forked from Minki/linux
a24d22b225
Currently <crypto/sha.h> contains declarations for both SHA-1 and SHA-2, and <crypto/sha3.h> contains declarations for SHA-3. This organization is inconsistent, but more importantly SHA-1 is no longer considered to be cryptographically secure. So to the extent possible, SHA-1 shouldn't be grouped together with any of the other SHA versions, and usage of it should be phased out. Therefore, split <crypto/sha.h> into two headers <crypto/sha1.h> and <crypto/sha2.h>, and make everyone explicitly specify whether they want the declarations for SHA-1, SHA-2, or both. This avoids making the SHA-1 declarations visible to files that don't want anything to do with SHA-1. It also prepares for potentially moving sha1.h into a new insecure/ or dangerous/ directory. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Acked-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
95 lines
2.3 KiB
C
95 lines
2.3 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/*
|
|
* sha512-neon-glue.c - accelerated SHA-384/512 for ARM NEON
|
|
*
|
|
* Copyright (C) 2015 Linaro Ltd <ard.biesheuvel@linaro.org>
|
|
*/
|
|
|
|
#include <crypto/internal/hash.h>
|
|
#include <crypto/internal/simd.h>
|
|
#include <crypto/sha2.h>
|
|
#include <crypto/sha512_base.h>
|
|
#include <linux/crypto.h>
|
|
#include <linux/module.h>
|
|
|
|
#include <asm/simd.h>
|
|
#include <asm/neon.h>
|
|
|
|
#include "sha512.h"
|
|
|
|
MODULE_ALIAS_CRYPTO("sha384-neon");
|
|
MODULE_ALIAS_CRYPTO("sha512-neon");
|
|
|
|
asmlinkage void sha512_block_data_order_neon(u64 *state, u8 const *src,
|
|
int blocks);
|
|
|
|
static int sha512_neon_update(struct shash_desc *desc, const u8 *data,
|
|
unsigned int len)
|
|
{
|
|
struct sha512_state *sctx = shash_desc_ctx(desc);
|
|
|
|
if (!crypto_simd_usable() ||
|
|
(sctx->count[0] % SHA512_BLOCK_SIZE) + len < SHA512_BLOCK_SIZE)
|
|
return sha512_arm_update(desc, data, len);
|
|
|
|
kernel_neon_begin();
|
|
sha512_base_do_update(desc, data, len,
|
|
(sha512_block_fn *)sha512_block_data_order_neon);
|
|
kernel_neon_end();
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int sha512_neon_finup(struct shash_desc *desc, const u8 *data,
|
|
unsigned int len, u8 *out)
|
|
{
|
|
if (!crypto_simd_usable())
|
|
return sha512_arm_finup(desc, data, len, out);
|
|
|
|
kernel_neon_begin();
|
|
if (len)
|
|
sha512_base_do_update(desc, data, len,
|
|
(sha512_block_fn *)sha512_block_data_order_neon);
|
|
sha512_base_do_finalize(desc,
|
|
(sha512_block_fn *)sha512_block_data_order_neon);
|
|
kernel_neon_end();
|
|
|
|
return sha512_base_finish(desc, out);
|
|
}
|
|
|
|
static int sha512_neon_final(struct shash_desc *desc, u8 *out)
|
|
{
|
|
return sha512_neon_finup(desc, NULL, 0, out);
|
|
}
|
|
|
|
struct shash_alg sha512_neon_algs[] = { {
|
|
.init = sha384_base_init,
|
|
.update = sha512_neon_update,
|
|
.final = sha512_neon_final,
|
|
.finup = sha512_neon_finup,
|
|
.descsize = sizeof(struct sha512_state),
|
|
.digestsize = SHA384_DIGEST_SIZE,
|
|
.base = {
|
|
.cra_name = "sha384",
|
|
.cra_driver_name = "sha384-neon",
|
|
.cra_priority = 300,
|
|
.cra_blocksize = SHA384_BLOCK_SIZE,
|
|
.cra_module = THIS_MODULE,
|
|
|
|
}
|
|
}, {
|
|
.init = sha512_base_init,
|
|
.update = sha512_neon_update,
|
|
.final = sha512_neon_final,
|
|
.finup = sha512_neon_finup,
|
|
.descsize = sizeof(struct sha512_state),
|
|
.digestsize = SHA512_DIGEST_SIZE,
|
|
.base = {
|
|
.cra_name = "sha512",
|
|
.cra_driver_name = "sha512-neon",
|
|
.cra_priority = 300,
|
|
.cra_blocksize = SHA512_BLOCK_SIZE,
|
|
.cra_module = THIS_MODULE,
|
|
}
|
|
} };
|