Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_LIB_SHA512 --source lib/crypto/sha512.c --header include/crypto/sha2.h
Signed-off-by: Vegard Nossum <vegard.nossum@xxxxxxxxxx>
---
crypto/fips140-api.c | 28 +++++++++++++++
include/crypto/sha2.h | 83 ++++++++++++++++++++++++++++---------------
lib/crypto/sha512.c | 76 +++++++++++++++++++--------------------
3 files changed, 120 insertions(+), 67 deletions(-)
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 3b1677049c55..13148a3d3519 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -88,3 +88,31 @@ DEFINE_CRYPTO_API_STUB(hmac_sha256_usingrawkey);
#endif
+/*
+ * lib/crypto/sha512.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_LIB_SHA512)
+
+#include <crypto/sha2.h>
+
+DEFINE_CRYPTO_API_STUB(__sha512_update);
+DEFINE_CRYPTO_API_STUB(__hmac_sha512_init);
+DEFINE_CRYPTO_API_STUB(sha384_init);
+DEFINE_CRYPTO_API_STUB(sha384_final);
+DEFINE_CRYPTO_API_STUB(sha384);
+DEFINE_CRYPTO_API_STUB(hmac_sha384_preparekey);
+DEFINE_CRYPTO_API_STUB(hmac_sha384_init_usingrawkey);
+DEFINE_CRYPTO_API_STUB(hmac_sha384_final);
+DEFINE_CRYPTO_API_STUB(hmac_sha384);
+DEFINE_CRYPTO_API_STUB(hmac_sha384_usingrawkey);
+DEFINE_CRYPTO_API_STUB(sha512_init);
+DEFINE_CRYPTO_API_STUB(sha512_final);
+DEFINE_CRYPTO_API_STUB(sha512);
+DEFINE_CRYPTO_API_STUB(hmac_sha512_preparekey);
+DEFINE_CRYPTO_API_STUB(hmac_sha512_init_usingrawkey);
+DEFINE_CRYPTO_API_STUB(hmac_sha512_final);
+DEFINE_CRYPTO_API_STUB(hmac_sha512);
+DEFINE_CRYPTO_API_STUB(hmac_sha512_usingrawkey);
+
+#endif
+
diff --git a/include/crypto/sha2.h b/include/crypto/sha2.h
index 9fafcd99e9ce..ce908568009a 100644
--- a/include/crypto/sha2.h
+++ b/include/crypto/sha2.h
@@ -535,7 +535,9 @@ struct __sha512_ctx {
u64 bytecount_hi;
u8 buf[SHA512_BLOCK_SIZE] __aligned(__alignof__(__be64));
};
-void __sha512_update(struct __sha512_ctx *ctx, const u8 *data, size_t len);
+DECLARE_CRYPTO_API(__sha512_update, void,
+ (struct __sha512_ctx *ctx, const u8 *data, size_t len),
+ (ctx, data, len));
/*
* HMAC key and message context structs, shared by HMAC-SHA384 and HMAC-SHA512.
@@ -550,8 +552,9 @@ struct __hmac_sha512_ctx {
struct __sha512_ctx sha_ctx;
struct sha512_block_state ostate;
};
-void __hmac_sha512_init(struct __hmac_sha512_ctx *ctx,
- const struct __hmac_sha512_key *key);
+DECLARE_CRYPTO_API(__hmac_sha512_init, void,
+ (struct __hmac_sha512_ctx *ctx, const struct __hmac_sha512_key *key),
+ (ctx, key));
/**
* struct sha384_ctx - Context for hashing a message with SHA-384
@@ -569,7 +572,9 @@ struct sha384_ctx {
*
* Context: Any context.
*/
-void sha384_init(struct sha384_ctx *ctx);
+DECLARE_CRYPTO_API(sha384_init, void,
+ (struct sha384_ctx *ctx),
+ (ctx));
/**
* sha384_update() - Update a SHA-384 context with message data
@@ -596,7 +601,9 @@ static inline void sha384_update(struct sha384_ctx *ctx,
*
* Context: Any context.
*/
-void sha384_final(struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha384_final, void,
+ (struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]),
+ (ctx, out));
/**
* sha384() - Compute SHA-384 message digest in one shot
@@ -606,7 +613,9 @@ void sha384_final(struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void sha384(const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha384, void,
+ (const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE]),
+ (data, len, out));
/**
* struct hmac_sha384_key - Prepared key for HMAC-SHA384
@@ -635,8 +644,9 @@ struct hmac_sha384_ctx {
*
* Context: Any context.
*/
-void hmac_sha384_preparekey(struct hmac_sha384_key *key,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha384_preparekey, void,
+ (struct hmac_sha384_key *key, const u8 *raw_key, size_t raw_key_len),
+ (key, raw_key, raw_key_len));
/**
* hmac_sha384_init() - Initialize an HMAC-SHA384 context for a new message
@@ -665,8 +675,9 @@ static inline void hmac_sha384_init(struct hmac_sha384_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha384_init_usingrawkey(struct hmac_sha384_ctx *ctx,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha384_init_usingrawkey, void,
+ (struct hmac_sha384_ctx *ctx, const u8 *raw_key, size_t raw_key_len),
+ (ctx, raw_key, raw_key_len));
/**
* hmac_sha384_update() - Update an HMAC-SHA384 context with message data
@@ -693,7 +704,9 @@ static inline void hmac_sha384_update(struct hmac_sha384_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha384_final(struct hmac_sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha384_final, void,
+ (struct hmac_sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]),
+ (ctx, out));
/**
* hmac_sha384() - Compute HMAC-SHA384 in one shot, using a prepared key
@@ -706,8 +719,9 @@ void hmac_sha384_final(struct hmac_sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void hmac_sha384(const struct hmac_sha384_key *key,
- const u8 *data, size_t data_len, u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha384, void,
+ (const struct hmac_sha384_key *key, const u8 *data, size_t data_len, u8 out[SHA384_DIGEST_SIZE]),
+ (key, data, data_len, out));
/**
* hmac_sha384_usingrawkey() - Compute HMAC-SHA384 in one shot, using a raw key
@@ -722,9 +736,9 @@ void hmac_sha384(const struct hmac_sha384_key *key,
*
* Context: Any context.
*/
-void hmac_sha384_usingrawkey(const u8 *raw_key, size_t raw_key_len,
- const u8 *data, size_t data_len,
- u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha384_usingrawkey, void,
+ (const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, u8 out[SHA384_DIGEST_SIZE]),
+ (raw_key, raw_key_len, data, data_len, out));
/**
* struct sha512_ctx - Context for hashing a message with SHA-512
@@ -742,7 +756,9 @@ struct sha512_ctx {
*
* Context: Any context.
*/
-void sha512_init(struct sha512_ctx *ctx);
+DECLARE_CRYPTO_API(sha512_init, void,
+ (struct sha512_ctx *ctx),
+ (ctx));
/**
* sha512_update() - Update a SHA-512 context with message data
@@ -769,7 +785,9 @@ static inline void sha512_update(struct sha512_ctx *ctx,
*
* Context: Any context.
*/
-void sha512_final(struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha512_final, void,
+ (struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]),
+ (ctx, out));
/**
* sha512() - Compute SHA-512 message digest in one shot
@@ -779,7 +797,9 @@ void sha512_final(struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void sha512(const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha512, void,
+ (const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE]),
+ (data, len, out));
/**
* struct hmac_sha512_key - Prepared key for HMAC-SHA512
@@ -808,8 +828,9 @@ struct hmac_sha512_ctx {
*
* Context: Any context.
*/
-void hmac_sha512_preparekey(struct hmac_sha512_key *key,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha512_preparekey, void,
+ (struct hmac_sha512_key *key, const u8 *raw_key, size_t raw_key_len),
+ (key, raw_key, raw_key_len));
/**
* hmac_sha512_init() - Initialize an HMAC-SHA512 context for a new message
@@ -838,8 +859,9 @@ static inline void hmac_sha512_init(struct hmac_sha512_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha512_init_usingrawkey(struct hmac_sha512_ctx *ctx,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha512_init_usingrawkey, void,
+ (struct hmac_sha512_ctx *ctx, const u8 *raw_key, size_t raw_key_len),
+ (ctx, raw_key, raw_key_len));
/**
* hmac_sha512_update() - Update an HMAC-SHA512 context with message data
@@ -866,7 +888,9 @@ static inline void hmac_sha512_update(struct hmac_sha512_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha512_final(struct hmac_sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha512_final, void,
+ (struct hmac_sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]),
+ (ctx, out));
/**
* hmac_sha512() - Compute HMAC-SHA512 in one shot, using a prepared key
@@ -879,8 +903,9 @@ void hmac_sha512_final(struct hmac_sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void hmac_sha512(const struct hmac_sha512_key *key,
- const u8 *data, size_t data_len, u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha512, void,
+ (const struct hmac_sha512_key *key, const u8 *data, size_t data_len, u8 out[SHA512_DIGEST_SIZE]),
+ (key, data, data_len, out));
/**
* hmac_sha512_usingrawkey() - Compute HMAC-SHA512 in one shot, using a raw key
@@ -895,8 +920,8 @@ void hmac_sha512(const struct hmac_sha512_key *key,
*
* Context: Any context.
*/
-void hmac_sha512_usingrawkey(const u8 *raw_key, size_t raw_key_len,
- const u8 *data, size_t data_len,
- u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha512_usingrawkey, void,
+ (const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, u8 out[SHA512_DIGEST_SIZE]),
+ (raw_key, raw_key_len, data, data_len, out));
#endif /* _CRYPTO_SHA2_H */
diff --git a/lib/crypto/sha512.c b/lib/crypto/sha512.c
index d8062188be98..9a170bf1a48c 100644
--- a/lib/crypto/sha512.c
+++ b/lib/crypto/sha512.c
@@ -147,19 +147,19 @@ static void __sha512_init(struct __sha512_ctx *ctx,
ctx->bytecount_hi = 0;
}
-void sha384_init(struct sha384_ctx *ctx)
+void CRYPTO_API(sha384_init)(struct sha384_ctx *ctx)
{
__sha512_init(&ctx->ctx, &sha384_iv, 0);
}
-EXPORT_SYMBOL_GPL(sha384_init);
+DEFINE_CRYPTO_API(sha384_init);
-void sha512_init(struct sha512_ctx *ctx)
+void CRYPTO_API(sha512_init)(struct sha512_ctx *ctx)
{
__sha512_init(&ctx->ctx, &sha512_iv, 0);
}
-EXPORT_SYMBOL_GPL(sha512_init);
+DEFINE_CRYPTO_API(sha512_init);
-void __sha512_update(struct __sha512_ctx *ctx, const u8 *data, size_t len)
+void CRYPTO_API(__sha512_update)(struct __sha512_ctx *ctx, const u8 *data, size_t len)
{
size_t partial = ctx->bytecount_lo % SHA512_BLOCK_SIZE;
@@ -191,7 +191,7 @@ void __sha512_update(struct __sha512_ctx *ctx, const u8 *data, size_t len)
if (len)
memcpy(&ctx->buf[partial], data, len);
}
-EXPORT_SYMBOL_GPL(__sha512_update);
+DEFINE_CRYPTO_API(__sha512_update);
static void __sha512_final(struct __sha512_ctx *ctx,
u8 *out, size_t digest_size)
@@ -215,21 +215,21 @@ static void __sha512_final(struct __sha512_ctx *ctx,
put_unaligned_be64(ctx->state.h[i / 8], out + i);
}
-void sha384_final(struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE])
+void CRYPTO_API(sha384_final)(struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE])
{
__sha512_final(&ctx->ctx, out, SHA384_DIGEST_SIZE);
memzero_explicit(ctx, sizeof(*ctx));
}
-EXPORT_SYMBOL_GPL(sha384_final);
+DEFINE_CRYPTO_API(sha384_final);
-void sha512_final(struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE])
+void CRYPTO_API(sha512_final)(struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE])
{
__sha512_final(&ctx->ctx, out, SHA512_DIGEST_SIZE);
memzero_explicit(ctx, sizeof(*ctx));
}
-EXPORT_SYMBOL_GPL(sha512_final);
+DEFINE_CRYPTO_API(sha512_final);
-void sha384(const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE])
+void CRYPTO_API(sha384)(const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE])
{
struct sha384_ctx ctx;
@@ -237,9 +237,9 @@ void sha384(const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE])
sha384_update(&ctx, data, len);
sha384_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(sha384);
+DEFINE_CRYPTO_API(sha384);
-void sha512(const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE])
+void CRYPTO_API(sha512)(const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE])
{
struct sha512_ctx ctx;
@@ -247,7 +247,7 @@ void sha512(const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE])
sha512_update(&ctx, data, len);
sha512_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(sha512);
+DEFINE_CRYPTO_API(sha512);
static void __hmac_sha512_preparekey(struct sha512_block_state *istate,
struct sha512_block_state *ostate,
@@ -282,31 +282,31 @@ static void __hmac_sha512_preparekey(struct sha512_block_state *istate,
memzero_explicit(&derived_key, sizeof(derived_key));
}
-void hmac_sha384_preparekey(struct hmac_sha384_key *key,
+void CRYPTO_API(hmac_sha384_preparekey)(struct hmac_sha384_key *key,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha512_preparekey(&key->key.istate, &key->key.ostate,
raw_key, raw_key_len, &sha384_iv);
}
-EXPORT_SYMBOL_GPL(hmac_sha384_preparekey);
+DEFINE_CRYPTO_API(hmac_sha384_preparekey);
-void hmac_sha512_preparekey(struct hmac_sha512_key *key,
+void CRYPTO_API(hmac_sha512_preparekey)(struct hmac_sha512_key *key,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha512_preparekey(&key->key.istate, &key->key.ostate,
raw_key, raw_key_len, &sha512_iv);
}
-EXPORT_SYMBOL_GPL(hmac_sha512_preparekey);
+DEFINE_CRYPTO_API(hmac_sha512_preparekey);
-void __hmac_sha512_init(struct __hmac_sha512_ctx *ctx,
+void CRYPTO_API(__hmac_sha512_init)(struct __hmac_sha512_ctx *ctx,
const struct __hmac_sha512_key *key)
{
__sha512_init(&ctx->sha_ctx, &key->istate, SHA512_BLOCK_SIZE);
ctx->ostate = key->ostate;
}
-EXPORT_SYMBOL_GPL(__hmac_sha512_init);
+DEFINE_CRYPTO_API(__hmac_sha512_init);
-void hmac_sha384_init_usingrawkey(struct hmac_sha384_ctx *ctx,
+void CRYPTO_API(hmac_sha384_init_usingrawkey)(struct hmac_sha384_ctx *ctx,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha512_preparekey(&ctx->ctx.sha_ctx.state, &ctx->ctx.ostate,
@@ -314,9 +314,9 @@ void hmac_sha384_init_usingrawkey(struct hmac_sha384_ctx *ctx,
ctx->ctx.sha_ctx.bytecount_lo = SHA512_BLOCK_SIZE;
ctx->ctx.sha_ctx.bytecount_hi = 0;
}
-EXPORT_SYMBOL_GPL(hmac_sha384_init_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha384_init_usingrawkey);
-void hmac_sha512_init_usingrawkey(struct hmac_sha512_ctx *ctx,
+void CRYPTO_API(hmac_sha512_init_usingrawkey)(struct hmac_sha512_ctx *ctx,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha512_preparekey(&ctx->ctx.sha_ctx.state, &ctx->ctx.ostate,
@@ -324,7 +324,7 @@ void hmac_sha512_init_usingrawkey(struct hmac_sha512_ctx *ctx,
ctx->ctx.sha_ctx.bytecount_lo = SHA512_BLOCK_SIZE;
ctx->ctx.sha_ctx.bytecount_hi = 0;
}
-EXPORT_SYMBOL_GPL(hmac_sha512_init_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha512_init_usingrawkey);
static void __hmac_sha512_final(struct __hmac_sha512_ctx *ctx,
u8 *out, size_t digest_size)
@@ -345,21 +345,21 @@ static void __hmac_sha512_final(struct __hmac_sha512_ctx *ctx,
memzero_explicit(ctx, sizeof(*ctx));
}
-void hmac_sha384_final(struct hmac_sha384_ctx *ctx,
+void CRYPTO_API(hmac_sha384_final)(struct hmac_sha384_ctx *ctx,
u8 out[SHA384_DIGEST_SIZE])
{
__hmac_sha512_final(&ctx->ctx, out, SHA384_DIGEST_SIZE);
}
-EXPORT_SYMBOL_GPL(hmac_sha384_final);
+DEFINE_CRYPTO_API(hmac_sha384_final);
-void hmac_sha512_final(struct hmac_sha512_ctx *ctx,
+void CRYPTO_API(hmac_sha512_final)(struct hmac_sha512_ctx *ctx,
u8 out[SHA512_DIGEST_SIZE])
{
__hmac_sha512_final(&ctx->ctx, out, SHA512_DIGEST_SIZE);
}
-EXPORT_SYMBOL_GPL(hmac_sha512_final);
+DEFINE_CRYPTO_API(hmac_sha512_final);
-void hmac_sha384(const struct hmac_sha384_key *key,
+void CRYPTO_API(hmac_sha384)(const struct hmac_sha384_key *key,
const u8 *data, size_t data_len, u8 out[SHA384_DIGEST_SIZE])
{
struct hmac_sha384_ctx ctx;
@@ -368,9 +368,9 @@ void hmac_sha384(const struct hmac_sha384_key *key,
hmac_sha384_update(&ctx, data, data_len);
hmac_sha384_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha384);
+DEFINE_CRYPTO_API(hmac_sha384);
-void hmac_sha512(const struct hmac_sha512_key *key,
+void CRYPTO_API(hmac_sha512)(const struct hmac_sha512_key *key,
const u8 *data, size_t data_len, u8 out[SHA512_DIGEST_SIZE])
{
struct hmac_sha512_ctx ctx;
@@ -379,9 +379,9 @@ void hmac_sha512(const struct hmac_sha512_key *key,
hmac_sha512_update(&ctx, data, data_len);
hmac_sha512_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha512);
+DEFINE_CRYPTO_API(hmac_sha512);
-void hmac_sha384_usingrawkey(const u8 *raw_key, size_t raw_key_len,
+void CRYPTO_API(hmac_sha384_usingrawkey)(const u8 *raw_key, size_t raw_key_len,
const u8 *data, size_t data_len,
u8 out[SHA384_DIGEST_SIZE])
{
@@ -391,9 +391,9 @@ void hmac_sha384_usingrawkey(const u8 *raw_key, size_t raw_key_len,
hmac_sha384_update(&ctx, data, data_len);
hmac_sha384_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha384_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha384_usingrawkey);
-void hmac_sha512_usingrawkey(const u8 *raw_key, size_t raw_key_len,
+void CRYPTO_API(hmac_sha512_usingrawkey)(const u8 *raw_key, size_t raw_key_len,
const u8 *data, size_t data_len,
u8 out[SHA512_DIGEST_SIZE])
{
@@ -403,7 +403,7 @@ void hmac_sha512_usingrawkey(const u8 *raw_key, size_t raw_key_len,
hmac_sha512_update(&ctx, data, data_len);
hmac_sha512_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha512_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha512_usingrawkey);
#ifdef sha512_mod_init_arch
static int __init sha512_mod_init(void)
@@ -411,12 +411,12 @@ static int __init sha512_mod_init(void)
sha512_mod_init_arch();
return 0;
}
-subsys_initcall(sha512_mod_init);
+crypto_subsys_initcall(sha512_mod_init);
static void __exit sha512_mod_exit(void)
{
}
-module_exit(sha512_mod_exit);
+crypto_module_exit(sha512_mod_exit);
#endif
MODULE_DESCRIPTION("SHA-384, SHA-512, HMAC-SHA384, and HMAC-SHA512 library functions");
--
2.39.3
