Loading...
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * Key-agreement Protocol Primitives (KPP)
4 *
5 * Copyright (c) 2016, Intel Corporation
6 * Authors: Salvatore Benedetto <salvatore.benedetto@intel.com>
7 */
8
9#ifndef _CRYPTO_KPP_
10#define _CRYPTO_KPP_
11#include <linux/crypto.h>
12
13/**
14 * struct kpp_request
15 *
16 * @base: Common attributes for async crypto requests
17 * @src: Source data
18 * @dst: Destination data
19 * @src_len: Size of the input buffer
20 * @dst_len: Size of the output buffer. It needs to be at least
21 * as big as the expected result depending on the operation
22 * After operation it will be updated with the actual size of the
23 * result. In case of error where the dst sgl size was insufficient,
24 * it will be updated to the size required for the operation.
25 * @__ctx: Start of private context data
26 */
27struct kpp_request {
28 struct crypto_async_request base;
29 struct scatterlist *src;
30 struct scatterlist *dst;
31 unsigned int src_len;
32 unsigned int dst_len;
33 void *__ctx[] CRYPTO_MINALIGN_ATTR;
34};
35
36/**
37 * struct crypto_kpp - user-instantiated object which encapsulate
38 * algorithms and core processing logic
39 *
40 * @base: Common crypto API algorithm data structure
41 */
42struct crypto_kpp {
43 struct crypto_tfm base;
44};
45
46/**
47 * struct kpp_alg - generic key-agreement protocol primitives
48 *
49 * @set_secret: Function invokes the protocol specific function to
50 * store the secret private key along with parameters.
51 * The implementation knows how to decode the buffer
52 * @generate_public_key: Function generate the public key to be sent to the
53 * counterpart. In case of error, where output is not big
54 * enough req->dst_len will be updated to the size
55 * required
56 * @compute_shared_secret: Function compute the shared secret as defined by
57 * the algorithm. The result is given back to the user.
58 * In case of error, where output is not big enough,
59 * req->dst_len will be updated to the size required
60 * @max_size: Function returns the size of the output buffer
61 * @init: Initialize the object. This is called only once at
62 * instantiation time. In case the cryptographic hardware
63 * needs to be initialized. Software fallback should be
64 * put in place here.
65 * @exit: Undo everything @init did.
66 *
67 * @reqsize: Request context size required by algorithm
68 * implementation
69 * @base: Common crypto API algorithm data structure
70 */
71struct kpp_alg {
72 int (*set_secret)(struct crypto_kpp *tfm, const void *buffer,
73 unsigned int len);
74 int (*generate_public_key)(struct kpp_request *req);
75 int (*compute_shared_secret)(struct kpp_request *req);
76
77 unsigned int (*max_size)(struct crypto_kpp *tfm);
78
79 int (*init)(struct crypto_kpp *tfm);
80 void (*exit)(struct crypto_kpp *tfm);
81
82 unsigned int reqsize;
83 struct crypto_alg base;
84};
85
86/**
87 * DOC: Generic Key-agreement Protocol Primitives API
88 *
89 * The KPP API is used with the algorithm type
90 * CRYPTO_ALG_TYPE_KPP (listed as type "kpp" in /proc/crypto)
91 */
92
93/**
94 * crypto_alloc_kpp() - allocate KPP tfm handle
95 * @alg_name: is the name of the kpp algorithm (e.g. "dh", "ecdh")
96 * @type: specifies the type of the algorithm
97 * @mask: specifies the mask for the algorithm
98 *
99 * Allocate a handle for kpp algorithm. The returned struct crypto_kpp
100 * is required for any following API invocation
101 *
102 * Return: allocated handle in case of success; IS_ERR() is true in case of
103 * an error, PTR_ERR() returns the error code.
104 */
105struct crypto_kpp *crypto_alloc_kpp(const char *alg_name, u32 type, u32 mask);
106
107static inline struct crypto_tfm *crypto_kpp_tfm(struct crypto_kpp *tfm)
108{
109 return &tfm->base;
110}
111
112static inline struct kpp_alg *__crypto_kpp_alg(struct crypto_alg *alg)
113{
114 return container_of(alg, struct kpp_alg, base);
115}
116
117static inline struct crypto_kpp *__crypto_kpp_tfm(struct crypto_tfm *tfm)
118{
119 return container_of(tfm, struct crypto_kpp, base);
120}
121
122static inline struct kpp_alg *crypto_kpp_alg(struct crypto_kpp *tfm)
123{
124 return __crypto_kpp_alg(crypto_kpp_tfm(tfm)->__crt_alg);
125}
126
127static inline unsigned int crypto_kpp_reqsize(struct crypto_kpp *tfm)
128{
129 return crypto_kpp_alg(tfm)->reqsize;
130}
131
132static inline void kpp_request_set_tfm(struct kpp_request *req,
133 struct crypto_kpp *tfm)
134{
135 req->base.tfm = crypto_kpp_tfm(tfm);
136}
137
138static inline struct crypto_kpp *crypto_kpp_reqtfm(struct kpp_request *req)
139{
140 return __crypto_kpp_tfm(req->base.tfm);
141}
142
143static inline u32 crypto_kpp_get_flags(struct crypto_kpp *tfm)
144{
145 return crypto_tfm_get_flags(crypto_kpp_tfm(tfm));
146}
147
148static inline void crypto_kpp_set_flags(struct crypto_kpp *tfm, u32 flags)
149{
150 crypto_tfm_set_flags(crypto_kpp_tfm(tfm), flags);
151}
152
153/**
154 * crypto_free_kpp() - free KPP tfm handle
155 *
156 * @tfm: KPP tfm handle allocated with crypto_alloc_kpp()
157 */
158static inline void crypto_free_kpp(struct crypto_kpp *tfm)
159{
160 crypto_destroy_tfm(tfm, crypto_kpp_tfm(tfm));
161}
162
163/**
164 * kpp_request_alloc() - allocates kpp request
165 *
166 * @tfm: KPP tfm handle allocated with crypto_alloc_kpp()
167 * @gfp: allocation flags
168 *
169 * Return: allocated handle in case of success or NULL in case of an error.
170 */
171static inline struct kpp_request *kpp_request_alloc(struct crypto_kpp *tfm,
172 gfp_t gfp)
173{
174 struct kpp_request *req;
175
176 req = kmalloc(sizeof(*req) + crypto_kpp_reqsize(tfm), gfp);
177 if (likely(req))
178 kpp_request_set_tfm(req, tfm);
179
180 return req;
181}
182
183/**
184 * kpp_request_free() - zeroize and free kpp request
185 *
186 * @req: request to free
187 */
188static inline void kpp_request_free(struct kpp_request *req)
189{
190 kzfree(req);
191}
192
193/**
194 * kpp_request_set_callback() - Sets an asynchronous callback.
195 *
196 * Callback will be called when an asynchronous operation on a given
197 * request is finished.
198 *
199 * @req: request that the callback will be set for
200 * @flgs: specify for instance if the operation may backlog
201 * @cmpl: callback which will be called
202 * @data: private data used by the caller
203 */
204static inline void kpp_request_set_callback(struct kpp_request *req,
205 u32 flgs,
206 crypto_completion_t cmpl,
207 void *data)
208{
209 req->base.complete = cmpl;
210 req->base.data = data;
211 req->base.flags = flgs;
212}
213
214/**
215 * kpp_request_set_input() - Sets input buffer
216 *
217 * Sets parameters required by generate_public_key
218 *
219 * @req: kpp request
220 * @input: ptr to input scatter list
221 * @input_len: size of the input scatter list
222 */
223static inline void kpp_request_set_input(struct kpp_request *req,
224 struct scatterlist *input,
225 unsigned int input_len)
226{
227 req->src = input;
228 req->src_len = input_len;
229}
230
231/**
232 * kpp_request_set_output() - Sets output buffer
233 *
234 * Sets parameters required by kpp operation
235 *
236 * @req: kpp request
237 * @output: ptr to output scatter list
238 * @output_len: size of the output scatter list
239 */
240static inline void kpp_request_set_output(struct kpp_request *req,
241 struct scatterlist *output,
242 unsigned int output_len)
243{
244 req->dst = output;
245 req->dst_len = output_len;
246}
247
248enum {
249 CRYPTO_KPP_SECRET_TYPE_UNKNOWN,
250 CRYPTO_KPP_SECRET_TYPE_DH,
251 CRYPTO_KPP_SECRET_TYPE_ECDH,
252};
253
254/**
255 * struct kpp_secret - small header for packing secret buffer
256 *
257 * @type: define type of secret. Each kpp type will define its own
258 * @len: specify the len of the secret, include the header, that
259 * follows the struct
260 */
261struct kpp_secret {
262 unsigned short type;
263 unsigned short len;
264};
265
266/**
267 * crypto_kpp_set_secret() - Invoke kpp operation
268 *
269 * Function invokes the specific kpp operation for a given alg.
270 *
271 * @tfm: tfm handle
272 * @buffer: Buffer holding the packet representation of the private
273 * key. The structure of the packet key depends on the particular
274 * KPP implementation. Packing and unpacking helpers are provided
275 * for ECDH and DH (see the respective header files for those
276 * implementations).
277 * @len: Length of the packet private key buffer.
278 *
279 * Return: zero on success; error code in case of error
280 */
281static inline int crypto_kpp_set_secret(struct crypto_kpp *tfm,
282 const void *buffer, unsigned int len)
283{
284 struct kpp_alg *alg = crypto_kpp_alg(tfm);
285 struct crypto_alg *calg = tfm->base.__crt_alg;
286 int ret;
287
288 crypto_stats_get(calg);
289 ret = alg->set_secret(tfm, buffer, len);
290 crypto_stats_kpp_set_secret(calg, ret);
291 return ret;
292}
293
294/**
295 * crypto_kpp_generate_public_key() - Invoke kpp operation
296 *
297 * Function invokes the specific kpp operation for generating the public part
298 * for a given kpp algorithm.
299 *
300 * To generate a private key, the caller should use a random number generator.
301 * The output of the requested length serves as the private key.
302 *
303 * @req: kpp key request
304 *
305 * Return: zero on success; error code in case of error
306 */
307static inline int crypto_kpp_generate_public_key(struct kpp_request *req)
308{
309 struct crypto_kpp *tfm = crypto_kpp_reqtfm(req);
310 struct kpp_alg *alg = crypto_kpp_alg(tfm);
311 struct crypto_alg *calg = tfm->base.__crt_alg;
312 int ret;
313
314 crypto_stats_get(calg);
315 ret = alg->generate_public_key(req);
316 crypto_stats_kpp_generate_public_key(calg, ret);
317 return ret;
318}
319
320/**
321 * crypto_kpp_compute_shared_secret() - Invoke kpp operation
322 *
323 * Function invokes the specific kpp operation for computing the shared secret
324 * for a given kpp algorithm.
325 *
326 * @req: kpp key request
327 *
328 * Return: zero on success; error code in case of error
329 */
330static inline int crypto_kpp_compute_shared_secret(struct kpp_request *req)
331{
332 struct crypto_kpp *tfm = crypto_kpp_reqtfm(req);
333 struct kpp_alg *alg = crypto_kpp_alg(tfm);
334 struct crypto_alg *calg = tfm->base.__crt_alg;
335 int ret;
336
337 crypto_stats_get(calg);
338 ret = alg->compute_shared_secret(req);
339 crypto_stats_kpp_compute_shared_secret(calg, ret);
340 return ret;
341}
342
343/**
344 * crypto_kpp_maxsize() - Get len for output buffer
345 *
346 * Function returns the output buffer size required for a given key.
347 * Function assumes that the key is already set in the transformation. If this
348 * function is called without a setkey or with a failed setkey, you will end up
349 * in a NULL dereference.
350 *
351 * @tfm: KPP tfm handle allocated with crypto_alloc_kpp()
352 */
353static inline unsigned int crypto_kpp_maxsize(struct crypto_kpp *tfm)
354{
355 struct kpp_alg *alg = crypto_kpp_alg(tfm);
356
357 return alg->max_size(tfm);
358}
359
360#endif
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * Key-agreement Protocol Primitives (KPP)
4 *
5 * Copyright (c) 2016, Intel Corporation
6 * Authors: Salvatore Benedetto <salvatore.benedetto@intel.com>
7 */
8
9#ifndef _CRYPTO_KPP_
10#define _CRYPTO_KPP_
11
12#include <linux/atomic.h>
13#include <linux/container_of.h>
14#include <linux/crypto.h>
15#include <linux/slab.h>
16
17/**
18 * struct kpp_request
19 *
20 * @base: Common attributes for async crypto requests
21 * @src: Source data
22 * @dst: Destination data
23 * @src_len: Size of the input buffer
24 * @dst_len: Size of the output buffer. It needs to be at least
25 * as big as the expected result depending on the operation
26 * After operation it will be updated with the actual size of the
27 * result. In case of error where the dst sgl size was insufficient,
28 * it will be updated to the size required for the operation.
29 * @__ctx: Start of private context data
30 */
31struct kpp_request {
32 struct crypto_async_request base;
33 struct scatterlist *src;
34 struct scatterlist *dst;
35 unsigned int src_len;
36 unsigned int dst_len;
37 void *__ctx[] CRYPTO_MINALIGN_ATTR;
38};
39
40/**
41 * struct crypto_kpp - user-instantiated object which encapsulate
42 * algorithms and core processing logic
43 *
44 * @reqsize: Request context size required by algorithm
45 * implementation
46 * @base: Common crypto API algorithm data structure
47 */
48struct crypto_kpp {
49 unsigned int reqsize;
50
51 struct crypto_tfm base;
52};
53
54/**
55 * struct kpp_alg - generic key-agreement protocol primitives
56 *
57 * @set_secret: Function invokes the protocol specific function to
58 * store the secret private key along with parameters.
59 * The implementation knows how to decode the buffer
60 * @generate_public_key: Function generate the public key to be sent to the
61 * counterpart. In case of error, where output is not big
62 * enough req->dst_len will be updated to the size
63 * required
64 * @compute_shared_secret: Function compute the shared secret as defined by
65 * the algorithm. The result is given back to the user.
66 * In case of error, where output is not big enough,
67 * req->dst_len will be updated to the size required
68 * @max_size: Function returns the size of the output buffer
69 * @init: Initialize the object. This is called only once at
70 * instantiation time. In case the cryptographic hardware
71 * needs to be initialized. Software fallback should be
72 * put in place here.
73 * @exit: Undo everything @init did.
74 *
75 * @base: Common crypto API algorithm data structure
76 */
77struct kpp_alg {
78 int (*set_secret)(struct crypto_kpp *tfm, const void *buffer,
79 unsigned int len);
80 int (*generate_public_key)(struct kpp_request *req);
81 int (*compute_shared_secret)(struct kpp_request *req);
82
83 unsigned int (*max_size)(struct crypto_kpp *tfm);
84
85 int (*init)(struct crypto_kpp *tfm);
86 void (*exit)(struct crypto_kpp *tfm);
87
88 struct crypto_alg base;
89};
90
91/**
92 * DOC: Generic Key-agreement Protocol Primitives API
93 *
94 * The KPP API is used with the algorithm type
95 * CRYPTO_ALG_TYPE_KPP (listed as type "kpp" in /proc/crypto)
96 */
97
98/**
99 * crypto_alloc_kpp() - allocate KPP tfm handle
100 * @alg_name: is the name of the kpp algorithm (e.g. "dh", "ecdh")
101 * @type: specifies the type of the algorithm
102 * @mask: specifies the mask for the algorithm
103 *
104 * Allocate a handle for kpp algorithm. The returned struct crypto_kpp
105 * is required for any following API invocation
106 *
107 * Return: allocated handle in case of success; IS_ERR() is true in case of
108 * an error, PTR_ERR() returns the error code.
109 */
110struct crypto_kpp *crypto_alloc_kpp(const char *alg_name, u32 type, u32 mask);
111
112int crypto_has_kpp(const char *alg_name, u32 type, u32 mask);
113
114static inline struct crypto_tfm *crypto_kpp_tfm(struct crypto_kpp *tfm)
115{
116 return &tfm->base;
117}
118
119static inline struct kpp_alg *__crypto_kpp_alg(struct crypto_alg *alg)
120{
121 return container_of(alg, struct kpp_alg, base);
122}
123
124static inline struct crypto_kpp *__crypto_kpp_tfm(struct crypto_tfm *tfm)
125{
126 return container_of(tfm, struct crypto_kpp, base);
127}
128
129static inline struct kpp_alg *crypto_kpp_alg(struct crypto_kpp *tfm)
130{
131 return __crypto_kpp_alg(crypto_kpp_tfm(tfm)->__crt_alg);
132}
133
134static inline unsigned int crypto_kpp_reqsize(struct crypto_kpp *tfm)
135{
136 return tfm->reqsize;
137}
138
139static inline void kpp_request_set_tfm(struct kpp_request *req,
140 struct crypto_kpp *tfm)
141{
142 req->base.tfm = crypto_kpp_tfm(tfm);
143}
144
145static inline struct crypto_kpp *crypto_kpp_reqtfm(struct kpp_request *req)
146{
147 return __crypto_kpp_tfm(req->base.tfm);
148}
149
150static inline u32 crypto_kpp_get_flags(struct crypto_kpp *tfm)
151{
152 return crypto_tfm_get_flags(crypto_kpp_tfm(tfm));
153}
154
155static inline void crypto_kpp_set_flags(struct crypto_kpp *tfm, u32 flags)
156{
157 crypto_tfm_set_flags(crypto_kpp_tfm(tfm), flags);
158}
159
160/**
161 * crypto_free_kpp() - free KPP tfm handle
162 *
163 * @tfm: KPP tfm handle allocated with crypto_alloc_kpp()
164 *
165 * If @tfm is a NULL or error pointer, this function does nothing.
166 */
167static inline void crypto_free_kpp(struct crypto_kpp *tfm)
168{
169 crypto_destroy_tfm(tfm, crypto_kpp_tfm(tfm));
170}
171
172/**
173 * kpp_request_alloc() - allocates kpp request
174 *
175 * @tfm: KPP tfm handle allocated with crypto_alloc_kpp()
176 * @gfp: allocation flags
177 *
178 * Return: allocated handle in case of success or NULL in case of an error.
179 */
180static inline struct kpp_request *kpp_request_alloc(struct crypto_kpp *tfm,
181 gfp_t gfp)
182{
183 struct kpp_request *req;
184
185 req = kmalloc(sizeof(*req) + crypto_kpp_reqsize(tfm), gfp);
186 if (likely(req))
187 kpp_request_set_tfm(req, tfm);
188
189 return req;
190}
191
192/**
193 * kpp_request_free() - zeroize and free kpp request
194 *
195 * @req: request to free
196 */
197static inline void kpp_request_free(struct kpp_request *req)
198{
199 kfree_sensitive(req);
200}
201
202/**
203 * kpp_request_set_callback() - Sets an asynchronous callback.
204 *
205 * Callback will be called when an asynchronous operation on a given
206 * request is finished.
207 *
208 * @req: request that the callback will be set for
209 * @flgs: specify for instance if the operation may backlog
210 * @cmpl: callback which will be called
211 * @data: private data used by the caller
212 */
213static inline void kpp_request_set_callback(struct kpp_request *req,
214 u32 flgs,
215 crypto_completion_t cmpl,
216 void *data)
217{
218 req->base.complete = cmpl;
219 req->base.data = data;
220 req->base.flags = flgs;
221}
222
223/**
224 * kpp_request_set_input() - Sets input buffer
225 *
226 * Sets parameters required by generate_public_key
227 *
228 * @req: kpp request
229 * @input: ptr to input scatter list
230 * @input_len: size of the input scatter list
231 */
232static inline void kpp_request_set_input(struct kpp_request *req,
233 struct scatterlist *input,
234 unsigned int input_len)
235{
236 req->src = input;
237 req->src_len = input_len;
238}
239
240/**
241 * kpp_request_set_output() - Sets output buffer
242 *
243 * Sets parameters required by kpp operation
244 *
245 * @req: kpp request
246 * @output: ptr to output scatter list
247 * @output_len: size of the output scatter list
248 */
249static inline void kpp_request_set_output(struct kpp_request *req,
250 struct scatterlist *output,
251 unsigned int output_len)
252{
253 req->dst = output;
254 req->dst_len = output_len;
255}
256
257enum {
258 CRYPTO_KPP_SECRET_TYPE_UNKNOWN,
259 CRYPTO_KPP_SECRET_TYPE_DH,
260 CRYPTO_KPP_SECRET_TYPE_ECDH,
261};
262
263/**
264 * struct kpp_secret - small header for packing secret buffer
265 *
266 * @type: define type of secret. Each kpp type will define its own
267 * @len: specify the len of the secret, include the header, that
268 * follows the struct
269 */
270struct kpp_secret {
271 unsigned short type;
272 unsigned short len;
273};
274
275/**
276 * crypto_kpp_set_secret() - Invoke kpp operation
277 *
278 * Function invokes the specific kpp operation for a given alg.
279 *
280 * @tfm: tfm handle
281 * @buffer: Buffer holding the packet representation of the private
282 * key. The structure of the packet key depends on the particular
283 * KPP implementation. Packing and unpacking helpers are provided
284 * for ECDH and DH (see the respective header files for those
285 * implementations).
286 * @len: Length of the packet private key buffer.
287 *
288 * Return: zero on success; error code in case of error
289 */
290static inline int crypto_kpp_set_secret(struct crypto_kpp *tfm,
291 const void *buffer, unsigned int len)
292{
293 return crypto_kpp_alg(tfm)->set_secret(tfm, buffer, len);
294}
295
296/**
297 * crypto_kpp_generate_public_key() - Invoke kpp operation
298 *
299 * Function invokes the specific kpp operation for generating the public part
300 * for a given kpp algorithm.
301 *
302 * To generate a private key, the caller should use a random number generator.
303 * The output of the requested length serves as the private key.
304 *
305 * @req: kpp key request
306 *
307 * Return: zero on success; error code in case of error
308 */
309static inline int crypto_kpp_generate_public_key(struct kpp_request *req)
310{
311 struct crypto_kpp *tfm = crypto_kpp_reqtfm(req);
312
313 return crypto_kpp_alg(tfm)->generate_public_key(req);
314}
315
316/**
317 * crypto_kpp_compute_shared_secret() - Invoke kpp operation
318 *
319 * Function invokes the specific kpp operation for computing the shared secret
320 * for a given kpp algorithm.
321 *
322 * @req: kpp key request
323 *
324 * Return: zero on success; error code in case of error
325 */
326static inline int crypto_kpp_compute_shared_secret(struct kpp_request *req)
327{
328 struct crypto_kpp *tfm = crypto_kpp_reqtfm(req);
329
330 return crypto_kpp_alg(tfm)->compute_shared_secret(req);
331}
332
333/**
334 * crypto_kpp_maxsize() - Get len for output buffer
335 *
336 * Function returns the output buffer size required for a given key.
337 * Function assumes that the key is already set in the transformation. If this
338 * function is called without a setkey or with a failed setkey, you will end up
339 * in a NULL dereference.
340 *
341 * @tfm: KPP tfm handle allocated with crypto_alloc_kpp()
342 */
343static inline unsigned int crypto_kpp_maxsize(struct crypto_kpp *tfm)
344{
345 struct kpp_alg *alg = crypto_kpp_alg(tfm);
346
347 return alg->max_size(tfm);
348}
349
350#endif