Documentation

Documentation

Includes

config.h

#include "config.h"
#include "config.h"

MBEDTLS_CONFIG_FILE

#include MBEDTLS_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE

cipher.h

#include "cipher.h"
#include "cipher.h"

cmac_alt.h

#include "cmac_alt.h"
#include "cmac_alt.h"

Macros

Marco MBEDTLS_CMAC_H

#define MBEDTLS_CMAC_H


      

Marco MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED

#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -7A /**< CMAC hardware accelerator failed. */
/* MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED is deprecated and should not be used. */

Marco MBEDTLS_AES_BLOCK_SIZE

#define MBEDTLS_AES_BLOCK_SIZE         16


      

Marco MBEDTLS_DES3_BLOCK_SIZE

#define MBEDTLS_DES3_BLOCK_SIZE        8


      

Marco MBEDTLS_CIPHER_BLKSIZE_MAX

#define MBEDTLS_CIPHER_BLKSIZE_MAX     16 /**< The longest block used by CMAC is that of AES. */


      

Marco MBEDTLS_CIPHER_BLKSIZE_MAX

#define MBEDTLS_CIPHER_BLKSIZE_MAX     8  /**< The longest block used by CMAC is that of 3DES. */

      

Functions

Func mbedtls_cipher_cmac_starts

int mbedtls_cipher_cmac_starts( mbedtls_cipher_context_t *ctx,
                               const unsigned char *key, size_t keybits );
/**
 * \brief               This function sets the CMAC key, and prepares to authenticate
 *                      the input data.
 *                      Must be called with an initialized cipher context.
 *
 * \param ctx           The cipher context used for the CMAC operation, initialized
 *                      as one of the following types: MBEDTLS_CIPHER_AES_128_ECB,
 *                      MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB,
 *                      or MBEDTLS_CIPHER_DES_EDE3_ECB.
 * \param key           The CMAC key.
 * \param keybits       The length of the CMAC key in bits.
 *                      Must be supported by the cipher.
 *
 * \return              \c 0 on success.
 * \return              A cipher-specific error code on failure.
 */

Func mbedtls_cipher_cmac_update

int mbedtls_cipher_cmac_update( mbedtls_cipher_context_t *ctx,
                               const unsigned char *input, size_t ilen );
/**
 * \brief               This function feeds an input buffer into an ongoing CMAC
 *                      computation.
 *
 *                      It is called between mbedtls_cipher_cmac_starts() or
 *                      mbedtls_cipher_cmac_reset(), and mbedtls_cipher_cmac_finish().
 *                      Can be called repeatedly.
 *
 * \param ctx           The cipher context used for the CMAC operation.
 * \param input         The buffer holding the input data.
 * \param ilen          The length of the input data.
 *
 * \return             \c 0 on success.
 * \return             #MBEDTLS_ERR_MD_BAD_INPUT_DATA
 *                     if parameter verification fails.
 */

Func mbedtls_cipher_cmac_finish

int mbedtls_cipher_cmac_finish( mbedtls_cipher_context_t *ctx,
                               unsigned char *output );
/**
 * \brief               This function finishes the CMAC operation, and writes
 *                      the result to the output buffer.
 *
 *                      It is called after mbedtls_cipher_cmac_update().
 *                      It can be followed by mbedtls_cipher_cmac_reset() and
 *                      mbedtls_cipher_cmac_update(), or mbedtls_cipher_free().
 *
 * \param ctx           The cipher context used for the CMAC operation.
 * \param output        The output buffer for the CMAC checksum result.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
 *                      if parameter verification fails.
 */

Func mbedtls_cipher_cmac_reset

int mbedtls_cipher_cmac_reset( mbedtls_cipher_context_t *ctx );
/**
 * \brief               This function prepares the authentication of another
 *                      message with the same key as the previous CMAC
 *                      operation.
 *
 *                      It is called after mbedtls_cipher_cmac_finish()
 *                      and before mbedtls_cipher_cmac_update().
 *
 * \param ctx           The cipher context used for the CMAC operation.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
 *                      if parameter verification fails.
 */

Func mbedtls_cipher_cmac

int mbedtls_cipher_cmac( const mbedtls_cipher_info_t *cipher_info,
                        const unsigned char *key, size_t keylen,
                        const unsigned char *input, size_t ilen,
                        unsigned char *output );
/**
 * \brief               This function calculates the full generic CMAC
 *                      on the input buffer with the provided key.
 *
 *                      The function allocates the context, performs the
 *                      calculation, and frees the context.
 *
 *                      The CMAC result is calculated as
 *                      output = generic CMAC(cmac key, input buffer).
 *
 *
 * \param cipher_info   The cipher information.
 * \param key           The CMAC key.
 * \param keylen        The length of the CMAC key in bits.
 * \param input         The buffer holding the input data.
 * \param ilen          The length of the input data.
 * \param output        The buffer for the generic CMAC result.
 *
 * \return              \c 0 on success.
 * \return              #MBEDTLS_ERR_MD_BAD_INPUT_DATA
 *                      if parameter verification fails.
 */

Func mbedtls_aes_cmac_prf_128

int mbedtls_aes_cmac_prf_128( const unsigned char *key, size_t key_len,
                             const unsigned char *input, size_t in_len,
                             unsigned char output[16] );
/**
 * \brief           This function implements the AES-CMAC-PRF-128 pseudorandom
 *                  function, as defined in
 *                  RFC-4615: The Advanced Encryption Standard-Cipher-based
 *                  Message Authentication Code-Pseudo-Random Function-128
 *                  (AES-CMAC-PRF-128) Algorithm for the Internet Key
 *                  Exchange Protocol (IKE).
 *
 * \param key       The key to use.
 * \param key_len   The key length in Bytes.
 * \param input     The buffer holding the input data.
 * \param in_len    The length of the input data in Bytes.
 * \param output    The buffer holding the generated 16 Bytes of
 *                  pseudorandom output.
 *
 * \return          \c 0 on success.
 */

Func mbedtls_cmac_self_test

int mbedtls_cmac_self_test( int verbose );
/**
 * \brief          The CMAC checkup routine.
 *
 * \return         \c 0 on success.
 * \return         \c 1 on failure.
 */

Vars

Consts

Types

Typedefs