• Home
  • Raw
  • Download

Lines Matching +full:aes +full:- +full:gcm

1 // SPDX-License-Identifier: GPL-2.0
3  * Minimal library implementation of GCM
11 #include <crypto/gcm.h>
22 	 * In AES-GCM, both the GHASH key derivation and the CTR mode  in aesgcm_encrypt_block()
24 	 * timing attacks on the encryption key. The AES library already  in aesgcm_encrypt_block()
25 	 * mitigates this risk to some extent by pulling the entire S-box into  in aesgcm_encrypt_block()
35  * aesgcm_expandkey - Expands the AES and GHASH keys for the AES-GCM key
38  * @ctx:	The data structure that will hold the AES-GCM key schedule
39  * @key:	The AES encryption input key
41  * @authsize:	The size in bytes of the GCM authentication tag
43  * Returns: 0 on success, or -EINVAL if @keysize or @authsize contain values
44  * that are not permitted by the GCM specification.
53 	      aes_expandkey(&ctx->aes_ctx, key, keysize);  in aesgcm_expandkey()
57 	ctx->authsize = authsize;  in aesgcm_expandkey()
58 	aesgcm_encrypt_block(&ctx->aes_ctx, &ctx->ghash_key, kin);  in aesgcm_expandkey()
72 		len -= GHASH_BLOCK_SIZE;  in aesgcm_ghash()
83 	aesgcm_ghash(&ghash, &ctx->ghash_key, assoc, assoc_len);  in aesgcm_mac()
84 	aesgcm_ghash(&ghash, &ctx->ghash_key, src, src_len);  in aesgcm_mac()
85 	aesgcm_ghash(&ghash, &ctx->ghash_key, &tail, sizeof(tail));  in aesgcm_mac()
88 	aesgcm_encrypt_block(&ctx->aes_ctx, buf, ctr);  in aesgcm_mac()
89 	crypto_xor_cpy(authtag, buf, (u8 *)&ghash, ctx->authsize);  in aesgcm_mac()
104 		 * carry into the next 32-bit word, as this could result in  in aesgcm_crypt()
106 		 * stream ciphers such as AES-CTR. Given the range of 'int  in aesgcm_crypt()
110 		aesgcm_encrypt_block(&ctx->aes_ctx, buf, ctr);  in aesgcm_crypt()
115 		len -= AES_BLOCK_SIZE;  in aesgcm_crypt()
121  * aesgcm_encrypt - Perform AES-GCM encryption on a block of data
123  * @ctx:	The AES-GCM key schedule
130  *		(must be 12 bytes in size as per the GCM spec recommendation)
133  *		@ctx->authsize bytes.
149  * aesgcm_decrypt - Perform AES-GCM decryption on a block of data
151  * @ctx:	The AES-GCM key schedule
158  *		(must be 12 bytes in size as per the GCM spec recommendation)
176 	if (crypto_memneq(authtag, tagbuf, ctx->authsize)) {  in aesgcm_decrypt()
185 MODULE_DESCRIPTION("Generic AES-GCM library");
558 	{ /* From McGrew & Viega - http://citeseer.ist.psu.edu/656989.html */
690 				     aesgcm_tv[i].clen - plen)) {  in libaesgcm_init()
692 			return -ENODEV;  in libaesgcm_init()
700 			return -ENODEV;  in libaesgcm_init()
708 			return -ENODEV;  in libaesgcm_init()
716 			return -ENODEV;  in libaesgcm_init()