summaryrefslogtreecommitdiffstats
path: root/include/linux/crypto.h
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2007-12-17 21:51:27 +0800
committerHerbert Xu <herbert@gondor.apana.org.au>2008-01-11 08:16:43 +1100
commit61da88e2b800eed2b03834a73c46cc89ad48716d (patch)
tree00926f29041a08feefe379f2ce164099d7f82f45 /include/linux/crypto.h
parent378f4f51f9fdd8df80ea875320e2bf1d7c6e6e77 (diff)
downloadop-kernel-dev-61da88e2b800eed2b03834a73c46cc89ad48716d.zip
op-kernel-dev-61da88e2b800eed2b03834a73c46cc89ad48716d.tar.gz
[CRYPTO] skcipher: Add givcrypt operations and givcipher type
Different block cipher modes have different requirements for intialisation vectors. For example, CBC can use a simple randomly generated IV while modes such as CTR must use an IV generation mechanisms that give a stronger guarantee on the lack of collisions. Furthermore, disk encryption modes have their own IV generation algorithms. Up until now IV generation has been left to the users of the symmetric key cipher API. This is inconvenient as the number of block cipher modes increase because the user needs to be aware of which mode is supposed to be paired with which IV generation algorithm. Therefore it makes sense to integrate the IV generation into the crypto API. This patch takes the first step in that direction by creating two new ablkcipher operations, givencrypt and givdecrypt that generates an IV before performing the actual encryption or decryption. The operations are currently not exposed to the user. That will be done once the underlying functionality has actually been implemented. It also creates the underlying givcipher type. Algorithms that directly generate IVs would use it instead of ablkcipher. All other algorithms (including all existing ones) would generate a givcipher algorithm upon registration. This givcipher algorithm will be constructed from the geniv string that's stored in every algorithm. That string will locate a template which is instantiated by the blkcipher/ablkcipher algorithm in question to give a givcipher algorithm. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/linux/crypto.h')
-rw-r--r--include/linux/crypto.h7
1 files changed, 7 insertions, 0 deletions
diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index d6962b4..3656a24e 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -34,6 +34,7 @@
#define CRYPTO_ALG_TYPE_HASH 0x00000003
#define CRYPTO_ALG_TYPE_BLKCIPHER 0x00000004
#define CRYPTO_ALG_TYPE_ABLKCIPHER 0x00000005
+#define CRYPTO_ALG_TYPE_GIVCIPHER 0x00000006
#define CRYPTO_ALG_TYPE_COMPRESS 0x00000008
#define CRYPTO_ALG_TYPE_AEAD 0x00000009
@@ -99,6 +100,7 @@ struct crypto_blkcipher;
struct crypto_hash;
struct crypto_tfm;
struct crypto_type;
+struct skcipher_givcrypt_request;
typedef void (*crypto_completion_t)(struct crypto_async_request *req, int err);
@@ -178,6 +180,8 @@ struct ablkcipher_alg {
unsigned int keylen);
int (*encrypt)(struct ablkcipher_request *req);
int (*decrypt)(struct ablkcipher_request *req);
+ int (*givencrypt)(struct skcipher_givcrypt_request *req);
+ int (*givdecrypt)(struct skcipher_givcrypt_request *req);
unsigned int min_keysize;
unsigned int max_keysize;
@@ -320,6 +324,9 @@ struct ablkcipher_tfm {
unsigned int keylen);
int (*encrypt)(struct ablkcipher_request *req);
int (*decrypt)(struct ablkcipher_request *req);
+ int (*givencrypt)(struct skcipher_givcrypt_request *req);
+ int (*givdecrypt)(struct skcipher_givcrypt_request *req);
+
unsigned int ivsize;
unsigned int reqsize;
};
OpenPOWER on IntegriCloud