Authenticated Encryption With Associated Data (AEAD) Cipher API

Authenticated Encryption With Associated Data (AEAD) Cipher API
Prev	Chapter 5. Programming Interface	Next

crypto_alloc_aead — allocate AEAD cipher handle
crypto_free_aead — zeroize and free aead handle
crypto_aead_ivsize — obtain IV size
crypto_aead_authsize — obtain maximum authentication data size
crypto_aead_blocksize — obtain block size of cipher
crypto_aead_setkey — set key for cipher
crypto_aead_setauthsize — set authentication data size
crypto_aead_encrypt — encrypt plaintext
crypto_aead_decrypt — decrypt ciphertext

The AEAD cipher API is used with the ciphers of type CRYPTO_ALG_TYPE_AEAD (listed as type “aead” in /proc/crypto)

The most prominent examples for this type of encryption is GCM and CCM. However, the kernel supports other types of AEAD ciphers which are defined with the following cipher string:

authenc(keyed message digest, block cipher)

For example: authenc(hmac(sha256), cbc(aes))

The example code provided for the asynchronous block cipher operation applies here as well. Naturally all *ablkcipher* symbols must be exchanged the *aead* pendants discussed in the following. In addtion, for the AEAD operation, the aead_request_set_assoc function must be used to set the pointer to the associated data memory location before performing the encryption or decryption operation. In case of an encryption, the associated data memory is filled during the encryption operation. For decryption, the associated data memory must contain data that is used to verify the integrity of the decrypted data. Another deviation from the asynchronous block cipher operation is that the caller should explicitly check for -EBADMSG of the crypto_aead_decrypt. That error indicates an authentication error, i.e. a breach in the integrity of the message. In essence, that -EBADMSG error code is the key bonus an AEAD cipher has over “standard” block chaining modes.

Prev	Up	Next
ablkcipher_request_set_crypt	Home	crypto_alloc_aead