Struct ghash::GHash

pub struct GHash(_);

GHASH: universal hash over GF(2^128) used by AES-GCM.

GHASH is a universal hash function whose polynomial is the "reverse" of the one used by POLYVAL, and is used for message authentication in the AES-GCM authenticated encryption cipher.

From RFC 8452 Appendix A: https://tools.ietf.org/html/rfc8452#appendix-A

GHASH and POLYVAL both operate in GF(2^128), although with different irreducible polynomials: POLYVAL works modulo x^128 + x^127 + x^126 + x^121 + 1 and GHASH works modulo x^128 + x^7 + x^2 + x + 1. Note that these irreducible polynomials are the "reverse" of each other.

Trait Implementations

impl Clone for GHash

fn clone(&self) -> GHash

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl UniversalHash for GHash

type KeySize = U16

Size of the key for the universal hash function

type OutputSize = U16

Size of the output from the universal hash function

fn new(h: &GenericArray<u8, U16>) -> Self

Initialize GHASH with the given H field element

fn update_block(&mut self, x: &GenericArray<u8, U16>)

Input a field element X to be authenticated

fn reset(&mut self)

Reset internal state

fn result(self) -> Output<U16>

Get POLYVAL result (i.e. computed S field element)

fn update_padded(&mut self, data: &[u8])

Input data into the universal hash function. If the length of the data is not a multiple of the block size, the remaining data is padded with zeroes up to the BlockSize.

fn result_reset(&mut self) -> Output<Self::OutputSize>

Obtain the [Output] of a UniversalHash computation and reset it back to its initial state.

fn verify(self, other: &GenericArray<u8, Self::OutputSize>) -> Result<(), Error>

Verify the UniversalHash of the processed input matches a given [Output]. This is useful when constructing Message Authentication Codes (MACs) from universal hash functions.