* [PATCH 0/4] Documentation: crypto API documentation updates
@ 2016-02-16 10:31 Stephan Mueller
2016-02-16 10:32 ` [PATCH 1/4] Documentation: crypto - add akcipher API Stephan Mueller
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Stephan Mueller @ 2016-02-16 10:31 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-doc
Hi,
This patch set updates the kernel crypto API documentation. Due to recent
updates to the API, the documentation needs to be synchronized with the
reality.
The output of the DocBook with these patches is found in [1].
Herbert: The documentation in include/crypto/skcipher.h references
CRYPTO_ALG_TYPE_SKCIPHER which does (not yet?) exist. Shall that reference
stay in the documentation?
[1] https://www.chronox.de/crypto-API/index.html
Stephan Mueller (4):
Documentation: crypto - add akcipher API
Documentation: crypto - add crypto_rng_generate
Documentation: crypto - update AEAD AD handling
Documentation: crypto - add skcipher API documentation
Documentation/DocBook/crypto-API.tmpl | 229 +++++++++++++++-------------------
include/crypto/aead.h | 6 +-
include/crypto/akcipher.h | 28 ++---
3 files changed, 115 insertions(+), 148 deletions(-)
--
2.5.0
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/4] Documentation: crypto - add akcipher API
2016-02-16 10:31 [PATCH 0/4] Documentation: crypto API documentation updates Stephan Mueller
@ 2016-02-16 10:32 ` Stephan Mueller
2016-02-16 10:32 ` [PATCH 2/4] Documentation: crypto - add crypto_rng_generate Stephan Mueller
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Stephan Mueller @ 2016-02-16 10:32 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-doc
Reference the new akcipher API calls in the kernel crypto API DocBook.
Also, fix the comments in the akcipher.h file: double dashes do not look
good in the DocBook; fix a typo.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
Documentation/DocBook/crypto-API.tmpl | 23 +++++++++++++++++++++++
include/crypto/akcipher.h | 28 ++++++++++++++--------------
2 files changed, 37 insertions(+), 14 deletions(-)
diff --git a/Documentation/DocBook/crypto-API.tmpl b/Documentation/DocBook/crypto-API.tmpl
index 866ff08..297e280 100644
--- a/Documentation/DocBook/crypto-API.tmpl
+++ b/Documentation/DocBook/crypto-API.tmpl
@@ -485,6 +485,9 @@
<para>CRYPTO_ALG_TYPE_RNG Random Number Generation</para>
</listitem>
<listitem>
+ <para>CRYPTO_ALG_TYPE_AKCIPHER Asymmetric cipher</para>
+ </listitem>
+ <listitem>
<para>CRYPTO_ALG_TYPE_PCOMPRESS Enhanced version of
CRYPTO_ALG_TYPE_COMPRESS allowing for segmented compression /
decompression instead of performing the operation on one
@@ -1817,6 +1820,26 @@ read(opfd, out, outlen);
!Finclude/crypto/rng.h crypto_rng_seedsize
!Cinclude/crypto/rng.h
</sect1>
+ <sect1><title>Asymmetric Cipher API</title>
+!Pinclude/crypto/akcipher.h Generic Public Key API
+!Finclude/crypto/akcipher.h akcipher_alg
+!Finclude/crypto/akcipher.h akcipher_request
+!Finclude/crypto/akcipher.h crypto_alloc_akcipher
+!Finclude/crypto/akcipher.h crypto_free_akcipher
+!Finclude/crypto/akcipher.h crypto_akcipher_set_pub_key
+!Finclude/crypto/akcipher.h crypto_akcipher_set_priv_key
+ </sect1>
+ <sect1><title>Asymmetric Cipher Request Handle</title>
+!Finclude/crypto/akcipher.h akcipher_request_alloc
+!Finclude/crypto/akcipher.h akcipher_request_free
+!Finclude/crypto/akcipher.h akcipher_request_set_callback
+!Finclude/crypto/akcipher.h akcipher_request_set_crypt
+!Finclude/crypto/akcipher.h crypto_akcipher_maxsize
+!Finclude/crypto/akcipher.h crypto_akcipher_encrypt
+!Finclude/crypto/akcipher.h crypto_akcipher_decrypt
+!Finclude/crypto/akcipher.h crypto_akcipher_sign
+!Finclude/crypto/akcipher.h crypto_akcipher_verify
+ </sect1>
</chapter>
<chapter id="Code"><title>Code Examples</title>
diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
index 354de15..c37cc59 100644
--- a/include/crypto/akcipher.h
+++ b/include/crypto/akcipher.h
@@ -114,7 +114,7 @@ struct akcipher_alg {
*/
/**
- * crypto_alloc_akcipher() -- allocate AKCIPHER tfm handle
+ * crypto_alloc_akcipher() - allocate AKCIPHER tfm handle
* @alg_name: is the cra_name / name or cra_driver_name / driver name of the
* public key algorithm e.g. "rsa"
* @type: specifies the type of the algorithm
@@ -171,7 +171,7 @@ static inline struct crypto_akcipher *crypto_akcipher_reqtfm(
}
/**
- * crypto_free_akcipher() -- free AKCIPHER tfm handle
+ * crypto_free_akcipher() - free AKCIPHER tfm handle
*
* @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
*/
@@ -181,7 +181,7 @@ static inline void crypto_free_akcipher(struct crypto_akcipher *tfm)
}
/**
- * akcipher_request_alloc() -- allocates public key request
+ * akcipher_request_alloc() - allocates public key request
*
* @tfm: AKCIPHER tfm handle allocated with crypto_alloc_akcipher()
* @gfp: allocation flags
@@ -201,7 +201,7 @@ static inline struct akcipher_request *akcipher_request_alloc(
}
/**
- * akcipher_request_free() -- zeroize and free public key request
+ * akcipher_request_free() - zeroize and free public key request
*
* @req: request to free
*/
@@ -211,14 +211,14 @@ static inline void akcipher_request_free(struct akcipher_request *req)
}
/**
- * akcipher_request_set_callback() -- Sets an asynchronous callback.
+ * akcipher_request_set_callback() - Sets an asynchronous callback.
*
* Callback will be called when an asynchronous operation on a given
* request is finished.
*
* @req: request that the callback will be set for
* @flgs: specify for instance if the operation may backlog
- * @cmlp: callback which will be called
+ * @cmpl: callback which will be called
* @data: private data used by the caller
*/
static inline void akcipher_request_set_callback(struct akcipher_request *req,
@@ -232,7 +232,7 @@ static inline void akcipher_request_set_callback(struct akcipher_request *req,
}
/**
- * akcipher_request_set_crypt() -- Sets request parameters
+ * akcipher_request_set_crypt() - Sets request parameters
*
* Sets parameters required by crypto operation
*
@@ -255,7 +255,7 @@ static inline void akcipher_request_set_crypt(struct akcipher_request *req,
}
/**
- * crypto_akcipher_maxsize() -- Get len for output buffer
+ * crypto_akcipher_maxsize() - Get len for output buffer
*
* Function returns the dest buffer size required for a given key
*
@@ -271,7 +271,7 @@ static inline int crypto_akcipher_maxsize(struct crypto_akcipher *tfm)
}
/**
- * crypto_akcipher_encrypt() -- Invoke public key encrypt operation
+ * crypto_akcipher_encrypt() - Invoke public key encrypt operation
*
* Function invokes the specific public key encrypt operation for a given
* public key algorithm
@@ -289,7 +289,7 @@ static inline int crypto_akcipher_encrypt(struct akcipher_request *req)
}
/**
- * crypto_akcipher_decrypt() -- Invoke public key decrypt operation
+ * crypto_akcipher_decrypt() - Invoke public key decrypt operation
*
* Function invokes the specific public key decrypt operation for a given
* public key algorithm
@@ -307,7 +307,7 @@ static inline int crypto_akcipher_decrypt(struct akcipher_request *req)
}
/**
- * crypto_akcipher_sign() -- Invoke public key sign operation
+ * crypto_akcipher_sign() - Invoke public key sign operation
*
* Function invokes the specific public key sign operation for a given
* public key algorithm
@@ -325,7 +325,7 @@ static inline int crypto_akcipher_sign(struct akcipher_request *req)
}
/**
- * crypto_akcipher_verify() -- Invoke public key verify operation
+ * crypto_akcipher_verify() - Invoke public key verify operation
*
* Function invokes the specific public key verify operation for a given
* public key algorithm
@@ -343,7 +343,7 @@ static inline int crypto_akcipher_verify(struct akcipher_request *req)
}
/**
- * crypto_akcipher_set_pub_key() -- Invoke set public key operation
+ * crypto_akcipher_set_pub_key() - Invoke set public key operation
*
* Function invokes the algorithm specific set key function, which knows
* how to decode and interpret the encoded key
@@ -364,7 +364,7 @@ static inline int crypto_akcipher_set_pub_key(struct crypto_akcipher *tfm,
}
/**
- * crypto_akcipher_set_priv_key() -- Invoke set private key operation
+ * crypto_akcipher_set_priv_key() - Invoke set private key operation
*
* Function invokes the algorithm specific set key function, which knows
* how to decode and interpret the encoded key
--
2.5.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/4] Documentation: crypto - add crypto_rng_generate
2016-02-16 10:31 [PATCH 0/4] Documentation: crypto API documentation updates Stephan Mueller
2016-02-16 10:32 ` [PATCH 1/4] Documentation: crypto - add akcipher API Stephan Mueller
@ 2016-02-16 10:32 ` Stephan Mueller
2016-02-16 10:33 ` [PATCH 3/4] Documentation: crypto - update AEAD AD handling Stephan Mueller
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Stephan Mueller @ 2016-02-16 10:32 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-doc
Add new crypto API call crypto_rng_generate to DocBook.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
Documentation/DocBook/crypto-API.tmpl | 1 +
1 file changed, 1 insertion(+)
diff --git a/Documentation/DocBook/crypto-API.tmpl b/Documentation/DocBook/crypto-API.tmpl
index 297e280..a2986b2 100644
--- a/Documentation/DocBook/crypto-API.tmpl
+++ b/Documentation/DocBook/crypto-API.tmpl
@@ -1815,6 +1815,7 @@ read(opfd, out, outlen);
!Finclude/crypto/rng.h crypto_alloc_rng
!Finclude/crypto/rng.h crypto_rng_alg
!Finclude/crypto/rng.h crypto_free_rng
+!Finclude/crypto/rng.h crypto_rng_generate
!Finclude/crypto/rng.h crypto_rng_get_bytes
!Finclude/crypto/rng.h crypto_rng_reset
!Finclude/crypto/rng.h crypto_rng_seedsize
--
2.5.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 3/4] Documentation: crypto - update AEAD AD handling
2016-02-16 10:31 [PATCH 0/4] Documentation: crypto API documentation updates Stephan Mueller
2016-02-16 10:32 ` [PATCH 1/4] Documentation: crypto - add akcipher API Stephan Mueller
2016-02-16 10:32 ` [PATCH 2/4] Documentation: crypto - add crypto_rng_generate Stephan Mueller
@ 2016-02-16 10:33 ` Stephan Mueller
2016-02-16 10:34 ` [PATCH 4/4] Documentation: crypto - add skcipher API documentation Stephan Mueller
2016-02-16 20:17 ` [PATCH 0/4] Documentation: crypto API documentation updates Herbert Xu
4 siblings, 0 replies; 6+ messages in thread
From: Stephan Mueller @ 2016-02-16 10:33 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-doc
The associated data handling with the kernel crypto API has been
updated. This needs to be reflected in the documentation.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
Documentation/DocBook/crypto-API.tmpl | 1 -
include/crypto/aead.h | 6 +++---
2 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/Documentation/DocBook/crypto-API.tmpl b/Documentation/DocBook/crypto-API.tmpl
index a2986b2..50efc5a 100644
--- a/Documentation/DocBook/crypto-API.tmpl
+++ b/Documentation/DocBook/crypto-API.tmpl
@@ -1736,7 +1736,6 @@ read(opfd, out, outlen);
!Finclude/crypto/aead.h aead_request_free
!Finclude/crypto/aead.h aead_request_set_callback
!Finclude/crypto/aead.h aead_request_set_crypt
-!Finclude/crypto/aead.h aead_request_set_assoc
!Finclude/crypto/aead.h aead_request_set_ad
</sect1>
<sect1><title>Synchronous Block Cipher API</title>
diff --git a/include/crypto/aead.h b/include/crypto/aead.h
index 84d13b1..957bb87 100644
--- a/include/crypto/aead.h
+++ b/include/crypto/aead.h
@@ -31,10 +31,10 @@
*
* For example: authenc(hmac(sha256), cbc(aes))
*
- * The example code provided for the asynchronous block cipher operation
- * applies here as well. Naturally all *ablkcipher* symbols must be exchanged
+ * The example code provided for the symmetric key cipher operation
+ * applies here as well. Naturally all *skcipher* symbols must be exchanged
* the *aead* pendants discussed in the following. In addition, for the AEAD
- * operation, the aead_request_set_assoc function must be used to set the
+ * operation, the aead_request_set_ad function must be used to set the
* pointer to the associated data memory location before performing the
* encryption or decryption operation. In case of an encryption, the associated
* data memory is filled during the encryption operation. For decryption, the
--
2.5.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 4/4] Documentation: crypto - add skcipher API documentation
2016-02-16 10:31 [PATCH 0/4] Documentation: crypto API documentation updates Stephan Mueller
` (2 preceding siblings ...)
2016-02-16 10:33 ` [PATCH 3/4] Documentation: crypto - update AEAD AD handling Stephan Mueller
@ 2016-02-16 10:34 ` Stephan Mueller
2016-02-16 20:17 ` [PATCH 0/4] Documentation: crypto API documentation updates Herbert Xu
4 siblings, 0 replies; 6+ messages in thread
From: Stephan Mueller @ 2016-02-16 10:34 UTC (permalink / raw)
To: herbert; +Cc: linux-crypto, linux-doc
The crypto API received the skcipher API which is intended to replace
the ablkcipher and blkcipher API. This patch adds the skcipher API
documentation to the DocBook, updates the code sample (including
removing the blkcipher example) replaces the references to ablkcipher
and blkcipher with skcipher.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
---
Documentation/DocBook/crypto-API.tmpl | 204 ++++++++++++----------------------
1 file changed, 74 insertions(+), 130 deletions(-)
diff --git a/Documentation/DocBook/crypto-API.tmpl b/Documentation/DocBook/crypto-API.tmpl
index 50efc5a..db82f19 100644
--- a/Documentation/DocBook/crypto-API.tmpl
+++ b/Documentation/DocBook/crypto-API.tmpl
@@ -348,10 +348,7 @@
<para>type:
<itemizedlist>
<listitem>
- <para>blkcipher for synchronous block ciphers</para>
- </listitem>
- <listitem>
- <para>ablkcipher for asynchronous block ciphers</para>
+ <para>skcipher for symmetric key ciphers</para>
</listitem>
<listitem>
<para>cipher for single block ciphers that may be used with
@@ -600,7 +597,7 @@ kernel crypto API | IPSEC Layer
v v
+-----------+ +-----------+
| | | |
-| ablkcipher| | ahash |
+| skcipher | | ahash |
| (ctr) | ---+ | (ghash) |
+-----------+ | +-----------+
|
@@ -661,7 +658,7 @@ kernel crypto API | IPSEC Layer
<listitem>
<para>
- The GCM AEAD cipher type implementation now invokes the ABLKCIPHER API
+ The GCM AEAD cipher type implementation now invokes the SKCIPHER API
with the instantiated CTR(AES) cipher handle.
</para>
@@ -672,7 +669,7 @@ kernel crypto API | IPSEC Layer
</para>
<para>
- That means that the ABLKCIPHER implementation of CTR(AES) only
+ That means that the SKCIPHER implementation of CTR(AES) only
implements the CTR block chaining mode. After performing the block
chaining operation, the CIPHER implementation of AES is invoked.
</para>
@@ -680,7 +677,7 @@ kernel crypto API | IPSEC Layer
<listitem>
<para>
- The ABLKCIPHER of CTR(AES) now invokes the CIPHER API with the AES
+ The SKCIPHER of CTR(AES) now invokes the CIPHER API with the AES
cipher handle to encrypt one block.
</para>
</listitem>
@@ -709,7 +706,7 @@ kernel crypto API | IPSEC Layer
<para>
For example, CBC(AES) is implemented with cbc.c, and aes-generic.c. The
ASCII art picture above applies as well with the difference that only
- step (4) is used and the ABLKCIPHER block chaining mode is CBC.
+ step (4) is used and the SKCIPHER block chaining mode is CBC.
</para>
</sect2>
@@ -907,15 +904,14 @@ kernel crypto API | Caller
</sect2>
</sect1>
- <sect1><title>Multi-Block Ciphers [BLKCIPHER] [ABLKCIPHER]</title>
+ <sect1><title>Multi-Block Ciphers</title>
<para>
Example of transformations: cbc(aes), ecb(arc4), ...
</para>
<para>
This section describes the multi-block cipher transformation
- implementations for both synchronous [BLKCIPHER] and
- asynchronous [ABLKCIPHER] case. The multi-block ciphers are
+ implementations. The multi-block ciphers are
used for transformations which operate on scatterlists of
data supplied to the transformation functions. They output
the result into a scatterlist of data as well.
@@ -924,16 +920,15 @@ kernel crypto API | Caller
<sect2><title>Registration Specifics</title>
<para>
- The registration of [BLKCIPHER] or [ABLKCIPHER] algorithms
+ The registration of multi-block cipher algorithms
is one of the most standard procedures throughout the crypto API.
</para>
<para>
Note, if a cipher implementation requires a proper alignment
of data, the caller should use the functions of
- crypto_blkcipher_alignmask() or crypto_ablkcipher_alignmask()
- respectively to identify a memory alignment mask. The kernel
- crypto API is able to process requests that are unaligned.
+ crypto_skcipher_alignmask() to identify a memory alignment mask.
+ The kernel crypto API is able to process requests that are unaligned.
This implies, however, additional overhead as the kernel
crypto API needs to perform the realignment of the data which
may imply moving of data.
@@ -948,14 +943,13 @@ kernel crypto API | Caller
<para>
Please refer to the single block cipher description for schematics
- of the block cipher usage. The usage patterns are exactly the same
- for [ABLKCIPHER] and [BLKCIPHER] as they are for plain [CIPHER].
+ of the block cipher usage.
</para>
</sect2>
<sect2><title>Specifics Of Asynchronous Multi-Block Cipher</title>
<para>
- There are a couple of specifics to the [ABLKCIPHER] interface.
+ There are a couple of specifics to the asynchronous interface.
</para>
<para>
@@ -1695,7 +1689,28 @@ read(opfd, out, outlen);
!Finclude/linux/crypto.h cipher_alg
!Finclude/crypto/rng.h rng_alg
</sect1>
- <sect1><title>Asynchronous Block Cipher API</title>
+ <sect1><title>Symmetric Key Cipher API</title>
+!Pinclude/crypto/skcipher.h Symmetric Key Cipher API
+!Finclude/crypto/skcipher.h crypto_alloc_skcipher
+!Finclude/crypto/skcipher.h crypto_free_skcipher
+!Finclude/crypto/skcipher.h crypto_has_skcipher
+!Finclude/crypto/skcipher.h crypto_skcipher_ivsize
+!Finclude/crypto/skcipher.h crypto_skcipher_blocksize
+!Finclude/crypto/skcipher.h crypto_skcipher_setkey
+!Finclude/crypto/skcipher.h crypto_skcipher_reqtfm
+!Finclude/crypto/skcipher.h crypto_skcipher_encrypt
+!Finclude/crypto/skcipher.h crypto_skcipher_decrypt
+ </sect1>
+ <sect1><title>Symmetric Key Cipher Request Handle</title>
+!Pinclude/crypto/skcipher.h Symmetric Key Cipher Request Handle
+!Finclude/crypto/skcipher.h crypto_skcipher_reqsize
+!Finclude/crypto/skcipher.h skcipher_request_set_tfm
+!Finclude/crypto/skcipher.h skcipher_request_alloc
+!Finclude/crypto/skcipher.h skcipher_request_free
+!Finclude/crypto/skcipher.h skcipher_request_set_callback
+!Finclude/crypto/skcipher.h skcipher_request_set_crypt
+ </sect1>
+ <sect1><title>Asynchronous Block Cipher API - Deprecated</title>
!Pinclude/linux/crypto.h Asynchronous Block Cipher API
!Finclude/linux/crypto.h crypto_alloc_ablkcipher
!Finclude/linux/crypto.h crypto_free_ablkcipher
@@ -1707,7 +1722,7 @@ read(opfd, out, outlen);
!Finclude/linux/crypto.h crypto_ablkcipher_encrypt
!Finclude/linux/crypto.h crypto_ablkcipher_decrypt
</sect1>
- <sect1><title>Asynchronous Cipher Request Handle</title>
+ <sect1><title>Asynchronous Cipher Request Handle - Deprecated</title>
!Pinclude/linux/crypto.h Asynchronous Cipher Request Handle
!Finclude/linux/crypto.h crypto_ablkcipher_reqsize
!Finclude/linux/crypto.h ablkcipher_request_set_tfm
@@ -1738,7 +1753,7 @@ read(opfd, out, outlen);
!Finclude/crypto/aead.h aead_request_set_crypt
!Finclude/crypto/aead.h aead_request_set_ad
</sect1>
- <sect1><title>Synchronous Block Cipher API</title>
+ <sect1><title>Synchronous Block Cipher API - Deprecated</title>
!Pinclude/linux/crypto.h Synchronous Block Cipher API
!Finclude/linux/crypto.h crypto_alloc_blkcipher
!Finclude/linux/crypto.h crypto_free_blkcipher
@@ -1843,7 +1858,7 @@ read(opfd, out, outlen);
</chapter>
<chapter id="Code"><title>Code Examples</title>
- <sect1><title>Code Example For Asynchronous Block Cipher Operation</title>
+ <sect1><title>Code Example For Symmetric Key Cipher Operation</title>
<programlisting>
struct tcrypt_result {
@@ -1852,15 +1867,15 @@ struct tcrypt_result {
};
/* tie all data structures together */
-struct ablkcipher_def {
+struct skcipher_def {
struct scatterlist sg;
- struct crypto_ablkcipher *tfm;
- struct ablkcipher_request *req;
+ struct crypto_skcipher *tfm;
+ struct skcipher_request *req;
struct tcrypt_result result;
};
/* Callback function */
-static void test_ablkcipher_cb(struct crypto_async_request *req, int error)
+static void test_skcipher_cb(struct crypto_async_request *req, int error)
{
struct tcrypt_result *result = req->data;
@@ -1872,15 +1887,15 @@ static void test_ablkcipher_cb(struct crypto_async_request *req, int error)
}
/* Perform cipher operation */
-static unsigned int test_ablkcipher_encdec(struct ablkcipher_def *ablk,
- int enc)
+static unsigned int test_skcipher_encdec(struct skcipher_def *sk,
+ int enc)
{
int rc = 0;
if (enc)
- rc = crypto_ablkcipher_encrypt(ablk->req);
+ rc = crypto_skcipher_encrypt(sk->req);
else
- rc = crypto_ablkcipher_decrypt(ablk->req);
+ rc = crypto_skcipher_decrypt(sk->req);
switch (rc) {
case 0:
@@ -1888,52 +1903,52 @@ static unsigned int test_ablkcipher_encdec(struct ablkcipher_def *ablk,
case -EINPROGRESS:
case -EBUSY:
rc = wait_for_completion_interruptible(
- &ablk->result.completion);
- if (!rc && !ablk->result.err) {
- reinit_completion(&ablk->result.completion);
+ &sk->result.completion);
+ if (!rc && !sk->result.err) {
+ reinit_completion(&sk->result.completion);
break;
}
default:
- pr_info("ablkcipher encrypt returned with %d result %d\n",
- rc, ablk->result.err);
+ pr_info("skcipher encrypt returned with %d result %d\n",
+ rc, sk->result.err);
break;
}
- init_completion(&ablk->result.completion);
+ init_completion(&sk->result.completion);
return rc;
}
/* Initialize and trigger cipher operation */
-static int test_ablkcipher(void)
+static int test_skcipher(void)
{
- struct ablkcipher_def ablk;
- struct crypto_ablkcipher *ablkcipher = NULL;
- struct ablkcipher_request *req = NULL;
+ struct skcipher_def sk;
+ struct crypto_skcipher *skcipher = NULL;
+ struct skcipher_request *req = NULL;
char *scratchpad = NULL;
char *ivdata = NULL;
unsigned char key[32];
int ret = -EFAULT;
- ablkcipher = crypto_alloc_ablkcipher("cbc-aes-aesni", 0, 0);
- if (IS_ERR(ablkcipher)) {
- pr_info("could not allocate ablkcipher handle\n");
- return PTR_ERR(ablkcipher);
+ skcipher = crypto_alloc_skcipher("cbc-aes-aesni", 0, 0);
+ if (IS_ERR(skcipher)) {
+ pr_info("could not allocate skcipher handle\n");
+ return PTR_ERR(skcipher);
}
- req = ablkcipher_request_alloc(ablkcipher, GFP_KERNEL);
+ req = skcipher_request_alloc(skcipher, GFP_KERNEL);
if (IS_ERR(req)) {
pr_info("could not allocate request queue\n");
ret = PTR_ERR(req);
goto out;
}
- ablkcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
- test_ablkcipher_cb,
- &ablk.result);
+ skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
+ test_skcipher_cb,
+ &sk.result);
/* AES 256 with random key */
get_random_bytes(&key, 32);
- if (crypto_ablkcipher_setkey(ablkcipher, key, 32)) {
+ if (crypto_skcipher_setkey(skcipher, key, 32)) {
pr_info("key could not be set\n");
ret = -EAGAIN;
goto out;
@@ -1955,26 +1970,26 @@ static int test_ablkcipher(void)
}
get_random_bytes(scratchpad, 16);
- ablk.tfm = ablkcipher;
- ablk.req = req;
+ sk.tfm = skcipher;
+ sk.req = req;
/* We encrypt one block */
- sg_init_one(&ablk.sg, scratchpad, 16);
- ablkcipher_request_set_crypt(req, &ablk.sg, &ablk.sg, 16, ivdata);
- init_completion(&ablk.result.completion);
+ sg_init_one(&sk.sg, scratchpad, 16);
+ skcipher_request_set_crypt(req, &sk.sg, &sk.sg, 16, ivdata);
+ init_completion(&sk.result.completion);
/* encrypt data */
- ret = test_ablkcipher_encdec(&ablk, 1);
+ ret = test_skcipher_encdec(&sk, 1);
if (ret)
goto out;
pr_info("Encryption triggered successfully\n");
out:
- if (ablkcipher)
- crypto_free_ablkcipher(ablkcipher);
+ if (skcipher)
+ crypto_free_skcipher(skcipher);
if (req)
- ablkcipher_request_free(req);
+ skcipher_request_free(req);
if (ivdata)
kfree(ivdata);
if (scratchpad)
@@ -1984,77 +1999,6 @@ out:
</programlisting>
</sect1>
- <sect1><title>Code Example For Synchronous Block Cipher Operation</title>
- <programlisting>
-
-static int test_blkcipher(void)
-{
- struct crypto_blkcipher *blkcipher = NULL;
- char *cipher = "cbc(aes)";
- // AES 128
- charkey =
-"\x12\x34\x56\x78\x90\xab\xcd\xef\x12\x34\x56\x78\x90\xab\xcd\xef";
- chariv =
-"\x12\x34\x56\x78\x90\xab\xcd\xef\x12\x34\x56\x78\x90\xab\xcd\xef";
- unsigned int ivsize = 0;
- char *scratchpad = NULL; // holds plaintext and ciphertext
- struct scatterlist sg;
- struct blkcipher_desc desc;
- int ret = -EFAULT;
-
- blkcipher = crypto_alloc_blkcipher(cipher, 0, 0);
- if (IS_ERR(blkcipher)) {
- printk("could not allocate blkcipher handle for %s\n", cipher);
- return -PTR_ERR(blkcipher);
- }
-
- if (crypto_blkcipher_setkey(blkcipher, key, strlen(key))) {
- printk("key could not be set\n");
- ret = -EAGAIN;
- goto out;
- }
-
- ivsize = crypto_blkcipher_ivsize(blkcipher);
- if (ivsize) {
- if (ivsize != strlen(iv))
- printk("IV length differs from expected length\n");
- crypto_blkcipher_set_iv(blkcipher, iv, ivsize);
- }
-
- scratchpad = kmalloc(crypto_blkcipher_blocksize(blkcipher), GFP_KERNEL);
- if (!scratchpad) {
- printk("could not allocate scratchpad for %s\n", cipher);
- goto out;
- }
- /* get some random data that we want to encrypt */
- get_random_bytes(scratchpad, crypto_blkcipher_blocksize(blkcipher));
-
- desc.flags = 0;
- desc.tfm = blkcipher;
- sg_init_one(&sg, scratchpad, crypto_blkcipher_blocksize(blkcipher));
-
- /* encrypt data in place */
- crypto_blkcipher_encrypt(&desc, &sg, &sg,
- crypto_blkcipher_blocksize(blkcipher));
-
- /* decrypt data in place
- * crypto_blkcipher_decrypt(&desc, &sg, &sg,
- */ crypto_blkcipher_blocksize(blkcipher));
-
-
- printk("Cipher operation completed\n");
- return 0;
-
-out:
- if (blkcipher)
- crypto_free_blkcipher(blkcipher);
- if (scratchpad)
- kzfree(scratchpad);
- return ret;
-}
- </programlisting>
- </sect1>
-
<sect1><title>Code Example For Use of Operational State Memory With SHASH</title>
<programlisting>
--
2.5.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 0/4] Documentation: crypto API documentation updates
2016-02-16 10:31 [PATCH 0/4] Documentation: crypto API documentation updates Stephan Mueller
` (3 preceding siblings ...)
2016-02-16 10:34 ` [PATCH 4/4] Documentation: crypto - add skcipher API documentation Stephan Mueller
@ 2016-02-16 20:17 ` Herbert Xu
4 siblings, 0 replies; 6+ messages in thread
From: Herbert Xu @ 2016-02-16 20:17 UTC (permalink / raw)
To: Stephan Mueller; +Cc: linux-crypto, linux-doc
On Tue, Feb 16, 2016 at 11:31:26AM +0100, Stephan Mueller wrote:
> Hi,
>
> This patch set updates the kernel crypto API documentation. Due to recent
> updates to the API, the documentation needs to be synchronized with the
> reality.
>
> The output of the DocBook with these patches is found in [1].
All applied. Thanks!
> Herbert: The documentation in include/crypto/skcipher.h references
> CRYPTO_ALG_TYPE_SKCIPHER which does (not yet?) exist. Shall that reference
> stay in the documentation?
It will come into existence when I create the algorithm interface
for skcipher.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2016-02-16 20:17 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-02-16 10:31 [PATCH 0/4] Documentation: crypto API documentation updates Stephan Mueller
2016-02-16 10:32 ` [PATCH 1/4] Documentation: crypto - add akcipher API Stephan Mueller
2016-02-16 10:32 ` [PATCH 2/4] Documentation: crypto - add crypto_rng_generate Stephan Mueller
2016-02-16 10:33 ` [PATCH 3/4] Documentation: crypto - update AEAD AD handling Stephan Mueller
2016-02-16 10:34 ` [PATCH 4/4] Documentation: crypto - add skcipher API documentation Stephan Mueller
2016-02-16 20:17 ` [PATCH 0/4] Documentation: crypto API documentation updates Herbert Xu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.