diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2007-08-30 16:24:15 +0800 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2007-10-10 16:55:43 -0700 |
commit | 3c09f17c3d11f3e98928f55b600e6de22f58017a (patch) | |
tree | 1c707e78054804fba65719a6dc87bc555fe9566b /crypto/algapi.c | |
parent | b16c3a2e2c0307f5370b2b5e18bcbe1437b5f3d8 (diff) | |
download | linux-3c09f17c3d11f3e98928f55b600e6de22f58017a.tar.gz linux-3c09f17c3d11f3e98928f55b600e6de22f58017a.tar.bz2 linux-3c09f17c3d11f3e98928f55b600e6de22f58017a.zip |
[CRYPTO] aead: Add authenc
This patch adds the authenc algorithm which constructs an AEAD algorithm
from an asynchronous block cipher and a hash. The construction is done
by concatenating the encrypted result from the cipher with the output
from the hash, as is used by the IPsec ESP protocol.
The authenc algorithm exists as a template with four parameters:
authenc(auth, authsize, enc, enckeylen).
The authentication algorithm, the authentication size (i.e., truncating
the output of the authentication algorithm), the encryption algorithm,
and the encryption key length. Both the size field and the key length
field are in bytes. For example, AES-128 with SHA1-HMAC would be
represented by
authenc(hmac(sha1), 12, cbc(aes), 16)
The key for the authenc algorithm is the concatenation of the keys for
the authentication algorithm with the encryption algorithm. For the
above example, if a key of length 36 bytes is given, then hmac(sha1)
would receive the first 20 bytes while the last 16 would be given to
cbc(aes).
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/algapi.c')
-rw-r--r-- | crypto/algapi.c | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/crypto/algapi.c b/crypto/algapi.c index d9559609b525..d891f56f0e8c 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -470,9 +470,8 @@ int crypto_check_attr_type(struct rtattr **tb, u32 type) } EXPORT_SYMBOL_GPL(crypto_check_attr_type); -struct crypto_alg *crypto_get_attr_alg(struct rtattr **tb, u32 type, u32 mask) +struct crypto_alg *crypto_attr_alg(struct rtattr *rta, u32 type, u32 mask) { - struct rtattr *rta = tb[1]; struct crypto_attr_alg *alga; if (!rta) @@ -487,7 +486,25 @@ struct crypto_alg *crypto_get_attr_alg(struct rtattr **tb, u32 type, u32 mask) return crypto_alg_mod_lookup(alga->name, type, mask); } -EXPORT_SYMBOL_GPL(crypto_get_attr_alg); +EXPORT_SYMBOL_GPL(crypto_attr_alg); + +int crypto_attr_u32(struct rtattr *rta, u32 *num) +{ + struct crypto_attr_u32 *nu32; + + if (!rta) + return -ENOENT; + if (RTA_PAYLOAD(rta) < sizeof(*nu32)) + return -EINVAL; + if (rta->rta_type != CRYPTOA_U32) + return -EINVAL; + + nu32 = RTA_DATA(rta); + *num = nu32->num; + + return 0; +} +EXPORT_SYMBOL_GPL(crypto_attr_u32); struct crypto_instance *crypto_alloc_instance(const char *name, struct crypto_alg *alg) |