Provided by: libkcapi-dev_1.1.3-1_amd64 bug

NAME

       kcapi_aead_stream_init_dec - start a decryption operation (stream)

SYNOPSIS

       int32_t kcapi_aead_stream_init_dec(struct kcapi_handle * handle, const uint8_t * iv,
                                          struct iovec * iov, uint32_t iovlen);

ARGUMENTS

       handle
           [in] cipher handle

       iv
           [in] IV to be used for cipher operation

       iov
           [in] scatter/gather list with data to be encrypted. This is the pointer to the first
           iov entry if an array of iov entries is supplied. See sendmsg(2) for details on how
           iov is to be used. This pointer may be NULL if no data to be encrypted is available at
           the point of the call.

       iovlen
           [in] number of scatter/gather list elements. If iov is NULL, this value must be zero.

DESCRIPTION

       A stream decryption operation is started with this call. Multiple successive
       kcapi_aead_stream_update function calls can be invoked to send more ciphertext data to be
       encrypted. The kernel buffers the input until kcapi_aead_stream_op picks up the decrypted
       data. Once ciphertext is decrypted during the kcapi_aead_stream_op it is removed from the
       kernel buffer.

       Note, unlike the corresponding symmetric cipher API, the function calls of
       kcapi_aead_stream_update and kcapi_aead_stream_op cannot be mixed! This due to the nature
       of AEAD where the cipher operation ensures the integrity of the entire data (decryption)
       or calculates a message digest over the entire data (encryption).

       When using the stream API, the caller must ensure that data is sent in the correct order
       (regardless whether data is sent in multiple chunks using kcapi_aead_stream_init_enc or
       kcapi_cipher_stream_update): (i) the complete associated data must be provided, followed
       by (ii) the plaintext. For decryption, also (iii) the tag value must be sent.

       The IV buffer must be exactly kcapi_cipher_ivsize bytes in size.

       return number of bytes sent to the kernel upon success; a negative errno-style error code
       if an error occurred

AUTHOR

       Stephan Mueller <smueller@chronox.de>
           Author.

COPYRIGHT