Scroll to navigation

KCAPI_AKCIPHER_DECRY(3) Programming Interface KCAPI_AKCIPHER_DECRY(3)

NAME

kcapi_akcipher_decrypt - decrypt data

SYNOPSIS

ssize_t kcapi_akcipher_decrypt(struct kcapi_handle * handle, const uint8_t * in, size_t inlen, uint8_t * out, size_t outlen, int access);

ARGUMENTS

handle

[in] cipher handle

in

[in] ciphertext data buffer

inlen

[in] length of in buffer

out

[out] plaintext data buffer

outlen

[in] length of out buffer

access

[in] kernel access type (KCAPI_ACCESS_HEURISTIC - use internal heuristic for fastest kernel access; KCAPI_ACCESS_VMSPLICE - use vmsplice access; KCAPI_ACCESS_SENDMSG - sendmsg access)

DESCRIPTION

It is perfectly legal to use the same buffer as the plaintext and ciphertext pointers. That would mean that after the decryption operation, the ciphertext is overwritten with the plaintext.

The memory should be aligned at the page boundary using posix_memalign(sysconf(_SC_PAGESIZE)), If it is not aligned at the page boundary, the vmsplice call may not send all data to the kernel.

If the output size is insufficiently large, -EINVAL is returned. The output buffer must be at least as large as the modululs of the uses key.

return number of bytes returned by the decryption operation upon success; a negative errno-style error code if an error occurred

AUTHOR

Stephan Mueller <smueller@chronox.de>

Author.

COPYRIGHT

March 2023 libkcapi Manual 1.4.0