Merge tag 'iomap-4.21-merge-2' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux

[sfrench/cifs-2.6.git] / include / crypto / poly1305.h

diff --git a/include/crypto/poly1305.h b/include/crypto/poly1305.h
index f718a19da82f75d525b2da1f818b7230af197a3e..34317ed2071e6fadbfd04979ac796d329f2637fb 100644 (file)
--- a/include/crypto/poly1305.h
+++ b/include/crypto/poly1305.h
@@ -13,13 +13,21 @@
 #define POLY1305_KEY_SIZE      32
 #define POLY1305_DIGEST_SIZE   16
 
+struct poly1305_key {
+       u32 r[5];       /* key, base 2^26 */
+};
+
+struct poly1305_state {
+       u32 h[5];       /* accumulator, base 2^26 */
+};
+
 struct poly1305_desc_ctx {
        /* key */
-       u32 r[5];
+       struct poly1305_key r;
        /* finalize key */
        u32 s[4];
        /* accumulator */
-       u32 h[5];
+       struct poly1305_state h;
        /* partial buffer */
        u8 buf[POLY1305_BLOCK_SIZE];
        /* bytes used in partial buffer */
@@ -30,6 +38,22 @@ struct poly1305_desc_ctx {
        bool sset;
 };
 
+/*
+ * Poly1305 core functions.  These implement the ε-almost-∆-universal hash
+ * function underlying the Poly1305 MAC, i.e. they don't add an encrypted nonce
+ * ("s key") at the end.  They also only support block-aligned inputs.
+ */
+void poly1305_core_setkey(struct poly1305_key *key, const u8 *raw_key);
+static inline void poly1305_core_init(struct poly1305_state *state)
+{
+       memset(state->h, 0, sizeof(state->h));
+}
+void poly1305_core_blocks(struct poly1305_state *state,
+                         const struct poly1305_key *key,
+                         const void *src, unsigned int nblocks);
+void poly1305_core_emit(const struct poly1305_state *state, void *dst);
+
+/* Crypto API helper functions for the Poly1305 MAC */
 int crypto_poly1305_init(struct shash_desc *desc);
 unsigned int crypto_poly1305_setdesckey(struct poly1305_desc_ctx *dctx,
                                        const u8 *src, unsigned int srclen);