Added inline helper functions to check authsize and assoclen for gcm and rfc4106. These are used in the generic implementation of gcm and rfc4106. Signed-off-by: Iuliana Prodan <iuliana.prodan@xxxxxxx> --- crypto/gcm.c | 41 +++++++++++++++------------------------- include/crypto/gcm.h | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+), 26 deletions(-) diff --git a/crypto/gcm.c b/crypto/gcm.c index 33f45a9..f69c251 100644 --- a/crypto/gcm.c +++ b/crypto/gcm.c @@ -155,20 +155,7 @@ static int crypto_gcm_setkey(struct crypto_aead *aead, const u8 *key, static int crypto_gcm_setauthsize(struct crypto_aead *tfm, unsigned int authsize) { - switch (authsize) { - case 4: - case 8: - case 12: - case 13: - case 14: - case 15: - case 16: - break; - default: - return -EINVAL; - } - - return 0; + return check_gcm_authsize(authsize); } static void crypto_gcm_init_common(struct aead_request *req) @@ -765,15 +752,11 @@ static int crypto_rfc4106_setauthsize(struct crypto_aead *parent, unsigned int authsize) { struct crypto_rfc4106_ctx *ctx = crypto_aead_ctx(parent); + int err; - switch (authsize) { - case 8: - case 12: - case 16: - break; - default: - return -EINVAL; - } + err = check_rfc4106_authsize(authsize); + if (err) + return err; return crypto_aead_setauthsize(ctx->child, authsize); } @@ -821,8 +804,11 @@ static struct aead_request *crypto_rfc4106_crypt(struct aead_request *req) static int crypto_rfc4106_encrypt(struct aead_request *req) { - if (req->assoclen != 16 && req->assoclen != 20) - return -EINVAL; + int err; + + err = check_ipsec_assoclen(req->assoclen); + if (err) + return err; req = crypto_rfc4106_crypt(req); @@ -831,8 +817,11 @@ static int crypto_rfc4106_encrypt(struct aead_request *req) static int crypto_rfc4106_decrypt(struct aead_request *req) { - if (req->assoclen != 16 && req->assoclen != 20) - return -EINVAL; + int err; + + err = check_ipsec_assoclen(req->assoclen); + if (err) + return err; req = crypto_rfc4106_crypt(req); diff --git a/include/crypto/gcm.h b/include/crypto/gcm.h index c50e057..9834b97 100644 --- a/include/crypto/gcm.h +++ b/include/crypto/gcm.h @@ -5,4 +5,57 @@ #define GCM_RFC4106_IV_SIZE 8 #define GCM_RFC4543_IV_SIZE 8 +/* + * validate authentication tag for GCM + */ +static inline int check_gcm_authsize(unsigned int authsize) +{ + switch (authsize) { + case 4: + case 8: + case 12: + case 13: + case 14: + case 15: + case 16: + break; + default: + return -EINVAL; + } + + return 0; +} + +/* + * validate authentication tag for RFC4106 + */ +static inline int check_rfc4106_authsize(unsigned int authsize) +{ + switch (authsize) { + case 8: + case 12: + case 16: + break; + default: + return -EINVAL; + } + + return 0; +} + +/* + * validate assoclen for RFC4106/RFC4543 + */ +static inline int check_ipsec_assoclen(unsigned int assoclen) +{ + switch (assoclen) { + case 16: + case 20: + break; + default: + return -EINVAL; + } + + return 0; +} #endif -- 2.1.0