Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fdb0b246 authored by David Sterba's avatar David Sterba Committed by Alistair Delva
Browse files

UPSTREAM: crypto: blake2b - merge blake2 init to api callback 



The call chain from blake2b_init can be simplified because the param
block is effectively zeros, besides the key.

- blake2b_init0 zeroes state and sets IV
- blake2b_init sets up param block with defaults (key and some 1s)
- init with key, write it to the input buffer and recalculate state

So the compact way is to zero out the state and initialize index 0 of
the state directly with the non-zero values and the key.

Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>

(cherry picked from commit e374969565472824eba4669dea4a23ad2edb414f)
Bug: 178411248
Change-Id: I797e941bf90262f6cf334c100a91e5b90dc00a2c
Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
parent 75973ecd

crypto/blake2b_generic.c

+19 −84
Original line number Original line Diff line number Diff line
@@ -106,81 +106,6 @@ static void blake2b_increment_counter(struct blake2b_state *S, const u64 inc) 
	S->t[1] += (S->t[0] < inc);

	S->t[1] += (S->t[0] < inc);

}

}





static void blake2b_init0(struct blake2b_state *S)

{

	size_t i;



	memset(S, 0, sizeof(struct blake2b_state));



	for (i = 0; i < 8; ++i)

		S->h[i] = blake2b_IV[i];

}



/* init xors IV with input parameter block */

static void blake2b_init_param(struct blake2b_state *S,

			       const struct blake2b_param *P)

{

	const u8 *p = (const u8 *)(P);

	size_t i;



	blake2b_init0(S);



	/* IV XOR ParamBlock */

	for (i = 0; i < 8; ++i)

		S->h[i] ^= get_unaligned_le64(p + sizeof(S->h[i]) * i);



	S->outlen = P->digest_length;

}



static void blake2b_init(struct blake2b_state *S, size_t outlen)

{

	struct blake2b_param P;



	P.digest_length = (u8)outlen;

	P.key_length    = 0;

	P.fanout        = 1;

	P.depth         = 1;

	P.leaf_length   = 0;

	P.node_offset   = 0;

	P.xof_length    = 0;

	P.node_depth    = 0;

	P.inner_length  = 0;

	memset(P.reserved, 0, sizeof(P.reserved));

	memset(P.salt,     0, sizeof(P.salt));

	memset(P.personal, 0, sizeof(P.personal));

	blake2b_init_param(S, &P);

}



static void blake2b_init_key(struct blake2b_state *S, size_t outlen,

			     const void *key, size_t keylen)

{

	struct blake2b_param P;



	P.digest_length = (u8)outlen;

	P.key_length    = (u8)keylen;

	P.fanout        = 1;

	P.depth         = 1;

	P.leaf_length   = 0;

	P.node_offset   = 0;

	P.xof_length    = 0;

	P.node_depth    = 0;

	P.inner_length  = 0;

	memset(P.reserved, 0, sizeof(P.reserved));

	memset(P.salt,     0, sizeof(P.salt));

	memset(P.personal, 0, sizeof(P.personal));



	blake2b_init_param(S, &P);



	{

		u8 block[BLAKE2B_BLOCKBYTES];



		memset(block, 0, BLAKE2B_BLOCKBYTES);

		memcpy(block, key, keylen);

		blake2b_update(S, block, BLAKE2B_BLOCKBYTES);

		memzero_explicit(block, BLAKE2B_BLOCKBYTES);

	}

}



#define G(r,i,a,b,c,d)                                  \

#define G(r,i,a,b,c,d)                                  \

	do {                                            \

	do {                                            \

		a = a + b + m[blake2b_sigma[r][2*i+0]]; \

		a = a + b + m[blake2b_sigma[r][2*i+0]]; \
@@ -297,16 +222,26 @@ static int digest_setkey(struct crypto_shash *tfm, const u8 *key, 
	return 0;

	return 0;

}

}





static int digest_init(struct shash_desc *desc)

static int blake2b_init(struct shash_desc *desc)

{

{

	struct digest_tfm_ctx *mctx = crypto_shash_ctx(desc->tfm);

	struct digest_tfm_ctx *mctx = crypto_shash_ctx(desc->tfm);

	struct blake2b_state *state = shash_desc_ctx(desc);

	struct blake2b_state *state = shash_desc_ctx(desc);

	const int digestsize = crypto_shash_digestsize(desc->tfm);

	const int digestsize = crypto_shash_digestsize(desc->tfm);





	if (mctx->keylen == 0)

	memset(state, 0, sizeof(*state));

		blake2b_init(state, digestsize);

	memcpy(state->h, blake2b_IV, sizeof(state->h));

	else



		blake2b_init_key(state, digestsize, mctx->key, mctx->keylen);

	/* Parameter block is all zeros except index 0, no xor for 1..7 */

	state->h[0] ^= 0x01010000 | mctx->keylen << 8 | digestsize;



	if (mctx->keylen) {

		u8 block[BLAKE2B_BLOCKBYTES];



		memset(block, 0, BLAKE2B_BLOCKBYTES);

		memcpy(block, mctx->key, mctx->keylen);

		blake2b_update(state, block, BLAKE2B_BLOCKBYTES);

		memzero_explicit(block, BLAKE2B_BLOCKBYTES);

	}

	return 0;

	return 0;

}

}
@@ -350,7 +285,7 @@ static struct shash_alg blake2b_algs[] = { 
		.base.cra_module	= THIS_MODULE,

		.base.cra_module	= THIS_MODULE,

		.digestsize		= BLAKE2B_160_DIGEST_SIZE,

		.digestsize		= BLAKE2B_160_DIGEST_SIZE,

		.setkey			= digest_setkey,

		.setkey			= digest_setkey,

		.init			= digest_init,

		.init			= blake2b_init,

		.update			= digest_update,

		.update			= digest_update,

		.final			= blake2b_final,

		.final			= blake2b_final,

		.descsize		= sizeof(struct blake2b_state),

		.descsize		= sizeof(struct blake2b_state),
@@ -364,7 +299,7 @@ static struct shash_alg blake2b_algs[] = { 
		.base.cra_module	= THIS_MODULE,

		.base.cra_module	= THIS_MODULE,

		.digestsize		= BLAKE2B_256_DIGEST_SIZE,

		.digestsize		= BLAKE2B_256_DIGEST_SIZE,

		.setkey			= digest_setkey,

		.setkey			= digest_setkey,

		.init			= digest_init,

		.init			= blake2b_init,

		.update			= digest_update,

		.update			= digest_update,

		.final			= blake2b_final,

		.final			= blake2b_final,

		.descsize		= sizeof(struct blake2b_state),

		.descsize		= sizeof(struct blake2b_state),
@@ -378,7 +313,7 @@ static struct shash_alg blake2b_algs[] = { 
		.base.cra_module	= THIS_MODULE,

		.base.cra_module	= THIS_MODULE,

		.digestsize		= BLAKE2B_384_DIGEST_SIZE,

		.digestsize		= BLAKE2B_384_DIGEST_SIZE,

		.setkey			= digest_setkey,

		.setkey			= digest_setkey,

		.init			= digest_init,

		.init			= blake2b_init,

		.update			= digest_update,

		.update			= digest_update,

		.final			= blake2b_final,

		.final			= blake2b_final,

		.descsize		= sizeof(struct blake2b_state),

		.descsize		= sizeof(struct blake2b_state),
@@ -392,7 +327,7 @@ static struct shash_alg blake2b_algs[] = { 
		.base.cra_module	= THIS_MODULE,

		.base.cra_module	= THIS_MODULE,

		.digestsize		= BLAKE2B_512_DIGEST_SIZE,

		.digestsize		= BLAKE2B_512_DIGEST_SIZE,

		.setkey			= digest_setkey,

		.setkey			= digest_setkey,

		.init			= digest_init,

		.init			= blake2b_init,

		.update			= digest_update,

		.update			= digest_update,

		.final			= blake2b_final,

		.final			= blake2b_final,

		.descsize		= sizeof(struct blake2b_state),

		.descsize		= sizeof(struct blake2b_state),