]>
Commit | Line | Data |
---|---|---|
700d8687 OM |
1 | /** |
2 | * \file cmac.h | |
3 | * | |
4 | * \brief This file contains CMAC definitions and functions. | |
5 | * | |
6 | * The Cipher-based Message Authentication Code (CMAC) Mode for | |
7 | * Authentication is defined in <em>RFC-4493: The AES-CMAC Algorithm</em>. | |
8 | */ | |
9 | /* | |
10 | * Copyright (C) 2015-2018, Arm Limited (or its affiliates), All Rights Reserved | |
11 | * SPDX-License-Identifier: GPL-2.0 | |
12 | * | |
13 | * This program is free software; you can redistribute it and/or modify | |
14 | * it under the terms of the GNU General Public License as published by | |
15 | * the Free Software Foundation; either version 2 of the License, or | |
16 | * (at your option) any later version. | |
17 | * | |
18 | * This program is distributed in the hope that it will be useful, | |
19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
21 | * GNU General Public License for more details. | |
22 | * | |
23 | * You should have received a copy of the GNU General Public License along | |
24 | * with this program; if not, write to the Free Software Foundation, Inc., | |
25 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
26 | * | |
27 | * This file is part of Mbed TLS (https://tls.mbed.org) | |
28 | */ | |
29 | ||
30 | #ifndef MBEDTLS_CMAC_H | |
31 | #define MBEDTLS_CMAC_H | |
32 | ||
33 | #include "cipher.h" | |
34 | ||
35 | #ifdef __cplusplus | |
36 | extern "C" { | |
37 | #endif | |
38 | ||
39 | #define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A /**< CMAC hardware accelerator failed. */ | |
40 | ||
41 | #define MBEDTLS_AES_BLOCK_SIZE 16 | |
42 | #define MBEDTLS_DES3_BLOCK_SIZE 8 | |
43 | ||
44 | #if defined(MBEDTLS_AES_C) | |
45 | #define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /**< The longest block used by CMAC is that of AES. */ | |
46 | #else | |
47 | #define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /**< The longest block used by CMAC is that of 3DES. */ | |
48 | #endif | |
49 | ||
50 | #if !defined(MBEDTLS_CMAC_ALT) | |
51 | ||
52 | /** | |
53 | * The CMAC context structure. | |
54 | */ | |
55 | struct mbedtls_cmac_context_t | |
56 | { | |
57 | /** The internal state of the CMAC algorithm. */ | |
58 | unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX]; | |
59 | ||
60 | /** Unprocessed data - either data that was not block aligned and is still | |
61 | * pending processing, or the final block. */ | |
62 | unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX]; | |
63 | ||
64 | /** The length of data pending processing. */ | |
65 | size_t unprocessed_len; | |
66 | }; | |
67 | ||
68 | #else /* !MBEDTLS_CMAC_ALT */ | |
69 | #include "cmac_alt.h" | |
70 | #endif /* !MBEDTLS_CMAC_ALT */ | |
71 | ||
72 | /** | |
73 | * \brief This function sets the CMAC key, and prepares to authenticate | |
74 | * the input data. | |
75 | * Must be called with an initialized cipher context. | |
76 | * | |
77 | * \param ctx The cipher context used for the CMAC operation, initialized | |
78 | * as one of the following types: MBEDTLS_CIPHER_AES_128_ECB, | |
79 | * MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB, | |
80 | * or MBEDTLS_CIPHER_DES_EDE3_ECB. | |
81 | * \param key The CMAC key. | |
82 | * \param keybits The length of the CMAC key in bits. | |
83 | * Must be supported by the cipher. | |
84 | * | |
85 | * \return \c 0 on success. | |
86 | * \return A cipher-specific error code on failure. | |
87 | */ | |
88 | int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, | |
89 | const unsigned char *key, size_t keybits ); | |
90 | ||
91 | /** | |
92 | * \brief This function feeds an input buffer into an ongoing CMAC | |
93 | * computation. | |
94 | * | |
95 | * It is called between mbedtls_cipher_cmac_starts() or | |
96 | * mbedtls_cipher_cmac_reset(), and mbedtls_cipher_cmac_finish(). | |
97 | * Can be called repeatedly. | |
98 | * | |
99 | * \param ctx The cipher context used for the CMAC operation. | |
100 | * \param input The buffer holding the input data. | |
101 | * \param ilen The length of the input data. | |
102 | * | |
103 | * \return \c 0 on success. | |
104 | * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA | |
105 | * if parameter verification fails. | |
106 | */ | |
107 | int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, | |
108 | const unsigned char *input, size_t ilen ); | |
109 | ||
110 | /** | |
111 | * \brief This function finishes the CMAC operation, and writes | |
112 | * the result to the output buffer. | |
113 | * | |
114 | * It is called after mbedtls_cipher_cmac_update(). | |
115 | * It can be followed by mbedtls_cipher_cmac_reset() and | |
116 | * mbedtls_cipher_cmac_update(), or mbedtls_cipher_free(). | |
117 | * | |
118 | * \param ctx The cipher context used for the CMAC operation. | |
119 | * \param output The output buffer for the CMAC checksum result. | |
120 | * | |
121 | * \return \c 0 on success. | |
122 | * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA | |
123 | * if parameter verification fails. | |
124 | */ | |
125 | int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, | |
126 | unsigned char *output ); | |
127 | ||
128 | /** | |
129 | * \brief This function prepares the authentication of another | |
130 | * message with the same key as the previous CMAC | |
131 | * operation. | |
132 | * | |
133 | * It is called after mbedtls_cipher_cmac_finish() | |
134 | * and before mbedtls_cipher_cmac_update(). | |
135 | * | |
136 | * \param ctx The cipher context used for the CMAC operation. | |
137 | * | |
138 | * \return \c 0 on success. | |
139 | * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA | |
140 | * if parameter verification fails. | |
141 | */ | |
142 | int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); | |
143 | ||
144 | /** | |
145 | * \brief This function calculates the full generic CMAC | |
146 | * on the input buffer with the provided key. | |
147 | * | |
148 | * The function allocates the context, performs the | |
149 | * calculation, and frees the context. | |
150 | * | |
151 | * The CMAC result is calculated as | |
152 | * output = generic CMAC(cmac key, input buffer). | |
153 | * | |
154 | * | |
155 | * \param cipher_info The cipher information. | |
156 | * \param key The CMAC key. | |
157 | * \param keylen The length of the CMAC key in bits. | |
158 | * \param input The buffer holding the input data. | |
159 | * \param ilen The length of the input data. | |
160 | * \param output The buffer for the generic CMAC result. | |
161 | * | |
162 | * \return \c 0 on success. | |
163 | * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA | |
164 | * if parameter verification fails. | |
165 | */ | |
166 | int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, | |
167 | const unsigned char *key, size_t keylen, | |
168 | const unsigned char *input, size_t ilen, | |
169 | unsigned char *output ); | |
170 | ||
171 | #if defined(MBEDTLS_AES_C) | |
172 | /** | |
173 | * \brief This function implements the AES-CMAC-PRF-128 pseudorandom | |
174 | * function, as defined in | |
175 | * <em>RFC-4615: The Advanced Encryption Standard-Cipher-based | |
176 | * Message Authentication Code-Pseudo-Random Function-128 | |
177 | * (AES-CMAC-PRF-128) Algorithm for the Internet Key | |
178 | * Exchange Protocol (IKE).</em> | |
179 | * | |
180 | * \param key The key to use. | |
181 | * \param key_len The key length in Bytes. | |
182 | * \param input The buffer holding the input data. | |
183 | * \param in_len The length of the input data in Bytes. | |
184 | * \param output The buffer holding the generated 16 Bytes of | |
185 | * pseudorandom output. | |
186 | * | |
187 | * \return \c 0 on success. | |
188 | */ | |
189 | int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, | |
190 | const unsigned char *input, size_t in_len, | |
191 | unsigned char output[16] ); | |
192 | #endif /* MBEDTLS_AES_C */ | |
193 | ||
194 | #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) ) | |
195 | /** | |
196 | * \brief The CMAC checkup routine. | |
197 | * | |
198 | * \return \c 0 on success. | |
199 | * \return \c 1 on failure. | |
200 | */ | |
201 | int mbedtls_cmac_self_test( int verbose ); | |
202 | #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ | |
203 | ||
204 | #ifdef __cplusplus | |
205 | } | |
206 | #endif | |
207 | ||
208 | #endif /* MBEDTLS_CMAC_H */ |