diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2015-05-21 10:11:08 +0300 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2015-05-22 06:25:54 +0300 |
commit | 63293c61133447249d7e5b49d333f68825d30e43 (patch) | |
tree | 5525d14473d05acf8eb38b8f8e0b8f33acec399f /include/crypto/aead.h | |
parent | 56fcf73a29007aa7bec2e3fc5da2962f3f72d610 (diff) | |
download | linux-63293c61133447249d7e5b49d333f68825d30e43.tar.xz |
crypto: aead - Add support for new AEAD implementations
This patch adds the basic structure of the new AEAD type. Unlike
the current version, there is no longer any concept of geniv. IV
generation will still be carried out by wrappers but they will be
normal AEAD algorithms that simply take the IPsec sequence number
as the IV.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/crypto/aead.h')
-rw-r--r-- | include/crypto/aead.h | 44 |
1 files changed, 42 insertions, 2 deletions
diff --git a/include/crypto/aead.h b/include/crypto/aead.h index aebf57dfb903..177e6f46e2bb 100644 --- a/include/crypto/aead.h +++ b/include/crypto/aead.h @@ -17,8 +17,6 @@ #include <linux/kernel.h> #include <linux/slab.h> -#define aead_alg old_aead_alg - /** * DOC: Authenticated Encryption With Associated Data (AEAD) Cipher API * @@ -92,7 +90,48 @@ struct aead_givcrypt_request { struct aead_request areq; }; +/** + * struct aead_alg - AEAD cipher definition + * @maxauthsize: Set the maximum authentication tag size supported by the + * transformation. A transformation may support smaller tag sizes. + * As the authentication tag is a message digest to ensure the + * integrity of the encrypted data, a consumer typically wants the + * largest authentication tag possible as defined by this + * variable. + * @setauthsize: Set authentication size for the AEAD transformation. This + * function is used to specify the consumer requested size of the + * authentication tag to be either generated by the transformation + * during encryption or the size of the authentication tag to be + * supplied during the decryption operation. This function is also + * responsible for checking the authentication tag size for + * validity. + * @setkey: see struct ablkcipher_alg + * @encrypt: see struct ablkcipher_alg + * @decrypt: see struct ablkcipher_alg + * @geniv: see struct ablkcipher_alg + * @ivsize: see struct ablkcipher_alg + * + * All fields except @ivsize is mandatory and must be filled. + */ +struct aead_alg { + int (*setkey)(struct crypto_aead *tfm, const u8 *key, + unsigned int keylen); + int (*setauthsize)(struct crypto_aead *tfm, unsigned int authsize); + int (*encrypt)(struct aead_request *req); + int (*decrypt)(struct aead_request *req); + + const char *geniv; + + unsigned int ivsize; + unsigned int maxauthsize; + + struct crypto_alg base; +}; + struct crypto_aead { + int (*setkey)(struct crypto_aead *tfm, const u8 *key, + unsigned int keylen); + int (*setauthsize)(struct crypto_aead *tfm, unsigned int authsize); int (*encrypt)(struct aead_request *req); int (*decrypt)(struct aead_request *req); int (*givencrypt)(struct aead_givcrypt_request *req); @@ -102,6 +141,7 @@ struct crypto_aead { unsigned int ivsize; unsigned int authsize; + unsigned int maxauthsize; unsigned int reqsize; struct crypto_tfm base; |