// SPDX-License-Identifier: GPL-2.0 /* * ESSIV skcipher and aead template for block encryption * * This template encapsulates the ESSIV IV generation algorithm used by * dm-crypt and fscrypt, which converts the initial vector for the skcipher * used for block encryption, by encrypting it using the hash of the * skcipher key as encryption key. Usually, the input IV is a 64-bit sector * number in LE representation zero-padded to the size of the IV, but this * is not assumed by this driver. * * The typical use of this template is to instantiate the skcipher * 'essiv(cbc(aes),sha256)', which is the only instantiation used by * fscrypt, and the most relevant one for dm-crypt. However, dm-crypt * also permits ESSIV to be used in combination with the authenc template, * e.g., 'essiv(authenc(hmac(sha256),cbc(aes)),sha256)', in which case * we need to instantiate an aead that accepts the same special key format * as the authenc template, and deals with the way the encrypted IV is * embedded into the AAD area of the aead request. This means the AEAD * flavor produced by this template is tightly coupled to the way dm-crypt * happens to use it. * * Copyright (c) 2019 Linaro, Ltd. <[email protected]> * * Heavily based on: * adiantum length-preserving encryption mode * * Copyright 2018 Google LLC */ #include <crypto/authenc.h> #include <crypto/internal/aead.h> #include <crypto/internal/cipher.h> #include <crypto/internal/hash.h> #include <crypto/internal/skcipher.h> #include <crypto/scatterwalk.h> #include <linux/module.h> #include "internal.h" struct essiv_instance_ctx { … }; struct essiv_tfm_ctx { … }; struct essiv_aead_request_ctx { … }; static int essiv_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key, unsigned int keylen) { … } static int essiv_aead_setkey(struct crypto_aead *tfm, const u8 *key, unsigned int keylen) { … } static int essiv_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize) { … } static void essiv_skcipher_done(void *data, int err) { … } static int essiv_skcipher_crypt(struct skcipher_request *req, bool enc) { … } static int essiv_skcipher_encrypt(struct skcipher_request *req) { … } static int essiv_skcipher_decrypt(struct skcipher_request *req) { … } static void essiv_aead_done(void *data, int err) { … } static int essiv_aead_crypt(struct aead_request *req, bool enc) { … } static int essiv_aead_encrypt(struct aead_request *req) { … } static int essiv_aead_decrypt(struct aead_request *req) { … } static int essiv_init_tfm(struct essiv_instance_ctx *ictx, struct essiv_tfm_ctx *tctx) { … } static int essiv_skcipher_init_tfm(struct crypto_skcipher *tfm) { … } static int essiv_aead_init_tfm(struct crypto_aead *tfm) { … } static void essiv_skcipher_exit_tfm(struct crypto_skcipher *tfm) { … } static void essiv_aead_exit_tfm(struct crypto_aead *tfm) { … } static void essiv_skcipher_free_instance(struct skcipher_instance *inst) { … } static void essiv_aead_free_instance(struct aead_instance *inst) { … } static bool parse_cipher_name(char *essiv_cipher_name, const char *cra_name) { … } static bool essiv_supported_algorithms(const char *essiv_cipher_name, struct shash_alg *hash_alg, int ivsize) { … } static int essiv_create(struct crypto_template *tmpl, struct rtattr **tb) { … } /* essiv(cipher_name, shash_name) */ static struct crypto_template essiv_tmpl = …; static int __init essiv_module_init(void) { … } static void __exit essiv_module_exit(void) { … } subsys_initcall(essiv_module_init); module_exit(essiv_module_exit); MODULE_DESCRIPTION(…) …; MODULE_LICENSE(…) …; MODULE_ALIAS_CRYPTO(…) …; MODULE_IMPORT_NS(…);
Codebase Browser
linux