Function esp_idf_svc::sys::mbedtls_cipher_auth_encrypt_ext

source ·
pub unsafe extern "C" fn mbedtls_cipher_auth_encrypt_ext(
    ctx: *mut mbedtls_cipher_context_t,
    iv: *const u8,
    iv_len: usize,
    ad: *const u8,
    ad_len: usize,
    input: *const u8,
    ilen: usize,
    output: *mut u8,
    output_len: usize,
    olen: *mut usize,
    tag_len: usize,
) -> i32
Expand description

\brief The authenticated encryption (AEAD/NIST_KW) function.

\note For AEAD modes, the tag will be appended to the ciphertext, as recommended by RFC 5116. (NIST_KW doesn’t have a separate tag.)

\param ctx The generic cipher context. This must be initialized and bound to a key, with an AEAD algorithm or NIST_KW. \param iv The nonce to use. This must be a readable buffer of at least \p iv_len Bytes and may be \c NULL if \p iv_len is \c 0. \param iv_len The length of the nonce. For AEAD ciphers, this must satisfy the constraints imposed by the cipher used. For NIST_KW, this must be \c 0. \param ad The additional data to authenticate. This must be a readable buffer of at least \p ad_len Bytes, and may be \c NULL is \p ad_len is \c 0. \param ad_len The length of \p ad. For NIST_KW, this must be \c 0. \param input The buffer holding the input data. This must be a readable buffer of at least \p ilen Bytes, and may be \c NULL if \p ilen is \c 0. \param ilen The length of the input data. \param output The buffer for the output data. This must be a writable buffer of at least \p output_len Bytes, and must not be \c NULL. \param output_len The length of the \p output buffer in Bytes. For AEAD ciphers, this must be at least \p ilen + \p tag_len. For NIST_KW, this must be at least \p ilen + 8 (rounded up to a multiple of 8 if KWP is used); \p ilen + 15 is always a safe value. \param olen This will be filled with the actual number of Bytes written to the \p output buffer. This must point to a writable object of type \c size_t. \param tag_len The desired length of the authentication tag. For AEAD ciphers, this must match the constraints imposed by the cipher used, and in particular must not be \c 0. For NIST_KW, this must be \c 0.

\return \c 0 on success. \return #MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on parameter-verification failure. \return A cipher-specific error code on failure.