ica_des_cmac_last

Purpose

Authenticate data or verify the authenticity of data with a DES key using the Block Cipher Based Message Authentication Code (CMAC) mode, as described in NIST Special Publication 800-38B. ica_des_cmac_last can be used to authenticate or verify the authenticity of a complete message or of the final part of a message for which all preceding parts were processed with ica_des_cmac_intermediate.

Format


unsigned int ica_des_cmac_last(const unsigned char *message,
  unsigned long message_length,
  unsigned char *mac,
  unsigned int mac_length,
  const unsigned char *key,
  unsigned char *iv,
  unsigned int direction);

Required hardware support

  • KMAC-DEA
  • PCC-Compute-Last_block-CMAC-Using-DEA

Parameters

const unsigned char *message
Pointer to a readable buffer of size greater than or equal to message_length bytes. This buffer contains a message or the final part of a message, to be either authenticated or of which the authenticity is to be verified.
unsigned long message_length
Length in bytes of the message to be authenticated or verified.
unsigned char *mac
Pointer to a buffer of size greater than or equal to mac_length bytes. If direction is equal to 1, the buffer must be writable and a message authentication code for the message in message of size mac_length bytes is written to the buffer. If direction is equal to 0, the buffer must be readable and contain a message authentication code that is verified against the message in message.
unsigned int mac_length
Length in bytes of the message authentication code mac that is less than or equal to the cipher block size (8 bytes for DES). It is recommended to use a mac_length of 8.
const unsigned char *key
Pointer to a valid DES key of 8 bytes in length.
unsigned char *iv
Pointer to a valid initialization vector of cipher block size number of bytes. If iv is NULL, message is assumed to be the complete message to be processed. Otherwise, message is the final part of a composite message to be processed and iv contains the output vector resulting from processing all previous parts with chained calls to ica_des_cmac_intermediate (the value returned in iv of the ica_des_cmac_intermediate call applied to the penultimate message part).
unsigned int direction
0
Verify message authentication code.
1
Compute message authentication code for the message.

Return codes

0
Success
EFAULT
If direction is equal to 0 and the verification of the message authentication code fails.

For return codes indicating exceptions, see Return codes.