1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Crypto API wrapper for the SHA-256 and SHA-224 library functions 4 * 5 * Copyright (c) Jean-Luc Cooke <jlcooke@certainkey.com> 6 * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk> 7 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 8 * SHA224 Support Copyright 2007 Intel Corporation <jonathan.lynch@intel.com> 9 */ 10 #include <crypto/internal/hash.h> 11 #include <crypto/internal/sha2.h> 12 #include <linux/kernel.h> 13 #include <linux/module.h> 14 15 const u8 sha224_zero_message_hash[SHA224_DIGEST_SIZE] = { 16 0xd1, 0x4a, 0x02, 0x8c, 0x2a, 0x3a, 0x2b, 0xc9, 0x47, 17 0x61, 0x02, 0xbb, 0x28, 0x82, 0x34, 0xc4, 0x15, 0xa2, 18 0xb0, 0x1f, 0x82, 0x8e, 0xa6, 0x2a, 0xc5, 0xb3, 0xe4, 19 0x2f 20 }; 21 EXPORT_SYMBOL_GPL(sha224_zero_message_hash); 22 23 const u8 sha256_zero_message_hash[SHA256_DIGEST_SIZE] = { 24 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 25 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 26 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 27 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 28 }; 29 EXPORT_SYMBOL_GPL(sha256_zero_message_hash); 30 31 static int crypto_sha256_init(struct shash_desc *desc) 32 { 33 sha256_init(shash_desc_ctx(desc)); 34 return 0; 35 } 36 37 static int crypto_sha256_update_generic(struct shash_desc *desc, const u8 *data, 38 unsigned int len) 39 { 40 sha256_update_generic(shash_desc_ctx(desc), data, len); 41 return 0; 42 } 43 44 static int crypto_sha256_update_arch(struct shash_desc *desc, const u8 *data, 45 unsigned int len) 46 { 47 sha256_update(shash_desc_ctx(desc), data, len); 48 return 0; 49 } 50 51 static int crypto_sha256_final_generic(struct shash_desc *desc, u8 *out) 52 { 53 sha256_final_generic(shash_desc_ctx(desc), out); 54 return 0; 55 } 56 57 static int crypto_sha256_final_arch(struct shash_desc *desc, u8 *out) 58 { 59 sha256_final(shash_desc_ctx(desc), out); 60 return 0; 61 } 62 63 static int crypto_sha256_finup_generic(struct shash_desc *desc, const u8 *data, 64 unsigned int len, u8 *out) 65 { 66 struct sha256_state *sctx = shash_desc_ctx(desc); 67 68 sha256_update_generic(sctx, data, len); 69 sha256_final_generic(sctx, out); 70 return 0; 71 } 72 73 static int crypto_sha256_finup_arch(struct shash_desc *desc, const u8 *data, 74 unsigned int len, u8 *out) 75 { 76 struct sha256_state *sctx = shash_desc_ctx(desc); 77 78 sha256_update(sctx, data, len); 79 sha256_final(sctx, out); 80 return 0; 81 } 82 83 static int crypto_sha256_digest_generic(struct shash_desc *desc, const u8 *data, 84 unsigned int len, u8 *out) 85 { 86 struct sha256_state *sctx = shash_desc_ctx(desc); 87 88 sha256_init(sctx); 89 sha256_update_generic(sctx, data, len); 90 sha256_final_generic(sctx, out); 91 return 0; 92 } 93 94 static int crypto_sha256_digest_arch(struct shash_desc *desc, const u8 *data, 95 unsigned int len, u8 *out) 96 { 97 sha256(data, len, out); 98 return 0; 99 } 100 101 static int crypto_sha224_init(struct shash_desc *desc) 102 { 103 sha224_init(shash_desc_ctx(desc)); 104 return 0; 105 } 106 107 static int crypto_sha224_final_generic(struct shash_desc *desc, u8 *out) 108 { 109 sha224_final_generic(shash_desc_ctx(desc), out); 110 return 0; 111 } 112 113 static int crypto_sha224_final_arch(struct shash_desc *desc, u8 *out) 114 { 115 sha224_final(shash_desc_ctx(desc), out); 116 return 0; 117 } 118 119 static int crypto_sha256_import_lib(struct shash_desc *desc, const void *in) 120 { 121 struct sha256_state *sctx = shash_desc_ctx(desc); 122 const u8 *p = in; 123 124 memcpy(sctx, p, sizeof(*sctx)); 125 p += sizeof(*sctx); 126 sctx->count += *p; 127 return 0; 128 } 129 130 static int crypto_sha256_export_lib(struct shash_desc *desc, void *out) 131 { 132 struct sha256_state *sctx0 = shash_desc_ctx(desc); 133 struct sha256_state sctx = *sctx0; 134 unsigned int partial; 135 u8 *p = out; 136 137 partial = sctx.count % SHA256_BLOCK_SIZE; 138 sctx.count -= partial; 139 memcpy(p, &sctx, sizeof(sctx)); 140 p += sizeof(sctx); 141 *p = partial; 142 return 0; 143 } 144 145 static struct shash_alg algs[] = { 146 { 147 .base.cra_name = "sha256", 148 .base.cra_driver_name = "sha256-generic", 149 .base.cra_priority = 100, 150 .base.cra_blocksize = SHA256_BLOCK_SIZE, 151 .base.cra_module = THIS_MODULE, 152 .digestsize = SHA256_DIGEST_SIZE, 153 .init = crypto_sha256_init, 154 .update = crypto_sha256_update_generic, 155 .final = crypto_sha256_final_generic, 156 .finup = crypto_sha256_finup_generic, 157 .digest = crypto_sha256_digest_generic, 158 .descsize = sizeof(struct sha256_state), 159 .statesize = sizeof(struct crypto_sha256_state) + 160 SHA256_BLOCK_SIZE + 1, 161 .import = crypto_sha256_import_lib, 162 .export = crypto_sha256_export_lib, 163 }, 164 { 165 .base.cra_name = "sha224", 166 .base.cra_driver_name = "sha224-generic", 167 .base.cra_priority = 100, 168 .base.cra_blocksize = SHA224_BLOCK_SIZE, 169 .base.cra_module = THIS_MODULE, 170 .digestsize = SHA224_DIGEST_SIZE, 171 .init = crypto_sha224_init, 172 .update = crypto_sha256_update_generic, 173 .final = crypto_sha224_final_generic, 174 .descsize = sizeof(struct sha256_state), 175 .statesize = sizeof(struct crypto_sha256_state) + 176 SHA256_BLOCK_SIZE + 1, 177 .import = crypto_sha256_import_lib, 178 .export = crypto_sha256_export_lib, 179 }, 180 { 181 .base.cra_name = "sha256", 182 .base.cra_driver_name = "sha256-" __stringify(ARCH), 183 .base.cra_priority = 300, 184 .base.cra_blocksize = SHA256_BLOCK_SIZE, 185 .base.cra_module = THIS_MODULE, 186 .digestsize = SHA256_DIGEST_SIZE, 187 .init = crypto_sha256_init, 188 .update = crypto_sha256_update_arch, 189 .final = crypto_sha256_final_arch, 190 .finup = crypto_sha256_finup_arch, 191 .digest = crypto_sha256_digest_arch, 192 .descsize = sizeof(struct sha256_state), 193 .statesize = sizeof(struct crypto_sha256_state) + 194 SHA256_BLOCK_SIZE + 1, 195 .import = crypto_sha256_import_lib, 196 .export = crypto_sha256_export_lib, 197 }, 198 { 199 .base.cra_name = "sha224", 200 .base.cra_driver_name = "sha224-" __stringify(ARCH), 201 .base.cra_priority = 300, 202 .base.cra_blocksize = SHA224_BLOCK_SIZE, 203 .base.cra_module = THIS_MODULE, 204 .digestsize = SHA224_DIGEST_SIZE, 205 .init = crypto_sha224_init, 206 .update = crypto_sha256_update_arch, 207 .final = crypto_sha224_final_arch, 208 .descsize = sizeof(struct sha256_state), 209 .statesize = sizeof(struct crypto_sha256_state) + 210 SHA256_BLOCK_SIZE + 1, 211 .import = crypto_sha256_import_lib, 212 .export = crypto_sha256_export_lib, 213 }, 214 }; 215 216 static unsigned int num_algs; 217 218 static int __init crypto_sha256_mod_init(void) 219 { 220 /* register the arch flavours only if they differ from generic */ 221 num_algs = ARRAY_SIZE(algs); 222 BUILD_BUG_ON(ARRAY_SIZE(algs) % 2 != 0); 223 if (!sha256_is_arch_optimized()) 224 num_algs /= 2; 225 return crypto_register_shashes(algs, ARRAY_SIZE(algs)); 226 } 227 subsys_initcall(crypto_sha256_mod_init); 228 229 static void __exit crypto_sha256_mod_exit(void) 230 { 231 crypto_unregister_shashes(algs, num_algs); 232 } 233 module_exit(crypto_sha256_mod_exit); 234 235 MODULE_LICENSE("GPL"); 236 MODULE_DESCRIPTION("Crypto API wrapper for the SHA-256 and SHA-224 library functions"); 237 238 MODULE_ALIAS_CRYPTO("sha256"); 239 MODULE_ALIAS_CRYPTO("sha256-generic"); 240 MODULE_ALIAS_CRYPTO("sha256-" __stringify(ARCH)); 241 MODULE_ALIAS_CRYPTO("sha224"); 242 MODULE_ALIAS_CRYPTO("sha224-generic"); 243 MODULE_ALIAS_CRYPTO("sha224-" __stringify(ARCH)); 244