1 /* 2 * Hash: Hash algorithms under the crypto API 3 * 4 * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au> 5 * 6 * This program is free software; you can redistribute it and/or modify it 7 * under the terms of the GNU General Public License as published by the Free 8 * Software Foundation; either version 2 of the License, or (at your option) 9 * any later version. 10 * 11 */ 12 13 #ifndef _CRYPTO_HASH_H 14 #define _CRYPTO_HASH_H 15 16 #include <linux/crypto.h> 17 18 struct crypto_ahash; 19 20 /** 21 * DOC: Message Digest Algorithm Definitions 22 * 23 * These data structures define modular message digest algorithm 24 * implementations, managed via crypto_register_ahash(), 25 * crypto_register_shash(), crypto_unregister_ahash() and 26 * crypto_unregister_shash(). 27 */ 28 29 /** 30 * struct hash_alg_common - define properties of message digest 31 * @digestsize: Size of the result of the transformation. A buffer of this size 32 * must be available to the @final and @finup calls, so they can 33 * store the resulting hash into it. For various predefined sizes, 34 * search include/crypto/ using 35 * git grep _DIGEST_SIZE include/crypto. 36 * @statesize: Size of the block for partial state of the transformation. A 37 * buffer of this size must be passed to the @export function as it 38 * will save the partial state of the transformation into it. On the 39 * other side, the @import function will load the state from a 40 * buffer of this size as well. 41 * @base: Start of data structure of cipher algorithm. The common data 42 * structure of crypto_alg contains information common to all ciphers. 43 * The hash_alg_common data structure now adds the hash-specific 44 * information. 45 */ 46 struct hash_alg_common { 47 unsigned int digestsize; 48 unsigned int statesize; 49 50 struct crypto_alg base; 51 }; 52 53 struct ahash_request { 54 struct crypto_async_request base; 55 56 unsigned int nbytes; 57 struct scatterlist *src; 58 u8 *result; 59 60 /* This field may only be used by the ahash API code. */ 61 void *priv; 62 63 void *__ctx[] CRYPTO_MINALIGN_ATTR; 64 }; 65 66 #define AHASH_REQUEST_ON_STACK(name, ahash) \ 67 char __##name##_desc[sizeof(struct ahash_request) + \ 68 crypto_ahash_reqsize(ahash)] CRYPTO_MINALIGN_ATTR; \ 69 struct ahash_request *name = (void *)__##name##_desc 70 71 /** 72 * struct ahash_alg - asynchronous message digest definition 73 * @init: Initialize the transformation context. Intended only to initialize the 74 * state of the HASH transformation at the beginning. This shall fill in 75 * the internal structures used during the entire duration of the whole 76 * transformation. No data processing happens at this point. 77 * @update: Push a chunk of data into the driver for transformation. This 78 * function actually pushes blocks of data from upper layers into the 79 * driver, which then passes those to the hardware as seen fit. This 80 * function must not finalize the HASH transformation by calculating the 81 * final message digest as this only adds more data into the 82 * transformation. This function shall not modify the transformation 83 * context, as this function may be called in parallel with the same 84 * transformation object. Data processing can happen synchronously 85 * [SHASH] or asynchronously [AHASH] at this point. 86 * @final: Retrieve result from the driver. This function finalizes the 87 * transformation and retrieves the resulting hash from the driver and 88 * pushes it back to upper layers. No data processing happens at this 89 * point. 90 * @finup: Combination of @update and @final. This function is effectively a 91 * combination of @update and @final calls issued in sequence. As some 92 * hardware cannot do @update and @final separately, this callback was 93 * added to allow such hardware to be used at least by IPsec. Data 94 * processing can happen synchronously [SHASH] or asynchronously [AHASH] 95 * at this point. 96 * @digest: Combination of @init and @update and @final. This function 97 * effectively behaves as the entire chain of operations, @init, 98 * @update and @final issued in sequence. Just like @finup, this was 99 * added for hardware which cannot do even the @finup, but can only do 100 * the whole transformation in one run. Data processing can happen 101 * synchronously [SHASH] or asynchronously [AHASH] at this point. 102 * @setkey: Set optional key used by the hashing algorithm. Intended to push 103 * optional key used by the hashing algorithm from upper layers into 104 * the driver. This function can store the key in the transformation 105 * context or can outright program it into the hardware. In the former 106 * case, one must be careful to program the key into the hardware at 107 * appropriate time and one must be careful that .setkey() can be 108 * called multiple times during the existence of the transformation 109 * object. Not all hashing algorithms do implement this function as it 110 * is only needed for keyed message digests. SHAx/MDx/CRCx do NOT 111 * implement this function. HMAC(MDx)/HMAC(SHAx)/CMAC(AES) do implement 112 * this function. This function must be called before any other of the 113 * @init, @update, @final, @finup, @digest is called. No data 114 * processing happens at this point. 115 * @export: Export partial state of the transformation. This function dumps the 116 * entire state of the ongoing transformation into a provided block of 117 * data so it can be @import 'ed back later on. This is useful in case 118 * you want to save partial result of the transformation after 119 * processing certain amount of data and reload this partial result 120 * multiple times later on for multiple re-use. No data processing 121 * happens at this point. 122 * @import: Import partial state of the transformation. This function loads the 123 * entire state of the ongoing transformation from a provided block of 124 * data so the transformation can continue from this point onward. No 125 * data processing happens at this point. 126 * @halg: see struct hash_alg_common 127 */ 128 struct ahash_alg { 129 int (*init)(struct ahash_request *req); 130 int (*update)(struct ahash_request *req); 131 int (*final)(struct ahash_request *req); 132 int (*finup)(struct ahash_request *req); 133 int (*digest)(struct ahash_request *req); 134 int (*export)(struct ahash_request *req, void *out); 135 int (*import)(struct ahash_request *req, const void *in); 136 int (*setkey)(struct crypto_ahash *tfm, const u8 *key, 137 unsigned int keylen); 138 139 struct hash_alg_common halg; 140 }; 141 142 struct shash_desc { 143 struct crypto_shash *tfm; 144 u32 flags; 145 146 void *__ctx[] CRYPTO_MINALIGN_ATTR; 147 }; 148 149 #define SHASH_DESC_ON_STACK(shash, ctx) \ 150 char __##shash##_desc[sizeof(struct shash_desc) + \ 151 crypto_shash_descsize(ctx)] CRYPTO_MINALIGN_ATTR; \ 152 struct shash_desc *shash = (struct shash_desc *)__##shash##_desc 153 154 /** 155 * struct shash_alg - synchronous message digest definition 156 * @init: see struct ahash_alg 157 * @update: see struct ahash_alg 158 * @final: see struct ahash_alg 159 * @finup: see struct ahash_alg 160 * @digest: see struct ahash_alg 161 * @export: see struct ahash_alg 162 * @import: see struct ahash_alg 163 * @setkey: see struct ahash_alg 164 * @digestsize: see struct ahash_alg 165 * @statesize: see struct ahash_alg 166 * @descsize: Size of the operational state for the message digest. This state 167 * size is the memory size that needs to be allocated for 168 * shash_desc.__ctx 169 * @base: internally used 170 */ 171 struct shash_alg { 172 int (*init)(struct shash_desc *desc); 173 int (*update)(struct shash_desc *desc, const u8 *data, 174 unsigned int len); 175 int (*final)(struct shash_desc *desc, u8 *out); 176 int (*finup)(struct shash_desc *desc, const u8 *data, 177 unsigned int len, u8 *out); 178 int (*digest)(struct shash_desc *desc, const u8 *data, 179 unsigned int len, u8 *out); 180 int (*export)(struct shash_desc *desc, void *out); 181 int (*import)(struct shash_desc *desc, const void *in); 182 int (*setkey)(struct crypto_shash *tfm, const u8 *key, 183 unsigned int keylen); 184 185 unsigned int descsize; 186 187 /* These fields must match hash_alg_common. */ 188 unsigned int digestsize 189 __attribute__ ((aligned(__alignof__(struct hash_alg_common)))); 190 unsigned int statesize; 191 192 struct crypto_alg base; 193 }; 194 195 struct crypto_ahash { 196 int (*init)(struct ahash_request *req); 197 int (*update)(struct ahash_request *req); 198 int (*final)(struct ahash_request *req); 199 int (*finup)(struct ahash_request *req); 200 int (*digest)(struct ahash_request *req); 201 int (*export)(struct ahash_request *req, void *out); 202 int (*import)(struct ahash_request *req, const void *in); 203 int (*setkey)(struct crypto_ahash *tfm, const u8 *key, 204 unsigned int keylen); 205 206 unsigned int reqsize; 207 struct crypto_tfm base; 208 }; 209 210 struct crypto_shash { 211 unsigned int descsize; 212 struct crypto_tfm base; 213 }; 214 215 /** 216 * DOC: Asynchronous Message Digest API 217 * 218 * The asynchronous message digest API is used with the ciphers of type 219 * CRYPTO_ALG_TYPE_AHASH (listed as type "ahash" in /proc/crypto) 220 * 221 * The asynchronous cipher operation discussion provided for the 222 * CRYPTO_ALG_TYPE_ABLKCIPHER API applies here as well. 223 */ 224 225 static inline struct crypto_ahash *__crypto_ahash_cast(struct crypto_tfm *tfm) 226 { 227 return container_of(tfm, struct crypto_ahash, base); 228 } 229 230 /** 231 * crypto_alloc_ahash() - allocate ahash cipher handle 232 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the 233 * ahash cipher 234 * @type: specifies the type of the cipher 235 * @mask: specifies the mask for the cipher 236 * 237 * Allocate a cipher handle for an ahash. The returned struct 238 * crypto_ahash is the cipher handle that is required for any subsequent 239 * API invocation for that ahash. 240 * 241 * Return: allocated cipher handle in case of success; IS_ERR() is true in case 242 * of an error, PTR_ERR() returns the error code. 243 */ 244 struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type, 245 u32 mask); 246 247 static inline struct crypto_tfm *crypto_ahash_tfm(struct crypto_ahash *tfm) 248 { 249 return &tfm->base; 250 } 251 252 /** 253 * crypto_free_ahash() - zeroize and free the ahash handle 254 * @tfm: cipher handle to be freed 255 */ 256 static inline void crypto_free_ahash(struct crypto_ahash *tfm) 257 { 258 crypto_destroy_tfm(tfm, crypto_ahash_tfm(tfm)); 259 } 260 261 static inline unsigned int crypto_ahash_alignmask( 262 struct crypto_ahash *tfm) 263 { 264 return crypto_tfm_alg_alignmask(crypto_ahash_tfm(tfm)); 265 } 266 267 /** 268 * crypto_ahash_blocksize() - obtain block size for cipher 269 * @tfm: cipher handle 270 * 271 * The block size for the message digest cipher referenced with the cipher 272 * handle is returned. 273 * 274 * Return: block size of cipher 275 */ 276 static inline unsigned int crypto_ahash_blocksize(struct crypto_ahash *tfm) 277 { 278 return crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm)); 279 } 280 281 static inline struct hash_alg_common *__crypto_hash_alg_common( 282 struct crypto_alg *alg) 283 { 284 return container_of(alg, struct hash_alg_common, base); 285 } 286 287 static inline struct hash_alg_common *crypto_hash_alg_common( 288 struct crypto_ahash *tfm) 289 { 290 return __crypto_hash_alg_common(crypto_ahash_tfm(tfm)->__crt_alg); 291 } 292 293 /** 294 * crypto_ahash_digestsize() - obtain message digest size 295 * @tfm: cipher handle 296 * 297 * The size for the message digest created by the message digest cipher 298 * referenced with the cipher handle is returned. 299 * 300 * 301 * Return: message digest size of cipher 302 */ 303 static inline unsigned int crypto_ahash_digestsize(struct crypto_ahash *tfm) 304 { 305 return crypto_hash_alg_common(tfm)->digestsize; 306 } 307 308 static inline unsigned int crypto_ahash_statesize(struct crypto_ahash *tfm) 309 { 310 return crypto_hash_alg_common(tfm)->statesize; 311 } 312 313 static inline u32 crypto_ahash_get_flags(struct crypto_ahash *tfm) 314 { 315 return crypto_tfm_get_flags(crypto_ahash_tfm(tfm)); 316 } 317 318 static inline void crypto_ahash_set_flags(struct crypto_ahash *tfm, u32 flags) 319 { 320 crypto_tfm_set_flags(crypto_ahash_tfm(tfm), flags); 321 } 322 323 static inline void crypto_ahash_clear_flags(struct crypto_ahash *tfm, u32 flags) 324 { 325 crypto_tfm_clear_flags(crypto_ahash_tfm(tfm), flags); 326 } 327 328 /** 329 * crypto_ahash_reqtfm() - obtain cipher handle from request 330 * @req: asynchronous request handle that contains the reference to the ahash 331 * cipher handle 332 * 333 * Return the ahash cipher handle that is registered with the asynchronous 334 * request handle ahash_request. 335 * 336 * Return: ahash cipher handle 337 */ 338 static inline struct crypto_ahash *crypto_ahash_reqtfm( 339 struct ahash_request *req) 340 { 341 return __crypto_ahash_cast(req->base.tfm); 342 } 343 344 /** 345 * crypto_ahash_reqsize() - obtain size of the request data structure 346 * @tfm: cipher handle 347 * 348 * Return the size of the ahash state size. With the crypto_ahash_export 349 * function, the caller can export the state into a buffer whose size is 350 * defined with this function. 351 * 352 * Return: size of the ahash state 353 */ 354 static inline unsigned int crypto_ahash_reqsize(struct crypto_ahash *tfm) 355 { 356 return tfm->reqsize; 357 } 358 359 static inline void *ahash_request_ctx(struct ahash_request *req) 360 { 361 return req->__ctx; 362 } 363 364 /** 365 * crypto_ahash_setkey - set key for cipher handle 366 * @tfm: cipher handle 367 * @key: buffer holding the key 368 * @keylen: length of the key in bytes 369 * 370 * The caller provided key is set for the ahash cipher. The cipher 371 * handle must point to a keyed hash in order for this function to succeed. 372 * 373 * Return: 0 if the setting of the key was successful; < 0 if an error occurred 374 */ 375 int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key, 376 unsigned int keylen); 377 378 /** 379 * crypto_ahash_finup() - update and finalize message digest 380 * @req: reference to the ahash_request handle that holds all information 381 * needed to perform the cipher operation 382 * 383 * This function is a "short-hand" for the function calls of 384 * crypto_ahash_update and crypto_shash_final. The parameters have the same 385 * meaning as discussed for those separate functions. 386 * 387 * Return: 0 if the message digest creation was successful; < 0 if an error 388 * occurred 389 */ 390 int crypto_ahash_finup(struct ahash_request *req); 391 392 /** 393 * crypto_ahash_final() - calculate message digest 394 * @req: reference to the ahash_request handle that holds all information 395 * needed to perform the cipher operation 396 * 397 * Finalize the message digest operation and create the message digest 398 * based on all data added to the cipher handle. The message digest is placed 399 * into the output buffer registered with the ahash_request handle. 400 * 401 * Return: 0 if the message digest creation was successful; < 0 if an error 402 * occurred 403 */ 404 int crypto_ahash_final(struct ahash_request *req); 405 406 /** 407 * crypto_ahash_digest() - calculate message digest for a buffer 408 * @req: reference to the ahash_request handle that holds all information 409 * needed to perform the cipher operation 410 * 411 * This function is a "short-hand" for the function calls of crypto_ahash_init, 412 * crypto_ahash_update and crypto_ahash_final. The parameters have the same 413 * meaning as discussed for those separate three functions. 414 * 415 * Return: 0 if the message digest creation was successful; < 0 if an error 416 * occurred 417 */ 418 int crypto_ahash_digest(struct ahash_request *req); 419 420 /** 421 * crypto_ahash_export() - extract current message digest state 422 * @req: reference to the ahash_request handle whose state is exported 423 * @out: output buffer of sufficient size that can hold the hash state 424 * 425 * This function exports the hash state of the ahash_request handle into the 426 * caller-allocated output buffer out which must have sufficient size (e.g. by 427 * calling crypto_ahash_reqsize). 428 * 429 * Return: 0 if the export was successful; < 0 if an error occurred 430 */ 431 static inline int crypto_ahash_export(struct ahash_request *req, void *out) 432 { 433 return crypto_ahash_reqtfm(req)->export(req, out); 434 } 435 436 /** 437 * crypto_ahash_import() - import message digest state 438 * @req: reference to ahash_request handle the state is imported into 439 * @in: buffer holding the state 440 * 441 * This function imports the hash state into the ahash_request handle from the 442 * input buffer. That buffer should have been generated with the 443 * crypto_ahash_export function. 444 * 445 * Return: 0 if the import was successful; < 0 if an error occurred 446 */ 447 static inline int crypto_ahash_import(struct ahash_request *req, const void *in) 448 { 449 return crypto_ahash_reqtfm(req)->import(req, in); 450 } 451 452 /** 453 * crypto_ahash_init() - (re)initialize message digest handle 454 * @req: ahash_request handle that already is initialized with all necessary 455 * data using the ahash_request_* API functions 456 * 457 * The call (re-)initializes the message digest referenced by the ahash_request 458 * handle. Any potentially existing state created by previous operations is 459 * discarded. 460 * 461 * Return: 0 if the message digest initialization was successful; < 0 if an 462 * error occurred 463 */ 464 static inline int crypto_ahash_init(struct ahash_request *req) 465 { 466 return crypto_ahash_reqtfm(req)->init(req); 467 } 468 469 /** 470 * crypto_ahash_update() - add data to message digest for processing 471 * @req: ahash_request handle that was previously initialized with the 472 * crypto_ahash_init call. 473 * 474 * Updates the message digest state of the &ahash_request handle. The input data 475 * is pointed to by the scatter/gather list registered in the &ahash_request 476 * handle 477 * 478 * Return: 0 if the message digest update was successful; < 0 if an error 479 * occurred 480 */ 481 static inline int crypto_ahash_update(struct ahash_request *req) 482 { 483 return crypto_ahash_reqtfm(req)->update(req); 484 } 485 486 /** 487 * DOC: Asynchronous Hash Request Handle 488 * 489 * The &ahash_request data structure contains all pointers to data 490 * required for the asynchronous cipher operation. This includes the cipher 491 * handle (which can be used by multiple &ahash_request instances), pointer 492 * to plaintext and the message digest output buffer, asynchronous callback 493 * function, etc. It acts as a handle to the ahash_request_* API calls in a 494 * similar way as ahash handle to the crypto_ahash_* API calls. 495 */ 496 497 /** 498 * ahash_request_set_tfm() - update cipher handle reference in request 499 * @req: request handle to be modified 500 * @tfm: cipher handle that shall be added to the request handle 501 * 502 * Allow the caller to replace the existing ahash handle in the request 503 * data structure with a different one. 504 */ 505 static inline void ahash_request_set_tfm(struct ahash_request *req, 506 struct crypto_ahash *tfm) 507 { 508 req->base.tfm = crypto_ahash_tfm(tfm); 509 } 510 511 /** 512 * ahash_request_alloc() - allocate request data structure 513 * @tfm: cipher handle to be registered with the request 514 * @gfp: memory allocation flag that is handed to kmalloc by the API call. 515 * 516 * Allocate the request data structure that must be used with the ahash 517 * message digest API calls. During 518 * the allocation, the provided ahash handle 519 * is registered in the request data structure. 520 * 521 * Return: allocated request handle in case of success; IS_ERR() is true in case 522 * of an error, PTR_ERR() returns the error code. 523 */ 524 static inline struct ahash_request *ahash_request_alloc( 525 struct crypto_ahash *tfm, gfp_t gfp) 526 { 527 struct ahash_request *req; 528 529 req = kmalloc(sizeof(struct ahash_request) + 530 crypto_ahash_reqsize(tfm), gfp); 531 532 if (likely(req)) 533 ahash_request_set_tfm(req, tfm); 534 535 return req; 536 } 537 538 /** 539 * ahash_request_free() - zeroize and free the request data structure 540 * @req: request data structure cipher handle to be freed 541 */ 542 static inline void ahash_request_free(struct ahash_request *req) 543 { 544 kzfree(req); 545 } 546 547 static inline struct ahash_request *ahash_request_cast( 548 struct crypto_async_request *req) 549 { 550 return container_of(req, struct ahash_request, base); 551 } 552 553 /** 554 * ahash_request_set_callback() - set asynchronous callback function 555 * @req: request handle 556 * @flags: specify zero or an ORing of the flags 557 * CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and 558 * increase the wait queue beyond the initial maximum size; 559 * CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep 560 * @compl: callback function pointer to be registered with the request handle 561 * @data: The data pointer refers to memory that is not used by the kernel 562 * crypto API, but provided to the callback function for it to use. Here, 563 * the caller can provide a reference to memory the callback function can 564 * operate on. As the callback function is invoked asynchronously to the 565 * related functionality, it may need to access data structures of the 566 * related functionality which can be referenced using this pointer. The 567 * callback function can access the memory via the "data" field in the 568 * &crypto_async_request data structure provided to the callback function. 569 * 570 * This function allows setting the callback function that is triggered once 571 * the cipher operation completes. 572 * 573 * The callback function is registered with the &ahash_request handle and 574 * must comply with the following template 575 * 576 * void callback_function(struct crypto_async_request *req, int error) 577 */ 578 static inline void ahash_request_set_callback(struct ahash_request *req, 579 u32 flags, 580 crypto_completion_t compl, 581 void *data) 582 { 583 req->base.complete = compl; 584 req->base.data = data; 585 req->base.flags = flags; 586 } 587 588 /** 589 * ahash_request_set_crypt() - set data buffers 590 * @req: ahash_request handle to be updated 591 * @src: source scatter/gather list 592 * @result: buffer that is filled with the message digest -- the caller must 593 * ensure that the buffer has sufficient space by, for example, calling 594 * crypto_ahash_digestsize() 595 * @nbytes: number of bytes to process from the source scatter/gather list 596 * 597 * By using this call, the caller references the source scatter/gather list. 598 * The source scatter/gather list points to the data the message digest is to 599 * be calculated for. 600 */ 601 static inline void ahash_request_set_crypt(struct ahash_request *req, 602 struct scatterlist *src, u8 *result, 603 unsigned int nbytes) 604 { 605 req->src = src; 606 req->nbytes = nbytes; 607 req->result = result; 608 } 609 610 /** 611 * DOC: Synchronous Message Digest API 612 * 613 * The synchronous message digest API is used with the ciphers of type 614 * CRYPTO_ALG_TYPE_SHASH (listed as type "shash" in /proc/crypto) 615 * 616 * The message digest API is able to maintain state information for the 617 * caller. 618 * 619 * The synchronous message digest API can store user-related context in in its 620 * shash_desc request data structure. 621 */ 622 623 /** 624 * crypto_alloc_shash() - allocate message digest handle 625 * @alg_name: is the cra_name / name or cra_driver_name / driver name of the 626 * message digest cipher 627 * @type: specifies the type of the cipher 628 * @mask: specifies the mask for the cipher 629 * 630 * Allocate a cipher handle for a message digest. The returned &struct 631 * crypto_shash is the cipher handle that is required for any subsequent 632 * API invocation for that message digest. 633 * 634 * Return: allocated cipher handle in case of success; IS_ERR() is true in case 635 * of an error, PTR_ERR() returns the error code. 636 */ 637 struct crypto_shash *crypto_alloc_shash(const char *alg_name, u32 type, 638 u32 mask); 639 640 static inline struct crypto_tfm *crypto_shash_tfm(struct crypto_shash *tfm) 641 { 642 return &tfm->base; 643 } 644 645 /** 646 * crypto_free_shash() - zeroize and free the message digest handle 647 * @tfm: cipher handle to be freed 648 */ 649 static inline void crypto_free_shash(struct crypto_shash *tfm) 650 { 651 crypto_destroy_tfm(tfm, crypto_shash_tfm(tfm)); 652 } 653 654 static inline unsigned int crypto_shash_alignmask( 655 struct crypto_shash *tfm) 656 { 657 return crypto_tfm_alg_alignmask(crypto_shash_tfm(tfm)); 658 } 659 660 /** 661 * crypto_shash_blocksize() - obtain block size for cipher 662 * @tfm: cipher handle 663 * 664 * The block size for the message digest cipher referenced with the cipher 665 * handle is returned. 666 * 667 * Return: block size of cipher 668 */ 669 static inline unsigned int crypto_shash_blocksize(struct crypto_shash *tfm) 670 { 671 return crypto_tfm_alg_blocksize(crypto_shash_tfm(tfm)); 672 } 673 674 static inline struct shash_alg *__crypto_shash_alg(struct crypto_alg *alg) 675 { 676 return container_of(alg, struct shash_alg, base); 677 } 678 679 static inline struct shash_alg *crypto_shash_alg(struct crypto_shash *tfm) 680 { 681 return __crypto_shash_alg(crypto_shash_tfm(tfm)->__crt_alg); 682 } 683 684 /** 685 * crypto_shash_digestsize() - obtain message digest size 686 * @tfm: cipher handle 687 * 688 * The size for the message digest created by the message digest cipher 689 * referenced with the cipher handle is returned. 690 * 691 * Return: digest size of cipher 692 */ 693 static inline unsigned int crypto_shash_digestsize(struct crypto_shash *tfm) 694 { 695 return crypto_shash_alg(tfm)->digestsize; 696 } 697 698 static inline unsigned int crypto_shash_statesize(struct crypto_shash *tfm) 699 { 700 return crypto_shash_alg(tfm)->statesize; 701 } 702 703 static inline u32 crypto_shash_get_flags(struct crypto_shash *tfm) 704 { 705 return crypto_tfm_get_flags(crypto_shash_tfm(tfm)); 706 } 707 708 static inline void crypto_shash_set_flags(struct crypto_shash *tfm, u32 flags) 709 { 710 crypto_tfm_set_flags(crypto_shash_tfm(tfm), flags); 711 } 712 713 static inline void crypto_shash_clear_flags(struct crypto_shash *tfm, u32 flags) 714 { 715 crypto_tfm_clear_flags(crypto_shash_tfm(tfm), flags); 716 } 717 718 /** 719 * crypto_shash_descsize() - obtain the operational state size 720 * @tfm: cipher handle 721 * 722 * The size of the operational state the cipher needs during operation is 723 * returned for the hash referenced with the cipher handle. This size is 724 * required to calculate the memory requirements to allow the caller allocating 725 * sufficient memory for operational state. 726 * 727 * The operational state is defined with struct shash_desc where the size of 728 * that data structure is to be calculated as 729 * sizeof(struct shash_desc) + crypto_shash_descsize(alg) 730 * 731 * Return: size of the operational state 732 */ 733 static inline unsigned int crypto_shash_descsize(struct crypto_shash *tfm) 734 { 735 return tfm->descsize; 736 } 737 738 static inline void *shash_desc_ctx(struct shash_desc *desc) 739 { 740 return desc->__ctx; 741 } 742 743 /** 744 * crypto_shash_setkey() - set key for message digest 745 * @tfm: cipher handle 746 * @key: buffer holding the key 747 * @keylen: length of the key in bytes 748 * 749 * The caller provided key is set for the keyed message digest cipher. The 750 * cipher handle must point to a keyed message digest cipher in order for this 751 * function to succeed. 752 * 753 * Return: 0 if the setting of the key was successful; < 0 if an error occurred 754 */ 755 int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, 756 unsigned int keylen); 757 758 /** 759 * crypto_shash_digest() - calculate message digest for buffer 760 * @desc: see crypto_shash_final() 761 * @data: see crypto_shash_update() 762 * @len: see crypto_shash_update() 763 * @out: see crypto_shash_final() 764 * 765 * This function is a "short-hand" for the function calls of crypto_shash_init, 766 * crypto_shash_update and crypto_shash_final. The parameters have the same 767 * meaning as discussed for those separate three functions. 768 * 769 * Return: 0 if the message digest creation was successful; < 0 if an error 770 * occurred 771 */ 772 int crypto_shash_digest(struct shash_desc *desc, const u8 *data, 773 unsigned int len, u8 *out); 774 775 /** 776 * crypto_shash_export() - extract operational state for message digest 777 * @desc: reference to the operational state handle whose state is exported 778 * @out: output buffer of sufficient size that can hold the hash state 779 * 780 * This function exports the hash state of the operational state handle into the 781 * caller-allocated output buffer out which must have sufficient size (e.g. by 782 * calling crypto_shash_descsize). 783 * 784 * Return: 0 if the export creation was successful; < 0 if an error occurred 785 */ 786 static inline int crypto_shash_export(struct shash_desc *desc, void *out) 787 { 788 return crypto_shash_alg(desc->tfm)->export(desc, out); 789 } 790 791 /** 792 * crypto_shash_import() - import operational state 793 * @desc: reference to the operational state handle the state imported into 794 * @in: buffer holding the state 795 * 796 * This function imports the hash state into the operational state handle from 797 * the input buffer. That buffer should have been generated with the 798 * crypto_ahash_export function. 799 * 800 * Return: 0 if the import was successful; < 0 if an error occurred 801 */ 802 static inline int crypto_shash_import(struct shash_desc *desc, const void *in) 803 { 804 return crypto_shash_alg(desc->tfm)->import(desc, in); 805 } 806 807 /** 808 * crypto_shash_init() - (re)initialize message digest 809 * @desc: operational state handle that is already filled 810 * 811 * The call (re-)initializes the message digest referenced by the 812 * operational state handle. Any potentially existing state created by 813 * previous operations is discarded. 814 * 815 * Return: 0 if the message digest initialization was successful; < 0 if an 816 * error occurred 817 */ 818 static inline int crypto_shash_init(struct shash_desc *desc) 819 { 820 return crypto_shash_alg(desc->tfm)->init(desc); 821 } 822 823 /** 824 * crypto_shash_update() - add data to message digest for processing 825 * @desc: operational state handle that is already initialized 826 * @data: input data to be added to the message digest 827 * @len: length of the input data 828 * 829 * Updates the message digest state of the operational state handle. 830 * 831 * Return: 0 if the message digest update was successful; < 0 if an error 832 * occurred 833 */ 834 int crypto_shash_update(struct shash_desc *desc, const u8 *data, 835 unsigned int len); 836 837 /** 838 * crypto_shash_final() - calculate message digest 839 * @desc: operational state handle that is already filled with data 840 * @out: output buffer filled with the message digest 841 * 842 * Finalize the message digest operation and create the message digest 843 * based on all data added to the cipher handle. The message digest is placed 844 * into the output buffer. The caller must ensure that the output buffer is 845 * large enough by using crypto_shash_digestsize. 846 * 847 * Return: 0 if the message digest creation was successful; < 0 if an error 848 * occurred 849 */ 850 int crypto_shash_final(struct shash_desc *desc, u8 *out); 851 852 /** 853 * crypto_shash_finup() - calculate message digest of buffer 854 * @desc: see crypto_shash_final() 855 * @data: see crypto_shash_update() 856 * @len: see crypto_shash_update() 857 * @out: see crypto_shash_final() 858 * 859 * This function is a "short-hand" for the function calls of 860 * crypto_shash_update and crypto_shash_final. The parameters have the same 861 * meaning as discussed for those separate functions. 862 * 863 * Return: 0 if the message digest creation was successful; < 0 if an error 864 * occurred 865 */ 866 int crypto_shash_finup(struct shash_desc *desc, const u8 *data, 867 unsigned int len, u8 *out); 868 869 #endif /* _CRYPTO_HASH_H */ 870