Arcola / mbedtls

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Fork of mbedtls by Mark Radbourne

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers cmac.h Source File

cmac.h

Go to the documentation of this file.
00001 /**
00002  * \file cmac.h
00003  *
00004  * \brief Cipher-based Message Authentication Code (CMAC) Mode for
00005  *        Authentication
00006  *
00007  *  Copyright (C) 2015-2016, ARM Limited, All Rights Reserved
00008  *  SPDX-License-Identifier: Apache-2.0
00009  *
00010  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
00011  *  not use this file except in compliance with the License.
00012  *  You may obtain a copy of the License at
00013  *
00014  *  http://www.apache.org/licenses/LICENSE-2.0
00015  *
00016  *  Unless required by applicable law or agreed to in writing, software
00017  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
00018  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00019  *  See the License for the specific language governing permissions and
00020  *  limitations under the License.
00021  *
00022  *  This file is part of mbed TLS (https://tls.mbed.org)
00023  */
00024 #ifndef MBEDTLS_CMAC_H
00025 #define MBEDTLS_CMAC_H
00026 
00027 #include "mbedtls/cipher.h"
00028 
00029 #ifdef __cplusplus
00030 extern "C" {
00031 #endif
00032 
00033 #define MBEDTLS_AES_BLOCK_SIZE          16
00034 #define MBEDTLS_DES3_BLOCK_SIZE         8
00035 
00036 #if defined(MBEDTLS_AES_C)
00037 #define MBEDTLS_CIPHER_BLKSIZE_MAX      16  /* longest used by CMAC is AES */
00038 #else
00039 #define MBEDTLS_CIPHER_BLKSIZE_MAX      8   /* longest used by CMAC is 3DES */
00040 #endif
00041 
00042 /**
00043  * CMAC context structure - Contains internal state information only
00044  */
00045 struct mbedtls_cmac_context_t
00046 {
00047     /** Internal state of the CMAC algorithm  */
00048     unsigned char       state[MBEDTLS_CIPHER_BLKSIZE_MAX];
00049 
00050     /** Unprocessed data - either data that was not block aligned and is still
00051      *  pending to be processed, or the final block */
00052     unsigned char       unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
00053 
00054     /** Length of data pending to be processed */
00055     size_t              unprocessed_len;
00056 };
00057 
00058 /**
00059  * \brief               Set the CMAC key and prepare to authenticate the input
00060  *                      data.
00061  *                      Should be called with an initialized cipher context.
00062  *
00063  * \param ctx           Cipher context. This should be a cipher context,
00064  *                      initialized to be one of the following types:
00065  *                      MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB,
00066  *                      MBEDTLS_CIPHER_AES_256_ECB or
00067  *                      MBEDTLS_CIPHER_DES_EDE3_ECB.
00068  * \param key           CMAC key
00069  * \param keybits       length of the CMAC key in bits
00070  *                      (must be acceptable by the cipher)
00071  *
00072  * \return              0 if successful, or a cipher specific error code
00073  */
00074 int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
00075                                 const unsigned char *key, size_t keybits );
00076 
00077 /**
00078  * \brief               Generic CMAC process buffer.
00079  *                      Called between mbedtls_cipher_cmac_starts() or
00080  *                      mbedtls_cipher_cmac_reset() and
00081  *                      mbedtls_cipher_cmac_finish().
00082  *                      May be called repeatedly.
00083  *
00084  * \param ctx           CMAC context
00085  * \param input         buffer holding the  data
00086  * \param ilen          length of the input data
00087  *
00088  * \returns             0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
00089  *                      verification fails.
00090  */
00091 int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
00092                                 const unsigned char *input, size_t ilen );
00093 
00094 /**
00095  * \brief               Output CMAC.
00096  *                      Called after mbedtls_cipher_cmac_update().
00097  *                      Usually followed by mbedtls_cipher_cmac_reset(), then
00098  *                      mbedtls_cipher_cmac_starts(), or mbedtls_cipher_free().
00099  *
00100  * \param ctx           CMAC context
00101  * \param output        Generic CMAC checksum result
00102  *
00103  * \returns             0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
00104  *                      verification fails.
00105  */
00106 int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
00107                                 unsigned char *output );
00108 
00109 /**
00110  * \brief               Prepare to authenticate a new message with the same key.
00111  *                      Called after mbedtls_cipher_cmac_finish() and before
00112  *                      mbedtls_cipher_cmac_update().
00113  *
00114  * \param ctx           CMAC context to be reset
00115  *
00116  * \returns             0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
00117  *                      verification fails.
00118  */
00119 int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
00120 
00121 /**
00122  * \brief               Output = Generic_CMAC( cmac key, input buffer )
00123  *
00124  * \param cipher_info   message digest info
00125  * \param key           CMAC key
00126  * \param keylen        length of the CMAC key in bits
00127  * \param input         buffer holding the  data
00128  * \param ilen          length of the input data
00129  * \param output        Generic CMAC-result
00130  *
00131  * \returns             0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
00132  *                      verification fails.
00133  */
00134 int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
00135                          const unsigned char *key, size_t keylen,
00136                          const unsigned char *input, size_t ilen,
00137                          unsigned char *output );
00138 
00139 #if defined(MBEDTLS_AES_C)
00140 /**
00141  * \brief           AES-CMAC-128-PRF
00142  *                  Implementation of (AES-CMAC-PRF-128), as defined in RFC 4615
00143  *
00144  * \param key       PRF key
00145  * \param key_len   PRF key length in bytes
00146  * \param input     buffer holding the input data
00147  * \param in_len    length of the input data in bytes
00148  * \param output    buffer holding the generated pseudorandom output (16 bytes)
00149  *
00150  * \return          0 if successful
00151  */
00152 int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
00153                               const unsigned char *input, size_t in_len,
00154                               unsigned char output[16] );
00155 #endif /* MBEDTLS_AES_C */
00156 
00157 #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
00158 /**
00159  * \brief          Checkup routine
00160  *
00161  * \return         0 if successful, or 1 if the test failed
00162  */
00163 int mbedtls_cmac_self_test( int verbose );
00164 #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
00165 
00166 #ifdef __cplusplus
00167 }
00168 #endif
00169 
00170 #endif /* MBEDTLS_CMAC_H */
Generated on Tue Jul 12 2022 17:25:41 by  doxygen 1.7.2