xref: /xnu-8019.80.24/EXTERNAL_HEADERS/corecrypto/cccmac.h (revision a325d9c4a84054e40bbe985afedcb50ab80993ea) 
1 /* Copyright (c) (2013,2014,2015,2016,2017,2019) Apple Inc. All rights reserved.
2  *
3  * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which
4  * is contained in the License.txt file distributed with corecrypto) and only to
5  * people who accept that license. IMPORTANT:  Any license rights granted to you by
6  * Apple Inc. (if any) are limited to internal use within your organization only on
7  * devices and computers you own or control, for the sole purpose of verifying the
8  * security characteristics and correct functioning of the Apple Software.  You may
9  * not, directly or indirectly, redistribute the Apple Software or any portions thereof.
10  */
11 
12 #ifndef _CORECRYPTO_cccmac_H_
13 #define _CORECRYPTO_cccmac_H_
14 
15 #include <corecrypto/cc.h>
16 #include <corecrypto/ccmode.h>
17 #include <corecrypto/ccaes.h>
18 
19 #define CMAC_BLOCKSIZE   16
20 
21 struct cccmac_ctx {
22     uint8_t k1[CMAC_BLOCKSIZE];
23     uint8_t k2[CMAC_BLOCKSIZE];
24     uint8_t block[CMAC_BLOCKSIZE];
25     size_t  block_nbytes; // Number of byte occupied in block
26     size_t  cumulated_nbytes;  // Total size processed
27     const struct ccmode_cbc *cbc;
28     uint8_t ctx[1];
29 } CC_ALIGNED(8);// cccmac_ctx_hdr;
30 
31 typedef struct cccmac_ctx* cccmac_ctx_t;
32 
33 #define cccmac_hdr_size sizeof(struct cccmac_ctx)
34 
35 
36 #define cccmac_iv_size(_mode_)  ((_mode_)->block_size)
37 #define cccmac_cbc_size(_mode_) ((_mode_)->size)
38 
39 #define cccmac_ctx_size(_mode_) (cccmac_hdr_size + cccmac_iv_size(_mode_) + cccmac_cbc_size(_mode_))
40 #define cccmac_ctx_n(_mode_)  ccn_nof_size(cccmac_ctx_size(_mode_))
41 
42 #define cccmac_mode_decl(_mode_, _name_) cc_ctx_decl(struct cccmac_ctx, cccmac_ctx_size(_mode_), _name_)
43 #define cccmac_mode_clear(_mode_, _name_) cc_clear(cccmac_ctx_size(_mode_), _name_)
44 
45 /* Return a cccbc_ctx * which can be accesed with the macros in ccmode.h */
46 #define cccmac_mode_ctx_start(_mode_, HC)    (HC->ctx)
47 #define CCCMAC_HDR(HC)      (HC)
48 
49 #define cccmac_mode_sym_ctx(_mode_, HC)     (cccbc_ctx *)(cccmac_mode_ctx_start(_mode_, HC))
50 #define cccmac_mode_iv(_mode_, HC)     (cccbc_iv *)(cccmac_mode_ctx_start(_mode_, HC)+cccmac_cbc_size(_mode_))
51 #define cccmac_k1(HC)       (CCCMAC_HDR(HC)->k1)
52 #define cccmac_k2(HC)       (CCCMAC_HDR(HC)->k2)
53 #define cccmac_block(HC)    (CCCMAC_HDR(HC)->block)
54 #define cccmac_cbc(HC)      (CCCMAC_HDR(HC)->cbc)
55 #define cccmac_block_nbytes(HC)        (CCCMAC_HDR(HC)->block_nbytes)
56 #define cccmac_cumulated_nbytes(HC)    (CCCMAC_HDR(HC)->cumulated_nbytes)
57 
58 
59 /* CMAC as defined in NIST SP800-38B - 2005 */
60 
61 /* =============================================================================
62 
63                                 ONE SHOT
64 
65  ==============================================================================*/
66 
67 /*!
68  @function   cccmac_one_shot_generate
69  @abstract   CMAC generation in one call
70 
71  @param   cbc          CBC and block cipher specification
72  @param   key_nbytes   Length of the key in bytes
73  @param   key          Pointer to the key of length key_nbytes
74  @param   data_nbytes  Length of the data in bytes
75  @param   data         Pointer to the data in bytes
76  @param   mac_nbytes   Length in byte of the mac, > 0
77  @param   mac          Output of length cbc->block_size
78 
79  @result     0 iff successful.
80 
81  @discussion Only supports CMAC_BLOCKSIZE block ciphers
82  */
83 int cccmac_one_shot_generate(const struct ccmode_cbc *cbc,
84                         size_t key_nbytes, const void *key,
85                         size_t data_nbytes, const void *data,
86                         size_t mac_nbytes, void *mac);
87 
88 /*!
89  @function   cccmac_one_shot_verify
90  @abstract   CMAC verification in one call
91 
92  @param   cbc          CBC and block cipher specification
93  @param   key_nbytes  Length of the key in bytes
94  @param   key          Pointer to the key of length key_nbytes
95  @param   data_nbytes Length of the data in bytes
96  @param   data         Pointer to the data in bytes
97  @param   expected_mac_nbytes  Length in byte of the mac, > 0
98  @param   expected_mac Mac value expected
99 
100  @result     0 iff successful.
101 
102  @discussion Only supports CMAC_BLOCKSIZE block ciphers
103  */
104 int cccmac_one_shot_verify(const struct ccmode_cbc *cbc,
105                            size_t key_nbytes, const void *key,
106                            size_t data_nbytes, const void *data,
107                            size_t expected_mac_nbytes, const void *expected_mac);
108 
109 /* =============================================================================
110 
111                                STREAMING
112 
113                         Init - Update - Final
114 
115 ==============================================================================*/
116 
117 /*!
118  @function   cccmac_init
119  @abstract   Init CMAC context with CBC mode and key
120 
121  @param   cbc         CBC and block cipher specification
122  @param   ctx         Context use to store internal state
123  @param   key_nbytes  Length of the key in bytes
124  @param   key         Full key
125 
126  @result     0 iff successful.
127 
128  @discussion Only supports CMAC_BLOCKSIZE block ciphers
129  */
130 
131 int cccmac_init(const struct ccmode_cbc *cbc,
132                 cccmac_ctx_t ctx,
133                 size_t key_nbytes, const void *key);
134 
135 /*!
136  @function   cccmac_update
137  @abstract   Process data
138 
139  @param   ctx          Context use to store internal state
140  @param   data_nbytes Length in byte of the data
141  @param   data         Data to process
142 
143  @result     0 iff successful.
144 
145  @discussion Only supports CMAC_BLOCKSIZE block ciphers
146  */
147 
148 int cccmac_update(cccmac_ctx_t ctx,
149                   size_t data_nbytes, const void *data);
150 
151 /*!
152  @function   cccmac_final_generate
153  @abstract   Final step for generation
154 
155  @param   ctx          Context use to store internal state
156  @param   mac_nbytes   Length in byte of the mac, > 0
157  @param   mac          Output of length mac_nbytes
158 
159  @result     0 iff successful.
160 
161  @discussion Only supports CMAC_BLOCKSIZE block ciphers
162  */
163 int cccmac_final_generate(cccmac_ctx_t ctx,
164                      size_t mac_nbytes, void *mac);
165 
166 /*!
167  @function   cccmac_final_verify
168  @abstract   Final step and verification
169 
170  @param   ctx          Context use to store internal state
171  @param   expected_mac_nbytes  Length in byte of the mac, > 0
172  @param   expected_mac Mac value expected
173 
174  @result     0 iff successful.
175 
176  @discussion Only supports CMAC_BLOCKSIZE block ciphers
177  */
178 int cccmac_final_verify(cccmac_ctx_t ctx,
179                         size_t expected_mac_nbytes, const void *expected_mac);
180 
181 #endif /* _CORECRYPTO_cccmac_H_ */
182