leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity

crypto: gcm - helper functions for assoclen/authsize check

Browse Source 
Added inline helper functions to check authsize and assoclen for
gcm, rfc4106 and rfc4543.
These are used in the generic implementation of gcm, rfc4106 and
rfc4543.

Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Iuliana Prodan 2019-07-31 16:05:54 +03:00 committed by Herbert Xu
parent 1bfaac7c53
commit 65526f638e
2 changed files with 70 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
crypto/gcm.c
View File

@ -152,20 +152,7 @@ out:
static int crypto_gcm_setauthsize(struct crypto_aead *tfm, static int crypto_gcm_setauthsize(struct crypto_aead *tfm,
unsigned int authsize) unsigned int authsize)
{ {
switch (authsize) { return crypto_gcm_check_authsize(authsize);
case 4:
case 8:
case 12:
case 13:
case 14:
case 15:
case 16:
break;
default:
return -EINVAL;
}
return 0;
} }
static void crypto_gcm_init_common(struct aead_request *req) static void crypto_gcm_init_common(struct aead_request *req)
@ -762,15 +749,11 @@ static int crypto_rfc4106_setauthsize(struct crypto_aead *parent,
unsigned int authsize) unsigned int authsize)
{ {
struct crypto_rfc4106_ctx *ctx = crypto_aead_ctx(parent); struct crypto_rfc4106_ctx *ctx = crypto_aead_ctx(parent);
int err;
switch (authsize) { err = crypto_rfc4106_check_authsize(authsize);
case 8: if (err)
case 12: return err;
case 16:
break;
default:
return -EINVAL;
}
return crypto_aead_setauthsize(ctx->child, authsize); return crypto_aead_setauthsize(ctx->child, authsize);
} }
@ -818,8 +801,11 @@ static struct aead_request *crypto_rfc4106_crypt(struct aead_request *req)
static int crypto_rfc4106_encrypt(struct aead_request *req) static int crypto_rfc4106_encrypt(struct aead_request *req)
{ {
if (req->assoclen != 16 && req->assoclen != 20) int err;
return -EINVAL;
err = crypto_ipsec_check_assoclen(req->assoclen);
if (err)
return err;
req = crypto_rfc4106_crypt(req); req = crypto_rfc4106_crypt(req);
@ -828,8 +814,11 @@ static int crypto_rfc4106_encrypt(struct aead_request *req)
static int crypto_rfc4106_decrypt(struct aead_request *req) static int crypto_rfc4106_decrypt(struct aead_request *req)
{ {
if (req->assoclen != 16 && req->assoclen != 20) int err;
return -EINVAL;
err = crypto_ipsec_check_assoclen(req->assoclen);
if (err)
return err;
req = crypto_rfc4106_crypt(req); req = crypto_rfc4106_crypt(req);

55
include/crypto/gcm.h
View File

@ -1,8 +1,63 @@
#ifndef _CRYPTO_GCM_H #ifndef _CRYPTO_GCM_H
#define _CRYPTO_GCM_H #define _CRYPTO_GCM_H
#include <linux/errno.h>
#define GCM_AES_IV_SIZE 12 #define GCM_AES_IV_SIZE 12
#define GCM_RFC4106_IV_SIZE 8 #define GCM_RFC4106_IV_SIZE 8
#define GCM_RFC4543_IV_SIZE 8 #define GCM_RFC4543_IV_SIZE 8
/*
* validate authentication tag for GCM
*/
static inline int crypto_gcm_check_authsize(unsigned int authsize)
{
switch (authsize) {
case 4:
case 8:
case 12:
case 13:
case 14:
case 15:
case 16:
break;
default:
return -EINVAL;
}
return 0;
}
/*
* validate authentication tag for RFC4106
*/
static inline int crypto_rfc4106_check_authsize(unsigned int authsize)
{
switch (authsize) {
case 8:
case 12:
case 16:
break;
default:
return -EINVAL;
}
return 0;
}
/*
* validate assoclen for RFC4106/RFC4543
*/
static inline int crypto_ipsec_check_assoclen(unsigned int assoclen)
{
switch (assoclen) {
case 16:
case 20:
break;
default:
return -EINVAL;
}
return 0;
}
#endif #endif