86 lines
1.5 KiB
C
86 lines
1.5 KiB
C
#ifndef _CRYPTO_GCM_H
|
|
#define _CRYPTO_GCM_H
|
|
|
|
#include <linux/errno.h>
|
|
|
|
#include <crypto/aes.h>
|
|
#include <crypto/gf128mul.h>
|
|
|
|
#define GCM_AES_IV_SIZE 12
|
|
#define GCM_RFC4106_IV_SIZE 8
|
|
#define GCM_RFC4543_IV_SIZE 8
|
|
|
|
/*
|
|
* validate authentication tag for GCM
|
|
*/
|
|
static inline int crypto_gcm_check_authsize(unsigned int authsize)
|
|
{
|
|
switch (authsize) {
|
|
case 4:
|
|
case 8:
|
|
case 12:
|
|
case 13:
|
|
case 14:
|
|
case 15:
|
|
case 16:
|
|
break;
|
|
default:
|
|
return -EINVAL;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* validate authentication tag for RFC4106
|
|
*/
|
|
static inline int crypto_rfc4106_check_authsize(unsigned int authsize)
|
|
{
|
|
switch (authsize) {
|
|
case 8:
|
|
case 12:
|
|
case 16:
|
|
break;
|
|
default:
|
|
return -EINVAL;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* validate assoclen for RFC4106/RFC4543
|
|
*/
|
|
static inline int crypto_ipsec_check_assoclen(unsigned int assoclen)
|
|
{
|
|
switch (assoclen) {
|
|
case 16:
|
|
case 20:
|
|
break;
|
|
default:
|
|
return -EINVAL;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
struct aesgcm_ctx {
|
|
be128 ghash_key;
|
|
struct crypto_aes_ctx aes_ctx;
|
|
unsigned int authsize;
|
|
};
|
|
|
|
int aesgcm_expandkey(struct aesgcm_ctx *ctx, const u8 *key,
|
|
unsigned int keysize, unsigned int authsize);
|
|
|
|
void aesgcm_encrypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src,
|
|
int crypt_len, const u8 *assoc, int assoc_len,
|
|
const u8 iv[GCM_AES_IV_SIZE], u8 *authtag);
|
|
|
|
bool __must_check aesgcm_decrypt(const struct aesgcm_ctx *ctx, u8 *dst,
|
|
const u8 *src, int crypt_len, const u8 *assoc,
|
|
int assoc_len, const u8 iv[GCM_AES_IV_SIZE],
|
|
const u8 *authtag);
|
|
|
|
#endif
|