1 | /* SPDX-License-Identifier: GPL-2.0-or-later */ |
---|---|
2 | /* |
3 | * Hash: Hash algorithms under the crypto API |
4 | * |
5 | * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au> |
6 | */ |
7 | |
8 | #ifndef _CRYPTO_HASH_H |
9 | #define _CRYPTO_HASH_H |
10 | |
11 | #include <linux/crypto.h> |
12 | #include <linux/scatterlist.h> |
13 | #include <linux/slab.h> |
14 | #include <linux/string.h> |
15 | |
16 | /* Set this bit for virtual address instead of SG list. */ |
17 | #define CRYPTO_AHASH_REQ_VIRT 0x00000001 |
18 | |
19 | #define CRYPTO_AHASH_REQ_PRIVATE \ |
20 | CRYPTO_AHASH_REQ_VIRT |
21 | |
22 | struct crypto_ahash; |
23 | |
24 | /** |
25 | * DOC: Message Digest Algorithm Definitions |
26 | * |
27 | * These data structures define modular message digest algorithm |
28 | * implementations, managed via crypto_register_ahash(), |
29 | * crypto_register_shash(), crypto_unregister_ahash() and |
30 | * crypto_unregister_shash(). |
31 | */ |
32 | |
33 | /* |
34 | * struct hash_alg_common - define properties of message digest |
35 | * @digestsize: Size of the result of the transformation. A buffer of this size |
36 | * must be available to the @final and @finup calls, so they can |
37 | * store the resulting hash into it. For various predefined sizes, |
38 | * search include/crypto/ using |
39 | * git grep _DIGEST_SIZE include/crypto. |
40 | * @statesize: Size of the block for partial state of the transformation. A |
41 | * buffer of this size must be passed to the @export function as it |
42 | * will save the partial state of the transformation into it. On the |
43 | * other side, the @import function will load the state from a |
44 | * buffer of this size as well. |
45 | * @base: Start of data structure of cipher algorithm. The common data |
46 | * structure of crypto_alg contains information common to all ciphers. |
47 | * The hash_alg_common data structure now adds the hash-specific |
48 | * information. |
49 | */ |
50 | #define HASH_ALG_COMMON { \ |
51 | unsigned int digestsize; \ |
52 | unsigned int statesize; \ |
53 | \ |
54 | struct crypto_alg base; \ |
55 | } |
56 | struct hash_alg_common HASH_ALG_COMMON; |
57 | |
58 | struct ahash_request { |
59 | struct crypto_async_request base; |
60 | |
61 | unsigned int nbytes; |
62 | union { |
63 | struct scatterlist *src; |
64 | const u8 *svirt; |
65 | }; |
66 | u8 *result; |
67 | |
68 | struct scatterlist sg_head[2]; |
69 | crypto_completion_t saved_complete; |
70 | void *saved_data; |
71 | |
72 | void *__ctx[] CRYPTO_MINALIGN_ATTR; |
73 | }; |
74 | |
75 | /** |
76 | * struct ahash_alg - asynchronous message digest definition |
77 | * @init: **[mandatory]** Initialize the transformation context. Intended only to initialize the |
78 | * state of the HASH transformation at the beginning. This shall fill in |
79 | * the internal structures used during the entire duration of the whole |
80 | * transformation. No data processing happens at this point. Driver code |
81 | * implementation must not use req->result. |
82 | * @update: **[mandatory]** Push a chunk of data into the driver for transformation. This |
83 | * function actually pushes blocks of data from upper layers into the |
84 | * driver, which then passes those to the hardware as seen fit. This |
85 | * function must not finalize the HASH transformation by calculating the |
86 | * final message digest as this only adds more data into the |
87 | * transformation. This function shall not modify the transformation |
88 | * context, as this function may be called in parallel with the same |
89 | * transformation object. Data processing can happen synchronously |
90 | * [SHASH] or asynchronously [AHASH] at this point. Driver must not use |
91 | * req->result. |
92 | * For block-only algorithms, @update must return the number |
93 | * of bytes to store in the API partial block buffer. |
94 | * @final: **[mandatory]** Retrieve result from the driver. This function finalizes the |
95 | * transformation and retrieves the resulting hash from the driver and |
96 | * pushes it back to upper layers. No data processing happens at this |
97 | * point unless hardware requires it to finish the transformation |
98 | * (then the data buffered by the device driver is processed). |
99 | * @finup: **[optional]** Combination of @update and @final. This function is effectively a |
100 | * combination of @update and @final calls issued in sequence. As some |
101 | * hardware cannot do @update and @final separately, this callback was |
102 | * added to allow such hardware to be used at least by IPsec. Data |
103 | * processing can happen synchronously [SHASH] or asynchronously [AHASH] |
104 | * at this point. |
105 | * @digest: Combination of @init and @update and @final. This function |
106 | * effectively behaves as the entire chain of operations, @init, |
107 | * @update and @final issued in sequence. Just like @finup, this was |
108 | * added for hardware which cannot do even the @finup, but can only do |
109 | * the whole transformation in one run. Data processing can happen |
110 | * synchronously [SHASH] or asynchronously [AHASH] at this point. |
111 | * @setkey: Set optional key used by the hashing algorithm. Intended to push |
112 | * optional key used by the hashing algorithm from upper layers into |
113 | * the driver. This function can store the key in the transformation |
114 | * context or can outright program it into the hardware. In the former |
115 | * case, one must be careful to program the key into the hardware at |
116 | * appropriate time and one must be careful that .setkey() can be |
117 | * called multiple times during the existence of the transformation |
118 | * object. Not all hashing algorithms do implement this function as it |
119 | * is only needed for keyed message digests. SHAx/MDx/CRCx do NOT |
120 | * implement this function. HMAC(MDx)/HMAC(SHAx)/CMAC(AES) do implement |
121 | * this function. This function must be called before any other of the |
122 | * @init, @update, @final, @finup, @digest is called. No data |
123 | * processing happens at this point. |
124 | * @export: Export partial state of the transformation. This function dumps the |
125 | * entire state of the ongoing transformation into a provided block of |
126 | * data so it can be @import 'ed back later on. This is useful in case |
127 | * you want to save partial result of the transformation after |
128 | * processing certain amount of data and reload this partial result |
129 | * multiple times later on for multiple re-use. No data processing |
130 | * happens at this point. Driver must not use req->result. |
131 | * @import: Import partial state of the transformation. This function loads the |
132 | * entire state of the ongoing transformation from a provided block of |
133 | * data so the transformation can continue from this point onward. No |
134 | * data processing happens at this point. Driver must not use |
135 | * req->result. |
136 | * @export_core: Export partial state without partial block. Only defined |
137 | * for algorithms that are not block-only. |
138 | * @import_core: Import partial state without partial block. Only defined |
139 | * for algorithms that are not block-only. |
140 | * @init_tfm: Initialize the cryptographic transformation object. |
141 | * This function is called only once at the instantiation |
142 | * time, right after the transformation context was |
143 | * allocated. In case the cryptographic hardware has |
144 | * some special requirements which need to be handled |
145 | * by software, this function shall check for the precise |
146 | * requirement of the transformation and put any software |
147 | * fallbacks in place. |
148 | * @exit_tfm: Deinitialize the cryptographic transformation object. |
149 | * This is a counterpart to @init_tfm, used to remove |
150 | * various changes set in @init_tfm. |
151 | * @clone_tfm: Copy transform into new object, may allocate memory. |
152 | * @halg: see struct hash_alg_common |
153 | */ |
154 | struct ahash_alg { |
155 | int (*init)(struct ahash_request *req); |
156 | int (*update)(struct ahash_request *req); |
157 | int (*final)(struct ahash_request *req); |
158 | int (*finup)(struct ahash_request *req); |
159 | int (*digest)(struct ahash_request *req); |
160 | int (*export)(struct ahash_request *req, void *out); |
161 | int (*import)(struct ahash_request *req, const void *in); |
162 | int (*export_core)(struct ahash_request *req, void *out); |
163 | int (*import_core)(struct ahash_request *req, const void *in); |
164 | int (*setkey)(struct crypto_ahash *tfm, const u8 *key, |
165 | unsigned int keylen); |
166 | int (*init_tfm)(struct crypto_ahash *tfm); |
167 | void (*exit_tfm)(struct crypto_ahash *tfm); |
168 | int (*clone_tfm)(struct crypto_ahash *dst, struct crypto_ahash *src); |
169 | |
170 | struct hash_alg_common halg; |
171 | }; |
172 | |
173 | struct shash_desc { |
174 | struct crypto_shash *tfm; |
175 | void *__ctx[] __aligned(ARCH_SLAB_MINALIGN); |
176 | }; |
177 | |
178 | #define HASH_MAX_DIGESTSIZE 64 |
179 | |
180 | /* Worst case is sha3-224. */ |
181 | #define HASH_MAX_STATESIZE 200 + 144 + 1 |
182 | |
183 | /* |
184 | * Worst case is hmac(sha3-224-s390). Its context is a nested 'shash_desc' |
185 | * containing a 'struct s390_sha_ctx'. |
186 | */ |
187 | #define HASH_MAX_DESCSIZE (sizeof(struct shash_desc) + 360) |
188 | #define MAX_SYNC_HASH_REQSIZE (sizeof(struct ahash_request) + \ |
189 | HASH_MAX_DESCSIZE) |
190 | |
191 | #define SHASH_DESC_ON_STACK(shash, ctx) \ |
192 | char __##shash##_desc[sizeof(struct shash_desc) + HASH_MAX_DESCSIZE] \ |
193 | __aligned(__alignof__(struct shash_desc)); \ |
194 | struct shash_desc *shash = (struct shash_desc *)__##shash##_desc |
195 | |
196 | #define HASH_REQUEST_ON_STACK(name, _tfm) \ |
197 | char __##name##_req[sizeof(struct ahash_request) + \ |
198 | MAX_SYNC_HASH_REQSIZE] CRYPTO_MINALIGN_ATTR; \ |
199 | struct ahash_request *name = \ |
200 | ahash_request_on_stack_init(__##name##_req, (_tfm)) |
201 | |
202 | #define HASH_REQUEST_CLONE(name, gfp) \ |
203 | hash_request_clone(name, sizeof(__##name##_req), gfp) |
204 | |
205 | /** |
206 | * struct shash_alg - synchronous message digest definition |
207 | * @init: see struct ahash_alg |
208 | * @update: see struct ahash_alg |
209 | * @final: see struct ahash_alg |
210 | * @finup: see struct ahash_alg |
211 | * @digest: see struct ahash_alg |
212 | * @export: see struct ahash_alg |
213 | * @import: see struct ahash_alg |
214 | * @export_core: see struct ahash_alg |
215 | * @import_core: see struct ahash_alg |
216 | * @setkey: see struct ahash_alg |
217 | * @init_tfm: Initialize the cryptographic transformation object. |
218 | * This function is called only once at the instantiation |
219 | * time, right after the transformation context was |
220 | * allocated. In case the cryptographic hardware has |
221 | * some special requirements which need to be handled |
222 | * by software, this function shall check for the precise |
223 | * requirement of the transformation and put any software |
224 | * fallbacks in place. |
225 | * @exit_tfm: Deinitialize the cryptographic transformation object. |
226 | * This is a counterpart to @init_tfm, used to remove |
227 | * various changes set in @init_tfm. |
228 | * @clone_tfm: Copy transform into new object, may allocate memory. |
229 | * @descsize: Size of the operational state for the message digest. This state |
230 | * size is the memory size that needs to be allocated for |
231 | * shash_desc.__ctx |
232 | * @halg: see struct hash_alg_common |
233 | * @HASH_ALG_COMMON: see struct hash_alg_common |
234 | */ |
235 | struct shash_alg { |
236 | int (*init)(struct shash_desc *desc); |
237 | int (*update)(struct shash_desc *desc, const u8 *data, |
238 | unsigned int len); |
239 | int (*final)(struct shash_desc *desc, u8 *out); |
240 | int (*finup)(struct shash_desc *desc, const u8 *data, |
241 | unsigned int len, u8 *out); |
242 | int (*digest)(struct shash_desc *desc, const u8 *data, |
243 | unsigned int len, u8 *out); |
244 | int (*export)(struct shash_desc *desc, void *out); |
245 | int (*import)(struct shash_desc *desc, const void *in); |
246 | int (*export_core)(struct shash_desc *desc, void *out); |
247 | int (*import_core)(struct shash_desc *desc, const void *in); |
248 | int (*setkey)(struct crypto_shash *tfm, const u8 *key, |
249 | unsigned int keylen); |
250 | int (*init_tfm)(struct crypto_shash *tfm); |
251 | void (*exit_tfm)(struct crypto_shash *tfm); |
252 | int (*clone_tfm)(struct crypto_shash *dst, struct crypto_shash *src); |
253 | |
254 | unsigned int descsize; |
255 | |
256 | union { |
257 | struct HASH_ALG_COMMON; |
258 | struct hash_alg_common halg; |
259 | }; |
260 | }; |
261 | #undef HASH_ALG_COMMON |
262 | |
263 | struct crypto_ahash { |
264 | bool using_shash; /* Underlying algorithm is shash, not ahash */ |
265 | unsigned int statesize; |
266 | unsigned int reqsize; |
267 | struct crypto_tfm base; |
268 | }; |
269 | |
270 | struct crypto_shash { |
271 | struct crypto_tfm base; |
272 | }; |
273 | |
274 | /** |
275 | * DOC: Asynchronous Message Digest API |
276 | * |
277 | * The asynchronous message digest API is used with the ciphers of type |
278 | * CRYPTO_ALG_TYPE_AHASH (listed as type "ahash" in /proc/crypto) |
279 | * |
280 | * The asynchronous cipher operation discussion provided for the |
281 | * CRYPTO_ALG_TYPE_SKCIPHER API applies here as well. |
282 | */ |
283 | |
284 | static inline bool ahash_req_on_stack(struct ahash_request *req) |
285 | { |
286 | return crypto_req_on_stack(req: &req->base); |
287 | } |
288 | |
289 | static inline struct crypto_ahash *__crypto_ahash_cast(struct crypto_tfm *tfm) |
290 | { |
291 | return container_of(tfm, struct crypto_ahash, base); |
292 | } |
293 | |
294 | /** |
295 | * crypto_alloc_ahash() - allocate ahash cipher handle |
296 | * @alg_name: is the cra_name / name or cra_driver_name / driver name of the |
297 | * ahash cipher |
298 | * @type: specifies the type of the cipher |
299 | * @mask: specifies the mask for the cipher |
300 | * |
301 | * Allocate a cipher handle for an ahash. The returned struct |
302 | * crypto_ahash is the cipher handle that is required for any subsequent |
303 | * API invocation for that ahash. |
304 | * |
305 | * Return: allocated cipher handle in case of success; IS_ERR() is true in case |
306 | * of an error, PTR_ERR() returns the error code. |
307 | */ |
308 | struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type, |
309 | u32 mask); |
310 | |
311 | struct crypto_ahash *crypto_clone_ahash(struct crypto_ahash *tfm); |
312 | |
313 | static inline struct crypto_tfm *crypto_ahash_tfm(struct crypto_ahash *tfm) |
314 | { |
315 | return &tfm->base; |
316 | } |
317 | |
318 | /** |
319 | * crypto_free_ahash() - zeroize and free the ahash handle |
320 | * @tfm: cipher handle to be freed |
321 | * |
322 | * If @tfm is a NULL or error pointer, this function does nothing. |
323 | */ |
324 | static inline void crypto_free_ahash(struct crypto_ahash *tfm) |
325 | { |
326 | crypto_destroy_tfm(mem: tfm, tfm: crypto_ahash_tfm(tfm)); |
327 | } |
328 | |
329 | /** |
330 | * crypto_has_ahash() - Search for the availability of an ahash. |
331 | * @alg_name: is the cra_name / name or cra_driver_name / driver name of the |
332 | * ahash |
333 | * @type: specifies the type of the ahash |
334 | * @mask: specifies the mask for the ahash |
335 | * |
336 | * Return: true when the ahash is known to the kernel crypto API; false |
337 | * otherwise |
338 | */ |
339 | int crypto_has_ahash(const char *alg_name, u32 type, u32 mask); |
340 | |
341 | static inline const char *crypto_ahash_alg_name(struct crypto_ahash *tfm) |
342 | { |
343 | return crypto_tfm_alg_name(tfm: crypto_ahash_tfm(tfm)); |
344 | } |
345 | |
346 | static inline const char *crypto_ahash_driver_name(struct crypto_ahash *tfm) |
347 | { |
348 | return crypto_tfm_alg_driver_name(tfm: crypto_ahash_tfm(tfm)); |
349 | } |
350 | |
351 | /** |
352 | * crypto_ahash_blocksize() - obtain block size for cipher |
353 | * @tfm: cipher handle |
354 | * |
355 | * The block size for the message digest cipher referenced with the cipher |
356 | * handle is returned. |
357 | * |
358 | * Return: block size of cipher |
359 | */ |
360 | static inline unsigned int crypto_ahash_blocksize(struct crypto_ahash *tfm) |
361 | { |
362 | return crypto_tfm_alg_blocksize(tfm: crypto_ahash_tfm(tfm)); |
363 | } |
364 | |
365 | static inline struct hash_alg_common *__crypto_hash_alg_common( |
366 | struct crypto_alg *alg) |
367 | { |
368 | return container_of(alg, struct hash_alg_common, base); |
369 | } |
370 | |
371 | static inline struct hash_alg_common *crypto_hash_alg_common( |
372 | struct crypto_ahash *tfm) |
373 | { |
374 | return __crypto_hash_alg_common(alg: crypto_ahash_tfm(tfm)->__crt_alg); |
375 | } |
376 | |
377 | /** |
378 | * crypto_ahash_digestsize() - obtain message digest size |
379 | * @tfm: cipher handle |
380 | * |
381 | * The size for the message digest created by the message digest cipher |
382 | * referenced with the cipher handle is returned. |
383 | * |
384 | * |
385 | * Return: message digest size of cipher |
386 | */ |
387 | static inline unsigned int crypto_ahash_digestsize(struct crypto_ahash *tfm) |
388 | { |
389 | return crypto_hash_alg_common(tfm)->digestsize; |
390 | } |
391 | |
392 | /** |
393 | * crypto_ahash_statesize() - obtain size of the ahash state |
394 | * @tfm: cipher handle |
395 | * |
396 | * Return the size of the ahash state. With the crypto_ahash_export() |
397 | * function, the caller can export the state into a buffer whose size is |
398 | * defined with this function. |
399 | * |
400 | * Return: size of the ahash state |
401 | */ |
402 | static inline unsigned int crypto_ahash_statesize(struct crypto_ahash *tfm) |
403 | { |
404 | return tfm->statesize; |
405 | } |
406 | |
407 | static inline u32 crypto_ahash_get_flags(struct crypto_ahash *tfm) |
408 | { |
409 | return crypto_tfm_get_flags(tfm: crypto_ahash_tfm(tfm)); |
410 | } |
411 | |
412 | static inline void crypto_ahash_set_flags(struct crypto_ahash *tfm, u32 flags) |
413 | { |
414 | crypto_tfm_set_flags(tfm: crypto_ahash_tfm(tfm), flags); |
415 | } |
416 | |
417 | static inline void crypto_ahash_clear_flags(struct crypto_ahash *tfm, u32 flags) |
418 | { |
419 | crypto_tfm_clear_flags(tfm: crypto_ahash_tfm(tfm), flags); |
420 | } |
421 | |
422 | /** |
423 | * crypto_ahash_reqtfm() - obtain cipher handle from request |
424 | * @req: asynchronous request handle that contains the reference to the ahash |
425 | * cipher handle |
426 | * |
427 | * Return the ahash cipher handle that is registered with the asynchronous |
428 | * request handle ahash_request. |
429 | * |
430 | * Return: ahash cipher handle |
431 | */ |
432 | static inline struct crypto_ahash *crypto_ahash_reqtfm( |
433 | struct ahash_request *req) |
434 | { |
435 | return __crypto_ahash_cast(tfm: req->base.tfm); |
436 | } |
437 | |
438 | /** |
439 | * crypto_ahash_reqsize() - obtain size of the request data structure |
440 | * @tfm: cipher handle |
441 | * |
442 | * Return: size of the request data |
443 | */ |
444 | static inline unsigned int crypto_ahash_reqsize(struct crypto_ahash *tfm) |
445 | { |
446 | return tfm->reqsize; |
447 | } |
448 | |
449 | static inline void *ahash_request_ctx(struct ahash_request *req) |
450 | { |
451 | return req->__ctx; |
452 | } |
453 | |
454 | /** |
455 | * crypto_ahash_setkey - set key for cipher handle |
456 | * @tfm: cipher handle |
457 | * @key: buffer holding the key |
458 | * @keylen: length of the key in bytes |
459 | * |
460 | * The caller provided key is set for the ahash cipher. The cipher |
461 | * handle must point to a keyed hash in order for this function to succeed. |
462 | * |
463 | * Return: 0 if the setting of the key was successful; < 0 if an error occurred |
464 | */ |
465 | int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key, |
466 | unsigned int keylen); |
467 | |
468 | /** |
469 | * crypto_ahash_finup() - update and finalize message digest |
470 | * @req: reference to the ahash_request handle that holds all information |
471 | * needed to perform the cipher operation |
472 | * |
473 | * This function is a "short-hand" for the function calls of |
474 | * crypto_ahash_update and crypto_ahash_final. The parameters have the same |
475 | * meaning as discussed for those separate functions. |
476 | * |
477 | * Return: see crypto_ahash_final() |
478 | */ |
479 | int crypto_ahash_finup(struct ahash_request *req); |
480 | |
481 | /** |
482 | * crypto_ahash_final() - calculate message digest |
483 | * @req: reference to the ahash_request handle that holds all information |
484 | * needed to perform the cipher operation |
485 | * |
486 | * Finalize the message digest operation and create the message digest |
487 | * based on all data added to the cipher handle. The message digest is placed |
488 | * into the output buffer registered with the ahash_request handle. |
489 | * |
490 | * Return: |
491 | * 0 if the message digest was successfully calculated; |
492 | * -EINPROGRESS if data is fed into hardware (DMA) or queued for later; |
493 | * -EBUSY if queue is full and request should be resubmitted later; |
494 | * other < 0 if an error occurred |
495 | */ |
496 | static inline int crypto_ahash_final(struct ahash_request *req) |
497 | { |
498 | req->nbytes = 0; |
499 | return crypto_ahash_finup(req); |
500 | } |
501 | |
502 | /** |
503 | * crypto_ahash_digest() - calculate message digest for a buffer |
504 | * @req: reference to the ahash_request handle that holds all information |
505 | * needed to perform the cipher operation |
506 | * |
507 | * This function is a "short-hand" for the function calls of crypto_ahash_init, |
508 | * crypto_ahash_update and crypto_ahash_final. The parameters have the same |
509 | * meaning as discussed for those separate three functions. |
510 | * |
511 | * Return: see crypto_ahash_final() |
512 | */ |
513 | int crypto_ahash_digest(struct ahash_request *req); |
514 | |
515 | /** |
516 | * crypto_ahash_export() - extract current message digest state |
517 | * @req: reference to the ahash_request handle whose state is exported |
518 | * @out: output buffer of sufficient size that can hold the hash state |
519 | * |
520 | * This function exports the hash state of the ahash_request handle into the |
521 | * caller-allocated output buffer out which must have sufficient size (e.g. by |
522 | * calling crypto_ahash_statesize()). |
523 | * |
524 | * Return: 0 if the export was successful; < 0 if an error occurred |
525 | */ |
526 | int crypto_ahash_export(struct ahash_request *req, void *out); |
527 | |
528 | /** |
529 | * crypto_ahash_import() - import message digest state |
530 | * @req: reference to ahash_request handle the state is imported into |
531 | * @in: buffer holding the state |
532 | * |
533 | * This function imports the hash state into the ahash_request handle from the |
534 | * input buffer. That buffer should have been generated with the |
535 | * crypto_ahash_export function. |
536 | * |
537 | * Return: 0 if the import was successful; < 0 if an error occurred |
538 | */ |
539 | int crypto_ahash_import(struct ahash_request *req, const void *in); |
540 | |
541 | /** |
542 | * crypto_ahash_init() - (re)initialize message digest handle |
543 | * @req: ahash_request handle that already is initialized with all necessary |
544 | * data using the ahash_request_* API functions |
545 | * |
546 | * The call (re-)initializes the message digest referenced by the ahash_request |
547 | * handle. Any potentially existing state created by previous operations is |
548 | * discarded. |
549 | * |
550 | * Return: see crypto_ahash_final() |
551 | */ |
552 | int crypto_ahash_init(struct ahash_request *req); |
553 | |
554 | /** |
555 | * crypto_ahash_update() - add data to message digest for processing |
556 | * @req: ahash_request handle that was previously initialized with the |
557 | * crypto_ahash_init call. |
558 | * |
559 | * Updates the message digest state of the &ahash_request handle. The input data |
560 | * is pointed to by the scatter/gather list registered in the &ahash_request |
561 | * handle |
562 | * |
563 | * Return: see crypto_ahash_final() |
564 | */ |
565 | int crypto_ahash_update(struct ahash_request *req); |
566 | |
567 | /** |
568 | * DOC: Asynchronous Hash Request Handle |
569 | * |
570 | * The &ahash_request data structure contains all pointers to data |
571 | * required for the asynchronous cipher operation. This includes the cipher |
572 | * handle (which can be used by multiple &ahash_request instances), pointer |
573 | * to plaintext and the message digest output buffer, asynchronous callback |
574 | * function, etc. It acts as a handle to the ahash_request_* API calls in a |
575 | * similar way as ahash handle to the crypto_ahash_* API calls. |
576 | */ |
577 | |
578 | /** |
579 | * ahash_request_set_tfm() - update cipher handle reference in request |
580 | * @req: request handle to be modified |
581 | * @tfm: cipher handle that shall be added to the request handle |
582 | * |
583 | * Allow the caller to replace the existing ahash handle in the request |
584 | * data structure with a different one. |
585 | */ |
586 | static inline void ahash_request_set_tfm(struct ahash_request *req, |
587 | struct crypto_ahash *tfm) |
588 | { |
589 | crypto_request_set_tfm(req: &req->base, tfm: crypto_ahash_tfm(tfm)); |
590 | } |
591 | |
592 | /** |
593 | * ahash_request_alloc() - allocate request data structure |
594 | * @tfm: cipher handle to be registered with the request |
595 | * @gfp: memory allocation flag that is handed to kmalloc by the API call. |
596 | * |
597 | * Allocate the request data structure that must be used with the ahash |
598 | * message digest API calls. During |
599 | * the allocation, the provided ahash handle |
600 | * is registered in the request data structure. |
601 | * |
602 | * Return: allocated request handle in case of success, or NULL if out of memory |
603 | */ |
604 | static inline struct ahash_request *ahash_request_alloc_noprof( |
605 | struct crypto_ahash *tfm, gfp_t gfp) |
606 | { |
607 | struct ahash_request *req; |
608 | |
609 | req = kmalloc_noprof(size: sizeof(struct ahash_request) + |
610 | crypto_ahash_reqsize(tfm), flags: gfp); |
611 | |
612 | if (likely(req)) |
613 | ahash_request_set_tfm(req, tfm); |
614 | |
615 | return req; |
616 | } |
617 | #define ahash_request_alloc(...) alloc_hooks(ahash_request_alloc_noprof(__VA_ARGS__)) |
618 | |
619 | /** |
620 | * ahash_request_free() - zeroize and free the request data structure |
621 | * @req: request data structure cipher handle to be freed |
622 | */ |
623 | void ahash_request_free(struct ahash_request *req); |
624 | |
625 | static inline void ahash_request_zero(struct ahash_request *req) |
626 | { |
627 | memzero_explicit(s: req, count: sizeof(*req) + |
628 | crypto_ahash_reqsize(tfm: crypto_ahash_reqtfm(req))); |
629 | } |
630 | |
631 | static inline struct ahash_request *ahash_request_cast( |
632 | struct crypto_async_request *req) |
633 | { |
634 | return container_of(req, struct ahash_request, base); |
635 | } |
636 | |
637 | /** |
638 | * ahash_request_set_callback() - set asynchronous callback function |
639 | * @req: request handle |
640 | * @flags: specify zero or an ORing of the flags |
641 | * CRYPTO_TFM_REQ_MAY_BACKLOG the request queue may back log and |
642 | * increase the wait queue beyond the initial maximum size; |
643 | * CRYPTO_TFM_REQ_MAY_SLEEP the request processing may sleep |
644 | * @compl: callback function pointer to be registered with the request handle |
645 | * @data: The data pointer refers to memory that is not used by the kernel |
646 | * crypto API, but provided to the callback function for it to use. Here, |
647 | * the caller can provide a reference to memory the callback function can |
648 | * operate on. As the callback function is invoked asynchronously to the |
649 | * related functionality, it may need to access data structures of the |
650 | * related functionality which can be referenced using this pointer. The |
651 | * callback function can access the memory via the "data" field in the |
652 | * &crypto_async_request data structure provided to the callback function. |
653 | * |
654 | * This function allows setting the callback function that is triggered once |
655 | * the cipher operation completes. |
656 | * |
657 | * The callback function is registered with the &ahash_request handle and |
658 | * must comply with the following template:: |
659 | * |
660 | * void callback_function(struct crypto_async_request *req, int error) |
661 | */ |
662 | static inline void ahash_request_set_callback(struct ahash_request *req, |
663 | u32 flags, |
664 | crypto_completion_t compl, |
665 | void *data) |
666 | { |
667 | flags &= ~CRYPTO_AHASH_REQ_PRIVATE; |
668 | flags |= req->base.flags & CRYPTO_AHASH_REQ_PRIVATE; |
669 | crypto_request_set_callback(req: &req->base, flags, compl, data); |
670 | } |
671 | |
672 | /** |
673 | * ahash_request_set_crypt() - set data buffers |
674 | * @req: ahash_request handle to be updated |
675 | * @src: source scatter/gather list |
676 | * @result: buffer that is filled with the message digest -- the caller must |
677 | * ensure that the buffer has sufficient space by, for example, calling |
678 | * crypto_ahash_digestsize() |
679 | * @nbytes: number of bytes to process from the source scatter/gather list |
680 | * |
681 | * By using this call, the caller references the source scatter/gather list. |
682 | * The source scatter/gather list points to the data the message digest is to |
683 | * be calculated for. |
684 | */ |
685 | static inline void ahash_request_set_crypt(struct ahash_request *req, |
686 | struct scatterlist *src, u8 *result, |
687 | unsigned int nbytes) |
688 | { |
689 | req->src = src; |
690 | req->nbytes = nbytes; |
691 | req->result = result; |
692 | req->base.flags &= ~CRYPTO_AHASH_REQ_VIRT; |
693 | } |
694 | |
695 | /** |
696 | * ahash_request_set_virt() - set virtual address data buffers |
697 | * @req: ahash_request handle to be updated |
698 | * @src: source virtual address |
699 | * @result: buffer that is filled with the message digest -- the caller must |
700 | * ensure that the buffer has sufficient space by, for example, calling |
701 | * crypto_ahash_digestsize() |
702 | * @nbytes: number of bytes to process from the source virtual address |
703 | * |
704 | * By using this call, the caller references the source virtual address. |
705 | * The source virtual address points to the data the message digest is to |
706 | * be calculated for. |
707 | */ |
708 | static inline void ahash_request_set_virt(struct ahash_request *req, |
709 | const u8 *src, u8 *result, |
710 | unsigned int nbytes) |
711 | { |
712 | req->svirt = src; |
713 | req->nbytes = nbytes; |
714 | req->result = result; |
715 | req->base.flags |= CRYPTO_AHASH_REQ_VIRT; |
716 | } |
717 | |
718 | /** |
719 | * DOC: Synchronous Message Digest API |
720 | * |
721 | * The synchronous message digest API is used with the ciphers of type |
722 | * CRYPTO_ALG_TYPE_SHASH (listed as type "shash" in /proc/crypto) |
723 | * |
724 | * The message digest API is able to maintain state information for the |
725 | * caller. |
726 | * |
727 | * The synchronous message digest API can store user-related context in its |
728 | * shash_desc request data structure. |
729 | */ |
730 | |
731 | /** |
732 | * crypto_alloc_shash() - allocate message digest handle |
733 | * @alg_name: is the cra_name / name or cra_driver_name / driver name of the |
734 | * message digest cipher |
735 | * @type: specifies the type of the cipher |
736 | * @mask: specifies the mask for the cipher |
737 | * |
738 | * Allocate a cipher handle for a message digest. The returned &struct |
739 | * crypto_shash is the cipher handle that is required for any subsequent |
740 | * API invocation for that message digest. |
741 | * |
742 | * Return: allocated cipher handle in case of success; IS_ERR() is true in case |
743 | * of an error, PTR_ERR() returns the error code. |
744 | */ |
745 | struct crypto_shash *crypto_alloc_shash(const char *alg_name, u32 type, |
746 | u32 mask); |
747 | |
748 | struct crypto_shash *crypto_clone_shash(struct crypto_shash *tfm); |
749 | |
750 | int crypto_has_shash(const char *alg_name, u32 type, u32 mask); |
751 | |
752 | static inline struct crypto_tfm *crypto_shash_tfm(struct crypto_shash *tfm) |
753 | { |
754 | return &tfm->base; |
755 | } |
756 | |
757 | /** |
758 | * crypto_free_shash() - zeroize and free the message digest handle |
759 | * @tfm: cipher handle to be freed |
760 | * |
761 | * If @tfm is a NULL or error pointer, this function does nothing. |
762 | */ |
763 | static inline void crypto_free_shash(struct crypto_shash *tfm) |
764 | { |
765 | crypto_destroy_tfm(mem: tfm, tfm: crypto_shash_tfm(tfm)); |
766 | } |
767 | |
768 | static inline const char *crypto_shash_alg_name(struct crypto_shash *tfm) |
769 | { |
770 | return crypto_tfm_alg_name(tfm: crypto_shash_tfm(tfm)); |
771 | } |
772 | |
773 | static inline const char *crypto_shash_driver_name(struct crypto_shash *tfm) |
774 | { |
775 | return crypto_tfm_alg_driver_name(tfm: crypto_shash_tfm(tfm)); |
776 | } |
777 | |
778 | /** |
779 | * crypto_shash_blocksize() - obtain block size for cipher |
780 | * @tfm: cipher handle |
781 | * |
782 | * The block size for the message digest cipher referenced with the cipher |
783 | * handle is returned. |
784 | * |
785 | * Return: block size of cipher |
786 | */ |
787 | static inline unsigned int crypto_shash_blocksize(struct crypto_shash *tfm) |
788 | { |
789 | return crypto_tfm_alg_blocksize(tfm: crypto_shash_tfm(tfm)); |
790 | } |
791 | |
792 | static inline struct shash_alg *__crypto_shash_alg(struct crypto_alg *alg) |
793 | { |
794 | return container_of(alg, struct shash_alg, base); |
795 | } |
796 | |
797 | static inline struct shash_alg *crypto_shash_alg(struct crypto_shash *tfm) |
798 | { |
799 | return __crypto_shash_alg(alg: crypto_shash_tfm(tfm)->__crt_alg); |
800 | } |
801 | |
802 | /** |
803 | * crypto_shash_digestsize() - obtain message digest size |
804 | * @tfm: cipher handle |
805 | * |
806 | * The size for the message digest created by the message digest cipher |
807 | * referenced with the cipher handle is returned. |
808 | * |
809 | * Return: digest size of cipher |
810 | */ |
811 | static inline unsigned int crypto_shash_digestsize(struct crypto_shash *tfm) |
812 | { |
813 | return crypto_shash_alg(tfm)->digestsize; |
814 | } |
815 | |
816 | static inline unsigned int crypto_shash_statesize(struct crypto_shash *tfm) |
817 | { |
818 | return crypto_shash_alg(tfm)->statesize; |
819 | } |
820 | |
821 | static inline u32 crypto_shash_get_flags(struct crypto_shash *tfm) |
822 | { |
823 | return crypto_tfm_get_flags(tfm: crypto_shash_tfm(tfm)); |
824 | } |
825 | |
826 | static inline void crypto_shash_set_flags(struct crypto_shash *tfm, u32 flags) |
827 | { |
828 | crypto_tfm_set_flags(tfm: crypto_shash_tfm(tfm), flags); |
829 | } |
830 | |
831 | static inline void crypto_shash_clear_flags(struct crypto_shash *tfm, u32 flags) |
832 | { |
833 | crypto_tfm_clear_flags(tfm: crypto_shash_tfm(tfm), flags); |
834 | } |
835 | |
836 | /** |
837 | * crypto_shash_descsize() - obtain the operational state size |
838 | * @tfm: cipher handle |
839 | * |
840 | * The size of the operational state the cipher needs during operation is |
841 | * returned for the hash referenced with the cipher handle. This size is |
842 | * required to calculate the memory requirements to allow the caller allocating |
843 | * sufficient memory for operational state. |
844 | * |
845 | * The operational state is defined with struct shash_desc where the size of |
846 | * that data structure is to be calculated as |
847 | * sizeof(struct shash_desc) + crypto_shash_descsize(alg) |
848 | * |
849 | * Return: size of the operational state |
850 | */ |
851 | static inline unsigned int crypto_shash_descsize(struct crypto_shash *tfm) |
852 | { |
853 | return crypto_shash_alg(tfm)->descsize; |
854 | } |
855 | |
856 | static inline void *shash_desc_ctx(struct shash_desc *desc) |
857 | { |
858 | return desc->__ctx; |
859 | } |
860 | |
861 | /** |
862 | * crypto_shash_setkey() - set key for message digest |
863 | * @tfm: cipher handle |
864 | * @key: buffer holding the key |
865 | * @keylen: length of the key in bytes |
866 | * |
867 | * The caller provided key is set for the keyed message digest cipher. The |
868 | * cipher handle must point to a keyed message digest cipher in order for this |
869 | * function to succeed. |
870 | * |
871 | * Context: Softirq or process context. |
872 | * Return: 0 if the setting of the key was successful; < 0 if an error occurred |
873 | */ |
874 | int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, |
875 | unsigned int keylen); |
876 | |
877 | /** |
878 | * crypto_shash_digest() - calculate message digest for buffer |
879 | * @desc: see crypto_shash_final() |
880 | * @data: see crypto_shash_update() |
881 | * @len: see crypto_shash_update() |
882 | * @out: see crypto_shash_final() |
883 | * |
884 | * This function is a "short-hand" for the function calls of crypto_shash_init, |
885 | * crypto_shash_update and crypto_shash_final. The parameters have the same |
886 | * meaning as discussed for those separate three functions. |
887 | * |
888 | * Context: Softirq or process context. |
889 | * Return: 0 if the message digest creation was successful; < 0 if an error |
890 | * occurred |
891 | */ |
892 | int crypto_shash_digest(struct shash_desc *desc, const u8 *data, |
893 | unsigned int len, u8 *out); |
894 | |
895 | /** |
896 | * crypto_shash_tfm_digest() - calculate message digest for buffer |
897 | * @tfm: hash transformation object |
898 | * @data: see crypto_shash_update() |
899 | * @len: see crypto_shash_update() |
900 | * @out: see crypto_shash_final() |
901 | * |
902 | * This is a simplified version of crypto_shash_digest() for users who don't |
903 | * want to allocate their own hash descriptor (shash_desc). Instead, |
904 | * crypto_shash_tfm_digest() takes a hash transformation object (crypto_shash) |
905 | * directly, and it allocates a hash descriptor on the stack internally. |
906 | * Note that this stack allocation may be fairly large. |
907 | * |
908 | * Context: Softirq or process context. |
909 | * Return: 0 on success; < 0 if an error occurred. |
910 | */ |
911 | int crypto_shash_tfm_digest(struct crypto_shash *tfm, const u8 *data, |
912 | unsigned int len, u8 *out); |
913 | |
914 | int crypto_hash_digest(struct crypto_ahash *tfm, const u8 *data, |
915 | unsigned int len, u8 *out); |
916 | |
917 | /** |
918 | * crypto_shash_export() - extract operational state for message digest |
919 | * @desc: reference to the operational state handle whose state is exported |
920 | * @out: output buffer of sufficient size that can hold the hash state |
921 | * |
922 | * This function exports the hash state of the operational state handle into the |
923 | * caller-allocated output buffer out which must have sufficient size (e.g. by |
924 | * calling crypto_shash_descsize). |
925 | * |
926 | * Context: Softirq or process context. |
927 | * Return: 0 if the export creation was successful; < 0 if an error occurred |
928 | */ |
929 | int crypto_shash_export(struct shash_desc *desc, void *out); |
930 | |
931 | /** |
932 | * crypto_shash_import() - import operational state |
933 | * @desc: reference to the operational state handle the state imported into |
934 | * @in: buffer holding the state |
935 | * |
936 | * This function imports the hash state into the operational state handle from |
937 | * the input buffer. That buffer should have been generated with the |
938 | * crypto_ahash_export function. |
939 | * |
940 | * Context: Softirq or process context. |
941 | * Return: 0 if the import was successful; < 0 if an error occurred |
942 | */ |
943 | int crypto_shash_import(struct shash_desc *desc, const void *in); |
944 | |
945 | /** |
946 | * crypto_shash_init() - (re)initialize message digest |
947 | * @desc: operational state handle that is already filled |
948 | * |
949 | * The call (re-)initializes the message digest referenced by the |
950 | * operational state handle. Any potentially existing state created by |
951 | * previous operations is discarded. |
952 | * |
953 | * Context: Softirq or process context. |
954 | * Return: 0 if the message digest initialization was successful; < 0 if an |
955 | * error occurred |
956 | */ |
957 | int crypto_shash_init(struct shash_desc *desc); |
958 | |
959 | /** |
960 | * crypto_shash_finup() - calculate message digest of buffer |
961 | * @desc: see crypto_shash_final() |
962 | * @data: see crypto_shash_update() |
963 | * @len: see crypto_shash_update() |
964 | * @out: see crypto_shash_final() |
965 | * |
966 | * This function is a "short-hand" for the function calls of |
967 | * crypto_shash_update and crypto_shash_final. The parameters have the same |
968 | * meaning as discussed for those separate functions. |
969 | * |
970 | * Context: Softirq or process context. |
971 | * Return: 0 if the message digest creation was successful; < 0 if an error |
972 | * occurred |
973 | */ |
974 | int crypto_shash_finup(struct shash_desc *desc, const u8 *data, |
975 | unsigned int len, u8 *out); |
976 | |
977 | /** |
978 | * crypto_shash_update() - add data to message digest for processing |
979 | * @desc: operational state handle that is already initialized |
980 | * @data: input data to be added to the message digest |
981 | * @len: length of the input data |
982 | * |
983 | * Updates the message digest state of the operational state handle. |
984 | * |
985 | * Context: Softirq or process context. |
986 | * Return: 0 if the message digest update was successful; < 0 if an error |
987 | * occurred |
988 | */ |
989 | static inline int crypto_shash_update(struct shash_desc *desc, const u8 *data, |
990 | unsigned int len) |
991 | { |
992 | return crypto_shash_finup(desc, data, len, NULL); |
993 | } |
994 | |
995 | /** |
996 | * crypto_shash_final() - calculate message digest |
997 | * @desc: operational state handle that is already filled with data |
998 | * @out: output buffer filled with the message digest |
999 | * |
1000 | * Finalize the message digest operation and create the message digest |
1001 | * based on all data added to the cipher handle. The message digest is placed |
1002 | * into the output buffer. The caller must ensure that the output buffer is |
1003 | * large enough by using crypto_shash_digestsize. |
1004 | * |
1005 | * Context: Softirq or process context. |
1006 | * Return: 0 if the message digest creation was successful; < 0 if an error |
1007 | * occurred |
1008 | */ |
1009 | static inline int crypto_shash_final(struct shash_desc *desc, u8 *out) |
1010 | { |
1011 | return crypto_shash_finup(desc, NULL, len: 0, out); |
1012 | } |
1013 | |
1014 | static inline void shash_desc_zero(struct shash_desc *desc) |
1015 | { |
1016 | memzero_explicit(s: desc, |
1017 | count: sizeof(*desc) + crypto_shash_descsize(tfm: desc->tfm)); |
1018 | } |
1019 | |
1020 | static inline bool ahash_is_async(struct crypto_ahash *tfm) |
1021 | { |
1022 | return crypto_tfm_is_async(tfm: &tfm->base); |
1023 | } |
1024 | |
1025 | static inline struct ahash_request *ahash_request_on_stack_init( |
1026 | char *buf, struct crypto_ahash *tfm) |
1027 | { |
1028 | struct ahash_request *req = (void *)buf; |
1029 | |
1030 | crypto_stack_request_init(req: &req->base, tfm: crypto_ahash_tfm(tfm)); |
1031 | return req; |
1032 | } |
1033 | |
1034 | static inline struct ahash_request *ahash_request_clone( |
1035 | struct ahash_request *req, size_t total, gfp_t gfp) |
1036 | { |
1037 | return container_of(crypto_request_clone(&req->base, total, gfp), |
1038 | struct ahash_request, base); |
1039 | } |
1040 | |
1041 | #endif /* _CRYPTO_HASH_H */ |
1042 |
Definitions
- hash_alg_common
- ahash_request
- ahash_alg
- shash_desc
- shash_alg
- crypto_ahash
- crypto_shash
- ahash_req_on_stack
- __crypto_ahash_cast
- crypto_ahash_tfm
- crypto_free_ahash
- crypto_ahash_alg_name
- crypto_ahash_driver_name
- crypto_ahash_blocksize
- __crypto_hash_alg_common
- crypto_hash_alg_common
- crypto_ahash_digestsize
- crypto_ahash_statesize
- crypto_ahash_get_flags
- crypto_ahash_set_flags
- crypto_ahash_clear_flags
- crypto_ahash_reqtfm
- crypto_ahash_reqsize
- ahash_request_ctx
- crypto_ahash_final
- ahash_request_set_tfm
- ahash_request_alloc_noprof
- ahash_request_zero
- ahash_request_cast
- ahash_request_set_callback
- ahash_request_set_crypt
- ahash_request_set_virt
- crypto_shash_tfm
- crypto_free_shash
- crypto_shash_alg_name
- crypto_shash_driver_name
- crypto_shash_blocksize
- __crypto_shash_alg
- crypto_shash_alg
- crypto_shash_digestsize
- crypto_shash_statesize
- crypto_shash_get_flags
- crypto_shash_set_flags
- crypto_shash_clear_flags
- crypto_shash_descsize
- shash_desc_ctx
- crypto_shash_update
- crypto_shash_final
- shash_desc_zero
- ahash_is_async
- ahash_request_on_stack_init
Improve your Profiling and Debugging skills
Find out more