Accelerated AES-CMAC Cipher
Detailed Description
Accelerated AES-CMAC cipher for the mbed TLS API using the CRYPTOACC or SE peripheral. This implementation builds on the PSA Crypto drivers (Silicon Labs Cryptography Hardware Acceleration Plugins for PSA Crypto).
Data Structures | |
struct | mbedtls_cmac_context_t |
Macros | |
#define | SL_MAC_OPERATION_CTX_TYPE sli_se_transparent_mac_operation_t |
Functions | |
int | mbedtls_cipher_cmac_starts (mbedtls_cipher_context_t *ctx, const unsigned char *key, size_t keybits) |
This function sets the CMAC key, and prepares to authenticate the input data. Must be called with an initialized cipher context. | |
int | mbedtls_cipher_cmac_update (mbedtls_cipher_context_t *ctx, const unsigned char *input, size_t ilen) |
This function feeds an input buffer into an ongoing CMAC computation. | |
int | mbedtls_cipher_cmac_finish (mbedtls_cipher_context_t *ctx, unsigned char *output) |
This function finishes the CMAC operation, and writes the result to the output buffer. | |
int | mbedtls_cipher_cmac_reset (mbedtls_cipher_context_t *ctx) |
This function prepares the authentication of another message with the same key as the previous CMAC operation. | |
int | mbedtls_cipher_cmac (const mbedtls_cipher_info_t *cipher_info, const unsigned char *key, size_t keylen, const unsigned char *input, size_t ilen, unsigned char *output) |
This function calculates the full generic CMAC on the input buffer with the provided key. | |
int | mbedtls_aes_cmac_prf_128 (const unsigned char *key, size_t key_len, const unsigned char *input, size_t in_len, unsigned char output[16]) |
This function implements the AES-CMAC-PRF-128 pseudorandom function, as defined in RFC-4615: The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE). | |
Macro Definition Documentation
#define SL_MAC_OPERATION_CTX_TYPE sli_se_transparent_mac_operation_t |
Definition at line 56
of file cmac_alt.h
.
Function Documentation
int mbedtls_aes_cmac_prf_128 | ( | const unsigned char * | key, |
size_t | key_len, |
||
const unsigned char * | input, |
||
size_t | in_len, |
||
unsigned char | output[16] |
||
) |
This function implements the AES-CMAC-PRF-128 pseudorandom function, as defined in RFC-4615: The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE).
- Parameters
-
key
The key to use. key_len
The key length in Bytes. input
The buffer holding the input data. in_len
The length of the input data in Bytes. output
The buffer holding the generated 16 Bytes of pseudorandom output.
- Returns
0
on success.
int mbedtls_cipher_cmac | ( | const mbedtls_cipher_info_t * | cipher_info, |
const unsigned char * | key, |
||
size_t | keylen, |
||
const unsigned char * | input, |
||
size_t | ilen, |
||
unsigned char * | output |
||
) |
This function calculates the full generic CMAC on the input buffer with the provided key.
The function allocates the context, performs the calculation, and frees the context.
The CMAC result is calculated as output = generic CMAC(cmac key, input buffer).
- Parameters
-
cipher_info
The cipher information. key
The CMAC key. keylen
The length of the CMAC key in bits. input
The buffer holding the input data. ilen
The length of the input data. output
The buffer for the generic CMAC result.
- Returns
0
on success, orMBEDTLS_ERR_MD_BAD_INPUT_DATA
if parameter verification fails.
int mbedtls_cipher_cmac_finish | ( | mbedtls_cipher_context_t * | ctx, |
unsigned char * | output |
||
) |
This function finishes the CMAC operation, and writes the result to the output buffer.
It is called after mbedtls_cipher_cmac_update(). It can be followed by mbedtls_cipher_cmac_reset() and mbedtls_cipher_cmac_update(), or mbedtls_cipher_free()
.
- Parameters
-
ctx
The cipher context used for the CMAC operation. output
The output buffer for the CMAC checksum result.
- Returns
0
on success, orMBEDTLS_ERR_MD_BAD_INPUT_DATA
if parameter verification fails.
int mbedtls_cipher_cmac_reset | ( | mbedtls_cipher_context_t * | ctx | ) |
This function prepares the authentication of another message with the same key as the previous CMAC operation.
It is called after mbedtls_cipher_cmac_finish() and before mbedtls_cipher_cmac_update().
- Parameters
-
ctx
The cipher context used for the CMAC operation.
- Returns
0
on success, orMBEDTLS_ERR_MD_BAD_INPUT_DATA
if parameter verification fails.
int mbedtls_cipher_cmac_starts | ( | mbedtls_cipher_context_t * | ctx, |
const unsigned char * | key, |
||
size_t | keybits |
||
) |
This function sets the CMAC key, and prepares to authenticate the input data. Must be called with an initialized cipher context.
- Parameters
-
ctx
The cipher context used for the CMAC operation, initialized as one of the following types: - MBEDTLS_CIPHER_AES_128_ECB
- MBEDTLS_CIPHER_AES_192_ECB
- MBEDTLS_CIPHER_AES_256_ECB
- MBEDTLS_CIPHER_DES_EDE3_ECB
key
The CMAC key. keybits
The length of the CMAC key in bits. Must be supported by the cipher.
- Returns
0
on success, or a cipher-specific error code.
int mbedtls_cipher_cmac_update | ( | mbedtls_cipher_context_t * | ctx, |
const unsigned char * | input, |
||
size_t | ilen |
||
) |
This function feeds an input buffer into an ongoing CMAC computation.
It is called between mbedtls_cipher_cmac_starts() or mbedtls_cipher_cmac_reset(), and mbedtls_cipher_cmac_finish(). Can be called repeatedly.
- Parameters
-
ctx
The cipher context used for the CMAC operation. input
The buffer holding the input data. ilen
The length of the input data.
- Returns
0
on success, orMBEDTLS_ERR_MD_BAD_INPUT_DATA
if parameter verification fails.