gcm.h File Reference

The GCM context structure.

This function performs a GCM authenticated decryption of a buffer.

Note:

For decryption, the output buffer cannot be the same as input buffer. If the buffers overlap, the output buffer must trail at least 8 Bytes behind the input buffer.

Parameters:

ctx	The GCM context.
length	The length of the ciphertext to decrypt, which is also the length of the decrypted plaintext.
iv	The initialization vector.
iv_len	The length of the IV.
add	The buffer holding the additional data.
add_len	The length of the additional data.
tag	The buffer holding the tag to verify.
tag_len	The length of the tag to verify.
input	The buffer holding the ciphertext. Its size is length.
output	The buffer for holding the decrypted plaintext. It must have room for length bytes.

Returns:

0 if successful and authenticated.

MBEDTLS_ERR_GCM_AUTH_FAILED if the tag does not match.

MBEDTLS_ERR_GCM_BAD_INPUT if the lengths are not valid.

MBEDTLS_ERR_GCM_HW_ACCEL_FAILED or a cipher-specific error code if the decryption failed.

Definition at line 468 of file gcm.c.

This function performs GCM encryption or decryption of a buffer.

Note:

For encryption, the output buffer can be the same as the input buffer. For decryption, the output buffer cannot be the same as input buffer. If the buffers overlap, the output buffer must trail at least 8 Bytes behind the input buffer.

Warning:

When this function performs a decryption, it outputs the authentication tag and does not verify that the data is authentic. You should use this function to perform encryption only. For decryption, use mbedtls_gcm_auth_decrypt() instead.

Parameters:

ctx	The GCM context to use for encryption or decryption.
mode	The operation to perform: MBEDTLS_GCM_ENCRYPT to perform authenticated encryption. The ciphertext is written to output and the authentication tag is written to tag. MBEDTLS_GCM_DECRYPT to perform decryption. The plaintext is written to output and the authentication tag is written to tag. Note that this mode is not recommended, because it does not verify the authenticity of the data. For this reason, you should use mbedtls_gcm_auth_decrypt() instead of calling this function in decryption mode.
length	The length of the input data, which is equal to the length of the output data.
iv	The initialization vector.
iv_len	The length of the IV.
add	The buffer holding the additional data.
add_len	The length of the additional data.
input	The buffer holding the input data. Its size is length.
output	The buffer for holding the output data. It must have room for length bytes.
tag_len	The length of the tag to generate.
tag	The buffer for holding the tag.

Returns:

0 if the encryption or decryption was performed successfully. Note that in MBEDTLS_GCM_DECRYPT mode, this does not indicate that the data is authentic.

MBEDTLS_ERR_GCM_BAD_INPUT if the lengths are not valid.

MBEDTLS_ERR_GCM_HW_ACCEL_FAILED or a cipher-specific error code if the encryption or decryption failed.

Definition at line 442 of file gcm.c.

This function finishes the GCM operation and generates the authentication tag.

It wraps up the GCM stream, and generates the tag. The tag can have a maximum length of 16 Bytes.

Parameters:

ctx	The GCM context.
tag	The buffer for holding the tag.
tag_len	The length of the tag to generate. Must be at least four.

Returns:

0 on success.

MBEDTLS_ERR_GCM_BAD_INPUT on failure.

Definition at line 407 of file gcm.c.

This function clears a GCM context and the underlying cipher sub-context.

Parameters:

ctx	The GCM context to clear.

Definition at line 504 of file gcm.c.

This function initializes the specified GCM context, to make references valid, and prepares the context for mbedtls_gcm_setkey() or mbedtls_gcm_free().

The function does not bind the GCM context to a particular cipher, nor set the key. For this purpose, use mbedtls_gcm_setkey().

Parameters:

ctx	The GCM context to initialize.

Definition at line 87 of file gcm.c.

The GCM checkup routine.

Returns:

0 on success.

1 on failure.

Definition at line 740 of file gcm.c.

This function associates a GCM context with a cipher algorithm and a key.

Parameters:

ctx	The GCM context to initialize.
cipher	The 128-bit block cipher to use.
key	The encryption key.
keybits	The key size in bits. Valid options are: 128 bits 192 bits 256 bits

Returns:

0 on success.

A cipher-specific error code on failure.

Definition at line 160 of file gcm.c.

This function starts a GCM encryption or decryption operation.

Parameters:

ctx	The GCM context.
mode	The operation to perform: MBEDTLS_GCM_ENCRYPT or MBEDTLS_GCM_DECRYPT.
iv	The initialization vector.
iv_len	The length of the IV.
add	The buffer holding the additional data, or NULL if add_len is 0.
add_len	The length of the additional data. If 0, add is NULL.

Returns:

0 on success.

Definition at line 265 of file gcm.c.

This function feeds an input buffer into an ongoing GCM encryption or decryption operation.

` The function expects input to be a multiple of 16 Bytes. Only the last call before calling mbedtls_gcm_finish() can be less than 16 Bytes.

Note:

For decryption, the output buffer cannot be the same as input buffer. If the buffers overlap, the output buffer must trail at least 8 Bytes behind the input buffer.

Parameters:

ctx	The GCM context.
length	The length of the input data. This must be a multiple of 16 except in the last call before mbedtls_gcm_finish().
input	The buffer holding the input data.
output	The buffer for holding the output data.

Returns:

0 on success.

MBEDTLS_ERR_GCM_BAD_INPUT on failure.

Definition at line 348 of file gcm.c.