mbed TLS library
Dependents: HTTPClient-SSL WS_SERVER
include/polarssl/ccm.h@0:137634ff4186, 2015-06-11 (annotated)
- Committer:
- ansond
- Date:
- Thu Jun 11 03:27:03 2015 +0000
- Revision:
- 0:137634ff4186
initial commit
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
ansond | 0:137634ff4186 | 1 | /** |
ansond | 0:137634ff4186 | 2 | * \file ccm.h |
ansond | 0:137634ff4186 | 3 | * |
ansond | 0:137634ff4186 | 4 | * \brief Counter with CBC-MAC (CCM) for 128-bit block ciphers |
ansond | 0:137634ff4186 | 5 | * |
ansond | 0:137634ff4186 | 6 | * Copyright (C) 2014, ARM Limited, All Rights Reserved |
ansond | 0:137634ff4186 | 7 | * |
ansond | 0:137634ff4186 | 8 | * This file is part of mbed TLS (https://tls.mbed.org) |
ansond | 0:137634ff4186 | 9 | * |
ansond | 0:137634ff4186 | 10 | * This program is free software; you can redistribute it and/or modify |
ansond | 0:137634ff4186 | 11 | * it under the terms of the GNU General Public License as published by |
ansond | 0:137634ff4186 | 12 | * the Free Software Foundation; either version 2 of the License, or |
ansond | 0:137634ff4186 | 13 | * (at your option) any later version. |
ansond | 0:137634ff4186 | 14 | * |
ansond | 0:137634ff4186 | 15 | * This program is distributed in the hope that it will be useful, |
ansond | 0:137634ff4186 | 16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
ansond | 0:137634ff4186 | 17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
ansond | 0:137634ff4186 | 18 | * GNU General Public License for more details. |
ansond | 0:137634ff4186 | 19 | * |
ansond | 0:137634ff4186 | 20 | * You should have received a copy of the GNU General Public License along |
ansond | 0:137634ff4186 | 21 | * with this program; if not, write to the Free Software Foundation, Inc., |
ansond | 0:137634ff4186 | 22 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
ansond | 0:137634ff4186 | 23 | */ |
ansond | 0:137634ff4186 | 24 | #ifndef POLARSSL_CCM_H |
ansond | 0:137634ff4186 | 25 | #define POLARSSL_CCM_H |
ansond | 0:137634ff4186 | 26 | |
ansond | 0:137634ff4186 | 27 | #include "cipher.h" |
ansond | 0:137634ff4186 | 28 | |
ansond | 0:137634ff4186 | 29 | #define POLARSSL_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */ |
ansond | 0:137634ff4186 | 30 | #define POLARSSL_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ |
ansond | 0:137634ff4186 | 31 | |
ansond | 0:137634ff4186 | 32 | #ifdef __cplusplus |
ansond | 0:137634ff4186 | 33 | extern "C" { |
ansond | 0:137634ff4186 | 34 | #endif |
ansond | 0:137634ff4186 | 35 | |
ansond | 0:137634ff4186 | 36 | /** |
ansond | 0:137634ff4186 | 37 | * \brief CCM context structure |
ansond | 0:137634ff4186 | 38 | */ |
ansond | 0:137634ff4186 | 39 | typedef struct { |
ansond | 0:137634ff4186 | 40 | cipher_context_t cipher_ctx; /*!< cipher context used */ |
ansond | 0:137634ff4186 | 41 | } |
ansond | 0:137634ff4186 | 42 | ccm_context; |
ansond | 0:137634ff4186 | 43 | |
ansond | 0:137634ff4186 | 44 | /** |
ansond | 0:137634ff4186 | 45 | * \brief CCM initialization (encryption and decryption) |
ansond | 0:137634ff4186 | 46 | * |
ansond | 0:137634ff4186 | 47 | * \param ctx CCM context to be initialized |
ansond | 0:137634ff4186 | 48 | * \param cipher cipher to use (a 128-bit block cipher) |
ansond | 0:137634ff4186 | 49 | * \param key encryption key |
ansond | 0:137634ff4186 | 50 | * \param keysize key size in bits (must be acceptable by the cipher) |
ansond | 0:137634ff4186 | 51 | * |
ansond | 0:137634ff4186 | 52 | * \return 0 if successful, or a cipher specific error code |
ansond | 0:137634ff4186 | 53 | */ |
ansond | 0:137634ff4186 | 54 | int ccm_init( ccm_context *ctx, cipher_id_t cipher, |
ansond | 0:137634ff4186 | 55 | const unsigned char *key, unsigned int keysize ); |
ansond | 0:137634ff4186 | 56 | |
ansond | 0:137634ff4186 | 57 | /** |
ansond | 0:137634ff4186 | 58 | * \brief Free a CCM context and underlying cipher sub-context |
ansond | 0:137634ff4186 | 59 | * |
ansond | 0:137634ff4186 | 60 | * \param ctx CCM context to free |
ansond | 0:137634ff4186 | 61 | */ |
ansond | 0:137634ff4186 | 62 | void ccm_free( ccm_context *ctx ); |
ansond | 0:137634ff4186 | 63 | |
ansond | 0:137634ff4186 | 64 | /** |
ansond | 0:137634ff4186 | 65 | * \brief CCM buffer encryption |
ansond | 0:137634ff4186 | 66 | * |
ansond | 0:137634ff4186 | 67 | * \param ctx CCM context |
ansond | 0:137634ff4186 | 68 | * \param length length of the input data in bytes |
ansond | 0:137634ff4186 | 69 | * \param iv nonce (initialization vector) |
ansond | 0:137634ff4186 | 70 | * \param iv_len length of IV in bytes |
ansond | 0:137634ff4186 | 71 | * must be 2, 3, 4, 5, 6, 7 or 8 |
ansond | 0:137634ff4186 | 72 | * \param add additional data |
ansond | 0:137634ff4186 | 73 | * \param add_len length of additional data in bytes |
ansond | 0:137634ff4186 | 74 | * must be less than 2^16 - 2^8 |
ansond | 0:137634ff4186 | 75 | * \param input buffer holding the input data |
ansond | 0:137634ff4186 | 76 | * \param output buffer for holding the output data |
ansond | 0:137634ff4186 | 77 | * must be at least 'length' bytes wide |
ansond | 0:137634ff4186 | 78 | * \param tag buffer for holding the tag |
ansond | 0:137634ff4186 | 79 | * \param tag_len length of the tag to generate in bytes |
ansond | 0:137634ff4186 | 80 | * must be 4, 6, 8, 10, 14 or 16 |
ansond | 0:137634ff4186 | 81 | * |
ansond | 0:137634ff4186 | 82 | * \note The tag is written to a separate buffer. To get the tag |
ansond | 0:137634ff4186 | 83 | * concatenated with the output as in the CCM spec, use |
ansond | 0:137634ff4186 | 84 | * tag = output + length and make sure the output buffer is |
ansond | 0:137634ff4186 | 85 | * at least length + tag_len wide. |
ansond | 0:137634ff4186 | 86 | * |
ansond | 0:137634ff4186 | 87 | * \return 0 if successful |
ansond | 0:137634ff4186 | 88 | */ |
ansond | 0:137634ff4186 | 89 | int ccm_encrypt_and_tag( ccm_context *ctx, size_t length, |
ansond | 0:137634ff4186 | 90 | const unsigned char *iv, size_t iv_len, |
ansond | 0:137634ff4186 | 91 | const unsigned char *add, size_t add_len, |
ansond | 0:137634ff4186 | 92 | const unsigned char *input, unsigned char *output, |
ansond | 0:137634ff4186 | 93 | unsigned char *tag, size_t tag_len ); |
ansond | 0:137634ff4186 | 94 | |
ansond | 0:137634ff4186 | 95 | /** |
ansond | 0:137634ff4186 | 96 | * \brief CCM buffer authenticated decryption |
ansond | 0:137634ff4186 | 97 | * |
ansond | 0:137634ff4186 | 98 | * \param ctx CCM context |
ansond | 0:137634ff4186 | 99 | * \param length length of the input data |
ansond | 0:137634ff4186 | 100 | * \param iv initialization vector |
ansond | 0:137634ff4186 | 101 | * \param iv_len length of IV |
ansond | 0:137634ff4186 | 102 | * \param add additional data |
ansond | 0:137634ff4186 | 103 | * \param add_len length of additional data |
ansond | 0:137634ff4186 | 104 | * \param input buffer holding the input data |
ansond | 0:137634ff4186 | 105 | * \param output buffer for holding the output data |
ansond | 0:137634ff4186 | 106 | * \param tag buffer holding the tag |
ansond | 0:137634ff4186 | 107 | * \param tag_len length of the tag |
ansond | 0:137634ff4186 | 108 | * |
ansond | 0:137634ff4186 | 109 | * \return 0 if successful and authenticated, |
ansond | 0:137634ff4186 | 110 | * POLARSSL_ERR_CCM_AUTH_FAILED if tag does not match |
ansond | 0:137634ff4186 | 111 | */ |
ansond | 0:137634ff4186 | 112 | int ccm_auth_decrypt( ccm_context *ctx, size_t length, |
ansond | 0:137634ff4186 | 113 | const unsigned char *iv, size_t iv_len, |
ansond | 0:137634ff4186 | 114 | const unsigned char *add, size_t add_len, |
ansond | 0:137634ff4186 | 115 | const unsigned char *input, unsigned char *output, |
ansond | 0:137634ff4186 | 116 | const unsigned char *tag, size_t tag_len ); |
ansond | 0:137634ff4186 | 117 | |
ansond | 0:137634ff4186 | 118 | #if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) |
ansond | 0:137634ff4186 | 119 | /** |
ansond | 0:137634ff4186 | 120 | * \brief Checkup routine |
ansond | 0:137634ff4186 | 121 | * |
ansond | 0:137634ff4186 | 122 | * \return 0 if successful, or 1 if the test failed |
ansond | 0:137634ff4186 | 123 | */ |
ansond | 0:137634ff4186 | 124 | int ccm_self_test( int verbose ); |
ansond | 0:137634ff4186 | 125 | #endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ |
ansond | 0:137634ff4186 | 126 | |
ansond | 0:137634ff4186 | 127 | #ifdef __cplusplus |
ansond | 0:137634ff4186 | 128 | } |
ansond | 0:137634ff4186 | 129 | #endif |
ansond | 0:137634ff4186 | 130 | |
ansond | 0:137634ff4186 | 131 | #endif /* POLARSSL_CGM_H */ |
ansond | 0:137634ff4186 | 132 |