/src/libgcrypt/cipher/cipher-internal.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* cipher-internal.h - Internal defs for cipher.c |
2 | | * Copyright (C) 2011 Free Software Foundation, Inc. |
3 | | * |
4 | | * This file is part of Libgcrypt. |
5 | | * |
6 | | * Libgcrypt is free software; you can redistribute it and/or modify |
7 | | * it under the terms of the GNU Lesser General Public License as |
8 | | * published by the Free Software Foundation; either version 2.1 of |
9 | | * the License, or (at your option) any later version. |
10 | | * |
11 | | * Libgcrypt is distributed in the hope that it will be useful, |
12 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 | | * GNU Lesser General Public License for more details. |
15 | | * |
16 | | * You should have received a copy of the GNU Lesser General Public |
17 | | * License along with this program; if not, see <http://www.gnu.org/licenses/>. |
18 | | */ |
19 | | |
20 | | #ifndef G10_CIPHER_INTERNAL_H |
21 | | #define G10_CIPHER_INTERNAL_H |
22 | | |
23 | | #include "./poly1305-internal.h" |
24 | | |
25 | | |
26 | | /* The maximum supported size of a block in bytes. */ |
27 | 252 | #define MAX_BLOCKSIZE 16 |
28 | | |
29 | | /* The length for an OCB block. Although OCB supports any block |
30 | | length it does not make sense to use a 64 bit blocklen (and cipher) |
31 | | because this reduces the security margin to an unacceptable state. |
32 | | Thus we require a cipher with 128 bit blocklength. */ |
33 | 0 | #define OCB_BLOCK_LEN (128/8) |
34 | | |
35 | | /* The size of the pre-computed L table for OCB. This takes the same |
36 | | size as the table used for GCM and thus we don't save anything by |
37 | | not using such a table. */ |
38 | 0 | #define OCB_L_TABLE_SIZE 16 |
39 | | |
40 | | |
41 | | /* Check the above constants. */ |
42 | | #if OCB_BLOCK_LEN > MAX_BLOCKSIZE |
43 | | # error OCB_BLOCKLEN > MAX_BLOCKSIZE |
44 | | #endif |
45 | | |
46 | | |
47 | | |
48 | | /* Magic values for the context structure. */ |
49 | 1.55k | #define CTX_MAGIC_NORMAL 0x24091964 |
50 | 872 | #define CTX_MAGIC_SECURE 0x46919042 |
51 | | |
52 | | /* Try to use 16 byte aligned cipher context for better performance. |
53 | | We use the aligned attribute, thus it is only possible to implement |
54 | | this with gcc. */ |
55 | | #undef NEED_16BYTE_ALIGNED_CONTEXT |
56 | | #ifdef HAVE_GCC_ATTRIBUTE_ALIGNED |
57 | | # define NEED_16BYTE_ALIGNED_CONTEXT 1 |
58 | | #endif |
59 | | |
60 | | /* Undef this symbol to trade GCM speed for 256 bytes of memory per context */ |
61 | | #define GCM_USE_TABLES 1 |
62 | | |
63 | | |
64 | | /* GCM_USE_INTEL_PCLMUL indicates whether to compile GCM with Intel PCLMUL |
65 | | code. */ |
66 | | #undef GCM_USE_INTEL_PCLMUL |
67 | | #if defined(ENABLE_PCLMUL_SUPPORT) && defined(GCM_USE_TABLES) |
68 | | # if ((defined(__i386__) && SIZEOF_UNSIGNED_LONG == 4) || defined(__x86_64__)) |
69 | | # if __GNUC__ >= 4 |
70 | | # define GCM_USE_INTEL_PCLMUL 1 |
71 | | # endif |
72 | | # endif |
73 | | #endif /* GCM_USE_INTEL_PCLMUL */ |
74 | | |
75 | | /* GCM_USE_INTEL_VPCLMUL_AVX2 indicates whether to compile GCM with Intel |
76 | | VPCLMUL/AVX2 code. */ |
77 | | #undef GCM_USE_INTEL_VPCLMUL_AVX2 |
78 | | #if defined(__x86_64__) && defined(GCM_USE_INTEL_PCLMUL) && \ |
79 | | defined(ENABLE_AVX2_SUPPORT) && defined(HAVE_GCC_INLINE_ASM_VAES_VPCLMUL) |
80 | | # define GCM_USE_INTEL_VPCLMUL_AVX2 1 |
81 | | #endif /* GCM_USE_INTEL_VPCLMUL_AVX2 */ |
82 | | |
83 | | /* GCM_USE_INTEL_VPCLMUL_AVX512 indicates whether to compile GCM with Intel |
84 | | VPCLMUL/AVX512 code. */ |
85 | | #undef GCM_USE_INTEL_VPCLMUL_AVX512 |
86 | | #if defined(__x86_64__) && defined(GCM_USE_INTEL_VPCLMUL_AVX2) && \ |
87 | | defined(ENABLE_AVX512_SUPPORT) && defined(HAVE_GCC_INLINE_ASM_AVX512) |
88 | | # define GCM_USE_INTEL_VPCLMUL_AVX512 1 |
89 | | #endif /* GCM_USE_INTEL_VPCLMUL_AVX512 */ |
90 | | |
91 | | /* GCM_USE_ARM_PMULL indicates whether to compile GCM with ARMv8 PMULL code. */ |
92 | | #undef GCM_USE_ARM_PMULL |
93 | | #if defined(ENABLE_ARM_CRYPTO_SUPPORT) && defined(GCM_USE_TABLES) |
94 | | # if defined(HAVE_ARM_ARCH_V6) && defined(__ARMEL__) \ |
95 | | && defined(HAVE_COMPATIBLE_GCC_ARM_PLATFORM_AS) \ |
96 | | && defined(HAVE_GCC_INLINE_ASM_AARCH32_CRYPTO) |
97 | | # define GCM_USE_ARM_PMULL 1 |
98 | | # elif defined(__AARCH64EL__) && \ |
99 | | defined(HAVE_COMPATIBLE_GCC_AARCH64_PLATFORM_AS) && \ |
100 | | defined(HAVE_GCC_INLINE_ASM_AARCH64_CRYPTO) |
101 | | # define GCM_USE_ARM_PMULL 1 |
102 | | # endif |
103 | | #endif /* GCM_USE_ARM_PMULL */ |
104 | | |
105 | | /* GCM_USE_ARM_NEON indicates whether to compile GCM with ARMv7 NEON code. */ |
106 | | #undef GCM_USE_ARM_NEON |
107 | | #if defined(GCM_USE_TABLES) |
108 | | #if defined(HAVE_ARM_ARCH_V6) && defined(__ARMEL__) && \ |
109 | | defined(HAVE_COMPATIBLE_GCC_ARM_PLATFORM_AS) && \ |
110 | | defined(HAVE_GCC_INLINE_ASM_NEON) |
111 | | # define GCM_USE_ARM_NEON 1 |
112 | | #endif |
113 | | #endif /* GCM_USE_ARM_NEON */ |
114 | | |
115 | | /* GCM_USE_AARCH64 indicates whether to compile GCM with AArch64 SIMD code. */ |
116 | | #undef GCM_USE_AARCH64 |
117 | | #if defined(__AARCH64EL__) && defined(HAVE_COMPATIBLE_GCC_AARCH64_PLATFORM_AS) |
118 | | # define GCM_USE_AARCH64 1 |
119 | | #endif |
120 | | |
121 | | /* GCM_USE_S390X_CRYPTO indicates whether to enable zSeries code. */ |
122 | | #undef GCM_USE_S390X_CRYPTO |
123 | | #if defined(HAVE_GCC_INLINE_ASM_S390X) |
124 | | # define GCM_USE_S390X_CRYPTO 1 |
125 | | #endif /* GCM_USE_S390X_CRYPTO */ |
126 | | |
127 | | /* GCM_USE_PPC_VPMSUM indicates whether to compile GCM with PPC Power 8 |
128 | | * polynomial multiplication instruction. */ |
129 | | #undef GCM_USE_PPC_VPMSUM |
130 | | #if defined(GCM_USE_TABLES) |
131 | | #if defined(ENABLE_PPC_CRYPTO_SUPPORT) && defined(__powerpc64__) && \ |
132 | | defined(HAVE_COMPATIBLE_CC_PPC_ALTIVEC) && \ |
133 | | defined(HAVE_GCC_INLINE_ASM_PPC_ALTIVEC) && __GNUC__ >= 4 |
134 | | # define GCM_USE_PPC_VPMSUM 1 |
135 | | # define NEED_16BYTE_ALIGNED_CONTEXT 1 /* this also aligns gcm_table */ |
136 | | #endif |
137 | | #endif /* GCM_USE_PPC_VPMSUM */ |
138 | | |
139 | | typedef unsigned int (*ghash_fn_t) (gcry_cipher_hd_t c, byte *result, |
140 | | const byte *buf, size_t nblocks); |
141 | | |
142 | | |
143 | | /* A structure with function pointers for mode operations. */ |
144 | | typedef struct cipher_mode_ops |
145 | | { |
146 | | gcry_err_code_t (*encrypt)(gcry_cipher_hd_t c, unsigned char *outbuf, |
147 | | size_t outbuflen, const unsigned char *inbuf, |
148 | | size_t inbuflen); |
149 | | gcry_err_code_t (*decrypt)(gcry_cipher_hd_t c, unsigned char *outbuf, |
150 | | size_t outbuflen, const unsigned char *inbuf, |
151 | | size_t inbuflen); |
152 | | gcry_err_code_t (*setiv)(gcry_cipher_hd_t c, const unsigned char *iv, |
153 | | size_t ivlen); |
154 | | |
155 | | gcry_err_code_t (*authenticate)(gcry_cipher_hd_t c, |
156 | | const unsigned char *abuf, size_t abuflen); |
157 | | gcry_err_code_t (*get_tag)(gcry_cipher_hd_t c, unsigned char *outtag, |
158 | | size_t taglen); |
159 | | gcry_err_code_t (*check_tag)(gcry_cipher_hd_t c, const unsigned char *intag, |
160 | | size_t taglen); |
161 | | } cipher_mode_ops_t; |
162 | | |
163 | | |
164 | | /* A structure with function pointers for bulk operations. The cipher |
165 | | algorithm setkey function initializes them when bulk operations are |
166 | | available and the actual encryption routines use them if they are |
167 | | not NULL. */ |
168 | | typedef struct cipher_bulk_ops |
169 | | { |
170 | | void (*ecb_crypt)(void *context, void *outbuf_arg, const void *inbuf_arg, |
171 | | size_t nblocks, int encrypt); |
172 | | void (*cfb_enc)(void *context, unsigned char *iv, void *outbuf_arg, |
173 | | const void *inbuf_arg, size_t nblocks); |
174 | | void (*cfb_dec)(void *context, unsigned char *iv, void *outbuf_arg, |
175 | | const void *inbuf_arg, size_t nblocks); |
176 | | void (*cbc_enc)(void *context, unsigned char *iv, void *outbuf_arg, |
177 | | const void *inbuf_arg, size_t nblocks, int cbc_mac); |
178 | | void (*cbc_dec)(void *context, unsigned char *iv, void *outbuf_arg, |
179 | | const void *inbuf_arg, size_t nblocks); |
180 | | void (*ofb_enc)(void *context, unsigned char *iv, void *outbuf_arg, |
181 | | const void *inbuf_arg, size_t nblocks); |
182 | | void (*ctr_enc)(void *context, unsigned char *iv, void *outbuf_arg, |
183 | | const void *inbuf_arg, size_t nblocks); |
184 | | void (*ctr32le_enc)(void *context, unsigned char *iv, void *outbuf_arg, |
185 | | const void *inbuf_arg, size_t nblocks); |
186 | | size_t (*ocb_crypt)(gcry_cipher_hd_t c, void *outbuf_arg, |
187 | | const void *inbuf_arg, size_t nblocks, int encrypt); |
188 | | size_t (*ocb_auth)(gcry_cipher_hd_t c, const void *abuf_arg, size_t nblocks); |
189 | | void (*xts_crypt)(void *context, unsigned char *tweak, void *outbuf_arg, |
190 | | const void *inbuf_arg, size_t nblocks, int encrypt); |
191 | | size_t (*gcm_crypt)(gcry_cipher_hd_t c, void *outbuf_arg, |
192 | | const void *inbuf_arg, size_t nblocks, int encrypt); |
193 | | } cipher_bulk_ops_t; |
194 | | |
195 | | |
196 | | /* A VIA processor with the Padlock engine as well as the Intel AES_NI |
197 | | instructions require an alignment of most data on a 16 byte |
198 | | boundary. Because we trick out the compiler while allocating the |
199 | | context, the align attribute as used in rijndael.c does not work on |
200 | | its own. Thus we need to make sure that the entire context |
201 | | structure is a aligned on that boundary. We achieve this by |
202 | | defining a new type and use that instead of our usual alignment |
203 | | type. */ |
204 | | typedef union |
205 | | { |
206 | | PROPERLY_ALIGNED_TYPE foo; |
207 | | #ifdef NEED_16BYTE_ALIGNED_CONTEXT |
208 | | char bar[16] __attribute__ ((aligned (16))); |
209 | | #endif |
210 | | char c[1]; |
211 | | } cipher_context_alignment_t; |
212 | | |
213 | | |
214 | | /* Storage structure for CMAC, for CMAC and EAX modes. */ |
215 | | typedef struct { |
216 | | /* The initialization vector. Also contains tag after finalization. */ |
217 | | union { |
218 | | cipher_context_alignment_t iv_align; |
219 | | unsigned char iv[MAX_BLOCKSIZE]; |
220 | | } u_iv; |
221 | | |
222 | | /* Subkeys for tag creation, not cleared by gcry_cipher_reset. */ |
223 | | unsigned char subkeys[2][MAX_BLOCKSIZE]; |
224 | | |
225 | | /* Space to save partial input lengths for MAC. */ |
226 | | unsigned char macbuf[MAX_BLOCKSIZE]; |
227 | | |
228 | | int mac_unused; /* Number of unprocessed bytes in MACBUF. */ |
229 | | unsigned int tag:1; /* Set to 1 if tag has been finalized. */ |
230 | | } gcry_cmac_context_t; |
231 | | |
232 | | |
233 | | /* The handle structure. */ |
234 | | struct gcry_cipher_handle |
235 | | { |
236 | | int magic; |
237 | | size_t actual_handle_size; /* Allocated size of this handle. */ |
238 | | size_t handle_offset; /* Offset to the malloced block. */ |
239 | | gcry_cipher_spec_t *spec; |
240 | | |
241 | | /* The algorithm id. This is a hack required because the module |
242 | | interface does not easily allow to retrieve this value. */ |
243 | | int algo; |
244 | | |
245 | | /* A structure with function pointers for mode operations. */ |
246 | | cipher_mode_ops_t mode_ops; |
247 | | |
248 | | /* A structure with function pointers for bulk operations. Due to |
249 | | limitations of the module system (we don't want to change the |
250 | | API) we need to keep these function pointers here. */ |
251 | | cipher_bulk_ops_t bulk; |
252 | | |
253 | | int mode; |
254 | | unsigned int flags; |
255 | | |
256 | | struct { |
257 | | int geniv_method; |
258 | | unsigned char fixed[MAX_BLOCKSIZE]; |
259 | | unsigned char dynamic[MAX_BLOCKSIZE]; |
260 | | size_t fixed_iv_len; |
261 | | size_t dynamic_iv_len; |
262 | | } aead; |
263 | | |
264 | | struct { |
265 | | unsigned int key:1; /* Set to 1 if a key has been set. */ |
266 | | unsigned int iv:1; /* Set to 1 if a IV has been set. */ |
267 | | unsigned int tag:1; /* Set to 1 if a tag is finalized. */ |
268 | | unsigned int finalize:1; /* Next encrypt/decrypt has the final data. */ |
269 | | unsigned int allow_weak_key:1; /* Set to 1 if weak keys are allowed. */ |
270 | | } marks; |
271 | | |
272 | | /* The initialization vector. For best performance we make sure |
273 | | that it is properly aligned. In particular some implementations |
274 | | of bulk operations expect an 16 byte aligned IV. IV is also used |
275 | | to store CBC-MAC in CCM mode; counter IV is stored in U_CTR. For |
276 | | OCB mode it is used for the offset value. */ |
277 | | union { |
278 | | cipher_context_alignment_t iv_align; |
279 | | unsigned char iv[MAX_BLOCKSIZE]; |
280 | | } u_iv; |
281 | | |
282 | | /* The counter for CTR mode. This field is also used by AESWRAP and |
283 | | thus we can't use the U_IV union. For OCB mode it is used for |
284 | | the checksum. */ |
285 | | union { |
286 | | cipher_context_alignment_t iv_align; |
287 | | unsigned char ctr[MAX_BLOCKSIZE]; |
288 | | } u_ctr; |
289 | | |
290 | | /* Space to save an IV or CTR for chaining operations. */ |
291 | | unsigned char lastiv[MAX_BLOCKSIZE]; |
292 | | int unused; /* Number of unused bytes in LASTIV. */ |
293 | | |
294 | | union { |
295 | | /* Mode specific storage for CCM mode. */ |
296 | | struct { |
297 | | u64 encryptlen; |
298 | | u64 aadlen; |
299 | | unsigned int authlen; |
300 | | |
301 | | /* Space to save partial input lengths for MAC. */ |
302 | | unsigned char macbuf[GCRY_CCM_BLOCK_LEN]; |
303 | | int mac_unused; /* Number of unprocessed bytes in MACBUF. */ |
304 | | |
305 | | unsigned char s0[GCRY_CCM_BLOCK_LEN]; |
306 | | |
307 | | unsigned int nonce:1; /* Set to 1 if nonce has been set. */ |
308 | | unsigned int lengths:1; /* Set to 1 if CCM length parameters has been |
309 | | processed. */ |
310 | | } ccm; |
311 | | |
312 | | /* Mode specific storage for Poly1305 mode. */ |
313 | | struct { |
314 | | /* byte counter for AAD. */ |
315 | | u32 aadcount[2]; |
316 | | |
317 | | /* byte counter for data. */ |
318 | | u32 datacount[2]; |
319 | | |
320 | | unsigned int aad_finalized:1; |
321 | | unsigned int bytecount_over_limits:1; |
322 | | |
323 | | poly1305_context_t ctx; |
324 | | } poly1305; |
325 | | |
326 | | /* Mode specific storage for CMAC mode. */ |
327 | | gcry_cmac_context_t cmac; |
328 | | |
329 | | /* Mode specific storage for EAX mode. */ |
330 | | struct { |
331 | | /* CMAC for header (AAD). */ |
332 | | gcry_cmac_context_t cmac_header; |
333 | | |
334 | | /* CMAC for ciphertext. */ |
335 | | gcry_cmac_context_t cmac_ciphertext; |
336 | | } eax; |
337 | | |
338 | | /* Mode specific storage for GCM mode and GCM-SIV mode. */ |
339 | | struct { |
340 | | /* The interim tag for GCM mode. */ |
341 | | union { |
342 | | cipher_context_alignment_t iv_align; |
343 | | unsigned char tag[MAX_BLOCKSIZE]; |
344 | | } u_tag; |
345 | | |
346 | | /* Space to save partial input lengths for MAC. */ |
347 | | unsigned char macbuf[GCRY_CCM_BLOCK_LEN]; |
348 | | int mac_unused; /* Number of unprocessed bytes in MACBUF. */ |
349 | | |
350 | | /* byte counters for GCM */ |
351 | | u32 aadlen[2]; |
352 | | u32 datalen[2]; |
353 | | |
354 | | /* encrypted tag counter */ |
355 | | unsigned char tagiv[MAX_BLOCKSIZE]; |
356 | | |
357 | | unsigned int ghash_data_finalized:1; |
358 | | unsigned int ghash_aad_finalized:1; |
359 | | |
360 | | unsigned int datalen_over_limits:1; |
361 | | unsigned int disallow_encryption_because_of_setiv_in_fips_mode:1; |
362 | | |
363 | | /* --- Following members are not cleared in gcry_cipher_reset --- */ |
364 | | |
365 | | /* GHASH multiplier from key. */ |
366 | | union { |
367 | | cipher_context_alignment_t iv_align; |
368 | | unsigned char key[MAX_BLOCKSIZE]; |
369 | | } u_ghash_key; |
370 | | |
371 | | /* Pre-calculated table for GCM. */ |
372 | | #ifdef GCM_USE_TABLES |
373 | | #if (SIZEOF_UNSIGNED_LONG == 8 || defined(__x86_64__)) |
374 | | #define GCM_TABLES_USE_U64 1 |
375 | | u64 gcm_table[4 * 16]; |
376 | | #else |
377 | | #undef GCM_TABLES_USE_U64 |
378 | | u32 gcm_table[8 * 16]; |
379 | | #endif |
380 | | #endif |
381 | | |
382 | | /* GHASH implementation in use. */ |
383 | | ghash_fn_t ghash_fn; |
384 | | |
385 | | /* POLYVAL implementation in use (GCM-SIV). */ |
386 | | ghash_fn_t polyval_fn; |
387 | | |
388 | | /* Key length used for GCM-SIV key generating key. */ |
389 | | unsigned int siv_keylen; |
390 | | |
391 | | /* Flags for accelerated implementations. */ |
392 | | unsigned int hw_impl_flags; |
393 | | } gcm; |
394 | | |
395 | | /* Mode specific storage for OCB mode. */ |
396 | | struct { |
397 | | /* --- Following members are not cleared in gcry_cipher_reset --- */ |
398 | | |
399 | | /* Helper variables and pre-computed table of L values. */ |
400 | | unsigned char L_star[OCB_BLOCK_LEN]; |
401 | | unsigned char L_dollar[OCB_BLOCK_LEN]; |
402 | | unsigned char L0L1[OCB_BLOCK_LEN]; |
403 | | unsigned char L[OCB_L_TABLE_SIZE][OCB_BLOCK_LEN]; |
404 | | |
405 | | /* --- Following members are cleared in gcry_cipher_reset --- */ |
406 | | |
407 | | /* The tag is valid if marks.tag has been set. */ |
408 | | unsigned char tag[OCB_BLOCK_LEN]; |
409 | | |
410 | | /* A buffer to hold the offset for the AAD processing. */ |
411 | | unsigned char aad_offset[OCB_BLOCK_LEN]; |
412 | | |
413 | | /* A buffer to hold the current sum of AAD processing. We can't |
414 | | use tag here because tag may already hold the preprocessed |
415 | | checksum of the data. */ |
416 | | unsigned char aad_sum[OCB_BLOCK_LEN]; |
417 | | |
418 | | /* A buffer to store AAD data not yet processed. */ |
419 | | unsigned char aad_leftover[OCB_BLOCK_LEN]; |
420 | | |
421 | | /* Number of data/aad blocks processed so far. */ |
422 | | u64 data_nblocks; |
423 | | u64 aad_nblocks; |
424 | | |
425 | | /* Number of valid bytes in AAD_LEFTOVER. */ |
426 | | unsigned char aad_nleftover; |
427 | | |
428 | | /* Length of the tag. Fixed for now but may eventually be |
429 | | specified using a set of gcry_cipher_flags. */ |
430 | | unsigned char taglen; |
431 | | |
432 | | /* Flags indicating that the final data/aad block has been |
433 | | processed. */ |
434 | | unsigned int data_finalized:1; |
435 | | unsigned int aad_finalized:1; |
436 | | } ocb; |
437 | | |
438 | | /* Mode specific storage for XTS mode. */ |
439 | | struct { |
440 | | /* Pointer to tweak cipher context, allocated after actual |
441 | | * cipher context. */ |
442 | | char *tweak_context; |
443 | | } xts; |
444 | | |
445 | | /* Mode specific storage for SIV mode. */ |
446 | | struct { |
447 | | /* Tag used for decryption. */ |
448 | | unsigned char dec_tag[GCRY_SIV_BLOCK_LEN]; |
449 | | |
450 | | /* S2V state. */ |
451 | | unsigned char s2v_d[GCRY_SIV_BLOCK_LEN]; |
452 | | |
453 | | /* Number of AAD elements processed. */ |
454 | | unsigned int aad_count:8; |
455 | | |
456 | | /* Flags for SIV state. */ |
457 | | unsigned int dec_tag_set:1; |
458 | | |
459 | | /* --- Following members are not cleared in gcry_cipher_reset --- */ |
460 | | |
461 | | /* S2V CMAC state. */ |
462 | | gcry_cmac_context_t s2v_cmac; |
463 | | unsigned char s2v_zero_block[GCRY_SIV_BLOCK_LEN]; |
464 | | |
465 | | /* Pointer to CTR cipher context, allocated after actual |
466 | | * cipher context. */ |
467 | | char *ctr_context; |
468 | | } siv; |
469 | | |
470 | | /* Mode specific storage for WRAP mode. */ |
471 | | struct { |
472 | | unsigned char plen[4]; |
473 | | } wrap; |
474 | | } u_mode; |
475 | | |
476 | | /* What follows are two contexts of the cipher in use. The first |
477 | | one needs to be aligned well enough for the cipher operation |
478 | | whereas the second one is a copy created by cipher_setkey and |
479 | | used by cipher_reset. That second copy has no need for proper |
480 | | aligment because it is only accessed by memcpy. */ |
481 | | cipher_context_alignment_t context; |
482 | | }; |
483 | | |
484 | | |
485 | | /*-- cipher-cbc.c --*/ |
486 | | gcry_err_code_t _gcry_cipher_cbc_encrypt |
487 | | /* */ (gcry_cipher_hd_t c, |
488 | | unsigned char *outbuf, size_t outbuflen, |
489 | | const unsigned char *inbuf, size_t inbuflen); |
490 | | gcry_err_code_t _gcry_cipher_cbc_decrypt |
491 | | /* */ (gcry_cipher_hd_t c, |
492 | | unsigned char *outbuf, size_t outbuflen, |
493 | | const unsigned char *inbuf, size_t inbuflen); |
494 | | gcry_err_code_t _gcry_cipher_cbc_cts_encrypt |
495 | | /* */ (gcry_cipher_hd_t c, |
496 | | unsigned char *outbuf, size_t outbuflen, |
497 | | const unsigned char *inbuf, size_t inbuflen); |
498 | | gcry_err_code_t _gcry_cipher_cbc_cts_decrypt |
499 | | /* */ (gcry_cipher_hd_t c, |
500 | | unsigned char *outbuf, size_t outbuflen, |
501 | | const unsigned char *inbuf, size_t inbuflen); |
502 | | |
503 | | /*-- cipher-cfb.c --*/ |
504 | | gcry_err_code_t _gcry_cipher_cfb_encrypt |
505 | | /* */ (gcry_cipher_hd_t c, |
506 | | unsigned char *outbuf, size_t outbuflen, |
507 | | const unsigned char *inbuf, size_t inbuflen); |
508 | | gcry_err_code_t _gcry_cipher_cfb_decrypt |
509 | | /* */ (gcry_cipher_hd_t c, |
510 | | unsigned char *outbuf, size_t outbuflen, |
511 | | const unsigned char *inbuf, size_t inbuflen); |
512 | | gcry_err_code_t _gcry_cipher_cfb8_encrypt |
513 | | /* */ (gcry_cipher_hd_t c, |
514 | | unsigned char *outbuf, size_t outbuflen, |
515 | | const unsigned char *inbuf, size_t inbuflen); |
516 | | gcry_err_code_t _gcry_cipher_cfb8_decrypt |
517 | | /* */ (gcry_cipher_hd_t c, |
518 | | unsigned char *outbuf, size_t outbuflen, |
519 | | const unsigned char *inbuf, size_t inbuflen); |
520 | | |
521 | | |
522 | | /*-- cipher-ofb.c --*/ |
523 | | gcry_err_code_t _gcry_cipher_ofb_encrypt |
524 | | /* */ (gcry_cipher_hd_t c, |
525 | | unsigned char *outbuf, size_t outbuflen, |
526 | | const unsigned char *inbuf, size_t inbuflen); |
527 | | |
528 | | /*-- cipher-ctr.c --*/ |
529 | | gcry_err_code_t _gcry_cipher_ctr_encrypt_ctx |
530 | | /* */ (gcry_cipher_hd_t c, |
531 | | unsigned char *outbuf, size_t outbuflen, |
532 | | const unsigned char *inbuf, size_t inbuflen, |
533 | | void *algo_context); |
534 | | gcry_err_code_t _gcry_cipher_ctr_encrypt |
535 | | /* */ (gcry_cipher_hd_t c, |
536 | | unsigned char *outbuf, size_t outbuflen, |
537 | | const unsigned char *inbuf, size_t inbuflen); |
538 | | |
539 | | |
540 | | /*-- cipher-aeswrap.c --*/ |
541 | | gcry_err_code_t _gcry_cipher_keywrap_encrypt |
542 | | /* */ (gcry_cipher_hd_t c, |
543 | | byte *outbuf, size_t outbuflen, |
544 | | const byte *inbuf, size_t inbuflen); |
545 | | gcry_err_code_t _gcry_cipher_keywrap_encrypt_padding |
546 | | /* */ (gcry_cipher_hd_t c, |
547 | | byte *outbuf, size_t outbuflen, |
548 | | const byte *inbuf, size_t inbuflen); |
549 | | gcry_err_code_t _gcry_cipher_keywrap_decrypt_auto |
550 | | /* */ (gcry_cipher_hd_t c, |
551 | | byte *outbuf, size_t outbuflen, |
552 | | const byte *inbuf, size_t inbuflen); |
553 | | |
554 | | |
555 | | /*-- cipher-ccm.c --*/ |
556 | | gcry_err_code_t _gcry_cipher_ccm_encrypt |
557 | | /* */ (gcry_cipher_hd_t c, |
558 | | unsigned char *outbuf, size_t outbuflen, |
559 | | const unsigned char *inbuf, size_t inbuflen); |
560 | | gcry_err_code_t _gcry_cipher_ccm_decrypt |
561 | | /* */ (gcry_cipher_hd_t c, |
562 | | unsigned char *outbuf, size_t outbuflen, |
563 | | const unsigned char *inbuf, size_t inbuflen); |
564 | | gcry_err_code_t _gcry_cipher_ccm_set_nonce |
565 | | /* */ (gcry_cipher_hd_t c, const unsigned char *nonce, |
566 | | size_t noncelen); |
567 | | gcry_err_code_t _gcry_cipher_ccm_authenticate |
568 | | /* */ (gcry_cipher_hd_t c, const unsigned char *abuf, size_t abuflen); |
569 | | gcry_err_code_t _gcry_cipher_ccm_set_lengths |
570 | | /* */ (gcry_cipher_hd_t c, u64 encryptedlen, u64 aadlen, u64 taglen); |
571 | | gcry_err_code_t _gcry_cipher_ccm_get_tag |
572 | | /* */ (gcry_cipher_hd_t c, |
573 | | unsigned char *outtag, size_t taglen); |
574 | | gcry_err_code_t _gcry_cipher_ccm_check_tag |
575 | | /* */ (gcry_cipher_hd_t c, |
576 | | const unsigned char *intag, size_t taglen); |
577 | | |
578 | | |
579 | | /*-- cipher-cmac.c --*/ |
580 | | gcry_err_code_t _gcry_cmac_generate_subkeys |
581 | | /* */ (gcry_cipher_hd_t c, gcry_cmac_context_t *ctx); |
582 | | gcry_err_code_t _gcry_cmac_write |
583 | | /* */ (gcry_cipher_hd_t c, gcry_cmac_context_t *ctx, |
584 | | const byte * inbuf, size_t inlen); |
585 | | gcry_err_code_t _gcry_cmac_final |
586 | | /* */ (gcry_cipher_hd_t c, gcry_cmac_context_t *ctx); |
587 | | void _gcry_cmac_reset (gcry_cmac_context_t *ctx); |
588 | | |
589 | | |
590 | | /*-- cipher-eax.c --*/ |
591 | | gcry_err_code_t _gcry_cipher_eax_encrypt |
592 | | /* */ (gcry_cipher_hd_t c, |
593 | | unsigned char *outbuf, size_t outbuflen, |
594 | | const unsigned char *inbuf, size_t inbuflen); |
595 | | gcry_err_code_t _gcry_cipher_eax_decrypt |
596 | | /* */ (gcry_cipher_hd_t c, |
597 | | unsigned char *outbuf, size_t outbuflen, |
598 | | const unsigned char *inbuf, size_t inbuflen); |
599 | | gcry_err_code_t _gcry_cipher_eax_set_nonce |
600 | | /* */ (gcry_cipher_hd_t c, |
601 | | const unsigned char *nonce, size_t noncelen); |
602 | | gcry_err_code_t _gcry_cipher_eax_authenticate |
603 | | /* */ (gcry_cipher_hd_t c, |
604 | | const unsigned char *aadbuf, size_t aadbuflen); |
605 | | gcry_err_code_t _gcry_cipher_eax_get_tag |
606 | | /* */ (gcry_cipher_hd_t c, |
607 | | unsigned char *outtag, size_t taglen); |
608 | | gcry_err_code_t _gcry_cipher_eax_check_tag |
609 | | /* */ (gcry_cipher_hd_t c, |
610 | | const unsigned char *intag, size_t taglen); |
611 | | gcry_err_code_t _gcry_cipher_eax_setkey |
612 | | /* */ (gcry_cipher_hd_t c); |
613 | | |
614 | | |
615 | | /*-- cipher-gcm.c --*/ |
616 | | gcry_err_code_t _gcry_cipher_gcm_encrypt |
617 | | /* */ (gcry_cipher_hd_t c, |
618 | | unsigned char *outbuf, size_t outbuflen, |
619 | | const unsigned char *inbuf, size_t inbuflen); |
620 | | gcry_err_code_t _gcry_cipher_gcm_decrypt |
621 | | /* */ (gcry_cipher_hd_t c, |
622 | | unsigned char *outbuf, size_t outbuflen, |
623 | | const unsigned char *inbuf, size_t inbuflen); |
624 | | gcry_err_code_t _gcry_cipher_gcm_setiv |
625 | | /* */ (gcry_cipher_hd_t c, |
626 | | const unsigned char *iv, size_t ivlen); |
627 | | gcry_err_code_t _gcry_cipher_gcm_authenticate |
628 | | /* */ (gcry_cipher_hd_t c, |
629 | | const unsigned char *aadbuf, size_t aadbuflen); |
630 | | gcry_err_code_t _gcry_cipher_gcm_get_tag |
631 | | /* */ (gcry_cipher_hd_t c, |
632 | | unsigned char *outtag, size_t taglen); |
633 | | gcry_err_code_t _gcry_cipher_gcm_check_tag |
634 | | /* */ (gcry_cipher_hd_t c, |
635 | | const unsigned char *intag, size_t taglen); |
636 | | void _gcry_cipher_gcm_setkey |
637 | | /* */ (gcry_cipher_hd_t c); |
638 | | void _gcry_cipher_gcm_setupM |
639 | | /* */ (gcry_cipher_hd_t c); |
640 | | |
641 | | |
642 | | /*-- cipher-poly1305.c --*/ |
643 | | gcry_err_code_t _gcry_cipher_poly1305_encrypt |
644 | | /* */ (gcry_cipher_hd_t c, |
645 | | unsigned char *outbuf, size_t outbuflen, |
646 | | const unsigned char *inbuf, size_t inbuflen); |
647 | | gcry_err_code_t _gcry_cipher_poly1305_decrypt |
648 | | /* */ (gcry_cipher_hd_t c, |
649 | | unsigned char *outbuf, size_t outbuflen, |
650 | | const unsigned char *inbuf, size_t inbuflen); |
651 | | gcry_err_code_t _gcry_cipher_poly1305_setiv |
652 | | /* */ (gcry_cipher_hd_t c, |
653 | | const unsigned char *iv, size_t ivlen); |
654 | | gcry_err_code_t _gcry_cipher_poly1305_authenticate |
655 | | /* */ (gcry_cipher_hd_t c, |
656 | | const unsigned char *aadbuf, size_t aadbuflen); |
657 | | gcry_err_code_t _gcry_cipher_poly1305_get_tag |
658 | | /* */ (gcry_cipher_hd_t c, |
659 | | unsigned char *outtag, size_t taglen); |
660 | | gcry_err_code_t _gcry_cipher_poly1305_check_tag |
661 | | /* */ (gcry_cipher_hd_t c, |
662 | | const unsigned char *intag, size_t taglen); |
663 | | void _gcry_cipher_poly1305_setkey |
664 | | /* */ (gcry_cipher_hd_t c); |
665 | | |
666 | | |
667 | | /*-- chacha20.c --*/ |
668 | | gcry_err_code_t _gcry_chacha20_poly1305_encrypt |
669 | | /* */ (gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf, |
670 | | size_t length); |
671 | | gcry_err_code_t _gcry_chacha20_poly1305_decrypt |
672 | | /* */ (gcry_cipher_hd_t c, byte *outbuf, const byte *inbuf, |
673 | | size_t length); |
674 | | |
675 | | |
676 | | /*-- cipher-ocb.c --*/ |
677 | | gcry_err_code_t _gcry_cipher_ocb_encrypt |
678 | | /* */ (gcry_cipher_hd_t c, |
679 | | unsigned char *outbuf, size_t outbuflen, |
680 | | const unsigned char *inbuf, size_t inbuflen); |
681 | | gcry_err_code_t _gcry_cipher_ocb_decrypt |
682 | | /* */ (gcry_cipher_hd_t c, |
683 | | unsigned char *outbuf, size_t outbuflen, |
684 | | const unsigned char *inbuf, size_t inbuflen); |
685 | | gcry_err_code_t _gcry_cipher_ocb_set_nonce |
686 | | /* */ (gcry_cipher_hd_t c, const unsigned char *nonce, |
687 | | size_t noncelen); |
688 | | gcry_err_code_t _gcry_cipher_ocb_authenticate |
689 | | /* */ (gcry_cipher_hd_t c, const unsigned char *abuf, size_t abuflen); |
690 | | gcry_err_code_t _gcry_cipher_ocb_get_tag |
691 | | /* */ (gcry_cipher_hd_t c, |
692 | | unsigned char *outtag, size_t taglen); |
693 | | gcry_err_code_t _gcry_cipher_ocb_check_tag |
694 | | /* */ (gcry_cipher_hd_t c, |
695 | | const unsigned char *intag, size_t taglen); |
696 | | void _gcry_cipher_ocb_setkey |
697 | | /* */ (gcry_cipher_hd_t c); |
698 | | |
699 | | |
700 | | /*-- cipher-xts.c --*/ |
701 | | gcry_err_code_t _gcry_cipher_xts_encrypt |
702 | | /* */ (gcry_cipher_hd_t c, unsigned char *outbuf, size_t outbuflen, |
703 | | const unsigned char *inbuf, size_t inbuflen); |
704 | | gcry_err_code_t _gcry_cipher_xts_decrypt |
705 | | /* */ (gcry_cipher_hd_t c, unsigned char *outbuf, size_t outbuflen, |
706 | | const unsigned char *inbuf, size_t inbuflen); |
707 | | |
708 | | |
709 | | /*-- cipher-siv.c --*/ |
710 | | gcry_err_code_t _gcry_cipher_siv_encrypt |
711 | | /* */ (gcry_cipher_hd_t c, |
712 | | unsigned char *outbuf, size_t outbuflen, |
713 | | const unsigned char *inbuf, size_t inbuflen); |
714 | | gcry_err_code_t _gcry_cipher_siv_decrypt |
715 | | /* */ (gcry_cipher_hd_t c, |
716 | | unsigned char *outbuf, size_t outbuflen, |
717 | | const unsigned char *inbuf, size_t inbuflen); |
718 | | gcry_err_code_t _gcry_cipher_siv_set_nonce |
719 | | /* */ (gcry_cipher_hd_t c, const unsigned char *nonce, |
720 | | size_t noncelen); |
721 | | gcry_err_code_t _gcry_cipher_siv_authenticate |
722 | | /* */ (gcry_cipher_hd_t c, const unsigned char *abuf, size_t abuflen); |
723 | | gcry_err_code_t _gcry_cipher_siv_set_decryption_tag |
724 | | /* */ (gcry_cipher_hd_t c, const byte *tag, size_t taglen); |
725 | | gcry_err_code_t _gcry_cipher_siv_get_tag |
726 | | /* */ (gcry_cipher_hd_t c, |
727 | | unsigned char *outtag, size_t taglen); |
728 | | gcry_err_code_t _gcry_cipher_siv_check_tag |
729 | | /* */ (gcry_cipher_hd_t c, |
730 | | const unsigned char *intag, size_t taglen); |
731 | | gcry_err_code_t _gcry_cipher_siv_setkey |
732 | | /* */ (gcry_cipher_hd_t c, |
733 | | const unsigned char *ctrkey, size_t ctrkeylen); |
734 | | |
735 | | |
736 | | /*-- cipher-gcm-siv.c --*/ |
737 | | gcry_err_code_t _gcry_cipher_gcm_siv_encrypt |
738 | | /* */ (gcry_cipher_hd_t c, |
739 | | unsigned char *outbuf, size_t outbuflen, |
740 | | const unsigned char *inbuf, size_t inbuflen); |
741 | | gcry_err_code_t _gcry_cipher_gcm_siv_decrypt |
742 | | /* */ (gcry_cipher_hd_t c, |
743 | | unsigned char *outbuf, size_t outbuflen, |
744 | | const unsigned char *inbuf, size_t inbuflen); |
745 | | gcry_err_code_t _gcry_cipher_gcm_siv_set_nonce |
746 | | /* */ (gcry_cipher_hd_t c, const unsigned char *nonce, |
747 | | size_t noncelen); |
748 | | gcry_err_code_t _gcry_cipher_gcm_siv_authenticate |
749 | | /* */ (gcry_cipher_hd_t c, const unsigned char *abuf, size_t abuflen); |
750 | | gcry_err_code_t _gcry_cipher_gcm_siv_set_decryption_tag |
751 | | /* */ (gcry_cipher_hd_t c, const byte *tag, size_t taglen); |
752 | | gcry_err_code_t _gcry_cipher_gcm_siv_get_tag |
753 | | /* */ (gcry_cipher_hd_t c, |
754 | | unsigned char *outtag, size_t taglen); |
755 | | gcry_err_code_t _gcry_cipher_gcm_siv_check_tag |
756 | | /* */ (gcry_cipher_hd_t c, |
757 | | const unsigned char *intag, size_t taglen); |
758 | | gcry_err_code_t _gcry_cipher_gcm_siv_setkey |
759 | | /* */ (gcry_cipher_hd_t c, unsigned int keylen); |
760 | | |
761 | | |
762 | | /* Return the L-value for block N. Note: 'cipher_ocb.c' ensures that N |
763 | | * will never be multiple of 65536 (1 << OCB_L_TABLE_SIZE), thus N can |
764 | | * be directly passed to _gcry_ctz() function and resulting index will |
765 | | * never overflow the table. */ |
766 | | static inline const unsigned char * |
767 | | ocb_get_l (gcry_cipher_hd_t c, u64 n) |
768 | 0 | { |
769 | 0 | unsigned long ntz; |
770 | |
|
771 | 0 | #if ((defined(__i386__) || defined(__x86_64__)) && __GNUC__ >= 4) |
772 | | /* Assumes that N != 0. */ |
773 | 0 | asm ("rep;bsfl %k[low], %k[ntz]\n\t" |
774 | 0 | : [ntz] "=r" (ntz) |
775 | 0 | : [low] "r" ((unsigned long)n) |
776 | 0 | : "cc"); |
777 | | #else |
778 | | ntz = _gcry_ctz (n); |
779 | | #endif |
780 | |
|
781 | 0 | return c->u_mode.ocb.L[ntz]; |
782 | 0 | } Unexecuted instantiation: cipher.c:ocb_get_l Unexecuted instantiation: des.c:ocb_get_l Unexecuted instantiation: gost28147.c:ocb_get_l Unexecuted instantiation: idea.c:ocb_get_l Unexecuted instantiation: rfc2268.c:ocb_get_l Unexecuted instantiation: rijndael.c:ocb_get_l Unexecuted instantiation: salsa20.c:ocb_get_l Unexecuted instantiation: seed.c:ocb_get_l Unexecuted instantiation: serpent.c:ocb_get_l Unexecuted instantiation: sm4.c:ocb_get_l Unexecuted instantiation: twofish.c:ocb_get_l Unexecuted instantiation: arcfour.c:ocb_get_l Unexecuted instantiation: aria.c:ocb_get_l Unexecuted instantiation: blowfish.c:ocb_get_l Unexecuted instantiation: camellia-glue.c:ocb_get_l Unexecuted instantiation: cast5.c:ocb_get_l Unexecuted instantiation: chacha20.c:ocb_get_l Unexecuted instantiation: cipher-aeswrap.c:ocb_get_l Unexecuted instantiation: cipher-cbc.c:ocb_get_l Unexecuted instantiation: cipher-ccm.c:ocb_get_l Unexecuted instantiation: cipher-cfb.c:ocb_get_l Unexecuted instantiation: cipher-cmac.c:ocb_get_l Unexecuted instantiation: cipher-ctr.c:ocb_get_l Unexecuted instantiation: cipher-eax.c:ocb_get_l Unexecuted instantiation: cipher-gcm-siv.c:ocb_get_l Unexecuted instantiation: cipher-gcm.c:ocb_get_l Unexecuted instantiation: cipher-ocb.c:ocb_get_l Unexecuted instantiation: cipher-ofb.c:ocb_get_l Unexecuted instantiation: cipher-poly1305.c:ocb_get_l Unexecuted instantiation: cipher-siv.c:ocb_get_l Unexecuted instantiation: cipher-xts.c:ocb_get_l Unexecuted instantiation: rijndael-vaes.c:ocb_get_l |
783 | | |
784 | | |
785 | | /* Return bit-shift of blocksize. */ |
786 | | static inline unsigned int _gcry_blocksize_shift(gcry_cipher_hd_t c) |
787 | 25.5k | { |
788 | | /* Only blocksizes 8 and 16 are used. Return value in such way |
789 | | * that compiler can optimize calling functions based on this. */ |
790 | 25.5k | return c->spec->blocksize == 8 ? 3 : 4; |
791 | 25.5k | } Unexecuted instantiation: cipher.c:_gcry_blocksize_shift Unexecuted instantiation: des.c:_gcry_blocksize_shift Unexecuted instantiation: gost28147.c:_gcry_blocksize_shift Unexecuted instantiation: idea.c:_gcry_blocksize_shift Unexecuted instantiation: rfc2268.c:_gcry_blocksize_shift Unexecuted instantiation: rijndael.c:_gcry_blocksize_shift Unexecuted instantiation: salsa20.c:_gcry_blocksize_shift Unexecuted instantiation: seed.c:_gcry_blocksize_shift Unexecuted instantiation: serpent.c:_gcry_blocksize_shift Unexecuted instantiation: sm4.c:_gcry_blocksize_shift Unexecuted instantiation: twofish.c:_gcry_blocksize_shift Unexecuted instantiation: arcfour.c:_gcry_blocksize_shift Unexecuted instantiation: aria.c:_gcry_blocksize_shift Unexecuted instantiation: blowfish.c:_gcry_blocksize_shift Unexecuted instantiation: camellia-glue.c:_gcry_blocksize_shift Unexecuted instantiation: cast5.c:_gcry_blocksize_shift Unexecuted instantiation: chacha20.c:_gcry_blocksize_shift Unexecuted instantiation: cipher-aeswrap.c:_gcry_blocksize_shift cipher-cbc.c:_gcry_blocksize_shift Line | Count | Source | 787 | 38 | { | 788 | | /* Only blocksizes 8 and 16 are used. Return value in such way | 789 | | * that compiler can optimize calling functions based on this. */ | 790 | 38 | return c->spec->blocksize == 8 ? 3 : 4; | 791 | 38 | } |
Unexecuted instantiation: cipher-ccm.c:_gcry_blocksize_shift cipher-cfb.c:_gcry_blocksize_shift Line | Count | Source | 787 | 677 | { | 788 | | /* Only blocksizes 8 and 16 are used. Return value in such way | 789 | | * that compiler can optimize calling functions based on this. */ | 790 | 677 | return c->spec->blocksize == 8 ? 3 : 4; | 791 | 677 | } |
cipher-cmac.c:_gcry_blocksize_shift Line | Count | Source | 787 | 24.6k | { | 788 | | /* Only blocksizes 8 and 16 are used. Return value in such way | 789 | | * that compiler can optimize calling functions based on this. */ | 790 | 24.6k | return c->spec->blocksize == 8 ? 3 : 4; | 791 | 24.6k | } |
cipher-ctr.c:_gcry_blocksize_shift Line | Count | Source | 787 | 67 | { | 788 | | /* Only blocksizes 8 and 16 are used. Return value in such way | 789 | | * that compiler can optimize calling functions based on this. */ | 790 | 67 | return c->spec->blocksize == 8 ? 3 : 4; | 791 | 67 | } |
Unexecuted instantiation: cipher-eax.c:_gcry_blocksize_shift Unexecuted instantiation: cipher-gcm-siv.c:_gcry_blocksize_shift Unexecuted instantiation: cipher-gcm.c:_gcry_blocksize_shift Unexecuted instantiation: cipher-ocb.c:_gcry_blocksize_shift cipher-ofb.c:_gcry_blocksize_shift Line | Count | Source | 787 | 37 | { | 788 | | /* Only blocksizes 8 and 16 are used. Return value in such way | 789 | | * that compiler can optimize calling functions based on this. */ | 790 | 37 | return c->spec->blocksize == 8 ? 3 : 4; | 791 | 37 | } |
Unexecuted instantiation: cipher-poly1305.c:_gcry_blocksize_shift Unexecuted instantiation: cipher-siv.c:_gcry_blocksize_shift Unexecuted instantiation: cipher-xts.c:_gcry_blocksize_shift Unexecuted instantiation: rijndael-vaes.c:_gcry_blocksize_shift |
792 | | |
793 | | |
794 | | /* Optimized function for adding value to cipher block. */ |
795 | | static inline void |
796 | | cipher_block_add(void *_dstsrc, unsigned int add, size_t blocksize) |
797 | 161 | { |
798 | 161 | byte *dstsrc = _dstsrc; |
799 | 161 | u64 s[2]; |
800 | | |
801 | 161 | if (blocksize == 8) |
802 | 0 | { |
803 | 0 | buf_put_be64(dstsrc + 0, buf_get_be64(dstsrc + 0) + add); |
804 | 0 | } |
805 | 161 | else /* blocksize == 16 */ |
806 | 161 | { |
807 | 161 | s[0] = buf_get_be64(dstsrc + 8); |
808 | 161 | s[1] = buf_get_be64(dstsrc + 0); |
809 | 161 | s[0] += add; |
810 | 161 | s[1] += (s[0] < add); |
811 | 161 | buf_put_be64(dstsrc + 8, s[0]); |
812 | 161 | buf_put_be64(dstsrc + 0, s[1]); |
813 | 161 | } |
814 | 161 | } Unexecuted instantiation: cipher.c:cipher_block_add Unexecuted instantiation: des.c:cipher_block_add Unexecuted instantiation: gost28147.c:cipher_block_add Unexecuted instantiation: idea.c:cipher_block_add Unexecuted instantiation: rfc2268.c:cipher_block_add Unexecuted instantiation: rijndael.c:cipher_block_add Unexecuted instantiation: salsa20.c:cipher_block_add Unexecuted instantiation: seed.c:cipher_block_add Unexecuted instantiation: serpent.c:cipher_block_add Unexecuted instantiation: sm4.c:cipher_block_add Unexecuted instantiation: twofish.c:cipher_block_add Unexecuted instantiation: arcfour.c:cipher_block_add Line | Count | Source | 797 | 103 | { | 798 | 103 | byte *dstsrc = _dstsrc; | 799 | 103 | u64 s[2]; | 800 | | | 801 | 103 | if (blocksize == 8) | 802 | 0 | { | 803 | 0 | buf_put_be64(dstsrc + 0, buf_get_be64(dstsrc + 0) + add); | 804 | 0 | } | 805 | 103 | else /* blocksize == 16 */ | 806 | 103 | { | 807 | 103 | s[0] = buf_get_be64(dstsrc + 8); | 808 | 103 | s[1] = buf_get_be64(dstsrc + 0); | 809 | 103 | s[0] += add; | 810 | 103 | s[1] += (s[0] < add); | 811 | 103 | buf_put_be64(dstsrc + 8, s[0]); | 812 | 103 | buf_put_be64(dstsrc + 0, s[1]); | 813 | 103 | } | 814 | 103 | } |
Unexecuted instantiation: blowfish.c:cipher_block_add Unexecuted instantiation: camellia-glue.c:cipher_block_add Unexecuted instantiation: cast5.c:cipher_block_add Unexecuted instantiation: chacha20.c:cipher_block_add Unexecuted instantiation: cipher-aeswrap.c:cipher_block_add Unexecuted instantiation: cipher-cbc.c:cipher_block_add Unexecuted instantiation: cipher-ccm.c:cipher_block_add Unexecuted instantiation: cipher-cfb.c:cipher_block_add Unexecuted instantiation: cipher-cmac.c:cipher_block_add cipher-ctr.c:cipher_block_add Line | Count | Source | 797 | 58 | { | 798 | 58 | byte *dstsrc = _dstsrc; | 799 | 58 | u64 s[2]; | 800 | | | 801 | 58 | if (blocksize == 8) | 802 | 0 | { | 803 | 0 | buf_put_be64(dstsrc + 0, buf_get_be64(dstsrc + 0) + add); | 804 | 0 | } | 805 | 58 | else /* blocksize == 16 */ | 806 | 58 | { | 807 | 58 | s[0] = buf_get_be64(dstsrc + 8); | 808 | 58 | s[1] = buf_get_be64(dstsrc + 0); | 809 | 58 | s[0] += add; | 810 | 58 | s[1] += (s[0] < add); | 811 | 58 | buf_put_be64(dstsrc + 8, s[0]); | 812 | 58 | buf_put_be64(dstsrc + 0, s[1]); | 813 | 58 | } | 814 | 58 | } |
Unexecuted instantiation: cipher-eax.c:cipher_block_add Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_add Unexecuted instantiation: cipher-gcm.c:cipher_block_add Unexecuted instantiation: cipher-ocb.c:cipher_block_add Unexecuted instantiation: cipher-ofb.c:cipher_block_add Unexecuted instantiation: cipher-poly1305.c:cipher_block_add Unexecuted instantiation: cipher-siv.c:cipher_block_add Unexecuted instantiation: cipher-xts.c:cipher_block_add Unexecuted instantiation: rijndael-vaes.c:cipher_block_add |
815 | | |
816 | | |
817 | | /* Optimized function for cipher block copying */ |
818 | | static inline void |
819 | | cipher_block_cpy(void *_dst, const void *_src, size_t blocksize) |
820 | 479 | { |
821 | 479 | byte *dst = _dst; |
822 | 479 | const byte *src = _src; |
823 | 479 | u64 s[2]; |
824 | | |
825 | 479 | if (blocksize == 8) |
826 | 168 | { |
827 | 168 | buf_put_he64(dst + 0, buf_get_he64(src + 0)); |
828 | 168 | } |
829 | 311 | else /* blocksize == 16 */ |
830 | 311 | { |
831 | 311 | s[0] = buf_get_he64(src + 0); |
832 | 311 | s[1] = buf_get_he64(src + 8); |
833 | 311 | buf_put_he64(dst + 0, s[0]); |
834 | 311 | buf_put_he64(dst + 8, s[1]); |
835 | 311 | } |
836 | 479 | } Unexecuted instantiation: cipher.c:cipher_block_cpy Unexecuted instantiation: des.c:cipher_block_cpy Unexecuted instantiation: gost28147.c:cipher_block_cpy Unexecuted instantiation: idea.c:cipher_block_cpy Unexecuted instantiation: rfc2268.c:cipher_block_cpy Unexecuted instantiation: rijndael.c:cipher_block_cpy Unexecuted instantiation: salsa20.c:cipher_block_cpy Unexecuted instantiation: seed.c:cipher_block_cpy Unexecuted instantiation: serpent.c:cipher_block_cpy Unexecuted instantiation: sm4.c:cipher_block_cpy Unexecuted instantiation: twofish.c:cipher_block_cpy Unexecuted instantiation: arcfour.c:cipher_block_cpy Line | Count | Source | 820 | 148 | { | 821 | 148 | byte *dst = _dst; | 822 | 148 | const byte *src = _src; | 823 | 148 | u64 s[2]; | 824 | | | 825 | 148 | if (blocksize == 8) | 826 | 0 | { | 827 | 0 | buf_put_he64(dst + 0, buf_get_he64(src + 0)); | 828 | 0 | } | 829 | 148 | else /* blocksize == 16 */ | 830 | 148 | { | 831 | 148 | s[0] = buf_get_he64(src + 0); | 832 | 148 | s[1] = buf_get_he64(src + 8); | 833 | 148 | buf_put_he64(dst + 0, s[0]); | 834 | 148 | buf_put_he64(dst + 8, s[1]); | 835 | 148 | } | 836 | 148 | } |
Unexecuted instantiation: blowfish.c:cipher_block_cpy camellia-glue.c:cipher_block_cpy Line | Count | Source | 820 | 2 | { | 821 | 2 | byte *dst = _dst; | 822 | 2 | const byte *src = _src; | 823 | 2 | u64 s[2]; | 824 | | | 825 | 2 | if (blocksize == 8) | 826 | 0 | { | 827 | 0 | buf_put_he64(dst + 0, buf_get_he64(src + 0)); | 828 | 0 | } | 829 | 2 | else /* blocksize == 16 */ | 830 | 2 | { | 831 | 2 | s[0] = buf_get_he64(src + 0); | 832 | 2 | s[1] = buf_get_he64(src + 8); | 833 | 2 | buf_put_he64(dst + 0, s[0]); | 834 | 2 | buf_put_he64(dst + 8, s[1]); | 835 | 2 | } | 836 | 2 | } |
Unexecuted instantiation: cast5.c:cipher_block_cpy Unexecuted instantiation: chacha20.c:cipher_block_cpy Unexecuted instantiation: cipher-aeswrap.c:cipher_block_cpy cipher-cbc.c:cipher_block_cpy Line | Count | Source | 820 | 11 | { | 821 | 11 | byte *dst = _dst; | 822 | 11 | const byte *src = _src; | 823 | 11 | u64 s[2]; | 824 | | | 825 | 11 | if (blocksize == 8) | 826 | 1 | { | 827 | 1 | buf_put_he64(dst + 0, buf_get_he64(src + 0)); | 828 | 1 | } | 829 | 10 | else /* blocksize == 16 */ | 830 | 10 | { | 831 | 10 | s[0] = buf_get_he64(src + 0); | 832 | 10 | s[1] = buf_get_he64(src + 8); | 833 | 10 | buf_put_he64(dst + 0, s[0]); | 834 | 10 | buf_put_he64(dst + 8, s[1]); | 835 | 10 | } | 836 | 11 | } |
Unexecuted instantiation: cipher-ccm.c:cipher_block_cpy cipher-cfb.c:cipher_block_cpy Line | Count | Source | 820 | 318 | { | 821 | 318 | byte *dst = _dst; | 822 | 318 | const byte *src = _src; | 823 | 318 | u64 s[2]; | 824 | | | 825 | 318 | if (blocksize == 8) | 826 | 167 | { | 827 | 167 | buf_put_he64(dst + 0, buf_get_he64(src + 0)); | 828 | 167 | } | 829 | 151 | else /* blocksize == 16 */ | 830 | 151 | { | 831 | 151 | s[0] = buf_get_he64(src + 0); | 832 | 151 | s[1] = buf_get_he64(src + 8); | 833 | 151 | buf_put_he64(dst + 0, s[0]); | 834 | 151 | buf_put_he64(dst + 8, s[1]); | 835 | 151 | } | 836 | 318 | } |
Unexecuted instantiation: cipher-cmac.c:cipher_block_cpy Unexecuted instantiation: cipher-ctr.c:cipher_block_cpy Unexecuted instantiation: cipher-eax.c:cipher_block_cpy Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_cpy Unexecuted instantiation: cipher-gcm.c:cipher_block_cpy Unexecuted instantiation: cipher-ocb.c:cipher_block_cpy Unexecuted instantiation: cipher-ofb.c:cipher_block_cpy Unexecuted instantiation: cipher-poly1305.c:cipher_block_cpy Unexecuted instantiation: cipher-siv.c:cipher_block_cpy Unexecuted instantiation: cipher-xts.c:cipher_block_cpy Unexecuted instantiation: rijndael-vaes.c:cipher_block_cpy |
837 | | |
838 | | |
839 | | /* Optimized function for cipher block xoring */ |
840 | | static inline void |
841 | | cipher_block_xor(void *_dst, const void *_src1, const void *_src2, |
842 | | size_t blocksize) |
843 | 59.0k | { |
844 | 59.0k | byte *dst = _dst; |
845 | 59.0k | const byte *src1 = _src1; |
846 | 59.0k | const byte *src2 = _src2; |
847 | 59.0k | u64 s1[2]; |
848 | 59.0k | u64 s2[2]; |
849 | | |
850 | 59.0k | if (blocksize == 8) |
851 | 33.5k | { |
852 | 33.5k | buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0)); |
853 | 33.5k | } |
854 | 25.4k | else /* blocksize == 16 */ |
855 | 25.4k | { |
856 | 25.4k | s1[0] = buf_get_he64(src1 + 0); |
857 | 25.4k | s1[1] = buf_get_he64(src1 + 8); |
858 | 25.4k | s2[0] = buf_get_he64(src2 + 0); |
859 | 25.4k | s2[1] = buf_get_he64(src2 + 8); |
860 | 25.4k | buf_put_he64(dst + 0, s1[0] ^ s2[0]); |
861 | 25.4k | buf_put_he64(dst + 8, s1[1] ^ s2[1]); |
862 | 25.4k | } |
863 | 59.0k | } Unexecuted instantiation: cipher.c:cipher_block_xor Unexecuted instantiation: des.c:cipher_block_xor Unexecuted instantiation: gost28147.c:cipher_block_xor Unexecuted instantiation: idea.c:cipher_block_xor Unexecuted instantiation: rfc2268.c:cipher_block_xor Unexecuted instantiation: rijndael.c:cipher_block_xor Unexecuted instantiation: salsa20.c:cipher_block_xor Unexecuted instantiation: seed.c:cipher_block_xor Unexecuted instantiation: serpent.c:cipher_block_xor Unexecuted instantiation: sm4.c:cipher_block_xor Unexecuted instantiation: twofish.c:cipher_block_xor Unexecuted instantiation: arcfour.c:cipher_block_xor Line | Count | Source | 843 | 6.21k | { | 844 | 6.21k | byte *dst = _dst; | 845 | 6.21k | const byte *src1 = _src1; | 846 | 6.21k | const byte *src2 = _src2; | 847 | 6.21k | u64 s1[2]; | 848 | 6.21k | u64 s2[2]; | 849 | | | 850 | 6.21k | if (blocksize == 8) | 851 | 0 | { | 852 | 0 | buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0)); | 853 | 0 | } | 854 | 6.21k | else /* blocksize == 16 */ | 855 | 6.21k | { | 856 | 6.21k | s1[0] = buf_get_he64(src1 + 0); | 857 | 6.21k | s1[1] = buf_get_he64(src1 + 8); | 858 | 6.21k | s2[0] = buf_get_he64(src2 + 0); | 859 | 6.21k | s2[1] = buf_get_he64(src2 + 8); | 860 | 6.21k | buf_put_he64(dst + 0, s1[0] ^ s2[0]); | 861 | 6.21k | buf_put_he64(dst + 8, s1[1] ^ s2[1]); | 862 | 6.21k | } | 863 | 6.21k | } |
Unexecuted instantiation: blowfish.c:cipher_block_xor camellia-glue.c:cipher_block_xor Line | Count | Source | 843 | 4 | { | 844 | 4 | byte *dst = _dst; | 845 | 4 | const byte *src1 = _src1; | 846 | 4 | const byte *src2 = _src2; | 847 | 4 | u64 s1[2]; | 848 | 4 | u64 s2[2]; | 849 | | | 850 | 4 | if (blocksize == 8) | 851 | 0 | { | 852 | 0 | buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0)); | 853 | 0 | } | 854 | 4 | else /* blocksize == 16 */ | 855 | 4 | { | 856 | 4 | s1[0] = buf_get_he64(src1 + 0); | 857 | 4 | s1[1] = buf_get_he64(src1 + 8); | 858 | 4 | s2[0] = buf_get_he64(src2 + 0); | 859 | 4 | s2[1] = buf_get_he64(src2 + 8); | 860 | 4 | buf_put_he64(dst + 0, s1[0] ^ s2[0]); | 861 | 4 | buf_put_he64(dst + 8, s1[1] ^ s2[1]); | 862 | 4 | } | 863 | 4 | } |
Unexecuted instantiation: cast5.c:cipher_block_xor Unexecuted instantiation: chacha20.c:cipher_block_xor Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor cipher-cbc.c:cipher_block_xor Line | Count | Source | 843 | 12 | { | 844 | 12 | byte *dst = _dst; | 845 | 12 | const byte *src1 = _src1; | 846 | 12 | const byte *src2 = _src2; | 847 | 12 | u64 s1[2]; | 848 | 12 | u64 s2[2]; | 849 | | | 850 | 12 | if (blocksize == 8) | 851 | 2 | { | 852 | 2 | buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0)); | 853 | 2 | } | 854 | 10 | else /* blocksize == 16 */ | 855 | 10 | { | 856 | 10 | s1[0] = buf_get_he64(src1 + 0); | 857 | 10 | s1[1] = buf_get_he64(src1 + 8); | 858 | 10 | s2[0] = buf_get_he64(src2 + 0); | 859 | 10 | s2[1] = buf_get_he64(src2 + 8); | 860 | 10 | buf_put_he64(dst + 0, s1[0] ^ s2[0]); | 861 | 10 | buf_put_he64(dst + 8, s1[1] ^ s2[1]); | 862 | 10 | } | 863 | 12 | } |
Unexecuted instantiation: cipher-ccm.c:cipher_block_xor Unexecuted instantiation: cipher-cfb.c:cipher_block_xor cipher-cmac.c:cipher_block_xor Line | Count | Source | 843 | 52.6k | { | 844 | 52.6k | byte *dst = _dst; | 845 | 52.6k | const byte *src1 = _src1; | 846 | 52.6k | const byte *src2 = _src2; | 847 | 52.6k | u64 s1[2]; | 848 | 52.6k | u64 s2[2]; | 849 | | | 850 | 52.6k | if (blocksize == 8) | 851 | 33.5k | { | 852 | 33.5k | buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0)); | 853 | 33.5k | } | 854 | 19.1k | else /* blocksize == 16 */ | 855 | 19.1k | { | 856 | 19.1k | s1[0] = buf_get_he64(src1 + 0); | 857 | 19.1k | s1[1] = buf_get_he64(src1 + 8); | 858 | 19.1k | s2[0] = buf_get_he64(src2 + 0); | 859 | 19.1k | s2[1] = buf_get_he64(src2 + 8); | 860 | 19.1k | buf_put_he64(dst + 0, s1[0] ^ s2[0]); | 861 | 19.1k | buf_put_he64(dst + 8, s1[1] ^ s2[1]); | 862 | 19.1k | } | 863 | 52.6k | } |
Unexecuted instantiation: cipher-ctr.c:cipher_block_xor Unexecuted instantiation: cipher-eax.c:cipher_block_xor Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor Unexecuted instantiation: cipher-gcm.c:cipher_block_xor Unexecuted instantiation: cipher-ocb.c:cipher_block_xor cipher-ofb.c:cipher_block_xor Line | Count | Source | 843 | 131 | { | 844 | 131 | byte *dst = _dst; | 845 | 131 | const byte *src1 = _src1; | 846 | 131 | const byte *src2 = _src2; | 847 | 131 | u64 s1[2]; | 848 | 131 | u64 s2[2]; | 849 | | | 850 | 131 | if (blocksize == 8) | 851 | 44 | { | 852 | 44 | buf_put_he64(dst + 0, buf_get_he64(src1 + 0) ^ buf_get_he64(src2 + 0)); | 853 | 44 | } | 854 | 87 | else /* blocksize == 16 */ | 855 | 87 | { | 856 | 87 | s1[0] = buf_get_he64(src1 + 0); | 857 | 87 | s1[1] = buf_get_he64(src1 + 8); | 858 | 87 | s2[0] = buf_get_he64(src2 + 0); | 859 | 87 | s2[1] = buf_get_he64(src2 + 8); | 860 | 87 | buf_put_he64(dst + 0, s1[0] ^ s2[0]); | 861 | 87 | buf_put_he64(dst + 8, s1[1] ^ s2[1]); | 862 | 87 | } | 863 | 131 | } |
Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor Unexecuted instantiation: cipher-siv.c:cipher_block_xor Unexecuted instantiation: cipher-xts.c:cipher_block_xor Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor |
864 | | |
865 | | |
866 | | /* Optimized function for in-place cipher block xoring */ |
867 | | static inline void |
868 | | cipher_block_xor_1(void *_dst, const void *_src, size_t blocksize) |
869 | 0 | { |
870 | 0 | cipher_block_xor (_dst, _dst, _src, blocksize); |
871 | 0 | } Unexecuted instantiation: cipher.c:cipher_block_xor_1 Unexecuted instantiation: des.c:cipher_block_xor_1 Unexecuted instantiation: gost28147.c:cipher_block_xor_1 Unexecuted instantiation: idea.c:cipher_block_xor_1 Unexecuted instantiation: rfc2268.c:cipher_block_xor_1 Unexecuted instantiation: rijndael.c:cipher_block_xor_1 Unexecuted instantiation: salsa20.c:cipher_block_xor_1 Unexecuted instantiation: seed.c:cipher_block_xor_1 Unexecuted instantiation: serpent.c:cipher_block_xor_1 Unexecuted instantiation: sm4.c:cipher_block_xor_1 Unexecuted instantiation: twofish.c:cipher_block_xor_1 Unexecuted instantiation: arcfour.c:cipher_block_xor_1 Unexecuted instantiation: aria.c:cipher_block_xor_1 Unexecuted instantiation: blowfish.c:cipher_block_xor_1 Unexecuted instantiation: camellia-glue.c:cipher_block_xor_1 Unexecuted instantiation: cast5.c:cipher_block_xor_1 Unexecuted instantiation: chacha20.c:cipher_block_xor_1 Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor_1 Unexecuted instantiation: cipher-cbc.c:cipher_block_xor_1 Unexecuted instantiation: cipher-ccm.c:cipher_block_xor_1 Unexecuted instantiation: cipher-cfb.c:cipher_block_xor_1 Unexecuted instantiation: cipher-cmac.c:cipher_block_xor_1 Unexecuted instantiation: cipher-ctr.c:cipher_block_xor_1 Unexecuted instantiation: cipher-eax.c:cipher_block_xor_1 Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor_1 Unexecuted instantiation: cipher-gcm.c:cipher_block_xor_1 Unexecuted instantiation: cipher-ocb.c:cipher_block_xor_1 Unexecuted instantiation: cipher-ofb.c:cipher_block_xor_1 Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor_1 Unexecuted instantiation: cipher-siv.c:cipher_block_xor_1 Unexecuted instantiation: cipher-xts.c:cipher_block_xor_1 Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor_1 |
872 | | |
873 | | |
874 | | /* Optimized function for cipher block xoring with two destination cipher |
875 | | blocks. Used mainly by CFB mode encryption. */ |
876 | | static inline void |
877 | | cipher_block_xor_2dst(void *_dst1, void *_dst2, const void *_src, |
878 | | size_t blocksize) |
879 | 4 | { |
880 | 4 | byte *dst1 = _dst1; |
881 | 4 | byte *dst2 = _dst2; |
882 | 4 | const byte *src = _src; |
883 | 4 | u64 d2[2]; |
884 | 4 | u64 s[2]; |
885 | | |
886 | 4 | if (blocksize == 8) |
887 | 0 | { |
888 | 0 | d2[0] = buf_get_he64(dst2 + 0) ^ buf_get_he64(src + 0); |
889 | 0 | buf_put_he64(dst2 + 0, d2[0]); |
890 | 0 | buf_put_he64(dst1 + 0, d2[0]); |
891 | 0 | } |
892 | 4 | else /* blocksize == 16 */ |
893 | 4 | { |
894 | 4 | s[0] = buf_get_he64(src + 0); |
895 | 4 | s[1] = buf_get_he64(src + 8); |
896 | 4 | d2[0] = buf_get_he64(dst2 + 0); |
897 | 4 | d2[1] = buf_get_he64(dst2 + 8); |
898 | 4 | d2[0] = d2[0] ^ s[0]; |
899 | 4 | d2[1] = d2[1] ^ s[1]; |
900 | 4 | buf_put_he64(dst2 + 0, d2[0]); |
901 | 4 | buf_put_he64(dst2 + 8, d2[1]); |
902 | 4 | buf_put_he64(dst1 + 0, d2[0]); |
903 | 4 | buf_put_he64(dst1 + 8, d2[1]); |
904 | 4 | } |
905 | 4 | } Unexecuted instantiation: cipher.c:cipher_block_xor_2dst Unexecuted instantiation: des.c:cipher_block_xor_2dst Unexecuted instantiation: gost28147.c:cipher_block_xor_2dst Unexecuted instantiation: idea.c:cipher_block_xor_2dst Unexecuted instantiation: rfc2268.c:cipher_block_xor_2dst Unexecuted instantiation: rijndael.c:cipher_block_xor_2dst Unexecuted instantiation: salsa20.c:cipher_block_xor_2dst Unexecuted instantiation: seed.c:cipher_block_xor_2dst Unexecuted instantiation: serpent.c:cipher_block_xor_2dst Unexecuted instantiation: sm4.c:cipher_block_xor_2dst Unexecuted instantiation: twofish.c:cipher_block_xor_2dst Unexecuted instantiation: arcfour.c:cipher_block_xor_2dst Unexecuted instantiation: aria.c:cipher_block_xor_2dst Unexecuted instantiation: blowfish.c:cipher_block_xor_2dst Unexecuted instantiation: camellia-glue.c:cipher_block_xor_2dst Unexecuted instantiation: cast5.c:cipher_block_xor_2dst Unexecuted instantiation: chacha20.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-cbc.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-ccm.c:cipher_block_xor_2dst cipher-cfb.c:cipher_block_xor_2dst Line | Count | Source | 879 | 4 | { | 880 | 4 | byte *dst1 = _dst1; | 881 | 4 | byte *dst2 = _dst2; | 882 | 4 | const byte *src = _src; | 883 | 4 | u64 d2[2]; | 884 | 4 | u64 s[2]; | 885 | | | 886 | 4 | if (blocksize == 8) | 887 | 0 | { | 888 | 0 | d2[0] = buf_get_he64(dst2 + 0) ^ buf_get_he64(src + 0); | 889 | 0 | buf_put_he64(dst2 + 0, d2[0]); | 890 | 0 | buf_put_he64(dst1 + 0, d2[0]); | 891 | 0 | } | 892 | 4 | else /* blocksize == 16 */ | 893 | 4 | { | 894 | 4 | s[0] = buf_get_he64(src + 0); | 895 | 4 | s[1] = buf_get_he64(src + 8); | 896 | 4 | d2[0] = buf_get_he64(dst2 + 0); | 897 | 4 | d2[1] = buf_get_he64(dst2 + 8); | 898 | 4 | d2[0] = d2[0] ^ s[0]; | 899 | 4 | d2[1] = d2[1] ^ s[1]; | 900 | 4 | buf_put_he64(dst2 + 0, d2[0]); | 901 | 4 | buf_put_he64(dst2 + 8, d2[1]); | 902 | 4 | buf_put_he64(dst1 + 0, d2[0]); | 903 | 4 | buf_put_he64(dst1 + 8, d2[1]); | 904 | 4 | } | 905 | 4 | } |
Unexecuted instantiation: cipher-cmac.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-ctr.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-eax.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-gcm.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-ocb.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-ofb.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-siv.c:cipher_block_xor_2dst Unexecuted instantiation: cipher-xts.c:cipher_block_xor_2dst Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor_2dst |
906 | | |
907 | | |
908 | | /* Optimized function for combined cipher block xoring and copying. |
909 | | Used by mainly CBC mode decryption. */ |
910 | | static inline void |
911 | | cipher_block_xor_n_copy_2(void *_dst_xor, const void *_src_xor, |
912 | | void *_srcdst_cpy, const void *_src_cpy, |
913 | | size_t blocksize) |
914 | 230 | { |
915 | 230 | byte *dst_xor = _dst_xor; |
916 | 230 | byte *srcdst_cpy = _srcdst_cpy; |
917 | 230 | const byte *src_xor = _src_xor; |
918 | 230 | const byte *src_cpy = _src_cpy; |
919 | 230 | u64 sc[2]; |
920 | 230 | u64 sx[2]; |
921 | 230 | u64 sdc[2]; |
922 | | |
923 | 230 | if (blocksize == 8) |
924 | 219 | { |
925 | 219 | sc[0] = buf_get_he64(src_cpy + 0); |
926 | 219 | buf_put_he64(dst_xor + 0, |
927 | 219 | buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0)); |
928 | 219 | buf_put_he64(srcdst_cpy + 0, sc[0]); |
929 | 219 | } |
930 | 11 | else /* blocksize == 16 */ |
931 | 11 | { |
932 | 11 | sc[0] = buf_get_he64(src_cpy + 0); |
933 | 11 | sc[1] = buf_get_he64(src_cpy + 8); |
934 | 11 | sx[0] = buf_get_he64(src_xor + 0); |
935 | 11 | sx[1] = buf_get_he64(src_xor + 8); |
936 | 11 | sdc[0] = buf_get_he64(srcdst_cpy + 0); |
937 | 11 | sdc[1] = buf_get_he64(srcdst_cpy + 8); |
938 | 11 | sx[0] ^= sdc[0]; |
939 | 11 | sx[1] ^= sdc[1]; |
940 | 11 | buf_put_he64(dst_xor + 0, sx[0]); |
941 | 11 | buf_put_he64(dst_xor + 8, sx[1]); |
942 | 11 | buf_put_he64(srcdst_cpy + 0, sc[0]); |
943 | 11 | buf_put_he64(srcdst_cpy + 8, sc[1]); |
944 | 11 | } |
945 | 230 | } Unexecuted instantiation: cipher.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: des.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: gost28147.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: idea.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: rfc2268.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: rijndael.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: salsa20.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: seed.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: serpent.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: sm4.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: twofish.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: arcfour.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: aria.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: blowfish.c:cipher_block_xor_n_copy_2 camellia-glue.c:cipher_block_xor_n_copy_2 Line | Count | Source | 914 | 10 | { | 915 | 10 | byte *dst_xor = _dst_xor; | 916 | 10 | byte *srcdst_cpy = _srcdst_cpy; | 917 | 10 | const byte *src_xor = _src_xor; | 918 | 10 | const byte *src_cpy = _src_cpy; | 919 | 10 | u64 sc[2]; | 920 | 10 | u64 sx[2]; | 921 | 10 | u64 sdc[2]; | 922 | | | 923 | 10 | if (blocksize == 8) | 924 | 0 | { | 925 | 0 | sc[0] = buf_get_he64(src_cpy + 0); | 926 | 0 | buf_put_he64(dst_xor + 0, | 927 | 0 | buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0)); | 928 | 0 | buf_put_he64(srcdst_cpy + 0, sc[0]); | 929 | 0 | } | 930 | 10 | else /* blocksize == 16 */ | 931 | 10 | { | 932 | 10 | sc[0] = buf_get_he64(src_cpy + 0); | 933 | 10 | sc[1] = buf_get_he64(src_cpy + 8); | 934 | 10 | sx[0] = buf_get_he64(src_xor + 0); | 935 | 10 | sx[1] = buf_get_he64(src_xor + 8); | 936 | 10 | sdc[0] = buf_get_he64(srcdst_cpy + 0); | 937 | 10 | sdc[1] = buf_get_he64(srcdst_cpy + 8); | 938 | 10 | sx[0] ^= sdc[0]; | 939 | 10 | sx[1] ^= sdc[1]; | 940 | 10 | buf_put_he64(dst_xor + 0, sx[0]); | 941 | 10 | buf_put_he64(dst_xor + 8, sx[1]); | 942 | 10 | buf_put_he64(srcdst_cpy + 0, sc[0]); | 943 | 10 | buf_put_he64(srcdst_cpy + 8, sc[1]); | 944 | 10 | } | 945 | 10 | } |
cast5.c:cipher_block_xor_n_copy_2 Line | Count | Source | 914 | 171 | { | 915 | 171 | byte *dst_xor = _dst_xor; | 916 | 171 | byte *srcdst_cpy = _srcdst_cpy; | 917 | 171 | const byte *src_xor = _src_xor; | 918 | 171 | const byte *src_cpy = _src_cpy; | 919 | 171 | u64 sc[2]; | 920 | 171 | u64 sx[2]; | 921 | 171 | u64 sdc[2]; | 922 | | | 923 | 171 | if (blocksize == 8) | 924 | 171 | { | 925 | 171 | sc[0] = buf_get_he64(src_cpy + 0); | 926 | 171 | buf_put_he64(dst_xor + 0, | 927 | 171 | buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0)); | 928 | 171 | buf_put_he64(srcdst_cpy + 0, sc[0]); | 929 | 171 | } | 930 | 0 | else /* blocksize == 16 */ | 931 | 0 | { | 932 | 0 | sc[0] = buf_get_he64(src_cpy + 0); | 933 | 0 | sc[1] = buf_get_he64(src_cpy + 8); | 934 | 0 | sx[0] = buf_get_he64(src_xor + 0); | 935 | 0 | sx[1] = buf_get_he64(src_xor + 8); | 936 | 0 | sdc[0] = buf_get_he64(srcdst_cpy + 0); | 937 | 0 | sdc[1] = buf_get_he64(srcdst_cpy + 8); | 938 | 0 | sx[0] ^= sdc[0]; | 939 | 0 | sx[1] ^= sdc[1]; | 940 | 0 | buf_put_he64(dst_xor + 0, sx[0]); | 941 | 0 | buf_put_he64(dst_xor + 8, sx[1]); | 942 | 0 | buf_put_he64(srcdst_cpy + 0, sc[0]); | 943 | 0 | buf_put_he64(srcdst_cpy + 8, sc[1]); | 944 | 0 | } | 945 | 171 | } |
Unexecuted instantiation: chacha20.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor_n_copy_2 cipher-cbc.c:cipher_block_xor_n_copy_2 Line | Count | Source | 914 | 20 | { | 915 | 20 | byte *dst_xor = _dst_xor; | 916 | 20 | byte *srcdst_cpy = _srcdst_cpy; | 917 | 20 | const byte *src_xor = _src_xor; | 918 | 20 | const byte *src_cpy = _src_cpy; | 919 | 20 | u64 sc[2]; | 920 | 20 | u64 sx[2]; | 921 | 20 | u64 sdc[2]; | 922 | | | 923 | 20 | if (blocksize == 8) | 924 | 20 | { | 925 | 20 | sc[0] = buf_get_he64(src_cpy + 0); | 926 | 20 | buf_put_he64(dst_xor + 0, | 927 | 20 | buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0)); | 928 | 20 | buf_put_he64(srcdst_cpy + 0, sc[0]); | 929 | 20 | } | 930 | 0 | else /* blocksize == 16 */ | 931 | 0 | { | 932 | 0 | sc[0] = buf_get_he64(src_cpy + 0); | 933 | 0 | sc[1] = buf_get_he64(src_cpy + 8); | 934 | 0 | sx[0] = buf_get_he64(src_xor + 0); | 935 | 0 | sx[1] = buf_get_he64(src_xor + 8); | 936 | 0 | sdc[0] = buf_get_he64(srcdst_cpy + 0); | 937 | 0 | sdc[1] = buf_get_he64(srcdst_cpy + 8); | 938 | 0 | sx[0] ^= sdc[0]; | 939 | 0 | sx[1] ^= sdc[1]; | 940 | 0 | buf_put_he64(dst_xor + 0, sx[0]); | 941 | 0 | buf_put_he64(dst_xor + 8, sx[1]); | 942 | 0 | buf_put_he64(srcdst_cpy + 0, sc[0]); | 943 | 0 | buf_put_he64(srcdst_cpy + 8, sc[1]); | 944 | 0 | } | 945 | 20 | } |
Unexecuted instantiation: cipher-ccm.c:cipher_block_xor_n_copy_2 cipher-cfb.c:cipher_block_xor_n_copy_2 Line | Count | Source | 914 | 29 | { | 915 | 29 | byte *dst_xor = _dst_xor; | 916 | 29 | byte *srcdst_cpy = _srcdst_cpy; | 917 | 29 | const byte *src_xor = _src_xor; | 918 | 29 | const byte *src_cpy = _src_cpy; | 919 | 29 | u64 sc[2]; | 920 | 29 | u64 sx[2]; | 921 | 29 | u64 sdc[2]; | 922 | | | 923 | 29 | if (blocksize == 8) | 924 | 28 | { | 925 | 28 | sc[0] = buf_get_he64(src_cpy + 0); | 926 | 28 | buf_put_he64(dst_xor + 0, | 927 | 28 | buf_get_he64(srcdst_cpy + 0) ^ buf_get_he64(src_xor + 0)); | 928 | 28 | buf_put_he64(srcdst_cpy + 0, sc[0]); | 929 | 28 | } | 930 | 1 | else /* blocksize == 16 */ | 931 | 1 | { | 932 | 1 | sc[0] = buf_get_he64(src_cpy + 0); | 933 | 1 | sc[1] = buf_get_he64(src_cpy + 8); | 934 | 1 | sx[0] = buf_get_he64(src_xor + 0); | 935 | 1 | sx[1] = buf_get_he64(src_xor + 8); | 936 | 1 | sdc[0] = buf_get_he64(srcdst_cpy + 0); | 937 | 1 | sdc[1] = buf_get_he64(srcdst_cpy + 8); | 938 | 1 | sx[0] ^= sdc[0]; | 939 | 1 | sx[1] ^= sdc[1]; | 940 | 1 | buf_put_he64(dst_xor + 0, sx[0]); | 941 | 1 | buf_put_he64(dst_xor + 8, sx[1]); | 942 | 1 | buf_put_he64(srcdst_cpy + 0, sc[0]); | 943 | 1 | buf_put_he64(srcdst_cpy + 8, sc[1]); | 944 | 1 | } | 945 | 29 | } |
Unexecuted instantiation: cipher-cmac.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-ctr.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-eax.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-gcm.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-ocb.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-ofb.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-siv.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: cipher-xts.c:cipher_block_xor_n_copy_2 Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor_n_copy_2 |
946 | | |
947 | | |
948 | | /* Optimized function for combined cipher block byte-swapping. */ |
949 | | static inline void |
950 | | cipher_block_bswap (void *_dst_bswap, const void *_src_bswap, |
951 | | size_t blocksize) |
952 | 0 | { |
953 | 0 | byte *dst_bswap = _dst_bswap; |
954 | 0 | const byte *src_bswap = _src_bswap; |
955 | 0 | u64 t[2]; |
956 | |
|
957 | 0 | if (blocksize == 8) |
958 | 0 | { |
959 | 0 | buf_put_le64(dst_bswap, buf_get_be64(src_bswap)); |
960 | 0 | } |
961 | 0 | else |
962 | 0 | { |
963 | 0 | t[0] = buf_get_be64(src_bswap + 0); |
964 | 0 | t[1] = buf_get_be64(src_bswap + 8); |
965 | 0 | buf_put_le64(dst_bswap + 8, t[0]); |
966 | 0 | buf_put_le64(dst_bswap + 0, t[1]); |
967 | 0 | } |
968 | 0 | } Unexecuted instantiation: cipher.c:cipher_block_bswap Unexecuted instantiation: des.c:cipher_block_bswap Unexecuted instantiation: gost28147.c:cipher_block_bswap Unexecuted instantiation: idea.c:cipher_block_bswap Unexecuted instantiation: rfc2268.c:cipher_block_bswap Unexecuted instantiation: rijndael.c:cipher_block_bswap Unexecuted instantiation: salsa20.c:cipher_block_bswap Unexecuted instantiation: seed.c:cipher_block_bswap Unexecuted instantiation: serpent.c:cipher_block_bswap Unexecuted instantiation: sm4.c:cipher_block_bswap Unexecuted instantiation: twofish.c:cipher_block_bswap Unexecuted instantiation: arcfour.c:cipher_block_bswap Unexecuted instantiation: aria.c:cipher_block_bswap Unexecuted instantiation: blowfish.c:cipher_block_bswap Unexecuted instantiation: camellia-glue.c:cipher_block_bswap Unexecuted instantiation: cast5.c:cipher_block_bswap Unexecuted instantiation: chacha20.c:cipher_block_bswap Unexecuted instantiation: cipher-aeswrap.c:cipher_block_bswap Unexecuted instantiation: cipher-cbc.c:cipher_block_bswap Unexecuted instantiation: cipher-ccm.c:cipher_block_bswap Unexecuted instantiation: cipher-cfb.c:cipher_block_bswap Unexecuted instantiation: cipher-cmac.c:cipher_block_bswap Unexecuted instantiation: cipher-ctr.c:cipher_block_bswap Unexecuted instantiation: cipher-eax.c:cipher_block_bswap Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_bswap Unexecuted instantiation: cipher-gcm.c:cipher_block_bswap Unexecuted instantiation: cipher-ocb.c:cipher_block_bswap Unexecuted instantiation: cipher-ofb.c:cipher_block_bswap Unexecuted instantiation: cipher-poly1305.c:cipher_block_bswap Unexecuted instantiation: cipher-siv.c:cipher_block_bswap Unexecuted instantiation: cipher-xts.c:cipher_block_bswap Unexecuted instantiation: rijndael-vaes.c:cipher_block_bswap |
969 | | |
970 | | |
971 | | /* Optimized function for combined cipher block xoring and copying. |
972 | | Used by mainly CFB mode decryption. */ |
973 | | static inline void |
974 | | cipher_block_xor_n_copy(void *_dst_xor, void *_srcdst_cpy, const void *_src, |
975 | | size_t blocksize) |
976 | 200 | { |
977 | 200 | cipher_block_xor_n_copy_2(_dst_xor, _src, _srcdst_cpy, _src, blocksize); |
978 | 200 | } Unexecuted instantiation: cipher.c:cipher_block_xor_n_copy Unexecuted instantiation: des.c:cipher_block_xor_n_copy Unexecuted instantiation: gost28147.c:cipher_block_xor_n_copy Unexecuted instantiation: idea.c:cipher_block_xor_n_copy Unexecuted instantiation: rfc2268.c:cipher_block_xor_n_copy Unexecuted instantiation: rijndael.c:cipher_block_xor_n_copy Unexecuted instantiation: salsa20.c:cipher_block_xor_n_copy Unexecuted instantiation: seed.c:cipher_block_xor_n_copy Unexecuted instantiation: serpent.c:cipher_block_xor_n_copy Unexecuted instantiation: sm4.c:cipher_block_xor_n_copy Unexecuted instantiation: twofish.c:cipher_block_xor_n_copy Unexecuted instantiation: arcfour.c:cipher_block_xor_n_copy Unexecuted instantiation: aria.c:cipher_block_xor_n_copy Unexecuted instantiation: blowfish.c:cipher_block_xor_n_copy Unexecuted instantiation: camellia-glue.c:cipher_block_xor_n_copy cast5.c:cipher_block_xor_n_copy Line | Count | Source | 976 | 171 | { | 977 | 171 | cipher_block_xor_n_copy_2(_dst_xor, _src, _srcdst_cpy, _src, blocksize); | 978 | 171 | } |
Unexecuted instantiation: chacha20.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-aeswrap.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-cbc.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-ccm.c:cipher_block_xor_n_copy cipher-cfb.c:cipher_block_xor_n_copy Line | Count | Source | 976 | 29 | { | 977 | 29 | cipher_block_xor_n_copy_2(_dst_xor, _src, _srcdst_cpy, _src, blocksize); | 978 | 29 | } |
Unexecuted instantiation: cipher-cmac.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-ctr.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-eax.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-gcm-siv.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-gcm.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-ocb.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-ofb.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-poly1305.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-siv.c:cipher_block_xor_n_copy Unexecuted instantiation: cipher-xts.c:cipher_block_xor_n_copy Unexecuted instantiation: rijndael-vaes.c:cipher_block_xor_n_copy |
979 | | |
980 | | |
981 | | #endif /*G10_CIPHER_INTERNAL_H*/ |