aes_wrap.h File Reference
AES-based functions.
More...
Go to the source code of this file.
Functions |
| int __must_check | aes_wrap (const u8 *kek, int n, const u8 *plain, u8 *cipher) |
| | Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394).
|
| int __must_check | aes_unwrap (const u8 *kek, int n, const u8 *cipher, u8 *plain) |
| | Unwrap key with AES Key Wrap Algorithm (128-bit KEK) (RFC3394).
|
| int __must_check | omac1_aes_128_vector (const u8 *key, size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) |
| | One-Key CBC MAC (OMAC1) hash with AES-128.
|
| int __must_check | omac1_aes_128 (const u8 *key, const u8 *data, size_t data_len, u8 *mac) |
| | One-Key CBC MAC (OMAC1) hash with AES-128 (aka AES-CMAC).
|
| int __must_check | aes_128_encrypt_block (const u8 *key, const u8 *in, u8 *out) |
| | Perform one AES 128-bit block operation.
|
| int __must_check | aes_128_ctr_encrypt (const u8 *key, const u8 *nonce, u8 *data, size_t data_len) |
| | AES-128 CTR mode encryption.
|
| int __must_check | aes_128_eax_encrypt (const u8 *key, const u8 *nonce, size_t nonce_len, const u8 *hdr, size_t hdr_len, u8 *data, size_t data_len, u8 *tag) |
| | AES-128 EAX mode encryption.
|
| int __must_check | aes_128_eax_decrypt (const u8 *key, const u8 *nonce, size_t nonce_len, const u8 *hdr, size_t hdr_len, u8 *data, size_t data_len, const u8 *tag) |
| | AES-128 EAX mode decryption.
|
| int __must_check | aes_128_cbc_encrypt (const u8 *key, const u8 *iv, u8 *data, size_t data_len) |
| | AES-128 CBC encryption.
|
| int __must_check | aes_128_cbc_decrypt (const u8 *key, const u8 *iv, u8 *data, size_t data_len) |
| | AES-128 CBC decryption.
|
Detailed Description
AES-based functions.
- AES Key Wrap Algorithm (128-bit KEK) (RFC3394)
- One-Key CBC MAC (OMAC1) hash with AES-128
- AES-128 CTR mode encryption
- AES-128 EAX mode encryption/decryption
- AES-128 CBC
- Copyright
- Copyright (c) 2003-2007, Jouni Malinen <j@w1.fi>
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.
Alternatively, this software may be distributed under the terms of BSD license.
See README and COPYING for more details.
Function Documentation
| int __must_check aes_128_cbc_decrypt |
( |
const u8 * |
key, |
|
|
const u8 * |
iv, |
|
|
u8 * |
data, |
|
|
size_t |
data_len | |
|
) |
| | |
AES-128 CBC decryption.
- Parameters:
-
| key | Decryption key |
| iv | Decryption IV for CBC mode (16 bytes) |
| data | Data to decrypt in-place |
| data_len | Length of data in bytes (must be divisible by 16) |
- Returns:
- 0 on success, -1 on failure
| int __must_check aes_128_cbc_encrypt |
( |
const u8 * |
key, |
|
|
const u8 * |
iv, |
|
|
u8 * |
data, |
|
|
size_t |
data_len | |
|
) |
| | |
AES-128 CBC encryption.
- Parameters:
-
| key | Encryption key |
| iv | Encryption IV for CBC mode (16 bytes) |
| data | Data to encrypt in-place |
| data_len | Length of data in bytes (must be divisible by 16) |
- Returns:
- 0 on success, -1 on failure
| int __must_check aes_128_ctr_encrypt |
( |
const u8 * |
key, |
|
|
const u8 * |
nonce, |
|
|
u8 * |
data, |
|
|
size_t |
data_len | |
|
) |
| | |
AES-128 CTR mode encryption.
- Parameters:
-
| key | Key for encryption (16 bytes) |
| nonce | Nonce for counter mode (16 bytes) |
| data | Data to encrypt in-place |
| data_len | Length of data in bytes |
- Returns:
- 0 on success, -1 on failure
| int __must_check aes_128_eax_decrypt |
( |
const u8 * |
key, |
|
|
const u8 * |
nonce, |
|
|
size_t |
nonce_len, |
|
|
const u8 * |
hdr, |
|
|
size_t |
hdr_len, |
|
|
u8 * |
data, |
|
|
size_t |
data_len, |
|
|
const u8 * |
tag | |
|
) |
| | |
AES-128 EAX mode decryption.
- Parameters:
-
| key | Key for decryption (16 bytes) |
| nonce | Nonce for counter mode |
| nonce_len | Nonce length in bytes |
| hdr | Header data to be authenticity protected |
| hdr_len | Length of the header data bytes |
| data | Data to encrypt in-place |
| data_len | Length of data in bytes |
| tag | 16-byte tag value |
- Returns:
- 0 on success, -1 on failure, -2 if tag does not match
| int __must_check aes_128_eax_encrypt |
( |
const u8 * |
key, |
|
|
const u8 * |
nonce, |
|
|
size_t |
nonce_len, |
|
|
const u8 * |
hdr, |
|
|
size_t |
hdr_len, |
|
|
u8 * |
data, |
|
|
size_t |
data_len, |
|
|
u8 * |
tag | |
|
) |
| | |
AES-128 EAX mode encryption.
- Parameters:
-
| key | Key for encryption (16 bytes) |
| nonce | Nonce for counter mode |
| nonce_len | Nonce length in bytes |
| hdr | Header data to be authenticity protected |
| hdr_len | Length of the header data bytes |
| data | Data to encrypt in-place |
| data_len | Length of data in bytes |
| tag | 16-byte tag value |
- Returns:
- 0 on success, -1 on failure
| int __must_check aes_128_encrypt_block |
( |
const u8 * |
key, |
|
|
const u8 * |
in, |
|
|
u8 * |
out | |
|
) |
| | |
Perform one AES 128-bit block operation.
- Parameters:
-
| key | Key for AES |
| in | Input data (16 bytes) |
| out | Output of the AES block operation (16 bytes) |
- Returns:
- 0 on success, -1 on failure
| int __must_check aes_unwrap |
( |
const u8 * |
kek, |
|
|
int |
n, |
|
|
const u8 * |
cipher, |
|
|
u8 * |
plain | |
|
) |
| | |
Unwrap key with AES Key Wrap Algorithm (128-bit KEK) (RFC3394).
- Parameters:
-
| kek | Key encryption key (KEK) |
| n | Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 bytes |
| cipher | Wrapped key to be unwrapped, (n + 1) * 64 bits |
| plain | Plaintext key, n * 64 bits |
- Returns:
- 0 on success, -1 on failure (e.g., integrity verification failed)
| int __must_check aes_wrap |
( |
const u8 * |
kek, |
|
|
int |
n, |
|
|
const u8 * |
plain, |
|
|
u8 * |
cipher | |
|
) |
| | |
Wrap keys with AES Key Wrap Algorithm (128-bit KEK) (RFC3394).
- Parameters:
-
| kek | 16-octet Key encryption key (KEK) |
| n | Length of the plaintext key in 64-bit units; e.g., 2 = 128-bit = 16 bytes |
| plain | Plaintext key to be wrapped, n * 64 bits |
| cipher | Wrapped key, (n + 1) * 64 bits |
- Returns:
- 0 on success, -1 on failure
| int __must_check omac1_aes_128 |
( |
const u8 * |
key, |
|
|
const u8 * |
data, |
|
|
size_t |
data_len, |
|
|
u8 * |
mac | |
|
) |
| | |
One-Key CBC MAC (OMAC1) hash with AES-128 (aka AES-CMAC).
- Parameters:
-
| key | 128-bit key for the hash operation |
| data | Data buffer for which a MAC is determined |
| data_len | Length of data buffer in bytes |
| mac | Buffer for MAC (128 bits, i.e., 16 bytes) |
- Returns:
- 0 on success, -1 on failure
This is a mode for using block cipher (AES in this case) for authentication. OMAC1 was standardized with the name CMAC by NIST in a Special Publication (SP) 800-38B.
| int __must_check omac1_aes_128_vector |
( |
const u8 * |
key, |
|
|
size_t |
num_elem, |
|
|
const u8 * |
addr[], |
|
|
const size_t * |
len, |
|
|
u8 * |
mac | |
|
) |
| | |
One-Key CBC MAC (OMAC1) hash with AES-128.
- Parameters:
-
| key | 128-bit key for the hash operation |
| num_elem | Number of elements in the data vector |
| addr | Pointers to the data areas |
| len | Lengths of the data blocks |
| mac | Buffer for MAC (128 bits, i.e., 16 bytes) |
- Returns:
- 0 on success, -1 on failure
This is a mode for using block cipher (AES in this case) for authentication. OMAC1 was standardized with the name CMAC by NIST in a Special Publication (SP) 800-38B.
1.6.1
