CryptoCC26XX AES-CCM Transaction. More...
#include <CryptoCC26XX.h>
Data Fields | |
CryptoCC26XX_Operation | opType |
CryptoCC26XX_Mode | mode |
uint8_t | keyIndex |
uint8_t | authLength |
char * | nonce |
char * | msgIn |
char * | header |
void * | msgOut |
uint8_t | fieldLength |
uint16_t | msgInLength |
uint16_t | headerLength |
CryptoCC26XX AES-CCM Transaction.
The Counter with CBC-MAC (CCM) mode of operation is a generic authenticated encryption block cipher mode. It can be used with any 128-bit block cipher. AES-CCM combines CBC-MAC with an AES block cipher.
AES-CCM encryption has the following inputs and outputs:
Encryption | Decryption |
---|---|
Input | |
Shared AES key | Shared AES key |
Nonce | Nonce |
Cleartext | Ciphertext (encrypted cleartext + MAC) |
AAD (optional) | AAD (optional) |
Output | |
Ciphertext (encrypted cleartext + MAC) | Cleartext |
The AES key is a shared secret between the two parties and has a length of 128 Bit. The key is stored in the dedicated RAM of the AES hardware unit before the crypto operation.
The nonce is generated by the party performing the authenticated encryption operation. Within the scope of any authenticated encryption key, the nonce value must be unique. That is, the set of nonce values used with any given key must not contain any duplicate values. Using the same nonce for two different messages encrypted with the same key destroys the security properties.
The optional AAD is authenticated, but not encrypted. Thus, the AAD is not included in the AES-CCM output. It can be used to authenticate packet headers for transport layer security.
After the encryption operation, the ciphertext contains the encrypted data and the message authentication code (MAC). The MAC can be seen as an encrypted fingerprint of the message header and content.
AES-CCM works in both ways: encryption and decryption. When a message is decrypted, then ciphertext, AAD and nonce are used as inputs while the output comprises the cleartext only. The decryption operation is successful, when the received ciphertext, the nonce and the AAD can reproduce the containing MAC.
The CryptoCC26XX_AESCCM_Transaction structure defines all necessary parameters for a AES-CCM transaction.
CryptoCC26XX_Operation CryptoCC26XX_AESCCM_Transaction::opType |
The type of the crypto operation
CryptoCC26XX_Mode CryptoCC26XX_AESCCM_Transaction::mode |
The mode of current transaction. Set by transact function.
uint8_t CryptoCC26XX_AESCCM_Transaction::keyIndex |
The key store index to be used
uint8_t CryptoCC26XX_AESCCM_Transaction::authLength |
Is the the length of the authentication field 0, 2, 4, 6, 8, 10, 12, 14 or 16 octets.
char* CryptoCC26XX_AESCCM_Transaction::nonce |
A pointer to a nonce. It must satisfy the equation 15 = q + n, where q is the fieldLength and n is the length of the nonce.
The minimum size of the array containing the nonce is 12 bytes. When using nonces of length < 12 bytes, the nonce must be zero-padded to 12 bytes. The driverlib implementation in ROM was written with 12 and 13-byte nonces in mind. It constructs the IV's internally and hence copies either 12 or 13 bytes into another buffer. Providing a nonce buffer with less than 12 bytes would result in whatever is after the nonce in memory being incorrectly copied into the IV's.
As long as the correct fieldLength is set for the < 12-bytes nonce, the correct nonce-length will be used.
Valid nonce lengths are {7, 8, 9, 10, 11, 12, 13}.
char* CryptoCC26XX_AESCCM_Transaction::msgIn |
char* CryptoCC26XX_AESCCM_Transaction::header |
The Additional Authentication Data (AAD). This header is authenticated but not encrypted.
void* CryptoCC26XX_AESCCM_Transaction::msgOut |
A pointer to where the encrypted CBC-MAC shall be written to.
uint8_t CryptoCC26XX_AESCCM_Transaction::fieldLength |
This parameter specifies the size in bytes of the message length field. (Not the length of the message itself!)
It sets the maximum length of the message according to p < 2^(8*q) where p is the message length and q is the fieldLength.
It must satisfy the equation 15 = q + n where q is the fieldLength and n is the length of the nonce.
Valid values are {2, 3, 4, 5, 6, 7, 8}.
uint16_t CryptoCC26XX_AESCCM_Transaction::msgInLength |
uint16_t CryptoCC26XX_AESCCM_Transaction::headerLength |
The length of the header in octets