git.proxmox.com Git - mirror_ubuntu-zesty-kernel.git/commit

author	Herbert Xu <herbert@gondor.apana.org.au>
	Thu, 21 May 2015 07:11:01 +0000 (15:11 +0800)
committer	Herbert Xu <herbert@gondor.apana.org.au>
	Fri, 22 May 2015 03:25:51 +0000 (11:25 +0800)
commit	996d98d85ccc27d9c592ad7dc1371c60cd6585cc
tree	a7f9c96dc0ec10e5761495fc2116d4d3364705bd	tree
parent	fc42bcba97bae738f905b83741134a63af7e6c02	commit \| diff

crypto: aead - Add new interface with single SG list

The primary user of AEAD, IPsec includes the IV in the AD in
most cases, except where it is implicitly authenticated by the
underlying algorithm.

The way it is currently implemented is a hack because we pass
the data in piecemeal and the underlying algorithms try to stitch
them back up into one piece.

This is why this patch is adding a new interface that allows a
single SG list to be passed in that contains everything so the
algorithm implementors do not have to stitch.

The new interface accepts a single source SG list and a single
destination SG list. Both must be laid out as follows:

AD, skipped data, plain/cipher text, ICV

The ICV is not present from the source during encryption and from
the destination during decryption.

For the top-level IPsec AEAD algorithm the plain/cipher text will
contain the generated (or received) IV.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto/aead.c		diff \| blob \| blame \| history
include/crypto/aead.h		diff \| blob \| blame \| history