Galois/Counter mode for 128-bit block ciphers. More...

#include "cipher.h"
#include <stdint.h>

Include dependency graph for gcm.h:

This graph shows which files directly or indirectly include this file:

Classes
struct	mbedtls_gcm_context
	GCM context structure. More...

Macros
#define	MBEDTLS_GCM_ENCRYPT 1

#define	MBEDTLS_GCM_DECRYPT 0

#define	MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012

#define	MBEDTLS_ERR_GCM_BAD_INPUT -0x0014

Functions
void	mbedtls_gcm_init (mbedtls_gcm_context *ctx)
	Initialize GCM context (just makes references valid) Makes the context ready for mbedtls_gcm_setkey() or mbedtls_gcm_free(). More...

int	mbedtls_gcm_setkey (mbedtls_gcm_context ctx, mbedtls_cipher_id_t cipher, const unsigned char key, unsigned int keybits)
	GCM initialization (encryption) More...

int	mbedtls_gcm_crypt_and_tag (mbedtls_gcm_context ctx, int mode, size_t length, const unsigned char iv, size_t iv_len, const unsigned char add, size_t add_len, const unsigned char input, unsigned char output, size_t tag_len, unsigned char tag)
	GCM buffer encryption/decryption using a block cipher. More...

int	mbedtls_gcm_auth_decrypt (mbedtls_gcm_context ctx, size_t length, const unsigned char iv, size_t iv_len, const unsigned char add, size_t add_len, const unsigned char tag, size_t tag_len, const unsigned char input, unsigned char output)
	GCM buffer authenticated decryption using a block cipher. More...

int	mbedtls_gcm_starts (mbedtls_gcm_context ctx, int mode, const unsigned char iv, size_t iv_len, const unsigned char *add, size_t add_len)
	Generic GCM stream start function. More...

int	mbedtls_gcm_update (mbedtls_gcm_context ctx, size_t length, const unsigned char input, unsigned char *output)
	Generic GCM update function. Encrypts/decrypts using the given GCM context. Expects input to be a multiple of 16 bytes! Only the last call before mbedtls_gcm_finish() can be less than 16 bytes! More...

int	mbedtls_gcm_finish (mbedtls_gcm_context ctx, unsigned char tag, size_t tag_len)
	Generic GCM finalisation function. Wraps up the GCM stream and generates the tag. The tag can have a maximum length of 16 bytes. More...

void	mbedtls_gcm_free (mbedtls_gcm_context *ctx)
	Free a GCM context and underlying cipher sub-context. More...

int	mbedtls_gcm_self_test (int verbose)
	Checkup routine. More...

Detailed Description

Galois/Counter mode for 128-bit block ciphers.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

This file is part of mbed TLS (https://tls.mbed.org)

Macro Definition Documentation

◆ MBEDTLS_ERR_GCM_AUTH_FAILED

#define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012

Authenticated decryption failed.

◆ MBEDTLS_ERR_GCM_BAD_INPUT

#define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014

Bad input parameters to function.

◆ MBEDTLS_GCM_DECRYPT

#define MBEDTLS_GCM_DECRYPT 0

◆ MBEDTLS_GCM_ENCRYPT

#define MBEDTLS_GCM_ENCRYPT 1

Function Documentation

◆ mbedtls_gcm_auth_decrypt()

int mbedtls_gcm_auth_decrypt	(	mbedtls_gcm_context *	ctx,
		size_t	length,
		const unsigned char *	iv,
		size_t	iv_len,
		const unsigned char *	add,
		size_t	add_len,
		const unsigned char *	tag,
		size_t	tag_len,
		const unsigned char *	input,
		unsigned char *	output
	)

GCM buffer authenticated decryption using a block cipher.

Note: On decryption, the output buffer cannot be the same as input buffer. If buffers overlap, the output buffer must trail at least 8 bytes behind the input buffer.

Parameters

ctx	GCM context
length	length of the input data
iv	initialization vector
iv_len	length of IV
add	additional data
add_len	length of additional data
tag	buffer holding the tag
tag_len	length of the tag
input	buffer holding the input data
output	buffer for holding the output data

Returns: 0 if successful and authenticated, MBEDTLS_ERR_GCM_AUTH_FAILED if tag does not match

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_gcm_crypt_and_tag()

int mbedtls_gcm_crypt_and_tag	(	mbedtls_gcm_context *	ctx,
		int	mode,
		size_t	length,
		const unsigned char *	iv,
		size_t	iv_len,
		const unsigned char *	add,
		size_t	add_len,
		const unsigned char *	input,
		unsigned char *	output,
		size_t	tag_len,
		unsigned char *	tag
	)

GCM buffer encryption/decryption using a block cipher.

Note: On encryption, the output buffer can be the same as the input buffer. On decryption, the output buffer cannot be the same as input buffer. If buffers overlap, the output buffer must trail at least 8 bytes behind the input buffer.

Parameters

ctx	GCM context
mode	MBEDTLS_GCM_ENCRYPT or MBEDTLS_GCM_DECRYPT
length	length of the input data
iv	initialization vector
iv_len	length of IV
add	additional data
add_len	length of additional data
input	buffer holding the input data
output	buffer for holding the output data
tag_len	length of the tag to generate
tag	buffer for holding the tag

Returns: 0 if successful

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_gcm_finish()

int mbedtls_gcm_finish	(	mbedtls_gcm_context *	ctx,
		unsigned char *	tag,
		size_t	tag_len
	)

Generic GCM finalisation function. Wraps up the GCM stream and generates the tag. The tag can have a maximum length of 16 bytes.

Parameters

ctx	GCM context
tag	buffer for holding the tag
tag_len	length of the tag to generate (must be at least 4)

Returns: 0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_gcm_free()

void mbedtls_gcm_free ( mbedtls_gcm_context * ctx )

Free a GCM context and underlying cipher sub-context.

Parameters

ctx	GCM context to free

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_gcm_init()

void mbedtls_gcm_init ( mbedtls_gcm_context * ctx )

Initialize GCM context (just makes references valid) Makes the context ready for mbedtls_gcm_setkey() or mbedtls_gcm_free().

Parameters

ctx	GCM context to initialize

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_gcm_self_test()

int mbedtls_gcm_self_test ( int verbose )

Checkup routine.

Returns: 0 if successful, or 1 if the test failed

Here is the call graph for this function:

◆ mbedtls_gcm_setkey()

int mbedtls_gcm_setkey	(	mbedtls_gcm_context *	ctx,
		mbedtls_cipher_id_t	cipher,
		const unsigned char *	key,
		unsigned int	keybits
	)

GCM initialization (encryption)

Parameters

ctx	GCM context to be initialized
cipher	cipher to use (a 128-bit block cipher)
key	encryption key
keybits	must be 128, 192 or 256

Returns: 0 if successful, or a cipher specific error code

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_gcm_starts()

int mbedtls_gcm_starts	(	mbedtls_gcm_context *	ctx,
		int	mode,
		const unsigned char *	iv,
		size_t	iv_len,
		const unsigned char *	add,
		size_t	add_len
	)

Generic GCM stream start function.

Parameters

ctx	GCM context
mode	MBEDTLS_GCM_ENCRYPT or MBEDTLS_GCM_DECRYPT
iv	initialization vector
iv_len	length of IV
add	additional data (or NULL if length is 0)
add_len	length of additional data

Returns: 0 if successful

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mbedtls_gcm_update()

int mbedtls_gcm_update	(	mbedtls_gcm_context *	ctx,
		size_t	length,
		const unsigned char *	input,
		unsigned char *	output
	)

Generic GCM update function. Encrypts/decrypts using the given GCM context. Expects input to be a multiple of 16 bytes! Only the last call before mbedtls_gcm_finish() can be less than 16 bytes!

Note: On decryption, the output buffer cannot be the same as input buffer. If buffers overlap, the output buffer must trail at least 8 bytes behind the input buffer.

Parameters

ctx	GCM context
length	length of the input data
input	buffer holding the input data
output	buffer for holding the output data

Returns: 0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT

Here is the call graph for this function:

Here is the caller graph for this function:

Classes

Macros

Functions

Detailed Description

Macro Definition Documentation

◆ MBEDTLS_ERR_GCM_AUTH_FAILED

◆ MBEDTLS_ERR_GCM_BAD_INPUT

◆ MBEDTLS_GCM_DECRYPT

◆ MBEDTLS_GCM_ENCRYPT

Function Documentation

◆ mbedtls_gcm_auth_decrypt()

◆ mbedtls_gcm_crypt_and_tag()

◆ mbedtls_gcm_finish()

◆ mbedtls_gcm_free()

◆ mbedtls_gcm_init()

◆ mbedtls_gcm_self_test()

◆ mbedtls_gcm_setkey()

◆ mbedtls_gcm_starts()

◆ mbedtls_gcm_update()