Doug Anson / mbedTLSLibrary

mbed TLS library

Dependents:   HTTPClient-SSL WS_SERVER

include/polarssl/ccm.h@0:137634ff4186, 2015-06-11 (annotated)

Committer:
ansond
Date:
Thu Jun 11 03:27:03 2015 +0000
Revision:
0:137634ff4186
initial commit

Who changed what in which revision?

UserRevisionLine numberNew contents of line
ansond 0:137634ff4186 1 /**
ansond 0:137634ff4186 2 * \file ccm.h
ansond 0:137634ff4186 3 *
ansond 0:137634ff4186 4 * \brief Counter with CBC-MAC (CCM) for 128-bit block ciphers
ansond 0:137634ff4186 5 *
ansond 0:137634ff4186 6 * Copyright (C) 2014, ARM Limited, All Rights Reserved
ansond 0:137634ff4186 7 *
ansond 0:137634ff4186 8 * This file is part of mbed TLS (https://tls.mbed.org)
ansond 0:137634ff4186 9 *
ansond 0:137634ff4186 10 * This program is free software; you can redistribute it and/or modify
ansond 0:137634ff4186 11 * it under the terms of the GNU General Public License as published by
ansond 0:137634ff4186 12 * the Free Software Foundation; either version 2 of the License, or
ansond 0:137634ff4186 13 * (at your option) any later version.
ansond 0:137634ff4186 14 *
ansond 0:137634ff4186 15 * This program is distributed in the hope that it will be useful,
ansond 0:137634ff4186 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
ansond 0:137634ff4186 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
ansond 0:137634ff4186 18 * GNU General Public License for more details.
ansond 0:137634ff4186 19 *
ansond 0:137634ff4186 20 * You should have received a copy of the GNU General Public License along
ansond 0:137634ff4186 21 * with this program; if not, write to the Free Software Foundation, Inc.,
ansond 0:137634ff4186 22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
ansond 0:137634ff4186 23 */
ansond 0:137634ff4186 24 #ifndef POLARSSL_CCM_H
ansond 0:137634ff4186 25 #define POLARSSL_CCM_H
ansond 0:137634ff4186 26
ansond 0:137634ff4186 27 #include "cipher.h"
ansond 0:137634ff4186 28
ansond 0:137634ff4186 29 #define POLARSSL_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */
ansond 0:137634ff4186 30 #define POLARSSL_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
ansond 0:137634ff4186 31
ansond 0:137634ff4186 32 #ifdef __cplusplus
ansond 0:137634ff4186 33 extern "C" {
ansond 0:137634ff4186 34 #endif
ansond 0:137634ff4186 35
ansond 0:137634ff4186 36 /**
ansond 0:137634ff4186 37 * \brief CCM context structure
ansond 0:137634ff4186 38 */
ansond 0:137634ff4186 39 typedef struct {
ansond 0:137634ff4186 40 cipher_context_t cipher_ctx; /*!< cipher context used */
ansond 0:137634ff4186 41 }
ansond 0:137634ff4186 42 ccm_context;
ansond 0:137634ff4186 43
ansond 0:137634ff4186 44 /**
ansond 0:137634ff4186 45 * \brief CCM initialization (encryption and decryption)
ansond 0:137634ff4186 46 *
ansond 0:137634ff4186 47 * \param ctx CCM context to be initialized
ansond 0:137634ff4186 48 * \param cipher cipher to use (a 128-bit block cipher)
ansond 0:137634ff4186 49 * \param key encryption key
ansond 0:137634ff4186 50 * \param keysize key size in bits (must be acceptable by the cipher)
ansond 0:137634ff4186 51 *
ansond 0:137634ff4186 52 * \return 0 if successful, or a cipher specific error code
ansond 0:137634ff4186 53 */
ansond 0:137634ff4186 54 int ccm_init( ccm_context *ctx, cipher_id_t cipher,
ansond 0:137634ff4186 55 const unsigned char *key, unsigned int keysize );
ansond 0:137634ff4186 56
ansond 0:137634ff4186 57 /**
ansond 0:137634ff4186 58 * \brief Free a CCM context and underlying cipher sub-context
ansond 0:137634ff4186 59 *
ansond 0:137634ff4186 60 * \param ctx CCM context to free
ansond 0:137634ff4186 61 */
ansond 0:137634ff4186 62 void ccm_free( ccm_context *ctx );
ansond 0:137634ff4186 63
ansond 0:137634ff4186 64 /**
ansond 0:137634ff4186 65 * \brief CCM buffer encryption
ansond 0:137634ff4186 66 *
ansond 0:137634ff4186 67 * \param ctx CCM context
ansond 0:137634ff4186 68 * \param length length of the input data in bytes
ansond 0:137634ff4186 69 * \param iv nonce (initialization vector)
ansond 0:137634ff4186 70 * \param iv_len length of IV in bytes
ansond 0:137634ff4186 71 * must be 2, 3, 4, 5, 6, 7 or 8
ansond 0:137634ff4186 72 * \param add additional data
ansond 0:137634ff4186 73 * \param add_len length of additional data in bytes
ansond 0:137634ff4186 74 * must be less than 2^16 - 2^8
ansond 0:137634ff4186 75 * \param input buffer holding the input data
ansond 0:137634ff4186 76 * \param output buffer for holding the output data
ansond 0:137634ff4186 77 * must be at least 'length' bytes wide
ansond 0:137634ff4186 78 * \param tag buffer for holding the tag
ansond 0:137634ff4186 79 * \param tag_len length of the tag to generate in bytes
ansond 0:137634ff4186 80 * must be 4, 6, 8, 10, 14 or 16
ansond 0:137634ff4186 81 *
ansond 0:137634ff4186 82 * \note The tag is written to a separate buffer. To get the tag
ansond 0:137634ff4186 83 * concatenated with the output as in the CCM spec, use
ansond 0:137634ff4186 84 * tag = output + length and make sure the output buffer is
ansond 0:137634ff4186 85 * at least length + tag_len wide.
ansond 0:137634ff4186 86 *
ansond 0:137634ff4186 87 * \return 0 if successful
ansond 0:137634ff4186 88 */
ansond 0:137634ff4186 89 int ccm_encrypt_and_tag( ccm_context *ctx, size_t length,
ansond 0:137634ff4186 90 const unsigned char *iv, size_t iv_len,
ansond 0:137634ff4186 91 const unsigned char *add, size_t add_len,
ansond 0:137634ff4186 92 const unsigned char *input, unsigned char *output,
ansond 0:137634ff4186 93 unsigned char *tag, size_t tag_len );
ansond 0:137634ff4186 94
ansond 0:137634ff4186 95 /**
ansond 0:137634ff4186 96 * \brief CCM buffer authenticated decryption
ansond 0:137634ff4186 97 *
ansond 0:137634ff4186 98 * \param ctx CCM context
ansond 0:137634ff4186 99 * \param length length of the input data
ansond 0:137634ff4186 100 * \param iv initialization vector
ansond 0:137634ff4186 101 * \param iv_len length of IV
ansond 0:137634ff4186 102 * \param add additional data
ansond 0:137634ff4186 103 * \param add_len length of additional data
ansond 0:137634ff4186 104 * \param input buffer holding the input data
ansond 0:137634ff4186 105 * \param output buffer for holding the output data
ansond 0:137634ff4186 106 * \param tag buffer holding the tag
ansond 0:137634ff4186 107 * \param tag_len length of the tag
ansond 0:137634ff4186 108 *
ansond 0:137634ff4186 109 * \return 0 if successful and authenticated,
ansond 0:137634ff4186 110 * POLARSSL_ERR_CCM_AUTH_FAILED if tag does not match
ansond 0:137634ff4186 111 */
ansond 0:137634ff4186 112 int ccm_auth_decrypt( ccm_context *ctx, size_t length,
ansond 0:137634ff4186 113 const unsigned char *iv, size_t iv_len,
ansond 0:137634ff4186 114 const unsigned char *add, size_t add_len,
ansond 0:137634ff4186 115 const unsigned char *input, unsigned char *output,
ansond 0:137634ff4186 116 const unsigned char *tag, size_t tag_len );
ansond 0:137634ff4186 117
ansond 0:137634ff4186 118 #if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
ansond 0:137634ff4186 119 /**
ansond 0:137634ff4186 120 * \brief Checkup routine
ansond 0:137634ff4186 121 *
ansond 0:137634ff4186 122 * \return 0 if successful, or 1 if the test failed
ansond 0:137634ff4186 123 */
ansond 0:137634ff4186 124 int ccm_self_test( int verbose );
ansond 0:137634ff4186 125 #endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */
ansond 0:137634ff4186 126
ansond 0:137634ff4186 127 #ifdef __cplusplus
ansond 0:137634ff4186 128 }
ansond 0:137634ff4186 129 #endif
ansond 0:137634ff4186 130
ansond 0:137634ff4186 131 #endif /* POLARSSL_CGM_H */
ansond 0:137634ff4186 132