ccmLIB.h

00001 /*
00002  * Copyright (c) 2014-2017, Arm Limited and affiliates.
00003  * SPDX-License-Identifier: Apache-2.0
00004  *
00005  * Licensed under the Apache License, Version 2.0 (the "License");
00006  * you may not use this file except in compliance with the License.
00007  * You may obtain a copy of the License at
00008  *
00009  *     http://www.apache.org/licenses/LICENSE-2.0
00010  *
00011  * Unless required by applicable law or agreed to in writing, software
00012  * distributed under the License is distributed on an "AS IS" BASIS,
00013  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00014  * See the License for the specific language governing permissions and
00015  * limitations under the License.
00016  */
00017 #ifndef CCMLIB_H_
00018 #define CCMLIB_H_
00019 
00020 #include "ns_types.h"
00021 
00022 /**
00023  *
00024  * \file ccmLIB.h
00025  * \brief CCM Library API.
00026  *
00027  *  \section ccm-api CCM Library API:
00028  *  - ccm_sec_init(), A function to init CCM library.
00029  *  - ccm_process_run(), A function to run configured CCM process.
00030  *
00031  *  \section ccm-instruction CCM process sequence:
00032  *  1. Init CCM library by, ccm key, ccm_sec_init()
00033  *      - security level
00034  *      - 128-bit CCM key
00035  *      - mode: AES_CCM_ENCRYPT or AES_CCM_DECRYPT
00036  *      - CCM L parameter: 2 or 3 depending on the nonce length (802.15.4 use 2 and TLS security use 3)
00037  *  2. Define ADATA pointer and length, if returned global structure mic_len field is > 0
00038  *  3. Set data pointer and length
00039  *  4. Do configured CCM process ccm_process_run()
00040  *  5. Check return value:
00041  *      -If 0 Process ok
00042  *      -< 0 MIC fail or parameter fail
00043  *
00044  *  \section ccm-mutex CCM Mutex for Multi Thread System
00045  *  If you are running a multi thread system and the CCM library will be used for multiple thread, do the following:
00046  *  1. Add compiler flag to library build process CCM_USE_MUTEX.
00047  *  2. Define OS-specific mutex at the application.
00048  *  3. Implement arm_ccm_mutex_lock() arm_ccm_mutex_unlock() function for using the generated and initialized mutex.
00049  */
00050 #ifdef __cplusplus
00051 extern "C" {
00052 #endif
00053 #define AES_NO_SECURITY                 0x00    /**< No security */
00054 #define AES_SECURITY_LEVEL_MIC32        0x01    /**< MIC32 */
00055 #define AES_SECURITY_LEVEL_MIC64        0x02    /**< MIC64 */
00056 #define AES_SECURITY_LEVEL_MIC128       0x03    /**< MIC128 */
00057 #define AES_SECURITY_LEVEL_ENC          0x04    /**< ENC */
00058 #define AES_SECURITY_LEVEL_ENC_MIC32    0x05    /**< ENC_MIC32 */
00059 #define AES_SECURITY_LEVEL_ENC_MIC64    0x06    /**< ENC_MIC64 */
00060 #define AES_SECURITY_LEVEL_ENC_MIC128   0x07    /**< ENC_MIC128 */
00061 
00062 #define AES_CCM_ENCRYPT                 0x00    /**< Encryption mode */
00063 #define AES_CCM_DECRYPT                 0x01    /**< Decryption mode */
00064 
00065 
00066 /**
00067  * \brief A function for locking CCM mutex if the OS is multi thread. If you are using single thread create an empty function.
00068  */
00069 extern void arm_ccm_mutex_lock(void);
00070 /**
00071  * \brief A function for unlocking CCM mutex if the OS is multi thread. If you are using single thread create an empty function
00072  */
00073 extern void arm_ccm_mutex_unlock(void);
00074 
00075 /*!
00076  * \struct ccm_globals_t
00077  * \brief CCM global structure.
00078  * The structure is used for configuring NONCE, adata and data before calling ccm_process_run().
00079  */
00080 typedef struct {
00081     uint8_t exp_nonce[15];  /**< CCM NONCE buffer Nonce. */
00082     uint8_t *data_ptr;      /**< Pointer to data IN. */
00083     uint16_t data_len;      /**< Length of data IN. */
00084     const uint8_t *adata_ptr;   /**< Pointer to authentication data. */
00085     uint16_t adata_len;     /**< Length of authentication data. */
00086     uint8_t mic_len;        /**< ccm_sec_init() sets here the length of MIC. */
00087     uint8_t *mic;           /**< Encrypt process writes MIC. Decrypt reads it and compares it with the MIC obtained from data. */
00088 } ccm_globals_t;
00089 
00090 /**
00091  * \brief A function to initialize the CCM library.
00092  * \param sec_level Used CCM security level (0-7).
00093  * \param ccm_key Pointer to 128-key.
00094  * \param mode AES_CCM_ENCRYPT or AES_CCM_DECRYPT.
00095  * \param ccm_l Can be 2 or 3. 2 when NONCE length is 13 and 3 when 12. (NONCE length = (15-ccm_l))
00096  *
00097  * \return Pointer to Global CCM parameter buffer.
00098  * \return 0 When parameter fails or CCM is busy.
00099  */
00100 extern ccm_globals_t *ccm_sec_init(uint8_t sec_level, const uint8_t *ccm_key, uint8_t mode, uint8_t ccm_l);
00101 
00102 /**
00103  * \brief A function to run the configured CCM process.
00104  * When AES_CCM_ENCRYPT mode is selected and MIC is needed, the library saves MIC right after the encrypted data.
00105  * \param ccm_params CCM parameters
00106  *
00107  * \return 0 CCM process OK and when AES_CCM_DECRYPT mode was selected also MIC was correct.
00108  * \return -1 Init not called or data or adata pointers or lengths are zero.
00109  * \return -2 Null pointer given to function.
00110  */
00111 extern int8_t ccm_process_run(ccm_globals_t *ccm_params);
00112 #ifdef __cplusplus
00113 }
00114 #endif
00115 
00116 #endif /* CCMLIB_H_ */