crypto: blake2s - remove shash module
BLAKE2s has no currently known use as an shash. Just remove all of this
unnecessary plumbing. Removing this shash was something we talked about
back when we were making BLAKE2s a built-in, but I simply never got
around to doing it. So this completes that project.
Importantly, this fixs a bug in which the lib code depends on
crypto_simd_disabled_for_test, causing linker errors.
Also add more alignment tests to the selftests and compare SIMD and
non-SIMD compression functions, to make up for what we lose from
testmgr.c.
Reported-by: gaochao <gaochao49@huawei.com>
Cc: Eric Biggers <ebiggers@kernel.org>
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: stable@vger.kernel.org
Fixes: 6048fdcc5f ("lib/crypto: blake2s: include as built-in")
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Jason A. Donenfeld
Herbert Xu
parent
920b0442b9
commit
2d16803c56
15 changed files with 76 additions and 624 deletions
|
|
@ -4,6 +4,8 @@
|
|||
*/
|
||||
|
||||
#include <crypto/internal/blake2s.h>
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/random.h>
|
||||
#include <linux/string.h>
|
||||
|
||||
/*
|
||||
|
|
@ -587,5 +589,44 @@ bool __init blake2s_selftest(void)
|
|||
}
|
||||
}
|
||||
|
||||
for (i = 0; i < 32; ++i) {
|
||||
enum { TEST_ALIGNMENT = 16 };
|
||||
u8 unaligned_block[BLAKE2S_BLOCK_SIZE + TEST_ALIGNMENT - 1]
|
||||
__aligned(TEST_ALIGNMENT);
|
||||
u8 blocks[BLAKE2S_BLOCK_SIZE * 3];
|
||||
struct blake2s_state state1, state2;
|
||||
|
||||
get_random_bytes(blocks, sizeof(blocks));
|
||||
get_random_bytes(&state, sizeof(state));
|
||||
|
||||
#if defined(CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC) && \
|
||||
defined(CONFIG_CRYPTO_ARCH_HAVE_LIB_BLAKE2S)
|
||||
memcpy(&state1, &state, sizeof(state1));
|
||||
memcpy(&state2, &state, sizeof(state2));
|
||||
blake2s_compress(&state1, blocks, 3, BLAKE2S_BLOCK_SIZE);
|
||||
blake2s_compress_generic(&state2, blocks, 3, BLAKE2S_BLOCK_SIZE);
|
||||
if (memcmp(&state1, &state2, sizeof(state1))) {
|
||||
pr_err("blake2s random compress self-test %d: FAIL\n",
|
||||
i + 1);
|
||||
success = false;
|
||||
}
|
||||
#endif
|
||||
|
||||
memcpy(&state1, &state, sizeof(state1));
|
||||
blake2s_compress(&state1, blocks, 1, BLAKE2S_BLOCK_SIZE);
|
||||
for (l = 1; l < TEST_ALIGNMENT; ++l) {
|
||||
memcpy(unaligned_block + l, blocks,
|
||||
BLAKE2S_BLOCK_SIZE);
|
||||
memcpy(&state2, &state, sizeof(state2));
|
||||
blake2s_compress(&state2, unaligned_block + l, 1,
|
||||
BLAKE2S_BLOCK_SIZE);
|
||||
if (memcmp(&state1, &state2, sizeof(state1))) {
|
||||
pr_err("blake2s random compress align %d self-test %d: FAIL\n",
|
||||
l, i + 1);
|
||||
success = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return success;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,16 +16,44 @@
|
|||
#include <linux/init.h>
|
||||
#include <linux/bug.h>
|
||||
|
||||
static inline void blake2s_set_lastblock(struct blake2s_state *state)
|
||||
{
|
||||
state->f[0] = -1;
|
||||
}
|
||||
|
||||
void blake2s_update(struct blake2s_state *state, const u8 *in, size_t inlen)
|
||||
{
|
||||
__blake2s_update(state, in, inlen, false);
|
||||
const size_t fill = BLAKE2S_BLOCK_SIZE - state->buflen;
|
||||
|
||||
if (unlikely(!inlen))
|
||||
return;
|
||||
if (inlen > fill) {
|
||||
memcpy(state->buf + state->buflen, in, fill);
|
||||
blake2s_compress(state, state->buf, 1, BLAKE2S_BLOCK_SIZE);
|
||||
state->buflen = 0;
|
||||
in += fill;
|
||||
inlen -= fill;
|
||||
}
|
||||
if (inlen > BLAKE2S_BLOCK_SIZE) {
|
||||
const size_t nblocks = DIV_ROUND_UP(inlen, BLAKE2S_BLOCK_SIZE);
|
||||
blake2s_compress(state, in, nblocks - 1, BLAKE2S_BLOCK_SIZE);
|
||||
in += BLAKE2S_BLOCK_SIZE * (nblocks - 1);
|
||||
inlen -= BLAKE2S_BLOCK_SIZE * (nblocks - 1);
|
||||
}
|
||||
memcpy(state->buf + state->buflen, in, inlen);
|
||||
state->buflen += inlen;
|
||||
}
|
||||
EXPORT_SYMBOL(blake2s_update);
|
||||
|
||||
void blake2s_final(struct blake2s_state *state, u8 *out)
|
||||
{
|
||||
WARN_ON(IS_ENABLED(DEBUG) && !out);
|
||||
__blake2s_final(state, out, false);
|
||||
blake2s_set_lastblock(state);
|
||||
memset(state->buf + state->buflen, 0,
|
||||
BLAKE2S_BLOCK_SIZE - state->buflen); /* Padding */
|
||||
blake2s_compress(state, state->buf, 1, state->buflen);
|
||||
cpu_to_le32_array(state->h, ARRAY_SIZE(state->h));
|
||||
memcpy(out, state->h, state->outlen);
|
||||
memzero_explicit(state, sizeof(*state));
|
||||
}
|
||||
EXPORT_SYMBOL(blake2s_final);
|
||||
|
|
@ -38,12 +66,7 @@ static int __init blake2s_mod_init(void)
|
|||
return 0;
|
||||
}
|
||||
|
||||
static void __exit blake2s_mod_exit(void)
|
||||
{
|
||||
}
|
||||
|
||||
module_init(blake2s_mod_init);
|
||||
module_exit(blake2s_mod_exit);
|
||||
MODULE_LICENSE("GPL v2");
|
||||
MODULE_DESCRIPTION("BLAKE2s hash function");
|
||||
MODULE_AUTHOR("Jason A. Donenfeld <Jason@zx2c4.com>");
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue