Re: [PATCH 1/3] crypto: skcipher - Add final chunk size field for chaining

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Freitag, 12. Juni 2020, 14:07:36 CEST schrieb Herbert Xu:

Hi Herbert,

> Crypto skcipher algorithms in general allow chaining to break
> large operations into smaller ones based on multiples of the chunk
> size.  However, some algorithms don't support chaining while others
> (such as cts) only support chaining for the leading blocks.
> 
> This patch adds the necessary API support for these algorithms.  In
> particular, a new request flag CRYPTO_TFM_REQ_MORE is added to allow
> chaining for algorithms such as cts that cannot otherwise be chained.
> 
> A new algorithm attribute fcsize has also been added to indicate
> how many blocks at the end of a request that cannot be chained and
> therefore must be withheld if chaining is attempted.
> 
> This attribute can also be used to indicate that no chaining is
> allowed.  Its value should be set to -1 in that case.

Thanks for the patch set.
> 
> Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> ---
> 
>  include/crypto/skcipher.h |   24 ++++++++++++++++++++++++
>  include/linux/crypto.h    |    1 +
>  2 files changed, 25 insertions(+)
> 
> diff --git a/include/crypto/skcipher.h b/include/crypto/skcipher.h
> index 141e7690f9c31..8b864222e6ce4 100644
> --- a/include/crypto/skcipher.h
> +++ b/include/crypto/skcipher.h
> @@ -97,6 +97,8 @@ struct crypto_sync_skcipher {
>   * @walksize: Equal to the chunk size except in cases where the algorithm
> is * 	      considerably more efficient if it can operate on multiple
> chunks * 	      in parallel. Should be a multiple of chunksize.
> + * @fcsize: Number of bytes that must be processed together at the end.
> + *	     If set to -1 then chaining is not possible.
>   * @base: Definition of a generic crypto algorithm.
>   *
>   * All fields except @ivsize are mandatory and must be filled.
> @@ -114,6 +116,7 @@ struct skcipher_alg {
>  	unsigned int ivsize;
>  	unsigned int chunksize;
>  	unsigned int walksize;
> +	int fcsize;
> 
>  	struct crypto_alg base;
>  };
> @@ -279,6 +282,11 @@ static inline unsigned int
> crypto_skcipher_alg_chunksize( return alg->chunksize;
>  }
> 
> +static inline int crypto_skcipher_alg_fcsize(struct skcipher_alg *alg)
> +{
> +	return alg->fcsize;
> +}
> +
>  /**
>   * crypto_skcipher_chunksize() - obtain chunk size
>   * @tfm: cipher handle
> @@ -296,6 +304,22 @@ static inline unsigned int crypto_skcipher_chunksize(
>  	return crypto_skcipher_alg_chunksize(crypto_skcipher_alg(tfm));
>  }
> 
> +/**
> + * crypto_skcipher_fcsize() - obtain number of final bytes
> + * @tfm: cipher handle
> + *
> + * For algorithms such as CTS the final chunks cannot be chained.
> + * This returns the number of final bytes that must be withheld
> + * when chaining.
> + *
> + * Return: number of final bytes
> + */
> +static inline unsigned int crypto_skcipher_fcsize(
> +	struct crypto_skcipher *tfm)
> +{
> +	return crypto_skcipher_alg_fcsize(crypto_skcipher_alg(tfm));

Don't we have an implicit signedness conversion here? int -> unsigned int?
> +}
> +
>  static inline unsigned int crypto_sync_skcipher_blocksize(
>  	struct crypto_sync_skcipher *tfm)
>  {
> diff --git a/include/linux/crypto.h b/include/linux/crypto.h
> index 763863dbc079a..d80dccf472595 100644
> --- a/include/linux/crypto.h
> +++ b/include/linux/crypto.h
> @@ -110,6 +110,7 @@
>  #define CRYPTO_TFM_REQ_FORBID_WEAK_KEYS	0x00000100
>  #define CRYPTO_TFM_REQ_MAY_SLEEP	0x00000200
>  #define CRYPTO_TFM_REQ_MAY_BACKLOG	0x00000400
> +#define CRYPTO_TFM_REQ_MORE		0x00000800
> 
>  /*
>   * Miscellaneous stuff.


Ciao
Stephan





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux