Correct sequence for AEAD incremental functions

CryptoSys API Library Manual

Correct sequence for AEAD incremental functions

* denotes zero or more repeats.

Incremental encryption pseudocode

InitKey(key)
{ For each packet do:
   SetNonce(nonce)
   { AddAAD(aad-chunk) }*
   StartEncrypt()
   { ciphertext-chunk <-- Update(plaintext-chunk) }*
   tag <-- FinishEncrypt()
}*
Destroy()

Incremental decryption pseudocode

InitKey(key)
{ For each packet do:
   SetNonce(nonce)
   { AddAAD(aad-chunk) }*
   StartDecrypt(tag-to-check)
   { plaintext-chunk <-- Update(ciphertext-chunk) }*
   (OK|FAIL) <-- FinishDecrypt()
}*
Destroy()

Notes on incremental mode:

AAD data must be added in its entirety before starting to encrypt or decrypt
When decrypting in an incremental manner, the deciphered plaintext is output in chunks as the ciphertext chunks are added. Treat this plaintext as suspect until the AEAD_FinishDecrypt returns either OK or FAIL and throw it all away if FAIL is returned.
All AEAD incremental functions return zero on success (except AEAD_InitKey). Using an incremental function out of sequence will return a MISUSE_ERROR error code.
Calling AEAD_InitKey at any time will delete any existing state ready to start again with the same key. AEAD_Destroy is similar except all state including the key is destroyed.

[Contents] [Index]

[PREV: An interface for Authenticated Encryption with Associated Data (AEAD)...] [Contents] [Index]

[NEXT: Filenames with "International" characters...]