Merge remote-tracking branch 'upstream-public/pr/1505' into development-proposed

This commit is contained in:
Jaeden Amero 2018-04-24 10:26:48 +01:00
commit ebfd3cad58

View File

@ -1,7 +1,10 @@
/** /**
* \file ccm.h * \file ccm.h
* *
* \brief CCM combines Counter mode encryption with CBC-MAC authentication * \brief This file provides an API for the CCM authenticated encryption
* mode for block ciphers.
*
* CCM combines Counter mode encryption with CBC-MAC authentication
* for 128-bit block ciphers. * for 128-bit block ciphers.
* *
* Input to CCM includes the following elements: * Input to CCM includes the following elements:
@ -75,7 +78,8 @@ void mbedtls_ccm_init( mbedtls_ccm_context *ctx );
* \param key The encryption key. * \param key The encryption key.
* \param keybits The key size in bits. This must be acceptable by the cipher. * \param keybits The key size in bits. This must be acceptable by the cipher.
* *
* \return \c 0 on success, or a cipher-specific error code. * \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure.
*/ */
int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx, int mbedtls_ccm_setkey( mbedtls_ccm_context *ctx,
mbedtls_cipher_id_t cipher, mbedtls_cipher_id_t cipher,
@ -93,6 +97,13 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
/** /**
* \brief This function encrypts a buffer using CCM. * \brief This function encrypts a buffer using CCM.
* *
*
* \note The tag is written to a separate buffer. To concatenate
* the \p tag with the \p output, as done in <em>RFC-3610:
* Counter with CBC-MAC (CCM)</em>, use
* \p tag = \p output + \p length, and make sure that the
* output buffer is at least \p length + \p tag_len wide.
*
* \param ctx The CCM context to use for encryption. * \param ctx The CCM context to use for encryption.
* \param length The length of the input data in Bytes. * \param length The length of the input data in Bytes.
* \param iv Initialization vector (nonce). * \param iv Initialization vector (nonce).
@ -107,13 +118,8 @@ void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
* \param tag_len The length of the tag to generate in Bytes: * \param tag_len The length of the tag to generate in Bytes:
* 4, 6, 8, 10, 12, 14 or 16. * 4, 6, 8, 10, 12, 14 or 16.
* *
* \note The tag is written to a separate buffer. To concatenate
* the \p tag with the \p output, as done in <em>RFC-3610:
* Counter with CBC-MAC (CCM)</em>, use
* \p tag = \p output + \p length, and make sure that the
* output buffer is at least \p length + \p tag_len wide.
*
* \return \c 0 on success. * \return \c 0 on success.
* \return A CCM or cipher-specific error code on failure.
*/ */
int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
@ -139,8 +145,9 @@ int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
* \param tag_len The length of the tag in Bytes. * \param tag_len The length of the tag in Bytes.
* 4, 6, 8, 10, 12, 14 or 16. * 4, 6, 8, 10, 12, 14 or 16.
* *
* \return 0 if successful and authenticated, or * \return \c 0 on success. This indicates that the message is authentic.
* #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match. * \return #MBEDTLS_ERR_CCM_AUTH_FAILED if the tag does not match.
* \return A cipher-specific error code on calculation failure.
*/ */
int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length, int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
@ -164,7 +171,8 @@ extern "C" {
/** /**
* \brief The CCM checkup routine. * \brief The CCM checkup routine.
* *
* \return \c 0 on success, or \c 1 on failure. * \return \c 0 on success.
* \return \c 1 on failure.
*/ */
int mbedtls_ccm_self_test( int verbose ); int mbedtls_ccm_self_test( int verbose );
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */