Developer Reference

Contents

AES_SIVDecrypt

Performs the SIV authenticated decryption using the AES cipher.

Syntax

IppStatus ippsAES_SIVDecrypt(const Ipp8u*
pSrc
, Ipp8u*
pDst
, int
len
, int*
pAuthPassed
, const Ipp8u*
pAuthKey
, const Ipp8u*
pConfKey
, int
keyLen
, const Ipp8u*
AD
[], const int
ADlen
[], int
numAD
, const Ipp8u*
pSIV
);
Include Files
ippcp.h
Parameters
pSrc
Pointer to the input data to decrypt (ciphertext).
pDst
Pointer to the output decrypted data (plaintext).
len
Length in bytes of the plaintext and ciphertext.
pAuthPassed
Pointer to the result flag.
pAuthKey
Pointer to the authentication key.
pConfKey
Pointer to the confidentiality key.
keyLen
Length of keys in bytes.
AD
Array of pointers to the associated input strings.
ADlen
Array of length (in bytes) of the associated input strings.
numAD
The number of the associated strings.
pSIV
Pointer to the synthetic initialization vector.
Description
The
AES_SIVDecrypt
function accepts authentication and confidentiality keys of length
keyLen
each, a vector
AD
[] of associated data (strings), 16-byte synthetic initialization vector (
*pSIV
), and ciphertext (
*pSrc
) of an arbitrary length
len
. The output of the function is the decrypted plaintext (
*pDst
) of the same length as the ciphertext and the result of plaintext authentication (
*pAuthPassed
).
The computation includes the following steps:
  1. Decrypt the input ciphertext using the AES cipher in the CTR mode with the initial counter value (
    CTR0
    ) equal to the synthetic initialization vector (
    *pSIV
    ) xored with a fixed mask.
  2. Re-compute the synthetic initialization vector using the input data
    AD
    [] and the computed plaintext.
If the input and re-computed values of SIV are the same, the plaintext authentication is considered passed (
*pAuthPassed
= 1), otherwise, the plaintext authentication is considered failed (
*pAuthPassed
= 0).
Return Values
ippStsNoErr
Indicates no error. Any other value indicates an error or warning.
ippStsNullPtrErr
Indicates an error condition if any of the specified pointers is
NULL
or a pointer
AD
[
i
] to any individual string is
NULL
while the length
ADlen
[
i
] is non-zero.
ippStsLengthErr
Indicates an error condition that occurs because of one of the following:
  • The
    keyLen
    parameter is different from 16, 24, and 32
  • The number of the strings
    numAD
    in the
    AD
    array is negative or greater than 127
  • The length
    ADlen
    [
    i
    ] of any individual input string is negative
  • The
    len
    parameter is negative

Product and Performance Information

1

Intel's compilers may or may not optimize to the same degree for non-Intel microprocessors for optimizations that are not unique to Intel microprocessors. These optimizations include SSE2, SSE3, and SSSE3 instruction sets and other optimizations. Intel does not guarantee the availability, functionality, or effectiveness of any optimization on microprocessors not manufactured by Intel. Microprocessor-dependent optimizations in this product are intended for use with Intel microprocessors. Certain optimizations not specific to Intel microarchitecture are reserved for Intel microprocessors. Please refer to the applicable product User and Reference Guides for more information regarding the specific instruction sets covered by this notice.

Notice revision #20110804