aboutsummaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/crypto/algapi.h156
-rw-r--r--include/crypto/twofish.h22
-rw-r--r--include/linux/crypto.h689
-rw-r--r--include/linux/scatterlist.h4
-rw-r--r--include/linux/sunrpc/gss_krb5.h19
-rw-r--r--include/linux/sunrpc/gss_spkm3.h4
-rw-r--r--include/net/ah.h30
-rw-r--r--include/net/esp.h31
-rw-r--r--include/net/ipcomp.h5
-rw-r--r--include/net/sctp/constants.h4
-rw-r--r--include/net/sctp/sctp.h11
-rw-r--r--include/net/sctp/structs.h3
-rw-r--r--include/net/xfrm.h12
13 files changed, 851 insertions, 139 deletions
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
new file mode 100644
index 00000000000..5748aecdb41
--- /dev/null
+++ b/include/crypto/algapi.h
@@ -0,0 +1,156 @@
+/*
+ * Cryptographic API for algorithms (i.e., low-level API).
+ *
+ * Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; either version 2 of the License, or (at your option)
+ * any later version.
+ *
+ */
+#ifndef _CRYPTO_ALGAPI_H
+#define _CRYPTO_ALGAPI_H
+
+#include <linux/crypto.h>
+
+struct module;
+struct seq_file;
+
+struct crypto_type {
+ unsigned int (*ctxsize)(struct crypto_alg *alg);
+ int (*init)(struct crypto_tfm *tfm);
+ void (*exit)(struct crypto_tfm *tfm);
+ void (*show)(struct seq_file *m, struct crypto_alg *alg);
+};
+
+struct crypto_instance {
+ struct crypto_alg alg;
+
+ struct crypto_template *tmpl;
+ struct hlist_node list;
+
+ void *__ctx[] CRYPTO_MINALIGN_ATTR;
+};
+
+struct crypto_template {
+ struct list_head list;
+ struct hlist_head instances;
+ struct module *module;
+
+ struct crypto_instance *(*alloc)(void *param, unsigned int len);
+ void (*free)(struct crypto_instance *inst);
+
+ char name[CRYPTO_MAX_ALG_NAME];
+};
+
+struct crypto_spawn {
+ struct list_head list;
+ struct crypto_alg *alg;
+ struct crypto_instance *inst;
+};
+
+struct scatter_walk {
+ struct scatterlist *sg;
+ unsigned int offset;
+};
+
+struct blkcipher_walk {
+ union {
+ struct {
+ struct page *page;
+ unsigned long offset;
+ } phys;
+
+ struct {
+ u8 *page;
+ u8 *addr;
+ } virt;
+ } src, dst;
+
+ struct scatter_walk in;
+ unsigned int nbytes;
+
+ struct scatter_walk out;
+ unsigned int total;
+
+ void *page;
+ u8 *buffer;
+ u8 *iv;
+
+ int flags;
+};
+
+extern const struct crypto_type crypto_blkcipher_type;
+extern const struct crypto_type crypto_hash_type;
+
+void crypto_mod_put(struct crypto_alg *alg);
+
+int crypto_register_template(struct crypto_template *tmpl);
+void crypto_unregister_template(struct crypto_template *tmpl);
+struct crypto_template *crypto_lookup_template(const char *name);
+
+int crypto_init_spawn(struct crypto_spawn *spawn, struct crypto_alg *alg,
+ struct crypto_instance *inst);
+void crypto_drop_spawn(struct crypto_spawn *spawn);
+struct crypto_tfm *crypto_spawn_tfm(struct crypto_spawn *spawn);
+
+struct crypto_alg *crypto_get_attr_alg(void *param, unsigned int len,
+ u32 type, u32 mask);
+struct crypto_instance *crypto_alloc_instance(const char *name,
+ struct crypto_alg *alg);
+
+int blkcipher_walk_done(struct blkcipher_desc *desc,
+ struct blkcipher_walk *walk, int err);
+int blkcipher_walk_virt(struct blkcipher_desc *desc,
+ struct blkcipher_walk *walk);
+int blkcipher_walk_phys(struct blkcipher_desc *desc,
+ struct blkcipher_walk *walk);
+
+static inline void *crypto_tfm_ctx_aligned(struct crypto_tfm *tfm)
+{
+ unsigned long addr = (unsigned long)crypto_tfm_ctx(tfm);
+ unsigned long align = crypto_tfm_alg_alignmask(tfm);
+
+ if (align <= crypto_tfm_ctx_alignment())
+ align = 1;
+ return (void *)ALIGN(addr, align);
+}
+
+static inline void *crypto_instance_ctx(struct crypto_instance *inst)
+{
+ return inst->__ctx;
+}
+
+static inline void *crypto_blkcipher_ctx(struct crypto_blkcipher *tfm)
+{
+ return crypto_tfm_ctx(&tfm->base);
+}
+
+static inline void *crypto_blkcipher_ctx_aligned(struct crypto_blkcipher *tfm)
+{
+ return crypto_tfm_ctx_aligned(&tfm->base);
+}
+
+static inline struct cipher_alg *crypto_cipher_alg(struct crypto_cipher *tfm)
+{
+ return &crypto_cipher_tfm(tfm)->__crt_alg->cra_cipher;
+}
+
+static inline void *crypto_hash_ctx_aligned(struct crypto_hash *tfm)
+{
+ return crypto_tfm_ctx_aligned(&tfm->base);
+}
+
+static inline void blkcipher_walk_init(struct blkcipher_walk *walk,
+ struct scatterlist *dst,
+ struct scatterlist *src,
+ unsigned int nbytes)
+{
+ walk->in.sg = src;
+ walk->out.sg = dst;
+ walk->total = nbytes;
+}
+
+#endif /* _CRYPTO_ALGAPI_H */
+
diff --git a/include/crypto/twofish.h b/include/crypto/twofish.h
new file mode 100644
index 00000000000..c408522595c
--- /dev/null
+++ b/include/crypto/twofish.h
@@ -0,0 +1,22 @@
+#ifndef _CRYPTO_TWOFISH_H
+#define _CRYPTO_TWOFISH_H
+
+#include <linux/types.h>
+
+#define TF_MIN_KEY_SIZE 16
+#define TF_MAX_KEY_SIZE 32
+#define TF_BLOCK_SIZE 16
+
+struct crypto_tfm;
+
+/* Structure for an expanded Twofish key. s contains the key-dependent
+ * S-boxes composed with the MDS matrix; w contains the eight "whitening"
+ * subkeys, K[0] through K[7]. k holds the remaining, "round" subkeys. Note
+ * that k[i] corresponds to what the Twofish paper calls K[i+8]. */
+struct twofish_ctx {
+ u32 s[4][256], w[8], k[32];
+};
+
+int twofish_setkey(struct crypto_tfm *tfm, const u8 *key, unsigned int key_len);
+
+#endif
diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index 7f946241b87..8f2ffa4caab 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -17,20 +17,36 @@
#ifndef _LINUX_CRYPTO_H
#define _LINUX_CRYPTO_H
+#include <asm/atomic.h>
#include <linux/module.h>
#include <linux/kernel.h>
-#include <linux/types.h>
#include <linux/list.h>
+#include <linux/slab.h>
#include <linux/string.h>
-#include <asm/page.h>
+#include <linux/uaccess.h>
/*
* Algorithm masks and types.
*/
-#define CRYPTO_ALG_TYPE_MASK 0x000000ff
+#define CRYPTO_ALG_TYPE_MASK 0x0000000f
#define CRYPTO_ALG_TYPE_CIPHER 0x00000001
#define CRYPTO_ALG_TYPE_DIGEST 0x00000002
-#define CRYPTO_ALG_TYPE_COMPRESS 0x00000004
+#define CRYPTO_ALG_TYPE_HASH 0x00000003
+#define CRYPTO_ALG_TYPE_BLKCIPHER 0x00000004
+#define CRYPTO_ALG_TYPE_COMPRESS 0x00000005
+
+#define CRYPTO_ALG_TYPE_HASH_MASK 0x0000000e
+
+#define CRYPTO_ALG_LARVAL 0x00000010
+#define CRYPTO_ALG_DEAD 0x00000020
+#define CRYPTO_ALG_DYING 0x00000040
+#define CRYPTO_ALG_ASYNC 0x00000080
+
+/*
+ * Set this bit if and only if the algorithm requires another algorithm of
+ * the same type to handle corner cases.
+ */
+#define CRYPTO_ALG_NEED_FALLBACK 0x00000100
/*
* Transform masks and values (for crt_flags).
@@ -61,8 +77,37 @@
#define CRYPTO_DIR_ENCRYPT 1
#define CRYPTO_DIR_DECRYPT 0
+/*
+ * The macro CRYPTO_MINALIGN_ATTR (along with the void * type in the actual
+ * declaration) is used to ensure that the crypto_tfm context structure is
+ * aligned correctly for the given architecture so that there are no alignment
+ * faults for C data types. In particular, this is required on platforms such
+ * as arm where pointers are 32-bit aligned but there are data types such as
+ * u64 which require 64-bit alignment.
+ */
+#if defined(ARCH_KMALLOC_MINALIGN)
+#define CRYPTO_MINALIGN ARCH_KMALLOC_MINALIGN
+#elif defined(ARCH_SLAB_MINALIGN)
+#define CRYPTO_MINALIGN ARCH_SLAB_MINALIGN
+#endif
+
+#ifdef CRYPTO_MINALIGN
+#define CRYPTO_MINALIGN_ATTR __attribute__ ((__aligned__(CRYPTO_MINALIGN)))
+#else
+#define CRYPTO_MINALIGN_ATTR
+#endif
+
struct scatterlist;
+struct crypto_blkcipher;
+struct crypto_hash;
struct crypto_tfm;
+struct crypto_type;
+
+struct blkcipher_desc {
+ struct crypto_blkcipher *tfm;
+ void *info;
+ u32 flags;
+};
struct cipher_desc {
struct crypto_tfm *tfm;
@@ -72,30 +117,50 @@ struct cipher_desc {
void *info;
};
+struct hash_desc {
+ struct crypto_hash *tfm;
+ u32 flags;
+};
+
/*
* Algorithms: modular crypto algorithm implementations, managed
* via crypto_register_alg() and crypto_unregister_alg().
*/
+struct blkcipher_alg {
+ int (*setkey)(struct crypto_tfm *tfm, const u8 *key,
+ unsigned int keylen);
+ int (*encrypt)(struct blkcipher_desc *desc,
+ struct scatterlist *dst, struct scatterlist *src,
+ unsigned int nbytes);
+ int (*decrypt)(struct blkcipher_desc *desc,
+ struct scatterlist *dst, struct scatterlist *src,
+ unsigned int nbytes);
+
+ unsigned int min_keysize;
+ unsigned int max_keysize;
+ unsigned int ivsize;
+};
+
struct cipher_alg {
unsigned int cia_min_keysize;
unsigned int cia_max_keysize;
int (*cia_setkey)(struct crypto_tfm *tfm, const u8 *key,
- unsigned int keylen, u32 *flags);
+ unsigned int keylen);
void (*cia_encrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
void (*cia_decrypt)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
unsigned int (*cia_encrypt_ecb)(const struct cipher_desc *desc,
u8 *dst, const u8 *src,
- unsigned int nbytes);
+ unsigned int nbytes) __deprecated;
unsigned int (*cia_decrypt_ecb)(const struct cipher_desc *desc,
u8 *dst, const u8 *src,
- unsigned int nbytes);
+ unsigned int nbytes) __deprecated;
unsigned int (*cia_encrypt_cbc)(const struct cipher_desc *desc,
u8 *dst, const u8 *src,
- unsigned int nbytes);
+ unsigned int nbytes) __deprecated;
unsigned int (*cia_decrypt_cbc)(const struct cipher_desc *desc,
u8 *dst, const u8 *src,
- unsigned int nbytes);
+ unsigned int nbytes) __deprecated;
};
struct digest_alg {
@@ -105,7 +170,20 @@ struct digest_alg {
unsigned int len);
void (*dia_final)(struct crypto_tfm *tfm, u8 *out);
int (*dia_setkey)(struct crypto_tfm *tfm, const u8 *key,
- unsigned int keylen, u32 *flags);
+ unsigned int keylen);
+};
+
+struct hash_alg {
+ int (*init)(struct hash_desc *desc);
+ int (*update)(struct hash_desc *desc, struct scatterlist *sg,
+ unsigned int nbytes);
+ int (*final)(struct hash_desc *desc, u8 *out);
+ int (*digest)(struct hash_desc *desc, struct scatterlist *sg,
+ unsigned int nbytes, u8 *out);
+ int (*setkey)(struct crypto_hash *tfm, const u8 *key,
+ unsigned int keylen);
+
+ unsigned int digestsize;
};
struct compress_alg {
@@ -115,30 +193,40 @@ struct compress_alg {
unsigned int slen, u8 *dst, unsigned int *dlen);
};
+#define cra_blkcipher cra_u.blkcipher
#define cra_cipher cra_u.cipher
#define cra_digest cra_u.digest
+#define cra_hash cra_u.hash
#define cra_compress cra_u.compress
struct crypto_alg {
struct list_head cra_list;
+ struct list_head cra_users;
+
u32 cra_flags;
unsigned int cra_blocksize;
unsigned int cra_ctxsize;
unsigned int cra_alignmask;
int cra_priority;
+ atomic_t cra_refcnt;
char cra_name[CRYPTO_MAX_ALG_NAME];
char cra_driver_name[CRYPTO_MAX_ALG_NAME];
+ const struct crypto_type *cra_type;
+
union {
+ struct blkcipher_alg blkcipher;
struct cipher_alg cipher;
struct digest_alg digest;
+ struct hash_alg hash;
struct compress_alg compress;
} cra_u;
int (*cra_init)(struct crypto_tfm *tfm);
void (*cra_exit)(struct crypto_tfm *tfm);
+ void (*cra_destroy)(struct crypto_alg *alg);
struct module *cra_module;
};
@@ -153,20 +241,39 @@ int crypto_unregister_alg(struct crypto_alg *alg);
* Algorithm query interface.
*/
#ifdef CONFIG_CRYPTO
-int crypto_alg_available(const char *name, u32 flags);
+int crypto_alg_available(const char *name, u32 flags)
+ __deprecated_for_modules;
+int crypto_has_alg(const char *name, u32 type, u32 mask);
#else
+static int crypto_alg_available(const char *name, u32 flags);
+ __deprecated_for_modules;
static inline int crypto_alg_available(const char *name, u32 flags)
{
return 0;
}
+
+static inline int crypto_has_alg(const char *name, u32 type, u32 mask)
+{
+ return 0;
+}
#endif
/*
* Transforms: user-instantiated objects which encapsulate algorithms
- * and core processing logic. Managed via crypto_alloc_tfm() and
- * crypto_free_tfm(), as well as the various helpers below.
+ * and core processing logic. Managed via crypto_alloc_*() and
+ * crypto_free_*(), as well as the various helpers below.
*/
+struct blkcipher_tfm {
+ void *iv;
+ int (*setkey)(struct crypto_tfm *tfm, const u8 *key,
+ unsigned int keylen);
+ int (*encrypt)(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes);
+ int (*decrypt)(struct blkcipher_desc *desc, struct scatterlist *dst,
+ struct scatterlist *src, unsigned int nbytes);
+};
+
struct cipher_tfm {
void *cit_iv;
unsigned int cit_ivsize;
@@ -190,20 +297,20 @@ struct cipher_tfm {
struct scatterlist *src,
unsigned int nbytes, u8 *iv);
void (*cit_xor_block)(u8 *dst, const u8 *src);
+ void (*cit_encrypt_one)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
+ void (*cit_decrypt_one)(struct crypto_tfm *tfm, u8 *dst, const u8 *src);
};
-struct digest_tfm {
- void (*dit_init)(struct crypto_tfm *tfm);
- void (*dit_update)(struct crypto_tfm *tfm,
- struct scatterlist *sg, unsigned int nsg);
- void (*dit_final)(struct crypto_tfm *tfm, u8 *out);
- void (*dit_digest)(struct crypto_tfm *tfm, struct scatterlist *sg,
- unsigned int nsg, u8 *out);
- int (*dit_setkey)(struct crypto_tfm *tfm,
- const u8 *key, unsigned int keylen);
-#ifdef CONFIG_CRYPTO_HMAC
- void *dit_hmac_block;
-#endif
+struct hash_tfm {
+ int (*init)(struct hash_desc *desc);
+ int (*update)(struct hash_desc *desc,
+ struct scatterlist *sg, unsigned int nsg);
+ int (*final)(struct hash_desc *desc, u8 *out);
+ int (*digest)(struct hash_desc *desc, struct scatterlist *sg,
+ unsigned int nsg, u8 *out);
+ int (*setkey)(struct crypto_hash *tfm, const u8 *key,
+ unsigned int keylen);
+ unsigned int digestsize;
};
struct compress_tfm {
@@ -215,8 +322,9 @@ struct compress_tfm {
u8 *dst, unsigned int *dlen);
};
+#define crt_blkcipher crt_u.blkcipher
#define crt_cipher crt_u.cipher
-#define crt_digest crt_u.digest
+#define crt_hash crt_u.hash
#define crt_compress crt_u.compress
struct crypto_tfm {
@@ -224,30 +332,43 @@ struct crypto_tfm {
u32 crt_flags;
union {
+ struct blkcipher_tfm blkcipher;
struct cipher_tfm cipher;
- struct digest_tfm digest;
+ struct hash_tfm hash;
struct compress_tfm compress;
} crt_u;
struct crypto_alg *__crt_alg;
- char __crt_ctx[] __attribute__ ((__aligned__));
+ void *__crt_ctx[] CRYPTO_MINALIGN_ATTR;
+};
+
+#define crypto_cipher crypto_tfm
+#define crypto_comp crypto_tfm
+
+struct crypto_blkcipher {
+ struct crypto_tfm base;
+};
+
+struct crypto_hash {
+ struct crypto_tfm base;
+};
+
+enum {
+ CRYPTOA_UNSPEC,
+ CRYPTOA_ALG,
+};
+
+struct crypto_attr_alg {
+ char name[CRYPTO_MAX_ALG_NAME];
};
/*
* Transform user interface.
*/
-/*
- * crypto_alloc_tfm() will first attempt to locate an already loaded algorithm.
- * If that fails and the kernel supports dynamically loadable modules, it
- * will then attempt to load a module of the same name or alias. A refcount
- * is grabbed on the algorithm which is then associated with the new transform.
- *
- * crypto_free_tfm() frees up the transform and any associated resources,
- * then drops the refcount on the associated algorithm.
- */
struct crypto_tfm *crypto_alloc_tfm(const char *alg_name, u32 tfm_flags);
+struct crypto_tfm *crypto_alloc_base(const char *alg_name, u32 type, u32 mask);
void crypto_free_tfm(struct crypto_tfm *tfm);
/*
@@ -258,6 +379,16 @@ static inline const char *crypto_tfm_alg_name(struct crypto_tfm *tfm)
return tfm->__crt_alg->cra_name;
}
+static inline const char *crypto_tfm_alg_driver_name(struct crypto_tfm *tfm)
+{
+ return tfm->__crt_alg->cra_driver_name;
+}
+
+static inline int crypto_tfm_alg_priority(struct crypto_tfm *tfm)
+{
+ return tfm->__crt_alg->cra_priority;
+}
+
static inline const char *crypto_tfm_alg_modname(struct crypto_tfm *tfm)
{
return module_name(tfm->__crt_alg->cra_module);
@@ -268,18 +399,23 @@ static inline u32 crypto_tfm_alg_type(struct crypto_tfm *tfm)
return tfm->__crt_alg->cra_flags & CRYPTO_ALG_TYPE_MASK;
}
+static unsigned int crypto_tfm_alg_min_keysize(struct crypto_tfm *tfm)
+ __deprecated;
static inline unsigned int crypto_tfm_alg_min_keysize(struct crypto_tfm *tfm)
{
BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER);
return tfm->__crt_alg->cra_cipher.cia_min_keysize;
}
+static unsigned int crypto_tfm_alg_max_keysize(struct crypto_tfm *tfm)
+ __deprecated;
static inline unsigned int crypto_tfm_alg_max_keysize(struct crypto_tfm *tfm)
{
BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER);
return tfm->__crt_alg->cra_cipher.cia_max_keysize;
}
+static unsigned int crypto_tfm_alg_ivsize(struct crypto_tfm *tfm) __deprecated;
static inline unsigned int crypto_tfm_alg_ivsize(struct crypto_tfm *tfm)
{
BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER);
@@ -302,6 +438,21 @@ static inline unsigned int crypto_tfm_alg_alignmask(struct crypto_tfm *tfm)
return tfm->__crt_alg->cra_alignmask;
}
+static inline u32 crypto_tfm_get_flags(struct crypto_tfm *tfm)
+{
+ return tfm->crt_flags;
+}
+
+static inline void crypto_tfm_set_flags(struct crypto_tfm *tfm, u32 flags)
+{
+ tfm->crt_flags |= flags;
+}
+
+static inline void crypto_tfm_clear_flags(struct crypto_tfm *tfm, u32 flags)
+{
+ tfm->crt_flags &= ~flags;
+}
+
static inline void *crypto_tfm_ctx(struct crypto_tfm *tfm)
{
return tfm->__crt_ctx;
@@ -316,50 +467,374 @@ static inline unsigned int crypto_tfm_ctx_alignment(void)
/*
* API wrappers.
*/
-static inline void crypto_digest_init(struct crypto_tfm *tfm)
+static inline struct crypto_blkcipher *__crypto_blkcipher_cast(
+ struct crypto_tfm *tfm)
{
- BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_DIGEST);
- tfm->crt_digest.dit_init(tfm);
+ return (struct crypto_blkcipher *)tfm;
}
-static inline void crypto_digest_update(struct crypto_tfm *tfm,
- struct scatterlist *sg,
- unsigned int nsg)
+static inline struct crypto_blkcipher *crypto_blkcipher_cast(
+ struct crypto_tfm *tfm)
{
- BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_DIGEST);
- tfm->crt_digest.dit_update(tfm, sg, nsg);
+ BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_BLKCIPHER);
+ return __crypto_blkcipher_cast(tfm);
}
-static inline void crypto_digest_final(struct crypto_tfm *tfm, u8 *out)
+static inline struct crypto_blkcipher *crypto_alloc_blkcipher(
+ const char *alg_name, u32 type, u32 mask)
{
- BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_DIGEST);
- tfm->crt_digest.dit_final(tfm, out);
+ type &= ~CRYPTO_ALG_TYPE_MASK;
+ type |= CRYPTO_ALG_TYPE_BLKCIPHER;
+ mask |= CRYPTO_ALG_TYPE_MASK;
+
+ return __crypto_blkcipher_cast(crypto_alloc_base(alg_name, type, mask));
}
-static inline void crypto_digest_digest(struct crypto_tfm *tfm,
- struct scatterlist *sg,
- unsigned int nsg, u8 *out)
+static inline struct crypto_tfm *crypto_blkcipher_tfm(
+ struct crypto_blkcipher *tfm)
{
- BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_DIGEST);
- tfm->crt_digest.dit_digest(tfm, sg, nsg, out);
+ return &tfm->base;
}
-static inline int crypto_digest_setkey(struct crypto_tfm *tfm,
+static inline void crypto_free_blkcipher(struct crypto_blkcipher *tfm)
+{
+ crypto_free_tfm(crypto_blkcipher_tfm(tfm));
+}
+
+static inline int crypto_has_blkcipher(const char *alg_name, u32 type, u32 mask)
+{
+ type &= ~CRYPTO_ALG_TYPE_MASK;
+ type |= CRYPTO_ALG_TYPE_BLKCIPHER;
+ mask |= CRYPTO_ALG_TYPE_MASK;
+
+ return crypto_has_alg(alg_name, type, mask);
+}
+
+static inline const char *crypto_blkcipher_name(struct crypto_blkcipher *tfm)
+{
+ return crypto_tfm_alg_name(crypto_blkcipher_tfm(tfm));
+}
+
+static inline struct blkcipher_tfm *crypto_blkcipher_crt(
+ struct crypto_blkcipher *tfm)
+{
+ return &crypto_blkcipher_tfm(tfm)->crt_blkcipher;
+}
+
+static inline struct blkcipher_alg *crypto_blkcipher_alg(
+ struct crypto_blkcipher *tfm)
+{
+ return &crypto_blkcipher_tfm(tfm)->__crt_alg->cra_blkcipher;
+}
+
+static inline unsigned int crypto_blkcipher_ivsize(struct crypto_blkcipher *tfm)
+{
+ return crypto_blkcipher_alg(tfm)->ivsize;
+}
+
+static inline unsigned int crypto_blkcipher_blocksize(
+ struct crypto_blkcipher *tfm)
+{
+ return crypto_tfm_alg_blocksize(crypto_blkcipher_tfm(tfm));
+}
+
+static inline unsigned int crypto_blkcipher_alignmask(
+ struct crypto_blkcipher *tfm)
+{
+ return crypto_tfm_alg_alignmask(crypto_blkcipher_tfm(tfm));
+}
+
+static inline u32 crypto_blkcipher_get_flags(struct crypto_blkcipher *tfm)
+{
+ return crypto_tfm_get_flags(crypto_blkcipher_tfm(tfm));
+}
+
+static inline void crypto_blkcipher_set_flags(struct crypto_blkcipher *tfm,
+ u32 flags)
+{
+ crypto_tfm_set_flags(crypto_blkcipher_tfm(tfm), flags);
+}
+
+static inline void crypto_blkcipher_clear_flags(struct crypto_blkcipher *tfm,
+ u32 flags)
+{
+ crypto_tfm_clear_flags(crypto_blkcipher_tfm(tfm), flags);
+}
+
+static inline int crypto_blkcipher_setkey(struct crypto_blkcipher *tfm,
+ const u8 *key, unsigned int keylen)
+{
+ return crypto_blkcipher_crt(tfm)->setkey(crypto_blkcipher_tfm(tfm),
+ key, keylen);
+}
+
+static inline int crypto_blkcipher_encrypt(struct blkcipher_desc *desc,
+ struct scatterlist *dst,
+ struct scatterlist *src,
+ unsigned int nbytes)
+{
+ desc->info = crypto_blkcipher_crt(desc->tfm)->iv;
+ return crypto_blkcipher_crt(desc->tfm)->encrypt(desc, dst, src, nbytes);
+}
+
+static inline int crypto_blkcipher_encrypt_iv(struct blkcipher_desc *desc,
+ struct scatterlist *dst,
+ struct scatterlist *src,
+ unsigned int nbytes)
+{
+ return crypto_blkcipher_crt(desc->tfm)->encrypt(desc, dst, src, nbytes);
+}
+
+static inline int crypto_blkcipher_decrypt(struct blkcipher_desc *desc,
+ struct scatterlist *dst,
+ struct scatterlist *src,
+ unsigned int nbytes)
+{
+ desc->info = crypto_blkcipher_crt(desc->tfm)->iv;
+ return crypto_blkcipher_crt(desc->tfm)->decrypt(desc, dst, src, nbytes);
+}
+
+static inline int crypto_blkcipher_decrypt_iv(struct blkcipher_desc *desc,
+ struct scatterlist *dst,
+ struct scatterlist *src,
+ unsigned int nbytes)
+{
+ return crypto_blkcipher_crt(desc->tfm)->decrypt(desc, dst, src, nbytes);
+}
+
+static inline void crypto_blkcipher_set_iv(struct crypto_blkcipher *tfm,
+ const u8 *src, unsigned int len)
+{
+ memcpy(crypto_blkcipher_crt(tfm)->iv, src, len);
+}
+
+static inline void crypto_blkcipher_get_iv(struct crypto_blkcipher *tfm,
+ u8 *dst, unsigned int len)
+{
+ memcpy(dst, crypto_blkcipher_crt(tfm)->iv, len);
+}
+
+static inline struct crypto_cipher *__crypto_cipher_cast(struct crypto_tfm *tfm)
+{
+ return (struct crypto_cipher *)tfm;
+}
+
+static inline struct crypto_cipher *crypto_cipher_cast(struct crypto_tfm *tfm)
+{
+ BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER);
+ return __crypto_cipher_cast(tfm);
+}
+
+static inline struct crypto_cipher *crypto_alloc_cipher(const char *alg_name,
+ u32 type, u32 mask)
+{
+ type &= ~CRYPTO_ALG_TYPE_MASK;
+ type |= CRYPTO_ALG_TYPE_CIPHER;
+ mask |= CRYPTO_ALG_TYPE_MASK;
+
+ return __crypto_cipher_cast(crypto_alloc_base(alg_name, type, mask));
+}
+
+static inline struct crypto_tfm *crypto_cipher_tfm(struct crypto_cipher *tfm)
+{
+ return tfm;
+}
+
+static inline void crypto_free_cipher(struct crypto_cipher *tfm)
+{
+ crypto_free_tfm(crypto_cipher_tfm(tfm));
+}
+
+static inline int crypto_has_cipher(const char *alg_name, u32 type, u32 mask)
+{
+ type &= ~CRYPTO_ALG_TYPE_MASK;
+ type |= CRYPTO_ALG_TYPE_CIPHER;
+ mask |= CRYPTO_ALG_TYPE_MASK;
+
+ return crypto_has_alg(alg_name, type, mask);
+}
+
+static inline struct cipher_tfm *crypto_cipher_crt(struct crypto_cipher *tfm)
+{
+ return &crypto_cipher_tfm(tfm)->crt_cipher;
+}
+
+static inline unsigned int crypto_cipher_blocksize(struct crypto_cipher *tfm)
+{
+ return crypto_tfm_alg_blocksize(crypto_cipher_tfm(tfm));
+}
+
+static inline unsigned int crypto_cipher_alignmask(struct crypto_cipher *tfm)
+{
+ return crypto_tfm_alg_alignmask(crypto_cipher_tfm(tfm));
+}
+
+static inline u32 crypto_cipher_get_flags(struct crypto_cipher *tfm)
+{
+ return crypto_tfm_get_flags(crypto_cipher_tfm(tfm));
+}
+
+static inline void crypto_cipher_set_flags(struct crypto_cipher *tfm,
+ u32 flags)
+{
+ crypto_tfm_set_flags(crypto_cipher_tfm(tfm), flags);
+}
+
+static inline void crypto_cipher_clear_flags(struct crypto_cipher *tfm,
+ u32 flags)
+{
+ crypto_tfm_clear_flags(crypto_cipher_tfm(tfm), flags);
+}
+
+static inline int crypto_cipher_setkey(struct crypto_cipher *tfm,
const u8 *key, unsigned int keylen)
{
- BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_DIGEST);
- if (tfm->crt_digest.dit_setkey == NULL)
- return -ENOSYS;
- return tfm->crt_digest.dit_setkey(tfm, key, keylen);
+ return crypto_cipher_crt(tfm)->cit_setkey(crypto_cipher_tfm(tfm),
+ key, keylen);
+}
+
+static inline void crypto_cipher_encrypt_one(struct crypto_cipher *tfm,
+ u8 *dst, const u8 *src)
+{
+ crypto_cipher_crt(tfm)->cit_encrypt_one(crypto_cipher_tfm(tfm),
+ dst, src);
+}
+
+static inline void crypto_cipher_decrypt_one(struct crypto_cipher *tfm,
+ u8 *dst, const u8 *src)
+{
+ crypto_cipher_crt(tfm)->cit_decrypt_one(crypto_cipher_tfm(tfm),
+ dst, src);
+}
+
+void crypto_digest_init(struct crypto_tfm *tfm) __deprecated_for_modules;
+void crypto_digest_update(struct crypto_tfm *tfm,
+ struct scatterlist *sg, unsigned int nsg)
+ __deprecated_for_modules;
+void crypto_digest_final(struct crypto_tfm *tfm, u8 *out)
+ __deprecated_for_modules;
+void crypto_digest_digest(struct crypto_tfm *tfm,
+ struct scatterlist *sg, unsigned int nsg, u8 *out)
+ __deprecated_for_modules;
+
+static inline struct crypto_hash *__crypto_hash_cast(struct crypto_tfm *tfm)
+{
+ return (struct crypto_hash *)tfm;
+}
+
+static inline struct crypto_hash *crypto_hash_cast(struct crypto_tfm *tfm)
+{
+ BUG_ON((crypto_tfm_alg_type(tfm) ^ CRYPTO_ALG_TYPE_HASH) &
+ CRYPTO_ALG_TYPE_HASH_MASK);
+ return __crypto_hash_cast(tfm);
}
-static inline int crypto_cipher_setkey(struct crypto_tfm *tfm,
+static int crypto_digest_setkey(struct crypto_tfm *tfm, const u8 *key,
+ unsigned int keylen) __deprecated;
+static inline int crypto_digest_setkey(struct crypto_tfm *tfm,
const u8 *key, unsigned int keylen)
{
- BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER);
- return tfm->crt_cipher.cit_setkey(tfm, key, keylen);
+ return tfm->crt_hash.setkey(crypto_hash_cast(tfm), key, keylen);
+}
+
+static inline struct crypto_hash *crypto_alloc_hash(const char *alg_name,
+ u32 type, u32 mask)
+{
+ type &= ~CRYPTO_ALG_TYPE_MASK;
+ type |= CRYPTO_ALG_TYPE_HASH;
+ mask |= CRYPTO_ALG_TYPE_HASH_MASK;
+
+ return __crypto_hash_cast(crypto_alloc_base(alg_name, type, mask));
+}
+
+static inline struct crypto_tfm *crypto_hash_tfm(struct crypto_hash *tfm)
+{
+ return &tfm->base;
+}
+
+static inline void crypto_free_hash(struct crypto_hash *tfm)
+{
+ crypto_free_tfm(crypto_hash_tfm(tfm));
+}
+
+static inline int crypto_has_hash(const char *alg_name, u32 type, u32 mask)
+{
+ type &= ~CRYPTO_ALG_TYPE_MASK;
+ type |= CRYPTO_ALG_TYPE_HASH;
+ mask |= CRYPTO_ALG_TYPE_HASH_MASK;
+
+ return crypto_has_alg(alg_name, type, mask);
+}
+
+static inline struct hash_tfm *crypto_hash_crt(struct crypto_hash *tfm)
+{
+ return &crypto_hash_tfm(tfm)->crt_hash;
+}
+
+static inline unsigned int crypto_hash_blocksize(struct crypto_hash *tfm)
+{
+ return crypto_tfm_alg_blocksize(crypto_hash_tfm(tfm));
+}
+
+static inline unsigned int crypto_hash_alignmask(struct crypto_hash *tfm)
+{
+ return crypto_tfm_alg_alignmask(crypto_hash_tfm(tfm));
+}
+
+static inline unsigned int crypto_hash_digestsize(struct crypto_hash *tfm)
+{
+ return crypto_hash_crt(tfm)->digestsize;
+}
+
+static inline u32 crypto_hash_get_flags(struct crypto_hash *tfm)
+{
+ return crypto_tfm_get_flags(crypto_hash_tfm(tfm));
+}
+
+static inline void crypto_hash_set_flags(struct crypto_hash *tfm, u32 flags)
+{
+ crypto_tfm_set_flags(crypto_hash_tfm(tfm), flags);
}
+static inline void crypto_hash_clear_flags(struct crypto_hash *tfm, u32 flags)
+{
+ crypto_tfm_clear_flags(crypto_hash_tfm(tfm), flags);
+}
+
+static inline int crypto_hash_init(struct hash_desc *desc)
+{
+ return crypto_hash_crt(desc->tfm)->init(desc);
+}
+
+static inline int crypto_hash_update(struct hash_desc *desc,
+ struct scatterlist *sg,
+ unsigned int nbytes)
+{
+ return crypto_hash_crt(desc->tfm)->update(desc, sg, nbytes);
+}
+
+static inline int crypto_hash_final(struct hash_desc *desc, u8 *out)
+{
+ return crypto_hash_crt(desc->tfm)->final(desc, out);
+}
+
+static inline int crypto_hash_digest(struct hash_desc *desc,
+ struct scatterlist *sg,
+ unsigned int nbytes, u8 *out)
+{
+ return crypto_hash_crt(desc->tfm)->digest(desc, sg, nbytes, out);
+}
+
+static inline int crypto_hash_setkey(struct crypto_hash *hash,
+ const u8 *key, unsigned int keylen)
+{
+ return crypto_hash_crt(hash)->setkey(hash, key, keylen);
+}
+
+static int crypto_cipher_encrypt(struct crypto_tfm *tfm,
+ struct scatterlist *dst,
+ struct scatterlist *src,
+ unsigned int nbytes) __deprecated;
static inline int crypto_cipher_encrypt(struct crypto_tfm *tfm,
struct scatterlist *dst,
struct scatterlist *src,
@@ -369,16 +844,23 @@ static inline int crypto_cipher_encrypt(struct crypto_tfm *tfm,
return tfm->crt_cipher.cit_encrypt(tfm, dst, src, nbytes);
}
+static int crypto_cipher_encrypt_iv(struct crypto_tfm *tfm,
+ struct scatterlist *dst,
+ struct scatterlist *src,
+ unsigned int nbytes, u8 *iv) __deprecated;
static inline int crypto_cipher_encrypt_iv(struct crypto_tfm *tfm,
struct scatterlist *dst,
struct scatterlist *src,
unsigned int nbytes, u8 *iv)
{
BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER);
- BUG_ON(tfm->crt_cipher.cit_mode == CRYPTO_TFM_MODE_ECB);
return tfm->crt_cipher.cit_encrypt_iv(tfm, dst, src, nbytes, iv);
}
+static int crypto_cipher_decrypt(struct crypto_tfm *tfm,
+ struct scatterlist *dst,
+ struct scatterlist *src,
+ unsigned int nbytes) __deprecated;
static inline int crypto_cipher_decrypt(struct crypto_tfm *tfm,
struct scatterlist *dst,
struct scatterlist *src,
@@ -388,16 +870,21 @@ static inline int crypto_cipher_decrypt(struct crypto_tfm *tfm,
return tfm->crt_cipher.cit_decrypt(tfm, dst, src, nbytes);
}
+static int crypto_cipher_decrypt_iv(struct crypto_tfm *tfm,
+ struct scatterlist *dst,
+ struct scatterlist *src,
+ unsigned int nbytes, u8 *iv) __deprecated;
static inline int crypto_cipher_decrypt_iv(struct crypto_tfm *tfm,
struct scatterlist *dst,
struct scatterlist *src,
unsigned int nbytes, u8 *iv)
{
BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_CIPHER);
- BUG_ON(tfm->crt_cipher.cit_mode == CRYPTO_TFM_MODE_ECB);
return tfm->crt_cipher.cit_decrypt_iv(tfm, dst, src, nbytes, iv);
}
+static void crypto_cipher_set_iv(struct crypto_tfm *tfm,
+ const u8 *src, unsigned int len) __deprecated;
static inline void crypto_cipher_set_iv(struct crypto_tfm *tfm,
const u8 *src, unsigned int len)
{
@@ -405,6 +892,8 @@ static inline void crypto_cipher_set_iv(struct crypto_tfm *tfm,
memcpy(tfm->crt_cipher.cit_iv, src, len);
}
+static void crypto_cipher_get_iv(struct crypto_tfm *tfm,
+ u8 *dst, unsigned int len) __deprecated;
static inline void crypto_cipher_get_iv(struct crypto_tfm *tfm,
u8 *dst, unsigned int len)
{
@@ -412,34 +901,70 @@ static inline void crypto_cipher_get_iv(struct crypto_tfm *tfm,
memcpy(dst, tfm->crt_cipher.cit_iv, len);
}
-static inline int crypto_comp_compress(struct crypto_tfm *tfm,
+static inline struct crypto_comp *__crypto_comp_cast(struct crypto_tfm *tfm)
+{
+ return (struct crypto_comp *)tfm;
+}
+
+static inline struct crypto_comp *crypto_comp_cast(struct crypto_tfm *tfm)
+{
+ BUG_ON((crypto_tfm_alg_type(tfm) ^ CRYPTO_ALG_TYPE_COMPRESS) &
+ CRYPTO_ALG_TYPE_MASK);
+ return __crypto_comp_cast(tfm);
+}
+
+static inline struct crypto_comp *crypto_alloc_comp(const char *alg_name,
+ u32 type, u32 mask)
+{
+ type &= ~CRYPTO_ALG_TYPE_MASK;
+ type |= CRYPTO_ALG_TYPE_COMPRESS;
+ mask |= CRYPTO_ALG_TYPE_MASK;
+
+ return __crypto_comp_cast(crypto_alloc_base(alg_name, type, mask));
+}
+
+static inline struct crypto_tfm *crypto_comp_tfm(struct crypto_comp *tfm)
+{
+ return tfm;
+}
+
+static inline void crypto_free_comp(struct crypto_comp *tfm)
+{
+ crypto_free_tfm(crypto_comp_tfm(tfm));
+}
+
+static inline int crypto_has_comp(const char *alg_name, u32 type, u32 mask)
+{
+ type &= ~CRYPTO_ALG_TYPE_MASK;
+ type |= CRYPTO_ALG_TYPE_COMPRESS;
+ mask |= CRYPTO_ALG_TYPE_MASK;
+
+ return crypto_has_alg(alg_name, type, mask);
+}
+
+static inline const char *crypto_comp_name(struct crypto_comp *tfm)
+{
+ return crypto_tfm_alg_name(crypto_comp_tfm(tfm));
+}
+
+static inline struct compress_tfm *crypto_comp_crt(struct crypto_comp *tfm)
+{
+ return &crypto_comp_tfm(tfm)->crt_compress;
+}
+
+static inline int crypto_comp_compress(struct crypto_comp *tfm,
const u8 *src, unsigned int slen,
u8 *dst, unsigned int *dlen)
{
- BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_COMPRESS);
- return tfm->crt_compress.cot_compress(tfm, src, slen, dst, dlen);
+ return crypto_comp_crt(tfm)->cot_compress(tfm, src, slen, dst, dlen);
}
-static inline int crypto_comp_decompress(struct crypto_tfm *tfm,
+static inline int crypto_comp_decompress(struct crypto_comp *tfm,
const u8 *src, unsigned int slen,
u8 *dst, unsigned int *dlen)
{
- BUG_ON(crypto_tfm_alg_type(tfm) != CRYPTO_ALG_TYPE_COMPRESS);
- return tfm->crt_compress.cot_decompress(tfm, src, slen, dst, dlen);
+ return crypto_comp_crt(tfm)->cot_decompress(tfm, src, slen, dst, dlen);
}
-/*
- * HMAC support.
- */
-#ifdef CONFIG_CRYPTO_HMAC
-void crypto_hmac_init(struct crypto_tfm *tfm, u8 *key, unsigned int *keylen);
-void crypto_hmac_update(struct crypto_tfm *tfm,
- struct scatterlist *sg, unsigned int nsg);
-void crypto_hmac_final(struct crypto_tfm *tfm, u8 *key,
- unsigned int *keylen, u8 *out);
-void crypto_hmac(struct crypto_tfm *tfm, u8 *key, unsigned int *keylen,
- struct scatterlist *sg, unsigned int nsg, u8 *out);
-#endif /* CONFIG_CRYPTO_HMAC */
-
#endif /* _LINUX_CRYPTO_H */
diff --git a/include/linux/scatterlist.h b/include/linux/scatterlist.h
index 66ff545552f..4efbd9c445f 100644
--- a/include/linux/scatterlist.h
+++ b/include/linux/scatterlist.h
@@ -5,7 +5,7 @@
#include <linux/mm.h>
#include <linux/string.h>
-static inline void sg_set_buf(struct scatterlist *sg, void *buf,
+static inline void sg_set_buf(struct scatterlist *sg, const void *buf,
unsigned int buflen)
{
sg->page = virt_to_page(buf);
@@ -13,7 +13,7 @@ static inline void sg_set_buf(struct scatterlist *sg, void *buf,
sg->length = buflen;
}
-static inline void sg_init_one(struct scatterlist *sg, void *buf,
+static inline void sg_init_one(struct scatterlist *sg, const void *buf,
unsigned int buflen)
{
memset(sg, 0, sizeof(*sg));
diff --git a/include/linux/sunrpc/gss_krb5.h b/include/linux/sunrpc/gss_krb5.h
index 1279280d719..e30ba201910 100644
--- a/include/linux/sunrpc/gss_krb5.h
+++ b/include/linux/sunrpc/gss_krb5.h
@@ -46,8 +46,8 @@ struct krb5_ctx {
unsigned char seed[16];
int signalg;
int sealalg;
- struct crypto_tfm *enc;
- struct crypto_tfm *seq;
+ struct crypto_blkcipher *enc;
+ struct crypto_blkcipher *seq;
s32 endtime;
u32 seq_send;
struct xdr_netobj mech_used;
@@ -136,26 +136,27 @@ gss_unwrap_kerberos(struct gss_ctx *ctx_id, int offset,
u32
-krb5_encrypt(struct crypto_tfm * key,
+krb5_encrypt(struct crypto_blkcipher *key,
void *iv, void *in, void *out, int length);
u32
-krb5_decrypt(struct crypto_tfm * key,
+krb5_decrypt(struct crypto_blkcipher *key,
void *iv, void *in, void *out, int length);
int
-gss_encrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *outbuf, int offset,
- struct page **pages);
+gss_encrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *outbuf,
+ int offset, struct page **pages);
int
-gss_decrypt_xdr_buf(struct crypto_tfm *tfm, struct xdr_buf *inbuf, int offset);
+gss_decrypt_xdr_buf(struct crypto_blkcipher *tfm, struct xdr_buf *inbuf,
+ int offset);
s32
-krb5_make_seq_num(struct crypto_tfm * key,
+krb5_make_seq_num(struct crypto_blkcipher *key,
int direction,
s32 seqnum, unsigned char *cksum, unsigned char *buf);
s32
-krb5_get_seq_num(struct crypto_tfm * key,
+krb5_get_seq_num(struct crypto_blkcipher *key,
unsigned char *cksum,
unsigned char *buf, int *direction, s32 * seqnum);
diff --git a/include/linux/sunrpc/gss_spkm3.h b/include/linux/sunrpc/gss_spkm3.h
index 336e218c278..2cf3fbb40b4 100644
--- a/include/linux/sunrpc/gss_spkm3.h
+++ b/include/linux/sunrpc/gss_spkm3.h
@@ -19,9 +19,9 @@ struct spkm3_ctx {
unsigned int req_flags ;
struct xdr_netobj share_key;
int conf_alg;
- struct crypto_tfm* derived_conf_key;
+ struct crypto_blkcipher *derived_conf_key;
int intg_alg;
- struct crypto_tfm* derived_integ_key;
+ struct crypto_blkcipher *derived_integ_key;
int keyestb_alg; /* alg used to get share_key */
int owf_alg; /* one way function */
};
diff --git a/include/net/ah.h b/include/net/ah.h
index ceff00afae0..8f257c15990 100644
--- a/include/net/ah.h
+++ b/include/net/ah.h
@@ -1,6 +1,7 @@
#ifndef _NET_AH_H
#define _NET_AH_H
+#include <linux/crypto.h>
#include <net/xfrm.h>
/* This is the maximum truncated ICV length that we know of. */
@@ -14,22 +15,29 @@ struct ah_data
int icv_full_len;
int icv_trunc_len;
- void (*icv)(struct ah_data*,
- struct sk_buff *skb, u8 *icv);
-
- struct crypto_tfm *tfm;
+ struct crypto_hash *tfm;
};
-static inline void
-ah_hmac_digest(struct ah_data *ahp, struct sk_buff *skb, u8 *auth_data)
+static inline int ah_mac_digest(struct ah_data *ahp, struct sk_buff *skb,
+ u8 *auth_data)
{
- struct crypto_tfm *tfm = ahp->tfm;
+ struct hash_desc desc;
+ int err;
+
+ desc.tfm = ahp->tfm;
+ desc.flags = 0;
memset(auth_data, 0, ahp->icv_trunc_len);
- crypto_hmac_init(tfm, ahp->key, &ahp->key_len);
- skb_icv_walk(skb, tfm, 0, skb->len, crypto_hmac_update);
- crypto_hmac_final(tfm, ahp->key, &ahp->key_len, ahp->work_icv);
- memcpy(auth_data, ahp->work_icv, ahp->icv_trunc_len);
+ err = crypto_hash_init(&desc);
+ if (unlikely(err))
+ goto out;
+ err = skb_icv_walk(skb, &desc, 0, skb->len, crypto_hash_update);
+ if (unlikely(err))
+ goto out;
+ err = crypto_hash_final(&desc, ahp->work_icv);
+
+out:
+ return err;
}
#endif
diff --git a/include/net/esp.h b/include/net/esp.h
index 90cd94fad7d..064366d66ee 100644
--- a/include/net/esp.h
+++ b/include/net/esp.h
@@ -1,6 +1,7 @@
#ifndef _NET_ESP_H
#define _NET_ESP_H
+#include <linux/crypto.h>
#include <net/xfrm.h>
#include <asm/scatterlist.h>
@@ -21,7 +22,7 @@ struct esp_data
* >= crypto_tfm_alg_ivsize(tfm). */
int ivlen;
int padlen; /* 0..255 */
- struct crypto_tfm *tfm; /* crypto handle */
+ struct crypto_blkcipher *tfm; /* crypto handle */
} conf;
/* Integrity. It is active when icv_full_len != 0 */
@@ -34,7 +35,7 @@ struct esp_data
void (*icv)(struct esp_data*,
struct sk_buff *skb,
int offset, int len, u8 *icv);
- struct crypto_tfm *tfm;
+ struct crypto_hash *tfm;
} auth;
};
@@ -42,18 +43,22 @@ extern int skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset,
extern int skb_cow_data(struct sk_buff *skb, int tailbits, struct sk_buff **trailer);
extern void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len);
-static inline void
-esp_hmac_digest(struct esp_data *esp, struct sk_buff *skb, int offset,
- int len, u8 *auth_data)
+static inline int esp_mac_digest(struct esp_data *esp, struct sk_buff *skb,
+ int offset, int len)
{
- struct crypto_tfm *tfm = esp->auth.tfm;
- char *icv = esp->auth.work_icv;
-
- memset(auth_data, 0, esp->auth.icv_trunc_len);
- crypto_hmac_init(tfm, esp->auth.key, &esp->auth.key_len);
- skb_icv_walk(skb, tfm, offset, len, crypto_hmac_update);
- crypto_hmac_final(tfm, esp->auth.key, &esp->auth.key_len, icv);
- memcpy(auth_data, icv, esp->auth.icv_trunc_len);
+ struct hash_desc desc;
+ int err;
+
+ desc.tfm = esp->auth.tfm;
+ desc.flags = 0;
+
+ err = crypto_hash_init(&desc);
+ if (unlikely(err))
+ return err;
+ err = skb_icv_walk(skb, &desc, offset, len, crypto_hash_update);
+ if (unlikely(err))
+ return err;
+ return crypto_hash_final(&desc, esp->auth.work_icv);
}
#endif
diff --git a/include/net/ipcomp.h b/include/net/ipcomp.h
index e651a57ecdd..87c1af3e5e8 100644
--- a/include/net/ipcomp.h
+++ b/include/net/ipcomp.h
@@ -1,11 +1,14 @@
#ifndef _NET_IPCOMP_H
#define _NET_IPCOMP_H
+#include <linux/crypto.h>
+#include <linux/types.h>
+
#define IPCOMP_SCRATCH_SIZE 65400
struct ipcomp_data {
u16 threshold;
- struct crypto_tfm **tfms;
+ struct crypto_comp **tfms;
};
#endif
diff --git a/include/net/sctp/constants.h b/include/net/sctp/constants.h
index c51541ee024..57166bfdf8e 100644
--- a/include/net/sctp/constants.h
+++ b/include/net/sctp/constants.h
@@ -312,9 +312,9 @@ enum { SCTP_MAX_GABS = 16 };
*/
#if defined (CONFIG_SCTP_HMAC_MD5)
-#define SCTP_COOKIE_HMAC_ALG "md5"
+#define SCTP_COOKIE_HMAC_ALG "hmac(md5)"
#elif defined (CONFIG_SCTP_HMAC_SHA1)
-#define SCTP_COOKIE_HMAC_ALG "sha1"
+#define SCTP_COOKIE_HMAC_ALG "hmac(sha1)"
#else
#define SCTP_COOKIE_HMAC_ALG NULL
#endif
diff --git a/include/net/sctp/sctp.h b/include/net/sctp/sctp.h
index 92eae0e0f3f..1c1abce5f6b 100644
--- a/include/net/sctp/sctp.h
+++ b/include/net/sctp/sctp.h
@@ -330,17 +330,6 @@ static inline void sctp_v6_exit(void) { return; }
#endif /* #if defined(CONFIG_IPV6) */
-/* Some wrappers, in case crypto not available. */
-#if defined (CONFIG_CRYPTO_HMAC)
-#define sctp_crypto_alloc_tfm crypto_alloc_tfm
-#define sctp_crypto_free_tfm crypto_free_tfm
-#define sctp_crypto_hmac crypto_hmac
-#else
-#define sctp_crypto_alloc_tfm(x...) NULL
-#define sctp_crypto_free_tfm(x...)
-#define sctp_crypto_hmac(x...)
-#endif
-
/* Map an association to an assoc_id. */
static inline sctp_assoc_t sctp_assoc2id(const struct sctp_association *asoc)
diff --git a/include/net/sctp/structs.h b/include/net/sctp/structs.h
index e5aa7ff1f5b..0412e730c76 100644
--- a/include/net/sctp/structs.h
+++ b/include/net/sctp/structs.h
@@ -87,6 +87,7 @@ struct sctp_bind_addr;
struct sctp_ulpq;
struct sctp_ep_common;
struct sctp_ssnmap;
+struct crypto_hash;
#include <net/sctp/tsnmap.h>
@@ -264,7 +265,7 @@ struct sctp_sock {
struct sctp_pf *pf;
/* Access to HMAC transform. */
- struct crypto_tfm *hmac;
+ struct crypto_hash *hmac;
/* What is our base endpointer? */
struct sctp_endpoint *ep;
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 9c5ee9f20b6..3ecd9fa1ed4 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -8,7 +8,6 @@
#include <linux/list.h>
#include <linux/skbuff.h>
#include <linux/socket.h>
-#include <linux/crypto.h>
#include <linux/pfkeyv2.h>
#include <linux/in6.h>
#include <linux/mutex.h>
@@ -855,6 +854,7 @@ struct xfrm_algo_comp_info {
struct xfrm_algo_desc {
char *name;
+ char *compat;
u8 available:1;
union {
struct xfrm_algo_auth_info auth;
@@ -984,11 +984,13 @@ extern struct xfrm_algo_desc *xfrm_aalg_get_byname(char *name, int probe);
extern struct xfrm_algo_desc *xfrm_ealg_get_byname(char *name, int probe);
extern struct xfrm_algo_desc *xfrm_calg_get_byname(char *name, int probe);
-struct crypto_tfm;
-typedef void (icv_update_fn_t)(struct crypto_tfm *, struct scatterlist *, unsigned int);
+struct hash_desc;
+struct scatterlist;
+typedef int (icv_update_fn_t)(struct hash_desc *, struct scatterlist *,
+ unsigned int);
-extern void skb_icv_walk(const struct sk_buff *skb, struct crypto_tfm *tfm,
- int offset, int len, icv_update_fn_t icv_update);
+extern int skb_icv_walk(const struct sk_buff *skb, struct hash_desc *tfm,
+ int offset, int len, icv_update_fn_t icv_update);
static inline int xfrm_addr_cmp(xfrm_address_t *a, xfrm_address_t *b,
int family)