xref: /openbmc/linux/include/crypto/hash.h (revision 9b9c2cd4)
1 /*
2  * Hash: Hash algorithms under the crypto API
3  *
4  * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au>
5  *
6  * This program is free software; you can redistribute it and/or modify it
7  * under the terms of the GNU General Public License as published by the Free
8  * Software Foundation; either version 2 of the License, or (at your option)
9  * any later version.
10  *
11  */
12 
13 #ifndef _CRYPTO_HASH_H
14 #define _CRYPTO_HASH_H
15 
16 #include <linux/crypto.h>
17 
18 struct crypto_ahash;
19 
20 /**
21  * DOC: Message Digest Algorithm Definitions
22  *
23  * These data structures define modular message digest algorithm
24  * implementations, managed via crypto_register_ahash(),
25  * crypto_register_shash(), crypto_unregister_ahash() and
26  * crypto_unregister_shash().
27  */
28 
29 /**
30  * struct hash_alg_common - define properties of message digest
31  * @digestsize: Size of the result of the transformation. A buffer of this size
32  *	        must be available to the @final and @finup calls, so they can
33  *	        store the resulting hash into it. For various predefined sizes,
34  *	        search include/crypto/ using
35  *	        git grep _DIGEST_SIZE include/crypto.
36  * @statesize: Size of the block for partial state of the transformation. A
37  *	       buffer of this size must be passed to the @export function as it
38  *	       will save the partial state of the transformation into it. On the
39  *	       other side, the @import function will load the state from a
40  *	       buffer of this size as well.
41  * @base: Start of data structure of cipher algorithm. The common data
42  *	  structure of crypto_alg contains information common to all ciphers.
43  *	  The hash_alg_common data structure now adds the hash-specific
44  *	  information.
45  */
46 struct hash_alg_common {
47 	unsigned int digestsize;
48 	unsigned int statesize;
49 
50 	struct crypto_alg base;
51 };
52 
53 struct ahash_request {
54 	struct crypto_async_request base;
55 
56 	unsigned int nbytes;
57 	struct scatterlist *src;
58 	u8 *result;
59 
60 	/* This field may only be used by the ahash API code. */
61 	void *priv;
62 
63 	void *__ctx[] CRYPTO_MINALIGN_ATTR;
64 };
65 
66 #define AHASH_REQUEST_ON_STACK(name, ahash) \
67 	char __##name##_desc[sizeof(struct ahash_request) + \
68 		crypto_ahash_reqsize(ahash)] CRYPTO_MINALIGN_ATTR; \
69 	struct ahash_request *name = (void *)__##name##_desc
70 
71 /**
72  * struct ahash_alg - asynchronous message digest definition
73  * @init: Initialize the transformation context. Intended only to initialize the
74  *	  state of the HASH transformation at the beginning. This shall fill in
75  *	  the internal structures used during the entire duration of the whole
76  *	  transformation. No data processing happens at this point.
77  * @update: Push a chunk of data into the driver for transformation. This
78  *	   function actually pushes blocks of data from upper layers into the
79  *	   driver, which then passes those to the hardware as seen fit. This
80  *	   function must not finalize the HASH transformation by calculating the
81  *	   final message digest as this only adds more data into the
82  *	   transformation. This function shall not modify the transformation
83  *	   context, as this function may be called in parallel with the same
84  *	   transformation object. Data processing can happen synchronously
85  *	   [SHASH] or asynchronously [AHASH] at this point.
86  * @final: Retrieve result from the driver. This function finalizes the
87  *	   transformation and retrieves the resulting hash from the driver and
88  *	   pushes it back to upper layers. No data processing happens at this
89  *	   point.
90  * @finup: Combination of @update and @final. This function is effectively a
91  *	   combination of @update and @final calls issued in sequence. As some
92  *	   hardware cannot do @update and @final separately, this callback was
93  *	   added to allow such hardware to be used at least by IPsec. Data
94  *	   processing can happen synchronously [SHASH] or asynchronously [AHASH]
95  *	   at this point.
96  * @digest: Combination of @init and @update and @final. This function
97  *	    effectively behaves as the entire chain of operations, @init,
98  *	    @update and @final issued in sequence. Just like @finup, this was
99  *	    added for hardware which cannot do even the @finup, but can only do
100  *	    the whole transformation in one run. Data processing can happen
101  *	    synchronously [SHASH] or asynchronously [AHASH] at this point.
102  * @setkey: Set optional key used by the hashing algorithm. Intended to push
103  *	    optional key used by the hashing algorithm from upper layers into
104  *	    the driver. This function can store the key in the transformation
105  *	    context or can outright program it into the hardware. In the former
106  *	    case, one must be careful to program the key into the hardware at
107  *	    appropriate time and one must be careful that .setkey() can be
108  *	    called multiple times during the existence of the transformation
109  *	    object. Not  all hashing algorithms do implement this function as it
110  *	    is only needed for keyed message digests. SHAx/MDx/CRCx do NOT
111  *	    implement this function. HMAC(MDx)/HMAC(SHAx)/CMAC(AES) do implement
112  *	    this function. This function must be called before any other of the
113  *	    @init, @update, @final, @finup, @digest is called. No data
114  *	    processing happens at this point.
115  * @export: Export partial state of the transformation. This function dumps the
116  *	    entire state of the ongoing transformation into a provided block of
117  *	    data so it can be @import 'ed back later on. This is useful in case
118  *	    you want to save partial result of the transformation after
119  *	    processing certain amount of data and reload this partial result
120  *	    multiple times later on for multiple re-use. No data processing
121  *	    happens at this point.
122  * @import: Import partial state of the transformation. This function loads the
123  *	    entire state of the ongoing transformation from a provided block of
124  *	    data so the transformation can continue from this point onward. No
125  *	    data processing happens at this point.
126  * @halg: see struct hash_alg_common
127  */
128 struct ahash_alg {
129 	int (*init)(struct ahash_request *req);
130 	int (*update)(struct ahash_request *req);
131 	int (*final)(struct ahash_request *req);
132 	int (*finup)(struct ahash_request *req);
133 	int (*digest)(struct ahash_request *req);
134 	int (*export)(struct ahash_request *req, void *out);
135 	int (*import)(struct ahash_request *req, const void *in);
136 	int (*setkey)(struct crypto_ahash *tfm, const u8 *key,
137 		      unsigned int keylen);
138 
139 	struct hash_alg_common halg;
140 };
141 
142 struct shash_desc {
143 	struct crypto_shash *tfm;
144 	u32 flags;
145 
146 	void *__ctx[] CRYPTO_MINALIGN_ATTR;
147 };
148 
149 #define SHASH_DESC_ON_STACK(shash, ctx)				  \
150 	char __##shash##_desc[sizeof(struct shash_desc) +	  \
151 		crypto_shash_descsize(ctx)] CRYPTO_MINALIGN_ATTR; \
152 	struct shash_desc *shash = (struct shash_desc *)__##shash##_desc
153 
154 /**
155  * struct shash_alg - synchronous message digest definition
156  * @init: see struct ahash_alg
157  * @update: see struct ahash_alg
158  * @final: see struct ahash_alg
159  * @finup: see struct ahash_alg
160  * @digest: see struct ahash_alg
161  * @export: see struct ahash_alg
162  * @import: see struct ahash_alg
163  * @setkey: see struct ahash_alg
164  * @digestsize: see struct ahash_alg
165  * @statesize: see struct ahash_alg
166  * @descsize: Size of the operational state for the message digest. This state
167  * 	      size is the memory size that needs to be allocated for
168  *	      shash_desc.__ctx
169  * @base: internally used
170  */
171 struct shash_alg {
172 	int (*init)(struct shash_desc *desc);
173 	int (*update)(struct shash_desc *desc, const u8 *data,
174 		      unsigned int len);
175 	int (*final)(struct shash_desc *desc, u8 *out);
176 	int (*finup)(struct shash_desc *desc, const u8 *data,
177 		     unsigned int len, u8 *out);
178 	int (*digest)(struct shash_desc *desc, const u8 *data,
179 		      unsigned int len, u8 *out);
180 	int (*export)(struct shash_desc *desc, void *out);
181 	int (*import)(struct shash_desc *desc, const void *in);
182 	int (*setkey)(struct crypto_shash *tfm, const u8 *key,
183 		      unsigned int keylen);
184 
185 	unsigned int descsize;
186 
187 	/* These fields must match hash_alg_common. */
188 	unsigned int digestsize
189 		__attribute__ ((aligned(__alignof__(struct hash_alg_common))));
190 	unsigned int statesize;
191 
192 	struct crypto_alg base;
193 };
194 
195 struct crypto_ahash {
196 	int (*init)(struct ahash_request *req);
197 	int (*update)(struct ahash_request *req);
198 	int (*final)(struct ahash_request *req);
199 	int (*finup)(struct ahash_request *req);
200 	int (*digest)(struct ahash_request *req);
201 	int (*export)(struct ahash_request *req, void *out);
202 	int (*import)(struct ahash_request *req, const void *in);
203 	int (*setkey)(struct crypto_ahash *tfm, const u8 *key,
204 		      unsigned int keylen);
205 
206 	unsigned int reqsize;
207 	struct crypto_tfm base;
208 };
209 
210 struct crypto_shash {
211 	unsigned int descsize;
212 	struct crypto_tfm base;
213 };
214 
215 /**
216  * DOC: Asynchronous Message Digest API
217  *
218  * The asynchronous message digest API is used with the ciphers of type
219  * CRYPTO_ALG_TYPE_AHASH (listed as type "ahash" in /proc/crypto)
220  *
221  * The asynchronous cipher operation discussion provided for the
222  * CRYPTO_ALG_TYPE_ABLKCIPHER API applies here as well.
223  */
224 
225 static inline struct crypto_ahash *__crypto_ahash_cast(struct crypto_tfm *tfm)
226 {
227 	return container_of(tfm, struct crypto_ahash, base);
228 }
229 
230 /**
231  * crypto_alloc_ahash() - allocate ahash cipher handle
232  * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
233  *	      ahash cipher
234  * @type: specifies the type of the cipher
235  * @mask: specifies the mask for the cipher
236  *
237  * Allocate a cipher handle for an ahash. The returned struct
238  * crypto_ahash is the cipher handle that is required for any subsequent
239  * API invocation for that ahash.
240  *
241  * Return: allocated cipher handle in case of success; IS_ERR() is true in case
242  *	   of an error, PTR_ERR() returns the error code.
243  */
244 struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type,
245 					u32 mask);
246 
247 static inline struct crypto_tfm *crypto_ahash_tfm(struct crypto_ahash *tfm)
248 {
249 	return &tfm->base;
250 }
251 
252 /**
253  * crypto_free_ahash() - zeroize and free the ahash handle
254  * @tfm: cipher handle to be freed
255  */
256 static inline void crypto_free_ahash(struct crypto_ahash *tfm)
257 {
258 	crypto_destroy_tfm(tfm, crypto_ahash_tfm(tfm));
259 }
260 
261 static inline unsigned int crypto_ahash_alignmask(
262 	struct crypto_ahash *tfm)
263 {
264 	return crypto_tfm_alg_alignmask(crypto_ahash_tfm(tfm));
265 }
266 
267 /**
268  * crypto_ahash_blocksize() - obtain block size for cipher
269  * @tfm: cipher handle
270  *
271  * The block size for the message digest cipher referenced with the cipher
272  * handle is returned.
273  *
274  * Return: block size of cipher
275  */
276 static inline unsigned int crypto_ahash_blocksize(struct crypto_ahash *tfm)
277 {
278 	return crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm));
279 }
280 
281 static inline struct hash_alg_common *__crypto_hash_alg_common(
282 	struct crypto_alg *alg)
283 {
284 	return container_of(alg, struct hash_alg_common, base);
285 }
286 
287 static inline struct hash_alg_common *crypto_hash_alg_common(
288 	struct crypto_ahash *tfm)
289 {
290 	return __crypto_hash_alg_common(crypto_ahash_tfm(tfm)->__crt_alg);
291 }
292 
293 /**
294  * crypto_ahash_digestsize() - obtain message digest size
295  * @tfm: cipher handle
296  *
297  * The size for the message digest created by the message digest cipher
298  * referenced with the cipher handle is returned.
299  *
300  *
301  * Return: message digest size of cipher
302  */
303 static inline unsigned int crypto_ahash_digestsize(struct crypto_ahash *tfm)
304 {
305 	return crypto_hash_alg_common(tfm)->digestsize;
306 }
307 
308 static inline unsigned int crypto_ahash_statesize(struct crypto_ahash *tfm)
309 {
310 	return crypto_hash_alg_common(tfm)->statesize;
311 }
312 
313 static inline u32 crypto_ahash_get_flags(struct crypto_ahash *tfm)
314 {
315 	return crypto_tfm_get_flags(crypto_ahash_tfm(tfm));
316 }
317 
318 static inline void crypto_ahash_set_flags(struct crypto_ahash *tfm, u32 flags)
319 {
320 	crypto_tfm_set_flags(crypto_ahash_tfm(tfm), flags);
321 }
322 
323 static inline void crypto_ahash_clear_flags(struct crypto_ahash *tfm, u32 flags)
324 {
325 	crypto_tfm_clear_flags(crypto_ahash_tfm(tfm), flags);
326 }
327 
328 /**
329  * crypto_ahash_reqtfm() - obtain cipher handle from request
330  * @req: asynchronous request handle that contains the reference to the ahash
331  *	 cipher handle
332  *
333  * Return the ahash cipher handle that is registered with the asynchronous
334  * request handle ahash_request.
335  *
336  * Return: ahash cipher handle
337  */
338 static inline struct crypto_ahash *crypto_ahash_reqtfm(
339 	struct ahash_request *req)
340 {
341 	return __crypto_ahash_cast(req->base.tfm);
342 }
343 
344 /**
345  * crypto_ahash_reqsize() - obtain size of the request data structure
346  * @tfm: cipher handle
347  *
348  * Return the size of the ahash state size. With the crypto_ahash_export
349  * function, the caller can export the state into a buffer whose size is
350  * defined with this function.
351  *
352  * Return: size of the ahash state
353  */
354 static inline unsigned int crypto_ahash_reqsize(struct crypto_ahash *tfm)
355 {
356 	return tfm->reqsize;
357 }
358 
359 static inline void *ahash_request_ctx(struct ahash_request *req)
360 {
361 	return req->__ctx;
362 }
363 
364 /**
365  * crypto_ahash_setkey - set key for cipher handle
366  * @tfm: cipher handle
367  * @key: buffer holding the key
368  * @keylen: length of the key in bytes
369  *
370  * The caller provided key is set for the ahash cipher. The cipher
371  * handle must point to a keyed hash in order for this function to succeed.
372  *
373  * Return: 0 if the setting of the key was successful; < 0 if an error occurred
374  */
375 int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
376 			unsigned int keylen);
377 
378 /**
379  * crypto_ahash_finup() - update and finalize message digest
380  * @req: reference to the ahash_request handle that holds all information
381  *	 needed to perform the cipher operation
382  *
383  * This function is a "short-hand" for the function calls of
384  * crypto_ahash_update and crypto_shash_final. The parameters have the same
385  * meaning as discussed for those separate functions.
386  *
387  * Return: 0 if the message digest creation was successful; < 0 if an error
388  *	   occurred
389  */
390 int crypto_ahash_finup(struct ahash_request *req);
391 
392 /**
393  * crypto_ahash_final() - calculate message digest
394  * @req: reference to the ahash_request handle that holds all information
395  *	 needed to perform the cipher operation
396  *
397  * Finalize the message digest operation and create the message digest
398  * based on all data added to the cipher handle. The message digest is placed
399  * into the output buffer registered with the ahash_request handle.
400  *
401  * Return: 0 if the message digest creation was successful; < 0 if an error
402  *	   occurred
403  */
404 int crypto_ahash_final(struct ahash_request *req);
405 
406 /**
407  * crypto_ahash_digest() - calculate message digest for a buffer
408  * @req: reference to the ahash_request handle that holds all information
409  *	 needed to perform the cipher operation
410  *
411  * This function is a "short-hand" for the function calls of crypto_ahash_init,
412  * crypto_ahash_update and crypto_ahash_final. The parameters have the same
413  * meaning as discussed for those separate three functions.
414  *
415  * Return: 0 if the message digest creation was successful; < 0 if an error
416  *	   occurred
417  */
418 int crypto_ahash_digest(struct ahash_request *req);
419 
420 /**
421  * crypto_ahash_export() - extract current message digest state
422  * @req: reference to the ahash_request handle whose state is exported
423  * @out: output buffer of sufficient size that can hold the hash state
424  *
425  * This function exports the hash state of the ahash_request handle into the
426  * caller-allocated output buffer out which must have sufficient size (e.g. by
427  * calling crypto_ahash_reqsize).
428  *
429  * Return: 0 if the export was successful; < 0 if an error occurred
430  */
431 static inline int crypto_ahash_export(struct ahash_request *req, void *out)
432 {
433 	return crypto_ahash_reqtfm(req)->export(req, out);
434 }
435 
436 /**
437  * crypto_ahash_import() - import message digest state
438  * @req: reference to ahash_request handle the state is imported into
439  * @in: buffer holding the state
440  *
441  * This function imports the hash state into the ahash_request handle from the
442  * input buffer. That buffer should have been generated with the
443  * crypto_ahash_export function.
444  *
445  * Return: 0 if the import was successful; < 0 if an error occurred
446  */
447 static inline int crypto_ahash_import(struct ahash_request *req, const void *in)
448 {
449 	return crypto_ahash_reqtfm(req)->import(req, in);
450 }
451 
452 /**
453  * crypto_ahash_init() - (re)initialize message digest handle
454  * @req: ahash_request handle that already is initialized with all necessary
455  *	 data using the ahash_request_* API functions
456  *
457  * The call (re-)initializes the message digest referenced by the ahash_request
458  * handle. Any potentially existing state created by previous operations is
459  * discarded.
460  *
461  * Return: 0 if the message digest initialization was successful; < 0 if an
462  *	   error occurred
463  */
464 static inline int crypto_ahash_init(struct ahash_request *req)
465 {
466 	return crypto_ahash_reqtfm(req)->init(req);
467 }
468 
469 /**
470  * crypto_ahash_update() - add data to message digest for processing
471  * @req: ahash_request handle that was previously initialized with the
472  *	 crypto_ahash_init call.
473  *
474  * Updates the message digest state of the &ahash_request handle. The input data
475  * is pointed to by the scatter/gather list registered in the &ahash_request
476  * handle
477  *
478  * Return: 0 if the message digest update was successful; < 0 if an error
479  *	   occurred
480  */
481 static inline int crypto_ahash_update(struct ahash_request *req)
482 {
483 	return crypto_ahash_reqtfm(req)->update(req);
484 }
485 
486 /**
487  * DOC: Asynchronous Hash Request Handle
488  *
489  * The &ahash_request data structure contains all pointers to data
490  * required for the asynchronous cipher operation. This includes the cipher
491  * handle (which can be used by multiple &ahash_request instances), pointer
492  * to plaintext and the message digest output buffer, asynchronous callback
493  * function, etc. It acts as a handle to the ahash_request_* API calls in a
494  * similar way as ahash handle to the crypto_ahash_* API calls.
495  */
496 
497 /**
498  * ahash_request_set_tfm() - update cipher handle reference in request
499  * @req: request handle to be modified
500  * @tfm: cipher handle that shall be added to the request handle
501  *
502  * Allow the caller to replace the existing ahash handle in the request
503  * data structure with a different one.
504  */
505 static inline void ahash_request_set_tfm(struct ahash_request *req,
506 					 struct crypto_ahash *tfm)
507 {
508 	req->base.tfm = crypto_ahash_tfm(tfm);
509 }
510 
511 /**
512  * ahash_request_alloc() - allocate request data structure
513  * @tfm: cipher handle to be registered with the request
514  * @gfp: memory allocation flag that is handed to kmalloc by the API call.
515  *
516  * Allocate the request data structure that must be used with the ahash
517  * message digest API calls. During
518  * the allocation, the provided ahash handle
519  * is registered in the request data structure.
520  *
521  * Return: allocated request handle in case of success; IS_ERR() is true in case
522  *	   of an error, PTR_ERR() returns the error code.
523  */
524 static inline struct ahash_request *ahash_request_alloc(
525 	struct crypto_ahash *tfm, gfp_t gfp)
526 {
527 	struct ahash_request *req;
528 
529 	req = kmalloc(sizeof(struct ahash_request) +
530 		      crypto_ahash_reqsize(tfm), gfp);
531 
532 	if (likely(req))
533 		ahash_request_set_tfm(req, tfm);
534 
535 	return req;
536 }
537 
538 /**
539  * ahash_request_free() - zeroize and free the request data structure
540  * @req: request data structure cipher handle to be freed
541  */
542 static inline void ahash_request_free(struct ahash_request *req)
543 {
544 	kzfree(req);
545 }
546 
547 static inline struct ahash_request *ahash_request_cast(
548 	struct crypto_async_request *req)
549 {
550 	return container_of(req, struct ahash_request, base);
551 }
552 
553 /**
554  * ahash_request_set_callback() - set asynchronous callback function
555  * @req: request handle
556  * @flags: specify zero or an ORing of the flags
557  *	   CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and
558  *	   increase the wait queue beyond the initial maximum size;
559  *	   CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep
560  * @compl: callback function pointer to be registered with the request handle
561  * @data: The data pointer refers to memory that is not used by the kernel
562  *	  crypto API, but provided to the callback function for it to use. Here,
563  *	  the caller can provide a reference to memory the callback function can
564  *	  operate on. As the callback function is invoked asynchronously to the
565  *	  related functionality, it may need to access data structures of the
566  *	  related functionality which can be referenced using this pointer. The
567  *	  callback function can access the memory via the "data" field in the
568  *	  &crypto_async_request data structure provided to the callback function.
569  *
570  * This function allows setting the callback function that is triggered once
571  * the cipher operation completes.
572  *
573  * The callback function is registered with the &ahash_request handle and
574  * must comply with the following template
575  *
576  *	void callback_function(struct crypto_async_request *req, int error)
577  */
578 static inline void ahash_request_set_callback(struct ahash_request *req,
579 					      u32 flags,
580 					      crypto_completion_t compl,
581 					      void *data)
582 {
583 	req->base.complete = compl;
584 	req->base.data = data;
585 	req->base.flags = flags;
586 }
587 
588 /**
589  * ahash_request_set_crypt() - set data buffers
590  * @req: ahash_request handle to be updated
591  * @src: source scatter/gather list
592  * @result: buffer that is filled with the message digest -- the caller must
593  *	    ensure that the buffer has sufficient space by, for example, calling
594  *	    crypto_ahash_digestsize()
595  * @nbytes: number of bytes to process from the source scatter/gather list
596  *
597  * By using this call, the caller references the source scatter/gather list.
598  * The source scatter/gather list points to the data the message digest is to
599  * be calculated for.
600  */
601 static inline void ahash_request_set_crypt(struct ahash_request *req,
602 					   struct scatterlist *src, u8 *result,
603 					   unsigned int nbytes)
604 {
605 	req->src = src;
606 	req->nbytes = nbytes;
607 	req->result = result;
608 }
609 
610 /**
611  * DOC: Synchronous Message Digest API
612  *
613  * The synchronous message digest API is used with the ciphers of type
614  * CRYPTO_ALG_TYPE_SHASH (listed as type "shash" in /proc/crypto)
615  *
616  * The message digest API is able to maintain state information for the
617  * caller.
618  *
619  * The synchronous message digest API can store user-related context in in its
620  * shash_desc request data structure.
621  */
622 
623 /**
624  * crypto_alloc_shash() - allocate message digest handle
625  * @alg_name: is the cra_name / name or cra_driver_name / driver name of the
626  *	      message digest cipher
627  * @type: specifies the type of the cipher
628  * @mask: specifies the mask for the cipher
629  *
630  * Allocate a cipher handle for a message digest. The returned &struct
631  * crypto_shash is the cipher handle that is required for any subsequent
632  * API invocation for that message digest.
633  *
634  * Return: allocated cipher handle in case of success; IS_ERR() is true in case
635  *	   of an error, PTR_ERR() returns the error code.
636  */
637 struct crypto_shash *crypto_alloc_shash(const char *alg_name, u32 type,
638 					u32 mask);
639 
640 static inline struct crypto_tfm *crypto_shash_tfm(struct crypto_shash *tfm)
641 {
642 	return &tfm->base;
643 }
644 
645 /**
646  * crypto_free_shash() - zeroize and free the message digest handle
647  * @tfm: cipher handle to be freed
648  */
649 static inline void crypto_free_shash(struct crypto_shash *tfm)
650 {
651 	crypto_destroy_tfm(tfm, crypto_shash_tfm(tfm));
652 }
653 
654 static inline unsigned int crypto_shash_alignmask(
655 	struct crypto_shash *tfm)
656 {
657 	return crypto_tfm_alg_alignmask(crypto_shash_tfm(tfm));
658 }
659 
660 /**
661  * crypto_shash_blocksize() - obtain block size for cipher
662  * @tfm: cipher handle
663  *
664  * The block size for the message digest cipher referenced with the cipher
665  * handle is returned.
666  *
667  * Return: block size of cipher
668  */
669 static inline unsigned int crypto_shash_blocksize(struct crypto_shash *tfm)
670 {
671 	return crypto_tfm_alg_blocksize(crypto_shash_tfm(tfm));
672 }
673 
674 static inline struct shash_alg *__crypto_shash_alg(struct crypto_alg *alg)
675 {
676 	return container_of(alg, struct shash_alg, base);
677 }
678 
679 static inline struct shash_alg *crypto_shash_alg(struct crypto_shash *tfm)
680 {
681 	return __crypto_shash_alg(crypto_shash_tfm(tfm)->__crt_alg);
682 }
683 
684 /**
685  * crypto_shash_digestsize() - obtain message digest size
686  * @tfm: cipher handle
687  *
688  * The size for the message digest created by the message digest cipher
689  * referenced with the cipher handle is returned.
690  *
691  * Return: digest size of cipher
692  */
693 static inline unsigned int crypto_shash_digestsize(struct crypto_shash *tfm)
694 {
695 	return crypto_shash_alg(tfm)->digestsize;
696 }
697 
698 static inline unsigned int crypto_shash_statesize(struct crypto_shash *tfm)
699 {
700 	return crypto_shash_alg(tfm)->statesize;
701 }
702 
703 static inline u32 crypto_shash_get_flags(struct crypto_shash *tfm)
704 {
705 	return crypto_tfm_get_flags(crypto_shash_tfm(tfm));
706 }
707 
708 static inline void crypto_shash_set_flags(struct crypto_shash *tfm, u32 flags)
709 {
710 	crypto_tfm_set_flags(crypto_shash_tfm(tfm), flags);
711 }
712 
713 static inline void crypto_shash_clear_flags(struct crypto_shash *tfm, u32 flags)
714 {
715 	crypto_tfm_clear_flags(crypto_shash_tfm(tfm), flags);
716 }
717 
718 /**
719  * crypto_shash_descsize() - obtain the operational state size
720  * @tfm: cipher handle
721  *
722  * The size of the operational state the cipher needs during operation is
723  * returned for the hash referenced with the cipher handle. This size is
724  * required to calculate the memory requirements to allow the caller allocating
725  * sufficient memory for operational state.
726  *
727  * The operational state is defined with struct shash_desc where the size of
728  * that data structure is to be calculated as
729  * sizeof(struct shash_desc) + crypto_shash_descsize(alg)
730  *
731  * Return: size of the operational state
732  */
733 static inline unsigned int crypto_shash_descsize(struct crypto_shash *tfm)
734 {
735 	return tfm->descsize;
736 }
737 
738 static inline void *shash_desc_ctx(struct shash_desc *desc)
739 {
740 	return desc->__ctx;
741 }
742 
743 /**
744  * crypto_shash_setkey() - set key for message digest
745  * @tfm: cipher handle
746  * @key: buffer holding the key
747  * @keylen: length of the key in bytes
748  *
749  * The caller provided key is set for the keyed message digest cipher. The
750  * cipher handle must point to a keyed message digest cipher in order for this
751  * function to succeed.
752  *
753  * Return: 0 if the setting of the key was successful; < 0 if an error occurred
754  */
755 int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key,
756 			unsigned int keylen);
757 
758 /**
759  * crypto_shash_digest() - calculate message digest for buffer
760  * @desc: see crypto_shash_final()
761  * @data: see crypto_shash_update()
762  * @len: see crypto_shash_update()
763  * @out: see crypto_shash_final()
764  *
765  * This function is a "short-hand" for the function calls of crypto_shash_init,
766  * crypto_shash_update and crypto_shash_final. The parameters have the same
767  * meaning as discussed for those separate three functions.
768  *
769  * Return: 0 if the message digest creation was successful; < 0 if an error
770  *	   occurred
771  */
772 int crypto_shash_digest(struct shash_desc *desc, const u8 *data,
773 			unsigned int len, u8 *out);
774 
775 /**
776  * crypto_shash_export() - extract operational state for message digest
777  * @desc: reference to the operational state handle whose state is exported
778  * @out: output buffer of sufficient size that can hold the hash state
779  *
780  * This function exports the hash state of the operational state handle into the
781  * caller-allocated output buffer out which must have sufficient size (e.g. by
782  * calling crypto_shash_descsize).
783  *
784  * Return: 0 if the export creation was successful; < 0 if an error occurred
785  */
786 static inline int crypto_shash_export(struct shash_desc *desc, void *out)
787 {
788 	return crypto_shash_alg(desc->tfm)->export(desc, out);
789 }
790 
791 /**
792  * crypto_shash_import() - import operational state
793  * @desc: reference to the operational state handle the state imported into
794  * @in: buffer holding the state
795  *
796  * This function imports the hash state into the operational state handle from
797  * the input buffer. That buffer should have been generated with the
798  * crypto_ahash_export function.
799  *
800  * Return: 0 if the import was successful; < 0 if an error occurred
801  */
802 static inline int crypto_shash_import(struct shash_desc *desc, const void *in)
803 {
804 	return crypto_shash_alg(desc->tfm)->import(desc, in);
805 }
806 
807 /**
808  * crypto_shash_init() - (re)initialize message digest
809  * @desc: operational state handle that is already filled
810  *
811  * The call (re-)initializes the message digest referenced by the
812  * operational state handle. Any potentially existing state created by
813  * previous operations is discarded.
814  *
815  * Return: 0 if the message digest initialization was successful; < 0 if an
816  *	   error occurred
817  */
818 static inline int crypto_shash_init(struct shash_desc *desc)
819 {
820 	return crypto_shash_alg(desc->tfm)->init(desc);
821 }
822 
823 /**
824  * crypto_shash_update() - add data to message digest for processing
825  * @desc: operational state handle that is already initialized
826  * @data: input data to be added to the message digest
827  * @len: length of the input data
828  *
829  * Updates the message digest state of the operational state handle.
830  *
831  * Return: 0 if the message digest update was successful; < 0 if an error
832  *	   occurred
833  */
834 int crypto_shash_update(struct shash_desc *desc, const u8 *data,
835 			unsigned int len);
836 
837 /**
838  * crypto_shash_final() - calculate message digest
839  * @desc: operational state handle that is already filled with data
840  * @out: output buffer filled with the message digest
841  *
842  * Finalize the message digest operation and create the message digest
843  * based on all data added to the cipher handle. The message digest is placed
844  * into the output buffer. The caller must ensure that the output buffer is
845  * large enough by using crypto_shash_digestsize.
846  *
847  * Return: 0 if the message digest creation was successful; < 0 if an error
848  *	   occurred
849  */
850 int crypto_shash_final(struct shash_desc *desc, u8 *out);
851 
852 /**
853  * crypto_shash_finup() - calculate message digest of buffer
854  * @desc: see crypto_shash_final()
855  * @data: see crypto_shash_update()
856  * @len: see crypto_shash_update()
857  * @out: see crypto_shash_final()
858  *
859  * This function is a "short-hand" for the function calls of
860  * crypto_shash_update and crypto_shash_final. The parameters have the same
861  * meaning as discussed for those separate functions.
862  *
863  * Return: 0 if the message digest creation was successful; < 0 if an error
864  *	   occurred
865  */
866 int crypto_shash_finup(struct shash_desc *desc, const u8 *data,
867 		       unsigned int len, u8 *out);
868 
869 #endif	/* _CRYPTO_HASH_H */
870