libwebsockets
Lightweight C library for HTML5 websockets
|
Data Structures | |
struct | lws_genaes_ctx |
Macros | |
#define | LWS_AES_BLOCKSIZE 128 |
#define | LWS_AES_CBC_BLOCKLEN 16 |
Functions | |
LWS_VISIBLE LWS_EXTERN int | lws_genaes_create (struct lws_genaes_ctx *ctx, enum enum_aes_operation op, enum enum_aes_modes mode, struct lws_gencrypto_keyelem *el, enum enum_aes_padding padding, void *engine) |
LWS_VISIBLE LWS_EXTERN int | lws_genaes_destroy (struct lws_genaes_ctx *ctx, unsigned char *tag, size_t tlen) |
LWS_VISIBLE LWS_EXTERN int | lws_genaes_crypt (struct lws_genaes_ctx *ctx, const uint8_t *in, size_t len, uint8_t *out, uint8_t *iv_or_nonce_ctr_or_data_unit_16, uint8_t *stream_block_16, size_t *nc_or_iv_off, int taglen) |
Lws provides generic AES functions that abstract the ones provided by whatever tls library you are linking against.
It lets you use the same code if you build against mbedtls or OpenSSL for example.
LWS_VISIBLE LWS_EXTERN int lws_genaes_create | ( | struct lws_genaes_ctx * | ctx, |
enum enum_aes_operation | op, | ||
enum enum_aes_modes | mode, | ||
struct lws_gencrypto_keyelem * | el, | ||
enum enum_aes_padding | padding, | ||
void * | engine | ||
) |
#include <include/libwebsockets/lws-genaes.h>
lws_genaes_create() - Create RSA public decrypt context
ctx | your struct lws_genaes_ctx |
op | LWS_GAESO_ENC or LWS_GAESO_DEC |
mode | one of LWS_GAESM_ |
el | struct prepared with key element data |
padding | 0 = no padding, 1 = padding |
engine | if openssl engine used, pass the pointer here |
Creates an RSA context with a public key associated with it, formed from the key elements in el
.
Returns 0 for OK or nonzero for error.
This and related APIs operate identically with OpenSSL or mbedTLS backends.
LWS_VISIBLE LWS_EXTERN int lws_genaes_crypt | ( | struct lws_genaes_ctx * | ctx, |
const uint8_t * | in, | ||
size_t | len, | ||
uint8_t * | out, | ||
uint8_t * | iv_or_nonce_ctr_or_data_unit_16, | ||
uint8_t * | stream_block_16, | ||
size_t * | nc_or_iv_off, | ||
int | taglen | ||
) |
#include <include/libwebsockets/lws-genaes.h>
lws_genaes_crypt() - Encrypt or decrypt
ctx | your struct lws_genaes_ctx |
in | input plaintext or ciphertext |
len | length of input (which is always length of output) |
out | output plaintext or ciphertext |
iv_or_nonce_ctr_or_data_unit_16 | NULL, iv, nonce_ctr16, or data_unit16 |
stream_block_16 | pointer to 16-byte stream block for CTR mode only |
nc_or_iv_off | NULL or pointer to nc, or iv_off |
taglen | length of tag |
Encrypts or decrypts using the AES mode set when the ctx was created. The last three arguments have different meanings depending on the mode:
KW CBC CFB128 CFB8 CTR ECB OFB XTS
iv_or_nonce_ct.._unit_16 : iv iv iv iv nonce NULL iv dataunt stream_block_16 : NULL NULL NULL NULL stream NULL NULL NULL nc_or_iv_off : NULL NULL iv_off NULL nc_off NULL iv_off NULL
For GCM:
iv_or_nonce_ctr_or_data_unit_16 : iv stream_block_16 : pointer to tag nc_or_iv_off : set pointed-to size_t to iv length in : first call: additional data, subsequently : input data len : first call: add data length, subsequently : input / output length
The length of the optional arg is always 16 if used, regardless of the mode.
Returns 0 for OK or nonzero for error.
This and related APIs operate identically with OpenSSL or mbedTLS backends.
LWS_VISIBLE LWS_EXTERN int lws_genaes_destroy | ( | struct lws_genaes_ctx * | ctx, |
unsigned char * | tag, | ||
size_t | tlen | ||
) |
#include <include/libwebsockets/lws-genaes.h>
lws_genaes_destroy() - Destroy genaes AES context
ctx | your struct lws_genaes_ctx |
tag | NULL, or, GCM-only: buffer to receive tag |
tlen | 0, or, GCM-only: length of tag buffer |
Destroys any allocations related to ctx
.
For GCM only, up to tlen bytes of tag buffer will be set on exit.
This and related APIs operate identically with OpenSSL or mbedTLS backends.