summaryrefslogtreecommitdiff
path: root/include/crypto
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2019-11-29 22:35:22 +0300
committerHerbert Xu <herbert@gondor.apana.org.au>2019-12-11 11:36:57 +0300
commitc28817895464797a8299b24e35ead1085b3e40fb (patch)
treed7c9b219396c2150e8c0bdd1dc44ba4ed0e7aea9 /include/crypto
parent89873b4411348325c5e513ea8086f0193eda5163 (diff)
downloadlinux-c28817895464797a8299b24e35ead1085b3e40fb.tar.xz
crypto: shash - allow essiv and hmac to use OPTIONAL_KEY algorithms
The essiv and hmac templates refuse to use any hash algorithm that has a ->setkey() function, which includes not just algorithms that always need a key, but also algorithms that optionally take a key. Previously the only optionally-keyed hash algorithms in the crypto API were non-cryptographic algorithms like crc32, so this didn't really matter. But that's changed with BLAKE2 support being added. BLAKE2 should work with essiv and hmac, just like any other cryptographic hash. Fix this by allowing the use of both algorithms without a ->setkey() function and algorithms that have the OPTIONAL_KEY flag set. Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/crypto')
-rw-r--r--include/crypto/internal/hash.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h
index bfc9db7b100d..f68dab38f160 100644
--- a/include/crypto/internal/hash.h
+++ b/include/crypto/internal/hash.h
@@ -85,6 +85,12 @@ static inline bool crypto_shash_alg_has_setkey(struct shash_alg *alg)
return alg->setkey != shash_no_setkey;
}
+static inline bool crypto_shash_alg_needs_key(struct shash_alg *alg)
+{
+ return crypto_shash_alg_has_setkey(alg) &&
+ !(alg->base.cra_flags & CRYPTO_ALG_OPTIONAL_KEY);
+}
+
bool crypto_hash_alg_has_setkey(struct hash_alg_common *halg);
int crypto_init_ahash_spawn(struct crypto_ahash_spawn *spawn,