Galois/Counter Mode (GCM) More...

#include <stdint.h>
#include <ipxe/crypto.h>

Data Structures
struct	gcm_counter
	A GCM counter. More...
struct	gcm_lengths
	A GCM length pair. More...
union	gcm_block
	A GCM block. More...
struct	gcm_context
	GCM context. More...

Macros
#define	GCM_CIPHER(_gcm_name, _gcm_cipher, _raw_cipher, _raw_context, _blocksize)
	Create a GCM mode of behaviour of an existing cipher.

Functions
	FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)
	FILE_SECBOOT (PERMITTED)
void	gcm_tag (struct gcm_context context, union gcm_block tag)
	Construct tag.
int	gcm_setkey (struct gcm_context context, const void key, size_t keylen, struct cipher_algorithm *raw_cipher)
	Set key.
void	gcm_setiv (struct gcm_context context, const void iv, size_t ivlen)
	Set initialisation vector.
void	gcm_encrypt (struct gcm_context context, const void src, void *dst, size_t len)
	Encrypt data.
void	gcm_decrypt (struct gcm_context context, const void src, void *dst, size_t len)
	Decrypt data.

Detailed Description

Galois/Counter Mode (GCM)

Definition in file gcm.h.

Macro Definition Documentation

◆ GCM_CIPHER

#define GCM_CIPHER	(	_gcm_name,
		_gcm_cipher,
		_raw_cipher,
		_raw_context,
		_blocksize )

Create a GCM mode of behaviour of an existing cipher.

Parameters

_cbc_name	Name for the new CBC cipher
_cbc_cipher	New cipher algorithm
_raw_cipher	Underlying cipher algorithm
_raw_context	Context structure for the underlying cipher
_blocksize	Cipher block size

Definition at line 81 of file gcm.h.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )

◆ FILE_SECBOOT()

FILE_SECBOOT ( PERMITTED )

◆ gcm_tag()

void gcm_tag	(	struct gcm_context *	context,
		union gcm_block *	tag )

extern

Construct tag.

Parameters

context	Context
tag	Tag

Definition at line 409 of file gcm.c.

                                                                   {
        union gcm_block tmp;
        uint32_t offset;
 
        /* Construct hash */
        gcm_hash ( context, tag );
 
        /* Construct encrypted initial counter value */
        memcpy ( &tmp, &context->ctr, sizeof ( tmp ) );
        offset = ( ( -context->len.len.data ) / ( 8 * sizeof ( tmp ) ) );
        gcm_count ( &tmp, offset );
        cipher_encrypt ( context->raw_cipher, &context->raw_ctx, &tmp,
                         &tmp, sizeof ( tmp ) );
        DBGC2 ( context, "GCM %p E(K,Y[0]):\n", context );
        DBGC2_HDA ( context, 0, &tmp, sizeof ( tmp ) );
 
        /* Construct tag */
        gcm_xor_block ( &tmp, tag );
        DBGC2 ( context, "GCM %p T:\n", context );
        DBGC2_HDA ( context, 0, tag, sizeof ( *tag ) );
}

References cipher_encrypt, gcm_context::ctr, gcm_lengths::data, DBGC2, DBGC2_HDA, gcm_count(), gcm_hash(), gcm_xor_block(), gcm_block::len, gcm_context::len, memcpy(), offset, gcm_context::raw_cipher, gcm_context::raw_ctx, tag, and tmp.

◆ gcm_setkey()

int gcm_setkey	(	struct gcm_context *	context,
		const void *	key,
		size_t	keylen,
		struct cipher_algorithm *	raw_cipher )

extern

Set key.

Parameters

context	Context
key	Key
keylen	Key length
raw_cipher	Underlying cipher

Return values

rc	Return status code

Definition at line 440 of file gcm.c.

                                                       {
        int rc;
 
        /* Initialise GCM context */
        memset ( context, 0, sizeof ( *context ) );
        context->raw_cipher = raw_cipher;
 
        /* Set underlying block cipher key */
        if ( ( rc = cipher_setkey ( raw_cipher, context->raw_ctx, key,
                                    keylen ) ) != 0 )
                return rc;
 
        /* Construct GCM hash key */
        cipher_encrypt ( raw_cipher, context->raw_ctx, &context->ctr,
                         &context->key, sizeof ( context->key ) );
        DBGC2 ( context, "GCM %p H:\n", context );
        DBGC2_HDA ( context, 0, &context->key, sizeof ( context->key ) );
 
        /* Reset counter */
        context->ctr.ctr.value = cpu_to_be32 ( 1 );
 
        /* Construct cached tables */
        gcm_cache ( &context->key );
 
        return 0;
}

References cipher_encrypt, cipher_setkey(), cpu_to_be32, gcm_block::ctr, gcm_context::ctr, DBGC2, DBGC2_HDA, gcm_cache(), gcm_context::key, key, memset(), gcm_context::raw_cipher, gcm_context::raw_ctx, rc, and gcm_counter::value.

◆ gcm_setiv()

void gcm_setiv	(	struct gcm_context *	context,
		const void *	iv,
		size_t	ivlen )

extern

Set initialisation vector.

Parameters

ctx	Context
iv	Initialisation vector
ivlen	Initialisation vector length

Definition at line 475 of file gcm.c.

                                                                             {
 
        /* Reset non-key state */
        memset ( context, 0, gcm_offset ( key ) );
        build_assert ( gcm_offset ( key ) > gcm_offset ( hash ) );
        build_assert ( gcm_offset ( key ) > gcm_offset ( len ) );
        build_assert ( gcm_offset ( key ) > gcm_offset ( ctr ) );
        build_assert ( gcm_offset ( key ) < gcm_offset ( raw_cipher ) );
        build_assert ( gcm_offset ( key ) < gcm_offset ( raw_ctx ) );
 
        /* Reset counter */
        context->ctr.ctr.value = cpu_to_be32 ( 1 );
 
        /* Process initialisation vector */
        if ( ivlen == sizeof ( context->ctr.ctr.iv ) ) {
 
                /* Initialisation vector is exactly 96 bits, use it as-is */
                memcpy ( context->ctr.ctr.iv, iv, ivlen );
 
        } else {
 
                /* Calculate hash over initialisation vector */
                gcm_process ( context, iv, NULL, ivlen, GCM_FL_IV );
                gcm_hash ( context, &context->ctr );
                assert ( context->len.len.add == 0 );
 
                /* Reset non-key, non-counter state */
                memset ( context, 0, gcm_offset ( ctr ) );
                build_assert ( gcm_offset ( ctr ) > gcm_offset ( hash ) );
                build_assert ( gcm_offset ( ctr ) > gcm_offset ( len ) );
                build_assert ( gcm_offset ( ctr ) < gcm_offset ( key ) );
                build_assert ( gcm_offset ( ctr ) < gcm_offset ( raw_cipher ) );
                build_assert ( gcm_offset ( ctr ) < gcm_offset ( raw_ctx ) );
        }
 
        DBGC2 ( context, "GCM %p Y[0]:\n", context );
        DBGC2_HDA ( context, 0, &context->ctr, sizeof ( context->ctr ) );
}

References gcm_lengths::add, assert, build_assert, cpu_to_be32, gcm_block::ctr, gcm_context::ctr, DBGC2, DBGC2_HDA, GCM_FL_IV, gcm_hash(), gcm_offset, gcm_process(), hash, gcm_counter::iv, iv, key, gcm_block::len, gcm_context::len, len, memcpy(), memset(), NULL, and gcm_counter::value.

◆ gcm_encrypt()

void gcm_encrypt	(	struct gcm_context *	context,
		const void *	src,
		void *	dst,
		size_t	len )

extern

Encrypt data.

Parameters

context	Context
src	Data to encrypt
dst	Buffer for encrypted data, or NULL for additional data
len	Length of data

Definition at line 522 of file gcm.c.

                                {
 
        /* Process data */
        gcm_process ( context, src, dst, len, GCM_FL_ENCRYPT );
}

References GCM_FL_ENCRYPT, gcm_process(), len, and src.

◆ gcm_decrypt()

void gcm_decrypt	(	struct gcm_context *	context,
		const void *	src,
		void *	dst,
		size_t	len )

extern

Decrypt data.

Parameters

context	Context
src	Data to decrypt
dst	Buffer for decrypted data, or NULL for additional data
len	Length of data

Definition at line 537 of file gcm.c.

                                {
 
        /* Process data */
        gcm_process ( context, src, dst, len, 0 );
}

References gcm_process(), len, and src.

Data Structures

Macros

Functions

Detailed Description

Macro Definition Documentation

◆ GCM_CIPHER

Function Documentation

◆ FILE_LICENCE()

◆ FILE_SECBOOT()

◆ gcm_tag()

◆ gcm_setkey()

◆ gcm_setiv()

◆ gcm_encrypt()

◆ gcm_decrypt()