1 files changed, 58 insertions, 1 deletions

diff --git a/iputils_md5dig.h b/iputils_md5dig.h
index 33aba44..bfa7f02 100644
--- a/iputils_md5dig.h
+++ b/iputils_md5dig.h
@@ -7,8 +7,16 @@
 # define IPUTILS_MD5DIG_LEN	16
 #elif defined(USE_NETTLE)
 # include <nettle/md5.h>
-#else
+#elif defined(USE_OPENSSL)
 # include <openssl/md5.h>
+#elif defined(USE_KERNEL_CRYPTO_API)
+# define IPUTILS_MD5DIG_LEN	16
+# include <errno.h>
+# include <linux/if_alg.h>
+# include <sys/socket.h>
+# include <sys/types.h>
+# include <unistd.h>
+# include "iputils_common.h"
 #endif
 
 #if defined(USE_GCRYPT)
@@ -80,6 +88,55 @@ static void iputils_md5dig_final(unsigned char *digest,
 # define MD5_Init		iputils_md5dig_init
 # define MD5_Update		iputils_md5dig_update
 # define MD5_Final		iputils_md5dig_final
+#elif defined(USE_KERNEL_CRYPTO_API)
+typedef struct {
+	int bind_sock;
+	int comm_sock;
+} iputils_md5dig_ctx;
+
+static void iputils_md5dig_init(iputils_md5dig_ctx *const ctx)
+{
+	const struct sockaddr_alg sa = {
+		.salg_family = AF_ALG,
+		.salg_type = "hash",
+		.salg_name = "md5"
+	};
+
+	ctx->comm_sock = -1;
+	if ((ctx->bind_sock = socket(AF_ALG, SOCK_SEQPACKET, 0)) < 0)
+		return;
+	if (bind(ctx->bind_sock, (struct sockaddr *)&sa, sizeof(sa)) < 0)
+		return;
+	ctx->comm_sock = accept(ctx->bind_sock, NULL, 0);
+	return;
+}
+
+static void iputils_md5dig_update(iputils_md5dig_ctx *ctx,
+				  void const *const buf, const int len)
+{
+	if (ctx->comm_sock < 0)
+		return;
+	if (write(ctx->comm_sock, buf, len) != len)
+		error(0, errno, "write to AF_ALG socket failed");
+	return;
+}
+
+static void iputils_md5dig_final(unsigned char *digest,
+				 iputils_md5dig_ctx const *const ctx)
+{
+	if (ctx->comm_sock < 0)
+		return;
+	if (read(ctx->comm_sock, digest, IPUTILS_MD5DIG_LEN) != IPUTILS_MD5DIG_LEN)
+		error(0, errno, "read from AF_ALG socket failed");
+	close(ctx->comm_sock);
+	close(ctx->bind_sock);
+}
+
+# define MD5_DIGEST_LENGTH	IPUTILS_MD5DIG_LEN
+# define MD5_CTX		iputils_md5dig_ctx
+# define MD5_Init		iputils_md5dig_init
+# define MD5_Update		iputils_md5dig_update
+# define MD5_Final		iputils_md5dig_final
 #endif
 
 #endif