Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
cmac.h
00001 /** 00002 * \file cmac.h 00003 * 00004 * \brief Cipher-based Message Authentication Code (CMAC) Mode for 00005 * Authentication 00006 * 00007 * Copyright (C) 2015-2016, ARM Limited, All Rights Reserved 00008 * SPDX-License-Identifier: Apache-2.0 00009 * 00010 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00011 * not use this file except in compliance with the License. 00012 * You may obtain a copy of the License at 00013 * 00014 * http://www.apache.org/licenses/LICENSE-2.0 00015 * 00016 * Unless required by applicable law or agreed to in writing, software 00017 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00018 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00019 * See the License for the specific language governing permissions and 00020 * limitations under the License. 00021 * 00022 * This file is part of mbed TLS (https://tls.mbed.org) 00023 */ 00024 #ifndef MBEDTLS_CMAC_H 00025 #define MBEDTLS_CMAC_H 00026 00027 #include "mbedtls/cipher.h" 00028 00029 #ifdef __cplusplus 00030 extern "C" { 00031 #endif 00032 00033 #define MBEDTLS_AES_BLOCK_SIZE 16 00034 #define MBEDTLS_DES3_BLOCK_SIZE 8 00035 00036 #if defined(MBEDTLS_AES_C) 00037 #define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /* longest used by CMAC is AES */ 00038 #else 00039 #define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /* longest used by CMAC is 3DES */ 00040 #endif 00041 00042 /** 00043 * CMAC context structure - Contains internal state information only 00044 */ 00045 struct mbedtls_cmac_context_t 00046 { 00047 /** Internal state of the CMAC algorithm */ 00048 unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX]; 00049 00050 /** Unprocessed data - either data that was not block aligned and is still 00051 * pending to be processed, or the final block */ 00052 unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX]; 00053 00054 /** Length of data pending to be processed */ 00055 size_t unprocessed_len; 00056 }; 00057 00058 /** 00059 * \brief Set the CMAC key and prepare to authenticate the input 00060 * data. 00061 * Should be called with an initialized cipher context. 00062 * 00063 * \param ctx Cipher context. This should be a cipher context, 00064 * initialized to be one of the following types: 00065 * MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB, 00066 * MBEDTLS_CIPHER_AES_256_ECB or 00067 * MBEDTLS_CIPHER_DES_EDE3_ECB. 00068 * \param key CMAC key 00069 * \param keybits length of the CMAC key in bits 00070 * (must be acceptable by the cipher) 00071 * 00072 * \return 0 if successful, or a cipher specific error code 00073 */ 00074 int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, 00075 const unsigned char *key, size_t keybits ); 00076 00077 /** 00078 * \brief Generic CMAC process buffer. 00079 * Called between mbedtls_cipher_cmac_starts() or 00080 * mbedtls_cipher_cmac_reset() and 00081 * mbedtls_cipher_cmac_finish(). 00082 * May be called repeatedly. 00083 * 00084 * \param ctx CMAC context 00085 * \param input buffer holding the data 00086 * \param ilen length of the input data 00087 * 00088 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter 00089 * verification fails. 00090 */ 00091 int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, 00092 const unsigned char *input, size_t ilen ); 00093 00094 /** 00095 * \brief Output CMAC. 00096 * Called after mbedtls_cipher_cmac_update(). 00097 * Usually followed by mbedtls_cipher_cmac_reset(), then 00098 * mbedtls_cipher_cmac_starts(), or mbedtls_cipher_free(). 00099 * 00100 * \param ctx CMAC context 00101 * \param output Generic CMAC checksum result 00102 * 00103 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter 00104 * verification fails. 00105 */ 00106 int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, 00107 unsigned char *output ); 00108 00109 /** 00110 * \brief Prepare to authenticate a new message with the same key. 00111 * Called after mbedtls_cipher_cmac_finish() and before 00112 * mbedtls_cipher_cmac_update(). 00113 * 00114 * \param ctx CMAC context to be reset 00115 * 00116 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter 00117 * verification fails. 00118 */ 00119 int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); 00120 00121 /** 00122 * \brief Output = Generic_CMAC( cmac key, input buffer ) 00123 * 00124 * \param cipher_info message digest info 00125 * \param key CMAC key 00126 * \param keylen length of the CMAC key in bits 00127 * \param input buffer holding the data 00128 * \param ilen length of the input data 00129 * \param output Generic CMAC-result 00130 * 00131 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter 00132 * verification fails. 00133 */ 00134 int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, 00135 const unsigned char *key, size_t keylen, 00136 const unsigned char *input, size_t ilen, 00137 unsigned char *output ); 00138 00139 #if defined(MBEDTLS_AES_C) 00140 /** 00141 * \brief AES-CMAC-128-PRF 00142 * Implementation of (AES-CMAC-PRF-128), as defined in RFC 4615 00143 * 00144 * \param key PRF key 00145 * \param key_len PRF key length in bytes 00146 * \param input buffer holding the input data 00147 * \param in_len length of the input data in bytes 00148 * \param output buffer holding the generated pseudorandom output (16 bytes) 00149 * 00150 * \return 0 if successful 00151 */ 00152 int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, 00153 const unsigned char *input, size_t in_len, 00154 unsigned char output[16] ); 00155 #endif /* MBEDTLS_AES_C */ 00156 00157 #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) ) 00158 /** 00159 * \brief Checkup routine 00160 * 00161 * \return 0 if successful, or 1 if the test failed 00162 */ 00163 int mbedtls_cmac_self_test( int verbose ); 00164 #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ 00165 00166 #ifdef __cplusplus 00167 } 00168 #endif 00169 00170 #endif /* MBEDTLS_CMAC_H */
Generated on Tue Jul 12 2022 11:57:43 by
 1.7.2
 1.7.2