summaryrefslogtreecommitdiff
path: root/block
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2018-11-16 17:26:28 -0800
committerHerbert Xu <herbert@gondor.apana.org.au>2018-11-20 14:26:56 +0800
commit1b6fd3d5d18bbc1b1abf3b0cbc4b95a9a63d407b (patch)
tree39ec42053ca0a1346fa2a41a2c1b5db33b2d41ca /block
parent878afc35cd28bcd93cd3c5e1985ef39a104a4d45 (diff)
crypto: poly1305 - add Poly1305 core API
Expose a low-level Poly1305 API which implements the ε-almost-∆-universal (εA∆U) hash function underlying the Poly1305 MAC and supports block-aligned inputs only. This is needed for Adiantum hashing, which builds an εA∆U hash function from NH and a polynomial evaluation in GF(2^{130}-5); this polynomial evaluation is identical to the one the Poly1305 MAC does. However, the crypto_shash Poly1305 API isn't very appropriate for this because its calling convention assumes it is used as a MAC, with a 32-byte "one-time key" provided for every digest. But by design, in Adiantum hashing the performance of the polynomial evaluation isn't nearly as critical as NH. So it suffices to just have some C helper functions. Thus, this patch adds such functions. Acked-by: Martin Willi <martin@strongswan.org> Signed-off-by: Eric Biggers <ebiggers@google.com> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'block')
0 files changed, 0 insertions, 0 deletions