xref: /xnu-10002.61.3/EXTERNAL_HEADERS/corecrypto/cccmac.h (revision 0f4c859e951fba394238ab619495c4e1d54d0f34) 
1 /* Copyright (c) (2013-2017,2019,2021) Apple Inc. All rights reserved.
2  *
3  * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which
4  * is contained in the License.txt file distributed with corecrypto) and only to
5  * people who accept that license. IMPORTANT:  Any license rights granted to you by
6  * Apple Inc. (if any) are limited to internal use within your organization only on
7  * devices and computers you own or control, for the sole purpose of verifying the
8  * security characteristics and correct functioning of the Apple Software.  You may
9  * not, directly or indirectly, redistribute the Apple Software or any portions thereof.
10  */
11 
12 #ifndef _CORECRYPTO_cccmac_H_
13 #define _CORECRYPTO_cccmac_H_
14 
15 #include <corecrypto/cc.h>
16 #include <corecrypto/ccmode.h>
17 #include <corecrypto/ccaes.h>
18 
19 CC_PTRCHECK_CAPABLE_HEADER()
20 
21 #define CMAC_BLOCKSIZE   16
22 
23 struct cccmac_ctx {
24     uint8_t k1[CMAC_BLOCKSIZE];
25     uint8_t k2[CMAC_BLOCKSIZE];
26     uint8_t block[CMAC_BLOCKSIZE];
27     size_t  block_nbytes; // Number of byte occupied in block
28     size_t  cumulated_nbytes;  // Total size processed
29     const struct ccmode_cbc *cbc;
30     uint8_t ctx[1];
31 } CC_ALIGNED(8);// cccmac_ctx_hdr;
32 
33 typedef struct cccmac_ctx* cccmac_ctx_t;
34 
35 #define cccmac_hdr_size sizeof(struct cccmac_ctx)
36 
37 
38 #define cccmac_iv_size(_mode_)  ((_mode_)->block_size)
39 #define cccmac_cbc_size(_mode_) ((_mode_)->size)
40 
41 #define cccmac_ctx_size(_mode_) (cccmac_hdr_size + cccmac_iv_size(_mode_) + cccmac_cbc_size(_mode_))
42 #define cccmac_ctx_n(_mode_)  ccn_nof_size(cccmac_ctx_size(_mode_))
43 
44 #define cccmac_mode_decl(_mode_, _name_) cc_ctx_decl_vla(struct cccmac_ctx, cccmac_ctx_size(_mode_), _name_)
45 #define cccmac_mode_clear(_mode_, _name_) cc_clear(cccmac_ctx_size(_mode_), _name_)
46 
47 /* Return a cccbc_ctx * which can be accesed with the macros in ccmode.h */
48 #define cccmac_mode_ctx_start(_mode_, HC)    (HC->ctx)
49 #define CCCMAC_HDR(HC)      (HC)
50 
51 #define cccmac_mode_sym_ctx(_mode_, HC)     (cccbc_ctx *)(cccmac_mode_ctx_start(_mode_, HC))
52 #define cccmac_mode_iv(_mode_, HC)     (cccbc_iv *)(cccmac_mode_ctx_start(_mode_, HC)+cccmac_cbc_size(_mode_))
53 #define cccmac_k1(HC)       (CCCMAC_HDR(HC)->k1)
54 #define cccmac_k2(HC)       (CCCMAC_HDR(HC)->k2)
55 #define cccmac_block(HC)    (CCCMAC_HDR(HC)->block)
56 #define cccmac_cbc(HC)      (CCCMAC_HDR(HC)->cbc)
57 #define cccmac_block_nbytes(HC)        (CCCMAC_HDR(HC)->block_nbytes)
58 #define cccmac_cumulated_nbytes(HC)    (CCCMAC_HDR(HC)->cumulated_nbytes)
59 
60 
61 /* CMAC as defined in NIST SP800-38B - 2005 */
62 
63 /* =============================================================================
64 
65                                 ONE SHOT
66 
67  ==============================================================================*/
68 
69 /*!
70  @function   cccmac_one_shot_generate
71  @abstract   CMAC generation in one call
72 
73  @param   cbc          CBC and block cipher specification
74  @param   key_nbytes   Length of the key in bytes
75  @param   key          Pointer to the key of length key_nbytes
76  @param   data_nbytes  Length of the data in bytes
77  @param   data         Pointer to the data in bytes
78  @param   mac_nbytes   Length in byte of the mac, > 0
79  @param   mac          Output of length cbc->block_size
80 
81  @result     0 iff successful.
82 
83  @discussion Only supports CMAC_BLOCKSIZE block ciphers
84  */
85 int cccmac_one_shot_generate(const struct ccmode_cbc *cbc,
86                         size_t key_nbytes, const void *cc_sized_by(key_nbytes) key,
87                         size_t data_nbytes, const void *cc_sized_by(data_nbytes) data,
88                         size_t mac_nbytes, void *cc_sized_by(mac_nbytes) mac);
89 
90 /*!
91  @function   cccmac_one_shot_verify
92  @abstract   CMAC verification in one call
93 
94  @param   cbc          CBC and block cipher specification
95  @param   key_nbytes  Length of the key in bytes
96  @param   key          Pointer to the key of length key_nbytes
97  @param   data_nbytes Length of the data in bytes
98  @param   data         Pointer to the data in bytes
99  @param   expected_mac_nbytes  Length in byte of the mac, > 0
100  @param   expected_mac Mac value expected
101 
102  @result     0 iff successful.
103 
104  @discussion Only supports CMAC_BLOCKSIZE block ciphers
105  */
106 int cccmac_one_shot_verify(const struct ccmode_cbc *cbc,
107                            size_t key_nbytes, const void *cc_sized_by(key_nbytes) key,
108                            size_t data_nbytes, const void *cc_sized_by(data_nbytes) data,
109                            size_t expected_mac_nbytes, const void *cc_sized_by(expected_mac_nbytes) expected_mac);
110 
111 /* =============================================================================
112 
113                                STREAMING
114 
115                         Init - Update - Final
116 
117 ==============================================================================*/
118 
119 /*!
120  @function   cccmac_init
121  @abstract   Init CMAC context with CBC mode and key
122 
123  @param   cbc         CBC and block cipher specification
124  @param   ctx         Context use to store internal state
125  @param   key_nbytes  Length of the key in bytes
126  @param   key         Full key
127 
128  @result     0 iff successful.
129 
130  @discussion Only supports CMAC_BLOCKSIZE block ciphers
131  */
132 
133 int cccmac_init(const struct ccmode_cbc *cbc,
134                 cccmac_ctx_t ctx,
135                 size_t key_nbytes, const void *cc_sized_by(key_nbytes) key);
136 
137 /*!
138  @function   cccmac_update
139  @abstract   Process data
140 
141  @param   ctx          Context use to store internal state
142  @param   data_nbytes Length in byte of the data
143  @param   data         Data to process
144 
145  @result     0 iff successful.
146 
147  @discussion Only supports CMAC_BLOCKSIZE block ciphers
148  */
149 
150 int cccmac_update(cccmac_ctx_t ctx,
151                   size_t data_nbytes, const void *cc_sized_by(data_nbytes) data);
152 
153 /*!
154  @function   cccmac_final_generate
155  @abstract   Final step for generation
156 
157  @param   ctx          Context use to store internal state
158  @param   mac_nbytes   Length in byte of the mac, > 0
159  @param   mac          Output of length mac_nbytes
160 
161  @result     0 iff successful.
162 
163  @discussion Only supports CMAC_BLOCKSIZE block ciphers
164  */
165 int cccmac_final_generate(cccmac_ctx_t ctx,
166                      size_t mac_nbytes, void *cc_sized_by(mac_nbytes) mac);
167 
168 /*!
169  @function   cccmac_final_verify
170  @abstract   Final step and verification
171 
172  @param   ctx          Context use to store internal state
173  @param   expected_mac_nbytes  Length in byte of the mac, > 0
174  @param   expected_mac Mac value expected
175 
176  @result     0 iff successful.
177 
178  @discussion Only supports CMAC_BLOCKSIZE block ciphers
179  */
180 int cccmac_final_verify(cccmac_ctx_t ctx,
181                         size_t expected_mac_nbytes, const void *cc_sized_by(expected_mac_nbytes) expected_mac);
182 
183 #endif /* _CORECRYPTO_cccmac_H_ */
184