2

In the Linux CRYPTO libraries, what is the difference among:

  • crypto_alloc_hash(...);
  • crypto_alloc_ahash(...);
  • crypto_alloc_shash(...);

I would guess 'a' stands for asynchronous and 's' for synchronous.

If this is the case, what does it mean in terms of implementation choice?

(I am trying to find the correct way to calculate an HMAC(SHA1) value while processing a TCP packet using the CRYPTO libraries).

sjsam
  • 21,411
  • 5
  • 55
  • 102
Fabrizio Demaria
  • 453
  • 1
  • 4
  • 15
  • 1
    Why you have to guess? Why don't you look at the documentation? – sjsam Nov 25 '15 at 14:40
  • 1
    I cannot find any documentation about this. – Fabrizio Demaria Nov 25 '15 at 14:55
  • 1
    You're right about this. Many of the apis used in Linux kernel are not well documented. But it is worth a try looking at the source files itself. Sometimes documentation comes in the form of comments. – sjsam Nov 25 '15 at 18:04

1 Answers1

1

SO Question1 & SO Question2 are good starting points for you.

There are nothing called asynchronous and synchronous functions.All functions(callees) need to return to the callers.

But there are asynchronous and synchronous operations.

crypto_alloc_ahash() & crypto_alloc_shash() differ in that the first consist of the asynchronous operations and the latter consist of synchronous operations.

In case of the first the function when called returns immediately to the main programme leaving behind its operations to complete. When the operations complete they usually use SIGNALS/INTERRUPTS to let the main programme know that they have completed. You can see the implementation here and an excerpt is given below.

struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type,
                                        u32 mask)
 {
         return crypto_alloc_tfm(alg_name, &crypto_ahash_type, type, mask);
 }

In case of the latter the main programme(caller) has to wait for the operation in the function to complete to continue. I can't think of specific scenarios where synchronization is mandatory in this context. You can see the implementation here

Indeed both the functions look the same but for the type of the values they return.
Async variants of functions is normally what you should look for the speed reasons of your programme. Also you cannot make async calls from sync variants for obvious reasons.

Edit :

crypto_alloc_hash is synchronous hash and I couldn't find out the difference between hash and shash.

Both returns allocated cipher handle in case of success; IS_ERR is true in case of an error, PTR_ERR returns the error code.

See shash vs hash.

Community
  • 1
  • 1
sjsam
  • 21,411
  • 5
  • 55
  • 102
  • What about 'crypto_alloc_hash', would that be synchronous or asynchronous? – Fabrizio Demaria Nov 26 '15 at 08:21
  • Please see the edit. It might be that the developer wanted to give a similar structure to `ahash` and `shash`. I honestly don't think this completely answers your question but it will be foundation for you to step on and explore further. – sjsam Nov 26 '15 at 08:58
  • Might be useful: by typing `cat /proc/crypto` you can find a list of available crypto algorithms with a 'type' filed that *should* indicate which kind of function to use (for example, in case of HMAC(SHA-1), the 'type' is 'shash'). – Fabrizio Demaria Nov 26 '15 at 09:24
  • Not sure !! Why shouldn't you use ahash() for calculating SHA1? The type you see in /proc/crypto just means that HMAC is compiled as a synchronous hash. I guess this shouldn't be a restriction on using `ahash()` to calculate HMAC in your own program. – sjsam Nov 26 '15 at 09:47