10.3. Message authentication codes (MAC)
The singlepart MAC functions are:
psa_mac_compute()
to calculate the MAC of a message.psa_mac_verify()
to compare the MAC of a message with a reference value.
The psa_mac_operation_t
multipart operation allows messages to be processed in fragments. A multipart MAC operation is used as follows:
 Initialize the
psa_mac_operation_t
object to zero, or by assigning the value of the associated macroPSA_MAC_OPERATION_INIT
.  Call
psa_mac_sign_setup()
orpsa_mac_verify_setup()
to specify the algorithm and key.  Call the
psa_mac_update()
function on successive chunks of the message.  At the end of the message, call the required finishing function:
 To calculate the MAC of the message, call
psa_mac_sign_finish()
.  To verify the MAC of the message against a reference value, call
psa_mac_verify_finish()
.
 To calculate the MAC of the message, call
To abort the operation or recover from an error, call psa_mac_abort()
.
10.3.1. MAC algorithms
PSA_ALG_HMAC
(macro)
Macro to build an HMAC messageauthenticationcode algorithm from an underlying hash algorithm.
#define PSA_ALG_HMAC(hash_alg) /* specificationdefined value */
Parameters

hash_alg
 A hash algorithm: a value of type
psa_algorithm_t
such thatPSA_ALG_IS_HASH
(
hash_alg
)
is true.
Returns
The corresponding HMAC algorithm.
Unspecified if hash_alg
is not a supported hash algorithm.
Description
For example, PSA_ALG_HMAC
(
PSA_ALG_SHA_256
)
is HMACSHA256.
The HMAC construction is defined in HMAC: KeyedHashing for Message Authentication [RFC2104].
Compatible key types
PSA_ALG_CBC_MAC
(macro)
The CBCMAC messageauthenticationcode algorithm, constructed over a block cipher.
#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x03c00100)
Warning
CBCMAC is insecure in many cases. A more secure mode, such as PSA_ALG_CMAC
, is recommended.
The CBCMAC algorithm must be used with a key for a block cipher. For example, one of PSA_KEY_TYPE_AES
.
CBCMAC is defined as MAC Algorithm 1 in ISO/IEC 97971:2011 Information technology — Security techniques — Message Authentication Codes (MACs) — Part 1: Mechanisms using a block cipher [ISO9797].
Compatible key types
PSA_ALG_CMAC
(macro)
The CMAC messageauthenticationcode algorithm, constructed over a block cipher.
#define PSA_ALG_CMAC ((psa_algorithm_t)0x03c00200)
The CMAC algorithm must be used with a key for a block cipher. For example, when used with a key with type PSA_KEY_TYPE_AES
, the resulting operation is AESCMAC.
CMAC is defined in NIST Special Publication 80038B: Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication [SP80038B].
Compatible key types
PSA_ALG_TRUNCATED_MAC
(macro)
Macro to build a truncated MAC algorithm.
#define PSA_ALG_TRUNCATED_MAC(mac_alg, mac_length) \ /* specificationdefined value */
Parameters

mac_alg
 A MAC algorithm: a value of type
psa_algorithm_t
such thatPSA_ALG_IS_MAC
(
mac_alg
)
is true. This can be a truncated or untruncated MAC algorithm. 
mac_length
 Desired length of the truncated MAC in bytes. This must be at most the untruncated length of the MAC and must be at least an implementationspecified minimum. The implementationspecified minimum must not be zero.
Returns
The corresponding MAC algorithm with the specified length.
Unspecified if mac_alg
is not a supported MAC algorithm or if mac_length
is too small or too large for the specified MAC algorithm.
Description
A truncated MAC algorithm is identical to the corresponding MAC algorithm except that the MAC value for the truncated algorithm consists of only the first mac_length
bytes of the MAC value for the untruncated algorithm.
Note
This macro might allow constructing algorithm identifiers that are not valid, either because the specified length is larger than the untruncated MAC or because the specified length is smaller than permitted by the implementation.
Note
It is implementationdefined whether a truncated MAC that is truncated to the same length as the MAC of the untruncated algorithm is considered identical to the untruncated algorithm for policy comparison purposes.
The untruncated MAC algorithm can be recovered using PSA_ALG_FULL_LENGTH_MAC()
.
Compatible key types
The resulting truncated MAC algorithm is compatible with the same key types as the MAC algorithm used to construct it.
PSA_ALG_FULL_LENGTH_MAC
(macro)
Macro to construct the MAC algorithm with an untruncated MAC, from a truncated MAC algorithm.
#define PSA_ALG_FULL_LENGTH_MAC(mac_alg) /* specificationdefined value */
Parameters

mac_alg
 A MAC algorithm: a value of type
psa_algorithm_t
such thatPSA_ALG_IS_MAC
(
mac_alg
)
is true. This can be a truncated or untruncated MAC algorithm.
Returns
The corresponding MAC algorithm with an untruncated MAC.
Unspecified if mac_alg
is not a supported MAC algorithm.
Compatible key types
The resulting untruncated MAC algorithm is compatible with the same key types as the MAC algorithm used to construct it.
PSA_ALG_AT_LEAST_THIS_LENGTH_MAC
(macro)
Macro to build a MAC minimumMAClength wildcard algorithm.
#define PSA_ALG_AT_LEAST_THIS_LENGTH_MAC(mac_alg, min_mac_length) \ /* specificationdefined value */
Parameters

mac_alg
 A MAC algorithm: a value of type
psa_algorithm_t
such thatPSA_ALG_IS_MAC
(
alg
)
is true. This can be a truncated or untruncated MAC algorithm. 
min_mac_length
 Desired minimum length of the message authentication code in bytes. This must be at most the untruncated length of the MAC and must be at least
1
.
Returns
The corresponding MAC wildcard algorithm with the specified minimum MAC length.
Unspecified if mac_alg
is not a supported MAC algorithm or if min_mac_length
is less than 1
or too large for the specified MAC algorithm.
Description
A key with a minimumMAClength MAC wildcard algorithm as permitted algorithm policy can be used with all MAC algorithms sharing the same base algorithm, and where the (potentially truncated) MAC length of the specific algorithm is equal to or larger then the wildcard algorithm’s minimum MAC length.
Note
When setting the minimum required MAC length to less than the smallest MAC length allowed by the base algorithm, this effectively becomes an ‘anyMAClengthallowed’ policy for that base algorithm.
The untruncated MAC algorithm can be recovered using PSA_ALG_FULL_LENGTH_MAC()
.
Compatible key types
The resulting wildcard MAC algorithm is compatible with the same key types as the MAC algorithm used to construct it.
10.3.2. Singlepart MAC functions
psa_mac_compute
(function)
Calculate the message authentication code (MAC) of a message.
psa_status_t psa_mac_compute(psa_key_id_t key, psa_algorithm_t alg, const uint8_t * input, size_t input_length, uint8_t * mac, size_t mac_size, size_t * mac_length);
Parameters

key
 Identifier of the key to use for the operation.
It must allow the usage
PSA_KEY_USAGE_SIGN_MESSAGE
. 
alg
 The MAC algorithm to compute: a value of type
psa_algorithm_t
such thatPSA_ALG_IS_MAC
(
alg
)
is true. 
input
 Buffer containing the input message.

input_length
 Size of the
input
buffer in bytes. 
mac
 Buffer where the MAC value is to be written.

mac_size
Size of the
mac
buffer in bytes. This must be appropriate for the selected algorithm and key: The exact MAC size is
PSA_MAC_LENGTH
(
key_type
,
key_bits
,
alg
)
wherekey_type
andkey_bits
are attributes of the key used to compute the MAC. PSA_MAC_MAX_SIZE
evaluates to the maximum MAC size of any supported MAC algorithm.
 The exact MAC size is

mac_length
 On success, the number of bytes that make up the MAC value.
Returns: psa_status_t

PSA_SUCCESS
 Success.
The first
(*mac_length)
bytes ofmac
contain the MAC value. 
PSA_ERROR_BAD_STATE
 The library requires initializing by a call to
psa_crypto_init()
. 
PSA_ERROR_INVALID_HANDLE
key
is not a valid key identifier.
PSA_ERROR_NOT_PERMITTED
 The key does not have the
PSA_KEY_USAGE_SIGN_MESSAGE
flag, or it does not permit the requested algorithm. 
PSA_ERROR_BUFFER_TOO_SMALL
 The size of the
mac
buffer is too small.PSA_MAC_LENGTH()
orPSA_MAC_MAX_SIZE
can be used to determine a sufficient buffer size. 
PSA_ERROR_INVALID_ARGUMENT
The following conditions can result in this error:
alg
is not a MAC algorithm.key
is not compatible withalg
.input_length
is too large foralg
.

PSA_ERROR_NOT_SUPPORTED
The following conditions can result in this error:
alg
is not supported or is not a MAC algorithm.key
is not supported for use withalg
.input_length
is too large for the implementation.

PSA_ERROR_INSUFFICIENT_MEMORY

PSA_ERROR_COMMUNICATION_FAILURE

PSA_ERROR_CORRUPTION_DETECTED

PSA_ERROR_STORAGE_FAILURE

PSA_ERROR_DATA_CORRUPT

PSA_ERROR_DATA_INVALID
Description
Note
To verify the MAC of a message against an expected value, use psa_mac_verify()
instead. Beware that comparing integrity or authenticity data such as MAC values with a function such as memcmp()
is risky because the time taken by the comparison might leak information about the MAC value which could allow an attacker to guess a valid MAC and thereby bypass security controls.
psa_mac_verify
(function)
Calculate the MAC of a message and compare it with a reference value.
psa_status_t psa_mac_verify(psa_key_id_t key, psa_algorithm_t alg, const uint8_t * input, size_t input_length, const uint8_t * mac, size_t mac_length);
Parameters

key
 Identifier of the key to use for the operation.
It must allow the usage
PSA_KEY_USAGE_VERIFY_MESSAGE
. 
alg
 The MAC algorithm to compute: a value of type
psa_algorithm_t
such thatPSA_ALG_IS_MAC
(
alg
)
is true. 
input
 Buffer containing the input message.

input_length
 Size of the
input
buffer in bytes. 
mac
 Buffer containing the expected MAC value.

mac_length
 Size of the
mac
buffer in bytes.
Returns: psa_status_t

PSA_SUCCESS
 Success. The expected MAC is identical to the actual MAC of the input.

PSA_ERROR_BAD_STATE
 The library requires initializing by a call to
psa_crypto_init()
. 
PSA_ERROR_INVALID_HANDLE
key
is not a valid key identifier.
PSA_ERROR_NOT_PERMITTED
 The key does not have the
PSA_KEY_USAGE_VERIFY_MESSAGE
flag, or it does not permit the requested algorithm. 
PSA_ERROR_INVALID_SIGNATURE
 The calculated MAC of the message does not match the value in
mac
. 
PSA_ERROR_INVALID_ARGUMENT
The following conditions can result in this error:
alg
is not a MAC algorithm.key
is not compatible withalg
.input_length
is too large foralg
.

PSA_ERROR_NOT_SUPPORTED
The following conditions can result in this error:
alg
is not supported or is not a MAC algorithm.key
is not supported for use withalg
.input_length
is too large for the implementation.

PSA_ERROR_INSUFFICIENT_MEMORY

PSA_ERROR_COMMUNICATION_FAILURE

PSA_ERROR_CORRUPTION_DETECTED

PSA_ERROR_STORAGE_FAILURE

PSA_ERROR_DATA_CORRUPT

PSA_ERROR_DATA_INVALID
10.3.3. Multipart MAC operations
psa_mac_operation_t
(type)
The type of the state object for multipart MAC operations.
typedef /* implementationdefined type */ psa_mac_operation_t;
Before calling any function on a MAC operation object, the application must initialize it by any of the following means:
Set the object to allbitszero, for example:
psa_mac_operation_t operation; memset(&operation, 0, sizeof(operation));
Initialize the object to logical zero values by declaring the object as static or global without an explicit initializer, for example:
static psa_mac_operation_t operation;
Initialize the object to the initializer
PSA_MAC_OPERATION_INIT
, for example:psa_mac_operation_t operation = PSA_MAC_OPERATION_INIT;
Assign the result of the function
psa_mac_operation_init()
to the object, for example:psa_mac_operation_t operation; operation = psa_mac_operation_init();
This is an implementationdefined type. Applications that make assumptions about the content of this object will result in in implementationspecific behavior, and are nonportable.
PSA_MAC_OPERATION_INIT
(macro)
This macro returns a suitable initializer for a MAC operation object of type psa_mac_operation_t
.
#define PSA_MAC_OPERATION_INIT /* implementationdefined value */
psa_mac_operation_init
(function)
Return an initial value for a MAC operation object.
psa_mac_operation_t psa_mac_operation_init(void);
Returns: psa_mac_operation_t
psa_mac_sign_setup
(function)
Set up a multipart MAC calculation operation.
psa_status_t psa_mac_sign_setup(psa_mac_operation_t * operation, psa_key_id_t key, psa_algorithm_t alg);
Parameters

operation
 The operation object to set up. It must have been initialized as per the documentation for
psa_mac_operation_t
and not yet in use. 
key
 Identifier of the key to use for the operation. It must remain valid until the operation terminates.
It must allow the usage
PSA_KEY_USAGE_SIGN_MESSAGE
. 
alg
 The MAC algorithm to compute: a value of type
psa_algorithm_t
such thatPSA_ALG_IS_MAC
(
alg
)
is true.
Returns: psa_status_t

PSA_SUCCESS
 Success.

PSA_ERROR_BAD_STATE
The following conditions can result in this error:
 The operation state is not valid: it must be inactive.
 The library requires initializing by a call to
psa_crypto_init()
.

PSA_ERROR_INVALID_HANDLE
key
is not a valid key identifier.
PSA_ERROR_NOT_PERMITTED
 The key does not have the
PSA_KEY_USAGE_SIGN_MESSAGE
flag, or it does not permit the requested algorithm. 
PSA_ERROR_INVALID_ARGUMENT
The following conditions can result in this error:
alg
is not a MAC algorithm.key
is not compatible withalg
.

PSA_ERROR_NOT_SUPPORTED
The following conditions can result in this error:
alg
is not supported or is not a MAC algorithm.key
is not supported for use withalg
.

PSA_ERROR_INSUFFICIENT_MEMORY

PSA_ERROR_COMMUNICATION_FAILURE

PSA_ERROR_CORRUPTION_DETECTED

PSA_ERROR_STORAGE_FAILURE

PSA_ERROR_DATA_CORRUPT

PSA_ERROR_DATA_INVALID
Description
This function sets up the calculation of the message authentication code (MAC) of a byte string. To verify the MAC of a message against an expected value, use psa_mac_verify_setup()
instead.
The sequence of operations to calculate a MAC is as follows:
 Allocate an operation object which will be passed to all the functions listed here.
 Initialize the operation object with one of the methods described in the documentation for
psa_mac_operation_t
, e.g.PSA_MAC_OPERATION_INIT
.  Call
psa_mac_sign_setup()
to specify the algorithm and key.  Call
psa_mac_update()
zero, one or more times, passing a fragment of the message each time. The MAC that is calculated is the MAC of the concatenation of these messages in order.  At the end of the message, call
psa_mac_sign_finish()
to finish calculating the MAC value and retrieve it.
If an error occurs at any step after a call to psa_mac_sign_setup()
, the operation will need to be reset by a call to psa_mac_abort()
. The application can call psa_mac_abort()
at any time after the operation has been initialized.
After a successful call to psa_mac_sign_setup()
, the application must eventually terminate the operation through one of the following methods:
 A successful call to
psa_mac_sign_finish()
.  A call to
psa_mac_abort()
.
psa_mac_verify_setup
(function)
Set up a multipart MAC verification operation.
psa_status_t psa_mac_verify_setup(psa_mac_operation_t * operation, psa_key_id_t key, psa_algorithm_t alg);
Parameters

operation
 The operation object to set up. It must have been initialized as per the documentation for
psa_mac_operation_t
and not yet in use. 
key
 Identifier of the key to use for the operation. It must remain valid until the operation terminates.
It must allow the usage
PSA_KEY_USAGE_VERIFY_MESSAGE
. 
alg
 The MAC algorithm to compute: a value of type
psa_algorithm_t
such thatPSA_ALG_IS_MAC
(
alg
)
is true.
Returns: psa_status_t

PSA_SUCCESS
 Success.

PSA_ERROR_BAD_STATE
The following conditions can result in this error:
 The operation state is not valid: it must be inactive.
 The library requires initializing by a call to
psa_crypto_init()
.

PSA_ERROR_INVALID_HANDLE
key
is not a valid key identifier.
PSA_ERROR_NOT_PERMITTED
 The key does not have the
PSA_KEY_USAGE_VERIFY_MESSAGE
flag, or it does not permit the requested algorithm. 
PSA_ERROR_INVALID_ARGUMENT
The following conditions can result in this error:
alg
is not a MAC algorithm.key
is not compatible withalg
.

PSA_ERROR_NOT_SUPPORTED
The following conditions can result in this error:
alg
is not supported or is not a MAC algorithm.key
is not supported for use withalg
.

PSA_ERROR_INSUFFICIENT_MEMORY

PSA_ERROR_COMMUNICATION_FAILURE

PSA_ERROR_CORRUPTION_DETECTED

PSA_ERROR_STORAGE_FAILURE

PSA_ERROR_DATA_CORRUPT

PSA_ERROR_DATA_INVALID
Description
This function sets up the verification of the message authentication code (MAC) of a byte string against an expected value.
The sequence of operations to verify a MAC is as follows:
 Allocate an operation object which will be passed to all the functions listed here.
 Initialize the operation object with one of the methods described in the documentation for
psa_mac_operation_t
, e.g.PSA_MAC_OPERATION_INIT
.  Call
psa_mac_verify_setup()
to specify the algorithm and key.  Call
psa_mac_update()
zero, one or more times, passing a fragment of the message each time. The MAC that is calculated is the MAC of the concatenation of these messages in order.  At the end of the message, call
psa_mac_verify_finish()
to finish calculating the actual MAC of the message and verify it against the expected value.
If an error occurs at any step after a call to psa_mac_verify_setup()
, the operation will need to be reset by a call to psa_mac_abort()
. The application can call psa_mac_abort()
at any time after the operation has been initialized.
After a successful call to psa_mac_verify_setup()
, the application must eventually terminate the operation through one of the following methods:
 A successful call to
psa_mac_verify_finish()
.  A call to
psa_mac_abort()
.
psa_mac_update
(function)
Add a message fragment to a multipart MAC operation.
psa_status_t psa_mac_update(psa_mac_operation_t * operation, const uint8_t * input, size_t input_length);
Parameters

operation
 Active MAC operation.

input
 Buffer containing the message fragment to add to the MAC calculation.

input_length
 Size of the
input
buffer in bytes.
Returns: psa_status_t

PSA_SUCCESS
 Success.

PSA_ERROR_BAD_STATE
The following conditions can result in this error:
 The operation state is not valid: it must be active.
 The library requires initializing by a call to
psa_crypto_init()
.

PSA_ERROR_INVALID_ARGUMENT
 The total input for the operation is too large for the MAC algorithm.

PSA_ERROR_NOT_SUPPORTED
 The total input for the operation is too large for the implementation.

PSA_ERROR_INSUFFICIENT_MEMORY

PSA_ERROR_COMMUNICATION_FAILURE

PSA_ERROR_CORRUPTION_DETECTED

PSA_ERROR_STORAGE_FAILURE

PSA_ERROR_DATA_CORRUPT

PSA_ERROR_DATA_INVALID
Description
The application must call psa_mac_sign_setup()
or psa_mac_verify_setup()
before calling this function.
If this function returns an error status, the operation enters an error state and must be aborted by calling psa_mac_abort()
.
psa_mac_sign_finish
(function)
Finish the calculation of the MAC of a message.
psa_status_t psa_mac_sign_finish(psa_mac_operation_t * operation, uint8_t * mac, size_t mac_size, size_t * mac_length);
Parameters

operation
 Active MAC operation.

mac
 Buffer where the MAC value is to be written.

mac_size
Size of the
mac
buffer in bytes. This must be appropriate for the selected algorithm and key: The exact MAC size is
PSA_MAC_LENGTH
(
key_type
,
key_bits
,
alg
)
wherekey_type
andkey_bits
are attributes of the key, andalg
is the algorithm used to compute the MAC. PSA_MAC_MAX_SIZE
evaluates to the maximum MAC size of any supported MAC algorithm.
 The exact MAC size is

mac_length
 On success, the number of bytes that make up the MAC value.
This is always
PSA_MAC_LENGTH
(
key_type
,
key_bits
,
alg
)
wherekey_type
andkey_bits
are attributes of the key, andalg
is the algorithm used to compute the MAC.
Returns: psa_status_t

PSA_SUCCESS
 Success.
The first
(*mac_length)
bytes ofmac
contain the MAC value. 
PSA_ERROR_BAD_STATE
The following conditions can result in this error:
 The operation state is not valid: it must be an active mac sign operation.
 The library requires initializing by a call to
psa_crypto_init()
.

PSA_ERROR_BUFFER_TOO_SMALL
 The size of the
mac
buffer is too small.PSA_MAC_LENGTH()
orPSA_MAC_MAX_SIZE
can be used to determine a sufficient buffer size. 
PSA_ERROR_INSUFFICIENT_MEMORY

PSA_ERROR_COMMUNICATION_FAILURE

PSA_ERROR_CORRUPTION_DETECTED

PSA_ERROR_STORAGE_FAILURE

PSA_ERROR_DATA_CORRUPT

PSA_ERROR_DATA_INVALID
Description
The application must call psa_mac_sign_setup()
before calling this function. This function calculates the MAC of the message formed by concatenating the inputs passed to preceding calls to psa_mac_update()
.
When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling psa_mac_abort()
.
Warning
It is not recommended to use this function when a specific value is expected for the MAC. Call psa_mac_verify_finish()
instead with the expected MAC value.
Comparing integrity or authenticity data such as MAC values with a function such as memcmp()
is risky because the time taken by the comparison might leak information about the hashed data which could allow an attacker to guess a valid MAC and thereby bypass security controls.
psa_mac_verify_finish
(function)
Finish the calculation of the MAC of a message and compare it with an expected value.
psa_status_t psa_mac_verify_finish(psa_mac_operation_t * operation, const uint8_t * mac, size_t mac_length);
Parameters

operation
 Active MAC operation.

mac
 Buffer containing the expected MAC value.

mac_length
 Size of the
mac
buffer in bytes.
Returns: psa_status_t

PSA_SUCCESS
 Success. The expected MAC is identical to the actual MAC of the message.

PSA_ERROR_BAD_STATE
The following conditions can result in this error:
 The operation state is not valid: it must be an active mac verify operation.
 The library requires initializing by a call to
psa_crypto_init()
.

PSA_ERROR_INVALID_SIGNATURE
 The calculated MAC of the message does not match the value in
mac
. 
PSA_ERROR_INSUFFICIENT_MEMORY

PSA_ERROR_COMMUNICATION_FAILURE

PSA_ERROR_CORRUPTION_DETECTED

PSA_ERROR_STORAGE_FAILURE

PSA_ERROR_DATA_CORRUPT

PSA_ERROR_DATA_INVALID
Description
The application must call psa_mac_verify_setup()
before calling this function. This function calculates the MAC of the message formed by concatenating the inputs passed to preceding calls to psa_mac_update()
. It then compares the calculated MAC with the expected MAC passed as a parameter to this function.
When this function returns successfully, the operation becomes inactive. If this function returns an error status, the operation enters an error state and must be aborted by calling psa_mac_abort()
.
Note
Implementations must make the best effort to ensure that the comparison between the actual MAC and the expected MAC is performed in constant time.
psa_mac_abort
(function)
Abort a MAC operation.
psa_status_t psa_mac_abort(psa_mac_operation_t * operation);
Parameters

operation
 Initialized MAC operation.
Returns: psa_status_t

PSA_SUCCESS
 Success. The operation object can now be discarded or reused.

PSA_ERROR_BAD_STATE
 The library requires initializing by a call to
psa_crypto_init()
. 
PSA_ERROR_COMMUNICATION_FAILURE

PSA_ERROR_CORRUPTION_DETECTED
Description
Aborting an operation frees all associated resources except for the operation
object itself. Once aborted, the operation object can be reused for another operation by calling psa_mac_sign_setup()
or psa_mac_verify_setup()
again.
This function can be called any time after the operation object has been initialized by one of the methods described in psa_mac_operation_t
.
In particular, calling psa_mac_abort()
after the operation has been terminated by a call to psa_mac_abort()
, psa_mac_sign_finish()
or psa_mac_verify_finish()
is safe and has no effect.
10.3.4. Support macros
PSA_ALG_IS_HMAC
(macro)
Whether the specified algorithm is an HMAC algorithm.
#define PSA_ALG_IS_HMAC(alg) /* specificationdefined value */
Parameters

alg
 An algorithm identifier: a value of type
psa_algorithm_t
.
Returns
1
if alg
is an HMAC algorithm, 0
otherwise. This macro can return either 0
or 1
if alg
is not a supported algorithm identifier.
Description
HMAC is a family of MAC algorithms that are based on a hash function.
PSA_ALG_IS_BLOCK_CIPHER_MAC
(macro)
Whether the specified algorithm is a MAC algorithm based on a block cipher.
#define PSA_ALG_IS_BLOCK_CIPHER_MAC(alg) /* specificationdefined value */
Parameters

alg
 An algorithm identifier: a value of type
psa_algorithm_t
.
Returns
1
if alg
is a MAC algorithm based on a block cipher, 0
otherwise. This macro can return either 0
or 1
if alg
is not a supported algorithm identifier.
PSA_MAC_LENGTH
(macro)
The size of the output of psa_mac_compute()
and psa_mac_sign_finish()
, in bytes.
#define PSA_MAC_LENGTH(key_type, key_bits, alg) \ /* implementationdefined value */
Parameters

key_type
 The type of the MAC key.

key_bits
 The size of the MAC key in bits.

alg
 A MAC algorithm: a value of type
psa_algorithm_t
such thatPSA_ALG_IS_MAC
(
alg
)
is true.
Returns
The MAC length for the specified algorithm with the specified key parameters.
0
if the MAC algorithm is not recognized.
Either 0
or the correct length for a MAC algorithm that the implementation recognizes, but does not support.
Unspecified if the key parameters are not consistent with the algorithm.
Description
If the size of the MAC buffer is at least this large, it is guaranteed that psa_mac_compute()
and psa_mac_sign_finish()
will not fail due to an insufficient buffer size.
This is also the MAC length that psa_mac_verify()
and psa_mac_verify_finish()
expect.
See also PSA_MAC_MAX_SIZE
.
PSA_MAC_MAX_SIZE
(macro)
A sufficient buffer size for storing the MAC output by psa_mac_verify()
and psa_mac_verify_finish()
, for any of the supported key types and MAC algorithms.
#define PSA_MAC_MAX_SIZE /* implementationdefined value */
If the size of the MAC buffer is at least this large, it is guaranteed that psa_mac_verify()
and psa_mac_verify_finish()
will not fail due to an insufficient buffer size.
See also PSA_MAC_LENGTH()
.