mbedtls_cipher_auth_decrypt() function

The generic cipher context. This must be initialized and bound to a key associated with an AEAD algorithm.

The nonce to use. This must be a readable buffer of at least \p iv_len Bytes and must not be \c NULL.

The length of the nonce. This must satisfy the constraints imposed by the AEAD cipher used.

The additional data to authenticate. This must be a readable buffer of at least \p ad_len Bytes, and may be \c NULL is \p ad_len is \c 0.

The length of \p ad.

The buffer holding the input data. This must be a readable buffer of at least \p ilen Bytes, and may be \c NULL if \p ilen is \c 0.

The length of the input data.

The buffer for the output data. This must be a writable buffer of at least \p ilen Bytes, and must not be \c NULL.

This will be filled with the actual number of Bytes written to the \p output buffer. This must point to a writable object of type \c size_t.

The buffer for the authentication tag. This must be a readable buffer of at least \p tag_len Bytes. See note below regarding restrictions with PSA-based contexts.

The length of the authentication tag. This must match the constraints imposed by the AEAD cipher used, and in particular must not be \c 0.

This function returns the block size of the given cipher.

This function frees and clears the cipher-specific context of \p ctx. Freeing \p ctx itself remains the responsibility of the caller.

This function sets the key to use with the given context.

This function sets the padding mode, for cipher modes that use padding.

The generic cipher update function. It encrypts or decrypts using the given cipher context. Writes as many block-sized blocks of data as possible to output. Any data that cannot be written immediately is either added to the next block, or flushed when mbedtls_cipher_finish() is called. Exception: For MBEDTLS_MODE_ECB, expects a single block in size. For example, 16 Bytes for AES.

This function prepares a cipher context for use with the given cipher primitive. \warning In CBC mode, if mbedtls_cipher_set_padding_mode() is not called: - If MBEDTLS_CIPHER_PADDING_PKCS7 is enabled, the context will use PKCS7 padding. - Otherwise the context uses no padding and the input must be a whole number of blocks. \internal Currently, the function also clears the structure. In future versions, the caller will be required to call mbedtls_cipher_init() on the structure first.

This function initializes a \p ctx as NONE.

The generic all-in-one encryption/decryption function, for all ciphers except AEAD constructs.

This function returns the mode of operation for the cipher. For example, MBEDTLS_MODE_CBC.

This function sets the initialization vector (IV) or nonce.

This function resets the cipher state.

The generic cipher finalization function. If data still needs to be flushed from an incomplete block, the data contained in it is padded to the size of the last block, and written to the \p output buffer.

The authenticated encryption (AEAD/NIST_KW) function.

The authenticated encryption (AEAD/NIST_KW) function.

This function returns the size of the IV or nonce of the cipher, in Bytes.

This function adds additional data for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. This must be called exactly once, after mbedtls_cipher_reset().

This function writes a tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. This must be called after mbedtls_cipher_finish().

This function checks the tag for AEAD ciphers. Currently supported with GCM and ChaCha20+Poly1305. This must be called after mbedtls_cipher_finish().

The generic authenticated encryption (AEAD) function. \deprecated Superseded by mbedtls_cipher_auth_encrypt_ext().

This function returns the type of the given cipher.

This function returns the name of the given cipher as a string.

This function returns the key length of the cipher.

This function returns the operation of the given cipher.

This function starts a new CMAC computation by setting the CMAC key, and preparing to authenticate the input data. It must be called with an initialized cipher context. Once this function has completed, data can be supplied to the CMAC computation by calling mbedtls_cipher_cmac_update(). To start a CMAC computation using the same key as a previous CMAC computation, use mbedtls_cipher_cmac_finish().

This function feeds an input buffer into an ongoing CMAC computation. The CMAC computation must have previously been started by calling mbedtls_cipher_cmac_starts() or mbedtls_cipher_cmac_reset(). Call this function as many times as needed to input the data to be authenticated. Once all of the required data has been input, call mbedtls_cipher_cmac_finish() to obtain the result of the CMAC operation.

This function finishes an ongoing CMAC operation, and writes the result to the output buffer. It should be followed either by mbedtls_cipher_cmac_reset(), which starts another CMAC operation with the same key, or mbedtls_cipher_free(), which clears the cipher context.

This function starts a new CMAC operation with the same key as the previous one. It should be called after finishing the previous CMAC operation with mbedtls_cipher_cmac_finish(). After calling this function, call mbedtls_cipher_cmac_update() to supply the new CMAC operation with data.