1 /* 2 * Copyright (c) 2018 Richard Palethorpe <rpalethorpe@suse.com> 3 * 4 * This program is free software: you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation, either version 2 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <http://www.gnu.org/licenses/>. 16 */ 17 /** 18 * @file tst_crypto.h 19 * 20 * Library for interacting with kernel's crypto layer using the netlink 21 * interface. 22 */ 23 24 #ifndef TST_CRYPTO_H 25 #define TST_CRYPTO_H 26 27 #include "lapi/cryptouser.h" 28 29 /** 30 * A reference to a crypto session and associated state. 31 * 32 * Holds state relevant to a netlink crypto connection. The seq_num is used 33 * to tag each message sent to the netlink layer and is automatically 34 * incremented by the tst_crypto_ functions. When the netlink layer sends a 35 * response (ack) it will use the sequences number from the request. 36 * 37 * Some functions, such as delete ALG, may return EBUSY in which case it is 38 * safe to retry them. The retries field allows you to set the number of 39 * times this should be done. If set to zero the operation will only be tried 40 * once. For operations which do not return EBUSY, the field is ignored. 41 * 42 * Use TST_CRYPTO_SESSION_INIT to statically initialize this struct with sane 43 * defaults. 44 */ 45 struct tst_crypto_session { 46 /** File descriptor for the netlink socket */ 47 int fd; 48 /** A sequence number used to identify responses from the kernel. */ 49 uint32_t seq_num; 50 /** Number of times some operations will be retried. */ 51 uint32_t retries; 52 }; 53 54 /** 55 * Default static definition of tst_crypto_session. 56 * 57 * @relates tst_crypto_session 58 */ 59 #define TST_CRYPTO_SESSION_INIT {\ 60 .fd = 0, \ 61 .seq_num = 0, \ 62 .retries = 1000 \ 63 } 64 65 /** 66 * Creates a crypto session. 67 * 68 * @relates tst_crypto_session 69 * @param ses Session structure to use, it can be uninitialized. 70 * 71 * If some necessary feature is missing then it will call tst_brk() with 72 * TCONF, for any other error it will use TBROK. 73 */ 74 void tst_crypto_open(struct tst_crypto_session *ses); 75 76 /** 77 * Close a crypto session. 78 * 79 * @relates tst_crypto_session 80 * @param ses The session to close. 81 */ 82 void tst_crypto_close(struct tst_crypto_session *ses); 83 84 /** 85 * Add a crypto algorithm to a session. 86 * 87 * @relates tst_crypto_session 88 * @param ses An open session. 89 * @param alg The crypto algorithm or module to add. 90 * 91 * This requests a new crypto algorithm/engine/module to be initialized by the 92 * kernel. It sends the request contained in alg and then waits for a 93 * response. If sending the message or receiving the ack fails at the netlink 94 * level then tst_brk() with TBROK will be called. 95 * 96 * @return On success it will return 0 otherwise it will return an inverted 97 * error code from the crypto layer. 98 */ 99 int tst_crypto_add_alg(struct tst_crypto_session *ses, 100 const struct crypto_user_alg *alg); 101 102 /** 103 * Delete a crypto algorithm from a session. 104 * 105 * @relates tst_crypto_session 106 * @param ses An open session. 107 * @param alg The crypto algorithm to delete. 108 * 109 * Request that the kernel remove an existing crypto algorithm. This behaves 110 * in a similar way to tst_crypto_add_alg() except that it is the inverse 111 * operation and that it is not unusual for the crypto layer to return 112 * EBUSY. If EBUSY is returned then the function will internally retry the 113 * operation tst_crypto_session::retries times before giving up and returning 114 * EBUSY. 115 * 116 * Return: Either 0 or an inverted error code from the crypto layer. If called 117 * during cleanup it may return a positive ENODATA value from the LTP 118 * library, you don't need to log this error as it will already have 119 * been printed by tst_brk(). 120 */ 121 int tst_crypto_del_alg(struct tst_crypto_session *ses, 122 const struct crypto_user_alg *alg); 123 124 #endif /* TST_CRYPTO_H */ 125