lcx_aes.h

Back to the files list

AES (Advanced Encryption Standard). More...

Functions
cx_err_t	cx_aes_init_key_no_throw (const uint8_t *rawkey, size_t key_len, cx_aes_key_t *key)
	Initializes an AES Key. More...
static int	cx_aes_init_key (const unsigned char *rawkey, unsigned int key_len, cx_aes_key_t *key)
	Initializes an AES Key. More...
cx_err_t	cx_aes_iv_no_throw (const cx_aes_key_t *key, uint32_t mode, const uint8_t *iv, size_t iv_len, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
	Encrypts, decrypts, signs or verifies data with AES algorithm. More...
static int	cx_aes_iv (const cx_aes_key_t *key, int mode, unsigned char *iv, unsigned int iv_len, const unsigned char *in, unsigned int in_len, unsigned char *out, unsigned int out_len)
	Encrypts, decrypts, signs or verifies data with AES algorithm. More...
cx_err_t	cx_aes_no_throw (const cx_aes_key_t *key, uint32_t mode, const uint8_t *in, size_t in_len, uint8_t *out, size_t *out_len)
	Encrypts, decrypts, signs or verifies data with AES algorithm. More...
static int	cx_aes (const cx_aes_key_t *key, int mode, const unsigned char *in, unsigned int in_len, unsigned char *out, unsigned int out_len)
	Encrypts, decrypts, signs or verifies data with AES algorithm. More...
cx_err_t	cx_aes_enc_block (const cx_aes_key_t *key, const uint8_t *inblock, uint8_t *outblock)
	Encrypts a 16-byte block using AES algorithm. More...
cx_err_t	cx_aes_dec_block (const cx_aes_key_t *key, const uint8_t *inblock, uint8_t *outblock)
	Decrypts a 16-byte block using AES algorithm. More...

Detailed Description

AES (Advanced Encryption Standard).

AES is an encryption standard based on Rijndael algorithm, a symmetric block cipher that can process data blocks of 128 bits. The key length is either 128, 192 or 256 bits.

Refer to FIPS 197 for more details.

Function Documentation

cx_aes()

static int cx_aes ( const cx_aes_key_t *  key, int  mode, const unsigned char *  in, unsigned int  in_len, unsigned char *  out, unsigned int  out_len  )

Encrypts, decrypts, signs or verifies data with AES algorithm.

Same as cx_aes_iv_no_throw with initial IV assumed to be sixteen zeros. This function throws an exception if the computation doesn't succeed.

Warning

It is recommended to use cx_aes_no_throw rather than this function.

Parameters

[in]	key	Pointer to the key initialized with cx_aes_init_key_no_throw.
[in]	mode	Crypto mode flags Supported flags: CX_LAST CX_ENCRYPT CX_DECRYPT CX_SIGN CX_VERIFY CX_PAD_NONE CX_PAD_ISO9797M1 CX_PAD_ISO9797M2 CX_CHAIN_ECB CX_CHAIN_CBC CX_CHAIN_CTR
[in]	in	Input data.
[in]	in_len	Length of the input data. If CX_LAST is set, padding is automatically done according to the mode. Otherwise, in_len shall be a multiple of AES_BLOCK_SIZE.
[out]	out	Output data according to the mode: encrypted/decrypted output data generated signature signature to be verified
[in]	out_len	Length of the output data.

Returns

Length of the output.

Exceptions

CX_INVALID_PARAMETER

INVALID_PARAMETER

cx_aes_dec_block()

cx_err_t cx_aes_dec_block	(	const cx_aes_key_t *	key,
		const uint8_t *	inblock,
		uint8_t *	outblock
)

Decrypts a 16-byte block using AES algorithm.

Parameters

[in]	key	Pointer to the AES key.
[in]	inblock	Ciphertext block to decrypt.
[out]	outblock	Plaintext block.

Returns

Error code:

• CX_OK
• CX_INVALID_PARAMETER
• INVALID_PARAMETER

cx_aes_enc_block()

cx_err_t cx_aes_enc_block	(	const cx_aes_key_t *	key,
		const uint8_t *	inblock,
		uint8_t *	outblock
)

Encrypts a 16-byte block using AES algorithm.

Parameters

[in]	key	Pointer to the AES key.
[in]	inblock	Plaintext block to encrypt.
[out]	outblock	Ciphertext block.

Returns

Error code:

• CX_OK
• CX_INVALID_PARAMETER
• INVALID_PARAMETER

cx_aes_init_key()

static int cx_aes_init_key ( const unsigned char *  rawkey, unsigned int  key_len, cx_aes_key_t *  key  )

Initializes an AES Key.

Once initialized, the key can be stored in non-volatile memory and directly used for any AES processing. This function throws an exception if the initialization fails.

Warning

It is recommended to use cx_aes_init_key_no_throw rather than this function.

Parameters

[in]	rawkey	Pointer to the supplied key.
[in]	key_len	Length of the key: 16, 24 or 32 octets.
[out]	key	Pointer to the key structure. This must not be NULL.

Returns

Length of the key.

Exceptions

CX_INVALID_PARAMETER

cx_aes_init_key_no_throw()

cx_err_t cx_aes_init_key_no_throw	(	const uint8_t *	rawkey,
		size_t	key_len,
		cx_aes_key_t *	key
)

Initializes an AES Key.

Once initialized, the key can be stored in non-volatile memory and directly used for any AES processing.

Parameters

[in]	rawkey	Pointer to the supplied key.
[in]	key_len	Length of the key: 16, 24 or 32 octets.
[out]	key	Pointer to the key structure. This must not be NULL.

Returns

Error code:

• CX_OK on success
• CX_INVALID_PARAMETER

cx_aes_iv()

static int cx_aes_iv ( const cx_aes_key_t *  key, int  mode, unsigned char *  iv, unsigned int  iv_len, const unsigned char *  in, unsigned int  in_len, unsigned char *  out, unsigned int  out_len  )

Encrypts, decrypts, signs or verifies data with AES algorithm.

This function throws an exception if the computation doesn't succeed.

Warning

It is recommended to use cx_aes_iv_no_throw rather than this function.

Parameters

[in]	key	Pointer to the key initialized with cx_aes_init_key_no_throw.
[in]	mode	Crypto mode flags Supported flags: CX_LAST CX_ENCRYPT CX_DECRYPT CX_SIGN CX_VERIFY CX_PAD_NONE CX_PAD_ISO9797M1 CX_PAD_ISO9797M2 CX_CHAIN_ECB CX_CHAIN_CBC CX_CHAIN_CTR
[in]	iv	Initialization vector.
[in]	iv_len	Length of the initialization vector.
[in]	in	Input data.
[in]	in_len	Length of the input data. If CX_LAST is set, padding is automatically done according to the mode. Otherwise, in_len shall be a multiple of AES_BLOCK_SIZE.
[out]	out	Output data according to the mode: encrypted/decrypted output data generated signature signature to be verified
[in]	out_len	Length of the output data.

Returns

Length of the output.

Exceptions

CX_INVALID_PARAMETER

INVALID_PARAMETER

cx_aes_iv_no_throw()

cx_err_t cx_aes_iv_no_throw	(	const cx_aes_key_t *	key,
		uint32_t	mode,
		const uint8_t *	iv,
		size_t	iv_len,
		const uint8_t *	in,
		size_t	in_len,
		uint8_t *	out,
		size_t *	out_len
)

Encrypts, decrypts, signs or verifies data with AES algorithm.

Parameters

[in]	key	Pointer to the key initialized with cx_aes_init_key_no_throw.
[in]	mode	Crypto mode flags Supported flags: CX_LAST CX_ENCRYPT CX_DECRYPT CX_SIGN CX_VERIFY CX_PAD_NONE CX_PAD_ISO9797M1 CX_PAD_ISO9797M2 CX_CHAIN_ECB CX_CHAIN_CBC CX_CHAIN_CTR
[in]	iv	Initialization vector.
[in]	iv_len	Length of the initialization vector.
[in]	in	Input data.
[in]	in_len	Length of the input data. If CX_LAST is set, padding is automatically done according to the mode. Otherwise, in_len shall be a multiple of AES_BLOCK_SIZE.
[out]	out	Output data according to the mode: encrypted/decrypted output data generated signature signature to be verified
[in]	out_len	Length of the output data.

Returns

Error code:

• CX_OK on success
• CX_INVALID_PARAMETER
• INVALID_PARAMETER

cx_aes_no_throw()

cx_err_t cx_aes_no_throw	(	const cx_aes_key_t *	key,
		uint32_t	mode,
		const uint8_t *	in,
		size_t	in_len,
		uint8_t *	out,
		size_t *	out_len
)

Encrypts, decrypts, signs or verifies data with AES algorithm.

Same as cx_aes_iv_no_throw with initial IV assumed to be sixteen zeros.

Parameters

[in]	key	Pointer to the key initialized with cx_aes_init_key_no_throw.
[in]	mode	Crypto mode flags Supported flags: CX_LAST CX_ENCRYPT CX_DECRYPT CX_SIGN CX_VERIFY CX_PAD_NONE CX_PAD_ISO9797M1 CX_PAD_ISO9797M2 CX_CHAIN_ECB CX_CHAIN_CBC CX_CHAIN_CTR
[in]	in	Input data.
[in]	in_len	Length of the input data. If CX_LAST is set, padding is automatically done according to the mode. Otherwise, in_len shall be a multiple of AES_BLOCK_SIZE.
[out]	out	Output data according to the mode: encrypted/decrypted output data generated signature signature to be verified
[in]	out_len	Length of the output data.

Returns

Error code:

• CX_OK on success
• CX_INVALID_PARAMETER
• INVALID_PARAMETER

Back to the files list

---

Did you find this page helpful?

How would you improve this page for developers?

I am a developer.
Contributors will be chosen randomly to receive rewards. Check this box to send your email and participate.

Ledger collects your email address to send you rewards for your contribution to improve the Developer Portal documentation. Learn more about how we manage your data and your rights.

By providing your email address, you consent that Ledger may contact you for rewards delivery purposes. If you are part of the randomly selected contributors, we will send you an email to ask for your physical address and if necessary, ask you for additional information on the suggestion you made. Your information will only be available to Ledger and will be retained for no longer than 90 days. It may be transferred to non-European countries that ensure an adequate level of protection or under the standard contractual clauses adopted by the EU Commission.

Please note that you may withdraw your consent at any time, access your data and request their rectification or deletion. You may also request the limitation of the processing of your data. To exercise your rights or for any question on the processing of your data, please contact LEDGER’s Data Protection Officer here. If nevertheless you believe LEDGER did not adequately address your concerns and mishandled your data, you may lodge a complaint with the personal data protection authority of your country.