]> cvs.zerfleddert.de Git - proxmark3-svn/blame_incremental - common/mbedtls/cmac.h
fix 'lf pcf7931 bruteforce' (bug reported in http://www.proxmark.org/forum/viewtopic...
[proxmark3-svn] / common / mbedtls / cmac.h
... / ...
CommitLineData
1/**
2 * \file cmac.h
3 *
4 * \brief This file contains CMAC definitions and functions.
5 *
6 * The Cipher-based Message Authentication Code (CMAC) Mode for
7 * Authentication is defined in <em>RFC-4493: The AES-CMAC Algorithm</em>.
8 */
9/*
10 * Copyright (C) 2015-2018, Arm Limited (or its affiliates), All Rights Reserved
11 * SPDX-License-Identifier: GPL-2.0
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License along
24 * with this program; if not, write to the Free Software Foundation, Inc.,
25 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
26 *
27 * This file is part of Mbed TLS (https://tls.mbed.org)
28 */
29
30#ifndef MBEDTLS_CMAC_H
31#define MBEDTLS_CMAC_H
32
33#include "cipher.h"
34
35#ifdef __cplusplus
36extern "C" {
37#endif
38
39#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A /**< CMAC hardware accelerator failed. */
40
41#define MBEDTLS_AES_BLOCK_SIZE 16
42#define MBEDTLS_DES3_BLOCK_SIZE 8
43
44#if defined(MBEDTLS_AES_C)
45#define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /**< The longest block used by CMAC is that of AES. */
46#else
47#define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /**< The longest block used by CMAC is that of 3DES. */
48#endif
49
50#if !defined(MBEDTLS_CMAC_ALT)
51
52/**
53 * The CMAC context structure.
54 */
55struct mbedtls_cmac_context_t
56{
57 /** The internal state of the CMAC algorithm. */
58 unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX];
59
60 /** Unprocessed data - either data that was not block aligned and is still
61 * pending processing, or the final block. */
62 unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
63
64 /** The length of data pending processing. */
65 size_t unprocessed_len;
66};
67
68#else /* !MBEDTLS_CMAC_ALT */
69#include "cmac_alt.h"
70#endif /* !MBEDTLS_CMAC_ALT */
71
72/**
73 * \brief This function sets the CMAC key, and prepares to authenticate
74 * the input data.
75 * Must be called with an initialized cipher context.
76 *
77 * \param ctx The cipher context used for the CMAC operation, initialized
78 * as one of the following types: MBEDTLS_CIPHER_AES_128_ECB,
79 * MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB,
80 * or MBEDTLS_CIPHER_DES_EDE3_ECB.
81 * \param key The CMAC key.
82 * \param keybits The length of the CMAC key in bits.
83 * Must be supported by the cipher.
84 *
85 * \return \c 0 on success.
86 * \return A cipher-specific error code on failure.
87 */
88int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
89 const unsigned char *key, size_t keybits );
90
91/**
92 * \brief This function feeds an input buffer into an ongoing CMAC
93 * computation.
94 *
95 * It is called between mbedtls_cipher_cmac_starts() or
96 * mbedtls_cipher_cmac_reset(), and mbedtls_cipher_cmac_finish().
97 * Can be called repeatedly.
98 *
99 * \param ctx The cipher context used for the CMAC operation.
100 * \param input The buffer holding the input data.
101 * \param ilen The length of the input data.
102 *
103 * \return \c 0 on success.
104 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
105 * if parameter verification fails.
106 */
107int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
108 const unsigned char *input, size_t ilen );
109
110/**
111 * \brief This function finishes the CMAC operation, and writes
112 * the result to the output buffer.
113 *
114 * It is called after mbedtls_cipher_cmac_update().
115 * It can be followed by mbedtls_cipher_cmac_reset() and
116 * mbedtls_cipher_cmac_update(), or mbedtls_cipher_free().
117 *
118 * \param ctx The cipher context used for the CMAC operation.
119 * \param output The output buffer for the CMAC checksum result.
120 *
121 * \return \c 0 on success.
122 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
123 * if parameter verification fails.
124 */
125int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
126 unsigned char *output );
127
128/**
129 * \brief This function prepares the authentication of another
130 * message with the same key as the previous CMAC
131 * operation.
132 *
133 * It is called after mbedtls_cipher_cmac_finish()
134 * and before mbedtls_cipher_cmac_update().
135 *
136 * \param ctx The cipher context used for the CMAC operation.
137 *
138 * \return \c 0 on success.
139 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
140 * if parameter verification fails.
141 */
142int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
143
144/**
145 * \brief This function calculates the full generic CMAC
146 * on the input buffer with the provided key.
147 *
148 * The function allocates the context, performs the
149 * calculation, and frees the context.
150 *
151 * The CMAC result is calculated as
152 * output = generic CMAC(cmac key, input buffer).
153 *
154 *
155 * \param cipher_info The cipher information.
156 * \param key The CMAC key.
157 * \param keylen The length of the CMAC key in bits.
158 * \param input The buffer holding the input data.
159 * \param ilen The length of the input data.
160 * \param output The buffer for the generic CMAC result.
161 *
162 * \return \c 0 on success.
163 * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA
164 * if parameter verification fails.
165 */
166int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
167 const unsigned char *key, size_t keylen,
168 const unsigned char *input, size_t ilen,
169 unsigned char *output );
170
171#if defined(MBEDTLS_AES_C)
172/**
173 * \brief This function implements the AES-CMAC-PRF-128 pseudorandom
174 * function, as defined in
175 * <em>RFC-4615: The Advanced Encryption Standard-Cipher-based
176 * Message Authentication Code-Pseudo-Random Function-128
177 * (AES-CMAC-PRF-128) Algorithm for the Internet Key
178 * Exchange Protocol (IKE).</em>
179 *
180 * \param key The key to use.
181 * \param key_len The key length in Bytes.
182 * \param input The buffer holding the input data.
183 * \param in_len The length of the input data in Bytes.
184 * \param output The buffer holding the generated 16 Bytes of
185 * pseudorandom output.
186 *
187 * \return \c 0 on success.
188 */
189int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
190 const unsigned char *input, size_t in_len,
191 unsigned char output[16] );
192#endif /* MBEDTLS_AES_C */
193
194#if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
195/**
196 * \brief The CMAC checkup routine.
197 *
198 * \return \c 0 on success.
199 * \return \c 1 on failure.
200 */
201int mbedtls_cmac_self_test( int verbose );
202#endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
203
204#ifdef __cplusplus
205}
206#endif
207
208#endif /* MBEDTLS_CMAC_H */
Impressum, Datenschutz