diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-08-28 23:50:35 -0600 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2018-09-03 23:52:11 -0600 |
commit | 4a0e319af86c0d38304535293f6fc32fe436ef1d (patch) | |
tree | 6fca1e89becf3ff1afdcec7b6bc725e256af5811 /src/crypto/include | |
parent | uapi: reformat (diff) | |
download | wireguard-monolithic-historical-4a0e319af86c0d38304535293f6fc32fe436ef1d.tar.xz wireguard-monolithic-historical-4a0e319af86c0d38304535293f6fc32fe436ef1d.zip |
crypto: import zinc
Diffstat (limited to '')
-rw-r--r-- | src/crypto/include/linux/simd.h (renamed from src/crypto/simd.h) | 0 | ||||
-rw-r--r-- | src/crypto/include/zinc/blake2s.h (renamed from src/crypto/blake2s.h) | 27 | ||||
-rw-r--r-- | src/crypto/include/zinc/chacha20.h (renamed from src/crypto/chacha20.h) | 20 | ||||
-rw-r--r-- | src/crypto/include/zinc/chacha20poly1305.h | 54 | ||||
-rw-r--r-- | src/crypto/include/zinc/curve25519.h (renamed from src/crypto/curve25519.h) | 13 | ||||
-rw-r--r-- | src/crypto/include/zinc/poly1305.h (renamed from src/crypto/poly1305.h) | 17 |
6 files changed, 102 insertions, 29 deletions
diff --git a/src/crypto/simd.h b/src/crypto/include/linux/simd.h index 6adf0c3..6adf0c3 100644 --- a/src/crypto/simd.h +++ b/src/crypto/include/linux/simd.h diff --git a/src/crypto/blake2s.h b/src/crypto/include/zinc/blake2s.h index 7c42101..0e50836 100644 --- a/src/crypto/blake2s.h +++ b/src/crypto/include/zinc/blake2s.h @@ -3,8 +3,8 @@ * Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */ -#ifndef _WG_BLAKE2S_H -#define _WG_BLAKE2S_H +#ifndef _ZINC_BLAKE2S_H +#define _ZINC_BLAKE2S_H #include <linux/types.h> #include <linux/kernel.h> @@ -26,10 +26,12 @@ struct blake2s_state { }; void blake2s_init(struct blake2s_state *state, const size_t outlen); -void blake2s_init_key(struct blake2s_state *state, const size_t outlen, const void *key, const size_t keylen); +void blake2s_init_key(struct blake2s_state *state, const size_t outlen, + const void *key, const size_t keylen); void blake2s_update(struct blake2s_state *state, const u8 *in, size_t inlen); void __blake2s_final(struct blake2s_state *state); -static inline void blake2s_final(struct blake2s_state *state, u8 *out, const size_t outlen) +static inline void blake2s_final(struct blake2s_state *state, u8 *out, + const size_t outlen) { int i; @@ -39,7 +41,8 @@ static inline void blake2s_final(struct blake2s_state *state, u8 *out, const siz __blake2s_final(state); if (__builtin_constant_p(outlen) && !(outlen % sizeof(u32))) { - if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) || IS_ALIGNED((unsigned long)out, __alignof__(u32))) { + if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) || + IS_ALIGNED((unsigned long)out, __alignof__(u32))) { __le32 *outwords = (__le32 *)out; for (i = 0; i < outlen / sizeof(u32); ++i) @@ -65,13 +68,16 @@ static inline void blake2s_final(struct blake2s_state *state, u8 *out, const siz memzero_explicit(state, sizeof(struct blake2s_state)); } - -static inline void blake2s(u8 *out, const u8 *in, const u8 *key, const size_t outlen, const size_t inlen, const size_t keylen) +static inline void blake2s(u8 *out, const u8 *in, const u8 *key, + const size_t outlen, const size_t inlen, + const size_t keylen) { struct blake2s_state state; #ifdef DEBUG - BUG_ON((!in && inlen > 0) || !out || !outlen || outlen > BLAKE2S_OUTBYTES || keylen > BLAKE2S_KEYBYTES || (!key && keylen)); + BUG_ON((!in && inlen > 0) || !out || !outlen || + outlen > BLAKE2S_OUTBYTES || keylen > BLAKE2S_KEYBYTES || + (!key && keylen)); #endif if (keylen) @@ -83,7 +89,8 @@ static inline void blake2s(u8 *out, const u8 *in, const u8 *key, const size_t ou blake2s_final(&state, out, outlen); } -void blake2s_hmac(u8 *out, const u8 *in, const u8 *key, const size_t outlen, const size_t inlen, const size_t keylen); +void blake2s_hmac(u8 *out, const u8 *in, const u8 *key, const size_t outlen, + const size_t inlen, const size_t keylen); void blake2s_fpu_init(void); @@ -91,4 +98,4 @@ void blake2s_fpu_init(void); bool blake2s_selftest(void); #endif -#endif /* _WG_BLAKE2S_H */ +#endif /* _ZINC_BLAKE2S_H */ diff --git a/src/crypto/chacha20.h b/src/crypto/include/zinc/chacha20.h index f3d408b..d09afbc 100644 --- a/src/crypto/chacha20.h +++ b/src/crypto/include/zinc/chacha20.h @@ -3,11 +3,11 @@ * Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */ -#ifndef _WG_CHACHA20_H -#define _WG_CHACHA20_H +#ifndef _ZINC_CHACHA20_H +#define _ZINC_CHACHA20_H -#include "simd.h" #include <asm/unaligned.h> +#include <linux/simd.h> #include <linux/kernel.h> #include <linux/types.h> @@ -26,7 +26,9 @@ struct chacha20_ctx { void chacha20_fpu_init(void); -static inline void chacha20_init(struct chacha20_ctx *state, const u8 key[CHACHA20_KEY_SIZE], const u64 nonce) +static inline void chacha20_init(struct chacha20_ctx *state, + const u8 key[CHACHA20_KEY_SIZE], + const u64 nonce) { state->key[0] = get_unaligned_le32(key + 0); state->key[1] = get_unaligned_le32(key + 4); @@ -40,8 +42,12 @@ static inline void chacha20_init(struct chacha20_ctx *state, const u8 key[CHACHA state->counter[2] = nonce & U32_MAX; state->counter[3] = nonce >> 32; } -void chacha20(struct chacha20_ctx *state, u8 *dst, const u8 *src, u32 len, simd_context_t simd_context); +void chacha20(struct chacha20_ctx *state, u8 *dst, const u8 *src, u32 len, + simd_context_t simd_context); -void hchacha20(u8 derived_key[CHACHA20_KEY_SIZE], const u8 nonce[HCHACHA20_NONCE_SIZE], const u8 key[HCHACHA20_KEY_SIZE], simd_context_t simd_context); +/* Derived key should be 32-bit aligned */ +void hchacha20(u8 derived_key[CHACHA20_KEY_SIZE], + const u8 nonce[HCHACHA20_NONCE_SIZE], + const u8 key[HCHACHA20_KEY_SIZE], simd_context_t simd_context); -#endif /* _WG_CHACHA20_H */ +#endif /* _ZINC_CHACHA20_H */ diff --git a/src/crypto/include/zinc/chacha20poly1305.h b/src/crypto/include/zinc/chacha20poly1305.h new file mode 100644 index 0000000..b607c76 --- /dev/null +++ b/src/crypto/include/zinc/chacha20poly1305.h @@ -0,0 +1,54 @@ +/* SPDX-License-Identifier: GPL-2.0 + * + * Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. + */ + +#ifndef _ZINC_CHACHA20POLY1305_H +#define _ZINC_CHACHA20POLY1305_H + +#include <linux/simd.h> +#include <linux/types.h> + +struct scatterlist; + +enum chacha20poly1305_lengths { + XCHACHA20POLY1305_NONCELEN = 24, + CHACHA20POLY1305_KEYLEN = 32, + CHACHA20POLY1305_AUTHTAGLEN = 16 +}; + +void chacha20poly1305_encrypt(u8 *dst, const u8 *src, const size_t src_len, + const u8 *ad, const size_t ad_len, + const u64 nonce, + const u8 key[CHACHA20POLY1305_KEYLEN]); + +bool __must_check chacha20poly1305_encrypt_sg( + struct scatterlist *dst, struct scatterlist *src, const size_t src_len, + const u8 *ad, const size_t ad_len, const u64 nonce, + const u8 key[CHACHA20POLY1305_KEYLEN], simd_context_t simd_context); + +bool __must_check +chacha20poly1305_decrypt(u8 *dst, const u8 *src, const size_t src_len, + const u8 *ad, const size_t ad_len, const u64 nonce, + const u8 key[CHACHA20POLY1305_KEYLEN]); + +bool __must_check chacha20poly1305_decrypt_sg( + struct scatterlist *dst, struct scatterlist *src, const size_t src_len, + const u8 *ad, const size_t ad_len, const u64 nonce, + const u8 key[CHACHA20POLY1305_KEYLEN], simd_context_t simd_context); + +void xchacha20poly1305_encrypt(u8 *dst, const u8 *src, const size_t src_len, + const u8 *ad, const size_t ad_len, + const u8 nonce[XCHACHA20POLY1305_NONCELEN], + const u8 key[CHACHA20POLY1305_KEYLEN]); + +bool __must_check xchacha20poly1305_decrypt( + u8 *dst, const u8 *src, const size_t src_len, const u8 *ad, + const size_t ad_len, const u8 nonce[XCHACHA20POLY1305_NONCELEN], + const u8 key[CHACHA20POLY1305_KEYLEN]); + +#ifdef DEBUG +bool chacha20poly1305_selftest(void); +#endif + +#endif /* _ZINC_CHACHA20POLY1305_H */ diff --git a/src/crypto/curve25519.h b/src/crypto/include/zinc/curve25519.h index a06a249..0e1caf0 100644 --- a/src/crypto/curve25519.h +++ b/src/crypto/include/zinc/curve25519.h @@ -3,8 +3,8 @@ * Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */ -#ifndef _WG_CURVE25519_H -#define _WG_CURVE25519_H +#ifndef _ZINC_CURVE25519_H +#define _ZINC_CURVE25519_H #include <linux/types.h> @@ -12,9 +12,12 @@ enum curve25519_lengths { CURVE25519_POINT_SIZE = 32 }; -bool __must_check curve25519(u8 mypublic[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE], const u8 basepoint[CURVE25519_POINT_SIZE]); +bool __must_check curve25519(u8 mypublic[CURVE25519_POINT_SIZE], + const u8 secret[CURVE25519_POINT_SIZE], + const u8 basepoint[CURVE25519_POINT_SIZE]); void curve25519_generate_secret(u8 secret[CURVE25519_POINT_SIZE]); -bool __must_check curve25519_generate_public(u8 pub[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE]); +bool __must_check curve25519_generate_public( + u8 pub[CURVE25519_POINT_SIZE], const u8 secret[CURVE25519_POINT_SIZE]); void curve25519_fpu_init(void); @@ -22,4 +25,4 @@ void curve25519_fpu_init(void); bool curve25519_selftest(void); #endif -#endif /* _WG_CURVE25519_H */ +#endif /* _ZINC_CURVE25519_H */ diff --git a/src/crypto/poly1305.h b/src/crypto/include/zinc/poly1305.h index f8467bc..5c9220f 100644 --- a/src/crypto/poly1305.h +++ b/src/crypto/include/zinc/poly1305.h @@ -3,10 +3,10 @@ * Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */ -#ifndef _WG_POLY1305_H -#define _WG_POLY1305_H +#ifndef _ZINC_POLY1305_H +#define _ZINC_POLY1305_H -#include "simd.h" +#include <linux/simd.h> #include <linux/types.h> enum poly1305_lengths { @@ -24,12 +24,15 @@ struct poly1305_ctx { void poly1305_fpu_init(void); -void poly1305_init(struct poly1305_ctx *ctx, const u8 key[POLY1305_KEY_SIZE], simd_context_t simd_context); -void poly1305_update(struct poly1305_ctx *ctx, const u8 *inp, const size_t len, simd_context_t simd_context); -void poly1305_finish(struct poly1305_ctx *ctx, u8 mac[POLY1305_MAC_SIZE], simd_context_t simd_context); +void poly1305_init(struct poly1305_ctx *ctx, const u8 key[POLY1305_KEY_SIZE], + simd_context_t simd_context); +void poly1305_update(struct poly1305_ctx *ctx, const u8 *inp, const size_t len, + simd_context_t simd_context); +void poly1305_finish(struct poly1305_ctx *ctx, u8 mac[POLY1305_MAC_SIZE], + simd_context_t simd_context); #ifdef DEBUG bool poly1305_selftest(void); #endif -#endif /* _WG_POLY1305_H */ +#endif /* _ZINC_POLY1305_H */ |