205 	if (aes_siv_encrypt(auth->k1, auth->curve->hash_len, clear, siv_len,  in dpp_auth_build_req()
391 	if (aes_siv_encrypt(siv_key, auth->curve->hash_len, clear, siv_len,  in dpp_auth_build_resp()
443 		nonce_len = auth->curve->nonce_len;  in dpp_auth_build_resp_ok()
451 	nonce_len = auth->curve->nonce_len;  in dpp_auth_build_resp_ok()
470 		auth->own_protocol_key = dpp_gen_keypair(auth->curve);  in dpp_auth_build_resp_ok()
473 	auth->own_protocol_key = dpp_gen_keypair(auth->curve);  in dpp_auth_build_resp_ok()
492 			  auth->curve->hash_len) < 0)  in dpp_auth_build_resp_ok()
506 	WPA_PUT_LE16(&r_auth[2], auth->curve->hash_len);  in dpp_auth_build_resp_ok()
512 		r_auth[4 + auth->curve->hash_len / 2] ^= 0x01;  in dpp_auth_build_resp_ok()
515 	if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,  in dpp_auth_build_resp_ok()
516 			    r_auth, 4 + auth->curve->hash_len,  in dpp_auth_build_resp_ok()
519 	wrapped_r_auth_len = 4 + auth->curve->hash_len + AES_BLOCK_SIZE;  in dpp_auth_build_resp_ok()
564 		pr = wpabuf_alloc(2 * auth->curve->prime_len);  in dpp_auth_build_resp_ok()
565 		if (!pr || dpp_test_gen_invalid_key(pr, auth->curve) < 0)  in dpp_auth_build_resp_ok()
656 	msg = dpp_auth_build_resp(auth, status, NULL, auth->curve->nonce_len,  in dpp_auth_build_resp_status()
717 	auth->curve = own_bi->curve;  in dpp_auth_req_rx()
791 			  auth->curve->hash_len) < 0)  in dpp_auth_req_rx()
806 	if (aes_siv_decrypt(auth->k1, auth->curve->hash_len,  in dpp_auth_req_rx()
822 	if (!i_nonce || i_nonce_len != auth->curve->nonce_len) {  in dpp_auth_req_rx()
976 	i_auth_len = 4 + auth->curve->hash_len;  in dpp_auth_build_conf()
977 	r_nonce_len = 4 + auth->curve->nonce_len;  in dpp_auth_build_conf()
1077 		WPA_PUT_LE16(&i_auth[2], auth->curve->hash_len);  in dpp_auth_build_conf()
1084 			i_auth[4 + auth->curve->hash_len / 2] ^= 0x01;  in dpp_auth_build_conf()
1088 		if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,  in dpp_auth_build_conf()
1101 		WPA_PUT_LE16(&r_nonce[2], auth->curve->nonce_len);  in dpp_auth_build_conf()
1102 		os_memcpy(r_nonce + 4, auth->r_nonce, auth->curve->nonce_len);  in dpp_auth_build_conf()
1104 		if (aes_siv_encrypt(auth->k2, auth->curve->hash_len,  in dpp_auth_build_conf()
1145 	if (dpp_keygen(bi, auth->peer_bi->curve->name, NULL, 0) < 0 ||  in dpp_autogen_bootstrap_key()
1190 	auth->curve = peer_bi->curve;  in dpp_auth_init()
1202 		nonce_len = auth->curve->nonce_len;  in dpp_auth_init()
1210 	nonce_len = auth->curve->nonce_len;  in dpp_auth_init()
1228 		auth->own_protocol_key = dpp_gen_keypair(auth->curve);  in dpp_auth_init()
1231 	auth->own_protocol_key = dpp_gen_keypair(auth->curve);  in dpp_auth_init()
1251 			  auth->curve->hash_len) < 0)  in dpp_auth_init()
1283 		pi = wpabuf_alloc(2 * auth->curve->prime_len);  in dpp_auth_init()
1284 		if (!pi || dpp_test_gen_invalid_key(pi, auth->curve) < 0)  in dpp_auth_init()
1343 	if (aes_siv_decrypt(auth->k1, auth->curve->hash_len,  in dpp_auth_resp_rx_status()
1359 	if (!i_nonce || i_nonce_len != auth->curve->nonce_len) {  in dpp_auth_resp_rx_status()
1577 			  auth->curve->hash_len) < 0)  in dpp_auth_resp_rx()
1592 	if (aes_siv_decrypt(auth->k2, auth->curve->hash_len,  in dpp_auth_resp_rx()
1608 	if (!r_nonce || r_nonce_len != auth->curve->nonce_len) {  in dpp_auth_resp_rx()
1617 	if (!i_nonce || i_nonce_len != auth->curve->nonce_len) {  in dpp_auth_resp_rx()
1683 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,  in dpp_auth_resp_rx()
1700 	if (!r_auth || r_auth_len != auth->curve->hash_len) {  in dpp_auth_resp_rx()
1774 	if (aes_siv_decrypt(auth->k2, auth->curve->hash_len,  in dpp_auth_conf_rx_failure()
1790 	if (!r_nonce || r_nonce_len != auth->curve->nonce_len) {  in dpp_auth_conf_rx_failure()
1936 	if (aes_siv_decrypt(auth->ke, auth->curve->hash_len,  in dpp_auth_conf_rx()
1952 	if (!i_auth || i_auth_len != auth->curve->hash_len) {  in dpp_auth_conf_rx()