2005-04-16 15:20:36 -07:00
# ifndef _NET_ESP_H
# define _NET_ESP_H
2006-08-06 19:49:12 +10:00
# include <linux/crypto.h>
2005-04-16 15:20:36 -07:00
# include <net/xfrm.h>
# include <asm/scatterlist.h>
# define ESP_NUM_FAST_SG 4
struct esp_data
{
struct scatterlist sgbuf [ ESP_NUM_FAST_SG ] ;
/* Confidentiality */
struct {
u8 * key ; /* Key */
int key_len ; /* Key length */
2006-09-22 15:17:35 -07:00
int padlen ; /* 0..255 */
2005-04-16 15:20:36 -07:00
/* ivlen is offset from enc_data, where encrypted data start.
* It is logically different of crypto_tfm_alg_ivsize ( tfm ) .
* We assume that it is either zero ( no ivec ) , or
* > = crypto_tfm_alg_ivsize ( tfm ) . */
int ivlen ;
2006-09-22 15:17:35 -07:00
int ivinitted ;
u8 * ivec ; /* ivec buffer */
2006-07-30 15:41:01 +10:00
struct crypto_blkcipher * tfm ; /* crypto handle */
2005-04-16 15:20:36 -07:00
} conf ;
/* Integrity. It is active when icv_full_len != 0 */
struct {
u8 * key ; /* Key */
int key_len ; /* Length of the key */
u8 * work_icv ;
int icv_full_len ;
int icv_trunc_len ;
void ( * icv ) ( struct esp_data * ,
struct sk_buff * skb ,
int offset , int len , u8 * icv ) ;
2006-08-20 14:24:50 +10:00
struct crypto_hash * tfm ;
2005-04-16 15:20:36 -07:00
} auth ;
} ;
extern void * pskb_put ( struct sk_buff * skb , struct sk_buff * tail , int len ) ;
2006-08-20 14:24:50 +10:00
static inline int esp_mac_digest ( struct esp_data * esp , struct sk_buff * skb ,
int offset , int len )
2005-04-16 15:20:36 -07:00
{
2006-08-20 14:24:50 +10:00
struct hash_desc desc ;
int err ;
desc . tfm = esp - > auth . tfm ;
desc . flags = 0 ;
err = crypto_hash_init ( & desc ) ;
if ( unlikely ( err ) )
return err ;
err = skb_icv_walk ( skb , & desc , offset , len , crypto_hash_update ) ;
if ( unlikely ( err ) )
return err ;
return crypto_hash_final ( & desc , esp - > auth . work_icv ) ;
2005-04-16 15:20:36 -07:00
}
# endif
