1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
#ifndef _CRYPTO_GCM_H
#define _CRYPTO_GCM_H
#include <linux/errno.h>
#include <crypto/aes.h>
#include <crypto/gf128mul.h>
#define GCM_AES_IV_SIZE 12
#define GCM_RFC4106_IV_SIZE 8
#define GCM_RFC4543_IV_SIZE 8
/*
* validate authentication tag for GCM
*/
static inline int crypto_gcm_check_authsize(unsigned int authsize)
{
switch (authsize) {
case 4:
case 8:
case 12:
case 13:
case 14:
case 15:
case 16:
break;
default:
return -EINVAL;
}
return 0;
}
/*
* validate authentication tag for RFC4106
*/
static inline int crypto_rfc4106_check_authsize(unsigned int authsize)
{
switch (authsize) {
case 8:
case 12:
case 16:
break;
default:
return -EINVAL;
}
return 0;
}
/*
* validate assoclen for RFC4106/RFC4543
*/
static inline int crypto_ipsec_check_assoclen(unsigned int assoclen)
{
switch (assoclen) {
case 16:
case 20:
break;
default:
return -EINVAL;
}
return 0;
}
struct aesgcm_ctx {
be128 ghash_key;
struct crypto_aes_ctx aes_ctx;
unsigned int authsize;
};
int aesgcm_expandkey(struct aesgcm_ctx *ctx, const u8 *key,
unsigned int keysize, unsigned int authsize);
void aesgcm_encrypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src,
int crypt_len, const u8 *assoc, int assoc_len,
const u8 iv[GCM_AES_IV_SIZE], u8 *authtag);
bool __must_check aesgcm_decrypt(const struct aesgcm_ctx *ctx, u8 *dst,
const u8 *src, int crypt_len, const u8 *assoc,
int assoc_len, const u8 iv[GCM_AES_IV_SIZE],
const u8 *authtag);
#endif
|
