search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
WIP FPC-III support
[linux/fpc-iii.git] / arch / mips / cavium-octeon / crypto / octeon-sha256.c
blob36cb92895d72594b433c1ec6eea32166a7ac2c0e
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Cryptographic API.
4 *
5 * SHA-224 and SHA-256 Secure Hash Algorithm.
6 *
7 * Adapted for OCTEON by Aaro Koskinen <aaro.koskinen@iki.fi>.
8 *
9 * Based on crypto/sha256_generic.c, which is:
10 *
11 * Copyright (c) Jean-Luc Cooke <jlcooke@certainkey.com>
12 * Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk>
13 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
14 * SHA224 Support Copyright 2007 Intel Corporation <jonathan.lynch@intel.com>
15 */
16
17 #include <linux/mm.h>
18 #include <crypto/sha2.h>
19 #include <linux/init.h>
20 #include <linux/types.h>
21 #include <linux/module.h>
22 #include <asm/byteorder.h>
23 #include <asm/octeon/octeon.h>
24 #include <crypto/internal/hash.h>
25
26 #include "octeon-crypto.h"
27
28 /*
29 * We pass everything as 64-bit. OCTEON can handle misaligned data.
30 */
31
32 static void octeon_sha256_store_hash(struct sha256_state *sctx)
33 {
34 u64 *hash = (u64 *)sctx->state;
35
36 write_octeon_64bit_hash_dword(hash[0], 0);
37 write_octeon_64bit_hash_dword(hash[1], 1);
38 write_octeon_64bit_hash_dword(hash[2], 2);
39 write_octeon_64bit_hash_dword(hash[3], 3);
40 }
41
42 static void octeon_sha256_read_hash(struct sha256_state *sctx)
43 {
44 u64 *hash = (u64 *)sctx->state;
45
46 hash[0] = read_octeon_64bit_hash_dword(0);
47 hash[1] = read_octeon_64bit_hash_dword(1);
48 hash[2] = read_octeon_64bit_hash_dword(2);
49 hash[3] = read_octeon_64bit_hash_dword(3);
50 }
51
52 static void octeon_sha256_transform(const void *_block)
53 {
54 const u64 *block = _block;
55
56 write_octeon_64bit_block_dword(block[0], 0);
57 write_octeon_64bit_block_dword(block[1], 1);
58 write_octeon_64bit_block_dword(block[2], 2);
59 write_octeon_64bit_block_dword(block[3], 3);
60 write_octeon_64bit_block_dword(block[4], 4);
61 write_octeon_64bit_block_dword(block[5], 5);
62 write_octeon_64bit_block_dword(block[6], 6);
63 octeon_sha256_start(block[7]);
64 }
65
66 static int octeon_sha224_init(struct shash_desc *desc)
67 {
68 struct sha256_state *sctx = shash_desc_ctx(desc);
69
70 sctx->state[0] = SHA224_H0;
71 sctx->state[1] = SHA224_H1;
72 sctx->state[2] = SHA224_H2;
73 sctx->state[3] = SHA224_H3;
74 sctx->state[4] = SHA224_H4;
75 sctx->state[5] = SHA224_H5;
76 sctx->state[6] = SHA224_H6;
77 sctx->state[7] = SHA224_H7;
78 sctx->count = 0;
79
80 return 0;
81 }
82
83 static int octeon_sha256_init(struct shash_desc *desc)
84 {
85 struct sha256_state *sctx = shash_desc_ctx(desc);
86
87 sctx->state[0] = SHA256_H0;
88 sctx->state[1] = SHA256_H1;
89 sctx->state[2] = SHA256_H2;
90 sctx->state[3] = SHA256_H3;
91 sctx->state[4] = SHA256_H4;
92 sctx->state[5] = SHA256_H5;
93 sctx->state[6] = SHA256_H6;
94 sctx->state[7] = SHA256_H7;
95 sctx->count = 0;
96
97 return 0;
98 }
99
100 static void __octeon_sha256_update(struct sha256_state *sctx, const u8 *data,
101 unsigned int len)
102 {
103 unsigned int partial;
104 unsigned int done;
105 const u8 *src;
106
107 partial = sctx->count % SHA256_BLOCK_SIZE;
108 sctx->count += len;
109 done = 0;
110 src = data;
111
112 if ((partial + len) >= SHA256_BLOCK_SIZE) {
113 if (partial) {
114 done = -partial;
115 memcpy(sctx->buf + partial, data,
116 done + SHA256_BLOCK_SIZE);
117 src = sctx->buf;
118 }
119
120 do {
121 octeon_sha256_transform(src);
122 done += SHA256_BLOCK_SIZE;
123 src = data + done;
124 } while (done + SHA256_BLOCK_SIZE <= len);
125
126 partial = 0;
127 }
128 memcpy(sctx->buf + partial, src, len - done);
129 }
130
131 static int octeon_sha256_update(struct shash_desc *desc, const u8 *data,
132 unsigned int len)
133 {
134 struct sha256_state *sctx = shash_desc_ctx(desc);
135 struct octeon_cop2_state state;
136 unsigned long flags;
137
138 /*
139 * Small updates never reach the crypto engine, so the generic sha256 is
140 * faster because of the heavyweight octeon_crypto_enable() /
141 * octeon_crypto_disable().
142 */
143 if ((sctx->count % SHA256_BLOCK_SIZE) + len < SHA256_BLOCK_SIZE)
144 return crypto_sha256_update(desc, data, len);
145
146 flags = octeon_crypto_enable(&state);
147 octeon_sha256_store_hash(sctx);
148
149 __octeon_sha256_update(sctx, data, len);
150
151 octeon_sha256_read_hash(sctx);
152 octeon_crypto_disable(&state, flags);
153
154 return 0;
155 }
156
157 static int octeon_sha256_final(struct shash_desc *desc, u8 *out)
158 {
159 struct sha256_state *sctx = shash_desc_ctx(desc);
160 static const u8 padding[64] = { 0x80, };
161 struct octeon_cop2_state state;
162 __be32 *dst = (__be32 *)out;
163 unsigned int pad_len;
164 unsigned long flags;
165 unsigned int index;
166 __be64 bits;
167 int i;
168
169 /* Save number of bits. */
170 bits = cpu_to_be64(sctx->count << 3);
171
172 /* Pad out to 56 mod 64. */
173 index = sctx->count & 0x3f;
174 pad_len = (index < 56) ? (56 - index) : ((64+56) - index);
175
176 flags = octeon_crypto_enable(&state);
177 octeon_sha256_store_hash(sctx);
178
179 __octeon_sha256_update(sctx, padding, pad_len);
180
181 /* Append length (before padding). */
182 __octeon_sha256_update(sctx, (const u8 *)&bits, sizeof(bits));
183
184 octeon_sha256_read_hash(sctx);
185 octeon_crypto_disable(&state, flags);
186
187 /* Store state in digest */
188 for (i = 0; i < 8; i++)
189 dst[i] = cpu_to_be32(sctx->state[i]);
190
191 /* Zeroize sensitive information. */
192 memset(sctx, 0, sizeof(*sctx));
193
194 return 0;
195 }
196
197 static int octeon_sha224_final(struct shash_desc *desc, u8 *hash)
198 {
199 u8 D[SHA256_DIGEST_SIZE];
200
201 octeon_sha256_final(desc, D);
202
203 memcpy(hash, D, SHA224_DIGEST_SIZE);
204 memzero_explicit(D, SHA256_DIGEST_SIZE);
205
206 return 0;
207 }
208
209 static int octeon_sha256_export(struct shash_desc *desc, void *out)
210 {
211 struct sha256_state *sctx = shash_desc_ctx(desc);
212
213 memcpy(out, sctx, sizeof(*sctx));
214 return 0;
215 }
216
217 static int octeon_sha256_import(struct shash_desc *desc, const void *in)
218 {
219 struct sha256_state *sctx = shash_desc_ctx(desc);
220
221 memcpy(sctx, in, sizeof(*sctx));
222 return 0;
223 }
224
225 static struct shash_alg octeon_sha256_algs[2] = { {
226 .digestsize = SHA256_DIGEST_SIZE,
227 .init = octeon_sha256_init,
228 .update = octeon_sha256_update,
229 .final = octeon_sha256_final,
230 .export = octeon_sha256_export,
231 .import = octeon_sha256_import,
232 .descsize = sizeof(struct sha256_state),
233 .statesize = sizeof(struct sha256_state),
234 .base = {
235 .cra_name = "sha256",
236 .cra_driver_name= "octeon-sha256",
237 .cra_priority = OCTEON_CR_OPCODE_PRIORITY,
238 .cra_blocksize = SHA256_BLOCK_SIZE,
239 .cra_module = THIS_MODULE,
240 }
241 }, {
242 .digestsize = SHA224_DIGEST_SIZE,
243 .init = octeon_sha224_init,
244 .update = octeon_sha256_update,
245 .final = octeon_sha224_final,
246 .descsize = sizeof(struct sha256_state),
247 .base = {
248 .cra_name = "sha224",
249 .cra_driver_name= "octeon-sha224",
250 .cra_blocksize = SHA224_BLOCK_SIZE,
251 .cra_module = THIS_MODULE,
252 }
253 } };
254
255 static int __init octeon_sha256_mod_init(void)
256 {
257 if (!octeon_has_crypto())
258 return -ENOTSUPP;
259 return crypto_register_shashes(octeon_sha256_algs,
260 ARRAY_SIZE(octeon_sha256_algs));
261 }
262
263 static void __exit octeon_sha256_mod_fini(void)
264 {
265 crypto_unregister_shashes(octeon_sha256_algs,
266 ARRAY_SIZE(octeon_sha256_algs));
267 }
268
269 module_init(octeon_sha256_mod_init);
270 module_exit(octeon_sha256_mod_fini);
271
272 MODULE_LICENSE("GPL");
273 MODULE_DESCRIPTION("SHA-224 and SHA-256 Secure Hash Algorithm (OCTEON)");
274 MODULE_AUTHOR("Aaro Koskinen <aaro.koskinen@iki.fi>");
Linux with added FPC-III support