gcm.h 1.5 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485
  1. #ifndef _CRYPTO_GCM_H
  2. #define _CRYPTO_GCM_H
  3. #include <linux/errno.h>
  4. #include <crypto/aes.h>
  5. #include <crypto/gf128mul.h>
  6. #define GCM_AES_IV_SIZE 12
  7. #define GCM_RFC4106_IV_SIZE 8
  8. #define GCM_RFC4543_IV_SIZE 8
  9. /*
  10. * validate authentication tag for GCM
  11. */
  12. static inline int crypto_gcm_check_authsize(unsigned int authsize)
  13. {
  14. switch (authsize) {
  15. case 4:
  16. case 8:
  17. case 12:
  18. case 13:
  19. case 14:
  20. case 15:
  21. case 16:
  22. break;
  23. default:
  24. return -EINVAL;
  25. }
  26. return 0;
  27. }
  28. /*
  29. * validate authentication tag for RFC4106
  30. */
  31. static inline int crypto_rfc4106_check_authsize(unsigned int authsize)
  32. {
  33. switch (authsize) {
  34. case 8:
  35. case 12:
  36. case 16:
  37. break;
  38. default:
  39. return -EINVAL;
  40. }
  41. return 0;
  42. }
  43. /*
  44. * validate assoclen for RFC4106/RFC4543
  45. */
  46. static inline int crypto_ipsec_check_assoclen(unsigned int assoclen)
  47. {
  48. switch (assoclen) {
  49. case 16:
  50. case 20:
  51. break;
  52. default:
  53. return -EINVAL;
  54. }
  55. return 0;
  56. }
  57. struct aesgcm_ctx {
  58. be128 ghash_key;
  59. struct aes_enckey aes_key;
  60. unsigned int authsize;
  61. };
  62. int aesgcm_expandkey(struct aesgcm_ctx *ctx, const u8 *key,
  63. unsigned int keysize, unsigned int authsize);
  64. void aesgcm_encrypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src,
  65. int crypt_len, const u8 *assoc, int assoc_len,
  66. const u8 iv[GCM_AES_IV_SIZE], u8 *authtag);
  67. bool __must_check aesgcm_decrypt(const struct aesgcm_ctx *ctx, u8 *dst,
  68. const u8 *src, int crypt_len, const u8 *assoc,
  69. int assoc_len, const u8 iv[GCM_AES_IV_SIZE],
  70. const u8 *authtag);
  71. #endif