ccm.h
3.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
/*
* Copyright (C) 2015 Freie Universität Berlin
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/**
* @ingroup sys_crypto
* @{
*
* @file ccm.h
* @brief Counter with CBC-MAC mode of operation for block ciphers
*
* @author Freie Universitaet Berlin, Computer Systems & Telematics
* @author Nico von Geyso <nico.geyso@fu-berlin.de>
*/
#ifndef CRYPTO_MODES_CCM_H_
#define CRYPTO_MODES_CCM_H_
#include "crypto/ciphers.h"
#ifdef __cplusplus
extern "C" {
#endif
#define CCM_ERR_INVALID_NONCE_LENGTH -2
#define CCM_ERR_INVALID_CBC_MAC -3
#define CCM_ERR_INVALID_DATA_LENGTH -3
#define CCM_ERR_INVALID_LENGTH_ENCODING -4
#define CCM_ERR_INVALID_MAC_LENGTH -5
/**
* @brief Encrypt and authenticate data of arbitrary length in ccm mode.
*
* @param cipher Already initialized cipher struct
* @param auth_data Additional data to authenticate in MAC
* @param auth_data_len Length of additional data
* @param mac_length length of the appended MAC (between 4 and 16 - only
* even values)
* @param length_encoding maximal supported length of plaintext
* (2^(8*length_enc)).
* @param nonce Nounce for ctr mode encryption
* @param nonce_len Length of the nonce in octets
* (maximum: 16-length_encoding)
* @param input pointer to input data to encrypt
* @param input_len length of the input data
* @param output pointer to allocated memory for encrypted data. It
* has to be of size data_len + mac_length.
* @return length of encrypted data or error code
*/
int cipher_encrypt_ccm(cipher_t* cipher, uint8_t* auth_data,
uint32_t auth_data_len, uint8_t mac_length,
uint8_t length_encoding, uint8_t* nonce, size_t nonce_len,
uint8_t* input, size_t input_len, uint8_t* output);
/**
* @brief Decrypt data of arbitrary length in ccm mode.
*
* @param cipher Already initialized cipher struct
* @param auth_data Additional data to authenticate in MAC
* @param auth_data_len Length of additional data
* @param mac_length length of the appended MAC (between 4 and 16 - only
* even values)
* @param length_encoding maximal supported length of plaintext
* (2^(8*length_enc)).
* @param nonce Nounce for ctr mode encryption
* @param nonce_len Length of the nonce in octets
* (maximum: 16-length_encoding)
* @param input pointer to input data to decrypt
* @param input_len length of the input data
* @param output pointer to allocated memory for decrypted data. It
* has to be of size data_len - mac_length.
* @return length of encrypted data or error code
*/
int cipher_decrypt_ccm(cipher_t* cipher, uint8_t* auth_data,
uint32_t auth_data_len, uint8_t mac_length,
uint8_t length_encoding, uint8_t* nonce, size_t nonce_len,
uint8_t* input, size_t input_len, uint8_t* output);
#ifdef __cplusplus
}
#endif
#endif /* CRYPTO_MODES_CCM_H_ */