1 /** 2 * \file cmac.h 3 * 4 * \brief Cipher-based Message Authentication Code (CMAC) Mode for 5 * Authentication 6 * 7 * Copyright (C) 2015-2016, ARM Limited, All Rights Reserved 8 * SPDX-License-Identifier: Apache-2.0 9 * 10 * Licensed under the Apache License, Version 2.0 (the "License"); you may 11 * not use this file except in compliance with the License. 12 * You may obtain a copy of the License at 13 * 14 * http://www.apache.org/licenses/LICENSE-2.0 15 * 16 * Unless required by applicable law or agreed to in writing, software 17 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 18 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 * See the License for the specific language governing permissions and 20 * limitations under the License. 21 * 22 * This file is part of mbed TLS (https://tls.mbed.org) 23 */ 24 #ifndef MBEDTLS_CMAC_H 25 #define MBEDTLS_CMAC_H 26 27 #include "mbedtls/cipher.h" 28 29 #ifdef __cplusplus 30 extern "C" { 31 #endif 32 33 #define MBEDTLS_AES_BLOCK_SIZE 16 34 #define MBEDTLS_DES3_BLOCK_SIZE 8 35 36 #if defined(MBEDTLS_AES_C) 37 #define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /* longest used by CMAC is AES */ 38 #else 39 #define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /* longest used by CMAC is 3DES */ 40 #endif 41 42 /** 43 * CMAC context structure - Contains internal state information only 44 */ 45 struct mbedtls_cmac_context_t 46 { 47 /** Internal state of the CMAC algorithm */ 48 unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX]; 49 50 /** Unprocessed data - either data that was not block aligned and is still 51 * pending to be processed, or the final block */ 52 unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX]; 53 54 /** Length of data pending to be processed */ 55 size_t unprocessed_len; 56 }; 57 58 /** 59 * \brief Set the CMAC key and prepare to authenticate the input 60 * data. 61 * Should be called with an initialised cipher context. 62 * 63 * \param ctx Cipher context 64 * \param key CMAC key 65 * \param keybits length of the CMAC key in bits 66 * (must be acceptable by the cipher) 67 * 68 * \return 0 if successful, or a cipher specific error code 69 */ 70 int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx, 71 const unsigned char *key, size_t keybits ); 72 73 /** 74 * \brief Generic CMAC process buffer. 75 * Called between mbedtls_cipher_cmac_starts() or 76 * mbedtls_cipher_cmac_reset() and 77 * mbedtls_cipher_cmac_finish(). 78 * May be called repeatedly. 79 * 80 * \param ctx CMAC context 81 * \param input buffer holding the data 82 * \param ilen length of the input data 83 * 84 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter 85 * verification fails. 86 */ 87 int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx, 88 const unsigned char *input, size_t ilen ); 89 90 /** 91 * \brief Output CMAC. 92 * Called after mbedtls_cipher_cmac_update(). 93 * Usually followed by mbedtls_cipher_cmac_reset(), then 94 * mbedtls_cipher_cmac_starts(), or mbedtls_cipher_free(). 95 * 96 * \param ctx CMAC context 97 * \param output Generic CMAC checksum result 98 * 99 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter 100 * verification fails. 101 */ 102 int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx, 103 unsigned char *output ); 104 105 /** 106 * \brief Prepare to authenticate a new message with the same key. 107 * Called after mbedtls_cipher_cmac_finish() and before 108 * mbedtls_cipher_cmac_update(). 109 * 110 * \param ctx CMAC context to be reset 111 * 112 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter 113 * verification fails. 114 */ 115 int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx ); 116 117 /** 118 * \brief Output = Generic_CMAC( hmac key, input buffer ) 119 * 120 * \param cipher_info message digest info 121 * \param key CMAC key 122 * \param keylen length of the CMAC key in bits 123 * \param input buffer holding the data 124 * \param ilen length of the input data 125 * \param output Generic CMAC-result 126 * 127 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter 128 * verification fails. 129 */ 130 int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info, 131 const unsigned char *key, size_t keylen, 132 const unsigned char *input, size_t ilen, 133 unsigned char *output ); 134 135 #if defined(MBEDTLS_AES_C) 136 /** 137 * \brief AES-CMAC-128-PRF 138 * Implementation of (AES-CMAC-PRF-128), as defined in RFC 4615 139 * 140 * \param key PRF key 141 * \param key_len PRF key length in bytes 142 * \param input buffer holding the input data 143 * \param in_len length of the input data in bytes 144 * \param output buffer holding the generated pseudorandom output (16 bytes) 145 * 146 * \return 0 if successful 147 */ 148 int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len, 149 const unsigned char *input, size_t in_len, 150 unsigned char output[16] ); 151 #endif /* MBEDTLS_AES_C */ 152 153 #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) ) 154 /** 155 * \brief Checkup routine 156 * 157 * \return 0 if successful, or 1 if the test failed 158 */ 159 int mbedtls_cmac_self_test( int verbose ); 160 #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */ 161 162 #ifdef __cplusplus 163 } 164 #endif 165 166 #endif /* MBEDTLS_CMAC_H */ 167
