1004a403cSLoc Ho /* 2004a403cSLoc Ho * Asynchronous Cryptographic Hash operations. 3004a403cSLoc Ho * 4004a403cSLoc Ho * This is the asynchronous version of hash.c with notification of 5004a403cSLoc Ho * completion via a callback. 6004a403cSLoc Ho * 7004a403cSLoc Ho * Copyright (c) 2008 Loc Ho <lho@amcc.com> 8004a403cSLoc Ho * 9004a403cSLoc Ho * This program is free software; you can redistribute it and/or modify it 10004a403cSLoc Ho * under the terms of the GNU General Public License as published by the Free 11004a403cSLoc Ho * Software Foundation; either version 2 of the License, or (at your option) 12004a403cSLoc Ho * any later version. 13004a403cSLoc Ho * 14004a403cSLoc Ho */ 15004a403cSLoc Ho 1620036252SHerbert Xu #include <crypto/internal/hash.h> 1720036252SHerbert Xu #include <crypto/scatterwalk.h> 1875ecb231SHerbert Xu #include <linux/bug.h> 19004a403cSLoc Ho #include <linux/err.h> 20004a403cSLoc Ho #include <linux/kernel.h> 21004a403cSLoc Ho #include <linux/module.h> 22004a403cSLoc Ho #include <linux/sched.h> 23004a403cSLoc Ho #include <linux/slab.h> 24004a403cSLoc Ho #include <linux/seq_file.h> 256238cbaeSSteffen Klassert #include <linux/cryptouser.h> 26d8c34b94SGideon Israel Dsouza #include <linux/compiler.h> 276238cbaeSSteffen Klassert #include <net/netlink.h> 28004a403cSLoc Ho 29004a403cSLoc Ho #include "internal.h" 30004a403cSLoc Ho 3166f6ce5eSHerbert Xu struct ahash_request_priv { 3266f6ce5eSHerbert Xu crypto_completion_t complete; 3366f6ce5eSHerbert Xu void *data; 3466f6ce5eSHerbert Xu u8 *result; 35ef0579b6SHerbert Xu u32 flags; 3666f6ce5eSHerbert Xu void *ubuf[] CRYPTO_MINALIGN_ATTR; 3766f6ce5eSHerbert Xu }; 3866f6ce5eSHerbert Xu 3988056ec3SHerbert Xu static inline struct ahash_alg *crypto_ahash_alg(struct crypto_ahash *hash) 4088056ec3SHerbert Xu { 4188056ec3SHerbert Xu return container_of(crypto_hash_alg_common(hash), struct ahash_alg, 4288056ec3SHerbert Xu halg); 4388056ec3SHerbert Xu } 4488056ec3SHerbert Xu 4520036252SHerbert Xu static int hash_walk_next(struct crypto_hash_walk *walk) 4620036252SHerbert Xu { 4720036252SHerbert Xu unsigned int alignmask = walk->alignmask; 4820036252SHerbert Xu unsigned int offset = walk->offset; 4920036252SHerbert Xu unsigned int nbytes = min(walk->entrylen, 5020036252SHerbert Xu ((unsigned int)(PAGE_SIZE)) - offset); 5120036252SHerbert Xu 5275ecb231SHerbert Xu if (walk->flags & CRYPTO_ALG_ASYNC) 5375ecb231SHerbert Xu walk->data = kmap(walk->pg); 5475ecb231SHerbert Xu else 55f0dfc0b0SCong Wang walk->data = kmap_atomic(walk->pg); 5620036252SHerbert Xu walk->data += offset; 5720036252SHerbert Xu 5823a75eeeSSzilveszter Ördög if (offset & alignmask) { 5923a75eeeSSzilveszter Ördög unsigned int unaligned = alignmask + 1 - (offset & alignmask); 60b516d514SJoshua I. James 6123a75eeeSSzilveszter Ördög if (nbytes > unaligned) 6223a75eeeSSzilveszter Ördög nbytes = unaligned; 6323a75eeeSSzilveszter Ördög } 6420036252SHerbert Xu 6520036252SHerbert Xu walk->entrylen -= nbytes; 6620036252SHerbert Xu return nbytes; 6720036252SHerbert Xu } 6820036252SHerbert Xu 6920036252SHerbert Xu static int hash_walk_new_entry(struct crypto_hash_walk *walk) 7020036252SHerbert Xu { 7120036252SHerbert Xu struct scatterlist *sg; 7220036252SHerbert Xu 7320036252SHerbert Xu sg = walk->sg; 7420036252SHerbert Xu walk->offset = sg->offset; 7513f4bb78SHerbert Xu walk->pg = sg_page(walk->sg) + (walk->offset >> PAGE_SHIFT); 7613f4bb78SHerbert Xu walk->offset = offset_in_page(walk->offset); 7720036252SHerbert Xu walk->entrylen = sg->length; 7820036252SHerbert Xu 7920036252SHerbert Xu if (walk->entrylen > walk->total) 8020036252SHerbert Xu walk->entrylen = walk->total; 8120036252SHerbert Xu walk->total -= walk->entrylen; 8220036252SHerbert Xu 8320036252SHerbert Xu return hash_walk_next(walk); 8420036252SHerbert Xu } 8520036252SHerbert Xu 8620036252SHerbert Xu int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err) 8720036252SHerbert Xu { 8820036252SHerbert Xu unsigned int alignmask = walk->alignmask; 8920036252SHerbert Xu unsigned int nbytes = walk->entrylen; 9020036252SHerbert Xu 9120036252SHerbert Xu walk->data -= walk->offset; 9220036252SHerbert Xu 9320036252SHerbert Xu if (nbytes && walk->offset & alignmask && !err) { 9420036252SHerbert Xu walk->offset = ALIGN(walk->offset, alignmask + 1); 9520036252SHerbert Xu nbytes = min(nbytes, 9620036252SHerbert Xu ((unsigned int)(PAGE_SIZE)) - walk->offset); 9720036252SHerbert Xu walk->entrylen -= nbytes; 9820036252SHerbert Xu 99900a081fSHerbert Xu if (nbytes) { 100900a081fSHerbert Xu walk->data += walk->offset; 10120036252SHerbert Xu return nbytes; 10220036252SHerbert Xu } 103900a081fSHerbert Xu } 10420036252SHerbert Xu 10575ecb231SHerbert Xu if (walk->flags & CRYPTO_ALG_ASYNC) 10675ecb231SHerbert Xu kunmap(walk->pg); 10775ecb231SHerbert Xu else { 108f0dfc0b0SCong Wang kunmap_atomic(walk->data); 10975ecb231SHerbert Xu /* 11075ecb231SHerbert Xu * The may sleep test only makes sense for sync users. 11175ecb231SHerbert Xu * Async users don't need to sleep here anyway. 11275ecb231SHerbert Xu */ 11320036252SHerbert Xu crypto_yield(walk->flags); 11475ecb231SHerbert Xu } 11520036252SHerbert Xu 11620036252SHerbert Xu if (err) 11720036252SHerbert Xu return err; 11820036252SHerbert Xu 119d315a0e0SHerbert Xu if (nbytes) { 12020036252SHerbert Xu walk->offset = 0; 121d315a0e0SHerbert Xu walk->pg++; 12220036252SHerbert Xu return hash_walk_next(walk); 123d315a0e0SHerbert Xu } 12420036252SHerbert Xu 12520036252SHerbert Xu if (!walk->total) 12620036252SHerbert Xu return 0; 12720036252SHerbert Xu 1285be4d4c9SCristian Stoica walk->sg = sg_next(walk->sg); 12920036252SHerbert Xu 13020036252SHerbert Xu return hash_walk_new_entry(walk); 13120036252SHerbert Xu } 13220036252SHerbert Xu EXPORT_SYMBOL_GPL(crypto_hash_walk_done); 13320036252SHerbert Xu 13420036252SHerbert Xu int crypto_hash_walk_first(struct ahash_request *req, 13520036252SHerbert Xu struct crypto_hash_walk *walk) 13620036252SHerbert Xu { 13720036252SHerbert Xu walk->total = req->nbytes; 13820036252SHerbert Xu 1396d9529c5STim Chen if (!walk->total) { 1406d9529c5STim Chen walk->entrylen = 0; 14120036252SHerbert Xu return 0; 1426d9529c5STim Chen } 14320036252SHerbert Xu 14420036252SHerbert Xu walk->alignmask = crypto_ahash_alignmask(crypto_ahash_reqtfm(req)); 14520036252SHerbert Xu walk->sg = req->src; 14675ecb231SHerbert Xu walk->flags = req->base.flags & CRYPTO_TFM_REQ_MASK; 14720036252SHerbert Xu 14820036252SHerbert Xu return hash_walk_new_entry(walk); 14920036252SHerbert Xu } 15020036252SHerbert Xu EXPORT_SYMBOL_GPL(crypto_hash_walk_first); 15120036252SHerbert Xu 15275ecb231SHerbert Xu int crypto_ahash_walk_first(struct ahash_request *req, 15375ecb231SHerbert Xu struct crypto_hash_walk *walk) 15475ecb231SHerbert Xu { 15575ecb231SHerbert Xu walk->total = req->nbytes; 15675ecb231SHerbert Xu 1576d9529c5STim Chen if (!walk->total) { 1586d9529c5STim Chen walk->entrylen = 0; 15975ecb231SHerbert Xu return 0; 1606d9529c5STim Chen } 16175ecb231SHerbert Xu 16275ecb231SHerbert Xu walk->alignmask = crypto_ahash_alignmask(crypto_ahash_reqtfm(req)); 16375ecb231SHerbert Xu walk->sg = req->src; 16475ecb231SHerbert Xu walk->flags = req->base.flags & CRYPTO_TFM_REQ_MASK; 16575ecb231SHerbert Xu walk->flags |= CRYPTO_ALG_ASYNC; 16675ecb231SHerbert Xu 16775ecb231SHerbert Xu BUILD_BUG_ON(CRYPTO_TFM_REQ_MASK & CRYPTO_ALG_ASYNC); 16875ecb231SHerbert Xu 16975ecb231SHerbert Xu return hash_walk_new_entry(walk); 17075ecb231SHerbert Xu } 17175ecb231SHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_walk_first); 17275ecb231SHerbert Xu 173004a403cSLoc Ho static int ahash_setkey_unaligned(struct crypto_ahash *tfm, const u8 *key, 174004a403cSLoc Ho unsigned int keylen) 175004a403cSLoc Ho { 176004a403cSLoc Ho unsigned long alignmask = crypto_ahash_alignmask(tfm); 177004a403cSLoc Ho int ret; 178004a403cSLoc Ho u8 *buffer, *alignbuffer; 179004a403cSLoc Ho unsigned long absize; 180004a403cSLoc Ho 181004a403cSLoc Ho absize = keylen + alignmask; 182093900c2SHerbert Xu buffer = kmalloc(absize, GFP_KERNEL); 183004a403cSLoc Ho if (!buffer) 184004a403cSLoc Ho return -ENOMEM; 185004a403cSLoc Ho 186004a403cSLoc Ho alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1); 187004a403cSLoc Ho memcpy(alignbuffer, key, keylen); 188a70c5225SHerbert Xu ret = tfm->setkey(tfm, alignbuffer, keylen); 1898c32c516SHerbert Xu kzfree(buffer); 190004a403cSLoc Ho return ret; 191004a403cSLoc Ho } 192004a403cSLoc Ho 19366f6ce5eSHerbert Xu int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key, 194004a403cSLoc Ho unsigned int keylen) 195004a403cSLoc Ho { 196004a403cSLoc Ho unsigned long alignmask = crypto_ahash_alignmask(tfm); 1979fa68f62SEric Biggers int err; 198004a403cSLoc Ho 199004a403cSLoc Ho if ((unsigned long)key & alignmask) 2009fa68f62SEric Biggers err = ahash_setkey_unaligned(tfm, key, keylen); 2019fa68f62SEric Biggers else 2029fa68f62SEric Biggers err = tfm->setkey(tfm, key, keylen); 203004a403cSLoc Ho 2049fa68f62SEric Biggers if (err) 2059fa68f62SEric Biggers return err; 2069fa68f62SEric Biggers 2079fa68f62SEric Biggers crypto_ahash_clear_flags(tfm, CRYPTO_TFM_NEED_KEY); 2089fa68f62SEric Biggers return 0; 209004a403cSLoc Ho } 21066f6ce5eSHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_setkey); 211004a403cSLoc Ho 2123751f402SHerbert Xu static int ahash_nosetkey(struct crypto_ahash *tfm, const u8 *key, 2133751f402SHerbert Xu unsigned int keylen) 2143751f402SHerbert Xu { 2153751f402SHerbert Xu return -ENOSYS; 2163751f402SHerbert Xu } 2173751f402SHerbert Xu 21866f6ce5eSHerbert Xu static inline unsigned int ahash_align_buffer_size(unsigned len, 21966f6ce5eSHerbert Xu unsigned long mask) 22066f6ce5eSHerbert Xu { 22166f6ce5eSHerbert Xu return len + (mask & ~(crypto_tfm_ctx_alignment() - 1)); 22266f6ce5eSHerbert Xu } 22366f6ce5eSHerbert Xu 2241ffc9fbdSMarek Vasut static int ahash_save_req(struct ahash_request *req, crypto_completion_t cplt) 22566f6ce5eSHerbert Xu { 22666f6ce5eSHerbert Xu struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 22766f6ce5eSHerbert Xu unsigned long alignmask = crypto_ahash_alignmask(tfm); 22866f6ce5eSHerbert Xu unsigned int ds = crypto_ahash_digestsize(tfm); 22966f6ce5eSHerbert Xu struct ahash_request_priv *priv; 23066f6ce5eSHerbert Xu 23166f6ce5eSHerbert Xu priv = kmalloc(sizeof(*priv) + ahash_align_buffer_size(ds, alignmask), 23266f6ce5eSHerbert Xu (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? 2335befbd5aSSteffen Klassert GFP_KERNEL : GFP_ATOMIC); 23466f6ce5eSHerbert Xu if (!priv) 23566f6ce5eSHerbert Xu return -ENOMEM; 23666f6ce5eSHerbert Xu 237ab6bf4e5SMarek Vasut /* 238ab6bf4e5SMarek Vasut * WARNING: Voodoo programming below! 239ab6bf4e5SMarek Vasut * 240ab6bf4e5SMarek Vasut * The code below is obscure and hard to understand, thus explanation 241ab6bf4e5SMarek Vasut * is necessary. See include/crypto/hash.h and include/linux/crypto.h 242ab6bf4e5SMarek Vasut * to understand the layout of structures used here! 243ab6bf4e5SMarek Vasut * 244ab6bf4e5SMarek Vasut * The code here will replace portions of the ORIGINAL request with 245ab6bf4e5SMarek Vasut * pointers to new code and buffers so the hashing operation can store 246ab6bf4e5SMarek Vasut * the result in aligned buffer. We will call the modified request 247ab6bf4e5SMarek Vasut * an ADJUSTED request. 248ab6bf4e5SMarek Vasut * 249ab6bf4e5SMarek Vasut * The newly mangled request will look as such: 250ab6bf4e5SMarek Vasut * 251ab6bf4e5SMarek Vasut * req { 252ab6bf4e5SMarek Vasut * .result = ADJUSTED[new aligned buffer] 253ab6bf4e5SMarek Vasut * .base.complete = ADJUSTED[pointer to completion function] 254ab6bf4e5SMarek Vasut * .base.data = ADJUSTED[*req (pointer to self)] 255ab6bf4e5SMarek Vasut * .priv = ADJUSTED[new priv] { 256ab6bf4e5SMarek Vasut * .result = ORIGINAL(result) 257ab6bf4e5SMarek Vasut * .complete = ORIGINAL(base.complete) 258ab6bf4e5SMarek Vasut * .data = ORIGINAL(base.data) 259ab6bf4e5SMarek Vasut * } 260ab6bf4e5SMarek Vasut */ 261ab6bf4e5SMarek Vasut 26266f6ce5eSHerbert Xu priv->result = req->result; 26366f6ce5eSHerbert Xu priv->complete = req->base.complete; 26466f6ce5eSHerbert Xu priv->data = req->base.data; 265ef0579b6SHerbert Xu priv->flags = req->base.flags; 266ef0579b6SHerbert Xu 267ab6bf4e5SMarek Vasut /* 268ab6bf4e5SMarek Vasut * WARNING: We do not backup req->priv here! The req->priv 269ab6bf4e5SMarek Vasut * is for internal use of the Crypto API and the 270ab6bf4e5SMarek Vasut * user must _NOT_ _EVER_ depend on it's content! 271ab6bf4e5SMarek Vasut */ 27266f6ce5eSHerbert Xu 27366f6ce5eSHerbert Xu req->result = PTR_ALIGN((u8 *)priv->ubuf, alignmask + 1); 2741ffc9fbdSMarek Vasut req->base.complete = cplt; 27566f6ce5eSHerbert Xu req->base.data = req; 27666f6ce5eSHerbert Xu req->priv = priv; 27766f6ce5eSHerbert Xu 2781ffc9fbdSMarek Vasut return 0; 2791ffc9fbdSMarek Vasut } 2801ffc9fbdSMarek Vasut 281ef0579b6SHerbert Xu static void ahash_restore_req(struct ahash_request *req, int err) 2821ffc9fbdSMarek Vasut { 2831ffc9fbdSMarek Vasut struct ahash_request_priv *priv = req->priv; 2841ffc9fbdSMarek Vasut 285ef0579b6SHerbert Xu if (!err) 286ef0579b6SHerbert Xu memcpy(priv->result, req->result, 287ef0579b6SHerbert Xu crypto_ahash_digestsize(crypto_ahash_reqtfm(req))); 288ef0579b6SHerbert Xu 2891ffc9fbdSMarek Vasut /* Restore the original crypto request. */ 2901ffc9fbdSMarek Vasut req->result = priv->result; 291ef0579b6SHerbert Xu 292ef0579b6SHerbert Xu ahash_request_set_callback(req, priv->flags, 293ef0579b6SHerbert Xu priv->complete, priv->data); 2941ffc9fbdSMarek Vasut req->priv = NULL; 2951ffc9fbdSMarek Vasut 2961ffc9fbdSMarek Vasut /* Free the req->priv.priv from the ADJUSTED request. */ 2971ffc9fbdSMarek Vasut kzfree(priv); 2981ffc9fbdSMarek Vasut } 2991ffc9fbdSMarek Vasut 300ef0579b6SHerbert Xu static void ahash_notify_einprogress(struct ahash_request *req) 3011ffc9fbdSMarek Vasut { 3021ffc9fbdSMarek Vasut struct ahash_request_priv *priv = req->priv; 303ef0579b6SHerbert Xu struct crypto_async_request oreq; 3041ffc9fbdSMarek Vasut 305ef0579b6SHerbert Xu oreq.data = priv->data; 3061ffc9fbdSMarek Vasut 307ef0579b6SHerbert Xu priv->complete(&oreq, -EINPROGRESS); 3081ffc9fbdSMarek Vasut } 3091ffc9fbdSMarek Vasut 3101ffc9fbdSMarek Vasut static void ahash_op_unaligned_done(struct crypto_async_request *req, int err) 3111ffc9fbdSMarek Vasut { 3121ffc9fbdSMarek Vasut struct ahash_request *areq = req->data; 3131ffc9fbdSMarek Vasut 314ef0579b6SHerbert Xu if (err == -EINPROGRESS) { 315ef0579b6SHerbert Xu ahash_notify_einprogress(areq); 316ef0579b6SHerbert Xu return; 317ef0579b6SHerbert Xu } 318ef0579b6SHerbert Xu 3191ffc9fbdSMarek Vasut /* 3201ffc9fbdSMarek Vasut * Restore the original request, see ahash_op_unaligned() for what 3211ffc9fbdSMarek Vasut * goes where. 3221ffc9fbdSMarek Vasut * 3231ffc9fbdSMarek Vasut * The "struct ahash_request *req" here is in fact the "req.base" 3241ffc9fbdSMarek Vasut * from the ADJUSTED request from ahash_op_unaligned(), thus as it 3251ffc9fbdSMarek Vasut * is a pointer to self, it is also the ADJUSTED "req" . 3261ffc9fbdSMarek Vasut */ 3271ffc9fbdSMarek Vasut 3281ffc9fbdSMarek Vasut /* First copy req->result into req->priv.result */ 329ef0579b6SHerbert Xu ahash_restore_req(areq, err); 3301ffc9fbdSMarek Vasut 3311ffc9fbdSMarek Vasut /* Complete the ORIGINAL request. */ 3321ffc9fbdSMarek Vasut areq->base.complete(&areq->base, err); 3331ffc9fbdSMarek Vasut } 3341ffc9fbdSMarek Vasut 3351ffc9fbdSMarek Vasut static int ahash_op_unaligned(struct ahash_request *req, 3361ffc9fbdSMarek Vasut int (*op)(struct ahash_request *)) 3371ffc9fbdSMarek Vasut { 3381ffc9fbdSMarek Vasut int err; 3391ffc9fbdSMarek Vasut 3401ffc9fbdSMarek Vasut err = ahash_save_req(req, ahash_op_unaligned_done); 3411ffc9fbdSMarek Vasut if (err) 3421ffc9fbdSMarek Vasut return err; 3431ffc9fbdSMarek Vasut 34466f6ce5eSHerbert Xu err = op(req); 3454e5b0ad5SGilad Ben-Yossef if (err == -EINPROGRESS || err == -EBUSY) 346ef0579b6SHerbert Xu return err; 347ef0579b6SHerbert Xu 348ef0579b6SHerbert Xu ahash_restore_req(req, err); 34966f6ce5eSHerbert Xu 35066f6ce5eSHerbert Xu return err; 35166f6ce5eSHerbert Xu } 35266f6ce5eSHerbert Xu 35366f6ce5eSHerbert Xu static int crypto_ahash_op(struct ahash_request *req, 35466f6ce5eSHerbert Xu int (*op)(struct ahash_request *)) 35566f6ce5eSHerbert Xu { 35666f6ce5eSHerbert Xu struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 35766f6ce5eSHerbert Xu unsigned long alignmask = crypto_ahash_alignmask(tfm); 35866f6ce5eSHerbert Xu 35966f6ce5eSHerbert Xu if ((unsigned long)req->result & alignmask) 36066f6ce5eSHerbert Xu return ahash_op_unaligned(req, op); 36166f6ce5eSHerbert Xu 36266f6ce5eSHerbert Xu return op(req); 36366f6ce5eSHerbert Xu } 36466f6ce5eSHerbert Xu 36566f6ce5eSHerbert Xu int crypto_ahash_final(struct ahash_request *req) 36666f6ce5eSHerbert Xu { 367*f7d76e05SCorentin Labbe struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 368*f7d76e05SCorentin Labbe struct crypto_alg *alg = tfm->base.__crt_alg; 369*f7d76e05SCorentin Labbe unsigned int nbytes = req->nbytes; 370cac5818cSCorentin Labbe int ret; 371cac5818cSCorentin Labbe 372*f7d76e05SCorentin Labbe crypto_stats_get(alg); 373cac5818cSCorentin Labbe ret = crypto_ahash_op(req, crypto_ahash_reqtfm(req)->final); 374*f7d76e05SCorentin Labbe crypto_stats_ahash_final(nbytes, ret, alg); 375cac5818cSCorentin Labbe return ret; 37666f6ce5eSHerbert Xu } 37766f6ce5eSHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_final); 37866f6ce5eSHerbert Xu 37966f6ce5eSHerbert Xu int crypto_ahash_finup(struct ahash_request *req) 38066f6ce5eSHerbert Xu { 381*f7d76e05SCorentin Labbe struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 382*f7d76e05SCorentin Labbe struct crypto_alg *alg = tfm->base.__crt_alg; 383*f7d76e05SCorentin Labbe unsigned int nbytes = req->nbytes; 384cac5818cSCorentin Labbe int ret; 385cac5818cSCorentin Labbe 386*f7d76e05SCorentin Labbe crypto_stats_get(alg); 387cac5818cSCorentin Labbe ret = crypto_ahash_op(req, crypto_ahash_reqtfm(req)->finup); 388*f7d76e05SCorentin Labbe crypto_stats_ahash_final(nbytes, ret, alg); 389cac5818cSCorentin Labbe return ret; 39066f6ce5eSHerbert Xu } 39166f6ce5eSHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_finup); 39266f6ce5eSHerbert Xu 39366f6ce5eSHerbert Xu int crypto_ahash_digest(struct ahash_request *req) 39466f6ce5eSHerbert Xu { 3959fa68f62SEric Biggers struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 396*f7d76e05SCorentin Labbe struct crypto_alg *alg = tfm->base.__crt_alg; 397*f7d76e05SCorentin Labbe unsigned int nbytes = req->nbytes; 398cac5818cSCorentin Labbe int ret; 3999fa68f62SEric Biggers 400*f7d76e05SCorentin Labbe crypto_stats_get(alg); 4019fa68f62SEric Biggers if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) 402cac5818cSCorentin Labbe ret = -ENOKEY; 403cac5818cSCorentin Labbe else 404cac5818cSCorentin Labbe ret = crypto_ahash_op(req, tfm->digest); 405*f7d76e05SCorentin Labbe crypto_stats_ahash_final(nbytes, ret, alg); 406cac5818cSCorentin Labbe return ret; 40766f6ce5eSHerbert Xu } 40866f6ce5eSHerbert Xu EXPORT_SYMBOL_GPL(crypto_ahash_digest); 40966f6ce5eSHerbert Xu 41066f6ce5eSHerbert Xu static void ahash_def_finup_done2(struct crypto_async_request *req, int err) 41166f6ce5eSHerbert Xu { 41266f6ce5eSHerbert Xu struct ahash_request *areq = req->data; 41366f6ce5eSHerbert Xu 414ef0579b6SHerbert Xu if (err == -EINPROGRESS) 415ef0579b6SHerbert Xu return; 416ef0579b6SHerbert Xu 417ef0579b6SHerbert Xu ahash_restore_req(areq, err); 41866f6ce5eSHerbert Xu 419d4a7a0fbSMarek Vasut areq->base.complete(&areq->base, err); 42066f6ce5eSHerbert Xu } 42166f6ce5eSHerbert Xu 42266f6ce5eSHerbert Xu static int ahash_def_finup_finish1(struct ahash_request *req, int err) 42366f6ce5eSHerbert Xu { 42466f6ce5eSHerbert Xu if (err) 42566f6ce5eSHerbert Xu goto out; 42666f6ce5eSHerbert Xu 42766f6ce5eSHerbert Xu req->base.complete = ahash_def_finup_done2; 428ef0579b6SHerbert Xu 42966f6ce5eSHerbert Xu err = crypto_ahash_reqtfm(req)->final(req); 4304e5b0ad5SGilad Ben-Yossef if (err == -EINPROGRESS || err == -EBUSY) 431ef0579b6SHerbert Xu return err; 43266f6ce5eSHerbert Xu 43366f6ce5eSHerbert Xu out: 434ef0579b6SHerbert Xu ahash_restore_req(req, err); 43566f6ce5eSHerbert Xu return err; 43666f6ce5eSHerbert Xu } 43766f6ce5eSHerbert Xu 43866f6ce5eSHerbert Xu static void ahash_def_finup_done1(struct crypto_async_request *req, int err) 43966f6ce5eSHerbert Xu { 44066f6ce5eSHerbert Xu struct ahash_request *areq = req->data; 44166f6ce5eSHerbert Xu 442ef0579b6SHerbert Xu if (err == -EINPROGRESS) { 443ef0579b6SHerbert Xu ahash_notify_einprogress(areq); 444ef0579b6SHerbert Xu return; 445ef0579b6SHerbert Xu } 446ef0579b6SHerbert Xu 447ef0579b6SHerbert Xu areq->base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; 448ef0579b6SHerbert Xu 44966f6ce5eSHerbert Xu err = ahash_def_finup_finish1(areq, err); 450ef0579b6SHerbert Xu if (areq->priv) 451ef0579b6SHerbert Xu return; 45266f6ce5eSHerbert Xu 453d4a7a0fbSMarek Vasut areq->base.complete(&areq->base, err); 45466f6ce5eSHerbert Xu } 45566f6ce5eSHerbert Xu 45666f6ce5eSHerbert Xu static int ahash_def_finup(struct ahash_request *req) 45766f6ce5eSHerbert Xu { 45866f6ce5eSHerbert Xu struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 459d4a7a0fbSMarek Vasut int err; 46066f6ce5eSHerbert Xu 461d4a7a0fbSMarek Vasut err = ahash_save_req(req, ahash_def_finup_done1); 462d4a7a0fbSMarek Vasut if (err) 463d4a7a0fbSMarek Vasut return err; 46466f6ce5eSHerbert Xu 465d4a7a0fbSMarek Vasut err = tfm->update(req); 4664e5b0ad5SGilad Ben-Yossef if (err == -EINPROGRESS || err == -EBUSY) 467ef0579b6SHerbert Xu return err; 468ef0579b6SHerbert Xu 469d4a7a0fbSMarek Vasut return ahash_def_finup_finish1(req, err); 47066f6ce5eSHerbert Xu } 47166f6ce5eSHerbert Xu 47288056ec3SHerbert Xu static int crypto_ahash_init_tfm(struct crypto_tfm *tfm) 47388056ec3SHerbert Xu { 47488056ec3SHerbert Xu struct crypto_ahash *hash = __crypto_ahash_cast(tfm); 47588056ec3SHerbert Xu struct ahash_alg *alg = crypto_ahash_alg(hash); 47688056ec3SHerbert Xu 47766f6ce5eSHerbert Xu hash->setkey = ahash_nosetkey; 47866f6ce5eSHerbert Xu 47988056ec3SHerbert Xu if (tfm->__crt_alg->cra_type != &crypto_ahash_type) 48088056ec3SHerbert Xu return crypto_init_shash_ops_async(tfm); 48188056ec3SHerbert Xu 48288056ec3SHerbert Xu hash->init = alg->init; 48388056ec3SHerbert Xu hash->update = alg->update; 48488056ec3SHerbert Xu hash->final = alg->final; 48566f6ce5eSHerbert Xu hash->finup = alg->finup ?: ahash_def_finup; 48688056ec3SHerbert Xu hash->digest = alg->digest; 4876f221f7eSKamil Konieczny hash->export = alg->export; 4886f221f7eSKamil Konieczny hash->import = alg->import; 48966f6ce5eSHerbert Xu 490a5596d63SHerbert Xu if (alg->setkey) { 49166f6ce5eSHerbert Xu hash->setkey = alg->setkey; 4929fa68f62SEric Biggers if (!(alg->halg.base.cra_flags & CRYPTO_ALG_OPTIONAL_KEY)) 4939fa68f62SEric Biggers crypto_ahash_set_flags(hash, CRYPTO_TFM_NEED_KEY); 494a5596d63SHerbert Xu } 49588056ec3SHerbert Xu 49688056ec3SHerbert Xu return 0; 49788056ec3SHerbert Xu } 49888056ec3SHerbert Xu 49988056ec3SHerbert Xu static unsigned int crypto_ahash_extsize(struct crypto_alg *alg) 50088056ec3SHerbert Xu { 5012495cf25SHerbert Xu if (alg->cra_type != &crypto_ahash_type) 50288056ec3SHerbert Xu return sizeof(struct crypto_shash *); 5032495cf25SHerbert Xu 5042495cf25SHerbert Xu return crypto_alg_extsize(alg); 50588056ec3SHerbert Xu } 50688056ec3SHerbert Xu 5073acc8473SHerbert Xu #ifdef CONFIG_NET 5086238cbaeSSteffen Klassert static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg) 5096238cbaeSSteffen Klassert { 5106238cbaeSSteffen Klassert struct crypto_report_hash rhash; 5116238cbaeSSteffen Klassert 51237db69e0SEric Biggers memset(&rhash, 0, sizeof(rhash)); 51337db69e0SEric Biggers 51437db69e0SEric Biggers strscpy(rhash.type, "ahash", sizeof(rhash.type)); 5156238cbaeSSteffen Klassert 5166238cbaeSSteffen Klassert rhash.blocksize = alg->cra_blocksize; 5176238cbaeSSteffen Klassert rhash.digestsize = __crypto_hash_alg_common(alg)->digestsize; 5186238cbaeSSteffen Klassert 51937db69e0SEric Biggers return nla_put(skb, CRYPTOCFGA_REPORT_HASH, sizeof(rhash), &rhash); 5206238cbaeSSteffen Klassert } 5213acc8473SHerbert Xu #else 5223acc8473SHerbert Xu static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg) 5233acc8473SHerbert Xu { 5243acc8473SHerbert Xu return -ENOSYS; 5253acc8473SHerbert Xu } 5263acc8473SHerbert Xu #endif 5276238cbaeSSteffen Klassert 528004a403cSLoc Ho static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg) 529d8c34b94SGideon Israel Dsouza __maybe_unused; 530004a403cSLoc Ho static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg) 531004a403cSLoc Ho { 532004a403cSLoc Ho seq_printf(m, "type : ahash\n"); 533004a403cSLoc Ho seq_printf(m, "async : %s\n", alg->cra_flags & CRYPTO_ALG_ASYNC ? 534004a403cSLoc Ho "yes" : "no"); 535004a403cSLoc Ho seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); 53688056ec3SHerbert Xu seq_printf(m, "digestsize : %u\n", 53788056ec3SHerbert Xu __crypto_hash_alg_common(alg)->digestsize); 538004a403cSLoc Ho } 539004a403cSLoc Ho 540004a403cSLoc Ho const struct crypto_type crypto_ahash_type = { 54188056ec3SHerbert Xu .extsize = crypto_ahash_extsize, 54288056ec3SHerbert Xu .init_tfm = crypto_ahash_init_tfm, 543004a403cSLoc Ho #ifdef CONFIG_PROC_FS 544004a403cSLoc Ho .show = crypto_ahash_show, 545004a403cSLoc Ho #endif 5466238cbaeSSteffen Klassert .report = crypto_ahash_report, 54788056ec3SHerbert Xu .maskclear = ~CRYPTO_ALG_TYPE_MASK, 54888056ec3SHerbert Xu .maskset = CRYPTO_ALG_TYPE_AHASH_MASK, 54988056ec3SHerbert Xu .type = CRYPTO_ALG_TYPE_AHASH, 55088056ec3SHerbert Xu .tfmsize = offsetof(struct crypto_ahash, base), 551004a403cSLoc Ho }; 552004a403cSLoc Ho EXPORT_SYMBOL_GPL(crypto_ahash_type); 553004a403cSLoc Ho 55488056ec3SHerbert Xu struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type, 55588056ec3SHerbert Xu u32 mask) 55688056ec3SHerbert Xu { 55788056ec3SHerbert Xu return crypto_alloc_tfm(alg_name, &crypto_ahash_type, type, mask); 55888056ec3SHerbert Xu } 55988056ec3SHerbert Xu EXPORT_SYMBOL_GPL(crypto_alloc_ahash); 56088056ec3SHerbert Xu 5618d18e34cSHerbert Xu int crypto_has_ahash(const char *alg_name, u32 type, u32 mask) 5628d18e34cSHerbert Xu { 5638d18e34cSHerbert Xu return crypto_type_has_alg(alg_name, &crypto_ahash_type, type, mask); 5648d18e34cSHerbert Xu } 5658d18e34cSHerbert Xu EXPORT_SYMBOL_GPL(crypto_has_ahash); 5668d18e34cSHerbert Xu 56701c2deceSHerbert Xu static int ahash_prepare_alg(struct ahash_alg *alg) 56801c2deceSHerbert Xu { 56901c2deceSHerbert Xu struct crypto_alg *base = &alg->halg.base; 57001c2deceSHerbert Xu 571b68a7ec1SKees Cook if (alg->halg.digestsize > HASH_MAX_DIGESTSIZE || 572b68a7ec1SKees Cook alg->halg.statesize > HASH_MAX_STATESIZE || 5738996eafdSRussell King alg->halg.statesize == 0) 57401c2deceSHerbert Xu return -EINVAL; 57501c2deceSHerbert Xu 57601c2deceSHerbert Xu base->cra_type = &crypto_ahash_type; 57701c2deceSHerbert Xu base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 57801c2deceSHerbert Xu base->cra_flags |= CRYPTO_ALG_TYPE_AHASH; 57901c2deceSHerbert Xu 58001c2deceSHerbert Xu return 0; 58101c2deceSHerbert Xu } 58201c2deceSHerbert Xu 58301c2deceSHerbert Xu int crypto_register_ahash(struct ahash_alg *alg) 58401c2deceSHerbert Xu { 58501c2deceSHerbert Xu struct crypto_alg *base = &alg->halg.base; 58601c2deceSHerbert Xu int err; 58701c2deceSHerbert Xu 58801c2deceSHerbert Xu err = ahash_prepare_alg(alg); 58901c2deceSHerbert Xu if (err) 59001c2deceSHerbert Xu return err; 59101c2deceSHerbert Xu 59201c2deceSHerbert Xu return crypto_register_alg(base); 59301c2deceSHerbert Xu } 59401c2deceSHerbert Xu EXPORT_SYMBOL_GPL(crypto_register_ahash); 59501c2deceSHerbert Xu 59601c2deceSHerbert Xu int crypto_unregister_ahash(struct ahash_alg *alg) 59701c2deceSHerbert Xu { 59801c2deceSHerbert Xu return crypto_unregister_alg(&alg->halg.base); 59901c2deceSHerbert Xu } 60001c2deceSHerbert Xu EXPORT_SYMBOL_GPL(crypto_unregister_ahash); 60101c2deceSHerbert Xu 6026f7473c5SRabin Vincent int crypto_register_ahashes(struct ahash_alg *algs, int count) 6036f7473c5SRabin Vincent { 6046f7473c5SRabin Vincent int i, ret; 6056f7473c5SRabin Vincent 6066f7473c5SRabin Vincent for (i = 0; i < count; i++) { 6076f7473c5SRabin Vincent ret = crypto_register_ahash(&algs[i]); 6086f7473c5SRabin Vincent if (ret) 6096f7473c5SRabin Vincent goto err; 6106f7473c5SRabin Vincent } 6116f7473c5SRabin Vincent 6126f7473c5SRabin Vincent return 0; 6136f7473c5SRabin Vincent 6146f7473c5SRabin Vincent err: 6156f7473c5SRabin Vincent for (--i; i >= 0; --i) 6166f7473c5SRabin Vincent crypto_unregister_ahash(&algs[i]); 6176f7473c5SRabin Vincent 6186f7473c5SRabin Vincent return ret; 6196f7473c5SRabin Vincent } 6206f7473c5SRabin Vincent EXPORT_SYMBOL_GPL(crypto_register_ahashes); 6216f7473c5SRabin Vincent 6226f7473c5SRabin Vincent void crypto_unregister_ahashes(struct ahash_alg *algs, int count) 6236f7473c5SRabin Vincent { 6246f7473c5SRabin Vincent int i; 6256f7473c5SRabin Vincent 6266f7473c5SRabin Vincent for (i = count - 1; i >= 0; --i) 6276f7473c5SRabin Vincent crypto_unregister_ahash(&algs[i]); 6286f7473c5SRabin Vincent } 6296f7473c5SRabin Vincent EXPORT_SYMBOL_GPL(crypto_unregister_ahashes); 6306f7473c5SRabin Vincent 63101c2deceSHerbert Xu int ahash_register_instance(struct crypto_template *tmpl, 63201c2deceSHerbert Xu struct ahash_instance *inst) 63301c2deceSHerbert Xu { 63401c2deceSHerbert Xu int err; 63501c2deceSHerbert Xu 63601c2deceSHerbert Xu err = ahash_prepare_alg(&inst->alg); 63701c2deceSHerbert Xu if (err) 63801c2deceSHerbert Xu return err; 63901c2deceSHerbert Xu 64001c2deceSHerbert Xu return crypto_register_instance(tmpl, ahash_crypto_instance(inst)); 64101c2deceSHerbert Xu } 64201c2deceSHerbert Xu EXPORT_SYMBOL_GPL(ahash_register_instance); 64301c2deceSHerbert Xu 64401c2deceSHerbert Xu void ahash_free_instance(struct crypto_instance *inst) 64501c2deceSHerbert Xu { 64601c2deceSHerbert Xu crypto_drop_spawn(crypto_instance_ctx(inst)); 64701c2deceSHerbert Xu kfree(ahash_instance(inst)); 64801c2deceSHerbert Xu } 64901c2deceSHerbert Xu EXPORT_SYMBOL_GPL(ahash_free_instance); 65001c2deceSHerbert Xu 65101c2deceSHerbert Xu int crypto_init_ahash_spawn(struct crypto_ahash_spawn *spawn, 65201c2deceSHerbert Xu struct hash_alg_common *alg, 65301c2deceSHerbert Xu struct crypto_instance *inst) 65401c2deceSHerbert Xu { 65501c2deceSHerbert Xu return crypto_init_spawn2(&spawn->base, &alg->base, inst, 65601c2deceSHerbert Xu &crypto_ahash_type); 65701c2deceSHerbert Xu } 65801c2deceSHerbert Xu EXPORT_SYMBOL_GPL(crypto_init_ahash_spawn); 65901c2deceSHerbert Xu 66001c2deceSHerbert Xu struct hash_alg_common *ahash_attr_alg(struct rtattr *rta, u32 type, u32 mask) 66101c2deceSHerbert Xu { 66201c2deceSHerbert Xu struct crypto_alg *alg; 66301c2deceSHerbert Xu 66401c2deceSHerbert Xu alg = crypto_attr_alg2(rta, &crypto_ahash_type, type, mask); 66501c2deceSHerbert Xu return IS_ERR(alg) ? ERR_CAST(alg) : __crypto_hash_alg_common(alg); 66601c2deceSHerbert Xu } 66701c2deceSHerbert Xu EXPORT_SYMBOL_GPL(ahash_attr_alg); 66801c2deceSHerbert Xu 669cd6ed77aSEric Biggers bool crypto_hash_alg_has_setkey(struct hash_alg_common *halg) 670cd6ed77aSEric Biggers { 671cd6ed77aSEric Biggers struct crypto_alg *alg = &halg->base; 672cd6ed77aSEric Biggers 673cd6ed77aSEric Biggers if (alg->cra_type != &crypto_ahash_type) 674cd6ed77aSEric Biggers return crypto_shash_alg_has_setkey(__crypto_shash_alg(alg)); 675cd6ed77aSEric Biggers 676cd6ed77aSEric Biggers return __crypto_ahash_alg(alg)->setkey != NULL; 677cd6ed77aSEric Biggers } 678cd6ed77aSEric Biggers EXPORT_SYMBOL_GPL(crypto_hash_alg_has_setkey); 679cd6ed77aSEric Biggers 680004a403cSLoc Ho MODULE_LICENSE("GPL"); 681004a403cSLoc Ho MODULE_DESCRIPTION("Asynchronous cryptographic hash type"); 682