| #ifndef _CRYPTO_GCM_H |
| #define _CRYPTO_GCM_H |
| |
| #include <linux/errno.h> |
| |
| #include <crypto/aes.h> |
| #include <crypto/gf128mul.h> |
| |
| #define GCM_AES_IV_SIZE 12 |
| #define GCM_RFC4106_IV_SIZE 8 |
| #define GCM_RFC4543_IV_SIZE 8 |
| |
| /* |
| * validate authentication tag for GCM |
| */ |
| static inline int crypto_gcm_check_authsize(unsigned int authsize) |
| { |
| switch (authsize) { |
| case 4: |
| case 8: |
| case 12: |
| case 13: |
| case 14: |
| case 15: |
| case 16: |
| break; |
| default: |
| return -EINVAL; |
| } |
| |
| return 0; |
| } |
| |
| /* |
| * validate authentication tag for RFC4106 |
| */ |
| static inline int crypto_rfc4106_check_authsize(unsigned int authsize) |
| { |
| switch (authsize) { |
| case 8: |
| case 12: |
| case 16: |
| break; |
| default: |
| return -EINVAL; |
| } |
| |
| return 0; |
| } |
| |
| /* |
| * validate assoclen for RFC4106/RFC4543 |
| */ |
| static inline int crypto_ipsec_check_assoclen(unsigned int assoclen) |
| { |
| switch (assoclen) { |
| case 16: |
| case 20: |
| break; |
| default: |
| return -EINVAL; |
| } |
| |
| return 0; |
| } |
| |
| struct aesgcm_ctx { |
| be128 ghash_key; |
| struct crypto_aes_ctx aes_ctx; |
| unsigned int authsize; |
| }; |
| |
| int aesgcm_expandkey(struct aesgcm_ctx *ctx, const u8 *key, |
| unsigned int keysize, unsigned int authsize); |
| |
| void aesgcm_encrypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src, |
| int crypt_len, const u8 *assoc, int assoc_len, |
| const u8 iv[GCM_AES_IV_SIZE], u8 *authtag); |
| |
| bool __must_check aesgcm_decrypt(const struct aesgcm_ctx *ctx, u8 *dst, |
| const u8 *src, int crypt_len, const u8 *assoc, |
| int assoc_len, const u8 iv[GCM_AES_IV_SIZE], |
| const u8 *authtag); |
| |
| #endif |
