diff options
author | Kent Overstreet <kent.overstreet@gmail.com> | 2016-10-03 19:22:17 -0800 |
---|---|---|
committer | Kent Overstreet <kent.overstreet@gmail.com> | 2017-02-28 03:05:38 -0900 |
commit | a5b5eba7f788bb77cf57f9c94f3474a2d439ab0b (patch) | |
tree | 278813d1b1a9024174531376d41a2ba04a3b27f6 /include/crypto | |
parent | e4d1c93d85a5b86c04599bfc9f658308d741fd41 (diff) |
New on disk format - encryption
Diffstat (limited to 'include/crypto')
-rw-r--r-- | include/crypto/algapi.h | 184 | ||||
-rw-r--r-- | include/crypto/chacha20.h | 11 | ||||
-rw-r--r-- | include/crypto/hash.h | 115 | ||||
-rw-r--r-- | include/crypto/internal/hash.h | 3 | ||||
-rw-r--r-- | include/crypto/poly1305.h | 34 | ||||
-rw-r--r-- | include/crypto/sha.h | 110 | ||||
-rw-r--r-- | include/crypto/sha1_base.h | 107 |
7 files changed, 32 insertions, 532 deletions
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h index 31f453ee..d8bfcc1f 100644 --- a/include/crypto/algapi.h +++ b/include/crypto/algapi.h @@ -13,200 +13,24 @@ #define _CRYPTO_ALGAPI_H #include <linux/crypto.h> -#include <linux/device.h> -#include <linux/list.h> -#include <linux/kernel.h> -#include <linux/kthread.h> - -struct crypto_aead; -struct crypto_instance; -struct module; -struct rtattr; -struct seq_file; -struct sk_buff; struct crypto_type { unsigned int (*ctxsize)(struct crypto_alg *alg, u32 type, u32 mask); unsigned int (*extsize)(struct crypto_alg *alg); int (*init)(struct crypto_tfm *tfm, u32 type, u32 mask); int (*init_tfm)(struct crypto_tfm *tfm); - void (*show)(struct seq_file *m, struct crypto_alg *alg); - struct crypto_alg *(*lookup)(const char *name, u32 type, u32 mask); - void (*free)(struct crypto_instance *inst); - - unsigned int type; - unsigned int maskclear; - unsigned int maskset; - unsigned int tfmsize; -}; - -struct crypto_instance { - struct crypto_alg alg; - - struct crypto_template *tmpl; - struct hlist_node list; - - void *__ctx[] CRYPTO_MINALIGN_ATTR; -}; - -struct crypto_template { - struct list_head list; - struct hlist_head instances; - struct module *module; - - struct crypto_instance *(*alloc)(struct rtattr **tb); - void (*free)(struct crypto_instance *inst); - int (*create)(struct crypto_template *tmpl, struct rtattr **tb); - - char name[CRYPTO_MAX_ALG_NAME]; -}; - -struct scatter_walk { - struct scatterlist *sg; - unsigned int offset; -}; - -struct blkcipher_walk { - union { - struct { - struct page *page; - unsigned long offset; - } phys; - - struct { - u8 *page; - u8 *addr; - } virt; - } src, dst; - struct scatter_walk in; - unsigned int nbytes; - - struct scatter_walk out; - unsigned int total; - - void *page; - u8 *buffer; - u8 *iv; - unsigned int ivsize; - - int flags; - unsigned int walk_blocksize; - unsigned int cipher_blocksize; - unsigned int alignmask; + unsigned type; + unsigned maskclear; + unsigned maskset; + unsigned tfmsize; }; extern const struct crypto_type crypto_blkcipher_type; -struct crypto_attr_type *crypto_get_attr_type(struct rtattr **tb); -int crypto_check_attr_type(struct rtattr **tb, u32 type); -const char *crypto_attr_alg_name(struct rtattr *rta); -struct crypto_alg *crypto_attr_alg2(struct rtattr *rta, - const struct crypto_type *frontend, - u32 type, u32 mask); - -static inline struct crypto_alg *crypto_attr_alg(struct rtattr *rta, - u32 type, u32 mask) -{ - return crypto_attr_alg2(rta, NULL, type, mask); -} - -int crypto_attr_u32(struct rtattr *rta, u32 *num); - -/* These functions require the input/output to be aligned as u32. */ -void crypto_inc(u8 *a, unsigned int size); -void crypto_xor(u8 *dst, const u8 *src, unsigned int size); - -int blkcipher_walk_done(struct blkcipher_desc *desc, - struct blkcipher_walk *walk, int err); -int blkcipher_walk_virt(struct blkcipher_desc *desc, - struct blkcipher_walk *walk); -int blkcipher_walk_phys(struct blkcipher_desc *desc, - struct blkcipher_walk *walk); -int blkcipher_walk_virt_block(struct blkcipher_desc *desc, - struct blkcipher_walk *walk, - unsigned int blocksize); -int blkcipher_aead_walk_virt_block(struct blkcipher_desc *desc, - struct blkcipher_walk *walk, - struct crypto_aead *tfm, - unsigned int blocksize); - -static inline void *crypto_tfm_ctx_aligned(struct crypto_tfm *tfm) -{ - return PTR_ALIGN(crypto_tfm_ctx(tfm), - crypto_tfm_alg_alignmask(tfm) + 1); -} - -static inline struct crypto_instance *crypto_tfm_alg_instance( - struct crypto_tfm *tfm) -{ - return container_of(tfm->__crt_alg, struct crypto_instance, alg); -} - -static inline void *crypto_instance_ctx(struct crypto_instance *inst) -{ - return inst->__ctx; -} - static inline void *crypto_blkcipher_ctx(struct crypto_blkcipher *tfm) { return crypto_tfm_ctx(&tfm->base); } -static inline void *crypto_blkcipher_ctx_aligned(struct crypto_blkcipher *tfm) -{ - return crypto_tfm_ctx_aligned(&tfm->base); -} - -static inline struct cipher_alg *crypto_cipher_alg(struct crypto_cipher *tfm) -{ - return &crypto_cipher_tfm(tfm)->__crt_alg->cra_cipher; -} - -static inline void blkcipher_walk_init(struct blkcipher_walk *walk, - struct scatterlist *dst, - struct scatterlist *src, - unsigned int nbytes) -{ - walk->in.sg = src; - walk->out.sg = dst; - walk->total = nbytes; -} - -static inline struct crypto_alg *crypto_get_attr_alg(struct rtattr **tb, - u32 type, u32 mask) -{ - return crypto_attr_alg(tb[1], type, mask); -} - -static inline int crypto_requires_sync(u32 type, u32 mask) -{ - return (type ^ CRYPTO_ALG_ASYNC) & mask & CRYPTO_ALG_ASYNC; -} - -noinline unsigned long __crypto_memneq(const void *a, const void *b, size_t size); - -/** - * crypto_memneq - Compare two areas of memory without leaking - * timing information. - * - * @a: One area of memory - * @b: Another area of memory - * @size: The size of the area. - * - * Returns 0 when data is equal, 1 otherwise. - */ -static inline int crypto_memneq(const void *a, const void *b, size_t size) -{ - return __crypto_memneq(a, b, size) != 0UL ? 1 : 0; -} - -static inline void crypto_yield(u32 flags) -{ -#if !defined(CONFIG_PREEMPT) || defined(CONFIG_PREEMPT_VOLUNTARY) - if (flags & CRYPTO_TFM_REQ_MAY_SLEEP) - cond_resched(); -#endif -} - #endif /* _CRYPTO_ALGAPI_H */ diff --git a/include/crypto/chacha20.h b/include/crypto/chacha20.h index 20d20f68..1cdc77ba 100644 --- a/include/crypto/chacha20.h +++ b/include/crypto/chacha20.h @@ -12,15 +12,4 @@ #define CHACHA20_KEY_SIZE 32 #define CHACHA20_BLOCK_SIZE 64 -struct chacha20_ctx { - u32 key[8]; -}; - -void chacha20_block(u32 *state, void *stream); -void crypto_chacha20_init(u32 *state, struct chacha20_ctx *ctx, u8 *iv); -int crypto_chacha20_setkey(struct crypto_tfm *tfm, const u8 *key, - unsigned int keysize); -int crypto_chacha20_crypt(struct blkcipher_desc *desc, struct scatterlist *dst, - struct scatterlist *src, unsigned int nbytes); - #endif diff --git a/include/crypto/hash.h b/include/crypto/hash.h index 00bd4e7e..97edaa88 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -16,13 +16,6 @@ #include <linux/crypto.h> #include <linux/string.h> -struct hash_alg_common { - unsigned int digestsize; - unsigned int statesize; - - struct crypto_alg base; -}; - struct shash_desc { struct crypto_shash *tfm; u32 flags; @@ -37,31 +30,21 @@ struct shash_desc { struct shash_alg { int (*init)(struct shash_desc *desc); - int (*update)(struct shash_desc *desc, const u8 *data, - unsigned int len); + int (*update)(struct shash_desc *desc, const u8 *data, unsigned len); int (*final)(struct shash_desc *desc, u8 *out); int (*finup)(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *out); + unsigned len, u8 *out); int (*digest)(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *out); - int (*export)(struct shash_desc *desc, void *out); - int (*import)(struct shash_desc *desc, const void *in); - int (*setkey)(struct crypto_shash *tfm, const u8 *key, - unsigned int keylen); - - unsigned int descsize; - - /* These fields must match hash_alg_common. */ - unsigned int digestsize - __attribute__ ((aligned(__alignof__(struct hash_alg_common)))); - unsigned int statesize; + unsigned len, u8 *out); - struct crypto_alg base; + unsigned descsize; + unsigned digestsize; + struct crypto_alg base; }; struct crypto_shash { - unsigned int descsize; - struct crypto_tfm base; + unsigned descsize; + struct crypto_tfm base; }; struct crypto_shash *crypto_alloc_shash(const char *alg_name, u32 type, @@ -77,27 +60,6 @@ static inline void crypto_free_shash(struct crypto_shash *tfm) crypto_destroy_tfm(tfm, crypto_shash_tfm(tfm)); } -static inline const char *crypto_shash_alg_name(struct crypto_shash *tfm) -{ - return crypto_tfm_alg_name(crypto_shash_tfm(tfm)); -} - -static inline const char *crypto_shash_driver_name(struct crypto_shash *tfm) -{ - return crypto_tfm_alg_driver_name(crypto_shash_tfm(tfm)); -} - -static inline unsigned int crypto_shash_alignmask( - struct crypto_shash *tfm) -{ - return crypto_tfm_alg_alignmask(crypto_shash_tfm(tfm)); -} - -static inline unsigned int crypto_shash_blocksize(struct crypto_shash *tfm) -{ - return crypto_tfm_alg_blocksize(crypto_shash_tfm(tfm)); -} - static inline struct shash_alg *__crypto_shash_alg(struct crypto_alg *alg) { return container_of(alg, struct shash_alg, base); @@ -108,32 +70,12 @@ static inline struct shash_alg *crypto_shash_alg(struct crypto_shash *tfm) return __crypto_shash_alg(crypto_shash_tfm(tfm)->__crt_alg); } -static inline unsigned int crypto_shash_digestsize(struct crypto_shash *tfm) +static inline unsigned crypto_shash_digestsize(struct crypto_shash *tfm) { return crypto_shash_alg(tfm)->digestsize; } -static inline unsigned int crypto_shash_statesize(struct crypto_shash *tfm) -{ - return crypto_shash_alg(tfm)->statesize; -} - -static inline u32 crypto_shash_get_flags(struct crypto_shash *tfm) -{ - return crypto_tfm_get_flags(crypto_shash_tfm(tfm)); -} - -static inline void crypto_shash_set_flags(struct crypto_shash *tfm, u32 flags) -{ - crypto_tfm_set_flags(crypto_shash_tfm(tfm), flags); -} - -static inline void crypto_shash_clear_flags(struct crypto_shash *tfm, u32 flags) -{ - crypto_tfm_clear_flags(crypto_shash_tfm(tfm), flags); -} - -static inline unsigned int crypto_shash_descsize(struct crypto_shash *tfm) +static inline unsigned crypto_shash_descsize(struct crypto_shash *tfm) { return tfm->descsize; } @@ -143,39 +85,32 @@ static inline void *shash_desc_ctx(struct shash_desc *desc) return desc->__ctx; } -int crypto_shash_setkey(struct crypto_shash *tfm, const u8 *key, - unsigned int keylen); - -int crypto_shash_digest(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *out); - -static inline int crypto_shash_export(struct shash_desc *desc, void *out) +static inline int crypto_shash_init(struct shash_desc *desc) { - return crypto_shash_alg(desc->tfm)->export(desc, out); + return crypto_shash_alg(desc->tfm)->init(desc); } -static inline int crypto_shash_import(struct shash_desc *desc, const void *in) +static inline int crypto_shash_update(struct shash_desc *desc, + const u8 *data, unsigned len) { - return crypto_shash_alg(desc->tfm)->import(desc, in); + return crypto_shash_alg(desc->tfm)->update(desc, data, len); } -static inline int crypto_shash_init(struct shash_desc *desc) +static inline int crypto_shash_final(struct shash_desc *desc, u8 *out) { - return crypto_shash_alg(desc->tfm)->init(desc); + return crypto_shash_alg(desc->tfm)->final(desc, out); } -int crypto_shash_update(struct shash_desc *desc, const u8 *data, - unsigned int len); - -int crypto_shash_final(struct shash_desc *desc, u8 *out); - -int crypto_shash_finup(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *out); +static inline int crypto_shash_finup(struct shash_desc *desc, const u8 *data, + unsigned len, u8 *out) +{ + return crypto_shash_alg(desc->tfm)->finup(desc, data, len, out); +} -static inline void shash_desc_zero(struct shash_desc *desc) +static inline int crypto_shash_digest(struct shash_desc *desc, const u8 *data, + unsigned len, u8 *out) { - memzero_explicit(desc, - sizeof(*desc) + crypto_shash_descsize(desc->tfm)); + return crypto_shash_alg(desc->tfm)->digest(desc, data, len, out); } #endif /* _CRYPTO_HASH_H */ diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h index 2d85c803..3973047b 100644 --- a/include/crypto/internal/hash.h +++ b/include/crypto/internal/hash.h @@ -5,9 +5,6 @@ #include <crypto/hash.h> int crypto_register_shash(struct shash_alg *alg); -int crypto_unregister_shash(struct shash_alg *alg); -int crypto_register_shashes(struct shash_alg *algs, int count); -int crypto_unregister_shashes(struct shash_alg *algs, int count); static inline struct crypto_shash *__crypto_shash_cast(struct crypto_tfm *tfm) { diff --git a/include/crypto/poly1305.h b/include/crypto/poly1305.h index 894df59b..9fcfbfeb 100644 --- a/include/crypto/poly1305.h +++ b/include/crypto/poly1305.h @@ -5,37 +5,9 @@ #ifndef _CRYPTO_POLY1305_H #define _CRYPTO_POLY1305_H -#include <linux/types.h> -#include <linux/crypto.h> +#include <sodium/crypto_onetimeauth_poly1305.h> -#define POLY1305_BLOCK_SIZE 16 -#define POLY1305_KEY_SIZE 32 -#define POLY1305_DIGEST_SIZE 16 - -struct poly1305_desc_ctx { - /* key */ - u32 r[5]; - /* finalize key */ - u32 s[4]; - /* accumulator */ - u32 h[5]; - /* partial buffer */ - u8 buf[POLY1305_BLOCK_SIZE]; - /* bytes used in partial buffer */ - unsigned int buflen; - /* r key has been set */ - bool rset; - /* s key has been set */ - bool sset; -}; - -int crypto_poly1305_init(struct shash_desc *desc); -int crypto_poly1305_setkey(struct crypto_shash *tfm, - const u8 *key, unsigned int keylen); -unsigned int crypto_poly1305_setdesckey(struct poly1305_desc_ctx *dctx, - const u8 *src, unsigned int srclen); -int crypto_poly1305_update(struct shash_desc *desc, - const u8 *src, unsigned int srclen); -int crypto_poly1305_final(struct shash_desc *desc, u8 *dst); +#define POLY1305_KEY_SIZE crypto_onetimeauth_poly1305_KEYBYTES +#define POLY1305_DIGEST_SIZE crypto_onetimeauth_poly1305_BYTES #endif diff --git a/include/crypto/sha.h b/include/crypto/sha.h deleted file mode 100644 index c94d3eb1..00000000 --- a/include/crypto/sha.h +++ /dev/null @@ -1,110 +0,0 @@ -/* - * Common values for SHA algorithms - */ - -#ifndef _CRYPTO_SHA_H -#define _CRYPTO_SHA_H - -#include <linux/types.h> - -#define SHA1_DIGEST_SIZE 20 -#define SHA1_BLOCK_SIZE 64 - -#define SHA224_DIGEST_SIZE 28 -#define SHA224_BLOCK_SIZE 64 - -#define SHA256_DIGEST_SIZE 32 -#define SHA256_BLOCK_SIZE 64 - -#define SHA384_DIGEST_SIZE 48 -#define SHA384_BLOCK_SIZE 128 - -#define SHA512_DIGEST_SIZE 64 -#define SHA512_BLOCK_SIZE 128 - -#define SHA1_H0 0x67452301UL -#define SHA1_H1 0xefcdab89UL -#define SHA1_H2 0x98badcfeUL -#define SHA1_H3 0x10325476UL -#define SHA1_H4 0xc3d2e1f0UL - -#define SHA224_H0 0xc1059ed8UL -#define SHA224_H1 0x367cd507UL -#define SHA224_H2 0x3070dd17UL -#define SHA224_H3 0xf70e5939UL -#define SHA224_H4 0xffc00b31UL -#define SHA224_H5 0x68581511UL -#define SHA224_H6 0x64f98fa7UL -#define SHA224_H7 0xbefa4fa4UL - -#define SHA256_H0 0x6a09e667UL -#define SHA256_H1 0xbb67ae85UL -#define SHA256_H2 0x3c6ef372UL -#define SHA256_H3 0xa54ff53aUL -#define SHA256_H4 0x510e527fUL -#define SHA256_H5 0x9b05688cUL -#define SHA256_H6 0x1f83d9abUL -#define SHA256_H7 0x5be0cd19UL - -#define SHA384_H0 0xcbbb9d5dc1059ed8ULL -#define SHA384_H1 0x629a292a367cd507ULL -#define SHA384_H2 0x9159015a3070dd17ULL -#define SHA384_H3 0x152fecd8f70e5939ULL -#define SHA384_H4 0x67332667ffc00b31ULL -#define SHA384_H5 0x8eb44a8768581511ULL -#define SHA384_H6 0xdb0c2e0d64f98fa7ULL -#define SHA384_H7 0x47b5481dbefa4fa4ULL - -#define SHA512_H0 0x6a09e667f3bcc908ULL -#define SHA512_H1 0xbb67ae8584caa73bULL -#define SHA512_H2 0x3c6ef372fe94f82bULL -#define SHA512_H3 0xa54ff53a5f1d36f1ULL -#define SHA512_H4 0x510e527fade682d1ULL -#define SHA512_H5 0x9b05688c2b3e6c1fULL -#define SHA512_H6 0x1f83d9abfb41bd6bULL -#define SHA512_H7 0x5be0cd19137e2179ULL - -extern const u8 sha1_zero_message_hash[SHA1_DIGEST_SIZE]; - -extern const u8 sha224_zero_message_hash[SHA224_DIGEST_SIZE]; - -extern const u8 sha256_zero_message_hash[SHA256_DIGEST_SIZE]; - -struct sha1_state { - u32 state[SHA1_DIGEST_SIZE / 4]; - u64 count; - u8 buffer[SHA1_BLOCK_SIZE]; -}; - -struct sha256_state { - u32 state[SHA256_DIGEST_SIZE / 4]; - u64 count; - u8 buf[SHA256_BLOCK_SIZE]; -}; - -struct sha512_state { - u64 state[SHA512_DIGEST_SIZE / 8]; - u64 count[2]; - u8 buf[SHA512_BLOCK_SIZE]; -}; - -struct shash_desc; - -extern int crypto_sha1_update(struct shash_desc *desc, const u8 *data, - unsigned int len); - -extern int crypto_sha1_finup(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *hash); - -extern int crypto_sha256_update(struct shash_desc *desc, const u8 *data, - unsigned int len); - -extern int crypto_sha256_finup(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *hash); - -extern int crypto_sha512_update(struct shash_desc *desc, const u8 *data, - unsigned int len); - -extern int crypto_sha512_finup(struct shash_desc *desc, const u8 *data, - unsigned int len, u8 *hash); -#endif diff --git a/include/crypto/sha1_base.h b/include/crypto/sha1_base.h deleted file mode 100644 index 01b002de..00000000 --- a/include/crypto/sha1_base.h +++ /dev/null @@ -1,107 +0,0 @@ -/* - * sha1_base.h - core logic for SHA-1 implementations - * - * Copyright (C) 2015 Linaro Ltd <ard.biesheuvel@linaro.org> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 as - * published by the Free Software Foundation. - */ - -#include <crypto/internal/hash.h> -#include <crypto/sha.h> -#include <linux/byteorder.h> -#include <linux/crypto.h> -#include <linux/module.h> - -#include <asm/unaligned.h> - -typedef void (sha1_block_fn)(struct sha1_state *sst, u8 const *src, int blocks); - -static inline int sha1_base_init(struct shash_desc *desc) -{ - struct sha1_state *sctx = shash_desc_ctx(desc); - - sctx->state[0] = SHA1_H0; - sctx->state[1] = SHA1_H1; - sctx->state[2] = SHA1_H2; - sctx->state[3] = SHA1_H3; - sctx->state[4] = SHA1_H4; - sctx->count = 0; - - return 0; -} - -static inline int sha1_base_do_update(struct shash_desc *desc, - const u8 *data, - unsigned int len, - sha1_block_fn *block_fn) -{ - struct sha1_state *sctx = shash_desc_ctx(desc); - unsigned int partial = sctx->count % SHA1_BLOCK_SIZE; - - sctx->count += len; - - if (unlikely((partial + len) >= SHA1_BLOCK_SIZE)) { - int blocks; - - if (partial) { - int p = SHA1_BLOCK_SIZE - partial; - - memcpy(sctx->buffer + partial, data, p); - data += p; - len -= p; - - block_fn(sctx, sctx->buffer, 1); - } - - blocks = len / SHA1_BLOCK_SIZE; - len %= SHA1_BLOCK_SIZE; - - if (blocks) { - block_fn(sctx, data, blocks); - data += blocks * SHA1_BLOCK_SIZE; - } - partial = 0; - } - if (len) - memcpy(sctx->buffer + partial, data, len); - - return 0; -} - -static inline int sha1_base_do_finalize(struct shash_desc *desc, - sha1_block_fn *block_fn) -{ - const int bit_offset = SHA1_BLOCK_SIZE - sizeof(__be64); - struct sha1_state *sctx = shash_desc_ctx(desc); - __be64 *bits = (__be64 *)(sctx->buffer + bit_offset); - unsigned int partial = sctx->count % SHA1_BLOCK_SIZE; - - sctx->buffer[partial++] = 0x80; - if (partial > bit_offset) { - memset(sctx->buffer + partial, 0x0, SHA1_BLOCK_SIZE - partial); - partial = 0; - - block_fn(sctx, sctx->buffer, 1); - } - - memset(sctx->buffer + partial, 0x0, bit_offset - partial); - *bits = cpu_to_be64(sctx->count << 3); - block_fn(sctx, sctx->buffer, 1); - - return 0; -} - -static inline int sha1_base_finish(struct shash_desc *desc, u8 *out) -{ - struct sha1_state *sctx = shash_desc_ctx(desc); - __be32 *digest = (__be32 *)out; - int i; - - for (i = 0; i < SHA1_DIGEST_SIZE / sizeof(__be32); i++) - put_unaligned_be32(sctx->state[i], digest++); - - *sctx = (struct sha1_state){}; - return 0; -} |