mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-08-26 11:26:10 +00:00
crypto: arm/blake2b - Use API partial block handling
Use the Crypto API partial block handling. Also remove the unnecessary SIMD fallback path. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Herbert Xu
parent
aa54e17020
commit
cc28260ab4
@ -7,7 +7,6 @@
|
||||
|
||||
#include <crypto/internal/blake2b.h>
|
||||
#include <crypto/internal/hash.h>
|
||||
#include <crypto/internal/simd.h>
|
||||
|
||||
#include <linux/module.h>
|
||||
#include <linux/sizes.h>
|
||||
@ -21,11 +20,6 @@ asmlinkage void blake2b_compress_neon(struct blake2b_state *state,
|
||||
static void blake2b_compress_arch(struct blake2b_state *state,
|
||||
const u8 *block, size_t nblocks, u32 inc)
|
||||
{
|
||||
if (!crypto_simd_usable()) {
|
||||
blake2b_compress_generic(state, block, nblocks, inc);
|
||||
return;
|
||||
}
|
||||
|
||||
do {
|
||||
const size_t blocks = min_t(size_t, nblocks,
|
||||
SZ_4K / BLAKE2B_BLOCK_SIZE);
|
||||
@ -42,12 +36,14 @@ static void blake2b_compress_arch(struct blake2b_state *state,
|
||||
static int crypto_blake2b_update_neon(struct shash_desc *desc,
|
||||
const u8 *in, unsigned int inlen)
|
||||
{
|
||||
return crypto_blake2b_update(desc, in, inlen, blake2b_compress_arch);
|
||||
return crypto_blake2b_update_bo(desc, in, inlen, blake2b_compress_arch);
|
||||
}
|
||||
|
||||
static int crypto_blake2b_final_neon(struct shash_desc *desc, u8 *out)
|
||||
static int crypto_blake2b_finup_neon(struct shash_desc *desc, const u8 *in,
|
||||
unsigned int inlen, u8 *out)
|
||||
{
|
||||
return crypto_blake2b_final(desc, out, blake2b_compress_arch);
|
||||
return crypto_blake2b_finup(desc, in, inlen, out,
|
||||
blake2b_compress_arch);
|
||||
}
|
||||
|
||||
#define BLAKE2B_ALG(name, driver_name, digest_size) \
|
||||
@ -55,7 +51,8 @@ static int crypto_blake2b_final_neon(struct shash_desc *desc, u8 *out)
|
||||
.base.cra_name = name, \
|
||||
.base.cra_driver_name = driver_name, \
|
||||
.base.cra_priority = 200, \
|
||||
.base.cra_flags = CRYPTO_ALG_OPTIONAL_KEY, \
|
||||
.base.cra_flags = CRYPTO_ALG_OPTIONAL_KEY | \
|
||||
CRYPTO_AHASH_ALG_BLOCK_ONLY, \
|
||||
.base.cra_blocksize = BLAKE2B_BLOCK_SIZE, \
|
||||
.base.cra_ctxsize = sizeof(struct blake2b_tfm_ctx), \
|
||||
.base.cra_module = THIS_MODULE, \
|
||||
@ -63,8 +60,9 @@ static int crypto_blake2b_final_neon(struct shash_desc *desc, u8 *out)
|
||||
.setkey = crypto_blake2b_setkey, \
|
||||
.init = crypto_blake2b_init, \
|
||||
.update = crypto_blake2b_update_neon, \
|
||||
.final = crypto_blake2b_final_neon, \
|
||||
.finup = crypto_blake2b_finup_neon, \
|
||||
.descsize = sizeof(struct blake2b_state), \
|
||||
.statesize = BLAKE2B_STATE_SIZE, \
|
||||
}
|
||||
|
||||
static struct shash_alg blake2b_neon_algs[] = {
|
||||
|
||||
@ -7,12 +7,20 @@
|
||||
#include <linux/types.h>
|
||||
#include <linux/string.h>
|
||||
|
||||
struct blake2b_state {
|
||||
/* 'h', 't', and 'f' are used in assembly code, so keep them as-is. */
|
||||
u64 h[8];
|
||||
u64 t[2];
|
||||
/* The true state ends here. The rest is temporary storage. */
|
||||
u64 f[2];
|
||||
};
|
||||
|
||||
enum blake2b_lengths {
|
||||
BLAKE2B_BLOCK_SIZE = 128,
|
||||
BLAKE2B_HASH_SIZE = 64,
|
||||
BLAKE2B_KEY_SIZE = 64,
|
||||
BLAKE2B_STATE_SIZE = 80,
|
||||
BLAKE2B_DESC_SIZE = 96,
|
||||
BLAKE2B_STATE_SIZE = offsetof(struct blake2b_state, f),
|
||||
BLAKE2B_DESC_SIZE = sizeof(struct blake2b_state),
|
||||
|
||||
BLAKE2B_160_HASH_SIZE = 20,
|
||||
BLAKE2B_256_HASH_SIZE = 32,
|
||||
@ -20,15 +28,6 @@ enum blake2b_lengths {
|
||||
BLAKE2B_512_HASH_SIZE = 64,
|
||||
};
|
||||
|
||||
struct blake2b_state {
|
||||
/* 'h', 't', and 'f' are used in assembly code, so keep them as-is. */
|
||||
u64 h[8];
|
||||
u64 t[2];
|
||||
u64 f[2];
|
||||
u8 buf[BLAKE2B_BLOCK_SIZE];
|
||||
unsigned int buflen;
|
||||
};
|
||||
|
||||
enum blake2b_iv {
|
||||
BLAKE2B_IV0 = 0x6A09E667F3BCC908ULL,
|
||||
BLAKE2B_IV1 = 0xBB67AE8584CAA73BULL,
|
||||
|
||||
@ -33,48 +33,6 @@ static inline void blake2b_set_nonlast(struct blake2b_state *state)
|
||||
typedef void (*blake2b_compress_t)(struct blake2b_state *state,
|
||||
const u8 *block, size_t nblocks, u32 inc);
|
||||
|
||||
static inline void __blake2b_update(struct blake2b_state *state,
|
||||
const u8 *in, size_t inlen,
|
||||
blake2b_compress_t compress)
|
||||
{
|
||||
const size_t fill = BLAKE2B_BLOCK_SIZE - state->buflen;
|
||||
|
||||
if (unlikely(!inlen))
|
||||
return;
|
||||
blake2b_set_nonlast(state);
|
||||
if (inlen > fill) {
|
||||
memcpy(state->buf + state->buflen, in, fill);
|
||||
(*compress)(state, state->buf, 1, BLAKE2B_BLOCK_SIZE);
|
||||
state->buflen = 0;
|
||||
in += fill;
|
||||
inlen -= fill;
|
||||
}
|
||||
if (inlen > BLAKE2B_BLOCK_SIZE) {
|
||||
const size_t nblocks = DIV_ROUND_UP(inlen, BLAKE2B_BLOCK_SIZE);
|
||||
/* Hash one less (full) block than strictly possible */
|
||||
(*compress)(state, in, nblocks - 1, BLAKE2B_BLOCK_SIZE);
|
||||
in += BLAKE2B_BLOCK_SIZE * (nblocks - 1);
|
||||
inlen -= BLAKE2B_BLOCK_SIZE * (nblocks - 1);
|
||||
}
|
||||
memcpy(state->buf + state->buflen, in, inlen);
|
||||
state->buflen += inlen;
|
||||
}
|
||||
|
||||
static inline void __blake2b_final(struct blake2b_state *state, u8 *out,
|
||||
unsigned int outlen,
|
||||
blake2b_compress_t compress)
|
||||
{
|
||||
int i;
|
||||
|
||||
blake2b_set_lastblock(state);
|
||||
memset(state->buf + state->buflen, 0,
|
||||
BLAKE2B_BLOCK_SIZE - state->buflen); /* Padding */
|
||||
(*compress)(state, state->buf, 1, state->buflen);
|
||||
for (i = 0; i < ARRAY_SIZE(state->h); i++)
|
||||
__cpu_to_le64s(&state->h[i]);
|
||||
memcpy(out, state->h, outlen);
|
||||
}
|
||||
|
||||
/* Helper functions for shash implementations of BLAKE2b */
|
||||
|
||||
struct blake2b_tfm_ctx {
|
||||
@ -110,16 +68,6 @@ static inline int crypto_blake2b_init(struct shash_desc *desc)
|
||||
crypto_shash_update(desc, tctx->key, BLAKE2B_BLOCK_SIZE) : 0;
|
||||
}
|
||||
|
||||
static inline int crypto_blake2b_update(struct shash_desc *desc,
|
||||
const u8 *in, unsigned int inlen,
|
||||
blake2b_compress_t compress)
|
||||
{
|
||||
struct blake2b_state *state = shash_desc_ctx(desc);
|
||||
|
||||
__blake2b_update(state, in, inlen, compress);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int crypto_blake2b_update_bo(struct shash_desc *desc,
|
||||
const u8 *in, unsigned int inlen,
|
||||
blake2b_compress_t compress)
|
||||
@ -131,16 +79,6 @@ static inline int crypto_blake2b_update_bo(struct shash_desc *desc,
|
||||
return inlen - round_down(inlen, BLAKE2B_BLOCK_SIZE);
|
||||
}
|
||||
|
||||
static inline int crypto_blake2b_final(struct shash_desc *desc, u8 *out,
|
||||
blake2b_compress_t compress)
|
||||
{
|
||||
unsigned int outlen = crypto_shash_digestsize(desc->tfm);
|
||||
struct blake2b_state *state = shash_desc_ctx(desc);
|
||||
|
||||
__blake2b_final(state, out, outlen, compress);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static inline int crypto_blake2b_finup(struct shash_desc *desc, const u8 *in,
|
||||
unsigned int inlen, u8 *out,
|
||||
blake2b_compress_t compress)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user