[PW_SID:977402] SHA-512 library functions#592
Conversation
Rename existing functions and structs in architecture-optimized SHA-512 code that had names conflicting with the upcoming library interface which will be added to <crypto/sha2.h>: sha384_init, sha512_init, sha512_update, sha384, and sha512. Note: all affected code will be superseded by later commits that migrate the arch-optimized SHA-512 code into the library. This commit simply keeps the kernel building for the initial introduction of the library. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Add basic support for SHA-384 and SHA-512 to lib/crypto/. Various in-kernel users will be able to use this instead of the old-school crypto API, which is harder to use and has more overhead. The basic support added by this commit consists of the API and its documentation, backed by a C implementation of the algorithms. sha512_block_generic() is derived from crypto/sha512_generic.c. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Since HMAC support is commonly needed and is fairly simple, include it as a first-class citizen of the SHA-512 library. The API supports both incremental and one-shot computation, and either preparing the key ahead of time or just using a raw key. The implementation is much more streamlined than crypto/hmac.c. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
sha512_generic_block_fn() will no longer be available when the SHA-512 support in the old-school crypto API is changed to just wrap the SHA-512 library. Replace the use of sha512_generic_block_fn() in sha512-riscv64-glue.c with temporary code that uses the library's __sha512_update(). This is just a temporary workaround to keep the kernel building and functional at each commit; this code gets superseded when the RISC-V optimized SHA-512 is migrated to lib/crypto/ anyway. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
…ibrary Delete crypto/sha512_generic.c, which provided "generic" SHA-384 and SHA-512 crypto_shash algorithms. Replace it with crypto/sha512.c which provides SHA-384, SHA-512, HMAC-SHA384, and HMAC-SHA512 crypto_shash algorithms using the corresponding library functions. This is a prerequisite for migrating all the arch-optimized SHA-512 code (which is almost 3000 lines) to lib/crypto/ rather than duplicating it. Since the replacement crypto_shash algorithms are implemented using the (potentially arch-optimized) library functions, give them cra_driver_names ending with "-lib" rather than "-generic". Update crypto/testmgr.c and one odd driver to take this change in driver name into account. Besides these cases which are accounted for, there are no known cases where the cra_driver_name was being depended on. This change does mean that the abstract partial block handling code in crypto/shash.c, which got added in 6.16, no longer gets used. But that's fine; the library has to implement the partial block handling anyway, and it's better to do it in the library since the block size and other properties of the algorithm are all fixed at compile time there, resulting in more streamlined code. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Make the export and import functions for the sha384, sha512, hmac(sha384), and hmac(sha512) shash algorithms use the same format as the padlock-sha and nx-sha512 drivers, as required by Herbert. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Instead of exposing the arm-optimized SHA-512 code via arm-specific crypto_shash algorithms, instead just implement the sha512_blocks() library function. This is much simpler, it makes the SHA-512 (and SHA-384) library functions be arm-optimized, and it fixes the longstanding issue where the arm-optimized SHA-512 code was disabled by default. SHA-512 still remains available through crypto_shash, but individual architectures no longer need to handle it. To match sha512_blocks(), change the type of the nblocks parameter of the assembly functions from int to size_t. The assembly functions actually already treated it as size_t. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Instead of exposing the arm64-optimized SHA-512 code via arm64-specific crypto_shash algorithms, instead just implement the sha512_blocks() library function. This is much simpler, it makes the SHA-512 (and SHA-384) library functions be arm64-optimized, and it fixes the longstanding issue where the arm64-optimized SHA-512 code was disabled by default. SHA-512 still remains available through crypto_shash, but individual architectures no longer need to handle it. To match sha512_blocks(), change the type of the nblocks parameter of the assembly functions from int or 'unsigned int' to size_t. Update the ARMv8 CE assembly function accordingly. The scalar assembly function actually already treated it as size_t. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Since arch/mips/cavium-octeon/crypto/octeon-crypto.h is now needed outside of its directory, move it to arch/mips/include/asm/octeon/crypto.h so that it can be included as <asm/octeon/crypto.h>. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Instead of exposing the mips-optimized SHA-512 code via mips-specific crypto_shash algorithms, instead just implement the sha512_blocks() library function. This is much simpler, it makes the SHA-512 (and SHA-384) library functions be mips-optimized, and it fixes the longstanding issue where the mips-optimized SHA-512 code was disabled by default. SHA-512 still remains available through crypto_shash, but individual architectures no longer need to handle it. Note: to see the diff from arch/mips/cavium-octeon/crypto/octeon-sha512.c to lib/crypto/mips/sha512.h, view this commit with 'git show -M10'. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Instead of exposing the riscv-optimized SHA-512 code via riscv-specific crypto_shash algorithms, instead just implement the sha512_blocks() library function. This is much simpler, it makes the SHA-512 (and SHA-384) library functions be riscv-optimized, and it fixes the longstanding issue where the riscv-optimized SHA-512 code was disabled by default. SHA-512 still remains available through crypto_shash, but individual architectures no longer need to handle it. To match sha512_blocks(), change the type of the nblocks parameter of the assembly function from int to size_t. The assembly function actually already treated it as size_t. Note: to see the diff from arch/riscv/crypto/sha512-riscv64-glue.c to lib/crypto/riscv/sha512.h, view this commit with 'git show -M10'. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Instead of exposing the s390-optimized SHA-512 code via s390-specific crypto_shash algorithms, instead just implement the sha512_blocks() library function. This is much simpler, it makes the SHA-512 (and SHA-384) library functions be s390-optimized, and it fixes the longstanding issue where the s390-optimized SHA-512 code was disabled by default. SHA-512 still remains available through crypto_shash, but individual architectures no longer need to handle it. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Instead of exposing the sparc-optimized SHA-512 code via sparc-specific crypto_shash algorithms, instead just implement the sha512_blocks() library function. This is much simpler, it makes the SHA-512 (and SHA-384) library functions be sparc-optimized, and it fixes the longstanding issue where the sparc-optimized SHA-512 code was disabled by default. SHA-512 still remains available through crypto_shash, but individual architectures no longer need to handle it. To match sha512_blocks(), change the type of the nblocks parameter of the assembly function from int to size_t. The assembly function actually already treated it as size_t. Note: to see the diff from arch/sparc/crypto/sha512_glue.c to lib/crypto/sparc/sha512.h, view this commit with 'git show -M10'. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Instead of exposing the x86-optimized SHA-512 code via x86-specific crypto_shash algorithms, instead just implement the sha512_blocks() library function. This is much simpler, it makes the SHA-512 (and SHA-384) library functions be x86-optimized, and it fixes the longstanding issue where the x86-optimized SHA-512 code was disabled by default. SHA-512 still remains available through crypto_shash, but individual architectures no longer need to handle it. To match sha512_blocks(), change the type of the nblocks parameter of the assembly functions from int to size_t. The assembly functions actually already treated it as size_t. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
Since sha512_blocks() is called only with nblocks >= 1, remove unnecessary checks for nblocks == 0 from the x86 SHA-512 assembly code. Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
sha512_base.h is no longer used, so remove it. Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Linux RISC-V bot <linux.riscv.bot@gmail.com>
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 1: "[v3,01/16] crypto: sha512 - Rename conflicting symbols" |
|
Patch 2: "[v3,02/16] lib/crypto: sha512: Add support for SHA-384 and SHA-512" |
|
Patch 15: "[v3,15/16] lib/crypto: x86/sha512: Remove unnecessary checks for nblocks==0" |
|
Patch 15: "[v3,15/16] lib/crypto: x86/sha512: Remove unnecessary checks for nblocks==0" |
|
Patch 15: "[v3,15/16] lib/crypto: x86/sha512: Remove unnecessary checks for nblocks==0" |
|
Patch 15: "[v3,15/16] lib/crypto: x86/sha512: Remove unnecessary checks for nblocks==0" |
|
Patch 15: "[v3,15/16] lib/crypto: x86/sha512: Remove unnecessary checks for nblocks==0" |
|
Patch 15: "[v3,15/16] lib/crypto: x86/sha512: Remove unnecessary checks for nblocks==0" |
|
Patch 15: "[v3,15/16] lib/crypto: x86/sha512: Remove unnecessary checks for nblocks==0" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
|
Patch 16: "[v3,16/16] crypto: sha512 - Remove sha512_base.h" |
linux-riscv-bot
force-pushed
the
workflow
branch
9 times, most recently
from
ccf1678 to
cac3d08
Compare
1 participant
PR for series 977402 applied to workflow
Name: SHA-512 library functions
URL: https://patchwork.kernel.org/project/linux-riscv/list/?series=977402
Version: 3