| Adam Langley | 0d107e1 | 2015-05-05 16:36:32 -0700 | [diff] [blame] | 1 | /* Copyright (c) 2015, Google Inc. |
| 2 | * |
| 3 | * Permission to use, copy, modify, and/or distribute this software for any |
| 4 | * purpose with or without fee is hereby granted, provided that the above |
| 5 | * copyright notice and this permission notice appear in all copies. |
| 6 | * |
| 7 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
| 8 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
| 9 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY |
| 10 | * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
| 11 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION |
| 12 | * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN |
| 13 | * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ |
| 14 | |
| 15 | #ifndef OPENSSL_HEADER_CMAC_H |
| 16 | #define OPENSSL_HEADER_CMAC_H |
| 17 | |
| 18 | #include <openssl/base.h> |
| 19 | |
| 20 | #if defined(__cplusplus) |
| 21 | extern "C" { |
| 22 | #endif |
| 23 | |
| 24 | |
| 25 | /* CMAC. |
| 26 | * |
| 27 | * CMAC is a MAC based on AES-CBC and defined in |
| 28 | * https://tools.ietf.org/html/rfc4493#section-2.3. */ |
| 29 | |
| 30 | |
| 31 | /* One-shot functions. */ |
| 32 | |
| 33 | /* AES_CMAC calculates the 16-byte, CMAC authenticator of |in_len| bytes of |
| 34 | * |in| and writes it to |out|. The |key_len| may be 16 or 32 bytes to select |
| 35 | * between AES-128 and AES-256. It returns one on success or zero on error. */ |
| 36 | OPENSSL_EXPORT int AES_CMAC(uint8_t out[16], const uint8_t *key, size_t key_len, |
| 37 | const uint8_t *in, size_t in_len); |
| 38 | |
| 39 | |
| 40 | /* Incremental interface. */ |
| 41 | |
| 42 | /* CMAC_CTX_new allocates a fresh |CMAC_CTX| and returns it, or NULL on |
| 43 | * error. */ |
| 44 | OPENSSL_EXPORT CMAC_CTX *CMAC_CTX_new(void); |
| 45 | |
| 46 | /* CMAC_CTX_free frees a |CMAC_CTX|. */ |
| 47 | OPENSSL_EXPORT void CMAC_CTX_free(CMAC_CTX *ctx); |
| 48 | |
| 49 | /* CMAC_Init configures |ctx| to use the given |key| and |cipher|. The CMAC RFC |
| 50 | * only specifies the use of AES-128 thus |key_len| should be 16 and |cipher| |
| 51 | * should be |EVP_aes_128_cbc()|. However, this implementation also supports |
| 52 | * AES-256 by setting |key_len| to 32 and |cipher| to |EVP_aes_256_cbc()|. The |
| 53 | * |engine| argument is ignored. |
| 54 | * |
| 55 | * It returns one on success or zero on error. */ |
| 56 | OPENSSL_EXPORT int CMAC_Init(CMAC_CTX *ctx, const void *key, size_t key_len, |
| 57 | const EVP_CIPHER *cipher, ENGINE *engine); |
| 58 | |
| 59 | |
| 60 | /* CMAC_Reset resets |ctx| so that a fresh message can be authenticated. */ |
| 61 | OPENSSL_EXPORT int CMAC_Reset(CMAC_CTX *ctx); |
| 62 | |
| 63 | /* CMAC_Update processes |in_len| bytes of message from |in|. It returns one on |
| 64 | * success or zero on error. */ |
| 65 | OPENSSL_EXPORT int CMAC_Update(CMAC_CTX *ctx, const uint8_t *in, size_t in_len); |
| 66 | |
| 67 | /* CMAC_Final sets |*out_len| to 16 and, if |out| is not NULL, writes 16 bytes |
| 68 | * of authenticator to it. It returns one on success or zero on error. */ |
| 69 | OPENSSL_EXPORT int CMAC_Final(CMAC_CTX *ctx, uint8_t *out, size_t *out_len); |
| 70 | |
| 71 | |
| 72 | #if defined(__cplusplus) |
| 73 | } /* extern C */ |
| 74 | #endif |
| 75 | |
| David Benjamin | 60be027 | 2015-10-18 11:03:00 -0400 | [diff] [blame] | 76 | #endif /* OPENSSL_HEADER_CMAC_H */ |
