diff options
| author | Frank Denis <github@pureftpd.org> | 2022-11-20 13:07:40 +0100 |
|---|---|---|
| committer | Andrew Kelley <andrew@ziglang.org> | 2022-11-20 18:13:19 -0500 |
| commit | c45c6cd492e9a5f351fa9290c7f7385d743b3818 (patch) | |
| tree | 9241dad5efc01f386b448ed102a0a44123b1235b /src/zig_llvm.cpp | |
| parent | 79bba5a9e639ddfb89af95ccf22501d974bd7fe3 (diff) | |
| download | zig-c45c6cd492e9a5f351fa9290c7f7385d743b3818.tar.gz zig-c45c6cd492e9a5f351fa9290c7f7385d743b3818.zip | |
Add the POLYVAL universal hash function
POLYVAL is GHASH's little brother, required by the AES-GCM-SIV
construction. It's defined in RFC8452.
The irreducible polynomial is a mirror of GHASH's (which doesn't
change anything in our implementation that didn't reverse the raw
bits to start with).
But most importantly, POLYVAL encodes byte strings as little-endian
instead of big-endian, which makes it a little bit faster on the
vast majority of modern CPUs.
So, both share the same code, just with comptime magic to use the
correct endianness and only double the key for GHASH.
Diffstat (limited to 'src/zig_llvm.cpp')
0 files changed, 0 insertions, 0 deletions