|
|
AESCCM driver header.
The Counter with CBC-MAC (CCM) mode of operation is a generic authenticated encryption block cipher mode. It can be used with any block cipher. AESCCM combines CBC-MAC with an AES block cipher in CTR mode of operation.
This combination of block cipher modes enables CCM to encrypt messages of any length and not only multiples of the block cipher block size.
CTR provides confidentiality. The defined application of CBC-MAC provides message integrity and authentication.
AESCCM has the following inputs and outputs:
| Encryption | Decryption |
|---|---|
| Input | |
| Shared AES key | Shared AES key |
| Nonce | Nonce |
| Cleartext | Ciphertext |
| MAC | |
| AAD (optional) | AAD (optional) |
| Output | |
| Ciphertext | Cleartext |
| MAC | |
The AES key is a shared secret between the two parties and has a length of 128, 192, or 256 bits.
The nonce is generated by the party performing the authenticated encryption operation. Within the scope of any authenticated encryption key, the nonce value must be unique. That is, the set of nonce values used with any given key must not contain any duplicate values. Using the same nonce for two different messages encrypted with the same key destroys the security properties.
The length of the nonce determines the maximum number of messages that may be encrypted and authenticated before you must regenerate the key. Reasonable session key rotation schemes will regenerate the key before reaching this limit. There is a trade-off between the nonce-length and the maximum length of the plaintext to encrypt and authenticate per nonce. This is because CTR concatenates the nonce and an internal counter into one 16-byte IV. The counter is incremented after generating an AES-block-sized pseudo-random bitstream. This bitstream is XOR'd with the plaintext. The counter would eventually roll over for a sufficiently long message. This is must not happen. Hence, the longer the nonce and the more messages you can send before needing to rotate the key, the shorter the lengths of individual messages sent may be. The minimum and maximum nonce length defined by the CCM standard provide for both a reasonable number of messages before key rotation and a reasonable maximum message length. Check NIST SP 800-38C for details.
The optional additional authentication data (AAD) is authenticated but not encrypted. Thus, the AAD is not included in the AES-CCM output. It can be used to authenticate packet headers.
After the encryption operation, the ciphertext contains the encrypted data. The message authentication code (MAC) is also provided.
The AESCCM driver supports both classic CCM as defined by NIST SP 800-38C and the CCM* variant used in IEEE 802.15.4. CCM* allows for unauthenticated encryption using CCM by permitting a MAC length of 0. It also imposes the requirement that the MAC length be embedded in the nonce used for each message if the MAC length varies within the protocol using CCM*.
Before starting a CCM operation, the application must do the following:
The AESCCM_oneStepEncrypt and AESCCM_oneStepDecrypt functions do a CCM operation in a single call. They will always be the most highly optimized routines with the least overhead and the fastest runtime. However, they require all AAD and plaintext or ciphertext data to be available to the function at the start of the call. All devices support single call operations.
When performing a decryption operation with AESCCM_oneStepDecrypt(), the MAC is automatically verified.
After the CCM operation completes, the application should either start another operation or close the driver by calling AESCCM_close()
### Single call CCM encryption + authentication with plaintext CryptoKey in blocking return mode #
### Single call CCM decryption + verification with plaintext CryptoKey in callback return mode #
### Multi-step CCM encryption + authentication with plaintext CryptoKey in blocking return mode #
### Multi-step CCM decryption + verification with plaintext CryptoKey in callback return mode #
#include <stdbool.h>#include <stddef.h>#include <stdint.h>#include <ti/drivers/AESCommon.h>#include <ti/drivers/cryptoutils/cryptokey/CryptoKey.h>
Go to the source code of this file.
Data Structures | |
| struct | AESCCM_OneStepOperation |
| Struct containing the parameters required for encrypting/decrypting and authenticating/verifying a message for one-step operations. More... | |
| struct | AESCCM_SegmentedAADOperation |
| Struct containing the parameters required for authenticating/verifying additional data in a segmented operation. Must be updated for each add AAD step of a segmented operation. More... | |
| struct | AESCCM_SegmentedDataOperation |
| Struct containing the parameters required for encrypting/decrypting a message in a segmented operation. Must be updated between each add data step of a segmented operation. More... | |
| struct | AESCCM_SegmentedFinalizeOperation |
| Struct containing the parameters required for finalizing an encryption/decryption and authentication/verification of a message in a segmented operation. More... | |
| union | AESCCM_OperationUnion |
| Union containing a reference to a one step, segmented AAD, segmented data, or segmented finalize operation. More... | |
| struct | AESCCM_Params |
| CCM Parameters. More... | |
Macros | |
| #define | AESCCM_STATUS_RESERVED AES_STATUS_RESERVED |
| #define | AESCCM_STATUS_SUCCESS AES_STATUS_SUCCESS |
| Successful status code. More... | |
| #define | AESCCM_STATUS_ERROR AES_STATUS_ERROR |
| Generic error status code. More... | |
| #define | AESCCM_STATUS_RESOURCE_UNAVAILABLE AES_STATUS_RESOURCE_UNAVAILABLE |
| An error status code returned if the hardware or software resource is currently unavailable. More... | |
| #define | AESCCM_STATUS_CANCELED AES_STATUS_CANCELED |
| The ongoing operation was canceled. More... | |
| #define | AESCCM_STATUS_MAC_INVALID AES_STATUS_MAC_INVALID |
| An error status code returned if the MAC provided by the application for a decryption operation does not match the one calculated during the operation. More... | |
| #define | AESCCM_STATUS_FEATURE_NOT_SUPPORTED AES_STATUS_FEATURE_NOT_SUPPORTED |
| The operation requested is not supported either by the target hardware or the driver implementation. More... | |
| #define | AESCCM_STATUS_KEYSTORE_INVALID_ID AES_STATUS_KEYSTORE_INVALID_ID |
| The operation tried to load a key from the keystore using an invalid key ID. More... | |
| #define | AESCCM_STATUS_KEYSTORE_GENERIC_ERROR AES_STATUS_KEYSTORE_GENERIC_ERROR |
| The key store module returned a generic error. See key store documentation for additional details. More... | |
| #define | AESCCM_STATUS_UNALIGNED_IO_NOT_SUPPORTED AES_STATUS_UNALIGNED_IO_NOT_SUPPORTED |
| The operation does not support non-word-aligned input and/or output. More... | |
Typedefs | |
| typedef AESCommon_Config | AESCCM_Config |
| AESCCM Global configuration. More... | |
| typedef AESCCM_Config * | AESCCM_Handle |
| A handle that is returned from an AESCCM_open() call. More... | |
| typedef AESCCM_OneStepOperation | AESCCM_Operation |
| typedef union AESCCM_OperationUnion | AESCCM_OperationUnion |
| Union containing a reference to a one step, segmented AAD, segmented data, or segmented finalize operation. More... | |
| typedef void(* | AESCCM_CallbackFxn) (AESCCM_Handle handle, int_fast16_t returnValue, AESCCM_OperationUnion *operation, AESCCM_OperationType operationType) |
| The definition of a callback function used by the AESCCM driver when used in AESCCM_RETURN_BEHAVIOR_CALLBACK. More... | |
Enumerations | |
| enum | AESCCM_ReturnBehavior { AESCCM_RETURN_BEHAVIOR_CALLBACK = AES_RETURN_BEHAVIOR_CALLBACK, AESCCM_RETURN_BEHAVIOR_BLOCKING = AES_RETURN_BEHAVIOR_BLOCKING, AESCCM_RETURN_BEHAVIOR_POLLING = AES_RETURN_BEHAVIOR_POLLING } |
| The way in which CCM function calls return after performing an encryption + authentication or decryption + verification operation. More... | |
| enum | AESCCM_Mode { AESCCM_MODE_ENCRYPT = 1, AESCCM_MODE_DECRYPT = 2 } |
| Enum for the direction of the CCM operation. More... | |
| enum | AESCCM_OperationType { AESCCM_OPERATION_TYPE_ENCRYPT = 1, AESCCM_OPERATION_TYPE_DECRYPT = 2, AESCCM_OP_TYPE_ONESTEP_ENCRYPT = 1, AESCCM_OP_TYPE_ONESTEP_DECRYPT = 2, AESCCM_OP_TYPE_AAD_ENCRYPT = 3, AESCCM_OP_TYPE_AAD_DECRYPT = 4, AESCCM_OP_TYPE_DATA_ENCRYPT = 5, AESCCM_OP_TYPE_DATA_DECRYPT = 6, AESCCM_OP_TYPE_FINALIZE_ENCRYPT = 7, AESCCM_OP_TYPE_FINALIZE_DECRYPT = 8 } |
| Enum for the operation types supported by the driver. More... | |
Functions | |
| void | AESCCM_init (void) |
| This function initializes the CCM module. More... | |
| void | AESCCM_Params_init (AESCCM_Params *params) |
| Function to initialize the AESCCM_Params struct to its defaults. More... | |
| AESCCM_Handle | AESCCM_open (uint_least8_t index, const AESCCM_Params *params) |
| This function opens a given CCM peripheral. More... | |
| void | AESCCM_close (AESCCM_Handle handle) |
| Function to close a CCM peripheral specified by the CCM handle. More... | |
| int_fast16_t | AESCCM_setupEncrypt (AESCCM_Handle handle, const CryptoKey *key, size_t totalAADLength, size_t totalPlaintextLength, size_t macLength) |
| Function to prepare a segmented AESCCM encryption operation. More... | |
| int_fast16_t | AESCCM_setupDecrypt (AESCCM_Handle handle, const CryptoKey *key, size_t totalAADLength, size_t totalPlaintextLength, size_t macLength) |
| Function to prepare a segmented AESCCM decryption operation. More... | |
| int_fast16_t | AESCCM_setLengths (AESCCM_Handle handle, size_t aadLength, size_t plaintextLength, size_t macLength) |
| Function to set the lengths of the message, additional data, and MAC. More... | |
| int_fast16_t | AESCCM_setNonce (AESCCM_Handle handle, const uint8_t *nonce, size_t nonceLength) |
| Function to set the nonce for an AES CCM segmented operation. More... | |
| int_fast16_t | AESCCM_generateNonce (AESCCM_Handle handle, uint8_t *nonce, size_t nonceSize, size_t *nonceLength) |
| Function to generate a nonce for an AES CCM segmented encryption operation. More... | |
| int_fast16_t | AESCCM_addAAD (AESCCM_Handle handle, AESCCM_SegmentedAADOperation *operation) |
| Adds a segment of aad with a length in bytes to the generated MAC. The length must be a multiple of a block size, 16 bytes, unless passing in the last chunk of AAD. More... | |
| int_fast16_t | AESCCM_addData (AESCCM_Handle handle, AESCCM_SegmentedDataOperation *operation) |
| Adds a segment of data with a length in bytes to the plaintext/ciphertext output and generated MAC. The length must be a multiple of a block size, 16 bytes, unless passing in the last chunk of payload data. More... | |
| int_fast16_t | AESCCM_finalizeEncrypt (AESCCM_Handle handle, AESCCM_SegmentedFinalizeOperation *operation) |
| Finalize the MAC and ciphertext. More... | |
| int_fast16_t | AESCCM_finalizeDecrypt (AESCCM_Handle handle, AESCCM_SegmentedFinalizeOperation *operation) |
| Finalize the MAC and plaintext and verify it. More... | |
| void | AESCCM_Operation_init (AESCCM_Operation *operationStruct) |
| Function to initialize an AESCCM_Operation struct to its defaults. More... | |
| void | AESCCM_OneStepOperation_init (AESCCM_OneStepOperation *operationStruct) |
| Function to initialize an AESCCM_OneStepOperation struct to its defaults. More... | |
| void | AESCCM_SegmentedAADOperation_init (AESCCM_SegmentedAADOperation *operationStruct) |
| Function to initialize an AESCCM_SegmentedAADOperation struct to its defaults. More... | |
| void | AESCCM_SegmentedDataOperation_init (AESCCM_SegmentedDataOperation *operationStruct) |
| Function to initialize an AESCCM_SegmentedDataOperation struct to its defaults. More... | |
| void | AESCCM_SegmentedFinalizeOperation_init (AESCCM_SegmentedFinalizeOperation *operationStruct) |
| Function to initialize an AESCCM_SegmentedFinalizeOperation struct to its defaults. More... | |
| int_fast16_t | AESCCM_oneStepEncrypt (AESCCM_Handle handle, AESCCM_OneStepOperation *operationStruct) |
| Function to perform an AESCCM encryption + authentication operation in one call. More... | |
| int_fast16_t | AESCCM_oneStepDecrypt (AESCCM_Handle handle, AESCCM_OneStepOperation *operationStruct) |
| Function to perform an AESCCM decryption + verification operation in one call. More... | |
| int_fast16_t | AESCCM_cancelOperation (AESCCM_Handle handle) |
| Cancels an ongoing AESCCM operation. More... | |
| AESCCM_Handle | AESCCM_construct (AESCCM_Config *config, const AESCCM_Params *params) |
| Constructs a new AESCCM object. More... | |
Variables | |
| const AESCCM_Params | AESCCM_defaultParams |
| Default AESCCM_Params structure. More... | |
| #define AESCCM_STATUS_RESERVED AES_STATUS_RESERVED |
Common AESCCM status code reservation offset. AESCCM driver implementations should offset status codes with AESCCM_STATUS_RESERVED growing negatively.
Example implementation specific status codes:
| #define AESCCM_STATUS_SUCCESS AES_STATUS_SUCCESS |
Successful status code.
Functions return AESCCM_STATUS_SUCCESS if the function was executed successfully.
| #define AESCCM_STATUS_ERROR AES_STATUS_ERROR |
Generic error status code.
Functions return AESCCM_STATUS_ERROR if the function was not executed successfully and no more pertinent error code could be returned.
| #define AESCCM_STATUS_RESOURCE_UNAVAILABLE AES_STATUS_RESOURCE_UNAVAILABLE |
An error status code returned if the hardware or software resource is currently unavailable.
AESCCM driver implementations may have hardware or software limitations on how many clients can simultaneously perform operations. This status code is returned if the mutual exclusion mechanism signals that an operation cannot currently be performed.
| #define AESCCM_STATUS_CANCELED AES_STATUS_CANCELED |
The ongoing operation was canceled.
| #define AESCCM_STATUS_MAC_INVALID AES_STATUS_MAC_INVALID |
An error status code returned if the MAC provided by the application for a decryption operation does not match the one calculated during the operation.
This code is returned by AESCCM_oneStepDecrypt() or AESCCM_finalizeDecrypt() if the verification of the MAC fails.
| #define AESCCM_STATUS_FEATURE_NOT_SUPPORTED AES_STATUS_FEATURE_NOT_SUPPORTED |
The operation requested is not supported either by the target hardware or the driver implementation.
| #define AESCCM_STATUS_KEYSTORE_INVALID_ID AES_STATUS_KEYSTORE_INVALID_ID |
The operation tried to load a key from the keystore using an invalid key ID.
| #define AESCCM_STATUS_KEYSTORE_GENERIC_ERROR AES_STATUS_KEYSTORE_GENERIC_ERROR |
The key store module returned a generic error. See key store documentation for additional details.
| #define AESCCM_STATUS_UNALIGNED_IO_NOT_SUPPORTED AES_STATUS_UNALIGNED_IO_NOT_SUPPORTED |
The operation does not support non-word-aligned input and/or output.
AESCCM driver implementations may have restrictions on the alignment of input/output data due to performance limitations of the hardware.
| typedef AESCommon_Config AESCCM_Config |
AESCCM Global configuration.
The AESCCM_Config structure contains a set of pointers used to characterize the AESCCM driver implementation.
This structure needs to be defined before calling AESCCM_init() and it must not be changed thereafter.
| typedef AESCCM_Config* AESCCM_Handle |
A handle that is returned from an AESCCM_open() call.
| typedef union AESCCM_OperationUnion AESCCM_OperationUnion |
Union containing a reference to a one step, segmented AAD, segmented data, or segmented finalize operation.
| typedef void(* AESCCM_CallbackFxn) (AESCCM_Handle handle, int_fast16_t returnValue, AESCCM_OperationUnion *operation, AESCCM_OperationType operationType) |
The definition of a callback function used by the AESCCM driver when used in AESCCM_RETURN_BEHAVIOR_CALLBACK.
| handle | Handle of the client that started the CCM operation. |
| returnValue | The result of the CCM operation. May contain an error code. Informs the application of why the callback function was called. |
| operationUnion | A pointer to an operation union. |
| operationType | This parameter determines which operation the callback refers to. |
The way in which CCM function calls return after performing an encryption + authentication or decryption + verification operation.
Not all CCM operations exhibit the specified return behavior. Functions that do not require significant computation and cannot offload that computation to a background thread behave like regular functions. Which functions exhibit the specified return behavior is not implementation dependent. Specifically, a software-backed implementation run on the same CPU as the application will emulate the return behavior while not actually offloading the computation to the background thread.
AESCCM functions exhibiting the specified return behavior have restrictions on the context from which they may be called.
| Task | Hwi | Swi | |
|---|---|---|---|
| AESCCM_RETURN_BEHAVIOR_CALLBACK | X | X | X |
| AESCCM_RETURN_BEHAVIOR_BLOCKING | X | ||
| AESCCM_RETURN_BEHAVIOR_POLLING | X | X | X |
| enum AESCCM_Mode |
| enum AESCCM_OperationType |
Enum for the operation types supported by the driver.
| void AESCCM_init | ( | void | ) |
This function initializes the CCM module.
| void AESCCM_Params_init | ( | AESCCM_Params * | params | ) |
Function to initialize the AESCCM_Params struct to its defaults.
| params | An pointer to AESCCM_Params structure for initialization |
Defaults values are: returnBehavior = AESCCM_RETURN_BEHAVIOR_BLOCKING callbackFxn = NULL timeout = SemaphoreP_WAIT_FOREVER custom = NULL
| AESCCM_Handle AESCCM_open | ( | uint_least8_t | index, |
| const AESCCM_Params * | params | ||
| ) |
This function opens a given CCM peripheral.
| [in] | index | Logical peripheral number for the CCM indexed into the AESCCM_config table |
| [in] | params | Pointer to an parameter block, if NULL it will use default values. |
| void AESCCM_close | ( | AESCCM_Handle | handle | ) |
Function to close a CCM peripheral specified by the CCM handle.
| [in] | handle | A CCM handle |
| int_fast16_t AESCCM_setupEncrypt | ( | AESCCM_Handle | handle, |
| const CryptoKey * | key, | ||
| size_t | totalAADLength, | ||
| size_t | totalPlaintextLength, | ||
| size_t | macLength | ||
| ) |
Function to prepare a segmented AESCCM encryption operation.
This function sets up a segmented AESCCM encryption operation.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | key | Pointer to a previously initialized CryptoKey. |
| [in] | totalAADLength | Total size of the AAD in bytes. This value can be 0 and later provided by AESCCM_setLengths(). |
| [in] | totalPlaintextLength | Total size of the plaintext in bytes. This value can be 0 and later provided by AESCCM_setLengths(). |
| [in] | macLength | Size of the MAC in bytes. This value can be 0 and later provided by AESCCM_setLengths(). |
| AESCCM_STATUS_SUCCESS | The operation succeeded. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_FEATURE_NOT_SUPPORTED | The operation is not supported in this device. |
| int_fast16_t AESCCM_setupDecrypt | ( | AESCCM_Handle | handle, |
| const CryptoKey * | key, | ||
| size_t | totalAADLength, | ||
| size_t | totalPlaintextLength, | ||
| size_t | macLength | ||
| ) |
Function to prepare a segmented AESCCM decryption operation.
This function sets up a segmented AESCCM decryption operation.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | key | Pointer to a previously initialized CryptoKey. |
| [in] | totalAADLength | Total size of the AAD in bytes. This value can be 0 and later provided by AESCCM_setLengths(). |
| [in] | totalPlaintextLength | Total size of the plaintext in bytes This value can be 0 and later provided by AESCCM_setLengths(). |
| [in] | macLength | Size of the MAC in bytes. This value can be 0 and later provided by AESCCM_setLengths(). |
| AESCCM_STATUS_SUCCESS | The operation succeeded. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_FEATURE_NOT_SUPPORTED | The operation is not supported in this device. |
| int_fast16_t AESCCM_setLengths | ( | AESCCM_Handle | handle, |
| size_t | aadLength, | ||
| size_t | plaintextLength, | ||
| size_t | macLength | ||
| ) |
Function to set the lengths of the message, additional data, and MAC.
This function declares the lengths of the message, additional authenticated data (AAD), and MAC.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | aadLength | Size of the non-encrypted AAD in bytes |
| [in] | plaintextLength | Size of the plaintext or ciphertext to encrypt or decrypt in bytes |
| [in] | macLength | Size of the MAC in bytes |
| AESCCM_STATUS_SUCCESS | The operation succeeded. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_FEATURE_NOT_SUPPORTED | The operation is not supported in this device. |
| int_fast16_t AESCCM_setNonce | ( | AESCCM_Handle | handle, |
| const uint8_t * | nonce, | ||
| size_t | nonceLength | ||
| ) |
Function to set the nonce for an AES CCM segmented operation.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | nonce | Pointer to the buffer containing the nonce |
| [in] | nonceLength | The length of the nonce in bytes |
| AESCCM_STATUS_SUCCESS | The operation succeeded. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_FEATURE_NOT_SUPPORTED | The operation is not supported in this device. |
| int_fast16_t AESCCM_generateNonce | ( | AESCCM_Handle | handle, |
| uint8_t * | nonce, | ||
| size_t | nonceSize, | ||
| size_t * | nonceLength | ||
| ) |
Function to generate a nonce for an AES CCM segmented encryption operation.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | nonce | Pointer to the buffer where the generated nonce is to be written to |
| [in] | nonceSize | The length of the nonce buffer in bytes |
| [out] | nonceLength | The length of the nonce actually written if the operation was successful |
| AESCCM_STATUS_SUCCESS | The operation succeeded. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_FEATURE_NOT_SUPPORTED | The operation is not supported in this device. |
| int_fast16_t AESCCM_addAAD | ( | AESCCM_Handle | handle, |
| AESCCM_SegmentedAADOperation * | operation | ||
| ) |
Adds a segment of aad with a length in bytes to the generated MAC. The length must be a multiple of a block size, 16 bytes, unless passing in the last chunk of AAD.
AESCCM_addAAD() may be called an arbitrary number of times before continuing the operation with AESCCM_addData(), AESCCM_finalizeEncrypt() or AESCCM_finalizeDecrypt().
This function returns according to the return behavior set when opening the driver.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | operation | Pointer to segmented AAD CCM operation structure |
| AESCCM_STATUS_SUCCESS | The operation succeeded. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_RESOURCE_UNAVAILABLE | The required hardware resource was not available. Try again later. |
| AESCCM_STATUS_FEATURE_NOT_SUPPORTED | The operation is not supported in this device. |
| AESCCM_STATUS_CANCELED | The operation was canceled. |
| int_fast16_t AESCCM_addData | ( | AESCCM_Handle | handle, |
| AESCCM_SegmentedDataOperation * | operation | ||
| ) |
Adds a segment of data with a length in bytes to the plaintext/ciphertext output and generated MAC. The length must be a multiple of a block size, 16 bytes, unless passing in the last chunk of payload data.
AESCCM_addData() may be called an arbitrary number of times before finishing the operation with AESCCM_finalizeEncrypt() or AESCCM_finalizeDecrypt().
This function returns according to the return behavior set when opening the driver.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | operation | Pointer to segmented data CCM operation structure |
| AESCCM_STATUS_SUCCESS | The operation succeeded. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_RESOURCE_UNAVAILABLE | The required hardware resource was not available. Try again later. |
| AESCCM_STATUS_FEATURE_NOT_SUPPORTED | The operation is not supported in this device. |
| AESCCM_STATUS_CANCELED | The operation was canceled. |
| AESCCM_STATUS_UNALIGNED_IO_NOT_SUPPORTED | The input and/or output buffer were not word-aligned. |
| int_fast16_t AESCCM_finalizeEncrypt | ( | AESCCM_Handle | handle, |
| AESCCM_SegmentedFinalizeOperation * | operation | ||
| ) |
Finalize the MAC and ciphertext.
This function finalizes the encryption of a dataset earlier provided by calls to AESCCM_addAAD() and AESCCM_addData() and creates a message authentication code. If additional data needs to be encrypted and verified as part of this call, set the operation structure inputLength accordingly.
The resulting output is a message authentication code and ciphertext.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | operation | Pointer to segmented finalize CCM operation structure |
| AESCCM_STATUS_SUCCESS | In AESCCM_RETURN_BEHAVIOR_BLOCKING and AESCCM_RETURN_BEHAVIOR_POLLING, this means the MAC was generated successfully. In AESCCM_RETURN_BEHAVIOR_CALLBACK, this means the operation started successfully. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_CANCELED | The operation was canceled. |
| AESCCM_STATUS_FEATURE_NOT_SUPPORTED | The operation is not supported in this device. |
| AESCCM_STATUS_UNALIGNED_IO_NOT_SUPPORTED | The input and/or output buffer were not word-aligned. |
| int_fast16_t AESCCM_finalizeDecrypt | ( | AESCCM_Handle | handle, |
| AESCCM_SegmentedFinalizeOperation * | operation | ||
| ) |
Finalize the MAC and plaintext and verify it.
This function finalizes the decryption of a dataset earlier provided by calls to AESCCM_addAAD() and AESCCM_addData() and verifies a provided message authentication code. If additional data needs to be decrypted and verified as part of this call, set the operation structure inputLength accordingly.
The resulting output is a verification return code and plaintext.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | operation | Pointer to segmented finalize CCM operation structure |
| AESCCM_STATUS_SUCCESS | In AESCCM_RETURN_BEHAVIOR_BLOCKING and AESCCM_RETURN_BEHAVIOR_POLLING, this means the MAC was verified successfully. In AESCCM_RETURN_BEHAVIOR_CALLBACK, this means the operation started successfully. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_MAC_INVALID | The provided MAC did not match the recomputed one. |
| AESCCM_STATUS_CANCELED | The operation was canceled. |
| AESCCM_STATUS_FEATURE_NOT_SUPPORTED | The operation is not supported in this device. |
| AESCCM_STATUS_UNALIGNED_IO_NOT_SUPPORTED | The input and/or output buffer were not word-aligned. |
| void AESCCM_Operation_init | ( | AESCCM_Operation * | operationStruct | ) |
Function to initialize an AESCCM_Operation struct to its defaults.
| [in] | operationStruct | A pointer to an AESCCM_Operation structure for initialization |
Defaults values are all zeros.
| void AESCCM_OneStepOperation_init | ( | AESCCM_OneStepOperation * | operationStruct | ) |
Function to initialize an AESCCM_OneStepOperation struct to its defaults.
| [in] | operationStruct | A pointer to an AESCCM_OneStepOperation structure for initialization |
Defaults values are all zeros.
| void AESCCM_SegmentedAADOperation_init | ( | AESCCM_SegmentedAADOperation * | operationStruct | ) |
Function to initialize an AESCCM_SegmentedAADOperation struct to its defaults.
| [in] | operationStruct | A pointer to an AESCCM_SegmentedAADOperation structure for initialization |
Defaults values are all zeros.
| void AESCCM_SegmentedDataOperation_init | ( | AESCCM_SegmentedDataOperation * | operationStruct | ) |
Function to initialize an AESCCM_SegmentedDataOperation struct to its defaults.
| [in] | operationStruct | A pointer to an AESCCM_SegmentedDataOperation structure for initialization |
Defaults values are all zeros.
| void AESCCM_SegmentedFinalizeOperation_init | ( | AESCCM_SegmentedFinalizeOperation * | operationStruct | ) |
Function to initialize an AESCCM_SegmentedFinalizeOperation struct to its defaults.
| [in] | operationStruct | A pointer to an AESCCM_SegmentedFinalizeOperation structure for initialization |
Defaults values are all zeros.
| int_fast16_t AESCCM_oneStepEncrypt | ( | AESCCM_Handle | handle, |
| AESCCM_OneStepOperation * | operationStruct | ||
| ) |
Function to perform an AESCCM encryption + authentication operation in one call.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | operationStruct | A pointer to a struct containing the parameters required to perform the operation. |
| AESCCM_STATUS_SUCCESS | The operation succeeded. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_RESOURCE_UNAVAILABLE | The required hardware resource was not available. Try again later. |
| AESCCM_STATUS_UNALIGNED_IO_NOT_SUPPORTED | The input and/or output buffer were not word-aligned. |
| int_fast16_t AESCCM_oneStepDecrypt | ( | AESCCM_Handle | handle, |
| AESCCM_OneStepOperation * | operationStruct | ||
| ) |
Function to perform an AESCCM decryption + verification operation in one call.
| [in] | handle | A CCM handle returned from AESCCM_open() or AESCCM_construct() |
| [in] | operationStruct | A pointer to a struct containing the parameters required to perform the operation. |
| AESCCM_STATUS_SUCCESS | The operation succeeded. |
| AESCCM_STATUS_ERROR | The operation failed. |
| AESCCM_STATUS_RESOURCE_UNAVAILABLE | The required hardware resource was not available. Try again later. |
| AESCCM_STATUS_MAC_INVALID | The provided MAC did not match the recomputed one. |
| AESCCM_STATUS_UNALIGNED_IO_NOT_SUPPORTED | The input and/or output buffer were not word-aligned. |
| int_fast16_t AESCCM_cancelOperation | ( | AESCCM_Handle | handle | ) |
Cancels an ongoing AESCCM operation.
Asynchronously cancels an AESCCM operation. Only available when using AESCCM_RETURN_BEHAVIOR_CALLBACK. The operation will terminate as though an error occurred. The return status code of the operation will be AESCCM_STATUS_CANCELED.
| [in] | handle | Handle of the operation to cancel |
| AESCCM_STATUS_SUCCESS | The operation was canceled, or the operation had already completed. |
| AESCCM_STATUS_ERROR | The driver was not in callback mode, or the operation's output and generated MAC weren't properly cleared. |
| AESCCM_Handle AESCCM_construct | ( | AESCCM_Config * | config, |
| const AESCCM_Params * | params | ||
| ) |
Constructs a new AESCCM object.
Unlike AESCCM_open(), AESCCM_construct() does not require the hwAttrs and object to be allocated in a AESCCM_Config array that is indexed into. Instead, the AESCCM_Config, hwAttrs, and object can be allocated at any location. This allows for relatively simple run-time allocation of temporary driver instances on the stack or the heap. The drawback is that this makes it more difficult to write device-agnostic code. If you use an ifdef with DeviceFamily, you can choose the correct object and hwAttrs to allocate. That compilation unit will be tied to the device it was compiled for at this point. To change devices, recompilation of the application with a different DeviceFamily setting is necessary.
| config | AESCCM_Config describing the location of the object and hwAttrs. |
| params | AESCCM_Params to configure the driver instance. |
config points to must be zeroed out prior to calling this function. Otherwise, unexpected behavior may ensue. | const AESCCM_Params AESCCM_defaultParams |
Default AESCCM_Params structure.