mbed TLS v2.7.6
|
CCM combines Counter mode encryption with CBC-MAC authentication for 128-bit block ciphers. More...
#include "cipher.h"
Go to the source code of this file.
Data Structures | |
struct | mbedtls_ccm_context |
The CCM context-type definition. The CCM context is passed to the APIs called. More... | |
Macros | |
#define | MBEDTLS_ERR_CCM_BAD_INPUT -0x000D |
#define | MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F |
#define | MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011 |
Functions | |
void | mbedtls_ccm_init (mbedtls_ccm_context *ctx) |
This function initializes the specified CCM context, to make references valid, and prepare the context for mbedtls_ccm_setkey() or mbedtls_ccm_free(). More... | |
int | mbedtls_ccm_setkey (mbedtls_ccm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key, unsigned int keybits) |
This function initializes the CCM context set in the ctx parameter and sets the encryption key. More... | |
void | mbedtls_ccm_free (mbedtls_ccm_context *ctx) |
This function releases and clears the specified CCM context and underlying cipher sub-context. More... | |
int | mbedtls_ccm_encrypt_and_tag (mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len) |
This function encrypts a buffer using CCM. More... | |
int | mbedtls_ccm_auth_decrypt (mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len) |
This function performs a CCM authenticated decryption of a buffer. More... | |
int | mbedtls_ccm_self_test (int verbose) |
The CCM checkup routine. More... | |
CCM combines Counter mode encryption with CBC-MAC authentication for 128-bit block ciphers.
Input to CCM includes the following elements:
Definition in file ccm.h.
#define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F |
#define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D |
#define MBEDTLS_ERR_CCM_HW_ACCEL_FAILED -0x0011 |
int mbedtls_ccm_auth_decrypt | ( | mbedtls_ccm_context * | ctx, |
size_t | length, | ||
const unsigned char * | iv, | ||
size_t | iv_len, | ||
const unsigned char * | add, | ||
size_t | add_len, | ||
const unsigned char * | input, | ||
unsigned char * | output, | ||
const unsigned char * | tag, | ||
size_t | tag_len | ||
) |
This function performs a CCM authenticated decryption of a buffer.
ctx | The CCM context to use for decryption. |
length | The length of the input data in Bytes. |
iv | Initialization vector. |
iv_len | The length of the IV in Bytes: 7, 8, 9, 10, 11, 12, or 13. |
add | The additional data field. |
add_len | The length of additional data in Bytes. Must be less than 2^16 - 2^8. |
input | The buffer holding the input data. |
output | The buffer holding the output data. Must be at least length Bytes wide. |
tag | The buffer holding the tag. |
tag_len | The length of the tag in Bytes. 4, 6, 8, 10, 12, 14 or 16. |
int mbedtls_ccm_encrypt_and_tag | ( | mbedtls_ccm_context * | ctx, |
size_t | length, | ||
const unsigned char * | iv, | ||
size_t | iv_len, | ||
const unsigned char * | add, | ||
size_t | add_len, | ||
const unsigned char * | input, | ||
unsigned char * | output, | ||
unsigned char * | tag, | ||
size_t | tag_len | ||
) |
This function encrypts a buffer using CCM.
ctx | The CCM context to use for encryption. |
length | The length of the input data in Bytes. |
iv | Initialization vector (nonce). |
iv_len | The length of the IV in Bytes: 7, 8, 9, 10, 11, 12, or 13. |
add | The additional data field. |
add_len | The length of additional data in Bytes. Must be less than 2^16 - 2^8. |
input | The buffer holding the input data. |
output | The buffer holding the output data. Must be at least length Bytes wide. |
tag | The buffer holding the tag. |
tag_len | The length of the tag to generate in Bytes: 4, 6, 8, 10, 12, 14 or 16. |
tag
with the output
, as done in RFC-3610: Counter with CBC-MAC (CCM), use tag
= output
+ length
, and make sure that the output buffer is at least length
+ tag_len
wide.0
on success. void mbedtls_ccm_free | ( | mbedtls_ccm_context * | ctx | ) |
This function releases and clears the specified CCM context and underlying cipher sub-context.
ctx | The CCM context to clear. |
void mbedtls_ccm_init | ( | mbedtls_ccm_context * | ctx | ) |
This function initializes the specified CCM context, to make references valid, and prepare the context for mbedtls_ccm_setkey() or mbedtls_ccm_free().
ctx | The CCM context to initialize. |
int mbedtls_ccm_self_test | ( | int | verbose | ) |
The CCM checkup routine.
0
on success, or 1
on failure. int mbedtls_ccm_setkey | ( | mbedtls_ccm_context * | ctx, |
mbedtls_cipher_id_t | cipher, | ||
const unsigned char * | key, | ||
unsigned int | keybits | ||
) |
This function initializes the CCM context set in the ctx
parameter and sets the encryption key.
ctx | The CCM context to initialize. |
cipher | The 128-bit block cipher to use. |
key | The encryption key. |
keybits | The key size in bits. This must be acceptable by the cipher. |
0
on success, or a cipher-specific error code.