Crypto Engine

Overview

The crypto engine (CE) API is a crypto queue manager.

Requirement

You must put, at the start of your transform context your_tfm_ctx, the structurecrypto_engine:

struct your_tfm_ctx {        struct crypto_engine engine;        ...};

The crypto engine only manages asynchronous requests in the form ofcrypto_async_request. It cannot know the underlying request type and thus onlyhas access to the transform structure. It is not possible to access the contextusing container_of. In addition, the engine knows nothing about yourstructure “structyour_tfm_ctx”. The engine assumes (requires) the placementof the known memberstructcrypto_engine at the beginning.

Order of operations

You are required to obtain astructcrypto_engine viacrypto_engine_alloc_init().Start it viacrypto_engine_start(). When finished with your work, shut down theengine usingcrypto_engine_stop() and destroy the engine withcrypto_engine_exit().

Before transferring any request, you have to fill the context enginectx byproviding functions for the following:

  • prepare_cipher_request/prepare_hash_request: Called before eachcorresponding request is performed. If some processing or other preparatorywork is required, do it here.

  • unprepare_cipher_request/unprepare_hash_request: Called after eachrequest is handled. Clean up / undo what was done in the prepare function.

  • cipher_one_request/hash_one_request: Handle the current request byperforming the operation.

Note that these functions access the crypto_async_request structureassociated with the received request. You are able to retrieve the originalrequest by using:

container_of(areq, struct yourrequesttype_request, base);

When your driver receives a crypto_request, you must to transfer it tothe crypto engine via one of:

  • crypto_transfer_aead_request_to_engine()

  • crypto_transfer_akcipher_request_to_engine()

  • crypto_transfer_hash_request_to_engine()

  • crypto_transfer_kpp_request_to_engine()

  • crypto_transfer_skcipher_request_to_engine()

At the end of the request process, a call to one of the following functions is needed:

  • crypto_finalize_aead_request()

  • crypto_finalize_akcipher_request()

  • crypto_finalize_hash_request()

  • crypto_finalize_kpp_request()

  • crypto_finalize_skcipher_request()