diff options
author | Eric Biggers <ebiggers@google.com> | 2020-05-02 11:24:27 -0700 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2020-05-08 15:32:17 +1000 |
commit | 228c4f265c6eb60eaa4ed0edb3bf7c113173576c (patch) | |
tree | af8e07c49d95c2a4fe460d1ec59c3c215a314cd7 /include/crypto | |
parent | 2aaba014b55be46affcae78edff356c5e3389081 (diff) | |
download | linux-228c4f265c6eb60eaa4ed0edb3bf7c113173576c.tar.gz linux-228c4f265c6eb60eaa4ed0edb3bf7c113173576c.tar.bz2 linux-228c4f265c6eb60eaa4ed0edb3bf7c113173576c.zip |
crypto: lib/sha1 - fold linux/cryptohash.h into crypto/sha.h
<linux/cryptohash.h> sounds very generic and important, like it's the
header to include if you're doing cryptographic hashing in the kernel.
But actually it only includes the library implementation of the SHA-1
compression function (not even the full SHA-1). This should basically
never be used anymore; SHA-1 is no longer considered secure, and there
are much better ways to do cryptographic hashing in the kernel.
Remove this header and fold it into <crypto/sha.h> which already
contains constants and functions for SHA-1 (along with SHA-2).
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/crypto')
-rw-r--r-- | include/crypto/sha.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/include/crypto/sha.h b/include/crypto/sha.h index 67aec7245cb7..10753ff71d46 100644 --- a/include/crypto/sha.h +++ b/include/crypto/sha.h @@ -114,6 +114,16 @@ extern int crypto_sha512_finup(struct shash_desc *desc, const u8 *data, unsigned int len, u8 *hash); /* + * An implementation of SHA-1's compression function. Don't use in new code! + * You shouldn't be using SHA-1, and even if you *have* to use SHA-1, this isn't + * the correct way to hash something with SHA-1 (use crypto_shash instead). + */ +#define SHA1_DIGEST_WORDS (SHA1_DIGEST_SIZE / 4) +#define SHA1_WORKSPACE_WORDS 16 +void sha1_init(__u32 *buf); +void sha1_transform(__u32 *digest, const char *data, __u32 *W); + +/* * Stand-alone implementation of the SHA256 algorithm. It is designed to * have as little dependencies as possible so it can be used in the * kexec_file purgatory. In other cases you should generally use the |