crypto: akcipher - Drop sign/verify operations

+1 -1

Documentation/crypto/api-akcipher.rst

··· 11 11 :doc: Generic Public Key API 12 12 13 13 .. kernel-doc:: include/crypto/akcipher.h 14 - :functions: crypto_alloc_akcipher crypto_free_akcipher crypto_akcipher_set_pub_key crypto_akcipher_set_priv_key crypto_akcipher_maxsize crypto_akcipher_encrypt crypto_akcipher_decrypt crypto_akcipher_sign crypto_akcipher_verify 14 + :functions: crypto_alloc_akcipher crypto_free_akcipher crypto_akcipher_set_pub_key crypto_akcipher_set_priv_key crypto_akcipher_maxsize crypto_akcipher_encrypt crypto_akcipher_decrypt 15 15 16 16 Asymmetric Cipher Request Handle 17 17 --------------------------------

+19 -45

crypto/akcipher.c

··· 20 20 21 21 #define CRYPTO_ALG_TYPE_AHASH_MASK 0x0000000e 22 22 23 + struct crypto_akcipher_sync_data { 24 + struct crypto_akcipher *tfm; 25 + const void *src; 26 + void *dst; 27 + unsigned int slen; 28 + unsigned int dlen; 29 + 30 + struct akcipher_request *req; 31 + struct crypto_wait cwait; 32 + struct scatterlist sg; 33 + u8 *buf; 34 + }; 35 + 23 36 static int __maybe_unused crypto_akcipher_report( 24 37 struct sk_buff *skb, struct crypto_alg *alg) 25 38 { ··· 139 126 { 140 127 struct crypto_alg *base = &alg->base; 141 128 142 - if (!alg->sign) 143 - alg->sign = akcipher_default_op; 144 - if (!alg->verify) 145 - alg->verify = akcipher_default_op; 146 129 if (!alg->encrypt) 147 130 alg->encrypt = akcipher_default_op; 148 131 if (!alg->decrypt) ··· 167 158 } 168 159 EXPORT_SYMBOL_GPL(akcipher_register_instance); 169 160 170 - int crypto_akcipher_sync_prep(struct crypto_akcipher_sync_data *data) 161 + static int crypto_akcipher_sync_prep(struct crypto_akcipher_sync_data *data) 171 162 { 172 163 unsigned int reqsize = crypto_akcipher_reqsize(data->tfm); 173 164 struct akcipher_request *req; ··· 176 167 unsigned int len; 177 168 u8 *buf; 178 169 179 - if (data->dst) 180 - mlen = max(data->slen, data->dlen); 181 - else 182 - mlen = data->slen + data->dlen; 170 + mlen = max(data->slen, data->dlen); 183 171 184 172 len = sizeof(*req) + reqsize + mlen; 185 173 if (len < mlen) ··· 195 189 196 190 sg = &data->sg; 197 191 sg_init_one(sg, buf, mlen); 198 - akcipher_request_set_crypt(req, sg, data->dst ? sg : NULL, 199 - data->slen, data->dlen); 192 + akcipher_request_set_crypt(req, sg, sg, data->slen, data->dlen); 200 193 201 194 crypto_init_wait(&data->cwait); 202 195 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_SLEEP, ··· 203 198 204 199 return 0; 205 200 } 206 - EXPORT_SYMBOL_GPL(crypto_akcipher_sync_prep); 207 201 208 - int crypto_akcipher_sync_post(struct crypto_akcipher_sync_data *data, int err) 202 + static int crypto_akcipher_sync_post(struct crypto_akcipher_sync_data *data, 203 + int err) 209 204 { 210 205 err = crypto_wait_req(err, &data->cwait); 211 - if (data->dst) 212 - memcpy(data->dst, data->buf, data->dlen); 206 + memcpy(data->dst, data->buf, data->dlen); 213 207 data->dlen = data->req->dst_len; 214 208 kfree_sensitive(data->req); 215 209 return err; 216 210 } 217 - EXPORT_SYMBOL_GPL(crypto_akcipher_sync_post); 218 211 219 212 int crypto_akcipher_sync_encrypt(struct crypto_akcipher *tfm, 220 213 const void *src, unsigned int slen, ··· 250 247 data.dlen; 251 248 } 252 249 EXPORT_SYMBOL_GPL(crypto_akcipher_sync_decrypt); 253 - 254 - static void crypto_exit_akcipher_ops_sig(struct crypto_tfm *tfm) 255 - { 256 - struct crypto_akcipher **ctx = crypto_tfm_ctx(tfm); 257 - 258 - crypto_free_akcipher(*ctx); 259 - } 260 - 261 - int crypto_init_akcipher_ops_sig(struct crypto_tfm *tfm) 262 - { 263 - struct crypto_akcipher **ctx = crypto_tfm_ctx(tfm); 264 - struct crypto_alg *calg = tfm->__crt_alg; 265 - struct crypto_akcipher *akcipher; 266 - 267 - if (!crypto_mod_get(calg)) 268 - return -EAGAIN; 269 - 270 - akcipher = crypto_create_tfm(calg, &crypto_akcipher_type); 271 - if (IS_ERR(akcipher)) { 272 - crypto_mod_put(calg); 273 - return PTR_ERR(akcipher); 274 - } 275 - 276 - *ctx = akcipher; 277 - tfm->exit = crypto_exit_akcipher_ops_sig; 278 - 279 - return 0; 280 - } 281 - EXPORT_SYMBOL_GPL(crypto_init_akcipher_ops_sig); 282 250 283 251 MODULE_LICENSE("GPL"); 284 252 MODULE_DESCRIPTION("Generic public key cipher type");

-19

crypto/internal.h

··· 22 22 #include <linux/sched.h> 23 23 #include <linux/types.h> 24 24 25 - struct akcipher_request; 26 - struct crypto_akcipher; 27 25 struct crypto_instance; 28 26 struct crypto_template; 29 27 ··· 31 33 struct completion completion; 32 34 u32 mask; 33 35 bool test_started; 34 - }; 35 - 36 - struct crypto_akcipher_sync_data { 37 - struct crypto_akcipher *tfm; 38 - const void *src; 39 - void *dst; 40 - unsigned int slen; 41 - unsigned int dlen; 42 - 43 - struct akcipher_request *req; 44 - struct crypto_wait cwait; 45 - struct scatterlist sg; 46 - u8 *buf; 47 36 }; 48 37 49 38 enum { ··· 113 128 const struct crypto_type *frontend, int node); 114 129 void *crypto_clone_tfm(const struct crypto_type *frontend, 115 130 struct crypto_tfm *otfm); 116 - 117 - int crypto_akcipher_sync_prep(struct crypto_akcipher_sync_data *data); 118 - int crypto_akcipher_sync_post(struct crypto_akcipher_sync_data *data, int err); 119 - int crypto_init_akcipher_ops_sig(struct crypto_tfm *tfm); 120 131 121 132 static inline void *crypto_create_tfm(struct crypto_alg *alg, 122 133 const struct crypto_type *frontend)

-70

crypto/sig.c

··· 5 5 * Copyright (c) 2023 Herbert Xu <herbert@gondor.apana.org.au> 6 6 */ 7 7 8 - #include <crypto/akcipher.h> 9 8 #include <crypto/internal/sig.h> 10 9 #include <linux/cryptouser.h> 11 10 #include <linux/kernel.h> 12 11 #include <linux/module.h> 13 - #include <linux/scatterlist.h> 14 12 #include <linux/seq_file.h> 15 13 #include <linux/string.h> 16 14 #include <net/netlink.h> ··· 16 18 #include "internal.h" 17 19 18 20 #define CRYPTO_ALG_TYPE_SIG_MASK 0x0000000e 19 - 20 - static const struct crypto_type crypto_sig_type; 21 21 22 22 static void crypto_sig_exit_tfm(struct crypto_tfm *tfm) 23 23 { ··· 27 31 28 32 static int crypto_sig_init_tfm(struct crypto_tfm *tfm) 29 33 { 30 - if (tfm->__crt_alg->cra_type != &crypto_sig_type) 31 - return crypto_init_akcipher_ops_sig(tfm); 32 - 33 34 struct crypto_sig *sig = __crypto_sig_tfm(tfm); 34 35 struct sig_alg *alg = crypto_sig_alg(sig); 35 36 ··· 86 93 87 94 int crypto_sig_maxsize(struct crypto_sig *tfm) 88 95 { 89 - if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type) 90 - goto akcipher; 91 - 92 96 struct sig_alg *alg = crypto_sig_alg(tfm); 93 97 94 98 return alg->max_size(tfm); 95 - 96 - akcipher: 97 - struct crypto_akcipher **ctx = crypto_sig_ctx(tfm); 98 - 99 - return crypto_akcipher_maxsize(*ctx); 100 99 } 101 100 EXPORT_SYMBOL_GPL(crypto_sig_maxsize); 102 101 ··· 96 111 const void *src, unsigned int slen, 97 112 void *dst, unsigned int dlen) 98 113 { 99 - if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type) 100 - goto akcipher; 101 - 102 114 struct sig_alg *alg = crypto_sig_alg(tfm); 103 115 104 116 return alg->sign(tfm, src, slen, dst, dlen); 105 - 106 - akcipher: 107 - struct crypto_akcipher **ctx = crypto_sig_ctx(tfm); 108 - struct crypto_akcipher_sync_data data = { 109 - .tfm = *ctx, 110 - .src = src, 111 - .dst = dst, 112 - .slen = slen, 113 - .dlen = dlen, 114 - }; 115 - 116 - return crypto_akcipher_sync_prep(&data) ?: 117 - crypto_akcipher_sync_post(&data, 118 - crypto_akcipher_sign(data.req)); 119 117 } 120 118 EXPORT_SYMBOL_GPL(crypto_sig_sign); 121 119 ··· 106 138 const void *src, unsigned int slen, 107 139 const void *digest, unsigned int dlen) 108 140 { 109 - if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type) 110 - goto akcipher; 111 - 112 141 struct sig_alg *alg = crypto_sig_alg(tfm); 113 142 114 143 return alg->verify(tfm, src, slen, digest, dlen); 115 - 116 - akcipher: 117 - struct crypto_akcipher **ctx = crypto_sig_ctx(tfm); 118 - struct crypto_akcipher_sync_data data = { 119 - .tfm = *ctx, 120 - .src = src, 121 - .slen = slen, 122 - .dlen = dlen, 123 - }; 124 - int err; 125 - 126 - err = crypto_akcipher_sync_prep(&data); 127 - if (err) 128 - return err; 129 - 130 - memcpy(data.buf + slen, digest, dlen); 131 - 132 - return crypto_akcipher_sync_post(&data, 133 - crypto_akcipher_verify(data.req)); 134 144 } 135 145 EXPORT_SYMBOL_GPL(crypto_sig_verify); 136 146 137 147 int crypto_sig_set_pubkey(struct crypto_sig *tfm, 138 148 const void *key, unsigned int keylen) 139 149 { 140 - if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type) 141 - goto akcipher; 142 - 143 150 struct sig_alg *alg = crypto_sig_alg(tfm); 144 151 145 152 return alg->set_pub_key(tfm, key, keylen); 146 - 147 - akcipher: 148 - struct crypto_akcipher **ctx = crypto_sig_ctx(tfm); 149 - 150 - return crypto_akcipher_set_pub_key(*ctx, key, keylen); 151 153 } 152 154 EXPORT_SYMBOL_GPL(crypto_sig_set_pubkey); 153 155 154 156 int crypto_sig_set_privkey(struct crypto_sig *tfm, 155 157 const void *key, unsigned int keylen) 156 158 { 157 - if (crypto_sig_tfm(tfm)->__crt_alg->cra_type != &crypto_sig_type) 158 - goto akcipher; 159 - 160 159 struct sig_alg *alg = crypto_sig_alg(tfm); 161 160 162 161 return alg->set_priv_key(tfm, key, keylen); 163 - 164 - akcipher: 165 - struct crypto_akcipher **ctx = crypto_sig_ctx(tfm); 166 - 167 - return crypto_akcipher_set_priv_key(*ctx, key, keylen); 168 162 } 169 163 EXPORT_SYMBOL_GPL(crypto_sig_set_privkey); 170 164

+35 -82

crypto/testmgr.c

··· 4131 4131 struct crypto_wait wait; 4132 4132 unsigned int out_len_max, out_len = 0; 4133 4133 int err = -ENOMEM; 4134 - struct scatterlist src, dst, src_tab[3]; 4135 - const char *m, *c; 4136 - unsigned int m_size, c_size; 4137 - const char *op; 4138 - u8 *key, *ptr; 4134 + struct scatterlist src, dst, src_tab[2]; 4135 + const char *c; 4136 + unsigned int c_size; 4139 4137 4140 4138 if (testmgr_alloc_buf(xbuf)) 4141 4139 return err; ··· 4144 4146 4145 4147 crypto_init_wait(&wait); 4146 4148 4147 - key = kmalloc(vecs->key_len + sizeof(u32) * 2 + vecs->param_len, 4148 - GFP_KERNEL); 4149 - if (!key) 4150 - goto free_req; 4151 - memcpy(key, vecs->key, vecs->key_len); 4152 - ptr = key + vecs->key_len; 4153 - ptr = test_pack_u32(ptr, vecs->algo); 4154 - ptr = test_pack_u32(ptr, vecs->param_len); 4155 - memcpy(ptr, vecs->params, vecs->param_len); 4156 - 4157 4149 if (vecs->public_key_vec) 4158 - err = crypto_akcipher_set_pub_key(tfm, key, vecs->key_len); 4150 + err = crypto_akcipher_set_pub_key(tfm, vecs->key, 4151 + vecs->key_len); 4159 4152 else 4160 - err = crypto_akcipher_set_priv_key(tfm, key, vecs->key_len); 4153 + err = crypto_akcipher_set_priv_key(tfm, vecs->key, 4154 + vecs->key_len); 4161 4155 if (err) 4162 - goto free_key; 4156 + goto free_req; 4163 4157 4164 - /* 4165 - * First run test which do not require a private key, such as 4166 - * encrypt or verify. 4167 - */ 4158 + /* First run encrypt test which does not require a private key */ 4168 4159 err = -ENOMEM; 4169 4160 out_len_max = crypto_akcipher_maxsize(tfm); 4170 4161 outbuf_enc = kzalloc(out_len_max, GFP_KERNEL); 4171 4162 if (!outbuf_enc) 4172 - goto free_key; 4163 + goto free_req; 4173 4164 4174 - if (!vecs->siggen_sigver_test) { 4175 - m = vecs->m; 4176 - m_size = vecs->m_size; 4177 - c = vecs->c; 4178 - c_size = vecs->c_size; 4179 - op = "encrypt"; 4180 - } else { 4181 - /* Swap args so we could keep plaintext (digest) 4182 - * in vecs->m, and cooked signature in vecs->c. 4183 - */ 4184 - m = vecs->c; /* signature */ 4185 - m_size = vecs->c_size; 4186 - c = vecs->m; /* digest */ 4187 - c_size = vecs->m_size; 4188 - op = "verify"; 4189 - } 4165 + c = vecs->c; 4166 + c_size = vecs->c_size; 4190 4167 4191 4168 err = -E2BIG; 4192 - if (WARN_ON(m_size > PAGE_SIZE)) 4169 + if (WARN_ON(vecs->m_size > PAGE_SIZE)) 4193 4170 goto free_all; 4194 - memcpy(xbuf[0], m, m_size); 4171 + memcpy(xbuf[0], vecs->m, vecs->m_size); 4195 4172 4196 - sg_init_table(src_tab, 3); 4173 + sg_init_table(src_tab, 2); 4197 4174 sg_set_buf(&src_tab[0], xbuf[0], 8); 4198 - sg_set_buf(&src_tab[1], xbuf[0] + 8, m_size - 8); 4199 - if (vecs->siggen_sigver_test) { 4200 - if (WARN_ON(c_size > PAGE_SIZE)) 4201 - goto free_all; 4202 - memcpy(xbuf[1], c, c_size); 4203 - sg_set_buf(&src_tab[2], xbuf[1], c_size); 4204 - akcipher_request_set_crypt(req, src_tab, NULL, m_size, c_size); 4205 - } else { 4206 - sg_init_one(&dst, outbuf_enc, out_len_max); 4207 - akcipher_request_set_crypt(req, src_tab, &dst, m_size, 4208 - out_len_max); 4209 - } 4175 + sg_set_buf(&src_tab[1], xbuf[0] + 8, vecs->m_size - 8); 4176 + sg_init_one(&dst, outbuf_enc, out_len_max); 4177 + akcipher_request_set_crypt(req, src_tab, &dst, vecs->m_size, 4178 + out_len_max); 4210 4179 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 4211 4180 crypto_req_done, &wait); 4212 4181 4213 - err = crypto_wait_req(vecs->siggen_sigver_test ? 4214 - /* Run asymmetric signature verification */ 4215 - crypto_akcipher_verify(req) : 4216 - /* Run asymmetric encrypt */ 4217 - crypto_akcipher_encrypt(req), &wait); 4182 + err = crypto_wait_req(crypto_akcipher_encrypt(req), &wait); 4218 4183 if (err) { 4219 - pr_err("alg: akcipher: %s test failed. err %d\n", op, err); 4184 + pr_err("alg: akcipher: encrypt test failed. err %d\n", err); 4220 4185 goto free_all; 4221 4186 } 4222 - if (!vecs->siggen_sigver_test && c) { 4187 + if (c) { 4223 4188 if (req->dst_len != c_size) { 4224 - pr_err("alg: akcipher: %s test failed. Invalid output len\n", 4225 - op); 4189 + pr_err("alg: akcipher: encrypt test failed. Invalid output len\n"); 4226 4190 err = -EINVAL; 4227 4191 goto free_all; 4228 4192 } 4229 4193 /* verify that encrypted message is equal to expected */ 4230 4194 if (memcmp(c, outbuf_enc, c_size) != 0) { 4231 - pr_err("alg: akcipher: %s test failed. Invalid output\n", 4232 - op); 4195 + pr_err("alg: akcipher: encrypt test failed. Invalid output\n"); 4233 4196 hexdump(outbuf_enc, c_size); 4234 4197 err = -EINVAL; 4235 4198 goto free_all; ··· 4198 4239 } 4199 4240 4200 4241 /* 4201 - * Don't invoke (decrypt or sign) test which require a private key 4242 + * Don't invoke decrypt test which requires a private key 4202 4243 * for vectors with only a public key. 4203 4244 */ 4204 4245 if (vecs->public_key_vec) { ··· 4211 4252 goto free_all; 4212 4253 } 4213 4254 4214 - if (!vecs->siggen_sigver_test && !c) { 4255 + if (!c) { 4215 4256 c = outbuf_enc; 4216 4257 c_size = req->dst_len; 4217 4258 } 4218 4259 4219 4260 err = -E2BIG; 4220 - op = vecs->siggen_sigver_test ? "sign" : "decrypt"; 4221 4261 if (WARN_ON(c_size > PAGE_SIZE)) 4222 4262 goto free_all; 4223 4263 memcpy(xbuf[0], c, c_size); ··· 4226 4268 crypto_init_wait(&wait); 4227 4269 akcipher_request_set_crypt(req, &src, &dst, c_size, out_len_max); 4228 4270 4229 - err = crypto_wait_req(vecs->siggen_sigver_test ? 4230 - /* Run asymmetric signature generation */ 4231 - crypto_akcipher_sign(req) : 4232 - /* Run asymmetric decrypt */ 4233 - crypto_akcipher_decrypt(req), &wait); 4271 + err = crypto_wait_req(crypto_akcipher_decrypt(req), &wait); 4234 4272 if (err) { 4235 - pr_err("alg: akcipher: %s test failed. err %d\n", op, err); 4273 + pr_err("alg: akcipher: decrypt test failed. err %d\n", err); 4236 4274 goto free_all; 4237 4275 } 4238 4276 out_len = req->dst_len; 4239 - if (out_len < m_size) { 4240 - pr_err("alg: akcipher: %s test failed. Invalid output len %u\n", 4241 - op, out_len); 4277 + if (out_len < vecs->m_size) { 4278 + pr_err("alg: akcipher: decrypt test failed. Invalid output len %u\n", 4279 + out_len); 4242 4280 err = -EINVAL; 4243 4281 goto free_all; 4244 4282 } 4245 4283 /* verify that decrypted message is equal to the original msg */ 4246 - if (memchr_inv(outbuf_dec, 0, out_len - m_size) || 4247 - memcmp(m, outbuf_dec + out_len - m_size, m_size)) { 4248 - pr_err("alg: akcipher: %s test failed. Invalid output\n", op); 4284 + if (memchr_inv(outbuf_dec, 0, out_len - vecs->m_size) || 4285 + memcmp(vecs->m, outbuf_dec + out_len - vecs->m_size, 4286 + vecs->m_size)) { 4287 + pr_err("alg: akcipher: decrypt test failed. Invalid output\n"); 4249 4288 hexdump(outbuf_dec, out_len); 4250 4289 err = -EINVAL; 4251 4290 } 4252 4291 free_all: 4253 4292 kfree(outbuf_dec); 4254 4293 kfree(outbuf_enc); 4255 - free_key: 4256 - kfree(key); 4257 4294 free_req: 4258 4295 akcipher_request_free(req); 4259 4296 free_xbuf:

-4

crypto/testmgr.h

··· 150 150 151 151 struct akcipher_testvec { 152 152 const unsigned char *key; 153 - const unsigned char *params; 154 153 const unsigned char *m; 155 154 const unsigned char *c; 156 155 unsigned int key_len; 157 - unsigned int param_len; 158 156 unsigned int m_size; 159 157 unsigned int c_size; 160 158 bool public_key_vec; 161 - bool siggen_sigver_test; 162 - enum OID algo; 163 159 }; 164 160 165 161 struct sig_testvec {

+8 -61

include/crypto/akcipher.h

··· 12 12 #include <linux/crypto.h> 13 13 14 14 /** 15 - * struct akcipher_request - public key request 15 + * struct akcipher_request - public key cipher request 16 16 * 17 17 * @base: Common attributes for async crypto requests 18 18 * @src: Source data 19 - * For verify op this is signature + digest, in that case 20 - * total size of @src is @src_len + @dst_len. 21 - * @dst: Destination data (Should be NULL for verify op) 19 + * @dst: Destination data 22 20 * @src_len: Size of the input buffer 23 - * For verify op it's size of signature part of @src, this part 24 - * is supposed to be operated by cipher. 25 - * @dst_len: Size of @dst buffer (for all ops except verify). 21 + * @dst_len: Size of @dst buffer 26 22 * It needs to be at least as big as the expected result 27 23 * depending on the operation. 28 24 * After operation it will be updated with the actual size of the 29 25 * result. 30 26 * In case of error where the dst sgl size was insufficient, 31 27 * it will be updated to the size required for the operation. 32 - * For verify op this is size of digest part in @src. 33 28 * @__ctx: Start of private context data 34 29 */ 35 30 struct akcipher_request { ··· 50 55 }; 51 56 52 57 /** 53 - * struct akcipher_alg - generic public key algorithm 58 + * struct akcipher_alg - generic public key cipher algorithm 54 59 * 55 - * @sign: Function performs a sign operation as defined by public key 56 - * algorithm. In case of error, where the dst_len was insufficient, 57 - * the req->dst_len will be updated to the size required for the 58 - * operation 59 - * @verify: Function performs a complete verify operation as defined by 60 - * public key algorithm, returning verification status. Requires 61 - * digest value as input parameter. 62 60 * @encrypt: Function performs an encrypt operation as defined by public key 63 61 * algorithm. In case of error, where the dst_len was insufficient, 64 62 * the req->dst_len will be updated to the size required for the ··· 82 94 * @base: Common crypto API algorithm data structure 83 95 */ 84 96 struct akcipher_alg { 85 - int (*sign)(struct akcipher_request *req); 86 - int (*verify)(struct akcipher_request *req); 87 97 int (*encrypt)(struct akcipher_request *req); 88 98 int (*decrypt)(struct akcipher_request *req); 89 99 int (*set_pub_key)(struct crypto_akcipher *tfm, const void *key, ··· 96 110 }; 97 111 98 112 /** 99 - * DOC: Generic Public Key API 113 + * DOC: Generic Public Key Cipher API 100 114 * 101 - * The Public Key API is used with the algorithms of type 115 + * The Public Key Cipher API is used with the algorithms of type 102 116 * CRYPTO_ALG_TYPE_AKCIPHER (listed as type "akcipher" in /proc/crypto) 103 117 */ 104 118 ··· 229 243 * 230 244 * @req: public key request 231 245 * @src: ptr to input scatter list 232 - * @dst: ptr to output scatter list or NULL for verify op 246 + * @dst: ptr to output scatter list 233 247 * @src_len: size of the src input scatter list to be processed 234 - * @dst_len: size of the dst output scatter list or size of signature 235 - * portion in @src for verify op 248 + * @dst_len: size of the dst output scatter list 236 249 */ 237 250 static inline void akcipher_request_set_crypt(struct akcipher_request *req, 238 251 struct scatterlist *src, ··· 331 346 int crypto_akcipher_sync_decrypt(struct crypto_akcipher *tfm, 332 347 const void *src, unsigned int slen, 333 348 void *dst, unsigned int dlen); 334 - 335 - /** 336 - * crypto_akcipher_sign() - Invoke public key sign operation 337 - * 338 - * Function invokes the specific public key sign operation for a given 339 - * public key algorithm 340 - * 341 - * @req: asymmetric key request 342 - * 343 - * Return: zero on success; error code in case of error 344 - */ 345 - static inline int crypto_akcipher_sign(struct akcipher_request *req) 346 - { 347 - struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 348 - 349 - return crypto_akcipher_alg(tfm)->sign(req); 350 - } 351 - 352 - /** 353 - * crypto_akcipher_verify() - Invoke public key signature verification 354 - * 355 - * Function invokes the specific public key signature verification operation 356 - * for a given public key algorithm. 357 - * 358 - * @req: asymmetric key request 359 - * 360 - * Note: req->dst should be NULL, req->src should point to SG of size 361 - * (req->src_size + req->dst_size), containing signature (of req->src_size 362 - * length) with appended digest (of req->dst_size length). 363 - * 364 - * Return: zero on verification success; error code in case of error. 365 - */ 366 - static inline int crypto_akcipher_verify(struct akcipher_request *req) 367 - { 368 - struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 369 - 370 - return crypto_akcipher_alg(tfm)->verify(req); 371 - } 372 349 373 350 /** 374 351 * crypto_akcipher_set_pub_key() - Invoke set public key operation

+2 -2

include/crypto/internal/akcipher.h

··· 124 124 /** 125 125 * crypto_register_akcipher() -- Register public key algorithm 126 126 * 127 - * Function registers an implementation of a public key verify algorithm 127 + * Function registers an implementation of a public key cipher algorithm 128 128 * 129 129 * @alg: algorithm definition 130 130 * ··· 135 135 /** 136 136 * crypto_unregister_akcipher() -- Unregister public key algorithm 137 137 * 138 - * Function unregisters an implementation of a public key verify algorithm 138 + * Function unregisters an implementation of a public key cipher algorithm 139 139 * 140 140 * @alg: algorithm definition 141 141 */