EXTERNAL_HEADERS/corecrypto/cccmac.h

   1 /* Copyright (c) (2013,2014,2015,2016,2017,2019) Apple Inc. All rights reserved.
   2  *
   3  * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which
   4  * is contained in the License.txt file distributed with corecrypto) and only to
   5  * people who accept that license. IMPORTANT:  Any license rights granted to you by
   6  * Apple Inc. (if any) are limited to internal use within your organization only on
   7  * devices and computers you own or control, for the sole purpose of verifying the
   8  * security characteristics and correct functioning of the Apple Software.  You may
   9  * not, directly or indirectly, redistribute the Apple Software or any portions thereof.
  10  */
  11
  12 #ifndef _CORECRYPTO_cccmac_H_
  13 #define _CORECRYPTO_cccmac_H_
  14
  15 #include <corecrypto/cc.h>
  16 #include <corecrypto/ccmode.h>
  17 #include <corecrypto/ccaes.h>
  18
  19 #define CMAC_BLOCKSIZE   16
  20
  21 struct cccmac_ctx {
  22     uint8_t k1[CMAC_BLOCKSIZE];
  23     uint8_t k2[CMAC_BLOCKSIZE];
  24     uint8_t block[CMAC_BLOCKSIZE];
  25     size_t  block_nbytes; // Number of byte occupied in block
  26     size_t  cumulated_nbytes;  // Total size processed
  27     const struct ccmode_cbc *cbc;
  28     uint8_t ctx[1];
  29 } CC_ALIGNED(8);// cccmac_ctx_hdr;
  30
  31 typedef struct cccmac_ctx* cccmac_ctx_t;
  32
  33 #define cccmac_hdr_size sizeof(struct cccmac_ctx)
  34
  35
  36 #define cccmac_iv_size(_mode_)  ((_mode_)->block_size)
  37 #define cccmac_cbc_size(_mode_) ((_mode_)->size)
  38
  39 #define cccmac_ctx_size(_mode_) (cccmac_hdr_size + cccmac_iv_size(_mode_) + cccmac_cbc_size(_mode_))
  40 #define cccmac_ctx_n(_mode_)  ccn_nof_size(cccmac_ctx_size(_mode_))
  41
  42 #define cccmac_mode_decl(_mode_, _name_) cc_ctx_decl(struct cccmac_ctx, cccmac_ctx_size(_mode_), _name_)
  43 #define cccmac_mode_clear(_mode_, _name_) cc_clear(cccmac_ctx_size(_mode_), _name_)
  44
  45 /* Return a cccbc_ctx * which can be accesed with the macros in ccmode.h */
  46 #define cccmac_mode_ctx_start(_mode_, HC)    (HC->ctx)
  47 #define CCCMAC_HDR(HC)      (HC)
  48
  49 #define cccmac_mode_sym_ctx(_mode_, HC)     (cccbc_ctx *)(cccmac_mode_ctx_start(_mode_, HC))
  50 #define cccmac_mode_iv(_mode_, HC)     (cccbc_iv *)(cccmac_mode_ctx_start(_mode_, HC)+cccmac_cbc_size(_mode_))
  51 #define cccmac_k1(HC)       (CCCMAC_HDR(HC)->k1)
  52 #define cccmac_k2(HC)       (CCCMAC_HDR(HC)->k2)
  53 #define cccmac_block(HC)    (CCCMAC_HDR(HC)->block)
  54 #define cccmac_cbc(HC)      (CCCMAC_HDR(HC)->cbc)
  55 #define cccmac_block_nbytes(HC)        (CCCMAC_HDR(HC)->block_nbytes)
  56 #define cccmac_cumulated_nbytes(HC)    (CCCMAC_HDR(HC)->cumulated_nbytes)
  57
  58
  59 /* CMAC as defined in NIST SP800-38B - 2005 */
  60
  61 /* =============================================================================
  62
  63                                 ONE SHOT
  64
  65  ==============================================================================*/
  66
  67 /*!
  68  @function   cccmac_one_shot_generate
  69  @abstract   CMAC generation in one call
  70
  71  @param   cbc          CBC and block cipher specification
  72  @param   key_nbytes   Length of the key in bytes
  73  @param   key          Pointer to the key of length key_nbytes
  74  @param   data_nbytes  Length of the data in bytes
  75  @param   data         Pointer to the data in bytes
  76  @param   mac_nbytes   Length in byte of the mac, > 0
  77  @param   mac          Output of length cbc->block_size
  78
  79  @result     0 iff successful.
  80
  81  @discussion Only supports CMAC_BLOCKSIZE block ciphers
  82  */
  83 int cccmac_one_shot_generate(const struct ccmode_cbc *cbc,
  84                         size_t key_nbytes, const void *key,
  85                         size_t data_nbytes, const void *data,
  86                         size_t mac_nbytes, void *mac);
  87
  88 /*!
  89  @function   cccmac_one_shot_verify
  90  @abstract   CMAC verification in one call
  91
  92  @param   cbc          CBC and block cipher specification
  93  @param   key_nbytes  Length of the key in bytes
  94  @param   key          Pointer to the key of length key_nbytes
  95  @param   data_nbytes Length of the data in bytes
  96  @param   data         Pointer to the data in bytes
  97  @param   expected_mac_nbytes  Length in byte of the mac, > 0
  98  @param   expected_mac Mac value expected
  99
 100  @result     0 iff successful.
 101
 102  @discussion Only supports CMAC_BLOCKSIZE block ciphers
 103  */
 104 int cccmac_one_shot_verify(const struct ccmode_cbc *cbc,
 105                            size_t key_nbytes, const void *key,
 106                            size_t data_nbytes, const void *data,
 107                            size_t expected_mac_nbytes, const void *expected_mac);
 108
 109 /* =============================================================================
 110
 111                                STREAMING
 112
 113                         Init - Update - Final
 114
 115 ==============================================================================*/
 116
 117 /*!
 118  @function   cccmac_init
 119  @abstract   Init CMAC context with CBC mode and key
 120
 121  @param   cbc         CBC and block cipher specification
 122  @param   ctx         Context use to store internal state
 123  @param   key_nbytes  Length of the key in bytes
 124  @param   key         Full key
 125
 126  @result     0 iff successful.
 127
 128  @discussion Only supports CMAC_BLOCKSIZE block ciphers
 129  */
 130
 131 int cccmac_init(const struct ccmode_cbc *cbc,
 132                 cccmac_ctx_t ctx,
 133                 size_t key_nbytes, const void *key);
 134
 135 /*!
 136  @function   cccmac_update
 137  @abstract   Process data
 138
 139  @param   ctx          Context use to store internal state
 140  @param   data_nbytes Length in byte of the data
 141  @param   data         Data to process
 142
 143  @result     0 iff successful.
 144
 145  @discussion Only supports CMAC_BLOCKSIZE block ciphers
 146  */
 147
 148 int cccmac_update(cccmac_ctx_t ctx,
 149                   size_t data_nbytes, const void *data);
 150
 151 /*!
 152  @function   cccmac_final_generate
 153  @abstract   Final step for generation
 154
 155  @param   ctx          Context use to store internal state
 156  @param   mac_nbytes   Length in byte of the mac, > 0
 157  @param   mac          Output of length mac_nbytes
 158
 159  @result     0 iff successful.
 160
 161  @discussion Only supports CMAC_BLOCKSIZE block ciphers
 162  */
 163 int cccmac_final_generate(cccmac_ctx_t ctx,
 164                      size_t mac_nbytes, void *mac);
 165
 166 /*!
 167  @function   cccmac_final_verify
 168  @abstract   Final step and verification
 169
 170  @param   ctx          Context use to store internal state
 171  @param   expected_mac_nbytes  Length in byte of the mac, > 0
 172  @param   expected_mac Mac value expected
 173
 174  @result     0 iff successful.
 175
 176  @discussion Only supports CMAC_BLOCKSIZE block ciphers
 177  */
 178 int cccmac_final_verify(cccmac_ctx_t ctx,
 179                         size_t expected_mac_nbytes, const void *expected_mac);
 180
 181 #endif /* _CORECRYPTO_cccmac_H_ */