KCAPI_AEAD_ENCRYPT(3) | Programming Interface | KCAPI_AEAD_ENCRYPT(3) |
kcapi_aead_encrypt - synchronously encrypt AEAD data (one shot)
ssize_t kcapi_aead_encrypt(struct kcapi_handle * handle, const uint8_t * in, size_t inlen, const uint8_t * iv, uint8_t * out, size_t outlen, int access);
handle
in
inlen
iv
out
outlen
access
The AEAD cipher operation requires the furnishing of the associated authentication data. In case such data is not required, it can be set to NULL and length value must be set to zero.
It is perfectly legal to use the same buffer as the plaintext and ciphertext pointers. That would mean that after the encryption operation, the plaintext is overwritten with the ciphertext.
The memory should be aligned at the page boundary using posix_memalign(sysconf(_SC_PAGESIZE)), If it is not aligned at the page boundary, the vmsplice call may not send all data to the kernel.
The IV buffer must be exactly kcapi_cipher_ivsize bytes in size.
After invoking this function the caller should use kcapi_aead_getdata_output to obtain the resulting ciphertext and authentication tag references.
The kernel will only process sysconf(_SC_PAGESIZE) * ALG_MAX_PAGES at one time. Longer input data cannot be handled by the kernel.
return number of bytes encrypted upon success; a negative errno-style error code if an error occurred
Stephan Mueller <smueller@chronox.de>
February 2022 | libkcapi Manual 1.4.0 |