1 | /* Copyright (c) (2013-2017,2019,2021,2022) Apple Inc. All rights reserved. |
2 | * |
3 | * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which |
4 | * is contained in the License.txt file distributed with corecrypto) and only to |
5 | * people who accept that license. IMPORTANT: Any license rights granted to you by |
6 | * Apple Inc. (if any) are limited to internal use within your organization only on |
7 | * devices and computers you own or control, for the sole purpose of verifying the |
8 | * security characteristics and correct functioning of the Apple Software. You may |
9 | * not, directly or indirectly, redistribute the Apple Software or any portions thereof. |
10 | */ |
11 | |
12 | #ifndef _CORECRYPTO_CCCMAC_H_ |
13 | #define _CORECRYPTO_CCCMAC_H_ |
14 | |
15 | #include <corecrypto/cc.h> |
16 | #include <corecrypto/ccmode.h> |
17 | #include <corecrypto/ccaes.h> |
18 | |
19 | CC_PTRCHECK_CAPABLE_HEADER() |
20 | |
21 | #define CMAC_BLOCKSIZE 16 |
22 | |
23 | struct cccmac_ctx { |
24 | uint8_t k1[CMAC_BLOCKSIZE]; |
25 | uint8_t k2[CMAC_BLOCKSIZE]; |
26 | uint8_t block[CMAC_BLOCKSIZE]; |
27 | size_t block_nbytes; // Number of byte occupied in block |
28 | size_t cumulated_nbytes; // Total size processed |
29 | const struct ccmode_cbc *cbc; |
30 | uint8_t ctx[1]; |
31 | } CC_ALIGNED(8);// cccmac_ctx_hdr; |
32 | |
33 | typedef struct cccmac_ctx* cccmac_ctx_t; |
34 | |
35 | #define cccmac_hdr_size sizeof(struct cccmac_ctx) |
36 | |
37 | #define cccmac_iv_size(_mode_) ((_mode_)->block_size) |
38 | #define cccmac_cbc_size(_mode_) ((_mode_)->size) |
39 | |
40 | #define cccmac_ctx_size(_mode_) (cccmac_hdr_size + cccmac_iv_size(_mode_) + cccmac_cbc_size(_mode_)) |
41 | #define cccmac_ctx_n(_mode_) ccn_nof_size(cccmac_ctx_size(_mode_)) |
42 | |
43 | #define cccmac_mode_decl(_mode_, _name_) cc_ctx_decl_vla(struct cccmac_ctx, cccmac_ctx_size(_mode_), _name_) |
44 | #define cccmac_mode_clear(_mode_, _name_) cc_clear(cccmac_ctx_size(_mode_), _name_) |
45 | |
46 | /* Return a cccbc_ctx * which can be accesed with the macros in ccmode.h */ |
47 | #define cccmac_mode_ctx_start(_mode_, HC) (HC->ctx) |
48 | #define CCCMAC_HDR(HC) (HC) |
49 | |
50 | #define cccmac_mode_sym_ctx(_mode_, HC) (cccbc_ctx *)(cccmac_mode_ctx_start(_mode_, HC)) |
51 | #define cccmac_mode_iv(_mode_, HC) (cccbc_iv *)(cccmac_mode_ctx_start(_mode_, HC)+cccmac_cbc_size(_mode_)) |
52 | #define cccmac_k1(HC) (CCCMAC_HDR(HC)->k1) |
53 | #define cccmac_k2(HC) (CCCMAC_HDR(HC)->k2) |
54 | #define cccmac_block(HC) (CCCMAC_HDR(HC)->block) |
55 | #define cccmac_cbc(HC) (CCCMAC_HDR(HC)->cbc) |
56 | #define cccmac_block_nbytes(HC) (CCCMAC_HDR(HC)->block_nbytes) |
57 | #define cccmac_cumulated_nbytes(HC) (CCCMAC_HDR(HC)->cumulated_nbytes) |
58 | |
59 | |
60 | /* CMAC as defined in NIST SP800-38B - 2005 */ |
61 | |
62 | /* ============================================================================= |
63 | |
64 | ONE SHOT |
65 | |
66 | ==============================================================================*/ |
67 | |
68 | /*! |
69 | @function cccmac_one_shot_generate |
70 | @abstract CMAC generation in one call |
71 | |
72 | @param cbc CBC and block cipher specification |
73 | @param key_nbytes Length of the key in bytes |
74 | @param key Pointer to the key of length key_nbytes |
75 | @param data_nbytes Length of the data in bytes |
76 | @param data Pointer to the data in bytes |
77 | @param mac_nbytes Length in byte of the mac, > 0 |
78 | @param mac Output of length cbc->block_size |
79 | |
80 | @result 0 iff successful. |
81 | |
82 | @discussion Only supports CMAC_BLOCKSIZE block ciphers |
83 | */ |
84 | int cccmac_one_shot_generate(const struct ccmode_cbc *cbc, |
85 | size_t key_nbytes, const void *cc_sized_by(key_nbytes) key, |
86 | size_t data_nbytes, const void *cc_sized_by(data_nbytes) data, |
87 | size_t mac_nbytes, void *cc_sized_by(mac_nbytes) mac); |
88 | |
89 | /*! |
90 | @function cccmac_one_shot_verify |
91 | @abstract CMAC verification in one call |
92 | |
93 | @param cbc CBC and block cipher specification |
94 | @param key_nbytes Length of the key in bytes |
95 | @param key Pointer to the key of length key_nbytes |
96 | @param data_nbytes Length of the data in bytes |
97 | @param data Pointer to the data in bytes |
98 | @param expected_mac_nbytes Length in byte of the mac, > 0 |
99 | @param expected_mac Mac value expected |
100 | |
101 | @result 0 iff successful. |
102 | |
103 | @discussion Only supports CMAC_BLOCKSIZE block ciphers |
104 | */ |
105 | int cccmac_one_shot_verify(const struct ccmode_cbc *cbc, |
106 | size_t key_nbytes, const void *cc_sized_by(key_nbytes) key, |
107 | size_t data_nbytes, const void *cc_sized_by(data_nbytes) data, |
108 | size_t expected_mac_nbytes, const void *cc_sized_by(expected_mac_nbytes) expected_mac); |
109 | |
110 | /* ============================================================================= |
111 | |
112 | STREAMING |
113 | |
114 | Init - Update - Final |
115 | |
116 | ==============================================================================*/ |
117 | |
118 | /*! |
119 | @function cccmac_init |
120 | @abstract Init CMAC context with CBC mode and key |
121 | |
122 | @param cbc CBC and block cipher specification |
123 | @param ctx Context use to store internal state |
124 | @param key_nbytes Length of the key in bytes |
125 | @param key Full key |
126 | |
127 | @result 0 iff successful. |
128 | |
129 | @discussion Only supports CMAC_BLOCKSIZE block ciphers |
130 | */ |
131 | |
132 | int cccmac_init(const struct ccmode_cbc *cbc, |
133 | cccmac_ctx_t ctx, |
134 | size_t key_nbytes, const void *cc_sized_by(key_nbytes) key); |
135 | |
136 | /*! |
137 | @function cccmac_update |
138 | @abstract Process data |
139 | |
140 | @param ctx Context use to store internal state |
141 | @param data_nbytes Length in byte of the data |
142 | @param data Data to process |
143 | |
144 | @result 0 iff successful. |
145 | |
146 | @discussion Only supports CMAC_BLOCKSIZE block ciphers |
147 | */ |
148 | |
149 | int cccmac_update(cccmac_ctx_t ctx, |
150 | size_t data_nbytes, const void *cc_sized_by(data_nbytes) data); |
151 | |
152 | /*! |
153 | @function cccmac_final_generate |
154 | @abstract Final step for generation |
155 | |
156 | @param ctx Context use to store internal state |
157 | @param mac_nbytes Length in byte of the mac, > 0 |
158 | @param mac Output of length mac_nbytes |
159 | |
160 | @result 0 iff successful. |
161 | |
162 | @discussion Only supports CMAC_BLOCKSIZE block ciphers |
163 | */ |
164 | int cccmac_final_generate(cccmac_ctx_t ctx, |
165 | size_t mac_nbytes, void *cc_sized_by(mac_nbytes) mac); |
166 | |
167 | /*! |
168 | @function cccmac_final_verify |
169 | @abstract Final step and verification |
170 | |
171 | @param ctx Context use to store internal state |
172 | @param expected_mac_nbytes Length in byte of the mac, > 0 |
173 | @param expected_mac Mac value expected |
174 | |
175 | @result 0 iff successful. |
176 | |
177 | @discussion Only supports CMAC_BLOCKSIZE block ciphers |
178 | */ |
179 | int cccmac_final_verify(cccmac_ctx_t ctx, |
180 | size_t expected_mac_nbytes, const void *cc_sized_by(expected_mac_nbytes) expected_mac); |
181 | |
182 | #endif // _CORECRYPTO_CCCMAC_H_ |
183 | |