/* * NIST SP800-38C compliant CCM implementation * * Copyright The Mbed TLS Contributors * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ /* * Definition of CCM: * http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf * RFC 3610 "Counter with CBC-MAC (CCM)" * * Related: * RFC 5116 "An Interface and Algorithms for Authenticated Encryption" */ #include "common.h" #if defined(MBEDTLS_CCM_C) #include "mbedtls/ccm.h" #include "mbedtls/platform_util.h" #include "mbedtls/error.h" #include "mbedtls/constant_time.h" #if defined(MBEDTLS_BLOCK_CIPHER_C) #include "block_cipher_internal.h" #endif #include <string.h> #if defined(MBEDTLS_PLATFORM_C) #include "mbedtls/platform.h" #else #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C) #include <stdio.h> #define mbedtls_printf … #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #endif /* MBEDTLS_PLATFORM_C */ #if !defined(MBEDTLS_CCM_ALT) /* * Initialize context */ void mbedtls_ccm_init(mbedtls_ccm_context *ctx) { … } int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key, unsigned int keybits) { … } /* * Free context */ void mbedtls_ccm_free(mbedtls_ccm_context *ctx) { … } #define CCM_STATE__CLEAR … #define CCM_STATE__STARTED … #define CCM_STATE__LENGTHS_SET … #define CCM_STATE__AUTH_DATA_STARTED … #define CCM_STATE__AUTH_DATA_FINISHED … #define CCM_STATE__ERROR … /* * Encrypt or decrypt a partial block with CTR */ static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx, size_t offset, size_t use_len, const unsigned char *input, unsigned char *output) { … } static void mbedtls_ccm_clear_state(mbedtls_ccm_context *ctx) { … } static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) { … } int mbedtls_ccm_starts(mbedtls_ccm_context *ctx, int mode, const unsigned char *iv, size_t iv_len) { … } int mbedtls_ccm_set_lengths(mbedtls_ccm_context *ctx, size_t total_ad_len, size_t plaintext_len, size_t tag_len) { … } int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx, const unsigned char *add, size_t add_len) { … } int mbedtls_ccm_update(mbedtls_ccm_context *ctx, const unsigned char *input, size_t input_len, unsigned char *output, size_t output_size, size_t *output_len) { … } int mbedtls_ccm_finish(mbedtls_ccm_context *ctx, unsigned char *tag, size_t tag_len) { … } /* * Authenticated encryption or decryption */ static int ccm_auth_crypt(mbedtls_ccm_context *ctx, int mode, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len) { … } /* * Authenticated encryption */ int mbedtls_ccm_star_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len) { … } int mbedtls_ccm_encrypt_and_tag(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, unsigned char *tag, size_t tag_len) { … } /* * Authenticated decryption */ static int mbedtls_ccm_compare_tags(const unsigned char *tag1, const unsigned char *tag2, size_t tag_len) { … } static int ccm_auth_decrypt(mbedtls_ccm_context *ctx, int mode, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len) { … } int mbedtls_ccm_star_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len) { … } int mbedtls_ccm_auth_decrypt(mbedtls_ccm_context *ctx, size_t length, const unsigned char *iv, size_t iv_len, const unsigned char *add, size_t add_len, const unsigned char *input, unsigned char *output, const unsigned char *tag, size_t tag_len) { … } #endif /* !MBEDTLS_CCM_ALT */ #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_CCM_GCM_CAN_AES) /* * Examples 1 to 3 from SP800-38C Appendix C */ #define NB_TESTS … #define CCM_SELFTEST_PT_MAX_LEN … #define CCM_SELFTEST_CT_MAX_LEN … /* * The data is the same for all tests, only the used length changes */ static const unsigned char key_test_data[] = …; static const unsigned char iv_test_data[] = …; static const unsigned char ad_test_data[] = …; static const unsigned char msg_test_data[CCM_SELFTEST_PT_MAX_LEN] = …; static const size_t iv_len_test_data[NB_TESTS] = …; static const size_t add_len_test_data[NB_TESTS] = …; static const size_t msg_len_test_data[NB_TESTS] = …; static const size_t tag_len_test_data[NB_TESTS] = …; static const unsigned char res_test_data[NB_TESTS][CCM_SELFTEST_CT_MAX_LEN] = …; int mbedtls_ccm_self_test(int verbose) { … } #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #endif /* MBEDTLS_CCM_C */
Codebase Browser
godot