1 /* 2 * Symmetric key ciphers. 3 * 4 * Copyright (c) 2007-2015 Herbert Xu <herbert@gondor.apana.org.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 * 11 */ 12 13 #ifndef _CRYPTO_SKCIPHER_H 14 #define _CRYPTO_SKCIPHER_H 15 16 #include <linux/crypto.h> 17 #include <linux/kernel.h> 18 #include <linux/slab.h> 19 20 /** 21 * struct skcipher_request - Symmetric key cipher request 22 * @cryptlen: Number of bytes to encrypt or decrypt 23 * @iv: Initialisation Vector 24 * @src: Source SG list 25 * @dst: Destination SG list 26 * @base: Underlying async request request 27 * @__ctx: Start of private context data 28 */ 29 struct skcipher_request { 30 unsigned int cryptlen; 31 32 u8 *iv; 33 34 struct scatterlist *src; 35 struct scatterlist *dst; 36 37 struct crypto_async_request base; 38 39 void *__ctx[] CRYPTO_MINALIGN_ATTR; 40 }; 41 42 /** 43 * struct skcipher_givcrypt_request - Crypto request with IV generation 44 * @seq: Sequence number for IV generation 45 * @giv: Space for generated IV 46 * @creq: The crypto request itself 47 */ 48 struct skcipher_givcrypt_request { 49 u64 seq; 50 u8 *giv; 51 52 struct ablkcipher_request creq; 53 }; 54 55 struct crypto_skcipher { 56 int (*setkey)(struct crypto_skcipher *tfm, const u8 *key, 57 unsigned int keylen); 58 int (*encrypt)(struct skcipher_request *req); 59 int (*decrypt)(struct skcipher_request *req); 60 61 unsigned int ivsize; 62 unsigned int reqsize; 63 unsigned int keysize; 64 65 struct crypto_tfm base; 66 }; 67 68 struct crypto_sync_skcipher { 69 struct crypto_skcipher base; 70 }; 71 72 /** 73 * struct skcipher_alg - symmetric key cipher definition 74 * @min_keysize: Minimum key size supported by the transformation. This is the 75 * smallest key length supported by this transformation algorithm. 76 * This must be set to one of the pre-defined values as this is 77 * not hardware specific. Possible values for this field can be 78 * found via git grep "_MIN_KEY_SIZE" include/crypto/ 79 * @max_keysize: Maximum key size supported by the transformation. This is the 80 * largest key length supported by this transformation algorithm. 81 * This must be set to one of the pre-defined values as this is 82 * not hardware specific. Possible values for this field can be 83 * found via git grep "_MAX_KEY_SIZE" include/crypto/ 84 * @setkey: Set key for the transformation. This function is used to either 85 * program a supplied key into the hardware or store the key in the 86 * transformation context for programming it later. Note that this 87 * function does modify the transformation context. This function can 88 * be called multiple times during the existence of the transformation 89 * object, so one must make sure the key is properly reprogrammed into 90 * the hardware. This function is also responsible for checking the key 91 * length for validity. In case a software fallback was put in place in 92 * the @cra_init call, this function might need to use the fallback if 93 * the algorithm doesn't support all of the key sizes. 94 * @encrypt: Encrypt a scatterlist of blocks. This function is used to encrypt 95 * the supplied scatterlist containing the blocks of data. The crypto 96 * API consumer is responsible for aligning the entries of the 97 * scatterlist properly and making sure the chunks are correctly 98 * sized. In case a software fallback was put in place in the 99 * @cra_init call, this function might need to use the fallback if 100 * the algorithm doesn't support all of the key sizes. In case the 101 * key was stored in transformation context, the key might need to be 102 * re-programmed into the hardware in this function. This function 103 * shall not modify the transformation context, as this function may 104 * be called in parallel with the same transformation object. 105 * @decrypt: Decrypt a single block. This is a reverse counterpart to @encrypt 106 * and the conditions are exactly the same. 107 * @init: Initialize the cryptographic transformation object. This function 108 * is used to initialize the cryptographic transformation object. 109 * This function is called only once at the instantiation time, right 110 * after the transformation context was allocated. In case the 111 * cryptographic hardware has some special requirements which need to 112 * be handled by software, this function shall check for the precise 113 * requirement of the transformation and put any software fallbacks 114 * in place. 115 * @exit: Deinitialize the cryptographic transformation object. This is a 116 * counterpart to @init, used to remove various changes set in 117 * @init. 118 * @ivsize: IV size applicable for transformation. The consumer must provide an 119 * IV of exactly that size to perform the encrypt or decrypt operation. 120 * @chunksize: Equal to the block size except for stream ciphers such as 121 * CTR where it is set to the underlying block size. 122 * @walksize: Equal to the chunk size except in cases where the algorithm is 123 * considerably more efficient if it can operate on multiple chunks 124 * in parallel. Should be a multiple of chunksize. 125 * @base: Definition of a generic crypto algorithm. 126 * 127 * All fields except @ivsize are mandatory and must be filled. 128 */ 129 struct skcipher_alg { 130 int (*setkey)(struct crypto_skcipher *tfm, const u8 *key, 131 unsigned int keylen); 132 int (*encrypt)(struct skcipher_request *req); 133 int (*decrypt)(struct skcipher_request *req); 134 int (*init)(struct crypto_skcipher *tfm); 135 void (*exit)(struct crypto_skcipher *tfm); 136 137 unsigned int min_keysize; 138 unsigned int max_keysize; 139 unsigned int ivsize; 140 unsigned int chunksize; 141 unsigned int walksize; 142 143 struct crypto_alg base; 144 }; 145 146 #define MAX_SYNC_SKCIPHER_REQSIZE 384 147 /* 148 * This performs a type-check against the "tfm" argument to make sure 149 * all users have the correct skcipher tfm for doing on-stack requests. 150 */ 151 #define SYNC_SKCIPHER_REQUEST_ON_STACK(name, tfm) \ 152 char __##name##_desc[sizeof(struct skcipher_request) + \ 153 MAX_SYNC_SKCIPHER_REQSIZE + \ 154 (!(sizeof((struct crypto_sync_skcipher *)1 == \ 155 (typeof(tfm))1))) \ 156 ] CRYPTO_MINALIGN_ATTR; \ 157 struct skcipher_request *name = (void *)__##name##_desc 158 159 /** 160 * DOC: Symmetric Key Cipher API 161 * 162 * Symmetric key cipher API is used with the ciphers of type 163 * CRYPTO_ALG_TYPE_SKCIPHER (listed as type "skcipher" in /proc/crypto). 164 * 165 * Asynchronous cipher operations imply that the function invocation for a 166 * cipher request returns immediately before the completion of the operation. 167 * The cipher request is scheduled as a separate kernel thread and therefore 168 * load-balanced on the different CPUs via the process scheduler. To allow 169 * the kernel crypto API to inform the caller about the completion of a cipher 170 * request, the caller must provide a callback function. That function is 171 * invoked with the cipher handle when the request completes. 172 * 173 * To support the asynchronous operation, additional information than just the 174 * cipher handle must be supplied to the kernel crypto API. That additional 175 * information is given by filling in the skcipher_request data structure. 176 * 177 * For the symmetric key cipher API, the state is maintained with the tfm 178 * cipher handle. A single tfm can be used across multiple calls and in 179 * parallel. For asynchronous block cipher calls, context data supplied and 180 * only used by the caller can be referenced the request data structure in 181 * addition to the IV used for the cipher request. The maintenance of such 182 * state information would be important for a crypto driver implementer to 183 * have, because when calling the callback function upon completion of the 184 * cipher operation, that callback function may need some information about 185 * which operation just finished if it invoked multiple in parallel. This 186 * state information is unused by the kernel crypto API. 187 */ 188 189 static inline struct crypto_skcipher *__crypto_skcipher_cast( 190 struct crypto_tfm *tfm) 191 { 192 return container_of(tfm, struct crypto_skcipher, base); 193 } 194 195 /** 196 * crypto_alloc_skcipher() - allocate symmetric key cipher handle 197 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the 198 * skcipher cipher 199 * @type: specifies the type of the cipher 200 * @mask: specifies the mask for the cipher 201 * 202 * Allocate a cipher handle for an skcipher. The returned struct 203 * crypto_skcipher is the cipher handle that is required for any subsequent 204 * API invocation for that skcipher. 205 * 206 * Return: allocated cipher handle in case of success; IS_ERR() is true in case 207 * of an error, PTR_ERR() returns the error code. 208 */ 209 struct crypto_skcipher *crypto_alloc_skcipher(const char *alg_name, 210 u32 type, u32 mask); 211 212 struct crypto_sync_skcipher *crypto_alloc_sync_skcipher(const char *alg_name, 213 u32 type, u32 mask); 214 215 static inline struct crypto_tfm *crypto_skcipher_tfm( 216 struct crypto_skcipher *tfm) 217 { 218 return &tfm->base; 219 } 220 221 /** 222 * crypto_free_skcipher() - zeroize and free cipher handle 223 * @tfm: cipher handle to be freed 224 */ 225 static inline void crypto_free_skcipher(struct crypto_skcipher *tfm) 226 { 227 crypto_destroy_tfm(tfm, crypto_skcipher_tfm(tfm)); 228 } 229 230 static inline void crypto_free_sync_skcipher(struct crypto_sync_skcipher *tfm) 231 { 232 crypto_free_skcipher(&tfm->base); 233 } 234 235 /** 236 * crypto_has_skcipher() - Search for the availability of an skcipher. 237 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the 238 * skcipher 239 * @type: specifies the type of the cipher 240 * @mask: specifies the mask for the cipher 241 * 242 * Return: true when the skcipher is known to the kernel crypto API; false 243 * otherwise 244 */ 245 static inline int crypto_has_skcipher(const char *alg_name, u32 type, 246 u32 mask) 247 { 248 return crypto_has_alg(alg_name, crypto_skcipher_type(type), 249 crypto_skcipher_mask(mask)); 250 } 251 252 /** 253 * crypto_has_skcipher2() - Search for the availability of an skcipher. 254 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the 255 * skcipher 256 * @type: specifies the type of the skcipher 257 * @mask: specifies the mask for the skcipher 258 * 259 * Return: true when the skcipher is known to the kernel crypto API; false 260 * otherwise 261 */ 262 int crypto_has_skcipher2(const char *alg_name, u32 type, u32 mask); 263 264 static inline const char *crypto_skcipher_driver_name( 265 struct crypto_skcipher *tfm) 266 { 267 return crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)); 268 } 269 270 static inline struct skcipher_alg *crypto_skcipher_alg( 271 struct crypto_skcipher *tfm) 272 { 273 return container_of(crypto_skcipher_tfm(tfm)->__crt_alg, 274 struct skcipher_alg, base); 275 } 276 277 static inline unsigned int crypto_skcipher_alg_ivsize(struct skcipher_alg *alg) 278 { 279 if ((alg->base.cra_flags & CRYPTO_ALG_TYPE_MASK) == 280 CRYPTO_ALG_TYPE_BLKCIPHER) 281 return alg->base.cra_blkcipher.ivsize; 282 283 if (alg->base.cra_ablkcipher.encrypt) 284 return alg->base.cra_ablkcipher.ivsize; 285 286 return alg->ivsize; 287 } 288 289 /** 290 * crypto_skcipher_ivsize() - obtain IV size 291 * @tfm: cipher handle 292 * 293 * The size of the IV for the skcipher referenced by the cipher handle is 294 * returned. This IV size may be zero if the cipher does not need an IV. 295 * 296 * Return: IV size in bytes 297 */ 298 static inline unsigned int crypto_skcipher_ivsize(struct crypto_skcipher *tfm) 299 { 300 return tfm->ivsize; 301 } 302 303 static inline unsigned int crypto_sync_skcipher_ivsize( 304 struct crypto_sync_skcipher *tfm) 305 { 306 return crypto_skcipher_ivsize(&tfm->base); 307 } 308 309 static inline unsigned int crypto_skcipher_alg_chunksize( 310 struct skcipher_alg *alg) 311 { 312 if ((alg->base.cra_flags & CRYPTO_ALG_TYPE_MASK) == 313 CRYPTO_ALG_TYPE_BLKCIPHER) 314 return alg->base.cra_blocksize; 315 316 if (alg->base.cra_ablkcipher.encrypt) 317 return alg->base.cra_blocksize; 318 319 return alg->chunksize; 320 } 321 322 static inline unsigned int crypto_skcipher_alg_walksize( 323 struct skcipher_alg *alg) 324 { 325 if ((alg->base.cra_flags & CRYPTO_ALG_TYPE_MASK) == 326 CRYPTO_ALG_TYPE_BLKCIPHER) 327 return alg->base.cra_blocksize; 328 329 if (alg->base.cra_ablkcipher.encrypt) 330 return alg->base.cra_blocksize; 331 332 return alg->walksize; 333 } 334 335 /** 336 * crypto_skcipher_chunksize() - obtain chunk size 337 * @tfm: cipher handle 338 * 339 * The block size is set to one for ciphers such as CTR. However, 340 * you still need to provide incremental updates in multiples of 341 * the underlying block size as the IV does not have sub-block 342 * granularity. This is known in this API as the chunk size. 343 * 344 * Return: chunk size in bytes 345 */ 346 static inline unsigned int crypto_skcipher_chunksize( 347 struct crypto_skcipher *tfm) 348 { 349 return crypto_skcipher_alg_chunksize(crypto_skcipher_alg(tfm)); 350 } 351 352 /** 353 * crypto_skcipher_walksize() - obtain walk size 354 * @tfm: cipher handle 355 * 356 * In some cases, algorithms can only perform optimally when operating on 357 * multiple blocks in parallel. This is reflected by the walksize, which 358 * must be a multiple of the chunksize (or equal if the concern does not 359 * apply) 360 * 361 * Return: walk size in bytes 362 */ 363 static inline unsigned int crypto_skcipher_walksize( 364 struct crypto_skcipher *tfm) 365 { 366 return crypto_skcipher_alg_walksize(crypto_skcipher_alg(tfm)); 367 } 368 369 /** 370 * crypto_skcipher_blocksize() - obtain block size of cipher 371 * @tfm: cipher handle 372 * 373 * The block size for the skcipher referenced with the cipher handle is 374 * returned. The caller may use that information to allocate appropriate 375 * memory for the data returned by the encryption or decryption operation 376 * 377 * Return: block size of cipher 378 */ 379 static inline unsigned int crypto_skcipher_blocksize( 380 struct crypto_skcipher *tfm) 381 { 382 return crypto_tfm_alg_blocksize(crypto_skcipher_tfm(tfm)); 383 } 384 385 static inline unsigned int crypto_sync_skcipher_blocksize( 386 struct crypto_sync_skcipher *tfm) 387 { 388 return crypto_skcipher_blocksize(&tfm->base); 389 } 390 391 static inline unsigned int crypto_skcipher_alignmask( 392 struct crypto_skcipher *tfm) 393 { 394 return crypto_tfm_alg_alignmask(crypto_skcipher_tfm(tfm)); 395 } 396 397 static inline u32 crypto_skcipher_get_flags(struct crypto_skcipher *tfm) 398 { 399 return crypto_tfm_get_flags(crypto_skcipher_tfm(tfm)); 400 } 401 402 static inline void crypto_skcipher_set_flags(struct crypto_skcipher *tfm, 403 u32 flags) 404 { 405 crypto_tfm_set_flags(crypto_skcipher_tfm(tfm), flags); 406 } 407 408 static inline void crypto_skcipher_clear_flags(struct crypto_skcipher *tfm, 409 u32 flags) 410 { 411 crypto_tfm_clear_flags(crypto_skcipher_tfm(tfm), flags); 412 } 413 414 static inline u32 crypto_sync_skcipher_get_flags( 415 struct crypto_sync_skcipher *tfm) 416 { 417 return crypto_skcipher_get_flags(&tfm->base); 418 } 419 420 static inline void crypto_sync_skcipher_set_flags( 421 struct crypto_sync_skcipher *tfm, u32 flags) 422 { 423 crypto_skcipher_set_flags(&tfm->base, flags); 424 } 425 426 static inline void crypto_sync_skcipher_clear_flags( 427 struct crypto_sync_skcipher *tfm, u32 flags) 428 { 429 crypto_skcipher_clear_flags(&tfm->base, flags); 430 } 431 432 /** 433 * crypto_skcipher_setkey() - set key for cipher 434 * @tfm: cipher handle 435 * @key: buffer holding the key 436 * @keylen: length of the key in bytes 437 * 438 * The caller provided key is set for the skcipher referenced by the cipher 439 * handle. 440 * 441 * Note, the key length determines the cipher type. Many block ciphers implement 442 * different cipher modes depending on the key size, such as AES-128 vs AES-192 443 * vs. AES-256. When providing a 16 byte key for an AES cipher handle, AES-128 444 * is performed. 445 * 446 * Return: 0 if the setting of the key was successful; < 0 if an error occurred 447 */ 448 static inline int crypto_skcipher_setkey(struct crypto_skcipher *tfm, 449 const u8 *key, unsigned int keylen) 450 { 451 return tfm->setkey(tfm, key, keylen); 452 } 453 454 static inline int crypto_sync_skcipher_setkey(struct crypto_sync_skcipher *tfm, 455 const u8 *key, unsigned int keylen) 456 { 457 return crypto_skcipher_setkey(&tfm->base, key, keylen); 458 } 459 460 static inline unsigned int crypto_skcipher_default_keysize( 461 struct crypto_skcipher *tfm) 462 { 463 return tfm->keysize; 464 } 465 466 /** 467 * crypto_skcipher_reqtfm() - obtain cipher handle from request 468 * @req: skcipher_request out of which the cipher handle is to be obtained 469 * 470 * Return the crypto_skcipher handle when furnishing an skcipher_request 471 * data structure. 472 * 473 * Return: crypto_skcipher handle 474 */ 475 static inline struct crypto_skcipher *crypto_skcipher_reqtfm( 476 struct skcipher_request *req) 477 { 478 return __crypto_skcipher_cast(req->base.tfm); 479 } 480 481 static inline struct crypto_sync_skcipher *crypto_sync_skcipher_reqtfm( 482 struct skcipher_request *req) 483 { 484 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); 485 486 return container_of(tfm, struct crypto_sync_skcipher, base); 487 } 488 489 static inline void crypto_stat_skcipher_encrypt(struct skcipher_request *req, 490 int ret, struct crypto_alg *alg) 491 { 492 #ifdef CONFIG_CRYPTO_STATS 493 if (ret && ret != -EINPROGRESS && ret != -EBUSY) { 494 atomic_inc(&alg->cipher_err_cnt); 495 } else { 496 atomic_inc(&alg->encrypt_cnt); 497 atomic64_add(req->cryptlen, &alg->encrypt_tlen); 498 } 499 #endif 500 } 501 502 static inline void crypto_stat_skcipher_decrypt(struct skcipher_request *req, 503 int ret, struct crypto_alg *alg) 504 { 505 #ifdef CONFIG_CRYPTO_STATS 506 if (ret && ret != -EINPROGRESS && ret != -EBUSY) { 507 atomic_inc(&alg->cipher_err_cnt); 508 } else { 509 atomic_inc(&alg->decrypt_cnt); 510 atomic64_add(req->cryptlen, &alg->decrypt_tlen); 511 } 512 #endif 513 } 514 515 /** 516 * crypto_skcipher_encrypt() - encrypt plaintext 517 * @req: reference to the skcipher_request handle that holds all information 518 * needed to perform the cipher operation 519 * 520 * Encrypt plaintext data using the skcipher_request handle. That data 521 * structure and how it is filled with data is discussed with the 522 * skcipher_request_* functions. 523 * 524 * Return: 0 if the cipher operation was successful; < 0 if an error occurred 525 */ 526 static inline int crypto_skcipher_encrypt(struct skcipher_request *req) 527 { 528 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); 529 int ret; 530 531 if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) 532 ret = -ENOKEY; 533 else 534 ret = tfm->encrypt(req); 535 crypto_stat_skcipher_encrypt(req, ret, tfm->base.__crt_alg); 536 return ret; 537 } 538 539 /** 540 * crypto_skcipher_decrypt() - decrypt ciphertext 541 * @req: reference to the skcipher_request handle that holds all information 542 * needed to perform the cipher operation 543 * 544 * Decrypt ciphertext data using the skcipher_request handle. That data 545 * structure and how it is filled with data is discussed with the 546 * skcipher_request_* functions. 547 * 548 * Return: 0 if the cipher operation was successful; < 0 if an error occurred 549 */ 550 static inline int crypto_skcipher_decrypt(struct skcipher_request *req) 551 { 552 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); 553 int ret; 554 555 if (crypto_skcipher_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) 556 ret = -ENOKEY; 557 else 558 ret = tfm->decrypt(req); 559 crypto_stat_skcipher_decrypt(req, ret, tfm->base.__crt_alg); 560 return ret; 561 } 562 563 /** 564 * DOC: Symmetric Key Cipher Request Handle 565 * 566 * The skcipher_request data structure contains all pointers to data 567 * required for the symmetric key cipher operation. This includes the cipher 568 * handle (which can be used by multiple skcipher_request instances), pointer 569 * to plaintext and ciphertext, asynchronous callback function, etc. It acts 570 * as a handle to the skcipher_request_* API calls in a similar way as 571 * skcipher handle to the crypto_skcipher_* API calls. 572 */ 573 574 /** 575 * crypto_skcipher_reqsize() - obtain size of the request data structure 576 * @tfm: cipher handle 577 * 578 * Return: number of bytes 579 */ 580 static inline unsigned int crypto_skcipher_reqsize(struct crypto_skcipher *tfm) 581 { 582 return tfm->reqsize; 583 } 584 585 /** 586 * skcipher_request_set_tfm() - update cipher handle reference in request 587 * @req: request handle to be modified 588 * @tfm: cipher handle that shall be added to the request handle 589 * 590 * Allow the caller to replace the existing skcipher handle in the request 591 * data structure with a different one. 592 */ 593 static inline void skcipher_request_set_tfm(struct skcipher_request *req, 594 struct crypto_skcipher *tfm) 595 { 596 req->base.tfm = crypto_skcipher_tfm(tfm); 597 } 598 599 static inline void skcipher_request_set_sync_tfm(struct skcipher_request *req, 600 struct crypto_sync_skcipher *tfm) 601 { 602 skcipher_request_set_tfm(req, &tfm->base); 603 } 604 605 static inline struct skcipher_request *skcipher_request_cast( 606 struct crypto_async_request *req) 607 { 608 return container_of(req, struct skcipher_request, base); 609 } 610 611 /** 612 * skcipher_request_alloc() - allocate request data structure 613 * @tfm: cipher handle to be registered with the request 614 * @gfp: memory allocation flag that is handed to kmalloc by the API call. 615 * 616 * Allocate the request data structure that must be used with the skcipher 617 * encrypt and decrypt API calls. During the allocation, the provided skcipher 618 * handle is registered in the request data structure. 619 * 620 * Return: allocated request handle in case of success, or NULL if out of memory 621 */ 622 static inline struct skcipher_request *skcipher_request_alloc( 623 struct crypto_skcipher *tfm, gfp_t gfp) 624 { 625 struct skcipher_request *req; 626 627 req = kmalloc(sizeof(struct skcipher_request) + 628 crypto_skcipher_reqsize(tfm), gfp); 629 630 if (likely(req)) 631 skcipher_request_set_tfm(req, tfm); 632 633 return req; 634 } 635 636 /** 637 * skcipher_request_free() - zeroize and free request data structure 638 * @req: request data structure cipher handle to be freed 639 */ 640 static inline void skcipher_request_free(struct skcipher_request *req) 641 { 642 kzfree(req); 643 } 644 645 static inline void skcipher_request_zero(struct skcipher_request *req) 646 { 647 struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); 648 649 memzero_explicit(req, sizeof(*req) + crypto_skcipher_reqsize(tfm)); 650 } 651 652 /** 653 * skcipher_request_set_callback() - set asynchronous callback function 654 * @req: request handle 655 * @flags: specify zero or an ORing of the flags 656 * CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and 657 * increase the wait queue beyond the initial maximum size; 658 * CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep 659 * @compl: callback function pointer to be registered with the request handle 660 * @data: The data pointer refers to memory that is not used by the kernel 661 * crypto API, but provided to the callback function for it to use. Here, 662 * the caller can provide a reference to memory the callback function can 663 * operate on. As the callback function is invoked asynchronously to the 664 * related functionality, it may need to access data structures of the 665 * related functionality which can be referenced using this pointer. The 666 * callback function can access the memory via the "data" field in the 667 * crypto_async_request data structure provided to the callback function. 668 * 669 * This function allows setting the callback function that is triggered once the 670 * cipher operation completes. 671 * 672 * The callback function is registered with the skcipher_request handle and 673 * must comply with the following template:: 674 * 675 * void callback_function(struct crypto_async_request *req, int error) 676 */ 677 static inline void skcipher_request_set_callback(struct skcipher_request *req, 678 u32 flags, 679 crypto_completion_t compl, 680 void *data) 681 { 682 req->base.complete = compl; 683 req->base.data = data; 684 req->base.flags = flags; 685 } 686 687 /** 688 * skcipher_request_set_crypt() - set data buffers 689 * @req: request handle 690 * @src: source scatter / gather list 691 * @dst: destination scatter / gather list 692 * @cryptlen: number of bytes to process from @src 693 * @iv: IV for the cipher operation which must comply with the IV size defined 694 * by crypto_skcipher_ivsize 695 * 696 * This function allows setting of the source data and destination data 697 * scatter / gather lists. 698 * 699 * For encryption, the source is treated as the plaintext and the 700 * destination is the ciphertext. For a decryption operation, the use is 701 * reversed - the source is the ciphertext and the destination is the plaintext. 702 */ 703 static inline void skcipher_request_set_crypt( 704 struct skcipher_request *req, 705 struct scatterlist *src, struct scatterlist *dst, 706 unsigned int cryptlen, void *iv) 707 { 708 req->src = src; 709 req->dst = dst; 710 req->cryptlen = cryptlen; 711 req->iv = iv; 712 } 713 714 #endif /* _CRYPTO_SKCIPHER_H */ 715 716