Commit 743edf57 authored by Herbert Xu's avatar Herbert Xu

[CRYPTO] aead: Add givcrypt operations

This patch adds the underlying givcrypt operations for aead and associated
support elements.  The rationale is identical to that of the skcipher
givcrypt operations, i.e., sometimes only the algorithm knows how the
IV should be generated.

A new request type aead_givcrypt_request is added which contains an
embedded aead_request structure with two new elements to support this
operation.  The new elements are seq and giv.  The seq field should
contain a strictly increasing 64-bit integer which may be used by
certain IV generators as an input value.  The giv field will be used
to store the generated IV.  It does not need to obey the alignment
requirements of the algorithm because it's not used during the operation.

The existing iv field must still be available as it will be used to store
intermediate IVs and the output IV if chaining is desired.
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 03bf712f
...@@ -77,6 +77,11 @@ static unsigned int crypto_aead_ctxsize(struct crypto_alg *alg, u32 type, ...@@ -77,6 +77,11 @@ static unsigned int crypto_aead_ctxsize(struct crypto_alg *alg, u32 type,
return alg->cra_ctxsize; return alg->cra_ctxsize;
} }
static int no_givdecrypt(struct aead_givcrypt_request *req)
{
return -ENOSYS;
}
static int crypto_init_aead_ops(struct crypto_tfm *tfm, u32 type, u32 mask) static int crypto_init_aead_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
{ {
struct aead_alg *alg = &tfm->__crt_alg->cra_aead; struct aead_alg *alg = &tfm->__crt_alg->cra_aead;
...@@ -88,6 +93,8 @@ static int crypto_init_aead_ops(struct crypto_tfm *tfm, u32 type, u32 mask) ...@@ -88,6 +93,8 @@ static int crypto_init_aead_ops(struct crypto_tfm *tfm, u32 type, u32 mask)
crt->setkey = setkey; crt->setkey = setkey;
crt->encrypt = alg->encrypt; crt->encrypt = alg->encrypt;
crt->decrypt = alg->decrypt; crt->decrypt = alg->decrypt;
crt->givencrypt = alg->givencrypt;
crt->givdecrypt = alg->givdecrypt ?: no_givdecrypt;
crt->ivsize = alg->ivsize; crt->ivsize = alg->ivsize;
crt->authsize = alg->maxauthsize; crt->authsize = alg->maxauthsize;
......
/*
* AEAD: Authenticated Encryption with Associated Data
*
* Copyright (c) 2007 Herbert Xu <herbert@gondor.apana.org.au>
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
*/
#ifndef _CRYPTO_AEAD_H
#define _CRYPTO_AEAD_H
#include <linux/crypto.h>
#include <linux/kernel.h>
/**
* struct aead_givcrypt_request - AEAD request with IV generation
* @seq: Sequence number for IV generation
* @giv: Space for generated IV
* @areq: The AEAD request itself
*/
struct aead_givcrypt_request {
u64 seq;
u8 *giv;
struct aead_request areq;
};
static inline struct crypto_aead *aead_givcrypt_reqtfm(
struct aead_givcrypt_request *req)
{
return crypto_aead_reqtfm(&req->areq);
}
#endif /* _CRYPTO_AEAD_H */
...@@ -106,6 +106,7 @@ struct crypto_blkcipher; ...@@ -106,6 +106,7 @@ struct crypto_blkcipher;
struct crypto_hash; struct crypto_hash;
struct crypto_tfm; struct crypto_tfm;
struct crypto_type; struct crypto_type;
struct aead_givcrypt_request;
struct skcipher_givcrypt_request; struct skcipher_givcrypt_request;
typedef void (*crypto_completion_t)(struct crypto_async_request *req, int err); typedef void (*crypto_completion_t)(struct crypto_async_request *req, int err);
...@@ -202,6 +203,8 @@ struct aead_alg { ...@@ -202,6 +203,8 @@ struct aead_alg {
int (*setauthsize)(struct crypto_aead *tfm, unsigned int authsize); int (*setauthsize)(struct crypto_aead *tfm, unsigned int authsize);
int (*encrypt)(struct aead_request *req); int (*encrypt)(struct aead_request *req);
int (*decrypt)(struct aead_request *req); int (*decrypt)(struct aead_request *req);
int (*givencrypt)(struct aead_givcrypt_request *req);
int (*givdecrypt)(struct aead_givcrypt_request *req);
unsigned int ivsize; unsigned int ivsize;
unsigned int maxauthsize; unsigned int maxauthsize;
...@@ -348,6 +351,8 @@ struct aead_tfm { ...@@ -348,6 +351,8 @@ struct aead_tfm {
unsigned int keylen); unsigned int keylen);
int (*encrypt)(struct aead_request *req); int (*encrypt)(struct aead_request *req);
int (*decrypt)(struct aead_request *req); int (*decrypt)(struct aead_request *req);
int (*givencrypt)(struct aead_givcrypt_request *req);
int (*givdecrypt)(struct aead_givcrypt_request *req);
unsigned int ivsize; unsigned int ivsize;
unsigned int authsize; unsigned int authsize;
unsigned int reqsize; unsigned int reqsize;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment