xref: /xnu-10063.121.3/EXTERNAL_HEADERS/corecrypto/cccmac.h (revision 2c2f96dc2b9a4408a43d3150ae9c105355ca3daa) ! 
1 /* Copyright (c) (2013-2017,2019,2021,2022) Apple Inc. All rights reserved.
2  *
3  * corecrypto is licensed under Apple Inc.’s Internal Use License Agreement (which
4  * is contained in the License.txt file distributed with corecrypto) and only to
5  * people who accept that license. IMPORTANT:  Any license rights granted to you by
6  * Apple Inc. (if any) are limited to internal use within your organization only on
7  * devices and computers you own or control, for the sole purpose of verifying the
8  * security characteristics and correct functioning of the Apple Software.  You may
9  * not, directly or indirectly, redistribute the Apple Software or any portions thereof.
10  */
11 
12 #ifndef _CORECRYPTO_CCCMAC_H_
13 #define _CORECRYPTO_CCCMAC_H_
14 
15 #include <corecrypto/cc.h>
16 #include <corecrypto/ccmode.h>
17 #include <corecrypto/ccaes.h>
18 
19 CC_PTRCHECK_CAPABLE_HEADER()
20 
21 #define CMAC_BLOCKSIZE   16
22 
23 struct cccmac_ctx {
24     uint8_t k1[CMAC_BLOCKSIZE];
25     uint8_t k2[CMAC_BLOCKSIZE];
26     uint8_t block[CMAC_BLOCKSIZE];
27     size_t  block_nbytes; // Number of byte occupied in block
28     size_t  cumulated_nbytes;  // Total size processed
29     const struct ccmode_cbc *cbc;
30     uint8_t ctx[1];
31 } CC_ALIGNED(8);// cccmac_ctx_hdr;
32 
33 typedef struct cccmac_ctx* cccmac_ctx_t;
34 
35 #define cccmac_hdr_size sizeof(struct cccmac_ctx)
36 
37 #define cccmac_iv_size(_mode_)  ((_mode_)->block_size)
38 #define cccmac_cbc_size(_mode_) ((_mode_)->size)
39 
40 #define cccmac_ctx_size(_mode_) (cccmac_hdr_size + cccmac_iv_size(_mode_) + cccmac_cbc_size(_mode_))
41 #define cccmac_ctx_n(_mode_)  ccn_nof_size(cccmac_ctx_size(_mode_))
42 
43 #define cccmac_mode_decl(_mode_, _name_) cc_ctx_decl_vla(struct cccmac_ctx, cccmac_ctx_size(_mode_), _name_)
44 #define cccmac_mode_clear(_mode_, _name_) cc_clear(cccmac_ctx_size(_mode_), _name_)
45 
46 /* Return a cccbc_ctx * which can be accesed with the macros in ccmode.h */
47 #define cccmac_mode_ctx_start(_mode_, HC)    (HC->ctx)
48 #define CCCMAC_HDR(HC)      (HC)
49 
50 #define cccmac_mode_sym_ctx(_mode_, HC)     (cccbc_ctx *)(cccmac_mode_ctx_start(_mode_, HC))
51 #define cccmac_mode_iv(_mode_, HC)     (cccbc_iv *)(cccmac_mode_ctx_start(_mode_, HC)+cccmac_cbc_size(_mode_))
52 #define cccmac_k1(HC)       (CCCMAC_HDR(HC)->k1)
53 #define cccmac_k2(HC)       (CCCMAC_HDR(HC)->k2)
54 #define cccmac_block(HC)    (CCCMAC_HDR(HC)->block)
55 #define cccmac_cbc(HC)      (CCCMAC_HDR(HC)->cbc)
56 #define cccmac_block_nbytes(HC)        (CCCMAC_HDR(HC)->block_nbytes)
57 #define cccmac_cumulated_nbytes(HC)    (CCCMAC_HDR(HC)->cumulated_nbytes)
58 
59 
60 /* CMAC as defined in NIST SP800-38B - 2005 */
61 
62 /* =============================================================================
63 
64                                 ONE SHOT
65 
66  ==============================================================================*/
67 
68 /*!
69  @function   cccmac_one_shot_generate
70  @abstract   CMAC generation in one call
71 
72  @param   cbc          CBC and block cipher specification
73  @param   key_nbytes   Length of the key in bytes
74  @param   key          Pointer to the key of length key_nbytes
75  @param   data_nbytes  Length of the data in bytes
76  @param   data         Pointer to the data in bytes
77  @param   mac_nbytes   Length in byte of the mac, > 0
78  @param   mac          Output of length cbc->block_size
79 
80  @result     0 iff successful.
81 
82  @discussion Only supports CMAC_BLOCKSIZE block ciphers
83  */
84 int cccmac_one_shot_generate(const struct ccmode_cbc *cbc,
85                         size_t key_nbytes, const void *cc_sized_by(key_nbytes) key,
86                         size_t data_nbytes, const void *cc_sized_by(data_nbytes) data,
87                         size_t mac_nbytes, void *cc_sized_by(mac_nbytes) mac);
88 
89 /*!
90  @function   cccmac_one_shot_verify
91  @abstract   CMAC verification in one call
92 
93  @param   cbc          CBC and block cipher specification
94  @param   key_nbytes  Length of the key in bytes
95  @param   key          Pointer to the key of length key_nbytes
96  @param   data_nbytes Length of the data in bytes
97  @param   data         Pointer to the data in bytes
98  @param   expected_mac_nbytes  Length in byte of the mac, > 0
99  @param   expected_mac Mac value expected
100 
101  @result     0 iff successful.
102 
103  @discussion Only supports CMAC_BLOCKSIZE block ciphers
104  */
105 int cccmac_one_shot_verify(const struct ccmode_cbc *cbc,
106                            size_t key_nbytes, const void *cc_sized_by(key_nbytes) key,
107                            size_t data_nbytes, const void *cc_sized_by(data_nbytes) data,
108                            size_t expected_mac_nbytes, const void *cc_sized_by(expected_mac_nbytes) expected_mac);
109 
110 /* =============================================================================
111 
112                                STREAMING
113 
114                         Init - Update - Final
115 
116 ==============================================================================*/
117 
118 /*!
119  @function   cccmac_init
120  @abstract   Init CMAC context with CBC mode and key
121 
122  @param   cbc         CBC and block cipher specification
123  @param   ctx         Context use to store internal state
124  @param   key_nbytes  Length of the key in bytes
125  @param   key         Full key
126 
127  @result     0 iff successful.
128 
129  @discussion Only supports CMAC_BLOCKSIZE block ciphers
130  */
131 
132 int cccmac_init(const struct ccmode_cbc *cbc,
133                 cccmac_ctx_t ctx,
134                 size_t key_nbytes, const void *cc_sized_by(key_nbytes) key);
135 
136 /*!
137  @function   cccmac_update
138  @abstract   Process data
139 
140  @param   ctx          Context use to store internal state
141  @param   data_nbytes Length in byte of the data
142  @param   data         Data to process
143 
144  @result     0 iff successful.
145 
146  @discussion Only supports CMAC_BLOCKSIZE block ciphers
147  */
148 
149 int cccmac_update(cccmac_ctx_t ctx,
150                   size_t data_nbytes, const void *cc_sized_by(data_nbytes) data);
151 
152 /*!
153  @function   cccmac_final_generate
154  @abstract   Final step for generation
155 
156  @param   ctx          Context use to store internal state
157  @param   mac_nbytes   Length in byte of the mac, > 0
158  @param   mac          Output of length mac_nbytes
159 
160  @result     0 iff successful.
161 
162  @discussion Only supports CMAC_BLOCKSIZE block ciphers
163  */
164 int cccmac_final_generate(cccmac_ctx_t ctx,
165                      size_t mac_nbytes, void *cc_sized_by(mac_nbytes) mac);
166 
167 /*!
168  @function   cccmac_final_verify
169  @abstract   Final step and verification
170 
171  @param   ctx          Context use to store internal state
172  @param   expected_mac_nbytes  Length in byte of the mac, > 0
173  @param   expected_mac Mac value expected
174 
175  @result     0 iff successful.
176 
177  @discussion Only supports CMAC_BLOCKSIZE block ciphers
178  */
179 int cccmac_final_verify(cccmac_ctx_t ctx,
180                         size_t expected_mac_nbytes, const void *cc_sized_by(expected_mac_nbytes) expected_mac);
181 
182 #endif // _CORECRYPTO_CCCMAC_H_
183