***************************************************************************/
struct jitterentropy {
- spinlock_t jent_lock;
+ struct mutex jent_lock;
struct rand_data *entropy_collector;
- struct crypto_shash *tfm;
- struct shash_desc *sdesc;
+ struct sha3_ctx hash_state;
};
static void jent_kcapi_cleanup(struct crypto_tfm *tfm)
{
struct jitterentropy *rng = crypto_tfm_ctx(tfm);
- spin_lock(&rng->jent_lock);
+ mutex_lock(&rng->jent_lock);
- if (rng->sdesc) {
- shash_desc_zero(rng->sdesc);
- kfree(rng->sdesc);
- }
- rng->sdesc = NULL;
-
- if (rng->tfm)
- crypto_free_shash(rng->tfm);
- rng->tfm = NULL;
+ memzero_explicit(&rng->hash_state, sizeof(rng->hash_state));
if (rng->entropy_collector)
jent_entropy_collector_free(rng->entropy_collector);
static int jent_kcapi_init(struct crypto_tfm *tfm)
{
struct jitterentropy *rng = crypto_tfm_ctx(tfm);
- struct crypto_shash *hash;
- struct shash_desc *sdesc;
- int size, ret = 0;
+ int ret = 0;
- spin_lock_init(&rng->jent_lock);
+ mutex_init(&rng->jent_lock);
/* Use SHA3-256 as conditioner */
- hash = crypto_alloc_shash(JENT_CONDITIONING_HASH, 0, 0);
- if (IS_ERR(hash)) {
- pr_err("Cannot allocate conditioning digest\n");
- return PTR_ERR(hash);
- }
- rng->tfm = hash;
-
- size = sizeof(struct shash_desc) + crypto_shash_descsize(hash);
- sdesc = kmalloc(size, GFP_KERNEL);
- if (!sdesc) {
- ret = -ENOMEM;
- goto err;
- }
-
- sdesc->tfm = hash;
- crypto_shash_init(sdesc);
- rng->sdesc = sdesc;
+ sha3_256_init(&rng->hash_state);
- rng->entropy_collector =
- jent_entropy_collector_alloc(CONFIG_CRYPTO_JITTERENTROPY_OSR, 0,
- sdesc);
+ rng->entropy_collector = jent_entropy_collector_alloc(
+ CONFIG_CRYPTO_JITTERENTROPY_OSR, 0, &rng->hash_state);
if (!rng->entropy_collector) {
ret = -ENOMEM;
goto err;
}
}, {
.alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
- .test = alg_test_null,
+ .generic_driver = "authenc(hmac-sha1-lib,rfc3686(ctr(aes-lib)))",
+ .test = alg_test_aead,
.fips_allowed = 1,
+ .suite = {
+ .aead = __VECS(hmac_sha1_aes_ctr_rfc3686_tv_temp)
+ }
}, {
.alg = "authenc(hmac(sha224),cbc(aes))",
- .generic_driver = "authenc(hmac-sha224-lib,cbc(aes-generic))",
+ .generic_driver = "authenc(hmac-sha224-lib,cbc(aes-lib))",
.test = alg_test_aead,
+ .fips_allowed = 1,
.suite = {
.aead = __VECS(hmac_sha224_aes_cbc_tv_temp)
}
}
}, {
.alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
- .test = alg_test_null,
+ .generic_driver = "authenc(hmac-sha256-lib,rfc3686(ctr(aes-lib)))",
+ .test = alg_test_aead,
.fips_allowed = 1,
+ .suite = {
+ .aead = __VECS(hmac_sha256_aes_ctr_rfc3686_tv_temp)
+ }
}, {
.alg = "authenc(hmac(sha384),cbc(aes))",
- .generic_driver = "authenc(hmac-sha384-lib,cbc(aes-generic))",
+ .generic_driver = "authenc(hmac-sha384-lib,cbc(aes-lib))",
.test = alg_test_aead,
+ .fips_allowed = 1,
.suite = {
.aead = __VECS(hmac_sha384_aes_cbc_tv_temp)
}
projects / thirdparty / linux.git / commitdiff
