cmac.h

00001 /**
00002  * \file cmac.h
00003  *
00004  * \brief Cipher-based Message Authentication Code (CMAC) Mode for
00005  *        Authentication
00006  *
00007  *  Copyright (C) 2015-2016, ARM Limited, All Rights Reserved
00008  *  SPDX-License-Identifier: Apache-2.0
00009  *
00010  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
00011  *  not use this file except in compliance with the License.
00012  *  You may obtain a copy of the License at
00013  *
00014  *  http://www.apache.org/licenses/LICENSE-2.0
00015  *
00016  *  Unless required by applicable law or agreed to in writing, software
00017  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
00018  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00019  *  See the License for the specific language governing permissions and
00020  *  limitations under the License.
00021  *
00022  *  This file is part of mbed TLS (https://tls.mbed.org)
00023  */
00024 #ifndef MBEDTLS_CMAC_H
00025 #define MBEDTLS_CMAC_H
00026 
00027 #include "mbedtls/cipher.h"
00028 
00029 #ifdef __cplusplus
00030 extern "C" {
00031 #endif
00032 
00033 #define MBEDTLS_AES_BLOCK_SIZE          16
00034 #define MBEDTLS_DES3_BLOCK_SIZE         8
00035 
00036 #if defined(MBEDTLS_AES_C)
00037 #define MBEDTLS_CIPHER_BLKSIZE_MAX      16  /* longest used by CMAC is AES */
00038 #else
00039 #define MBEDTLS_CIPHER_BLKSIZE_MAX      8   /* longest used by CMAC is 3DES */
00040 #endif
00041 
00042 /**
00043  * CMAC context structure - Contains internal state information only
00044  */
00045 struct mbedtls_cmac_context_t
00046 {
00047     /** Internal state of the CMAC algorithm  */
00048     unsigned char       state[MBEDTLS_CIPHER_BLKSIZE_MAX];
00049 
00050     /** Unprocessed data - either data that was not block aligned and is still
00051      *  pending to be processed, or the final block */
00052     unsigned char       unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
00053 
00054     /** Length of data pending to be processed */
00055     size_t              unprocessed_len;
00056 };
00057 
00058 /**
00059  * \brief               Set the CMAC key and prepare to authenticate the input
00060  *                      data.
00061  *                      Should be called with an initialized cipher context.
00062  *
00063  * \param ctx           Cipher context. This should be a cipher context,
00064  *                      initialized to be one of the following types:
00065  *                      MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB,
00066  *                      MBEDTLS_CIPHER_AES_256_ECB or
00067  *                      MBEDTLS_CIPHER_DES_EDE3_ECB.
00068  * \param key           CMAC key
00069  * \param keybits       length of the CMAC key in bits
00070  *                      (must be acceptable by the cipher)
00071  *
00072  * \return              0 if successful, or a cipher specific error code
00073  */
00074 int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
00075                                 const unsigned char *key, size_t keybits );
00076 
00077 /**
00078  * \brief               Generic CMAC process buffer.
00079  *                      Called between mbedtls_cipher_cmac_starts() or
00080  *                      mbedtls_cipher_cmac_reset() and
00081  *                      mbedtls_cipher_cmac_finish().
00082  *                      May be called repeatedly.
00083  *
00084  * \param ctx           CMAC context
00085  * \param input         buffer holding the  data
00086  * \param ilen          length of the input data
00087  *
00088  * \returns             0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
00089  *                      verification fails.
00090  */
00091 int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
00092                                 const unsigned char *input, size_t ilen );
00093 
00094 /**
00095  * \brief               Output CMAC.
00096  *                      Called after mbedtls_cipher_cmac_update().
00097  *                      Usually followed by mbedtls_cipher_cmac_reset(), then
00098  *                      mbedtls_cipher_cmac_starts(), or mbedtls_cipher_free().
00099  *
00100  * \param ctx           CMAC context
00101  * \param output        Generic CMAC checksum result
00102  *
00103  * \returns             0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
00104  *                      verification fails.
00105  */
00106 int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
00107                                 unsigned char *output );
00108 
00109 /**
00110  * \brief               Prepare to authenticate a new message with the same key.
00111  *                      Called after mbedtls_cipher_cmac_finish() and before
00112  *                      mbedtls_cipher_cmac_update().
00113  *
00114  * \param ctx           CMAC context to be reset
00115  *
00116  * \returns             0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
00117  *                      verification fails.
00118  */
00119 int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
00120 
00121 /**
00122  * \brief               Output = Generic_CMAC( cmac key, input buffer )
00123  *
00124  * \param cipher_info   message digest info
00125  * \param key           CMAC key
00126  * \param keylen        length of the CMAC key in bits
00127  * \param input         buffer holding the  data
00128  * \param ilen          length of the input data
00129  * \param output        Generic CMAC-result
00130  *
00131  * \returns             0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
00132  *                      verification fails.
00133  */
00134 int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
00135                          const unsigned char *key, size_t keylen,
00136                          const unsigned char *input, size_t ilen,
00137                          unsigned char *output );
00138 
00139 #if defined(MBEDTLS_AES_C)
00140 /**
00141  * \brief           AES-CMAC-128-PRF
00142  *                  Implementation of (AES-CMAC-PRF-128), as defined in RFC 4615
00143  *
00144  * \param key       PRF key
00145  * \param key_len   PRF key length in bytes
00146  * \param input     buffer holding the input data
00147  * \param in_len    length of the input data in bytes
00148  * \param output    buffer holding the generated pseudorandom output (16 bytes)
00149  *
00150  * \return          0 if successful
00151  */
00152 int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
00153                               const unsigned char *input, size_t in_len,
00154                               unsigned char output[16] );
00155 #endif /* MBEDTLS_AES_C */
00156 
00157 #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
00158 /**
00159  * \brief          Checkup routine
00160  *
00161  * \return         0 if successful, or 1 if the test failed
00162  */
00163 int mbedtls_cmac_self_test( int verbose );
00164 #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
00165 
00166 #ifdef __cplusplus
00167 }
00168 #endif
00169 
00170 #endif /* MBEDTLS_CMAC_H */