TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 690083c21d7254d4d1026779d8fa32e5a844bc1f / . / include / mbedtls / cmac.h
blob: 3b5c13e9980d096c2fc6ec12487977fae241dc53 [file] [log] [blame]
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]1/**
2 * \file cmac.h
3 *
4 * \brief The CMAC Mode for Authentication
5 *
6 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
7 * SPDX-License-Identifier: Apache-2.0
8 *
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
12 *
13 * http://www.apache.org/licenses/LICENSE-2.0
14 *
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 *
21 * This file is part of mbed TLS (https://tls.mbed.org)
22 */
23#ifndef MBEDTLS_CMAC_H
24#define MBEDTLS_CMAC_H
25
26#include "cipher.h"
27
28#define MBEDTLS_ERR_CMAC_BAD_INPUT -0x0011 /**< Bad input parameters to function. */
29#define MBEDTLS_ERR_CMAC_VERIFY_FAILED -0x0013 /**< Verification failed. */
30
31#ifdef __cplusplus
32extern "C" {
33#endif
34
35/**
36 * \brief CCM context structure
37 */
38typedef struct {
39 mbedtls_cipher_context_t cipher_ctx; /*!< cipher context used */
40 unsigned char K1[16];
41 unsigned char K2[16];
42}
43mbedtls_cmac_context;
44
45/**
46 * \brief Initialize CMAC context (just makes references valid)
47 * Makes the context ready for mbedtls_cmac_setkey() or
48 * mbedtls_cmac_free().
49 *
50 * \param ctx CMAC context to initialize
51 */
52void mbedtls_cmac_init( mbedtls_cmac_context *ctx );
53
54/**
55 * \brief CMAC initialization
56 *
57 * \param ctx CMAC context to be initialized
58 * \param cipher cipher to use (a 128-bit block cipher)
59 * \param key encryption key
60 * \param keybits key size in bits (must be acceptable by the cipher)
61 *
62 * \return 0 if successful, or a cipher specific error code
63 */
64int mbedtls_cmac_setkey( mbedtls_cmac_context *ctx,
65 mbedtls_cipher_id_t cipher,
66 const unsigned char *key,
67 unsigned int keybits );
68
69/**
70 * \brief Free a CMAC context and underlying cipher sub-context
71 *
72 * \param ctx CMAC context to free
73 */
74void mbedtls_cmac_free( mbedtls_cmac_context *ctx );
75
76/**
77 * \brief CMAC generate
78 *
79 * \param ctx CMAC context
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]80 * \param input buffer holding the input data
Manuel Pégourié-Gonnard690083c2016-01-13 10:48:02 +0000[diff] [blame^]81 * \param in_len length of the input data in bytes
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]82 * \param tag buffer for holding the generated tag
83 * \param tag_len length of the tag to generate in bytes
84 * must be between 4, 6, 8, 10, 14 or 16
85 *
86 * \return 0 if successful
87 */
Manuel Pégourié-Gonnard690083c2016-01-13 10:48:02 +0000[diff] [blame^]88int mbedtls_cmac_generate( mbedtls_cmac_context *ctx,
89 const unsigned char *input, size_t in_len,
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]90 unsigned char *tag, size_t tag_len );
91
92/**
93 * \brief CMAC verify
94 *
95 * \param ctx CMAC context
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]96 * \param input buffer holding the input data
Manuel Pégourié-Gonnard690083c2016-01-13 10:48:02 +0000[diff] [blame^]97 * \param in_len length of the input data in bytes
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]98 * \param tag buffer holding the tag to verify
99 * \param tag_len length of the tag to verify in bytes
100 * must be 4, 6, 8, 10, 14 or 16
101 *
102 * \return 0 if successful and authenticated,
103 * MBEDTLS_ERR_CMAC_VERIFY_FAILED if tag does not match
104 */
Manuel Pégourié-Gonnard690083c2016-01-13 10:48:02 +0000[diff] [blame^]105int mbedtls_cmac_verify( mbedtls_cmac_context *ctx,
106 const unsigned char *input, size_t in_len,
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]107 const unsigned char *tag, size_t tag_len );
108
109/**
110 * \brief AES-CMAC-128-PRF
111 *
112 * \param ctx CMAC context
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]113 * \param key PRF key
114 * \param key_len PRF key length
115 * \param input buffer holding the input data
Manuel Pégourié-Gonnard690083c2016-01-13 10:48:02 +0000[diff] [blame^]116 * \param in_len length of the input data in bytes
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]117 * \param tag buffer holding the tag to verify (16 bytes)
118 *
119 * \return 0 if successful
120 */
Manuel Pégourié-Gonnard690083c2016-01-13 10:48:02 +0000[diff] [blame^]121int mbedtls_aes_cmac_prf_128( mbedtls_cmac_context *ctx,
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]122 const unsigned char *key, size_t key_len,
Manuel Pégourié-Gonnard690083c2016-01-13 10:48:02 +0000[diff] [blame^]123 const unsigned char *input, size_t in_len,
Robert Cragie3d23b1d2015-12-15 07:38:11 +0000[diff] [blame]124 unsigned char *tag );
125
126#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
127/**
128 * \brief Checkup routine
129 *
130 * \return 0 if successful, or 1 if the test failed
131 */
132int mbedtls_cmac_self_test( int verbose );
133#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
134
135#ifdef __cplusplus
136}
137#endif
138
139#endif /* MBEDTLS_CMAC_H */