zig
zig copied to clipboard
crypto.salsa20: make the number of rounds a comptime parameter
...instead of hard-coding it to 20.
- This is consistent with the ChaCha implementation
- NaCl and libsodium, that this API is designed to interop with, also support 8 and 12 round variants. The 12 round variant, in particular, provides the same security level as the 20 round variant, but is obviously faster.
- scrypt currently uses its own non optimized version of Salsa, just because it use 8 rounds instead of 20. This will help remove code duplication.
No behavior nor public API changes. The Salsa20 and XSalsa20 still represent the 20-round variant.