TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_os / d3aa2143a9aa349b52b93d918347a8db9d801748 / . / lib / libmbedtls / mbedtls / include / mbedtls / cmac.h
blob: 9a2b96bc92549f1f8db1f1b5bf773947359edf24 [file] [log] [blame]
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]1/**
2 * \file cmac.h
3 *
4 * \brief Cipher-based Message Authentication Code (CMAC) Mode for
5 * Authentication
6 *
7 * Copyright (C) 2015-2016, ARM Limited, All Rights Reserved
8 * SPDX-License-Identifier: Apache-2.0
9 *
10 * Licensed under the Apache License, Version 2.0 (the "License"); you may
11 * not use this file except in compliance with the License.
12 * You may obtain a copy of the License at
13 *
14 * http://www.apache.org/licenses/LICENSE-2.0
15 *
16 * Unless required by applicable law or agreed to in writing, software
17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 * See the License for the specific language governing permissions and
20 * limitations under the License.
21 *
22 * This file is part of mbed TLS (https://tls.mbed.org)
23 */
24#ifndef MBEDTLS_CMAC_H
25#define MBEDTLS_CMAC_H
26
27#include "mbedtls/cipher.h"
28
29#ifdef __cplusplus
30extern "C" {
31#endif
32
33#define MBEDTLS_AES_BLOCK_SIZE 16
34#define MBEDTLS_DES3_BLOCK_SIZE 8
35
36#if defined(MBEDTLS_AES_C)
37#define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /* longest used by CMAC is AES */
38#else
39#define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /* longest used by CMAC is 3DES */
40#endif
41
42/**
43 * CMAC context structure - Contains internal state information only
44 */
45struct mbedtls_cmac_context_t
46{
47 /** Internal state of the CMAC algorithm */
48 unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX];
49
50 /** Unprocessed data - either data that was not block aligned and is still
51 * pending to be processed, or the final block */
52 unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
53
54 /** Length of data pending to be processed */
55 size_t unprocessed_len;
56};
57
58/**
59 * \brief Set the CMAC key and prepare to authenticate the input
60 * data.
61 * Should be called with an initialized cipher context.
62 *
63 * \param ctx Cipher context. This should be a cipher context,
64 * initialized to be one of the following types:
65 * MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB,
66 * MBEDTLS_CIPHER_AES_256_ECB or
67 * MBEDTLS_CIPHER_DES_EDE3_ECB.
68 * \param key CMAC key
69 * \param keybits length of the CMAC key in bits
70 * (must be acceptable by the cipher)
71 *
72 * \return 0 if successful, or a cipher specific error code
73 */
74int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
75 const unsigned char *key, size_t keybits );
76
77/**
78 * \brief Generic CMAC process buffer.
79 * Called between mbedtls_cipher_cmac_starts() or
80 * mbedtls_cipher_cmac_reset() and
81 * mbedtls_cipher_cmac_finish().
82 * May be called repeatedly.
83 *
84 * \param ctx CMAC context
85 * \param input buffer holding the data
86 * \param ilen length of the input data
87 *
88 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
89 * verification fails.
90 */
91int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
92 const unsigned char *input, size_t ilen );
93
94/**
95 * \brief Output CMAC.
96 * Called after mbedtls_cipher_cmac_update().
97 * Usually followed by mbedtls_cipher_cmac_reset(), then
98 * mbedtls_cipher_cmac_starts(), or mbedtls_cipher_free().
99 *
100 * \param ctx CMAC context
101 * \param output Generic CMAC checksum result
102 *
103 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
104 * verification fails.
105 */
106int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
107 unsigned char *output );
108
109/**
110 * \brief Prepare to authenticate a new message with the same key.
111 * Called after mbedtls_cipher_cmac_finish() and before
112 * mbedtls_cipher_cmac_update().
113 *
114 * \param ctx CMAC context to be reset
115 *
116 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
117 * verification fails.
118 */
119int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
120
121/**
122 * \brief Output = Generic_CMAC( cmac key, input buffer )
123 *
124 * \param cipher_info message digest info
125 * \param key CMAC key
126 * \param keylen length of the CMAC key in bits
127 * \param input buffer holding the data
128 * \param ilen length of the input data
129 * \param output Generic CMAC-result
130 *
131 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
132 * verification fails.
133 */
134int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
135 const unsigned char *key, size_t keylen,
136 const unsigned char *input, size_t ilen,
137 unsigned char *output );
138
139#if defined(MBEDTLS_AES_C)
140/**
141 * \brief AES-CMAC-128-PRF
142 * Implementation of (AES-CMAC-PRF-128), as defined in RFC 4615
143 *
144 * \param key PRF key
145 * \param key_len PRF key length in bytes
146 * \param input buffer holding the input data
147 * \param in_len length of the input data in bytes
148 * \param output buffer holding the generated pseudorandom output (16 bytes)
149 *
150 * \return 0 if successful
151 */
152int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
153 const unsigned char *input, size_t in_len,
154 unsigned char output[16] );
155#endif /* MBEDTLS_AES_C */
156
157#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
158/**
159 * \brief Checkup routine
160 *
161 * \return 0 if successful, or 1 if the test failed
162 */
163int mbedtls_cmac_self_test( int verbose );
164#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
165
166#ifdef __cplusplus
167}
168#endif
169
170#endif /* MBEDTLS_CMAC_H */