mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-15 17:43:59 +00:00
9f480faec5
When chacha20_block() outputs the keystream block, it uses 'u32' stores directly. However, the callers (crypto/chacha20_generic.c and drivers/char/random.c) declare the keystream buffer as a 'u8' array, which is not guaranteed to have the needed alignment. Fix it by having both callers declare the keystream as a 'u32' array. For now this is preferable to switching over to the unaligned access macros because chacha20_block() is only being used in cases where we can easily control the alignment (stack buffers). Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
29 lines
704 B
C
29 lines
704 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Common values for the ChaCha20 algorithm
|
|
*/
|
|
|
|
#ifndef _CRYPTO_CHACHA20_H
|
|
#define _CRYPTO_CHACHA20_H
|
|
|
|
#include <crypto/skcipher.h>
|
|
#include <linux/types.h>
|
|
#include <linux/crypto.h>
|
|
|
|
#define CHACHA20_IV_SIZE 16
|
|
#define CHACHA20_KEY_SIZE 32
|
|
#define CHACHA20_BLOCK_SIZE 64
|
|
#define CHACHA20_BLOCK_WORDS (CHACHA20_BLOCK_SIZE / sizeof(u32))
|
|
|
|
struct chacha20_ctx {
|
|
u32 key[8];
|
|
};
|
|
|
|
void chacha20_block(u32 *state, u32 *stream);
|
|
void crypto_chacha20_init(u32 *state, struct chacha20_ctx *ctx, u8 *iv);
|
|
int crypto_chacha20_setkey(struct crypto_skcipher *tfm, const u8 *key,
|
|
unsigned int keysize);
|
|
int crypto_chacha20_crypt(struct skcipher_request *req);
|
|
|
|
#endif
|