76 static inline int blake2s_set_lastnode( blake2s_state *S )  in blake2s_set_lastnode()  argument
78   S->f[1] = ~0U;  in blake2s_set_lastnode()
82 static inline int blake2s_clear_lastnode( blake2s_state *S )  in blake2s_clear_lastnode()  argument
84   S->f[1] = 0U;  in blake2s_clear_lastnode()
88 static inline int blake2s_set_lastblock( blake2s_state *S )  in blake2s_set_lastblock()  argument
90   if( S->last_node ) blake2s_set_lastnode( S );  in blake2s_set_lastblock()
92   S->f[0] = ~0U;  in blake2s_set_lastblock()
96 static inline int blake2s_clear_lastblock( blake2s_state *S )  in blake2s_clear_lastblock()  argument
98   if( S->last_node ) blake2s_clear_lastnode( S );  in blake2s_clear_lastblock()
100   S->f[0] = 0U;  in blake2s_clear_lastblock()
104 static inline int blake2s_increment_counter( blake2s_state *S, const uint32_t inc )  in blake2s_increment_counter()  argument
106   uint64_t t = ( ( uint64_t )S->t[1] << 32 ) | S->t[0];  in blake2s_increment_counter()
108   S->t[0] = ( uint32_t )( t >>  0 );  in blake2s_increment_counter()
109   S->t[1] = ( uint32_t )( t >> 32 );  in blake2s_increment_counter()
169 static inline int blake2s_init0( blake2s_state *S )  in blake2s_init0()  argument
171   memset( S, 0, sizeof( blake2s_state ) );  in blake2s_init0()
173   for( int i = 0; i < 8; ++i ) S->h[i] = blake2s_IV[i];  in blake2s_init0()
188   int blake2s_init( blake2s_state *S, size_t outlen );
189   int blake2s_init_param( blake2s_state *S, const blake2s_param *P );
190   int blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen );
191   int blake2s_update( blake2s_state *S, const uint8_t *in, size_t inlen );
192   int blake2s_final( blake2s_state *S, uint8_t *out, size_t outlen );
200 int blake2s_init_param( blake2s_state *S, const blake2s_param *P )  in blake2s_init_param()  argument
205   h = ( uint8_t * )( S->h );  in blake2s_init_param()
208   memset( S, 0, sizeof( blake2s_state ) );  in blake2s_init_param()
212   S->outlen = P->digest_length;  in blake2s_init_param()
218 int blake2s_init( blake2s_state *S, size_t outlen )  in blake2s_init()  argument
235   return blake2s_init_param( S, &P );  in blake2s_init()
239 int blake2s_init_key( blake2s_state *S, size_t outlen, const void *key, size_t keylen )  in blake2s_init_key()  argument
259   if( blake2s_init_param( S, &P ) < 0 )  in blake2s_init_key()
266     blake2s_update( S, block, BLAKE2S_BLOCKBYTES );  in blake2s_init_key()
273 static inline int blake2s_compress( blake2s_state *S, const uint8_t block[BLAKE2S_BLOCKBYTES] )  in blake2s_compress()  argument
311   row1 = ff0 = LOADU( &S->h[0] );  in blake2s_compress()
312   row2 = ff1 = LOADU( &S->h[4] );  in blake2s_compress()
314 …row4 = _mm_xor_si128( _mm_setr_epi32( 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19 ), LOADU( &S-…  in blake2s_compress()
325   STOREU( &S->h[0], _mm_xor_si128( ff0, _mm_xor_si128( row1, row3 ) ) );  in blake2s_compress()
326   STOREU( &S->h[4], _mm_xor_si128( ff1, _mm_xor_si128( row2, row4 ) ) );  in blake2s_compress()
331 int blake2s_update( blake2s_state *S, const uint8_t *in, size_t inlen )  in blake2s_update()  argument
335     size_t left = S->buflen;  in blake2s_update()
340       memcpy( S->buf + left, in, fill ); // Fill buffer  in blake2s_update()
341       S->buflen += fill;  in blake2s_update()
342       blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES );  in blake2s_update()
343       blake2s_compress( S, S->buf ); // Compress  in blake2s_update()
344       memcpy( S->buf, S->buf + BLAKE2S_BLOCKBYTES, BLAKE2S_BLOCKBYTES ); // Shift buffer left  in blake2s_update()
345       S->buflen -= BLAKE2S_BLOCKBYTES;  in blake2s_update()
351       memcpy( S->buf + left, in, inlen );  in blake2s_update()
352       S->buflen += inlen; // Be lazy, do not compress  in blake2s_update()
362 int blake2s_final( blake2s_state *S, uint8_t *out, size_t outlen )  in blake2s_final()  argument
366   if(outlen != S->outlen ) return -1;  in blake2s_final()
368   if( S->buflen > BLAKE2S_BLOCKBYTES )  in blake2s_final()
370     blake2s_increment_counter( S, BLAKE2S_BLOCKBYTES );  in blake2s_final()
371     blake2s_compress( S, S->buf );  in blake2s_final()
372     S->buflen -= BLAKE2S_BLOCKBYTES;  in blake2s_final()
373     memcpy( S->buf, S->buf + BLAKE2S_BLOCKBYTES, S->buflen );  in blake2s_final()
376   blake2s_increment_counter( S, ( uint32_t )S->buflen );  in blake2s_final()
377   blake2s_set_lastblock( S );  in blake2s_final()
378   memset( S->buf + S->buflen, 0, 2 * BLAKE2S_BLOCKBYTES - S->buflen ); /* Padding */  in blake2s_final()
379   blake2s_compress( S, S->buf );  in blake2s_final()
382     store32( buffer + sizeof( S->h[i] ) * i, S->h[i] );  in blake2s_final()
390   blake2s_state S[1];  in blake2s()  local
405     if( blake2s_init_key( S, outlen, key, keylen ) < 0 ) return -1;  in blake2s()
409     if( blake2s_init( S, outlen ) < 0 ) return -1;  in blake2s()
412   if( blake2s_update( S, ( uint8_t * )in, inlen ) < 0) return -1;  in blake2s()
413   return blake2s_final( S, out, outlen );  in blake2s()