include/crypto/poly1305.h

0001 /* SPDX-License-Identifier: GPL-2.0 */
0002 /*
0003  * Common values for the Poly1305 algorithm
0004  */
0005
0006 #ifndef _CRYPTO_POLY1305_H
0007 #define _CRYPTO_POLY1305_H
0008
0009 #include <linux/types.h>
0010 #include <linux/crypto.h>
0011
0012 #define POLY1305_BLOCK_SIZE 16
0013 #define POLY1305_KEY_SIZE   32
0014 #define POLY1305_DIGEST_SIZE    16
0015
0016 /* The poly1305_key and poly1305_state types are mostly opaque and
0017  * implementation-defined. Limbs might be in base 2^64 or base 2^26, or
0018  * different yet. The union type provided keeps these 64-bit aligned for the
0019  * case in which this is implemented using 64x64 multiplies.
0020  */
0021
0022 struct poly1305_key {
0023     union {
0024         u32 r[5];
0025         u64 r64[3];
0026     };
0027 };
0028
0029 struct poly1305_core_key {
0030     struct poly1305_key key;
0031     struct poly1305_key precomputed_s;
0032 };
0033
0034 struct poly1305_state {
0035     union {
0036         u32 h[5];
0037         u64 h64[3];
0038     };
0039 };
0040
0041 struct poly1305_desc_ctx {
0042     /* partial buffer */
0043     u8 buf[POLY1305_BLOCK_SIZE];
0044     /* bytes used in partial buffer */
0045     unsigned int buflen;
0046     /* how many keys have been set in r[] */
0047     unsigned short rset;
0048     /* whether s[] has been set */
0049     bool sset;
0050     /* finalize key */
0051     u32 s[4];
0052     /* accumulator */
0053     struct poly1305_state h;
0054     /* key */
0055     union {
0056         struct poly1305_key opaque_r[CONFIG_CRYPTO_LIB_POLY1305_RSIZE];
0057         struct poly1305_core_key core_r;
0058     };
0059 };
0060
0061 void poly1305_init_arch(struct poly1305_desc_ctx *desc,
0062             const u8 key[POLY1305_KEY_SIZE]);
0063 void poly1305_init_generic(struct poly1305_desc_ctx *desc,
0064                const u8 key[POLY1305_KEY_SIZE]);
0065
0066 static inline void poly1305_init(struct poly1305_desc_ctx *desc, const u8 *key)
0067 {
0068     if (IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305))
0069         poly1305_init_arch(desc, key);
0070     else
0071         poly1305_init_generic(desc, key);
0072 }
0073
0074 void poly1305_update_arch(struct poly1305_desc_ctx *desc, const u8 *src,
0075               unsigned int nbytes);
0076 void poly1305_update_generic(struct poly1305_desc_ctx *desc, const u8 *src,
0077                  unsigned int nbytes);
0078
0079 static inline void poly1305_update(struct poly1305_desc_ctx *desc,
0080                    const u8 *src, unsigned int nbytes)
0081 {
0082     if (IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305))
0083         poly1305_update_arch(desc, src, nbytes);
0084     else
0085         poly1305_update_generic(desc, src, nbytes);
0086 }
0087
0088 void poly1305_final_arch(struct poly1305_desc_ctx *desc, u8 *digest);
0089 void poly1305_final_generic(struct poly1305_desc_ctx *desc, u8 *digest);
0090
0091 static inline void poly1305_final(struct poly1305_desc_ctx *desc, u8 *digest)
0092 {
0093     if (IS_ENABLED(CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305))
0094         poly1305_final_arch(desc, digest);
0095     else
0096         poly1305_final_generic(desc, digest);
0097 }
0098
0099 #endif