[PATCH v9 1/9] crypto: Add support for shake256 through crypto_shash

All of lore.kernel.org
 help / color / mirror / Atom feed

From: David Howells <dhowells@redhat.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: David Howells <dhowells@redhat.com>,
	Eric Biggers <ebiggers@kernel.org>,
	Luis Chamberlain <mcgrof@kernel.org>,
	Petr Pavlu <petr.pavlu@suse.com>,
	Daniel Gomez <da.gomez@kernel.org>,
	Sami Tolvanen <samitolvanen@google.com>,
	"Jason A . Donenfeld" <Jason@zx2c4.com>,
	Ard Biesheuvel <ardb@kernel.org>,
	Stephan Mueller <smueller@chronox.de>,
	Lukas Wunner <lukas@wunner.de>,
	Ignat Korchagin <ignat@cloudflare.com>,
	linux-crypto@vger.kernel.org, keyrings@vger.kernel.org,
	linux-modules@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH v9 1/9] crypto: Add support for shake256 through crypto_shash
Date: Mon, 17 Nov 2025 14:55:50 +0000	[thread overview]
Message-ID: <20251117145606.2155773-2-dhowells@redhat.com> (raw)
In-Reply-To: <20251117145606.2155773-1-dhowells@redhat.com>

Add shake256 support to the SHA-3 crypto_sig module so that ML-DSA can use
it.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Stephan Mueller <smueller@chronox.de>
cc: Eric Biggers <ebiggers@kernel.org>
cc: Jason A. Donenfeld <Jason@zx2c4.com>
cc: Ard Biesheuvel <ardb@kernel.org>
cc: Herbert Xu <herbert@gondor.apana.org.au>
cc: linux-crypto@vger.kernel.org
---
 crypto/sha3.c | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

diff --git a/crypto/sha3.c b/crypto/sha3.c
index 8f364979ec89..be1d18baee8d 100644
--- a/crypto/sha3.c
+++ b/crypto/sha3.c
@@ -9,6 +9,7 @@
 #include <linux/module.h>
 
 #define SHA3_CTX(desc) ((struct sha3_ctx *)shash_desc_ctx(desc))
+#define SHAKE_CTX(desc) ((struct shake_ctx *)shash_desc_ctx(desc))
 
 static int crypto_sha3_224_init(struct shash_desc *desc)
 {
@@ -87,6 +88,36 @@ static int crypto_sha3_import_core(struct shash_desc *desc, const void *in)
 	return 0;
 }
 
+static int crypto_shake256_init(struct shash_desc *desc)
+{
+	shake256_init(SHAKE_CTX(desc));
+	return 0;
+}
+
+static int crypto_shake_update(struct shash_desc *desc, const u8 *data,
+			      unsigned int len)
+{
+	shake_update(SHAKE_CTX(desc), data, len);
+	return 0;
+}
+
+static int crypto_shake_final(struct shash_desc *desc, u8 *out)
+{
+	const struct shash_alg *alg = crypto_shash_alg(desc->tfm);
+
+	shake_squeeze(SHAKE_CTX(desc), out, alg->digestsize);
+	return 0;
+}
+
+static int crypto_shake256_digest(struct shash_desc *desc,
+				  const u8 *data, unsigned int len, u8 *out)
+{
+	const struct shash_alg *alg = crypto_shash_alg(desc->tfm);
+
+	shake256(data, len, out, alg->digestsize);
+	return 0;
+}
+
 static struct shash_alg algs[] = { {
 	.digestsize		= SHA3_224_DIGEST_SIZE,
 	.init			= crypto_sha3_224_init,
@@ -139,6 +170,17 @@ static struct shash_alg algs[] = { {
 	.base.cra_driver_name	= "sha3-512-lib",
 	.base.cra_blocksize	= SHA3_512_BLOCK_SIZE,
 	.base.cra_module	= THIS_MODULE,
+}, {
+	.digestsize		= SHAKE256_DEFAULT_SIZE,
+	.init			= crypto_shake256_init,
+	.update			= crypto_shake_update,
+	.final			= crypto_shake_final,
+	.digest			= crypto_shake256_digest,
+	.descsize		= sizeof(struct shake_ctx),
+	.base.cra_name		= "shake256",
+	.base.cra_driver_name	= "shake256-lib",
+	.base.cra_blocksize	= SHAKE256_BLOCK_SIZE,
+	.base.cra_module	= THIS_MODULE,
 } };
 
 static int __init crypto_sha3_mod_init(void)

next prev parent reply	other threads:[~2025-11-17 14:56 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-11-17 14:55 [PATCH v9 0/9] lib/crypto: Add ML-DSA signing David Howells
2025-11-17 14:55 ` David Howells [this message]
2025-11-17 16:50   ` [PATCH v9 1/9] crypto: Add support for shake256 through crypto_shash Eric Biggers
2025-11-17 14:55 ` [PATCH v9 2/9] crypto: Add ML-DSA/Dilithium verify support David Howells
2025-11-17 17:10   ` Eric Biggers
2025-11-17 19:52     ` David Howells
2025-11-17 20:05       ` David Howells
2025-11-17 20:12       ` Eric Biggers
2025-11-19  3:59         ` Eric Biggers
2025-11-19 14:20           ` David Howells
2025-11-17 20:19       ` James Bottomley
2025-11-18  8:39         ` David Howells
2025-11-18 12:59           ` James Bottomley
2025-11-25 10:10     ` Ignat Korchagin
2025-11-25 20:24       ` Eric Biggers
2025-11-25 20:51         ` Ignat Korchagin
2025-11-21  1:37   ` Eric Biggers
2025-11-25  4:10     ` Eric Biggers
2025-11-25  8:32       ` Stephan Müller
2025-11-17 14:55 ` [PATCH v9 3/9] mldsa: Add a simpler API David Howells
2025-11-17 14:55 ` [PATCH v9 4/9] crypto: Add ML-DSA-44 pure rejection test vectors as a kunit test David Howells
2025-11-17 14:55 ` [PATCH v9 5/9] crypto: Add ML-DSA-65 " David Howells
2025-11-17 14:55 ` [PATCH v9 6/9] crypto: Add ML-DSA-87 " David Howells
2025-11-17 14:55 ` [PATCH v9 7/9] pkcs7: Allow the signing algo to calculate the digest itself David Howells
2025-11-17 14:55 ` [PATCH v9 8/9] pkcs7, x509: Add ML-DSA support David Howells
2025-11-17 14:55 ` [PATCH v9 9/9] modsign: Enable ML-DSA module signing David Howells
2025-11-17 15:22 ` Pick up keys-pqc branch for linux-next? David Howells
2025-11-17 17:11   ` Eric Biggers
2025-11-20  9:53     ` Stephen Rothwell
2025-11-21  2:48       ` Eric Biggers
2025-11-17 16:01 ` Where to add FIPS tests David Howells
2025-11-17 16:54   ` Eric Biggers

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:8f364979ec8 dfblob:be1d18baee8 )
 OR (
bs:"[PATCH v9 1/9] crypto: Add support for shake256 through crypto_shash" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20251117145606.2155773-2-dhowells@redhat.com \
    --to=dhowells@redhat.com \
    --cc=Jason@zx2c4.com \
    --cc=ardb@kernel.org \
    --cc=da.gomez@kernel.org \
    --cc=ebiggers@kernel.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=ignat@cloudflare.com \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-modules@vger.kernel.org \
    --cc=lukas@wunner.de \
    --cc=mcgrof@kernel.org \
    --cc=petr.pavlu@suse.com \
    --cc=samitolvanen@google.com \
    --cc=smueller@chronox.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.