46#define CCM_STAR_AUTH_FLAGS(a_len, mic_len) (((a_len) ? 1u << 6 : 0) \
47 | ((((mic_len) - 2u) >> 1) << 3) \
49#define CCM_STAR_ENCRYPTION_FLAGS 1
51#define MIC_LEN_VALID(x) ((x) >= 4 && (x) <= 16 && (x) % 2 == 0)
61 memcpy(iv + 1, nonce, CCM_STAR_NONCE_LENGTH);
62 iv[14] = counter >> 8;
68ctr_step(
const uint8_t *nonce,
70 uint8_t *m_and_result, uint16_t m_len,
73 uint8_t a[AES_128_BLOCK_SIZE];
75 set_iv(a, CCM_STAR_ENCRYPTION_FLAGS, nonce, counter);
78 for(uint_fast8_t i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) {
79 m_and_result[pos + i] ^= a[i];
84mic(
const uint8_t *nonce,
85 const uint8_t *m, uint16_t m_len,
86 const uint8_t *a, uint16_t a_len,
87 uint8_t *result, uint8_t mic_len)
89 uint8_t x[AES_128_BLOCK_SIZE];
91 set_iv(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len);
98 for(pos = 0; (pos < a_len) && (pos < AES_128_BLOCK_SIZE - 2); pos++) {
105 for(; pos < a_len; pos += AES_128_BLOCK_SIZE) {
106 for(uint_fast8_t i = 0;
107 (pos + i < a_len) && (i < AES_128_BLOCK_SIZE);
117 for(uint32_t pos = 0; pos < m_len; pos += AES_128_BLOCK_SIZE) {
118 for(uint_fast8_t i = 0;
119 (pos + i < m_len) && (i < AES_128_BLOCK_SIZE);
127 ctr_step(nonce, 0, x, AES_128_BLOCK_SIZE, 0);
129 memcpy(result, x, mic_len);
133ctr(
const uint8_t *nonce, uint8_t *m, uint16_t m_len)
135 uint16_t counter = 1;
137 for(uint32_t pos = 0; pos < m_len; pos += AES_128_BLOCK_SIZE) {
138 ctr_step(nonce, pos, m, m_len, counter++);
143set_key(
const uint8_t *key)
145 AES_128.set_key(key);
149aead(
const uint8_t* nonce,
150 uint8_t* m, uint16_t m_len,
151 const uint8_t* a, uint16_t a_len,
152 uint8_t *result, uint8_t mic_len,
155 if(!MIC_LEN_VALID(mic_len)) {
161 ctr(nonce, m, m_len);
172 ctr(nonce, m, m_len);
Structure of CCM* drivers.
void(* aead)(const uint8_t *nonce, uint8_t *m, uint16_t m_len, const uint8_t *a, uint16_t a_len, uint8_t *result, uint8_t mic_len, int forward)
Combines authentication and encryption.
void(* set_key)(const uint8_t *key)
Sets the key in use.