This file contains CMAC definitions and functions. More...

#include "config.h"
#include "cipher.h"

Include dependency graph for cmac.h:

Classes
struct	mbedtls_cmac_context_t

Macros
#define	MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A

#define	MBEDTLS_AES_BLOCK_SIZE 16

#define	MBEDTLS_DES3_BLOCK_SIZE 8

#define	MBEDTLS_CIPHER_BLKSIZE_MAX 16

Functions
int	mbedtls_cipher_cmac_starts (mbedtls_cipher_context_t ctx, const unsigned char key, size_t keybits)
	This function sets the CMAC key, and prepares to authenticate the input data. Must be called with an initialized cipher context.

int	mbedtls_cipher_cmac_update (mbedtls_cipher_context_t ctx, const unsigned char input, size_t ilen)
	This function feeds an input buffer into an ongoing CMAC computation.

int	mbedtls_cipher_cmac_finish (mbedtls_cipher_context_t ctx, unsigned char output)
	This function finishes the CMAC operation, and writes the result to the output buffer.

int	mbedtls_cipher_cmac_reset (mbedtls_cipher_context_t *ctx)
	This function prepares the authentication of another message with the same key as the previous CMAC operation.

int	mbedtls_cipher_cmac (const mbedtls_cipher_info_t cipher_info, const unsigned char key, size_t keylen, const unsigned char input, size_t ilen, unsigned char output)
	This function calculates the full generic CMAC on the input buffer with the provided key.

int	mbedtls_aes_cmac_prf_128 (const unsigned char key, size_t key_len, const unsigned char input, size_t in_len, unsigned char output[16])
	This function implements the AES-CMAC-PRF-128 pseudorandom function, as defined in RFC-4615: The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE).

Detailed Description

This file contains CMAC definitions and functions.

The Cipher-based Message Authentication Code (CMAC) Mode for Authentication is defined in RFC-4493: The AES-CMAC Algorithm.

Definition in file cmac.h.

Macro Definition Documentation

◆ MBEDTLS_AES_BLOCK_SIZE

#define MBEDTLS_AES_BLOCK_SIZE 16

Definition at line 71 of file cmac.h.

◆ MBEDTLS_CIPHER_BLKSIZE_MAX

#define MBEDTLS_CIPHER_BLKSIZE_MAX 16

The longest block used by CMAC is that of AES.

Definition at line 75 of file cmac.h.

◆ MBEDTLS_DES3_BLOCK_SIZE

#define MBEDTLS_DES3_BLOCK_SIZE 8

Definition at line 72 of file cmac.h.

◆ MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED

#define MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED -0x007A

CMAC hardware accelerator failed.

Definition at line 69 of file cmac.h.

Function Documentation

◆ mbedtls_aes_cmac_prf_128()

int mbedtls_aes_cmac_prf_128	(	const unsigned char *	key,
		size_t	key_len,
		const unsigned char *	input,
		size_t	in_len,
		unsigned char	output[16]
	)

This function implements the AES-CMAC-PRF-128 pseudorandom function, as defined in RFC-4615: The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE).

Parameters

key	The key to use.
key_len	The key length in Bytes.
input	The buffer holding the input data.
in_len	The length of the input data in Bytes.
output	The buffer holding the generated 16 Bytes of pseudorandom output.

Returns: 0 on success.

◆ mbedtls_cipher_cmac()

int mbedtls_cipher_cmac	(	const mbedtls_cipher_info_t *	cipher_info,
		const unsigned char *	key,
		size_t	keylen,
		const unsigned char *	input,
		size_t	ilen,
		unsigned char *	output
	)

This function calculates the full generic CMAC on the input buffer with the provided key.

The function allocates the context, performs the calculation, and frees the context.

The CMAC result is calculated as output = generic CMAC(cmac key, input buffer).

Parameters

cipher_info	The cipher information.
key	The CMAC key.
keylen	The length of the CMAC key in bits.
input	The buffer holding the input data.
ilen	The length of the input data.
output	The buffer for the generic CMAC result.

Returns: 0 on success.; MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter verification fails.

◆ mbedtls_cipher_cmac_finish()

int mbedtls_cipher_cmac_finish	(	mbedtls_cipher_context_t *	ctx,
		unsigned char *	output
	)

This function finishes the CMAC operation, and writes the result to the output buffer.

It is called after mbedtls_cipher_cmac_update(). It can be followed by mbedtls_cipher_cmac_reset() and mbedtls_cipher_cmac_update(), or mbedtls_cipher_free().

Parameters

ctx	The cipher context used for the CMAC operation.
output	The output buffer for the CMAC checksum result.

Returns: 0 on success.; MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter verification fails.

◆ mbedtls_cipher_cmac_reset()

int mbedtls_cipher_cmac_reset ( mbedtls_cipher_context_t * ctx )

This function prepares the authentication of another message with the same key as the previous CMAC operation.

It is called after mbedtls_cipher_cmac_finish() and before mbedtls_cipher_cmac_update().

Parameters

ctx	The cipher context used for the CMAC operation.

Returns: 0 on success.; MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter verification fails.

◆ mbedtls_cipher_cmac_starts()

int mbedtls_cipher_cmac_starts	(	mbedtls_cipher_context_t *	ctx,
		const unsigned char *	key,
		size_t	keybits
	)

This function sets the CMAC key, and prepares to authenticate the input data. Must be called with an initialized cipher context.

Parameters

ctx	The cipher context used for the CMAC operation, initialized as one of the following types: MBEDTLS_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_256_ECB, or MBEDTLS_CIPHER_DES_EDE3_ECB.
key	The CMAC key.
keybits	The length of the CMAC key in bits. Must be supported by the cipher.

Returns: 0 on success.; A cipher-specific error code on failure.

◆ mbedtls_cipher_cmac_update()

int mbedtls_cipher_cmac_update	(	mbedtls_cipher_context_t *	ctx,
		const unsigned char *	input,
		size_t	ilen
	)

This function feeds an input buffer into an ongoing CMAC computation.

It is called between mbedtls_cipher_cmac_starts() or mbedtls_cipher_cmac_reset(), and mbedtls_cipher_cmac_finish(). Can be called repeatedly.

Parameters

ctx	The cipher context used for the CMAC operation.
input	The buffer holding the input data.
ilen	The length of the input data.

Returns: 0 on success.; MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter verification fails.

Classes

Macros

Functions

Detailed Description

Macro Definition Documentation

◆ MBEDTLS_AES_BLOCK_SIZE

◆ MBEDTLS_CIPHER_BLKSIZE_MAX

◆ MBEDTLS_DES3_BLOCK_SIZE

◆ MBEDTLS_ERR_CMAC_HW_ACCEL_FAILED

Function Documentation

◆ mbedtls_aes_cmac_prf_128()

◆ mbedtls_cipher_cmac()

◆ mbedtls_cipher_cmac_finish()

◆ mbedtls_cipher_cmac_reset()

◆ mbedtls_cipher_cmac_starts()

◆ mbedtls_cipher_cmac_update()