4 * \brief Counter with CBC-MAC (CCM) for 128-bit block ciphers
6 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
7 * SPDX-License-Identifier: Apache-2.0
9 * Licensed under the Apache License, Version 2.0 (the "License"); you may
10 * not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * This file is part of mbed TLS (https://tls.mbed.org)
28 #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */
29 #define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
36 * \brief CCM context structure
39 mbedtls_cipher_context_t cipher_ctx; /*!< cipher context used */
44 * \brief Initialize CCM context (just makes references valid)
45 * Makes the context ready for mbedtls_ccm_setkey() or
48 * \param ctx CCM context to initialize
50 void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
53 * \brief CCM initialization (encryption and decryption)
55 * \param ctx CCM context to be initialized
56 * \param cipher cipher to use (a 128-bit block cipher)
57 * \param key encryption key
58 * \param keybits key size in bits (must be acceptable by the cipher)
60 * \return 0 if successful, or a cipher specific error code
62 int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
63 mbedtls_cipher_id_t cipher,
64 const unsigned char *key,
65 unsigned int keybits );
68 * \brief Free a CCM context and underlying cipher sub-context
70 * \param ctx CCM context to free
72 void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
75 * \brief CCM buffer encryption
77 * \param ctx CCM context
78 * \param length length of the input data in bytes
79 * \param iv nonce (initialization vector)
80 * \param iv_len length of IV in bytes
81 * must be 2, 3, 4, 5, 6, 7 or 8
82 * \param add additional data
83 * \param add_len length of additional data in bytes
84 * must be less than 2^16 - 2^8
85 * \param input buffer holding the input data
86 * \param output buffer for holding the output data
87 * must be at least 'length' bytes wide
88 * \param tag buffer for holding the tag
89 * \param tag_len length of the tag to generate in bytes
90 * must be 4, 6, 8, 10, 14 or 16
92 * \note The tag is written to a separate buffer. To get the tag
93 * concatenated with the output as in the CCM spec, use
94 * tag = output + length and make sure the output buffer is
95 * at least length + tag_len wide.
97 * \return 0 if successful
99 int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
100 const unsigned char *iv, size_t iv_len,
101 const unsigned char *add, size_t add_len,
102 const unsigned char *input, unsigned char *output,
103 unsigned char *tag, size_t tag_len );
106 * \brief CCM buffer authenticated decryption
108 * \param ctx CCM context
109 * \param length length of the input data
110 * \param iv initialization vector
111 * \param iv_len length of IV
112 * \param add additional data
113 * \param add_len length of additional data
114 * \param input buffer holding the input data
115 * \param output buffer for holding the output data
116 * \param tag buffer holding the tag
117 * \param tag_len length of the tag
119 * \return 0 if successful and authenticated,
120 * MBEDTLS_ERR_CCM_AUTH_FAILED if tag does not match
122 int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
123 const unsigned char *iv, size_t iv_len,
124 const unsigned char *add, size_t add_len,
125 const unsigned char *input, unsigned char *output,
126 const unsigned char *tag, size_t tag_len );
128 #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
130 * \brief Checkup routine
132 * \return 0 if successful, or 1 if the test failed
134 int mbedtls_ccm_self_test( int verbose );
135 #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
141 #endif /* MBEDTLS_CCM_H */