Lines Matching refs:nonce
66 memset(ctx->nonce.c,0,sizeof(ctx->nonce.c));
67 ctx->nonce.c[0] = ((u8)(L-1)&7) | (u8)(((M-2)/2)&7)<<3;
75 /* Then you setup per-message nonce and pass the length of the message */
77 const unsigned char *nonce,size_t nlen,size_t mlen)
79 unsigned int L = ctx->nonce.c[0]&7; /* the L parameter */
81 if (nlen<(14-L)) return -1; /* nonce is too short */
84 ctx->nonce.c[8] = (u8)(mlen>>(56%(sizeof(mlen)*8)));
85 ctx->nonce.c[9] = (u8)(mlen>>(48%(sizeof(mlen)*8)));
86 ctx->nonce.c[10] = (u8)(mlen>>(40%(sizeof(mlen)*8)));
87 ctx->nonce.c[11] = (u8)(mlen>>(32%(sizeof(mlen)*8)));
90 *(u32*)(&ctx->nonce.c[8]) = 0;
92 ctx->nonce.c[12] = (u8)(mlen>>24);
93 ctx->nonce.c[13] = (u8)(mlen>>16);
94 ctx->nonce.c[14] = (u8)(mlen>>8);
95 ctx->nonce.c[15] = (u8)mlen;
97 ctx->nonce.c[0] &= ~0x40; /* clear Adata flag */
98 memcpy(&ctx->nonce.c[1],nonce,14-L);
111 ctx->nonce.c[0] |= 0x40; /* set Adata flag */
112 (*block)(ctx->nonce.c,ctx->cmac.c,ctx->key),
154 /* counter part of nonce may not be larger than L*8 bits,
176 unsigned char flags0 = ctx->nonce.c[0];
182 (*block)(ctx->nonce.c,ctx->cmac.c,key),
185 ctx->nonce.c[0] = L = flags0&7;
187 n |= ctx->nonce.c[i];
188 ctx->nonce.c[i]=0;
191 n |= ctx->nonce.c[15]; /* reconstructed length */
192 ctx->nonce.c[15]=1;
211 (*block)(ctx->nonce.c,scratch.c,key);
212 ctr64_inc(ctx->nonce.c);
229 (*block)(ctx->nonce.c,scratch.c,key);
234 ctx->nonce.c[i]=0;
236 (*block)(ctx->nonce.c,scratch.c,key);
240 ctx->nonce.c[0] = flags0;
251 unsigned char flags0 = ctx->nonce.c[0];
257 (*block)(ctx->nonce.c,ctx->cmac.c,key);
259 ctx->nonce.c[0] = L = flags0&7;
261 n |= ctx->nonce.c[i];
262 ctx->nonce.c[i]=0;
265 n |= ctx->nonce.c[15]; /* reconstructed length */
266 ctx->nonce.c[15]=1;
274 (*block)(ctx->nonce.c,scratch.c,key);
275 ctr64_inc(ctx->nonce.c);
293 (*block)(ctx->nonce.c,scratch.c,key);
300 ctx->nonce.c[i]=0;
302 (*block)(ctx->nonce.c,scratch.c,key);
306 ctx->nonce.c[0] = flags0;
330 unsigned char flags0 = ctx->nonce.c[0];
336 (*block)(ctx->nonce.c,ctx->cmac.c,key),
339 ctx->nonce.c[0] = L = flags0&7;
341 n |= ctx->nonce.c[i];
342 ctx->nonce.c[i]=0;
345 n |= ctx->nonce.c[15]; /* reconstructed length */
346 ctx->nonce.c[15]=1;
354 (*stream)(inp,out,n,key,ctx->nonce.c,ctx->cmac.c);
359 if (len) ctr64_add(ctx->nonce.c,n/16);
365 (*block)(ctx->nonce.c,scratch.c,key);
370 ctx->nonce.c[i]=0;
372 (*block)(ctx->nonce.c,scratch.c,key);
376 ctx->nonce.c[0] = flags0;
387 unsigned char flags0 = ctx->nonce.c[0];
393 (*block)(ctx->nonce.c,ctx->cmac.c,key);
395 ctx->nonce.c[0] = L = flags0&7;
397 n |= ctx->nonce.c[i];
398 ctx->nonce.c[i]=0;
401 n |= ctx->nonce.c[15]; /* reconstructed length */
402 ctx->nonce.c[15]=1;
407 (*stream)(inp,out,n,key,ctx->nonce.c,ctx->cmac.c);
412 if (len) ctr64_add(ctx->nonce.c,n/16);
416 (*block)(ctx->nonce.c,scratch.c,key);
423 ctx->nonce.c[i]=0;
425 (*block)(ctx->nonce.c,scratch.c,key);
429 ctx->nonce.c[0] = flags0;
435 { unsigned int M = (ctx->nonce.c[0]>>3)&7; /* the M parameter */
