cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

blake2s.h (2681B)

      1/* SPDX-License-Identifier: GPL-2.0 OR MIT */
      2/*
      3 * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
      4 */
      5
      6#ifndef _CRYPTO_BLAKE2S_H
      7#define _CRYPTO_BLAKE2S_H
      8
      9#include <linux/bug.h>
     10#include <linux/kconfig.h>
     11#include <linux/types.h>
     12#include <linux/string.h>
     13
     14enum blake2s_lengths {
     15	BLAKE2S_BLOCK_SIZE = 64,
     16	BLAKE2S_HASH_SIZE = 32,
     17	BLAKE2S_KEY_SIZE = 32,
     18
     19	BLAKE2S_128_HASH_SIZE = 16,
     20	BLAKE2S_160_HASH_SIZE = 20,
     21	BLAKE2S_224_HASH_SIZE = 28,
     22	BLAKE2S_256_HASH_SIZE = 32,
     23};
     24
     25struct blake2s_state {
     26	/* 'h', 't', and 'f' are used in assembly code, so keep them as-is. */
     27	u32 h[8];
     28	u32 t[2];
     29	u32 f[2];
     30	u8 buf[BLAKE2S_BLOCK_SIZE];
     31	unsigned int buflen;
     32	unsigned int outlen;
     33};
     34
     35enum blake2s_iv {
     36	BLAKE2S_IV0 = 0x6A09E667UL,
     37	BLAKE2S_IV1 = 0xBB67AE85UL,
     38	BLAKE2S_IV2 = 0x3C6EF372UL,
     39	BLAKE2S_IV3 = 0xA54FF53AUL,
     40	BLAKE2S_IV4 = 0x510E527FUL,
     41	BLAKE2S_IV5 = 0x9B05688CUL,
     42	BLAKE2S_IV6 = 0x1F83D9ABUL,
     43	BLAKE2S_IV7 = 0x5BE0CD19UL,
     44};
     45
     46static inline void __blake2s_init(struct blake2s_state *state, size_t outlen,
     47				  const void *key, size_t keylen)
     48{
     49	state->h[0] = BLAKE2S_IV0 ^ (0x01010000 | keylen << 8 | outlen);
     50	state->h[1] = BLAKE2S_IV1;
     51	state->h[2] = BLAKE2S_IV2;
     52	state->h[3] = BLAKE2S_IV3;
     53	state->h[4] = BLAKE2S_IV4;
     54	state->h[5] = BLAKE2S_IV5;
     55	state->h[6] = BLAKE2S_IV6;
     56	state->h[7] = BLAKE2S_IV7;
     57	state->t[0] = 0;
     58	state->t[1] = 0;
     59	state->f[0] = 0;
     60	state->f[1] = 0;
     61	state->buflen = 0;
     62	state->outlen = outlen;
     63	if (keylen) {
     64		memcpy(state->buf, key, keylen);
     65		memset(&state->buf[keylen], 0, BLAKE2S_BLOCK_SIZE - keylen);
     66		state->buflen = BLAKE2S_BLOCK_SIZE;
     67	}
     68}
     69
     70static inline void blake2s_init(struct blake2s_state *state,
     71				const size_t outlen)
     72{
     73	__blake2s_init(state, outlen, NULL, 0);
     74}
     75
     76static inline void blake2s_init_key(struct blake2s_state *state,
     77				    const size_t outlen, const void *key,
     78				    const size_t keylen)
     79{
     80	WARN_ON(IS_ENABLED(DEBUG) && (!outlen || outlen > BLAKE2S_HASH_SIZE ||
     81		!key || !keylen || keylen > BLAKE2S_KEY_SIZE));
     82
     83	__blake2s_init(state, outlen, key, keylen);
     84}
     85
     86void blake2s_update(struct blake2s_state *state, const u8 *in, size_t inlen);
     87void blake2s_final(struct blake2s_state *state, u8 *out);
     88
     89static inline void blake2s(u8 *out, const u8 *in, const u8 *key,
     90			   const size_t outlen, const size_t inlen,
     91			   const size_t keylen)
     92{
     93	struct blake2s_state state;
     94
     95	WARN_ON(IS_ENABLED(DEBUG) && ((!in && inlen > 0) || !out || !outlen ||
     96		outlen > BLAKE2S_HASH_SIZE || keylen > BLAKE2S_KEY_SIZE ||
     97		(!key && keylen)));
     98
     99	__blake2s_init(&state, outlen, key, keylen);
    100	blake2s_update(&state, in, inlen);
    101	blake2s_final(&state, out);
    102}
    103
    104#endif /* _CRYPTO_BLAKE2S_H */