include/crypto/akcipher.h

   1 /*
   2  * Public Key Encryption
   3  *
   4  * Copyright (c) 2015, Intel Corporation
   5  * Authors: Tadeusz Struk <tadeusz.struk@intel.com>
   6  *
   7  * This program is free software; you can redistribute it and/or modify it
   8  * under the terms of the GNU General Public License as published by the Free
   9  * Software Foundation; either version 2 of the License, or (at your option)
  10  * any later version.
  11  *
  12  */
  13 #ifndef _CRYPTO_AKCIPHER_H
  14 #define _CRYPTO_AKCIPHER_H
  15 #include <linux/crypto.h>
  16
  17 /**
  18  * struct akcipher_request - public key request
  19  *
  20  * @base:       Common attributes for async crypto requests
  21  * @src:        Source data
  22  * @dst:        Destination data
  23  * @src_len:    Size of the input buffer
  24  * @dst_len:    Size of the output buffer. It needs to be at least
  25  *              as big as the expected result depending on the operation
  26  *              After operation it will be updated with the actual size of the
  27  *              result.
  28  *              In case of error where the dst sgl size was insufficient,
  29  *              it will be updated to the size required for the operation.
  30  * @__ctx:      Start of private context data
  31  */
  32 struct akcipher_request {
  33         struct crypto_async_request base;
  34         struct scatterlist *src;
  35         struct scatterlist *dst;
  36         unsigned int src_len;
  37         unsigned int dst_len;
  38         void *__ctx[] CRYPTO_MINALIGN_ATTR;
  39 };
  40
  41 /**
  42  * struct crypto_akcipher - user-instantiated objects which encapsulate
  43  * algorithms and core processing logic
  44  *
  45  * @base:       Common crypto API algorithm data structure
  46  */
  47 struct crypto_akcipher {
  48         struct crypto_tfm base;
  49 };
  50
  51 /**
  52  * struct akcipher_alg - generic public key algorithm
  53  *
  54  * @sign:       Function performs a sign operation as defined by public key
  55  *              algorithm. In case of error, where the dst_len was insufficient,
  56  *              the req->dst_len will be updated to the size required for the
  57  *              operation
  58  * @verify:     Function performs a sign operation as defined by public key
  59  *              algorithm. In case of error, where the dst_len was insufficient,
  60  *              the req->dst_len will be updated to the size required for the
  61  *              operation
  62  * @encrypt:    Function performs an encrypt operation as defined by public key
  63  *              algorithm. In case of error, where the dst_len was insufficient,
  64  *              the req->dst_len will be updated to the size required for the
  65  *              operation
  66  * @decrypt:    Function performs a decrypt operation as defined by public key
  67  *              algorithm. In case of error, where the dst_len was insufficient,
  68  *              the req->dst_len will be updated to the size required for the
  69  *              operation
  70  * @set_pub_key: Function invokes the algorithm specific set public key
  71  *              function, which knows how to decode and interpret
  72  *              the BER encoded public key
  73  * @set_priv_key: Function invokes the algorithm specific set private key
  74  *              function, which knows how to decode and interpret
  75  *              the BER encoded private key
  76  * @max_size:   Function returns dest buffer size required for a given key.
  77  * @init:       Initialize the cryptographic transformation object.
  78  *              This function is used to initialize the cryptographic
  79  *              transformation object. This function is called only once at
  80  *              the instantiation time, right after the transformation context
  81  *              was allocated. In case the cryptographic hardware has some
  82  *              special requirements which need to be handled by software, this
  83  *              function shall check for the precise requirement of the
  84  *              transformation and put any software fallbacks in place.
  85  * @exit:       Deinitialize the cryptographic transformation object. This is a
  86  *              counterpart to @init, used to remove various changes set in
  87  *              @init.
  88  *
  89  * @reqsize:    Request context size required by algorithm implementation
  90  * @base:       Common crypto API algorithm data structure
  91  */
  92 struct akcipher_alg {
  93         int (*sign)(struct akcipher_request *req);
  94         int (*verify)(struct akcipher_request *req);
  95         int (*encrypt)(struct akcipher_request *req);
  96         int (*decrypt)(struct akcipher_request *req);
  97         int (*set_pub_key)(struct crypto_akcipher *tfm, const void *key,
  98                            unsigned int keylen);
  99         int (*set_priv_key)(struct crypto_akcipher *tfm, const void *key,
 100                             unsigned int keylen);
 101         unsigned int (*max_size)(struct crypto_akcipher *tfm);
 102         int (*init)(struct crypto_akcipher *tfm);
 103         void (*exit)(struct crypto_akcipher *tfm);
 104
 105         unsigned int reqsize;
 106         struct crypto_alg base;
 107 };
 108
 109 /**
 110  * DOC: Generic Public Key API
 111  *
 112  * The Public Key API is used with the algorithms of type
 113  * CRYPTO_ALG_TYPE_AKCIPHER (listed as type "akcipher" in /proc/crypto)
 114  */
 115
 116 /**
 117  * crypto_alloc_akcipher() - allocate AKCIPHER tfm handle
 118  * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
 119  *            public key algorithm e.g. "rsa"
 120  * @type: specifies the type of the algorithm
 121  * @mask: specifies the mask for the algorithm
 122  *
 123  * Allocate a handle for public key algorithm. The returned struct
 124  * crypto_akcipher is the handle that is required for any subsequent
 125  * API invocation for the public key operations.
 126  *
 127  * Return: allocated handle in case of success; IS_ERR() is true in case
 128  *         of an error, PTR_ERR() returns the error code.
 129  */
 130 struct crypto_akcipher *crypto_alloc_akcipher(const char *alg_name, u32 type,
 131                                               u32 mask);
 132
 133 static inline struct crypto_tfm *crypto_akcipher_tfm(
 134         struct crypto_akcipher *tfm)
 135 {
 136         return &tfm->base;
 137 }
 138
 139 static inline struct akcipher_alg *__crypto_akcipher_alg(struct crypto_alg *alg)
 140 {
 141         return container_of(alg, struct akcipher_alg, base);
 142 }
 143
 144 static inline struct crypto_akcipher *__crypto_akcipher_tfm(
 145         struct crypto_tfm *tfm)
 146 {
 147         return container_of(tfm, struct crypto_akcipher, base);
 148 }
 149
 150 static inline struct akcipher_alg *crypto_akcipher_alg(
 151         struct crypto_akcipher *tfm)
 152 {
 153         return __crypto_akcipher_alg(crypto_akcipher_tfm(tfm)->__crt_alg);
 154 }
 155
 156 static inline unsigned int crypto_akcipher_reqsize(struct crypto_akcipher *tfm)
 157 {
 158         return crypto_akcipher_alg(tfm)->reqsize;
 159 }
 160
 161 static inline void akcipher_request_set_tfm(struct akcipher_request *req,
 162                                             struct crypto_akcipher *tfm)
 163 {
 164         req->base.tfm = crypto_akcipher_tfm(tfm);
 165 }
 166
 167 static inline struct crypto_akcipher *crypto_akcipher_reqtfm(
 168         struct akcipher_request *req)
 169 {
 170         return __crypto_akcipher_tfm(req->base.tfm);
 171 }
 172
 173 /**
 174  * crypto_free_akcipher() - free AKCIPHER tfm handle
 175  *
 176  * @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
 177  */
 178 static inline void crypto_free_akcipher(struct crypto_akcipher *tfm)
 179 {
 180         crypto_destroy_tfm(tfm, crypto_akcipher_tfm(tfm));
 181 }
 182
 183 /**
 184  * akcipher_request_alloc() - allocates public key request
 185  *
 186  * @tfm:        AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
 187  * @gfp:        allocation flags
 188  *
 189  * Return: allocated handle in case of success or NULL in case of an error.
 190  */
 191 static inline struct akcipher_request *akcipher_request_alloc(
 192         struct crypto_akcipher *tfm, gfp_t gfp)
 193 {
 194         struct akcipher_request *req;
 195
 196         req = kmalloc(sizeof(*req) + crypto_akcipher_reqsize(tfm), gfp);
 197         if (likely(req))
 198                 akcipher_request_set_tfm(req, tfm);
 199
 200         return req;
 201 }
 202
 203 /**
 204  * akcipher_request_free() - zeroize and free public key request
 205  *
 206  * @req:        request to free
 207  */
 208 static inline void akcipher_request_free(struct akcipher_request *req)
 209 {
 210         kzfree(req);
 211 }
 212
 213 /**
 214  * akcipher_request_set_callback() - Sets an asynchronous callback.
 215  *
 216  * Callback will be called when an asynchronous operation on a given
 217  * request is finished.
 218  *
 219  * @req:        request that the callback will be set for
 220  * @flgs:       specify for instance if the operation may backlog
 221  * @cmpl:       callback which will be called
 222  * @data:       private data used by the caller
 223  */
 224 static inline void akcipher_request_set_callback(struct akcipher_request *req,
 225                                                  u32 flgs,
 226                                                  crypto_completion_t cmpl,
 227                                                  void *data)
 228 {
 229         req->base.complete = cmpl;
 230         req->base.data = data;
 231         req->base.flags = flgs;
 232 }
 233
 234 /**
 235  * akcipher_request_set_crypt() - Sets request parameters
 236  *
 237  * Sets parameters required by crypto operation
 238  *
 239  * @req:        public key request
 240  * @src:        ptr to input scatter list
 241  * @dst:        ptr to output scatter list
 242  * @src_len:    size of the src input scatter list to be processed
 243  * @dst_len:    size of the dst output scatter list
 244  */
 245 static inline void akcipher_request_set_crypt(struct akcipher_request *req,
 246                                               struct scatterlist *src,
 247                                               struct scatterlist *dst,
 248                                               unsigned int src_len,
 249                                               unsigned int dst_len)
 250 {
 251         req->src = src;
 252         req->dst = dst;
 253         req->src_len = src_len;
 254         req->dst_len = dst_len;
 255 }
 256
 257 /**
 258  * crypto_akcipher_maxsize() - Get len for output buffer
 259  *
 260  * Function returns the dest buffer size required for a given key.
 261  * Function assumes that the key is already set in the transformation. If this
 262  * function is called without a setkey or with a failed setkey, you will end up
 263  * in a NULL dereference.
 264  *
 265  * @tfm:        AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
 266  */
 267 static inline unsigned int crypto_akcipher_maxsize(struct crypto_akcipher *tfm)
 268 {
 269         struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
 270
 271         return alg->max_size(tfm);
 272 }
 273
 274 /**
 275  * crypto_akcipher_encrypt() - Invoke public key encrypt operation
 276  *
 277  * Function invokes the specific public key encrypt operation for a given
 278  * public key algorithm
 279  *
 280  * @req:        asymmetric key request
 281  *
 282  * Return: zero on success; error code in case of error
 283  */
 284 static inline int crypto_akcipher_encrypt(struct akcipher_request *req)
 285 {
 286         struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
 287         struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
 288
 289         return alg->encrypt(req);
 290 }
 291
 292 /**
 293  * crypto_akcipher_decrypt() - Invoke public key decrypt operation
 294  *
 295  * Function invokes the specific public key decrypt operation for a given
 296  * public key algorithm
 297  *
 298  * @req:        asymmetric key request
 299  *
 300  * Return: zero on success; error code in case of error
 301  */
 302 static inline int crypto_akcipher_decrypt(struct akcipher_request *req)
 303 {
 304         struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
 305         struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
 306
 307         return alg->decrypt(req);
 308 }
 309
 310 /**
 311  * crypto_akcipher_sign() - Invoke public key sign operation
 312  *
 313  * Function invokes the specific public key sign operation for a given
 314  * public key algorithm
 315  *
 316  * @req:        asymmetric key request
 317  *
 318  * Return: zero on success; error code in case of error
 319  */
 320 static inline int crypto_akcipher_sign(struct akcipher_request *req)
 321 {
 322         struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
 323         struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
 324
 325         return alg->sign(req);
 326 }
 327
 328 /**
 329  * crypto_akcipher_verify() - Invoke public key verify operation
 330  *
 331  * Function invokes the specific public key verify operation for a given
 332  * public key algorithm
 333  *
 334  * @req:        asymmetric key request
 335  *
 336  * Return: zero on success; error code in case of error
 337  */
 338 static inline int crypto_akcipher_verify(struct akcipher_request *req)
 339 {
 340         struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
 341         struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
 342
 343         return alg->verify(req);
 344 }
 345
 346 /**
 347  * crypto_akcipher_set_pub_key() - Invoke set public key operation
 348  *
 349  * Function invokes the algorithm specific set key function, which knows
 350  * how to decode and interpret the encoded key
 351  *
 352  * @tfm:        tfm handle
 353  * @key:        BER encoded public key
 354  * @keylen:     length of the key
 355  *
 356  * Return: zero on success; error code in case of error
 357  */
 358 static inline int crypto_akcipher_set_pub_key(struct crypto_akcipher *tfm,
 359                                               const void *key,
 360                                               unsigned int keylen)
 361 {
 362         struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
 363
 364         return alg->set_pub_key(tfm, key, keylen);
 365 }
 366
 367 /**
 368  * crypto_akcipher_set_priv_key() - Invoke set private key operation
 369  *
 370  * Function invokes the algorithm specific set key function, which knows
 371  * how to decode and interpret the encoded key
 372  *
 373  * @tfm:        tfm handle
 374  * @key:        BER encoded private key
 375  * @keylen:     length of the key
 376  *
 377  * Return: zero on success; error code in case of error
 378  */
 379 static inline int crypto_akcipher_set_priv_key(struct crypto_akcipher *tfm,
 380                                                const void *key,
 381                                                unsigned int keylen)
 382 {
 383         struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
 384
 385         return alg->set_priv_key(tfm, key, keylen);
 386 }
 387 #endif