ica_aes_cbc

Purpose

Encrypt or decrypt data with an AES key using Cipher Block Chaining (CBC) mode, as described in NIST Special Publication 800-38A Chapter 6.2.

Format


unsigned int ica_aes_cbc(const unsigned char *in_data,
  unsigned char *out_data,
  unsigned long data_length,
  const unsigned char *key,
  unsigned int key_length,
  unsigned char *iv,
  unsigned int direction);

Required hardware support

KMC-AES-128, KMC-AES-192, or KMC-AES-256

Parameters

const unsigned char *in_data

Pointer to a readable buffer that contains the message to be encrypted or decrypted. The size of the message in bytes is data_length. The size of this buffer must be at least as large as data_length.

unsigned char *out_data

Pointer to a writable buffer to contain the resulting encrypted or decrypted message. The size of this buffer in bytes must be at least as large as data_length.

unsigned long data_length

Length in bytes of the message to be encrypted or decrypted, which resides at the beginning of in_data. data_length must be a multiple of the cipher block size (a multiple of 16 for AES).

const unsigned char *key

Pointer to a valid AES key.

unsigned int key_length

Length in bytes of the AES key. Supported sizes are 16, 24, and 32, for AES-128, AES-192, and AES-256 respectively. Therefore, you can use the definitions: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256.

unsigned char *iv

Pointer to a valid initialization vector of the same size as the cipher block in bytes. This vector is overwritten during the function. The result value in iv can be used as the initialization vector for a chained ica_aes_cbc or ica_aes_cbc_cs call with the same key.

unsigned int direction

0: Use the decrypt function.
1: Use the encrypt function.

Return codes

0: Success

For return codes indicating exceptions, see Return codes.