kcapi_aead_stream_init_enc — start an encryption operation (stream)
int32_t kcapi_aead_stream_init_enc ( | struct kcapi_handle * handle, |
| const uint8_t * iv, | |
| struct iovec * iov, | |
uint32_t iovlen); |
handle[in] cipher handle
iv[in] IV to be used for cipher operation
iov[in] scatter/gather list with data to be encrypted. This is the pointer to the first iov entry if an array of iov entries is supplied. See sendmsg(2) for details on how iov is to be used. This pointer may be NULL if no data to be encrypted is available at the point of the call.
iovlen[in] number of scatter/gather list elements. If iov is NULL, this value must be zero.
A stream encryption operation is started with this call. Multiple
successive kcapi_aead_stream_update function calls can be invoked to
send more plaintext data to be encrypted. The kernel buffers the input
until kcapi_aead_stream_op picks up the encrypted data. Once plaintext
is encrypted during the kcapi_aead_stream_op it is removed from the
kernel buffer.
Note, unlike the corresponding symmetric cipher API, the function calls of
kcapi_aead_stream_update and kcapi_aead_stream_op cannot be mixed! This
due to the nature of AEAD where the cipher operation ensures the integrity
of the entire data (decryption) or calculates a message digest over the
entire data (encryption).
When using the stream API, the caller must ensure that data is sent
in the correct order (regardless whether data is sent in multiple chunks
using kcapi_aead_stream_init_enc or kcapi_cipher_stream_update): (i)
the complete associated data must be provided, followed by (ii) the
plaintext.
The IV buffer must be exactly kcapi_cipher_ivsize bytes in size.
return number of bytes sent to the kernel upon success;
a negative errno-style error code if an error occurred