TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-crypto / a586c5a66cd83f8b58216382e7d54bd6e8093bfa / . / docs / 1.0.1 / html / api / ops / macs.html
blob: 7b813ecc29489e67331207d89a59d012483bdb92 [file] [log] [blame]
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]1
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]2<!DOCTYPE html>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]3
4<html xmlns="http://www.w3.org/1999/xhtml">
5 <head>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]6 <meta charset="utf-8" />
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]7 <title>10.3. Message authentication codes (MAC) &#8212; PSA Crypto API 1.0.1 documentation</title>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]8 <link rel="stylesheet" href="../../_static/alabaster.css" type="text/css" />
9 <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]10 <script type="text/javascript" id="documentation_options" data-url_root="../../" src="../../_static/documentation_options.js"></script>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]11 <script type="text/javascript" src="../../_static/jquery.js"></script>
12 <script type="text/javascript" src="../../_static/underscore.js"></script>
13 <script type="text/javascript" src="../../_static/doctools.js"></script>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]14 <script type="text/javascript" src="../../_static/language_data.js"></script>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]15 <link rel="author" title="About these documents" href="../../about.html" />
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]16 <link rel="index" title="Index" href="../../genindex.html" />
17 <link rel="search" title="Search" href="../../search.html" />
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]18 <link rel="next" title="10.4. Unauthenticated ciphers" href="ciphers.html" />
19 <link rel="prev" title="10.2. Message digests" href="hashes.html" />
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]20
21 <link rel="stylesheet" href="../../_static/custom.css" type="text/css" />
22
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]23
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]24 <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
25
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]26 </head><body>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]27
28
29 <div class="document">
30 <div class="documentwrapper">
31 <div class="bodywrapper">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]32
33
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]34 <div class="body" role="main">
35
36 <div class="section" id="message-authentication-codes-mac">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]37<span id="macs"></span><h1>10.3. Message authentication codes (MAC)</h1>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]38<div class="section" id="mac-algorithms">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]39<span id="id1"></span><h2>10.3.1. MAC algorithms</h2>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]40<div class="section" id="PSA_ALG_HMAC">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]41<span id="c.PSA_ALG_HMAC"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_HMAC</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]42<p>Macro to build an HMAC message-authentication-code algorithm from an underlying hash algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]43<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC">PSA_ALG_HMAC</a>(hash_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]44<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]45<dl class="simple">
46<dt> <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code></dt><dd><p>A hash algorithm (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_HASH" title="PSA_ALG_IS_HASH"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_HASH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">hash_alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true).</p>
47</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]48</dl>
49<p class="rubric">Returns</p>
50<p>The corresponding HMAC algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]51<p>Unspecified if <code class="docutils literal notranslate"><span class="pre">hash_alg</span></code> is not a supported hash algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]52<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]53<p>For example, <a class="reference internal" href="#c.PSA_ALG_HMAC" title="PSA_ALG_HMAC"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_HMAC</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><a class="reference internal" href="hashes.html#c.PSA_ALG_SHA_256" title="PSA_ALG_SHA_256"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_SHA_256</span></code></a><code class="docutils literal notranslate"><span class="pre">)</span></code> is HMAC-SHA-256.</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]54<p>The HMAC construction is defined in <span><em>HMAC: Keyed-Hashing for Message Authentication</em> <a class="reference internal" href="../../about.html#citation-rfc2104"><span class="cite">[RFC2104]</span></a></span>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]55</div>
56<div class="section" id="PSA_ALG_TRUNCATED_MAC">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]57<span id="c.PSA_ALG_TRUNCATED_MAC"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_TRUNCATED_MAC</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]58<p>Macro to build a truncated MAC algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]59<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_TRUNCATED_MAC" title="PSA_ALG_TRUNCATED_MAC">PSA_ALG_TRUNCATED_MAC</a>(mac_alg, mac_length) \
60 <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]61<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]62<dl class="simple">
63<dt> <code class="docutils literal notranslate"><span class="pre">mac_alg</span></code></dt><dd><p>A MAC algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true). This can be a truncated or untruncated MAC algorithm.</p>
64</dd>
65<dt> <code class="docutils literal notranslate"><span class="pre">mac_length</span></code></dt><dd><p>Desired length of the truncated MAC in bytes. This must be at most the full length of the MAC and must be at least an implementation-specified minimum. The implementation-specified minimum must not be zero.</p>
66</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]67</dl>
68<p class="rubric">Returns</p>
69<p>The corresponding MAC algorithm with the specified length.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]70<p>Unspecified if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported MAC algorithm or if <code class="docutils literal notranslate"><span class="pre">mac_length</span></code> is too small or too large for the specified MAC algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]71<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]72<p>A truncated MAC algorithm is identical to the corresponding MAC algorithm except that the MAC value for the truncated algorithm consists of only the first <code class="docutils literal notranslate"><span class="pre">mac_length</span></code> bytes of the MAC value for the untruncated algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]73<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]74<p class="admonition-title">Note</p>
75<p>This macro might allow constructing algorithm identifiers that are not valid, either because the specified length is larger than the untruncated MAC or because the specified length is smaller than permitted by the implementation.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]76</div>
77<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]78<p class="admonition-title">Note</p>
79<p>It is implementation-defined whether a truncated MAC that is truncated to the same length as the MAC of the untruncated algorithm is considered identical to the untruncated algorithm for policy comparison purposes.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]80</div>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]81<p>The full-length MAC algorithm can be recovered using <a class="reference internal" href="#c.PSA_ALG_FULL_LENGTH_MAC" title="PSA_ALG_FULL_LENGTH_MAC"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_FULL_LENGTH_MAC()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]82</div>
83<div class="section" id="PSA_ALG_CBC_MAC">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]84<span id="c.PSA_ALG_CBC_MAC"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_CBC_MAC</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]85<p>The CBC-MAC message-authentication-code algorithm, constructed over a block cipher.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]86<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_CBC_MAC" title="PSA_ALG_CBC_MAC">PSA_ALG_CBC_MAC</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x03c00100)</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]87<div class="admonition warning">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]88<p class="admonition-title">Warning</p>
89<p>CBC-MAC is insecure in many cases. A more secure mode, such as <a class="reference internal" href="#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_ALG_CMAC</span></code></a>, is recommended.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]90</div>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]91<p>The CBC-MAC algorithm must be used with a key for a block cipher. For example, one of <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_TYPE_AES</span></code></a>.</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]92<p>CBC-MAC is defined as <em>MAC Algorithm 1</em> in <span><em>ISO/IEC 9797-1:2011 Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher</em> <a class="reference internal" href="../../about.html#citation-iso9797"><span class="cite">[ISO9797]</span></a></span>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]93</div>
94<div class="section" id="PSA_ALG_CMAC">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]95<span id="c.PSA_ALG_CMAC"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_CMAC</span></code> (macro)</h3>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]96<p>The CMAC message-authentication-code algorithm, constructed over a block cipher.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]97<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_CMAC" title="PSA_ALG_CMAC">PSA_ALG_CMAC</a> ((<a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a>)0x03c00200)</pre>
98<p>The CMAC algorithm must be used with a key for a block cipher. For example, when used with a key with type <a class="reference internal" href="../keys/types.html#c.PSA_KEY_TYPE_AES" title="PSA_KEY_TYPE_AES"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_TYPE_AES</span></code></a>, the resulting operation is AES-CMAC.</p>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]99<p>CMAC is defined in <span><em>NIST Special Publication 800-38B: Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication</em> <a class="reference internal" href="../../about.html#citation-sp800-38b"><span class="cite">[SP800-38B]</span></a></span>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]100</div>
101</div>
102<div class="section" id="single-part-mac-functions">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]103<h2>10.3.2. Single-part MAC functions</h2>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]104<div class="section" id="psa_mac_compute">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]105<span id="c.psa_mac_compute"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_compute</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]106<p>Calculate the message authentication code (MAC) of a message.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]107<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_compute" title="psa_mac_compute">psa_mac_compute</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]108 <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]109 const uint8_t * input,
110 size_t input_length,
111 uint8_t * mac,
112 size_t mac_size,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]113 size_t * mac_length);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]114<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]115<dl class="simple">
116<dt> <code class="docutils literal notranslate"><span class="pre">key</span></code></dt><dd><p>Identifier of the key to use for the operation.
117It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a>.</p>
118</dd>
119<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>The MAC algorithm to compute (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true).</p>
120</dd>
121<dt> <code class="docutils literal notranslate"><span class="pre">input</span></code></dt><dd><p>Buffer containing the input message.</p>
122</dd>
123<dt> <code class="docutils literal notranslate"><span class="pre">input_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">input</span></code> buffer in bytes.</p>
124</dd>
125<dt> <code class="docutils literal notranslate"><span class="pre">mac</span></code></dt><dd><p>Buffer where the MAC value is to be written.</p>
126</dd>
127<dt> <code class="docutils literal notranslate"><span class="pre">mac_size</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">mac</span></code> buffer in bytes.
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]128This must be appropriate for the selected algorithm and key:</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]129<ul class="simple">
130<li><p>The exact MAC size is <a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="docutils literal notranslate"><span class="pre">PSA_MAC_LENGTH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">key_type</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">key_bits</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> where <code class="docutils literal notranslate"><span class="pre">key_type</span></code> and <code class="docutils literal notranslate"><span class="pre">key_bits</span></code> are attributes of the key used to compute the MAC.</p></li>
131<li><p><a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a> evaluates to the maximum MAC size of any supported MAC algorithm.</p></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]132</ul>
133</dd>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]134<dt> <code class="docutils literal notranslate"><span class="pre">mac_length</span></code></dt><dd><p>On success, the number of bytes that make up the MAC value.</p>
135</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]136</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]137<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
138<dl class="simple">
139<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd><p>Success.</p>
140</dd>
141<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt><dd></dd>
142<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt><dd><p>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</p>
143</dd>
144<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt><dd><p><code class="docutils literal notranslate"><span class="pre">key</span></code> is not compatible with <code class="docutils literal notranslate"><span class="pre">alg</span></code>.</p>
145</dd>
146<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt><dd><p><code class="docutils literal notranslate"><span class="pre">alg</span></code> is not supported or is not a MAC algorithm.</p>
147</dd>
148<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt><dd><p>The size of the <code class="docutils literal notranslate"><span class="pre">mac</span></code> buffer is too small.
149<a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_LENGTH()</span></code></a> or <a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a> can be used to determine the required buffer size.</p>
150</dd>
151<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
152<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
153<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
154<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
155<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
156</dd>
157<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
158</dd>
159<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
160</dd>
161<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
162</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]163</dl>
164<p class="rubric">Description</p>
165<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]166<p class="admonition-title">Note</p>
167<p>To verify the MAC of a message against an expected value, use <a class="reference internal" href="#c.psa_mac_verify" title="psa_mac_verify"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify()</span></code></a> instead. Beware that comparing integrity or authenticity data such as MAC values with a function such as <code class="docutils literal notranslate"><span class="pre">memcmp()</span></code> is risky because the time taken by the comparison might leak information about the MAC value which could allow an attacker to guess a valid MAC and thereby bypass security controls.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]168</div>
169</div>
170<div class="section" id="psa_mac_verify">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]171<span id="c.psa_mac_verify"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_verify</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]172<p>Calculate the MAC of a message and compare it with a reference value.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]173<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_verify" title="psa_mac_verify">psa_mac_verify</a>(<a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]174 <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg,
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]175 const uint8_t * input,
176 size_t input_length,
177 const uint8_t * mac,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]178 size_t mac_length);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]179<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]180<dl class="simple">
181<dt> <code class="docutils literal notranslate"><span class="pre">key</span></code></dt><dd><p>Identifier of the key to use for the operation.
182It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a>.</p>
183</dd>
184<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>The MAC algorithm to compute (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true).</p>
185</dd>
186<dt> <code class="docutils literal notranslate"><span class="pre">input</span></code></dt><dd><p>Buffer containing the input message.</p>
187</dd>
188<dt> <code class="docutils literal notranslate"><span class="pre">input_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">input</span></code> buffer in bytes.</p>
189</dd>
190<dt> <code class="docutils literal notranslate"><span class="pre">mac</span></code></dt><dd><p>Buffer containing the expected MAC value.</p>
191</dd>
192<dt> <code class="docutils literal notranslate"><span class="pre">mac_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">mac</span></code> buffer in bytes.</p>
193</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]194</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]195<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
196<dl class="simple">
197<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd><p>The expected MAC is identical to the actual MAC of the input.</p>
198</dd>
199<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt><dd><p>The MAC of the message was calculated successfully, but it differs from the expected value.</p>
200</dd>
201<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt><dd></dd>
202<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt><dd><p>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</p>
203</dd>
204<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt><dd><p><code class="docutils literal notranslate"><span class="pre">key</span></code> is not compatible with <code class="docutils literal notranslate"><span class="pre">alg</span></code>.</p>
205</dd>
206<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt><dd><p><code class="docutils literal notranslate"><span class="pre">alg</span></code> is not supported or is not a MAC algorithm.</p>
207</dd>
208<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
209<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
210<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
211<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
212<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
213</dd>
214<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
215</dd>
216<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
217</dd>
218<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
219</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]220</dl>
221</div>
222</div>
223<div class="section" id="multi-part-mac-operations">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]224<h2>10.3.3. Multi-part MAC operations</h2>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]225<div class="section" id="psa_mac_operation_t">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]226<span id="c.psa_mac_operation_t"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_operation_t</span></code> (type)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]227<p>The type of the state object for multi-part MAC operations.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]228<pre class="literal-block">typedef <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-type"><span class="std std-ref">/* implementation-defined type */</span></a></em> <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a>;</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]229<p>Before calling any function on a MAC operation object, the application must initialize it by any of the following means:</p>
230<ul>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]231<li><p>Set the object to all-bits-zero, for example:</p>
232<pre class="literal-block"><a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> operation;
233memset(&amp;operation, 0, sizeof(operation));</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]234</li>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]235<li><p>Initialize the object to logical zero values by declaring the object as static or global without an explicit initializer, for example:</p>
236<pre class="literal-block">static <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> operation;</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]237</li>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]238<li><p>Initialize the object to the initializer <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_OPERATION_INIT</span></code></a>, for example:</p>
239<pre class="literal-block"><a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> operation = <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT">PSA_MAC_OPERATION_INIT</a>;</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]240</li>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]241<li><p>Assign the result of the function <a class="reference internal" href="#c.psa_mac_operation_init" title="psa_mac_operation_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_operation_init()</span></code></a> to the object, for example:</p>
242<pre class="literal-block"><a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> operation;
243operation = <a class="reference internal" href="#c.psa_mac_operation_init" title="psa_mac_operation_init">psa_mac_operation_init</a>();</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]244</li>
245</ul>
246<p>This is an implementation-defined type. Applications that make assumptions about the content of this object will result in in implementation-specific behavior, and are non-portable.</p>
247</div>
248<div class="section" id="PSA_MAC_OPERATION_INIT">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]249<span id="c.PSA_MAC_OPERATION_INIT"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_MAC_OPERATION_INIT</span></code> (macro)</h3>
250<p>This macro returns a suitable initializer for a MAC operation object of type <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_mac_operation_t</span></code></a>.</p>
251<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT">PSA_MAC_OPERATION_INIT</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]252</div>
253<div class="section" id="psa_mac_operation_init">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]254<span id="c.psa_mac_operation_init"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_operation_init</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]255<p>Return an initial value for a MAC operation object.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]256<pre class="literal-block"><a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> <a class="reference internal" href="#c.psa_mac_operation_init" title="psa_mac_operation_init">psa_mac_operation_init</a>(void);</pre>
257<p class="rubric">Returns: <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="docutils literal notranslate"><span class="pre">psa_mac_operation_t</span></code></a></p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]258</div>
259<div class="section" id="psa_mac_sign_setup">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]260<span id="c.psa_mac_sign_setup"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_sign_setup</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]261<p>Set up a multi-part MAC calculation operation.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]262<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup">psa_mac_sign_setup</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]263 <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]264 <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]265<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]266<dl class="simple">
267<dt> <code class="docutils literal notranslate"><span class="pre">operation</span></code></dt><dd><p>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_mac_operation_t</span></code></a> and not yet in use.</p>
268</dd>
269<dt> <code class="docutils literal notranslate"><span class="pre">key</span></code></dt><dd><p>Identifier of the key to use for the operation. It must remain valid until the operation terminates.
270It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a>.</p>
271</dd>
272<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>The MAC algorithm to compute (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true).</p>
273</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]274</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]275<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
276<dl class="simple">
277<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd><p>Success.</p>
278</dd>
279<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt><dd></dd>
280<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt><dd><p>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_SIGN_MESSAGE" title="PSA_KEY_USAGE_SIGN_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_SIGN_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</p>
281</dd>
282<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt><dd><p><code class="docutils literal notranslate"><span class="pre">key</span></code> is not compatible with <code class="docutils literal notranslate"><span class="pre">alg</span></code>.</p>
283</dd>
284<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt><dd><p><code class="docutils literal notranslate"><span class="pre">alg</span></code> is not supported or is not a MAC algorithm.</p>
285</dd>
286<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
287<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
288<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
289<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
290<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
291</dd>
292<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
293</dd>
294<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
295</dd>
296<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The operation state is not valid: it must be inactive.</p>
297</dd>
298<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
299</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]300</dl>
301<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]302<p>This function sets up the calculation of the message authentication code (MAC) of a byte string. To verify the MAC of a message against an expected value, use <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_setup()</span></code></a> instead.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]303<p>The sequence of operations to calculate a MAC is as follows:</p>
304<ol class="arabic simple">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]305<li><p>Allocate an operation object which will be passed to all the functions listed here.</p></li>
306<li><p>Initialize the operation object with one of the methods described in the documentation for <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_mac_operation_t</span></code></a>, e.g. <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_OPERATION_INIT</span></code></a>.</p></li>
307<li><p>Call <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_setup()</span></code></a> to specify the algorithm and key.</p></li>
308<li><p>Call <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_update()</span></code></a> zero, one or more times, passing a fragment of the message each time. The MAC that is calculated is the MAC of the concatenation of these messages in order.</p></li>
309<li><p>At the end of the message, call <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_finish()</span></code></a> to finish calculating the MAC value and retrieve it.</p></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]310</ol>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]311<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a> at any time after the operation has been initialized.</p>
312<p>After a successful call to <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_setup()</span></code></a>, the application must eventually terminate the operation through one of the following methods:</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]313<ul class="simple">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]314<li><p>A successful call to <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_finish()</span></code></a>.</p></li>
315<li><p>A call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a>.</p></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]316</ul>
317</div>
318<div class="section" id="psa_mac_verify_setup">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]319<span id="c.psa_mac_verify_setup"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_verify_setup</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]320<p>Set up a multi-part MAC verification operation.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]321<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup">psa_mac_verify_setup</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]322 <a class="reference internal" href="../keys/ids.html#c.psa_key_id_t" title="psa_key_id_t">psa_key_id_t</a> key,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]323 <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t">psa_algorithm_t</a> alg);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]324<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]325<dl class="simple">
326<dt> <code class="docutils literal notranslate"><span class="pre">operation</span></code></dt><dd><p>The operation object to set up. It must have been initialized as per the documentation for <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_mac_operation_t</span></code></a> and not yet in use.</p>
327</dd>
328<dt> <code class="docutils literal notranslate"><span class="pre">key</span></code></dt><dd><p>Identifier of the key to use for the operation. It must remain valid until the operation terminates.
329It must allow the usage <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a>.</p>
330</dd>
331<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>The MAC algorithm to compute (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true).</p>
332</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]333</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]334<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
335<dl class="simple">
336<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd><p>Success.</p>
337</dd>
338<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_HANDLE" title="PSA_ERROR_INVALID_HANDLE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_HANDLE</span></code></a></dt><dd></dd>
339<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_PERMITTED" title="PSA_ERROR_NOT_PERMITTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_PERMITTED</span></code></a></dt><dd><p>The key does not have the <a class="reference internal" href="../keys/policy.html#c.PSA_KEY_USAGE_VERIFY_MESSAGE" title="PSA_KEY_USAGE_VERIFY_MESSAGE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_KEY_USAGE_VERIFY_MESSAGE</span></code></a> flag, or it does not permit the requested algorithm.</p>
340</dd>
341<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_ARGUMENT" title="PSA_ERROR_INVALID_ARGUMENT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_ARGUMENT</span></code></a></dt><dd><p><code class="docutils literal notranslate"><span class="pre">key</span></code> is not compatible with <code class="docutils literal notranslate"><span class="pre">alg</span></code>.</p>
342</dd>
343<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_NOT_SUPPORTED" title="PSA_ERROR_NOT_SUPPORTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_NOT_SUPPORTED</span></code></a></dt><dd><p><code class="docutils literal notranslate"><span class="pre">alg</span></code> is not supported or is not a MAC algorithm.</p>
344</dd>
345<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
346<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
347<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
348<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
349<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd><p>The key could not be retrieved from storage</p>
350</dd>
351<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
352</dd>
353<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd><p>The key could not be retrieved from storage.</p>
354</dd>
355<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The operation state is not valid: it must be inactive.</p>
356</dd>
357<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
358</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]359</dl>
360<p class="rubric">Description</p>
361<p>This function sets up the verification of the message authentication code (MAC) of a byte string against an expected value.</p>
362<p>The sequence of operations to verify a MAC is as follows:</p>
363<ol class="arabic simple">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]364<li><p>Allocate an operation object which will be passed to all the functions listed here.</p></li>
365<li><p>Initialize the operation object with one of the methods described in the documentation for <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_mac_operation_t</span></code></a>, e.g. <a class="reference internal" href="#c.PSA_MAC_OPERATION_INIT" title="PSA_MAC_OPERATION_INIT"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_OPERATION_INIT</span></code></a>.</p></li>
366<li><p>Call <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_setup()</span></code></a> to specify the algorithm and key.</p></li>
367<li><p>Call <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_update()</span></code></a> zero, one or more times, passing a fragment of the message each time. The MAC that is calculated is the MAC of the concatenation of these messages in order.</p></li>
368<li><p>At the end of the message, call <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_finish()</span></code></a> to finish calculating the actual MAC of the message and verify it against the expected value.</p></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]369</ol>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]370<p>If an error occurs at any step after a call to <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_setup()</span></code></a>, the operation will need to be reset by a call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a>. The application can call <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a> at any time after the operation has been initialized.</p>
371<p>After a successful call to <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_setup()</span></code></a>, the application must eventually terminate the operation through one of the following methods:</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]372<ul class="simple">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]373<li><p>A successful call to <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_finish()</span></code></a>.</p></li>
374<li><p>A call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a>.</p></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]375</ul>
376</div>
377<div class="section" id="psa_mac_update">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]378<span id="c.psa_mac_update"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_update</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]379<p>Add a message fragment to a multi-part MAC operation.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]380<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update">psa_mac_update</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]381 const uint8_t * input,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]382 size_t input_length);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]383<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]384<dl class="simple">
385<dt> <code class="docutils literal notranslate"><span class="pre">operation</span></code></dt><dd><p>Active MAC operation.</p>
386</dd>
387<dt> <code class="docutils literal notranslate"><span class="pre">input</span></code></dt><dd><p>Buffer containing the message fragment to add to the MAC calculation.</p>
388</dd>
389<dt> <code class="docutils literal notranslate"><span class="pre">input_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">input</span></code> buffer in bytes.</p>
390</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]391</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]392<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
393<dl class="simple">
394<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd><p>Success.</p>
395</dd>
396<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The operation state is not valid: it must be active.</p>
397</dd>
398<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
399<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
400<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
401<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
402<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd></dd>
403<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd></dd>
404<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd></dd>
405<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
406</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]407</dl>
408<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]409<p>The application must call <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_setup()</span></code></a> or <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_setup()</span></code></a> before calling this function.</p>
410<p>If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]411</div>
412<div class="section" id="psa_mac_sign_finish">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]413<span id="c.psa_mac_sign_finish"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_sign_finish</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]414<p>Finish the calculation of the MAC of a message.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]415<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish">psa_mac_sign_finish</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]416 uint8_t * mac,
417 size_t mac_size,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]418 size_t * mac_length);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]419<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]420<dl class="simple">
421<dt> <code class="docutils literal notranslate"><span class="pre">operation</span></code></dt><dd><p>Active MAC operation.</p>
422</dd>
423<dt> <code class="docutils literal notranslate"><span class="pre">mac</span></code></dt><dd><p>Buffer where the MAC value is to be written.</p>
424</dd>
425<dt> <code class="docutils literal notranslate"><span class="pre">mac_size</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">mac</span></code> buffer in bytes.
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]426This must be appropriate for the selected algorithm and key:</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]427<ul class="simple">
428<li><p>The exact MAC size is <a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="docutils literal notranslate"><span class="pre">PSA_MAC_LENGTH</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">key_type</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">key_bits</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> where <code class="docutils literal notranslate"><span class="pre">key_type</span></code> and <code class="docutils literal notranslate"><span class="pre">key_bits</span></code> are attributes of the key, and <code class="docutils literal notranslate"><span class="pre">alg</span></code> is the algorithm used to compute the MAC.</p></li>
429<li><p><a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a> evaluates to the maximum MAC size of any supported MAC algorithm.</p></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]430</ul>
431</dd>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]432<dt> <code class="docutils literal notranslate"><span class="pre">mac_length</span></code></dt><dd><p>On success, the number of bytes that make up the MAC value. This is always <code class="docutils literal notranslate"><span class="pre">PSA_MAC_FINAL_SIZE</span></code><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">key_type</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">key_bits</span></code><code class="docutils literal notranslate"><span class="pre">,</span> </code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> where <code class="docutils literal notranslate"><span class="pre">key_type</span></code> and <code class="docutils literal notranslate"><span class="pre">key_bits</span></code> are the type and bit-size respectively of the key and <code class="docutils literal notranslate"><span class="pre">alg</span></code> is the MAC algorithm that is calculated.</p>
433</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]434</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]435<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
436<dl class="simple">
437<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd><p>Success.</p>
438</dd>
439<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The operation state is not valid: it must be an active mac sign operation.</p>
440</dd>
441<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BUFFER_TOO_SMALL" title="PSA_ERROR_BUFFER_TOO_SMALL"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BUFFER_TOO_SMALL</span></code></a></dt><dd><p>The size of the <code class="docutils literal notranslate"><span class="pre">mac</span></code> buffer is too small.
442<a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_LENGTH()</span></code></a> or <a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a> can be used to determine the required buffer size.</p>
443</dd>
444<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
445<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
446<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
447<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
448<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd></dd>
449<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd></dd>
450<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd></dd>
451<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
452</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]453</dl>
454<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]455<p>The application must call <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_setup()</span></code></a> before calling this function. This function calculates the MAC of the message formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_update()</span></code></a>.</p>
456<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]457<div class="admonition warning">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]458<p class="admonition-title">Warning</p>
459<p>It is not recommended to use this function when a specific value is expected for the MAC. Call <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_finish()</span></code></a> instead with the expected MAC value.</p>
460<p>Comparing integrity or authenticity data such as MAC values with a function such as <code class="docutils literal notranslate"><span class="pre">memcmp()</span></code> is risky because the time taken by the comparison might leak information about the hashed data which could allow an attacker to guess a valid MAC and thereby bypass security controls.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]461</div>
462</div>
463<div class="section" id="psa_mac_verify_finish">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]464<span id="c.psa_mac_verify_finish"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_verify_finish</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]465<p>Finish the calculation of the MAC of a message and compare it with an expected value.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]466<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish">psa_mac_verify_finish</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation,
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]467 const uint8_t * mac,
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]468 size_t mac_length);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]469<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]470<dl class="simple">
471<dt> <code class="docutils literal notranslate"><span class="pre">operation</span></code></dt><dd><p>Active MAC operation.</p>
472</dd>
473<dt> <code class="docutils literal notranslate"><span class="pre">mac</span></code></dt><dd><p>Buffer containing the expected MAC value.</p>
474</dd>
475<dt> <code class="docutils literal notranslate"><span class="pre">mac_length</span></code></dt><dd><p>Size of the <code class="docutils literal notranslate"><span class="pre">mac</span></code> buffer in bytes.</p>
476</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]477</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]478<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
479<dl class="simple">
480<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd><p>The expected MAC is identical to the actual MAC of the message.</p>
481</dd>
482<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INVALID_SIGNATURE" title="PSA_ERROR_INVALID_SIGNATURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INVALID_SIGNATURE</span></code></a></dt><dd><p>The MAC of the message was calculated successfully, but it differs from the expected MAC.</p>
483</dd>
484<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The operation state is not valid: it must be an active mac verify operation.</p>
485</dd>
486<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_INSUFFICIENT_MEMORY" title="PSA_ERROR_INSUFFICIENT_MEMORY"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_INSUFFICIENT_MEMORY</span></code></a></dt><dd></dd>
487<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
488<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
489<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
490<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_STORAGE_FAILURE" title="PSA_ERROR_STORAGE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_STORAGE_FAILURE</span></code></a></dt><dd></dd>
491<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_CORRUPT" title="PSA_ERROR_DATA_CORRUPT"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_CORRUPT</span></code></a></dt><dd></dd>
492<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_DATA_INVALID" title="PSA_ERROR_DATA_INVALID"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_DATA_INVALID</span></code></a></dt><dd></dd>
493<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
494</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]495</dl>
496<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]497<p>The application must call <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_setup()</span></code></a> before calling this function. This function calculates the MAC of the message formed by concatenating the inputs passed to preceding calls to <a class="reference internal" href="#c.psa_mac_update" title="psa_mac_update"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_update()</span></code></a>. It then compares the calculated MAC with the expected MAC passed as a parameter to this function.</p>
498<p>When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]499<div class="admonition note">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]500<p class="admonition-title">Note</p>
501<p>Implementations must make the best effort to ensure that the comparison between the actual MAC and the expected MAC is performed in constant time.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]502</div>
503</div>
504<div class="section" id="psa_mac_abort">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]505<span id="c.psa_mac_abort"></span><h3><code class="docutils literal notranslate"><span class="pre">psa_mac_abort</span></code> (function)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]506<p>Abort a MAC operation.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]507<pre class="literal-block"><a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t">psa_status_t</a> <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort">psa_mac_abort</a>(<a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t">psa_mac_operation_t</a> * operation);</pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]508<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]509<dl class="simple">
510<dt> <code class="docutils literal notranslate"><span class="pre">operation</span></code></dt><dd><p>Initialized MAC operation.</p>
511</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]512</dl>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]513<p class="rubric">Returns: <a class="reference internal" href="../library/status.html#c.psa_status_t" title="psa_status_t"><code class="docutils literal notranslate"><span class="pre">psa_status_t</span></code></a></p>
514<dl class="simple">
515<dt> <a class="reference internal" href="../library/status.html#c.PSA_SUCCESS" title="PSA_SUCCESS"><code class="docutils literal notranslate"><span class="pre">PSA_SUCCESS</span></code></a></dt><dd></dd>
516<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_COMMUNICATION_FAILURE" title="PSA_ERROR_COMMUNICATION_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_COMMUNICATION_FAILURE</span></code></a></dt><dd></dd>
517<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_HARDWARE_FAILURE" title="PSA_ERROR_HARDWARE_FAILURE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_HARDWARE_FAILURE</span></code></a></dt><dd></dd>
518<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_CORRUPTION_DETECTED" title="PSA_ERROR_CORRUPTION_DETECTED"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_CORRUPTION_DETECTED</span></code></a></dt><dd></dd>
519<dt> <a class="reference internal" href="../library/status.html#c.PSA_ERROR_BAD_STATE" title="PSA_ERROR_BAD_STATE"><code class="docutils literal notranslate"><span class="pre">PSA_ERROR_BAD_STATE</span></code></a></dt><dd><p>The library has not been previously initialized by <a class="reference internal" href="../library/library.html#c.psa_crypto_init" title="psa_crypto_init"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_crypto_init()</span></code></a>. It is implementation-dependent whether a failure to initialize results in this error code.</p>
520</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]521</dl>
522<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]523<p>Aborting an operation frees all associated resources except for the <code class="docutils literal notranslate"><span class="pre">operation</span></code> object itself. Once aborted, the operation object can be reused for another operation by calling <a class="reference internal" href="#c.psa_mac_sign_setup" title="psa_mac_sign_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_setup()</span></code></a> or <a class="reference internal" href="#c.psa_mac_verify_setup" title="psa_mac_verify_setup"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_setup()</span></code></a> again.</p>
524<p>This function can be called any time after the operation object has been initialized by one of the methods described in <a class="reference internal" href="#c.psa_mac_operation_t" title="psa_mac_operation_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_mac_operation_t</span></code></a>.</p>
525<p>In particular, calling <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a> after the operation has been terminated by a call to <a class="reference internal" href="#c.psa_mac_abort" title="psa_mac_abort"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_abort()</span></code></a>, <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_finish()</span></code></a> or <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_finish()</span></code></a> is safe and has no effect.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]526</div>
527</div>
528<div class="section" id="support-macros">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]529<h2>10.3.4. Support macros</h2>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]530<div class="section" id="PSA_ALG_IS_HMAC">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]531<span id="c.PSA_ALG_IS_HMAC"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_HMAC</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]532<p>Whether the specified algorithm is an HMAC algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]533<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_HMAC" title="PSA_ALG_IS_HMAC">PSA_ALG_IS_HMAC</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]534<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]535<dl class="simple">
536<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
537</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]538</dl>
539<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]540<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is an HMAC algorithm, <code class="docutils literal notranslate"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]541<p class="rubric">Description</p>
542<p>HMAC is a family of MAC algorithms that are based on a hash function.</p>
543</div>
544<div class="section" id="PSA_ALG_IS_BLOCK_CIPHER_MAC">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]545<span id="c.PSA_ALG_IS_BLOCK_CIPHER_MAC"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_BLOCK_CIPHER_MAC</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]546<p>Whether the specified algorithm is a MAC algorithm based on a block cipher.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]547<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_IS_BLOCK_CIPHER_MAC" title="PSA_ALG_IS_BLOCK_CIPHER_MAC">PSA_ALG_IS_BLOCK_CIPHER_MAC</a>(alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]548<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]549<dl class="simple">
550<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>An algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a>).</p>
551</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]552</dl>
553<p class="rubric">Returns</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]554<p><code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is a MAC algorithm based on a block cipher, <code class="docutils literal notranslate"><span class="pre">0</span></code> otherwise. This macro can return either <code class="docutils literal notranslate"><span class="pre">0</span></code> or <code class="docutils literal notranslate"><span class="pre">1</span></code> if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported algorithm identifier.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]555</div>
556<div class="section" id="PSA_ALG_FULL_LENGTH_MAC">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]557<span id="c.PSA_ALG_FULL_LENGTH_MAC"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_ALG_FULL_LENGTH_MAC</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]558<p>Macro to construct the MAC algorithm with a full length MAC, from a truncated MAC algorithm.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]559<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_ALG_FULL_LENGTH_MAC" title="PSA_ALG_FULL_LENGTH_MAC">PSA_ALG_FULL_LENGTH_MAC</a>(mac_alg) <em><a class="reference internal" href="../../overview/implementation.html#specification-defined-value"><span class="std std-ref">/* specification-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]560<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]561<dl class="simple">
562<dt> <code class="docutils literal notranslate"><span class="pre">mac_alg</span></code></dt><dd><p>A MAC algorithm identifier (value of type <a class="reference internal" href="algorithms.html#c.psa_algorithm_t" title="psa_algorithm_t"><code class="xref any c c-type docutils literal notranslate"><span class="pre">psa_algorithm_t</span></code></a> such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true). This can be a truncated or untruncated MAC algorithm.</p>
563</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]564</dl>
565<p class="rubric">Returns</p>
566<p>The corresponding MAC algorithm with a full length MAC.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]567<p>Unspecified if <code class="docutils literal notranslate"><span class="pre">alg</span></code> is not a supported MAC algorithm.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]568</div>
569<div class="section" id="PSA_MAC_LENGTH">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]570<span id="c.PSA_MAC_LENGTH"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_MAC_LENGTH</span></code> (macro)</h3>
571<p>The size of the output of <a class="reference internal" href="#c.psa_mac_compute" title="psa_mac_compute"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_compute()</span></code></a> and <a class="reference internal" href="#c.psa_mac_sign_finish" title="psa_mac_sign_finish"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_sign_finish()</span></code></a>, in bytes.</p>
572<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH">PSA_MAC_LENGTH</a>(key_type, key_bits, alg) \
573 <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]574<p class="rubric">Parameters</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]575<dl class="simple">
576<dt> <code class="docutils literal notranslate"><span class="pre">key_type</span></code></dt><dd><p>The type of the MAC key.</p>
577</dd>
578<dt> <code class="docutils literal notranslate"><span class="pre">key_bits</span></code></dt><dd><p>The size of the MAC key in bits.</p>
579</dd>
580<dt> <code class="docutils literal notranslate"><span class="pre">alg</span></code></dt><dd><p>A MAC algorithm (<code class="docutils literal notranslate"><span class="pre">PSA_ALG_XXX</span></code> value such that <a class="reference internal" href="algorithms.html#c.PSA_ALG_IS_MAC" title="PSA_ALG_IS_MAC"><code class="docutils literal notranslate"><span class="pre">PSA_ALG_IS_MAC</span></code></a><code class="docutils literal notranslate"><span class="pre">(</span></code><code class="docutils literal notranslate"><span class="pre">alg</span></code><code class="docutils literal notranslate"><span class="pre">)</span></code> is true).</p>
581</dd>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]582</dl>
583<p class="rubric">Returns</p>
584<p>The MAC length for the specified algorithm with the specified key parameters.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]585<p><code class="docutils literal notranslate"><span class="pre">0</span></code> if the MAC algorithm is not recognized.</p>
586<p>Either <code class="docutils literal notranslate"><span class="pre">0</span></code> or the correct length for a MAC algorithm that the implementation recognizes, but does not support.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]587<p>Unspecified if the key parameters are not consistent with the algorithm.</p>
588<p class="rubric">Description</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]589<p>This is also the MAC length that <a class="reference internal" href="#c.psa_mac_verify" title="psa_mac_verify"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify()</span></code></a> and <a class="reference internal" href="#c.psa_mac_verify_finish" title="psa_mac_verify_finish"><code class="xref any c c-func docutils literal notranslate"><span class="pre">psa_mac_verify_finish()</span></code></a> expects.</p>
590<p>See also <a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_MAX_SIZE</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]591</div>
592<div class="section" id="PSA_MAC_MAX_SIZE">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]593<span id="c.PSA_MAC_MAX_SIZE"></span><h3><code class="docutils literal notranslate"><span class="pre">PSA_MAC_MAX_SIZE</span></code> (macro)</h3>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]594<p>Maximum size of a MAC.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]595<pre class="literal-block">#define <a class="reference internal" href="#c.PSA_MAC_MAX_SIZE" title="PSA_MAC_MAX_SIZE">PSA_MAC_MAX_SIZE</a> <em><a class="reference internal" href="../../overview/implementation.html#implementation-defined-value"><span class="std std-ref">/* implementation-defined value */</span></a></em></pre>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]596<p>This macro must expand to a compile-time constant integer.
597It is recommended that this value is the maximum size of a MAC supported by the implementation, in bytes. The value must not be smaller than this maximum.</p>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]598<p>See also <a class="reference internal" href="#c.PSA_MAC_LENGTH" title="PSA_MAC_LENGTH"><code class="xref any c c-macro docutils literal notranslate"><span class="pre">PSA_MAC_LENGTH()</span></code></a>.</p>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]599</div>
600</div>
601</div>
602
603
604 </div>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]605
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]606 </div>
607 </div>
608 <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]609 <div class="sphinxsidebarwrapper"><h3><a href="../../index.html"><b>PSA Crypto API</b></a></h3>
610IHI 0086<br/>
611Non-confidential<br/>
612Version 1.0.1
613<span style="color: red; font-weight: bold;"></span>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]614<ul>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]615<li class="toctree-l1"><a class="reference internal" href="../../about.html">About this document</a></li>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]616</ul>
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]617<ul class="current">
618<li class="toctree-l1"><a class="reference internal" href="../../overview/intro.html">1. Introduction</a></li>
619<li class="toctree-l1"><a class="reference internal" href="../../overview/goals.html">2. Design goals</a></li>
620<li class="toctree-l1"><a class="reference internal" href="../../overview/functionality.html">3. Functionality overview</a></li>
621<li class="toctree-l1"><a class="reference internal" href="../../overview/sample-arch.html">4. Sample architectures</a></li>
622<li class="toctree-l1"><a class="reference internal" href="../../overview/conventions.html">5. Library conventions</a></li>
623<li class="toctree-l1"><a class="reference internal" href="../../overview/implementation.html">6. Implementation considerations</a></li>
624<li class="toctree-l1"><a class="reference internal" href="../../overview/usage.html">7. Usage considerations</a></li>
625<li class="toctree-l1"><a class="reference internal" href="../library/index.html">8. Library management reference</a></li>
626<li class="toctree-l1"><a class="reference internal" href="../keys/index.html">9. Key management reference</a></li>
627<li class="toctree-l1 current"><a class="reference internal" href="index.html">10. Cryptographic operation reference</a><ul class="current">
628<li class="toctree-l2"><a class="reference internal" href="algorithms.html">10.1. Algorithms</a></li>
629<li class="toctree-l2"><a class="reference internal" href="hashes.html">10.2. Message digests</a></li>
630<li class="toctree-l2 current"><a class="current reference internal" href="#">10.3. Message authentication codes (MAC)</a><ul>
631<li class="toctree-l3"><a class="reference internal" href="#mac-algorithms">10.3.1. MAC algorithms</a></li>
632<li class="toctree-l3"><a class="reference internal" href="#single-part-mac-functions">10.3.2. Single-part MAC functions</a></li>
633<li class="toctree-l3"><a class="reference internal" href="#multi-part-mac-operations">10.3.3. Multi-part MAC operations</a></li>
634<li class="toctree-l3"><a class="reference internal" href="#support-macros">10.3.4. Support macros</a></li>
635</ul>
636</li>
637<li class="toctree-l2"><a class="reference internal" href="ciphers.html">10.4. Unauthenticated ciphers</a></li>
638<li class="toctree-l2"><a class="reference internal" href="aead.html">10.5. Authenticated encryption with associated data (AEAD)</a></li>
639<li class="toctree-l2"><a class="reference internal" href="kdf.html">10.6. Key derivation</a></li>
640<li class="toctree-l2"><a class="reference internal" href="sign.html">10.7. Asymmetric signature</a></li>
641<li class="toctree-l2"><a class="reference internal" href="pke.html">10.8. Asymmetric encryption</a></li>
642<li class="toctree-l2"><a class="reference internal" href="ka.html">10.9. Key agreement</a></li>
643<li class="toctree-l2"><a class="reference internal" href="rng.html">10.10. Other cryptographic services</a></li>
644</ul>
645</li>
646</ul>
647<ul>
648<li class="toctree-l1"><a class="reference internal" href="../../appendix/example_header.html">Example header file</a></li>
649<li class="toctree-l1"><a class="reference internal" href="../../appendix/specdef_values.html">Example macro implementations</a></li>
650<li class="toctree-l1"><a class="reference internal" href="../../appendix/history.html">Changes to the API</a></li>
651</ul>
652<ul>
653<li class="toctree-l1"><a class="reference internal" href="../../psa_c-identifiers.html">Index of API elements</a></li>
654</ul>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]655<div id="searchbox" style="display: none" role="search">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]656 <h3 id="searchlabel">Quick search</h3>
657 <div class="searchformwrapper">
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]658 <form class="search" action="../../search.html" method="get">
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]659 <input type="text" name="q" aria-labelledby="searchlabel" />
660 <input type="submit" value="Go" />
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]661 </form>
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]662 </div>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]663</div>
664<script type="text/javascript">$('#searchbox').show(0);</script>
665 </div>
666 </div>
667 <div class="clearer"></div>
668 </div>
669 <div class="footer">
Gilles Peskinec2db5f02021-01-18 20:36:53 +0100[diff] [blame]670 &copy; 2018-2020, Arm Limited or its affiliates. All rights reserved.
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]671
672 |
Bence Szépkútie26ccad2021-02-01 14:26:11 +0100[diff] [blame]673 Powered by <a href="http://sphinx-doc.org/">Sphinx 2.1.2</a>
674 &amp; <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.12</a>
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]675
Gilles Peskine6c723a22020-04-17 16:57:52 +0200[diff] [blame]676 </div>
677
678
679
680
681 </body>
682</html>