From 775d9de30a9dee86bc33b1a1cda234cf5e63fd78 Mon Sep 17 00:00:00 2001
From: makejian <makejian@xiaomi.com>
Date: Fri, 14 Jul 2023 20:49:47 +0800
Subject: [PATCH] crypto: export MD5/SHA1/SHA256/SHA512 via /dev/crypto

refer to commit https://github.com/openbsd/src/commit/649dc2d9858d48bf78fc404b6fab58ba4e01d29c
(1) import hash method
(2) separate the update and finish processes

Signed-off-by: makejian <makejian@xiaomi.com>
---
 crypto/cryptodev.c         | 12 +++++++
 crypto/cryptosoft.c        | 65 ++++++++++++++++++++++++++++++++++++++
 crypto/xform.c             | 36 +++++++++++++++++++++
 include/crypto/cryptodev.h |  8 +++--
 include/crypto/xform.h     |  4 +++
 5 files changed, 123 insertions(+), 2 deletions(-)

diff --git a/crypto/cryptodev.c b/crypto/cryptodev.c
index d993b4681f..d00dac39c3 100644
--- a/crypto/cryptodev.c
+++ b/crypto/cryptodev.c
@@ -270,6 +270,18 @@ static int cryptof_ioctl(FAR struct file *filep,
             case CRYPTO_AES_128_GMAC:
               thash = &auth_hash_gmac_aes_128;
               break;
+            case CRYPTO_MD5:
+              thash = &auth_hash_md5;
+              break;
+            case CRYPTO_SHA1:
+              thash = &auth_hash_sha1;
+              break;
+            case CRYPTO_SHA2_256:
+              thash = &auth_hash_sha2_256;
+              break;
+            case CRYPTO_SHA2_512:
+              thash = &auth_hash_sha2_512;
+              break;
             default:
               return -EINVAL;
           }
diff --git a/crypto/cryptosoft.c b/crypto/cryptosoft.c
index 5a88569c59..4f6953523a 100644
--- a/crypto/cryptosoft.c
+++ b/crypto/cryptosoft.c
@@ -252,6 +252,26 @@ int swcr_authcompute(FAR struct cryptop *crp,
   return 0;
 }
 
+int swcr_hash(FAR struct cryptop *crp,
+              FAR struct cryptodesc *crd,
+              FAR struct swcr_data *sw,
+              caddr_t buf)
+{
+  FAR const struct auth_hash *axf = sw->sw_axf;
+
+  if (crd->crd_flags & CRD_F_UPDATE)
+    {
+      return axf->update(&sw->sw_ctx, (FAR uint8_t *)buf + crd->crd_skip,
+                         crd->crd_len);
+    }
+  else
+    {
+      axf->final((FAR uint8_t *)crp->crp_mac, &sw->sw_ctx);
+    }
+
+  return 0;
+}
+
 /* Apply a combined encryption-authentication transformation */
 
 int swcr_authenc(FAR struct cryptop *crp)
@@ -735,6 +755,31 @@ int swcr_newsession(FAR uint32_t *sid, FAR struct cryptoini *cri)
             bcopy((*swd)->sw_ictx, &(*swd)->sw_ctx, axf->ctxsize);
             break;
 
+          case CRYPTO_MD5:
+            axf = &auth_hash_md5;
+            goto auth3common;
+          case CRYPTO_SHA1:
+            axf = &auth_hash_sha1;
+            goto auth3common;
+          case CRYPTO_SHA2_256:
+            axf = &auth_hash_sha2_256;
+            goto auth3common;
+          case CRYPTO_SHA2_512:
+            axf = &auth_hash_sha2_512;
+
+          auth3common:
+            (*swd)->sw_ictx = kmm_zalloc(axf->ctxsize);
+            if ((*swd)->sw_ictx == NULL)
+              {
+                swcr_freesession(i);
+                return -ENOBUFS;
+              }
+
+            axf->init((*swd)->sw_ictx);
+            (*swd)->sw_axf = axf;
+            bcopy((*swd)->sw_ictx, &(*swd)->sw_ctx, axf->ctxsize);
+            break;
+
           case CRYPTO_AES_128_GMAC:
             axf = &auth_hash_gmac_aes_128;
             goto auth4common;
@@ -856,6 +901,10 @@ int swcr_freesession(uint64_t tid)
           case CRYPTO_AES_192_GMAC:
           case CRYPTO_AES_256_GMAC:
           case CRYPTO_CHACHA20_POLY1305_MAC:
+          case CRYPTO_MD5:
+          case CRYPTO_SHA1:
+          case CRYPTO_SHA2_256:
+          case CRYPTO_SHA2_512:
             axf = swd->sw_axf;
 
             if (swd->sw_ictx)
@@ -960,6 +1009,18 @@ int swcr_process(struct cryptop *crp)
 
             break;
 
+          case CRYPTO_MD5:
+          case CRYPTO_SHA1:
+          case CRYPTO_SHA2_256:
+          case CRYPTO_SHA2_512:
+            if ((crp->crp_etype = swcr_hash(crp, crd, sw,
+                crp->crp_buf)) != 0)
+              {
+                goto done;
+              }
+
+            break;
+
           case CRYPTO_AES_GCM_16:
           case CRYPTO_AES_GMAC:
           case CRYPTO_AES_128_GMAC:
@@ -1020,6 +1081,10 @@ void swcr_init(void)
   algs[CRYPTO_AES_256_GMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
   algs[CRYPTO_CHACHA20_POLY1305] = CRYPTO_ALG_FLAG_SUPPORTED;
   algs[CRYPTO_CHACHA20_POLY1305_MAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+  algs[CRYPTO_MD5] = CRYPTO_ALG_FLAG_SUPPORTED;
+  algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
+  algs[CRYPTO_SHA2_256] = CRYPTO_ALG_FLAG_SUPPORTED;
+  algs[CRYPTO_SHA2_512] = CRYPTO_ALG_FLAG_SUPPORTED;
   algs[CRYPTO_ESN] = CRYPTO_ALG_FLAG_SUPPORTED;
 
   crypto_register(swcr_id, algs, swcr_newsession,
diff --git a/crypto/xform.c b/crypto/xform.c
index 830d6156e0..30d158fe03 100644
--- a/crypto/xform.c
+++ b/crypto/xform.c
@@ -333,6 +333,42 @@ const struct auth_hash auth_hash_chacha20_poly1305 =
   chacha20_poly1305_final
 };
 
+const struct auth_hash auth_hash_md5 =
+{
+  CRYPTO_MD5, "MD5",
+  0, 16, 16, sizeof(MD5_CTX), HMAC_MD5_BLOCK_LEN,
+  (void (*) (FAR void *)) md5init, NULL, NULL,
+  md5update_int,
+  (void (*) (FAR uint8_t *, FAR void *)) md5final
+};
+
+const struct auth_hash auth_hash_sha1 =
+{
+  CRYPTO_SHA1, "SHA1",
+  0, 20, 20, sizeof(SHA1_CTX), HMAC_SHA1_BLOCK_LEN,
+  (void (*) (FAR void *)) sha1init, NULL, NULL,
+  sha1update_int,
+  (void (*) (FAR uint8_t *, FAR void *)) sha1final
+};
+
+const struct auth_hash auth_hash_sha2_256 =
+{
+  CRYPTO_SHA2_256, "SHA2-256",
+  0, 32, 16, sizeof(SHA2_CTX), HMAC_SHA2_256_BLOCK_LEN,
+  (void (*)(FAR void *)) sha256init, NULL, NULL,
+  sha256update_int,
+  (void (*)(FAR uint8_t *, FAR void *)) sha256final
+};
+
+const struct auth_hash auth_hash_sha2_512 =
+{
+  CRYPTO_SHA2_512, "SHA2-512",
+  0, 64, 32, sizeof(SHA2_CTX), HMAC_SHA2_512_BLOCK_LEN,
+  (void (*)(FAR void *)) sha512init, NULL, NULL,
+  sha512update_int,
+  (void (*)(FAR uint8_t *, FAR void *)) sha512final
+};
+
 /* Encryption wrapper routines. */
 
 void des3_encrypt(caddr_t key, FAR uint8_t *blk)
diff --git a/include/crypto/cryptodev.h b/include/crypto/cryptodev.h
index aef7ba2d4b..a0894b10b1 100644
--- a/include/crypto/cryptodev.h
+++ b/include/crypto/cryptodev.h
@@ -113,8 +113,12 @@
 #define CRYPTO_AES_GMAC         20
 #define CRYPTO_CHACHA20_POLY1305 21
 #define CRYPTO_CHACHA20_POLY1305_MAC 22
-#define CRYPTO_ESN              23 /* Support for Extended Sequence Numbers */
-#define CRYPTO_ALGORITHM_MAX    23 /* Keep updated */
+#define CRYPTO_MD5              23
+#define CRYPTO_SHA1             24
+#define CRYPTO_SHA2_256         25
+#define CRYPTO_SHA2_512         26
+#define CRYPTO_ESN              27 /* Support for Extended Sequence Numbers */
+#define CRYPTO_ALGORITHM_MAX    27 /* Keep updated */
 
 /* Algorithm flags */
 
diff --git a/include/crypto/xform.h b/include/crypto/xform.h
index 1b9d248fad..a380680807 100644
--- a/include/crypto/xform.h
+++ b/include/crypto/xform.h
@@ -116,5 +116,9 @@ extern const struct auth_hash auth_hash_gmac_aes_128;
 extern const struct auth_hash auth_hash_gmac_aes_192;
 extern const struct auth_hash auth_hash_gmac_aes_256;
 extern const struct auth_hash auth_hash_chacha20_poly1305;
+extern const struct auth_hash auth_hash_md5;
+extern const struct auth_hash auth_hash_sha1;
+extern const struct auth_hash auth_hash_sha2_256;
+extern const struct auth_hash auth_hash_sha2_512;
 
 #endif /* __INCLUDE_CRYPTO_XFORM_H */