1KCAPI_AEAD_ENCRYPT(3) Programming Interface KCAPI_AEAD_ENCRYPT(3)
2
3
4
6 kcapi_aead_encrypt - synchronously encrypt AEAD data (one shot)
7
9 int32_t kcapi_aead_encrypt(struct kcapi_handle * handle,
10 const uint8_t * in, uint32_t inlen,
11 const uint8_t * iv, uint8_t * out,
12 uint32_t outlen, int access);
13
15 handle
16 [in] cipher handle
17
18 in
19 [in] plaintext data buffer
20
21 inlen
22 [in] length of plaintext buffer
23
24 iv
25 [in] IV to be used for cipher operation
26
27 out
28 [out] data buffer holding cipher text and authentication tag
29
30 outlen
31 [in] length of out buffer
32
33 access
34 [in] kernel access type (KCAPI_ACCESS_HEURISTIC - use internal
35 heuristic for fastest kernel access; KCAPI_ACCESS_VMSPLICE - use
36 vmsplice access; KCAPI_ACCESS_SENDMSG - sendmsg access)
37
39 The AEAD cipher operation requires the furnishing of the associated
40 authentication data. In case such data is not required, it can be set
41 to NULL and length value must be set to zero.
42
43 It is perfectly legal to use the same buffer as the plaintext and
44 ciphertext pointers. That would mean that after the encryption
45 operation, the plaintext is overwritten with the ciphertext.
46
47 The memory should be aligned at the page boundary using
48 posix_memalign(sysconf(_SC_PAGESIZE)), If it is not aligned at the page
49 boundary, the vmsplice call may not send all data to the kernel.
50
51 The IV buffer must be exactly kcapi_cipher_ivsize bytes in size.
52
53 After invoking this function the caller should use
54 kcapi_aead_getdata_output to obtain the resulting ciphertext and
55 authentication tag references.
56
58 The kernel will only process sysconf(_SC_PAGESIZE) * ALG_MAX_PAGES at
59 one time. Longer input data cannot be handled by the kernel.
60
61 return number of bytes encrypted upon success; a negative errno-style
62 error code if an error occurred
63
65 Stephan Mueller <smueller@chronox.de>
66 Author.
67
69libkcapi Manual 1.1.1 August 2018 KCAPI_AEAD_ENCRYPT(3)