Split mbedtls_gcm_init() -> gcm_setkey()
diff --git a/ChangeLog b/ChangeLog
index 69d7e19..7a9570e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,6 +16,7 @@
    * The following _init() functions that could return errors have
      been split into an _init() that returns void and another function:
      mbedtls_ccm_init() -> mbedtls_ccm_setkey()
+     mbedtls_gcm_init() -> mbedtls_gcm_setkey()
    * In the threading layer, mbedtls_mutex_init() and mbedtls_mutex_free() now
      return void.
    * ecdsa_write_signature() gained an addtional md_alg argument and
diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h
index 1e153f2..c2f6d68 100644
--- a/include/mbedtls/gcm.h
+++ b/include/mbedtls/gcm.h
@@ -55,6 +55,15 @@
 mbedtls_gcm_context;
 
 /**
+ * \brief           Initialize GCM context (just makes references valid)
+ *                  Makes the context ready for mbedtls_gcm_setkey() or
+ *                  mbedtls_gcm_free().
+ *
+ * \param ctx       GCM context to initialize
+ */
+void mbedtls_gcm_init( mbedtls_gcm_context *ctx );
+
+/**
  * \brief           GCM initialization (encryption)
  *
  * \param ctx       GCM context to be initialized
@@ -64,8 +73,10 @@
  *
  * \return          0 if successful, or a cipher specific error code
  */
-int mbedtls_gcm_init( mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key,
-              unsigned int keysize );
+int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
+                        mbedtls_cipher_id_t cipher,
+                        const unsigned char *key,
+                        unsigned int keysize );
 
 /**
  * \brief           GCM buffer encryption/decryption using a block cipher
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index eb291b6..be892cc 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -332,7 +332,7 @@
 static int gcm_aes_setkey_wrap( void *ctx, const unsigned char *key,
                                 unsigned int key_length )
 {
-    return mbedtls_gcm_init( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
+    return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_AES,
                      key, key_length );
 }
 
@@ -689,7 +689,7 @@
 static int gcm_camellia_setkey_wrap( void *ctx, const unsigned char *key,
                                      unsigned int key_length )
 {
-    return mbedtls_gcm_init( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
+    return mbedtls_gcm_setkey( (mbedtls_gcm_context *) ctx, MBEDTLS_CIPHER_ID_CAMELLIA,
                      key, key_length );
 }
 
diff --git a/library/gcm.c b/library/gcm.c
index fe7cf72..58cb4f2 100644
--- a/library/gcm.c
+++ b/library/gcm.c
@@ -84,6 +84,14 @@
 }
 
 /*
+ * Initialize a context
+ */
+void mbedtls_gcm_init( mbedtls_gcm_context *ctx )
+{
+    memset( ctx, 0, sizeof( mbedtls_gcm_context ) );
+}
+
+/*
  * Precompute small multiples of H, that is set
  *      HH[i] || HL[i] = H times i,
  * where i is seen as a field element as in [MGV], ie high-order bits
@@ -151,8 +159,10 @@
     return( 0 );
 }
 
-int mbedtls_gcm_init( mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key,
-              unsigned int keysize )
+int mbedtls_gcm_setkey( mbedtls_gcm_context *ctx,
+                        mbedtls_cipher_id_t cipher,
+                        const unsigned char *key,
+                        unsigned int keysize )
 {
     int ret;
     const mbedtls_cipher_info_t *cipher_info;
@@ -736,6 +746,8 @@
     int i, j, ret;
     mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
 
+    mbedtls_gcm_init( &ctx );
+
     for( j = 0; j < 3; j++ )
     {
         int key_len = 128 + 64 * j;
@@ -746,7 +758,7 @@
                 mbedtls_printf( "  AES-GCM-%3d #%d (%s): ",
                                  key_len, i, "enc" );
 
-            mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
+            mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
 
             ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
                                      pt_len[i],
@@ -773,7 +785,7 @@
                 mbedtls_printf( "  AES-GCM-%3d #%d (%s): ",
                                  key_len, i, "dec" );
 
-            mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
+            mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
 
             ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
                                      pt_len[i],
@@ -800,7 +812,7 @@
                 mbedtls_printf( "  AES-GCM-%3d #%d split (%s): ",
                                  key_len, i, "enc" );
 
-            mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
+            mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
 
             ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
                               iv[iv_index[i]], iv_len[i],
@@ -867,7 +879,7 @@
                 mbedtls_printf( "  AES-GCM-%3d #%d split (%s): ",
                                  key_len, i, "dec" );
 
-            mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
+            mbedtls_gcm_setkey( &ctx, cipher, key[key_index[i]], key_len );
 
             ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
                               iv[iv_index[i]], iv_len[i],
diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c
index afb4652..db98bd6 100644
--- a/programs/test/benchmark.c
+++ b/programs/test/benchmark.c
@@ -412,13 +412,15 @@
     {
         int keysize;
         mbedtls_gcm_context gcm;
+
+        mbedtls_gcm_init( &gcm );
         for( keysize = 128; keysize <= 256; keysize += 64 )
         {
             mbedtls_snprintf( title, sizeof( title ), "AES-GCM-%d", keysize );
 
             memset( buf, 0, sizeof( buf ) );
             memset( tmp, 0, sizeof( tmp ) );
-            mbedtls_gcm_init( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
+            mbedtls_gcm_setkey( &gcm, MBEDTLS_CIPHER_ID_AES, tmp, keysize );
 
             TIME_AND_TSC( title,
                     mbedtls_gcm_crypt_and_tag( &gcm, MBEDTLS_GCM_ENCRYPT, BUFSIZE, tmp,
diff --git a/tests/suites/test_suite_gcm.function b/tests/suites/test_suite_gcm.function
index 6dd489d..9d841dc 100644
--- a/tests/suites/test_suite_gcm.function
+++ b/tests/suites/test_suite_gcm.function
@@ -26,6 +26,8 @@
     unsigned int key_len;
     size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
 
+    mbedtls_gcm_init( &ctx );
+
     memset(key_str, 0x00, 128);
     memset(src_str, 0x00, 128);
     memset(dst_str, 0x00, 257);
@@ -40,7 +42,7 @@
     iv_len = unhexify( iv_str, hex_iv_string );
     add_len = unhexify( add_str, hex_add_string );
 
-    TEST_ASSERT( mbedtls_gcm_init( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
+    TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
     if( init_result == 0 )
     {
         TEST_ASSERT( mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT, pt_len, iv_str, iv_len, add_str, add_len, src_str, output, tag_len, tag_output ) == 0 );
@@ -75,6 +77,8 @@
     size_t pt_len, iv_len, add_len, tag_len = tag_len_bits / 8;
     int ret;
 
+    mbedtls_gcm_init( &ctx );
+
     memset(key_str, 0x00, 128);
     memset(src_str, 0x00, 128);
     memset(dst_str, 0x00, 257);
@@ -89,7 +93,7 @@
     add_len = unhexify( add_str, hex_add_string );
     unhexify( tag_str, hex_tag_string );
 
-    TEST_ASSERT( mbedtls_gcm_init( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
+    TEST_ASSERT( mbedtls_gcm_setkey( &ctx, cipher_id, key_str, key_len * 8 ) == init_result );
     if( init_result == 0 )
     {
         ret = mbedtls_gcm_auth_decrypt( &ctx, pt_len, iv_str, iv_len, add_str, add_len, tag_str, tag_len, src_str, output );