Skip to main content

otPlatCryptoAesCcmProcessOneShot

Function otPlatCryptoAesCcmProcessOneShot 

Source
pub unsafe extern "C" fn otPlatCryptoAesCcmProcessOneShot(
    aEncrypt: bool,
    aConfig: *const otPlatCryptoAesCcmConfig,
    aHeader: *const u8,
    aData: *mut u8,
) -> otError
Expand description

Performs in-place AES-CCM* authenticated encryption or decryption in a single call.

For encryption (@p aEncrypt == true):

  • Plaintext at @p aData is replaced with ciphertext in-place.
  • The authentication tag is written to @p aData + @p aConfig->mPlainTextLength.

For decryption (@p aEncrypt == false):

  • Ciphertext at @p aData is replaced with plaintext in-place.
  • The tag to verify must be at @p aData + @p aConfig->mPlainTextLength.

Requires OPENTHREAD_CONFIG_CRYPTO_PLATFORM_CCM_ONE_SHOT_ENABLE.

Default weak mbedTLS and PSA implementations are provided.

@param[in] aEncrypt True to encrypt and generate tag; false to decrypt and verify tag. @param[in] aConfig CCM* parameters (key, nonce, lengths). @param[in] aHeader Additional authenticated data (not encrypted). May be NULL if header length is 0. @param[in,out] aData Payload buffer (plaintext on encrypt entry, ciphertext on decrypt entry). The buffer must hold @p aConfig->mPlainTextLength + @p aConfig->mTagLength bytes.

@retval OT_ERROR_NONE Success. @retval OT_ERROR_SECURITY Tag mismatch (decrypt only). @retval OT_ERROR_FAILED Operation failed.