aesgcm.c - OpenGrok cross reference for /linux/lib/crypto/aesgcm.c

Lines Matching +full:aes +full:- +full:gcm
1 // SPDX-License-Identifier: GPL-2.0
3  * Minimal library implementation of GCM
11 #include <crypto/gcm.h>
22 	 * In AES-GCM, both the GHASH key derivation and the CTR mode
24 	 * timing attacks on the encryption key. The AES library already
25 	 * mitigates this risk to some extent by pulling the entire S-box into
35  * aesgcm_expandkey - Expands the AES and GHASH keys for the AES-GCM key
38  * @ctx:	The data structure that will hold the AES-GCM key schedule
39  * @key:	The AES encryption input key
41  * @authsize:	The size in bytes of the GCM authentication tag
43  * Returns: 0 on success, or -EINVAL if @keysize or @authsize contain values
44  * that are not permitted by the GCM specification.
53 	      aes_expandkey(&ctx->aes_ctx, key, keysize);
57 	ctx->authsize = authsize;
58 	aesgcm_encrypt_block(&ctx->aes_ctx, &ctx->ghash_key, kin);
72 		len -= GHASH_BLOCK_SIZE;
77  * aesgcm_mac - Generates the authentication tag using AES-GCM algorithm.
78  * @ctx: The data structure that will hold the AES-GCM key schedule
86  * It takes in the AES-GCM context, source data, associated data, counter value,
96 	aesgcm_ghash(&ghash, &ctx->ghash_key, assoc, assoc_len);
97 	aesgcm_ghash(&ghash, &ctx->ghash_key, src, src_len);
98 	aesgcm_ghash(&ghash, &ctx->ghash_key, &tail, sizeof(tail));
101 	aesgcm_encrypt_block(&ctx->aes_ctx, buf, ctr);
102 	crypto_xor_cpy(authtag, buf, (u8 *)&ghash, ctx->authsize);
117 		 * carry into the next 32-bit word, as this could result in
119 		 * stream ciphers such as AES-CTR. Given the range of 'int
123 		aesgcm_encrypt_block(&ctx->aes_ctx, buf, ctr);
128 		len -= AES_BLOCK_SIZE;
134  * aesgcm_encrypt - Perform AES-GCM encryption on a block of data
136  * @ctx:	The AES-GCM key schedule
143  *		(must be 12 bytes in size as per the GCM spec recommendation)
146  *		@ctx->authsize bytes.
162  * aesgcm_decrypt - Perform AES-GCM decryption on a block of data
164  * @ctx:	The AES-GCM key schedule
171  *		(must be 12 bytes in size as per the GCM spec recommendation)
189 	if (crypto_memneq(authtag, tagbuf, ctx->authsize)) {
198 MODULE_DESCRIPTION("Generic AES-GCM library");
571 	{ /* From McGrew & Viega - http://citeseer.ist.psu.edu/656989.html */
703 				     aesgcm_tv[i].clen - plen)) {
705 			return -ENODEV;
713 			return -ENODEV;
721 			return -ENODEV;
729 			return -ENODEV;