PsaAeadEncrypt

Process an authenticated encryption operation. Opcode: 17 (0x0011)

Parameters

NameTypeDescription
key_nameStringName of the key to use for the operation
algAeadThe AEAD algorithm to compute
nonceVector of unsigned bytesNonce or IV to use
additional_dataVector of unsigned bytesAdditional data that will be authenticated but not encrypted
plaintextVector of unsigned bytesData that will be authenticated and encrypted
  • key_name must allow the usage flag encrypt.
  • nonce must be appropriate for the selected algorithm.

Results

NameTypeDescription
ciphertextVector of unsigned bytesBuffer containing the authenticated and encrypted data
  • The additional data is not part of ciphertext. For algorithms where the encrypted data and the authentication tag are defined as separate outputs, the authentication tag is appended to the encrypted data.

Specific response status codes

  • PsaErrorNotPermitted: The key does not have the encrypt flag, or it does not permit the requested algorithm.
  • PsaErrorInvalidArgument: The key is not compatible with alg.
  • PsaErrorNotSupported: alg is not supported.

Description

Authenticates and encrypts the given data using the given AEAD algorithm.

Contract

Protobuf

Copyright 2020 Contributors to the Parsec project.