96 	int rc;  in verify_signature()  local
105 	rc = mbedtls_asn1_get_alg(&p, end, &sig_oid, &sig_params);  in verify_signature()
106 	if (rc != 0) {  in verify_signature()
111 	rc = mbedtls_x509_get_sig_alg(&sig_oid, &sig_params, &md_alg, &pk_alg, &sig_opts);  in verify_signature()
112 	if (rc != 0) {  in verify_signature()
120 	rc = mbedtls_pk_parse_subpubkey(&p, end, &pk);  in verify_signature()
121 	if (rc != 0) {  in verify_signature()
122 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
130 	rc = mbedtls_asn1_get_bitstring_null(&p, end, &signature.len);  in verify_signature()
131 	if ((rc != 0) || ((size_t)(end - p) != signature.len)) {  in verify_signature()
132 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
140 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
144 	rc = mbedtls_md(md_info, p, data_len, hash);  in verify_signature()
145 	if (rc != 0) {  in verify_signature()
146 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
151 	rc = mbedtls_pk_verify_ext(pk_alg, sig_opts, &pk, md_alg, hash,  in verify_signature()
154 	if (rc != 0) {  in verify_signature()
155 		rc = CRYPTO_ERR_SIGNATURE;  in verify_signature()
160 	rc = CRYPTO_SUCCESS;  in verify_signature()
166 	return rc;  in verify_signature()
184 	int rc;  in verify_hash()  local
193 	rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |  in verify_hash()
195 	if (rc != 0) {  in verify_hash()
202 	rc = mbedtls_asn1_get_alg(&p, end, &hash_oid, &params);  in verify_hash()
203 	if (rc != 0) {  in verify_hash()
207 	rc = mbedtls_oid_get_md_alg(&hash_oid, &md_alg);  in verify_hash()
208 	if (rc != 0) {  in verify_hash()
218 	rc = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING);  in verify_hash()
219 	if ((rc != 0) || ((size_t)(end - p) != len)) {  in verify_hash()
231 	rc = mbedtls_md(md_info, p, data_len, data_hash);  in verify_hash()
232 	if (rc != 0) {  in verify_hash()
237 	rc = memcmp(data_hash, hash, mbedtls_md_get_size(md_info));  in verify_hash()
238 	if (rc != 0) {  in verify_hash()
278 	int rc;  in calc_hash()  local
290 	rc = mbedtls_md(md_info, data_ptr, data_len, output);  in calc_hash()
291 	if (rc != 0) {  in calc_hash()
318 	int diff, i, rc;  in aes_gcm_decrypt()  local
323 	rc = mbedtls_gcm_setkey(&ctx, cipher, key, key_len * 8);  in aes_gcm_decrypt()
324 	if (rc != 0) {  in aes_gcm_decrypt()
325 		rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
330 	rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len, NULL, 0);  in aes_gcm_decrypt()
332 	rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len);  in aes_gcm_decrypt()
334 	if (rc != 0) {  in aes_gcm_decrypt()
335 		rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
343 		rc = mbedtls_gcm_update(&ctx, dec_len, pt, buf);  in aes_gcm_decrypt()
345 		rc = mbedtls_gcm_update(&ctx, pt, dec_len, buf, sizeof(buf), &output_length);  in aes_gcm_decrypt()
348 		if (rc != 0) {  in aes_gcm_decrypt()
349 			rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
359 	rc = mbedtls_gcm_finish(&ctx, tag_buf, sizeof(tag_buf));  in aes_gcm_decrypt()
361 	rc = mbedtls_gcm_finish(&ctx, NULL, 0, &output_length, tag_buf, sizeof(tag_buf));  in aes_gcm_decrypt()
364 	if (rc != 0) {  in aes_gcm_decrypt()
365 		rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
374 		rc = CRYPTO_ERR_DECRYPTION;  in aes_gcm_decrypt()
379 	rc = CRYPTO_SUCCESS;  in aes_gcm_decrypt()
383 	return rc;  in aes_gcm_decrypt()
395 	int rc;  in auth_decrypt()  local
401 		rc = aes_gcm_decrypt(data_ptr, len, key, key_len, iv, iv_len,  in auth_decrypt()
403 		if (rc != 0)  in auth_decrypt()
404 			return rc;  in auth_decrypt()