xref: /linux/net/xfrm/xfrm_algo.c (revision 79790b6818e96c58fe2bffee1b418c16e64e7b80)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * xfrm algorithm interface
4  *
5  * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
6  */
7 
8 #include <crypto/aead.h>
9 #include <crypto/hash.h>
10 #include <crypto/skcipher.h>
11 #include <linux/module.h>
12 #include <linux/kernel.h>
13 #include <linux/pfkeyv2.h>
14 #include <linux/crypto.h>
15 #include <linux/scatterlist.h>
16 #include <net/xfrm.h>
17 #if IS_ENABLED(CONFIG_INET_ESP) || IS_ENABLED(CONFIG_INET6_ESP)
18 #include <net/esp.h>
19 #endif
20 
21 /*
22  * Algorithms supported by IPsec.  These entries contain properties which
23  * are used in key negotiation and xfrm processing, and are used to verify
24  * that instantiated crypto transforms have correct parameters for IPsec
25  * purposes.
26  */
27 static struct xfrm_algo_desc aead_list[] = {
28 {
29 	.name = "rfc4106(gcm(aes))",
30 
31 	.uinfo = {
32 		.aead = {
33 			.geniv = "seqiv",
34 			.icv_truncbits = 64,
35 		}
36 	},
37 
38 	.pfkey_supported = 1,
39 
40 	.desc = {
41 		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV8,
42 		.sadb_alg_ivlen = 8,
43 		.sadb_alg_minbits = 128,
44 		.sadb_alg_maxbits = 256
45 	}
46 },
47 {
48 	.name = "rfc4106(gcm(aes))",
49 
50 	.uinfo = {
51 		.aead = {
52 			.geniv = "seqiv",
53 			.icv_truncbits = 96,
54 		}
55 	},
56 
57 	.pfkey_supported = 1,
58 
59 	.desc = {
60 		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV12,
61 		.sadb_alg_ivlen = 8,
62 		.sadb_alg_minbits = 128,
63 		.sadb_alg_maxbits = 256
64 	}
65 },
66 {
67 	.name = "rfc4106(gcm(aes))",
68 
69 	.uinfo = {
70 		.aead = {
71 			.geniv = "seqiv",
72 			.icv_truncbits = 128,
73 		}
74 	},
75 
76 	.pfkey_supported = 1,
77 
78 	.desc = {
79 		.sadb_alg_id = SADB_X_EALG_AES_GCM_ICV16,
80 		.sadb_alg_ivlen = 8,
81 		.sadb_alg_minbits = 128,
82 		.sadb_alg_maxbits = 256
83 	}
84 },
85 {
86 	.name = "rfc4309(ccm(aes))",
87 
88 	.uinfo = {
89 		.aead = {
90 			.geniv = "seqiv",
91 			.icv_truncbits = 64,
92 		}
93 	},
94 
95 	.pfkey_supported = 1,
96 
97 	.desc = {
98 		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV8,
99 		.sadb_alg_ivlen = 8,
100 		.sadb_alg_minbits = 128,
101 		.sadb_alg_maxbits = 256
102 	}
103 },
104 {
105 	.name = "rfc4309(ccm(aes))",
106 
107 	.uinfo = {
108 		.aead = {
109 			.geniv = "seqiv",
110 			.icv_truncbits = 96,
111 		}
112 	},
113 
114 	.pfkey_supported = 1,
115 
116 	.desc = {
117 		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV12,
118 		.sadb_alg_ivlen = 8,
119 		.sadb_alg_minbits = 128,
120 		.sadb_alg_maxbits = 256
121 	}
122 },
123 {
124 	.name = "rfc4309(ccm(aes))",
125 
126 	.uinfo = {
127 		.aead = {
128 			.geniv = "seqiv",
129 			.icv_truncbits = 128,
130 		}
131 	},
132 
133 	.pfkey_supported = 1,
134 
135 	.desc = {
136 		.sadb_alg_id = SADB_X_EALG_AES_CCM_ICV16,
137 		.sadb_alg_ivlen = 8,
138 		.sadb_alg_minbits = 128,
139 		.sadb_alg_maxbits = 256
140 	}
141 },
142 {
143 	.name = "rfc4543(gcm(aes))",
144 
145 	.uinfo = {
146 		.aead = {
147 			.geniv = "seqiv",
148 			.icv_truncbits = 128,
149 		}
150 	},
151 
152 	.pfkey_supported = 1,
153 
154 	.desc = {
155 		.sadb_alg_id = SADB_X_EALG_NULL_AES_GMAC,
156 		.sadb_alg_ivlen = 8,
157 		.sadb_alg_minbits = 128,
158 		.sadb_alg_maxbits = 256
159 	}
160 },
161 {
162 	.name = "rfc7539esp(chacha20,poly1305)",
163 
164 	.uinfo = {
165 		.aead = {
166 			.geniv = "seqiv",
167 			.icv_truncbits = 128,
168 		}
169 	},
170 
171 	.pfkey_supported = 0,
172 },
173 };
174 
175 static struct xfrm_algo_desc aalg_list[] = {
176 {
177 	.name = "digest_null",
178 
179 	.uinfo = {
180 		.auth = {
181 			.icv_truncbits = 0,
182 			.icv_fullbits = 0,
183 		}
184 	},
185 
186 	.pfkey_supported = 1,
187 
188 	.desc = {
189 		.sadb_alg_id = SADB_X_AALG_NULL,
190 		.sadb_alg_ivlen = 0,
191 		.sadb_alg_minbits = 0,
192 		.sadb_alg_maxbits = 0
193 	}
194 },
195 {
196 	.name = "hmac(md5)",
197 	.compat = "md5",
198 
199 	.uinfo = {
200 		.auth = {
201 			.icv_truncbits = 96,
202 			.icv_fullbits = 128,
203 		}
204 	},
205 
206 	.pfkey_supported = 1,
207 
208 	.desc = {
209 		.sadb_alg_id = SADB_AALG_MD5HMAC,
210 		.sadb_alg_ivlen = 0,
211 		.sadb_alg_minbits = 128,
212 		.sadb_alg_maxbits = 128
213 	}
214 },
215 {
216 	.name = "hmac(sha1)",
217 	.compat = "sha1",
218 
219 	.uinfo = {
220 		.auth = {
221 			.icv_truncbits = 96,
222 			.icv_fullbits = 160,
223 		}
224 	},
225 
226 	.pfkey_supported = 1,
227 
228 	.desc = {
229 		.sadb_alg_id = SADB_AALG_SHA1HMAC,
230 		.sadb_alg_ivlen = 0,
231 		.sadb_alg_minbits = 160,
232 		.sadb_alg_maxbits = 160
233 	}
234 },
235 {
236 	.name = "hmac(sha256)",
237 	.compat = "sha256",
238 
239 	.uinfo = {
240 		.auth = {
241 			.icv_truncbits = 96,
242 			.icv_fullbits = 256,
243 		}
244 	},
245 
246 	.pfkey_supported = 1,
247 
248 	.desc = {
249 		.sadb_alg_id = SADB_X_AALG_SHA2_256HMAC,
250 		.sadb_alg_ivlen = 0,
251 		.sadb_alg_minbits = 256,
252 		.sadb_alg_maxbits = 256
253 	}
254 },
255 {
256 	.name = "hmac(sha384)",
257 
258 	.uinfo = {
259 		.auth = {
260 			.icv_truncbits = 192,
261 			.icv_fullbits = 384,
262 		}
263 	},
264 
265 	.pfkey_supported = 1,
266 
267 	.desc = {
268 		.sadb_alg_id = SADB_X_AALG_SHA2_384HMAC,
269 		.sadb_alg_ivlen = 0,
270 		.sadb_alg_minbits = 384,
271 		.sadb_alg_maxbits = 384
272 	}
273 },
274 {
275 	.name = "hmac(sha512)",
276 
277 	.uinfo = {
278 		.auth = {
279 			.icv_truncbits = 256,
280 			.icv_fullbits = 512,
281 		}
282 	},
283 
284 	.pfkey_supported = 1,
285 
286 	.desc = {
287 		.sadb_alg_id = SADB_X_AALG_SHA2_512HMAC,
288 		.sadb_alg_ivlen = 0,
289 		.sadb_alg_minbits = 512,
290 		.sadb_alg_maxbits = 512
291 	}
292 },
293 {
294 	.name = "hmac(rmd160)",
295 	.compat = "rmd160",
296 
297 	.uinfo = {
298 		.auth = {
299 			.icv_truncbits = 96,
300 			.icv_fullbits = 160,
301 		}
302 	},
303 
304 	.pfkey_supported = 1,
305 
306 	.desc = {
307 		.sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC,
308 		.sadb_alg_ivlen = 0,
309 		.sadb_alg_minbits = 160,
310 		.sadb_alg_maxbits = 160
311 	}
312 },
313 {
314 	.name = "xcbc(aes)",
315 
316 	.uinfo = {
317 		.auth = {
318 			.icv_truncbits = 96,
319 			.icv_fullbits = 128,
320 		}
321 	},
322 
323 	.pfkey_supported = 1,
324 
325 	.desc = {
326 		.sadb_alg_id = SADB_X_AALG_AES_XCBC_MAC,
327 		.sadb_alg_ivlen = 0,
328 		.sadb_alg_minbits = 128,
329 		.sadb_alg_maxbits = 128
330 	}
331 },
332 {
333 	/* rfc4494 */
334 	.name = "cmac(aes)",
335 
336 	.uinfo = {
337 		.auth = {
338 			.icv_truncbits = 96,
339 			.icv_fullbits = 128,
340 		}
341 	},
342 
343 	.pfkey_supported = 0,
344 },
345 {
346 	.name = "hmac(sm3)",
347 	.compat = "sm3",
348 
349 	.uinfo = {
350 		.auth = {
351 			.icv_truncbits = 256,
352 			.icv_fullbits = 256,
353 		}
354 	},
355 
356 	.pfkey_supported = 1,
357 
358 	.desc = {
359 		.sadb_alg_id = SADB_X_AALG_SM3_256HMAC,
360 		.sadb_alg_ivlen = 0,
361 		.sadb_alg_minbits = 256,
362 		.sadb_alg_maxbits = 256
363 	}
364 },
365 };
366 
367 static struct xfrm_algo_desc ealg_list[] = {
368 {
369 	.name = "ecb(cipher_null)",
370 	.compat = "cipher_null",
371 
372 	.uinfo = {
373 		.encr = {
374 			.blockbits = 8,
375 			.defkeybits = 0,
376 		}
377 	},
378 
379 	.pfkey_supported = 1,
380 
381 	.desc = {
382 		.sadb_alg_id =	SADB_EALG_NULL,
383 		.sadb_alg_ivlen = 0,
384 		.sadb_alg_minbits = 0,
385 		.sadb_alg_maxbits = 0
386 	}
387 },
388 {
389 	.name = "cbc(des)",
390 	.compat = "des",
391 
392 	.uinfo = {
393 		.encr = {
394 			.geniv = "echainiv",
395 			.blockbits = 64,
396 			.defkeybits = 64,
397 		}
398 	},
399 
400 	.pfkey_supported = 1,
401 
402 	.desc = {
403 		.sadb_alg_id = SADB_EALG_DESCBC,
404 		.sadb_alg_ivlen = 8,
405 		.sadb_alg_minbits = 64,
406 		.sadb_alg_maxbits = 64
407 	}
408 },
409 {
410 	.name = "cbc(des3_ede)",
411 	.compat = "des3_ede",
412 
413 	.uinfo = {
414 		.encr = {
415 			.geniv = "echainiv",
416 			.blockbits = 64,
417 			.defkeybits = 192,
418 		}
419 	},
420 
421 	.pfkey_supported = 1,
422 
423 	.desc = {
424 		.sadb_alg_id = SADB_EALG_3DESCBC,
425 		.sadb_alg_ivlen = 8,
426 		.sadb_alg_minbits = 192,
427 		.sadb_alg_maxbits = 192
428 	}
429 },
430 {
431 	.name = "cbc(cast5)",
432 	.compat = "cast5",
433 
434 	.uinfo = {
435 		.encr = {
436 			.geniv = "echainiv",
437 			.blockbits = 64,
438 			.defkeybits = 128,
439 		}
440 	},
441 
442 	.pfkey_supported = 1,
443 
444 	.desc = {
445 		.sadb_alg_id = SADB_X_EALG_CASTCBC,
446 		.sadb_alg_ivlen = 8,
447 		.sadb_alg_minbits = 40,
448 		.sadb_alg_maxbits = 128
449 	}
450 },
451 {
452 	.name = "cbc(blowfish)",
453 	.compat = "blowfish",
454 
455 	.uinfo = {
456 		.encr = {
457 			.geniv = "echainiv",
458 			.blockbits = 64,
459 			.defkeybits = 128,
460 		}
461 	},
462 
463 	.pfkey_supported = 1,
464 
465 	.desc = {
466 		.sadb_alg_id = SADB_X_EALG_BLOWFISHCBC,
467 		.sadb_alg_ivlen = 8,
468 		.sadb_alg_minbits = 40,
469 		.sadb_alg_maxbits = 448
470 	}
471 },
472 {
473 	.name = "cbc(aes)",
474 	.compat = "aes",
475 
476 	.uinfo = {
477 		.encr = {
478 			.geniv = "echainiv",
479 			.blockbits = 128,
480 			.defkeybits = 128,
481 		}
482 	},
483 
484 	.pfkey_supported = 1,
485 
486 	.desc = {
487 		.sadb_alg_id = SADB_X_EALG_AESCBC,
488 		.sadb_alg_ivlen = 8,
489 		.sadb_alg_minbits = 128,
490 		.sadb_alg_maxbits = 256
491 	}
492 },
493 {
494 	.name = "cbc(serpent)",
495 	.compat = "serpent",
496 
497 	.uinfo = {
498 		.encr = {
499 			.geniv = "echainiv",
500 			.blockbits = 128,
501 			.defkeybits = 128,
502 		}
503 	},
504 
505 	.pfkey_supported = 1,
506 
507 	.desc = {
508 		.sadb_alg_id = SADB_X_EALG_SERPENTCBC,
509 		.sadb_alg_ivlen = 8,
510 		.sadb_alg_minbits = 128,
511 		.sadb_alg_maxbits = 256,
512 	}
513 },
514 {
515 	.name = "cbc(camellia)",
516 	.compat = "camellia",
517 
518 	.uinfo = {
519 		.encr = {
520 			.geniv = "echainiv",
521 			.blockbits = 128,
522 			.defkeybits = 128,
523 		}
524 	},
525 
526 	.pfkey_supported = 1,
527 
528 	.desc = {
529 		.sadb_alg_id = SADB_X_EALG_CAMELLIACBC,
530 		.sadb_alg_ivlen = 8,
531 		.sadb_alg_minbits = 128,
532 		.sadb_alg_maxbits = 256
533 	}
534 },
535 {
536 	.name = "cbc(twofish)",
537 	.compat = "twofish",
538 
539 	.uinfo = {
540 		.encr = {
541 			.geniv = "echainiv",
542 			.blockbits = 128,
543 			.defkeybits = 128,
544 		}
545 	},
546 
547 	.pfkey_supported = 1,
548 
549 	.desc = {
550 		.sadb_alg_id = SADB_X_EALG_TWOFISHCBC,
551 		.sadb_alg_ivlen = 8,
552 		.sadb_alg_minbits = 128,
553 		.sadb_alg_maxbits = 256
554 	}
555 },
556 {
557 	.name = "rfc3686(ctr(aes))",
558 
559 	.uinfo = {
560 		.encr = {
561 			.geniv = "seqiv",
562 			.blockbits = 128,
563 			.defkeybits = 160, /* 128-bit key + 32-bit nonce */
564 		}
565 	},
566 
567 	.pfkey_supported = 1,
568 
569 	.desc = {
570 		.sadb_alg_id = SADB_X_EALG_AESCTR,
571 		.sadb_alg_ivlen	= 8,
572 		.sadb_alg_minbits = 160,
573 		.sadb_alg_maxbits = 288
574 	}
575 },
576 {
577 	.name = "cbc(sm4)",
578 	.compat = "sm4",
579 
580 	.uinfo = {
581 		.encr = {
582 			.geniv = "echainiv",
583 			.blockbits = 128,
584 			.defkeybits = 128,
585 		}
586 	},
587 
588 	.pfkey_supported = 1,
589 
590 	.desc = {
591 		.sadb_alg_id = SADB_X_EALG_SM4CBC,
592 		.sadb_alg_ivlen	= 16,
593 		.sadb_alg_minbits = 128,
594 		.sadb_alg_maxbits = 256
595 	}
596 },
597 };
598 
599 static struct xfrm_algo_desc calg_list[] = {
600 {
601 	.name = "deflate",
602 	.uinfo = {
603 		.comp = {
604 			.threshold = 90,
605 		}
606 	},
607 	.pfkey_supported = 1,
608 	.desc = { .sadb_alg_id = SADB_X_CALG_DEFLATE }
609 },
610 {
611 	.name = "lzs",
612 	.uinfo = {
613 		.comp = {
614 			.threshold = 90,
615 		}
616 	},
617 	.pfkey_supported = 1,
618 	.desc = { .sadb_alg_id = SADB_X_CALG_LZS }
619 },
620 {
621 	.name = "lzjh",
622 	.uinfo = {
623 		.comp = {
624 			.threshold = 50,
625 		}
626 	},
627 	.pfkey_supported = 1,
628 	.desc = { .sadb_alg_id = SADB_X_CALG_LZJH }
629 },
630 };
631 
aalg_entries(void)632 static inline int aalg_entries(void)
633 {
634 	return ARRAY_SIZE(aalg_list);
635 }
636 
ealg_entries(void)637 static inline int ealg_entries(void)
638 {
639 	return ARRAY_SIZE(ealg_list);
640 }
641 
calg_entries(void)642 static inline int calg_entries(void)
643 {
644 	return ARRAY_SIZE(calg_list);
645 }
646 
647 struct xfrm_algo_list {
648 	int (*find)(const char *name, u32 type, u32 mask);
649 	struct xfrm_algo_desc *algs;
650 	int entries;
651 };
652 
653 static const struct xfrm_algo_list xfrm_aead_list = {
654 	.find = crypto_has_aead,
655 	.algs = aead_list,
656 	.entries = ARRAY_SIZE(aead_list),
657 };
658 
659 static const struct xfrm_algo_list xfrm_aalg_list = {
660 	.find = crypto_has_ahash,
661 	.algs = aalg_list,
662 	.entries = ARRAY_SIZE(aalg_list),
663 };
664 
665 static const struct xfrm_algo_list xfrm_ealg_list = {
666 	.find = crypto_has_skcipher,
667 	.algs = ealg_list,
668 	.entries = ARRAY_SIZE(ealg_list),
669 };
670 
671 static const struct xfrm_algo_list xfrm_calg_list = {
672 	.find = crypto_has_comp,
673 	.algs = calg_list,
674 	.entries = ARRAY_SIZE(calg_list),
675 };
676 
xfrm_find_algo(const struct xfrm_algo_list * algo_list,int match (const struct xfrm_algo_desc * entry,const void * data),const void * data,int probe)677 static struct xfrm_algo_desc *xfrm_find_algo(
678 	const struct xfrm_algo_list *algo_list,
679 	int match(const struct xfrm_algo_desc *entry, const void *data),
680 	const void *data, int probe)
681 {
682 	struct xfrm_algo_desc *list = algo_list->algs;
683 	int i, status;
684 
685 	for (i = 0; i < algo_list->entries; i++) {
686 		if (!match(list + i, data))
687 			continue;
688 
689 		if (list[i].available)
690 			return &list[i];
691 
692 		if (!probe)
693 			break;
694 
695 		status = algo_list->find(list[i].name, 0, 0);
696 		if (!status)
697 			break;
698 
699 		list[i].available = status;
700 		return &list[i];
701 	}
702 	return NULL;
703 }
704 
xfrm_alg_id_match(const struct xfrm_algo_desc * entry,const void * data)705 static int xfrm_alg_id_match(const struct xfrm_algo_desc *entry,
706 			     const void *data)
707 {
708 	return entry->desc.sadb_alg_id == (unsigned long)data;
709 }
710 
xfrm_aalg_get_byid(int alg_id)711 struct xfrm_algo_desc *xfrm_aalg_get_byid(int alg_id)
712 {
713 	return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_id_match,
714 			      (void *)(unsigned long)alg_id, 1);
715 }
716 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byid);
717 
xfrm_ealg_get_byid(int alg_id)718 struct xfrm_algo_desc *xfrm_ealg_get_byid(int alg_id)
719 {
720 	return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_id_match,
721 			      (void *)(unsigned long)alg_id, 1);
722 }
723 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byid);
724 
xfrm_calg_get_byid(int alg_id)725 struct xfrm_algo_desc *xfrm_calg_get_byid(int alg_id)
726 {
727 	return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_id_match,
728 			      (void *)(unsigned long)alg_id, 1);
729 }
730 EXPORT_SYMBOL_GPL(xfrm_calg_get_byid);
731 
xfrm_alg_name_match(const struct xfrm_algo_desc * entry,const void * data)732 static int xfrm_alg_name_match(const struct xfrm_algo_desc *entry,
733 			       const void *data)
734 {
735 	const char *name = data;
736 
737 	return name && (!strcmp(name, entry->name) ||
738 			(entry->compat && !strcmp(name, entry->compat)));
739 }
740 
xfrm_aalg_get_byname(const char * name,int probe)741 struct xfrm_algo_desc *xfrm_aalg_get_byname(const char *name, int probe)
742 {
743 	return xfrm_find_algo(&xfrm_aalg_list, xfrm_alg_name_match, name,
744 			      probe);
745 }
746 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byname);
747 
xfrm_ealg_get_byname(const char * name,int probe)748 struct xfrm_algo_desc *xfrm_ealg_get_byname(const char *name, int probe)
749 {
750 	return xfrm_find_algo(&xfrm_ealg_list, xfrm_alg_name_match, name,
751 			      probe);
752 }
753 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byname);
754 
xfrm_calg_get_byname(const char * name,int probe)755 struct xfrm_algo_desc *xfrm_calg_get_byname(const char *name, int probe)
756 {
757 	return xfrm_find_algo(&xfrm_calg_list, xfrm_alg_name_match, name,
758 			      probe);
759 }
760 EXPORT_SYMBOL_GPL(xfrm_calg_get_byname);
761 
762 struct xfrm_aead_name {
763 	const char *name;
764 	int icvbits;
765 };
766 
xfrm_aead_name_match(const struct xfrm_algo_desc * entry,const void * data)767 static int xfrm_aead_name_match(const struct xfrm_algo_desc *entry,
768 				const void *data)
769 {
770 	const struct xfrm_aead_name *aead = data;
771 	const char *name = aead->name;
772 
773 	return aead->icvbits == entry->uinfo.aead.icv_truncbits && name &&
774 	       !strcmp(name, entry->name);
775 }
776 
xfrm_aead_get_byname(const char * name,int icv_len,int probe)777 struct xfrm_algo_desc *xfrm_aead_get_byname(const char *name, int icv_len, int probe)
778 {
779 	struct xfrm_aead_name data = {
780 		.name = name,
781 		.icvbits = icv_len,
782 	};
783 
784 	return xfrm_find_algo(&xfrm_aead_list, xfrm_aead_name_match, &data,
785 			      probe);
786 }
787 EXPORT_SYMBOL_GPL(xfrm_aead_get_byname);
788 
xfrm_aalg_get_byidx(unsigned int idx)789 struct xfrm_algo_desc *xfrm_aalg_get_byidx(unsigned int idx)
790 {
791 	if (idx >= aalg_entries())
792 		return NULL;
793 
794 	return &aalg_list[idx];
795 }
796 EXPORT_SYMBOL_GPL(xfrm_aalg_get_byidx);
797 
xfrm_ealg_get_byidx(unsigned int idx)798 struct xfrm_algo_desc *xfrm_ealg_get_byidx(unsigned int idx)
799 {
800 	if (idx >= ealg_entries())
801 		return NULL;
802 
803 	return &ealg_list[idx];
804 }
805 EXPORT_SYMBOL_GPL(xfrm_ealg_get_byidx);
806 
807 /*
808  * Probe for the availability of crypto algorithms, and set the available
809  * flag for any algorithms found on the system.  This is typically called by
810  * pfkey during userspace SA add, update or register.
811  */
xfrm_probe_algs(void)812 void xfrm_probe_algs(void)
813 {
814 	int i, status;
815 
816 	BUG_ON(in_softirq());
817 
818 	for (i = 0; i < aalg_entries(); i++) {
819 		status = crypto_has_ahash(aalg_list[i].name, 0, 0);
820 		if (aalg_list[i].available != status)
821 			aalg_list[i].available = status;
822 	}
823 
824 	for (i = 0; i < ealg_entries(); i++) {
825 		status = crypto_has_skcipher(ealg_list[i].name, 0, 0);
826 		if (ealg_list[i].available != status)
827 			ealg_list[i].available = status;
828 	}
829 
830 	for (i = 0; i < calg_entries(); i++) {
831 		status = crypto_has_comp(calg_list[i].name, 0,
832 					 CRYPTO_ALG_ASYNC);
833 		if (calg_list[i].available != status)
834 			calg_list[i].available = status;
835 	}
836 }
837 EXPORT_SYMBOL_GPL(xfrm_probe_algs);
838 
xfrm_count_pfkey_auth_supported(void)839 int xfrm_count_pfkey_auth_supported(void)
840 {
841 	int i, n;
842 
843 	for (i = 0, n = 0; i < aalg_entries(); i++)
844 		if (aalg_list[i].available && aalg_list[i].pfkey_supported)
845 			n++;
846 	return n;
847 }
848 EXPORT_SYMBOL_GPL(xfrm_count_pfkey_auth_supported);
849 
xfrm_count_pfkey_enc_supported(void)850 int xfrm_count_pfkey_enc_supported(void)
851 {
852 	int i, n;
853 
854 	for (i = 0, n = 0; i < ealg_entries(); i++)
855 		if (ealg_list[i].available && ealg_list[i].pfkey_supported)
856 			n++;
857 	return n;
858 }
859 EXPORT_SYMBOL_GPL(xfrm_count_pfkey_enc_supported);
860 
861 MODULE_DESCRIPTION("XFRM Algorithm interface");
862 MODULE_LICENSE("GPL");
863