_FORBID_WEAK_KEYS 0x00000100
  134. #define CRYPTO_TFM_REQ_MAY_SLEEP 0x00000200
  135. #define CRYPTO_TFM_REQ_MAY_BACKLOG 0x00000400
  136. /*
  137. * Miscellaneous stuff.
  138. */
  139. #define CRYPTO_MAX_ALG_NAME 128
  140. /*
  141. * The macro CRYPTO_MINALIGN_ATTR (along with the void * type in the actual
  142. * declaration) is used to ensure that the crypto_tfm context structure is
  143. * aligned correctly for the given architecture so that there are no alignment
  144. * faults for C data types. On architectures that support non-cache coherent
  145. * DMA, such as ARM or arm64, it also takes into account the minimal alignment
  146. * that is required to ensure that the context struct member does not share any
  147. * cachelines with the rest of the struct. This is needed to ensure that cache
  148. * maintenance for non-coherent DMA (cache invalidation in particular) does not
  149. * affect data that may be accessed by the CPU concurrently.
  150. */
  151. #define CRYPTO_MINALIGN ARCH_KMALLOC_MINALIGN
  152. #define CRYPTO_MINALIGN_ATTR __attribute__ ((__aligned__(CRYPTO_MINALIGN)))
  153. struct scatterlist;
  154. struct crypto_async_request;
  155. struct crypto_tfm;
  156. struct crypto_type;
  157. typedef struct crypto_async_request crypto_completion_data_t;
  158. typedef void (*crypto_completion_t)(struct crypto_async_request *req, int err);
  159. /**
  160. * DOC: Block Cipher Context Data Structures
  161. *
  162. * These data structures define the operating context for each block cipher
  163. * type.
  164. */
  165. struct crypto_async_request {
  166. struct list_head list;
  167. crypto_completion_t complete;
  168. void *data;
  169. struct crypto_tfm *tfm;
  170. u32 flags;
  171. };
  172. /**
  173. * DOC: Block Cipher Algorithm Definitions
  174. *
  175. * These data structures define modular crypto algorithm implementations,
  176. * managed via crypto_register_alg() and crypto_unregister_alg().
  177. */
  178. /**
  179. * struct cipher_alg - single-block symmetric ciphers definition
  180. * @cia_min_keysize: Minimum key size supported by the transformation. This is
  181. * the smallest key length supported by this transformation
  182. * algorithm. This must be set to one of the pre-defined
  183. * values as this is not hardware specific. Possible values
  184. * for this field can be found via git grep "_MIN_KEY_SIZE"
  185. * include/crypto/
  186. * @cia_max_keysize: Maximum key size supported by the transformation. This is
  187. * the largest key length supported by this transformation
  188. * algorithm. This must be set to one of the pre-defined values
  189. * as this is not hardware specific. Possible values for this
  190. * field can be found via git grep "_MAX_KEY_SIZE"
  191. * include/crypto/
  192. * @cia_setkey: Set key for the transformation. This function is used to either
  193. * program a supplied key into the hardware or store the key in the
  194. * transformation context for programming it later. Note that this
  195. * function does modify the transformation context. This function
  196. * can be called multiple times during the existence of the
  197. * transformation object, so one must make sure the key is properly
  198. * reprogrammed into the hardware. This function is also
  199. * responsible for checking the key length for validity.
  200. * @cia_encrypt: Encrypt a single block. This function is used to encrypt a
  201. * single block of data, which must be @cra_blocksize big. This
  202. * always operates on a full @cra_blocksize and it is not possible
  203. * to encrypt a block of smaller size. The supplied buffers must
  204. * therefore also be at least of @cra_blocksize size. Both the
  205. * input and output buffers are always aligned to @cra_alignmask.
  206. * In case either of the input or output buffer supplied by user
  207. * of the crypto API is not aligned to @cra_alignmask, the crypto
  208. * API will re-align the buffers. The re-alignment means that a
  209. * new buffer will be allocated, the data will be copied into the
  210. * new buffer, then the processing will happen on the new buffer,
  211. * then the data will be copied back into the original buffer and
  212. * finally the new buffer will be freed. In case a software
  213. * fallback was put in place in the @cra_init call, this function
  214. * might need to use the fallback if the algorithm doesn't support
  215. * all of the key sizes. In case the key was stored in
  216. * transformation context, the key might need to be re-programmed
  217. * into the hardware in this function. This function shall not
  218. * modify the transformation context, as this function may be
  219. * called in parallel with the same transformation object.
  220. * @cia_decrypt: Decrypt a single block. This is a reverse counterpart to
  221. * @cia_encrypt, and the conditions are exactly the same.
  222. *
  223. * All fields are mandatory and must be filled.
  224. */
  225. struct cipher_alg {
  226. unsigned int cia_min_keysize;
  227. unsigned int cia_max_keysize;
  228. int (*cia_setkey)(struct crypto_tfm *tfm, const u8 *key,
  229. unsigned int keylen);
  230. void (*cia_encrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
  231. void (*cia_decrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
  232. };
  233. /**
  234. * struct compress_alg - compression/decompression algorithm
  235. * @coa_compress: Compress a buffer of specified length, storing the resulting
  236. * data in the specified buffer. Return the length of the
  237. * compressed data in dlen.
  238. * @coa_decompress: Decompress the source buffer, storing the uncompressed
  239. * data in the specified buffer. The length of the data is
  240. * returned in dlen.
  241. *
  242. * All fields are mandatory.
  243. */
  244. struct compress_alg {
  245. int (*coa_compress)(struct crypto_tfm *tfm, const u8 *src,
  246. unsigned int slen, u8 *dst, unsigned int *dlen);
  247. int (*coa_decompress)(struct crypto_tfm *tfm, const u8 *src,
  248. unsigned int slen, u8 *dst, unsigned int *dlen);
  249. };
  250. #ifdef CONFIG_CRYPTO_STATS
  251. /*
  252. * struct crypto_istat_aead - statistics for AEAD algorithm
  253. * @encrypt_cnt: number of encrypt requests
  254. * @encrypt_tlen: total data size handled by encrypt requests
  255. * @decrypt_cnt: number of decrypt requests
  256. * @decrypt_tlen: total data size handled by decrypt requests
  257. * @err_cnt: number of error for AEAD requests
  258. */
  259. struct crypto_istat_aead {
  260. atomic64_t encrypt_cnt;
  261. atomic64_t encrypt_tlen;
  262. atomic64_t decrypt_cnt;
  263. atomic64_t decrypt_tlen;
  264. atomic64_t err_cnt;
  265. };
  266. /*
  267. * struct crypto_istat_akcipher - statistics for akcipher algorithm
  268. * @encrypt_cnt: number of encrypt requests
  269. * @encrypt_tlen: total data size handled by encrypt requests
  270. * @decrypt_cnt: number of decrypt requests
  271. * @decrypt_tlen: total data size handled by decrypt requests
  272. * @verify_cnt: number of verify operation
  273. * @sign_cnt: number of sign requests
  274. * @err_cnt: number of error for akcipher requests
  275. */
  276. struct crypto_istat_akcipher {
  277. atomic64_t encrypt_cnt;
  278. atomic64_t encrypt_tlen;
  279. atomic64_t decrypt_cnt;
  280. atomic64_t decrypt_tlen;
  281. atomic64_t verify_cnt;
  282. atomic64_t sign_cnt;
  283. atomic64_t err_cnt;
  284. };
  285. /*
  286. * struct crypto_istat_cipher - statistics for cipher algorithm
  287. * @encrypt_cnt: number of encrypt requests
  288. * @encrypt_tlen: total data size handled by encrypt requests
  289. * @decrypt_cnt: number of decrypt requests
  290. * @decrypt_tlen: total data size handled by decrypt requests
  291. * @err_cnt: number of error for cipher requests
  292. */
  293. struct crypto_istat_cipher {
  294. atomic64_t encrypt_cnt;
  295. atomic64_t encrypt_tlen;
  296. atomic64_t decrypt_cnt;
  297. atomic64_t decrypt_tlen;
  298. atomic64_t err_cnt;
  299. };
  300. /*
  301. * struct crypto_istat_compress - statistics for compress algorithm
  302. * @compress_cnt: number of compress requests
  303. * @compress_tlen: total data size handled by compress requests
  304. * @decompress_cnt: number of decompress requests
  305. * @decompress_tlen: total data size handled by decompress requests
  306. * @err_cnt: number of error for compress requests
  307. */
  308. struct crypto_istat_compress {
  309. atomic64_t compress_cnt;
  310. atomic64_t compress_tlen;
  311. atomic64_t decompress_cnt;
  312. atomic64_t decompress_tlen;
  313. atomic64_t err_cnt;
  314. };
  315. /*
  316. * struct crypto_istat_hash - statistics for has algorithm
  317. * @hash_cnt: number of hash requests
  318. * @hash_tlen: total data size hashed
  319. * @err_cnt: number of error for hash requests
  320. */
  321. struct crypto_istat_hash {
  322. atomic64_t hash_cnt;
  323. atomic64_t hash_tlen;
  324. atomic64_t err_cnt;
  325. };
  326. /*
  327. * struct crypto_istat_kpp - statistics for KPP algorithm
  328. * @setsecret_cnt: number of setsecrey operation
  329. * @generate_public_key_cnt: number of generate_public_key operation
  330. * @compute_shared_secret_cnt: number of compute_shared_secret operation
  331. * @err_cnt: number of error for KPP requests
  332. */
  333. struct crypto_istat_kpp {
  334. atomic64_t setsecret_cnt;
  335. atomic64_t generate_public_key_cnt;
  336. atomic64_t compute_shared_secret_cnt;
  337. atomic64_t err_cnt;
  338. };
  339. /*
  340. * struct crypto_istat_rng: statistics for RNG algorithm
  341. * @generate_cnt: number of RNG generate requests
  342. * @generate_tlen: total data size of generated data by the RNG
  343. * @seed_cnt: number of times the RNG was seeded
  344. * @err_cnt: number of error for RNG requests
  345. */
  346. struct crypto_istat_rng {
  347. atomic64_t generate_cnt;
  348. atomic64_t generate_tlen;
  349. atomic64_t seed_cnt;
  350. atomic64_t err_cnt;
  351. };
  352. #endif /* CONFIG_CRYPTO_STATS */
  353. #define cra_cipher cra_u.cipher
  354. #define cra_compress cra_u.compress
  355. /**
  356. * struct crypto_alg - definition of a cryptograpic cipher algorithm
  357. * @cra_flags: Flags describing this transformation. See include/linux/crypto.h
  358. * CRYPTO_ALG_* flags for the flags which go in here. Those are
  359. * used for fine-tuning the description of the transformation
  360. * algorithm.
  361. * @cra_blocksize: Minimum block size of this transformation. The size in bytes
  362. * of the smallest possible unit which can be transformed with
  363. * this algorithm. The users must respect this value.
  364. * In case of HASH transformation, it is possible for a smaller
  365. * block than @cra_blocksize to be passed to the crypto API for
  366. * transformation, in case of any other transformation type, an
  367. * error will be returned upon any attempt to transform smaller
  368. * than @cra_blocksize chunks.
  369. * @cra_ctxsize: Size of the operational context of the transformation. This
  370. * value informs the kernel crypto API about the memory size
  371. * needed to be allocated for the transformation context.
  372. * @cra_alignmask: Alignment mask for the input and output data buffer. The data
  373. * buffer containing the input data for the algorithm must be
  374. * aligned to this alignment mask. The data buffer for the
  375. * output data must be aligned to this alignment mask. Note that
  376. * the Crypto API will do the re-alignment in software, but
  377. * only under special conditions and there is a performance hit.
  378. * The re-alignment happens at these occasions for different
  379. * @cra_u types: cipher -- For both input data and output data
  380. * buffer; ahash -- For output hash destination buf; shash --
  381. * For output hash destination buf.
  382. * This is needed on hardware which is flawed by design and
  383. * cannot pick data from arbitrary addresses.
  384. * @cra_priority: Priority of this transformation implementation. In case
  385. * multiple transformations with same @cra_name are available to
  386. * the Crypto API, the kernel will use the one with highest
  387. * @cra_priority.
  388. * @cra_name: Generic name (usable by multiple implementations) of the
  389. * transformation algorithm. This is the name of the transformation
  390. * itself. This field is used by the kernel when looking up the
  391. * providers of particular transformation.
  392. * @cra_driver_name: Unique name of the transformation provider. This is the
  393. * name of the provider of the transformation. This can be any
  394. * arbitrary value, but in the usual case, this contains the
  395. * name of the chip or provider and the name of the
  396. * transformation algorithm.
  397. * @cra_type: Type of the cryptographic transformation. This is a pointer to
  398. * struct crypto_type, which implements callbacks common for all
  399. * transformation types. There are multiple options, such as
  400. * &crypto_skcipher_type, &crypto_ahash_type, &crypto_rng_type.
  401. * This field might be empty. In that case, there are no common
  402. * callbacks. This is the case for: cipher, compress, shash.
  403. * @cra_u: Callbacks implementing the transformation. This is a union of
  404. * multiple structures. Depending on the type of transformation selected
  405. * by @cra_type and @cra_flags above, the associated structure must be
  406. * filled with callbacks. This field might be empty. This is the case
  407. * for ahash, shash.
  408. * @cra_init: Initialize the cryptographic transformation object. This function
  409. * is used to initialize the cryptographic transformation object.
  410. * This function is called only once at the instantiation time, right
  411. * after the transformation context was allocated. In case the
  412. * cryptographic hardware has some special requirements which need to
  413. * be handled by software, this function shall check for the precise
  414. * requirement of the transformation and put any software fallbacks
  415. * in place.
  416. * @cra_exit: Deinitialize the cryptographic transformation object. This is a
  417. * counterpart to @cra_init, used to remove various changes set in
  418. * @cra_init.
  419. * @cra_u.cipher: Union member which contains a single-block symmetric cipher
  420. * definition. See @struct @cipher_alg.
  421. * @cra_u.compress: Union member which contains a (de)compression algorithm.
  422. * See @struct @compress_alg.
  423. * @cra_module: Owner of this transformation implementation. Set to THIS_MODULE
  424. * @cra_list: internally used
  425. * @cra_users: internally used
  426. * @cra_refcnt: internally used
  427. * @cra_destroy: internally used
  428. *
  429. * @stats: union of all possible crypto_istat_xxx structures
  430. * @stats.aead: statistics for AEAD algorithm
  431. * @stats.akcipher: statistics for akcipher algorithm
  432. * @stats.cipher: statistics for cipher algorithm
  433. * @stats.compress: statistics for compress algorithm
  434. * @stats.hash: statistics for hash algorithm
  435. * @stats.rng: statistics for rng algorithm
  436. * @stats.kpp: statistics for KPP algorithm
  437. *
  438. * The struct crypto_alg describes a generic Crypto API algorithm and is common
  439. * for all of the transformations. Any variable not documented here shall not
  440. * be used by a cipher implementation as it is internal to the Crypto API.
  441. */
  442. struct crypto_alg {
  443. struct list_head cra_list;
  444. struct list_head cra_users;
  445. u32 cra_flags;
  446. unsigned int cra_blocksize;
  447. unsigned int cra_ctxsize;
  448. unsigned int cra_alignmask;
  449. int cra_priority;
  450. refcount_t cra_refcnt;
  451. char cra_name[CRYPTO_MAX_ALG_NAME];
  452. char cra_driver_name[CRYPTO_MAX_ALG_NAME];
  453. const struct crypto_type *cra_type;
  454. union {
  455. struct cipher_alg cipher;
  456. struct compress_alg compress;
  457. } cra_u;
  458. int (*cra_init)(struct crypto_tfm *tfm);
  459. void (*cra_exit)(struct crypto_tfm *tfm);
  460. void (*cra_destroy)(struct crypto_alg *alg);
  461. struct module *cra_module;
  462. #ifdef CONFIG_CRYPTO_STATS
  463. union {
  464. struct crypto_istat_aead aead;
  465. struct crypto_istat_akcipher akcipher;
  466. struct crypto_istat_cipher cipher;
  467. struct crypto_istat_compress compress;
  468. struct crypto_istat_hash hash;
  469. struct crypto_istat_rng rng;
  470. struct crypto_istat_kpp kpp;
  471. } stats;
  472. #endif /* CONFIG_CRYPTO_STATS */
  473. } CRYPTO_MINALIGN_ATTR;
  474. #ifdef CONFIG_CRYPTO_STATS
  475. void crypto_stats_init(struct crypto_alg *alg);
  476. void crypto_stats_get(struct crypto_alg *alg);
  477. void crypto_stats_aead_encrypt(unsigned int cryptlen, struct crypto_alg *alg, int ret);
  478. void crypto_stats_aead_decrypt(unsigned int cryptlen, struct crypto_alg *alg, int ret);
  479. void crypto_stats_ahash_update(unsigned int nbytes, int ret, struct crypto_alg *alg);
  480. void crypto_stats_ahash_final(unsigned int nbytes, int ret, struct crypto_alg *alg);
  481. void crypto_stats_akcipher_encrypt(unsigned int src_len, int ret, struct crypto_alg *alg);
  482. void crypto_stats_akcipher_decrypt(unsigned int src_len, int ret, struct crypto_alg *alg);
  483. void crypto_stats_akcipher_sign(int ret, struct crypto_alg *alg);
  484. void crypto_stats_akcipher_verify(int ret, struct crypto_alg *alg);
  485. void crypto_stats_compress(unsigned int slen, int ret, struct crypto_alg *alg);
  486. void crypto_stats_decompress(unsigned int slen, int ret, struct crypto_alg *alg);
  487. void crypto_stats_kpp_set_secret(struct crypto_alg *alg, int ret);
  488. void crypto_stats_kpp_generate_public_key(struct crypto_alg *alg, int ret);
  489. void crypto_stats_kpp_compute_shared_secret(struct crypto_alg *alg, int ret);
  490. void crypto_stats_rng_seed(struct crypto_alg *alg, int ret);
  491. void crypto_stats_rng_generate(struct crypto_alg *alg, unsigned int dlen, int ret);
  492. void crypto_stats_skcipher_encrypt(unsigned int cryptlen, int ret, struct crypto_alg *alg);
  493. void crypto_stats_skcipher_decrypt(unsigned int cryptlen, int ret, struct crypto_alg *alg);
  494. #else
  495. static inline void crypto_stats_init(struct crypto_alg *alg)
  496. {}
  497. static inline void crypto_stats_get(struct crypto_alg *alg)
  498. {}
  499. static inline void crypto_stats_aead_encrypt(unsigned int cryptlen, struct crypto_alg *alg, int ret)
  500. {}
  501. static inline void crypto_stats_aead_decrypt(unsigned int cryptlen, struct crypto_alg *alg, int ret)
  502. {}
  503. static inline void crypto_stats_ahash_update(unsigned int nbytes, int ret, struct crypto_alg *alg)
  504. {}
  505. static inline void crypto_stats_ahash_final(unsigned int nbytes, int ret, struct crypto_alg *alg)
  506. {}
  507. static inline void crypto_stats_akcipher_encrypt(unsigned int src_len, int ret, struct crypto_alg *alg)
  508. {}
  509. static inline void crypto_stats_akcipher_decrypt(unsigned int src_len, int ret, struct crypto_alg *alg)
  510. {}
  511. static inline void crypto_stats_akcipher_sign(int ret, struct crypto_alg *alg)
  512. {}
  513. static inline void crypto_stats_akcipher_verify(int ret, struct crypto_alg *alg)
  514. {}
  515. static inline void crypto_stats_compress(unsigned int slen, int ret, struct crypto_alg *alg)
  516. {}
  517. static inline void crypto_stats_decompress(unsigned int slen, int ret, struct crypto_alg *alg)
  518. {}
  519. static inline void crypto_stats_kpp_set_secret(struct crypto_alg *alg, int ret)
  520. {}
  521. static inline void crypto_stats_kpp_generate_public_key(struct crypto_alg *alg, int ret)
  522. {}
  523. static inline void crypto_stats_kpp_compute_shared_secret(struct crypto_alg *alg, int ret)
  524. {}
  525. static inline void crypto_stats_rng_seed(struct crypto_alg *alg, int ret)
  526. {}
  527. static inline void crypto_stats_rng_generate(struct crypto_alg *alg, unsigned int dlen, int ret)
  528. {}
  529. static inline void crypto_stats_skcipher_encrypt(unsigned int cryptlen, int ret, struct crypto_alg *alg)
  530. {}
  531. static inline void crypto_stats_skcipher_decrypt(unsigned int cryptlen, int ret, struct crypto_alg *alg)
  532. {}
  533. #endif
  534. /*
  535. * A helper struct for waiting for completion of async crypto ops
  536. */
  537. struct crypto_wait {
  538. struct completion completion;
  539. int err;
  540. };
  541. /*
  542. * Macro for declaring a crypto op async wait object on stack
  543. */
  544. #define DECLARE_CRYPTO_WAIT(_wait) \
  545. struct crypto_wait _wait = { \
  546. COMPLETION_INITIALIZER_ONSTACK((_wait).completion), 0 }
  547. /*
  548. * Async ops completion helper functioons
  549. */
  550. static inline void *crypto_get_completion_data(crypto_completion_data_t *req)
  551. {
  552. return req->data;
  553. }
  554. void crypto_req_done(struct crypto_async_request *req, int err);
  555. static inline int crypto_wait_req(int err, struct crypto_wait *wait)
  556. {
  557. switch (err) {
  558. case -EINPROGRESS:
  559. case -EBUSY:
  560. wait_for_completion(&wait->completion);
  561. reinit_completion(&wait->completion);
  562. err = wait->err;
  563. break;
  564. }
  565. return err;
  566. }
  567. static inline void crypto_init_wait(struct crypto_wait *wait)
  568. {
  569. init_completion(&wait->completion);
  570. }
  571. /*
  572. * Algorithm registration interface.
  573. */
  574. int crypto_register_alg(struct crypto_alg *alg);
  575. void crypto_unregister_alg(struct crypto_alg *alg);
  576. int crypto_register_algs(struct crypto_alg *algs, int count);
  577. void crypto_unregister_algs(struct crypto_alg *algs, int count);
  578. /*
  579. * Algorithm query interface.
  580. */
  581. int crypto_has_alg(const char *name, u32 type, u32 mask);
  582. /*
  583. * Transforms: user-instantiated objects which encapsulate algorithms
  584. * and core processing logic. Managed via crypto_alloc_*() and
  585. * crypto_free_*(), as well as the various helpers below.
  586. */
  587. struct crypto_tfm {
  588. u32 crt_flags;
  589. int node;
  590. void (*exit)(struct crypto_tfm *tfm);
  591. struct crypto_alg *__crt_alg;
  592. void *__crt_ctx[] CRYPTO_MINALIGN_ATTR;
  593. };
  594. struct crypto_comp {
  595. struct crypto_tfm base;
  596. };
  597. /*
  598. * Transform user interface.
  599. */
  600. struct crypto_tfm *crypto_alloc_base(const char *alg_name, u32 type, u32 mask);
  601. void crypto_destroy_tfm(void *mem, struct crypto_tfm *tfm);
  602. static inline void crypto_free_tfm(struct crypto_tfm *tfm)
  603. {
  604. return crypto_destroy_tfm(tfm, tfm);
  605. }
  606. int alg_test(const char *driver, const char *alg, u32 type, u32 mask);
  607. /*
  608. * Transform helpers which query the underlying algorithm.
  609. */
  610. static inline const char *crypto_tfm_alg_name(struct crypto_tfm *tfm)
  611. {
  612. return tfm->__crt_alg->cra_name;
  613. }
  614. static inline const char *crypto_tfm_alg_driver_name(struct crypto_tfm *tfm)
  615. {
  616. return tfm->__crt_alg->cra_driver_name;
  617. }
  618. static inline int crypto_tfm_alg_priority(struct crypto_tfm *tfm)
  619. {
  620. return tfm->__crt_alg->cra_priority;
  621. }
  622. static inline u32 crypto_tfm_alg_type(struct crypto_tfm *tfm)
  623. {
  624. return tfm->__crt_alg->cra_flags & CRYPTO_ALG_TYPE_MASK;
  625. }
  626. static inline unsigned int crypto_tfm_alg_blocksize(struct crypto_tfm *tfm)
  627. {
  628. return tfm->__crt_alg->cra_blocksize;
  629. }
  630. static inline unsigned int crypto_tfm_alg_alignmask(struct crypto_tfm *tfm)
  631. {
  632. return tfm->__crt_alg->cra_alignmask;
  633. }
  634. static inline u32 crypto_tfm_get_flags(struct crypto_tfm *tfm)
  635. {
  636. return tfm->crt_flags;
  637. }
  638. static inline void crypto_tfm_set_flags(struct crypto_tfm *tfm, u32 flags)
  639. {
  640. tfm->crt_flags |= flags;
  641. }
  642. static inline void crypto_tfm_clear_flags(struct crypto_tfm *tfm, u32 flags)
  643. {
  644. tfm->crt_flags &= ~flags;
  645. }
  646. static inline void *crypto_tfm_ctx(struct crypto_tfm *tfm)
  647. {
  648. return tfm->__crt_ctx;
  649. }
  650. static inline unsigned int crypto_tfm_ctx_alignment(void)
  651. {
  652. struct crypto_tfm *tfm;
  653. return __alignof__(tfm->__crt_ctx);
  654. }
  655. static inline struct crypto_comp *__crypto_comp_cast(struct crypto_tfm *tfm)
  656. {
  657. return (struct crypto_comp *)tfm;
  658. }
  659. static inline struct crypto_comp *crypto_alloc_comp(const char *alg_name,
  660. u32 type, u32 mask)
  661. {
  662. type &= ~CRYPTO_ALG_TYPE_MASK;
  663. type |= CRYPTO_ALG_TYPE_COMPRESS;
  664. mask |= CRYPTO_ALG_TYPE_MASK;
  665. return __crypto_comp_cast(crypto_alloc_base(alg_name, type, mask));
  666. }
  667. static inline struct crypto_tfm *crypto_comp_tfm(struct crypto_comp *tfm)
  668. {
  669. return &tfm->base;
  670. }
  671. static inline void crypto_free_comp(struct crypto_comp *tfm)
  672. {
  673. crypto_free_tfm(crypto_comp_tfm(tfm));
  674. }
  675. static inline int crypto_has_comp(const char *alg_name, u32 type, u32 mask)
  676. {
  677. type &= ~CRYPTO_ALG_TYPE_MASK;
  678. type |= CRYPTO_ALG_TYPE_COMPRESS;
  679. mask |= CRYPTO_ALG_TYPE_MASK;
  680. return crypto_has_alg(alg_name, type, mask);
  681. }
  682. static inline const char *crypto_comp_name(struct crypto_comp *tfm)
  683. {
  684. return crypto_tfm_alg_name(crypto_comp_tfm(tfm));
  685. }
  686. int crypto_comp_compress(struct crypto_comp *tfm,
  687. const u8 *src, unsigned int slen,
  688. u8 *dst, unsigned int *dlen);
  689. int crypto_comp_decompress(struct crypto_comp *tfm,
  690. const u8 *src, unsigned int slen,
  691. u8 *dst, unsigned int *dlen);
  692. #endif /* _LINUX_CRYPTO_H */