aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorSamuel Neves <sneves@dei.uc.pt>2019-03-27 13:48:40 +0000
committerJason A. Donenfeld <Jason@zx2c4.com>2019-03-27 18:05:12 +0100
commit8d631659139903eb3a24860f4212cd11561d4006 (patch)
tree185ec9f0e61e19c77a33ca072b8b56dc2d286bfc
parentqemu: set framewarn 1280 for 64bit and 1024 for 32bit (diff)
downloadWireGuard-8d631659139903eb3a24860f4212cd11561d4006.tar.xz
WireGuard-8d631659139903eb3a24860f4212cd11561d4006.zip
blake2s: simplify
Signed-off-by: Samuel Neves <sneves@dei.uc.pt>
-rw-r--r--src/crypto/include/zinc/blake2s.h4
-rw-r--r--src/crypto/zinc/blake2s/blake2s.c48
2 files changed, 12 insertions, 40 deletions
diff --git a/src/crypto/include/zinc/blake2s.h b/src/crypto/include/zinc/blake2s.h
index 5f1a1aea..8035cee3 100644
--- a/src/crypto/include/zinc/blake2s.h
+++ b/src/crypto/include/zinc/blake2s.h
@@ -21,8 +21,8 @@ struct blake2s_state {
u32 t[2];
u32 f[2];
u8 buf[BLAKE2S_BLOCK_SIZE];
- size_t buflen;
- u8 last_node;
+ unsigned int buflen;
+ unsigned int outlen;
};
void blake2s_init(struct blake2s_state *state, const size_t outlen);
diff --git a/src/crypto/zinc/blake2s/blake2s.c b/src/crypto/zinc/blake2s/blake2s.c
index b881db03..5bf76e21 100644
--- a/src/crypto/zinc/blake2s/blake2s.c
+++ b/src/crypto/zinc/blake2s/blake2s.c
@@ -1,6 +1,5 @@
// SPDX-License-Identifier: GPL-2.0 OR MIT
/*
- * Copyright (C) 2012 Samuel Neves <sneves@dei.uc.pt>. All Rights Reserved.
* Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
*
* This is an implementation of the BLAKE2s hash and PRF functions.
@@ -20,23 +19,6 @@
#include <linux/bug.h>
#include <asm/unaligned.h>
-typedef union {
- struct {
- u8 digest_length;
- u8 key_length;
- u8 fanout;
- u8 depth;
- u32 leaf_length;
- u32 node_offset;
- u16 xof_length;
- u8 node_depth;
- u8 inner_length;
- u8 salt[8];
- u8 personal[8];
- };
- __le32 words[8];
-} __packed blake2s_param;
-
static const u32 blake2s_iv[8] = {
0x6A09E667UL, 0xBB67AE85UL, 0x3C6EF372UL, 0xA54FF53AUL,
0x510E527FUL, 0x9B05688CUL, 0x1F83D9ABUL, 0x5BE0CD19UL
@@ -57,8 +39,6 @@ static const u8 blake2s_sigma[10][16] = {
static inline void blake2s_set_lastblock(struct blake2s_state *state)
{
- if (state->last_node)
- state->f[1] = -1;
state->f[0] = -1;
}
@@ -70,40 +50,33 @@ static inline void blake2s_increment_counter(struct blake2s_state *state,
}
static inline void blake2s_init_param(struct blake2s_state *state,
- const blake2s_param *param)
+ const u32 param)
{
int i;
memset(state, 0, sizeof(*state));
for (i = 0; i < 8; ++i)
- state->h[i] = blake2s_iv[i] ^ le32_to_cpu(param->words[i]);
+ state->h[i] = blake2s_iv[i];
+ state->h[0] ^= param;
}
void blake2s_init(struct blake2s_state *state, const size_t outlen)
{
- blake2s_param param __aligned(__alignof__(u32)) = {
- .digest_length = outlen,
- .fanout = 1,
- .depth = 1
- };
-
WARN_ON(IS_ENABLED(DEBUG) && (!outlen || outlen > BLAKE2S_HASH_SIZE));
- blake2s_init_param(state, &param);
+ blake2s_init_param(state, 0x01010000 | outlen);
+ state->outlen = outlen;
}
EXPORT_SYMBOL(blake2s_init);
void blake2s_init_key(struct blake2s_state *state, const size_t outlen,
const void *key, const size_t keylen)
{
- blake2s_param param = { .digest_length = outlen,
- .key_length = keylen,
- .fanout = 1,
- .depth = 1 };
u8 block[BLAKE2S_BLOCK_SIZE] = { 0 };
WARN_ON(IS_ENABLED(DEBUG) && (!outlen || outlen > BLAKE2S_HASH_SIZE ||
!key || !keylen || keylen > BLAKE2S_KEY_SIZE));
- blake2s_init_param(state, &param);
+ blake2s_init_param(state, 0x01010000 | keylen << 8 | outlen);
+ state->outlen = outlen;
memcpy(block, key, keylen);
blake2s_update(state, block, BLAKE2S_BLOCK_SIZE);
memzero_explicit(block, BLAKE2S_BLOCK_SIZE);
@@ -210,8 +183,7 @@ void blake2s_update(struct blake2s_state *state, const u8 *in, size_t inlen)
inlen -= fill;
}
if (inlen > BLAKE2S_BLOCK_SIZE) {
- const size_t nblocks =
- (inlen + BLAKE2S_BLOCK_SIZE - 1) / BLAKE2S_BLOCK_SIZE;
+ const size_t nblocks = DIV_ROUND_UP(inlen, BLAKE2S_BLOCK_SIZE);
/* Hash one less (full) block than strictly possible */
blake2s_compress(state, in, nblocks - 1, BLAKE2S_BLOCK_SIZE);
in += BLAKE2S_BLOCK_SIZE * (nblocks - 1);
@@ -225,13 +197,13 @@ EXPORT_SYMBOL(blake2s_update);
void blake2s_final(struct blake2s_state *state, u8 *out, const size_t outlen)
{
WARN_ON(IS_ENABLED(DEBUG) &&
- (!out || !outlen || outlen > BLAKE2S_HASH_SIZE));
+ (!out || outlen < state->outlen));
blake2s_set_lastblock(state);
memset(state->buf + state->buflen, 0,
BLAKE2S_BLOCK_SIZE - state->buflen); /* Padding */
blake2s_compress(state, state->buf, 1, state->buflen);
cpu_to_le32_array(state->h, ARRAY_SIZE(state->h));
- memcpy(out, state->h, outlen);
+ memcpy(out, state->h, state->outlen);
memzero_explicit(state, sizeof(*state));
}
EXPORT_SYMBOL(blake2s_final);