mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2025-01-17 05:45:20 +00:00
48ea8c6ebc
Move the core Poly1305 routines shared between the generic Poly1305 shash driver and the Adiantum and NHPoly1305 drivers into a separate library so that using just this pieces does not pull in the crypto API pieces of the generic Poly1305 routine. In a subsequent patch, we will augment this generic library with init/update/final routines so that Poyl1305 algorithm can be used directly without the need for using the crypto API's shash abstraction. Signed-off-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
42 lines
752 B
C
42 lines
752 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Common values for the Poly1305 algorithm
|
|
*/
|
|
|
|
#ifndef _CRYPTO_POLY1305_H
|
|
#define _CRYPTO_POLY1305_H
|
|
|
|
#include <linux/types.h>
|
|
#include <linux/crypto.h>
|
|
|
|
#define POLY1305_BLOCK_SIZE 16
|
|
#define POLY1305_KEY_SIZE 32
|
|
#define POLY1305_DIGEST_SIZE 16
|
|
|
|
struct poly1305_key {
|
|
u32 r[5]; /* key, base 2^26 */
|
|
};
|
|
|
|
struct poly1305_state {
|
|
u32 h[5]; /* accumulator, base 2^26 */
|
|
};
|
|
|
|
struct poly1305_desc_ctx {
|
|
/* key */
|
|
struct poly1305_key r;
|
|
/* finalize key */
|
|
u32 s[4];
|
|
/* accumulator */
|
|
struct poly1305_state h;
|
|
/* partial buffer */
|
|
u8 buf[POLY1305_BLOCK_SIZE];
|
|
/* bytes used in partial buffer */
|
|
unsigned int buflen;
|
|
/* r key has been set */
|
|
bool rset;
|
|
/* s key has been set */
|
|
bool sset;
|
|
};
|
|
|
|
#endif
|