Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/crypto/sha3_generic.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0-or-later
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * Cryptographic API.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * SHA-3, as specified in
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  * https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8)  * SHA-3 code by Jeff Garzik <jeff@garzik.org>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9)  *               Ard Biesheuvel <ard.biesheuvel@linaro.org>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11) #include <crypto/internal/hash.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12) #include <linux/init.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13) #include <linux/module.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) #include <linux/types.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) #include <crypto/sha3.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) #include <asm/unaligned.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19)  * On some 32-bit architectures (h8300), GCC ends up using
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20)  * over 1 KB of stack if we inline the round calculation into the loop
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21)  * in keccakf(). On the other hand, on 64-bit architectures with plenty
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22)  * of [64-bit wide] general purpose registers, not inlining it severely
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23)  * hurts performance. So let's use 64-bitness as a heuristic to decide
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24)  * whether to inline or not.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) #ifdef CONFIG_64BIT
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) #define SHA3_INLINE	inline
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) #define SHA3_INLINE	noinline
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) #define KECCAK_ROUNDS 24
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) static const u64 keccakf_rndc[24] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 	0x0000000000000001ULL, 0x0000000000008082ULL, 0x800000000000808aULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 	0x8000000080008000ULL, 0x000000000000808bULL, 0x0000000080000001ULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 	0x8000000080008081ULL, 0x8000000000008009ULL, 0x000000000000008aULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 	0x0000000000000088ULL, 0x0000000080008009ULL, 0x000000008000000aULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 	0x000000008000808bULL, 0x800000000000008bULL, 0x8000000000008089ULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 	0x8000000000008003ULL, 0x8000000000008002ULL, 0x8000000000000080ULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 	0x000000000000800aULL, 0x800000008000000aULL, 0x8000000080008081ULL,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 	0x8000000000008080ULL, 0x0000000080000001ULL, 0x8000000080008008ULL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) /* update the state with given number of rounds */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) static SHA3_INLINE void keccakf_round(u64 st[25])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 	u64 t[5], tt, bc[5];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 	/* Theta */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 	bc[0] = st[0] ^ st[5] ^ st[10] ^ st[15] ^ st[20];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 	bc[1] = st[1] ^ st[6] ^ st[11] ^ st[16] ^ st[21];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 	bc[2] = st[2] ^ st[7] ^ st[12] ^ st[17] ^ st[22];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) 	bc[3] = st[3] ^ st[8] ^ st[13] ^ st[18] ^ st[23];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 	bc[4] = st[4] ^ st[9] ^ st[14] ^ st[19] ^ st[24];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 	t[0] = bc[4] ^ rol64(bc[1], 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 	t[1] = bc[0] ^ rol64(bc[2], 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 	t[2] = bc[1] ^ rol64(bc[3], 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 	t[3] = bc[2] ^ rol64(bc[4], 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 	t[4] = bc[3] ^ rol64(bc[0], 1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 	st[0] ^= t[0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 	/* Rho Pi */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 	tt = st[1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 	st[ 1] = rol64(st[ 6] ^ t[1], 44);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 	st[ 6] = rol64(st[ 9] ^ t[4], 20);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 	st[ 9] = rol64(st[22] ^ t[2], 61);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 	st[22] = rol64(st[14] ^ t[4], 39);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 	st[14] = rol64(st[20] ^ t[0], 18);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 	st[20] = rol64(st[ 2] ^ t[2], 62);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) 	st[ 2] = rol64(st[12] ^ t[2], 43);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 	st[12] = rol64(st[13] ^ t[3], 25);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 	st[13] = rol64(st[19] ^ t[4],  8);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 	st[19] = rol64(st[23] ^ t[3], 56);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 	st[23] = rol64(st[15] ^ t[0], 41);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 	st[15] = rol64(st[ 4] ^ t[4], 27);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 	st[ 4] = rol64(st[24] ^ t[4], 14);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 	st[24] = rol64(st[21] ^ t[1],  2);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 	st[21] = rol64(st[ 8] ^ t[3], 55);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 	st[ 8] = rol64(st[16] ^ t[1], 45);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 	st[16] = rol64(st[ 5] ^ t[0], 36);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 	st[ 5] = rol64(st[ 3] ^ t[3], 28);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 	st[ 3] = rol64(st[18] ^ t[3], 21);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 	st[18] = rol64(st[17] ^ t[2], 15);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 	st[17] = rol64(st[11] ^ t[1], 10);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 	st[11] = rol64(st[ 7] ^ t[2],  6);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 	st[ 7] = rol64(st[10] ^ t[0],  3);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 	st[10] = rol64(    tt ^ t[1],  1);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 	/* Chi */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 	bc[ 0] = ~st[ 1] & st[ 2];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 	bc[ 1] = ~st[ 2] & st[ 3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) 	bc[ 2] = ~st[ 3] & st[ 4];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 	bc[ 3] = ~st[ 4] & st[ 0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	bc[ 4] = ~st[ 0] & st[ 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 	st[ 0] ^= bc[ 0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 	st[ 1] ^= bc[ 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 	st[ 2] ^= bc[ 2];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 	st[ 3] ^= bc[ 3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) 	st[ 4] ^= bc[ 4];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 	bc[ 0] = ~st[ 6] & st[ 7];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 	bc[ 1] = ~st[ 7] & st[ 8];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 	bc[ 2] = ~st[ 8] & st[ 9];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	bc[ 3] = ~st[ 9] & st[ 5];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 	bc[ 4] = ~st[ 5] & st[ 6];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 	st[ 5] ^= bc[ 0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 	st[ 6] ^= bc[ 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 	st[ 7] ^= bc[ 2];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 	st[ 8] ^= bc[ 3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 	st[ 9] ^= bc[ 4];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 	bc[ 0] = ~st[11] & st[12];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 	bc[ 1] = ~st[12] & st[13];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 	bc[ 2] = ~st[13] & st[14];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) 	bc[ 3] = ~st[14] & st[10];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 	bc[ 4] = ~st[10] & st[11];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) 	st[10] ^= bc[ 0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 	st[11] ^= bc[ 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) 	st[12] ^= bc[ 2];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 	st[13] ^= bc[ 3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 	st[14] ^= bc[ 4];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 	bc[ 0] = ~st[16] & st[17];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) 	bc[ 1] = ~st[17] & st[18];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) 	bc[ 2] = ~st[18] & st[19];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) 	bc[ 3] = ~st[19] & st[15];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) 	bc[ 4] = ~st[15] & st[16];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) 	st[15] ^= bc[ 0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) 	st[16] ^= bc[ 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) 	st[17] ^= bc[ 2];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) 	st[18] ^= bc[ 3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) 	st[19] ^= bc[ 4];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) 	bc[ 0] = ~st[21] & st[22];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) 	bc[ 1] = ~st[22] & st[23];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) 	bc[ 2] = ~st[23] & st[24];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 	bc[ 3] = ~st[24] & st[20];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) 	bc[ 4] = ~st[20] & st[21];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) 	st[20] ^= bc[ 0];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) 	st[21] ^= bc[ 1];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) 	st[22] ^= bc[ 2];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) 	st[23] ^= bc[ 3];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) 	st[24] ^= bc[ 4];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) static void keccakf(u64 st[25])
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 	int round;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) 	for (round = 0; round < KECCAK_ROUNDS; round++) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) 		keccakf_round(st);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) 		/* Iota */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) 		st[0] ^= keccakf_rndc[round];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) int crypto_sha3_init(struct shash_desc *desc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) 	struct sha3_state *sctx = shash_desc_ctx(desc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) 	unsigned int digest_size = crypto_shash_digestsize(desc->tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) 	sctx->rsiz = 200 - 2 * digest_size;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) 	sctx->rsizw = sctx->rsiz / 8;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) 	sctx->partial = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) 	memset(sctx->st, 0, sizeof(sctx->st));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) EXPORT_SYMBOL(crypto_sha3_init);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) int crypto_sha3_update(struct shash_desc *desc, const u8 *data,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) 		       unsigned int len)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) 	struct sha3_state *sctx = shash_desc_ctx(desc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) 	unsigned int done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) 	const u8 *src;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) 	done = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) 	src = data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) 	if ((sctx->partial + len) > (sctx->rsiz - 1)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) 		if (sctx->partial) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) 			done = -sctx->partial;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) 			memcpy(sctx->buf + sctx->partial, data,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) 			       done + sctx->rsiz);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) 			src = sctx->buf;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) 		do {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) 			unsigned int i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) 			for (i = 0; i < sctx->rsizw; i++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) 				sctx->st[i] ^= get_unaligned_le64(src + 8 * i);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) 			keccakf(sctx->st);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) 			done += sctx->rsiz;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) 			src = data + done;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202) 		} while (done + (sctx->rsiz - 1) < len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) 		sctx->partial = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) 	memcpy(sctx->buf + sctx->partial, src, len - done);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) 	sctx->partial += (len - done);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) EXPORT_SYMBOL(crypto_sha3_update);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) int crypto_sha3_final(struct shash_desc *desc, u8 *out)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) 	struct sha3_state *sctx = shash_desc_ctx(desc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) 	unsigned int i, inlen = sctx->partial;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) 	unsigned int digest_size = crypto_shash_digestsize(desc->tfm);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) 	__le64 *digest = (__le64 *)out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) 	sctx->buf[inlen++] = 0x06;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) 	memset(sctx->buf + inlen, 0, sctx->rsiz - inlen);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) 	sctx->buf[sctx->rsiz - 1] |= 0x80;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) 	for (i = 0; i < sctx->rsizw; i++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) 		sctx->st[i] ^= get_unaligned_le64(sctx->buf + 8 * i);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) 	keccakf(sctx->st);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) 	for (i = 0; i < digest_size / 8; i++)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) 		put_unaligned_le64(sctx->st[i], digest++);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) 	if (digest_size & 4)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) 		put_unaligned_le32(sctx->st[i], (__le32 *)digest);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) 	memset(sctx, 0, sizeof(*sctx));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) EXPORT_SYMBOL(crypto_sha3_final);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) static struct shash_alg algs[] = { {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) 	.digestsize		= SHA3_224_DIGEST_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) 	.init			= crypto_sha3_init,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) 	.update			= crypto_sha3_update,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) 	.final			= crypto_sha3_final,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) 	.descsize		= sizeof(struct sha3_state),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) 	.base.cra_name		= "sha3-224",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) 	.base.cra_driver_name	= "sha3-224-generic",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) 	.base.cra_blocksize	= SHA3_224_BLOCK_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) 	.base.cra_module	= THIS_MODULE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) }, {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) 	.digestsize		= SHA3_256_DIGEST_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) 	.init			= crypto_sha3_init,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) 	.update			= crypto_sha3_update,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) 	.final			= crypto_sha3_final,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) 	.descsize		= sizeof(struct sha3_state),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) 	.base.cra_name		= "sha3-256",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) 	.base.cra_driver_name	= "sha3-256-generic",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) 	.base.cra_blocksize	= SHA3_256_BLOCK_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) 	.base.cra_module	= THIS_MODULE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) }, {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) 	.digestsize		= SHA3_384_DIGEST_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) 	.init			= crypto_sha3_init,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) 	.update			= crypto_sha3_update,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) 	.final			= crypto_sha3_final,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) 	.descsize		= sizeof(struct sha3_state),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) 	.base.cra_name		= "sha3-384",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) 	.base.cra_driver_name	= "sha3-384-generic",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) 	.base.cra_blocksize	= SHA3_384_BLOCK_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) 	.base.cra_module	= THIS_MODULE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) }, {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) 	.digestsize		= SHA3_512_DIGEST_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) 	.init			= crypto_sha3_init,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) 	.update			= crypto_sha3_update,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) 	.final			= crypto_sha3_final,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) 	.descsize		= sizeof(struct sha3_state),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) 	.base.cra_name		= "sha3-512",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) 	.base.cra_driver_name	= "sha3-512-generic",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) 	.base.cra_blocksize	= SHA3_512_BLOCK_SIZE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) 	.base.cra_module	= THIS_MODULE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) } };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) static int __init sha3_generic_mod_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) 	return crypto_register_shashes(algs, ARRAY_SIZE(algs));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) static void __exit sha3_generic_mod_fini(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) 	crypto_unregister_shashes(algs, ARRAY_SIZE(algs));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) subsys_initcall(sha3_generic_mod_init);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) module_exit(sha3_generic_mod_fini);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) MODULE_LICENSE("GPL");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) MODULE_DESCRIPTION("SHA-3 Secure Hash Algorithm");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) MODULE_ALIAS_CRYPTO("sha3-224");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) MODULE_ALIAS_CRYPTO("sha3-224-generic");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) MODULE_ALIAS_CRYPTO("sha3-256");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) MODULE_ALIAS_CRYPTO("sha3-256-generic");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) MODULE_ALIAS_CRYPTO("sha3-384");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) MODULE_ALIAS_CRYPTO("sha3-384-generic");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) MODULE_ALIAS_CRYPTO("sha3-512");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) MODULE_ALIAS_CRYPTO("sha3-512-generic");
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.