1 Reply by xkcd

(5 replies, posted in wolfSSL)

Hi John,

I am trying to encrypt my own data with integrity, and AES-GCM looked like a better way of doing MAC-then-encrypt ... a bit more abstract at least.

Thanks a lot for the detailed explanation, it all makes sense now to me  smile

Go to forum: wolfSSL

2 Reply by xkcd

(5 replies, posted in wolfSSL)

Hi Vanger,

Thanks for the reply.

I did read through the aes.h file, although your explanation for the p parameter makes sense to me, the a parameter doesn't seem to correspond to auth tags, I think that the t2 parameter does that.

In the function declaration a corresponds to authIn, but I cannot find any explanation anywhere in the manual or code comments that what it is   sad

Go to forum: wolfSSL

3 Topic by xkcd

(5 replies, posted in wolfSSL)

Hi,

I want to use the AES-GCM mode for encryption/decryption. The manual refers to the aesgcm_test() function in <cyassl_root>/ctaocrypt/test/test.c as an example, however it is difficult to understand what the different parameters are in the code as there are no comments.

More specifically, what are the arguments in the following functions supposed to be?

AesGcmSetKey(&enc, k, sizeof(k));
AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), t2, sizeof(t2), a, sizeof(a));
AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), t2, sizeof(t2), a, sizeof(a));

I guess k is the key and iv is obvious as well. c2, p2 and t2 are ciphertext, plaintext and tag buffers probably (not sure tbh), but what is supposed to be put in p and a? One of these should be for the original plaintext to be encrypted, i think ... but what about the other one? Can anyone please help with a detailed clarification? Thanks.

Go to forum: wolfSSL