hash.h source code [linux/include/crypto/hash.h]

1	/ SPDX-License-Identifier: GPL-2.0-or-later /
2	/*
3	* Hash: Hash algorithms under the crypto API
4	*
5	* Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au>
6	*/
7
8	#ifndef _CRYPTO_HASH_H
9	#define _CRYPTO_HASH_H
10
11	#include <linux/atomic.h>
12	#include <linux/crypto.h>
13	#include <linux/string.h>
14
15	struct crypto_ahash;
16
17	/**
18	* DOC: Message Digest Algorithm Definitions
19	*
20	* These data structures define modular message digest algorithm
21	* implementations, managed via crypto_register_ahash(),
22	* crypto_register_shash(), crypto_unregister_ahash() and
23	* crypto_unregister_shash().
24	*/
25
26	/*
27	* struct crypto_istat_hash - statistics for has algorithm
28	* @hash_cnt: number of hash requests
29	* @hash_tlen: total data size hashed
30	* @err_cnt: number of error for hash requests
31	*/
32	struct crypto_istat_hash {
33	atomic64_t hash_cnt;
34	atomic64_t hash_tlen;
35	atomic64_t err_cnt;
36	};
37
38	#ifdef CONFIG_CRYPTO_STATS
39	#define HASH_ALG_COMMON_STAT struct crypto_istat_hash stat;
40	#else
41	#define HASH_ALG_COMMON_STAT
42	#endif
43
44	/*
45	* struct hash_alg_common - define properties of message digest
46	* @stat: Statistics for hash algorithm.
47	* @digestsize: Size of the result of the transformation. A buffer of this size
48	* must be available to the @final and @finup calls, so they can
49	* store the resulting hash into it. For various predefined sizes,
50	* search include/crypto/ using
51	* git grep _DIGEST_SIZE include/crypto.
52	* @statesize: Size of the block for partial state of the transformation. A
53	* buffer of this size must be passed to the @export function as it
54	* will save the partial state of the transformation into it. On the
55	* other side, the @import function will load the state from a
56	* buffer of this size as well.
57	* @base: Start of data structure of cipher algorithm. The common data
58	* structure of crypto_alg contains information common to all ciphers.
59	* The hash_alg_common data structure now adds the hash-specific
60	* information.
61	*/
62	#define HASH_ALG_COMMON { \
63	HASH_ALG_COMMON_STAT \
64	\
65	unsigned int digestsize; \
66	unsigned int statesize; \
67	\
68	struct crypto_alg base; \
69	}
70	struct hash_alg_common HASH_ALG_COMMON;
71
72	struct ahash_request {
73	struct crypto_async_request base;
74
75	unsigned int nbytes;
76	struct scatterlist *src;
77	u8 *result;
78
79	/ This field may only be used by the ahash API code. /
80	void *priv;
81
82	void *__ctx[] CRYPTO_MINALIGN_ATTR;
83	};
84
85	/**
86	* struct ahash_alg - asynchronous message digest definition
87	* @init: [mandatory] Initialize the transformation context. Intended only to initialize the
88	* state of the HASH transformation at the beginning. This shall fill in
89	* the internal structures used during the entire duration of the whole
90	* transformation. No data processing happens at this point. Driver code
91	* implementation must not use req->result.
92	* @update: [mandatory] Push a chunk of data into the driver for transformation. This
93	* function actually pushes blocks of data from upper layers into the
94	* driver, which then passes those to the hardware as seen fit. This
95	* function must not finalize the HASH transformation by calculating the
96	* final message digest as this only adds more data into the
97	* transformation. This function shall not modify the transformation
98	* context, as this function may be called in parallel with the same
99	* transformation object. Data processing can happen synchronously
100	* [SHASH] or asynchronously [AHASH] at this point. Driver must not use
101	* req->result.
102	* @final: [mandatory] Retrieve result from the driver. This function finalizes the
103	* transformation and retrieves the resulting hash from the driver and
104	* pushes it back to upper layers. No data processing happens at this
105	* point unless hardware requires it to finish the transformation
106	* (then the data buffered by the device driver is processed).
107	* @finup: [optional] Combination of @update and @final. This function is effectively a
108	* combination of @update and @final calls issued in sequence. As some
109	* hardware cannot do @update and @final separately, this callback was
110	* added to allow such hardware to be used at least by IPsec. Data
111	* processing can happen synchronously [SHASH] or asynchronously [AHASH]
112	* at this point.
113	* @digest: Combination of @init and @update and @final. This function
114	* effectively behaves as the entire chain of operations, @init,
115	* @update and @final issued in sequence. Just like @finup, this was
116	* added for hardware which cannot do even the @finup, but can only do
117	* the whole transformation in one run. Data processing can happen
118	* synchronously [SHASH] or asynchronously [AHASH] at this point.
119	* @setkey: Set optional key used by the hashing algorithm. Intended to push
120	* optional key used by the hashing algorithm from upper layers into
121	* the driver. This function can store the key in the transformation
122	* context or can outright program it into the hardware. In the former
123	* case, one must be careful to program the key into the hardware at
124	* appropriate time and one must be careful that .setkey() can be
125	* called multiple times during the existence of the transformation
126	* object. Not all hashing algorithms do implement this function as it
127	* is only needed for keyed message digests. SHAx/MDx/CRCx do NOT
128	* implement this function. HMAC(MDx)/HMAC(SHAx)/CMAC(AES) do implement
129	* this function. This function must be called before any other of the
130	* @init, @update, @final, @finup, @digest is called. No data
131	* processing happens at this point.
132	* @export: Export partial state of the transformation. This function dumps the
133	* entire state of the ongoing transformation into a provided block of
134	* data so it can be @import 'ed back later on. This is useful in case
135	* you want to save partial result of the transformation after
136	* processing certain amount of data and reload this partial result
137	* multiple times later on for multiple re-use. No data processing
138	* happens at this point. Driver must not use req->result.
139	* @import: Import partial state of the transformation. This function loads the
140	* entire state of the ongoing transformation from a provided block of
141	* data so the transformation can continue from this point onward. No
142	* data processing happens at this point. Driver must not use
143	* req->result.
144	* @init_tfm: Initialize the cryptographic transformation object.
145	* This function is called only once at the instantiation
146	* time, right after the transformation context was
147	* allocated. In case the cryptographic hardware has
148	* some special requirements which need to be handled
149	* by software, this function shall check for the precise
150	* requirement of the transformation and put any software
151	* fallbacks in place.
152	* @exit_tfm: Deinitialize the cryptographic transformation object.
153	* This is a counterpart to @init_tfm, used to remove
154	* various changes set in @init_tfm.
155	* @clone_tfm: Copy transform into new object, may allocate memory.
156	* @halg: see struct hash_alg_common
157	*/
158	struct ahash_alg {
159	int (init)(struct* ahash_request *req);
160	int (update)(struct* ahash_request *req);
161	int (final)(struct* ahash_request *req);
162	int (finup)(struct* ahash_request *req);
163	int (digest)(struct* ahash_request *req);
164	int (export)(struct* ahash_request req, void* *out);
165	int (import)(struct* ahash_request req, const* void *in);
166	int (setkey)(struct* crypto_ahash tfm, const* u8 *key,
167	unsigned int keylen);
168	int (init_tfm)(struct* crypto_ahash *tfm);
169	void (exit_tfm)(struct* crypto_ahash *tfm);
170	int (clone_tfm)(struct* crypto_ahash dst, struct* crypto_ahash *src);
171
172	struct hash_alg_common halg;
173	};
174
175	struct shash_desc {
176	struct crypto_shash *tfm;
177	void *__ctx[] __aligned(ARCH_SLAB_MINALIGN);
178	};
179
180	#define HASH_MAX_DIGESTSIZE 64
181
182	/*
183	* Worst case is hmac(sha3-224-generic). Its context is a nested 'shash_desc'
184	* containing a 'struct sha3_state'.
185	*/
186	#define HASH_MAX_DESCSIZE (sizeof(struct shash_desc) + 360)
187
188	#define SHASH_DESC_ON_STACK(shash, ctx) \
189	char __##shash##_desc[sizeof(struct shash_desc) + HASH_MAX_DESCSIZE] \
190	__aligned(__alignof__(struct shash_desc)); \
191	struct shash_desc shash = (struct shash_desc )__##shash##_desc
192
193	/**
194	* struct shash_alg - synchronous message digest definition
195	* @init: see struct ahash_alg
196	* @update: see struct ahash_alg
197	* @final: see struct ahash_alg
198	* @finup: see struct ahash_alg
199	* @digest: see struct ahash_alg
200	* @export: see struct ahash_alg
201	* @import: see struct ahash_alg
202	* @setkey: see struct ahash_alg
203	* @init_tfm: Initialize the cryptographic transformation object.
204	* This function is called only once at the instantiation
205	* time, right after the transformation context was
206	* allocated. In case the cryptographic hardware has
207	* some special requirements which need to be handled
208	* by software, this function shall check for the precise
209	* requirement of the transformation and put any software
210	* fallbacks in place.
211	* @exit_tfm: Deinitialize the cryptographic transformation object.
212	* This is a counterpart to @init_tfm, used to remove
213	* various changes set in @init_tfm.
214	* @clone_tfm: Copy transform into new object, may allocate memory.
215	* @digestsize: see struct ahash_alg
216	* @statesize: see struct ahash_alg
217	* @descsize: Size of the operational state for the message digest. This state
218	* size is the memory size that needs to be allocated for
219	* shash_desc.__ctx
220	* @stat: Statistics for hash algorithm.
221	* @base: internally used
222	* @halg: see struct hash_alg_common
223	* @HASH_ALG_COMMON: see struct hash_alg_common
224	*/
225	struct shash_alg {
226	int (init)(struct* shash_desc *desc);
227	int (update)(struct* shash_desc desc, const* u8 *data,
228	unsigned int len);
229	int (final)(struct* shash_desc desc, u8 out);
230	int (finup)(struct* shash_desc desc, const* u8 *data,
231	unsigned int len, u8 *out);
232	int (digest)(struct* shash_desc desc, const* u8 *data,
233	unsigned int len, u8 *out);
234	int (export)(struct* shash_desc desc, void* *out);
235	int (import)(struct* shash_desc desc, const* void *in);
236	int (setkey)(struct* crypto_shash tfm, const* u8 *key,
237	unsigned int keylen);
238	int (init_tfm)(struct* crypto_shash *tfm);
239	void (exit_tfm)(struct* crypto_shash *tfm);
240	int (clone_tfm)(struct* crypto_shash dst, struct* crypto_shash *src);
241
242	unsigned int descsize;
243
244	union {
245	struct HASH_ALG_COMMON;
246	struct hash_alg_common halg;
247	};
248	};
249	#undef HASH_ALG_COMMON
250	#undef HASH_ALG_COMMON_STAT
251
252	struct crypto_ahash {
253	bool using_shash; / Underlying algorithm is shash, not ahash /
254	unsigned int statesize;
255	unsigned int reqsize;
256	struct crypto_tfm base;
257	};
258
259	struct crypto_shash {
260	unsigned int descsize;
261	struct crypto_tfm base;
262	};
263
264	/**
265	* DOC: Asynchronous Message Digest API
266	*
267	* The asynchronous message digest API is used with the ciphers of type
268	* CRYPTO_ALG_TYPE_AHASH (listed as type "ahash" in /proc/crypto)
269	*
270	* The asynchronous cipher operation discussion provided for the
271	* CRYPTO_ALG_TYPE_SKCIPHER API applies here as well.
272	*/
273
274	static inline struct crypto_ahash __crypto_ahash_cast(struct* crypto_tfm *tfm)
275	{
276	return container_of(tfm, struct crypto_ahash, base);
277	}
278
279	/**
280	* crypto_alloc_ahash() - allocate ahash cipher handle
281	* @alg_name: is the cra_name / name or cra_driver_name / driver name of the
282	* ahash cipher
283	* @type: specifies the type of the cipher
284	* @mask: specifies the mask for the cipher
285	*
286	* Allocate a cipher handle for an ahash. The returned struct
287	* crypto_ahash is the cipher handle that is required for any subsequent
288	* API invocation for that ahash.
289	*
290	* Return: allocated cipher handle in case of success; IS_ERR() is true in case
291	* of an error, PTR_ERR() returns the error code.
292	*/
293	struct crypto_ahash crypto_alloc_ahash(const* char *alg_name, u32 type,
294	u32 mask);
295
296	struct crypto_ahash crypto_clone_ahash(struct* crypto_ahash *tfm);
297
298	static inline struct crypto_tfm crypto_ahash_tfm(struct* crypto_ahash *tfm)
299	{
300	return &tfm->base;
301	}
302
303	/**
304	* crypto_free_ahash() - zeroize and free the ahash handle
305	* @tfm: cipher handle to be freed
306	*
307	* If @tfm is a NULL or error pointer, this function does nothing.
308	*/
309	static inline void crypto_free_ahash(struct crypto_ahash *tfm)
310	{
311	crypto_destroy_tfm(mem: tfm, tfm: crypto_ahash_tfm(tfm));
312	}
313
314	/**
315	* crypto_has_ahash() - Search for the availability of an ahash.
316	* @alg_name: is the cra_name / name or cra_driver_name / driver name of the
317	* ahash
318	* @type: specifies the type of the ahash
319	* @mask: specifies the mask for the ahash
320	*
321	* Return: true when the ahash is known to the kernel crypto API; false
322	* otherwise
323	*/
324	int crypto_has_ahash(const char *alg_name, u32 type, u32 mask);
325
326	static inline const char crypto_ahash_alg_name(struct* crypto_ahash *tfm)
327	{
328	return crypto_tfm_alg_name(tfm: crypto_ahash_tfm(tfm));
329	}
330
331	static inline const char crypto_ahash_driver_name(struct* crypto_ahash *tfm)
332	{
333	return crypto_tfm_alg_driver_name(tfm: crypto_ahash_tfm(tfm));
334	}
335
336	/**
337	* crypto_ahash_blocksize() - obtain block size for cipher
338	* @tfm: cipher handle
339	*
340	* The block size for the message digest cipher referenced with the cipher
341	* handle is returned.
342	*
343	* Return: block size of cipher
344	*/
345	static inline unsigned int crypto_ahash_blocksize(struct crypto_ahash *tfm)
346	{
347	return crypto_tfm_alg_blocksize(tfm: crypto_ahash_tfm(tfm));
348	}
349
350	static inline struct hash_alg_common *__crypto_hash_alg_common(
351	struct crypto_alg *alg)
352	{
353	return container_of(alg, struct hash_alg_common, base);
354	}
355
356	static inline struct hash_alg_common *crypto_hash_alg_common(
357	struct crypto_ahash *tfm)
358	{
359	return __crypto_hash_alg_common(alg: crypto_ahash_tfm(tfm)->__crt_alg);
360	}
361
362	/**
363	* crypto_ahash_digestsize() - obtain message digest size
364	* @tfm: cipher handle
365	*
366	* The size for the message digest created by the message digest cipher
367	* referenced with the cipher handle is returned.
368	*
369	*
370	* Return: message digest size of cipher
371	*/
372	static inline unsigned int crypto_ahash_digestsize(struct crypto_ahash *tfm)
373	{
374	return crypto_hash_alg_common(tfm)->digestsize;
375	}
376
377	/**
378	* crypto_ahash_statesize() - obtain size of the ahash state
379	* @tfm: cipher handle
380	*
381	* Return the size of the ahash state. With the crypto_ahash_export()
382	* function, the caller can export the state into a buffer whose size is
383	* defined with this function.
384	*
385	* Return: size of the ahash state
386	*/
387	static inline unsigned int crypto_ahash_statesize(struct crypto_ahash *tfm)
388	{
389	return tfm->statesize;
390	}
391
392	static inline u32 crypto_ahash_get_flags(struct crypto_ahash *tfm)
393	{
394	return crypto_tfm_get_flags(tfm: crypto_ahash_tfm(tfm));
395	}
396
397	static inline void crypto_ahash_set_flags(struct crypto_ahash *tfm, u32 flags)
398	{
399	crypto_tfm_set_flags(tfm: crypto_ahash_tfm(tfm), flags);
400	}
401
402	static inline void crypto_ahash_clear_flags(struct crypto_ahash *tfm, u32 flags)
403	{
404	crypto_tfm_clear_flags(tfm: crypto_ahash_tfm(tfm), flags);
405	}
406
407	/**
408	* crypto_ahash_reqtfm() - obtain cipher handle from request
409	* @req: asynchronous request handle that contains the reference to the ahash
410	* cipher handle
411	*
412	* Return the ahash cipher handle that is registered with the asynchronous
413	* request handle ahash_request.
414	*
415	* Return: ahash cipher handle
416	*/
417	static inline struct crypto_ahash *crypto_ahash_reqtfm(
418	struct ahash_request *req)
419	{
420	return __crypto_ahash_cast(tfm: req->base.tfm);
421	}
422
423	/**
424	* crypto_ahash_reqsize() - obtain size of the request data structure
425	* @tfm: cipher handle
426	*
427	* Return: size of the request data
428	*/
429	static inline unsigned int crypto_ahash_reqsize(struct crypto_ahash *tfm)
430	{
431	return tfm->reqsize;
432	}
433
434	static inline void ahash_request_ctx(struct* ahash_request *req)
435	{
436	return req->__ctx;
437	}
438
439	/**
440	* crypto_ahash_setkey - set key for cipher handle
441	* @tfm: cipher handle
442	* @key: buffer holding the key
443	* @keylen: length of the key in bytes
444	*
445	* The caller provided key is set for the ahash cipher. The cipher
446	* handle must point to a keyed hash in order for this function to succeed.
447	*
448	* Return: 0 if the setting of the key was successful; < 0 if an error occurred
449	*/
450	int crypto_ahash_setkey(struct crypto_ahash tfm, const* u8 *key,
451	unsigned int keylen);
452
453	/**
454	* crypto_ahash_finup() - update and finalize message digest
455	* @req: reference to the ahash_request handle that holds all information
456	* needed to perform the cipher operation
457	*
458	* This function is a "short-hand" for the function calls of
459	* crypto_ahash_update and crypto_ahash_final. The parameters have the same
460	* meaning as discussed for those separate functions.
461	*
462	* Return: see crypto_ahash_final()
463	*/
464	int crypto_ahash_finup(struct ahash_request *req);
465
466	/**
467	* crypto_ahash_final() - calculate message digest
468	* @req: reference to the ahash_request handle that holds all information
469	* needed to perform the cipher operation
470	*
471	* Finalize the message digest operation and create the message digest
472	* based on all data added to the cipher handle. The message digest is placed
473	* into the output buffer registered with the ahash_request handle.
474	*
475	* Return:
476	* 0 if the message digest was successfully calculated;
477	* -EINPROGRESS if data is fed into hardware (DMA) or queued for later;
478	* -EBUSY if queue is full and request should be resubmitted later;
479	* other < 0 if an error occurred
480	*/
481	int crypto_ahash_final(struct ahash_request *req);
482
483	/**
484	* crypto_ahash_digest() - calculate message digest for a buffer
485	* @req: reference to the ahash_request handle that holds all information
486	* needed to perform the cipher operation
487	*
488	* This function is a "short-hand" for the function calls of crypto_ahash_init,
489	* crypto_ahash_update and crypto_ahash_final. The parameters have the same
490	* meaning as discussed for those separate three functions.
491	*
492	* Return: see crypto_ahash_final()
493	*/
494	int crypto_ahash_digest(struct ahash_request *req);
495
496	/**
497	* crypto_ahash_export() - extract current message digest state
498	* @req: reference to the ahash_request handle whose state is exported
499	* @out: output buffer of sufficient size that can hold the hash state
500	*
501	* This function exports the hash state of the ahash_request handle into the
502	* caller-allocated output buffer out which must have sufficient size (e.g. by
503	* calling crypto_ahash_statesize()).
504	*
505	* Return: 0 if the export was successful; < 0 if an error occurred
506	*/
507	int crypto_ahash_export(struct ahash_request req, void* *out);
508
509	/**
510	* crypto_ahash_import() - import message digest state
511	* @req: reference to ahash_request handle the state is imported into
512	* @in: buffer holding the state
513	*
514	* This function imports the hash state into the ahash_request handle from the
515	* input buffer. That buffer should have been generated with the
516	* crypto_ahash_export function.
517	*
518	* Return: 0 if the import was successful; < 0 if an error occurred
519	*/
520	int crypto_ahash_import(struct ahash_request req, const* void *in);
521
522	/**
523	* crypto_ahash_init() - (re)initialize message digest handle
524	* @req: ahash_request handle that already is initialized with all necessary
525	* data using the ahash_request_* API functions
526	*
527	* The call (re-)initializes the message digest referenced by the ahash_request
528	* handle. Any potentially existing state created by previous operations is
529	* discarded.
530	*
531	* Return: see crypto_ahash_final()
532	*/
533	int crypto_ahash_init(struct ahash_request *req);
534
535	/**
536	* crypto_ahash_update() - add data to message digest for processing
537	* @req: ahash_request handle that was previously initialized with the
538	* crypto_ahash_init call.
539	*
540	* Updates the message digest state of the &ahash_request handle. The input data
541	* is pointed to by the scatter/gather list registered in the &ahash_request
542	* handle
543	*
544	* Return: see crypto_ahash_final()
545	*/
546	int crypto_ahash_update(struct ahash_request *req);
547
548	/**
549	* DOC: Asynchronous Hash Request Handle
550	*
551	* The &ahash_request data structure contains all pointers to data
552	* required for the asynchronous cipher operation. This includes the cipher
553	* handle (which can be used by multiple &ahash_request instances), pointer
554	* to plaintext and the message digest output buffer, asynchronous callback
555	* function, etc. It acts as a handle to the ahash_request_* API calls in a
556	* similar way as ahash handle to the crypto_ahash_* API calls.
557	*/
558
559	/**
560	* ahash_request_set_tfm() - update cipher handle reference in request
561	* @req: request handle to be modified
562	* @tfm: cipher handle that shall be added to the request handle
563	*
564	* Allow the caller to replace the existing ahash handle in the request
565	* data structure with a different one.
566	*/
567	static inline void ahash_request_set_tfm(struct ahash_request *req,
568	struct crypto_ahash *tfm)
569	{
570	req->base.tfm = crypto_ahash_tfm(tfm);
571	}
572
573	/**
574	* ahash_request_alloc() - allocate request data structure
575	* @tfm: cipher handle to be registered with the request
576	* @gfp: memory allocation flag that is handed to kmalloc by the API call.
577	*
578	* Allocate the request data structure that must be used with the ahash
579	* message digest API calls. During
580	* the allocation, the provided ahash handle
581	* is registered in the request data structure.
582	*
583	* Return: allocated request handle in case of success, or NULL if out of memory
584	*/
585	static inline struct ahash_request *ahash_request_alloc(
586	struct crypto_ahash *tfm, gfp_t gfp)
587	{
588	struct ahash_request *req;
589
590	req = kmalloc(size: sizeof(struct ahash_request) +
591	crypto_ahash_reqsize(tfm), flags: gfp);
592
593	if (likely(req))
594	ahash_request_set_tfm(req, tfm);
595
596	return req;
597	}
598
599	/**
600	* ahash_request_free() - zeroize and free the request data structure
601	* @req: request data structure cipher handle to be freed
602	*/
603	static inline void ahash_request_free(struct ahash_request *req)
604	{
605	kfree_sensitive(objp: req);
606	}
607
608	static inline void ahash_request_zero(struct ahash_request *req)
609	{
610	memzero_explicit(s: req, count: sizeof(*req) +
611	crypto_ahash_reqsize(tfm: crypto_ahash_reqtfm(req)));
612	}
613
614	static inline struct ahash_request *ahash_request_cast(
615	struct crypto_async_request *req)
616	{
617	return container_of(req, struct ahash_request, base);
618	}
619
620	/**
621	* ahash_request_set_callback() - set asynchronous callback function
622	* @req: request handle
623	* @flags: specify zero or an ORing of the flags
624	* CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and
625	* increase the wait queue beyond the initial maximum size;
626	* CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep
627	* @compl: callback function pointer to be registered with the request handle
628	* @data: The data pointer refers to memory that is not used by the kernel
629	* crypto API, but provided to the callback function for it to use. Here,
630	* the caller can provide a reference to memory the callback function can
631	* operate on. As the callback function is invoked asynchronously to the
632	* related functionality, it may need to access data structures of the
633	* related functionality which can be referenced using this pointer. The
634	* callback function can access the memory via the "data" field in the
635	* &crypto_async_request data structure provided to the callback function.
636	*
637	* This function allows setting the callback function that is triggered once
638	* the cipher operation completes.
639	*
640	* The callback function is registered with the &ahash_request handle and
641	* must comply with the following template::
642	*
643	* void callback_function(struct crypto_async_request *req, int error)
644	*/
645	static inline void ahash_request_set_callback(struct ahash_request *req,
646	u32 flags,
647	crypto_completion_t compl,
648	void *data)
649	{
650	req->base.complete = compl;
651	req->base.data = data;
652	req->base.flags = flags;
653	}
654
655	/**
656	* ahash_request_set_crypt() - set data buffers
657	* @req: ahash_request handle to be updated
658	* @src: source scatter/gather list
659	* @result: buffer that is filled with the message digest -- the caller must
660	* ensure that the buffer has sufficient space by, for example, calling
661	* crypto_ahash_digestsize()
662	* @nbytes: number of bytes to process from the source scatter/gather list
663	*
664	* By using this call, the caller references the source scatter/gather list.
665	* The source scatter/gather list points to the data the message digest is to
666	* be calculated for.
667	*/
668	static inline void ahash_request_set_crypt(struct ahash_request *req,
669	struct scatterlist src, u8 result,
670	unsigned int nbytes)
671	{
672	req->src = src;
673	req->nbytes = nbytes;
674	req->result = result;
675	}
676
677	/**
678	* DOC: Synchronous Message Digest API
679	*
680	* The synchronous message digest API is used with the ciphers of type
681	* CRYPTO_ALG_TYPE_SHASH (listed as type "shash" in /proc/crypto)
682	*
683	* The message digest API is able to maintain state information for the
684	* caller.
685	*
686	* The synchronous message digest API can store user-related context in its
687	* shash_desc request data structure.
688	*/
689
690	/**
691	* crypto_alloc_shash() - allocate message digest handle
692	* @alg_name: is the cra_name / name or cra_driver_name / driver name of the
693	* message digest cipher
694	* @type: specifies the type of the cipher
695	* @mask: specifies the mask for the cipher
696	*
697	* Allocate a cipher handle for a message digest. The returned &struct
698	* crypto_shash is the cipher handle that is required for any subsequent
699	* API invocation for that message digest.
700	*
701	* Return: allocated cipher handle in case of success; IS_ERR() is true in case
702	* of an error, PTR_ERR() returns the error code.
703	*/
704	struct crypto_shash crypto_alloc_shash(const* char *alg_name, u32 type,
705	u32 mask);
706
707	struct crypto_shash crypto_clone_shash(struct* crypto_shash *tfm);
708
709	int crypto_has_shash(const char *alg_name, u32 type, u32 mask);
710
711	static inline struct crypto_tfm crypto_shash_tfm(struct* crypto_shash *tfm)
712	{
713	return &tfm->base;
714	}
715
716	/**
717	* crypto_free_shash() - zeroize and free the message digest handle
718	* @tfm: cipher handle to be freed
719	*
720	* If @tfm is a NULL or error pointer, this function does nothing.
721	*/
722	static inline void crypto_free_shash(struct crypto_shash *tfm)
723	{
724	crypto_destroy_tfm(mem: tfm, tfm: crypto_shash_tfm(tfm));
725	}
726
727	static inline const char crypto_shash_alg_name(struct* crypto_shash *tfm)
728	{
729	return crypto_tfm_alg_name(tfm: crypto_shash_tfm(tfm));
730	}
731
732	static inline const char crypto_shash_driver_name(struct* crypto_shash *tfm)
733	{
734	return crypto_tfm_alg_driver_name(tfm: crypto_shash_tfm(tfm));
735	}
736
737	/**
738	* crypto_shash_blocksize() - obtain block size for cipher
739	* @tfm: cipher handle
740	*
741	* The block size for the message digest cipher referenced with the cipher
742	* handle is returned.
743	*
744	* Return: block size of cipher
745	*/
746	static inline unsigned int crypto_shash_blocksize(struct crypto_shash *tfm)
747	{
748	return crypto_tfm_alg_blocksize(tfm: crypto_shash_tfm(tfm));
749	}
750
751	static inline struct shash_alg __crypto_shash_alg(struct* crypto_alg *alg)
752	{
753	return container_of(alg, struct shash_alg, base);
754	}
755
756	static inline struct shash_alg crypto_shash_alg(struct* crypto_shash *tfm)
757	{
758	return __crypto_shash_alg(alg: crypto_shash_tfm(tfm)->__crt_alg);
759	}
760
761	/**
762	* crypto_shash_digestsize() - obtain message digest size
763	* @tfm: cipher handle
764	*
765	* The size for the message digest created by the message digest cipher
766	* referenced with the cipher handle is returned.
767	*
768	* Return: digest size of cipher
769	*/
770	static inline unsigned int crypto_shash_digestsize(struct crypto_shash *tfm)
771	{
772	return crypto_shash_alg(tfm)->digestsize;
773	}
774
775	static inline unsigned int crypto_shash_statesize(struct crypto_shash *tfm)
776	{
777	return crypto_shash_alg(tfm)->statesize;
778	}
779
780	static inline u32 crypto_shash_get_flags(struct crypto_shash *tfm)
781	{
782	return crypto_tfm_get_flags(tfm: crypto_shash_tfm(tfm));
783	}
784
785	static inline void crypto_shash_set_flags(struct crypto_shash *tfm, u32 flags)
786	{
787	crypto_tfm_set_flags(tfm: crypto_shash_tfm(tfm), flags);
788	}
789
790	static inline void crypto_shash_clear_flags(struct crypto_shash *tfm, u32 flags)
791	{
792	crypto_tfm_clear_flags(tfm: crypto_shash_tfm(tfm), flags);
793	}
794
795	/**
796	* crypto_shash_descsize() - obtain the operational state size
797	* @tfm: cipher handle
798	*
799	* The size of the operational state the cipher needs during operation is
800	* returned for the hash referenced with the cipher handle. This size is
801	* required to calculate the memory requirements to allow the caller allocating
802	* sufficient memory for operational state.
803	*
804	* The operational state is defined with struct shash_desc where the size of
805	* that data structure is to be calculated as
806	* sizeof(struct shash_desc) + crypto_shash_descsize(alg)
807	*
808	* Return: size of the operational state
809	*/
810	static inline unsigned int crypto_shash_descsize(struct crypto_shash *tfm)
811	{
812	return tfm->descsize;
813	}
814
815	static inline void shash_desc_ctx(struct* shash_desc *desc)
816	{
817	return desc->__ctx;
818	}
819
820	/**
821	* crypto_shash_setkey() - set key for message digest
822	* @tfm: cipher handle
823	* @key: buffer holding the key
824	* @keylen: length of the key in bytes
825	*
826	* The caller provided key is set for the keyed message digest cipher. The
827	* cipher handle must point to a keyed message digest cipher in order for this
828	* function to succeed.
829	*
830	* Context: Any context.
831	* Return: 0 if the setting of the key was successful; < 0 if an error occurred
832	*/
833	int crypto_shash_setkey(struct crypto_shash tfm, const* u8 *key,
834	unsigned int keylen);
835
836	/**
837	* crypto_shash_digest() - calculate message digest for buffer
838	* @desc: see crypto_shash_final()
839	* @data: see crypto_shash_update()
840	* @len: see crypto_shash_update()
841	* @out: see crypto_shash_final()
842	*
843	* This function is a "short-hand" for the function calls of crypto_shash_init,
844	* crypto_shash_update and crypto_shash_final. The parameters have the same
845	* meaning as discussed for those separate three functions.
846	*
847	* Context: Any context.
848	* Return: 0 if the message digest creation was successful; < 0 if an error
849	* occurred
850	*/
851	int crypto_shash_digest(struct shash_desc desc, const* u8 *data,
852	unsigned int len, u8 *out);
853
854	/**
855	* crypto_shash_tfm_digest() - calculate message digest for buffer
856	* @tfm: hash transformation object
857	* @data: see crypto_shash_update()
858	* @len: see crypto_shash_update()
859	* @out: see crypto_shash_final()
860	*
861	* This is a simplified version of crypto_shash_digest() for users who don't
862	* want to allocate their own hash descriptor (shash_desc). Instead,
863	* crypto_shash_tfm_digest() takes a hash transformation object (crypto_shash)
864	* directly, and it allocates a hash descriptor on the stack internally.
865	* Note that this stack allocation may be fairly large.
866	*
867	* Context: Any context.
868	* Return: 0 on success; < 0 if an error occurred.
869	*/
870	int crypto_shash_tfm_digest(struct crypto_shash tfm, const* u8 *data,
871	unsigned int len, u8 *out);
872
873	/**
874	* crypto_shash_export() - extract operational state for message digest
875	* @desc: reference to the operational state handle whose state is exported
876	* @out: output buffer of sufficient size that can hold the hash state
877	*
878	* This function exports the hash state of the operational state handle into the
879	* caller-allocated output buffer out which must have sufficient size (e.g. by
880	* calling crypto_shash_descsize).
881	*
882	* Context: Any context.
883	* Return: 0 if the export creation was successful; < 0 if an error occurred
884	*/
885	int crypto_shash_export(struct shash_desc desc, void* *out);
886
887	/**
888	* crypto_shash_import() - import operational state
889	* @desc: reference to the operational state handle the state imported into
890	* @in: buffer holding the state
891	*
892	* This function imports the hash state into the operational state handle from
893	* the input buffer. That buffer should have been generated with the
894	* crypto_ahash_export function.
895	*
896	* Context: Any context.
897	* Return: 0 if the import was successful; < 0 if an error occurred
898	*/
899	int crypto_shash_import(struct shash_desc desc, const* void *in);
900
901	/**
902	* crypto_shash_init() - (re)initialize message digest
903	* @desc: operational state handle that is already filled
904	*
905	* The call (re-)initializes the message digest referenced by the
906	* operational state handle. Any potentially existing state created by
907	* previous operations is discarded.
908	*
909	* Context: Any context.
910	* Return: 0 if the message digest initialization was successful; < 0 if an
911	* error occurred
912	*/
913	static inline int crypto_shash_init(struct shash_desc *desc)
914	{
915	struct crypto_shash *tfm = desc->tfm;
916
917	if (crypto_shash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY)
918	return -ENOKEY;
919
920	return crypto_shash_alg(tfm)->init(desc);
921	}
922
923	/**
924	* crypto_shash_update() - add data to message digest for processing
925	* @desc: operational state handle that is already initialized
926	* @data: input data to be added to the message digest
927	* @len: length of the input data
928	*
929	* Updates the message digest state of the operational state handle.
930	*
931	* Context: Any context.
932	* Return: 0 if the message digest update was successful; < 0 if an error
933	* occurred
934	*/
935	int crypto_shash_update(struct shash_desc desc, const* u8 *data,
936	unsigned int len);
937
938	/**
939	* crypto_shash_final() - calculate message digest
940	* @desc: operational state handle that is already filled with data
941	* @out: output buffer filled with the message digest
942	*
943	* Finalize the message digest operation and create the message digest
944	* based on all data added to the cipher handle. The message digest is placed
945	* into the output buffer. The caller must ensure that the output buffer is
946	* large enough by using crypto_shash_digestsize.
947	*
948	* Context: Any context.
949	* Return: 0 if the message digest creation was successful; < 0 if an error
950	* occurred
951	*/
952	int crypto_shash_final(struct shash_desc desc, u8 out);
953
954	/**
955	* crypto_shash_finup() - calculate message digest of buffer
956	* @desc: see crypto_shash_final()
957	* @data: see crypto_shash_update()
958	* @len: see crypto_shash_update()
959	* @out: see crypto_shash_final()
960	*
961	* This function is a "short-hand" for the function calls of
962	* crypto_shash_update and crypto_shash_final. The parameters have the same
963	* meaning as discussed for those separate functions.
964	*
965	* Context: Any context.
966	* Return: 0 if the message digest creation was successful; < 0 if an error
967	* occurred
968	*/
969	int crypto_shash_finup(struct shash_desc desc, const* u8 *data,
970	unsigned int len, u8 *out);
971
972	static inline void shash_desc_zero(struct shash_desc *desc)
973	{
974	memzero_explicit(s: desc,
975	count: sizeof(*desc) + crypto_shash_descsize(tfm: desc->tfm));
976	}
977
978	#endif /* _CRYPTO_HASH_H */
979

source code of linux/include/crypto/hash.h