~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,14 +1,9 @@
	1	+/* SPDX-License-Identifier: GPL-2.0-or-later */
1	2	/*
2	3	* Public Key Encryption
3	4	*
4	5	* Copyright (c) 2015, Intel Corporation
5	6	* Authors: Tadeusz Struk <tadeusz.struk@intel.com>
6		- *
7		- * This program is free software; you can redistribute it and/or modify it
8		- * under the terms of the GNU General Public License as published by the Free
9		- * Software Foundation; either version 2 of the License, or (at your option)
10		- * any later version.
11		- *
12	7	*/
13	8	#ifndef _CRYPTO_AKCIPHER_H
14	9	#define _CRYPTO_AKCIPHER_H
..	..	@@ -19,14 +14,20 @@
19	14	*
20	15	* @base: Common attributes for async crypto requests
21	16	* @src: Source data
22		- * @dst: Destination data
	17	+ * For verify op this is signature + digest, in that case
	18	+ * total size of @src is @src_len + @dst_len.
	19	+ * @dst: Destination data (Should be NULL for verify op)
23	20	* @src_len: Size of the input buffer
24		- * @dst_len: Size of the output buffer. It needs to be at least
25		- * as big as the expected result depending on the operation
	21	+ * For verify op it's size of signature part of @src, this part
	22	+ * is supposed to be operated by cipher.
	23	+ * @dst_len: Size of @dst buffer (for all ops except verify).
	24	+ * It needs to be at least as big as the expected result
	25	+ * depending on the operation.
26	26	* After operation it will be updated with the actual size of the
27	27	* result.
28	28	* In case of error where the dst sgl size was insufficient,
29	29	* it will be updated to the size required for the operation.
	30	+ * For verify op this is size of digest part in @src.
30	31	* @__ctx: Start of private context data
31	32	*/
32	33	struct akcipher_request {
..	..	@@ -55,10 +56,9 @@
55	56	* algorithm. In case of error, where the dst_len was insufficient,
56	57	* the req->dst_len will be updated to the size required for the
57	58	* operation
58		- * @verify: Function performs a sign operation as defined by public key
59		- * algorithm. In case of error, where the dst_len was insufficient,
60		- * the req->dst_len will be updated to the size required for the
61		- * operation
	59	+ * @verify: Function performs a complete verify operation as defined by
	60	+ * public key algorithm, returning verification status. Requires
	61	+ * digest value as input parameter.
62	62	* @encrypt: Function performs an encrypt operation as defined by public key
63	63	* algorithm. In case of error, where the dst_len was insufficient,
64	64	* the req->dst_len will be updated to the size required for the
..	..	@@ -69,10 +69,10 @@
69	69	* operation
70	70	* @set_pub_key: Function invokes the algorithm specific set public key
71	71	* function, which knows how to decode and interpret
72		- * the BER encoded public key
	72	+ * the BER encoded public key and parameters
73	73	* @set_priv_key: Function invokes the algorithm specific set private key
74	74	* function, which knows how to decode and interpret
75		- * the BER encoded private key
	75	+ * the BER encoded private key and parameters
76	76	* @max_size: Function returns dest buffer size required for a given key.
77	77	* @init: Initialize the cryptographic transformation object.
78	78	* This function is used to initialize the cryptographic
..	..	@@ -209,7 +209,7 @@
209	209	*/
210	210	static inline void akcipher_request_free(struct akcipher_request *req)
211	211	{
212		- kzfree(req);
	212	+ kfree_sensitive(req);
213	213	}
214	214
215	215	/**
..	..	@@ -240,9 +240,10 @@
240	240	*
241	241	* @req: public key request
242	242	* @src: ptr to input scatter list
243		- * @dst: ptr to output scatter list
	243	+ * @dst: ptr to output scatter list or NULL for verify op
244	244	* @src_len: size of the src input scatter list to be processed
245		- * @dst_len: size of the dst output scatter list
	245	+ * @dst_len: size of the dst output scatter list or size of signature
	246	+ * portion in @src for verify op
246	247	*/
247	248	static inline void akcipher_request_set_crypt(struct akcipher_request *req,
248	249	struct scatterlist *src,
..	..	@@ -287,8 +288,14 @@
287	288	{
288	289	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
289	290	struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
	291	+ struct crypto_alg *calg = tfm->base.__crt_alg;
	292	+ unsigned int src_len = req->src_len;
	293	+ int ret;
290	294
291		- return alg->encrypt(req);
	295	+ crypto_stats_get(calg);
	296	+ ret = alg->encrypt(req);
	297	+ crypto_stats_akcipher_encrypt(src_len, ret, calg);
	298	+ return ret;
292	299	}
293	300
294	301	/**
..	..	@@ -305,8 +312,14 @@
305	312	{
306	313	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
307	314	struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
	315	+ struct crypto_alg *calg = tfm->base.__crt_alg;
	316	+ unsigned int src_len = req->src_len;
	317	+ int ret;
308	318
309		- return alg->decrypt(req);
	319	+ crypto_stats_get(calg);
	320	+ ret = alg->decrypt(req);
	321	+ crypto_stats_akcipher_decrypt(src_len, ret, calg);
	322	+ return ret;
310	323	}
311	324
312	325	/**
..	..	@@ -323,37 +336,52 @@
323	336	{
324	337	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
325	338	struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
	339	+ struct crypto_alg *calg = tfm->base.__crt_alg;
	340	+ int ret;
326	341
327		- return alg->sign(req);
	342	+ crypto_stats_get(calg);
	343	+ ret = alg->sign(req);
	344	+ crypto_stats_akcipher_sign(ret, calg);
	345	+ return ret;
328	346	}
329	347
330	348	/**
331		- * crypto_akcipher_verify() - Invoke public key verify operation
	349	+ * crypto_akcipher_verify() - Invoke public key signature verification
332	350	*
333		- * Function invokes the specific public key verify operation for a given
334		- * public key algorithm
	351	+ * Function invokes the specific public key signature verification operation
	352	+ * for a given public key algorithm.
335	353	*
336	354	* @req: asymmetric key request
337	355	*
338		- * Return: zero on success; error code in case of error
	356	+ * Note: req->dst should be NULL, req->src should point to SG of size
	357	+ * (req->src_size + req->dst_size), containing signature (of req->src_size
	358	+ * length) with appended digest (of req->dst_size length).
	359	+ *
	360	+ * Return: zero on verification success; error code in case of error.
339	361	*/
340	362	static inline int crypto_akcipher_verify(struct akcipher_request *req)
341	363	{
342	364	struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req);
343	365	struct akcipher_alg *alg = crypto_akcipher_alg(tfm);
	366	+ struct crypto_alg *calg = tfm->base.__crt_alg;
	367	+ int ret;
344	368
345		- return alg->verify(req);
	369	+ crypto_stats_get(calg);
	370	+ ret = alg->verify(req);
	371	+ crypto_stats_akcipher_verify(ret, calg);
	372	+ return ret;
346	373	}
347	374
348	375	/**
349	376	* crypto_akcipher_set_pub_key() - Invoke set public key operation
350	377	*
351	378	* Function invokes the algorithm specific set key function, which knows
352		- * how to decode and interpret the encoded key
	379	+ * how to decode and interpret the encoded key and parameters
353	380	*
354	381	* @tfm: tfm handle
355		- * @key: BER encoded public key
356		- * @keylen: length of the key
	382	+ * @key: BER encoded public key, algo OID, paramlen, BER encoded
	383	+ * parameters
	384	+ * @keylen: length of the key (not including other data)
357	385	*
358	386	* Return: zero on success; error code in case of error
359	387	*/
..	..	@@ -370,11 +398,12 @@
370	398	* crypto_akcipher_set_priv_key() - Invoke set private key operation
371	399	*
372	400	* Function invokes the algorithm specific set key function, which knows
373		- * how to decode and interpret the encoded key
	401	+ * how to decode and interpret the encoded key and parameters
374	402	*
375	403	* @tfm: tfm handle
376		- * @key: BER encoded private key
377		- * @keylen: length of the key
	404	+ * @key: BER encoded private key, algo OID, paramlen, BER encoded
	405	+ * parameters
	406	+ * @keylen: length of the key (not including other data)
378	407	*
379	408	* Return: zero on success; error code in case of error
380	409	*/