1ef780324SCorentin LABBE #ifndef _CRYPTO_GCM_H 2ef780324SCorentin LABBE #define _CRYPTO_GCM_H 3ef780324SCorentin LABBE 465526f63SIuliana Prodan #include <linux/errno.h> 565526f63SIuliana Prodan 6*520af5daSArd Biesheuvel #include <crypto/aes.h> 7*520af5daSArd Biesheuvel #include <crypto/gf128mul.h> 8*520af5daSArd Biesheuvel 9ef780324SCorentin LABBE #define GCM_AES_IV_SIZE 12 10ef780324SCorentin LABBE #define GCM_RFC4106_IV_SIZE 8 11ef780324SCorentin LABBE #define GCM_RFC4543_IV_SIZE 8 12ef780324SCorentin LABBE 1365526f63SIuliana Prodan /* 1465526f63SIuliana Prodan * validate authentication tag for GCM 1565526f63SIuliana Prodan */ 1665526f63SIuliana Prodan static inline int crypto_gcm_check_authsize(unsigned int authsize) 1765526f63SIuliana Prodan { 1865526f63SIuliana Prodan switch (authsize) { 1965526f63SIuliana Prodan case 4: 2065526f63SIuliana Prodan case 8: 2165526f63SIuliana Prodan case 12: 2265526f63SIuliana Prodan case 13: 2365526f63SIuliana Prodan case 14: 2465526f63SIuliana Prodan case 15: 2565526f63SIuliana Prodan case 16: 2665526f63SIuliana Prodan break; 2765526f63SIuliana Prodan default: 2865526f63SIuliana Prodan return -EINVAL; 2965526f63SIuliana Prodan } 3065526f63SIuliana Prodan 3165526f63SIuliana Prodan return 0; 3265526f63SIuliana Prodan } 3365526f63SIuliana Prodan 3465526f63SIuliana Prodan /* 3565526f63SIuliana Prodan * validate authentication tag for RFC4106 3665526f63SIuliana Prodan */ 3765526f63SIuliana Prodan static inline int crypto_rfc4106_check_authsize(unsigned int authsize) 3865526f63SIuliana Prodan { 3965526f63SIuliana Prodan switch (authsize) { 4065526f63SIuliana Prodan case 8: 4165526f63SIuliana Prodan case 12: 4265526f63SIuliana Prodan case 16: 4365526f63SIuliana Prodan break; 4465526f63SIuliana Prodan default: 4565526f63SIuliana Prodan return -EINVAL; 4665526f63SIuliana Prodan } 4765526f63SIuliana Prodan 4865526f63SIuliana Prodan return 0; 4965526f63SIuliana Prodan } 5065526f63SIuliana Prodan 5165526f63SIuliana Prodan /* 5265526f63SIuliana Prodan * validate assoclen for RFC4106/RFC4543 5365526f63SIuliana Prodan */ 5465526f63SIuliana Prodan static inline int crypto_ipsec_check_assoclen(unsigned int assoclen) 5565526f63SIuliana Prodan { 5665526f63SIuliana Prodan switch (assoclen) { 5765526f63SIuliana Prodan case 16: 5865526f63SIuliana Prodan case 20: 5965526f63SIuliana Prodan break; 6065526f63SIuliana Prodan default: 6165526f63SIuliana Prodan return -EINVAL; 6265526f63SIuliana Prodan } 6365526f63SIuliana Prodan 6465526f63SIuliana Prodan return 0; 6565526f63SIuliana Prodan } 66*520af5daSArd Biesheuvel 67*520af5daSArd Biesheuvel struct aesgcm_ctx { 68*520af5daSArd Biesheuvel be128 ghash_key; 69*520af5daSArd Biesheuvel struct crypto_aes_ctx aes_ctx; 70*520af5daSArd Biesheuvel unsigned int authsize; 71*520af5daSArd Biesheuvel }; 72*520af5daSArd Biesheuvel 73*520af5daSArd Biesheuvel int aesgcm_expandkey(struct aesgcm_ctx *ctx, const u8 *key, 74*520af5daSArd Biesheuvel unsigned int keysize, unsigned int authsize); 75*520af5daSArd Biesheuvel 76*520af5daSArd Biesheuvel void aesgcm_encrypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src, 77*520af5daSArd Biesheuvel int crypt_len, const u8 *assoc, int assoc_len, 78*520af5daSArd Biesheuvel const u8 iv[GCM_AES_IV_SIZE], u8 *authtag); 79*520af5daSArd Biesheuvel 80*520af5daSArd Biesheuvel bool __must_check aesgcm_decrypt(const struct aesgcm_ctx *ctx, u8 *dst, 81*520af5daSArd Biesheuvel const u8 *src, int crypt_len, const u8 *assoc, 82*520af5daSArd Biesheuvel int assoc_len, const u8 iv[GCM_AES_IV_SIZE], 83*520af5daSArd Biesheuvel const u8 *authtag); 84*520af5daSArd Biesheuvel 85ef780324SCorentin LABBE #endif 86