| Robert Cragie | dc5c7b9 | 2015-12-11 15:49:45 +0000 | [diff] [blame] | 1 | /**
|
| 2 | * \file cmac.h
|
| 3 | *
|
| 4 | * \brief The CMAC Mode for Authentication
|
| 5 | *
|
| 6 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
| 7 | * SPDX-License-Identifier: Apache-2.0
|
| 8 | *
|
| 9 | * Licensed under the Apache License, Version 2.0 (the "License"); you may
|
| 10 | * not use this file except in compliance with the License.
|
| 11 | * You may obtain a copy of the License at
|
| 12 | *
|
| 13 | * http://www.apache.org/licenses/LICENSE-2.0
|
| 14 | *
|
| 15 | * Unless required by applicable law or agreed to in writing, software
|
| 16 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
| 17 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
| 18 | * See the License for the specific language governing permissions and
|
| 19 | * limitations under the License.
|
| 20 | *
|
| 21 | * This file is part of mbed TLS (https://tls.mbed.org)
|
| 22 | */
|
| 23 | #ifndef MBEDTLS_CMAC_H
|
| 24 | #define MBEDTLS_CMAC_H
|
| 25 |
|
| 26 | #include "cipher.h"
|
| 27 |
|
| Robert Cragie | 84a4c67 | 2015-12-14 17:13:29 +0000 | [diff] [blame] | 28 | #define MBEDTLS_ERR_CMAC_BAD_INPUT -0x0011 /**< Bad input parameters to function. */
|
| 29 | #define MBEDTLS_ERR_CMAC_VERIFY_FAILED -0x0013 /**< Verification failed. */
|
| Robert Cragie | dc5c7b9 | 2015-12-11 15:49:45 +0000 | [diff] [blame] | 30 |
|
| 31 | #ifdef __cplusplus
|
| 32 | extern "C" {
|
| 33 | #endif
|
| 34 |
|
| 35 | /**
|
| 36 | * \brief CCM context structure
|
| 37 | */
|
| 38 | typedef struct {
|
| 39 | mbedtls_cipher_context_t cipher_ctx; /*!< cipher context used */
|
| 40 | unsigned char K1[16];
|
| 41 | unsigned char K2[16];
|
| 42 | }
|
| 43 | mbedtls_cmac_context;
|
| 44 |
|
| 45 | /**
|
| 46 | * \brief Initialize CMAC context (just makes references valid)
|
| 47 | * Makes the context ready for mbedtls_cmac_setkey() or
|
| 48 | * mbedtls_cmac_free().
|
| 49 | *
|
| 50 | * \param ctx CMAC context to initialize
|
| 51 | */
|
| 52 | void mbedtls_cmac_init( mbedtls_cmac_context *ctx );
|
| 53 |
|
| 54 | /**
|
| 55 | * \brief CMAC initialization
|
| 56 | *
|
| 57 | * \param ctx CMAC context to be initialized
|
| 58 | * \param cipher cipher to use (a 128-bit block cipher)
|
| 59 | * \param key encryption key
|
| 60 | * \param keybits key size in bits (must be acceptable by the cipher)
|
| 61 | *
|
| 62 | * \return 0 if successful, or a cipher specific error code
|
| 63 | */
|
| 64 | int mbedtls_cmac_setkey( mbedtls_cmac_context *ctx,
|
| 65 | mbedtls_cipher_id_t cipher,
|
| 66 | const unsigned char *key,
|
| 67 | unsigned int keybits );
|
| 68 |
|
| 69 | /**
|
| 70 | * \brief Free a CMAC context and underlying cipher sub-context
|
| 71 | *
|
| 72 | * \param ctx CMAC context to free
|
| 73 | */
|
| 74 | void mbedtls_cmac_free( mbedtls_cmac_context *ctx );
|
| 75 |
|
| 76 | /**
|
| 77 | * \brief CMAC generate
|
| 78 | *
|
| 79 | * \param ctx CMAC context
|
| 80 | * \param length length of the input data in bytes
|
| 81 | * \param input buffer holding the input data
|
| 82 | * \param tag buffer for holding the generated tag
|
| 83 | * \param tag_len length of the tag to generate in bytes
|
| 84 | * must be between 4, 6, 8, 10, 14 or 16
|
| 85 | *
|
| 86 | * \return 0 if successful
|
| 87 | */
|
| 88 | int mbedtls_cmac_generate( mbedtls_cmac_context *ctx, size_t length,
|
| 89 | const unsigned char *input,
|
| 90 | unsigned char *tag, size_t tag_len );
|
| 91 |
|
| 92 | /**
|
| 93 | * \brief CMAC verify
|
| 94 | *
|
| 95 | * \param ctx CMAC context
|
| 96 | * \param length length of the input data in bytes
|
| 97 | * \param input buffer holding the input data
|
| 98 | * \param tag buffer holding the tag to verify
|
| 99 | * \param tag_len length of the tag to verify in bytes
|
| 100 | * must be 4, 6, 8, 10, 14 or 16
|
| 101 | *
|
| 102 | * \return 0 if successful and authenticated,
|
| Robert Cragie | f261ef0 | 2015-12-14 17:52:55 +0000 | [diff] [blame^] | 103 | * MBEDTLS_ERR_CMAC_VERIFY_FAILED if tag does not match
|
| Robert Cragie | dc5c7b9 | 2015-12-11 15:49:45 +0000 | [diff] [blame] | 104 | */
|
| 105 | int mbedtls_cmac_verify( mbedtls_cmac_context *ctx, size_t length,
|
| 106 | const unsigned char *input,
|
| 107 | const unsigned char *tag, size_t tag_len );
|
| 108 |
|
| 109 | /**
|
| 110 | * \brief AES-CMAC-128-PRF
|
| 111 | *
|
| 112 | * \param ctx CMAC context
|
| 113 | * \param length length of the input data in bytes
|
| 114 | * \param key PRF key
|
| 115 | * \param key_len PRF key length
|
| 116 | * \param input buffer holding the input data
|
| 117 | * \param tag buffer holding the tag to verify (16 bytes)
|
| 118 | *
|
| 119 | * \return 0 if successful
|
| 120 | */
|
| 121 | int mbedtls_aes_cmac_prf_128( mbedtls_cmac_context *ctx, size_t length,
|
| 122 | const unsigned char *key, size_t key_len,
|
| 123 | const unsigned char *input,
|
| 124 | unsigned char *tag );
|
| 125 |
|
| 126 | #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
|
| 127 | /**
|
| 128 | * \brief Checkup routine
|
| 129 | *
|
| 130 | * \return 0 if successful, or 1 if the test failed
|
| 131 | */
|
| 132 | int mbedtls_cmac_self_test( int verbose );
|
| 133 | #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
|
| 134 |
|
| 135 | #ifdef __cplusplus
|
| 136 | }
|
| 137 | #endif
|
| 138 |
|
| 139 | #endif /* MBEDTLS_CMAC_H */
|