Encryption/decryption module#
The Encryption/decryption module provides encryption/decryption functions.
One can differentiate between symmetric and asymmetric algorithms; the symmetric ones are mostly used for message confidentiality and the asymmetric ones for key exchange and message integrity. Some symmetric algorithms provide different block cipher modes, mainly Electronic Code Book (ECB) which is used for short (64-bit) messages and Cipher Block Chaining (CBC) which provides the structure needed for longer messages. In addition the Cipher Feedback Mode (CFB-128) stream cipher mode, Counter mode (CTR) and Galois Counter Mode (GCM) are implemented for specific algorithms.
All symmetric encryption algorithms are accessible via the generic cipher layer (see mbedtls_cipher_setup()
).
The asymmetric encryptrion algorithms are accessible via the generic public key layer (see mbedtls_pk_init()
).
The following algorithms are provided:
Symmetric:
AES (see
mbedtls_aes_crypt_ecb()
,mbedtls_aes_crypt_cbc()
,mbedtls_aes_crypt_cfb128()
andmbedtls_aes_crypt_ctr()
).Camellia (see
mbedtls_camellia_crypt_ecb()
,mbedtls_camellia_crypt_cbc()
,mbedtls_camellia_crypt_cfb128()
andmbedtls_camellia_crypt_ctr()
).DES/3DES (see
mbedtls_des_crypt_ecb()
,mbedtls_des_crypt_cbc()
,mbedtls_des3_crypt_ecb()
andmbedtls_des3_crypt_cbc()
).GCM (AES-GCM and CAMELLIA-GCM) (see
mbedtls_gcm_init()
)
Asymmetric:
Diffie-Hellman-Merkle (see
mbedtls_dhm_read_public()
,mbedtls_dhm_make_public()
andmbedtls_dhm_calc_secret()
).RSA (see
mbedtls_rsa_public()
andmbedtls_rsa_private()
).Elliptic Curves over GF(p) (see
mbedtls_ecp_point_init()
).Elliptic Curve Digital Signature Algorithm (ECDSA) (see
mbedtls_ecdsa_init()
).Elliptic Curve Diffie Hellman (ECDH) (see
mbedtls_ecdh_init()
).
This module provides encryption/decryption which can be used to provide secrecy.
It also provides asymmetric key functions which can be used for confidentiality, integrity, authentication and non-repudiation.