The synchronous block cipher API is used with the ciphers of type CRYPTO_ALG_TYPE_BLKCIPHER (listed as type “blkcipher” in /proc/crypto)

Synchronous calls, have a context in the tfm. But since a single tfm can be used in multiple calls and in parallel, this info should not be changeable (unless a lock is used). This applies, for example, to the symmetric key. However, the IV is changeable, so there is an iv field in blkcipher_tfm structure for synchronous blkcipher api. So, its the only state info that can be kept for synchronous calls without using a big lock across a tfm.

The block cipher API allows the use of a complete cipher, i.e. a cipher consisting of a template (a block chaining mode) and a single block cipher primitive (e.g. AES).

The plaintext data buffer and the ciphertext data buffer are pointed to by using scatter/gather lists. The cipher operation is performed on all segments of the provided scatter/gather lists.

The kernel crypto API supports a cipher operation “in-place” which means that the caller may provide the same scatter/gather list for the plaintext and cipher text. After the completion of the cipher operation, the plaintext data is replaced with the ciphertext data in case of an encryption and vice versa for a decryption. The caller must ensure that the scatter/gather lists for the output data point to sufficiently large buffers, i.e. multiples of the block size of the cipher.