Lines Matching full:ciphertext
20 // plaintext and ciphertext.
31 // Open decrypts and authenticates ciphertext, authenticates the
37 // The ciphertext and dst may alias exactly or not at all.
38 Open(dst, nonce, ciphertext, data []byte) ([]byte, error)
137 func (g *gcm) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
142 if len(ciphertext) < gcmTagSize {
145 tag := ciphertext[len(ciphertext)-gcmTagSize:]
146 ciphertext = ciphertext[:len(ciphertext)-gcmTagSize]
155 g.auth(expectedTag[:], ciphertext, data, &tagMask)
161 ret, out := sliceForAppend(dst, len(ciphertext))
162 g.counterCrypt(out, ciphertext, &counter)
334 // auth calculates GHASH(ciphertext, additionalData), masks the result with
336 func (g *gcm) auth(out, ciphertext, additionalData []byte, tagMask *[gcmTagSize]byte) {
339 g.update(&y, ciphertext)
342 y.high ^= uint64(len(ciphertext)) * 8
