include/net/esp.h

   1 #ifndef _NET_ESP_H
   2 #define _NET_ESP_H
   3
   4 #include <linux/crypto.h>
   5 #include <net/xfrm.h>
   6 #include <asm/scatterlist.h>
   7
   8 #define ESP_NUM_FAST_SG         4
   9
  10 struct esp_data
  11 {
  12         struct scatterlist              sgbuf[ESP_NUM_FAST_SG];
  13
  14         /* Confidentiality */
  15         struct {
  16                 u8                      *key;           /* Key */
  17                 int                     key_len;        /* Key length */
  18                 int                     padlen;         /* 0..255 */
  19                 /* ivlen is offset from enc_data, where encrypted data start.
  20                  * It is logically different of crypto_tfm_alg_ivsize(tfm).
  21                  * We assume that it is either zero (no ivec), or
  22                  * >= crypto_tfm_alg_ivsize(tfm). */
  23                 int                     ivlen;
  24                 int                     ivinitted;
  25                 u8                      *ivec;          /* ivec buffer */
  26                 struct crypto_blkcipher *tfm;           /* crypto handle */
  27         } conf;
  28
  29         /* Integrity. It is active when icv_full_len != 0 */
  30         struct {
  31                 u8                      *key;           /* Key */
  32                 int                     key_len;        /* Length of the key */
  33                 u8                      *work_icv;
  34                 int                     icv_full_len;
  35                 int                     icv_trunc_len;
  36                 void                    (*icv)(struct esp_data*,
  37                                                struct sk_buff *skb,
  38                                                int offset, int len, u8 *icv);
  39                 struct crypto_hash      *tfm;
  40         } auth;
  41 };
  42
  43 extern int skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset, int len);
  44 extern int skb_cow_data(struct sk_buff *skb, int tailbits, struct sk_buff **trailer);
  45 extern void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len);
  46
  47 static inline int esp_mac_digest(struct esp_data *esp, struct sk_buff *skb,
  48                                  int offset, int len)
  49 {
  50         struct hash_desc desc;
  51         int err;
  52
  53         desc.tfm = esp->auth.tfm;
  54         desc.flags = 0;
  55
  56         err = crypto_hash_init(&desc);
  57         if (unlikely(err))
  58                 return err;
  59         err = skb_icv_walk(skb, &desc, offset, len, crypto_hash_update);
  60         if (unlikely(err))
  61                 return err;
  62         return crypto_hash_final(&desc, esp->auth.work_icv);
  63 }
  64
  65 #endif