Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
ccm.h File Reference
CCM combines Counter mode encryption with CBC-MAC authentication for 128-bit block ciphers. More...
Go to the source code of this file.
Data Structures | |
struct | mbedtls_ccm_context |
The CCM context-type definition. More... | |
Functions | |
void | mbedtls_ccm_init (mbedtls_ccm_context *ctx) |
This function initializes the specified CCM context, to make references valid, and prepare the context for mbedtls_ccm_setkey() or mbedtls_ccm_free(). | |
int | mbedtls_ccm_setkey (mbedtls_ccm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key, unsigned int keybits) |
This function initializes the CCM context set in the ctx parameter and sets the encryption key. | |
void | mbedtls_ccm_free (mbedtls_ccm_context *ctx) |
This function releases and clears the specified CCM context and underlying cipher sub-context. | |
int | mbedtls_ccm_encrypt_and_tag (mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len) |
This function encrypts a buffer using CCM. | |
int | mbedtls_ccm_auth_decrypt (mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len) |
This function performs a CCM authenticated decryption of a buffer. | |
int | mbedtls_ccm_self_test (int verbose) |
The CCM checkup routine. |
Detailed Description
CCM combines Counter mode encryption with CBC-MAC authentication for 128-bit block ciphers.
Input to CCM includes the following elements:
- Payload - data that is both authenticated and encrypted.
- Associated data (Adata) - data that is authenticated but not encrypted, For example, a header.
- Nonce - A unique value that is assigned to the payload and the associated data.
Definition in file ccm.h.
Function Documentation
int mbedtls_ccm_auth_decrypt | ( | mbedtls_ccm_context * | ctx, |
size_t | length, | ||
const unsigned char * | iv, | ||
size_t | iv_len, | ||
const unsigned char * | add, | ||
size_t | add_len, | ||
const unsigned char * | input, | ||
unsigned char * | output, | ||
const unsigned char * | tag, | ||
size_t | tag_len | ||
) |
This function performs a CCM authenticated decryption of a buffer.
- Parameters:
-
ctx The CCM context to use for decryption. length The length of the input data in Bytes. iv Initialization vector. iv_len The length of the IV in Bytes: 7, 8, 9, 10, 11, 12, or 13. add The additional data field. add_len The length of additional data in Bytes. Must be less than 2^16 - 2^8. input The buffer holding the input data. output The buffer holding the output data. Must be at least length
Bytes wide.tag The buffer holding the tag. tag_len The length of the tag in Bytes. 4, 6, 8, 10, 12, 14 or 16.
- Returns:
- 0 if successful and authenticated, or MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
int mbedtls_ccm_encrypt_and_tag | ( | mbedtls_ccm_context * | ctx, |
size_t | length, | ||
const unsigned char * | iv, | ||
size_t | iv_len, | ||
const unsigned char * | add, | ||
size_t | add_len, | ||
const unsigned char * | input, | ||
unsigned char * | output, | ||
unsigned char * | tag, | ||
size_t | tag_len | ||
) |
This function encrypts a buffer using CCM.
- Parameters:
-
ctx The CCM context to use for encryption. length The length of the input data in Bytes. iv Initialization vector (nonce). iv_len The length of the IV in Bytes: 7, 8, 9, 10, 11, 12, or 13. add The additional data field. add_len The length of additional data in Bytes. Must be less than 2^16 - 2^8. input The buffer holding the input data. output The buffer holding the output data. Must be at least length
Bytes wide.tag The buffer holding the tag. tag_len The length of the tag to generate in Bytes: 4, 6, 8, 10, 12, 14 or 16.
- Note:
- The tag is written to a separate buffer. To concatenate the
tag
with theoutput
, as done in RFC-3610: Counter with CBC-MAC (CCM), usetag
=output
+length
, and make sure that the output buffer is at leastlength
+tag_len
wide.
- Returns:
0
on success.
void mbedtls_ccm_free | ( | mbedtls_ccm_context * | ctx ) |
void mbedtls_ccm_init | ( | mbedtls_ccm_context * | ctx ) |
This function initializes the specified CCM context, to make references valid, and prepare the context for mbedtls_ccm_setkey() or mbedtls_ccm_free().
- Parameters:
-
ctx The CCM context to initialize.
int mbedtls_ccm_self_test | ( | int | verbose ) |
int mbedtls_ccm_setkey | ( | mbedtls_ccm_context * | ctx, |
mbedtls_cipher_id_t | cipher, | ||
const unsigned char * | key, | ||
unsigned int | keybits | ||
) |
This function initializes the CCM context set in the ctx
parameter and sets the encryption key.
- Parameters:
-
ctx The CCM context to initialize. cipher The 128-bit block cipher to use. key The encryption key. keybits The key size in bits. This must be acceptable by the cipher.
- Returns:
0
on success, or a cipher-specific error code.
Generated on Tue Jul 12 2022 18:18:56 by
