projects / reactos.git / blob
? search:


5f92b9fea865a69dea60c4392558b1eb47653556
[reactos.git] / reactos / sdk / include / reactos / libs / mbedtls / cmac.h
1 /**
2 * \file cmac.h
3 *
4 * \brief Cipher-based Message Authentication Code (CMAC) Mode for
5 * Authentication
6 *
7 * Copyright (C) 2015-2016, ARM Limited, All Rights Reserved
8 * SPDX-License-Identifier: GPL-2.0
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 *
24 * This file is part of mbed TLS (https://tls.mbed.org)
25 */
26 #ifndef MBEDTLS_CMAC_H
27 #define MBEDTLS_CMAC_H
28
29 #include "mbedtls/cipher.h"
30
31 #ifdef __cplusplus
32 extern "C" {
33 #endif
34
35 #define MBEDTLS_AES_BLOCK_SIZE 16
36 #define MBEDTLS_DES3_BLOCK_SIZE 8
37
38 #if defined(MBEDTLS_AES_C)
39 #define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /* longest used by CMAC is AES */
40 #else
41 #define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /* longest used by CMAC is 3DES */
42 #endif
43
44 /**
45 * CMAC context structure - Contains internal state information only
46 */
47 struct mbedtls_cmac_context_t
48 {
49 /** Internal state of the CMAC algorithm */
50 unsigned char state[MBEDTLS_CIPHER_BLKSIZE_MAX];
51
52 /** Unprocessed data - either data that was not block aligned and is still
53 * pending to be processed, or the final block */
54 unsigned char unprocessed_block[MBEDTLS_CIPHER_BLKSIZE_MAX];
55
56 /** Length of data pending to be processed */
57 size_t unprocessed_len;
58 };
59
60 /**
61 * \brief Set the CMAC key and prepare to authenticate the input
62 * data.
63 * Should be called with an initialised cipher context.
64 *
65 * \param ctx Cipher context
66 * \param key CMAC key
67 * \param keybits length of the CMAC key in bits
68 * (must be acceptable by the cipher)
69 *
70 * \return 0 if successful, or a cipher specific error code
71 */
72 int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
73 const unsigned char *key, size_t keybits );
74
75 /**
76 * \brief Generic CMAC process buffer.
77 * Called between mbedtls_cipher_cmac_starts() or
78 * mbedtls_cipher_cmac_reset() and
79 * mbedtls_cipher_cmac_finish().
80 * May be called repeatedly.
81 *
82 * \param ctx CMAC context
83 * \param input buffer holding the data
84 * \param ilen length of the input data
85 *
86 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
87 * verification fails.
88 */
89 int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
90 const unsigned char *input, size_t ilen );
91
92 /**
93 * \brief Output CMAC.
94 * Called after mbedtls_cipher_cmac_update().
95 * Usually followed by mbedtls_cipher_cmac_reset(), then
96 * mbedtls_cipher_cmac_starts(), or mbedtls_cipher_free().
97 *
98 * \param ctx CMAC context
99 * \param output Generic CMAC checksum result
100 *
101 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
102 * verification fails.
103 */
104 int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
105 unsigned char *output );
106
107 /**
108 * \brief Prepare to authenticate a new message with the same key.
109 * Called after mbedtls_cipher_cmac_finish() and before
110 * mbedtls_cipher_cmac_update().
111 *
112 * \param ctx CMAC context to be reset
113 *
114 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
115 * verification fails.
116 */
117 int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
118
119 /**
120 * \brief Output = Generic_CMAC( hmac key, input buffer )
121 *
122 * \param cipher_info message digest info
123 * \param key CMAC key
124 * \param keylen length of the CMAC key in bits
125 * \param input buffer holding the data
126 * \param ilen length of the input data
127 * \param output Generic CMAC-result
128 *
129 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
130 * verification fails.
131 */
132 int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
133 const unsigned char *key, size_t keylen,
134 const unsigned char *input, size_t ilen,
135 unsigned char *output );
136
137 #if defined(MBEDTLS_AES_C)
138 /**
139 * \brief AES-CMAC-128-PRF
140 * Implementation of (AES-CMAC-PRF-128), as defined in RFC 4615
141 *
142 * \param key PRF key
143 * \param key_len PRF key length in bytes
144 * \param input buffer holding the input data
145 * \param in_len length of the input data in bytes
146 * \param output buffer holding the generated pseudorandom output (16 bytes)
147 *
148 * \return 0 if successful
149 */
150 int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
151 const unsigned char *input, size_t in_len,
152 unsigned char output[16] );
153 #endif /* MBEDTLS_AES_C */
154
155 #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
156 /**
157 * \brief Checkup routine
158 *
159 * \return 0 if successful, or 1 if the test failed
160 */
161 int mbedtls_cmac_self_test( int verbose );
162 #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
163
164 #ifdef __cplusplus
165 }
166 #endif
167
168 #endif /* MBEDTLS_CMAC_H */
A free Windows-compatible Operating System