]> git.ipfire.org Git - thirdparty/kernel/linux.git/commitdiff
crypto: sha256 - Use the partial block API for generic
authorHerbert Xu <herbert@gondor.apana.org.au>
Fri, 2 May 2025 05:30:56 +0000 (13:30 +0800)
committerHerbert Xu <herbert@gondor.apana.org.au>
Mon, 5 May 2025 10:20:45 +0000 (18:20 +0800)
The shash interface already handles partial blocks, use it for
sha224-generic and sha256-generic instead of going through the
lib/sha256 interface.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto/sha256.c
include/crypto/sha2.h

index 47ad7e4cc55f710658d1350a86bdef2225f6eae9..cf190114574eaee855549a516822df2fe94e761f 100644 (file)
@@ -30,15 +30,26 @@ EXPORT_SYMBOL_GPL(sha256_zero_message_hash);
 
 static int crypto_sha256_init(struct shash_desc *desc)
 {
-       sha256_init(shash_desc_ctx(desc));
+       sha256_block_init(shash_desc_ctx(desc));
        return 0;
 }
 
+static inline int crypto_sha256_update(struct shash_desc *desc, const u8 *data,
+                                      unsigned int len, bool force_generic)
+{
+       struct crypto_sha256_state *sctx = shash_desc_ctx(desc);
+       int remain = len % SHA256_BLOCK_SIZE;
+
+       sctx->count += len - remain;
+       sha256_choose_blocks(sctx->state, data, len / SHA256_BLOCK_SIZE,
+                            force_generic, !force_generic);
+       return remain;
+}
+
 static int crypto_sha256_update_generic(struct shash_desc *desc, const u8 *data,
                                        unsigned int len)
 {
-       sha256_update_generic(shash_desc_ctx(desc), data, len);
-       return 0;
+       return crypto_sha256_update(desc, data, len, true);
 }
 
 static int crypto_sha256_update_arch(struct shash_desc *desc, const u8 *data,
@@ -48,26 +59,35 @@ static int crypto_sha256_update_arch(struct shash_desc *desc, const u8 *data,
        return 0;
 }
 
-static int crypto_sha256_final_generic(struct shash_desc *desc, u8 *out)
+static int crypto_sha256_final_arch(struct shash_desc *desc, u8 *out)
 {
-       sha256_final_generic(shash_desc_ctx(desc), out);
+       sha256_final(shash_desc_ctx(desc), out);
        return 0;
 }
 
-static int crypto_sha256_final_arch(struct shash_desc *desc, u8 *out)
+static __always_inline int crypto_sha256_finup(struct shash_desc *desc,
+                                              const u8 *data,
+                                              unsigned int len, u8 *out,
+                                              bool force_generic)
 {
-       sha256_final(shash_desc_ctx(desc), out);
+       struct crypto_sha256_state *sctx = shash_desc_ctx(desc);
+       unsigned int remain = len;
+       u8 *buf;
+
+       if (len >= SHA256_BLOCK_SIZE)
+               remain = crypto_sha256_update(desc, data, len, force_generic);
+       sctx->count += remain;
+       buf = memcpy(sctx + 1, data + len - remain, remain);
+       sha256_finup(sctx, buf, remain, out,
+                    crypto_shash_digestsize(desc->tfm), force_generic,
+                    !force_generic);
        return 0;
 }
 
 static int crypto_sha256_finup_generic(struct shash_desc *desc, const u8 *data,
                                       unsigned int len, u8 *out)
 {
-       struct sha256_state *sctx = shash_desc_ctx(desc);
-
-       sha256_update_generic(sctx, data, len);
-       sha256_final_generic(sctx, out);
-       return 0;
+       return crypto_sha256_finup(desc, data, len, out, true);
 }
 
 static int crypto_sha256_finup_arch(struct shash_desc *desc, const u8 *data,
@@ -83,12 +103,8 @@ static int crypto_sha256_finup_arch(struct shash_desc *desc, const u8 *data,
 static int crypto_sha256_digest_generic(struct shash_desc *desc, const u8 *data,
                                        unsigned int len, u8 *out)
 {
-       struct sha256_state *sctx = shash_desc_ctx(desc);
-
-       sha256_init(sctx);
-       sha256_update_generic(sctx, data, len);
-       sha256_final_generic(sctx, out);
-       return 0;
+       crypto_sha256_init(desc);
+       return crypto_sha256_finup_generic(desc, data, len, out);
 }
 
 static int crypto_sha256_digest_arch(struct shash_desc *desc, const u8 *data,
@@ -100,13 +116,7 @@ static int crypto_sha256_digest_arch(struct shash_desc *desc, const u8 *data,
 
 static int crypto_sha224_init(struct shash_desc *desc)
 {
-       sha224_init(shash_desc_ctx(desc));
-       return 0;
-}
-
-static int crypto_sha224_final_generic(struct shash_desc *desc, u8 *out)
-{
-       sha224_final_generic(shash_desc_ctx(desc), out);
+       sha224_block_init(shash_desc_ctx(desc));
        return 0;
 }
 
@@ -147,35 +157,30 @@ static struct shash_alg algs[] = {
                .base.cra_name          = "sha256",
                .base.cra_driver_name   = "sha256-generic",
                .base.cra_priority      = 100,
+               .base.cra_flags         = CRYPTO_AHASH_ALG_BLOCK_ONLY |
+                                         CRYPTO_AHASH_ALG_FINUP_MAX,
                .base.cra_blocksize     = SHA256_BLOCK_SIZE,
                .base.cra_module        = THIS_MODULE,
                .digestsize             = SHA256_DIGEST_SIZE,
                .init                   = crypto_sha256_init,
                .update                 = crypto_sha256_update_generic,
-               .final                  = crypto_sha256_final_generic,
                .finup                  = crypto_sha256_finup_generic,
                .digest                 = crypto_sha256_digest_generic,
-               .descsize               = sizeof(struct sha256_state),
-               .statesize              = sizeof(struct crypto_sha256_state) +
-                                         SHA256_BLOCK_SIZE + 1,
-               .import                 = crypto_sha256_import_lib,
-               .export                 = crypto_sha256_export_lib,
+               .descsize               = sizeof(struct crypto_sha256_state),
        },
        {
                .base.cra_name          = "sha224",
                .base.cra_driver_name   = "sha224-generic",
                .base.cra_priority      = 100,
+               .base.cra_flags         = CRYPTO_AHASH_ALG_BLOCK_ONLY |
+                                         CRYPTO_AHASH_ALG_FINUP_MAX,
                .base.cra_blocksize     = SHA224_BLOCK_SIZE,
                .base.cra_module        = THIS_MODULE,
                .digestsize             = SHA224_DIGEST_SIZE,
                .init                   = crypto_sha224_init,
                .update                 = crypto_sha256_update_generic,
-               .final                  = crypto_sha224_final_generic,
-               .descsize               = sizeof(struct sha256_state),
-               .statesize              = sizeof(struct crypto_sha256_state) +
-                                         SHA256_BLOCK_SIZE + 1,
-               .import                 = crypto_sha256_import_lib,
-               .export                 = crypto_sha256_export_lib,
+               .finup                  = crypto_sha256_finup_generic,
+               .descsize               = sizeof(struct crypto_sha256_state),
        },
        {
                .base.cra_name          = "sha256",
index 9853cd2d1291bae99380832250ffc40fe3ec6291..4912572578dc2c47836ec6d487cbfbfb1541da75 100644 (file)
@@ -88,7 +88,7 @@ struct sha512_state {
        u8 buf[SHA512_BLOCK_SIZE];
 };
 
-static inline void sha256_init(struct sha256_state *sctx)
+static inline void sha256_block_init(struct crypto_sha256_state *sctx)
 {
        sctx->state[0] = SHA256_H0;
        sctx->state[1] = SHA256_H1;
@@ -100,11 +100,16 @@ static inline void sha256_init(struct sha256_state *sctx)
        sctx->state[7] = SHA256_H7;
        sctx->count = 0;
 }
+
+static inline void sha256_init(struct sha256_state *sctx)
+{
+       sha256_block_init(&sctx->ctx);
+}
 void sha256_update(struct sha256_state *sctx, const u8 *data, size_t len);
 void sha256_final(struct sha256_state *sctx, u8 out[SHA256_DIGEST_SIZE]);
 void sha256(const u8 *data, size_t len, u8 out[SHA256_DIGEST_SIZE]);
 
-static inline void sha224_init(struct sha256_state *sctx)
+static inline void sha224_block_init(struct crypto_sha256_state *sctx)
 {
        sctx->state[0] = SHA224_H0;
        sctx->state[1] = SHA224_H1;
@@ -116,6 +121,11 @@ static inline void sha224_init(struct sha256_state *sctx)
        sctx->state[7] = SHA224_H7;
        sctx->count = 0;
 }
+
+static inline void sha224_init(struct sha256_state *sctx)
+{
+       sha224_block_init(&sctx->ctx);
+}
 /* Simply use sha256_update as it is equivalent to sha224_update. */
 void sha224_final(struct sha256_state *sctx, u8 out[SHA224_DIGEST_SIZE]);