Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Symmetric Algorithm Operation APIs

This section describes the functions and specification restrictions of symmetric algorithm operation APIs.

Symmetric algorithm operation APIs comply with GM/T 0018-2012 and GM/T 0018-2023 (link). For details about the API parameters and return values, see GM/T 0018-2012 and GM/T 0018-2023. For details about the algorithm identifier description, see GM/T 0006-2012.

puiEncDataLength in SDF_Encrypt is greater than or equal to the input plaintext length. puiDataLength in SDF_Decrypt is greater than or equal to the input ciphertext length.

int SDF_Encrypt(void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucIV, unsigned char *pucData, unsigned int uiDataLength, unsigned char *pucEncData, unsigned int *puiEncDataLength);
int SDF_Decrypt(void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucIV, unsigned char *pucEncData, unsigned int uiEncDataLength, unsigned char *pucData, unsigned int *puiDataLength);
int SDF_CalculateMAC(void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucIV, unsigned char *pucData, unsigned int uiDataLength, unsigned char *pucMAC, unsigned int *puiMACLength);

The single-packet authenticated encryption and decryption APIs are implemented in compliance with GM/T 0018-2023. The data type is the same as that in the 2012 version, that is, unsigned integer.

puiEncDataLength in SDF_AuthEnc is greater than or equal to the input plaintext length. puiDataLength in SDF_AuthDec is greater than or equal to the input ciphertext length.

int SDF_AuthEnc(void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucStartVar, unsigned int uiStartVarLength, unsigned char *pucAad, unsigned int uiAadLength, unsigned char *pucData, unsigned int uiDataLength, unsigned char *pucEncData, unsigned int *puiEncDataLength, unsigned char *pucAuthData, unsigned int *uiAuthDataLength);
int SDF_AuthDec(void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucStartVar, unsigned int uiStartVarLength, unsigned char *pucAad, unsigned int uiAadLength, unsigned char *pucAuthData, unsigned int *puiAuthDataLength, unsigned char *pucEncData, unsigned int uiEncDataLength, unsigned char *pucData, unsigned int *puiDataLength);

The multi-packet authenticated encryption and decryption APIs are implemented in compliance with GM/T 0018-2023.

int SDF_AuthEncInit(void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucStartVar,
unsigned int uiStartVarLength, unsigned char *pucAad, unsigned int uiAadLength, unsigned int uiDataLength);
int SDF_AuthEncUpdate(void *hSessionHandle, unsigned char *pucData, unsigned int uiDataLength,
unsigned char *putEncData, unsigned int *puiEncDataLength);
int SDF_AuthEncFinal(void *hSessionHandle, unsigned char *pucLastEncData, unsigned int *puiLastEncDataLength,
unsigned char *pucAuthData, unsigned int *puiAuthDataLength);
int SDF_AuthDecInit(void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucStartVar,
unsigned int uiStartVarLength, unsigned char *pucAad, unsigned int uiAadLength, unsigned char *pucAuthData,
unsigned int uiAuthDataLength, unsigned int uiDataLength);
int SDF_AuthDecUpdate(void *hSessionHandle, unsigned char *pucEncData, unsigned int uiEncDataLength,
unsigned char *pucData, unsigned int *puiDataLength);
int SDF_AuthDecFinal(void *hSessionHandle, unsigned char *pucLastData, unsigned int *puiLastDataLength);

The multi-packet encryption and decryption APIs are implemented in compliance with GM/T 0018-2023.

int SDF_EncryptInit(void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucIV,
unsigned int uiIVLength);
int SDF_EncryptUpdate(void *hSessionHandle, unsigned char *pucData, unsigned int uiDataLength,
unsigned char *pucEncData, unsigned int *puiEncDataLength);
int SDF_EncryptFinal(void *hSessionHandle, unsigned char *pucLastEncData, unsigned int *puiLastEncDataLength);
int SDF_DecryptInit(void *hSessionHandle, void *hKeyHandle, unsigned int uiAlgID, unsigned char *pucIV,
unsigned int uiIVLength);
int SDF_DecryptUpdate(void *hSessionHandle, unsigned char *pucEncData, unsigned int uiEncDataLength,
unsigned char *pucData, unsigned int *puiDataLength);
int SDF_DecryptFinal(void *hSessionHandle, unsigned char *pucLastData, unsigned int *puiLastDataLength);

Specification Restrictions

  • The encryption and decryption APIs support only SGD_SM4_CBC and SGD_SM4_ECB.
  • The IV data length is fixed at 16 bytes.
  • The MAC calculation API supports only SGD_SM4_MAC and SGD_SM3_MAC.
  • The length of the MAC calculation result buffer must be greater than or equal to 32 bytes.
  • The single-packet authenticated encryption and decryption APIs support only SGD_SM4_GCM.
Parent topic: API Description