Commit ca142584bc8ebc8e15b317680771ade58ca96315
Committed by
Herbert Xu
1 parent
a2e5ba4fed
Exists in
ti-lsk-linux-4.1.y
and in
10 other branches
crypto: sha512-generic - move to generic glue implementation
This updated the generic SHA-512 implementation to use the generic shared SHA-512 glue code. It also implements a .finup hook crypto_sha512_finup() and exports it to other modules. The import and export() functions and the .statesize member are dropped, since the default implementation is perfectly suitable for this module. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Showing 2 changed files with 24 additions and 102 deletions Side-by-side Diff
crypto/sha512_generic.c
... | ... | @@ -18,6 +18,7 @@ |
18 | 18 | #include <linux/crypto.h> |
19 | 19 | #include <linux/types.h> |
20 | 20 | #include <crypto/sha.h> |
21 | +#include <crypto/sha512_base.h> | |
21 | 22 | #include <linux/percpu.h> |
22 | 23 | #include <asm/byteorder.h> |
23 | 24 | #include <asm/unaligned.h> |
24 | 25 | |
25 | 26 | |
26 | 27 | |
27 | 28 | |
28 | 29 | |
29 | 30 | |
30 | 31 | |
31 | 32 | |
32 | 33 | |
33 | 34 | |
... | ... | @@ -130,125 +131,42 @@ |
130 | 131 | a = b = c = d = e = f = g = h = t1 = t2 = 0; |
131 | 132 | } |
132 | 133 | |
133 | -static int | |
134 | -sha512_init(struct shash_desc *desc) | |
134 | +static void sha512_generic_block_fn(struct sha512_state *sst, u8 const *src, | |
135 | + int blocks) | |
135 | 136 | { |
136 | - struct sha512_state *sctx = shash_desc_ctx(desc); | |
137 | - sctx->state[0] = SHA512_H0; | |
138 | - sctx->state[1] = SHA512_H1; | |
139 | - sctx->state[2] = SHA512_H2; | |
140 | - sctx->state[3] = SHA512_H3; | |
141 | - sctx->state[4] = SHA512_H4; | |
142 | - sctx->state[5] = SHA512_H5; | |
143 | - sctx->state[6] = SHA512_H6; | |
144 | - sctx->state[7] = SHA512_H7; | |
145 | - sctx->count[0] = sctx->count[1] = 0; | |
146 | - | |
147 | - return 0; | |
137 | + while (blocks--) { | |
138 | + sha512_transform(sst->state, src); | |
139 | + src += SHA512_BLOCK_SIZE; | |
140 | + } | |
148 | 141 | } |
149 | 142 | |
150 | -static int | |
151 | -sha384_init(struct shash_desc *desc) | |
152 | -{ | |
153 | - struct sha512_state *sctx = shash_desc_ctx(desc); | |
154 | - sctx->state[0] = SHA384_H0; | |
155 | - sctx->state[1] = SHA384_H1; | |
156 | - sctx->state[2] = SHA384_H2; | |
157 | - sctx->state[3] = SHA384_H3; | |
158 | - sctx->state[4] = SHA384_H4; | |
159 | - sctx->state[5] = SHA384_H5; | |
160 | - sctx->state[6] = SHA384_H6; | |
161 | - sctx->state[7] = SHA384_H7; | |
162 | - sctx->count[0] = sctx->count[1] = 0; | |
163 | - | |
164 | - return 0; | |
165 | -} | |
166 | - | |
167 | 143 | int crypto_sha512_update(struct shash_desc *desc, const u8 *data, |
168 | 144 | unsigned int len) |
169 | 145 | { |
170 | - struct sha512_state *sctx = shash_desc_ctx(desc); | |
171 | - | |
172 | - unsigned int i, index, part_len; | |
173 | - | |
174 | - /* Compute number of bytes mod 128 */ | |
175 | - index = sctx->count[0] & 0x7f; | |
176 | - | |
177 | - /* Update number of bytes */ | |
178 | - if ((sctx->count[0] += len) < len) | |
179 | - sctx->count[1]++; | |
180 | - | |
181 | - part_len = 128 - index; | |
182 | - | |
183 | - /* Transform as many times as possible. */ | |
184 | - if (len >= part_len) { | |
185 | - memcpy(&sctx->buf[index], data, part_len); | |
186 | - sha512_transform(sctx->state, sctx->buf); | |
187 | - | |
188 | - for (i = part_len; i + 127 < len; i+=128) | |
189 | - sha512_transform(sctx->state, &data[i]); | |
190 | - | |
191 | - index = 0; | |
192 | - } else { | |
193 | - i = 0; | |
194 | - } | |
195 | - | |
196 | - /* Buffer remaining input */ | |
197 | - memcpy(&sctx->buf[index], &data[i], len - i); | |
198 | - | |
199 | - return 0; | |
146 | + return sha512_base_do_update(desc, data, len, sha512_generic_block_fn); | |
200 | 147 | } |
201 | 148 | EXPORT_SYMBOL(crypto_sha512_update); |
202 | 149 | |
203 | -static int | |
204 | -sha512_final(struct shash_desc *desc, u8 *hash) | |
150 | +static int sha512_final(struct shash_desc *desc, u8 *hash) | |
205 | 151 | { |
206 | - struct sha512_state *sctx = shash_desc_ctx(desc); | |
207 | - static u8 padding[128] = { 0x80, }; | |
208 | - __be64 *dst = (__be64 *)hash; | |
209 | - __be64 bits[2]; | |
210 | - unsigned int index, pad_len; | |
211 | - int i; | |
212 | - | |
213 | - /* Save number of bits */ | |
214 | - bits[1] = cpu_to_be64(sctx->count[0] << 3); | |
215 | - bits[0] = cpu_to_be64(sctx->count[1] << 3 | sctx->count[0] >> 61); | |
216 | - | |
217 | - /* Pad out to 112 mod 128. */ | |
218 | - index = sctx->count[0] & 0x7f; | |
219 | - pad_len = (index < 112) ? (112 - index) : ((128+112) - index); | |
220 | - crypto_sha512_update(desc, padding, pad_len); | |
221 | - | |
222 | - /* Append length (before padding) */ | |
223 | - crypto_sha512_update(desc, (const u8 *)bits, sizeof(bits)); | |
224 | - | |
225 | - /* Store state in digest */ | |
226 | - for (i = 0; i < 8; i++) | |
227 | - dst[i] = cpu_to_be64(sctx->state[i]); | |
228 | - | |
229 | - /* Zeroize sensitive information. */ | |
230 | - memset(sctx, 0, sizeof(struct sha512_state)); | |
231 | - | |
232 | - return 0; | |
152 | + sha512_base_do_finalize(desc, sha512_generic_block_fn); | |
153 | + return sha512_base_finish(desc, hash); | |
233 | 154 | } |
234 | 155 | |
235 | -static int sha384_final(struct shash_desc *desc, u8 *hash) | |
156 | +int crypto_sha512_finup(struct shash_desc *desc, const u8 *data, | |
157 | + unsigned int len, u8 *hash) | |
236 | 158 | { |
237 | - u8 D[64]; | |
238 | - | |
239 | - sha512_final(desc, D); | |
240 | - | |
241 | - memcpy(hash, D, 48); | |
242 | - memzero_explicit(D, 64); | |
243 | - | |
244 | - return 0; | |
159 | + sha512_base_do_update(desc, data, len, sha512_generic_block_fn); | |
160 | + return sha512_final(desc, hash); | |
245 | 161 | } |
162 | +EXPORT_SYMBOL(crypto_sha512_finup); | |
246 | 163 | |
247 | 164 | static struct shash_alg sha512_algs[2] = { { |
248 | 165 | .digestsize = SHA512_DIGEST_SIZE, |
249 | - .init = sha512_init, | |
166 | + .init = sha512_base_init, | |
250 | 167 | .update = crypto_sha512_update, |
251 | 168 | .final = sha512_final, |
169 | + .finup = crypto_sha512_finup, | |
252 | 170 | .descsize = sizeof(struct sha512_state), |
253 | 171 | .base = { |
254 | 172 | .cra_name = "sha512", |
255 | 173 | |
... | ... | @@ -259,9 +177,10 @@ |
259 | 177 | } |
260 | 178 | }, { |
261 | 179 | .digestsize = SHA384_DIGEST_SIZE, |
262 | - .init = sha384_init, | |
180 | + .init = sha384_base_init, | |
263 | 181 | .update = crypto_sha512_update, |
264 | - .final = sha384_final, | |
182 | + .final = sha512_final, | |
183 | + .finup = crypto_sha512_finup, | |
265 | 184 | .descsize = sizeof(struct sha512_state), |
266 | 185 | .base = { |
267 | 186 | .cra_name = "sha384", |
include/crypto/sha.h