From patchwork Sun Nov 16 02:23:50 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stephan Mueller X-Patchwork-Id: 5312861 X-Patchwork-Delegate: herbert@gondor.apana.org.au Return-Path: X-Original-To: patchwork-linux-crypto@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id E523EC11AC for ; Sun, 16 Nov 2014 02:49:45 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 00A36201ED for ; Sun, 16 Nov 2014 02:49:45 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 2633E201DD for ; Sun, 16 Nov 2014 02:49:44 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932563AbaKPCtI (ORCPT ); Sat, 15 Nov 2014 21:49:08 -0500 Received: from mail.eperm.de ([89.247.134.16]:54611 "EHLO mail.eperm.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932488AbaKPCtG (ORCPT ); Sat, 15 Nov 2014 21:49:06 -0500 X-AuthUser: sm@eperm.de Received: from tachyon.chronox.de by mail.eperm.de with [XMail 1.27 ESMTP Server] id for from ; Sun, 16 Nov 2014 03:49:03 +0100 From: Stephan Mueller To: Herbert Xu Cc: Daniel Borkmann , quentin.gouchet@gmail.com, LKML , linux-crypto@vger.kernel.org, ABI/API Subject: [PATCH v2 01/10] crypto: AF_ALG: add user space interface for AEAD Date: Sun, 16 Nov 2014 03:23:50 +0100 Message-ID: <11608519.pS4L9VjM2n@tachyon.chronox.de> User-Agent: KMail/4.14.2 (Linux/3.17.2-300.fc21.x86_64; KDE/4.14.2; x86_64; ; ) In-Reply-To: <5365136.g8vbXlhRyC@tachyon.chronox.de> References: <5365136.g8vbXlhRyC@tachyon.chronox.de> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP AEAD requires the following data in addition to normal symmetric ciphers: * Associated authentication data of arbitrary length * Authentication tag for decryption * Length of authentication tag for encryption The authentication tag data is communicated as part of the actual ciphertext as mandated by the kernel crypto API. Therefore we only need to provide a user space interface for the associated authentication data as well as for the authentication tag length. This patch adds both as a setsockopt interface that is identical to the AF_ALG interface for setting an IV and for selecting the cipher operation type (encrypt or decrypt). Signed-off-by: Stephan Mueller --- crypto/af_alg.c | 17 +++++++++++++++++ include/crypto/if_alg.h | 2 ++ include/uapi/linux/if_alg.h | 7 +++++++ 3 files changed, 26 insertions(+) diff --git a/crypto/af_alg.c b/crypto/af_alg.c index 6a3ad80..635140b 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -421,6 +421,23 @@ int af_alg_cmsg_send(struct msghdr *msg, struct af_alg_control *con) con->op = *(u32 *)CMSG_DATA(cmsg); break; + + case ALG_SET_AEAD_AUTHSIZE: + if (cmsg->cmsg_len < CMSG_LEN(sizeof(u32))) + return -EINVAL; + con->aead_authsize = *(u32 *)CMSG_DATA(cmsg); + break; + + case ALG_SET_AEAD_ASSOC: + if (cmsg->cmsg_len < CMSG_LEN(sizeof(*con->aead_assoc))) + return -EINVAL; + con->aead_assoc = (void *)CMSG_DATA(cmsg); + if (cmsg->cmsg_len < + CMSG_LEN(con->aead_assoc->aead_assoclen + + sizeof(*con->aead_assoc))) + return -EINVAL; + break; + default: return -EINVAL; } diff --git a/include/crypto/if_alg.h b/include/crypto/if_alg.h index d61c111..c741483 100644 --- a/include/crypto/if_alg.h +++ b/include/crypto/if_alg.h @@ -41,7 +41,9 @@ struct af_alg_completion { struct af_alg_control { struct af_alg_iv *iv; + struct af_alg_aead_assoc *aead_assoc; int op; + unsigned int aead_authsize; }; struct af_alg_type { diff --git a/include/uapi/linux/if_alg.h b/include/uapi/linux/if_alg.h index 0f9acce..64e7008 100644 --- a/include/uapi/linux/if_alg.h +++ b/include/uapi/linux/if_alg.h @@ -28,10 +28,17 @@ struct af_alg_iv { __u8 iv[0]; }; +struct af_alg_aead_assoc { + __u32 aead_assoclen; + __u8 aead_assoc[0]; +}; + /* Socket options */ #define ALG_SET_KEY 1 #define ALG_SET_IV 2 #define ALG_SET_OP 3 +#define ALG_SET_AEAD_ASSOC 4 +#define ALG_SET_AEAD_AUTHSIZE 5 /* Operations */ #define ALG_OP_DECRYPT 0