[deliverable/linux.git] / arch / s390 / crypto / sha1_s390.c

/*
 * Cryptographic API.
 *
 * s390 implementation of the SHA1 Secure Hash Algorithm.
 *
 * Derived from cryptoapi implementation, adapted for in-place
 * scatterlist interface.  Originally based on the public domain
 * implementation written by Steve Reid.
 *
 * s390 Version:
 *   Copyright (C) 2003 IBM Deutschland GmbH, IBM Corporation
 *   Author(s): Thomas Spatzier (tspat@de.ibm.com)
 *
 * Derived from "crypto/sha1.c"
 *   Copyright (c) Alan Smithee.
 *   Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk>
 *   Copyright (c) Jean-Francois Dive <jef@linuxbe.org>
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the Free
 * Software Foundation; either version 2 of the License, or (at your option)
 * any later version.
 *
 */
#include <linux/init.h>
#include <linux/module.h>
#include <linux/mm.h>
#include <linux/crypto.h>
#include <asm/scatterlist.h>
#include <asm/byteorder.h>
#include "crypt_s390.h"

#define SHA1_DIGEST_SIZE	20
#define SHA1_BLOCK_SIZE		64

struct crypt_s390_sha1_ctx {
	u64 count;
	u32 state[5];
	u32 buf_len;
	u8 buffer[2 * SHA1_BLOCK_SIZE];
};

static void sha1_init(struct crypto_tfm *tfm)
{
	struct crypt_s390_sha1_ctx *ctx = crypto_tfm_ctx(tfm);
	static const u32 initstate[5] = {
		0x67452301,
		0xEFCDAB89,
		0x98BADCFE,
		0x10325476,
		0xC3D2E1F0
	};

	ctx->count = 0;
	memcpy(ctx->state, &initstate, sizeof(initstate));
	ctx->buf_len = 0;
}

static void sha1_update(struct crypto_tfm *tfm, const u8 *data,
			unsigned int len)
{
	struct crypt_s390_sha1_ctx *sctx;
	long imd_len;

	sctx = crypto_tfm_ctx(tfm);
	sctx->count += len * 8; //message bit length

	//anything in buffer yet? -> must be completed
	if (sctx->buf_len && (sctx->buf_len + len) >= SHA1_BLOCK_SIZE) {
		//complete full block and hash
		memcpy(sctx->buffer + sctx->buf_len, data,
				SHA1_BLOCK_SIZE - sctx->buf_len);
		crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer,
				SHA1_BLOCK_SIZE);
		data += SHA1_BLOCK_SIZE - sctx->buf_len;
		len -= SHA1_BLOCK_SIZE - sctx->buf_len;
		sctx->buf_len = 0;
	}

	//rest of data contains full blocks?
	imd_len = len & ~0x3ful;
	if (imd_len){
		crypt_s390_kimd(KIMD_SHA_1, sctx->state, data, imd_len);
		data += imd_len;
		len -= imd_len;
	}
	//anything left? store in buffer
	if (len){
		memcpy(sctx->buffer + sctx->buf_len , data, len);
		sctx->buf_len += len;
	}
}


static void
pad_message(struct crypt_s390_sha1_ctx* sctx)
{
	int index;

	index = sctx->buf_len;
	sctx->buf_len = (sctx->buf_len < 56)?
		SHA1_BLOCK_SIZE:2 * SHA1_BLOCK_SIZE;
	//start pad with 1
	sctx->buffer[index] = 0x80;
	//pad with zeros
	index++;
	memset(sctx->buffer + index, 0x00, sctx->buf_len - index);
	//append length
	memcpy(sctx->buffer + sctx->buf_len - 8, &sctx->count,
			sizeof sctx->count);
}

/* Add padding and return the message digest. */
static void sha1_final(struct crypto_tfm *tfm, u8 *out)
{
	struct crypt_s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);

	//must perform manual padding
	pad_message(sctx);
	crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer, sctx->buf_len);
	//copy digest to out
	memcpy(out, sctx->state, SHA1_DIGEST_SIZE);
	/* Wipe context */
	memset(sctx, 0, sizeof *sctx);
}

static struct crypto_alg alg = {
	.cra_name	=	"sha1",
	.cra_driver_name =	"sha1-s390",
	.cra_priority	=	CRYPT_S390_PRIORITY,
	.cra_flags	=	CRYPTO_ALG_TYPE_DIGEST,
	.cra_blocksize	=	SHA1_BLOCK_SIZE,
	.cra_ctxsize	=	sizeof(struct crypt_s390_sha1_ctx),
	.cra_module	=	THIS_MODULE,
	.cra_list       =       LIST_HEAD_INIT(alg.cra_list),
	.cra_u		=	{ .digest = {
	.dia_digestsize	=	SHA1_DIGEST_SIZE,
	.dia_init   	= 	sha1_init,
	.dia_update 	=	sha1_update,
	.dia_final  	=	sha1_final } }
};

static int
init(void)
{
	int ret = -ENOSYS;

	if (crypt_s390_func_available(KIMD_SHA_1)){
		ret = crypto_register_alg(&alg);
		if (ret == 0){
			printk(KERN_INFO "crypt_s390: sha1_s390 loaded.\n");
		}
	}
	return ret;
}

static void __exit
fini(void)
{
	crypto_unregister_alg(&alg);
}

module_init(init);
module_exit(fini);

MODULE_ALIAS("sha1");

MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");
Commit	Line	Data
1da177e4 LT	1	/*
	2	* Cryptographic API.
	3	*
c1e26e1e	4	* s390 implementation of the SHA1 Secure Hash Algorithm.
1da177e4 LT	5	*
	6	* Derived from cryptoapi implementation, adapted for in-place
	7	* scatterlist interface. Originally based on the public domain
	8	* implementation written by Steve Reid.
	9	*
	10	* s390 Version:
	11	* Copyright (C) 2003 IBM Deutschland GmbH, IBM Corporation
	12	* Author(s): Thomas Spatzier (tspat@de.ibm.com)
	13	*
	14	* Derived from "crypto/sha1.c"
	15	* Copyright (c) Alan Smithee.
	16	* Copyright (c) Andrew McDonald <andrew@mcdonald.org.uk>
	17	* Copyright (c) Jean-Francois Dive <jef@linuxbe.org>
	18	*
	19	* This program is free software; you can redistribute it and/or modify it
	20	* under the terms of the GNU General Public License as published by the Free
	21	* Software Foundation; either version 2 of the License, or (at your option)
	22	* any later version.
	23	*
	24	*/
	25	#include <linux/init.h>
	26	#include <linux/module.h>
	27	#include <linux/mm.h>
	28	#include <linux/crypto.h>
	29	#include <asm/scatterlist.h>
	30	#include <asm/byteorder.h>
c1e26e1e	31	#include "crypt_s390.h"
1da177e4 LT	32
	33	#define SHA1_DIGEST_SIZE 20
	34	#define SHA1_BLOCK_SIZE 64
	35
c1e26e1e JG	36	struct crypt_s390_sha1_ctx {
	37	u64 count;
	38	u32 state[5];
1da177e4	39	u32 buf_len;
c1e26e1e	40	u8 buffer[2 * SHA1_BLOCK_SIZE];
1da177e4 LT	41	};
1da177e4 LT	42
6c2bb98b	43	static void sha1_init(struct crypto_tfm *tfm)
1da177e4	44	{
6c2bb98b	45	struct crypt_s390_sha1_ctx *ctx = crypto_tfm_ctx(tfm);
43600106 HX	46	static const u32 initstate[5] = {
	47	0x67452301,
	48	0xEFCDAB89,
	49	0x98BADCFE,
	50	0x10325476,
	51	0xC3D2E1F0
1da177e4	52	};
43600106 HX	53
	54	ctx->count = 0;
	55	memcpy(ctx->state, &initstate, sizeof(initstate));
	56	ctx->buf_len = 0;
1da177e4 LT	57	}
1da177e4 LT	58
6c2bb98b HX	59	static void sha1_update(struct crypto_tfm tfm, const u8 data,
6c2bb98b HX	60	unsigned int len)
1da177e4	61	{
c1e26e1e	62	struct crypt_s390_sha1_ctx *sctx;
1da177e4 LT	63	long imd_len;
1da177e4 LT	64
6c2bb98b	65	sctx = crypto_tfm_ctx(tfm);
1da177e4 LT	66	sctx->count += len * 8; //message bit length
	67
	68	//anything in buffer yet? -> must be completed
	69	if (sctx->buf_len && (sctx->buf_len + len) >= SHA1_BLOCK_SIZE) {
	70	//complete full block and hash
	71	memcpy(sctx->buffer + sctx->buf_len, data,
	72	SHA1_BLOCK_SIZE - sctx->buf_len);
c1e26e1e	73	crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer,
1da177e4 LT	74	SHA1_BLOCK_SIZE);
	75	data += SHA1_BLOCK_SIZE - sctx->buf_len;
	76	len -= SHA1_BLOCK_SIZE - sctx->buf_len;
	77	sctx->buf_len = 0;
	78	}
	79
	80	//rest of data contains full blocks?
	81	imd_len = len & ~0x3ful;
	82	if (imd_len){
c1e26e1e	83	crypt_s390_kimd(KIMD_SHA_1, sctx->state, data, imd_len);
1da177e4 LT	84	data += imd_len;
	85	len -= imd_len;
	86	}
	87	//anything left? store in buffer
	88	if (len){
	89	memcpy(sctx->buffer + sctx->buf_len , data, len);
	90	sctx->buf_len += len;
	91	}
	92	}
	93
	94
	95	static void
c1e26e1e	96	pad_message(struct crypt_s390_sha1_ctx* sctx)
1da177e4 LT	97	{
	98	int index;
	99
	100	index = sctx->buf_len;
	101	sctx->buf_len = (sctx->buf_len < 56)?
	102	SHA1_BLOCK_SIZE:2 * SHA1_BLOCK_SIZE;
	103	//start pad with 1
	104	sctx->buffer[index] = 0x80;
	105	//pad with zeros
	106	index++;
	107	memset(sctx->buffer + index, 0x00, sctx->buf_len - index);
	108	//append length
	109	memcpy(sctx->buffer + sctx->buf_len - 8, &sctx->count,
	110	sizeof sctx->count);
	111	}
	112
	113	/* Add padding and return the message digest. */
6c2bb98b	114	static void sha1_final(struct crypto_tfm tfm, u8 out)
1da177e4	115	{
6c2bb98b	116	struct crypt_s390_sha1_ctx *sctx = crypto_tfm_ctx(tfm);
1da177e4 LT	117
	118	//must perform manual padding
	119	pad_message(sctx);
c1e26e1e	120	crypt_s390_kimd(KIMD_SHA_1, sctx->state, sctx->buffer, sctx->buf_len);
1da177e4 LT	121	//copy digest to out
	122	memcpy(out, sctx->state, SHA1_DIGEST_SIZE);
	123	/* Wipe context */
	124	memset(sctx, 0, sizeof *sctx);
	125	}
	126
	127	static struct crypto_alg alg = {
	128	.cra_name = "sha1",
65b75c36 HX	129	.cra_driver_name = "sha1-s390",
65b75c36 HX	130	.cra_priority = CRYPT_S390_PRIORITY,
1da177e4 LT	131	.cra_flags = CRYPTO_ALG_TYPE_DIGEST,
1da177e4 LT	132	.cra_blocksize = SHA1_BLOCK_SIZE,
c1e26e1e	133	.cra_ctxsize = sizeof(struct crypt_s390_sha1_ctx),
1da177e4 LT	134	.cra_module = THIS_MODULE,
	135	.cra_list = LIST_HEAD_INIT(alg.cra_list),
	136	.cra_u = { .digest = {
	137	.dia_digestsize = SHA1_DIGEST_SIZE,
	138	.dia_init = sha1_init,
	139	.dia_update = sha1_update,
	140	.dia_final = sha1_final } }
	141	};
	142
	143	static int
	144	init(void)
	145	{
	146	int ret = -ENOSYS;
	147
c1e26e1e	148	if (crypt_s390_func_available(KIMD_SHA_1)){
1da177e4 LT	149	ret = crypto_register_alg(&alg);
1da177e4 LT	150	if (ret == 0){
c1e26e1e	151	printk(KERN_INFO "crypt_s390: sha1_s390 loaded.\n");
1da177e4 LT	152	}
	153	}
	154	return ret;
	155	}
	156
	157	static void __exit
	158	fini(void)
	159	{
	160	crypto_unregister_alg(&alg);
	161	}
	162
	163	module_init(init);
	164	module_exit(fini);
	165
	166	MODULE_ALIAS("sha1");
	167
	168	MODULE_LICENSE("GPL");
	169	MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");