Add some information about the multipart calling sequence
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
518fdb00e8
commit
8e8cdd150a
1 changed files with 11 additions and 0 deletions
|
@ -244,6 +244,11 @@ int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
|
|||
* (authenticated but not encrypted data) in a GCM
|
||||
* encryption or decryption operation.
|
||||
*
|
||||
* Call this function after mbedtls_gcm_starts() to pass
|
||||
* the associated data. If the associated data is empty,
|
||||
* you do not need to call this function. You may not
|
||||
* call this function after calling mbedtls_cipher_update().
|
||||
*
|
||||
* \note This function may only be called once per operation:
|
||||
* you must pass the whole associated data in a single
|
||||
* call. This limitation will be lifted in a future version
|
||||
|
@ -267,6 +272,12 @@ int mbedtls_gcm_update_ad( mbedtls_gcm_context *ctx,
|
|||
* \brief This function feeds an input buffer into an ongoing GCM
|
||||
* encryption or decryption operation.
|
||||
*
|
||||
* You may call this function zero, one or more times
|
||||
* to pass successive parts of the input: the plaintext to
|
||||
* encrypt, or the ciphertext (not including the tag) to
|
||||
* decrypt. After the last part of the input, call
|
||||
* mbedtls_gcm_finish().
|
||||
*
|
||||
* \note For decryption, the output buffer cannot be the same as
|
||||
* input buffer. If the buffers overlap, the output buffer
|
||||
* must trail at least 8 Bytes behind the input buffer.
|
||||
|
|
Loading…
Reference in a new issue