59     ChaChaPoly_Aead aead;  in wc_ChaCha20Poly1305_Encrypt()  local
70     ret = wc_ChaCha20Poly1305_Init(&aead, inKey, inIV,  in wc_ChaCha20Poly1305_Encrypt()
73         ret = wc_ChaCha20Poly1305_UpdateAad(&aead, inAAD, inAADLen);  in wc_ChaCha20Poly1305_Encrypt()
75         ret = wc_ChaCha20Poly1305_UpdateData(&aead, inPlaintext, outCiphertext,  in wc_ChaCha20Poly1305_Encrypt()
78         ret = wc_ChaCha20Poly1305_Final(&aead, outAuthTag);  in wc_ChaCha20Poly1305_Encrypt()
91     ChaChaPoly_Aead aead;  in wc_ChaCha20Poly1305_Decrypt()  local
105     ret = wc_ChaCha20Poly1305_Init(&aead, inKey, inIV,  in wc_ChaCha20Poly1305_Decrypt()
108         ret = wc_ChaCha20Poly1305_UpdateAad(&aead, inAAD, inAADLen);  in wc_ChaCha20Poly1305_Decrypt()
110         ret = wc_ChaCha20Poly1305_UpdateData(&aead, inCiphertext, outPlaintext,  in wc_ChaCha20Poly1305_Decrypt()
113         ret = wc_ChaCha20Poly1305_Final(&aead, calculatedAuthTag);  in wc_ChaCha20Poly1305_Decrypt()
134 int wc_ChaCha20Poly1305_Init(ChaChaPoly_Aead* aead,  in wc_ChaCha20Poly1305_Init()  argument
143     if (aead == NULL || inKey == NULL || inIV == NULL) {  in wc_ChaCha20Poly1305_Init()
148     XMEMSET(aead, 0, sizeof(ChaChaPoly_Aead));  in wc_ChaCha20Poly1305_Init()
150     aead->isEncrypt = (byte)isEncrypt;  in wc_ChaCha20Poly1305_Init()
153     ret = wc_Chacha_SetKey(&aead->chacha, inKey,  in wc_ChaCha20Poly1305_Init()
156         ret = wc_Chacha_SetIV(&aead->chacha, inIV,  in wc_ChaCha20Poly1305_Init()
162         ret = wc_Chacha_Process(&aead->chacha, authKey, authKey,  in wc_ChaCha20Poly1305_Init()
168         ret = wc_Poly1305SetKey(&aead->poly, authKey,  in wc_ChaCha20Poly1305_Init()
174         ret = wc_Chacha_SetIV(&aead->chacha, inIV,  in wc_ChaCha20Poly1305_Init()
179         aead->state = CHACHA20_POLY1305_STATE_READY;  in wc_ChaCha20Poly1305_Init()
186 int wc_ChaCha20Poly1305_UpdateAad(ChaChaPoly_Aead* aead,  in wc_ChaCha20Poly1305_UpdateAad()  argument
191     if (aead == NULL || (inAAD == NULL && inAADLen > 0)) {  in wc_ChaCha20Poly1305_UpdateAad()
194     if (aead->state != CHACHA20_POLY1305_STATE_READY &&  in wc_ChaCha20Poly1305_UpdateAad()
195         aead->state != CHACHA20_POLY1305_STATE_AAD) {  in wc_ChaCha20Poly1305_UpdateAad()
198     if (inAADLen > CHACHA20_POLY1305_MAX - aead->aadLen)  in wc_ChaCha20Poly1305_UpdateAad()
202         ret = wc_Poly1305Update(&aead->poly, inAAD, inAADLen);  in wc_ChaCha20Poly1305_UpdateAad()
204             aead->aadLen += inAADLen;  in wc_ChaCha20Poly1305_UpdateAad()
205             aead->state = CHACHA20_POLY1305_STATE_AAD;  in wc_ChaCha20Poly1305_UpdateAad()
213 int wc_ChaCha20Poly1305_UpdateData(ChaChaPoly_Aead* aead,  in wc_ChaCha20Poly1305_UpdateData()  argument
218     if (aead == NULL || inData == NULL || outData == NULL) {  in wc_ChaCha20Poly1305_UpdateData()
221     if (aead->state != CHACHA20_POLY1305_STATE_READY &&  in wc_ChaCha20Poly1305_UpdateData()
222         aead->state != CHACHA20_POLY1305_STATE_AAD &&  in wc_ChaCha20Poly1305_UpdateData()
223         aead->state != CHACHA20_POLY1305_STATE_DATA) {  in wc_ChaCha20Poly1305_UpdateData()
226     if (dataLen > CHACHA20_POLY1305_MAX - aead->dataLen)  in wc_ChaCha20Poly1305_UpdateData()
230     if (aead->state == CHACHA20_POLY1305_STATE_AAD) {  in wc_ChaCha20Poly1305_UpdateData()
231         ret = wc_Poly1305_Pad(&aead->poly, aead->aadLen);  in wc_ChaCha20Poly1305_UpdateData()
235     aead->state = CHACHA20_POLY1305_STATE_DATA;  in wc_ChaCha20Poly1305_UpdateData()
239         if (aead->isEncrypt) {  in wc_ChaCha20Poly1305_UpdateData()
240             ret = wc_Chacha_Process(&aead->chacha, outData, inData, dataLen);  in wc_ChaCha20Poly1305_UpdateData()
242                 ret = wc_Poly1305Update(&aead->poly, outData, dataLen);  in wc_ChaCha20Poly1305_UpdateData()
245             ret = wc_Poly1305Update(&aead->poly, inData, dataLen);  in wc_ChaCha20Poly1305_UpdateData()
247                 ret = wc_Chacha_Process(&aead->chacha, outData, inData, dataLen);  in wc_ChaCha20Poly1305_UpdateData()
251         aead->dataLen += dataLen;  in wc_ChaCha20Poly1305_UpdateData()
256 int wc_ChaCha20Poly1305_Final(ChaChaPoly_Aead* aead,  in wc_ChaCha20Poly1305_Final()  argument
261     if (aead == NULL || outAuthTag == NULL) {  in wc_ChaCha20Poly1305_Final()
264     if (aead->state != CHACHA20_POLY1305_STATE_AAD &&  in wc_ChaCha20Poly1305_Final()
265         aead->state != CHACHA20_POLY1305_STATE_DATA) {  in wc_ChaCha20Poly1305_Final()
270     if (aead->state == CHACHA20_POLY1305_STATE_AAD) {  in wc_ChaCha20Poly1305_Final()
271         ret = wc_Poly1305_Pad(&aead->poly, aead->aadLen);  in wc_ChaCha20Poly1305_Final()
276         ret = wc_Poly1305_Pad(&aead->poly, aead->dataLen);  in wc_ChaCha20Poly1305_Final()
281         ret = wc_Poly1305_EncodeSizes(&aead->poly, aead->aadLen,  in wc_ChaCha20Poly1305_Final()
282             aead->dataLen);  in wc_ChaCha20Poly1305_Final()
287         ret = wc_Poly1305Final(&aead->poly, outAuthTag);  in wc_ChaCha20Poly1305_Final()
291     ForceZero(aead, sizeof(ChaChaPoly_Aead));  in wc_ChaCha20Poly1305_Final()
299     ChaChaPoly_Aead *aead,  in wc_XChaCha20Poly1305_Init()  argument
315     if ((ret = wc_XChacha_SetKey(&aead->chacha,  in wc_XChaCha20Poly1305_Init()
324     if ((ret = wc_Chacha_Process(&aead->chacha, authKey, authKey,  in wc_XChaCha20Poly1305_Init()
328     wc_Chacha_purge_current_block(&aead->chacha);  in wc_XChaCha20Poly1305_Init()
331     if ((ret = wc_Poly1305SetKey(&aead->poly, authKey,  in wc_XChaCha20Poly1305_Init()
335     if ((ret = wc_Poly1305Update(&aead->poly, ad, (word32)ad_len)) < 0)  in wc_XChaCha20Poly1305_Init()
338     if ((ret = wc_Poly1305_Pad(&aead->poly, (word32)ad_len)) < 0)  in wc_XChaCha20Poly1305_Init()
341     aead->isEncrypt = (byte)isEncrypt;  in wc_XChaCha20Poly1305_Init()
342     aead->state = CHACHA20_POLY1305_STATE_AAD;  in wc_XChaCha20Poly1305_Init()
363     ChaChaPoly_Aead *aead = (ChaChaPoly_Aead *)XMALLOC(sizeof *aead, NULL, DYNAMIC_TYPE_TMP_BUFFER);  in wc_XChaCha20Poly1305_crypt_oneshot()  local
365     if (aead == NULL)  in wc_XChaCha20Poly1305_crypt_oneshot()
368     ChaChaPoly_Aead aead_buf, *aead = &aead_buf;  in wc_XChaCha20Poly1305_crypt_oneshot()  local
381     if ((ret = wc_XChaCha20Poly1305_Init(aead, ad, (word32)ad_len,  in wc_XChaCha20Poly1305_crypt_oneshot()
398         if ((ret = wc_Chacha_Process(&aead->chacha, dst_i, src_i, this_src_len)) < 0)  in wc_XChaCha20Poly1305_crypt_oneshot()
401         if ((ret = wc_Poly1305Update(&aead->poly, isEncrypt ? dst_i : src_i, this_src_len)) < 0)  in wc_XChaCha20Poly1305_crypt_oneshot()
409     if (aead->poly.leftover) {  in wc_XChaCha20Poly1305_crypt_oneshot()
410         if ((ret = wc_Poly1305_Pad(&aead->poly, (word32)aead->poly.leftover)) < 0)  in wc_XChaCha20Poly1305_crypt_oneshot()
415     ret = wc_Poly1305_EncodeSizes64(&aead->poly, ad_len, isEncrypt ? src_len : (size_t)dst_len);  in wc_XChaCha20Poly1305_crypt_oneshot()
417     ret = wc_Poly1305_EncodeSizes(&aead->poly, ad_len, isEncrypt ? src_len : (size_t)dst_len);  in wc_XChaCha20Poly1305_crypt_oneshot()
423         ret = wc_Poly1305Final(&aead->poly, dst + src_len);  in wc_XChaCha20Poly1305_crypt_oneshot()
427         if ((ret = wc_Poly1305Final(&aead->poly, outAuthTag)) < 0)  in wc_XChaCha20Poly1305_crypt_oneshot()
438     ForceZero(aead, sizeof *aead);  in wc_XChaCha20Poly1305_crypt_oneshot()
441     XFREE(aead, NULL, DYNAMIC_TYPE_TMP_BUFFER);  in wc_XChaCha20Poly1305_crypt_oneshot()