tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
crypto: gcm - helper functions for assoclen/authsize check
Added inline helper functions to check authsize and assoclen for
gcm, rfc4106 and rfc4543.
These are used in the generic implementation of gcm, rfc4106 and
rfc4543.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
authored by
Iuliana Prodan
and committed by
Herbert Xu
65526f63
1bfaac7c
+70
-26
+15
-26
crypto/gcm.c
+15
-26
crypto/gcm.c
···
152
152
static int crypto_gcm_setauthsize(struct crypto_aead *tfm,
153
153
unsigned int authsize)
154
154
{
155
-
switch (authsize) {
156
-
case 4:
157
-
case 8:
158
-
case 12:
159
-
case 13:
160
-
case 14:
161
-
case 15:
162
-
case 16:
163
-
break;
164
-
default:
165
-
return -EINVAL;
166
-
}
167
-
168
-
return 0;
155
+
return crypto_gcm_check_authsize(authsize);
169
156
}
170
157
171
158
static void crypto_gcm_init_common(struct aead_request *req)
···
749
762
unsigned int authsize)
750
763
{
751
764
struct crypto_rfc4106_ctx *ctx = crypto_aead_ctx(parent);
765
+
int err;
752
766
753
-
switch (authsize) {
754
-
case 8:
755
-
case 12:
756
-
case 16:
757
-
break;
758
-
default:
759
-
return -EINVAL;
760
-
}
767
+
err = crypto_rfc4106_check_authsize(authsize);
768
+
if (err)
769
+
return err;
761
770
762
771
return crypto_aead_setauthsize(ctx->child, authsize);
763
772
}
···
801
818
802
819
static int crypto_rfc4106_encrypt(struct aead_request *req)
803
820
{
804
-
if (req->assoclen != 16 && req->assoclen != 20)
805
-
return -EINVAL;
821
+
int err;
822
+
823
+
err = crypto_ipsec_check_assoclen(req->assoclen);
824
+
if (err)
825
+
return err;
806
826
807
827
req = crypto_rfc4106_crypt(req);
808
828
···
814
828
815
829
static int crypto_rfc4106_decrypt(struct aead_request *req)
816
830
{
817
-
if (req->assoclen != 16 && req->assoclen != 20)
818
-
return -EINVAL;
831
+
int err;
832
+
833
+
err = crypto_ipsec_check_assoclen(req->assoclen);
834
+
if (err)
835
+
return err;
819
836
820
837
req = crypto_rfc4106_crypt(req);
821
838
+55
include/crypto/gcm.h
+55
include/crypto/gcm.h
···
1
1
#ifndef _CRYPTO_GCM_H
2
2
#define _CRYPTO_GCM_H
3
3
4
+
#include <linux/errno.h>
5
+
4
6
#define GCM_AES_IV_SIZE 12
5
7
#define GCM_RFC4106_IV_SIZE 8
6
8
#define GCM_RFC4543_IV_SIZE 8
7
9
10
+
/*
11
+
* validate authentication tag for GCM
12
+
*/
13
+
static inline int crypto_gcm_check_authsize(unsigned int authsize)
14
+
{
15
+
switch (authsize) {
16
+
case 4:
17
+
case 8:
18
+
case 12:
19
+
case 13:
20
+
case 14:
21
+
case 15:
22
+
case 16:
23
+
break;
24
+
default:
25
+
return -EINVAL;
26
+
}
27
+
28
+
return 0;
29
+
}
30
+
31
+
/*
32
+
* validate authentication tag for RFC4106
33
+
*/
34
+
static inline int crypto_rfc4106_check_authsize(unsigned int authsize)
35
+
{
36
+
switch (authsize) {
37
+
case 8:
38
+
case 12:
39
+
case 16:
40
+
break;
41
+
default:
42
+
return -EINVAL;
43
+
}
44
+
45
+
return 0;
46
+
}
47
+
48
+
/*
49
+
* validate assoclen for RFC4106/RFC4543
50
+
*/
51
+
static inline int crypto_ipsec_check_assoclen(unsigned int assoclen)
52
+
{
53
+
switch (assoclen) {
54
+
case 16:
55
+
case 20:
56
+
break;
57
+
default:
58
+
return -EINVAL;
59
+
}
60
+
61
+
return 0;
62
+
}
8
63
#endif