| /openbsd/src/usr.bin/ssh/ |
| D | cipher-chachapoly.c | 63 const u_char *src, u_int len, u_int aadlen, u_int authlen, int do_encrypt) in chachapoly_crypt() argument
82 const u_char *tag = src + aadlen + len; in chachapoly_crypt()
84 poly1305_auth(expected_tag, src, aadlen + len, poly_key); in chachapoly_crypt()
92 if (aadlen) { in chachapoly_crypt()
94 chacha_encrypt_bytes(&ctx->header_ctx, src, dest, aadlen); in chachapoly_crypt()
99 chacha_encrypt_bytes(&ctx->main_ctx, src + aadlen, in chachapoly_crypt()
100 dest + aadlen, len); in chachapoly_crypt()
104 poly1305_auth(dest + aadlen + len, dest, aadlen + len, in chachapoly_crypt()
|
| D | cipher-chachapoly-libcrypto.c | 79 const u_char *src, u_int len, u_int aadlen, u_int authlen, int do_encrypt) in chachapoly_crypt() argument
101 const u_char *tag = src + aadlen + len; in chachapoly_crypt()
103 poly1305_auth(expected_tag, src, aadlen + len, poly_key); in chachapoly_crypt()
111 if (aadlen) { in chachapoly_crypt()
113 EVP_Cipher(ctx->header_evp, dest, src, aadlen) < 0) { in chachapoly_crypt()
122 EVP_Cipher(ctx->main_evp, dest + aadlen, src + aadlen, len) < 0) { in chachapoly_crypt()
129 poly1305_auth(dest + aadlen + len, dest, aadlen + len, in chachapoly_crypt()
|
| D | cipher.c | 340 const u_char *src, u_int len, u_int aadlen, u_int authlen) in cipher_crypt() argument
344 len, aadlen, authlen, cc->encrypt); in cipher_crypt()
347 memcpy(dest, src, aadlen + len); in cipher_crypt()
352 if (aadlen) in cipher_crypt()
353 memcpy(dest, src, aadlen); in cipher_crypt()
354 aesctr_encrypt_bytes(&cc->ac_ctx, src + aadlen, in cipher_crypt()
355 dest + aadlen, len); in cipher_crypt()
372 authlen, (u_char *)src + aadlen + len)) in cipher_crypt()
375 if (aadlen) { in cipher_crypt()
377 EVP_Cipher(cc->evp, NULL, (u_char *)src, aadlen) < 0) in cipher_crypt()
[all …]
|
| D | packet.c | 1144 u_int authlen = 0, aadlen = 0; in ssh_packet_send2_wrapped() local
1160 aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0; in ssh_packet_send2_wrapped()
1196 len -= aadlen; /* packet length is not encrypted for EtM modes */ in ssh_packet_send2_wrapped()
1241 len, padlen, aadlen)); in ssh_packet_send2_wrapped()
1257 len - aadlen, aadlen, authlen)) != 0) in ssh_packet_send2_wrapped()
1538 u_int maclen, aadlen = 0, authlen = 0, block_size; in ssh_packet_read_poll2() local
1562 aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0; in ssh_packet_read_poll2()
1564 if (aadlen && state->packlen == 0) { in ssh_packet_read_poll2()
1613 if (aadlen) { in ssh_packet_read_poll2()
1624 " aadlen %d", block_size, need, maclen, authlen, aadlen)); in ssh_packet_read_poll2()
[all …]
|
| D | sshkey-xmss.c | 891 size_t i, keylen, ivlen, blocksize, authlen, encrypted_len, aadlen; in sshkey_xmss_encrypt_state() local
942 aadlen = sshbuf_len(encoded); in sshkey_xmss_encrypt_state()
951 encrypted_len + aadlen + authlen, &cp)) != 0 || in sshkey_xmss_encrypt_state()
955 encrypted_len, aadlen, authlen)) != 0) in sshkey_xmss_encrypt_state()
982 size_t keylen, ivlen, authlen, aadlen; in sshkey_xmss_decrypt_state() local
1037 aadlen = sshbuf_len(copy) - sshbuf_len(encoded); in sshkey_xmss_decrypt_state()
1044 if ((r = sshbuf_reserve(decrypted, aadlen + encrypted_len, &dp)) != 0 || in sshkey_xmss_decrypt_state()
1048 encrypted_len, aadlen, authlen)) != 0) in sshkey_xmss_decrypt_state()
1060 if ((r = sshbuf_consume(decrypted, aadlen)) != 0) in sshkey_xmss_decrypt_state()
|
| D | cipher-chachapoly.h | 34 u_char *dest, const u_char *src, u_int len, u_int aadlen, u_int authlen,
|
| /openbsd/src/regress/sys/crypto/gmac/ |
| D | gmac_test.c | 639 const unsigned char *aad, size_t aadlen, in dogmac() argument
653 for (i = 0; i < aadlen; i += GMAC_BLOCK_LEN) { in dogmac()
655 memcpy(blk, aad + i, MINIMUM(aadlen - i, GMAC_BLOCK_LEN)); in dogmac()
666 *p = htobe32(aadlen * 8); in dogmac()
|
| /openbsd/src/regress/sys/crypto/chachapoly/ |
| D | chachapoly_test.c | 317 const unsigned char *aad, size_t aadlen, in dopoly() argument
331 for (i = 0; i < aadlen; i += POLY1305_BLOCK_LEN) { in dopoly()
333 memcpy(blk, aad + i, MINIMUM(aadlen - i, POLY1305_BLOCK_LEN)); in dopoly()
344 *p = htole32(aadlen); in dopoly()
|
| /openbsd/src/sys/arch/amd64/amd64/ |
| D | aesni.c | 441 int aadlen, err, ivlen, iskip, oskip, rlen; in aesni_encdec() local
448 aadlen = rlen = err = iskip = oskip = 0; in aesni_encdec()
502 aadlen = crda->crd_len; in aesni_encdec()
504 aadlen += 4; in aesni_encdec()
517 rlen = roundup(aadlen, GMAC_BLOCK_LEN); in aesni_encdec()
529 bzero(buf, aadlen); in aesni_encdec()
583 *dw = htobe32(aadlen * 8); in aesni_encdec()
|
| /openbsd/src/sys/arch/octeon/dev/ |
| D | octcrypto.c | 686 size_t aadlen; in octcrypto_authenc_gmac() local
749 aadlen = crda->crd_len; in octcrypto_authenc_gmac()
751 aadlen += 4; in octcrypto_authenc_gmac()
771 octcrypto_ghash_update(buf, roundup(aadlen, GMAC_BLOCK_LEN)); in octcrypto_authenc_gmac()
774 memset(buf, 0, aadlen); in octcrypto_authenc_gmac()
804 block[0] = htobe64(aadlen * 8); in octcrypto_authenc_gmac()
|
| /openbsd/src/sys/crypto/ |
| D | cryptosoft.c | 494 int aadlen, blksz, i, ivlen, outtype, len, iskip, oskip; in swcr_authenc() local
569 aadlen = crda->crd_len; in swcr_authenc()
580 aadlen += 4; in swcr_authenc()
623 *blkp = htobe32(aadlen * 8); in swcr_authenc()
632 *blkp = htole32(aadlen); in swcr_authenc()
|