diff options
author | Eric Biggers <ebiggers@google.com> | 2018-11-17 02:26:18 +0100 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2018-11-20 07:26:55 +0100 |
commit | dd333449d0fb667c5250c42488a7e90470e16c77 (patch) | |
tree | 4377def3ee5095c9d866430d20cffcabbe7f90fd /include/crypto | |
parent | crypto: drop mask=CRYPTO_ALG_ASYNC from 'shash' tfm allocations (diff) | |
download | linux-dd333449d0fb667c5250c42488a7e90470e16c77.tar.xz linux-dd333449d0fb667c5250c42488a7e90470e16c77.zip |
crypto: chacha20-generic - add HChaCha20 library function
Refactor the unkeyed permutation part of chacha20_block() into its own
function, then add hchacha20_block() which is the ChaCha equivalent of
HSalsa20 and is an intermediate step towards XChaCha20 (see
https://cr.yp.to/snuffle/xsalsa-20081128.pdf). HChaCha20 skips the
final addition of the initial state, and outputs only certain words of
the state. It should not be used for streaming directly.
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Martin Willi <martin@strongswan.org>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/crypto')
-rw-r--r-- | include/crypto/chacha20.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/crypto/chacha20.h b/include/crypto/chacha20.h index 2d3129442a52..56073814eef0 100644 --- a/include/crypto/chacha20.h +++ b/include/crypto/chacha20.h @@ -20,6 +20,8 @@ struct chacha20_ctx { }; void chacha20_block(u32 *state, u8 *stream); +void hchacha20_block(const u32 *in, u32 *out); + void crypto_chacha20_init(u32 *state, struct chacha20_ctx *ctx, u8 *iv); int crypto_chacha20_setkey(struct crypto_skcipher *tfm, const u8 *key, unsigned int keysize); |