| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170 |
- /**
- * \file cmac.h
- *
- * \brief Cipher-based Message Authentication Code (CMAC) Mode for
- * Authentication
- *
- * Copyright (C) 2015-2016, ARM Limited, All Rights Reserved
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This file is part of mbed TLS (https://tls.mbed.org)
- */
- #ifndef MBEDTLS_CMAC_H
- #define MBEDTLS_CMAC_H
- #include "cipher.h"
- #ifdef __cplusplus
- extern "C" {
- #endif
- #define MBEDTLS_AES_BLOCK_SIZE 16
- #define MBEDTLS_DES3_BLOCK_SIZE 8
- #if defined(MBEDTLS_AES_C)
- #define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /* longest used by CMAC is AES */
- #else
- #define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /* longest used by CMAC is 3DES */
- #endif
- /**
- * CMAC context structure - Contains internal state information only
- */
- struct mbedtls_cmac_context_t
- {
- /** Internal state of the CMAC algorithm */
- unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX];
- /** Unprocessed data - either data that was not block aligned and is still
- * pending to be processed, or the final block */
- unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
- /** Length of data pending to be processed */
- size_t unprocessed_len;
- };
- /**
- * \brief Set the CMAC key and prepare to authenticate the input
- * data.
- * Should be called with an initialized cipher context.
- *
- * \param ctx Cipher context. This should be a cipher context,
- * initialized to be one of the following types:
- * MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB,
- * MBEDTLS_CIPHER_AES_256_ECB or
- * MBEDTLS_CIPHER_DES_EDE3_ECB.
- * \param key CMAC key
- * \param keybits length of the CMAC key in bits
- * (must be acceptable by the cipher)
- *
- * \return 0 if successful, or a cipher specific error code
- */
- int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
- const unsigned char *key, size_t keybits );
- /**
- * \brief Generic CMAC process buffer.
- * Called between mbedtls_cipher_cmac_starts() or
- * mbedtls_cipher_cmac_reset() and
- * mbedtls_cipher_cmac_finish().
- * May be called repeatedly.
- *
- * \param ctx CMAC context
- * \param input buffer holding the data
- * \param ilen length of the input data
- *
- * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
- * verification fails.
- */
- int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
- const unsigned char *input, size_t ilen );
- /**
- * \brief Output CMAC.
- * Called after mbedtls_cipher_cmac_update().
- * Usually followed by mbedtls_cipher_cmac_reset(), then
- * mbedtls_cipher_cmac_starts(), or mbedtls_cipher_free().
- *
- * \param ctx CMAC context
- * \param output Generic CMAC checksum result
- *
- * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
- * verification fails.
- */
- int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
- unsigned char *output );
- /**
- * \brief Prepare to authenticate a new message with the same key.
- * Called after mbedtls_cipher_cmac_finish() and before
- * mbedtls_cipher_cmac_update().
- *
- * \param ctx CMAC context to be reset
- *
- * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
- * verification fails.
- */
- int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
- /**
- * \brief Output = Generic_CMAC( cmac key, input buffer )
- *
- * \param cipher_info message digest info
- * \param key CMAC key
- * \param keylen length of the CMAC key in bits
- * \param input buffer holding the data
- * \param ilen length of the input data
- * \param output Generic CMAC-result
- *
- * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
- * verification fails.
- */
- int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
- const unsigned char *key, size_t keylen,
- const unsigned char *input, size_t ilen,
- unsigned char *output );
- #if defined(MBEDTLS_AES_C)
- /**
- * \brief AES-CMAC-128-PRF
- * Implementation of (AES-CMAC-PRF-128), as defined in RFC 4615
- *
- * \param key PRF key
- * \param key_len PRF key length in bytes
- * \param input buffer holding the input data
- * \param in_len length of the input data in bytes
- * \param output buffer holding the generated pseudorandom output (16 bytes)
- *
- * \return 0 if successful
- */
- int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
- const unsigned char *input, size_t in_len,
- unsigned char output[16] );
- #endif /* MBEDTLS_AES_C */
- #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
- /**
- * \brief Checkup routine
- *
- * \return 0 if successful, or 1 if the test failed
- */
- int mbedtls_cmac_self_test( int verbose );
- #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
- #ifdef __cplusplus
- }
- #endif
- #endif /* MBEDTLS_CMAC_H */
|
