Lines Matching refs:gctx
264 #define AES_GCM_ASM(gctx) \ argument
265 (gctx->ctr == aesni_ctr32_encrypt_blocks && gctx->gcm.ghash == gcm_ghash_avx)
466 EVP_AES_GCM_CTX *gctx = ctx->cipher_data; in aes_gcm_init_key() local
471 gctx->ctr = in aes_gcm_init_key()
472 aes_ctr_set_key(&gctx->ks.ks, &gctx->gcm, NULL, key, ctx->key_len); in aes_gcm_init_key()
474 if (iv == NULL && gctx->iv_set) { in aes_gcm_init_key()
475 iv = gctx->iv; in aes_gcm_init_key()
478 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); in aes_gcm_init_key()
479 gctx->iv_set = 1; in aes_gcm_init_key()
481 gctx->key_set = 1; in aes_gcm_init_key()
484 if (gctx->key_set) { in aes_gcm_init_key()
485 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); in aes_gcm_init_key()
487 memcpy(gctx->iv, iv, gctx->ivlen); in aes_gcm_init_key()
489 gctx->iv_set = 1; in aes_gcm_init_key()
490 gctx->iv_gen = 0; in aes_gcm_init_key()
496 EVP_AES_GCM_CTX *gctx = c->cipher_data; in aes_gcm_cleanup() local
497 OPENSSL_cleanse(&gctx->gcm, sizeof(gctx->gcm)); in aes_gcm_cleanup()
498 if (gctx->iv != c->iv) { in aes_gcm_cleanup()
499 OPENSSL_free(gctx->iv); in aes_gcm_cleanup()
520 EVP_AES_GCM_CTX *gctx = c->cipher_data; in aes_gcm_ctrl() local
523 gctx->key_set = 0; in aes_gcm_ctrl()
524 gctx->iv_set = 0; in aes_gcm_ctrl()
525 gctx->ivlen = c->cipher->iv_len; in aes_gcm_ctrl()
526 gctx->iv = c->iv; in aes_gcm_ctrl()
527 gctx->taglen = -1; in aes_gcm_ctrl()
528 gctx->iv_gen = 0; in aes_gcm_ctrl()
537 if (arg > EVP_MAX_IV_LENGTH && arg > gctx->ivlen) { in aes_gcm_ctrl()
538 if (gctx->iv != c->iv) { in aes_gcm_ctrl()
539 OPENSSL_free(gctx->iv); in aes_gcm_ctrl()
541 gctx->iv = OPENSSL_malloc(arg); in aes_gcm_ctrl()
542 if (!gctx->iv) { in aes_gcm_ctrl()
546 gctx->ivlen = arg; in aes_gcm_ctrl()
554 gctx->taglen = arg; in aes_gcm_ctrl()
558 if (arg <= 0 || arg > 16 || !c->encrypt || gctx->taglen < 0) { in aes_gcm_ctrl()
567 memcpy(gctx->iv, ptr, gctx->ivlen); in aes_gcm_ctrl()
568 gctx->iv_gen = 1; in aes_gcm_ctrl()
573 if (arg < 4 || (gctx->ivlen - arg) < 8) { in aes_gcm_ctrl()
577 memcpy(gctx->iv, ptr, arg); in aes_gcm_ctrl()
579 if (c->encrypt && !RAND_bytes(gctx->iv + arg, gctx->ivlen - arg)) { in aes_gcm_ctrl()
582 gctx->iv_gen = 1; in aes_gcm_ctrl()
586 if (gctx->iv_gen == 0 || gctx->key_set == 0) { in aes_gcm_ctrl()
589 CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen); in aes_gcm_ctrl()
590 if (arg <= 0 || arg > gctx->ivlen) { in aes_gcm_ctrl()
591 arg = gctx->ivlen; in aes_gcm_ctrl()
593 memcpy(ptr, gctx->iv + gctx->ivlen - arg, arg); in aes_gcm_ctrl()
597 ctr64_inc(gctx->iv + gctx->ivlen - 8); in aes_gcm_ctrl()
598 gctx->iv_set = 1; in aes_gcm_ctrl()
602 if (gctx->iv_gen == 0 || gctx->key_set == 0 || c->encrypt) { in aes_gcm_ctrl()
605 memcpy(gctx->iv + gctx->ivlen - arg, ptr, arg); in aes_gcm_ctrl()
606 CRYPTO_gcm128_setiv(&gctx->gcm, gctx->iv, gctx->ivlen); in aes_gcm_ctrl()
607 gctx->iv_set = 1; in aes_gcm_ctrl()
613 if (gctx->gcm.key) { in aes_gcm_ctrl()
614 if (gctx->gcm.key != &gctx->ks) { in aes_gcm_ctrl()
619 if (gctx->iv == c->iv) { in aes_gcm_ctrl()
622 gctx_out->iv = OPENSSL_malloc(gctx->ivlen); in aes_gcm_ctrl()
626 memcpy(gctx_out->iv, gctx->iv, gctx->ivlen); in aes_gcm_ctrl()
638 EVP_AES_GCM_CTX *gctx = ctx->cipher_data; in aes_gcm_cipher() local
641 if (!gctx->key_set) { in aes_gcm_cipher()
644 if (!gctx->iv_set) { in aes_gcm_cipher()
650 if (!CRYPTO_gcm128_aad(&gctx->gcm, in, len)) { in aes_gcm_cipher()
654 if (gctx->ctr) { in aes_gcm_cipher()
657 if (len >= 32 && AES_GCM_ASM(gctx)) { in aes_gcm_cipher()
658 size_t res = (16 - gctx->gcm.mres) % 16; in aes_gcm_cipher()
660 if (!CRYPTO_gcm128_encrypt(&gctx->gcm, in, out, res)) { in aes_gcm_cipher()
664 bulk = AES_gcm_encrypt(in + res, out + res, len - res, gctx->gcm.key, in aes_gcm_cipher()
665 gctx->gcm.Yi.c, gctx->gcm.Xi.u); in aes_gcm_cipher()
666 gctx->gcm.len.u[1] += bulk; in aes_gcm_cipher()
670 if (!CRYPTO_gcm128_encrypt_ctr32(&gctx->gcm, in + bulk, out + bulk, in aes_gcm_cipher()
671 len - bulk, gctx->ctr)) { in aes_gcm_cipher()
676 if (!CRYPTO_gcm128_encrypt(&gctx->gcm, in + bulk, out + bulk, in aes_gcm_cipher()
682 if (gctx->ctr) { in aes_gcm_cipher()
685 if (len >= 16 && AES_GCM_ASM(gctx)) { in aes_gcm_cipher()
686 size_t res = (16 - gctx->gcm.mres) % 16; in aes_gcm_cipher()
688 if (!CRYPTO_gcm128_decrypt(&gctx->gcm, in, out, res)) { in aes_gcm_cipher()
692 bulk = AES_gcm_decrypt(in + res, out + res, len - res, gctx->gcm.key, in aes_gcm_cipher()
693 gctx->gcm.Yi.c, gctx->gcm.Xi.u); in aes_gcm_cipher()
694 gctx->gcm.len.u[1] += bulk; in aes_gcm_cipher()
698 if (!CRYPTO_gcm128_decrypt_ctr32(&gctx->gcm, in + bulk, out + bulk, in aes_gcm_cipher()
699 len - bulk, gctx->ctr)) { in aes_gcm_cipher()
704 if (!CRYPTO_gcm128_decrypt(&gctx->gcm, in + bulk, out + bulk, in aes_gcm_cipher()
713 if (gctx->taglen < 0 || in aes_gcm_cipher()
714 !CRYPTO_gcm128_finish(&gctx->gcm, ctx->buf, gctx->taglen) != 0) { in aes_gcm_cipher()
717 gctx->iv_set = 0; in aes_gcm_cipher()
720 CRYPTO_gcm128_tag(&gctx->gcm, ctx->buf, 16); in aes_gcm_cipher()
721 gctx->taglen = 16; in aes_gcm_cipher()
723 gctx->iv_set = 0; in aes_gcm_cipher()
885 EVP_AES_GCM_CTX *gctx = ctx->cipher_data; in aesni_gcm_init_key() local
890 aesni_set_encrypt_key(key, ctx->key_len * 8, &gctx->ks.ks); in aesni_gcm_init_key()
891 CRYPTO_gcm128_init(&gctx->gcm, &gctx->ks, (block128_f)aesni_encrypt); in aesni_gcm_init_key()
892 gctx->ctr = (ctr128_f)aesni_ctr32_encrypt_blocks; in aesni_gcm_init_key()
895 if (iv == NULL && gctx->iv_set) { in aesni_gcm_init_key()
896 iv = gctx->iv; in aesni_gcm_init_key()
899 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); in aesni_gcm_init_key()
900 gctx->iv_set = 1; in aesni_gcm_init_key()
902 gctx->key_set = 1; in aesni_gcm_init_key()
905 if (gctx->key_set) { in aesni_gcm_init_key()
906 CRYPTO_gcm128_setiv(&gctx->gcm, iv, gctx->ivlen); in aesni_gcm_init_key()
908 memcpy(gctx->iv, iv, gctx->ivlen); in aesni_gcm_init_key()
910 gctx->iv_set = 1; in aesni_gcm_init_key()
911 gctx->iv_gen = 0; in aesni_gcm_init_key()