diff options
Diffstat (limited to 'arch/s390/crypto/sha_common.c')
| -rw-r--r-- | arch/s390/crypto/sha_common.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/arch/s390/crypto/sha_common.c b/arch/s390/crypto/sha_common.c index 80b6f2ba005..9d6eb8c3d37 100644 --- a/arch/s390/crypto/sha_common.c +++ b/arch/s390/crypto/sha_common.c | |||
| @@ -59,12 +59,15 @@ void s390_sha_final(struct crypto_tfm *tfm, u8 *out) | |||
| 59 | struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm); | 59 | struct s390_sha_ctx *ctx = crypto_tfm_ctx(tfm); |
| 60 | unsigned int bsize = crypto_tfm_alg_blocksize(tfm); | 60 | unsigned int bsize = crypto_tfm_alg_blocksize(tfm); |
| 61 | u64 bits; | 61 | u64 bits; |
| 62 | unsigned int index, end; | 62 | unsigned int index, end, plen; |
| 63 | int ret; | 63 | int ret; |
| 64 | 64 | ||
| 65 | /* SHA-512 uses 128 bit padding length */ | ||
| 66 | plen = (bsize > SHA256_BLOCK_SIZE) ? 16 : 8; | ||
| 67 | |||
| 65 | /* must perform manual padding */ | 68 | /* must perform manual padding */ |
| 66 | index = ctx->count & (bsize - 1); | 69 | index = ctx->count & (bsize - 1); |
| 67 | end = (index < bsize - 8) ? bsize : (2 * bsize); | 70 | end = (index < bsize - plen) ? bsize : (2 * bsize); |
| 68 | 71 | ||
| 69 | /* start pad with 1 */ | 72 | /* start pad with 1 */ |
| 70 | ctx->buf[index] = 0x80; | 73 | ctx->buf[index] = 0x80; |
| @@ -73,6 +76,10 @@ void s390_sha_final(struct crypto_tfm *tfm, u8 *out) | |||
| 73 | /* pad with zeros */ | 76 | /* pad with zeros */ |
| 74 | memset(ctx->buf + index, 0x00, end - index - 8); | 77 | memset(ctx->buf + index, 0x00, end - index - 8); |
| 75 | 78 | ||
| 79 | /* | ||
| 80 | * Append message length. Well, SHA-512 wants a 128 bit lenght value, | ||
| 81 | * nevertheless we use u64, should be enough for now... | ||
| 82 | */ | ||
| 76 | bits = ctx->count * 8; | 83 | bits = ctx->count * 8; |
| 77 | memcpy(ctx->buf + end - 8, &bits, sizeof(bits)); | 84 | memcpy(ctx->buf + end - 8, &bits, sizeof(bits)); |
| 78 | 85 | ||