Commit | Line | Data |
---|---|---|
2874c5fd | 1 | // SPDX-License-Identifier: GPL-2.0-or-later |
7b5a080b HX |
2 | /* |
3 | * Synchronous Cryptographic Hash operations. | |
4 | * | |
5 | * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au> | |
7b5a080b HX |
6 | */ |
7 | ||
3b2f6df0 | 8 | #include <crypto/scatterwalk.h> |
42808e5d | 9 | #include <linux/cryptouser.h> |
7b5a080b HX |
10 | #include <linux/err.h> |
11 | #include <linux/kernel.h> | |
12 | #include <linux/module.h> | |
7b5a080b | 13 | #include <linux/seq_file.h> |
42808e5d | 14 | #include <linux/string.h> |
f4d663ce | 15 | #include <net/netlink.h> |
7b5a080b | 16 | |
42808e5d | 17 | #include "hash.h" |
3b2f6df0 | 18 | |
42808e5d HX |
19 | static inline struct crypto_istat_hash *shash_get_stat(struct shash_alg *alg) |
20 | { | |
21 | return hash_get_stat(&alg->halg); | |
22 | } | |
23 | ||
24 | static inline int crypto_shash_errstat(struct shash_alg *alg, int err) | |
25 | { | |
26 | return crypto_hash_errstat(&alg->halg, err); | |
27 | } | |
28 | ||
c060e16d EB |
29 | int shash_no_setkey(struct crypto_shash *tfm, const u8 *key, |
30 | unsigned int keylen) | |
57cfe44b HX |
31 | { |
32 | return -ENOSYS; | |
33 | } | |
c060e16d | 34 | EXPORT_SYMBOL_GPL(shash_no_setkey); |
57cfe44b | 35 | |
ba7d7433 EB |
36 | static void shash_set_needkey(struct crypto_shash *tfm, struct shash_alg *alg) |
37 | { | |
c2881789 | 38 | if (crypto_shash_alg_needs_key(alg)) |
ba7d7433 EB |
39 | crypto_shash_set_flags(tfm, CRYPTO_TFM_NEED_KEY); |
40 | } | |
41 | ||
7b5a080b HX |
42 | int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, |
43 | unsigned int keylen) | |
44 | { | |
45 | struct shash_alg *shash = crypto_shash_alg(tfm); | |
9fa68f62 | 46 | int err; |
7b5a080b | 47 | |
345bfa3c | 48 | err = shash->setkey(tfm, key, keylen); |
ba7d7433 EB |
49 | if (unlikely(err)) { |
50 | shash_set_needkey(tfm, shash); | |
9fa68f62 | 51 | return err; |
ba7d7433 | 52 | } |
7b5a080b | 53 | |
9fa68f62 EB |
54 | crypto_shash_clear_flags(tfm, CRYPTO_TFM_NEED_KEY); |
55 | return 0; | |
7b5a080b HX |
56 | } |
57 | EXPORT_SYMBOL_GPL(crypto_shash_setkey); | |
58 | ||
7b5a080b HX |
59 | int crypto_shash_update(struct shash_desc *desc, const u8 *data, |
60 | unsigned int len) | |
61 | { | |
345bfa3c | 62 | struct shash_alg *shash = crypto_shash_alg(desc->tfm); |
42808e5d HX |
63 | int err; |
64 | ||
65 | if (IS_ENABLED(CONFIG_CRYPTO_STATS)) | |
66 | atomic64_add(len, &shash_get_stat(shash)->hash_tlen); | |
7b5a080b | 67 | |
345bfa3c | 68 | err = shash->update(desc, data, len); |
7b5a080b | 69 | |
42808e5d | 70 | return crypto_shash_errstat(shash, err); |
7b5a080b HX |
71 | } |
72 | EXPORT_SYMBOL_GPL(crypto_shash_update); | |
73 | ||
7b5a080b HX |
74 | int crypto_shash_final(struct shash_desc *desc, u8 *out) |
75 | { | |
345bfa3c | 76 | struct shash_alg *shash = crypto_shash_alg(desc->tfm); |
42808e5d HX |
77 | int err; |
78 | ||
79 | if (IS_ENABLED(CONFIG_CRYPTO_STATS)) | |
80 | atomic64_inc(&shash_get_stat(shash)->hash_cnt); | |
7b5a080b | 81 | |
345bfa3c | 82 | err = shash->final(desc, out); |
7b5a080b | 83 | |
42808e5d | 84 | return crypto_shash_errstat(shash, err); |
7b5a080b HX |
85 | } |
86 | EXPORT_SYMBOL_GPL(crypto_shash_final); | |
87 | ||
313a4074 EB |
88 | static int shash_default_finup(struct shash_desc *desc, const u8 *data, |
89 | unsigned int len, u8 *out) | |
90 | { | |
91 | struct shash_alg *shash = crypto_shash_alg(desc->tfm); | |
92 | ||
93 | return shash->update(desc, data, len) ?: | |
94 | shash->final(desc, out); | |
95 | } | |
96 | ||
7b5a080b HX |
97 | int crypto_shash_finup(struct shash_desc *desc, const u8 *data, |
98 | unsigned int len, u8 *out) | |
99 | { | |
100 | struct crypto_shash *tfm = desc->tfm; | |
101 | struct shash_alg *shash = crypto_shash_alg(tfm); | |
42808e5d HX |
102 | int err; |
103 | ||
104 | if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { | |
105 | struct crypto_istat_hash *istat = shash_get_stat(shash); | |
106 | ||
107 | atomic64_inc(&istat->hash_cnt); | |
108 | atomic64_add(len, &istat->hash_tlen); | |
109 | } | |
7b5a080b | 110 | |
345bfa3c | 111 | err = shash->finup(desc, data, len, out); |
7b5a080b | 112 | |
42808e5d | 113 | return crypto_shash_errstat(shash, err); |
7b5a080b HX |
114 | } |
115 | EXPORT_SYMBOL_GPL(crypto_shash_finup); | |
116 | ||
313a4074 EB |
117 | static int shash_default_digest(struct shash_desc *desc, const u8 *data, |
118 | unsigned int len, u8 *out) | |
119 | { | |
120 | struct shash_alg *shash = crypto_shash_alg(desc->tfm); | |
121 | ||
122 | return shash->init(desc) ?: | |
123 | shash->finup(desc, data, len, out); | |
124 | } | |
125 | ||
7b5a080b HX |
126 | int crypto_shash_digest(struct shash_desc *desc, const u8 *data, |
127 | unsigned int len, u8 *out) | |
128 | { | |
129 | struct crypto_shash *tfm = desc->tfm; | |
130 | struct shash_alg *shash = crypto_shash_alg(tfm); | |
42808e5d | 131 | int err; |
7b5a080b | 132 | |
42808e5d HX |
133 | if (IS_ENABLED(CONFIG_CRYPTO_STATS)) { |
134 | struct crypto_istat_hash *istat = shash_get_stat(shash); | |
9fa68f62 | 135 | |
42808e5d HX |
136 | atomic64_inc(&istat->hash_cnt); |
137 | atomic64_add(len, &istat->hash_tlen); | |
138 | } | |
7b5a080b | 139 | |
42808e5d HX |
140 | if (crypto_shash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) |
141 | err = -ENOKEY; | |
42808e5d HX |
142 | else |
143 | err = shash->digest(desc, data, len, out); | |
144 | ||
145 | return crypto_shash_errstat(shash, err); | |
7b5a080b HX |
146 | } |
147 | EXPORT_SYMBOL_GPL(crypto_shash_digest); | |
148 | ||
822a98b8 EB |
149 | int crypto_shash_tfm_digest(struct crypto_shash *tfm, const u8 *data, |
150 | unsigned int len, u8 *out) | |
151 | { | |
152 | SHASH_DESC_ON_STACK(desc, tfm); | |
153 | int err; | |
154 | ||
155 | desc->tfm = tfm; | |
156 | ||
157 | err = crypto_shash_digest(desc, data, len, out); | |
158 | ||
159 | shash_desc_zero(desc); | |
160 | ||
161 | return err; | |
162 | } | |
163 | EXPORT_SYMBOL_GPL(crypto_shash_tfm_digest); | |
164 | ||
08debaa5 | 165 | int crypto_shash_export(struct shash_desc *desc, void *out) |
dec8b786 | 166 | { |
08debaa5 EB |
167 | struct crypto_shash *tfm = desc->tfm; |
168 | struct shash_alg *shash = crypto_shash_alg(tfm); | |
169 | ||
170 | if (shash->export) | |
171 | return shash->export(desc, out); | |
172 | ||
173 | memcpy(out, shash_desc_ctx(desc), crypto_shash_descsize(tfm)); | |
f592682f | 174 | return 0; |
99d27e1c | 175 | } |
08debaa5 | 176 | EXPORT_SYMBOL_GPL(crypto_shash_export); |
dec8b786 | 177 | |
08debaa5 | 178 | int crypto_shash_import(struct shash_desc *desc, const void *in) |
99d27e1c | 179 | { |
08debaa5 EB |
180 | struct crypto_shash *tfm = desc->tfm; |
181 | struct shash_alg *shash = crypto_shash_alg(tfm); | |
182 | ||
183 | if (crypto_shash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) | |
184 | return -ENOKEY; | |
185 | ||
186 | if (shash->import) | |
187 | return shash->import(desc, in); | |
188 | ||
189 | memcpy(shash_desc_ctx(desc), in, crypto_shash_descsize(tfm)); | |
f592682f | 190 | return 0; |
dec8b786 | 191 | } |
08debaa5 | 192 | EXPORT_SYMBOL_GPL(crypto_shash_import); |
dec8b786 | 193 | |
fbce6be5 HX |
194 | static void crypto_shash_exit_tfm(struct crypto_tfm *tfm) |
195 | { | |
196 | struct crypto_shash *hash = __crypto_shash_cast(tfm); | |
197 | struct shash_alg *alg = crypto_shash_alg(hash); | |
198 | ||
199 | alg->exit_tfm(hash); | |
200 | } | |
201 | ||
2ca33da1 | 202 | static int crypto_shash_init_tfm(struct crypto_tfm *tfm) |
7b5a080b | 203 | { |
113adefc | 204 | struct crypto_shash *hash = __crypto_shash_cast(tfm); |
9fa68f62 | 205 | struct shash_alg *alg = crypto_shash_alg(hash); |
fbce6be5 | 206 | int err; |
9fa68f62 EB |
207 | |
208 | hash->descsize = alg->descsize; | |
209 | ||
ba7d7433 | 210 | shash_set_needkey(hash, alg); |
113adefc | 211 | |
fbce6be5 HX |
212 | if (alg->exit_tfm) |
213 | tfm->exit = crypto_shash_exit_tfm; | |
214 | ||
215 | if (!alg->init_tfm) | |
216 | return 0; | |
217 | ||
218 | err = alg->init_tfm(hash); | |
219 | if (err) | |
220 | return err; | |
221 | ||
222 | /* ->init_tfm() may have increased the descsize. */ | |
223 | if (WARN_ON_ONCE(hash->descsize > HASH_MAX_DESCSIZE)) { | |
224 | if (alg->exit_tfm) | |
225 | alg->exit_tfm(hash); | |
226 | return -EINVAL; | |
227 | } | |
228 | ||
7b5a080b HX |
229 | return 0; |
230 | } | |
231 | ||
48fb3e57 EB |
232 | static void crypto_shash_free_instance(struct crypto_instance *inst) |
233 | { | |
234 | struct shash_instance *shash = shash_instance(inst); | |
235 | ||
48fb3e57 EB |
236 | shash->free(shash); |
237 | } | |
238 | ||
c0f9e01d HX |
239 | static int __maybe_unused crypto_shash_report( |
240 | struct sk_buff *skb, struct crypto_alg *alg) | |
f4d663ce SK |
241 | { |
242 | struct crypto_report_hash rhash; | |
243 | struct shash_alg *salg = __crypto_shash_alg(alg); | |
244 | ||
37db69e0 EB |
245 | memset(&rhash, 0, sizeof(rhash)); |
246 | ||
247 | strscpy(rhash.type, "shash", sizeof(rhash.type)); | |
9a5467bf | 248 | |
f4d663ce SK |
249 | rhash.blocksize = alg->cra_blocksize; |
250 | rhash.digestsize = salg->digestsize; | |
251 | ||
37db69e0 | 252 | return nla_put(skb, CRYPTOCFGA_REPORT_HASH, sizeof(rhash), &rhash); |
f4d663ce SK |
253 | } |
254 | ||
7b5a080b | 255 | static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg) |
d8c34b94 | 256 | __maybe_unused; |
7b5a080b HX |
257 | static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg) |
258 | { | |
259 | struct shash_alg *salg = __crypto_shash_alg(alg); | |
260 | ||
261 | seq_printf(m, "type : shash\n"); | |
262 | seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); | |
263 | seq_printf(m, "digestsize : %u\n", salg->digestsize); | |
7b5a080b HX |
264 | } |
265 | ||
42808e5d HX |
266 | static int __maybe_unused crypto_shash_report_stat( |
267 | struct sk_buff *skb, struct crypto_alg *alg) | |
268 | { | |
269 | return crypto_hash_report_stat(skb, alg, "shash"); | |
270 | } | |
271 | ||
ecf889b7 | 272 | const struct crypto_type crypto_shash_type = { |
ac611680 | 273 | .extsize = crypto_alg_extsize, |
7b5a080b | 274 | .init_tfm = crypto_shash_init_tfm, |
48fb3e57 | 275 | .free = crypto_shash_free_instance, |
7b5a080b HX |
276 | #ifdef CONFIG_PROC_FS |
277 | .show = crypto_shash_show, | |
278 | #endif | |
b8969a1b | 279 | #if IS_ENABLED(CONFIG_CRYPTO_USER) |
f4d663ce | 280 | .report = crypto_shash_report, |
c0f9e01d | 281 | #endif |
42808e5d HX |
282 | #ifdef CONFIG_CRYPTO_STATS |
283 | .report_stat = crypto_shash_report_stat, | |
284 | #endif | |
7b5a080b HX |
285 | .maskclear = ~CRYPTO_ALG_TYPE_MASK, |
286 | .maskset = CRYPTO_ALG_TYPE_MASK, | |
287 | .type = CRYPTO_ALG_TYPE_SHASH, | |
288 | .tfmsize = offsetof(struct crypto_shash, base), | |
289 | }; | |
290 | ||
fdfad1ff EB |
291 | int crypto_grab_shash(struct crypto_shash_spawn *spawn, |
292 | struct crypto_instance *inst, | |
293 | const char *name, u32 type, u32 mask) | |
294 | { | |
295 | spawn->base.frontend = &crypto_shash_type; | |
296 | return crypto_grab_spawn(&spawn->base, inst, name, type, mask); | |
297 | } | |
298 | EXPORT_SYMBOL_GPL(crypto_grab_shash); | |
299 | ||
7b5a080b HX |
300 | struct crypto_shash *crypto_alloc_shash(const char *alg_name, u32 type, |
301 | u32 mask) | |
302 | { | |
3f683d61 | 303 | return crypto_alloc_tfm(alg_name, &crypto_shash_type, type, mask); |
7b5a080b HX |
304 | } |
305 | EXPORT_SYMBOL_GPL(crypto_alloc_shash); | |
306 | ||
85cc4243 HR |
307 | int crypto_has_shash(const char *alg_name, u32 type, u32 mask) |
308 | { | |
309 | return crypto_type_has_alg(alg_name, &crypto_shash_type, type, mask); | |
310 | } | |
311 | EXPORT_SYMBOL_GPL(crypto_has_shash); | |
312 | ||
ed3630b8 HX |
313 | struct crypto_shash *crypto_clone_shash(struct crypto_shash *hash) |
314 | { | |
315 | struct crypto_tfm *tfm = crypto_shash_tfm(hash); | |
316 | struct shash_alg *alg = crypto_shash_alg(hash); | |
317 | struct crypto_shash *nhash; | |
318 | int err; | |
319 | ||
320 | if (!crypto_shash_alg_has_setkey(alg)) { | |
321 | tfm = crypto_tfm_get(tfm); | |
322 | if (IS_ERR(tfm)) | |
323 | return ERR_CAST(tfm); | |
324 | ||
325 | return hash; | |
326 | } | |
327 | ||
b7be31b0 | 328 | if (!alg->clone_tfm && (alg->init_tfm || alg->base.cra_init)) |
ed3630b8 HX |
329 | return ERR_PTR(-ENOSYS); |
330 | ||
331 | nhash = crypto_clone_tfm(&crypto_shash_type, tfm); | |
332 | if (IS_ERR(nhash)) | |
333 | return nhash; | |
334 | ||
335 | nhash->descsize = hash->descsize; | |
336 | ||
b7be31b0 HX |
337 | if (alg->clone_tfm) { |
338 | err = alg->clone_tfm(nhash, hash); | |
339 | if (err) { | |
340 | crypto_free_shash(nhash); | |
341 | return ERR_PTR(err); | |
342 | } | |
ed3630b8 HX |
343 | } |
344 | ||
345 | return nhash; | |
346 | } | |
347 | EXPORT_SYMBOL_GPL(crypto_clone_shash); | |
348 | ||
42808e5d | 349 | int hash_prepare_alg(struct hash_alg_common *alg) |
7b5a080b | 350 | { |
42808e5d | 351 | struct crypto_istat_hash *istat = hash_get_stat(alg); |
7b5a080b HX |
352 | struct crypto_alg *base = &alg->base; |
353 | ||
9697b328 | 354 | if (alg->digestsize > HASH_MAX_DIGESTSIZE) |
7b5a080b HX |
355 | return -EINVAL; |
356 | ||
c626910f EB |
357 | /* alignmask is not useful for hashes, so it is not supported. */ |
358 | if (base->cra_alignmask) | |
359 | return -EINVAL; | |
360 | ||
42808e5d HX |
361 | base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; |
362 | ||
363 | if (IS_ENABLED(CONFIG_CRYPTO_STATS)) | |
364 | memset(istat, 0, sizeof(*istat)); | |
365 | ||
366 | return 0; | |
367 | } | |
368 | ||
369 | static int shash_prepare_alg(struct shash_alg *alg) | |
370 | { | |
371 | struct crypto_alg *base = &alg->halg.base; | |
372 | int err; | |
373 | ||
374 | if (alg->descsize > HASH_MAX_DESCSIZE) | |
375 | return -EINVAL; | |
376 | ||
41a2e94f EB |
377 | if ((alg->export && !alg->import) || (alg->import && !alg->export)) |
378 | return -EINVAL; | |
379 | ||
42808e5d HX |
380 | err = hash_prepare_alg(&alg->halg); |
381 | if (err) | |
382 | return err; | |
383 | ||
7b5a080b | 384 | base->cra_type = &crypto_shash_type; |
7b5a080b | 385 | base->cra_flags |= CRYPTO_ALG_TYPE_SHASH; |
99d27e1c | 386 | |
08debaa5 EB |
387 | /* |
388 | * Handle missing optional functions. For each one we can either | |
389 | * install a default here, or we can leave the pointer as NULL and check | |
390 | * the pointer for NULL in crypto_shash_*(), avoiding an indirect call | |
391 | * when the default behavior is desired. For ->finup and ->digest we | |
392 | * install defaults, since for optimal performance algorithms should | |
393 | * implement these anyway. On the other hand, for ->import and | |
394 | * ->export the common case and best performance comes from the simple | |
395 | * memcpy of the shash_desc_ctx, so when those pointers are NULL we | |
396 | * leave them NULL and provide the memcpy with no indirect call. | |
397 | */ | |
8267adab | 398 | if (!alg->finup) |
313a4074 | 399 | alg->finup = shash_default_finup; |
8267adab | 400 | if (!alg->digest) |
313a4074 | 401 | alg->digest = shash_default_digest; |
08debaa5 | 402 | if (!alg->export) |
42808e5d | 403 | alg->halg.statesize = alg->descsize; |
57cfe44b HX |
404 | if (!alg->setkey) |
405 | alg->setkey = shash_no_setkey; | |
99d27e1c | 406 | |
619a6ebd HX |
407 | return 0; |
408 | } | |
409 | ||
410 | int crypto_register_shash(struct shash_alg *alg) | |
411 | { | |
412 | struct crypto_alg *base = &alg->base; | |
413 | int err; | |
414 | ||
415 | err = shash_prepare_alg(alg); | |
416 | if (err) | |
417 | return err; | |
7b5a080b HX |
418 | |
419 | return crypto_register_alg(base); | |
420 | } | |
421 | EXPORT_SYMBOL_GPL(crypto_register_shash); | |
422 | ||
c6d633a9 | 423 | void crypto_unregister_shash(struct shash_alg *alg) |
7b5a080b | 424 | { |
c6d633a9 | 425 | crypto_unregister_alg(&alg->base); |
7b5a080b HX |
426 | } |
427 | EXPORT_SYMBOL_GPL(crypto_unregister_shash); | |
428 | ||
50fc3e8d JK |
429 | int crypto_register_shashes(struct shash_alg *algs, int count) |
430 | { | |
431 | int i, ret; | |
432 | ||
433 | for (i = 0; i < count; i++) { | |
434 | ret = crypto_register_shash(&algs[i]); | |
435 | if (ret) | |
436 | goto err; | |
437 | } | |
438 | ||
439 | return 0; | |
440 | ||
441 | err: | |
442 | for (--i; i >= 0; --i) | |
443 | crypto_unregister_shash(&algs[i]); | |
444 | ||
445 | return ret; | |
446 | } | |
447 | EXPORT_SYMBOL_GPL(crypto_register_shashes); | |
448 | ||
c6d633a9 | 449 | void crypto_unregister_shashes(struct shash_alg *algs, int count) |
50fc3e8d | 450 | { |
c6d633a9 | 451 | int i; |
50fc3e8d | 452 | |
c6d633a9 EB |
453 | for (i = count - 1; i >= 0; --i) |
454 | crypto_unregister_shash(&algs[i]); | |
50fc3e8d JK |
455 | } |
456 | EXPORT_SYMBOL_GPL(crypto_unregister_shashes); | |
457 | ||
619a6ebd HX |
458 | int shash_register_instance(struct crypto_template *tmpl, |
459 | struct shash_instance *inst) | |
460 | { | |
461 | int err; | |
462 | ||
d4fdc2df EB |
463 | if (WARN_ON(!inst->free)) |
464 | return -EINVAL; | |
465 | ||
619a6ebd HX |
466 | err = shash_prepare_alg(&inst->alg); |
467 | if (err) | |
468 | return err; | |
469 | ||
470 | return crypto_register_instance(tmpl, shash_crypto_instance(inst)); | |
471 | } | |
472 | EXPORT_SYMBOL_GPL(shash_register_instance); | |
473 | ||
a39c66cc | 474 | void shash_free_singlespawn_instance(struct shash_instance *inst) |
2e4fddd8 | 475 | { |
a39c66cc EB |
476 | crypto_drop_spawn(shash_instance_ctx(inst)); |
477 | kfree(inst); | |
2e4fddd8 | 478 | } |
a39c66cc | 479 | EXPORT_SYMBOL_GPL(shash_free_singlespawn_instance); |
2e4fddd8 | 480 | |
7b5a080b HX |
481 | MODULE_LICENSE("GPL"); |
482 | MODULE_DESCRIPTION("Synchronous cryptographic hash type"); |