Data Fields
CryptoCC26XX_AESCCM_Transaction Struct Reference

CryptoCC26XX AES-CCM Transaction. More...

#include <CryptoCC26XX.h>

Data Fields

CryptoCC26XX_Operation opType
 
CryptoCC26XX_Mode mode
 
uint8_t keyIndex
 
uint8_t authLength
 
char * nonce
 
char * msgIn
 
char * header
 
void * msgOut
 
uint8_t fieldLength
 
uint16_t msgInLength
 
uint16_t headerLength
 

Detailed Description

CryptoCC26XX AES-CCM Transaction.

The Counter with CBC-MAC (CCM) mode of operation is a generic authenticated encryption block cipher mode. It can be used with any 128-bit block cipher. AES-CCM combines CBC-MAC with an AES block cipher.

AES-CCM encryption has the following inputs and outputs:

AES-CCM input and output parameters
EncryptionDecryption
Input
Shared AES keyShared AES key
NonceNonce
CleartextCiphertext (encrypted cleartext + MAC)
AAD (optional)AAD (optional)
Output
Ciphertext (encrypted cleartext + MAC)Cleartext

The AES key is a shared secret between the two parties and has a length of 128 Bit. The key is stored in the dedicated RAM of the AES hardware unit before the crypto operation.

The nonce is generated by the party performing the authenticated encryption operation. Within the scope of any authenticated encryption key, the nonce value must be unique. That is, the set of nonce values used with any given key must not contain any duplicate values. Using the same nonce for two different messages encrypted with the same key destroys the security properties.

The optional AAD is authenticated, but not encrypted. Thus, the AAD is not included in the AES-CCM output. It can be used to authenticate packet headers for transport layer security.

After the encryption operation, the ciphertext contains the encrypted data and the message authentication code (MAC). The MAC can be seen as an encrypted fingerprint of the message header and content.

AES-CCM works in both ways: encryption and decryption. When a message is decrypted, then ciphertext, AAD and nonce are used as inputs while the output comprises the cleartext only. The decryption operation is successful, when the received ciphertext, the nonce and the AAD can reproduce the containing MAC.

The CryptoCC26XX_AESCCM_Transaction structure defines all necessary parameters for a AES-CCM transaction.

Field Documentation

§ opType

CryptoCC26XX_Operation CryptoCC26XX_AESCCM_Transaction::opType

The type of the crypto operation

§ mode

CryptoCC26XX_Mode CryptoCC26XX_AESCCM_Transaction::mode

The mode of current transaction. Set by transact function.

§ keyIndex

uint8_t CryptoCC26XX_AESCCM_Transaction::keyIndex

The key store index to be used

§ authLength

uint8_t CryptoCC26XX_AESCCM_Transaction::authLength

Is the the length of the authentication field 0, 2, 4, 6, 8, 10, 12, 14 or 16 octets.

§ nonce

char* CryptoCC26XX_AESCCM_Transaction::nonce

A pointer to a nonce. It must satisfy the equation 15 = q + n, where q is the fieldLength and n is the length of the nonce.

The minimum size of the array containing the nonce is 12 bytes. When using nonces of length < 12 bytes, the nonce must be zero-padded to 12 bytes. The driverlib implementation in ROM was written with 12 and 13-byte nonces in mind. It constructs the IV's internally and hence copies either 12 or 13 bytes into another buffer. Providing a nonce buffer with less than 12 bytes would result in whatever is after the nonce in memory being incorrectly copied into the IV's.

As long as the correct fieldLength is set for the < 12-bytes nonce, the correct nonce-length will be used.

Valid nonce lengths are {7, 8, 9, 10, 11, 12, 13}.

§ msgIn

char* CryptoCC26XX_AESCCM_Transaction::msgIn
  • Encryption: A pointer to the octet string input message and after the transaction, the location of the encrypted cleartext. The cleatext is encrypted in place.
  • Decryption: A pointer to the encrypted ciphertext composed of the encrypted cleartext concatenated with the encrypted message authentication code.

§ header

char* CryptoCC26XX_AESCCM_Transaction::header

The Additional Authentication Data (AAD). This header is authenticated but not encrypted.

§ msgOut

void* CryptoCC26XX_AESCCM_Transaction::msgOut

A pointer to where the encrypted CBC-MAC shall be written to.

  • Encryption: It is recommended to set this to msgIn + msgInLength. The cyphertext sent out must be the concatenation of the encrypted message and encrypted MAC anyway.
  • Decyption: Do NOT set msgOut to the same location as the received MAC in the cyphertext within msgIn! Doing this effectively disables verification.

§ fieldLength

uint8_t CryptoCC26XX_AESCCM_Transaction::fieldLength

This parameter specifies the size in bytes of the message length field. (Not the length of the message itself!)

It sets the maximum length of the message according to p < 2^(8*q) where p is the message length and q is the fieldLength.

It must satisfy the equation 15 = q + n where q is the fieldLength and n is the length of the nonce.

Valid values are {2, 3, 4, 5, 6, 7, 8}.

§ msgInLength

uint16_t CryptoCC26XX_AESCCM_Transaction::msgInLength
  • Encryption: The length of the cleartext.
  • Decryption: The length of the ciphertext.

§ headerLength

uint16_t CryptoCC26XX_AESCCM_Transaction::headerLength

The length of the header in octets

The documentation for this struct was generated from the following file:
© Copyright 1995-2019, Texas Instruments Incorporated. All rights reserved.
Trademarks | Privacy policy | Terms of use | Terms of sale