1 files changed, 58 insertions, 12 deletions

diff --git a/ncr-sessions.c b/ncr-sessions.c
index 41f8a4c..84433cc 100644
--- a/ncr-sessions.c
+++ b/ncr-sessions.c
@@ -77,6 +77,7 @@ void _ncr_sessions_item_put( struct session_item_st* item)
 		cryptodev_cipher_deinit(&item->cipher);
 		ncr_pk_cipher_deinit(&item->pk);
 		cryptodev_hash_deinit(&item->hash);
+		kfree(item->transparent_hash);
 		if (item->key)
 			_ncr_key_item_put(item->key);
 		kfree(item->sg);
@@ -195,8 +196,14 @@ static const struct algo_properties_st algo_properties[] = {
 	   (yet). */
 	{ .algo = NCR_ALG_RSA, KSTR("rsa"), .is_pk = 1,
 		.can_encrypt=1, .can_sign=1, .key_type = NCR_KEY_TYPE_PUBLIC },
+	{ .algo = NCR_ALG_RSA, KSTR(NCR_ALG_RSA_TRANSPARENT_HASH), .is_pk = 1,
+	  .can_encrypt=1, .can_sign=1, .has_transparent_hash = 1,
+	  .key_type = NCR_KEY_TYPE_PUBLIC },
 	{ .algo = NCR_ALG_DSA, KSTR("dsa"), .is_pk = 1,
 		.can_sign=1, .key_type = NCR_KEY_TYPE_PUBLIC },
+	{ .algo = NCR_ALG_DSA, KSTR(NCR_ALG_DSA_TRANSPARENT_HASH), .is_pk = 1,
+	  .can_sign=1, .has_transparent_hash = 1,
+	  .key_type = NCR_KEY_TYPE_PUBLIC },
 	{ .algo = NCR_ALG_DH, KSTR("dh"), .is_pk = 1,
 		.can_kx=1, .key_type = NCR_KEY_TYPE_PUBLIC },
 #undef KSTR
@@ -433,6 +440,15 @@ static int _ncr_session_init(struct ncr_lists *lists, ncr_crypto_op_t op,
 						err();
 						goto fail;
 					}
+
+					if (ns->algorithm->has_transparent_hash) {
+						ns->transparent_hash = kzalloc(ns->hash.digestsize, GFP_KERNEL);
+						if (ns->transparent_hash == NULL) {
+							err();
+							ret = -ENOMEM;
+							goto fail;
+						}
+					}
 				} else {
 					err();
 					ret = -EINVAL;
@@ -748,10 +764,27 @@ static int _ncr_session_update(struct ncr_lists *lists, ncr_session_t ses,
 
 		case NCR_OP_SIGN:
 		case NCR_OP_VERIFY:
-			ret = cryptodev_hash_update(&sess->hash, isg, isg_size);
-			if (ret < 0) {
-				err();
-				goto fail;
+			if (sess->algorithm->has_transparent_hash) {
+				if (isg_size != sess->hash.digestsize) {
+					err();
+					ret = -EINVAL;
+					goto fail;
+				}
+				ret = sg_copy_to_buffer(isg, isg_cnt,
+							sess->transparent_hash,
+							isg_size);
+				if (ret != isg_size) {
+					err();
+					ret = -EINVAL;
+					goto fail;
+				}
+			} else {
+				ret = cryptodev_hash_update(&sess->hash, isg,
+							    isg_size);
+				if (ret < 0) {
+					err();
+					goto fail;
+				}
 			}
 			break;
 		default:
@@ -845,10 +878,14 @@ static int _ncr_session_final(struct ncr_lists *lists, ncr_session_t ses,
 			ret = -EINVAL;
 			goto fail;
 		}
-		ret = cryptodev_hash_final(&sess->hash, digest);
-		if (ret < 0) {
-			err();
-			goto fail;
+		if (sess->algorithm->has_transparent_hash)
+			memcpy(digest, sess->transparent_hash, digest_size);
+		else {
+			ret = cryptodev_hash_final(&sess->hash, digest);
+			if (ret < 0) {
+				err();
+				goto fail;
+			}
 		}
 
 		if (!sess->algorithm->is_pk)
@@ -884,10 +921,14 @@ static int _ncr_session_final(struct ncr_lists *lists, ncr_session_t ses,
 			goto fail;
 		}
 
-		ret = cryptodev_hash_final(&sess->hash, digest);
-		if (ret < 0) {
-			err();
-			goto fail;
+		if (sess->algorithm->has_transparent_hash)
+			memcpy(digest, sess->transparent_hash, digest_size);
+		else {
+			ret = cryptodev_hash_final(&sess->hash, digest);
+			if (ret < 0) {
+				err();
+				goto fail;
+			}
 		}
 
 		cryptodev_hash_deinit(&sess->hash);
@@ -994,6 +1035,11 @@ static int _ncr_session_update_key(struct ncr_lists *lists, ncr_session_t ses,
 			goto fail;
 		case NCR_OP_SIGN:
 		case NCR_OP_VERIFY:
+			if (sess->algorithm->has_transparent_hash) {
+				err();
+				ret = -EINVAL;
+				goto fail;
+			}
 			ret = _cryptodev_hash_update(&sess->hash, 
 				key->key.secret.data, key->key.secret.size);
 			if (ret < 0) {