From nobody Mon Feb 9 08:28:59 2026 Received: from CH5PR02CU005.outbound.protection.outlook.com (mail-northcentralusazon11012010.outbound.protection.outlook.com [40.107.200.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA35948BD4F; Wed, 21 Jan 2026 13:25:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.200.10 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769001952; cv=fail; b=oyheLg73+u6HuMetIvd1xd+/3Z1l/SA5GUhZOwSekEf9D/PJir/jveKevzt5zcWkDfhdSApzY0fSPcL+DMG9QybaYHYdS5hsS8eRHFFrU4urxX8suXfLSscLYFqi62z0as7J1BxuF/zwUGnS8UtTkVG7+ykU3nJCQi9JjaOIVzk= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769001952; c=relaxed/simple; bh=Bm57+KwBD3d/OVz7/PnZnp2Gz4hZx0G3sbWQBoUL45c=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=SV8f16VL/31Ne5tQsHC+PMonb5bFkGybfoNjwgVpnhVOwebdziQApORu605rONFn72Wk8NmTxKSBqzU3c16V6k7dts7dzCvhjIl1+W+nMGe4UzFf1hGklbtSRo4RY07SkKUzaj8YqvjVzJbiToYCkEk8JnxaJtvInieV0uPN33g= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=ti.com; spf=pass smtp.mailfrom=ti.com; dkim=pass (1024-bit key) header.d=ti.com header.i=@ti.com header.b=v8lqnbIb; arc=fail smtp.client-ip=40.107.200.10 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=ti.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=ti.com header.i=@ti.com header.b="v8lqnbIb" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=fb/qUkhpFNpaqeHMZ+ddGjj68rb86IEb0Hfp8Z+3DXPvzGEOEcJrjr11kKHn6IWNd9wm611S5FyhAf2Qzl6hHSJzXGDlPouwasDZ8sfa29gF6dhSdncXTyPBtrSIkxW/ENzkcx3NY9bhiwJiCHo5aJnQ2VBa0ynYOvwr5NsqrcOXdIHx7gMxFvcZFPSrTKCZcjULDu8p8n0ki5J7u1uWw/e3XpqZvd455krysbxPHAcDYzWHWWRffupxWHNukMijuZtfBMlI/5f6/rVOuvK6MGVcRQoE1yjBs9l1/tkgGiyf2XNCLMoYkeaPXjMT2Npz1CaBWeSBh31GXn1rIjmwLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2jw/d6xsHzx0Ru4x0UZjBfnn33pPvTqwqVxbtKBuE+k=; b=Ga/7BFF8PLc1RsWF4Zj0cX8RcYENWw24RLTf4cqw4pGjh54w5z9bC5p7M9dV5DUPuwjPQKPSsLF5lJKf+kwgesBGZBlSEDwKD8Cz3SNL3IoDnTawJRCeTcv838HJ9GQ+9sqN5tNID6KVeG/cnLGJ7G7cUzFE0yNR0zMvbTPjvhcrct7uatletceyCVWd/A6oYCjoNMxFYBRReRRZyzPLatXXA1X+joUzX5DkkRG3oKI0H3NhoGvB0Tq+93TRuhlA2QqNWVldF6jNpE1nQREBkKg+/c4g7mzlcBlAKD+Y0bxEaa3TkfD8Dnk+KZaff0Iibk6Z/ioBR0a/N5b8U0RZhA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 198.47.21.195) smtp.rcpttodomain=gondor.apana.org.au smtp.mailfrom=ti.com; dmarc=pass (p=quarantine sp=none pct=100) action=none header.from=ti.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2jw/d6xsHzx0Ru4x0UZjBfnn33pPvTqwqVxbtKBuE+k=; b=v8lqnbIbMV2bBCbzb3HbvoZGI+uYNTVAJxszRfYJjiP9ERljUaIIkM0n75wa8osZji/NaH+8YXVKYXMFpcfwBXu9h+H/sB64P+j8RY/OIvaraw4hzAEeBg1plKHGmIM5o12KhR2Vb2ruCGeiF4pi7M1aRL21qiJyaezfZbQsfv0= Received: from SN7P220CA0025.NAMP220.PROD.OUTLOOK.COM (2603:10b6:806:123::30) by IA1PR10MB6832.namprd10.prod.outlook.com (2603:10b6:208:424::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9542.9; Wed, 21 Jan 2026 13:25:44 +0000 Received: from SN1PEPF0002636A.namprd02.prod.outlook.com (2603:10b6:806:123:cafe::51) by SN7P220CA0025.outlook.office365.com (2603:10b6:806:123::30) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9542.9 via Frontend Transport; Wed, 21 Jan 2026 13:25:43 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 198.47.21.195) smtp.mailfrom=ti.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=ti.com; Received-SPF: Pass (protection.outlook.com: domain of ti.com designates 198.47.21.195 as permitted sender) receiver=protection.outlook.com; client-ip=198.47.21.195; helo=flwvzet201.ext.ti.com; pr=C Received: from flwvzet201.ext.ti.com (198.47.21.195) by SN1PEPF0002636A.mail.protection.outlook.com (10.167.241.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9542.4 via Frontend Transport; Wed, 21 Jan 2026 13:25:42 +0000 Received: from DFLE213.ent.ti.com (10.64.6.71) by flwvzet201.ext.ti.com (10.248.192.32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.20; Wed, 21 Jan 2026 07:24:49 -0600 Received: from DFLE200.ent.ti.com (10.64.6.58) by DFLE213.ent.ti.com (10.64.6.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.20; Wed, 21 Jan 2026 07:24:49 -0600 Received: from lelvem-mr05.itg.ti.com (10.180.75.9) by DFLE200.ent.ti.com (10.64.6.58) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.2562.20 via Frontend Transport; Wed, 21 Jan 2026 07:24:49 -0600 Received: from pratham-Workstation-PC (pratham-workstation-pc.dhcp.ti.com [10.24.69.191]) by lelvem-mr05.itg.ti.com (8.18.1/8.18.1) with ESMTP id 60LDOmoo3065906; Wed, 21 Jan 2026 07:24:48 -0600 From: T Pratham To: T Pratham , Herbert Xu , "David S. Miller" CC: Manorit Chawdhry , Kamlesh Gurudasani , Shiva Tripathi , Kavitha Malarvizhi , Vishal Mahaveer , Praneeth Bajjuri , , Subject: [PATCH v2 3/3] crypto: ti - Add support for HMAC in DTHEv2 Hashing Engine driver Date: Wed, 21 Jan 2026 18:54:07 +0530 Message-ID: <20260121132408.743777-4-t-pratham@ti.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260121132408.743777-1-t-pratham@ti.com> References: <20260121132408.743777-1-t-pratham@ti.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-C2ProcessedOrg: 333ef613-75bf-4e12-a4b1-8e3623f5dcea X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002636A:EE_|IA1PR10MB6832:EE_ X-MS-Office365-Filtering-Correlation-Id: 4a82ecb3-e3ec-45cd-3f1e-08de58f093e0 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|82310400026|36860700013|1800799024|7142099003; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?Xat2VAcHklFBdMvnh7LnmcU2JPVMs/YNBblVe7iZLeVG+vfXpYsv5Zm5DcBf?= =?us-ascii?Q?rJ5IDT//cQqlsTtfM8DBV3pVQ5MzwBfyx8bHWU+YIir16OpTRuIc+oTYyXS+?= =?us-ascii?Q?uEGgeQBANrjNSI4ilYHy3GWYF3dZlPBAS4iEQbKqz5hFWfC7VO4KOkR+Rdtp?= =?us-ascii?Q?FFm+stBh2SE8HYUtejEtN8+bsrQ4f9dMqPshjShF93AEO4az9iUpG0fubCa3?= =?us-ascii?Q?xZl1YDazMIa1cL5bfiyLa3SoB/g1VKEztiuzQ5/FnNgWnglkpMuaya2aWY4V?= =?us-ascii?Q?hERvLyQdX0SE+EW4D9YVTmhbMTggGYQW3tvX10Ka5X92Yg4p/MBAUm+F8u2A?= =?us-ascii?Q?9jfn3nREiI0twEfa1g7GFSzowZmG7UjRaRwM1WGlRxFugfc6szKwXBuMaFVe?= =?us-ascii?Q?6Y4Ng+e11L11Cg7c+shdIju+eY/RCjBYSy/tFA2MgBrL2w9xpCHihP+z4oaR?= =?us-ascii?Q?FbjtChypXaIBFe4aL5+zeDRkfwNCtdGCh2vFlw2RKp1IzzJ0cwM/tHGsYy62?= =?us-ascii?Q?iHUWYJokM8YtQEh70qIdxYbvuL3HpBcIOJ4XCsGZkrfILKWvc7OcA/5aJG4m?= =?us-ascii?Q?fpZKfVuczUbFX8DzoSLhe/IMQSOUZBBkvYhCwNP/nOQUaQO0HOLvPJVI0w58?= =?us-ascii?Q?o8t8Idv5+IHeeddiZ8sXwbM2LUwpxwQcxNkNdCBPgZCMs0g/lD9ghszLtTCI?= =?us-ascii?Q?xOeutwWGxC7y/PUuokLWm6UpHPqXgrQDIqFsVE/R1uop5xwUxVEEeHn0lMHj?= =?us-ascii?Q?7XGeW1tkWIY3gHUvqiCbJnZcjR8umGx3HZiqDBoP15G5Vmr95kUA+uox4jKJ?= =?us-ascii?Q?xQzNrakwKzq+746LzoYvvcvaert5sV/T+d5Z/QgIdhbrRiuvf8H9PRf8iEge?= =?us-ascii?Q?JuPbQCbRkLIHsSmmprHPKFuRK5a95xs03Q4HDtRaf38lFy8YCSY9q0+D6dFy?= =?us-ascii?Q?3zVfenzeIUIQUh8rLmu8Lr+ZMup6w827SixrDBNVzcUSo4RuztJCE5MwtpN1?= =?us-ascii?Q?jtNgrO1RKRnSdb2vjq/0INrUUXX2f1PN/iJszrkLZiy6hbMR8jOmD6PwpmQV?= =?us-ascii?Q?ccSwAb8kyoqBX6bRzU9DxFy0O8rC2DNfsdd0A0wj/kZdh2LVG3U3zJpusUkM?= =?us-ascii?Q?to1yMKsr6LetgQFYNImbiT/hFB/kKm37/LAor2W/fBaq0jwEmpsMcWNSbflA?= =?us-ascii?Q?FQRdgo+O8GCuRHjYEHTtukfw0twfaUp5LRAk8cPWwBuwJKoFhsODS5iEYqIM?= =?us-ascii?Q?VDLUyEraqFZow3OIXUn7nIfszJ+9txW7rsaqjlALkYTEEanscqMjOaXLBCUx?= =?us-ascii?Q?GZHwK2q6W/HferWkE1hUzBt3WwoC290GDo7n7DLE2eJDNOmyRA7i2nQuAH4t?= =?us-ascii?Q?kL+BJCuQMl021Xy75fihBu+NJd+obmWL4ne1JF8AqWqF4f7oy/Ld70/kjG+V?= =?us-ascii?Q?BMVVxb8HpHkNz6raYqGY0yGgdMs5ueVlVfVLOMM+F0GY9+uteEmPB5EUfrK+?= =?us-ascii?Q?QjdYQjKSLnmrZRphIk7qvkcpKT1fR7jl2JgV5eb34FkUwNH8QtV+uPpC7bGl?= =?us-ascii?Q?gx5RrL7dJBlqtAAR0nMsL+KS3kPvj9mFnuoHuc5BXsKUCuGROWlL12ymtC18?= =?us-ascii?Q?RITVkzSvrjkT9bVMOPL0kFZxHyk8V9VMjLct63m38DGF8VJfiW7QCJnSYHaN?= =?us-ascii?Q?EoW/Sg=3D=3D?= X-Forefront-Antispam-Report: CIP:198.47.21.195;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:flwvzet201.ext.ti.com;PTR:ErrorRetry;CAT:NONE;SFS:(13230040)(376014)(82310400026)(36860700013)(1800799024)(7142099003);DIR:OUT;SFP:1101; X-OriginatorOrg: ti.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Jan 2026 13:25:42.8762 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4a82ecb3-e3ec-45cd-3f1e-08de58f093e0 X-MS-Exchange-CrossTenant-Id: e5b49634-450b-4709-8abb-1e2b19b982b7 X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=e5b49634-450b-4709-8abb-1e2b19b982b7;Ip=[198.47.21.195];Helo=[flwvzet201.ext.ti.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002636A.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR10MB6832 Content-Type: text/plain; charset="utf-8" Add support for HMAC-SHA512/384/256/224 and HMAC-MD5 algorithms in the hashing engine of the DTHEv2 hardware cryptographic engine. Signed-off-by: T Pratham --- drivers/crypto/ti/Kconfig | 1 + drivers/crypto/ti/dthev2-common.h | 10 +- drivers/crypto/ti/dthev2-hash.c | 290 +++++++++++++++++++++++++++++- 3 files changed, 296 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/ti/Kconfig b/drivers/crypto/ti/Kconfig index 9c2aa50cfbfbe..68dccf92f5382 100644 --- a/drivers/crypto/ti/Kconfig +++ b/drivers/crypto/ti/Kconfig @@ -13,6 +13,7 @@ config CRYPTO_DEV_TI_DTHEV2 select CRYPTO_SHA256 select CRYPTO_SHA512 select CRYPTO_MD5 + select CRYPTO_HMAC select SG_SPLIT help This enables support for the TI DTHE V2 hw cryptography engine diff --git a/drivers/crypto/ti/dthev2-common.h b/drivers/crypto/ti/dthev2-c= ommon.h index c305eca26ce82..2027dda0b5bdb 100644 --- a/drivers/crypto/ti/dthev2-common.h +++ b/drivers/crypto/ti/dthev2-common.h @@ -31,9 +31,9 @@ #define DTHE_DMA_TIMEOUT_MS 2000 /* * Size of largest possible key (of all algorithms) to be stored in dthe_t= fm_ctx - * This is currently the keysize of XTS-AES-256 which is 512 bits (64 byte= s) + * This is currently the keysize of HMAC-SHA512 which is 1024 bits (128 by= tes) */ -#define DTHE_MAX_KEYSIZE (AES_MAX_KEY_SIZE * 2) +#define DTHE_MAX_KEYSIZE (SHA512_BLOCK_SIZE) =20 enum dthe_hash_alg_sel { DTHE_HASH_MD5 =3D 0, @@ -93,9 +93,9 @@ struct dthe_list { /** * struct dthe_tfm_ctx - Transform ctx struct containing ctx for all sub-c= omponents of DTHE V2 * @dev_data: Device data struct pointer - * @keylen: AES key length + * @keylen: Key length for algorithms that use a key * @authsize: Authentication size for modes with authentication - * @key: AES key + * @key: Buffer storing the key * @aes_mode: AES mode * @hash_mode: Hashing Engine mode * @phash_size: partial hash size of the hash algorithm selected @@ -135,6 +135,7 @@ struct dthe_aes_req_ctx { * @phash: buffer to store a partial hash from a previous operation * @digestcnt: stores the digest count from a previous operation; currentl= y hardware only provides * a single 32-bit value even for SHA384/512 + * @odigest: buffer to store the outer digest from a previous operation * @phash_available: flag indicating if a partial hash from a previous ope= ration is available * @flags: flags for internal use * @padding: padding buffer for handling unaligned data @@ -143,6 +144,7 @@ struct dthe_aes_req_ctx { struct dthe_hash_req_ctx { u32 phash[SHA512_DIGEST_SIZE / sizeof(u32)]; u64 digestcnt[2]; + u32 odigest[SHA512_DIGEST_SIZE / sizeof(u32)]; u8 phash_available; u8 flags; u8 padding[SHA512_BLOCK_SIZE]; diff --git a/drivers/crypto/ti/dthev2-hash.c b/drivers/crypto/ti/dthev2-has= h.c index e4efcad375bf9..ca4a0a724b4d9 100644 --- a/drivers/crypto/ti/dthev2-hash.c +++ b/drivers/crypto/ti/dthev2-hash.c @@ -23,6 +23,7 @@ /* Registers */ =20 #define DTHE_P_HASH_BASE 0x5000 +#define DTHE_P_HASH512_ODIGEST_A 0x0200 #define DTHE_P_HASH512_IDIGEST_A 0x0240 #define DTHE_P_HASH512_DIGEST_COUNT 0x0280 #define DTHE_P_HASH512_MODE 0x0284 @@ -45,6 +46,13 @@ =20 #define DTHE_HASH_MODE_USE_ALG_CONST BIT(3) #define DTHE_HASH_MODE_CLOSE_HASH BIT(4) +#define DTHE_HASH_MODE_HMAC_KEY_PROCESSING BIT(5) +#define DTHE_HASH_MODE_HMAC_OUTER_HASH BIT(7) + +/* Misc */ +#define DTHE_HMAC_SHA512_MAX_KEYSIZE (SHA512_BLOCK_SIZE) +#define DTHE_HMAC_SHA256_MAX_KEYSIZE (SHA256_BLOCK_SIZE) +#define DTHE_HMAC_MD5_MAX_KEYSIZE (MD5_BLOCK_SIZE) =20 enum dthe_hash_op { DTHE_HASH_OP_UPDATE =3D 0, @@ -74,6 +82,19 @@ static void dthe_hash_write_zero_message(enum dthe_hash_= alg_sel mode, void *dst) } } =20 +static int dthe_hmac_write_zero_message(struct ahash_request *req) +{ + HASH_FBREQ_ON_STACK(fbreq, req); + int ret; + + ahash_request_set_crypt(fbreq, req->src, req->result, + req->nbytes); + + ret =3D crypto_ahash_digest(fbreq); + HASH_REQUEST_ZERO(fbreq); + return ret; +} + static enum dthe_hash_alg_sel dthe_hash_get_hash_mode(struct crypto_ahash = *tfm) { unsigned int ds =3D crypto_ahash_digestsize(tfm); @@ -184,6 +205,7 @@ static int dthe_hash_dma_start(struct ahash_request *re= q, struct scatterlist *sr enum dma_data_direction src_dir =3D DMA_TO_DEVICE; u32 hash_mode; int ds =3D crypto_ahash_digestsize(tfm); + bool is_hmac =3D (ctx->keylen > 0); int ret =3D 0; u32 *dst; u32 dst_len; @@ -229,8 +251,11 @@ static int dthe_hash_dma_start(struct ahash_request *r= eq, struct scatterlist *sr =20 hash_mode =3D ctx->hash_mode; =20 - if (rctx->flags =3D=3D DTHE_HASH_OP_FINUP) + if (rctx->flags =3D=3D DTHE_HASH_OP_FINUP) { hash_mode |=3D DTHE_HASH_MODE_CLOSE_HASH; + if (is_hmac) + hash_mode |=3D DTHE_HASH_MODE_HMAC_OUTER_HASH; + } =20 if (rctx->phash_available) { for (int i =3D 0; i < ctx->phash_size / sizeof(u32); ++i) @@ -238,9 +263,28 @@ static int dthe_hash_dma_start(struct ahash_request *r= eq, struct scatterlist *sr sha_base_reg + DTHE_P_HASH512_IDIGEST_A + (DTHE_REG_SIZE * i)); + if (is_hmac) { + for (int i =3D 0; i < ctx->phash_size / sizeof(u32); ++i) + writel_relaxed(rctx->odigest[i], + sha_base_reg + + DTHE_P_HASH512_ODIGEST_A + + (DTHE_REG_SIZE * i)); + } =20 writel_relaxed(rctx->digestcnt[0], sha_base_reg + DTHE_P_HASH512_DIGEST_COUNT); + } else if (is_hmac) { + hash_mode |=3D DTHE_HASH_MODE_HMAC_KEY_PROCESSING; + + for (int i =3D 0; i < (ctx->keylen / 2) / sizeof(u32); ++i) + writel_relaxed(ctx->key[i], sha_base_reg + + DTHE_P_HASH512_ODIGEST_A + + (DTHE_REG_SIZE * i)); + for (int i =3D 0; i < (ctx->keylen / 2) / sizeof(u32); ++i) + writel_relaxed(ctx->key[i + (ctx->keylen / 2) / sizeof(u32)], + sha_base_reg + + DTHE_P_HASH512_IDIGEST_A + + (DTHE_REG_SIZE * i)); } else { hash_mode |=3D DTHE_HASH_MODE_USE_ALG_CONST; } @@ -275,6 +319,12 @@ static int dthe_hash_dma_start(struct ahash_request *r= eq, struct scatterlist *sr dst[i] =3D readl_relaxed(sha_base_reg + DTHE_P_HASH512_IDIGEST_A + (DTHE_REG_SIZE * i)); + if (is_hmac) { + for (int i =3D 0; i < dst_len; ++i) + rctx->odigest[i] =3D readl_relaxed(sha_base_reg + + DTHE_P_HASH512_ODIGEST_A + + (DTHE_REG_SIZE * i)); + } =20 rctx->digestcnt[0] =3D readl_relaxed(sha_base_reg + DTHE_P_HASH512_DIGEST= _COUNT); rctx->phash_available =3D 1; @@ -399,6 +449,10 @@ static int dthe_hash_final(struct ahash_request *req) return crypto_transfer_hash_request_to_engine(engine, req); } =20 + if (ctx->keylen > 0) + /* HMAC with zero-length message */ + return dthe_hmac_write_zero_message(req); + dthe_hash_write_zero_message(ctx->hash_mode, req->result); =20 return 0; @@ -432,6 +486,11 @@ static int dthe_hash_export(struct ahash_request *req,= void *out) if (ctx->phash_size >=3D SHA512_DIGEST_SIZE) put_unaligned(rctx->digestcnt[1], p.u64++); =20 + if (ctx->keylen > 0) { + memcpy(p.u8, rctx->odigest, ctx->phash_size); + p.u8 +=3D ctx->phash_size; + } + return 0; } =20 @@ -452,9 +511,68 @@ static int dthe_hash_import(struct ahash_request *req,= const void *in) rctx->digestcnt[1] =3D get_unaligned(p.u64++); rctx->phash_available =3D ((rctx->digestcnt[0]) ? 1 : 0); =20 + if (ctx->keylen > 0) { + memcpy(rctx->odigest, p.u8, ctx->phash_size); + p.u8 +=3D ctx->phash_size; + } + return 0; } =20 +static int dthe_hmac_setkey(struct crypto_ahash *tfm, const u8 *key, + unsigned int keylen) +{ + struct dthe_tfm_ctx *ctx =3D crypto_ahash_ctx(tfm); + struct crypto_ahash *fb =3D crypto_ahash_fb(tfm); + unsigned int max_keysize; + const char *hash_alg_name; + + memzero_explicit(ctx->key, sizeof(ctx->key)); + + switch (ctx->hash_mode) { + case DTHE_HASH_SHA512: + hash_alg_name =3D "sha512"; + max_keysize =3D DTHE_HMAC_SHA512_MAX_KEYSIZE; + break; + case DTHE_HASH_SHA384: + hash_alg_name =3D "sha384"; + max_keysize =3D DTHE_HMAC_SHA512_MAX_KEYSIZE; + break; + case DTHE_HASH_SHA256: + hash_alg_name =3D "sha256"; + max_keysize =3D DTHE_HMAC_SHA256_MAX_KEYSIZE; + break; + case DTHE_HASH_SHA224: + hash_alg_name =3D "sha224"; + max_keysize =3D DTHE_HMAC_SHA256_MAX_KEYSIZE; + break; + case DTHE_HASH_MD5: + hash_alg_name =3D "md5"; + max_keysize =3D DTHE_HMAC_MD5_MAX_KEYSIZE; + break; + default: + return -EINVAL; + } + + if (keylen > max_keysize) { + struct crypto_shash *ktfm =3D crypto_alloc_shash(hash_alg_name, 0, 0); + SHASH_DESC_ON_STACK(desc, ktfm); + int err; + + desc->tfm =3D ktfm; + err =3D crypto_shash_digest(desc, key, keylen, (u8 *)ctx->key); + crypto_free_shash(ktfm); + if (err) + return err; + } else { + memcpy(ctx->key, key, keylen); + } + + ctx->keylen =3D max_keysize; + + return crypto_ahash_setkey(fb, key, keylen); +} + static struct ahash_engine_alg hash_algs[] =3D { { .base.init_tfm =3D dthe_hash_init_tfm, @@ -621,6 +739,176 @@ static struct ahash_engine_alg hash_algs[] =3D { }, .op.do_one_request =3D dthe_hash_run, }, + { + .base.init_tfm =3D dthe_hash_init_tfm, + .base.init =3D dthe_hash_init, + .base.update =3D dthe_hash_update, + .base.final =3D dthe_hash_final, + .base.finup =3D dthe_hash_finup, + .base.digest =3D dthe_hash_digest, + .base.export =3D dthe_hash_export, + .base.import =3D dthe_hash_import, + .base.setkey =3D dthe_hmac_setkey, + .base.halg =3D { + .digestsize =3D SHA512_DIGEST_SIZE, + .statesize =3D sizeof(struct dthe_hash_req_ctx), + .base =3D { + .cra_name =3D "hmac(sha512)", + .cra_driver_name =3D "hmac-sha512-dthev2", + .cra_priority =3D 299, + .cra_flags =3D CRYPTO_ALG_TYPE_AHASH | + CRYPTO_ALG_ASYNC | + CRYPTO_ALG_NEED_FALLBACK | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ALLOCATES_MEMORY | + CRYPTO_AHASH_ALG_BLOCK_ONLY | + CRYPTO_AHASH_ALG_FINAL_NONZERO | + CRYPTO_AHASH_ALG_FINUP_MAX | + CRYPTO_AHASH_ALG_NO_EXPORT_CORE, + .cra_blocksize =3D SHA512_BLOCK_SIZE, + .cra_ctxsize =3D sizeof(struct dthe_tfm_ctx), + .cra_reqsize =3D sizeof(struct dthe_hash_req_ctx), + .cra_module =3D THIS_MODULE, + } + }, + .op.do_one_request =3D dthe_hash_run, + }, + { + .base.init_tfm =3D dthe_hash_init_tfm, + .base.init =3D dthe_hash_init, + .base.update =3D dthe_hash_update, + .base.final =3D dthe_hash_final, + .base.finup =3D dthe_hash_finup, + .base.digest =3D dthe_hash_digest, + .base.export =3D dthe_hash_export, + .base.import =3D dthe_hash_import, + .base.setkey =3D dthe_hmac_setkey, + .base.halg =3D { + .digestsize =3D SHA384_DIGEST_SIZE, + .statesize =3D sizeof(struct dthe_hash_req_ctx), + .base =3D { + .cra_name =3D "hmac(sha384)", + .cra_driver_name =3D "hmac-sha384-dthev2", + .cra_priority =3D 299, + .cra_flags =3D CRYPTO_ALG_TYPE_AHASH | + CRYPTO_ALG_ASYNC | + CRYPTO_ALG_NEED_FALLBACK | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ALLOCATES_MEMORY | + CRYPTO_AHASH_ALG_BLOCK_ONLY | + CRYPTO_AHASH_ALG_FINAL_NONZERO | + CRYPTO_AHASH_ALG_FINUP_MAX | + CRYPTO_AHASH_ALG_NO_EXPORT_CORE, + .cra_blocksize =3D SHA384_BLOCK_SIZE, + .cra_ctxsize =3D sizeof(struct dthe_tfm_ctx), + .cra_reqsize =3D sizeof(struct dthe_hash_req_ctx), + .cra_module =3D THIS_MODULE, + } + }, + .op.do_one_request =3D dthe_hash_run, + }, + { + .base.init_tfm =3D dthe_hash_init_tfm, + .base.init =3D dthe_hash_init, + .base.update =3D dthe_hash_update, + .base.final =3D dthe_hash_final, + .base.finup =3D dthe_hash_finup, + .base.digest =3D dthe_hash_digest, + .base.export =3D dthe_hash_export, + .base.import =3D dthe_hash_import, + .base.setkey =3D dthe_hmac_setkey, + .base.halg =3D { + .digestsize =3D SHA256_DIGEST_SIZE, + .statesize =3D sizeof(struct dthe_hash_req_ctx), + .base =3D { + .cra_name =3D "hmac(sha256)", + .cra_driver_name =3D "hmac-sha256-dthev2", + .cra_priority =3D 299, + .cra_flags =3D CRYPTO_ALG_TYPE_AHASH | + CRYPTO_ALG_ASYNC | + CRYPTO_ALG_NEED_FALLBACK | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ALLOCATES_MEMORY | + CRYPTO_AHASH_ALG_BLOCK_ONLY | + CRYPTO_AHASH_ALG_FINAL_NONZERO | + CRYPTO_AHASH_ALG_FINUP_MAX | + CRYPTO_AHASH_ALG_NO_EXPORT_CORE, + .cra_blocksize =3D SHA256_BLOCK_SIZE, + .cra_ctxsize =3D sizeof(struct dthe_tfm_ctx), + .cra_reqsize =3D sizeof(struct dthe_hash_req_ctx), + .cra_module =3D THIS_MODULE, + } + }, + .op.do_one_request =3D dthe_hash_run, + }, + { + .base.init_tfm =3D dthe_hash_init_tfm, + .base.init =3D dthe_hash_init, + .base.update =3D dthe_hash_update, + .base.final =3D dthe_hash_final, + .base.finup =3D dthe_hash_finup, + .base.digest =3D dthe_hash_digest, + .base.export =3D dthe_hash_export, + .base.import =3D dthe_hash_import, + .base.setkey =3D dthe_hmac_setkey, + .base.halg =3D { + .digestsize =3D SHA224_DIGEST_SIZE, + .statesize =3D sizeof(struct dthe_hash_req_ctx), + .base =3D { + .cra_name =3D "hmac(sha224)", + .cra_driver_name =3D "hmac-sha224-dthev2", + .cra_priority =3D 299, + .cra_flags =3D CRYPTO_ALG_TYPE_AHASH | + CRYPTO_ALG_ASYNC | + CRYPTO_ALG_NEED_FALLBACK | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ALLOCATES_MEMORY | + CRYPTO_AHASH_ALG_BLOCK_ONLY | + CRYPTO_AHASH_ALG_FINAL_NONZERO | + CRYPTO_AHASH_ALG_FINUP_MAX | + CRYPTO_AHASH_ALG_NO_EXPORT_CORE, + .cra_blocksize =3D SHA224_BLOCK_SIZE, + .cra_ctxsize =3D sizeof(struct dthe_tfm_ctx), + .cra_reqsize =3D sizeof(struct dthe_hash_req_ctx), + .cra_module =3D THIS_MODULE, + } + }, + .op.do_one_request =3D dthe_hash_run, + }, + { + .base.init_tfm =3D dthe_hash_init_tfm, + .base.init =3D dthe_hash_init, + .base.update =3D dthe_hash_update, + .base.final =3D dthe_hash_final, + .base.finup =3D dthe_hash_finup, + .base.digest =3D dthe_hash_digest, + .base.export =3D dthe_hash_export, + .base.import =3D dthe_hash_import, + .base.setkey =3D dthe_hmac_setkey, + .base.halg =3D { + .digestsize =3D MD5_DIGEST_SIZE, + .statesize =3D sizeof(struct dthe_hash_req_ctx), + .base =3D { + .cra_name =3D "hmac(md5)", + .cra_driver_name =3D "hmac-md5-dthev2", + .cra_priority =3D 299, + .cra_flags =3D CRYPTO_ALG_TYPE_AHASH | + CRYPTO_ALG_ASYNC | + CRYPTO_ALG_NEED_FALLBACK | + CRYPTO_ALG_KERN_DRIVER_ONLY | + CRYPTO_ALG_ALLOCATES_MEMORY | + CRYPTO_AHASH_ALG_BLOCK_ONLY | + CRYPTO_AHASH_ALG_FINAL_NONZERO | + CRYPTO_AHASH_ALG_FINUP_MAX | + CRYPTO_AHASH_ALG_NO_EXPORT_CORE, + .cra_blocksize =3D MD5_BLOCK_SIZE, + .cra_ctxsize =3D sizeof(struct dthe_tfm_ctx), + .cra_reqsize =3D sizeof(struct dthe_hash_req_ctx), + .cra_module =3D THIS_MODULE, + } + }, + .op.do_one_request =3D dthe_hash_run, + }, }; =20 int dthe_register_hash_algs(void) --=20 2.34.1