[−][src]Function sgx_tcrypto::rsgx_rijndael128GCM_encrypt
pub fn rsgx_rijndael128GCM_encrypt(
key: &sgx_aes_gcm_128bit_key_t,
src: &[u8],
iv: &[u8],
aad: &[u8],
dst: &mut [u8],
mac: &mut sgx_aes_gcm_128bit_tag_t
) -> SgxError
rsgx_rijndael128GCM_encrypt performs a Rijndael AES-GCM encryption operation.
Only a 128bit key size is supported by this Intel(R) SGX SDK cryptography library.
Description
The Galois/Counter Mode (GCM) is a mode of operation of the AES algorithm. GCM [NIST SP 800-38D] uses a variation of the counter mode of operation for encryption. GCM assures authenticity of the confidential data (of up to about 64 GB per invocation) using a universal hash function defined over a binary finite field (the Galois field).
GCM can also provide authentication assurance for additional data (of practically unlimited length per invocation) that is not encrypted. GCM provides stronger authentication assurance than a (non-cryptographic) checksum or error detecting code. In particular, GCM can detect both accidental modifications of the data and intentional, unauthorized modifications.
It is recommended that the source and destination data buffers are allocated within the enclave. The AAD buffer could be allocated within or outside enclave memory. The use of AAD data buffer could be information identifying the encrypted data since it will remain in clear text.
Parameters
key
A pointer to key to be used in the AES-GCM encryption operation. The size must be 128 bits.
src
A pointer to the input data stream to be encrypted. Buffer content could be empty if there is AAD text.
iv
A pointer to the initialization vector to be used in the AES-GCM calculation. NIST AES-GCM recommended IV size is 96 bits (12 bytes).
aad
A pointer to an optional additional authentication data buffer which is used in the GCM MAC calculation. The data in this buffer will not be encrypted. The field is optional and content could be empty.
dst
A pointer to the output encrypted data buffer. This buffer should be allocated by the calling code.
mac
This is the output GCM MAC performed over the input data buffer (data to be encrypted) as well as the additional authentication data (this is optional data). The calling code should allocate this buffer.
Requirements
Library: libsgx_tcrypto.a
Errors
SGX_ERROR_INVALID_PARAMETER
If both source buffer and AAD buffer content are empty.
If IV Length is not equal to 12 (bytes).
SGX_ERROR_OUT_OF_MEMORY
Not enough memory is available to complete this operation.
SGX_ERROR_UNEXPECTED
An internal cryptography library failure occurred.