aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--drivers/md/dm-crypt.c30
-rw-r--r--drivers/net/ppp_mppe.c34
-rw-r--r--fs/nfsd/nfs4recover.c21
-rw-r--r--net/ieee80211/ieee80211_crypt_tkip.c25
-rw-r--r--net/sunrpc/auth_gss/gss_krb5_crypto.c38
-rw-r--r--security/seclvl.c18
6 files changed, 97 insertions, 69 deletions
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c
index 91d4081cb00e..73f8be837a45 100644
--- a/drivers/md/dm-crypt.c
+++ b/drivers/md/dm-crypt.c
@@ -122,7 +122,8 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
122 const char *opts) 122 const char *opts)
123{ 123{
124 struct crypto_cipher *essiv_tfm; 124 struct crypto_cipher *essiv_tfm;
125 struct crypto_tfm *hash_tfm; 125 struct crypto_hash *hash_tfm;
126 struct hash_desc desc;
126 struct scatterlist sg; 127 struct scatterlist sg;
127 unsigned int saltsize; 128 unsigned int saltsize;
128 u8 *salt; 129 u8 *salt;
@@ -134,29 +135,30 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti,
134 } 135 }
135 136
136 /* Hash the cipher key with the given hash algorithm */ 137 /* Hash the cipher key with the given hash algorithm */
137 hash_tfm = crypto_alloc_tfm(opts, CRYPTO_TFM_REQ_MAY_SLEEP); 138 hash_tfm = crypto_alloc_hash(opts, 0, CRYPTO_ALG_ASYNC);
138 if (hash_tfm == NULL) { 139 if (IS_ERR(hash_tfm)) {
139 ti->error = "Error initializing ESSIV hash"; 140 ti->error = "Error initializing ESSIV hash";
140 return -EINVAL; 141 return PTR_ERR(hash_tfm);
141 }
142
143 if (crypto_tfm_alg_type(hash_tfm) != CRYPTO_ALG_TYPE_DIGEST) {
144 ti->error = "Expected digest algorithm for ESSIV hash";
145 crypto_free_tfm(hash_tfm);
146 return -EINVAL;
147 } 142 }
148 143
149 saltsize = crypto_tfm_alg_digestsize(hash_tfm); 144 saltsize = crypto_hash_digestsize(hash_tfm);
150 salt = kmalloc(saltsize, GFP_KERNEL); 145 salt = kmalloc(saltsize, GFP_KERNEL);
151 if (salt == NULL) { 146 if (salt == NULL) {
152 ti->error = "Error kmallocing salt storage in ESSIV"; 147 ti->error = "Error kmallocing salt storage in ESSIV";
153 crypto_free_tfm(hash_tfm); 148 crypto_free_hash(hash_tfm);
154 return -ENOMEM; 149 return -ENOMEM;
155 } 150 }
156 151
157 sg_set_buf(&sg, cc->key, cc->key_size); 152 sg_set_buf(&sg, cc->key, cc->key_size);
158 crypto_digest_digest(hash_tfm, &sg, 1, salt); 153 desc.tfm = hash_tfm;
159 crypto_free_tfm(hash_tfm); 154 desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
155 err = crypto_hash_digest(&desc, &sg, cc->key_size, salt);
156 crypto_free_hash(hash_tfm);
157
158 if (err) {
159 ti->error = "Error calculating hash in ESSIV";
160 return err;
161 }
160 162
161 /* Setup the essiv_tfm with the given salt */ 163 /* Setup the essiv_tfm with the given salt */
162 essiv_tfm = crypto_alloc_cipher(cc->cipher, 0, CRYPTO_ALG_ASYNC); 164 essiv_tfm = crypto_alloc_cipher(cc->cipher, 0, CRYPTO_ALG_ASYNC);
diff --git a/drivers/net/ppp_mppe.c b/drivers/net/ppp_mppe.c
index 495d8667419a..e7a0eb4fca60 100644
--- a/drivers/net/ppp_mppe.c
+++ b/drivers/net/ppp_mppe.c
@@ -65,12 +65,13 @@ MODULE_LICENSE("Dual BSD/GPL");
65MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE)); 65MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE));
66MODULE_VERSION("1.0.2"); 66MODULE_VERSION("1.0.2");
67 67
68static void 68static unsigned int
69setup_sg(struct scatterlist *sg, const void *address, unsigned int length) 69setup_sg(struct scatterlist *sg, const void *address, unsigned int length)
70{ 70{
71 sg[0].page = virt_to_page(address); 71 sg[0].page = virt_to_page(address);
72 sg[0].offset = offset_in_page(address); 72 sg[0].offset = offset_in_page(address);
73 sg[0].length = length; 73 sg[0].length = length;
74 return length;
74} 75}
75 76
76#define SHA1_PAD_SIZE 40 77#define SHA1_PAD_SIZE 40
@@ -97,7 +98,7 @@ static inline void sha_pad_init(struct sha_pad *shapad)
97 */ 98 */
98struct ppp_mppe_state { 99struct ppp_mppe_state {
99 struct crypto_blkcipher *arc4; 100 struct crypto_blkcipher *arc4;
100 struct crypto_tfm *sha1; 101 struct crypto_hash *sha1;
101 unsigned char *sha1_digest; 102 unsigned char *sha1_digest;
102 unsigned char master_key[MPPE_MAX_KEY_LEN]; 103 unsigned char master_key[MPPE_MAX_KEY_LEN];
103 unsigned char session_key[MPPE_MAX_KEY_LEN]; 104 unsigned char session_key[MPPE_MAX_KEY_LEN];
@@ -137,14 +138,21 @@ struct ppp_mppe_state {
137 */ 138 */
138static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey) 139static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey)
139{ 140{
141 struct hash_desc desc;
140 struct scatterlist sg[4]; 142 struct scatterlist sg[4];
143 unsigned int nbytes;
141 144
142 setup_sg(&sg[0], state->master_key, state->keylen); 145 nbytes = setup_sg(&sg[0], state->master_key, state->keylen);
143 setup_sg(&sg[1], sha_pad->sha_pad1, sizeof(sha_pad->sha_pad1)); 146 nbytes += setup_sg(&sg[1], sha_pad->sha_pad1,
144 setup_sg(&sg[2], state->session_key, state->keylen); 147 sizeof(sha_pad->sha_pad1));
145 setup_sg(&sg[3], sha_pad->sha_pad2, sizeof(sha_pad->sha_pad2)); 148 nbytes += setup_sg(&sg[2], state->session_key, state->keylen);
149 nbytes += setup_sg(&sg[3], sha_pad->sha_pad2,
150 sizeof(sha_pad->sha_pad2));
146 151
147 crypto_digest_digest (state->sha1, sg, 4, state->sha1_digest); 152 desc.tfm = state->sha1;
153 desc.flags = 0;
154
155 crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest);
148 156
149 memcpy(InterimKey, state->sha1_digest, state->keylen); 157 memcpy(InterimKey, state->sha1_digest, state->keylen);
150} 158}
@@ -204,11 +212,13 @@ static void *mppe_alloc(unsigned char *options, int optlen)
204 goto out_free; 212 goto out_free;
205 } 213 }
206 214
207 state->sha1 = crypto_alloc_tfm("sha1", 0); 215 state->sha1 = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC);
208 if (!state->sha1) 216 if (IS_ERR(state->sha1)) {
217 state->sha1 = NULL;
209 goto out_free; 218 goto out_free;
219 }
210 220
211 digestsize = crypto_tfm_alg_digestsize(state->sha1); 221 digestsize = crypto_hash_digestsize(state->sha1);
212 if (digestsize < MPPE_MAX_KEY_LEN) 222 if (digestsize < MPPE_MAX_KEY_LEN)
213 goto out_free; 223 goto out_free;
214 224
@@ -233,7 +243,7 @@ static void *mppe_alloc(unsigned char *options, int optlen)
233 if (state->sha1_digest) 243 if (state->sha1_digest)
234 kfree(state->sha1_digest); 244 kfree(state->sha1_digest);
235 if (state->sha1) 245 if (state->sha1)
236 crypto_free_tfm(state->sha1); 246 crypto_free_hash(state->sha1);
237 if (state->arc4) 247 if (state->arc4)
238 crypto_free_blkcipher(state->arc4); 248 crypto_free_blkcipher(state->arc4);
239 kfree(state); 249 kfree(state);
@@ -251,7 +261,7 @@ static void mppe_free(void *arg)
251 if (state->sha1_digest) 261 if (state->sha1_digest)
252 kfree(state->sha1_digest); 262 kfree(state->sha1_digest);
253 if (state->sha1) 263 if (state->sha1)
254 crypto_free_tfm(state->sha1); 264 crypto_free_hash(state->sha1);
255 if (state->arc4) 265 if (state->arc4)
256 crypto_free_blkcipher(state->arc4); 266 crypto_free_blkcipher(state->arc4);
257 kfree(state); 267 kfree(state);
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index 06da7506363c..e35d7e52fdeb 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -33,7 +33,7 @@
33* 33*
34*/ 34*/
35 35
36 36#include <linux/err.h>
37#include <linux/sunrpc/svc.h> 37#include <linux/sunrpc/svc.h>
38#include <linux/nfsd/nfsd.h> 38#include <linux/nfsd/nfsd.h>
39#include <linux/nfs4.h> 39#include <linux/nfs4.h>
@@ -87,34 +87,35 @@ int
87nfs4_make_rec_clidname(char *dname, struct xdr_netobj *clname) 87nfs4_make_rec_clidname(char *dname, struct xdr_netobj *clname)
88{ 88{
89 struct xdr_netobj cksum; 89 struct xdr_netobj cksum;
90 struct crypto_tfm *tfm; 90 struct hash_desc desc;
91 struct scatterlist sg[1]; 91 struct scatterlist sg[1];
92 int status = nfserr_resource; 92 int status = nfserr_resource;
93 93
94 dprintk("NFSD: nfs4_make_rec_clidname for %.*s\n", 94 dprintk("NFSD: nfs4_make_rec_clidname for %.*s\n",
95 clname->len, clname->data); 95 clname->len, clname->data);
96 tfm = crypto_alloc_tfm("md5", CRYPTO_TFM_REQ_MAY_SLEEP); 96 desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
97 if (tfm == NULL) 97 desc.tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
98 goto out; 98 if (IS_ERR(desc.tfm))
99 cksum.len = crypto_tfm_alg_digestsize(tfm); 99 goto out_no_tfm;
100 cksum.len = crypto_hash_digestsize(desc.tfm);
100 cksum.data = kmalloc(cksum.len, GFP_KERNEL); 101 cksum.data = kmalloc(cksum.len, GFP_KERNEL);
101 if (cksum.data == NULL) 102 if (cksum.data == NULL)
102 goto out; 103 goto out;
103 crypto_digest_init(tfm);
104 104
105 sg[0].page = virt_to_page(clname->data); 105 sg[0].page = virt_to_page(clname->data);
106 sg[0].offset = offset_in_page(clname->data); 106 sg[0].offset = offset_in_page(clname->data);
107 sg[0].length = clname->len; 107 sg[0].length = clname->len;
108 108
109 crypto_digest_update(tfm, sg, 1); 109 if (crypto_hash_digest(&desc, sg, sg->length, cksum.data))
110 crypto_digest_final(tfm, cksum.data); 110 goto out;
111 111
112 md5_to_hex(dname, cksum.data); 112 md5_to_hex(dname, cksum.data);
113 113
114 kfree(cksum.data); 114 kfree(cksum.data);
115 status = nfs_ok; 115 status = nfs_ok;
116out: 116out:
117 crypto_free_tfm(tfm); 117 crypto_free_hash(desc.tfm);
118out_no_tfm:
118 return status; 119 return status;
119} 120}
120 121
diff --git a/net/ieee80211/ieee80211_crypt_tkip.c b/net/ieee80211/ieee80211_crypt_tkip.c
index d60ce9b49b4f..407a17495b61 100644
--- a/net/ieee80211/ieee80211_crypt_tkip.c
+++ b/net/ieee80211/ieee80211_crypt_tkip.c
@@ -54,7 +54,7 @@ struct ieee80211_tkip_data {
54 int key_idx; 54 int key_idx;
55 55
56 struct crypto_blkcipher *tfm_arc4; 56 struct crypto_blkcipher *tfm_arc4;
57 struct crypto_tfm *tfm_michael; 57 struct crypto_hash *tfm_michael;
58 58
59 /* scratch buffers for virt_to_page() (crypto API) */ 59 /* scratch buffers for virt_to_page() (crypto API) */
60 u8 rx_hdr[16], tx_hdr[16]; 60 u8 rx_hdr[16], tx_hdr[16];
@@ -95,10 +95,12 @@ static void *ieee80211_tkip_init(int key_idx)
95 goto fail; 95 goto fail;
96 } 96 }
97 97
98 priv->tfm_michael = crypto_alloc_tfm("michael_mic", 0); 98 priv->tfm_michael = crypto_alloc_hash("michael_mic", 0,
99 if (priv->tfm_michael == NULL) { 99 CRYPTO_ALG_ASYNC);
100 if (IS_ERR(priv->tfm_michael)) {
100 printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " 101 printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate "
101 "crypto API michael_mic\n"); 102 "crypto API michael_mic\n");
103 priv->tfm_michael = NULL;
102 goto fail; 104 goto fail;
103 } 105 }
104 106
@@ -107,7 +109,7 @@ static void *ieee80211_tkip_init(int key_idx)
107 fail: 109 fail:
108 if (priv) { 110 if (priv) {
109 if (priv->tfm_michael) 111 if (priv->tfm_michael)
110 crypto_free_tfm(priv->tfm_michael); 112 crypto_free_hash(priv->tfm_michael);
111 if (priv->tfm_arc4) 113 if (priv->tfm_arc4)
112 crypto_free_blkcipher(priv->tfm_arc4); 114 crypto_free_blkcipher(priv->tfm_arc4);
113 kfree(priv); 115 kfree(priv);
@@ -120,7 +122,7 @@ static void ieee80211_tkip_deinit(void *priv)
120{ 122{
121 struct ieee80211_tkip_data *_priv = priv; 123 struct ieee80211_tkip_data *_priv = priv;
122 if (_priv && _priv->tfm_michael) 124 if (_priv && _priv->tfm_michael)
123 crypto_free_tfm(_priv->tfm_michael); 125 crypto_free_hash(_priv->tfm_michael);
124 if (_priv && _priv->tfm_arc4) 126 if (_priv && _priv->tfm_arc4)
125 crypto_free_blkcipher(_priv->tfm_arc4); 127 crypto_free_blkcipher(_priv->tfm_arc4);
126 kfree(priv); 128 kfree(priv);
@@ -485,6 +487,7 @@ static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv)
485static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr, 487static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr,
486 u8 * data, size_t data_len, u8 * mic) 488 u8 * data, size_t data_len, u8 * mic)
487{ 489{
490 struct hash_desc desc;
488 struct scatterlist sg[2]; 491 struct scatterlist sg[2];
489 492
490 if (tkey->tfm_michael == NULL) { 493 if (tkey->tfm_michael == NULL) {
@@ -499,12 +502,12 @@ static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr,
499 sg[1].offset = offset_in_page(data); 502 sg[1].offset = offset_in_page(data);
500 sg[1].length = data_len; 503 sg[1].length = data_len;
501 504
502 crypto_digest_init(tkey->tfm_michael); 505 if (crypto_hash_setkey(tkey->tfm_michael, key, 8))
503 crypto_digest_setkey(tkey->tfm_michael, key, 8); 506 return -1;
504 crypto_digest_update(tkey->tfm_michael, sg, 2);
505 crypto_digest_final(tkey->tfm_michael, mic);
506 507
507 return 0; 508 desc.tfm = tkey->tfm_michael;
509 desc.flags = 0;
510 return crypto_hash_digest(&desc, sg, data_len + 16, mic);
508} 511}
509 512
510static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr) 513static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr)
@@ -628,7 +631,7 @@ static int ieee80211_tkip_set_key(void *key, int len, u8 * seq, void *priv)
628{ 631{
629 struct ieee80211_tkip_data *tkey = priv; 632 struct ieee80211_tkip_data *tkey = priv;
630 int keyidx; 633 int keyidx;
631 struct crypto_tfm *tfm = tkey->tfm_michael; 634 struct crypto_hash *tfm = tkey->tfm_michael;
632 struct crypto_blkcipher *tfm2 = tkey->tfm_arc4; 635 struct crypto_blkcipher *tfm2 = tkey->tfm_arc4;
633 636
634 keyidx = tkey->key_idx; 637 keyidx = tkey->key_idx;
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c
index 57192dfe3065..e11a40b25cce 100644
--- a/net/sunrpc/auth_gss/gss_krb5_crypto.c
+++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c
@@ -34,6 +34,7 @@
34 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 34 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
35 */ 35 */
36 36
37#include <linux/err.h>
37#include <linux/types.h> 38#include <linux/types.h>
38#include <linux/mm.h> 39#include <linux/mm.h>
39#include <linux/slab.h> 40#include <linux/slab.h>
@@ -199,11 +200,9 @@ out:
199static int 200static int
200checksummer(struct scatterlist *sg, void *data) 201checksummer(struct scatterlist *sg, void *data)
201{ 202{
202 struct crypto_tfm *tfm = (struct crypto_tfm *)data; 203 struct hash_desc *desc = data;
203 204
204 crypto_digest_update(tfm, sg, 1); 205 return crypto_hash_update(desc, sg, sg->length);
205
206 return 0;
207} 206}
208 207
209/* checksum the plaintext data and hdrlen bytes of the token header */ 208/* checksum the plaintext data and hdrlen bytes of the token header */
@@ -212,8 +211,9 @@ make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,
212 int body_offset, struct xdr_netobj *cksum) 211 int body_offset, struct xdr_netobj *cksum)
213{ 212{
214 char *cksumname; 213 char *cksumname;
215 struct crypto_tfm *tfm = NULL; /* XXX add to ctx? */ 214 struct hash_desc desc; /* XXX add to ctx? */
216 struct scatterlist sg[1]; 215 struct scatterlist sg[1];
216 int err;
217 217
218 switch (cksumtype) { 218 switch (cksumtype) {
219 case CKSUMTYPE_RSA_MD5: 219 case CKSUMTYPE_RSA_MD5:
@@ -224,18 +224,28 @@ make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body,
224 " unsupported checksum %d", cksumtype); 224 " unsupported checksum %d", cksumtype);
225 return GSS_S_FAILURE; 225 return GSS_S_FAILURE;
226 } 226 }
227 if (!(tfm = crypto_alloc_tfm(cksumname, CRYPTO_TFM_REQ_MAY_SLEEP))) 227 desc.tfm = crypto_alloc_hash(cksumname, 0, CRYPTO_ALG_ASYNC);
228 if (IS_ERR(desc.tfm))
228 return GSS_S_FAILURE; 229 return GSS_S_FAILURE;
229 cksum->len = crypto_tfm_alg_digestsize(tfm); 230 cksum->len = crypto_hash_digestsize(desc.tfm);
231 desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
230 232
231 crypto_digest_init(tfm); 233 err = crypto_hash_init(&desc);
234 if (err)
235 goto out;
232 sg_set_buf(sg, header, hdrlen); 236 sg_set_buf(sg, header, hdrlen);
233 crypto_digest_update(tfm, sg, 1); 237 err = crypto_hash_update(&desc, sg, hdrlen);
234 process_xdr_buf(body, body_offset, body->len - body_offset, 238 if (err)
235 checksummer, tfm); 239 goto out;
236 crypto_digest_final(tfm, cksum->data); 240 err = process_xdr_buf(body, body_offset, body->len - body_offset,
237 crypto_free_tfm(tfm); 241 checksummer, &desc);
238 return 0; 242 if (err)
243 goto out;
244 err = crypto_hash_final(&desc, cksum->data);
245
246out:
247 crypto_free_hash(desc.tfm);
248 return err ? GSS_S_FAILURE : 0;
239} 249}
240 250
241EXPORT_SYMBOL(make_checksum); 251EXPORT_SYMBOL(make_checksum);
diff --git a/security/seclvl.c b/security/seclvl.c
index c26dd7de0471..8f6291991fbc 100644
--- a/security/seclvl.c
+++ b/security/seclvl.c
@@ -16,6 +16,7 @@
16 * (at your option) any later version. 16 * (at your option) any later version.
17 */ 17 */
18 18
19#include <linux/err.h>
19#include <linux/module.h> 20#include <linux/module.h>
20#include <linux/moduleparam.h> 21#include <linux/moduleparam.h>
21#include <linux/kernel.h> 22#include <linux/kernel.h>
@@ -197,26 +198,27 @@ static unsigned char hashedPassword[SHA1_DIGEST_SIZE];
197static int 198static int
198plaintext_to_sha1(unsigned char *hash, const char *plaintext, unsigned int len) 199plaintext_to_sha1(unsigned char *hash, const char *plaintext, unsigned int len)
199{ 200{
200 struct crypto_tfm *tfm; 201 struct hash_desc desc;
201 struct scatterlist sg; 202 struct scatterlist sg;
203 int err;
204
202 if (len > PAGE_SIZE) { 205 if (len > PAGE_SIZE) {
203 seclvl_printk(0, KERN_ERR, "Plaintext password too large (%d " 206 seclvl_printk(0, KERN_ERR, "Plaintext password too large (%d "
204 "characters). Largest possible is %lu " 207 "characters). Largest possible is %lu "
205 "bytes.\n", len, PAGE_SIZE); 208 "bytes.\n", len, PAGE_SIZE);
206 return -EINVAL; 209 return -EINVAL;
207 } 210 }
208 tfm = crypto_alloc_tfm("sha1", CRYPTO_TFM_REQ_MAY_SLEEP); 211 desc.tfm = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC);
209 if (tfm == NULL) { 212 if (IS_ERR(desc.tfm)) {
210 seclvl_printk(0, KERN_ERR, 213 seclvl_printk(0, KERN_ERR,
211 "Failed to load transform for SHA1\n"); 214 "Failed to load transform for SHA1\n");
212 return -EINVAL; 215 return -EINVAL;
213 } 216 }
214 sg_init_one(&sg, (u8 *)plaintext, len); 217 sg_init_one(&sg, (u8 *)plaintext, len);
215 crypto_digest_init(tfm); 218 desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP;
216 crypto_digest_update(tfm, &sg, 1); 219 err = crypto_hash_digest(&desc, &sg, len, hash);
217 crypto_digest_final(tfm, hash); 220 crypto_free_hash(desc.tfm);
218 crypto_free_tfm(tfm); 221 return err;
219 return 0;
220} 222}
221 223
222/** 224/**