| /crypto/ |
| D | sha512_generic.c | 101 u64 a, b, c, d, e, f, g, h, t1, t2; in sha512_transform() local
108 e=state[4]; f=state[5]; g=state[6]; h=state[7]; in sha512_transform()
126 t1 = h + e1(e) + Ch(e,f,g) + sha512_K[i ] + W[(i & 15)]; in sha512_transform()
128 t1 = g + e1(d) + Ch(d,e,f) + sha512_K[i+1] + W[(i & 15) + 1]; in sha512_transform()
129 t2 = e0(h) + Maj(h,a,b); c+=t1; g=t1+t2; in sha512_transform()
131 t2 = e0(g) + Maj(g,h,a); b+=t1; f=t1+t2; in sha512_transform()
133 t2 = e0(f) + Maj(f,g,h); a+=t1; e=t1+t2; in sha512_transform()
135 t2 = e0(e) + Maj(e,f,g); h+=t1; d=t1+t2; in sha512_transform()
137 t2 = e0(d) + Maj(d,e,f); g+=t1; c=t1+t2; in sha512_transform()
138 t1 = b + e1(g) + Ch(g,h,a) + sha512_K[i+6] + W[(i & 15) + 6]; in sha512_transform()
[all …]
|
| D | sm3_generic.c | 44 static inline u32 gg(unsigned int n, u32 e, u32 f, u32 g) in gg() argument
46 return (n < 16) ? (e ^ f ^ g) : ((e & f) | ((~e) & g)); in gg()
78 u32 a, b, c, d, e, f, g, h; in sm3_compress() local
87 g = m[6]; in sm3_compress()
99 tt2 = gg(i, e, f, g) + h + ss1 + *w; in sm3_compress()
106 h = g; in sm3_compress()
107 g = rol32(f, 19); in sm3_compress()
118 m[6] = g ^ m[6]; in sm3_compress()
121 a = b = c = d = e = f = g = h = ss1 = ss2 = tt1 = tt2 = 0; in sm3_compress()
|
| D | ecrdsa_defs.h | 50 .g = {
83 .g = {
120 .g = {
169 .g = {
214 .g = {
|
| D | ecc_curve_defs.h | 20 .g = {
46 .g = {
78 .g = {
98 .g = {
|
| D | dh.c | 18 MPI g; /* Value is guaranteed to be set. */ member
26 mpi_free(ctx->g); in dh_clear_ctx()
68 ctx->g = mpi_read_raw_data(params->g, params->g_size); in dh_set_params()
69 if (!ctx->g) in dh_set_params()
176 base = ctx->g; in dh_compute_value()
|
| D | ecdsa.c | 82 sig->curve->g.ndigits); in ecdsa_get_signature_r()
91 sig->curve->g.ndigits); in ecdsa_get_signature_s()
97 unsigned int ndigits = curve->g.ndigits; in _ecdsa_verify()
121 ecc_point_mult_shamir(&res, u1, &curve->g, u2, &ctx->pub_key, curve); in _ecdsa_verify()
141 size_t keylen = ctx->curve->g.ndigits * sizeof(u64); in ecdsa_verify()
178 ecc_swap_digits((u64 *)rawhash, hash, ctx->curve->g.ndigits); in ecdsa_verify()
213 ctx->curve->g.ndigits); in ecdsa_ecc_ctx_reset()
242 if (ndigits != ctx->curve->g.ndigits) in ecdsa_set_pub_key()
|
| D | ecrdsa.c | 97 req->dst_len != ctx->curve->g.ndigits * sizeof(u64) || in ecrdsa_verify()
98 ctx->pub_key.ndigits != ctx->curve->g.ndigits || in ecrdsa_verify()
138 ecc_point_mult_shamir(&cc, z1, &ctx->curve->g, z2, &ctx->pub_key, in ecrdsa_verify()
229 ctx->curve->g.ndigits * sizeof(u64) != ctx->digest_len) in ecrdsa_set_pub_key()
237 ctx->key_len != ctx->curve->g.ndigits * sizeof(u64) * 2) in ecrdsa_set_pub_key()
|
| D | gf128mul.c | 260 struct gf128mul_64k *gf128mul_init_64k_bbe(const be128 *g) in gf128mul_init_64k_bbe() argument
278 t->t[0]->t[1] = *g; in gf128mul_init_64k_bbe()
341 struct gf128mul_4k *gf128mul_init_4k_lle(const be128 *g) in gf128mul_init_4k_lle() argument
350 t->t[128] = *g; in gf128mul_init_4k_lle()
363 struct gf128mul_4k *gf128mul_init_4k_bbe(const be128 *g) in gf128mul_init_4k_bbe() argument
372 t->t[1] = *g; in gf128mul_init_4k_bbe()
|
| D | dh_helper.c | 61 ptr = dh_pack_data(ptr, end, params->g, params->g_size); in crypto_dh_encode_key()
101 params->g = (void *)(ptr + params->key_size + params->p_size + in crypto_dh_decode_key()
|
| D | ecc.c | 912 const unsigned int ndigits = curve->g.ndigits; in vli_mmod_fast()
968 vli_mult(product, left, right, curve->g.ndigits); in vli_mod_mult_fast()
978 vli_square(product, left, curve->g.ndigits); in vli_mod_square_fast()
1083 const unsigned int ndigits = curve->g.ndigits; in ecc_point_double_jacobian()
1156 const unsigned int ndigits = curve->g.ndigits; in xycz_initial_double()
1184 const unsigned int ndigits = curve->g.ndigits; in xycz_add()
1229 const unsigned int ndigits = curve->g.ndigits; in xycz_add_c()
1343 unsigned int ndigits = curve->g.ndigits; in ecc_point_add()
1367 unsigned int ndigits = curve->g.ndigits; in ecc_point_mult_shamir()
1422 if (curve->g.ndigits != ndigits) in __ecc_is_key_valid()
[all …]
|
| D | Kconfig | 62 for lab evaluation testing of the module, e.g. support for injecting
566 carryless multiplication, e.g. x86 processors with AES-NI and CLMUL, and
592 building for a particular system that requires it (e.g., when
1201 without hardware AES acceleration (e.g. caam crypto). It reduces the
|
| /crypto/async_tx/ |
| D | async_raid6_recov.c | 208 struct page *p, *q, *g, *dp, *dq; in __2data_recov_5() local
235 g = blocks[good]; in __2data_recov_5()
248 tx = async_memcpy(dp, g, dp_off, g_off, bytes, submit); in __2data_recov_5()
250 tx = async_mult(dq, dq_off, g, g_off, in __2data_recov_5()
543 struct page *g = blocks[good]; in async_raid6_datap_recov() local
548 tx = async_memcpy(p, g, p_off, g_off, bytes, submit); in async_raid6_datap_recov()
552 tx = async_mult(dq, dq_off, g, g_off, in async_raid6_datap_recov()
|