]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blame - include/linux/crypto.h
projects / mirror_ubuntu-jammy-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
crypto: algapi - make unregistration functions return void
[mirror_ubuntu-jammy-kernel.git] / include / linux / crypto.h
CommitLineData
2874c5fd 1/* SPDX-License-Identifier: GPL-2.0-or-later */
1da177e4
LT		 2/*
3 * Scatterlist Cryptographic API.
4 *
5 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
6 * Copyright (c) 2002 David S. Miller (davem@redhat.com)
5cb1454b 7 * Copyright (c) 2005 Herbert Xu <herbert@gondor.apana.org.au>
1da177e4
LT		 8 *
9 * Portions derived from Cryptoapi, by Alexander Kjeldaas <astor@fast.no>
18735dd8 10 * and Nettle, by Niels Möller.
1da177e4
LT		 11 */
12#ifndef _LINUX_CRYPTO_H
13#define _LINUX_CRYPTO_H
14
60063497 15#include <linux/atomic.h>
1da177e4 16#include <linux/kernel.h>
1da177e4 17#include <linux/list.h>
187f1882 18#include <linux/bug.h>
79911102 19#include <linux/slab.h>
1da177e4 20#include <linux/string.h>
79911102 21#include <linux/uaccess.h>
ada69a16 22#include <linux/completion.h>
1da177e4 23
5d26a105
KC		 24/*
25 * Autoloaded crypto modules should only use a prefixed name to avoid allowing
26 * arbitrary modules to be loaded. Loading from userspace may still need the
27 * unprefixed names, so retains those aliases as well.
28 * This uses __MODULE_INFO directly instead of MODULE_ALIAS because pre-4.3
29 * gcc (e.g. avr32 toolchain) uses __LINE__ for uniqueness, and this macro
30 * expands twice on the same line. Instead, use a separate base name for the
31 * alias.
32 */
33#define MODULE_ALIAS_CRYPTO(name) \
34 __MODULE_INFO(alias, alias_userspace, name); \
35 __MODULE_INFO(alias, alias_crypto, "crypto-" name)
36
1da177e4
LT		 37/*
38 * Algorithm masks and types.
39 */
2825982d 40#define CRYPTO_ALG_TYPE_MASK 0x0000000f
1da177e4 41#define CRYPTO_ALG_TYPE_CIPHER 0x00000001
004a403c
LH		 42#define CRYPTO_ALG_TYPE_COMPRESS 0x00000002
43#define CRYPTO_ALG_TYPE_AEAD 0x00000003
4e6c3df4 44#define CRYPTO_ALG_TYPE_SKCIPHER 0x00000005
4e5f2c40 45#define CRYPTO_ALG_TYPE_KPP 0x00000008
2ebda74f 46#define CRYPTO_ALG_TYPE_ACOMPRESS 0x0000000a
1ab53a77 47#define CRYPTO_ALG_TYPE_SCOMPRESS 0x0000000b
17f0f4a4 48#define CRYPTO_ALG_TYPE_RNG 0x0000000c
3c339ab8 49#define CRYPTO_ALG_TYPE_AKCIPHER 0x0000000d
63044c4f
GC		 50#define CRYPTO_ALG_TYPE_HASH 0x0000000e
51#define CRYPTO_ALG_TYPE_SHASH 0x0000000e
52#define CRYPTO_ALG_TYPE_AHASH 0x0000000f
055bcee3
HX		 53
54#define CRYPTO_ALG_TYPE_HASH_MASK 0x0000000e
63044c4f 55#define CRYPTO_ALG_TYPE_AHASH_MASK 0x0000000e
1ab53a77 56#define CRYPTO_ALG_TYPE_ACOMPRESS_MASK 0x0000000e
1da177e4 57
2825982d 58#define CRYPTO_ALG_LARVAL 0x00000010
6bfd4809
HX		 59#define CRYPTO_ALG_DEAD 0x00000020
60#define CRYPTO_ALG_DYING 0x00000040
f3f632d6 61#define CRYPTO_ALG_ASYNC 0x00000080
2825982d 62
6010439f
HX		 63/*
64 * Set this bit if and only if the algorithm requires another algorithm of
65 * the same type to handle corner cases.
66 */
67#define CRYPTO_ALG_NEED_FALLBACK 0x00000100
68
73d3864a
HX		 69/*
70 * Set if the algorithm has passed automated run-time testing. Note that
71 * if there is no run-time testing for a given algorithm it is considered
72 * to have passed.
73 */
74
75#define CRYPTO_ALG_TESTED 0x00000400
76
64a947b1 77/*
864e0981 78 * Set if the algorithm is an instance that is built from templates.
64a947b1
SK		 79 */
80#define CRYPTO_ALG_INSTANCE 0x00000800
81
d912bb76
NM		 82/* Set this bit if the algorithm provided is hardware accelerated but
83 * not available to userspace via instruction set or so.
84 */
85#define CRYPTO_ALG_KERN_DRIVER_ONLY 0x00001000
86
06ca7f68
SM		 87/*
88 * Mark a cipher as a service implementation only usable by another
89 * cipher and never by a normal user of the kernel crypto API
90 */
91#define CRYPTO_ALG_INTERNAL 0x00002000
92
a208fa8f
EB		 93/*
94 * Set if the algorithm has a ->setkey() method but can be used without
95 * calling it first, i.e. there is a default key.
96 */
97#define CRYPTO_ALG_OPTIONAL_KEY 0x00004000
98
e2861fa7
MG		 99/*
100 * Don't trigger module loading
101 */
102#define CRYPTO_NOLOAD 0x00008000
103
1da177e4
LT		 104/*
105 * Transform masks and values (for crt_flags).
106 */
9fa68f62
EB		 107#define CRYPTO_TFM_NEED_KEY 0x00000001
108
1da177e4
LT		 109#define CRYPTO_TFM_REQ_MASK 0x000fff00
110#define CRYPTO_TFM_RES_MASK 0xfff00000
111
231baecd 112#define CRYPTO_TFM_REQ_FORBID_WEAK_KEYS 0x00000100
64baf3cf 113#define CRYPTO_TFM_REQ_MAY_SLEEP 0x00000200
32e3983f 114#define CRYPTO_TFM_REQ_MAY_BACKLOG 0x00000400
1da177e4
LT		 115#define CRYPTO_TFM_RES_WEAK_KEY 0x00100000
116#define CRYPTO_TFM_RES_BAD_KEY_LEN 0x00200000
117#define CRYPTO_TFM_RES_BAD_KEY_SCHED 0x00400000
118#define CRYPTO_TFM_RES_BAD_BLOCK_LEN 0x00800000
119#define CRYPTO_TFM_RES_BAD_FLAGS 0x01000000
120
121/*
122 * Miscellaneous stuff.
123 */
f437a3f4 124#define CRYPTO_MAX_ALG_NAME 128
1da177e4 125
79911102
HX		 126/*
127 * The macro CRYPTO_MINALIGN_ATTR (along with the void * type in the actual
128 * declaration) is used to ensure that the crypto_tfm context structure is
129 * aligned correctly for the given architecture so that there are no alignment
130 * faults for C data types. In particular, this is required on platforms such
131 * as arm where pointers are 32-bit aligned but there are data types such as
132 * u64 which require 64-bit alignment.
133 */
79911102 134#define CRYPTO_MINALIGN ARCH_KMALLOC_MINALIGN
79911102 135
79911102 136#define CRYPTO_MINALIGN_ATTR __attribute__ ((__aligned__(CRYPTO_MINALIGN)))
79911102 137
1da177e4 138struct scatterlist;
32e3983f 139struct crypto_async_request;
40725181 140struct crypto_tfm;
e853c3cf 141struct crypto_type;
40725181 142
32e3983f
HX		 143typedef void (*crypto_completion_t)(struct crypto_async_request *req, int err);
144
0d7f488f
SM		 145/**
146 * DOC: Block Cipher Context Data Structures
147 *
148 * These data structures define the operating context for each block cipher
149 * type.
150 */
151
32e3983f
HX		 152struct crypto_async_request {
153 struct list_head list;
154 crypto_completion_t complete;
155 void *data;
156 struct crypto_tfm *tfm;
157
158 u32 flags;
159};
160
0d7f488f
SM		 161/**
162 * DOC: Block Cipher Algorithm Definitions
163 *
164 * These data structures define modular crypto algorithm implementations,
165 * managed via crypto_register_alg() and crypto_unregister_alg().
166 */
167
0d7f488f
SM		 168/**
169 * struct cipher_alg - single-block symmetric ciphers definition
170 * @cia_min_keysize: Minimum key size supported by the transformation. This is
171 * the smallest key length supported by this transformation
172 * algorithm. This must be set to one of the pre-defined
173 * values as this is not hardware specific. Possible values
174 * for this field can be found via git grep "_MIN_KEY_SIZE"
175 * include/crypto/
176 * @cia_max_keysize: Maximum key size supported by the transformation. This is
177 * the largest key length supported by this transformation
178 * algorithm. This must be set to one of the pre-defined values
179 * as this is not hardware specific. Possible values for this
180 * field can be found via git grep "_MAX_KEY_SIZE"
181 * include/crypto/
182 * @cia_setkey: Set key for the transformation. This function is used to either
183 * program a supplied key into the hardware or store the key in the
184 * transformation context for programming it later. Note that this
185 * function does modify the transformation context. This function
186 * can be called multiple times during the existence of the
187 * transformation object, so one must make sure the key is properly
188 * reprogrammed into the hardware. This function is also
189 * responsible for checking the key length for validity.
190 * @cia_encrypt: Encrypt a single block. This function is used to encrypt a
191 * single block of data, which must be @cra_blocksize big. This
192 * always operates on a full @cra_blocksize and it is not possible
193 * to encrypt a block of smaller size. The supplied buffers must
194 * therefore also be at least of @cra_blocksize size. Both the
195 * input and output buffers are always aligned to @cra_alignmask.
196 * In case either of the input or output buffer supplied by user
197 * of the crypto API is not aligned to @cra_alignmask, the crypto
198 * API will re-align the buffers. The re-alignment means that a
199 * new buffer will be allocated, the data will be copied into the
200 * new buffer, then the processing will happen on the new buffer,
201 * then the data will be copied back into the original buffer and
202 * finally the new buffer will be freed. In case a software
203 * fallback was put in place in the @cra_init call, this function
204 * might need to use the fallback if the algorithm doesn't support
205 * all of the key sizes. In case the key was stored in
206 * transformation context, the key might need to be re-programmed
207 * into the hardware in this function. This function shall not
208 * modify the transformation context, as this function may be
209 * called in parallel with the same transformation object.
210 * @cia_decrypt: Decrypt a single block. This is a reverse counterpart to
211 * @cia_encrypt, and the conditions are exactly the same.
212 *
213 * All fields are mandatory and must be filled.
214 */
1da177e4
LT		 215struct cipher_alg {
216 unsigned int cia_min_keysize;
217 unsigned int cia_max_keysize;
6c2bb98b 218 int (*cia_setkey)(struct crypto_tfm *tfm, const u8 *key,
560c06ae 219 unsigned int keylen);
6c2bb98b
HX		 220 void (*cia_encrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
221 void (*cia_decrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
1da177e4
LT		 222};
223
5a35316d
HG		 224/**
225 * struct compress_alg - compression/decompression algorithm
226 * @coa_compress: Compress a buffer of specified length, storing the resulting
227 * data in the specified buffer. Return the length of the
228 * compressed data in dlen.
229 * @coa_decompress: Decompress the source buffer, storing the uncompressed
230 * data in the specified buffer. The length of the data is
231 * returned in dlen.
232 *
233 * All fields are mandatory.
234 */
1da177e4 235struct compress_alg {
6c2bb98b
HX		 236 int (*coa_compress)(struct crypto_tfm *tfm, const u8 *src,
237 unsigned int slen, u8 *dst, unsigned int *dlen);
238 int (*coa_decompress)(struct crypto_tfm *tfm, const u8 *src,
239 unsigned int slen, u8 *dst, unsigned int *dlen);
1da177e4
LT		 240};
241
17c18f9e
CL		 242#ifdef CONFIG_CRYPTO_STATS
243/*
244 * struct crypto_istat_aead - statistics for AEAD algorithm
245 * @encrypt_cnt: number of encrypt requests
246 * @encrypt_tlen: total data size handled by encrypt requests
247 * @decrypt_cnt: number of decrypt requests
248 * @decrypt_tlen: total data size handled by decrypt requests
44f13133 249 * @err_cnt: number of error for AEAD requests
17c18f9e
CL		 250 */
251struct crypto_istat_aead {
252 atomic64_t encrypt_cnt;
253 atomic64_t encrypt_tlen;
254 atomic64_t decrypt_cnt;
255 atomic64_t decrypt_tlen;
44f13133 256 atomic64_t err_cnt;
17c18f9e
CL		 257};
258
259/*
260 * struct crypto_istat_akcipher - statistics for akcipher algorithm
261 * @encrypt_cnt: number of encrypt requests
262 * @encrypt_tlen: total data size handled by encrypt requests
263 * @decrypt_cnt: number of decrypt requests
264 * @decrypt_tlen: total data size handled by decrypt requests
265 * @verify_cnt: number of verify operation
266 * @sign_cnt: number of sign requests
44f13133 267 * @err_cnt: number of error for akcipher requests
17c18f9e
CL		 268 */
269struct crypto_istat_akcipher {
270 atomic64_t encrypt_cnt;
271 atomic64_t encrypt_tlen;
272 atomic64_t decrypt_cnt;
273 atomic64_t decrypt_tlen;
274 atomic64_t verify_cnt;
275 atomic64_t sign_cnt;
44f13133 276 atomic64_t err_cnt;
17c18f9e
CL		 277};
278
279/*
280 * struct crypto_istat_cipher - statistics for cipher algorithm
281 * @encrypt_cnt: number of encrypt requests
282 * @encrypt_tlen: total data size handled by encrypt requests
283 * @decrypt_cnt: number of decrypt requests
284 * @decrypt_tlen: total data size handled by decrypt requests
44f13133 285 * @err_cnt: number of error for cipher requests
17c18f9e
CL		 286 */
287struct crypto_istat_cipher {
288 atomic64_t encrypt_cnt;
289 atomic64_t encrypt_tlen;
290 atomic64_t decrypt_cnt;
291 atomic64_t decrypt_tlen;
44f13133 292 atomic64_t err_cnt;
17c18f9e
CL		 293};
294
295/*
296 * struct crypto_istat_compress - statistics for compress algorithm
297 * @compress_cnt: number of compress requests
298 * @compress_tlen: total data size handled by compress requests
299 * @decompress_cnt: number of decompress requests
300 * @decompress_tlen: total data size handled by decompress requests
44f13133 301 * @err_cnt: number of error for compress requests
17c18f9e
CL		 302 */
303struct crypto_istat_compress {
304 atomic64_t compress_cnt;
305 atomic64_t compress_tlen;
306 atomic64_t decompress_cnt;
307 atomic64_t decompress_tlen;
44f13133 308 atomic64_t err_cnt;
17c18f9e
CL		 309};
310
311/*
312 * struct crypto_istat_hash - statistics for has algorithm
313 * @hash_cnt: number of hash requests
314 * @hash_tlen: total data size hashed
44f13133 315 * @err_cnt: number of error for hash requests
17c18f9e
CL		 316 */
317struct crypto_istat_hash {
318 atomic64_t hash_cnt;
319 atomic64_t hash_tlen;
44f13133 320 atomic64_t err_cnt;
17c18f9e
CL		 321};
322
323/*
324 * struct crypto_istat_kpp - statistics for KPP algorithm
325 * @setsecret_cnt: number of setsecrey operation
326 * @generate_public_key_cnt: number of generate_public_key operation
327 * @compute_shared_secret_cnt: number of compute_shared_secret operation
44f13133 328 * @err_cnt: number of error for KPP requests
17c18f9e
CL		 329 */
330struct crypto_istat_kpp {
331 atomic64_t setsecret_cnt;
332 atomic64_t generate_public_key_cnt;
333 atomic64_t compute_shared_secret_cnt;
44f13133 334 atomic64_t err_cnt;
17c18f9e
CL		 335};
336
337/*
338 * struct crypto_istat_rng: statistics for RNG algorithm
339 * @generate_cnt: number of RNG generate requests
340 * @generate_tlen: total data size of generated data by the RNG
341 * @seed_cnt: number of times the RNG was seeded
44f13133 342 * @err_cnt: number of error for RNG requests
17c18f9e
CL		 343 */
344struct crypto_istat_rng {
345 atomic64_t generate_cnt;
346 atomic64_t generate_tlen;
347 atomic64_t seed_cnt;
44f13133 348 atomic64_t err_cnt;
17c18f9e
CL		 349};
350#endif /* CONFIG_CRYPTO_STATS */
17f0f4a4 351
1da177e4 352#define cra_cipher cra_u.cipher
1da177e4
LT		 353#define cra_compress cra_u.compress
354
0d7f488f
SM		 355/**
356 * struct crypto_alg - definition of a cryptograpic cipher algorithm
357 * @cra_flags: Flags describing this transformation. See include/linux/crypto.h
358 * CRYPTO_ALG_* flags for the flags which go in here. Those are
359 * used for fine-tuning the description of the transformation
360 * algorithm.
361 * @cra_blocksize: Minimum block size of this transformation. The size in bytes
362 * of the smallest possible unit which can be transformed with
363 * this algorithm. The users must respect this value.
364 * In case of HASH transformation, it is possible for a smaller
365 * block than @cra_blocksize to be passed to the crypto API for
366 * transformation, in case of any other transformation type, an
367 * error will be returned upon any attempt to transform smaller
368 * than @cra_blocksize chunks.
369 * @cra_ctxsize: Size of the operational context of the transformation. This
370 * value informs the kernel crypto API about the memory size
371 * needed to be allocated for the transformation context.
372 * @cra_alignmask: Alignment mask for the input and output data buffer. The data
373 * buffer containing the input data for the algorithm must be
374 * aligned to this alignment mask. The data buffer for the
375 * output data must be aligned to this alignment mask. Note that
376 * the Crypto API will do the re-alignment in software, but
377 * only under special conditions and there is a performance hit.
378 * The re-alignment happens at these occasions for different
379 * @cra_u types: cipher -- For both input data and output data
380 * buffer; ahash -- For output hash destination buf; shash --
381 * For output hash destination buf.
382 * This is needed on hardware which is flawed by design and
383 * cannot pick data from arbitrary addresses.
384 * @cra_priority: Priority of this transformation implementation. In case
385 * multiple transformations with same @cra_name are available to
386 * the Crypto API, the kernel will use the one with highest
387 * @cra_priority.
388 * @cra_name: Generic name (usable by multiple implementations) of the
389 * transformation algorithm. This is the name of the transformation
390 * itself. This field is used by the kernel when looking up the
391 * providers of particular transformation.
392 * @cra_driver_name: Unique name of the transformation provider. This is the
393 * name of the provider of the transformation. This can be any
394 * arbitrary value, but in the usual case, this contains the
395 * name of the chip or provider and the name of the
396 * transformation algorithm.
397 * @cra_type: Type of the cryptographic transformation. This is a pointer to
398 * struct crypto_type, which implements callbacks common for all
c65058b7
EB		 399 * transformation types. There are multiple options, such as
400 * &crypto_skcipher_type, &crypto_ahash_type, &crypto_rng_type.
0d7f488f
SM		 401 * This field might be empty. In that case, there are no common
402 * callbacks. This is the case for: cipher, compress, shash.
403 * @cra_u: Callbacks implementing the transformation. This is a union of
404 * multiple structures. Depending on the type of transformation selected
405 * by @cra_type and @cra_flags above, the associated structure must be
406 * filled with callbacks. This field might be empty. This is the case
407 * for ahash, shash.
408 * @cra_init: Initialize the cryptographic transformation object. This function
409 * is used to initialize the cryptographic transformation object.
410 * This function is called only once at the instantiation time, right
411 * after the transformation context was allocated. In case the
412 * cryptographic hardware has some special requirements which need to
413 * be handled by software, this function shall check for the precise
414 * requirement of the transformation and put any software fallbacks
415 * in place.
416 * @cra_exit: Deinitialize the cryptographic transformation object. This is a
417 * counterpart to @cra_init, used to remove various changes set in
418 * @cra_init.
0063ec44
GH		 419 * @cra_u.cipher: Union member which contains a single-block symmetric cipher
420 * definition. See @struct @cipher_alg.
421 * @cra_u.compress: Union member which contains a (de)compression algorithm.
422 * See @struct @compress_alg.
0d7f488f
SM		 423 * @cra_module: Owner of this transformation implementation. Set to THIS_MODULE
424 * @cra_list: internally used
425 * @cra_users: internally used
426 * @cra_refcnt: internally used
427 * @cra_destroy: internally used
428 *
17c18f9e 429 * @stats: union of all possible crypto_istat_xxx structures
bfad6cb3
CL		 430 * @stats.aead: statistics for AEAD algorithm
431 * @stats.akcipher: statistics for akcipher algorithm
432 * @stats.cipher: statistics for cipher algorithm
433 * @stats.compress: statistics for compress algorithm
434 * @stats.hash: statistics for hash algorithm
435 * @stats.rng: statistics for rng algorithm
436 * @stats.kpp: statistics for KPP algorithm
cac5818c 437 *
0d7f488f
SM		 438 * The struct crypto_alg describes a generic Crypto API algorithm and is common
439 * for all of the transformations. Any variable not documented here shall not
440 * be used by a cipher implementation as it is internal to the Crypto API.
441 */
1da177e4
LT		 442struct crypto_alg {
443 struct list_head cra_list;
6bfd4809
HX		 444 struct list_head cra_users;
445
1da177e4
LT		 446 u32 cra_flags;
447 unsigned int cra_blocksize;
448 unsigned int cra_ctxsize;
95477377 449 unsigned int cra_alignmask;
5cb1454b
HX		 450
451 int cra_priority;
ce8614a3 452 refcount_t cra_refcnt;
5cb1454b 453
d913ea0d
HX		 454 char cra_name[CRYPTO_MAX_ALG_NAME];
455 char cra_driver_name[CRYPTO_MAX_ALG_NAME];
1da177e4 456
e853c3cf
HX		 457 const struct crypto_type *cra_type;
458
1da177e4
LT		 459 union {
460 struct cipher_alg cipher;
1da177e4
LT		 461 struct compress_alg compress;
462 } cra_u;
c7fc0599
HX		 463
464 int (*cra_init)(struct crypto_tfm *tfm);
465 void (*cra_exit)(struct crypto_tfm *tfm);
6521f302 466 void (*cra_destroy)(struct crypto_alg *alg);
1da177e4
LT		 467
468 struct module *cra_module;
cac5818c 469
2ced2607 470#ifdef CONFIG_CRYPTO_STATS
cac5818c 471 union {
17c18f9e
CL		 472 struct crypto_istat_aead aead;
473 struct crypto_istat_akcipher akcipher;
474 struct crypto_istat_cipher cipher;
475 struct crypto_istat_compress compress;
476 struct crypto_istat_hash hash;
477 struct crypto_istat_rng rng;
478 struct crypto_istat_kpp kpp;
479 } stats;
2ced2607 480#endif /* CONFIG_CRYPTO_STATS */
cac5818c 481
edf18b91 482} CRYPTO_MINALIGN_ATTR;
1da177e4 483
f7d76e05 484#ifdef CONFIG_CRYPTO_STATS
1f6669b9 485void crypto_stats_init(struct crypto_alg *alg);
f7d76e05 486void crypto_stats_get(struct crypto_alg *alg);
f7d76e05
CL		 487void crypto_stats_aead_encrypt(unsigned int cryptlen, struct crypto_alg *alg, int ret);
488void crypto_stats_aead_decrypt(unsigned int cryptlen, struct crypto_alg *alg, int ret);
489void crypto_stats_ahash_update(unsigned int nbytes, int ret, struct crypto_alg *alg);
490void crypto_stats_ahash_final(unsigned int nbytes, int ret, struct crypto_alg *alg);
491void crypto_stats_akcipher_encrypt(unsigned int src_len, int ret, struct crypto_alg *alg);
492void crypto_stats_akcipher_decrypt(unsigned int src_len, int ret, struct crypto_alg *alg);
493void crypto_stats_akcipher_sign(int ret, struct crypto_alg *alg);
494void crypto_stats_akcipher_verify(int ret, struct crypto_alg *alg);
495void crypto_stats_compress(unsigned int slen, int ret, struct crypto_alg *alg);
496void crypto_stats_decompress(unsigned int slen, int ret, struct crypto_alg *alg);
497void crypto_stats_kpp_set_secret(struct crypto_alg *alg, int ret);
498void crypto_stats_kpp_generate_public_key(struct crypto_alg *alg, int ret);
499void crypto_stats_kpp_compute_shared_secret(struct crypto_alg *alg, int ret);
500void crypto_stats_rng_seed(struct crypto_alg *alg, int ret);
501void crypto_stats_rng_generate(struct crypto_alg *alg, unsigned int dlen, int ret);
502void crypto_stats_skcipher_encrypt(unsigned int cryptlen, int ret, struct crypto_alg *alg);
503void crypto_stats_skcipher_decrypt(unsigned int cryptlen, int ret, struct crypto_alg *alg);
504#else
1f6669b9
CL		 505static inline void crypto_stats_init(struct crypto_alg *alg)
506{}
f7d76e05
CL		 507static inline void crypto_stats_get(struct crypto_alg *alg)
508{}
f7d76e05
CL		 509static inline void crypto_stats_aead_encrypt(unsigned int cryptlen, struct crypto_alg *alg, int ret)
510{}
511static inline void crypto_stats_aead_decrypt(unsigned int cryptlen, struct crypto_alg *alg, int ret)
512{}
513static inline void crypto_stats_ahash_update(unsigned int nbytes, int ret, struct crypto_alg *alg)
514{}
515static inline void crypto_stats_ahash_final(unsigned int nbytes, int ret, struct crypto_alg *alg)
516{}
517static inline void crypto_stats_akcipher_encrypt(unsigned int src_len, int ret, struct crypto_alg *alg)
518{}
519static inline void crypto_stats_akcipher_decrypt(unsigned int src_len, int ret, struct crypto_alg *alg)
520{}
521static inline void crypto_stats_akcipher_sign(int ret, struct crypto_alg *alg)
522{}
523static inline void crypto_stats_akcipher_verify(int ret, struct crypto_alg *alg)
524{}
525static inline void crypto_stats_compress(unsigned int slen, int ret, struct crypto_alg *alg)
526{}
527static inline void crypto_stats_decompress(unsigned int slen, int ret, struct crypto_alg *alg)
528{}
529static inline void crypto_stats_kpp_set_secret(struct crypto_alg *alg, int ret)
530{}
531static inline void crypto_stats_kpp_generate_public_key(struct crypto_alg *alg, int ret)
532{}
533static inline void crypto_stats_kpp_compute_shared_secret(struct crypto_alg *alg, int ret)
534{}
535static inline void crypto_stats_rng_seed(struct crypto_alg *alg, int ret)
536{}
537static inline void crypto_stats_rng_generate(struct crypto_alg *alg, unsigned int dlen, int ret)
538{}
539static inline void crypto_stats_skcipher_encrypt(unsigned int cryptlen, int ret, struct crypto_alg *alg)
540{}
541static inline void crypto_stats_skcipher_decrypt(unsigned int cryptlen, int ret, struct crypto_alg *alg)
542{}
543#endif
ada69a16
GBY		 544/*
545 * A helper struct for waiting for completion of async crypto ops
546 */
547struct crypto_wait {
548 struct completion completion;
549 int err;
550};
551
552/*
553 * Macro for declaring a crypto op async wait object on stack
554 */
555#define DECLARE_CRYPTO_WAIT(_wait) \
556 struct crypto_wait _wait = { \
557 COMPLETION_INITIALIZER_ONSTACK((_wait).completion), 0 }
558
559/*
560 * Async ops completion helper functioons
561 */
562void crypto_req_done(struct crypto_async_request *req, int err);
563
564static inline int crypto_wait_req(int err, struct crypto_wait *wait)
565{
566 switch (err) {
567 case -EINPROGRESS:
568 case -EBUSY:
569 wait_for_completion(&wait->completion);
570 reinit_completion(&wait->completion);
571 err = wait->err;
572 break;
573 };
574
575 return err;
576}
577
578static inline void crypto_init_wait(struct crypto_wait *wait)
579{
580 init_completion(&wait->completion);
581}
582
1da177e4
LT		 583/*
584 * Algorithm registration interface.
585 */
586int crypto_register_alg(struct crypto_alg *alg);
c6d633a9 587void crypto_unregister_alg(struct crypto_alg *alg);
4b004346 588int crypto_register_algs(struct crypto_alg *algs, int count);
c6d633a9 589void crypto_unregister_algs(struct crypto_alg *algs, int count);
1da177e4
LT		 590
591/*
592 * Algorithm query interface.
593 */
fce32d70 594int crypto_has_alg(const char *name, u32 type, u32 mask);
1da177e4
LT		 595
596/*
597 * Transforms: user-instantiated objects which encapsulate algorithms
6d7d684d
HX		 598 * and core processing logic. Managed via crypto_alloc_*() and
599 * crypto_free_*(), as well as the various helpers below.
1da177e4 600 */
1da177e4 601
1da177e4
LT		 602struct crypto_tfm {
603
604 u32 crt_flags;
605
4a779486 606 void (*exit)(struct crypto_tfm *tfm);
1da177e4
LT		 607
608 struct crypto_alg *__crt_alg;
f10b7897 609
79911102 610 void *__crt_ctx[] CRYPTO_MINALIGN_ATTR;
1da177e4
LT		 611};
612
78a1fe4f
HX		 613struct crypto_cipher {
614 struct crypto_tfm base;
615};
616
617struct crypto_comp {
618 struct crypto_tfm base;
619};
620
2b8c19db
HX		 621enum {
622 CRYPTOA_UNSPEC,
623 CRYPTOA_ALG,
ebc610e5 624 CRYPTOA_TYPE,
39e1ee01 625 CRYPTOA_U32,
ebc610e5 626 __CRYPTOA_MAX,
2b8c19db
HX		 627};
628
ebc610e5
HX		 629#define CRYPTOA_MAX (__CRYPTOA_MAX - 1)
630
39e1ee01
HX		 631/* Maximum number of (rtattr) parameters for each template. */
632#define CRYPTO_MAX_ATTRS 32
633
2b8c19db
HX		 634struct crypto_attr_alg {
635 char name[CRYPTO_MAX_ALG_NAME];
636};
637
ebc610e5
HX		 638struct crypto_attr_type {
639 u32 type;
640 u32 mask;
641};
642
39e1ee01
HX		 643struct crypto_attr_u32 {
644 u32 num;
645};
646
1da177e4
LT		 647/*
648 * Transform user interface.
649 */
650
6d7d684d 651struct crypto_tfm *crypto_alloc_base(const char *alg_name, u32 type, u32 mask);
7b2cd92a
HX		 652void crypto_destroy_tfm(void *mem, struct crypto_tfm *tfm);
653
654static inline void crypto_free_tfm(struct crypto_tfm *tfm)
655{
656 return crypto_destroy_tfm(tfm, tfm);
657}
1da177e4 658
da7f033d
HX		 659int alg_test(const char *driver, const char *alg, u32 type, u32 mask);
660
1da177e4
LT		 661/*
662 * Transform helpers which query the underlying algorithm.
663 */
664static inline const char *crypto_tfm_alg_name(struct crypto_tfm *tfm)
665{
666 return tfm->__crt_alg->cra_name;
667}
668
b14cdd67
ML		 669static inline const char *crypto_tfm_alg_driver_name(struct crypto_tfm *tfm)
670{
671 return tfm->__crt_alg->cra_driver_name;
672}
673
674static inline int crypto_tfm_alg_priority(struct crypto_tfm *tfm)
675{
676 return tfm->__crt_alg->cra_priority;
677}
678
1da177e4
LT		 679static inline u32 crypto_tfm_alg_type(struct crypto_tfm *tfm)
680{
681 return tfm->__crt_alg->cra_flags & CRYPTO_ALG_TYPE_MASK;
682}
683
1da177e4
LT		 684static inline unsigned int crypto_tfm_alg_blocksize(struct crypto_tfm *tfm)
685{
686 return tfm->__crt_alg->cra_blocksize;
687}
688
fbdae9f3
HX		 689static inline unsigned int crypto_tfm_alg_alignmask(struct crypto_tfm *tfm)
690{
691 return tfm->__crt_alg->cra_alignmask;
692}
693
f28776a3
HX		 694static inline u32 crypto_tfm_get_flags(struct crypto_tfm *tfm)
695{
696 return tfm->crt_flags;
697}
698
699static inline void crypto_tfm_set_flags(struct crypto_tfm *tfm, u32 flags)
700{
701 tfm->crt_flags |= flags;
702}
703
704static inline void crypto_tfm_clear_flags(struct crypto_tfm *tfm, u32 flags)
705{
706 tfm->crt_flags &= ~flags;
707}
708
40725181
HX		 709static inline void *crypto_tfm_ctx(struct crypto_tfm *tfm)
710{
f10b7897
HX		 711 return tfm->__crt_ctx;
712}
713
714static inline unsigned int crypto_tfm_ctx_alignment(void)
715{
716 struct crypto_tfm *tfm;
717 return __alignof__(tfm->__crt_ctx);
40725181
HX		 718}
719
16e61030
SM		 720/**
721 * DOC: Single Block Cipher API
722 *
723 * The single block cipher API is used with the ciphers of type
724 * CRYPTO_ALG_TYPE_CIPHER (listed as type "cipher" in /proc/crypto).
725 *
726 * Using the single block cipher API calls, operations with the basic cipher
727 * primitive can be implemented. These cipher primitives exclude any block
728 * chaining operations including IV handling.
729 *
730 * The purpose of this single block cipher API is to support the implementation
731 * of templates or other concepts that only need to perform the cipher operation
732 * on one block at a time. Templates invoke the underlying cipher primitive
733 * block-wise and process either the input or the output data of these cipher
734 * operations.
735 */
736
f28776a3
HX		 737static inline struct crypto_cipher *__crypto_cipher_cast(struct crypto_tfm *tfm)
738{
739 return (struct crypto_cipher *)tfm;
740}
741
16e61030
SM		 742/**
743 * crypto_alloc_cipher() - allocate single block cipher handle
744 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
745 * single block cipher
746 * @type: specifies the type of the cipher
747 * @mask: specifies the mask for the cipher
748 *
749 * Allocate a cipher handle for a single block cipher. The returned struct
750 * crypto_cipher is the cipher handle that is required for any subsequent API
751 * invocation for that single block cipher.
752 *
753 * Return: allocated cipher handle in case of success; IS_ERR() is true in case
754 * of an error, PTR_ERR() returns the error code.
755 */
f28776a3
HX		 756static inline struct crypto_cipher *crypto_alloc_cipher(const char *alg_name,
757 u32 type, u32 mask)
758{
759 type &= ~CRYPTO_ALG_TYPE_MASK;
760 type |= CRYPTO_ALG_TYPE_CIPHER;
761 mask |= CRYPTO_ALG_TYPE_MASK;
762
763 return __crypto_cipher_cast(crypto_alloc_base(alg_name, type, mask));
764}
765
766static inline struct crypto_tfm *crypto_cipher_tfm(struct crypto_cipher *tfm)
767{
78a1fe4f 768 return &tfm->base;
f28776a3
HX		 769}
770
16e61030
SM		 771/**
772 * crypto_free_cipher() - zeroize and free the single block cipher handle
773 * @tfm: cipher handle to be freed
774 */
f28776a3
HX		 775static inline void crypto_free_cipher(struct crypto_cipher *tfm)
776{
777 crypto_free_tfm(crypto_cipher_tfm(tfm));
778}
779
16e61030
SM		 780/**
781 * crypto_has_cipher() - Search for the availability of a single block cipher
782 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
783 * single block cipher
784 * @type: specifies the type of the cipher
785 * @mask: specifies the mask for the cipher
786 *
787 * Return: true when the single block cipher is known to the kernel crypto API;
788 * false otherwise
789 */
fce32d70
HX		 790static inline int crypto_has_cipher(const char *alg_name, u32 type, u32 mask)
791{
792 type &= ~CRYPTO_ALG_TYPE_MASK;
793 type |= CRYPTO_ALG_TYPE_CIPHER;
794 mask |= CRYPTO_ALG_TYPE_MASK;
795
796 return crypto_has_alg(alg_name, type, mask);
797}
798
16e61030
SM		 799/**
800 * crypto_cipher_blocksize() - obtain block size for cipher
801 * @tfm: cipher handle
802 *
803 * The block size for the single block cipher referenced with the cipher handle
804 * tfm is returned. The caller may use that information to allocate appropriate
805 * memory for the data returned by the encryption or decryption operation
806 *
807 * Return: block size of cipher
808 */
f28776a3
HX		 809static inline unsigned int crypto_cipher_blocksize(struct crypto_cipher *tfm)
810{
811 return crypto_tfm_alg_blocksize(crypto_cipher_tfm(tfm));
812}
813
814static inline unsigned int crypto_cipher_alignmask(struct crypto_cipher *tfm)
815{
816 return crypto_tfm_alg_alignmask(crypto_cipher_tfm(tfm));
817}
818
819static inline u32 crypto_cipher_get_flags(struct crypto_cipher *tfm)
820{
821 return crypto_tfm_get_flags(crypto_cipher_tfm(tfm));
822}
823
824static inline void crypto_cipher_set_flags(struct crypto_cipher *tfm,
825 u32 flags)
826{
827 crypto_tfm_set_flags(crypto_cipher_tfm(tfm), flags);
828}
829
830static inline void crypto_cipher_clear_flags(struct crypto_cipher *tfm,
831 u32 flags)
832{
833 crypto_tfm_clear_flags(crypto_cipher_tfm(tfm), flags);
834}
835
16e61030
SM		 836/**
837 * crypto_cipher_setkey() - set key for cipher
838 * @tfm: cipher handle
839 * @key: buffer holding the key
840 * @keylen: length of the key in bytes
841 *
842 * The caller provided key is set for the single block cipher referenced by the
843 * cipher handle.
844 *
845 * Note, the key length determines the cipher type. Many block ciphers implement
846 * different cipher modes depending on the key size, such as AES-128 vs AES-192
847 * vs. AES-256. When providing a 16 byte key for an AES cipher handle, AES-128
848 * is performed.
849 *
850 * Return: 0 if the setting of the key was successful; < 0 if an error occurred
851 */
e8cfed5e
EB		 852int crypto_cipher_setkey(struct crypto_cipher *tfm,
853 const u8 *key, unsigned int keylen);
7226bc87 854
16e61030
SM		 855/**
856 * crypto_cipher_encrypt_one() - encrypt one block of plaintext
857 * @tfm: cipher handle
858 * @dst: points to the buffer that will be filled with the ciphertext
859 * @src: buffer holding the plaintext to be encrypted
860 *
861 * Invoke the encryption operation of one block. The caller must ensure that
862 * the plaintext and ciphertext buffers are at least one block in size.
863 */
e8cfed5e
EB		 864void crypto_cipher_encrypt_one(struct crypto_cipher *tfm,
865 u8 *dst, const u8 *src);
f28776a3 866
16e61030
SM		 867/**
868 * crypto_cipher_decrypt_one() - decrypt one block of ciphertext
869 * @tfm: cipher handle
870 * @dst: points to the buffer that will be filled with the plaintext
871 * @src: buffer holding the ciphertext to be decrypted
872 *
873 * Invoke the decryption operation of one block. The caller must ensure that
874 * the plaintext and ciphertext buffers are at least one block in size.
875 */
e8cfed5e
EB		 876void crypto_cipher_decrypt_one(struct crypto_cipher *tfm,
877 u8 *dst, const u8 *src);
f28776a3 878
fce32d70
HX		 879static inline struct crypto_comp *__crypto_comp_cast(struct crypto_tfm *tfm)
880{
881 return (struct crypto_comp *)tfm;
882}
883
fce32d70
HX		 884static inline struct crypto_comp *crypto_alloc_comp(const char *alg_name,
885 u32 type, u32 mask)
886{
887 type &= ~CRYPTO_ALG_TYPE_MASK;
888 type |= CRYPTO_ALG_TYPE_COMPRESS;
889 mask |= CRYPTO_ALG_TYPE_MASK;
890
891 return __crypto_comp_cast(crypto_alloc_base(alg_name, type, mask));
892}
893
894static inline struct crypto_tfm *crypto_comp_tfm(struct crypto_comp *tfm)
895{
78a1fe4f 896 return &tfm->base;
fce32d70
HX		 897}
898
899static inline void crypto_free_comp(struct crypto_comp *tfm)
900{
901 crypto_free_tfm(crypto_comp_tfm(tfm));
902}
903
904static inline int crypto_has_comp(const char *alg_name, u32 type, u32 mask)
905{
906 type &= ~CRYPTO_ALG_TYPE_MASK;
907 type |= CRYPTO_ALG_TYPE_COMPRESS;
908 mask |= CRYPTO_ALG_TYPE_MASK;
909
910 return crypto_has_alg(alg_name, type, mask);
911}
912
e4d5b79c
HX		 913static inline const char *crypto_comp_name(struct crypto_comp *tfm)
914{
915 return crypto_tfm_alg_name(crypto_comp_tfm(tfm));
916}
917
c441a909
EB		 918int crypto_comp_compress(struct crypto_comp *tfm,
919 const u8 *src, unsigned int slen,
920 u8 *dst, unsigned int *dlen);
1da177e4 921
c441a909
EB		 922int crypto_comp_decompress(struct crypto_comp *tfm,
923 const u8 *src, unsigned int slen,
924 u8 *dst, unsigned int *dlen);
1da177e4 925
1da177e4
LT		 926#endif /* _LINUX_CRYPTO_H */
927
Ubuntu Jammy Linux kernel mirror