81 static inline int blake2b_set_lastnode( blake2b_state *S )  in blake2b_set_lastnode()  argument
83   S->f[1] = ~0ULL;  in blake2b_set_lastnode()
87 static inline int blake2b_clear_lastnode( blake2b_state *S )  in blake2b_clear_lastnode()  argument
89   S->f[1] = 0ULL;  in blake2b_clear_lastnode()
93 static inline int blake2b_set_lastblock( blake2b_state *S )  in blake2b_set_lastblock()  argument
95   if( S->last_node ) blake2b_set_lastnode( S );  in blake2b_set_lastblock()
97   S->f[0] = ~0ULL;  in blake2b_set_lastblock()
101 static inline int blake2b_clear_lastblock( blake2b_state *S )  in blake2b_clear_lastblock()  argument
103   if( S->last_node ) blake2b_clear_lastnode( S );  in blake2b_clear_lastblock()
105   S->f[0] = 0ULL;  in blake2b_clear_lastblock()
110 static inline int blake2b_increment_counter( blake2b_state *S, const uint64_t inc )  in blake2b_increment_counter()  argument
114   __uint128_t t = ( ( __uint128_t )S->t[1] << 64 ) | S->t[0];  in blake2b_increment_counter()
116   S->t[0] = ( uint64_t )( t >>  0 );  in blake2b_increment_counter()
117   S->t[1] = ( uint64_t )( t >> 64 );  in blake2b_increment_counter()
119   S->t[0] += inc;  in blake2b_increment_counter()
120   S->t[1] += ( S->t[0] < inc );  in blake2b_increment_counter()
181 static inline int blake2b_init0( blake2b_state *S )  in blake2b_init0()  argument
183   memset( S, 0, sizeof( blake2b_state ) );  in blake2b_init0()
185   for( int i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i];  in blake2b_init0()
202   int blake2b_init( blake2b_state *S, size_t outlen );
203   int blake2b_init_param( blake2b_state *S, const blake2b_param *P );
204   int blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen );
205   int blake2b_update( blake2b_state *S, const uint8_t *in, size_t inlen );
206   int blake2b_final( blake2b_state *S, uint8_t *out, size_t outlen );
213 int blake2b_init_param( blake2b_state *S, const blake2b_param *P )  in blake2b_init_param()  argument
218   h = ( uint8_t * )( S->h );  in blake2b_init_param()
221   memset( S, 0, sizeof( blake2b_state ) );  in blake2b_init_param()
225   S->outlen = P->digest_length;  in blake2b_init_param()
232 int blake2b_init( blake2b_state *S, size_t outlen )  in blake2b_init()  argument
250   return blake2b_init_param( S, &P );  in blake2b_init()
253 int blake2b_init_key( blake2b_state *S, size_t outlen, const void *key, size_t keylen )  in blake2b_init_key()  argument
274   if( blake2b_init_param( S, &P ) < 0 )  in blake2b_init_key()
281     blake2b_update( S, block, BLAKE2B_BLOCKBYTES );  in blake2b_init_key()
287 static inline int blake2b_compress( blake2b_state *S, const uint8_t block[BLAKE2B_BLOCKBYTES] )  in blake2b_compress()  argument
326   row1l = LOADU( &S->h[0] );  in blake2b_compress()
327   row1h = LOADU( &S->h[2] );  in blake2b_compress()
328   row2l = LOADU( &S->h[4] );  in blake2b_compress()
329   row2h = LOADU( &S->h[6] );  in blake2b_compress()
332   row4l = _mm_xor_si128( LOADU( &blake2b_IV[4] ), LOADU( &S->t[0] ) );  in blake2b_compress()
333   row4h = _mm_xor_si128( LOADU( &blake2b_IV[6] ), LOADU( &S->f[0] ) );  in blake2b_compress()
348   STOREU( &S->h[0], _mm_xor_si128( LOADU( &S->h[0] ), row1l ) );  in blake2b_compress()
349   STOREU( &S->h[2], _mm_xor_si128( LOADU( &S->h[2] ), row1h ) );  in blake2b_compress()
352   STOREU( &S->h[4], _mm_xor_si128( LOADU( &S->h[4] ), row2l ) );  in blake2b_compress()
353   STOREU( &S->h[6], _mm_xor_si128( LOADU( &S->h[6] ), row2h ) );  in blake2b_compress()
358 int blake2b_update( blake2b_state *S, const uint8_t *in, size_t inlen )  in blake2b_update()  argument
362     uint32_t left = S->buflen;  in blake2b_update()
367       memcpy( S->buf + left, in, fill ); // Fill buffer  in blake2b_update()
368       S->buflen += fill;  in blake2b_update()
369       blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );  in blake2b_update()
370       blake2b_compress( S, S->buf ); // Compress  in blake2b_update()
371       memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES ); // Shift buffer left  in blake2b_update()
372       S->buflen -= BLAKE2B_BLOCKBYTES;  in blake2b_update()
378       memcpy( S->buf + left, in, inlen );  in blake2b_update()
379       S->buflen += ( uint32_t ) inlen; // Be lazy, do not compress  in blake2b_update()
389 int blake2b_final( blake2b_state *S, uint8_t *out, size_t outlen )  in blake2b_final()  argument
391   if(S->outlen != outlen) return -1;  in blake2b_final()
393   if( S->buflen > BLAKE2B_BLOCKBYTES )  in blake2b_final()
395     blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );  in blake2b_final()
396     blake2b_compress( S, S->buf );  in blake2b_final()
397     S->buflen -= BLAKE2B_BLOCKBYTES;  in blake2b_final()
398     memcpy( S->buf, S->buf + BLAKE2B_BLOCKBYTES, S->buflen );  in blake2b_final()
401   blake2b_increment_counter( S, S->buflen );  in blake2b_final()
402   blake2b_set_lastblock( S );  in blake2b_final()
403   memset( S->buf + S->buflen, 0, 2 * BLAKE2B_BLOCKBYTES - S->buflen ); /* Padding */  in blake2b_final()
404   blake2b_compress( S, S->buf );  in blake2b_final()
405   memcpy( out, &S->h[0], outlen );  in blake2b_final()
412   blake2b_state S[1];  in blake2b()  local
427     if( blake2b_init_key( S, outlen, key, keylen ) < 0 ) return -1;  in blake2b()
431     if( blake2b_init( S, outlen ) < 0 ) return -1;  in blake2b()
434   if( blake2b_update( S, ( uint8_t * )in, inlen ) < 0) return -1;  in blake2b()
435   return blake2b_final( S, out, outlen );  in blake2b()