From: Eric Biggers Date: Sat, 2 May 2020 18:24:27 +0000 (-0700) Subject: crypto: lib/sha1 - fold linux/cryptohash.h into crypto/sha.h X-Git-Tag: v5.10.7~2354^2~41 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=228c4f265c6eb60eaa4ed0edb3bf7c113173576c;p=platform%2Fkernel%2Flinux-rpi.git crypto: lib/sha1 - fold linux/cryptohash.h into crypto/sha.h sounds very generic and important, like it's the header to include if you're doing cryptographic hashing in the kernel. But actually it only includes the library implementation of the SHA-1 compression function (not even the full SHA-1). This should basically never be used anymore; SHA-1 is no longer considered secure, and there are much better ways to do cryptographic hashing in the kernel. Remove this header and fold it into which already contains constants and functions for SHA-1 (along with SHA-2). Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- diff --git a/crypto/sha1_generic.c b/crypto/sha1_generic.c index a16d978..1d43472 100644 --- a/crypto/sha1_generic.c +++ b/crypto/sha1_generic.c @@ -15,7 +15,6 @@ #include #include #include -#include #include #include #include diff --git a/drivers/char/random.c b/drivers/char/random.c index a19a898..cae02b2 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -327,7 +327,6 @@ #include #include #include -#include #include #include #include @@ -337,6 +336,7 @@ #include #include #include +#include #include #include diff --git a/include/crypto/sha.h b/include/crypto/sha.h index 67aec72..10753ff 100644 --- a/include/crypto/sha.h +++ b/include/crypto/sha.h @@ -114,6 +114,16 @@ extern int crypto_sha512_finup(struct shash_desc *desc, const u8 *data, unsigned int len, u8 *hash); /* + * An implementation of SHA-1's compression function. Don't use in new code! + * You shouldn't be using SHA-1, and even if you *have* to use SHA-1, this isn't + * the correct way to hash something with SHA-1 (use crypto_shash instead). + */ +#define SHA1_DIGEST_WORDS (SHA1_DIGEST_SIZE / 4) +#define SHA1_WORKSPACE_WORDS 16 +void sha1_init(__u32 *buf); +void sha1_transform(__u32 *digest, const char *data, __u32 *W); + +/* * Stand-alone implementation of the SHA256 algorithm. It is designed to * have as little dependencies as possible so it can be used in the * kexec_file purgatory. In other cases you should generally use the diff --git a/include/linux/cryptohash.h b/include/linux/cryptohash.h deleted file mode 100644 index c324ffc..0000000 --- a/include/linux/cryptohash.h +++ /dev/null @@ -1,18 +0,0 @@ -/* SPDX-License-Identifier: GPL-2.0 */ -#ifndef __CRYPTOHASH_H -#define __CRYPTOHASH_H - -#include - -/* - * An implementation of SHA-1's compression function. Don't use in new code! - * You shouldn't be using SHA-1, and even if you *have* to use SHA-1, this isn't - * the correct way to hash something with SHA-1 (use crypto_shash instead). - */ -#define SHA1_DIGEST_WORDS 5 -#define SHA1_BLOCK_SIZE 64 -#define SHA1_WORKSPACE_WORDS 16 -void sha1_init(__u32 *buf); -void sha1_transform(__u32 *digest, const char *data, __u32 *W); - -#endif diff --git a/include/linux/filter.h b/include/linux/filter.h index f42662a..ec45fd7 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h @@ -16,11 +16,11 @@ #include #include #include -#include #include #include #include #include +#include #include diff --git a/lib/sha1.c b/lib/sha1.c index b381e8c..49257a9 100644 --- a/lib/sha1.c +++ b/lib/sha1.c @@ -9,7 +9,7 @@ #include #include #include -#include +#include #include /*