1KCAPI_AEAD_STREAM_IN(3)      Programming Interface     KCAPI_AEAD_STREAM_IN(3)
2
3
4

NAME

6       kcapi_aead_stream_init_dec - start a decryption operation (stream)
7

SYNOPSIS

9       int32_t kcapi_aead_stream_init_dec(struct kcapi_handle * handle,
10                                          const uint8_t * iv,
11                                          struct iovec * iov,
12                                          uint32_t iovlen);
13

ARGUMENTS

15       handle
16           [in] cipher handle
17
18       iv
19           [in] IV to be used for cipher operation
20
21       iov
22           [in] scatter/gather list with data to be encrypted. This is the
23           pointer to the first iov entry if an array of iov entries is
24           supplied. See sendmsg(2) for details on how iov is to be used. This
25           pointer may be NULL if no data to be encrypted is available at the
26           point of the call.
27
28       iovlen
29           [in] number of scatter/gather list elements. If iov is NULL, this
30           value must be zero.
31

DESCRIPTION

33       A stream decryption operation is started with this call. Multiple
34       successive kcapi_aead_stream_update function calls can be invoked to
35       send more ciphertext data to be encrypted. The kernel buffers the input
36       until kcapi_aead_stream_op picks up the decrypted data. Once ciphertext
37       is decrypted during the kcapi_aead_stream_op it is removed from the
38       kernel buffer.
39
40       Note, unlike the corresponding symmetric cipher API, the function calls
41       of kcapi_aead_stream_update and kcapi_aead_stream_op cannot be mixed!
42       This due to the nature of AEAD where the cipher operation ensures the
43       integrity of the entire data (decryption) or calculates a message
44       digest over the entire data (encryption).
45
46       When using the stream API, the caller must ensure that data is sent in
47       the correct order (regardless whether data is sent in multiple chunks
48       using kcapi_aead_stream_init_enc or kcapi_cipher_stream_update): (i)
49       the complete associated data must be provided, followed by (ii) the
50       plaintext. For decryption, also (iii) the tag value must be sent.
51
52       The IV buffer must be exactly kcapi_cipher_ivsize bytes in size.
53
54       return number of bytes sent to the kernel upon success; a negative
55       errno-style error code if an error occurred
56

AUTHOR

58       Stephan Mueller <smueller@chronox.de>
59           Author.
60
62libkcapi Manual 1.2.0             August 2020          KCAPI_AEAD_STREAM_IN(3)
Impressum