From 4a7794860ba2b56693b1d89fd485fd08cdc763e3 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sat, 13 Sep 2008 18:19:03 -0700 Subject: crypto: api - Move type exit function into crypto_tfm The type exit function needs to undo any allocations done by the type init function. However, the type init function may differ depending on the upper-level type of the transform (e.g., a crypto_blkcipher instantiated as a crypto_ablkcipher). So we need to move the exit function out of the lower-level structure and into crypto_tfm itself. As it stands this is a no-op since nobody uses exit functions at all. However, all cases where a lower-level type is instantiated as a different upper-level type (such as blkcipher as ablkcipher) will be converted such that they allocate the underlying transform and use that instead of casting (e.g., crypto_ablkcipher casted into crypto_blkcipher). That will need to use a different exit function depending on the upper-level type. This patch also allows the type init/exit functions to call (or not) cra_init/cra_exit instead of always calling them from the top level. Signed-off-by: Herbert Xu --- include/linux/crypto.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/linux/crypto.h') diff --git a/include/linux/crypto.h b/include/linux/crypto.h index 3d2317e4af2..ea52cd944fd 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -480,6 +480,8 @@ struct crypto_tfm { struct compress_tfm compress; struct rng_tfm rng; } crt_u; + + void (*exit)(struct crypto_tfm *tfm); struct crypto_alg *__crt_alg; -- cgit v1.2.3-70-g09d2 From 7b0bac64cd5b74d6f1147524c26216de13a501fd Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 21 Sep 2008 06:52:53 +0900 Subject: crypto: api - Rebirth of crypto_alloc_tfm This patch reintroduces a completely revamped crypto_alloc_tfm. The biggest change is that we now take two crypto_type objects when allocating a tfm, a frontend and a backend. In fact this simply formalises what we've been doing behind the API's back. For example, as it stands crypto_alloc_ahash may use an actual ahash algorithm or a crypto_hash algorithm. Putting this in the API allows us to do this much more cleanly. The existing types will be converted across gradually. Signed-off-by: Herbert Xu --- crypto/api.c | 108 ++++++++++++++++++++++++++++++++++++++++++++++++ crypto/internal.h | 2 + include/crypto/algapi.h | 10 +++++ include/linux/crypto.h | 4 +- 4 files changed, 123 insertions(+), 1 deletion(-) (limited to 'include/linux/crypto.h') diff --git a/crypto/api.c b/crypto/api.c index cbaaf346ad1..9975a7bd246 100644 --- a/crypto/api.c +++ b/crypto/api.c @@ -403,6 +403,9 @@ EXPORT_SYMBOL_GPL(__crypto_alloc_tfm); * @type: Type of algorithm * @mask: Mask for type comparison * + * This function should not be used by new algorithm types. + * Plesae use crypto_alloc_tfm instead. + * * crypto_alloc_base() will first attempt to locate an already loaded * algorithm. If that fails and the kernel supports dynamically loadable * modules, it will then attempt to load a module of the same name or @@ -449,6 +452,111 @@ err: return ERR_PTR(err); } EXPORT_SYMBOL_GPL(crypto_alloc_base); + +struct crypto_tfm *crypto_create_tfm(struct crypto_alg *alg, + const struct crypto_type *frontend) +{ + char *mem; + struct crypto_tfm *tfm = NULL; + unsigned int tfmsize; + unsigned int total; + int err = -ENOMEM; + + tfmsize = frontend->tfmsize; + total = tfmsize + sizeof(*tfm) + frontend->extsize(alg, frontend); + + mem = kzalloc(total, GFP_KERNEL); + if (mem == NULL) + goto out_err; + + tfm = (struct crypto_tfm *)(mem + tfmsize); + tfm->__crt_alg = alg; + + err = frontend->init_tfm(tfm, frontend); + if (err) + goto out_free_tfm; + + if (!tfm->exit && alg->cra_init && (err = alg->cra_init(tfm))) + goto cra_init_failed; + + goto out; + +cra_init_failed: + crypto_exit_ops(tfm); +out_free_tfm: + if (err == -EAGAIN) + crypto_shoot_alg(alg); + kfree(mem); +out_err: + tfm = ERR_PTR(err); +out: + return tfm; +} +EXPORT_SYMBOL_GPL(crypto_create_tfm); + +/* + * crypto_alloc_tfm - Locate algorithm and allocate transform + * @alg_name: Name of algorithm + * @frontend: Frontend algorithm type + * @type: Type of algorithm + * @mask: Mask for type comparison + * + * crypto_alloc_tfm() will first attempt to locate an already loaded + * algorithm. If that fails and the kernel supports dynamically loadable + * modules, it will then attempt to load a module of the same name or + * alias. If that fails it will send a query to any loaded crypto manager + * to construct an algorithm on the fly. A refcount is grabbed on the + * algorithm which is then associated with the new transform. + * + * The returned transform is of a non-determinate type. Most people + * should use one of the more specific allocation functions such as + * crypto_alloc_blkcipher. + * + * In case of error the return value is an error pointer. + */ +struct crypto_tfm *crypto_alloc_tfm(const char *alg_name, + const struct crypto_type *frontend, + u32 type, u32 mask) +{ + struct crypto_alg *(*lookup)(const char *name, u32 type, u32 mask); + struct crypto_tfm *tfm; + int err; + + type &= frontend->maskclear; + mask &= frontend->maskclear; + type |= frontend->type; + mask |= frontend->maskset; + + lookup = frontend->lookup ?: crypto_alg_mod_lookup; + + for (;;) { + struct crypto_alg *alg; + + alg = lookup(alg_name, type, mask); + if (IS_ERR(alg)) { + err = PTR_ERR(alg); + goto err; + } + + tfm = crypto_create_tfm(alg, frontend); + if (!IS_ERR(tfm)) + return tfm; + + crypto_mod_put(alg); + err = PTR_ERR(tfm); + +err: + if (err != -EAGAIN) + break; + if (signal_pending(current)) { + err = -EINTR; + break; + } + } + + return ERR_PTR(err); +} +EXPORT_SYMBOL_GPL(crypto_alloc_tfm); /* * crypto_free_tfm - Free crypto transform diff --git a/crypto/internal.h b/crypto/internal.h index 8ef72d76092..3c19a27a756 100644 --- a/crypto/internal.h +++ b/crypto/internal.h @@ -109,6 +109,8 @@ void crypto_alg_tested(const char *name, int err); void crypto_shoot_alg(struct crypto_alg *alg); struct crypto_tfm *__crypto_alloc_tfm(struct crypto_alg *alg, u32 type, u32 mask); +struct crypto_tfm *crypto_create_tfm(struct crypto_alg *alg, + const struct crypto_type *frontend); int crypto_register_instance(struct crypto_template *tmpl, struct crypto_instance *inst); diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h index 5fb6d8618d4..986db68548f 100644 --- a/include/crypto/algapi.h +++ b/include/crypto/algapi.h @@ -22,8 +22,18 @@ struct seq_file; struct crypto_type { unsigned int (*ctxsize)(struct crypto_alg *alg, u32 type, u32 mask); + unsigned int (*extsize)(struct crypto_alg *alg, + const struct crypto_type *frontend); int (*init)(struct crypto_tfm *tfm, u32 type, u32 mask); + int (*init_tfm)(struct crypto_tfm *tfm, + const struct crypto_type *frontend); void (*show)(struct seq_file *m, struct crypto_alg *alg); + struct crypto_alg *(*lookup)(const char *name, u32 type, u32 mask); + + unsigned int type; + unsigned int maskclear; + unsigned int maskset; + unsigned int tfmsize; }; struct crypto_instance { diff --git a/include/linux/crypto.h b/include/linux/crypto.h index ea52cd944fd..ffaaa418cf5 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -546,7 +546,9 @@ struct crypto_attr_u32 { * Transform user interface. */ -struct crypto_tfm *crypto_alloc_tfm(const char *alg_name, u32 tfm_flags); +struct crypto_tfm *crypto_alloc_tfm(const char *alg_name, + const struct crypto_type *frontend, + u32 type, u32 mask); struct crypto_tfm *crypto_alloc_base(const char *alg_name, u32 type, u32 mask); void crypto_free_tfm(struct crypto_tfm *tfm); -- cgit v1.2.3-70-g09d2 From 7b5a080b3c46f0cac71c0d0262634c6517d4ee4f Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 31 Aug 2008 15:47:27 +1000 Subject: crypto: hash - Add shash interface The shash interface replaces the current synchronous hash interface. It improves over hash in two ways. Firstly shash is reentrant, meaning that the same tfm may be used by two threads simultaneously as all hashing state is stored in a local descriptor. The other enhancement is that shash no longer takes scatter list entries. This is because shash is specifically designed for synchronous algorithms and as such scatter lists are unnecessary. All existing hash users will be converted to shash once the algorithms have been completely converted. There is also a new finup function that combines update with final. This will be extended to ahash once the algorithm conversion is done. This is also the first time that an algorithm type has their own registration function. Existing algorithm types will be converted to this way in due course. Signed-off-by: Herbert Xu --- crypto/Makefile | 1 + crypto/shash.c | 239 +++++++++++++++++++++++++++++++++++++++++ include/crypto/hash.h | 104 ++++++++++++++++++ include/crypto/internal/hash.h | 8 ++ include/linux/crypto.h | 1 + 5 files changed, 353 insertions(+) create mode 100644 crypto/shash.c (limited to 'include/linux/crypto.h') diff --git a/crypto/Makefile b/crypto/Makefile index cd4a4ed078f..46b08bf2035 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -22,6 +22,7 @@ obj-$(CONFIG_CRYPTO_SEQIV) += seqiv.o crypto_hash-objs := hash.o crypto_hash-objs += ahash.o +crypto_hash-objs += shash.o obj-$(CONFIG_CRYPTO_HASH2) += crypto_hash.o cryptomgr-objs := algboss.o testmgr.o diff --git a/crypto/shash.c b/crypto/shash.c new file mode 100644 index 00000000000..82ec4bd8d2f --- /dev/null +++ b/crypto/shash.c @@ -0,0 +1,239 @@ +/* + * Synchronous Cryptographic Hash operations. + * + * Copyright (c) 2008 Herbert Xu + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + */ + +#include +#include +#include +#include +#include +#include + +static inline struct crypto_shash *__crypto_shash_cast(struct crypto_tfm *tfm) +{ + return container_of(tfm, struct crypto_shash, base); +} + +static int shash_setkey_unaligned(struct crypto_shash *tfm, const u8 *key, + unsigned int keylen) +{ + struct shash_alg *shash = crypto_shash_alg(tfm); + unsigned long alignmask = crypto_shash_alignmask(tfm); + unsigned long absize; + u8 *buffer, *alignbuffer; + int err; + + absize = keylen + (alignmask & ~(CRYPTO_MINALIGN - 1)); + buffer = kmalloc(absize, GFP_KERNEL); + if (!buffer) + return -ENOMEM; + + alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1); + memcpy(alignbuffer, key, keylen); + err = shash->setkey(tfm, alignbuffer, keylen); + memset(alignbuffer, 0, keylen); + kfree(buffer); + return err; +} + +int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, + unsigned int keylen) +{ + struct shash_alg *shash = crypto_shash_alg(tfm); + unsigned long alignmask = crypto_shash_alignmask(tfm); + + if ((unsigned long)key & alignmask) + return shash_setkey_unaligned(tfm, key, keylen); + + return shash->setkey(tfm, key, keylen); +} +EXPORT_SYMBOL_GPL(crypto_shash_setkey); + +static inline unsigned int shash_align_buffer_size(unsigned len, + unsigned long mask) +{ + return len + (mask & ~(__alignof__(u8 __attribute__ ((aligned))) - 1)); +} + +static int shash_update_unaligned(struct shash_desc *desc, const u8 *data, + unsigned int len) +{ + struct crypto_shash *tfm = desc->tfm; + struct shash_alg *shash = crypto_shash_alg(tfm); + unsigned long alignmask = crypto_shash_alignmask(tfm); + unsigned int unaligned_len = alignmask + 1 - + ((unsigned long)data & alignmask); + u8 buf[shash_align_buffer_size(unaligned_len, alignmask)] + __attribute__ ((aligned)); + + memcpy(buf, data, unaligned_len); + + return shash->update(desc, buf, unaligned_len) ?: + shash->update(desc, data + unaligned_len, len - unaligned_len); +} + +int crypto_shash_update(struct shash_desc *desc, const u8 *data, + unsigned int len) +{ + struct crypto_shash *tfm = desc->tfm; + struct shash_alg *shash = crypto_shash_alg(tfm); + unsigned long alignmask = crypto_shash_alignmask(tfm); + + if ((unsigned long)data & alignmask) + return shash_update_unaligned(desc, data, len); + + return shash->update(desc, data, len); +} +EXPORT_SYMBOL_GPL(crypto_shash_update); + +static int shash_final_unaligned(struct shash_desc *desc, u8 *out) +{ + struct crypto_shash *tfm = desc->tfm; + unsigned long alignmask = crypto_shash_alignmask(tfm); + struct shash_alg *shash = crypto_shash_alg(tfm); + unsigned int ds = crypto_shash_digestsize(tfm); + u8 buf[shash_align_buffer_size(ds, alignmask)] + __attribute__ ((aligned)); + int err; + + err = shash->final(desc, buf); + memcpy(out, buf, ds); + return err; +} + +int crypto_shash_final(struct shash_desc *desc, u8 *out) +{ + struct crypto_shash *tfm = desc->tfm; + struct shash_alg *shash = crypto_shash_alg(tfm); + unsigned long alignmask = crypto_shash_alignmask(tfm); + + if ((unsigned long)out & alignmask) + return shash_final_unaligned(desc, out); + + return shash->final(desc, out); +} +EXPORT_SYMBOL_GPL(crypto_shash_final); + +static int shash_finup_unaligned(struct shash_desc *desc, const u8 *data, + unsigned int len, u8 *out) +{ + return crypto_shash_update(desc, data, len) ?: + crypto_shash_final(desc, out); +} + +int crypto_shash_finup(struct shash_desc *desc, const u8 *data, + unsigned int len, u8 *out) +{ + struct crypto_shash *tfm = desc->tfm; + struct shash_alg *shash = crypto_shash_alg(tfm); + unsigned long alignmask = crypto_shash_alignmask(tfm); + + if (((unsigned long)data | (unsigned long)out) & alignmask || + !shash->finup) + return shash_finup_unaligned(desc, data, len, out); + + return shash->finup(desc, data, len, out); +} +EXPORT_SYMBOL_GPL(crypto_shash_finup); + +static int shash_digest_unaligned(struct shash_desc *desc, const u8 *data, + unsigned int len, u8 *out) +{ + return crypto_shash_init(desc) ?: + crypto_shash_update(desc, data, len) ?: + crypto_shash_final(desc, out); +} + +int crypto_shash_digest(struct shash_desc *desc, const u8 *data, + unsigned int len, u8 *out) +{ + struct crypto_shash *tfm = desc->tfm; + struct shash_alg *shash = crypto_shash_alg(tfm); + unsigned long alignmask = crypto_shash_alignmask(tfm); + + if (((unsigned long)data | (unsigned long)out) & alignmask || + !shash->digest) + return shash_digest_unaligned(desc, data, len, out); + + return shash->digest(desc, data, len, out); +} +EXPORT_SYMBOL_GPL(crypto_shash_digest); + +static int crypto_shash_init_tfm(struct crypto_tfm *tfm, + const struct crypto_type *frontend) +{ + if (frontend->type != CRYPTO_ALG_TYPE_SHASH) + return -EINVAL; + return 0; +} + +static unsigned int crypto_shash_extsize(struct crypto_alg *alg, + const struct crypto_type *frontend) +{ + return alg->cra_ctxsize; +} + +static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg) + __attribute__ ((unused)); +static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg) +{ + struct shash_alg *salg = __crypto_shash_alg(alg); + + seq_printf(m, "type : shash\n"); + seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); + seq_printf(m, "digestsize : %u\n", salg->digestsize); + seq_printf(m, "descsize : %u\n", salg->descsize); +} + +static const struct crypto_type crypto_shash_type = { + .extsize = crypto_shash_extsize, + .init_tfm = crypto_shash_init_tfm, +#ifdef CONFIG_PROC_FS + .show = crypto_shash_show, +#endif + .maskclear = ~CRYPTO_ALG_TYPE_MASK, + .maskset = CRYPTO_ALG_TYPE_MASK, + .type = CRYPTO_ALG_TYPE_SHASH, + .tfmsize = offsetof(struct crypto_shash, base), +}; + +struct crypto_shash *crypto_alloc_shash(const char *alg_name, u32 type, + u32 mask) +{ + return __crypto_shash_cast( + crypto_alloc_tfm(alg_name, &crypto_shash_type, type, mask)); +} +EXPORT_SYMBOL_GPL(crypto_alloc_shash); + +int crypto_register_shash(struct shash_alg *alg) +{ + struct crypto_alg *base = &alg->base; + + if (alg->digestsize > PAGE_SIZE / 8 || + alg->descsize > PAGE_SIZE / 8) + return -EINVAL; + + base->cra_type = &crypto_shash_type; + base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; + base->cra_flags |= CRYPTO_ALG_TYPE_SHASH; + + return crypto_register_alg(base); +} +EXPORT_SYMBOL_GPL(crypto_register_shash); + +int crypto_unregister_shash(struct shash_alg *alg) +{ + return crypto_unregister_alg(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_unregister_shash); + +MODULE_LICENSE("GPL"); +MODULE_DESCRIPTION("Synchronous cryptographic hash type"); diff --git a/include/crypto/hash.h b/include/crypto/hash.h index ee48ef8fb2e..f9b51d40895 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -15,10 +15,39 @@ #include +struct shash_desc { + struct crypto_shash *tfm; + u32 flags; + + void *__ctx[] CRYPTO_MINALIGN_ATTR; +}; + +struct shash_alg { + int (*init)(struct shash_desc *desc); + int (*update)(struct shash_desc *desc, const u8 *data, + unsigned int len); + int (*final)(struct shash_desc *desc, u8 *out); + int (*finup)(struct shash_desc *desc, const u8 *data, + unsigned int len, u8 *out); + int (*digest)(struct shash_desc *desc, const u8 *data, + unsigned int len, u8 *out); + int (*setkey)(struct crypto_shash *tfm, const u8 *key, + unsigned int keylen); + + unsigned int descsize; + unsigned int digestsize; + + struct crypto_alg base; +}; + struct crypto_ahash { struct crypto_tfm base; }; +struct crypto_shash { + struct crypto_tfm base; +}; + static inline struct crypto_ahash *__crypto_ahash_cast(struct crypto_tfm *tfm) { return (struct crypto_ahash *)tfm; @@ -169,4 +198,79 @@ static inline void ahash_request_set_crypt(struct ahash_request *req, req->result = result; } +struct crypto_shash *crypto_alloc_shash(const char *alg_name, u32 type, + u32 mask); + +static inline struct crypto_tfm *crypto_shash_tfm(struct crypto_shash *tfm) +{ + return &tfm->base; +} + +static inline void crypto_free_shash(struct crypto_shash *tfm) +{ + crypto_free_tfm(crypto_shash_tfm(tfm)); +} + +static inline unsigned int crypto_shash_alignmask( + struct crypto_shash *tfm) +{ + return crypto_tfm_alg_alignmask(crypto_shash_tfm(tfm)); +} + +static inline struct shash_alg *__crypto_shash_alg(struct crypto_alg *alg) +{ + return container_of(alg, struct shash_alg, base); +} + +static inline struct shash_alg *crypto_shash_alg(struct crypto_shash *tfm) +{ + return __crypto_shash_alg(crypto_shash_tfm(tfm)->__crt_alg); +} + +static inline unsigned int crypto_shash_digestsize(struct crypto_shash *tfm) +{ + return crypto_shash_alg(tfm)->digestsize; +} + +static inline u32 crypto_shash_get_flags(struct crypto_shash *tfm) +{ + return crypto_tfm_get_flags(crypto_shash_tfm(tfm)); +} + +static inline void crypto_shash_set_flags(struct crypto_shash *tfm, u32 flags) +{ + crypto_tfm_set_flags(crypto_shash_tfm(tfm), flags); +} + +static inline void crypto_shash_clear_flags(struct crypto_shash *tfm, u32 flags) +{ + crypto_tfm_clear_flags(crypto_shash_tfm(tfm), flags); +} + +static inline unsigned int crypto_shash_descsize(struct crypto_shash *tfm) +{ + return crypto_shash_alg(tfm)->descsize; +} + +static inline void *shash_desc_ctx(struct shash_desc *desc) +{ + return desc->__ctx; +} + +int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, + unsigned int keylen); +int crypto_shash_digest(struct shash_desc *desc, const u8 *data, + unsigned int len, u8 *out); + +static inline int crypto_shash_init(struct shash_desc *desc) +{ + return crypto_shash_alg(desc->tfm)->init(desc); +} + +int crypto_shash_update(struct shash_desc *desc, const u8 *data, + unsigned int len); +int crypto_shash_final(struct shash_desc *desc, u8 *out); +int crypto_shash_finup(struct shash_desc *desc, const u8 *data, + unsigned int len, u8 *out); + #endif /* _CRYPTO_HASH_H */ diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h index 917ae57bad4..32d3a8ed06d 100644 --- a/include/crypto/internal/hash.h +++ b/include/crypto/internal/hash.h @@ -40,6 +40,9 @@ int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err); int crypto_hash_walk_first(struct ahash_request *req, struct crypto_hash_walk *walk); +int crypto_register_shash(struct shash_alg *alg); +int crypto_unregister_shash(struct shash_alg *alg); + static inline void *crypto_ahash_ctx(struct crypto_ahash *tfm) { return crypto_tfm_ctx(&tfm->base); @@ -74,5 +77,10 @@ static inline int ahash_tfm_in_queue(struct crypto_queue *queue, return crypto_tfm_in_queue(queue, crypto_ahash_tfm(tfm)); } +static inline void *crypto_shash_ctx(struct crypto_shash *tfm) +{ + return crypto_tfm_ctx(&tfm->base); +} + #endif /* _CRYPTO_INTERNAL_HASH_H */ diff --git a/include/linux/crypto.h b/include/linux/crypto.h index ffaaa418cf5..ee95c748695 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -39,6 +39,7 @@ #define CRYPTO_ALG_TYPE_HASH 0x00000009 #define CRYPTO_ALG_TYPE_AHASH 0x0000000a #define CRYPTO_ALG_TYPE_RNG 0x0000000c +#define CRYPTO_ALG_TYPE_SHASH 0x0000000d #define CRYPTO_ALG_TYPE_HASH_MASK 0x0000000e #define CRYPTO_ALG_TYPE_AHASH_MASK 0x0000000c -- cgit v1.2.3-70-g09d2 From 3b2f6df08258e2875f42bd630eece7e7241a053b Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 31 Aug 2008 18:52:18 +1000 Subject: crypto: hash - Export shash through ahash This patch allows shash algorithms to be used through the ahash interface. This is required before we can convert digest algorithms over to shash. Signed-off-by: Herbert Xu --- crypto/shash.c | 143 +++++++++++++++++++++++++++++++++++++++++++++++++ include/linux/crypto.h | 2 +- 2 files changed, 144 insertions(+), 1 deletion(-) (limited to 'include/linux/crypto.h') diff --git a/crypto/shash.c b/crypto/shash.c index 82ec4bd8d2f..3f4c713a21e 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -10,6 +10,7 @@ * */ +#include #include #include #include @@ -17,11 +18,15 @@ #include #include +static const struct crypto_type crypto_shash_type; + static inline struct crypto_shash *__crypto_shash_cast(struct crypto_tfm *tfm) { return container_of(tfm, struct crypto_shash, base); } +#include "internal.h" + static int shash_setkey_unaligned(struct crypto_shash *tfm, const u8 *key, unsigned int keylen) { @@ -167,6 +172,142 @@ int crypto_shash_digest(struct shash_desc *desc, const u8 *data, } EXPORT_SYMBOL_GPL(crypto_shash_digest); +static int shash_async_setkey(struct crypto_ahash *tfm, const u8 *key, + unsigned int keylen) +{ + struct crypto_shash **ctx = crypto_ahash_ctx(tfm); + + return crypto_shash_setkey(*ctx, key, keylen); +} + +static int shash_async_init(struct ahash_request *req) +{ + struct crypto_shash **ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(req)); + struct shash_desc *desc = ahash_request_ctx(req); + + desc->tfm = *ctx; + desc->flags = req->base.flags; + + return crypto_shash_init(desc); +} + +static int shash_async_update(struct ahash_request *req) +{ + struct shash_desc *desc = ahash_request_ctx(req); + struct crypto_hash_walk walk; + int nbytes; + + for (nbytes = crypto_hash_walk_first(req, &walk); nbytes > 0; + nbytes = crypto_hash_walk_done(&walk, nbytes)) + nbytes = crypto_shash_update(desc, walk.data, nbytes); + + return nbytes; +} + +static int shash_async_final(struct ahash_request *req) +{ + return crypto_shash_final(ahash_request_ctx(req), req->result); +} + +static int shash_async_digest(struct ahash_request *req) +{ + struct scatterlist *sg = req->src; + unsigned int offset = sg->offset; + unsigned int nbytes = req->nbytes; + int err; + + if (nbytes < min(sg->length, ((unsigned int)(PAGE_SIZE)) - offset)) { + struct crypto_shash **ctx = + crypto_ahash_ctx(crypto_ahash_reqtfm(req)); + struct shash_desc *desc = ahash_request_ctx(req); + void *data; + + desc->tfm = *ctx; + desc->flags = req->base.flags; + + data = crypto_kmap(sg_page(sg), 0); + err = crypto_shash_digest(desc, data + offset, nbytes, + req->result); + crypto_kunmap(data, 0); + crypto_yield(desc->flags); + goto out; + } + + err = shash_async_init(req); + if (err) + goto out; + + err = shash_async_update(req); + if (err) + goto out; + + err = shash_async_final(req); + +out: + return err; +} + +static void crypto_exit_shash_ops_async(struct crypto_tfm *tfm) +{ + struct crypto_shash **ctx = crypto_tfm_ctx(tfm); + + crypto_free_shash(*ctx); +} + +static int crypto_init_shash_ops_async(struct crypto_tfm *tfm) +{ + struct crypto_alg *calg = tfm->__crt_alg; + struct shash_alg *alg = __crypto_shash_alg(calg); + struct ahash_tfm *crt = &tfm->crt_ahash; + struct crypto_shash **ctx = crypto_tfm_ctx(tfm); + struct crypto_shash *shash; + + if (!crypto_mod_get(calg)) + return -EAGAIN; + + shash = __crypto_shash_cast(crypto_create_tfm( + calg, &crypto_shash_type)); + if (IS_ERR(shash)) { + crypto_mod_put(calg); + return PTR_ERR(shash); + } + + *ctx = shash; + tfm->exit = crypto_exit_shash_ops_async; + + crt->init = shash_async_init; + crt->update = shash_async_update; + crt->final = shash_async_final; + crt->digest = shash_async_digest; + crt->setkey = shash_async_setkey; + + crt->digestsize = alg->digestsize; + crt->reqsize = sizeof(struct shash_desc) + crypto_shash_descsize(shash); + + return 0; +} + +static int crypto_init_shash_ops(struct crypto_tfm *tfm, u32 type, u32 mask) +{ + switch (mask & CRYPTO_ALG_TYPE_MASK) { + case CRYPTO_ALG_TYPE_AHASH_MASK: + return crypto_init_shash_ops_async(tfm); + } + + return -EINVAL; +} + +static unsigned int crypto_shash_ctxsize(struct crypto_alg *alg, u32 type, + u32 mask) +{ + switch (mask & CRYPTO_ALG_TYPE_MASK) { + case CRYPTO_ALG_TYPE_AHASH_MASK: + return sizeof(struct crypto_shash *); + } + + return 0; +} + static int crypto_shash_init_tfm(struct crypto_tfm *tfm, const struct crypto_type *frontend) { @@ -194,7 +335,9 @@ static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg) } static const struct crypto_type crypto_shash_type = { + .ctxsize = crypto_shash_ctxsize, .extsize = crypto_shash_extsize, + .init = crypto_init_shash_ops, .init_tfm = crypto_shash_init_tfm, #ifdef CONFIG_PROC_FS .show = crypto_shash_show, diff --git a/include/linux/crypto.h b/include/linux/crypto.h index ee95c748695..44c72f0f9b0 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -38,8 +38,8 @@ #define CRYPTO_ALG_TYPE_DIGEST 0x00000008 #define CRYPTO_ALG_TYPE_HASH 0x00000009 #define CRYPTO_ALG_TYPE_AHASH 0x0000000a +#define CRYPTO_ALG_TYPE_SHASH 0x0000000b #define CRYPTO_ALG_TYPE_RNG 0x0000000c -#define CRYPTO_ALG_TYPE_SHASH 0x0000000d #define CRYPTO_ALG_TYPE_HASH_MASK 0x0000000e #define CRYPTO_ALG_TYPE_AHASH_MASK 0x0000000c -- cgit v1.2.3-70-g09d2 From dec8b78606ebd5f309c38f2fb10196ce996dd18d Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 2 Nov 2008 21:38:11 +0800 Subject: crypto: hash - Add import/export interface It is often useful to save the partial state of a hash function so that it can be used as a base for two or more computations. The most prominent example is HMAC where all hashes start from a base determined by the key. Having an import/export interface means that we only have to compute that base once rather than for each message. Signed-off-by: Herbert Xu --- crypto/ahash.c | 14 ++++++++++++++ crypto/shash.c | 14 ++++++++++++++ include/crypto/hash.h | 21 +++++++++++++++++++++ include/crypto/internal/hash.h | 5 ----- include/linux/crypto.h | 1 + 5 files changed, 50 insertions(+), 5 deletions(-) (limited to 'include/linux/crypto.h') diff --git a/crypto/ahash.c b/crypto/ahash.c index 27128f2c687..7d4e33dfe21 100644 --- a/crypto/ahash.c +++ b/crypto/ahash.c @@ -146,6 +146,20 @@ static int ahash_setkey(struct crypto_ahash *tfm, const u8 *key, return ahash->setkey(tfm, key, keylen); } +int crypto_ahash_import(struct ahash_request *req, const u8 *in) +{ + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); + struct ahash_alg *alg = crypto_ahash_alg(tfm); + + memcpy(ahash_request_ctx(req), in, crypto_ahash_reqsize(tfm)); + + if (alg->reinit) + alg->reinit(req); + + return 0; +} +EXPORT_SYMBOL_GPL(crypto_ahash_import); + static unsigned int crypto_ahash_ctxsize(struct crypto_alg *alg, u32 type, u32 mask) { diff --git a/crypto/shash.c b/crypto/shash.c index 3f4c713a21e..26aff3feefc 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -172,6 +172,20 @@ int crypto_shash_digest(struct shash_desc *desc, const u8 *data, } EXPORT_SYMBOL_GPL(crypto_shash_digest); +int crypto_shash_import(struct shash_desc *desc, const u8 *in) +{ + struct crypto_shash *tfm = desc->tfm; + struct shash_alg *alg = crypto_shash_alg(tfm); + + memcpy(shash_desc_ctx(desc), in, crypto_shash_descsize(tfm)); + + if (alg->reinit) + alg->reinit(desc); + + return 0; +} +EXPORT_SYMBOL_GPL(crypto_shash_import); + static int shash_async_setkey(struct crypto_ahash *tfm, const u8 *key, unsigned int keylen) { diff --git a/include/crypto/hash.h b/include/crypto/hash.h index f9b51d40895..cd16d6e668c 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -24,6 +24,7 @@ struct shash_desc { struct shash_alg { int (*init)(struct shash_desc *desc); + int (*reinit)(struct shash_desc *desc); int (*update)(struct shash_desc *desc, const u8 *data, unsigned int len); int (*final)(struct shash_desc *desc, u8 *out); @@ -116,6 +117,11 @@ static inline unsigned int crypto_ahash_reqsize(struct crypto_ahash *tfm) return crypto_ahash_crt(tfm)->reqsize; } +static inline void *ahash_request_ctx(struct ahash_request *req) +{ + return req->__ctx; +} + static inline int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key, unsigned int keylen) { @@ -130,6 +136,14 @@ static inline int crypto_ahash_digest(struct ahash_request *req) return crt->digest(req); } +static inline void crypto_ahash_export(struct ahash_request *req, u8 *out) +{ + memcpy(out, ahash_request_ctx(req), + crypto_ahash_reqsize(crypto_ahash_reqtfm(req))); +} + +int crypto_ahash_import(struct ahash_request *req, const u8 *in); + static inline int crypto_ahash_init(struct ahash_request *req) { struct ahash_tfm *crt = crypto_ahash_crt(crypto_ahash_reqtfm(req)); @@ -262,6 +276,13 @@ int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, int crypto_shash_digest(struct shash_desc *desc, const u8 *data, unsigned int len, u8 *out); +static inline void crypto_shash_export(struct shash_desc *desc, u8 *out) +{ + memcpy(out, shash_desc_ctx(desc), crypto_shash_descsize(desc->tfm)); +} + +int crypto_shash_import(struct shash_desc *desc, const u8 *in); + static inline int crypto_shash_init(struct shash_desc *desc) { return crypto_shash_alg(desc->tfm)->init(desc); diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h index 32d3a8ed06d..92fbe738585 100644 --- a/include/crypto/internal/hash.h +++ b/include/crypto/internal/hash.h @@ -66,11 +66,6 @@ static inline struct ahash_request *ahash_dequeue_request( return ahash_request_cast(crypto_dequeue_request(queue)); } -static inline void *ahash_request_ctx(struct ahash_request *req) -{ - return req->__ctx; -} - static inline int ahash_tfm_in_queue(struct crypto_queue *queue, struct crypto_ahash *tfm) { diff --git a/include/linux/crypto.h b/include/linux/crypto.h index 44c72f0f9b0..77a1f3d9416 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -221,6 +221,7 @@ struct ablkcipher_alg { struct ahash_alg { int (*init)(struct ahash_request *req); + int (*reinit)(struct ahash_request *req); int (*update)(struct ahash_request *req); int (*final)(struct ahash_request *req); int (*digest)(struct ahash_request *req); -- cgit v1.2.3-70-g09d2 From 5f7082ed4f482f05db01d84dbf58190492ebf0ad Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 31 Aug 2008 22:21:09 +1000 Subject: crypto: hash - Export shash through hash This patch allows shash algorithms to be used through the old hash interface. This is a transitional measure so we can convert the underlying algorithms to shash before converting the users across. Signed-off-by: Herbert Xu --- crypto/ahash.c | 16 ++++++ crypto/authenc.c | 3 ++ crypto/hmac.c | 10 ++-- crypto/shash.c | 109 +++++++++++++++++++++++++++++++++++++++++ include/crypto/algapi.h | 5 ++ include/crypto/internal/hash.h | 3 ++ include/linux/crypto.h | 4 +- 7 files changed, 144 insertions(+), 6 deletions(-) (limited to 'include/linux/crypto.h') diff --git a/crypto/ahash.c b/crypto/ahash.c index 7d4e33dfe21..9f98956b17f 100644 --- a/crypto/ahash.c +++ b/crypto/ahash.c @@ -112,6 +112,22 @@ int crypto_hash_walk_first(struct ahash_request *req, } EXPORT_SYMBOL_GPL(crypto_hash_walk_first); +int crypto_hash_walk_first_compat(struct hash_desc *hdesc, + struct crypto_hash_walk *walk, + struct scatterlist *sg, unsigned int len) +{ + walk->total = len; + + if (!walk->total) + return 0; + + walk->alignmask = crypto_hash_alignmask(hdesc->tfm); + walk->sg = sg; + walk->flags = hdesc->flags; + + return hash_walk_new_entry(walk); +} + static int ahash_setkey_unaligned(struct crypto_ahash *tfm, const u8 *key, unsigned int keylen) { diff --git a/crypto/authenc.c b/crypto/authenc.c index fd9f06c63d7..40b6e9ec9e3 100644 --- a/crypto/authenc.c +++ b/crypto/authenc.c @@ -11,6 +11,7 @@ */ #include +#include #include #include #include @@ -431,6 +432,8 @@ static struct crypto_instance *crypto_authenc_alloc(struct rtattr **tb) inst->alg.cra_aead.ivsize = enc->cra_ablkcipher.ivsize; inst->alg.cra_aead.maxauthsize = auth->cra_type == &crypto_hash_type ? auth->cra_hash.digestsize : + auth->cra_type ? + __crypto_shash_alg(auth)->digestsize : auth->cra_digest.dia_digestsize; inst->alg.cra_ctxsize = sizeof(struct crypto_authenc_ctx); diff --git a/crypto/hmac.c b/crypto/hmac.c index 7ff2d6a8c7d..0ad39c37496 100644 --- a/crypto/hmac.c +++ b/crypto/hmac.c @@ -16,7 +16,7 @@ * */ -#include +#include #include #include #include @@ -238,9 +238,11 @@ static struct crypto_instance *hmac_alloc(struct rtattr **tb) return ERR_CAST(alg); inst = ERR_PTR(-EINVAL); - ds = (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == - CRYPTO_ALG_TYPE_HASH ? alg->cra_hash.digestsize : - alg->cra_digest.dia_digestsize; + ds = alg->cra_type == &crypto_hash_type ? + alg->cra_hash.digestsize : + alg->cra_type ? + __crypto_shash_alg(alg)->digestsize : + alg->cra_digest.dia_digestsize; if (ds > alg->cra_blocksize) goto out_put_alg; diff --git a/crypto/shash.c b/crypto/shash.c index 26aff3feefc..50d69a4e4b6 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -301,9 +301,114 @@ static int crypto_init_shash_ops_async(struct crypto_tfm *tfm) return 0; } +static int shash_compat_setkey(struct crypto_hash *tfm, const u8 *key, + unsigned int keylen) +{ + struct shash_desc *desc = crypto_hash_ctx(tfm); + + return crypto_shash_setkey(desc->tfm, key, keylen); +} + +static int shash_compat_init(struct hash_desc *hdesc) +{ + struct shash_desc *desc = crypto_hash_ctx(hdesc->tfm); + + desc->flags = hdesc->flags; + + return crypto_shash_init(desc); +} + +static int shash_compat_update(struct hash_desc *hdesc, struct scatterlist *sg, + unsigned int len) +{ + struct shash_desc *desc = crypto_hash_ctx(hdesc->tfm); + struct crypto_hash_walk walk; + int nbytes; + + for (nbytes = crypto_hash_walk_first_compat(hdesc, &walk, sg, len); + nbytes > 0; nbytes = crypto_hash_walk_done(&walk, nbytes)) + nbytes = crypto_shash_update(desc, walk.data, nbytes); + + return nbytes; +} + +static int shash_compat_final(struct hash_desc *hdesc, u8 *out) +{ + return crypto_shash_final(crypto_hash_ctx(hdesc->tfm), out); +} + +static int shash_compat_digest(struct hash_desc *hdesc, struct scatterlist *sg, + unsigned int nbytes, u8 *out) +{ + unsigned int offset = sg->offset; + int err; + + if (nbytes < min(sg->length, ((unsigned int)(PAGE_SIZE)) - offset)) { + struct shash_desc *desc = crypto_hash_ctx(hdesc->tfm); + void *data; + + desc->flags = hdesc->flags; + + data = crypto_kmap(sg_page(sg), 0); + err = crypto_shash_digest(desc, data + offset, nbytes, out); + crypto_kunmap(data, 0); + crypto_yield(desc->flags); + goto out; + } + + err = shash_compat_init(hdesc); + if (err) + goto out; + + err = shash_compat_update(hdesc, sg, nbytes); + if (err) + goto out; + + err = shash_compat_final(hdesc, out); + +out: + return err; +} + +static void crypto_exit_shash_ops_compat(struct crypto_tfm *tfm) +{ + struct shash_desc *desc= crypto_tfm_ctx(tfm); + + crypto_free_shash(desc->tfm); +} + +static int crypto_init_shash_ops_compat(struct crypto_tfm *tfm) +{ + struct hash_tfm *crt = &tfm->crt_hash; + struct crypto_alg *calg = tfm->__crt_alg; + struct shash_alg *alg = __crypto_shash_alg(calg); + struct shash_desc *desc = crypto_tfm_ctx(tfm); + struct crypto_shash *shash; + + shash = __crypto_shash_cast(crypto_create_tfm( + calg, &crypto_shash_type)); + if (IS_ERR(shash)) + return PTR_ERR(shash); + + desc->tfm = shash; + tfm->exit = crypto_exit_shash_ops_compat; + + crt->init = shash_compat_init; + crt->update = shash_compat_update; + crt->final = shash_compat_final; + crt->digest = shash_compat_digest; + crt->setkey = shash_compat_setkey; + + crt->digestsize = alg->digestsize; + + return 0; +} + static int crypto_init_shash_ops(struct crypto_tfm *tfm, u32 type, u32 mask) { switch (mask & CRYPTO_ALG_TYPE_MASK) { + case CRYPTO_ALG_TYPE_HASH_MASK: + return crypto_init_shash_ops_compat(tfm); case CRYPTO_ALG_TYPE_AHASH_MASK: return crypto_init_shash_ops_async(tfm); } @@ -314,7 +419,11 @@ static int crypto_init_shash_ops(struct crypto_tfm *tfm, u32 type, u32 mask) static unsigned int crypto_shash_ctxsize(struct crypto_alg *alg, u32 type, u32 mask) { + struct shash_alg *salg = __crypto_shash_alg(alg); + switch (mask & CRYPTO_ALG_TYPE_MASK) { + case CRYPTO_ALG_TYPE_HASH_MASK: + return sizeof(struct shash_desc) + salg->descsize; case CRYPTO_ALG_TYPE_AHASH_MASK: return sizeof(struct crypto_shash *); } diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h index 986db68548f..010545436ef 100644 --- a/include/crypto/algapi.h +++ b/include/crypto/algapi.h @@ -248,6 +248,11 @@ static inline struct crypto_hash *crypto_spawn_hash(struct crypto_spawn *spawn) return __crypto_hash_cast(crypto_spawn_tfm(spawn, type, mask)); } +static inline void *crypto_hash_ctx(struct crypto_hash *tfm) +{ + return crypto_tfm_ctx(&tfm->base); +} + static inline void *crypto_hash_ctx_aligned(struct crypto_hash *tfm) { return crypto_tfm_ctx_aligned(&tfm->base); diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h index 92fbe738585..82b70564bca 100644 --- a/include/crypto/internal/hash.h +++ b/include/crypto/internal/hash.h @@ -39,6 +39,9 @@ extern const struct crypto_type crypto_ahash_type; int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err); int crypto_hash_walk_first(struct ahash_request *req, struct crypto_hash_walk *walk); +int crypto_hash_walk_first_compat(struct hash_desc *hdesc, + struct crypto_hash_walk *walk, + struct scatterlist *sg, unsigned int len); int crypto_register_shash(struct shash_alg *alg); int crypto_unregister_shash(struct shash_alg *alg); diff --git a/include/linux/crypto.h b/include/linux/crypto.h index 77a1f3d9416..3bacd71509f 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -36,9 +36,9 @@ #define CRYPTO_ALG_TYPE_ABLKCIPHER 0x00000005 #define CRYPTO_ALG_TYPE_GIVCIPHER 0x00000006 #define CRYPTO_ALG_TYPE_DIGEST 0x00000008 -#define CRYPTO_ALG_TYPE_HASH 0x00000009 +#define CRYPTO_ALG_TYPE_HASH 0x00000008 +#define CRYPTO_ALG_TYPE_SHASH 0x00000009 #define CRYPTO_ALG_TYPE_AHASH 0x0000000a -#define CRYPTO_ALG_TYPE_SHASH 0x0000000b #define CRYPTO_ALG_TYPE_RNG 0x0000000c #define CRYPTO_ALG_TYPE_HASH_MASK 0x0000000e -- cgit v1.2.3-70-g09d2