Lines Matching +full:sha +full:- +full:256
1 // SPDX-License-Identifier: GPL-2.0+
45 hwh->walkbytes = crypto_hash_walk_first(req, &hwh->walk); in hwh_prepare()
46 if (hwh->walkbytes < 0) in hwh_prepare()
47 return hwh->walkbytes; in hwh_prepare()
48 hwh->walkaddr = hwh->walk.data; in hwh_prepare()
63 return crypto_hash_walk_done(&hwh->walk, n); in hwh_advance()
65 hwh->walkbytes -= n; in hwh_advance()
66 hwh->walkaddr += n; in hwh_advance()
67 if (hwh->walkbytes > 0) in hwh_advance()
70 hwh->walkbytes = crypto_hash_walk_done(&hwh->walk, 0); in hwh_advance()
71 if (hwh->walkbytes < 0) in hwh_advance()
72 return hwh->walkbytes; in hwh_advance()
74 hwh->walkaddr = hwh->walk.data; in hwh_advance()
81 * blocksize of the used hashing sha2-algorithm function codes. The param block
82 * contains the hash chaining value (cv), the input message bit-length (imbl)
83 * and the hmac-secret (key). To prevent code duplication, the sizes of all
86 * param-block:
87 * +-------+
89 * +-------+
91 * +-------+
93 * +-------+
96 * part | sh2-alg | calculation | size | type
97 * -----+---------+-------------+------+--------
98 * cv | 224/256 | blocksize/2 | 32 | u64[8]
100 * imbl | 224/256 | blocksize/8 | 8 | u64
102 * key | 224/256 | blocksize | 96 | u8[96]
116 #define PHMAC_MAX_KEYSIZE 256
208 param.sha##x.h[0] = SHA##y ## _H0; \ in hash_key()
209 param.sha##x.h[1] = SHA##y ## _H1; \ in hash_key()
210 param.sha##x.h[2] = SHA##y ## _H2; \ in hash_key()
211 param.sha##x.h[3] = SHA##y ## _H3; \ in hash_key()
212 param.sha##x.h[4] = SHA##y ## _H4; \ in hash_key()
213 param.sha##x.h[5] = SHA##y ## _H5; \ in hash_key()
214 param.sha##x.h[6] = SHA##y ## _H6; \ in hash_key()
215 param.sha##x.h[7] = SHA##y ## _H7; \ in hash_key()
216 param.sha##x.mbl = (z) in hash_key()
221 PARAM_INIT(256, 224, inlen * 8); in hash_key()
225 PARAM_INIT(256, 256, inlen * 8); in hash_key()
236 return -EINVAL; in hash_key()
249 * make_clrkey_token() - wrap the clear key into a pkey clearkey token.
258 token->type = 0x00; in make_clrkey_token()
259 token->version = 0x02; in make_clrkey_token()
263 token->keytype = PKEY_KEYTYPE_HMAC_512; in make_clrkey_token()
268 token->keytype = PKEY_KEYTYPE_HMAC_1024; in make_clrkey_token()
272 return -EINVAL; in make_clrkey_token()
274 token->len = blocksize; in make_clrkey_token()
277 rc = hash_key(clrkey, clrkeylen, token->key, digestsize); in make_clrkey_token()
281 memcpy(token->key, clrkey, clrkeylen); in make_clrkey_token()
288 * phmac_tfm_ctx_setkey() - Set key value into tfm context, maybe construct
294 if (keylen > sizeof(tfm_ctx->keybuf)) in phmac_tfm_ctx_setkey()
295 return -EINVAL; in phmac_tfm_ctx_setkey()
297 memcpy(tfm_ctx->keybuf, key, keylen); in phmac_tfm_ctx_setkey()
298 tfm_ctx->keylen = keylen; in phmac_tfm_ctx_setkey()
305 * This function may sleep - don't call in non-sleeping context.
312 pk->len = sizeof(pk->protkey); in convert_key()
316 * of 200, 400, 800 and 1600 ms - in total 3 s. in convert_key()
318 for (rc = -EIO, i = 0; rc && i < 5; i++) { in convert_key()
319 if (rc == -EBUSY && msleep_interruptible((1 << i) * 100)) { in convert_key()
320 rc = -EINTR; in convert_key()
324 pk->protkey, &pk->len, &pk->type, in convert_key()
334 * (Re-)Convert the raw key material from the tfm ctx into a protected
343 * code triggers a (re-)conversion this does no harm. This may lead to
352 spin_lock_bh(&tfm_ctx->pk_lock); in phmac_convert_key()
353 tfm_ctx->pk_state = PK_STATE_CONVERT_IN_PROGRESS; in phmac_convert_key()
354 spin_unlock_bh(&tfm_ctx->pk_lock); in phmac_convert_key()
356 rc = convert_key(tfm_ctx->keybuf, tfm_ctx->keylen, &pk); in phmac_convert_key()
359 spin_lock_bh(&tfm_ctx->pk_lock); in phmac_convert_key()
361 tfm_ctx->pk_state = rc; in phmac_convert_key()
363 tfm_ctx->pk_state = PK_STATE_VALID; in phmac_convert_key()
364 tfm_ctx->pk = pk; in phmac_convert_key()
366 spin_unlock_bh(&tfm_ctx->pk_lock); in phmac_convert_key()
374 * kmac_sha2_set_imbl - sets the input message bit-length based on the blocksize
398 struct kmac_sha2_ctx *ctx = &req_ctx->kmac_ctx; in phmac_kmac_update()
399 struct hash_walk_helper *hwh = &req_ctx->hwh; in phmac_kmac_update()
411 while (hwh->walkbytes > 0) { in phmac_kmac_update()
413 offset = ctx->buflen[0] % bs; in phmac_kmac_update()
414 if (offset + hwh->walkbytes < bs) in phmac_kmac_update()
419 n = bs - offset; in phmac_kmac_update()
420 memcpy(ctx->buf + offset, hwh->walkaddr, n); in phmac_kmac_update()
421 ctx->gr0.iimp = 1; in phmac_kmac_update()
423 k = _cpacf_kmac(&ctx->gr0.reg, ctx->param, ctx->buf, bs); in phmac_kmac_update()
433 rc = -EIO; in phmac_kmac_update()
436 /* protected key is invalid and needs re-conversion */ in phmac_kmac_update()
438 rc = -EKEYEXPIRED; in phmac_kmac_update()
444 spin_lock_bh(&tfm_ctx->pk_lock); in phmac_kmac_update()
445 memcpy(ctx->param + SHA2_KEY_OFFSET(bs), in phmac_kmac_update()
446 tfm_ctx->pk.protkey, tfm_ctx->pk.len); in phmac_kmac_update()
447 spin_unlock_bh(&tfm_ctx->pk_lock); in phmac_kmac_update()
449 ctx->buflen[0] += n; in phmac_kmac_update()
450 if (ctx->buflen[0] < n) in phmac_kmac_update()
451 ctx->buflen[1]++; in phmac_kmac_update()
459 while (hwh->walkbytes >= bs) { in phmac_kmac_update()
460 n = (hwh->walkbytes / bs) * bs; in phmac_kmac_update()
461 ctx->gr0.iimp = 1; in phmac_kmac_update()
462 k = _cpacf_kmac(&ctx->gr0.reg, ctx->param, hwh->walkaddr, n); in phmac_kmac_update()
464 ctx->buflen[0] += k; in phmac_kmac_update()
465 if (ctx->buflen[0] < k) in phmac_kmac_update()
466 ctx->buflen[1]++; in phmac_kmac_update()
472 /* protected key is invalid and needs re-conversion */ in phmac_kmac_update()
474 rc = -EKEYEXPIRED; in phmac_kmac_update()
480 spin_lock_bh(&tfm_ctx->pk_lock); in phmac_kmac_update()
481 memcpy(ctx->param + SHA2_KEY_OFFSET(bs), in phmac_kmac_update()
482 tfm_ctx->pk.protkey, tfm_ctx->pk.len); in phmac_kmac_update()
483 spin_unlock_bh(&tfm_ctx->pk_lock); in phmac_kmac_update()
489 if (hwh->walkbytes) { in phmac_kmac_update()
490 memcpy(ctx->buf + offset, hwh->walkaddr, hwh->walkbytes); in phmac_kmac_update()
491 ctx->buflen[0] += hwh->walkbytes; in phmac_kmac_update()
492 if (ctx->buflen[0] < hwh->walkbytes) in phmac_kmac_update()
493 ctx->buflen[1]++; in phmac_kmac_update()
494 rc = hwh_advance(hwh, hwh->walkbytes); in phmac_kmac_update()
499 } /* end of while (hwh->walkbytes > 0) */ in phmac_kmac_update()
511 struct kmac_sha2_ctx *ctx = &req_ctx->kmac_ctx; in phmac_kmac_final()
517 n = ctx->buflen[0] % bs; in phmac_kmac_final()
518 ctx->gr0.iimp = 0; in phmac_kmac_final()
519 kmac_sha2_set_imbl(ctx->param, ctx->buflen[0], ctx->buflen[1], bs); in phmac_kmac_final()
521 k = _cpacf_kmac(&ctx->gr0.reg, ctx->param, ctx->buf, n); in phmac_kmac_final()
526 rc = -EIO; in phmac_kmac_final()
529 /* protected key is invalid and needs re-conversion */ in phmac_kmac_final()
531 rc = -EKEYEXPIRED; in phmac_kmac_final()
537 spin_lock_bh(&tfm_ctx->pk_lock); in phmac_kmac_final()
538 memcpy(ctx->param + SHA2_KEY_OFFSET(bs), in phmac_kmac_final()
539 tfm_ctx->pk.protkey, tfm_ctx->pk.len); in phmac_kmac_final()
540 spin_unlock_bh(&tfm_ctx->pk_lock); in phmac_kmac_final()
543 memcpy(req->result, ctx->param, ds); in phmac_kmac_final()
555 struct kmac_sha2_ctx *kmac_ctx = &req_ctx->kmac_ctx; in phmac_init()
566 if (!tfm_ctx->fc) { in phmac_init()
567 rc = -ENOKEY; in phmac_init()
570 kmac_ctx->gr0.fc = tfm_ctx->fc; in phmac_init()
576 spin_lock_bh(&tfm_ctx->pk_lock); in phmac_init()
577 memcpy(kmac_ctx->param + SHA2_KEY_OFFSET(bs), in phmac_init()
578 tfm_ctx->pk.protkey, tfm_ctx->pk.len); in phmac_init()
579 spin_unlock_bh(&tfm_ctx->pk_lock); in phmac_init()
591 struct kmac_sha2_ctx *kmac_ctx = &req_ctx->kmac_ctx; in phmac_update()
592 struct hash_walk_helper *hwh = &req_ctx->hwh; in phmac_update()
601 if (!atomic_read(&tfm_ctx->via_engine_ctr)) { in phmac_update()
612 if (rc == 0 || rc == -EKEYEXPIRED) { in phmac_update()
613 atomic_inc(&tfm_ctx->via_engine_ctr); in phmac_update()
615 if (rc != -EINPROGRESS) in phmac_update()
616 atomic_dec(&tfm_ctx->via_engine_ctr); in phmac_update()
619 if (rc != -EINPROGRESS) { in phmac_update()
634 struct kmac_sha2_ctx *kmac_ctx = &req_ctx->kmac_ctx; in phmac_final()
638 if (!atomic_read(&tfm_ctx->via_engine_ctr)) { in phmac_final()
649 if (rc == 0 || rc == -EKEYEXPIRED) { in phmac_final()
650 req->nbytes = 0; in phmac_final()
651 req_ctx->final = true; in phmac_final()
652 atomic_inc(&tfm_ctx->via_engine_ctr); in phmac_final()
654 if (rc != -EINPROGRESS) in phmac_final()
655 atomic_dec(&tfm_ctx->via_engine_ctr); in phmac_final()
659 if (rc != -EINPROGRESS) in phmac_final()
670 struct kmac_sha2_ctx *kmac_ctx = &req_ctx->kmac_ctx; in phmac_finup()
671 struct hash_walk_helper *hwh = &req_ctx->hwh; in phmac_finup()
680 if (!atomic_read(&tfm_ctx->via_engine_ctr)) { in phmac_finup()
683 req->nbytes = 0; in phmac_finup()
685 if (!rc && !req->nbytes && !atomic_read(&tfm_ctx->via_engine_ctr)) { in phmac_finup()
696 if (rc == 0 || rc == -EKEYEXPIRED) { in phmac_finup()
697 req_ctx->final = true; in phmac_finup()
698 atomic_inc(&tfm_ctx->via_engine_ctr); in phmac_finup()
700 if (rc != -EINPROGRESS) in phmac_finup()
701 atomic_dec(&tfm_ctx->via_engine_ctr); in phmac_finup()
704 if (rc != -EINPROGRESS) in phmac_finup()
708 if (rc != -EINPROGRESS) in phmac_finup()
748 rc = -ENOMEM; in phmac_setkey()
771 if (tfm_ctx->pk.type != PKEY_KEYTYPE_HMAC_512) in phmac_setkey()
772 rc = -EINVAL; in phmac_setkey()
774 tfm_ctx->fc = CPACF_KMAC_PHMAC_SHA_224; in phmac_setkey()
777 if (tfm_ctx->pk.type != PKEY_KEYTYPE_HMAC_512) in phmac_setkey()
778 rc = -EINVAL; in phmac_setkey()
780 tfm_ctx->fc = CPACF_KMAC_PHMAC_SHA_256; in phmac_setkey()
783 if (tfm_ctx->pk.type != PKEY_KEYTYPE_HMAC_1024) in phmac_setkey()
784 rc = -EINVAL; in phmac_setkey()
786 tfm_ctx->fc = CPACF_KMAC_PHMAC_SHA_384; in phmac_setkey()
789 if (tfm_ctx->pk.type != PKEY_KEYTYPE_HMAC_1024) in phmac_setkey()
790 rc = -EINVAL; in phmac_setkey()
792 tfm_ctx->fc = CPACF_KMAC_PHMAC_SHA_512; in phmac_setkey()
795 tfm_ctx->fc = 0; in phmac_setkey()
796 rc = -EINVAL; in phmac_setkey()
808 struct kmac_sha2_ctx *ctx = &req_ctx->kmac_ctx; in phmac_export()
818 struct kmac_sha2_ctx *ctx = &req_ctx->kmac_ctx; in phmac_import()
831 spin_lock_init(&tfm_ctx->pk_lock); in phmac_init_tfm()
842 memzero_explicit(tfm_ctx->keybuf, sizeof(tfm_ctx->keybuf)); in phmac_exit_tfm()
843 memzero_explicit(&tfm_ctx->pk, sizeof(tfm_ctx->pk)); in phmac_exit_tfm()
852 struct kmac_sha2_ctx *kmac_ctx = &req_ctx->kmac_ctx; in phmac_do_one_request()
853 struct hash_walk_helper *hwh = &req_ctx->hwh; in phmac_do_one_request()
854 int rc = -EINVAL; in phmac_do_one_request()
858 * update when req->nbytes > 0 and req_ctx->final is false in phmac_do_one_request()
859 * final when req->nbytes = 0 and req_ctx->final is true in phmac_do_one_request()
860 * finup when req->nbytes > 0 and req_ctx->final is true in phmac_do_one_request()
862 * up to date but the actual nr of bytes in req->nbytes may be in phmac_do_one_request()
866 if (req->nbytes) { in phmac_do_one_request()
868 if (rc == -EKEYEXPIRED) { in phmac_do_one_request()
871 * Trigger a re-schedule of this request by returning in phmac_do_one_request()
872 * -ENOSPC ("hardware queue full") to the crypto engine. in phmac_do_one_request()
873 * To avoid immediately re-invocation of this callback, in phmac_do_one_request()
878 return -ENOSPC; in phmac_do_one_request()
883 req->nbytes = 0; in phmac_do_one_request()
886 if (req_ctx->final) { in phmac_do_one_request()
888 if (rc == -EKEYEXPIRED) { in phmac_do_one_request()
891 * Trigger a re-schedule of this request by returning in phmac_do_one_request()
892 * -ENOSPC ("hardware queue full") to the crypto engine. in phmac_do_one_request()
893 * To avoid immediately re-invocation of this callback, in phmac_do_one_request()
898 return -ENOSPC; in phmac_do_one_request()
903 if (rc || req_ctx->final) in phmac_do_one_request()
907 atomic_dec(&tfm_ctx->via_engine_ctr); in phmac_do_one_request()
927 .digestsize = SHA##x##_DIGEST_SIZE, \
930 .cra_name = "phmac(sha" #x ")", \
932 .cra_blocksize = SHA##x##_BLOCK_SIZE, \
956 .alg = S390_ASYNC_PHMAC_ALG(256),
981 for (i = ARRAY_SIZE(phmac_algs) - 1; i >= 0; i--) { in s390_phmac_exit()
983 if (phmac->registered) in s390_phmac_exit()
984 crypto_engine_unregister_ahash(&phmac->alg); in s390_phmac_exit()
997 return -ENODEV; in s390_phmac_init()
999 return -ENODEV; in s390_phmac_init()
1011 rc = -ENOMEM; in s390_phmac_init()
1023 if (!cpacf_query_func(CPACF_KMAC, phmac->fc)) in s390_phmac_init()
1025 rc = crypto_engine_register_ahash(&phmac->alg); in s390_phmac_init()
1028 phmac->registered = true; in s390_phmac_init()
1029 pr_debug("%s registered\n", phmac->alg.base.halg.base.cra_name); in s390_phmac_init()