@@ -1,6 +1,7 @@
/*
* QEMU Crypto af_alg-backend hash/hmac support
*
+ * Copyright (c) 2024 Seagate Technology LLC and/or its Affiliates
* Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
*
* Authors:
@@ -113,74 +114,116 @@ qcrypto_afalg_hmac_ctx_new(QCryptoHashAlgorithm alg,
return qcrypto_afalg_hash_hmac_ctx_new(alg, key, nkey, true, errp);
}
-static int
-qcrypto_afalg_hash_hmac_bytesv(QCryptoAFAlg *hmac,
- QCryptoHashAlgorithm alg,
- const struct iovec *iov,
- size_t niov, uint8_t **result,
- size_t *resultlen,
- Error **errp)
+static
+QCryptoHash *qcrypto_afalg_hash_new(QCryptoHashAlgorithm alg, Error **errp)
{
- QCryptoAFAlg *afalg;
- struct iovec outv;
- int ret = 0;
- bool is_hmac = (hmac != NULL) ? true : false;
- const int expect_len = qcrypto_hash_digest_len(alg);
+ /* Check if hash algorithm is supported */
+ char *alg_name = qcrypto_afalg_hash_format_name(alg, false, NULL);
+ QCryptoHash *hash = NULL;
- if (*resultlen == 0) {
- *resultlen = expect_len;
- *result = g_new0(uint8_t, *resultlen);
- } else if (*resultlen != expect_len) {
+ if (alg_name == NULL) {
error_setg(errp,
- "Result buffer size %zu is not match hash %d",
- *resultlen, expect_len);
- return -1;
+ "Unknown hash algorithm %d",
+ alg);
+ } else {
+ hash = g_new(QCryptoHash, 1);
+ hash->alg = alg;
+ hash->opaque = qcrypto_afalg_hash_ctx_new(alg, errp);
}
- if (is_hmac) {
- afalg = hmac;
- } else {
- afalg = qcrypto_afalg_hash_ctx_new(alg, errp);
- if (!afalg) {
- return -1;
- }
+ return hash;
+}
+
+static
+int qcrypto_afalg_hash_free(QCryptoHash *hash)
+{
+ QCryptoAFAlg *ctx = hash->opaque;
+
+ if (ctx) {
+ qcrypto_afalg_comm_free(ctx);
}
+ g_free(hash);
+
+ return 0;
+}
+
+static
+int qcrypto_afalg_send_to_kernel(QCryptoAFAlg *afalg,
+ const struct iovec *iov,
+ size_t niov,
+ Error **errp)
+{
+ int ret = 0;
+
/* send data to kernel's crypto core */
ret = iov_send_recv(afalg->opfd, iov, niov,
0, iov_size(iov, niov), true);
if (ret < 0) {
error_setg_errno(errp, errno, "Send data to afalg-core failed");
- goto out;
- }
-
- /* hash && get result */
- outv.iov_base = *result;
- outv.iov_len = *resultlen;
- ret = iov_send_recv(afalg->opfd, &outv, 1,
- 0, iov_size(&outv, 1), false);
- if (ret < 0) {
- error_setg_errno(errp, errno, "Recv result from afalg-core failed");
} else {
+ /* No error, so return 0 */
ret = 0;
}
-out:
- if (!is_hmac) {
- qcrypto_afalg_comm_free(afalg);
+ return ret;
+}
+
+static
+int qcrypto_afalg_recv_from_kernel(QCryptoAFAlg *afalg,
+ QCryptoHashAlgorithm alg,
+ uint8_t **result,
+ size_t *result_len,
+ Error **errp)
+{
+ struct iovec outv;
+ int ret = 0;
+ const int expected_len = qcrypto_hash_digest_len(alg);
+
+ if (*result_len == 0) {
+ *result_len = expected_len;
+ *result = g_new0(uint8_t, *result_len);
+ } else if (*result_len != expected_len) {
+ error_setg(errp,
+ "Result buffer size %zu is not match hash %d",
+ *result_len, expected_len);
+ ret = -1;
+ }
+
+ if (ret == 0) {
+ /* hash && get result */
+ outv.iov_base = *result;
+ outv.iov_len = *result_len;
+ ret = iov_send_recv(afalg->opfd, &outv, 1,
+ 0, iov_size(&outv, 1), false);
+ if (ret < 0) {
+ error_setg_errno(errp, errno, "Recv result from afalg-core failed");
+ } else {
+ ret = 0;
+ }
}
+
return ret;
}
-static int
-qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
- const struct iovec *iov,
- size_t niov, uint8_t **result,
- size_t *resultlen,
- Error **errp)
+static
+int qcrypto_afalg_hash_update(QCryptoHash *hash,
+ const struct iovec *iov,
+ size_t niov,
+ Error **errp)
+{
+ return qcrypto_afalg_send_to_kernel((QCryptoAFAlg *) hash->opaque,
+ iov, niov, errp);
+}
+
+static
+int qcrypto_afalg_hash_finalize(QCryptoHash *hash,
+ uint8_t **result,
+ size_t *result_len,
+ Error **errp)
{
- return qcrypto_afalg_hash_hmac_bytesv(NULL, alg, iov, niov, result,
- resultlen, errp);
+ return qcrypto_afalg_recv_from_kernel((QCryptoAFAlg *) hash->opaque,
+ hash->alg, result, result_len, errp);
}
static int
@@ -190,9 +233,16 @@ qcrypto_afalg_hmac_bytesv(QCryptoHmac *hmac,
size_t *resultlen,
Error **errp)
{
- return qcrypto_afalg_hash_hmac_bytesv(hmac->opaque, hmac->alg,
- iov, niov, result, resultlen,
- errp);
+ int ret;
+
+ ret = qcrypto_afalg_send_to_kernel(hmac->opaque, iov, niov, errp);
+
+ if (ret == 0) {
+ ret = qcrypto_afalg_recv_from_kernel(hmac->opaque, hmac->alg, result,
+ resultlen, errp);
+ }
+
+ return ret;
}
static void qcrypto_afalg_hmac_ctx_free(QCryptoHmac *hmac)
@@ -204,7 +253,10 @@ static void qcrypto_afalg_hmac_ctx_free(QCryptoHmac *hmac)
}
QCryptoHashDriver qcrypto_hash_afalg_driver = {
- .hash_bytesv = qcrypto_afalg_hash_bytesv,
+ .hash_new = qcrypto_afalg_hash_new,
+ .hash_free = qcrypto_afalg_hash_free,
+ .hash_update = qcrypto_afalg_hash_update,
+ .hash_finalize = qcrypto_afalg_hash_finalize
};
QCryptoHmacDriver qcrypto_hmac_afalg_driver = {
Updates the AFAlg hash driver to support the new accumulative hashing changes as part of the patch series. Implements opening/closing of contexts, updating hash data and finalizing the hash digest. Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com> --- crypto/hash-afalg.c | 154 +++++++++++++++++++++++++++++--------------- 1 file changed, 103 insertions(+), 51 deletions(-)