TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 15f0d92a48f983d45fe8ee070aec5a1145425884^! / . / library / psa_crypto_mac.h
commit15f0d92a48f983d45fe8ee070aec5a1145425884[log] [tgz]
authorSteven Cooreman <steven.cooreman@silabs.com>Fri May 07 14:14:37 2021 +0200
committerSteven Cooreman <steven.cooreman@silabs.com>Tue May 11 18:56:01 2021 +0200
treead5781e42fd55153c81e4dce123e94cc5d02517e
parent7dccfce5fb2c320430313260efa3a6f2aacf8070 [diff] [blame]
Move is_sign and mac_size checking back to PSA core scope

It makes sense to do the length checking in the core rather than expect
each driver to deal with it themselves. This puts the onus on the core to
dictate which algorithm/key combinations are valid before calling a driver.

Additionally, this commit also updates the psa_mac_sign_finish function
to better deal with output buffer sanitation, as per the review comments
on #4247.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

diff --git a/library/psa_crypto_mac.h b/library/psa_crypto_mac.h
index 4635fe1..9b81e73 100644
--- a/library/psa_crypto_mac.h
+++ b/library/psa_crypto_mac.h

@@ -182,13 +182,15 @@
  *
  * \param[in,out] operation Active MAC operation.
  * \param[out] mac          Buffer where the MAC value is to be written.
- * \param mac_size          Size of the \p mac buffer in bytes.
- * \param[out] mac_length   On success, the number of bytes
- *                          that make up the MAC value. This is always
- *                          #PSA_MAC_LENGTH(\c key_type, \c key_bits, \c alg)
- *                          where \c key_type and \c key_bits are the type and
- *                          bit-size respectively of the key and \c alg is the
- *                          MAC algorithm that is calculated.
+ * \param mac_size          Output size requested for the MAC algorithm. The PSA
+ *                          core guarantees this is a valid MAC length for the
+ *                          algorithm and key combination passed to
+ *                          mbedtls_psa_mac_sign_setup(). It also guarantees the
+ *                          \p mac buffer is large enough to contain the
+ *                          requested output size.
+ * \param[out] mac_length   On success, the number of bytes output to buffer
+ *                          \p mac, which will be equal to the requested length
+ *                          \p mac_size.
  *
  * \retval #PSA_SUCCESS
  *         Success.
@@ -226,7 +228,10 @@
  *
  * \param[in,out] operation Active MAC operation.
  * \param[in] mac           Buffer containing the expected MAC value.
- * \param mac_length        Size of the \p mac buffer in bytes.
+ * \param mac_length        Length in bytes of the expected MAC value. The PSA
+ *                          core guarantees that this length is a valid MAC
+ *                          length for the algorithm and key combination passed
+ *                          to mbedtls_psa_mac_verify_setup().
  *
  * \retval #PSA_SUCCESS
  *         The expected MAC is identical to the actual MAC of the message.