162306a36Sopenharmony_ciKernel Crypto API Interface Specification
262306a36Sopenharmony_ci=========================================
362306a36Sopenharmony_ci
462306a36Sopenharmony_ciIntroduction
562306a36Sopenharmony_ci------------
662306a36Sopenharmony_ci
762306a36Sopenharmony_ciThe kernel crypto API offers a rich set of cryptographic ciphers as well
862306a36Sopenharmony_cias other data transformation mechanisms and methods to invoke these.
962306a36Sopenharmony_ciThis document contains a description of the API and provides example
1062306a36Sopenharmony_cicode.
1162306a36Sopenharmony_ci
1262306a36Sopenharmony_ciTo understand and properly use the kernel crypto API a brief explanation
1362306a36Sopenharmony_ciof its structure is given. Based on the architecture, the API can be
1462306a36Sopenharmony_ciseparated into different components. Following the architecture
1562306a36Sopenharmony_cispecification, hints to developers of ciphers are provided. Pointers to
1662306a36Sopenharmony_cithe API function call documentation are given at the end.
1762306a36Sopenharmony_ci
1862306a36Sopenharmony_ciThe kernel crypto API refers to all algorithms as "transformations".
1962306a36Sopenharmony_ciTherefore, a cipher handle variable usually has the name "tfm". Besides
2062306a36Sopenharmony_cicryptographic operations, the kernel crypto API also knows compression
2162306a36Sopenharmony_citransformations and handles them the same way as ciphers.
2262306a36Sopenharmony_ci
2362306a36Sopenharmony_ciThe kernel crypto API serves the following entity types:
2462306a36Sopenharmony_ci
2562306a36Sopenharmony_ci-  consumers requesting cryptographic services
2662306a36Sopenharmony_ci
2762306a36Sopenharmony_ci-  data transformation implementations (typically ciphers) that can be
2862306a36Sopenharmony_ci   called by consumers using the kernel crypto API
2962306a36Sopenharmony_ci
3062306a36Sopenharmony_ciThis specification is intended for consumers of the kernel crypto API as
3162306a36Sopenharmony_ciwell as for developers implementing ciphers. This API specification,
3262306a36Sopenharmony_cihowever, does not discuss all API calls available to data transformation
3362306a36Sopenharmony_ciimplementations (i.e. implementations of ciphers and other
3462306a36Sopenharmony_citransformations (such as CRC or even compression algorithms) that can
3562306a36Sopenharmony_ciregister with the kernel crypto API).
3662306a36Sopenharmony_ci
3762306a36Sopenharmony_ciNote: The terms "transformation" and cipher algorithm are used
3862306a36Sopenharmony_ciinterchangeably.
3962306a36Sopenharmony_ci
4062306a36Sopenharmony_ciTerminology
4162306a36Sopenharmony_ci-----------
4262306a36Sopenharmony_ci
4362306a36Sopenharmony_ciThe transformation implementation is an actual code or interface to
4462306a36Sopenharmony_cihardware which implements a certain transformation with precisely
4562306a36Sopenharmony_cidefined behavior.
4662306a36Sopenharmony_ci
4762306a36Sopenharmony_ciThe transformation object (TFM) is an instance of a transformation
4862306a36Sopenharmony_ciimplementation. There can be multiple transformation objects associated
4962306a36Sopenharmony_ciwith a single transformation implementation. Each of those
5062306a36Sopenharmony_citransformation objects is held by a crypto API consumer or another
5162306a36Sopenharmony_citransformation. Transformation object is allocated when a crypto API
5262306a36Sopenharmony_ciconsumer requests a transformation implementation. The consumer is then
5362306a36Sopenharmony_ciprovided with a structure, which contains a transformation object (TFM).
5462306a36Sopenharmony_ci
5562306a36Sopenharmony_ciThe structure that contains transformation objects may also be referred
5662306a36Sopenharmony_cito as a "cipher handle". Such a cipher handle is always subject to the
5762306a36Sopenharmony_cifollowing phases that are reflected in the API calls applicable to such
5862306a36Sopenharmony_cia cipher handle:
5962306a36Sopenharmony_ci
6062306a36Sopenharmony_ci1. Initialization of a cipher handle.
6162306a36Sopenharmony_ci
6262306a36Sopenharmony_ci2. Execution of all intended cipher operations applicable for the handle
6362306a36Sopenharmony_ci   where the cipher handle must be furnished to every API call.
6462306a36Sopenharmony_ci
6562306a36Sopenharmony_ci3. Destruction of a cipher handle.
6662306a36Sopenharmony_ci
6762306a36Sopenharmony_ciWhen using the initialization API calls, a cipher handle is created and
6862306a36Sopenharmony_cireturned to the consumer. Therefore, please refer to all initialization
6962306a36Sopenharmony_ciAPI calls that refer to the data structure type a consumer is expected
7062306a36Sopenharmony_cito receive and subsequently to use. The initialization API calls have
7162306a36Sopenharmony_ciall the same naming conventions of crypto_alloc\*.
7262306a36Sopenharmony_ci
7362306a36Sopenharmony_ciThe transformation context is private data associated with the
7462306a36Sopenharmony_citransformation object.
75