AES CMAC APIs - zpc/aes_cmac.h

Edit online

In file zpc/aes_cmac.hlibzpc provides APIs for message authentication for the Cipher-based Message Authentication Code (CMAC), which is based on the Advanced Encryption Standard (AES) block cipher.

Data structures

The context of an AES-CMAC operation is opaque for an application and is stored in objects of type 
struct zpc_aes_cmac;
Context objects must not be shared among multiple threads. They may be used for multiple operations by setting or resetting the key or initialization vector.

zpc_aes_cmac_alloc

Purpose: Allocate a new context object for an AES-CMAC operation.

Format: 

int zpc_aes_cmac_alloc (
    struct zpc_aes_cmac **ctx );

Parameters:

Direction Name Description
input, output ctx Pointer to an AES-CMAC context object

Return codes:

0 on success. Otherwise, a non-zero error code is returned.

zpc_aes_cmac_free

Purpose: Free an AES-CMAC context object.

If a key is set, the reference count of that key object is decremented. The context object argument is set to NULL.

Format: 

void zpc_aes_cmac_free (
     struct zpc_aes_cmac **ctx );

Parameters:

Direction Name Description
input, output ctx Pointer to an AES-CMAC context object

zpc_aes_cmac_set_key

Purpose: Set the key to be used in the context of an AES-CMAC operation.

If a key is already set, the reference count of that key object is decremented. The context's key reference is set to the key object argument. If the key object argument is not NULL, the reference count of that key object is incremented.

Format: 

int zpc_aes_cmac_set_key (
    struct zpc_aes_cmac *ctx,
    struct zpc_aes_key *key );

Parameters:

Direction Name Description
input, output ctx Pointer to an AES-CMAC context object
input key Pointer to an AES key object

Return codes:

0 on success. Otherwise, a non-zero error code is returned.

zpc_aes_cmac_sign

Purpose: Sign a message using AES-CMAC to obtain the corresponding message authentication code.

A message may be processed chunk-wise. Each chunk's length except the last chunk's length must be a multiple of 16 bytes. The same context object must be used to process all chunks without modifying it between operations.

Format: 

int zpc_aes_cmac_sign (
    struct zpc_aes_cmac *ctx,
    unsigned char *mac,
    size_t maclen,
    const unsigned char *msg,
    size_t msglen );

Parameters:

Direction Name Description
input, output ctx Pointer to an AES-CMAC context object
output mac Pointer to a message authentication code buffer
input maclen Message authentication code length [bytes]
input msg Pointer to a message buffer
input msglen Message length [bytes]

Return codes:

0 on success. Otherwise, a non-zero error code is returned.

zpc_aes_cmac_verify

Purpose: Verify a message authentication code with a message using AES-CMAC.

A message may be processed chunk-wise. Each chunk's length except the last chunk's length must be a multiple of 16 bytes. The same context object must be used to process all chunks without modifying it between operations.

Format: 

int zpc_aes_cmac_verify (
    struct zpc_aes_cmac *ctx,
    const unsigned char *mac,
    size_t maclen,
    const unsigned char *msg,
    size_t msglen );

Parameters:

Direction Name Description
input, output ctx Pointer to an AES-CMAC context object
input mac Pointer to a message authentication code buffer
input maclen Message authentication code length [bytes]
input msg Pointer to a message buffer
input msglen Message length [bytes]

Return codes:

0 on success. Otherwise, a non-zero error code is returned.