--- /dev/null
+/*
+ * AES-CMAC from NIST Special Publication 800-38B \97 Recommendation for block cipher modes of operation: The CMAC mode for authentication.
+ *
+ * Copyright (C) 2006-2014, Brainspark B.V.
+ * Copyright (C) 2014, Anargyros Plemenos
+ * Tests added Merkok, 2018
+ *
+ * This file is part of PolarSSL (http://www.polarssl.org)
+ * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
+ *
+ * All rights reserved.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Reference : https://polarssl.org/discussions/generic/authentication-token
+ * NIST Special Publication 800-38B \97 Recommendation for block cipher modes of operation: The CMAC mode for authentication.
+ * Tests here:
+ * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/AES_CMAC.pdf
+*/
+
+#include <stdint.h>
+#include <stddef.h>
+#include "aes.h"
+
+typedef struct aes_cmac_128_context {
+ aes_context aes_key;
+
+ uint8_t K1[16];
+ uint8_t K2[16];
+
+ uint8_t X[16];
+
+ uint8_t last[16];
+ size_t last_len;
+}
+aes_cmac128_context;
+
+/*
+ * \brief AES-CMAC-128 context setup
+ *
+ * \param ctx context to be initialized
+ * \param key secret key for AES-128
+ */
+void aes_cmac128_starts(aes_cmac128_context *ctx, const uint8_t K[16]);
+
+/*
+ * \brief AES-CMAC-128 process message
+ *
+ * \param ctx context to be initialized
+ * \param _msg the given message
+ * \param _msg_len the length of message
+ */
+void aes_cmac128_update(aes_cmac128_context *ctx, const uint8_t *_msg, size_t _msg_len);
+
+/*
+ * \brief AES-CMAC-128 compute T
+ *
+ * \param ctx context to be initialized
+ * \param T the generated MAC which is used to validate the message
+ */
+void aes_cmac128_final(aes_cmac128_context *ctx, uint8_t T[16]);
+
+/**
+ * \brief Checkup routine
+ *
+ * \return 0 if successful, or 1 if the test failed
+ */
+int aes_cmac_self_test( int verbose );
+