1KCAPI_AEAD_DECRYPT(3) Programming Interface KCAPI_AEAD_DECRYPT(3)
2
6 kcapi_aead_decrypt - synchronously decrypt AEAD data (one shot)
7
9 ssize_t kcapi_aead_decrypt(struct kcapi_handle * handle,
10 const uint8_t * in, size_t inlen,
11 const uint8_t * iv, uint8_t * out,
12 size_t outlen, int access);
13
15 handle
16 [in] cipher handle
17 in
19 [in] ciphertext data buffer
20 inlen
22 [in] length of in buffer
23 iv
25 [in] IV to be used for cipher operation
26 out
28 [out] plaintext data buffer
29 outlen
31 [in] length of out buffer
32 access
34 [in] kernel access type (KCAPI_ACCESS_HEURISTIC - use internal
35 heuristic for fastest kernel access; KCAPI_ACCESS_VMSPLICE use
36 vmsplice access; KCAPI_ACCESS_SENDMSG sendmsg access)
37
39 The AEAD cipher operation requires the furnishing of the associated
40 authentication data. In case such data is not required, it can be set
41 to NULL and length value must be set to zero.
42 It is perfectly legal to use the same buffer as the plaintext and
44 ciphertext pointers. That would mean that after the encryption
45 operation, the ciphertext is overwritten with the plaintext.
46 The memory should be aligned at the page boundary using
48 posix_memalign(sysconf(_SC_PAGESIZE)), If it is not aligned at the page
49 boundary, the vmsplice call may not send all data to the kernel.
50 The IV buffer must be exactly kcapi_cipher_ivsize bytes in size.
52 To catch authentication errors (i.e. integrity violations) during the
54 decryption operation, the return value of this call should be checked.
55 If this function returns -EBADMSG, an authentication error was
56 detected.
57
59 The kernel will only process sysconf(_SC_PAGESIZE) * ALG_MAX_PAGES at
60 one time. Longer input data cannot be handled by the kernel.
61 return number of bytes decrypted upon success; a negative errno-style
63 error code if an error occurred
64
66 Stephan Mueller <smueller@chronox.de>
67 Author.
68
70libkcapi Manual 1.4.0 July 2023 KCAPI_AEAD_DECRYPT(3)