1 | /* |
2 | * Hash: Hash algorithms under the crypto API |
3 | * |
4 | * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au> |
5 | * |
6 | * This program is free software; you can redistribute it and/or modify it |
7 | * under the terms of the GNU General Public License as published by the Free |
8 | * Software Foundation; either version 2 of the License, or (at your option) |
9 | * any later version. |
10 | * |
11 | */ |
12 | |
13 | #ifndef _CRYPTO_HASH_H |
14 | #define _CRYPTO_HASH_H |
15 | |
16 | #include <linux/crypto.h> |
17 | #include <linux/string.h> |
18 | |
19 | struct crypto_ahash; |
20 | |
21 | /** |
22 | * DOC: Message Digest Algorithm Definitions |
23 | * |
24 | * These data structures define modular message digest algorithm |
25 | * implementations, managed via crypto_register_ahash(), |
26 | * crypto_register_shash(), crypto_unregister_ahash() and |
27 | * crypto_unregister_shash(). |
28 | */ |
29 | |
30 | /** |
31 | * struct hash_alg_common - define properties of message digest |
32 | * @digestsize: Size of the result of the transformation. A buffer of this size |
33 | * must be available to the @final and @finup calls, so they can |
34 | * store the resulting hash into it. For various predefined sizes, |
35 | * search include/crypto/ using |
36 | * git grep _DIGEST_SIZE include/crypto. |
37 | * @statesize: Size of the block for partial state of the transformation. A |
38 | * buffer of this size must be passed to the @export function as it |
39 | * will save the partial state of the transformation into it. On the |
40 | * other side, the @import function will load the state from a |
41 | * buffer of this size as well. |
42 | * @base: Start of data structure of cipher algorithm. The common data |
43 | * structure of crypto_alg contains information common to all ciphers. |
44 | * The hash_alg_common data structure now adds the hash-specific |
45 | * information. |
46 | */ |
47 | struct hash_alg_common { |
48 | unsigned int digestsize; |
49 | unsigned int statesize; |
50 | |
51 | struct crypto_alg base; |
52 | }; |
53 | |
54 | struct ahash_request { |
55 | struct crypto_async_request base; |
56 | |
57 | unsigned int nbytes; |
58 | struct scatterlist *src; |
59 | u8 *result; |
60 | |
61 | /* This field may only be used by the ahash API code. */ |
62 | void *priv; |
63 | |
64 | void *__ctx[] CRYPTO_MINALIGN_ATTR; |
65 | }; |
66 | |
67 | #define AHASH_REQUEST_ON_STACK(name, ahash) \ |
68 | char __##name##_desc[sizeof(struct ahash_request) + \ |
69 | crypto_ahash_reqsize(ahash)] CRYPTO_MINALIGN_ATTR; \ |
70 | struct ahash_request *name = (void *)__##name##_desc |
71 | |
72 | /** |
73 | * struct ahash_alg - asynchronous message digest definition |
74 | * @init: **[mandatory]** Initialize the transformation context. Intended only to initialize the |
75 | * state of the HASH transformation at the beginning. This shall fill in |
76 | * the internal structures used during the entire duration of the whole |
77 | * transformation. No data processing happens at this point. Driver code |
78 | * implementation must not use req->result. |
79 | * @update: **[mandatory]** Push a chunk of data into the driver for transformation. This |
80 | * function actually pushes blocks of data from upper layers into the |
81 | * driver, which then passes those to the hardware as seen fit. This |
82 | * function must not finalize the HASH transformation by calculating the |
83 | * final message digest as this only adds more data into the |
84 | * transformation. This function shall not modify the transformation |
85 | * context, as this function may be called in parallel with the same |
86 | * transformation object. Data processing can happen synchronously |
87 | * [SHASH] or asynchronously [AHASH] at this point. Driver must not use |
88 | * req->result. |
89 | * @final: **[mandatory]** Retrieve result from the driver. This function finalizes the |
90 | * transformation and retrieves the resulting hash from the driver and |
91 | * pushes it back to upper layers. No data processing happens at this |
92 | * point unless hardware requires it to finish the transformation |
93 | * (then the data buffered by the device driver is processed). |
94 | * @finup: **[optional]** Combination of @update and @final. This function is effectively a |
95 | * combination of @update and @final calls issued in sequence. As some |
96 | * hardware cannot do @update and @final separately, this callback was |
97 | * added to allow such hardware to be used at least by IPsec. Data |
98 | * processing can happen synchronously [SHASH] or asynchronously [AHASH] |
99 | * at this point. |
100 | * @digest: Combination of @init and @update and @final. This function |
101 | * effectively behaves as the entire chain of operations, @init, |
102 | * @update and @final issued in sequence. Just like @finup, this was |
103 | * added for hardware which cannot do even the @finup, but can only do |
104 | * the whole transformation in one run. Data processing can happen |
105 | * synchronously [SHASH] or asynchronously [AHASH] at this point. |
106 | * @setkey: Set optional key used by the hashing algorithm. Intended to push |
107 | * optional key used by the hashing algorithm from upper layers into |
108 | * the driver. This function can store the key in the transformation |
109 | * context or can outright program it into the hardware. In the former |
110 | * case, one must be careful to program the key into the hardware at |
111 | * appropriate time and one must be careful that .setkey() can be |
112 | * called multiple times during the existence of the transformation |
113 | * object. Not all hashing algorithms do implement this function as it |
114 | * is only needed for keyed message digests. SHAx/MDx/CRCx do NOT |
115 | * implement this function. HMAC(MDx)/HMAC(SHAx)/CMAC(AES) do implement |
116 | * this function. This function must be called before any other of the |
117 | * @init, @update, @final, @finup, @digest is called. No data |
118 | * processing happens at this point. |
119 | * @export: Export partial state of the transformation. This function dumps the |
120 | * entire state of the ongoing transformation into a provided block of |
121 | * data so it can be @import 'ed back later on. This is useful in case |
122 | * you want to save partial result of the transformation after |
123 | * processing certain amount of data and reload this partial result |
124 | * multiple times later on for multiple re-use. No data processing |
125 | * happens at this point. Driver must not use req->result. |
126 | * @import: Import partial state of the transformation. This function loads the |
127 | * entire state of the ongoing transformation from a provided block of |
128 | * data so the transformation can continue from this point onward. No |
129 | * data processing happens at this point. Driver must not use |
130 | * req->result. |
131 | * @halg: see struct hash_alg_common |
132 | */ |
133 | struct ahash_alg { |
134 | int (*init)(struct ahash_request *req); |
135 | int (*update)(struct ahash_request *req); |
136 | int (*final)(struct ahash_request *req); |
137 | int (*finup)(struct ahash_request *req); |
138 | int (*digest)(struct ahash_request *req); |
139 | int (*export)(struct ahash_request *req, void *out); |
140 | int (*import)(struct ahash_request *req, const void *in); |
141 | int (*setkey)(struct crypto_ahash *tfm, const u8 *key, |
142 | unsigned int keylen); |
143 | |
144 | struct hash_alg_common halg; |
145 | }; |
146 | |
147 | struct shash_desc { |
148 | struct crypto_shash *tfm; |
149 | u32 flags; |
150 | |
151 | void *__ctx[] CRYPTO_MINALIGN_ATTR; |
152 | }; |
153 | |
154 | #define HASH_MAX_DIGESTSIZE 64 |
155 | #define HASH_MAX_DESCSIZE 360 |
156 | #define HASH_MAX_STATESIZE 512 |
157 | |
158 | #define SHASH_DESC_ON_STACK(shash, ctx) \ |
159 | char __##shash##_desc[sizeof(struct shash_desc) + \ |
160 | HASH_MAX_DESCSIZE] CRYPTO_MINALIGN_ATTR; \ |
161 | struct shash_desc *shash = (struct shash_desc *)__##shash##_desc |
162 | |
163 | /** |
164 | * struct shash_alg - synchronous message digest definition |
165 | * @init: see struct ahash_alg |
166 | * @update: see struct ahash_alg |
167 | * @final: see struct ahash_alg |
168 | * @finup: see struct ahash_alg |
169 | * @digest: see struct ahash_alg |
170 | * @export: see struct ahash_alg |
171 | * @import: see struct ahash_alg |
172 | * @setkey: see struct ahash_alg |
173 | * @digestsize: see struct ahash_alg |
174 | * @statesize: see struct ahash_alg |
175 | * @descsize: Size of the operational state for the message digest. This state |
176 | * size is the memory size that needs to be allocated for |
177 | * shash_desc.__ctx |
178 | * @base: internally used |
179 | */ |
180 | struct shash_alg { |
181 | int (*init)(struct shash_desc *desc); |
182 | int (*update)(struct shash_desc *desc, const u8 *data, |
183 | unsigned int len); |
184 | int (*final)(struct shash_desc *desc, u8 *out); |
185 | int (*finup)(struct shash_desc *desc, const u8 *data, |
186 | unsigned int len, u8 *out); |
187 | int (*digest)(struct shash_desc *desc, const u8 *data, |
188 | unsigned int len, u8 *out); |
189 | int (*export)(struct shash_desc *desc, void *out); |
190 | int (*import)(struct shash_desc *desc, const void *in); |
191 | int (*setkey)(struct crypto_shash *tfm, const u8 *key, |
192 | unsigned int keylen); |
193 | |
194 | unsigned int descsize; |
195 | |
196 | /* These fields must match hash_alg_common. */ |
197 | unsigned int digestsize |
198 | __attribute__ ((aligned(__alignof__(struct hash_alg_common)))); |
199 | unsigned int statesize; |
200 | |
201 | struct crypto_alg base; |
202 | }; |
203 | |
204 | struct crypto_ahash { |
205 | int (*init)(struct ahash_request *req); |
206 | int (*update)(struct ahash_request *req); |
207 | int (*final)(struct ahash_request *req); |
208 | int (*finup)(struct ahash_request *req); |
209 | int (*digest)(struct ahash_request *req); |
210 | int (*export)(struct ahash_request *req, void *out); |
211 | int (*import)(struct ahash_request *req, const void *in); |
212 | int (*setkey)(struct crypto_ahash *tfm, const u8 *key, |
213 | unsigned int keylen); |
214 | |
215 | unsigned int reqsize; |
216 | struct crypto_tfm base; |
217 | }; |
218 | |
219 | struct crypto_shash { |
220 | unsigned int descsize; |
221 | struct crypto_tfm base; |
222 | }; |
223 | |
224 | /** |
225 | * DOC: Asynchronous Message Digest API |
226 | * |
227 | * The asynchronous message digest API is used with the ciphers of type |
228 | * CRYPTO_ALG_TYPE_AHASH (listed as type "ahash" in /proc/crypto) |
229 | * |
230 | * The asynchronous cipher operation discussion provided for the |
231 | * CRYPTO_ALG_TYPE_ABLKCIPHER API applies here as well. |
232 | */ |
233 | |
234 | static inline struct crypto_ahash *__crypto_ahash_cast(struct crypto_tfm *tfm) |
235 | { |
236 | return container_of(tfm, struct crypto_ahash, base); |
237 | } |
238 | |
239 | /** |
240 | * crypto_alloc_ahash() - allocate ahash cipher handle |
241 | * @alg_name: is the cra_name / name or cra_driver_name / driver name of the |
242 | * ahash cipher |
243 | * @type: specifies the type of the cipher |
244 | * @mask: specifies the mask for the cipher |
245 | * |
246 | * Allocate a cipher handle for an ahash. The returned struct |
247 | * crypto_ahash is the cipher handle that is required for any subsequent |
248 | * API invocation for that ahash. |
249 | * |
250 | * Return: allocated cipher handle in case of success; IS_ERR() is true in case |
251 | * of an error, PTR_ERR() returns the error code. |
252 | */ |
253 | struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type, |
254 | u32 mask); |
255 | |
256 | static inline struct crypto_tfm *crypto_ahash_tfm(struct crypto_ahash *tfm) |
257 | { |
258 | return &tfm->base; |
259 | } |
260 | |
261 | /** |
262 | * crypto_free_ahash() - zeroize and free the ahash handle |
263 | * @tfm: cipher handle to be freed |
264 | */ |
265 | static inline void crypto_free_ahash(struct crypto_ahash *tfm) |
266 | { |
267 | crypto_destroy_tfm(tfm, crypto_ahash_tfm(tfm)); |
268 | } |
269 | |
270 | /** |
271 | * crypto_has_ahash() - Search for the availability of an ahash. |
272 | * @alg_name: is the cra_name / name or cra_driver_name / driver name of the |
273 | * ahash |
274 | * @type: specifies the type of the ahash |
275 | * @mask: specifies the mask for the ahash |
276 | * |
277 | * Return: true when the ahash is known to the kernel crypto API; false |
278 | * otherwise |
279 | */ |
280 | int crypto_has_ahash(const char *alg_name, u32 type, u32 mask); |
281 | |
282 | static inline const char *crypto_ahash_alg_name(struct crypto_ahash *tfm) |
283 | { |
284 | return crypto_tfm_alg_name(crypto_ahash_tfm(tfm)); |
285 | } |
286 | |
287 | static inline const char *crypto_ahash_driver_name(struct crypto_ahash *tfm) |
288 | { |
289 | return crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm)); |
290 | } |
291 | |
292 | static inline unsigned int crypto_ahash_alignmask( |
293 | struct crypto_ahash *tfm) |
294 | { |
295 | return crypto_tfm_alg_alignmask(crypto_ahash_tfm(tfm)); |
296 | } |
297 | |
298 | /** |
299 | * crypto_ahash_blocksize() - obtain block size for cipher |
300 | * @tfm: cipher handle |
301 | * |
302 | * The block size for the message digest cipher referenced with the cipher |
303 | * handle is returned. |
304 | * |
305 | * Return: block size of cipher |
306 | */ |
307 | static inline unsigned int crypto_ahash_blocksize(struct crypto_ahash *tfm) |
308 | { |
309 | return crypto_tfm_alg_blocksize(crypto_ahash_tfm(tfm)); |
310 | } |
311 | |
312 | static inline struct hash_alg_common *__crypto_hash_alg_common( |
313 | struct crypto_alg *alg) |
314 | { |
315 | return container_of(alg, struct hash_alg_common, base); |
316 | } |
317 | |
318 | static inline struct hash_alg_common *crypto_hash_alg_common( |
319 | struct crypto_ahash *tfm) |
320 | { |
321 | return __crypto_hash_alg_common(crypto_ahash_tfm(tfm)->__crt_alg); |
322 | } |
323 | |
324 | /** |
325 | * crypto_ahash_digestsize() - obtain message digest size |
326 | * @tfm: cipher handle |
327 | * |
328 | * The size for the message digest created by the message digest cipher |
329 | * referenced with the cipher handle is returned. |
330 | * |
331 | * |
332 | * Return: message digest size of cipher |
333 | */ |
334 | static inline unsigned int crypto_ahash_digestsize(struct crypto_ahash *tfm) |
335 | { |
336 | return crypto_hash_alg_common(tfm)->digestsize; |
337 | } |
338 | |
339 | /** |
340 | * crypto_ahash_statesize() - obtain size of the ahash state |
341 | * @tfm: cipher handle |
342 | * |
343 | * Return the size of the ahash state. With the crypto_ahash_export() |
344 | * function, the caller can export the state into a buffer whose size is |
345 | * defined with this function. |
346 | * |
347 | * Return: size of the ahash state |
348 | */ |
349 | static inline unsigned int crypto_ahash_statesize(struct crypto_ahash *tfm) |
350 | { |
351 | return crypto_hash_alg_common(tfm)->statesize; |
352 | } |
353 | |
354 | static inline u32 crypto_ahash_get_flags(struct crypto_ahash *tfm) |
355 | { |
356 | return crypto_tfm_get_flags(crypto_ahash_tfm(tfm)); |
357 | } |
358 | |
359 | static inline void crypto_ahash_set_flags(struct crypto_ahash *tfm, u32 flags) |
360 | { |
361 | crypto_tfm_set_flags(crypto_ahash_tfm(tfm), flags); |
362 | } |
363 | |
364 | static inline void crypto_ahash_clear_flags(struct crypto_ahash *tfm, u32 flags) |
365 | { |
366 | crypto_tfm_clear_flags(crypto_ahash_tfm(tfm), flags); |
367 | } |
368 | |
369 | /** |
370 | * crypto_ahash_reqtfm() - obtain cipher handle from request |
371 | * @req: asynchronous request handle that contains the reference to the ahash |
372 | * cipher handle |
373 | * |
374 | * Return the ahash cipher handle that is registered with the asynchronous |
375 | * request handle ahash_request. |
376 | * |
377 | * Return: ahash cipher handle |
378 | */ |
379 | static inline struct crypto_ahash *crypto_ahash_reqtfm( |
380 | struct ahash_request *req) |
381 | { |
382 | return __crypto_ahash_cast(req->base.tfm); |
383 | } |
384 | |
385 | /** |
386 | * crypto_ahash_reqsize() - obtain size of the request data structure |
387 | * @tfm: cipher handle |
388 | * |
389 | * Return: size of the request data |
390 | */ |
391 | static inline unsigned int crypto_ahash_reqsize(struct crypto_ahash *tfm) |
392 | { |
393 | return tfm->reqsize; |
394 | } |
395 | |
396 | static inline void *ahash_request_ctx(struct ahash_request *req) |
397 | { |
398 | return req->__ctx; |
399 | } |
400 | |
401 | /** |
402 | * crypto_ahash_setkey - set key for cipher handle |
403 | * @tfm: cipher handle |
404 | * @key: buffer holding the key |
405 | * @keylen: length of the key in bytes |
406 | * |
407 | * The caller provided key is set for the ahash cipher. The cipher |
408 | * handle must point to a keyed hash in order for this function to succeed. |
409 | * |
410 | * Return: 0 if the setting of the key was successful; < 0 if an error occurred |
411 | */ |
412 | int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key, |
413 | unsigned int keylen); |
414 | |
415 | /** |
416 | * crypto_ahash_finup() - update and finalize message digest |
417 | * @req: reference to the ahash_request handle that holds all information |
418 | * needed to perform the cipher operation |
419 | * |
420 | * This function is a "short-hand" for the function calls of |
421 | * crypto_ahash_update and crypto_ahash_final. The parameters have the same |
422 | * meaning as discussed for those separate functions. |
423 | * |
424 | * Return: see crypto_ahash_final() |
425 | */ |
426 | int crypto_ahash_finup(struct ahash_request *req); |
427 | |
428 | /** |
429 | * crypto_ahash_final() - calculate message digest |
430 | * @req: reference to the ahash_request handle that holds all information |
431 | * needed to perform the cipher operation |
432 | * |
433 | * Finalize the message digest operation and create the message digest |
434 | * based on all data added to the cipher handle. The message digest is placed |
435 | * into the output buffer registered with the ahash_request handle. |
436 | * |
437 | * Return: |
438 | * 0 if the message digest was successfully calculated; |
439 | * -EINPROGRESS if data is feeded into hardware (DMA) or queued for later; |
440 | * -EBUSY if queue is full and request should be resubmitted later; |
441 | * other < 0 if an error occurred |
442 | */ |
443 | int crypto_ahash_final(struct ahash_request *req); |
444 | |
445 | /** |
446 | * crypto_ahash_digest() - calculate message digest for a buffer |
447 | * @req: reference to the ahash_request handle that holds all information |
448 | * needed to perform the cipher operation |
449 | * |
450 | * This function is a "short-hand" for the function calls of crypto_ahash_init, |
451 | * crypto_ahash_update and crypto_ahash_final. The parameters have the same |
452 | * meaning as discussed for those separate three functions. |
453 | * |
454 | * Return: see crypto_ahash_final() |
455 | */ |
456 | int crypto_ahash_digest(struct ahash_request *req); |
457 | |
458 | /** |
459 | * crypto_ahash_export() - extract current message digest state |
460 | * @req: reference to the ahash_request handle whose state is exported |
461 | * @out: output buffer of sufficient size that can hold the hash state |
462 | * |
463 | * This function exports the hash state of the ahash_request handle into the |
464 | * caller-allocated output buffer out which must have sufficient size (e.g. by |
465 | * calling crypto_ahash_statesize()). |
466 | * |
467 | * Return: 0 if the export was successful; < 0 if an error occurred |
468 | */ |
469 | static inline int crypto_ahash_export(struct ahash_request *req, void *out) |
470 | { |
471 | return crypto_ahash_reqtfm(req)->export(req, out); |
472 | } |
473 | |
474 | /** |
475 | * crypto_ahash_import() - import message digest state |
476 | * @req: reference to ahash_request handle the state is imported into |
477 | * @in: buffer holding the state |
478 | * |
479 | * This function imports the hash state into the ahash_request handle from the |
480 | * input buffer. That buffer should have been generated with the |
481 | * crypto_ahash_export function. |
482 | * |
483 | * Return: 0 if the import was successful; < 0 if an error occurred |
484 | */ |
485 | static inline int crypto_ahash_import(struct ahash_request *req, const void *in) |
486 | { |
487 | struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); |
488 | |
489 | if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) |
490 | return -ENOKEY; |
491 | |
492 | return tfm->import(req, in); |
493 | } |
494 | |
495 | /** |
496 | * crypto_ahash_init() - (re)initialize message digest handle |
497 | * @req: ahash_request handle that already is initialized with all necessary |
498 | * data using the ahash_request_* API functions |
499 | * |
500 | * The call (re-)initializes the message digest referenced by the ahash_request |
501 | * handle. Any potentially existing state created by previous operations is |
502 | * discarded. |
503 | * |
504 | * Return: see crypto_ahash_final() |
505 | */ |
506 | static inline int crypto_ahash_init(struct ahash_request *req) |
507 | { |
508 | struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); |
509 | |
510 | if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) |
511 | return -ENOKEY; |
512 | |
513 | return tfm->init(req); |
514 | } |
515 | |
516 | /** |
517 | * crypto_ahash_update() - add data to message digest for processing |
518 | * @req: ahash_request handle that was previously initialized with the |
519 | * crypto_ahash_init call. |
520 | * |
521 | * Updates the message digest state of the &ahash_request handle. The input data |
522 | * is pointed to by the scatter/gather list registered in the &ahash_request |
523 | * handle |
524 | * |
525 | * Return: see crypto_ahash_final() |
526 | */ |
527 | static inline int crypto_ahash_update(struct ahash_request *req) |
528 | { |
529 | struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); |
530 | struct crypto_alg *alg = tfm->base.__crt_alg; |
531 | unsigned int nbytes = req->nbytes; |
532 | int ret; |
533 | |
534 | crypto_stats_get(alg); |
535 | ret = crypto_ahash_reqtfm(req)->update(req); |
536 | crypto_stats_ahash_update(nbytes, ret, alg); |
537 | return ret; |
538 | } |
539 | |
540 | /** |
541 | * DOC: Asynchronous Hash Request Handle |
542 | * |
543 | * The &ahash_request data structure contains all pointers to data |
544 | * required for the asynchronous cipher operation. This includes the cipher |
545 | * handle (which can be used by multiple &ahash_request instances), pointer |
546 | * to plaintext and the message digest output buffer, asynchronous callback |
547 | * function, etc. It acts as a handle to the ahash_request_* API calls in a |
548 | * similar way as ahash handle to the crypto_ahash_* API calls. |
549 | */ |
550 | |
551 | /** |
552 | * ahash_request_set_tfm() - update cipher handle reference in request |
553 | * @req: request handle to be modified |
554 | * @tfm: cipher handle that shall be added to the request handle |
555 | * |
556 | * Allow the caller to replace the existing ahash handle in the request |
557 | * data structure with a different one. |
558 | */ |
559 | static inline void ahash_request_set_tfm(struct ahash_request *req, |
560 | struct crypto_ahash *tfm) |
561 | { |
562 | req->base.tfm = crypto_ahash_tfm(tfm); |
563 | } |
564 | |
565 | /** |
566 | * ahash_request_alloc() - allocate request data structure |
567 | * @tfm: cipher handle to be registered with the request |
568 | * @gfp: memory allocation flag that is handed to kmalloc by the API call. |
569 | * |
570 | * Allocate the request data structure that must be used with the ahash |
571 | * message digest API calls. During |
572 | * the allocation, the provided ahash handle |
573 | * is registered in the request data structure. |
574 | * |
575 | * Return: allocated request handle in case of success, or NULL if out of memory |
576 | */ |
577 | static inline struct ahash_request *ahash_request_alloc( |
578 | struct crypto_ahash *tfm, gfp_t gfp) |
579 | { |
580 | struct ahash_request *req; |
581 | |
582 | req = kmalloc(sizeof(struct ahash_request) + |
583 | crypto_ahash_reqsize(tfm), gfp); |
584 | |
585 | if (likely(req)) |
586 | ahash_request_set_tfm(req, tfm); |
587 | |
588 | return req; |
589 | } |
590 | |
591 | /** |
592 | * ahash_request_free() - zeroize and free the request data structure |
593 | * @req: request data structure cipher handle to be freed |
594 | */ |
595 | static inline void ahash_request_free(struct ahash_request *req) |
596 | { |
597 | kzfree(req); |
598 | } |
599 | |
600 | static inline void ahash_request_zero(struct ahash_request *req) |
601 | { |
602 | memzero_explicit(req, sizeof(*req) + |
603 | crypto_ahash_reqsize(crypto_ahash_reqtfm(req))); |
604 | } |
605 | |
606 | static inline struct ahash_request *ahash_request_cast( |
607 | struct crypto_async_request *req) |
608 | { |
609 | return container_of(req, struct ahash_request, base); |
610 | } |
611 | |
612 | /** |
613 | * ahash_request_set_callback() - set asynchronous callback function |
614 | * @req: request handle |
615 | * @flags: specify zero or an ORing of the flags |
616 | * CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and |
617 | * increase the wait queue beyond the initial maximum size; |
618 | * CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep |
619 | * @compl: callback function pointer to be registered with the request handle |
620 | * @data: The data pointer refers to memory that is not used by the kernel |
621 | * crypto API, but provided to the callback function for it to use. Here, |
622 | * the caller can provide a reference to memory the callback function can |
623 | * operate on. As the callback function is invoked asynchronously to the |
624 | * related functionality, it may need to access data structures of the |
625 | * related functionality which can be referenced using this pointer. The |
626 | * callback function can access the memory via the "data" field in the |
627 | * &crypto_async_request data structure provided to the callback function. |
628 | * |
629 | * This function allows setting the callback function that is triggered once |
630 | * the cipher operation completes. |
631 | * |
632 | * The callback function is registered with the &ahash_request handle and |
633 | * must comply with the following template:: |
634 | * |
635 | * void callback_function(struct crypto_async_request *req, int error) |
636 | */ |
637 | static inline void ahash_request_set_callback(struct ahash_request *req, |
638 | u32 flags, |
639 | crypto_completion_t compl, |
640 | void *data) |
641 | { |
642 | req->base.complete = compl; |
643 | req->base.data = data; |
644 | req->base.flags = flags; |
645 | } |
646 | |
647 | /** |
648 | * ahash_request_set_crypt() - set data buffers |
649 | * @req: ahash_request handle to be updated |
650 | * @src: source scatter/gather list |
651 | * @result: buffer that is filled with the message digest -- the caller must |
652 | * ensure that the buffer has sufficient space by, for example, calling |
653 | * crypto_ahash_digestsize() |
654 | * @nbytes: number of bytes to process from the source scatter/gather list |
655 | * |
656 | * By using this call, the caller references the source scatter/gather list. |
657 | * The source scatter/gather list points to the data the message digest is to |
658 | * be calculated for. |
659 | */ |
660 | static inline void ahash_request_set_crypt(struct ahash_request *req, |
661 | struct scatterlist *src, u8 *result, |
662 | unsigned int nbytes) |
663 | { |
664 | req->src = src; |
665 | req->nbytes = nbytes; |
666 | req->result = result; |
667 | } |
668 | |
669 | /** |
670 | * DOC: Synchronous Message Digest API |
671 | * |
672 | * The synchronous message digest API is used with the ciphers of type |
673 | * CRYPTO_ALG_TYPE_SHASH (listed as type "shash" in /proc/crypto) |
674 | * |
675 | * The message digest API is able to maintain state information for the |
676 | * caller. |
677 | * |
678 | * The synchronous message digest API can store user-related context in in its |
679 | * shash_desc request data structure. |
680 | */ |
681 | |
682 | /** |
683 | * crypto_alloc_shash() - allocate message digest handle |
684 | * @alg_name: is the cra_name / name or cra_driver_name / driver name of the |
685 | * message digest cipher |
686 | * @type: specifies the type of the cipher |
687 | * @mask: specifies the mask for the cipher |
688 | * |
689 | * Allocate a cipher handle for a message digest. The returned &struct |
690 | * crypto_shash is the cipher handle that is required for any subsequent |
691 | * API invocation for that message digest. |
692 | * |
693 | * Return: allocated cipher handle in case of success; IS_ERR() is true in case |
694 | * of an error, PTR_ERR() returns the error code. |
695 | */ |
696 | struct crypto_shash *crypto_alloc_shash(const char *alg_name, u32 type, |
697 | u32 mask); |
698 | |
699 | static inline struct crypto_tfm *crypto_shash_tfm(struct crypto_shash *tfm) |
700 | { |
701 | return &tfm->base; |
702 | } |
703 | |
704 | /** |
705 | * crypto_free_shash() - zeroize and free the message digest handle |
706 | * @tfm: cipher handle to be freed |
707 | */ |
708 | static inline void crypto_free_shash(struct crypto_shash *tfm) |
709 | { |
710 | crypto_destroy_tfm(tfm, crypto_shash_tfm(tfm)); |
711 | } |
712 | |
713 | static inline const char *crypto_shash_alg_name(struct crypto_shash *tfm) |
714 | { |
715 | return crypto_tfm_alg_name(crypto_shash_tfm(tfm)); |
716 | } |
717 | |
718 | static inline const char *crypto_shash_driver_name(struct crypto_shash *tfm) |
719 | { |
720 | return crypto_tfm_alg_driver_name(crypto_shash_tfm(tfm)); |
721 | } |
722 | |
723 | static inline unsigned int crypto_shash_alignmask( |
724 | struct crypto_shash *tfm) |
725 | { |
726 | return crypto_tfm_alg_alignmask(crypto_shash_tfm(tfm)); |
727 | } |
728 | |
729 | /** |
730 | * crypto_shash_blocksize() - obtain block size for cipher |
731 | * @tfm: cipher handle |
732 | * |
733 | * The block size for the message digest cipher referenced with the cipher |
734 | * handle is returned. |
735 | * |
736 | * Return: block size of cipher |
737 | */ |
738 | static inline unsigned int crypto_shash_blocksize(struct crypto_shash *tfm) |
739 | { |
740 | return crypto_tfm_alg_blocksize(crypto_shash_tfm(tfm)); |
741 | } |
742 | |
743 | static inline struct shash_alg *__crypto_shash_alg(struct crypto_alg *alg) |
744 | { |
745 | return container_of(alg, struct shash_alg, base); |
746 | } |
747 | |
748 | static inline struct shash_alg *crypto_shash_alg(struct crypto_shash *tfm) |
749 | { |
750 | return __crypto_shash_alg(crypto_shash_tfm(tfm)->__crt_alg); |
751 | } |
752 | |
753 | /** |
754 | * crypto_shash_digestsize() - obtain message digest size |
755 | * @tfm: cipher handle |
756 | * |
757 | * The size for the message digest created by the message digest cipher |
758 | * referenced with the cipher handle is returned. |
759 | * |
760 | * Return: digest size of cipher |
761 | */ |
762 | static inline unsigned int crypto_shash_digestsize(struct crypto_shash *tfm) |
763 | { |
764 | return crypto_shash_alg(tfm)->digestsize; |
765 | } |
766 | |
767 | static inline unsigned int crypto_shash_statesize(struct crypto_shash *tfm) |
768 | { |
769 | return crypto_shash_alg(tfm)->statesize; |
770 | } |
771 | |
772 | static inline u32 crypto_shash_get_flags(struct crypto_shash *tfm) |
773 | { |
774 | return crypto_tfm_get_flags(crypto_shash_tfm(tfm)); |
775 | } |
776 | |
777 | static inline void crypto_shash_set_flags(struct crypto_shash *tfm, u32 flags) |
778 | { |
779 | crypto_tfm_set_flags(crypto_shash_tfm(tfm), flags); |
780 | } |
781 | |
782 | static inline void crypto_shash_clear_flags(struct crypto_shash *tfm, u32 flags) |
783 | { |
784 | crypto_tfm_clear_flags(crypto_shash_tfm(tfm), flags); |
785 | } |
786 | |
787 | /** |
788 | * crypto_shash_descsize() - obtain the operational state size |
789 | * @tfm: cipher handle |
790 | * |
791 | * The size of the operational state the cipher needs during operation is |
792 | * returned for the hash referenced with the cipher handle. This size is |
793 | * required to calculate the memory requirements to allow the caller allocating |
794 | * sufficient memory for operational state. |
795 | * |
796 | * The operational state is defined with struct shash_desc where the size of |
797 | * that data structure is to be calculated as |
798 | * sizeof(struct shash_desc) + crypto_shash_descsize(alg) |
799 | * |
800 | * Return: size of the operational state |
801 | */ |
802 | static inline unsigned int crypto_shash_descsize(struct crypto_shash *tfm) |
803 | { |
804 | return tfm->descsize; |
805 | } |
806 | |
807 | static inline void *shash_desc_ctx(struct shash_desc *desc) |
808 | { |
809 | return desc->__ctx; |
810 | } |
811 | |
812 | /** |
813 | * crypto_shash_setkey() - set key for message digest |
814 | * @tfm: cipher handle |
815 | * @key: buffer holding the key |
816 | * @keylen: length of the key in bytes |
817 | * |
818 | * The caller provided key is set for the keyed message digest cipher. The |
819 | * cipher handle must point to a keyed message digest cipher in order for this |
820 | * function to succeed. |
821 | * |
822 | * Return: 0 if the setting of the key was successful; < 0 if an error occurred |
823 | */ |
824 | int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, |
825 | unsigned int keylen); |
826 | |
827 | /** |
828 | * crypto_shash_digest() - calculate message digest for buffer |
829 | * @desc: see crypto_shash_final() |
830 | * @data: see crypto_shash_update() |
831 | * @len: see crypto_shash_update() |
832 | * @out: see crypto_shash_final() |
833 | * |
834 | * This function is a "short-hand" for the function calls of crypto_shash_init, |
835 | * crypto_shash_update and crypto_shash_final. The parameters have the same |
836 | * meaning as discussed for those separate three functions. |
837 | * |
838 | * Return: 0 if the message digest creation was successful; < 0 if an error |
839 | * occurred |
840 | */ |
841 | int crypto_shash_digest(struct shash_desc *desc, const u8 *data, |
842 | unsigned int len, u8 *out); |
843 | |
844 | /** |
845 | * crypto_shash_export() - extract operational state for message digest |
846 | * @desc: reference to the operational state handle whose state is exported |
847 | * @out: output buffer of sufficient size that can hold the hash state |
848 | * |
849 | * This function exports the hash state of the operational state handle into the |
850 | * caller-allocated output buffer out which must have sufficient size (e.g. by |
851 | * calling crypto_shash_descsize). |
852 | * |
853 | * Return: 0 if the export creation was successful; < 0 if an error occurred |
854 | */ |
855 | static inline int crypto_shash_export(struct shash_desc *desc, void *out) |
856 | { |
857 | return crypto_shash_alg(desc->tfm)->export(desc, out); |
858 | } |
859 | |
860 | /** |
861 | * crypto_shash_import() - import operational state |
862 | * @desc: reference to the operational state handle the state imported into |
863 | * @in: buffer holding the state |
864 | * |
865 | * This function imports the hash state into the operational state handle from |
866 | * the input buffer. That buffer should have been generated with the |
867 | * crypto_ahash_export function. |
868 | * |
869 | * Return: 0 if the import was successful; < 0 if an error occurred |
870 | */ |
871 | static inline int crypto_shash_import(struct shash_desc *desc, const void *in) |
872 | { |
873 | struct crypto_shash *tfm = desc->tfm; |
874 | |
875 | if (crypto_shash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) |
876 | return -ENOKEY; |
877 | |
878 | return crypto_shash_alg(tfm)->import(desc, in); |
879 | } |
880 | |
881 | /** |
882 | * crypto_shash_init() - (re)initialize message digest |
883 | * @desc: operational state handle that is already filled |
884 | * |
885 | * The call (re-)initializes the message digest referenced by the |
886 | * operational state handle. Any potentially existing state created by |
887 | * previous operations is discarded. |
888 | * |
889 | * Return: 0 if the message digest initialization was successful; < 0 if an |
890 | * error occurred |
891 | */ |
892 | static inline int crypto_shash_init(struct shash_desc *desc) |
893 | { |
894 | struct crypto_shash *tfm = desc->tfm; |
895 | |
896 | if (crypto_shash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) |
897 | return -ENOKEY; |
898 | |
899 | return crypto_shash_alg(tfm)->init(desc); |
900 | } |
901 | |
902 | /** |
903 | * crypto_shash_update() - add data to message digest for processing |
904 | * @desc: operational state handle that is already initialized |
905 | * @data: input data to be added to the message digest |
906 | * @len: length of the input data |
907 | * |
908 | * Updates the message digest state of the operational state handle. |
909 | * |
910 | * Return: 0 if the message digest update was successful; < 0 if an error |
911 | * occurred |
912 | */ |
913 | int crypto_shash_update(struct shash_desc *desc, const u8 *data, |
914 | unsigned int len); |
915 | |
916 | /** |
917 | * crypto_shash_final() - calculate message digest |
918 | * @desc: operational state handle that is already filled with data |
919 | * @out: output buffer filled with the message digest |
920 | * |
921 | * Finalize the message digest operation and create the message digest |
922 | * based on all data added to the cipher handle. The message digest is placed |
923 | * into the output buffer. The caller must ensure that the output buffer is |
924 | * large enough by using crypto_shash_digestsize. |
925 | * |
926 | * Return: 0 if the message digest creation was successful; < 0 if an error |
927 | * occurred |
928 | */ |
929 | int crypto_shash_final(struct shash_desc *desc, u8 *out); |
930 | |
931 | /** |
932 | * crypto_shash_finup() - calculate message digest of buffer |
933 | * @desc: see crypto_shash_final() |
934 | * @data: see crypto_shash_update() |
935 | * @len: see crypto_shash_update() |
936 | * @out: see crypto_shash_final() |
937 | * |
938 | * This function is a "short-hand" for the function calls of |
939 | * crypto_shash_update and crypto_shash_final. The parameters have the same |
940 | * meaning as discussed for those separate functions. |
941 | * |
942 | * Return: 0 if the message digest creation was successful; < 0 if an error |
943 | * occurred |
944 | */ |
945 | int crypto_shash_finup(struct shash_desc *desc, const u8 *data, |
946 | unsigned int len, u8 *out); |
947 | |
948 | static inline void shash_desc_zero(struct shash_desc *desc) |
949 | { |
950 | memzero_explicit(desc, |
951 | sizeof(*desc) + crypto_shash_descsize(desc->tfm)); |
952 | } |
953 | |
954 | #endif /* _CRYPTO_HASH_H */ |
955 | |