hash.h source code [linux/include/crypto/hash.h]

1	/ SPDX-License-Identifier: GPL-2.0-or-later /
2	/*
3	* Hash: Hash algorithms under the crypto API
4	*
5	* Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au>
6	*/
7
8	#ifndef _CRYPTO_HASH_H
9	#define _CRYPTO_HASH_H
10
11	#include <linux/atomic.h>
12	#include <linux/crypto.h>
13	#include <linux/string.h>
14
15	struct crypto_ahash;
16
17	/**
18	* DOC: Message Digest Algorithm Definitions
19	*
20	* These data structures define modular message digest algorithm
21	* implementations, managed via crypto_register_ahash(),
22	* crypto_register_shash(), crypto_unregister_ahash() and
23	* crypto_unregister_shash().
24	*/
25
26	/*
27	* struct crypto_istat_hash - statistics for has algorithm
28	* @hash_cnt: number of hash requests
29	* @hash_tlen: total data size hashed
30	* @err_cnt: number of error for hash requests
31	*/
32	struct crypto_istat_hash {
33	atomic64_t hash_cnt;
34	atomic64_t hash_tlen;
35	atomic64_t err_cnt;
36	};
37
38	#ifdef CONFIG_CRYPTO_STATS
39	#define HASH_ALG_COMMON_STAT struct crypto_istat_hash stat;
40	#else
41	#define HASH_ALG_COMMON_STAT
42	#endif
43
44	/*
45	* struct hash_alg_common - define properties of message digest
46	* @stat: Statistics for hash algorithm.
47	* @digestsize: Size of the result of the transformation. A buffer of this size
48	* must be available to the @final and @finup calls, so they can
49	* store the resulting hash into it. For various predefined sizes,
50	* search include/crypto/ using
51	* git grep _DIGEST_SIZE include/crypto.
52	* @statesize: Size of the block for partial state of the transformation. A
53	* buffer of this size must be passed to the @export function as it
54	* will save the partial state of the transformation into it. On the
55	* other side, the @import function will load the state from a
56	* buffer of this size as well.
57	* @base: Start of data structure of cipher algorithm. The common data
58	* structure of crypto_alg contains information common to all ciphers.
59	* The hash_alg_common data structure now adds the hash-specific
60	* information.
61	*/
62	#define HASH_ALG_COMMON { \
63	HASH_ALG_COMMON_STAT \
64	\
65	unsigned int digestsize; \
66	unsigned int statesize; \
67	\
68	struct crypto_alg base; \
69	}
70	struct hash_alg_common HASH_ALG_COMMON;
71
72	struct ahash_request {
73	struct crypto_async_request base;
74
75	unsigned int nbytes;
76	struct scatterlist *src;
77	u8 *result;
78
79	/ This field may only be used by the ahash API code. /
80	void *priv;
81
82	void *__ctx[] CRYPTO_MINALIGN_ATTR;
83	};
84
85	/**
86	* struct ahash_alg - asynchronous message digest definition
87	* @init: [mandatory] Initialize the transformation context. Intended only to initialize the
88	* state of the HASH transformation at the beginning. This shall fill in
89	* the internal structures used during the entire duration of the whole
90	* transformation. No data processing happens at this point. Driver code
91	* implementation must not use req->result.
92	* @update: [mandatory] Push a chunk of data into the driver for transformation. This
93	* function actually pushes blocks of data from upper layers into the
94	* driver, which then passes those to the hardware as seen fit. This
95	* function must not finalize the HASH transformation by calculating the
96	* final message digest as this only adds more data into the
97	* transformation. This function shall not modify the transformation
98	* context, as this function may be called in parallel with the same
99	* transformation object. Data processing can happen synchronously
100	* [SHASH] or asynchronously [AHASH] at this point. Driver must not use
101	* req->result.
102	* @final: [mandatory] Retrieve result from the driver. This function finalizes the
103	* transformation and retrieves the resulting hash from the driver and
104	* pushes it back to upper layers. No data processing happens at this
105	* point unless hardware requires it to finish the transformation
106	* (then the data buffered by the device driver is processed).
107	* @finup: [optional] Combination of @update and @final. This function is effectively a
108	* combination of @update and @final calls issued in sequence. As some
109	* hardware cannot do @update and @final separately, this callback was
110	* added to allow such hardware to be used at least by IPsec. Data
111	* processing can happen synchronously [SHASH] or asynchronously [AHASH]
112	* at this point.
113	* @digest: Combination of @init and @update and @final. This function
114	* effectively behaves as the entire chain of operations, @init,
115	* @update and @final issued in sequence. Just like @finup, this was
116	* added for hardware which cannot do even the @finup, but can only do
117	* the whole transformation in one run. Data processing can happen
118	* synchronously [SHASH] or asynchronously [AHASH] at this point.
119	* @setkey: Set optional key used by the hashing algorithm. Intended to push
120	* optional key used by the hashing algorithm from upper layers into
121	* the driver. This function can store the key in the transformation
122	* context or can outright program it into the hardware. In the former
123	* case, one must be careful to program the key into the hardware at
124	* appropriate time and one must be careful that .setkey() can be
125	* called multiple times during the existence of the transformation
126	* object. Not all hashing algorithms do implement this function as it
127	* is only needed for keyed message digests. SHAx/MDx/CRCx do NOT
128	* implement this function. HMAC(MDx)/HMAC(SHAx)/CMAC(AES) do implement
129	* this function. This function must be called before any other of the
130	* @init, @update, @final, @finup, @digest is called. No data
131	* processing happens at this point.
132	* @export: Export partial state of the transformation. This function dumps the
133	* entire state of the ongoing transformation into a provided block of
134	* data so it can be @import 'ed back later on. This is useful in case
135	* you want to save partial result of the transformation after
136	* processing certain amount of data and reload this partial result
137	* multiple times later on for multiple re-use. No data processing
138	* happens at this point. Driver must not use req->result.
139	* @import: Import partial state of the transformation. This function loads the
140	* entire state of the ongoing transformation from a provided block of
141	* data so the transformation can continue from this point onward. No
142	* data processing happens at this point. Driver must not use
143	* req->result.
144	* @init_tfm: Initialize the cryptographic transformation object.
145	* This function is called only once at the instantiation
146	* time, right after the transformation context was
147	* allocated. In case the cryptographic hardware has
148	* some special requirements which need to be handled
149	* by software, this function shall check for the precise
150	* requirement of the transformation and put any software
151	* fallbacks in place.
152	* @exit_tfm: Deinitialize the cryptographic transformation object.
153	* This is a counterpart to @init_tfm, used to remove
154	* various changes set in @init_tfm.
155	* @clone_tfm: Copy transform into new object, may allocate memory.
156	* @halg: see struct hash_alg_common
157	*/
158	struct ahash_alg {
159	int (init)(struct* ahash_request *req);
160	int (update)(struct* ahash_request *req);
161	int (final)(struct* ahash_request *req);
162	int (finup)(struct* ahash_request *req);
163	int (digest)(struct* ahash_request *req);
164	int (export)(struct* ahash_request req, void* *out);
165	int (import)(struct* ahash_request req, const* void *in);
166	int (setkey)(struct* crypto_ahash tfm, const* u8 *key,
167	unsigned int keylen);
168	int (init_tfm)(struct* crypto_ahash *tfm);
169	void (exit_tfm)(struct* crypto_ahash *tfm);
170	int (clone_tfm)(struct* crypto_ahash dst, struct* crypto_ahash *src);
171
172	struct hash_alg_common halg;
173	};
174
175	struct shash_desc {
176	struct crypto_shash *tfm;
177	void *__ctx[] __aligned(ARCH_SLAB_MINALIGN);
178	};
179
180	#define HASH_MAX_DIGESTSIZE 64
181
182	/*
183	* Worst case is hmac(sha3-224-generic). Its context is a nested 'shash_desc'
184	* containing a 'struct sha3_state'.
185	*/
186	#define HASH_MAX_DESCSIZE (sizeof(struct shash_desc) + 360)
187
188	#define SHASH_DESC_ON_STACK(shash, ctx) \
189	char __##shash##_desc[sizeof(struct shash_desc) + HASH_MAX_DESCSIZE] \
190	__aligned(__alignof__(struct shash_desc)); \
191	struct shash_desc shash = (struct shash_desc )__##shash##_desc
192
193	/**
194	* struct shash_alg - synchronous message digest definition
195	* @init: see struct ahash_alg
196	* @update: see struct ahash_alg
197	* @final: see struct ahash_alg
198	* @finup: see struct ahash_alg
199	* @digest: see struct ahash_alg
200	* @export: see struct ahash_alg
201	* @import: see struct ahash_alg
202	* @setkey: see struct ahash_alg
203	* @init_tfm: Initialize the cryptographic transformation object.
204	* This function is called only once at the instantiation
205	* time, right after the transformation context was
206	* allocated. In case the cryptographic hardware has
207	* some special requirements which need to be handled
208	* by software, this function shall check for the precise
209	* requirement of the transformation and put any software
210	* fallbacks in place.
211	* @exit_tfm: Deinitialize the cryptographic transformation object.
212	* This is a counterpart to @init_tfm, used to remove
213	* various changes set in @init_tfm.
214	* @clone_tfm: Copy transform into new object, may allocate memory.
215	* @descsize: Size of the operational state for the message digest. This state
216	* size is the memory size that needs to be allocated for
217	* shash_desc.__ctx
218	* @halg: see struct hash_alg_common
219	* @HASH_ALG_COMMON: see struct hash_alg_common
220	*/
221	struct shash_alg {
222	int (init)(struct* shash_desc *desc);
223	int (update)(struct* shash_desc desc, const* u8 *data,
224	unsigned int len);
225	int (final)(struct* shash_desc desc, u8 out);
226	int (finup)(struct* shash_desc desc, const* u8 *data,
227	unsigned int len, u8 *out);
228	int (digest)(struct* shash_desc desc, const* u8 *data,
229	unsigned int len, u8 *out);
230	int (export)(struct* shash_desc desc, void* *out);
231	int (import)(struct* shash_desc desc, const* void *in);
232	int (setkey)(struct* crypto_shash tfm, const* u8 *key,
233	unsigned int keylen);
234	int (init_tfm)(struct* crypto_shash *tfm);
235	void (exit_tfm)(struct* crypto_shash *tfm);
236	int (clone_tfm)(struct* crypto_shash dst, struct* crypto_shash *src);
237
238	unsigned int descsize;
239
240	union {
241	struct HASH_ALG_COMMON;
242	struct hash_alg_common halg;
243	};
244	};
245	#undef HASH_ALG_COMMON
246	#undef HASH_ALG_COMMON_STAT
247
248	struct crypto_ahash {
249	bool using_shash; / Underlying algorithm is shash, not ahash /
250	unsigned int statesize;
251	unsigned int reqsize;
252	struct crypto_tfm base;
253	};
254
255	struct crypto_shash {
256	unsigned int descsize;
257	struct crypto_tfm base;
258	};
259
260	/**
261	* DOC: Asynchronous Message Digest API
262	*
263	* The asynchronous message digest API is used with the ciphers of type
264	* CRYPTO_ALG_TYPE_AHASH (listed as type "ahash" in /proc/crypto)
265	*
266	* The asynchronous cipher operation discussion provided for the
267	* CRYPTO_ALG_TYPE_SKCIPHER API applies here as well.
268	*/
269
270	static inline struct crypto_ahash __crypto_ahash_cast(struct* crypto_tfm *tfm)
271	{
272	return container_of(tfm, struct crypto_ahash, base);
273	}
274
275	/**
276	* crypto_alloc_ahash() - allocate ahash cipher handle
277	* @alg_name: is the cra_name / name or cra_driver_name / driver name of the
278	* ahash cipher
279	* @type: specifies the type of the cipher
280	* @mask: specifies the mask for the cipher
281	*
282	* Allocate a cipher handle for an ahash. The returned struct
283	* crypto_ahash is the cipher handle that is required for any subsequent
284	* API invocation for that ahash.
285	*
286	* Return: allocated cipher handle in case of success; IS_ERR() is true in case
287	* of an error, PTR_ERR() returns the error code.
288	*/
289	struct crypto_ahash crypto_alloc_ahash(const* char *alg_name, u32 type,
290	u32 mask);
291
292	struct crypto_ahash crypto_clone_ahash(struct* crypto_ahash *tfm);
293
294	static inline struct crypto_tfm crypto_ahash_tfm(struct* crypto_ahash *tfm)
295	{
296	return &tfm->base;
297	}
298
299	/**
300	* crypto_free_ahash() - zeroize and free the ahash handle
301	* @tfm: cipher handle to be freed
302	*
303	* If @tfm is a NULL or error pointer, this function does nothing.
304	*/
305	static inline void crypto_free_ahash(struct crypto_ahash *tfm)
306	{
307	crypto_destroy_tfm(mem: tfm, tfm: crypto_ahash_tfm(tfm));
308	}
309
310	/**
311	* crypto_has_ahash() - Search for the availability of an ahash.
312	* @alg_name: is the cra_name / name or cra_driver_name / driver name of the
313	* ahash
314	* @type: specifies the type of the ahash
315	* @mask: specifies the mask for the ahash
316	*
317	* Return: true when the ahash is known to the kernel crypto API; false
318	* otherwise
319	*/
320	int crypto_has_ahash(const char *alg_name, u32 type, u32 mask);
321
322	static inline const char crypto_ahash_alg_name(struct* crypto_ahash *tfm)
323	{
324	return crypto_tfm_alg_name(tfm: crypto_ahash_tfm(tfm));
325	}
326
327	static inline const char crypto_ahash_driver_name(struct* crypto_ahash *tfm)
328	{
329	return crypto_tfm_alg_driver_name(tfm: crypto_ahash_tfm(tfm));
330	}
331
332	/**
333	* crypto_ahash_blocksize() - obtain block size for cipher
334	* @tfm: cipher handle
335	*
336	* The block size for the message digest cipher referenced with the cipher
337	* handle is returned.
338	*
339	* Return: block size of cipher
340	*/
341	static inline unsigned int crypto_ahash_blocksize(struct crypto_ahash *tfm)
342	{
343	return crypto_tfm_alg_blocksize(tfm: crypto_ahash_tfm(tfm));
344	}
345
346	static inline struct hash_alg_common *__crypto_hash_alg_common(
347	struct crypto_alg *alg)
348	{
349	return container_of(alg, struct hash_alg_common, base);
350	}
351
352	static inline struct hash_alg_common *crypto_hash_alg_common(
353	struct crypto_ahash *tfm)
354	{
355	return __crypto_hash_alg_common(alg: crypto_ahash_tfm(tfm)->__crt_alg);
356	}
357
358	/**
359	* crypto_ahash_digestsize() - obtain message digest size
360	* @tfm: cipher handle
361	*
362	* The size for the message digest created by the message digest cipher
363	* referenced with the cipher handle is returned.
364	*
365	*
366	* Return: message digest size of cipher
367	*/
368	static inline unsigned int crypto_ahash_digestsize(struct crypto_ahash *tfm)
369	{
370	return crypto_hash_alg_common(tfm)->digestsize;
371	}
372
373	/**
374	* crypto_ahash_statesize() - obtain size of the ahash state
375	* @tfm: cipher handle
376	*
377	* Return the size of the ahash state. With the crypto_ahash_export()
378	* function, the caller can export the state into a buffer whose size is
379	* defined with this function.
380	*
381	* Return: size of the ahash state
382	*/
383	static inline unsigned int crypto_ahash_statesize(struct crypto_ahash *tfm)
384	{
385	return tfm->statesize;
386	}
387
388	static inline u32 crypto_ahash_get_flags(struct crypto_ahash *tfm)
389	{
390	return crypto_tfm_get_flags(tfm: crypto_ahash_tfm(tfm));
391	}
392
393	static inline void crypto_ahash_set_flags(struct crypto_ahash *tfm, u32 flags)
394	{
395	crypto_tfm_set_flags(tfm: crypto_ahash_tfm(tfm), flags);
396	}
397
398	static inline void crypto_ahash_clear_flags(struct crypto_ahash *tfm, u32 flags)
399	{
400	crypto_tfm_clear_flags(tfm: crypto_ahash_tfm(tfm), flags);
401	}
402
403	/**
404	* crypto_ahash_reqtfm() - obtain cipher handle from request
405	* @req: asynchronous request handle that contains the reference to the ahash
406	* cipher handle
407	*
408	* Return the ahash cipher handle that is registered with the asynchronous
409	* request handle ahash_request.
410	*
411	* Return: ahash cipher handle
412	*/
413	static inline struct crypto_ahash *crypto_ahash_reqtfm(
414	struct ahash_request *req)
415	{
416	return __crypto_ahash_cast(tfm: req->base.tfm);
417	}
418
419	/**
420	* crypto_ahash_reqsize() - obtain size of the request data structure
421	* @tfm: cipher handle
422	*
423	* Return: size of the request data
424	*/
425	static inline unsigned int crypto_ahash_reqsize(struct crypto_ahash *tfm)
426	{
427	return tfm->reqsize;
428	}
429
430	static inline void ahash_request_ctx(struct* ahash_request *req)
431	{
432	return req->__ctx;
433	}
434
435	/**
436	* crypto_ahash_setkey - set key for cipher handle
437	* @tfm: cipher handle
438	* @key: buffer holding the key
439	* @keylen: length of the key in bytes
440	*
441	* The caller provided key is set for the ahash cipher. The cipher
442	* handle must point to a keyed hash in order for this function to succeed.
443	*
444	* Return: 0 if the setting of the key was successful; < 0 if an error occurred
445	*/
446	int crypto_ahash_setkey(struct crypto_ahash tfm, const* u8 *key,
447	unsigned int keylen);
448
449	/**
450	* crypto_ahash_finup() - update and finalize message digest
451	* @req: reference to the ahash_request handle that holds all information
452	* needed to perform the cipher operation
453	*
454	* This function is a "short-hand" for the function calls of
455	* crypto_ahash_update and crypto_ahash_final. The parameters have the same
456	* meaning as discussed for those separate functions.
457	*
458	* Return: see crypto_ahash_final()
459	*/
460	int crypto_ahash_finup(struct ahash_request *req);
461
462	/**
463	* crypto_ahash_final() - calculate message digest
464	* @req: reference to the ahash_request handle that holds all information
465	* needed to perform the cipher operation
466	*
467	* Finalize the message digest operation and create the message digest
468	* based on all data added to the cipher handle. The message digest is placed
469	* into the output buffer registered with the ahash_request handle.
470	*
471	* Return:
472	* 0 if the message digest was successfully calculated;
473	* -EINPROGRESS if data is fed into hardware (DMA) or queued for later;
474	* -EBUSY if queue is full and request should be resubmitted later;
475	* other < 0 if an error occurred
476	*/
477	int crypto_ahash_final(struct ahash_request *req);
478
479	/**
480	* crypto_ahash_digest() - calculate message digest for a buffer
481	* @req: reference to the ahash_request handle that holds all information
482	* needed to perform the cipher operation
483	*
484	* This function is a "short-hand" for the function calls of crypto_ahash_init,
485	* crypto_ahash_update and crypto_ahash_final. The parameters have the same
486	* meaning as discussed for those separate three functions.
487	*
488	* Return: see crypto_ahash_final()
489	*/
490	int crypto_ahash_digest(struct ahash_request *req);
491
492	/**
493	* crypto_ahash_export() - extract current message digest state
494	* @req: reference to the ahash_request handle whose state is exported
495	* @out: output buffer of sufficient size that can hold the hash state
496	*
497	* This function exports the hash state of the ahash_request handle into the
498	* caller-allocated output buffer out which must have sufficient size (e.g. by
499	* calling crypto_ahash_statesize()).
500	*
501	* Return: 0 if the export was successful; < 0 if an error occurred
502	*/
503	int crypto_ahash_export(struct ahash_request req, void* *out);
504
505	/**
506	* crypto_ahash_import() - import message digest state
507	* @req: reference to ahash_request handle the state is imported into
508	* @in: buffer holding the state
509	*
510	* This function imports the hash state into the ahash_request handle from the
511	* input buffer. That buffer should have been generated with the
512	* crypto_ahash_export function.
513	*
514	* Return: 0 if the import was successful; < 0 if an error occurred
515	*/
516	int crypto_ahash_import(struct ahash_request req, const* void *in);
517
518	/**
519	* crypto_ahash_init() - (re)initialize message digest handle
520	* @req: ahash_request handle that already is initialized with all necessary
521	* data using the ahash_request_* API functions
522	*
523	* The call (re-)initializes the message digest referenced by the ahash_request
524	* handle. Any potentially existing state created by previous operations is
525	* discarded.
526	*
527	* Return: see crypto_ahash_final()
528	*/
529	int crypto_ahash_init(struct ahash_request *req);
530
531	/**
532	* crypto_ahash_update() - add data to message digest for processing
533	* @req: ahash_request handle that was previously initialized with the
534	* crypto_ahash_init call.
535	*
536	* Updates the message digest state of the &ahash_request handle. The input data
537	* is pointed to by the scatter/gather list registered in the &ahash_request
538	* handle
539	*
540	* Return: see crypto_ahash_final()
541	*/
542	int crypto_ahash_update(struct ahash_request *req);
543
544	/**
545	* DOC: Asynchronous Hash Request Handle
546	*
547	* The &ahash_request data structure contains all pointers to data
548	* required for the asynchronous cipher operation. This includes the cipher
549	* handle (which can be used by multiple &ahash_request instances), pointer
550	* to plaintext and the message digest output buffer, asynchronous callback
551	* function, etc. It acts as a handle to the ahash_request_* API calls in a
552	* similar way as ahash handle to the crypto_ahash_* API calls.
553	*/
554
555	/**
556	* ahash_request_set_tfm() - update cipher handle reference in request
557	* @req: request handle to be modified
558	* @tfm: cipher handle that shall be added to the request handle
559	*
560	* Allow the caller to replace the existing ahash handle in the request
561	* data structure with a different one.
562	*/
563	static inline void ahash_request_set_tfm(struct ahash_request *req,
564	struct crypto_ahash *tfm)
565	{
566	req->base.tfm = crypto_ahash_tfm(tfm);
567	}
568
569	/**
570	* ahash_request_alloc() - allocate request data structure
571	* @tfm: cipher handle to be registered with the request
572	* @gfp: memory allocation flag that is handed to kmalloc by the API call.
573	*
574	* Allocate the request data structure that must be used with the ahash
575	* message digest API calls. During
576	* the allocation, the provided ahash handle
577	* is registered in the request data structure.
578	*
579	* Return: allocated request handle in case of success, or NULL if out of memory
580	*/
581	static inline struct ahash_request *ahash_request_alloc(
582	struct crypto_ahash *tfm, gfp_t gfp)
583	{
584	struct ahash_request *req;
585
586	req = kmalloc(size: sizeof(struct ahash_request) +
587	crypto_ahash_reqsize(tfm), flags: gfp);
588
589	if (likely(req))
590	ahash_request_set_tfm(req, tfm);
591
592	return req;
593	}
594
595	/**
596	* ahash_request_free() - zeroize and free the request data structure
597	* @req: request data structure cipher handle to be freed
598	*/
599	static inline void ahash_request_free(struct ahash_request *req)
600	{
601	kfree_sensitive(objp: req);
602	}
603
604	static inline void ahash_request_zero(struct ahash_request *req)
605	{
606	memzero_explicit(s: req, count: sizeof(*req) +
607	crypto_ahash_reqsize(tfm: crypto_ahash_reqtfm(req)));
608	}
609
610	static inline struct ahash_request *ahash_request_cast(
611	struct crypto_async_request *req)
612	{
613	return container_of(req, struct ahash_request, base);
614	}
615
616	/**
617	* ahash_request_set_callback() - set asynchronous callback function
618	* @req: request handle
619	* @flags: specify zero or an ORing of the flags
620	* CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and
621	* increase the wait queue beyond the initial maximum size;
622	* CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep
623	* @compl: callback function pointer to be registered with the request handle
624	* @data: The data pointer refers to memory that is not used by the kernel
625	* crypto API, but provided to the callback function for it to use. Here,
626	* the caller can provide a reference to memory the callback function can
627	* operate on. As the callback function is invoked asynchronously to the
628	* related functionality, it may need to access data structures of the
629	* related functionality which can be referenced using this pointer. The
630	* callback function can access the memory via the "data" field in the
631	* &crypto_async_request data structure provided to the callback function.
632	*
633	* This function allows setting the callback function that is triggered once
634	* the cipher operation completes.
635	*
636	* The callback function is registered with the &ahash_request handle and
637	* must comply with the following template::
638	*
639	* void callback_function(struct crypto_async_request *req, int error)
640	*/
641	static inline void ahash_request_set_callback(struct ahash_request *req,
642	u32 flags,
643	crypto_completion_t compl,
644	void *data)
645	{
646	req->base.complete = compl;
647	req->base.data = data;
648	req->base.flags = flags;
649	}
650
651	/**
652	* ahash_request_set_crypt() - set data buffers
653	* @req: ahash_request handle to be updated
654	* @src: source scatter/gather list
655	* @result: buffer that is filled with the message digest -- the caller must
656	* ensure that the buffer has sufficient space by, for example, calling
657	* crypto_ahash_digestsize()
658	* @nbytes: number of bytes to process from the source scatter/gather list
659	*
660	* By using this call, the caller references the source scatter/gather list.
661	* The source scatter/gather list points to the data the message digest is to
662	* be calculated for.
663	*/
664	static inline void ahash_request_set_crypt(struct ahash_request *req,
665	struct scatterlist src, u8 result,
666	unsigned int nbytes)
667	{
668	req->src = src;
669	req->nbytes = nbytes;
670	req->result = result;
671	}
672
673	/**
674	* DOC: Synchronous Message Digest API
675	*
676	* The synchronous message digest API is used with the ciphers of type
677	* CRYPTO_ALG_TYPE_SHASH (listed as type "shash" in /proc/crypto)
678	*
679	* The message digest API is able to maintain state information for the
680	* caller.
681	*
682	* The synchronous message digest API can store user-related context in its
683	* shash_desc request data structure.
684	*/
685
686	/**
687	* crypto_alloc_shash() - allocate message digest handle
688	* @alg_name: is the cra_name / name or cra_driver_name / driver name of the
689	* message digest cipher
690	* @type: specifies the type of the cipher
691	* @mask: specifies the mask for the cipher
692	*
693	* Allocate a cipher handle for a message digest. The returned &struct
694	* crypto_shash is the cipher handle that is required for any subsequent
695	* API invocation for that message digest.
696	*
697	* Return: allocated cipher handle in case of success; IS_ERR() is true in case
698	* of an error, PTR_ERR() returns the error code.
699	*/
700	struct crypto_shash crypto_alloc_shash(const* char *alg_name, u32 type,
701	u32 mask);
702
703	struct crypto_shash crypto_clone_shash(struct* crypto_shash *tfm);
704
705	int crypto_has_shash(const char *alg_name, u32 type, u32 mask);
706
707	static inline struct crypto_tfm crypto_shash_tfm(struct* crypto_shash *tfm)
708	{
709	return &tfm->base;
710	}
711
712	/**
713	* crypto_free_shash() - zeroize and free the message digest handle
714	* @tfm: cipher handle to be freed
715	*
716	* If @tfm is a NULL or error pointer, this function does nothing.
717	*/
718	static inline void crypto_free_shash(struct crypto_shash *tfm)
719	{
720	crypto_destroy_tfm(mem: tfm, tfm: crypto_shash_tfm(tfm));
721	}
722
723	static inline const char crypto_shash_alg_name(struct* crypto_shash *tfm)
724	{
725	return crypto_tfm_alg_name(tfm: crypto_shash_tfm(tfm));
726	}
727
728	static inline const char crypto_shash_driver_name(struct* crypto_shash *tfm)
729	{
730	return crypto_tfm_alg_driver_name(tfm: crypto_shash_tfm(tfm));
731	}
732
733	/**
734	* crypto_shash_blocksize() - obtain block size for cipher
735	* @tfm: cipher handle
736	*
737	* The block size for the message digest cipher referenced with the cipher
738	* handle is returned.
739	*
740	* Return: block size of cipher
741	*/
742	static inline unsigned int crypto_shash_blocksize(struct crypto_shash *tfm)
743	{
744	return crypto_tfm_alg_blocksize(tfm: crypto_shash_tfm(tfm));
745	}
746
747	static inline struct shash_alg __crypto_shash_alg(struct* crypto_alg *alg)
748	{
749	return container_of(alg, struct shash_alg, base);
750	}
751
752	static inline struct shash_alg crypto_shash_alg(struct* crypto_shash *tfm)
753	{
754	return __crypto_shash_alg(alg: crypto_shash_tfm(tfm)->__crt_alg);
755	}
756
757	/**
758	* crypto_shash_digestsize() - obtain message digest size
759	* @tfm: cipher handle
760	*
761	* The size for the message digest created by the message digest cipher
762	* referenced with the cipher handle is returned.
763	*
764	* Return: digest size of cipher
765	*/
766	static inline unsigned int crypto_shash_digestsize(struct crypto_shash *tfm)
767	{
768	return crypto_shash_alg(tfm)->digestsize;
769	}
770
771	static inline unsigned int crypto_shash_statesize(struct crypto_shash *tfm)
772	{
773	return crypto_shash_alg(tfm)->statesize;
774	}
775
776	static inline u32 crypto_shash_get_flags(struct crypto_shash *tfm)
777	{
778	return crypto_tfm_get_flags(tfm: crypto_shash_tfm(tfm));
779	}
780
781	static inline void crypto_shash_set_flags(struct crypto_shash *tfm, u32 flags)
782	{
783	crypto_tfm_set_flags(tfm: crypto_shash_tfm(tfm), flags);
784	}
785
786	static inline void crypto_shash_clear_flags(struct crypto_shash *tfm, u32 flags)
787	{
788	crypto_tfm_clear_flags(tfm: crypto_shash_tfm(tfm), flags);
789	}
790
791	/**
792	* crypto_shash_descsize() - obtain the operational state size
793	* @tfm: cipher handle
794	*
795	* The size of the operational state the cipher needs during operation is
796	* returned for the hash referenced with the cipher handle. This size is
797	* required to calculate the memory requirements to allow the caller allocating
798	* sufficient memory for operational state.
799	*
800	* The operational state is defined with struct shash_desc where the size of
801	* that data structure is to be calculated as
802	* sizeof(struct shash_desc) + crypto_shash_descsize(alg)
803	*
804	* Return: size of the operational state
805	*/
806	static inline unsigned int crypto_shash_descsize(struct crypto_shash *tfm)
807	{
808	return tfm->descsize;
809	}
810
811	static inline void shash_desc_ctx(struct* shash_desc *desc)
812	{
813	return desc->__ctx;
814	}
815
816	/**
817	* crypto_shash_setkey() - set key for message digest
818	* @tfm: cipher handle
819	* @key: buffer holding the key
820	* @keylen: length of the key in bytes
821	*
822	* The caller provided key is set for the keyed message digest cipher. The
823	* cipher handle must point to a keyed message digest cipher in order for this
824	* function to succeed.
825	*
826	* Context: Any context.
827	* Return: 0 if the setting of the key was successful; < 0 if an error occurred
828	*/
829	int crypto_shash_setkey(struct crypto_shash tfm, const* u8 *key,
830	unsigned int keylen);
831
832	/**
833	* crypto_shash_digest() - calculate message digest for buffer
834	* @desc: see crypto_shash_final()
835	* @data: see crypto_shash_update()
836	* @len: see crypto_shash_update()
837	* @out: see crypto_shash_final()
838	*
839	* This function is a "short-hand" for the function calls of crypto_shash_init,
840	* crypto_shash_update and crypto_shash_final. The parameters have the same
841	* meaning as discussed for those separate three functions.
842	*
843	* Context: Any context.
844	* Return: 0 if the message digest creation was successful; < 0 if an error
845	* occurred
846	*/
847	int crypto_shash_digest(struct shash_desc desc, const* u8 *data,
848	unsigned int len, u8 *out);
849
850	/**
851	* crypto_shash_tfm_digest() - calculate message digest for buffer
852	* @tfm: hash transformation object
853	* @data: see crypto_shash_update()
854	* @len: see crypto_shash_update()
855	* @out: see crypto_shash_final()
856	*
857	* This is a simplified version of crypto_shash_digest() for users who don't
858	* want to allocate their own hash descriptor (shash_desc). Instead,
859	* crypto_shash_tfm_digest() takes a hash transformation object (crypto_shash)
860	* directly, and it allocates a hash descriptor on the stack internally.
861	* Note that this stack allocation may be fairly large.
862	*
863	* Context: Any context.
864	* Return: 0 on success; < 0 if an error occurred.
865	*/
866	int crypto_shash_tfm_digest(struct crypto_shash tfm, const* u8 *data,
867	unsigned int len, u8 *out);
868
869	/**
870	* crypto_shash_export() - extract operational state for message digest
871	* @desc: reference to the operational state handle whose state is exported
872	* @out: output buffer of sufficient size that can hold the hash state
873	*
874	* This function exports the hash state of the operational state handle into the
875	* caller-allocated output buffer out which must have sufficient size (e.g. by
876	* calling crypto_shash_descsize).
877	*
878	* Context: Any context.
879	* Return: 0 if the export creation was successful; < 0 if an error occurred
880	*/
881	int crypto_shash_export(struct shash_desc desc, void* *out);
882
883	/**
884	* crypto_shash_import() - import operational state
885	* @desc: reference to the operational state handle the state imported into
886	* @in: buffer holding the state
887	*
888	* This function imports the hash state into the operational state handle from
889	* the input buffer. That buffer should have been generated with the
890	* crypto_ahash_export function.
891	*
892	* Context: Any context.
893	* Return: 0 if the import was successful; < 0 if an error occurred
894	*/
895	int crypto_shash_import(struct shash_desc desc, const* void *in);
896
897	/**
898	* crypto_shash_init() - (re)initialize message digest
899	* @desc: operational state handle that is already filled
900	*
901	* The call (re-)initializes the message digest referenced by the
902	* operational state handle. Any potentially existing state created by
903	* previous operations is discarded.
904	*
905	* Context: Any context.
906	* Return: 0 if the message digest initialization was successful; < 0 if an
907	* error occurred
908	*/
909	static inline int crypto_shash_init(struct shash_desc *desc)
910	{
911	struct crypto_shash *tfm = desc->tfm;
912
913	if (crypto_shash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY)
914	return -ENOKEY;
915
916	return crypto_shash_alg(tfm)->init(desc);
917	}
918
919	/**
920	* crypto_shash_update() - add data to message digest for processing
921	* @desc: operational state handle that is already initialized
922	* @data: input data to be added to the message digest
923	* @len: length of the input data
924	*
925	* Updates the message digest state of the operational state handle.
926	*
927	* Context: Any context.
928	* Return: 0 if the message digest update was successful; < 0 if an error
929	* occurred
930	*/
931	int crypto_shash_update(struct shash_desc desc, const* u8 *data,
932	unsigned int len);
933
934	/**
935	* crypto_shash_final() - calculate message digest
936	* @desc: operational state handle that is already filled with data
937	* @out: output buffer filled with the message digest
938	*
939	* Finalize the message digest operation and create the message digest
940	* based on all data added to the cipher handle. The message digest is placed
941	* into the output buffer. The caller must ensure that the output buffer is
942	* large enough by using crypto_shash_digestsize.
943	*
944	* Context: Any context.
945	* Return: 0 if the message digest creation was successful; < 0 if an error
946	* occurred
947	*/
948	int crypto_shash_final(struct shash_desc desc, u8 out);
949
950	/**
951	* crypto_shash_finup() - calculate message digest of buffer
952	* @desc: see crypto_shash_final()
953	* @data: see crypto_shash_update()
954	* @len: see crypto_shash_update()
955	* @out: see crypto_shash_final()
956	*
957	* This function is a "short-hand" for the function calls of
958	* crypto_shash_update and crypto_shash_final. The parameters have the same
959	* meaning as discussed for those separate functions.
960	*
961	* Context: Any context.
962	* Return: 0 if the message digest creation was successful; < 0 if an error
963	* occurred
964	*/
965	int crypto_shash_finup(struct shash_desc desc, const* u8 *data,
966	unsigned int len, u8 *out);
967
968	static inline void shash_desc_zero(struct shash_desc *desc)
969	{
970	memzero_explicit(s: desc,
971	count: sizeof(*desc) + crypto_shash_descsize(tfm: desc->tfm));
972	}
973
974	#endif /* _CRYPTO_HASH_H */
975

source code of linux/include/crypto/hash.h