libsodium (1.0.19)
1 #ifndef crypto_aead_aes256gcm_H
2 #define crypto_aead_aes256gcm_H
3
4 /*
5 * WARNING: Despite being the most popular AEAD construction due to its
6 * use in TLS, safely using AES-GCM in a different context is tricky.
7 *
8 * No more than ~ 350 GB of input data should be encrypted with a given key.
9 * This is for ~ 16 KB messages -- Actual figures vary according to
10 * message sizes.
11 *
12 * In addition, nonces are short and repeated nonces would totally destroy
13 * the security of this scheme.
14 *
15 * Nonces should thus come from atomic counters, which can be difficult to
16 * set up in a distributed environment.
17 *
18 * Unless you absolutely need AES-GCM, use crypto_aead_xchacha20poly1305_ietf_*()
19 * instead. It doesn't have any of these limitations.
20 * Or, if you don't need to authenticate additional data, just stick to
21 * crypto_secretbox().
22 */
23
24 #include <stddef.h>
25 #include "export.h"
26
27 #ifdef __cplusplus
28 # ifdef __GNUC__
29 # pragma GCC diagnostic ignored "-Wlong-long"
30 # endif
31 extern "C" {
32 #endif
33
34 SODIUM_EXPORT
35 int crypto_aead_aes256gcm_is_available(void);
36
37 #define crypto_aead_aes256gcm_KEYBYTES 32U
38 SODIUM_EXPORT
39 size_t crypto_aead_aes256gcm_keybytes(void);
40
41 #define crypto_aead_aes256gcm_NSECBYTES 0U
42 SODIUM_EXPORT
43 size_t crypto_aead_aes256gcm_nsecbytes(void);
44
45 #define crypto_aead_aes256gcm_NPUBBYTES 12U
46 SODIUM_EXPORT
47 size_t crypto_aead_aes256gcm_npubbytes(void);
48
49 #define crypto_aead_aes256gcm_ABYTES 16U
50 SODIUM_EXPORT
51 size_t crypto_aead_aes256gcm_abytes(void);
52
53 #define crypto_aead_aes256gcm_MESSAGEBYTES_MAX \
54 SODIUM_MIN(SODIUM_SIZE_MAX - crypto_aead_aes256gcm_ABYTES, \
55 (16ULL * ((1ULL << 32) - 2ULL)))
56 SODIUM_EXPORT
57 size_t crypto_aead_aes256gcm_messagebytes_max(void);
58
59 typedef struct CRYPTO_ALIGN(16) crypto_aead_aes256gcm_state_ {
60 unsigned char opaque[512];
61 } crypto_aead_aes256gcm_state;
62
63 SODIUM_EXPORT
64 size_t crypto_aead_aes256gcm_statebytes(void);
65
66 SODIUM_EXPORT
67 int crypto_aead_aes256gcm_encrypt(unsigned char *c,
68 unsigned long long *clen_p,
69 const unsigned char *m,
70 unsigned long long mlen,
71 const unsigned char *ad,
72 unsigned long long adlen,
73 const unsigned char *nsec,
74 const unsigned char *npub,
75 const unsigned char *k)
76 __attribute__ ((nonnull(1, 8, 9)));
77
78 SODIUM_EXPORT
79 int crypto_aead_aes256gcm_decrypt(unsigned char *m,
80 unsigned long long *mlen_p,
81 unsigned char *nsec,
82 const unsigned char *c,
83 unsigned long long clen,
84 const unsigned char *ad,
85 unsigned long long adlen,
86 const unsigned char *npub,
87 const unsigned char *k)
88 __attribute__ ((warn_unused_result)) __attribute__ ((nonnull(4, 8, 9)));
89
90 SODIUM_EXPORT
91 int crypto_aead_aes256gcm_encrypt_detached(unsigned char *c,
92 unsigned char *mac,
93 unsigned long long *maclen_p,
94 const unsigned char *m,
95 unsigned long long mlen,
96 const unsigned char *ad,
97 unsigned long long adlen,
98 const unsigned char *nsec,
99 const unsigned char *npub,
100 const unsigned char *k)
101 __attribute__ ((nonnull(1, 2, 9, 10)));
102
103 SODIUM_EXPORT
104 int crypto_aead_aes256gcm_decrypt_detached(unsigned char *m,
105 unsigned char *nsec,
106 const unsigned char *c,
107 unsigned long long clen,
108 const unsigned char *mac,
109 const unsigned char *ad,
110 unsigned long long adlen,
111 const unsigned char *npub,
112 const unsigned char *k)
113 __attribute__ ((warn_unused_result)) __attribute__ ((nonnull(3, 5, 8, 9)));
114
115 /* -- Precomputation interface -- */
116
117 SODIUM_EXPORT
118 int crypto_aead_aes256gcm_beforenm(crypto_aead_aes256gcm_state *ctx_,
119 const unsigned char *k)
120 __attribute__ ((nonnull));
121
122 SODIUM_EXPORT
123 int crypto_aead_aes256gcm_encrypt_afternm(unsigned char *c,
124 unsigned long long *clen_p,
125 const unsigned char *m,
126 unsigned long long mlen,
127 const unsigned char *ad,
128 unsigned long long adlen,
129 const unsigned char *nsec,
130 const unsigned char *npub,
131 const crypto_aead_aes256gcm_state *ctx_)
132 __attribute__ ((nonnull(1, 8, 9)));
133
134 SODIUM_EXPORT
135 int crypto_aead_aes256gcm_decrypt_afternm(unsigned char *m,
136 unsigned long long *mlen_p,
137 unsigned char *nsec,
138 const unsigned char *c,
139 unsigned long long clen,
140 const unsigned char *ad,
141 unsigned long long adlen,
142 const unsigned char *npub,
143 const crypto_aead_aes256gcm_state *ctx_)
144 __attribute__ ((warn_unused_result)) __attribute__ ((nonnull(4, 8, 9)));
145
146 SODIUM_EXPORT
147 int crypto_aead_aes256gcm_encrypt_detached_afternm(unsigned char *c,
148 unsigned char *mac,
149 unsigned long long *maclen_p,
150 const unsigned char *m,
151 unsigned long long mlen,
152 const unsigned char *ad,
153 unsigned long long adlen,
154 const unsigned char *nsec,
155 const unsigned char *npub,
156 const crypto_aead_aes256gcm_state *ctx_)
157 __attribute__ ((nonnull(1, 2, 9, 10)));
158
159 SODIUM_EXPORT
160 int crypto_aead_aes256gcm_decrypt_detached_afternm(unsigned char *m,
161 unsigned char *nsec,
162 const unsigned char *c,
163 unsigned long long clen,
164 const unsigned char *mac,
165 const unsigned char *ad,
166 unsigned long long adlen,
167 const unsigned char *npub,
168 const crypto_aead_aes256gcm_state *ctx_)
169 __attribute__ ((warn_unused_result)) __attribute__ ((nonnull(3, 5, 8, 9)));
170
171 SODIUM_EXPORT
172 void crypto_aead_aes256gcm_keygen(unsigned char k[crypto_aead_aes256gcm_KEYBYTES])
173 __attribute__ ((nonnull));
174
175 #ifdef __cplusplus
176 }
177 #endif
178
179 #endif
Browse
Usage
Versions