Counter with CBC-MAC mode of operation for block ciphers.
More...
Counter with CBC-MAC mode of operation for block ciphers.
- Author
- Freie Universitaet Berlin, Computer Systems & Telematics
-
Nico von Geyso nico..nosp@m.geys.nosp@m.o@fu-.nosp@m.berl.nosp@m.in.de
Definition in file ccm.h.
Go to the source code of this file.
|
int | cipher_encrypt_ccm (const cipher_t *cipher, const uint8_t *auth_data, uint32_t auth_data_len, uint8_t mac_length, uint8_t length_encoding, const uint8_t *nonce, size_t nonce_len, const uint8_t *input, size_t input_len, uint8_t *output) |
| Encrypt and authenticate data of arbitrary length in ccm mode.
|
|
int | cipher_decrypt_ccm (const cipher_t *cipher, const uint8_t *auth_data, uint32_t auth_data_len, uint8_t mac_length, uint8_t length_encoding, const uint8_t *nonce, size_t nonce_len, const uint8_t *input, size_t input_len, uint8_t *output) |
| Decrypt data of arbitrary length in ccm mode.
|
|
◆ CCM_BLOCK_SIZE
#define CCM_BLOCK_SIZE 16 |
Block size required for the cipher.
CCM is only defined for 128 bit ciphers.
Definition at line 43 of file ccm.h.
◆ CCM_ERR_INVALID_CBC_MAC
#define CCM_ERR_INVALID_CBC_MAC (-3) |
Definition at line 34 of file ccm.h.
◆ CCM_ERR_INVALID_DATA_LENGTH
#define CCM_ERR_INVALID_DATA_LENGTH (-3) |
Definition at line 35 of file ccm.h.
◆ CCM_ERR_INVALID_LENGTH_ENCODING
#define CCM_ERR_INVALID_LENGTH_ENCODING (-4) |
Definition at line 36 of file ccm.h.
◆ CCM_ERR_INVALID_MAC_LENGTH
#define CCM_ERR_INVALID_MAC_LENGTH (-5) |
Definition at line 37 of file ccm.h.
◆ CCM_ERR_INVALID_NONCE_LENGTH
#define CCM_ERR_INVALID_NONCE_LENGTH (-2) |
Definition at line 33 of file ccm.h.
◆ CCM_MAC_MAX_LEN
#define CCM_MAC_MAX_LEN 16 |
Maximum length for the appended MAC.
Definition at line 48 of file ccm.h.
◆ cipher_decrypt_ccm()
int cipher_decrypt_ccm |
( |
const cipher_t * |
cipher, |
|
|
const uint8_t * |
auth_data, |
|
|
uint32_t |
auth_data_len, |
|
|
uint8_t |
mac_length, |
|
|
uint8_t |
length_encoding, |
|
|
const uint8_t * |
nonce, |
|
|
size_t |
nonce_len, |
|
|
const uint8_t * |
input, |
|
|
size_t |
input_len, |
|
|
uint8_t * |
output |
|
) |
| |
Decrypt data of arbitrary length in ccm mode.
- Parameters
-
cipher | Already initialized cipher struct |
auth_data | Additional data to authenticate in MAC |
auth_data_len | Length of additional data, max (2^16 - 2^8) |
mac_length | length of the appended MAC (between 4 and 16 - only even values) |
length_encoding | maximal supported length of plaintext (2^(8*length_enc)). |
nonce | Nounce for ctr mode encryption |
nonce_len | Length of the nonce in octets (maximum: 15-length_encoding) |
input | pointer to input data to decrypt |
input_len | length of the input data, [0, 2^32] |
output | pointer to allocated memory for decrypted data. It has to be of size data_len - mac_length. |
- Returns
- Length of the decrypted data on a successful decryption, can be 0 if only auth_data and MAC is present.
-
A negative error code if something went wrong
◆ cipher_encrypt_ccm()
int cipher_encrypt_ccm |
( |
const cipher_t * |
cipher, |
|
|
const uint8_t * |
auth_data, |
|
|
uint32_t |
auth_data_len, |
|
|
uint8_t |
mac_length, |
|
|
uint8_t |
length_encoding, |
|
|
const uint8_t * |
nonce, |
|
|
size_t |
nonce_len, |
|
|
const uint8_t * |
input, |
|
|
size_t |
input_len, |
|
|
uint8_t * |
output |
|
) |
| |
Encrypt and authenticate data of arbitrary length in ccm mode.
- Parameters
-
cipher | Already initialized cipher struct |
auth_data | Additional data to authenticate in MAC |
auth_data_len | Length of additional data, max (2^16 - 2^8) |
mac_length | length of the appended MAC (between 4 and 16 - only even values) |
length_encoding | maximal supported length of plaintext (2^(8*length_enc)). |
nonce | Nounce for ctr mode encryption |
nonce_len | Length of the nonce in octets (maximum: 15-length_encoding) |
input | pointer to input data to encrypt |
input_len | length of the input data, [0, 2^32] |
output | pointer to allocated memory for encrypted data. It has to be of size data_len + mac_length. |
- Returns
- Length of encrypted data on a successful encryption, can be 0 if input_len=0 (no plaintext)
-
A negative error code if something went wrong