crypto: arm/blake2b - Use API partial block handling

+9 -11

arch/arm/crypto/blake2b-neon-glue.c

··· 7 7 8 8 #include <crypto/internal/blake2b.h> 9 9 #include <crypto/internal/hash.h> 10 - #include <crypto/internal/simd.h> 11 10 12 11 #include <linux/module.h> 13 12 #include <linux/sizes.h> ··· 20 21 static void blake2b_compress_arch(struct blake2b_state *state, 21 22 const u8 *block, size_t nblocks, u32 inc) 22 23 { 23 - if (!crypto_simd_usable()) { 24 - blake2b_compress_generic(state, block, nblocks, inc); 25 - return; 26 - } 27 - 28 24 do { 29 25 const size_t blocks = min_t(size_t, nblocks, 30 26 SZ_4K / BLAKE2B_BLOCK_SIZE); ··· 36 42 static int crypto_blake2b_update_neon(struct shash_desc *desc, 37 43 const u8 *in, unsigned int inlen) 38 44 { 39 - return crypto_blake2b_update(desc, in, inlen, blake2b_compress_arch); 45 + return crypto_blake2b_update_bo(desc, in, inlen, blake2b_compress_arch); 40 46 } 41 47 42 - static int crypto_blake2b_final_neon(struct shash_desc *desc, u8 *out) 48 + static int crypto_blake2b_finup_neon(struct shash_desc *desc, const u8 *in, 49 + unsigned int inlen, u8 *out) 43 50 { 44 - return crypto_blake2b_final(desc, out, blake2b_compress_arch); 51 + return crypto_blake2b_finup(desc, in, inlen, out, 52 + blake2b_compress_arch); 45 53 } 46 54 47 55 #define BLAKE2B_ALG(name, driver_name, digest_size) \ ··· 51 55 .base.cra_name = name, \ 52 56 .base.cra_driver_name = driver_name, \ 53 57 .base.cra_priority = 200, \ 54 - .base.cra_flags = CRYPTO_ALG_OPTIONAL_KEY, \ 58 + .base.cra_flags = CRYPTO_ALG_OPTIONAL_KEY | \ 59 + CRYPTO_AHASH_ALG_BLOCK_ONLY, \ 55 60 .base.cra_blocksize = BLAKE2B_BLOCK_SIZE, \ 56 61 .base.cra_ctxsize = sizeof(struct blake2b_tfm_ctx), \ 57 62 .base.cra_module = THIS_MODULE, \ ··· 60 63 .setkey = crypto_blake2b_setkey, \ 61 64 .init = crypto_blake2b_init, \ 62 65 .update = crypto_blake2b_update_neon, \ 63 - .final = crypto_blake2b_final_neon, \ 66 + .finup = crypto_blake2b_finup_neon, \ 64 67 .descsize = sizeof(struct blake2b_state), \ 68 + .statesize = BLAKE2B_STATE_SIZE, \ 65 69 } 66 70 67 71 static struct shash_alg blake2b_neon_algs[] = {

+10 -11

include/crypto/blake2b.h

··· 7 7 #include <linux/types.h> 8 8 #include <linux/string.h> 9 9 10 + struct blake2b_state { 11 + /* 'h', 't', and 'f' are used in assembly code, so keep them as-is. */ 12 + u64 h[8]; 13 + u64 t[2]; 14 + /* The true state ends here. The rest is temporary storage. */ 15 + u64 f[2]; 16 + }; 17 + 10 18 enum blake2b_lengths { 11 19 BLAKE2B_BLOCK_SIZE = 128, 12 20 BLAKE2B_HASH_SIZE = 64, 13 21 BLAKE2B_KEY_SIZE = 64, 14 - BLAKE2B_STATE_SIZE = 80, 15 - BLAKE2B_DESC_SIZE = 96, 22 + BLAKE2B_STATE_SIZE = offsetof(struct blake2b_state, f), 23 + BLAKE2B_DESC_SIZE = sizeof(struct blake2b_state), 16 24 17 25 BLAKE2B_160_HASH_SIZE = 20, 18 26 BLAKE2B_256_HASH_SIZE = 32, 19 27 BLAKE2B_384_HASH_SIZE = 48, 20 28 BLAKE2B_512_HASH_SIZE = 64, 21 - }; 22 - 23 - struct blake2b_state { 24 - /* 'h', 't', and 'f' are used in assembly code, so keep them as-is. */ 25 - u64 h[8]; 26 - u64 t[2]; 27 - u64 f[2]; 28 - u8 buf[BLAKE2B_BLOCK_SIZE]; 29 - unsigned int buflen; 30 29 }; 31 30 32 31 enum blake2b_iv {

-62

include/crypto/internal/blake2b.h

··· 33 33 typedef void (*blake2b_compress_t)(struct blake2b_state *state, 34 34 const u8 *block, size_t nblocks, u32 inc); 35 35 36 - static inline void __blake2b_update(struct blake2b_state *state, 37 - const u8 *in, size_t inlen, 38 - blake2b_compress_t compress) 39 - { 40 - const size_t fill = BLAKE2B_BLOCK_SIZE - state->buflen; 41 - 42 - if (unlikely(!inlen)) 43 - return; 44 - blake2b_set_nonlast(state); 45 - if (inlen > fill) { 46 - memcpy(state->buf + state->buflen, in, fill); 47 - (*compress)(state, state->buf, 1, BLAKE2B_BLOCK_SIZE); 48 - state->buflen = 0; 49 - in += fill; 50 - inlen -= fill; 51 - } 52 - if (inlen > BLAKE2B_BLOCK_SIZE) { 53 - const size_t nblocks = DIV_ROUND_UP(inlen, BLAKE2B_BLOCK_SIZE); 54 - /* Hash one less (full) block than strictly possible */ 55 - (*compress)(state, in, nblocks - 1, BLAKE2B_BLOCK_SIZE); 56 - in += BLAKE2B_BLOCK_SIZE * (nblocks - 1); 57 - inlen -= BLAKE2B_BLOCK_SIZE * (nblocks - 1); 58 - } 59 - memcpy(state->buf + state->buflen, in, inlen); 60 - state->buflen += inlen; 61 - } 62 - 63 - static inline void __blake2b_final(struct blake2b_state *state, u8 *out, 64 - unsigned int outlen, 65 - blake2b_compress_t compress) 66 - { 67 - int i; 68 - 69 - blake2b_set_lastblock(state); 70 - memset(state->buf + state->buflen, 0, 71 - BLAKE2B_BLOCK_SIZE - state->buflen); /* Padding */ 72 - (*compress)(state, state->buf, 1, state->buflen); 73 - for (i = 0; i < ARRAY_SIZE(state->h); i++) 74 - __cpu_to_le64s(&state->h[i]); 75 - memcpy(out, state->h, outlen); 76 - } 77 - 78 36 /* Helper functions for shash implementations of BLAKE2b */ 79 37 80 38 struct blake2b_tfm_ctx { ··· 68 110 crypto_shash_update(desc, tctx->key, BLAKE2B_BLOCK_SIZE) : 0; 69 111 } 70 112 71 - static inline int crypto_blake2b_update(struct shash_desc *desc, 72 - const u8 *in, unsigned int inlen, 73 - blake2b_compress_t compress) 74 - { 75 - struct blake2b_state *state = shash_desc_ctx(desc); 76 - 77 - __blake2b_update(state, in, inlen, compress); 78 - return 0; 79 - } 80 - 81 113 static inline int crypto_blake2b_update_bo(struct shash_desc *desc, 82 114 const u8 *in, unsigned int inlen, 83 115 blake2b_compress_t compress) ··· 77 129 blake2b_set_nonlast(state); 78 130 compress(state, in, inlen / BLAKE2B_BLOCK_SIZE, BLAKE2B_BLOCK_SIZE); 79 131 return inlen - round_down(inlen, BLAKE2B_BLOCK_SIZE); 80 - } 81 - 82 - static inline int crypto_blake2b_final(struct shash_desc *desc, u8 *out, 83 - blake2b_compress_t compress) 84 - { 85 - unsigned int outlen = crypto_shash_digestsize(desc->tfm); 86 - struct blake2b_state *state = shash_desc_ctx(desc); 87 - 88 - __blake2b_final(state, out, outlen, compress); 89 - return 0; 90 132 } 91 133 92 134 static inline int crypto_blake2b_finup(struct shash_desc *desc, const u8 *in,

Configure Feed

Configure Feed