4 * \brief Cipher-based Message Authentication Code (CMAC) Mode for
7 * Copyright (C) 2015-2016, ARM Limited, All Rights Reserved
8 * SPDX-License-Identifier: GPL-2.0
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 * This file is part of mbed TLS (https://tls.mbed.org)
26 #ifndef MBEDTLS_CMAC_H
27 #define MBEDTLS_CMAC_H
29 #include "mbedtls/cipher.h"
35 #define MBEDTLS_AES_BLOCK_SIZE 16
36 #define MBEDTLS_DES3_BLOCK_SIZE 8
38 #if defined(MBEDTLS_AES_C)
39 #define MBEDTLS_CIPHER_BLKSIZE_MAX 16 /* longest used by CMAC is AES */
41 #define MBEDTLS_CIPHER_BLKSIZE_MAX 8 /* longest used by CMAC is 3DES */
45 * CMAC context structure - Contains internal state information only
47 struct mbedtls_cmac_context_t
49 /** Internal state of the CMAC algorithm */
50 unsigned char state
[MBEDTLS_CIPHER_BLKSIZE_MAX
];
52 /** Unprocessed data - either data that was not block aligned and is still
53 * pending to be processed, or the final block */
54 unsigned char unprocessed_block
[MBEDTLS_CIPHER_BLKSIZE_MAX
];
56 /** Length of data pending to be processed */
57 size_t unprocessed_len
;
61 * \brief Set the CMAC key and prepare to authenticate the input
63 * Should be called with an initialised cipher context.
65 * \param ctx Cipher context
67 * \param keybits length of the CMAC key in bits
68 * (must be acceptable by the cipher)
70 * \return 0 if successful, or a cipher specific error code
72 int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t
*ctx
,
73 const unsigned char *key
, size_t keybits
);
76 * \brief Generic CMAC process buffer.
77 * Called between mbedtls_cipher_cmac_starts() or
78 * mbedtls_cipher_cmac_reset() and
79 * mbedtls_cipher_cmac_finish().
80 * May be called repeatedly.
82 * \param ctx CMAC context
83 * \param input buffer holding the data
84 * \param ilen length of the input data
86 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
89 int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t
*ctx
,
90 const unsigned char *input
, size_t ilen
);
94 * Called after mbedtls_cipher_cmac_update().
95 * Usually followed by mbedtls_cipher_cmac_reset(), then
96 * mbedtls_cipher_cmac_starts(), or mbedtls_cipher_free().
98 * \param ctx CMAC context
99 * \param output Generic CMAC checksum result
101 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
102 * verification fails.
104 int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t
*ctx
,
105 unsigned char *output
);
108 * \brief Prepare to authenticate a new message with the same key.
109 * Called after mbedtls_cipher_cmac_finish() and before
110 * mbedtls_cipher_cmac_update().
112 * \param ctx CMAC context to be reset
114 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
115 * verification fails.
117 int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t
*ctx
);
120 * \brief Output = Generic_CMAC( hmac key, input buffer )
122 * \param cipher_info message digest info
123 * \param key CMAC key
124 * \param keylen length of the CMAC key in bits
125 * \param input buffer holding the data
126 * \param ilen length of the input data
127 * \param output Generic CMAC-result
129 * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
130 * verification fails.
132 int mbedtls_cipher_cmac( const mbedtls_cipher_info_t
*cipher_info
,
133 const unsigned char *key
, size_t keylen
,
134 const unsigned char *input
, size_t ilen
,
135 unsigned char *output
);
137 #if defined(MBEDTLS_AES_C)
139 * \brief AES-CMAC-128-PRF
140 * Implementation of (AES-CMAC-PRF-128), as defined in RFC 4615
143 * \param key_len PRF key length in bytes
144 * \param input buffer holding the input data
145 * \param in_len length of the input data in bytes
146 * \param output buffer holding the generated pseudorandom output (16 bytes)
148 * \return 0 if successful
150 int mbedtls_aes_cmac_prf_128( const unsigned char *key
, size_t key_len
,
151 const unsigned char *input
, size_t in_len
,
152 unsigned char output
[16] );
153 #endif /* MBEDTLS_AES_C */
155 #if defined(MBEDTLS_SELF_TEST) && ( defined(MBEDTLS_AES_C) || defined(MBEDTLS_DES_C) )
157 * \brief Checkup routine
159 * \return 0 if successful, or 1 if the test failed
161 int mbedtls_cmac_self_test( int verbose
);
162 #endif /* MBEDTLS_SELF_TEST && ( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
168 #endif /* MBEDTLS_CMAC_H */