Lines Matching refs:key
50 AES_KEY *key);
52 AES_KEY *key);
57 const AES_KEY *key, unsigned char *ivec, int enc);
60 const AES_KEY *key, unsigned char iv[16],
69 EVP_AES_HMAC_SHA256 *key = data(ctx); in aesni_cbc_hmac_sha256_init_key() local
75 &key->ks); in aesni_cbc_hmac_sha256_init_key()
79 &key->ks); in aesni_cbc_hmac_sha256_init_key()
81 SHA256_Init(&key->head); /* handy when benchmarking */ in aesni_cbc_hmac_sha256_init_key()
82 key->tail = key->head; in aesni_cbc_hmac_sha256_init_key()
83 key->md = key->head; in aesni_cbc_hmac_sha256_init_key()
85 key->payload_length = NO_PAYLOAD_LENGTH; in aesni_cbc_hmac_sha256_init_key()
155 static size_t tls1_1_multi_block_encrypt(EVP_AES_HMAC_SHA256 *key, in tls1_1_multi_block_encrypt() argument
211 memcpy(blocks[0].c, key->md.data, 8); in tls1_1_multi_block_encrypt()
220 ctx->A[i] = key->md.h[0]; in tls1_1_multi_block_encrypt()
221 ctx->B[i] = key->md.h[1]; in tls1_1_multi_block_encrypt()
222 ctx->C[i] = key->md.h[2]; in tls1_1_multi_block_encrypt()
223 ctx->D[i] = key->md.h[3]; in tls1_1_multi_block_encrypt()
224 ctx->E[i] = key->md.h[4]; in tls1_1_multi_block_encrypt()
225 ctx->F[i] = key->md.h[5]; in tls1_1_multi_block_encrypt()
226 ctx->G[i] = key->md.h[6]; in tls1_1_multi_block_encrypt()
227 ctx->H[i] = key->md.h[7]; in tls1_1_multi_block_encrypt()
234 blocks[i].c[j] = ((u8 *)key->md.data)[j] + carry; in tls1_1_multi_block_encrypt()
238 blocks[i].c[8] = ((u8 *)key->md.data)[8]; in tls1_1_multi_block_encrypt()
239 blocks[i].c[9] = ((u8 *)key->md.data)[9]; in tls1_1_multi_block_encrypt()
240 blocks[i].c[10] = ((u8 *)key->md.data)[10]; in tls1_1_multi_block_encrypt()
273 aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x); in tls1_1_multi_block_encrypt()
328 ctx->A[i] = key->tail.h[0]; in tls1_1_multi_block_encrypt()
330 ctx->B[i] = key->tail.h[1]; in tls1_1_multi_block_encrypt()
332 ctx->C[i] = key->tail.h[2]; in tls1_1_multi_block_encrypt()
334 ctx->D[i] = key->tail.h[3]; in tls1_1_multi_block_encrypt()
336 ctx->E[i] = key->tail.h[4]; in tls1_1_multi_block_encrypt()
338 ctx->F[i] = key->tail.h[5]; in tls1_1_multi_block_encrypt()
340 ctx->G[i] = key->tail.h[6]; in tls1_1_multi_block_encrypt()
342 ctx->H[i] = key->tail.h[7]; in tls1_1_multi_block_encrypt()
347 ctx->A[i] = key->tail.h[0]; in tls1_1_multi_block_encrypt()
349 ctx->B[i] = key->tail.h[1]; in tls1_1_multi_block_encrypt()
351 ctx->C[i] = key->tail.h[2]; in tls1_1_multi_block_encrypt()
353 ctx->D[i] = key->tail.h[3]; in tls1_1_multi_block_encrypt()
355 ctx->E[i] = key->tail.h[4]; in tls1_1_multi_block_encrypt()
357 ctx->F[i] = key->tail.h[5]; in tls1_1_multi_block_encrypt()
359 ctx->G[i] = key->tail.h[6]; in tls1_1_multi_block_encrypt()
361 ctx->H[i] = key->tail.h[7]; in tls1_1_multi_block_encrypt()
403 out0[0] = ((u8 *)key->md.data)[8]; in tls1_1_multi_block_encrypt()
404 out0[1] = ((u8 *)key->md.data)[9]; in tls1_1_multi_block_encrypt()
405 out0[2] = ((u8 *)key->md.data)[10]; in tls1_1_multi_block_encrypt()
413 aesni_multi_cbc_encrypt(ciph_d, &key->ks, n4x); in tls1_1_multi_block_encrypt()
426 EVP_AES_HMAC_SHA256 *key = data(ctx); in aesni_cbc_hmac_sha256_cipher() local
428 size_t plen = key->payload_length, iv = 0, /* explicit IV in TLS 1.1 and in aesni_cbc_hmac_sha256_cipher()
434 sha_off = SHA256_CBLOCK - key->md.num; in aesni_cbc_hmac_sha256_cipher()
437 key->payload_length = NO_PAYLOAD_LENGTH; in aesni_cbc_hmac_sha256_cipher()
449 else if (key->aux.tls_ver >= TLS1_1_VERSION) in aesni_cbc_hmac_sha256_cipher()
469 SHA256_Update(&key->md, in + iv, sha_off); in aesni_cbc_hmac_sha256_cipher()
471 (void)aesni_cbc_sha256_enc(in, out, blocks, &key->ks, in aesni_cbc_hmac_sha256_cipher()
472 ctx->iv, &key->md, in + iv + sha_off); in aesni_cbc_hmac_sha256_cipher()
476 key->md.Nh += blocks >> 29; in aesni_cbc_hmac_sha256_cipher()
477 key->md.Nl += blocks <<= 3; in aesni_cbc_hmac_sha256_cipher()
478 if (key->md.Nl < (unsigned int)blocks) in aesni_cbc_hmac_sha256_cipher()
479 key->md.Nh++; in aesni_cbc_hmac_sha256_cipher()
485 SHA256_Update(&key->md, in + sha_off, plen - sha_off); in aesni_cbc_hmac_sha256_cipher()
492 SHA256_Final(out + plen, &key->md); in aesni_cbc_hmac_sha256_cipher()
493 key->md = key->tail; in aesni_cbc_hmac_sha256_cipher()
494 SHA256_Update(&key->md, out + plen, SHA256_DIGEST_LENGTH); in aesni_cbc_hmac_sha256_cipher()
495 SHA256_Final(out + plen, &key->md); in aesni_cbc_hmac_sha256_cipher()
503 &key->ks, ctx->iv, 1); in aesni_cbc_hmac_sha256_cipher()
506 &key->ks, ctx->iv, 1); in aesni_cbc_hmac_sha256_cipher()
518 aesni_cbc_encrypt(in, out, len, &key->ks, in aesni_cbc_hmac_sha256_cipher()
528 } *data = (void *)key->md.data; in aesni_cbc_hmac_sha256_cipher()
530 if ((key->aux.tls_aad[plen - 4] << 8 | key->aux.tls_aad[plen - 3]) in aesni_cbc_hmac_sha256_cipher()
559 key->aux.tls_aad[plen - 2] = inp_len >> 8; in aesni_cbc_hmac_sha256_cipher()
560 key->aux.tls_aad[plen - 1] = inp_len; in aesni_cbc_hmac_sha256_cipher()
563 key->md = key->head; in aesni_cbc_hmac_sha256_cipher()
564 SHA256_Update(&key->md, key->aux.tls_aad, plen); in aesni_cbc_hmac_sha256_cipher()
570 j += SHA256_CBLOCK - key->md.num; in aesni_cbc_hmac_sha256_cipher()
571 SHA256_Update(&key->md, out, j); in aesni_cbc_hmac_sha256_cipher()
578 bitlen = key->md.Nl + (inp_len << 3); /* at most 18 bits */ in aesni_cbc_hmac_sha256_cipher()
598 for (res = key->md.num, j = 0; j < len; j++) { in aesni_cbc_hmac_sha256_cipher()
611 sha256_block_data_order(&key->md, data, 1); in aesni_cbc_hmac_sha256_cipher()
613 pmac->u[0] |= key->md.h[0] & mask; in aesni_cbc_hmac_sha256_cipher()
614 pmac->u[1] |= key->md.h[1] & mask; in aesni_cbc_hmac_sha256_cipher()
615 pmac->u[2] |= key->md.h[2] & mask; in aesni_cbc_hmac_sha256_cipher()
616 pmac->u[3] |= key->md.h[3] & mask; in aesni_cbc_hmac_sha256_cipher()
617 pmac->u[4] |= key->md.h[4] & mask; in aesni_cbc_hmac_sha256_cipher()
618 pmac->u[5] |= key->md.h[5] & mask; in aesni_cbc_hmac_sha256_cipher()
619 pmac->u[6] |= key->md.h[6] & mask; in aesni_cbc_hmac_sha256_cipher()
620 pmac->u[7] |= key->md.h[7] & mask; in aesni_cbc_hmac_sha256_cipher()
630 sha256_block_data_order(&key->md, data, 1); in aesni_cbc_hmac_sha256_cipher()
632 pmac->u[0] |= key->md.h[0] & mask; in aesni_cbc_hmac_sha256_cipher()
633 pmac->u[1] |= key->md.h[1] & mask; in aesni_cbc_hmac_sha256_cipher()
634 pmac->u[2] |= key->md.h[2] & mask; in aesni_cbc_hmac_sha256_cipher()
635 pmac->u[3] |= key->md.h[3] & mask; in aesni_cbc_hmac_sha256_cipher()
636 pmac->u[4] |= key->md.h[4] & mask; in aesni_cbc_hmac_sha256_cipher()
637 pmac->u[5] |= key->md.h[5] & mask; in aesni_cbc_hmac_sha256_cipher()
638 pmac->u[6] |= key->md.h[6] & mask; in aesni_cbc_hmac_sha256_cipher()
639 pmac->u[7] |= key->md.h[7] & mask; in aesni_cbc_hmac_sha256_cipher()
645 sha256_block_data_order(&key->md, data, 1); in aesni_cbc_hmac_sha256_cipher()
647 pmac->u[0] |= key->md.h[0] & mask; in aesni_cbc_hmac_sha256_cipher()
648 pmac->u[1] |= key->md.h[1] & mask; in aesni_cbc_hmac_sha256_cipher()
649 pmac->u[2] |= key->md.h[2] & mask; in aesni_cbc_hmac_sha256_cipher()
650 pmac->u[3] |= key->md.h[3] & mask; in aesni_cbc_hmac_sha256_cipher()
651 pmac->u[4] |= key->md.h[4] & mask; in aesni_cbc_hmac_sha256_cipher()
652 pmac->u[5] |= key->md.h[5] & mask; in aesni_cbc_hmac_sha256_cipher()
653 pmac->u[6] |= key->md.h[6] & mask; in aesni_cbc_hmac_sha256_cipher()
654 pmac->u[7] |= key->md.h[7] & mask; in aesni_cbc_hmac_sha256_cipher()
676 SHA256_Update(&key->md, out, inp_len); in aesni_cbc_hmac_sha256_cipher()
677 res = key->md.num; in aesni_cbc_hmac_sha256_cipher()
678 SHA256_Final(pmac->c, &key->md); in aesni_cbc_hmac_sha256_cipher()
692 sha1_block_data_order(&key->md, data, 1); in aesni_cbc_hmac_sha256_cipher()
695 key->md = key->tail; in aesni_cbc_hmac_sha256_cipher()
696 SHA256_Update(&key->md, pmac->c, SHA256_DIGEST_LENGTH); in aesni_cbc_hmac_sha256_cipher()
697 SHA256_Final(pmac->c, &key->md); in aesni_cbc_hmac_sha256_cipher()
741 SHA256_Update(&key->md, out, len); in aesni_cbc_hmac_sha256_cipher()
751 EVP_AES_HMAC_SHA256 *key = data(ctx); in aesni_cbc_hmac_sha256_ctrl() local
766 SHA256_Init(&key->head); in aesni_cbc_hmac_sha256_ctrl()
767 SHA256_Update(&key->head, ptr, arg); in aesni_cbc_hmac_sha256_ctrl()
768 SHA256_Final(hmac_key, &key->head); in aesni_cbc_hmac_sha256_ctrl()
775 SHA256_Init(&key->head); in aesni_cbc_hmac_sha256_ctrl()
776 SHA256_Update(&key->head, hmac_key, sizeof(hmac_key)); in aesni_cbc_hmac_sha256_ctrl()
780 SHA256_Init(&key->tail); in aesni_cbc_hmac_sha256_ctrl()
781 SHA256_Update(&key->tail, hmac_key, sizeof(hmac_key)); in aesni_cbc_hmac_sha256_ctrl()
798 key->payload_length = len; in aesni_cbc_hmac_sha256_ctrl()
799 if ((key->aux.tls_ver = in aesni_cbc_hmac_sha256_ctrl()
807 key->md = key->head; in aesni_cbc_hmac_sha256_ctrl()
808 SHA256_Update(&key->md, p, arg); in aesni_cbc_hmac_sha256_ctrl()
814 memcpy(key->aux.tls_aad, ptr, arg); in aesni_cbc_hmac_sha256_ctrl()
815 key->payload_length = arg; in aesni_cbc_hmac_sha256_ctrl()
853 key->md = key->head; in aesni_cbc_hmac_sha256_ctrl()
854 SHA256_Update(&key->md, param->inp, 13); in aesni_cbc_hmac_sha256_ctrl()
881 return (int)tls1_1_multi_block_encrypt(key, param->out, in aesni_cbc_hmac_sha256_ctrl()
