Coverage Report

Created: 2024-11-21 07:03

/src/libgcrypt/cipher/cipher-internal.h
Line
Count
Source (jump to first uncovered line)
1
/* cipher-internal.h  - Internal defs for cipher.c
2
 * Copyright (C) 2011 Free Software Foundation, Inc.
3
 *
4
 * This file is part of Libgcrypt.
5
 *
6
 * Libgcrypt is free software; you can redistribute it and/or modify
7
 * it under the terms of the GNU Lesser General Public License as
8
 * published by the Free Software Foundation; either version 2.1 of
9
 * the License, or (at your option) any later version.
10
 *
11
 * Libgcrypt is distributed in the hope that it will be useful,
12
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14
 * GNU Lesser General Public License for more details.
15
 *
16
 * You should have received a copy of the GNU Lesser General Public
17
 * License along with this program; if not, see <http://www.gnu.org/licenses/>.
18
 */
19
20
#ifndef G10_CIPHER_INTERNAL_H
21
#define G10_CIPHER_INTERNAL_H
22
23
#include "./poly1305-internal.h"
24
25
26
/* The maximum supported size of a block in bytes.  */
27
252
#define MAX_BLOCKSIZE 16
28
29
/* The length for an OCB block.  Although OCB supports any block
30
   length it does not make sense to use a 64 bit blocklen (and cipher)
31
   because this reduces the security margin to an unacceptable state.
32
   Thus we require a cipher with 128 bit blocklength.  */
33
0
#define OCB_BLOCK_LEN  (128/8)
34
35
/* The size of the pre-computed L table for OCB.  This takes the same
36
   size as the table used for GCM and thus we don't save anything by
37
   not using such a table.  */
38
0
#define OCB_L_TABLE_SIZE 16
39
40
41
/* Check the above constants.  */
42
#if OCB_BLOCK_LEN > MAX_BLOCKSIZE
43
# error OCB_BLOCKLEN > MAX_BLOCKSIZE
44
#endif
45
46
47
48
/* Magic values for the context structure.  */
49
1.55k
#define CTX_MAGIC_NORMAL 0x24091964
50
872
#define CTX_MAGIC_SECURE 0x46919042
51
52
/* Try to use 16 byte aligned cipher context for better performance.
53
   We use the aligned attribute, thus it is only possible to implement
54
   this with gcc.  */
55
#undef NEED_16BYTE_ALIGNED_CONTEXT
56
#ifdef HAVE_GCC_ATTRIBUTE_ALIGNED
57
# define NEED_16BYTE_ALIGNED_CONTEXT 1
58
#endif
59
60
/* Undef this symbol to trade GCM speed for 256 bytes of memory per context */
61
#define GCM_USE_TABLES 1
62
63
64
/* GCM_USE_INTEL_PCLMUL indicates whether to compile GCM with Intel PCLMUL
65
   code.  */
66
#undef GCM_USE_INTEL_PCLMUL
67
#if defined(ENABLE_PCLMUL_SUPPORT) && defined(GCM_USE_TABLES)
68
# if ((defined(__i386__) && SIZEOF_UNSIGNED_LONG == 4) || defined(__x86_64__))
69
#  if __GNUC__ >= 4
70
#   define GCM_USE_INTEL_PCLMUL 1
71
#  endif
72
# endif
73
#endif /* GCM_USE_INTEL_PCLMUL */
74
75
/* GCM_USE_INTEL_VPCLMUL_AVX2 indicates whether to compile GCM with Intel
76
   VPCLMUL/AVX2 code.  */
77
#undef GCM_USE_INTEL_VPCLMUL_AVX2
78
#if defined(__x86_64__) && defined(GCM_USE_INTEL_PCLMUL) && \
79
    defined(ENABLE_AVX2_SUPPORT) && defined(HAVE_GCC_INLINE_ASM_VAES_VPCLMUL)
80
# define GCM_USE_INTEL_VPCLMUL_AVX2 1
81
#endif /* GCM_USE_INTEL_VPCLMUL_AVX2 */
82
83
/* GCM_USE_INTEL_VPCLMUL_AVX512 indicates whether to compile GCM with Intel
84
   VPCLMUL/AVX512 code.  */
85
#undef GCM_USE_INTEL_VPCLMUL_AVX512
86
#if defined(__x86_64__) && defined(GCM_USE_INTEL_VPCLMUL_AVX2) && \
87
    defined(ENABLE_AVX512_SUPPORT) && defined(HAVE_GCC_INLINE_ASM_AVX512)
88
# define GCM_USE_INTEL_VPCLMUL_AVX512 1
89
#endif /* GCM_USE_INTEL_VPCLMUL_AVX512 */
90
91
/* GCM_USE_ARM_PMULL indicates whether to compile GCM with ARMv8 PMULL code. */
92
#undef GCM_USE_ARM_PMULL
93
#if defined(ENABLE_ARM_CRYPTO_SUPPORT) && defined(GCM_USE_TABLES)
94
# if defined(HAVE_ARM_ARCH_V6) && defined(__ARMEL__) \
95
     && defined(HAVE_COMPATIBLE_GCC_ARM_PLATFORM_AS) \
96
     && defined(HAVE_GCC_INLINE_ASM_AARCH32_CRYPTO)
97
#  define GCM_USE_ARM_PMULL 1
98
# elif defined(__AARCH64EL__) && \
99
    defined(HAVE_COMPATIBLE_GCC_AARCH64_PLATFORM_AS) && \
100
    defined(HAVE_GCC_INLINE_ASM_AARCH64_CRYPTO)
101
#  define GCM_USE_ARM_PMULL 1
102
# endif
103
#endif /* GCM_USE_ARM_PMULL */
104
105
/* GCM_USE_ARM_NEON indicates whether to compile GCM with ARMv7 NEON code. */
106
#undef GCM_USE_ARM_NEON
107
#if defined(GCM_USE_TABLES)
108
#if defined(HAVE_ARM_ARCH_V6) && defined(__ARMEL__) && \
109
    defined(HAVE_COMPATIBLE_GCC_ARM_PLATFORM_AS) && \
110
    defined(HAVE_GCC_INLINE_ASM_NEON)
111
#  define GCM_USE_ARM_NEON 1
112
#endif
113
#endif /* GCM_USE_ARM_NEON */
114
115
/* GCM_USE_AARCH64 indicates whether to compile GCM with AArch64 SIMD code. */
116
#undef GCM_USE_AARCH64
117
#if defined(__AARCH64EL__) && defined(HAVE_COMPATIBLE_GCC_AARCH64_PLATFORM_AS)
118
# define GCM_USE_AARCH64 1
119
#endif
120
121
/* GCM_USE_S390X_CRYPTO indicates whether to enable zSeries code. */
122
#undef GCM_USE_S390X_CRYPTO
123
#if defined(HAVE_GCC_INLINE_ASM_S390X)
124
# define GCM_USE_S390X_CRYPTO 1
125
#endif /* GCM_USE_S390X_CRYPTO */
126
127
/* GCM_USE_PPC_VPMSUM indicates whether to compile GCM with PPC Power 8
128
 * polynomial multiplication instruction. */
129
#undef GCM_USE_PPC_VPMSUM
130
#if defined(GCM_USE_TABLES)
131
#if defined(ENABLE_PPC_CRYPTO_SUPPORT) && defined(__powerpc64__) && \
132
    defined(HAVE_COMPATIBLE_CC_PPC_ALTIVEC) && \
133
    defined(HAVE_GCC_INLINE_ASM_PPC_ALTIVEC) && __GNUC__ >= 4
134
#  define GCM_USE_PPC_VPMSUM 1
135
#  define NEED_16BYTE_ALIGNED_CONTEXT 1 /* this also aligns gcm_table */
136
#endif
137
#endif /* GCM_USE_PPC_VPMSUM */
138
139
typedef unsigned int (*ghash_fn_t) (gcry_cipher_hd_t c, byte *result,
140
                                    const byte *buf, size_t nblocks);
141
142
143
/* A structure with function pointers for mode operations. */
144
typedef struct cipher_mode_ops
145
{
146
  gcry_err_code_t (*encrypt)(gcry_cipher_hd_t c, unsigned char *outbuf,
147
           size_t outbuflen, const unsigned char *inbuf,
148
           size_t inbuflen);
149
  gcry_err_code_t (*decrypt)(gcry_cipher_hd_t c, unsigned char *outbuf,
150
           size_t outbuflen, const unsigned char *inbuf,
151
           size_t inbuflen);
152
  gcry_err_code_t (*setiv)(gcry_cipher_hd_t c, const unsigned char *iv,
153
         size_t ivlen);
154
155
  gcry_err_code_t (*authenticate)(gcry_cipher_hd_t c,
156
          const unsigned char *abuf, size_t abuflen);
157
  gcry_err_code_t (*get_tag)(gcry_cipher_hd_t c, unsigned char *outtag,
158
           size_t taglen);
159
  gcry_err_code_t (*check_tag)(gcry_cipher_hd_t c, const unsigned char *intag,
160
             size_t taglen);
161
} cipher_mode_ops_t;
162
163
164
/* A structure with function pointers for bulk operations.  The cipher
165
   algorithm setkey function initializes them when bulk operations are
166
   available and the actual encryption routines use them if they are
167
   not NULL.  */
168
typedef struct cipher_bulk_ops
169
{
170
  void (*ecb_crypt)(void *context, void *outbuf_arg, const void *inbuf_arg,
171
        size_t nblocks, int encrypt);
172
  void (*cfb_enc)(void *context, unsigned char *iv, void *outbuf_arg,
173
      const void *inbuf_arg, size_t nblocks);
174
  void (*cfb_dec)(void *context, unsigned char *iv, void *outbuf_arg,
175
      const void *inbuf_arg, size_t nblocks);
176
  void (*cbc_enc)(void *context, unsigned char *iv, void *outbuf_arg,
177
      const void *inbuf_arg, size_t nblocks, int cbc_mac);
178
  void (*cbc_dec)(void *context, unsigned char *iv, void *outbuf_arg,
179
      const void *inbuf_arg, size_t nblocks);
180
  void (*ofb_enc)(void *context, unsigned char *iv, void *outbuf_arg,
181
      const void *inbuf_arg, size_t nblocks);
182
  void (*ctr_enc)(void *context, unsigned char *iv, void *outbuf_arg,
183
      const void *inbuf_arg, size_t nblocks);
184
  void (*ctr32le_enc)(void *context, unsigned char *iv, void *outbuf_arg,
185
          const void *inbuf_arg, size_t nblocks);
186
  size_t (*ocb_crypt)(gcry_cipher_hd_t c, void *outbuf_arg,
187
          const void *inbuf_arg, size_t nblocks, int encrypt);
188
  size_t (*ocb_auth)(gcry_cipher_hd_t c, const void *abuf_arg, size_t nblocks);
189
  void (*xts_crypt)(void *context, unsigned char *tweak, void *outbuf_arg,
190
        const void *inbuf_arg, size_t nblocks, int encrypt);
191
  size_t (*gcm_crypt)(gcry_cipher_hd_t c, void *outbuf_arg,
192
          const void *inbuf_arg, size_t nblocks, int encrypt);
193
} cipher_bulk_ops_t;
194
195
196
/* A VIA processor with the Padlock engine as well as the Intel AES_NI
197
   instructions require an alignment of most data on a 16 byte
198
   boundary.  Because we trick out the compiler while allocating the
199
   context, the align attribute as used in rijndael.c does not work on
200
   its own.  Thus we need to make sure that the entire context
201
   structure is a aligned on that boundary.  We achieve this by
202
   defining a new type and use that instead of our usual alignment
203
   type.  */
204
typedef union
205
{
206
  PROPERLY_ALIGNED_TYPE foo;
207
#ifdef NEED_16BYTE_ALIGNED_CONTEXT
208
  char bar[16] __attribute__ ((aligned (16)));
209
#endif
210
  char c[1];
211
} cipher_context_alignment_t;
212
213
214
/* Storage structure for CMAC, for CMAC and EAX modes. */
215
typedef struct {
216
  /* The initialization vector. Also contains tag after finalization. */
217
  union {
218
    cipher_context_alignment_t iv_align;
219
    unsigned char iv[MAX_BLOCKSIZE];
220
  } u_iv;
221
222
  /* Subkeys for tag creation, not cleared by gcry_cipher_reset. */
223
  unsigned char subkeys[2][MAX_BLOCKSIZE];
224
225
  /* Space to save partial input lengths for MAC. */
226
  unsigned char macbuf[MAX_BLOCKSIZE];
227
228
  int mac_unused;  /* Number of unprocessed bytes in MACBUF. */
229
  unsigned int tag:1; /* Set to 1 if tag has been finalized.  */
230
} gcry_cmac_context_t;
231
232
233
/* The handle structure.  */
234
struct gcry_cipher_handle
235
{
236
  int magic;
237
  size_t actual_handle_size;     /* Allocated size of this handle. */
238
  size_t handle_offset;          /* Offset to the malloced block.  */
239
  gcry_cipher_spec_t *spec;
240
241
  /* The algorithm id.  This is a hack required because the module
242
     interface does not easily allow to retrieve this value. */
243
  int algo;
244
245
  /* A structure with function pointers for mode operations. */
246
  cipher_mode_ops_t mode_ops;
247
248
  /* A structure with function pointers for bulk operations.  Due to
249
     limitations of the module system (we don't want to change the
250
     API) we need to keep these function pointers here.  */
251
  cipher_bulk_ops_t bulk;
252
253
  int mode;
254
  unsigned int flags;
255
256
  struct {
257
    int geniv_method;
258
    unsigned char fixed[MAX_BLOCKSIZE];
259
    unsigned char dynamic[MAX_BLOCKSIZE];
260
    size_t fixed_iv_len;
261
    size_t dynamic_iv_len;
262
  } aead;
263
264
  struct {
265
    unsigned int key:1; /* Set to 1 if a key has been set.  */
266
    unsigned int iv:1;  /* Set to 1 if a IV has been set.  */
267
    unsigned int tag:1; /* Set to 1 if a tag is finalized. */
268
    unsigned int finalize:1; /* Next encrypt/decrypt has the final data.  */
269
    unsigned int allow_weak_key:1; /* Set to 1 if weak keys are allowed. */
270
  } marks;
271
272
  /* The initialization vector.  For best performance we make sure
273
     that it is properly aligned.  In particular some implementations
274
     of bulk operations expect an 16 byte aligned IV.  IV is also used
275
     to store CBC-MAC in CCM mode; counter IV is stored in U_CTR.  For
276
     OCB mode it is used for the offset value.  */
277
  union {
278
    cipher_context_alignment_t iv_align;
279
    unsigned char iv[MAX_BLOCKSIZE];
280
  } u_iv;
281
282
  /* The counter for CTR mode.  This field is also used by AESWRAP and
283
     thus we can't use the U_IV union.  For OCB mode it is used for
284
     the checksum.  */
285
  union {
286
    cipher_context_alignment_t iv_align;
287
    unsigned char ctr[MAX_BLOCKSIZE];
288
  } u_ctr;
289
290
  /* Space to save an IV or CTR for chaining operations.  */
291
  unsigned char lastiv[MAX_BLOCKSIZE];
292
  int unused;  /* Number of unused bytes in LASTIV. */
293
294
  union {
295
    /* Mode specific storage for CCM mode. */
296
    struct {
297
      u64 encryptlen;
298
      u64 aadlen;
299
      unsigned int authlen;
300
301
      /* Space to save partial input lengths for MAC. */
302
      unsigned char macbuf[GCRY_CCM_BLOCK_LEN];
303
      int mac_unused;  /* Number of unprocessed bytes in MACBUF. */
304
305
      unsigned char s0[GCRY_CCM_BLOCK_LEN];
306
307
      unsigned int nonce:1; /* Set to 1 if nonce has been set.  */
308
      unsigned int lengths:1; /* Set to 1 if CCM length parameters has been
309
                                 processed.  */
310
    } ccm;
311
312
    /* Mode specific storage for Poly1305 mode. */
313
    struct {
314
      /* byte counter for AAD. */
315
      u32 aadcount[2];
316
317
      /* byte counter for data. */
318
      u32 datacount[2];
319
320
      unsigned int aad_finalized:1;
321
      unsigned int bytecount_over_limits:1;
322
323
      poly1305_context_t ctx;
324
    } poly1305;
325
326
    /* Mode specific storage for CMAC mode. */
327
    gcry_cmac_context_t cmac;
328
329
    /* Mode specific storage for EAX mode. */
330
    struct {
331
      /* CMAC for header (AAD). */
332
      gcry_cmac_context_t cmac_header;
333
334
      /* CMAC for ciphertext. */
335
      gcry_cmac_context_t cmac_ciphertext;
336
    } eax;
337
338
    /* Mode specific storage for GCM mode and GCM-SIV mode. */
339
    struct {
340
      /* The interim tag for GCM mode.  */
341
      union {
342
        cipher_context_alignment_t iv_align;
343
        unsigned char tag[MAX_BLOCKSIZE];
344
      } u_tag;
345
346
      /* Space to save partial input lengths for MAC. */
347
      unsigned char macbuf[GCRY_CCM_BLOCK_LEN];
348
      int mac_unused;  /* Number of unprocessed bytes in MACBUF. */
349
350
      /* byte counters for GCM */
351
      u32 aadlen[2];
352
      u32 datalen[2];
353
354
      /* encrypted tag counter */
355
      unsigned char tagiv[MAX_BLOCKSIZE];
356
357
      unsigned int ghash_data_finalized:1;
358
      unsigned int ghash_aad_finalized:1;
359
360
      unsigned int datalen_over_limits:1;
361
      unsigned int disallow_encryption_because_of_setiv_in_fips_mode:1;
362
363
      /* --- Following members are not cleared in gcry_cipher_reset --- */
364
365
      /* GHASH multiplier from key.  */
366
      union {
367
        cipher_context_alignment_t iv_align;
368
        unsigned char key[MAX_BLOCKSIZE];
369
      } u_ghash_key;
370
371
      /* Pre-calculated table for GCM. */
372
#ifdef GCM_USE_TABLES
373
 #if (SIZEOF_UNSIGNED_LONG == 8 || defined(__x86_64__))
374
      #define GCM_TABLES_USE_U64 1
375
      u64 gcm_table[4 * 16];
376
 #else
377
      #undef GCM_TABLES_USE_U64
378
      u32 gcm_table[8 * 16];
379
 #endif
380
#endif
381
382
      /* GHASH implementation in use. */
383
      ghash_fn_t ghash_fn;
384
385
      /* POLYVAL implementation in use (GCM-SIV). */
386
      ghash_fn_t polyval_fn;
387
388
      /* Key length used for GCM-SIV key generating key. */
389
      unsigned int siv_keylen;
390
391
      /* Flags for accelerated implementations. */
392
      unsigned int hw_impl_flags;
393
    } gcm;
394
395
    /* Mode specific storage for OCB mode. */
396
    struct {
397
      /* --- Following members are not cleared in gcry_cipher_reset --- */
398
399
      /* Helper variables and pre-computed table of L values.  */
400
      unsigned char L_star[OCB_BLOCK_LEN];
401
      unsigned char L_dollar[OCB_BLOCK_LEN];
402
      unsigned char L0L1[OCB_BLOCK_LEN];
403
      unsigned char L[OCB_L_TABLE_SIZE][OCB_BLOCK_LEN];
404
405
      /* --- Following members are cleared in gcry_cipher_reset --- */
406
407
      /* The tag is valid if marks.tag has been set.  */
408
      unsigned char tag[OCB_BLOCK_LEN];
409
410
      /* A buffer to hold the offset for the AAD processing.  */
411
      unsigned char aad_offset[OCB_BLOCK_LEN];
412
413
      /* A buffer to hold the current sum of AAD processing.  We can't
414
         use tag here because tag may already hold the preprocessed
415
         checksum of the data.  */
416
      unsigned char aad_sum[OCB_BLOCK_LEN];
417
418
      /* A buffer to store AAD data not yet processed.  */
419
      unsigned char aad_leftover[OCB_BLOCK_LEN];
420
421
      /* Number of data/aad blocks processed so far.  */
422
      u64 data_nblocks;
423
      u64 aad_nblocks;
424
425
      /* Number of valid bytes in AAD_LEFTOVER.  */
426
      unsigned char aad_nleftover;
427
428
      /* Length of the tag.  Fixed for now but may eventually be
429
         specified using a set of gcry_cipher_flags.  */
430
      unsigned char taglen;
431
432
      /* Flags indicating that the final data/aad block has been
433
         processed.  */
434
      unsigned int data_finalized:1;
435
      unsigned int aad_finalized:1;
436
    } ocb;
437
438
    /* Mode specific storage for XTS mode. */
439
    struct {
440
      /* Pointer to tweak cipher context, allocated after actual
441
       * cipher context. */
442
      char *tweak_context;
443
    } xts;
444
445
    /* Mode specific storage for SIV mode. */
446
    struct {
447
      /* Tag used for decryption. */
448
      unsigned char dec_tag[GCRY_SIV_BLOCK_LEN];
449
450
      /* S2V state. */
451
      unsigned char s2v_d[GCRY_SIV_BLOCK_LEN];
452
453
      /* Number of AAD elements processed. */
454
      unsigned int aad_count:8;
455
456
      /* Flags for SIV state. */
457
      unsigned int dec_tag_set:1;
458
459
      /* --- Following members are not cleared in gcry_cipher_reset --- */
460
461
      /* S2V CMAC state. */
462
      gcry_cmac_context_t s2v_cmac;
463
      unsigned char s2v_zero_block[GCRY_SIV_BLOCK_LEN];
464
465
      /* Pointer to CTR cipher context, allocated after actual
466
       * cipher context. */
467
      char *ctr_context;
468
    } siv;
469
470
    /* Mode specific storage for WRAP mode. */
471
    struct {
472
      unsigned char plen[4];
473
    } wrap;
474
  } u_mode;
475
476
  /* What follows are two contexts of the cipher in use.  The first
477
     one needs to be aligned well enough for the cipher operation
478
     whereas the second one is a copy created by cipher_setkey and
479
     used by cipher_reset.  That second copy has no need for proper
480
     aligment because it is only accessed by memcpy.  */
481
  cipher_context_alignment_t context;
482
};
483
484
485
/*-- cipher-cbc.c --*/
486
gcry_err_code_t _gcry_cipher_cbc_encrypt
487
/*           */ (gcry_cipher_hd_t c,
488
                 unsigned char *outbuf, size_t outbuflen,
489
                 const unsigned char *inbuf, size_t inbuflen);
490
gcry_err_code_t _gcry_cipher_cbc_decrypt
491
/*           */ (gcry_cipher_hd_t c,
492
                 unsigned char *outbuf, size_t outbuflen,
493
                 const unsigned char *inbuf, size_t inbuflen);
494
gcry_err_code_t _gcry_cipher_cbc_cts_encrypt
495
/*           */ (gcry_cipher_hd_t c,
496
                 unsigned char *outbuf, size_t outbuflen,
497
                 const unsigned char *inbuf, size_t inbuflen);
498
gcry_err_code_t _gcry_cipher_cbc_cts_decrypt
499
/*           */ (gcry_cipher_hd_t c,
500
                 unsigned char *outbuf, size_t outbuflen,
501
                 const unsigned char *inbuf, size_t inbuflen);
502
503
/*-- cipher-cfb.c --*/
504
gcry_err_code_t _gcry_cipher_cfb_encrypt
505
/*           */ (gcry_cipher_hd_t c,
506
                 unsigned char *outbuf, size_t outbuflen,
507
                 const unsigned char *inbuf, size_t inbuflen);
508
gcry_err_code_t _gcry_cipher_cfb_decrypt
509
/*           */ (gcry_cipher_hd_t c,
510
                 unsigned char *outbuf, size_t outbuflen,
511
                 const unsigned char *inbuf, size_t inbuflen);
512
gcry_err_code_t _gcry_cipher_cfb8_encrypt
513
/*           */ (gcry_cipher_hd_t c,
514
                 unsigned char *outbuf, size_t outbuflen,
515
                 const unsigned char *inbuf, size_t inbuflen);
516
gcry_err_code_t _gcry_cipher_cfb8_decrypt
517
/*           */ (gcry_cipher_hd_t c,
518
                 unsigned char *outbuf, size_t outbuflen,
519
                 const unsigned char *inbuf, size_t inbuflen);
520
521
522
/*-- cipher-ofb.c --*/
523
gcry_err_code_t _gcry_cipher_ofb_encrypt
524
/*           */ (gcry_cipher_hd_t c,
525
                 unsigned char *outbuf, size_t outbuflen,
526
                 const unsigned char *inbuf, size_t inbuflen);
527
528
/*-- cipher-ctr.c --*/
529
gcry_err_code_t _gcry_cipher_ctr_encrypt_ctx
530
/*           */ (gcry_cipher_hd_t c,
531
     unsigned char *outbuf, size_t outbuflen,
532
     const unsigned char *inbuf, size_t inbuflen,
533
     void *algo_context);
534
gcry_err_code_t _gcry_cipher_ctr_encrypt
535
/*           */ (gcry_cipher_hd_t c,
536
                 unsigned char *outbuf, size_t outbuflen,
537
                 const unsigned char *inbuf, size_t inbuflen);
538
539
540
/*-- cipher-aeswrap.c --*/
541
gcry_err_code_t _gcry_cipher_keywrap_encrypt
542
/*           */   (gcry_cipher_hd_t c,
543
                   byte *outbuf, size_t outbuflen,
544
                   const byte *inbuf, size_t inbuflen);
545
gcry_err_code_t _gcry_cipher_keywrap_encrypt_padding
546
/*           */   (gcry_cipher_hd_t c,
547
                   byte *outbuf, size_t outbuflen,
548
                   const byte *inbuf, size_t inbuflen);
549
gcry_err_code_t _gcry_cipher_keywrap_decrypt_auto
550
/*           */   (gcry_cipher_hd_t c,
551
                   byte *outbuf, size_t outbuflen,
552
                   const byte *inbuf, size_t inbuflen);
553
554
555
/*-- cipher-ccm.c --*/
556
gcry_err_code_t _gcry_cipher_ccm_encrypt
557
/*           */ (gcry_cipher_hd_t c,
558
                 unsigned char *outbuf, size_t outbuflen,
559
                 const unsigned char *inbuf, size_t inbuflen);
560
gcry_err_code_t _gcry_cipher_ccm_decrypt
561
/*           */ (gcry_cipher_hd_t c,
562
                 unsigned char *outbuf, size_t outbuflen,
563
                 const unsigned char *inbuf, size_t inbuflen);
564
gcry_err_code_t _gcry_cipher_ccm_set_nonce
565
/*           */ (gcry_cipher_hd_t c, const unsigned char *nonce,
566
                 size_t noncelen);
567
gcry_err_code_t _gcry_cipher_ccm_authenticate
568
/*           */ (gcry_cipher_hd_t c, const unsigned char *abuf, size_t abuflen);
569
gcry_err_code_t _gcry_cipher_ccm_set_lengths
570
/*           */ (gcry_cipher_hd_t c, u64 encryptedlen, u64 aadlen, u64 taglen);
571
gcry_err_code_t _gcry_cipher_ccm_get_tag
572
/*           */ (gcry_cipher_hd_t c,
573
                 unsigned char *outtag, size_t taglen);
574
gcry_err_code_t _gcry_cipher_ccm_check_tag
575
/*           */ (gcry_cipher_hd_t c,
576
                 const unsigned char *intag, size_t taglen);
577
578
579
/*-- cipher-cmac.c --*/
580
gcry_err_code_t _gcry_cmac_generate_subkeys
581
/*           */ (gcry_cipher_hd_t c, gcry_cmac_context_t *ctx);
582
gcry_err_code_t _gcry_cmac_write
583
/*           */ (gcry_cipher_hd_t c, gcry_cmac_context_t *ctx,
584
     const byte * inbuf, size_t inlen);
585
gcry_err_code_t _gcry_cmac_final
586
/*           */ (gcry_cipher_hd_t c, gcry_cmac_context_t *ctx);
587
void _gcry_cmac_reset (gcry_cmac_context_t *ctx);
588
589
590
/*-- cipher-eax.c --*/
591
gcry_err_code_t _gcry_cipher_eax_encrypt
592
/*           */   (gcry_cipher_hd_t c,
593
                   unsigned char *outbuf, size_t outbuflen,
594
                   const unsigned char *inbuf, size_t inbuflen);
595
gcry_err_code_t _gcry_cipher_eax_decrypt
596
/*           */   (gcry_cipher_hd_t c,
597
                   unsigned char *outbuf, size_t outbuflen,
598
                   const unsigned char *inbuf, size_t inbuflen);
599
gcry_err_code_t _gcry_cipher_eax_set_nonce
600
/*           */   (gcry_cipher_hd_t c,
601
                   const unsigned char *nonce, size_t noncelen);
602
gcry_err_code_t _gcry_cipher_eax_authenticate
603
/*           */   (gcry_cipher_hd_t c,
604
                   const unsigned char *aadbuf, size_t aadbuflen);
605
gcry_err_code_t _gcry_cipher_eax_get_tag
606
/*           */   (gcry_cipher_hd_t c,
607
                   unsigned char *outtag, size_t taglen);
608
gcry_err_code_t _gcry_cipher_eax_check_tag
609
/*           */   (gcry_cipher_hd_t c,
610
                   const unsigned char *intag, size_t taglen);
611
gcry_err_code_t _gcry_cipher_eax_setkey
612
/*           */   (gcry_cipher_hd_t c);
613
614
615
/*-- cipher-gcm.c --*/
616
gcry_err_code_t _gcry_cipher_gcm_encrypt
617
/*           */   (gcry_cipher_hd_t c,
618
                   unsigned char *outbuf, size_t outbuflen,
619
                   const unsigned char *inbuf, size_t inbuflen);
620
gcry_err_code_t _gcry_cipher_gcm_decrypt
621
/*           */   (gcry_cipher_hd_t c,
622
                   unsigned char *outbuf, size_t outbuflen,
623
                   const unsigned char *inbuf, size_t inbuflen);
624
gcry_err_code_t _gcry_cipher_gcm_setiv
625
/*           */   (gcry_cipher_hd_t c,
626
                   const unsigned char *iv, size_t ivlen);
627
gcry_err_code_t _gcry_cipher_gcm_authenticate
628
/*           */   (gcry_cipher_hd_t c,
629
                   const unsigned char *aadbuf, size_t aadbuflen);
630
gcry_err_code_t _gcry_cipher_gcm_get_tag
631
/*           */   (gcry_cipher_hd_t c,
632
                   unsigned char *outtag, size_t taglen);
633
gcry_err_code_t _gcry_cipher_gcm_check_tag
634
/*           */   (gcry_cipher_hd_t c,
635
                   const unsigned char *intag, size_t taglen);
636
void _gcry_cipher_gcm_setkey
637
/*           */   (gcry_cipher_hd_t c);
638
void _gcry_cipher_gcm_setupM
639
/*           */   (gcry_cipher_hd_t c);
640
641
642
/*-- cipher-poly1305.c --*/
643
gcry_err_code_t _gcry_cipher_poly1305_encrypt
644
/*           */   (gcry_cipher_hd_t c,
645
                   unsigned char *outbuf, size_t outbuflen,
646
                   const unsigned char *inbuf, size_t inbuflen);
647
gcry_err_code_t _gcry_cipher_poly1305_decrypt
648
/*           */   (gcry_cipher_hd_t c,
649
                   unsigned char *outbuf, size_t outbuflen,
650
                   const unsigned char *inbuf, size_t inbuflen);
651
gcry_err_code_t _gcry_cipher_poly1305_setiv
652
/*           */   (gcry_cipher_hd_t c,
653
                   const unsigned char *iv, size_t ivlen);
654
gcry_err_code_t _gcry_cipher_poly1305_authenticate
655
/*           */   (gcry_cipher_hd_t c,
656
                   const unsigned char *aadbuf, size_t aadbuflen);
657
gcry_err_code_t _gcry_cipher_poly1305_get_tag
658
/*           */   (gcry_cipher_hd_t c,
659
                   unsigned char *outtag, size_t taglen);
660
gcry_err_code_t _gcry_cipher_poly1305_check_tag
661
/*           */   (gcry_cipher_hd_t c,
662
                   const unsigned char *intag, size_t taglen);
663
void _gcry_cipher_poly1305_setkey
664
/*           */   (gcry_cipher_hd_t c);
665
666
667
/*-- chacha20.c --*/
668
gcry_err_code_t _gcry_chacha20_poly1305_encrypt
669
/*           */   (gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf,
670
       size_t length);
671
gcry_err_code_t _gcry_chacha20_poly1305_decrypt
672
/*           */   (gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf,
673
       size_t length);
674
675
676
/*-- cipher-ocb.c --*/
677
gcry_err_code_t _gcry_cipher_ocb_encrypt
678
/*           */ (gcry_cipher_hd_t c,
679
                 unsigned char *outbuf, size_t outbuflen,
680
                 const unsigned char *inbuf, size_t inbuflen);
681
gcry_err_code_t _gcry_cipher_ocb_decrypt
682
/*           */ (gcry_cipher_hd_t c,
683
                 unsigned char *outbuf, size_t outbuflen,
684
                 const unsigned char *inbuf, size_t inbuflen);
685
gcry_err_code_t _gcry_cipher_ocb_set_nonce
686
/*           */ (gcry_cipher_hd_t c, const unsigned char *nonce,
687
                 size_t noncelen);
688
gcry_err_code_t _gcry_cipher_ocb_authenticate
689
/*           */ (gcry_cipher_hd_t c, const unsigned char *abuf, size_t abuflen);
690
gcry_err_code_t _gcry_cipher_ocb_get_tag
691
/*           */ (gcry_cipher_hd_t c,
692
                 unsigned char *outtag, size_t taglen);
693
gcry_err_code_t _gcry_cipher_ocb_check_tag
694
/*           */ (gcry_cipher_hd_t c,
695
                 const unsigned char *intag, size_t taglen);
696
void _gcry_cipher_ocb_setkey
697
/*           */ (gcry_cipher_hd_t c);
698
699
700
/*-- cipher-xts.c --*/
701
gcry_err_code_t _gcry_cipher_xts_encrypt
702
/*           */ (gcry_cipher_hd_t c, unsigned char *outbuf, size_t outbuflen,
703
     const unsigned char *inbuf, size_t inbuflen);
704
gcry_err_code_t _gcry_cipher_xts_decrypt
705
/*           */ (gcry_cipher_hd_t c, unsigned char *outbuf, size_t outbuflen,
706
     const unsigned char *inbuf, size_t inbuflen);
707
708
709
/*-- cipher-siv.c --*/
710
gcry_err_code_t _gcry_cipher_siv_encrypt
711
/*           */ (gcry_cipher_hd_t c,
712
                 unsigned char *outbuf, size_t outbuflen,
713
                 const unsigned char *inbuf, size_t inbuflen);
714
gcry_err_code_t _gcry_cipher_siv_decrypt
715
/*           */ (gcry_cipher_hd_t c,
716
                 unsigned char *outbuf, size_t outbuflen,
717
                 const unsigned char *inbuf, size_t inbuflen);
718
gcry_err_code_t _gcry_cipher_siv_set_nonce
719
/*           */ (gcry_cipher_hd_t c, const unsigned char *nonce,
720
                 size_t noncelen);
721
gcry_err_code_t _gcry_cipher_siv_authenticate
722
/*           */ (gcry_cipher_hd_t c, const unsigned char *abuf, size_t abuflen);
723
gcry_err_code_t _gcry_cipher_siv_set_decryption_tag
724
/*           */ (gcry_cipher_hd_t c, const byte *tag, size_t taglen);
725
gcry_err_code_t _gcry_cipher_siv_get_tag
726
/*           */ (gcry_cipher_hd_t c,
727
                 unsigned char *outtag, size_t taglen);
728
gcry_err_code_t _gcry_cipher_siv_check_tag
729
/*           */ (gcry_cipher_hd_t c,
730
                 const unsigned char *intag, size_t taglen);
731
gcry_err_code_t _gcry_cipher_siv_setkey
732
/*           */ (gcry_cipher_hd_t c,
733
                 const unsigned char *ctrkey, size_t ctrkeylen);
734
735
736
/*-- cipher-gcm-siv.c --*/
737
gcry_err_code_t _gcry_cipher_gcm_siv_encrypt
738
/*           */ (gcry_cipher_hd_t c,
739
                 unsigned char *outbuf, size_t outbuflen,
740
                 const unsigned char *inbuf, size_t inbuflen);
741
gcry_err_code_t _gcry_cipher_gcm_siv_decrypt
742
/*           */ (gcry_cipher_hd_t c,
743
                 unsigned char *outbuf, size_t outbuflen,
744
                 const unsigned char *inbuf, size_t inbuflen);
745
gcry_err_code_t _gcry_cipher_gcm_siv_set_nonce
746
/*           */ (gcry_cipher_hd_t c, const unsigned char *nonce,
747
                 size_t noncelen);
748
gcry_err_code_t _gcry_cipher_gcm_siv_authenticate
749
/*           */ (gcry_cipher_hd_t c, const unsigned char *abuf, size_t abuflen);
750
gcry_err_code_t _gcry_cipher_gcm_siv_set_decryption_tag
751
/*           */ (gcry_cipher_hd_t c, const byte *tag, size_t taglen);
752
gcry_err_code_t _gcry_cipher_gcm_siv_get_tag
753
/*           */ (gcry_cipher_hd_t c,
754
                 unsigned char *outtag, size_t taglen);
755
gcry_err_code_t _gcry_cipher_gcm_siv_check_tag
756
/*           */ (gcry_cipher_hd_t c,
757
                 const unsigned char *intag, size_t taglen);
758
gcry_err_code_t _gcry_cipher_gcm_siv_setkey
759
/*           */ (gcry_cipher_hd_t c, unsigned int keylen);
760
761
762
/* Return the L-value for block N.  Note: 'cipher_ocb.c' ensures that N
763
 * will never be multiple of 65536 (1 << OCB_L_TABLE_SIZE), thus N can
764
 * be directly passed to _gcry_ctz() function and resulting index will
765
 * never overflow the table.  */
766
static inline const unsigned char *
767
ocb_get_l (gcry_cipher_hd_t c, u64 n)
768
0
{
769
0
  unsigned long ntz;
770
771
0
#if ((defined(__i386__) || defined(__x86_64__)) && __GNUC__ >= 4)
772
  /* Assumes that N != 0. */
773
0
  asm ("rep;bsfl %k[low], %k[ntz]\n\t"
774
0
        : [ntz] "=r" (ntz)
775
0
        : [low] "r" ((unsigned long)n)
776
0
        : "cc");
777
#else
778
  ntz = _gcry_ctz (n);
779
#endif
780
781
0
  return c->u_mode.ocb.L[ntz];
782
0
}
Unexecuted instantiation: cipher.c:ocb_get_l
Unexecuted instantiation: des.c:ocb_get_l
Unexecuted instantiation: gost28147.c:ocb_get_l
Unexecuted instantiation: idea.c:ocb_get_l
Unexecuted instantiation: rfc2268.c:ocb_get_l
Unexecuted instantiation: rijndael.c:ocb_get_l
Unexecuted instantiation: salsa20.c:ocb_get_l
Unexecuted instantiation: seed.c:ocb_get_l
Unexecuted instantiation: serpent.c:ocb_get_l
Unexecuted instantiation: sm4.c:ocb_get_l
Unexecuted instantiation: twofish.c:ocb_get_l
Unexecuted instantiation: arcfour.c:ocb_get_l
Unexecuted instantiation: aria.c:ocb_get_l
Unexecuted instantiation: blowfish.c:ocb_get_l
Unexecuted instantiation: camellia-glue.c:ocb_get_l
Unexecuted instantiation: cast5.c:ocb_get_l
Unexecuted instantiation: chacha20.c:ocb_get_l
Unexecuted instantiation: cipher-aeswrap.c:ocb_get_l
Unexecuted instantiation: cipher-cbc.c:ocb_get_l
Unexecuted instantiation: cipher-ccm.c:ocb_get_l
Unexecuted instantiation: cipher-cfb.c:ocb_get_l
Unexecuted instantiation: cipher-cmac.c:ocb_get_l
Unexecuted instantiation: cipher-ctr.c:ocb_get_l
Unexecuted instantiation: cipher-eax.c:ocb_get_l
Unexecuted instantiation: cipher-gcm-siv.c:ocb_get_l
Unexecuted instantiation: cipher-gcm.c:ocb_get_l
Unexecuted instantiation: cipher-ocb.c:ocb_get_l
Unexecuted instantiation: cipher-ofb.c:ocb_get_l
Unexecuted instantiation: cipher-poly1305.c:ocb_get_l
Unexecuted instantiation: cipher-siv.c:ocb_get_l
Unexecuted instantiation: cipher-xts.c:ocb_get_l
Unexecuted instantiation: rijndael-vaes.c:ocb_get_l
783
784
785
/* Return bit-shift of blocksize. */
786
static inline unsigned int _gcry_blocksize_shift(gcry_cipher_hd_t c)
787
25.5k
{
788
  /* Only blocksizes 8 and 16 are used. Return value in such way
789
   * that compiler can optimize calling functions based on this.  */
790
25.5k
  return c->spec->blocksize == 8 ? 3 : 4;
791
25.5k
}
Unexecuted instantiation: cipher.c:_gcry_blocksize_shift
Unexecuted instantiation: des.c:_gcry_blocksize_shift
Unexecuted instantiation: gost28147.c:_gcry_blocksize_shift
Unexecuted instantiation: idea.c:_gcry_blocksize_shift
Unexecuted instantiation: rfc2268.c:_gcry_blocksize_shift
Unexecuted instantiation: rijndael.c:_gcry_blocksize_shift
Unexecuted instantiation: salsa20.c:_gcry_blocksize_shift
Unexecuted instantiation: seed.c:_gcry_blocksize_shift
Unexecuted instantiation: serpent.c:_gcry_blocksize_shift
Unexecuted instantiation: sm4.c:_gcry_blocksize_shift
Unexecuted instantiation: twofish.c:_gcry_blocksize_shift
Unexecuted instantiation: arcfour.c:_gcry_blocksize_shift
Unexecuted instantiation: aria.c:_gcry_blocksize_shift
Unexecuted instantiation: blowfish.c:_gcry_blocksize_shift
Unexecuted instantiation: camellia-glue.c:_gcry_blocksize_shift
Unexecuted instantiation: cast5.c:_gcry_blocksize_shift
Unexecuted instantiation: chacha20.c:_gcry_blocksize_shift
Unexecuted instantiation: cipher-aeswrap.c:_gcry_blocksize_shift
cipher-cbc.c:_gcry_blocksize_shift
Line
Count
Source
787
38
{
788
  /* Only blocksizes 8 and 16 are used. Return value in such way
789
   * that compiler can optimize calling functions based on this.  */
790
38
  return c->spec->blocksize == 8 ? 3 : 4;
791
38
}
Unexecuted instantiation: cipher-ccm.c:_gcry_blocksize_shift
cipher-cfb.c:_gcry_blocksize_shift
Line
Count
Source
787
677
{
788
  /* Only blocksizes 8 and 16 are used. Return value in such way
789
   * that compiler can optimize calling functions based on this.  */
790
677
  return c->spec->blocksize == 8 ? 3 : 4;
791
677
}
cipher-cmac.c:_gcry_blocksize_shift
Line
Count
Source
787
24.6k
{
788
  /* Only blocksizes 8 and 16 are used. Return value in such way
789
   * that compiler can optimize calling functions based on this.  */
790
24.6k
  return c->spec->blocksize == 8 ? 3 : 4;
791
24.6k
}
cipher-ctr.c:_gcry_blocksize_shift
Line
Count
Source
787
67
{
788
  /* Only blocksizes 8 and 16 are used. Return value in such way
789
   * that compiler can optimize calling functions based on this.  */
790
67
  return c->spec->blocksize == 8 ? 3 : 4;
791
67
}
Unexecuted instantiation: cipher-eax.c:_gcry_blocksize_shift
Unexecuted instantiation: cipher-gcm-siv.c:_gcry_blocksize_shift
Unexecuted instantiation: cipher-gcm.c:_gcry_blocksize_shift
Unexecuted instantiation: cipher-ocb.c:_gcry_blocksize_shift
cipher-ofb.c:_gcry_blocksize_shift
Line
Count
Source
787
37
{
788
  /* Only blocksizes 8 and 16 are used. Return value in such way
789
   * that compiler can optimize calling functions based on this.  */
790
37
  return c->spec->blocksize == 8 ? 3 : 4;
791
37
}
Unexecuted instantiation: cipher-poly1305.c:_gcry_blocksize_shift
Unexecuted instantiation: cipher-siv.c:_gcry_blocksize_shift
Unexecuted instantiation: cipher-xts.c:_gcry_blocksize_shift
Unexecuted instantiation: rijndael-vaes.c:_gcry_blocksize_shift
792
793
794
/* Optimized function for adding value to cipher block. */
795
static inline void
796
cipher_block_add(void *_dstsrc, unsigned int add, size_t blocksize)
797
161
{
798
161
  byte *dstsrc = _dstsrc;
799
161
  u64 s[2];
800
801
161
  if (blocksize == 8)
802
0
    {
803
0
      buf_put_be64(dstsrc + 0, buf_get_be64(dstsrc + 0) + add);
804
0
    }
805
161
  else /* blocksize == 16 */
806
161
    {
807
161
      s[0] = buf_get_be64(dstsrc + 8);
808
161
      s[1] = buf_get_be64(dstsrc + 0);
809
161
      s[0] += add;
810
161
      s[1] += (s[0] < add);
811
161
      buf_put_be64(dstsrc + 8, s[0]);
812
161
      buf_put_be64(dstsrc + 0, s[1]);
813
161
    }
814
161
}
Unexecuted instantiation: cipher.c:cipher_block_add
Unexecuted instantiation: des.c:cipher_block_add
Unexecuted instantiation: gost28147.c:cipher_block_add
Unexecuted instantiation: idea.c:cipher_block_add
Unexecuted instantiation: rfc2268.c:cipher_block_add
Unexecuted instantiation: rijndael.c:cipher_block_add
Unexecuted instantiation: salsa20.c:cipher_block_add
Unexecuted instantiation: seed.c:cipher_block_add
Unexecuted instantiation: serpent.c:cipher_block_add
Unexecuted instantiation: sm4.c:cipher_block_add
Unexecuted instantiation: twofish.c:cipher_block_add
Unexecuted instantiation: arcfour.c:cipher_block_add
aria.c:cipher_block_add
Line
Count
Source
797
103
{
798
103
  byte *dstsrc = _dstsrc;
799
103
  u64 s[2];
800
801
103
  if (blocksize == 8)
802
0
    {
803
0
      buf_put_be64(dstsrc + 0, buf_get_be64(dstsrc + 0) + add);
804
0
    }
805
103
  else /* blocksize == 16 */
806
103
    {
807
103
      s[0] = buf_get_be64(dstsrc + 8);
808
103
      s[1] = buf_get_be64(dstsrc + 0);
809
103
      s[0] += add;
810
103
      s[1] += (s[0] < add);
811
103
      buf_put_be64(dstsrc + 8, s[0]);
812
103
      buf_put_be64(dstsrc + 0, s[1]);
813
103
    }
814
103
}
Unexecuted instantiation: blowfish.c:cipher_block_add
Unexecuted instantiation: camellia-glue.c:cipher_block_add
Unexecuted instantiation: cast5.c:cipher_block_add
Unexecuted instantiation: chacha20.c:cipher_block_add
Unexecuted instantiation: cipher-aeswrap.c:cipher_block_add
Unexecuted instantiation: cipher-cbc.c:cipher_block_add
Unexecuted instantiation: cipher-ccm.c:cipher_block_add
Unexecuted instantiation: cipher-cfb.c:cipher_block_add
Unexecuted instantiation: cipher-cmac.c:cipher_block_add
cipher-ctr.c:cipher_block_add
Line
Count
Source
797
58
{
798
58
  byte *dstsrc = _dstsrc;
799
58
  u64 s[2];
800
801
58
  if (blocksize == 8)
802
0
    {
803
0
      buf_put_be64(dstsrc + 0, buf_get_be64(dstsrc + 0) + add);
804
0
    }
805
58
  else /* blocksize == 16 */
806
58
    {
807
58
      s[0] = buf_get_be64(dstsrc + 8);
808
58
      s[1] = buf_get_be64(dstsrc + 0);
809
58
      s[0] += add;
810
58
      s[1] += (s[0] < add);
811
58
      buf_put_be64(dstsrc + 8, s[0]);
812
58
      buf_put_be64(dstsrc + 0, s[1]);
813
58
    }
814
58
}
Unexecuted instantiation: cipher-eax.c:cipher_block_add
Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_add
Unexecuted instantiation: cipher-gcm.c:cipher_block_add
Unexecuted instantiation: cipher-ocb.c:cipher_block_add
Unexecuted instantiation: cipher-ofb.c:cipher_block_add
Unexecuted instantiation: cipher-poly1305.c:cipher_block_add
Unexecuted instantiation: cipher-siv.c:cipher_block_add
Unexecuted instantiation: cipher-xts.c:cipher_block_add
Unexecuted instantiation: rijndael-vaes.c:cipher_block_add
815
816
817
/* Optimized function for cipher block copying */
818
static inline void
819
cipher_block_cpy(void *_dst, const void *_src, size_t blocksize)
820
479
{
821
479
  byte *dst = _dst;
822
479
  const byte *src = _src;
823
479
  u64 s[2];
824
825
479
  if (blocksize == 8)
826
168
    {
827
168
      buf_put_he64(dst + 0, buf_get_he64(src + 0));
828
168
    }
829
311
  else /* blocksize == 16 */
830
311
    {
831
311
      s[0] = buf_get_he64(src + 0);
832
311
      s[1] = buf_get_he64(src + 8);
833
311
      buf_put_he64(dst + 0, s[0]);
834
311
      buf_put_he64(dst + 8, s[1]);
835
311
    }
836
479
}
Unexecuted instantiation: cipher.c:cipher_block_cpy
Unexecuted instantiation: des.c:cipher_block_cpy
Unexecuted instantiation: gost28147.c:cipher_block_cpy
Unexecuted instantiation: idea.c:cipher_block_cpy
Unexecuted instantiation: rfc2268.c:cipher_block_cpy
Unexecuted instantiation: rijndael.c:cipher_block_cpy
Unexecuted instantiation: salsa20.c:cipher_block_cpy
Unexecuted instantiation: seed.c:cipher_block_cpy
Unexecuted instantiation: serpent.c:cipher_block_cpy
Unexecuted instantiation: sm4.c:cipher_block_cpy
Unexecuted instantiation: twofish.c:cipher_block_cpy
Unexecuted instantiation: arcfour.c:cipher_block_cpy
aria.c:cipher_block_cpy
Line
Count
Source
820
148
{
821
148
  byte *dst = _dst;
822
148
  const byte *src = _src;
823
148
  u64 s[2];
824
825
148
  if (blocksize == 8)
826
0
    {
827
0
      buf_put_he64(dst + 0, buf_get_he64(src + 0));
828
0
    }
829
148
  else /* blocksize == 16 */
830
148
    {
831
148
      s[0] = buf_get_he64(src + 0);
832
148
      s[1] = buf_get_he64(src + 8);
833
148
      buf_put_he64(dst + 0, s[0]);
834
148
      buf_put_he64(dst + 8, s[1]);
835
148
    }
836
148
}
Unexecuted instantiation: blowfish.c:cipher_block_cpy
camellia-glue.c:cipher_block_cpy
Line
Count
Source
820
2
{
821
2
  byte *dst = _dst;
822
2
  const byte *src = _src;
823
2
  u64 s[2];
824
825
2
  if (blocksize == 8)
826
0
    {
827
0
      buf_put_he64(dst + 0, buf_get_he64(src + 0));
828
0
    }
829
2
  else /* blocksize == 16 */
830
2
    {
831
2
      s[0] = buf_get_he64(src + 0);
832
2
      s[1] = buf_get_he64(src + 8);
833
2
      buf_put_he64(dst + 0, s[0]);
834
2
      buf_put_he64(dst + 8, s[1]);
835
2
    }
836
2
}
Unexecuted instantiation: cast5.c:cipher_block_cpy
Unexecuted instantiation: chacha20.c:cipher_block_cpy
Unexecuted instantiation: cipher-aeswrap.c:cipher_block_cpy
cipher-cbc.c:cipher_block_cpy
Line
Count
Source
820
11
{
821
11
  byte *dst = _dst;
822
11
  const byte *src = _src;
823
11
  u64 s[2];
824
825
11
  if (blocksize == 8)
826
1
    {
827
1
      buf_put_he64(dst + 0, buf_get_he64(src + 0));
828
1
    }
829
10
  else /* blocksize == 16 */
830
10
    {
831
10
      s[0] = buf_get_he64(src + 0);
832
10
      s[1] = buf_get_he64(src + 8);
833
10
      buf_put_he64(dst + 0, s[0]);
834
10
      buf_put_he64(dst + 8, s[1]);
835
10
    }
836
11
}
Unexecuted instantiation: cipher-ccm.c:cipher_block_cpy
cipher-cfb.c:cipher_block_cpy
Line
Count
Source
820
318
{
821
318
  byte *dst = _dst;
822
318
  const byte *src = _src;
823
318
  u64 s[2];
824
825
318
  if (blocksize == 8)
826
167
    {
827
167
      buf_put_he64(dst + 0, buf_get_he64(src + 0));
828
167
    }
829
151
  else /* blocksize == 16 */
830
151
    {
831
151
      s[0] = buf_get_he64(src + 0);
832
151
      s[1] = buf_get_he64(src + 8);
833
151
      buf_put_he64(dst + 0, s[0]);
834
151
      buf_put_he64(dst + 8, s[1]);
835
151
    }
836
318
}
Unexecuted instantiation: cipher-cmac.c:cipher_block_cpy
Unexecuted instantiation: cipher-ctr.c:cipher_block_cpy
Unexecuted instantiation: cipher-eax.c:cipher_block_cpy
Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_cpy
Unexecuted instantiation: cipher-gcm.c:cipher_block_cpy
Unexecuted instantiation: cipher-ocb.c:cipher_block_cpy
Unexecuted instantiation: cipher-ofb.c:cipher_block_cpy
Unexecuted instantiation: cipher-poly1305.c:cipher_block_cpy
Unexecuted instantiation: cipher-siv.c:cipher_block_cpy
Unexecuted instantiation: cipher-xts.c:cipher_block_cpy
Unexecuted instantiation: rijndael-vaes.c:cipher_block_cpy
837
838
839
/* Optimized function for cipher block xoring */
840
static inline void
841
cipher_block_xor(void *_dst, const void *_src1, const void *_src2,
842
                 size_t blocksize)
843
59.0k
{
844
59.0k
  byte *dst = _dst;
845
59.0k
  const byte *src1 = _src1;
846
59.0k
  const byte *src2 = _src2;
847
59.0k
  u64 s1[2];
848
59.0k
  u64 s2[2];
849
850
59.0k
  if (blocksize == 8)
851
33.5k
    {
852
33.5k
      buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0));
853
33.5k
    }
854
25.4k
  else /* blocksize == 16 */
855
25.4k
    {
856
25.4k
      s1[0] = buf_get_he64(src1 + 0);
857
25.4k
      s1[1] = buf_get_he64(src1 + 8);
858
25.4k
      s2[0] = buf_get_he64(src2 + 0);
859
25.4k
      s2[1] = buf_get_he64(src2 + 8);
860
25.4k
      buf_put_he64(dst + 0, s1[0] ^ s2[0]);
861
25.4k
      buf_put_he64(dst + 8, s1[1] ^ s2[1]);
862
25.4k
    }
863
59.0k
}
Unexecuted instantiation: cipher.c:cipher_block_xor
Unexecuted instantiation: des.c:cipher_block_xor
Unexecuted instantiation: gost28147.c:cipher_block_xor
Unexecuted instantiation: idea.c:cipher_block_xor
Unexecuted instantiation: rfc2268.c:cipher_block_xor
Unexecuted instantiation: rijndael.c:cipher_block_xor
Unexecuted instantiation: salsa20.c:cipher_block_xor
Unexecuted instantiation: seed.c:cipher_block_xor
Unexecuted instantiation: serpent.c:cipher_block_xor
Unexecuted instantiation: sm4.c:cipher_block_xor
Unexecuted instantiation: twofish.c:cipher_block_xor
Unexecuted instantiation: arcfour.c:cipher_block_xor
aria.c:cipher_block_xor
Line
Count
Source
843
6.21k
{
844
6.21k
  byte *dst = _dst;
845
6.21k
  const byte *src1 = _src1;
846
6.21k
  const byte *src2 = _src2;
847
6.21k
  u64 s1[2];
848
6.21k
  u64 s2[2];
849
850
6.21k
  if (blocksize == 8)
851
0
    {
852
0
      buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0));
853
0
    }
854
6.21k
  else /* blocksize == 16 */
855
6.21k
    {
856
6.21k
      s1[0] = buf_get_he64(src1 + 0);
857
6.21k
      s1[1] = buf_get_he64(src1 + 8);
858
6.21k
      s2[0] = buf_get_he64(src2 + 0);
859
6.21k
      s2[1] = buf_get_he64(src2 + 8);
860
6.21k
      buf_put_he64(dst + 0, s1[0] ^ s2[0]);
861
6.21k
      buf_put_he64(dst + 8, s1[1] ^ s2[1]);
862
6.21k
    }
863
6.21k
}
Unexecuted instantiation: blowfish.c:cipher_block_xor
camellia-glue.c:cipher_block_xor
Line
Count
Source
843
4
{
844
4
  byte *dst = _dst;
845
4
  const byte *src1 = _src1;
846
4
  const byte *src2 = _src2;
847
4
  u64 s1[2];
848
4
  u64 s2[2];
849
850
4
  if (blocksize == 8)
851
0
    {
852
0
      buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0));
853
0
    }
854
4
  else /* blocksize == 16 */
855
4
    {
856
4
      s1[0] = buf_get_he64(src1 + 0);
857
4
      s1[1] = buf_get_he64(src1 + 8);
858
4
      s2[0] = buf_get_he64(src2 + 0);
859
4
      s2[1] = buf_get_he64(src2 + 8);
860
4
      buf_put_he64(dst + 0, s1[0] ^ s2[0]);
861
4
      buf_put_he64(dst + 8, s1[1] ^ s2[1]);
862
4
    }
863
4
}
Unexecuted instantiation: cast5.c:cipher_block_xor
Unexecuted instantiation: chacha20.c:cipher_block_xor
Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor
cipher-cbc.c:cipher_block_xor
Line
Count
Source
843
12
{
844
12
  byte *dst = _dst;
845
12
  const byte *src1 = _src1;
846
12
  const byte *src2 = _src2;
847
12
  u64 s1[2];
848
12
  u64 s2[2];
849
850
12
  if (blocksize == 8)
851
2
    {
852
2
      buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0));
853
2
    }
854
10
  else /* blocksize == 16 */
855
10
    {
856
10
      s1[0] = buf_get_he64(src1 + 0);
857
10
      s1[1] = buf_get_he64(src1 + 8);
858
10
      s2[0] = buf_get_he64(src2 + 0);
859
10
      s2[1] = buf_get_he64(src2 + 8);
860
10
      buf_put_he64(dst + 0, s1[0] ^ s2[0]);
861
10
      buf_put_he64(dst + 8, s1[1] ^ s2[1]);
862
10
    }
863
12
}
Unexecuted instantiation: cipher-ccm.c:cipher_block_xor
Unexecuted instantiation: cipher-cfb.c:cipher_block_xor
cipher-cmac.c:cipher_block_xor
Line
Count
Source
843
52.6k
{
844
52.6k
  byte *dst = _dst;
845
52.6k
  const byte *src1 = _src1;
846
52.6k
  const byte *src2 = _src2;
847
52.6k
  u64 s1[2];
848
52.6k
  u64 s2[2];
849
850
52.6k
  if (blocksize == 8)
851
33.5k
    {
852
33.5k
      buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0));
853
33.5k
    }
854
19.1k
  else /* blocksize == 16 */
855
19.1k
    {
856
19.1k
      s1[0] = buf_get_he64(src1 + 0);
857
19.1k
      s1[1] = buf_get_he64(src1 + 8);
858
19.1k
      s2[0] = buf_get_he64(src2 + 0);
859
19.1k
      s2[1] = buf_get_he64(src2 + 8);
860
19.1k
      buf_put_he64(dst + 0, s1[0] ^ s2[0]);
861
19.1k
      buf_put_he64(dst + 8, s1[1] ^ s2[1]);
862
19.1k
    }
863
52.6k
}
Unexecuted instantiation: cipher-ctr.c:cipher_block_xor
Unexecuted instantiation: cipher-eax.c:cipher_block_xor
Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor
Unexecuted instantiation: cipher-gcm.c:cipher_block_xor
Unexecuted instantiation: cipher-ocb.c:cipher_block_xor
cipher-ofb.c:cipher_block_xor
Line
Count
Source
843
131
{
844
131
  byte *dst = _dst;
845
131
  const byte *src1 = _src1;
846
131
  const byte *src2 = _src2;
847
131
  u64 s1[2];
848
131
  u64 s2[2];
849
850
131
  if (blocksize == 8)
851
44
    {
852
44
      buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0));
853
44
    }
854
87
  else /* blocksize == 16 */
855
87
    {
856
87
      s1[0] = buf_get_he64(src1 + 0);
857
87
      s1[1] = buf_get_he64(src1 + 8);
858
87
      s2[0] = buf_get_he64(src2 + 0);
859
87
      s2[1] = buf_get_he64(src2 + 8);
860
87
      buf_put_he64(dst + 0, s1[0] ^ s2[0]);
861
87
      buf_put_he64(dst + 8, s1[1] ^ s2[1]);
862
87
    }
863
131
}
Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor
Unexecuted instantiation: cipher-siv.c:cipher_block_xor
Unexecuted instantiation: cipher-xts.c:cipher_block_xor
Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor
864
865
866
/* Optimized function for in-place cipher block xoring */
867
static inline void
868
cipher_block_xor_1(void *_dst, const void *_src, size_t blocksize)
869
0
{
870
0
  cipher_block_xor (_dst, _dst, _src, blocksize);
871
0
}
Unexecuted instantiation: cipher.c:cipher_block_xor_1
Unexecuted instantiation: des.c:cipher_block_xor_1
Unexecuted instantiation: gost28147.c:cipher_block_xor_1
Unexecuted instantiation: idea.c:cipher_block_xor_1
Unexecuted instantiation: rfc2268.c:cipher_block_xor_1
Unexecuted instantiation: rijndael.c:cipher_block_xor_1
Unexecuted instantiation: salsa20.c:cipher_block_xor_1
Unexecuted instantiation: seed.c:cipher_block_xor_1
Unexecuted instantiation: serpent.c:cipher_block_xor_1
Unexecuted instantiation: sm4.c:cipher_block_xor_1
Unexecuted instantiation: twofish.c:cipher_block_xor_1
Unexecuted instantiation: arcfour.c:cipher_block_xor_1
Unexecuted instantiation: aria.c:cipher_block_xor_1
Unexecuted instantiation: blowfish.c:cipher_block_xor_1
Unexecuted instantiation: camellia-glue.c:cipher_block_xor_1
Unexecuted instantiation: cast5.c:cipher_block_xor_1
Unexecuted instantiation: chacha20.c:cipher_block_xor_1
Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor_1
Unexecuted instantiation: cipher-cbc.c:cipher_block_xor_1
Unexecuted instantiation: cipher-ccm.c:cipher_block_xor_1
Unexecuted instantiation: cipher-cfb.c:cipher_block_xor_1
Unexecuted instantiation: cipher-cmac.c:cipher_block_xor_1
Unexecuted instantiation: cipher-ctr.c:cipher_block_xor_1
Unexecuted instantiation: cipher-eax.c:cipher_block_xor_1
Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor_1
Unexecuted instantiation: cipher-gcm.c:cipher_block_xor_1
Unexecuted instantiation: cipher-ocb.c:cipher_block_xor_1
Unexecuted instantiation: cipher-ofb.c:cipher_block_xor_1
Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor_1
Unexecuted instantiation: cipher-siv.c:cipher_block_xor_1
Unexecuted instantiation: cipher-xts.c:cipher_block_xor_1
Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor_1
872
873
874
/* Optimized function for cipher block xoring with two destination cipher
875
   blocks.  Used mainly by CFB mode encryption.  */
876
static inline void
877
cipher_block_xor_2dst(void *_dst1, void *_dst2, const void *_src,
878
                      size_t blocksize)
879
4
{
880
4
  byte *dst1 = _dst1;
881
4
  byte *dst2 = _dst2;
882
4
  const byte *src = _src;
883
4
  u64 d2[2];
884
4
  u64 s[2];
885
886
4
  if (blocksize == 8)
887
0
    {
888
0
      d2[0] = buf_get_he64(dst2 + 0) ^ buf_get_he64(src + 0);
889
0
      buf_put_he64(dst2 + 0, d2[0]);
890
0
      buf_put_he64(dst1 + 0, d2[0]);
891
0
    }
892
4
  else /* blocksize == 16 */
893
4
    {
894
4
      s[0] = buf_get_he64(src + 0);
895
4
      s[1] = buf_get_he64(src + 8);
896
4
      d2[0] = buf_get_he64(dst2 + 0);
897
4
      d2[1] = buf_get_he64(dst2 + 8);
898
4
      d2[0] = d2[0] ^ s[0];
899
4
      d2[1] = d2[1] ^ s[1];
900
4
      buf_put_he64(dst2 + 0, d2[0]);
901
4
      buf_put_he64(dst2 + 8, d2[1]);
902
4
      buf_put_he64(dst1 + 0, d2[0]);
903
4
      buf_put_he64(dst1 + 8, d2[1]);
904
4
    }
905
4
}
Unexecuted instantiation: cipher.c:cipher_block_xor_2dst
Unexecuted instantiation: des.c:cipher_block_xor_2dst
Unexecuted instantiation: gost28147.c:cipher_block_xor_2dst
Unexecuted instantiation: idea.c:cipher_block_xor_2dst
Unexecuted instantiation: rfc2268.c:cipher_block_xor_2dst
Unexecuted instantiation: rijndael.c:cipher_block_xor_2dst
Unexecuted instantiation: salsa20.c:cipher_block_xor_2dst
Unexecuted instantiation: seed.c:cipher_block_xor_2dst
Unexecuted instantiation: serpent.c:cipher_block_xor_2dst
Unexecuted instantiation: sm4.c:cipher_block_xor_2dst
Unexecuted instantiation: twofish.c:cipher_block_xor_2dst
Unexecuted instantiation: arcfour.c:cipher_block_xor_2dst
Unexecuted instantiation: aria.c:cipher_block_xor_2dst
Unexecuted instantiation: blowfish.c:cipher_block_xor_2dst
Unexecuted instantiation: camellia-glue.c:cipher_block_xor_2dst
Unexecuted instantiation: cast5.c:cipher_block_xor_2dst
Unexecuted instantiation: chacha20.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-cbc.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-ccm.c:cipher_block_xor_2dst
cipher-cfb.c:cipher_block_xor_2dst
Line
Count
Source
879
4
{
880
4
  byte *dst1 = _dst1;
881
4
  byte *dst2 = _dst2;
882
4
  const byte *src = _src;
883
4
  u64 d2[2];
884
4
  u64 s[2];
885
886
4
  if (blocksize == 8)
887
0
    {
888
0
      d2[0] = buf_get_he64(dst2 + 0) ^ buf_get_he64(src + 0);
889
0
      buf_put_he64(dst2 + 0, d2[0]);
890
0
      buf_put_he64(dst1 + 0, d2[0]);
891
0
    }
892
4
  else /* blocksize == 16 */
893
4
    {
894
4
      s[0] = buf_get_he64(src + 0);
895
4
      s[1] = buf_get_he64(src + 8);
896
4
      d2[0] = buf_get_he64(dst2 + 0);
897
4
      d2[1] = buf_get_he64(dst2 + 8);
898
4
      d2[0] = d2[0] ^ s[0];
899
4
      d2[1] = d2[1] ^ s[1];
900
4
      buf_put_he64(dst2 + 0, d2[0]);
901
4
      buf_put_he64(dst2 + 8, d2[1]);
902
4
      buf_put_he64(dst1 + 0, d2[0]);
903
4
      buf_put_he64(dst1 + 8, d2[1]);
904
4
    }
905
4
}
Unexecuted instantiation: cipher-cmac.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-ctr.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-eax.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-gcm.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-ocb.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-ofb.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-siv.c:cipher_block_xor_2dst
Unexecuted instantiation: cipher-xts.c:cipher_block_xor_2dst
Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor_2dst
906
907
908
/* Optimized function for combined cipher block xoring and copying.
909
   Used by mainly CBC mode decryption.  */
910
static inline void
911
cipher_block_xor_n_copy_2(void *_dst_xor, const void *_src_xor,
912
                          void *_srcdst_cpy, const void *_src_cpy,
913
                          size_t blocksize)
914
230
{
915
230
  byte *dst_xor = _dst_xor;
916
230
  byte *srcdst_cpy = _srcdst_cpy;
917
230
  const byte *src_xor = _src_xor;
918
230
  const byte *src_cpy = _src_cpy;
919
230
  u64 sc[2];
920
230
  u64 sx[2];
921
230
  u64 sdc[2];
922
923
230
  if (blocksize == 8)
924
219
    {
925
219
      sc[0] = buf_get_he64(src_cpy + 0);
926
219
      buf_put_he64(dst_xor + 0,
927
219
                   buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0));
928
219
      buf_put_he64(srcdst_cpy + 0, sc[0]);
929
219
    }
930
11
  else /* blocksize == 16 */
931
11
    {
932
11
      sc[0] = buf_get_he64(src_cpy + 0);
933
11
      sc[1] = buf_get_he64(src_cpy + 8);
934
11
      sx[0] = buf_get_he64(src_xor + 0);
935
11
      sx[1] = buf_get_he64(src_xor + 8);
936
11
      sdc[0] = buf_get_he64(srcdst_cpy + 0);
937
11
      sdc[1] = buf_get_he64(srcdst_cpy + 8);
938
11
      sx[0] ^= sdc[0];
939
11
      sx[1] ^= sdc[1];
940
11
      buf_put_he64(dst_xor + 0, sx[0]);
941
11
      buf_put_he64(dst_xor + 8, sx[1]);
942
11
      buf_put_he64(srcdst_cpy + 0, sc[0]);
943
11
      buf_put_he64(srcdst_cpy + 8, sc[1]);
944
11
    }
945
230
}
Unexecuted instantiation: cipher.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: des.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: gost28147.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: idea.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: rfc2268.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: rijndael.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: salsa20.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: seed.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: serpent.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: sm4.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: twofish.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: arcfour.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: aria.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: blowfish.c:cipher_block_xor_n_copy_2
camellia-glue.c:cipher_block_xor_n_copy_2
Line
Count
Source
914
10
{
915
10
  byte *dst_xor = _dst_xor;
916
10
  byte *srcdst_cpy = _srcdst_cpy;
917
10
  const byte *src_xor = _src_xor;
918
10
  const byte *src_cpy = _src_cpy;
919
10
  u64 sc[2];
920
10
  u64 sx[2];
921
10
  u64 sdc[2];
922
923
10
  if (blocksize == 8)
924
0
    {
925
0
      sc[0] = buf_get_he64(src_cpy + 0);
926
0
      buf_put_he64(dst_xor + 0,
927
0
                   buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0));
928
0
      buf_put_he64(srcdst_cpy + 0, sc[0]);
929
0
    }
930
10
  else /* blocksize == 16 */
931
10
    {
932
10
      sc[0] = buf_get_he64(src_cpy + 0);
933
10
      sc[1] = buf_get_he64(src_cpy + 8);
934
10
      sx[0] = buf_get_he64(src_xor + 0);
935
10
      sx[1] = buf_get_he64(src_xor + 8);
936
10
      sdc[0] = buf_get_he64(srcdst_cpy + 0);
937
10
      sdc[1] = buf_get_he64(srcdst_cpy + 8);
938
10
      sx[0] ^= sdc[0];
939
10
      sx[1] ^= sdc[1];
940
10
      buf_put_he64(dst_xor + 0, sx[0]);
941
10
      buf_put_he64(dst_xor + 8, sx[1]);
942
10
      buf_put_he64(srcdst_cpy + 0, sc[0]);
943
10
      buf_put_he64(srcdst_cpy + 8, sc[1]);
944
10
    }
945
10
}
cast5.c:cipher_block_xor_n_copy_2
Line
Count
Source
914
171
{
915
171
  byte *dst_xor = _dst_xor;
916
171
  byte *srcdst_cpy = _srcdst_cpy;
917
171
  const byte *src_xor = _src_xor;
918
171
  const byte *src_cpy = _src_cpy;
919
171
  u64 sc[2];
920
171
  u64 sx[2];
921
171
  u64 sdc[2];
922
923
171
  if (blocksize == 8)
924
171
    {
925
171
      sc[0] = buf_get_he64(src_cpy + 0);
926
171
      buf_put_he64(dst_xor + 0,
927
171
                   buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0));
928
171
      buf_put_he64(srcdst_cpy + 0, sc[0]);
929
171
    }
930
0
  else /* blocksize == 16 */
931
0
    {
932
0
      sc[0] = buf_get_he64(src_cpy + 0);
933
0
      sc[1] = buf_get_he64(src_cpy + 8);
934
0
      sx[0] = buf_get_he64(src_xor + 0);
935
0
      sx[1] = buf_get_he64(src_xor + 8);
936
0
      sdc[0] = buf_get_he64(srcdst_cpy + 0);
937
0
      sdc[1] = buf_get_he64(srcdst_cpy + 8);
938
0
      sx[0] ^= sdc[0];
939
0
      sx[1] ^= sdc[1];
940
0
      buf_put_he64(dst_xor + 0, sx[0]);
941
0
      buf_put_he64(dst_xor + 8, sx[1]);
942
0
      buf_put_he64(srcdst_cpy + 0, sc[0]);
943
0
      buf_put_he64(srcdst_cpy + 8, sc[1]);
944
0
    }
945
171
}
Unexecuted instantiation: chacha20.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor_n_copy_2
cipher-cbc.c:cipher_block_xor_n_copy_2
Line
Count
Source
914
20
{
915
20
  byte *dst_xor = _dst_xor;
916
20
  byte *srcdst_cpy = _srcdst_cpy;
917
20
  const byte *src_xor = _src_xor;
918
20
  const byte *src_cpy = _src_cpy;
919
20
  u64 sc[2];
920
20
  u64 sx[2];
921
20
  u64 sdc[2];
922
923
20
  if (blocksize == 8)
924
20
    {
925
20
      sc[0] = buf_get_he64(src_cpy + 0);
926
20
      buf_put_he64(dst_xor + 0,
927
20
                   buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0));
928
20
      buf_put_he64(srcdst_cpy + 0, sc[0]);
929
20
    }
930
0
  else /* blocksize == 16 */
931
0
    {
932
0
      sc[0] = buf_get_he64(src_cpy + 0);
933
0
      sc[1] = buf_get_he64(src_cpy + 8);
934
0
      sx[0] = buf_get_he64(src_xor + 0);
935
0
      sx[1] = buf_get_he64(src_xor + 8);
936
0
      sdc[0] = buf_get_he64(srcdst_cpy + 0);
937
0
      sdc[1] = buf_get_he64(srcdst_cpy + 8);
938
0
      sx[0] ^= sdc[0];
939
0
      sx[1] ^= sdc[1];
940
0
      buf_put_he64(dst_xor + 0, sx[0]);
941
0
      buf_put_he64(dst_xor + 8, sx[1]);
942
0
      buf_put_he64(srcdst_cpy + 0, sc[0]);
943
0
      buf_put_he64(srcdst_cpy + 8, sc[1]);
944
0
    }
945
20
}
Unexecuted instantiation: cipher-ccm.c:cipher_block_xor_n_copy_2
cipher-cfb.c:cipher_block_xor_n_copy_2
Line
Count
Source
914
29
{
915
29
  byte *dst_xor = _dst_xor;
916
29
  byte *srcdst_cpy = _srcdst_cpy;
917
29
  const byte *src_xor = _src_xor;
918
29
  const byte *src_cpy = _src_cpy;
919
29
  u64 sc[2];
920
29
  u64 sx[2];
921
29
  u64 sdc[2];
922
923
29
  if (blocksize == 8)
924
28
    {
925
28
      sc[0] = buf_get_he64(src_cpy + 0);
926
28
      buf_put_he64(dst_xor + 0,
927
28
                   buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0));
928
28
      buf_put_he64(srcdst_cpy + 0, sc[0]);
929
28
    }
930
1
  else /* blocksize == 16 */
931
1
    {
932
1
      sc[0] = buf_get_he64(src_cpy + 0);
933
1
      sc[1] = buf_get_he64(src_cpy + 8);
934
1
      sx[0] = buf_get_he64(src_xor + 0);
935
1
      sx[1] = buf_get_he64(src_xor + 8);
936
1
      sdc[0] = buf_get_he64(srcdst_cpy + 0);
937
1
      sdc[1] = buf_get_he64(srcdst_cpy + 8);
938
1
      sx[0] ^= sdc[0];
939
1
      sx[1] ^= sdc[1];
940
1
      buf_put_he64(dst_xor + 0, sx[0]);
941
1
      buf_put_he64(dst_xor + 8, sx[1]);
942
1
      buf_put_he64(srcdst_cpy + 0, sc[0]);
943
1
      buf_put_he64(srcdst_cpy + 8, sc[1]);
944
1
    }
945
29
}
Unexecuted instantiation: cipher-cmac.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-ctr.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-eax.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-gcm.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-ocb.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-ofb.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-siv.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: cipher-xts.c:cipher_block_xor_n_copy_2
Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor_n_copy_2
946
947
948
/* Optimized function for combined cipher block byte-swapping.  */
949
static inline void
950
cipher_block_bswap (void *_dst_bswap, const void *_src_bswap,
951
                    size_t blocksize)
952
0
{
953
0
  byte *dst_bswap = _dst_bswap;
954
0
  const byte *src_bswap = _src_bswap;
955
0
  u64 t[2];
956
957
0
  if (blocksize == 8)
958
0
    {
959
0
      buf_put_le64(dst_bswap, buf_get_be64(src_bswap));
960
0
    }
961
0
  else
962
0
    {
963
0
      t[0] = buf_get_be64(src_bswap + 0);
964
0
      t[1] = buf_get_be64(src_bswap + 8);
965
0
      buf_put_le64(dst_bswap + 8, t[0]);
966
0
      buf_put_le64(dst_bswap + 0, t[1]);
967
0
    }
968
0
}
Unexecuted instantiation: cipher.c:cipher_block_bswap
Unexecuted instantiation: des.c:cipher_block_bswap
Unexecuted instantiation: gost28147.c:cipher_block_bswap
Unexecuted instantiation: idea.c:cipher_block_bswap
Unexecuted instantiation: rfc2268.c:cipher_block_bswap
Unexecuted instantiation: rijndael.c:cipher_block_bswap
Unexecuted instantiation: salsa20.c:cipher_block_bswap
Unexecuted instantiation: seed.c:cipher_block_bswap
Unexecuted instantiation: serpent.c:cipher_block_bswap
Unexecuted instantiation: sm4.c:cipher_block_bswap
Unexecuted instantiation: twofish.c:cipher_block_bswap
Unexecuted instantiation: arcfour.c:cipher_block_bswap
Unexecuted instantiation: aria.c:cipher_block_bswap
Unexecuted instantiation: blowfish.c:cipher_block_bswap
Unexecuted instantiation: camellia-glue.c:cipher_block_bswap
Unexecuted instantiation: cast5.c:cipher_block_bswap
Unexecuted instantiation: chacha20.c:cipher_block_bswap
Unexecuted instantiation: cipher-aeswrap.c:cipher_block_bswap
Unexecuted instantiation: cipher-cbc.c:cipher_block_bswap
Unexecuted instantiation: cipher-ccm.c:cipher_block_bswap
Unexecuted instantiation: cipher-cfb.c:cipher_block_bswap
Unexecuted instantiation: cipher-cmac.c:cipher_block_bswap
Unexecuted instantiation: cipher-ctr.c:cipher_block_bswap
Unexecuted instantiation: cipher-eax.c:cipher_block_bswap
Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_bswap
Unexecuted instantiation: cipher-gcm.c:cipher_block_bswap
Unexecuted instantiation: cipher-ocb.c:cipher_block_bswap
Unexecuted instantiation: cipher-ofb.c:cipher_block_bswap
Unexecuted instantiation: cipher-poly1305.c:cipher_block_bswap
Unexecuted instantiation: cipher-siv.c:cipher_block_bswap
Unexecuted instantiation: cipher-xts.c:cipher_block_bswap
Unexecuted instantiation: rijndael-vaes.c:cipher_block_bswap
969
970
971
/* Optimized function for combined cipher block xoring and copying.
972
   Used by mainly CFB mode decryption.  */
973
static inline void
974
cipher_block_xor_n_copy(void *_dst_xor, void *_srcdst_cpy, const void *_src,
975
                        size_t blocksize)
976
200
{
977
200
  cipher_block_xor_n_copy_2(_dst_xor, _src, _srcdst_cpy, _src, blocksize);
978
200
}
Unexecuted instantiation: cipher.c:cipher_block_xor_n_copy
Unexecuted instantiation: des.c:cipher_block_xor_n_copy
Unexecuted instantiation: gost28147.c:cipher_block_xor_n_copy
Unexecuted instantiation: idea.c:cipher_block_xor_n_copy
Unexecuted instantiation: rfc2268.c:cipher_block_xor_n_copy
Unexecuted instantiation: rijndael.c:cipher_block_xor_n_copy
Unexecuted instantiation: salsa20.c:cipher_block_xor_n_copy
Unexecuted instantiation: seed.c:cipher_block_xor_n_copy
Unexecuted instantiation: serpent.c:cipher_block_xor_n_copy
Unexecuted instantiation: sm4.c:cipher_block_xor_n_copy
Unexecuted instantiation: twofish.c:cipher_block_xor_n_copy
Unexecuted instantiation: arcfour.c:cipher_block_xor_n_copy
Unexecuted instantiation: aria.c:cipher_block_xor_n_copy
Unexecuted instantiation: blowfish.c:cipher_block_xor_n_copy
Unexecuted instantiation: camellia-glue.c:cipher_block_xor_n_copy
cast5.c:cipher_block_xor_n_copy
Line
Count
Source
976
171
{
977
171
  cipher_block_xor_n_copy_2(_dst_xor, _src, _srcdst_cpy, _src, blocksize);
978
171
}
Unexecuted instantiation: chacha20.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-cbc.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-ccm.c:cipher_block_xor_n_copy
cipher-cfb.c:cipher_block_xor_n_copy
Line
Count
Source
976
29
{
977
29
  cipher_block_xor_n_copy_2(_dst_xor, _src, _srcdst_cpy, _src, blocksize);
978
29
}
Unexecuted instantiation: cipher-cmac.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-ctr.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-eax.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-gcm.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-ocb.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-ofb.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-siv.c:cipher_block_xor_n_copy
Unexecuted instantiation: cipher-xts.c:cipher_block_xor_n_copy
Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor_n_copy
979
980
981
#endif /*G10_CIPHER_INTERNAL_H*/