SharkSSL™ Embedded SSL/TLS Stack

AES-GCM. More...

Data Structures

struct  SharkSslAesGcmCtx
 AesGcmCtx. More...
 

Typedefs

typedef struct SharkSslAesGcmCtx SharkSslAesGcmCtx
 AesGcmCtx.
 

Functions

SHARKSSL_API void SharkSslAesGcmCtx_constructor (SharkSslAesGcmCtx *ctx, const U8 *key, U8 keyLen)
 Initialize. More...
 
SHARKSSL_API int SharkSslAesGcmCtx_encrypt (SharkSslAesGcmCtx *ctx, const U8 vect[12], U8 tagout[16], const U8 *auth, U16 authlen, const U8 *input, U8 *output, U16 len)
 Encrypt data or a chunk of a large data set. More...
 
SHARKSSL_API int SharkSslAesGcmCtx_decrypt (SharkSslAesGcmCtx *ctx, const U8 vect[12], U8 tagin[16], const U8 *auth, U16 authlen, U8 *input, U8 *output, U16 len)
 Decrypt data or a chunk of a large data set. More...
 

Detailed Description

AES-GCM.

Function Documentation

◆ SharkSslAesGcmCtx_constructor()

SHARKSSL_API void SharkSslAesGcmCtx_constructor ( SharkSslAesGcmCtx ctx,
const U8 *  key,
U8  keyLen 
)

Initialize.

Parameters
ctxUninitialized data of size sizeof(SharkSslAesGcmCtx).
keythe encryption/decryption key
keyLen'key' length

◆ SharkSslAesGcmCtx_decrypt()

SHARKSSL_API int SharkSslAesGcmCtx_decrypt ( SharkSslAesGcmCtx ctx,
const U8  vect[12],
U8  tagin[16],
const U8 *  auth,
U16  authlen,
U8 *  input,
U8 *  output,
U16  len 
)

Decrypt data or a chunk of a large data set.

Parameters
ctxcontext initialized by SharkSslAesGcmCtx_constructor.
vectthe same IV as used in SharkSslAesGcmCtx_encrypt.
taginthe tagout from SharkSslAesGcmCtx_encrypt. This data will change for each call to SharkSslAesGcmCtx_decrypt.
auththe same auth as used in SharkSslAesGcmCtx_encrypt or NULL if not used.
authlenthe length of the 'auth' parameter.
inputthe data to be decrypted.
outputthe decrypted (plaintext) output data. This buffer may be the same as the input buffer.
lenthe length of the input block.

◆ SharkSslAesGcmCtx_encrypt()

SHARKSSL_API int SharkSslAesGcmCtx_encrypt ( SharkSslAesGcmCtx ctx,
const U8  vect[12],
U8  tagout[16],
const U8 *  auth,
U16  authlen,
const U8 *  input,
U8 *  output,
U16  len 
)

Encrypt data or a chunk of a large data set.

Parameters
ctxcontext initialized by SharkSslAesGcmCtx_constructor.
vectthe initialization vector (IV) is a (public) fixed-size input typically created from random data.
tagouta 16 byte xored tag created as the data is encrypted. This data must be fed into subsequent calls and eventually used for decrypting the data. You may optionally set this to a random number for the first call to this function, or just leave the 16 byte data-buffer uninitialized.
auththe cipher's optional additional authenticated data. The auth parameter makes the encryption stronger, but you may set this parameter to NULL.
authlenthe length of the 'auth' parameter.
inputthe data to be encrypted.
outputthe encrypted output data. This buffer may be the same as the input buffer.
lenthe length of the input block.

Encrypt data as follows:

  1. Calculate vect (IV), auth.
  2. For large data sets, loop over the data and encrypt data in chunks by calling SharkSslAesGcmCtx_encrypt with the data chunk, IV and the optional auth calculated in (1).
  3. Send/save IV, auth, and tagout as part of the encrypted data chunk. This data, which may be public, will be needed when you decrypt the data.