xref: /openbmc/linux/crypto/ahash.c (revision b68a7ec1e9a3efac53ae26a1658a553825a2375c) 
1004a403cSLoc Ho /*
2004a403cSLoc Ho  * Asynchronous Cryptographic Hash operations.
3004a403cSLoc Ho  *
4004a403cSLoc Ho  * This is the asynchronous version of hash.c with notification of
5004a403cSLoc Ho  * completion via a callback.
6004a403cSLoc Ho  *
7004a403cSLoc Ho  * Copyright (c) 2008 Loc Ho <lho@amcc.com>
8004a403cSLoc Ho  *
9004a403cSLoc Ho  * This program is free software; you can redistribute it and/or modify it
10004a403cSLoc Ho  * under the terms of the GNU General Public License as published by the Free
11004a403cSLoc Ho  * Software Foundation; either version 2 of the License, or (at your option)
12004a403cSLoc Ho  * any later version.
13004a403cSLoc Ho  *
14004a403cSLoc Ho  */
15004a403cSLoc Ho 
1620036252SHerbert Xu #include <crypto/internal/hash.h>
1720036252SHerbert Xu #include <crypto/scatterwalk.h>
1875ecb231SHerbert Xu #include <linux/bug.h>
19004a403cSLoc Ho #include <linux/err.h>
20004a403cSLoc Ho #include <linux/kernel.h>
21004a403cSLoc Ho #include <linux/module.h>
22004a403cSLoc Ho #include <linux/sched.h>
23004a403cSLoc Ho #include <linux/slab.h>
24004a403cSLoc Ho #include <linux/seq_file.h>
256238cbaeSSteffen Klassert #include <linux/cryptouser.h>
26d8c34b94SGideon Israel Dsouza #include <linux/compiler.h>
276238cbaeSSteffen Klassert #include <net/netlink.h>
28004a403cSLoc Ho 
29004a403cSLoc Ho #include "internal.h"
30004a403cSLoc Ho 
3166f6ce5eSHerbert Xu struct ahash_request_priv {
3266f6ce5eSHerbert Xu 	crypto_completion_t complete;
3366f6ce5eSHerbert Xu 	void *data;
3466f6ce5eSHerbert Xu 	u8 *result;
35ef0579b6SHerbert Xu 	u32 flags;
3666f6ce5eSHerbert Xu 	void *ubuf[] CRYPTO_MINALIGN_ATTR;
3766f6ce5eSHerbert Xu };
3866f6ce5eSHerbert Xu 
3988056ec3SHerbert Xu static inline struct ahash_alg *crypto_ahash_alg(struct crypto_ahash *hash)
4088056ec3SHerbert Xu {
4188056ec3SHerbert Xu 	return container_of(crypto_hash_alg_common(hash), struct ahash_alg,
4288056ec3SHerbert Xu 			    halg);
4388056ec3SHerbert Xu }
4488056ec3SHerbert Xu 
4520036252SHerbert Xu static int hash_walk_next(struct crypto_hash_walk *walk)
4620036252SHerbert Xu {
4720036252SHerbert Xu 	unsigned int alignmask = walk->alignmask;
4820036252SHerbert Xu 	unsigned int offset = walk->offset;
4920036252SHerbert Xu 	unsigned int nbytes = min(walk->entrylen,
5020036252SHerbert Xu 				  ((unsigned int)(PAGE_SIZE)) - offset);
5120036252SHerbert Xu 
5275ecb231SHerbert Xu 	if (walk->flags & CRYPTO_ALG_ASYNC)
5375ecb231SHerbert Xu 		walk->data = kmap(walk->pg);
5475ecb231SHerbert Xu 	else
55f0dfc0b0SCong Wang 		walk->data = kmap_atomic(walk->pg);
5620036252SHerbert Xu 	walk->data += offset;
5720036252SHerbert Xu 
5823a75eeeSSzilveszter Ördög 	if (offset & alignmask) {
5923a75eeeSSzilveszter Ördög 		unsigned int unaligned = alignmask + 1 - (offset & alignmask);
60b516d514SJoshua I. James 
6123a75eeeSSzilveszter Ördög 		if (nbytes > unaligned)
6223a75eeeSSzilveszter Ördög 			nbytes = unaligned;
6323a75eeeSSzilveszter Ördög 	}
6420036252SHerbert Xu 
6520036252SHerbert Xu 	walk->entrylen -= nbytes;
6620036252SHerbert Xu 	return nbytes;
6720036252SHerbert Xu }
6820036252SHerbert Xu 
6920036252SHerbert Xu static int hash_walk_new_entry(struct crypto_hash_walk *walk)
7020036252SHerbert Xu {
7120036252SHerbert Xu 	struct scatterlist *sg;
7220036252SHerbert Xu 
7320036252SHerbert Xu 	sg = walk->sg;
7420036252SHerbert Xu 	walk->offset = sg->offset;
7513f4bb78SHerbert Xu 	walk->pg = sg_page(walk->sg) + (walk->offset >> PAGE_SHIFT);
7613f4bb78SHerbert Xu 	walk->offset = offset_in_page(walk->offset);
7720036252SHerbert Xu 	walk->entrylen = sg->length;
7820036252SHerbert Xu 
7920036252SHerbert Xu 	if (walk->entrylen > walk->total)
8020036252SHerbert Xu 		walk->entrylen = walk->total;
8120036252SHerbert Xu 	walk->total -= walk->entrylen;
8220036252SHerbert Xu 
8320036252SHerbert Xu 	return hash_walk_next(walk);
8420036252SHerbert Xu }
8520036252SHerbert Xu 
8620036252SHerbert Xu int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err)
8720036252SHerbert Xu {
8820036252SHerbert Xu 	unsigned int alignmask = walk->alignmask;
8920036252SHerbert Xu 	unsigned int nbytes = walk->entrylen;
9020036252SHerbert Xu 
9120036252SHerbert Xu 	walk->data -= walk->offset;
9220036252SHerbert Xu 
9320036252SHerbert Xu 	if (nbytes && walk->offset & alignmask && !err) {
9420036252SHerbert Xu 		walk->offset = ALIGN(walk->offset, alignmask + 1);
9520036252SHerbert Xu 		nbytes = min(nbytes,
9620036252SHerbert Xu 			     ((unsigned int)(PAGE_SIZE)) - walk->offset);
9720036252SHerbert Xu 		walk->entrylen -= nbytes;
9820036252SHerbert Xu 
99900a081fSHerbert Xu 		if (nbytes) {
100900a081fSHerbert Xu 			walk->data += walk->offset;
10120036252SHerbert Xu 			return nbytes;
10220036252SHerbert Xu 		}
103900a081fSHerbert Xu 	}
10420036252SHerbert Xu 
10575ecb231SHerbert Xu 	if (walk->flags & CRYPTO_ALG_ASYNC)
10675ecb231SHerbert Xu 		kunmap(walk->pg);
10775ecb231SHerbert Xu 	else {
108f0dfc0b0SCong Wang 		kunmap_atomic(walk->data);
10975ecb231SHerbert Xu 		/*
11075ecb231SHerbert Xu 		 * The may sleep test only makes sense for sync users.
11175ecb231SHerbert Xu 		 * Async users don't need to sleep here anyway.
11275ecb231SHerbert Xu 		 */
11320036252SHerbert Xu 		crypto_yield(walk->flags);
11475ecb231SHerbert Xu 	}
11520036252SHerbert Xu 
11620036252SHerbert Xu 	if (err)
11720036252SHerbert Xu 		return err;
11820036252SHerbert Xu 
119d315a0e0SHerbert Xu 	if (nbytes) {
12020036252SHerbert Xu 		walk->offset = 0;
121d315a0e0SHerbert Xu 		walk->pg++;
12220036252SHerbert Xu 		return hash_walk_next(walk);
123d315a0e0SHerbert Xu 	}
12420036252SHerbert Xu 
12520036252SHerbert Xu 	if (!walk->total)
12620036252SHerbert Xu 		return 0;
12720036252SHerbert Xu 
1285be4d4c9SCristian Stoica 	walk->sg = sg_next(walk->sg);
12920036252SHerbert Xu 
13020036252SHerbert Xu 	return hash_walk_new_entry(walk);
13120036252SHerbert Xu }
13220036252SHerbert Xu EXPORT_SYMBOL_GPL(crypto_hash_walk_done);
13320036252SHerbert Xu 
13420036252SHerbert Xu int crypto_hash_walk_first(struct ahash_request *req,
13520036252SHerbert Xu 			   struct crypto_hash_walk *walk)
13620036252SHerbert Xu {
13720036252SHerbert Xu 	walk->total = req->nbytes;
13820036252SHerbert Xu 
1396d9529c5STim Chen 	if (!walk->total) {
1406d9529c5STim Chen 		walk->entrylen = 0;
14120036252SHerbert Xu 		return 0;
1426d9529c5STim Chen 	}
14320036252SHerbert Xu 
14420036252SHerbert Xu 	walk->alignmask = crypto_ahash_alignmask(crypto_ahash_reqtfm(req));
14520036252SHerbert Xu 	walk->sg = req->src;
14675ecb231SHerbert Xu 	walk->flags = req->base.flags & CRYPTO_TFM_REQ_MASK;
14720036252SHerbert Xu 
14820036252SHerbert Xu 	return hash_walk_new_entry(walk);
14920036252SHerbert Xu }
15020036252SHerbert Xu EXPORT_SYMBOL_GPL(crypto_hash_walk_first);
15120036252SHerbert Xu 
15275ecb231SHerbert Xu int crypto_ahash_walk_first(struct ahash_request *req,
15375ecb231SHerbert Xu 			    struct crypto_hash_walk *walk)
15475ecb231SHerbert Xu {
15575ecb231SHerbert Xu 	walk->total = req->nbytes;
15675ecb231SHerbert Xu 
1576d9529c5STim Chen 	if (!walk->total) {
1586d9529c5STim Chen 		walk->entrylen = 0;
15975ecb231SHerbert Xu 		return 0;
1606d9529c5STim Chen 	}
16175ecb231SHerbert Xu 
16275ecb231SHerbert Xu 	walk->alignmask = crypto_ahash_alignmask(crypto_ahash_reqtfm(req));
16375ecb231SHerbert Xu 	walk->sg = req->src;
16475ecb231SHerbert Xu 	walk->flags = req->base.flags & CRYPTO_TFM_REQ_MASK;
16575ecb231SHerbert Xu 	walk->flags |= CRYPTO_ALG_ASYNC;
16675ecb231SHerbert Xu 
16775ecb231SHerbert Xu 	BUILD_BUG_ON(CRYPTO_TFM_REQ_MASK & CRYPTO_ALG_ASYNC);
16875ecb231SHerbert Xu 
16975ecb231SHerbert Xu 	return hash_walk_new_entry(walk);
17075ecb231SHerbert Xu }
17175ecb231SHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_walk_first);
17275ecb231SHerbert Xu 
173004a403cSLoc Ho static int ahash_setkey_unaligned(struct crypto_ahash *tfm, const u8 *key,
174004a403cSLoc Ho 				unsigned int keylen)
175004a403cSLoc Ho {
176004a403cSLoc Ho 	unsigned long alignmask = crypto_ahash_alignmask(tfm);
177004a403cSLoc Ho 	int ret;
178004a403cSLoc Ho 	u8 *buffer, *alignbuffer;
179004a403cSLoc Ho 	unsigned long absize;
180004a403cSLoc Ho 
181004a403cSLoc Ho 	absize = keylen + alignmask;
182093900c2SHerbert Xu 	buffer = kmalloc(absize, GFP_KERNEL);
183004a403cSLoc Ho 	if (!buffer)
184004a403cSLoc Ho 		return -ENOMEM;
185004a403cSLoc Ho 
186004a403cSLoc Ho 	alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1);
187004a403cSLoc Ho 	memcpy(alignbuffer, key, keylen);
188a70c5225SHerbert Xu 	ret = tfm->setkey(tfm, alignbuffer, keylen);
1898c32c516SHerbert Xu 	kzfree(buffer);
190004a403cSLoc Ho 	return ret;
191004a403cSLoc Ho }
192004a403cSLoc Ho 
19366f6ce5eSHerbert Xu int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
194004a403cSLoc Ho 			unsigned int keylen)
195004a403cSLoc Ho {
196004a403cSLoc Ho 	unsigned long alignmask = crypto_ahash_alignmask(tfm);
1979fa68f62SEric Biggers 	int err;
198004a403cSLoc Ho 
199004a403cSLoc Ho 	if ((unsigned long)key & alignmask)
2009fa68f62SEric Biggers 		err = ahash_setkey_unaligned(tfm, key, keylen);
2019fa68f62SEric Biggers 	else
2029fa68f62SEric Biggers 		err = tfm->setkey(tfm, key, keylen);
203004a403cSLoc Ho 
2049fa68f62SEric Biggers 	if (err)
2059fa68f62SEric Biggers 		return err;
2069fa68f62SEric Biggers 
2079fa68f62SEric Biggers 	crypto_ahash_clear_flags(tfm, CRYPTO_TFM_NEED_KEY);
2089fa68f62SEric Biggers 	return 0;
209004a403cSLoc Ho }
21066f6ce5eSHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_setkey);
211004a403cSLoc Ho 
2123751f402SHerbert Xu static int ahash_nosetkey(struct crypto_ahash *tfm, const u8 *key,
2133751f402SHerbert Xu 			  unsigned int keylen)
2143751f402SHerbert Xu {
2153751f402SHerbert Xu 	return -ENOSYS;
2163751f402SHerbert Xu }
2173751f402SHerbert Xu 
21866f6ce5eSHerbert Xu static inline unsigned int ahash_align_buffer_size(unsigned len,
21966f6ce5eSHerbert Xu 						   unsigned long mask)
22066f6ce5eSHerbert Xu {
22166f6ce5eSHerbert Xu 	return len + (mask & ~(crypto_tfm_ctx_alignment() - 1));
22266f6ce5eSHerbert Xu }
22366f6ce5eSHerbert Xu 
2241ffc9fbdSMarek Vasut static int ahash_save_req(struct ahash_request *req, crypto_completion_t cplt)
22566f6ce5eSHerbert Xu {
22666f6ce5eSHerbert Xu 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
22766f6ce5eSHerbert Xu 	unsigned long alignmask = crypto_ahash_alignmask(tfm);
22866f6ce5eSHerbert Xu 	unsigned int ds = crypto_ahash_digestsize(tfm);
22966f6ce5eSHerbert Xu 	struct ahash_request_priv *priv;
23066f6ce5eSHerbert Xu 
23166f6ce5eSHerbert Xu 	priv = kmalloc(sizeof(*priv) + ahash_align_buffer_size(ds, alignmask),
23266f6ce5eSHerbert Xu 		       (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ?
2335befbd5aSSteffen Klassert 		       GFP_KERNEL : GFP_ATOMIC);
23466f6ce5eSHerbert Xu 	if (!priv)
23566f6ce5eSHerbert Xu 		return -ENOMEM;
23666f6ce5eSHerbert Xu 
237ab6bf4e5SMarek Vasut 	/*
238ab6bf4e5SMarek Vasut 	 * WARNING: Voodoo programming below!
239ab6bf4e5SMarek Vasut 	 *
240ab6bf4e5SMarek Vasut 	 * The code below is obscure and hard to understand, thus explanation
241ab6bf4e5SMarek Vasut 	 * is necessary. See include/crypto/hash.h and include/linux/crypto.h
242ab6bf4e5SMarek Vasut 	 * to understand the layout of structures used here!
243ab6bf4e5SMarek Vasut 	 *
244ab6bf4e5SMarek Vasut 	 * The code here will replace portions of the ORIGINAL request with
245ab6bf4e5SMarek Vasut 	 * pointers to new code and buffers so the hashing operation can store
246ab6bf4e5SMarek Vasut 	 * the result in aligned buffer. We will call the modified request
247ab6bf4e5SMarek Vasut 	 * an ADJUSTED request.
248ab6bf4e5SMarek Vasut 	 *
249ab6bf4e5SMarek Vasut 	 * The newly mangled request will look as such:
250ab6bf4e5SMarek Vasut 	 *
251ab6bf4e5SMarek Vasut 	 * req {
252ab6bf4e5SMarek Vasut 	 *   .result        = ADJUSTED[new aligned buffer]
253ab6bf4e5SMarek Vasut 	 *   .base.complete = ADJUSTED[pointer to completion function]
254ab6bf4e5SMarek Vasut 	 *   .base.data     = ADJUSTED[*req (pointer to self)]
255ab6bf4e5SMarek Vasut 	 *   .priv          = ADJUSTED[new priv] {
256ab6bf4e5SMarek Vasut 	 *           .result   = ORIGINAL(result)
257ab6bf4e5SMarek Vasut 	 *           .complete = ORIGINAL(base.complete)
258ab6bf4e5SMarek Vasut 	 *           .data     = ORIGINAL(base.data)
259ab6bf4e5SMarek Vasut 	 *   }
260ab6bf4e5SMarek Vasut 	 */
261ab6bf4e5SMarek Vasut 
26266f6ce5eSHerbert Xu 	priv->result = req->result;
26366f6ce5eSHerbert Xu 	priv->complete = req->base.complete;
26466f6ce5eSHerbert Xu 	priv->data = req->base.data;
265ef0579b6SHerbert Xu 	priv->flags = req->base.flags;
266ef0579b6SHerbert Xu 
267ab6bf4e5SMarek Vasut 	/*
268ab6bf4e5SMarek Vasut 	 * WARNING: We do not backup req->priv here! The req->priv
269ab6bf4e5SMarek Vasut 	 *          is for internal use of the Crypto API and the
270ab6bf4e5SMarek Vasut 	 *          user must _NOT_ _EVER_ depend on it's content!
271ab6bf4e5SMarek Vasut 	 */
27266f6ce5eSHerbert Xu 
27366f6ce5eSHerbert Xu 	req->result = PTR_ALIGN((u8 *)priv->ubuf, alignmask + 1);
2741ffc9fbdSMarek Vasut 	req->base.complete = cplt;
27566f6ce5eSHerbert Xu 	req->base.data = req;
27666f6ce5eSHerbert Xu 	req->priv = priv;
27766f6ce5eSHerbert Xu 
2781ffc9fbdSMarek Vasut 	return 0;
2791ffc9fbdSMarek Vasut }
2801ffc9fbdSMarek Vasut 
281ef0579b6SHerbert Xu static void ahash_restore_req(struct ahash_request *req, int err)
2821ffc9fbdSMarek Vasut {
2831ffc9fbdSMarek Vasut 	struct ahash_request_priv *priv = req->priv;
2841ffc9fbdSMarek Vasut 
285ef0579b6SHerbert Xu 	if (!err)
286ef0579b6SHerbert Xu 		memcpy(priv->result, req->result,
287ef0579b6SHerbert Xu 		       crypto_ahash_digestsize(crypto_ahash_reqtfm(req)));
288ef0579b6SHerbert Xu 
2891ffc9fbdSMarek Vasut 	/* Restore the original crypto request. */
2901ffc9fbdSMarek Vasut 	req->result = priv->result;
291ef0579b6SHerbert Xu 
292ef0579b6SHerbert Xu 	ahash_request_set_callback(req, priv->flags,
293ef0579b6SHerbert Xu 				   priv->complete, priv->data);
2941ffc9fbdSMarek Vasut 	req->priv = NULL;
2951ffc9fbdSMarek Vasut 
2961ffc9fbdSMarek Vasut 	/* Free the req->priv.priv from the ADJUSTED request. */
2971ffc9fbdSMarek Vasut 	kzfree(priv);
2981ffc9fbdSMarek Vasut }
2991ffc9fbdSMarek Vasut 
300ef0579b6SHerbert Xu static void ahash_notify_einprogress(struct ahash_request *req)
3011ffc9fbdSMarek Vasut {
3021ffc9fbdSMarek Vasut 	struct ahash_request_priv *priv = req->priv;
303ef0579b6SHerbert Xu 	struct crypto_async_request oreq;
3041ffc9fbdSMarek Vasut 
305ef0579b6SHerbert Xu 	oreq.data = priv->data;
3061ffc9fbdSMarek Vasut 
307ef0579b6SHerbert Xu 	priv->complete(&oreq, -EINPROGRESS);
3081ffc9fbdSMarek Vasut }
3091ffc9fbdSMarek Vasut 
3101ffc9fbdSMarek Vasut static void ahash_op_unaligned_done(struct crypto_async_request *req, int err)
3111ffc9fbdSMarek Vasut {
3121ffc9fbdSMarek Vasut 	struct ahash_request *areq = req->data;
3131ffc9fbdSMarek Vasut 
314ef0579b6SHerbert Xu 	if (err == -EINPROGRESS) {
315ef0579b6SHerbert Xu 		ahash_notify_einprogress(areq);
316ef0579b6SHerbert Xu 		return;
317ef0579b6SHerbert Xu 	}
318ef0579b6SHerbert Xu 
3191ffc9fbdSMarek Vasut 	/*
3201ffc9fbdSMarek Vasut 	 * Restore the original request, see ahash_op_unaligned() for what
3211ffc9fbdSMarek Vasut 	 * goes where.
3221ffc9fbdSMarek Vasut 	 *
3231ffc9fbdSMarek Vasut 	 * The "struct ahash_request *req" here is in fact the "req.base"
3241ffc9fbdSMarek Vasut 	 * from the ADJUSTED request from ahash_op_unaligned(), thus as it
3251ffc9fbdSMarek Vasut 	 * is a pointer to self, it is also the ADJUSTED "req" .
3261ffc9fbdSMarek Vasut 	 */
3271ffc9fbdSMarek Vasut 
3281ffc9fbdSMarek Vasut 	/* First copy req->result into req->priv.result */
329ef0579b6SHerbert Xu 	ahash_restore_req(areq, err);
3301ffc9fbdSMarek Vasut 
3311ffc9fbdSMarek Vasut 	/* Complete the ORIGINAL request. */
3321ffc9fbdSMarek Vasut 	areq->base.complete(&areq->base, err);
3331ffc9fbdSMarek Vasut }
3341ffc9fbdSMarek Vasut 
3351ffc9fbdSMarek Vasut static int ahash_op_unaligned(struct ahash_request *req,
3361ffc9fbdSMarek Vasut 			      int (*op)(struct ahash_request *))
3371ffc9fbdSMarek Vasut {
3381ffc9fbdSMarek Vasut 	int err;
3391ffc9fbdSMarek Vasut 
3401ffc9fbdSMarek Vasut 	err = ahash_save_req(req, ahash_op_unaligned_done);
3411ffc9fbdSMarek Vasut 	if (err)
3421ffc9fbdSMarek Vasut 		return err;
3431ffc9fbdSMarek Vasut 
34466f6ce5eSHerbert Xu 	err = op(req);
3454e5b0ad5SGilad Ben-Yossef 	if (err == -EINPROGRESS || err == -EBUSY)
346ef0579b6SHerbert Xu 		return err;
347ef0579b6SHerbert Xu 
348ef0579b6SHerbert Xu 	ahash_restore_req(req, err);
34966f6ce5eSHerbert Xu 
35066f6ce5eSHerbert Xu 	return err;
35166f6ce5eSHerbert Xu }
35266f6ce5eSHerbert Xu 
35366f6ce5eSHerbert Xu static int crypto_ahash_op(struct ahash_request *req,
35466f6ce5eSHerbert Xu 			   int (*op)(struct ahash_request *))
35566f6ce5eSHerbert Xu {
35666f6ce5eSHerbert Xu 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
35766f6ce5eSHerbert Xu 	unsigned long alignmask = crypto_ahash_alignmask(tfm);
35866f6ce5eSHerbert Xu 
35966f6ce5eSHerbert Xu 	if ((unsigned long)req->result & alignmask)
36066f6ce5eSHerbert Xu 		return ahash_op_unaligned(req, op);
36166f6ce5eSHerbert Xu 
36266f6ce5eSHerbert Xu 	return op(req);
36366f6ce5eSHerbert Xu }
36466f6ce5eSHerbert Xu 
36566f6ce5eSHerbert Xu int crypto_ahash_final(struct ahash_request *req)
36666f6ce5eSHerbert Xu {
36766f6ce5eSHerbert Xu 	return crypto_ahash_op(req, crypto_ahash_reqtfm(req)->final);
36866f6ce5eSHerbert Xu }
36966f6ce5eSHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_final);
37066f6ce5eSHerbert Xu 
37166f6ce5eSHerbert Xu int crypto_ahash_finup(struct ahash_request *req)
37266f6ce5eSHerbert Xu {
37366f6ce5eSHerbert Xu 	return crypto_ahash_op(req, crypto_ahash_reqtfm(req)->finup);
37466f6ce5eSHerbert Xu }
37566f6ce5eSHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_finup);
37666f6ce5eSHerbert Xu 
37766f6ce5eSHerbert Xu int crypto_ahash_digest(struct ahash_request *req)
37866f6ce5eSHerbert Xu {
3799fa68f62SEric Biggers 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
3809fa68f62SEric Biggers 
3819fa68f62SEric Biggers 	if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY)
3829fa68f62SEric Biggers 		return -ENOKEY;
3839fa68f62SEric Biggers 
3849fa68f62SEric Biggers 	return crypto_ahash_op(req, tfm->digest);
38566f6ce5eSHerbert Xu }
38666f6ce5eSHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_digest);
38766f6ce5eSHerbert Xu 
38866f6ce5eSHerbert Xu static void ahash_def_finup_done2(struct crypto_async_request *req, int err)
38966f6ce5eSHerbert Xu {
39066f6ce5eSHerbert Xu 	struct ahash_request *areq = req->data;
39166f6ce5eSHerbert Xu 
392ef0579b6SHerbert Xu 	if (err == -EINPROGRESS)
393ef0579b6SHerbert Xu 		return;
394ef0579b6SHerbert Xu 
395ef0579b6SHerbert Xu 	ahash_restore_req(areq, err);
39666f6ce5eSHerbert Xu 
397d4a7a0fbSMarek Vasut 	areq->base.complete(&areq->base, err);
39866f6ce5eSHerbert Xu }
39966f6ce5eSHerbert Xu 
40066f6ce5eSHerbert Xu static int ahash_def_finup_finish1(struct ahash_request *req, int err)
40166f6ce5eSHerbert Xu {
40266f6ce5eSHerbert Xu 	if (err)
40366f6ce5eSHerbert Xu 		goto out;
40466f6ce5eSHerbert Xu 
40566f6ce5eSHerbert Xu 	req->base.complete = ahash_def_finup_done2;
406ef0579b6SHerbert Xu 
40766f6ce5eSHerbert Xu 	err = crypto_ahash_reqtfm(req)->final(req);
4084e5b0ad5SGilad Ben-Yossef 	if (err == -EINPROGRESS || err == -EBUSY)
409ef0579b6SHerbert Xu 		return err;
41066f6ce5eSHerbert Xu 
41166f6ce5eSHerbert Xu out:
412ef0579b6SHerbert Xu 	ahash_restore_req(req, err);
41366f6ce5eSHerbert Xu 	return err;
41466f6ce5eSHerbert Xu }
41566f6ce5eSHerbert Xu 
41666f6ce5eSHerbert Xu static void ahash_def_finup_done1(struct crypto_async_request *req, int err)
41766f6ce5eSHerbert Xu {
41866f6ce5eSHerbert Xu 	struct ahash_request *areq = req->data;
41966f6ce5eSHerbert Xu 
420ef0579b6SHerbert Xu 	if (err == -EINPROGRESS) {
421ef0579b6SHerbert Xu 		ahash_notify_einprogress(areq);
422ef0579b6SHerbert Xu 		return;
423ef0579b6SHerbert Xu 	}
424ef0579b6SHerbert Xu 
425ef0579b6SHerbert Xu 	areq->base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
426ef0579b6SHerbert Xu 
42766f6ce5eSHerbert Xu 	err = ahash_def_finup_finish1(areq, err);
428ef0579b6SHerbert Xu 	if (areq->priv)
429ef0579b6SHerbert Xu 		return;
43066f6ce5eSHerbert Xu 
431d4a7a0fbSMarek Vasut 	areq->base.complete(&areq->base, err);
43266f6ce5eSHerbert Xu }
43366f6ce5eSHerbert Xu 
43466f6ce5eSHerbert Xu static int ahash_def_finup(struct ahash_request *req)
43566f6ce5eSHerbert Xu {
43666f6ce5eSHerbert Xu 	struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
437d4a7a0fbSMarek Vasut 	int err;
43866f6ce5eSHerbert Xu 
439d4a7a0fbSMarek Vasut 	err = ahash_save_req(req, ahash_def_finup_done1);
440d4a7a0fbSMarek Vasut 	if (err)
441d4a7a0fbSMarek Vasut 		return err;
44266f6ce5eSHerbert Xu 
443d4a7a0fbSMarek Vasut 	err = tfm->update(req);
4444e5b0ad5SGilad Ben-Yossef 	if (err == -EINPROGRESS || err == -EBUSY)
445ef0579b6SHerbert Xu 		return err;
446ef0579b6SHerbert Xu 
447d4a7a0fbSMarek Vasut 	return ahash_def_finup_finish1(req, err);
44866f6ce5eSHerbert Xu }
44966f6ce5eSHerbert Xu 
45088056ec3SHerbert Xu static int crypto_ahash_init_tfm(struct crypto_tfm *tfm)
45188056ec3SHerbert Xu {
45288056ec3SHerbert Xu 	struct crypto_ahash *hash = __crypto_ahash_cast(tfm);
45388056ec3SHerbert Xu 	struct ahash_alg *alg = crypto_ahash_alg(hash);
45488056ec3SHerbert Xu 
45566f6ce5eSHerbert Xu 	hash->setkey = ahash_nosetkey;
45666f6ce5eSHerbert Xu 
45788056ec3SHerbert Xu 	if (tfm->__crt_alg->cra_type != &crypto_ahash_type)
45888056ec3SHerbert Xu 		return crypto_init_shash_ops_async(tfm);
45988056ec3SHerbert Xu 
46088056ec3SHerbert Xu 	hash->init = alg->init;
46188056ec3SHerbert Xu 	hash->update = alg->update;
46288056ec3SHerbert Xu 	hash->final = alg->final;
46366f6ce5eSHerbert Xu 	hash->finup = alg->finup ?: ahash_def_finup;
46488056ec3SHerbert Xu 	hash->digest = alg->digest;
4656f221f7eSKamil Konieczny 	hash->export = alg->export;
4666f221f7eSKamil Konieczny 	hash->import = alg->import;
46766f6ce5eSHerbert Xu 
468a5596d63SHerbert Xu 	if (alg->setkey) {
46966f6ce5eSHerbert Xu 		hash->setkey = alg->setkey;
4709fa68f62SEric Biggers 		if (!(alg->halg.base.cra_flags & CRYPTO_ALG_OPTIONAL_KEY))
4719fa68f62SEric Biggers 			crypto_ahash_set_flags(hash, CRYPTO_TFM_NEED_KEY);
472a5596d63SHerbert Xu 	}
47388056ec3SHerbert Xu 
47488056ec3SHerbert Xu 	return 0;
47588056ec3SHerbert Xu }
47688056ec3SHerbert Xu 
47788056ec3SHerbert Xu static unsigned int crypto_ahash_extsize(struct crypto_alg *alg)
47888056ec3SHerbert Xu {
4792495cf25SHerbert Xu 	if (alg->cra_type != &crypto_ahash_type)
48088056ec3SHerbert Xu 		return sizeof(struct crypto_shash *);
4812495cf25SHerbert Xu 
4822495cf25SHerbert Xu 	return crypto_alg_extsize(alg);
48388056ec3SHerbert Xu }
48488056ec3SHerbert Xu 
4853acc8473SHerbert Xu #ifdef CONFIG_NET
4866238cbaeSSteffen Klassert static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg)
4876238cbaeSSteffen Klassert {
4886238cbaeSSteffen Klassert 	struct crypto_report_hash rhash;
4896238cbaeSSteffen Klassert 
4909a5467bfSMathias Krause 	strncpy(rhash.type, "ahash", sizeof(rhash.type));
4916238cbaeSSteffen Klassert 
4926238cbaeSSteffen Klassert 	rhash.blocksize = alg->cra_blocksize;
4936238cbaeSSteffen Klassert 	rhash.digestsize = __crypto_hash_alg_common(alg)->digestsize;
4946238cbaeSSteffen Klassert 
4956662df33SDavid S. Miller 	if (nla_put(skb, CRYPTOCFGA_REPORT_HASH,
4966662df33SDavid S. Miller 		    sizeof(struct crypto_report_hash), &rhash))
4976662df33SDavid S. Miller 		goto nla_put_failure;
4986238cbaeSSteffen Klassert 	return 0;
4996238cbaeSSteffen Klassert 
5006238cbaeSSteffen Klassert nla_put_failure:
5016238cbaeSSteffen Klassert 	return -EMSGSIZE;
5026238cbaeSSteffen Klassert }
5033acc8473SHerbert Xu #else
5043acc8473SHerbert Xu static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg)
5053acc8473SHerbert Xu {
5063acc8473SHerbert Xu 	return -ENOSYS;
5073acc8473SHerbert Xu }
5083acc8473SHerbert Xu #endif
5096238cbaeSSteffen Klassert 
510004a403cSLoc Ho static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg)
511d8c34b94SGideon Israel Dsouza 	__maybe_unused;
512004a403cSLoc Ho static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg)
513004a403cSLoc Ho {
514004a403cSLoc Ho 	seq_printf(m, "type         : ahash\n");
515004a403cSLoc Ho 	seq_printf(m, "async        : %s\n", alg->cra_flags & CRYPTO_ALG_ASYNC ?
516004a403cSLoc Ho 					     "yes" : "no");
517004a403cSLoc Ho 	seq_printf(m, "blocksize    : %u\n", alg->cra_blocksize);
51888056ec3SHerbert Xu 	seq_printf(m, "digestsize   : %u\n",
51988056ec3SHerbert Xu 		   __crypto_hash_alg_common(alg)->digestsize);
520004a403cSLoc Ho }
521004a403cSLoc Ho 
522004a403cSLoc Ho const struct crypto_type crypto_ahash_type = {
52388056ec3SHerbert Xu 	.extsize = crypto_ahash_extsize,
52488056ec3SHerbert Xu 	.init_tfm = crypto_ahash_init_tfm,
525004a403cSLoc Ho #ifdef CONFIG_PROC_FS
526004a403cSLoc Ho 	.show = crypto_ahash_show,
527004a403cSLoc Ho #endif
5286238cbaeSSteffen Klassert 	.report = crypto_ahash_report,
52988056ec3SHerbert Xu 	.maskclear = ~CRYPTO_ALG_TYPE_MASK,
53088056ec3SHerbert Xu 	.maskset = CRYPTO_ALG_TYPE_AHASH_MASK,
53188056ec3SHerbert Xu 	.type = CRYPTO_ALG_TYPE_AHASH,
53288056ec3SHerbert Xu 	.tfmsize = offsetof(struct crypto_ahash, base),
533004a403cSLoc Ho };
534004a403cSLoc Ho EXPORT_SYMBOL_GPL(crypto_ahash_type);
535004a403cSLoc Ho 
53688056ec3SHerbert Xu struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type,
53788056ec3SHerbert Xu 					u32 mask)
53888056ec3SHerbert Xu {
53988056ec3SHerbert Xu 	return crypto_alloc_tfm(alg_name, &crypto_ahash_type, type, mask);
54088056ec3SHerbert Xu }
54188056ec3SHerbert Xu EXPORT_SYMBOL_GPL(crypto_alloc_ahash);
54288056ec3SHerbert Xu 
5438d18e34cSHerbert Xu int crypto_has_ahash(const char *alg_name, u32 type, u32 mask)
5448d18e34cSHerbert Xu {
5458d18e34cSHerbert Xu 	return crypto_type_has_alg(alg_name, &crypto_ahash_type, type, mask);
5468d18e34cSHerbert Xu }
5478d18e34cSHerbert Xu EXPORT_SYMBOL_GPL(crypto_has_ahash);
5488d18e34cSHerbert Xu 
54901c2deceSHerbert Xu static int ahash_prepare_alg(struct ahash_alg *alg)
55001c2deceSHerbert Xu {
55101c2deceSHerbert Xu 	struct crypto_alg *base = &alg->halg.base;
55201c2deceSHerbert Xu 
553*b68a7ec1SKees Cook 	if (alg->halg.digestsize > HASH_MAX_DIGESTSIZE ||
554*b68a7ec1SKees Cook 	    alg->halg.statesize > HASH_MAX_STATESIZE ||
5558996eafdSRussell King 	    alg->halg.statesize == 0)
55601c2deceSHerbert Xu 		return -EINVAL;
55701c2deceSHerbert Xu 
55801c2deceSHerbert Xu 	base->cra_type = &crypto_ahash_type;
55901c2deceSHerbert Xu 	base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK;
56001c2deceSHerbert Xu 	base->cra_flags |= CRYPTO_ALG_TYPE_AHASH;
56101c2deceSHerbert Xu 
56201c2deceSHerbert Xu 	return 0;
56301c2deceSHerbert Xu }
56401c2deceSHerbert Xu 
56501c2deceSHerbert Xu int crypto_register_ahash(struct ahash_alg *alg)
56601c2deceSHerbert Xu {
56701c2deceSHerbert Xu 	struct crypto_alg *base = &alg->halg.base;
56801c2deceSHerbert Xu 	int err;
56901c2deceSHerbert Xu 
57001c2deceSHerbert Xu 	err = ahash_prepare_alg(alg);
57101c2deceSHerbert Xu 	if (err)
57201c2deceSHerbert Xu 		return err;
57301c2deceSHerbert Xu 
57401c2deceSHerbert Xu 	return crypto_register_alg(base);
57501c2deceSHerbert Xu }
57601c2deceSHerbert Xu EXPORT_SYMBOL_GPL(crypto_register_ahash);
57701c2deceSHerbert Xu 
57801c2deceSHerbert Xu int crypto_unregister_ahash(struct ahash_alg *alg)
57901c2deceSHerbert Xu {
58001c2deceSHerbert Xu 	return crypto_unregister_alg(&alg->halg.base);
58101c2deceSHerbert Xu }
58201c2deceSHerbert Xu EXPORT_SYMBOL_GPL(crypto_unregister_ahash);
58301c2deceSHerbert Xu 
5846f7473c5SRabin Vincent int crypto_register_ahashes(struct ahash_alg *algs, int count)
5856f7473c5SRabin Vincent {
5866f7473c5SRabin Vincent 	int i, ret;
5876f7473c5SRabin Vincent 
5886f7473c5SRabin Vincent 	for (i = 0; i < count; i++) {
5896f7473c5SRabin Vincent 		ret = crypto_register_ahash(&algs[i]);
5906f7473c5SRabin Vincent 		if (ret)
5916f7473c5SRabin Vincent 			goto err;
5926f7473c5SRabin Vincent 	}
5936f7473c5SRabin Vincent 
5946f7473c5SRabin Vincent 	return 0;
5956f7473c5SRabin Vincent 
5966f7473c5SRabin Vincent err:
5976f7473c5SRabin Vincent 	for (--i; i >= 0; --i)
5986f7473c5SRabin Vincent 		crypto_unregister_ahash(&algs[i]);
5996f7473c5SRabin Vincent 
6006f7473c5SRabin Vincent 	return ret;
6016f7473c5SRabin Vincent }
6026f7473c5SRabin Vincent EXPORT_SYMBOL_GPL(crypto_register_ahashes);
6036f7473c5SRabin Vincent 
6046f7473c5SRabin Vincent void crypto_unregister_ahashes(struct ahash_alg *algs, int count)
6056f7473c5SRabin Vincent {
6066f7473c5SRabin Vincent 	int i;
6076f7473c5SRabin Vincent 
6086f7473c5SRabin Vincent 	for (i = count - 1; i >= 0; --i)
6096f7473c5SRabin Vincent 		crypto_unregister_ahash(&algs[i]);
6106f7473c5SRabin Vincent }
6116f7473c5SRabin Vincent EXPORT_SYMBOL_GPL(crypto_unregister_ahashes);
6126f7473c5SRabin Vincent 
61301c2deceSHerbert Xu int ahash_register_instance(struct crypto_template *tmpl,
61401c2deceSHerbert Xu 			    struct ahash_instance *inst)
61501c2deceSHerbert Xu {
61601c2deceSHerbert Xu 	int err;
61701c2deceSHerbert Xu 
61801c2deceSHerbert Xu 	err = ahash_prepare_alg(&inst->alg);
61901c2deceSHerbert Xu 	if (err)
62001c2deceSHerbert Xu 		return err;
62101c2deceSHerbert Xu 
62201c2deceSHerbert Xu 	return crypto_register_instance(tmpl, ahash_crypto_instance(inst));
62301c2deceSHerbert Xu }
62401c2deceSHerbert Xu EXPORT_SYMBOL_GPL(ahash_register_instance);
62501c2deceSHerbert Xu 
62601c2deceSHerbert Xu void ahash_free_instance(struct crypto_instance *inst)
62701c2deceSHerbert Xu {
62801c2deceSHerbert Xu 	crypto_drop_spawn(crypto_instance_ctx(inst));
62901c2deceSHerbert Xu 	kfree(ahash_instance(inst));
63001c2deceSHerbert Xu }
63101c2deceSHerbert Xu EXPORT_SYMBOL_GPL(ahash_free_instance);
63201c2deceSHerbert Xu 
63301c2deceSHerbert Xu int crypto_init_ahash_spawn(struct crypto_ahash_spawn *spawn,
63401c2deceSHerbert Xu 			    struct hash_alg_common *alg,
63501c2deceSHerbert Xu 			    struct crypto_instance *inst)
63601c2deceSHerbert Xu {
63701c2deceSHerbert Xu 	return crypto_init_spawn2(&spawn->base, &alg->base, inst,
63801c2deceSHerbert Xu 				  &crypto_ahash_type);
63901c2deceSHerbert Xu }
64001c2deceSHerbert Xu EXPORT_SYMBOL_GPL(crypto_init_ahash_spawn);
64101c2deceSHerbert Xu 
64201c2deceSHerbert Xu struct hash_alg_common *ahash_attr_alg(struct rtattr *rta, u32 type, u32 mask)
64301c2deceSHerbert Xu {
64401c2deceSHerbert Xu 	struct crypto_alg *alg;
64501c2deceSHerbert Xu 
64601c2deceSHerbert Xu 	alg = crypto_attr_alg2(rta, &crypto_ahash_type, type, mask);
64701c2deceSHerbert Xu 	return IS_ERR(alg) ? ERR_CAST(alg) : __crypto_hash_alg_common(alg);
64801c2deceSHerbert Xu }
64901c2deceSHerbert Xu EXPORT_SYMBOL_GPL(ahash_attr_alg);
65001c2deceSHerbert Xu 
651cd6ed77aSEric Biggers bool crypto_hash_alg_has_setkey(struct hash_alg_common *halg)
652cd6ed77aSEric Biggers {
653cd6ed77aSEric Biggers 	struct crypto_alg *alg = &halg->base;
654cd6ed77aSEric Biggers 
655cd6ed77aSEric Biggers 	if (alg->cra_type != &crypto_ahash_type)
656cd6ed77aSEric Biggers 		return crypto_shash_alg_has_setkey(__crypto_shash_alg(alg));
657cd6ed77aSEric Biggers 
658cd6ed77aSEric Biggers 	return __crypto_ahash_alg(alg)->setkey != NULL;
659cd6ed77aSEric Biggers }
660cd6ed77aSEric Biggers EXPORT_SYMBOL_GPL(crypto_hash_alg_has_setkey);
661cd6ed77aSEric Biggers 
662004a403cSLoc Ho MODULE_LICENSE("GPL");
663004a403cSLoc Ho MODULE_DESCRIPTION("Asynchronous cryptographic hash type");
664