Eric Lee / smarc-ti-linux-kernel

Blame view

arch/s390/crypto/ghash_s390.c 3.34 KB
edit raw normal view history
df1309ce9   Gerald Schaefer   crypto: s390 - ad... 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
  /*
   * Cryptographic API.
   *
   * s390 implementation of the GHASH algorithm for GCM (Galois/Counter Mode).
   *
   * Copyright IBM Corp. 2011
   * Author(s): Gerald Schaefer <gerald.schaefer@de.ibm.com>
   */
  
  #include <crypto/internal/hash.h>
  #include <linux/module.h>
  
  #include "crypt_s390.h"
  
  #define GHASH_BLOCK_SIZE	16
  #define GHASH_DIGEST_SIZE	16
  
  struct ghash_ctx {
  	u8 icv[16];
  	u8 key[16];
  };
  
  struct ghash_desc_ctx {
  	u8 buffer[GHASH_BLOCK_SIZE];
  	u32 bytes;
  };
  
  static int ghash_init(struct shash_desc *desc)
  {
  	struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
  
  	memset(dctx, 0, sizeof(*dctx));
  
  	return 0;
  }
  
  static int ghash_setkey(struct crypto_shash *tfm,
  			const u8 *key, unsigned int keylen)
  {
  	struct ghash_ctx *ctx = crypto_shash_ctx(tfm);
  
  	if (keylen != GHASH_BLOCK_SIZE) {
  		crypto_shash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
  		return -EINVAL;
  	}
  
  	memcpy(ctx->key, key, GHASH_BLOCK_SIZE);
  	memset(ctx->icv, 0, GHASH_BLOCK_SIZE);
  
  	return 0;
  }
  
  static int ghash_update(struct shash_desc *desc,
  			 const u8 *src, unsigned int srclen)
  {
  	struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
  	struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
  	unsigned int n;
  	u8 *buf = dctx->buffer;
  	int ret;
  
  	if (dctx->bytes) {
  		u8 *pos = buf + (GHASH_BLOCK_SIZE - dctx->bytes);
  
  		n = min(srclen, dctx->bytes);
  		dctx->bytes -= n;
  		srclen -= n;
  
  		memcpy(pos, src, n);
  		src += n;
  
  		if (!dctx->bytes) {
  			ret = crypt_s390_kimd(KIMD_GHASH, ctx, buf,
  					      GHASH_BLOCK_SIZE);
36eb2caa7   Jan Glauber   s390/crypto: Don'... 
75
76
 
  			if (ret != GHASH_BLOCK_SIZE)
  				return -EIO;
df1309ce9   Gerald Schaefer   crypto: s390 - ad... 
77
78
79
80
81
82
 
  		}
  	}
  
  	n = srclen & ~(GHASH_BLOCK_SIZE - 1);
  	if (n) {
  		ret = crypt_s390_kimd(KIMD_GHASH, ctx, src, n);
36eb2caa7   Jan Glauber   s390/crypto: Don'... 
83
84
 
  		if (ret != n)
  			return -EIO;
df1309ce9   Gerald Schaefer   crypto: s390 - ad... 
85
86
87
88
89
90
91
92
93
94
95
 
  		src += n;
  		srclen -= n;
  	}
  
  	if (srclen) {
  		dctx->bytes = GHASH_BLOCK_SIZE - srclen;
  		memcpy(buf, src, srclen);
  	}
  
  	return 0;
  }
36eb2caa7   Jan Glauber   s390/crypto: Don'... 
96
 
  static int ghash_flush(struct ghash_ctx *ctx, struct ghash_desc_ctx *dctx)
df1309ce9   Gerald Schaefer   crypto: s390 - ad... 
97
98
99
100
101
102
103
104
105
106
 
  {
  	u8 *buf = dctx->buffer;
  	int ret;
  
  	if (dctx->bytes) {
  		u8 *pos = buf + (GHASH_BLOCK_SIZE - dctx->bytes);
  
  		memset(pos, 0, dctx->bytes);
  
  		ret = crypt_s390_kimd(KIMD_GHASH, ctx, buf, GHASH_BLOCK_SIZE);
36eb2caa7   Jan Glauber   s390/crypto: Don'... 
107
108
 
  		if (ret != GHASH_BLOCK_SIZE)
  			return -EIO;
df1309ce9   Gerald Schaefer   crypto: s390 - ad... 
109
110
111
 
  	}
  
  	dctx->bytes = 0;
36eb2caa7   Jan Glauber   s390/crypto: Don'... 
112
 
  	return 0;
df1309ce9   Gerald Schaefer   crypto: s390 - ad... 
113
114
115
116
117
118
 
  }
  
  static int ghash_final(struct shash_desc *desc, u8 *dst)
  {
  	struct ghash_desc_ctx *dctx = shash_desc_ctx(desc);
  	struct ghash_ctx *ctx = crypto_shash_ctx(desc->tfm);
36eb2caa7   Jan Glauber   s390/crypto: Don'... 
119
 
  	int ret;
df1309ce9   Gerald Schaefer   crypto: s390 - ad... 
120
 








36eb2caa7
 
 Jan Glauber
 
s390/crypto: Don'...




121
122
123
124




  	ret = ghash_flush(ctx, dctx);
  	if (!ret)
  		memcpy(dst, ctx->icv, GHASH_BLOCK_SIZE);
  	return ret;









df1309ce9
 
 Gerald Schaefer
 
crypto: s390 - ad...




125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141




  }
  
  static struct shash_alg ghash_alg = {
  	.digestsize	= GHASH_DIGEST_SIZE,
  	.init		= ghash_init,
  	.update		= ghash_update,
  	.final		= ghash_final,
  	.setkey		= ghash_setkey,
  	.descsize	= sizeof(struct ghash_desc_ctx),
  	.base		= {
  		.cra_name		= "ghash",
  		.cra_driver_name	= "ghash-s390",
  		.cra_priority		= CRYPT_S390_PRIORITY,
  		.cra_flags		= CRYPTO_ALG_TYPE_SHASH,
  		.cra_blocksize		= GHASH_BLOCK_SIZE,
  		.cra_ctxsize		= sizeof(struct ghash_ctx),
  		.cra_module		= THIS_MODULE,









df1309ce9
 
 Gerald Schaefer
 
crypto: s390 - ad...




142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160




  	},
  };
  
  static int __init ghash_mod_init(void)
  {
  	if (!crypt_s390_func_available(KIMD_GHASH,
  				       CRYPT_S390_MSA | CRYPT_S390_MSA4))
  		return -EOPNOTSUPP;
  
  	return crypto_register_shash(&ghash_alg);
  }
  
  static void __exit ghash_mod_exit(void)
  {
  	crypto_unregister_shash(&ghash_alg);
  }
  
  module_init(ghash_mod_init);
  module_exit(ghash_mod_exit);









f2efa8653
 
 Kees Cook
 
crypto: prefix mo...




161




  MODULE_ALIAS_CRYPTO("ghash");









df1309ce9
 
 Gerald Schaefer
 
crypto: s390 - ad...




162
163
164




  
  MODULE_LICENSE("GPL");
  MODULE_DESCRIPTION("GHASH Message Digest Algorithm, s390 implementation");