Home
last modified time | relevance | path

Searched refs:GHASH (Results 1 – 17 of 17) sorted by relevance

/src/crypto/openssl/crypto/modes/
H A Dgcm128.c331 #define GHASH(ctx, in, len) ctx->funcs.ghash((ctx)->Xi.u, (ctx)->Htable, in, len) macro
745 #ifdef GHASH in CRYPTO_gcm128_aad()
747 GHASH(ctx, aad, i); in CRYPTO_gcm128_aad()
790 #if defined(GHASH) && !defined(OPENSSL_SMALL_FOOTPRINT) in CRYPTO_gcm128_encrypt()
820 #if defined(GHASH) in CRYPTO_gcm128_encrypt()
827 GHASH(ctx, ctx->Xn, mres); in CRYPTO_gcm128_encrypt()
852 #if defined(GHASH) in CRYPTO_gcm128_encrypt()
854 GHASH(ctx, ctx->Xn, mres); in CRYPTO_gcm128_encrypt()
881 GHASH(ctx, out - GHASH_CHUNK, GHASH_CHUNK); in CRYPTO_gcm128_encrypt()
908 GHASH(ctx, out - j, j); in CRYPTO_gcm128_encrypt()
[all …]
/src/sys/contrib/openzfs/
H A DCOPYRIGHT25 * GHASH Implementation: module/icp/asm-x86_64/modes/THIRDPARTYLICENSE.cryptogams
26 * GHASH Implementation: module/icp/asm-x86_64/modes/THIRDPARTYLICENSE.openssl
/src/sys/contrib/openzfs/module/icp/asm-x86_64/modes/
H A DTHIRDPARTYLICENSE.cryptogams.descrip1 PORTIONS OF GCM and GHASH FUNCTIONALITY
H A DTHIRDPARTYLICENSE.openssl.descrip1 PORTIONS OF GCM and GHASH FUNCTIONALITY
H A DTHIRDPARTYLICENSE.boringssl.descrip1 PORTIONS OF AES GCM and GHASH FUNCTIONALITY
H A Dghash-x86_64.S19 # The module implements "4-bit" GCM GHASH function and underlying
21 # it uses 256 bytes per-key table [+128 bytes shared table]. GHASH
24 # Performance results are for this streamed GHASH subroutine and are
H A Daesni-gcm-x86_64.S18 # AES-NI-CTR+GHASH stitch.
25 # PCLMULQDQ-enabled GHASH. Unfortunately, as no stitch implementation
/src/sys/contrib/openzfs/module/icp/algs/modes/
H A Dgcm.c40 #define GHASH(c, d, t, o) \ macro
180 GHASH(ctx, ctx->gcm_tmp, ctx->gcm_ghash, gops); in gcm_mode_encrypt_contiguous_blocks()
261 GHASH(ctx, macp, ghash, gops); in gcm_encrypt_final()
268 GHASH(ctx, ctx->gcm_len_a_len_c, ghash, gops); in gcm_encrypt_final()
320 GHASH(ctx, ctx->gcm_tmp, ctx->gcm_ghash, gcm_impl_get_ops()); in gcm_decrypt_incomplete_block()
416 GHASH(ctx, blockp, ghash, gops); in gcm_decrypt_final()
439 GHASH(ctx, ctx->gcm_len_a_len_c, ghash, gops); in gcm_decrypt_final()
522 GHASH(ctx, datap, ghash, gops); in gcm_format_initial_blocks()
527 GHASH(ctx, len_a_len_c, ctx->gcm_J0, gops); in gcm_format_initial_blocks()
585 GHASH(ctx, datap, ghash, gops); in gcm_init()
/src/crypto/openssl/providers/implementations/ciphers/
H A Dcipher_aes_gcm_hw_s390x.inc61 * The GHASH of this value can then be calculated.
73 /* Copy the 128 bit GHASH result into J0 and clear the tag */
H A Dcipher_aes_gcm_hw_vaes_avx512.inc157 /* Finalize GHASH(AAD) if AAD partial blocks left unprocessed */
/src/sys/crypto/openssl/powerpc64/
H A Daes-gcm-ppc.S518 # initialize ICB: GHASH( IV ), IV - r7
706 # initialize ICB: GHASH( IV ), IV - r7
/src/sys/crypto/openssl/powerpc/
H A Daes-gcm-ppc.S518 # initialize ICB: GHASH( IV ), IV - r7
706 # initialize ICB: GHASH( IV ), IV - r7
/src/sys/crypto/openssl/powerpc64le/
H A Daes-gcm-ppc.S518 # initialize ICB: GHASH( IV ), IV - r7
706 # initialize ICB: GHASH( IV ), IV - r7
/src/crypto/openssl/doc/man3/
H A DOPENSSL_s390xcap.pod96 # 65 1<<62 KIMD-GHASH
H A DOPENSSL_ppccap.pod69 GHASH, and Poly1305.
/src/crypto/openssl/crypto/modes/asm/
H A Daes-gcm-avx512.pl1001 my $GHASH = $_[1]; # [out] ghash output
1216 @{[XWORD($GHASH)]},
4127 my $GHASH = $_[4]; # [in] ZMM with AAD (low 128 bits)
4240 if ($GHASH ne "no_ghash") {
4243 vpxorq $GHASH,$B00_03,$B00_03
/src/crypto/openssl/
H A DCHANGES.md1317 * Enable extra Arm64 optimization on Windows for GHASH, RAND and AES.
8208 This covers AES, SHA256/512 and GHASH. "Initial" means that most
8219 SHA1, SHA256 and GHASH. "Initial" means that most common cases
8231 SHA256/512, MD5, GHASH and modular exponentiation.
9844 - `*`: GHASH and GF(2^m) multiplication implementations;