diff options
author | NIIBE Yutaka <gniibe@fsij.org> | 2022-08-25 14:31:07 +0900 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2022-08-25 14:31:07 +0900 |
commit | 373b1f6c17948fa7d31880c3705391bef08a0471 (patch) | |
tree | d501a0204631027d908f4f53f333ced6c0bfd9f2 /doc | |
parent | 249ca431ef881d510b90a5d3db9cd8507c4d697b (diff) | |
download | libgcrypt-373b1f6c17948fa7d31880c3705391bef08a0471.tar.gz |
cipher: Support internal generation of IV for AEAD cipher mode.
* cipher/cipher-gcm.c (_gcry_cipher_gcm_setiv_zero): New.
(_gcry_cipher_gcm_encrypt, _gcry_cipher_gcm_decrypt)
(_gcry_cipher_gcm_authenticate): Use _gcry_cipher_gcm_setiv_zero.
* cipher/cipher-internal.h (struct gcry_cipher_handle): Add aead field.
* cipher/cipher.c (_gcry_cipher_setiv): Check calling setiv to reject
direct invocation in FIPS mode.
(_gcry_cipher_setup_geniv, _gcry_cipher_geniv): New.
* doc/gcrypt.texi: Add explanation for two new functions.
* src/gcrypt-int.h (_gcry_cipher_setup_geniv, _gcry_cipher_geniv): New.
* src/gcrypt.h.in (enum gcry_cipher_geniv_methods): New.
(gcry_cipher_setup_geniv, gcry_cipher_geniv): New.
* src/libgcrypt.def (gcry_cipher_setup_geniv, gcry_cipher_geniv): Add.
* src/libgcrypt.vers: Likewise.
* src/visibility.c (gcry_cipher_setup_geniv, gcry_cipher_geniv): Add.
* src/visibility.h: Likewise.
--
GnuPG-bug-id: 4873
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/gcrypt.texi | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index b608dba2..277717d2 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2005,6 +2005,33 @@ truncated lengths (4, 8, 12, 13, 14, or 15). @end deftypefun +For encryption of AEAD cipher modes, it should be possible to generate +an initialization vector internally within libgcrypt implementation, +in coordinated way, instead of calling @code{gcry_cipher_setiv} with +arbitrary value, so that it can ensure the security properties of AEAD +block cipher. For this purpose, the following two functions are provided: + +@deftypefun {gcry_error_t} gcry_cipher_setup_geniv (gcry_cipher_hd_t @var{h}, @ + int @var{method}, const void *@var{fixed_iv}, size_t @var{fixed_ivlen}, @ + const void *@var{dyn_iv}, size_t @var{dyn_ivlen}) + +Set up an initialization vector generation for AEAD cipher modes. +Generation is specified by @var{method}, fixed part of initialization +vector by @var{fixed_iv} and @var{fixed_ivlen}, and dynamic part of +initialization vector by @var{dyn_iv} and @var{dyn_ivlen}. +For @var{method}, valid values are @code{GCRY_CIPHER_GENIV_METHOD_CONCAT} +and @code{GCRY_CIPHER_GENIV_METHOD_XOR}. +@end deftypefun + +@deftypefun {gcry_error_t} gcry_cipher_geniv (gcry_cipher_hd_t @var{h}, @ + void *@var{iv}, size_t @var{ivlen}) + +Generate the initialization vector into the output buffer @var{iv} +with length @var{ivlen}. The initialization vector will be used by +following @code{gcry_cipher_encrypt} call. +@end deftypefun + + The actual encryption and decryption is done by using one of the following functions. They may be used as often as required to process all the data. |