class Cipher

class Cipher

Defined at line 26 of file ../../src/security/lib/fcrypto/cipher.h

Public Methods

Direction direction ()

Defined at line 44 of file ../../src/security/lib/fcrypto/cipher.h

uint64_t alignment ()

Defined at line 45 of file ../../src/security/lib/fcrypto/cipher.h

void Cipher ()

Defined at line 111 of file ../../src/security/lib/fcrypto/cipher.cc

void ~Cipher ()

Defined at line 113 of file ../../src/security/lib/fcrypto/cipher.cc

zx_status_t GetKeyLen (Algorithm cipher, size_t * out)

Gets the number of bytes needed for the symmetric key used by the given |cipher|.

Defined at line 63 of file ../../src/security/lib/fcrypto/cipher.cc

zx_status_t InitEncrypt (Algorithm algo, const Secret & key, const Bytes & iv)

Sets up the cipher to encrypt data using the given |key| and |iv|, either as a stream cipher

or a random access cipher, as described above in |Init|.

Defined at line 68 of file ../../src/security/lib/fcrypto/cipher.h

zx_status_t InitEncrypt (Algorithm algo, const Secret & key, const Bytes & iv, uint64_t alignment)

Defined at line 71 of file ../../src/security/lib/fcrypto/cipher.h

zx_status_t InitDecrypt (Algorithm algo, const Secret & key, const Bytes & iv)

Sets up the cipher to decrypt data using the given |key| and |iv|, either as a stream cipher

or a random access cipher, as described above in |Init|.

Defined at line 77 of file ../../src/security/lib/fcrypto/cipher.h

zx_status_t GetIVLen (Algorithm cipher, size_t * out)

Gets the number of bytes needed for the initialization vector (IV) used by the given

|cipher|.

Defined at line 79 of file ../../src/security/lib/fcrypto/cipher.cc

zx_status_t InitDecrypt (Algorithm algo, const Secret & key, const Bytes & iv, uint64_t alignment)

Defined at line 80 of file ../../src/security/lib/fcrypto/cipher.h

zx_status_t Encrypt (const uint8_t * in, size_t length, uint8_t * out)

Encrypts |len| bytes from |in| to |out|, as described above in |Transform|.

Defined at line 94 of file ../../src/security/lib/fcrypto/cipher.h

zx_status_t GetBlockSize (Algorithm cipher, size_t * out)

Gets the cipher block size in bytes for the given |cipher|. Data passed to |Encrypt| or

|Decrypt| must be a multiple of this size.

Defined at line 95 of file ../../src/security/lib/fcrypto/cipher.cc

zx_status_t Encrypt (const uint8_t * in, zx_off_t offset, size_t length, uint8_t * out)

Defined at line 97 of file ../../src/security/lib/fcrypto/cipher.h

zx_status_t Decrypt (const uint8_t * in, size_t length, uint8_t * out)

Decrypts |len| bytes from |in| to |out|, as described above in |Transform|.

Defined at line 102 of file ../../src/security/lib/fcrypto/cipher.h

zx_status_t Decrypt (const uint8_t * in, zx_off_t offset, size_t length, uint8_t * out)

Defined at line 105 of file ../../src/security/lib/fcrypto/cipher.h

zx_status_t Init (Algorithm algo, Direction direction, const Secret & key, const Bytes & iv, uint64_t alignment)

Sets up the cipher to encrypt or decrypt data using the given |key| and |iv|, based on the

given |direction|, either as:

- A stream ciphers, using the first variant that omits the |alignment|.

- As a random access cipher, using the second variant. All offsets must be

|alignment|-aligned, and |alignment| must be a power of 2.

Defined at line 115 of file ../../src/security/lib/fcrypto/cipher.cc

zx_status_t Transform (const uint8_t * in, zx_off_t offset, size_t length, uint8_t * out, Direction Direction)

Encrypts or decrypts |length| bytes from |in| to |out|, based on the given |direction| and

the parameters set in |Init|:

- Must have been configured with the same |direction|.

- If |alignment| was non-zero, |offset| must be a multiple of it.

Finally, |length| must be a multiple of cipher blocks, and |out| must have room for |length|

bytes. This method will fail if called 2^64 or more times with the same key and IV.

Defined at line 178 of file ../../src/security/lib/fcrypto/cipher.cc

void Reset ()

Clears all state from this instance.

Defined at line 224 of file ../../src/security/lib/fcrypto/cipher.cc

Enumerations

enum Algorithm
Name Value
kUninitialized 0
kAES256_XTS 1

Algorithm enumerates the supported secret key ciphers.

Defined at line 29 of file ../../src/security/lib/fcrypto/cipher.h

enum Direction
Name Value
kUnset 0
kEncrypt 1
kDecrypt 2

Indicates whether the objects turns plaintext into ciphertext or vice versa.

Defined at line 35 of file ../../src/security/lib/fcrypto/cipher.h