[crypto] Add concept of additional data to cipher algorithms

Some ciphers (such as GCM) support the concept of additional
authenticated data, which does not appear in the ciphertext but may
affect the operation of the cipher.

Allow cipher_encrypt() and cipher_decrypt() to be called with a NULL
destination buffer in order to pass additional data.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

1 files changed, 15 insertions, 15 deletions

diff --git a/src/include/ipxe/crypto.h b/src/include/ipxe/crypto.h
index 931be0502..d41448024 100644
--- a/src/include/ipxe/crypto.h
+++ b/src/include/ipxe/crypto.h
@@ -54,25 +54,25 @@ struct cipher_algorithm {
 	size_t blocksize;
 	/** Set key
 	 *
-	 * @v ctx		Context
-	 * @v key		Key
-	 * @v keylen		Key length
-	 * @ret rc		Return status code
+	 * @v ctx	Context
+	 * @v key	Key
+	 * @v keylen	Key length
+	 * @ret rc	Return status code
 	 */
 	int ( * setkey ) ( void *ctx, const void *key, size_t keylen );
 	/** Set initialisation vector
 	 *
-	 * @v ctx		Context
-	 * @v iv		Initialisation vector
-	 * @v ivlen		Initialisation vector length
+	 * @v ctx	Context
+	 * @v iv	Initialisation vector
+	 * @v ivlen	Initialisation vector length
 	 */
 	void ( * setiv ) ( void *ctx, const void *iv, size_t ivlen );
 	/** Encrypt data
 	 *
-	 * @v ctx		Context
-	 * @v src		Data to encrypt
-	 * @v dst		Buffer for encrypted data
-	 * @v len		Length of data
+	 * @v ctx	Context
+	 * @v src	Data to encrypt
+	 * @v dst	Buffer for encrypted data, or NULL for additional data
+	 * @v len	Length of data
 	 *
 	 * @v len is guaranteed to be a multiple of @c blocksize.
 	 */
@@ -80,10 +80,10 @@ struct cipher_algorithm {
 			     size_t len );
 	/** Decrypt data
 	 *
-	 * @v ctx		Context
-	 * @v src		Data to decrypt
-	 * @v dst		Buffer for decrypted data
-	 * @v len		Length of data
+	 * @v ctx	Context
+	 * @v src	Data to decrypt
+	 * @v dst	Buffer for decrypted data, or NULL for additional data
+	 * @v len	Length of data
 	 *
 	 * @v len is guaranteed to be a multiple of @c blocksize.
 	 */