ica_3des_cmac

Purpose

Authenticate data or verify the authenticity of data with an 3DES key using the Block Cipher Based Message Authentication Code (CMAC) mode, as described in NIST Special Publication 800-38B. ica_3des_cmac can be used to authenticate or verify the authenticity of a complete message.

Format


unsigned int ica_3des_cmac(const unsigned char *message,
  unsigned long message_length,
  unsigned char *mac,
  unsigned int mac_length,
  const unsigned char *key,
  unsigned int direction);

Required hardware support

  • KMAC-TDEA-192
  • PCC-Compute-Last_block-CMAC-Using-TDEA-192

Parameters

const unsigned char *message
Pointer to a readable buffer of size greater than or equal to message_length bytes. This buffer contains a message to be authenticated, or of which the authenticity is to be verified.
unsigned long message_length
Length in bytes of the message to be authenticated or verified.
unsigned char *mac
Pointer to a buffer of size greater than or equal to mac_length bytes. If direction is equal to 1, the buffer must be writable and a message authentication code for the message in message of size mac_length bytes is written to the buffer. If direction is equal to 0, the buffer must be readable and contain a message authentication code to be verified against the message in message.
unsigned int mac_length
Length in bytes of the message authentication code mac, which is less than or equal to the cipher block size (8 bytes for 3DES). It is recommended to use a mac_length of 8.
const unsigned char *key
Pointer to a valid 3DES key of 24 bytes in length.
unsigned int direction
0
Verify message authentication code.
1
Compute message authentication code for the message.

Return codes

0
Success
EFAULT
If direction is equal to 0 and the verification of the message authentication code fails.

For return codes indicating exceptions, see Return codes.