Commit | Line | Data |
---|---|---|
0a497c17 JG |
1 | /* |
2 | * Cryptographic API. | |
3 | * | |
4 | * s390 implementation of the SHA256 Secure Hash Algorithm. | |
5 | * | |
6 | * s390 Version: | |
7 | * Copyright (C) 2005 IBM Deutschland GmbH, IBM Corporation | |
8 | * Author(s): Jan Glauber (jang@de.ibm.com) | |
9 | * | |
10 | * Derived from "crypto/sha256.c" | |
11 | * and "arch/s390/crypto/sha1_s390.c" | |
12 | * | |
13 | * This program is free software; you can redistribute it and/or modify it | |
14 | * under the terms of the GNU General Public License as published by the Free | |
15 | * Software Foundation; either version 2 of the License, or (at your option) | |
16 | * any later version. | |
17 | * | |
18 | */ | |
19 | #include <linux/init.h> | |
20 | #include <linux/module.h> | |
21 | #include <linux/crypto.h> | |
22 | ||
23 | #include "crypt_s390.h" | |
24 | ||
25 | #define SHA256_DIGEST_SIZE 32 | |
26 | #define SHA256_BLOCK_SIZE 64 | |
27 | ||
28 | struct s390_sha256_ctx { | |
29 | u64 count; | |
30 | u32 state[8]; | |
31 | u8 buf[2 * SHA256_BLOCK_SIZE]; | |
32 | }; | |
33 | ||
6c2bb98b | 34 | static void sha256_init(struct crypto_tfm *tfm) |
0a497c17 | 35 | { |
6c2bb98b | 36 | struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm); |
0a497c17 JG |
37 | |
38 | sctx->state[0] = 0x6a09e667; | |
39 | sctx->state[1] = 0xbb67ae85; | |
40 | sctx->state[2] = 0x3c6ef372; | |
41 | sctx->state[3] = 0xa54ff53a; | |
42 | sctx->state[4] = 0x510e527f; | |
43 | sctx->state[5] = 0x9b05688c; | |
44 | sctx->state[6] = 0x1f83d9ab; | |
45 | sctx->state[7] = 0x5be0cd19; | |
46 | sctx->count = 0; | |
0a497c17 JG |
47 | } |
48 | ||
6c2bb98b HX |
49 | static void sha256_update(struct crypto_tfm *tfm, const u8 *data, |
50 | unsigned int len) | |
0a497c17 | 51 | { |
6c2bb98b | 52 | struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm); |
0a497c17 | 53 | unsigned int index; |
7ffbc9da | 54 | int ret; |
0a497c17 JG |
55 | |
56 | /* how much is already in the buffer? */ | |
57 | index = sctx->count / 8 & 0x3f; | |
58 | ||
59 | /* update message bit length */ | |
60 | sctx->count += len * 8; | |
61 | ||
7ffbc9da JG |
62 | if ((index + len) < SHA256_BLOCK_SIZE) |
63 | goto store; | |
64 | ||
65 | /* process one stored block */ | |
66 | if (index) { | |
0a497c17 | 67 | memcpy(sctx->buf + index, data, SHA256_BLOCK_SIZE - index); |
7ffbc9da JG |
68 | ret = crypt_s390_kimd(KIMD_SHA_256, sctx->state, sctx->buf, |
69 | SHA256_BLOCK_SIZE); | |
70 | BUG_ON(ret != SHA256_BLOCK_SIZE); | |
0a497c17 JG |
71 | data += SHA256_BLOCK_SIZE - index; |
72 | len -= SHA256_BLOCK_SIZE - index; | |
73 | } | |
74 | ||
7ffbc9da JG |
75 | /* process as many blocks as possible */ |
76 | if (len >= SHA256_BLOCK_SIZE) { | |
77 | ret = crypt_s390_kimd(KIMD_SHA_256, sctx->state, data, | |
78 | len & ~(SHA256_BLOCK_SIZE - 1)); | |
79 | BUG_ON(ret != (len & ~(SHA256_BLOCK_SIZE - 1))); | |
80 | data += ret; | |
81 | len -= ret; | |
82 | } | |
83 | ||
84 | store: | |
0a497c17 JG |
85 | /* anything left? */ |
86 | if (len) | |
87 | memcpy(sctx->buf + index , data, len); | |
88 | } | |
89 | ||
90 | static void pad_message(struct s390_sha256_ctx* sctx) | |
91 | { | |
92 | int index, end; | |
93 | ||
94 | index = sctx->count / 8 & 0x3f; | |
95 | end = index < 56 ? SHA256_BLOCK_SIZE : 2 * SHA256_BLOCK_SIZE; | |
96 | ||
97 | /* start pad with 1 */ | |
98 | sctx->buf[index] = 0x80; | |
99 | ||
100 | /* pad with zeros */ | |
101 | index++; | |
102 | memset(sctx->buf + index, 0x00, end - index - 8); | |
103 | ||
104 | /* append message length */ | |
105 | memcpy(sctx->buf + end - 8, &sctx->count, sizeof sctx->count); | |
106 | ||
107 | sctx->count = end * 8; | |
108 | } | |
109 | ||
110 | /* Add padding and return the message digest */ | |
6c2bb98b | 111 | static void sha256_final(struct crypto_tfm *tfm, u8 *out) |
0a497c17 | 112 | { |
6c2bb98b | 113 | struct s390_sha256_ctx *sctx = crypto_tfm_ctx(tfm); |
0a497c17 JG |
114 | |
115 | /* must perform manual padding */ | |
116 | pad_message(sctx); | |
117 | ||
118 | crypt_s390_kimd(KIMD_SHA_256, sctx->state, sctx->buf, | |
119 | sctx->count / 8); | |
120 | ||
121 | /* copy digest to out */ | |
122 | memcpy(out, sctx->state, SHA256_DIGEST_SIZE); | |
123 | ||
124 | /* wipe context */ | |
125 | memset(sctx, 0, sizeof *sctx); | |
126 | } | |
127 | ||
128 | static struct crypto_alg alg = { | |
129 | .cra_name = "sha256", | |
130 | .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | |
131 | .cra_blocksize = SHA256_BLOCK_SIZE, | |
132 | .cra_ctxsize = sizeof(struct s390_sha256_ctx), | |
133 | .cra_module = THIS_MODULE, | |
134 | .cra_list = LIST_HEAD_INIT(alg.cra_list), | |
135 | .cra_u = { .digest = { | |
136 | .dia_digestsize = SHA256_DIGEST_SIZE, | |
7ffbc9da JG |
137 | .dia_init = sha256_init, |
138 | .dia_update = sha256_update, | |
139 | .dia_final = sha256_final } } | |
0a497c17 JG |
140 | }; |
141 | ||
142 | static int init(void) | |
143 | { | |
144 | int ret; | |
145 | ||
146 | if (!crypt_s390_func_available(KIMD_SHA_256)) | |
147 | return -ENOSYS; | |
148 | ||
149 | ret = crypto_register_alg(&alg); | |
150 | if (ret != 0) | |
151 | printk(KERN_INFO "crypt_s390: sha256_s390 couldn't be loaded."); | |
152 | return ret; | |
153 | } | |
154 | ||
155 | static void __exit fini(void) | |
156 | { | |
157 | crypto_unregister_alg(&alg); | |
158 | } | |
159 | ||
160 | module_init(init); | |
161 | module_exit(fini); | |
162 | ||
163 | MODULE_ALIAS("sha256"); | |
164 | ||
165 | MODULE_LICENSE("GPL"); | |
166 | MODULE_DESCRIPTION("SHA256 Secure Hash Algorithm"); |