akcipher.h 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388
  1. /*
  2. * Public Key Encryption
  3. *
  4. * Copyright (c) 2015, Intel Corporation
  5. * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
  6. *
  7. * This program is free software; you can redistribute it and/or modify it
  8. * under the terms of the GNU General Public License as published by the Free
  9. * Software Foundation; either version 2 of the License, or (at your option)
  10. * any later version.
  11. *
  12. */
  13. #ifndef _CRYPTO_AKCIPHER_H
  14. #define _CRYPTO_AKCIPHER_H
  15. #include <linux/crypto.h>
  16. /**
  17. * struct akcipher_request - public key request
  18. *
  19. * @base: Common attributes for async crypto requests
  20. * @src: Source data
  21. * @dst: Destination data
  22. * @src_len: Size of the input buffer
  23. * @dst_len: Size of the output buffer. It needs to be at least
  24. * as big as the expected result depending on the operation
  25. * After operation it will be updated with the actual size of the
  26. * result.
  27. * In case of error where the dst sgl size was insufficient,
  28. * it will be updated to the size required for the operation.
  29. * @__ctx: Start of private context data
  30. */
  31. struct akcipher_request {
  32. struct crypto_async_request base;
  33. struct scatterlist *src;
  34. struct scatterlist *dst;
  35. unsigned int src_len;
  36. unsigned int dst_len;
  37. void *__ctx[] CRYPTO_MINALIGN_ATTR;
  38. };
  39. /**
  40. * struct crypto_akcipher - user-instantiated objects which encapsulate
  41. * algorithms and core processing logic
  42. *
  43. * @base: Common crypto API algorithm data structure
  44. */
  45. struct crypto_akcipher {
  46. struct crypto_tfm base;
  47. };
  48. /**
  49. * struct akcipher_alg - generic public key algorithm
  50. *
  51. * @sign: Function performs a sign operation as defined by public key
  52. * algorithm. In case of error, where the dst_len was insufficient,
  53. * the req->dst_len will be updated to the size required for the
  54. * operation
  55. * @verify: Function performs a sign operation as defined by public key
  56. * algorithm. In case of error, where the dst_len was insufficient,
  57. * the req->dst_len will be updated to the size required for the
  58. * operation
  59. * @encrypt: Function performs an encrypt operation as defined by public key
  60. * algorithm. In case of error, where the dst_len was insufficient,
  61. * the req->dst_len will be updated to the size required for the
  62. * operation
  63. * @decrypt: Function performs a decrypt operation as defined by public key
  64. * algorithm. In case of error, where the dst_len was insufficient,
  65. * the req->dst_len will be updated to the size required for the
  66. * operation
  67. * @set_pub_key: Function invokes the algorithm specific set public key
  68. * function, which knows how to decode and interpret
  69. * the BER encoded public key
  70. * @set_priv_key: Function invokes the algorithm specific set private key
  71. * function, which knows how to decode and interpret
  72. * the BER encoded private key
  73. * @max_size: Function returns dest buffer size required for a given key.
  74. * @init: Initialize the cryptographic transformation object.
  75. * This function is used to initialize the cryptographic
  76. * transformation object. This function is called only once at
  77. * the instantiation time, right after the transformation context
  78. * was allocated. In case the cryptographic hardware has some
  79. * special requirements which need to be handled by software, this
  80. * function shall check for the precise requirement of the
  81. * transformation and put any software fallbacks in place.
  82. * @exit: Deinitialize the cryptographic transformation object. This is a
  83. * counterpart to @init, used to remove various changes set in
  84. * @init.
  85. *
  86. * @reqsize: Request context size required by algorithm implementation
  87. * @base: Common crypto API algorithm data structure
  88. */
  89. struct akcipher_alg {
  90. int (*sign)(struct akcipher_request *req);
  91. int (*verify)(struct akcipher_request *req);
  92. int (*encrypt)(struct akcipher_request *req);
  93. int (*decrypt)(struct akcipher_request *req);
  94. int (*set_pub_key)(struct crypto_akcipher *tfm, const void *key,
  95. unsigned int keylen);
  96. int (*set_priv_key)(struct crypto_akcipher *tfm, const void *key,
  97. unsigned int keylen);
  98. unsigned int (*max_size)(struct crypto_akcipher *tfm);
  99. int (*init)(struct crypto_akcipher *tfm);
  100. void (*exit)(struct crypto_akcipher *tfm);
  101. unsigned int reqsize;
  102. struct crypto_alg base;
  103. };
  104. /**
  105. * DOC: Generic Public Key API
  106. *
  107. * The Public Key API is used with the algorithms of type
  108. * CRYPTO_ALG_TYPE_AKCIPHER (listed as type "akcipher" in /proc/crypto)
  109. */
  110. /**
  111. * crypto_alloc_akcipher() - allocate AKCIPHER tfm handle
  112. * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
  113. * public key algorithm e.g. "rsa"
  114. * @type: specifies the type of the algorithm
  115. * @mask: specifies the mask for the algorithm
  116. *
  117. * Allocate a handle for public key algorithm. The returned struct
  118. * crypto_akcipher is the handle that is required for any subsequent
  119. * API invocation for the public key operations.
  120. *
  121. * Return: allocated handle in case of success; IS_ERR() is true in case
  122. * of an error, PTR_ERR() returns the error code.
  123. */
  124. struct crypto_akcipher *crypto_alloc_akcipher(const char *alg_name, u32 type,
  125. u32 mask);
  126. static inline struct crypto_tfm *crypto_akcipher_tfm(
  127. struct crypto_akcipher *tfm)
  128. {
  129. return &tfm->base;
  130. }
  131. static inline struct akcipher_alg *__crypto_akcipher_alg(struct crypto_alg *alg)
  132. {
  133. return container_of(alg, struct akcipher_alg, base);
  134. }
  135. static inline struct crypto_akcipher *__crypto_akcipher_tfm(
  136. struct crypto_tfm *tfm)
  137. {
  138. return container_of(tfm, struct crypto_akcipher, base);
  139. }
  140. static inline struct akcipher_alg *crypto_akcipher_alg(
  141. struct crypto_akcipher *tfm)
  142. {
  143. return __crypto_akcipher_alg(crypto_akcipher_tfm(tfm)->__crt_alg);
  144. }
  145. static inline unsigned int crypto_akcipher_reqsize(struct crypto_akcipher *tfm)
  146. {
  147. return crypto_akcipher_alg(tfm)->reqsize;
  148. }
  149. static inline void akcipher_request_set_tfm(struct akcipher_request *req,
  150. struct crypto_akcipher *tfm)
  151. {
  152. req->base.tfm = crypto_akcipher_tfm(tfm);
  153. }
  154. static inline struct crypto_akcipher *crypto_akcipher_reqtfm(
  155. struct akcipher_request *req)
  156. {
  157. return __crypto_akcipher_tfm(req->base.tfm);
  158. }
  159. /**
  160. * crypto_free_akcipher() - free AKCIPHER tfm handle
  161. *
  162. * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
  163. */
  164. static inline void crypto_free_akcipher(struct crypto_akcipher *tfm)
  165. {
  166. crypto_destroy_tfm(tfm, crypto_akcipher_tfm(tfm));
  167. }
  168. /**
  169. * akcipher_request_alloc() - allocates public key request
  170. *
  171. * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
  172. * @gfp: allocation flags
  173. *
  174. * Return: allocated handle in case of success or NULL in case of an error.
  175. */
  176. static inline struct akcipher_request *akcipher_request_alloc(
  177. struct crypto_akcipher *tfm, gfp_t gfp)
  178. {
  179. struct akcipher_request *req;
  180. req = kmalloc(sizeof(*req) + crypto_akcipher_reqsize(tfm), gfp);
  181. if (likely(req))
  182. akcipher_request_set_tfm(req, tfm);
  183. return req;
  184. }
  185. /**
  186. * akcipher_request_free() - zeroize and free public key request
  187. *
  188. * @req: request to free
  189. */
  190. static inline void akcipher_request_free(struct akcipher_request *req)
  191. {
  192. kzfree(req);
  193. }
  194. /**
  195. * akcipher_request_set_callback() - Sets an asynchronous callback.
  196. *
  197. * Callback will be called when an asynchronous operation on a given
  198. * request is finished.
  199. *
  200. * @req: request that the callback will be set for
  201. * @flgs: specify for instance if the operation may backlog
  202. * @cmpl: callback which will be called
  203. * @data: private data used by the caller
  204. */
  205. static inline void akcipher_request_set_callback(struct akcipher_request *req,
  206. u32 flgs,
  207. crypto_completion_t cmpl,
  208. void *data)
  209. {
  210. req->base.complete = cmpl;
  211. req->base.data = data;
  212. req->base.flags = flgs;
  213. }
  214. /**
  215. * akcipher_request_set_crypt() - Sets request parameters
  216. *
  217. * Sets parameters required by crypto operation
  218. *
  219. * @req: public key request
  220. * @src: ptr to input scatter list
  221. * @dst: ptr to output scatter list
  222. * @src_len: size of the src input scatter list to be processed
  223. * @dst_len: size of the dst output scatter list
  224. */
  225. static inline void akcipher_request_set_crypt(struct akcipher_request *req,
  226. struct scatterlist *src,
  227. struct scatterlist *dst,
  228. unsigned int src_len,
  229. unsigned int dst_len)
  230. {
  231. req->src = src;
  232. req->dst = dst;
  233. req->src_len = src_len;
  234. req->dst_len = dst_len;
  235. }
  236. /**
  237. * crypto_akcipher_maxsize() - Get len for output buffer
  238. *
  239. * Function returns the dest buffer size required for a given key.
  240. * Function assumes that the key is already set in the transformation. If this
  241. * function is called without a setkey or with a failed setkey, you will end up
  242. * in a NULL dereference.
  243. *
  244. * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
  245. */
  246. static inline unsigned int crypto_akcipher_maxsize(struct crypto_akcipher *tfm)
  247. {
  248. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  249. return alg->max_size(tfm);
  250. }
  251. /**
  252. * crypto_akcipher_encrypt() - Invoke public key encrypt operation
  253. *
  254. * Function invokes the specific public key encrypt operation for a given
  255. * public key algorithm
  256. *
  257. * @req: asymmetric key request
  258. *
  259. * Return: zero on success; error code in case of error
  260. */
  261. static inline int crypto_akcipher_encrypt(struct akcipher_request *req)
  262. {
  263. struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
  264. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  265. return alg->encrypt(req);
  266. }
  267. /**
  268. * crypto_akcipher_decrypt() - Invoke public key decrypt operation
  269. *
  270. * Function invokes the specific public key decrypt operation for a given
  271. * public key algorithm
  272. *
  273. * @req: asymmetric key request
  274. *
  275. * Return: zero on success; error code in case of error
  276. */
  277. static inline int crypto_akcipher_decrypt(struct akcipher_request *req)
  278. {
  279. struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
  280. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  281. return alg->decrypt(req);
  282. }
  283. /**
  284. * crypto_akcipher_sign() - Invoke public key sign operation
  285. *
  286. * Function invokes the specific public key sign operation for a given
  287. * public key algorithm
  288. *
  289. * @req: asymmetric key request
  290. *
  291. * Return: zero on success; error code in case of error
  292. */
  293. static inline int crypto_akcipher_sign(struct akcipher_request *req)
  294. {
  295. struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
  296. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  297. return alg->sign(req);
  298. }
  299. /**
  300. * crypto_akcipher_verify() - Invoke public key verify operation
  301. *
  302. * Function invokes the specific public key verify operation for a given
  303. * public key algorithm
  304. *
  305. * @req: asymmetric key request
  306. *
  307. * Return: zero on success; error code in case of error
  308. */
  309. static inline int crypto_akcipher_verify(struct akcipher_request *req)
  310. {
  311. struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
  312. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  313. return alg->verify(req);
  314. }
  315. /**
  316. * crypto_akcipher_set_pub_key() - Invoke set public key operation
  317. *
  318. * Function invokes the algorithm specific set key function, which knows
  319. * how to decode and interpret the encoded key
  320. *
  321. * @tfm: tfm handle
  322. * @key: BER encoded public key
  323. * @keylen: length of the key
  324. *
  325. * Return: zero on success; error code in case of error
  326. */
  327. static inline int crypto_akcipher_set_pub_key(struct crypto_akcipher *tfm,
  328. const void *key,
  329. unsigned int keylen)
  330. {
  331. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  332. return alg->set_pub_key(tfm, key, keylen);
  333. }
  334. /**
  335. * crypto_akcipher_set_priv_key() - Invoke set private key operation
  336. *
  337. * Function invokes the algorithm specific set key function, which knows
  338. * how to decode and interpret the encoded key
  339. *
  340. * @tfm: tfm handle
  341. * @key: BER encoded private key
  342. * @keylen: length of the key
  343. *
  344. * Return: zero on success; error code in case of error
  345. */
  346. static inline int crypto_akcipher_set_priv_key(struct crypto_akcipher *tfm,
  347. const void *key,
  348. unsigned int keylen)
  349. {
  350. struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
  351. return alg->set_priv_key(tfm, key, keylen);
  352. }
  353. #endif