[mirror_ubuntu-artful-kernel.git] / arch / s390 / crypto / sha_common.c

/*
 * Cryptographic API.
 *
 * s390 generic implementation of the SHA Secure Hash Algorithms.
 *
 * Copyright IBM Corp. 2007
 * Author(s): Jan Glauber (jang@de.ibm.com)
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the Free
 * Software Foundation; either version 2 of the License, or (at your option)
 * any later version.
 *
 */

#include <crypto/internal/hash.h>
#include <linux/module.h>
#include "sha.h"
#include "crypt_s390.h"

int s390_sha_update(struct shash_desc *desc, const u8 *data, unsigned int len)
{
	struct s390_sha_ctx *ctx = shash_desc_ctx(desc);
	unsigned int bsize = crypto_shash_blocksize(desc->tfm);
	unsigned int index;
	int ret;

	/* how much is already in the buffer? */
	index = ctx->count & (bsize - 1);
	ctx->count += len;

	if ((index + len) < bsize)
		goto store;

	/* process one stored block */
	if (index) {
		memcpy(ctx->buf + index, data, bsize - index);
		ret = crypt_s390_kimd(ctx->func, ctx->state, ctx->buf, bsize);
		BUG_ON(ret != bsize);
		data += bsize - index;
		len -= bsize - index;
		index = 0;
	}

	/* process as many blocks as possible */
	if (len >= bsize) {
		ret = crypt_s390_kimd(ctx->func, ctx->state, data,
				      len & ~(bsize - 1));
		BUG_ON(ret != (len & ~(bsize - 1)));
		data += ret;
		len -= ret;
	}
store:
	if (len)
		memcpy(ctx->buf + index , data, len);

	return 0;
}
EXPORT_SYMBOL_GPL(s390_sha_update);

int s390_sha_final(struct shash_desc *desc, u8 *out)
{
	struct s390_sha_ctx *ctx = shash_desc_ctx(desc);
	unsigned int bsize = crypto_shash_blocksize(desc->tfm);
	u64 bits;
	unsigned int index, end, plen;
	int ret;

	/* SHA-512 uses 128 bit padding length */
	plen = (bsize > SHA256_BLOCK_SIZE) ? 16 : 8;

	/* must perform manual padding */
	index = ctx->count & (bsize - 1);
	end = (index < bsize - plen) ? bsize : (2 * bsize);

	/* start pad with 1 */
	ctx->buf[index] = 0x80;
	index++;

	/* pad with zeros */
	memset(ctx->buf + index, 0x00, end - index - 8);

	/*
	 * Append message length. Well, SHA-512 wants a 128 bit length value,
	 * nevertheless we use u64, should be enough for now...
	 */
	bits = ctx->count * 8;
	memcpy(ctx->buf + end - 8, &bits, sizeof(bits));

	ret = crypt_s390_kimd(ctx->func, ctx->state, ctx->buf, end);
	BUG_ON(ret != end);

	/* copy digest to out */
	memcpy(out, ctx->state, crypto_shash_digestsize(desc->tfm));
	/* wipe context */
	memset(ctx, 0, sizeof *ctx);

	return 0;
}
EXPORT_SYMBOL_GPL(s390_sha_final);

MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("s390 SHA cipher common functions");
Commit	Line	Data
604973f1 JG	1	/*
	2	* Cryptographic API.
	3	*
	4	* s390 generic implementation of the SHA Secure Hash Algorithms.
	5	*
	6	* Copyright IBM Corp. 2007
	7	* Author(s): Jan Glauber (jang@de.ibm.com)
	8	*
	9	* This program is free software; you can redistribute it and/or modify it
	10	* under the terms of the GNU General Public License as published by the Free
	11	* Software Foundation; either version 2 of the License, or (at your option)
	12	* any later version.
	13	*
	14	*/
	15
563f346d	16	#include <crypto/internal/hash.h>
3a4c5d59	17	#include <linux/module.h>
604973f1 JG	18	#include "sha.h"
	19	#include "crypt_s390.h"
	20
563f346d	21	int s390_sha_update(struct shash_desc desc, const u8 data, unsigned int len)
604973f1	22	{
563f346d HX	23	struct s390_sha_ctx *ctx = shash_desc_ctx(desc);
563f346d HX	24	unsigned int bsize = crypto_shash_blocksize(desc->tfm);
604973f1 JG	25	unsigned int index;
	26	int ret;
	27
	28	/* how much is already in the buffer? */
	29	index = ctx->count & (bsize - 1);
	30	ctx->count += len;
	31
	32	if ((index + len) < bsize)
	33	goto store;
	34
	35	/* process one stored block */
	36	if (index) {
	37	memcpy(ctx->buf + index, data, bsize - index);
	38	ret = crypt_s390_kimd(ctx->func, ctx->state, ctx->buf, bsize);
	39	BUG_ON(ret != bsize);
	40	data += bsize - index;
	41	len -= bsize - index;
9d20b571	42	index = 0;
604973f1 JG	43	}
	44
	45	/* process as many blocks as possible */
	46	if (len >= bsize) {
	47	ret = crypt_s390_kimd(ctx->func, ctx->state, data,
	48	len & ~(bsize - 1));
	49	BUG_ON(ret != (len & ~(bsize - 1)));
	50	data += ret;
	51	len -= ret;
	52	}
	53	store:
	54	if (len)
	55	memcpy(ctx->buf + index , data, len);
563f346d HX	56
563f346d HX	57	return 0;
604973f1 JG	58	}
	59	EXPORT_SYMBOL_GPL(s390_sha_update);
	60
563f346d	61	int s390_sha_final(struct shash_desc desc, u8 out)
604973f1	62	{
563f346d HX	63	struct s390_sha_ctx *ctx = shash_desc_ctx(desc);
563f346d HX	64	unsigned int bsize = crypto_shash_blocksize(desc->tfm);
604973f1	65	u64 bits;
291dc7c0	66	unsigned int index, end, plen;
604973f1 JG	67	int ret;
604973f1 JG	68
291dc7c0 JG	69	/* SHA-512 uses 128 bit padding length */
	70	plen = (bsize > SHA256_BLOCK_SIZE) ? 16 : 8;
	71
604973f1 JG	72	/* must perform manual padding */
604973f1 JG	73	index = ctx->count & (bsize - 1);
291dc7c0	74	end = (index < bsize - plen) ? bsize : (2 * bsize);
604973f1 JG	75
	76	/* start pad with 1 */
	77	ctx->buf[index] = 0x80;
	78	index++;
	79
	80	/* pad with zeros */
	81	memset(ctx->buf + index, 0x00, end - index - 8);
	82
291dc7c0	83	/*
1537a363	84	* Append message length. Well, SHA-512 wants a 128 bit length value,
291dc7c0 JG	85	* nevertheless we use u64, should be enough for now...
291dc7c0 JG	86	*/
604973f1 JG	87	bits = ctx->count * 8;
	88	memcpy(ctx->buf + end - 8, &bits, sizeof(bits));
	89
	90	ret = crypt_s390_kimd(ctx->func, ctx->state, ctx->buf, end);
	91	BUG_ON(ret != end);
	92
	93	/* copy digest to out */
563f346d	94	memcpy(out, ctx->state, crypto_shash_digestsize(desc->tfm));
604973f1 JG	95	/* wipe context */
604973f1 JG	96	memset(ctx, 0, sizeof *ctx);
563f346d HX	97
563f346d HX	98	return 0;
604973f1 JG	99	}
	100	EXPORT_SYMBOL_GPL(s390_sha_final);
	101
	102	MODULE_LICENSE("GPL");
	103	MODULE_DESCRIPTION("s390 SHA cipher common functions");