Commit | Line | Data |
---|---|---|
b2441318 | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2546f811 MW |
2 | /* |
3 | * Common values for the Poly1305 algorithm | |
4 | */ | |
5 | ||
6 | #ifndef _CRYPTO_POLY1305_H | |
7 | #define _CRYPTO_POLY1305_H | |
8 | ||
9 | #include <linux/types.h> | |
10 | #include <linux/crypto.h> | |
11 | ||
12 | #define POLY1305_BLOCK_SIZE 16 | |
13 | #define POLY1305_KEY_SIZE 32 | |
14 | #define POLY1305_DIGEST_SIZE 16 | |
15 | ||
1c08a104 JD |
16 | /* The poly1305_key and poly1305_state types are mostly opaque and |
17 | * implementation-defined. Limbs might be in base 2^64 or base 2^26, or | |
18 | * different yet. The union type provided keeps these 64-bit aligned for the | |
19 | * case in which this is implemented using 64x64 multiplies. | |
20 | */ | |
21 | ||
878afc35 | 22 | struct poly1305_key { |
1c08a104 JD |
23 | union { |
24 | u32 r[5]; | |
25 | u64 r64[3]; | |
26 | }; | |
27 | }; | |
28 | ||
29 | struct poly1305_core_key { | |
30 | struct poly1305_key key; | |
31 | struct poly1305_key precomputed_s; | |
878afc35 EB |
32 | }; |
33 | ||
34 | struct poly1305_state { | |
1c08a104 JD |
35 | union { |
36 | u32 h[5]; | |
37 | u64 h64[3]; | |
38 | }; | |
878afc35 EB |
39 | }; |
40 | ||
2546f811 | 41 | struct poly1305_desc_ctx { |
2546f811 MW |
42 | /* partial buffer */ |
43 | u8 buf[POLY1305_BLOCK_SIZE]; | |
44 | /* bytes used in partial buffer */ | |
45 | unsigned int buflen; | |
ad8f5b88 AB |
46 | /* how many keys have been set in r[] */ |
47 | unsigned short rset; | |
48 | /* whether s[] has been set */ | |
2546f811 | 49 | bool sset; |
ad8f5b88 AB |
50 | /* finalize key */ |
51 | u32 s[4]; | |
52 | /* accumulator */ | |
53 | struct poly1305_state h; | |
54 | /* key */ | |
1c08a104 JD |
55 | union { |
56 | struct poly1305_key opaque_r[CONFIG_CRYPTO_LIB_POLY1305_RSIZE]; | |
57 | struct poly1305_core_key core_r; | |
58 | }; | |
2546f811 MW |
59 | }; |
60 | ||
8d195e7a AB |
61 | void poly1305_init_arch(struct poly1305_desc_ctx *desc, |
62 | const u8 key[POLY1305_KEY_SIZE]); | |
63 | void poly1305_init_generic(struct poly1305_desc_ctx *desc, | |
64 | const u8 key[POLY1305_KEY_SIZE]); | |
a1d93064 AB |
65 | |
66 | static inline void poly1305_init(struct poly1305_desc_ctx *desc, const u8 *key) | |
67 | { | |
68 | if (IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305)) | |
69 | poly1305_init_arch(desc, key); | |
70 | else | |
71 | poly1305_init_generic(desc, key); | |
72 | } | |
73 | ||
74 | void poly1305_update_arch(struct poly1305_desc_ctx *desc, const u8 *src, | |
75 | unsigned int nbytes); | |
76 | void poly1305_update_generic(struct poly1305_desc_ctx *desc, const u8 *src, | |
77 | unsigned int nbytes); | |
78 | ||
79 | static inline void poly1305_update(struct poly1305_desc_ctx *desc, | |
80 | const u8 *src, unsigned int nbytes) | |
81 | { | |
82 | if (IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305)) | |
83 | poly1305_update_arch(desc, src, nbytes); | |
84 | else | |
85 | poly1305_update_generic(desc, src, nbytes); | |
86 | } | |
87 | ||
88 | void poly1305_final_arch(struct poly1305_desc_ctx *desc, u8 *digest); | |
89 | void poly1305_final_generic(struct poly1305_desc_ctx *desc, u8 *digest); | |
90 | ||
91 | static inline void poly1305_final(struct poly1305_desc_ctx *desc, u8 *digest) | |
92 | { | |
93 | if (IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305)) | |
94 | poly1305_final_arch(desc, digest); | |
95 | else | |
96 | poly1305_final_generic(desc, digest); | |
97 | } | |
98 | ||
2546f811 | 99 | #endif |