Definition:

struct kpp_request {    struct crypto_async_request base;    struct scatterlist *src;    struct scatterlist *dst;    unsigned int src_len;    unsigned int dst_len;    void *__ctx[] ;};

Members

base

Common attributes for async crypto requests

src

Source data

dst

Destination data

src_len

Size of the input buffer

dst_len

Size of the output buffer. It needs to be at leastas big as the expected result depending on the operationAfter operation it will be updated with the actual size of theresult. In case of error where the dst sgl size was insufficient,it will be updated to the size required for the operation.

__ctx

Start of private context data

Definition:

struct crypto_kpp {    unsigned int reqsize;    struct crypto_tfm base;};

Members

reqsize

Request context size required by algorithmimplementation

base

Common crypto API algorithm data structure

Definition:

struct kpp_alg {    int (*set_secret)(struct crypto_kpp *tfm, const void *buffer, unsigned int len);    int (*generate_public_key)(struct kpp_request *req);    int (*compute_shared_secret)(struct kpp_request *req);    unsigned int (*max_size)(struct crypto_kpp *tfm);    int (*init)(struct crypto_kpp *tfm);    void (*exit)(struct crypto_kpp *tfm);    struct crypto_alg base;};

Members

set_secret

Function invokes the protocol specific function tostore the secret private key along with parameters.The implementation knows how to decode the buffer

generate_public_key

Function generate the public key to be sent to thecounterpart. In case of error, where output is not bigenough req->dst_len will be updated to the sizerequired

compute_shared_secret

Function compute the shared secret as defined bythe algorithm. The result is given back to the user.In case of error, where output is not big enough,req->dst_len will be updated to the size required

max_size

Function returns the size of the output buffer

init

Initialize the object. This is called only once atinstantiation time. In case the cryptographic hardwareneeds to be initialized. Software fallback should beput in place here.

exit

Undo everythinginit did.

base

Common crypto API algorithm data structure

Definition:

struct kpp_secret {    unsigned short type;    unsigned short len;};

Members

type

define type of secret. Each kpp type will define its own

len

specify the len of the secret, include the header, thatfollows the struct

Parameters

constchar*alg_name

is the name of the kpp algorithm (e.g. “dh”, “ecdh”)

u32type

specifies the type of the algorithm

u32mask

specifies the mask for the algorithm

Description

Allocate a handle for kpp algorithm. The returnedstructcrypto_kppis required for any following API invocation

Return

allocated handle in case of success;IS_ERR() is true in case ofan error,PTR_ERR() returns the error code.

Parameters

structcrypto_kpp*tfm

KPP tfm handle allocated withcrypto_alloc_kpp()

Description

Iftfm is a NULL or error pointer, this function does nothing.

Parameters

structcrypto_kpp*tfm

tfm handle

constvoid*buffer

Buffer holding the packet representation of the privatekey. The structure of the packet key depends on the particularKPP implementation. Packing and unpacking helpers are providedfor ECDH and DH (see the respective header files for thoseimplementations).

unsignedintlen

Length of the packet private key buffer.

Description

Function invokes the specific kpp operation for a given alg.

Return

zero on success; error code in case of error

Parameters

structkpp_request*req

kpp key request

Description

Function invokes the specific kpp operation for generating the public partfor a given kpp algorithm.

To generate a private key, the caller should use a random number generator.The output of the requested length serves as the private key.

Return

zero on success; error code in case of error

Parameters

structkpp_request*req

kpp key request

Description

Function invokes the specific kpp operation for computing the shared secretfor a given kpp algorithm.

Return

zero on success; error code in case of error

Parameters

structcrypto_kpp*tfm

KPP tfm handle allocated withcrypto_alloc_kpp()

Description

Function returns the output buffer size required for a given key.Function assumes that the key is already set in the transformation. If thisfunction is called without a setkey or with a failed setkey, you will end upin a NULL dereference.

Parameters

structcrypto_kpp*tfm

KPP tfm handle allocated withcrypto_alloc_kpp()

gfp_tgfp

allocation flags

Return

allocated handle in case of success or NULL in case of an error.

Parameters

structkpp_request*req

request to free

Parameters

structkpp_request*req

request that the callback will be set for

u32flgs

specify for instance if the operation may backlog

crypto_completion_tcmpl

callback which will be called

void*data

private data used by the caller

Description

Callback will be called when an asynchronous operation on a givenrequest is finished.

Parameters

structkpp_request*req

kpp request

structscatterlist*input

ptr to input scatter list

unsignedintinput_len

size of the input scatter list

Description

Sets parameters required by generate_public_key

Parameters

structkpp_request*req

kpp request

structscatterlist*output

ptr to output scatter list

unsignedintoutput_len

size of the output scatter list

Description

Sets parameters required by kpp operation

Definition:

struct ecdh {    char *key;    unsigned short key_size;};

Members

key

Private ECDH key

key_size

Size of the private ECDH key

Parameters

conststructecdh*params

private ECDH key

Description

This function returns the packet ECDH key size. A caller can use thatwith the provided ECDH private key reference to obtain the requiredmemory size to hold a packet key.

Return

size of the key in bytes

Parameters

char*buf

Buffer allocated by the caller to hold the packet ECDHprivate key. The buffer should be at least crypto_ecdh_key_lenbytes in size.

unsignedintlen

Length of the packet private key buffer

conststructecdh*p

Buffer with the caller-specified private key

Description

The ECDH implementations operate on a packet representation of the privatekey.

Return

-EINVAL if buffer has insufficient size, 0 on success

Parameters

constchar*buf

Buffer holding a packet key that should be decoded

unsignedintlen

Length of the packet private key buffer

structecdh*p

Buffer allocated by the caller that is filled with theunpacked ECDH private key.

Description

The unpacking obtains the private key by pointingp to the correct locationinbuf. Thus, both pointers refer to the same memory.

Return

-EINVAL if buffer has insufficient size, 0 on success

Definition:

struct dh {    const void *key;    const void *p;    const void *g;    unsigned int key_size;    unsigned int p_size;    unsigned int g_size;};

Members

key

Private DH key

p

Diffie-Hellman parameter P

g

Diffie-Hellman generator G

key_size

Size of the private DH key

p_size

Size of DH parameter P

g_size

Size of DH generator G

Parameters

conststructdh*params

private DH key

Description

This function returns the packet DH key size. A caller can use thatwith the provided DH private key reference to obtain the requiredmemory size to hold a packet key.

Return

size of the key in bytes

Parameters

char*buf

Buffer allocated by the caller to hold the packet DHprivate key. The buffer should be at least crypto_dh_key_lenbytes in size.

unsignedintlen

Length of the packet private key buffer

conststructdh*params

Buffer with the caller-specified private key

Description

The DH implementations operate on a packet representation of the privatekey.

Return

-EINVAL if buffer has insufficient size, 0 on success

Parameters

constchar*buf

Buffer holding a packet key that should be decoded

unsignedintlen

Length of the packet private key buffer

structdh*params

Buffer allocated by the caller that is filled with theunpacked DH private key.

Description

The unpacking obtains the private key by pointingp to the correct locationinbuf. Thus, both pointers refer to the same memory.

Return

-EINVAL if buffer has insufficient size, 0 on success