Lines Matching defs:Xi
148 gcm_gmult_8bit(u64 Xi[2], const u128 Htable[256])
151 const u8 *xi = (const u8 *)Xi + 15;
223 if ((u8 *)Xi == xi)
238 Xi[0] = htobe64(Z.hi);
239 Xi[1] = htobe64(Z.lo);
241 #define GCM_MUL(ctx,Xi) gcm_gmult_8bit(ctx->Xi.u,ctx->Htable)
331 gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16])
337 nlo = ((const u8 *)Xi)[15];
359 nlo = ((const u8 *)Xi)[cnt];
375 Xi[0] = htobe64(Z.hi);
376 Xi[1] = htobe64(Z.lo);
388 gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16],
398 nlo = ((const u8 *)Xi)[15];
421 nlo = ((const u8 *)Xi)[cnt];
495 nlo = ((const u8 *)Xi)[cnt];
513 nlo = ((const u8 *)Xi)[0];
531 Xi[0] = htobe64(Z.hi);
532 Xi[1] = htobe64(Z.lo);
537 void gcm_gmult_4bit(u64 Xi[2], const u128 Htable[16]);
538 void gcm_ghash_4bit(u64 Xi[2], const u128 Htable[16], const u8 *inp,
542 #define GCM_MUL(ctx,Xi) gcm_gmult_4bit(ctx->Xi.u,ctx->Htable)
544 #define GHASH(ctx,in,len) gcm_ghash_4bit((ctx)->Xi.u,(ctx)->Htable,in,len)
554 gcm_gmult_1bit(u64 Xi[2], const u64 H[2])
559 const long *xi = (const long *)Xi;
590 Xi[0] = htobe64(Z.hi);
591 Xi[1] = htobe64(Z.lo);
593 #define GCM_MUL(ctx,Xi) gcm_gmult_1bit(ctx->Xi.u,ctx->H.u)
611 void gcm_init_clmul(u128 Htable[16], const u64 Xi[2]);
612 void gcm_gmult_clmul(u64 Xi[2], const u128 Htable[16]);
613 void gcm_ghash_clmul(u64 Xi[2], const u128 Htable[16], const u8 *inp,
618 void gcm_gmult_4bit_mmx(u64 Xi[2], const u128 Htable[16]);
619 void gcm_ghash_4bit_mmx(u64 Xi[2], const u128 Htable[16], const u8 *inp,
622 void gcm_gmult_4bit_x86(u64 Xi[2], const u128 Htable[16]);
623 void gcm_ghash_4bit_x86(u64 Xi[2], const u128 Htable[16], const u8 *inp,
631 void gcm_gmult_neon(u64 Xi[2], const u128 Htable[16]);
632 void gcm_ghash_neon(u64 Xi[2], const u128 Htable[16], const u8 *inp,
640 # define GCM_MUL(ctx,Xi) (*gcm_gmult_p)(ctx->Xi.u,ctx->Htable)
643 # define GHASH(ctx,in,len) (*gcm_ghash_p)(ctx->Xi.u,ctx->Htable,in,len)
712 void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
717 ctx->Xi.u[0] = 0;
718 ctx->Xi.u[1] = 0;
765 void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
767 void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16],
783 ctx->Xi.c[n] ^= *(aad++);
788 GCM_MUL(ctx, Xi);
804 ctx->Xi.c[i] ^= aad[i];
805 GCM_MUL(ctx, Xi);
813 ctx->Xi.c[i] ^= aad[i];
832 void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
834 void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16],
846 GCM_MUL(ctx, Xi);
858 ctx->Xi.c[n] ^= *(out++) = *(in++) ^
864 GCM_MUL(ctx, Xi);
926 ctx->Xi.t[i] ^=
928 GCM_MUL(ctx, Xi);
940 ctx->Xi.c[n] ^= out[n] = in[n] ^
956 ctx->Xi.c[n] ^= out[i] = in[i] ^ ctx->EKi.c[n];
959 GCM_MUL(ctx, Xi);
978 void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
980 void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16],
992 GCM_MUL(ctx, Xi);
1006 ctx->Xi.c[n] ^= c;
1011 GCM_MUL(ctx, Xi);
1073 ctx->Xi.t[i] ^= c;
1075 GCM_MUL(ctx, Xi);
1088 ctx->Xi.c[n] ^= c;
1107 ctx->Xi.c[n] ^= c;
1110 GCM_MUL(ctx, Xi);
1128 void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
1130 void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16],
1142 GCM_MUL(ctx, Xi);
1151 ctx->Xi.c[n] ^= *(out++) = *(in++) ^ ctx->EKi.c[n];
1156 GCM_MUL(ctx, Xi);
1187 ctx->Xi.c[i] ^= out[i];
1188 GCM_MUL(ctx, Xi);
1198 ctx->Xi.c[n] ^= out[n] = in[n] ^ ctx->EKi.c[n];
1218 void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
1220 void (*gcm_ghash_p)(u64 Xi[2], const u128 Htable[16],
1232 GCM_MUL(ctx, Xi);
1243 ctx->Xi.c[n] ^= c;
1248 GCM_MUL(ctx, Xi);
1274 ctx->Xi.c[k] ^= in[k];
1275 GCM_MUL(ctx, Xi);
1294 ctx->Xi.c[n] ^= c;
1312 void (*gcm_gmult_p)(u64 Xi[2], const u128 Htable[16]) = ctx->gmult;
1316 GCM_MUL(ctx, Xi);
1318 ctx->Xi.u[0] ^= htobe64(alen);
1319 ctx->Xi.u[1] ^= htobe64(clen);
1320 GCM_MUL(ctx, Xi);
1322 ctx->Xi.u[0] ^= ctx->EK0.u[0];
1323 ctx->Xi.u[1] ^= ctx->EK0.u[1];
1325 if (tag && len <= sizeof(ctx->Xi))
1326 return memcmp(ctx->Xi.c, tag, len);
1336 memcpy(tag, ctx->Xi.c,
1337 len <= sizeof(ctx->Xi.c) ? len : sizeof(ctx->Xi.c));