Commit fb90004b authored by James Morris's avatar James Morris

[CRYPTO]: Add support for SHA-386 and SHA-512

- Merged SHA-384 and SHA-512 code from Kyle McMartin
  <kyle@gondolin.debian.net>
- Added test vectors.
- Documentation and credits updates.
parent 9552d6bc
...@@ -80,6 +80,10 @@ should also be added: ...@@ -80,6 +80,10 @@ should also be added:
alias digest_null crypto_null alias digest_null crypto_null
alias compress_null crypto_null alias compress_null crypto_null
The SHA384 algorithm shares code within the SHA512 module, so you'll
also need:
alias sha384 sha512
DEVELOPER NOTES DEVELOPER NOTES
...@@ -182,7 +186,7 @@ Original developers of the crypto algorithms: ...@@ -182,7 +186,7 @@ Original developers of the crypto algorithms:
Andrew Tridgell and Steve French (MD4) Andrew Tridgell and Steve French (MD4)
Colin Plumb (MD5) Colin Plumb (MD5)
Steve Reid (SHA1) Steve Reid (SHA1)
Jean-Luc Cooke (SHA256) Jean-Luc Cooke (SHA256, SHA384, SHA512)
Kazunori Miyazawa / USAGI (HMAC) Kazunori Miyazawa / USAGI (HMAC)
Matthew Skala (Twofish) Matthew Skala (Twofish)
Dag Arne Osvik (Serpent) Dag Arne Osvik (Serpent)
...@@ -201,9 +205,11 @@ Twofish algorithm contributors: ...@@ -201,9 +205,11 @@ Twofish algorithm contributors:
Werner Koch Werner Koch
Marc Mutz Marc Mutz
SHA256 algorithm contributors: SHA256/384/512 algorithm contributors:
Andrew McDonald Andrew McDonald
Kyle McMartin
Herbert Valerio Riedel
AES algorithm contributors: AES algorithm contributors:
Alexander Kjeldaas Alexander Kjeldaas
Herbert Valerio Riedel Herbert Valerio Riedel
......
...@@ -53,6 +53,18 @@ config CRYPTO_SHA256 ...@@ -53,6 +53,18 @@ config CRYPTO_SHA256
This version of SHA implements a 256 bit hash with 128 bits of This version of SHA implements a 256 bit hash with 128 bits of
security against collision attacks. security against collision attacks.
config CRYPTO_SHA512
tristate "SHA384 and SHA512 digest algorithms"
depends on CRYPTO
help
SHA512 secure hash standard (DFIPS 180-2).
This version of SHA implements a 512 bit hash with 256 bits of
security against collision attacks.
This code also includes SHA-384, a 384 bit hash with 192 bits
of security against collision attacks.
config CRYPTO_DES config CRYPTO_DES
tristate "DES and Triple DES EDE cipher algorithms" tristate "DES and Triple DES EDE cipher algorithms"
depends on CRYPTO depends on CRYPTO
......
...@@ -16,6 +16,7 @@ obj-$(CONFIG_CRYPTO_MD4) += md4.o ...@@ -16,6 +16,7 @@ obj-$(CONFIG_CRYPTO_MD4) += md4.o
obj-$(CONFIG_CRYPTO_MD5) += md5.o obj-$(CONFIG_CRYPTO_MD5) += md5.o
obj-$(CONFIG_CRYPTO_SHA1) += sha1.o obj-$(CONFIG_CRYPTO_SHA1) += sha1.o
obj-$(CONFIG_CRYPTO_SHA256) += sha256.o obj-$(CONFIG_CRYPTO_SHA256) += sha256.o
obj-$(CONFIG_CRYPTO_SHA512) += sha512.o
obj-$(CONFIG_CRYPTO_DES) += des.o obj-$(CONFIG_CRYPTO_DES) += des.o
obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish.o obj-$(CONFIG_CRYPTO_BLOWFISH) += blowfish.o
obj-$(CONFIG_CRYPTO_TWOFISH) += twofish.o obj-$(CONFIG_CRYPTO_TWOFISH) += twofish.o
......
This diff is collapsed.
...@@ -48,7 +48,7 @@ static char *tvmem; ...@@ -48,7 +48,7 @@ static char *tvmem;
static char *check[] = { static char *check[] = {
"des", "md5", "des3_ede", "rot13", "sha1", "sha256", "blowfish", "des", "md5", "des3_ede", "rot13", "sha1", "sha256", "blowfish",
"twofish", "serpent", "twofish", "serpent", "sha384", "sha512",
NULL NULL
}; };
...@@ -549,6 +549,110 @@ test_sha256(void) ...@@ -549,6 +549,110 @@ test_sha256(void)
crypto_free_tfm(tfm); crypto_free_tfm(tfm);
} }
static void
test_sha384(void)
{
char *p;
unsigned int i;
struct crypto_tfm *tfm;
struct sha384_testvec *sha384_tv;
struct scatterlist sg[2];
unsigned int tsize;
char result[SHA384_DIGEST_SIZE];
printk("\ntesting sha384\n");
tsize = sizeof (sha384_tv_template);
if (tsize > TVMEMSIZE) {
printk("template (%u) too big for tvmem (%u)\n", tsize,
TVMEMSIZE);
return;
}
memcpy(tvmem, sha384_tv_template, tsize);
sha384_tv = (void *) tvmem;
tfm = crypto_alloc_tfm("sha384", 0);
if (tfm == NULL) {
printk("failed to load transform for sha384\n");
return;
}
for (i = 0; i < SHA384_TEST_VECTORS; i++) {
printk("test %u:\n", i + 1);
memset(result, 0, sizeof (result));
p = sha384_tv[i].plaintext;
sg[0].page = virt_to_page(p);
sg[0].offset = ((long) p & ~PAGE_MASK);
sg[0].length = strlen(sha384_tv[i].plaintext);
crypto_digest_init(tfm);
crypto_digest_update(tfm, sg, 1);
crypto_digest_final(tfm, result);
hexdump(result, crypto_tfm_alg_digestsize(tfm));
printk("%s\n",
memcmp(result, sha384_tv[i].digest,
crypto_tfm_alg_digestsize(tfm)) ? "fail" :
"pass");
}
crypto_free_tfm(tfm);
}
static void
test_sha512(void)
{
char *p;
unsigned int i;
struct crypto_tfm *tfm;
struct sha512_testvec *sha512_tv;
struct scatterlist sg[2];
unsigned int tsize;
char result[SHA512_DIGEST_SIZE];
printk("\ntesting sha512\n");
tsize = sizeof (sha512_tv_template);
if (tsize > TVMEMSIZE) {
printk("template (%u) too big for tvmem (%u)\n", tsize,
TVMEMSIZE);
return;
}
memcpy(tvmem, sha512_tv_template, tsize);
sha512_tv = (void *) tvmem;
tfm = crypto_alloc_tfm("sha512", 0);
if (tfm == NULL) {
printk("failed to load transform for sha512\n");
return;
}
for (i = 0; i < SHA512_TEST_VECTORS; i++) {
printk("test %u:\n", i + 1);
memset(result, 0, sizeof (result));
p = sha512_tv[i].plaintext;
sg[0].page = virt_to_page(p);
sg[0].offset = ((long) p & ~PAGE_MASK);
sg[0].length = strlen(sha512_tv[i].plaintext);
crypto_digest_init(tfm);
crypto_digest_update(tfm, sg, 1);
crypto_digest_final(tfm, result);
hexdump(result, crypto_tfm_alg_digestsize(tfm));
printk("%s\n",
memcmp(result, sha512_tv[i].digest,
crypto_tfm_alg_digestsize(tfm)) ? "fail" :
"pass");
}
crypto_free_tfm(tfm);
}
void void
test_des(void) test_des(void)
{ {
...@@ -2117,6 +2221,8 @@ do_test(void) ...@@ -2117,6 +2221,8 @@ do_test(void)
test_twofish(); test_twofish();
test_serpent(); test_serpent();
test_aes(); test_aes();
test_sha384();
test_sha512();
#ifdef CONFIG_CRYPTO_HMAC #ifdef CONFIG_CRYPTO_HMAC
test_hmac_md5(); test_hmac_md5();
test_hmac_sha1(); test_hmac_sha1();
...@@ -2163,7 +2269,15 @@ do_test(void) ...@@ -2163,7 +2269,15 @@ do_test(void)
case 10: case 10:
test_aes(); test_aes();
break; break;
case 11:
test_sha384();
break;
case 12:
test_sha512();
break;
#ifdef CONFIG_CRYPTO_HMAC #ifdef CONFIG_CRYPTO_HMAC
case 100: case 100:
test_hmac_md5(); test_hmac_md5();
......
...@@ -20,6 +20,8 @@ ...@@ -20,6 +20,8 @@
#define MD4_DIGEST_SIZE 16 #define MD4_DIGEST_SIZE 16
#define SHA1_DIGEST_SIZE 20 #define SHA1_DIGEST_SIZE 20
#define SHA256_DIGEST_SIZE 32 #define SHA256_DIGEST_SIZE 32
#define SHA384_DIGEST_SIZE 48
#define SHA512_DIGEST_SIZE 64
/* /*
* MD4 test vectors from RFC1320 * MD4 test vectors from RFC1320
...@@ -590,6 +592,113 @@ struct sha256_testvec { ...@@ -590,6 +592,113 @@ struct sha256_testvec {
}, },
}; };
/*
* SHA384 test vectors from from NIST and kerneli
*/
#define SHA384_TEST_VECTORS 4
struct sha384_testvec {
char plaintext[128];
char digest[SHA384_DIGEST_SIZE];
} sha384_tv_template[] = {
{ "abc",
{ 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b,
0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07,
0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63,
0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed,
0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23,
0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7 }
},
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
{ 0x33, 0x91, 0xfd, 0xdd, 0xfc, 0x8d, 0xc7, 0x39,
0x37, 0x07, 0xa6, 0x5b, 0x1b, 0x47, 0x09, 0x39,
0x7c, 0xf8, 0xb1, 0xd1, 0x62, 0xaf, 0x05, 0xab,
0xfe, 0x8f, 0x45, 0x0d, 0xe5, 0xf3, 0x6b, 0xc6,
0xb0, 0x45, 0x5a, 0x85, 0x20, 0xbc, 0x4e, 0x6f,
0x5f, 0xe9, 0x5b, 0x1f, 0xe3, 0xc8, 0x45, 0x2b }
},
{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
"hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
{ 0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8,
0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47,
0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2,
0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12,
0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9,
0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39 }
},
{ "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
"efghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz",
{ 0x3d, 0x20, 0x89, 0x73, 0xab, 0x35, 0x08, 0xdb,
0xbd, 0x7e, 0x2c, 0x28, 0x62, 0xba, 0x29, 0x0a,
0xd3, 0x01, 0x0e, 0x49, 0x78, 0xc1, 0x98, 0xdc,
0x4d, 0x8f, 0xd0, 0x14, 0xe5, 0x82, 0x82, 0x3a,
0x89, 0xe1, 0x6f, 0x9b, 0x2a, 0x7b, 0xbc, 0x1a,
0xc9, 0x38, 0xe2, 0xd1, 0x99, 0xe8, 0xbe, 0xa4 }
},
};
/*
* SHA512 test vectors from from NIST and kerneli
*/
#define SHA512_TEST_VECTORS 4
struct sha512_testvec {
char plaintext[128];
char digest[SHA512_DIGEST_SIZE];
} sha512_tv_template[] = {
{ "abc",
{ 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba,
0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2,
0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8,
0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e,
0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f }
},
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
{ 0x20, 0x4a, 0x8f, 0xc6, 0xdd, 0xa8, 0x2f, 0x0a,
0x0c, 0xed, 0x7b, 0xeb, 0x8e, 0x08, 0xa4, 0x16,
0x57, 0xc1, 0x6e, 0xf4, 0x68, 0xb2, 0x28, 0xa8,
0x27, 0x9b, 0xe3, 0x31, 0xa7, 0x03, 0xc3, 0x35,
0x96, 0xfd, 0x15, 0xc1, 0x3b, 0x1b, 0x07, 0xf9,
0xaa, 0x1d, 0x3b, 0xea, 0x57, 0x78, 0x9c, 0xa0,
0x31, 0xad, 0x85, 0xc7, 0xa7, 0x1d, 0xd7, 0x03,
0x54, 0xec, 0x63, 0x12, 0x38, 0xca, 0x34, 0x45 }
},
{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
"hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
{ 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda,
0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f,
0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1,
0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18,
0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4,
0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a,
0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54,
0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09 }
},
{ "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
"efghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz",
{ 0x93, 0x0d, 0x0c, 0xef, 0xcb, 0x30, 0xff, 0x11,
0x33, 0xb6, 0x89, 0x81, 0x21, 0xf1, 0xcf, 0x3d,
0x27, 0x57, 0x8a, 0xfc, 0xaf, 0xe8, 0x67, 0x7c,
0x52, 0x57, 0xcf, 0x06, 0x99, 0x11, 0xf7, 0x5d,
0x8f, 0x58, 0x31, 0xb5, 0x6e, 0xbf, 0xda, 0x67,
0xb2, 0x78, 0xe6, 0x6d, 0xff, 0x8b, 0x84, 0xfe,
0x2b, 0x28, 0x70, 0xf7, 0x42, 0xa5, 0x80, 0xd8,
0xed, 0xb4, 0x19, 0x87, 0x23, 0x28, 0x50, 0xc9
}
},
};
/* /*
* DES test vectors. * DES test vectors.
*/ */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment