Skip to content

Commit e1948ae

Browse files
mrfuchsjhedberg
mrfuchs
authored and
jhedberg
committed
include: crypto: Add Galois/Counter Mode (GCM) support
Add support for AES Galois/Counter Mode of Operation to the Crypto API. Signed-off-by: Markus Fuchs <[email protected]>
1 parent 4adc408 commit e1948ae

File tree

2 files changed

+33
-0
lines changed

2 files changed

+33
-0
lines changed

include/crypto/cipher.h

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -268,4 +268,26 @@ static inline int cipher_ccm_op(struct cipher_ctx *ctx,
268268
return ctx->ops.ccm_crypt_hndlr(ctx, pkt, nonce);
269269
}
270270

271+
/*
272+
* @brief Perform Galois/Counter Mode (GCM) crypto operation
273+
*
274+
* @param[in] ctx Pointer to the crypto context of this op.
275+
* @param[in/out] pkt Structure holding the input/output, Associated
276+
* Data (AD) and auth tag buffer pointers.
277+
* @param[in] nonce Nonce for the operation. Same nonce value should not
278+
* be reused across multiple operations (within a
279+
* session context) for security.
280+
*
281+
* @return 0 on success, negative errno code on fail.
282+
*/
283+
static inline int cipher_gcm_op(struct cipher_ctx *ctx,
284+
struct cipher_aead_pkt *pkt, u8_t *nonce)
285+
{
286+
__ASSERT(ctx->ops.cipher_mode == CRYPTO_CIPHER_MODE_GCM, "GCM mode "
287+
"session invoking a different mode handler");
288+
289+
pkt->pkt->ctx = ctx;
290+
return ctx->ops.gcm_crypt_hndlr(ctx, pkt, nonce);
291+
}
292+
271293
#endif /* ZEPHYR_INCLUDE_CRYPTO_CIPHER_H_ */

include/crypto/cipher_structs.h

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ enum cipher_mode {
3838
CRYPTO_CIPHER_MODE_CBC = 2,
3939
CRYPTO_CIPHER_MODE_CTR = 3,
4040
CRYPTO_CIPHER_MODE_CCM = 4,
41+
CRYPTO_CIPHER_MODE_GCM = 5,
4142
};
4243

4344
/* Forward declarations */
@@ -59,6 +60,9 @@ typedef int (*ctr_op_t)(struct cipher_ctx *ctx, struct cipher_pkt *pkt,
5960
typedef int (*ccm_op_t)(struct cipher_ctx *ctx, struct cipher_aead_pkt *pkt,
6061
u8_t *nonce);
6162

63+
typedef int (*gcm_op_t)(struct cipher_ctx *ctx, struct cipher_aead_pkt *pkt,
64+
u8_t *nonce);
65+
6266
struct cipher_ops {
6367

6468
enum cipher_mode cipher_mode;
@@ -68,6 +72,7 @@ struct cipher_ops {
6872
cbc_op_t cbc_crypt_hndlr;
6973
ctr_op_t ctr_crypt_hndlr;
7074
ccm_op_t ccm_crypt_hndlr;
75+
gcm_op_t gcm_crypt_hndlr;
7176
};
7277
};
7378

@@ -83,6 +88,11 @@ struct ctr_params {
8388
u32_t ctr_len;
8489
};
8590

91+
struct gcm_params {
92+
u16_t tag_len;
93+
u16_t nonce_len;
94+
};
95+
8696
/* Structure encoding session parameters. Refer to comments for individual
8797
* fields to know the contract in terms of who fills what and when w.r.t
8898
* begin_session() call.
@@ -132,6 +142,7 @@ struct cipher_ctx {
132142
union {
133143
struct ccm_params ccm_info;
134144
struct ctr_params ctr_info;
145+
struct gcm_params gcm_info;
135146
} mode_params;
136147

137148
/* Cryptographic keylength in bytes. To be populated by the app

0 commit comments

Comments
 (0)