Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp1950971ybz; Sat, 2 May 2020 11:28:48 -0700 (PDT) X-Google-Smtp-Source: APiQypJg6UFCuklTf/widINGiYeTNiRyg7TX9cnEBRdel8Bc8/VdwIY6dJEnn4NviEHtM5ymeTrC X-Received: by 2002:a17:906:b2c2:: with SMTP id cf2mr8125934ejb.262.1588444128050; Sat, 02 May 2020 11:28:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588444128; cv=none; d=google.com; s=arc-20160816; b=zu9pHogkEf0nLmgCo4gjnGEtQAQSN96zL0w6ygvU4XBut1lpQEd2OSt9lbof3R0duF YFe40UKv56YnXGLN243buF2RvLGwn4y60VjLAMTEc69JvEUND0aZWA/uqTHCyniMqHi9 SGQ0rlX4JjGgL4C8DVc+NJMtHDWrzKpRVz0DHByadAnGv8DFWqPJCcOXyHZenA06A77+ zmqlEuYM31yuh0CfJx5pUqNR1mX/0lbMgZRqln7KUB3OhLWB3twUSVT900QSLQ9WJM3i ocvMTUaCCmDpmyYnic4/bAcRpKZMDIb1SXA6Cr0a1QekfNOOwrtHAmfoGDw6iGQbTEHK jAxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=6Thn7miOUjxpEpjzHR5X1RsKGiouH1dJq++LcJqAIfA=; b=bOOelfM9bCN35NUgdJ/Wehbm+qytUwv1lA0nhQWb3kXVGo/jSEDP32jKZOu5EcauWP vXuFG+C6WRXGsOgBfMo7oFvaLY1b7RwFeht/APekSEjs22P8xV7tczA/Gd6qiWlGrLaj VDBQP2md/mWv0LvJdedNt8wCeXMUYdDtNJhHSfJfbjN1i8edCrljOmNQoTEbwYXK1+SF CCbfEvlnLEuJFKwm/U/5ep1LVPyejbD3wvQ54jFpwbCpPhHy5zxcD7/JydvgF0q/9CHL CbIE51tMhnaqhvMH8EwKzWAPznIHp4Cpcww7+qN8gthNDH/R/NWfIMMD+QK2ouIVLfgC aAKg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=salAGzU7; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f15si4001388ejf.515.2020.05.02.11.28.17; Sat, 02 May 2020 11:28:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=salAGzU7; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728263AbgEBS2K (ORCPT + 99 others); Sat, 2 May 2020 14:28:10 -0400 Received: from mail.kernel.org ([198.145.29.99]:54644 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728463AbgEBS2K (ORCPT ); Sat, 2 May 2020 14:28:10 -0400 Received: from sol.hsd1.ca.comcast.net (c-107-3-166-239.hsd1.ca.comcast.net [107.3.166.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id C807B2084D; Sat, 2 May 2020 18:28:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1588444089; bh=e+wnz32L1T+aJDLUEG4h6lQPRmUrnVsjSdSVgx/0vvM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=salAGzU72/KDFeIWbWO7NLaP2IHe7Wz2cvkTKG56biXWD7DEbJIiypPaKYR26i099 Col+HieA9gP1SaU2LqEdk6Jw+TzGoHfYCfywVVEVsC7ZAjqOV7KrdrEy5m9VXoy26v jFWs9FoJun5msiNbH/WSaT6j4rA+4G4CQR5i5meY= From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org, "Jason A . Donenfeld" , Theodore Ts'o Subject: [PATCH 7/7] crypto: lib/sha1 - fold linux/cryptohash.h into crypto/sha.h Date: Sat, 2 May 2020 11:24:27 -0700 Message-Id: <20200502182427.104383-8-ebiggers@kernel.org> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200502182427.104383-1-ebiggers@kernel.org> References: <20200502182427.104383-1-ebiggers@kernel.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org From: Eric Biggers sounds very generic and important, like it's the header to include if you're doing cryptographic hashing in the kernel. But actually it only includes the library implementation of the SHA-1 compression function (not even the full SHA-1). This should basically never be used anymore; SHA-1 is no longer considered secure, and there are much better ways to do cryptographic hashing in the kernel. Remove this header and fold it into which already contains constants and functions for SHA-1 (along with SHA-2). Signed-off-by: Eric Biggers --- crypto/sha1_generic.c | 1 - drivers/char/random.c | 2 +- include/crypto/sha.h | 10 ++++++++++ include/linux/cryptohash.h | 18 ------------------ include/linux/filter.h | 2 +- lib/sha1.c | 2 +- 6 files changed, 13 insertions(+), 22 deletions(-) delete mode 100644 include/linux/cryptohash.h diff --git a/crypto/sha1_generic.c b/crypto/sha1_generic.c index a16d9787dcd2c1..1d43472fecbde1 100644 --- a/crypto/sha1_generic.c +++ b/crypto/sha1_generic.c @@ -15,7 +15,6 @@ #include #include #include -#include #include #include #include diff --git a/drivers/char/random.c b/drivers/char/random.c index a19a8984741b60..cae02b2a871c32 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -327,7 +327,6 @@ #include #include #include -#include #include #include #include @@ -337,6 +336,7 @@ #include #include #include +#include #include #include diff --git a/include/crypto/sha.h b/include/crypto/sha.h index 5c2132c7190095..405dd20419165c 100644 --- a/include/crypto/sha.h +++ b/include/crypto/sha.h @@ -113,6 +113,16 @@ extern int crypto_sha512_update(struct shash_desc *desc, const u8 *data, extern int crypto_sha512_finup(struct shash_desc *desc, const u8 *data, unsigned int len, u8 *hash); +/* + * An implementation of SHA-1's compression function. Don't use in new code! + * You shouldn't be using SHA-1, and even if you *have* to use SHA-1, this isn't + * the correct way to hash something with SHA-1 (use crypto_shash instead). + */ +#define SHA1_DIGEST_WORDS (SHA1_DIGEST_SIZE / 4) +#define SHA1_WORKSPACE_WORDS 16 +void sha1_init(__u32 *buf); +void sha1_transform(__u32 *digest, const char *data, __u32 *W); + /* * Stand-alone implementation of the SHA256 algorithm. It is designed to * have as little dependencies as possible so it can be used in the diff --git a/include/linux/cryptohash.h b/include/linux/cryptohash.h deleted file mode 100644 index c324ffca96e0d5..00000000000000 --- a/include/linux/cryptohash.h +++ /dev/null @@ -1,18 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 */ -#ifndef __CRYPTOHASH_H -#define __CRYPTOHASH_H - -#include - -/* - * An implementation of SHA-1's compression function. Don't use in new code! - * You shouldn't be using SHA-1, and even if you *have* to use SHA-1, this isn't - * the correct way to hash something with SHA-1 (use crypto_shash instead). - */ -#define SHA1_DIGEST_WORDS 5 -#define SHA1_BLOCK_SIZE 64 -#define SHA1_WORKSPACE_WORDS 16 -void sha1_init(__u32 *buf); -void sha1_transform(__u32 *digest, const char *data, __u32 *W); - -#endif diff --git a/include/linux/filter.h b/include/linux/filter.h index f42662adffe47f..ec45fd7992c957 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h @@ -16,11 +16,11 @@ #include #include #include -#include #include #include #include #include +#include #include diff --git a/lib/sha1.c b/lib/sha1.c index b381e8cd4fe447..49257a915bb604 100644 --- a/lib/sha1.c +++ b/lib/sha1.c @@ -9,7 +9,7 @@ #include #include #include -#include +#include #include /* -- 2.26.2