AES-CCM Functions
This section describes functions for authenticated encryption/decryption using the Counter with Cipher Block Chaining-Message Authentication Code (CCM) mode [NIST SP 800-38C] of the AES (Rijndael128) block cipher.
The AES-CCM
functions enable authenticated encryption/decryption of several messages using one key that the
AES_CCMInit
function sets. Processing of each new message starts with a call to the
AES_CCMStart
function. The application code for conducting a typical AES-CCM authenticated encryption should follow the sequence of operations as outlined below:
- Get the size required to configure the contextIppsAES_CCMStateby calling the functionAES_CCMGetSize.
- Call the system memory-allocation service function to allocate a buffer whose size is not less than the functionAES_CCMGetSizespecifies.
- Initialize the contextIppsAES_CCMState*pCtxby calling the functionAES_CCMInitwith the allocated buffer and respective AES key.
- Optionally callAES_CCMMessageLenand/orAES_CCMTagLento set up message and tag parameters.
- CallAES_CCMStartto start authenticated encryption of the first/next message.
- Keep callingAES_CCMEncryptuntil the entire message is processed.
- Request the authentication tag by callingAES_CCMGetTag.
- Proceed to the next message, if any, that is, go to step 5.
- Clean up secret data stored in the context.
- Call the system memory free service function to release the buffer allocated for the contextIppsAES_CCMState, if needed.