architecture.rst - OpenGrok cross reference for /kernel/linux/linux-4.19/Documentation/crypto/architecture.rst

Lines Matching +full:multi +full:- +full:block
5 ----------------------
10 -  Symmetric ciphers
12 -  AEAD ciphers
14 -  Message digest, including keyed message digest
16 -  Random number generation
18 -  User space interface
21 ---------------------
23 The kernel crypto API provides implementations of single block ciphers
26 block ciphers and message digests. Templates include all types of block
29 Single block ciphers and message digests can either be directly used by
30 a caller or invoked together with a template to form multi-block ciphers
33 A single block cipher may even be called with multiple templates.
38 -  aes
40 -  ecb(aes)
42 -  cmac(aes)
44 -  ccm(aes)
46 -  rfc4106(gcm(aes))
48 -  sha1
50 -  hmac(sha1)
52 -  authenc(hmac(sha1),cbc(aes))
58 --------------------------------------
82 -----------------------------------------
89         template(single block cipher)
92 where "template" and "single block cipher" is the aforementioned
93 template and single block cipher, respectively. If applicable,
98         template1(template2(single block cipher)))
102 or a single block cipher. For example, AES on newer Intel hardware has
103 the following implementations: AES-NI, assembler implementation, or
113 implementation and thus does not want to rely on the priority-based
121 ciphers. Each block listed in /proc/crypto may contain the following
122 information -- if one of the components listed as follows are not
125 -  name: the generic name of the cipher that is subject to the
126    priority-based selection -- this name can be used by the cipher
130 -  driver: the unique name of the cipher -- this name can be used by the
133 -  module: the kernel module providing the cipher implementation (or
136 -  priority: the priority value of the cipher implementation
138 -  refcnt: the reference count of the respective cipher (i.e. the number
141 -  selftest: specification whether the self test for the cipher passed
143 -  type:
145    -  skcipher for symmetric key ciphers
147    -  cipher for single block ciphers that may be used with an
150    -  shash for synchronous message digest
152    -  ahash for asynchronous message digest
154    -  aead for AEAD cipher type
156    -  compression for compression type transformations
158    -  rng for random number generator
160    -  givcipher for cipher with associated IV generator (see the geniv
164    -  kpp for a Key-agreement Protocol Primitive (KPP) cipher such as
167 -  blocksize: blocksize of cipher in bytes
169 -  keysize: key size in bytes
171 -  ivsize: IV size in bytes
173 -  seedsize: required size of seed data for random number generator
175 -  digestsize: output size of the message digest
177 -  geniv: IV generation type:
179    -  eseqiv for encrypted sequence number based IV generation
181    -  seqiv for sequence number based IV generation
183    -  chainiv for chain iv generation
185    -  <builtin> is a marker that the cipher implements IV generation and
189 ---------
193 (e.g. AES-128 vs. AES-192 vs. AES-256). These key sizes are determined
199 --------------------------------
210 -  CRYPTO_ALG_TYPE_CIPHER Single block cipher
212 -  CRYPTO_ALG_TYPE_COMPRESS Compression
214 -  CRYPTO_ALG_TYPE_AEAD Authenticated Encryption with Associated Data
217 -  CRYPTO_ALG_TYPE_BLKCIPHER Synchronous multi-block cipher
219 -  CRYPTO_ALG_TYPE_ABLKCIPHER Asynchronous multi-block cipher
221 -  CRYPTO_ALG_TYPE_GIVCIPHER Asynchronous multi-block cipher packed
225 -  CRYPTO_ALG_TYPE_KPP Key-agreement Protocol Primitive (KPP) such as
228 -  CRYPTO_ALG_TYPE_DIGEST Raw message digest
230 -  CRYPTO_ALG_TYPE_HASH Alias for CRYPTO_ALG_TYPE_DIGEST
232 -  CRYPTO_ALG_TYPE_SHASH Synchronous multi-block hash
234 -  CRYPTO_ALG_TYPE_AHASH Asynchronous multi-block hash
236 -  CRYPTO_ALG_TYPE_RNG Random Number Generation
238 -  CRYPTO_ALG_TYPE_AKCIPHER Asymmetric cipher
240 -  CRYPTO_ALG_TYPE_PCOMPRESS Enhanced version of
258 ---------------------------------------
281 generic C implementations (gcm.c, aes-generic.c, ctr.c, ghash-generic.c,
286 AES-NI) provide implementations merging aspects which in the view of the
288 the AES-NI implementation, the CTR mode, the GHASH implementation and
292 the individual sub-components by the kernel crypto API is not done any
295 Each block in the following ASCII art is an independent cipher instance
296 obtained from the kernel crypto API. Each block is accessed by the
304 which component. The arrows point to the invoked block where the caller
305 uses the API applicable to the cipher type specified for the block.
312     +-----------+                                    |
314     |   aead    | <-----------------------------------  esp_output
315     |  (seqiv)  | ---+
316     +-----------+    |
318     +-----------+    |
319     |           | <--+                (2)
320     |   aead    | <-----------------------------------  esp_input
321     |   (gcm)   | ------------+
322     +-----------+             |
325     +-----------+       +-----------+
328     |   (ctr)   | ---+  |  (ghash)  |
329     +-----------+    |  +-----------+
331     +-----------+    | (4)
332     |           | <--+
335     +-----------+
375    implements the CTR block chaining mode. After performing the block
379    cipher handle to encrypt one block.
388 Generic Block Cipher Structure
391 Generic block ciphers follow the same concept as depicted with the ASCII
394 For example, CBC(AES) is implemented with cbc.c, and aes-generic.c. The
396 step (4) is used and the SKCIPHER block chaining mode is CBC.
413     +-----------+         (1)    |
414     |           | <------------------  some_function
416     |   (hmac)  | ---+
417     +-----------+    |
419     +-----------+    |
420     |           | <--+
423     +-----------+