AES-GCM

Detailed Description

AES-GCM.

Data Structures
struct	SharkSslAesGcmCtx
	AesGcmCtx. More...

Typedefs
typedef struct SharkSslAesGcmCtx	SharkSslAesGcmCtx
	AesGcmCtx.

Functions
SHARKSSL_API void	SharkSslAesGcmCtx_constructor (SharkSslAesGcmCtx *ctx, const U8 *key, U8 keyLen)
	Initialize. More...
SHARKSSL_API int	SharkSslAesGcmCtx_encrypt (SharkSslAesGcmCtx *ctx, const U8 vect[12], U8 tagout[16], const U8 *auth, U16 authlen, const U8 *input, U8 *output, U16 len)
	Encrypt data or a chunk of a large data set. More...
SHARKSSL_API int	SharkSslAesGcmCtx_decrypt (SharkSslAesGcmCtx *ctx, const U8 vect[12], U8 tagin[16], const U8 *auth, U16 authlen, U8 *input, U8 *output, U16 len)
	Decrypt data or a chunk of a large data set. More...

Function Documentation

SharkSslAesGcmCtx_constructor()

SHARKSSL_API void SharkSslAesGcmCtx_constructor	(	SharkSslAesGcmCtx *	ctx,
		const U8 *	key,
		U8	keyLen
	)

Initialize.

Parameters

ctx	Uninitialized data of size sizeof(SharkSslAesGcmCtx).
key	the encryption/decryption key
keyLen	'key' length

SharkSslAesGcmCtx_decrypt()

SHARKSSL_API int SharkSslAesGcmCtx_decrypt	(	SharkSslAesGcmCtx *	ctx,
		const U8	vect[12],
		U8	tagin[16],
		const U8 *	auth,
		U16	authlen,
		U8 *	input,
		U8 *	output,
		U16	len
	)

Decrypt data or a chunk of a large data set.

Parameters

ctx	context initialized by SharkSslAesGcmCtx_constructor.
vect	the same IV as used in SharkSslAesGcmCtx_encrypt.
tagin	the tagout from SharkSslAesGcmCtx_encrypt. This data will change for each call to SharkSslAesGcmCtx_decrypt.
auth	the same auth as used in SharkSslAesGcmCtx_encrypt or NULL if not used.
authlen	the length of the 'auth' parameter.
input	the data to be decrypted.
output	the decrypted (plaintext) output data. This buffer may be the same as the input buffer.
len	the length of the input block.

SharkSslAesGcmCtx_encrypt()

SHARKSSL_API int SharkSslAesGcmCtx_encrypt	(	SharkSslAesGcmCtx *	ctx,
		const U8	vect[12],
		U8	tagout[16],
		const U8 *	auth,
		U16	authlen,
		const U8 *	input,
		U8 *	output,
		U16	len
	)

Encrypt data or a chunk of a large data set.

Parameters

ctx	context initialized by SharkSslAesGcmCtx_constructor.
vect	the initialization vector (IV) is a (public) fixed-size input typically created from random data.
tagout	a 16 byte xored tag created as the data is encrypted. This data must be fed into subsequent calls and eventually used for decrypting the data. You may optionally set this to a random number for the first call to this function, or just leave the 16 byte data-buffer uninitialized.
auth	the cipher's optional additional authenticated data. The auth parameter makes the encryption stronger, but you may set this parameter to NULL.
authlen	the length of the 'auth' parameter.
input	the data to be encrypted.
output	the encrypted output data. This buffer may be the same as the input buffer.
len	the length of the input block.

Encrypt data as follows:

1. Calculate vect (IV), auth.
2. For large data sets, loop over the data and encrypt data in chunks by calling SharkSslAesGcmCtx_encrypt with the data chunk, IV and the optional auth calculated in (1).
3. Send/save IV, auth, and tagout as part of the encrypted data chunk. This data, which may be public, will be needed when you decrypt the data.