Commit ca142584bc8ebc8e15b317680771ade58ca96315
Committed by
Herbert Xu
Herbert Xu
1 parent
a2e5ba4fed
Exists in
ti-lsk-linux-4.1.y
and in
10 other branches
crypto: sha512-generic - move to generic glue implementation
This updated the generic SHA-512 implementation to use the generic shared SHA-512 glue code. It also implements a .finup hook crypto_sha512_finup() and exports it to other modules. The import and export() functions and the .statesize member are dropped, since the default implementation is perfectly suitable for this module. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Showing 2 changed files with 24 additions and 102 deletions Side-by-side Diff
crypto/sha512_generic.c
| ... | ... | @@ -18,6 +18,7 @@ |
| 18 | 18 | #include <linux/crypto.h> |
| 19 | 19 | #include <linux/types.h> |
| 20 | 20 | #include <crypto/sha.h> |
| 21 | +#include <crypto/sha512_base.h> | |
| 21 | 22 | #include <linux/percpu.h> |
| 22 | 23 | #include <asm/byteorder.h> |
| 23 | 24 | #include <asm/unaligned.h> |
| 24 | 25 | |
| 25 | 26 | |
| 26 | 27 | |
| 27 | 28 | |
| 28 | 29 | |
| 29 | 30 | |
| 30 | 31 | |
| 31 | 32 | |
| 32 | 33 | |
| 33 | 34 | |
| ... | ... | @@ -130,125 +131,42 @@ |
| 130 | 131 | a = b = c = d = e = f = g = h = t1 = t2 = 0; |
| 131 | 132 | } |
| 132 | 133 | |
| 133 | -static int | |
| 134 | -sha512_init(struct shash_desc *desc) | |
| 134 | +static void sha512_generic_block_fn(struct sha512_state *sst, u8 const *src, | |
| 135 | + int blocks) | |
| 135 | 136 | { |
| 136 | - struct sha512_state *sctx = shash_desc_ctx(desc); | |
| 137 | - sctx->state[0] = SHA512_H0; | |
| 138 | - sctx->state[1] = SHA512_H1; | |
| 139 | - sctx->state[2] = SHA512_H2; | |
| 140 | - sctx->state[3] = SHA512_H3; | |
| 141 | - sctx->state[4] = SHA512_H4; | |
| 142 | - sctx->state[5] = SHA512_H5; | |
| 143 | - sctx->state[6] = SHA512_H6; | |
| 144 | - sctx->state[7] = SHA512_H7; | |
| 145 | - sctx->count[0] = sctx->count[1] = 0; | |
| 146 | - | |
| 147 | - return 0; | |
| 137 | + while (blocks--) { | |
| 138 | + sha512_transform(sst->state, src); | |
| 139 | + src += SHA512_BLOCK_SIZE; | |
| 140 | + } | |
| 148 | 141 | } |
| 149 | 142 | |
| 150 | -static int | |
| 151 | -sha384_init(struct shash_desc *desc) | |
| 152 | -{ | |
| 153 | - struct sha512_state *sctx = shash_desc_ctx(desc); | |
| 154 | - sctx->state[0] = SHA384_H0; | |
| 155 | - sctx->state[1] = SHA384_H1; | |
| 156 | - sctx->state[2] = SHA384_H2; | |
| 157 | - sctx->state[3] = SHA384_H3; | |
| 158 | - sctx->state[4] = SHA384_H4; | |
| 159 | - sctx->state[5] = SHA384_H5; | |
| 160 | - sctx->state[6] = SHA384_H6; | |
| 161 | - sctx->state[7] = SHA384_H7; | |
| 162 | - sctx->count[0] = sctx->count[1] = 0; | |
| 163 | - | |
| 164 | - return 0; | |
| 165 | -} | |
| 166 | - | |
| 167 | 143 | int crypto_sha512_update(struct shash_desc *desc, const u8 *data, |
| 168 | 144 | unsigned int len) |
| 169 | 145 | { |
| 170 | - struct sha512_state *sctx = shash_desc_ctx(desc); | |
| 171 | - | |
| 172 | - unsigned int i, index, part_len; | |
| 173 | - | |
| 174 | - /* Compute number of bytes mod 128 */ | |
| 175 | - index = sctx->count[0] & 0x7f; | |
| 176 | - | |
| 177 | - /* Update number of bytes */ | |
| 178 | - if ((sctx->count[0] += len) < len) | |
| 179 | - sctx->count[1]++; | |
| 180 | - | |
| 181 | - part_len = 128 - index; | |
| 182 | - | |
| 183 | - /* Transform as many times as possible. */ | |
| 184 | - if (len >= part_len) { | |
| 185 | - memcpy(&sctx->buf[index], data, part_len); | |
| 186 | - sha512_transform(sctx->state, sctx->buf); | |
| 187 | - | |
| 188 | - for (i = part_len; i + 127 < len; i+=128) | |
| 189 | - sha512_transform(sctx->state, &data[i]); | |
| 190 | - | |
| 191 | - index = 0; | |
| 192 | - } else { | |
| 193 | - i = 0; | |
| 194 | - } | |
| 195 | - | |
| 196 | - /* Buffer remaining input */ | |
| 197 | - memcpy(&sctx->buf[index], &data[i], len - i); | |
| 198 | - | |
| 199 | - return 0; | |
| 146 | + return sha512_base_do_update(desc, data, len, sha512_generic_block_fn); | |
| 200 | 147 | } |
| 201 | 148 | EXPORT_SYMBOL(crypto_sha512_update); |
| 202 | 149 | |
| 203 | -static int | |
| 204 | -sha512_final(struct shash_desc *desc, u8 *hash) | |
| 150 | +static int sha512_final(struct shash_desc *desc, u8 *hash) | |
| 205 | 151 | { |
| 206 | - struct sha512_state *sctx = shash_desc_ctx(desc); | |
| 207 | - static u8 padding[128] = { 0x80, }; | |
| 208 | - __be64 *dst = (__be64 *)hash; | |
| 209 | - __be64 bits[2]; | |
| 210 | - unsigned int index, pad_len; | |
| 211 | - int i; | |
| 212 | - | |
| 213 | - /* Save number of bits */ | |
| 214 | - bits[1] = cpu_to_be64(sctx->count[0] << 3); | |
| 215 | - bits[0] = cpu_to_be64(sctx->count[1] << 3 | sctx->count[0] >> 61); | |
| 216 | - | |
| 217 | - /* Pad out to 112 mod 128. */ | |
| 218 | - index = sctx->count[0] & 0x7f; | |
| 219 | - pad_len = (index < 112) ? (112 - index) : ((128+112) - index); | |
| 220 | - crypto_sha512_update(desc, padding, pad_len); | |
| 221 | - | |
| 222 | - /* Append length (before padding) */ | |
| 223 | - crypto_sha512_update(desc, (const u8 *)bits, sizeof(bits)); | |
| 224 | - | |
| 225 | - /* Store state in digest */ | |
| 226 | - for (i = 0; i < 8; i++) | |
| 227 | - dst[i] = cpu_to_be64(sctx->state[i]); | |
| 228 | - | |
| 229 | - /* Zeroize sensitive information. */ | |
| 230 | - memset(sctx, 0, sizeof(struct sha512_state)); | |
| 231 | - | |
| 232 | - return 0; | |
| 152 | + sha512_base_do_finalize(desc, sha512_generic_block_fn); | |
| 153 | + return sha512_base_finish(desc, hash); | |
| 233 | 154 | } |
| 234 | 155 | |
| 235 | -static int sha384_final(struct shash_desc *desc, u8 *hash) | |
| 156 | +int crypto_sha512_finup(struct shash_desc *desc, const u8 *data, | |
| 157 | + unsigned int len, u8 *hash) | |
| 236 | 158 | { |
| 237 | - u8 D[64]; | |
| 238 | - | |
| 239 | - sha512_final(desc, D); | |
| 240 | - | |
| 241 | - memcpy(hash, D, 48); | |
| 242 | - memzero_explicit(D, 64); | |
| 243 | - | |
| 244 | - return 0; | |
| 159 | + sha512_base_do_update(desc, data, len, sha512_generic_block_fn); | |
| 160 | + return sha512_final(desc, hash); | |
| 245 | 161 | } |
| 162 | +EXPORT_SYMBOL(crypto_sha512_finup); | |
| 246 | 163 | |
| 247 | 164 | static struct shash_alg sha512_algs[2] = { { |
| 248 | 165 | .digestsize = SHA512_DIGEST_SIZE, |
| 249 | - .init = sha512_init, | |
| 166 | + .init = sha512_base_init, | |
| 250 | 167 | .update = crypto_sha512_update, |
| 251 | 168 | .final = sha512_final, |
| 169 | + .finup = crypto_sha512_finup, | |
| 252 | 170 | .descsize = sizeof(struct sha512_state), |
| 253 | 171 | .base = { |
| 254 | 172 | .cra_name = "sha512", |
| 255 | 173 | |
| ... | ... | @@ -259,9 +177,10 @@ |
| 259 | 177 | } |
| 260 | 178 | }, { |
| 261 | 179 | .digestsize = SHA384_DIGEST_SIZE, |
| 262 | - .init = sha384_init, | |
| 180 | + .init = sha384_base_init, | |
| 263 | 181 | .update = crypto_sha512_update, |
| 264 | - .final = sha384_final, | |
| 182 | + .final = sha512_final, | |
| 183 | + .finup = crypto_sha512_finup, | |
| 265 | 184 | .descsize = sizeof(struct sha512_state), |
| 266 | 185 | .base = { |
| 267 | 186 | .cra_name = "sha384", |
include/crypto/sha.h