diff options
Diffstat (limited to 'c_src/linux/crypto')
-rw-r--r-- | c_src/linux/crypto/api.c | 114 | ||||
-rw-r--r-- | c_src/linux/crypto/chacha20_generic.c | 111 | ||||
-rw-r--r-- | c_src/linux/crypto/poly1305_generic.c | 88 | ||||
-rw-r--r-- | c_src/linux/crypto/sha256_generic.c | 81 |
4 files changed, 394 insertions, 0 deletions
diff --git a/c_src/linux/crypto/api.c b/c_src/linux/crypto/api.c new file mode 100644 index 00000000..2f3ab2b5 --- /dev/null +++ b/c_src/linux/crypto/api.c @@ -0,0 +1,114 @@ +/* + * Cryptographic API for algorithms (i.e., low-level API). + * + * Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + */ + +#include <linux/device.h> +#include <linux/err.h> +#include <linux/errno.h> +#include <linux/kernel.h> +#include <linux/list.h> +#include <linux/rwsem.h> +#include <linux/slab.h> +#include <linux/string.h> + +#include <crypto/algapi.h> + +static LIST_HEAD(crypto_alg_list); +static DECLARE_RWSEM(crypto_alg_sem); + +struct crypto_type { +}; + +int crypto_register_alg(struct crypto_alg *alg) +{ + down_write(&crypto_alg_sem); + list_add(&alg->cra_list, &crypto_alg_list); + up_write(&crypto_alg_sem); + + return 0; +} + +static void *crypto_alloc_tfm(const char *name, + const struct crypto_type *type) +{ + struct crypto_alg *alg; + + down_read(&crypto_alg_sem); + list_for_each_entry(alg, &crypto_alg_list, cra_list) + if (alg->cra_type == type && !strcmp(alg->cra_name, name)) + goto found; + + alg = ERR_PTR(-ENOENT); +found: + up_read(&crypto_alg_sem); + + if (IS_ERR(alg)) + return ERR_CAST(alg); + + return alg->alloc_tfm() ?: ERR_PTR(-ENOMEM); +} + +/* skcipher: */ + +static const struct crypto_type crypto_skcipher_type2 = { +}; + +struct crypto_skcipher *crypto_alloc_skcipher(const char *name, + u32 type, u32 mask) +{ + return crypto_alloc_tfm(name, &crypto_skcipher_type2); +} + +int crypto_register_skcipher(struct skcipher_alg *alg) +{ + alg->base.cra_type = &crypto_skcipher_type2; + + return crypto_register_alg(&alg->base); +} + +/* shash: */ + +#include <crypto/hash.h> + +static int shash_finup(struct shash_desc *desc, const u8 *data, + unsigned len, u8 *out) +{ + return crypto_shash_update(desc, data, len) ?: + crypto_shash_final(desc, out); +} + +static int shash_digest(struct shash_desc *desc, const u8 *data, + unsigned len, u8 *out) +{ + return crypto_shash_init(desc) ?: + crypto_shash_finup(desc, data, len, out); +} + +static const struct crypto_type crypto_shash_type = { +}; + +struct crypto_shash *crypto_alloc_shash(const char *name, + u32 type, u32 mask) +{ + return crypto_alloc_tfm(name, &crypto_shash_type); +} + +int crypto_register_shash(struct shash_alg *alg) +{ + alg->base.cra_type = &crypto_shash_type; + + if (!alg->finup) + alg->finup = shash_finup; + if (!alg->digest) + alg->digest = shash_digest; + + return crypto_register_alg(&alg->base); +} diff --git a/c_src/linux/crypto/chacha20_generic.c b/c_src/linux/crypto/chacha20_generic.c new file mode 100644 index 00000000..914189e7 --- /dev/null +++ b/c_src/linux/crypto/chacha20_generic.c @@ -0,0 +1,111 @@ +/* + * ChaCha20 256-bit cipher algorithm, RFC7539 + * + * Copyright (C) 2015 Martin Willi + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + */ + +#include <linux/byteorder.h> +#include <linux/errno.h> +#include <linux/kernel.h> +#include <linux/scatterlist.h> +#include <asm/unaligned.h> + +#include <linux/crypto.h> +#include <crypto/algapi.h> +#include <crypto/chacha.h> +#include <crypto/skcipher.h> + +#include <sodium/crypto_stream_chacha20.h> + +static struct skcipher_alg alg; + +struct chacha20_tfm { + struct crypto_skcipher tfm; + u32 key[8]; +}; + +static int crypto_chacha20_setkey(struct crypto_skcipher *tfm, const u8 *key, + unsigned int keysize) +{ + struct chacha20_tfm *ctx = + container_of(tfm, struct chacha20_tfm, tfm); + int i; + + if (keysize != CHACHA_KEY_SIZE) + return -EINVAL; + + for (i = 0; i < ARRAY_SIZE(ctx->key); i++) + ctx->key[i] = get_unaligned_le32(key + i * sizeof(u32)); + + return 0; +} + +static int crypto_chacha20_crypt(struct skcipher_request *req) +{ + struct chacha20_tfm *ctx = + container_of(req->tfm, struct chacha20_tfm, tfm.base); + struct scatterlist *sg = req->src; + unsigned nbytes = req->cryptlen; + u32 iv[4]; + int ret; + + BUG_ON(req->src != req->dst); + + memcpy(iv, req->iv, sizeof(iv)); + + while (1) { + ret = crypto_stream_chacha20_xor_ic(sg_virt(sg), + sg_virt(sg), + sg->length, + (void *) &iv[2], + iv[0] | ((u64) iv[1] << 32), + (void *) ctx->key); + BUG_ON(ret); + + nbytes -= sg->length; + + if (sg_is_last(sg)) + break; + + BUG_ON(sg->length % CHACHA_BLOCK_SIZE); + iv[0] += sg->length / CHACHA_BLOCK_SIZE; + sg = sg_next(sg); + }; + + BUG_ON(nbytes); + + return 0; +} + +static void *crypto_chacha20_alloc_tfm(void) +{ + struct chacha20_tfm *tfm = kzalloc(sizeof(*tfm), GFP_KERNEL); + + if (!tfm) + return NULL; + + tfm->tfm.base.alg = &alg.base; + tfm->tfm.setkey = crypto_chacha20_setkey; + tfm->tfm.encrypt = crypto_chacha20_crypt; + tfm->tfm.decrypt = crypto_chacha20_crypt; + tfm->tfm.ivsize = CHACHA_IV_SIZE; + tfm->tfm.keysize = CHACHA_KEY_SIZE; + + return tfm; +} + +static struct skcipher_alg alg = { + .base.cra_name = "chacha20", + .base.alloc_tfm = crypto_chacha20_alloc_tfm, +}; + +__attribute__((constructor(110))) +static int chacha20_generic_mod_init(void) +{ + return crypto_register_skcipher(&alg); +} diff --git a/c_src/linux/crypto/poly1305_generic.c b/c_src/linux/crypto/poly1305_generic.c new file mode 100644 index 00000000..acb554c0 --- /dev/null +++ b/c_src/linux/crypto/poly1305_generic.c @@ -0,0 +1,88 @@ +/* + * Poly1305 authenticator algorithm, RFC7539 + * + * Copyright (C) 2015 Martin Willi + * + * Based on public domain code by Andrew Moon and Daniel J. Bernstein. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + */ + +#include <linux/byteorder.h> +#include <linux/errno.h> +#include <linux/kernel.h> +#include <asm/unaligned.h> + +#include <linux/crypto.h> +#include <crypto/algapi.h> +#include <crypto/hash.h> +#include <crypto/poly1305.h> + +static struct shash_alg poly1305_alg; + +struct poly1305_desc_ctx { + bool key_done; + crypto_onetimeauth_poly1305_state s; +}; + +static int poly1305_init(struct shash_desc *desc) +{ + struct poly1305_desc_ctx *state = (void *) desc->ctx; + + state->key_done = false; + return 0; +} + +static int poly1305_update(struct shash_desc *desc, + const u8 *src, unsigned len) +{ + struct poly1305_desc_ctx *state = (void *) desc->ctx; + + if (!state->key_done) { + BUG_ON(len != crypto_onetimeauth_poly1305_KEYBYTES); + + state->key_done = true; + return crypto_onetimeauth_poly1305_init(&state->s, src); + } + + return crypto_onetimeauth_poly1305_update(&state->s, src, len); +} + +static int poly1305_final(struct shash_desc *desc, u8 *out) +{ + struct poly1305_desc_ctx *state = (void *) desc->ctx; + + return crypto_onetimeauth_poly1305_final(&state->s, out); +} + +static void *poly1305_alloc_tfm(void) +{ + struct crypto_shash *tfm = kzalloc(sizeof(*tfm), GFP_KERNEL); + + if (!tfm) + return NULL; + + tfm->base.alg = &poly1305_alg.base; + tfm->descsize = sizeof(struct poly1305_desc_ctx); + return tfm; +} + +static struct shash_alg poly1305_alg = { + .digestsize = crypto_onetimeauth_poly1305_BYTES, + .init = poly1305_init, + .update = poly1305_update, + .final = poly1305_final, + .descsize = sizeof(struct poly1305_desc_ctx), + + .base.cra_name = "poly1305", + .base.alloc_tfm = poly1305_alloc_tfm, +}; + +__attribute__((constructor(110))) +static int poly1305_mod_init(void) +{ + return crypto_register_shash(&poly1305_alg); +} diff --git a/c_src/linux/crypto/sha256_generic.c b/c_src/linux/crypto/sha256_generic.c new file mode 100644 index 00000000..9326bfe7 --- /dev/null +++ b/c_src/linux/crypto/sha256_generic.c @@ -0,0 +1,81 @@ +/* + * Cryptographic API. + * + * SHA-256, as specified in + * http://csrc.nist.gov/groups/STM/cavp/documents/shs/sha256-384-512.pdf + * + * SHA-256 code by Jean-Luc Cooke <jlcooke@certainkey.com>. + * + * Copyright (c) Jean-Luc Cooke <jlcooke@certainkey.com> + * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk> + * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> + * SHA224 Support Copyright 2007 Intel Corporation <jonathan.lynch@intel.com> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + */ + +#include <linux/bitops.h> +#include <linux/byteorder.h> +#include <linux/types.h> +#include <asm/unaligned.h> + +#include <linux/crypto.h> +#include <crypto/hash.h> + +#include <sodium/crypto_hash_sha256.h> + +static struct shash_alg sha256_alg; + +static int sha256_init(struct shash_desc *desc) +{ + crypto_hash_sha256_state *state = (void *) desc->ctx; + + return crypto_hash_sha256_init(state); +} + +static int sha256_update(struct shash_desc *desc, const u8 *data, + unsigned int len) +{ + crypto_hash_sha256_state *state = (void *) desc->ctx; + + return crypto_hash_sha256_update(state, data, len); +} + +static int sha256_final(struct shash_desc *desc, u8 *out) +{ + crypto_hash_sha256_state *state = (void *) desc->ctx; + + return crypto_hash_sha256_final(state, out); +} + +static void *sha256_alloc_tfm(void) +{ + struct crypto_shash *tfm = kzalloc(sizeof(*tfm), GFP_KERNEL); + + if (!tfm) + return NULL; + + tfm->base.alg = &sha256_alg.base; + tfm->descsize = sizeof(crypto_hash_sha256_state); + return tfm; +} + +static struct shash_alg sha256_alg = { + .digestsize = crypto_hash_sha256_BYTES, + .init = sha256_init, + .update = sha256_update, + .final = sha256_final, + .descsize = sizeof(crypto_hash_sha256_state), + .base.cra_name = "sha256", + .base.alloc_tfm = sha256_alloc_tfm, +}; + +__attribute__((constructor(110))) +static int __init sha256_generic_mod_init(void) +{ + return crypto_register_shash(&sha256_alg); +} |