ica_aes_cmac_intermediate

Edit online

Purpose

Authenticate data or verify the authenticity of data with an AES key using the Block Cipher Based Message Authentication Code (CMAC) mode, as described in NIST Special Publication 800-38B. ica_aes_cmac_intermediate and ica_aes_cmac_last can be used when the message to be authenticated or to be verified using CMAC is supplied in multiple chunks. ica_aes_cmac_intermediate is used to process all but the last chunk. All message chunks to be processed by ica_aes_cmac_intermediate must have a size that is a multiple of the cipher block size (a multiple of 16 bytes for AES).

Note that ica_aes_cmac_intermediate has no direction argument. This function can be used during authentication and during authenticity verification.

Format


unsigned int ica_aes_cmac_intermediate(const unsigned char *message,
  unsigned long message_length,
  const unsigned char *key,
  unsigned int key_length,
  unsigned char *iv);

Required hardware support

KMAC-AES-128, KMAC-AES-192, or KMAC-AES-256

Parameters

const unsigned char *message
Pointer to a readable buffer of size greater than or equal to message_length bytes. This buffer contains a non-final part of a message, to be authenticated or of which the authenticity is to be verified.
unsigned long message_length
Length in bytes of the message part in message. This value must be a multiple of the cipher block size.
const unsigned char *key
Pointer to a valid AES key.
unsigned int key_length
Length in bytes of the AES key. Supported sizes are 16, 24, and 32 for AES-128, AES-192, and AES-256 respectively. Therefore, you can use the definitions: AES_KEY_LEN128, AES_KEY_LEN192, and AES_KEY_LEN256.
unsigned char *iv
Pointer to a valid initialization vector of cipher block size number of bytes (16 bytes for AES). For the first message part, this parameter must be set to a string of zeros. For processing the n-th message part, this parameter must be the resulting iv value of the ica_aes_cmac_intermediate function applied to the (n-1)-th message part. This vector is overwritten during the function. The result value in iv can be used as the initialization vector for a chained call to ica_aes_cmac_initermediate or to ica_aes_cmac_last with the same key.

Return codes

0
Success

For return codes indicating exceptions, see Return codes.