TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 10a6f02f8371f3d137b3648b56cf48bbf94b3345 / . / include / mbedtls / ccm.h
blob: a1dba4fda96048d1ad4fbe9b23a8bac8d041c554 [file] [log] [blame]
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]1/**
2 * \file ccm.h
3 *
4 * \brief Counter with CBC-MAC (CCM) for 128-bit block ciphers
5 *
Manuel Pégourié-Gonnarda658a402015-01-23 09:45:19 +0000[diff] [blame]6 * Copyright (C) 2014, ARM Limited, All Rights Reserved
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]7 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]8 * This file is part of mbed TLS (https://tls.mbed.org)
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]9 *
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]24#ifndef MBEDTLS_CCM_H
25#define MBEDTLS_CCM_H
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]26
27#include "cipher.h"
28
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]29#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */
30#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]31
32#ifdef __cplusplus
33extern "C" {
34#endif
35
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]36/**
37 * \brief CCM context structure
38 */
39typedef struct {
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]40 mbedtls_cipher_context_t cipher_ctx; /*!< cipher context used */
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]41}
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]42mbedtls_ccm_context;
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]43
44/**
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]45 * \brief Initialize CCM context (just makes references valid)
46 * Makes the context ready for mbedtls_ccm_setkey() or
47 * mbedtls_ccm_free().
48 *
49 * \param ctx CCM context to initialize
50 */
51void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
52
53/**
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]54 * \brief CCM initialization (encryption and decryption)
55 *
56 * \param ctx CCM context to be initialized
57 * \param cipher cipher to use (a 128-bit block cipher)
58 * \param key encryption key
Manuel Pégourié-Gonnardb8186a52015-06-18 14:58:58 +0200[diff] [blame]59 * \param keybits key size in bits (must be acceptable by the cipher)
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]60 *
61 * \return 0 if successful, or a cipher specific error code
62 */
Manuel Pégourié-Gonnard6963ff02015-04-28 18:02:54 +0200[diff] [blame]63int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
64 mbedtls_cipher_id_t cipher,
65 const unsigned char *key,
Manuel Pégourié-Gonnardb8186a52015-06-18 14:58:58 +0200[diff] [blame]66 unsigned int keybits );
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]67
68/**
69 * \brief Free a CCM context and underlying cipher sub-context
70 *
71 * \param ctx CCM context to free
72 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]73void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
Manuel Pégourié-Gonnard9fe0d132014-05-06 12:12:45 +0200[diff] [blame]74
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]75/**
76 * \brief CCM buffer encryption
77 *
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]78 * \param ctx CCM context
79 * \param length length of the input data in bytes
80 * \param iv nonce (initialization vector)
81 * \param iv_len length of IV in bytes
82 * must be 2, 3, 4, 5, 6, 7 or 8
83 * \param add additional data
84 * \param add_len length of additional data in bytes
85 * must be less than 2^16 - 2^8
86 * \param input buffer holding the input data
87 * \param output buffer for holding the output data
88 * must be at least 'length' bytes wide
89 * \param tag buffer for holding the tag
90 * \param tag_len length of the tag to generate in bytes
91 * must be 4, 6, 8, 10, 14 or 16
92 *
Manuel Pégourié-Gonnard00232332014-05-06 15:56:07 +0200[diff] [blame]93 * \note The tag is written to a separate buffer. To get the tag
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]94 * concatenated with the output as in the CCM spec, use
95 * tag = output + length and make sure the output buffer is
96 * at least length + tag_len wide.
97 *
98 * \return 0 if successful
99 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]100int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
Manuel Pégourié-Gonnard00232332014-05-06 15:56:07 +0200[diff] [blame]101 const unsigned char *iv, size_t iv_len,
102 const unsigned char *add, size_t add_len,
103 const unsigned char *input, unsigned char *output,
104 unsigned char *tag, size_t tag_len );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]105
Manuel Pégourié-Gonnard00232332014-05-06 15:56:07 +0200[diff] [blame]106/**
107 * \brief CCM buffer authenticated decryption
108 *
Manuel Pégourié-Gonnard00232332014-05-06 15:56:07 +0200[diff] [blame]109 * \param ctx CCM context
110 * \param length length of the input data
111 * \param iv initialization vector
112 * \param iv_len length of IV
113 * \param add additional data
114 * \param add_len length of additional data
115 * \param input buffer holding the input data
116 * \param output buffer for holding the output data
117 * \param tag buffer holding the tag
118 * \param tag_len length of the tag
119 *
120 * \return 0 if successful and authenticated,
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]121 * MBEDTLS_ERR_CCM_AUTH_FAILED if tag does not match
Manuel Pégourié-Gonnard00232332014-05-06 15:56:07 +0200[diff] [blame]122 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]123int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
Manuel Pégourié-Gonnard00232332014-05-06 15:56:07 +0200[diff] [blame]124 const unsigned char *iv, size_t iv_len,
125 const unsigned char *add, size_t add_len,
126 const unsigned char *input, unsigned char *output,
127 const unsigned char *tag, size_t tag_len );
Manuel Pégourié-Gonnard637eb3d2014-05-06 12:13:09 +0200[diff] [blame]128
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]129#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]130/**
131 * \brief Checkup routine
132 *
133 * \return 0 if successful, or 1 if the test failed
134 */
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]135int mbedtls_ccm_self_test( int verbose );
136#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
Manuel Pégourié-Gonnarda6916fa2014-05-02 15:17:29 +0200[diff] [blame]137
138#ifdef __cplusplus
139}
140#endif
141
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +0200[diff] [blame]142#endif /* MBEDTLS_CCM_H */