AES Utilities
IntroductionThis header contains function prototypes called by the WAC engine. These functions abstract the interaction with AES libraries. GroupsAES 128-bit ECB APIAPI to encrypt or decrypt using AES-128 in ECB mode. DiscussionCall AES_ECB_Init to initialize the context. Don't use the context until it has been initialized. Call AES_ECB_Update to encrypt or decrypt N bytes of input and generate N bytes of output. Call AES_ECB_Final to finalize the context. After finalizing, you must call AES_ECB_Init to use it again.
AES 128-bit Counter Mode APIAPI to encrypt or decrypt using AES-128 in counter mode. DiscussionCall AES_CTR_Init to initialize the context. Don't use the context until it has been initialized. Call AES_CTR_Update to encrypt or decrypt N bytes of input and generate N bytes of output. Call AES_CTR_Final to finalize the context. After finalizing, you must call AES_CTR_Init to use it again.
AES_GCM 128-bit APIAPI to perform authenticated encryption and decryption using AES-128 in GCM mode. DiscussionCall AES_GCM_Init to initialize the context. Don't use the context until it has been initialized. Call AES_GCM_Final to finalize the context. After finalizing, you must call AES_GCM_Init to use it again. The general flow for sending a message: AES_GCM_InitMessage (provide per-message nonce or use kAES_CGM_Nonce_Auto to increment the nonce from AES_GCM_Init). AES_GCM_AddAAD (may repeat as many times as necessary to add each chunk of AAD). AES_GCM_Encrypt (may repeat as many times as necessary to add each chunk of data to encrypt). AES_GCM_FinalizeMessage (outputs a auth tag to send along with the message so it can be verified by the receiver). The general flow for receiving a message: AES_GCM_InitMessage (provide per-message nonce or use kAES_CGM_Nonce_Auto to increment the nonce from AES_GCM_Init). AES_GCM_AddAAD (may repeat as many times as necessary to add each chunk of AAD). AES_GCM_Decrypt (may repeat as many times as necessary to add each chunk of data to encrypt). AES_GCM_VerifyMessage (if this fails, reject the message). See <http://en.wikipedia.org/wiki/Galois/Counter_Mode> for more information.
AES 128-bit CBC Frame Mode APIAPI to encrypt or decrypt using AES-128 in CBC frame mode. DiscussionCall AES_CBCFrame_Init to initialize the context. Don't use the context until it has been initialized. Call AES_CBCFrame_Update to encrypt or decrypt N bytes of input and generate N bytes of output. Call AES_CBCFrame_Final to finalize the context. After finalizing, you must call AES_CBCFrame_Init to use it again. |