Hi,
the patchset implements cleanups suggested by Eric in
https://lore.kernel.org/linux-crypto/[email protected]/
The diff is the same, split into pieces with some additional comments
where it would help understand the simplifications. This is based on v7
of the BLAKE2b patchset.
The self-tests have been run for each patch on x86_64.
David Sterba (7):
crypto: blake2b: merge _final implementation to callback
crypto: blake2b: merge blake2 init to api callback
crypto: blake2b: simplify key init
crypto: blake2b: delete unused structs or members
crypto: blake2b: open code set last block helper
crypto: blake2b: merge _update to api callback
crypto: blake2b: rename tfm context
crypto/blake2b_generic.c | 267 +++++++++++----------------------------
1 file changed, 76 insertions(+), 191 deletions(-)
--
2.23.0
blake2b_final is called only once, merge it to the crypto API callback
and simplify. This avoids the temporary buffer and swaps the bytes of
internal buffer.
Signed-off-by: David Sterba <[email protected]>
---
crypto/blake2b_generic.c | 42 ++++++++++++++++------------------------
1 file changed, 17 insertions(+), 25 deletions(-)
diff --git a/crypto/blake2b_generic.c b/crypto/blake2b_generic.c
index 8dab65612a41..743905fabd65 100644
--- a/crypto/blake2b_generic.c
+++ b/crypto/blake2b_generic.c
@@ -276,25 +276,6 @@ static void blake2b_update(struct blake2b_state *S, const void *pin, size_t inle
}
}
-static void blake2b_final(struct blake2b_state *S, void *out, size_t outlen)
-{
- u8 buffer[BLAKE2B_OUTBYTES] = {0};
- size_t i;
-
- blake2b_increment_counter(S, S->buflen);
- blake2b_set_lastblock(S);
- /* Padding */
- memset(S->buf + S->buflen, 0, BLAKE2B_BLOCKBYTES - S->buflen);
- blake2b_compress(S, S->buf);
-
- /* Output full hash to temp buffer */
- for (i = 0; i < 8; ++i)
- put_unaligned_le64(S->h[i], buffer + sizeof(S->h[i]) * i);
-
- memcpy(out, buffer, S->outlen);
- memzero_explicit(buffer, sizeof(buffer));
-}
-
struct digest_tfm_ctx {
u8 key[BLAKE2B_KEYBYTES];
unsigned int keylen;
@@ -338,12 +319,23 @@ static int digest_update(struct shash_desc *desc, const u8 *data,
return 0;
}
-static int digest_final(struct shash_desc *desc, u8 *out)
+static int blake2b_final(struct shash_desc *desc, u8 *out)
{
struct blake2b_state *state = shash_desc_ctx(desc);
const int digestsize = crypto_shash_digestsize(desc->tfm);
+ size_t i;
+
+ blake2b_increment_counter(state, state->buflen);
+ blake2b_set_lastblock(state);
+ /* Padding */
+ memset(state->buf + state->buflen, 0, BLAKE2B_BLOCKBYTES - state->buflen);
+ blake2b_compress(state, state->buf);
+
+ /* Avoid temporary buffer and switch the internal output to LE order */
+ for (i = 0; i < ARRAY_SIZE(state->h); i++)
+ __cpu_to_le64s(&state->h[i]);
- blake2b_final(state, out, digestsize);
+ memcpy(out, state->h, digestsize);
return 0;
}
@@ -360,7 +352,7 @@ static struct shash_alg blake2b_algs[] = {
.setkey = digest_setkey,
.init = digest_init,
.update = digest_update,
- .final = digest_final,
+ .final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
}, {
.base.cra_name = "blake2b-256",
@@ -374,7 +366,7 @@ static struct shash_alg blake2b_algs[] = {
.setkey = digest_setkey,
.init = digest_init,
.update = digest_update,
- .final = digest_final,
+ .final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
}, {
.base.cra_name = "blake2b-384",
@@ -388,7 +380,7 @@ static struct shash_alg blake2b_algs[] = {
.setkey = digest_setkey,
.init = digest_init,
.update = digest_update,
- .final = digest_final,
+ .final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
}, {
.base.cra_name = "blake2b-512",
@@ -402,7 +394,7 @@ static struct shash_alg blake2b_algs[] = {
.setkey = digest_setkey,
.init = digest_init,
.update = digest_update,
- .final = digest_final,
+ .final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
}
};
--
2.23.0
The call chain from blake2b_init can be simplified because the param
block is effectively zeros, besides the key.
- blake2b_init0 zeroes state and sets IV
- blake2b_init sets up param block with defaults (key and some 1s)
- init with key, write it to the input buffer and recalculate state
So the compact way is to zero out the state and initialize index 0 of
the state directly with the non-zero values and the key.
Signed-off-by: David Sterba <[email protected]>
---
crypto/blake2b_generic.c | 103 ++++++++-------------------------------
1 file changed, 19 insertions(+), 84 deletions(-)
diff --git a/crypto/blake2b_generic.c b/crypto/blake2b_generic.c
index 743905fabd65..d3da6113a96a 100644
--- a/crypto/blake2b_generic.c
+++ b/crypto/blake2b_generic.c
@@ -106,81 +106,6 @@ static void blake2b_increment_counter(struct blake2b_state *S, const u64 inc)
S->t[1] += (S->t[0] < inc);
}
-static void blake2b_init0(struct blake2b_state *S)
-{
- size_t i;
-
- memset(S, 0, sizeof(struct blake2b_state));
-
- for (i = 0; i < 8; ++i)
- S->h[i] = blake2b_IV[i];
-}
-
-/* init xors IV with input parameter block */
-static void blake2b_init_param(struct blake2b_state *S,
- const struct blake2b_param *P)
-{
- const u8 *p = (const u8 *)(P);
- size_t i;
-
- blake2b_init0(S);
-
- /* IV XOR ParamBlock */
- for (i = 0; i < 8; ++i)
- S->h[i] ^= get_unaligned_le64(p + sizeof(S->h[i]) * i);
-
- S->outlen = P->digest_length;
-}
-
-static void blake2b_init(struct blake2b_state *S, size_t outlen)
-{
- struct blake2b_param P;
-
- P.digest_length = (u8)outlen;
- P.key_length = 0;
- P.fanout = 1;
- P.depth = 1;
- P.leaf_length = 0;
- P.node_offset = 0;
- P.xof_length = 0;
- P.node_depth = 0;
- P.inner_length = 0;
- memset(P.reserved, 0, sizeof(P.reserved));
- memset(P.salt, 0, sizeof(P.salt));
- memset(P.personal, 0, sizeof(P.personal));
- blake2b_init_param(S, &P);
-}
-
-static void blake2b_init_key(struct blake2b_state *S, size_t outlen,
- const void *key, size_t keylen)
-{
- struct blake2b_param P;
-
- P.digest_length = (u8)outlen;
- P.key_length = (u8)keylen;
- P.fanout = 1;
- P.depth = 1;
- P.leaf_length = 0;
- P.node_offset = 0;
- P.xof_length = 0;
- P.node_depth = 0;
- P.inner_length = 0;
- memset(P.reserved, 0, sizeof(P.reserved));
- memset(P.salt, 0, sizeof(P.salt));
- memset(P.personal, 0, sizeof(P.personal));
-
- blake2b_init_param(S, &P);
-
- {
- u8 block[BLAKE2B_BLOCKBYTES];
-
- memset(block, 0, BLAKE2B_BLOCKBYTES);
- memcpy(block, key, keylen);
- blake2b_update(S, block, BLAKE2B_BLOCKBYTES);
- memzero_explicit(block, BLAKE2B_BLOCKBYTES);
- }
-}
-
#define G(r,i,a,b,c,d) \
do { \
a = a + b + m[blake2b_sigma[r][2*i+0]]; \
@@ -297,16 +222,26 @@ static int digest_setkey(struct crypto_shash *tfm, const u8 *key,
return 0;
}
-static int digest_init(struct shash_desc *desc)
+static int blake2b_init(struct shash_desc *desc)
{
struct digest_tfm_ctx *mctx = crypto_shash_ctx(desc->tfm);
struct blake2b_state *state = shash_desc_ctx(desc);
const int digestsize = crypto_shash_digestsize(desc->tfm);
- if (mctx->keylen == 0)
- blake2b_init(state, digestsize);
- else
- blake2b_init_key(state, digestsize, mctx->key, mctx->keylen);
+ memset(state, 0, sizeof(*state));
+ memcpy(state->h, blake2b_IV, sizeof(state->h));
+
+ /* Parameter block is all zeros except index 0, no xor for 1..7 */
+ state->h[0] ^= 0x01010000 | mctx->keylen << 8 | digestsize;
+
+ if (mctx->keylen) {
+ u8 block[BLAKE2B_BLOCKBYTES];
+
+ memset(block, 0, BLAKE2B_BLOCKBYTES);
+ memcpy(block, mctx->key, mctx->keylen);
+ blake2b_update(state, block, BLAKE2B_BLOCKBYTES);
+ memzero_explicit(block, BLAKE2B_BLOCKBYTES);
+ }
return 0;
}
@@ -350,7 +285,7 @@ static struct shash_alg blake2b_algs[] = {
.base.cra_module = THIS_MODULE,
.digestsize = BLAKE2B_160_DIGEST_SIZE,
.setkey = digest_setkey,
- .init = digest_init,
+ .init = blake2b_init,
.update = digest_update,
.final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
@@ -364,7 +299,7 @@ static struct shash_alg blake2b_algs[] = {
.base.cra_module = THIS_MODULE,
.digestsize = BLAKE2B_256_DIGEST_SIZE,
.setkey = digest_setkey,
- .init = digest_init,
+ .init = blake2b_init,
.update = digest_update,
.final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
@@ -378,7 +313,7 @@ static struct shash_alg blake2b_algs[] = {
.base.cra_module = THIS_MODULE,
.digestsize = BLAKE2B_384_DIGEST_SIZE,
.setkey = digest_setkey,
- .init = digest_init,
+ .init = blake2b_init,
.update = digest_update,
.final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
@@ -392,7 +327,7 @@ static struct shash_alg blake2b_algs[] = {
.base.cra_module = THIS_MODULE,
.digestsize = BLAKE2B_512_DIGEST_SIZE,
.setkey = digest_setkey,
- .init = digest_init,
+ .init = blake2b_init,
.update = digest_update,
.final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
--
2.23.0
The keyed init writes the key bytes to the input buffer and does an
update. We can do that in two ways: fill the buffer and update
immediatelly. This is what current blake2b_init_key does. Any other
following _update or _final will continue from the updated state.
The other way is to write the key and set the number of bytes to process
at the next _update or _final, lazy evaluation. Which leads to the the
simplified code in this patch.
Signed-off-by: David Sterba <[email protected]>
---
crypto/blake2b_generic.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/crypto/blake2b_generic.c b/crypto/blake2b_generic.c
index d3da6113a96a..fd0fbb076058 100644
--- a/crypto/blake2b_generic.c
+++ b/crypto/blake2b_generic.c
@@ -85,8 +85,6 @@ static const u8 blake2b_sigma[12][16] = {
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }
};
-static void blake2b_update(struct blake2b_state *S, const void *pin, size_t inlen);
-
static void blake2b_set_lastnode(struct blake2b_state *S)
{
S->f[1] = (u64)-1;
@@ -235,12 +233,12 @@ static int blake2b_init(struct shash_desc *desc)
state->h[0] ^= 0x01010000 | mctx->keylen << 8 | digestsize;
if (mctx->keylen) {
- u8 block[BLAKE2B_BLOCKBYTES];
-
- memset(block, 0, BLAKE2B_BLOCKBYTES);
- memcpy(block, mctx->key, mctx->keylen);
- blake2b_update(state, block, BLAKE2B_BLOCKBYTES);
- memzero_explicit(block, BLAKE2B_BLOCKBYTES);
+ /*
+ * Prefill the buffer with the key, next call to _update or
+ * _final will process it
+ */
+ memcpy(state->buf, mctx->key, mctx->keylen);
+ state->buflen = BLAKE2B_BLOCKBYTES;
}
return 0;
}
--
2.23.0
The helper is trival and called once, inlining makes things simpler.
There's a comment to tie it back to the idea behind the code.
Signed-off-by: David Sterba <[email protected]>
---
crypto/blake2b_generic.c | 8 ++------
1 file changed, 2 insertions(+), 6 deletions(-)
diff --git a/crypto/blake2b_generic.c b/crypto/blake2b_generic.c
index 442c639c9ad9..463ac597ef04 100644
--- a/crypto/blake2b_generic.c
+++ b/crypto/blake2b_generic.c
@@ -65,11 +65,6 @@ static const u8 blake2b_sigma[12][16] = {
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }
};
-static void blake2b_set_lastblock(struct blake2b_state *S)
-{
- S->f[0] = (u64)-1;
-}
-
static void blake2b_increment_counter(struct blake2b_state *S, const u64 inc)
{
S->t[0] += inc;
@@ -231,7 +226,8 @@ static int blake2b_final(struct shash_desc *desc, u8 *out)
size_t i;
blake2b_increment_counter(state, state->buflen);
- blake2b_set_lastblock(state);
+ /* Set last block */
+ state->f[0] = (u64)-1;
/* Padding */
memset(state->buf + state->buflen, 0, BLAKE2B_BLOCKBYTES - state->buflen);
blake2b_compress(state, state->buf);
--
2.23.0
Now that there's only one call to blake2b_update, we can merge it to the
callback and simplify. The empty input check is split and the rest of
code un-indented.
Signed-off-by: David Sterba <[email protected]>
---
crypto/blake2b_generic.c | 66 ++++++++++++++++++----------------------
1 file changed, 30 insertions(+), 36 deletions(-)
diff --git a/crypto/blake2b_generic.c b/crypto/blake2b_generic.c
index 463ac597ef04..b05dfc2724e8 100644
--- a/crypto/blake2b_generic.c
+++ b/crypto/blake2b_generic.c
@@ -137,35 +137,6 @@ static void blake2b_compress(struct blake2b_state *S,
#undef G
#undef ROUND
-static void blake2b_update(struct blake2b_state *S, const void *pin, size_t inlen)
-{
- const u8 *in = (const u8 *)pin;
-
- if (inlen > 0) {
- size_t left = S->buflen;
- size_t fill = BLAKE2B_BLOCKBYTES - left;
-
- if (inlen > fill) {
- S->buflen = 0;
- /* Fill buffer */
- memcpy(S->buf + left, in, fill);
- blake2b_increment_counter(S, BLAKE2B_BLOCKBYTES);
- /* Compress */
- blake2b_compress(S, S->buf);
- in += fill;
- inlen -= fill;
- while (inlen > BLAKE2B_BLOCKBYTES) {
- blake2b_increment_counter(S, BLAKE2B_BLOCKBYTES);
- blake2b_compress(S, in);
- in += BLAKE2B_BLOCKBYTES;
- inlen -= BLAKE2B_BLOCKBYTES;
- }
- }
- memcpy(S->buf + S->buflen, in, inlen);
- S->buflen += inlen;
- }
-}
-
struct digest_tfm_ctx {
u8 key[BLAKE2B_KEYBYTES];
unsigned int keylen;
@@ -210,12 +181,35 @@ static int blake2b_init(struct shash_desc *desc)
return 0;
}
-static int digest_update(struct shash_desc *desc, const u8 *data,
- unsigned int length)
+static int blake2b_update(struct shash_desc *desc, const u8 *in,
+ unsigned int inlen)
{
struct blake2b_state *state = shash_desc_ctx(desc);
+ const size_t left = state->buflen;
+ const size_t fill = BLAKE2B_BLOCKBYTES - left;
+
+ if (!inlen)
+ return 0;
+
+ if (inlen > fill) {
+ state->buflen = 0;
+ /* Fill buffer */
+ memcpy(state->buf + left, in, fill);
+ blake2b_increment_counter(state, BLAKE2B_BLOCKBYTES);
+ /* Compress */
+ blake2b_compress(state, state->buf);
+ in += fill;
+ inlen -= fill;
+ while (inlen > BLAKE2B_BLOCKBYTES) {
+ blake2b_increment_counter(state, BLAKE2B_BLOCKBYTES);
+ blake2b_compress(state, in);
+ in += BLAKE2B_BLOCKBYTES;
+ inlen -= BLAKE2B_BLOCKBYTES;
+ }
+ }
+ memcpy(state->buf + state->buflen, in, inlen);
+ state->buflen += inlen;
- blake2b_update(state, data, length);
return 0;
}
@@ -252,7 +246,7 @@ static struct shash_alg blake2b_algs[] = {
.digestsize = BLAKE2B_160_DIGEST_SIZE,
.setkey = digest_setkey,
.init = blake2b_init,
- .update = digest_update,
+ .update = blake2b_update,
.final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
}, {
@@ -266,7 +260,7 @@ static struct shash_alg blake2b_algs[] = {
.digestsize = BLAKE2B_256_DIGEST_SIZE,
.setkey = digest_setkey,
.init = blake2b_init,
- .update = digest_update,
+ .update = blake2b_update,
.final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
}, {
@@ -280,7 +274,7 @@ static struct shash_alg blake2b_algs[] = {
.digestsize = BLAKE2B_384_DIGEST_SIZE,
.setkey = digest_setkey,
.init = blake2b_init,
- .update = digest_update,
+ .update = blake2b_update,
.final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
}, {
@@ -294,7 +288,7 @@ static struct shash_alg blake2b_algs[] = {
.digestsize = BLAKE2B_512_DIGEST_SIZE,
.setkey = digest_setkey,
.init = blake2b_init,
- .update = digest_update,
+ .update = blake2b_update,
.final = blake2b_final,
.descsize = sizeof(struct blake2b_state),
}
--
2.23.0
All the code for param block has been inlined, last_node and outlen from
the state are not used or have become redundant due to other code.
Remove it.
Signed-off-by: David Sterba <[email protected]>
---
crypto/blake2b_generic.c | 30 ------------------------------
1 file changed, 30 deletions(-)
diff --git a/crypto/blake2b_generic.c b/crypto/blake2b_generic.c
index fd0fbb076058..442c639c9ad9 100644
--- a/crypto/blake2b_generic.c
+++ b/crypto/blake2b_generic.c
@@ -32,10 +32,7 @@
enum blake2b_constant {
BLAKE2B_BLOCKBYTES = 128,
- BLAKE2B_OUTBYTES = 64,
BLAKE2B_KEYBYTES = 64,
- BLAKE2B_SALTBYTES = 16,
- BLAKE2B_PERSONALBYTES = 16
};
struct blake2b_state {
@@ -44,25 +41,8 @@ struct blake2b_state {
u64 f[2];
u8 buf[BLAKE2B_BLOCKBYTES];
size_t buflen;
- size_t outlen;
- u8 last_node;
};
-struct blake2b_param {
- u8 digest_length; /* 1 */
- u8 key_length; /* 2 */
- u8 fanout; /* 3 */
- u8 depth; /* 4 */
- __le32 leaf_length; /* 8 */
- __le32 node_offset; /* 12 */
- __le32 xof_length; /* 16 */
- u8 node_depth; /* 17 */
- u8 inner_length; /* 18 */
- u8 reserved[14]; /* 32 */
- u8 salt[BLAKE2B_SALTBYTES]; /* 48 */
- u8 personal[BLAKE2B_PERSONALBYTES]; /* 64 */
-} __packed;
-
static const u64 blake2b_IV[8] = {
0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL,
0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL,
@@ -85,16 +65,8 @@ static const u8 blake2b_sigma[12][16] = {
{ 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }
};
-static void blake2b_set_lastnode(struct blake2b_state *S)
-{
- S->f[1] = (u64)-1;
-}
-
static void blake2b_set_lastblock(struct blake2b_state *S)
{
- if (S->last_node)
- blake2b_set_lastnode(S);
-
S->f[0] = (u64)-1;
}
@@ -334,8 +306,6 @@ static struct shash_alg blake2b_algs[] = {
static int __init blake2b_mod_init(void)
{
- BUILD_BUG_ON(sizeof(struct blake2b_param) != BLAKE2B_OUTBYTES);
-
return crypto_register_shashes(blake2b_algs, ARRAY_SIZE(blake2b_algs));
}
--
2.23.0
The TFM context can be renamed to a more appropriate name and the local
varaibles as well, using 'tctx' which seems to be more common than
'mctx'.
Signed-off-by: David Sterba <[email protected]>
---
crypto/blake2b_generic.c | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/crypto/blake2b_generic.c b/crypto/blake2b_generic.c
index b05dfc2724e8..38d49deceae6 100644
--- a/crypto/blake2b_generic.c
+++ b/crypto/blake2b_generic.c
@@ -137,7 +137,7 @@ static void blake2b_compress(struct blake2b_state *S,
#undef G
#undef ROUND
-struct digest_tfm_ctx {
+struct blake2b_tfm_ctx {
u8 key[BLAKE2B_KEYBYTES];
unsigned int keylen;
};
@@ -145,22 +145,22 @@ struct digest_tfm_ctx {
static int digest_setkey(struct crypto_shash *tfm, const u8 *key,
unsigned int keylen)
{
- struct digest_tfm_ctx *mctx = crypto_shash_ctx(tfm);
+ struct blake2b_tfm_ctx *tctx = crypto_shash_ctx(tfm);
if (keylen == 0 || keylen > BLAKE2B_KEYBYTES) {
crypto_shash_set_flags(tfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
return -EINVAL;
}
- memcpy(mctx->key, key, keylen);
- mctx->keylen = keylen;
+ memcpy(tctx->key, key, keylen);
+ tctx->keylen = keylen;
return 0;
}
static int blake2b_init(struct shash_desc *desc)
{
- struct digest_tfm_ctx *mctx = crypto_shash_ctx(desc->tfm);
+ struct blake2b_tfm_ctx *tctx = crypto_shash_ctx(desc->tfm);
struct blake2b_state *state = shash_desc_ctx(desc);
const int digestsize = crypto_shash_digestsize(desc->tfm);
@@ -168,14 +168,14 @@ static int blake2b_init(struct shash_desc *desc)
memcpy(state->h, blake2b_IV, sizeof(state->h));
/* Parameter block is all zeros except index 0, no xor for 1..7 */
- state->h[0] ^= 0x01010000 | mctx->keylen << 8 | digestsize;
+ state->h[0] ^= 0x01010000 | tctx->keylen << 8 | digestsize;
- if (mctx->keylen) {
+ if (tctx->keylen) {
/*
* Prefill the buffer with the key, next call to _update or
* _final will process it
*/
- memcpy(state->buf, mctx->key, mctx->keylen);
+ memcpy(state->buf, tctx->key, tctx->keylen);
state->buflen = BLAKE2B_BLOCKBYTES;
}
return 0;
@@ -241,7 +241,7 @@ static struct shash_alg blake2b_algs[] = {
.base.cra_priority = 100,
.base.cra_flags = CRYPTO_ALG_OPTIONAL_KEY,
.base.cra_blocksize = BLAKE2B_BLOCKBYTES,
- .base.cra_ctxsize = sizeof(struct digest_tfm_ctx),
+ .base.cra_ctxsize = sizeof(struct blake2b_tfm_ctx),
.base.cra_module = THIS_MODULE,
.digestsize = BLAKE2B_160_DIGEST_SIZE,
.setkey = digest_setkey,
@@ -255,7 +255,7 @@ static struct shash_alg blake2b_algs[] = {
.base.cra_priority = 100,
.base.cra_flags = CRYPTO_ALG_OPTIONAL_KEY,
.base.cra_blocksize = BLAKE2B_BLOCKBYTES,
- .base.cra_ctxsize = sizeof(struct digest_tfm_ctx),
+ .base.cra_ctxsize = sizeof(struct blake2b_tfm_ctx),
.base.cra_module = THIS_MODULE,
.digestsize = BLAKE2B_256_DIGEST_SIZE,
.setkey = digest_setkey,
@@ -269,7 +269,7 @@ static struct shash_alg blake2b_algs[] = {
.base.cra_priority = 100,
.base.cra_flags = CRYPTO_ALG_OPTIONAL_KEY,
.base.cra_blocksize = BLAKE2B_BLOCKBYTES,
- .base.cra_ctxsize = sizeof(struct digest_tfm_ctx),
+ .base.cra_ctxsize = sizeof(struct blake2b_tfm_ctx),
.base.cra_module = THIS_MODULE,
.digestsize = BLAKE2B_384_DIGEST_SIZE,
.setkey = digest_setkey,
@@ -283,7 +283,7 @@ static struct shash_alg blake2b_algs[] = {
.base.cra_priority = 100,
.base.cra_flags = CRYPTO_ALG_OPTIONAL_KEY,
.base.cra_blocksize = BLAKE2B_BLOCKBYTES,
- .base.cra_ctxsize = sizeof(struct digest_tfm_ctx),
+ .base.cra_ctxsize = sizeof(struct blake2b_tfm_ctx),
.base.cra_module = THIS_MODULE,
.digestsize = BLAKE2B_512_DIGEST_SIZE,
.setkey = digest_setkey,
--
2.23.0
On Wed, Nov 06, 2019 at 02:48:24PM +0100, David Sterba wrote:
> Hi,
>
> the patchset implements cleanups suggested by Eric in
> https://lore.kernel.org/linux-crypto/[email protected]/
>
> The diff is the same, split into pieces with some additional comments
> where it would help understand the simplifications. This is based on v7
> of the BLAKE2b patchset.
>
Actually the diff isn't quite the same. Your version looks fine though, except
that I think digest_setkey() should be renamed to blake2b_setkey(). Otherwise
it's inconsistent, since all the other digest_*() functions were renamed.
Thanks!
- Eric
On Thu, Nov 07, 2019 at 06:13:29PM -0800, Eric Biggers wrote:
> On Wed, Nov 06, 2019 at 02:48:24PM +0100, David Sterba wrote:
> > the patchset implements cleanups suggested by Eric in
> > https://lore.kernel.org/linux-crypto/[email protected]/
> >
> > The diff is the same, split into pieces with some additional comments
> > where it would help understand the simplifications. This is based on v7
> > of the BLAKE2b patchset.
>
> Actually the diff isn't quite the same. Your version looks fine though, except
> that I think digest_setkey() should be renamed to blake2b_setkey(). Otherwise
> it's inconsistent, since all the other digest_*() functions were renamed.
Right, digest_* was a leftover from a working version. I'll send V2.
Thanks for the review.