1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef _FS_CEPH_CRYPTO_H 3 #define _FS_CEPH_CRYPTO_H 4 5 #include <crypto/sha2.h> 6 #include <linux/ceph/types.h> 7 #include <linux/ceph/buffer.h> 8 9 #define CEPH_MAX_KEY_LEN 32 10 #define CEPH_MAX_CON_SECRET_LEN 64 11 12 /* 13 * cryptographic secret 14 */ 15 struct ceph_crypto_key { 16 int type; 17 struct ceph_timespec created; 18 int len; 19 void *key; 20 21 union { 22 struct crypto_sync_skcipher *aes_tfm; 23 struct { 24 struct hmac_sha256_key hmac_key; 25 const struct krb5_enctype *krb5_type; 26 struct crypto_aead *krb5_tfms[3]; 27 }; 28 }; 29 }; 30 31 int ceph_crypto_key_prepare(struct ceph_crypto_key *key, 32 const u32 *key_usages, int key_usage_cnt); 33 int ceph_crypto_key_clone(struct ceph_crypto_key *dst, 34 const struct ceph_crypto_key *src); 35 int ceph_crypto_key_decode(struct ceph_crypto_key *key, void **p, void *end); 36 int ceph_crypto_key_unarmor(struct ceph_crypto_key *key, const char *in); 37 void ceph_crypto_key_destroy(struct ceph_crypto_key *key); 38 39 /* crypto.c */ 40 int ceph_crypt(const struct ceph_crypto_key *key, int usage_slot, bool encrypt, 41 void *buf, int buf_len, int in_len, int *pout_len); 42 int ceph_crypt_data_offset(const struct ceph_crypto_key *key); 43 int ceph_crypt_buflen(const struct ceph_crypto_key *key, int data_len); 44 void ceph_hmac_sha256(const struct ceph_crypto_key *key, const void *buf, 45 int buf_len, u8 hmac[SHA256_DIGEST_SIZE]); 46 int ceph_crypto_init(void); 47 void ceph_crypto_shutdown(void); 48 49 /* armor.c */ 50 int ceph_armor(char *dst, const char *src, const char *end); 51 int ceph_unarmor(char *dst, const char *src, const char *end); 52 53 #endif 54