mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2026-03-03 18:28:01 +01:00
bc79efa08c
Switch from the old AES library functions (which use struct crypto_aes_ctx) to the new ones (which use struct aes_enckey). This eliminates the unnecessary computation and caching of the decryption round keys. The new AES en/decryption functions are also much faster and use AES instructions when supported by the CPU. Note that in addition to the change in the key preparation function and the key struct type itself, the change in the type of the key struct results in aes_encrypt() (which is temporarily a type-generic macro) calling the new encryption function rather than the old one. Acked-by: Ard Biesheuvel <ardb@kernel.org> Link: https://lore.kernel.org/r/20260112192035.10427-34-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@kernel.org>
86 lines
1.5 KiB
C
86 lines
1.5 KiB
C
#ifndef _CRYPTO_GCM_H
|
|
#define _CRYPTO_GCM_H
|
|
|
|
#include <linux/errno.h>
|
|
|
|
#include <crypto/aes.h>
|
|
#include <crypto/gf128mul.h>
|
|
|
|
#define GCM_AES_IV_SIZE 12
|
|
#define GCM_RFC4106_IV_SIZE 8
|
|
#define GCM_RFC4543_IV_SIZE 8
|
|
|
|
/*
|
|
* validate authentication tag for GCM
|
|
*/
|
|
static inline int crypto_gcm_check_authsize(unsigned int authsize)
|
|
{
|
|
switch (authsize) {
|
|
case 4:
|
|
case 8:
|
|
case 12:
|
|
case 13:
|
|
case 14:
|
|
case 15:
|
|
case 16:
|
|
break;
|
|
default:
|
|
return -EINVAL;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* validate authentication tag for RFC4106
|
|
*/
|
|
static inline int crypto_rfc4106_check_authsize(unsigned int authsize)
|
|
{
|
|
switch (authsize) {
|
|
case 8:
|
|
case 12:
|
|
case 16:
|
|
break;
|
|
default:
|
|
return -EINVAL;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* validate assoclen for RFC4106/RFC4543
|
|
*/
|
|
static inline int crypto_ipsec_check_assoclen(unsigned int assoclen)
|
|
{
|
|
switch (assoclen) {
|
|
case 16:
|
|
case 20:
|
|
break;
|
|
default:
|
|
return -EINVAL;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
struct aesgcm_ctx {
|
|
be128 ghash_key;
|
|
struct aes_enckey aes_key;
|
|
unsigned int authsize;
|
|
};
|
|
|
|
int aesgcm_expandkey(struct aesgcm_ctx *ctx, const u8 *key,
|
|
unsigned int keysize, unsigned int authsize);
|
|
|
|
void aesgcm_encrypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src,
|
|
int crypt_len, const u8 *assoc, int assoc_len,
|
|
const u8 iv[GCM_AES_IV_SIZE], u8 *authtag);
|
|
|
|
bool __must_check aesgcm_decrypt(const struct aesgcm_ctx *ctx, u8 *dst,
|
|
const u8 *src, int crypt_len, const u8 *assoc,
|
|
int assoc_len, const u8 iv[GCM_AES_IV_SIZE],
|
|
const u8 *authtag);
|
|
|
|
#endif
|