linux/include/crypto/nhpoly1305.h
<<
>>
Prefs 
   1/* SPDX-License-Identifier: GPL-2.0 */
   2/*
   3 * Common values and helper functions for the NHPoly1305 hash function.
   4 */
   5
   6#ifndef _NHPOLY1305_H
   7#define _NHPOLY1305_H
   8
   9#include <crypto/hash.h>
  10#include <crypto/internal/poly1305.h>
  11
  12/* NH parameterization: */
  13
  14/* Endianness: little */
  15/* Word size: 32 bits (works well on NEON, SSE2, AVX2) */
  16
  17/* Stride: 2 words (optimal on ARM32 NEON; works okay on other CPUs too) */
  18#define NH_PAIR_STRIDE          2
  19#define NH_MESSAGE_UNIT         (NH_PAIR_STRIDE * 2 * sizeof(u32))
  20
  21/* Num passes (Toeplitz iteration count): 4, to give ε = 2^{-128} */
  22#define NH_NUM_PASSES           4
  23#define NH_HASH_BYTES           (NH_NUM_PASSES * sizeof(u64))
  24
  25/* Max message size: 1024 bytes (32x compression factor) */
  26#define NH_NUM_STRIDES          64
  27#define NH_MESSAGE_WORDS        (NH_PAIR_STRIDE * 2 * NH_NUM_STRIDES)
  28#define NH_MESSAGE_BYTES        (NH_MESSAGE_WORDS * sizeof(u32))
  29#define NH_KEY_WORDS            (NH_MESSAGE_WORDS + \
  30                                 NH_PAIR_STRIDE * 2 * (NH_NUM_PASSES - 1))
  31#define NH_KEY_BYTES            (NH_KEY_WORDS * sizeof(u32))
  32
  33#define NHPOLY1305_KEY_SIZE     (POLY1305_BLOCK_SIZE + NH_KEY_BYTES)
  34
  35struct nhpoly1305_key {
  36        struct poly1305_core_key poly_key;
  37        u32 nh_key[NH_KEY_WORDS];
  38};
  39
  40struct nhpoly1305_state {
  41
  42        /* Running total of polynomial evaluation */
  43        struct poly1305_state poly_state;
  44
  45        /* Partial block buffer */
  46        u8 buffer[NH_MESSAGE_UNIT];
  47        unsigned int buflen;
  48
  49        /*
  50         * Number of bytes remaining until the current NH message reaches
  51         * NH_MESSAGE_BYTES.  When nonzero, 'nh_hash' holds the partial NH hash.
  52         */
  53        unsigned int nh_remaining;
  54
  55        __le64 nh_hash[NH_NUM_PASSES];
  56};
  57
  58typedef void (*nh_t)(const u32 *key, const u8 *message, size_t message_len,
  59                     __le64 hash[NH_NUM_PASSES]);
  60
  61int crypto_nhpoly1305_setkey(struct crypto_shash *tfm,
  62                             const u8 *key, unsigned int keylen);
  63
  64int crypto_nhpoly1305_init(struct shash_desc *desc);
  65int crypto_nhpoly1305_update(struct shash_desc *desc,
  66                             const u8 *src, unsigned int srclen);
  67int crypto_nhpoly1305_update_helper(struct shash_desc *desc,
  68                                    const u8 *src, unsigned int srclen,
  69                                    nh_t nh_fn);
  70int crypto_nhpoly1305_final(struct shash_desc *desc, u8 *dst);
  71int crypto_nhpoly1305_final_helper(struct shash_desc *desc, u8 *dst,
  72                                   nh_t nh_fn);
  73
  74#endif /* _NHPOLY1305_H */
  75
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.