1 /* dtls -- a very basic DTLS implementation
3 * Copyright (C) 2011--2012 Olaf Bergmann <bergmann@tzi.org>
5 * Permission is hereby granted, free of charge, to any person
6 * obtaining a copy of this software and associated documentation
7 * files (the "Software"), to deal in the Software without
8 * restriction, including without limitation the rights to use, copy,
9 * modify, merge, publish, distribute, sublicense, and/or sell copies
10 * of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be
14 * included in all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
20 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
21 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
22 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
29 #include "aes/rijndael.h"
31 /* implementation of Counter Mode CBC-MAC, RFC 3610 */
33 #define DTLS_CCM_BLOCKSIZE 16 /**< size of hmac blocks */
34 #define DTLS_CCM_MAX 16 /**< max number of bytes in digest */
35 #define DTLS_CCM_NONCE_SIZE 12 /**< size of nonce */
38 * Authenticates and encrypts a message using AES in CCM mode. Please
39 * see also RFC 3610 for the meaning of \p M, \p L, \p lm and \p la.
41 * \param ctx The initialized rijndael_ctx object to be used for AES operations.
42 * \param M The number of authentication octets.
43 * \param L The number of bytes used to encode the message length.
44 * \param N The nonce value to use. You must provide \c DTLS_CCM_BLOCKSIZE
45 * nonce octets, although only the first \c 16 - \p L are used.
46 * \param msg The message to encrypt. The first \p la octets are additional
47 * authentication data that will be cleartext. Note that the
48 * encryption operation modifies the contents of \p msg and adds
49 * \p M bytes MAC. Therefore, the buffer must be at least
50 * \p lm + \p M bytes large.
51 * \param lm The actual length of \p msg.
52 * \param aad A pointer to the additional authentication data (can be \c NULL if
54 * \param la The number of additional authentication octets (may be zero).
58 dtls_ccm_encrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
59 unsigned char nonce[DTLS_CCM_BLOCKSIZE],
60 unsigned char *msg, size_t lm,
61 const unsigned char *aad, size_t la);
64 dtls_ccm_decrypt_message(rijndael_ctx *ctx, size_t M, size_t L,
65 unsigned char nonce[DTLS_CCM_BLOCKSIZE],
66 unsigned char *msg, size_t lm,
67 const unsigned char *aad, size_t la);
69 #endif /* _DTLS_CCM_H_ */