Commit | Line | Data |
---|---|---|
66d7fb94 JD |
1 | // SPDX-License-Identifier: GPL-2.0 OR MIT |
2 | /* | |
3 | * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. | |
4 | * | |
5 | * This is an implementation of the BLAKE2s hash and PRF functions. | |
6 | * | |
7 | * Information: https://blake2.net/ | |
8 | * | |
9 | */ | |
10 | ||
11 | #include <crypto/internal/blake2s.h> | |
12 | #include <linux/types.h> | |
13 | #include <linux/string.h> | |
14 | #include <linux/kernel.h> | |
15 | #include <linux/module.h> | |
16 | #include <linux/init.h> | |
17 | #include <linux/bug.h> | |
057edc9c EB |
18 | |
19 | #if IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_BLAKE2S) | |
20 | # define blake2s_compress blake2s_compress_arch | |
21 | #else | |
22 | # define blake2s_compress blake2s_compress_generic | |
23 | #endif | |
66d7fb94 | 24 | |
66d7fb94 JD |
25 | void blake2s_update(struct blake2s_state *state, const u8 *in, size_t inlen) |
26 | { | |
057edc9c | 27 | __blake2s_update(state, in, inlen, blake2s_compress); |
66d7fb94 JD |
28 | } |
29 | EXPORT_SYMBOL(blake2s_update); | |
30 | ||
31 | void blake2s_final(struct blake2s_state *state, u8 *out) | |
32 | { | |
33 | WARN_ON(IS_ENABLED(DEBUG) && !out); | |
057edc9c | 34 | __blake2s_final(state, out, blake2s_compress); |
66d7fb94 JD |
35 | memzero_explicit(state, sizeof(*state)); |
36 | } | |
37 | EXPORT_SYMBOL(blake2s_final); | |
38 | ||
39 | void blake2s256_hmac(u8 *out, const u8 *in, const u8 *key, const size_t inlen, | |
40 | const size_t keylen) | |
41 | { | |
42 | struct blake2s_state state; | |
43 | u8 x_key[BLAKE2S_BLOCK_SIZE] __aligned(__alignof__(u32)) = { 0 }; | |
44 | u8 i_hash[BLAKE2S_HASH_SIZE] __aligned(__alignof__(u32)); | |
45 | int i; | |
46 | ||
47 | if (keylen > BLAKE2S_BLOCK_SIZE) { | |
48 | blake2s_init(&state, BLAKE2S_HASH_SIZE); | |
49 | blake2s_update(&state, key, keylen); | |
50 | blake2s_final(&state, x_key); | |
51 | } else | |
52 | memcpy(x_key, key, keylen); | |
53 | ||
54 | for (i = 0; i < BLAKE2S_BLOCK_SIZE; ++i) | |
55 | x_key[i] ^= 0x36; | |
56 | ||
57 | blake2s_init(&state, BLAKE2S_HASH_SIZE); | |
58 | blake2s_update(&state, x_key, BLAKE2S_BLOCK_SIZE); | |
59 | blake2s_update(&state, in, inlen); | |
60 | blake2s_final(&state, i_hash); | |
61 | ||
62 | for (i = 0; i < BLAKE2S_BLOCK_SIZE; ++i) | |
63 | x_key[i] ^= 0x5c ^ 0x36; | |
64 | ||
65 | blake2s_init(&state, BLAKE2S_HASH_SIZE); | |
66 | blake2s_update(&state, x_key, BLAKE2S_BLOCK_SIZE); | |
67 | blake2s_update(&state, i_hash, BLAKE2S_HASH_SIZE); | |
68 | blake2s_final(&state, i_hash); | |
69 | ||
70 | memcpy(out, i_hash, BLAKE2S_HASH_SIZE); | |
71 | memzero_explicit(x_key, BLAKE2S_BLOCK_SIZE); | |
72 | memzero_explicit(i_hash, BLAKE2S_HASH_SIZE); | |
73 | } | |
74 | EXPORT_SYMBOL(blake2s256_hmac); | |
75 | ||
76 | static int __init mod_init(void) | |
77 | { | |
78 | if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) && | |
79 | WARN_ON(!blake2s_selftest())) | |
80 | return -ENODEV; | |
81 | return 0; | |
82 | } | |
83 | ||
84 | static void __exit mod_exit(void) | |
85 | { | |
86 | } | |
87 | ||
88 | module_init(mod_init); | |
89 | module_exit(mod_exit); | |
90 | MODULE_LICENSE("GPL v2"); | |
91 | MODULE_DESCRIPTION("BLAKE2s hash function"); | |
92 | MODULE_AUTHOR("Jason A. Donenfeld <Jason@zx2c4.com>"); |