Add shake256 support to the SHA-3 crypto_sig module so that ML-DSA can use it.
Signed-off-by: David Howells <[email protected]> cc: Stephan Mueller <[email protected]> cc: Eric Biggers <[email protected]> cc: Jason A. Donenfeld <[email protected]> cc: Ard Biesheuvel <[email protected]> cc: Herbert Xu <[email protected]> cc: [email protected] --- crypto/sha3.c | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/crypto/sha3.c b/crypto/sha3.c index 8f364979ec89..be1d18baee8d 100644 --- a/crypto/sha3.c +++ b/crypto/sha3.c @@ -9,6 +9,7 @@ #include <linux/module.h> #define SHA3_CTX(desc) ((struct sha3_ctx *)shash_desc_ctx(desc)) +#define SHAKE_CTX(desc) ((struct shake_ctx *)shash_desc_ctx(desc)) static int crypto_sha3_224_init(struct shash_desc *desc) { @@ -87,6 +88,36 @@ static int crypto_sha3_import_core(struct shash_desc *desc, const void *in) return 0; } +static int crypto_shake256_init(struct shash_desc *desc) +{ + shake256_init(SHAKE_CTX(desc)); + return 0; +} + +static int crypto_shake_update(struct shash_desc *desc, const u8 *data, + unsigned int len) +{ + shake_update(SHAKE_CTX(desc), data, len); + return 0; +} + +static int crypto_shake_final(struct shash_desc *desc, u8 *out) +{ + const struct shash_alg *alg = crypto_shash_alg(desc->tfm); + + shake_squeeze(SHAKE_CTX(desc), out, alg->digestsize); + return 0; +} + +static int crypto_shake256_digest(struct shash_desc *desc, + const u8 *data, unsigned int len, u8 *out) +{ + const struct shash_alg *alg = crypto_shash_alg(desc->tfm); + + shake256(data, len, out, alg->digestsize); + return 0; +} + static struct shash_alg algs[] = { { .digestsize = SHA3_224_DIGEST_SIZE, .init = crypto_sha3_224_init, @@ -139,6 +170,17 @@ static struct shash_alg algs[] = { { .base.cra_driver_name = "sha3-512-lib", .base.cra_blocksize = SHA3_512_BLOCK_SIZE, .base.cra_module = THIS_MODULE, +}, { + .digestsize = SHAKE256_DEFAULT_SIZE, + .init = crypto_shake256_init, + .update = crypto_shake_update, + .final = crypto_shake_final, + .digest = crypto_shake256_digest, + .descsize = sizeof(struct shake_ctx), + .base.cra_name = "shake256", + .base.cra_driver_name = "shake256-lib", + .base.cra_blocksize = SHAKE256_BLOCK_SIZE, + .base.cra_module = THIS_MODULE, } }; static int __init crypto_sha3_mod_init(void)
