crypto: poly1305 - use structures for key and accumulator

In preparation for exposing a low-level Poly1305 API which implements
the ε-almost-∆-universal (εA∆U) hash function underlying the Poly1305
MAC and supports block-aligned inputs only, create structures
poly1305_key and poly1305_state which hold the limbs of the Poly1305
"r" key and accumulator, respectively.

These structures could actually have the same type (e.g. poly1305_val),
but different types are preferable, to prevent misuse.

Acked-by: Martin Willi <martin@strongswan.org>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

1 files changed, 10 insertions, 2 deletions

diff --git a/include/crypto/poly1305.h b/include/crypto/poly1305.h
index f718a19da82f..493244c46664 100644
--- a/include/crypto/poly1305.h
+++ b/include/crypto/poly1305.h
@@ -13,13 +13,21 @@
 #define POLY1305_KEY_SIZE       32
 #define POLY1305_DIGEST_SIZE    16
 
+struct poly1305_key {
+        u32 r[5];       /* key, base 2^26 */
+};
+
+struct poly1305_state {
+        u32 h[5];       /* accumulator, base 2^26 */
+};
+
 struct poly1305_desc_ctx {
         /* key */
-        u32 r[5];
+        struct poly1305_key r;
         /* finalize key */
         u32 s[4];
         /* accumulator */
-        u32 h[5];
+        struct poly1305_state h;
         /* partial buffer */
         u8 buf[POLY1305_BLOCK_SIZE];
         /* bytes used in partial buffer */